50 commits

Author	SHA1	Message	Date
Offensive Security	01eb066d9d	DB: 2016-10-13 ... 11 new exploits IBM AIX 5.2/5.3 FTP Client - Local Buffer Overflow Yahoo! Widgets Engine 4.0.3 - YDPCTL.dll ActiveX Control Buffer Overflow Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin) Simple PHP Blog 0.8.4 - (Add Admin) Cross-Site Request Forgery miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post) miniblog 1.0.1 - (Add New Post) Cross-Site Request Forgery PHP Press Release - Cross-Site Request Forgery (Add Admin) PHP Press Release - (Add Admin) Cross-Site Request Forgery Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post) Spacemarc News - Cross-Site Request Forgery (Add New Post) Minecraft Launcher - Insecure File Permissions Privilege Escalation Maian Weblog 4.0 - (Add New Post) Cross-Site Request Forgery Spacemarc News - (Add New Post) Cross-Site Request Forgery Minecraft Launcher 1.6.61 - Insecure File Permissions Privilege Escalation sheed AntiVirus - Unquoted Service Path Privilege Escalation AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities sheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit) Linux Kernel 3.13.1 - 'Recvmmsg' Privilege Escalation (Metasploit) ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author) ApPHP MicroBlog 1.0.2 - (Add New Author) Cross-Site Request Forgery Subversion 1.6.6 / 1.6.12 - Code Execution Cisco Webex Player T29.10 - '.WRF' Use-After-Free Memory Corruption Cisco Webex Player T29.10 - '.ARF' Out-of-Bounds Memory Corruption Adobe Flash Player 23.0.0.162 - '.SWF' ConstantPool Critical Memory Corruption Categorizator 0.3.1 - SQL Injection NetBilletterie 2.8 - Multiple Vulnerabilities ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting OpenCimetiere v3.0.0-a5 - Blind SQL Injection Android - Binder Generic ASLR Leak ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery	2016-10-13 05:01:17 +00:00
Offensive Security	f8b17d14a1	DB: 2016-10-12 ... 12 new exploits Linux Kernel 4.6.2 (Ubuntu 16.04.1) - IP6T_SO_SET_REPLACE Privilege Escalation Linux Kernel 4.6.2 (Ubuntu 16.04.1) - 'IP6T_SO_SET_REPLACE' Privilege Escalation Spacemarc News - Cross-Site Request Forgery (Add New Post) Minecraft Launcher - Insecure File Permissions Privilege Escalation BirdBlog 1.4.0 - (Add New Post) Cross-Site Request Forgery phpEnter 4.2.7 - (Add New Post) Cross-Site Request Forgery sheed AntiVirus - Unquoted Service Path Privilege Escalation AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities RSA Enterprise Compromise Assessment Tool 4.1.0.1 - XML External Entity Injection Android - 'gpsOneXtra' Data Files Denial of Service Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit) Allwinner 3.4 Legacy Kernel - Local Privilege Escalation (Metasploit) ApPHP MicroBlog 1.0.2 - Stored Cross Site Scripting ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)	2016-10-12 05:01:17 +00:00
Offensive Security	d9bdc2e376	DB: 2016-10-04 ... 7 new exploits maplab ms4w 2.2.1 - Remote File Inclusion MapLab MS4W 2.2.1 - Remote File Inclusion Gimp 2.2.14 (Windows x86) - '.ras' Download/Execute Buffer Overflow Gimp 2.2.14 (Win x86) - '.ras' Download/Execute Buffer Overflow Grandsteam GXV3611_HD - SQL Injection Glassfish Server - Unquoted Service Path Privilege Escalation Windows Firewall Control - Unquoted Service Path Privilege Escalation Android - Insufficient Binder Message Verification Pointer Leak DWebPro 8.4.2 - Multiple Vulnerabilities Apache Tomcat 8/7/6 (Debian-Based Distros) - Privilege Escalation Street Fighter 5 - 'Capcom.sys' Kernel Execution (Metasploit)	2016-10-04 05:01:17 +00:00
Offensive Security	f421077feb	DB: 2016-09-28 ... 6 new exploits UUCP Exploit - file creation/overwriting (symlinks) UUCP Exploit - File Creation/Overwriting (symlinks) Exploit Serv-U 3.x < 5.x - Privilege Escalation Serv-U FTP Server 3.x < 5.x - Privilege Escalation TiTan FTP Server - Long Command Heap Overflow (PoC) Titan FTP Server - Long Command Heap Overflow (PoC) Serv-U < 5.2 - Remote Denial of Service Serv-U FTP Server < 5.2 - Remote Denial of Service chesapeake tftp server 1.0 - Directory Traversal / Denial of Service (PoC) Chesapeake TFTP Server 1.0 - Directory Traversal / Denial of Service (PoC) Serv-U 4.x - 'site chmod' Remote Buffer Overflow Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow WS_FTP Server 5.03 - (RNFR) Buffer Overflow Ipswitch WS_FTP Server 5.03 - (RNFR) Buffer Overflow TYPSoft FTP Server 1.11 - (RETR) Denial of Service TYPSoft FTP Server 1.11 - 'RETR' Denial of Service XM Easy Personal FTP Server 1.0 - (Port) Remote Overflow (PoC) XM Easy Personal FTP Server 1.0 - 'Port' Remote Overflow (PoC) XM Easy Personal FTP Server 4.3 - (USER) Remote Buffer Overflow (PoC) XM Easy Personal FTP Server 4.3 - 'USER' Remote Buffer Overflow (PoC) XM Easy Personal FTP Server 5.0.1 - (Port) Remote Overflow (PoC) XM Easy Personal FTP Server 5.0.1 - 'Port' Remote Overflow (PoC) WinFtp Server 2.0.2 - (PASV) Remote Denial of Service WinFTP Server 2.0.2 - (PASV) Remote Denial of Service DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service Dream FTP Server 1.0.2 - (PORT) Remote Denial of Service XM Easy Personal FTP Server 5.2.1 - (USER) Format String Denial of Service XM Easy Personal FTP Server 5.2.1 - 'USER' Format String Denial of Service Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) Denial of Service Sami HTTP Server 2.0.1 - HTTP 404 Object not found Denial of Service TurboFTP 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service TurboFTP Server 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service XM Easy Personal FTP Server 5.30 - (ABOR) Format String Denial of Service XM Easy Personal FTP Server 5.30 - 'ABOR' Format String Denial of Service MiniWeb Http Server 0.8.x - Remote Denial of Service MiniWeb HTTP Server 0.8.x - Remote Denial of Service JAF-CMS 4.0 RC2 - Multiple Remote File Inclusion JAF CMS 4.0 RC2 - Multiple Remote File Inclusion XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service XM Easy Personal FTP Server 5.4.0 - 'XCWD' Denial of Service Belkin wireless G router + ADSL2 modem - Authentication Bypass Belkin Wireless G router + ADSL2 modem - Authentication Bypass Serv-U 7.3 - Authenticated (stou con:1) Denial of Service Serv-U 7.3 - Authenticated Remote FTP File Replacement Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service Serv-U FTP Server 7.3 - Authenticated Remote FTP File Replacement WinFTP 2.3.0 - (PASV mode) Remote Denial of Service WinFTP Server 2.3.0 - (PASV mode) Remote Denial of Service Titan FTP server 6.26 build 630 - Remote Denial of Service Titan FTP Server 6.26 build 630 - Remote Denial of Service Netgear WG102 - Leaks SNMP write Password with read access Netgear WG102 - Leaks SNMP Write Password With Read Access WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow WinFTP Server 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow Netgear embedded Linux for the SSL312 router - Denial of Service Netgear SSL312 Router - Denial of Service Belkin BullDog Plus UPS-Service - Buffer Overflow Belkin BullDog Plus - UPS-Service Buffer Overflow Serv-U 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service Serv-U FTP Server 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit Serv-U FTP Server 7.4.0.1 - (SMNT) Authenticated Denial of Service XM Easy Personal FTP Server 5.7.0 - (NLST) Denial of Service XM Easy Personal FTP Server 5.7.0 - 'NLST' Denial of Service TYPSoft FTP Server 1.11 - (ABORT) Remote Denial of Service TYPSoft FTP Server 1.11 - 'ABORT' Remote Denial of Service httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit httpdx 0.8 FTP Server - Delete/Get/Create Directories/Files Exploit Firebird SQL - op_connect_request main listener shutdown Firebird SQL - op_connect_request main listener shutdown Exploit HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service BugHunter HTTP Server 1.6.2 - 'httpsv.exe' (GET 404) Remote Denial of Service XM Easy Personal FTP Server - 'APPE' and 'DELE' Command Denial of Service XM Easy Personal FTP Server - 'APPE' / 'DELE' Commands Denial of Service TYPSoft 1.10 - APPE DELE Denial of Service TYPSoft FTP Server 1.10 - APPE DELE Denial of Service WingFTP Server 3.2.4 - Cross-Site Request Forgery Wing FTP Server 3.2.4 - Cross-Site Request Forgery Quick Player 1.2 -Unicode BoF - bindshell Quick Player 1.2 - Unicode Buffer Overflow (Bindshell) UplusFtp Server 1.7.0.12 - Remote Buffer Overflow UplusFTP Server 1.7.0.12 - Remote Buffer Overflow Wireshark 1.2.5 LWRES getaddrbyname BoF - calc.exe Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow (calc.exe) Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC) Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (PoC) Easy~Ftp Server 1.7.0.2 - (HTTP) Remote Buffer Overflow EasyFTP Server 1.7.0.2 - (HTTP) Remote Buffer Overflow Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow iPhone - FTP Server (WiFi FTP) by SavySoda Denial of Service/PoC iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service/PoC TopDownloads MP3 Player 1.0 - '.m3u' crash TopDownloads MP3 Player 1.0 - '.m3u' Crash Exploit Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit) EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit) eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC) eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC) PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php eDisplay Personal FTP Server 1.0.0 - Unauthenticated Denial of Service (PoC) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Crash SEH (PoC) PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php Exploit eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1) uhttp Server - Directory Traversal uhttp Server 0.1.0-alpha - Directory Traversal eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2) eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2) Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow Apple Safari 4.0.3 (Windows x86) - (Windows x86) CSS Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service SmallFTPd FTP Server 1.0.3 - DELE Command Denial of Service TYPSoft FTP Server 1.10 - RETR Command Denial of Service SmallFTPd 1.0.3 - DELE Command Denial of Service TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service SolarWinds 10.4.0.10 - TFTP Denial of Service SolarWinds TFTP Server 10.4.0.10 - Denial of Service e107 - Code Exec e107 - Code Exection HomeFTP Server r1.10.3 (build 144) - Denial of Service Home FTP Server r1.10.3 (build 144) - Denial of Service TYPSoft FTP Server 1.1 - Remote Denial of Service (APPE) TYPSoft FTP Server 1.1 - 'APPE' Remote Denial of Service SolarWinds 10.4.0.13 - Denial of Service SolarWinds TFTP Server 10.4.0.13 - Denial of Service ISC-DHCPD - Denial of Service ISC DHCPD - Denial of Service Easy FTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit) EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit) Easy FTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow EasyFTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow deepin tftp server 1.25 - Directory Traversal Deepin TFTP Server 1.25 - Directory Traversal Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer Adobe Acrobat Reader and Flash Player - 'newclass' Invalid Pointer Exploit JCMS 2010 - file download JCMS 2010 - File Download Exploit SolarFTP 2.0 - Multiple Commands Denial of Service Solar FTP Server 2.0 - Multiple Commands Denial of Service TYPSoft FTP Server 1.10 - RETR CMD Denial of Service TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service Xynph 1.0 - USER Denial of Service Xynph FTP Server 1.0 - USER Denial of Service XM Easy Personal FTP Server 5.8.0 - (TYPE) Denial of Service XM Easy Personal FTP Server 5.8.0 - 'TYPE' Denial of Service Solar FTP 2.1 - Denial of Service Solar FTP Server 2.1 - Denial of Service Red Hat Linux - stickiness of /tmp Red Hat Linux - stickiness of /tmp Exploit home ftp server 1.12 - Directory Traversal Home FTP Server 1.12 - Directory Traversal NetGear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit) Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit) Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit) RhinoSoft Serv-U - Session Cookie Buffer Overflow (Metasploit) RhinoSoft Serv-U FTP Server - Session Cookie Buffer Overflow (Metasploit) Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow SmallFTPd 1.0.3 FTP Server - Denial of Service SmallFTPd 1.0.3 - Denial of Service PCMAN FTP Server Buffer Overflow - PUT Command (Metasploit) PCMan FTP Server Buffer Overflow - PUT Command (Metasploit) Solar FTP 2.1.1 - PASV Buffer Overflow (PoC) Solar FTP Server 2.1.1 - PASV Buffer Overflow (PoC) BisonFTP Server 3.5 - Remote Buffer Overflow BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow Solarftp 2.1.2 - PASV Buffer Overflow (Metasploit) Solar FTP Server 2.1.2 - PASV Buffer Overflow (Metasploit) BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit) BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit) NETGEAR Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery Netgear Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery zFTP Server - 'cwd/stat' Remote Denial of Service zFTPServer - 'cwd/stat' Remote Denial of Service Serv-U FTP - Jail Break Serv-U FTP Server - Jail Break Typsoft FTP Server 1.10 - Multiple Commands Denial of Service TYPSoft FTP Server 1.10 - Multiple Commands Denial of Service PeerBlock 1.1 - BSOD PeerBlock 1.1 - BSOD Exploit distinct tftp server 3.01 - Directory Traversal Distinct TFTP Server 3.01 - Directory Traversal PHP < 5.3.12 & < 5.4.2 - CGI Argument Injection PHP < 5.3.12 / < 5.4.2 - CGI Argument Injection Berkeley Sendmail 5.58 - DEBUG Berkeley Sendmail 5.58 - Debug exploit SunView (SunOS 4.1.1) - selection_svc Digital Ultrix 4.0/4.1 - /usr/bin/chroot SunOS 4.1.1 - /usr/release/bin/makeinstall SunOS 4.1.1 - /usr/release/bin/winstall SunView (SunOS 4.1.1) - selection_svc Exploit Digital Ultrix 4.0/4.1 - /usr/bin/chroot Exploit SunOS 4.1.1 - /usr/release/bin/makeinstall Exploit SunOS 4.1.1 - /usr/release/bin/winstall Exploit SunOS 4.1.3 - kmem setgid /etc/crash SunOS 4.1.3 - kmem setgid /etc/crash Exploit IRIX 6.4 - pfdisplay.cgi IRIX 6.4 - 'pfdisplay.cgi' Exploit SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE Exploit SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT Exploit FreePBX < 13.0.188 - Remote Command Execution (Metasploit) HP JetAdmin 1.0.9 Rev. D - symlink HP JetAdmin 1.0.9 Rev. D - symlink Exploit Ipswitch IMail 5.0 / WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation Ipswitch IMail 5.0 / Ipswitch WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation TP-Link Archer CR-700 - Cross-Site Scripting BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin Exploit Cat Soft Serv-U 2.5 - Buffer Overflow BisonWare BisonWare FTP Server 3.5 - Multiple Vulnerabilities Allaire ColdFusion Server 4.0.1 - CFCRYPT.EXE Cat Soft Serv-U FTP Server 2.5 - Buffer Overflow BisonWare BisohFTP Server 3.5 - Multiple Vulnerabilities Allaire ColdFusion Server 4.0.1 - 'CFCRYPT.EXE' Exploit Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA Exploit Linux Kernel 2.0 / 2.1 / 2.2 - autofs Linux Kernel 2.0 / 2.1 / 2.2 - autofs Exploit Debian 2.1 - httpd S.u.S.E. 5.2 - gnuplot Debian 2.1 - httpd Exploit S.u.S.E. Linux 5.2 - gnuplot Exploit Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Exploit SGI IRIX 6.2 - /usr/lib/netaddpr SGI IRIX 6.2 - /usr/lib/netaddpr Exploit SGI IRIX 6.2 - day5notifier SGI IRIX 6.2 - day5notifier Exploit SGI IRIX 6.4 - datman/cdman SGI IRIX 6.4 - datman/cdman Exploit RedHat Linux 2.1 - abuse.console RedHat Linux 2.1 - abuse.console Exploit SGI IRIX 6.3 - cgi-bin webdist.cgi SGI IRIX 6.3 - cgi-bin webdist.cgi Exploit SGI IRIX 6.4 - cgi-bin handler SGI IRIX 6.4 - cgi-bin handler Exploit SGI IRIX 6.4 - login SGI IRIX 6.4 - login Exploit IBM AIX 3.2.5 - IFS IBM AIX 3.2.5 - IFS Exploit IBM AIX 3.2.5 - login(1) IBM AIX 3.2.5 - login(1) Exploit Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (1) Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (2) Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (1) Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (2) Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Exploit GNU glibc 2.1/2.1.1 -6 - pt_chown GNU glibc 2.1/2.1.1 -6 - pt_chown Exploit Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd Exploit ProFTPd 1.2 pre6 - snprintf ProFTPd 1.2 pre6 - snprintf Exploit Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Exploit Microsoft Internet Explorer 5.0/4.0.1 - IFRAME Microsoft Internet Explorer 5.0/4.0.1 - IFRAME Exploit UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (1) UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (2) PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (1) UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (2) PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog Exploit S.u.S.E. Linux 6.1/6.2 - cwdtools S.u.S.E. Linux 6.1/6.2 - cwdtools Exploit SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' Exploit SCO Unixware 7.1 - 'pkg' commands SCO Unixware 7.1 - 'pkg' command Exploit Cat Soft Serv-U 2.5a - Server SITE PASS Denial of Service Cat Soft Serv-U FTP Server 2.5a - SITE PASS Denial of Service Nortel Networks Optivity NETarchitect 2.0 - PATH Nortel Networks Optivity NETarchitect 2.0 - PATH Exploit SGI IRIX 6.2 - midikeys/soundplayer SGI IRIX 6.2 - midikeys/soundplayer Exploit Allaire ColdFusion Server 4.0/4.0.1 - CFCACHE Allaire ColdFusion Server 4.0/4.0.1 - 'CFCACHE' Exploit Cat Soft Serv-U 2.5/a/b / Windows 2000/95/98/NT 4.0 - Shortcut Cat Soft Serv-U FTP Server 2.5/a/b (Windows 2000/95/98/NT 4.0) - Shortcut Exploit Microsoft Windows 95/98/NT 4.0 - autorun.inf Microsoft Windows 95/98/NT 4.0 - autorun.inf Exploit Corel Linux OS 1.0 - buildxconfig Corel Linux OS 1.0 - setxconf Corel Linux OS 1.0 - buildxconfig Exploit Corel Linux OS 1.0 - setxconf Exploit TP Link Gateway 3.12.4 - Multiple Vulnerabilities TP-Link Gateway 3.12.4 - Multiple Vulnerabilities SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname Exploit Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr (2) Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr Exploit (2) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (1) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (2) Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1) Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2) Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Exploit Cisco IOS 11.x/12.x - HTTP %% Cisco IOS 11.x/12.x - HTTP %% Exploit RedHat Linux 6.0/6.1/6.2 - pam_console RedHat Linux 6.0/6.1/6.2 - pam_console Exploit HP-UX 10.20/11.0 man - /tmp symlink HP-UX 10.20/11.0 man - /tmp Symlink Exploit IRIX 5.3/6.x - mail IRIX 5.3/6.x - mail Exploit TYPSoft 0.7 x - FTP Server Remote Denial of Service TYPSoft FTP Server 0.7.x - FTP Server Remote Denial of Service Oracle Internet Directory 2.0.6 - oidldap Oracle Internet Directory 2.0.6 - oidldap Exploit CatSoft FTP Serv-U 2.5.x - Brute Force Cat Soft Serv-U FTP Server 2.5.x - Brute Force Small HTTP server 2.0 1 - Non-Existent File Denial of Service Small HTTP Server 2.0 1 - Non-Existent File Denial of Service NCSA httpd-campas 1.2 - sample script NCSA httpd-campas 1.2 - sample script Exploit Novell NetWare Web Server 2.x - convert.bas Novell NetWare Web Server 2.x - convert.bas Exploit Serv-U 2.4/2.5 - FTP Directory Traversal Serv-U FTP Server 2.4/2.5 - FTP Directory Traversal Novell Netware Web Server 3.x - files.pl Novell Netware Web Server 3.x - files.pl Exploit guido frassetto sedum http server 2.0 - Directory Traversal Guido Frassetto SEDUM HTTP Server 2.0 - Directory Traversal robin twombly a1 http server 1.0 - Directory Traversal Robin Twombly A1 HTTP Server 1.0 - Directory Traversal SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon Exploit michael lamont savant http server 2.1 - Directory Traversal Michael Lamont Savant HTTP Server 2.1 - Directory Traversal zeroo http server 1.5 - Directory Traversal (1) zeroo http server 1.5 - Directory Traversal (2) Zeroo HTTP Server 1.5 - Directory Traversal (1) Zeroo HTTP Server 1.5 - Directory Traversal (2) Netgear 1.x - ProSafe VPN Firewall Web Interface Login Denial of Service Netgear ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service Centrinity FirstClass 5.50/5.77/7.0/7.1 - HTTP Server Long Version Field Denial of Service Centrinity FirstClass HTTP Server 5.50/5.77/7.0/7.1 - Long Version Field Denial of Service Centrinity FirstClass 7.1 - HTTP Server Directory Disclosure Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure BRS Webweaver 1.0.7 - ISAPISkeleton.dll Cross-Site Scripting BRS Webweaver 1.0.7 - 'ISAPISkeleton.dll' Cross-Site Scripting XLight FTP Server 1.x - Long Directory Request Remote Denial of Service Xlight FTP Server 1.x - Long Directory Request Remote Denial of Service XLight FTP Server 1.52 - Remote Send File Request Denial of Service Xlight FTP Server 1.52 - Remote Send File Request Denial of Service gweb http server 0.5/0.6 - Directory Traversal GWeb HTTP Server 0.5/0.6 - Directory Traversal MiniWeb MiniWeb HTTP Server (build 300) - Crash (PoC) MiniWeb HTTP Server (build 300) - Crash (PoC) TP-Link Print Server TL PS110U - Sensitive Information Enumeration TP-Link PS110U Print Server TL - Sensitive Information Enumeration PCMan's FTP Server 2.0.7 - Buffer Overflow PCMan FTP Server 2.0.7 - Buffer Overflow PCMan's FTP Server 2.0 - Remote Buffer Overflow PCMan FTP Server 2.0 - Remote Buffer Overflow PHP 3-5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass PHP 3 < 5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass PHP 3-5 - ZendEngine ECalloc Integer Overflow PHP 3 < 5 - ZendEngine ECalloc Integer Overflow NetGear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow Netgear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow NetGear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow TPLINK WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities Static Http Server 1.0 - Denial of Service TP-Link WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities Static HTTP Server 1.0 - Denial of Service NETGEAR ReadyNAS - Perl Code Evaluation (Metasploit) Netgear ReadyNAS - Perl Code Evaluation (Metasploit) NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting NetGear DGN2200 N300 Wireless Router - Multiple Vulnerabilities Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (1) vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (2) vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (1) vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (2) Ipswitch 8.0 - WS_FTP Client Format String Ipswitch WS_FTP Home/Professional 8.0 - WS_FTP Client Format String NETGEAR WGR614 - Administration Interface Remote Denial of Service Netgear WGR614 - Administration Interface Remote Denial of Service Cisco IOS 12.4(23) HTTP Server - Multiple Cross-Site Scripting Vulnerabilities Cisco IOS 12.4(23) - HTTP Server Multiple Cross-Site Scripting Vulnerabilities NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities Netgear N600 Wireless Dual Band WNDR3400 - Multiple Vulnerabilities NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting Netgear DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure TP-Link Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities TP-Link Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities TP-Link TL-WR340G / TL-WR340GD - Multiple Vulnerabilities TP-Link TL-WR841N / TL-WR841ND - Multiple Vulnerabilities SolarFTP 2.1.1 - 'PASV' Command Remote Buffer Overflow Solar FTP Server 2.1.1 - 'PASV' Command Remote Buffer Overflow Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit NetMan 204 - Backdoor Account NetGear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities Netgear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities Serv-U 11.1.0.3 - Denial of Service / Security Bypass Serv-U FTP Server 11.1.0.3 - Denial of Service / Security Bypass TP-Link ADSL2+ TD-W8950ND - Unauthenticated Remote DNS Change TP-Link TD-W8950ND ADSL2+ - Unauthenticated Remote DNS Change NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure ISC BIND9 - TKEY (PoC) Netgear ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure ISC BIND 9 - TKEY (PoC) ISC BIND9 - TKEY Remote Denial of Service (PoC) ISC BIND 9 - TKEY Remote Denial of Service (PoC) NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation Netgear Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation Android (Stagefright) - Remote Code Execution Android - 'Stagefright' Remote Code Execution Microsoft Windows Media Center - MCL (MS15-100) Microsoft Windows Media Center - MCL Exploit (MS15-100) Android libstagefright - Integer Overflow Remote Code Execution Android - libstagefright Integer Overflow Remote Code Execution NETGEAR D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution Netgear D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution pdfium IsFlagSet (v8 memory management) - SIGSEGV pdfium IsFlagSet (v8 memory management) - SIGSEGV Exploit NETGEAR ProSafe Network Management System NMS300 - Multiple Vulnerabilities Netgear ProSafe Network Management System NMS300 - Multiple Vulnerabilities XM Easy Personal FTP Server 5.8 - (HELP) Remote Denial of Service XM Easy Personal FTP Server 5.8.0 - 'HELP' Remote Denial of Service NETGEAR ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit) Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit) TallSoft SNMP TFTP Server 1.0.0 - Denial of Service TallSoft SNMP/TFTP Server 1.0.0 - Denial of Service Metaphor - Stagefright Exploit with ASLR Bypass Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass) Zabbix 2.2 < 3.0.3 - Remote Code Execution with API JSON-RPC Zabbix 2.2 < 3.0.3 - API JSON-RPC Remote Code Execution Open Upload 0.4.2 - Multiple Cross-Site Request Forgery Vulnerabilities NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vulnerabilities FreePBX 13 / 14 - Remote Command Execution With Privilege Escalation FreePBX 13 / 14 - Remote Command Execution / Privilege Escalation Easy FTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit EasyFTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit Android 5.0 <= 5.1.1 - Stagefright .MP4 tx3g Integer Overflow (Metasploit)	2016-09-28 11:55:43 +00:00
Offensive Security	f1e68e0b1d	DB: 2016-09-15 ... 3 new exploits Android - getpidcon Usage binder Service Replacement Race Condition PrivateTunnel Client 2.7.0 (x64) - Local Credentials Disclosure Apache Mina 2.0.13 - Remote Command Execution	2016-09-15 05:07:49 +00:00
Offensive Security	0be1ea959a	DB: 2016-09-09 ... 11 new exploits Samba 3.0.4 - SWAT Authorization Buffer Overflow Samba 3.0.4 SWAT - Authorisation Buffer Overflow Apache OpenSSL - 'OpenFuckV2.c' Remote Exploit Apache/mod_ssl (< 2.8.7) OpenSSL - 'OpenFuckV2.c' Remote Exploit (2) HP-UX FTP Server - Pre-Authentication Directory Listing Exploit (Metasploit) HP-UX FTP Server - Unauthenticated Directory Listing Exploit (Metasploit) WinEggDropShell 1.7 - Multiple Pre-Authentication Remote Stack Overflow (PoC) WinEggDropShell 1.7 - Multiple Unauthenticated Remote Stack Overflow (PoC) FileCOPA FTP Server 1.01 - (USER) Remote Pre-Authentication Denial of Service FileCOPA FTP Server 1.01 - (USER) Remote Unauthenticated Denial of Service Multiple Applications - Local Credentials Disclosure Asterisk 1.2.15 / 1.4.0 - Pre-Authentication Remote Denial of Service Asterisk 1.2.15 / 1.4.0 - Unauthenticated Remote Denial of Service IBM Lotus Domino Server 6.5 - Pre-Authentication Remote Exploit IBM Lotus Domino Server 6.5 - Unauthenticated Remote Exploit Frontbase 4.2.7 - Post-Authentication Remote Buffer Overflow (2.2) Frontbase 4.2.7 - Authenticated Remote Buffer Overflow (2.2) IBM Tivoli Provisioning Manager - Pre-Authentication Remote Exploit IBM Tivoli Provisioning Manager - Unauthenticated Remote Exploit Mercury SMTPD - Remote Pre-Authentication Stack Based Overrun (PoC) Mercury SMTPD - Remote Unauthenticated Stack Based Overrun (PoC) Mercury/32 4.51 - SMTPD CRAM-MD5 Pre-Authentication Remote Overflow Mercury/32 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow SIDVault LDAP Server - Pre-Authentication Remote Buffer Overflow Mercury/32 3.32-4.51 - SMTP Pre-Authentication EIP Overwrite SIDVault LDAP Server - Unauthenticated Remote Buffer Overflow Mercury/32 3.32-4.51 - SMTP Unauthenticated EIP Overwrite Hexamail Server 3.0.0.001 - (pop3) Pre-Authentication Remote Overflow (PoC) Hexamail Server 3.0.0.001 - (pop3) Unauthenticated Remote Overflow (PoC) Airsensor M520 - HTTPD Remote Pre-Authentication Denial of Service / Buffer Overflow (PoC) Airsensor M520 - HTTPD Remote Unauthenticated Denial of Service / Buffer Overflow (PoC) Mercury/32 4.52 IMAPD - SEARCH command Post-Authentication Overflow Mercury/32 4.52 IMAPD - SEARCH command Authenticated Overflow SAP MaxDB 7.6.03.07 - Pre-Authentication Remote Command Execution McAfee E-Business Server - Remote Pre-Authentication Code Execution / Denial of Service (PoC) SAP MaxDB 7.6.03.07 - Unauthenticated Remote Command Execution McAfee E-Business Server - Remote Unauthenticated Code Execution / Denial of Service (PoC) MailEnable Pro/Ent 3.13 - (Fetch) Post-Authentication Remote Buffer Overflow MailEnable Pro/Ent 3.13 - (Fetch) Authenticated Remote Buffer Overflow NetWin Surgemail 3.8k4-4 - IMAP Post-Authentication Remote LIST Universal Exploit NetWin Surgemail 3.8k4-4 - IMAP Authenticated Remote LIST Universal Exploit HP OpenView NNM 7.5.1 - OVAS.exe SEH Pre-Authentication Overflow HP OpenView NNM 7.5.1 - OVAS.exe SEH Unauthenticated Overflow BigAnt Server 2.2 - Pre-Authentication Remote SEH Overflow BigAnt Server 2.2 - Unauthenticated Remote SEH Overflow Joomla Component JPad 1.0 - Post-Authentication SQL Injection Joomla Component JPad 1.0 - Authenticated SQL Injection CMS Made Simple 1.2.4 - (FileManager module) File Upload CMS Made Simple 1.2.4 - (FileManager module) Arbitrary File Upload freeSSHd 1.2.1 - Remote Stack Overflow PoC (Post-Authentication) freeSSHd 1.2.1 - Remote Stack Overflow PoC (Authenticated) freeSSHd 1.2.1 - (Post-Authentication) Remote SEH Overflow freeSSHd 1.2.1 - (Authenticated) Remote SEH Overflow vsftpd 2.0.5 - (CWD) Post-Authentication Remote Memory Consumption Exploit vsftpd 2.0.5 - (CWD) Authenticated Remote Memory Consumption Exploit Surgemail 39e-1 - Post-Authentication IMAP Remote Buffer Overflow Denial of Service Surgemail 39e-1 - Authenticated IMAP Remote Buffer Overflow Denial of Service Debian OpenSSH - (Post-Authentication) Remote SELinux Privilege Elevation Exploit Debian OpenSSH - (Authenticated) Remote SELinux Privilege Elevation Exploit Oracle Internet Directory 10.1.4 - Remote Pre-Authentication Denial of Service Oracle Internet Directory 10.1.4 - Remote Unauthenticated Denial of Service AvailScript Jobs Portal Script - (Post-Authentication) (jid) SQL Injection AvailScript Jobs Portal Script - (Authenticated) (jid) SQL Injection AvailScript Jobs Portal Script - (Post-Authentication) File Upload AvailScript Jobs Portal Script - (Authenticated) Arbitrary File Upload Serv-U 7.3 - (Post-Authentication) (stou con:1) Denial of Service Serv-U 7.3 - (Post-Authentication) Remote FTP File Replacement Serv-U 7.3 - (Authenticated) (stou con:1) Denial of Service Serv-U 7.3 - (Authenticated) Remote FTP File Replacement Microsoft PicturePusher - ActiveX Cross-Site File Upload Attack (PoC) Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload Attack (PoC) Noticeware E-mail Server 5.1.2.2 - (POP3) Pre-Authentication Denial of Service Noticeware E-mail Server 5.1.2.2 - (POP3) Unauthenticated Denial of Service freeSSHd 1.2.1 - (Post-Authentication) SFTP rename Remote Buffer Overflow PoC freeSSHd 1.2.1 - (Authenticated) SFTP rename Remote Buffer Overflow PoC LoudBlog 0.8.0a - (Post-Authentication) (ajax.php) SQL Injection LoudBlog 0.8.0a - (Authenticated) (ajax.php) SQL Injection freeSSHd 1.2.1 - (Post-Authentication) SFTP realpath Remote Buffer Overflow PoC freeSSHd 1.2.1 - (Authenticated) SFTP realpath Remote Buffer Overflow PoC AJ Auction Authentication - Bypass Exploit AJ Auction - Authentication Bypass Simple Directory Listing 2 - Cross-Site File Upload Simple Directory Listing 2 - Cross-Site Arbitrary File Upload Mini File Host 1.x - Arbitrary PHP File Upload Mini File Host 1.x - Arbitrary .PHP File Upload Memberkit 1.0 - Remote PHP File Upload Memberkit 1.0 - Remote Arbitrary .PHP File Upload WinFTP 2.3.0 - 'LIST' Post-Authentication Remote Buffer Overflow WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow Coppermine Photo Gallery 1.4.19 - Remote PHP File Upload Coppermine Photo Gallery 1.4.19 - Remote Arbitrary .PHP File Upload Free Download Manager 2.5/3.0 - (Authorization) Stack Buffer Overflow (PoC) Free Download Manager 2.5/3.0 - Authorisation Stack Buffer Overflow (PoC) WikkiTikkiTavi 1.11 - Remote PHP File Upload WikkiTikkiTavi 1.11 - Remote Arbitrary.PHP File Upload Baran CMS 1.0 - Arbitrary ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation Baran CMS 1.0 - Arbitrary .ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation zFeeder 1.6 - 'admin.php' Pre-Authentication zFeeder 1.6 - 'admin.php' Unauthenticated Addonics NAS Adapter - Post-Authentication Denial of Service Addonics NAS Adapter - Authenticated Denial of Service Serv-U 7.4.0.1 - (SMNT) Post-Authentication Denial of Service Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service Hannon Hill Cascade Server - (Post-Authentication) Command Execution Hannon Hill Cascade Server - (Authenticated) Command Execution Telnet-Ftp Service Server 1.x - (Post-Authentication) Multiple Vulnerabilities Telnet-Ftp Service Server 1.x - (Authenticated) Multiple Vulnerabilities Femitter FTP Server 1.x - (Post-Authentication) Multiple Vulnerabilities Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities Gravity Board X 2.0b - SQL Injection / Post-Authentication Code Execution Gravity Board X 2.0b - SQL Injection / Authenticated Code Execution XRDP 0.4.1 - Pre-Authentication Remote Buffer Overflow (PoC) XRDP 0.4.1 - Unauthenticated Remote Buffer Overflow (PoC) Addonics NAS Adapter - 'bts.cgi' Post-Authentication Remote Denial of Service Addonics NAS Adapter - 'bts.cgi' Authenticated Remote Denial of Service Cpanel - (Post-Authentication) (lastvisit.html domain) Arbitrary File Disclosure Cpanel - (Authenticated) (lastvisit.html domain) Arbitrary File Disclosure MySQL 5.0.45 - (Post-Authentication) COM_CREATE_DB Format String PoC MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String PoC Adobe JRun 4 - (logfile) Post-Authentication Directory Traversal Adobe JRun 4 - (logfile) Authenticated Directory Traversal FtpXQ FTP Server 3.0 - (Post-Authentication) Remote Denial of Service FtpXQ FTP Server 3.0 - (Authenticated) Remote Denial of Service NetAccess IP3 - (Post-Authentication) (ping option) Command Injection NetAccess IP3 - (Authenticated) (ping option) Command Injection Joomla 1.5.12 - tinybrowser Arbitrary File Upload / Execute Joomla 1.5.12 tinybrowser - Arbitrary File Upload /Execution Cerberus FTP server 3.0.6 - Pre-Authentication Denial of Service Cerberus FTP server 3.0.6 - Unauthenticated Denial of Service HP NNM 7.53 - ovalarm.exe CGI Pre-Authentication Remote Buffer Overflow HP NNM 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow Novell eDirectory 8.8 SP5 - (Post-Authentication) Remote Buffer Overflow Novell eDirectory 8.8 SP5 - (Authenticated) Remote Buffer Overflow httpdx 1.5.2 - Remote Pre-Authentication Denial of Service (PoC) httpdx 1.5.2 - Remote Unauthenticated Denial of Service (PoC) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Crash (PoC) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Crash (PoC) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Remote Exploit (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Remote Exploit Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (SEH) (PoC) Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (PoC) Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC) Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC) httpdx 1.5.3b - Multiple Remote Pre-Authentication Denial of Service (PoC) httpdx 1.5.3b - Multiple Remote Unauthenticated Denial of Service (PoC) Kerio MailServer 6.2.2 - Pre-Authentication Remote Denial of Service (PoC) Kerio MailServer 6.2.2 - Unauthenticated Remote Denial of Service (PoC) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Buffer Overflow (Metasploit) eDisplay Personal FTP server 1.0.0 - Pre-Authentication Denial of Service (PoC) eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Crash SEH (PoC) eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC) eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC) eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (1) eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1) eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (2) eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2) uTorrent WebUI 0.370 - Authorization header Denial of Service uTorrent WebUI 0.370 - Authorisation Header Denial of Service Easy Ftp Server 1.7.0.2 - MKD Remote Post-Authentication Buffer Overflow Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow ProSSHD 1.2 - Remote Post-Authentication Exploit (ASLR + DEP Bypass) ProSSHD 1.2 - Remote Authenticated Exploit (ASLR + DEP Bypass) Apache Axis2 Administration console - (Post-Authentication) Cross-Site Scripting Apache Axis2 Administration console - (Authenticated) Cross-Site Scripting (Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Pre-Authentication Denial of Service (Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Unauthenticated Denial of Service BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ALSR + DEP Bypass) BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ASLR + DEP Bypass) dotDefender 3.8-5 - Pre-Authentication Remote Code Execution (via Cross-Site Scripting) dotDefender 3.8-5 - Unauthenticated Remote Code Execution (via Cross-Site Scripting) Easy FTP Server 1.7.0.11 - (Post-Authentication) 'MKD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) 'MKD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Post-Authentication) 'CWD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) 'CWD' Command Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow (Metasploit) Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow (Metasploit) UPlusFTP Server 1.7.1.01 - (Post-Authentication) HTTP Remote Buffer Overflow UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Post-Authentication) Multiple Commands Remote Buffer Overflow Easy FTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflow Achievo 1.4.3 - Multiple Authorization Flaws Achievo 1.4.3 - Multiple Authorisation Flaws PHPMotion 1.62 - 'FCKeditor' File Upload PHPMotion 1.62 - 'FCKeditor' Arbitrary File Upload Home FTP Server 1.11.1.149 - Post-Authentication Directory Traversal Home FTP Server 1.11.1.149 - Authenticated Directory Traversal News Script PHP Pro - 'FCKeditor' File Upload News Script PHP Pro - 'FCKeditor' Arbitrary File Upload Microsoft Windows 2003 - AD Pre-Authentication BROWSER ELECTION Remote Heap Overflow Microsoft Windows 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Post-Authentication) Remote Buffer Overflow ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Authenticated) Remote Buffer Overflow Vtiger CRM 5.0.4 - Pre-Authentication Local File Inclusion Vtiger CRM 5.0.4 - Unauthenticated Local File Inclusion HP OpenView NNM 7.53/7.51 - OVAS.exe Pre-Authentication Stack Buffer Overflow HP OpenView NNM 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow MailEnable - Authorization Header Buffer Overflow MailEnable - Authorisation Header Buffer Overflow ColdFusion 8.0.1 - Arbitrary File Upload and Execution Adobe RoboHelp Server 8 - Arbitrary File Upload and Execution ColdFusion 8.0.1 - Arbitrary File Upload / Execution Adobe RoboHelp Server 8 - Arbitrary File Upload / Execution OpenX - banner-edit.php File Upload PHP Code Execution OpenX - banner-edit.php Arbitrary File Upload / PHP Code Execution Joomla 1.5.12 - tinybrowser File Upload Code Execution Joomla 1.5.12 tinybrowser - Arbitrary File Upload / Code Execution N_CMS 1.1E - Pre-Authentication Local File Inclusion / Remote Code Exploit N_CMS 1.1E - Unauthenticated Local File Inclusion / Remote Code Exploit If-CMS 2.07 - Pre-Authentication Local File Inclusion (1) If-CMS 2.07 - Unauthenticated Local File Inclusion (1) IPComp - encapsulation Pre-Authentication kernel memory Corruption IPComp - encapsulation Unauthenticated kernel memory Corruption SQL-Ledger 2.8.33 - Post-Authentication Local File Inclusion / Edit SQL-Ledger 2.8.33 - Authenticated Local File Inclusion / Edit Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (DEP + ASLR Bypass) Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (ASLR + DEP Bypass) Easy Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow ActFax Server FTP - (Post-Authentication) Remote Buffer Overflow ActFax Server FTP - (Authenticated) Remote Buffer Overflow If-CMS 2.07 - Pre-Authentication Local File Inclusion (Metasploit) (2) If-CMS 2.07 - Unauthenticated Local File Inclusion (Metasploit) (2) DVD X Player 5.5.0 Pro / Standard - Universal Exploit (DEP + ASLR Bypass) DVD X Player 5.5.0 Pro / Standard - Universal Exploit (ASLR + DEP Bypass) DVD X Player 5.5 Pro - (SEH DEP + ASLR Bypass) Exploit DVD X Player 5.5 Pro - (SEH + ASLR + DEP Bypass) Exploit TomatoCart 1.1 - Post-Authentication Local File Inclusion TomatoCart 1.1 - Authenticated Local File Inclusion BlazeVideo HDTV Player 6.6 Professional - Universal DEP + ASLR Bypass BlazeVideo HDTV Player 6.6 Professional - Universal ASLR + DEP Bypass QuiXplorer 2.3 - Bugtraq File Upload QuiXplorer 2.3 - Bugtraq Arbitrary File Upload QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR Bypass (Metasploit) QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows (ASLR + DEP Bypass) (Metasploit) Avaya WinPDM UniteHostRouter 3.8.2 - Remote Pre-Authentication Command Execution Avaya WinPDM UniteHostRouter 3.8.2 - Remote Unauthenticated Command Execution Sysax Multi Server 5.53 - SFTP Post-Authentication SEH Exploit Sysax 5.53 - SSH 'Username' Buffer Overflow Pre-Authentication Remote Code Execution (Egghunter) Sysax Multi Server 5.53 - SFTP Authenticated SEH Exploit Sysax 5.53 - SSH 'Username' Buffer Overflow Unauthenticated Remote Code Execution (Egghunter) BlazeVideo HDTV Player 6.6 Professional - SEH & DEP & ASLR BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass Dolibarr ERP & CRM 3 - Post-Authentication OS Command Injection Dolibarr ERP & CRM 3 - Authenticated OS Command Injection V-CMS - PHP File Upload and Execution V-CMS - Arbitrary .PHP File Upload / Execution WebCalendar 1.2.4 - Pre-Authentication Remote Code Injection WebCalendar 1.2.4 - Unauthenticated Remote Code Injection appRain CMF - Arbitrary PHP File Upload appRain CMF - Arbitrary .PHP File Upload EGallery - PHP File Upload EGallery - Arbitrary .PHP File Upload SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Post-Authentication SQL Injection SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Authenticated SQL Injection WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary PHP File Upload WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary .PHP File Upload WebPageTest - Arbitrary PHP File Upload WebPageTest - Arbitrary .PHP File Upload XODA 0.4.5 - Arbitrary PHP File Upload XODA 0.4.5 - Arbitrary .PHP File Upload Elcom CMS 7.4.10 - Community Manager Insecure File Upload Elcom CMS 7.4.10 - Community Manager Insecure Arbitrary File Upload Trend Micro Control Manager 5.5/6.0 AdHocQuery - Post-Authentication Blind SQL Injection Trend Micro Control Manager 5.5/6.0 AdHocQuery - Authenticated Blind SQL Injection Mod_SSL 2.8.x - Off-by-One HTAccess Buffer Overflow Apache/mod_ssl 2.8.x - Off-by-One HTAccess Buffer Overflow Dropbox Desktop Client 9.4.49 (64bit) - Local Credentials Disclosure OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (1) OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (2) Apache/mod_ssl (< 2.8.7) OpenSSL - 'OpenFuck.c' Remote Exploit (1) Apache/mod_ssl OpenSSL < 0.9.6d / < 0.9.7-beta2 - 'openssl-too-open.c' SSL2 KEY_ARG Overflow Exploit qdPM 7.0 - Arbitrary PHP File Upload qdPM 7.0 - Arbitrary .PHP File Upload Oracle Database - Authentication Protocol Security Bypass Oracle Database - Protocol Authentication Bypass Mod_NTLM 0.x - Authorization Heap Overflow Mod_NTLM 0.x - Authorisation Heap Overflow Mod_NTLM 0.x - Authorization Format String Mod_NTLM 0.x - Authorisation Format String Geeklog 1.3.x - Authentication SQL Injection Geeklog 1.3.x - Authenticated SQL Injection NFR Agent FSFUI Record - Arbitrary File Upload Remote Code Execution NFR Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload and Execution PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload / Execution MySQL - Remote Pre-Authentication User Enumeration MySQL - Remote Unauthenticated User Enumeration vbPortal 2.0 alpha 8.1 - Authentication SQL Injection vbPortal 2.0 alpha 8.1 - Authenticated SQL Injection DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (1) DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (2) DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (3) DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (1) DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (2) DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (3) WordPress WP-Property Plugin - PHP File Upload WordPress Asset-Manager Plugin - PHP File Upload WordPress WP-Property Plugin - Arbitrary .PHP File Upload WordPress Asset-Manager Plugin - Arbitrary .PHP File Upload Ubiquiti AirOS 5.5.2 - Remote Post-Authentication Root Command Execution Ubiquiti AirOS 5.5.2 - Remote Authenticated Root Command Execution RobotFTP Server 1.0/2.0 - Remote Pre-Authentication Command Denial of Service RobotFTP Server 1.0/2.0 - Remote Unauthenticated Command Denial of Service SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (1) SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (2) SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (1) SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (2) Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload and Execution Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload / Execution Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun Firebird 1.0 - Remote Unauthenticated Database Name Buffer Overrun Novell NCP - Pre-Authentication Remote Root Exploit Novell NCP - Unauthenticated Remote Root Exploit Polar Helpdesk 3.0 - Cookie Based Authentication System Bypass Polar Helpdesk 3.0 - Cookie Based Authentication Bypass IRIS Citations Management Tool - (Post-Authentication) Remote Command Execution IRIS Citations Management Tool - (Authenticated) Remote Command Execution Polycom HDX - Telnet Authorization Bypass (Metasploit) Polycom HDX - Telnet Authentication Bypass (Metasploit) OpenEMR - PHP File Upload OpenEMR - Arbitrary .PHP File Upload PolarPearCMS - PHP File Upload PolarPearCMS - Arbitrary .PHP File Upload Apache 2.0.x - mod_ssl Remote Denial of Service Apache/mod_ssl 2.0.x - Remote Denial of Service phpWebSite 0.x - Image File Processing Arbitrary PHP File Upload phpWebSite 0.x - Image File Processing Arbitrary .PHP File Upload BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated File Upload BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated Arbitrary File Upload BlueSoleil 1.4 - Object Push Service BlueTooth File Upload Directory Traversal BlueSoleil 1.4 - Object Push Service BlueTooth Arbitrary File Upload / Directory Traversal MoinMoin - twikidraw Action Traversal File Upload MoinMoin - twikidraw Action Traversal Arbitrary File Upload Mikrotik RouterOS sshd (ROSSSH) - Remote Pre-Authentication Heap Corruption Mikrotik RouterOS sshd (ROSSSH) - Remote Unauthenticated Heap Corruption Alt-N MDaemon 2-8 - Remote Pre-Authentication IMAP Buffer Overflow Alt-N MDaemon 2-8 - Remote Unauthenticated IMAP Buffer Overflow FlexWATCH 3.0 - AIndex.asp Authorization Bypass FlexWATCH 3.0 - AIndex.asp Authentication Bypass HP ProCurve Manager - SNAC UpdateDomainControllerServlet File Upload HP ProCurve Manager SNAC - UpdateCertificatesServlet File Upload HP ProCurve Manager - SNAC UpdateDomainControllerServlet Arbitrary File Upload HP ProCurve Manager SNAC - UpdateCertificatesServlet Arbitrary File Upload WordPress Curvo Themes - Cross-Site Request Forgery File Upload WordPress Curvo Themes - Cross-Site Request Forgery / Arbitrary File Upload WordPress Highlight Premium Theme - Cross-Site Request Forgery / File Upload WordPress Highlight Premium Theme - Cross-Site Request Forgery / Arbitrary File Upload PHPBB2 - Admin_Ug_Auth.php Administrative Security Bypass PHPBB2 - Admin_Ug_Auth.php Administrative Bypass Adobe Acrobat Reader - ASLR + DEP Bypass with SANDBOX Bypass Adobe Acrobat Reader - ASLR + DEP Bypass with Sandbox Bypass Castripper 2.50.70 - '.pls' DEP Exploit Castripper 2.50.70 - '.pls' DEP Bypass Exploit Google Urchin 5.7.3 - Report.cgi Authorization Bypass Google Urchin 5.7.3 - Report.cgi Authentication Bypass Adobe Flash - Method Calls Use-After-Free Adobe Flash - Transform.colorTranform Getter Info Leak RSA Authentication Agent for Web 5.3 - URI redirection RSA Authentication Agent for Web 5.3 - URI Redirection Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow Zabbix 2.0 - 3.0.3 - SQL Injection ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload Arbitrary Code Execution ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload / Arbitrary Code Execution Apple iCloud Desktop Client 5.2.1.0 - Local Credentials Disclosure LogMeIn Client 1.3.2462 (64bit) - Local Credentials Disclosure SpagoBI 4.0 - Arbitrary Cross-Site Scripting / File Upload SpagoBI 4.0 - Arbitrary Cross-Site Scripting / Arbitrary File Upload Katello (Red Hat Satellite) - users/update_roles Missing Authorization Katello (Red Hat Satellite) - users/update_roles Missing Authorisation Freepbx 13.0.x < 13.0.154 - Remote Command Execution FreePBX 13.0.x < 13.0.154 - Unauthenticated Remote Command Execution Jobberbase 2.0 - Multiple Vulnerabilities Windows x86 - Bind Shell TCP Shellcode WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated File Upload WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated Arbitrary File Upload Bits Video Script 2.04/2.05 - 'addvideo.php' File Upload / Arbitrary PHP Code Execution Bits Video Script 2.04/2.05 - 'register.php' File Upload / Arbitrary PHP Code Execution Bits Video Script 2.04/2.05 - 'addvideo.php' Arbitrary File Upload / Arbitrary PHP Code Execution Bits Video Script 2.04/2.05 - 'register.php' Arbitrary File Upload / Arbitrary PHP Code Execution Moab < 7.2.9 - Authorization Bypass Moab < 7.2.9 - Authentication Bypass Tapatalk for vBulletin 4.x - Pre-Authentication Blind SQL Injection Tapatalk for vBulletin 4.x - Unauthenticated Blind SQL Injection Drupal Core < 7.32 - Pre-Authentication SQL Injection Drupal Core < 7.32 - Unauthenticated SQL Injection Tincd - Post-Authentication Remote TCP Stack Buffer Overflow Tincd - Authenticated Remote TCP Stack Buffer Overflow PMB 4.1.3 - Post-Authentication SQL Injection PMB 4.1.3 - Authenticated SQL Injection Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Authentication Remote Code Execution Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Unauthenticated Remote Code Execution ManageEngine Multiple Products - Authenticated File Upload ManageEngine Multiple Products - Authenticated Arbitrary File Upload Chyrp 2.x - swfupload Extension upload_handler.php File Upload Arbitrary PHP Code Execution X360 VideoPlayer ActiveX Control 2.6 - (Full ASLR + DEP Bypass) Chyrp 2.x - swfupload Extension upload_handler.php Arbitrary File Upload / Arbitrary PHP Code Execution X360 VideoPlayer ActiveX Control 2.6 - (ASLR + DEP Bypass) Seagate Business NAS 2014.00319 - Pre-Authentication Remote Code Execution Seagate Business NAS 2014.00319 - Unauthenticated Remote Code Execution Symantec Web Gateway 5 - restore.php Post-Authentication Command Injection Symantec Web Gateway 5 - restore.php Authenticated Command Injection JBoss Seam 2 - Arbitrary File Upload and Execution JBoss Seam 2 - Arbitrary File Upload / Execution Barracuda Firmware 5.0.0.012 - Post-Authentication Remote Root Exploit (Metasploit) Barracuda Firmware 5.0.0.012 - Authenticated Remote Root Exploit (Metasploit) Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted File Upload / Arbitrary Code Execution Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted Arbitrary File Upload / Arbitrary Code Execution WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload and Execution WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload / Execution JibberBook 2.3 - 'Login_form.php' Authentication Security Bypass JibberBook 2.3 - 'Login_form.php' Authentication Bypass Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter File Upload / Code Execution Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution Zenoss 3.2.1 - Remote Post-Authentication Command Execution Zenoss 3.2.1 - Remote Authenticated Command Execution Microweber 1.0.3 - Arbitrary File Upload Filter Bypass Remote PHP Code Execution Microweber 1.0.3 - Arbitrary File Upload / Filter Bypass / Remote PHP Code Execution Magento CE < 1.9.0.1 - Post-Authentication Remote Code Execution Magento CE < 1.9.0.1 - Authenticated Remote Code Execution Netsweeper 4.0.9 - Arbitrary File Upload and Execution Netsweeper 4.0.9 - Arbitrary File Upload / Execution Netsweeper 4.0.8 - Arbitrary File Upload and Execution Netsweeper 4.0.8 - Arbitrary File Upload / Execution EasyITSP - 'customers_edit.php' Authentication Security Bypass EasyITSP - 'customers_edit.php' Authentication Bypass Wolf CMS - Arbitrary File Upload and Execution Wolf CMS - Arbitrary File Upload / Execution Konica Minolta FTP Utility 1.00 - Post-Authentication CWD Command SEH Overflow Konica Minolta FTP Utility 1.00 - Authenticated CWD Command SEH Overflow GLPI 0.85.5 - Remote Code Execution (via File Upload Filter Bypass) GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution Dream CMS 2.3.0 - Cross-Site Request Forgery Add Extension / Arbitrary File Upload PHP Code Execution Dream CMS 2.3.0 - Cross-Site Request Forgery (Add Extension) / Arbitrary File Upload / PHP Code Execution vBulletin 5.1.x - Pre-Authentication Remote Code Execution vBulletin 5.1.x - Unauthenticated Remote Code Execution WordPress Ninja Forms 2.7.7 Plugin - Authorization Bypass WordPress WP to Twitter Plugin - Authorization Bypass WordPress Ninja Forms 2.7.7 Plugin - Authentication Bypass WordPress WP to Twitter Plugin - Authentication Bypass Novell ServiceDesk - Authenticated File Upload Novell ServiceDesk - Authenticated Arbitrary File Upload Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated File Upload Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated Arbitrary File Upload Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal DEP + ASLR Bypass) Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal ASLR + DEP Bypass) phpATM 1.32 - Remote Command Execution (Arbitrary File Upload) on Windows Servers phpATM 1.32 - Arbitrary File Upload / Remote Command Execution (Windows Servers) vBulletin 5.x/4.x - Post-Authentication Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API vBulletin 4.x - Post-Authentication SQL Injection in breadcrumbs via xmlrpc API vBulletin 5.x/4.x - Authenticated Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API vBulletin 4.x - Authenticated SQL Injection in breadcrumbs via xmlrpc API Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit) Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit) (3) Barracuda Web Application Firewall 8.0.1.008 - Post-Authentication Remote Root Exploit (Metasploit) Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) (3) Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Root Exploit (Metasploit) phpMyAdmin 4.6.2 - Post-Authentication Remote Code Execution phpMyAdmin 4.6.2 - Authenticated Remote Code Execution vBulletin 5.2.2 - Pre-Authentication Server Side Request Forgery (SSRF) vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery (SSRF) ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authorization Bypass ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass	2016-09-09 05:09:09 +00:00
Offensive Security	5e2fc10125	DB: 2016-09-03	2016-09-03 13:13:25 +00:00
Offensive Security	31a21bb68d	DB: 2016-09-03 ... 14 new exploits Too many to list!	2016-09-03 05:08:42 +00:00
Offensive Security	fc4bc08825	DB: 2016-07-12 ... 15 new exploits Apache HTTPd - Arbitrary Long HTTP Headers DoS Apache HTTPd - Arbitrary Long HTTP Headers DoS (Perl) Apache HTTPd - Arbitrary Long HTTP Headers DoS Apache HTTPd - Arbitrary Long HTTP Headers DoS (C) Mercury Mail 4.01 (Pegasus) IMAP Buffer Overflow Exploit (c code) Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow Exploit (C) (1) Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (2) (c code) Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (C) (2) Webhints <= 1.03 - Remote Command Execution Exploit (perl code) (1) Webhints <= 1.03 - Remote Command Execution Exploit (c code) (2) Webhints <= 1.03 - Remote Command Execution Exploit (perl code) (3) Webhints <= 1.03 - Remote Command Execution Exploit (Perl) (1) Webhints <= 1.03 - Remote Command Execution Exploit (C) (2) Webhints <= 1.03 - Remote Command Execution Exploit (Perl) (3) phpBB <= 2.0.15 - Register Multiple Users Denial of Service (Perl Code) phpBB <= 2.0.15 - Register Multiple Users Denial of Service (C Code) phpBB <= 2.0.15 - Register Multiple Users Denial of Service (Perl) phpBB <= 2.0.15 - Register Multiple Users Denial of Service (C) SimpleBBS <= 1.1 - Remote Commands Execution Exploit (c code) SimpleBBS <= 1.1 - Remote Commands Execution Exploit (C) Xmame 0.102 (-lang) Local Buffer Overflow Exploit (c code) Xmame 0.102 - (lang) Local Buffer Overflow Exploit (C) aFAQ 1.0 (faqDsp.asp catcode) Remote SQL Injection Vulnerability aFAQ 1.0 - (faqDsp.asp catcode) Remote SQL Injection Vulnerability Apple CFNetwork HTTP Response Denial of Service Exploit (rb code) Apple CFNetwork - HTTP Response Denial of Service Exploit (RB) PhpBlock a8.4 (PATH_TO_CODE) Remote File Inclusion Vulnerability PhpBlock a8.4 - (PATH_TO_CODE) Remote File Inclusion Vulnerability WebPortal CMS <= 0.7.4 (code) Remote Code Execution Vulnerability WebPortal CMS <= 0.7.4 - (code) Remote Code Execution Vulnerability emergecolab 1.0 (sitecode) Local File Inclusion Vulnerability emergecolab 1.0 - (sitecode) Local File Inclusion Vulnerability Simple Machines Forums (BBCode) Cookie Stealing Vulnerability Simple Machines Forums - (BBCode) Cookie Stealing Vulnerability Movie PHP Script 2.0 (init.php anticode) Code Execution Vulnerability Movie PHP Script 2.0 - (init.php anticode) Code Execution Vulnerability Kjtechforce mailman b1 (code) SQL Injection Delete Row Vulnerability Kjtechforce mailman b1 - (code) SQL Injection Delete Row Vulnerability WordPress Activity Log Plugin 2.3.1 - Persistent XSS IPS Community Suite 4.1.12.3 - PHP Code Injection Adobe Flash - ATF Processing Overflow Adobe Flash - JXR Processing Double Free Adobe Flash - LMZA Property Decoding Heap Corruption Adobe Flash - ATF Image Packing Overflow Tiki Wiki 15.1 - Unauthenticated File Upload Vulnerability (msf) Ho' Detector (Promiscuous mode detector shellcode) (56 bytes) Ho' Detector - Promiscuous mode detector shellcode (56 bytes) MS16-016 mrxdav.sys WebDav Local Privilege Escalation Ruby on Rails ActionPack Inline ERB Code Execution Lan Messenger sending PM Buffer Overflow (UNICODE) - Overwrite SEH Lan Messenger - sending PM Buffer Overflow (UNICODE) Overwrite SEH Tiki Wiki CMS 15.0 - Arbitrary File Download Belkin Router AC1200 Firmware 1.00.27 - Authentication Bypass WordPress All in One SEO Pack Plugin 2.3.6.1 - Persistent XSS Device42 WAN Emulator 2.3 Traceroute Command Injection Device42 WAN Emulator 2.3 Ping Command Injection Device42 WAN Emulator 2.3 - Traceroute Command Injection Device42 WAN Emulator 2.3 - Ping Command Injection Samsung Galaxy S6 Samsung Gallery - Bitmap Decoding Crash Dell KACE K1000 File Upload Dell KACE K1000 - File Upload Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection Dell SonicWALL Scrutinizer 11.01 - methodDetail SQL Injection Valve Steam 3.42.16.13 - Local Privilege Escalation Beauty Parlour & SPA Saloon Management System - Blind SQL Injection Clinic Management System - Blind SQL Injection Linux x86-64 Continuously-Probing Reverse Shell via Socket + Port-range + Password - 172 Bytes	2016-07-12 05:05:04 +00:00
Offensive Security	76bc268c80	DB: 2016-07-11	2016-07-11 05:06:57 +00:00
Offensive Security	52cf6a3185	DB: 2016-07-07 ... 9 new exploits CIMA DocuClass ECM - Multiple Vulnerabilities 24online SMS_2500i 8.3.6 build 9.0 - SQL Injection Linux 64bit Ncat Shellcode (SSL_ MultiChannel_ Persistant_ Fork_ IPv4/6_ Password) - 176 bytes Advanced Webhost Billing System (AWBS) 2.9.6 - Multiple Vulnerabilities PaKnPost Pro 1.14 - Multiple Vulnerabilities GNU Wget < 1.18 - Arbitrary File Upload/Remote Code Execution OpenFire 3.10.2 - 4.0.1 - Multiple Vulnerabilities Samsung Android JACK - Privilege Escalation Nagios XI Chained Remote Code Execution	2016-07-07 05:06:28 +00:00
Offensive Security	076ef173f9	DB: 2016-06-11 ... 23 new exploits Poison Ivy 2.1.x C2 Buffer Overflow (msf) Matrix42 Remote Control Host 3.20.0031 - Unquoted Path Privilege Escalation Dell OpenManage Server Administrator 8.3 - XML External Entity Exploit Mobiketa 1.0 - CSRF Add Admin Exploit miniMySQLAdmin 1.1.3 - CSRF Execute SQL Query phpMyFAQ 2.9.0 - Stored XSS Windows x86 system(_systeminfo_) Shellcode Armadito Antimalware - Backdoor/Bypass Riot Games League of Legends - Insecure File Permissions Privilege Escalation IPFire proxy.cgi RCE IPFire Bash Environment Variable Injection (Shellshock) Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution OS X Kernel - Exploitable NULL Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext Android - /system/bin/sdcard Stack Buffer Overflow OS X Kernel - Exploitable NULL Pointer Dereference in AppleMuxControl.kext OS X Kernel - Exploitable NULL Pointer Dereference in AppleGraphicsDeviceControl OS X Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource OS X Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value OS X Kernel - Exploitable NULL Pointer Dereference in IOAudioEngine OS X Kernel - OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type OS X Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2 OS X/iOS Kernel - UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient OS X Kernel - Stack Buffer Overflow in GeForce GPU Driver	2016-06-11 05:06:22 +00:00
Offensive Security	614fb1caf8	DB: 2016-05-12 ... 22 new exploits PoPToP PPTP <= 1.1.4-b3 - Remote Root Exploit (poptop-sane.c) PoPToP PPTP <= 1.1.4-b3 - 'poptop-sane.c' Remote Root Exploit Atftpd 0.6 - Remote Root Exploit (atftpdx.c) Atftpd 0.6 - 'atftpdx.c' Remote Root Exploit Yahoo Messenger 5.5 - Remote Exploit (DSR-ducky.c) Yahoo Messenger 5.5 - 'DSR-ducky.c' Remote Exploit CCBILL CGI Remote Exploit for whereami.cgi (ccbillx.c) CCBILL CGI - 'ccbillx.c' whereami.cgi Remote Exploit Cisco IOS IPv4 Packet Denial of Service Exploit (cisco-bug-44020.c) Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service Exploit wu-ftpd 2.6.2 - Remote Denial of Service Exploit (wuftpd-freezer.c) wu-ftpd 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service Exploit Microsoft Windows - (Jolt2.c) Denial of Service Exploit Microsoft Windows - 'Jolt2.c' Denial of Service Exploit TCP SYN Denial of Service Exploit (bang.c) TCP SYN - 'bang.c' Denial of Service Exploit Apache HTTPd - Arbitrary Long HTTP Headers DoS (C) Apache HTTPd - Arbitrary Long HTTP Headers DoS Linux Kernel <= 2.4.26- File Offset Pointer Handling Memory Disclosure Exploit Linux Kernel <= 2.4.26 - File Offset Pointer Handling Memory Disclosure Exploit Linux Kernel 2.6.x (Slackware 9.1/ Debian 3.0) - chown() Group Ownership Alteration Exploit Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Exploit Veritas Backup Exec Agent 8.x/9.x - Browser Overflow (C) Veritas Backup Exec Agent 8.x/9.x - Browser Overflow Apache OpenSSL - Remote Exploit (Multiple Targets) (OpenFuckV2.c) Apache OpenSSL - 'OpenFuckV2.c' Remote Exploit CA License Server (GETCONFIG) Remote Buffer Overflow Exploit (c) CA License Server (GETCONFIG) Remote Buffer Overflow Exploit Aeon 0.2a - Local Linux Exploit (C) Aeon 0.2a - Local Linux Exploit Linux Kernel 2.4 / 2.6 - bluez Local Root Privilege Escalation Exploit (3) Linux Kernel 2.4.x / 2.6.x - 'Bluez' Bluetooth Signed Buffer Index Local Root (3) nbSMTP <= 0.99 (util.c) Client-Side Command Execution Exploit nbSMTP <= 0.99 - 'util.c' Client-Side Command Execution Exploit SuSE Linux <= 9.3 / 10 - (chfn) Local Root Privilege Escalation Exploit Linux chfn (SuSE <= 9.3 / 10) - Local Privilege Escalation Exploit SugarSuite Open Source <= 4.0beta Remote Code Execution Exploit (c) SugarSuite Open Source <= 4.0beta - Remote Code Execution Exploit Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (c) Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (pl) Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (Perl) OpenVMPSd <= 1.3 - Remote Format String Exploit (Multiple Targets) OpenVMPSd <= 1.3 - Remote Format String Exploit Ubuntu Breezy 5.10 Installer Password Disclosure Vulnerability Ubuntu Breezy 5.10 - Installer Password Disclosure Vulnerability X.Org X11 (X11R6.9.0/X11R7.0) - Local Root Privilege Escalation Exploit X.Org X11 (X11R6.9.0/X11R7.0) - Local Privilege Escalation Exploit DataLife Engine <= 4.1 - Remote SQL Injection Exploit (php) DataLife Engine <= 4.1 - Remote SQL Injection Exploit (PHP) Opera 9 IRC Client Remote Denial of Service Exploit (c) Opera 9 IRC Client Remote Denial of Service Exploit (py) Opera 9 - IRC Client Remote Denial of Service Exploit Opera 9 IRC Client - Remote Denial of Service Exploit (Python) Microsoft Windows PNG File IHDR Block Denial of Service Exploit PoC (c) Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (1) Microsoft Windows PNG File IHDR Block Denial of Service Exploit PoC (c) (2) Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (2) Microsoft Internet Explorer (VML) Remote Buffer Overflow Exploit (SP2) (pl) Microsoft Internet Explorer (VML) - Remote Buffer Overflow Exploit (SP2) (Perl) Microsoft Internet Explorer WebViewFolderIcon setSlice() Exploit (pl) Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (Perl) Microsoft Internet Explorer WebViewFolderIcon setSlice() Exploit (c) Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit cPanel <= 10.8.x - (cpwrap via mysqladmin) Local Root Exploit (php) cPanel <= 10.8.x - (cpwrap via mysqladmin) Local Root Exploit (PHP) Xfire <= 1.6.4 - Remote Denial of Service Exploit (pl) Xfire <= 1.6.4 - Remote Denial of Service Exploit (Perl) Microsoft Windows NetpManageIPCConnect Stack Overflow Exploit (py) Microsoft Windows NetpManageIPCConnect - Stack Overflow Exploit (Python) VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (c) VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit QK SMTP <= 3.01 (RCPT TO) Remote Buffer Overflow Exploit (pl) QK SMTP <= 3.01 - (RCPT TO) Remote Buffer Overflow Exploit (Perl) Ubuntu/Debian Apache 1.3.33/1.3.34 - (CGI TTY) Local Root Exploit Apache 1.3.33/1.3.34 (Ubuntu / Debian) - (CGI TTY) Local Root Exploit WarFTP 1.65 (USER) Remote Buffer Overlow Exploit (multiple targets) WarFTP 1.65 (USER) Remote Buffer Overlow Exploit XOOPS Module WF-Snippets <= 1.02 (c) BLIND SQL Injection Exploit XOOPS Module WF-Snippets <= 1.02 (c) - BLIND SQL Injection Exploit IrfanView 3.99 - (.ani) Local Buffer Overflow Exploit (multiple targets) IrfanView 3.99 - (.ani) Local Buffer Overflow Exploit 3proxy 0.5.3g logurl() Remote Buffer Overflow Exploit (Win32) (pl) 3proxy 0.5.3g logurl() - Remote Buffer Overflow Exploit (Win32) (Perl) Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Exploit (c) Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Exploit fuzzylime CMS 3.01 (polladd.php poll) Remote Code Execution Exploit (php) fuzzylime CMS 3.01 (polladd.php poll) Remote Code Execution Exploit (pl) fuzzylime CMS 3.01 (polladd.php poll) Remote Code Execution Exploit (PHP) fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution Exploit (Perl) IntelliTamper 2.07 - (map file) Local Arbitrary Code Execution Exploit (pl) IntelliTamper 2.07 - (map file) Local Arbitrary Code Execution Exploit (Perl) IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow Exploit (c) IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow Exploit BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (py) BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (Python) BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (c) BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit (py) CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit (Python) Browser3D 3.5 - (.sfs) Local Stack Overflow Exploit (c) Browser3D 3.5 - (.sfs) Local Stack Overflow Exploit Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002) (py) Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002) (Python) EFS Easy Chat Server Authentication Request Buffer Overflow Exploit (pl) EFS Easy Chat Server - Authentication Request Buffer Overflow Exploit (Perl) CastRipper 2.50.70 - (.m3u) Universal Stack Overflow Exploit (py) CastRipper 2.50.70 - (.m3u) Universal Stack Overflow Exploit (Python) Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (php) Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (PHP) Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (pl) Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (Perl) kloxo 5.75 - (24 issues) Multiple Vulnerabilities kloxo 5.75 - Multiple Vulnerabilities Mozilla Firefox 3.5 (Font tags) Remote Heap Spray Exploit (pl) Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (Perl) Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (C) Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit MailEnable 1.52 HTTP Mail Service Stack BoF Exploit PoC MailEnable 1.52 - HTTP Mail Service Stack BoF Exploit PoC (Ubuntu 9.10/10.04) PAM 1.1.0 - MOTD File Tampering (Privilege Escalation) Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation Local Root Exploit (1) Cacti 0.8.7e: Multiple Security Issues Cacti 0.8.7e - Multiple Vulnerabilities (Tod Miller's) Sudo/SudoEdit 1.6.x < 1.6.9p21 & 1.7.x < 1.7.2p4 - Local Root Exploit (Tod Miller's) Sudo/SudoEdit 1.6.x / 1.7.x (<= 1.6.9p21 / <= 1.7.2p4) - Local Root Exploit PAM 1.1.0 MOTD (Ubuntu 9.10/10.04) - Local Root Exploit Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation Local Root Exploit (2) Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32-21) - Privilege Escalation Exploit Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32) - Privilege Escalation Exploit Ubuntu Linux - 'mountall' - Local Privilege Escalation Vulnerability mountall <= 2.15.2 (Ubuntu 10.04/10.10) - Local Privilege Escalation Vulnerability Cilem Haber 1.4.4 (Tr) - Database Disclosure Exploit (.py) Cilem Haber 1.4.4 (Tr) - Database Disclosure Exploit (Python) PHP Hosting Directory 2.0 Database Disclosure Exploit (.py) PHP Hosting Directory 2.0 Database Disclosure Exploit (Python) systemtap - Local Root Privilege Escalation Vulnerability systemtap - Local Privilege Escalation Vulnerability Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 110.10) - Local Privilege Escalation Exploit (2) Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 11.10) - Local Privilege Escalation Exploit (2) Kunena < 1.5.13_ < 1.6.3 - SQL Injection Vulnerability Kunena < 1.5.13 / < 1.6.3 - SQL Injection Vulnerability HP OpenView NNM 7.53_ 7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow HP OpenView NNM 7.53/7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow Safari 5.0.6_ 5.1 - SVG DOM Processing PoC Safari 5.0.6/5.1 - SVG DOM Processing PoC Ubuntu <= 11.04 ftp client Local Buffer Overflow Crash PoC FTP Client (Ubuntu <= 11.04) - Local Buffer Overflow Crash PoC Acpid 1:2.0.10-1ubuntu2 - Privilege Boundary Crossing Vulnerability Acpid 1:2.0.10-1ubuntu2 (Ubuntu 11.10/11.04) - Privilege Boundary Crossing Local Root Exploit RedHat Linux <= 6.0_ Slackware Linux <= 4.0 Termcap tgetent() Buffer Overflow (1) RedHat Linux <= 6.0_ Slackware Linux <= 4.0 Termcap tgetent() Buffer Overflow (2) RedHat Linux <= 6.0 / Slackware Linux <= 4.0 - Termcap tgetent() Buffer Overflow (1) RedHat Linux <= 6.0 / Slackware Linux <= 4.0 - Termcap tgetent() Buffer Overflow (2) Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1) Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2) Linux Kernel 2.2.x/2.4.0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1) Linux Kernel 2.2.x/2.4.0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2) Debian 2.x_RedHat 6.2_IRIX 5/6_ Solaris 2.x Mail Reply-To Field Vulnerability Debian 2.x_ RedHat 6.2_ IRIX 5/6_ Solaris 2.x - Mail Reply-To Field Vulnerability Pure-FTPd 1.0.21 (CentOS 6.2 & Ubuntu 8.04) - Crash PoC (Null Pointer Dereference) Pure-FTPd 1.0.21 (CentOS 6.2 / Ubuntu 8.04) - Crash PoC (Null Pointer Dereference) FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (1) FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (2) FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (3) FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (4) FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (5) FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (1) FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (2) FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (3) FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (4) FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (5) cPanel 5.0 - Openwebmail Local Privileges Escalation Vulnerability cPanel 5.0 - Openwebmail Local Privilege Escalation Vulnerability Linux-PAM 0.77 - Pam_Wheel Module getlogin() Username Spoofing Privileged Escalation Vulnerability Linux PAM 0.77 - Pam_Wheel Module getlogin() Username Spoofing Privilege Escalation Vulnerability Totem Movie Player (Ubuntu) 3.4.3 - Stack Corruption Totem Movie Player 3.4.3 (Ubuntu) - Stack Corruption Flightgear 2.0_ 2.4 - Remote Format String Exploit Flightgear 2.0/2.4 - Remote Format String Exploit Opera 7.x_ Firefox 1.0_ Internet Explorer 6.0 - Information Disclosure Weakness Opera 7.x/Firefox 1.0/Internet Explorer 6.0 - Information Disclosure Weakness Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index PoC Vulnerability (1) Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (2) Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (3) Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (4) Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index PoC (1) Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root (2) Linux Kernel <= 2.4.30 / <= 2.6.11.5 - Bluetooth bluez_sock_create Local Root Vulnerability Linux Kernel 2.6.37 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit Linux Kernel 2.6.32 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit Linux Kernel 3.8.x - open-time Capability file_ns_capable() Privilege Escalation Linux Kernel < 3.8.x - open-time Capability file_ns_capable() Privilege Escalation OSX <= 10.8.4 - Local Root Privilege Escalation (py) OSX <= 10.8.4 - Local Privilege Escalation (Python) Moodle 2.3.8_ 2.4.5 - Multiple Vulnerabilities Moodle 2.3.8/2.4.5 - Multiple Vulnerabilities IBM AIX 6.1 / 7.1 - Local Root Privilege Escalation IBM AIX 6.1 / 7.1 - Local Privilege Escalation glibc and eglibc 2.5_ 2.7_ 2.13 - Buffer Overflow Vulnerability glibc and eglibc 2.5/2.7/2.13 - Buffer Overflow Vulnerability StatusNet/Laconica 0.7.4_ 0.8.2_ 0.9.0beta3 - Arbitrary File Reading StatusNet/Laconica 0.7.4/0.8.2/0.9.0beta3 - Arbitrary File Reading Links_ ELinks 'smbclient' Remote Command Execution Vulnerability Links_ ELinks 'smbclient' - Remote Command Execution Vulnerability Flyspray 0.9.9 - Information Disclosure_ HTML Injection and Cross-Site Scripting Vulnerabilities Flyspray 0.9.9 - Information Disclosure/HTML Injection/Cross-Site Scripting Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - Local Root (CONFIG_X86_X32=y) Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - 'CONFIG_X86_X32=y' Local Root Exploit Symantec Endpoint Protection Manager 11.0_ 12.0_ 12.1 - Remote Command Execution Exploit Symantec Endpoint Protection Manager 11.0/12.0/12.1 - Remote Command Execution Exploit ownCloud 4.0.x_ 4.5.x (upload.php filename param) - Remote Code Execution ownCloud 4.0.x/4.5.x (upload.php filename param) - Remote Code Execution Procentia IntelliPen 1.1.12.1520 (Data.aspx_ value param) - Blind SQL Injection Vtiger CRM 5.4.0_ 6.0 RC_ 6.0.0 GA (browse.php file param) - Local File Inclusion Procentia IntelliPen 1.1.12.1520 - data.aspx Blind SQL Injection Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA (browse.php file param) - Local File Inclusion Haihaisoft HUPlayer 1.0.4.8 - (.m3u_ .pls_ .asx) Buffer Overflow (SEH) Haihaisoft Universal Player 1.5.8 - (.m3u_ .pls_ .asx) Buffer Overflow (SEH) Haihaisoft HUPlayer 1.0.4.8 - (.m3u/.pls/.asx) Buffer Overflow (SEH) Haihaisoft Universal Player 1.5.8 - (.m3u/.pls/.asx) Buffer Overflow (SEH) JIRA Issues Collector Directory Traversal JIRA Issues Collector - Directory Traversal CMSimple 4.4_ 4.4.2 - Remote File Inclusion CMSimple 4.4/4.4.2 - Remote File Inclusion Core FTP Server 1.2_ build 535_ 32-bit - Crash PoC Core FTP Server 1.2 build 535 32-bit - Crash PoC Samba <= 3.4.5 - Symlink Directory Traversal Vulnerability (C) Samba <= 3.4.5 - Symlink Directory Traversal Vulnerability Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR_ DEP & EMET 4.1.x Bypass (MS12-037) Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 4.1.x Bypass (MS12-037) Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation Symantec Endpoint Protection 11.x_ 12.x - Kernel Pool Overflow Symantec Endpoint Protection 11.x/12.x - Kernel Pool Overflow Linux Kernel 3.16.1 - Remount FUSE Exploit Linux Kernel < 3.16.1 - Remount FUSE Local Root Exploit Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR_ DEP & EMET 5.0 Bypass (MS12-037) Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 5.0 Bypass (MS12-037) Rejetto HTTP File Server (HFS) 2.3a_ 2.3b_ 2.3c - Remote Command Execution Rejetto HTTP File Server (HFS) 2.3a/2.3b/2.3c - Remote Command Execution Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR_ DEP & EMET 5.1 Bypass (MS12-037) Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 5.1 Bypass (MS12-037) Mac OS X - IOKit Keyboard Driver Root Privilege Escalation Mac OS X - IOKit Keyboard Driver Privilege Escalation Liferay Portal 7.0.0 M1_ 7.0.0 M2_ 7.0.0 M3 - Pre-Auth RCE Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Auth RCE vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion_ SQL Injection & XSS vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion/SQL Injection/XSS MalwareBytes Anti-Exploit 1.03.1.1220_ 1.04.1.1012 Out-of-bounds Read DoS MalwareBytes Anti-Exploit 1.03.1.1220/1.04.1.1012 Out-of-bounds Read DoS JBoss AS 3_ 4_ 5_ 6 - Remote Command Execution JBoss AS 3/4/5/6 - Remote Command Execution Mac OS X < 10.7.5_ 10.8.2_ 10.9.5 10.10.2 - rootpipe Local Privilege Escalation Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - rootpipe Local Privilege Escalation Alienvault OSSIM/USM 4.14_ 4.15_ and 5.0 - Multiple Vulnerabilities Alienvault OSSIM/USM 4.14/4.15/5.0 - Multiple Vulnerabilities Pandora FMS 5.0_ 5.1 - Authentication Bypass Pandora FMS 5.0/5.1 - Authentication Bypass Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shell) Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root Shell Cisco AnyConnect Secure Mobility 2.x_ 3.x_ 4.x - Client DoS PoC Cisco AnyConnect Secure Mobility 2.x/3.x/4.x - Client DoS PoC Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shadow File) Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Privilege Escalation (Access /etc/shadow) Orchard CMS 1.7.3_ 1.8.2_ 1.9.0 - Stored XSS Vulnerability Orchard CMS 1.7.3/1.8.2/1.9.0 - Stored XSS Vulnerability Ubuntu 14.04 NetKit FTP Client - Crash/DoS PoC NetKit FTP Client (Ubuntu 14.04) - Crash/DoS PoC Interspire Email Marketer Cross Site Scripting_ HTML Injection_ and SQL Injection Vulnerabilities Interspire Email Marketer - (Cross Site Scripting/HTML Injection/SQL Injection) Multiple Vulnerabilities BigDump Cross Site Scripting_ SQL Injection_ and Arbitrary File Upload Vulnerabilities BigDump - (Cross Site Scripting/SQL Injection/Arbitrary File Upload) Multiple Vulnerabilities Elastix < 2.5 _ PHP Code Injection Exploit Elastix < 2.5 - PHP Code Injection Exploit Microsoft Office Excel 2007_ 2010_ 2013 - BIFFRecord Use-After-Free Microsoft Office Excel 2007/2010/2013 - BIFFRecord Use-After-Free OS X Regex Engine (TRE) - Integer Signedness and Overflow Issues OS X Regex Engine (TRE) - (Integer Signedness and Overflow) Multiple Vulnerabilities Linux Kernel 3.3.5 - 'CLONE_NEWUSER|CLONE_FS' Local Privilege Escalation Vulnerability Linux Kernel 3.0 < 3.3.5 - 'CLONE_NEWUSER|CLONE_FS' Local Privilege Escalation Vulnerability Linux Kernel <=4.3.3 (Ubuntu 14.04_ 15.10) - overlayfs Local Root Exploit Linux Kernel <= 4.3.3 (Ubuntu 14.04/15.10) - overlayfs Local Root Exploit Exim < 4.86.2 - Local Root Privilege Escalation Exim < 4.86.2 - Local Privilege Escalation RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - snd-usb-audio Crash PoC RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - iowarrior driver Crash PoC Linux Kernel 3.10.0-229.x (RHEL 7.1. CentOS) - snd-usb-audio Crash PoC Linux Kernel 3.10.0-229.x (RHEL 7.1. CentOS) - iowarrior driver Crash PoC Trend Micro Deep Discovery Inspector 3.8_ 3.7 - CSRF Vulnerabilities Trend Micro Deep Discovery Inspector 3.8/3.7 - CSRF Vulnerabilities FireEye - Privilege Escalation to root from Malware Input Processor (uid=mip) FireEye - Malware Input Processor (uid=mip) Privilege Escalation Exploit Novell Service Desk 7.1.0_ 7.0.3 and 6.5 - Multiple Vulnerabilities Novell Service Desk 7.1.0/7.0.3 and 6.5 - Multiple Vulnerabilities Internet Explorer 9_ 10_ 11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112) Internet Explorer 9/10/11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112) Linux (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow) Linux Kernel (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow) Linux (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps Linux Kernel (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps Android Broadcom Wi-Fi Driver - Memory Corruption CIScan 1.00 - Hostname/IP Field SEH Overwrite PoC FileZilla FTP Client 3.17.0.0 - Unquoted Path Privilege Escalation Intuit QuickBooks Desktop 2007 - 2016 - Arbitrary Code Execution	2016-05-12 05:03:21 +00:00
Offensive Security	28f57d0dba	DB: 2016-05-03 ... 5 new exploits WordPress Ghost Plugin 0.5.5 - Unrestricted Export Download .Net Framework Execute Native x86 Shellcode Acunetix WVS 10 - Remote Command Execution (System) Apache Struts Dynamic Method Invocation Remote Code Execution QSEE - PRDiag* Commands Privilege Escalation Exploit	2016-05-03 05:04:01 +00:00
Offensive Security	921bb6b2e3	DB: 2016-04-12 ... 9 new exploits Hikvision Digital Video Recorder - Cross-Site Request Forgery WPN-XM Serverstack 0.8.6 - Cross Site Request Forgery OpenCart 2.1.0.2 to 2.2.0.0 - json_decode Function Remote Code Execution CAM UnZip 5.1 - Archive Path Traversal Axis Network Cameras - Multiple Vulnerabilities Linux/x86_64 - bindshell (PORT: 5600) - 81 bytes Android - IOMX getConfig/getParameter Information Disclosure Android - IMemory Native Interface is Insecure for IPC Use Novell Service Desk 7.1.0_ 7.0.3 and 6.5 - Multiple Vulnerabilities	2016-04-12 05:04:12 +00:00
Offensive Security	6290e0021e	DB: 2016-04-02 ... 8 new exploits Microsoft Windows 2000/XP - (RPC DCOM) Remote Exploit Microsoft Windows 2000/XP - (RPC DCOM) Remote Exploit (MS03-026) Microsoft Windows NT/2000/XP/2003/Vista/2008/7 - User Mode to Ring Escalation Vulnerability (KiTrap0D) Microsoft Windows NT/2000/XP/2003/Vista/2008/7 - User Mode to Ring Escalation Vulnerability (KiTrap0D) (MS10-015) PHP <= 7.0.4/5.5.33 - SNMP Format String Exploit Windows Kernel - Bitmap Use-After-Free Windows Kernel - NtGdiGetTextExtentExW Out-of-Bounds Memory Read Adobe Flash - URLStream.readObject Use-After-Free Adobe Flash - TextField.maxChars Use-After-Free Android - ih264d_process_intra_mb Memory Corruption Adobe Flash - Color.setTransform Use-After-Free PHP 5.5.33 - Invalid Memory Write	2016-04-02 05:02:51 +00:00
Offensive Security	5d20c14812	DB: 2016-03-31 ... 10 new exploits Wordpress Plugin IMDb Profile Widget 1.0.8 - Local File Inclusion WordPress Photocart Link Plugin 1.6 - Local File Inclusion LShell <= 0.9.15 - Remote Code Execution Apple Quicktime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 1 Apple Quicktime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 2 Apple Quicktime < 7.7.79.80.95 - PSD File Parsing Memory Corruption CubeCart 6.0.10 - Multiple Vulnerabilities Kamailio 4.3.4 - Heap-Based Buffer Overflow ATutor 2.2.1 Directory Traversal / Remote Code Execution Metaphor - Stagefright Exploit with ASLR Bypass	2016-03-31 05:01:58 +00:00
Offensive Security	67cc75a29b	DB: 2016-03-29 ... 9 new exploits Serv-U 3x - 5.x - Local Privilege Escalation Exploit Serv-U 3.x - 5.x - Local Privilege Escalation Exploit SHOUTcast 1.9.4 File Request Format String Remote Exploit (win) SHOUTcast 1.9.4 - File Request Format String Remote Exploit (Windows) Monstra CMS 3.0.3 - Multiple Vulnerabilities pragmaMX Module Landkarten 2.1 - Local File Inclusion Exploit (win) GeBlog 0.1 - GLOBALS[tplname] Local File Inclusion Exploit (win) pragmaMX Module Landkarten 2.1 - Local File Inclusion Exploit (Windows) GeBlog 0.1 - GLOBALS[tplname] Local File Inclusion Exploit (Windows) PicoFlat CMS 0.5.9 - Local File Inclusion Vulnerabilitty (win) PicoFlat CMS 0.5.9 - Local File Inclusion Vulnerabilitty (Windows) Tribiq CMS 5.0.10a - Local File Inclusion Vulnerability (win) Tribiq CMS 5.0.10a - Local File Inclusion Vulnerability (Windows) Apache Tomcat - runtime.getRuntime().exec() Privilege Escalation (win) Apache Tomcat - runtime.getRuntime().exec() Privilege Escalation (Windows) AJA Portal 1.2 - Local File Inclusion Vulnerabilities (win) AJA Portal 1.2 - Local File Inclusion Vulnerabilities (Windows) Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption PoC (MS09-002) Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption PoC (MS09-002) XBMC 8.10 (Get Request) Remote Buffer Overflow Exploit (win) XBMC 8.10 - (GET Request) Remote Buffer Overflow Exploit (Windows) MonGoose 2.4 Webserver Directory Traversal Vulnerability (win) MonGoose 2.4 - Webserver Directory Traversal Vulnerability (Windows) Apple iTunes 8.1.1.10 - (itms/itcp) Remote Buffer Overflow Exploit (win) Apple iTunes 8.1.1.10 - (itms/itcp) Remote Buffer Overflow Exploit (Windows) Adobe Related Service - (getPlus_HelperSvc.exe) Local Privilege Escalation Adobe 9.x Related Service - (getPlus_HelperSvc.exe) Local Privilege Escalation PulseAudio setuid - Local Privilege Escalation Exploit Adobe Acrobat 9.1.2 - NOS Local Privilege Escalation Exploit Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (C) Adobe Acrobat 9.1.2 - NOS Local Privilege Escalation Exploit (py) Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (Python) Serv-u Web client 9.0.0.5 - Buffer Overflow Serv-U Web Client 9.0.0.5 - Buffer Overflow (2) Serv-u Web client 9.0.0.5 - Buffer Overflow Serv-U Web Client 9.0.0.5 - Buffer Overflow (1) Qihoo 360 Security Guard breg device drivers Privilege Escalation Vulnerability Qihoo 360 Security Guard 6.1.5.1009 - breg device drivers Privilege Escalation Vulnerability Sysax Multi Server (SFTP module) Multiple Commands DoS Vulnerabilities Sysax Multi Server < 5.25 - (SFTP Module) Multiple Commands DoS Vulnerabilities Integard Pro 2.2.0.9026 - Windows 7 ROP-Code (Metasploit) Integard Pro 2.2.0.9026 - Windows 7 ROP-Code (Metasploit) WordPress Plugin mingle forum <= 1.0.26 - Multiple Vulnerabilities WordPress Plugin mingle forum <= 1.0.26 - Multiple Vulnerabilities Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067) Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067) WordPress Plugin ajax category dropdown 0.1.5 - Multiple Vulnerabilities WordPress Plugin ajax category dropdown 0.1.5 - Multiple Vulnerabilities Sysax Multi Server 5.50 Create Folder BOF Sysax Multi Server 5.50 - Create Folder BOF Sysax Multi Server <= 5.52 File Rename BoF RCE (Egghunter) Sysax Multi Server <= 5.52 - File Rename BoF RCE (Egghunter) Sysax Multi Server 5.53 SFTP Post Auth SEH Exploit Sysax <= 5.53 SSH Username BoF Pre Auth RCE (Egghunter) Sysax Multi Server 5.53 - SFTP Post Auth SEH Exploit Sysax <= 5.53 - SSH Username BoF Pre Auth RCE (Egghunter) Sysax 5.53 SSH Username Buffer Overflow (Metasploit) Sysax 5.53 - SSH Username Buffer Overflow (Metasploit) sysax <= 5.57 - Directory Traversal Sysax <= 5.57 - Directory Traversal Sysax <= 5.60 Create SSL Certificate Buffer Overflow Sysax <= 5.60 - Create SSL Certificate Buffer Overflow Sysax <= 5.62 Admin Interface Local Buffer Overflow Sysax <= 5.62 - Admin Interface Local Buffer Overflow Sysax Multi-Server 5.64 Create Folder Buffer Overflow Sysax Multi Server 5.64 Create Folder Buffer Overflow Sysax Multi Server 5.64 - Create Folder Buffer Overflow ActFax 4.31 - Local Privilege Escalation Exploit ActFax Server 4.31 Build 0225 - Local Privilege Escalation Exploit PHP-Nuke Search Module - Modules.PHP Remote Directory Traversal Vulnerability PHP-Nuke Search Module - Modules.PHP Remote Directory Traversal Vulnerability STHS v2 Web Portal prospects.php team Parameter SQL Injection STHS v2 Web Portal prospect.php team Parameter SQL Injection STHS v2 Web Portal team.php team Parameter SQL Injection STHS v2 Web Portal - prospects.php team Parameter SQL Injection STHS v2 Web Portal - prospect.php team Parameter SQL Injection STHS v2 Web Portal - team.php team Parameter SQL Injection WK UDID v1.0.1 iOS - Command Inject Vulnerability WK UDID 1.0.1 iOS - Command Inject Vulnerability Hawkeye-G v3.0.1.4912 CSRF Vulnerability Hawkeye-G 3.0.1.4912 - CSRF Vulnerability Hawkeye-G v3.0.1.4912 Persistent XSS & Information Leakage Hawkeye-G 3.0.1.4912 - Persistent XSS & Information Leakage Reaver Pro Local Privilege Escalation Vulnerability Reaver Pro - Local Privilege Escalation Vulnerability Sysax Multi Server 6.40 SSH Component Denial of Service Sysax Multi Server 6.40 - SSH Component Denial of Service WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection w3tw0rk / Pitbul IRC Bot Remote Code Execution w3tw0rk / Pitbul IRC Bot - Remote Code Execution Dropbox < 3.3.x - OSX FinderLoadBundle Local Root Exploit Dropbox < 3.3.x - OSX FinderLoadBundle Local Root Exploit Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities WordPress Plugin Sell Download v1.0.16 - Local File Disclosure WordPress Plugin TheCartPress v1.4.7 - Multiple Vulnerabilities WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities WordPress Plugin Sell Download 1.0.16 - Local File Disclosure WordPress Plugin TheCartPress 1.4.7 - Multiple Vulnerabilities Cyclope Employee Surveillance <= v8.6.1- Insecure File Permissions Cyclope Employee Surveillance <= 8.6.1- Insecure File Permissions XM Easy Personal FTP Server 5.8 - (HELP) Remote DoS Vulnerability XM Easy Personal FTP Server 5.8 - (HELP) Remote DoS Vulnerability Liferay Portal 5.1.2 - Persistent XSS Trend Micro Deep Discovery Inspector 3.8_ 3.7 - CSRF Vulnerabilities Linux/x86_x64 - execve(/bin/sh) - 25 bytes Linux/x86_x64 - execve(/bin/bash) - 33 bytes TallSoft SNMP TFTP Server 1.0.0 - Denial of Service FireEye - Privilege Escalation to root from Malware Input Processor (uid=mip) Android One mt_wifi IOCTL_GET_STRUCT Privilege Escalation Cogent Datahub <= 7.3.9 Gamma Script Elevation of Privilege	2016-03-29 05:02:00 +00:00
Offensive Security	95bca4864b	DB: 2016-03-19	2016-03-19 05:03:36 +00:00
Offensive Security	62a54b60c6	DB: 2016-02-27 ... 12 new exploits	2016-02-27 05:02:14 +00:00
Offensive Security	c25db93691	DB: 2016-02-12 ... 4 new exploits	2016-02-12 05:01:47 +00:00
Offensive Security	a5b96c2067	DB: 2016-01-28 ... 11 new exploits	2016-01-28 05:02:01 +00:00
Offensive Security	67dd87a6f5	DB: 2016-01-27 ... 15 new exploits	2016-01-27 05:03:06 +00:00
Offensive Security	ed1f034a74	DB: 2015-12-21 ... 4 new exploits	2015-12-21 05:03:40 +00:00
Offensive Security	4ac8afedb7	DB: 2015-12-18 ... 26 new exploits	2015-12-18 05:02:23 +00:00
Offensive Security	f25ba13a4f	DB: 2015-11-28 ... 6 new exploits	2015-11-28 05:03:37 +00:00
Offensive Security	c4e7f4ce3a	DB: 2015-11-06 ... 21 new exploits	2015-11-06 05:02:38 +00:00
Offensive Security	877373ae37	DB: 2015-11-04 ... 16 new exploits	2015-11-04 05:03:17 +00:00
Offensive Security	6123605b39	DB: 2015-11-01 ... 10 new exploits	2015-11-01 05:01:56 +00:00
Offensive Security	9005d315b8	DB: 2015-10-29 ... 12 new exploits	2015-10-29 05:02:34 +00:00
Offensive Security	44c9eb6ea9	DB: 2015-09-25 ... 7 new exploits	2015-09-25 05:02:19 +00:00
Offensive Security	b81cdc3a7b	DB: 2015-09-18 ... 9 new exploits	2015-09-18 05:02:42 +00:00
Offensive Security	fcfafebf3e	DB: 2015-09-16 ... 24 new exploits	2015-09-16 05:02:44 +00:00
Offensive Security	5a826c21cf	DB: 2015-09-14 ... 6 new exploits	2015-09-14 05:03:21 +00:00
Offensive Security	229204741f	DB: 2015-09-10 ... 15 new exploits	2015-09-10 05:04:12 +00:00
Offensive Security	9c07c0f3e0	DB: 2015-08-17 ... 17 new exploits	2015-08-17 05:01:49 +00:00
Offensive Security	d724ef2617	DB: 2015-07-07 ... 10 new exploits	2015-07-07 05:03:01 +00:00
Offensive Security	15dae7c288	DB: 2015-06-24 ... 12 new exploits	2015-06-24 05:02:37 +00:00
Offensive Security	b3321b3426	DB: 2015-05-15 ... 17 new exploits	2015-05-15 05:02:32 +00:00
Offensive Security	cc553d1147	DB: 2015-04-20 ... 11 new exploits	2015-04-20 12:44:13 +00:00
Offensive Security	5924dde297	DB: 2015-03-19 ... 2 new exploits	2015-03-19 09:39:10 +00:00
Offensive Security	40cfbfb905	Update: 2015-01-28 ... 24 new exploits	2015-01-28 08:35:58 +00:00
Offensive Security	77291f0ca3	Update: 2015-01-19 ... 16 new exploits	2015-01-19 08:35:52 +00:00
Offensive Security	5ab0a9cb63	Update: 2014-12-30 ... 7 new exploits	2014-12-30 08:37:44 +00:00
Offensive Security	fa9aebca13	Update: 2014-12-29 ... 10 new exploits	2014-12-29 10:19:37 +00:00
Offensive Security	9195172fad	Updated 11_28_2014	2014-11-28 04:53:33 +00:00
Offensive Security	c195143ac6	Updated 11_20_2014	2014-11-20 04:47:03 +00:00
Offensive Security	bb76fb3805	Updated 07_18_2014	2014-07-18 04:40:01 +00:00
Offensive Security	46dd79985b	Updated 04_18_2014	2014-04-18 04:35:42 +00:00
Offensive Security	637e59de55	Updated 04_09_2014	2014-04-09 04:32:27 +00:00