Offensive Security
|
18d8085c6d
|
DB: 2016-12-18
13 new exploits
Microsoft Internet Explorer 9 MSHTML - CMarkup::ReloadInCompatView Use-After-Free
Microsoft Internet Explorer 9 IEFRAME - CMarkup::RemovePointerPos Use-After-Free (MS13-055)
Orthanc DICOM Server 1.1.0 - Memory Corruption
Microsoft Internet Explorer 9 - MSHTML CMarkup::ReloadInCompatView Use-After-Free
Microsoft Internet Explorer 9 - IEFRAME CMarkup::RemovePointerPos Use-After-Free (MS13-055)
OsiriX DICOM Viewer 8.0.1 - Memory Corruption
ConQuest DICOM Server 1.4.17d - Stack Buffer Overflow
DCMTK 3.6.0 storescp - Stack Buffer Overflow
Horos 2.1.0 DICOM Medical Image Viewer - Denial of Service
Microsoft Internet Explorer 9 IEFRAME - CMarkupPointer::MoveToGap Use-After-Free
Microsoft Internet Explorer 9 IEFRAME - CView::EnsureSize Use-After-Free (MS13-021)
Nagios < 4.2.4 - Privilege Escalation
iOS 10.1.1 / macOS 10.12 16A323 XNU Kernel - set_dp_control_port Lack of Locking Use-After-Free
Alienvault OSSIM - SQL Injection / Remote Code Execution (Metasploit)
Alienvault Open Source SIEM (OSSIM) - SQL Injection / Remote Code Execution (Metasploit)
Alienvault OSSIM < 4.7.0 - av-centerd 'get_log_line()' Remote Code Execution
Alienvault Open Source SIEM (OSSIM) < 4.7.0 - av-centerd 'get_log_line()' Remote Code Execution
Alienvault OSSIM - av-centerd Command Injection (Metasploit)
Alienvault Open Source SIEM (OSSIM) - av-centerd Command Injection (Metasploit)
Horos 2.1.0 Web Portal - Directory Traversal
Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode (72 bytes)
Alienvault OSSIM Open Source SIEM 3.1 - Multiple Security Vulnerabilities
Alienvault Open Source SIEM (OSSIM) 3.1 - Multiple Security Vulnerabilities
Alienvault OSSIM Open Source SIEM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection
Alienvault Open Source SIEM (OSSIM) 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection
Alienvault OSSIM 4.1.2 - Multiple SQL Injections
Alienvault Open Source SIEM (OSSIM) 4.1.2 - Multiple SQL Injections
Alienvault OSSIM Open Source SIEM 4.1 - Multiple SQL Vulnerabilities
Alienvault Open Source SIEM (OSSIM) 4.1 - Multiple SQL Vulnerabilities
Alienvault 4.3.1 - Unauthenticated SQL Injection
Alienvault 4.3.1 - Unauthenticated SQL Injection / Cross-Site Scripting
Alienvault OSSIM 4.6.1 - Authenticated SQL Injection (Metasploit)
Alienvault Open Source SIEM (OSSIM) 4.6.1 - Authenticated SQL Injection (Metasploit)
Alienvault OSSIM 4.3 - Cross-Site Request Forgery
Alienvault Open Source SIEM (OSSIM) 4.3 - Cross-Site Request Forgery
WHMCS Addon VMPanel 2.7.4 - SQL Injection
WordPress Plugin Quiz And Survey Master 4.5.4 / 4.7.8 - Cross-Site Request Forgery
|
2016-12-18 05:01:16 +00:00 |
|
Offensive Security
|
24bf161ca6
|
DB: 2016-12-16
5 new exploits
HydraIrc 0.3.164 - (last) Remote Denial of Service
Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow (PoC)
HydraIrc 0.3.164 - Remote Denial of Service
Download Accelerator Plus DAP 8.6 - 'AniGIF.ocx' Buffer Overflow (PoC)
Microsoft Internet Explorer 9 MSHTML - CMarkup::ReloadInCompatView Use-After-Free
Microsoft Internet Explorer 9 IEFRAME - CMarkup::RemovePointerPos Use-After-Free (MS13-055)
Nidesoft MP3 Converter 2.6.18 - SEH Local Buffer Overflow
Nagios Core < 4.2.4 - Privilege Escalation
Nagios Core < 4.2.2 - Curl Command Injection / Remote Code Execution
Quicksilver Forums 1.2.1 - (set) Remote File Inclusion
Quicksilver Forums 1.2.1 - Remote File Inclusion
e-Vision CMS 2.0 - (all_users.php) SQL Injection
e-Vision CMS 2.0 - 'all_users.php' SQL Injection
LetterIt 2.0 - (inc/session.php) Remote File Inclusion
LetterIt 2.0 - 'session.php' Remote File Inclusion
e107 0.7.8 - (mailout.php) Access Escalation Exploit (Admin needed)
e107 0.7.8 - 'mailout.php' Access Escalation Exploit (Admin needed)
PHPMyRealty 1.0.x - (search.php type) SQL Injection
PHPMyRealty 1.0.x - 'search.php' SQL Injection
pligg 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection
Pligg 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection
LetterIt 2 - 'Language' Local File Inclusion
phpMyRealty - (location) SQL Injection
LetterIt 2 - 'Language' Parameter Local File Inclusion
phpMyRealty 2.0.0 - 'location' Parameter SQL Injection
ABG Blocking Script 1.0a - 'abg_path' Remote File Inclusion
E-topbiz Dating 3 PHP Script - (mail_id) SQL Injection
Scripts24 iTGP 1.0.4 - 'id' SQL Injection
Scripts24 iPost 1.0.1 - 'id' SQL Injection
eStoreAff 0.1 - 'cid' SQL Injection
GreenCart PHP Shopping Cart - 'id' SQL Injection
ABG Blocking Script 1.0a - 'abg_path' Parameter Remote File Inclusion
E-topbiz Dating 3 PHP Script - 'mail_id' Parameter SQL Injection
Scripts24 iTGP 1.0.4 - 'id' Parameter SQL Injection
Scripts24 iPost 1.0.1 - 'id' Parameter SQL Injection
eStoreAff 0.1 - 'cid' Parameter SQL Injection
GreenCart PHP Shopping Cart - 'id' Parameter SQL Injection
e-vision CMS 2.02 - (SQL Injection / Arbitrary File Upload / Information Gathering) Multiple Vulnerabilities
e-vision CMS 2.02 - SQL Injection / Arbitrary File Upload / Information Gathering
E-Store Kit-1 <= 2 PayPal Edition - 'pid' SQL Injection
E-Store Kit-1 <= 2 PayPal Edition - 'pid' Parameter SQL Injection
iges CMS 2.0 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
iges CMS 2.0 - Cross-Site Scripting / SQL Injection
Multiple Wsn Products - (Local File Inclusion) Code Execution
Multiple Wsn Products - Local File Inclusion / Code Execution
Discuz! 6.0.1 - (searchid) SQL Injection
pPIM 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities
Discuz! 6.0.1 - 'searchid' Parameter SQL Injection
pPIM 1.0 - Arbitrary File Delete / Cross-Site Scripting
Vacation Rental Script 3.0 - 'id' SQL Injection
Quicksilver Forums 1.4.1 - forums[] SQL Injection
txtSQL 2.2 Final - (startup.php) Remote File Inclusion
Vacation Rental Script 3.0 - 'id' Parameter SQL Injection
Quicksilver Forums 1.4.1 - SQL Injection
txtSQL 2.2 Final - 'startup.php' Remote File Inclusion
OpenImpro 1.1 - (image.php id) SQL Injection
ZeeBuddy 2.1 - (bannerclick.php adid) SQL Injection
pPIM 1.0 - (upload/change Password) Multiple Vulnerabilities
Ovidentia 6.6.5 - (item) SQL Injection
BBlog 0.7.6 - (mod) SQL Injection
OpenImpro 1.1 - 'image.php' SQL Injection
ZeeBuddy 2.1 - 'adid' Parameter SQL Injection
pPIM 1.0 - upload/change Password
Ovidentia 6.6.5 - 'item' Parameter SQL Injection
BBlog 0.7.6 - 'mod' Parameter SQL Injection
pPIM 1.01 - (notes.php id) Local File Inclusion
pPIM 1.01 - 'notes.php' Local File Inclusion
e107 plugin fm pro 1 - (File Disclosure / Arbitrary File Upload / Directory Traversal) Multiple Vulnerabilities
e107 plugin fm pro 1 - File Disclosure / Arbitrary File Upload / Directory Traversal
Coppermine Photo Gallery 1.4.19 - Remote Arbitrary .PHP File Upload
Coppermine Photo Gallery 1.4.19 - Remote File Upload
pPIM 1.01 - (notes.php id) Remote Command Execution
pPIM 1.01 - 'notes.php' Remote Command Execution
moziloCMS 1.11 - (Local File Inclusion / Full Path Disclosure / Cross-Site Scripting) Multiple Vulnerabilities
moziloCMS 1.11 - Local File Inclusion / Full Path Disclosure / Cross-Site Scripting
Joomla! Component 'com_agenda' 1.0.1 - 'id' Parameter SQL Injection
Joomla! Component Agenda Address Book 1.0.1 - 'id' Parameter SQL Injection
Joomla! Component 'com_alphauserpoints' 1.5.5 - Local File Inclusion
Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion
Joomla! Component 'com_arcadegames' - Local File Inclusion
Joomla! Component Arcade Games 1.0 - Local File Inclusion
Joomla! Component 'com_AddressBook' - Local File Inclusion
Joomla! Component 'com_advertising' - Local File Inclusion
Joomla! Component Address Book 1.5.0 - Local File Inclusion
Joomla! Component Advertising 0.25 - Local File Inclusion
Joomla! Component 'com_blogfactory' - Local File Inclusion
Joomla! Component 'com_beeheard' - Local File Inclusion
Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion
Joomla! Component BeeHeard 1.0 - Local File Inclusion
Joomla! Component 'com_archeryscores' 1.0.6 - Local File Inclusion
Joomla! Component Archery Scores 1.0.6 - Local File Inclusion
Joomla! Component 'com_abc' - SQL Injection
Joomla! Component ABC 1.1.7 - SQL Injection
Joomla! Component 'com_bfquiztrial' - SQL Injection (1)
Joomla! Component BF Quiz 1.3.0 - SQL Injection (1)
Joomla! Component 'com_bfquiztrial' - SQL Injection (2)
Joomla! Component BF Quiz 1.0 - SQL Injection (2)
e107 0.7.21 full - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
e107 0.7.21 full - Remote File Inclusion / Cross-Site Scripting
Joomla! Component 'com_awd_song' - Persistent Cross-Site Scripting
Joomla! Component JE Awd Song - Persistent Cross-Site Scripting
Joomla! Component 'com_addressbook' - Blind SQL Injection
Joomla! Component Address Book - Blind SQL Injection
Joomla! Component 'com_autartimonial' - SQL Injection
Joomla! Component AutarTimonial 1.0.8 - SQL Injection
Joomla! Component 'com_artforms' 2.1b7.2 rc2 - Multiple Vulnerabilities
Joomla! Component ArtForms 2.1b7.2 rc2 - Multiple Vulnerabilities
Joomla! Component 'com_camelcitydb2' 2.2 - SQL Injection
Joomla! Component CamelcityDB 2.2 - SQL Injection
Joomla! Component 'com_amblog' 1.0 - Multiple SQL Injections
Joomla! Component Amblog 1.0 - Multiple SQL Injections
Joomla! Component 'com_aardvertiser' 2.1 - Blind SQL Injection
Joomla! Component Aardvertiser 2.1 - Blind SQL Injection
Joomla! Component 'com_cbe' - Local File Inclusion / Remote Code Execution
Joomla! Component Community Builder Enhanced (CBE) 1.4.8/1.4.9/1.4.10 - Local File Inclusion / Remote Code Execution
Joomla! Component 'com_allcinevid' 1.0.0 - Blind SQL Injection
Joomla! Component allCineVid 1.0.0 - Blind SQL Injection
Joomla! Component 'com_alameda' 1.0 - SQL Injection
Joomla! Component Alameda 1.0 - SQL Injection
Free Hosting Manager 2.0 - (packages.php id Parameter) SQL Injection
Free Hosting Manager 2.0 - 'id' Parameter SQL Injection
Coppermine Photo Gallery 1.x - menu.inc.php CPG_URL Parameter Cross-Site Scripting
Coppermine Photo Gallery 1.x - modules.php startdir Parameter Traversal Arbitrary File Access
Coppermine Photo Gallery 1.x - init.inc.php Remote File Inclusion
Coppermine Photo Gallery 1.x - theme.php Multiple Parameter Remote File Inclusion
Coppermine Photo Gallery 1.2.2b - 'menu.inc.php' Cross-Site Scripting
Coppermine Photo Gallery 1.2.0 RC4 - 'startdir' Parameter Traversal Arbitrary File Access
Coppermine Photo Gallery 1.2.0 RC4 - 'init.inc.php' Remote File Inclusion
Coppermine Photo Gallery 1.2.2b - 'theme.php' Remote File Inclusion
BBlog 0.7.4 - PostID Parameter SQL Injection
BBlog 0.7.4 - 'PostID' Parameter SQL Injection
Coppermine Photo Gallery 1.x - Albmgr.php SQL Injection
Coppermine Photo Gallery 1.4.11 - SQL Injection
LoveCMS 1.4 - install/index.php step Parameter Remote File Inclusion
LoveCMS 1.4 - install/index.php step Parameter Traversal Arbitrary File Access
LoveCMS 1.4 - 'index.php' load Parameter Traversal Arbitrary File Access
LoveCMS 1.4 - 'index.php' id Parameter Cross-Site Scripting
LoveCMS 1.4 - 'step' Parameter Remote File Inclusion
LoveCMS 1.4 - 'step' Parameter Traversal Arbitrary File Access
LoveCMS 1.4 - 'load' Parameter Traversal Arbitrary File Access
LoveCMS 1.4 - 'id' Parameter Cross-Site Scripting
Coppermine Photo Gallery 1.4.x - mode.php referer Parameter Cross-Site Scripting
Coppermine Photo Gallery 1.4.x - viewlog.php log Parameter Local File Inclusion
Coppermine Photo Gallery 1.4.12 - 'referer' Parameter Cross-Site Scripting
Coppermine Photo Gallery 1.4.12 - 'log' Parameter Local File Inclusion
Joomla! / Mambo Component 'com_detail' - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_detail - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_lms' - 'cat' Parameter SQL Injection
Joomla! / Mambo Component Showroom Joomlearn LMS - 'cat' Parameter SQL Injection
Blog Manager - inc_webblogmanager.asp ItemID Parameter SQL Injection
Blog Manager - inc_webblogmanager.asp categoryId Parameter Cross-Site Scripting
Blog Manager - 'ItemID' Parameter SQL Injection
Blog Manager - 'categoryId' Parameter Cross-Site Scripting
e107 0.7.x - (CAPTCHA Security Bypass / Cross-Site Scripting) Multiple Vulnerabilities
e107 0.7.x - CAPTCHA Security Bypass / Cross-Site Scripting
Joomla! Component 'com_canteen' 1.0 - Local File Inclusion
Joomla! Component Canteen 1.0 - Local File Inclusion
Coppermine Photo Gallery 1.5.10 - help.php Multiple Parameter Cross-Site Scripting
Coppermine Photo Gallery 1.5.10 - searchnew.php picfile_* Parameter Cross-Site Scripting
Coppermine Photo Gallery 1.5.10 - 'help.php' Cross-Site Scripting
Coppermine Photo Gallery 1.5.10 - 'searchnew.php' Cross-Site Scripting
|
2016-12-16 05:01:19 +00:00 |
|
Offensive Security
|
32e86030d5
|
DB: 2016-12-15
3 new exploits
minix 3.1.2a - tty panic Local Denial of Service
minix 3.1.2a - tty panic Remote Denial of Service
Minix 3.1.2a - tty panic Local Denial of Service
Minix 3.1.2a - tty panic Remote Denial of Service
Microsoft IIS 5.0 - WebDav Lock Method Memory Leak Denial of Service
Microsoft IIS 5.0 - WebDAV Lock Method Memory Leak Denial of Service
MINIX 3.3.0 - Local Denial of Service (PoC)
Minix 3.3.0 - Local Denial of Service (PoC)
MINIX 3.3.0 - Remote TCP/IP Stack Denial of Service
Minix 3.3.0 - Remote TCP/IP Stack Denial of Service
Apache 2.4.23 (mod_http2) - Denial of Service
Adobe Animate 15.2.1.95 - Memory Corruption
CoolPlayer - m3u File Local Buffer Overflow
CoolPlayer 2.18 - '.m3u' File Local Buffer Overflow
Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDav Privilege Escalation (MS16-016) (Metasploit)
Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDAV Privilege Escalation (MS16-016) (Metasploit)
Apache Tomcat (WebDAV) - Remote File Disclosure
Apache Tomcat - (WebDAV) Remote File Disclosure
Apache Tomcat (WebDAV) - Remote File Disclosure (SSL)
Apache Tomcat - (WebDAV) Remote File Disclosure (SSL)
APT - Repository Signing Bypass via Memory Allocation Failure
PHPFootball 1.6 - (show.php) Remote Database Disclosure
PHPFootball 1.6 - Remote Database Disclosure
Aprox CMS Engine 5 (1.0.4) - Local File Inclusion
Aprox CMS Engine 5.1.0.4 - Local File Inclusion
PHP Help Agent 1.1 - (content) Local File Inclusion
PHP Help Agent 1.1 - 'content' Parameter Local File Inclusion
Alstrasoft Affiliate Network Pro - (pgm) SQL Injection
Alstrasoft Affiliate Network Pro - 'pgm' Parameter SQL Injection
PHPHoo3 <= 5.2.6 - (PHPHoo3.php viewCat) SQL Injection
Alstrasoft Video Share Enterprise 4.5.1 - (UID) SQL Injection
PHPHoo3 <= 5.2.6 - 'viewCat' Parameter SQL Injection
Alstrasoft Video Share Enterprise 4.5.1 - 'UID' Parameter SQL Injection
Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection
Aprox CMS Engine 5.(1.0.4) - 'index.php' SQL Injection
Siteframe - 'folder.php id' SQL Injection
PHPFootball 1.6 - (show.php) SQL Injection
DigiLeave 1.2 - (info_book.asp book_id) Blind SQL Injection
HRS Multi - 'picture_pic_bv.asp key' Blind SQL Injection
Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection
Aprox CMS Engine 5.1.0.4 - 'index.php' SQL Injection
Siteframe CMS 3.2.3 - 'folder.php' SQL Injection
PHPFootball 1.6 - SQL Injection
DigiLeave 1.2 - 'book_id' Parameter Blind SQL Injection
HRS Multi - 'key' Parameter Blind SQL Injection
MojoPersonals - 'mojoClassified.cgi mojo' Blind SQL Injection
MojoJobs - 'mojoJobs.cgi mojo' Blind SQL Injection
MojoAuto - 'mojoAuto.cgi mojo' Blind SQL Injection
EZWebAlbum (dlfilename) - Remote File Disclosure
Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection
ShopCartDx 4.30 - 'pid' SQL Injection
MojoPersonals - Blind SQL Injection
MojoJobs - Blind SQL Injection
MojoAuto - Blind SQL Injection
EZWebAlbum - Remote File Disclosure
Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection
ShopCartDx 4.30 - 'pid' Parameter SQL Injection
YouTube blog 0.1 - (Remote File Inclusion / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Pre Survey Poll - 'default.asp catid' SQL Injection
Atom Photoblog 1.1.5b1 - (photoId) SQL Injection
ibase 2.03 - 'download.php' Remote File Disclosure
YouTube blog 0.1 - Remote File Inclusion / SQL Injection / Cross-Site Scripting
Pre Survey Poll - 'catid' Parameter SQL Injection
Atom Photoblog 1.1.5b1 - 'photoId' Parameter SQL Injection
ibase 2.03 - Remote File Disclosure
Live Music Plus 1.1.0 - 'id' SQL Injection
xrms 1.99.2 - (Remote File Inclusion / Cross-Site Scripting / Information Gathering) Multiple Vulnerabilities
Live Music Plus 1.1.0 - 'id' Parameter SQL Injection
XRms 1.99.2 - Remote File Inclusion / Cross-Site Scripting / Information Gathering
FizzMedia 1.51.2 - (comment.php mid) SQL Injection
PHPTest 0.6.3 - (picture.php image_id) SQL Injection
FizzMedia 1.51.2 - SQL Injection
PHPTest 0.6.3 - SQL Injection
Mobius 1.4.4.1 - (browse.php id) SQL Injection
EPShop < 3.0 - 'pid' SQL Injection
Mobius 1.4.4.1 - SQL Injection
EPShop < 3.0 - 'pid' Parameter SQL Injection
TriO 2.1 - (browse.php id) SQL Injection
CMScout 2.05 - (common.php bit) Local File Inclusion
Getacoder clone - (sb_protype) SQL Injection
GC Auction Platinum - (cate_id) SQL Injection
SiteAdmin CMS - (art) SQL Injection
TriO 2.1 - 'browse.php' SQL Injection
CMScout 2.05 - 'bit' Parameter Local File Inclusion
Getacoder clone - 'sb_protype' Parameter SQL Injection
GC Auction Platinum - 'cate_id' Parameter SQL Injection
SiteAdmin CMS - 'art' Parameter SQL Injection
Youtuber Clone - 'ugroups.php UID' SQL Injection
Youtuber Clone - SQL Injection
PixelPost 1.7.1 - (language_full) Local File Inclusion
PixelPost 1.7.1 - 'language_full' Parameter Local File Inclusion
ViArt Shop 3.5 - (category_id) SQL Injection
Minishowcase 09b136 - 'lang' Local File Inclusion
ViArt Shop 3.5 - 'category_id' Parameter SQL Injection
Minishowcase 09b136 - 'lang' Parameter Local File Inclusion
Gregarius 0.5.4 - rsargs[] SQL Injection
PHP Hosting Directory 2.0 - (admin.php rd) Remote File Inclusion
HIOX Random Ad 1.3 - (hioxRandomAd.php hm) Remote File Inclusion
hiox browser Statistics 2.0 - Remote File Inclusion
Gregarius 0.5.4 - SQL Injection
PHP Hosting Directory 2.0 - Remote File Inclusion
HIOX Random Ad 1.3 - Remote File Inclusion
HIOX Browser Statistics 2.0 - Remote File Inclusion
nzFotolog 0.4.1 - (action_file) Local File Inclusion
ZeeReviews - 'comments.php ItemID' SQL Injection
nzFotolog 0.4.1 - 'action_file' Parameter Local File Inclusion
ZeeReviews - SQL Injection
Article Friendly Pro/Standard - (Cat) SQL Injection
Article Friendly Pro/Standard - SQL Injection
PozScripts Classified Ads Script - 'cid' SQL Injection
TubeGuru Video Sharing Script - (UID) SQL Injection
PozScripts Classified Ads Script - 'cid' Parameter SQL Injection
TubeGuru Video Sharing Script - 'UID' Parameter SQL Injection
pligg 9.9.0 - (Cross-Site Scripting / Local File Inclusion / SQL Injection) Multiple Vulnerabilities
pligg 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection
camera life 2.6.2b4 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
camera Life 2.6.2b4 - SQL Injection / Cross-Site Scripting
Alstrasoft Article Manager Pro - (Authentication Bypass) SQL Injection
Alstrasoft Article Manager Pro 1.6 - Authentication Bypass
viart shopping cart 3.5 - Multiple Vulnerabilities
Viart shopping cart 3.5 - Multiple Vulnerabilities
PHPFootball 1.6 - (filter.php) Remote Hash Disclosure
PHPFootball 1.6 - Remote Hash Disclosure
talkback 2.3.14 - Multiple Vulnerabilities
Siteframe CMS 3.2.x - (SQL Injection / phpinfo()) Multiple Vulnerabilities
TalkBack 2.3.14 - Multiple Vulnerabilities
Siteframe CMS 3.2.x - SQL Injection / phpinfo()
CMScout - (Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities
CMScout - Cross-Site Scripting / HTML Injection
ShopCartDx 4.30 - (products.php) Blind SQL Injection
ShopCartDx 4.30 - 'products.php' Blind SQL Injection
viart shop 4.0.5 - Multiple Vulnerabilities
ViArt Shop 4.0.5 - Multiple Vulnerabilities
Siteframe 3.2.3 - (user.php) SQL Injection
Siteframe CMS 3.2.3 - 'user.php' SQL Injection
viart shop 4.0.5 - Cross-Site Request Forgery
ViArt Shop 4.0.5 - Cross-Site Request Forgery
Siteframe 2.2.4 - search.php Cross-Site Scripting
Siteframe 2.2.4 - download.php Information Disclosure
Siteframe CMS 2.2.4 - 'download.php' Information Disclosure
phpx 3.2.3 - Multiple Vulnerabilities
PHPX 3.2.3 - Multiple Vulnerabilities
PHPX 3.x - admin/page.php Cross-Site Request Forgery / Arbitrary Command Execution
PHPX 3.x - admin/news.php Cross-Site Request Forgery / Arbitrary Command Execution
PHPX 3.x - admin/user.php Cross-Site Request Forgery / Arbitrary Command Execution
PHPX 3.x - admin/images.php Cross-Site Request Forgery / Arbitrary Command Execution
PHPX 3.x - admin/forums.php Cross-Site Request Forgery / Arbitrary Command Execution
PHPX 3.x - 'page.php' Cross-Site Request Forgery / Arbitrary Command Execution
PHPX 3.x - 'news.php' Cross-Site Request Forgery / Arbitrary Command Execution
PHPX 3.x - 'user.php' Cross-Site Request Forgery / Arbitrary Command Execution
PHPX 3.x - 'images.php' Cross-Site Request Forgery / Arbitrary Command Execution
PHPX 3.x - 'forums.php' Cross-Site Request Forgery / Arbitrary Command Execution
Alstrasoft Video Share Enterprise 4.x - MyajaxPHP.php Remote File Inclusion
Alstrasoft Video Share Enterprise 4.x - 'MyajaxPHP.php' Remote File Inclusion
Alstrasoft Affiliate Network Pro 8.0 - merchants/index.php Multiple Parameter Cross-Site Scripting
Alstrasoft Affiliate Network Pro 8.0 - merchants/temp.php rowid Parameter Cross-Site Scripting
Alstrasoft Affiliate Network Pro 8.0 - merchants/index.php uploadProducts Action pgmid Parameter SQL Injection
Alstrasoft Affiliate Network Pro 8.0 - 'index.php' Cross-Site Scripting
Alstrasoft Affiliate Network Pro 8.0 - 'temp.php' Cross-Site Scripting
Alstrasoft Affiliate Network Pro 8.0 - 'pgmid' Parameter SQL Injection
PHPX 3.5.15/3.5.16 - print.php news_id Parameter SQL Injection
PHPX 3.5.15/3.5.16 - forums.php Multiple Parameter SQL Injection
PHPX 3.5.15/3.5.16 - users.php user_id Parameter SQL Injection
PHPX 3.5.15/3.5.16 - news.php Multiple Parameter SQL Injection
PHPX 3.5.15/3.5.16 - gallery.php Multiple Parameter SQL Injection
PHPX 3.5.15/3.5.16 - 'print.php' SQL Injection
PHPX 3.5.15/3.5.16 - 'forums.php' SQL Injection
PHPX 3.5.15/3.5.16 - 'users.php' SQL Injection
PHPX 3.5.15/3.5.16 - 'news.php' SQL Injection
PHPX 3.5.15/3.5.16 - 'gallery.php' SQL Injection
XRms 1.99.2 - activities/some.php title Parameter Cross-Site Scripting
XRms 1.99.2 - companies/some.php company_name Parameter Cross-Site Scripting
XRms 1.99.2 - contacts/some.php last_name Parameter Cross-Site Scripting
XRms 1.99.2 - campaigns/some.php campaign_title Parameter Cross-Site Scripting
XRms 1.99.2 - opportunities/some.php opportunity_title Parameter Cross-Site Scripting
XRms 1.99.2 - cases/some.php case_title Parameter Cross-Site Scripting
XRms 1.99.2 - files/some.php file_id Parameter Cross-Site Scripting
XRms 1.99.2 - reports/custom/mileage.php starting Parameter Cross-Site Scripting
XRms 1.99.2 - 'title' Parameter Cross-Site Scripting
XRms 1.99.2 - 'company_name' Parameter Cross-Site Scripting
XRms 1.99.2 - 'last_name' Parameter Cross-Site Scripting
XRms 1.99.2 - 'campaign_title' Parameter Cross-Site Scripting
XRms 1.99.2 - 'opportunity_title' Parameter Cross-Site Scripting
XRms 1.99.2 - 'case_title' Parameter Cross-Site Scripting
XRms 1.99.2 - 'file_id' Parameter Cross-Site Scripting
XRms 1.99.2 - 'starting' Parameter Cross-Site Scripting
Pligg 1.0.4 - 'install1.php' Cross-Site Scripting
Joomla! Component DT Register - 'cat' SQL Injection
Joomla! Component DT Register - 'cat' Parameter SQL Injection
|
2016-12-15 13:07:17 +00:00 |
|
Offensive Security
|
eddddf7aa8
|
DB: 2016-12-15
5 new exploits
Microsoft Internet Explorer 9 IEFRAME - CSelectionInteractButtonBehavior::_UpdateButtonLocation Use-After-Free (MS13-047)
Microsoft Internet Explorer 9 - IEFRAME CSelectionInteractButtonBehavior::_UpdateButtonLocation Use-After-Free (MS13-047)
Poppler 0.10.3 - Multiple Denial of Service Vulnerabilities
Poppler 0.10.3 - Denial of Service
Samsung Devices KNOX Extensions - OTP Service Heap Overflow
Serva 3.0.0 HTTP Server - Denial of Service
Serva 3.0.0 - HTTP Server Denial of Service
TP-LINK TD-W8151N - Denial of Service
Samsung Devices KNOX Extensions - OTP TrustZone Trustlet Stack Buffer Overflow
CMailServer 5.4.6 - 'CMailCOM.dll' Remote Overwrite (SEH)
Youngzsoft CMailServer 5.4.6 - 'CMailCOM.dll' Remote Overwrite (SEH)
Trixbox - (langChoice) Local File Inclusion (connect-back) (2)
Trixbox 2.6.1 - (langChoice) Remote Code Execution (Python)
Fonality trixbox - 'langChoice' Parameter Local File Inclusion (connect-back) (2)
Fonality trixbox 2.6.1 - 'langChoice' Parameter Remote Code Execution (Python)
Youngzsoft 3.30/4.0 CMailServer - Buffer Overflow (1)
Youngzsoft 3.30/4.0 CMailServer - Buffer Overflow (2)
Youngzsoft CMailServer 3.30/4.0 - Buffer Overflow (1)
Youngzsoft CMailServer 3.30/4.0 - Buffer Overflow (2)
Joomla! Component 'com_contenthistory' - SQL Injection / Remote Code Execution (Metasploit)
Joomla! 3.4.4 Component Content History - SQL Injection / Remote Code Execution (Metasploit)
McAfee Virus Scan Enterprise for Linux - Remote Code Execution
BrewBlogger 1.3.1 - (printLog.php) SQL Injection
BrewBlogger 1.3.1 - 'printLog.php' SQL Injection
ContentNow 1.30 - (Local File Inclusion / Arbitrary File Upload / Delete) Multiple Vulnerabilities
ContentNow 1.30 - Local File Inclusion / Arbitrary File Upload/Delete
ContentNow 1.30 - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities
ContentNow 1.30 - Arbitrary File Upload / Cross-Site Scripting
ContentNow 1.39 - (pageid) SQL Injection
ContentNow 1.39 - 'pageid' Parameter SQL Injection
Maian Recipe 1.0 - (path_to_folder) Remote File Inclusion
Maian Recipe 1.0 - 'path_to_folder' Parameter Remote File Inclusion
Sisplet CMS 05.10 - (site_path) Remote File Inclusion
Sisplet CMS 05.10 - 'site_path' Parameter Remote File Inclusion
Sisplet CMS - 'index.php id' 2008-01-24 SQL Injection
VanGogh Web CMS 0.9 - (article_ID) SQL Injection
Sisplet CMS 2008-01-24 - 'id' Parameter SQL Injection
VanGogh Web CMS 0.9 - 'article_ID' Parameter SQL Injection
Efestech Shop 2.0 - 'cat_id' SQL Injection
plx Ad Trader 3.2 - (adid) SQL Injection
Joomla! Component versioning 1.0.2 - 'id' SQL Injection
Joomla! Component mygallery - 'cid' SQL Injection
XchangeBoard 1.70 - (boardID) SQL Injection
CMS little 0.0.1 - (index.php template) Local File Inclusion
Joomla! Component com_brightweblinks - 'catid' SQL Injection
Efestech Shop 2.0 - 'cat_id' Parameter SQL Injection
plx Ad Trader 3.2 - 'adid' Parameter SQL Injection
Joomla! Component versioning 1.0.2 - 'id' Parameter SQL Injection
Joomla! Component mygallery - 'cid' Parameter SQL Injection
XchangeBoard 1.70 - 'boardID' Parameter SQL Injection
CMS little 0.0.1 - 'template' Parameter Local File Inclusion
Joomla! Component Brightcode Weblinks - 'catid' Parameter SQL Injection
phPortal 1.2 - Multiple Remote File Inclusions
PHPortal 1.2 - Multiple Remote File Inclusions
phpWebNews 0.2 MySQL Edition - (id_kat) SQL Injection
phpWebNews 0.2 MySQL Edition - (det) SQL Injection
pHNews CMS - Multiple Local File Inclusion
PHPwebnews 0.2 MySQL Edition - 'id_kat' Parameter SQL Injection
PHPwebnews 0.2 MySQL Edition - 'det' Parameter SQL Injection
pHNews CMS Alpha 1 - Local File Inclusion
Kasseler CMS 1.3.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Kasseler CMS 1.3.0 - Local File Inclusion / Cross-Site Scripting
XPOZE Pro 3.06 - 'uid' SQL Injection
ContentNow 1.4.1 - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities
SmartPPC Pay Per Click Script - '&idDirectory=' Blind SQL Injection (1)
XPOZE Pro 3.06 - 'uid' Parameter SQL Injection
ContentNow 1.4.1 - Arbitrary File Upload / Cross-Site Scripting
SmartPPC Pay Per Click Script - 'idDirectory' Blind SQL Injection (1)
Fuzzylime CMS 3.01a - (file) Local File Inclusion
Triton CMS Pro - (x-forwarded-for) Blind SQL Injection
Neutrino 0.8.4 Atomic Edition - Remote Code Execution
SmartPPC Pay Per Click Script - '&idDirectory=' Blind SQL Injection (2)
Fuzzylime CMS 3.01a - 'file' Parameter Local File Inclusion
Triton CMS Pro 1.06 - 'x-forwarded-for' Blind SQL Injection
QNX Neutrino 0.8.4 Atomic Edition - Remote Code Execution
SmartPPC Pay Per Click Script - 'idDirectory' Blind SQL Injection (2)
Joomla! Component com_content 1.0.0 - 'itemID' SQL Injection
Joomla! Component Content 1.0.0 - 'itemID' Parameter SQL Injection
BoonEx Ray 3.5 - (sIncPath) Remote File Inclusion
BoonEx Ray 3.5 - 'sIncPath' Parameter Remote File Inclusion
DreamPics Builder - (page) SQL Injection
DreamNews Manager - 'id' SQL Injection
gapicms 9.0.2 - (dirDepth) Remote File Inclusion
phpDatingClub - 'website.php' Local File Inclusion
DreamPics Builder - 'page' Parameter SQL Injection
DreamNews Manager - 'id' Parameter SQL Injection
gapicms 9.0.2 - 'dirDepth' Parameter Remote File Inclusion
phpDatingClub 3.7 - 'website.php' Local File Inclusion
Million Pixels 3 - (id_cat) SQL Injection
Million Pixels 3 - 'id_cat' Parameter SQL Injection
Fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution (PHP)
Fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution (Perl)
Fuzzylime CMS 3.01 - 'poll' Parameter Remote Code Execution (PHP)
Fuzzylime CMS 3.01 - 'poll' Parameter Remote Code Execution (Perl)
WebCMS Portal Edition - 'id' SQL Injection
jsite 1.0 oe - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities
Avlc Forum - 'vlc_forum.php id' SQL Injection
Fuzzylime CMS 3.01 - (commrss.php) Remote Code Execution
WebCMS Portal Edition - 'id' Parameter SQL Injection
jsite 1.0 oe - SQL Injection / Local File Inclusion
Avlc Forum - 'vlc_forum.php' SQL Injection
Fuzzylime CMS 3.01 - 'commrss.php' Remote Code Execution
Ultrastats 0.2.142 - (players-detail.php) Blind SQL Injection
Ultrastats 0.2.142 - 'players-detail.php' Blind SQL Injection
CodeDB - 'list.php lang' Local File Inclusion
CodeDB 1.1.1 - 'list.php' Local File Inclusion
Pluck 4.5.1 - (blogpost) Local File Inclusion (win only)
Pluck CMS 4.5.1 - 'blogpost' Parameter Local File Inclusion (win only)
Pragyan CMS 2.6.2 - (sourceFolder) Remote File Inclusion
Comdev Web Blogger 4.1.3 - (arcmonth) SQL Injection
Pragyan CMS 2.6.2 - 'sourceFolder' Parameter Remote File Inclusion
Comdev Web Blogger 4.1.3 - 'arcmonth' Parameter SQL Injection
phpWebNews 0.2 MySQL Edition - (SQL) Insecure Cookie Handling
PHPwebnews 0.2 MySQL Edition - (SQL) Insecure Cookie Handling
WebCMS Portal Edition - 'index.php id' Blind SQL Injection
WebCMS Portal Edition - 'id' Parameter Blind SQL Injection
Pluck 4.5.3 - (update.php) Remote File Corruption Exploit
Pluck CMS 4.5.3 - 'update.php' Remote File Corruption Exploit
Ultrastats 0.2.144/0.3.11 - (index.php serverid) SQL Injection
Ultrastats 0.2.144/0.3.11 - 'serverid' Parameter SQL Injection
Pluck CMS 4.5.3 - (g_pcltar_lib_dir) Local File Inclusion
Pluck CMS 4.5.3 - 'g_pcltar_lib_dir' Parameter Local File Inclusion
Fuzzylime CMS 3.03 - (track.php p) Local File Inclusion
Fuzzylime CMS 3.03 - 'track.php' Local File Inclusion
CMS little 0.0.1 - (index.php term) SQL Injection
CMS little 0.0.1 - 'term' Parameter SQL Injection
SHOP-INET 4 - 'show_cat2.php grid' SQL Injection
SHOP-INET 4 - 'grid' Parameter SQL Injection
Pluck CMS 4.6.1 - (module_pages_site.php post) Local File Inclusion
Pluck CMS 4.6.1 - 'module_pages_site.php' Local File Inclusion
Joomla! Component Maian Music 1.2.1 - (category) SQL Injection
Joomla! Component Maian Music 1.2.1 - 'category' Parameter SQL Injection
Pluck 4.6.2 - (langpref) Local File Inclusion
Pluck CMS 4.6.2 - 'langpref' Parameter Local File Inclusion
phportal 1.0 - Insecure Cookie Handling
PHPortal 1.0 - Insecure Cookie Handling
Kasseler CMS - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities
Kasseler CMS - File Disclosure / Cross-Site Scripting
DreamPics Builder - (exhibition_id) SQL Injection
DreamPics Builder - 'exhibition_id' Parameter SQL Injection
Trixbox 2.2.4 - PhonecDirectory.php SQL Injection
Fonality trixbox 2.2.4 - 'PhonecDirectory.php' SQL Injection
Kasseler CMS 1.4.x lite - (Module Jokes) SQL Injection
Kasseler CMS 1.4.x lite Module Jokes - SQL Injection
PHPortal_1.2 - (gunaysoft.php) Remote File Inclusion
PHPortal 1.2 - 'gunaysoft.php' Remote File Inclusion
Trixbox CE 2.6.1 - langChoice PHP Local File Inclusion (Metasploit)
Fonality trixbox CE 2.6.1 - 'langChoice' Parameter Local File Inclusion (Metasploit)
maian weblog 4.0 - Blind SQL Injection
Maian Weblog 4.0 - Blind SQL Injection
brewblogger 2.3.2 - Multiple Vulnerabilities
BrewBlogger 2.3.2 - Multiple Vulnerabilities
Maian Weblog 2.0 - print.php Multiple Parameter SQL Injection
Maian Weblog 2.0 - mail.php Multiple Parameter SQL Injection
Maian Weblog 2.0 - 'print.php' SQL Injection
Maian Weblog 2.0 - 'mail.php' SQL Injection
PHPwebnews 0.1 - iklan.php m_txt Parameter Cross-Site Scripting
PHPwebnews 0.1 - 'index.php' m_txt Parameter Cross-Site Scripting
PHPwebnews 0.1 - bukutamu.php m_txt Parameter Cross-Site Scripting
PHPwebnews 0.1 - 'iklan.php' Cross-Site Scripting
PHPwebnews 0.1 - 'index.php' Cross-Site Scripting
PHPwebnews 0.1 - 'bukutamu.php' Cross-Site Scripting
Joomla! Component com_content 1.5 RC3 - 'index.php' view Parameter SQL Injection
Joomla! Component Content 1.5 RC3 - 'view' Parameter SQL Injection
Trixbox 2.4.2 - user/index.php Query String Cross-Site Scripting
Trixbox 2.4.2 - maint/index.php Query String Cross-Site Scripting
Fonality trixbox 2.4.2 - Cross-Site Scripting
Pluck 4.5.2 - Multiple Cross-Site Scripting Vulnerabilities
Pluck CMS 4.5.2 - Multiple Cross-Site Scripting Vulnerabilities
Trixbox - SQL Injection
Fonality trixbox - SQL Injection
Trixbox - 'endpoint_aastra.php mac Parameter' Remote Code Injection
Fonality trixbox - 'mac' Parameter Remote Code Injection
THELIA 1.4.2.1 - Multiple Cross-Site Scripting Vulnerabilities
Pluck 4.6.3 - 'cont1' Parameter HTML Injection
Pluck CMS 4.6.3 - 'cont1' Parameter HTML Injection
Pluck 4.7 - Multiple Local File Inclusion / File Disclosure Vulnerabilities
Pluck CMS 4.7 - Multiple Local File Inclusion / File Disclosure Vulnerabilities
Boonex Dolphin 6.1 - 'xml/get_list.php' SQL Injection
Boonex Dolphin 6.1 - 'get_list.php' SQL Injection
Joomla! Component 'com_content' - 'year' Parameter SQL Injection
Joomla! Component Content - 'year' Parameter SQL Injection
Pluck 4.7 - Directory Traversal
Pluck CMS 4.7 - Directory Traversal
SenseSites CommonSense CMS - cat2.php id Parameter SQL Injection
SenseSites CommonSense CMS - 'id' Parameter SQL Injection
Fonality trixbox - /maint/modules/endpointcfg/endpoint_generic.php mac Parameter SQL Injection
Fonality trixbox - /maint/modules/home/index.php lang Parameter Directory Traversal
Fonality trixbox - '/maint/modules/asterisk_info/asterisk_info.php' lang Parameter Directory Traversal
Fonality trixbox - /maint/modules/repo/repo.php lang Parameter Directory Traversal
Fonality trixbox - '/maint/modules/endpointcfg/endpointcfg.php' lang Directory Traversal
Fonality trixbox - /var/www/html/maint/modules/home/index.php lang Parameter Remote Code Execution
Fonality trixbox - 'endpoint_generic.php' SQL Injection
Fonality trixbox - 'index.php' Directory Traversal
Fonality trixbox - 'asterisk_info.php' Directory Traversal
Fonality trixbox - 'repo.php' Directory Traversal
Fonality trixbox - 'endpointcfg.php' Directory Traversal
Fonality trixbox - 'index.php' Remote Code Execution
Joomla! Component DT Register - 'cat' SQL Injection
|
2016-12-15 05:01:19 +00:00 |
|
Offensive Security
|
fb1dd3709f
|
DB: 2016-12-08
12 new exploits
vsftpd 2.0.5 - (CWD) Authenticated Remote Memory Consumption Exploit
vsftpd 2.0.5 - 'CWD' Authenticated Remote Memory Consumption
XChat - Heap Overflow Denial of Service
XChat 2.8.9 - Heap Overflow Denial of Service
Adobe Photoshop CC & Bridge CC - '.png' File Parsing Memory Corruption (1)
Adobe Photoshop CC / Bridge CC - '.png' File Parsing Memory Corruption (1)
glibc - getaddrinfo Stack Based Buffer Overflow (1)
glibc - 'getaddrinfo' Stack Based Buffer Overflow (PoC)
Microsoft Edge - JSON.parse Info Leak
Android - IOMXNodeInstance::enableNativeBuffers Unchecked Index
Microsoft Edge - CMarkup::EnsureDeleteCFState Use-After-Free (MS15-125)
Microsoft Internet Explorer 9 - CDoc::ExecuteScriptUri Use-After-Free (MS13-009)
Microsoft Edge - CBaseScriptable::PrivateQueryInterface Memory Corruption (MS16-068)
Windows 10 x86/x64 WLAN AutoConfig - Denial of Service (POC)
Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Privilege Escalation (1)
Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Privilege Escalation
Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation (2)
Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation
Microsoft PowerShell - XML External Entity Injection
XChat 2.8.7b - (URI Handler) Remote Code Execution (Internet Explorer 6/7'
XChat 2.8.7b - 'URI Handler' Remote Code Execution (Internet Explorer 6/7)
Android - Inter-Process munmap with User-Controlled Size in android.graphics.Bitmap
glibc - getaddrinfo Stack Based Buffer Overflow (2)
glibc - 'getaddrinfo' Stack Based Buffer Overflow
Microsoft Internet Explorer jscript9 - JavaScriptStackWalker Memory Corruption (MS15-056)
Linux/x86 - Netcat (-e option disabled) Reverse Shell Shellcode (180 bytes)
Gravity Board X 1.1 - (csscontent) Remote Code Execution
Gravity Board X 1.1 - 'csscontent' Parameter Remote Code Execution
Mambo Component 'com_extcalendar' 2.0 - Remote File Inclusion
Mambo Component ExtCalendar 2.0 - Remote File Inclusion
Mambo Component com_babackup 1.1 - File Inclusion
Mambo Component bigAPE-Backup 1.1 - File Inclusion
E-Smart Cart 1.0 - 'Product_ID' SQL Injection
E-Smart Cart 1.0 - 'Product_ID' Parameter SQL Injection
Joomla! / Mambo Component 'com_swmenupro' 4.0 - Remote File Inclusion
Joomla! / Mambo Component SWmenu 4.0 - Remote File Inclusion
Joomla! / Mambo Component 'com_thopper' 1.1 - Remote File Inclusion
Joomla! / Mambo Component Taskhopper 1.1 - Remote File Inclusion
Joomla! / Mambo Component 'com_articles' 1.1 - Remote File Inclusion
Joomla! / Mambo Component New Article 1.1 - Remote File Inclusion
Cartweaver - 'Details.cfm ProdID' SQL Injection
Cartweaver 2.16.11 - 'ProdID' Parameter SQL Injection
Joomla! / Mambo Component 'com_rsgallery' 2.0b5 - 'catid' SQL Injection
Joomla! / Mambo Component rsgallery 2.0b5 - 'catid' Parameter SQL Injection
xeCMS 1.x - (view.php list) Remote File Disclosure
xeCMS 1.x - 'view.php' Remote File Disclosure
Mambo Component 'com_portfolio' 1.0 - 'categoryId' SQL Injection
Mambo Component Portfolio Manager 1.0 - 'categoryId' Parameter SQL Injection
Easy-Clanpage 2.2 - 'id' SQL Injection
Easy-Clanpage 2.2 - 'id' Parameter SQL Injection
JAMM CMS - 'id' Blind SQL Injection
Gravity Board X 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
JAMM CMS - 'id' Parameter Blind SQL Injection
Gravity Board X 2.0 Beta - SQL Injection / Cross-Site Scripting
GLLCTS2 <= 4.2.4 - (login.php detail) SQL Injection
Butterfly ORGanizer 2.0.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
GLLCTS2 <= 4.2.4 - 'detail' Parameter SQL Injection
Butterfly ORGanizer 2.0.0 - SQL Injection / Cross-Site Scripting
Mambo Component 'com_galleries' 1.0 - 'aid' Parameter SQL Injection
Mambo Component Galleries 1.0 - 'aid' Parameter SQL Injection
Easy-Clanpage 3.0b1 - (section) Local File Inclusion
WebChamado 1.1 - (tsk_id) SQL Injection
Pre News Manager 1.0 - (index.php id) SQL Injection
Pre Ads Portal 2.0 - SQL Injection
Easy-Clanpage 3.0b1 - 'section' Parameter Local File Inclusion
WebChamado 1.1 - 'tsk_id' Parameter SQL Injection
Pre News Manager 1.0 - 'id' Parameter SQL Injection
Pre ADS Portal 2.0 - SQL Injection
GLLCTS2 - 'listing.php sort' Blind SQL Injection
GLLCTS2 - 'sort' Parameter Blind SQL Injection
Contenido 4.8.4 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Contenido 4.8.4 - Remote File Inclusion / Cross-Site Scripting
PHPMyCart - 'shop.php cat' SQL Injection
SHOUTcast Admin Panel 2.0 - (page) Local File Inclusion
Cartweaver 3 - (prodId) Blind SQL Injection
DIY - (index_topic did) Blind SQL Injection
PHPMyCart 1.3 - 'cat' Parameter SQL Injection
SHOUTcast Admin Panel 2.0 - 'page' Parameter Local File Inclusion
Cartweaver 3 - 'prodId' Parameter Blind SQL Injection
DIY - 'did' Parameter Blind SQL Injection
ezcms 1.2 - (Blind SQL Injection / Authentication Bypass) Multiple Vulnerabilities
PHPEasyNews 1.13 RC2 - (POST) SQL Injection
ezcms 1.2 - Blind SQL Injection / Authentication Bypass
PHPEasyNews 1.13 RC2 - 'POST' Parameter SQL Injection
Devalcms 1.4a - (currentfile) Local File Inclusion
Devalcms 1.4a - 'currentfile' Parameter Local File Inclusion
IPTBB 0.5.6 - (index.php act) Local File Inclusion
IPTBB 0.5.6 - 'act' Parameter Local File Inclusion
Mambo Component 'articles' - 'artid' Parameter Blind SQL Injection
Mambo Component Articles - 'artid' Parameter Blind SQL Injection
Mambo Component 'com_n-gallery' - Multiple SQL Injections
Mambo Component N-Gallery - Multiple SQL Injections
devalcms 1.4a - Cross-Site Scripting / Remote Code Execution
Devalcms 1.4a - Cross-Site Scripting / Remote Code Execution
PHP JOBWEBSITE PRO - (Authentication Bypass) SQL Injection
PHP JOBWEBSITE PRO - Authentication Bypass
Pre ADS Portal 2.0 - (Authentication Bypass / Cross-Site Scripting) Multiple Vulnerabilities
Pre ADS Portal 2.0 - Authentication Bypass / Cross-Site Scripting
Mambo Component 'com_n-forms' - 'form_id' Parameter Blind SQL Injection
Mambo Component n-form - 'form_id' Parameter Blind SQL Injection
Pre Job Board - (Authentication Bypass) SQL Injection
Pre Job Board - Authentication Bypass
Butterfly ORGanizer 2.0.1 - (view.php id) SQL Injection
Butterfly ORGanizer 2.0.1 - 'id' Parameter SQL Injection
facil-cms 0.1rc2 - Multiple Vulnerabilities
Facil-CMS 0.1RC2 - Multiple Vulnerabilities
Family Connections CMS 1.9 - (member) SQL Injection
Family Connections CMS 1.9 - SQL Injection
Mambo Component 'com_hestar' - SQL Injection
Mambo Component Hestar - SQL Injection
Joomla! / Mambo Component 'com_tupinambis' - SQL Injection
Joomla! / Mambo Component Tupinambis - SQL Injection
Joomla! / Mambo Component 'com_ezine' 2.1 - Remote File Inclusion
Joomla! / Mambo Component D4J eZine 2.1 - Remote File Inclusion
Mambo Component 'com_materialsuche' 1.0 - SQL Injection
Mambo Component Material Suche 1.0 - SQL Injection
Pre ADS Portal - 'cid' SQL Injection
Pre ADS Portal - 'cid' Parameter SQL Injection
Pre News Manager - (nid) SQL Injection
Pre News Manager - 'nid' Parameter SQL Injection
Mambo Component 'com_akogallery' - SQL Injection
Mambo Component AkoGallery - SQL Injection
Mambo Component 'com_mambads' - SQL Injection
Mambo Component MambAds - SQL Injection
Facil-CMS - (Local File Inclusion / Remote File Inclusion)
Facil-CMS 0.1RC2 - Local / Remote File Inclusion
AskMe Pro 2.1 - (que_id) SQL Injection
Alstrasoft AskMe Pro 2.1 - 'que_id' Parameter SQL Injection
Pre Job Board Pro - SQL Injection Authentication Bypass
Pre Job Board Pro - Authentication Bypass
DiY-CMS 1.0 - Multiple Remote File Inclusion
DIY-CMS 1.0 - Multiple Remote File Inclusion
Alstrasoft AskMe Pro 2.1 - (forum_answer.php?que_id) SQL Injection
Alstrasoft AskMe Pro 2.1 - (profile.php?id) SQL Injection
Alstrasoft AskMe Pro 2.1 - 'profile.php' SQL Injection
Pre Ads Portal - SQL Bypass
Pre ADS Portal - Authentication Bypass
Family Connections CMS 2.3.2 - (POST) Persistent Cross-Site Scripting / XML Injection
Family Connections CMS 2.3.2 - Persistent Cross-Site Scripting / XML Injection
Family Connections CMS 2.5.0 / 2.7.1 - (less.php) Remote Command Execution
Family Connections CMS 2.5.0 / 2.7.1 - 'less.php' Remote Command Execution
Family Connections CMS - 'less.php' Remote Command Execution (Metasploit)
Family Connections CMS 2.7.1 - 'less.php' Remote Command Execution (Metasploit)
Gravity Board X 1.1 - DeleteThread.php Cross-Site Scripting
Clever Copy 3.0 - Connect.INC Information Disclosure
Clever Copy 3.0 - 'Connect.INC' Information Disclosure
Cartweaver 2.16.11 - Results.cfm category Parameter SQL Injection
Cartweaver 2.16.11 - Details.cfm ProdID Parameter SQL Injection
Cartweaver 2.16.11 - 'Results.cfm' SQL Injection
Mambo Component 'lmtg_myhomepage' 1.2 - Multiple Remote File Inclusion
Mambo Component 'com_rssxt' 1.0 - 'MosConfig_absolute_path' Parameter Multiple Remote File Inclusion
Mambo Component LMTG Myhomepage 1.2 - Multiple Remote File Inclusion
Mambo Component Rssxt 1.0 - 'MosConfig_absolute_path' Parameter Multiple Remote File Inclusion
Mambo Component 'com_admin-copy_module' - 'MosConfig_absolute_path' Parameter Remote File Inclusion
Mambo Component Display MOSBot Manager - 'MosConfig_absolute_path' Parameter Remote File Inclusion
Joomla! / Mambo Component 'com_comprofiler' 1.0 - 'class.php' Remote File Inclusion
Joomla! / Mambo Component Comprofiler 1.0 - 'class.php' Remote File Inclusion
Joomla! / Mambo Component 'com_sg' - 'pid' Parameter SQL Injection
Joomla! / Mambo Component com_sg - 'pid' Parameter SQL Injection
Joomla! / Mambo Component 'com_salesrep' - 'rid' Parameter SQL Injection
Joomla! / Mambo Component com_salesrep - 'rid' Parameter SQL Injection
Joomla! / Mambo Component 'com_filebase' - 'filecatid' Parameter SQL Injection
Joomla! / Mambo Component 'com_scheduling' - 'id' Parameter SQL Injection
Joomla! / Mambo Component Filebase - 'filecatid' Parameter SQL Injection
Joomla! / Mambo Component com_scheduling - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_profile' - 'oid' Parameter SQL Injection
Joomla! / Mambo Component com_profile - 'oid' Parameter SQL Injection
Joomla! / Mambo Component 'com_datsogallery' 1.3.1 - 'id' Parameter SQL Injection
Joomla! / Mambo Component Datsogallery 1.3.1 - 'id' Parameter SQL Injection
PHP JOBWEBSITE PRO - siteadmin/forgot.php adname Parameter SQL Injection
PHP JOBWEBSITE PRO - siteadmin/forgot.php Multiple Parameter Cross-Site Scripting
PHP JOBWEBSITE PRO - 'adname' Parameter SQL Injection
PHP JOBWEBSITE PRO - 'forgot.php' Cross-Site Scripting
Joomla! / Mambo Component 'com_gigcal' 1.0 - 'banddetails.php' SQL Injection
Joomla! / Mambo Component gigCalendar 1.0 - 'banddetails.php' SQL Injection
Conkurent PHPMyCart 1.3 - Cross-Site Scripting / Authentication Bypass
PHPMyCart 1.3 - Cross-Site Scripting / Authentication Bypass
Mambo Component 'com_docman' 1.3.0 - Multiple SQL Injection
Mambo Component Docman 1.3.0 - Multiple SQL Injection
Mambo Component 'com_n-skyrslur' - Cross-Site Scripting
Mambo Component N-Skyrslur - Cross-Site Scripting
Mambo Component 'com_n-gallery' - SQL Injection
Mambo Component N-Gallery - SQL Injection
Mambo Component 'com_n-press' - SQL Injection
Mambo Component N-Press - SQL Injection
Mambo Component 'com_n-frettir' - SQL Injection
Mambo Component 'com_n-myndir' - SQL Injection
Mambo Component N-Frettir - SQL Injection
Mambo Component N-Myndir - SQL Injection
AbanteCart - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
Edge SkateShop - Authentication bypass
AbanteCart 1.2.7 - Cross-Site Scripting
|
2016-12-08 05:01:21 +00:00 |
|
Offensive Security
|
1f59ca27c2
|
DB: 2016-11-03
15 new exploits
Joomla! Component PBBooking 1.0.4_3 - Multiple Blind SQL Injection
Joomla! Component 'com_pbbooking' 1.0.4_3 - Multiple Blind SQL Injection
Joomla! Component SimpleShop (com_SimpleShop) - SQL Injection
Joomla! Component 'com_SimpleShop' - SQL Injection
Joomla! Component Spielothek 1.6.9 - Multiple Blind SQL Injection
Joomla! Component 'com_spielothek' 1.6.9 - Multiple Blind SQL Injection
Joomla! Component CamelcityDB 2.2 - SQL Injection
Joomla! Component 'com_camelcitydb2' 2.2 - SQL Injection
Joomla! Component cgtestimonial 2.2 - Multiple Vulnerabilities
Joomla! Component 'com_cgtestimonial' 2.2 - Multiple Vulnerabilities
Joomla! Component com_neorecruit 1.4 - SQL Injection
Joomla! Component 'com_neorecruit' 1.4 - SQL Injection
Joomla! Component Teams - Multiple Blind SQL Injection
Joomla! Component 'com_teams' - Multiple Blind SQL Injection
Joomla! Component Yellowpages - SQL Injection
Joomla! Component 'com_yellowpages' - SQL Injection
Joomla! Component Amblog 1.0 - Multiple SQL Injections
Joomla! Component 'com_amblog' 1.0 - Multiple SQL Injections
Joomla! Component com_equipment - SQL Injection
Joomla! Component Jgrid 1.0 - Local File Inclusion
Joomla! Component OnGallery - SQL Injection
Joomla! Component 'com_equipment' - SQL Injection
Joomla! Component 'com_jgrid' 1.0 - Local File Inclusion
Joomla! Component 'com_ongallery' - SQL Injection
Joomla! Component com_Fabrik - SQL Injection
Joomla! Component com_extcalendar - Blind SQL Injection
Joomla! Component 'com_Fabrik' - SQL Injection
Joomla! Component 'com_extcalendar' - Blind SQL Injection
Joomla! Component com_zina - SQL Injection
Joomla! Component Biblioteca 1.0 Beta - Multiple SQL Injections
Joomla! Component 'com_zina' - SQL Injection
Joomla! Component 'com_biblioteca' 1.0 Beta - Multiple SQL Injections
Joomla! Component com_zoomportfolio - SQL Injection
Joomla! Component 'com_zoomportfolio' - SQL Injection
Joomla! Component com_remository - Arbitrary File Upload
Joomla! Component 'com_remository' - Arbitrary File Upload
Joomla! Component com_picsell - Local File Disclosure
Joomla! Component com_jefaqpro - Multiple Blind SQL Injection
Joomla! Component 'com_picsell' - Local File Disclosure
Joomla! Component 'com_jefaqpro' - Multiple Blind SQL Injection
Joomla! Component iJoomla! magazine 3.0.1 - Remote File Inclusion
Joomla! Component 'com_magazine' 3.0.1 - Remote File Inclusion
Joomla! Component Clantools 1.5 - Blind SQL Injection
Joomla! Component Clantools 1.2.3 - Multiple Blind SQL Injection
Joomla! Component 'com_clantools' 1.5 - Blind SQL Injection
Joomla! Component 'com_clantools' 1.2.3 - Multiple Blind SQL Injection
Joomla! Component Gantry Framework 3.0.10 - Blind SQL Injection
Joomla! Component 'com_gantry' 3.0.10 - Blind SQL Injection
Joomla! Component Aardvertiser 2.1 Free - Blind SQL Injection
Joomla! Component 'com_aardvertiser' 2.1 - Blind SQL Injection
Joomla! Component RSform! 1.0.5 - Multiple Vulnerabilities
Joomla! Component 'com_forme' 1.0.5 - Multiple Vulnerabilities
Joomla! Component com_jphone - Local File Inclusion
Joomla! Component 'com_jphone' - Local File Inclusion
Joomla! Component Mosets Tree 2.1.5 - Arbitrary File Upload
Joomla! Component 'com_mtree' 2.1.5 - Arbitrary File Upload
Joomla! Component com_jgen - SQL Injection
Joomla! Component 'com_jgen' - SQL Injection
Joomla! Component com_restaurantguide - Multiple Vulnerabilities
Joomla! Component 'com_restaurantguide' - Multiple Vulnerabilities
Joomla! Component com_elite_experts - SQL Injection
Joomla! Component 'com_elite_experts' - SQL Injection
Joomla! Component TimeTrack 1.2.4 - Multiple SQL Injection
Joomla! Component com_ezautos - SQL Injection
Joomla! Component 'com_timetrack' 1.2.4 - Multiple SQL Injection
Joomla! Component 'com_ezautos' - SQL Injection
Joomla! Component je Guestbook 1.0 - Multiple Vulnerabilities
Joomla! Component 'com_jeguestbook' 1.0 - Multiple Vulnerabilities
Joomla! Component JE Job - SQL Injection
Joomla! Component JE Directory - SQL Injection
Joomla! Component 'com_jejob' - SQL Injection
Joomla! Component 'com_jedirectory' - SQL Injection
Joomla! Component Community Builder Enhenced (CBE) - Local File Inclusion / Remote Code Execution
Joomla! Component 'com_cbe' - Local File Inclusion / Remote Code Execution
Joomla! Component js Calendar 1.5.1 Joomla! - Multiple Vulnerabilities
Joomla! Component 'com_jscalendar' 1.5.1 - Multiple Vulnerabilities
Joomla! Component JE Ajax Event Calendar (com_jeajaxeventcalendar) - SQL Injection
Joomla! Component 'com_jeajaxeventcalendar' - SQL Injection
Joomla! Component com_jfuploader < 2.12 - Arbitrary File Upload
Joomla! Component 'com_jfuploader' < 2.12 - Arbitrary File Upload
Joomla! Component Flip Wall (com_flipwall) - SQL Injection
Joomla! Component Sponsor Wall (com_sponsorwall) - SQL Injection
Joomla! Component 'com_flipwall' - SQL Injection
Joomla! Component 'com_sponsorwall' - SQL Injection
sweetrice CMS 0.6.7 - Multiple Vulnerabilities
SweetRice 0.6.7 - Multiple Vulnerabilities
Joomla! Component ccInvoices (com_ccinvoices) - SQL Injection
Joomla! Component 'com_ccinvoices' - SQL Injection
Joomla! Component com_connect - Local File Inclusion
Joomla! Component DCNews com_dcnews - Local File Inclusion
Joomla! Component 'com_connect' - Local File Inclusion
Joomla! Component 'com_dcnews' - Local File Inclusion
Joomla! Component com_ckforms - Local File Inclusion
Joomla! Component com_clan - SQL Injection
Joomla! Component 'com_ckforms' - Local File Inclusion
Joomla! Component 'com_clan' - SQL Injection
Joomla! Component com_clanlist - SQL Injection
Joomla! Component 'com_clanlist' - SQL Injection
Joomla! Component ProDesk 1.5 - Local File Inclusion
Joomla! Component 'com_pro_desk' 1.5 - Local File Inclusion
Joomla! Component JQuarks4s 1.0.0 - Blind SQL Injection
Joomla! Component 'com_jquarks4s' 1.0.0 - Blind SQL Injection
Joomla! Component btg_oglas - HTML / Cross-Site Scripting Injection
Joomla! Component com_markt - SQL Injection
Joomla! Component com_img - Local File Inclusion
Joomla! Component 'btg_oglas' - HTML / Cross-Site Scripting Injection
Joomla! Component 'com_markt' - SQL Injection
Joomla! Component 'com_img' - Local File Inclusion
Joomla! Component com_jsupport - Cross-Site Scripting
Joomla! Component com_jsupport - SQL Injection
Joomla! Component 'com_jsupport' - Cross-Site Scripting
Joomla! Component 'com_jsupport' - SQL Injection
Joomla! Component ccBoard 1.2-RC - Multiple Vulnerabilities
Joomla! Component 'com_ccboard' 1.2-RC - Multiple Vulnerabilities
Joomla! Component com_alfurqan15x - SQL Injection
Joomla! Component 'com_alfurqan15x' - SQL Injection
Joomla! Component Maian Media (com_maianmedia) - SQL Injection
Joomla! Component 'com_maianmedia' - SQL Injection
Joomla! Component Template Mosets Tree 2.1.6 - Overwrite Cross-Site Request Forgery
Joomla! Component 'com_mtree' 2.1.6 - Overwrite Cross-Site Request Forgery
Joomla! Component com_jimtawl - Local File Inclusion
Joomla! Component 'com_jimtawl' - Local File Inclusion
Joomla! Component JE Auto 1.0 - SQL Injection
Joomla! Component 'com_jeauto' 1.0 - SQL Injection
Joomla! Component Billy Portfolio 1.1.2 - Blind SQL Injection
Joomla! Component 'com_billyportfolio' 1.1.2 - Blind SQL Injection
Joomla! Component JRadio (com_jradio) - Local File Inclusion
Joomla! Component 'com_jradio' - Local File Inclusion
Joomla! Component JE Auto (com_jeauto) - Local File Inclusion
Joomla! Component 'com_jeauto' - Local File Inclusion
Joomla! Component Jotloader 2.2.1 - Local File Inclusion
Joomla! Component 'com_jotloader' 2.2.1 - Local File Inclusion
Joomla! Component com_xgallery 1.0 - Local File Inclusion
Joomla! Component 'com_xgallery' 1.0 - Local File Inclusion
Joomla! Component com_ponygallery - Remote File Inclusion
Joomla! Component com_adsmanager - Remote File Inclusion
Joomla! Component 'com_ponygallery' - Remote File Inclusion
Joomla! Component 'com_adsmanager' - Remote File Inclusion
Joomla! Component com_xmovie 1.0 - Local File Inclusion
Joomla! Component 'com_xmovie' 1.0 - Local File Inclusion
Joomla! Component com_idoblog - SQL Injection
Joomla! Component 'com_idoblog' - SQL Injection
Joomla! Plugin Captcha 4.5.1 - Local File Disclosure
Joomla! Plugin 'Captcha' 4.5.1 - Local File Disclosure
Joomla! Component People 1.0.0 - SQL Injection
Joomla! Component 'com_people' 1.0.0 - SQL Injection
Joomla! Component People 1.0.0 - Local File Inclusion
Joomla! Component 'com_people' 1.0.0 - Local File Inclusion
Joomla! Component allCineVid 1.0.0 - Blind SQL Injection
Joomla! Component 'com_allcinevid' 1.0.0 - Blind SQL Injection
Joomla! Component B2 Portfolio 1.0.0 - Multiple SQL Injections
Joomla! Component 'com_b2portfolio' 1.0.0 - Multiple SQL Injections
Joomla! Component XCloner (com_xcloner-backupandrestore) - Remote Command Execution
Joomla! Component 'com_xcloner-backupandrestore' - Remote Command Execution
Joomla! Component com_booklibrary - SQL Injection
Joomla! Component 'com_booklibrary' - SQL Injection
Joomla! Component com_virtuemart 1.1.7 - Blind SQL Injection
Joomla! Component 'com_virtuemart' 1.1.7 - Blind SQL Injection
Joomla! Component JCE (com_jce) - Blind SQL Injection
Joomla! Component 'com_jce' - Blind SQL Injection
Joomla! Component com_versioning - SQL Injection
Joomla! Component com_hello - SQL Injection
Joomla! Component 'com_versioning' - SQL Injection
Joomla! Component 'com_hello' - SQL Injection
Joomla! Component com_question - SQL Injection
Joomla! Component 'com_question' - SQL Injection
Joomla! Component 1.0 jDownloads - Arbitrary File Upload
Joomla! Component 1.0 'com_jdownloads' - Arbitrary File Upload
Joomla! Component com_jmsfileseller - Local File Inclusion
Joomla! Component 'com_jmsfileseller' - Local File Inclusion
Joomla! Component com_joomnik - SQL Injection
Joomla! Component 'com_joomnik' - SQL Injection
Joomla! Plugin Scriptegrator 1.5 - File Inclusion
Joomla! Component 'Scriptegrator' 1.5 - File Inclusion
Joomla! Component A Cool Debate 1.0.3 - Local File Inclusion
Joomla! Component com_team - SQL Injection
Joomla! Component 'com_acooldebate' 1.0.3 - Local File Inclusion
Joomla! Component 'com_team' - SQL Injection
Joomla! Component Calc Builder - 'id' Blind SQL Injection
Joomla! Component 'com_calcbuilder' - 'id' Parameter Blind SQL Injection
Joomla! Component JoomlaXi - Persistent Cross-Site Scripting
Joomla! Component 'JoomlaXi' - Persistent Cross-Site Scripting
Joomla! Component mdigg - SQL Injection
Joomla! Component 'mdigg' - SQL Injection
Joomla! Component Xmap 1.2.11 - Blind SQL Injection
Joomla! Component 'com_xmap' 1.2.11 - Blind SQL Injection
Joomla! Component SOBI2 2.9.3.2 - Blind SQL Injections
Joomla! Component 'com_sobi2' 2.9.3.2 - Blind SQL Injections
Joomla! Component Appointment Booking Pro - Local File Inclusion
Joomla! Component 'com_rsappt_pro2' - Local File Inclusion
Joomla! Component JE K2 Story Submit - Local File Inclusion
Joomla! Component 'com_jesubmit' - Local File Inclusion
Joomla! Component mod_spo - SQL Injection
Joomla! Component 'mod_spo' - SQL Injection
Joomla! Component com_virtuemart 1.5 / 1.1.7 - Blind Time-Based SQL Injection (Metasploit)
Joomla! Component 'com_virtuemart' 1.5 / 1.1.7 - Blind Time-Based SQL Injection (Metasploit)
Joomla! Component com_obSuggest - Local File Inclusion
Joomla! Component 'com_obSuggest' - Local File Inclusion
Joomla! Component com_jdirectory - SQL Injection
Joomla! Component 'com_jdirectory' - SQL Injection
Joomla! Component TNR Enhanced Joomla! Search - SQL Injection
Joomla! Component 'com_esearch' - SQL Injection
Joomla! Component JoomTouch - Local File Inclusion
Joomla! Component 'com_joomtouch' - Local File Inclusion
Joomla! Extension JCE 2.0.10 - Multiple Vulnerabilities
Joomla! Component 'com_jce' 2.0.10 - Multiple Vulnerabilities
Joomla! Component simple file lister module 1.0 - Directory Traversal
Joomla! Component 'mod_simpleFileLister' 1.0 - Directory Traversal
Joomla! Component YJ Contact us - Local File Inclusion
Joomla! Component 'com_yjcontactus' - Local File Inclusion
Joomla! Component Time Returns (com_timereturns) 2.0 - SQL Injection
Joomla! Component 'com_timereturns' 2.0 - SQL Injection
Joomla! Component Techfolio 1.0 - SQL Injection
Joomla! Component 'com_techfolio' 1.0 - SQL Injection
Joomla! Component JEEMA Sms 3.2 - Multiple Vulnerabilities
Joomla! Component Vik Real Estate 1.0 - Multiple Vulnerabilities
Joomla! Component 'com_jeemasms' 3.2 - Multiple Vulnerabilities
Joomla! Component 'com_vikrealestate' 1.0 - Multiple Vulnerabilities
Joomla! Component HM-Community com_hmcommunity - Multiple Vulnerabilities
Joomla! Component 'com_hmcommunity' - Multiple Vulnerabilities
Joomla! Component Alameda (com_alameda) 1.0 - SQL Injection
Joomla! Component 'com_alameda' 1.0 - SQL Injection
Joomla! Component Jobprofile (com_jobprofile) - SQL Injection
Joomla! Component 'com_jobprofile' - SQL Injection
Joomla! Component QContacts 1.0.6 - SQL Injection
Joomla! Component 'com_qcontacts' 1.0.6 - SQL Injection
Joomla! Component com_dshop - SQL Injection
Joomla! Component 'com_dshop' - SQL Injection
Joomla! Component Discussions (com_discussions) - SQL Injection
Joomla! Component 'com_discussions' - SQL Injection
Joomla! Component The Estate Agent (com_estateagent) - SQL Injection
Joomla! Component com_bearleague - SQL Injection
Joomla! Component 'com_estateagent' - SQL Injection
Joomla! Component 'com_bearleague' - SQL Injection
Joomla! Component com_ponygallery - SQL Injection
Joomla! Component 'com_ponygallery' - SQL Injection
Joomla! Component com_jigsaw - 'Controller' Parameter Directory Traversal
Joomla! Component 'com_jigsaw' - 'Controller' Parameter Directory Traversal
Joomla! Component com_weblinks - 'Itemid' Parameter SQL Injection
Joomla! Component 'com_weblinks' - 'Itemid' Parameter SQL Injection
Joomla! Component com_fireboard - 'Itemid' Parameter SQL Injection
Joomla! Component 'com_fireboard' - 'Itemid' Parameter SQL Injection
Joomla! Component com_dirfrm - Multiple SQL Injections
Joomla! Component 'com_dirfrm' - Multiple SQL Injections
Joomla! Component Spain - 'nv' Parameter SQL Injection
Joomla! Component 'com_spain' - 'nv' Parameter SQL Injection
Joomla! Component com_tax - 'eid' Parameter SQL Injection
Joomla! Component 'com_tax' - 'eid' Parameter SQL Injection
Joomla! Component Club Manager - 'cm_id' Parameter SQL Injection
Joomla! Component 'com_clubmanager' - 'cm_id' Parameter SQL Injection
Joomla! / Mambo Component com_trade - 'PID' Parameter Cross-Site Scripting
Joomla! / Mambo Component 'com_trade' - 'PID' Parameter Cross-Site Scripting
Joomla! Component com_jstore - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_jstore' - 'Controller' Parameter Local File Inclusion
Joomla! Component Catalogue - SQL Injection / Local File Inclusion
Joomla! Component 'com_catalogue' - SQL Injection / Local File Inclusion
Joomla! Component AutoArticles 3000 - 'id' Parameter SQL Injection
Joomla! Component 'com_a3000' - 'id' Parameter SQL Injection
Joomla! Component Store Directory - 'id' Parameter SQL Injection
Joomla! Component 'com_storedirectory' - 'id' Parameter SQL Injection
Joomla! Component Annuaire - 'id' Parameter SQL Injection
Joomla! Component 'com_annuaire' - 'id' Parameter SQL Injection
Joomla! Component Jeformcr - 'id' Parameter SQL Injection
Joomla! Component JExtensions Property Finder - 'sf_id' Parameter SQL Injection
Joomla! Component 'com_jeformcr' - 'id' Parameter SQL Injection
Joomla! Component 'com_jesectionfinder' - 'sf_id' Parameter SQL Injection
Joomla! Component com_mailto - Multiple Cross-Site Scripting Vulnerabilities
Joomla! Component Redirect 'com_redirect' 1.5.19 - Local File Inclusion
Joomla! Component 'com_mailto' - Multiple Cross-Site Scripting Vulnerabilities
Joomla! Component 'com_redirect' 1.5.19 - Local File Inclusion
Joomla! Component Classified - SQL Injection
Joomla! Component 'com_classified' - SQL Injection
Joomla! Component com_frontenduseraccess - Local File Inclusion
Joomla! Component 'com_frontenduseraccess' - Local File Inclusion
Joomla! Component VirtueMart eCommerce 1.1.6 - SQL Injection
Joomla! Component 'com_virtuemart' 1.1.6 - SQL Injection
Joomla! Component com_clan_members - 'id' Parameter SQL Injection
Joomla! Component 'com_clan_members' - 'id' Parameter SQL Injection
Joomla! Component com_phocadownload - Local File Inclusion
Joomla! Component 'com_phocadownload' - Local File Inclusion
Joomla! Component com_cbcontact - 'contact_id' Parameter SQL Injection
Joomla! Component 'com_cbcontact' - 'contact_id' Parameter SQL Injection
Joomla! Component com_maplocator - 'cid' Parameter SQL Injection
Joomla! Component 'com_maplocator' - 'cid' Parameter SQL Injection
Joomla! Component com_shop - SQL Injection
Joomla! Component 'com_shop' - SQL Injection
Joomla! Component Virtual Money 'com_virtualmoney' 1.5 - SQL Injection
Joomla! Component CCBoard - SQL Injection / Arbitrary File Upload
Joomla! Component 'com_virtualmoney' 1.5 - SQL Injection
Joomla! Component 'com_ccboard' - SQL Injection / Arbitrary File Upload
Joomla! Component com_morfeoshow - 'idm' Parameter SQL Injection
Joomla! Component 'com_morfeoshow' - 'idm' Parameter SQL Injection
Joomla! Component com_jr_tfb - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_jr_tfb' - 'Controller' Parameter Local File Inclusion
Joomla! Component com_voj - SQL Injection
Joomla! Component 'com_voj' - SQL Injection
Joomla! Component Foto - 'id_categoria' Parameter SQL Injection
Joomla! Component 'com_foto' - 'id_categoria' Parameter SQL Injection
Joomla! Component Juicy Gallery - 'picId' Parameter SQL Injection
Joomla! Component com_hospital - SQL Injection
Joomla! Component Controller - 'Itemid' Parameter SQL Injection
Joomla! Component 'com_juicy' - 'picId' Parameter SQL Injection
Joomla! Component 'com_hospital' - SQL Injection
Joomla! Component 'com_controller' - 'Itemid' Parameter SQL Injection
Joomla! Component com_resman - Cross-Site Scripting
Joomla! Component com_newssearch - SQL Injection
Joomla! Component 'com_newssearch' - SQL Injection
Joomla! Component Slideshow Gallery - 'id' Parameter SQL Injection
Joomla! Component 'com_xeslidegalfx' - 'id' Parameter SQL Injection
Joomla! Component com_community - 'userid' Parameter SQL Injection
Joomla! Component 'com_community' - 'userid' Parameter SQL Injection
Joomla! Component com_biitatemplateshop - 'groups' Parameter SQL Injection
Joomla! Component 'com_biitatemplateshop' - 'groups' Parameter SQL Injection
Joomla! Component com_expedition - 'id' Parameter SQL Injection
Joomla! Component 'com_expedition' - 'id' Parameter SQL Injection
Joomla! Component com_tree - 'key' Parameter SQL Injection
Joomla! Component com_br - 'state_id' Parameter SQL Injection
Joomla! Component com_shop - 'id' Parameter SQL Injection
Joomla! Component 'com_tree' - 'key' Parameter SQL Injection
Joomla! Component 'com_br' - 'state_id' Parameter SQL Injection
Joomla! Component 'com_shop' - 'id' Parameter SQL Injection
Joomla! Component Sgicatalog 1.0 - 'id' Parameter SQL Injection
Joomla! Component 'com_sgicatalog' 1.0 - 'id' Parameter SQL Injection
Joomla! Extension com_alfcontact 1.9.3 - Multiple Cross-Site Scripting Vulnerabilities
Joomla! Component 'com_alfcontact' 1.9.3 - Multiple Cross-Site Scripting Vulnerabilities
Joomla! Component Content - 'year' Parameter SQL Injection
Joomla! Component 'com_content' - 'year' Parameter SQL Injection
Joomla! Component com_tsonymf - 'idofitem' Parameter SQL Injection
Joomla! Component 'com_tsonymf' - 'idofitem' Parameter SQL Injection
Joomla! Component com_caproductprices - 'id' Parameter SQL Injection
Joomla! Component 'com_caproductprices' - 'id' Parameter SQL Injection
Joomla! Component HD Video Share 1.3 - 'id' Parameter SQL Injection
Joomla! Component 'com_contushdvideoshare' 1.3 - 'id' Parameter SQL Injection
Joomla! Component com_br - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_br' - 'Controller' Parameter Local File Inclusion
Joomla! Component Full 'com_full' - 'id' Parameter SQL Injection
Joomla! Component com_sanpham - Multiple SQL Injections
Joomla! Component com_xball - 'team_id' Parameter SQL Injection
Joomla! Component com_boss - 'Controller' Parameter Local File Inclusion
Joomla! Component com_car - Multiple SQL Injections
Joomla! Component com_some - 'Controller' Parameter Local File Inclusion
Joomla! Component com_bulkenquery - 'Controller' Parameter Local File Inclusion
Joomla! Component com_kp - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_full' - 'id' Parameter SQL Injection
Joomla! Component 'com_sanpham' - Multiple SQL Injections
Joomla! Component 'com_xball' - 'team_id' Parameter SQL Injection
Joomla! Component 'com_boss' - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_car' - Multiple SQL Injections
Joomla! Component 'com_some' - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_bulkenquery' - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_kp' - 'Controller' Parameter Local File Inclusion
Joomla! Component com_jesubmit - 'index.php' Arbitrary File Upload
Joomla! Component 'com_jesubmit' - 'index.php' Arbitrary File Upload
Joomla! Component com_motor - 'cid' Parameter SQL Injection
Joomla! Component com_products - Multiple SQL Injections
Joomla! Component 'com_motor' - 'cid' Parameter SQL Injection
Joomla! Component 'com_products' - Multiple SQL Injections
Joomla! Component com_visa - Local File Inclusion / SQL Injection
Joomla! Component com_firmy - 'Id' Parameter SQL Injection
Joomla! Component 'com_visa' - Local File Inclusion / SQL Injection
Joomla! Component 'com_firmy' - 'Id' Parameter SQL Injection
Joomla! Component com_crhotels - 'catid' Parameter SQL Injection
Joomla! Component com_propertylab - 'id' Parameter SQL Injection
Joomla! Component 'com_crhotels' - 'catid' Parameter SQL Injection
Joomla! Component 'com_propertylab' - 'id' Parameter SQL Injection
Joomla! Component com_bbs - Multiple SQL Injections
Joomla! Component 'com_bbs' - Multiple SQL Injections
Joomla! Component com_cmotour - 'id' Parameter SQL Injection
Joomla! Component 'com_cmotour' - 'id' Parameter SQL Injection
Joomla! Component com_bnf - 'seccion_id' Parameter SQL Injection
Joomla! Component 'com_bnf' - 'seccion_id' Parameter SQL Injection
Joomla! Component Currency Converter - 'from' Parameter Cross-Site Scripting
Joomla! Component 'mod_currencyconverter' - 'from' Parameter Cross-Site Scripting
Joomla! Component X-Shop - 'idd' Parameter SQL Injection
Joomla! Component Xcomp 'com_xcomp' - Local File Inclusion
Joomla! Component 'com_x-shop' - 'idd' Parameter SQL Injection
Joomla! Component 'com_xcomp' - Local File Inclusion
Joomla! Component com_xvs - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_xvs' - 'Controller' Parameter Local File Inclusion
Joomla! Component Machine - Multiple SQL Injections
Joomla! Component 'com_machine' - Multiple SQL Injections
Joomla! Component CCNewsLetter Module 1.0.7 - 'id' Parameter SQL Injection
Joomla! Component Video Gallery - Local File Inclusion / SQL Injection
Joomla! Component 'mod_ccnewsletter' 1.0.7 - 'id' Parameter SQL Injection
Joomla! Component 'com_videogallery' - Local File Inclusion / SQL Injection
Joomla! Component Alphacontent - 'limitstart' Parameter SQL Injection
Joomla! Component Joomsport - SQL Injection / Arbitrary File Upload
Joomla! Component 'com_alphacontent' - 'limitstart' Parameter SQL Injection
Joomla! Component 'com_joomsport' - SQL Injection / Arbitrary File Upload
Joomla! Component Simple SWFupload - 'uploadhandler.php' Arbitrary File Upload
Joomla! Component Art Uploader - 'upload.php' Arbitrary File Upload
Joomla! Component DentroVideo - 'upload.php' Arbitrary File Upload
Joomla! Component 'com_simpleswfupload' - 'uploadhandler.php' Arbitrary File Upload
Joomla! Component 'mod_artuploader' - 'upload.php' Arbitrary File Upload
Joomla! Component 'com_dv' - 'upload.php' Arbitrary File Upload
PCMAN FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit)
PCMan FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit)
PCMAN FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow
MySQL / MariaDB / PerconaDB - 'mysql' System User Privilege Escalation / Race Condition
MySQL / MariaDB / PerconaDB - 'root' Privilege Escalation
MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'mysql' System User Privilege Escalation / Race Condition
PCMan FTP Server 2.0.7 - 'UMASK' Command Buffer Overflow
Freefloat FTP Server 1.0 - 'DIR' Command Buffer Overflow
Alienvault OSSIM/USM 5.3.1 - PHP Object Injection
Alienvault OSSIM/USM 5.3.1 - Persistent Cross-Site Scripting
Alienvault OSSIM/USM 5.3.1 - SQL Injection
Microsoft Internet Explorer 9 - MSHTML CAttrArray Use-After-Free (MS14-056)
Citrix Receiver/Receiver Desktop Lock 4.5 - Authentication Bypass
SunellSecurity NVR / Camera - Denial Of Service
Linux Kernel (Ubuntu / Fedora / Redhat) - 'Overlayfs' Privilege Escalation (Metasploit)
MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'root' Privilege Escalation
Bassmaster 1.5.1 - Batch Arbitrary JavaScript Injection Remote Code Execution (Metasploit)
LifeSize Room 5.0.9 - Multiple Vulnerabilities
Microsoft Internet Explorer 11 - MSHTML CView::CalculateImageImmunity Use-After-Free
SweetRice 1.5.1 - Cross-Site Request Forgery
|
2016-11-03 05:01:18 +00:00 |
|
Offensive Security
|
d97b4f7c48
|
DB: 2016-10-28
|
2016-10-28 11:54:09 +00:00 |
|
Offensive Security
|
da85686a94
|
DB: 2016-10-28
6 new exploits
Real Server < 8.0.2 - Remote Exploit (Windows Platforms)
RealServer < 8.0.2 - Remote Exploit (Windows Platforms)
OpenSSH/PAM 3.6.1p1 - Remote Users Ident (gossh.sh)
OpenSSH/PAM 3.6.1p1 - 'gossh.sh' Remote Users Ident
CdRecord 2.0 - Mandrake Privilege Escalation
CDRTools CDRecord 2.0 - Mandrake Privilege Escalation
LeapFTP 2.7.x - Remote Buffer Overflow
LeapWare LeapFTP 2.7.x - Remote Buffer Overflow
GNU Cfengine 2.-2.0.3 - Remote Stack Overflow
GNU CFEngine 2.-2.0.3 - Remote Stack Overflow
IA WebMail 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit
IA WebMail Server 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit
Xsok 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit
XSOK 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit
Serv-U FTPD 3.x/4.x - 'SITE CHMOD' Command Remote Exploit
RhinoSoft Serv-U FTPd Server 3.x/4.x - 'SITE CHMOD' Command Remote Exploit
GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow
PSOProxy 0.91 - Remote Buffer Overflow (Windows 2000/XP)
IPSwitch IMail LDAP Daemon - Remote Buffer Overflow
Serv-U FTPD 3.x/4.x/5.x - (MDTM) Remote Overflow
Proxy-Pro Professional GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow
PSOProxy 0.91 (Windows 2000/XP) - Remote Buffer Overflow
IPSwitch IMail LDAP Daemon/Service - Buffer Overflow
RhinoSoft Serv-U FTPd Server 3.x/4.x/5.x - (MDTM) Remote Overflow
Traceroute - Privilege Escalation
LBL Traceroute - Privilege Escalation
Perl (Redhat 6.2) - Restore and Dump Local Exploit
Redhat 6.2 Restore and Dump - Local Exploit (Perl)
HP-UX 11.00/10.20 - crontab Overwrite Files Exploit
Solaris/SPARC 2.7 / 7 - locale Format String
HP-UX 11.00/10.20 crontab - Overwrite Files Exploit
Solaris/SPARC 2.7 / 7 locale - Format String
Solaris - locale Format Strings (noexec stack) Exploit
Solaris locale - Format Strings (noexec stack) Exploit
glibc - locale bug mount Exploit
GLIBC locale - bug mount Exploit
Red Hat 6.2 xsoldier-0.96 - Exploit
Red Hat 6.2 xsoldier 0.96 - Exploit
OpenBSD 2.6 / 2.7 ftpd - Remote Exploit
OpenBSD ftpd 2.6 / 2.7 - Remote Exploit
GLIBC - Locale Format Strings Exploit
GLIBC locale - Format Strings Exploit
IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) - /usr/lib/print/netprint Local Exploit
IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - /usr/lib/print/netprint Local Exploit
SquirrelMail - chpasswd Buffer Overflow
SquirrelMail - 'chpasswd' Buffer Overflow
rlpr 2.04 - msg() Remote Format String
Rlpr 2.04 - msg() Remote Format String
Solaris 2.5.0/2.5.1 ps & chkey - Data Buffer Exploit
Solaris 2.5.0/2.5.1 ps / chkey - Data Buffer Exploit
IRIX - Multiple Buffer Overflows (LsD)
SGI IRIX - Multiple Buffer Overflows (LsD)
IRIX - /bin/login Local Buffer Overflow
SGI IRIX - /bin/login Local Buffer Overflow
Solaris 2.4 - passwd & yppasswd & nispasswd Overflows
Solaris 2.4 passwd / yppasswd / nispasswd - Overflows
BlackJumboDog - Remote Buffer Overflow
BlackJumboDog FTP Server - Remote Buffer Overflow
Ollydbg 1.10 - Format String
OllyDbg 1.10 - Format String
SquirrelMail - (chpasswd) Privilege Escalation (Brute Force Exploit)
SquirrelMail - 'chpasswd' Privilege Escalation (Brute Force Exploit)
CDRecord - '$RSH' exec() SUID Shell Creation
CDRecord's ReadCD - '$RSH' exec() SUID Shell Creation
MDaemon 6.5.1 - IMAP/SMTP Remote Buffer Overflow
Alt-N MDaemon 6.5.1 - IMAP/SMTP Remote Buffer Overflow
HP-UX 11.0/11.11 swxxx - Privilege Escalation
HP-UX 11.0/11.11 - swxxx Privilege Escalation
Zinf 2.2.1 - Local Buffer Overflow
Zinf Audio Player 2.2.1 - Local Buffer Overflow
ShixxNote 6.net - Remote Buffer Overflow
ShixxNOTE 6.net - Remote Buffer Overflow
MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow
TABS MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow
MailCarrier 2.51 - Remote Buffer Overflow
SLMail 5.5 - POP3 PASS Buffer Overflow
TABS MailCarrier 2.51 - Remote Buffer Overflow
Seattle Lab Mail (SLMail) 5.5 - POP3 PASS Buffer Overflow
eZshopper - 'loadpage.cgi' Directory Traversal
Alex Heiphetz Group eZshopper - 'loadpage.cgi' Directory Traversal
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow
Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (1)
Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (1)
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (2)
Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (2)
Microsoft Internet Explorer - '.ANI' files handling Universal Exploit (MS05-002)
Microsoft Internet Explorer - '.ANI' Universal Exploit (MS05-002)
Microsoft Internet Explorer - '.ANI' files handling Downloader Exploit (MS05-002)
Microsoft Internet Explorer - '.ANI' Downloader Exploit (MS05-002)
Savant Web Server 3.1 - Remote Buffer Overflow (French Windows OS support)
Savant Web Server 3.1 (French Windows OS support) - Remote Buffer Overflow
Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow
RhinoSoft Serv-U FTPd Server 4.x - 'site chmod' Remote Buffer Overflow
Knet 1.04c - Buffer Overflow Denial of Service
KNet Web Server 1.04c - Buffer Overflow Denial of Service
Einstein 1.01 - Local Password Disclosure (asm)
Einstein 1.01 - Local Password Disclosure (ASM)
RealPlayer 10 - '.smil' Local Buffer Overflow
RealNetworks RealPlayer 10 - '.smil' Local Buffer Overflow
phpBB 2.0.12 - Session Handling Authentication Bypass (tutorial 2)
phpBB 2.0.12 - Session Handling Authentication Bypass
UBB Threads < 6.5.2 Beta - (mailthread.php) SQL Injection
UBBCentral UBB.Threads < 6.5.2 Beta - (mailthread.php) SQL Injection
XML-RPC Library 1.3.0 - (xmlrpc.php) Remote Code Injection
XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Code Injection
xmlrpc.php Library 1.3.0 - Remote Command Execution (2)
xmlrpc.php Library 1.3.0 - Remote Command Execution (3)
XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (2)
XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (3)
wMailServer 1.0 - Remote Denial of Service
SoftiaCom wMailServer 1.0 - Remote Denial of Service
ZENworks 6.5 Desktop/Server Management - Remote Stack Overflow (Metasploit)
Novell ZENworks 6.5 - Desktop/Server Management Remote Stack Overflow (Metasploit)
BusinessMail 4.60.00 - Remote Buffer Overflow
BusinessMail Server 4.60.00 - Remote Buffer Overflow
WebAdmin 2.0.4 - USER Buffer Overflow (Metasploit)
Alt-N WebAdmin 2.0.4 - USER Buffer Overflow (Metasploit)
Wireless Tools 26 - (iwconfig) Privilege Escalation (some setuid)
Wireless Tools 26 (IWConfig) - Privilege Escalation (some setuid)
Mercury Mail 4.01a (Pegasus) - IMAP Buffer Overflow
Mercury/32 Mail Server 4.01a (Pegasus) - IMAP Buffer Overflow
CA iGateway - (debug mode) Remote Buffer Overflow
CA iTechnology iGateway - (debug mode) Remote Buffer Overflow
Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC)
KarjaSoft Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC)
Sami FTP Server 2.0.1 - Remote Buffer Overflow (Metasploit)
KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (Metasploit)
Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp)
KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp)
Zorum Forum 3.5 - (rollid) SQL Injection
Zorum Forum 3.5 - 'rollid' SQL Injection
SaphpLesson 2.0 - (forumid) SQL Injection
saPHP Lesson 2.0 - (forumid) SQL Injection
zawhttpd 0.8.23 - (GET) Remote Buffer Overflow Denial of Service
zawhttpd 0.8.23 - GET Remote Buffer Overflow Denial of Service
Zix Forum 1.12 - (layid) SQL Injection
Zix Forum 1.12 - 'layid' SQL Injection
QBik Wingate 6.1.1.1077 - (POST) Remote Buffer Overflow
QBik WinGate WWW Proxy Server 6.1.1.1077 - (POST) Remote Buffer Overflow
INDEXU 5.0.1 - (admin_template_path) Remote File Inclusion
Indexu 5.0.1 - (admin_template_path) Remote File Inclusion
SmartSiteCMS 1.0 - (root) Multiple Remote File Inclusion
SmartSite CMS 1.0 - (root) Multiple Remote File Inclusion
Solaris 10 - sysinfo() Local Kernel Memory Disclosure
Solaris 10 sysinfo() - Local Kernel Memory Disclosure
SAPID CMS 1.2.3.05 - 'ROOT_PATH' Remote File Inclusion
SAPID 1.2.3.05 - 'ROOT_PATH' Remote File Inclusion
ZZ:FlashChat 3.1 - (adminlog) Remote File Inclusion
ZZ:FlashChat 3.1 - 'adminlog' Remote File Inclusion
WFTPD 3.23 - (SIZE) Remote Buffer Overflow
Texas Imperial Software WFTPD 3.23 - (SIZE) Remote Buffer Overflow
Apache < 1.3.37 / 2.0.59 / 2.2.3 - (mod_rewrite) Remote Overflow (PoC)
Apache (mod_rewrite) < 1.3.37 / 2.0.59 / 2.2.3 - Remote Overflow (PoC)
Tr Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit
TR Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit
X11R6 <= 6.4 XKEYBOARD (solaris/x86) - Local Buffer Overflow
X11R6 <= 6.4 XKEYBOARD (sco/x86) - Local Buffer Overflow
X11R6 <= 6.4 XKEYBOARD (solaris x86) - Local Buffer Overflow
X11R6 <= 6.4 XKEYBOARD (sco x86) - Local Buffer Overflow
Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion
Telekorn Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion
ZoomStats 1.0.2 - (mysql.php) Remote File Inclusion
ZoomStats 1.0.2 - 'mysql.php' Remote File Inclusion
Microsoft Internet Explorer (VML) - Remote Buffer Overflow (SP2) (Perl)
Microsoft Internet Explorer - (VML) Remote Buffer Overflow (SP2) (Perl)
PHPMyWebmin 1.0 - (window.php) Remote File Inclusion
phpMyWebmin 1.0 - (window.php) Remote File Inclusion
VideoDB 2.2.1 - (pdf.php) Remote File Inclusion
VideoDB 2.2.1 - 'pdf.php' Remote File Inclusion
Microsoft Office 2003 - PPT Local Buffer Overflow (PoC)
Microsoft Office 2003 - '.PPT' Local Buffer Overflow (PoC)
Solaris 10 libnspr - LD_PRELOAD Arbitrary File Creation Privilege Escalation
Solaris 10 (libnspr) - LD_PRELOAD Arbitrary File Creation Privilege Escalation
Solaris 10 libnspr - Constructor Privilege Escalation
Solaris 10 (libnspr) - Constructor Privilege Escalation
Microsoft Windows NAT Helper Components - 'ipnathlp.dll' Remote Denial of Service
Microsoft Windows - NAT Helper Components 'ipnathlp.dll' Remote Denial of Service
3Com TFTP Service 2.0.1 - 'Long Transporting Mode' Overflow (PoC)
3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow (PoC)
3Com TFTP Service 2.0.1 - 'Long Transporting Mode' Overflow Exploit
3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow Exploit
BlazeVideo HDTV Player 2.1 - Malformed PLF Buffer Overflow (PoC)
BlazeVideo HDTV Player 2.1 - Malformed '.PLF' Buffer Overflow (PoC)
AT-TFTP 1.9 - (Long Filename) Remote Buffer Overflow
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - (Long Filename) Remote Buffer Overflow
DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow
AstonSoft DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow
KDE 3.5 - (libkhtml) 4.2.0 / Unhandled HTML Parse Exception Exploit
KDE libkhtml 3.5 < 4.2.0 - Unhandled HTML Parse Exception Exploit
Irokez CMS 0.7.1 - Multiple Remote File Inclusion
Irokez Blog 0.7.1 - Multiple Remote File Inclusion
PHP-update 2.7 - Multiple Vulnerabilities
PHP-Update 2.7 - Multiple Vulnerabilities
Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC)
KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC)
TFTPDWIN 0.4.2 - Remote Buffer Overflow
ProSysInfo TFTP server TFTPDWIN 0.4.2 - Remote Buffer Overflow
Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow
KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow
3Com TFTP Service 2.0.1 - Remote Buffer Overflow (Metasploit)
3Com TFTP Service (3CTftpSvc) 2.0.1 - Remote Buffer Overflow (Metasploit)
FdScript 1.3.2 - 'download.php' Remote File Disclosure
FD Script 1.3.2 - 'download.php' Remote File Disclosure
Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow
Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow (Metasploit)
Ipswitch IMail Server 8.10-8.12 - (RCPT TO) Remote Buffer Overflow
Ipswitch IMail Server 8.10-8.12 - (RCPT TO) Remote Buffer Overflow (Metasploit)
SunOS 5.10/5.11 - in.TelnetD Remote Authentication Bypass
SunOS 5.10/5.11 in.TelnetD - Remote Authentication Bypass
ZebraFeeds 1.0 - (zf_path) Remote File Inclusion
ZebraFeeds 1.0 - 'zf_path' Remote File Inclusion
MailEnable Enterprise 2.32 < 2.34 - Remote Buffer Overflow
MailEnable Professional 2.35 - Remote Buffer Overflow
MailEnable IMAPD Enterprise 2.32 < 2.34 - Remote Buffer Overflow
MailEnable IMAPD Professional 2.35 - Remote Buffer Overflow
Ipswitch WS_FTP 5.05 - (XMD5) Remote Buffer Overflow (Metasploit)
Ipswitch WS_FTP Server 5.05 - (XMD5) Remote Buffer Overflow (Metasploit)
Oracle 10g KUPW$WORKER.MAIN - SQL Injection (2)
Oracle 10g - KUPW$WORKER.MAIN SQL Injection (2)
3Com TFTP Service 2.0.1 - (Long Transporting Mode) Exploit (Perl)
madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow
3Com TFTP Service (3CTftpSvc) 2.0.1 - (Long Transporting Mode) Exploit (Perl)
Madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow
TFTPDWIN Server 0.4.2 - (UDP) Denial of Service
ProSysInfo TFTP Server TFTPDWIN 0.4.2 - (UDP) Denial of Service
NetVios Portal - 'page.asp' SQL Injection
NetVIOS Portal - 'page.asp' SQL Injection
Mercury Mail 4.0.1 - 'LOGIN' Remote IMAP Stack Buffer Overflow
Mercury/32 Mail Server 4.0.1 - 'LOGIN' Remote IMAP Stack Buffer Overflow
Apache Mod_Rewrite (Windows x86) - Off-by-One Remote Overflow
Apache (mod_rewrite) (Windows x86) - Off-by-One Remote Overflow
Microsoft Windows GDI - Privilege Escalation (MS07-017) (1)
Microsoft Windows - GDI Privilege Escalation (MS07-017) (1)
qdblog 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities
Quick and Dirty Blog (qdblog) 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities
Microsoft Windows GDI - Privilege Escalation (MS07-017) (2)
Microsoft Windows - GDI Privilege Escalation (MS07-017) (2)
Zomplog 3.8 - (force_download.php) Remote File Disclosure
Zomplog 3.8 - 'force_download.php' Remote File Disclosure
Versalsoft HTTP File Upload - ActiveX 6.36 (AddFile) Remote Denial of Service
Versalsoft HTTP File Uploader - ActiveX 6.36 (AddFile) Remote Denial of Service
Gimp 2.2.14 (Win x86) - '.ras' Download/Execute Buffer Overflow
GIMP 2.2.14 (Windows x86) - '.ras' Download/Execute Buffer Overflow
UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (PoC)
UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (PoC)
Apache 2.0.58 Mod_Rewrite - Remote Overflow (Windows 2003)
Apache (mod_rewrite) 2.0.58 (Windows 2003) - Remote Overflow
UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (1)
UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (2)
UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (1)
UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (2)
Microsoft Windows GDI+ - ICO File Remote Denial of Service
Microsoft Windows - GDI+ '.ICO' File Remote Denial of Service
Safari 3 for Windows Beta - Remote Command Execution (PoC)
Apple Safari 3 for Windows Beta - Remote Command Execution (PoC)
YourFreeScreamer 1.0 - (serverPath) Remote File Inclusion
YourFreeScreamer 1.0 - 'serverPath' Remote File Inclusion
BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow
RKD Software BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow
PHPEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection
phpEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection
Oracle 9i/10g Evil Views - Change Passwords Exploit
Oracle 9i/10g - Evil Views Change Passwords Exploit
Savant 3.1 - GET Request Remote Overflow (Universal)
Savant Web Server 3.1 - GET Request Remote Overflow (Universal)
Easy Chat Server 2.2 - Remote Denial of Service
EFS Easy Chat Server 2.2 - Remote Denial of Service
Mercury SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)
Mercury/32 Mail SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)
Mercury/32 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow
Mercury/32 Mail SMTPD 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow
Mercury/32 3.32-4.51 - SMTP Unauthenticated EIP Overwrite
Mercury/32 Mail Server 3.32<4.51 - SMTP Unauthenticated EIP Overwrite
Thomson SIP phone ST 2030 - Remote Denial of Service
Thomson SpeedTouch ST 2030 (SIP Phone) - Remote Denial of Service
MSN messenger 7.x (8.0?) - Video Remote Heap Overflow
Microsoft MSN Messenger 7.x (8.0?) - Video Remote Heap Overflow
Microsoft Visual Basic Enterprise Edition 6.0 SP6 - Code Execution
Microsoft Visual Basic Enterprise 6.0 SP6 - Code Execution
AskJeeves Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow
Ask.com/AskJeeves Toolbar Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow
MDPro 1.0.76 - SQL Injection
MD-Pro 1.0.76 - SQL Injection
ZZ FlashChat 3.1 - (help.php) Local File Inclusion
ZZ FlashChat 3.1 - 'help.php' Local File Inclusion
PHP-AGTC membership system 1.1a - Remote Add Admin
PHP-AGTC Membership System 1.1a - Remote Add Admin
Quick and Dirty Blog 0.4 - (categories.php) Local File Inclusion
Quick and Dirty Blog (qdblog) 0.4 - (categories.php) Local File Inclusion
badblue 2.72b - Multiple Vulnerabilities
BadBlue 2.72b - Multiple Vulnerabilities
SquirrelMail G/PGP Plugin - deletekey() Command Injection
SquirrelMail G/PGP Encryption Plugin - deletekey() Command Injection
hp software update client 3.0.8.4 - Multiple Vulnerabilities
HP Software Update Client 3.0.8.4 - Multiple Vulnerabilities
Microsoft Visual InterDev 6.0-SP6 - '.sln' Local Buffer Overflow
Microsoft Visual InterDev 6.0 SP6 - '.sln' Local Buffer Overflow
QuickTime Player 7.3.1.70 - RTSP Remote Buffer Overflow (PoC)
QuickTime Player 7.3.1.70 - 'RTSP' Remote Buffer Overflow (PoC)
Gradman 0.1.3 - (agregar_info.php) Local File Inclusion
Gradman 0.1.3 - 'agregar_info.php' Local File Inclusion
mybulletinboard (MyBB) 1.2.10 - Multiple Vulnerabilities
MyBulletinBoard (MyBB) 1.2.10 - Multiple Vulnerabilities
Mini File Host 1.2 - (upload.php language) Local File Inclusion
Crystal Reports XI Release 2 - (Enterprise Tree Control) ActiveX Buffer Overflow/Denial of Service
Mini File Host 1.2 - 'language' Parameter Local File Inclusion
Crystal Reports XI Release 2 (Enterprise Tree Control) - ActiveX Buffer Overflow/Denial of Service
Gradman 0.1.3 - (info.php tabla) Local File Inclusion
Small Axe 0.3.1 - (linkbar.php cfile) Remote File Inclusion
Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr' File Handling Buffer Overflow
Gradman 0.1.3 - 'info.php' Local File Inclusion
Small Axe 0.3.1 - 'cfile' Parameter Remote File Inclusion
Microsoft Visual Basic Enterprise 6 SP6 - '.dsr' File Handling Buffer Overflow
Mini File Host 1.2.1 - (upload.php language) Local File Inclusion
Mini File Host 1.2.1 - 'language' Parameter Local File Inclusion
Frimousse 0.0.2 - explorerdir.php Local Directory Traversal
360 Web Manager 3.0 - (IDFM) SQL Injection
bloofox 0.3 - (SQL Injection / File Disclosure) Multiple Vulnerabilities
Frimousse 0.0.2 - 'explorerdir.php' Local Directory Traversal
360 Web Manager 3.0 - 'IDFM' Parameter SQL Injection
bloofox 0.3 - SQL Injection / File Disclosure
Mooseguy Blog System 1.0 - (blog.php month) SQL Injection
Mooseguy Blog System 1.0 - 'month' Parameter SQL Injection
IDM-OS 1.0 - (download.php Filename) File Disclosure
IDM-OS 1.0 - 'Filename' Parameter File Disclosure
MoinMoin 1.5.x - MOIND_ID cookie Bug Remote Exploit
aflog 1.01 - comments.php Cross-Site Scripting / SQL Injection
MoinMoin 1.5.x - 'MOIND_ID' Cookie Bug Remote Exploit
aflog 1.01 - Cross-Site Scripting / SQL Injection
Easysitenetwork Recipe - 'categoryId' SQL Injection
Coppermine Photo Gallery 1.4.14 - SQL Injection
Easysitenetwork Recipe - 'categoryId' Parameter SQL Injection
Coppermine Photo Gallery 1.4.10 - SQL Injection
web wiz rich text editor 4.0 - Multiple Vulnerabilities
Web Wiz Rich Text Editor 4.0 - Multiple Vulnerabilities
Seagull 0.6.3 - (optimizer.php files) Remote File Disclosure
Seagull 0.6.3 - 'optimizer.php' Remote File Disclosure
Joomla! Component Marketplace 1.1.1 - SQL Injection
Joomla! Component com_Marketplace 1.1.1 - SQL Injection
ASPapp - 'links.asp CatId' SQL Injection
ASPapp Knowledge Base - 'links.asp CatId' SQL Injection
ZYXEL ZyWALL Quagga/Zebra - (default pass) Remote Root Exploit
ZYXEL ZyWALL Quagga/Zebra - (Default Password) Remote Root Exploit
Quick TFTP Pro 2.1 - Remote SEH Overflow
Quick TFTP Server Pro 2.1 - Remote SEH Overflow
Microsoft Office XP SP3 - PPT File Buffer Overflow (MS08-016)
Microsoft Office XP SP3 - '.PPT' File Buffer Overflow (MS08-016)
HP OpenView NNM 7.5.1 - OVAS.exe SEH Unauthenticated Overflow
HP OpenView Network Node Manager (OV NNM) 7.5.1 - OVAS.exe SEH Unauthenticated Overflow
Microsoft Visual InterDev 6.0 - (SP6) SLN File Local Buffer Overflow (PoC)
Microsoft Visual InterDev 6.0 (SP6) - .SLN File Local Buffer Overflow (PoC)
Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.DSR' File Local Buffer Overflow
Microsoft Visual Basic Enterprise 6 SP6 - '.DSR' File Local Buffer Overflow
hp openview nnm 7.53 - Multiple Vulnerabilities
HP OpenView Network Node Manager (OV NNM) 7.53 - Multiple Vulnerabilities
PHPKB 1.5 Knowledge Base - 'ID' SQL Injection
PHPKB Knowledge Base Software 1.5 - 'ID' SQL Injection
Microsoft Windows GDI - Image Parsing Stack Overflow (MS08-021)
Microsoft Windows - GDI Image Parsing Stack Overflow (MS08-021)
HP OpenView NNM 7.5.1 - ovalarmsrv.exe Remote Overflow
HP OpenView Network Node Manager (OV NNM) 7.5.1 - ovalarmsrv.exe Remote Overflow
siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
ZeusCart 2.0 - (category_list.php) SQL Injection
ZeusCart 2.0 - 'category_list.php' SQL Injection
Zomplog 3.8.2 - (newuser.php) Arbitrary Add Admin
Zomplog 3.8.2 - 'newuser.php' Arbitrary Add Admin
Zomplog 3.8.2 - (force_download.php) File Disclosure
Zomplog 3.8.2 - 'force_download.php' File Disclosure
PHP AGTC-Membership System 1.1a - Arbitrary Add Admin
PHP-AGTC Membership System 1.1a - Arbitrary Add Admin
PHP Booking Calendar 10 d - SQL Injection
phpBookingCalendar 10 d - SQL Injection
SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC)
Alt-N SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC)
Yuhhu 2008 SuperStar - (board) SQL Injection
Yuhhu 2008 SuperStar - 'board' SQL Injection
gravity board x 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Gravity Board X 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
gl-sh deaf forum 6.5.5 - Multiple Vulnerabilities
GL-SH Deaf Forum 6.5.5 - Multiple Vulnerabilities
Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow
Apple Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow
trixbox - (langChoice) Local File Inclusion (connect-back) (2)
Trixbox - (langChoice) Local File Inclusion (connect-back) (2)
Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow
Download Accelerator Plus DAP 8.x - '.m3u' File Buffer Overflow
Artic Issue Tracker 2.0.0 - (index.php filter) SQL Injection
Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection
Ppim 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities
pPIM 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities
Cisco WebEx Meeting Manager - 'atucfobj.dll' ActiveX Remote Buffer Overflow
Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX Remote Buffer Overflow
Ppim 1.0 - (upload/change Password) Multiple Vulnerabilities
pPIM 1.0 - (upload/change Password) Multiple Vulnerabilities
z-breaknews 2.0 - (single.php) SQL Injection
z-breaknews 2.0 - 'single.php' SQL Injection
Ultra Office - ActiveX Control Remote Buffer Overflow
Ultra Shareware Office Control - ActiveX Control Remote Buffer Overflow
Micrsoft Windows GDI - (CreateDIBPatternBrushPt) Heap Overflow (PoC)
Microsoft Windows - GDI (CreateDIBPatternBrushPt) Heap Overflow (PoC)
phpvid 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Zanfi CMS lite / Jaw Portal free - (page) SQL Injection
phpVID 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Zanfi CMS lite / Jaw Portal free - 'page' SQL Injection
Microsoft Windows Media Encoder XP SP2 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053)
Microsoft Windows Media Encoder (Windows XP SP2) - 'wmex.dll' ActiveX Buffer Overflow (MS08-053)
QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash
Apple QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash
Microsoft Windows GDI+ - '.ico' Remote Division By Zero Exploit
Microsoft Windows - GDI+ '.ico' Remote Division By Zero Exploit
Microsoft Windows GDI - (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021)
Microsoft Windows - GDI (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021)
opennms < 1.5.96 - Multiple Vulnerabilities
OpenNMS < 1.5.96 - Multiple Vulnerabilities
yerba sacphp 6.3 - Multiple Vulnerabilities
Yerba SACphp 6.3 - Multiple Vulnerabilities
Microsoft Windows GDI+ - PoC (MS08-052) (2)
Microsoft Windows - GDI+ PoC (MS08-052) (2)
zeeproperty - (adid) SQL Injection
zeeproperty - 'adid' SQL Injection
TUGzip 3.00 archiver - '.zip' Local Buffer Overflow
TugZip 3.00 Archiver - '.zip' Local Buffer Overflow
AJ ARTICLE - 'featured_article.php mode' SQL Injection
AJ Article - 'featured_article.php mode' SQL Injection
Article Publisher PRO 1.5 - Insecure Cookie Handling
Graugon PHP Article Publisher Pro 1.5 - Insecure Cookie Handling
YourFreeWorld Classifieds - (category) SQL Injection
YourFreeWorld Classifieds - 'category' SQL Injection
PG Roomate Finder Solution - (Authentication Bypass) SQL Injection
Pilot Group PG Roommate Finder Solution - (Authentication Bypass) SQL Injection
iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC)
Apple iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC)
asp AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities
ASP AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities
Professional Download Assistant 0.1 - (Authentication Bypass) SQL Injection
dotnetindex Professional Download Assistant 0.1 - (Authentication Bypass) SQL Injection
phpmygallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities
PHPmyGallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities
Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray)
Apple Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray)
Hex Workshop 6.0 - (ColorMap files .cmap) Invalid Memory Reference (PoC)
Hex Workshop 6.0 - '.cmap' Invalid Memory Reference (PoC)
ProFTPd with mod_mysql - Authentication Bypass
ProFTPd - 'mod_mysql' Authentication Bypass
ppim 1.0 - Multiple Vulnerabilities
pPIM 1.0 - Multiple Vulnerabilities
Orbit 2.8.4 - Long Hostname Remote Buffer Overflow
Orbit Downloader 2.8.4 - Long Hostname Remote Buffer Overflow
Merak Media PLayer 3.2 - '.m3u' File Local Buffer Overflow (SEH)
Merak Media Player 3.2 - '.m3u' File Local Buffer Overflow (SEH)
Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Files Local Heap Overflow (PoC)
Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Local Heap Overflow (PoC)
bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities
Bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities
Racer 0.5.3b5 - Remote Stack Buffer Overflow
Racer 0.5.3 Beta 5 - Remote Stack Buffer Overflow
Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash
Apple Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash
Gravity Board X 2.0b - SQL Injection / Authenticated Code Execution
Gravity Board X 2.0 Beta - SQL Injection / Authenticated Code Execution
Online Guestbook Pro - (display) Blind SQL Injection
Esoftpro Online Guestbook Pro - (display) Blind SQL Injection
tematres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
TemaTres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
ZaoCMS - (user_id) SQL Injection
ZaoCMS - 'user_id' SQL Injection
Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)
Apple Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)
ZeeCareers 2.0 - (addAdminmembercode.php) Add Admin
ZeeCareers 2.0 - 'addAdminmembercode.php' Add Admin
AdPeeps 8.5d1 - Cross-Site Scripting / HTML Injection
Impact Software AdPeeps 8.5d1 - Cross-Site Scripting / HTML Injection
WebBoard 2.90 Beta - Remote File Disclosure
212Cafe WebBoard 2.90 Beta - Remote File Disclosure
ZeusCart 2.3 - (maincatid) SQL Injection
ZeusCart 2.3 - 'maincatid' SQL Injection
DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection
Worldweaver DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection
compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)
Compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)
OtsAv DJ/TV/Radio - Multiple Local Heap Overflow PoCs
otsAV DJ/TV/Radio - Multiple Local Heap Overflow PoCs
Microsoft Office Web Components (Spreadsheet) - ActiveX Buffer Overflow (PoC)
Microsoft Office Web Components (OWC) Spreadsheet - ActiveX Buffer Overflow (PoC)
DD-WRT - (httpd service) Remote Command Execution
DD-WRT HTTPd Daemon/Service - Remote Command Execution
GLinks 2.1 - (cat) Blind SQL Injection
Groone's GLink ORGanizer 2.1 - (cat) Blind SQL Injection
XOOPS celepar module qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
XOOPS Celepar Module Qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC)
Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC)
Amaya 11.2 W3C Editor/Browser - (defer) Remote Buffer Overflow (SEH)
Amaya 11.2 - W3C Editor/Browser (defer) Remote Buffer Overflow (SEH)
Payment Processor Script - 'shop.htm cid' SQL Injection
Payment Processor Script (PPScript) - 'shop.htm cid' SQL Injection
Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC)
Apple Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC)
BandCMS 0.10 - news.php Multiple SQL Injection
Rock Band CMS 0.10 - news.php Multiple SQL Injection
Microsoft IIS 5.0 (Windows 2000 SP4) - FTP Server Remote Stack Overflow
Microsoft IIS 5.0 FTP Server (Windows 2000 SP4) - Remote Stack Overflow
Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service
Apple Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service
Eureka Mail Client 2.2q - PoC Buffer Overflow
Eureka Email Client 2.2q - PoC Buffer Overflow
Solaris 8.0 - LPD Command Execution (Metasploit)
Solaris 8.0 LPD - Command Execution (Metasploit)
Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit)
Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit)
Apple Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit)
Knox Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit)
ntpd 4.0.99j-k readvar - Buffer Overflow (Metasploit)
NTPd 4.0.99j-k readvar - Buffer Overflow (Metasploit)
Poptop < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit)
PoPToP < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit)
BulletProof FTP 2.63 b56 - Client Malformed '.bps' File Stack Buffer Overflow
BulletProof FTP Client 2.63 b56 - Malformed '.bps' File Stack Buffer Overflow
Dopewars 1.5.12 Server - Denial of Service
Dopewars Server 1.5.12 - Denial of Service
Free Download Manager Torrent File Parsing - Multiple Remote Buffer Overflow Vulnerabilities (Metasploit)
Free Download Manager - Torrent File Parsing Multiple Remote Buffer Overflow Vulnerabilities (Metasploit)
HP LaserJet printers - Multiple Persistent Cross-Site Scripting Vulnerabilities
HP LaserJet Printers - Multiple Persistent Cross-Site Scripting Vulnerabilities
Salim Gasmi GLD 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit)
Salim Gasmi GLD (Greylisting Daemon) 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit)
Adobe Shockwave 11.5.1.601 Player - Multiple Code Execution
Adobe Shockwave Player 11.5.1.601 - Multiple Code Execution
HP Power Manager Administration - Universal Buffer Overflow
Hewlett-Packard (HP) Power Manager Administration Power Manager Administration - Universal Buffer Overflow
Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
HP Openview NNM 7.53 - Invalid DB Error Code
HP OpenView Network Node Manager (OV NNM) 7.53 - Invalid DB Error Code
Quick.Cart 3.4 and Quick.CMS 2.4 - Cross-Site Request Forgery
Quick.Cart 3.4 / Quick.CMS 2.4 - Cross-Site Request Forgery
Eureka Mail Client - Remote Buffer Overflow
Eureka Email Client - Remote Buffer Overflow
IDEAL Administration 2009 9.7 - Local Buffer Overflow
PointDev IDEAL Administration 2009 9.7 - Local Buffer Overflow
phpshop 0.8.1 - Multiple Vulnerabilities
phpShop 0.8.1 - Multiple Vulnerabilities
IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)
PointDev IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)
HP NNM 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow
HP OpenView Network Node Manager (OV NNM) 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow
DigitalHive - Multiple Vulnerabilities
Digital Hive - Multiple Vulnerabilities
zabbix server - Multiple Vulnerabilities
Zabbix Server - Multiple Vulnerabilities
freekot - (Authentication Bypass) SQL Injection
Digiappz Freekot - (Authentication Bypass) SQL Injection
TFTP Daemon 1.9 - Denial of Service
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - Denial of Service
B2B Trading Marketplace - SQL Injection
SoftBiz B2B trading Marketplace Script - SQL Injection
Mini-stream - Windows XP SP2 and SP3 Exploit
Mini-stream Ripper (Windows XP SP2/SP3) - Exploit
Audiotran 1.4.1 - (Win XP SP2/SP3 English) Buffer Overflow
Audiotran 1.4.1 (Windows XP SP2/SP3 English) - Buffer Overflow
Safari 4.0.4 / Firefox 3.5.7 / SeaMonkey 2.0.1 - Remote Denial of Service
Apple Safari 4.0.4 / Firefox 3.5.7 / SeaMonkey 2.0.1 - Remote Denial of Service
iTunes 9.0.1 - '.pls' Handling Buffer Overflow
Apple iTunes 9.0.1 - '.pls' Handling Buffer Overflow
Apple Safari 4.0.4 & Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service/PoC
Apple Safari 4.0.4 / Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service (PoC)
Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service
Apple Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service
bild flirt system 2.0 - 'index.php' 'id' SQL Injection
Bild Flirt System 2.0 - 'index.php' 'id' SQL Injection
SAFARI APPLE 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash)
Apple Safari 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash)
iOS Safari - Bad 'VML' Remote Denial of Service
iOS Safari - Remote Denial of Service
Apple iOS Safari - Bad 'VML' Remote Denial of Service
Apple iOS Safari - Remote Denial of Service
HP OpenView NNM - OvWebHelp.exe CGI Topic Overflow
HP OpenView Network Node Manager (OV NNM) - OvWebHelp.exe CGI Topic Overflow
Adobe Reader - Escape From PDF
Adobe Reader - Escape From '.PDF'
TugZip 3.5 - '.ZIP' File Buffer Overflow
TugZip 3.5 Archiver - '.ZIP' File Buffer Overflow
Joomla! Component jp_jobs - SQL Injection
Joomla! Component com_jp_jobs - SQL Injection
Joomla! Component QPersonel - SQL Injection
Joomla! Component com_QPersonel - SQL Injection
Bild Flirt 1.0 - SQL Injection
Bild Flirt System 1.0 - SQL Injection
Safari 4.0.5 - (531.22.7) Denial of Service
Apple Safari 4.0.5 - (531.22.7) Denial of Service
Webkit (Safari 4.0.5) - Blink Tag Stack Exhaustion Denial of Service
Webkit (Apple Safari 4.0.5) - Blink Tag Stack Exhaustion Denial of Service
Safari 4.0.3 / 4.0.4 - Stack Exhaustion
Apple Safari 4.0.3 / 4.0.4 - Stack Exhaustion
724CMS Enterprise 4.59 - SQL Injection
PHPKB Knowledge Base Software 2.0 - Multilanguage Support - Multiple SQL Injections
724CMS 4.59 Enterprise - SQL Injection
PHPKB Knowledge Base Software 2.0 - Multilanguage Support Multiple SQL Injections
Joomla! Component JE Job - Local File Inclusion
Joomla! Component com_jejob JE Job 1.0 - Local File Inclusion
Safari 4.0.5 - parent.close() Memory Corruption (ASLR + DEP Bypass)
Apple Safari 4.0.5 - parent.close() Memory Corruption (ASLR + DEP Bypass)
Joomla! Component com_jejob 1.0 - 'catid' SQL Injection
Joomla! Component com_jejob JE Job 1.0 - 'catid' SQL Injection
Savy Soda Documents - (Mobile Office Suite) XLS Denial of Service
Office^2 iPhone - XLS Denial of Service
GoodiWare GoodReader iPhone - XLS Denial of Service
Savy Soda Documents - (Mobile Office Suite) '.XLS' Denial of Service
Office^2 iPhone - '.XLS' Denial of Service
GoodiWare GoodReader iPhone - '.XLS' Denial of Service
Yamamah (news) - SQL Injection / Source Code Disclosure
Yamamah - 'news' SQL Injection / Source Code Disclosure
Unreal IRCD 3.2.8.1 - Remote Downloader/Execute Trojan
UnrealIRCd 3.2.8.1 - Remote Downloader/Execute Trojan
k-search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
K-Search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
YPNinc JokeScript - (ypncat_id) SQL Injection
YPNinc JokeScript - 'ypncat_id' SQL Injection
YPNinc PHP Realty Script - (docID) SQL Injection
YPNinc PHP Realty Script - 'docID' SQL Injection
HP OpenView NNM - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution
HP OpenView NNM - getnnmdata.exe CGI Invalid ICount Remote Code Execution
HP OpenView NNM - getnnmdata.exe CGI Invalid Hostname Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid ICount Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid Hostname Remote Code Execution
Apple Mac OSX (Snow Leopard) EvoCam Web Server - ROP Remote Exploit
Apple Mac OSX EvoCam Web Server (Snow Leopard) - ROP Remote Exploit
HP NNM 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH)
HP OpenView Network Node Manager (OV NNM) 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH)
Safari Browser 4.0.2 - Clickjacking
Apple Safari 4.0.2 - Clickjacking
Barcodewiz 3.29 - Barcode ActiveX Control Remote Heap Spray Exploit (Internet Explorer 6/7'
Barcodewiz Barcode ActiveX Control 3.29 - Remote Heap Spray Exploit (Internet Explorer 6/7)
Apple iOS - pdf Jailbreak Exploit
Apple iOS - '.pdf' Jailbreak Exploit
HP OpenView NNM 7.53 OvJavaLocale - Buffer Overflow
HP OpenView Network Node Manager (OV NNM) 7.53 - OvJavaLocale Buffer Overflow
Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking
Microsoft PowerPoint 2010 - 'pptimpconv.dll' DLL Hijacking
Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking
Apple Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking
MediaPlayer Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking
Media Player Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking
HP OpenView NNM - webappmon.exe execvp_nc Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - webappmon.exe execvp_nc Remote Code Execution
AdaptCMS 2.0.1 Beta Release - Remote File Inclusion (Metasploit)
AdaptCMS 2.0.1 Beta - Remote File Inclusion (Metasploit)
DATAC RealWin 2.0 (Build 6.1.8.10) - Buffer Overflow
DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - Buffer Overflow
FatPlayer 0.6b - '.wav' Buffer Overflow (SEH)
Fat Player 0.6b - '.wav' Buffer Overflow (SEH)
CubeCart 2.0.1 - SQL Injection
Brooky CubeCart 2.0.1 - SQL Injection
DATAC RealWin SCADA 1.06 - Buffer Overflow
DATAC RealWin SCADA Server 1.06 - Buffer Overflow
pilot cart 7.3 - Multiple Vulnerabilities
ASPilot Pilot Cart 7.3 - Multiple Vulnerabilities
Mp3-Nator 2.0 - Buffer Overflow (SEH)
MP3-Nator 2.0 - Buffer Overflow (SEH)
Safari 5.02 - Stack Overflow Denial of Service
Apple Safari 5.02 - Stack Overflow Denial of Service
Microsoft Windows Task Scheduler - Privilege Escalation
Microsoft Windows - Task Scheduler Privilege Escalation
Pandora Fms 3.1 - Authentication Bypass
Pandora FMS 3.1 - Authentication Bypass
bugtracker.net 3.4.4 - Multiple Vulnerabilities
BugTracker.NET 3.4.4 - Multiple Vulnerabilities
Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit)
Viscom Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit)
Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow
Viscom Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow
WMITools ActiveX - Remote Command Execution
Microsoft WMITools ActiveX - Remote Command Execution
VideoSpirit Pro 1.68 - Local Buffer Overflow
VeryTools VideoSpirit Pro 1.68 - Local Buffer Overflow
Apple Mac OSX iTunes 8.1.1 - ITms Overflow (Metasploit)
Apple iTunes 8.1.1 (Mac OSX) - ITms Overflow (Metasploit)
PeaZip 2.6.1 - Zip Processing Command Injection (Metasploit)
PeaZIP 2.6.1 - Zip Processing Command Injection (Metasploit)
Sun Java - System Web Server WebDAV OPTIONS Buffer Overflow (Metasploit)
Sun Java Web Server - System WebDAV OPTIONS Buffer Overflow (Metasploit)
Apache Tomcat Manager Application Deployer - Authenticated Code Execution (Metasploit)
Apache Tomcat Manager - Application Deployer Authenticated Code Execution (Metasploit)
Solaris sadmind - Command Execution (Metasploit)
Solaris Sadmind - Command Execution (Metasploit)
Sun Solaris - Telnet Remote Authentication Bypass (Metasploit)
Sun Solaris Telnet - Remote Authentication Bypass (Metasploit)
Timbuktu Pro - Directory Traversal / Arbitrary File Upload (Metasploit)
Oracle 8i TNS Listener - 'ARGUMENTS' Buffer Overflow (Metasploit)
Motorola Timbuktu Pro - Directory Traversal / Arbitrary File Upload (Metasploit)
Oracle 8i - TNS Listener 'ARGUMENTS' Buffer Overflow (Metasploit)
TFTPDWIN 0.4.2 - Long Filename Buffer Overflow (Metasploit)
3CTftpSvc TFTP - Long Mode Buffer Overflow (Metasploit)
Quick FTP Pro 2.1 - Transfer-Mode Overflow (Metasploit)
ProSysInfo TFTP server TFTPDWIN 0.4.2 - Long Filename Buffer Overflow (Metasploit)
3Com TFTP Service (3CTftpSvc) - Long Mode Buffer Overflow (Metasploit)
Quick TFTP Server Pro 2.1 - Transfer-Mode Overflow (Metasploit)
Allied Telesyn TFTP Server 1.9 - Long Filename Overflow (Metasploit)
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - Long Filename Overflow (Metasploit)
CA BrightStor - ARCserve for Laptops & Desktops LGServer (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow (Metasploit)
CA BrightStor ARCserve for Laptops & Desktops LGServer - (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow (Metasploit)
Eureka Email 2.2q - ERR Remote Buffer Overflow (Metasploit) (2)
Eureka Email Client 2.2q - ERR Remote Buffer Overflow (Metasploit) (2)
FreeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit)
freeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit)
Kerio Firewall 2.1.4 - Authentication Packet Overflow (Metasploit)
Arkeia Backup Client Type 77 (Windows x86) - Overflow Exploit (Metasploit)
Kerio Personal Firewall 2.1.4 - Authentication Packet Overflow (Metasploit)
Knox Arkeia Backup Client Type 77 (Windows x86) - Overflow Exploit (Metasploit)
Mercury/32 <= 4.01b - LOGIN Buffer Overflow (Metasploit)
Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow (Metasploit)
MailEnable IMAPD (2.35) - Login Request Buffer Overflow (Metasploit)
Mercur 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit)
Mdaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2)
Mercury/32 Mail Server <= 4.01b - LOGIN Buffer Overflow (Metasploit)
Eudora Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow (Metasploit)
MailEnable IMAPD Professional (2.35) - Login Request Buffer Overflow (Metasploit)
Mercur MailServer 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit)
MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2)
IMail IMAP4D - Delete Overflow (Metasploit)
IPSwitch IMail IMAP4D - Delete Overflow (Metasploit)
Mercury/32 4.01a - IMAP RENAME Buffer Overflow (Metasploit)
Mercury/32 Mail Server 4.01a - IMAP RENAME Buffer Overflow (Metasploit)
Ipswitch IMail - IMAP SEARCH Buffer Overflow (Metasploit)
Ipswitch IMail Server - IMAP SEARCH Buffer Overflow (Metasploit)
AOL Instant Messenger - goaway Overflow (Metasploit)
AOL Instant Messenger AIM - goaway Overflow (Metasploit)
Microsoft OWC Spreadsheet - msDataSourceObject Memory Corruption (Metasploit)
Microsoft Office Web Components (OWC) Spreadsheet - msDataSourceObject Memory Corruption (Metasploit)
Zenturi ProgramChecker - ActiveX Control Arbitrary File Download (Metasploit)
Zenturi ProgramChecker ActiveX - Control Arbitrary File Download (Metasploit)
Tumbleweed FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit)
Tumbleweed SecureTransport FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit)
RKD Software 'BarCodeAx.dll' 4.9 - ActiveX Remote Stack Buffer Overflow (Metasploit)
RKD Software BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Stack Buffer Overflow (Metasploit)
RealNetworks RealPlayer - SMIL Buffer Overflow (Metasploit)
RealNetworks RealPlayer - '.SMIL' Buffer Overflow (Metasploit)
Adobe Shockwave - rcsL Memory Corruption (Metasploit)
Adobe Shockwave Player - rcsL Memory Corruption (Metasploit)
Microsoft Internet Explorer - VML Fill Method Code Execution (Metasploit)
Microsoft Internet Explorer - (VML) Fill Method Code Execution (Metasploit)
WebEx UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit)
Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit)
ACDSee - XPM File Section Buffer Overflow (Metasploit)
ACDSee - '.XPM' File Section Buffer Overflow (Metasploit)
HT-MP3Player 1.0 HT3 - File Parsing Buffer Overflow (Metasploit)
HT-MP3Player 1.0 - '.HT3' File Parsing Buffer Overflow (Metasploit)
Orbital Viewer - ORB File Parsing Buffer Overflow (Metasploit)
Orbital Viewer - '.ORB' File Parsing Buffer Overflow (Metasploit)
Audio Workstation 6.4.2.4.3 - pls Buffer Overflow (Metasploit)
Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit)
Qbik WinGate WWW Proxy Server - URL Processing Overflow (Metasploit)
QBik WinGate WWW Proxy Server - URL Processing Overflow (Metasploit)
Medal Of Honor Allied Assault - getinfo Stack Buffer Overflow (Metasploit)
Medal of Honor Allied Assault - getinfo Stack Buffer Overflow (Metasploit)
Cesar FTP 0.99g - (MKD) Command Buffer Overflow (Metasploit)
CesarFTP 0.99g - (MKD) Command Buffer Overflow (Metasploit)
Serv-U FTPD - MDTM Overflow (Metasploit)
RhinoSoft Serv-U FTPd Server - MDTM Overflow (Metasploit)
Ipswitch WS_FTP Server 5.05 - XMD5 Overflow (Metasploit)
Ipswitch WS_FTP Server 5.05 - (XMD5) Overflow (Metasploit)
3Com 3CDaemon 2.0 FTP - 'Username' Overflow (Metasploit)
3Com 3CDaemon 2.0 FTP Server - 'Username' Overflow (Metasploit)
FileCopa FTP Server pre 18 Jul Version - Exploit (Metasploit)
FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit)
SentinelLM - UDP Buffer Overflow (Metasploit)
Sentinel LM - UDP Buffer Overflow (Metasploit)
Apache module Mod_Rewrite - LDAP protocol Buffer Overflow (Metasploit)
Xitami 2.5c2 Web Server - If-Modified-Since Overflow (Metasploit)
Apache (mod_rewrite) - LDAP protocol Buffer Overflow (Metasploit)
Xitami Web Server 2.5c2 - If-Modified-Since Overflow (Metasploit)
Sambar 6 - Search Results Buffer Overflow (Metasploit)
Sambar Server 6 - Search Results Buffer Overflow (Metasploit)
IA WebMail 3.x - Buffer Overflow (Metasploit)
IA WebMail Server 3.x - Buffer Overflow (Metasploit)
Savant 3.1 Web Server - Overflow Exploit (Metasploit)
Savant Web Server 3.1 - Overflow Exploit (Metasploit)
HP OpenView NNM 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit)
Hewlett-Packard Power Manager Administration - Buffer Overflow (Metasploit)
Hewlett-Packard (HP) Power Manager Administration - Buffer Overflow (Metasploit)
Ipswitch WhatsUp Gold 8.03 - Buffer Overflow (Metasploit)
IPSwitch WhatsUp Gold 8.03 - Buffer Overflow (Metasploit)
PSO Proxy 0.91 - Stack Buffer Overflow (Metasploit)
PSOProxy 0.91 - Stack Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - ovalarm.exe CGI Buffer Overflow (Metasploit)
Apache mod_jk 1.2.20 - Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - ovalarm.exe CGI Buffer Overflow (Metasploit)
Apache Tomcat mod_jk 1.2.20 - Buffer Overflow (Metasploit)
NaviCOPA 2.0.1 - URL Handling Buffer Overflow (Metasploit)
NaviCOPA Web Server 2.0.1 - URL Handling Buffer Overflow (Metasploit)
MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit)
Alt-N MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit)
YPOPS 0.6 - Buffer Overflow (Metasploit)
YahooPOPs (YPOPS) 0.6 - Buffer Overflow (Metasploit)
Mercury Mail SMTP AUTH CRAM-MD5 - Buffer Overflow (Metasploit)
Mercury/32 Mail SMTPD - AUTH CRAM-MD5 Buffer Overflow (Metasploit)
IMail LDAP Service - Buffer Overflow (Metasploit)
IPSwitch IMail LDAP Daemon/Service - Buffer Overflow (Metasploit)
GLD (Greylisting Daemon) - Postfix Buffer Overflow (Metasploit)
Salim Gasmi GLD (Greylisting Daemon) - Postfix Buffer Overflow (Metasploit)
Poptop - Negative Read Overflow (Metasploit)
UoW IMAP server - LSUB Buffer Overflow (Metasploit)
PoPToP - Negative Read Overflow (Metasploit)
UoW IMAPd Server - LSUB Buffer Overflow (Metasploit)
DD-WRT HTTP Daemon - Arbitrary Command Execution (Metasploit)
DD-WRT HTTPd Daemon/Service - Arbitrary Command Execution (Metasploit)
Samba (Linux/x86) - trans2open Overflow (Metasploit)
iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1)
AppleFileServer - LoginExt PathName Overflow (Metasploit)
Samba (Linux x86) - trans2open Overflow (Metasploit)
Apple iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1)
AppleFileServer (OSX) - LoginExt PathName Overflow (Metasploit)
Arkeia Backup Client Type 77 (OSX) - Overflow Exploit (Metasploit)
Safari - Archive Metadata Command Execution (Metasploit)
Knox Arkeia Backup Client Type 77 (OSX) - Overflow Exploit (Metasploit)
Apple Safari - Archive Metadata Command Execution (Metasploit)
iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)
Apple iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)
Mail.app - Image Attachment Command Execution (Metasploit)
Apple Mail.app - Image Attachment Command Execution (Metasploit)
Apple Mac OSX QuickTime - RTSP Content-Type Overflow (Metasploit)
Apple Mac OSX EvoCam - HTTP GET Buffer Overflow (Metasploit)
Apple QuickTime (Mac OSX) - RTSP Content-Type Overflow (Metasploit)
Apple Mac OSX EvoCam Web Server - HTTP GET Buffer Overflow (Metasploit)
Samba trans2open (*BSD/x86) - Overflow Exploit (Metasploit)
Samba (*BSD x86) - trans2open Overflow Exploit (Metasploit)
PHP XML-RPC - Arbitrary Code Execution (Metasploit)
XML-RPC Library 1.3.0 - 'xmlrpc.php' Arbitrary Code Execution (Metasploit)
AWStats 6.4 < 6.5 migrate - Remote Command Execution (Metasploit)
HP Openview - connectedNodes.ovpl Remote Command Execution (Metasploit)
AWStats 6.4 < 6.5 - migrate Remote Command Execution (Metasploit)
HP OpenView Network Node Manager (OV NNM) - connectedNodes.ovpl Remote Command Execution (Metasploit)
TWiki Search Function - Arbitrary Command Execution (Metasploit)
TWiki - Search Function Arbitrary Command Execution (Metasploit)
Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
Novell iPrint Client ActiveX Control 5.52 - Buffer Overflow (Metasploit)
Novell iPrint Client 5.52 - ActiveX Control Buffer Overflow (Metasploit)
Kolibri 2.0 - HTTP Server HEAD Buffer Overflow (Metasploit)
Kolibri HTTP Server 2.0 - HEAD Buffer Overflow (Metasploit)
7-Technologies igss 9.00.00.11059 - Multiple Vulnerabilities
7-Technologies IGSS 9.00.00.11059 - Multiple Vulnerabilities
HP OpenView NNM - nnmRptConfig nameParams Buffer Overflow (Metasploit)
HP NNM - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit)
HP NNM - CGI webappmon.exe execvp Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - nnmRptConfig nameParams Buffer Overflow (Metasploit)
HP Network Node Manager (NMM) - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit)
HP Network Node Manager (NMM) - CGI webappmon.exe execvp Buffer Overflow (Metasploit)
HP OpenView NNM - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit)
VeryTools Video Spirit Pro 1.70 - '.visprj' Buffer Overflow (Metasploit)
VeryTools VideoSpirit Pro 1.70 - '.visprj' Buffer Overflow (Metasploit)
eyeos 1.9.0.2 - Persistent Cross-Site Scripting using image files
eyeos 1.9.0.2 - Persistent Cross-Site Scripting Using Image Files
Golden FTP 4.70 - PASS Stack Buffer Overflow (Metasploit)
Golden FTP Server 4.70 - PASS Stack Buffer Overflow (Metasploit)
manageengine support center plus 7.8 build 7801 - Directory Traversal
ManageEngine Support Center Plus 7.8 Build 7801 - Directory Traversal
Safari 5.0.6/5.1 - SVG DOM Processing (PoC)
Apple Safari 5.0.6/5.1 - SVG DOM Processing (PoC)
Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass)
Apple Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass)
TugZip 3.5 - '.ZIP' File Parsing Buffer Overflow (Metasploit)
TugZip 3.5 Archiver - '.ZIP' File Parsing Buffer Overflow (Metasploit)
Sports PHool 1.0 - Remote File Inclusion
SportsPHool 1.0 - Remote File Inclusion
Mini-stream 3.0.1.1 - Buffer Overflow (3)
Mini-stream Ripper 3.0.1.1 - Buffer Overflow (3)
Log1CMS 2.0 - (ajax_create_folder.php) Remote Code Execution
Log1 CMS 2.0 - (ajax_create_folder.php) Remote Code Execution
Zabbix 1.8.4 - (popup.php) SQL Injection
Zabbix 1.8.4 - 'popup.php' SQL Injection
CCMPlayer 1.5 - Stack based Buffer Overflow SEH Exploit '.m3u' (Metasploit)
CCMPlayer 1.5 - '.m3u' Stack based Buffer Overflow SEH Exploit (Metasploit)
Serv-U FTP Server < 4.2 - Buffer Overflow (Metasploit)
RhinoSoft Serv-U FTPd Server < 4.2 - Buffer Overflow (Metasploit)
Family Connections - less.php Remote Command Execution (Metasploit)
Family Connections CMS - 'less.php' Remote Command Execution (Metasploit)
FCMS 2.7.2 CMS - Multiple Persistent Cross-Site Scripting
Family CMS 2.7.2 - Multiple Persistent Cross-Site Scripting
openemr 4 - Multiple Vulnerabilities
Safari - GdiDrawStream BSoD
OpenEMR 4 - Multiple Vulnerabilities
Apple Safari - GdiDrawStream BSoD
clip bucket 2.6 - Multiple Vulnerabilities
Clipbucket 2.6 - Multiple Vulnerabilities
Tube Ace(Adult PHP Tube Script) - SQL Injection
Tube Ace (Adult PHP Tube Script) - SQL Injection
Dolibarr CMS 3.2.0 < Alpha - File Inclusion
Dolibarr 3.2.0 < Alpha - File Inclusion
PBLang - Local File Inclusion
PBLang Bulletin Board System - Local File Inclusion
NetDecision 4.5.1 - HTTP Server Buffer Overflow (Metasploit)
Netmechanica NetDecision HTTP Server 4.5.1 - Buffer Overflow (Metasploit)
Ricoh DC Software DL-10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow
Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow
Sitecom WLM-2501 new - Multiple Cross-Site Request Forgery Vulnerabilities
Sitecom WLM-2501 - Multiple Cross-Site Request Forgery Vulnerabilities
Ricoh DC DL-10 SR10 - FTP USER Command Buffer Overflow (Metasploit)
Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) - FTP USER Command Buffer Overflow (Metasploit)
TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam - ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow
TRENDnet SecurView TV-IP121WN Wireless Internet Camera - UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow
Quest InTrust Annotation Objects - Uninitialized Pointer (Metasploit)
Quest InTrust - Annotation Objects Uninitialized Pointer (Metasploit)
TFTP Server for Windows 1.4 - ST WRQ Buffer Overflow (Metasploit)
TFTP Server 1.4 (Windows) - ST WRQ Buffer Overflow (Metasploit)
samsung net-i ware 1.37 - Multiple Vulnerabilities
Samsung NET-i ware 1.37 - Multiple Vulnerabilities
iOS 5.1.1 - Safari Browser - JS match() & search() Crash (PoC)
Apple iOS 5.1.1 - Safari Browser - JS match() & search() Crash (PoC)
GIMP - script-fu Server Buffer Overflow (Metasploit)
GIMP script-fu - Server Buffer Overflow (Metasploit)
SugarCRM 6.3.1 - Unserialize() PHP Code Execution (Metasploit)
SugarCRM CE 6.3.1 - Unserialize() PHP Code Execution (Metasploit)
Openfire 3.6.0a - Admin Console Authentication Bypass (Metasploit)
Openfire Server 3.6.0a - Admin Console Authentication Bypass (Metasploit)
Tiki Wiki 8.3 - Unserialize() PHP Code Execution (Metasploit)
Tiki Wiki CMS Groupware 8.3 - Unserialize() PHP Code Execution (Metasploit)
Ipswitch IMail 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption
Ipswitch IMail Server 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption
UoW imapd 10.234/12.264 - Buffer Overflow
UoW imapd 10.234/12.264 - LSUB Buffer Overflow (Metasploit)
UoW imapd 10.234/12.264 - COPY Buffer Overflow (Metasploit)
UoW IMAPd Server 10.234/12.264 - Buffer Overflow
UoW IMAPd Server 10.234/12.264 - LSUB Buffer Overflow (Metasploit)
UoW IMAPd Serve 10.234/12.264 - COPY Buffer Overflow (Metasploit)
RedHat 6.2 - Piranha Virtual Server Package Default Account and Password
RedHat 6.2 Piranha Virtual Server Package - Default Account and Password
Microsoft Windows - Escalate Task Scheduler XML Privilege Escalation (Metasploit)
Microsoft Windows - Task Scheduler XML Privilege Escalation (Metasploit)
hp jetadmin 5.5.177/jetadmin 5.6 - Directory Traversal
HP JetAdmin 5.5.177/jetadmin 5.6 - Directory Traversal
Alienvault OSSIM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection
Alienvault OSSIM Open Source SIEM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection
RedHat 6 - glibc/locale Subsystem Format String
Solaris 2.6/7.0 - /locale Subsystem Format String
RedHat 6 GLIBC/locale - Subsystem Format String
Solaris 2.6/7.0 /locale - Subsystem Format String
Solaris 2.6/7.0 - 'eject' locale Subsystem Format String
Solaris 2.6/7.0 'eject' locale - Subsystem Format String
Microsoft IIS 4.0/5.0 and PWS Extended Unicode - Directory Traversal (5)
Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (5)
RedHat restore 0.4 b15 - Insecure Environment Variables
RedHat 0.4 b15 restore - Insecure Environment Variables
Viscosity OpenVPN Client (OSX) - Privilege Escalation
Viscosity - Privilege Escalation
Solaris 2.x/7.0/8 catman - Race Condition (1)
Solaris 2.x/7.0/8 catman - Race Condition (2)
Solaris 2.x/7.0/8 Catman - Race Condition (1)
Solaris 2.x/7.0/8 Catman - Race Condition (2)
sap NetWeaver dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities
SAP NetWeaver Dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities
T-dah Webmail - Multiple Persistent Cross-Site Scripting
T-dah Webmail Client - Multiple Persistent Cross-Site Scripting
Ntpd - Remote Buffer Overflow
NTPd - Remote Buffer Overflow
Ipswitch WS_FTP 2.0 - Anonymous Multiple FTP Command Buffer Overflow
Ipswitch WS_FTP Server 2.0 - Anonymous Multiple FTP Command Buffer Overflow
Solaris 2.x/7.0/8 lpd - Remote Command Execution
HP-UX 11.0 SWVerify - Buffer Overflow
Solaris 2.x/7.0/8 LPD - Remote Command Execution
HP-UX 11.0 - SWVerify Buffer Overflow
phusion WebServer 1.0 - Directory Traversal (1)
phusion WebServer 1.0 - Directory Traversal (2)
Phusion WebServer 1.0 - Directory Traversal (1)
Phusion WebServer 1.0 - Directory Traversal (2)
Progress 9.1 - sqlcpp Local Buffer Overflow
Progress Database 9.1 - sqlcpp Local Buffer Overflow
PsyBNC 2.3 - Oversized Passwords Denial of Service
psyBNC 2.3 - Oversized Passwords Denial of Service
Wu-imapd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1)
Wu-imapd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2)
WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1)
WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2)
Midicart - PHP Arbitrary File Upload
Midicart PHP - Arbitrary File Upload
otrs 3.1 - Persistent Cross-Site Scripting
OTRS 3.1 - Persistent Cross-Site Scripting
EType EServ 2.9x POP3 - Remote Denial of Service
EType EServ 2.9x - POP3 Remote Denial of Service
Invision Power Board 3.3.4 - 'Unserialize()' PHP Code Execution
Invision Power Board (IP.Board) 3.3.4 - 'Unserialize()' PHP Code Execution
Invision Power Board 3.3.4 - Unserialize Regex Bypass
Invision Power Board (IP.Board) 3.3.4 - Unserialize Regex Bypass
ttCMS 2.2 - / ttForum 1.1 news.php template Parameter Remote File Inclusion
ttCMS 2.2 - / ttForum 1.1 install.php installdir Parameter Remote File Inclusion
ttCMS 2.2 / ttForum 1.1 - news.php template Parameter Remote File Inclusion
ttCMS 2.2 / ttForum 1.1 - install.php installdir Parameter Remote File Inclusion
Invision IP.Board 3.3.4 - Unserialize() PHP Code Execution (Metasploit)
Invision Power Board (IP.Board) 3.3.4 - Unserialize() PHP Code Execution (Metasploit)
NFR Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution (Metasploit)
Novell File Reporter (NFR) Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution (Metasploit)
Kerio MailServer 5.6.3 - add_acl Module Overflow
Kerio MailServer 5.6.3 add_acl Module - Overflow
phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 - pagemaster Module PAGE_id Parameter Cross-Site Scripting
phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 pagemaster Module - PAGE_id Parameter Cross-Site Scripting
IBM System Director - Remote System Level Exploit
IBM System Director Agent - Remote System Level Exploit
Tectia SSH - USERAUTH Change Request Password Reset (Metasploit)
(SSH.com Communications) SSH Tectia - USERAUTH Change Request Password Reset (Metasploit)
Oracle MySQL for Microsoft Windows - MOF Execution (Metasploit)
Oracle MySQL (Windows) - MOF Execution (Metasploit)
CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (1)
CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (2)
GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (1)
GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (2)
IWConfig - Local ARGV Command Line Buffer Overflow (1)
IWConfig - Local ARGV Command Line Buffer Overflow (2)
IWConfig - Local ARGV Command Line Buffer Overflow (3)
Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (1)
Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (2)
Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (3)
Novell File Reporter Agent - XML Parsing Remote Code Execution
Novell File Reporter (NFR) Agent - XML Parsing Remote Code Execution
RhinoSoft Serv-U FTP Server 3/4 - MDTM Command Stack Overflow (1)
RhinoSoft Serv-U FTP Server 3/4 - MDTM Command Stack Overflow (2)
RhinoSoft Serv-U FTPd Server 3/4 - MDTM Command Stack Overflow (1)
RhinoSoft Serv-U FTPd Server 3/4 - MDTM Command Stack Overflow (2)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (1)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (2)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (3)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (4)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (1)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (2)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (3)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (4)
Alan Ward A-Cart 2.0 - category.asp catcode Parameter SQL Injection
Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection
Nagios - history.cgi Remote Command Execution
Nagios3 - history.cgi Remote Command Execution
phpshop 2.0 - SQL Injection
phpShop 2.0 - SQL Injection
Freesshd - Authentication Bypass (Metasploit)
FreeSSHD - Authentication Bypass (Metasploit)
RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Open Proxy Relay
RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Arbitrary File Access
RiSearch 0.99 /RiSearch Pro 3.2.6 - show.pl Open Proxy Relay
RiSearch 0.99 /RiSearch Pro 3.2.6 - show.pl Arbitrary File Access
SLMail 5.5 - POP3 PASS Remote Buffer Overflow
SLMail 5.5 - Remote Buffer Overflow
Seattle Lab Mail (SLMail) 5.5 - POP3 PASS Remote Buffer Overflow
Seattle Lab Mail (SLMail) 5.5 - Remote Buffer Overflow
AT-TFTP Server 2.0 - Stack Based Buffer Overflow Denial of Service
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 2.0 - Stack Based Buffer Overflow Denial of Service
Microsoft Windows Light HTTPD 0.1 - Buffer Overflow
Light HTTPD 0.1 (Windows) - Buffer Overflow
MSN Messenger 6.2.0137 - '.png' Buffer Overflow
Microsoft MSN Messenger 6.2.0137 - '.png' Buffer Overflow
Smail-3 - Multiple Remote and Local Vulnerabilities
Smail 3 - Multiple Remote and Local Vulnerabilities
Cisco Linksys E4200 Firmware - Multiple Vulnerabilities
Cisco Linksys E4200 - Multiple Vulnerabilities
Salim Gasmi GLD 1.x - Postfix Greylisting Daemon Buffer Overflow
Salim Gasmi GLD (Greylisting Daemon) 1.x - Postfix Greylisting Daemon Buffer Overflow
Claroline 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection
Claroline 1.5/1.6 - exercises_details.php exo_id Parameter SQL Injection
Claroline E-Learning 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection
Claroline E-Learning 1.5/1.6 - exercises_details.php exo_id Parameter SQL Injection
PHPCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection
phpCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection
NPDS 4.8 - /5.0 admin.php language Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 powerpack_f.php language Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 sdv_infos.php sitename Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - admin.php language Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - powerpack_f.php language Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - sdv_infos.php sitename Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 reviews.php title Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 reply.php image_subject Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 Glossaire Module terme Parameter SQL Injection
NPDS 4.8 - /5.0 links.php Query Parameter SQL Injection
NPDS 4.8 - /5.0 faq.php categories Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - reviews.php title Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - reply.php image_subject Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - Glossaire Module terme Parameter SQL Injection
NPDS 4.8 < 5.0 - links.php Query Parameter SQL Injection
NPDS 4.8 < 5.0 - faq.php categories Parameter Cross-Site Scripting
SlimServe httpd 1.0/1.1 - Directory Traversal
WhitSoft SlimServe httpd 1.0/1.1 - Directory Traversal
Quick TFTP Server 2.2 - Denial of Service
Quick TFTP Server Pro 2.2 - Denial of Service
aeNovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection
Aenovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection
XMB 1.9.3 - u2u.php Cross-Site Scripting
XMB Forum 1.9.3 - u2u.php Cross-Site Scripting
PHPAlbum 0.2.3/4.1 - Local File Inclusion
PHP Photo Album 0.2.3/4.1 - Local File Inclusion
Zoom X4/X5 ADSL Modem - Multiple Vulnerabilities
Zoom Telephonics X4/X5 ADSL Modem - Multiple Vulnerabilities
BlazeDVD Pro player 6.1 - Stack Based Buffer Overflow (Direct Ret)
BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow (Direct Ret)
NetBSD mail.local - Privilege Escalation (Metasploit)
NetBSD mail.local(8) - Privilege Escalation (Metasploit)
PCMAN FTP 2.07 - PASS Command Buffer Overflow
PCMan FTP Server 2.07 - PASS Command Buffer Overflow
PCMAN FTP 2.07 - STOR Command Buffer Overflow
PCMan FTP Server 2.07 - STOR Command Buffer Overflow
EImagePro - - subList.asp CatID Parameter SQL Injection
EImagePro - subList.asp CatID Parameter SQL Injection
OZJournals 1.2 - Vname Parameter Cross-Site Scripting
OZJournals 1.2 - 'Vname' Parameter Cross-Site Scripting
SoftBiz Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection
SoftBiz Dating Script 1.0 - products.php cid Parameter SQL Injection
SoftBiz Dating Script 1.0 - 'index.php' cid Parameter SQL Injection
SoftBiz Dating Script 1.0 - news_desc.php id Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - products.php cid Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - 'index.php' cid Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - news_desc.php id Parameter SQL Injection
OZJournals 1.5 - Multiple Input Validation Vulnerabilities
Baby FTP server 1.24 - Denial of Service
PCMAN FTP 2.07 - STOR Command Stack Overflow (Metasploit)
PCMan FTP Server 2.07 - STOR Command Stack Overflow (Metasploit)
Sophos Web Protection Appliance sblistpack - Arbitrary Command Execution (Metasploit)
Sophos Web Protection Appliance - 'sblistpack' Arbitrary Command Execution (Metasploit)
Festalon 0.5 - '.HES' Files Remote Heap Buffer Overflow
Festalon 0.5 - '.HES' Remote Heap Buffer Overflow
EZContents 2.0. - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion
EZContents 2.0 - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion
Google Earth 4.0.2091 (Beta) - KML/KMZ Files Buffer Overflow
Google Earth 4.0.2091 (Beta) - '.KML'/'.KMZ' Buffer Overflow
A-CART 2.0 - category.asp catcode Parameter SQL Injection
Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection
Microsoft Windows Media 6.4/10.0 - MID Malformed Header Chunk Denial of Service
Microsoft Windows Media Player 6.4/10.0 - MID Malformed Header Chunk Denial of Service
Microsoft Windows NDPROXY - Local SYSTEM Privilege Escalation (MS14-002)
Microsoft Windows - 'NDPROXY' Local SYSTEM Privilege Escalation (MS14-002)
Fish - Multiple Remote Buffer Overflow Vulnerabilities
FiSH-irssi - Multiple Remote Buffer Overflow Vulnerabilities
Microsoft Windows XP/2000 - 'WinMM.dll' .WAV Files Remote Denial of Service
Microsoft Windows XP/2000 - 'WinMM.dll' / '.WAV' Remote Denial of Service
Comersus Cart 7.0.7 Cart - comersus_message.asp redirectUrl Cross-Site Scripting
Comersus Cart 7.0.7 - comersus_message.asp redirectUrl Cross-Site Scripting
LanDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow
LANDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow
SAP DB 7.x - Web Server WAHTTP.exe Multiple Buffer Overflow Vulnerabilities
SAP DB 7.x Web Server - WAHTTP.exe Multiple Buffer Overflow Vulnerabilities
Lanius CMS 1.2.14 - FAQ Module mid Parameter SQL Injection
Lanius CMS 1.2.14 - EZSHOPINGCART Module cid Parameter SQL Injection
Lanius CMS 1.2.14 FAQ Module - 'mid' Parameter SQL Injection
Lanius CMS 1.2.14 EZSHOPINGCART Module - 'cid' Parameter SQL Injection
Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal
SafeNet Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal
Thomson SpeedTouch 2030 - SIP Invite Message Remote Denial of Service
Thomson SpeedTouch ST 2030 (SIP Phone) - SIP Invite Message Remote Denial of Service
Uebimiau 2.7.x - 'index.php' Cross-Site Scripting
Uebimiau Webmail 2.7.x - 'index.php' Cross-Site Scripting
Seagate BlackArmor - Root Exploit
Seagate BlackArmor NAS - Root Exploit
Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filtering
Apple Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filtering
PCMAN FTP 2.07 - ABOR Command Buffer Overflow
PCMAN FTP 2.07 - CWD Command Buffer Overflow
PCMan FTP Server 2.07 - ABOR Command Buffer Overflow
PCMan FTP Server 2.07 - CWD Command Buffer Overflow
HP OpenView Network Node Manager 7.x - (OV NNM) OpenView5.exe Action Parameter Traversal Arbitrary File Access
HP OpenView Network Node Manager (OV NNM) 7.x -OpenView5.exe Action Parameter Traversal Arbitrary File Access
amfphp 1.2 - browser/details class Parameter Cross-Site Scripting
amfPHP 1.2 - browser/details class Parameter Cross-Site Scripting
PCMAN FTP 2.07 - Buffer Overflow
PCMan FTP Server 2.07 - Buffer Overflow
Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit
Ultra Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit
SAFARI Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities
Apple Safari Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities
Novell Groupwise Messenger 2.0 - Client Buffer Overflow
Novell Groupwise Messenger 2.0 Client - Buffer Overflow
Meeting Room Booking System - (MRBS) 1.2.6 day.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 week.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 month.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - day.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - week.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - month.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 report.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 help.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - report.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - help.php area Parameter Cross-Site Scripting
Oracle VirtualBox 3D Acceleration - Multiple Vulnerabilities
Oracle VM VirtualBox 3D Acceleration - Multiple Vulnerabilities
OpenNms 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting
OpenNms 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting
OpenNms 1.5.x - event/list filter Parameter Cross-Site Scripting
OpenNMS 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting
OpenNMS 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting
OpenNMS 1.5.x - event/list filter Parameter Cross-Site Scripting
OpenNms 1.5.x - HTTP Response Splitting
OpenNMS 1.5.x - HTTP Response Splitting
Lynx 2.8 - '.mailcap' and '.mime.type' Files Local Code Execution
Lynx 2.8 - '.mailcap'/'.mime.type' Local Code Execution
Zeeways SHAADICLONE 2.0 - 'admin/home.php' Authentication Bypass
Zeeways Shaadi Clone 2.0 - 'admin/home.php' Authentication Bypass
Pilot Group PG Roommate - SQL Injection
Pilot Group PG Roommate Finder Solution - SQL Injection
OpenSSL TLS Heartbeat Extension - Memory Disclosure
OpenSSL TLS Heartbeat Extension - ''Heartbleed' Memory Disclosure
OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions)
OpenSSL 1.0.1f TLS Heartbeat Extension - 'Heartbleed' Memory Disclosure (Multiple SSL/TLS versions)
Heartbleed OpenSSL - Information Leak Exploit (1)
OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (1)
IBM Director 5.20 - CIM Server Privilege Escalation
IBM System Director Agent 5.20 - CIM Server Privilege Escalation
Heartbleed OpenSSL - Information Leak Exploit (2) DTLS Support
OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (2) (DTLS Support)
Kolibri 2.0 - GET Request Stack Buffer Overflow
Kolibri Web Server 2.0 - GET Request Stack Buffer Overflow
Easy Chat Server 3.1 - Stack Buffer Overflow
EFS Easy Chat Server 3.1 - Stack Buffer Overflow
Sphider 1.3.6 - Multiple Vulnerabilities
Sphider Search Engine 1.3.6 - Multiple Vulnerabilities
Kolibri WebServer 2.0 - GET Request SEH Exploit
Kolibri Web Server 2.0 - GET Request SEH Exploit
MQAC.sys - Arbitrary Write Privilege Escalation (Metasploit)
Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation (Metasploit)
VirtualBox - 3D Acceleration Virtual Machine Escape (Metasploit)
VirtualBox Guest Additions - 'VBoxGuest.sys' Privilege Escalation (Metasploit)
Oracle VM VirtualBox 4.3.6 - 3D Acceleration Virtual Machine Escape (Metasploit)
Oracle VM VirtualBox Guest Additions 4.3.10r93012 - 'VBoxGuest.sys' Privilege Escalation (Metasploit)
Impact Software Ad Peeps - Cross-Site Scripting / HTML Injection
Impact Software AdPeeps - Cross-Site Scripting / HTML Injection
PPScript - 'shop.htm' SQL Injection
Payment Processor Script (PPScript) - 'shop.htm' SQL Injection
ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution
ManageEngine DesktopCentral - Arbitrary File Upload / Remote Code Execution
Microsoft Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060)
Microsoft Windows - OLE Remote Code Execution 'Sandworm' Exploit (MS14-060)
Eclipse 3.3.2 IDE Help Server - help/advanced/searchView.jsp SearchWord Parameter Cross-Site Scripting
Eclipse 3.3.2 IDE - Help Server help/advanced/searchView.jsp SearchWord Parameter Cross-Site Scripting
TaskFreak 0.6.4 - 'index.php' Multiple Parameter Cross-Site Scripting
TaskFreak 0.6.4 - print_list.php Multiple Parameter Cross-Site Scripting
TaskFreak 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting
TaskFreak! 0.6.4 - 'index.php' Multiple Parameter Cross-Site Scripting
TaskFreak! 0.6.4 - print_list.php Multiple Parameter Cross-Site Scripting
TaskFreak! 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting
WordPress Plugin Wp Symposium 14.11 - Unauthenticated Arbitrary File Upload
WordPress Plugin WP Symposium 14.11 - Unauthenticated Arbitrary File Upload
Pandora 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit)
Pandora FMS 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit)
Oracle MySQL for Microsoft Windows - FILE Privilege Abuse (Metasploit)
Oracle MySQL (Windows) - FILE Privilege Abuse (Metasploit)
Exim ESMTP 4.80 glibc gethostbyname - Denial of Service
Exim ESMTP 4.80 - glibc gethostbyname Denial of Service
Support Incident Tracker - (SiT!) 3.63 p1 search.php search_string Parameter SQL Injection
Support Incident Tracker (SiT!) 3.63 p1 - search.php search_string Parameter SQL Injection
alitbang CMS 3.3 - alumni.php hal Parameter SQL Injection
Balitbang CMS 3.3 - alumni.php hal Parameter SQL Injection
HP Network Node Manager i 9.10 - nnm/mibdiscover node Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/configurationpoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/ping.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/traceroute.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/mibdiscover node Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/configurationpoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/ping.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/traceroute.jsp nodename Parameter Cross-Site Scripting
Publish-It - PUI Buffer Overflow (SEH)
Publish-It - '.PUI' Buffer Overflow (SEH)
WordPress Plugin WP Marketplace 2.4.0 - Remote Code Execution (Add WP Admin)
WordPress Plugin Marketplace 2.4.0 - Remote Code Execution (Add Admin)
Yaws 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
Yaws-Wiki 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
abrt (Fedora 21) - Race Condition
Abrt (Fedora 21) - Race Condition
Webgate WESP SDK 1.2 - ChangePassword Stack Overflow
WebGate WESP SDK 1.2 - ChangePassword Stack Overflow
Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034)
Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034)
Oracle - Outside-In DOCX File Parsing Memory Corruption
Oracle - Outside-In '.DOCX' File Parsing Memory Corruption
iTunes 10.6.1.7 - '.pls' Title Buffer Overflow
Apple iTunes 10.6.1.7 - '.pls' Title Buffer Overflow
WordPress Plugin Leaflet Maps Marker 0.0.1 for - leaflet_marker.php id Parameter Cross-Site Scripting
WordPress Plugin Leaflet Maps Marker 0.0.1 - leaflet_marker.php id Parameter Cross-Site Scripting
Microsoft Windows 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)
Microsoft Windows Server 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)
Mozilla Firefox < 39.03 - pdf.js Same Origin Policy Exploit
Mozilla Firefox < 39.03 - 'pdf.js' Same Origin Policy Exploit
Mozilla Firefox - pdf.js Privileged JavaScript Injection (Metasploit)
Mozilla Firefox - 'pdf.js' Privileged JavaScript Injection (Metasploit)
MiniUPnP - Multiple Denial of Service Vulnerabilities
MiniUPnP 1.4 - Multiple Denial of Service Vulnerabilities
Kaseya Virtual System Administrator - Multiple Vulnerabilities (2)
Kaseya Virtual System Administrator (VSA) - Multiple Vulnerabilities (2)
Safari - User-Assisted Applescript Exec Attack (Metasploit)
Apple Safari - User-Assisted Applescript Exec Attack (Metasploit)
Acrobat Reader DC 15.008.20082.15957 - PDF Parsing Memory Corruption
Acrobat Reader DC 15.008.20082.15957 - '.PDF' Parsing Memory Corruption
Dynamic Biz Website Builder - (QuickWeb) 1.0 apps/news-events/newdetail.asp id Parameter SQL Injection
Dynamic Biz Website Builder (QuickWeb) 1.0 - apps/news-events/newdetail.asp id Parameter SQL Injection
Xangati XSR And XNR - 'gui_input_test.pl' Remote Command Execution
Xangati XSR / XNR - 'gui_input_test.pl' Remote Command Execution
pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap Based Out-of-Bounds Read
pdfium CPDF_TextObject::CalcPositionData - Heap Based Out-of-Bounds Read
pdfium - CPDF_DIBSource::DownSampleScanline32Bit Heap Based Out-of-Bounds Read
pdfium - CPDF_TextObject::CalcPositionData Heap Based Out-of-Bounds Read
pdfium CPDF_Function::Call - Stack Based Buffer Overflow
pdfium - CPDF_Function::Call Stack Based Buffer Overflow
Foxit Reader 7.2.8.1124 - PDF Parsing Memory Corruption
Foxit Reader 7.2.8.1124 - '.PDF' Parsing Memory Corruption
Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit)
Netgear ProSafe Network Management System NMS300 - Arbitrary File Upload (Metasploit)
Novell Service Desk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities
Novell ServiceDesk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities
Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload
Oracle Application Testing Suite (ATS) 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload
ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass
ZKTeco ZKBioSecurity 3.0 - 'visLogin.jsp' Local Authentication Bypass
MiCasa VeraLite - Remote Code Execution
MiCasaVerde VeraLite - Remote Code Execution
SmallFTPd 1.0.3 - 'mkd' Command Denial of Service
SmallFTPd 1.0.3 - 'mkd' Command Denial Of Service
GNU GTypist 2.9.5-2 - Local Buffer Overflow
uSQLite 1.0.0 - Denial Of Service
HP TouchSmart Calendar 4.1.4245 - Insecure File Permissions Privilege Escalation
Joomla 3.4.4 - 3.6.4 - Account Creation / Privilege Escalation
CherryTree 0.36.9 - Memory Corruption (PoC)
|
2016-10-28 05:01:21 +00:00 |
|
Offensive Security
|
07fdc778ee
|
DB: 2016-10-21
24 new exploits
NetAuctionHelp 4.1 - search.asp SQL Injection
Apple Mac OSX 10.4.11 2007-008 - i386_set_ldt System Call Local Arbitrary Code Execution
Microsoft Edge - Array.map Heap Overflow (MS16-119)
Microsoft Jet Database Engine - '.MDB' File Parsing Remote Buffer Overflow
Microsoft Edge - Array.join Info Leak (MS16-119)
Windows DeviceApi CMApi PiCMOpenDeviceKey - Arbitrary Registry Key Write Privilege Escalation (MS16-124)
Windows DeviceApi CMApi - PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124)
HikVision Security Systems - Activex Buffer Overflow
Oracle Netbeans IDE 8.1 - Directory Traversal
MiCasa VeraLite - Remote Code Execution
Oracle BI Publisher 11.1.1.6.0 / 11.1.1.7.0 / 11.1.1.9.0 / 12.2.1.0.0 - XML External Entity Injection
Classifieds Rental Script - SQL Injection
SAP NetWeaver KERNEL 7.0 < 7.5 - Denial of Service
SAP Adaptive Server Enterprise 16 - Denial of Service
Event Calendar PHP 1.5 - SQL Injection
SPIP 3.1.2 Template Compiler/Composer - PHP Code Execution
SPIP 3.1.1 / 3.1.2 - File Enumeration / Path Traversal
SPIP 3.1.2 - Cross-Site Request Forgery
Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120)
Windows win32k.sys - TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120)
Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124)
Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123)
Microsoft Edge - Function.apply Info Leak (MS16-119)
Microsoft Edge - Spread Operator Stack Overflow (MS16-119)
Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118)
Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118)
Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124)
Hak5 WiFi Pineapple - Preconfiguration Command Injection (Metasploit)
OpenNMS - Java Object Unserialization Remote Code Execution (Metasploit)
|
2016-10-21 05:01:17 +00:00 |
|
Offensive Security
|
01eb066d9d
|
DB: 2016-10-13
11 new exploits
IBM AIX 5.2/5.3 FTP Client - Local Buffer Overflow
Yahoo! Widgets Engine 4.0.3 - YDPCTL.dll ActiveX Control Buffer Overflow
Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin)
Simple PHP Blog 0.8.4 - (Add Admin) Cross-Site Request Forgery
miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post)
miniblog 1.0.1 - (Add New Post) Cross-Site Request Forgery
PHP Press Release - Cross-Site Request Forgery (Add Admin)
PHP Press Release - (Add Admin) Cross-Site Request Forgery
Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post)
Spacemarc News - Cross-Site Request Forgery (Add New Post)
Minecraft Launcher - Insecure File Permissions Privilege Escalation
Maian Weblog 4.0 - (Add New Post) Cross-Site Request Forgery
Spacemarc News - (Add New Post) Cross-Site Request Forgery
Minecraft Launcher 1.6.61 - Insecure File Permissions Privilege Escalation
sheed AntiVirus - Unquoted Service Path Privilege Escalation
AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities
sheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation
AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities
Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit)
Linux Kernel 3.13.1 - 'Recvmmsg' Privilege Escalation (Metasploit)
ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)
ApPHP MicroBlog 1.0.2 - (Add New Author) Cross-Site Request Forgery
Subversion 1.6.6 / 1.6.12 - Code Execution
Cisco Webex Player T29.10 - '.WRF' Use-After-Free Memory Corruption
Cisco Webex Player T29.10 - '.ARF' Out-of-Bounds Memory Corruption
Adobe Flash Player 23.0.0.162 - '.SWF' ConstantPool Critical Memory Corruption
Categorizator 0.3.1 - SQL Injection
NetBilletterie 2.8 - Multiple Vulnerabilities
ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting
OpenCimetiere v3.0.0-a5 - Blind SQL Injection
Android - Binder Generic ASLR Leak
ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery
|
2016-10-13 05:01:17 +00:00 |
|
Offensive Security
|
7607be84a3
|
DB: 2016-09-10
3 new exploits
freeSSHd 1.2.1 - Remote Stack Overflow PoC (Authenticated)
freeSSHd 1.2.1 - Remote Stack Overflow PoC Authenticated
freeSSHd 1.2.1 - (Authenticated) Remote SEH Overflow
freeSSHd 1.2.1 - Authenticated Remote SEH Overflow
Debian OpenSSH - (Authenticated) Remote SELinux Privilege Elevation Exploit
Debian OpenSSH - Authenticated Remote SELinux Privilege Elevation Exploit
AvailScript Jobs Portal Script - (Authenticated) (jid) SQL Injection
AvailScript Jobs Portal Script - Authenticated (jid) SQL Injection
AvailScript Jobs Portal Script - (Authenticated) Arbitrary File Upload
AvailScript Jobs Portal Script - Authenticated Arbitrary File Upload
Serv-U 7.3 - (Authenticated) (stou con:1) Denial of Service
Serv-U 7.3 - (Authenticated) Remote FTP File Replacement
Serv-U 7.3 - Authenticated (stou con:1) Denial of Service
Serv-U 7.3 - Authenticated Remote FTP File Replacement
freeSSHd 1.2.1 - (Authenticated) SFTP rename Remote Buffer Overflow PoC
freeSSHd 1.2.1 - Authenticated SFTP rename Remote Buffer Overflow PoC
LoudBlog 0.8.0a - (Authenticated) (ajax.php) SQL Injection
LoudBlog 0.8.0a - Authenticated (ajax.php) SQL Injection
freeSSHd 1.2.1 - (Authenticated) SFTP realpath Remote Buffer Overflow PoC
freeSSHd 1.2.1 - Authenticated SFTP realpath Remote Buffer Overflow PoC
Hannon Hill Cascade Server - (Authenticated) Command Execution
Hannon Hill Cascade Server - Authenticated Command Execution
Telnet-Ftp Service Server 1.x - (Authenticated) Multiple Vulnerabilities
Telnet-Ftp Service Server 1.x - Authenticated Multiple Vulnerabilities
Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities
Femitter FTP Server 1.x - Authenticated Multiple Vulnerabilities
Cpanel - (Authenticated) (lastvisit.html domain) Arbitrary File Disclosure
Cpanel - Authenticated (lastvisit.html domain) Arbitrary File Disclosure
MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String PoC
MySQL 5.0.45 - Authenticated COM_CREATE_DB Format String PoC
FtpXQ FTP Server 3.0 - (Authenticated) Remote Denial of Service
FtpXQ FTP Server 3.0 - Authenticated Remote Denial of Service
NetAccess IP3 - (Authenticated) (ping option) Command Injection
NetAccess IP3 - Authenticated (ping option) Command Injection
Novell eDirectory 8.8 SP5 - (Authenticated) Remote Buffer Overflow
Novell eDirectory 8.8 SP5 - Authenticated Remote Buffer Overflow
Apache Axis2 Administration console - (Authenticated) Cross-Site Scripting
Apache Axis2 Administration console - Authenticated Cross-Site Scripting
Easy FTP Server 1.7.0.11 - (Authenticated) 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'CWD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow (Metasploit)
Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit)
UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow
UPlusFTP Server 1.7.1.01 - Authenticated HTTP Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow
ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Authenticated) Remote Buffer Overflow
ActFax Server FTP 4.25 Build 0221 (2010-02-11) - Authenticated Remote Buffer Overflow
ActFax Server FTP - (Authenticated) Remote Buffer Overflow
ActFax Server FTP - Authenticated Remote Buffer Overflow
Oracle Database - Protocol Authentication Bypass
Oracle Database - Protocol Authentication Bypass
IRIS Citations Management Tool - (Authenticated) Remote Command Execution
IRIS Citations Management Tool - Authenticated Remote Command Execution
Airmail 3.0.2 - Cross-Site Scripting
LamaHub 0.0.6.2 - Buffer Overflow
Vodafone Mobile Wifi - Reset Admin Password
Zabbix 2.0 - 3.0.3 - SQL Injection
Zabbix 2.0 < 3.0.3 - SQL Injection
Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution
Acuity CMS 2.6.2 - (ASP) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution
GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution
GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution
Alfresco - /proxy endpoint Parameter Server Side Request Forgery (SSRF)
Alfresco - /cmisbrowser url Parameter Server Side Request Forgery (SSRF)
Alfresco - /proxy endpoint Parameter Server Side Request Forgery
Alfresco - /cmisbrowser url Parameter Server Side Request Forgery
vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery (SSRF)
vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery
|
2016-09-10 05:08:39 +00:00 |
|
Offensive Security
|
0be1ea959a
|
DB: 2016-09-09
11 new exploits
Samba 3.0.4 - SWAT Authorization Buffer Overflow
Samba 3.0.4 SWAT - Authorisation Buffer Overflow
Apache OpenSSL - 'OpenFuckV2.c' Remote Exploit
Apache/mod_ssl (< 2.8.7) OpenSSL - 'OpenFuckV2.c' Remote Exploit (2)
HP-UX FTP Server - Pre-Authentication Directory Listing Exploit (Metasploit)
HP-UX FTP Server - Unauthenticated Directory Listing Exploit (Metasploit)
WinEggDropShell 1.7 - Multiple Pre-Authentication Remote Stack Overflow (PoC)
WinEggDropShell 1.7 - Multiple Unauthenticated Remote Stack Overflow (PoC)
FileCOPA FTP Server 1.01 - (USER) Remote Pre-Authentication Denial of Service
FileCOPA FTP Server 1.01 - (USER) Remote Unauthenticated Denial of Service
Multiple Applications - Local Credentials Disclosure
Asterisk 1.2.15 / 1.4.0 - Pre-Authentication Remote Denial of Service
Asterisk 1.2.15 / 1.4.0 - Unauthenticated Remote Denial of Service
IBM Lotus Domino Server 6.5 - Pre-Authentication Remote Exploit
IBM Lotus Domino Server 6.5 - Unauthenticated Remote Exploit
Frontbase 4.2.7 - Post-Authentication Remote Buffer Overflow (2.2)
Frontbase 4.2.7 - Authenticated Remote Buffer Overflow (2.2)
IBM Tivoli Provisioning Manager - Pre-Authentication Remote Exploit
IBM Tivoli Provisioning Manager - Unauthenticated Remote Exploit
Mercury SMTPD - Remote Pre-Authentication Stack Based Overrun (PoC)
Mercury SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)
Mercury/32 4.51 - SMTPD CRAM-MD5 Pre-Authentication Remote Overflow
Mercury/32 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow
SIDVault LDAP Server - Pre-Authentication Remote Buffer Overflow
Mercury/32 3.32-4.51 - SMTP Pre-Authentication EIP Overwrite
SIDVault LDAP Server - Unauthenticated Remote Buffer Overflow
Mercury/32 3.32-4.51 - SMTP Unauthenticated EIP Overwrite
Hexamail Server 3.0.0.001 - (pop3) Pre-Authentication Remote Overflow (PoC)
Hexamail Server 3.0.0.001 - (pop3) Unauthenticated Remote Overflow (PoC)
Airsensor M520 - HTTPD Remote Pre-Authentication Denial of Service / Buffer Overflow (PoC)
Airsensor M520 - HTTPD Remote Unauthenticated Denial of Service / Buffer Overflow (PoC)
Mercury/32 4.52 IMAPD - SEARCH command Post-Authentication Overflow
Mercury/32 4.52 IMAPD - SEARCH command Authenticated Overflow
SAP MaxDB 7.6.03.07 - Pre-Authentication Remote Command Execution
McAfee E-Business Server - Remote Pre-Authentication Code Execution / Denial of Service (PoC)
SAP MaxDB 7.6.03.07 - Unauthenticated Remote Command Execution
McAfee E-Business Server - Remote Unauthenticated Code Execution / Denial of Service (PoC)
MailEnable Pro/Ent 3.13 - (Fetch) Post-Authentication Remote Buffer Overflow
MailEnable Pro/Ent 3.13 - (Fetch) Authenticated Remote Buffer Overflow
NetWin Surgemail 3.8k4-4 - IMAP Post-Authentication Remote LIST Universal Exploit
NetWin Surgemail 3.8k4-4 - IMAP Authenticated Remote LIST Universal Exploit
HP OpenView NNM 7.5.1 - OVAS.exe SEH Pre-Authentication Overflow
HP OpenView NNM 7.5.1 - OVAS.exe SEH Unauthenticated Overflow
BigAnt Server 2.2 - Pre-Authentication Remote SEH Overflow
BigAnt Server 2.2 - Unauthenticated Remote SEH Overflow
Joomla Component JPad 1.0 - Post-Authentication SQL Injection
Joomla Component JPad 1.0 - Authenticated SQL Injection
CMS Made Simple 1.2.4 - (FileManager module) File Upload
CMS Made Simple 1.2.4 - (FileManager module) Arbitrary File Upload
freeSSHd 1.2.1 - Remote Stack Overflow PoC (Post-Authentication)
freeSSHd 1.2.1 - Remote Stack Overflow PoC (Authenticated)
freeSSHd 1.2.1 - (Post-Authentication) Remote SEH Overflow
freeSSHd 1.2.1 - (Authenticated) Remote SEH Overflow
vsftpd 2.0.5 - (CWD) Post-Authentication Remote Memory Consumption Exploit
vsftpd 2.0.5 - (CWD) Authenticated Remote Memory Consumption Exploit
Surgemail 39e-1 - Post-Authentication IMAP Remote Buffer Overflow Denial of Service
Surgemail 39e-1 - Authenticated IMAP Remote Buffer Overflow Denial of Service
Debian OpenSSH - (Post-Authentication) Remote SELinux Privilege Elevation Exploit
Debian OpenSSH - (Authenticated) Remote SELinux Privilege Elevation Exploit
Oracle Internet Directory 10.1.4 - Remote Pre-Authentication Denial of Service
Oracle Internet Directory 10.1.4 - Remote Unauthenticated Denial of Service
AvailScript Jobs Portal Script - (Post-Authentication) (jid) SQL Injection
AvailScript Jobs Portal Script - (Authenticated) (jid) SQL Injection
AvailScript Jobs Portal Script - (Post-Authentication) File Upload
AvailScript Jobs Portal Script - (Authenticated) Arbitrary File Upload
Serv-U 7.3 - (Post-Authentication) (stou con:1) Denial of Service
Serv-U 7.3 - (Post-Authentication) Remote FTP File Replacement
Serv-U 7.3 - (Authenticated) (stou con:1) Denial of Service
Serv-U 7.3 - (Authenticated) Remote FTP File Replacement
Microsoft PicturePusher - ActiveX Cross-Site File Upload Attack (PoC)
Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload Attack (PoC)
Noticeware E-mail Server 5.1.2.2 - (POP3) Pre-Authentication Denial of Service
Noticeware E-mail Server 5.1.2.2 - (POP3) Unauthenticated Denial of Service
freeSSHd 1.2.1 - (Post-Authentication) SFTP rename Remote Buffer Overflow PoC
freeSSHd 1.2.1 - (Authenticated) SFTP rename Remote Buffer Overflow PoC
LoudBlog 0.8.0a - (Post-Authentication) (ajax.php) SQL Injection
LoudBlog 0.8.0a - (Authenticated) (ajax.php) SQL Injection
freeSSHd 1.2.1 - (Post-Authentication) SFTP realpath Remote Buffer Overflow PoC
freeSSHd 1.2.1 - (Authenticated) SFTP realpath Remote Buffer Overflow PoC
AJ Auction Authentication - Bypass Exploit
AJ Auction - Authentication Bypass
Simple Directory Listing 2 - Cross-Site File Upload
Simple Directory Listing 2 - Cross-Site Arbitrary File Upload
Mini File Host 1.x - Arbitrary PHP File Upload
Mini File Host 1.x - Arbitrary .PHP File Upload
Memberkit 1.0 - Remote PHP File Upload
Memberkit 1.0 - Remote Arbitrary .PHP File Upload
WinFTP 2.3.0 - 'LIST' Post-Authentication Remote Buffer Overflow
WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow
Coppermine Photo Gallery 1.4.19 - Remote PHP File Upload
Coppermine Photo Gallery 1.4.19 - Remote Arbitrary .PHP File Upload
Free Download Manager 2.5/3.0 - (Authorization) Stack Buffer Overflow (PoC)
Free Download Manager 2.5/3.0 - Authorisation Stack Buffer Overflow (PoC)
WikkiTikkiTavi 1.11 - Remote PHP File Upload
WikkiTikkiTavi 1.11 - Remote Arbitrary.PHP File Upload
Baran CMS 1.0 - Arbitrary ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation
Baran CMS 1.0 - Arbitrary .ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation
zFeeder 1.6 - 'admin.php' Pre-Authentication
zFeeder 1.6 - 'admin.php' Unauthenticated
Addonics NAS Adapter - Post-Authentication Denial of Service
Addonics NAS Adapter - Authenticated Denial of Service
Serv-U 7.4.0.1 - (SMNT) Post-Authentication Denial of Service
Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service
Hannon Hill Cascade Server - (Post-Authentication) Command Execution
Hannon Hill Cascade Server - (Authenticated) Command Execution
Telnet-Ftp Service Server 1.x - (Post-Authentication) Multiple Vulnerabilities
Telnet-Ftp Service Server 1.x - (Authenticated) Multiple Vulnerabilities
Femitter FTP Server 1.x - (Post-Authentication) Multiple Vulnerabilities
Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities
Gravity Board X 2.0b - SQL Injection / Post-Authentication Code Execution
Gravity Board X 2.0b - SQL Injection / Authenticated Code Execution
XRDP 0.4.1 - Pre-Authentication Remote Buffer Overflow (PoC)
XRDP 0.4.1 - Unauthenticated Remote Buffer Overflow (PoC)
Addonics NAS Adapter - 'bts.cgi' Post-Authentication Remote Denial of Service
Addonics NAS Adapter - 'bts.cgi' Authenticated Remote Denial of Service
Cpanel - (Post-Authentication) (lastvisit.html domain) Arbitrary File Disclosure
Cpanel - (Authenticated) (lastvisit.html domain) Arbitrary File Disclosure
MySQL 5.0.45 - (Post-Authentication) COM_CREATE_DB Format String PoC
MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String PoC
Adobe JRun 4 - (logfile) Post-Authentication Directory Traversal
Adobe JRun 4 - (logfile) Authenticated Directory Traversal
FtpXQ FTP Server 3.0 - (Post-Authentication) Remote Denial of Service
FtpXQ FTP Server 3.0 - (Authenticated) Remote Denial of Service
NetAccess IP3 - (Post-Authentication) (ping option) Command Injection
NetAccess IP3 - (Authenticated) (ping option) Command Injection
Joomla 1.5.12 - tinybrowser Arbitrary File Upload / Execute
Joomla 1.5.12 tinybrowser - Arbitrary File Upload /Execution
Cerberus FTP server 3.0.6 - Pre-Authentication Denial of Service
Cerberus FTP server 3.0.6 - Unauthenticated Denial of Service
HP NNM 7.53 - ovalarm.exe CGI Pre-Authentication Remote Buffer Overflow
HP NNM 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow
Novell eDirectory 8.8 SP5 - (Post-Authentication) Remote Buffer Overflow
Novell eDirectory 8.8 SP5 - (Authenticated) Remote Buffer Overflow
httpdx 1.5.2 - Remote Pre-Authentication Denial of Service (PoC)
httpdx 1.5.2 - Remote Unauthenticated Denial of Service (PoC)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Crash (PoC)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Crash (PoC)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Remote Exploit
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Remote Exploit
Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow
Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (SEH) (PoC)
Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (PoC)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC)
httpdx 1.5.3b - Multiple Remote Pre-Authentication Denial of Service (PoC)
httpdx 1.5.3b - Multiple Remote Unauthenticated Denial of Service (PoC)
Kerio MailServer 6.2.2 - Pre-Authentication Remote Denial of Service (PoC)
Kerio MailServer 6.2.2 - Unauthenticated Remote Denial of Service (PoC)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Buffer Overflow (Metasploit)
eDisplay Personal FTP server 1.0.0 - Pre-Authentication Denial of Service (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Crash SEH (PoC)
eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (1)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1)
eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (2)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2)
uTorrent WebUI 0.370 - Authorization header Denial of Service
uTorrent WebUI 0.370 - Authorisation Header Denial of Service
Easy Ftp Server 1.7.0.2 - MKD Remote Post-Authentication Buffer Overflow
Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow
ProSSHD 1.2 - Remote Post-Authentication Exploit (ASLR + DEP Bypass)
ProSSHD 1.2 - Remote Authenticated Exploit (ASLR + DEP Bypass)
Apache Axis2 Administration console - (Post-Authentication) Cross-Site Scripting
Apache Axis2 Administration console - (Authenticated) Cross-Site Scripting
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Pre-Authentication Denial of Service
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Unauthenticated Denial of Service
BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ALSR + DEP Bypass)
BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ASLR + DEP Bypass)
dotDefender 3.8-5 - Pre-Authentication Remote Code Execution (via Cross-Site Scripting)
dotDefender 3.8-5 - Unauthenticated Remote Code Execution (via Cross-Site Scripting)
Easy FTP Server 1.7.0.11 - (Post-Authentication) 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Post-Authentication) 'CWD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'CWD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow (Metasploit)
Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow (Metasploit)
UPlusFTP Server 1.7.1.01 - (Post-Authentication) HTTP Remote Buffer Overflow
UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Post-Authentication) Multiple Commands Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflow
Achievo 1.4.3 - Multiple Authorization Flaws
Achievo 1.4.3 - Multiple Authorisation Flaws
PHPMotion 1.62 - 'FCKeditor' File Upload
PHPMotion 1.62 - 'FCKeditor' Arbitrary File Upload
Home FTP Server 1.11.1.149 - Post-Authentication Directory Traversal
Home FTP Server 1.11.1.149 - Authenticated Directory Traversal
News Script PHP Pro - 'FCKeditor' File Upload
News Script PHP Pro - 'FCKeditor' Arbitrary File Upload
Microsoft Windows 2003 - AD Pre-Authentication BROWSER ELECTION Remote Heap Overflow
Microsoft Windows 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow
ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Post-Authentication) Remote Buffer Overflow
ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Authenticated) Remote Buffer Overflow
Vtiger CRM 5.0.4 - Pre-Authentication Local File Inclusion
Vtiger CRM 5.0.4 - Unauthenticated Local File Inclusion
HP OpenView NNM 7.53/7.51 - OVAS.exe Pre-Authentication Stack Buffer Overflow
HP OpenView NNM 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow
MailEnable - Authorization Header Buffer Overflow
MailEnable - Authorisation Header Buffer Overflow
ColdFusion 8.0.1 - Arbitrary File Upload and Execution
Adobe RoboHelp Server 8 - Arbitrary File Upload and Execution
ColdFusion 8.0.1 - Arbitrary File Upload / Execution
Adobe RoboHelp Server 8 - Arbitrary File Upload / Execution
OpenX - banner-edit.php File Upload PHP Code Execution
OpenX - banner-edit.php Arbitrary File Upload / PHP Code Execution
Joomla 1.5.12 - tinybrowser File Upload Code Execution
Joomla 1.5.12 tinybrowser - Arbitrary File Upload / Code Execution
N_CMS 1.1E - Pre-Authentication Local File Inclusion / Remote Code Exploit
N_CMS 1.1E - Unauthenticated Local File Inclusion / Remote Code Exploit
If-CMS 2.07 - Pre-Authentication Local File Inclusion (1)
If-CMS 2.07 - Unauthenticated Local File Inclusion (1)
IPComp - encapsulation Pre-Authentication kernel memory Corruption
IPComp - encapsulation Unauthenticated kernel memory Corruption
SQL-Ledger 2.8.33 - Post-Authentication Local File Inclusion / Edit
SQL-Ledger 2.8.33 - Authenticated Local File Inclusion / Edit
Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (DEP + ASLR Bypass)
Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (ASLR + DEP Bypass)
Easy Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow
Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
ActFax Server FTP - (Post-Authentication) Remote Buffer Overflow
ActFax Server FTP - (Authenticated) Remote Buffer Overflow
If-CMS 2.07 - Pre-Authentication Local File Inclusion (Metasploit) (2)
If-CMS 2.07 - Unauthenticated Local File Inclusion (Metasploit) (2)
DVD X Player 5.5.0 Pro / Standard - Universal Exploit (DEP + ASLR Bypass)
DVD X Player 5.5.0 Pro / Standard - Universal Exploit (ASLR + DEP Bypass)
DVD X Player 5.5 Pro - (SEH DEP + ASLR Bypass) Exploit
DVD X Player 5.5 Pro - (SEH + ASLR + DEP Bypass) Exploit
TomatoCart 1.1 - Post-Authentication Local File Inclusion
TomatoCart 1.1 - Authenticated Local File Inclusion
BlazeVideo HDTV Player 6.6 Professional - Universal DEP + ASLR Bypass
BlazeVideo HDTV Player 6.6 Professional - Universal ASLR + DEP Bypass
QuiXplorer 2.3 - Bugtraq File Upload
QuiXplorer 2.3 - Bugtraq Arbitrary File Upload
QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR Bypass (Metasploit)
QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows (ASLR + DEP Bypass) (Metasploit)
Avaya WinPDM UniteHostRouter 3.8.2 - Remote Pre-Authentication Command Execution
Avaya WinPDM UniteHostRouter 3.8.2 - Remote Unauthenticated Command Execution
Sysax Multi Server 5.53 - SFTP Post-Authentication SEH Exploit
Sysax 5.53 - SSH 'Username' Buffer Overflow Pre-Authentication Remote Code Execution (Egghunter)
Sysax Multi Server 5.53 - SFTP Authenticated SEH Exploit
Sysax 5.53 - SSH 'Username' Buffer Overflow Unauthenticated Remote Code Execution (Egghunter)
BlazeVideo HDTV Player 6.6 Professional - SEH & DEP & ASLR
BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass
Dolibarr ERP & CRM 3 - Post-Authentication OS Command Injection
Dolibarr ERP & CRM 3 - Authenticated OS Command Injection
V-CMS - PHP File Upload and Execution
V-CMS - Arbitrary .PHP File Upload / Execution
WebCalendar 1.2.4 - Pre-Authentication Remote Code Injection
WebCalendar 1.2.4 - Unauthenticated Remote Code Injection
appRain CMF - Arbitrary PHP File Upload
appRain CMF - Arbitrary .PHP File Upload
EGallery - PHP File Upload
EGallery - Arbitrary .PHP File Upload
SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Post-Authentication SQL Injection
SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Authenticated SQL Injection
WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary PHP File Upload
WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary .PHP File Upload
WebPageTest - Arbitrary PHP File Upload
WebPageTest - Arbitrary .PHP File Upload
XODA 0.4.5 - Arbitrary PHP File Upload
XODA 0.4.5 - Arbitrary .PHP File Upload
Elcom CMS 7.4.10 - Community Manager Insecure File Upload
Elcom CMS 7.4.10 - Community Manager Insecure Arbitrary File Upload
Trend Micro Control Manager 5.5/6.0 AdHocQuery - Post-Authentication Blind SQL Injection
Trend Micro Control Manager 5.5/6.0 AdHocQuery - Authenticated Blind SQL Injection
Mod_SSL 2.8.x - Off-by-One HTAccess Buffer Overflow
Apache/mod_ssl 2.8.x - Off-by-One HTAccess Buffer Overflow
Dropbox Desktop Client 9.4.49 (64bit) - Local Credentials Disclosure
OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (1)
OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (2)
Apache/mod_ssl (< 2.8.7) OpenSSL - 'OpenFuck.c' Remote Exploit (1)
Apache/mod_ssl OpenSSL < 0.9.6d / < 0.9.7-beta2 - 'openssl-too-open.c' SSL2 KEY_ARG Overflow Exploit
qdPM 7.0 - Arbitrary PHP File Upload
qdPM 7.0 - Arbitrary .PHP File Upload
Oracle Database - Authentication Protocol Security Bypass
Oracle Database - Protocol Authentication Bypass
Mod_NTLM 0.x - Authorization Heap Overflow
Mod_NTLM 0.x - Authorisation Heap Overflow
Mod_NTLM 0.x - Authorization Format String
Mod_NTLM 0.x - Authorisation Format String
Geeklog 1.3.x - Authentication SQL Injection
Geeklog 1.3.x - Authenticated SQL Injection
NFR Agent FSFUI Record - Arbitrary File Upload Remote Code Execution
NFR Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution
PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload and Execution
PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload / Execution
MySQL - Remote Pre-Authentication User Enumeration
MySQL - Remote Unauthenticated User Enumeration
vbPortal 2.0 alpha 8.1 - Authentication SQL Injection
vbPortal 2.0 alpha 8.1 - Authenticated SQL Injection
DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (1)
DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (2)
DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (3)
DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (1)
DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (2)
DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (3)
WordPress WP-Property Plugin - PHP File Upload
WordPress Asset-Manager Plugin - PHP File Upload
WordPress WP-Property Plugin - Arbitrary .PHP File Upload
WordPress Asset-Manager Plugin - Arbitrary .PHP File Upload
Ubiquiti AirOS 5.5.2 - Remote Post-Authentication Root Command Execution
Ubiquiti AirOS 5.5.2 - Remote Authenticated Root Command Execution
RobotFTP Server 1.0/2.0 - Remote Pre-Authentication Command Denial of Service
RobotFTP Server 1.0/2.0 - Remote Unauthenticated Command Denial of Service
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (1)
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (2)
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (1)
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (2)
Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload and Execution
Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload / Execution
Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun
Firebird 1.0 - Remote Unauthenticated Database Name Buffer Overrun
Novell NCP - Pre-Authentication Remote Root Exploit
Novell NCP - Unauthenticated Remote Root Exploit
Polar Helpdesk 3.0 - Cookie Based Authentication System Bypass
Polar Helpdesk 3.0 - Cookie Based Authentication Bypass
IRIS Citations Management Tool - (Post-Authentication) Remote Command Execution
IRIS Citations Management Tool - (Authenticated) Remote Command Execution
Polycom HDX - Telnet Authorization Bypass (Metasploit)
Polycom HDX - Telnet Authentication Bypass (Metasploit)
OpenEMR - PHP File Upload
OpenEMR - Arbitrary .PHP File Upload
PolarPearCMS - PHP File Upload
PolarPearCMS - Arbitrary .PHP File Upload
Apache 2.0.x - mod_ssl Remote Denial of Service
Apache/mod_ssl 2.0.x - Remote Denial of Service
phpWebSite 0.x - Image File Processing Arbitrary PHP File Upload
phpWebSite 0.x - Image File Processing Arbitrary .PHP File Upload
BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated File Upload
BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated Arbitrary File Upload
BlueSoleil 1.4 - Object Push Service BlueTooth File Upload Directory Traversal
BlueSoleil 1.4 - Object Push Service BlueTooth Arbitrary File Upload / Directory Traversal
MoinMoin - twikidraw Action Traversal File Upload
MoinMoin - twikidraw Action Traversal Arbitrary File Upload
Mikrotik RouterOS sshd (ROSSSH) - Remote Pre-Authentication Heap Corruption
Mikrotik RouterOS sshd (ROSSSH) - Remote Unauthenticated Heap Corruption
Alt-N MDaemon 2-8 - Remote Pre-Authentication IMAP Buffer Overflow
Alt-N MDaemon 2-8 - Remote Unauthenticated IMAP Buffer Overflow
FlexWATCH 3.0 - AIndex.asp Authorization Bypass
FlexWATCH 3.0 - AIndex.asp Authentication Bypass
HP ProCurve Manager - SNAC UpdateDomainControllerServlet File Upload
HP ProCurve Manager SNAC - UpdateCertificatesServlet File Upload
HP ProCurve Manager - SNAC UpdateDomainControllerServlet Arbitrary File Upload
HP ProCurve Manager SNAC - UpdateCertificatesServlet Arbitrary File Upload
WordPress Curvo Themes - Cross-Site Request Forgery File Upload
WordPress Curvo Themes - Cross-Site Request Forgery / Arbitrary File Upload
WordPress Highlight Premium Theme - Cross-Site Request Forgery / File Upload
WordPress Highlight Premium Theme - Cross-Site Request Forgery / Arbitrary File Upload
PHPBB2 - Admin_Ug_Auth.php Administrative Security Bypass
PHPBB2 - Admin_Ug_Auth.php Administrative Bypass
Adobe Acrobat Reader - ASLR + DEP Bypass with SANDBOX Bypass
Adobe Acrobat Reader - ASLR + DEP Bypass with Sandbox Bypass
Castripper 2.50.70 - '.pls' DEP Exploit
Castripper 2.50.70 - '.pls' DEP Bypass Exploit
Google Urchin 5.7.3 - Report.cgi Authorization Bypass
Google Urchin 5.7.3 - Report.cgi Authentication Bypass
Adobe Flash - Method Calls Use-After-Free
Adobe Flash - Transform.colorTranform Getter Info Leak
RSA Authentication Agent for Web 5.3 - URI redirection
RSA Authentication Agent for Web 5.3 - URI Redirection
Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow
Zabbix 2.0 - 3.0.3 - SQL Injection
ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload Arbitrary Code Execution
ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload / Arbitrary Code Execution
Apple iCloud Desktop Client 5.2.1.0 - Local Credentials Disclosure
LogMeIn Client 1.3.2462 (64bit) - Local Credentials Disclosure
SpagoBI 4.0 - Arbitrary Cross-Site Scripting / File Upload
SpagoBI 4.0 - Arbitrary Cross-Site Scripting / Arbitrary File Upload
Katello (Red Hat Satellite) - users/update_roles Missing Authorization
Katello (Red Hat Satellite) - users/update_roles Missing Authorisation
Freepbx 13.0.x < 13.0.154 - Remote Command Execution
FreePBX 13.0.x < 13.0.154 - Unauthenticated Remote Command Execution
Jobberbase 2.0 - Multiple Vulnerabilities
Windows x86 - Bind Shell TCP Shellcode
WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated File Upload
WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated Arbitrary File Upload
Bits Video Script 2.04/2.05 - 'addvideo.php' File Upload / Arbitrary PHP Code Execution
Bits Video Script 2.04/2.05 - 'register.php' File Upload / Arbitrary PHP Code Execution
Bits Video Script 2.04/2.05 - 'addvideo.php' Arbitrary File Upload / Arbitrary PHP Code Execution
Bits Video Script 2.04/2.05 - 'register.php' Arbitrary File Upload / Arbitrary PHP Code Execution
Moab < 7.2.9 - Authorization Bypass
Moab < 7.2.9 - Authentication Bypass
Tapatalk for vBulletin 4.x - Pre-Authentication Blind SQL Injection
Tapatalk for vBulletin 4.x - Unauthenticated Blind SQL Injection
Drupal Core < 7.32 - Pre-Authentication SQL Injection
Drupal Core < 7.32 - Unauthenticated SQL Injection
Tincd - Post-Authentication Remote TCP Stack Buffer Overflow
Tincd - Authenticated Remote TCP Stack Buffer Overflow
PMB 4.1.3 - Post-Authentication SQL Injection
PMB 4.1.3 - Authenticated SQL Injection
Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Authentication Remote Code Execution
Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Unauthenticated Remote Code Execution
ManageEngine Multiple Products - Authenticated File Upload
ManageEngine Multiple Products - Authenticated Arbitrary File Upload
Chyrp 2.x - swfupload Extension upload_handler.php File Upload Arbitrary PHP Code Execution
X360 VideoPlayer ActiveX Control 2.6 - (Full ASLR + DEP Bypass)
Chyrp 2.x - swfupload Extension upload_handler.php Arbitrary File Upload / Arbitrary PHP Code Execution
X360 VideoPlayer ActiveX Control 2.6 - (ASLR + DEP Bypass)
Seagate Business NAS 2014.00319 - Pre-Authentication Remote Code Execution
Seagate Business NAS 2014.00319 - Unauthenticated Remote Code Execution
Symantec Web Gateway 5 - restore.php Post-Authentication Command Injection
Symantec Web Gateway 5 - restore.php Authenticated Command Injection
JBoss Seam 2 - Arbitrary File Upload and Execution
JBoss Seam 2 - Arbitrary File Upload / Execution
Barracuda Firmware 5.0.0.012 - Post-Authentication Remote Root Exploit (Metasploit)
Barracuda Firmware 5.0.0.012 - Authenticated Remote Root Exploit (Metasploit)
Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted File Upload / Arbitrary Code Execution
Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted Arbitrary File Upload / Arbitrary Code Execution
WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload and Execution
WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload / Execution
JibberBook 2.3 - 'Login_form.php' Authentication Security Bypass
JibberBook 2.3 - 'Login_form.php' Authentication Bypass
Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter File Upload / Code Execution
Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution
Zenoss 3.2.1 - Remote Post-Authentication Command Execution
Zenoss 3.2.1 - Remote Authenticated Command Execution
Microweber 1.0.3 - Arbitrary File Upload Filter Bypass Remote PHP Code Execution
Microweber 1.0.3 - Arbitrary File Upload / Filter Bypass / Remote PHP Code Execution
Magento CE < 1.9.0.1 - Post-Authentication Remote Code Execution
Magento CE < 1.9.0.1 - Authenticated Remote Code Execution
Netsweeper 4.0.9 - Arbitrary File Upload and Execution
Netsweeper 4.0.9 - Arbitrary File Upload / Execution
Netsweeper 4.0.8 - Arbitrary File Upload and Execution
Netsweeper 4.0.8 - Arbitrary File Upload / Execution
EasyITSP - 'customers_edit.php' Authentication Security Bypass
EasyITSP - 'customers_edit.php' Authentication Bypass
Wolf CMS - Arbitrary File Upload and Execution
Wolf CMS - Arbitrary File Upload / Execution
Konica Minolta FTP Utility 1.00 - Post-Authentication CWD Command SEH Overflow
Konica Minolta FTP Utility 1.00 - Authenticated CWD Command SEH Overflow
GLPI 0.85.5 - Remote Code Execution (via File Upload Filter Bypass)
GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution
Dream CMS 2.3.0 - Cross-Site Request Forgery Add Extension / Arbitrary File Upload PHP Code Execution
Dream CMS 2.3.0 - Cross-Site Request Forgery (Add Extension) / Arbitrary File Upload / PHP Code Execution
vBulletin 5.1.x - Pre-Authentication Remote Code Execution
vBulletin 5.1.x - Unauthenticated Remote Code Execution
WordPress Ninja Forms 2.7.7 Plugin - Authorization Bypass
WordPress WP to Twitter Plugin - Authorization Bypass
WordPress Ninja Forms 2.7.7 Plugin - Authentication Bypass
WordPress WP to Twitter Plugin - Authentication Bypass
Novell ServiceDesk - Authenticated File Upload
Novell ServiceDesk - Authenticated Arbitrary File Upload
Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated File Upload
Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated Arbitrary File Upload
Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal DEP + ASLR Bypass)
Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal ASLR + DEP Bypass)
phpATM 1.32 - Remote Command Execution (Arbitrary File Upload) on Windows Servers
phpATM 1.32 - Arbitrary File Upload / Remote Command Execution (Windows Servers)
vBulletin 5.x/4.x - Post-Authentication Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API
vBulletin 4.x - Post-Authentication SQL Injection in breadcrumbs via xmlrpc API
vBulletin 5.x/4.x - Authenticated Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API
vBulletin 4.x - Authenticated SQL Injection in breadcrumbs via xmlrpc API
Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit)
Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit)
Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit) (3)
Barracuda Web Application Firewall 8.0.1.008 - Post-Authentication Remote Root Exploit (Metasploit)
Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) (3)
Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Root Exploit (Metasploit)
phpMyAdmin 4.6.2 - Post-Authentication Remote Code Execution
phpMyAdmin 4.6.2 - Authenticated Remote Code Execution
vBulletin 5.2.2 - Pre-Authentication Server Side Request Forgery (SSRF)
vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery (SSRF)
ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authorization Bypass
ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass
|
2016-09-09 05:09:09 +00:00 |
|
Offensive Security
|
2aa9d941de
|
DB: 2016-09-08
6 new exploits
Too many to list!
|
2016-09-08 05:08:29 +00:00 |
|
Offensive Security
|
d36011b4f9
|
DB: 2016-09-07
3 new exploits
Too many to list!
|
2016-09-07 05:09:19 +00:00 |
|
Offensive Security
|
5e2fc10125
|
DB: 2016-09-03
|
2016-09-03 13:13:25 +00:00 |
|
Offensive Security
|
31a21bb68d
|
DB: 2016-09-03
14 new exploits
Too many to list!
|
2016-09-03 05:08:42 +00:00 |
|
Offensive Security
|
1f0c845486
|
DB: 2016-08-31
3 new exploits
Too many to list!
|
2016-08-31 05:07:37 +00:00 |
|
Offensive Security
|
760d823bc8
|
DB: 2016-08-30
18 new exploits
Too many to list!
|
2016-08-30 05:08:40 +00:00 |
|
Offensive Security
|
4c43b1da2b
|
DB: 2016-08-25
|
2016-08-25 05:07:18 +00:00 |
|
Offensive Security
|
8c28728c9f
|
DB: 2016-08-15
2 new exploits
Cacti 0.8.6d Remote Command Execution Exploit
Cacti 0.8.6d - Remote Command Execution Exploit
Cacti 0.8.6i (copy_cacti_user.php) SQL Injection Create Admin Exploit
Cacti 0.8.6i - 'copy_cacti_user.php' SQL Injection Create Admin Exploit
PHP < 4.4.5 - / 5.2.1 - php_binary Session Deserialization Information Leak
PHP < 4.4.5 - / 5.2.1 - WDDX Session Deserialization Information Leak
PHP < 4.4.5 / 5.2.1 - php_binary Session Deserialization Information Leak
PHP < 4.4.5 / 5.2.1 - WDDX Session Deserialization Information Leak
PHP < 4.4.5 - / 5.2.1 - _SESSION unset() Local Exploit
PHP < 4.4.5 - / 5.2.1 - _SESSION Deserialization Overwrite Exploit
PHP < 4.4.5 / 5.2.1 - _SESSION unset() Local Exploit
PHP < 4.4.5 / 5.2.1 - _SESSION Deserialization Overwrite Exploit
Cacti 0.8.6-d graph_view.php Command Injection (Metasploit)
Cacti 0.8.6-d - graph_view.php Command Injection (Metasploit)
Samba 3.0.10 - 3.3.5 - Format String And Security Bypass
Samba 3.0.10 < 3.3.5 - Format String And Security Bypass
Allomani - E-Store 1.0 - CSRF Add Admin Account
Allomani - Super Multimedia 2.5 - CSRF Add Admin Account
Allomani - E-Store 1.0 - CSRF (Add Admin Account)
Allomani - Super Multimedia 2.5 - CSRF (Add Admin Account)
HP Data Protector Media Operations 6.11 HTTP Server Remote Integer Overflow DoS
HP Data Protector Media Operations 6.11 - HTTP Server Remote Integer Overflow DoS
HP Data Protector Media Operations NULL Pointer Dereference Remote DoS
HP Data Protector Media Operations - NULL Pointer Dereference Remote DoS
JBoss Application Server Remote Exploit
JBoss Application Server 4.2 < 4.2.0.CP09 / 4.3 < 4.3.0.CP08 - Remote Exploit
EasyFTP Server 1.7.0.11 MKD Command Stack Buffer Overflow
EasyFTP Server 1.7.0.11 - MKD Command Stack Buffer Overflow
EasyFTP Server 1.7.0.11 LIST Command Stack Buffer Overflow
EasyFTP Server 1.7.0.11 - LIST Command Stack Buffer Overflow
EasyFTP Server 1.7.0.11 CWD Command Stack Buffer Overflow
EasyFTP Server 1.7.0.11 - CWD Command Stack Buffer Overflow
EasyFTP Server 1.7.0.11 list.html path Stack Buffer Overflow
EasyFTP Server 1.7.0.11 - list.html path Stack Buffer Overflow
Cacti graph_view.php Remote Command Execution
Cacti - graph_view.php Remote Command Execution
Linux/SuperH (sh4) - setuid(0) - chmod(_/etc/shadow__ 0666) - exit(0) shellcode (43 bytes)
Linux/SuperH (sh4) - setuid(0) / chmod(_/etc/shadow__ 0666) / exit(0) Shellcode (43 bytes)
HP Data Protector 6.20 EXEC_CMD Buffer Overflow
HP Data Protector 6.20 - EXEC_CMD Buffer Overflow
HP Data Protector Remote Shell for HP-UX
HP Data Protector - Remote Shell for HP-UX
WHMCompleteSolution (cart.php) 3.x.x < 4.0.x - Local File Disclosure
WHMCompleteSolution (WHMCS) 3.x.x < 4.0.x - (cart.php) Local File Disclosure
hp data protector media operations 6.20 - Directory Traversal
HP Data Protector Media Operations 6.20 - Directory Traversal
HP Data Protector 6.1 EXEC_CMD Remote Code Execution
HP Data Protector 6.1 - EXEC_CMD Remote Code Execution
HP Data Protector Client EXEC_CMD Remote Code Execution
HP Data Protector Client - EXEC_CMD Remote Code Execution
HP Data Protector Create New Folder Buffer Overflow
HP Data Protector - Create New Folder Buffer Overflow
Irfanview JPEG2000 <= 4.3.2.0 - jp2 - Stack Buffer Overflow
Irfanview JPEG2000 4.3.2.0 - jp2 Stack Buffer Overflow
HP Data Protector DtbClsLogin Buffer Overflow
HP Data Protector - DtbClsLogin Buffer Overflow
RaXnet Cacti 0.5/0.6/0.8 Config_Settings.php Remote File Inclusion
RaXnet Cacti 0.5/0.6/0.8 - Config_Settings.php Remote File Inclusion
RaXnet Cacti 0.5/0.6/0.8 Top_Graph_Header.php Remote File Inclusion
RaXnet Cacti 0.5/0.6/0.8 - Top_Graph_Header.php Remote File Inclusion
RaXnet Cacti 0.5/0.6.x/0.8.x Graph_Image.php Remote Command Execution Variant
RaXnet Cacti 0.5/0.6.x/0.8.x - Graph_Image.php Remote Command Execution Variant
TEC-IT TBarCode - OCX ActiveX Control (TBarCode4.ocx 4.1.0) - Crash PoC
TEC-IT TBarCode - OCX ActiveX Control (TBarCode4.ocx 4.1.0) Crash PoC
HP Data Protector Arbitrary Remote Command Execution
HP Data Protector - Arbitrary Remote Command Execution
Indusoft Thin Client 7.1 - ActiveX - Buffer Overflow
Indusoft Thin Client 7.1 - ActiveX Buffer Overflow
BlooMooWeb 1.0.9 - ActiveX Control - Multiple Vulnerabilities
BlooMooWeb 1.0.9 - ActiveX Control Multiple Vulnerabilities
HP Data Protector Cell Request Service Buffer Overflow
HP Data Protector - Cell Request Service Buffer Overflow
Firefox 5.0 - 15.0.1 - __exposedProps__ XCS Code Execution
Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution
Cacti 0.8.7 graph_view.php graph_list Parameter SQL Injection
Cacti 0.8.7 graph.php view_type Parameter XSS
Cacti 0.8.7 graph_view.php filter Parameter XSS
Cacti 0.8.7 tree.php Multiple Parameter SQL Injection
Cacti 0.8.7 graph_xport.php local_graph_id Parameter SQL Injection
Cacti 0.8.7 index.php/sql.php Login Action login_username Parameter SQL Injection
Cacti 0.8.7 - graph_view.php graph_list Parameter SQL Injection
Cacti 0.8.7 - graph.php view_type Parameter XSS
Cacti 0.8.7 - graph_view.php filter Parameter XSS
Cacti 0.8.7 - tree.php Multiple Parameter SQL Injection
Cacti 0.8.7 - graph_xport.php local_graph_id Parameter SQL Injection
Cacti 0.8.7 - index.php/sql.php Login Action login_username Parameter SQL Injection
MG2 - 'list' Parameter - Cross-Site Scripting
MG2 - 'list' Parameter Cross-Site Scripting
HP Data Protector Backup Client Service - Directory Traversal
HP Data Protector - Backup Client Service Directory Traversal
HP Data Protector EXEC_BAR Remote Command Execution
HP Data Protector - EXEC_BAR Remote Command Execution
HP Data Protector Backup Client Service Remote Code Execution
HP Data Protector - Backup Client Service Remote Code Execution
Cacti 0.8.x graph.php Multiple Parameter XSS
Cacti 0.8.x - graph.php Multiple Parameter XSS
Jetty 6.1.x JSP Snoop Page Multiple Cross-Site Scripting Vulnerabilities
Jetty 6.1.x - JSP Snoop Page Multiple Cross-Site Scripting Vulnerabilities
Cacti 0.8.7 on Red Hat High Performance Computing (HPC) utilities.php filter Parameter XSS
Cacti 0.8.7 (Red Hat High Performance Computing - HPC) - utilities.php filter Parameter XSS
HP Data Protector EXEC_INTEGUTIL Remote Code Execution
HP Data Protector - EXEC_INTEGUTIL Remote Code Execution
HP Data Protector 8.10 Remote Command Execution
HP Data Protector 8.10 - Remote Command Execution
Blat.exe 2.7.6 SMTP / NNTP Mailer - Buffer Overflow
Blat 2.7.6 SMTP / NNTP Mailer - Buffer Overflow
Exim 4 (Debian / Ubuntu) - Spool Local Privilege Escalation
Exim 4 (Debian 8 / Ubuntu 16.04) - Spool Local Privilege Escalation
Wireshark 2.0.0 - 2.0.4 - MMSE_ WAP_ WBXML_ and WSP Dissectors Denial of Service
Wireshark 2.0.0 - 2.0.4 - CORBA IDL Dissectors Denial of Service
Wireshark 2.0.0 - 2.0.4 / 1.12.0 - 1.12.12 - PacketBB Dissector Denial of Service
Wireshark 2.0.0 - 2.0.4 / 1.12.0 - 1.12.12 - WSP Dissector Denial of Service
Wireshark 2.0.0 - 2.0.4 / 1.12.0 - 1.12.12 - RLC Dissector Denial of Service
Wireshark 2.0.0 < 2.0.4 - MMSE_ WAP_ WBXML_ and WSP Dissectors Denial of Service
Wireshark 2.0.0 < 2.0.4 - CORBA IDL Dissectors Denial of Service
Wireshark 2.0.0 < 2.0.4 / 1.12.0 < 1.12.12 - PacketBB Dissector Denial of Service
Wireshark 2.0.0 < 2.0.4 / 1.12.0 < 1.12.12 - WSP Dissector Denial of Service
Wireshark 2.0.0 < 2.0.4 / 1.12.0 < 1.12.12 - RLC Dissector Denial of Service
FreePBX 13 / 14 - Remote Code Execution
FreePBX 13 / 14 - Remote Command Execution With Privilege Escalation
Easy FTP Server - _APPE_ Command Buffer Overflow Remote Exploit
Easy FTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit
Samsung Smart Home Camera SNH-P-6410 - Command Injection
|
2016-08-15 05:09:55 +00:00 |
|
Offensive Security
|
428f25fc1c
|
DB: 2016-08-07
8 new exploits
NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities
ntop 2.3 <= 2.5 - Multiple Vulnerabilities
Subrion CMS 4.0.5 - SQL Injection
zFTP Client 20061220 - (Connection Name) Local Buffer Overflow
PHP Power Browse 1.2 - Directory Traversal
Davolink DV-2051 - Multiple Vulnerabilities
WordPress Count per Day Plugin 3.5.4 - Stored Cross-Site Scripting
NASdeluxe NDL-2400r 2.01.09 - OS Command Injection
|
2016-08-07 02:36:02 +00:00 |
|
Offensive Security
|
d1e88dd6d0
|
DB: 2016-07-30
|
2016-07-30 07:05:01 +00:00 |
|
Offensive Security
|
9680c9c2cb
|
DB: 2016-07-27
6 new exploits
Invision Power Board <= 3.0.4_ <= 3.0.4_ <= 2.3.6 - LFI and SQL Injection
Invision Power Board <= 3.0.4 / <= 3.0.4 / <= 2.3.6 - LFI and SQL Injection
Linux/x86 - connect back (140.115.53.35:9999)_ download a file (cb) and execute shellcode (149 bytes)
Linux/x86 - Connect back (140.115.53.35:9999)_ download a file (cb) and execute shellcode (149 bytes)
Linux/x86 - quick (yet conditional_ eax != 0 and edx == 0) exit shellcode (4 bytes)
Linux/x86 - Quick (yet conditional_ eax != 0 and edx == 0) exit shellcode (4 bytes)
Win32 - connectback_ receive_ save and execute shellcode
Win32 - Connectback_ receive_ save and execute shellcode
DVD X Player 5.5 Professional (.plf) Universal Buffer Overflow
DVD X Player 5.5 Professional - (.plf) Universal Buffer Overflow
DVD X Player 5.5.0 Pro / Standard - Universal Exploit (DEP+ASLR Bypass)
DVD X Player 5.5.0 Pro / Standard - Universal Exploit (DEP + ASLR Bypass)
ISC BIND <= 8.2.2_IRIX <= 6.5.17_Solaris 7.0 - (NXT Overflow and Denial of Service) Vulnerabilities
ISC BIND <= 8.2.2 / IRIX <= 6.5.17 / Solaris 7.0 - (NXT Overflow and Denial of Service) Vulnerabilities
LedgerSMB1.0/1.1_SQL-Ledger 2.6.x Login Parameter Local File Include And Authentication Bypass Vulnerabilities
LedgerSMB1.0/1.1 / SQL-Ledger 2.6.x - Login Parameter Local File Include And Authentication Bypass Vulnerabilities
Lighttpd <= 1.4.15 - Multiple Code Execution_ Denial of Service and Information Disclosure Vulnerabilities
Lighttpd <= 1.4.15 - Multiple Code Execution + Denial of Service + Information Disclosure Vulnerabilities
Symantec Endpoint Protection 11.x/12.x - Kernel Pool Overflow
Symantec Endpoint Protection 11.x/12.x - Kernel Pool Overflow Privilege Escalation
Windows TrackPopupMenu Win32k NULL Pointer Dereference
Windows - TrackPopupMenu Win32k NULL Pointer Dereference
ManageEngine OpManager_ Social IT Plus and IT360 - Multiple Vulnerabilities
ManageEngine OpManager / Social IT Plus / IT360 - Multiple Vulnerabilities
Wikipad 1.6.0 - Cross-Site Scripting_ HTML Injection and Information Disclosure Vulnerabilities
Wikipad 1.6.0 - Cross-Site Scripting + HTML Injection + Information Disclosure Vulnerabilities
concrete5 5.5.2.1 Information Disclosure_ SQL Injection and Cross Site Scripting Vulnerabilities
concrete5 5.5.2.1 - Information Disclosure + SQL Injection + Cross Site Scripting Vulnerabilities
RuubikCMS 1.1.x Cross Site Scripting_ Information Disclosure and Directory Traversal Vulnerabilities
RuubikCMS 1.1.x - Cross Site Scripting + Information Disclosure + Directory Traversal Vulnerabilities
Windows Kernel Win32k.sys Privilege Escalation Exploit (MS14-058)
Windows Kernel - Win32k.sys Privilege Escalation Exploit (MS14-058)
Tiki-Wiki CMS Calendar 14.2_ 12.5 LTS_ 9.11 LTS_ and 6.15 - Remote Code Execution
Tiki-Wiki CMS Calendar 14.2 / 12.5 LTS / 9.11 LTS / 6.15 - Remote Code Execution
PHP 7.0.8_ 5.6.23 and 5.5.37 - bzread() Out-of-Bounds Write
PHP 7.0.8 / 5.6.23 / 5.5.37 - bzread() Out-of-Bounds Write
Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Post Auth Remote Root Exploit (Metasploit)
PHP File Vault 0.9 - Directory Traversal
Iris ID IrisAccess ICU 7000-2 - Multiple Vulnerabilities
Iris ID IrisAccess ICU 7000-2 - Remote Root Command Execution
Iris ID IrisAccess iCAM4000/iCAM7000 - Hardcoded Credentials Remote Shell Access
|
2016-07-27 05:06:35 +00:00 |
|
Offensive Security
|
d06dff59f9
|
DB: 2016-07-26
16 new exploits
Ubuntu Breezy 5.10 - Installer Password Disclosure
Ubuntu 5.10 - Installer Password Disclosure
BSD/x86 - setuid/portbind (TCP 31337) shellcode (94 bytes)
BSD/x86 - setuid/portbind 31337/TCP shellcode (94 bytes)
Linux/x86 - shellcode that forks a HTTP Server on port tcp/8800 (166 bytes)
Linux/x86 - listens for shellcode on tcp/5555 and jumps to it (83 bytes)
Linux/x86 - Forks a HTTP Server on port 8800/TCP shellcode (166 bytes)
Linux/x86 - Listens for shellcode on 5555/TCP and jumps to it (83 bytes)
Linux/x86 - Shellcode Polymorphic chmod(_/etc/shadow__666) (54 bytes)
Linux/x86 - Polymorphic chmod(_/etc/shadow__666) Shellcode (54 bytes)
Linux/x86 - Add root user _r00t_ with no password to /etc/passwd shellcode (69 bytes)
Linux/x86 - Add root user 'r00t' with no password to /etc/passwd shellcode (69 bytes)
Linux/x86 - SET_PORT() portbind 31337 tcp shellcode (100 bytes)
Linux/x86 - SET_PORT() portbind 31337/TCP shellcode (100 bytes)
Linux/x86 - Add User _xtz_ without Password to /etc/passwd shellcode (59 bytes)
Linux/x86 - Add User 'xtz' without Password to /etc/passwd shellcode (59 bytes)
Linux/x86 - Bind /bin/sh to 31337/tcp shellcode (80 bytes)
Linux/x86 - Bind /bin/sh to 31337/tcp + fork() shellcode (98 bytes)
Linux/x86 - Bind /bin/sh to 31337/TCP shellcode (80 bytes)
Linux/x86 - Bind /bin/sh to 31337/TCP + fork() shellcode (98 bytes)
Linux/x86 - connect-back shellcode 127.0.0.1:31337/tcp (74 bytes)
Linux/x86 - Connect-back shellcode 127.0.0.1:31337/TCP (74 bytes)
Linux/x86 - Add user _t00r_ encrypt shellcode (116 bytes)
Linux/x86 - Add user 't00r' encrypt shellcode (116 bytes)
Linux/x86 - Add user _t00r_ shellcode (82 bytes)
Linux/x86 - Add user 't00r' shellcode (82 bytes)
Linux/x86 - Add user _z_ shellcode (70 bytes)
Linux/x86 - Add User 'z' shellcode (70 bytes)
Solaris/x86 - portbind/tcp shellcode (Generator)
Solaris/x86 - portbind/TCP shellcode (Generator)
Linux/x86 - append _/etc/passwd_ & exit() shellcode (107 bytes)
Linux/x86 - append '/etc/passwd' & exit() shellcode (107 bytes)
Linux/x86 - sends _Phuck3d!_ to all terminals shellcode (60 bytes)
Linux/x86 - sends 'Phuck3d!' to all terminals shellcode (60 bytes)
Linux/x86 - change mode 0777 of _/etc/shadow_ with sys_chmod syscall shellcode (39 bytes)
Linux/x86 - change mode 0777 of '/etc/shadow' with sys_chmod syscall shellcode (39 bytes)
Linux/x86 - change mode 0777 of _/etc/passwd_ with sys_chmod syscall shellcode (39 bytes)
Linux/x86 - change mode 0777 of '/etc/passwd' with sys_chmod syscall shellcode (39 bytes)
Linux/ARM - Add root user _shell-storm_ with password _toor_ shellcode (151 bytes)
Linux/ARM - Add root user 'shell-storm' with password 'toor' shellcode (151 bytes)
OS-X/Intel - reverse_tcp shell x86_64 shellcode (131 bytes)
OS-X/Intel (x86_64) - reverse_tcp shell shellcode (131 bytes)
Linux/SuperH (sh4) - Add root user _shell-storm_ with password _toor_ shellcode (143 bytes)
Linux/SuperH (sh4) - Add root user 'shell-storm' with password 'toor' shellcode (143 bytes)
Linux/MIPS - Add user(UID 0) _rOOt_ with password _pwn3d_ shellcode (164 bytes)
Linux/MIPS - Add user(UID 0) 'rOOt' with password 'pwn3d' shellcode (164 bytes)
Linux/x86-64 - Bind TCP 4444 Port Shellcode (81 bytes / 96 bytes with password)
Linux/x86-64 - Bind 4444/TCP Port Shellcode (81 bytes / 96 bytes with password)
Linux/x86 - TCP Bind Shell 33333 Port Shellcode (96 bytes)
Linux/x86 - Bind Shell 33333/TCP Port Shellcode (96 bytes)
OS-X/x86-64 - tcp 4444 port bind Nullfree shellcode (144 bytes)
OS-X/x86-64 - 4444/TPC port bind Nullfree shellcode (144 bytes)
Linux/x86-64 - Bind TCP 4444 Port Shellcode (103 bytes)
Linux/x86-64 - TCP 4444 port Bindshell with Password Prompt shellcode (162 bytes)
Linux/x86-64 - Bind 4444/TCP Port Shellcode (103 bytes)
Linux/x86-64 - Bindshell 4444/TCP with Password Prompt shellcode (162 bytes)
Linux/x86-64 - Bind TCP Port 1472 shellcode (IPv6) (199 bytes)
Linux/x86-64 - Bind 1472/TCP shellcode (IPv6) (199 bytes)
Linux/x86 - TCP Bind Shell Port 4444 shellcode (656 bytes)
Linux/x86 - Bind Shell Port 4444/TCP shellcode (656 bytes)
Linux/x86 - TCP Bind Shell Port 4444 shellcode (98 bytes)
Linux/x86 - Bind Shell Port 4444/TCP shellcode (98 bytes)
Rapid7 AppSpider 6.12 - Local Privilege Escalation
Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Remote Command Execution (Metasploit)
Barracuda Spam & Virus Firewall 5.1.3.007 - Remote Command Execution (Metasploit)
MediaCoder 0.8.43.5852 - .m3u SEH Exploit
Drupal CODER Module 2.5 - Remote Command Execution (Metasploit)
CodoForum 3.2.1 - SQL Injection
CoolPlayer+ Portable 2.19.6 - .m3u Stack Overflow (Egghunter+ASLR bypass)
GRR Système de Gestion et de Réservations de Ressources 3.0.0-RC1 - Arbitrary File Upload
PHP gettext (gettext.php) 1.0.12 - Unauthenticated Code Execution
PHP 7.0.8_ 5.6.23 and 5.5.37 - bzread() Out-of-Bounds Write
Ubee EVW3226 Modem/Router 1.0.20 - Multiple Vulnerabilities
Technicolor TC7200 Modem/Router STD6.02.11 - Multiple Vulnerabilities
Hitron CGNV4 Modem/Router 4.3.9.9-SIP-UPC - Multiple Vulnerabilities
Compal CH7465LG-LC Modem/Router CH7465LG-NCIP-4.50.18.13-NOSH - Multiple Vulnerabilities
Bellini/Supercook Wi-Fi Yumi SC200 - Multiple Vulnerabilities
Micro Focus Filr 2 2.0.0.421_ Filr 1.2 1.2.0.846 - Multiple Vulnerabilities
|
2016-07-26 05:04:05 +00:00 |
|
Offensive Security
|
ec03ab428f
|
DB: 2016-07-21
10 new exploits
Microsoft Internet Explorer <= XP SP2 - HTML Help Control Local Zone Bypass
Microsoft Internet Explorer XP SP2 - HTML Help Control Local Zone Bypass
Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Path Disclosure and Denial of Service Exploit
Mambo 4.5.3 & Joomla 1.0.7 - (feed) Path Disclosure and Denial of Service Exploit
Simplog <= 0.9.3 - (tid) Remote SQL Injection Exploit
Simplog 0.9.3 - (tid) SQL Injection
Skulltag <= 0.96f - (Version String) Remote Format String PoC
OpenTTD <= 0.4.7 - Multiple Vulnerabilities/Denial of Service Exploit
Skulltag 0.96f - (Version String) Remote Format String PoC
OpenTTD 0.4.7 - Multiple Vulnerabilities
Apple Mac OS X Safari <= 2.0.3 (417.9.2) - Multiple Vulnerabilities (PoC)
Apple Mac OS X Safari 2.0.3 (417.9.2) - Multiple Vulnerabilities
Apple Mac OS X Safari <= 2.0.3 - (417.9.2) (ROWSPAN) DoS PoC
Apple Mac OS X Safari 2.0.3 - (417.9.2) (ROWSPAN) DoS PoC
Aardvark Topsites PHP <= 4.2.2 - (path) Remote File Inclusion
phpMyAgenda <= 3.0 Final (rootagenda) Remote Include
Aardvark Topsites PHP <= 4.2.2 - (lostpw.php) Remote Include Exploit
Aardvark Topsites PHP 4.2.2 - (path) Remote File Inclusion
phpMyAgenda 3.0 Final - (rootagenda) Remote Include
Aardvark Topsites PHP 4.2.2 - (lostpw.php) Remote File Inclusion
X7 Chat <= 2.0 - (help_file) Remote Commands Execution Exploit
X7 Chat 2.0 - (help_file) Remote Command Execution
Auction <= 1.3m (phpbb_root_path) Remote File Include Exploit
Auction 1.3m - (phpbb_root_path) Remote File Inclusion
acFTP FTP Server <= 1.4 - (USER) Remote Buffer Overflow PoC
Quake 3 Engine 1.32b R_RemapShader() Remote Client BoF Exploit
acFTP FTP Server 1.4 - (USER) Remote Buffer Overflow PoC
Quake 3 Engine 1.32b - R_RemapShader() Remote Client BoF Exploit
AWStats <= 6.5 - (migrate) Remote Shell Command Injection Exploit
AWStats 6.5 - (migrate) Remote Shell Command Injection
acFTP FTP Server <= 1.4 - (USER) Remote Denial of Service Exploit
acFTP FTP Server 1.4 - (USER) Remote Denial of Service
PHP-Fusion <= 6.00.306 - Multiple Vulnerabilities
Jetbox CMS <= 2.1 - (relative_script_path) Remote File Inclusion Exploit
ACal <= 2.2.6 - (day.php) Remote File Inclusion
EQdkp <= 1.3.0 - (dbal.php) Remote File Inclusion
PHP-Fusion 6.00.306 - Multiple Vulnerabilities
Jetbox CMS 2.1 - (relative_script_path) Remote File Inclusion
ACal 2.2.6 - (day.php) Remote File Inclusion
EQdkp 1.3.0 - (dbal.php) Remote File Inclusion
Microsoft Internet Explorer <= 6.0.2900 SP2 - (CSS Attribute) Denial of Service
Microsoft Internet Explorer 6.0.2900 SP2 - (CSS Attribute) Denial of Service
Unclassified NewsBoard <= 1.6.1 patch 1 - Arbitrary Local Inclusion Exploit
Unclassified NewsBoard 1.6.1 patch 1 - Local File Inclusion
Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (1)
Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (2)
Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (3)
Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Local Root Exploit (1)
Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Local Root Exploit (2)
Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Local Root Exploit (3)
Linux Kernel 2.6.13 <= 2.6.17.4 - sys_prctl() Local Root Exploit (4)
Linux Kernel 2.6.13 <= 2.6.17.4 - 'sys_prctl()' Local Root Exploit (4)
Linux Kernel <= 2.6.17.4 - (proc) Local Root Exploit
Linux Kernel <= 2.6.17.4 - 'proc' Local Root Exploit
Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Exploit
Linux Kernel 2.4 / 2.6 x86_64) - System Call Emulation Exploit
\o - Local File Inclusion (1st)
Keller Web Admin CMS 0.94 Pro - Local File Inclusion (1)
PulseAudio setuid (Ubuntu 9.04 & Slackware 12.2.0) - Local Privilege Escalation
PulseAudio setuid (Ubuntu 9.04 / Slackware 12.2.0) - Local Privilege Escalation
Linux Kernel < 2.6.36-rc6 (Redhat/Ubuntu 10.04) - pktcdvd Kernel Memory Disclosure Proof of Concept
Linux Kernel < 2.6.36-rc6 (Redhat / Ubuntu 10.04) - pktcdvd Kernel Memory Disclosure Proof of Concept
Linux Kernel <= 2.2.18 (RH 7.0/6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root (1)
Linux Kernel <= 2.2.18 (RH 7.0/6.2 & 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root (1)
Linux/CRISv32 - Axis Communication Connect Back Shellcode (189 bytes)
Django CMS 3.3.0 - (Editor Snippet) Persistent XSS
Drupal RESTWS Module 7.x - Remote PHP Code Execution (Metasploit)
Linux/x86 - execve /bin/sh Shellcode (19 bytes)
Wowza Streaming Engine 4.5.0 - Local Privilege Escalation
Wowza Streaming Engine 4.5.0 - Remote Privilege Escalation
Wowza Streaming Engine 4.5.0 - Add Advanced Admin CSRF
Wowza Streaming Engine 4.5.0 - Multiple XSS
OpenSSHD <= 7.2p2 - Username Enumeration
WordPress Video Player Plugin 1.5.16 - SQL Injection
|
2016-07-21 05:06:28 +00:00 |
|
Offensive Security
|
acd30ed451
|
DB: 2016-07-19
|
2016-07-19 06:38:52 +00:00 |
|
Offensive Security
|
13e9ec719b
|
DB: 2016-07-14
17 new exploits
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (2)
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (3)
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (4)
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (5)
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (6)
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (7)
Adobe Flash Player 22.0.0.192 - DefineBitsJPEG2 Memory Corruption
Adobe Flash Player 22.0.0.192 - DefineSprite Memory Corruption
Adobe Flash Player 22.0.0.192 - TAG Memory Corruption
Adobe Flash Player 22.0.0.192 - SceneAndFrameData Memory Corruption
Windows x86 URLDownloadToFileA()+SetFileAttributesA()+WinExec()+ExitProcess() Shellcode
GSX Analyzer 10.12 and 11 - Main.swf Hardcoded Superadmin Credentials
MS16-032 Secondary Logon Handle Privilege Escalation
Riverbed SteelCentral NetProfiler/NetExpress Remote Code Execution
Apache Archiva 1.3.9 - Multiple CSRF Vulnerabilities
Linux x86 Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10
|
2016-07-14 05:05:01 +00:00 |
|
Offensive Security
|
76bc268c80
|
DB: 2016-07-11
|
2016-07-11 05:06:57 +00:00 |
|
Offensive Security
|
c9a818eb76
|
DB: 2016-07-10
|
2016-07-10 05:03:45 +00:00 |
|
Offensive Security
|
52cf6a3185
|
DB: 2016-07-07
9 new exploits
CIMA DocuClass ECM - Multiple Vulnerabilities
24online SMS_2500i 8.3.6 build 9.0 - SQL Injection
Linux 64bit Ncat Shellcode (SSL_ MultiChannel_ Persistant_ Fork_ IPv4/6_ Password) - 176 bytes
Advanced Webhost Billing System (AWBS) 2.9.6 - Multiple Vulnerabilities
PaKnPost Pro 1.14 - Multiple Vulnerabilities
GNU Wget < 1.18 - Arbitrary File Upload/Remote Code Execution
OpenFire 3.10.2 - 4.0.1 - Multiple Vulnerabilities
Samsung Android JACK - Privilege Escalation
Nagios XI Chained Remote Code Execution
|
2016-07-07 05:06:28 +00:00 |
|
Offensive Security
|
929e1cb538
|
DB: 2016-06-18
5 new exploits
WordPress Gravity Forms Plugin 1.8.19 - Arbitrary File Upload
Vicidial 2.11 - Scripts Stored XSS
phpATM 1.32 - Remote Command Execution (Shell Upload) on Windows Servers
phpATM 1.32 - Multiple Vulnerabilities
op5 v7.1.9 Configuration Command Execution
|
2016-06-18 05:02:53 +00:00 |
|
Offensive Security
|
33dd246d8a
|
DB: 2016-06-16
14 new exploits
Ultrabenosaurus ChatBoard - Stored XSS
Ultrabenosaurus ChatBoard - CSRF (Send Message)
w2wiki - Multiple XSS Vulnerabilities
Hyperoptic (Tilgin) Router HG23xx - Multiple Vulnerabilities
Dokeos 2.2.1 - Blind SQL Injection
Joomla En Masse (com_enmasse) Component 5.1 - 6.4 - SQL Injection
AdobeUpdateService 3.6.0.248 - Unquoted Service Path Privilege Escalation
BookingWizz Booking System < 5.5 - Multiple Vulnerabilities
jbFileManager - Directory Traversal
PHPLive 4.4.8 - 4.5.4 - Password Recovery SQL Injection
Bomgar Remote Support Unauthenticated Code Execution (msf)
Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (1)
Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (2)
Google Chrome - GPU Process MailboxManagerImpl Double-Read
|
2016-06-16 05:02:53 +00:00 |
|
Offensive Security
|
6c005f3b2b
|
DB: 2016-06-15
3 new exploits
Easy RM to MP3 Converter 2.7.3.700 - (.m3u) Exploit with Universal DEP+ASLR Bypass
Apache Continuum Arbitrary Command Execution
WordPress Social Stream Plugin 1.5.15 - wp_options Overwrite
Oracle Orakill.exe 11.2.0 - Buffer Overflow
|
2016-06-15 05:06:23 +00:00 |
|
Offensive Security
|
52e862d62a
|
DB: 2016-05-11
9 new exploits
Linux Kernel 2.2.x - 2.4.x - ptrace/kmod Local Root Exploit
Linux Kernel 2.2.x / 2.4.x (Redhat) - ptrace/kmod Local Root Exploit
Sendmail <= 8.12.8 prescan() BSD Remote Root Exploit
Sendmail <= 8.12.8 - prescan() BSD Remote Root Exploit
Gopherd <= 3.0.5 FTP Gateway Remote Overflow Exploit
Gopherd <= 3.0.5 - FTP Gateway Remote Overflow Exploit
mIRC 6.1 - _IRC_ Protocol Remote Buffer Overflow Exploit
mIRC 6.1 - 'IRC' Protocol Remote Buffer Overflow Exploit
Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit
Apache mod_gzip (with debug_mode) <= 1.2.26.1a - Remote Exploit
Linux Kernel 2.4.22 - _do_brk()_ Local Root Exploit (PoC)
Linux Kernel 2.4.22 - 'do_brk()' Local Root Exploit (Proof of Concept)
Linux Kernel <= 2.4.22 - (do_brk) Local Root Exploit (working)
Linux Kernel <= 2.4.22 - 'do_brk' Local Root Exploit
Xsok 1.02 - _-xsokdir_ Local Buffer Overflow Game Exploit
Linux Kernel <= 2.4.23 / <= 2.6.0 - _do_mremap_ Local Proof of Concept (1)
Linux Kernel <= 2.4.23 / <= 2.6.0 - _do_mremap_ Local Proof of Concept (2)
Xsok 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (1)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (2)
Linux Kernel <= 2.4.23 / <= 2.6.0 - mremap() Bound Checking Root Exploit
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'mremap()' Bound Checking Root Exploit
Serv-U FTPD 3.x/4.x _SITE CHMOD_ Command Remote Exploit
Serv-U FTPD 3.x/4.x- 'SITE CHMOD' Command Remote Exploit
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - _mremap()_ Local Proof-of-Concept (2)
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Local Proof of Concept (2)
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - _mremap()_ Missing _do_munmap_ Exploit
Red Faction <= 1.20 Server Reply Remote Buffer Overflow Exploit
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Missing 'do_munmap' Exploit
Red Faction <= 1.20 - Server Reply Remote Buffer Overflow Exploit
eMule <= 0.42d IRC Remote Buffer Overflow Exploit
eMule <= 0.42d - IRC Remote Buffer Overflow Exploit
GnomeHack Local Buffer Overflow Exploit (gid=games)
GnomeHack - Local Buffer Overflow Exploit (gid=games)
Kwintv Local Buffer Overflow Exploit (gid=video(33))
Kwintv - Local Buffer Overflow Exploit (gid=video(33))
Redhat 6.1 man Local Exploit (egid 15)
Redhat 6.1 man - Local Exploit (egid 15)
Linux Kernel <= 2.6.3 - (setsockopt) Local Denial of Service Exploit
Linux Kernel <= 2.6.3 - 'setsockopt' Local Denial of Service Exploit
Linux Kernel 2.4.x - 2.6.x - Assembler Inline Function Local DoS Exploit
rlpr <= 2.04 msg() Remote Format String Exploit
MPlayer <= 1.0pre4 GUI filename handling Overflow Exploit
Linux Kernel 2.4.x / 2.6.x - Assembler Inline Function Local DoS Exploit
rlpr <= 2.04 - msg() Remote Format String Exploit
MPlayer <= 1.0pre4 GUI - filename handling Overflow Exploit
Samba <= 3.0.4 SWAT Authorization Buffer Overflow Exploit
Samba <= 3.0.4 - SWAT Authorization Buffer Overflow Exploit
OpenFTPD <= 0.30.1 (message system) Remote Shell Exploit
OpenFTPD <= 0.30.1 - (message system) Remote Shell Exploit
Linux Kernel - File Offset Pointer Handling Memory Disclosure Exploit
Linux Kernel <= 2.4.26- File Offset Pointer Handling Memory Disclosure Exploit
Ollydbg <= 1.10 Format String Bug
Ollydbg <= 1.10 - Format String Bug
Mac OS X <= 10.3.3 AppleFileServer Remote Root Overflow Exploit
Remote CVS <= 1.11.15 (error_prog_name) Remote Exploit
LibPNG <= 1.2.5 png_jmpbuf() Local Buffer Overflow Exploit
Mac OS X <= 10.3.3 - AppleFileServer Remote Root Overflow Exploit
Remote CVS <= 1.11.15 - (error_prog_name) Remote Exploit
LibPNG <= 1.2.5 - png_jmpbuf() Local Buffer Overflow Exploit
AOL Instant Messenger AIM _Away_ Message Local Exploit
AOL Instant Messenger AIM - 'Away' Message Local Exploit
Ground Control <= 1.0.0.7 (Server/Client) Denial of Service Exploit
Ground Control <= 1.0.0.7 - (Server/Client) Denial of Service Exploit
AOL Instant Messenger AIM _Away_ Message Remote Exploit
AOL Instant Messenger AIM - 'Away' Message Remote Exploit (2)
Silent Storm Portal Multiple Vulnerabilities
Silent Storm Portal - Multiple Vulnerabilities
YahooPOPs <= 1.6 SMTP Port Buffer Overflow Exploit
YahooPOPs <= 1.6 - SMTP Port Buffer Overflow Exploit
Monit <= 4.2 Basic Authentication Remote Root Exploit
Monit <= 4.2 - Basic Authentication Remote Root Exploit
YahooPOPs <= 1.6 SMTP Remote Buffer Overflow Exploit
YahooPOPs <= 1.6 - SMTP Remote Buffer Overflow Exploit
Ability Server <= 2.34 (APPE) Remote Buffer Overflow Exploit
Ability Server <= 2.34 - (APPE) Remote Buffer Overflow Exploit
Chatman <= 1.5.1 RC1 Broadcast Crash Exploit
Flash Messaging <= 5.2.0g Remote Denial of Service Exploit
Chatman <= 1.5.1 RC1 - Broadcast Crash Exploit
Flash Messaging <= 5.2.0g - Remote Denial of Service Exploit
CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) BoF Exploit
Halo <= 1.05 Broadcast Client Crash Exploit
CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) - BoF Exploit
Halo <= 1.05 - Broadcast Client Crash Exploit
Soldier of Fortune II <= 1.3 Server/Client Denial of Service Exploit
Soldier of Fortune II <= 1.3 Server/Client - Denial of Service Exploit
Star Wars Battlefront <= 1.1 Fake Players Denial of Service Exploit
Star Wars Battlefront <= 1.1 - Fake Players Denial of Service Exploit
PHP <= 4.3.7/ 5.0.0RC3 memory_limit Remote Exploit
PHP <= 4.3.7/ 5.0.0RC3 - memory_limit Remote Exploit
WS_FTP Server <= 5.03 MKD Remote Buffer Overflow Exploit
WS_FTP Server <= 5.03 - MKD Remote Buffer Overflow Exploit
Jana Server <= 2.4.4 (http/pna) Denial of Service Exploit
Jana Server <= 2.4.4 - (http/pna) Denial of Service Exploit
Kreed <= 1.05 Format String and Denial of Service Exploit
Kreed <= 1.05 - Format String and Denial of Service Exploit
Codename Eagle <= 1.42 Socket Unreacheable DoS Exploit
Codename Eagle <= 1.42 - Socket Unreacheable DoS Exploit
Linux Kernel <= 2.6.9 / 2.4.22-28 - (igmp.c) Local Denial of Service Exploit
Linux Kernel <= 2.6.9 / 2.4.22-28 - 'igmp.c' Local Denial of Service Exploit
WinRAR <= 3.4.1 Corrupt ZIP File Vulnerability PoC
Cscope <= 15.5 Symlink Vulnerability Exploit
WinRAR <= 3.4.1 - Corrupt ZIP File Vulnerability PoC
Cscope <= 15.5 - Symlink Vulnerability Exploit
Linux Kernel 2.6.x - chown() Group Ownership Alteration Exploit
Linux Kernel 2.6.x (Slackware 9.1/ Debian 3.0) - chown() Group Ownership Alteration Exploit
Netcat 1.1 - _-e_ Switch Remote Buffer Overflow Exploit
PHP <= 4.3.7 openlog() Buffer Overflow Exploit
Netcat 1.1 - '-e' Switch Remote Buffer Overflow Exploit
PHP <= 4.3.7 - openlog() Buffer Overflow Exploit
phpBB <= 2.0.10 Bot Install (Altavista) (ssh.D.Worm)
phpBB <= 2.0.10 - Bot Install (Altavista) (ssh.D.Worm)
Gore <= 1.50 Socket Unreacheable Denial of Service Exploit
Gore <= 1.50 - Socket Unreacheable Denial of Service Exploit
Exim <= 4.41 dns_build_reverse Local Exploit PoC
Exim <= 4.41 - dns_build_reverse Local Exploit PoC
Peer2Mail <= 1.4 Encrypted Password Dumper Exploit
Peer2Mail <= 1.4 - Encrypted Password Dumper Exploit
Mac OS X <= 10.3.7 Input Validation Flaw parse_machfile() DoS
Mac OS X <= 10.3.7 - Input Validation Flaw parse_machfile() DoS
Xpand Rally <= 1.0.0.0 (Server/Clients) Crash Exploit
Xpand Rally <= 1.0.0.0 (Server/Clients) - Crash Exploit
Painkiller <= 1.35 in-game cd-key alpha-numeric Buffer Overflow Exploit
Painkiller <= 1.35 - in-game cd-key alpha-numeric Buffer Overflow Exploit
Armagetron Advanced <= 0.2.7.0 Server Crash Exploit
Armagetron Advanced <= 0.2.7.0 - Server Crash Exploit
MercuryBoard <= 1.1.1 Working SQL Injection
MercuryBoard <= 1.1.1 - SQL Injection
GNU a2ps _Anything to PostScript_ Local Exploit (not suid)
GNU a2ps - 'Anything to PostScript' Local Exploit (Not SUID)
vBulletin <= 3.0.4 - _forumdisplay.php_ Code Execution
vBulletin <= 3.0.4 - 'forumdisplay.php' Code Execution (1)
vBulletin <= 3.0.4 - _forumdisplay.php_ Code Execution (part 2)
Serv-U 4.x _site chmod_ Remote Buffer Overflow Exploit
vBulletin <= 3.0.4 - 'forumdisplay.php' Code Execution (2)
Serv-U 4.x - 'site chmod' Remote Buffer Overflow Exploit
3Com 3CDaemon FTP Unauthorized _USER_ Remote BoF Exploit
3Com 3CDaemon FTP - Unauthorized 'USER' Remote BoF Exploit
vBulletin <= 3.0.6 php Code Injection
vBulletin <= 3.0.6 - PHP Code Injection
Soldier of Fortune 2 <= 1.03 - _cl_guid_ - Server Crash
Soldier of Fortune 2 <= 1.03 - 'cl_guid' - Server Crash
Knet <= 1.04c Buffer Overflow Denial of Service Exploit
Knet <= 1.04c - Buffer Overflow Denial of Service Exploit
Scrapland <= 1.0 Server Termination Denial of Service Exploit
Scrapland <= 1.0 - Server Termination Denial of Service Exploit
Apache <= 2.0.52 HTTP GET request Denial of Service Exploit
Nokia Symbian 60 (Bluetooth Nickname) Remote Restart (update)
Apache <= 2.0.52 - HTTP GET request Denial of Service Exploit
Nokia Symbian 60 (Bluetooth Nickname) Remote Restart (2)
Microsoft Internet Explorer _mshtml.dll_ CSS Parsing Buffer Overflow
Microsoft Internet Explorer - 'mshtml.dll' CSS Parsing Buffer Overflow
Ethereal <= 0.10.9 - _3G-A11_ - Remote Buffer Overflow Exploit (2)
Ethereal <= 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Windows)
Ethereal <= 0.10.9 - _3G-A11_ Remote Buffer Overflow Exploit
Ethereal <= 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Linux)
PHP-Nuke 6.x - 7.6 Top module Remote SQL Injection Exploit (working)
PHP-Nuke 6.x - 7.6 Top module - Remote SQL Injection Exploit
HP-UX FTPD <= 1.1.214.4 - _REST_ Remote Brute Force Exploit
HP-UX FTPD <= 1.1.214.4 - 'REST' Remote Brute Force Exploit
Invision Power Board <= 2.0.3 Login.PHP SQL Injection Exploit
Invision Power Board <= 2.0.3 Login.PHP SQL Injection (tutorial)
Invision Power Board <= 2.0.3 - Login.PHP SQL Injection Exploit
Invision Power Board <= 2.0.3 - Login.PHP SQL Injection (tutorial)
phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (perl)
phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php)
phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php 2)
phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (Perl)
phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1)
phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2)
Ethereal <= 0.10.10 (SIP) Protocol Dissector Remote BoF Exploit
MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit
Ethereal <= 0.10.10 - (SIP) Protocol Dissector Remote BoF Exploit
MyBulletinBoard (MyBB) <= 1.00 RC4 - SQL Injection Exploit
Microsoft Internet Explorer - javascript _window()_ Crash
Microsoft Internet Explorer - javascript 'window()' Crash
Kaspersky AntiVirus - _klif.sys_ Privilege Escalation Vulnerability
Kaspersky AntiVirus - 'klif.sys' Privilege Escalation Vulnerability
Invision Power Board <= 1.3.1 Login.PHP SQL Injection (working)
Invision Power Board <= 1.3.1 - Login.PHP SQL Injection
WordPress <= 1.5.1.1 - _add new admin_ SQL Injection Exploit
WordPress <= 1.5.1.1 - 'add new admin' SQL Injection Exploit
Mozilla Firefox <= 1.0.4 - _Set As Wallpaper_ Code Execution Exploit
Mozilla Firefox <= 1.0.4 - 'Set As Wallpaper' Code Execution Exploit
Scorched 3D <= 39.1 - Multiple Vulnerabilities (All-in-One) (PoC)
Scorched 3D <= 39.1 - Multiple Vulnerabilities (PoC)
XOOPS (wfdownloads) 2.05 Module Multiple Vulnerabilities Exploit
XOOPS (wfdownloads) 2.05 Module - Multiple Vulnerabilities
Linux Kernel <= 2.6.11 - 'k-rad3.c' (CPL 0) Local Root Exploit
Linux Kernel <= 2.6.9 / <= 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Local Root Exploit
Alien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities Exploit
Alien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities
nodez <= 4.6.1.1 mercury Multiple Vulnerabilities
nodez <= 4.6.1.1 mercury - Multiple Vulnerabilities
gCards <= 1.45 - Multiple Vulnerabilities All-In-One Exploit
gCards <= 1.45 - Multiple Vulnerabilities
Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Path Disclosure / Denial of Service Exploit
Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Path Disclosure and Denial of Service Exploit
OpenTTD <= 0.4.7 - (multiple vulnerabilities) Denial of Service Exploit
OpenTTD <= 0.4.7 - Multiple Vulnerabilities/Denial of Service Exploit
Apple Mac OS X Safari <= 2.0.3 (417.9.2) Multiple Vulnerabilities PoC
Apple Mac OS X Safari <= 2.0.3 (417.9.2) - Multiple Vulnerabilities (PoC)
PHP-Fusion <= 6.00.306 - Multiple Vulnerabilities Exploit
PHP-Fusion <= 6.00.306 - Multiple Vulnerabilities
outgun <= 1.0.3 bot 2 - Multiple Vulnerabilities Exploit
outgun <= 1.0.3 bot 2 - Multiple Vulnerabilities
raydium <= svn 309 - Multiple Vulnerabilities Exploit
raydium <= svn 309 - Multiple Vulnerabilities
PunkBuster < 1.229 (WebTool Service) Remote Buffer Overflow DoS
PunkBuster < 1.229 - (WebTool Service) Remote Buffer Overflow DoS
Ultimate PHP Board <= 1.96 GOLD Multiple Vulnerabilities Exploit
Ultimate PHP Board <= 1.96 GOLD - Multiple Vulnerabilities
Light Blog Remote Multiple Vulnerabilities Exploit
Light Blog Remote - Multiple Vulnerabilities
Apple Airport - 802.11 Probe Response Kernel Memory Corruption PoC
Apple Airport - 802.11 Probe Response Kernel Memory Corruption Proof of Concept
contentnow 1.30 (local/upload/delete) Multiple Vulnerabilities
contentnow 1.30 - (local/upload/delete) Multiple Vulnerabilities
contentnow 1.30 (upload/XSS) Multiple Vulnerabilities
contentnow 1.30 - (Upload/XSS) Multiple Vulnerabilities
torrentflux <= 2.2 (create/exec/delete) Multiple Vulnerabilities
torrentflux <= 2.2 - (create/exec/delete) Multiple Vulnerabilities
Messagerie Locale (centre.php) Remote File Inclusion Vulnerability
Site News (centre.php) Remote File Inclusion Vulnerability
Messagerie Locale (centre.php) - Remote File Inclusion Vulnerability
Site News (centre.php) - Remote File Inclusion Vulnerability
kubix <= 0.7 - Multiple Vulnerabilities Exploit
kubix <= 0.7 - Multiple Vulnerabilities
BBS E-Market Professional (Path Disclosure/Include) Multiple Vulnerabilities
BBS E-Market Professional - (Path Disclosure/Include) Multiple Vulnerabilities
F-Prot Antivirus 4.6.6 (ACE) Denial of Service Exploit
F-Prot Antivirus 4.6.6 - (ACE) Denial of Service Exploit
open newsletter <= 2.5 - Multiple Vulnerabilities Exploit (update)
open newsletter <= 2.5 - Multiple Vulnerabilities (2)
eNdonesia 8.4 (mod.php/friend.php/admin.php) Multiple Vulnerabilities
eNdonesia 8.4 - (mod.php/friend.php/admin.php) Multiple Vulnerabilities
php-update <= 2.7 - Multiple Vulnerabilities Exploit
php-update <= 2.7 - Multiple Vulnerabilities
ig shop 1.0 (eval/SQL Injection) Multiple Vulnerabilities
ig shop 1.0 - (eval/SQL Injection) Multiple Vulnerabilities
QUOTE&ORDERING SYSTEM 1.0 (ordernum) Multiple Vulnerabilities
QUOTE&ORDERING SYSTEM 1.0 - (ordernum) Multiple Vulnerabilities
vp-asp shopping cart 6.09 (SQL/XSS) Multiple Vulnerabilities
vp-asp shopping cart 6.09 - (SQL/XSS) Multiple Vulnerabilities
Aztek Forum 4.0 - Multiple Vulnerabilities Exploit
Aztek Forum 4.0 - Multiple Vulnerabilities
otscms <= 2.1.5 (SQL/XSS) Multiple Vulnerabilities
otscms <= 2.1.5 - (SQL/XSS) Multiple Vulnerabilities
uTorrent 1.6 build 474 (announce) Key Remote Heap Overflow Exploit
uTorrent 1.6 build 474 - (announce) Key Remote Heap Overflow Exploit
Connectix Boards <= 0.7 (p_skin) Multiple Vulnerabilities Exploit
Connectix Boards <= 0.7 - (p_skin) Multiple Vulnerabilities
qdblog 0.4 (SQL Injection/LFI) Multiple Vulnerabilities
qdblog 0.4 - (SQL Injection/LFI) Multiple Vulnerabilities
Censura 1.15.04 (censura.php vendorid) SQL Injection Vulnerability
Censura 1.15.04 - (censura.php vendorid) SQL Injection Vulnerability
runawaysoft haber portal 1.0 (tr) Multiple Vulnerabilities
runawaysoft haber portal 1.0 - (tr) Multiple Vulnerabilities
netclassifieds (SQL/XSS/full path) Multiple Vulnerabilities
netclassifieds - (SQL/XSS/full path) Multiple Vulnerabilities
bugmall shopping cart 2.5 (SQL/XSS) Multiple Vulnerabilities
bugmall shopping cart 2.5 - (SQL/XSS) Multiple Vulnerabilities
Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak PoC
Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak Proof of Concept
Pictures Rating (index.php msgid) Remote SQL Injection Vulnerbility
Pictures Rating - (index.php msgid) Remote SQL Injection Vulnerbility
Joomla Component Nice Talk <= 0.9.3 (tagid) SQL Injection Vulnerability
Joomla Component Nice Talk <= 0.9.3 - (tagid) SQL Injection Vulnerability
Xitami Web Server 2.5 (If-Modified-Since) Remote BoF Exploit (0day)
Xitami Web Server 2.5 - (If-Modified-Since) Remote BoF Exploit (0day)
Linux Kernel 2.4/2.6 - x86-64 System Call Emulation Exploit
Linux Kernel 2.4 / 2.6 x86-64 - System Call Emulation Exploit
else if CMS 0.6 - Multiple Vulnerabilities / Exploit
else if CMS 0.6 - Multiple Vulnerabilities
Php-Stats 0.1.9.2 - Multiple Vulnerabilities Exploit
Php-Stats 0.1.9.2 - Multiple Vulnerabilities
Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow PoC
Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow Proof of Concept
WorkingOnWeb 2.0.1400 events.php Remote SQL Injection Vulnerability
WorkingOnWeb 2.0.1400 - events.php Remote SQL Injection Vulnerability
Apple Mac OS X xnu <= 1228.0 - mach-o Local Kernel Denial of Service PoC
Apple Mac OS X xnu <= 1228.0 - mach-o Local Kernel Denial of Service Proof of Concept
portalapp 4.0 (SQL/XSS/auth bypasses) Multiple Vulnerabilities
portalapp 4.0 - (SQL/XSS/auth bypasses) Multiple Vulnerabilities
evilboard 0.1a (SQL/XSS) Multiple Vulnerabilities
evilboard 0.1a - (SQL/XSS) Multiple Vulnerabilities
Evilsentinel <= 1.0.9 (multiple vulnerabilities) Disable Exploit
Evilsentinel <= 1.0.9 - (Multiple Vulnerabilities) Disable Exploit
blogcms 4.2.1b (SQL/XSS) Multiple Vulnerabilities
blogcms 4.2.1b - (SQL/XSS) Multiple Vulnerabilities
bloofox 0.3 (SQL/fd) Multiple Vulnerabilities
bloofox 0.3 - (SQL/fd) Multiple Vulnerabilities
Liquid-Silver CMS 0.1 (update) Local File Inclusion Vulnerability
Liquid-Silver CMS 0.1 - (update) Local File Inclusion Vulnerability
simple forum 3.2 (fd/XSS) Multiple Vulnerabilities
simple forum 3.2 - (fd/XSS) Multiple Vulnerabilities
Mambo Component Sermon 0.2 (gid) SQL Injection Vulnerability
Mambo Component Sermon 0.2 - (gid) SQL Injection Vulnerability
Philips VOIP841 (Firmware <= 1.0.4.800) Multiple Vulnerabilities
Philips VOIP841 - (Firmware <= 1.0.4.800) Multiple Vulnerabilities
pigyard art gallery Multiple Vulnerabilities
pigyard art gallery - Multiple Vulnerabilities
XOOPS Module Gallery 0.2.2 (gid) Remote SQL Injection Vulnerability
XOOPS Module My_eGallery 3.04 (gid) SQL Injection Vulnerability
XOOPS Module Gallery 0.2.2 - (gid) Remote SQL Injection Vulnerability
XOOPS Module My_eGallery 3.04 - (gid) SQL Injection Vulnerability
easycalendar <= 4.0tr Multiple Vulnerabilities
easygallery <= 5.0tr Multiple Vulnerabilities
easycalendar <= 4.0tr - Multiple Vulnerabilities
easygallery <= 5.0tr - Multiple Vulnerabilities
Nuked-Klan <= 1.7.6 - Multiple Vulnerabilities Exploit
Nuked-Klan <= 1.7.6 - Multiple Vulnerabilities
RedDot CMS 7.5 (LngId) Remote SQL Injection Exploit
RedDot CMS 7.5 - (LngId) Remote SQL Injection Exploit
minibb 2.2 (css/SQL/fpd) Multiple Vulnerabilities
minibb 2.2 - (css/SQL/fpd) Multiple Vulnerabilities
siteman 2.x (exec/LFI/XSS) Multiple Vulnerabilities
siteman 2.x - (exec/LFI/XSS) Multiple Vulnerabilities
megabbs forum 2.2 (SQL/XSS) Multiple Vulnerabilities
megabbs forum 2.2 - (SQL/XSS) Multiple Vulnerabilities
Joomla Component paxxgallery 0.2 (gid) Blind SQL Injection Exploit
Joomla Component paxxgallery 0.2 - (gid) Blind SQL Injection Exploit
cplinks 1.03 (bypass/SQL/xxs) Multiple Vulnerabilities
cplinks 1.03 - (bypass/SQL/xxs) Multiple Vulnerabilities
deluxebb <= 1.2 - Multiple Vulnerabilities Exploit
deluxebb <= 1.2 - Multiple Vulnerabilities
Phoenix View CMS <= Pre Alpha2 (SQL/LFI/XSS) Multiple Vulnerabilities
Phoenix View CMS <= Pre Alpha2 - (SQL/LFI/XSS) Multiple Vulnerabilities
Ktools PhotoStore <= 3.5.1 (gallery.php gid) SQL Injection Vulnerability
Ktools PhotoStore <= 3.5.1 - (gallery.php gid) SQL Injection Vulnerability
idautomation bar code ActiveX Multiple Vulnerabilities
idautomation bar code ActiveX - Multiple Vulnerabilities
ecms 0.4.2 (SQL/pb) Multiple Vulnerabilities
Mantis Bug Tracker 1.1.1 (CE/XSS/CSRF) Multiple Vulnerabilities
ecms 0.4.2 - (SQL/pb) Multiple Vulnerabilities
Mantis Bug Tracker 1.1.1 - (CE/XSS/CSRF) Multiple Vulnerabilities
mebiblio 0.4.7 (SQL/upload/XSS) Multiple Vulnerabilities
mebiblio 0.4.7 - (SQL/upload/XSS) Multiple Vulnerabilities
smeweb 1.4b (SQL/XSS) Multiple Vulnerabilities
smeweb 1.4b - (SQL/XSS) Multiple Vulnerabilities
PHP-Address Book <= 3.1.5 (SQL/XSS) Multiple Vulnerabilities
PHP-Address Book <= 3.1.5 - (SQL/XSS) Multiple Vulnerabilities
427bb 2.3.1 (SQL/XSS) Multiple Vulnerabilities
427bb 2.3.1 - (SQL/XSS) Multiple Vulnerabilities
Black Ice Software Inc Barcode SDK (BIDIB.ocx) Multiple Vulnerabilities
Black Ice Software Inc Barcode SDK - (BIDIB.ocx) Multiple Vulnerabilities
real estate Web site 1.0 (SQL/XSS) Multiple Vulnerabilities
telephone directory 2008 (SQL/XSS) Multiple Vulnerabilities
real estate Web site 1.0 - (SQL/XSS) Multiple Vulnerabilities
telephone directory 2008 - (SQL/XSS) Multiple Vulnerabilities
gravity board x 2.0 beta (SQL/XSS) Multiple Vulnerabilities
gravity board x 2.0 beta - (SQL/XSS) Multiple Vulnerabilities
butterfly organizer 2.0.0 (SQL/XSS) Multiple Vulnerabilities
butterfly organizer 2.0.0 - (SQL/XSS) Multiple Vulnerabilities
doITlive CMS <= 2.50 (SQL Injection/XSS) Multiple Vulnerabilities
doITlive CMS <= 2.50 - (SQL Injection/XSS) Multiple Vulnerabilities
ownrs blog beta3 (SQL/XSS) Multiple Vulnerabilities
ownrs blog beta3 - (SQL/XSS) Multiple Vulnerabilities
sitexs CMS 0.1.1 (upload/XSS) Multiple Vulnerabilities
sitexs CMS 0.1.1 - (upload/XSS) Multiple Vulnerabilities
shibby shop <= 2.2 (SQL/update) Multiple Vulnerabilities
shibby shop <= 2.2 - (SQL/update) Multiple Vulnerabilities
polypager <= 1.0rc2 (SQL/XSS) Multiple Vulnerabilities
polypager <= 1.0rc2 - (SQL/XSS) Multiple Vulnerabilities
otmanager CMS 24a (LFI/XSS) Multiple Vulnerabilities
w1l3d4 philboard 1.2 (blind sql/XSS) Multiple Vulnerabilities
otmanager CMS 24a - (LFI/XSS) Multiple Vulnerabilities
w1l3d4 philboard 1.2 - (blind sql/XSS) Multiple Vulnerabilities
Thelia 1.3.5 - Multiple Vulnerabilities Exploit
Thelia 1.3.5 - Multiple Vulnerabilities
contentnow 1.4.1 (upload/XSS) Multiple Vulnerabilities
contentnow 1.4.1 - (upload/XSS) Multiple Vulnerabilities
trixbox (langChoice) - Local File Inclusion Exploit (connect-back) (2)
trixbox - (langChoice) Local File Inclusion Exploit (connect-back) (2)
Trixbox 2.6.1 - (langChoice) Remote Root Exploit (py)
Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python)
jsite 1.0 oe (SQL/LFI) Multiple Vulnerabilities
jsite 1.0 oe - (SQL/LFI) Multiple Vulnerabilities
Bea Weblogic Apache Connector - Code Execution / Denial of Service Exploit
Bea Weblogic Apache Connector - Code Execution and Denial of Service Exploit
e-vision CMS <= 2.02 (SQL/upload/ig) Multiple Vulnerabilities
k-links directory (SQL/XSS) Multiple Vulnerabilities
e-vision CMS <= 2.02 - (SQL/upload/ig) Multiple Vulnerabilities
k-links directory - (SQL/XSS) Multiple Vulnerabilities
Ppim <= 1.0 (Arbitrary File Delete/XSS) Multiple Vulnerabilities
Ppim <= 1.0 - (Arbitrary File Delete/XSS) Multiple Vulnerabilities
Ppim <= 1.0 (upload/change password) Multiple Vulnerabilities
Ppim <= 1.0 - (upload/change password) Multiple Vulnerabilities
k-rate (SQL/XSS) Multiple Vulnerabilities
k-rate - (SQL/XSS) Multiple Vulnerabilities
Invision Power Board <= 2.3.5 - Multiple Vulnerabilities Exploit (revised)
Invision Power Board <= 2.3.5 - Multiple Vulnerabilities (2)
brim 2.0.0 (SQL/XSS) Multiple Vulnerabilities
brim 2.0.0 - (SQL/XSS) Multiple Vulnerabilities
aspwebalbum 3.2 (upload/SQL/XSS) Multiple Vulnerabilities
aspwebalbum 3.2 - (upload/SQL/XSS) Multiple Vulnerabilities
qwicsite pro (SQL/XSS) Multiple Vulnerabilities
qwicsite pro - (SQL/XSS) Multiple Vulnerabilities
Hot Links SQL-PHP 3 (report.php) Multiple Vulnerabilities
Hot Links SQL-PHP 3 - (report.php) Multiple Vulnerabilities
Availscript Article Script (articles.php) Multiple Vulnerabilities
Availscript Article Script - (articles.php) Multiple Vulnerabilities
Availscript Photo Album (pics.php) Multiple Vulnerabilities
Availscript Photo Album - (pics.php) Multiple Vulnerabilities
phpvid 1.1 0- (XSS/SQL) Multiple Vulnerabilities
phpvid 1.1 0 - (XSS/SQL) Multiple Vulnerabilities
php infoboard 7 - plus Multiple Vulnerabilities
php infoboard 7 plus - Multiple Vulnerabilities
camera life 2.6.2b4 (SQL/XSS) Multiple Vulnerabilities
camera life 2.6.2b4 - (SQL/XSS) Multiple Vulnerabilities
mini-pub 0.3 (lfd/ce) Multiple Vulnerabilities
mini-pub 0.3 - (LFD/CE) Multiple Vulnerabilities
Nuked-klaN <= 1.7.7 / <= SP4.4 - Multiple Vulnerabilities Exploit
Nuked-klaN <= 1.7.7 / <= SP4.4 - Multiple Vulnerabilities
mystats (hits.php) Multiple Vulnerabilities Exploit
mystats - (hits.php) Multiple Vulnerabilities
Vivvo CMS <= 3.4 - Multiple Vulnerabilities Destroyer Exploit
Vivvo CMS <= 3.4 - Multiple Vulnerabilities
websvn <= 2.0 - (XSS/fh/ce) Multiple Vulnerabilities
websvn <= 2.0 - (XSS/fh/CE) Multiple Vulnerabilities
db Software Laboratory VImpX (VImpX.ocx) Multiple Vulnerabilities
db Software Laboratory VImpX - (VImpX.ocx) Multiple Vulnerabilities
phpdaily (SQL/XSS/lfd) Multiple Vulnerabilities
phpdaily - (SQL/XSS/lfd) Multiple Vulnerabilities
questcms - (XSS/directory traversal/SQL) Multiple Vulnerabilities
questcms - (XSS/Directory Traversal/SQL) Multiple Vulnerabilities
apartment search script (rfu/XSS) Multiple Vulnerabilities
apartment search script - (RFU/XSS) Multiple Vulnerabilities
MatPo Link 1.2b (Blind SQL Injection/XSS) Multiple Vulnerabilities
MatPo Link 1.2b - (Blind SQL Injection/XSS) Multiple Vulnerabilities
WEBBDOMAIN WebShop 1.02 (SQL/XSS) Multiple Vulnerabilities
WEBBDOMAIN WebShop 1.02 - (SQL/XSS) Multiple Vulnerabilities
pre multi-vendor shopping malls Multiple Vulnerabilities
pre multi-vendor shopping malls - Multiple Vulnerabilities
Pre ADS Portal <= 2.0 (Auth Bypass/XSS) Multiple Vulnerabilities
Pre ADS Portal <= 2.0 - (Auth Bypass/XSS) Multiple Vulnerabilities
Mini Web Calendar 1.2 (File Disclosure/XSS) Multiple Vulnerabilities
Mini Web Calendar 1.2 - (File Disclosure/XSS) Multiple Vulnerabilities
zeeproperty 1.0 (upload/XSS) Multiple Vulnerabilities
zeeproperty 1.0 - (upload/XSS) Multiple Vulnerabilities
Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerabilities
Openfire Server <= 3.6.0a - (Auth Bypass/SQL/XSS) Multiple Vulnerabilities
AJSquare Free Polling Script (DB) Multiple Vulnerabilities
AJSquare Free Polling Script - (DB) Multiple Vulnerabilities
turnkeyforms Web Hosting Directory Multiple Vulnerabilities
turnkeyforms Web Hosting Directory - Multiple Vulnerabilities
GS Real Estate Portal US/International Module Multiple Vulnerabilities
GS Real Estate Portal US/International Module - Multiple Vulnerabilities
bandwebsite 1.5 (SQL/XSS) Multiple Vulnerabilities
bandwebsite 1.5 - (SQL/XSS) Multiple Vulnerabilities
chipmunk topsites (auth bypass/XSS) Multiple Vulnerabilities
clean CMS 1.5 (blind SQL Injection/XSS) Multiple Vulnerabilities
chipmunk topsites - (auth bypass/XSS) Multiple Vulnerabilities
clean CMS 1.5 - (blind SQL Injection/XSS) Multiple Vulnerabilities
Ocean12 Contact Manager Pro (SQL/XSS/DDV) Multiple Vulnerabilities
Ocean12 Contact Manager Pro - (SQL/XSS/DDV) Multiple Vulnerabilities
comersus asp shopping cart (dd/XSS) Multiple Vulnerabilities
comersus asp shopping cart - (DD/XSS) Multiple Vulnerabilities
minimal ablog 0.4 (SQL/fu/bypass) Multiple Vulnerabilities
minimal ablog 0.4 - (SQL/fu/bypass) Multiple Vulnerabilities
Ocean12 Mailing List Manager Gold (DD/SQL/XSS) Vulnerabilities
Ocean12 Mailing List Manager Gold - (DD/SQL/XSS) Vulnerabilities
wbstreet 1.0 (SQL/dd) Multiple Vulnerabilities
wbstreet 1.0 - (SQL/DD) Multiple Vulnerabilities
template creature (SQL/dd) Multiple Vulnerabilities
template creature - (SQL/DD) Multiple Vulnerabilities
merlix educate servert (bypass/dd) Multiple Vulnerabilities
merlix educate servert - (bypass/DD) Multiple Vulnerabilities
nightfall personal diary 1.0 - (XSS/dd) Multiple Vulnerabilities
Merlix Teamworx Server (DD/Bypass) Multiple Remote Vulnerabilities
nightfall personal diary 1.0 - (XSS/DD) Multiple Vulnerabilities
Merlix Teamworx Server - (DD/Bypass) Multiple Remote Vulnerabilities
asp autodealer (SQL/dd) Multiple Vulnerabilities
asp autodealer - (SQL/DD) Multiple Vulnerabilities
aspmanage banners (rfu/dd) Multiple Vulnerabilities
aspmanage banners - (RFU/DD) Multiple Vulnerabilities
asp talk (SQL/css) Multiple Vulnerabilities
asp talk - (SQL/css) Multiple Vulnerabilities
siu guarani Multiple Vulnerabilities
siu guarani - Multiple Vulnerabilities
webcaf <= 1.4 - (LFI/rce) Multiple Vulnerabilities
webcaf <= 1.4 - (LFI/RCE) Multiple Vulnerabilities
postecards (SQL/dd) Multiple Vulnerabilities
postecards - (SQL/DD) Multiple Vulnerabilities
living Local 1.1 - (XSS-rfu) Multiple Vulnerabilities
living Local 1.1 - (XSS/rfu) Multiple Vulnerabilities
cf shopkart 5.2.2 (SQL/dd) Multiple Vulnerabilities
cf shopkart 5.2.2 - (SQL/DD) Multiple Vulnerabilities
the net guys aspired2blog (SQL/dd) Multiple Vulnerabilities
the net guys aspired2blog - (SQL/dd) Multiple Vulnerabilities
joomla live chat (SQL/proxy) Multiple Vulnerabilities
joomla live chat - (SQL/proxy) Multiple Vulnerabilities
isweb CMS 3.0 (SQL/XSS) Multiple Vulnerabilities
isweb CMS 3.0 - (SQL/XSS) Multiple Vulnerabilities
clickandemail (SQL/XSS) Multiple Vulnerabilities
click&rank (SQL/XSS) Multiple Vulnerabilities
clickandemail - (SQL/XSS) Multiple Vulnerabilities
click&rank - (SQL/XSS) Multiple Vulnerabilities
Liberum Help Desk 0.97.3 (SQL/DD) Remote Vulnerabilities
Zelta E Store (RFU/BYPASS/R-SQL/B-SQL) Multiple Vulnerabilities
Liberum Help Desk 0.97.3 - (SQL/DD) Remote Vulnerabilities
Zelta E Store - (RFU/BYPASS/R-SQL/B-SQL) Multiple Vulnerabilities
2532/gigs 1.2.2 - stable Multiple Vulnerabilities
2532/gigs 1.2.2 stable - Multiple Vulnerabilities
constructr CMS <= 3.02.5 stable Multiple Vulnerabilities
constructr CMS <= 3.02.5 stable - Multiple Vulnerabilities
chicomas <= 2.0.4 (DB Backup/DD/XSS) Multiple Vulnerabilities
chicomas <= 2.0.4 - (DB Backup/DD/XSS) Multiple Vulnerabilities
yourplace <= 1.0.2 - Multiple Vulnerabilities + rce Exploit
yourplace <= 1.0.2 - Multiple Vulnerabilities + RCE Exploit
doop CMS <= 1.4.0b (CSRF/upload shell) Multiple Vulnerabilities
doop CMS <= 1.4.0b - (CSRF/upload shell) Multiple Vulnerabilities
Nokia S60 SMS/Mms (Curse of Silence) Denial of Service Vulnerability
Nokia S60 SMS/MMS (Curse of Silence) - Denial of Service Vulnerability
Seo4SMF for SMF forums Multiple Vulnerabilities
Seo4SMF for SMF forums - Multiple Vulnerabilities
mkportal <= 1.2.1 () Multiple Vulnerabilities
mkportal <= 1.2.1 - Multiple Vulnerabilities
rankem (dd/XSS/cm) Multiple Vulnerabilities
blogit! (SQL/dd/XSS) Multiple Vulnerabilities
rankem - (DD/XSS/cm) Multiple Vulnerabilities
blogit! - (SQL/DD/XSS) Multiple Vulnerabilities
E-ShopSystem Auth Bypass / SQL Injection Multiple Vulnerabilities
E-ShopSystem - (Auth Bypass / SQL Injection) Multiple Vulnerabilities
Motorola Wimax modem CPEi300 (FD/XSS) Multiple Vulnerabilities
Motorola Wimax modem CPEi300 - (FD/XSS) Multiple Vulnerabilities
navicopa webserver 3.0.1 (bof/sd) Multiple Vulnerabilities
navicopa webserver 3.0.1 - (bof/sd) Multiple Vulnerabilities
Power System Of Article Management 3.0 - (DD/XSS) Vulnerabilities
team 1.x - (dd/XSS) Multiple Vulnerabilities
Power System Of Article Management 3.0 - (DD/XSS) Multiple Vulnerabilities
team 1.x - (DD/XSS) Multiple Vulnerabilities
gr blog 1.1.4 (upload/bypass) Multiple Vulnerabilities
gr blog 1.1.4 - (upload/bypass) Multiple Vulnerabilities
zeroboard4 pl8 (07.12.17) Multiple Vulnerabilities
zeroboard4 pl8 (07.12.17) - Multiple Vulnerabilities
SilverNews 2.04 (Auth Bypass/LFI/RCE) Multiple Vulnerabilities
SilverNews 2.04 - (Auth Bypass/LFI/RCE) Multiple Vulnerabilities
w3bcms <= 3.5.0 - Multiple Vulnerabilities Exploit
w3bcms <= 3.5.0 - Multiple Vulnerabilities
powermovielist 0.14b (SQL/XSS) Multiple Vulnerabilities
powermovielist 0.14b - (SQL/XSS) Multiple Vulnerabilities
ritsblog 0.4.2 (ab/XSS) Multiple Vulnerabilities
Zabbix 1.6.2 Frontend Multiple Vulnerabilities
blindblog 1.3.1 (SQL/ab/LFI) Multiple Vulnerabilities
ritsblog 0.4.2 - (ab/XSS) Multiple Vulnerabilities
Zabbix 1.6.2 - Frontend - Multiple Vulnerabilities
blindblog 1.3.1 - (SQL/ab/LFI) Multiple Vulnerabilities
phpCommunity 2.1.8 (SQL/DT/XSS) Multiple Vulnerabilities
phpCommunity 2.1.8 - (SQL/DT/XSS) Multiple Vulnerabilities
Telnet-Ftp Service Server 1.x - Multiple Vulnerabilities (Post Auth)
Telnet-Ftp Service Server 1.x - (Post Auth) Multiple Vulnerabilities
Femitter FTP Server 1.x - Multiple Vulnerabilities (post auth)
Femitter FTP Server 1.x - (Post Auth) Multiple Vulnerabilities
Diskos CMS Manager (SQL/DB/Auth Bypass) Multiple Vulnerabilities
Diskos CMS Manager - (SQL/DB/Auth Bypass) Multiple Vulnerabilities
Linux Kernel 2.6 - UDEV Local Privilege Escalation Exploit
Linux Kernel 2.6 (Debian / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit
flatnux 2009-03-27 (upload/id) Multiple Vulnerabilities
flatnux 2009-03-27 - (upload/id) Multiple Vulnerabilities
fungamez rc1 (ab/LFI) Multiple Vulnerabilities
fungamez rc1 - (ab/LFI) Multiple Vulnerabilities
mixedcms 1.0b (LFI/su/ab/fd) Multiple Vulnerabilities
mixedcms 1.0b - (LFI/su/ab/fd) Multiple Vulnerabilities
fowlcms 1.1 (ab/LFI/su) Multiple Vulnerabilities
fowlcms 1.1 - (ab/LFI/su) Multiple Vulnerabilities
dwebpro 6.8.26 (dt/fd) Multiple Vulnerabilities
dwebpro 6.8.26 - (dt/fd) Multiple Vulnerabilities
Linux Kernel 2.6.x - SCTP FWD Memory Corruption Remote Exploit
Linux Kernel 2.6.x (<= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10) (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit
Linux Kernel 2.6 UDEV < 141 - Local Privilege Escalation Exploit
Linux Kernel 2.6 UDEV < 141 (Gentoo / Ubuntu 8.10/9.04) - Local Privilege Escalation Exploit
leap CMS 0.1.4 (SQL/XSS/su) Multiple Vulnerabilities
leap CMS 0.1.4 - (SQL/XSS/su) Multiple Vulnerabilities
tematres 1.0.3 (auth bypass/SQL/XSS) Multiple Vulnerabilities
tematres 1.0.3 - (auth bypass/SQL/XSS) Multiple Vulnerabilities
Linux Kernel 2.6.x - ptrace_attach Local Privilege Escalation Exploit
Linux Kernel 2.6.x (Gentoo 2.6.29rc1) - ptrace_attach Local Privilege Escalation Exploit
2daybiz business community script Multiple Vulnerabilities
Easy Scripts Answer and Question Script Multiple Vulnerabilities
2daybiz business community script - Multiple Vulnerabilities
Easy Scripts Answer and Question Script - Multiple Vulnerabilities
my-colex 1.4.2 (ab/XSS/SQL) Multiple Vulnerabilities
my-gesuad 0.9.14 (ab/SQL/XSS) Multiple Vulnerabilities
my-colex 1.4.2 - (ab/XSS/SQL) Multiple Vulnerabilities
my-gesuad 0.9.14 - (ab/SQL/XSS) Multiple Vulnerabilities
vidshare pro (SQL/XSS) Multiple Vulnerabilities
vidshare pro - (SQL/XSS) Multiple Vulnerabilities
Mac OS X - Java applet Remote Deserialization Remote PoC (updated)
Mac OS X - Java applet Remote Deserialization Remote PoC (Updated)
asp inline corporate calendar (SQL/XSS) Multiple Vulnerabilities
asp inline corporate calendar - (SQL/XSS) Multiple Vulnerabilities
minitwitter 0.3-beta (SQL/XSS) Multiple Vulnerabilities
minitwitter 0.3-beta - (SQL/XSS) Multiple Vulnerabilities
elitecms 1.01 (SQL/XSS) Multiple Vulnerabilities
elitecms 1.01 - (SQL/XSS) Multiple Vulnerabilities
flashlight free edition (LFI/SQL) Multiple Vulnerabilities
flashlight free edition - (LFI/SQL) Multiple Vulnerabilities
propertymax pro free (SQL/XSS) Multiple Vulnerabilities
propertymax pro free - (SQL/XSS) Multiple Vulnerabilities
podcast generator <= 1.2 - globals[] Multiple Vulnerabilities
podcast generator <= 1.2 - globals[] - Multiple Vulnerabilities
kloxo 5.75 (24 issues) Multiple Vulnerabilities
kloxo 5.75 - (24 issues) Multiple Vulnerabilities
virtue news (SQL/XSS) Multiple Vulnerabilities
virtue news - (SQL/XSS) Multiple Vulnerabilities
mrcgiguy the ticket system 2.0 php Multiple Vulnerabilities
mrcgiguy the ticket system 2.0 php - Multiple Vulnerabilities
mrcgiguy freeticket (ch/SQL) Multiple Vulnerabilities
mrcgiguy freeticket - (ch/SQL) Multiple Vulnerabilities
impleo music collection 2.0 (SQL/XSS) Multiple Vulnerabilities
impleo music collection 2.0 - (SQL/XSS) Multiple Vulnerabilities
kasseler CMS (fd/XSS) Multiple Vulnerabilities
kasseler CMS - (fd/XSS) Multiple Vulnerabilities
tribiq CMS 5.0.12c (XSS/LFI) Multiple Vulnerabilities
tribiq CMS 5.0.12c - (XSS/LFI) Multiple Vulnerabilities
Virtue Online Test Generator (AB/SQL/XSS) Multiple Vulnerabilities
Virtue Online Test Generator - (AB/SQL/XSS) Multiple Vulnerabilities
Linux Kernel <= 2.6.28.3 - set_selection() UTF-8 Off By One Local Exploit (x86-64)
Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 & Fedora Core 10) (x86-64) - set_selection() UTF-8 Off By One Local Exploit
Siteframe CMS 3.2.x SQL Injection/phpinfo() Multiple Vulnerabilities
Siteframe CMS 3.2.x - (SQL Injection/phpinfo()) Multiple Vulnerabilities
citrix xencenterweb - (XSS/SQL/rce) Multiple Vulnerabilities
citrix xencenterweb - (XSS/SQL/RCE) Multiple Vulnerabilities
FreeBSD 6/8 (ata device) Local Denial of Service Exploit
FreeBSD 6/8 - (ata device) Local Denial of Service Exploit
good/bad vote (XSS/LFI) Multiple Vulnerabilities
good/bad vote - (XSS/LFI) Multiple Vulnerabilities
Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux / RHEL5 - Test Kernel Local Root Exploit (0day)
Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Kernel Local Root Exploit (0day)
mcshoutbox 1.1 (SQL/XSS/shell) Multiple Vulnerabilities
mcshoutbox 1.1 - (SQL/XSS/shell) Multiple Vulnerabilities
DD-WRT (httpd service) Remote Command Execution Vulnerability
DD-WRT - (httpd service) Remote Command Execution Vulnerability
tenrok 1.1.0 (udd/rce) Multiple Vulnerabilities
tenrok 1.1.0 - (udd/RCE) Multiple Vulnerabilities
logoshows bbs 2.0 (dd/ich) Multiple Vulnerabilities
logoshows bbs 2.0 - (DD/ich) Multiple Vulnerabilities
Linux Kernel 2.x - sock_sendpage() Local Ring0 Root Exploit (1)
Linux Kernel 2.x (Redhat) - sock_sendpage() Ring0 Local Root Exploit (1)
Linux Kernel 2.4 / 2.6 - sock_sendpage() ring0 Root Exploit (1)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - sock_sendpage() ring0 Root Exploit (1)
Linux Kernel <= 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure
Linux Kernel <= 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure Proof of Concept
Linux Kernel 2.6 < 2.6.19 - (32-bit) ip_append_data() ring0 Root Exploit
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6) - (32-bit) ip_append_data() ring0 Root Exploit
Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (PPC Edition)
Linux Kernel 2.4.x / 2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SUSE 10 SP2/11 / Ubuntu 8.10) - sock_sendpage() Local Root (PPC)
Linux Kernel < 2.6.19 - udp_sendmsg Local Root Exploit (x86/x64)
Linux Kernel < 2.6.19 - udp_sendmsg Local Root Exploit
Linux Kernel < 2.6.19 (x86/x64) - udp_sendmsg Local Root Exploit
Linux Kernel < 2.6.19 (Debian 4) - udp_sendmsg Local Root Exploit
Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (2)
Linux Kernel 2.4 / 2.6 (Fedora 11) - sock_sendpage() Local Root Exploit (2)
Joomla Hotel Booking System - XSS/SQL Injection Multiple Vulnerabilities
Joomla Hotel Booking System - (XSS/SQL Injection) Multiple Vulnerabilities
Alteon OS BBI (Nortell) - Multiple Vulnerabilities XSS and CSRF
Alteon OS BBI (Nortell) - (XSS and CSR) Multiple Vulnerabilities
Linux Kernel - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty
Linux Kernel - 'pipe.c' Local Privilege Escalation Vulnerability
Linux Kernel 2.6.x - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty
Linux Kernel <= 2.6.32 - 'pipe.c' Local Privilege Escalation Vulnerability
Linux Kernel - 'unix_stream_connect()' Local Denial of Service Vulnerability
Linux Kernel <= 2.6.31.4 - 'unix_stream_connect()' Local Denial of Service Vulnerability
Unreal Tournament 2004 - _Secure_ Overflow
Unreal Tournament 2004 - 'Secure' Overflow
VMWare Fusion <= 2.0.5 - vmx86 kext Local kernel Root Exploit
VMWare Fusion <= 2.0.5 - vmx86 kext Kernel Local Root Exploit
PHP < 5.3.1 - _multipart/form-data_ Denial of Service Exploit (Python)
PHP < 5.3.1 - 'multipart/form-data' Denial of Service Exploit (Python)
sugar crm 5.5.0.rc2 and 5.2.0j Multiple Vulnerabilities
sugar crm 5.5.0.rc2 and 5.2.0j - Multiple Vulnerabilities
Huawei MT882 Modem/Router Multiple Vulnerabilities
Huawei MT882 Modem/Router - Multiple Vulnerabilities
DigitalHive Multiple Vulnerabilities
DigitalHive - Multiple Vulnerabilities
zabbix server Multiple Vulnerabilities
zabbix server - Multiple Vulnerabilities
Ez Faq Maker Multiple Vulnerabilities
Ez Faq Maker - Multiple Vulnerabilities
Ez Blog 1.0 - XSS/CSRF Multiple Vulnerabilities
Ez Blog 1.0 - (XSS/CSRF) Multiple Vulnerabilities
Recipe Script 5.0 - Shell Upload/CSRF/XSS Multiple Vulnerabilities
Recipe Script 5.0 - (Shell Upload/CSRF/XSS) Multiple Vulnerabilities
eUploader PRO 3.1.1 - CSRF/XSS Multiple Vulnerabilities
eUploader PRO 3.1.1 - (CSRF/XSS) Multiple Vulnerabilities
Horde 3.3.5 - _PHP_SELF_ XSS Vulnerability
Horde 3.3.5 - 'PHP_SELF' XSS Vulnerability
Lizard Cart Upload Shell Vulnerability
Lizard Cart - Upload Shell Vulnerability
Mega Upload Upload Shell Vulnerability
Mega Upload 1.45 - Upload Shell Vulnerability
MyCart shopping cart Upload Shell Vulnerability
oscommerce <= 2.2rc2a Bypass/Create and Download Backup Vulnerability
MyCart shopping cart - Upload Shell Vulnerability
osCommerce <= 2.2rc2a - Bypass/Create and Download Backup Vulnerability
gallery_show.asp GID suffer from Blind SQL Injection Vulnerability
gallery_show.asp - GID Blind SQL Injection Vulnerability
Mini-NUKE 2.3 - Freehost Multiple Vulnerabilities
Mini-NUKE 2.3 Freehost - Multiple Vulnerabilities
VirtualDJ Trial 6.0.6 - _New Year Edition_ - (.m3u) Exploit (0day)
VirtualDJ Trial 6.0.6 - 'New Year Edition' - (.m3u) Exploit (0day)
PHPDirector Game Edition 0.1 - Multiple Vulnerabilities (LFI/SQLi/XSS)
PHPDirector Game Edition 0.1 - (LFI/SQLi/XSS) Multiple Vulnerabilities
Docebo 3.6.0.2 (stable) Local File Inclusion
Docebo 3.6.0.2 (stable) - Local File Inclusion
CLONEBID B2B Marketplace Multiple Vulnerabilities
ITechSctipts Alibaba Clone Multiple Vulnerabilities
CLONEBID B2B Marketplace - Multiple Vulnerabilities
ITechSctipts Alibaba Clone - Multiple Vulnerabilities
ManageEngine OpUtils 5 - _Login.DO_ SQL Injection Vulnerability
ManageEngine OpUtils 5 - 'Login.DO' SQL Injection Vulnerability
CMS by MyWorks Multiple Vulnerabilities
CMS by MyWorks - Multiple Vulnerabilities
DZ Auktionshaus _V4.rgo_ (id) news.php - SQL Injection Vulnerability
DZ Auktionshaus 'V4.rgo' (id) news.php - SQL Injection Vulnerability
PhpCityPortal Multiple Vulnerabilities
PhpCityPortal - Multiple Vulnerabilities
Joomla Component com_ckforms Multiple Vulnerabilities
Joomla Component com_ckforms - Multiple Vulnerabilities
Joomla Component com_vxdate Multiple Vulnerabilities
Joomla Component com_vxdate - Multiple Vulnerabilities
Adult Video Site Script Multiple Vulnerabilities
Adult Video Site Script - Multiple Vulnerabilities
iOS Safari - Bad _VML_ Remote DoS
iOS Safari - Bad 'VML' Remote DoS
Linux Kernel <= 2.6.34-rc3 ReiserFS xattr - Privilege Escalation
Linux Kernel <= 2.6.34-rc3 ReiserFS xattr (Redhat/Ubuntu 9.10) - Privilege Escalation
vBulletin _Cyb - Advanced Forum Statistics_ DoS
vBulletin 'Cyb - Advanced Forum Statistics' DoS
dl_stats Multiple Vulnerabilities
dl_stats - Multiple Vulnerabilities
avtech software (avc781viewer.dll) ActiveX Multiple Vulnerabilities
avtech software (avc781viewer.dll) ActiveX - Multiple Vulnerabilities
lanewsfactory Multiple Vulnerabilities
lanewsfactory - Multiple Vulnerabilities
MacOS X 10.6 HFS File System Attack (Denial of Service)
MacOS X 10.6 - HFS File System Attack (Denial of Service)
WFTPD Server 3.30 - Multiple Vulnerabilities (0day)
WFTPD Server 3.30 - (0day) Multiple Vulnerabilities
CompactCMS 1.4.0 (tiny_mce) Remote File Upload
CompactCMS 1.4.0 (tiny_mce) - Remote File Upload
Tainos Multiple Vulnerabilities
Tainos - Multiple Vulnerabilities
Joomla Component com_event Multiple Vulnerabilities
Joomla Component com_event - Multiple Vulnerabilities
B-Hind CMS (tiny_mce) Remote File Upload
B-Hind CMS (tiny_mce) - Remote File Upload
ComponentOne VSFlexGrid 7 & 8 - _Archive()_ method Remote Buffer Overflow Exploit
ComponentOne VSFlexGrid 7 & 8 - 'Archive()' method Remote Buffer Overflow Exploit
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - _PORT_ Command Remote DoS
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - 'PORT' Command Remote DoS
Blaze Apps Multiple Vulnerabilities
Blaze Apps - Multiple Vulnerabilities
Joomla Component My Car Multiple Vulnerabilities
Joomla Component My Car - Multiple Vulnerabilities
Marketing Web Design Multiple Vulnerabilities
Marketing Web Design - Multiple Vulnerabilities
Aim Web Design Multiple Vulnerabilities
Aim Web Design - Multiple Vulnerabilities
Zeeways Script Multiple Vulnerabilities
Zeeways Script - Multiple Vulnerabilities
QuickTalk 1.2 - Multiple Vulnerabilities (Source Code Disclosure)
QuickTalk 1.2 - (Source Code Disclosure) Multiple Vulnerabilities
Joomla Component ChronoConnectivity
Joomla Component ChronoForms (com_chronocontact)
Joomla Component ChronoConnectivity (com_chronoconnectivity) - Blind SQL Injection Vulnerability
Joomla Component ChronoForms (com_chronocontact) - Blind SQL Injection Vulnerability
Simple Posting System Multiple Vulnerabilities
Simple Posting System - Multiple Vulnerabilities
Joomla Component com_djartgallery Multiple Vulnerabilities
Joomla Component com_djartgallery - Multiple Vulnerabilities
Miniweb 2.0 Business Portal and Social Networking Platform SQL Injection
Miniweb 2.0 Business Portal and Social Networking Platform - SQL Injection
E-PHP B2B Marketplace Multiple Vulnerabilities
E-PHP B2B Marketplace - Multiple Vulnerabilities
DaLogin Multiple Vulnerabilities
DaLogin - Multiple Vulnerabilities
Novell iManager Multiple Vulnerabilities
Novell iManager - Multiple Vulnerabilities
2DayBiz Video Community portal - _user-profile.php_ SQL Injection Vulnerability
2DayBiz Real Estate Portal - _viewpropertydetails.php_ SQL injection
2DayBiz Video Community portal - 'user-profile.php' SQL Injection Vulnerability
2DayBiz Real Estate Portal - 'viewpropertydetails.php' SQL injection
NO-IP.com Dynamic DNS Update Client 2.2.1 - _Request_ Insecure Encoding Algorithm
NO-IP.com Dynamic DNS Update Client 2.2.1 - 'Request' Insecure Encoding Algorithm
TCW PHP Album Multiple Vulnerabilities
Esoftpro Online Guestbook Pro Multiple Vulnerabilities
TCW PHP Album - Multiple Vulnerabilities
Esoftpro Online Guestbook Pro - Multiple Vulnerabilities
Esoftpro Online Contact Manager Multiple Vulnerabilities
Esoftpro Online Contact Manager - Multiple Vulnerabilities
Joomla Component Sef (com_sef) - LFI Vulnerability
Joomla Component SEF (com_sef) - Local File Inclusion Vulnerability
artforms 2.1b7.2 rc2 joomla component Multiple Vulnerabilities
artforms 2.1b7.2 rc2 joomla component - Multiple Vulnerabilities
Qt 4.6.3 - _QSslSocketBackendPrivate::transmit()_ Denial of Service
Qt 4.6.3 - 'QSslSocketBackendPrivate::transmit()' Denial of Service
Macs CMS 1.1.4 - Multiple Vulnerabilities (XSS/CSRF)
Macs CMS 1.1.4 - (XSS/CSRF) Multiple Vulnerabilities
GetSimple CMS 2.01 - Multiple Vulnerabilities (XSS/CSRF)
Ubuntu 9.10 (Karmic Koala) & 10.04 LTS (Lucid Lynx) PAM 1.1.0 MOTD - Local Root Exploit
GetSimple CMS 2.01 - (XSS/CSRF) Multiple Vulnerabilities
PAM 1.1.0 MOTD (Ubuntu 9.10/10.04) - Local Root Exploit
Joomla Component QContacts (com_qcontacts) SQL Injection Vulnerability
Joomla Component QContacts (com_qcontacts) - SQL Injection Vulnerability
Ubuntu 10.04 LTS - Lucid Lynx ftp Client 0.17-19build1 ACCT - Buffer Overflow
ftp Client 0.17-19build1 ACCT (Ubuntu 10.04) - Buffer Overflow
Microsoft Windows - Win32k.sys Driver _CreateDIBPalette()_ Buffer Overflow
Microsoft Windows - Win32k.sys Driver 'CreateDIBPalette()' Buffer Overflow
Easy FTP - BoF Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands
Zendesk Multiple Vulnerabilities
Easy FTP 1.7.0.11 - BoF Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands
Zendesk - Multiple Vulnerabilities
Mediacoder 0.7.5.4710 - _Universal_ SEH Buffer Overflow Exploit
Mediacoder 0.7.5.4710 - 'Universal' SEH Buffer Overflow Exploit
Simple Forum PHP Multiple Vulnerabilities
Simple Forum PHP - Multiple Vulnerabilities
Linux Kernel < 2.6.36-rc1 CAN BCM - Privilege Escalation Exploit
Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32-21) - Privilege Escalation Exploit
Apple QuickTime __Marshaled_pUnk_ Backdoor Param Client-Side Arbitrary Code Execution
Apple QuickTime '_Marshaled_pUnk' Backdoor Param Client-Side Arbitrary Code Execution
Adobe Acrobat Reader and Flash Player - _newclass_ invalid pointer
Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer
Shop a la Cart Multiple Vulnerabilities
Shop a la Cart - Multiple Vulnerabilities
ifnuke - Multiple Vulnerabilities (0day)
ifnuke - (0day) Multiple Vulnerabilities
dynpage <= 1.0 - Multiple Vulnerabilities (0day)
dynpage <= 1.0 - (0day) Multiple Vulnerabilities
sirang web-based d-control Multiple Vulnerabilities
sirang web-based d-control - Multiple Vulnerabilities
Microsoft Office Visio - .DXF File Stack based Overflow
Microsoft Office Visio 2002 - .DXF File Stack based Overflow
Mozilla Firefox - XSLT Sort Remote Code Execution Vulnerability
Mozilla Firefox 3.6.3 - XSLT Sort Remote Code Execution Vulnerability
Zeeways Adserver Multiple Vulnerabilities
Zeeways Adserver - Multiple Vulnerabilities
Microsoft Office Word 2007 - sprmCMajority Buffer Overflow
Microsoft Office Word 2007 SP2 - sprmCMajority Buffer Overflow
Adobe Acrobat and Reader - _pushstring_ Memory Corruption
Adobe Acrobat and Reader - 'pushstring' Memory Corruption
Linux Kernel 2.6.27 < 2.6.36 - x86_64 compat Local Root Exploit
Linux Kernel 2.6.27 < 2.6.36 (x86_64) (Redhat) - compat Local Root Exploit
Firefox Plugin Parameter EnsureCachedAttrParamArrays - Remote Code Execution
Firefox 3.6.4 - Plugin Parameter EnsureCachedAttrParamArrays - Remote Code Execution
xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection _reviews.php_
xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection 'reviews.php'
Java CMM readMabCurveData - Stack Overflow
Java 6.19 CMM readMabCurveData - Stack Overflow
Microsoft drm technology (msnetobj.dll) ActiveX Multiple Vulnerabilities
RarCrack 0.2 - _filename_ init() .bss PoC
Microsoft drm technology (msnetobj.dll) ActiveX - Multiple Vulnerabilities
RarCrack 0.2 - 'filename' init() .bss PoC
je guestbook 1.0 joomla component Multiple Vulnerabilities
je guestbook 1.0 joomla component - Multiple Vulnerabilities
Allpc 2.5 osCommerce SQL/XSS Multiple Vulnerabilities
Allpc 2.5 osCommerce - (SQL/XSS) Multiple Vulnerabilities
Linux Kernel < 2.6.36-rc6 - pktcdvd Kernel Memory Disclosure
Linux Kernel < 2.6.36-rc6 (Redhat/Ubuntu 10.04) - pktcdvd Kernel Memory Disclosure Proof of Concept
TradeMC E-Ticaret SQL and XSS Multiple Vulnerabilities
TradeMC E-Ticaret (SQL/XSS) Multiple Vulnerabilities
Cag CMS 0.2 - XSS & Blind SQL Injection Multiple Vulnerabilities
Cag CMS 0.2 - (XSS/Blind SQL Injection) Multiple Vulnerabilities
js calendar 1.5.1 joomla component Multiple Vulnerabilities
js calendar 1.5.1 joomla component - Multiple Vulnerabilities
Oracle Java 6 - OBJECT tag _launchjnlp_/_docbase_ Param Buffer Overflow Exploit
Oracle Java 6 - OBJECT tag 'launchjnlp'/'docbase' Param Buffer Overflow Exploit
Linux Kernel - VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability
Linux Kernel <= 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability
Sybase Advantage Data Architect - _*.SQL_ Format Heap Oveflow
Sybase Advantage Data Architect - '*.SQL' Format Heap Oveflow
Minishare 1.5.5 - Buffer Overflow Vulnerability (users.txt)
Minishare 1.4.0 - 1.5.5 - Buffer Overflow Vulnerability (users.txt)
Linux Kernel - Stack Infoleaks Vulnerability
Linux Kernel <= 2.4.0 - Stack Infoleaks Vulnerability
Joomla Component ccBoard 1.2-RC Multiple Vulnerabilities
Joomla Component ccBoard 1.2-RC - Multiple Vulnerabilities
CLANSPHERE 2010.0 Final Multiple Vulnerabilities
CLANSPHERE 2010.0 Final - Multiple Vulnerabilities
Linux Kernel - 'setup_arg_pages()' Denial of Service Vulnerability
Linux Kernel <= 2.6.37 - 'setup_arg_pages()' Denial of Service Vulnerability
Linux Kernel - Unix Sockets Local Denial of Service
Linux Kernel <= 2.6.37 - Unix Sockets Local Denial of Service
Site2Nite Big Truck Broker _txtSiteId_ SQL Injection Vulnerability
Site2Nite Big Truck Broker - 'txtSiteId' SQL Injection Vulnerability
Linux Kernel <= 2.6.37 - Local Privilege Escalation (Full Nelson)
Linux Kernel <= 2.6.37 (Redhat / Ubuntu 10.04) - 'Full Nelson' Local Privilege Escalation
Habari Blog Multiple Vulnerabilities
Habari Blog - Multiple Vulnerabilities
Linux Kernel 2.6.34 - CAP_SYS_ADMIN x86 - Local Privilege Escalation Exploit
Linux Kernel < 2.6.34 (Ubuntu 10.10) - CAP_SYS_ADMIN x86 - Local Privilege Escalation Exploit (1)
F3Site 2011 alfa 1 - Multiple Vulnerabilities (XSS & CSRF)
phpMySport 1.4 - Multiple Vulnerabilities (SQLi & Auth Bypass & Path Disclosure)
F3Site 2011 alfa 1 - (XSS & CSRF) Multiple Vulnerabilities
phpMySport 1.4 - (SQLi & Auth Bypass & Path Disclosure) Multiple Vulnerabilities
Linux Kernel < 2.6.34 - CAP_SYS_ADMIN x86 & x64 - Local Privilege Escalation Exploit (2)
Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 110.10) - Local Privilege Escalation Exploit (2)
Comcast DOCSIS 3.0 Business Gateways Multiple Vulnerabilities
Comcast DOCSIS 3.0 Business Gateways - Multiple Vulnerabilities
T-Content Managment System Multiple Vulnerabilities
T-Content Managment System - Multiple Vulnerabilities
Samba _username map script_ Command Execution
Samba 'username map script' Command Execution
Adobe CoolType SING Table _uniqueName_ Stack Buffer Overflow
Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow
Microsoft Internet Explorer - _Aurora_ Memory Corruption
Microsoft Internet Explorer - 'Aurora' Memory Corruption
Adobe Flash Player _newfunction_ Invalid Pointer Use
Adobe Flash Player - 'newfunction' Invalid Pointer Use
Adobe CoolType SING Table _uniqueName_ Stack Buffer Overflow
Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow
Adobe Flash Player _Button_ Remote Code Execution
Adobe Flash Player - 'Button' Remote Code Execution
Adobe Flash Player _newfunction_ Invalid Pointer Use
Adobe Flash Player - 'newfunction' Invalid Pointer Use
Unreal Tournament 2004 - _secure_ Overflow (Win32)
Unreal Tournament 2004 - 'secure' Overflow (Windows)
Unreal Tournament 2004 - _secure_ Overflow (Linux)
Unreal Tournament 2004 - 'secure' Overflow (Linux)
Tugux CMS 1.0_final Multiple Vulnerabilities
Tugux CMS 1.0_final - Multiple Vulnerabilities
Honey Soft Web Solution Multiple Vulnerabilities
Honey Soft Web Solution - Multiple Vulnerabilities
Joomla JCE Component (com_jce) Blind SQL Injection Vulnerability
Joomla JCE Component (com_jce) - Blind SQL Injection Vulnerability
Parnian Opendata CMS SQL Injection Vulnerability
Parnian Opendata CMS - SQL Injection Vulnerability
Time and Expense Management System Multiple Vulnerabilities
Time and Expense Management System - Multiple Vulnerabilities
ZyWALL USG - Appliance Multiple Vulnerabilities
ZyWALL USG - Appliance - Multiple Vulnerabilities
Cisco Unified Operations Manager Multiple Vulnerabilities
Microsoft Windows Vista/Server 2008 - _nsiproxy.sys_ Local Kernel DoS Exploit
Cisco Unified Operations Manager - Multiple Vulnerabilities
Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel DoS Exploit
HP Data Protector Client EXEC_SETUP Remote Code Execution PoC (ZDI-11-056)
HP Data Protector Client 6.11 - EXEC_SETUP Remote Code Execution PoC (ZDI-11-056)
HP Data Protector Client EXEC_CMD Remote Code Execution PoC (ZDI-11-055)
HP Data Protector Client 6.11 - EXEC_CMD Remote Code Execution PoC (ZDI-11-055)
Mozilla Firefox - _nsTreeRange_ Dangling Pointer Exploit
Mozilla Firefox - 'nsTreeRange' Dangling Pointer Exploit
Ollance Member Login Script Multiple Vulnerabilities
Ollance Member Login Script - Multiple Vulnerabilities
Adobe Reader X Atom Type Confusion Vulnerability Exploit
Adobe Reader X 10.0.0 - 10.0.1 - Atom Type Confusion Vulnerability Exploit
Mozilla Firefox _nsTreeRange_ Dangling Pointer Vulnerability
Mozilla Firefox - 'nsTreeRange' Dangling Pointer Vulnerability
Tradingeye E-commerce Shopping Cart Multiple Vulnerabilities
Tradingeye E-commerce Shopping Cart - Multiple Vulnerabilities
CA ARCserve D2D r15 GWT RPC Multiple Vulnerabilities
Safari - SVG DOM Processing PoC
CA ARCserve D2D r15 GWT RPC - Multiple Vulnerabilities
Safari 5.0.6_ 5.1 - SVG DOM Processing PoC
Link Station Pro Multiple Vulnerabilities
Link Station Pro - Multiple Vulnerabilities
Cart Software Multiple Vulnerabilities
Cart Software - Multiple Vulnerabilities
Omnistar Mailer Multiple Vulnerabilities
Omnistar Mailer - Multiple Vulnerabilities
Linux Kernel - 'perf_count_sw_cpu_clock' event Denial of Service
Linux Kernel 3.0.0 - 'perf_count_sw_cpu_clock' event Denial of Service
Linux Kernel < 2.6.36.2 - Econet Privilege Escalation Exploit
Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - Econet Privilege Escalation Exploit
MYRE Real Estate Software Multiple Vulnerabilities
MYRE Real Estate Software - Multiple Vulnerabilities
Cisco TelePresence Multiple Vulnerabilities - SOS-11-010
Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities
FreeBSD UIPC socket heap Overflow proof-of-concept
FreeBSD - UIPC socket heap Overflow Proof of Concept
GotoCode Online Bookstore Multiple Vulnerabilities
GotoCode Online Bookstore - Multiple Vulnerabilities
DivX Plus Web Player _file://_ Buffer Overflow Vulnerability PoC
DivX Plus Web Player - 'file://' Buffer Overflow Vulnerability PoC
EFront <= 3.6.9 Community Edition Multiple Vulnerabilities
EFront <= 3.6.9 Community Edition - Multiple Vulnerabilities
GotoCode Online Classifieds Multiple Vulnerabilities
GotoCode Online Classifieds - Multiple Vulnerabilities
6kbbs Multiple Vulnerabilities
6kbbs - Multiple Vulnerabilities
POSH Multiple Vulnerabilities
POSH - Multiple Vulnerabilities
NoNumber Framework Joomla! Plugin Multiple Vulnerabilities
NoNumber Framework Joomla! Plugin - Multiple Vulnerabilities
Uiga Personal Portal Multiple Vulnerabilities
Uiga Personal Portal - Multiple Vulnerabilities
Barter Sites 1.3 Joomla Component Multiple Vulnerabilities
Barter Sites 1.3 Joomla Component - Multiple Vulnerabilities
zFTP Server _cwd/stat_ Remote Denial-of-Service
zFTP Server - 'cwd/stat' Remote Denial-of-Service
JEEMA Sms 3.2 Joomla Component Multiple Vulnerabilities
Vik Real Estate 1.0 Joomla Component Multiple Vulnerabilities
JEEMA Sms 3.2 Joomla Component - Multiple Vulnerabilities
Vik Real Estate 1.0 Joomla Component - Multiple Vulnerabilities
ZTE ZXDSL 831IIV7.5.0a_Z29_OV Multiple Vulnerabilities
ZTE ZXDSL 831IIV7.5.0a_Z29_OV - Multiple Vulnerabilities
osCSS2 - __ID_ parameter Local file inclusion
osCSS2 - '_ID' parameter Local file inclusion
Infoproject Business Hero Multiple Vulnerabilities
Infoproject Business Hero - Multiple Vulnerabilities
SugarCRM CE <= 6.3.1 - _unserialize()_ PHP Code Execution
SugarCRM CE <= 6.3.1 - 'unserialize()' PHP Code Execution
ARYADAD Multiple Vulnerabilities
Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) - Mempodipper Local Root (1)
ARYADAD - Multiple Vulnerabilities
Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) (Gentoo / Ubuntu) - Mempodipper Local Root (1)
vBSEO <= 3.6.0 - _proc_deutf()_ Remote PHP Code Injection Exploit
vBSEO <= 3.6.0 - 'proc_deutf()' Remote PHP Code Injection Exploit
swDesk Multiple Vulnerabilities
swDesk - Multiple Vulnerabilities
Fork CMS 3.2.4 - Multiple Vulnerabilities (LFI/XSS)
Fork CMS 3.2.4 - (LFI/XSS) Multiple Vulnerabilities
DFLabs PTK <= 1.0.5 - Multiple Vulnerabilities (Steal Authentication Credentials)
DFLabs PTK <= 1.0.5 - (Steal Authentication Credentials) Multiple Vulnerabilities
HomeSeer HS2 and HomeSeer PRO Multiple Vulnerabilities
HomeSeer HS2 and HomeSeer PRO - Multiple Vulnerabilities
Adobe Flash Player .mp4 - 'cprt' Overflow_
Adobe Flash Player .mp4 - 'cprt' Overflow
Wolfcms <= 0.75 - Multiple Vulnerabilities (CSRF - XSS)
Wolfcms <= 0.75 - (CSRF/XSS) Multiple Vulnerabilities
Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow_
Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow'
MailMax <= 4.6 - POP3 - _USER_ Remote Buffer Overflow Exploit (No Login Needed)
MailMax <= 4.6 - POP3 - 'USER' Remote Buffer Overflow Exploit (No Login Needed)
Samsung D6000 TV Multiple Vulnerabilities
Samsung D6000 TV - Multiple Vulnerabilities
Websense Triton Multiple Vulnerabilities
Websense Triton - Multiple Vulnerabilities
QNX phrelay/phindows/phditto Multiple Vulnerabilities
QNX phrelay/phindows/phditto - Multiple Vulnerabilities
Lynx Message Server Multiple Vulnerabilities
Lynx Message Server - Multiple Vulnerabilities
SAP Netweaver Dispatcher Multiple Vulnerabilities
SAP Netweaver Dispatcher - Multiple Vulnerabilities
elearning server 4g Multiple Vulnerabilities
elearning server 4g - Multiple Vulnerabilities
Pro-face Pro-Server EX WinGP PC Runtime Multiple Vulnerabilities
Pro-face Pro-Server EX WinGP PC Runtime - Multiple Vulnerabilities
Axous 1.1.1 - Multiple Vulnerabilities (CSRF - Persistent XSS)
Axous 1.1.1 - (CSRF/Persistent XSS) Multiple Vulnerabilities
Active Collab _chat module_ <= 2.3.8 - Remote PHP Code Injection Exploit
Active Collab 'chat module' <= 2.3.8 - Remote PHP Code Injection Exploit
SunOS <= 4.1.3 kmem setgid /etc/crash Vulnerability
SunOS <= 4.1.3 - kmem setgid /etc/crash Vulnerability
Linux kernel 2.0/2.1 - SIGIO Vulnerability
Linux Kernel 2.0 / 2.1 - SIGIO Vulnerability
Digital UNIX <= 4.0 D_FreeBSD <= 2.2.4_HP HP-UX 10.20/11.0_IBM AIX <= 3.2.5_Linux kernel 2.0/2.1_NetBSD 1.2_Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability
Linux Kernel 2.0/2.1_ Digital UNIX <= 4.0 D_ FreeBSD <= 2.2.4_ HP HP-UX 10.20/11.0_ IBM AIX <= 3.2.5_ NetBSD 1.2_ Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability
Microsoft Windows - _April Fools 2001_ Vulnerability
Microsoft Windows - 'April Fools 2001' Vulnerability
Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 RAS Dial-up Networking _Save Password_ Vulnerability
Microsoft Windows NT <= 4.0 SP5_Terminal Server 4.0 - _Pass the Hash_ with Modified SMB Client Vulnerability
Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - RAS Dial-up Networking 'Save Password' Vulnerability
Microsoft Windows NT <= 4.0 SP5_Terminal Server 4.0 - 'Pass the Hash' with Modified SMB Client Vulnerability
Linux Kernel 2.2/2.3 / Debian Linux 2.1 / RedHat Linux 6.0 / S.u.S.E. Linux 6.1 - IP Options Vulnerability
Linux kernel 2.0/2.1/2.2 - autofs Vulnerability
Linux Kernel 2.0 / 2.1 / 2.2 - autofs Vulnerability
QNAP Turbo NAS 3.6.1 Build 0302T Multiple Vulnerabilities
QNAP Turbo NAS 3.6.1 Build 0302T - Multiple Vulnerabilities
Linux kernel 2.0 - TCP Port DoS Vulnerability
Linux kernel 2.2 - ldd core Vulnerability
Linux Kernel 2.0 - TCP Port DoS Vulnerability
Linux Kernel 2.2 - ldd core Force Reboot Vulnerability
Linux kernel 2.0.33 - IP Fragment Overlap Vulnerability
Linux Kernel 2.0.33 - IP Fragment Overlap Vulnerability
Linux kernel 2.0/2.0.33 - i_count Overflow Vulnerability
Linux Kernel 2.0 / 2.0.33 - i_count Overflow Proof of Concept
IBM System Storage DS Storage Manager Profiler Multiple Vulnerabilities
IBM System Storage DS Storage Manager Profiler - Multiple Vulnerabilities
Linux kernel 2.0.37 - Segment Limit Vulnerability
Linux Kernel 2.0.37 - Segment Limit Local Root Vulnerability
BSD/OS <= 4.0_FreeBSD <= 3.2_Linux kernel <= 2.3_NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability
Linux Kernel <= 2.3_ BSD/OS <= 4.0_ FreeBSD <= 3.2_ NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability
Quinn _the Eskimo_ and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Vulnerability
Quinn 'the Eskimo' and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Vulnerability
Fujitsu Chocoa 1.0 beta7R _Topic_ Buffer Overflow Vulnerability
Fujitsu Chocoa 1.0 beta7R - 'Topic' Buffer Overflow Vulnerability
Linux kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing Vulnerability
Linux Kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing Vulnerability
Microsoft Internet Explorer 5.0 - ActiveX _Object for constructing type libraries for scriptlets_ Vulnerability
Microsoft Internet Explorer 5.0 - ActiveX 'Object for constructing type libraries for scriptlets' Vulnerability
Microsoft Internet Explorer 4.0/5.0 - ActiveX _Eyedog_ Vulnerability
Microsoft Internet Explorer 4.0/5.0 - ActiveX 'Eyedog' Vulnerability
Linux kernel 2.2 - Predictable TCP Initial Sequence Number Vulnerability
Linux Kernel 2.2 - Predictable TCP Initial Sequence Number Vulnerability
MediaHouse Software Statistics Server 4.28/5.1 - _Server ID_ Buffer Overflow Vulnerability
MediaHouse Software Statistics Server 4.28/5.1 - 'Server ID' Buffer Overflow Vulnerability
Tiki Wiki CMS Groupware <= 8.3 - _unserialize()_ PHP Code Execution
Tiki Wiki CMS Groupware <= 8.3 - 'unserialize()' PHP Code Execution
Debian 2.1_Linux kernel 2.0.x_RedHat 5.2 - Packet Length with Options Vulnerability
Debian 2.1_ Linux Kernel 2.0.x_ RedHat 5.2 - Packet Length with Options Vulnerability
Linux Kernel - fs/eventpoll.c Local Denial of Service
Linux Kernel <= 3.2.24 - fs/eventpoll.c Local Denial of Service
Netscape Enterprise Server _Novell Groupwise 5.2/5.5 GWWEB.EXE Multiple Vulnerabilities
Netscape Enterprise Server_ Novell Groupwise 5.2/5.5 GWWEB.EXE - Multiple Vulnerabilities
Netsweeper WebAdmin Portal Multiple Vulnerabilities
Netsweeper WebAdmin Portal - Multiple Vulnerabilities
Check Point Software Firewall-1 3.0/1 4.0_Cisco PIX Firewall 4.x/5.x _ALG_ Client Vulnerability
Check Point Software Firewall-1 3.0/1 4.0_Cisco PIX Firewall 4.x/5.x - 'ALG' Client Vulnerability
gpm 1.18.1/1.19_Debian 2.x_RedHat 6.x_S.u.S.E 5.3/6.x gpm Setgid Vulnerability
gpm 1.18.1/1.19_ Debian 2.x_ RedHat 6.x_ S.u.S.E 5.3/6.x gpm Setgid Vulnerability
Linux kernel 2.2.12/2.2.14/2.3.99_RedHat 6.x - Socket Denial of Service
Linux Kernel 2.2.12/2.2.14/2.3.99_ RedHat 6.x - Socket Denial of Service
Linux Kernel - Sendpage Local Privilege Escalation
Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - Sendpage Local Privilege Escalation (Metasploit)
kernel 2.2.x/2.4 .0-test1_SGI ProPack 1.2/1.3 - Capabilities Vulnerability (1)
kernel 2.2.x/2.4 .0-test1_SGI ProPack 1.2/1.3 - Capabilities Vulnerability (2)
Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1)
Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2)
Cart32 3.0 - _expdate_ Administrative Information Disclosure Vulnerability
Cart32 3.0 - 'expdate' Administrative Information Disclosure Vulnerability
DALnet Bahamut IRCd 4.6.5 - _SUMMON_ Buffer Overflow Vulnerability
DALnet Bahamut IRCd 4.6.5 - 'SUMMON' Buffer Overflow Vulnerability
BitchX IRC Client 75p1/75p3/1.0 c16 - _/INVITE_ Format String Vulnerability
BitchX IRC Client 75p1/75p3/1.0 c16 - '/INVITE' Format String Vulnerability
CVSWeb Developer CVSWeb 1.80 insecure perl _open_ Vulnerability
CVSWeb Developer CVSWeb 1.80 - Insecure perl 'open' Vulnerability
Microsoft IIS 5.0 - _Translate: f_ Source Disclosure Vulnerability (1)
Microsoft IIS 5.0 - _Translate: f_ Source Disclosure Vulnerability (2)
Microsoft IIS 5.0 - 'Translate: f' Source Disclosure Vulnerability (1)
Microsoft IIS 5.0 - 'Translate: f' Source Disclosure Vulnerability (2)
Solaris 2.6/7.0 - _eject_ Exploit for locale subsystem format string
Solaris 2.6/7.0 - 'eject' Exploit for locale subsystem format string
UoW Pine 4.0.4/4.10/4.21 - _From:_ Field Buffer Overflow Vulnerability
UoW Pine 4.0.4/4.10/4.21 - 'From:' Field Buffer Overflow Vulnerability
Microsoft Windows NT 4.0 / 2000 Predictable LPC Message Identifier Multiple Vulnerabilities
Microsoft Windows NT 4.0 / 2000 Predictable LPC Message Identifier - Multiple Vulnerabilities
Tickets CAD 2.20G Multiple Vulnerabilities
Tickets CAD 2.20G - Multiple Vulnerabilities
Cisco IOS 12 - Software _?/_ HTTP Request DoS Vulnerability
Cisco IOS 12 - Software '?/' HTTP Request DoS Vulnerability
Markus Triska CGIForum 1.0 - _thesection_ Directory Traversal Vulnerability
Markus Triska CGIForum 1.0 - 'thesection' Directory Traversal Vulnerability
Tunnelblick - Local Root Exploit
Tunnelblick - Local Root Exploit (1)
Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (1)
Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (2)
Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (3)
Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (4)
Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (1)
Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (2)
Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (3)
Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (4)
ReiserFS 3.5.28 Kernel - DoS (Possible Code Execution Vulnerability)
(Linux Kernel) ReiserFS 3.5.28 - DoS (Possible Code Execution)
Linux kernel 2.1.89/2.2.x - Zero-Length Fragment Vulnerability
Linux Kernel 2.1.89 / 2.2.x - Zero-Length Fragment Vulnerability
Linux sysctl() Kernel 2.2.x - Memory Reading Vulnerability
Linux Kernel 2.2.x - sysctl() Memory Reading Proof of Concept Vulnerability
IOServer _Root Directory_ Trailing Backslash Multiple Vulnerabilities
IOServer - ('Root Directory'/Trailing Backslash) Multiple Vulnerabilities
Linux kernel <= 2.2.18 - ptrace/execve Race Condition Vulnerability (1)
Linux kernel <= 2.2.18 - ptrace/execve Race Condition Vulnerability (2)
Linux Kernel <= 2.2.18 (RH 7.0 and RH 6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (1)
Linux Kernel <= 2.2.18 (RH 7.0 and RH 6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (2)
Linux kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion
Linux Kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion
Rit Research Labs _The Bat!_ 1.x - Missing Linefeeds DoS Vulnerability
Rit Research Labs 'The Bat!' 1.x - Missing Linefeeds DoS Vulnerability
Ad Manager Pro Multiple Vulnerabilities
Ad Manager Pro - Multiple Vulnerabilities
Linux kernel 2.2/2.4 - procfs Stream Redirection to Process Memory Vulnerability
Linux Kernel 2.2 / 2.4 - procfs Stream Redirection to Process Memory Local Root Vulnerability
HP-UX 11_Linux kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 - Small TCP MSS DoS
HP-UX 11_Linux Kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 - Small TCP MSS DoS
ID Software Quake 3 - _smurf attack_ Denial of Service Vulnerability
ID Software Quake 3 - 'smurf attack' Denial of Service Vulnerability
Linux kernel 2.2/2.4 - Deep Symbolic Link Denial of Service Vulnerability
Linux Kernel 2.2 / 2.4 - Deep Symbolic Link Denial of Service Vulnerability
Linux Kernel 2.2/2.4 - Ptrace/Setuid Exec Vulnerability
Linux Kernel 2.2 / 2.4 - Ptrace/Setuid Exec Local Root Vulnerability
Pinterest Clone Script Multiple Vulnerabilities
Pinterest Clone Script - Multiple Vulnerabilities
User-Mode Linux Kernel 2.4.17-8 - Memory Access Vulnerability
User-Mode Linux Kernel 2.4.17-8 - Memory Access Local Root Vulnerability
Sitecom MD-25x Multiple Vulnerabilities Reverse Root Shell Exploit
Sitecom MD-25x - Multiple Vulnerabilitie/ Reverse Root Shell Exploit
Ezylog Photovoltaic Management Server Multiple Vulnerabilities
Ezylog Photovoltaic Management Server - Multiple Vulnerabilities
Auxilium PetRatePro Multiple Vulnerabilities
Netsweeper WebAdmin Portal Multiple Vulnerabilities
Auxilium PetRatePro - Multiple Vulnerabilities
Netsweeper WebAdmin Portal - Multiple Vulnerabilities
Linux Kernel 2.2.x/2.3/2.4.x - d_path() Path Truncation Vulnerability
Linux Kernel 2.2.x / 2.3 / 2.4.x - d_path() Path Truncation PoC Vulnerability
Fortigate UTM WAF Appliance Multiple Vulnerabilities
Fortigate UTM WAF Appliance - Multiple Vulnerabilities
Working Resources BadBlue 1.7 EXT.DLL Cross-Site Scripting Vulnerability
Working Resources BadBlue 1.7 - EXT.DLL Cross-Site Scripting Vulnerability
Working Resources BadBlue 1.7.3 cleanSearchString() Cross-Site Scripting Vulnerability
Working Resources BadBlue 1.7.3 Get Request Denial of Service Vulnerability
Working Resources BadBlue 1.7.3 - cleanSearchString() Cross-Site Scripting Vulnerability
Working Resources BadBlue 1.7.3 - Get Request Denial of Service Vulnerability
Working Resources 1.7.3 BadBlue Null Byte File Disclosure Vulnerability
Working Resources 1.7.3 BadBlue - Null Byte File Disclosure Vulnerability
Working Resources 1.7.x BadBlue Administrative Interface Arbitrary File Access
Working Resources 1.7.x BadBlue - Administrative Interface Arbitrary File Access
Qualcomm Eudora 5 MIME Multipart Boundary Buffer Overflow Vulnerability
Qualcomm Eudora 5 - MIME Multipart Boundary Buffer Overflow Vulnerability
AFD 1.2.x Working Directory Local Buffer Overflow Vulnerabilities
AFD 1.2.x - Working Directory Local Buffer Overflow Vulnerabilities
Trillian 0.74 IRC PART Message Denial of Service Vulnerability
Trillian 0.74 - IRC PART Message Denial of Service Vulnerability
Linux Kernel 2.0.x/2.2.x/2.4.x_FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure
Linux Kernel 2.0.x/2.2.x/2.4.x / FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure
Linux Kernel 2.2.x/2.4.x - Privileged Process Hijacking Vulnerability (1)
Linux Kernel 2.2.x/2.4.x - Privileged Process Hijacking Vulnerability (2)
Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Vulnerability (1)
Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Vulnerability (2)
Invision Power Board <= 3.3.4 - _unserialize()_ PHP Code Execution
Invision Power Board <= 3.3.4 - 'unserialize()' PHP Code Execution
Linux kernel 2.2.x/2.4.x - I/O System Call File Existence Weakness
Linux Kernel 2.2.x / 2.4.x - I/O System Call File Existence Weakness
CheckPoint/Sofaware Firewall Multiple Vulnerabilities
CheckPoint/Sofaware Firewall - Multiple Vulnerabilities
Working Resources 1.7.x/2.15 BadBlue Ext.DLL Command Execution Vulnerability
Working Resources 1.7.x/2.15 BadBlue - Ext.DLL Command Execution Vulnerability
Working Resources BadBlue 1.7.x/2.x Unauthorized HTS Access Vulnerability
Working Resources BadBlue 1.7.x/2.x - Unauthorized HTS Access Vulnerability
Microsoft IIS 5 WebDAV - PROPFIND and SEARCH Method Denial of Service Vulnerability
MYRE Realty Manager Multiple Vulnerabilities
MYRE Realty Manager - Multiple Vulnerabilities
Myrephp Business Directory Multiple Vulnerabilities
MYREphp Vacation Rental Software Multiple Vulnerabilities
Myrephp Business Directory - Multiple Vulnerabilities
MYREphp Vacation Rental Software - Multiple Vulnerabilities
BabyGekko 1.2.2e Multiple Vulnerabilities
BabyGekko 1.2.2e - Multiple Vulnerabilities
Linux kernel 2.2./2.4.x - /proc Filesystem Potential Information Disclosure Vulnerability
Linux Kernel 2.2. / 2.4.x - /proc Filesystem Potential Information Disclosure Vulnerability
Linux Kernel 2.4 - execve() System Call Race Condition Vulnerability
Linux Kernel 2.4 - execve() System Call Race Condition PoC Vulnerability
Aardvark Topsites 4.1 PHP Multiple Vulnerabilities
Aardvark Topsites 4.1 PHP - Multiple Vulnerabilities
phpwcms <= 1.5.4.6 - _preg_replace_ - Multiple Vulnerabilities
phpwcms <= 1.5.4.6 - 'preg_replace' - Multiple Vulnerabilities
KAME Racoon _Initial Contact_ SA Deletion Vulnerability
lionmax software www file share pro 2.4x Multiple Vulnerabilities (1)
lionmax software www file share pro 2.4x Multiple Vulnerabilities (2)
KAME Racoon 'Initial Contact' SA Deletion Vulnerability
lionmax software www file share pro 2.4x - Multiple Vulnerabilities (1)
lionmax software www file share pro 2.4x - Multiple Vulnerabilities (2)
DUware Software Multiple Vulnerabilities
DUware Software - Multiple Vulnerabilities
Linux Kernel Samba 2.2.8 - Share Local Privilege Elevation Vulnerability
Linux Kernel Samba 2.2.8 (Debian/Mandrake) - Share Local Privilege Elevation Vulnerability
ASP Portal Multiple Vulnerabilities
ASP Portal - Multiple Vulnerabilities
Working Resources BadBlue Server 2.40 phptest.php Path Disclosure Vulnerability
Working Resources BadBlue Server 2.40 - phptest.php Path Disclosure Vulnerability
SpiderSales 2.0 Shopping Cart Multiple Vulnerabilities
SpiderSales 2.0 Shopping Cart - Multiple Vulnerabilities
WarpSpeed 4nAlbum Module 0.92 modules.php gid Parameter SQL Injection
WarpSpeed 4nAlbum Module 0.92 - modules.php gid Parameter SQL Injection
Astium VoIP PBX <= 2.1 build 25399 - Multiple Vulnerabilities Remote Root Exploit
Astium VoIP PBX <= 2.1 build 25399 - Multiple Vulnerabilities/Remote Root Exploit
Linux Kernel 2.4/2.6 - Sigqueue Blocking Denial of Service Vulnerability
Linux Kernel 2.4 / 2.6 - Sigqueue Blocking Denial of Service Vulnerability
phpBugTracker 0.9 user.php bugid Parameter XSS
phpBugTracker 0.9 - user.php bugid Parameter XSS
Linux Kernel 2.5.x/2.6.x - CPUFreq Proc Handler Integer Handling Vulnerability
Linux Kernel 2.5.x / 2.6.x - CPUFreq Proc Handler Integer Handling Vulnerability
e107 website system 0.6 - _email article to a friend_ Feature XSS
e107 website system 0.6 - 'email article to a friend' Feature XSS
Rlpr 2.0 msg() Function Multiple Vulnerabilities
Rlpr 2.0 msg() Function - Multiple Vulnerabilities
Mozilla Browser 0.9/1.x Cache File Multiple Vulnerabilities
Mozilla Browser 0.9/1.x Cache File - Multiple Vulnerabilities
SCO Multi-channel Memorandum Distribution Facility Multiple Vulnerabilities
SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities
Working Resources BadBlue 1.7.x/2.x Unauthorized Proxy Relay Vulnerability
Working Resources BadBlue 1.7.x/2.x - Unauthorized Proxy Relay Vulnerability
Netgear SPH200D Multiple Vulnerabilities
Netgear SPH200D - Multiple Vulnerabilities
Fortinet FortiMail 400 IBE Multiple Vulnerabilities
Fortinet FortiMail 400 IBE - Multiple Vulnerabilities
Cisco Unity Express Multiple Vulnerabilities
Cisco Unity Express - Multiple Vulnerabilities
Linux Kernel - /dev/ptmx Key Stroke Timing Local Disclosure
Linux Kernel <= 2.6.32-5 (Debian 6.0.5) - /dev/ptmx Key Stroke Timing Local Disclosure
SAP Netweaver Message Server Multiple Vulnerabilities
SAP Netweaver Message Server - Multiple Vulnerabilities
Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Vulnerability
Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Remote PoC Vulnerability
Microsoft Internet Explorer 6.0_ Firefox 0.x_Netscape 7.x - IMG Tag Multiple Vulnerabilities
Microsoft Internet Explorer 6.0_ Firefox 0.x_Netscape 7.x - IMG Tag - Multiple Vulnerabilities
Ubuntu 12.10 - (64-Bit) sock_diag_handlers - Local Root Exploit
Linux Kernel <= 3.7.10 (Ubuntu 12.10) (64-Bit) - sock_diag_handlers Local Root Exploit
event calendar Multiple Vulnerabilities
event calendar - Multiple Vulnerabilities
opera Web browser 7.54 java implementation Multiple Vulnerabilities (1)
opera Web browser 7.54 java implementation Multiple Vulnerabilities (2)
opera Web browser 7.54 java implementation Multiple Vulnerabilities (3)
opera Web browser 7.54 java implementation Multiple Vulnerabilities (4)
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (1)
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (2)
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (3)
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (4)
ca3de Multiple Vulnerabilities
ca3de - Multiple Vulnerabilities
Vivotek IP Cameras Multiple Vulnerabilities
Vivotek IP Cameras - Multiple Vulnerabilities
Working Resources BadBlue 2.55 MFCISAPICommand Remote Buffer Overflow Vulnerability (1)
Working Resources BadBlue 2.55 MFCISAPICommand Remote Buffer Overflow Vulnerability (2)
Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow Vulnerability (1)
Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow Vulnerability (2)
Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Vulnerability (1)
Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Vulnerability (2)
Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (1)
Linux Kernel 2.6.x / <= 2.6.9 / <= 2.6.11 (RHEL4) - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (2)
Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities
Linux Kernel 2.4.x / 2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities
Icecast 2.x - XSL Parser Multiple Vulnerabilities
Icecast 2.x - XSL Parser - Multiple Vulnerabilities
Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (1)
Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (2)
Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (3)
Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (4)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index PoC Vulnerability (1)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (2)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (3)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (4)
Linux Kernel 2.6.37 <= 3.x.x - PERF_EVENTS Local Root Exploit
Linux Kernel 2.6.37 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit
MetaCart2 IntCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 StrSubCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 CurCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 - IntCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 - StrSubCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 - CurCatalogID Parameter Remote SQL Injection Vulnerability
neteyes nexusway border gateway Multiple Vulnerabilities
neteyes nexusway border gateway - Multiple Vulnerabilities
McAfee IntruShield Security Management System Multiple Vulnerabilities
McAfee IntruShield Security Management System - Multiple Vulnerabilities
Gaim AIM/ICQ Protocols Multiple Vulnerabilities
Gaim AIM/ICQ Protocols - Multiple Vulnerabilities
bfcommand & control server 1.22/2.0/2.14 manager Multiple Vulnerabilities
bfcommand & control server 1.22/2.0/2.14 manager - Multiple Vulnerabilities
Linux Kernel <= 2.6 - Console Keymap Local Command Injection Vulnerability
Linux Kernel <= 2.6 - Console Keymap Local Command Injection PoC
QuickPayPro 3.1 subscribers.tracking.edit.php subtrackingid Parameter SQL Injection
QuickPayPro 3.1 - subscribers.tracking.edit.php subtrackingid Parameter SQL Injection
QuickPayPro 3.1 tracking.details.php trackingid Parameter SQL Injection
QuickPayPro 3.1 - tracking.details.php trackingid Parameter SQL Injection
oracle application server discussion forum portlet Multiple Vulnerabilities
oracle application server discussion forum portlet - Multiple Vulnerabilities
Linux Kernel - 'MSR' Driver Local Privilege Escalation
Linux Kernel (Redhat) (32bit/64bit) - 'MSR' Driver Local Privilege Escalation
Linux Kernel 2.4.x/2.5.x/2.6.x - Ssockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities
Linux Kernel 2.4.x/2.5.x/2.6.x - Sockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities
Apache James 2.2 SMTP Denial of Service Vulnerability
Apache James 2.2 - SMTP Denial of Service Vulnerability
Linux Kernel - NFS and EXT3 Combination Remote Denial of Service Vulnerability
Linux Kernel 2.6.x (<= 2.6.17.7) - NFS and EXT3 Combination Remote Denial of Service Vulnerability
Microsoft windows xp/2000/2003 help Multiple Vulnerabilities
Microsoft Windows XP/2000/2003 help - Multiple Vulnerabilities
ArticleSetup Multiple Vulnerabilities
ArticleSetup - Multiple Vulnerabilities
PhotoStore details.php gid Parameter XSS
PhotoStore view_photog.php photogid Parameter XSS
PhotoStore details.php - gid Parameter XSS
PhotoStore view_photog.php - photogid Parameter XSS
MailEnable 2.x SMTP NTLM Authentication Multiple Vulnerabilities
MailEnable 2.x - SMTP NTLM Authentication - Multiple Vulnerabilities
BlooMooWeb 1.0.9 - ActiveX Control Multiple Vulnerabilities
BlooMooWeb 1.0.9 - ActiveX Control - Multiple Vulnerabilities
Simplog 0.9.3 BlogID Parameter Multiple SQL Injection Vulnerabilities
Simplog 0.9.3 BlogID Parameter - Multiple SQL Injection Vulnerabilities
Oracle January 2007 Security Update Multiple Vulnerabilities
Oracle January 2007 Security Update - Multiple Vulnerabilities
Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference Vulnerability
Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference DoS Vulnerability
E-Xoops 1.0.5/1.0.8 modules/arcade/index.php gid Parameter SQL Injection
E-Xoops 1.0.5/1.0.8 modules/arcade/index.php gid Parameter - SQL Injection
LANAI CMS 1.2.14 GALLERY Module gid Parameter SQL Injection
LANAI CMS 1.2.14 GALLERY Module - gid Parameter SQL Injection
OpenBase 10.0.x - Multiple Vulnerabilities (Buffer Overflow & Remote Command Execution)
OpenBase 10.0.x - (Buffer Overflow & Remote Command Execution) Multiple Vulnerabilities
ZyXEL P-330W Multiple Vulnerabilities
ZyXEL P-330W - Multiple Vulnerabilities
WinComLPD Total 3.0.2.623 - Multiple Vulnerabilities (Buffer Overflow and Authentication Bypass)
WinComLPD Total 3.0.2.623 - (Buffer Overflow and Authentication Bypass) Multiple Vulnerabilities
Zilab Chat and Instant Messaging (ZIM) 2.0/2.1 - Server Multiple Vulnerabilities
Zilab Chat and Instant Messaging (ZIM) 2.0/2.1 Server - Multiple Vulnerabilities
Linux Kernel 3.4 < 3.13.2 - Arbitrary write with CONFIG_X86_X32
Linux Kernel 3.4 < 3.13.2 - Local Root (CONFIG_X86_X32=y)
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - Arbitrary Write with CONFIG_X86_X32 Exploit
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - Local Root (CONFIG_X86_X32=y)
IBM solidDB 6.0.10 - Multiple Vulnerabilities (Format String and Denial of Service)
IBM solidDB 6.0.10 - (Format String and Denial of Service) Multiple Vulnerabilities
Linux Kernel < 3.4.5 - Local Root Exploit (ARM - Android 4.2.2 / 4.4)
Linux Kernel < 3.4.5 (ARM - Android 4.2.2 / 4.4) - Local Root Exploit
Catia V5-6R2013 - _CATV5_AllApplications_ - Stack Buffer Overflow
Catia V5-6R2013 - 'CATV5_AllApplications' - Stack Buffer Overflow
Catia V5-6R2013 - _CATV5_Backbone_Bus_ - Stack Buffer Overflow
Catia V5-6R2013 - 'CATV5_Backbone_Bus' - Stack Buffer Overflow
Linux Kernel - utrace and ptrace Local Denial of Service Vulnerability (1)
Linux Kernel - utrace and ptrace Local Denial of Service Vulnerability (2)
Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service Vulnerability (1)
Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service Vulnerability (2)
EasyE-Cards 3.10 - Multiple Vulnerabilities (SQL Injection and Cross-Site Scripting)
EasyE-Cards 3.10 - (SQL Injection and Cross-Site Scripting) Multiple Vulnerabilities
Jamroom <= 3.3.8 - Multiple Vulnerabilities (Cookie Authentication Bypass and Unspecified Security Issues)
Jamroom <= 3.3.8 - (Cookie Authentication Bypass and Unspecified Security Issues) Multiple Vulnerabilities
LuxCal 3.2.2 - Multiple Vulnerabilities (CSRF/Blind SQL Injection)
LuxCal 3.2.2 - (CSRF/Blind SQL Injection) Multiple Vulnerabilities
Linux Kernel 2.6.x - Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness
PG Roommate Finder Solution quick_search.php part Parameter XSS
PG Roommate Finder Solution viewprofile.php part Parameter XSS
PG Roommate Finder Solution - quick_search.php part Parameter XSS
PG Roommate Finder Solution - viewprofile.php part Parameter XSS
Linux Kernel 2.6.31 - 'perf_counter_open()' Local Buffer Overflow Vulnerability
e107 0.7.x - Multiple Vulnerabilities ('CAPTCHA' Security Bypass and Cross-Site Scripting)
e107 0.7.x - ('CAPTCHA' Security Bypass and Cross-Site Scripting) Multiple Vulnerabilities
IBM Rational RequisitePro 7.10 ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp operation Parameter XSS
IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp operation Parameter XSS
Linux Kernel 2.6.x - 'pipe.c' Local Privilege Escalation Vulnerability (1)
Linux Kernel 2.6.x - pipe.c Local Privilege Escalation Vulnerability (2)
Linux Kernel 2.6.x (2.6.0 <= 2.6.31) - 'pipe.c' Local Privilege Escalation Vulnerability (1)
Linux Kernel 2.6.x - 'pipe.c' Local Privilege Escalation Vulnerability (2)
Linux Kernel 3.3 < 3.8 - SOCK_DIAG Local Root Exploit
Linux Kernel 3.3 < 3.8 (Ubuntu/Fedora 18) - SOCK_DIAG Local Root Exploit
Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation
Linux Kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation
Ubuntu 12.04.0-2LTS x64 - perf_swevent_init Kernel Local Root Exploit
Linux Kernel <= 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04.(0_1_2) x64) - perf_swevent_init Local Root Exploit
Linux Kernel - 'find_keyring_by_name()' Local Memory Corruption Vulnerability
Linux Kernel <= 2.6.34 - 'find_keyring_by_name()' Local Memory Corruption Vulnerability
Linux Kernel - ptrace/sysret - Local Privilege Escalation
Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation
Trend Micro InterScan Web Security Virtual Appliance Multiple Vulnerabilities
Trend Micro InterScan Web Security Virtual Appliance - Multiple Vulnerabilities
OpenLDAP 2.4.22 - 'modrdn' Request Multiple Vulnerabilities
OpenLDAP 2.4.22 - ('modrdn' Request) Multiple Vulnerabilities
ServletExec - Multiple Vulnerabilities (Directory Traversal and Authentication-Bypass)
ServletExec - (Directory Traversal and Authentication-Bypass) Multiple Vulnerabilities
Creative Contact Form - Arbitrary File Upload
Creative Contact Form 0.9.7 - Arbitrary File Upload
Aireplay-ng 1.2 beta3 - _tcp_test_ Length Parameter Stack Overflow
Aireplay-ng 1.2 beta3 - 'tcp_test' Length Parameter Stack Overflow
Windows OLE - Remote Code Execution _Sandworm_ Exploit (MS14-060)
Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060)
Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam Multiple Vulnerabilities
Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam - Multiple Vulnerabilities
CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities
CBN CH6640E/CG6640E Wireless Gateway Series - Multiple Vulnerabilities
Xerox Multifunction Printers (MFP) _Patch_ DLM Vulnerability
Xerox Multifunction Printers (MFP) 'Patch' DLM Vulnerability
Linux Kernel <= 2.6.39 (32-bit & 64-bit) - Mempodipper Local Root (2)
Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) - Mempodipper Local Root (2)
Newv SmartClient 1.1.0 - 'NewvCommon.ocx' ActiveX Control Multiple Vulnerabilities
Newv SmartClient 1.1.0 - 'NewvCommon.ocx' ActiveX Control - Multiple Vulnerabilities
Eclipse 3.3.2 IDE Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS
Eclipse 3.3.2 IDE - Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS
Linux Kernel - libfutex - Local Root for RHEL/CentOS 7.0.1406
Linux Kernel <= 3.14.5 (RHEL/CentOS 7) - libfutex Local Root
RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 - ActiveX Control Multiple Vulnerabilities
RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 ActiveX Control - Multiple Vulnerabilities
OS X networkd _effective_audit_token_ XPC Type Confusion Sandbox Escape
OS X networkd - 'effective_audit_token' XPC Type Confusion Sandbox Escape
Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow Vulnerability
Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow Proof of Concept
AJ Classifieds 'listingid' Parameter SQL Injection Vulnerability
AJ Classifieds 'listingid' Parameter - SQL Injection Vulnerability
BlueSoft Social Networking CMS SQL Injection Vulnerability
BlueSoft Social Networking CMS - SQL Injection Vulnerability
Linux Kernel IRET Instruction #SS Fault Handling - Crash PoC
Linux Kernel PPP-over-L2TP Socket Level Handling - Crash PoC
Linux Kernel Associative Array Garbage Collection - Crash PoC
Linux Kernel <= 3.17.5 - IRET Instruction #SS Fault Handling Crash PoC
Linux Kernel <= 3.15.6 - PPP-over-L2TP Socket Level Handling Crash PoC
Linux Kernel <= 3.16.3 - Associative Array Garbage Collection Crash PoC
Linux Kernel - Network Namespace Remote Denial of Service Vulnerability
Linux Kernel <= 2.6.35 - Network Namespace Remote Denial of Service Vulnerability
Kayako SupportSuite 3.x Multiple Vulnerabilities
Kayako SupportSuite 3.x - Multiple Vulnerabilities
Linux Kernel splice() System Call - Local DoS
Linux Kernel <= 3.13 / <= 3.14 (Ubuntu) - splice() System Call Local DoS
Mac OS X - _Rootpipe_ Privilege Escalation
Mac OS X - 'Rootpipe' Privilege Escalation
Apport - Local Linux Root
Apport 2.14.1 (Ubuntu 14.04.2) - Linux Local Root Exploit
SixApart MovableType Storable Perl Code Execution
SixApart MovableType - Storable Perl Code Execution
WordPress TagGator 'tagid' Parameter SQL Injection Vulnerability
WordPress TagGator 'tagid' Parameter - SQL Injection Vulnerability
JSPMyAdmin 1.1 Multiple Vulnerabilities
JSPMyAdmin 1.1 - Multiple Vulnerabilities
WordPress NewStatPress Plugin 0.9.8 Multiple Vulnerabilities
WordPress Landing Pages Plugin 1.8.4 Multiple Vulnerabilities
WordPress NewStatPress Plugin 0.9.8 - Multiple Vulnerabilities
WordPress Landing Pages Plugin 1.8.4 - Multiple Vulnerabilities
ESC 8832 Data Controller Multiple Vulnerabilities
ESC 8832 Data Controller - Multiple Vulnerabilities
ZTE AC 3633R USB Modem Multiple Vulnerabilities
ZTE AC 3633R USB Modem - Multiple Vulnerabilities
OSSEC 2.7 <= 2.8.1 - _diff_ Command Local Root Escalation
OSSEC 2.7 <= 2.8.1 - 'diff' Command Local Root Escalation
Ubuntu 12.04_ 14.04_ 14.10_ 15.04 - overlayfs Local Root (Shell)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shell)
Ubuntu 12.04_ 14.04_ 14.10_ 15.04 - overlayfs Local Root (Shadow File)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shadow File)
OSSEC WUI 0.8 - Denial of Service
Adobe Flash Use-After-Free in Drawing Methods _this_
Adobe Flash - Use-After-Free in Drawing Methods 'this'
Kaspersky Antivirus _Yoda's Protector_ Unpacking Memory Corruption
Kaspersky Antivirus - Yoda's Protector Unpacking Memory Corruption
Kallithea 0.2.9 (came_from) HTTP Response Splitting Vulnerability
Kallithea 0.2.9 - (came_from) HTTP Response Splitting Vulnerability
Linux/MIPS Kernel NetUSB - Remote Code Execution Exploit
Linux/MIPS Kernel 2.6.36 NetUSB - Remote Code Execution Exploit
Linux Kernel <= 3.2.1 - Tracing Mutiple Local Denial of Service Vulnerabilities
Cisco Linksys WRT310N Router Multiple Denial of Service Vulnerabilities
Cisco Linksys WRT310N Router - Multiple Denial of Service Vulnerabilities
WordPress WP Private Messages Plugin 'msgid' Parameter SQL Injection Vulnerability
WordPress WP Private Messages Plugin - 'msgid' Parameter SQL Injection Vulnerability
Microsoft Windows Media Center Library Parsing RCE Vulnerability aka _self-executing_ MCL File
Microsoft Windows Media Center Library - Parsing RCE Vulnerability aka 'self-executing' MCL File
MyBB 'misc.php' Remote Denial of Service Vulnerability
MyBB 1.6.12 - 'misc.php' Remote Denial of Service Vulnerability
WHMCS 'cart.php' Denial of Service Vulnerability
phpBB <= 3.0.8 Remote Denial of Service Vulnerability
WHMCS 5.12 - 'cart.php' Denial of Service Vulnerability
phpBB <= 3.0.8 - Remote Denial of Service Vulnerability
Ubuntu 14.04 LTS_ 15.10 - overlayfs Local Root Exploit
Linux Kernel <=4.3.3 (Ubuntu 14.04_ 15.10) - overlayfs Local Root Exploit
Linux Kernel overlayfs - Local Privilege Escalation
Linux Kernel <= 4.3.3 overlayfs - Local Privilege Escalation
Inductive Automation Ignition 7.8.1 Remote Leakage Of Shared Buffers
Inductive Automation Ignition 7.8.1 - Remote Leakage Of Shared Buffers
Linux Kernel - REFCOUNT Overflow/Use-After-Free in Keyrings
Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings
Linux Kernel - prima WLAN Driver Heap Overflow
Linux Kernel <= 3.x / <= 4.x - prima WLAN Driver Heap Overflow
Multiple Aztech Routers '/cgi-bin/AZ_Retrain.cgi' Denial of Service Vulnerability
Multiple Aztech Routers - '/cgi-bin/AZ_Retrain.cgi' Denial of Service Vulnerability
WordPress Wordfence Security Plugin Multiple Vulnerabilities
WordPress Wordfence Security Plugin - Multiple Vulnerabilities
STIMS Buffer - Buffer Overflow SEH - DoS
STIMS Cutter - Buffer Overflow DoS
STIMS Buffer 1.1.20 - Buffer Overflow SEH (DoS)
STIMS Cutter 1.1.3.20 - Buffer Overflow DoS
Linux Kernel - digi_acceleport Nullpointer Dereference
Linux Kernel - Wacom Multiple Nullpointer Dereferences
Linux Kernel - visor (treo_attach) Nullpointer Dereference
Linux Kernel - visor clie_5_attach Nullpointer Dereference
Linux Kernel - cypress_m8 Nullpointer Dereference
Linux Kernel - mct_u232 Nullpointer Dereference
Linux Kernel - cdc_acm Nullpointer Dereference
Linux Kernel - aiptek Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - digi_acceleport Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - Wacom Multiple Nullpointer Dereferences
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - visor (treo_attach) Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - visor clie_5_attach Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - cypress_m8 Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - mct_u232 Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - cdc_acm Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - aiptek Nullpointer Dereference
RHEL 7.1 Kernel - snd-usb-audio Crash PoC
RHEL 7.1 Kernel - iowarrior driver Crash PoC
RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - snd-usb-audio Crash PoC
RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - iowarrior driver Crash PoC
LShell <= 0.9.15 - Remote Code Execution
LShell <= 0.9.15 - Remote Code Execution
Exim _perl_startup_ Privilege Escalation
Exim - 'perl_startup' Privilege Escalation
NetCommWireless HSPA 3G10WVE Wireless Router – Multiple Vulnerabilities
NetCommWireless HSPA 3G10WVE Wireless Router - Multiple Vulnerabilities
Linux Kernel 4.4.x (Ubuntu 16.04) - Use-After-Free via double-fdput() in bpf(BPF_PROG_LOAD) Error Path Local Root Exploit
Linux Kernel 4.4.x (Ubuntu 16.04) - double-fdput() in bpf(BPF_PROG_LOAD) Local Root Exploit
i.FTP 2.21 - Host Address / URL Field SEH Exploit
All Windows Null-Free Shellcode - Functional Keylogger to File - 601 (0x0259) bytes
MediaInfo 0.7.61 - Crash PoC
Ipswitch WS_FTP LE 12.3 - Search field SEH Overwrite POC
Core FTP Server 32-bit Build 587 - Heap Overflow
Multiple JVC HDRs and Net Cameras - Multiple Vulnerabilities
Adobe Reader DC 15.010.20060 - Memory Corruption
Nfdump Nfcapd 1.6.14 - Multiple Vulnerabilities
|
2016-05-11 05:03:54 +00:00 |
|
Offensive Security
|
28f57d0dba
|
DB: 2016-05-03
5 new exploits
WordPress Ghost Plugin 0.5.5 - Unrestricted Export Download
.Net Framework Execute Native x86 Shellcode
Acunetix WVS 10 - Remote Command Execution (System)
Apache Struts Dynamic Method Invocation Remote Code Execution
QSEE - PRDiag* Commands Privilege Escalation Exploit
|
2016-05-03 05:04:01 +00:00 |
|
Offensive Security
|
fe5081847e
|
DB: 2016-04-27
4 new exploits
Yasr Screen Reader 0.6.9 - Local Buffer Overflow
Advantech WebAccess Dashboard Viewer Arbitrary File Upload
libgd 2.1.1 - Signedness Heap Overflow
ImpressCMS 1.3.9 - SQL Injection
|
2016-04-27 05:02:48 +00:00 |
|
Offensive Security
|
1f79ff2236
|
DB: 2016-04-09
3 new exploits
WordPress Freshmail - Unauthenticated SQL Injection
WordPress Plugin Freshmail 1.5.8 - Unauthenticated SQL Injection
Express Zip <= 2.40 - Path Traversal
Apple Intel HD 3000 Graphics driver 10.0.0 - Local Privilege Escalation
op5 7.1.9 - Remote Command Execution
|
2016-04-09 05:02:52 +00:00 |
|
Offensive Security
|
5d20c14812
|
DB: 2016-03-31
10 new exploits
Wordpress Plugin IMDb Profile Widget 1.0.8 - Local File Inclusion
WordPress Photocart Link Plugin 1.6 - Local File Inclusion
LShell <= 0.9.15 - Remote Code Execution
Apple Quicktime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 1
Apple Quicktime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 2
Apple Quicktime < 7.7.79.80.95 - PSD File Parsing Memory Corruption
CubeCart 6.0.10 - Multiple Vulnerabilities
Kamailio 4.3.4 - Heap-Based Buffer Overflow
ATutor 2.2.1 Directory Traversal / Remote Code Execution
Metaphor - Stagefright Exploit with ASLR Bypass
|
2016-03-31 05:01:58 +00:00 |
|
Offensive Security
|
2c01698aec
|
DB: 2016-03-22
14 new exploits
Drupal <= 4.5.3 & <= 4.6.1 Comments PHP Injection Exploit
Drupal <= 4.5.3 & <= 4.6.1 - Comments PHP Injection Exploit
phpBB 2.0.15 - Remote PHP Code Execution Exploit (metasploit)
phpBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit
vBulletin <= 3.0.6 (Template) Command Execution Exploit (metasploit)
vBulletin <= 3.0.6 (Template) Command Execution Exploit (Metasploit
WordPress <= 1.5.1.3 - Remote Code Execution eXploit (metasploit)
WordPress <= 1.5.1.3 - Remote Code Execution eXploit (Metasploit
Solaris <= 10 LPD Arbitrary File Delete Exploit (metasploit)
Solaris <= 10 LPD Arbitrary File Delete Exploit (Metasploit
Horde <= 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (metasploit)
Horde <= 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (Metasploit
Softerra PHP Developer Library <= 1.5.3 File Include Vulnerabilities
Softerra PHP Developer Library <= 1.5.3 - File Include Vulnerabilities
IDEAL Administration 2009 9.7 - Buffer Overflow - Metasploit Universal
IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)
PHP RapidKill Pro 5.x Shell Upload Vulnerability
PHP RapidKill Pro 5.x - Shell Upload Vulnerability
Shellcode - Win32 MessageBox (Metasploit module)
Shellcode - Win32 MessageBox (Metasploit)
Php Nuke 8.x.x - BlindSQL Injection Vulnerability
PHP-Nuke 8.x.x - BlindSQL Injection Vulnerability
Integard Pro 2.2.0.9026 - (Win7 ROP-Code Metasploit Module)
Integard Pro 2.2.0.9026 - Windows 7 ROP-Code (Metasploit)
Digital Music Pad 8.2.3.3.4 - SEH Overflow Metasploit Module
Digital Music Pad 8.2.3.3.4 - SEH Overflow (Metasploit)
MaticMarket 2.02 for PHP Nuke LFI Vulnerability
MaticMarket 2.02 for PHP-Nuke - LFI Vulnerability
Microsoft Word 2003 - Record Parsing Buffer Overflow (Metasploit) (MS09-027)
Microsoft Word 2003 - Record Parsing Buffer Overflow (MS09-027) (Metasploit)
Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (Metasploit) (0day)
Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (0day) (Metasploit)
Metasploit 4.1.0 Web UI stored XSS Vulnerability
Metasploit 4.1.0 Web UI - Stored XSS Vulnerability
PHP Nuke 1.0/2.5/3.0/4.x - Remote Ad Banner URL Change Vulnerability
PHP-Nuke 1.0/2.5/3.0/4.x - Remote Ad Banner URL Change Vulnerability
Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability (metasploit)
Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability (Metasploit
PHP Nuke 5.0 - 'user.php' Form Element Substitution Vulnerabilty
PHP-Nuke 5.0 - 'user.php' Form Element Substitution Vulnerabilty
PHP Nuke 5.x Error Message Web Root Disclosure Vulnerability
PHP-Nuke 5.x - Error Message Web Root Disclosure Vulnerability
PHP Nuke 8.2.4 - CSRF Vulnerability
PHP-Nuke 8.2.4 - CSRF Vulnerability
DCP-Portal 3.7/4.x/5.x Calendar.PHP HTTP Response Splitting Vulnerability
DCP-Portal 3.7/4.x/5.x - Calendar.PHP HTTP Response Splitting Vulnerability
PHP Nuke 0-7 Double Hex Encoded Input Validation Vulnerability
PHP-Nuke 0-7 - Double Hex Encoded Input Validation Vulnerability
PHP 4.x/5.x Html_Entity_Decode() Information Disclosure Vulnerability
PHP 4.x/5.x - Html_Entity_Decode() Information Disclosure Vulnerability
Western Digital Arkeia Remote Code Execution (Metasploit)
Western Digital Arkeia - Remote Code Execution (Metasploit)
Apache + PHP 5.x (< 5.3.12 & < 5.4.2) - cgi-bin Remote Code Execution Exploit
Apache + PHP 5.x (< 5.3.12 / < 5.4.2) - Remote Code Execution (Multithreaded Scanner)
Apache + PHP 5.x (< 5.3.12 & < 5.4.2) - Remote Code Execution (Multithreaded Scanner)
PHP PEAR <= 1.5.3 INSTALL-AS Attribute Arbitrary File Overwrite Vulnerability
PHP PEAR <= 1.5.3 - INSTALL-AS Attribute Arbitrary File Overwrite Vulnerability
GNU bash Environment Variable Command Injection (Metasploit)
GNU Bash - Environment Variable Command Injection (Metasploit)
Bash - CGI RCE (Metasploit) Shellshock Exploit
Bash - CGI RCE Shellshock Exploit (Metasploit)
Endian Firewall < 3.0.0 - OS Command Injection (Metasploit Module)
Endian Firewall < 3.0.0 - OS Command Injection (Metasploit)
Windows - Secondary Logon Standard Handles Missing Sanitization Privilege Escalation (MS16-032)
WordPress eBook Download Plugin 1.1 - Directory Traversal
WordPress Import CSV Plugin 1.0 - Directory Traversal
WordPress Abtest Plugin - Local File Inclusion
Internet Download Manager 6.25 Build 14 - 'Find file' Unicode SEH Exploit
Disc ORGanizer - DORG - Multiple Vulnerabilities
D-Link DWR-932 Firmware 4.00 - Authentication Bypass
Xoops 2.5.7.2 - Arbitrary User Deletions CSRF
Xoops 2.5.7.2 - Directory Traversal Bypass
WordPress Image Export Plugin 1.1.0 - Arbitrary File Disclosure
Sysax Multi Server 6.50 - HTTP File Share SEH Overflow RCE Exploit
Dating Pro Genie 2015.7 - CSRF Vulnerabilities
iTop 2.2.1 - CSRF Vulnerability
ProjectSend r582 - Multiple XSS Vulnerabilities
|
2016-03-22 05:02:50 +00:00 |
|
Offensive Security
|
477bcbdcc0
|
DB: 2016-03-17
5 new exploits
phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerability Exploit
phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerabilities
My Book World Edition NAS Multiple Vulnerability
My Book World Edition NAS - Multiple Vulnerabilities
Katalog Stron Hurricane 1.3.5 - Multiple Vulnerability RFI / SQL
Katalog Stron Hurricane 1.3.5 - (RFI / SQL) Multiple Vulnerabilities
cmsfaethon-2.2.0-ultimate.7z Multiple Vulnerability
cmsfaethon-2.2.0-ultimate.7z - Multiple Vulnerabilities
DynPG CMS 4.1.0 - Multiple Vulnerability (popup.php and counter.php)
DynPG CMS 4.1.0 - (popup.php and counter.php) Multiple Vulnerabilities
Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerability
Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities
N/X - Web CMS (N/X WCMS 4.5) Multiple Vulnerability
N/X - Web CMS (N/X WCMS 4.5) - Multiple Vulnerabilities
New-CMS - Multiple Vulnerability
New-CMS - Multiple Vulnerabilities
Edgephp Clickbank Affiliate Marketplace Script Multiple Vulnerability
Edgephp Clickbank Affiliate Marketplace Script - Multiple Vulnerabilities
JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerability
JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerabilities
i-Gallery - Multiple Vulnerability
i-Gallery - Multiple Vulnerabilities
My Kazaam Notes Management System Multiple Vulnerability
My Kazaam Notes Management System - Multiple Vulnerabilities
Omnidocs - Multiple Vulnerability
Omnidocs - Multiple Vulnerabilities
Web Cookbook Multiple Vulnerability
Web Cookbook - Multiple Vulnerabilities
KikChat - (LFI/RCE) Multiple Vulnerability
KikChat - (LFI/RCE) Multiple Vulnerabilities
Webformatique Reservation Manager - 'index.php' Cross-Site Scripting Vulnerability
Webformatique Reservation Manager 2.4 - 'index.php' Cross-Site Scripting Vulnerability
xEpan 1.0.4 - Multiple Vulnerability
xEpan 1.0.4 - Multiple Vulnerabilities
AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection
Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow
Cisco UCS Manager 2.1(1b) - Shellshock Exploit
OpenSSH <= 7.2p1 - xauth Injection
FreeBSD 10.2 amd64 Kernel - amd64_set_ldt Heap Overflow
|
2016-03-17 07:07:56 +00:00 |
|
Offensive Security
|
ea96f111cd
|
DB: 2016-03-16
|
2016-03-16 11:23:45 +00:00 |
|
Offensive Security
|
4cae1b12fc
|
DB: 2016-03-08
3 new exploits
|
2016-03-08 05:02:45 +00:00 |
|
Offensive Security
|
62a54b60c6
|
DB: 2016-02-27
12 new exploits
|
2016-02-27 05:02:14 +00:00 |
|
Offensive Security
|
9eb7ef4903
|
DB: 2016-02-26
2 new exploits
|
2016-02-26 05:02:33 +00:00 |
|
Offensive Security
|
3b34885ebf
|
DB: 2016-02-11
7 new exploits
|
2016-02-11 05:03:33 +00:00 |
|
Offensive Security
|
a97b3361e6
|
DB: 2016-02-10
4 new exploits
|
2016-02-10 05:02:26 +00:00 |
|
Offensive Security
|
93d901f3b2
|
DB: 2016-01-19
10 new exploits
|
2016-01-19 05:03:22 +00:00 |
|
Offensive Security
|
cf77140802
|
DB: 2016-01-10
4 new exploits
|
2016-01-10 05:01:46 +00:00 |
|
Offensive Security
|
86d0c5fe16
|
DB: 2016-01-09
10 new exploits
|
2016-01-09 05:02:44 +00:00 |
|
Offensive Security
|
53d9096a7c
|
DB: 2016-01-07
10 new exploits
|
2016-01-07 05:01:40 +00:00 |
|