Offensive Security
07fdc778ee
DB: 2016-10-21
...
24 new exploits
NetAuctionHelp 4.1 - search.asp SQL Injection
Apple Mac OSX 10.4.11 2007-008 - i386_set_ldt System Call Local Arbitrary Code Execution
Microsoft Edge - Array.map Heap Overflow (MS16-119)
Microsoft Jet Database Engine - '.MDB' File Parsing Remote Buffer Overflow
Microsoft Edge - Array.join Info Leak (MS16-119)
Windows DeviceApi CMApi PiCMOpenDeviceKey - Arbitrary Registry Key Write Privilege Escalation (MS16-124)
Windows DeviceApi CMApi - PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124)
HikVision Security Systems - Activex Buffer Overflow
Oracle Netbeans IDE 8.1 - Directory Traversal
MiCasa VeraLite - Remote Code Execution
Oracle BI Publisher 11.1.1.6.0 / 11.1.1.7.0 / 11.1.1.9.0 / 12.2.1.0.0 - XML External Entity Injection
Classifieds Rental Script - SQL Injection
SAP NetWeaver KERNEL 7.0 < 7.5 - Denial of Service
SAP Adaptive Server Enterprise 16 - Denial of Service
Event Calendar PHP 1.5 - SQL Injection
SPIP 3.1.2 Template Compiler/Composer - PHP Code Execution
SPIP 3.1.1 / 3.1.2 - File Enumeration / Path Traversal
SPIP 3.1.2 - Cross-Site Request Forgery
Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120)
Windows win32k.sys - TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120)
Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124)
Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123)
Microsoft Edge - Function.apply Info Leak (MS16-119)
Microsoft Edge - Spread Operator Stack Overflow (MS16-119)
Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118)
Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118)
Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124)
Hak5 WiFi Pineapple - Preconfiguration Command Injection (Metasploit)
OpenNMS - Java Object Unserialization Remote Code Execution (Metasploit)
2016-10-21 05:01:17 +00:00
Offensive Security
77b46b2163
DB: 2016-10-20
...
13 new exploits
PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow (PoC)
PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow
PHP FFI Extension 5.0.5 - Local Safe_mode Bypass Exploit
PHP FFI Extension 5.0.5 - Local Safe_mode Bypass
PHP 5.2.0 (Windows x86) - (PHP_iisfunc.dll) Local Buffer Overflow (PoC)
PHP 5.2.0 (Windows x86) - (PHP_iisfunc.dll) Local Buffer Overflow
Wireshark < 0.99.5 - DNP3 Dissector Infinite Loop Exploit
Wireshark < 0.99.5 - DNP3 Dissector Infinite Loop
Apple QuickTime < 7.2 - SMIL Remote Integer Overflow (PoC)
Apple QuickTime < 7.2 - SMIL Remote Integer Overflow
Mercury/32 4.52 IMAPD - SEARCH command Authenticated Overflow
Mercury/32 4.52 IMAPD - SEARCH Command Authenticated Overflow
Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow (PoC)
Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow
Integramod nederland 1.4.2 - Remote File Inclusion
Integramod Nederland 1.4.2 - Remote File Inclusion
CNDSOFT 2.3 - Cross-Site Request Forgery / Arbitrary File Upload
NETGATE Registry Cleaner build 16.0.205 - Unquoted Service Path Privilege Escalation
NETGATE Registry Cleaner 16.0.205 - Unquoted Service Path Privilege Escalation
NETGATE AMITI Antivirus build 23.0.305 - Unquoted Service Path Privilege Escalation
NETGATE AMITI Antivirus 23.0.305 - Unquoted Service Path Privilege Escalation
The Unarchiver 3.11.1 - '.tar.Z' Crash PoC
XhP CMS 0.5.1 - Cross-Site Request Forgery / Persistent Cross-Site Scripting
IObit Advanced SystemCare 10.0.2 - Unquoted Service Path Privilege Escalation
Intel(R) Management Engine Components 8.0.1.1399 - Unquoted Service Path Privilege Escalation
Lenovo RapidBoot HDD Accelerator 1.00.0802 - Unquoted Service Path Privilege Escalation
Lenovo Slim USB Keyboard 1.09 - Unquoted Service Path Privilege Escalation
Vembu StoreGrid 4.0 - Unquoted Service Path Privilege Escalation
Lenovo ThinkVantage Communications Utility 3.0.42.0 - Unquoted Service Path Privilege Escalation
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed 15.1.0.0096 - Unquoted Service Path Privilege Escalation
Intel(R) PROSet/Wireless WiFi Software 15.01.1000.0927 - Unquoted Service Path Privilege Escalation
PDF Complete 4.1.12 Corporate Edition - Unquoted Service Path Privilege Escalation
Realtek High Definition Audio Driver 6.0.1.6730 - Unquoted Service Path Privilege Escalation
2016-10-20 05:01:17 +00:00
Offensive Security
558ab1fc67
DB: 2016-10-18
...
24 new exploits
Entrepreneur Job Portal Script - SQL Injection
Entrepreneur Job Portal Script 2.06 - SQL Injection
NETGATE Registry Cleaner build 16.0.205 - Unquoted Service Path Privilege Escalation
HP Client - Automation Command Injection / Remote Code Execution
HP Client 9.1/9.0/8.1/7.9 - Command Injection
NO-IP DUC v4.1.1 - Unquoted Service Path Privilege Escalation
NO-IP DUC 4.1.1 - Unquoted Service Path Privilege Escalation
Wondershare PDFelement 5.2.9 - Unquoted Service Path Privilege Escalation
Firefox 49.0.1 - Denial of Service
Graylog Collector 0.4.2 - Unquoted Service Path Privilege Escalation
NETGATE AMITI Antivirus build 23.0.305 - Unquoted Service Path Privilege Escalation
NETGATE Data Backup build 3.0.605 - Unquoted Service Path Privilege Escalation
Student Information System (SIS) 0.1 - Authentication Bypass
Web Based Alumni Tracking System 0.1 - SQL Injection
Simple Dynamic Web 0.1 - SQL Injection
Learning Management System 0.1 - Authentication Bypass
Fashion Shopping Cart 0.1 - SQL Injection
Health Record System 0.1 - Authentication Bypass
Windows x64 - WinExec() Shellcode (93 bytes)
Spy Emergency 23.0.205 - Unquoted Service Path Privilege Escalation
PHP Telephone Directory - Multiple Vulnerabilities
Subrion CMS 4.0.5 - Cross-Site Request Forgery Bypass / Persistent Cross-Site Scripting
PHP Image Database - Multiple Vulnerabilities
Simple Shopping Cart Application 0.1 - SQL Injection
PHP NEWS 1.3.0 - Cross-Site Request Forgery (Add Admin)
School Full CBT 0.1 - SQL Injection
PHP Business Directory - Multiple Vulnerabilities
Windows x86 - Keylogger Reverse UDP Shellcode (493 bytes)
Ruby on Rails - Dynamic Render File Upload Remote Code Execution
Microsoft Windows Diagnostics Hub - DLL Load Privilege Escalation (MS16-125)
2016-10-18 05:01:18 +00:00
Offensive Security
01eb066d9d
DB: 2016-10-13
...
11 new exploits
IBM AIX 5.2/5.3 FTP Client - Local Buffer Overflow
Yahoo! Widgets Engine 4.0.3 - YDPCTL.dll ActiveX Control Buffer Overflow
Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin)
Simple PHP Blog 0.8.4 - (Add Admin) Cross-Site Request Forgery
miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post)
miniblog 1.0.1 - (Add New Post) Cross-Site Request Forgery
PHP Press Release - Cross-Site Request Forgery (Add Admin)
PHP Press Release - (Add Admin) Cross-Site Request Forgery
Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post)
Spacemarc News - Cross-Site Request Forgery (Add New Post)
Minecraft Launcher - Insecure File Permissions Privilege Escalation
Maian Weblog 4.0 - (Add New Post) Cross-Site Request Forgery
Spacemarc News - (Add New Post) Cross-Site Request Forgery
Minecraft Launcher 1.6.61 - Insecure File Permissions Privilege Escalation
sheed AntiVirus - Unquoted Service Path Privilege Escalation
AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities
sheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation
AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities
Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit)
Linux Kernel 3.13.1 - 'Recvmmsg' Privilege Escalation (Metasploit)
ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)
ApPHP MicroBlog 1.0.2 - (Add New Author) Cross-Site Request Forgery
Subversion 1.6.6 / 1.6.12 - Code Execution
Cisco Webex Player T29.10 - '.WRF' Use-After-Free Memory Corruption
Cisco Webex Player T29.10 - '.ARF' Out-of-Bounds Memory Corruption
Adobe Flash Player 23.0.0.162 - '.SWF' ConstantPool Critical Memory Corruption
Categorizator 0.3.1 - SQL Injection
NetBilletterie 2.8 - Multiple Vulnerabilities
ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting
OpenCimetiere v3.0.0-a5 - Blind SQL Injection
Android - Binder Generic ASLR Leak
ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery
2016-10-13 05:01:17 +00:00
Offensive Security
fa1b17f699
DB: 2016-09-30
...
1 new exploits
Microsoft Windows - RPC DCOM Remote Exploit (18 Targets)
Microsoft Windows - 'RPC DCOM' Remote Exploit (48 Targets)
Microsoft Windows - 'RPC DCOM' Remote Exploit (1)
Microsoft Windows - 'RPC DCOM' Remote Exploit (2)
Microsoft Windows - 'RPC DCOM' Remote Exploit (Universal Targets)
Microsoft Windows - 'RPC DCOM' Remote Exploit (Universal)
Microsoft Windows 2000/XP - RPC Remote (non exec memory) Exploit
Microsoft Windows 2000/XP - RPC Remote (Non Exec Memory) Exploit
LimeWire 4.1.2 < 4.5.6 - Inappropriate Get Request Remote Exploit
LimeWire 4.1.2 < 4.5.6 - Inappropriate GET Request Remote Exploit
PMSoftware Simple Web Server - (GET Request) Remote Buffer Overflow
PMSoftware Simple Web Server - GET Request Remote Buffer Overflow
CUPS Server 1.1 - (Get Request) Denial of Service
CUPS Server 1.1 - GET Request Denial of Service
BlueCoat WinProxy 6.0 R1c - (GET Request) Denial of Service
BlueCoat WinProxy 6.0 R1c - GET Request Denial of Service
TFTPD32 2.81 - (GET Request) Format String Denial of Service (PoC)
TFTPD32 2.81 - GET Request Format String Denial of Service (PoC)
Fenice Oms 1.10 - (long get request) Remote Buffer Overflow
Fenice Oms 1.10 - Long GET Request Remote Buffer Overflow
Multi-Threaded TFTP 1.1 - (Long Get Request) Denial of Service
Multi-Threaded TFTP 1.1 - Long GET Request Denial of Service
Essentia Web Server 2.15 - (GET Request) Remote Denial of Service
Essentia Web Server 2.15 - GET Request Remote Denial of Service
webdesproxy 0.0.1 - (GET Request) Remote Buffer Overflow
webdesproxy 0.0.1 - GET Request Remote Buffer Overflow
webdesproxy 0.0.1 - (GET Request) Remote Root Exploit (exec-shield)
webdesproxy 0.0.1 - GET Request Remote Root Exploit (exec-shield)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (dnsname)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow
Netgear WGR614v9 - Wireless Router Get Request Denial of Service
Netgear WGR614v9 Wireless Router - GET Request Denial of Service
XBMC 8.10 - (GET Requests) Multiple Remote Buffer Overflow (PoC)
XBMC 8.10 (Windows) - (GET Request) Remote Buffer Overflow
XBMC 8.10 - GET Requests Multiple Remote Buffer Overflow (PoC)
XBMC 8.10 (Windows) - GET Request Remote Buffer Overflow
httpdx 0.5b FTP Server - (USER) Remote Buffer Overflow (SEH)
httpdx 0.5b - FTP Server (USER) Remote Buffer Overflow (SEH)
Zervit Web Server 0.04 - (GET Request) Remote Buffer Overflow (PoC)
Mereo 1.8.0 - (Get Request) Remote Denial of Service
Zervit Web Server 0.04 - GET Request Remote Buffer Overflow (PoC)
Mereo 1.8.0 - GET Request Remote Denial of Service
httpdx 0.5b FTP Server - (CWD) Remote Buffer Overflow (SEH)
httpdx 0.5b - FTP Server (CWD) Remote Buffer Overflow (SEH)
httpdx 0.8 FTP Server - Delete/Get/Create Directories/Files Exploit
httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit
ARD-9808 DVR Card Security Camera - (GET Request) Remote Denial of Service
ARD-9808 DVR Card Security Camera - GET Request Remote Denial of Service
Kolibri+ WebServer 2 - (Get Request) Denial of Service
Kolibri+ WebServer 2 - GET Request Denial of Service
Kolibri+ WebServer 2 - (GET Request) Remote Overwrite (SEH)
Kolibri+ WebServer 2 - GET Request Remote Overwrite (SEH)
httpdx Web Server 1.4 - (Host Header) Remote Format String Denial of Service
httpdx 1.4 - HTTP Server (Host Header) Remote Format String Denial of Service
httpdx 1.4 - Get Request Buffer Overflow
httpdx 1.4 - GET Request Buffer Overflow
Httpdx 1.5.4 - Multiple Denial of Service Vulnerabilities (http-ftp) (PoC)
httpdx 1.5.4 - Multiple Denial of Service Vulnerabilities (http-ftp) (PoC)
HTTPDX - tolog() Function Format String (1)
httpdx - tolog() Function Format String (1)
HTTPDX - tolog() Function Format String (2)
httpdx - tolog() Function Format String (2)
HTTPDX - h_handlepeer() Function Buffer Overflow (Metasploit)
httpdx - h_handlepeer() Function Buffer Overflow (Metasploit)
glibc LD_AUDIT Arbitrary DSO - Load Privilege Escalation
glibc - LD_AUDIT Arbitrary DSO Load Privilege Escalation
Xi Graphics Maximum CDE 1.2.3 & TriTeal TED CDE 4.3 & Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)
Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)
httpdx 1.5.4 - Remote HTTP Server Denial of Service
httpdx 1.5.4 - HTTP Server Remote Denial of Service
Working Resources BadBlue 1.7.3 - Get Request Denial of Service
Working Resources BadBlue 1.7.3 - GET Request Denial of Service
KeepNote 0.7.8 - Command Execution
My Web Server 1.0.1/1.0.2 - Long Get Request Denial of Service
My Web Server 1.0.1/1.0.2 - Long GET Request Denial of Service
Snowblind Web Server 1.0/1.1 - (GET Request) Buffer Overflow
Snowblind Web Server 1.0/1.1 - GET Request Buffer Overflow
Proxomitron Proxy Server - Long Get Request Remote Denial of Service
Proxomitron Proxy Server - Long GET Request Remote Denial of Service
2016-09-30 05:01:16 +00:00
Offensive Security
d86bdf5f80
DB: 2016-09-29
...
2 new exploits
Symantec Messaging Gateway 10.6.1 - Directory Traversal
VLC Media Player 2.2.1 - Buffer Overflow
2016-09-29 05:01:16 +00:00
Offensive Security
12047d93f1
DB: 2016-09-23
...
9 new exploits
Slackware Linux 3.5 - /etc/group Missing Privilege Escalation
Slackware Linux 3.5 - Missing /etc/group Privilege Escalation
Matrimonial Website Script 1.0.2 - SQL Injection
Metasploit Web UI - Diagnostic Console Command Execution
Kerio Control Unified Threat Management 9.1.0 build 1087_ 9.1.1 build 1324 - Multiple Vulnerabilities
Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection
Exponent CMS 2.3.9 - Blind SQL Injection
JCraft/JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal
AnyDesk 2.5.0 - Unquoted Service Path Privilege Escalation
Kerberos in Microsoft Windows - Security Feature Bypass (MS16-101)
phpWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion
phpWebSite 0.10.2 - 'PHPWS_SOURCE_DIR' Parameter Multiple Remote File Inclusion
Multiple WordPress Plugins (Using TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution
Multiple WordPress Plugins (TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution
Microix Timesheet Module - SQL Injection
Kaltura Community Edition <=11.1.0-2 - Multiple Vulnerabilities
Kaltura Community Edition <= 11.1.0-2 - Multiple Vulnerabilities
2016-09-23 05:05:20 +00:00
Offensive Security
b8ebed3824
DB: 2016-09-22
...
6 new exploits
Setuid perl - PerlIO_Debug() Root owned file creation
Setuid perl - PerlIO_Debug() Root Owned File Creation Privilege Escalation
Kaltura 11.1.0-2 - Remote Code Execution (Metasploit)
Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Root Exploit
Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Privilege Escalation
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Root Exploit (5)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5)
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Root Exploit (1)
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Privilege Escalation (1)
VideoCache 1.9.2 - vccleaner Root
VideoCache 1.9.2 - 'vccleaner' Privilege Escalation
UK One Media CMS - 'id' Error Based SQL Injection
UK One Media CMS - 'id' Error-Based SQL Injection
xt:Commerce Gambio 2008 < 2010 - 'reviews.php' ERROR Based SQL Injection
xt:Commerce Gambio 2008 < 2010 - 'reviews.php' Error-Based SQL Injection
Axis2 - / SAP BusinessObjects Authenticated Code Execution (via SOAP)
Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP)
Ultimate eShop - Error Based SQL Injection
Ultimate eShop - Error-Based SQL Injection
WordPress Plugin Multiple - timthumb.php Vulnerabilities
Multiple WordPress Plugins - timthumb.php File Upload
Linux Kernel 2.0/2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service
Slackware Linux 3.5 - /etc/group missing results in Root access
Slackware Linux 3.5 - /etc/group Missing Privilege Escalation
Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service
Sudo 1.6.3 - Unclean Environment Variable Root Program Execution
Sudo 1.6.3 - Unclean Environment Variable Privilege Escalation
Linux Kernel 2.0.x/2.2.x/2.4.x / FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure
Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
Microsoft Office PowerPoint 2010 - Invalid Pointer Reference
Symantec rar Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write
sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURemote Code Execution Bypass
sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Privilege Escalation + glibc FORTIFY_SOURCE Bypass
Microweber 0.905 - Error Based SQL Injection
Microweber 0.905 - Error-Based SQL Injection
WordPress Theme TimThumb 2.8.13 WebShot Plugin/ - Remote Code Execution
Multiple WordPress Plugins (Using TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution
2016-09-22 05:06:28 +00:00
Offensive Security
235761b103
DB: 2016-09-20
...
12 new exploits
OpenSSL ASN.1<= 0.9.6j 0.9.7b - Brute Forcer for Parsing Bugs
OpenSSL ASN.1 <= 0.9.6j / 0.9.7b - Brute Forcer for Parsing Bugs
ZineBasic 1.1 - Arbitrary File Disclosure
SolarWinds Kiwi CatTools 3.11.0 - Unquoted Service Path Privilege Escalation
VMware Workstation - vprintproxy.exe JPEG2000 Images Multiple Memory Corruptions
VMware Workstation - vprintproxy.exe TrueType NAME Tables Heap Buffer Overflow
MuM MapEdit 3.2.6.0 - Multiple Vulnerabilities
MyBB 1.8.6 - SQL Injection
Kajona 4.7 - Cross-Site Scripting / Directory Traversal
Docker Daemon - Privilege Escalation (Metasploit)
SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation
EKG Gadu 1.9~pre+r2855-3+b1 - Local Buffer Overflow
WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure
PHP 5.0.0 - 'tidy_parse_file()' Buffer Overflow
2016-09-20 05:07:15 +00:00
Offensive Security
d5138d6962
DB: 2016-09-14
...
17 new exploits
Microsoft Windows Media Player 7.0 - '.wms' Arbitrary Script
Cherry Music 0.35.1 - Arbitrary File Disclosure
Battle.Net 1.5.0.7963 - Insecure File Permissions Privilege Escalation
Windows x86 - Password Protected TCP Bind Shell (637 bytes)
wdCalendar 2 - SQL Injection
Zapya Desktop 1.803 - (ZapyaService.exe) Privilege Escalation
Exper EWM-01 ADSL/MODEM - Unauthenticated DNS Change
Open-Xchange App Suite 7.8.2 - Cross Site Scripting
Open-Xchange Guard 2.4.2 - Multiple Cross Site Scripting
Multiple Icecream Apps - Insecure File Permissions Privilege Escalation
WinSMS 3.43 - Insecure File Permissions Privilege Escalation
Microsoft Internet Explorer 11.0.9600.18482 - Use After Free
AIOCP 1.3.x - 'cp_dpage.php' Full Path Disclosure
AIOCP 1.3.x - Multiple Vulnerabilities
ASUS DSL-X11 ADSL Router - Unauthenticated DNS Change
COMTREND ADSL Router CT-5367 C01_R12_ CT-5624 C01_R03 - Unauthenticated DNS Change
Tenda ADSL2/2+ Modem 963281TAN - Unauthenticated DNS Change
PLANET VDR-300NU ADSL Router - Unauthenticated DNS Change
PIKATEL 96338WS_ 96338L-2M-8M - Unauthenticated DNS Change
Inteno EG101R1 VoIP Router - Unauthenticated DNS Change
2016-09-14 05:08:39 +00:00
Offensive Security
d36011b4f9
DB: 2016-09-07
...
3 new exploits
Too many to list!
2016-09-07 05:09:19 +00:00
Offensive Security
5e2fc10125
DB: 2016-09-03
2016-09-03 13:13:25 +00:00
Offensive Security
31a21bb68d
DB: 2016-09-03
...
14 new exploits
Too many to list!
2016-09-03 05:08:42 +00:00
Offensive Security
3a2154afbd
DB: 2016-09-01
...
15 new exploits
WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Dislcosure/Arbitrary File Upload
PHP 5.0.0 - snmpwalkoid() Local Denial of Service
PHP 5.0.0 - fbird_[p]connect() Local Denial of Service
PHP 5.0.0 - snmpwalk() Local Denial of Service
PHP 5.0.0 - snmprealwalk() Local Denial of Service
PHP 5.0.0 - snmpset() Local Denial of Service
PHP 7.0 - AppendIterator::append Local Denial of Service
ZKTeco ZKTime.Net 3.0.1.6 - Insecure File Permissions Privilege Escalation
ZKTeco ZKAccess Professional 3.5.3 - Insecure File Permissions Privilege Escalation
ZKTeco ZKBioSecurity 3.0 - Hardcoded Credentials Remote SYSTEM Code Execution
ZKTeco ZKBioSecurity 3.0 - (Add Superadmin) Cross-Site Request Forgery
ZKTeco ZKBioSecurity 3.0 - Directory Traversal
ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authorization Bypass
ZKTeco ZKAccess Security System 5.3.1 - Persistent Cross-Site Scripting
PHP 7.0 - JsonSerializable::jsonSerialize json_encode Local Denial of Service
2016-09-01 05:08:40 +00:00
Offensive Security
1f0c845486
DB: 2016-08-31
...
3 new exploits
Too many to list!
2016-08-31 05:07:37 +00:00
Offensive Security
760d823bc8
DB: 2016-08-30
...
18 new exploits
Too many to list!
2016-08-30 05:08:40 +00:00
Offensive Security
5be2377b41
DB: 2016-08-18
...
4 new exploits
Apache 2.0.44 (Linux) - Remote Denial of Service Exploit
Apache 2.0.44 (Linux) - Remote Denial of Service
Chindi Server 1.0 - Denial of Service Exploit
Chindi Server 1.0 - Denial of Service
Xeneo Web Server 2.2.9.0 - Denial of Service Exploit
Xeneo Web Server 2.2.9.0 - Denial of Service
Microsoft Windows IIS 5.0 < 5.1 - Remote Denial of Service Exploit
Microsoft Windows IIS 5.0 < 5.1 - Remote Denial of Service
Cisco IOS - IPv4 Packets Denial of Service Exploit
Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service Exploit
Microsoft Windows 2000 - RPC DCOM Interface DoS Exploit
Cisco IOS - (using hping) Remote Denial of Service Exploit
Cisco IOS - IPv4 Packets Denial of Service
Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service
Microsoft Windows 2000 - RPC DCOM Interface Denial of Service
Cisco IOS - (using hping) Remote Denial of Service
Linux Kernel 2.4.20 - decode_fh Denial of Service Exploit
Linux Kernel 2.4.20 - decode_fh Denial of Service
Trillian 0.74 - Remote Denial of Service Exploit
Trillian 0.74 - Remote Denial of Service
Piolet Client 1.05 - Remote Denial of Service Exploit
Piolet Client 1.05 - Remote Denial of Service
Microsoft Windows Messenger Service - Denial of Service Exploit (MS03-043)
Microsoft Windows Messenger Service - Denial of Service (MS03-043)
wu-ftpd 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service Exploit
wu-ftpd 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service
Eznet 3.5.0 - Remote Stack Overflow / Denial of Service Exploit
Eznet 3.5.0 - Remote Stack Overflow / Denial of Service
Ethereal - EIGRP Dissector TLV_IP_INT Long IP Remote DoS Exploit
Ethereal - EIGRP Dissector TLV_IP_INT Long IP Remote Denial of Service
Microsoft Windows IIS - SSL Remote Denial of Service Exploit (MS04-011)
Microsoft Windows IIS - SSL Remote Denial of Service (MS04-011)
Microsoft Windows - 'Jolt2.c' Denial of Service Exploit
Microsoft Windows - 'Jolt2.c' Denial of Service
ProFTPD 1.2.0pre10 - Remote Denial of Service Exploit
ProFTPD 1.2.0pre10 - Remote Denial of Service
APC UPS 3.7.2 - (apcupsd) Local Denial of Service Exploit
APC UPS 3.7.2 - (apcupsd) Local Denial of Service
Novell BorderManager Enterprise Edition 3.5 - Denial of Service Exploit
Novell BorderManager Enterprise Edition 3.5 - Denial of Service
Linux Kernel 2.6.3 - 'setsockopt' Local Denial of Service Exploit
Linux Kernel 2.6.3 - 'setsockopt' Local Denial of Service
Emule 0.42e Remote Denial of Service Exploit
Emule 0.42e Remote Denial of Service
Linux Kernel 2.4.x / 2.6.x - Assembler Inline Function Local DoS Exploit
Linux Kernel 2.4.x / 2.6.x - Assembler Inline Function Local Denial of Service
Ping of Death Remote Denial of Service Exploit
Ping of Death Remote Denial of Service
Microsoft Windows NT Crash with an Extra Long Username DoS Exploit
Microsoft Windows NT Crash with an Extra Long Username Denial of Service
TCP SYN - 'bang.c' Denial of Service Exploit
UDP Stress Tester Denial of Service Exploit
TCP SYN - 'bang.c' Denial of Service
UDP Stress Tester Denial of Service
OverByte ICS FTP Server Remote Denial of Service Exploit
OverByte ICS FTP Server Remote Denial of Service
Xitami Web Server Denial of Service Exploit
Xitami Web Server Denial of Service
Microsoft Internet Explorer - Denial of Service Exploit (11 bytes)
Microsoft Windows SMS 2.0 - Denial of Service Exploit
Microsoft Internet Explorer - Denial of Service (11 bytes)
Microsoft Windows SMS 2.0 - Denial of Service
Citadel/UX Remote Denial of Service Exploit (PoC)
Citadel/UX Remote Denial of Service (PoC)
psyBNC 2.3 - Denial of Service Exploit
psyBNC 2.3 - Denial of Service
Microsoft Messenger - Denial of Service Exploit (MS03-043) (Linux)
Microsoft Messenger - Denial of Service (MS03-043) (Linux)
BadBlue 2.52 Web Server - Multiple Connections Denial of Service Exploit
BadBlue 2.52 Web Server - Multiple Connections Denial of Service
Painkiller 1.3.1 - Denial of Service Exploit
Easy File Sharing Webserver 1.25 - Denial of Service Exploit
Painkiller 1.3.1 - Denial of Service
Easy File Sharing Webserver 1.25 - Denial of Service
WFTPD Pro Server 3.21 MLST Remote Denial of Service Exploit
CesarFTP Server Long Command Denial of Service Exploit
Ground Control 1.0.0.7 - (Server/Client) Denial of Service Exploit
WFTPD Pro Server 3.21 MLST Remote Denial of Service
CesarFTP Server Long Command Denial of Service
Ground Control 1.0.0.7 - (Server/Client) Denial of Service
Call of Duty 1.4 - Denial of Service Exploit
Call of Duty 1.4 - Denial of Service
Serv-U < 5.2 - Remote Denial of Service Exploit
Serv-U < 5.2 - Remote Denial of Service
Pigeon Server 3.02.0143 - Denial of Service Exploit
Pigeon Server 3.02.0143 - Denial of Service
Emulive Server4 7560 - Remote Denial of Service Exploit
Emulive Server4 7560 - Remote Denial of Service
PopMessenger 1.60 - Remote Denial of Service Exploit
PopMessenger 1.60 - Remote Denial of Service
MyServer 0.7.1 - (POST) Denial of Service Exploit
MyServer 0.7.1 - (POST) Denial of Service
MSSQL 7.0 - Remote Denial of Service Exploit
MSSQL 7.0 - Remote Denial of Service
Microsoft Windows NNTP Service (XPAT) Denial of Service Exploit (MS04-036)
Microsoft Windows NNTP Service (XPAT) Denial of Service (MS04-036)
Microsoft Windows IIS - WebDAV XML Denial of Service Exploit (MS04-030)
Microsoft Windows IIS - WebDAV XML Denial of Service (MS04-030)
BaSoMail Server 1.24 POP3/SMTP Remote Denial of Service Exploit
BaSoMail Server 1.24 POP3/SMTP Remote Denial of Service
BaSoMail - Multiple Buffer Overflow Denial of Service Exploit
BaSoMail - Multiple Buffer Overflow Denial of Service
Master of Orion III 1.2.5 - Denial of Service Exploit
Master of Orion III 1.2.5 - Denial of Service
Alpha Black Zero 1.04 - Remote Denial of Service Exploit
Alpha Black Zero 1.04 - Remote Denial of Service
Flash Messaging 5.2.0g - Remote Denial of Service Exploit
Flash Messaging 5.2.0g - Remote Denial of Service
WinFTP Server 1.6 - Denial of Service Exploit
Kerio Personal Firewall 4.1.1 - Multiple IP Options DoS Exploit
WinFTP Server 1.6 - Denial of Service
Kerio Personal Firewall 4.1.1 - Multiple IP Options Denial of Service
NetNote Server 2.2 build 230 - Crafted String DoS Exploit
NetNote Server 2.2 build 230 - Crafted String Denial of Service
Secure Network Messenger 1.4.2 - Denial of Service Exploit
Secure Network Messenger 1.4.2 - Denial of Service
Soldier of Fortune II 1.3 Server/Client - Denial of Service Exploit
Soldier of Fortune II 1.3 Server/Client - Denial of Service
Star Wars Battlefront 1.1 - Fake Players Denial of Service Exploit
Star Wars Battlefront 1.1 - Fake Players Denial of Service
3Dmax 6.x backburner Manager 2.2 - Denial of Service Exploit
3Dmax 6.x backburner Manager 2.2 - Denial of Service
Jana Server 2.4.4 - (http/pna) Denial of Service Exploit
Jana Server 2.4.4 - (http/pna) Denial of Service
Neverwinter Nights special Fake Players Denial of Service Exploit
Kreed 1.05 - Format String / Denial of Service Exploit
Neverwinter Nights special Fake Players Denial of Service
Kreed 1.05 - Format String / Denial of Service
Codename Eagle 1.42 - Socket Unreacheable DoS Exploit
Codename Eagle 1.42 - Socket Unreacheable Denial of Service
Linux Kernel 2.4.28 / 2.6.9 - scm_send Local DoS Exploit
Linux Kernel 2.6.9 / 2.4.22-28 - 'igmp.c' Local Denial of Service Exploit
Linux Kernel 2.4.28 / 2.6.9 - scm_send Local Denial of Service
Linux Kernel 2.6.9 / 2.4.22-28 - 'igmp.c' Local Denial of Service
Ricoh Aficio 450/455 PCL 5e Printer ICMP Denial of Service Exploit
Ricoh Aficio 450/455 PCL 5e Printer ICMP Denial of Service
SOLDNER Secret Wars 30830 - Denial of Service Exploit
SOLDNER Secret Wars 30830 - Denial of Service
iWebNegar 1.1 - Configuration Nullification Denial of Service Exploit
iWebNegar 1.1 - Configuration Nullification Denial of Service
Gore 1.50 - Socket Unreacheable Denial of Service Exploit
Gore 1.50 - Socket Unreacheable Denial of Service
TinyWeb 1.9 - Denial of Service Exploit
TinyWeb 1.9 - Denial of Service
ngIRCd 0.8.1 - Remote Denial of Service Exploit (2)
ngIRCd 0.8.1 - Remote Denial of Service (2)
Foxmail 2.0 - (MAIL FROM:) Denial of Service Exploit
Foxmail 2.0 - (MAIL FROM:) Denial of Service
Mac OS X AppleFileServer Remote Denial of Service Exploit
Mac OS X AppleFileServer Remote Denial of Service
webconnect 6.4.4 < 6.5 - Directory Traversal / Denial of Service Exploit
webconnect 6.4.4 < 6.5 - Directory Traversal / Denial of Service
wu-ftpd 2.6.2 - File Globbing Denial of Service Exploit
Knet 1.04c - Buffer Overflow Denial of Service Exploit
wu-ftpd 2.6.2 - File Globbing Denial of Service
Knet 1.04c - Buffer Overflow Denial of Service
Scrapland 1.0 - Server Termination Denial of Service Exploit
Scrapland 1.0 - Server Termination Denial of Service
Apache 2.0.52 - HTTP GET request Denial of Service Exploit
Apache 2.0.52 - HTTP GET request Denial of Service
Microsoft Windows 2003/XP - Remote Denial of Service Exploit
Microsoft Windows 2003/XP - Remote Denial of Service
OpenBSD 2.0 - 3.6 TCP TIMESTAMP Remote Denial of Service Exploit
OpenBSD 2.0 - 3.6 TCP TIMESTAMP Remote Denial of Service
Freeciv Server 2.0.0beta8 - Denial of Service Exploit
Freeciv Server 2.0.0beta8 - Denial of Service
PlatinumFTP 1.0.18 - Multiple Remote Denial of Service Exploit
MailEnable 1.8 - Remote Format String Denial of Service Exploit
phpDEV5 - System-Call Local Denial of Service Exploit
PlatinumFTP 1.0.18 - Multiple Remote Denial of Service
MailEnable 1.8 - Remote Format String Denial of Service
phpDEV5 - System-Call Local Denial of Service
MCPWS Personal WebServer 1.3.21 - Denial of Service Exploit
MCPWS Personal WebServer 1.3.21 - Denial of Service
Ocean FTP Server 1.00 - Denial of Service Exploit
Ocean FTP Server 1.00 - Denial of Service
SPECTral Personal SMTP Server 0.4.2 - Denial of Service Exploit
SPECTral Personal SMTP Server 0.4.2 - Denial of Service
Linux Kernel 2.6.10 - Local Denial of Service Exploit
Linux Kernel 2.6.10 - Local Denial of Service
ArGoSoft FTP Server 1.4.2.8 - Denial of Service Exploit
ArGoSoft FTP Server 1.4.2.8 - Denial of Service
Linux Kernel PPC64/IA64 (AIO) - Local Denial of Service Exploit
Linux Kernel PPC64/IA64 (AIO) - Local Denial of Service
MailEnable Enterprise 1.x - SMTP Remote Denial of Service Exploit
MailEnable Enterprise 1.x - SMTP Remote Denial of Service
Yager 5.24 - Multiple Denial of Service Exploit
Microsoft Windows - Malformed IP Options DoS Exploit (MS05-019)
Yager 5.24 - Multiple Denial of Service
Microsoft Windows - Malformed IP Options Denial of Service (MS05-019)
PostgreSQL 8.01 - Remote Reboot Denial of Service Exploit
PostgreSQL 8.01 - Remote Reboot Denial of Service
Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages DoS Exploit
Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service
Ethereal 0.10.10 / tcpdump 3.9.1 - (rsvp_print) Infinite Loop Denial of Service Exploit
Tcpdump 3.8.x - (ldp_print) Infinite Loop Denial of Service Exploit
Tcpdump 3.8.x - (rt_routing_info) Infinite Loop Denial of Service Exploit
Tcpdump 3.8.x/3.9.1 - (isis_print) Infinite Loop DoS Exploit
Ethereal 0.10.10 / tcpdump 3.9.1 - (rsvp_print) Infinite Loop Denial of Service
Tcpdump 3.8.x - (ldp_print) Infinite Loop Denial of Service
Tcpdump 3.8.x - (rt_routing_info) Infinite Loop Denial of Service
Tcpdump 3.8.x/3.9.1 - (isis_print) Infinite Loop Denial of Service
Ashley's Web Server Denial of Service Exploit
Ashley's Web Server Denial of Service
DataTrac Activity Console Denial of Service Exploit
Ethereal 0.10.10 - (dissect_ipc_state) Remote Denial of Service Exploit
DataTrac Activity Console Denial of Service
Ethereal 0.10.10 - (dissect_ipc_state) Remote Denial of Service
Remote File Manager 1.0 - Denial of Service Exploit
Remote File Manager 1.0 - Denial of Service
Linux Kernel 2.6.12-rc4 - (ioctl_by_bdev) Local Denial of Service Exploit
Linux Kernel 2.6.12-rc4 - (ioctl_by_bdev) Local Denial of Service
Microsoft Windows 2003/XP - IPv6 Remote Denial of Service Exploit
Microsoft Windows 2003/XP - IPv6 Remote Denial of Service
TCP TIMESTAMPS Denial of Service Exploit
TCP TIMESTAMPS Denial of Service
FutureSoft TFTP Server 2000 - Remote Denial of Service Exploit
FutureSoft TFTP Server 2000 - Remote Denial of Service
Tcpdump bgp_update_print Remote Denial of Service Exploit
Tcpdump bgp_update_print Remote Denial of Service
TCP-IP Datalook 1.3 - Local Denial of Service Exploit
TCP-IP Datalook 1.3 - Local Denial of Service
UBB Threads < 6.5.2 Beta (mailthread.php) SQL Injection Exploit
UBB Threads < 6.5.2 Beta - (mailthread.php) SQL Injection Exploit
TCP Chat (TCPX) 1.0 - Denial of Service Exploit
TCP Chat (TCPX) 1.0 - Denial of Service
PrivaShare 1.3 - Denial of Service Exploit
AnalogX SimpleServer:WWW 1.05 - Denial of Service Exploit
PrivaShare 1.3 - Denial of Service
AnalogX SimpleServer:WWW 1.05 - Denial of Service
Remote File Explorer 1.0 - Denial of Service Exploit
wMailServer 1.0 - Remote Denial of Service Exploit
Remote File Explorer 1.0 - Denial of Service
wMailServer 1.0 - Remote Denial of Service
Microsoft Windows Netman Service Local Denial of Service Exploit
NetPanzer 0.8 - Remote Denial of Service Exploit
Microsoft Windows Netman Service Local Denial of Service
NetPanzer 0.8 - Remote Denial of Service
Remote Control Server 1.6.2 - Denial of Service Exploit
Remote Control Server 1.6.2 - Denial of Service
DzSoft PHP Editor 3.1.2.8 - Denial of Service Exploit
DzSoft PHP Editor 3.1.2.8 - Denial of Service
Intruder Client 1.00 - Remote Command Execution & DoS Exploit
Intruder Client 1.00 - Remote Command Execution & Denial of Service
FTPshell Server 3.38 - Remote Denial of Service Exploit
FTPshell Server 3.38 - Remote Denial of Service
BusinessMail Server 4.60.00 - Remote Denial of Service Exploit
BusinessMail Server 4.60.00 - Remote Denial of Service
Quick 'n EasY 3.0 FTP Server Remote Denial of Service Exploit
Quick 'n EasY 3.0 FTP Server Remote Denial of Service
Acunetix HTTP Sniffer - Denial of Service Exploit
Acunetix HTTP Sniffer - Denial of Service
Microsoft Windows XP SP2 - (rdpwd.sys) Remote Kernel DoS Exploit
Microsoft Windows XP SP2 - (rdpwd.sys) Remote Kernel Denial of Service
Grandstream Budge Tone 101/102 VOIP Phone Denial of Service Exploit
Grandstream Budge Tone 101/102 VOIP Phone Denial of Service
Chris Moneymakers World Poker Championship 1.0 DoS Exploit
GTChat 0.95 Alpha - Remote Denial of Service Exploit
Chris Moneymakers World Poker Championship 1.0 Denial of Service
GTChat 0.95 Alpha - Remote Denial of Service
GoodTech SMTP Server 5.14 - Denial of Service Exploit
IA eMailServer Corporate Edition 5.2.2 - DoS Exploit
GoodTech SMTP Server 5.14 - Denial of Service
IA eMailServer Corporate Edition 5.2.2 - Denial of Service
GTChat 0.95 Alpha - (adduser) Remote Denial of Service Exploit
Ventrilo 2.3.0 - Remote Denial of Service Exploit (all platforms)
GTChat 0.95 Alpha - (adduser) Remote Denial of Service
Ventrilo 2.3.0 - Remote Denial of Service (all platforms)
Battlefield (BFCC/BFVCC/BF2CC) - Login Bypass/Pass Stealer/DoS Exploit
Battlefield (BFCC/BFVCC/BF2CC) - Login Bypass/Pass Stealer/Denial of Service
P2P Pro 1.0 - (command) Denial of Service Exploit
P2P Pro 1.0 - (command) Denial of Service
CUPS Server 1.1 - (Get Request) Denial of Service Exploit
CUPS Server 1.1 - (Get Request) Denial of Service
BNBT BitTorrent EasyTracker 7.7r3 - Denial of Service Exploit
BNBT BitTorrent EasyTracker 7.7r3 - Denial of Service
COOL! Remote Control 1.12 - Remote Denial of Service Exploit
Snort 2.4.0 SACK TCP Option Error Handling Denial of Service Exploit
COOL! Remote Control 1.12 - Remote Denial of Service
Snort 2.4.0 SACK TCP Option Error Handling Denial of Service
Stoney FTPd Denial of Service Exploit (rxBot mods ftpd)
Stoney FTPd Denial of Service (rxBot mods ftpd)
Fastream NETFile Web Server 7.1.2 - (HEAD) DoS Exploit
Fastream NETFile Web Server 7.1.2 - (HEAD) Denial of Service
MCCS (Multi-Computer Control Systems) Command DoS Exploit
MCCS (Multi-Computer Control Systems) Command Denial of Service
Mozilla Firefox 1.0.7 - Integer Overflow Denial of Service Exploit
Mozilla Firefox 1.0.7 - Integer Overflow Denial of Service
Virtools Web Player 3.0.0.100 - Buffer Overflow DoS Exploit
Virtools Web Player 3.0.0.100 - Buffer Overflow Denial of Service
RBExplorer 1.0 - (Hijacking Command) Denial of Service Exploit
RBExplorer 1.0 - (Hijacking Command) Denial of Service
Mozilla (Firefox 1.0.7) (Thunderbird 1.0.6) Denial of Service Exploit
Opera 8.02 - Remote Denial of Service Exploit (1)
Opera 8.02 - Remote Denial of Service Exploit (2)
Mozilla (Firefox 1.0.7) (Thunderbird 1.0.6) Denial of Service
Opera 8.02 - Remote Denial of Service (1)
Opera 8.02 - Remote Denial of Service (2)
Mozilla (Firefox 1.0.7) (Mozilla 1.7.12) Denial of Service Exploit
Mozilla (Firefox 1.0.7) (Mozilla 1.7.12) Denial of Service
Microsoft Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047)
Microsoft Windows Plug-and-Play (Umpnpmgr.dll) Denial of Service (MS05-047)
Microsoft Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047) (2)
Microsoft Windows Plug-and-Play (Umpnpmgr.dll) Denial of Service (MS05-047) (2)
Microsoft Internet Explorer 6.0 - (mshtmled.dll) Denial of Service Exploit
Microsoft Internet Explorer 6.0 - (mshtmled.dll) Denial of Service
Battle Carry .005 Socket Termination Denial of Service Exploit
Blitzkrieg 2 <= 1.21 - (server/client) Denial of Service Exploit
FlatFrag 0.3 - Buffer Overflow / Denial of Service Exploit
Battle Carry .005 Socket Termination Denial of Service
Blitzkrieg 2 <= 1.21 - (server/client) Denial of Service
FlatFrag 0.3 - Buffer Overflow / Denial of Service
Microsoft Windows 2000 - UPNP (getdevicelist) Memory Leak DoS Exploit
Microsoft Windows 2000 - UPNP (getdevicelist) Memory Leak Denial of Service
Macromedia Flash Plugin 7.0.19.0 - (Action) Denial of Service Exploit
Macromedia Flash Plugin 7.0.19.0 - (Action) Denial of Service
Cisco PIX Spoofed TCP SYN Packets Remote Denial of Service Exploit
FreeFTPD 1.0.10 - (PORT Command) Denial of Service Exploit
Cisco PIX Spoofed TCP SYN Packets Remote Denial of Service
FreeFTPD 1.0.10 - (PORT Command) Denial of Service
Microsoft Windows Metafile (gdi32.dll) Denial of Service Exploit (MS05-053)
Xaraya 1.0.0 RC4 - create() Denial of Service Exploit
Microsoft Windows Metafile - (mtNoObjects) Denial of Service Exploit (MS05-053)
Microsoft Windows Metafile (gdi32.dll) Denial of Service (MS05-053)
Xaraya 1.0.0 RC4 - create() Denial of Service
Microsoft Windows Metafile - (mtNoObjects) Denial of Service (MS05-053)
SugarSuite Open Source 4.0beta Remote Code Execution Exploit
SugarSuite Open Source 4.0beta - Remote Code Execution Exploit
Macromedia Flash Media Server 2 - Remote Denial of Service Exploit
Macromedia Flash Media Server 2 - Remote Denial of Service
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (Perl)
Microsoft Windows IIS - Malformed HTTP Request Denial of Service
Microsoft Windows IIS - Malformed HTTP Request Denial of Service (Perl)
BZFlag 2.0.4 - (undelimited string) Denial of Service Exploit
BZFlag 2.0.4 - (undelimited string) Denial of Service
Microsoft Internet Explorer 6.0 - (mshtml.dll div) Denial of Service Exploit
Microsoft Internet Explorer 6.0 - (mshtml.dll div) Denial of Service
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (cpp)
Microsoft Windows IIS - Malformed HTTP Request Denial of Service (cpp)
BlueCoat WinProxy 6.0 R1c (GET Request) Denial of Service Exploit
BlueCoat WinProxy 6.0 R1c (GET Request) Denial of Service
Cisco IP Phone 7940 - (Reboot) Denial of Service Exploit
Cisco IP Phone 7940 - (Reboot) Denial of Service
Cerberus FTP Server 2.32 - Denial of Service Exploit
Cerberus FTP Server 2.32 - Denial of Service
Arescom NetDSL-1000 - (telnetd) Remote Denial of Service Exploit
Arescom NetDSL-1000 - (telnetd) Remote Denial of Service
Sony/Ericsson Bluetooth (Reset Display) Denial of Service Exploit
Sony/Ericsson Bluetooth (Reset Display) Denial of Service
Half-Life CSTRIKE Server 1.6 (Non Steam) - Denial of Service Exploit
Half-Life CSTRIKE Server 1.6 (Non Steam) - Denial of Service
Invision Power Board 2.1.4 - (Register Users) Denial of Service Exploit
Invision Power Board 2.1.4 - (Register Users) Denial of Service
D-Link Wireless Access Point (Fragmented UDP) DoS Exploit
D-Link Wireless Access Point (Fragmented UDP) Denial of Service
PunBB 2.0.10 - (Register Multiple Users) Denial of Service Exploit
PunBB 2.0.10 - (Register Multiple Users) Denial of Service
Lansuite 2.1.0 Beta (fid) SQL Injection Exploit
Lansuite 2.1.0 Beta - (fid) SQL Injection Exploit
FreeBSD 6.0 - (nfsd) Remote Kernel Panic Denial of Service Exploit
FreeBSD 6.0 - (nfsd) Remote Kernel Panic Denial of Service
LieroX 0.62b Remote Server/Client Denial of Service Exploit
LieroX 0.62b Remote Server/Client Denial of Service
Guppy 4.5.11 - (Delete Databases) Remote Denial of Service Exploit
Guppy 4.5.11 - (Delete Databases) Remote Denial of Service
Mercur Mailserver 5.0 SP3 - (IMAP) Denial of Service Exploit
Mercur Mailserver 5.0 SP3 - (IMAP) Denial of Service
Microsoft Windows 2003/XP - (IGMP v3) Denial of Service Exploit (MS06-007)
Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007)
Microsoft Windows 2003/XP - (IGMP v3) Denial of Service Exploit (MS06-007) (2)
Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) (2)
Vavoom 1.19.1 - Multiple Vulnerabilities/Denial of Service Exploit
csDoom 0.7 - Multiple Vulnerabilities/Denial of Service Exploit
Vavoom 1.19.1 - Multiple Vulnerabilities/Denial of Service
csDoom 0.7 - Multiple Vulnerabilities/Denial of Service
Plogger Beta 2.1 Administrative Credentials Disclosure Exploit
Plogger Beta 2.1 - Administrative Credentials Disclosure Exploit
Linux Kernel 2.6.x - sys_timer_create() Local Denial of Service Exploit
Linux Kernel 2.6.x - sys_timer_create() Local Denial of Service
Neon Responder 5.4 - (Clock Synchronization) Denial of Service Exploit
Neon Responder 5.4 - (Clock Synchronization) Denial of Service
Mambo 4.5.3 & Joomla 1.0.7 - (feed) Path Disclosure / Denial of Service Exploit
Mambo 4.5.3 & Joomla 1.0.7 - (feed) Path Disclosure / Denial of Service
OCE 3121/3122 Printer (parser.exe) Denial of Service Exploit
OCE 3121/3122 Printer (parser.exe) Denial of Service
phpMyAgenda 3.0 Final - (rootagenda) Remote Include
phpMyAgenda 3.0 Final - (rootagenda) Remote File Inclusion
Empire 4.3.2 - (strncat) Denial of Service Exploit
Genecys 0.2 - (BoF/NULL pointer) Denial of Service Exploit
Empire 4.3.2 - (strncat) Denial of Service
Genecys 0.2 - (BoF/NULL pointer) Denial of Service
GNUnet 0.7.0d - (Empty UDP Packet) Remote Denial of Service Exploit
GNUnet 0.7.0d - (Empty UDP Packet) Remote Denial of Service
Mozilla Firefox 1.5.0.3 - (Loop) Denial of Service Exploit
phpBazar 2.1.0 - Remote File Include / Auth Bypass
Mozilla Firefox 1.5.0.3 - (Loop) Denial of Service
phpBazar 2.1.0 - Remote File Inclusion / Auth Bypass
portmap 5 beta (Set/Dump) Local Denial of Service Exploit
portmap 5 beta - (Set/Dump) Local Denial of Service
Back-End CMS 0.7.2.2 - (BE_config.php) Remote Include
Back-End CMS 0.7.2.2 - (BE_config.php) Remote File Inclusion
tinyBB 0.3 - Remote File Include / SQL Injection
tinyBB 0.3 -Remote File Inclusion / SQL Injection
F@cile Interactive Web 0.8x - Remote File Include / XSS
F@cile Interactive Web 0.8x - Remote File Inclusion / XSS
PHP-Nuke 7.9 Final (phpbb_root_path) Remote File Inclusions
PHP-Nuke 7.9 Final - (phpbb_root_path) Remote File Inclusions
LifeType 1.0.4 - Multiple Vulnerabilities
LifeType 1.0.4 - SQL Injection
Back-End CMS 0.7.2.1 - (jpcache.php) Remote Include
Back-End CMS 0.7.2.1 - (jpcache.php) Remote File Inclusion
Opera Web Browser 9.00 - (iframe) Remote Denial of Service Exploit
Opera Web Browser 9.00 - (iframe) Remote Denial of Service
ImgSvr 0.6.5 - (long http post) Denial of Service Exploit
ImgSvr 0.6.5 - (long http post) Denial of Service
SimpleBoard Mambo Component 1.1.0 - Remote Include
com_forum Mambo Component 1.2.4RC3 - Remote Include
SimpleBoard Mambo Component 1.1.0 - Remote File Inclusion
com_forum Mambo Component 1.2.4RC3 - Remote File Inclusion
com_videodb Mambo Component 0.3en Remote Include
com_videodb Mambo Component 0.3en Remote File Inclusion
HTMLArea3 Mambo Module 1.5 - Remote Include
Sitemap Mambo Component 2.0.0 - Remote Include
pollxt Mambo Component 1.22.07 - Remote Include
HTMLArea3 Mambo Module 1.5 - Remote File Inclusion
Sitemap Mambo Component 2.0.0 - Remote File Inclusion
pollxt Mambo Component 1.22.07 - Remote File Inclusion
D-Link Router UPNP Stack Overflow Denial of Service Exploit (PoC)
D-Link Router UPNP Stack Overflow Denial of Service (PoC)
MoSpray Mambo Component 18RC1 - Remote Include
ArticlesOne 07232006 - (page) Remote Include
Mam-Moodle Mambo Component alpha Remote Inclusion
MoSpray Mambo Component 18RC1 - Remote File Inclusion
ArticlesOne 07232006 - (page) Remote File Inclusion
Mam-Moodle Mambo Component alpha - Remote Inclusion
Mambo User Home Pages Component 0.5 - Remote Include
Mambo User Home Pages Component 0.5 - Remote File Inclusion
Joomla LMO Component 1.0b2 - Remote Include
Joomla LMO Component 1.0b2 - Remote File Inclusion
SQLiteWebAdmin 0.1 - (tpl.inc.php) Remote Include
XChat 2.6.7 - (Windows) Remote Denial of Service Exploit (PHP)
Joomla JD-Wiki Component 1.0.2 - Remote Include
SQLiteWebAdmin 0.1 - (tpl.inc.php) Remote File Inclusion
XChat 2.6.7 - (Windows) Remote Denial of Service (PHP)
Joomla JD-Wiki Component 1.0.2 - Remote File Inclusion
phpCC 4.2 beta (base_dir) Remote File Inclusion
phpCC 4.2 beta - (base_dir) Remote File Inclusion
Visual Events Calendar 1.1 - (cfg_dir) Remote Include
Visual Events Calendar 1.1 - (cfg_dir) Remote File Inclusion
XChat 2.6.7 - (Windows) Remote Denial of Service Exploit (Perl)
XChat 2.6.7 - (Windows) Remote Denial of Service (Perl)
See-Commerce 1.0.625 - (owimg.php3) Remote Include
PocketPC Mms Composer (WAPPush) Denial of Service Exploit
See-Commerce 1.0.625 - (owimg.php3) Remote File Inclusion
PocketPC Mms Composer (WAPPush) Denial of Service
Mambo Remository Component 3.25 - Remote Include
Mambo Remository Component 3.25 - Remote File Inclusion
Joomla Webring Component 1.0 - Remote Include
Joomla Webring Component 1.0 - Remote File Inclusion
Opera 9 - IRC Client Remote Denial of Service Exploit
Opera 9 IRC Client - Remote Denial of Service Exploit (Python)
Opera 9 - IRC Client Remote Denial of Service
Opera 9 IRC Client - Remote Denial of Service (Python)
Microsoft Windows PNG File IHDR Block Denial of Service Exploit PoC
Microsoft Windows PNG File IHDR Block Denial of Service PoC
Mambo CopperminePhotoGalery Component Remote Include
Mambo CopperminePhotoGalery Component Remote File Inclusion
WTcom 0.2.4-alpha (torrents.php) SQL Injection
WTcom 0.2.4-alpha - (torrents.php) SQL Injection
Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (1)
Microsoft Windows - PNG File IHDR Block Denial of Service PoC (1)
Joomla Artlinks Component 1.0b4 - Remote Include
Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (2)
PHlyMail Lite 3.4.4 - (mod.listmail.php) Remote Include
Joomla Artlinks Component 1.0b4 - Remote File Inclusion
Microsoft Windows - PNG File IHDR Block Denial of Service PoC (2)
PHlyMail Lite 3.4.4 - (mod.listmail.php) Remote File Inclusion
Mambo MamboWiki Component 0.9.6 - Remote Include
Joomla Link Directory Component 1.0.3 - Remote Include
Mambo MamboWiki Component 0.9.6 - Remote File Inclusion
Joomla Link Directory Component 1.0.3 - Remote File Inclusion
PHlyMail Lite 3.4.4 - (folderprops.php) Remote Include (2)
PHlyMail Lite 3.4.4 - (folderprops.php) Remote File Inclusion (2)
Mozilla Firefox 1.5.0.6 - (FTP Request) Remote Denial of Service Exploit
Mozilla Firefox 1.5.0.6 - (FTP Request) Remote Denial of Service
2Wire Modems/Routers CRLF - Denial of Service Exploit
2Wire Modems/Routers CRLF - Denial of Service
Integramod Portal 2.x - (functions_portal.php) Remote Include Exploit
VistaBB 2.x - (functions_mod_user.php) Remote Include Exploit
Integramod Portal 2.x - (functions_portal.php) Remote File Inclusion Exploit
VistaBB 2.x - (functions_mod_user.php) Remote File Inclusion Exploit
phpCOIN 1.2.3 - (session_set.php) Remote Include
phpCOIN 1.2.3 - (session_set.php) Remote File Inclusion
Web3news 0.95 - (PHPSECURITYADMIN_PATH) Remote Include
Web3news 0.95 - (PHPSECURITYADMIN_PATH) Remote File Inclusion
PortailPHP mod_phpalbum 2.1.5 - (chemin) Remote Include
PortailPHP mod_phpalbum 2.1.5 - (chemin) Remote File Inclusion
Web Server Creator 0.1 - (l) Remote Include
Web Server Creator 0.1 - (l) Remote File Inclusion
Multithreaded TFTP 1.1 - (Long Get Request) Denial of Service Exploit
Multithreaded TFTP 1.1 - (Long Get Request) Denial of Service
mcGalleryPRO 2006 - (path_to_folder) Remote Include
MiniPort@l 0.1.5 beta (skiny) Remote File Inclusion
OPENi-CMS 1.0.1beta (config) Remote File Inclusion
mcGalleryPRO 2006 - (path_to_folder) Remote File Inclusion
MiniPort@l 0.1.5 beta - (skiny) Remote File Inclusion
OPENi-CMS 1.0.1beta - (config) Remote File Inclusion
Microsoft Internet Explorer (VML) Remote Denial of Service Exploit PoC
Microsoft Internet Explorer (VML) Remote Denial of Service PoC
OpenSSH 4.3 p1 - (Duplicated Block) Remote Denial of Service Exploit
OpenSSH 4.3 p1 - (Duplicated Block) Remote Denial of Service
VAMP Webmail 2.0beta1 - (yesno.phtml) Remote Include
VAMP Webmail 2.0beta1 - (yesno.phtml) Remote File Inclusion
TribunaLibre 3.12 Beta (ftag.php) Remote File Inclusion
TribunaLibre 3.12 Beta - (ftag.php) Remote File Inclusion
FreeBSD 5.4 / 6.0 - (ptrace PT_LWPINFO) Local Denial of Service Exploit
FreeBSD 5.4 / 6.0 - (ptrace PT_LWPINFO) Local Denial of Service
FreeBSD 6.1-RELEASE-p10 - (ftruncate) Local Denial of Service Exploit
FreeBSD 6.1-RELEASE-p10 - (scheduler) Local Denial of Service Exploit
FreeBSD 6.1-RELEASE-p10 - (ftruncate) Local Denial of Service
FreeBSD 6.1-RELEASE-p10 - (scheduler) Local Denial of Service
phpBB News Defilante Horizontale 4.1.1 - Remote Include Exploit
phpBB News Defilante Horizontale 4.1.1 - Remote File Inclusion Exploit
NuralStorm Webmail 0.98b (process.php) Remote Include
NuralStorm Webmail 0.98b (process.php) Remote File Inclusion
DigitalHive 2.0 RC2 - (base_include.php) Remote Include
DigitalHive 2.0 RC2 - (base_include.php) Remote File Inclusion
Xfire 1.6.4 - Remote Denial of Service Exploit (Perl)
Osprey 1.0 GetRecord.php Remote File Inclusion
Xfire 1.6.4 - Remote Denial of Service (Perl)
Osprey 1.0 - GetRecord.php Remote File Inclusion
MambWeather Mambo Module 1.8.1 - Remote Include
MambWeather Mambo Module 1.8.1 - Remote File Inclusion
QK SMTP 3.01 - (RCPT TO) Remote Denial of Service Exploit
QK SMTP 3.01 - (RCPT TO) Remote Denial of Service
FreeBSD 6.1 - (/dev/crypto) Local Kernel Denial of Service Exploit
FreeBSD 6.1 - (/dev/crypto) Local Kernel Denial of Service
RevilloC MailServer 1.x - (RCPT TO) Remote Denial of Service Exploit
RevilloC MailServer 1.x - (RCPT TO) Remote Denial of Service
PHPMyDesk 1.0beta (viewticket.php) Local File Inclusion Exploit
PHPMyDesk 1.0 beta - (viewticket.php) Local File Inclusion Exploit
Microsoft Windows NAT Helper Components (ipnathlp.dll) Remote DoS Exploit
Microsoft Windows NAT Helper Components (ipnathlp.dll) Remote Denial of Service
Microsoft Windows NAT Helper Components Remote DoS Exploit (perl)
Microsoft Windows NAT Helper Components Remote Denial of Service (perl)
GEPI 1.4.0 gestion/savebackup.php Remote File Inclusion
GEPI 1.4.0 - gestion/savebackup.php Remote File Inclusion
Mozilla Firefox 1.5.0.7/2.0 - (createRange) Remote DoS Exploit
Mozilla Firefox 1.5.0.7/2.0 - (createRange) Remote Denial of Service
Drake CMS < 0.2.3 ALPHA rev.916Remote File Inclusion
Drake CMS < 0.2.3 ALPHA rev.916 - Remote File Inclusion
XM Easy Personal FTP Server 5.2.1 - Remote Denial of Service Exploit
Essentia Web Server 2.15 - (GET Request) Remote DoS Exploit
XM Easy Personal FTP Server 5.2.1 - Remote Denial of Service
Essentia Web Server 2.15 - (GET Request) Remote Denial of Service
OpenLDAP 2.2.29 - Remote Denial of Service Exploit (Metasploit)
OpenLDAP 2.2.29 - Remote Denial of Service (Metasploit)
WarFTPd 1.82.00-RC11 - Remote Denial of Service Exploit
WarFTPd 1.82.00-RC11 - Remote Denial of Service
WORK System E-Commerce 3.0.1 - Remote Include
WORK System E-Commerce 3.0.1 - Remote File Inclusion
CMSmelborp Beta (user_standard.php) Remote File Inclusion Exploit
CMSmelborp Beta - (user_standard.php) Remote File Inclusion Exploit
phpPeanuts 1.3 Beta (Inspect.php) Remote File Inclusion
phpPeanuts 1.3 Beta - (Inspect.php) Remote File Inclusion
UniversalFTP 1.0.50 - (MKD) Remote Denial of Service Exploit
UniversalFTP 1.0.50 - (MKD) Remote Denial of Service
Microsoft Windows spoolss GetPrinterData() Remote DoS Exploit (0Day)
Microsoft Windows spoolss GetPrinterData() Remote Denial of Service (0Day)
awrate.com Message Board 1.0 - (search.php) Remote Include
awrate.com Message Board 1.0 - (search.php) Remote File Inclusion
F-Prot Antivirus 4.6.6 - (ACE) Denial of Service Exploit
F-Prot Antivirus 4.6.6 - (ACE) Denial of Service
Filezilla FTP Server 0.9.20b/0.9.21 - (STOR) Denial of Service Exploit
Filezilla FTP Server 0.9.20b/0.9.21 - (STOR) Denial of Service
Filezilla FTP Server 0.9.21 - (LIST/NLST) Denial of Service Exploit
D-Link DWL-2000AP 2.11 - (ARP Flood) Remote Denial of Service Exploit
Filezilla FTP Server 0.9.21 - (LIST/NLST) Denial of Service
D-Link DWL-2000AP 2.11 - (ARP Flood) Remote Denial of Service
Crob FTP Server 3.6.1 build 263 - (LIST/NLST) Denial of Service Exploit
Crob FTP Server 3.6.1 build 263 - (LIST/NLST) Denial of Service
Sambar FTP Server 6.4 - (SIZE) Remote Denial of Service Exploit
Windows Media Player 9/10 - (.MID) Denial of Service Exploit
Sambar FTP Server 6.4 - (SIZE) Remote Denial of Service
Windows Media Player 9/10 - (.MID) Denial of Service
Star FTP Server 1.10 - (RETR) Remote Denial of Service Exploit
Star FTP Server 1.10 - (RETR) Remote Denial of Service
Microsoft Office Outlook Recipient Control (ole32.dll) Denial of Service Exploit
wget 1.10.2 - (Unchecked Boundary Condition) Denial of Service Exploit
Microsoft Office Outlook Recipient Control (ole32.dll) Denial of Service
wget 1.10.2 - (Unchecked Boundary Condition) Denial of Service
WinFtp Server 2.0.2 - (PASV) Remote Denial of Service Exploit
WinFtp Server 2.0.2 - (PASV) Remote Denial of Service
RealPlayer 10.5 - (ActiveX Control) Denial of Service Exploit
RealPlayer 10.5 - (ActiveX Control) Denial of Service
DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service Exploit
DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service
inertianews 0.02b (inertianews_main.php) Remote Include
inertianews 0.02b (inertianews_main.php) Remote File Inclusion
XM Easy Personal FTP Server 5.2.1 - (USER) Format String DoS Exploit
XM Easy Personal FTP Server 5.2.1 - (USER) Format String Denial of Service
acFTP FTP Server 1.5 - (REST/PBSZ) Remote Denial of Service Exploit
acFTP FTP Server 1.5 - (REST/PBSZ) Remote Denial of Service
Microsoft Windows NetrWkstaUserEnum() Remote DoS Exploit (0Day)
Microsoft Windows NetrWkstaUserEnum() Remote Denial of Service (0Day)
RealPlayer 10.5 ierpplug.dll Internet Explorer 7 - Denial of Service Exploit
RealPlayer 10.5 ierpplug.dll Internet Explorer 7 - Denial of Service
Durian Web Application Server 3.02 - Denial of Service Exploit
Durian Web Application Server 3.02 - Denial of Service
Formbankserver 1.9 - (Name) Remote Denial of Service Exploit
Formbankserver 1.9 - (Name) Remote Denial of Service
Microsoft Windows - Explorer (WMF) CreateBrushIndirect DoS Exploit
Microsoft Windows - Explorer (WMF) CreateBrushIndirect Denial of Service
VLC Media Player 0.8.6a Unspecified Denial of Service Exploit
VLC Media Player 0.8.6a Unspecified Denial of Service
WFTPD Pro Server 3.25 SITE ADMN Remote Denial of Service Exploit
WFTPD Pro Server 3.25 SITE ADMN Remote Denial of Service
Twilight Webserver 1.3.3.0 - (GET) Remote Denial of Service Exploit
Colloquy 2.1.3545 - (INVITE) Format String Denial of Service Exploit
Twilight Webserver 1.3.3.0 - (GET) Remote Denial of Service
Colloquy 2.1.3545 - (INVITE) Format String Denial of Service
CCRP Folder Treeview Control (ccrpftv6.ocx) - IE Denial of Service Exploit
CCRP Folder Treeview Control (ccrpftv6.ocx) - IE Denial of Service
Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) DoS Exploit
Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) Denial of Service
Microsoft Windows - Explorer (AVI) Unspecified Denial of Service Exploit
Microsoft Windows - Explorer (AVI) Unspecified Denial of Service
Apple CFNetwork - HTTP Response Denial of Service Exploit (Ruby)
Apple CFNetwork - HTTP Response Denial of Service (Ruby)
CVSTrac 2.0.0 - Post-Attack Database Resurrection DoS Exploit
CVSTrac 2.0.0 - Post-Attack Database Resurrection Denial of Service
Apple iChat Bonjour 3.1.6.441 - Multiple Denial of Service Exploit
phpBB2 MODificat 0.2.0 - (functions.php) Remote Include
Apple iChat Bonjour 3.1.6.441 - Multiple Denial of Service
phpBB2 MODificat 0.2.0 - (functions.php) Remote File Inclusion
CA BrightStor ARCserve 11.5.2.0 - (catirpc.dll) RPC Server DoS Exploit
CA BrightStor ARCserve 11.5.2.0 - (catirpc.dll) RPC Server Denial of Service
Chicken of the VNC 2.0 - (NULL-pointer) Remote Denial of Service Exploit
Chicken of the VNC 2.0 - (NULL-pointer) Remote Denial of Service
FlashFXP 3.4.0 build 1145 - Remote Buffer Overflow DoS Exploit
SmartFTP Client 2.0.1002 - Remote Heap Overflow DoS Exploit
FlashFXP 3.4.0 build 1145 - Remote Buffer Overflow Denial of Service
SmartFTP Client 2.0.1002 - Remote Heap Overflow Denial of Service
Axigen 2.0.0b1 - Remote Denial of Service Exploit
Axigen 2.0.0b1 - Remote Denial of Service Exploit (2)
Axigen 2.0.0b1 - Remote Denial of Service
Axigen 2.0.0b1 - Remote Denial of Service (2)
phpCC 4.2 beta (nickpage.php npid) SQL Injection Exploit
phpCC 4.2 beta - (nickpage.php npid) SQL Injection Exploit
MiniWebsvr 0.0.6 - Remote Resource Consumption DoS Exploit
MiniWebsvr 0.0.6 - Remote Resource Consumption Denial of Service
MailEnable Professional/Enterprise 2.35 Out of Bounds DoS Exploit
MailEnable Professional/Enterprise 2.35 Out of Bounds Denial of Service
MailEnable Professional/Enterprise 2.37 - Denial of Service Exploit
MailEnable Professional/Enterprise 2.37 - Denial of Service
TurboFTP 5.30 Build 572 - (newline/LIST) Multiple Remote DoS Exploit
TurboFTP 5.30 Build 572 - (newline/LIST) Multiple Remote Denial of Service
PHP-Nuke 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql)
PHP-Nuke 8.0 Final (INSERT) SQL Injection Exploit
PHP-Nuke 8.0 Final (HTTP Referers) SQL Injection Exploit
FTP Explorer 1.0.1 Build 047 - (CPU consumption) Remote DoS Exploit
PHP-Nuke 8.0 Final - (INSERT) Blind SQL Injection Exploit (mysql)
PHP-Nuke 8.0 Final - (INSERT) SQL Injection Exploit
PHP-Nuke 8.0 Final - (HTTP Referers) SQL Injection Exploit
FTP Explorer 1.0.1 Build 047 - (CPU consumption) Remote Denial of Service
BrowseDialog Class - (ccrpbds6.dll) Multiple Methods DoS Exploit
BrowseDialog Class - (ccrpbds6.dll) Multiple Methods Denial of Service
Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow DoS Exploit
Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow Denial of Service
XM Easy Personal FTP Server 5.30 - (ABOR) Format String DoS Exploit
XM Easy Personal FTP Server 5.30 - (ABOR) Format String Denial of Service
DivX Web Player 1.3.0 - (npdivx32.dll) Remote Denial of Service Exploit
DivX Web Player 1.3.0 - (npdivx32.dll) Remote Denial of Service
Asterisk 1.2.15 / 1.4.0 - pre-auth Remote Denial of Service Exploit
Asterisk 1.2.15 / 1.4.0 - pre-auth Remote Denial of Service
Konqueror 3.5.5 - (JavaScript Read of FTP Iframe) DoS Exploit
Konqueror 3.5.5 - (JavaScript Read of FTP Iframe) Denial of Service
Microsoft Windows - (.doc) Malformed Pointers Denial of Service Exploit
Microsoft Windows - (.doc) Malformed Pointers Denial of Service
TFTPDWIN Server 0.4.2 - (UDP) Denial of Service Exploit
Rediff Toolbar ActiveX Control Remote Denial of Service Exploit
Snort 2.6.1.1/2.6.1.2/2.7.0 - (fragementation) Remote DoS Exploit
TFTPDWIN Server 0.4.2 - (UDP) Denial of Service
Rediff Toolbar ActiveX Control Remote Denial of Service
Snort 2.6.1.1/2.6.1.2/2.7.0 - (fragementation) Remote Denial of Service
Microsoft Internet Explorer - (FTP Server Response) DoS Exploit (MS07-016)
Microsoft Internet Explorer - (FTP Server Response) Denial of Service (MS07-016)
TFTP Server 1.3 - Remote Buffer Overflow Denial of Service Exploit
TFTP Server 1.3 - Remote Buffer Overflow Denial of Service
MetaForum 0.513 Beta Remote File Upload Exploit
MetaForum 0.513 Beta - Remote File Upload Exploit
Cisco Phone 7940/7960 - (SIP INVITE) Remote Denial of Service Exploit
Mercur IMAPD 5.00.14 - Remote Denial of Service Exploit (Win32)
Cisco Phone 7940/7960 - (SIP INVITE) Remote Denial of Service
Mercur IMAPD 5.00.14 - Remote Denial of Service (Win32)
Grandstream Budge Tone-200 IP Phone (Digest domain) DoS Exploit
Grandstream Budge Tone-200 IP Phone (Digest domain) Denial of Service
0irc-client 1345 build20060823 - Denial of Service Exploit
0irc-client 1345 build20060823 - Denial of Service
Asterisk 1.2.16 / 1.4.1 - SIP INVITE Remote Denial of Service Exploit
Asterisk 1.2.16 / 1.4.1 - SIP INVITE Remote Denial of Service
sBLOG 0.7.3 Beta (inc/lang.php) Local File Inclusion Exploit
IBM Lotus Domino Server 6.5 - (username) Remote Denial of Service Exploit
sBLOG 0.7.3 Beta - (inc/lang.php) Local File Inclusion Exploit
IBM Lotus Domino Server 6.5 - (username) Remote Denial of Service
Wserve HTTP Server 4.6 - (Long Directory Name) Denial of Service Exploit
Wserve HTTP Server 4.6 - (Long Directory Name) Denial of Service
Microsoft Windows - Explorer Unspecified .ANI File Denial of Service Exploit
Microsoft Windows - Explorer Unspecified .ANI File Denial of Service
Gran Paradiso 3.0a3 non-existent applet Denial of Service Exploit
Gran Paradiso 3.0a3 non-existent applet Denial of Service
Sami HTTP Server 2.0.1 POST Request Denial of Service Exploit
Sami HTTP Server 2.0.1 POST Request Denial of Service
Ettercap-NG 0.7.3 - Remote Denial of Service Exploit
Ettercap-NG 0.7.3 - Remote Denial of Service
Mozzers SubSystem final (subs.php) Remote Code Execution
Mozzers SubSystem final - (subs.php) Remote Code Execution
Winamp 5.3 - (.WMV) Remote Denial of Service Exploit
Winamp 5.3 - (.WMV) Remote Denial of Service
Foxit Reader 2.0 - (PDF) Remote Denial of Service Exploit
Foxit Reader 2.0 - (PDF) Remote Denial of Service
Joomla 1.5.0 Beta (pcltar.php) Remote File Inclusion
Winamp 5.33 - (.AVI) Remote Denial of Service Exploit
Joomla 1.5.0 Beta - (pcltar.php) Remote File Inclusion
Winamp 5.33 - (.AVI) Remote Denial of Service
Opera 9.2 - (.torrent) Remote Denial of Service Exploit
Opera 9.2 - (.torrent) Remote Denial of Service
Linksys SPA941 \377 character Remote Denial of Service Exploit
Linksys SPA941 - (remote reboot) Remote Denial of Service Exploit
Linksys SPA941 \377 character Remote Denial of Service
Linksys SPA941 - (remote reboot) Remote Denial of Service
RealPlayer 10 - (.ra) Remote Denial of Service Exploit
RealPlayer 10 - (.ra) Remote Denial of Service
PowerPoint Viewer OCX 3.2 - (ActiveX Control) Denial of Service Exploit
PowerPoint Viewer OCX 3.2 - (ActiveX Control) Denial of Service
Excel Viewer OCX 3.1.0.6 - Multiple Methods Denial of Service Exploit
Excel Viewer OCX 3.1.0.6 - Multiple Methods Denial of Service
Word Viewer OCX 3.2 - Remote Denial of Service Exploit
Word Viewer OCX 3.2 - Remote Denial of Service
Office Viewer OCX 3.2.0.5 - Multiple Methods Denial of Service Exploit
Office Viewer OCX 3.2.0.5 - Multiple Methods Denial of Service
Versalsoft HTTP File Upload ActiveX 6.36 - (AddFile) Remote DoS Exploit
Versalsoft HTTP File Upload ActiveX 6.36 - (AddFile) Remote Denial of Service
Opera 9.10 alert() Remote Denial of Service Exploit
Opera 9.10 alert() Remote Denial of Service
SmartCode VNC Manager 3.6 - (scvncctrl.dll) Denial of Service Exploit
SmartCode VNC Manager 3.6 - (scvncctrl.dll) Denial of Service
SimpleNews 1.0.0 FINAL (print.php news_id) SQL Injection Exploit
SimpleNews 1.0.0 FINAL - (print.php news_id) SQL Injection Exploit
Remote Display Dev kit 1.2.1.0 RControl.dll Denial of Service Exploit
Remote Display Dev kit 1.2.1.0 RControl.dll Denial of Service
PrecisionID Barcode ActiveX 1.3 - Denial of Service Exploit
PrecisionID Barcode ActiveX 1.3 - Denial of Service
ID Automation Linear Barcode ActiveX Denial of Service Exploit
ID Automation Linear Barcode ActiveX Denial of Service
Microsoft Windows Vista - Forged ARP packet Network Stack DoS Exploit
Microsoft Windows Vista - Forged ARP packet Network Stack Denial of Service
BitsCast 0.13.0 - (invalid string) Remote Denial of Service Exploit
NewzCrawler 1.8 - (invalid string) Remote Denial of Service Exploit
BitsCast 0.13.0 - (invalid string) Remote Denial of Service
NewzCrawler 1.8 - (invalid string) Remote Denial of Service
PrecisionID Barcode ActiveX 1.9 - Remote Denial of Service Exploit
PrecisionID Barcode ActiveX 1.9 - Remote Denial of Service
CA BrightStor Backup 11.5.2.0 caloggderd.exe Denial of Service Exploit
CA BrightStor Backup 11.5.2.0 Mediasvr.exe Denial of Service Exploit
CA BrightStor Backup 11.5.2.0 caloggderd.exe Denial of Service
CA BrightStor Backup 11.5.2.0 Mediasvr.exe Denial of Service
Mambo com_yanc 1.4 beta (id) SQL Injection
Mambo com_yanc 1.4 beta - (id) SQL Injection
Microsoft IIS 6.0 - (/AUX/.aspx) Remote Denial of Service Exploit
Microsoft IIS 6.0 - (/AUX/.aspx) Remote Denial of Service
LeadTools ISIS Control - (ltisi14E.ocx v.14.5.0.44) Remote DoS Exploit
LeadTools ISIS Control - (ltisi14E.ocx v.14.5.0.44) Remote Denial of Service
Microsoft Office 2000 (OUACTRL.OCX 1.0.1.9) - Remote DoS Exploit
Microsoft Office 2000 (OUACTRL.OCX 1.0.1.9) - Remote Denial of Service
EDraw Office Viewer Component Denial of Service Exploit
EDraw Office Viewer Component Denial of Service
SNMPc 7.0.18 - Remote Denial of Service Exploit (Metasploit)
SNMPc 7.0.18 - Remote Denial of Service (Metasploit)
Microsoft Windows GDI+ - ICO File Remote Denial of Service Exploit
Microsoft Windows GDI+ - ICO File Remote Denial of Service
MiniWeb Http Server 0.8.x - Remote Denial of Service Exploit
MiniWeb Http Server 0.8.x - Remote Denial of Service
Safari 3 for Windows Beta Remote Command Execution PoC
Safari 3 for Windows Beta - Remote Command Execution PoC
BitchX 1.1-final (EXEC) Remote Command Execution Exploit
BitchX 1.1-final - (EXEC) Remote Command Execution Exploit
PHP 5.2.3 - bz2 com_print_typeinfo() Denial of Service Exploit
PHP 5.2.3 - bz2 com_print_typeinfo() Denial of Service
PHP 5.2.3 - glob() Denial of Service Exploit
PHP 5.2.3 - glob() Denial of Service
TeamSpeak 2.0 - (Windows Release) Remote Denial of Service Exploit
TeamSpeak 2.0 - (Windows Release) Remote Denial of Service
Microsoft Windows - Explorer.exe Gif Image Denial of Service Exploit
Xserver 0.1 Alpha Post Request Remote Buffer Overflow Exploit
Microsoft Windows - Explorer.exe Gif Image Denial of Service
Xserver 0.1 Alpha - Post Request Remote Buffer Overflow Exploit
Microsoft Internet Explorer 6 DirectX Media Remote Overflow DoS Exploit
Microsoft Internet Explorer 6 DirectX Media Remote Overflow Denial of Service
Cisco IOS Next Hop Resolution Protocol (NHRP) Denial of Service Exploit
Cisco IOS Next Hop Resolution Protocol (NHRP) Denial of Service
WengoPhone 2.x - SIP Phone Remote Denial of Service Exploit
WengoPhone 2.x - SIP Phone Remote Denial of Service
CounterPath X-Lite 3.x - SIP phone Remote Denial of Service Exploit
CounterPath X-Lite 3.x - SIP phone Remote Denial of Service
WireShark < 0.99.6 Mms Remote Denial of Service Exploit
Easy Chat Server 2.2 - Remote Denial of Service Exploit
WireShark < 0.99.6 Mms Remote Denial of Service
Easy Chat Server 2.2 - Remote Denial of Service
Cisco IP Phone 7940 - (3 SIP messages) Remote Denial of Service Exploit
Cisco IP Phone 7940 - (10 SIP messages) Remote Denial of Service Exploit
eCentrex VOIP Client module (uacomx.ocx 2.0.1) Remote BoF Exploit
Cisco IP Phone 7940 - (3 SIP messages) Remote Denial of Service
Cisco IP Phone 7940 - (10 SIP messages) Remote Denial of Service
eCentrex VOIP Client module - (uacomx.ocx 2.0.1) Remote BoF Exploit
Thomson SIP phone ST 2030 - Remote Denial of Service Exploit
Thomson SIP phone ST 2030 - Remote Denial of Service
Microsoft Windows - (GDI32.DLL) Denial of Service Exploit (MS07-046)
Microsoft Windows - (GDI32.DLL) Denial of Service (MS07-046)
JetCast Server 2.0.0.4308 - Remote Denial of Service Exploit
JetCast Server 2.0.0.4308 - Remote Denial of Service
actSite 1.991 Beta (base.php) Remote File Inclusion
actSite 1.991 Beta - (base.php) Remote File Inclusion
wzdftpd 0.8.0 - (USER) Remote Denial of Service Exploit
wzdftpd 0.8.0 - (USER) Remote Denial of Service
LiveAlbum 0.9.0 common.php Remote File Inclusion
LiveAlbum 0.9.0 - common.php Remote File Inclusion
eXtremail 2.1.1 memmove() Remote Denial of Service Exploit
eXtremail 2.1.1 memmove() Remote Denial of Service
GCALDaemon 1.0-beta13 - Remote Denial of Service Exploit
GCALDaemon 1.0-beta13 - Remote Denial of Service
Mozilla Firefox 2.0.0.7 - Remote Denial of Service Exploit
Mozilla Firefox 2.0.0.7 - Remote Denial of Service
Firefly Media Server 0.2.4 - Remote Denial of Service Exploit
Ubuntu 6.06 DHCPd - Remote Denial of Service Exploit
Firefly Media Server 0.2.4 - Remote Denial of Service
Ubuntu 6.06 DHCPd - Remote Denial of Service
patBBcode 1.0 bbcodeSource.php Remote File Inclusion
patBBcode 1.0 - bbcodeSource.php Remote File Inclusion
RealPlayer 11 Malformed AU File Denial of Service Exploit
RealPlayer 11 Malformed AU File Denial of Service
Cisco Phone 7940 - Remote Denial of Service Exploit
Cisco Phone 7940 - Remote Denial of Service
Simple HTTPD 1.41 - (/aux) Remote Denial of Service Exploit
Simple HTTPD 1.41 - (/aux) Remote Denial of Service
SurgeMail 38k4 - webmail Host header Denial of Service Exploit
SurgeMail 38k4 - webmail Host header Denial of Service
Blakord Portal Beta 1.3.A (all modules) SQL Injection
Blakord Portal Beta 1.3.A - (all modules) SQL Injection
WebPortal CMS 0.6-beta Remote Password Change Exploit
WebPortal CMS 0.6-beta - Remote Password Change Exploit
Half-Life CSTRIKE Server 1.6 - Denial of Service Exploit (no-steam)
Half-Life CSTRIKE Server 1.6 - Denial of Service (no-steam)
Linux Kernel 2.6.21.1 - IPv6 Jumbo Bug Remote DoS Exploit
Linux Kernel 2.6.21.1 - IPv6 Jumbo Bug Remote Denial of Service
PHP-Nuke 8.0 Final (sid) SQL Injection Exploit
PHP-Nuke 8.0 Final - (sid) SQL Injection Exploit
Apple iPhone 1.1.2 - Remote Denial of Service Exploit
Apple iPhone 1.1.2 - Remote Denial of Service
MicroTik RouterOS 3.2 SNMPd snmp-set Denial of Service Exploit
MicroTik RouterOS 3.2 SNMPd snmp-set Denial of Service
Joomla Component MCQuiz 0.9 Final (tid) SQL Injection
Joomla Component MCQuiz 0.9 Final - (tid) SQL Injection
Apple iPhoto 4.0.3 DPAP Server Denial of Service Exploit
Apple iPhoto 4.0.3 DPAP Server Denial of Service
MyServer 0.8.11 - (204 No Content) error Remote Denial of Service Exploit
MyServer 0.8.11 - (204 No Content) error Remote Denial of Service
Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) DoS Exploit
Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service
ICQ Toolbar 2.3 - ActiveX Remote Denial of Service Exploit
ICQ Toolbar 2.3 - ActiveX Remote Denial of Service
Apple Safari (webkit) Remote Denial of Service Exploit (iphone/osx/win)
Apple Safari (webkit) Remote Denial of Service (iphone/osx/win)
Home FTP Server 1.4.5 - Remote Denial of Service Exploit
Home FTP Server 1.4.5 - Remote Denial of Service
PacketTrap Networks pt360 2.0.39 TFTPD - Remote DoS Exploit
PacketTrap Networks pt360 2.0.39 TFTPD - Remote Denial of Service
mxBB Module mx_blogs 2.0.0-beta Remote File Inclusion Exploit
mxBB Module mx_blogs 2.0.0-beta - Remote File Inclusion Exploit
Microsoft Windows - Explorer Unspecified .DOC File Denial of Service Exploit
Microsoft Windows - Explorer Unspecified .DOC File Denial of Service
Noticeware Email Server 4.6.1.0 - Denial of Service Exploit
Noticeware Email Server 4.6.1.0 - Denial of Service
Mcafee EPO 4.0 - FrameworkService.exe Remote Denial of Service Exploit
Novel eDirectory HTTP - Denial of Service Exploit
Mcafee EPO 4.0 - FrameworkService.exe Remote Denial of Service
Novel eDirectory HTTP - Denial of Service
XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service Exploit
XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service
e-107 Plugin zogo-shop 1.16 Beta 13 SQL Injection
e-107 Plugin zogo-shop 1.16 Beta 13 - SQL Injection
AlkalinePHP 0.80.00 beta (thread.php id) SQL Injection Exploit
AlkalinePHP 0.80.00 beta - (thread.php id) SQL Injection Exploit
Mambo Component mambads 1.0 RC1 Beta SQL Injection
Mambo Component mambads 1.0 RC1 Beta - SQL Injection
I-Pos Internet Pay Online Store 1.3 Beta SQL Injection
I-Pos Internet Pay Online Store 1.3 Beta - SQL Injection
P2P Foxy Out of Memory Denial of Service Exploit
P2P Foxy Out of Memory Denial of Service
uTorrent / BitTorrent WebIU HTTP 1.7.7/6.0.1 Range header DoS Exploit
uTorrent / BitTorrent WebIU HTTP 1.7.7/6.0.1 Range header Denial of Service
Simple DNS Plus 5.0/4.1 - Remote Denial of Service Exploit
Simple DNS Plus 5.0/4.1 - Remote Denial of Service
Yahoo Messenger 8.1 - ActiveX Remote Denial of Service Exploit
Yahoo Messenger 8.1 - ActiveX Remote Denial of Service
WinRemotePC Full+Lite 2008 r.2server Denial of Service Exploit
WinRemotePC Full+Lite 2008 r.2server Denial of Service
Bea Weblogic Apache Connector - Code Execution / Denial of Service Exploit
Bea Weblogic Apache Connector - Code Execution / Denial of Service
Oracle Internet Directory 10.1.4 - Remote Preauth DoS Exploit
Oracle Internet Directory 10.1.4 - Remote Preauth Denial of Service
F-PROT antivirus 6.2.1.4252 - (malformed archive) Infinite Loop DoS Exploit
F-PROT antivirus 6.2.1.4252 - (malformed archive) Infinite Loop Denial of Service
Xerox Phaser 8400 - (reboot) Remote Denial of Service Exploit
Xerox Phaser 8400 - (reboot) Remote Denial of Service
HydraIrc 0.3.164 - (last) Remote Denial of Service Exploit
HydraIrc 0.3.164 - (last) Remote Denial of Service
txtSQL 2.2 Final (startup.php) Remote File Inclusion
txtSQL 2.2 Final - (startup.php) Remote File Inclusion
Ventrilo 3.0.2 - NULL pointer Remote DoS Exploit
Ventrilo 3.0.2 - NULL pointer Remote Denial of Service
Google Chrome Browser 0.2.149.27 A HREF Denial of Service Exploit
Google Chrome Browser 0.2.149.27 A HREF Denial of Service
Google Chrome Browser 0.2.149.27 Inspect Element DoS Exploit
Google Chrome Browser 0.2.149.27 Inspect Element Denial of Service
Flock Social Web Browser 1.2.5 - (loop) Remote Denial of Service Exploit
Flock Social Web Browser 1.2.5 - (loop) Remote Denial of Service
Adobe Acrobat 9 - ActiveX Remote Denial of Service Exploit
Adobe Acrobat 9 - ActiveX Remote Denial of Service
The Personal FTP Server 6.0f RETR Denial of Service Exploit
The Personal FTP Server 6.0f RETR Denial of Service
Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - (.forward) Local DoS Exploit
Postfix < 2.4.9 / 2.5.5 / 2.6-20080902 - (.forward) Local Denial of Service
WonderWare SuiteLink 2.0 - Remote Denial of Service Exploit (Metasploit)
WonderWare SuiteLink 2.0 - Remote Denial of Service (Metasploit)
Femitter FTP Server 1.03 - (RETR) Remote Denial of Service Exploit PoC
Femitter FTP Server 1.03 - (RETR) Remote Denial of Service PoC
fhttpd 0.4.2 un64() - Remote Denial of Service Exploit
fhttpd 0.4.2 un64() - Remote Denial of Service
DESlock+ 3.2.7 - (vdlptokn.sys) Local Denial of Service Exploit
DESlock+ 3.2.7 - (vdlptokn.sys) Local Denial of Service
Vikingboard 0.2 Beta (task) Local File Inclusion
Vikingboard 0.2 Beta - (task) Local File Inclusion
Vikingboard 0.2 Beta SQL Column Truncation
Vikingboard 0.2 Beta - SQL Column Truncation
WinFTP Server 2.3.0 - (NLST) Denial of Service Exploit
WinFTP Server 2.3.0 - (NLST) Denial of Service
Chilkat IMAP ActiveX 7.9 - File Execution / IE DoS Exploit
Chilkat IMAP ActiveX 7.9 - File Execution / IE Denial of Service
Google Chrome 0.2.149.30 Window Object Suppressing DoS Exploit
Google Chrome 0.2.149.30 Window Object Suppressing Denial of Service
Opera 9.52 Window Object Suppressing Remote Denial of Service Exploit
Microsoft Windows Explorer - (.zip) Denial of Service Exploit
Opera 9.52 Window Object Suppressing Remote Denial of Service
Microsoft Windows Explorer - (.zip) Denial of Service
Autodesk DWF Viewer Control / LiveUpdate Module Remote Exploit
Autodesk DWF Viewer Control / LiveUpdate Module - Remote Exploit
VBA32 Personal Antivirus 3.12.8.x - (malformed archive) DoS Exploit
VBA32 Personal Antivirus 3.12.8.x - (malformed archive) Denial of Service
Skype extension for Firefox BETA 2.2.0.95 Clipboard Writing
Skype extension for Firefox BETA 2.2.0.95 - Clipboard Writing
WinFTP 2.3.0 - (PASV mode) Remote Denial of Service Exploit
WinFTP 2.3.0 - (PASV mode) Remote Denial of Service
NoticeWare E-mail Server 5.1.2.2 - (POP3) Pre-Auth DoS Exploit
NoticeWare E-mail Server 5.1.2.2 - (POP3) Pre-Auth Denial of Service
GuildFTPd 0.999.8.11/0.999.14 - Heap Corruption PoC/DoS Exploit
GuildFTPd 0.999.8.11/0.999.14 - Heap Corruption PoC/Denial of Service
XM Easy Personal FTP Server 5.6.0 - Remote Denial of Service Exploit
RaidenFTPD 2.4 build 3620 - Remote Denial of Service Exploit
XM Easy Personal FTP Server 5.6.0 - Remote Denial of Service
RaidenFTPD 2.4 build 3620 - Remote Denial of Service
Titan FTP server 6.26 build 630 - Remote Denial of Service Exploit
Titan FTP server 6.26 build 630 - Remote Denial of Service
Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote DoS Exploit
Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote Denial of Service
Dart Communications PowerTCP FTP module Remote BoF Exploit
Dart Communications PowerTCP FTP module - Remote BoF Exploit
SilverSHielD 1.0.2.34 - (opendir) Denial of Service Exploit
SilverSHielD 1.0.2.34 - (opendir) Denial of Service
vicFTP 5.0 - (LIST) Remote Denial of Service Exploit
vicFTP 5.0 - (LIST) Remote Denial of Service
PumpKIN TFTP Server 2.7.2.0 - Denial of Service Exploit (Metasploit)
PumpKIN TFTP Server 2.7.2.0 - Denial of Service (Metasploit)
PacketTrap TFTPD 2.2.5459.0 - Remote Denial of Service Exploit
PacketTrap TFTPD 2.2.5459.0 - Remote Denial of Service
Bloggie Lite 0.0.2 Beta SQL Injection by Insecure Cookie Handling
Bloggie Lite 0.0.2 Beta - SQL Injection by Insecure Cookie Handling
ExoPHPDesk 1.2 Final (Auth Bypass) SQL Injection
ExoPHPDesk 1.2 Final - (Auth Bypass) SQL Injection
Pi3Web 2.0.3 - (ISAPI) Remote Denial of Service Exploit
Pi3Web 2.0.3 - (ISAPI) Remote Denial of Service
LoveCMS 1.6.2 Final (Simple Forum 3.1d) Change Admin Password Exploit
LoveCMS 1.6.2 Final (Simple Forum 3.1d) - Change Admin Password Exploit
Microsoft Office Communicator (SIP) Remote Denial of Service Exploit
Microsoft Office Communicator (SIP) Remote Denial of Service
OpenForum 0.66 Beta Remote Reset Admin Password Exploit
OpenForum 0.66 Beta - Remote Reset Admin Password Exploit
Linux Kernel 2.6.27.8 - ATMSVC Local Denial of Service Exploit
Linux Kernel 2.6.27.8 - ATMSVC Local Denial of Service
Linux Kernel 2.6.27.7-generic / 2.6.18 / 2.6.24-1 - Local DoS Exploit
Linux Kernel 2.6.27.7-generic / 2.6.18 / 2.6.24-1 - Local Denial of Service
Avahi < 0.6.24 - (mDNS Daemon) Remote Denial of Service Exploit
Avahi < 0.6.24 - (mDNS Daemon) Remote Denial of Service
Linksys Wireless ADSL Router (WAG54G v2) - httpd DoS Exploit
Linksys Wireless ADSL Router (WAG54G v2) - httpd Denial of Service
Psi Jabber Client (8010/tcp) Remote Denial of Service Exploit (win/lin)
PGP Desktop 9.0.6 - (PGPwded.sys) Local Denial of Service Exploit
Psi Jabber Client (8010/tcp) Remote Denial of Service (win/lin)
PGP Desktop 9.0.6 - (PGPwded.sys) Local Denial of Service
VMware 2.5.1 - (Vmware-authd) Remote Denial of Service Exploit
VMware 2.5.1 - (Vmware-authd) Remote Denial of Service
SeaMonkey 1.1.14 - (marquee) Denial of Service Exploit
SeaMonkey 1.1.14 - (marquee) Denial of Service
Microsoft Internet Explorer - JavaScript screen[ ] Denial of Service Exploit
Microsoft Internet Explorer - JavaScript screen[ ] Denial of Service
Winamp 5.541 - (mp3/aiff) Multiple Denial of Service Exploits
Winamp 5.541 - (mp3/aiff) Multiple Denial of Services
Cisco VLAN Trunking Protocol Denial of Service Exploit
Cisco VLAN Trunking Protocol Denial of Service
Novell Netware 6.5 - (ICEbrowser) Remote System DoS Exploit
Novell Netware 6.5 - (ICEbrowser) Remote System Denial of Service
D-Bus Daemon < 1.2.4 - (libdbus) Denial of Service Exploit
D-Bus Daemon < 1.2.4 - (libdbus) Denial of Service
TxtBlog 1.0 Alpha Remote Command Execution Exploit
TxtBlog 1.0 Alpha - Remote Command Execution Exploit
GR Note 0.94 beta (Auth Bypass) Remote Database Backup
GR Note 0.94 beta - (Auth Bypass) Remote Database Backup
Squid < 3.1 5 - HTTP Version Number Parsing Denial of Service Exploit
Squid < 3.1 5 - HTTP Version Number Parsing Denial of Service
BlueBird Pre-Release (Auth Bypass) SQL Injection
BlueBird Pre-Release - (Auth Bypass) SQL Injection
Got All Media 7.0.0.3 - (t00t) Remote Denial of Service Exploit
Got All Media 7.0.0.3 - (t00t) Remote Denial of Service
HTC Touch vCard over IP Denial of Service Exploit
HTC Touch vCard over IP Denial of Service
Yaws < 1.80 - (multiple headers) Remote Denial of Service Exploit
Yaws < 1.80 - (multiple headers) Remote Denial of Service
Multiple Vendors libc:fts_*() - Local Denial of Service Exploit
Multiple Vendors libc:fts_*() - Local Denial of Service
Addonics NAS Adapter Post-Auth Denial of Service Exploit
Addonics NAS Adapter Post-Auth Denial of Service
Serv-U 7.4.0.1 - (SMNT) Denial of Service Exploit (post auth)
VLC 0.9.8a Web UI (input) Remote Denial of Service Exploit
Serv-U 7.4.0.1 - (SMNT) Denial of Service (post auth)
VLC 0.9.8a Web UI (input) Remote Denial of Service
SW-HTTPD Server 0.x - Remote Denial of Service Exploit
SW-HTTPD Server 0.x - Remote Denial of Service
XM Easy Personal FTP Server 5.7.0 - (NLST) DoS Exploit
XM Easy Personal FTP Server 5.7.0 - (NLST) Denial of Service
Sami HTTP Server 2.x - (HEAD) Remote Denial of Service Exploit
Sami HTTP Server 2.x - (HEAD) Remote Denial of Service
IBM DB2 < 9.5 pack 3a - Connect Denial of Service Exploit
IBM DB2 < 9.5 pack 3a - Data Stream Denial of Service Exploit
IBM DB2 < 9.5 pack 3a - Connect Denial of Service
IBM DB2 < 9.5 pack 3a - Data Stream Denial of Service
Steamcast 0.9.75b Remote Denial of Service Exploit
OpenBSD 4.5 IP datagram Null Pointer Deref DoS Exploit
Steamcast 0.9.75b Remote Denial of Service
OpenBSD 4.5 IP datagram Null Pointer Deref Denial of Service
Microsoft Media Player - (quartz.dll .mid) Denial of Service Exploit
Microsoft Media Player - (quartz.dll .mid) Denial of Service
Addonics NAS Adapter (bts.cgi) Remote DoS Exploit (post-auth)
Addonics NAS Adapter (bts.cgi) Remote Denial of Service (post-auth)
Zervit Web Server 0.3 - Remote Denial of Service Exploit
Zervit Web Server 0.3 - Remote Denial of Service
Xitami Web Server 5.0 - Remote Denial of Service Exploit
Xitami Web Server 5.0 - Remote Denial of Service
iodined 0.4.2-2 - (forged DNS packet) Denial of Service Exploit
iodined 0.4.2-2 - (forged DNS packet) Denial of Service
Addonics NAS Adapter FTP Remote Denial of Service Exploit
Addonics NAS Adapter FTP Remote Denial of Service
Mortbay Jetty 7.0.0-pre5 Dispatcher Servlet Denial of Service Exploit
Mortbay Jetty 7.0.0-pre5 Dispatcher Servlet Denial of Service
TYPSoft FTP Server 1.11 - (ABORT) Remote DoS Exploit
TYPSoft FTP Server 1.11 - (ABORT) Remote Denial of Service
Mereo 1.8.0 - (Get Request) Remote Denial of Service Exploit
Mereo 1.8.0 - (Get Request) Remote Denial of Service
DGNews 3.0 Beta (id) SQL Injection
DGNews 3.0 Beta - (id) SQL Injection
Mozilla Firefox (unclamped loop) Denial of Service Exploit
Mozilla Firefox (unclamped loop) Denial of Service
Mozilla Firefox 3.0.10 - (KEYGEN) Remote Denial of Service Exploit
Mozilla Firefox 3.0.10 - (KEYGEN) Remote Denial of Service
Apache mod_dav / svn Remote Denial of Service Exploit
Apache mod_dav / svn Remote Denial of Service
OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit
OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote Denial of Service
LinkLogger 2.4.10.15 - (syslog) Denial of Service Exploit
LinkLogger 2.4.10.15 - (syslog) Denial of Service
ARD-9808 DVR Card Security Camera (GET Request) Remote DoS Exploit
ARD-9808 DVR Card Security Camera (GET Request) Remote Denial of Service
FreeBSD 6/8 - (ata device) Local Denial of Service Exploit
FreeBSD 6/8 - (ata device) Local Denial of Service
Multiple Web Browsers Denial of Service Exploit (1 bug to rule them all)
Multiple Web Browsers Denial of Service (1 bug to rule them all)
FreeBSD 7.2 - (pecoff executable) Local Denial of Service Exploit
FreeBSD 7.2 - (pecoff executable) Local Denial of Service
E-Xoopport 3.1 Module MyAnnonces (lid) SQL Injection
E-Xoopport 3.1 Module MyAnnonces - (lid) SQL Injection
OpenH323 Opal SIP Protocol Remote Denial of Service Exploit
Ekiga 2.0.5 - (GetHostAddress) Remote Denial of Service Exploit
WzdFTPD 8.0 - Remote Denial of Service Exploit
OpenH323 Opal SIP Protocol Remote Denial of Service
Ekiga 2.0.5 - (GetHostAddress) Remote Denial of Service
WzdFTPD 8.0 - Remote Denial of Service
FreeBSD 7.2-RELEASE - SCTP Local Kernel Denial of Service Exploit
FreeBSD 7.2-RELEASE - SCTP Local Kernel Denial of Service
Linux Kernel < 2.6.30.5 cfg80211 - Remote Denial of Service Exploit
Linux Kernel < 2.6.30.5 cfg80211 - Remote Denial of Service
TheGreenBow VPN Client tgbvpn.sys Local DoS Exploit
TheGreenBow VPN Client tgbvpn.sys Local Denial of Service
HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service Exploit
HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service
KSP 2006 FINAL (.M3U) Universal Local Buffer Exploit (SEH)
KSP 2006 FINAL - (.M3U) Universal Local Buffer Exploit (SEH)
Xerox WorkCentre Multiple Models Denial of Service Exploit
Cerberus FTP 3.0.1 - (ALLO) Remote Overflow DoS Exploit (Metasploit)
Xerox WorkCentre Multiple Models Denial of Service
Cerberus FTP 3.0.1 - (ALLO) Remote Overflow Denial of Service (Metasploit)
TFTPUtil GUI 1.3.0 - Remote Denial of Service Exploit
TFTPUtil GUI 1.3.0 - Remote Denial of Service
SolarWinds TFTP Server 9.2.0.111 - Remote DoS Exploit
SolarWinds TFTP Server 9.2.0.111 - Remote Denial of Service
Re-Script 0.99 Beta (listings.php op) SQL Injection
Re-Script 0.99 Beta - (listings.php op) SQL Injection
Novell eDirectory 8.8 SP5 - Remote Denial of Service Exploit
Novell eDirectory 8.8 SP5 - Remote Denial of Service
Safari 3.2.3 - (Win32) JavaScript (eval) Remote DoS Exploit
Safari 3.2.3 - (Win32) JavaScript (eval) Remote Denial of Service
WarFTPd 1.82.00-RC12 - (LIST command) Format String DoS Exploit
WarFTPd 1.82.00-RC12 - (LIST command) Format String Denial of Service
FreeRadius < 1.1.8 - Zero-length Tunnel-Password DoS Exploit
FreeRadius < 1.1.8 - Zero-length Tunnel-Password Denial of Service
httpdx Web Server 1.4 - (Host Header) Remote Format String DoS Exploit
httpdx Web Server 1.4 - (Host Header) Remote Format String Denial of Service
FtpXQ FTP Server 3.0 - Remote Denial of Service Exploit (Auth)
FtpXQ FTP Server 3.0 - Remote Denial of Service (Auth)
Cerberus FTP Server 3.0.3 - Remote Denial of Service Exploit
Cerberus FTP Server 3.0.3 - Remote Denial of Service
FTPDMIN 0.96 - (LIST) Remote Denial of Service Exploit
FTPDMIN 0.96 - (LIST) Remote Denial of Service
Safari 4.0.3 - (Win32) CSS Remote Denial of Service Exploit
Safari 4.0.3 - (Win32) CSS Remote Denial of Service
PHP < 5.3.1 - 'multipart/form-data' Denial of Service Exploit (Python)
PHP < 5.3.1 - 'multipart/form-data' Denial of Service (Python)
Drupal Sections Module XSS
Drupal Sections Module - XSS
3Com OfficeConnect Routers - Remote DoS Exploit
3Com OfficeConnect Routers - Remote Denial of Service
TFTP Daemon 1.9 - Denial of Service Exploit
TFTP Daemon 1.9 - Denial of Service
SimplePlayer 0.2 - (.wav) Overflow DoS Exploit (0Day)
SimplePlayer 0.2 - (.wav) Overflow Denial of Service (0Day)
Joomla Component com_abbrev Local File Inclusion
Joomla Component com_abbrev - Local File Inclusion
iOS Udisk FTP Basic Edition - Remote DoS Exploit (0Day)
iOS Udisk FTP Basic Edition - Remote Denial of Service (0Day)
P2GChinchilla HTTP Server 1.1.1 - Denial of Service Exploit
P2GChinchilla HTTP Server 1.1.1 - Denial of Service
iOS Serversman 3.1.5 - HTTP Remote DoS Exploit
iOS Serversman 3.1.5 - HTTP Remote Denial of Service
Opera 10.10 - Remote Code Execution DoS Exploit
Opera 10.10 - Remote Code Execution Denial of Service
Mozilla Firefox 3.6 - (Multitudinous looping) Denial of Service Exploit
Mozilla Firefox 3.6 - (Multitudinous looping) Denial of Service
Microsoft Internet Explorer 8 - (Multitudinous looping) Denial of Service Exploit
Microsoft Internet Explorer 8 - (Multitudinous looping) Denial of Service
iOS My DBLite Edition - Remote DoS Exploit (0Day)
iOS My DBLite Edition - Remote Denial of Service (0Day)
iOS FileApp 1.7 - Remote DoS Exploit
iOS FileApp 1.7 - Remote Denial of Service
iOS iFTPStorage 1.2 - Remote DoS Exploit
iOS iFTPStorage 1.2 - Remote Denial of Service
Winamp 5.57 - (Browser) IE Denial of Service Exploit
Winamp 5.57 - (Browser) IE Denial of Service
VKPlayer 1.0 - (.mid) Denial of Service Exploit
VKPlayer 1.0 - (.mid) Denial of Service
iPhone FTP Server By Zhang Boyang Remote DoS Exploit
iPhone FTP Server By Zhang Boyang Remote Denial of Service
Mozilla Firefox 3.6 - Denial of Service Exploit
Mozilla Firefox 3.6 - Denial of Service
Fw-BofF (oolime-resurrection) 1.5.3beta - Multiple Remote Include
Fw-BofF (oolime-resurrection) 1.5.3beta - Multiple Remote File Inclusion
PowieSys 0.7.7 alpha index.php (shownews) SQL Injection
PowieSys 0.7.7 alpha - index.php (shownews) SQL Injection
BitComet 1.19 - Remote DoS Exploit
BitComet 1.19 - Remote Denial of Service
ALPHA CMS Local File Inclusion
ALPHA CMS - Local File Inclusion
uTorrent WebUI 0.370 - Authorization header DoS Exploit
uTorrent WebUI 0.370 - Authorization header Denial of Service
Microsoft Office (2010 beta) Communicator SIP Denial of Service Exploit
Foxit Reader 3.2.1.0401 - Denial of Service Exploit
Microsoft Office (2010 beta) Communicator SIP Denial of Service
Foxit Reader 3.2.1.0401 - Denial of Service
Joomla Component JTM Reseller 1.9 Beta SQL Injection
Joomla Component JTM Reseller 1.9 Beta - SQL Injection
EDraw Flowchart ActiveX Control 2.3 - (EDImage.ocx) Remote DoS Exploit (IE)
EDraw Flowchart ActiveX Control 2.3 - (EDImage.ocx) Remote Denial of Service (IE)
Webmoney Advisor ActiveX Remote DoS Exploit
Webmoney Advisor ActiveX Remote Denial of Service
Apple Safari 4.0.3 - (Win32) CSS Remote Denial of Service Exploit
Apple Safari 4.0.3 - (Win32) CSS Remote Denial of Service
Press Release Script (page.php id) SQL Injection
Press Release Script - (page.php id) SQL Injection
dotWidget for articles 2.0 admin/editconfig.php Multiple Parameter Remote File Inclusion
dotWidget for articles 2.0 - admin/editconfig.php Multiple Parameter Remote File Inclusion
HomeFTP Server r1.10.3 - (build 144) Denial of Service Exploit
HomeFTP Server r1.10.3 - (build 144) Denial of Service
Solarwinds 10.4.0.13 - Denial of Service Exploit
Solarwinds 10.4.0.13 - Denial of Service
EZPX Photoblog 1.2 beta Remote File Inclusion Exploit
EZPX Photoblog 1.2 beta - Remote File Inclusion Exploit
Drupal Sections 5.x-1.2/6.x-1.2 Module HTML Injection
Drupal Sections 5.x-1.2/6.x-1.2 Module - HTML Injection
MP3 Cutter 1.5 - DoS Exploit
MP3 Cutter 1.5 - Denial of Service
Really Simple IM 1.3beta DoS Proof of Concept
Really Simple IM 1.3beta - DoS Proof of Concept
QQ Computer Manager TSKsp.sys Local Denial of Service Exploit
QQ Computer Manager TSKsp.sys Local Denial of Service
SmartCode ServerX VNC Server ActiveX 1.1.5.0 - (scvncsrvx.dll) DoS Exploit
SmartCode ServerX VNC Server ActiveX 1.1.5.0 - (scvncsrvx.dll) Denial of Service
VMware Workstation 7.1.1 - VMkbd.sys Denial of Service Exploit
VMware Workstation 7.1.1 - VMkbd.sys Denial of Service
iOS FileApp < 2.0 - FTP Remote Denial of Service Exploit
iOS FileApp < 2.0 - FTP Remote Denial of Service
AVG Internet Security 9.0.851 - Local Denial of Service Exploit
AVG Internet Security 9.0.851 - Local Denial of Service
GSPlayer 1.83a Win32 Release Buffer Overflow
GSPlayer 1.83a Win32 Release - Buffer Overflow
Sami HTTP Server 2.0.1 - GET Request Denial of Service Exploit
Sami HTTP Server 2.0.1 - GET Request Denial of Service
PCSX2 0.9.7 beta Binary Denial of Service
PCSX2 0.9.7 beta - Binary Denial of Service
HttpBlitz Web Server Denial of Service Exploit
HttpBlitz Web Server Denial of Service
Xynph 1.0 USER Denial of Service Exploit
Xynph 1.0 USER Denial of Service
Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys 2011.1.13.89 - Local Kernel Mode DoS Exploit
Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys 2011.1.13.89 - Local Kernel Mode Denial of Service
Solar FTP 2.1 - Denial of Service Exploit
Solar FTP 2.1 - Denial of Service
Victory FTP Server 5.0 - Denial of Service Exploit
Victory FTP Server 5.0 - Denial of Service
TWiki History TWikiUsers rev Parameter Command Execution
TWiki History TWikiUsers - rev Parameter Command Execution
AVIPreview 0.26 Alpha Denial of Service
AVIPreview 0.26 Alpha - Denial of Service
Microsoft Windows XP - afd.sys Local Kernel DoS Exploit
Microsoft Windows XP - afd.sys Local Kernel Denial of Service
Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel DoS Exploit
Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel Denial of Service
Adobe Reader/Acrobat 10.0.1 DoS Exploit
Adobe Reader/Acrobat 10.0.1 Denial of Service
Omnicom Alpha 4.0e LPD Server DoS
Omnicom Alpha 4.0e LPD Server - DoS
OpenSLP 1.2.1 / < 1647 trunk - Denial of Service Exploit
OpenSLP 1.2.1 / < 1647 trunk - Denial of Service
World Of Warcraft Local Stack Overflow DoS Exploit (chat-cache.txt)
World Of Warcraft Local Stack Overflow Denial of Service (chat-cache.txt)
TOWeb 3.0 - Local Format String DoS Exploit (TOWeb.MO file corruption)
TOWeb 3.0 - Local Format String Denial of Service (TOWeb.MO file corruption)
1024 CMS 1.1.0 Beta force_download.php Local File Inclusion
1024 CMS 1.1.0 Beta - force_download.php Local File Inclusion
FleaHttpd Remote Denial of Service Exploit
FleaHttpd Remote Denial of Service
ComSndFTP Server 1.3.7 Beta Remote Format String Overflow
ComSndFTP Server 1.3.7 Beta - Remote Format String Overflow
Play [EX] 2.1 - Playlist File (M3U/PLS/LST) DoS Exploit
Play [EX] 2.1 - Playlist File (M3U/PLS/LST) Denial of Service
Windows OpenType Font - File Format DoS Exploit
Windows OpenType Font - File Format Denial of Service
HP JetAdmin 1.0.9 Rev. D symlink
HP JetAdmin 1.0.9 Rev. D - symlink
Microsoft Site Server Commerce Edition 3.0 alpha AdSamples
Microsoft Site Server Commerce Edition 3.0 alpha - AdSamples Sensitive Information
Daniel Beckham The Finger Server 0.82 BETA Pipe
Daniel Beckham The Finger Server 0.82 BETA - Pipe
Sambar Server 4.2 beta 7 Batch CGI
Sambar Server 4.2 beta 7 - Batch CGI
DomsHttpd 1.0 - Remote Denial of Service Exploit
DomsHttpd 1.0 - Remote Denial of Service
Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta Mail Logging Buffer Overflow (1)
Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta Mail Logging Buffer Overflow (2)
Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta Mail Logging Buffer Overflow (3)
Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta - Mail Logging Buffer Overflow (1)
Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta - Mail Logging Buffer Overflow (2)
Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta - Mail Logging Buffer Overflow (3)
Ethereal 0.8.4/0.8.5/0.8.6_tcpdump 3.4/3.5 alpha DNS Decode (1)
Ethereal 0.8.4/0.8.5/0.8.6_tcpdump 3.4/3.5 alpha DNS Decode (2)
Ethereal 0.8.4/0.8.5/0.8.6_tcpdump 3.4/3.5 alpha - DNS Decode (1)
Ethereal 0.8.4/0.8.5/0.8.6_tcpdump 3.4/3.5 alpha - DNS Decode (2)
Real Networks Real Server 7.0/7.0.1/8.0 Beta View-Source DoS
Real Networks Real Server 7.0/7.0.1/8.0 Beta - View-Source DoS
Omnicron OmniHTTPD 1.1/2.0 Alpha 1 visiadmin.exe Denial of Service
Omnicron OmniHTTPD 1.1/2.0 Alpha 1 - visiadmin.exe Denial of Service
Sun Java Web Server 1.1 Beta Viewable .jhtml Source
Sun Java Web Server 1.1 Beta - Viewable .jhtml Source
HP JetDirect rev. G.08.x/rev. H.08.x/x.08.x/J3111A LCD Display Modification
HP JetDirect rev. G.08.x/rev. H.08.x/x.08.x/J3111A - LCD Display Modification
Sambar Server 4.1 beta Admin Access
Sambar Server 4.1 beta - Admin Access
Alpha Networks ADSL2/2+ Wireless Router ASL-26555 Password Disclosure
Alpha Networks ADSL2/2+ Wireless Router ASL-26555 - Password Disclosure
Cisco IOS 12 UDP Denial of Service
Cisco IOS 12 - UDP Denial of Service
XMB Forum 1.6 pre-beta Image Tag Script Injection
XMB Forum 1.6 pre-beta - Image Tag Script Injection
DCShop Beta 1.0 Form Manipulation
DCShop Beta 1.0 - Form Manipulation
Cisco IOS 11.x/12.0 ICMP Redirect Denial of Service
Cisco IOS 11.x/12.0 - ICMP Redirect Denial of Service
SmartMail Server 1.0 BETA 10 Oversized Request Denial of Service
SmartMail Server 1.0 BETA 10 - Oversized Request Denial of Service
Ultimate PHP Board 1.0 final beta ViewTopic.php Directory Contents Browsing
Ultimate PHP Board Board 1.0 final beta ViewTopic.php Cross-Site Scripting
Ultimate PHP Board 1.0 final beta - ViewTopic.php Directory Contents Browsing
Ultimate PHP Board Board 1.0 final beta - ViewTopic.php Cross-Site Scripting
N/X Web Content Management System 2002 Prerelease 1 datasets.php c_path Parameter LFI
N/X Web Content Management System 2002 Prerelease 1 - datasets.php c_path Parameter LFI
PHPOutsourcing Zorum 3.x - Remote Include Command Execution
PHPOutsourcing Zorum 3.x - Remote File Inclusion Command Execution
Sage 1.0 beta 3 Content Management System Path Disclosure
Sage 1.0 beta 3 Content Management System Cross-Site Scripting
Sage 1.0 beta 3 - Content Management System Path Disclosure
Sage 1.0 beta 3 - Content Management System Cross-Site Scripting
E-theni Remote Include Command Execution
E-theni Remote File Inclusion Command Execution
BZFlag 1.7 g0 Reconnect Denial of Service
BZFlag 1.7 g0 - Reconnect Denial of Service
Apple QuickTime/Darwin Streaming Server 4.1.3 QTSSReflector Module Integer Overflow
Apple QuickTime/Darwin Streaming Server 4.1.3 QTSSReflector Module - Integer Overflow
PMachine 2.2.1 Lib.Inc.php Remote Include Command Execution
PMachine 2.2.1 Lib.Inc.php Remote File Inclusion Command Execution
PHPForum 2.0 RC1 Mainfile.php Remote File Inclusion
PHPForum 2.0 RC1 - Mainfile.php Remote File Inclusion
IdealBB 1.4.9 Beta HTML Injection
IdealBB 1.4.9 Beta - HTML Injection
Escapade 0.2.1 Beta Scripting Engine PAGE Parameter Cross-Site Scripting
Escapade 0.2.1 Beta Scripting Engine PAGE Parameter Path Disclosure
Escapade 0.2.1 Beta Scripting Engine - PAGE Parameter Cross-Site Scripting
Escapade 0.2.1 Beta Scripting Engine - PAGE Parameter Path Disclosure
Koch Roland Rolis Guestbook 1.0 $path Remote File Inclusion
Koch Roland Rolis Guestbook 1.0 - $path Remote File Inclusion
My_EGallery Module 3.1.1 - Remote Include Command Injection
My_EGallery Module 3.1.1 - Remote File Inclusion Command Injection
Apache 2.0.4x mod_php Module File Descriptor Leakage (1)
Apache 2.0.4x mod_php Module File Descriptor Leakage (2)
Apache 2.0.4x mod_php Module - File Descriptor Leakage (1)
Apache 2.0.4x mod_php Module - File Descriptor Leakage (2)
Apache 2.0.4x mod_perl Module File Descriptor Leakage
Apache 2.0.4x mod_perl Module - File Descriptor Leakage
Laurent Adda Les Commentaires 2.0 PHP Script fonctions.lib.php Remote File Inclusion
Laurent Adda Les Commentaires 2.0 PHP Script derniers_commentaires.php Remote File Inclusion
Laurent Adda Les Commentaires 2.0 PHP Script admin.php Remote File Inclusion
Laurent Adda Les Commentaires 2.0 - PHP Script fonctions.lib.php Remote File Inclusion
Laurent Adda Les Commentaires 2.0 - PHP Script derniers_commentaires.php Remote File Inclusion
Laurent Adda Les Commentaires 2.0 - PHP Script admin.php Remote File Inclusion
NewsTraXor Website Management Script 2.9 beta Database Disclosure
NewsTraXor Website Management Script 2.9 beta - Database Disclosure
Adam Webb NukeJokes 1.7/2.0 Module modules.php jokeid Parameter SQL Injection
Adam Webb NukeJokes 1.7/2.0 Module - modules.php jokeid Parameter SQL Injection
PHP 4/5 Input/Output Wrapper Remote Include Function Command Execution Weakness
PHP 4/5 Input/Output Wrapper Remote File Inclusion Function Command Execution Weakness
Sambar Server 6.1 beta 2 show.asp show Parameter XSS
Sambar Server 6.1 beta 2 showperf.asp title Parameter XSS
Sambar Server 6.1 beta 2 showini.asp Arbitrary File Access
Sambar Server 6.1 beta 2 - show.asp show Parameter XSS
Sambar Server 6.1 beta 2 - showperf.asp title Parameter XSS
Sambar Server 6.1 beta 2 - showini.asp Arbitrary File Access
EasyWeb 1.0 FileManager Module Directory Traversal
EasyWeb 1.0 FileManager Module - Directory Traversal
EasyIns Stadtportal 4.0 Site Parameter Remote File Inclusion
EasyIns Stadtportal 4.0 - Site Parameter Remote File Inclusion
Free Web Chat Initial Release UserManager.java Null Pointer DoS
Free Web Chat Initial Release Connection Saturation DoS
Free Web Chat Initial Release - UserManager.java Null Pointer DoS
Free Web Chat Initial Release - Connection Saturation DoS
Cerulean Studios Trillian Client 0.74 MSN Module Remote Buffer Overflow
Cerulean Studios Trillian Client 0.74 MSN Module - Remote Buffer Overflow
TP-Link TL-WR740N Wireless Router - Denial of Service Exploit
TP-Link TL-WR740N Wireless Router - Denial of Service
Singapore 0.9.11 beta Image Gallery Index.php Cross-Site Scripting
Singapore 0.9.11 beta Image Gallery - Index.php Cross-Site Scripting
Datenbank Module For PHPBB Remote Mod.php Cross-Site Scripting
Datenbank Module For PHPBB - Remote Mod.php Cross-Site Scripting
Convert-UUlib 1.04/1.05 Perl Module Buffer Overflow
Convert-UUlib 1.04/1.05 Perl Module - Buffer Overflow
Atomic Photo Album 0.x/1.0 Apa_PHPInclude.INC.php Remote File Inclusion
Atomic Photo Album 0.x/1.0 - Apa_PHPInclude.INC.php Remote File Inclusion
Comdev ECommerce 3.0 Config.php Remote File Inclusion
Comdev ECommerce 3.0 - Config.php Remote File Inclusion
PHPTB Topic Board 2.0 admin_o.php absolutepath Parameter Remote File Inclusion
PHPTB Topic Board 2.0 board_o.php absolutepath Parameter Remote File Inclusion
PHPTB Topic Board 2.0 dev_o.php absolutepath Parameter Remote File Inclusion
PHPTB Topic Board 2.0 file_o.php absolutepath Parameter Remote File Inclusion
PHPTB Topic Board 2.0 tech_o.php absolutepath Parameter Remote File Inclusion
PHPTB Topic Board 2.0 - admin_o.php absolutepath Parameter Remote File Inclusion
PHPTB Topic Board 2.0 - board_o.php absolutepath Parameter Remote File Inclusion
PHPTB Topic Board 2.0 - dev_o.php absolutepath Parameter Remote File Inclusion
PHPTB Topic Board 2.0 - file_o.php absolutepath Parameter Remote File Inclusion
PHPTB Topic Board 2.0 - tech_o.php absolutepath Parameter Remote File Inclusion
PHPWebNotes 2.0 Api.php Remote File Inclusion
PHPWebNotes 2.0 - Api.php Remote File Inclusion
CMS Made Simple 0.10 Lang.php Remote File Inclusion
CMS Made Simple 0.10 - Lang.php Remote File Inclusion
MusicBee 2.0.4663 - (.m3u) Denial of Service Exploit
MusicBee 2.0.4663 - (.m3u) Denial of Service
Help Center Live 1.0/1.2/2.0 Module.php Local File Inclusion
Help Center Live 1.0/1.2/2.0 - Module.php Local File Inclusion
Edgewall Software Trac 0.9 Ticket Query Module SQL Injection
Edgewall Software Trac 0.9 Ticket Query Module - SQL Injection
Thwboard Beta 2.8 calendar.php year Parameter SQL Injection
Thwboard Beta 2.8 v_profile.php user Parameter SQL Injection
Thwboard Beta 2.8 misc.php userid Parameter SQL Injection
Thwboard Beta 2.8 - calendar.php year Parameter SQL Injection
Thwboard Beta 2.8 - v_profile.php user Parameter SQL Injection
Thwboard Beta 2.8 - misc.php userid Parameter SQL Injection
Bitweaver 1.1.1 beta list_galleries.php sort_mode Parameter XSS
Bitweaver 1.1.1 beta - list_galleries.php sort_mode Parameter XSS
OABoard 1.0 Forum Script Remote File Inclusion
OABoard 1.0 Forum - Script Remote File Inclusion
InTouch 0.5.1 Alpha User Variable SQL Injection
InTouch 0.5.1 Alpha - User Variable SQL Injection
LinPHA 0.9.x/1.0 install.php language Parameter Local File Inclusion
LinPHA 0.9.x/1.0 sec_stage_install.php language Parameter Local File Inclusion
LinPHA 0.9.x/1.0 forth_stage_install.php language Variable POST Method Local File Inclusion
LinPHA 0.9.x/1.0 - install.php language Parameter Local File Inclusion
LinPHA 0.9.x/1.0 - sec_stage_install.php language Parameter Local File Inclusion
LinPHA 0.9.x/1.0 - forth_stage_install.php language Variable POST Method Local File Inclusion
Dotproject 2.0 /includes/db_connect.php baseDir Remote File Inclusion
Dotproject 2.0 /includes/session.php baseDir Parameter Remote File Inclusion
Dotproject 2.0 - /includes/db_connect.php baseDir Remote File Inclusion
Dotproject 2.0 - /includes/session.php baseDir Parameter Remote File Inclusion
Dotproject 2.0 /modules/admin/vw_usr_roles.php baseDir Parameter Remote File Inclusion
Dotproject 2.0 /modules/public/calendar.php baseDir Parameter Remote File Inclusion
Dotproject 2.0 /modules/public/date_format.php baseDir Parameter Remote File Inclusion
Dotproject 2.0 /modules/tasks/gantt.php baseDir Parameter Remote File Inclusion
Dotproject 2.0 - /modules/admin/vw_usr_roles.php baseDir Parameter Remote File Inclusion
Dotproject 2.0 - /modules/public/calendar.php baseDir Parameter Remote File Inclusion
Dotproject 2.0 - /modules/public/date_format.php baseDir Parameter Remote File Inclusion
Dotproject 2.0 - /modules/tasks/gantt.php baseDir Parameter Remote File Inclusion
Web Host Automation Ltd. Helm 3.2.10 beta domains.asp txtDomainName Parameter XSS
Web Host Automation Ltd. Helm 3.2.10 beta default.asp Multiple Parameter XSS
Web Host Automation Ltd. Helm 3.2.10 beta - domains.asp txtDomainName Parameter XSS
Web Host Automation Ltd. Helm 3.2.10 beta - default.asp Multiple Parameter XSS
CutePHP CuteNews 1.4.1 Editnews Module Cross-Site Scripting
CutePHP CuteNews 1.4.1 Editnews Module - Cross-Site Scripting
RadScripts RadLance 7.0 Popup.php Local File Inclusion
RadScripts RadLance 7.0 - Popup.php Local File Inclusion
dotWidget for articles 2.0 showcatpicks.php file_path Parameter Remote File Inclusion
dotWidget for articles 2.0 showarticle.php file_path Parameter Remote File Inclusion
dotWidget for articles 2.0 admin/authors.php Multiple Parameter Remote File Inclusion
dotWidget for articles 2.0 admin/articles.php Multiple Parameter Remote File Inclusion
dotWidget for articles 2.0 admin/index.php Multiple Parameter Remote File Inclusion
dotWidget for articles 2.0 admin/categories.php Multiple Parameter Remote File Inclusion
dotWidget for articles 2.0 - showcatpicks.php file_path Parameter Remote File Inclusion
dotWidget for articles 2.0 - showarticle.php file_path Parameter Remote File Inclusion
dotWidget for articles 2.0 - admin/authors.php Multiple Parameter Remote File Inclusion
dotWidget for articles 2.0 - admin/articles.php Multiple Parameter Remote File Inclusion
dotWidget for articles 2.0 - admin/index.php Multiple Parameter Remote File Inclusion
dotWidget for articles 2.0 - admin/categories.php Multiple Parameter Remote File Inclusion
CrisoftRicette 1.0 Cookbook.php Remote File Inclusion
CrisoftRicette 1.0 - Cookbook.php Remote File Inclusion
MF Piadas 1.0 Admin.php Remote File Inclusion
MF Piadas 1.0 - Admin.php Remote File Inclusion
ExtCalendar 2.0 ExtCalendar.php Remote File Inclusion
ExtCalendar 2.0 - ExtCalendar.php Remote File Inclusion
Calendar Module 1.5.7 For Mambo Com_Calendar.php Remote File Inclusion
Calendar Module 1.5.7 For Mambo - Com_Calendar.php Remote File Inclusion
Lussumo Vanilla 1.0 RootDirectory Remote File Inclusion
Lussumo Vanilla 1.0 - RootDirectory Remote File Inclusion
Bosdates 3.x/4.0 Payment.php Remote File Inclusion
Bosdates 3.x/4.0 - Payment.php Remote File Inclusion
Liga Manager Online 2.0 Joomla! Component Remote File Inclusion
Liga Manager Online 2.0 Joomla! Component - Remote File Inclusion
Knusperleicht FAQ 1.0 Script Index.php Remote File Inclusion
Knusperleicht FAQ 1.0 Script - Index.php Remote File Inclusion
MyWebland miniBloggie 1.0 Fname Remote File Inclusion
MyWebland miniBloggie 1.0 - Fname Remote File Inclusion
PHP-Nuke 2.0 AutoHTML Module Local File Inclusion
PHP-Nuke 2.0 AutoHTML Module - Local File Inclusion
Reporter 1.0 Mambo Component Reporter.sql.php Remote File Inclusion
Reporter 1.0 Mambo Component - Reporter.sql.php Remote File Inclusion
Mambo Rssxt Component 1.0 MosConfig_absolute_path Multiple Remote File Inclusion
Mambo Rssxt Component 1.0 - MosConfig_absolute_path Multiple Remote File Inclusion
Headline Portal Engine 0.x/1.0 HPEInc Parameter Multiple Remote File Inclusion
Headline Portal Engine 0.x/1.0 - HPEInc Parameter Multiple Remote File Inclusion
Mambo/Joomla Com_comprofiler 1.0 Plugin.class.php Remote File Inclusion
Mambo/Joomla Com_comprofiler 1.0 Plugin.- class.php Remote File Inclusion
PHP-Proxima 6.0 BB_Smilies.php Local File Inclusion
PHP-Proxima 6.0 - BB_Smilies.php Local File Inclusion
Hitweb 3.0 REP_CLASS Multiple Remote File Inclusion
Hitweb 3.0 - REP_CLASS Multiple Remote File Inclusion
php_news 2.0 user_user.php language Parameter Remote File Inclusion
php_news 2.0 admin/news.php language Parameter Remote File Inclusion
php_news 2.0 admin/catagory.php language Parameter Remote File Inclusion
php_news 2.0 creat_news_all.php language Parameter Remote File Inclusion
php_news 2.0 - user_user.php language Parameter Remote File Inclusion
php_news 2.0 - admin/news.php language Parameter Remote File Inclusion
php_news 2.0 - admin/catagory.php language Parameter Remote File Inclusion
php_news 2.0 - creat_news_all.php language Parameter Remote File Inclusion
CommunityPortals 1.0 Bug.php Remote File Inclusion
CommunityPortals 1.0 - Bug.php Remote File Inclusion
PHPTreeView 1.0 TreeViewClass.php Remote File Inclusion
PHPTreeView 1.0 - TreeViewClass.php Remote File Inclusion
NewP News Publishing System 1.0 Class.Database.php Remote File Inclusion
NewP News Publishing System 1.0 - Class.Database.php Remote File Inclusion
Boonex 2.0 Dolphin Index.php Remote File Inclusion
Boonex 2.0 Dolphin - Index.php Remote File Inclusion
Apple Mac OS X 10.4.8 UDIF Disk Image Remote Denial of Service
Apple Mac OS X 10.4.8 -UDIF Disk Image Remote Denial of Service
Apple Mac OS X 10.4.8 UDTO Disk Image Remote Denial of Service
Apple Mac OS X 10.4.8 - UDTO Disk Image Remote Denial of Service
eCardMAX HotEditor 4.0 Keyboard.php Local File Inclusion
eCardMAX HotEditor 4.0 - Keyboard.php Local File Inclusion
Comus 2.0 Accept.php Remote File Inclusion
Comus 2.0 - Accept.php Remote File Inclusion
Active PHP Bookmarks 1.0 APB.php Remote File Inclusion
Active PHP Bookmarks 1.0 - APB.php Remote File Inclusion
ABC Excel Parser Pro 4.0 Parser_Path Remote File Inclusion
ABC Excel Parser Pro 4.0 - Parser_Path Remote File Inclusion
PHP-Nuke 8.0 autohtml.php Local File Inclusion
PHP-Nuke 8.0 - autohtml.php Local File Inclusion
Drupal Ajax Checklist 5.x-1.0 Module Multiple SQL Injection
Drupal Ajax Checklist 5.x-1.0 Module - Multiple SQL Injection
EagleGet 1.1.8.1 - Denial of Service Exploit
EagleGet 1.1.8.1 - Denial of Service
Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module SQL Injection
Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module - SQL Injection
Jeebles Technology Jeebles Directory 2.9.60 Download.php Local File Inclusion
Jeebles Technology Jeebles Directory 2.9.60 - Download.php Local File Inclusion
CodeWidgets Web Based Alpha Tabbed Address Book Index.ASP SQL Injection
Phpbasic basicFramework 1.0 Includes.php Remote File Inclusion
CodeWidgets Web Based Alpha Tabbed Address Book - Index.ASP SQL Injection
Phpbasic basicFramework 1.0 - Includes.php Remote File Inclusion
Download Management 1.00 for PHP-Fusion Multiple Local File Inclusion
Download Management 1.00 for PHP-Fusion - Multiple Local File Inclusion
PlutoStatus Locator 1.0pre alpha 'index.php' Local File Inclusion
PlutoStatus Locator 1.0pre alpha - 'index.php' Local File Inclusion
Microsoft Internet Explorer 7/8 Beta 1 Frame Location Cross Domain Security Bypass
Microsoft Internet Explorer 7/8 Beta 1 - Frame Location Cross Domain Security Bypass
miniBB RSS 2.0 Plugin Multiple Remote File Inclusion
miniBB RSS 2.0 Plugin - Multiple Remote File Inclusion
phpKF-Portal 1.10 baslik.php tema_dizin Parameter Traversal Local File Inclusion
phpKF-Portal 1.10 anket_yonetim.php portal_ayarlarportal_dili Parameter Traversal Local File Inclusion
phpKF-Portal 1.10 - baslik.php tema_dizin Parameter Traversal Local File Inclusion
phpKF-Portal 1.10 - anket_yonetim.php portal_ayarlarportal_dili Parameter Traversal Local File Inclusion
Couchdb 1.5.0 - uuids DoS Exploit
Couchdb 1.5.0 - uuids Denial of Service
CuteNews 1.4.6 editnews Module doeditnews Action Admin Moderation Bypass
CuteNews 1.4.6 editnews Module - doeditnews Action Admin Moderation Bypass
ZTE and TP-Link RomPager - DoS Exploit
ZTE and TP-Link RomPager - Denial of Service
C99Shell 1.0 pre-release buil 'Ch99.php' Cross-Site Scripting
C99Shell 1.0 pre-release build 16 - 'Ch99.php' Cross-Site Scripting
Percha Gallery Component 1.6 Beta for Joomla! index.php controller Parameter Traversal Arbitrary File Access
Percha Gallery Component 1.6 Beta for Joomla! - index.php controller Parameter Traversal Arbitrary File Access
log1 CMS 2.0 Session Handling Remote Security Bypass and Remote File Inclusion
log1 CMS 2.0 - Session Handling Remote Security Bypass / Remote File Inclusion
Miniwork Studio Canteen 1.0 Component for Joomla! SQL Injection and Local File Inclusion
Miniwork Studio Canteen 1.0 Component for Joomla! - SQL Injection / Local File Inclusion
CMS Made Simple Download Manager 1.4.1 Module Arbitrary File Upload
CMS Made Simple Download Manager 1.4.1 Module - Arbitrary File Upload
CMS Made Simple Antz Toolkit 1.02 Module Arbitrary File Upload
CMS Made Simple Antz Toolkit 1.02 Module - Arbitrary File Upload
TWiki 5.0 bin/view rev Parameter XSS
TWiki 5.0 - bin/view rev Parameter XSS
slickMsg 0.7-alpha 'top.php' Cross-Site Scripting
slickMsg 0.7-alpha - 'top.php' Cross-Site Scripting
Drupal CAPTCHA Module Security Bypass
Drupal CAPTCHA Module - Security Bypass
WordPress 4.0 - Denial of Service Exploit
WordPress 4.0 - Denial of Service
Cradlepoint MBR1400 and MBR1200 Local File Inclusion
Cradlepoint MBR1400 and MBR1200 - Local File Inclusion
mIRC 'projects.php' Cross-Site Scripting
mIRC - 'projects.php' Cross-Site Scripting
Apache 'mod_wsgi' Module Information Disclosure
Apache 'mod_wsgi' Module - Information Disclosure
Microsoft Windows 7 x64 - afd.sys Privilege Escalation (MS14-040)
Microsoft Windows 7 (x64) - afd.sys Privilege Escalation (MS14-040)
SIEMENS IP-Camera CVMS2025-IR_ CCMS2025 - Credentials Disclosure
Microsoft GDI+ - DecodeCompressedRLEBitmap Invalid Pointer Arithmetic Out-of-Bounds Write (MS16-097)
Microsoft GDI+ - ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097)
Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap-Based Buffer Overflow (MS16-097)
2016-08-18 05:02:07 +00:00
Offensive Security
29076928d8
DB: 2016-08-17
...
10 new exploits
Mozilla Firefox 1.5.0.4 - (marquee) Denial of Service Exploit
Mozilla Firefox 1.5.0.4 - (marquee) Denial of Service
LifeType 1.0.4 - SQL Injection / Admin Credentials Disclosure Exploit
LifeType 1.0.4 - Multiple Vulnerabilities
Linux Kernel < 2.6.16.18 - (Netfilter NAT SNMP Module) Remote DoS Exploit
Linux Kernel < 2.6.16.18 - (Netfilter NAT SNMP Module) Remote Denial of Service
cms-bandits 2.5 - (spaw_root) Remote File Inclusion
Enterprise Payroll Systems 1.1 - (footer) Remote Include
CMS-Bandits 2.5 - (spaw_root) Remote File Inclusion
Enterprise Payroll Systems 1.1 - (footer) Remote File Inclusion
0verkill 0.16 - (ASCII-ART Game) Remote Integer Overflow Crash Exploit
empris r20020923 - (phormationdir) Remote Include
aePartner 0.8.3 - (dir[data]) Remote Include
0verkill 0.16 - (ASCII-ART Game) Remote Integer Overflow Crash PoC
empris r20020923 - (phormationdir) Remote File Inclusion
aePartner 0.8.3 - (dir[data]) Remote File Inclusion
SmartSiteCMS 1.0 - (root) Remote File Inclusion
Opera 9 - (long href) Remote Denial of Service Exploit
SmartSite CMS 1.0 - (root) Remote File Inclusion
Opera 9 - (long href) Remote Denial of Service
w-Agora 4.2.0 - (inc_dir) Remote File Inclusion Exploit
w-Agora 4.2.0 - (inc_dir) Remote File Inclusion
BitchX 1.1-final do_hook() Remote Denial of Service Exploit
BitchX 1.1-final - do_hook() Remote Denial of Service
BLOG:CMS 4.0.0k SQL Injection Exploit
BLOG:CMS 4.0.0k - SQL Injection
Sun Board 1.00.00 alpha Remote File Inclusion
Sun Board 1.00.00 alpha - Remote File Inclusion
Mailist 3.0 Insecure Backup/Local File Inclusion
Mailist 3.0 - Insecure Backup/Local File Inclusion
AdaptCMS 2.0.0 Beta (init.php) Remote File Inclusion
AdaptCMS 2.0.0 Beta - (init.php) Remote File Inclusion
VisualShapers ezContents 1.x/2.0 db.php Arbitrary File Inclusion
VisualShapers ezContents 1.x/2.0 archivednews.php Arbitrary File Inclusion
VisualShapers ezContents 1.x/2.0 - db.php Arbitrary File Inclusion
VisualShapers ezContents 1.x/2.0 - archivednews.php Arbitrary File Inclusion
VoteBox 2.0 Votebox.php Remote File Inclusion
VoteBox 2.0 - Votebox.php Remote File Inclusion
TRG News 3.0 Script Remote File Inclusion
TRG News 3.0 Script - Remote File Inclusion
Vortex Portal 2.0 content.php act Parameter Remote File Inclusion
Vortex Portal 2.0 - content.php act Parameter Remote File Inclusion
Shoutbox 1.0 Shoutbox.php Remote File Inclusion
Shoutbox 1.0 - Shoutbox.php Remote File Inclusion
Ajaxmint Gallery 1.0 Local File Inclusion
Ajaxmint Gallery 1.0 - Local File Inclusion
Zabbix 2.2.x_ 3.0.x - SQL Injection
Microsoft Office Word 2013_2016 - sprmSdyaTop Denial of Service (MS16-099)
Zabbix 2.2.x / 3.0.x - SQL Injection
Microsoft Office Word 2013/2016 - sprmSdyaTop Denial of Service (MS16-099)
Google Chrome 26.0.1410.43 (Webkit) - OBJECT Element Use After Free PoC
Windows x86 - MessageBoxA Shellcode (242 bytes)
Windows x86 - CreateProcessA cmd.exe Shellcode (253 bytes)
Lepton CMS 2.2.0 / 2.2.1 - Directory Traversal
Lepton CMS 2.2.0 / 2.2.1 - PHP Code Injection
Pi-Hole Web Interface 2.8.1 - Stored XSS in Whitelist/Blacklist
Nagios Log Server 1.4.1 - Multiple Vulnerabilities
Nagios Network Analyzer 2.2.0 - Multiple Vulnerabilities
Nagios Incident Manager 2.0.0 - Multiple Vulnerabilities
Internet Explorer - MSHTML!CMultiReadStreamLifetimeManager::ReleaseThreadStateInternal Read AV
2016-08-17 05:02:47 +00:00
Offensive Security
52c4bb1e58
DB: 2016-08-14
...
5 new exploits
AWStats (5.0-6.3) Input Validation Hole in 'logfile'
AWStats 5.0-6.3 - Input Validation Hole in 'logfile'
Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross-Site Scripting
Apache mod_perl 'Apache::Status' and 'Apache2::Status' - Cross-Site Scripting
Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow
Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow
WorldMail imapd 3.0 SEH Overflow (egg hunter)
WorldMail IMAPd 3.0 - SEH Overflow (Egg Hunter)
e107 website system 0.7.5 contact.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 download.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 admin.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 fpw.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 news.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - contact.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - download.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - admin.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - fpw.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - news.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 signup.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 submitnews.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - signup.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - submitnews.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 user.php Query String (PATH_INFO) Parameter XSS
e107 website system 0.7.5 - user.php Query String (PATH_INFO) Parameter XSS
Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner)
Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner) (1)
PHP-Nuke Sarkilar Module 'id' Parameter SQL Injection
PHP-Nuke Sarkilar Module - 'id' Parameter SQL Injection
PHP-Nuke Nuke League Module 'tid' Parameter Cross-Site Scripting
PHP-Nuke Nuke League Module - 'tid' Parameter Cross-Site Scripting
Kimson CMS 'id' Parameter Cross-Site Scripting
Kimson CMS - 'id' Parameter Cross-Site Scripting
Ocean12 FAQ Manager Pro 'Keyword' Parameter Cross-Site Scripting
Multiple Ocean12 Products 'Admin_ID' Parameter SQL Injection
Ocean12 FAQ Manager Pro - 'Keyword' Parameter Cross-Site Scripting
Multiple Ocean12 Products - 'Admin_ID' Parameter SQL Injection
LinksPro 'OrderDirection' Parameter SQL Injection
LinksPro - 'OrderDirection' Parameter SQL Injection
PHP-Nuke Downloads Module 'url' Parameter SQL Injection
PHP-Nuke Downloads Module - 'url' Parameter SQL Injection
PHP 5.2.9 cURL 'safe_mode' and 'open_basedir' Restriction-Bypass
PHP 5.2.9 cURL - 'safe_mode' and 'open_basedir' Restriction-Bypass
PuterJam\'s Blog PJBlog3 3.0.6 \'action.asp\' SQL Injection
PuterJam's Blog PJBlog3 3.0.6 - 'action.asp' SQL Injection
PHP-Nuke 8.0 Downloads Module 'query' Parameter Cross-Site Scripting
PHP-Nuke 8.0 Downloads Module - 'query' Parameter Cross-Site Scripting
Oracle 10g Secure Enterprise Search 'search_p_groups' Parameter Cross-Site Scripting
Oracle 10g Secure Enterprise Search - 'search_p_groups' Parameter Cross-Site Scripting
Scriptsez Easy Image Downloader 'id' Parameter Cross-Site Scripting
Scriptsez Easy Image Downloader - 'id' Parameter Cross-Site Scripting
XOOPS 2.3.3 \\\'op\\\' Parameter Multiple Cross-Site Scripting Vulnerabilities
XOOPS 2.3.3 - 'op' Parameter Multiple Cross-Site Scripting Vulnerabilities
Joomla! CB Resume Builder 'group_id' Parameter SQL Injection
X-Cart Email Subscription 'email' Parameter Cross-Site Scripting
Joomla! CB Resume Builder - 'group_id' Parameter SQL Injection
X-Cart Email Subscription - 'email' Parameter Cross-Site Scripting
RunCMS 'forum' Parameter SQL Injection
RunCMS - 'forum' Parameter SQL Injection
Multiple JiRo's Products 'files/login.asp' Multiple SQL Injection
Multiple JiRo's Products - 'files/login.asp' Multiple SQL Injection
Elxis 'filename' Parameter Directory Traversal
Elxis - 'filename' Parameter Directory Traversal
Ez Cart 'sid' Parameter Cross-Site Scripting
Ez Cart - 'sid' Parameter Cross-Site Scripting
Joomla! iF Portfolio Nexus 'controller' Parameter Remote File Inclusion
Joomla! iF Portfolio Nexus - 'controller' Parameter Remote File Inclusion
Joomla! Jobads 'type' Parameter SQL Injection
Joomla! Jobads - 'type' Parameter SQL Injection
Jamit Job Board 'post_id' Parameter Cross-Site Scripting
Jamit Job Board - 'post_id' Parameter Cross-Site Scripting
Tribisur 'cat' Parameter Cross-Site Scripting
Tribisur - 'cat' Parameter Cross-Site Scripting
Extreme Mobster 'login' Parameter Cross-Site Scripting
Extreme Mobster - 'login' Parameter Cross-Site Scripting
Subex Nikira Fraud Management System GUI 'message' Parameter Cross-Site Scripting
Subex Nikira Fraud Management System GUI - 'message' Parameter Cross-Site Scripting
Softbiz Jobs 'sbad_type' Parameter Cross-Site Scripting
Softbiz Jobs - 'sbad_type' Parameter Cross-Site Scripting
HD FLV Player Component for Joomla! 'id' Parameter SQL Injection
HD FLV Player Component for Joomla! - 'id' Parameter SQL Injection
Spectrum Software WebManager CMS 'pojam' Parameter Cross-Site Scripting
Saskia's Shopsystem 'id' Parameter Local File Inclusion
Spectrum Software WebManager CMS - 'pojam' Parameter Cross-Site Scripting
Saskia's Shopsystem - 'id' Parameter Local File Inclusion
Pars CMS 'RP' Parameter Multiple SQL Injection
Pars CMS - 'RP' Parameter Multiple SQL Injection
Kasseler CMS News Module 'id' Parameter SQL Injection
Kasseler CMS News Module - 'id' Parameter SQL Injection
Ziggurat Farsi CMS 'id' Parameter Unspecified Cross-Site Scripting
Ziggurat Farsi CMS - 'id' Parameter Unspecified Cross-Site Scripting
Vana CMS 'filename' Parameter Remote File Download
Vana CMS - 'filename' Parameter Remote File Download
Ziggurrat Farsi CMS 'bck' Parameter Directory Traversal
Ziggurrat Farsi CMS - 'bck' Parameter Directory Traversal
Viennabux Beta! 'cat' Parameter SQL Injection
Viennabux Beta! - 'cat' Parameter SQL Injection
HP System Management Homepage 'RedirectUrl' Parameter URI Redirection
HP System Management Homepage - 'RedirectUrl' Parameter URI Redirection
Sterlite SAM300 AX Router 'Stat_Radio' Parameter Cross-Site Scripting
Sterlite SAM300 AX Router - 'Stat_Radio' Parameter Cross-Site Scripting
Last Wizardz 'id' Parameter SQL Injection
Last Wizardz - 'id' Parameter SQL Injection
Plesk Server Administrator (PSA) 'locale' Parameter Local File Inclusion
Plesk Server Administrator (PSA) - 'locale' Parameter Local File Inclusion
VideoWhisper PHP 2 Way Video Chat 'r' Parameter Cross-Site Scripting
VideoWhisper PHP 2 Way Video Chat - 'r' Parameter Cross-Site Scripting
KubeSupport 'lang' Parameter SQL Injection
KubeSupport - 'lang' Parameter SQL Injection
ReCMS 'users_lang' Parameter Directory Traversal
ReCMS - 'users_lang' Parameter Directory Traversal
jCore 'search' Parameter Cross-Site Scripting
jCore - 'search' Parameter Cross-Site Scripting
PHP168 Template Editor 'filename' Parameter Directory Traversal
PHP168 Template Editor - 'filename' Parameter Directory Traversal
uzbl \'uzbl-core\' \'@SELECTED_URI\' Mouse Button Bindings Command Injection
uzbl 'uzbl-core' - '@SELECTED_URI' Mouse Button Bindings Command Injection
SyntaxCMS 'rows_per_page' Parameter SQL Injection
Edit-X PHP CMS 'search_text' Parameter Cross-Site Scripting
SyntaxCMS - 'rows_per_page' Parameter SQL Injection
Edit-X PHP CMS - 'search_text' Parameter Cross-Site Scripting
Nasim Guest Book 'page' Parameter Cross-Site Scripting
Nasim Guest Book - 'page' Parameter Cross-Site Scripting
FreeSchool 'key_words' Parameter Cross-Site Scripting
FreeSchool - 'key_words' Parameter Cross-Site Scripting
tourismscripts HotelBook 'hotel_id' Parameter Multiple SQL Injection
tourismscripts HotelBook - 'hotel_id' Parameter Multiple SQL Injection
Spiceworks 'query' Parameter Cross-Site Scripting
Spiceworks - 'query' Parameter Cross-Site Scripting
NWS-Classifieds 'cmd' Parameter Local File Inclusion
NWS-Classifieds - 'cmd' Parameter Local File Inclusion
WebAsyst Shop-Script PREMIUM 'searchstring' Parameter Cross-Site Scripting
WebAsyst Shop-Script PREMIUM - 'searchstring' Parameter Cross-Site Scripting
Web TV 'chn' Parameter Cross-Site Scripting
Web TV - 'chn' Parameter Cross-Site Scripting
Honest Traffic 'msg' Parameter Cross-Site Scripting
Honest Traffic - 'msg' Parameter Cross-Site Scripting
PHP Photo Vote 1.3F 'page' Parameter Cross-Site Scripting
PHP Photo Vote 1.3F - 'page' Parameter Cross-Site Scripting
Wap-motor 'image' Parameter Directory Traversal
Wap-motor - 'image' Parameter Directory Traversal
QuarkMail 'tf' Parameter Directory Traversal
QuarkMail - 'tf' Parameter Directory Traversal
Microsoft Windows VISTA 'lpksetup.exe' 'oci.dll' DLL Loading Arbitrary Code Execution
Microsoft Windows VISTA - 'lpksetup.exe' 'oci.dll' DLL Loading Arbitrary Code Execution
LES PACKS 'ID' Parameter SQL Injection
LES PACKS - 'ID' Parameter SQL Injection
PHPShop 2.1 EE 'name_new' Parameter Cross-Site Scripting
PHPShop 2.1 EE - 'name_new' Parameter Cross-Site Scripting
IBM OmniFind 'command' Parameter Cross-Site Scripting
IBM OmniFind - 'command' Parameter Cross-Site Scripting
Joomla Store Directory 'id' Parameter SQL Injection
Joomla Store Directory - 'id' Parameter SQL Injection
PHP State 'id' Parameter SQL Injection
Joomla Jeformcr 'id' Parameter SQL Injection
JExtensions Property Finder Component for Joomla! 'sf_id' Parameter SQL Injection
PHP State - 'id' Parameter SQL Injection
Joomla Jeformcr - 'id' Parameter SQL Injection
JExtensions Property Finder Component for Joomla! - 'sf_id' Parameter SQL Injection
Social Share 'postid' Parameter SQL Injection
Social Share - 'postid' Parameter SQL Injection
Openfiler 'device' Parameter Cross-Site Scripting
Openfiler - 'device' Parameter Cross-Site Scripting
Social Share 'username' Parameter SQL Injection
Social Share - 'username' Parameter SQL Injection
Social Share 'search' Parameter Cross-Site Scripting
HotWeb Scripts HotWeb Rentals 'PageId' Parameter SQL Injection
Social Share - 'search' Parameter Cross-Site Scripting
HotWeb Scripts HotWeb Rentals - 'PageId' Parameter SQL Injection
SnapProof 'retPageID' Parameter Cross-Site Scripting
SnapProof - 'retPageID' Parameter Cross-Site Scripting
VidiScript 'vp' Parameter Cross-Site Scripting
VidiScript - 'vp' Parameter Cross-Site Scripting
PHP-Fusion 'article_id' Parameter SQL Injection
PHP-Fusion - 'article_id' Parameter SQL Injection
Qianbo Enterprise Web Site Management System 'Keyword' Parameter Cross-Site Scripting
RunCMS 'partners' Module 'id' Parameter SQL Injection
Qianbo Enterprise Web Site Management System - 'Keyword' Parameter Cross-Site Scripting
RunCMS 'partners' Module - 'id' Parameter SQL Injection
Technicolor THOMSON TG585v7 Wireless Router 'url' Parameter Cross-Site Scripting
Technicolor THOMSON TG585v7 Wireless Router - 'url' Parameter Cross-Site Scripting
SyCtel Design 'menu' Parameter Multiple Local File Inclusion
SyCtel Design - 'menu' Parameter Multiple Local File Inclusion
phpGraphy 0.9.13 b 'theme_dir' Parameter Cross-Site Scripting
phpGraphy 0.9.13 b - 'theme_dir' Parameter Cross-Site Scripting
Web Auction 0.3.6 'lang' Parameter Cross-Site Scripting
Web Auction 0.3.6 - 'lang' Parameter Cross-Site Scripting
Multiple GoT.MY Products 'theme_dir' Parameter Cross-Site Scripting
Multiple GoT.MY Products - 'theme_dir' Parameter Cross-Site Scripting
Flash Tag Cloud And MT-Cumulus Plugin 'tagcloud' Parameter Cross-Site Scripting
Flash Tag Cloud And MT-Cumulus Plugin - 'tagcloud' Parameter Cross-Site Scripting
Joomla! 'com_cbcontact' Component 'contact_id' Parameter SQL Injection
Joomla! 'com_cbcontact' Component - 'contact_id' Parameter SQL Injection
Joomla! 'com_maplocator' Component 'cid' Parameter SQL Injection
Joomla! 'com_maplocator' Component - 'cid' Parameter SQL Injection
Tolinet Agencia 'id' Parameter SQL Injection
Tolinet Agencia - 'id' Parameter SQL Injection
WebFileExplorer 3.6 'user' and 'pass' SQL Injection
WebFileExplorer 3.6 - 'user' and 'pass' SQL Injection
Sitemagic CMS 'SMTpl' Parameter Directory Traversal
Sitemagic CMS - 'SMTpl' Parameter Directory Traversal
Nodesforum '_nodesforum_node' Parameter SQL Injection
Joomla! 'com_morfeoshow' Component 'idm' Parameter SQL Injection
Nodesforum - '_nodesforum_node' Parameter SQL Injection
Joomla! 'com_morfeoshow' Component - 'idm' Parameter SQL Injection
Joomla! 'com_jr_tfb' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_jr_tfb' Component - 'controller' Parameter Local File Inclusion
eTAWASOL 'id' Parameter SQL Injection
eTAWASOL - 'id' Parameter SQL Injection
Prontus CMS 'page' Parameter Cross-Site Scripting
ICMusic '1.2 music_id' Parameter SQL Injection
Prontus CMS - 'page' Parameter Cross-Site Scripting
ICMusic 1.2 - 'music_id' Parameter SQL Injection
Flowplayer 3.2.7 linkUrl' Parameter Cross-Site Scripting
Flowplayer 3.2.7 - 'linkUrl' Parameter Cross-Site Scripting
Easy Estate Rental 's_location' Parameter SQL Injection
Joomla Foto Component 'id_categoria' Parameter SQL Injection
Easy Estate Rental - 's_location' Parameter SQL Injection
Joomla Foto Component - 'id_categoria' Parameter SQL Injection
Joomla Juicy Gallery Component 'picId' Parameter SQL Injection
Joomla Juicy Gallery Component - 'picId' Parameter SQL Injection
Joomla Controller Component 'Itemid' Parameter SQL Injection
Joomla Controller Component - 'Itemid' Parameter SQL Injection
Synergy Software 'id' Parameter SQL Injection
Godly Forums 'id' Parameter SQL Injection
Synergy Software - 'id' Parameter SQL Injection
Godly Forums - 'id' Parameter SQL Injection
MyBB MyTabs Plugin 'tab' Parameter SQL Injection
MyBB MyTabs Plugin - 'tab' Parameter SQL Injection
mt LinkDatenbank 'b' Parameter Cross-Site Scripting
mt LinkDatenbank - 'b' Parameter Cross-Site Scripting
Joomla! Slideshow Gallery Component 'id' Parameter SQL Injection
Joomla! Slideshow Gallery Component - 'id' Parameter SQL Injection
Joomla! 'com_community' Component 'userid' Parameter SQL Injection
Joomla! 'com_community' Component - 'userid' Parameter SQL Injection
phpWebSite 'page_id' Parameter Cross-Site Scripting
phpWebSite - 'page_id' Parameter Cross-Site Scripting
Tourismscripts Hotel Portal 'hotel_city' Parameter HTML Injection
VicBlog 'tag' Parameter SQL Injection
Tourismscripts Hotel Portal - 'hotel_city' Parameter HTML Injection
VicBlog - 'tag' Parameter SQL Injection
Kisanji 'gr' Parameter Cross-Site Scripting
Kisanji - 'gr' Parameter Cross-Site Scripting
Joomla! 'com_biitatemplateshop' Component 'groups' Parameter SQL Injection
Joomla! 'com_biitatemplateshop' Component - 'groups' Parameter SQL Injection
Vanira CMS 'vtpidshow' Parameter SQL Injection
Vanira CMS - 'vtpidshow' Parameter SQL Injection
Joomla! 'com_expedition' Component 'id' Parameter SQL Injection
Joomla! 'com_expedition' Component - 'id' Parameter SQL Injection
Joomla! 'com_tree' Component 'key' Parameter SQL Injection
Joomla! 'com_br' Component 'state_id' Parameter SQL Injection
Joomla! 'com_shop' Component 'id' Parameter SQL Injection
Joomla! 'com_tree' Component - 'key' Parameter SQL Injection
Joomla! 'com_br' Component - 'state_id' Parameter SQL Injection
Joomla! 'com_shop' Component - 'id' Parameter SQL Injection
Splunk 4.1.6 'segment' Parameter Cross-Site Scripting
Splunk 4.1.6 - 'segment' Parameter Cross-Site Scripting
Multiple Cisco Products 'file' Parameter Directory Traversal
Multiple Cisco Products - 'file' Parameter Directory Traversal
IBSng B1.34(T96) 'str' Parameter Cross-Site Scripting
IBSng B1.34(T96) - 'str' Parameter Cross-Site Scripting
SmartJobBoard 'keywords' Parameter Cross-Site Scripting
SmartJobBoard - 'keywords' Parameter Cross-Site Scripting
Joomla Content Component 'year' Parameter SQL Injection
Joomla Content Component - 'year' Parameter SQL Injection
Webistry 1.6 'pid' Parameter SQL Injection
Webistry 1.6 - 'pid' Parameter SQL Injection
WordPress Skysa App Bar Plugin 'idnews' Parameter Cross-Site Scripting
WordPress Skysa App Bar Plugin - 'idnews' Parameter Cross-Site Scripting
Video Community Portal 'userID' Parameter SQL Injection
Video Community Portal - 'userID' Parameter SQL Injection
PHP Booking Calendar 10e 'page_info_message' Parameter Cross-Site Scripting
Joomla! 'com_tsonymf' Component 'idofitem' Parameter SQL Injection
PHP Booking Calendar 10e - 'page_info_message' Parameter Cross-Site Scripting
Joomla! 'com_tsonymf' Component - 'idofitem' Parameter SQL Injection
Joomla! 'com_caproductprices' Component 'id' Parameter SQL Injection
Joomla! 'com_caproductprices' Component - 'id' Parameter SQL Injection
GraphicsClone Script 'term' parameter Cross-Site Scripting
GraphicsClone Script - 'term' parameter Cross-Site Scripting
PostNuke pnAddressbook Module 'id' Parameter SQL Injection
PostNuke pnAddressbook Module - 'id' Parameter SQL Injection
Joomla! 'com_br' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_br' Component - 'controller' Parameter Local File Inclusion
Joomla! Full 'com_full' Component 'id' Parameter SQL Injection
Joomla! Full 'com_full' Component - 'id' Parameter SQL Injection
Joomla! 'com_xball' Component 'team_id' Parameter SQL Injection
Joomla! 'com_boss' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_xball' Component - 'team_id' Parameter SQL Injection
Joomla! 'com_boss' Component - 'controller' Parameter Local File Inclusion
Joomla! 'com_some' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_bulkenquery' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_kp' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_some' Component - 'controller' Parameter Local File Inclusion
Joomla! 'com_bulkenquery' Component - 'controller' Parameter Local File Inclusion
Joomla! 'com_kp' Component - 'controller' Parameter Local File Inclusion
Ultimate Locator 'radius' Parameter SQL Injection
Joomla! 'com_jesubmit' Component 'index.php' Arbitrary File Upload
Ultimate Locator - 'radius' Parameter SQL Injection
Joomla! 'com_jesubmit' Component - 'index.php' Arbitrary File Upload
Joomla! 'com_motor' Component 'cid' Parameter SQL Injection
Joomla! 'com_motor' Component - 'cid' Parameter SQL Injection
Joomla! 'com_firmy' Component 'Id' Parameter SQL Injection
Joomla! 'com_firmy' Component - 'Id' Parameter SQL Injection
Joomla! 'com_crhotels' Component 'catid' Parameter SQL Injection
Joomla! 'com_propertylab' Component 'id' Parameter SQL Injection
Joomla! 'com_crhotels' Component - 'catid' Parameter SQL Injection
Joomla! 'com_propertylab' Component - 'id' Parameter SQL Injection
Joomla! 'com_cmotour' Component 'id' Parameter SQL Injection
Joomla! 'com_cmotour' Component - 'id' Parameter SQL Injection
Joomla! 'com_bnf' Component 'seccion_id' Parameter SQL Injection
Joomla! 'com_bnf' Component - 'seccion_id' Parameter SQL Injection
Joomla! Currency Converter Component 'from' Parameter Cross-Site Scripting
Joomla! Currency Converter Component - 'from' Parameter Cross-Site Scripting
RabbitWiki 'title' Parameter Cross-Site Scripting
RabbitWiki - 'title' Parameter Cross-Site Scripting
Zimbra 'view' Parameter Cross-Site Scripting
Zimbra - 'view' Parameter Cross-Site Scripting
SMW+ 1.5.6 'target' Parameter HTML Injection
SMW+ 1.5.6 - 'target' Parameter HTML Injection
ProWiki 'id' Parameter Cross-Site Scripting
ProWiki - 'id' Parameter Cross-Site Scripting
Tiki Wiki CMS Groupware 'url' Parameter URI Redirection
Tiki Wiki CMS Groupware - 'url' Parameter URI Redirection
Impulsio CMS 'id' Parameter SQL Injection
Impulsio CMS - 'id' Parameter SQL Injection
Joomla! X-Shop Component 'idd' Parameter SQL Injection
Joomla! X-Shop Component - 'idd' Parameter SQL Injection
Joomla! 'com_xvs' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_xvs' Component - 'controller' Parameter Local File Inclusion
starCMS 'q' Parameter URI Cross-Site Scripting
starCMS - 'q' Parameter URI Cross-Site Scripting
JPM Article Script 6 'page2' Parameter SQL Injection
JPM Article Script 6 - 'page2' Parameter SQL Injection
LeKommerce 'id' Parameter SQL Injection
LeKommerce - 'id' Parameter SQL Injection
Event Calendar PHP 'cal_year' Parameter Cross-Site Scripting
Event Calendar PHP - 'cal_year' Parameter Cross-Site Scripting
XM Forum 'id' Parameter Multiple SQL Injection
Uiga FanClub 'p' Parameter SQL Injection
XM Forum - 'id' Parameter Multiple SQL Injection
Uiga FanClub - 'p' Parameter SQL Injection
WordPress WPsc MijnPress Plugin 'rwflush' Parameter Cross-Site Scripting
WordPress WPsc MijnPress Plugin - 'rwflush' Parameter Cross-Site Scripting
Ramui Forum Script 'query' Parameter Cross-Site Scripting
Ramui Forum Script - 'query' Parameter Cross-Site Scripting
GD Star Rating 1.9.16 'tpl_section' Parameter Cross-Site Scripting
GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting
LongTail JW Player 'debug' Parameter Cross-Site Scripting
LongTail JW Player - 'debug' Parameter Cross-Site Scripting
Small-Cms 'hostname' Parameter Remote PHP Code Injection
Small-Cms - 'hostname' Parameter Remote PHP Code Injection
Joomla! Alphacontent Component 'limitstart' Parameter SQL Injection
Joomla! Alphacontent Component - 'limitstart' Parameter SQL Injection
Flogr 'tag' Parameter Multiple Cross-Site Scripting Vulnerabilities
Flogr - 'tag' Parameter Multiple Cross-Site Scripting Vulnerabilities
e107 Image Gallery Plugin 'name' Parameter Remote File Disclosure
e107 Image Gallery Plugin - 'name' Parameter Remote File Disclosure
Joomla! 'com_szallasok' Component 'id' Parameter SQL Injection
Joomla! 'com_szallasok' Component - 'id' Parameter SQL Injection
SWFUpload 'movieName' Parameter Cross-Site Scripting
SWFUpload - 'movieName' Parameter Cross-Site Scripting
WordPress SocialFit Plugin 'msg' Parameter Cross-Site Scripting
WordPress custom tables Plugin 'key' Parameter Cross-Site Scripting
WordPress church_admin Plugin 'id' parameter Cross-Site Scripting
WordPress SocialFit Plugin - 'msg' Parameter Cross-Site Scripting
WordPress custom tables Plugin - 'key' Parameter Cross-Site Scripting
WordPress church_admin Plugin - 'id' parameter Cross-Site Scripting
sflog! 'section' Parameter Local File Inclusion
sflog! - 'section' Parameter Local File Inclusion
WebsitePanel 'ReturnUrl' Parameter URI Redirection
WebsitePanel - 'ReturnUrl' Parameter URI Redirection
WordPress Post Recommendations Plugin 'abspath' Parameter Remote File Inclusion
web@all 'name' Parameter Cross-Site Scripting
WordPress Post Recommendations Plugin - 'abspath' Parameter Remote File Inclusion
web@all - 'name' Parameter Cross-Site Scripting
Joomla! 'com_hello' Component 'controller' Parameter Local File Inclusion
Joomla! 'com_hello' Component - 'controller' Parameter Local File Inclusion
REDAXO 'subpage' Parameter Cross-Site Scripting
Joomla Odudeprofile component 'profession' Parameter SQL Injection
REDAXO - 'subpage' Parameter Cross-Site Scripting
Joomla Odudeprofile component - 'profession' Parameter SQL Injection
BarCodeWiz 'BarcodeWiz.dll' ActiveX Control 'Barcode' Method Remote Buffer Overflow
BarCodeWiz 'BarcodeWiz.dll' ActiveX Control - 'Barcode' Method Remote Buffer Overflow
JW Player 'playerready' Parameter Cross-Site Scripting
eNdonesia 'cid' Parameter SQL Injection
JW Player - 'playerready' Parameter Cross-Site Scripting
eNdonesia - 'cid' Parameter SQL Injection
ntop 'arbfile' Parameter Cross-Site Scripting
ntop - 'arbfile' Parameter Cross-Site Scripting
Elefant CMS 'id' Parameter Cross-Site Scripting
Elefant CMS - 'id' Parameter Cross-Site Scripting
YT-Videos Script 'id' Parameter SQL Injection
YT-Videos Script - 'id' Parameter SQL Injection
GetSimple 'path' Parameter Local File Inclusion
GetSimple - 'path' Parameter Local File Inclusion
LISTSERV 16 'SHOWTPL' Parameter Cross-Site Scripting
LISTSERV 16 - 'SHOWTPL' Parameter Cross-Site Scripting
JPM Article Blog Script 6 'tid' Parameter Cross-Site Scripting
JPM Article Blog Script 6 - 'tid' Parameter Cross-Site Scripting
KindEditor 'name' Parameter Cross-Site Scripting
KindEditor - 'name' Parameter Cross-Site Scripting
PHP Web Scripts Ad Manager Pro 'page' Parameter Local File Inclusion
PHP Web Scripts Ad Manager Pro - 'page' Parameter Local File Inclusion
JW Player 'logo.link' Parameter Cross-Site Scripting
JW Player - 'logo.link' Parameter Cross-Site Scripting
PHP Web Scripts Text Exchange Pro 'page' Parameter Local File Inclusion
Joomla! Komento Component 'cid' Parameter SQL Injection
PHP Web Scripts Text Exchange Pro - 'page' Parameter Local File Inclusion
Joomla! Komento Component - 'cid' Parameter SQL Injection
WordPress Cloudsafe365 Plugin 'file' Parameter Remote File Disclosure
WordPress Cloudsafe365 Plugin - 'file' Parameter Remote File Disclosure
Wiki Web Help 'configpath' Parameter Remote File Inclusion
Wiki Web Help - 'configpath' Parameter Remote File Inclusion
LiteSpeed Web Server 'gtitle' parameter Cross-Site Scripting
LiteSpeed Web Server - 'gtitle' parameter Cross-Site Scripting
WordPress Download Monitor Plugin 'dlsearch' Parameter Cross-Site Scripting
WordPress Download Monitor Plugin - 'dlsearch' Parameter Cross-Site Scripting
FBDj 'id' Parameter SQL Injection
FBDj - 'id' Parameter SQL Injection
vBSEO 'u' parameter Cross-Site Scripting
vBSEO - 'u' parameter Cross-Site Scripting
WordPress Crayon Syntax Highlighter Plugin 'wp_load' Parameter Remote File Inclusion
WordPress Crayon Syntax Highlighter Plugin - 'wp_load' Parameter Remote File Inclusion
TAGWORX.CMS 'cid' Parameter SQL Injection
TAGWORX.CMS - 'cid' Parameter SQL Injection
WordPress Video Lead Form Plugin 'errMsg' Parameter Cross-Site Scripting
WordPress Video Lead Form Plugin - 'errMsg' Parameter Cross-Site Scripting
WordPress Token Manager Plugin 'tid' Parameter Cross-Site Scripting
WordPress Token Manager Plugin - 'tid' Parameter Cross-Site Scripting
Neturf eCommerce Shopping Cart 'SearchFor' Parameter Cross-Site Scripting
Neturf eCommerce Shopping Cart - 'SearchFor' Parameter Cross-Site Scripting
WordPress ABC Test Plugin 'id' Parameter Cross-Site Scripting
WordPress ABC Test Plugin - 'id' Parameter Cross-Site Scripting
Open Realty 'select_users_lang' Parameter Local File Inclusion
Open Realty - 'select_users_lang' Parameter Local File Inclusion
FirePass 7.0 SSL VPN 'refreshURL' Parameter URI Redirection
FirePass 7.0 SSL VPN - 'refreshURL' Parameter URI Redirection
SMF 'view' Parameter Cross-Site Scripting
SMF - 'view' Parameter Cross-Site Scripting
Gramophone 'rs' Parameter Cross-Site Scripting
Gramophone - 'rs' Parameter Cross-Site Scripting
Joomla! com_parcoauto Component 'idVeicolo' Parameter SQL Injection
Joomla! com_parcoauto Component - 'idVeicolo' Parameter SQL Injection
OrangeHRM 'sortField' Parameter SQL Injection
WordPress FLV Player Plugin 'id' Parameter SQL Injection
OrangeHRM - 'sortField' Parameter SQL Injection
WordPress FLV Player Plugin - 'id' Parameter SQL Injection
WordPress Kakao Theme 'ID' Parameter SQL Injection
WordPress PHP Event Calendar Plugin 'cid' Parameter SQL Injection
WordPress Eco-annu Plugin 'eid' Parameter SQL Injection
WordPress Kakao Theme - 'ID' Parameter SQL Injection
WordPress PHP Event Calendar Plugin - 'cid' Parameter SQL Injection
WordPress Eco-annu Plugin - 'eid' Parameter SQL Injection
WordPress Dailyedition-mouss Theme 'id' Parameter SQL Injection
WordPress Tagged Albums Plugin 'id' Parameter SQL Injection
WordPress Dailyedition-mouss Theme - 'id' Parameter SQL Injection
WordPress Tagged Albums Plugin - 'id' Parameter SQL Injection
Omni-Secure 'dir' Parameter Multiple File Disclosure Vulnerabilities
Friends in War The FAQ Manager 'question' Parameter SQL Injection
Omni-Secure - 'dir' Parameter Multiple File Disclosure Vulnerabilities
Friends in War The FAQ Manager - 'question' Parameter SQL Injection
openSIS 'modname' Parameter Local File Inclusion
openSIS - 'modname' Parameter Local File Inclusion
WordPress Madebymilk Theme 'id' Parameter SQL Injection
WordPress Madebymilk Theme - 'id' Parameter SQL Injection
WordPress Zingiri Web Shop Plugin 'path' Parameter Arbitrary File Upload
WordPress Webplayer Plugin 'id' Parameter SQL Injection
WordPress Plg Novana Plugin 'id' Parameter SQL Injection
WordPress Zingiri Web Shop Plugin - 'path' Parameter Arbitrary File Upload
WordPress Webplayer Plugin - 'id' Parameter SQL Injection
WordPress Plg Novana Plugin - 'id' Parameter SQL Injection
WordPress Magazine Basic Theme 'id' Parameter SQL Injection
WordPress Magazine Basic Theme - 'id' Parameter SQL Injection
WordPress Ads Box Plugin 'count' Parameter SQL Injection
WordPress Ads Box Plugin - 'count' Parameter SQL Injection
Forescout CounterACT 'a' Parameter Open Redirection
WordPress Wp-ImageZoom Theme 'id' Parameter SQL Injection
Forescout CounterACT - 'a' Parameter Open Redirection
WordPress Wp-ImageZoom Theme - 'id' Parameter SQL Injection
WordPress Toolbox Theme 'mls' Parameter SQL Injection
Elastix 'page' Parameter Cross-Site Scripting
TinyMCPUK 'test' Parameter Cross-Site Scripting
WordPress Toolbox Theme - 'mls' Parameter SQL Injection
Elastix - 'page' Parameter Cross-Site Scripting
TinyMCPUK - 'test' Parameter Cross-Site Scripting
WordPress Zingiri Forums Plugin 'language' Parameter Local File Inclusion
WordPress Nest Theme 'codigo' Parameter SQL Injection
Sourcefabric Newscoop 'f_email' Parameter SQL Injection
WordPress Zingiri Forums Plugin - 'language' Parameter Local File Inclusion
WordPress Nest Theme - 'codigo' Parameter SQL Injection
Sourcefabric Newscoop - 'f_email' Parameter SQL Injection
FOOT Gestion 'id' Parameter SQL Injection
FOOT Gestion - 'id' Parameter SQL Injection
PHP Address Book 'group' Parameter Cross-Site Scripting
PHP Address Book - 'group' Parameter Cross-Site Scripting
Joomla! ZT Autolinks Component 'controller' Parameter Local File Inclusion
Joomla! Bit Component 'controller' Parameter Local File Inclusion
Joomla! ZT Autolinks Component - 'controller' Parameter Local File Inclusion
Joomla! Bit Component - 'controller' Parameter Local File Inclusion
MyBB Transactions Plugin 'transaction' Parameter SQL Injection
MyBB Transactions Plugin - 'transaction' Parameter SQL Injection
WHM 'filtername' Parameter Cross-Site Scripting
WHM - 'filtername' Parameter Cross-Site Scripting
Havalite CMS 'comment' Parameter HTML Injection
Havalite CMS - 'comment' Parameter HTML Injection
WordPress NextGEN Gallery Plugin 'test-head' Parameter Cross-Site Scripting
WordPress NextGEN Gallery Plugin - 'test-head' Parameter Cross-Site Scripting
WordPress Gallery Plugin 'filename_1' Parameter Remote Arbitrary File Access
WordPress Gallery Plugin - 'filename_1' Parameter Remote Arbitrary File Access
phpLiteAdmin 'table' Parameter SQL Injection
IP.Gallery 'img' Parameter SQL Injection
phpLiteAdmin - 'table' Parameter SQL Injection
IP.Gallery - 'img' Parameter SQL Injection
gpEasy CMS 'section' Parameter Cross-Site Scripting
gpEasy CMS - 'section' Parameter Cross-Site Scripting
iCart Pro 'section' Parameter SQL Injection
iCart Pro - 'section' Parameter SQL Injection
WordPress WP-Table Reloaded Plugin 'id' Parameter Cross-Site Scripting
WordPress WP-Table Reloaded Plugin - 'id' Parameter Cross-Site Scripting
WordPress CommentLuv Plugin '_ajax_nonce' Parameter Cross-Site Scripting
WordPress CommentLuv Plugin - '_ajax_nonce' Parameter Cross-Site Scripting
WordPress Audio Player Plugin 'playerID' Parameter Cross-Site Scripting
WordPress Pinboard Theme 'tab' Parameter Cross-Site Scripting
WordPress Audio Player Plugin - 'playerID' Parameter Cross-Site Scripting
WordPress Pinboard Theme - 'tab' Parameter Cross-Site Scripting
Squirrelcart 'table' Parameter Cross-Site Scripting
Squirrelcart - 'table' Parameter Cross-Site Scripting
OpenEMR 'site' Parameter Cross-Site Scripting
OpenEMR - 'site' Parameter Cross-Site Scripting
WordPress Uploader Plugin 'blog' Parameter Cross-Site Scripting
WordPress Uploader Plugin - 'blog' Parameter Cross-Site Scripting
WordPress Count Per Day Plugin 'daytoshow' Parameter Cross-Site Scripting
WordPress Count Per Day Plugin - 'daytoshow' Parameter Cross-Site Scripting
WordPress podPress Plugin 'playerID' Parameter Cross-Site Scripting
WordPress podPress Plugin - 'playerID' Parameter Cross-Site Scripting
Jaow CMS 'add_ons' Parameter Cross-Site Scripting
Jaow CMS - 'add_ons' Parameter Cross-Site Scripting
WordPress Feedweb Plugin 'wp_post_id' Parameter Cross-Site Scripting
WordPress Feedweb Plugin - 'wp_post_id' Parameter Cross-Site Scripting
Symphony 'sort' Parameter SQL Injection
Symphony - 'sort' Parameter SQL Injection
WordPress Traffic Analyzer Plugin 'aoid' Parameter Cross-Site Scripting
WordPress Traffic Analyzer Plugin - 'aoid' Parameter Cross-Site Scripting
WordPress Spiffy XSPF Player Plugin 'playlist_id' Parameter SQL Injection
WordPress Spiffy XSPF Player Plugin - 'playlist_id' Parameter SQL Injection
WordPress Spider Video Player Plugin 'theme' Parameter SQL Injection
Request Tracker 'ShowPending' Parameter SQL Injection
WordPress Spider Video Player Plugin - 'theme' Parameter SQL Injection
Request Tracker - 'ShowPending' Parameter SQL Injection
Fork CMS 'file' Parameter Local File Inclusion
Fork CMS - 'file' Parameter Local File Inclusion
WordPress wp-FileManager Plugin 'path' Parameter Arbitrary File Download
Open Flash Chart 'get-data' Parameter Cross-Site Scripting
WordPress wp-FileManager Plugin - 'path' Parameter Arbitrary File Download
Open Flash Chart - 'get-data' Parameter Cross-Site Scripting
Jojo CMS 'search' Parameter Cross-Site Scripting
Jojo CMS - 'search' Parameter Cross-Site Scripting
WordPress Ambience Theme 'src' Parameter Cross-Site Scripting
WordPress Ambience Theme - 'src' Parameter Cross-Site Scripting
TaxiMonger for Android 'name' Parameter HTML Injection
TaxiMonger for Android - 'name' Parameter HTML Injection
ZamFoo 'date' Parameter Remote Command Injection
ZamFoo - 'date' Parameter Remote Command Injection
Xorbin Analog Flash Clock 'widgetUrl' Parameter Cross-Site Scripting
Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting
WordPress WP Feed Plugin 'nid' Parameter SQL Injection
WordPress Category Grid View Gallery Plugin 'ID' Parameter Cross-Site Scripting
WordPress WP Feed Plugin - 'nid' Parameter SQL Injection
WordPress Category Grid View Gallery Plugin - 'ID' Parameter Cross-Site Scripting
WordPress FlagEm Plugin 'cID' Parameter Cross-Site Scripting
WordPress FlagEm Plugin - 'cID' Parameter Cross-Site Scripting
Xibo 'layout' Parameter HTML Injection
Xibo - 'layout' Parameter HTML Injection
Flo CMS 'archivem' Parameter SQL Injection
Flo CMS - 'archivem' Parameter SQL Injection
eTransfer Lite 'file name' Parameter HTML Injection
WordPress mukioplayer4wp Plugin 'cid' Parameter SQL Injection
eTransfer Lite - 'file name' Parameter HTML Injection
WordPress mukioplayer4wp Plugin - 'cid' Parameter SQL Injection
Monstra CMS 'login' Parameter SQL Injection
Monstra CMS - 'login' Parameter SQL Injection
Joomla! JVideoClip Component 'uid' Parameter SQL Injection
Joomla! JVideoClip Component - 'uid' Parameter SQL Injection
WordPress WP-Realty Plugin 'listing_id' Parameter SQL Injection
WordPress WP-Realty Plugin - 'listing_id' Parameter SQL Injection
Joomla! Maian15 Component 'name' Parameter Arbitrary Shell Upload
Joomla! Maian15 Component - 'name' Parameter Arbitrary Shell Upload
Nagios XI 'tfPassword' Parameter SQL Injection
Nagios XI - 'tfPassword' Parameter SQL Injection
Enorth Webpublisher CMS 'thisday' Parameter SQL Injection
Enorth Webpublisher CMS - 'thisday' Parameter SQL Injection
WordPress Easy Career Openings Plugin 'jobid' Parameter SQL Injection
WordPress Easy Career Openings Plugin - 'jobid' Parameter SQL Injection
eduTrac 'showmask' Parameter Directory Traversal
eduTrac - 'showmask' Parameter Directory Traversal
Veno File Manager 'q' Parameter Arbitrary File Download
Veno File Manager - 'q' Parameter Arbitrary File Download
Leed 'id' Parameter SQL Injection
Leed - 'id' Parameter SQL Injection
xBoard 'post' Parameter Local File Inclusion
xBoard - 'post' Parameter Local File Inclusion
i-doit Pro 'objID' Parameter SQL Injection
i-doit Pro - 'objID' Parameter SQL Injection
Joomla! Sexy Polling Extension 'answer_id' Parameter SQL Injection
Joomla! Sexy Polling Extension - 'answer_id' Parameter SQL Injection
XOS Shop 'goto' Parameter SQL Injection
XOS Shop - 'goto' Parameter SQL Injection
Eventum 'hostname' Parameter Remote Code Execution
Eventum - 'hostname' Parameter Remote Code Execution
WordPress Relevanssi Plugin 'category_name' Parameter SQL Injection
WordPress Relevanssi Plugin - 'category_name' Parameter SQL Injection
Professional Designer E-Store 'id' Parameter Multiple SQL Injection
Professional Designer E-Store - 'id' Parameter Multiple SQL Injection
MeiuPic 'ctl' Parameter Local File Inclusion
MeiuPic - 'ctl' Parameter Local File Inclusion
Jorjweb 'id' Parameter SQL Injection
qEngine 'run' Parameter Local File Inclusion
Jorjweb - 'id' Parameter SQL Injection
qEngine - 'run' Parameter Local File Inclusion
Seo Panel 'file' Parameter Directory Traversal
Seo Panel - 'file' Parameter Directory Traversal
ZeusCart 'prodid' Parameter SQL Injection
ZeusCart - 'prodid' Parameter SQL Injection
VoipSwitch 'action' Parameter Local File Inclusion
VoipSwitch - 'action' Parameter Local File Inclusion
Joomla! Spider Video Player Extension 'theme' Parameter SQL Injection
Joomla! Spider Video Player Extension - 'theme' Parameter SQL Injection
Microsoft Office Excel Out-of-Bounds Read Remote Code Execution (MS16-042)
Microsoft Office Excel - Out-of-Bounds Read Remote Code Execution (MS16-042)
Microsoft Office Word 2007/2010/2013/2016 - Out-of-Bounds Read Remote Code Execution (MS16-099)
FreePBX 13 / 14 - Remote Code Execution
Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner) (2)
Easy FTP Server - _APPE_ Command Buffer Overflow Remote Exploit
2016-08-14 05:06:43 +00:00
Offensive Security
832f9cf8b5
DB: 2016-08-11
...
10 new exploits
Nagios Network Analyzer 2.2.1 - Multiple CSRF
Linux/x86 - zsh TCP Bind Shell Port 9090 (96 bytes)
Linux/x86 - zsh Reverse TCP Shellcode port 9090 (80 bytes)
Microsoft Office Word 2007_2010_2013_2016 - Out-of-Bounds Read Remote Code Execution (MS16-099)
vBulletin 5.2.2 - Preauth Server Side Request Forgery (SSRF)
EyeLock Myris 3.3.2 - SDK Service Unquoted Service Path Privilege Escalation
EyeLock nano NXT 3.5 - Local File Disclosure
EyeLock nano NXT 3.5 - Remote Root Exploit
WebNMS Framework Server 5.2 and 5.2 SP1 - Multiple Vulnerabilities
SAP SAPCAR - Multiple Vulnerabilities
2016-08-11 05:08:59 +00:00
Offensive Security
e161127711
DB: 2016-08-07
...
8 new exploits
Kodi Web Server 16.1 - Denial of Service
NUUO NVRmini 2 3.0.8 - Remote Root Exploit
NUUO NVRmini 2 3.0.8 - (Add Admin) CSRF
NUUO NVRmini 2 3.0.8 - Local File Disclosure
NUUO NVRmini 2 3.0.8 - Multiple OS Command Injection
NUUO NVRmini 2 3.0.8 - ShellShock Remote Code Execution
NUUO NVRmini 2 3.0.8 - Arbitrary File Deletion
NUUO NVRmini 2 3.0.8 - (strong_user.php) Backdoor Remote Shell Access
2016-08-07 05:06:35 +00:00
Offensive Security
1b40ae09d7
DB: 2016-08-02
...
4 new exploits
ProFTPD 1.2.7 < 1.2.9rc2 - Remote Root & brute-force Exploit
ProFTPD 1.2.7 < 1.2.9rc2 - Remote Root / brute-force Exploit
Linux Kernel 2.4.23 / <= 2.6.0 - 'do_mremap()' Validator (Proof of Concept) (1)
Linux Kernel 2.4.23 / <= 2.6.0 - 'do_mremap()' Validator (Proof of Concept) (2)
Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Validator (Proof of Concept) (1)
Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Validator (Proof of Concept) (2)
Linux Kernel 2.4.23 / <= 2.6.0 - 'do_mremap()' Bound Checking Local Root Exploit (3)
Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Bound Checking Local Root Exploit (3)
Linux Kernel 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Validator (Proof of Concept) (1)
Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Validator (Proof of Concept) (1)
Linux Kernel 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Local Root Exploit (2)
Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Local Root Exploit (2)
Symantec Multiple Firewall DNS Response Denial of Service
Symantec Multiple Firewall - DNS Response Denial of Service
Lexmark Multiple HTTP Servers Denial of Service
Lexmark Multiple HTTP Servers - Denial of Service
BadBlue 2.52 Web Server Multiple Connections Denial of Service Exploit
BadBlue 2.52 Web Server - Multiple Connections Denial of Service Exploit
Linux Kernel 2.4.28 / <= 2.6.9 - scm_send Local DoS Exploit
Linux Kernel 2.4.28 / 2.6.9 - scm_send Local DoS Exploit
Linux Kernel 2.6.9 / <= 2.4.28 - vc_resize int Local Overflow Exploit
Linux Kernel 2.6.9 / <= 2.4.28 - Memory Leak Local DoS
Linux Kernel 2.6.9 / <= 2.4.28 - ip_options_get Local Overflow
Linux Kernel 2.4.28 / 2.6.9 - vc_resize int Local Overflow Exploit
Linux Kernel 2.4.28 / 2.6.9 - Memory Leak Local DoS
Linux Kernel 2.4.28 / 2.6.9 - ip_options_get Local Overflow
Linux Kernel 2.6.9 / <= 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Local Root Exploit
Linux Kernel 2.6.9 / 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Local Root Exploit
WebWiz Products 1.0 / <= 3.06 - Login Bypass SQL Injection Exploits
WebWiz Products 1.0 / 3.06 - Login Bypass SQL Injection Exploits
Mambo 4.5.3 & Joomla 1.0.7 - (feed) Path Disclosure and Denial of Service Exploit
Mambo 4.5.3 & Joomla 1.0.7 - (feed) Path Disclosure / Denial of Service Exploit
Fast Click 1.1.3 / <= 2.3.8 - (show.php) Remote File Inclusion Exploit
Fast Click 1.1.3 / 2.3.8 - (show.php) Remote File Inclusion Exploit
Newsscript 0.5 - Remote and Local File Inclusion
Newsscript 0.5 - Remote File Inclusion / Local File Inclusion
Invision Gallery 2.0.7 ReadFile() & SQL Injection Exploit (linux)
Invision Gallery 2.0.7 ReadFile() & SQL Injection Exploit (Linux)
X-Cart ? Multiple Remote File Inclusion
X-Cart - Multiple Remote File Inclusion
Rayzz Script 2.0 - Remote / Local File Inclusion
Rayzz Script 2.0 - Remote File Inclusion / Local File Inclusion
QuickTime 7.4.1 QTPlugin.ocx Multiple Stack Overflow Vulnerabilities
QuickTime 7.4.1 - QTPlugin.ocx Multiple Stack Overflow Vulnerabilities
LookStrike Lan Manager 0.9 - Remote / Local File Inclusion
LookStrike Lan Manager 0.9 - Remote File Inclusion / Local File Inclusion
CMS WebManager-Pro Multiple SQL Injection
CMS WebManager-Pro - Multiple SQL Injection
Facil-CMS 0.1RC Multiple Local File Inclusion
Facil-CMS 0.1RC - Multiple Local File Inclusion
Bea Weblogic Apache Connector - Code Execution and Denial of Service Exploit
Bea Weblogic Apache Connector - Code Execution / Denial of Service Exploit
Nuked-klaN 1.7.7 / <= SP4.4 - Multiple Vulnerabilities
Nuked-klaN 1.7.7 / SP4.4 - Multiple Vulnerabilities
CafeEngine Multiple SQL Injection
CafeEngine - Multiple SQL Injection
A-Link WL54AP3 and WL54AP2 - CSRF + XSS
A-Link WL54AP3 and WL54AP2 - CSRF / XSS
GS Real Estate Portal Multiple SQL Injection
GS Real Estate Portal - Multiple SQL Injection
FloSites Blog Multiple SQL Injection
FloSites Blog - Multiple SQL Injection
ASP PORTAL Multiple SQL Injection
ASP PORTAL - Multiple SQL Injection
Simple Machines Forum 1.0.13 / <= 1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass
Simple Machines Forum 1.0.13 / 1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass
Pligg 9.9.5 - CSRF Protection Bypass and Captcha Bypass
Pligg 9.9.5 - CSRF Protection Bypass / Captcha Bypass
Demium CMS 0.2.1b - Multiple Vulnerabilities and Exploit
Demium CMS 0.2.1b - Multiple Vulnerabilities
Linux Kernel 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10 (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit
Linux Kernel 2.6.20 / 2.6.24 / 2.6.27_7-10 (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit
AudioPLUS 2.00.215 - (.lst & .m3u) Local Buffer Overflow (seh)
AudioPLUS 2.00.215 - (.lst & .m3u) Local Buffer Overflow (SEH)
Linux Kernel 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86_64) - set_selection() UTF-8 Off By One Local Exploit
Linux Kernel 2.6.24_16-23 / 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86_64) - set_selection() UTF-8 Off By One Local Exploit
jetty 6.x < 7.x - XSS & Information Disclosure & Injection
jetty 6.x < 7.x - XSS / Information Disclosure / Injection
OpenDocMan 1.2.5 - XSS & SQL injection
OpenDocMan 1.2.5 - XSS / SQL injection
Alteon OS BBI (Nortell) - (XSS and CSR) Multiple Vulnerabilities
Alteon OS BBI (Nortell) - XSS / CSR
Micronet SP1910 Data Access Controller UI XSS & HTML Code Injection
Micronet SP1910 Data Access Controller UI - XSS / HTML Code Injection
Kide Shoutbox 0.4.6 - XSS & AXFR
Kide Shoutbox 0.4.6 - XSS / AXFR
PHP-Nuke 8.0 - XSS & HTML Code Injection in News Module
PHP-Nuke 8.0 - XSS / HTML Code Injection in News Module
Invision Power Board 3.0.4 / <= 3.0.4 / <= 2.3.6 - LFI / SQL Injection
Invision Power Board 3.0.4 / 3.0.4 / 2.3.6 - LFI / SQL Injection
oBlog - Persistant XSS & CSRF & Admin Bruteforce
oBlog - Persistant XSS / CSRF / Admin Bruteforce
WP-Forum 2.3 - SQL Injection & Blind SQL Injection
WP-Forum 2.3 - SQL Injection / Blind SQL Injection
QuickEStore 7.9 - SQL Injection and Path Diclosure Download
QuickEStore 7.9 - SQL Injection / Path Diclosure Download
dotProject 2.1.3 - XSS and Improper Permissions
dotProject 2.1.3 - XSS / Improper Permissions
MOJO's IWms 7 SQL Injection & Cross-Site Scripting
MOJO's IWms 7 - SQL Injection / Cross-Site Scripting
Cisco Collaboration Server 5 - XSS & Source Code Disclosure
Cisco Collaboration Server 5 - XSS / Source Code Disclosure
cPanel Multiple CSRF Vulnerabilities
cPanel - Multiple CSRF Vulnerabilities
(Tod Miller's) Sudo/SudoEdit <= 1.6.9p21 / <= 1.7.2p4 - Local Root Exploit
(Tod Miller's) Sudo/SudoEdit 1.6.9p21 / 1.7.2p4 - Local Root Exploit
SiteDone Custom Edition 2.0 - SQL Injection & XSS
SiteDone Custom Edition 2.0 - SQL Injection / XSS
TSOKA:CMS 1.1 & 1.9 & 2.0 - SQL Injection & XSS
TSOKA:CMS 1.1 & 1.9 & 2.0 - SQL Injection / XSS
Centreon IT & Network Monitoring 2.1.5 - Injection SQL
Centreon IT & Network Monitoring 2.1.5 - SQL Injection
ilchClan 1.0.5 - (cid) SQL Injection & Exploit
ilchClan 1.0.5 - (cid) SQL Injection
joelz bulletin board 0.9.9rc3 - Multiple SQL Injection & Exploit
joelz bulletin board 0.9.9rc3 - Multiple SQL Injection
2DayBiz Advanced Poll Script - XSS and Authentication Bypass
2DayBiz Advanced Poll Script - XSS / Authentication Bypass
Socialware 2.2 - Upload and XSS
Socialware 2.2 - Upload / XSS
Waibrasil Remote / Local File Inclusion
Waibrasil - Remote File Inclusion / Local File Inclusion
I-Vision CMS - XSS & SQL Injection
I-Vision CMS - XSS / SQL Injection
phpMyAdmin 2.6.3-pl1 - Cross-Site Scripting and Full Path
phpMyAdmin 2.6.3-pl1 - Cross-Site Scripting / Full Path
3Com* iMC (Intelligent Management Center) - Various XSS and Information Disclosure Flaws
3Com* iMC (Intelligent Management Center) - XSS / Information Disclosure Flaws
WmsCMS - XSS & SQL Injection
iScripts eSwap 2.0 - SQLi and XSS
WmsCMS - XSS / SQL Injection
iScripts eSwap 2.0 - SQLi / XSS
reVou Twitter Clone 2.0 Beta - SQL Injection and XSS
JForum 2.1.8 bookmarks CSRF & XSS
reVou Twitter Clone 2.0 Beta - SQL Injection / XSS
JForum 2.1.8 bookmarks CSRF / XSS
eLms Pro - SQLi and XSS
PGAUTOPro - SQLi and XSS
eLms Pro - SQLi / XSS
PGAUTOPro - SQLi / XSS
Joomla 1.5 Jreservation Component - SQLi And XSS
Joomla 1.5 Jreservation Component - SQLi / XSS
Science Fair In A Box - SQLi & XSS
Science Fair In A Box - SQLi / XSS
PHP Property Rental Script - SQLi & XSS
PHP Property Rental Script - SQLi / XSS
SchoolMation 2.3 - SQLi and XSS
SchoolMation 2.3 - SQLi / XSS
UTStats - XSS & SQL Injection & Full path disclosure
UTStats - XSS / SQL Injection / Full path disclosure
SimpleAssets Authentication Bypass & XSS
SimpleAssets Authentication Bypass / XSS
InterScan Web Security 5.0 - Arbitrary File Upload & Local Privilege Escalation
InterScan Web Security 5.0 - Arbitrary File Upload / Local Privilege Escalation
ARSC Really Simple Chat 3.3 - Remote File Inclusion & XSS
ARSC Really Simple Chat 3.3 - Remote File Inclusion / XSS
Pre Multi-Vendor Shopping Malls SQL Injection & Auth Bypass
Pre Multi-Vendor Shopping Malls SQL Injection / Auth Bypass
Zylone IT Multiple Blind SQL Injection
Zylone IT - Multiple Blind SQL Injection
vBulletin 3.8.4 & 3.8.5 Registration Bypass
vBulletin 3.8.4 / 3.8.5 Registration Bypass
JaWiki 'versionNo' Parameter Cross Site Scripting
JaWiki 'versionNo' Parameter Cross-Site Scripting
411cc Multiple SQL Injection
411cc - Multiple SQL Injection
MantisBT 1.2.3 (db_type) - Cross-Site Scripting & Path Disclosure
MantisBT 1.2.3 (db_type) - Cross-Site Scripting / Path Disclosure
OpenEMR 3.2.0 - SQL Injection and XSS
OpenEMR 3.2.0 - SQL Injection / XSS
F3Site 2011 alfa 1 - (XSS & CSRF) Multiple Vulnerabilities
phpMySport 1.4 - (SQLi & Auth Bypass & Path Disclosure) Multiple Vulnerabilities
F3Site 2011 alfa 1 - (XSS / CSRF) Multiple Vulnerabilities
phpMySport 1.4 - SQLi / Auth Bypass / Path Disclosure
WordPress Plugin BackWPup - Remote and Local Code Execution
WordPress Plugin BackWPup - Remote Code Execution /Local Code Execution
Planex Mini-300PU & Mini100s Cross-Site Scripting
Planex Mini-300PU & Mini100s - Cross-Site Scripting
TinyBB 1.4 - Blind SQL Injection and Path Disclosure
TinyBB 1.4 - Blind SQL Injection / Path Disclosure
Linux Kernel 2.6.28 / <= 3.0 (DEC Alpha Linux) - Local Root Exploit
Linux Kernel 2.6.28 / 3.0 (DEC Alpha Linux) - Local Root Exploit
If-CMS 2.07 - Pre-Auth Local File Inclusion Exploit (Metasploit) (2)
If-CMS 2.07 - Pre-Auth Local File Inclusion Exploit (Metasploit) (2)
Webcat Multiple Blind SQL Injection
Webcat - Multiple Blind SQL Injection
Banana Dance CMS and Wiki SQL Injection
Banana Dance CMS and Wiki - SQL Injection
SMF 2.0.1 - SQL Injection & Privilege Escalation
SMF 2.0.1 - SQL Injection / Privilege Escalation
Linux/x86 - Polymorphic Shellcode setuid(0) + setgid(0) + add user _iph_ without password to /etc/passwd
Linux/x86 - Polymorphic Shellcode setuid(0) + setgid(0) + add user _iph_ without password to /etc/passwd
Apache Struts Multiple Persistent Cross-Site Scripting Vulnerabilities
Apache Struts - Multiple Persistent Cross-Site Scripting Vulnerabilities
phpList 2.10.17 - SQL Injection and XSS
phpList 2.10.17 - SQL Injection / XSS
vBshop Multiple Persistent XSS Vulnerabilities
vBshop - Multiple Persistent XSS Vulnerabilities
ArticleSetup Multiple Persistence Cross-Site Scripting and SQL Injection
ArticleSetup - Multiple Persistence Cross-Site Scripting / SQL Injection
Serendipity 1.6 - Backend XSS And SQLi
Serendipity 1.6 - Backend XSS / SQLi
Wireshark Multiple Dissector Denial of Service Vulnerabilities
Wireshark - Multiple Dissector Denial of Service Vulnerabilities
Useresponse 1.0.2 - Privilege Escalation & RCE Exploit
Useresponse 1.0.2 - Privilege Escalation / RCE Exploit
Linux Kernel 2.2/2.3 / Debian Linux 2.1 / RedHat Linux 6.0 / S.u.S.E. Linux 6.1 - IP Options
Linux Kernel 2.2 / 2.3 / Debian Linux 2.1 / RedHat Linux 6.0 / S.u.S.E. Linux 6.1 - IP Options
AlienVault OSSIM 3.1 - Reflected XSS and Blind SQL Injection
Spiceworks 5.3.75941 - Stored XSS and Post-Auth SQL Injection
AlienVault OSSIM 3.1 - Reflected XSS / Blind SQL Injection
Spiceworks 5.3.75941 - Stored XSS / Post-Auth SQL Injection
T-dah Webmail CSRF & Stored XSS
T-dah Webmail - CSRF / Stored XSS
XODA Document Management System 0.4.5 - XSS & Arbitrary File Upload
XODA Document Management System 0.4.5 - XSS / Arbitrary File Upload
WireShark 1.8.2 & 1.6.0 - Buffer Overflow PoC (0Day)
WireShark 1.8.2 / 1.6.0 - Buffer Overflow PoC (0Day)
businesswiki 2.5rc3 - Stored XSS & arbitrary file upload
businesswiki 2.5rc3 - Stored XSS / arbitrary file upload
SpyNet 6.5 Chat Server Multiple Connection Denial of Service
SpyNet 6.5 Chat Server - Multiple Connection Denial of Service
Exploit: NCMedia Sound Editor Pro 7.5.1 - (SEH + DEP Bypass)
NCMedia Sound Editor Pro 7.5.1 - (SEH + DEP Bypass)
Mozilla Bonsai Multiple Cross-Site Scripting Vulnerabilities
Mozilla Bonsai - Multiple Cross-Site Scripting Vulnerabilities
airVisionNVR 1.1.13 readfile() Disclosure and SQL Injection
airVisionNVR 1.1.13 - readfile() Disclosure / SQL Injection
BRS WebWeaver 1.0 4 POST and HEAD Denial of Service
BRS WebWeaver 1.0 4 - POST and HEAD Denial of Service
Caucho Resin 2.0/2.1 - Multiple HTML Injection and Cross-Site Scripting Vulnerabilities
Caucho Resin 2.0/2.1 - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities
MyDms 1.4 - SQL Injection And Directory Traversal
MyDms 1.4 - SQL Injection / Directory Traversal
D-Link DIR-600 and DIR-300 - (rev B) Multiple Vulnerabilities
D-Link DIR-600 and DIR-300 (rev B) - Multiple Vulnerabilities
D'Link DIR-615 Hardware rev D3 / DIR-300 - Hardware rev A Multiple Vulnerabilities
D'Link DIR-615 Hardware rev D3 / DIR-300 Hardware rev A - Multiple Vulnerabilities
Linux Kernel 2.6.x (RHEL4 <= 2.6.9 / <= 2.6.11) - SYS_EPoll_Wait Local Integer Overflow Local Root (2)
Linux Kernel 2.6.9 /2.6.11 (RHEL4) - SYS_EPoll_Wait Local Integer Overflow Local Root (2)
Linux Kernel 2.4.30 / <= 2.6.11.5 - Bluetooth bluez_sock_create Local Root
Linux Kernel 2.4.30 / 2.6.11.5 - Bluetooth bluez_sock_create Local Root
CKEditor < 4.1 - Persistent XSS WYSIWYG module Drupal 6.x & 7.x
CKEditor < 4.1WYSIWYG module Drupal 6.x & 7.x - Persistent XSS
OSTicket 1.2/1.3 - Multiple Input Validation and Remote Code Injection Vulnerabilities
OSTicket 1.2/1.3 - Multiple Input Validation / Remote Code Injection Vulnerabilities
Calendarix 0.8.20071118 - Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
MyBB - Multiple Cross-Site Scripting and SQL Injection
Calendarix 0.8.20071118 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities
MyBB - Multiple Cross-Site Scripting / SQL Injection
YaPiG 0.9x - Remote and Local File Inclusion
YaPiG 0.9x - Remote File Inclusion / Local File Inclusion
ATutor 1.4.3 tile.php Multiple Parameter XSS
ATutor 1.4.3 - tile.php Multiple Parameter XSS
CarLine Forum Russian Board 4.2 menu_footer.php Multiple Parameter XSS
CarLine Forum Russian Board 4.2 - menu_footer.php Multiple Parameter XSS
CarLine Forum Russian Board 4.2 menu_header.php Multiple Parameter XSS
CarLine Forum Russian Board 4.2 menu_tema.php Multiple Parameter XSS
CarLine Forum Russian Board 4.2 - menu_header.php Multiple Parameter XSS
CarLine Forum Russian Board 4.2 - menu_tema.php Multiple Parameter XSS
CarLine Forum Russian Board 4.2 reply.php Multiple Parameter XSS
CarLine Forum Russian Board 4.2 - reply.php Multiple Parameter XSS
CarLine Forum Russian Board 4.2 new.php Multiple Parameter XSS
CarLine Forum Russian Board 4.2 edit_msg.php Multiple Parameter XSS
CarLine Forum Russian Board 4.2 - new.php Multiple Parameter XSS
CarLine Forum Russian Board 4.2 - edit_msg.php Multiple Parameter XSS
CarLine Forum Russian Board 4.2 reply_in.php Multiple Parameter SQL Injection
CarLine Forum Russian Board 4.2 - reply_in.php Multiple Parameter SQL Injection
CarLine Forum Russian Board 4.2 memory.php Multiple Parameter SQL Injection
CarLine Forum Russian Board 4.2 line.php Multiple Parameter SQL Injection
CarLine Forum Russian Board 4.2 in.php Multiple Parameter SQL Injection
CarLine Forum Russian Board 4.2 enter.php Multiple Parameter SQL Injection
CarLine Forum Russian Board 4.2 - memory.php Multiple Parameter SQL Injection
CarLine Forum Russian Board 4.2 - line.php Multiple Parameter SQL Injection
CarLine Forum Russian Board 4.2 - in.php Multiple Parameter SQL Injection
CarLine Forum Russian Board 4.2 - enter.php Multiple Parameter SQL Injection
ASPNuke 0.80 register.asp Multiple Parameter XSS
ASPNuke 0.80 - register.asp Multiple Parameter XSS
Binary Board System 0.2.5 reply.pl Multiple Parameter XSS
Binary Board System 0.2.5 stats.pl Multiple Parameter XSS
Binary Board System 0.2.5 - reply.pl Multiple Parameter XSS
Binary Board System 0.2.5 - stats.pl Multiple Parameter XSS
ZixForum 1.12 Forum.ASP Multiple SQL Injection
ZixForum 1.12 - Forum.ASP Multiple SQL Injection
QNX 6.2/6.3 - Multiple Local Privilege Escalation and Denial of Service Vulnerabilities
QNX 6.2/6.3 - Multiple Local Privilege Escalation / Denial of Service Vulnerabilities
Web-APP.net WebAPP 0.9.x index.cgi Multiple Parameter XSS
Web-APP.net WebAPP 0.9.x - index.cgi Multiple Parameter XSS
IntelliLink Pro 5.06 edit.cgi Multiple Parameter XSS
IntelliLink Pro 5.06 - edit.cgi Multiple Parameter XSS
xFlow 5.46.11 index.cgi Multiple Parameter SQL Injection
xFlow 5.46.11 index.cgi Multiple Parameter XSS
xFlow 5.46.11 - index.cgi Multiple Parameter SQL Injection
xFlow 5.46.11 - index.cgi Multiple Parameter XSS
zenphoto 0.9/1.0 index.php Multiple Parameter XSS
zenphoto 0.9/1.0 - index.php Multiple Parameter XSS
ATutor 1.5.x create_course.php Multiple Parameter XSS
ATutor 1.5.x - create_course.php Multiple Parameter XSS
BlaBla 4U Multiple Cross-Site Scripting Vulnerabilities
BlaBla 4U - Multiple Cross-Site Scripting Vulnerabilities
Apache HTTP Server 1.3.35 / <= 2.0.58 / <= 2.2.2 - Arbitrary HTTP Request Headers Security Weakness
Apache HTTP Server 1.3.35 / 2.0.58 / 2.2.2 - Arbitrary HTTP Request Headers Security Weakness
WWWThreads 5.4 Cat Parameter Multiple Cross-Site Scripting Vulnerabilities
WWWThreads 5.4 - Cat Parameter Multiple Cross-Site Scripting Vulnerabilities
AckerTodo 4.2 Login.php Multiple SQL Injection
AckerTodo 4.2 - Login.php Multiple SQL Injection
ac4p Mobile index.php Multiple Parameter XSS
ac4p Mobile MobileNews.php Multiple Parameter XSS
ac4p Mobile - index.php Multiple Parameter XSS
ac4p Mobile - MobileNews.php Multiple Parameter XSS
ac4p Mobile up.php Multiple Parameter XSS
ac4p Mobile - up.php Multiple Parameter XSS
AShop Deluxe 4.5 ashop/catalogue.php Multiple Parameter XSS
AShop Deluxe 4.5 - ashop/catalogue.php Multiple Parameter XSS
AShop Deluxe 4.5 shipping.php Multiple Parameter XSS
AShop Deluxe 4.5 - shipping.php Multiple Parameter XSS
212cafeBoard Multiple Cross-Site Scripting Vulnerabilities
212cafeBoard - Multiple Cross-Site Scripting Vulnerabilities
Coppermine Photo Gallery 1.4.10 - Multiple Remote And Local File Inclusion
Coppermine Photo Gallery 1.4.10 - Multiple Remote File Inclusion / Local File Inclusion
Atom PhotoBlog 1.0.1/1.0.9AtomPhotoBlog.php Multiple Input Validation Vulnerabilities
Atom PhotoBlog 1.0.1/1.0.9 - AtomPhotoBlog.php Multiple Input Validation Vulnerabilities
PHP-Nuke 8.0.3.3b - SQL Injection Protection Bypass and Multiple SQL Injection
PHP-Nuke 8.0.3.3b - SQL Injection Protection Bypass / Multiple SQL Injection
WordPress Plugin DZS Video Gallery 3.1.3 - Remote and Local File Disclosure
WordPress Plugin DZS Video Gallery 3.1.3 - Remote File Disclosure / Local File Disclosure
ACG News 1.0 index.php Multiple SQL Injection
ACG News 1.0 - index.php Multiple SQL Injection
Add a link 4 - Security Bypass and SQL Injection
Add a link 4 - Security Bypass / SQL Injection
AlienVault OSSIM SQL Injection and Remote Code Execution
AlienVault OSSIM - SQL Injection / Remote Code Execution
bttlxe Forum 2.0 - Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
bttlxe Forum 2.0 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities
Neuron News 1.0 - Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
Neuron News 1.0 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities
Clever Copy 3.0 - Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
Clever Copy 3.0 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities
Cells Blog 3.3 - XSS Reflected & Blind SQLite Injection
Cells Blog 3.3 - XSS Reflected / Blind SQLite Injection
ProjectPier 0.8 - Multiple HTML Injection and Cross-Site Scripting Vulnerabilities
ProjectPier 0.8 - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities
MyBlog 1.x - SQL Injection and Remote File Inclusion
MyBlog 1.x - SQL Injection / Remote File Inclusion
PHP Classifieds 6.20 - Multiple Cross-Site Scripting and Authentication Bypass Vulnerabilities
PHP Classifieds 6.20 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities
Kloxo - SQL Injection and Remote Code Execution
Kloxo - SQL Injection / Remote Code Execution
PHP Address Book 3.1.5 - Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
PHP Address Book 3.1.5 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities
GL-SH Deaf Forum 6.5.5 - Cross-Site Scripting and Arbitrary File Upload
GL-SH Deaf Forum 6.5.5 - Cross-Site Scripting / Arbitrary File Upload
couponPHP CMS 1.0 - Multiple Stored XSS and SQL Injection
couponPHP CMS 1.0 - Multiple Stored XSS / SQL Injection
EasyDynamicPages 3.0 - Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
EasyPublish 3.0 - 'read' Parameter Multiple SQL Injection and Cross-Site Vulnerabilities
EasyDynamicPages 3.0 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities
EasyPublish 3.0 - 'read' Parameter Multiple SQL Injection / Cross-Site Scripting
EasyE-Cards 3.10 - (SQL Injection and Cross-Site Scripting) Multiple Vulnerabilities
EasyE-Cards 3.10 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
dotProject 2.1.2 - Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
dotProject 2.1.2 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities
@Mail 5.42 and @Mail WebMail 5.0.5 - Multiple Cross-Site Scripting Vulnerabilities
@Mail 5.42 and @Mail WebMail 5.0.5 - Multiple Cross-Site Scripting
DHCart 3.84 - Multiple Cross-Site Scripting And HTML Injection Vulnerabilities
DHCart 3.84 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
KDE Konqueror 4.1 - Multiple Cross-Site Scripting and Denial of Service Vulnerabilities
KDE Konqueror 4.1 - Multiple Cross-Site Scripting / Denial of Service Vulnerabilities
4CMS - SQL Injection and Local File Inclusion
4CMS - SQL Injection / Local File Inclusion
PTCeffect 4.6 - LFI & SQL Injection
PTCeffect 4.6 - LFI / SQL Injection
010 Editor 3.0.4 File Parsing Multiple Buffer Overflow Vulnerabilities
010 Editor 3.0.4 - File Parsing Multiple Buffer Overflow Vulnerabilities
DWebPro 6.8.26 - Directory Traversal and Arbitrary File Disclosure
DWebPro 6.8.26 - Directory Traversal / Arbitrary File Disclosure
Kingsoft Webshield 1.1.0.62 - Cross-Site scripting and Remote Command Execution
Kingsoft Webshield 1.1.0.62 - Cross-Site scripting / Remote Command Execution
LxBlog Multiple Cross-Site Scripting and SQL Injection
LxBlog Multiple Cross-Site Scripting / SQL Injection
Joomla! < 1.5.11 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities
Joomla! < 1.5.11 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
PhotoPost PHP 3.3.1 - 'cat' Parameter Cross-Site Scripting and SQL Injection
PhotoPost PHP 3.3.1 - 'cat' Parameter Cross-Site Scripting / SQL Injection
Natychmiast CMS - Multiple Cross-Site Scripting and SQL Injection
Natychmiast CMS - Multiple Cross-Site Scripting / SQL Injection
e107 0.7.x - ('CAPTCHA' Security Bypass and Cross-Site Scripting) Multiple Vulnerabilities
e107 0.7.x - ('CAPTCHA' Security Bypass / Cross-Site Scripting) Multiple Vulnerabilities
Achievo 1.x - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities
Dream Poll 3.1 - 'index.php' Cross-Site Scripting and SQL Injection
Achievo 1.x - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
Dream Poll 3.1 - 'index.php' Cross-Site Scripting / SQL Injection
Pentaho BI 1.x - Multiple Cross-Site Scripting and Information Disclosure Vulnerabilities
Pentaho BI 1.x - Multiple Cross-Site Scripting / Information Disclosure Vulnerabilities
Oracle E-Business Suite 11i Multiple Remote Vulnerabilities
Oracle E-Business Suite 11i - Multiple Remote Vulnerabilities
Photokorn 1.542 - Cross-Site Scripting and Remote File Inclusion
Photokorn 1.542 - Cross-Site Scripting / Remote File Inclusion
dotProject 2.1.3 - Multiple SQL Injection and HTML Injection Vulnerabilities
dotProject 2.1.3 - Multiple SQL Injection / HTML Injection Vulnerabilities
Linux Kernel 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04/12.04.1/12.04.2 x64) - 'perf_swevent_init' Local Root Exploit (3)
Linux Kernel 3.2.0-23 / 3.5.0-23 (Ubuntu 12.04/12.04.1/12.04.2 x64) - 'perf_swevent_init' Local Root Exploit (3)
Kempt SiteDone 2.0 - 'detail.php' Cross-Site Scripting and SQL Injection
Kempt SiteDone 2.0 - 'detail.php' Cross-Site Scripting / SQL Injection
Lunar CMS 3.3 - CSRF And Stored XSS
Lunar CMS 3.3 - CSRF / Stored XSS
NovaSTOR NovaNET 11.0 - Remote DoS and arbitrary memory read
NovaSTOR NovaNET 11.0 - Remote DoS / arbitrary memory read
NolaPro Enterprise 4.0.5538 - Cross-Site Scripting and SQL Injection
NolaPro Enterprise 4.0.5538 - Cross-Site Scripting / SQL Injection
Lisk CMS 4.4 - 'id' Parameter Multiple Cross-Site Scripting and SQL Injection
Lisk CMS 4.4 - 'id' Parameter Multiple Cross-Site Scripting / SQL Injection
Omeka 2.2 - CSRF And Stored XSS
Omeka 2.2 - CSRF / Stored XSS
Oxwall 1.7.0 - Multiple CSRF And HTML Injection Vulnerabilities
Oxwall 1.7.0 - Multiple CSRF / HTML Injection Vulnerabilities
SkaDate Lite 2.0 - Multiple CSRF And Persistent XSS Vulnerabilities
SkaDate Lite 2.0 - Multiple CSRF / Persistent XSS Vulnerabilities
Disqus for WordPress 2.7.5 - Admin Stored CSRF and XSS
Disqus for WordPress 2.7.5 - Admin Stored CSRF / XSS
PacketVideo Twonky Server 4.4.17/5.0.65 - Cross-Site Scripting and HTML Injection Vulnerabilities
PacketVideo Twonky Server 4.4.17/5.0.65 - Cross-Site Scripting / HTML Injection Vulnerabilities
Cetera eCommerce Multiple Cross-Site Scripting and HTML Injection Vulnerabilities
Cetera eCommerce - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
Allinta CMS 22.07.2010 - Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
Allinta CMS 22.07.2010 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities
Nagios XI Multiple Cross-Site Request Forgery Vulnerabilities
Nagios XI 0 Multiple Cross-Site Request Forgery Vulnerabilities
JBoard Multiple Cross-Site Scripting and SQL Injection
JBoard Multiple Cross-Site Scripting / SQL Injection
ServletExec - (Directory Traversal and Authentication-Bypass) Multiple Vulnerabilities
ServletExec - (Directory Traversal / Authentication-Bypass) Multiple Vulnerabilities
123 Flash Chat Multiple Security Vulnerabilities
123 Flash Chat = Multiple Security Vulnerabilities
CompuCMS - Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
CompuCMS - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities
Briefcase 4.0 iOS - Code Execution & File Include
Briefcase 4.0 iOS - Code Execution / File Include
Million Dollar Pixel Ads Cross-Site Scripting and SQL Injection
Million Dollar Pixel Ads Cross-Site Scripting / SQL Injection
PluXml 5.0.1 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities
PluXml 5.0.1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
AdvertisementManager 3.1 - 'req' Parameter Local and Remote File Inclusion
AdvertisementManager 3.1 - 'req' Parameter Local File Inclusion / Remote File Inclusion
CMS WebManager-Pro 7.4.3 - Cross-Site Scripting and SQL Injection
CMS WebManager-Pro 7.4.3 - Cross-Site Scripting / SQL Injection
Centreon SQL and Command Injection
Centreon - SQL Injection / Command Injection
net2ftp 0.98 - (stable) 'admin1.template.php' Local and Remote File Inclusion
net2ftp 0.98 - (stable) 'admin1.template.php' Local File Inclusion / Remote File Inclusion
PHP TopSites 2.1 - 'rate.php' Cross-Site Scripting and SQL Injection
PHP TopSites 2.1 - 'rate.php' Cross-Site Scripting / SQL Injection
BLOG:CMS 4.2.1 e Multiple HTML Injection and Cross-Site Scripting Vulnerabilities
BLOG:CMS 4.2.1 e - Multiple HTML Injection / Cross-Site Scripting
Modx CMS 2.2.14 - CSRF Bypass & Reflected XSS & Stored XSS
Modx CMS 2.2.14 - CSRF Bypass / Reflected XSS / Stored XSS
BlogEngine.NET 1.6 - Directory Traversal and Information Disclosure
BlogEngine.NET 1.6 - Directory Traversal / Information Disclosure
TinyWebGallery 1.8.3 - Cross-Site Scripting and Local File Inclusion
TinyWebGallery 1.8.3 - Cross-Site Scripting / Local File Inclusion
Batavi 1.0 - Multiple Local File Inclusion and Cross-Site Scripting Vulnerabilities
Batavi 1.0 - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities
1 Flash Gallery WordPress Plugin 0.2.5 - Cross-Site Scripting and SQL Injection
1 Flash Gallery WordPress Plugin 0.2.5 - Cross-Site Scripting / SQL Injection
CosmoShop 10.05.00 - Multiple Cross-Site Scripting and SQL Injection
CosmoShop 10.05.00 - Multiple Cross-Site Scripting / SQL Injection
Anantasoft Gazelle CMS 1.0 - Cross-Site Scripting and SQL Injection
Anantasoft Gazelle CMS 1.0 - Cross-Site Scripting / SQL Injection
Online store php script Multiple Cross-Site Scripting and SQL Injection
Online store php script Multiple Cross-Site Scripting / SQL Injection
Ripe Website Manager 1.1 - Cross-Site Scripting and Multiple SQL Injection
Ripe Website Manager 1.1 - Cross-Site Scripting / Multiple SQL Injection
Cetera eCommerce Multiple Cross-Site Scripting and SQL Injection
Cetera eCommerce Multiple Cross-Site Scripting / SQL Injection
osCSS 2.1 - Cross-Site Scripting and Multiple Local File Inclusion
osCSS 2.1 - Cross-Site Scripting / Multiple Local File Inclusion
CIK Telecom VoIP router SVG6000RW - Privilege Escalation and Command Execution
CIK Telecom VoIP router SVG6000RW - Privilege Escalation / Command Execution
Spellchecker Plugin 3.1 for WordPress - 'general.php' Local and Remote File Inclusion
Spellchecker Plugin 3.1 for WordPress - 'general.php' Local File Inclusion / Remote File Inclusion
PhoenixCMS 1.7 - Local File Inclusion and SQL Injection
PhoenixCMS 1.7 - Local File Inclusion / SQL Injection
4Images 1.7.9 - Multiple Remote File Inclusion and SQL Injection
4Images 1.7.9 - Multiple Remote File Inclusions / SQL Injection
Sermon Browser WordPress Plugin 0.43 - Cross-Site Scripting and SQL Injection
Sermon Browser WordPress Plugin 0.43 - Cross-Site Scripting / SQL Injection
Nuke Evolution Xtreme 2.0 - Local File Inclusion and SQL Injection
Nuke Evolution Xtreme 2.0 - Local File Inclusion / SQL Injection
Tine 2.0 - 'vbook.php' Cross Site Scripting
LANSA aXes Web Terminal TN5250 - 'axes_default.css' Cross Site Scripting
LDAP Account Manager 3.4.0 selfserviceSaveOk Parameter Cross Site Scripting
Tine 2.0 - 'vbook.php' Cross-Site Scripting
LANSA aXes Web Terminal TN5250 - 'axes_default.css' Cross-Site Scripting
LDAP Account Manager 3.4.0 selfserviceSaveOk Parameter Cross-Site Scripting
E2 Photo Gallery 0.9 - 'index.php' Cross Site Scripting
YaPIG 0.95 Multiple Cross Site Scripting Vulnerabilities
Web Auction 0.3.6 'lang' Parameter Cross Site Scripting
Proofpoint Protection Server 5.5.5 - 'process.cgi' Cross Site Scripting
E2 Photo Gallery 0.9 - 'index.php' Cross-Site Scripting
YaPIG 0.95 - Multiple Cross-Site Scripting Vulnerabilities
Web Auction 0.3.6 'lang' Parameter Cross-Site Scripting
Proofpoint Protection Server 5.5.5 - 'process.cgi' Cross-Site Scripting
SelectaPix 1.4.1 - 'uploadername' Parameter Cross Site Scripting
Multiple GoT.MY Products 'theme_dir' Parameter Cross Site Scripting
SelectaPix 1.4.1 - 'uploadername' Parameter Cross-Site Scripting
Multiple GoT.MY Products 'theme_dir' Parameter Cross-Site Scripting
WP Ajax Calendar 1.0 - 'example.php' Cross Site Scripting
PHP Directory Listing Script 3.1 - 'index.php' Cross Site Scripting
BMC Remedy Knowledge Management 7.5.00 Default Account and Multiple Cross Site Scripting Vulnerabilities
BMC Dashboards 7.6.01 - Cross Site Scripting / Information Disclosure
PHPDug 2.0 Multiple Cross Site Scripting Vulnerabilities
WP Ajax Calendar 1.0 - 'example.php' Cross-Site Scripting
PHP Directory Listing Script 3.1 - 'index.php' Cross-Site Scripting
BMC Remedy Knowledge Management 7.5.00 Default Account and Multiple Cross-Site Scripting Vulnerabilities
BMC Dashboards 7.6.01 - Cross-Site Scripting / Information Disclosure
PHPDug 2.0 - Multiple Cross-Site Scripting Vulnerabilities
encoder 0.4.10 - 'edit.php' Cross Site Scripting
Ampache 3.5.4 - 'login.php' Cross Site Scripting
encoder 0.4.10 - 'edit.php' Cross-Site Scripting
Ampache 3.5.4 - 'login.php' Cross-Site Scripting
Gelsheet 1.02 - 'index.php' Cross Site Scripting
Gelsheet 1.02 - 'index.php' Cross-Site Scripting
Perl 5.10 Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities
Perl 5.10 - Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities
Keyfax Customer Response Management 3.2.2.6 Multiple Cross Site Scripting Vulnerabilities
Keyfax Customer Response Management 3.2.2.6 - Multiple Cross-Site Scripting Vulnerabilities
Pandora 3.1 - Auth Bypass and Arbitrary File Upload
Pandora 3.1 - Auth Bypass / Arbitrary File Upload
Apache Struts 2.0.0 <= 2.2.1.1 - XWork 's:submit' HTML Tag Cross Site Scripting
poMMo Aardvark PR16.1 Multiple Cross Site Scripting Vulnerabilities
Calendarix 0.8.20080808 Multiple Cross Site Scripting and SQL Injection
Apache Struts 2.0.0 <= 2.2.1.1 - XWork 's:submit' HTML Tag Cross-Site Scripting
poMMo Aardvark PR16.1 - Multiple Cross-Site Scripting Vulnerabilities
Calendarix 0.8.20080808 - Multiple Cross-Site Scripting and SQL Injection
Argyle Social Multiple Cross Site Scripting Vulnerabilities
Argyle Social - Multiple Cross-Site Scripting Vulnerabilities
Mitel Audio and Web Conferencing 4.4.3.0 Multiple Cross Site Scripting Vulnerabilities
Mitel Audio and Web Conferencing 4.4.3.0 - Multiple Cross-Site Scripting Vulnerabilities
allocPSA 1.7.4 - 'login/login.php' Cross Site Scripting
DocMGR 1.1.2 - 'history.php' Cross Site Scripting
openQRM 4.8 - 'source_tab' Parameter Cross Site Scripting
allocPSA 1.7.4 - 'login/login.php' Cross-Site Scripting
DocMGR 1.1.2 - 'history.php' Cross-Site Scripting
openQRM 4.8 - 'source_tab' Parameter Cross-Site Scripting
eFront 3.6.9 - 'submitScore.php' Cross Site Scripting
PHP Calendar Basic 2.3 Multiple Cross Site Scripting Vulnerabilities
TWiki 5.0.1 - 'origurl' Parameter Cross Site Scripting
eFront 3.6.9 - 'submitScore.php' Cross-Site Scripting
PHP Calendar Basic 2.3 - Multiple Cross-Site Scripting Vulnerabilities
TWiki 5.0.1 - 'origurl' Parameter Cross-Site Scripting
CiscoWorks Common Services Framework 3.1.1 Help Servlet Cross Site Scripting
Cisco Unified Operations Manager 8.5 Common Services Device Center Cross Site Scripting
CiscoWorks Common Services Framework 3.1.1 Help Servlet Cross-Site Scripting
Cisco Unified Operations Manager 8.5 Common Services Device Center Cross-Site Scripting
Room Juice 0.3.3 - 'display.php' Cross Site Scripting
Room Juice 0.3.3 - 'display.php' Cross-Site Scripting
LimeSurvey 1.85+ 'admin.php' Cross Site Scripting
LimeSurvey 1.85+ 'admin.php' Cross-Site Scripting
phpScheduleIt 1.2.12 Multiple Cross Site Scripting Vulnerabilities
phpScheduleIt 1.2.12 - Multiple Cross-Site Scripting Vulnerabilities
Ajax Chat 1.0 - 'ajax-chat.php' Cross Site Scripting
Gadu-Gadu Instant Messenger 6.0 File Transfer Cross Site Scripting
Ajax Chat 1.0 - 'ajax-chat.php' Cross-Site Scripting
Gadu-Gadu Instant Messenger 6.0 File Transfer Cross-Site Scripting
Cotonti 0.9.2 Multiple SQL Injection
Cotonti 0.9.2 - Multiple SQL Injection
Kryn.cms 0.9 - '_kurl' Parameter Cross Site Scripting
Kryn.cms 0.9 - '_kurl' Parameter Cross-Site Scripting
Blackboard Learn 8.0 - 'keywordraw' Parameter Cross Site Scripting
Blackboard Learn 8.0 - 'keywordraw' Parameter Cross-Site Scripting
Kentico CMS 5.5R2.23 - 'userContextMenu_parameter' Parameter Cross Site Scripting
Serendipity Freetag-plugin 3.21 - 'index.php' Cross Site Scripting
Kentico CMS 5.5R2.23 - 'userContextMenu_parameter' Parameter Cross-Site Scripting
Serendipity Freetag-plugin 3.21 - 'index.php' Cross-Site Scripting
ARSC Really Simple Chat 3.3-rc2 - Cross Site Scripting and Multiple SQL Injection
ARSC Really Simple Chat 3.3-rc2 - Cross-Site Scripting / Multiple SQL Injection
Nagios 3.2.3 - 'expand' Parameter Cross Site Scripting
Nagios 3.2.3 - 'expand' Parameter Cross-Site Scripting
vBulletin vBExperience 3 - 'sortorder' Parameter Cross Site Scripting
vBulletin vBExperience 3 - 'sortorder' Parameter Cross-Site Scripting
Nakid CMS 1.0.2 - 'CKEditorFuncNum' Parameter Cross Site Scripting
Multiple WordPress WooThemes - 'test.php' Cross Site Scripting
Nakid CMS 1.0.2 - 'CKEditorFuncNum' Parameter Cross-Site Scripting
Multiple WordPress WooThemes - 'test.php' Cross-Site Scripting
Squiz Matrix 4 - 'colour_picker.php' Cross Site Scripting
Squiz Matrix 4 - 'colour_picker.php' Cross-Site Scripting
BLOG:CMS 4.2 Multiple Cross Site Scripting Vulnerabilities
BLOG:CMS 4.2 - Multiple Cross-Site Scripting Vulnerabilities
The Pacer Edition CMS 2.1 - 'email' Parameter Cross Site Scripting
The Pacer Edition CMS 2.1 - 'email' Parameter Cross-Site Scripting
vBTube 1.2.9 - 'vBTube.php' Multiple Cross Site Scripting Vulnerabilities
miniblog 1.0 Multiple Cross Site Scripting Vulnerabilities
vBTube 1.2.9 - 'vBTube.php' Multiple Cross-Site Scripting Vulnerabilities
miniblog 1.0 - Multiple Cross-Site Scripting Vulnerabilities
Sunway ForceControl 6.1 Multiple Heap Based Buffer Overflow Vulnerabilities
Sunway ForceControl 6.1 - Multiple Heap Based Buffer Overflow Vulnerabilities
Immophp 1.1.1 Cross Site Scripting and SQL Injection
Taha Portal 3.2 - 'sitemap.php' Cross Site Scripting
Immophp 1.1.1 Cross-Site Scripting and SQL Injection
Taha Portal 3.2 - 'sitemap.php' Cross-Site Scripting
Sitemagic CMS 2010.04.17 - 'SMExt' Parameter Cross Site Scripting
Sitemagic CMS 2010.04.17 - 'SMExt' Parameter Cross-Site Scripting
FanUpdate 3.0 - 'pageTitle' Parameter Cross Site Scripting
FanUpdate 3.0 - 'pageTitle' Parameter Cross-Site Scripting
ecommerceMajor - SQL Injection And Authentication bypass
ecommerceMajor - SQL Injection / Authentication bypass
Mambo CMS 4.6.x Multiple Cross Site Scripting Vulnerabilities
Mambo CMS 4.6.x Multiple Cross-Site Scripting Vulnerabilities
Joomla! CMS 1.6.3 Multiple Cross Site Scripting Vulnerabilities
Joomla! CMS 1.6.3 - Multiple Cross-Site Scripting Vulnerabilities
FlatPress 0.1010.1 Multiple Cross Site Scripting Vulnerabilities
FlatPress 0.1010.1 - Multiple Cross-Site Scripting Vulnerabilities
webERP 4.3.8 Multiple Script URI XSS
webERP 4.3.8 - Multiple Script URI XSS
PHPJunkYard GBook 1.6/1.7 Multiple Cross Site Scripting Vulnerabilities
PHPJunkYard GBook 1.6/1.7 - Multiple Cross-Site Scripting Vulnerabilities
WebCalendar 1.2.3 Multiple Cross Site Scripting Vulnerabilities
WebCalendar 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities
Paliz Portal Cross Site Scripting and Multiple SQL Injection
Paliz Portal Cross-Site Scripting and Multiple SQL Injection
Classified Script c-BrowseClassified URL Cross Site Scripting
Classified Script c-BrowseClassified URL Cross-Site Scripting
Prontus CMS 'page' Parameter Cross Site Scripting
Prontus CMS 'page' Parameter Cross-Site Scripting
Alice Modem 1111 - 'rulename' Parameter Cross Site Scripting / Denial of Service
Alice Modem 1111 - 'rulename' Parameter Cross-Site Scripting / Denial of Service
Flowplayer 3.2.7 linkUrl' Parameter Cross Site Scripting
TCExam 11.2.x Multiple Cross Site Scripting Vulnerabilities
Flowplayer 3.2.7 linkUrl' Parameter Cross-Site Scripting
TCExam 11.2.x Multiple Cross-Site Scripting Vulnerabilities
Joomla! 'com_resman' Component Cross Site Scripting
Joomla! 'com_resman' Component Cross-Site Scripting
Joomla! 1.6.5 and Prior Multiple Cross Site Scripting Vulnerabilities
Tiki Wiki CMS Groupware 7.2 - 'snarf_ajax.php' Cross Site Scripting
Cyberoam UTM Multiple Cross Site Scripting Vulnerabilities
Joomla! 1.6.5 and Prior Multiple Cross-Site Scripting Vulnerabilities
Tiki Wiki CMS Groupware 7.2 - 'snarf_ajax.php' Cross-Site Scripting
Cyberoam UTM Multiple Cross-Site Scripting Vulnerabilities
Online Grades 3.2.5 Multiple Cross Site Scripting Vulnerabilities
Online Grades 3.2.5 - Multiple Cross-Site Scripting Vulnerabilities
Curverider Elgg 1.7.9 Multiple Cross Site Scripting Vulnerabilities
Curverider Elgg 1.7.9 - Multiple Cross-Site Scripting Vulnerabilities
mt LinkDatenbank 'b' Parameter Cross Site Scripting
BESNI OKUL PORTAL 'sayfa.asp' Cross Site Scripting
mt LinkDatenbank 'b' Parameter Cross-Site Scripting
BESNI OKUL PORTAL 'sayfa.asp' Cross-Site Scripting
HESK 2.2 Multiple Cross Site Scripting Vulnerabilities
WordPress WP e-Commerce Plugin 3.8.6 - 'cart_messages[]' Parameter Cross Site Scripting
Community Server 2007/2008 - 'TagSelector.aspx' Cross Site Scripting
Microsoft Visual Studio Report Viewer 2005 Control Multiple Cross Site Scripting Vulnerabilities
HESK 2.2 - Multiple Cross-Site Scripting Vulnerabilities
WordPress WP e-Commerce Plugin 3.8.6 - 'cart_messages[]' Parameter Cross-Site Scripting
Community Server 2007/2008 - 'TagSelector.aspx' Cross-Site Scripting
Microsoft Visual Studio Report Viewer 2005 Control Multiple Cross-Site Scripting Vulnerabilities
u5CMS 3.9.3 - Multiple Stored And Reflected XSS Vulnerabilities
u5CMS 3.9.3 - Multiple Stored XSS / Reflected XSS Vulnerabilities
Softbiz Recipes Portal Script Multiple Cross Site Scripting Vulnerabilities
Search Network 2.0 - 'query' Parameter Cross Site Scripting
OpenEMR 4.0 Multiple Cross Site Scripting Vulnerabilities
Softbiz Recipes Portal Script Multiple Cross-Site Scripting Vulnerabilities
Search Network 2.0 - 'query' Parameter Cross-Site Scripting
OpenEMR 4.0 - Multiple Cross-Site Scripting Vulnerabilities
WordPress eShop Plugin 6.2.8 - Multiple Cross Site Scripting Vulnerabilities
WordPress eShop Plugin 6.2.8 - Multiple Cross-Site Scripting Vulnerabilities
SurgeFTP 23b6 Multiple Cross Site Scripting Vulnerabilities
phpWebSite 'page_id' Parameter Cross Site Scripting
awiki 20100125 Multiple Local File Inclusion
SurgeFTP 23b6 - Multiple Cross-Site Scripting Vulnerabilities
phpWebSite 'page_id' Parameter Cross-Site Scripting
awiki 20100125 - Multiple Local File Inclusion
WordPress Fast Secure Contact Form 3.0.3.1 - 'index.php' Cross Site Scripting
WordPress WP-Stats-Dashboard Plugin 2.6.5.1 - Multiple Cross Site Scripting Vulnerabilities
WordPress Fast Secure Contact Form 3.0.3.1 - 'index.php' Cross-Site Scripting
WordPress WP-Stats-Dashboard Plugin 2.6.5.1 - Multiple Cross-Site Scripting Vulnerabilities
PHP Prior to 5.3.7 Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities
PHP Prior to 5.3.7 - Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities
Adobe ColdFusion - 'probe.cfm' Cross Site Scripting
MantisBT 1.1.8 Cross Site Scripting and SQL Injection
Adobe ColdFusion - 'probe.cfm' Cross-Site Scripting
MantisBT 1.1.8 Cross-Site Scripting and SQL Injection
OneFileCMS 1.1.1 - 'onefilecms.php' Cross Site Scripting
Pandora FMS 3.x - 'index.php' Cross Site Scripting
OneFileCMS 1.1.1 - 'onefilecms.php' Cross-Site Scripting
Pandora FMS 3.x - 'index.php' Cross-Site Scripting
Concrete 5.4.1 1 - 'rcID' Parameter Cross Site Scripting
Open Classifieds 1.7.2 Multiple Cross Site Scripting Vulnerabilities
Concrete 5.4.1 1 - 'rcID' Parameter Cross-Site Scripting
Open Classifieds 1.7.2 - Multiple Cross-Site Scripting Vulnerabilities
WonderPlugin Audio Player 2.0 - Blind SQL Injection and XSS
WonderPlugin Audio Player 2.0 - Blind SQL Injection / XSS
IBM Open Admin Tool 2.71 Multiple Cross Site Scripting Vulnerabilities
IBM Open Admin Tool 2.71 - Multiple Cross-Site Scripting Vulnerabilities
Mambo CMS N-Skyrslur Cross Site Scripting
Mambo CMS N-Skyrslur Cross-Site Scripting
GuppY CMS 5.0.9 & 5.00.10 Multiple CSRF Vulnerabilities
GuppY CMS 5.0.9 & 5.00.10 - Multiple CSRF Vulnerabilities
ACal 2.2.6 'calendar.php' Cross Site Scripting
ACal 2.2.6 'calendar.php' Cross-Site Scripting
YABSoft Advanced Image Hosting Script 2.3 - 'report.php' Cross Site Scripting
YABSoft Advanced Image Hosting Script 2.3 - 'report.php' Cross-Site Scripting
Kisanji 'gr' Parameter Cross Site Scripting
GeoClassifieds Lite 2.0.x Multiple Cross Site Scripting and SQL Injection
Kisanji 'gr' Parameter Cross-Site Scripting
GeoClassifieds Lite 2.0.x Multiple Cross-Site Scripting and SQL Injection
Zikula Application Framework 1.2.7/1.3 - 'themename' Parameter Cross Site Scripting
SkaDate 'blogs.php' Cross Site Scripting
Zikula Application Framework 1.2.7/1.3 - 'themename' Parameter Cross-Site Scripting
SkaDate 'blogs.php' Cross-Site Scripting
Pluck 4.7 Multiple Local File Inclusion and File Disclosure Vulnerabilities
Pluck 4.7 - Multiple Local File Inclusion and File Disclosure Vulnerabilities
Papoo CMS Light 4.0 Multiple Cross Site Scripting Vulnerabilities
Papoo CMS Light 4.0 - Multiple Cross-Site Scripting Vulnerabilities
Orion Network Performance Monitor 10.1.3 - 'CustomChart.aspx' Cross Site Scripting
Orion Network Performance Monitor 10.1.3 - 'CustomChart.aspx' Cross-Site Scripting
PunBB 1.3.5 Multiple Cross-Site Scripting Vulnerabilities
PunBB 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities
Toko LiteCMS 1.5.2 - HTTP Response Splitting / Cross Site Scripting
Aspgwy Access 1.0 - 'matchword' Parameter Cross Site Scripting
net4visions Multiple Products - 'dir' parameters Multiple Cross Site Scripting Vulnerabilities
Toko LiteCMS 1.5.2 - HTTP Response Splitting / Cross-Site Scripting
Aspgwy Access 1.0 - 'matchword' Parameter Cross-Site Scripting
net4visions Multiple Products - 'dir' parameters Multiple Cross-Site Scripting Vulnerabilities
Card sharj 1.0 Multiple SQL Injection
Card sharj 1.0 - Multiple SQL Injection
i-Gallery 3.4 - 'd' Parameter Cross Site Scripting
Free Help Desk 1.1b Multiple Input Validation Vulnerabilities
phpRS 2.8.1 Multiple SQL Injection and Cross Site Scripting Vulnerabilities
OneCMS 2.6.4 Multiple SQL Injection
Zyncro 3.0.1.20 Multiple HTML Injection Vulnerabilities
i-Gallery 3.4 - 'd' Parameter Cross-Site Scripting
Free Help Desk 1.1b - Multiple Input Validation Vulnerabilities
phpRS 2.8.1 - Multiple SQL Injection / Cross-Site Scripting
OneCMS 2.6.4 - Multiple SQL Injection
Zyncro 3.0.1.20 - Multiple HTML Injection Vulnerabilities
AdaptCMS 2.0.1 - Cross Site Scripting / Information Disclosure
Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross Site Scripting
AdaptCMS 2.0.1 - Cross-Site Scripting / Information Disclosure
Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting
Adobe ColdFusion 7 - Multiple Cross Site Scripting Vulnerabilities
Adobe ColdFusion 7 - Multiple Cross-Site Scripting Vulnerabilities
Traq 2.2 Multiple SQL Injection and Cross Site Scripting Vulnerabilities
Joomla! 1.7.0 and Prior Multiple Cross Site Scripting Vulnerabilities
Bitweaver 2.8.1 Multiple Cross-Site Scripting Vulnerabilities
WordPress Atahualpa Theme 3.6.7 - 's' Parameter Cross Site Scripting
WordPress Hybrid Theme 0.9 - 'cpage' Parameter Cross Site Scripting
WordPress F8 Lite Theme 4.2.1 - 's' Parameter Cross Site Scripting
WordPress Elegant Grunge Theme 1.0.3 - 's' Parameter Cross Site Scripting
WordPress EvoLve Theme 1.2.5 - 's' Parameter Cross Site Scripting
WordPress Cover WP Theme 1.6.5 - 's' Parameter Cross Site Scripting
WordPress Web Minimalist Theme 1.1 - 'index.php' Cross Site Scripting
WordPress Pixiv Custom Theme 2.1.5 - 'cpage' Parameter Cross Site Scripting
WordPress Morning Coffee Theme 3.5 - 'index.php' Cross Site Scripting
WordPress Black-LetterHead Theme 1.5 - 'index.php' Cross Site Scripting
Traq 2.2 - Multiple SQL Injection / Cross-Site Scripting
Joomla! 1.7.0 and Prior Multiple Cross-Site Scripting Vulnerabilities
Bitweaver 2.8.1 - Multiple Cross-Site Scripting Vulnerabilities
WordPress Atahualpa Theme 3.6.7 - 's' Parameter Cross-Site Scripting
WordPress Hybrid Theme 0.9 - 'cpage' Parameter Cross-Site Scripting
WordPress F8 Lite Theme 4.2.1 - 's' Parameter Cross-Site Scripting
WordPress Elegant Grunge Theme 1.0.3 - 's' Parameter Cross-Site Scripting
WordPress EvoLve Theme 1.2.5 - 's' Parameter Cross-Site Scripting
WordPress Cover WP Theme 1.6.5 - 's' Parameter Cross-Site Scripting
WordPress Web Minimalist Theme 1.1 - 'index.php' Cross-Site Scripting
WordPress Pixiv Custom Theme 2.1.5 - 'cpage' Parameter Cross-Site Scripting
WordPress Morning Coffee Theme 3.5 - 'index.php' Cross-Site Scripting
WordPress Black-LetterHead Theme 1.5 - 'index.php' Cross-Site Scripting
WordPress RedLine Theme 1.65 - 's' Parameter Cross Site Scripting
WordPress RedLine Theme 1.65 - 's' Parameter Cross-Site Scripting
WordPress Trending 0.1 - 'cpage' Parameter Cross Site Scripting
WordPress Trending 0.1 - 'cpage' Parameter Cross-Site Scripting
Innovate Portal 2.0 - 'cat' Parameter Cross Site Scripting
Active CMS 1.2 - 'mod' Parameter Cross Site Scripting
Innovate Portal 2.0 - 'cat' Parameter Cross-Site Scripting
Active CMS 1.2 - 'mod' Parameter Cross-Site Scripting
Jaws 0.8.14 Multiple Remote File Inclusion
Jaws 0.8.14 - Multiple Remote File Inclusion
6KBBS 8.0 build 20101201 - Cross Site Scripting / Information Disclosure
6KBBS 8.0 build 20101201 - Cross-Site Scripting / Information Disclosure
SilverStripe 2.4.5 Multiple Cross-Site Scripting Vulnerabilities
SilverStripe 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities
BugFree 2.1.3 Multiple Cross Site Scripting Vulnerabilities
BugFree 2.1.3 - Multiple Cross-Site Scripting Vulnerabilities
WordPress Pretty Link Plugin 1.4.56 - Multiple Cross Site Scripting Vulnerabilities
WordPress Pretty Link Plugin 1.4.56 - Multiple Cross-Site Scripting Vulnerabilities
PROMOTIC 8.1.3 Multiple Security Vulnerabilities
Xenon 'id' Parameter Multiple SQL Injection
asgbookphp 1.9 - 'index.php' Cross Site Scripting
PROMOTIC 8.1.3 - Multiple Security Vulnerabilities
Xenon - 'id' Parameter Multiple SQL Injection
asgbookphp 1.9 - 'index.php' Cross-Site Scripting
Check Point UTM-1 Edge and Safe 8.2.43 Multiple Security Vulnerabilities
Site@School 2.4.10 - 'index.php' Cross Site Scripting and SQL Injection
Check Point UTM-1 Edge and Safe 8.2.43 - Multiple Security Vulnerabilities
Site@School 2.4.10 - 'index.php' Cross-Site Scripting / SQL Injection
WordPress Theme Photocrati 4.x.x - SQL Injection & XSS
WordPress Theme Photocrati 4.x.x - SQL Injection / XSS
Splunk 4.1.6 'segment' Parameter Cross Site Scripting
Splunk 4.1.6 'segment' Parameter Cross-Site Scripting
osCommerce - Remote File Upload and File Disclosure
Tine 2.0 Multiple Cross Site Scripting Vulnerabilities
osCommerce - Remote File Upload / File Disclosure
Tine 2.0 - Multiple Cross-Site Scripting Vulnerabilities
InverseFlow 2.4 Multiple Cross Site Scripting Vulnerabilities
Alsbtain Bulletin 1.5/1.6 Multiple Local File Inclusion
vtiger CRM 5.2.1 - 'index.php' Multiple Cross Site Scripting Vulnerabilities
InverseFlow 2.4 - Multiple Cross-Site Scripting Vulnerabilities
Alsbtain Bulletin 1.5/1.6 - Multiple Local File Inclusion
vtiger CRM 5.2.1 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
XAMPP 1.7.4 Multiple Cross Site Scripting Vulnerabilities
XAMPP 1.7.4 - Multiple Cross-Site Scripting Vulnerabilities
Plici Search 2.0.0.Stable.r.1878 - 'p48-search.html' Cross Site Scripting
Plici Search 2.0.0.Stable.r.1878 - 'p48-search.html' Cross-Site Scripting
Domain Shop 'index.php' Cross Site Scripting
vBulletin 4.1.7 Multiple Remote File Inclusion
Domain Shop 'index.php' Cross-Site Scripting
vBulletin 4.1.7 - Multiple Remote File Inclusion
Hyperic HQ Enterprise 4.5.1 Cross Site Scripting and Multiple Unspecified Security Vulnerabilities
Hyperic HQ Enterprise 4.5.1 Cross-Site Scripting and Multiple Unspecified Security Vulnerabilities
IBSng B1.34(T96) 'str' Parameter Cross Site Scripting
eFront 3.6.10 Build 11944 Multiple Cross Site Scripting Vulnerabilities
eFront 3.6.x Multiple Cross Site Scripting and SQL Injection
Serendipity 1.5.5 - 'serendipity[filter][bp.ALT]' Parameter Cross Site Scripting
IBSng B1.34(T96) 'str' Parameter Cross-Site Scripting
eFront 3.6.10 Build 11944 - Multiple Cross-Site Scripting Vulnerabilities
eFront 3.6.x Multiple Cross-Site Scripting and SQL Injection
Serendipity 1.5.5 - 'serendipity[filter][bp.ALT]' Parameter Cross-Site Scripting
CmyDocument Multiple Cross Site Scripting Vulnerabilities
CmyDocument Multiple Cross-Site Scripting Vulnerabilities
WordPress Bonus Theme 1.0 - 's' Parameter Cross Site Scripting
WordPress Bonus Theme 1.0 - 's' Parameter Cross-Site Scripting
SmartJobBoard 'keywords' Parameter Cross Site Scripting
SmartJobBoard 'keywords' Parameter Cross-Site Scripting
XAMPP 1.7.7 - 'PHP_SELF' Variable Multiple Cross Site Scripting Vulnerabilities
XAMPP 1.7.7 - 'PHP_SELF' Variable Multiple Cross-Site Scripting Vulnerabilities
AShop - Open-Redirection / Cross Site Scripting
Joomla! 1.9.3 - 'com_alfcontact' Extension Multiple Cross Site Scripting Vulnerabilities
Infoblox NetMRI 6.2.1 Admin Login Page Multiple Cross Site Scripting Vulnerabilities
AShop - Open-Redirection / Cross-Site Scripting
Joomla! 1.9.3 - 'com_alfcontact' Extension Multiple Cross-Site Scripting Vulnerabilities
Infoblox NetMRI 6.2.1 Admin Login Page Multiple Cross-Site Scripting Vulnerabilities
PHP Betoffice (Betster) 1.0.4 - Authentication Bypass And SQL Injection
PHP Betoffice (Betster) 1.0.4 - Authentication Bypass / SQL Injection
ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 Cross Site Scripting
WordPress Flexible Custom Post Type plugin - 'id' Parameter Cross Site Scripting
ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 Cross-Site Scripting
WordPress Flexible Custom Post Type plugin - 'id' Parameter Cross-Site Scripting
GoAhead WebServer 2.5 - 'goform/formTest' Multiple Cross Site Scripting Vulnerabilities
GoAhead WebServer 2.5 - 'goform/formTest' Multiple Cross-Site Scripting Vulnerabilities
WordPress Alert Before Your Post Plugin - 'name' Parameter Cross Site Scripting
WordPress Advanced Text Widget Plugin 2.0 - 'page' Parameter Cross Site Scripting
WordPress Adminimize Plugin 1.7.21 - 'page' Parameter Cross Site Scripting
WordPress Lanoba Social Plugin 1.0 - 'action' Parameter Cross Site Scripting
WordPress Alert Before Your Post Plugin - 'name' Parameter Cross-Site Scripting
WordPress Advanced Text Widget Plugin 2.0 - 'page' Parameter Cross-Site Scripting
WordPress Adminimize Plugin 1.7.21 - 'page' Parameter Cross-Site Scripting
WordPress Lanoba Social Plugin 1.0 - 'action' Parameter Cross-Site Scripting
WordPress ClickDesk Live Support Plugin 2.0 - 'cdwidget' Parameter Cross Site Scripting
WordPress Featurific For WordPress Plugin 1.6.2 - 'snum' Parameter Cross Site Scripting
WordPress Newsletter Meenews Plugin 5.1 - 'idnews' Parameter Cross Site Scripting
WordPress ClickDesk Live Support Plugin 2.0 - 'cdwidget' Parameter Cross-Site Scripting
WordPress Featurific For WordPress Plugin 1.6.2 - 'snum' Parameter Cross-Site Scripting
WordPress Newsletter Meenews Plugin 5.1 - 'idnews' Parameter Cross-Site Scripting
Zen Cart CMS 1.3.9h Multiple Cross Site Scripting Vulnerabilities
Hastymail2 - 'rs' Parameter Cross Site Scripting
Zen Cart CMS 1.3.9h Multiple Cross-Site Scripting Vulnerabilities
Hastymail2 - 'rs' Parameter Cross-Site Scripting
eSyndiCat Pro 2.3.5 Multiple Cross Site Scripting Vulnerabilities
WordPress Skysa App Bar Plugin 'idnews' Parameter Cross Site Scripting
eSyndiCat Pro 2.3.5 - Multiple Cross-Site Scripting Vulnerabilities
WordPress Skysa App Bar Plugin 'idnews' Parameter Cross-Site Scripting
WordPress 1-jquery-photo-gallery-slideshow-flash Plugin 1.01 Cross Site Scripting
WordPress flash-album-gallery Plugin 'facebook.php' Cross Site Scripting
WordPress 1-jquery-photo-gallery-slideshow-flash Plugin 1.01 Cross-Site Scripting
WordPress flash-album-gallery Plugin 'facebook.php' Cross-Site Scripting
WordPress TheCartPress Plugin 1.6 'OptionsPostsList.php' Cross Site Scripting
WordPress TheCartPress Plugin 1.6 'OptionsPostsList.php' Cross-Site Scripting
WordPress Pretty Link Plugin 1.5.2 - 'pretty-bar.php' Cross Site Scripting
WordPress Pretty Link Plugin 1.5.2 - 'pretty-bar.php' Cross-Site Scripting
Hero 3.69 - 'month' Parameter Cross Site Scripting
Hero 3.69 - 'month' Parameter Cross-Site Scripting
Siena CMS 1.242 - 'err' Parameter Cross Site Scripting
WordPress WP Live.php 1.2.1 - 's' Parameter Cross Site Scripting
PHPB2B 4.1 - 'q' Parameter Cross Site Scripting
FuseTalk Forums 3.2 - 'windowed' Parameter Cross Site Scripting
Siena CMS 1.242 - 'err' Parameter Cross-Site Scripting
WordPress WP Live.php 1.2.1 - 's' Parameter Cross-Site Scripting
PHPB2B 4.1 - 'q' Parameter Cross-Site Scripting
FuseTalk Forums 3.2 - 'windowed' Parameter Cross-Site Scripting
Axis M10 Series Network Cameras Cross Site Scripting
Axis M10 Series Network Cameras Cross-Site Scripting
Pet Listing 'preview.php' Cross Site Scripting
Pet Listing 'preview.php' Cross-Site Scripting
WordPress GRAND FlAGallery Plugin 1.57 - 'flagshow.php' Cross Site Scripting
WordPress GRAND FlAGallery Plugin 1.57 - 'flagshow.php' Cross-Site Scripting
WordPress flash-album-gallery Plugin 'flagshow.php' Cross Site Scripting
WordPress The Welcomizer Plugin 1.3.9.4 - 'twiz-index.php' Cross Site Scripting
Fork CMS 3.1.5 Multiple Cross Site Scripting Vulnerabilities
Pulse Pro 1.7.2 Multiple Cross Site Scripting Vulnerabilities
WordPress flash-album-gallery Plugin 'flagshow.php' Cross-Site Scripting
WordPress The Welcomizer Plugin 1.3.9.4 - 'twiz-index.php' Cross-Site Scripting
Fork CMS 3.1.5 - Multiple Cross-Site Scripting Vulnerabilities
Pulse Pro 1.7.2 - Multiple Cross-Site Scripting Vulnerabilities
BrowserCRM 5.100.1 Multiple Script URI XSS
BrowserCRM 5.100.1 - Multiple Script URI XSS
Nagios XI Multiple Cross Site Scripting and HTML Injection Vulnerabilities
Nagios XI - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
Websense 7.6 Triton Report Management Interface Cross Site Scripting
Websense 7.6 Triton Report Management Interface Cross-Site Scripting
PHP Booking Calendar 10e 'page_info_message' Parameter Cross Site Scripting
PHP Booking Calendar 10e 'page_info_message' Parameter Cross-Site Scripting
PHPShop CMS 3.4 Multiple Cross Site Scripting and SQL Injection
PHPShop CMS 3.4 - Multiple Cross-Site Scripting and SQL Injection
epesi BIM 1.2 rev 8154 Multiple Cross-Site Scripting Vulnerabilities
Barracuda Control Center 620 - Cross Site Scripting / HTML Injection
epesi BIM 1.2 rev 8154 - Multiple Cross-Site Scripting Vulnerabilities
Barracuda Control Center 620 - Cross-Site Scripting / HTML Injection
WordPress Comment Rating Plugin 2.9.20 - 'path' Parameter Cross Site Scripting
WordPress WHOIS Plugin 1.4.2 3 - 'domain' Parameter Cross Site Scripting
TextPattern 4.4.1 - 'ddb' Parameter Cross Site Scripting
WordPress Comment Rating Plugin 2.9.20 - 'path' Parameter Cross-Site Scripting
WordPress WHOIS Plugin 1.4.2 3 - 'domain' Parameter Cross-Site Scripting
TextPattern 4.4.1 - 'ddb' Parameter Cross-Site Scripting
Limny 3.0.1 - 'login.php' Script Cross Site Scripting
Limny 3.0.1 - 'login.php' Script Cross-Site Scripting
Pligg CMS 1.1.4 - 'SERVER[php_self]' Cross Site Scripting
UBB.threads 7.5.6 'Username' Field Cross Site Scripting
Yaws 1.88 - Multiple Cross Site Scripting / HTML Injection Vulnerabilities
StatIt 4 - 'statistik.php' Multiple Cross Site Scripting Vulnerabilities
Pligg CMS 1.1.4 - 'SERVER[php_self]' Cross-Site Scripting
UBB.threads 7.5.6 'Username' Field Cross-Site Scripting
Yaws 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
StatIt 4 - 'statistik.php' Multiple Cross-Site Scripting Vulnerabilities
VertrigoServ 2.25 - 'extensions.php' Script Cross Site Scripting
VertrigoServ 2.25 - 'extensions.php' Script Cross-Site Scripting
DIGIT CMS 1.0.7 Cross Site Scripting and SQL Injection
DIGIT CMS 1.0.7 Cross-Site Scripting and SQL Injection
SonicWall AntiSpam & EMail 7.3.1 Multiple Security vulnerabilities
Gregarius 0.6.1 Multiple SQL Injection and Cross Site Scripting Vulnerabilities
Advanced File Management 1.4 - 'users.php' Cross Site Scripting
SonicWall AntiSpam & EMail 7.3.1 - Multiple Security vulnerabilities
Gregarius 0.6.1 - Multiple SQL Injection / Cross-Site Scripting
Advanced File Management 1.4 - 'users.php' Cross-Site Scripting
PHP-Fusion 7.2.4 - 'downloads.php' Cross Site Scripting
PHP-Fusion 7.2.4 - 'downloads.php' Cross-Site Scripting
KnowledgeTree 3.x Multiple Cross Site Scripting Vulnerabilities
KnowledgeTree 3.x Multiple Cross-Site Scripting Vulnerabilities
MailEnable 6.02 - 'ForgottonPassword.aspx' Cross Site Scripting
MailEnable 6.02 - 'ForgottonPassword.aspx' Cross-Site Scripting
PHP Membership Site Manager Script 2.1 - 'index.php' Cross Site Scripting
PHP Ringtone Website 'ringtones.php' Multiple Cross Site Scripting Vulnerabilities
BoltWire 3.4.16 Multiple 'index.php' Cross Site Scripting Vulnerabilities
PHP Membership Site Manager Script 2.1 - 'index.php' Cross-Site Scripting
PHP Ringtone Website 'ringtones.php' Multiple Cross-Site Scripting Vulnerabilities
BoltWire 3.4.16 - Multiple 'index.php' Cross-Site Scripting Vulnerabilities
ATutor 2.0.3 Multiple Cross Site Scripting Vulnerabilities
Beehive Forum 101 Multiple Cross Site Scripting Vulnerabilities
phpVideoPro 0.8.x/0.9.7 Multiple Cross Site Scripting Vulnerabilities
Giveaway Manager 'members.php' Cross Site Scripting
Annuaire PHP 'sites_inscription.php' Multiple Cross Site Scripting Vulnerabilities
ATutor 2.0.3 - Multiple Cross-Site Scripting Vulnerabilities
Beehive Forum 101 - Multiple Cross-Site Scripting Vulnerabilities
phpVideoPro 0.8.x/0.9.7 - Multiple Cross-Site Scripting Vulnerabilities
Giveaway Manager 'members.php' Cross-Site Scripting
Annuaire PHP 'sites_inscription.php' Multiple Cross-Site Scripting Vulnerabilities
OneOrZero AIMS 'index.php' Cross Site Scripting
OneOrZero AIMS 'index.php' Cross-Site Scripting
Syneto Unified Threat Management 1.3.3/1.4.2 Multiple Cross Site Scripting and HTML Injection Vulnerabilities
Syneto Unified Threat Management 1.3.3/1.4.2 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities
Acidcat ASP CMS 3.5 Multiple Cross Site Scripting Vulnerabilities
Acidcat ASP CMS 3.5 - Multiple Cross-Site Scripting Vulnerabilities
WordPress YouSayToo auto-publishing Plugin 1.0 - 'submit' Parameter Cross Site Scripting
WordPress YouSayToo auto-publishing Plugin 1.0 - 'submit' Parameter Cross-Site Scripting
WordPress Slideshow Gallery Plugin 1.1.x - 'border' Parameter Cross Site Scripting
xClick Cart 1.0.x - 'shopping_url' Parameter Cross Site Scripting
WordPress Slideshow Gallery Plugin 1.1.x - 'border' Parameter Cross-Site Scripting
xClick Cart 1.0.x - 'shopping_url' Parameter Cross-Site Scripting
Lead Capture 'login.php' Script Cross Site Scripting
Lead Capture 'login.php' Script Cross-Site Scripting
phpLDAPadmin 1.2.2 - 'base' Parameter Cross Site Scripting
phpLDAPadmin 1.2.0.5-2 - 'server_id' Parameter Cross Site Scripting
GForge 5.7.1 Multiple Cross Site Scripting Vulnerabilities
phpLDAPadmin 1.2.2 - 'base' Parameter Cross-Site Scripting
phpLDAPadmin 1.2.0.5-2 - 'server_id' Parameter Cross-Site Scripting
GForge 5.7.1 - Multiple Cross-Site Scripting Vulnerabilities
iknSupport 'search' Module Cross Site Scripting
iknSupport 'search' Module Cross-Site Scripting
project-open 3.4.x - 'account-closed.tcl' Cross Site Scripting
project-open 3.4.x - 'account-closed.tcl' Cross-Site Scripting
Simple Groupware 0.742 - 'export' Parameter Cross Site Scripting
Simple Groupware 0.742 - 'export' Parameter Cross-Site Scripting
eFront 3.6.10 - 'administrator.php' Cross Site Scripting
eFront 3.6.10 - 'administrator.php' Cross-Site Scripting
LxCenter Kloxo 6.1.10 Multiple HTML Injection Vulnerabilities
CubeCart 3.0.20 Multiple Script redir Parameter Arbitrary Site Redirect
LxCenter Kloxo 6.1.10 - Multiple HTML Injection Vulnerabilities
CubeCart 3.0.20 - Multiple Script redir Parameter Arbitrary Site Redirect
RabbitWiki 'title' Parameter Cross Site Scripting
RabbitWiki 'title' Parameter Cross-Site Scripting
Zimbra 'view' Parameter Cross Site Scripting
Zimbra 'view' Parameter Cross-Site Scripting
Basic Analysis and Security Engine (BASE) 1.4.5 base_db_setup.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_graph_common.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_graph_display.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_graph_form.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_graph_main.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_local_rules.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_logout.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_main.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_maintenance.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_payload.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 help/base_setup_help.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 includes/base_action.inc.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 includes/base_cache.inc.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 includes/base_db.inc.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 includes/base_include.inc.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 includes/base_output_html.inc.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 includes/base_output_query.inc.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 includes/base_state_criteria.inc.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 includes/base_state_query.inc.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 setup/base_conf_contents.php Multiple Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_db_setup.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_common.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_display.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_form.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_main.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_local_rules.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_logout.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_main.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_maintenance.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_payload.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - help/base_setup_help.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_action.inc.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_cache.inc.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_db.inc.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_include.inc.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_output_html.inc.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_output_query.inc.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_state_criteria.inc.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - includes/base_state_query.inc.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - setup/base_conf_contents.php Multiple Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 setup/setup2.php ado_inc_php Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_ag_main.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_qry_alert.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_qry_common.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_alerts.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_class.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_common.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_ipaddr.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_iplink.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_ports.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - setup/setup2.php ado_inc_php Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_qry_alert.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_qry_common.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_alerts.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_class.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_common.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_ipaddr.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_iplink.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_ports.php BASE_path Parameter Remote File Inclusion
WordPress Duplicator 0.5.14 - SQL Injection & CSRF
WordPress Duplicator 0.5.14 - SQL Injection / CSRF
Linux Kernel 3.13 / <= 3.14 (Ubuntu) - splice() System Call Local DoS
Linux Kernel 3.13 / 3.14 (Ubuntu) - splice() System Call Local DoS
Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_sensor.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_time.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_stat_uaddr.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_sensor.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_time.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_uaddr.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_user.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_user.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 index.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 admin/base_useradmin.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 admin/index.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 base_ag_main.php Crafted File Upload Arbitrary Code Execution
Basic Analysis and Security Engine (BASE) 1.4.5 - index.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - admin/base_useradmin.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - admin/index.php BASE_path Parameter Remote File Inclusion
Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted File Upload Arbitrary Code Execution
ProWiki 'id' Parameter Cross Site Scripting
ProWiki 'id' Parameter Cross-Site Scripting
LEPTON 1.1.3 - Cross Site Scripting
LEPTON 1.1.3 - Cross-Site Scripting
Tube Ace - 'q' Parameter Cross Site Scripting
Tube Ace - 'q' Parameter Cross-Site Scripting
ButorWiki 3.0 - 'service' Parameter Cross Site Scripting
ButorWiki 3.0 - 'service' Parameter Cross-Site Scripting
F*EX 20100208/20111129-2 Multiple Cross Site Scripting Vulnerabilities
F*EX 20100208/20111129-2 - Multiple Cross-Site Scripting Vulnerabilities
CPG Dragonfly CMS 9.3.3.0 Multiple Multiple Cross Site Scripting Vulnerabilities
CPG Dragonfly CMS 9.3.3.0 - Multiple Multiple Cross-Site Scripting Vulnerabilities
ContentLion Alpha 1.3 - 'login.php' Cross Site Scripting
Dolibarr 3.2 Alpha Multiple Directory Traversal Vulnerabilities
ContentLion Alpha 1.3 - 'login.php' Cross-Site Scripting
Dolibarr 3.2 Alpha - Multiple Directory Traversal Vulnerabilities
Oxwall 1.1.1 - 'plugin' Parameter Cross Site Scripting
Oxwall 1.1.1 - 'plugin' Parameter Cross-Site Scripting
Webglimpse 2.x Multiple Cross Site Scripting Vulnerabilities
Webglimpse 2.x Multiple Cross-Site Scripting Vulnerabilities
Bontq 'user/' URI Cross Site Scripting
Bontq 'user/' URI Cross-Site Scripting
starCMS 'q' Parameter URI Cross Site Scripting
starCMS 'q' Parameter URI Cross-Site Scripting
Fork CMS 3.2.x Multiple Cross Site Scripting and HTML Injection Vulnerabilities
NetDecision 4.6.1 Multiple Directory Traversal Vulnerabilities
Fork CMS 3.2.x Multiple Cross-Site Scripting and HTML Injection Vulnerabilities
NetDecision 4.6.1 - Multiple Directory Traversal Vulnerabilities
WordPress Ultimate Product Catalogue 3.1.2 - Multiple Persistent XSS & CSRF & File Upload
WordPress Ultimate Product Catalogue 3.1.2 - Multiple Persistent XSS / CSRF / File Upload
Omnistar Live Cross Site Scripting and SQL Injection
Omnistar Live Cross-Site Scripting and SQL Injection
Max's Guestbook 1.0 Multiple Remote Vulnerabilities
Max's Guestbook 1.0 - Multiple Remote Vulnerabilities
JavaBB 0.99 - 'userId' Parameter Cross Site Scripting
JavaBB 0.99 - 'userId' Parameter Cross-Site Scripting
Ilient SysAid 8.5.5 Multiple Cross Site Scripting and HTML Injection Vulnerabilities
Ilient SysAid 8.5.5 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities
Barracuda CudaTel Communication Server 2.0.029.1 Multiple HTML Injection Vulnerabilities
Barracuda CudaTel Communication Server 2.0.029.1 - Multiple HTML Injection Vulnerabilities
phpMyVisites 2.4 phpmv2/index.php Multiple Cross Site Scripting Vulnerabilities
singapore 0.10.1 - 'gallery' Parameter Cross Site Scripting
EJBCA 4.0.7 - 'issuer' Parameter Cross Site Scripting
phpMyVisites 2.4 phpmv2/index.php Multiple Cross-Site Scripting Vulnerabilities
singapore 0.10.1 - 'gallery' Parameter Cross-Site Scripting
EJBCA 4.0.7 - 'issuer' Parameter Cross-Site Scripting
Synology Photo Station 5 DSM 3.2 - 'photo_one.php' Script Cross Site Scripting
Synology Photo Station 5 DSM 3.2 - 'photo_one.php' Script Cross-Site Scripting
VFront 0.99.2 CSRF & Persistent XSS
VFront 0.99.2 - CSRF / Persistent XSS
Minify 2.1.x - 'g' Parameter Cross Site Scripting
Minify 2.1.x - 'g' Parameter Cross-Site Scripting
CMSimple 3.3 - 'index.php' Cross Site Scripting
CMSimple 3.3 - 'index.php' Cross-Site Scripting
Open Journal Systems (OJS) 2.3.6 Multiple Script Arbitrary File Upload
Open Journal Systems (OJS) 2.3.6 - Multiple Script Arbitrary File Upload
AtMail 1.04 Multiple Security Vulnerabilities
Event Calendar PHP 'cal_year' Parameter Cross Site Scripting
AtMail 1.04 - Multiple Security Vulnerabilities
Event Calendar PHP 'cal_year' Parameter Cross-Site Scripting
Zumset.com FbiLike 1.00 - 'id' Parameter Cross Site Scripting
Zumset.com FbiLike 1.00 - 'id' Parameter Cross-Site Scripting
Matthew1471 BlogX Multiple Cross Site Scripting Vulnerabilities
WordPress Integrator 1.32 - 'redirect_to' Parameter Cross Site Scripting
Invision Power Board 4.2.1 - 'searchText' Parameter Cross Site Scripting
Matthew1471 BlogX Multiple Cross-Site Scripting Vulnerabilities
WordPress Integrator 1.32 - 'redirect_to' Parameter Cross-Site Scripting
Invision Power Board 4.2.1 - 'searchText' Parameter Cross-Site Scripting
eZ Publish 4.x - 'ezjscore' Module Cross Site Scripting
eZ Publish 4.x - 'ezjscore' Module Cross-Site Scripting
JamWiki 1.1.5 - 'num' Parameter Cross Site Scripting
JamWiki 1.1.5 - 'num' Parameter Cross-Site Scripting
JBMC Software DirectAdmin 1.403 - 'domain' Parameter Cross Site Scripting
JBMC Software DirectAdmin 1.403 - 'domain' Parameter Cross-Site Scripting
Arbor Networks Peakflow SP 3.6.1 - 'index/' Cross Site Scripting
Arbor Networks Peakflow SP 3.6.1 - 'index/' Cross-Site Scripting
Forma LMS 1.3 Multiple PHP Object Injection Vulnerabilities
Forma LMS 1.3 - Multiple PHP Object Injection Vulnerabilities
WordPress Uploadify Integration Plugin 0.9.6 Multiple Cross Site Scripting Vulnerabilities
CitrusDB 2.4.1 - Local File Inclusion and SQL Injection
Matterdaddy Market 1.1 Multiple SQL Injection
BGS CMS 2.2.1 Multiple Cross Site Scripting and HTML Injection Vulnerabilities
WordPress Uploadify Integration Plugin 0.9.6 - Multiple Cross-Site Scripting Vulnerabilities
CitrusDB 2.4.1 - Local File Inclusion / SQL Injection
Matterdaddy Market 1.1 - Multiple SQL Injection
BGS CMS 2.2.1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
Forma LMS 1.3 Multiple SQL Injection
Forma LMS 1.3 - Multiple SQL Injection
Bioly 1.3 - 'index.php' Cross Site Scripting and SQL Injection
Joomla! Beatz Plugin 1.1 Multiple Cross Site Scripting Vulnerabilities
Bioly 1.3 - 'index.php' Cross-Site Scripting / SQL Injection
Joomla! Beatz Plugin 1.1 - Multiple Cross-Site Scripting Vulnerabilities
WordPress Yahoo Answer Plugin Multiple Cross Site Scripting Vulnerabilities
WordPress Yahoo Answer Plugin Multiple Cross-Site Scripting Vulnerabilities
Acuity CMS 2.6.2 - 'UserName' Parameter Cross Site Scripting
Acuity CMS 2.6.2 - 'UserName' Parameter Cross-Site Scripting
Pendulab ChatBlazer 8.5 - 'username' Parameter Cross Site Scripting
Pendulab ChatBlazer 8.5 - 'username' Parameter Cross-Site Scripting
concrete5 5.5.2.1 - Information Disclosure / SQL Injection / Cross Site Scripting
gpEasy 2.3.3 - 'jsoncallback' Parameter Cross Site Scripting
Quick.CMS 4.0 - 'p' Parameter Cross Site Scripting
concrete5 5.5.2.1 - Information Disclosure / SQL Injection / Cross-Site Scripting
gpEasy 2.3.3 - 'jsoncallback' Parameter Cross-Site Scripting
Quick.CMS 4.0 - 'p' Parameter Cross-Site Scripting
Croogo CMS 1.3.4 Multiple HTML Injection Vulnerabilities
SKYUC 3.2.1 - 'encode' Parameter Cross Site Scripting
Croogo CMS 1.3.4 - Multiple HTML Injection Vulnerabilities
SKYUC 3.2.1 - 'encode' Parameter Cross-Site Scripting
WordPress WPsc MijnPress Plugin 'rwflush' Parameter Cross Site Scripting
WordPress WPsc MijnPress Plugin 'rwflush' Parameter Cross-Site Scripting
MySQLDumper 1.24.4 Multiple Script Direct Request Information Disclosure
MySQLDumper 1.24.4 - Multiple Script Direct Request Information Disclosure
iGuard Security Access Control Device Firmware 3.6.7427A Cross Site Scripting
iGuard Security Access Control Device Firmware 3.6.7427A Cross-Site Scripting
Ramui Forum Script 'query' Parameter Cross Site Scripting
Ramui Forum Script 'query' Parameter Cross-Site Scripting
PivotX 2.3.2 - 'ajaxhelper.php' Cross Site Scripting
PivotX 2.3.2 - 'ajaxhelper.php' Cross-Site Scripting
WordPress WP-FaceThumb 0.1 - 'pagination_wp_facethum' Parameter Cross Site Scripting
WordPress WP-FaceThumb 0.1 - 'pagination_wp_facethum' Parameter Cross-Site Scripting
WordPress GRAND Flash Album Gallery 1.71 - 'admin.php' Cross Site Scripting
Dynamic Widgets WordPress Plugin 1.5.1 - 'themes.php' Cross Site Scripting
WordPress GRAND Flash Album Gallery 1.71 - 'admin.php' Cross-Site Scripting
Dynamic Widgets WordPress Plugin 1.5.1 - 'themes.php' Cross-Site Scripting
Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross Site Scripting Vulnerabilities
WordPress Network Publisher 5.0.1 - 'networkpub_key' Cross Site Scripting
Download Manager 2.2.2 - 'cid' Parameter Cross Site Scripting
PDF & Print Button Joliprint 1.3.0 Multiple Cross Site Scripting Vulnerabilities
CataBlog WordPress Plugin 1.6 'admin.php' Cross Site Scripting
2 Click Social Media Buttons 0.32.2 Multiple Cross Site Scripting Vulnerabilities
iFrame Admin Pages 0.1 - 'main_page.php' Cross Site Scripting
WordPress Newsletter Manager Plugin 1.0 Multiple Cross Site Scripting Vulnerabilities
Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress Network Publisher 5.0.1 - 'networkpub_key' Cross-Site Scripting
Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting
PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities
CataBlog WordPress Plugin 1.6 'admin.php' Cross-Site Scripting
2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities
iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting
WordPress Newsletter Manager Plugin 1.0 - Multiple Cross-Site Scripting Vulnerabilities
Media Library Categories Multiple Cross Site Scripting Vulnerabilities
LeagueManager 3.7 Multiple Cross Site Scripting Vulnerabilities
Media Library Categories Multiple Cross-Site Scripting Vulnerabilities
LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities
GD Star Rating 1.9.16 'tpl_section' Parameter Cross Site Scripting
Mingle Forum 1.0.33 - 'admin.php' Multiple Cross Site Scripting Vulnerabilities
GD Star Rating 1.9.16 'tpl_section' Parameter Cross-Site Scripting
Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities
Pretty Link Lite WordPress Plugin 1.5.2 - SQL Injection / Cross Site Scripting
Pretty Link Lite WordPress Plugin 1.5.2 - SQL Injection / Cross-Site Scripting
WordPress zM Ajax Login & Register Plugin 1.0.9 Local File Inclusion
WordPress Sharebar Plugin 1.2.1 - SQL Injection / Cross Site Scripting
Share and Follow 1.80.3 - 'admin.php' Cross Site Scripting
WordPress Soundcloud Is Gold 2.1 - 'width' Parameter Cross Site Scripting
WordPress Track That Stat 1.0.8 Cross Site Scripting
LongTail JW Player 'debug' Parameter Cross Site Scripting
WordPress zM Ajax Login & Register Plugin 1.0.9 - Local File Inclusion
WordPress Sharebar Plugin 1.2.1 - SQL Injection / Cross-Site Scripting
Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting
WordPress Soundcloud Is Gold 2.1 - 'width' Parameter Cross-Site Scripting
WordPress Track That Stat 1.0.8 Cross-Site Scripting
LongTail JW Player 'debug' Parameter Cross-Site Scripting
backupDB() 1.2.7a 'onlyDB' Parameter Cross Site Scripting
backupDB() 1.2.7a 'onlyDB' Parameter Cross-Site Scripting
Unijimpe Captcha 'captchademo.php' Cross Site Scripting
Artiphp 5.5.0 Neo - 'index.php' Multiple Cross Site Scripting Vulnerabilities
Unijimpe Captcha 'captchademo.php' Cross-Site Scripting
Artiphp 5.5.0 Neo - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
PHP Address Book 7.0 Multiple Cross Site Scripting Vulnerabilities
PHP Address Book 7.0 - Multiple Cross-Site Scripting Vulnerabilities
Yandex.Server 2010 9.0 - 'text' Parameter Cross Site Scripting
Yandex.Server 2010 9.0 - 'text' Parameter Cross-Site Scripting
phphq.Net phAlbum 1.5.1 - 'index.php' Cross Site Scripting
RuubikCMS 1.1.x - Cross Site Scripting / Information Disclosure / Directory Traversal
phphq.Net phAlbum 1.5.1 - 'index.php' Cross-Site Scripting
RuubikCMS 1.1.x - Cross-Site Scripting / Information Disclosure / Directory Traversal
AZ Photo Album - Cross Site Scripting / Arbitrary File Upload
AZ Photo Album - Cross-Site Scripting / Arbitrary File Upload
Nilehoster Topics Viewer 2.3 Multiple SQL Injection and Local File Inclusion
Nilehoster Topics Viewer 2.3 - Multiple SQL Injection and Local File Inclusion
AzDGDatingMedium 1.9.3 Multiple Remote Vulnerabilities
AzDGDatingMedium 1.9.3 - Multiple Remote Vulnerabilities
WHMCompleteSolution (WHMCS) 5.0 Multiple Application Function CSRF
WHMCompleteSolution (WHMCS) 5.0 - Multiple Application Function CSRF
VoipNow Professional 2.5.3 - 'nsextt' Parameter Cross Site Scripting
VoipNow Professional 2.5.3 - 'nsextt' Parameter Cross-Site Scripting
WeBid Multiple Cross Site Scripting And LDAP Injection Vulnerabilities
WeBid Multiple Cross-Site Scripting And LDAP Injection Vulnerabilities
Koha 3.20.1 - Multiple XSS and XSRF Vulnerabilities
Koha 3.20.1 - Multiple XSS / XSRF Vulnerabilities
XAMPP for Windows 1.7.7 - Multiple Cross Site Scripting / SQL Injection
SPIP 2.x Multiple Cross Site Scripting Vulnerabilities
XAMPP for Windows 1.7.7 - Multiple Cross-Site Scripting / SQL Injection
SPIP 2.x Multiple Cross-Site Scripting Vulnerabilities
Juniper Networks Mobility System Software 'aaa/wba_login.html' Cross Site Scripting
Juniper Networks Mobility System Software 'aaa/wba_login.html' Cross-Site Scripting
MediaWiki 1.x - 'uselang' Parameter Cross Site Scripting
MediaWiki 1.x - 'uselang' Parameter Cross-Site Scripting
Simple Document Management System 1.1.5 Multiple SQL Injection
Webify Multiple Products - Multiple HTML Injection and Local File Inclusion
Squiz CMS Multiple Cross Site Scripting and XML External Entity Injection Vulnerabilities
Simple Document Management System 1.1.5 - Multiple SQL Injection
Webify Multiple Products - Multiple HTML Injection / Local File Inclusion
Squiz CMS Multiple Cross-Site Scripting and XML External Entity Injection Vulnerabilities
Mahara 1.4.1 Multiple Cross Site Scripting and HTML Injection Vulnerabilities
Mahara 1.4.1 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities
Flogr 'tag' Parameter Multiple Cross Site Scripting Vulnerabilities
Flogr 'tag' Parameter Multiple Cross-Site Scripting Vulnerabilities
CMS Balitbang Multiple HTML Injection and Cross Site Scripting Vulnerabilities
CMS Balitbang - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities
AdaptCMS 2.0.2 - 'index.php' Script Cross Site Scripting
AdaptCMS 2.0.2 - 'index.php' Script Cross-Site Scripting
web@all Cross Site Scripting
Commentics 'index.php' Cross Site Scripting
web@all Cross-Site Scripting
Commentics 'index.php' Cross-Site Scripting
Adiscan LogAnalyzer 3.4.3 Cross Site Scripting
Adiscan LogAnalyzer 3.4.3 Cross-Site Scripting
CMS Lokomedia Multiple Cross Site Scripting and HTML Injection Vulnerabilities
CMS Lokomedia - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
Phonalisa Multiple HTML-Injection Cross-Site Scripting
Phonalisa - Multiple HTML-Injection Cross-Site Scripting
FCKEditor Core - (Editor 'spellchecker.php') Cross Site Scripting
FCKEditor Core - (Editor 'spellchecker.php') Cross-Site Scripting
TEMENOS T24 Multiple Cross Site Scripting Vulnerabilities
TEMENOS T24 - Multiple Cross-Site Scripting Vulnerabilities
SWFUpload 'movieName' Parameter Cross Site Scripting
SWFUpload 'movieName' Parameter Cross-Site Scripting
Joomla 2.5.x Language Switcher ModuleMultiple Cross Site Scripting Vulnerabilities
Joomla 2.5.x Language Switcher ModuleMultiple Cross-Site Scripting Vulnerabilities
php MBB Cross Site Scripting and SQL Injection
php MBB Cross-Site Scripting and SQL Injection
WordPress SocialFit Plugin 'msg' Parameter Cross Site Scripting
WordPress custom tables Plugin 'key' Parameter Cross Site Scripting
WordPress SocialFit Plugin 'msg' Parameter Cross-Site Scripting
WordPress custom tables Plugin 'key' Parameter Cross-Site Scripting
WordPress Knews Multilingual Newsletters Plugin Cross Site Scripting
WordPress PHPFreeChat 'url' Parameter Cross Site Scripting
WordPress Knews Multilingual Newsletters Plugin Cross-Site Scripting
WordPress PHPFreeChat 'url' Parameter Cross-Site Scripting
MGB Multiple Cross Site Scripting and SQL Injection
MGB - Multiple Cross-Site Scripting / SQL Injection
Funeral Script PHP Cross Site Scripting and SQL Injection
Funeral Script PHP Cross-Site Scripting and SQL Injection
Simple Machines 2.0.2 Multiple HTML Injection Vulnerabilities
Simple Machines 2.0.2 - Multiple HTML Injection Vulnerabilities
web@all 'name' Parameter Cross Site Scripting
web@all 'name' Parameter Cross-Site Scripting
REDAXO 'subpage' Parameter Cross Site Scripting
REDAXO 'subpage' Parameter Cross-Site Scripting
Scrutinizer 9.0.1.19899 Multiple Cross Site Scripting Vulnerabilities
Scrutinizer 9.0.1.19899 - Multiple Cross-Site Scripting Vulnerabilities
phpBB Multiple SQL Injection
JW Player 'playerready' Parameter Cross Site Scripting
phpBB - Multiple SQL Injection
JW Player 'playerready' Parameter Cross-Site Scripting
Distimo Monitor Multiple Cross Site Scripting Vulnerabilities
ManageEngine Applications Manager Multiple Cross Site Scripting and SQL Injection
Distimo Monitor Multiple Cross-Site Scripting Vulnerabilities
ManageEngine Applications Manager Multiple Cross-Site Scripting and SQL Injection
ntop 'arbfile' Parameter Cross Site Scripting
ntop 'arbfile' Parameter Cross-Site Scripting
Zenoss 3.2.1 Multiple Security Vulnerabilities
Elefant CMS 'id' Parameter Cross Site Scripting
Worksforweb iAuto - Multiple Cross Site Scripting / HTML Injection Vulnerabilities
Zenoss 3.2.1 - Multiple Security Vulnerabilities
Elefant CMS 'id' Parameter Cross-Site Scripting
Worksforweb iAuto - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
PolarisCMS 'WebForm_OnSubmit()' Function Cross Site Scripting
PolarisCMS 'WebForm_OnSubmit()' Function Cross-Site Scripting
ConcourseSuite Multiple Cross Site Scripting and Cross Site Request Forgery Vulnerabilities
ConcourseSuite Multiple Cross-Site Scripting and Cross Site Request Forgery Vulnerabilities
Hotel Booking Portal 0.1 Multiple SQL Injection and Cross Site Scripting Vulnerabilities
Hotel Booking Portal 0.1 - Multiple SQL Injection / Cross-Site Scripting
Total Shop UK eCommerce CodeIgniter Multiple Cross Site Scripting Vulnerabilities
mIRC 'projects.php' Cross Site Scripting
MindTouch DekiWiki Multiple Remote and Local File Inclusion
Total Shop UK eCommerce CodeIgniter Multiple Cross-Site Scripting Vulnerabilities
mIRC 'projects.php' Cross-Site Scripting
MindTouch DekiWiki - Multiple Remote File Inclusion / Local File Inclusion
ShopperPress WordPress Theme - SQL Injection / Cross Site Scripting
ShopperPress WordPress Theme - SQL Injection / Cross-Site Scripting
LISTSERV 16 'SHOWTPL' Parameter Cross Site Scripting
LISTSERV 16 'SHOWTPL' Parameter Cross-Site Scripting
JPM Article Blog Script 6 'tid' Parameter Cross Site Scripting
SaltOS 'download.php' Cross Site Scripting
IBM Rational ClearQuest 8.0 Multiple Security Vulnerabilities
Jara 1.6 Multiple SQL Injection and Multiple Cross Site Scripting Vulnerabilities
OrderSys 1.6.4 Multiple SQL Injection and Multiple Cross Site Scripting Vulnerabilities
Banana Dance Cross Site Scripting and SQL Injection
JPM Article Blog Script 6 'tid' Parameter Cross-Site Scripting
SaltOS 'download.php' Cross-Site Scripting
IBM Rational ClearQuest 8.0 - Multiple Security Vulnerabilities
Jara 1.6 - Multiple SQL Injection and Multiple Cross-Site Scripting Vulnerabilities
OrderSys 1.6.4 - Multiple SQL Injection and Multiple Cross-Site Scripting Vulnerabilities
Banana Dance - Cross-Site Scripting / SQL Injection
SiNG cms 'password.php' Cross Site Scripting
SiNG cms 'password.php' Cross-Site Scripting
Monstra Multiple HTML Injection Vulnerabilities
KindEditor 'name' Parameter Cross Site Scripting
Monstra - Multiple HTML Injection Vulnerabilities
KindEditor 'name' Parameter Cross-Site Scripting
Websense Content Gateway Multiple Cross Site Scripting Vulnerabilities
JW Player 'logo.link' Parameter Cross Site Scripting
Websense Content Gateway Multiple Cross-Site Scripting Vulnerabilities
JW Player 'logo.link' Parameter Cross-Site Scripting
Power-eCommerce Multiple Cross Site Scripting Vulnerabilities
WordPress Finder 'order' Parameter Cross Site Scripting
Power-eCommerce Multiple Cross-Site Scripting Vulnerabilities
WordPress Finder 'order' Parameter Cross-Site Scripting
LibGuides Multiple Cross Site Scripting Vulnerabilities
Mihalism Multi Host 'users.php' Cross Site Scripting
LibGuides Multiple Cross-Site Scripting Vulnerabilities
Mihalism Multi Host 'users.php' Cross-Site Scripting
Phorum 5.2.18 Multiple Cross Site Scripting Vulnerabilities
PrestaShop 1.4.7 Multiple Cross Site Scripting Vulnerabilities
Phorum 5.2.18 - Multiple Cross-Site Scripting Vulnerabilities
PrestaShop 1.4.7 - Multiple Cross-Site Scripting Vulnerabilities
TomatoCart 'example_form.ajax.php' Cross Site Scripting
TomatoCart 'example_form.ajax.php' Cross-Site Scripting
Crowbar 'file' Parameter Multiple Cross Site Scripting Vulnerabilities
Crowbar 'file' Parameter Multiple Cross-Site Scripting Vulnerabilities
phpFox 3.0.1 - 'ajax.php' Multiple Cross Site Scripting Vulnerabilities
Kayako Fusion 'download.php' Cross Site Scripting
phpFox 3.0.1 - 'ajax.php' Multiple Cross-Site Scripting Vulnerabilities
Kayako Fusion 'download.php' Cross-Site Scripting
Hawkeye-G 3.0.1.4912 - Persistent XSS & Information Leakage
Hawkeye-G 3.0.1.4912 - Persistent XSS / Information Leakage
LiteSpeed Web Server 'gtitle' parameter Cross Site Scripting
WordPress Slideshow Plugin Multiple Cross Site Scripting Vulnerabilities
LiteSpeed Web Server 'gtitle' parameter Cross-Site Scripting
WordPress Slideshow Plugin Multiple Cross-Site Scripting Vulnerabilities
Printer Pro 5.4.3 IOS - Persistent Cross Site Scripting
Printer Pro 5.4.3 IOS - Persistent Cross-Site Scripting
Flogr 'index.php' Multiple Cross Site Scripting Vulnerabilities
Flogr 'index.php' Multiple Cross-Site Scripting Vulnerabilities
ExtCalendar 2.0 Multiple SQL Injection and HTML Injection Vulnerabilities
ExtCalendar 2.0 - Multiple SQL Injection and HTML Injection Vulnerabilities
WordPress Download Monitor Plugin 'dlsearch' Parameter Cross Site Scripting
WordPress Download Monitor Plugin 'dlsearch' Parameter Cross-Site Scripting
Openfiler 2.3 Multiple Cross Site Scripting and Information Disclosure Vulnerabilities
Openfiler 2.3 - Multiple Cross-Site Scripting and Information Disclosure Vulnerabilities
Atlassian Confluence 3.4.x Error Page Cross Site Scripting
Atlassian Confluence 3.4.x Error Page Cross-Site Scripting
vBSEO 'u' parameter Cross Site Scripting
vBSEO 'u' parameter Cross-Site Scripting
minimal Gallery 'index.php' Multiple Cross Site Scripting Vulnerabilities
minimal Gallery 'index.php' Multiple Cross-Site Scripting Vulnerabilities
AxisInternet VoIP Manager Multiple Cross Site Scripting Vulnerabilities
AxisInternet VoIP Manager Multiple Cross-Site Scripting Vulnerabilities
WordPress Purity Theme Multiple Cross Site Scripting Vulnerabilities
Poweradmin 'index.php' Cross Site Scripting
WordPress MF Gig Calendar Plugin Cross Site Scripting
WordPress Purity Theme Multiple Cross-Site Scripting Vulnerabilities
Poweradmin 'index.php' Cross-Site Scripting
WordPress MF Gig Calendar Plugin Cross-Site Scripting
WordPress Video Lead Form Plugin 'errMsg' Parameter Cross Site Scripting
WordPress Video Lead Form Plugin 'errMsg' Parameter Cross-Site Scripting
YCommerce Multiple SQL Injection
YCommerce - Multiple SQL Injection
WordPress Token Manager Plugin 'tid' Parameter Cross Site Scripting
WordPress Token Manager Plugin 'tid' Parameter Cross-Site Scripting
Neturf eCommerce Shopping Cart 'SearchFor' Parameter Cross Site Scripting
Neturf eCommerce Shopping Cart 'SearchFor' Parameter Cross-Site Scripting
WordPress ABC Test Plugin 'id' Parameter Cross Site Scripting
WordPress ABC Test Plugin 'id' Parameter Cross-Site Scripting
WordPress Akismet Plugin Multiple Cross Site Scripting Vulnerabilities
Zenphoto 'admin-news-articles.php' Cross Site Scripting
WordPress Akismet Plugin Multiple Cross-Site Scripting Vulnerabilities
Zenphoto 'admin-news-articles.php' Cross-Site Scripting
Interspire Email Marketer - (Cross Site Scripting/HTML Injection/SQL Injection) Multiple Vulnerabilities
Interspire Email Marketer - (Cross-Site Scripting/HTML Injection/SQL Injection) Multiple Vulnerabilities
CMS Mini 0.2.2 - 'index.php' Script Cross Site Scripting
CMS Mini 0.2.2 - 'index.php' Script Cross-Site Scripting
WordPress Wordfence Security Plugin Cross Site Scripting
WordPress Wordfence Security Plugin Cross-Site Scripting
SMF 'view' Parameter Cross Site Scripting
Inventory Multiple Cross Site Scripting and SQL Injection
SMF 'view' Parameter Cross-Site Scripting
Inventory Multiple Cross-Site Scripting and SQL Injection
Gramophone 'rs' Parameter Cross Site Scripting
Gramophone 'rs' Parameter Cross-Site Scripting
WANem Multiple Cross Site Scripting Vulnerabilities
CorePlayer 'callback' Parameter Cross Site Scripting
WANem Multiple Cross-Site Scripting Vulnerabilities
CorePlayer 'callback' Parameter Cross-Site Scripting
NetCat CMS Multiple Cross Site Scripting Vulnerabilities
SolarWinds Orion IP Address Manager (IPAM) 'search.aspx' Cross Site Scripting
NetCat CMS Multiple Cross-Site Scripting Vulnerabilities
SolarWinds Orion IP Address Manager (IPAM) 'search.aspx' Cross-Site Scripting
bloofoxCMS 0.3.5 Multiple Cross Site Scripting Vulnerabilities
bloofoxCMS 0.3.5 - Multiple Cross-Site Scripting Vulnerabilities
WebKit Cross Site Scripting Filter 'XSSAuditor.cpp' Security Bypass
WebKit Cross-Site Scripting Filter 'XSSAuditor.cpp' Security Bypass
Elastix 'page' Parameter Cross Site Scripting
TinyMCPUK 'test' Parameter Cross Site Scripting
Elastix 'page' Parameter Cross-Site Scripting
TinyMCPUK 'test' Parameter Cross-Site Scripting
Multiple Fortinet FortiWeb Appliances Multiple Cross Site Scripting Vulnerabilities
Multiple Fortinet FortiWeb Appliances Multiple Cross-Site Scripting Vulnerabilities
PHP Address Book 'group' Parameter Cross Site Scripting
PHP Address Book 'group' Parameter Cross-Site Scripting
cPanel 'account' Parameter Cross Site Scripting
cPanel 'account' Parameter Cross-Site Scripting
WHM 'filtername' Parameter Cross Site Scripting
cPanel 'dir' Parameter Cross Site Scripting
WHM 'filtername' Parameter Cross-Site Scripting
cPanel 'dir' Parameter Cross-Site Scripting
Joomla! Incapsula Component Multiple Cross Site Scripting Vulnerabilities
WordPress NextGEN Gallery Plugin 'test-head' Parameter Cross Site Scripting
Joomla! Incapsula Component Multiple Cross-Site Scripting Vulnerabilities
WordPress NextGEN Gallery Plugin 'test-head' Parameter Cross-Site Scripting
Dell OpenManage Server Administrator Cross Site Scripting
Dell OpenManage Server Administrator Cross-Site Scripting
Quick.Cms/Quick.Cart Cross Site Scripting
Quick.Cms/Quick.Cart Cross-Site Scripting
Apache OFBiz 10.4.x Multiple Cross Site Scripting Vulnerabilities
Scripts Genie Classified Ultra - SQL Injection / Cross Site Scripting
Apache OFBiz 10.4.x Multiple Cross-Site Scripting Vulnerabilities
Scripts Genie Classified Ultra - SQL Injection / Cross-Site Scripting
Perforce P4Web Multiple Cross Site Scripting Vulnerabilities
gpEasy CMS 'section' Parameter Cross Site Scripting
Perforce P4Web - Multiple Cross-Site Scripting Vulnerabilities
gpEasy CMS 'section' Parameter Cross-Site Scripting
Novell Groupwise Client 8.0 Multiple Remote Code Execution Vulnerabilities
WordPress WP-Table Reloaded Plugin 'id' Parameter Cross Site Scripting
Novell Groupwise Client 8.0 - Multiple Remote Code Execution Vulnerabilities
WordPress WP-Table Reloaded Plugin 'id' Parameter Cross-Site Scripting
WordPress CommentLuv Plugin '_ajax_nonce' Parameter Cross Site Scripting
WordPress CommentLuv Plugin '_ajax_nonce' Parameter Cross-Site Scripting
WordPress Audio Player Plugin 'playerID' Parameter Cross Site Scripting
WordPress Pinboard Theme 'tab' Parameter Cross Site Scripting
WordPress Audio Player Plugin 'playerID' Parameter Cross-Site Scripting
WordPress Pinboard Theme 'tab' Parameter Cross-Site Scripting
AbanteCart 'index.php' Multiple Cross Site Scripting Vulnerabilities
AbanteCart 'index.php' Multiple Cross-Site Scripting Vulnerabilities
Sonar Multiple Cross Site Scripting Vulnerabilities
Sonar Multiple Cross-Site Scripting Vulnerabilities
MIMEsweeper For SMTP Multiple Cross Site Scripting Vulnerabilities
MIMEsweeper For SMTP Multiple Cross-Site Scripting Vulnerabilities
Squirrelcart 'table' Parameter Cross Site Scripting
Squirrelcart 'table' Parameter Cross-Site Scripting
CKEditor 'posteddata.php' Cross Site Scripting
CKEditor 'posteddata.php' Cross-Site Scripting
WordPress Pretty Link Plugin Cross Site Scripting
WordPress Pretty Link Plugin Cross-Site Scripting
Zenphoto 'index.php' SQL Injection
PHPmyGallery 1.5 - Local File Disclosure / Cross Site Scripting
OpenEMR 'site' Parameter Cross Site Scripting
ZeroClipboard 1.9.x - 'id' Parameter Cross Site Scripting
Zenphoto - 'index.php' SQL Injection
PHPmyGallery 1.5 - Local File Disclosure / Cross-Site Scripting
OpenEMR 'site' Parameter Cross-Site Scripting
ZeroClipboard 1.9.x - 'id' Parameter Cross-Site Scripting
WordPress Smart Flv Plugin 'jwplayer.swf' Multiple Cross Site Scripting Vulnerabilities
Batavi 'index.php' Cross Site Scripting
WordPress Smart Flv Plugin 'jwplayer.swf' Multiple Cross-Site Scripting Vulnerabilities
Batavi 'index.php' Cross-Site Scripting
JForum 'jforum.page' Multiple Cross Site Scripting Vulnerabilities
Geeklog Cross Site Scripting
JForum 'jforum.page' Multiple Cross-Site Scripting Vulnerabilities
Geeklog Cross-Site Scripting
WordPress Uploader Plugin 'blog' Parameter Cross Site Scripting
WordPress Uploader Plugin 'blog' Parameter Cross-Site Scripting
HP Intelligent Management Center 'topoContent.jsf' Cross Site Scripting
WordPress Count Per Day Plugin 'daytoshow' Parameter Cross Site Scripting
HP Intelligent Management Center 'topoContent.jsf' Cross-Site Scripting
WordPress Count Per Day Plugin 'daytoshow' Parameter Cross-Site Scripting
Your Own Classifieds Cross Site Scripting
McAfee Vulnerability Manager - 'cert_cn' Parameter Cross Site Scripting
Your Own Classifieds Cross-Site Scripting
McAfee Vulnerability Manager - 'cert_cn' Parameter Cross-Site Scripting
SWFUpload Multiple Content Spoofing And Cross Site Scripting Vulnerabilities
Asteriskguru Queue Statistics 'warning' Parameter Cross Site Scripting
WordPress podPress Plugin 'playerID' Parameter Cross Site Scripting
SWFUpload Multiple Content Spoofing And Cross-Site Scripting Vulnerabilities
Asteriskguru Queue Statistics 'warning' Parameter Cross-Site Scripting
WordPress podPress Plugin 'playerID' Parameter Cross-Site Scripting
Petite Annonce Cross Site Scripting
Petite Annonce Cross-Site Scripting
WordPress ADIF Log Search Widget Plugin 'logbook_search.php' Cross Site Scripting
WordPress ADIF Log Search Widget Plugin 'logbook_search.php' Cross-Site Scripting
Jaow CMS 'add_ons' Parameter Cross Site Scripting
Jaow CMS 'add_ons' Parameter Cross-Site Scripting
IBM Lotus Domino 8.5.x - 'x.nsf' Multiple Cross Site Scripting Vulnerabilities
OrionDB Web Directory Multiple Cross Site Scripting Vulnerabilities
WordPress Feedweb Plugin 'wp_post_id' Parameter Cross Site Scripting
C2 WebResource 'File' Parameter Cross Site Scripting
e107 - 'content_preset.php' Cross Site Scripting
IBM Lotus Domino 8.5.x - 'x.nsf' Multiple Cross-Site Scripting Vulnerabilities
OrionDB Web Directory Multiple Cross-Site Scripting Vulnerabilities
WordPress Feedweb Plugin 'wp_post_id' Parameter Cross-Site Scripting
C2 WebResource 'File' Parameter Cross-Site Scripting
e107 - 'content_preset.php' Cross-Site Scripting
Zimbra 'aspell.php' Cross Site Scripting
Zimbra 'aspell.php' Cross-Site Scripting
WordPress Traffic Analyzer Plugin 'aoid' Parameter Cross Site Scripting
phpMyAdmin - 'tbl_gis_visualization.php' Multiple Cross Site Scripting Vulnerabilities
WordPress Traffic Analyzer Plugin 'aoid' Parameter Cross-Site Scripting
phpMyAdmin - 'tbl_gis_visualization.php' Multiple Cross-Site Scripting Vulnerabilities
Dream CMS 2.3.0 - CSRF Add Extension And File Upload PHP Code Execution
Dream CMS 2.3.0 - CSRF Add Extension / File Upload PHP Code Execution
jPlayer 'Jplayer.swf' Script Cross Site Scripting
jPlayer 'Jplayer.swf' Script Cross-Site Scripting
Matrix42 Service Store 'default.aspx' Cross Site Scripting
Matrix42 Service Store 'default.aspx' Cross-Site Scripting
Crafty Syntax Live Help 3.1.2 - Remote File Inclusion and Path Disclosure
Crafty Syntax Live Help 3.1.2 - Remote File Inclusion / Path Disclosure
RealtyScript 4.0.2 - Multiple CSRF And Persistent XSS Vulnerabilities
RealtyScript 4.0.2 - Multiple CSRF / Persistent XSS Vulnerabilities
Cisco Linksys E4200 /apply.cgi Multiple Parameter XSS
Cisco Linksys E4200 /apply.cgi - Multiple Parameter XSS
MyBB Game Section Plugin 'games.php' Multiple Cross Site Scripting Vulnerabilities
Securimage 'example_form.php' Cross Site Scripting
WordPress Securimage-WP Plugin 'siwp_test.php' Cross Site Scripting
MyBB Game Section Plugin 'games.php' Multiple Cross-Site Scripting Vulnerabilities
Securimage 'example_form.php' Cross-Site Scripting
WordPress Securimage-WP Plugin 'siwp_test.php' Cross-Site Scripting
Jojo CMS 'search' Parameter Cross Site Scripting
Jojo CMS 'search' Parameter Cross-Site Scripting
Elastix Multiple Cross Site Scripting Vulnerabilities
Telaen 2.7.x Cross Site Scripting
Elastix Multiple Cross-Site Scripting Vulnerabilities
Telaen 2.7.x Cross-Site Scripting
WordPress Ambience Theme 'src' Parameter Cross Site Scripting
WordPress Ambience Theme 'src' Parameter Cross-Site Scripting
Xaraya Multiple Cross Site Scripting Vulnerabilities
Xaraya - Multiple Cross-Site Scripting Vulnerabilities
Nameko 'nameko.php' Cross Site Scripting
Nameko 'nameko.php' Cross-Site Scripting
Xorbin Analog Flash Clock 'widgetUrl' Parameter Cross Site Scripting
Xorbin Analog Flash Clock 'widgetUrl' Parameter Cross-Site Scripting
WordPress Xorbin Digital Flash Clock 'widgetUrl' Parameter Cross Site Scripting
WordPress Xorbin Digital Flash Clock 'widgetUrl' Parameter Cross-Site Scripting
WordPress Category Grid View Gallery Plugin 'ID' Parameter Cross Site Scripting
WordPress Category Grid View Gallery Plugin 'ID' Parameter Cross-Site Scripting
Serendipity 1.6.2 - 'serendipity_admin_image_selector.php' Cross Site Scripting
Serendipity 1.6.2 - 'serendipity_admin_image_selector.php' Cross-Site Scripting
Mintboard Multiple Cross Site Scripting Vulnerabilities
miniBB SQL Injection and Multiple Cross Site Scripting Vulnerabilities
Mintboard Multiple Cross-Site Scripting Vulnerabilities
miniBB SQL Injection and Multiple Cross-Site Scripting Vulnerabilities
WordPress Pie Register Plugin 'wp-login.php' Multiple Cross Site Scripting Vulnerabilities
WordPress Pie Register Plugin 'wp-login.php' Multiple Cross-Site Scripting Vulnerabilities
Corda .NET Redirector 'redirector.corda' Cross Site Scripting
Corda .NET Redirector 'redirector.corda' Cross-Site Scripting
Apache Struts 2.2.3 Multiple Open Redirection Vulnerabilities
Apache Struts 2.2.3 - Multiple Open Redirection Vulnerabilities
YardRadius Multiple Local Format String Vulnerabilities
YardRadius - Multiple Local Format String Vulnerabilities
WordPress FlagEm Plugin 'cID' Parameter Cross Site Scripting
Magnolia CMS Multiple Cross Site Scripting Vulnerabilities
WordPress Duplicator Plugin Cross Site Scripting
WordPress FlagEm Plugin 'cID' Parameter Cross-Site Scripting
Magnolia CMS Multiple Cross-Site Scripting Vulnerabilities
WordPress Duplicator Plugin Cross-Site Scripting
AlienVault Open Source SIEM (OSSIM) - Multiple Cross Site Scripting Vulnerabilities
AlienVault Open Source SIEM (OSSIM) - Multiple Cross-Site Scripting Vulnerabilities
AlgoSec Firewall Analyzer Cross Site Scripting
AlgoSec Firewall Analyzer Cross-Site Scripting
DotNetNuke 6.1.x Cross Site Scripting
DotNetNuke 6.1.x Cross-Site Scripting
Bo-Blog 2.1.1 Cross Site Scripting and SQL Injection
Bo-Blog 2.1.1 - Cross-Site Scripting / SQL Injection
Netwin SurgeFTP Sever 23d6 - Stored Cross Site Scripting
Netwin SurgeFTP Sever 23d6 - Stored Cross-Site Scripting
Oracle Glassfish Server 2.1.1/3.0.1 Multiple Subcomponent Resource Identifier Traversal Arbitrary File Access
Oracle Glassfish Server 2.1.1/3.0.1 - Multiple Subcomponent Resource Identifier Traversal Arbitrary File Access
Bugzilla 'editflagtypes.cgi' Multiple Cross Site Scripting Vulnerabilities
Bugzilla 'editflagtypes.cgi' Multiple Cross-Site Scripting Vulnerabilities
Course Registration Management System Cross Site Scripting and SQL Injection
Course Registration Management System Cross-Site Scripting and SQL Injection
WordPress Plugin WP Easy Poll 1.1.3 - XSS and CSRF
WordPress Plugin WP Easy Poll 1.1.3 - XSS / CSRF
Dell Kace 1000 Systems Management Appliance DS-2014-001 Multiple SQL Injection
Dell Kace 1000 Systems Management Appliance DS-2014-001 - Multiple SQL Injection
Rhino Cross Site Scripting and Password Reset Security Bypass Vulnerabilities
Rhino Cross-Site Scripting and Password Reset Security Bypass Vulnerabilities
Maian Uploader 4.0 Multiple Security Vulnerabilities
Maian Uploader 4.0 - Multiple Security Vulnerabilities
Singapore 0.9.9 b beta - Image Gallery Remote File Inclusion / Cross Site Scripting
Singapore 0.9.9 b beta - Image Gallery Remote File Inclusion / Cross-Site Scripting
ATutor Multiple Cross Site Scripting and HTML Injection Vulnerabilities
ATutor - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
Xangati /servlet/MGConfigData Multiple Parameter Remote Path Traversal File Access
Xangati /servlet/MGConfigData - Multiple Parameter Remote Path Traversal File Access
ZamFoo Multiple Remote Command Execution Vulnerabilities
ZamFoo - Multiple Remote Command Execution Vulnerabilities
WordPress DZS-VideoGallery Plugin - Cross Site Scripting / Command Injection
WordPress DZS-VideoGallery Plugin - Cross-Site Scripting / Command Injection
Adobe Photoshop CC & Bridge CC PNG File Parsing Memory Corruption
Adobe Photoshop CC & Bridge CC PNG File Parsing Memory Corruption 2
Adobe Photoshop CC & Bridge CC PNG File Parsing Memory Corruption (1)
Adobe Photoshop CC & Bridge CC PNG File Parsing Memory Corruption (2)
Chamilo LMS - Persistent Cross Site Scripting
Chamilo LMS - Persistent Cross-Site Scripting
WordPress Site Import Plugin 1.0.1 - Local and Remote File Inclusion
WordPress Site Import Plugin 1.0.1 - Local File Inclusion / Remote File Inclusion
PHP 5.5.33 / <= 7.0.4 - SNMP Format String Exploit
PHP 5.5.33 / 7.0.4 - SNMP Format String Exploit
CMS Made Simple < 2.1.3 & < 1.12.1 - Web Server Cache Poisoning
CMS Made Simple < 2.1.3 / < 1.12.1 - Web Server Cache Poisoning
ImageMagick 6.9.3-9 / <= 7.0.1-0 - Multiple Vulnerabilities (ImageTragick)
ImageMagick 6.9.3-9 / 7.0.1-0 - Multiple Vulnerabilities (ImageTragick)
ImageMagick 6.9.3-9 / <= 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick)
ImageMagick 6.9.3-9 / 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick)
Windows - Functional Keylogger to File Null Free Shellcode (601 (0x0259) bytes)
Windows - Functional Keylogger to File Null Free Shellcode (601 (0x0259) bytes)
iBilling 3.7.0 - Stored and Reflected XSS
iBilling 3.7.0 - Stored XSS / Reflected XSS
CoolPlayer+ Portable 2.19.6 - .m3u Stack Overflow (Egghunter + ASLR bypass)
CoolPlayer+ Portable 2.19.6 - .m3u Stack Overflow (Egghunter + ASLR Bypass)
WordPress Booking Calendar Plugin 6.2 - SQL Injection
WordPress WP Live Chat Support Plugin 6.2.03 - Stored XSS
WordPress ALO EasyMail Newsletter Plugin 2.9.2 - (Add/Import Arbitrary Subscribers) CSRF
Halliburton LogView Pro 9.7.5 - (.cgm/.tif/.tiff/.tifh) Crash PoC
2016-08-02 05:08:00 +00:00
Offensive Security
29f0764fac
DB: 2016-07-09
...
9 new exploits
Joomla <= 1.0.9 (Weblinks) Remote Blind SQL Injection Exploit
Joomla <= 1.0.9 - (Weblinks) Remote Blind SQL Injection Exploit
Microsoft Excel Malformed FEATHEADER Record Exploit (MS09-067)
Microsoft Excel - Malformed FEATHEADER Record Exploit (MS09-067)
Seo Panel 2.2.0 Cookie-Rendered Persistent XSS Vulnerability
Seo Panel 2.2.0 - Cookie-Rendered Persistent XSS Vulnerability
VLC AMV Dangling Pointer Vulnerability
VLC - AMV Dangling Pointer Vulnerability
Movable Type 4.2x_ 4.3x Web Upgrade Remote Code Execution
Movable Type 4.2x_ 4.3x - Web Upgrade Remote Code Execution
Roxio CinePlayer 3.2 SonicDVDDashVRNav.DLL ActiveX Control Remote Buffer Overflow Vulnerability
Roxio CinePlayer 3.2 - SonicDVDDashVRNav.DLL ActiveX Control Remote Buffer Overflow Vulnerability
HP Client Automation Command Injection
HP Client - Automation Command Injection
Persistent Systems Client Automation Command Injection RCE
Persistent Systems Client Automation - Command Injection RCE
ElasticSearch Unauthenticated Remote Code Execution
ElasticSearch - Unauthenticated Remote Code Execution
ElasticSearch Search Groovy Sandbox Bypass
ElasticSearch - Search Groovy Sandbox Bypass
Fedora abrt Race Condition Exploit
Fedora - abrt Race Condition Exploit
ProFTPD 1.3.5 Mod_Copy Command Execution
ProFTPD 1.3.5 - Mod_Copy Command Execution
Windows ClientCopyImage Win32k Exploit
Microsoft Windows - ClientCopyImage Win32k Exploit
Wolf CMS Arbitrary File Upload To Command Execution
Wolf CMS - Arbitrary File Upload To Command Execution
Windows Kernel - Bitmap Handling Use-After-Free (MS15-061)
Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (1)
Kaseya VSA uploader.aspx Arbitrary File Upload
Kaseya Virtual System Administrator (VSA) - uploader.aspx Arbitrary File Upload
Samsung Galaxy S6 - Samsung Gallery Bitmap Decoding Crash
Samsung Galaxy S6 Samsung Gallery - Bitmap Decoding Crash
Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux 2 (MS16-008)
Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (MS16-008)
Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (2) (MS16-008)
Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (1) (MS16-008)
Microsoft Windows 7 SP1 x86 - WebDAV Privilege Escalation (MS16-016)
Microsoft Windows 7 SP1 x86 - WebDAV Privilege Escalation (MS16-016) (1)
NETGEAR ProSafe Network Management System 300 Arbitrary File Upload
NETGEAR ProSafe Network Management System 300 - Arbitrary File Upload
Windows - Secondary Logon Standard Handles Missing Sanitization Privilege Escalation (MS16-032)
Microsoft Windows 8.1/10 - Secondary Logon Standard Handles Missing Sanitization Privilege Escalation (MS16-032)
OS X / iOS Suid Binary Logic Error Kernel Code Execution
OS X / iOS - Suid Binary Logic Error Kernel Code Execution
Novell ServiceDesk Authenticated File Upload
Novell ServiceDesk - Authenticated File Upload
Mach Race OS X Local Privilege Escalation Exploit
Mach Race OS X - Local Privilege Escalation Exploit
Oracle ATS Arbitrary File Upload
Oracle Application Testing Suite (ATS) - Arbitrary File Upload
Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (Metasploit)
HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (Metasploit)
WordPress Lazy Content Slider Plugin 3.4 - (Add Catetory) CSRF
Hide.Me VPN Client 1.2.4 - Privilege Escalation
InstantHMI 6.1 - Privilege Escalation
Microsoft Process Kill Utility (kill.exe) 6.3.9600.17298 - Crash PoC
Microsoft WinDbg logviewer.exe - Crash PoC
Linux x86 TCP Reverse Shellcode - 75 bytes
php Real Estate Script 3 - Arbitrary File Disclosure
CyberPower Systems PowerPanel 3.1.2 - XXE Out-Of-Band Data Retrieval
Streamo Online Radio And TV Streaming CMS - SQL Injection
2016-07-09 05:06:22 +00:00
Offensive Security
c7daadde64
DB: 2016-07-08
...
8 new exploits
WordPress Q and A (Focus Plus) FAQ Plugin 1.3.9.7 - Multiple Vulnerabilities
WordPress Huge-IT Image Gallery Plugin 1.8.9 - Multiple Vulnerabilities
Codoforum 3.4 - Stored Cross-Site Scripting
MediaCoder 0.8.43.5830 - .m3u Buffer Overflow SEH Exploit
VUPlayer 2.49 - .m3u Buffer Overflow Exploit (Win 7 DEP Bypass)
Core FTP LE 2.2 - Path Field Local Buffer Overflow
OPAC KpwinSQL - Multiple Vulnerabilities
GE Proficy HMI/SCADA CIMPLICITY 8.2 - Local Privilege Escalation
2016-07-08 05:06:14 +00:00
Offensive Security
3739831fb2
DB: 2016-06-24
...
16 new exploits
Banner Exchange Script 1.0 - (targetid) Blind SQL Injection Vulnerability
PHP 5.3.3 - ibase_gen_id() off-by-one Overflow Vulnerability
ARM Bindshell port 0x1337
ARM Bind Connect UDP Port 68
ARM Loader Port 0x1337
ARM ifconfig eth0 and Assign Address
ARM Bindshell port 0x1337
ARM Bind Connect UDP Port 68
ARM Loader Port 0x1337
ARM ifconfig eth0 and Assign Address
G Data TotalCare 2011 - NtOpenKey Race Condition Vulnerability
ImpressPages CMS 3.8 - Stored XSS Vulnerability
Seagate BlackArmor NAS sg2000-2000.1331 - Cross-Site Request Forgery
Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent Vulnerability
Linux Netcat Reverse Shell - 32bit - 77 bytes
PrestaShop 1.4.4.1 modules/mondialrelay/kit_mondialrelay/RechercheDetailPointRelais_ajax.php Multiple Parameter XSS
PrestaShop 1.4.4.1 mondialrelay (kit_mondialrelay) - Multiple Parameter XSS
Getsimple CMS 3.3.10 - Arbitrary File Upload
op5 v7.1.9 Configuration Command Execution
op5 7.1.9 - Configuration Command Execution
Alibaba Clone B2B Script - Arbitrary File Disclosure
XuezhuLi FileSharing - Directory Traversal
XuezhuLi FileSharing - (Add User) CSRF
FinderView - Multiple Vulnerabilities
2016-06-24 05:06:19 +00:00
Offensive Security
0fe9b46f79
DB: 2016-06-22
...
14 new exploits
Linux Kernel <= 2.4.22 - 'do_brk' Local Root Exploit (2)
Linux Kernel <= 2.4.22 - 'do_brk()' Local Root Exploit (2)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (1)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (2)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Local Proof of Concept (1)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Local Proof of Concept (2)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'mremap()' Bound Checking Root Exploit
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'mremap()' Bound Checking Root Exploit (3)
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Missing 'do_munmap' Exploit
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Missing 'do_munmap' Exploit (1)
Linux Kernel <= 2.4.29-rc2 - uselib() Privilege Elevation
Linux Kernel <= 2.4.29-rc2 - 'uselib()' Privilege Elevation (1)
Linux Kernel 2.4 - uselib() Privilege Elevation Exploit
Linux Kernel 2.4 - uselib() Privilege Elevation Exploit (2)
Linux Kernel 2.4.x / 2.6.x - uselib() Local Privilege Escalation Exploit
Linux Kernel 2.4.x / 2.6.x - uselib() Local Privilege Escalation Exploit (3)
Linux Kernel 2.6.17 <= 2.6.24.1 - vmsplice Local Root Exploit
Linux Kernel 2.6.23 <= 2.6.24 - vmsplice Local Root Exploit
Linux Kernel 2.6.17 <= 2.6.24.1 - 'vmsplice' Local Root Exploit (2)
Linux Kernel 2.6.23 <= 2.6.24 - vmsplice Local Root Exploit (1)
Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit
Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit (1)
Linux Kernel 2.6 UDEV < 141 (Gentoo / Ubuntu 8.10/9.04) - Local Privilege Escalation Exploit
Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) - UDEV < 141 Local Privilege Escalation Exploit (2)
Linux Kernel 2.x (Redhat) - sock_sendpage() Ring0 Local Root Exploit (1)
Linux Kernel 2.x - sock_sendpage() Local Root Exploit (2)
Linux Kernel 2.x (Redhat) - 'sock_sendpage()' Ring0 Local Root Exploit (1)
Linux Kernel 2.x - 'sock_sendpage()' Local Root Exploit (2)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - sock_sendpage() ring0 Root Exploit (1)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' ring0 Root Exploit (3)
Linux Kernel <= 2.6.30 - atalk_getname() 8-bytes Stack Disclosure Exploit
Linux Kernel <= 2.6.30 - 'atalk_getname()' 8-bytes Stack Disclosure Exploit (1)
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - ip_append_data() ring0 Root Exploit
Linux Kernel < 2.6.31-rc7 - AF_IRDA 29-Byte Stack Disclosure Exploit
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - ip_append_data() ring0 Root Exploit (1)
Linux Kernel < 2.6.31-rc7 - AF_IRDA 29-Byte Stack Disclosure Exploit (2)
Linux Kernel < 2.6.19 (x86/x64) - udp_sendmsg Local Root Exploit
Linux Kernel < 2.6.19 (Debian 4) - udp_sendmsg Local Root Exploit
Linux Kernel < 2.6.19 (x86/x64) - udp_sendmsg Local Root Exploit (2)
Linux Kernel < 2.6.19 (Debian 4) - 'udp_sendmsg' Local Root Exploit (3)
Linux Kernel 2.4 / 2.6 (Fedora 11) - sock_sendpage() Local Root Exploit (2)
Linux Kernel 2.4 / 2.6 (Fedora 11) - 'sock_sendpage()' Local Root Exploit (4)
Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (3)
Linux Kernel 2.4 / 2.6 - 'sock_sendpage()' Local Root Exploit (5)
Linux Kernel 2.4.1-2.4.37 / 2.6.1-2.6.32-rc5 - Pipe.c Privilege Escalation
Linux Kernel 2.4.1-2.4.37 / 2.6.1-2.6.32-rc5 - Pipe.c Privilege Escalation (3)
Linux Kernel <= 2.6.32 - 'pipe.c' Local Privilege Escalation Vulnerability
Linux Kernel <= 2.6.32 - 'pipe.c' Local Privilege Escalation Vulnerability (4)
Linux Kernel <= 2.6.37 (Redhat / Ubuntu 10.04) - 'Full Nelson' Local Privilege Escalation
Linux Kernel <= 2.6.37 (Redhat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation
Linux Kernel <= 2.6.37 - Local Kernel Denial of Service
Linux Kernel <= 2.6.37 - Local Kernel Denial of Service (1)
Linux Kernel < 2.6.37-rc2 - TCP_MAXSEG Kernel Panic DoS
Linux Kernel < 2.6.37-rc2 - TCP_MAXSEG Kernel Panic DoS (2)
Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - Econet Privilege Escalation Exploit
Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation Exploit
Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - Mempodipper Local Root (1)
Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - 'Mempodipper.c' Local Root (1)
Linux Kernel 2.0/2.1_ Digital UNIX <= 4.0 D_ FreeBSD <= 2.2.4_ HP HP-UX 10.20/11.0_ IBM AIX <= 3.2.5_ NetBSD 1.2_ Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability
Linux Kernel 2.0/2.1 (Digital UNIX <= 4.0 D / FreeBSD <= 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX <= 3.2.5 / NetBSD 1.2 / Solaris <= 2.5.1) - Smurf Denial of Service Vulnerability
Linux Kernel <= 2.3_ BSD/OS <= 4.0_ FreeBSD <= 3.2_ NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability
Linux Kernel <= 2.3 (BSD/OS <= 4.0 / FreeBSD <= 3.2 / NetBSD <= 1.4) - Shared Memory Denial of Service Vulnerability
Linux Kernel 2.2.12/2.2.14/2.3.99_ RedHat 6.x - Socket Denial of Service
Linux Kernel 2.2.12/2.2.14/2.3.99 (RedHat 6.x) - Socket Denial of Service
Linux Kernel 2.2.x/2.4.0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1)
Linux Kernel 2.2.x/2.4.0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2)
Linux Kernel 2.2.x <= 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Local Root 'sendmail' Vulnerability (1)
Linux Kernel 2.2.x <= 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2)
Linux Kernel < 3.3.x - 3.7.x (Arch Linux x86_64) - sock_diag_handlers[] Local Root
Linux Kernel < 3.3.x - 3.7.x (Arch Linux x86_64) - 'sock_diag_handlers[]' Local Root (1)
Linux Kernel <= 3.7.10 (Ubuntu 12.10 x64) - sock_diag_handlers Local Root Exploit
Linux Kernel <= 3.7.10 (Ubuntu 12.10 x64) - 'sock_diag_handlers' Local Root Exploit (2)
Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (1)
Linux Kernel 2.6.x - 'SYS_EPoll_Wait' Local Integer Overflow Local Root Vulnerability (1)
Linux Kernel 2.6.32 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit
Linux Kernel 2.6.32 <= 3.x.x (CentOS) - 'PERF_EVENTS' Local Root Exploit (1)
Linux Kernel < 3.8.9 (x86_64) - perf_swevent_init Local Root Exploit
Linux Kernel < 3.8.9 (x86_64) - perf_swevent_init Local Root Exploit (2)
Linux Kernel 3.4 < 3.13.2 - recvmmsg x32 compat - Proof of Concept
Linux Kernel 3.4 < 3.13.2 - recvmmsg x32 compat - Proof of Concept (1)
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - Arbitrary Write with CONFIG_X86_X32 Exploit
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - 'CONFIG_X86_X32=y' Local Root Exploit
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - Arbitrary Write with 'CONFIG_X86_X32' Exploit (2)
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - 'CONFIG_X86_X32=y' Local Root Exploit (3)
Linux Kernel 2.6.x - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty
Linux Kernel 3.3 < 3.8 (Ubuntu/Fedora 18) - SOCK_DIAG Local Root Exploit
Linux Kernel 3.3 < 3.8 (Ubuntu/Fedora 18) - SOCK_DIAG Local Root Exploit (3)
Linux Kernel <= 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04.(0_1_2) x64) - perf_swevent_init Local Root Exploit
Linux Kernel 2.6.x - 'fasync_helper()' Local Privilege Escalation Vulnerability
Linux Kernel <= 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04.0/1/2 x64) - perf_swevent_init Local Root Exploit (3)
Linux Kernel < 2.6.28 - 'fasync_helper()' Local Privilege Escalation Vulnerability
Linux Kernel 2.6.39 <= 3.2.2 (x86/x64) - Mempodipper Local Root (2)
Linux Kernel 2.6.39 <= 3.2.2 (x86/x64) - 'Mempodipper.c' Local Root (2)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root Shell
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - 'overlayfs' Local Root Shell
Linux Kernel <= 4.3.3 (Ubuntu 14.04/15.10) - overlayfs Local Root Exploit
Linux Kernel <= 4.3.3 (Ubuntu 14.04/15.10) - 'overlayfs' Local Root Exploit (1)
Linux Kernel <= 4.3.3 - overlayfs Local Privilege Escalation
Linux Kernel <= 4.3.3 - 'overlayfs' Local Privilege Escalation (2)
DarkComet Server Remote File Download Exploit (msf)
Banshee 2.6.2 - .mp3 Crash PoC
IonizeCMS 1.0.8 - (Add Admin) CSRF
Yona CMS - (Add Admin) CSRF
Joomla Publisher Pro (com_publisher) Component - SQL Injection
Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap-Based Out-of-Bounds Reads/Memory Disclosure (MS16-074)
Windows Kernel - ATMFD.DLL NamedEscape 0x250C Pool Corruption (MS16-074)
Linux - ecryptfs and /proc/$pid/environ Privilege Escalation
Windows - Custom Font Disable Policy Bypass
Internet Explorer 11 - Garbage Collector Attribute Type Confusion (MS16-063)
SAP NetWeaver AS JAVA 7.1 - 7.5 - ctcprotocol Servlet XXE
SAP NetWeaver AS JAVA 7.1 - 7.5 - Directory Traversal
Radiant CMS 1.1.3 - Mutiple Persistent XSS Vulnerabilities
YetiForce CRM < 3.1 - Persistent XSS
2016-06-22 05:06:31 +00:00
Offensive Security
2815f48e25
DB: 2016-06-17
...
12 new exploits
Linux x86_64 - Reverse Shell Shellcode
Gemalto Sentinel License Manager 18.0.1.55505 - Directory Traversal
Solarwinds Virtualization Manager - Privilege Escalation
Blat 3.2.14 - Stack Overflow
Linux/x86 - Bindshell with Configurable Port - 87 bytes
Linux x86_64 Shellcode Null-Free Reverse TCP Shell
Linux x86 TCP Bind Shell Port 4444 (656 bytes)
Tiki-Wiki CMS Calendar 14.2_ 12.5 LTS_ 9.11 LTS_ and 6.15 - Remote Code Execution
Linux/Windows/BSD x86_64 execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode
ATCOM PBX IP01_ IP08 _ IP4G_ IP2G4A - Authentication Bypass
Roxy Fileman 1.4.4 - Arbitrary File Upload
SlimCMS 0.1 - CSRF (Change Admin Password)
2016-06-17 05:05:00 +00:00
Offensive Security
33dd246d8a
DB: 2016-06-16
...
14 new exploits
Ultrabenosaurus ChatBoard - Stored XSS
Ultrabenosaurus ChatBoard - CSRF (Send Message)
w2wiki - Multiple XSS Vulnerabilities
Hyperoptic (Tilgin) Router HG23xx - Multiple Vulnerabilities
Dokeos 2.2.1 - Blind SQL Injection
Joomla En Masse (com_enmasse) Component 5.1 - 6.4 - SQL Injection
AdobeUpdateService 3.6.0.248 - Unquoted Service Path Privilege Escalation
BookingWizz Booking System < 5.5 - Multiple Vulnerabilities
jbFileManager - Directory Traversal
PHPLive 4.4.8 - 4.5.4 - Password Recovery SQL Injection
Bomgar Remote Support Unauthenticated Code Execution (msf)
Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (1)
Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (2)
Google Chrome - GPU Process MailboxManagerImpl Double-Read
2016-06-16 05:02:53 +00:00
Offensive Security
6c005f3b2b
DB: 2016-06-15
...
3 new exploits
Easy RM to MP3 Converter 2.7.3.700 - (.m3u) Exploit with Universal DEP+ASLR Bypass
Apache Continuum Arbitrary Command Execution
WordPress Social Stream Plugin 1.5.15 - wp_options Overwrite
Oracle Orakill.exe 11.2.0 - Buffer Overflow
2016-06-15 05:06:23 +00:00
Offensive Security
076ef173f9
DB: 2016-06-11
...
23 new exploits
Poison Ivy 2.1.x C2 Buffer Overflow (msf)
Matrix42 Remote Control Host 3.20.0031 - Unquoted Path Privilege Escalation
Dell OpenManage Server Administrator 8.3 - XML External Entity Exploit
Mobiketa 1.0 - CSRF Add Admin Exploit
miniMySQLAdmin 1.1.3 - CSRF Execute SQL Query
phpMyFAQ 2.9.0 - Stored XSS
Windows x86 system(_systeminfo_) Shellcode
Armadito Antimalware - Backdoor/Bypass
Riot Games League of Legends - Insecure File Permissions Privilege Escalation
IPFire proxy.cgi RCE
IPFire Bash Environment Variable Injection (Shellshock)
Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution
OS X Kernel - Exploitable NULL Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Android - /system/bin/sdcard Stack Buffer Overflow
OS X Kernel - Exploitable NULL Pointer Dereference in AppleMuxControl.kext
OS X Kernel - Exploitable NULL Pointer Dereference in AppleGraphicsDeviceControl
OS X Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource
OS X Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
OS X Kernel - Exploitable NULL Pointer Dereference in IOAudioEngine
OS X Kernel - OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type
OS X Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2
OS X/iOS Kernel - UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient
OS X Kernel - Stack Buffer Overflow in GeForce GPU Driver
2016-06-11 05:06:22 +00:00
Offensive Security
2e7bce9702
DB: 2016-05-27
...
9 new exploits
Real Estate Portal 4.1 - Multiple Vulnerabilities
EduSec 4.2.5 - SQL Injection
Micro Focus Rumba+ 9.4 - Multiple Stack Buffer Overflow Vulnerabilities
HP Data Protector A.09.00 - Arbitrary Command Execution
Graphite2 - GlyphCache::GlyphCache Heap-Based Buffer Overflow
Graphite2 - GlyphCache::Loader Heap-Based Overreads
Graphite2 - TtfUtil::CheckCmapSubtable12 Heap-Based Overread
Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap-Based Overread
Graphite2 - NameTable::getName Multiple Heap-Based Out-of-Bounds Reads
2016-05-27 05:03:14 +00:00
Offensive Security
399580a6c2
DB: 2016-05-24
...
5 new exploits
Operation Technology ETAP 14.1.0 - Local Privilege Escalation
Operation Technology ETAP 14.1.0 - Multiple Stack Buffer Overrun Vulnerabilities
Linux x86_64 Information Stealer Shellcode
Job Script by Scubez - Remote Code Execution
XenAPI 1.4.1 for XenForo - Multiple SQL Injections
2016-05-24 05:03:46 +00:00
Offensive Security
6dc4d46521
DB: 2016-05-18
...
16 new exploits
Meteocontrol WEB’log - Admin Password Disclosure
Cisco ASA Software 8.x / 9.x - IKEv1 and IKEv2 Buffer Overflow
Adobe Flash - JXR Processing Out-of-Bounds Read
Adobe Flash - Out-of-Bounds Read when Placing Object
Adobe Flash - Overflow in Processing Raw 565 Textures
Adobe Flash - Heap Overflow in ATF Processing (Image Reading)
Adobe Flash - MP4 File Stack Corruption
Adobe Flash - Type Confusion in FileReference Constructor
Adobe Flash - addProperty Use-After-Free
Adobe Flash - SetNative Use-After-Free
Windows - gdi32.dll Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055)
Windows - gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055)
Windows - gdi32.dll Heap-Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055)
Symantec/Norton Antivirus - ASPack Remote Heap/Pool Memory Corruption Vulnerability
Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection
SAP xMII 15.0 - Directory Traversal
2016-05-18 05:02:15 +00:00
Offensive Security
8fea20e59f
DB: 2016-05-17
...
12 new exploits
Microsoft Windows WebDAV - (ntdll.dll) Remote Exploit
Microsoft Windows WebDAV - Remote PoC Exploit
Microsoft Windows IIS WebDAV - 'ntdll.dll' Remote Exploit
Microsoft Windows IIS 5.0 WebDAV - Remote PoC Exploit
Microsoft Windows WebDav II - Remote Root Exploit (2)
Microsoft Windows WebDAV - Remote Root Exploit (2)
Microsoft Windows WebDav III - Remote Root Exploit (xwdav)
Microsoft Windows WebDAV IIS 5.0 - Remote Root Exploit (3) (xwdav)
Dream FTP 1.2 - Remote Format String Exploit
BolinTech Dream FTP Server 1.2 (1.02/TryFTP 1.0.0.1) - Remote User Name Format String Exploit
Apache Tomcat (webdav) - Remote File Disclosure Exploit
Apache Tomcat (WebDAV) - Remote File Disclosure Exploit
Apache Tomcat (webdav) - Remote File Disclosure Exploit (ssl support)
Apache Tomcat (WebDAV) - Remote File Disclosure Exploit (SSL)
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (patch)
Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (Patch)
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (PHP)
Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (PHP)
Windows 7 IIS7.5 FTPSVC UNAUTH'D Remote DoS PoC
Windows 7 IIS 7.5 - FTPSVC UNAUTH'D Remote DoS PoC
Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow
Microsoft Windows IIS 5.0 WebDAV - ntdll.dll Path Overflow
Liferay 6.0.x Webdav File Reading Vulnerability
Liferay 6.0.x WebDAV - File Reading Vulnerability
Microsoft iis 6.0 and 7.5 - Multiple Vulnerabilities
Microsoft IIS 6.0 and 7.5 (+ PHP) - Multiple Vulnerabilities
Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (1)
Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (2)
Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (3)
Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (4)
Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow Vulnerability (1)
Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow Vulnerability (2)
Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow Vulnerability (3)
Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow Vulnerability (4)
BolinTech Dream FTP Server 1.0 User Name Format String Vulnerability (2)
Sun Solaris 8/9 - Unspecified Passwd Local Root Compromise Vulnerability
Invision Power Board 2.1.x IPSClass.PHP SQL Injection Vulnerability (1)
Apache 2.x HTTP Server Arbitrary HTTP Request Headers Security Weakness
Apache HTTP Server (<= 1.3.35 / <= 2.0.58 / <= 2.2.2) - Arbitrary HTTP Request Headers Security Weakness
Apache HTTP Server <= 2.2.4 413 Error HTTP Request Method Cross-Site Scripting Weakness
Apache HTTP Server <= 2.2.4 - 413 Error HTTP Request Method Cross-Site Scripting Weakness
MediaWiki 1.22.1 PdfHandler - Remote Code Execution Exploit
Apache Struts 2.x XWork 's:submit' HTML Tag Cross Site Scripting Vulnerability
Apache Struts 2.0.0 <= 2.2.1.1 - XWork 's:submit' HTML Tag Cross Site Scripting Vulnerability
EasyCafe Server <= 2.2.14 Remote File Read
EasyCafe Server <= 2.2.14 - Remote File Read
x86_64 Linux bind TCP port shellcode
TCP Bindshell with Password Prompt - 162 bytes
x86_64 Linux bind TCP port shellcode
TCP Bindshell with Password Prompt - 162 bytes
Microsoft Windows 7-10 & Server 2008-2012 - Local Privilege Escalation (x32/x64) (MS16-032) (C#)
CakePHP Framework 3.2.4 - IP Spoofing
Multiples Nexon Games - Unquoted Path Privilege Escalation
eXtplorer 2.1.9 - Archive Path Traversal
Web interface for DNSmasq / Mikrotik - SQL Injection
Microsoft Excel 2010 - Crash PoC
Hex : Shard of Fate 1.0.1.026 - Unquoted Path Privilege Escalation
Web2py 2.14.5 - Multiple Vulnerabilities
2016-05-17 05:03:19 +00:00
Offensive Security
5e229672a0
DB: 2016-05-14
...
3 new exploits
Ethereal / tcpdump (rsvp_print) Infinite Loop Denial of Service Exploit
Ethereal 0.10.10 / tcpdump 3.9.1 (rsvp_print) Infinite Loop Denial of Service Exploit
Mozilla Firefox - Install Method Remote Arbitrary Code Execution Exploit
Mozilla Firefox 1.0.3 - Install Method Remote Arbitrary Code Execution Exploit
Active Price Comparison 4 - (ProductID) Blind SQL Injection Vulnerability
Absolute Form Processor XE-V 1.5 - (auth Bypass) SQL Injection Vulnerability
ipsec-tools racoon frag-isakmp Denial of Service PoC
IPsec-Tools < 0.7.2 (racoon frag-isakmp) - Multiple Remote Denial of Service PoC
PaoBacheca Guestbook 2.1 (login_ok) Auth Bypass Vulnerability
PaoLiber 1.1 (login_ok) Authentication Bypass Vulnerability
PaoBacheca Guestbook 2.1 - (login_ok) Auth Bypass Vulnerability
PaoLiber 1.1 - (login_ok) Authentication Bypass Vulnerability
IPsec-Tools < 0.7.2 - Multiple Remote Denial of Service Vulnerabilities
ISC DHCP 'dhclient' 'script_write_params()' - Stack Buffer Overflow Vulnerability
I-net Multi User Email Script SQLi Vulnerability
linux/x86 - break chroot execve /bin/sh 80 bytes
linux/x86 - break chroot execve /bin/sh (80 bytes)
Sysax Multi Server 5.64 - Create Folder Buffer Overflow
TikiWiki Project 1.8 tiki-read_article.php articleId Parameter XSS
TikiWiki Project 1.8 - tiki-read_article.php articleId Parameter XSS
TikiWiki Project 1.8 tiki-print_article.php articleId Parameter XSS
TikiWiki Project 1.8 - tiki-print_article.php articleId Parameter XSS
TikiWiki Project 1.8 tiki-list_faqs.php sort_mode Parameter SQL Injection
TikiWiki Project 1.8 tiki-list_trackers.php sort_mode Parameter SQL Injection
TikiWiki Project 1.8 - tiki-list_faqs.php sort_mode Parameter SQL Injection
TikiWiki Project 1.8 - tiki-list_trackers.php sort_mode Parameter SQL Injection
UBBCentral UBB.threads 6.2.3/6.5 login.php Cat Parameter XSS
UBBCentral UBB.threads 6.2.3/6.5 online.php Cat Parameter XSS
UBBCentral UBB.threads 6.2.3/6.5 - login.php Cat Parameter XSS
UBBCentral UBB.threads 6.2.3/6.5 - online.php Cat Parameter XSS
CityPost PHP Image Editor M1 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M2 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M3 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor Imgsrc URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M4 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M1/M2/M3/Imgsrc/M4 - URI Parameter Cross-Site Scripting Vulnerability
osCommerce 2.2 admin/countries.php page Parameter XSS
osCommerce 2.2 admin/currencies.php page Parameter XSS
osCommerce 2.2 - admin/countries.php page Parameter XSS
osCommerce 2.2 - admin/currencies.php page Parameter XSS
Microsoft Internet Explorer 6.0 Unspecified Code Execution Vulnerability (1)
Microsoft Internet Explorer 6.0 Unspecified Code Execution Vulnerability (2)
Microsoft Internet Explorer 6.0 - Unspecified Code Execution Vulnerability (1)
Microsoft Internet Explorer 6.0 - Unspecified Code Execution Vulnerability (2)
Joomla Gallery WD - SQL Injection Vulnerability
Photoshop CC2014 and Bridge CC 2014 PNG Parsing Memory Corruption Vulnerabilities
Photoshop CC2014 and Bridge CC 2014 PDF Parsing Memory Corruption Vulnerabilities
Photoshop CC2014 and Bridge CC 2014 - .PNG Parsing Memory Corruption Vulnerabilities
NRSS Reader 0.3.9 - Local Stack-Based Overflow
runAV mod_security - Arbitrary Command Execution
Wireshark - AirPDcapDecryptWPABroadcastKey Heap-Based Out-of-Bounds Read
2016-05-14 05:03:47 +00:00
Offensive Security
614fb1caf8
DB: 2016-05-12
...
22 new exploits
PoPToP PPTP <= 1.1.4-b3 - Remote Root Exploit (poptop-sane.c)
PoPToP PPTP <= 1.1.4-b3 - 'poptop-sane.c' Remote Root Exploit
Atftpd 0.6 - Remote Root Exploit (atftpdx.c)
Atftpd 0.6 - 'atftpdx.c' Remote Root Exploit
Yahoo Messenger 5.5 - Remote Exploit (DSR-ducky.c)
Yahoo Messenger 5.5 - 'DSR-ducky.c' Remote Exploit
CCBILL CGI Remote Exploit for whereami.cgi (ccbillx.c)
CCBILL CGI - 'ccbillx.c' whereami.cgi Remote Exploit
Cisco IOS IPv4 Packet Denial of Service Exploit (cisco-bug-44020.c)
Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service Exploit
wu-ftpd 2.6.2 - Remote Denial of Service Exploit (wuftpd-freezer.c)
wu-ftpd 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service Exploit
Microsoft Windows - (Jolt2.c) Denial of Service Exploit
Microsoft Windows - 'Jolt2.c' Denial of Service Exploit
TCP SYN Denial of Service Exploit (bang.c)
TCP SYN - 'bang.c' Denial of Service Exploit
Apache HTTPd - Arbitrary Long HTTP Headers DoS (C)
Apache HTTPd - Arbitrary Long HTTP Headers DoS
Linux Kernel <= 2.4.26- File Offset Pointer Handling Memory Disclosure Exploit
Linux Kernel <= 2.4.26 - File Offset Pointer Handling Memory Disclosure Exploit
Linux Kernel 2.6.x (Slackware 9.1/ Debian 3.0) - chown() Group Ownership Alteration Exploit
Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Exploit
Veritas Backup Exec Agent 8.x/9.x - Browser Overflow (C)
Veritas Backup Exec Agent 8.x/9.x - Browser Overflow
Apache OpenSSL - Remote Exploit (Multiple Targets) (OpenFuckV2.c)
Apache OpenSSL - 'OpenFuckV2.c' Remote Exploit
CA License Server (GETCONFIG) Remote Buffer Overflow Exploit (c)
CA License Server (GETCONFIG) Remote Buffer Overflow Exploit
Aeon 0.2a - Local Linux Exploit (C)
Aeon 0.2a - Local Linux Exploit
Linux Kernel 2.4 / 2.6 - bluez Local Root Privilege Escalation Exploit (3)
Linux Kernel 2.4.x / 2.6.x - 'Bluez' Bluetooth Signed Buffer Index Local Root (3)
nbSMTP <= 0.99 (util.c) Client-Side Command Execution Exploit
nbSMTP <= 0.99 - 'util.c' Client-Side Command Execution Exploit
SuSE Linux <= 9.3 / 10 - (chfn) Local Root Privilege Escalation Exploit
Linux chfn (SuSE <= 9.3 / 10) - Local Privilege Escalation Exploit
SugarSuite Open Source <= 4.0beta Remote Code Execution Exploit (c)
SugarSuite Open Source <= 4.0beta - Remote Code Execution Exploit
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (c)
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (pl)
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (Perl)
OpenVMPSd <= 1.3 - Remote Format String Exploit (Multiple Targets)
OpenVMPSd <= 1.3 - Remote Format String Exploit
Ubuntu Breezy 5.10 Installer Password Disclosure Vulnerability
Ubuntu Breezy 5.10 - Installer Password Disclosure Vulnerability
X.Org X11 (X11R6.9.0/X11R7.0) - Local Root Privilege Escalation Exploit
X.Org X11 (X11R6.9.0/X11R7.0) - Local Privilege Escalation Exploit
DataLife Engine <= 4.1 - Remote SQL Injection Exploit (php)
DataLife Engine <= 4.1 - Remote SQL Injection Exploit (PHP)
Opera 9 IRC Client Remote Denial of Service Exploit (c)
Opera 9 IRC Client Remote Denial of Service Exploit (py)
Opera 9 - IRC Client Remote Denial of Service Exploit
Opera 9 IRC Client - Remote Denial of Service Exploit (Python)
Microsoft Windows PNG File IHDR Block Denial of Service Exploit PoC (c)
Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (1)
Microsoft Windows PNG File IHDR Block Denial of Service Exploit PoC (c) (2)
Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (2)
Microsoft Internet Explorer (VML) Remote Buffer Overflow Exploit (SP2) (pl)
Microsoft Internet Explorer (VML) - Remote Buffer Overflow Exploit (SP2) (Perl)
Microsoft Internet Explorer WebViewFolderIcon setSlice() Exploit (pl)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (Perl)
Microsoft Internet Explorer WebViewFolderIcon setSlice() Exploit (c)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit
cPanel <= 10.8.x - (cpwrap via mysqladmin) Local Root Exploit (php)
cPanel <= 10.8.x - (cpwrap via mysqladmin) Local Root Exploit (PHP)
Xfire <= 1.6.4 - Remote Denial of Service Exploit (pl)
Xfire <= 1.6.4 - Remote Denial of Service Exploit (Perl)
Microsoft Windows NetpManageIPCConnect Stack Overflow Exploit (py)
Microsoft Windows NetpManageIPCConnect - Stack Overflow Exploit (Python)
VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (c)
VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit
QK SMTP <= 3.01 (RCPT TO) Remote Buffer Overflow Exploit (pl)
QK SMTP <= 3.01 - (RCPT TO) Remote Buffer Overflow Exploit (Perl)
Ubuntu/Debian Apache 1.3.33/1.3.34 - (CGI TTY) Local Root Exploit
Apache 1.3.33/1.3.34 (Ubuntu / Debian) - (CGI TTY) Local Root Exploit
WarFTP 1.65 (USER) Remote Buffer Overlow Exploit (multiple targets)
WarFTP 1.65 (USER) Remote Buffer Overlow Exploit
XOOPS Module WF-Snippets <= 1.02 (c) BLIND SQL Injection Exploit
XOOPS Module WF-Snippets <= 1.02 (c) - BLIND SQL Injection Exploit
IrfanView 3.99 - (.ani) Local Buffer Overflow Exploit (multiple targets)
IrfanView 3.99 - (.ani) Local Buffer Overflow Exploit
3proxy 0.5.3g logurl() Remote Buffer Overflow Exploit (Win32) (pl)
3proxy 0.5.3g logurl() - Remote Buffer Overflow Exploit (Win32) (Perl)
Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Exploit (c)
Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Exploit
fuzzylime CMS 3.01 (polladd.php poll) Remote Code Execution Exploit (php)
fuzzylime CMS 3.01 (polladd.php poll) Remote Code Execution Exploit (pl)
fuzzylime CMS 3.01 (polladd.php poll) Remote Code Execution Exploit (PHP)
fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution Exploit (Perl)
IntelliTamper 2.07 - (map file) Local Arbitrary Code Execution Exploit (pl)
IntelliTamper 2.07 - (map file) Local Arbitrary Code Execution Exploit (Perl)
IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow Exploit (c)
IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow Exploit
BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (py)
BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (Python)
BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (c)
BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit
CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit (py)
CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit (Python)
Browser3D 3.5 - (.sfs) Local Stack Overflow Exploit (c)
Browser3D 3.5 - (.sfs) Local Stack Overflow Exploit
Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002) (py)
Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002) (Python)
EFS Easy Chat Server Authentication Request Buffer Overflow Exploit (pl)
EFS Easy Chat Server - Authentication Request Buffer Overflow Exploit (Perl)
CastRipper 2.50.70 - (.m3u) Universal Stack Overflow Exploit (py)
CastRipper 2.50.70 - (.m3u) Universal Stack Overflow Exploit (Python)
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (php)
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (PHP)
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (pl)
Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (Perl)
kloxo 5.75 - (24 issues) Multiple Vulnerabilities
kloxo 5.75 - Multiple Vulnerabilities
Mozilla Firefox 3.5 (Font tags) Remote Heap Spray Exploit (pl)
Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (Perl)
Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (C)
Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit
MailEnable 1.52 HTTP Mail Service Stack BoF Exploit PoC
MailEnable 1.52 - HTTP Mail Service Stack BoF Exploit PoC
(Ubuntu 9.10/10.04) PAM 1.1.0 - MOTD File Tampering (Privilege Escalation)
Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation Local Root Exploit (1)
Cacti 0.8.7e: Multiple Security Issues
Cacti 0.8.7e - Multiple Vulnerabilities
(Tod Miller's) Sudo/SudoEdit 1.6.x < 1.6.9p21 & 1.7.x < 1.7.2p4 - Local Root Exploit
(Tod Miller's) Sudo/SudoEdit 1.6.x / 1.7.x (<= 1.6.9p21 / <= 1.7.2p4) - Local Root Exploit
PAM 1.1.0 MOTD (Ubuntu 9.10/10.04) - Local Root Exploit
Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation Local Root Exploit (2)
Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32-21) - Privilege Escalation Exploit
Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32) - Privilege Escalation Exploit
Ubuntu Linux - 'mountall' - Local Privilege Escalation Vulnerability
mountall <= 2.15.2 (Ubuntu 10.04/10.10) - Local Privilege Escalation Vulnerability
Cilem Haber 1.4.4 (Tr) - Database Disclosure Exploit (.py)
Cilem Haber 1.4.4 (Tr) - Database Disclosure Exploit (Python)
PHP Hosting Directory 2.0 Database Disclosure Exploit (.py)
PHP Hosting Directory 2.0 Database Disclosure Exploit (Python)
systemtap - Local Root Privilege Escalation Vulnerability
systemtap - Local Privilege Escalation Vulnerability
Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 110.10) - Local Privilege Escalation Exploit (2)
Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 11.10) - Local Privilege Escalation Exploit (2)
Kunena < 1.5.13_ < 1.6.3 - SQL Injection Vulnerability
Kunena < 1.5.13 / < 1.6.3 - SQL Injection Vulnerability
HP OpenView NNM 7.53_ 7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow
HP OpenView NNM 7.53/7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow
Safari 5.0.6_ 5.1 - SVG DOM Processing PoC
Safari 5.0.6/5.1 - SVG DOM Processing PoC
Ubuntu <= 11.04 ftp client Local Buffer Overflow Crash PoC
FTP Client (Ubuntu <= 11.04) - Local Buffer Overflow Crash PoC
Acpid 1:2.0.10-1ubuntu2 - Privilege Boundary Crossing Vulnerability
Acpid 1:2.0.10-1ubuntu2 (Ubuntu 11.10/11.04) - Privilege Boundary Crossing Local Root Exploit
RedHat Linux <= 6.0_ Slackware Linux <= 4.0 Termcap tgetent() Buffer Overflow (1)
RedHat Linux <= 6.0_ Slackware Linux <= 4.0 Termcap tgetent() Buffer Overflow (2)
RedHat Linux <= 6.0 / Slackware Linux <= 4.0 - Termcap tgetent() Buffer Overflow (1)
RedHat Linux <= 6.0 / Slackware Linux <= 4.0 - Termcap tgetent() Buffer Overflow (2)
Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1)
Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2)
Linux Kernel 2.2.x/2.4.0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1)
Linux Kernel 2.2.x/2.4.0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2)
Debian 2.x_RedHat 6.2_IRIX 5/6_ Solaris 2.x Mail Reply-To Field Vulnerability
Debian 2.x_ RedHat 6.2_ IRIX 5/6_ Solaris 2.x - Mail Reply-To Field Vulnerability
Pure-FTPd 1.0.21 (CentOS 6.2 & Ubuntu 8.04) - Crash PoC (Null Pointer Dereference)
Pure-FTPd 1.0.21 (CentOS 6.2 / Ubuntu 8.04) - Crash PoC (Null Pointer Dereference)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (1)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (2)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (3)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (4)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (5)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (1)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (2)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (3)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (4)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (5)
cPanel 5.0 - Openwebmail Local Privileges Escalation Vulnerability
cPanel 5.0 - Openwebmail Local Privilege Escalation Vulnerability
Linux-PAM 0.77 - Pam_Wheel Module getlogin() Username Spoofing Privileged Escalation Vulnerability
Linux PAM 0.77 - Pam_Wheel Module getlogin() Username Spoofing Privilege Escalation Vulnerability
Totem Movie Player (Ubuntu) 3.4.3 - Stack Corruption
Totem Movie Player 3.4.3 (Ubuntu) - Stack Corruption
Flightgear 2.0_ 2.4 - Remote Format String Exploit
Flightgear 2.0/2.4 - Remote Format String Exploit
Opera 7.x_ Firefox 1.0_ Internet Explorer 6.0 - Information Disclosure Weakness
Opera 7.x/Firefox 1.0/Internet Explorer 6.0 - Information Disclosure Weakness
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index PoC Vulnerability (1)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (2)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (3)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (4)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index PoC (1)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root (2)
Linux Kernel <= 2.4.30 / <= 2.6.11.5 - Bluetooth bluez_sock_create Local Root Vulnerability
Linux Kernel 2.6.37 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit
Linux Kernel 2.6.32 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit
Linux Kernel 3.8.x - open-time Capability file_ns_capable() Privilege Escalation
Linux Kernel < 3.8.x - open-time Capability file_ns_capable() Privilege Escalation
OSX <= 10.8.4 - Local Root Privilege Escalation (py)
OSX <= 10.8.4 - Local Privilege Escalation (Python)
Moodle 2.3.8_ 2.4.5 - Multiple Vulnerabilities
Moodle 2.3.8/2.4.5 - Multiple Vulnerabilities
IBM AIX 6.1 / 7.1 - Local Root Privilege Escalation
IBM AIX 6.1 / 7.1 - Local Privilege Escalation
glibc and eglibc 2.5_ 2.7_ 2.13 - Buffer Overflow Vulnerability
glibc and eglibc 2.5/2.7/2.13 - Buffer Overflow Vulnerability
StatusNet/Laconica 0.7.4_ 0.8.2_ 0.9.0beta3 - Arbitrary File Reading
StatusNet/Laconica 0.7.4/0.8.2/0.9.0beta3 - Arbitrary File Reading
Links_ ELinks 'smbclient' Remote Command Execution Vulnerability
Links_ ELinks 'smbclient' - Remote Command Execution Vulnerability
Flyspray 0.9.9 - Information Disclosure_ HTML Injection and Cross-Site Scripting Vulnerabilities
Flyspray 0.9.9 - Information Disclosure/HTML Injection/Cross-Site Scripting
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - Local Root (CONFIG_X86_X32=y)
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - 'CONFIG_X86_X32=y' Local Root Exploit
Symantec Endpoint Protection Manager 11.0_ 12.0_ 12.1 - Remote Command Execution Exploit
Symantec Endpoint Protection Manager 11.0/12.0/12.1 - Remote Command Execution Exploit
ownCloud 4.0.x_ 4.5.x (upload.php filename param) - Remote Code Execution
ownCloud 4.0.x/4.5.x (upload.php filename param) - Remote Code Execution
Procentia IntelliPen 1.1.12.1520 (Data.aspx_ value param) - Blind SQL Injection
Vtiger CRM 5.4.0_ 6.0 RC_ 6.0.0 GA (browse.php file param) - Local File Inclusion
Procentia IntelliPen 1.1.12.1520 - data.aspx Blind SQL Injection
Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA (browse.php file param) - Local File Inclusion
Haihaisoft HUPlayer 1.0.4.8 - (.m3u_ .pls_ .asx) Buffer Overflow (SEH)
Haihaisoft Universal Player 1.5.8 - (.m3u_ .pls_ .asx) Buffer Overflow (SEH)
Haihaisoft HUPlayer 1.0.4.8 - (.m3u/.pls/.asx) Buffer Overflow (SEH)
Haihaisoft Universal Player 1.5.8 - (.m3u/.pls/.asx) Buffer Overflow (SEH)
JIRA Issues Collector Directory Traversal
JIRA Issues Collector - Directory Traversal
CMSimple 4.4_ 4.4.2 - Remote File Inclusion
CMSimple 4.4/4.4.2 - Remote File Inclusion
Core FTP Server 1.2_ build 535_ 32-bit - Crash PoC
Core FTP Server 1.2 build 535 32-bit - Crash PoC
Samba <= 3.4.5 - Symlink Directory Traversal Vulnerability (C)
Samba <= 3.4.5 - Symlink Directory Traversal Vulnerability
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR_ DEP & EMET 4.1.x Bypass (MS12-037)
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 4.1.x Bypass (MS12-037)
Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation
Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation
Symantec Endpoint Protection 11.x_ 12.x - Kernel Pool Overflow
Symantec Endpoint Protection 11.x/12.x - Kernel Pool Overflow
Linux Kernel 3.16.1 - Remount FUSE Exploit
Linux Kernel < 3.16.1 - Remount FUSE Local Root Exploit
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR_ DEP & EMET 5.0 Bypass (MS12-037)
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 5.0 Bypass (MS12-037)
Rejetto HTTP File Server (HFS) 2.3a_ 2.3b_ 2.3c - Remote Command Execution
Rejetto HTTP File Server (HFS) 2.3a/2.3b/2.3c - Remote Command Execution
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR_ DEP & EMET 5.1 Bypass (MS12-037)
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 5.1 Bypass (MS12-037)
Mac OS X - IOKit Keyboard Driver Root Privilege Escalation
Mac OS X - IOKit Keyboard Driver Privilege Escalation
Liferay Portal 7.0.0 M1_ 7.0.0 M2_ 7.0.0 M3 - Pre-Auth RCE
Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Auth RCE
vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion_ SQL Injection & XSS
vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion/SQL Injection/XSS
MalwareBytes Anti-Exploit 1.03.1.1220_ 1.04.1.1012 Out-of-bounds Read DoS
MalwareBytes Anti-Exploit 1.03.1.1220/1.04.1.1012 Out-of-bounds Read DoS
JBoss AS 3_ 4_ 5_ 6 - Remote Command Execution
JBoss AS 3/4/5/6 - Remote Command Execution
Mac OS X < 10.7.5_ 10.8.2_ 10.9.5 10.10.2 - rootpipe Local Privilege Escalation
Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - rootpipe Local Privilege Escalation
Alienvault OSSIM/USM 4.14_ 4.15_ and 5.0 - Multiple Vulnerabilities
Alienvault OSSIM/USM 4.14/4.15/5.0 - Multiple Vulnerabilities
Pandora FMS 5.0_ 5.1 - Authentication Bypass
Pandora FMS 5.0/5.1 - Authentication Bypass
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shell)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root Shell
Cisco AnyConnect Secure Mobility 2.x_ 3.x_ 4.x - Client DoS PoC
Cisco AnyConnect Secure Mobility 2.x/3.x/4.x - Client DoS PoC
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shadow File)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Privilege Escalation (Access /etc/shadow)
Orchard CMS 1.7.3_ 1.8.2_ 1.9.0 - Stored XSS Vulnerability
Orchard CMS 1.7.3/1.8.2/1.9.0 - Stored XSS Vulnerability
Ubuntu 14.04 NetKit FTP Client - Crash/DoS PoC
NetKit FTP Client (Ubuntu 14.04) - Crash/DoS PoC
Interspire Email Marketer Cross Site Scripting_ HTML Injection_ and SQL Injection Vulnerabilities
Interspire Email Marketer - (Cross Site Scripting/HTML Injection/SQL Injection) Multiple Vulnerabilities
BigDump Cross Site Scripting_ SQL Injection_ and Arbitrary File Upload Vulnerabilities
BigDump - (Cross Site Scripting/SQL Injection/Arbitrary File Upload) Multiple Vulnerabilities
Elastix < 2.5 _ PHP Code Injection Exploit
Elastix < 2.5 - PHP Code Injection Exploit
Microsoft Office Excel 2007_ 2010_ 2013 - BIFFRecord Use-After-Free
Microsoft Office Excel 2007/2010/2013 - BIFFRecord Use-After-Free
OS X Regex Engine (TRE) - Integer Signedness and Overflow Issues
OS X Regex Engine (TRE) - (Integer Signedness and Overflow) Multiple Vulnerabilities
Linux Kernel 3.3.5 - 'CLONE_NEWUSER|CLONE_FS' Local Privilege Escalation Vulnerability
Linux Kernel 3.0 < 3.3.5 - 'CLONE_NEWUSER|CLONE_FS' Local Privilege Escalation Vulnerability
Linux Kernel <=4.3.3 (Ubuntu 14.04_ 15.10) - overlayfs Local Root Exploit
Linux Kernel <= 4.3.3 (Ubuntu 14.04/15.10) - overlayfs Local Root Exploit
Exim < 4.86.2 - Local Root Privilege Escalation
Exim < 4.86.2 - Local Privilege Escalation
RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - snd-usb-audio Crash PoC
RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - iowarrior driver Crash PoC
Linux Kernel 3.10.0-229.x (RHEL 7.1. CentOS) - snd-usb-audio Crash PoC
Linux Kernel 3.10.0-229.x (RHEL 7.1. CentOS) - iowarrior driver Crash PoC
Trend Micro Deep Discovery Inspector 3.8_ 3.7 - CSRF Vulnerabilities
Trend Micro Deep Discovery Inspector 3.8/3.7 - CSRF Vulnerabilities
FireEye - Privilege Escalation to root from Malware Input Processor (uid=mip)
FireEye - Malware Input Processor (uid=mip) Privilege Escalation Exploit
Novell Service Desk 7.1.0_ 7.0.3 and 6.5 - Multiple Vulnerabilities
Novell Service Desk 7.1.0/7.0.3 and 6.5 - Multiple Vulnerabilities
Internet Explorer 9_ 10_ 11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)
Internet Explorer 9/10/11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)
Linux (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow)
Linux Kernel (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow)
Linux (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps
Linux Kernel (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps
Android Broadcom Wi-Fi Driver - Memory Corruption
CIScan 1.00 - Hostname/IP Field SEH Overwrite PoC
FileZilla FTP Client 3.17.0.0 - Unquoted Path Privilege Escalation
Intuit QuickBooks Desktop 2007 - 2016 - Arbitrary Code Execution
2016-05-12 05:03:21 +00:00
Offensive Security
52e862d62a
DB: 2016-05-11
...
9 new exploits
Linux Kernel 2.2.x - 2.4.x - ptrace/kmod Local Root Exploit
Linux Kernel 2.2.x / 2.4.x (Redhat) - ptrace/kmod Local Root Exploit
Sendmail <= 8.12.8 prescan() BSD Remote Root Exploit
Sendmail <= 8.12.8 - prescan() BSD Remote Root Exploit
Gopherd <= 3.0.5 FTP Gateway Remote Overflow Exploit
Gopherd <= 3.0.5 - FTP Gateway Remote Overflow Exploit
mIRC 6.1 - _IRC_ Protocol Remote Buffer Overflow Exploit
mIRC 6.1 - 'IRC' Protocol Remote Buffer Overflow Exploit
Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit
Apache mod_gzip (with debug_mode) <= 1.2.26.1a - Remote Exploit
Linux Kernel 2.4.22 - _do_brk()_ Local Root Exploit (PoC)
Linux Kernel 2.4.22 - 'do_brk()' Local Root Exploit (Proof of Concept)
Linux Kernel <= 2.4.22 - (do_brk) Local Root Exploit (working)
Linux Kernel <= 2.4.22 - 'do_brk' Local Root Exploit
Xsok 1.02 - _-xsokdir_ Local Buffer Overflow Game Exploit
Linux Kernel <= 2.4.23 / <= 2.6.0 - _do_mremap_ Local Proof of Concept (1)
Linux Kernel <= 2.4.23 / <= 2.6.0 - _do_mremap_ Local Proof of Concept (2)
Xsok 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (1)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (2)
Linux Kernel <= 2.4.23 / <= 2.6.0 - mremap() Bound Checking Root Exploit
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'mremap()' Bound Checking Root Exploit
Serv-U FTPD 3.x/4.x _SITE CHMOD_ Command Remote Exploit
Serv-U FTPD 3.x/4.x- 'SITE CHMOD' Command Remote Exploit
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - _mremap()_ Local Proof-of-Concept (2)
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Local Proof of Concept (2)
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - _mremap()_ Missing _do_munmap_ Exploit
Red Faction <= 1.20 Server Reply Remote Buffer Overflow Exploit
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Missing 'do_munmap' Exploit
Red Faction <= 1.20 - Server Reply Remote Buffer Overflow Exploit
eMule <= 0.42d IRC Remote Buffer Overflow Exploit
eMule <= 0.42d - IRC Remote Buffer Overflow Exploit
GnomeHack Local Buffer Overflow Exploit (gid=games)
GnomeHack - Local Buffer Overflow Exploit (gid=games)
Kwintv Local Buffer Overflow Exploit (gid=video(33))
Kwintv - Local Buffer Overflow Exploit (gid=video(33))
Redhat 6.1 man Local Exploit (egid 15)
Redhat 6.1 man - Local Exploit (egid 15)
Linux Kernel <= 2.6.3 - (setsockopt) Local Denial of Service Exploit
Linux Kernel <= 2.6.3 - 'setsockopt' Local Denial of Service Exploit
Linux Kernel 2.4.x - 2.6.x - Assembler Inline Function Local DoS Exploit
rlpr <= 2.04 msg() Remote Format String Exploit
MPlayer <= 1.0pre4 GUI filename handling Overflow Exploit
Linux Kernel 2.4.x / 2.6.x - Assembler Inline Function Local DoS Exploit
rlpr <= 2.04 - msg() Remote Format String Exploit
MPlayer <= 1.0pre4 GUI - filename handling Overflow Exploit
Samba <= 3.0.4 SWAT Authorization Buffer Overflow Exploit
Samba <= 3.0.4 - SWAT Authorization Buffer Overflow Exploit
OpenFTPD <= 0.30.1 (message system) Remote Shell Exploit
OpenFTPD <= 0.30.1 - (message system) Remote Shell Exploit
Linux Kernel - File Offset Pointer Handling Memory Disclosure Exploit
Linux Kernel <= 2.4.26- File Offset Pointer Handling Memory Disclosure Exploit
Ollydbg <= 1.10 Format String Bug
Ollydbg <= 1.10 - Format String Bug
Mac OS X <= 10.3.3 AppleFileServer Remote Root Overflow Exploit
Remote CVS <= 1.11.15 (error_prog_name) Remote Exploit
LibPNG <= 1.2.5 png_jmpbuf() Local Buffer Overflow Exploit
Mac OS X <= 10.3.3 - AppleFileServer Remote Root Overflow Exploit
Remote CVS <= 1.11.15 - (error_prog_name) Remote Exploit
LibPNG <= 1.2.5 - png_jmpbuf() Local Buffer Overflow Exploit
AOL Instant Messenger AIM _Away_ Message Local Exploit
AOL Instant Messenger AIM - 'Away' Message Local Exploit
Ground Control <= 1.0.0.7 (Server/Client) Denial of Service Exploit
Ground Control <= 1.0.0.7 - (Server/Client) Denial of Service Exploit
AOL Instant Messenger AIM _Away_ Message Remote Exploit
AOL Instant Messenger AIM - 'Away' Message Remote Exploit (2)
Silent Storm Portal Multiple Vulnerabilities
Silent Storm Portal - Multiple Vulnerabilities
YahooPOPs <= 1.6 SMTP Port Buffer Overflow Exploit
YahooPOPs <= 1.6 - SMTP Port Buffer Overflow Exploit
Monit <= 4.2 Basic Authentication Remote Root Exploit
Monit <= 4.2 - Basic Authentication Remote Root Exploit
YahooPOPs <= 1.6 SMTP Remote Buffer Overflow Exploit
YahooPOPs <= 1.6 - SMTP Remote Buffer Overflow Exploit
Ability Server <= 2.34 (APPE) Remote Buffer Overflow Exploit
Ability Server <= 2.34 - (APPE) Remote Buffer Overflow Exploit
Chatman <= 1.5.1 RC1 Broadcast Crash Exploit
Flash Messaging <= 5.2.0g Remote Denial of Service Exploit
Chatman <= 1.5.1 RC1 - Broadcast Crash Exploit
Flash Messaging <= 5.2.0g - Remote Denial of Service Exploit
CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) BoF Exploit
Halo <= 1.05 Broadcast Client Crash Exploit
CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) - BoF Exploit
Halo <= 1.05 - Broadcast Client Crash Exploit
Soldier of Fortune II <= 1.3 Server/Client Denial of Service Exploit
Soldier of Fortune II <= 1.3 Server/Client - Denial of Service Exploit
Star Wars Battlefront <= 1.1 Fake Players Denial of Service Exploit
Star Wars Battlefront <= 1.1 - Fake Players Denial of Service Exploit
PHP <= 4.3.7/ 5.0.0RC3 memory_limit Remote Exploit
PHP <= 4.3.7/ 5.0.0RC3 - memory_limit Remote Exploit
WS_FTP Server <= 5.03 MKD Remote Buffer Overflow Exploit
WS_FTP Server <= 5.03 - MKD Remote Buffer Overflow Exploit
Jana Server <= 2.4.4 (http/pna) Denial of Service Exploit
Jana Server <= 2.4.4 - (http/pna) Denial of Service Exploit
Kreed <= 1.05 Format String and Denial of Service Exploit
Kreed <= 1.05 - Format String and Denial of Service Exploit
Codename Eagle <= 1.42 Socket Unreacheable DoS Exploit
Codename Eagle <= 1.42 - Socket Unreacheable DoS Exploit
Linux Kernel <= 2.6.9 / 2.4.22-28 - (igmp.c) Local Denial of Service Exploit
Linux Kernel <= 2.6.9 / 2.4.22-28 - 'igmp.c' Local Denial of Service Exploit
WinRAR <= 3.4.1 Corrupt ZIP File Vulnerability PoC
Cscope <= 15.5 Symlink Vulnerability Exploit
WinRAR <= 3.4.1 - Corrupt ZIP File Vulnerability PoC
Cscope <= 15.5 - Symlink Vulnerability Exploit
Linux Kernel 2.6.x - chown() Group Ownership Alteration Exploit
Linux Kernel 2.6.x (Slackware 9.1/ Debian 3.0) - chown() Group Ownership Alteration Exploit
Netcat 1.1 - _-e_ Switch Remote Buffer Overflow Exploit
PHP <= 4.3.7 openlog() Buffer Overflow Exploit
Netcat 1.1 - '-e' Switch Remote Buffer Overflow Exploit
PHP <= 4.3.7 - openlog() Buffer Overflow Exploit
phpBB <= 2.0.10 Bot Install (Altavista) (ssh.D.Worm)
phpBB <= 2.0.10 - Bot Install (Altavista) (ssh.D.Worm)
Gore <= 1.50 Socket Unreacheable Denial of Service Exploit
Gore <= 1.50 - Socket Unreacheable Denial of Service Exploit
Exim <= 4.41 dns_build_reverse Local Exploit PoC
Exim <= 4.41 - dns_build_reverse Local Exploit PoC
Peer2Mail <= 1.4 Encrypted Password Dumper Exploit
Peer2Mail <= 1.4 - Encrypted Password Dumper Exploit
Mac OS X <= 10.3.7 Input Validation Flaw parse_machfile() DoS
Mac OS X <= 10.3.7 - Input Validation Flaw parse_machfile() DoS
Xpand Rally <= 1.0.0.0 (Server/Clients) Crash Exploit
Xpand Rally <= 1.0.0.0 (Server/Clients) - Crash Exploit
Painkiller <= 1.35 in-game cd-key alpha-numeric Buffer Overflow Exploit
Painkiller <= 1.35 - in-game cd-key alpha-numeric Buffer Overflow Exploit
Armagetron Advanced <= 0.2.7.0 Server Crash Exploit
Armagetron Advanced <= 0.2.7.0 - Server Crash Exploit
MercuryBoard <= 1.1.1 Working SQL Injection
MercuryBoard <= 1.1.1 - SQL Injection
GNU a2ps _Anything to PostScript_ Local Exploit (not suid)
GNU a2ps - 'Anything to PostScript' Local Exploit (Not SUID)
vBulletin <= 3.0.4 - _forumdisplay.php_ Code Execution
vBulletin <= 3.0.4 - 'forumdisplay.php' Code Execution (1)
vBulletin <= 3.0.4 - _forumdisplay.php_ Code Execution (part 2)
Serv-U 4.x _site chmod_ Remote Buffer Overflow Exploit
vBulletin <= 3.0.4 - 'forumdisplay.php' Code Execution (2)
Serv-U 4.x - 'site chmod' Remote Buffer Overflow Exploit
3Com 3CDaemon FTP Unauthorized _USER_ Remote BoF Exploit
3Com 3CDaemon FTP - Unauthorized 'USER' Remote BoF Exploit
vBulletin <= 3.0.6 php Code Injection
vBulletin <= 3.0.6 - PHP Code Injection
Soldier of Fortune 2 <= 1.03 - _cl_guid_ - Server Crash
Soldier of Fortune 2 <= 1.03 - 'cl_guid' - Server Crash
Knet <= 1.04c Buffer Overflow Denial of Service Exploit
Knet <= 1.04c - Buffer Overflow Denial of Service Exploit
Scrapland <= 1.0 Server Termination Denial of Service Exploit
Scrapland <= 1.0 - Server Termination Denial of Service Exploit
Apache <= 2.0.52 HTTP GET request Denial of Service Exploit
Nokia Symbian 60 (Bluetooth Nickname) Remote Restart (update)
Apache <= 2.0.52 - HTTP GET request Denial of Service Exploit
Nokia Symbian 60 (Bluetooth Nickname) Remote Restart (2)
Microsoft Internet Explorer _mshtml.dll_ CSS Parsing Buffer Overflow
Microsoft Internet Explorer - 'mshtml.dll' CSS Parsing Buffer Overflow
Ethereal <= 0.10.9 - _3G-A11_ - Remote Buffer Overflow Exploit (2)
Ethereal <= 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Windows)
Ethereal <= 0.10.9 - _3G-A11_ Remote Buffer Overflow Exploit
Ethereal <= 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Linux)
PHP-Nuke 6.x - 7.6 Top module Remote SQL Injection Exploit (working)
PHP-Nuke 6.x - 7.6 Top module - Remote SQL Injection Exploit
HP-UX FTPD <= 1.1.214.4 - _REST_ Remote Brute Force Exploit
HP-UX FTPD <= 1.1.214.4 - 'REST' Remote Brute Force Exploit
Invision Power Board <= 2.0.3 Login.PHP SQL Injection Exploit
Invision Power Board <= 2.0.3 Login.PHP SQL Injection (tutorial)
Invision Power Board <= 2.0.3 - Login.PHP SQL Injection Exploit
Invision Power Board <= 2.0.3 - Login.PHP SQL Injection (tutorial)
phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (perl)
phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php)
phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php 2)
phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (Perl)
phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1)
phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2)
Ethereal <= 0.10.10 (SIP) Protocol Dissector Remote BoF Exploit
MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit
Ethereal <= 0.10.10 - (SIP) Protocol Dissector Remote BoF Exploit
MyBulletinBoard (MyBB) <= 1.00 RC4 - SQL Injection Exploit
Microsoft Internet Explorer - javascript _window()_ Crash
Microsoft Internet Explorer - javascript 'window()' Crash
Kaspersky AntiVirus - _klif.sys_ Privilege Escalation Vulnerability
Kaspersky AntiVirus - 'klif.sys' Privilege Escalation Vulnerability
Invision Power Board <= 1.3.1 Login.PHP SQL Injection (working)
Invision Power Board <= 1.3.1 - Login.PHP SQL Injection
WordPress <= 1.5.1.1 - _add new admin_ SQL Injection Exploit
WordPress <= 1.5.1.1 - 'add new admin' SQL Injection Exploit
Mozilla Firefox <= 1.0.4 - _Set As Wallpaper_ Code Execution Exploit
Mozilla Firefox <= 1.0.4 - 'Set As Wallpaper' Code Execution Exploit
Scorched 3D <= 39.1 - Multiple Vulnerabilities (All-in-One) (PoC)
Scorched 3D <= 39.1 - Multiple Vulnerabilities (PoC)
XOOPS (wfdownloads) 2.05 Module Multiple Vulnerabilities Exploit
XOOPS (wfdownloads) 2.05 Module - Multiple Vulnerabilities
Linux Kernel <= 2.6.11 - 'k-rad3.c' (CPL 0) Local Root Exploit
Linux Kernel <= 2.6.9 / <= 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Local Root Exploit
Alien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities Exploit
Alien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities
nodez <= 4.6.1.1 mercury Multiple Vulnerabilities
nodez <= 4.6.1.1 mercury - Multiple Vulnerabilities
gCards <= 1.45 - Multiple Vulnerabilities All-In-One Exploit
gCards <= 1.45 - Multiple Vulnerabilities
Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Path Disclosure / Denial of Service Exploit
Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Path Disclosure and Denial of Service Exploit
OpenTTD <= 0.4.7 - (multiple vulnerabilities) Denial of Service Exploit
OpenTTD <= 0.4.7 - Multiple Vulnerabilities/Denial of Service Exploit
Apple Mac OS X Safari <= 2.0.3 (417.9.2) Multiple Vulnerabilities PoC
Apple Mac OS X Safari <= 2.0.3 (417.9.2) - Multiple Vulnerabilities (PoC)
PHP-Fusion <= 6.00.306 - Multiple Vulnerabilities Exploit
PHP-Fusion <= 6.00.306 - Multiple Vulnerabilities
outgun <= 1.0.3 bot 2 - Multiple Vulnerabilities Exploit
outgun <= 1.0.3 bot 2 - Multiple Vulnerabilities
raydium <= svn 309 - Multiple Vulnerabilities Exploit
raydium <= svn 309 - Multiple Vulnerabilities
PunkBuster < 1.229 (WebTool Service) Remote Buffer Overflow DoS
PunkBuster < 1.229 - (WebTool Service) Remote Buffer Overflow DoS
Ultimate PHP Board <= 1.96 GOLD Multiple Vulnerabilities Exploit
Ultimate PHP Board <= 1.96 GOLD - Multiple Vulnerabilities
Light Blog Remote Multiple Vulnerabilities Exploit
Light Blog Remote - Multiple Vulnerabilities
Apple Airport - 802.11 Probe Response Kernel Memory Corruption PoC
Apple Airport - 802.11 Probe Response Kernel Memory Corruption Proof of Concept
contentnow 1.30 (local/upload/delete) Multiple Vulnerabilities
contentnow 1.30 - (local/upload/delete) Multiple Vulnerabilities
contentnow 1.30 (upload/XSS) Multiple Vulnerabilities
contentnow 1.30 - (Upload/XSS) Multiple Vulnerabilities
torrentflux <= 2.2 (create/exec/delete) Multiple Vulnerabilities
torrentflux <= 2.2 - (create/exec/delete) Multiple Vulnerabilities
Messagerie Locale (centre.php) Remote File Inclusion Vulnerability
Site News (centre.php) Remote File Inclusion Vulnerability
Messagerie Locale (centre.php) - Remote File Inclusion Vulnerability
Site News (centre.php) - Remote File Inclusion Vulnerability
kubix <= 0.7 - Multiple Vulnerabilities Exploit
kubix <= 0.7 - Multiple Vulnerabilities
BBS E-Market Professional (Path Disclosure/Include) Multiple Vulnerabilities
BBS E-Market Professional - (Path Disclosure/Include) Multiple Vulnerabilities
F-Prot Antivirus 4.6.6 (ACE) Denial of Service Exploit
F-Prot Antivirus 4.6.6 - (ACE) Denial of Service Exploit
open newsletter <= 2.5 - Multiple Vulnerabilities Exploit (update)
open newsletter <= 2.5 - Multiple Vulnerabilities (2)
eNdonesia 8.4 (mod.php/friend.php/admin.php) Multiple Vulnerabilities
eNdonesia 8.4 - (mod.php/friend.php/admin.php) Multiple Vulnerabilities
php-update <= 2.7 - Multiple Vulnerabilities Exploit
php-update <= 2.7 - Multiple Vulnerabilities
ig shop 1.0 (eval/SQL Injection) Multiple Vulnerabilities
ig shop 1.0 - (eval/SQL Injection) Multiple Vulnerabilities
QUOTE&ORDERING SYSTEM 1.0 (ordernum) Multiple Vulnerabilities
QUOTE&ORDERING SYSTEM 1.0 - (ordernum) Multiple Vulnerabilities
vp-asp shopping cart 6.09 (SQL/XSS) Multiple Vulnerabilities
vp-asp shopping cart 6.09 - (SQL/XSS) Multiple Vulnerabilities
Aztek Forum 4.0 - Multiple Vulnerabilities Exploit
Aztek Forum 4.0 - Multiple Vulnerabilities
otscms <= 2.1.5 (SQL/XSS) Multiple Vulnerabilities
otscms <= 2.1.5 - (SQL/XSS) Multiple Vulnerabilities
uTorrent 1.6 build 474 (announce) Key Remote Heap Overflow Exploit
uTorrent 1.6 build 474 - (announce) Key Remote Heap Overflow Exploit
Connectix Boards <= 0.7 (p_skin) Multiple Vulnerabilities Exploit
Connectix Boards <= 0.7 - (p_skin) Multiple Vulnerabilities
qdblog 0.4 (SQL Injection/LFI) Multiple Vulnerabilities
qdblog 0.4 - (SQL Injection/LFI) Multiple Vulnerabilities
Censura 1.15.04 (censura.php vendorid) SQL Injection Vulnerability
Censura 1.15.04 - (censura.php vendorid) SQL Injection Vulnerability
runawaysoft haber portal 1.0 (tr) Multiple Vulnerabilities
runawaysoft haber portal 1.0 - (tr) Multiple Vulnerabilities
netclassifieds (SQL/XSS/full path) Multiple Vulnerabilities
netclassifieds - (SQL/XSS/full path) Multiple Vulnerabilities
bugmall shopping cart 2.5 (SQL/XSS) Multiple Vulnerabilities
bugmall shopping cart 2.5 - (SQL/XSS) Multiple Vulnerabilities
Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak PoC
Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak Proof of Concept
Pictures Rating (index.php msgid) Remote SQL Injection Vulnerbility
Pictures Rating - (index.php msgid) Remote SQL Injection Vulnerbility
Joomla Component Nice Talk <= 0.9.3 (tagid) SQL Injection Vulnerability
Joomla Component Nice Talk <= 0.9.3 - (tagid) SQL Injection Vulnerability
Xitami Web Server 2.5 (If-Modified-Since) Remote BoF Exploit (0day)
Xitami Web Server 2.5 - (If-Modified-Since) Remote BoF Exploit (0day)
Linux Kernel 2.4/2.6 - x86-64 System Call Emulation Exploit
Linux Kernel 2.4 / 2.6 x86-64 - System Call Emulation Exploit
else if CMS 0.6 - Multiple Vulnerabilities / Exploit
else if CMS 0.6 - Multiple Vulnerabilities
Php-Stats 0.1.9.2 - Multiple Vulnerabilities Exploit
Php-Stats 0.1.9.2 - Multiple Vulnerabilities
Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow PoC
Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow Proof of Concept
WorkingOnWeb 2.0.1400 events.php Remote SQL Injection Vulnerability
WorkingOnWeb 2.0.1400 - events.php Remote SQL Injection Vulnerability
Apple Mac OS X xnu <= 1228.0 - mach-o Local Kernel Denial of Service PoC
Apple Mac OS X xnu <= 1228.0 - mach-o Local Kernel Denial of Service Proof of Concept
portalapp 4.0 (SQL/XSS/auth bypasses) Multiple Vulnerabilities
portalapp 4.0 - (SQL/XSS/auth bypasses) Multiple Vulnerabilities
evilboard 0.1a (SQL/XSS) Multiple Vulnerabilities
evilboard 0.1a - (SQL/XSS) Multiple Vulnerabilities
Evilsentinel <= 1.0.9 (multiple vulnerabilities) Disable Exploit
Evilsentinel <= 1.0.9 - (Multiple Vulnerabilities) Disable Exploit
blogcms 4.2.1b (SQL/XSS) Multiple Vulnerabilities
blogcms 4.2.1b - (SQL/XSS) Multiple Vulnerabilities
bloofox 0.3 (SQL/fd) Multiple Vulnerabilities
bloofox 0.3 - (SQL/fd) Multiple Vulnerabilities
Liquid-Silver CMS 0.1 (update) Local File Inclusion Vulnerability
Liquid-Silver CMS 0.1 - (update) Local File Inclusion Vulnerability
simple forum 3.2 (fd/XSS) Multiple Vulnerabilities
simple forum 3.2 - (fd/XSS) Multiple Vulnerabilities
Mambo Component Sermon 0.2 (gid) SQL Injection Vulnerability
Mambo Component Sermon 0.2 - (gid) SQL Injection Vulnerability
Philips VOIP841 (Firmware <= 1.0.4.800) Multiple Vulnerabilities
Philips VOIP841 - (Firmware <= 1.0.4.800) Multiple Vulnerabilities
pigyard art gallery Multiple Vulnerabilities
pigyard art gallery - Multiple Vulnerabilities
XOOPS Module Gallery 0.2.2 (gid) Remote SQL Injection Vulnerability
XOOPS Module My_eGallery 3.04 (gid) SQL Injection Vulnerability
XOOPS Module Gallery 0.2.2 - (gid) Remote SQL Injection Vulnerability
XOOPS Module My_eGallery 3.04 - (gid) SQL Injection Vulnerability
easycalendar <= 4.0tr Multiple Vulnerabilities
easygallery <= 5.0tr Multiple Vulnerabilities
easycalendar <= 4.0tr - Multiple Vulnerabilities
easygallery <= 5.0tr - Multiple Vulnerabilities
Nuked-Klan <= 1.7.6 - Multiple Vulnerabilities Exploit
Nuked-Klan <= 1.7.6 - Multiple Vulnerabilities
RedDot CMS 7.5 (LngId) Remote SQL Injection Exploit
RedDot CMS 7.5 - (LngId) Remote SQL Injection Exploit
minibb 2.2 (css/SQL/fpd) Multiple Vulnerabilities
minibb 2.2 - (css/SQL/fpd) Multiple Vulnerabilities
siteman 2.x (exec/LFI/XSS) Multiple Vulnerabilities
siteman 2.x - (exec/LFI/XSS) Multiple Vulnerabilities
megabbs forum 2.2 (SQL/XSS) Multiple Vulnerabilities
megabbs forum 2.2 - (SQL/XSS) Multiple Vulnerabilities
Joomla Component paxxgallery 0.2 (gid) Blind SQL Injection Exploit
Joomla Component paxxgallery 0.2 - (gid) Blind SQL Injection Exploit
cplinks 1.03 (bypass/SQL/xxs) Multiple Vulnerabilities
cplinks 1.03 - (bypass/SQL/xxs) Multiple Vulnerabilities
deluxebb <= 1.2 - Multiple Vulnerabilities Exploit
deluxebb <= 1.2 - Multiple Vulnerabilities
Phoenix View CMS <= Pre Alpha2 (SQL/LFI/XSS) Multiple Vulnerabilities
Phoenix View CMS <= Pre Alpha2 - (SQL/LFI/XSS) Multiple Vulnerabilities
Ktools PhotoStore <= 3.5.1 (gallery.php gid) SQL Injection Vulnerability
Ktools PhotoStore <= 3.5.1 - (gallery.php gid) SQL Injection Vulnerability
idautomation bar code ActiveX Multiple Vulnerabilities
idautomation bar code ActiveX - Multiple Vulnerabilities
ecms 0.4.2 (SQL/pb) Multiple Vulnerabilities
Mantis Bug Tracker 1.1.1 (CE/XSS/CSRF) Multiple Vulnerabilities
ecms 0.4.2 - (SQL/pb) Multiple Vulnerabilities
Mantis Bug Tracker 1.1.1 - (CE/XSS/CSRF) Multiple Vulnerabilities
mebiblio 0.4.7 (SQL/upload/XSS) Multiple Vulnerabilities
mebiblio 0.4.7 - (SQL/upload/XSS) Multiple Vulnerabilities
smeweb 1.4b (SQL/XSS) Multiple Vulnerabilities
smeweb 1.4b - (SQL/XSS) Multiple Vulnerabilities
PHP-Address Book <= 3.1.5 (SQL/XSS) Multiple Vulnerabilities
PHP-Address Book <= 3.1.5 - (SQL/XSS) Multiple Vulnerabilities
427bb 2.3.1 (SQL/XSS) Multiple Vulnerabilities
427bb 2.3.1 - (SQL/XSS) Multiple Vulnerabilities
Black Ice Software Inc Barcode SDK (BIDIB.ocx) Multiple Vulnerabilities
Black Ice Software Inc Barcode SDK - (BIDIB.ocx) Multiple Vulnerabilities
real estate Web site 1.0 (SQL/XSS) Multiple Vulnerabilities
telephone directory 2008 (SQL/XSS) Multiple Vulnerabilities
real estate Web site 1.0 - (SQL/XSS) Multiple Vulnerabilities
telephone directory 2008 - (SQL/XSS) Multiple Vulnerabilities
gravity board x 2.0 beta (SQL/XSS) Multiple Vulnerabilities
gravity board x 2.0 beta - (SQL/XSS) Multiple Vulnerabilities
butterfly organizer 2.0.0 (SQL/XSS) Multiple Vulnerabilities
butterfly organizer 2.0.0 - (SQL/XSS) Multiple Vulnerabilities
doITlive CMS <= 2.50 (SQL Injection/XSS) Multiple Vulnerabilities
doITlive CMS <= 2.50 - (SQL Injection/XSS) Multiple Vulnerabilities
ownrs blog beta3 (SQL/XSS) Multiple Vulnerabilities
ownrs blog beta3 - (SQL/XSS) Multiple Vulnerabilities
sitexs CMS 0.1.1 (upload/XSS) Multiple Vulnerabilities
sitexs CMS 0.1.1 - (upload/XSS) Multiple Vulnerabilities
shibby shop <= 2.2 (SQL/update) Multiple Vulnerabilities
shibby shop <= 2.2 - (SQL/update) Multiple Vulnerabilities
polypager <= 1.0rc2 (SQL/XSS) Multiple Vulnerabilities
polypager <= 1.0rc2 - (SQL/XSS) Multiple Vulnerabilities
otmanager CMS 24a (LFI/XSS) Multiple Vulnerabilities
w1l3d4 philboard 1.2 (blind sql/XSS) Multiple Vulnerabilities
otmanager CMS 24a - (LFI/XSS) Multiple Vulnerabilities
w1l3d4 philboard 1.2 - (blind sql/XSS) Multiple Vulnerabilities
Thelia 1.3.5 - Multiple Vulnerabilities Exploit
Thelia 1.3.5 - Multiple Vulnerabilities
contentnow 1.4.1 (upload/XSS) Multiple Vulnerabilities
contentnow 1.4.1 - (upload/XSS) Multiple Vulnerabilities
trixbox (langChoice) - Local File Inclusion Exploit (connect-back) (2)
trixbox - (langChoice) Local File Inclusion Exploit (connect-back) (2)
Trixbox 2.6.1 - (langChoice) Remote Root Exploit (py)
Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python)
jsite 1.0 oe (SQL/LFI) Multiple Vulnerabilities
jsite 1.0 oe - (SQL/LFI) Multiple Vulnerabilities
Bea Weblogic Apache Connector - Code Execution / Denial of Service Exploit
Bea Weblogic Apache Connector - Code Execution and Denial of Service Exploit
e-vision CMS <= 2.02 (SQL/upload/ig) Multiple Vulnerabilities
k-links directory (SQL/XSS) Multiple Vulnerabilities
e-vision CMS <= 2.02 - (SQL/upload/ig) Multiple Vulnerabilities
k-links directory - (SQL/XSS) Multiple Vulnerabilities
Ppim <= 1.0 (Arbitrary File Delete/XSS) Multiple Vulnerabilities
Ppim <= 1.0 - (Arbitrary File Delete/XSS) Multiple Vulnerabilities
Ppim <= 1.0 (upload/change password) Multiple Vulnerabilities
Ppim <= 1.0 - (upload/change password) Multiple Vulnerabilities
k-rate (SQL/XSS) Multiple Vulnerabilities
k-rate - (SQL/XSS) Multiple Vulnerabilities
Invision Power Board <= 2.3.5 - Multiple Vulnerabilities Exploit (revised)
Invision Power Board <= 2.3.5 - Multiple Vulnerabilities (2)
brim 2.0.0 (SQL/XSS) Multiple Vulnerabilities
brim 2.0.0 - (SQL/XSS) Multiple Vulnerabilities
aspwebalbum 3.2 (upload/SQL/XSS) Multiple Vulnerabilities
aspwebalbum 3.2 - (upload/SQL/XSS) Multiple Vulnerabilities
qwicsite pro (SQL/XSS) Multiple Vulnerabilities
qwicsite pro - (SQL/XSS) Multiple Vulnerabilities
Hot Links SQL-PHP 3 (report.php) Multiple Vulnerabilities
Hot Links SQL-PHP 3 - (report.php) Multiple Vulnerabilities
Availscript Article Script (articles.php) Multiple Vulnerabilities
Availscript Article Script - (articles.php) Multiple Vulnerabilities
Availscript Photo Album (pics.php) Multiple Vulnerabilities
Availscript Photo Album - (pics.php) Multiple Vulnerabilities
phpvid 1.1 0- (XSS/SQL) Multiple Vulnerabilities
phpvid 1.1 0 - (XSS/SQL) Multiple Vulnerabilities
php infoboard 7 - plus Multiple Vulnerabilities
php infoboard 7 plus - Multiple Vulnerabilities
camera life 2.6.2b4 (SQL/XSS) Multiple Vulnerabilities
camera life 2.6.2b4 - (SQL/XSS) Multiple Vulnerabilities
mini-pub 0.3 (lfd/ce) Multiple Vulnerabilities
mini-pub 0.3 - (LFD/CE) Multiple Vulnerabilities
Nuked-klaN <= 1.7.7 / <= SP4.4 - Multiple Vulnerabilities Exploit
Nuked-klaN <= 1.7.7 / <= SP4.4 - Multiple Vulnerabilities
mystats (hits.php) Multiple Vulnerabilities Exploit
mystats - (hits.php) Multiple Vulnerabilities
Vivvo CMS <= 3.4 - Multiple Vulnerabilities Destroyer Exploit
Vivvo CMS <= 3.4 - Multiple Vulnerabilities
websvn <= 2.0 - (XSS/fh/ce) Multiple Vulnerabilities
websvn <= 2.0 - (XSS/fh/CE) Multiple Vulnerabilities
db Software Laboratory VImpX (VImpX.ocx) Multiple Vulnerabilities
db Software Laboratory VImpX - (VImpX.ocx) Multiple Vulnerabilities
phpdaily (SQL/XSS/lfd) Multiple Vulnerabilities
phpdaily - (SQL/XSS/lfd) Multiple Vulnerabilities
questcms - (XSS/directory traversal/SQL) Multiple Vulnerabilities
questcms - (XSS/Directory Traversal/SQL) Multiple Vulnerabilities
apartment search script (rfu/XSS) Multiple Vulnerabilities
apartment search script - (RFU/XSS) Multiple Vulnerabilities
MatPo Link 1.2b (Blind SQL Injection/XSS) Multiple Vulnerabilities
MatPo Link 1.2b - (Blind SQL Injection/XSS) Multiple Vulnerabilities
WEBBDOMAIN WebShop 1.02 (SQL/XSS) Multiple Vulnerabilities
WEBBDOMAIN WebShop 1.02 - (SQL/XSS) Multiple Vulnerabilities
pre multi-vendor shopping malls Multiple Vulnerabilities
pre multi-vendor shopping malls - Multiple Vulnerabilities
Pre ADS Portal <= 2.0 (Auth Bypass/XSS) Multiple Vulnerabilities
Pre ADS Portal <= 2.0 - (Auth Bypass/XSS) Multiple Vulnerabilities
Mini Web Calendar 1.2 (File Disclosure/XSS) Multiple Vulnerabilities
Mini Web Calendar 1.2 - (File Disclosure/XSS) Multiple Vulnerabilities
zeeproperty 1.0 (upload/XSS) Multiple Vulnerabilities
zeeproperty 1.0 - (upload/XSS) Multiple Vulnerabilities
Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerabilities
Openfire Server <= 3.6.0a - (Auth Bypass/SQL/XSS) Multiple Vulnerabilities
AJSquare Free Polling Script (DB) Multiple Vulnerabilities
AJSquare Free Polling Script - (DB) Multiple Vulnerabilities
turnkeyforms Web Hosting Directory Multiple Vulnerabilities
turnkeyforms Web Hosting Directory - Multiple Vulnerabilities
GS Real Estate Portal US/International Module Multiple Vulnerabilities
GS Real Estate Portal US/International Module - Multiple Vulnerabilities
bandwebsite 1.5 (SQL/XSS) Multiple Vulnerabilities
bandwebsite 1.5 - (SQL/XSS) Multiple Vulnerabilities
chipmunk topsites (auth bypass/XSS) Multiple Vulnerabilities
clean CMS 1.5 (blind SQL Injection/XSS) Multiple Vulnerabilities
chipmunk topsites - (auth bypass/XSS) Multiple Vulnerabilities
clean CMS 1.5 - (blind SQL Injection/XSS) Multiple Vulnerabilities
Ocean12 Contact Manager Pro (SQL/XSS/DDV) Multiple Vulnerabilities
Ocean12 Contact Manager Pro - (SQL/XSS/DDV) Multiple Vulnerabilities
comersus asp shopping cart (dd/XSS) Multiple Vulnerabilities
comersus asp shopping cart - (DD/XSS) Multiple Vulnerabilities
minimal ablog 0.4 (SQL/fu/bypass) Multiple Vulnerabilities
minimal ablog 0.4 - (SQL/fu/bypass) Multiple Vulnerabilities
Ocean12 Mailing List Manager Gold (DD/SQL/XSS) Vulnerabilities
Ocean12 Mailing List Manager Gold - (DD/SQL/XSS) Vulnerabilities
wbstreet 1.0 (SQL/dd) Multiple Vulnerabilities
wbstreet 1.0 - (SQL/DD) Multiple Vulnerabilities
template creature (SQL/dd) Multiple Vulnerabilities
template creature - (SQL/DD) Multiple Vulnerabilities
merlix educate servert (bypass/dd) Multiple Vulnerabilities
merlix educate servert - (bypass/DD) Multiple Vulnerabilities
nightfall personal diary 1.0 - (XSS/dd) Multiple Vulnerabilities
Merlix Teamworx Server (DD/Bypass) Multiple Remote Vulnerabilities
nightfall personal diary 1.0 - (XSS/DD) Multiple Vulnerabilities
Merlix Teamworx Server - (DD/Bypass) Multiple Remote Vulnerabilities
asp autodealer (SQL/dd) Multiple Vulnerabilities
asp autodealer - (SQL/DD) Multiple Vulnerabilities
aspmanage banners (rfu/dd) Multiple Vulnerabilities
aspmanage banners - (RFU/DD) Multiple Vulnerabilities
asp talk (SQL/css) Multiple Vulnerabilities
asp talk - (SQL/css) Multiple Vulnerabilities
siu guarani Multiple Vulnerabilities
siu guarani - Multiple Vulnerabilities
webcaf <= 1.4 - (LFI/rce) Multiple Vulnerabilities
webcaf <= 1.4 - (LFI/RCE) Multiple Vulnerabilities
postecards (SQL/dd) Multiple Vulnerabilities
postecards - (SQL/DD) Multiple Vulnerabilities
living Local 1.1 - (XSS-rfu) Multiple Vulnerabilities
living Local 1.1 - (XSS/rfu) Multiple Vulnerabilities
cf shopkart 5.2.2 (SQL/dd) Multiple Vulnerabilities
cf shopkart 5.2.2 - (SQL/DD) Multiple Vulnerabilities
the net guys aspired2blog (SQL/dd) Multiple Vulnerabilities
the net guys aspired2blog - (SQL/dd) Multiple Vulnerabilities
joomla live chat (SQL/proxy) Multiple Vulnerabilities
joomla live chat - (SQL/proxy) Multiple Vulnerabilities
isweb CMS 3.0 (SQL/XSS) Multiple Vulnerabilities
isweb CMS 3.0 - (SQL/XSS) Multiple Vulnerabilities
clickandemail (SQL/XSS) Multiple Vulnerabilities
click&rank (SQL/XSS) Multiple Vulnerabilities
clickandemail - (SQL/XSS) Multiple Vulnerabilities
click&rank - (SQL/XSS) Multiple Vulnerabilities
Liberum Help Desk 0.97.3 (SQL/DD) Remote Vulnerabilities
Zelta E Store (RFU/BYPASS/R-SQL/B-SQL) Multiple Vulnerabilities
Liberum Help Desk 0.97.3 - (SQL/DD) Remote Vulnerabilities
Zelta E Store - (RFU/BYPASS/R-SQL/B-SQL) Multiple Vulnerabilities
2532/gigs 1.2.2 - stable Multiple Vulnerabilities
2532/gigs 1.2.2 stable - Multiple Vulnerabilities
constructr CMS <= 3.02.5 stable Multiple Vulnerabilities
constructr CMS <= 3.02.5 stable - Multiple Vulnerabilities
chicomas <= 2.0.4 (DB Backup/DD/XSS) Multiple Vulnerabilities
chicomas <= 2.0.4 - (DB Backup/DD/XSS) Multiple Vulnerabilities
yourplace <= 1.0.2 - Multiple Vulnerabilities + rce Exploit
yourplace <= 1.0.2 - Multiple Vulnerabilities + RCE Exploit
doop CMS <= 1.4.0b (CSRF/upload shell) Multiple Vulnerabilities
doop CMS <= 1.4.0b - (CSRF/upload shell) Multiple Vulnerabilities
Nokia S60 SMS/Mms (Curse of Silence) Denial of Service Vulnerability
Nokia S60 SMS/MMS (Curse of Silence) - Denial of Service Vulnerability
Seo4SMF for SMF forums Multiple Vulnerabilities
Seo4SMF for SMF forums - Multiple Vulnerabilities
mkportal <= 1.2.1 () Multiple Vulnerabilities
mkportal <= 1.2.1 - Multiple Vulnerabilities
rankem (dd/XSS/cm) Multiple Vulnerabilities
blogit! (SQL/dd/XSS) Multiple Vulnerabilities
rankem - (DD/XSS/cm) Multiple Vulnerabilities
blogit! - (SQL/DD/XSS) Multiple Vulnerabilities
E-ShopSystem Auth Bypass / SQL Injection Multiple Vulnerabilities
E-ShopSystem - (Auth Bypass / SQL Injection) Multiple Vulnerabilities
Motorola Wimax modem CPEi300 (FD/XSS) Multiple Vulnerabilities
Motorola Wimax modem CPEi300 - (FD/XSS) Multiple Vulnerabilities
navicopa webserver 3.0.1 (bof/sd) Multiple Vulnerabilities
navicopa webserver 3.0.1 - (bof/sd) Multiple Vulnerabilities
Power System Of Article Management 3.0 - (DD/XSS) Vulnerabilities
team 1.x - (dd/XSS) Multiple Vulnerabilities
Power System Of Article Management 3.0 - (DD/XSS) Multiple Vulnerabilities
team 1.x - (DD/XSS) Multiple Vulnerabilities
gr blog 1.1.4 (upload/bypass) Multiple Vulnerabilities
gr blog 1.1.4 - (upload/bypass) Multiple Vulnerabilities
zeroboard4 pl8 (07.12.17) Multiple Vulnerabilities
zeroboard4 pl8 (07.12.17) - Multiple Vulnerabilities
SilverNews 2.04 (Auth Bypass/LFI/RCE) Multiple Vulnerabilities
SilverNews 2.04 - (Auth Bypass/LFI/RCE) Multiple Vulnerabilities
w3bcms <= 3.5.0 - Multiple Vulnerabilities Exploit
w3bcms <= 3.5.0 - Multiple Vulnerabilities
powermovielist 0.14b (SQL/XSS) Multiple Vulnerabilities
powermovielist 0.14b - (SQL/XSS) Multiple Vulnerabilities
ritsblog 0.4.2 (ab/XSS) Multiple Vulnerabilities
Zabbix 1.6.2 Frontend Multiple Vulnerabilities
blindblog 1.3.1 (SQL/ab/LFI) Multiple Vulnerabilities
ritsblog 0.4.2 - (ab/XSS) Multiple Vulnerabilities
Zabbix 1.6.2 - Frontend - Multiple Vulnerabilities
blindblog 1.3.1 - (SQL/ab/LFI) Multiple Vulnerabilities
phpCommunity 2.1.8 (SQL/DT/XSS) Multiple Vulnerabilities
phpCommunity 2.1.8 - (SQL/DT/XSS) Multiple Vulnerabilities
Telnet-Ftp Service Server 1.x - Multiple Vulnerabilities (Post Auth)
Telnet-Ftp Service Server 1.x - (Post Auth) Multiple Vulnerabilities
Femitter FTP Server 1.x - Multiple Vulnerabilities (post auth)
Femitter FTP Server 1.x - (Post Auth) Multiple Vulnerabilities
Diskos CMS Manager (SQL/DB/Auth Bypass) Multiple Vulnerabilities
Diskos CMS Manager - (SQL/DB/Auth Bypass) Multiple Vulnerabilities
Linux Kernel 2.6 - UDEV Local Privilege Escalation Exploit
Linux Kernel 2.6 (Debian / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit
flatnux 2009-03-27 (upload/id) Multiple Vulnerabilities
flatnux 2009-03-27 - (upload/id) Multiple Vulnerabilities
fungamez rc1 (ab/LFI) Multiple Vulnerabilities
fungamez rc1 - (ab/LFI) Multiple Vulnerabilities
mixedcms 1.0b (LFI/su/ab/fd) Multiple Vulnerabilities
mixedcms 1.0b - (LFI/su/ab/fd) Multiple Vulnerabilities
fowlcms 1.1 (ab/LFI/su) Multiple Vulnerabilities
fowlcms 1.1 - (ab/LFI/su) Multiple Vulnerabilities
dwebpro 6.8.26 (dt/fd) Multiple Vulnerabilities
dwebpro 6.8.26 - (dt/fd) Multiple Vulnerabilities
Linux Kernel 2.6.x - SCTP FWD Memory Corruption Remote Exploit
Linux Kernel 2.6.x (<= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10) (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit
Linux Kernel 2.6 UDEV < 141 - Local Privilege Escalation Exploit
Linux Kernel 2.6 UDEV < 141 (Gentoo / Ubuntu 8.10/9.04) - Local Privilege Escalation Exploit
leap CMS 0.1.4 (SQL/XSS/su) Multiple Vulnerabilities
leap CMS 0.1.4 - (SQL/XSS/su) Multiple Vulnerabilities
tematres 1.0.3 (auth bypass/SQL/XSS) Multiple Vulnerabilities
tematres 1.0.3 - (auth bypass/SQL/XSS) Multiple Vulnerabilities
Linux Kernel 2.6.x - ptrace_attach Local Privilege Escalation Exploit
Linux Kernel 2.6.x (Gentoo 2.6.29rc1) - ptrace_attach Local Privilege Escalation Exploit
2daybiz business community script Multiple Vulnerabilities
Easy Scripts Answer and Question Script Multiple Vulnerabilities
2daybiz business community script - Multiple Vulnerabilities
Easy Scripts Answer and Question Script - Multiple Vulnerabilities
my-colex 1.4.2 (ab/XSS/SQL) Multiple Vulnerabilities
my-gesuad 0.9.14 (ab/SQL/XSS) Multiple Vulnerabilities
my-colex 1.4.2 - (ab/XSS/SQL) Multiple Vulnerabilities
my-gesuad 0.9.14 - (ab/SQL/XSS) Multiple Vulnerabilities
vidshare pro (SQL/XSS) Multiple Vulnerabilities
vidshare pro - (SQL/XSS) Multiple Vulnerabilities
Mac OS X - Java applet Remote Deserialization Remote PoC (updated)
Mac OS X - Java applet Remote Deserialization Remote PoC (Updated)
asp inline corporate calendar (SQL/XSS) Multiple Vulnerabilities
asp inline corporate calendar - (SQL/XSS) Multiple Vulnerabilities
minitwitter 0.3-beta (SQL/XSS) Multiple Vulnerabilities
minitwitter 0.3-beta - (SQL/XSS) Multiple Vulnerabilities
elitecms 1.01 (SQL/XSS) Multiple Vulnerabilities
elitecms 1.01 - (SQL/XSS) Multiple Vulnerabilities
flashlight free edition (LFI/SQL) Multiple Vulnerabilities
flashlight free edition - (LFI/SQL) Multiple Vulnerabilities
propertymax pro free (SQL/XSS) Multiple Vulnerabilities
propertymax pro free - (SQL/XSS) Multiple Vulnerabilities
podcast generator <= 1.2 - globals[] Multiple Vulnerabilities
podcast generator <= 1.2 - globals[] - Multiple Vulnerabilities
kloxo 5.75 (24 issues) Multiple Vulnerabilities
kloxo 5.75 - (24 issues) Multiple Vulnerabilities
virtue news (SQL/XSS) Multiple Vulnerabilities
virtue news - (SQL/XSS) Multiple Vulnerabilities
mrcgiguy the ticket system 2.0 php Multiple Vulnerabilities
mrcgiguy the ticket system 2.0 php - Multiple Vulnerabilities
mrcgiguy freeticket (ch/SQL) Multiple Vulnerabilities
mrcgiguy freeticket - (ch/SQL) Multiple Vulnerabilities
impleo music collection 2.0 (SQL/XSS) Multiple Vulnerabilities
impleo music collection 2.0 - (SQL/XSS) Multiple Vulnerabilities
kasseler CMS (fd/XSS) Multiple Vulnerabilities
kasseler CMS - (fd/XSS) Multiple Vulnerabilities
tribiq CMS 5.0.12c (XSS/LFI) Multiple Vulnerabilities
tribiq CMS 5.0.12c - (XSS/LFI) Multiple Vulnerabilities
Virtue Online Test Generator (AB/SQL/XSS) Multiple Vulnerabilities
Virtue Online Test Generator - (AB/SQL/XSS) Multiple Vulnerabilities
Linux Kernel <= 2.6.28.3 - set_selection() UTF-8 Off By One Local Exploit (x86-64)
Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 & Fedora Core 10) (x86-64) - set_selection() UTF-8 Off By One Local Exploit
Siteframe CMS 3.2.x SQL Injection/phpinfo() Multiple Vulnerabilities
Siteframe CMS 3.2.x - (SQL Injection/phpinfo()) Multiple Vulnerabilities
citrix xencenterweb - (XSS/SQL/rce) Multiple Vulnerabilities
citrix xencenterweb - (XSS/SQL/RCE) Multiple Vulnerabilities
FreeBSD 6/8 (ata device) Local Denial of Service Exploit
FreeBSD 6/8 - (ata device) Local Denial of Service Exploit
good/bad vote (XSS/LFI) Multiple Vulnerabilities
good/bad vote - (XSS/LFI) Multiple Vulnerabilities
Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux / RHEL5 - Test Kernel Local Root Exploit (0day)
Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Kernel Local Root Exploit (0day)
mcshoutbox 1.1 (SQL/XSS/shell) Multiple Vulnerabilities
mcshoutbox 1.1 - (SQL/XSS/shell) Multiple Vulnerabilities
DD-WRT (httpd service) Remote Command Execution Vulnerability
DD-WRT - (httpd service) Remote Command Execution Vulnerability
tenrok 1.1.0 (udd/rce) Multiple Vulnerabilities
tenrok 1.1.0 - (udd/RCE) Multiple Vulnerabilities
logoshows bbs 2.0 (dd/ich) Multiple Vulnerabilities
logoshows bbs 2.0 - (DD/ich) Multiple Vulnerabilities
Linux Kernel 2.x - sock_sendpage() Local Ring0 Root Exploit (1)
Linux Kernel 2.x (Redhat) - sock_sendpage() Ring0 Local Root Exploit (1)
Linux Kernel 2.4 / 2.6 - sock_sendpage() ring0 Root Exploit (1)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - sock_sendpage() ring0 Root Exploit (1)
Linux Kernel <= 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure
Linux Kernel <= 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure Proof of Concept
Linux Kernel 2.6 < 2.6.19 - (32-bit) ip_append_data() ring0 Root Exploit
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6) - (32-bit) ip_append_data() ring0 Root Exploit
Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (PPC Edition)
Linux Kernel 2.4.x / 2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SUSE 10 SP2/11 / Ubuntu 8.10) - sock_sendpage() Local Root (PPC)
Linux Kernel < 2.6.19 - udp_sendmsg Local Root Exploit (x86/x64)
Linux Kernel < 2.6.19 - udp_sendmsg Local Root Exploit
Linux Kernel < 2.6.19 (x86/x64) - udp_sendmsg Local Root Exploit
Linux Kernel < 2.6.19 (Debian 4) - udp_sendmsg Local Root Exploit
Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (2)
Linux Kernel 2.4 / 2.6 (Fedora 11) - sock_sendpage() Local Root Exploit (2)
Joomla Hotel Booking System - XSS/SQL Injection Multiple Vulnerabilities
Joomla Hotel Booking System - (XSS/SQL Injection) Multiple Vulnerabilities
Alteon OS BBI (Nortell) - Multiple Vulnerabilities XSS and CSRF
Alteon OS BBI (Nortell) - (XSS and CSR) Multiple Vulnerabilities
Linux Kernel - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty
Linux Kernel - 'pipe.c' Local Privilege Escalation Vulnerability
Linux Kernel 2.6.x - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty
Linux Kernel <= 2.6.32 - 'pipe.c' Local Privilege Escalation Vulnerability
Linux Kernel - 'unix_stream_connect()' Local Denial of Service Vulnerability
Linux Kernel <= 2.6.31.4 - 'unix_stream_connect()' Local Denial of Service Vulnerability
Unreal Tournament 2004 - _Secure_ Overflow
Unreal Tournament 2004 - 'Secure' Overflow
VMWare Fusion <= 2.0.5 - vmx86 kext Local kernel Root Exploit
VMWare Fusion <= 2.0.5 - vmx86 kext Kernel Local Root Exploit
PHP < 5.3.1 - _multipart/form-data_ Denial of Service Exploit (Python)
PHP < 5.3.1 - 'multipart/form-data' Denial of Service Exploit (Python)
sugar crm 5.5.0.rc2 and 5.2.0j Multiple Vulnerabilities
sugar crm 5.5.0.rc2 and 5.2.0j - Multiple Vulnerabilities
Huawei MT882 Modem/Router Multiple Vulnerabilities
Huawei MT882 Modem/Router - Multiple Vulnerabilities
DigitalHive Multiple Vulnerabilities
DigitalHive - Multiple Vulnerabilities
zabbix server Multiple Vulnerabilities
zabbix server - Multiple Vulnerabilities
Ez Faq Maker Multiple Vulnerabilities
Ez Faq Maker - Multiple Vulnerabilities
Ez Blog 1.0 - XSS/CSRF Multiple Vulnerabilities
Ez Blog 1.0 - (XSS/CSRF) Multiple Vulnerabilities
Recipe Script 5.0 - Shell Upload/CSRF/XSS Multiple Vulnerabilities
Recipe Script 5.0 - (Shell Upload/CSRF/XSS) Multiple Vulnerabilities
eUploader PRO 3.1.1 - CSRF/XSS Multiple Vulnerabilities
eUploader PRO 3.1.1 - (CSRF/XSS) Multiple Vulnerabilities
Horde 3.3.5 - _PHP_SELF_ XSS Vulnerability
Horde 3.3.5 - 'PHP_SELF' XSS Vulnerability
Lizard Cart Upload Shell Vulnerability
Lizard Cart - Upload Shell Vulnerability
Mega Upload Upload Shell Vulnerability
Mega Upload 1.45 - Upload Shell Vulnerability
MyCart shopping cart Upload Shell Vulnerability
oscommerce <= 2.2rc2a Bypass/Create and Download Backup Vulnerability
MyCart shopping cart - Upload Shell Vulnerability
osCommerce <= 2.2rc2a - Bypass/Create and Download Backup Vulnerability
gallery_show.asp GID suffer from Blind SQL Injection Vulnerability
gallery_show.asp - GID Blind SQL Injection Vulnerability
Mini-NUKE 2.3 - Freehost Multiple Vulnerabilities
Mini-NUKE 2.3 Freehost - Multiple Vulnerabilities
VirtualDJ Trial 6.0.6 - _New Year Edition_ - (.m3u) Exploit (0day)
VirtualDJ Trial 6.0.6 - 'New Year Edition' - (.m3u) Exploit (0day)
PHPDirector Game Edition 0.1 - Multiple Vulnerabilities (LFI/SQLi/XSS)
PHPDirector Game Edition 0.1 - (LFI/SQLi/XSS) Multiple Vulnerabilities
Docebo 3.6.0.2 (stable) Local File Inclusion
Docebo 3.6.0.2 (stable) - Local File Inclusion
CLONEBID B2B Marketplace Multiple Vulnerabilities
ITechSctipts Alibaba Clone Multiple Vulnerabilities
CLONEBID B2B Marketplace - Multiple Vulnerabilities
ITechSctipts Alibaba Clone - Multiple Vulnerabilities
ManageEngine OpUtils 5 - _Login.DO_ SQL Injection Vulnerability
ManageEngine OpUtils 5 - 'Login.DO' SQL Injection Vulnerability
CMS by MyWorks Multiple Vulnerabilities
CMS by MyWorks - Multiple Vulnerabilities
DZ Auktionshaus _V4.rgo_ (id) news.php - SQL Injection Vulnerability
DZ Auktionshaus 'V4.rgo' (id) news.php - SQL Injection Vulnerability
PhpCityPortal Multiple Vulnerabilities
PhpCityPortal - Multiple Vulnerabilities
Joomla Component com_ckforms Multiple Vulnerabilities
Joomla Component com_ckforms - Multiple Vulnerabilities
Joomla Component com_vxdate Multiple Vulnerabilities
Joomla Component com_vxdate - Multiple Vulnerabilities
Adult Video Site Script Multiple Vulnerabilities
Adult Video Site Script - Multiple Vulnerabilities
iOS Safari - Bad _VML_ Remote DoS
iOS Safari - Bad 'VML' Remote DoS
Linux Kernel <= 2.6.34-rc3 ReiserFS xattr - Privilege Escalation
Linux Kernel <= 2.6.34-rc3 ReiserFS xattr (Redhat/Ubuntu 9.10) - Privilege Escalation
vBulletin _Cyb - Advanced Forum Statistics_ DoS
vBulletin 'Cyb - Advanced Forum Statistics' DoS
dl_stats Multiple Vulnerabilities
dl_stats - Multiple Vulnerabilities
avtech software (avc781viewer.dll) ActiveX Multiple Vulnerabilities
avtech software (avc781viewer.dll) ActiveX - Multiple Vulnerabilities
lanewsfactory Multiple Vulnerabilities
lanewsfactory - Multiple Vulnerabilities
MacOS X 10.6 HFS File System Attack (Denial of Service)
MacOS X 10.6 - HFS File System Attack (Denial of Service)
WFTPD Server 3.30 - Multiple Vulnerabilities (0day)
WFTPD Server 3.30 - (0day) Multiple Vulnerabilities
CompactCMS 1.4.0 (tiny_mce) Remote File Upload
CompactCMS 1.4.0 (tiny_mce) - Remote File Upload
Tainos Multiple Vulnerabilities
Tainos - Multiple Vulnerabilities
Joomla Component com_event Multiple Vulnerabilities
Joomla Component com_event - Multiple Vulnerabilities
B-Hind CMS (tiny_mce) Remote File Upload
B-Hind CMS (tiny_mce) - Remote File Upload
ComponentOne VSFlexGrid 7 & 8 - _Archive()_ method Remote Buffer Overflow Exploit
ComponentOne VSFlexGrid 7 & 8 - 'Archive()' method Remote Buffer Overflow Exploit
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - _PORT_ Command Remote DoS
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - 'PORT' Command Remote DoS
Blaze Apps Multiple Vulnerabilities
Blaze Apps - Multiple Vulnerabilities
Joomla Component My Car Multiple Vulnerabilities
Joomla Component My Car - Multiple Vulnerabilities
Marketing Web Design Multiple Vulnerabilities
Marketing Web Design - Multiple Vulnerabilities
Aim Web Design Multiple Vulnerabilities
Aim Web Design - Multiple Vulnerabilities
Zeeways Script Multiple Vulnerabilities
Zeeways Script - Multiple Vulnerabilities
QuickTalk 1.2 - Multiple Vulnerabilities (Source Code Disclosure)
QuickTalk 1.2 - (Source Code Disclosure) Multiple Vulnerabilities
Joomla Component ChronoConnectivity
Joomla Component ChronoForms (com_chronocontact)
Joomla Component ChronoConnectivity (com_chronoconnectivity) - Blind SQL Injection Vulnerability
Joomla Component ChronoForms (com_chronocontact) - Blind SQL Injection Vulnerability
Simple Posting System Multiple Vulnerabilities
Simple Posting System - Multiple Vulnerabilities
Joomla Component com_djartgallery Multiple Vulnerabilities
Joomla Component com_djartgallery - Multiple Vulnerabilities
Miniweb 2.0 Business Portal and Social Networking Platform SQL Injection
Miniweb 2.0 Business Portal and Social Networking Platform - SQL Injection
E-PHP B2B Marketplace Multiple Vulnerabilities
E-PHP B2B Marketplace - Multiple Vulnerabilities
DaLogin Multiple Vulnerabilities
DaLogin - Multiple Vulnerabilities
Novell iManager Multiple Vulnerabilities
Novell iManager - Multiple Vulnerabilities
2DayBiz Video Community portal - _user-profile.php_ SQL Injection Vulnerability
2DayBiz Real Estate Portal - _viewpropertydetails.php_ SQL injection
2DayBiz Video Community portal - 'user-profile.php' SQL Injection Vulnerability
2DayBiz Real Estate Portal - 'viewpropertydetails.php' SQL injection
NO-IP.com Dynamic DNS Update Client 2.2.1 - _Request_ Insecure Encoding Algorithm
NO-IP.com Dynamic DNS Update Client 2.2.1 - 'Request' Insecure Encoding Algorithm
TCW PHP Album Multiple Vulnerabilities
Esoftpro Online Guestbook Pro Multiple Vulnerabilities
TCW PHP Album - Multiple Vulnerabilities
Esoftpro Online Guestbook Pro - Multiple Vulnerabilities
Esoftpro Online Contact Manager Multiple Vulnerabilities
Esoftpro Online Contact Manager - Multiple Vulnerabilities
Joomla Component Sef (com_sef) - LFI Vulnerability
Joomla Component SEF (com_sef) - Local File Inclusion Vulnerability
artforms 2.1b7.2 rc2 joomla component Multiple Vulnerabilities
artforms 2.1b7.2 rc2 joomla component - Multiple Vulnerabilities
Qt 4.6.3 - _QSslSocketBackendPrivate::transmit()_ Denial of Service
Qt 4.6.3 - 'QSslSocketBackendPrivate::transmit()' Denial of Service
Macs CMS 1.1.4 - Multiple Vulnerabilities (XSS/CSRF)
Macs CMS 1.1.4 - (XSS/CSRF) Multiple Vulnerabilities
GetSimple CMS 2.01 - Multiple Vulnerabilities (XSS/CSRF)
Ubuntu 9.10 (Karmic Koala) & 10.04 LTS (Lucid Lynx) PAM 1.1.0 MOTD - Local Root Exploit
GetSimple CMS 2.01 - (XSS/CSRF) Multiple Vulnerabilities
PAM 1.1.0 MOTD (Ubuntu 9.10/10.04) - Local Root Exploit
Joomla Component QContacts (com_qcontacts) SQL Injection Vulnerability
Joomla Component QContacts (com_qcontacts) - SQL Injection Vulnerability
Ubuntu 10.04 LTS - Lucid Lynx ftp Client 0.17-19build1 ACCT - Buffer Overflow
ftp Client 0.17-19build1 ACCT (Ubuntu 10.04) - Buffer Overflow
Microsoft Windows - Win32k.sys Driver _CreateDIBPalette()_ Buffer Overflow
Microsoft Windows - Win32k.sys Driver 'CreateDIBPalette()' Buffer Overflow
Easy FTP - BoF Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands
Zendesk Multiple Vulnerabilities
Easy FTP 1.7.0.11 - BoF Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands
Zendesk - Multiple Vulnerabilities
Mediacoder 0.7.5.4710 - _Universal_ SEH Buffer Overflow Exploit
Mediacoder 0.7.5.4710 - 'Universal' SEH Buffer Overflow Exploit
Simple Forum PHP Multiple Vulnerabilities
Simple Forum PHP - Multiple Vulnerabilities
Linux Kernel < 2.6.36-rc1 CAN BCM - Privilege Escalation Exploit
Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32-21) - Privilege Escalation Exploit
Apple QuickTime __Marshaled_pUnk_ Backdoor Param Client-Side Arbitrary Code Execution
Apple QuickTime '_Marshaled_pUnk' Backdoor Param Client-Side Arbitrary Code Execution
Adobe Acrobat Reader and Flash Player - _newclass_ invalid pointer
Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer
Shop a la Cart Multiple Vulnerabilities
Shop a la Cart - Multiple Vulnerabilities
ifnuke - Multiple Vulnerabilities (0day)
ifnuke - (0day) Multiple Vulnerabilities
dynpage <= 1.0 - Multiple Vulnerabilities (0day)
dynpage <= 1.0 - (0day) Multiple Vulnerabilities
sirang web-based d-control Multiple Vulnerabilities
sirang web-based d-control - Multiple Vulnerabilities
Microsoft Office Visio - .DXF File Stack based Overflow
Microsoft Office Visio 2002 - .DXF File Stack based Overflow
Mozilla Firefox - XSLT Sort Remote Code Execution Vulnerability
Mozilla Firefox 3.6.3 - XSLT Sort Remote Code Execution Vulnerability
Zeeways Adserver Multiple Vulnerabilities
Zeeways Adserver - Multiple Vulnerabilities
Microsoft Office Word 2007 - sprmCMajority Buffer Overflow
Microsoft Office Word 2007 SP2 - sprmCMajority Buffer Overflow
Adobe Acrobat and Reader - _pushstring_ Memory Corruption
Adobe Acrobat and Reader - 'pushstring' Memory Corruption
Linux Kernel 2.6.27 < 2.6.36 - x86_64 compat Local Root Exploit
Linux Kernel 2.6.27 < 2.6.36 (x86_64) (Redhat) - compat Local Root Exploit
Firefox Plugin Parameter EnsureCachedAttrParamArrays - Remote Code Execution
Firefox 3.6.4 - Plugin Parameter EnsureCachedAttrParamArrays - Remote Code Execution
xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection _reviews.php_
xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection 'reviews.php'
Java CMM readMabCurveData - Stack Overflow
Java 6.19 CMM readMabCurveData - Stack Overflow
Microsoft drm technology (msnetobj.dll) ActiveX Multiple Vulnerabilities
RarCrack 0.2 - _filename_ init() .bss PoC
Microsoft drm technology (msnetobj.dll) ActiveX - Multiple Vulnerabilities
RarCrack 0.2 - 'filename' init() .bss PoC
je guestbook 1.0 joomla component Multiple Vulnerabilities
je guestbook 1.0 joomla component - Multiple Vulnerabilities
Allpc 2.5 osCommerce SQL/XSS Multiple Vulnerabilities
Allpc 2.5 osCommerce - (SQL/XSS) Multiple Vulnerabilities
Linux Kernel < 2.6.36-rc6 - pktcdvd Kernel Memory Disclosure
Linux Kernel < 2.6.36-rc6 (Redhat/Ubuntu 10.04) - pktcdvd Kernel Memory Disclosure Proof of Concept
TradeMC E-Ticaret SQL and XSS Multiple Vulnerabilities
TradeMC E-Ticaret (SQL/XSS) Multiple Vulnerabilities
Cag CMS 0.2 - XSS & Blind SQL Injection Multiple Vulnerabilities
Cag CMS 0.2 - (XSS/Blind SQL Injection) Multiple Vulnerabilities
js calendar 1.5.1 joomla component Multiple Vulnerabilities
js calendar 1.5.1 joomla component - Multiple Vulnerabilities
Oracle Java 6 - OBJECT tag _launchjnlp_/_docbase_ Param Buffer Overflow Exploit
Oracle Java 6 - OBJECT tag 'launchjnlp'/'docbase' Param Buffer Overflow Exploit
Linux Kernel - VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability
Linux Kernel <= 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability
Sybase Advantage Data Architect - _*.SQL_ Format Heap Oveflow
Sybase Advantage Data Architect - '*.SQL' Format Heap Oveflow
Minishare 1.5.5 - Buffer Overflow Vulnerability (users.txt)
Minishare 1.4.0 - 1.5.5 - Buffer Overflow Vulnerability (users.txt)
Linux Kernel - Stack Infoleaks Vulnerability
Linux Kernel <= 2.4.0 - Stack Infoleaks Vulnerability
Joomla Component ccBoard 1.2-RC Multiple Vulnerabilities
Joomla Component ccBoard 1.2-RC - Multiple Vulnerabilities
CLANSPHERE 2010.0 Final Multiple Vulnerabilities
CLANSPHERE 2010.0 Final - Multiple Vulnerabilities
Linux Kernel - 'setup_arg_pages()' Denial of Service Vulnerability
Linux Kernel <= 2.6.37 - 'setup_arg_pages()' Denial of Service Vulnerability
Linux Kernel - Unix Sockets Local Denial of Service
Linux Kernel <= 2.6.37 - Unix Sockets Local Denial of Service
Site2Nite Big Truck Broker _txtSiteId_ SQL Injection Vulnerability
Site2Nite Big Truck Broker - 'txtSiteId' SQL Injection Vulnerability
Linux Kernel <= 2.6.37 - Local Privilege Escalation (Full Nelson)
Linux Kernel <= 2.6.37 (Redhat / Ubuntu 10.04) - 'Full Nelson' Local Privilege Escalation
Habari Blog Multiple Vulnerabilities
Habari Blog - Multiple Vulnerabilities
Linux Kernel 2.6.34 - CAP_SYS_ADMIN x86 - Local Privilege Escalation Exploit
Linux Kernel < 2.6.34 (Ubuntu 10.10) - CAP_SYS_ADMIN x86 - Local Privilege Escalation Exploit (1)
F3Site 2011 alfa 1 - Multiple Vulnerabilities (XSS & CSRF)
phpMySport 1.4 - Multiple Vulnerabilities (SQLi & Auth Bypass & Path Disclosure)
F3Site 2011 alfa 1 - (XSS & CSRF) Multiple Vulnerabilities
phpMySport 1.4 - (SQLi & Auth Bypass & Path Disclosure) Multiple Vulnerabilities
Linux Kernel < 2.6.34 - CAP_SYS_ADMIN x86 & x64 - Local Privilege Escalation Exploit (2)
Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 110.10) - Local Privilege Escalation Exploit (2)
Comcast DOCSIS 3.0 Business Gateways Multiple Vulnerabilities
Comcast DOCSIS 3.0 Business Gateways - Multiple Vulnerabilities
T-Content Managment System Multiple Vulnerabilities
T-Content Managment System - Multiple Vulnerabilities
Samba _username map script_ Command Execution
Samba 'username map script' Command Execution
Adobe CoolType SING Table _uniqueName_ Stack Buffer Overflow
Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow
Microsoft Internet Explorer - _Aurora_ Memory Corruption
Microsoft Internet Explorer - 'Aurora' Memory Corruption
Adobe Flash Player _newfunction_ Invalid Pointer Use
Adobe Flash Player - 'newfunction' Invalid Pointer Use
Adobe CoolType SING Table _uniqueName_ Stack Buffer Overflow
Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow
Adobe Flash Player _Button_ Remote Code Execution
Adobe Flash Player - 'Button' Remote Code Execution
Adobe Flash Player _newfunction_ Invalid Pointer Use
Adobe Flash Player - 'newfunction' Invalid Pointer Use
Unreal Tournament 2004 - _secure_ Overflow (Win32)
Unreal Tournament 2004 - 'secure' Overflow (Windows)
Unreal Tournament 2004 - _secure_ Overflow (Linux)
Unreal Tournament 2004 - 'secure' Overflow (Linux)
Tugux CMS 1.0_final Multiple Vulnerabilities
Tugux CMS 1.0_final - Multiple Vulnerabilities
Honey Soft Web Solution Multiple Vulnerabilities
Honey Soft Web Solution - Multiple Vulnerabilities
Joomla JCE Component (com_jce) Blind SQL Injection Vulnerability
Joomla JCE Component (com_jce) - Blind SQL Injection Vulnerability
Parnian Opendata CMS SQL Injection Vulnerability
Parnian Opendata CMS - SQL Injection Vulnerability
Time and Expense Management System Multiple Vulnerabilities
Time and Expense Management System - Multiple Vulnerabilities
ZyWALL USG - Appliance Multiple Vulnerabilities
ZyWALL USG - Appliance - Multiple Vulnerabilities
Cisco Unified Operations Manager Multiple Vulnerabilities
Microsoft Windows Vista/Server 2008 - _nsiproxy.sys_ Local Kernel DoS Exploit
Cisco Unified Operations Manager - Multiple Vulnerabilities
Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel DoS Exploit
HP Data Protector Client EXEC_SETUP Remote Code Execution PoC (ZDI-11-056)
HP Data Protector Client 6.11 - EXEC_SETUP Remote Code Execution PoC (ZDI-11-056)
HP Data Protector Client EXEC_CMD Remote Code Execution PoC (ZDI-11-055)
HP Data Protector Client 6.11 - EXEC_CMD Remote Code Execution PoC (ZDI-11-055)
Mozilla Firefox - _nsTreeRange_ Dangling Pointer Exploit
Mozilla Firefox - 'nsTreeRange' Dangling Pointer Exploit
Ollance Member Login Script Multiple Vulnerabilities
Ollance Member Login Script - Multiple Vulnerabilities
Adobe Reader X Atom Type Confusion Vulnerability Exploit
Adobe Reader X 10.0.0 - 10.0.1 - Atom Type Confusion Vulnerability Exploit
Mozilla Firefox _nsTreeRange_ Dangling Pointer Vulnerability
Mozilla Firefox - 'nsTreeRange' Dangling Pointer Vulnerability
Tradingeye E-commerce Shopping Cart Multiple Vulnerabilities
Tradingeye E-commerce Shopping Cart - Multiple Vulnerabilities
CA ARCserve D2D r15 GWT RPC Multiple Vulnerabilities
Safari - SVG DOM Processing PoC
CA ARCserve D2D r15 GWT RPC - Multiple Vulnerabilities
Safari 5.0.6_ 5.1 - SVG DOM Processing PoC
Link Station Pro Multiple Vulnerabilities
Link Station Pro - Multiple Vulnerabilities
Cart Software Multiple Vulnerabilities
Cart Software - Multiple Vulnerabilities
Omnistar Mailer Multiple Vulnerabilities
Omnistar Mailer - Multiple Vulnerabilities
Linux Kernel - 'perf_count_sw_cpu_clock' event Denial of Service
Linux Kernel 3.0.0 - 'perf_count_sw_cpu_clock' event Denial of Service
Linux Kernel < 2.6.36.2 - Econet Privilege Escalation Exploit
Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - Econet Privilege Escalation Exploit
MYRE Real Estate Software Multiple Vulnerabilities
MYRE Real Estate Software - Multiple Vulnerabilities
Cisco TelePresence Multiple Vulnerabilities - SOS-11-010
Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities
FreeBSD UIPC socket heap Overflow proof-of-concept
FreeBSD - UIPC socket heap Overflow Proof of Concept
GotoCode Online Bookstore Multiple Vulnerabilities
GotoCode Online Bookstore - Multiple Vulnerabilities
DivX Plus Web Player _file://_ Buffer Overflow Vulnerability PoC
DivX Plus Web Player - 'file://' Buffer Overflow Vulnerability PoC
EFront <= 3.6.9 Community Edition Multiple Vulnerabilities
EFront <= 3.6.9 Community Edition - Multiple Vulnerabilities
GotoCode Online Classifieds Multiple Vulnerabilities
GotoCode Online Classifieds - Multiple Vulnerabilities
6kbbs Multiple Vulnerabilities
6kbbs - Multiple Vulnerabilities
POSH Multiple Vulnerabilities
POSH - Multiple Vulnerabilities
NoNumber Framework Joomla! Plugin Multiple Vulnerabilities
NoNumber Framework Joomla! Plugin - Multiple Vulnerabilities
Uiga Personal Portal Multiple Vulnerabilities
Uiga Personal Portal - Multiple Vulnerabilities
Barter Sites 1.3 Joomla Component Multiple Vulnerabilities
Barter Sites 1.3 Joomla Component - Multiple Vulnerabilities
zFTP Server _cwd/stat_ Remote Denial-of-Service
zFTP Server - 'cwd/stat' Remote Denial-of-Service
JEEMA Sms 3.2 Joomla Component Multiple Vulnerabilities
Vik Real Estate 1.0 Joomla Component Multiple Vulnerabilities
JEEMA Sms 3.2 Joomla Component - Multiple Vulnerabilities
Vik Real Estate 1.0 Joomla Component - Multiple Vulnerabilities
ZTE ZXDSL 831IIV7.5.0a_Z29_OV Multiple Vulnerabilities
ZTE ZXDSL 831IIV7.5.0a_Z29_OV - Multiple Vulnerabilities
osCSS2 - __ID_ parameter Local file inclusion
osCSS2 - '_ID' parameter Local file inclusion
Infoproject Business Hero Multiple Vulnerabilities
Infoproject Business Hero - Multiple Vulnerabilities
SugarCRM CE <= 6.3.1 - _unserialize()_ PHP Code Execution
SugarCRM CE <= 6.3.1 - 'unserialize()' PHP Code Execution
ARYADAD Multiple Vulnerabilities
Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) - Mempodipper Local Root (1)
ARYADAD - Multiple Vulnerabilities
Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) (Gentoo / Ubuntu) - Mempodipper Local Root (1)
vBSEO <= 3.6.0 - _proc_deutf()_ Remote PHP Code Injection Exploit
vBSEO <= 3.6.0 - 'proc_deutf()' Remote PHP Code Injection Exploit
swDesk Multiple Vulnerabilities
swDesk - Multiple Vulnerabilities
Fork CMS 3.2.4 - Multiple Vulnerabilities (LFI/XSS)
Fork CMS 3.2.4 - (LFI/XSS) Multiple Vulnerabilities
DFLabs PTK <= 1.0.5 - Multiple Vulnerabilities (Steal Authentication Credentials)
DFLabs PTK <= 1.0.5 - (Steal Authentication Credentials) Multiple Vulnerabilities
HomeSeer HS2 and HomeSeer PRO Multiple Vulnerabilities
HomeSeer HS2 and HomeSeer PRO - Multiple Vulnerabilities
Adobe Flash Player .mp4 - 'cprt' Overflow_
Adobe Flash Player .mp4 - 'cprt' Overflow
Wolfcms <= 0.75 - Multiple Vulnerabilities (CSRF - XSS)
Wolfcms <= 0.75 - (CSRF/XSS) Multiple Vulnerabilities
Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow_
Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow'
MailMax <= 4.6 - POP3 - _USER_ Remote Buffer Overflow Exploit (No Login Needed)
MailMax <= 4.6 - POP3 - 'USER' Remote Buffer Overflow Exploit (No Login Needed)
Samsung D6000 TV Multiple Vulnerabilities
Samsung D6000 TV - Multiple Vulnerabilities
Websense Triton Multiple Vulnerabilities
Websense Triton - Multiple Vulnerabilities
QNX phrelay/phindows/phditto Multiple Vulnerabilities
QNX phrelay/phindows/phditto - Multiple Vulnerabilities
Lynx Message Server Multiple Vulnerabilities
Lynx Message Server - Multiple Vulnerabilities
SAP Netweaver Dispatcher Multiple Vulnerabilities
SAP Netweaver Dispatcher - Multiple Vulnerabilities
elearning server 4g Multiple Vulnerabilities
elearning server 4g - Multiple Vulnerabilities
Pro-face Pro-Server EX WinGP PC Runtime Multiple Vulnerabilities
Pro-face Pro-Server EX WinGP PC Runtime - Multiple Vulnerabilities
Axous 1.1.1 - Multiple Vulnerabilities (CSRF - Persistent XSS)
Axous 1.1.1 - (CSRF/Persistent XSS) Multiple Vulnerabilities
Active Collab _chat module_ <= 2.3.8 - Remote PHP Code Injection Exploit
Active Collab 'chat module' <= 2.3.8 - Remote PHP Code Injection Exploit
SunOS <= 4.1.3 kmem setgid /etc/crash Vulnerability
SunOS <= 4.1.3 - kmem setgid /etc/crash Vulnerability
Linux kernel 2.0/2.1 - SIGIO Vulnerability
Linux Kernel 2.0 / 2.1 - SIGIO Vulnerability
Digital UNIX <= 4.0 D_FreeBSD <= 2.2.4_HP HP-UX 10.20/11.0_IBM AIX <= 3.2.5_Linux kernel 2.0/2.1_NetBSD 1.2_Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability
Linux Kernel 2.0/2.1_ Digital UNIX <= 4.0 D_ FreeBSD <= 2.2.4_ HP HP-UX 10.20/11.0_ IBM AIX <= 3.2.5_ NetBSD 1.2_ Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability
Microsoft Windows - _April Fools 2001_ Vulnerability
Microsoft Windows - 'April Fools 2001' Vulnerability
Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 RAS Dial-up Networking _Save Password_ Vulnerability
Microsoft Windows NT <= 4.0 SP5_Terminal Server 4.0 - _Pass the Hash_ with Modified SMB Client Vulnerability
Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - RAS Dial-up Networking 'Save Password' Vulnerability
Microsoft Windows NT <= 4.0 SP5_Terminal Server 4.0 - 'Pass the Hash' with Modified SMB Client Vulnerability
Linux Kernel 2.2/2.3 / Debian Linux 2.1 / RedHat Linux 6.0 / S.u.S.E. Linux 6.1 - IP Options Vulnerability
Linux kernel 2.0/2.1/2.2 - autofs Vulnerability
Linux Kernel 2.0 / 2.1 / 2.2 - autofs Vulnerability
QNAP Turbo NAS 3.6.1 Build 0302T Multiple Vulnerabilities
QNAP Turbo NAS 3.6.1 Build 0302T - Multiple Vulnerabilities
Linux kernel 2.0 - TCP Port DoS Vulnerability
Linux kernel 2.2 - ldd core Vulnerability
Linux Kernel 2.0 - TCP Port DoS Vulnerability
Linux Kernel 2.2 - ldd core Force Reboot Vulnerability
Linux kernel 2.0.33 - IP Fragment Overlap Vulnerability
Linux Kernel 2.0.33 - IP Fragment Overlap Vulnerability
Linux kernel 2.0/2.0.33 - i_count Overflow Vulnerability
Linux Kernel 2.0 / 2.0.33 - i_count Overflow Proof of Concept
IBM System Storage DS Storage Manager Profiler Multiple Vulnerabilities
IBM System Storage DS Storage Manager Profiler - Multiple Vulnerabilities
Linux kernel 2.0.37 - Segment Limit Vulnerability
Linux Kernel 2.0.37 - Segment Limit Local Root Vulnerability
BSD/OS <= 4.0_FreeBSD <= 3.2_Linux kernel <= 2.3_NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability
Linux Kernel <= 2.3_ BSD/OS <= 4.0_ FreeBSD <= 3.2_ NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability
Quinn _the Eskimo_ and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Vulnerability
Quinn 'the Eskimo' and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Vulnerability
Fujitsu Chocoa 1.0 beta7R _Topic_ Buffer Overflow Vulnerability
Fujitsu Chocoa 1.0 beta7R - 'Topic' Buffer Overflow Vulnerability
Linux kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing Vulnerability
Linux Kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing Vulnerability
Microsoft Internet Explorer 5.0 - ActiveX _Object for constructing type libraries for scriptlets_ Vulnerability
Microsoft Internet Explorer 5.0 - ActiveX 'Object for constructing type libraries for scriptlets' Vulnerability
Microsoft Internet Explorer 4.0/5.0 - ActiveX _Eyedog_ Vulnerability
Microsoft Internet Explorer 4.0/5.0 - ActiveX 'Eyedog' Vulnerability
Linux kernel 2.2 - Predictable TCP Initial Sequence Number Vulnerability
Linux Kernel 2.2 - Predictable TCP Initial Sequence Number Vulnerability
MediaHouse Software Statistics Server 4.28/5.1 - _Server ID_ Buffer Overflow Vulnerability
MediaHouse Software Statistics Server 4.28/5.1 - 'Server ID' Buffer Overflow Vulnerability
Tiki Wiki CMS Groupware <= 8.3 - _unserialize()_ PHP Code Execution
Tiki Wiki CMS Groupware <= 8.3 - 'unserialize()' PHP Code Execution
Debian 2.1_Linux kernel 2.0.x_RedHat 5.2 - Packet Length with Options Vulnerability
Debian 2.1_ Linux Kernel 2.0.x_ RedHat 5.2 - Packet Length with Options Vulnerability
Linux Kernel - fs/eventpoll.c Local Denial of Service
Linux Kernel <= 3.2.24 - fs/eventpoll.c Local Denial of Service
Netscape Enterprise Server _Novell Groupwise 5.2/5.5 GWWEB.EXE Multiple Vulnerabilities
Netscape Enterprise Server_ Novell Groupwise 5.2/5.5 GWWEB.EXE - Multiple Vulnerabilities
Netsweeper WebAdmin Portal Multiple Vulnerabilities
Netsweeper WebAdmin Portal - Multiple Vulnerabilities
Check Point Software Firewall-1 3.0/1 4.0_Cisco PIX Firewall 4.x/5.x _ALG_ Client Vulnerability
Check Point Software Firewall-1 3.0/1 4.0_Cisco PIX Firewall 4.x/5.x - 'ALG' Client Vulnerability
gpm 1.18.1/1.19_Debian 2.x_RedHat 6.x_S.u.S.E 5.3/6.x gpm Setgid Vulnerability
gpm 1.18.1/1.19_ Debian 2.x_ RedHat 6.x_ S.u.S.E 5.3/6.x gpm Setgid Vulnerability
Linux kernel 2.2.12/2.2.14/2.3.99_RedHat 6.x - Socket Denial of Service
Linux Kernel 2.2.12/2.2.14/2.3.99_ RedHat 6.x - Socket Denial of Service
Linux Kernel - Sendpage Local Privilege Escalation
Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - Sendpage Local Privilege Escalation (Metasploit)
kernel 2.2.x/2.4 .0-test1_SGI ProPack 1.2/1.3 - Capabilities Vulnerability (1)
kernel 2.2.x/2.4 .0-test1_SGI ProPack 1.2/1.3 - Capabilities Vulnerability (2)
Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1)
Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2)
Cart32 3.0 - _expdate_ Administrative Information Disclosure Vulnerability
Cart32 3.0 - 'expdate' Administrative Information Disclosure Vulnerability
DALnet Bahamut IRCd 4.6.5 - _SUMMON_ Buffer Overflow Vulnerability
DALnet Bahamut IRCd 4.6.5 - 'SUMMON' Buffer Overflow Vulnerability
BitchX IRC Client 75p1/75p3/1.0 c16 - _/INVITE_ Format String Vulnerability
BitchX IRC Client 75p1/75p3/1.0 c16 - '/INVITE' Format String Vulnerability
CVSWeb Developer CVSWeb 1.80 insecure perl _open_ Vulnerability
CVSWeb Developer CVSWeb 1.80 - Insecure perl 'open' Vulnerability
Microsoft IIS 5.0 - _Translate: f_ Source Disclosure Vulnerability (1)
Microsoft IIS 5.0 - _Translate: f_ Source Disclosure Vulnerability (2)
Microsoft IIS 5.0 - 'Translate: f' Source Disclosure Vulnerability (1)
Microsoft IIS 5.0 - 'Translate: f' Source Disclosure Vulnerability (2)
Solaris 2.6/7.0 - _eject_ Exploit for locale subsystem format string
Solaris 2.6/7.0 - 'eject' Exploit for locale subsystem format string
UoW Pine 4.0.4/4.10/4.21 - _From:_ Field Buffer Overflow Vulnerability
UoW Pine 4.0.4/4.10/4.21 - 'From:' Field Buffer Overflow Vulnerability
Microsoft Windows NT 4.0 / 2000 Predictable LPC Message Identifier Multiple Vulnerabilities
Microsoft Windows NT 4.0 / 2000 Predictable LPC Message Identifier - Multiple Vulnerabilities
Tickets CAD 2.20G Multiple Vulnerabilities
Tickets CAD 2.20G - Multiple Vulnerabilities
Cisco IOS 12 - Software _?/_ HTTP Request DoS Vulnerability
Cisco IOS 12 - Software '?/' HTTP Request DoS Vulnerability
Markus Triska CGIForum 1.0 - _thesection_ Directory Traversal Vulnerability
Markus Triska CGIForum 1.0 - 'thesection' Directory Traversal Vulnerability
Tunnelblick - Local Root Exploit
Tunnelblick - Local Root Exploit (1)
Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (1)
Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (2)
Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (3)
Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (4)
Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (1)
Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (2)
Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (3)
Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (4)
ReiserFS 3.5.28 Kernel - DoS (Possible Code Execution Vulnerability)
(Linux Kernel) ReiserFS 3.5.28 - DoS (Possible Code Execution)
Linux kernel 2.1.89/2.2.x - Zero-Length Fragment Vulnerability
Linux Kernel 2.1.89 / 2.2.x - Zero-Length Fragment Vulnerability
Linux sysctl() Kernel 2.2.x - Memory Reading Vulnerability
Linux Kernel 2.2.x - sysctl() Memory Reading Proof of Concept Vulnerability
IOServer _Root Directory_ Trailing Backslash Multiple Vulnerabilities
IOServer - ('Root Directory'/Trailing Backslash) Multiple Vulnerabilities
Linux kernel <= 2.2.18 - ptrace/execve Race Condition Vulnerability (1)
Linux kernel <= 2.2.18 - ptrace/execve Race Condition Vulnerability (2)
Linux Kernel <= 2.2.18 (RH 7.0 and RH 6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (1)
Linux Kernel <= 2.2.18 (RH 7.0 and RH 6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (2)
Linux kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion
Linux Kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion
Rit Research Labs _The Bat!_ 1.x - Missing Linefeeds DoS Vulnerability
Rit Research Labs 'The Bat!' 1.x - Missing Linefeeds DoS Vulnerability
Ad Manager Pro Multiple Vulnerabilities
Ad Manager Pro - Multiple Vulnerabilities
Linux kernel 2.2/2.4 - procfs Stream Redirection to Process Memory Vulnerability
Linux Kernel 2.2 / 2.4 - procfs Stream Redirection to Process Memory Local Root Vulnerability
HP-UX 11_Linux kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 - Small TCP MSS DoS
HP-UX 11_Linux Kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 - Small TCP MSS DoS
ID Software Quake 3 - _smurf attack_ Denial of Service Vulnerability
ID Software Quake 3 - 'smurf attack' Denial of Service Vulnerability
Linux kernel 2.2/2.4 - Deep Symbolic Link Denial of Service Vulnerability
Linux Kernel 2.2 / 2.4 - Deep Symbolic Link Denial of Service Vulnerability
Linux Kernel 2.2/2.4 - Ptrace/Setuid Exec Vulnerability
Linux Kernel 2.2 / 2.4 - Ptrace/Setuid Exec Local Root Vulnerability
Pinterest Clone Script Multiple Vulnerabilities
Pinterest Clone Script - Multiple Vulnerabilities
User-Mode Linux Kernel 2.4.17-8 - Memory Access Vulnerability
User-Mode Linux Kernel 2.4.17-8 - Memory Access Local Root Vulnerability
Sitecom MD-25x Multiple Vulnerabilities Reverse Root Shell Exploit
Sitecom MD-25x - Multiple Vulnerabilitie/ Reverse Root Shell Exploit
Ezylog Photovoltaic Management Server Multiple Vulnerabilities
Ezylog Photovoltaic Management Server - Multiple Vulnerabilities
Auxilium PetRatePro Multiple Vulnerabilities
Netsweeper WebAdmin Portal Multiple Vulnerabilities
Auxilium PetRatePro - Multiple Vulnerabilities
Netsweeper WebAdmin Portal - Multiple Vulnerabilities
Linux Kernel 2.2.x/2.3/2.4.x - d_path() Path Truncation Vulnerability
Linux Kernel 2.2.x / 2.3 / 2.4.x - d_path() Path Truncation PoC Vulnerability
Fortigate UTM WAF Appliance Multiple Vulnerabilities
Fortigate UTM WAF Appliance - Multiple Vulnerabilities
Working Resources BadBlue 1.7 EXT.DLL Cross-Site Scripting Vulnerability
Working Resources BadBlue 1.7 - EXT.DLL Cross-Site Scripting Vulnerability
Working Resources BadBlue 1.7.3 cleanSearchString() Cross-Site Scripting Vulnerability
Working Resources BadBlue 1.7.3 Get Request Denial of Service Vulnerability
Working Resources BadBlue 1.7.3 - cleanSearchString() Cross-Site Scripting Vulnerability
Working Resources BadBlue 1.7.3 - Get Request Denial of Service Vulnerability
Working Resources 1.7.3 BadBlue Null Byte File Disclosure Vulnerability
Working Resources 1.7.3 BadBlue - Null Byte File Disclosure Vulnerability
Working Resources 1.7.x BadBlue Administrative Interface Arbitrary File Access
Working Resources 1.7.x BadBlue - Administrative Interface Arbitrary File Access
Qualcomm Eudora 5 MIME Multipart Boundary Buffer Overflow Vulnerability
Qualcomm Eudora 5 - MIME Multipart Boundary Buffer Overflow Vulnerability
AFD 1.2.x Working Directory Local Buffer Overflow Vulnerabilities
AFD 1.2.x - Working Directory Local Buffer Overflow Vulnerabilities
Trillian 0.74 IRC PART Message Denial of Service Vulnerability
Trillian 0.74 - IRC PART Message Denial of Service Vulnerability
Linux Kernel 2.0.x/2.2.x/2.4.x_FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure
Linux Kernel 2.0.x/2.2.x/2.4.x / FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure
Linux Kernel 2.2.x/2.4.x - Privileged Process Hijacking Vulnerability (1)
Linux Kernel 2.2.x/2.4.x - Privileged Process Hijacking Vulnerability (2)
Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Vulnerability (1)
Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Vulnerability (2)
Invision Power Board <= 3.3.4 - _unserialize()_ PHP Code Execution
Invision Power Board <= 3.3.4 - 'unserialize()' PHP Code Execution
Linux kernel 2.2.x/2.4.x - I/O System Call File Existence Weakness
Linux Kernel 2.2.x / 2.4.x - I/O System Call File Existence Weakness
CheckPoint/Sofaware Firewall Multiple Vulnerabilities
CheckPoint/Sofaware Firewall - Multiple Vulnerabilities
Working Resources 1.7.x/2.15 BadBlue Ext.DLL Command Execution Vulnerability
Working Resources 1.7.x/2.15 BadBlue - Ext.DLL Command Execution Vulnerability
Working Resources BadBlue 1.7.x/2.x Unauthorized HTS Access Vulnerability
Working Resources BadBlue 1.7.x/2.x - Unauthorized HTS Access Vulnerability
Microsoft IIS 5 WebDAV - PROPFIND and SEARCH Method Denial of Service Vulnerability
MYRE Realty Manager Multiple Vulnerabilities
MYRE Realty Manager - Multiple Vulnerabilities
Myrephp Business Directory Multiple Vulnerabilities
MYREphp Vacation Rental Software Multiple Vulnerabilities
Myrephp Business Directory - Multiple Vulnerabilities
MYREphp Vacation Rental Software - Multiple Vulnerabilities
BabyGekko 1.2.2e Multiple Vulnerabilities
BabyGekko 1.2.2e - Multiple Vulnerabilities
Linux kernel 2.2./2.4.x - /proc Filesystem Potential Information Disclosure Vulnerability
Linux Kernel 2.2. / 2.4.x - /proc Filesystem Potential Information Disclosure Vulnerability
Linux Kernel 2.4 - execve() System Call Race Condition Vulnerability
Linux Kernel 2.4 - execve() System Call Race Condition PoC Vulnerability
Aardvark Topsites 4.1 PHP Multiple Vulnerabilities
Aardvark Topsites 4.1 PHP - Multiple Vulnerabilities
phpwcms <= 1.5.4.6 - _preg_replace_ - Multiple Vulnerabilities
phpwcms <= 1.5.4.6 - 'preg_replace' - Multiple Vulnerabilities
KAME Racoon _Initial Contact_ SA Deletion Vulnerability
lionmax software www file share pro 2.4x Multiple Vulnerabilities (1)
lionmax software www file share pro 2.4x Multiple Vulnerabilities (2)
KAME Racoon 'Initial Contact' SA Deletion Vulnerability
lionmax software www file share pro 2.4x - Multiple Vulnerabilities (1)
lionmax software www file share pro 2.4x - Multiple Vulnerabilities (2)
DUware Software Multiple Vulnerabilities
DUware Software - Multiple Vulnerabilities
Linux Kernel Samba 2.2.8 - Share Local Privilege Elevation Vulnerability
Linux Kernel Samba 2.2.8 (Debian/Mandrake) - Share Local Privilege Elevation Vulnerability
ASP Portal Multiple Vulnerabilities
ASP Portal - Multiple Vulnerabilities
Working Resources BadBlue Server 2.40 phptest.php Path Disclosure Vulnerability
Working Resources BadBlue Server 2.40 - phptest.php Path Disclosure Vulnerability
SpiderSales 2.0 Shopping Cart Multiple Vulnerabilities
SpiderSales 2.0 Shopping Cart - Multiple Vulnerabilities
WarpSpeed 4nAlbum Module 0.92 modules.php gid Parameter SQL Injection
WarpSpeed 4nAlbum Module 0.92 - modules.php gid Parameter SQL Injection
Astium VoIP PBX <= 2.1 build 25399 - Multiple Vulnerabilities Remote Root Exploit
Astium VoIP PBX <= 2.1 build 25399 - Multiple Vulnerabilities/Remote Root Exploit
Linux Kernel 2.4/2.6 - Sigqueue Blocking Denial of Service Vulnerability
Linux Kernel 2.4 / 2.6 - Sigqueue Blocking Denial of Service Vulnerability
phpBugTracker 0.9 user.php bugid Parameter XSS
phpBugTracker 0.9 - user.php bugid Parameter XSS
Linux Kernel 2.5.x/2.6.x - CPUFreq Proc Handler Integer Handling Vulnerability
Linux Kernel 2.5.x / 2.6.x - CPUFreq Proc Handler Integer Handling Vulnerability
e107 website system 0.6 - _email article to a friend_ Feature XSS
e107 website system 0.6 - 'email article to a friend' Feature XSS
Rlpr 2.0 msg() Function Multiple Vulnerabilities
Rlpr 2.0 msg() Function - Multiple Vulnerabilities
Mozilla Browser 0.9/1.x Cache File Multiple Vulnerabilities
Mozilla Browser 0.9/1.x Cache File - Multiple Vulnerabilities
SCO Multi-channel Memorandum Distribution Facility Multiple Vulnerabilities
SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities
Working Resources BadBlue 1.7.x/2.x Unauthorized Proxy Relay Vulnerability
Working Resources BadBlue 1.7.x/2.x - Unauthorized Proxy Relay Vulnerability
Netgear SPH200D Multiple Vulnerabilities
Netgear SPH200D - Multiple Vulnerabilities
Fortinet FortiMail 400 IBE Multiple Vulnerabilities
Fortinet FortiMail 400 IBE - Multiple Vulnerabilities
Cisco Unity Express Multiple Vulnerabilities
Cisco Unity Express - Multiple Vulnerabilities
Linux Kernel - /dev/ptmx Key Stroke Timing Local Disclosure
Linux Kernel <= 2.6.32-5 (Debian 6.0.5) - /dev/ptmx Key Stroke Timing Local Disclosure
SAP Netweaver Message Server Multiple Vulnerabilities
SAP Netweaver Message Server - Multiple Vulnerabilities
Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Vulnerability
Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Remote PoC Vulnerability
Microsoft Internet Explorer 6.0_ Firefox 0.x_Netscape 7.x - IMG Tag Multiple Vulnerabilities
Microsoft Internet Explorer 6.0_ Firefox 0.x_Netscape 7.x - IMG Tag - Multiple Vulnerabilities
Ubuntu 12.10 - (64-Bit) sock_diag_handlers - Local Root Exploit
Linux Kernel <= 3.7.10 (Ubuntu 12.10) (64-Bit) - sock_diag_handlers Local Root Exploit
event calendar Multiple Vulnerabilities
event calendar - Multiple Vulnerabilities
opera Web browser 7.54 java implementation Multiple Vulnerabilities (1)
opera Web browser 7.54 java implementation Multiple Vulnerabilities (2)
opera Web browser 7.54 java implementation Multiple Vulnerabilities (3)
opera Web browser 7.54 java implementation Multiple Vulnerabilities (4)
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (1)
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (2)
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (3)
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (4)
ca3de Multiple Vulnerabilities
ca3de - Multiple Vulnerabilities
Vivotek IP Cameras Multiple Vulnerabilities
Vivotek IP Cameras - Multiple Vulnerabilities
Working Resources BadBlue 2.55 MFCISAPICommand Remote Buffer Overflow Vulnerability (1)
Working Resources BadBlue 2.55 MFCISAPICommand Remote Buffer Overflow Vulnerability (2)
Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow Vulnerability (1)
Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow Vulnerability (2)
Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Vulnerability (1)
Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Vulnerability (2)
Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (1)
Linux Kernel 2.6.x / <= 2.6.9 / <= 2.6.11 (RHEL4) - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (2)
Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities
Linux Kernel 2.4.x / 2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities
Icecast 2.x - XSL Parser Multiple Vulnerabilities
Icecast 2.x - XSL Parser - Multiple Vulnerabilities
Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (1)
Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (2)
Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (3)
Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (4)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index PoC Vulnerability (1)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (2)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (3)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (4)
Linux Kernel 2.6.37 <= 3.x.x - PERF_EVENTS Local Root Exploit
Linux Kernel 2.6.37 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit
MetaCart2 IntCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 StrSubCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 CurCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 - IntCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 - StrSubCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 - CurCatalogID Parameter Remote SQL Injection Vulnerability
neteyes nexusway border gateway Multiple Vulnerabilities
neteyes nexusway border gateway - Multiple Vulnerabilities
McAfee IntruShield Security Management System Multiple Vulnerabilities
McAfee IntruShield Security Management System - Multiple Vulnerabilities
Gaim AIM/ICQ Protocols Multiple Vulnerabilities
Gaim AIM/ICQ Protocols - Multiple Vulnerabilities
bfcommand & control server 1.22/2.0/2.14 manager Multiple Vulnerabilities
bfcommand & control server 1.22/2.0/2.14 manager - Multiple Vulnerabilities
Linux Kernel <= 2.6 - Console Keymap Local Command Injection Vulnerability
Linux Kernel <= 2.6 - Console Keymap Local Command Injection PoC
QuickPayPro 3.1 subscribers.tracking.edit.php subtrackingid Parameter SQL Injection
QuickPayPro 3.1 - subscribers.tracking.edit.php subtrackingid Parameter SQL Injection
QuickPayPro 3.1 tracking.details.php trackingid Parameter SQL Injection
QuickPayPro 3.1 - tracking.details.php trackingid Parameter SQL Injection
oracle application server discussion forum portlet Multiple Vulnerabilities
oracle application server discussion forum portlet - Multiple Vulnerabilities
Linux Kernel - 'MSR' Driver Local Privilege Escalation
Linux Kernel (Redhat) (32bit/64bit) - 'MSR' Driver Local Privilege Escalation
Linux Kernel 2.4.x/2.5.x/2.6.x - Ssockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities
Linux Kernel 2.4.x/2.5.x/2.6.x - Sockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities
Apache James 2.2 SMTP Denial of Service Vulnerability
Apache James 2.2 - SMTP Denial of Service Vulnerability
Linux Kernel - NFS and EXT3 Combination Remote Denial of Service Vulnerability
Linux Kernel 2.6.x (<= 2.6.17.7) - NFS and EXT3 Combination Remote Denial of Service Vulnerability
Microsoft windows xp/2000/2003 help Multiple Vulnerabilities
Microsoft Windows XP/2000/2003 help - Multiple Vulnerabilities
ArticleSetup Multiple Vulnerabilities
ArticleSetup - Multiple Vulnerabilities
PhotoStore details.php gid Parameter XSS
PhotoStore view_photog.php photogid Parameter XSS
PhotoStore details.php - gid Parameter XSS
PhotoStore view_photog.php - photogid Parameter XSS
MailEnable 2.x SMTP NTLM Authentication Multiple Vulnerabilities
MailEnable 2.x - SMTP NTLM Authentication - Multiple Vulnerabilities
BlooMooWeb 1.0.9 - ActiveX Control Multiple Vulnerabilities
BlooMooWeb 1.0.9 - ActiveX Control - Multiple Vulnerabilities
Simplog 0.9.3 BlogID Parameter Multiple SQL Injection Vulnerabilities
Simplog 0.9.3 BlogID Parameter - Multiple SQL Injection Vulnerabilities
Oracle January 2007 Security Update Multiple Vulnerabilities
Oracle January 2007 Security Update - Multiple Vulnerabilities
Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference Vulnerability
Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference DoS Vulnerability
E-Xoops 1.0.5/1.0.8 modules/arcade/index.php gid Parameter SQL Injection
E-Xoops 1.0.5/1.0.8 modules/arcade/index.php gid Parameter - SQL Injection
LANAI CMS 1.2.14 GALLERY Module gid Parameter SQL Injection
LANAI CMS 1.2.14 GALLERY Module - gid Parameter SQL Injection
OpenBase 10.0.x - Multiple Vulnerabilities (Buffer Overflow & Remote Command Execution)
OpenBase 10.0.x - (Buffer Overflow & Remote Command Execution) Multiple Vulnerabilities
ZyXEL P-330W Multiple Vulnerabilities
ZyXEL P-330W - Multiple Vulnerabilities
WinComLPD Total 3.0.2.623 - Multiple Vulnerabilities (Buffer Overflow and Authentication Bypass)
WinComLPD Total 3.0.2.623 - (Buffer Overflow and Authentication Bypass) Multiple Vulnerabilities
Zilab Chat and Instant Messaging (ZIM) 2.0/2.1 - Server Multiple Vulnerabilities
Zilab Chat and Instant Messaging (ZIM) 2.0/2.1 Server - Multiple Vulnerabilities
Linux Kernel 3.4 < 3.13.2 - Arbitrary write with CONFIG_X86_X32
Linux Kernel 3.4 < 3.13.2 - Local Root (CONFIG_X86_X32=y)
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - Arbitrary Write with CONFIG_X86_X32 Exploit
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - Local Root (CONFIG_X86_X32=y)
IBM solidDB 6.0.10 - Multiple Vulnerabilities (Format String and Denial of Service)
IBM solidDB 6.0.10 - (Format String and Denial of Service) Multiple Vulnerabilities
Linux Kernel < 3.4.5 - Local Root Exploit (ARM - Android 4.2.2 / 4.4)
Linux Kernel < 3.4.5 (ARM - Android 4.2.2 / 4.4) - Local Root Exploit
Catia V5-6R2013 - _CATV5_AllApplications_ - Stack Buffer Overflow
Catia V5-6R2013 - 'CATV5_AllApplications' - Stack Buffer Overflow
Catia V5-6R2013 - _CATV5_Backbone_Bus_ - Stack Buffer Overflow
Catia V5-6R2013 - 'CATV5_Backbone_Bus' - Stack Buffer Overflow
Linux Kernel - utrace and ptrace Local Denial of Service Vulnerability (1)
Linux Kernel - utrace and ptrace Local Denial of Service Vulnerability (2)
Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service Vulnerability (1)
Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service Vulnerability (2)
EasyE-Cards 3.10 - Multiple Vulnerabilities (SQL Injection and Cross-Site Scripting)
EasyE-Cards 3.10 - (SQL Injection and Cross-Site Scripting) Multiple Vulnerabilities
Jamroom <= 3.3.8 - Multiple Vulnerabilities (Cookie Authentication Bypass and Unspecified Security Issues)
Jamroom <= 3.3.8 - (Cookie Authentication Bypass and Unspecified Security Issues) Multiple Vulnerabilities
LuxCal 3.2.2 - Multiple Vulnerabilities (CSRF/Blind SQL Injection)
LuxCal 3.2.2 - (CSRF/Blind SQL Injection) Multiple Vulnerabilities
Linux Kernel 2.6.x - Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness
PG Roommate Finder Solution quick_search.php part Parameter XSS
PG Roommate Finder Solution viewprofile.php part Parameter XSS
PG Roommate Finder Solution - quick_search.php part Parameter XSS
PG Roommate Finder Solution - viewprofile.php part Parameter XSS
Linux Kernel 2.6.31 - 'perf_counter_open()' Local Buffer Overflow Vulnerability
e107 0.7.x - Multiple Vulnerabilities ('CAPTCHA' Security Bypass and Cross-Site Scripting)
e107 0.7.x - ('CAPTCHA' Security Bypass and Cross-Site Scripting) Multiple Vulnerabilities
IBM Rational RequisitePro 7.10 ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp operation Parameter XSS
IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp operation Parameter XSS
Linux Kernel 2.6.x - 'pipe.c' Local Privilege Escalation Vulnerability (1)
Linux Kernel 2.6.x - pipe.c Local Privilege Escalation Vulnerability (2)
Linux Kernel 2.6.x (2.6.0 <= 2.6.31) - 'pipe.c' Local Privilege Escalation Vulnerability (1)
Linux Kernel 2.6.x - 'pipe.c' Local Privilege Escalation Vulnerability (2)
Linux Kernel 3.3 < 3.8 - SOCK_DIAG Local Root Exploit
Linux Kernel 3.3 < 3.8 (Ubuntu/Fedora 18) - SOCK_DIAG Local Root Exploit
Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation
Linux Kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation
Ubuntu 12.04.0-2LTS x64 - perf_swevent_init Kernel Local Root Exploit
Linux Kernel <= 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04.(0_1_2) x64) - perf_swevent_init Local Root Exploit
Linux Kernel - 'find_keyring_by_name()' Local Memory Corruption Vulnerability
Linux Kernel <= 2.6.34 - 'find_keyring_by_name()' Local Memory Corruption Vulnerability
Linux Kernel - ptrace/sysret - Local Privilege Escalation
Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation
Trend Micro InterScan Web Security Virtual Appliance Multiple Vulnerabilities
Trend Micro InterScan Web Security Virtual Appliance - Multiple Vulnerabilities
OpenLDAP 2.4.22 - 'modrdn' Request Multiple Vulnerabilities
OpenLDAP 2.4.22 - ('modrdn' Request) Multiple Vulnerabilities
ServletExec - Multiple Vulnerabilities (Directory Traversal and Authentication-Bypass)
ServletExec - (Directory Traversal and Authentication-Bypass) Multiple Vulnerabilities
Creative Contact Form - Arbitrary File Upload
Creative Contact Form 0.9.7 - Arbitrary File Upload
Aireplay-ng 1.2 beta3 - _tcp_test_ Length Parameter Stack Overflow
Aireplay-ng 1.2 beta3 - 'tcp_test' Length Parameter Stack Overflow
Windows OLE - Remote Code Execution _Sandworm_ Exploit (MS14-060)
Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060)
Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam Multiple Vulnerabilities
Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam - Multiple Vulnerabilities
CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities
CBN CH6640E/CG6640E Wireless Gateway Series - Multiple Vulnerabilities
Xerox Multifunction Printers (MFP) _Patch_ DLM Vulnerability
Xerox Multifunction Printers (MFP) 'Patch' DLM Vulnerability
Linux Kernel <= 2.6.39 (32-bit & 64-bit) - Mempodipper Local Root (2)
Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) - Mempodipper Local Root (2)
Newv SmartClient 1.1.0 - 'NewvCommon.ocx' ActiveX Control Multiple Vulnerabilities
Newv SmartClient 1.1.0 - 'NewvCommon.ocx' ActiveX Control - Multiple Vulnerabilities
Eclipse 3.3.2 IDE Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS
Eclipse 3.3.2 IDE - Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS
Linux Kernel - libfutex - Local Root for RHEL/CentOS 7.0.1406
Linux Kernel <= 3.14.5 (RHEL/CentOS 7) - libfutex Local Root
RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 - ActiveX Control Multiple Vulnerabilities
RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 ActiveX Control - Multiple Vulnerabilities
OS X networkd _effective_audit_token_ XPC Type Confusion Sandbox Escape
OS X networkd - 'effective_audit_token' XPC Type Confusion Sandbox Escape
Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow Vulnerability
Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow Proof of Concept
AJ Classifieds 'listingid' Parameter SQL Injection Vulnerability
AJ Classifieds 'listingid' Parameter - SQL Injection Vulnerability
BlueSoft Social Networking CMS SQL Injection Vulnerability
BlueSoft Social Networking CMS - SQL Injection Vulnerability
Linux Kernel IRET Instruction #SS Fault Handling - Crash PoC
Linux Kernel PPP-over-L2TP Socket Level Handling - Crash PoC
Linux Kernel Associative Array Garbage Collection - Crash PoC
Linux Kernel <= 3.17.5 - IRET Instruction #SS Fault Handling Crash PoC
Linux Kernel <= 3.15.6 - PPP-over-L2TP Socket Level Handling Crash PoC
Linux Kernel <= 3.16.3 - Associative Array Garbage Collection Crash PoC
Linux Kernel - Network Namespace Remote Denial of Service Vulnerability
Linux Kernel <= 2.6.35 - Network Namespace Remote Denial of Service Vulnerability
Kayako SupportSuite 3.x Multiple Vulnerabilities
Kayako SupportSuite 3.x - Multiple Vulnerabilities
Linux Kernel splice() System Call - Local DoS
Linux Kernel <= 3.13 / <= 3.14 (Ubuntu) - splice() System Call Local DoS
Mac OS X - _Rootpipe_ Privilege Escalation
Mac OS X - 'Rootpipe' Privilege Escalation
Apport - Local Linux Root
Apport 2.14.1 (Ubuntu 14.04.2) - Linux Local Root Exploit
SixApart MovableType Storable Perl Code Execution
SixApart MovableType - Storable Perl Code Execution
WordPress TagGator 'tagid' Parameter SQL Injection Vulnerability
WordPress TagGator 'tagid' Parameter - SQL Injection Vulnerability
JSPMyAdmin 1.1 Multiple Vulnerabilities
JSPMyAdmin 1.1 - Multiple Vulnerabilities
WordPress NewStatPress Plugin 0.9.8 Multiple Vulnerabilities
WordPress Landing Pages Plugin 1.8.4 Multiple Vulnerabilities
WordPress NewStatPress Plugin 0.9.8 - Multiple Vulnerabilities
WordPress Landing Pages Plugin 1.8.4 - Multiple Vulnerabilities
ESC 8832 Data Controller Multiple Vulnerabilities
ESC 8832 Data Controller - Multiple Vulnerabilities
ZTE AC 3633R USB Modem Multiple Vulnerabilities
ZTE AC 3633R USB Modem - Multiple Vulnerabilities
OSSEC 2.7 <= 2.8.1 - _diff_ Command Local Root Escalation
OSSEC 2.7 <= 2.8.1 - 'diff' Command Local Root Escalation
Ubuntu 12.04_ 14.04_ 14.10_ 15.04 - overlayfs Local Root (Shell)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shell)
Ubuntu 12.04_ 14.04_ 14.10_ 15.04 - overlayfs Local Root (Shadow File)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shadow File)
OSSEC WUI 0.8 - Denial of Service
Adobe Flash Use-After-Free in Drawing Methods _this_
Adobe Flash - Use-After-Free in Drawing Methods 'this'
Kaspersky Antivirus _Yoda's Protector_ Unpacking Memory Corruption
Kaspersky Antivirus - Yoda's Protector Unpacking Memory Corruption
Kallithea 0.2.9 (came_from) HTTP Response Splitting Vulnerability
Kallithea 0.2.9 - (came_from) HTTP Response Splitting Vulnerability
Linux/MIPS Kernel NetUSB - Remote Code Execution Exploit
Linux/MIPS Kernel 2.6.36 NetUSB - Remote Code Execution Exploit
Linux Kernel <= 3.2.1 - Tracing Mutiple Local Denial of Service Vulnerabilities
Cisco Linksys WRT310N Router Multiple Denial of Service Vulnerabilities
Cisco Linksys WRT310N Router - Multiple Denial of Service Vulnerabilities
WordPress WP Private Messages Plugin 'msgid' Parameter SQL Injection Vulnerability
WordPress WP Private Messages Plugin - 'msgid' Parameter SQL Injection Vulnerability
Microsoft Windows Media Center Library Parsing RCE Vulnerability aka _self-executing_ MCL File
Microsoft Windows Media Center Library - Parsing RCE Vulnerability aka 'self-executing' MCL File
MyBB 'misc.php' Remote Denial of Service Vulnerability
MyBB 1.6.12 - 'misc.php' Remote Denial of Service Vulnerability
WHMCS 'cart.php' Denial of Service Vulnerability
phpBB <= 3.0.8 Remote Denial of Service Vulnerability
WHMCS 5.12 - 'cart.php' Denial of Service Vulnerability
phpBB <= 3.0.8 - Remote Denial of Service Vulnerability
Ubuntu 14.04 LTS_ 15.10 - overlayfs Local Root Exploit
Linux Kernel <=4.3.3 (Ubuntu 14.04_ 15.10) - overlayfs Local Root Exploit
Linux Kernel overlayfs - Local Privilege Escalation
Linux Kernel <= 4.3.3 overlayfs - Local Privilege Escalation
Inductive Automation Ignition 7.8.1 Remote Leakage Of Shared Buffers
Inductive Automation Ignition 7.8.1 - Remote Leakage Of Shared Buffers
Linux Kernel - REFCOUNT Overflow/Use-After-Free in Keyrings
Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings
Linux Kernel - prima WLAN Driver Heap Overflow
Linux Kernel <= 3.x / <= 4.x - prima WLAN Driver Heap Overflow
Multiple Aztech Routers '/cgi-bin/AZ_Retrain.cgi' Denial of Service Vulnerability
Multiple Aztech Routers - '/cgi-bin/AZ_Retrain.cgi' Denial of Service Vulnerability
WordPress Wordfence Security Plugin Multiple Vulnerabilities
WordPress Wordfence Security Plugin - Multiple Vulnerabilities
STIMS Buffer - Buffer Overflow SEH - DoS
STIMS Cutter - Buffer Overflow DoS
STIMS Buffer 1.1.20 - Buffer Overflow SEH (DoS)
STIMS Cutter 1.1.3.20 - Buffer Overflow DoS
Linux Kernel - digi_acceleport Nullpointer Dereference
Linux Kernel - Wacom Multiple Nullpointer Dereferences
Linux Kernel - visor (treo_attach) Nullpointer Dereference
Linux Kernel - visor clie_5_attach Nullpointer Dereference
Linux Kernel - cypress_m8 Nullpointer Dereference
Linux Kernel - mct_u232 Nullpointer Dereference
Linux Kernel - cdc_acm Nullpointer Dereference
Linux Kernel - aiptek Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - digi_acceleport Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - Wacom Multiple Nullpointer Dereferences
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - visor (treo_attach) Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - visor clie_5_attach Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - cypress_m8 Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - mct_u232 Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - cdc_acm Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - aiptek Nullpointer Dereference
RHEL 7.1 Kernel - snd-usb-audio Crash PoC
RHEL 7.1 Kernel - iowarrior driver Crash PoC
RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - snd-usb-audio Crash PoC
RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - iowarrior driver Crash PoC
LShell <= 0.9.15 - Remote Code Execution
LShell <= 0.9.15 - Remote Code Execution
Exim _perl_startup_ Privilege Escalation
Exim - 'perl_startup' Privilege Escalation
NetCommWireless HSPA 3G10WVE Wireless Router – Multiple Vulnerabilities
NetCommWireless HSPA 3G10WVE Wireless Router - Multiple Vulnerabilities
Linux Kernel 4.4.x (Ubuntu 16.04) - Use-After-Free via double-fdput() in bpf(BPF_PROG_LOAD) Error Path Local Root Exploit
Linux Kernel 4.4.x (Ubuntu 16.04) - double-fdput() in bpf(BPF_PROG_LOAD) Local Root Exploit
i.FTP 2.21 - Host Address / URL Field SEH Exploit
All Windows Null-Free Shellcode - Functional Keylogger to File - 601 (0x0259) bytes
MediaInfo 0.7.61 - Crash PoC
Ipswitch WS_FTP LE 12.3 - Search field SEH Overwrite POC
Core FTP Server 32-bit Build 587 - Heap Overflow
Multiple JVC HDRs and Net Cameras - Multiple Vulnerabilities
Adobe Reader DC 15.010.20060 - Memory Corruption
Nfdump Nfcapd 1.6.14 - Multiple Vulnerabilities
2016-05-11 05:03:54 +00:00
Offensive Security
01664c67b8
DB: 2016-05-10
...
11 new exploits
JITed egg-hunter stage-0 shellcode Adjusted universal for xp/vista/win7
JITed egg-hunter stage-0 shellcode Adjusted universal for XP/Vista/Windows 7
BlazeDVD 5.1- (.plf) Stack Buffer Overflow PoC Exploit - ALSR/DEP Bypass on Win7
BlazeDVD 5.1 - (.plf) Stack Buffer Overflow PoC Exploit (Windows 7 ALSR/DEP Bypass)
Winamp 5.572 - Local BoF Exploit (Win7 ASLR and DEP Bypass)
Winamp 5.572 - Local BoF Exploit (Windows 7 ASLR and DEP Bypass)
RM Downloader 3.1.3 - Local SEH Exploit (Win7 ASLR and DEP Bypass)
RM Downloader 3.1.3 - Local SEH Exploit (Windows 7 ASLR and DEP Bypass)
UFO: Alien Invasion 2.2.1 - BoF Exploit (Win7 ASLR and DEP Bypass)
UFO: Alien Invasion 2.2.1 - BoF Exploit (Windows 7 ASLR and DEP Bypass)
The KMPlayer 3.0.0.1440 - (.mp3) Buffer Overflow Exploit (Win7 + ASLR Bypass)
The KMPlayer 3.0.0.1440 - (.mp3) Buffer Overflow Exploit (Windows 7 + ASLR Bypass)
Mozilla Firefox 3.6.16 mChannel Object Use After Free Exploit (Win7)
Mozilla Firefox 3.6.16 - mChannel Object Use After Free Exploit (Windows 7)
QQPLAYER PICT PnSize Buffer Overflow WIN7 DEP_ASLR BYPASS
QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR BYPASS
GNU Bash - Environment Variable Command Injection (ShellShock)
Bash - Environment Variables Code Injection Exploit (ShellShock)
GNU Bash - Environment Variable Command Injection (Shellshock)
Bash - Environment Variables Code Injection Exploit (Shellshock)
OpenVPN 2.2.29 - ShellShock Exploit
OpenVPN 2.2.29 - Shellshock Exploit
Bash - CGI RCE Shellshock Exploit (Metasploit)
Bash CGI - RCE Shellshock Exploit (Metasploit)
PHP 5.x (< 5.6.2) - Shellshock Exploit (Bypass disable_functions)
PHP 5.x (< 5.6.2) - Bypass disable_functions (Shellshock Exploit)
OSSEC 2.8 - Privilege Escalation
OSSEC 2.8 - hosts.deny Privilege Escalation
ShellShock dhclient Bash Environment Variable Command Injection PoC
dhclient 4.1 - Bash Environment Variable Command Injection PoC (Shellshock)
OSSEC 2.7 <= 2.8.1 - Local Root Escalation
OSSEC 2.7 <= 2.8.1 - _diff_ Command Local Root Escalation
Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) #2
Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (2)
BigTree CMS Cross Site Request Forgery Vulnerability
Advantech Switch Bash Environment Variable Code Injection (Shellshock)
Advantech Switch - Bash Environment Variable Code Injection (Shellshock)
KiTTY Portable <= 0.65.0.2p Local kitty.ini Overflow (Wow64 Egghunter Win7)
KiTTY Portable <= 0.65.0.2p Local kitty.ini Overflow (Win8.1/Win10)
KiTTY Portable <= 0.65.0.2p - Local kitty.ini Overflow (Wow64 Egghunter Windows 7)
KiTTY Portable <= 0.65.0.2p - Local kitty.ini Overflow (Windows 8.1/Windows 10)
Windows Null-Free Shellcode - Primitive Keylogger to File - 431 (0x01AF) bytes
Ajaxel CMS 8.0 - Multiple Vulnerabilities
i.FTP 2.21 - Host Address / URL Field SEH Exploit
Dell SonicWall Scrutinizer <= 11.0.1 - setUserSkin/deleteTab SQL Injection Remote Code Execution
ZeewaysCMS - Multiple Vulnerabilities
ASUS Memory Mapping Driver (ASMMAP/ASMMAP64): Physical Memory Read/Write
Certec EDV atvise SCADA Server 2.5.9 - Privilege Escalation
Microsoft Windows 7 - WebDAV Privilege Escalation Exploit (MS16-016) (2)
RPCScan 2.03 - Hostname/IP Field SEH Overwrite PoC
ImageMagick Delegate Arbitrary Command Execution
Ruby on Rails Development Web Console (v2) Code Execution
2016-05-10 05:02:47 +00:00
Offensive Security
6fa97a6001
DB: 2016-05-07
...
6 new exploits
RPCScan 2.03 - Hostname/IP Field Crash PoC
CIScan 1.00 - Hostname/IP Field Crash PoC
DotNetNuke 07.04.00 - Administration Authentication Bypass
Adobe Flash - Use-After-Free When Rendering Displays From Multiple Scripts
Adobe Flash - MovieClip.duplicateMovieClip Use-After-Free
ManageEngine Applications Manager Build 12700 - Multiple Vulnerabilities
2016-05-07 05:03:58 +00:00
Offensive Security
c7e317d2e0
DB: 2016-05-06
...
1 new exploits
Baidu Spark Browser 43.23.1000.476 - Address Bar URL Spoofing
2016-05-06 05:03:00 +00:00
Offensive Security
5a82bad23d
DB: 2016-05-05
...
14 new exploits
Alibaba Clone B2B Script - Admin Authentication Bypass
CMS Made Simple < 2.1.3 & < 1.12.1 - Web Server Cache Poisoning
Acunetix WP Security Plugin 3.0.3 - XSS
NetCommWireless HSPA 3G10WVE Wireless Router – Multiple Vulnerabilities
TRN Threaded USENET News Reader 3.6-23 - Local Stack-Based Overflow
IPFire < 2.19 Core Update 101 - Remote Command Execution
PHP Imagick 3.3.0 - disable_functions Bypass
ImageMagick < 6.9.3-9 - Multiple Vulnerabilities
OpenSSL Padding Oracle in AES-NI CBC MAC Check
Zabbix Agent 3.0.1 - mysql.size Shell Command Injection
McAfee LiveSafe 14.0 - Relocations Processing Memory Corruption
Linux (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow)
Linux Kernel 4.4.x (Ubuntu 16.04) - Use-After-Free via double-fdput() in bpf(BPF_PROG_LOAD) Error Path Local Root Exploit
Linux (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps
2016-05-05 05:04:38 +00:00
Offensive Security
875ff32145
DB: 2016-04-29
...
2 new exploits
Ubuntu 14.04 LTS_ 15.10 overlayfs - Local Root Exploit
Ubuntu 14.04 LTS_ 15.10 - overlayfs Local Root Exploit
PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow
Windows Kernel - win32k.sys TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039)
2016-04-29 05:03:34 +00:00
Offensive Security
3ca3a35ce6
DB: 2016-04-28
...
4 new exploits
EMC ViPR SRM - Cross-Site Request Forgery
Multiple Vendors (RomPager <= 4.34) - Misfortune Cookie Router Authentication Bypass
Windows - CSRSS BaseSrvCheckVDM Session 0 Process Creation Privilege Escalation (MS16-048)
Mach Race OS X Local Privilege Escalation Exploit
2016-04-28 05:03:01 +00:00
Offensive Security
bd5d486987
DB: 2016-04-21
...
4 new exploits
Webutler CMS 3.2 - Cross-Site Request Forgery
PHPBack 1.3.0 - SQL Injection
Windows Kernel - DrawMenuBarTemp Wild-Write (MS16-039)
Hyper-V - vmswitch.sys VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow
2016-04-21 05:02:17 +00:00
Offensive Security
99627c8d04
DB: 2016-04-16
...
4 new exploits
Internet Explorer 11 - MSHTML!CMarkupPointer::UnEmbed Use After Free
Linux/x86_64 - Read /etc/passwd - 65 bytes
AirOS 6.x - Arbitrary File Upload
Exim _perl_startup_ Privilege Escalation
2016-04-16 05:02:22 +00:00
Offensive Security
b185ddf9b2
DB: 2016-04-15
...
6 new exploits
RockMongo PHP MongoDB Administrator 1.1.8 - Multiple Vulnerabilities
Microsoft Office Excel Out-of-Bounds Read Remote Code Execution (MS16-042)
pfSense Firewall <= 2.2.6 - Services CSRF
Brickcom Corporation Network Cameras - Multiple Vulnerabilities
PHPmongoDB 1.0.0 - Multiple Vulnerabilities
Internet Explorer 9_ 10_ 11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)
2016-04-15 05:03:51 +00:00
Offensive Security
830ff3bd6a
DB: 2016-04-10
2016-04-10 05:03:48 +00:00
Offensive Security
1f79ff2236
DB: 2016-04-09
...
3 new exploits
WordPress Freshmail - Unauthenticated SQL Injection
WordPress Plugin Freshmail 1.5.8 - Unauthenticated SQL Injection
Express Zip <= 2.40 - Path Traversal
Apple Intel HD 3000 Graphics driver 10.0.0 - Local Privilege Escalation
op5 7.1.9 - Remote Command Execution
2016-04-09 05:02:52 +00:00
Offensive Security
60fd0ef490
DB: 2016-04-06
...
5 new exploits
Easy File Sharing HTTP Server 7.2 SEH Overflow
PCMAN FTP Server Buffer Overflow - PUT Command
Internet Explorer - MSHTML!CSVGHelpers::SetAttributeStringAndPointer Use-After-Free (MS16-023)
ManageEngine Password Manager Pro 8102 to 8302 - Multiple Vulnerabilities
Windows Kernel Win32k.sys Privilege Escalation Exploit (MS14-058)
2016-04-06 05:04:31 +00:00
Offensive Security
13d072b592
DB: 2016-04-05
...
4 new exploits
Outlook ATTACH_BY_REF_ONLY File Execution
Outlook - ATTACH_BY_REF_ONLY File Execution
HB Ecommerce SQL Injection Vulnerability
HB Ecommerce - SQL Injection Vulnerability
SCO Open Server <= 5.0.4 POP Server Buffer Overflow Vulnerability
SCO Open Server <= 5.0.4 - POP Server Buffer Overflow Vulnerability
Debian Linux <= 2.1 Print Queue Control Vulnerability
Debian Linux <= 2.1 - Print Queue Control Vulnerability
FreeBSD 3.3 gdc Buffer Overflow Vulnerability
FreeBSD 3.3 gdc - Buffer Overflow Vulnerability
Netscape FastTrack Server 2.0.1 a GET Buffer Overflow Vulnerability
Netscape FastTrack Server 2.0.1a - GET Buffer Overflow Vulnerability
NullSoft Winamp 2.10 Playlist Vulnerability
NullSoft Winamp 2.10 - Playlist Vulnerability
S.u.S.E. 4.x/5.x/6.x/7.0_Slackware 3.x/4.0_Turbolinux 6_OpenLinux 7.0 fdmount Buffer Overflow (2)
S.u.S.E. 4.x/5.x/6.x/7.0_Slackware 3.x/4.0_Turbolinux 6_OpenLinux 7.0 fdmount - Buffer Overflow (2)
Computer Associates InoculateIT 4.53 Microsoft Exchange Agent Vulnerability
Computer Associates InoculateIT 4.53 - Microsoft Exchange Agent Vulnerability
NetcPlus SmartServer3 3.75 Weak Encryption Vulnerability
NetcPlus SmartServer3 3.75 - Weak Encryption Vulnerability
NetcPlus BrowseGate 2.80.2 Weak Encryption Vulnerability
NetcPlus BrowseGate 2.80.2 - Weak Encryption Vulnerability
My Postcards 6.0 MagicCard.CGI Arbitrary File Disclosure Vulnerability
My Postcards 6.0 - MagicCard.CGI Arbitrary File Disclosure Vulnerability
Gom Player 2.1.44.5123 (Unicode) NULL Pointer Dereference
Gom Player 2.1.44.5123 - (Unicode) NULL Pointer Dereference
Tower Toppler 0.99.1 Display Variable Local Buffer Overflow Vulnerability
Tower Toppler 0.99.1 - Display Variable Local Buffer Overflow Vulnerability
Ximian Evolution 1.x UUEncoding Denial of Service Vulnerability
Ximian Evolution 1.x - UUEncoding Denial of Service Vulnerability
IDA Pro 6.3 Crash PoC
IDA Pro 6.3 - Crash PoC
Confixx 2 Perl Debugger Remote Command Execution Vulnerability
Confixx 2 - Perl Debugger Remote Command Execution Vulnerability
Microsoft Outlook Express 4.x/5.x/6.0 Attachment Processing File Extension Obfuscation Vulnerability
Microsoft Outlook Express 4.x/5.x/6.0 - Attachment Processing File Extension Obfuscation Vulnerability
Novell NetMail 3.x Automatic Script Execution Vulnerability
Novell NetMail 3.x - Automatic Script Execution Vulnerability
Juniper Netscreen 5.0 VPN Username Enumeration Vulnerability
Juniper Netscreen 5.0 - VPN Username Enumeration Vulnerability
Microsoft Internet Explorer 7.0 MHTML Denial of Service Vulnerability
Microsoft Internet Explorer 7.0 - MHTML Denial of Service Vulnerability
WordPress Freshmail Unauthenticated SQL Injection
WordPress Freshmail - Unauthenticated SQL Injection
WordPress Download Manager Free 2.7.94 & Pro 4 Authenticated Stored XSS
WordPress Download Manager Free 2.7.94 & Pro 4 - Authenticated Stored XSS
Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass
ADH-Web Server IP-Cameras - Multiple Vulnerabilities
Xion Audio Player <= 1.5 (build 160) - .mp3 Crash PoC
Hexchat IRC Client 2.11.0 - Directory Traversal
Hexchat IRC Client 2.11.0 - CAP LS Handling Buffer Overflow
PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX - Multiple Vulnerabilities
2016-04-05 05:03:46 +00:00
Offensive Security