Offensive Security
1e70058c1e
DB: 2016-10-27
...
3 new exploits
ProFTPd 1.2.9RC1 - (mod_sql) SQL Injection
ProFTPd 1.2.9RC1 - 'mod_sql' SQL Injection
OpenBSD - (ibcs2_exec) Kernel Local Exploit
OpenBSD - 'ibcs2_exec' Kernel Local Exploit
Microsoft FrontPage Server Extensions - fp30reg.dll Exploit (MS03-051)
Microsoft FrontPage Server Extensions - 'fp30reg.dll' Exploit (MS03-051)
IA WebMail 3.x - (iaregdll.dll 1.0.0.5) Remote Exploit
OpenBSD 2.x < 3.3 - exec_ibcs2_coff_prep_zmagic() Kernel Exploit
IA WebMail 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit
OpenBSD 2.x < 3.3 - 'exec_ibcs2_coff_prep_zmagic()' kernel stack overflow
Foxmail 5.0 - PunyLib.dll Remote Stack Overflow
Foxmail 5.0 - 'PunyLib.dll' Remote Stack Overflow
Microsoft Windows - Lsasrv.dll RPC Remote Buffer Overflow (MS04-011)
Microsoft Windows - 'Lsasrv.dll' RPC Remote Buffer Overflow (MS04-011)
Microsoft Windows 2000/XP - Lsasrv.dll Remote Universal Exploit (MS04-011)
Microsoft Windows 2000/XP - 'Lsasrv.dll' Remote Universal Exploit (MS04-011)
Winamp 5.06 - IN_CDDA.dll Remote Buffer Overflow
Winamp 5.06 - 'IN_CDDA.dll' Remote Buffer Overflow
Microsoft Jet Database - (msjet40.dll) Reverse Shell Exploit (1)
Microsoft Jet Database - 'msjet40.dll' Reverse Shell Exploit (1)
Microsoft Jet Database - (msjet40.dll) Reverse Shell Exploit (2)
Microsoft Jet Database - 'msjet40.dll' Reverse Shell Exploit (2)
Microsoft Internet Explorer - (blnmgr.dll) COM Object Remote Exploit (MS05-038)
Microsoft Internet Explorer - 'blnmgr.dll' COM Object Remote Exploit (MS05-038)
Microsoft Internet Explorer 6 - (mshtml.dll datasrc) Denial of Service
Microsoft Internet Explorer 6 - 'mshtml.dll datasrc' Denial of Service
Microsoft Internet Explorer 6 - (mshtml.dll div) Denial of Service
Microsoft Internet Explorer 6 - 'mshtml.dll div' Denial of Service
Microsoft Internet Explorer 7.0 Beta 2 - (urlmon.dll) Denial of Service
Microsoft Internet Explorer 7.0 Beta 2 - 'urlmon.dll' Denial of Service
Admbook 1.2.2 - (x-forwarded-for) Remote Command Execution
Admbook 1.2.2 - 'x-forwarded-for' Remote Command Execution
Microsoft Internet Explorer 6 - (script action handlers) (mshtml.dll) Denial of Service
Microsoft Internet Explorer 6 - (script action handlers) 'mshtml.dll' Denial of Service
Microsoft Internet Explorer 6 - (mshtml.dll checkbox) Crash
Microsoft Internet Explorer 6 - 'mshtml.dll checkbox' Crash
Total Commander 6.x - (unacev2.dll) Buffer Overflow (PoC)
Total Commander 6.x - 'unacev2.dll' Buffer Overflow (PoC)
Mozilla Firefox 1.5.0.2 - (js320.dll/xpcom_core.dll) Denial of Service (PoC)
Mozilla Firefox 1.5.0.2 - 'js320.dll/xpcom_core.dll' Denial of Service (PoC)
Aardvark Topsites PHP 4.2.2 - (path) Remote File Inclusion
Aardvark Topsites PHP 4.2.2 - 'path' Remote File Inclusion
Aardvark Topsites PHP 4.2.2 - (lostpw.php) Remote File Inclusion
Aardvark Topsites PHP 4.2.2 - 'lostpw.php' Remote File Inclusion
ACal 2.2.6 - (day.php) Remote File Inclusion
ACal 2.2.6 - 'day.php' Remote File Inclusion
Ad Manager Pro 2.6 - (ipath) Remote File Inclusion
Ad Manager Pro 2.6 - 'ipath' Remote File Inclusion
A-Blog 2.0 - (menu.php) Remote File Inclusion
A-Blog 2.0 - 'menu.php' Remote File Inclusion
2BGal 3.0 - (admin/configuration.inc.php) Local Inclusion Exploit
2BGal 3.0 - 'admin/configuration.inc.php' Local Inclusion Exploit
a-ConMan 3.2b - (common.inc.php) Remote File Inclusion
a-ConMan 3.2b - 'common.inc.php' Remote File Inclusion
RealPlayer 10.5 ierpplug.dll Internet Explorer 7 - Denial of Service
RealPlayer 10.5 'ierpplug.dll' Internet Explorer 7 - Denial of Service
Macromedia Shockwave 10 (SwDir.dll) Internet Explorer 7 - Denial of Service
Macromedia Shockwave 10 'SwDir.dll' Internet Explorer 7 - Denial of Service
Microsoft Windows - NtRaiseHardError Csrss.exe-winsrv.dll Double-Free
Microsoft Windows - NtRaiseHardError 'Csrss.exe/winsrv.dll' Double-Free
BrowseDialog Class (ccrpbds6.dll) Internet Explorer 7 - Denial of Service
BrowseDialog Class 'ccrpbds6.dll' Internet Explorer 7 - Denial of Service
DivX Player 6.4.1 - (DivXBrowserPlugin npdivx32.dll) IE Denial of Service
DivX Player 6.4.1 - DivXBrowserPlugin 'npdivx32.dll' IE Denial of Service
ACGVclick 0.2.0 - (path) Remote File Inclusion
ACGVclick 0.2.0 - 'path' Remote File Inclusion
ACGVannu 1.3 - (index2.php) Remote User Pass Change
ACGVannu 1.3 - 'index2.php' Remote User Pass Change
CA BrightStor ARCserve 11.5.2.0 - (catirpc.dll) RPC Server Denial of Service
CA BrightStor ARCserve 11.5.2.0 - 'catirpc.dll' RPC Server Denial of Service
DivX Web Player 1.3.0 - (npdivx32.dll) Remote Denial of Service
DivX Web Player 1.3.0 - 'npdivx32.dll' Remote Denial of Service
Macromedia 10.1.4.20 - SwDir.dll Internet Explorer Stack Overflow Denial of Service
Macromedia 10.1.4.20 - 'SwDir.dll' Internet Explorer Stack Overflow Denial of Service
Adobe Reader plugin AcroPDF.dll 8.0.0.0 - Resource Consumption
Adobe Reader Plugin 'AcroPDF.dll' 8.0.0.0 - Resource Consumption
NetSprint Toolbar - ActiveX toolbar.dll Denial of Service (PoC)
NetSprint Toolbar - ActiveX 'toolbar.dll' Denial of Service (PoC)
ActSoft DVD-Tools - (dvdtools.ocx 3.8.5.0) Stack Overflow
ActSoft DVD-Tools - 'dvdtools.ocx 3.8.5.0' Stack Overflow
SmartCode VNC Manager 3.6 - (scvncctrl.dll) Denial of Service
SmartCode VNC Manager 3.6 - 'scvncctrl.dll' Denial of Service
Barcodewiz ActiveX Control 2.52 - (Barcodewiz.dll) Overwrite (SEH)
Barcodewiz ActiveX Control 2.0 - (Barcodewiz.dll) Remote Buffer Overflow (PoC)
Barcodewiz ActiveX Control 2.52 - 'Barcodewiz.dll' Overwrite (SEH)
Barcodewiz ActiveX Control 2.0 - 'Barcodewiz.dll' Remote Buffer Overflow (PoC)
Remote Display Dev kit 1.2.1.0 - RControl.dll Denial of Service
Remote Display Dev kit 1.2.1.0 - 'RControl.dll' Denial of Service
Hewlett Packard 1.0.0.309 - hpqvwocx.dll ActiveX Magview Overflow (PoC)
Hewlett Packard 1.0.0.309 - 'hpqvwocx.dll' ActiveX Magview Overflow (PoC)
Virtual CD 9.0.0.2 - (vc9api.DLL) Remote Shell Commands Execution Exploit
Virtual CD 9.0.0.2 - 'vc9api.DLL' Remote Shell Commands Execution Exploit
LeadTools Raster ISIS Object (LTRIS14e.DLL 14.5.0.44) - Remote Buffer Overflow
LeadTools Raster ISIS Object 'LTRIS14e.DLL 14.5.0.44' - Remote Buffer Overflow
Vivotek Motion Jpeg Control - (MjpegDecoder.dll 2.0.0.13) Remote Exploit
Vivotek Motion Jpeg Control - 'MjpegDecoder.dll 2.0.0.13' Remote Exploit
Microsoft Internet Explorer 6 / Provideo Camimage - (ISSCamControl.dll 1.0.1.5) Remote Buffer Overflow
Microsoft Internet Explorer 6 / Provideo Camimage - 'ISSCamControl.dll 1.0.1.5' Remote Buffer Overflow
SafeNet High Assurance Remote 1.4.0 - (IPSecDrv.sys) Remote Denial of Service
SafeNet High Assurance Remote 1.4.0 - 'IPSecDrv.sys' Remote Denial of Service
Yahoo! Messenger Webcam 8.1 - (Ywcvwr.dll) Download / Execute Exploit
Yahoo! Messenger Webcam 8.1 - (Ywcupl.dll) Download / Execute Exploit
Yahoo! Messenger Webcam 8.1 - 'Ywcvwr.dll' Download / Execute Exploit
Yahoo! Messenger Webcam 8.1 - 'Ywcupl.dll' Download / Execute Exploit
BarCode ActiveX Control BarCodeAx.dll 4.9 - Remote Overflow
BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow
NCTAudioEditor2 ActiveX DLL (NCTWMAFile2.dll 2.6.2.157) - Exploit
NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - Exploit
6ALBlog - (newsid) SQL Injection
6ALBlog - 'newsid' SQL Injection
Avaxswf.dll 1.0.0.1 from Avax Vector - ActiveX Arbitrary Data Write
Avax Vector 'Avaxswf.dll' 1.0.0.1 - ActiveX Arbitrary Data Write
HP Digital Imaging (hpqxml.dll 2.0.0.133) - Arbitrary Data Write Exploit
HP Digital Imaging 'hpqxml.dll 2.0.0.133' - Arbitrary Data Write Exploit
AMX Corp. VNC ActiveX Control - (AmxVnc.dll 1.0.13.0) Buffer Overflow
AMX Corp. VNC ActiveX Control - 'AmxVnc.dll 1.0.13.0' Buffer Overflow
HP Digital Imaging (hpqvwocx.dll 2.1.0.556) - SaveToFile() Exploit
HP Digital Imaging 'hpqvwocx.dll 2.1.0.556' - SaveToFile() Exploit
WinPcap 4.0 - NPF.SYS Privilege Elevation (PoC)
WinPcap 4.0 - 'NPF.SYS' Privilege Elevation (PoC)
Program Checker - (sasatl.dll 1.5.0.531) JavaScript Heap Spraying Exploit
Program Checker - 'sasatl.dll 1.5.0.531' JavaScript Heap Spraying Exploit
SecureBlackbox (PGPBBox.dll 5.1.0.112) - Arbitrary Data Write Exploit
Program Checker - (sasatl.dll 1.5.0.531) DebugMsgLog Heap Spraying Exploit
Symantec AntiVirus - symtdi.sys Privilege Escalation
SecureBlackbox 'PGPBBox.dll 5.1.0.112' - Arbitrary Data Write Exploit
Program Checker - 'sasatl.dll 1.5.0.531' DebugMsgLog Heap Spraying Exploit
Symantec AntiVirus - 'symtdi.sys' Privilege Escalation
Data Dynamics ActiveReport ActiveX - (actrpt2.dll 2.5) Insecure Method
Data Dynamics ActiveReport ActiveX - 'actrpt2.dll 2.5' Insecure Method
Zenturi NixonMyPrograms Class (sasatl.dll 1.5.0.531) - Remote Buffer Overflow
Zenturi NixonMyPrograms Class 'sasatl.dll 1.5.0.531' - Remote Buffer Overflow
PHP - PHP_gd2.dll imagepsloadfont Local Buffer Overflow (PoC)
PHP - 'PHP_gd2.dll' imagepsloadfont Local Buffer Overflow (PoC)
VMware IntraProcessLogging.dll 5.5.3.42958 - Arbitrary Data Write Exploit
VMware 'IntraProcessLogging.dll' 5.5.3.42958 - Arbitrary Data Write Exploit
VMware Inc 6.0.0 - (vielib.dll 2.2.5.42958) Remode Code Execution
VMware Inc 6.0.0 - 'vielib.dll 2.2.5.42958' Remode Code Execution
CHILKAT ASP String - (CkString.dll 1.1) SaveToFile() Insecure Method
CHILKAT ASP String - 'CkString.dll 1.1' SaveToFile() Insecure Method
2532/Gigs 1.2.1 - (activateuser.php) Local File Inclusion
PHP 5.2.0 (Windows x86) - (PHP_iisfunc.dll) Local Buffer Overflow
2532/Gigs 1.2.1 - 'activateuser.php' Local File Inclusion
PHP 5.2.0 (Windows x86) - 'PHP_iisfunc.dll' Local Buffer Overflow
NVR SP2 2.0 (nvUnifiedControl.dll 1.1.45.0) - SetText() Remote Exploit
NVR SP2 2.0 (nvUtility.dll 1.0.14.0) - SaveXMLFile() Insecure Method
NVR SP2 2.0 (nvUtility.dll 1.0.14.0) - DeleteXMLFile() Insecure Method
NVR SP2 2.0 'nvUnifiedControl.dll 1.1.45.0' - SetText() Remote Exploit
NVR SP2 2.0 'nvUtility.dll 1.0.14.0' - SaveXMLFile() Insecure Method
NVR SP2 2.0 'nvUtility.dll 1.0.14.0' - DeleteXMLFile() Insecure Method
Postcast Server Pro 3.0.61 - / Quiksoft EasyMail (emsmtp.dll 6.0.1) Buffer Overflow
Postcast Server Pro 3.0.61 - / Quiksoft EasyMail 'emsmtp.dll 6.0.1' Buffer Overflow
Norman Virus Control - nvcoaft51.sys ioctl BF672028 Exploit
Norman Virus Control - 'nvcoaft51.sys' ioctl BF672028 Exploit
PPStream - (PowerPlayer.dll 2.0.1.3829) ActiveX Remote Overflow
PPStream - 'PowerPlayer.dll 2.0.1.3829' ActiveX Remote Overflow
Yahoo! Messenger - (YVerInfo.dll 2007.8.27.1) ActiveX Buffer Overflow
Yahoo! Messenger - 'YVerInfo.dll 2007.8.27.1' ActiveX Buffer Overflow
GlobalLink 2.7.0.8 - glItemCom.dll SetInfo() Heap Overflow
Trend Micro ServerProtect - eng50.dll Remote Stack Overflow
GlobalLink 2.7.0.8 - 'glItemCom.dll' SetInfo() Heap Overflow
Trend Micro ServerProtect - 'eng50.dll' Remote Stack Overflow
GlobalLink 2.7.0.8 - glitemflat.dll SetClientInfo() Heap Overflow
GlobalLink 2.7.0.8 - 'glitemflat.dll' SetClientInfo() Heap Overflow
BaoFeng2 - mps.dll ActiveX Multiple Remote Buffer Overflow PoCs
BaoFeng2 - 'mps.dll' ActiveX Multiple Remote Buffer Overflow PoCs
Ultra Crypto Component - (CryptoX.dll 2.0) SaveToFile() Insecure Method
Ultra Crypto Component - (CryptoX.dll 2.0) Remote Buffer Overflow
Ultra Crypto Component - 'CryptoX.dll 2.0' SaveToFile() Insecure Method
Ultra Crypto Component - 'CryptoX.dll 2.0' Remote Buffer Overflow
Microsoft Visual Studio 6.0 - (VBTOVSI.dll 1.0.0.0) File Overwrite
Microsoft Visual Studio 6.0 - 'VBTOVSI.dll 1.0.0.0' File Overwrite
HP ActiveX - (hpqutil.dll ListFiles hpqutil.dll) Remote Heap Overflow (PoC)
HP ActiveX - 'hpqutil.dll' ListFiles Remote Heap Overflow (PoC)
EasyMail MessagePrinter Object - (emprint.dll 6.0.1.0) Buffer Overflow
EasyMail MessagePrinter Object - 'emprint.dll 6.0.1.0' Buffer Overflow
EB Design Pty Ltd - (EBCRYPT.dll 2.0) Multiple Remote Vulnerabilities
EB Design Pty Ltd - 'EBCRYPT.dll 2.0' Multiple Remote Vulnerabilities
ActiveKB KnowledgeBase 2.x - (catId) SQL Injection
ActiveKB KnowledgeBase 2.x - 'catId' SQL Injection
actSite 1.991 Beta - (base.php) Remote File Inclusion
actSite 1.991 Beta - 'base.php' Remote File Inclusion
GOM Player 2.1.6.3499 - (GomWeb3.dll 1.0.0.12) Remote Overflow
GOM Player 2.1.6.3499 - 'GomWeb3.dll 1.0.0.12' Remote Overflow
Media Player Classic 6.4.9 MP4 - File Stack Overflow
Microsoft Windows Media Player 6.4 MP4 - File Stack Overflow (PoC)
Nullsoft Winamp 5.32 - MP4 Tags Stack Overflow
Media Player Classic 6.4.9 - '.MP4' File Stack Overflow
Microsoft Windows Media Player 6.4 - '.MP4' File Stack Overflow (PoC)
Nullsoft Winamp 5.32 - .MP4 Tags Stack Overflow
Online Media Technologies AVSMJPEGFILE.DLL 1.1 - Remote Buffer Overflow (PoC)
Online Media Technologies 'AVSMJPEGFILE.DLL 1.1' - Remote Buffer Overflow (PoC)
AuraCMS 2.2 - (admin_users.php) Remote Add Administrator Exploit
AuraCMS 2.2 - Remote Add Administrator
IBM Domino Web Access 7.0 Upload Module - inotes6.dll Buffer Overflow
Macrovision Installshield - isusweb.dll Overwrite (SEH)
IBM Domino Web Access Upload Module - dwa7w.dll Buffer Overflow
IBM Domino Web Access 7.0 Upload Module - 'inotes6.dll' Buffer Overflow
Macrovision Installshield - 'isusweb.dll' Overwrite (SEH)
IBM Domino Web Access Upload Module - 'dwa7w.dll' Buffer Overflow
0DayDB 2.3 - 'delete id' Remote Authentication Bypass
photokron 1.7 - (update script) Remote Database Disclosure
0DayDB 2.3 - 'id' Parameter Remote Authentication Bypass
photokron 1.7 - Remote Database Disclosure
NUVICO DVR NVDV4 / PdvrAtl Module (PdvrAtl.DLL 1.0.1.25) - Buffer Overflow
Binn SBuilder - (nid) Blind SQL Injection
NUVICO DVR NVDV4 / PdvrAtl Module 'PdvrAtl.DLL 1.0.1.25' - Buffer Overflow
Binn SBuilder - 'nid' Parameter Blind SQL Injection
Xforum 1.4 - (topic) SQL Injection
Xforum 1.4 - 'topic' Parameter SQL Injection
RichStrong CMS - 'showproduct.asp cat' SQL Injection
RichStrong CMS - 'cat' Parameter SQL Injection
LulieBlog 1.0.1 - (delete id) Remote Authentication Bypass
Macrovision FlexNet - isusweb.dll DownloadAndExecute Method Exploit
FaScript FaMp3 1.0 - (show.php) SQL Injection
FaScript FaName 1.0 - (page.php) SQL Injection
FaScript FaPersian Petition - 'show.php' SQL Injection
FaScript FaPersianHack 1.0 - (show.php) SQL Injection
RTS Sentry Digital Surveillance - (CamPanel.dll 2.1.0.2) Buffer Overflow
Blog:CMS 4.2.1b - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Aria 0.99-6 - 'effect.php' Local File Inclusion
MailBee WebMail Pro 4.1 - (ASP.NET) Remote File Disclosure
LulieBlog 1.0.1 - Remote Authentication Bypass
Macrovision FlexNet - 'isusweb.dll' DownloadAndExecute Method Exploit
FaScript FaMp3 1.0 - SQL Injection
FaScript FaName 1.0 - SQL Injection
FaScript FaPersian Petition - SQL Injection
FaScript FaPersianHack 1.0 - SQL Injection
RTS Sentry Digital Surveillance - 'CamPanel.dll 2.1.0.2' Buffer Overflow
Blog:CMS 4.2.1b - SQL Injection / Cross-Site Scripting
Aria 0.99-6 - 'page' Parameter Local File Inclusion
MailBee WebMail Pro 4.1 - Remote File Disclosure
PHP-RESIDENCE 0.7.2 - 'Search' SQL Injection
PHP-RESIDENCE 0.7.2 - 'Search' Parameter SQL Injection
Digital Data Communications - (RtspVaPgCtrl) Remote Buffer Overflow
AuraCMS 1.62 - (stat.php) Remote Code Execution
Digital Data Communications - 'RtspVaPgCtrl' Class Remote Buffer Overflow
AuraCMS 1.62 - 'stat.php' Remote Code Execution
OpenBSD 4.2 - rtlabel_id2name() Local Null Pointer Dereference Denial of Service
OpenBSD 4.2 - 'rtlabel_id2name()' Local Null Pointer Dereference Dos
Toshiba Surveillance - (MeIpCamX.dll 1.0.0.4) Remote Buffer Overflow
Toshiba Surveillance - 'MeIpCamX.dll 1.0.0.4' Remote Buffer Overflow
LulieBlog 1.02 - (voircom.php id) SQL Injection
LulieBlog 1.02 - SQL Injection
Sejoong Namo ActiveSquare 6 - NamoInstaller.dll install Method Exploit
Sejoong Namo ActiveSquare 6 - 'NamoInstaller.dll' install Method Exploit
MailBee Objects 5.5 - (MailBee.dll) Remote Insecure Method Exploit
MailBee Objects 5.5 - 'MailBee.dll' Remote Insecure Method Exploit
SafeNet IPSecDrv.sys 10.4.0.12 - Local kernel Ring0 SYSTEM Exploit
Chilkat Mail ActiveX 7.8 - (ChilkatCert.dll) Insecure Method Exploit
SafeNet 'IPSecDrv.sys' 10.4.0.12 - Local kernel Ring0 SYSTEM Exploit
Chilkat Mail ActiveX 7.8 - 'ChilkatCert.dll' Insecure Method Exploit
Chilkat FTP ActiveX 2.0 - (ChilkatCert.dll) Insecure Method Exploit
Chilkat FTP ActiveX 2.0 - 'ChilkatCert.dll' Insecure Method Exploit
Sejoong Namo ActiveSquare 6 - NamoInstaller.dll ActiveX Buffer Overflow
Sejoong Namo ActiveSquare 6 - 'NamoInstaller.dll' ActiveX Buffer Overflow
Yahoo! JukeBox MediaGrid - ActiveX mediagrid.dll AddBitmap() Buffer Overflow
Yahoo! JukeBox MediaGrid - ActiveX 'mediagrid.dll' AddBitmap() Buffer Overflow
AuraCMS 2.2 - (gallery_data.php) SQL Injection
AuraCMS 2.2 - 'albums' Pramater SQL Injection
DESlock+ <= 3.2.6 - DLMFENC.sys Local Kernel Ring0 link list zero (PoC)
DESlock+ <= 3.2.6 - 'DLMFENC.sys' Local Kernel Ring0 link list zero (PoC)
DESlock+ <= 3.2.6 - DLMFDISK.sys Local kernel Ring0 SYSTEM Exploit
DESlock+ <= 3.2.6 - 'DLMFDISK.sy's Local kernel Ring0 SYSTEM Exploit
D-Link MPEG4 SHM Audio Control - (VAPGDecoder.dll 1.7.0.5) Buffer Overflow
D-Link MPEG4 SHM Audio Control - 'VAPGDecoder.dll 1.7.0.5' Buffer Overflow
KingSoft - UpdateOcx2.dll SetUninstallName() Heap Overflow (PoC)
KingSoft - 'UpdateOcx2.dll' SetUninstallName() Heap Overflow (PoC)
AuraCMS 2.2.1 - (online.php) Blind SQL Injection
AuraCMS 2.2.1 - 'X-Forwarded-For' HTTP Header Blind SQL Injection
AuraCMS 2.x - (user.php) Security Code Bypass / Add Administrator Exploit
AuraCMS 2.x - 'user.php' Security Code Bypass / Add Administrator
Real Player - rmoc3260.dll ActiveX Control Remote Code Execution
Real Player - 'rmoc3260.dll' ActiveX Control Remote Code Execution
Microsoft Works 7 - WkImgSrv.dll ActiveX Denial of Service (PoC)
Microsoft Works 7 - 'WkImgSrv.dll' ActiveX Denial of Service (PoC)
5th Avenue Shopping Cart - (category_id) SQL Injection
5th Avenue Shopping Cart - 'category_id' SQL Injection
HP Software Update - (Hpufunction.dll 4.0.0.1) Insecure Method (PoC)
HP Software Update - 'Hpufunction.dll 4.0.0.1' Insecure Method (PoC)
Microsoft Works 7 - WkImgSrv.dll ActiveX Remote Buffer Overflow
Microsoft Works 7 - 'WkImgSrv.dll' ActiveX Remote Buffer Overflow
Miniweb 2.0 - (historymonth) SQL Injection
Miniweb 2.0 - 'historymonth' Parameter SQL Injection
Admidio 1.4.8 - (getfile.php) Remote File Disclosure
Admidio 1.4.8 - 'getfile.php' Remote File Disclosure
muvee autoProducer 6.1 - (TextOut.dll) ActiveX Remote Buffer Overflow
muvee autoProducer 6.1 - 'TextOut.dll' ActiveX Remote Buffer Overflow
Deterministic Network Enhancer - dne2000.sys kernel Ring0 SYSTEM Exploit
Deterministic Network Enhancer - 'dne2000.sys' Kernel Ring0 SYSTEM Exploit
Visual Basic Enterprise Edition SP6 - vb6skit.dll Buffer Overflow (PoC)
Visual Basic Enterprise Edition SP6 - 'vb6skit.dll' Buffer Overflow (PoC)
AcmlmBoard 1.A2 - (pow) SQL Injection
AcmlmBoard 1.A2 - 'pow' SQL Injection
CMailServer 5.4.6 - (CMailCOM.dll) Remote Overwrite (SEH)
CMailServer 5.4.6 - 'CMailCOM.dll' Remote Overwrite (SEH)
AuraCMS 2.2.2 - (pages_data.php) Arbitrary Edit/Add/Delete Exploit
AuraCMS 2.2.2 - 'pages_data.php' Arbitrary Edit/Add/Delete Exploit
NCTsoft - AudFile.dll ActiveX Control Remote Buffer Overflow
NCTsoft - 'AudFile.dll' ActiveX Control Remote Buffer Overflow
ABG Blocking Script 1.0a - (abg_path) Remote File Inclusion
ABG Blocking Script 1.0a - 'abg_path' Remote File Inclusion
VMware Workstation - (hcmon.sys 6.0.0.45731) Local Denial of Service
VMware Workstation - 'hcmon.sys 6.0.0.45731' Local Denial of Service
ACG-PTP 1.0.6 - (adid) SQL Injection
ACG-PTP 1.0.6 - 'adid' SQL Injection
Microsoft Windows Media Encoder XP SP2 - wmex.dll ActiveX Buffer Overflow (MS08-053)
Microsoft Windows Media Encoder XP SP2 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053)
x10media mp3 search engine 1.5.5 - Remote File Inclusion
X10media Mp3 Search Engine 1.5.5 - Remote File Inclusion
addalink 4 - (category_id) SQL Injection
addalink 4 - 'category_id' SQL Injection
6rbScript 3.3 - (singerid) SQL Injection
6rbScript 3.3 - 'singerid' SQL Injection
DESlock+ 3.2.7 - (vdlptokn.sys) Local Denial of Service
DESlock+ 3.2.7 - 'vdlptokn.sys' Local Denial of Service
AdMan 1.1.20070907 - (campaignId) SQL Injection
AdMan 1.1.20070907 - 'campaignId' SQL Injection
Absolute Poll Manager XE 4.1 - (xlacomments.asp) SQL Injection
Absolute Poll Manager XE 4.1 - 'xlacomments.asp' SQL Injection
MW6 Datamatrix - ActiveX (Datamatrix.dll) Insecure Method Exploit
MW6 PDF417 - ActiveX (MW6PDF417.dll) Remote Insecure Method Exploit
MW6 Datamatrix - ActiveX 'Datamatrix.dll' Insecure Method Exploit
MW6 PDF417 - ActiveX 'MW6PDF417.dll' Remote Insecure Method Exploit
Article Publisher PRO 1.5 - (SQL Injection) Authentication Bypass
Article Publisher PRO 1.5 - (Authentication Bypass) SQL Injection
AJ ARTICLE - (SQL Injection) Remote Authentication Bypass
AJ ARTICLE - (Authentication Bypass) SQL Injection
Apoll 0.7b - (SQL Injection) Remote Authentication Bypass
Apoll 0.7b - (Authentication Bypass) SQL Injection
WEBBDOMAIN Petition 1.02/2.0/3.0 - (SQL Injection) Authentication Bypass
WEBBDOMAIN Polls 1.01 - (SQL Injection) Authentication Bypass
WEBBDOMAIN Petition 1.02/2.0/3.0 - (Authentication Bypass) SQL Injection
WEBBDOMAIN Polls 1.01 - (Authentication Bypass) SQL Injection
WEBBDOMAIN Webshop 1.02 - (SQL Injection) Authentication Bypass
WEBBDOMAIN Webshop 1.02 - (Authentication Bypass) SQL Injection
WEBBDOMAIN Post Card 1.02 - (SQL Injection) Authentication Bypass
WEBBDOMAIN Post Card 1.02 - (Authentication Bypass) SQL Injection
Anti-Keylogger Elite 3.3.0 - (AKEProtect.sys) Privilege Escalation
Anti-Keylogger Elite 3.3.0 - 'AKEProtect.sys' Privilege Escalation
Active Price Comparison 4 - (ProductID) Blind SQL Injection
Active Price Comparison 4 - 'ProductID' Blind SQL Injection
Active Test 2.1 - (QuizID) Blind SQL Injection
Active Test 2.1 - 'QuizID' Blind SQL Injection
EasyMail ActiveX - (emmailstore.dll 6.5.0.3) Buffer Overflow
EasyMail ActiveX - 'emmailstore.dll 6.5.0.3' Buffer Overflow
ESET Smart Security 3.0.672 - (epfw.sys) Privilege Escalation
ESET Smart Security 3.0.672 - 'epfw.sys' Privilege Escalation
PowerStrip 3.84 - (pstrip.sys) Privilege Escalation
PowerStrip 3.84 - 'pstrip.sys' Privilege Escalation
PGP Desktop 9.0.6 - (PGPwded.sys) Local Denial of Service
PGP Desktop 9.0.6 - 'PGPwded.sys' Local Denial of Service
Miniweb 2.0 - (Authentication Bypass) SQL Injection
Miniweb 2.0 - SQL Injection (Authentication Bypass)
MW6 Barcode ActiveX - (Barcode.dll) Remote Heap Overflow (PoC)
MW6 Barcode ActiveX - 'Barcode.dll' Remote Heap Overflow (PoC)
A Better Member-Based ASP Photo Gallery - (entry) SQL Injection
A Better Member-Based ASP Photo Gallery - 'entry' SQL Injection
mks_vir 9b < 1.2.0.0b297 - (mksmonen.sys) Privilege Escalation
mks_vir 9b < 1.2.0.0b297 - 'mksmonen.sys' Privilege Escalation
Morovia Barcode ActiveX 3.6.2 - (MrvBarCd.dll) Insecure Method Exploit
Morovia Barcode ActiveX 3.6.2 - 'MrvBarCd.dll' Insecure Method Exploit
CloneCD/DVD ElbyCDIO.sys < 6.0.3.2 - Privilege Escalation
CloneCD/DVD 'ElbyCDIO.sys' < 6.0.3.2 - Privilege Escalation
AdaptBB 1.0 - (topic_id) SQL Injection / Credentials Disclosure
AdaptBB 1.0 - 'topic_id' SQL Injection / Credentials Disclosure
X10Media Mp3 - Search Engine < 1.6.2 Admin Access
X10media Mp3 Search Engine < 1.6.2 Admin Access
Microsoft Media Player - (quartz.dll .mid) Denial of Service
Microsoft Media Player - 'quartz.dll .mid' Denial of Service
Microsoft Media Player - (quartz.dll .wav) Multiple Remote Denial of Service Vulnerabilities
Microsoft Media Player - 'quartz.dll .wav' Multiple Remote Denial of Service Vulnerabilities
ArcaVir 2009 < 9.4.320X.9 - (ps_drv.sys) Privilege Escalation
ArcaVir 2009 < 9.4.320X.9 - 'ps_drv.sys' Privilege Escalation
Roxio CinePlayer 3.2 - (SonicMediaPlayer.dll) Remote Buffer Overflow
Roxio CinePlayer 3.2 - 'SonicMediaPlayer.dll' Remote Buffer Overflow
Roxio CinePlayer 3.2 - (IAManager.dll) Remote Buffer Overflow (heap spray)
Roxio CinePlayer 3.2 - 'IAManager.dll' Remote Buffer Overflow (heap spray)
AdaptBB 1.0 - (forumspath) Remote File Inclusion
AdaptBB 1.0 - 'forumspath' Remote File Inclusion
Online Armor < 3.5.0.12 - (OAmon.sys) Privilege Escalation
Online Armor < 3.5.0.12 - 'OAmon.sys' Privilege Escalation
McAfee 3.6.0.608 - naPolicyManager.dll ActiveX Arbitrary Data Write
McAfee 3.6.0.608 - 'naPolicyManager.dll' ActiveX Arbitrary Data Write
DESlock+ 4.0.2 - dlpcrypt.sys Local Kernel Ring0 Code Execution
DESlock+ 4.0.2 - 'dlpcrypt.sys' Local Kernel Ring0 Code Execution
Soritong MP3 Player 1.0 - (SKIN) Local Stack Overflow (SEH)
Soritong MP3 Player 1.0 - 'SKIN' Local Stack Overflow (SEH)
Miniweb 2.0 Module Publisher - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Miniweb 2.0 Module Survey Pro - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Miniweb 2.0 Module Publisher - Blind SQL Injection / Cross-Site Scripting
Miniweb 2.0 Module Survey Pro - Blind SQL Injection / Cross-Site Scripting
TheGreenBow VPN Client - tgbvpn.sys Local Denial of Service
TheGreenBow VPN Client - 'tgbvpn.sys' Local Denial of Service
GDivX Zenith Player AviFixer Class - (fix.dll 1.0.0.1) Buffer Overflow (PoC)
GDivX Zenith Player AviFixer Class - 'fix.dll 1.0.0.1' Buffer Overflow (PoC)
Accommodation Hotel Booking Portal - (hotel_id) SQL Injection
Accommodation Hotel Booking Portal - 'hotel_id' SQL Injection
EasyMail Objects EMSMTP.DLL 6.0.1 - ActiveX Control Remote Buffer Overflow
EasyMail Objects 'EMSMTP.DLL 6.0.1' - ActiveX Control Remote Buffer Overflow
Mozilla Thunderbird 2.0.0.23 Mozilla SeaMonkey 2.0 - (jar50.dll) Null Pointer Dereference
Mozilla Thunderbird 2.0.0.23 Mozilla SeaMonkey 2.0 - 'jar50.dll' Null Pointer Dereference
Avast! 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption
Avast! 4.8.1351.0 AntiVirus - 'aswMon2.sys' Kernel Memory Corruption
SAP GUI for Windows - sapirrfc.dll ActiveX Overflow
SAP GUI for Windows - 'sapirrfc.dll' ActiveX Overflow
Authentium SafeCentral 2.6 - shdrv.sys Local kernel Ring0 SYSTEM Exploit
Authentium SafeCentral 2.6 - 'shdrv.sys' Local Kernel Ring0 SYSTEM Exploit
Microsoft Internet Explorer - iepeers.dll Use-After-Free Exploit (Metasploit)
Microsoft Internet Explorer - 'iepeers.dll' Use-After-Free Exploit (Metasploit)
Liquid XML Studio 2010 <= 8.061970 - (LtXmlComHelp8.dll) OpenFile() Remote Overflow
Liquid XML Studio 2010 <= 8.061970 - 'LtXmlComHelp8.dll' OpenFile() Remote Overflow
SAFARI APPLE 4.0.5 - (object tag) (JavaScriptCore.dll) Denial of Service (Crash)
SAFARI APPLE 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash)
Multiple Vendor librpc.dll Signedness Error - Remote Code Execution
Multiple Vendor 'librpc.dll' Signedness Error - Remote Code Execution
Micropoint ProActive Denfense Mp110013.sys 1.3.10123.0 - Privilege Escalation
Micropoint ProActive Denfense 'Mp110013.sys' 1.3.10123.0 - Privilege Escalation
iMesh 7.1.0.x - (IMWeb.dll 7.0.0.x) Remote Heap Overflow
iMesh 7.1.0.x - 'IMWeb.dll 7.0.0.x' Remote Heap Overflow
avtech software (avc781viewer.dll) ActiveX - Multiple Vulnerabilities
avtech software 'avc781viewer.dll' ActiveX - Multiple Vulnerabilities
HP Operations Manager 8.16 - (srcvw4.dll) LoadFile()/SaveFile() Remote Unicode Stack Overflow (PoC)
HP Operations Manager 8.16 - 'srcvw4.dll' LoadFile()/SaveFile() Remote Unicode Stack Overflow (PoC)
ZipGenius 6.3.1.2552 - zgtips.dll Stack Buffer Overflow
ZipGenius 6.3.1.2552 - 'zgtips.dll' Stack Buffer Overflow
Avast! 4.7 - aavmker4.sys Privilege Escalation
Avast! 4.7 - 'aavmker4.sys' Privilege Escalation
Bigant Messenger 2.52 - (AntCore.dll) RegisterCom() Remote Heap Overflow
Bigant Messenger 2.52 - 'AntCore.dll' RegisterCom() Remote Heap Overflow
Apple Safari 4.0.5 - JavaScriptCore.dll Stack Exhaustion
Apple Safari 4.0.5 - 'JavaScriptCore.dll' Stack Exhaustion
724CMS Enterprise 4.59 - (section.php) Local File Inclusion
724CMS Enterprise 4.59 - (section.php) SQL Injection
724CMS Enterprise 4.59 - 'section.php' Local File Inclusion
724CMS Enterprise 4.59 - 'section.php' SQL Injection
MiniWebsvr 0.0.10 - Directory Traversal/Listing Exploits
MiniWebsvr 0.0.10 - Directory Traversal / Listing
4Images 1.7.7 - (image_utils.php) Remote Command Execution
4Images 1.7.7 - 'image_utils.php' Remote Command Execution
CommuniCrypt Mail 1.16 - (ANSMTP.dll/AOSMTP.dll) ActiveX
CommuniCrypt Mail 1.16 - 'ANSMTP.dll/AOSMTP.dll' ActiveX
Rumba FTP Client FTPSFtp.dll 4.2.0.0 - OpenSession() Buffer Overflow
Rumba FTP Client 'FTPSFtp.dll' 4.2.0.0 - OpenSession() Buffer Overflow
Kingsoft Webshield KAVSafe.sys 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation
Kingsoft Webshield 'KAVSafe.sys' 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation
Win32 - PEB Kernel32.dll ImageBase Finder Alphanumeric Shellcode (67 bytes)
Win32 - PEB Kernel32.dll ImageBase Finder (ASCII Printable) Shellcode (49 bytes)
Win32 - PEB 'Kernel32.dll' ImageBase Finder Alphanumeric Shellcode (67 bytes)
Win32 - PEB 'Kernel32.dll' ImageBase Finder (ASCII Printable) Shellcode (49 bytes)
AdaptCMS 2.0.0 Beta - (init.php) Remote File Inclusion
AdaptCMS 2.0.0 Beta - 'init.php' Remote File Inclusion
Microsoft - MSHTML.dll CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak
Microsoft - 'MSHTML.dll' CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak
Adobe Reader 9.3.2 - (CoolType.dll) Remote Memory Corruption / Denial of Service
Adobe Reader 9.3.2 - 'CoolType.dll' Remote Memory Corruption / Denial of Service
Zemana AntiLogger AntiLog32.sys 1.5.2.755 - Privilege Escalation
Zemana AntiLogger 'AntiLog32.sys' 1.5.2.755 - Privilege Escalation
Avast! Internet Security 5.0 - aswFW.sys kernel driver IOCTL Memory Pool Corruption
Avast! Internet Security 5.0 - 'aswFW.sys' Kernel Driver IOCTL Memory Pool Corruption
QQ Computer Manager - TSKsp.sys Local Denial of Service
QQ Computer Manager - 'TSKsp.sys' Local Denial of Service
SmartCode ServerX VNC Server ActiveX 1.1.5.0 - (scvncsrvx.dll) Denial of Service
SmartCode ServerX VNC Server ActiveX 1.1.5.0 - 'scvncsrvx.dll' Denial of Service
Adobe Dreamweaver CS5 11.0 build 4909 - 'mfc90loc.dll' DLL Hijacking
Adobe Dreamweaver CS5 11.0 build 4909 - 'mfc90loc.dll' DLL Hijacking
Microsoft Vista - (fveapi.dll) BitLocker Drive Encryption API Hijacking Exploit
Microsoft Vista - 'fveapi.dll' BitLocker Drive Encryption API Hijacking Exploit
Nvidia Driver - 'nview.dll' DLL Hijacking
Nvidia Driver - 'nview.dll' DLL Hijacking
Adobe Extension Manager CS5 5.0.298 - 'dwmapi.dll' DLL Hijacking
Adobe Extension Manager CS5 5.0.298 - 'dwmapi.dll' DLL Hijacking
Corel PHOTO-PAINT X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking
Corel PHOTO-PAINT X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking
Google Earth 5.1.3535.3218 - 'quserex.dll' DLL Hijacking
Google Earth 5.1.3535.3218 - 'quserex.dll' DLL Hijacking
LeadTools ActiveX Raster Twain 16.5 - (LtocxTwainu.dll) Buffer Overflow
LeadTools ActiveX Raster Twain 16.5 - 'LtocxTwainu.dll' Buffer Overflow
Trend Micro Internet Security 2010 - ActiveX Remote Exploit (UfPBCtrl.DLL)
Trend Micro Internet Security 2010 - 'UfPBCtrl.DLL' ActiveX Remote Exploit
A-Blog 2.0 - (sources/search.php) SQL Injection
A-Blog 2.0 - 'sources/search.php' SQL Injection
Microsoft DRM Technology (msnetobj.dll) ActiveX - Multiple Vulnerabilities
Microsoft DRM Technology 'msnetobj.dll' ActiveX - Multiple Vulnerabilities
Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - (SoftekATL.dll) Buffer Overflow (PoC)
Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - 'SoftekATL.dll' Buffer Overflow (PoC)
VMware Workstation 7.1.1 - VMkbd.sys Denial of Service
VMware Workstation 7.1.1 - 'VMkbd.sys' Denial of Service
AuraCMS - 'pfd.php' SQL Injection
AuraCMS 1.62 - 'pfd.php' SQL Injection
Rising - RSNTGDI.sys Local Denial of Service
Rising - 'RSNTGDI.sys' Local Denial of Service
CA Internet Security Suite 2010 - KmxSbx.sys Kernel Pool Overflow
CA Internet Security Suite 2010 - 'KmxSbx.sys' Kernel Pool Overflow
Crystal Reports Viewer 12.0.0.549 - ActiveX Exploit (PrintControl.dll)
Crystal Reports Viewer 12.0.0.549 - 'PrintControl.dll' ActiveX Exploit
Irfanview 4.27 - JP2000.dll plugin Denial of Service
Irfanview 4.27 - 'JP2000.dll' plugin Denial of Service
Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys 2011.1.13.89 - Local Kernel Mode Denial of Service
Kingsoft AntiVirus 2011 SP5.2 'KisKrnl.sys' 2011.1.13.89 - Local Kernel Mode Denial of Service
Oracle Document Capture - empop3.dll Insecure Methods
Oracle Document Capture - 'empop3.dll' Insecure Methods
DESlock+ <= 4.1.10 - vdlptokn.sys Local Kernel Ring0 SYSTEM Exploit
DESlock+ <= 4.1.10 - 'vdlptokn.sys' Local Kernel Ring0 SYSTEM Exploit
Microsoft IIS - ISAPI w3who.dll Query String Overflow (Metasploit)
Microsoft IIS - ISAPI nsiislog.dll ISAPI POST Overflow (Metasploit)
Microsoft IIS - ISAPI FrontPage fp30reg.dll Chunked Overflow (Metasploit)
Microsoft IIS - ISAPI 'w3who.dll' Query String Overflow (Metasploit)
Microsoft IIS - ISAPI 'nsiislog.dll' ISAPI POST Overflow (Metasploit)
Microsoft IIS - ISAPI FrontPage 'fp30reg.dll' Chunked Overflow (Metasploit)
Microsoft Services - nwwks.dll (MS06-066)
Microsoft Services - 'nwwks.dll' (MS06-066)
Microsoft Services - nwapi32.dll (MS06-066)
Microsoft Services - 'nwapi32.dll' (MS06-066)
ISS - PAM.dll ICQ Parser Buffer Overflow (Metasploit)
ISS - 'PAM.dll' ICQ Parser Buffer Overflow (Metasploit)
Microsoft IIS 5.0 - WebDAV ntdll.dll Path Overflow (Metasploit)
Microsoft IIS 5.0 - WebDAV 'ntdll.dll' Path Overflow (Metasploit)
RealPlayer - ierpplug.dll ActiveX Control Playlist Name Buffer Overflow (Metasploit)
RealPlayer - 'ierpplug.dll' ActiveX Control Playlist Name Buffer Overflow (Metasploit)
Microsoft Windows Media Encoder 9 - wmex.dll ActiveX Buffer Overflow (Metasploit)
Yahoo! Messenger - YVerInfo.dll ActiveX Control Buffer Overflow (Metasploit)
Microsoft Windows Media Encoder 9 - 'wmex.dll' ActiveX Buffer Overflow (Metasploit)
Yahoo! Messenger - 'YVerInfo.dll' ActiveX Control Buffer Overflow (Metasploit)
WinDVD7 - IASystemInfo.dll ActiveX Control Buffer Overflow (Metasploit)
WinDVD7 - 'IASystemInfo.dll' ActiveX Control Buffer Overflow (Metasploit)
SonicWALL Aventail - epi.dll AuthCredential Format String (Metasploit)
SonicWALL Aventail - 'epi.dll' AuthCredential Format String (Metasploit)
BaoFeng Storm - mps.dll ActiveX OnBeforeVideoDownload Buffer Overflow (Metasploit)
BaoFeng Storm - 'mps.dll' ActiveX OnBeforeVideoDownload Buffer Overflow (Metasploit)
Ask.com Toolbar - askBar.dll ActiveX Control Buffer Overflow (Metasploit)
Ask.com Toolbar - 'askBar.dll' ActiveX Control Buffer Overflow (Metasploit)
Tumbleweed FileTransfer - vcst_eu.dll ActiveX Control Buffer Overflow (Metasploit)
Tumbleweed FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit)
RKD Software BarCodeAx.dll 4.9 - ActiveX Remote Stack Buffer Overflow (Metasploit)
RKD Software 'BarCodeAx.dll' 4.9 - ActiveX Remote Stack Buffer Overflow (Metasploit)
Juniper SSL-VPN IVE - JuniperSetupDLL.dll ActiveX Control Buffer Overflow (Metasploit)
Juniper SSL-VPN IVE - 'JuniperSetupDLL.dll' ActiveX Control Buffer Overflow (Metasploit)
RealPlayer - rmoc3260.dll ActiveX Control Heap Corruption (Metasploit)
RealPlayer - 'rmoc3260.dll' ActiveX Control Heap Corruption (Metasploit)
WebEx UCF - atucfobj.dll ActiveX NewObject Method Buffer Overflow (Metasploit)
WebEx UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit)
Winamp Ultravox Streaming Metadata (in_mp3.dll) - Buffer Overflow (Metasploit)
Winamp Ultravox Streaming Metadata 'in_mp3.dll' - Buffer Overflow (Metasploit)
DjVu - DjVu_ActiveX_MSOffice.dll ActiveX ComponentBuffer Overflow (Metasploit)
DjVu - 'DjVu_ActiveX_MSOffice.dll' ActiveX ComponentBuffer Overflow (Metasploit)
Microsoft Works 7 - WkImgSrv.dll WKsPictureInterface() ActiveX Exploit (Metasploit)
Microsoft Works 7 - 'WkImgSrv.dll' WKsPictureInterface() ActiveX Exploit (Metasploit)
AASync 2.2.1.0 - (Windows x86) Stack Buffer Overflow 'LIST' (Metasploit)
AASync 2.2.1.0 (Windows x86) - Stack Buffer Overflow 'LIST' (Metasploit)
BadBlue 2.5 - ext.dll Buffer Overflow (Metasploit)
BadBlue 2.5 - 'ext.dll' Buffer Overflow (Metasploit)
Amlibweb NetOpacs - webquery.dll Stack Buffer Overflow (Metasploit)
Amlibweb NetOpacs - 'webquery.dll' Stack Buffer Overflow (Metasploit)
Microsoft Windows Explorer 6.0.2900.5512 - (Shmedia.dll 6.0.2900.5512) AVI Preview Denial of Service (PoC)
Microsoft Windows Explorer 6.0.2900.5512 - 'Shmedia.dll 6.0.2900.5512' AVI Preview Denial of Service (PoC)
Microsoft Windows XP - afd.sys Local Kernel Denial of Service
Microsoft Windows XP - 'afd.sys' Local Kernel Denial of Service
Microsoft Visio - VISIODWG.dll DXF File Handling (Metasploit)
Microsoft Visio - 'VISIODWG.dll' .DXF File Handling (Metasploit)
Microsoft Windows 7 SP1 - mrxdav.sys WebDav Privilege Escalation (MS16-016)
Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDav Privilege Escalation (MS16-016)
GDI+ - CreateDashedPath Integer Overflow in gdiplus.dll
GDI+ - 'gdiplus.dll' CreateDashedPath Integer Overflow
Kingsoft AntiVirus 2012 KisKrnl.sys 2011.7.8.913 - Local Kernel Mode Privilege Escalation
Kingsoft AntiVirus 2012 'KisKrnl.sys' 2011.7.8.913 - Local Kernel Mode Privilege Escalation
Oracle DataDirect ODBC Drivers - HOST Attribute arsqls24.dll Stack Based Buffer Overflow (PoC)
Oracle DataDirect ODBC Drivers - HOST Attribute 'arsqls24.dll' Stack Based Buffer Overflow (PoC)
VideoLAN VLC Media Player 1.1.11 - (libav) libavcodec_plugin.dll Denial of Service
VideoLAN VLC Media Player 1.1.11 - (libav) 'libavcodec_plugin.dll' Denial of Service
HP OpenView Network Node Manager - ov.dll _OVBuildPath Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - 'ov.dll' _OVBuildPath Buffer Overflow (Metasploit)
VideoLAN VLC Media Player 1.2.0 - (libtaglib_pluggin.dll) Denial of Service
VideoLAN VLC Media Player 1.2.0 - 'libtaglib_pluggin.dll' Denial of Service
Tracker Software pdfSaver ActiveX 3.60 - (pdfxctrl.dll) Stack Buffer Overflow (SEH)
Tracker Software pdfSaver ActiveX 3.60 - 'pdfxctrl.dll' Stack Buffer Overflow (SEH)
ASUS Net4Switch - ipswcom.dll ActiveX Stack Buffer Overflow (Metasploit)
ASUS Net4Switch - 'ipswcom.dll' ActiveX Stack Buffer Overflow (Metasploit)
Quest Toad for Oracle Explain Plan Display ActiveX Control - (QExplain2.dll 6.6.1.1115) Remote File Creation / Overwrite (PoC)
Quest Toad for Oracle Explain Plan Display ActiveX Control - 'QExplain2.dll 6.6.1.1115' Remote File Creation / Overwrite (PoC)
Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control (pnllmcli.dll 7.5.304.547) SaveMiniLaunchFile() Method Remote File Creation / Overwrite (PoC)
Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control 'pnllmcli.dll 7.5.304.547' SaveMiniLaunchFile() Method Remote File Creation / Overwrite (PoC)
RealPlayer .mp4 - file handling memory Corruption
RealPlayer - '.mp4' file handling memory Corruption
D-Link DCS-5605 Network Surveillance - ActiveX Control DcsCliCtrl.dll lstrcpyW Remote Buffer Overflow
Quest InTrust 10.4.x - Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution
D-Link DCS-5605 Network Surveillance - ActiveX Control 'DcsCliCtrl.dll' lstrcpyW Remote Buffer Overflow
Quest InTrust 10.4.x - Annotation Objects ActiveX Control 'AnnotateX.dll' Uninitialized Pointer Remote Code Execution
Microsoft IIS - MDAC msadcs.dll RDS DataStub Content-Type Overflow (Metasploit)
Microsoft IIS - MDAC 'msadcs.dll' RDS DataStub Content-Type Overflow (Metasploit)
HP HP-UX 10.34 / ms Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3 - Denial of Service
HP HP-UX 10.34 / Microsoft Windows 95/NT 3.5.1 SP1/NT 3.5.1 SP2/NT 3.5.1 SP3/NT 3.5.1 SP4/NT 4.0/NT 4.0 SP1/NT 4.0 SP2/NT 4.0 SP3 - Denial of Service
MDAC 2.1.2.4202.3 / ms Win NT 4.0/SP1-6 JET/ODBC Patch and RDS Fix - Registry Key Vulnerabilities
MDAC 2.1.2.4202.3 / Microsoft Windows NT 4.0/SP1-6 JET/ODBC Patch and RDS Fix - Registry Key Vulnerabilities
AdminStudio - LaunchHelp.dll ActiveX Arbitrary Code Execution (Metasploit)
AdminStudio - 'LaunchHelp.dll' ActiveX Arbitrary Code Execution (Metasploit)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2)
Microsoft Internet Explorer 4 / Outlook 2000/5.5 - MSHTML.dll Crash
Microsoft Internet Explorer 4 / Outlook 2000/5.5 - 'MSHTML.dll' Crash
MSI - NTIOLib.sys / WinIO.sys Local Privilege Escalation
MSI - 'NTIOLib.sys' / 'WinIO.sys' Local Privilege Escalation
Working Resources BadBlue 1.7 - ext.dll Cross-Site Scripting
Working Resources BadBlue 1.7 - 'ext.dll' Cross-Site Scripting
QQPlayer 3.7.892 - m2p quartz.dll Heap Pointer Overwrite (PoC)
QQPlayer 3.7.892 - m2p 'quartz.dll' Heap Pointer Overwrite (PoC)
Microsoft Windows XP/95/98/2000/NT 4 - Riched20.dll Attribute Buffer Overflow
Microsoft Windows XP/95/98/2000/NT 4 - 'Riched20.dll' Attribute Buffer Overflow
Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (1)
Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (2)
Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (3)
Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV ntdll.dll Buffer Overflow (4)
Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (1)
Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (2)
Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (3)
Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (4)
Working Resources 1.7.x/2.15 BadBlue - ext.dll Command Execution
Working Resources 1.7.x/2.15 BadBlue - 'ext.dll' Command Execution
Microsoft Shlwapi.dll 6.0.2800.1106 - Malformed HTML Form Tag Denial of Service
Microsoft 'Shlwapi.dll' 6.0.2800.1106 - Malformed HTML Form Tag Denial of Service
Microsoft Internet Explorer 5 - Remote URLMON.dll Buffer Overflow
Microsoft Internet Explorer 5 - Remote 'URLMON.dll' Buffer Overflow
Novell NetIQ Privileged User Manager 2.3.1 - auth.dll pa_modify_accounts() Remote Code Execution
Novell NetIQ Privileged User Manager 2.3.1 - ldapagnt.dll ldapagnt_eval() Perl Code Evaluation Remote Code Execution
Novell NetIQ Privileged User Manager 2.3.1 - 'auth.dll' pa_modify_accounts() Remote Code Execution
Novell NetIQ Privileged User Manager 2.3.1 - 'ldapagnt.dll' ldapagnt_eval() Perl Code Evaluation Remote Code Execution
Microsoft Windows 2000/NT 4 Media Services - nsiislog.dll Remote Buffer Overflow
Microsoft Windows 2000/NT 4 Media Services - 'nsiislog.dll' Remote Buffer Overflow
NullSoft Winamp 2.81/2.91/3.0/3.1 - MIDI Plugin IN_MIDI.dll Track Data Size Buffer Overflow
NullSoft Winamp 2.81/2.91/3.0/3.1 - MIDI Plugin 'IN_MIDI.dll' Track Data Size Buffer Overflow
myServer 0.4.x - cgi-lib.dll Remote Buffer Overflow
myServer 0.4.x - 'cgi-lib.dll' Remote Buffer Overflow
Nvidia Install Application 2.1002.85.551 - (NVI2.dll) Unicode Buffer Overflow (PoC)
Nvidia Install Application 2.1002.85.551 - 'NVI2.dll' Unicode Buffer Overflow (PoC)
Microsoft ListBox/ComboBox Control - User32.dll Function Buffer Overrun
Microsoft ListBox/ComboBox Control - 'User32.dll' Function Buffer Overrun
Irfanview 4.33 - IMXCF.dll Plugin Code Execution
Irfanview 4.33 - 'IMXCF.dll' Plugin Code Execution
Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure
Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure
YaSoft Switch Off 2.3 - swnet.dll Remote Buffer Overflow
YaSoft Switch Off 2.3 - 'swnet.dll' Remote Buffer Overflow
Symantec Client Firewall Products 5 - SYMNDIS.SYS Driver Remote Denial of Service
Symantec Client Firewall Products 5 - 'SYMNDIS.SYS' Driver Remote Denial of Service
Panda ActiveScan 5.0 - ascontrol.dll Remote Heap Overflow
Panda ActiveScan 5.0 - ascontrol.dll Denial of Service
Panda ActiveScan 5.0 - 'ascontrol.dll' Remote Heap Overflow
Panda ActiveScan 5.0 - 'ascontrol.dll' Denial of Service
Foxit Reader 5.4.4.1128 Firefox Plugin - npFoxitReaderPlugin.dll Stack Buffer Overflow
Foxit Reader 5.4.4.1128 Firefox Plugin - 'npFoxitReaderPlugin.dll' Stack Buffer Overflow
Yahoo! Messenger 5.6 - YInsthelper.dll Multiple Buffer Overflow Vulnerabilities
Yahoo! Messenger 5.6 - 'YInsthelper.dll' Multiple Buffer Overflow Vulnerabilities
Novell Groupwise Client - gwcls1.dll ActiveX Remote Code Execution (Metasploit)
Novell Groupwise Client - 'gwcls1.dll' ActiveX Remote Code Execution (Metasploit)
F-Secure Policy Manager 5.11 - FSMSH.dll CGI Application Installation Full Path Disclosure
F-Secure Policy Manager 5.11 - 'FSMSH.dll' CGI Application Installation Full Path Disclosure
Mitsubishi MX ActiveX Component 3 - (ActUWzd.dll (WzTitle)) Remote Exploit
Mitsubishi MX ActiveX Component 3 - 'ActUWzd.dll' (WzTitle) Remote Exploit
Easy DVD Player 3.5.1 - (libav) libavcodec_plugin.dll Denial of Service
Easy DVD Player 3.5.1 - (libav) 'libavcodec_plugin.dll' Denial of Service
Nullsoft Winamp 5.0.x - Variant IN_CDDA.dll Remote Buffer Overflow
Nullsoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow
WPS Office - Wpsio.dll Stack Buffer Overflow
WPS Office - 'Wpsio.dll' Stack Buffer Overflow
AN HTTPD - CMDIS.dll Remote Buffer Overflow
AN HTTPD - 'CMDIS.dll' Remote Buffer Overflow
MiniWeb HTTP Server (build 300) - Crash (PoC)
MiniWeb HTTP Server 300 - Crash (PoC)
Sigma ISP Manager 6.6 - Sigmaweb.dll SQL Injection
Sigma ISP Manager 6.6 - 'Sigmaweb.dll' SQL Injection
SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack Based Overflow
SAS Integration Technologies Client 9.31_M1 'SASspk.dll' - Stack Based Overflow
Microsoft Windows 98SE - User32.dll Icon Handling Denial of Service
Microsoft Windows 98SE - 'User32.dll' Icon Handling Denial of Service
Oracle WebCenter Content - CheckOutAndOpen.dll ActiveX Remote Code Execution (Metasploit)
Oracle WebCenter Content - 'CheckOutAndOpen.dll' ActiveX Remote Code Execution (Metasploit)
Microsoft Visual Studio .NET - msdds.dll Remote Code Execution
Microsoft Visual Studio .NET - 'msdds.dll' Remote Code Execution
TP-Link PS110U Print Server TL - Sensitive Information Enumeration
TP-Link PS110U Print Server TL - Sensitive Information Enumeration
Novell Client 2 SP3 - nicm.sys Privilege Escalation (Metasploit)
Novell Client 2 SP3 - 'nicm.sys' Privilege Escalation (Metasploit)
StarUML - WinGraphviz.dll ActiveX Buffer Overflow
StarUML - 'WinGraphviz.dll' ActiveX Buffer Overflow
MiniWeb (Build 300) - Arbitrary File Upload (Metasploit)
MiniWeb 300 - Arbitrary File Upload (Metasploit)
Yahoo! Messenger 7.0/7.5 - jscript.dll Non-ASCII Character Denial of Service
Yahoo! Messenger 7.0/7.5 - 'jscript.dll' Non-ASCII Character Denial of Service
Microsoft PowerPoint 2003 - mso.dll PPT Processing Unspecified Code Execution
Microsoft PowerPoint 2003 - 'mso.dll' .PPT Processing Unspecified Code Execution
Agnitum Outpost Firewall 3.5.631 - FiltNT.SYS Local Denial of Service
Agnitum Outpost Firewall 3.5.631 - 'FiltNT.SYS' Local Denial of Service
Microsoft Internet Explorer 6 - IMSKDIC.dll Denial of Service
Microsoft Internet Explorer 6 - 'IMSKDIC.dll' Denial of Service
Microsoft Internet Explorer 6 - MSOE.dll Denial of Service
Microsoft Internet Explorer 6 - 'MSOE.dll' Denial of Service
Microsoft Internet Explorer 6 - TSUserEX.dll ActiveX Control Memory Corruption
Microsoft Internet Explorer 6 - 'TSUserEX.dll' ActiveX Control Memory Corruption
Computer Associates Personal Firewall 9.0 - HIPS Driver (kmxfw.sys) Privilege Escalation
Computer Associates Personal Firewall 9.0 - HIPS Driver (kmxstart.sys) Privilege Escalation
Computer Associates Personal Firewall 9.0 - HIPS Driver 'kmxfw.sys' Privilege Escalation
Computer Associates Personal Firewall 9.0 - HIPS Driver 'kmxstart.sys' Privilege Escalation
Avira Internet Security - avipbb.sys Filter Bypass / Privilege Escalation
Avira Internet Security - 'avipbb.sys' Filter Bypass / Privilege Escalation
Novell Client 4.91 - NWSPOOL.dll Remote Buffer Overflow
Novell Client 4.91 - 'NWSPOOL.dll' Remote Buffer Overflow
FortKnox Personal Firewall 9.0.305.0 / 10.0.305.0 - Kernel Driver (fortknoxfw.sys) Memory Corruption
FortKnox Personal Firewall 9.0.305.0 / 10.0.305.0 - Kernel Driver 'fortknoxfw.sys' Memory Corruption
Kerio Personal Firewall 4.3 - IPHLPAPI.dll Privilege Escalation
Kerio Personal Firewall 4.3 - 'IPHLPAPI.dll' Privilege Escalation
PrecisionID Barcode - PrecisionID_Barcode.dll ActiveX 1.9 Control Arbitrary File Overwrite
PrecisionID Barcode - 'PrecisionID_Barcode.dll' ActiveX 1.9 Control Arbitrary File Overwrite
CA Multiple Products Console Server and InoCore.dll - Remote Code Execution Vulnerabilities
CA Multiple Products Console Server and 'InoCore.dll' - Remote Code Execution Vulnerabilities
SSC DiskAccess NFS Client - DAPCNFSD.dll Stack Buffer Overflow
SSC DiskAccess NFS Client - 'DAPCNFSD.dll' Stack Buffer Overflow
Comodo Firewall 2.3.6 - CMDMon.SYS Multiple Denial of Service Vulnerabilities
Comodo Firewall 2.3.6 - 'CMDMon.SYS' Multiple Denial of Service Vulnerabilities
Microsoft Windows XP/2000 - WinMM.dll .WAV Files Remote Denial of Service
Microsoft Windows XP/2000 - 'WinMM.dll' .WAV Files Remote Denial of Service
Symantec SYMTDI.SYS Device Driver - Local Denial of Service
Symantec 'SYMTDI.SYS' Device Driver - Local Denial of Service
eSellerate SDK 3.6.5 - eSellerateControl365.dll ActiveX Control Buffer Overflow
eSellerate SDK 3.6.5 - 'eSellerateControl365.dll' ActiveX Control Buffer Overflow
NextPage LivePublish 2.02 - LPEXT.dll Cross-Site Scripting
NextPage LivePublish 2.02 - 'LPEXT.dll' Cross-Site Scripting
Sienzo Digital Music Mentor - DSKernel2.dll ActiveX Control Stack Buffer Overflow
Sienzo Digital Music Mentor - 'DSKernel2.dll' ActiveX Control Stack Buffer Overflow
Roxio CinePlayer 3.2 - SonicDVDDashVRNav.dll ActiveX Control Remote Buffer Overflow
Roxio CinePlayer 3.2 - 'SonicDVDDashVRNav.dll' ActiveX Control Remote Buffer Overflow
Dart ZipLite Compression 1.8.5.3 - DartZipLite.dll ActiveX Control Buffer Overflow
Dart ZipLite Compression 1.8.5.3 - 'DartZipLite.dll' ActiveX Control Buffer Overflow
F-Secure Policy Manager 7.00 - FSMSH.dll Remote Denial of Service
Apple Safari 3.0.1 for Windows - Corefoundation.dll Denial of Service
F-Secure Policy Manager 7.00 - 'FSMSH.dll' Remote Denial of Service
Apple Safari 3.0.1 for Windows - 'Corefoundation.dll' Denial of Service
VMware Tools 3.1 - HGFS.Sys Privilege Escalation
VMware Tools 3.1 - 'HGFS.Sys' Privilege Escalation
Microsoft Windows Kernel win32k.sys - Integer Overflow (MS13-101)
Microsoft Windows Kernel 'win32k.sys' - Integer Overflow (MS13-101)
Baidu Soba Search Bar 5.4 - BaiduBar.dll ActiveX Control Remote Code Execution
Baidu Soba Search Bar 5.4 - 'BaiduBar.dll' ActiveX Control Remote Code Execution
Microsoft Internet Explorer 5.0.1 - TBLinf32.dll ActiveX Control Remote Code Execution
Microsoft Internet Explorer 5.0.1 - 'TBLinf32.dll' ActiveX Control Remote Code Execution
Microsoft Internet Explorer 5.0.1 - Vector Markup Language VGX.dll Remote Buffer Overflow
Microsoft Internet Explorer 5.0.1 - Vector Markup Language 'VGX.dll' Remote Buffer Overflow
Yahoo! Messenger 8.1 - KDU_V32M.DLL Remote Denial of Service
Yahoo! Messenger 8.1 - 'KDU_V32M.DLL' Remote Denial of Service
BitDefender AntiVirus 2008 - bdelev.dll ActiveX Control Double-Free
BitDefender AntiVirus 2008 - 'bdelev.dll' ActiveX Control Double-Free
AkkyWareHOUSE 7-zip32.dll 4.42 - Heap Based Buffer Overflow
AkkyWareHOUSE '7-zip32.dll' 4.42 - Heap Based Buffer Overflow
Microsoft Agent agentdpv.dll ActiveX Control - Malformed URL Stack Buffer Overflow
Microsoft Agent - 'agentdpv.dll' ActiveX Control Malformed URL Stack Buffer Overflow
Macrovision SafeDisc - SecDRV.SYS Method_Neither Privilege Escalation
SpeedFan - Speedfan.sys Privilege Escalation
Macrovision SafeDisc - 'SecDRV.SYS' Method_Neither Privilege Escalation
SpeedFan - 'Speedfan.sys' Privilege Escalation
RealPlayer 10.0/10.5/11 - ierpplug.dll ActiveX Control Import Playlist Name Stack Buffer Overflow
RealPlayer 10.0/10.5/11 - 'ierpplug.dll' ActiveX Control Import Playlist Name Stack Buffer Overflow
GWExtranet 3.0 - Scp.dll Multiple HTML Injection Vulnerabilities
GWExtranet 3.0 - 'Scp.dll' Multiple HTML Injection Vulnerabilities
RealMedia RealPlayer 10.5/11 - ierpplug.dll PlayerProperty ActiveX Control Buffer Overflow
RealMedia RealPlayer 10.5/11 - 'ierpplug.dll' PlayerProperty ActiveX Control Buffer Overflow
AuraCMS 2.2 - 'lihatberita' Module 'id' Parameter SQL Injection
AuraCMS 2.2 - 'lihatberita' Module SQL Injection
Panda Internet Security/AntiVirus+Firewall 2008 - CPoint.sys Memory Corruption
Panda Internet Security/AntiVirus+Firewall 2008 - 'CPoint.sys' Memory Corruption
SAP Internet Transaction Server 6200.1017.50954.0 - Bu WGate wgate.dll ~service Parameter Cross-Site Scripting
SAP Internet Transaction Server 6200.1017.50954.0 - Bu WGate 'wgate.dll' ~service Parameter Cross-Site Scripting
Anti-Trojan Elite 4.2.1 - Atepmon.sys IOCTL Request Local Overflow
Anti-Trojan Elite 4.2.1 - 'Atepmon.sys' IOCTL Request Local Overflow
Symantec Multiple Products - Client Proxy ActiveX (CLIproxy.dll) Remote Overflow
Symantec Multiple Products - Client Proxy ActiveX 'CLIproxy.dll' Remote Overflow
Microsoft Windows XP SP3 - MQAC.sys Arbitrary Write Privilege Escalation
Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation
Microsoft Windows XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation
Microsoft Windows XP SP3 - 'BthPan.sys' Arbitrary Write Privilege Escalation
VirtualBox Guest Additions - VBoxGuest.sys Privilege Escalation (Metasploit)
VirtualBox Guest Additions - 'VBoxGuest.sys' Privilege Escalation (Metasploit)
AuraCMS 1.62 - 'pdf.php' SQL Injection
VMware Workstations 10.0.0.40273 - vmx86.sys Arbitrary Kernel Read
VMware Workstations 10.0.0.40273 - 'vmx86.sys' Arbitrary Kernel Read
Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit
Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit
Microsoft Windows 8.1 (x86/x64) - (ahcache.sys/NtApphelpCacheControl) Privilege Escalation
Microsoft Windows 8.1 (x86/x64) - 'ahcache.sys' NtApphelpCacheControl Privilege Escalation
JetAudio 8.1.3 - (Corrupted mp4) Crash (PoC)
JetAudio 8.1.3 - '.mp4' Crash (PoC)
Microsoft Windows - HTTP.sys PoC (MS15-034)
Microsoft Windows - 'HTTP.sys' PoC (MS15-034)
MS Windows (HTTP.sys) - HTTP Request Parsing Denial of Service (MS15-034)
Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034)
Microsoft Windows - CNG.SYS Kernel Security Feature Bypass PoC (MS15-052)
Microsoft Windows - 'CNG.SYS' Kernel Security Feature Bypass PoC (MS15-052)
FinePlayer 2.20 (.mp4) - Crash (PoC)
FinePlayer 2.20 - '.mp4' Crash (PoC)
Microsoft Office 2007 - wwlib.dll fcPlcfFldMom Uninitialized Heap Usage
Microsoft Office 2007 - wwlib.dll Type Confusion (MS15-081)
Microsoft Office 2007 - OGL.dll DpOutputSpanStretch::OutputSpan Out of Bounds Write (MS15-080)
Microsoft Office 2007 - mso.dll Arbitrary Free (MS15-081)
Microsoft Office 2007 - mso.dll Use-After-Free (MS15-081)
Microsoft Office 2007 - 'wwlib.dll' fcPlcfFldMom Uninitialized Heap Usage
Microsoft Office 2007 - 'wwlib.dll' Type Confusion (MS15-081)
Microsoft Office 2007 - 'OGL.dll' DpOutputSpanStretch::OutputSpan Out of Bounds Write (MS15-080)
Microsoft Office 2007 - 'mso.dll' Arbitrary Free (MS15-081)
Microsoft Office 2007 - 'mso.dll' Use-After-Free (MS15-081)
Microsoft Windows - ATMFD.DLL Out-of-Bounds Read Due to - Malformed FDSelect Offset in the CFF Table
Microsoft Windows - ATMFD.DLL Out-of-Bounds Read Due to - Malformed Name INDEX in the CFF Table
Microsoft Windows - 'ATMFD.DLL' Out-of-Bounds Read Due to - Malformed FDSelect Offset in the CFF Table
Microsoft Windows - 'ATMFD.DLL' Out-of-Bounds Read Due to - Malformed Name INDEX in the CFF Table
Microsoft Windows - ATMFD.DLL Write to Uninitialized Address Due to - Malformed CFF Table
Microsoft Windows - ATMFD.dll CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access
Microsoft Windows - ATMFD.DLL CFF table (ATMFD+0x34072 - / ATMFD+0x3407b) Invalid Memory Access
Microsoft Windows - ATMFD.dll CharString Stream Out-of-Bounds Reads
Microsoft Windows - 'ATMFD.DLL' Write to Uninitialized Address Due to - Malformed CFF Table
Microsoft Windows - 'ATMFD.dll' CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access
Microsoft Windows - 'ATMFD.DLL' CFF table (ATMFD+0x34072 - / ATMFD+0x3407b) Invalid Memory Access
Microsoft Windows - 'ATMFD.dll' CharString Stream Out-of-Bounds Reads
Microsoft Office 2007 - msxml5.dll Crash (PoC)
Microsoft Office 2007 - 'msxml5.dll' Crash (PoC)
Microsoft Office 2007 - OGL.dll ValidateBitmapInfo Bounds Check Failure (MS15-097)
Microsoft Office 2007 - 'OGL.dll' ValidateBitmapInfo Bounds Check Failure (MS15-097)
Microsoft Windows - Kernel win32k.sys Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Microsoft Windows - Kernel win32k.sys Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Microsoft Windows - Kernel 'win32k.sys' Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Microsoft Windows - Kernel 'win32k.sys' Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Microsoft Office / COM Object - els.dll DLL Planting (MS15-134)
Microsoft Office / COM Object - 'els.dll' DLL Planting (MS15-134)
Microsoft Office / COM Object - DLL Planting with comsvcs.dll Delay Load of mqrt.dll (MS15-132)
Microsoft Office / COM Object - DLL Planting with 'comsvcs.dll' Delay Load of 'mqrt.dll' (MS15-132)
Microsoft Windows devenum.dll!DeviceMoniker::Load() - Heap Corruption Buffer Underflow (MS16-007)
Microsoft Office - COM Object DLL Planting with WMALFXGFXDSP.dll (MS16-007)
Microsoft Windows = devenum.dll!DeviceMoniker::Load() Heap Corruption Buffer Underflow (MS16-007)
Microsoft Office - COM Object DLL Planting with 'WMALFXGFXDSP.dll' (MS16-007)
QuickHeal 16.00 - webssx.sys Driver Denial of Service
QuickHeal 16.00 - 'webssx.sys' Driver Denial of Service
Comodo Anti-Virus - SHFolder.dll Local Privilege Elevation Exploit
Comodo Anti-Virus - 'SHFolder.dll' Local Privilege Elevation Exploit
Microsoft Windows - Kernel ATMFD.dll OTF Font Processing Pool-Based Buffer Overflow (MS16-026)
Microsoft Windows - Kernel ATMFD.dll OTF Font Processing Stack Corruption (MS16-026)
Microsoft Windows - Kernel 'ATMFD.dll' OTF Font Processing Pool-Based Buffer Overflow (MS16-026)
Microsoft Windows - Kernel 'ATMFD.dll' OTF Font Processing Stack Corruption (MS16-026)
Hyper-V - vmswitch.sys VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow
Hyper-V - 'vmswitch.sys' VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow
Microsoft Windows - Kernel win32k.sys TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039)
Microsoft Windows - Kernel 'win32k.sys' TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039)
Adobe Flash - MP4 File Stack Corruption
Adobe Flash - .MP4 File Stack Corruption
Microsoft Windows - gdi32.dll Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055)
Microsoft Windows - gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055)
Microsoft Windows - gdi32.dll Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055)
Microsoft Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074)
Microsoft Windows - Kernel ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074)
Microsoft Windows - 'gdi32.dll' Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074)
Microsoft Windows - Kernel 'ATMFD.dll' NamedEscape 0x250C Pool Corruption (MS16-074)
VMware Virtual Machine Communication Interface (VMCI) vmci.sys - (PoC)
VMware Virtual Machine Communication Interface (VMCI) - 'vmci.sys' (PoC)
Microsoft Windows - NetAPI32.dll Code Execution (Python) (MS08-067)
Microsoft Windows - 'NetAPI32.dll' Code Execution (Python) (MS08-067)
SAP Adaptive Server Enterprise 16 - Denial of Service
SAP Adaptive Server Enterprise 16 - Denial of Service
Boonex Dolphin 7.3.2 - Authentication Bypass
SmallFTPd 1.0.3 - 'mkd' Command Denial of Service
Komfy Switch with Camera DKZ-201S/W - WiFi Password Disclosure
2016-10-27 05:01:19 +00:00
g0tmi1k
a2a80a0099
Merge pull request #57 from g0tmi1k/searchsploit
...
Note about dependencies
2016-10-26 16:45:55 +01:00
g0tmi1k
70d0496f8a
Note about dependencies
2016-10-26 16:44:58 +01:00
g0tmi1k
5834a2391c
Merge pull request #56 from g0tmi1k/searchsploit
...
Link to the SearchSploit Manual
2016-10-26 16:04:57 +01:00
g0tmi1k
c1fe53ce4b
Hardcode ${gitpath} path
2016-10-26 13:13:51 +01:00
g0tmi1k
e5938fe900
Add a link to the SearchSploit Manual
2016-10-26 13:09:02 +01:00
Offensive Security
da63ed13a1
Add --nmap flag (Reads in XML from Nmap scans)
2016-10-26 11:09:45 +00:00
g0tmi1k
f0efa2c25a
Add '--nmap' flag. Able to load from Nmap's XML output
2016-10-26 12:07:52 +01:00
g0tmi1k
9a1da54ee2
Add more comments in
2016-10-26 12:07:20 +01:00
g0tmi1k
bd3cac3bb6
Escape slashes if using '-t'
2016-10-26 12:06:57 +01:00
Offensive Security
f1ca42d762
DB: 2016-10-26
...
1 new exploits
WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow
WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow (Python)
WarFTP 1.65 - (USER) Remote Buffer Overflow SEH Overflow
WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow (Perl)
Apple QuickTime 7.2/7.3 - RTSP Response Remote Overwrite (SEH) (PoC)
Apple QuickTime 7.2/7.3 - RTSP Response Remote Overwrite (SEH)
Apple QuickTime 7.2/7.3 - RTSP Response Universal Exploit (Internet Explorer 7 / Firefox / Opera)
Apple QuickTime 7.2/7.3 (Internet Explorer 7 / Firefox / Opera) - RTSP Response Universal Exploit
PHP-CON 1.3 - (include.php) Remote File Inclusion
PHP-CON 1.3 - 'include.php' Remote File Inclusion
RealPlayer 11 - Malformed AU File Denial of Service
RealPlayer 11 - '.au' Denial of Service
VideoLAN VLC Media Player 0.86 < 0.86d - ActiveX Remote Bad Pointer Initialization (PoC)
VideoLAN VLC Media Player 0.86 < 0.86d - ActiveX Remote Bad Pointer Initialization
Nullsoft Winamp 5.32 - MP4 tags Stack Overflow
Nullsoft Winamp 5.32 - MP4 Tags Stack Overflow
viart cms/shop/helpdesk 3.3.2 - Remote File Inclusion
ViArt CMS/Shop/Helpdesk 3.3.2 - Remote File Inclusion
Samba 3.0.27a - send_mailslot() Remote Buffer Overflow (PoC)
Samba 3.0.27a - send_mailslot() Remote Buffer Overflow
Horde Web-Mail 3.x - (go.php) Remote File Disclosure
CuteNews 1.1.1 - (html.php) Remote Code Execution
Horde Web-Mail 3.x - 'go.php' Remote File Disclosure
CuteNews 1.1.1 - 'html.php' Remote Code Execution
TUTOS 1.3 - (cmd.php) Remote Command Execution
TUTOS 1.3 - 'cmd.php' Remote Command Execution
PHP Webquest 2.6 - (id_actividad) SQL Injection
Move Networks Quantum Streaming Player - Overwrite (SEH)
Gateway Weblaunch - ActiveX Control Insecure Method Exploit
PHP Webquest 2.6 - 'id_actividad' Parameter SQL Injection
Move Networks Quantum Streaming Player - SEH Overflow
Gateway Weblaunch - ActiveX Control Insecure Method
Microsoft FoxServer - (vfp6r.dll 6.0.8862.0) ActiveX Command Execution
Microsoft Rich Textbox Control 6.0 - (SP6) SaveFile() Insecure Method
Microsoft FoxServer - 'vfp6r.dll 6.0.8862.0' ActiveX Command Execution
Microsoft Rich Textbox Control 6.0-SP6 - 'SaveFile()' Insecure Method
McAfee E-Business Server - Remote Unauthenticated Code Execution / Denial of Service (PoC)
McAfee E-Business Server 8.5.2 - Remote Unauthenticated Code Execution / Denial of Service (PoC)
Microsoft Visual InterDev 6.0 - (SP6) .sln File Local Buffer Overflow
Microsoft Visual InterDev 6.0-SP6 - '.sln' Local Buffer Overflow
StreamAudio ChainCast ProxyManager - ccpm_0237.dll Buffer Overflow
StreamAudio ChainCast ProxyManager - 'ccpm_0237.dll' Buffer Overflow
XnView 1.92.1 - Slideshow (FontName) Buffer Overflow
XnView 1.92.1 - (FontName) Slideshow Buffer Overflow
Phaos R4000 Version (file) - Remote File Disclosure
Phaos R4000 Version - 'file' Remote File Disclosure
ASPPortal Free Version (Topic_Id) - SQL Injection
ASPPortal Free Version - 'Topic_Id' SQL Injection
Alibaba Clone Tritanium Version (news_desc.html) - SQL Injection
Alibaba Clone Tritanium Version - 'news_desc.html' SQL Injection
XnView 1.97.4 - MBM File Remote Heap Buffer Overflow
XnView 1.97.4 - '.MBM' File Remote Heap Buffer Overflow
Fortigate OS Version 4.x < 5.0.7 - SSH Backdoor
Fortigate OS 4.x < 5.0.7 - SSH Backdoor
Network Scanner Version 4.0.0.0 - SEH Crash (PoC)
Network Scanner 4.0.0.0 - SEH Crash (PoC)
Ruby on Rails - Dynamic Render File Upload Remote Code Execution
Ruby on Rails - Dynamic Render File Upload / Remote Code Execution
Network Scanner 4.0.0 - SEH Local Buffer Overflow
2016-10-26 05:01:17 +00:00
Offensive Security
8330920f32
DB: 2016-10-25
...
4 new exploits
ATutor 1.5.3.1 - (links) Blind SQL Injection
ATutor 1.5.3.1 - 'links' Blind SQL Injection
Mihalism Multi Host 2.0.7 - download.php Remote File Disclosure
Mihalism Multi Host 2.0.7 - 'download.php' Remote File Disclosure
IBM Domino Web Access Upload Module - inotes6.dll Buffer Overflow
IBM Domino Web Access 7.0 Upload Module - inotes6.dll Buffer Overflow
WebPortal CMS 0.6.0 - (index.php m) SQL Injection
WebPortal CMS 0.6.0 - 'index.php' SQL Injection
samPHPweb - 'db.php commonpath' Remote File Inclusion
samPHPweb 4.2.2 - 'db.php' Remote File Inclusion
samPHPweb - 'songinfo.php' SQL Injection
samPHPweb 4.2.2 - 'songinfo.php' SQL Injection
ATutor 1.6.1-pl1 - (import.php) Remote File Inclusion
ATutor 1.6.1-pl1 - 'import.php' Remote File Inclusion
The Matt Wright Guestbook.pl 2.3.1 - Server Side Include
The Matt Wright Guestbook.pl 2.3.1 - Server-Side Include
html2ps - 'include file' Server Side Include Directive Directory Traversal
html2ps - 'include file' Server-Side Include Directive Directory Traversal
ClanSphere 2011.3 - (cs_lang cookie Parameter) Local File Inclusion
ClanSphere 2011.3 - 'cs_lang' Cookie Parameter Local File Inclusion
Imatix Xitami 2.5 - Server Side Includes Cross-Site Scripting
Imatix Xitami 2.5 - Server-Side Includes Cross-Site Scripting
Flatnux CMS 2013-01.17 - (index.php theme Parameter) Local File Inclusion
Flatnux CMS 2013-01.17 - 'index.php' Local File Inclusion
Network Weathermap 0.97a - (editor.php) Persistent Cross-Site Scripting
Network Weathermap 0.97a - 'editor.php' Persistent Cross-Site Scripting
ATutor 1.4.3 - browse.php show_course Parameter Cross-Site Scripting
ATutor 1.4.3 - contact.php subject Parameter Cross-Site Scripting
ATutor 1.4.3 - content.php cid Parameter Cross-Site Scripting
ATutor 1.4.3 - send_message.php l Parameter Cross-Site Scripting
ATutor 1.4.3 - search.php Multiple Parameter Cross-Site Scripting
ATutor 1.4.3 - inbox/index.php view Parameter Cross-Site Scripting
ATutor 1.4.3 - tile.php Multiple Parameter Cross-Site Scripting
ATutor 1.4.3 - subscribe_forum.php us Parameter Cross-Site Scripting
ATutor 1.4.3 - Directory.php Multiple Parameter Cross-Site Scripting
ATutor 1.4.3 - 'browse.php' show_course Parameter Cross-Site Scripting
ATutor 1.4.3 - 'contact.php' subject Parameter Cross-Site Scripting
ATutor 1.4.3 - 'content.php' cid Parameter Cross-Site Scripting
ATutor 1.4.3 - 'send_message.php' l Parameter Cross-Site Scripting
ATutor 1.4.3 - 'search.php' Multiple Parameter Cross-Site Scripting
ATutor 1.4.3 - 'inbox/index.php' view Parameter Cross-Site Scripting
ATutor 1.4.3 - 'tile.php' Multiple Parameter Cross-Site Scripting
ATutor 1.4.3 - 'subscribe_forum.php' us Parameter Cross-Site Scripting
ATutor 1.4.3 - 'Directory.php' Multiple Parameter Cross-Site Scripting
Cuppa CMS - 'alertConfigField.php urlConfig Parameter' Remote / Local File Inclusion
Cuppa CMS - 'alertConfigField.php' Remote / Local File Inclusion
Novell Zenworks Mobile Device Managment - Local File Inclusion (Metasploit)
Novell Zenworks Mobile Device Managment 2.6.1 / 2.7.0 - Local File Inclusion (Metasploit)
Weathermap 0.97c - (editor.php mapname Parameter) Local File Inclusion
Weathermap 0.97c - 'mapname' Parameter Local File Inclusion
ATutor 1.5.1 - password_reminder.php SQL Injection
ATutor 1.5.1 - 'password_reminder.php' SQL Injection
ATutor 1.x - forum.inc.php Arbitrary Command Execution
ATutor 1.x - body_header.inc.php section Parameter Local File Inclusion
ATutor 1.x - print.php section Parameter Remote File Inclusion
ATutor 1.x - 'forum.inc.php' Arbitrary Command Execution
ATutor 1.x - 'body_header.inc.php' section Parameter Local File Inclusion
ATutor 1.x - 'print.php' section Parameter Remote File Inclusion
ATutor 1.5.x - create_course.php Multiple Parameter Cross-Site Scripting
ATutor 1.5.x - documentation/admin/index.php Cross-Site Scripting
ATutor 1.5.x - password_reminder.php forgot Parameter Cross-Site Scripting
ATutor 1.5.x - users/browse.php cat Parameter Cross-Site Scripting
ATutor 1.5.x - 'create_course.php' Multiple Parameter Cross-Site Scripting
ATutor 1.5.x - 'documentation/admin/index.php' Cross-Site Scripting
ATutor 1.5.x - 'password_reminder.php' forgot Parameter Cross-Site Scripting
ATutor 1.5.x - 'users/browse.php' cat Parameter Cross-Site Scripting
Zimbra - Privilegie Escalation (via Local File Inclusion)
Zimbra 2009-2013 - Local File Inclusion
Zimbra Collaboration Server - Local File Inclusion (Metasploit)
Zimbra Collaboration Server 7.2.2 / 8.0.2 - Local File Inclusion (Metasploit)
Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA - (browse.php file Parameter) Local File Inclusion
Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA - 'browse.php' Local File Inclusion
Cart Engine 3.0.0 - (task.php) Local File Inclusion
Cart Engine 3.0.0 - 'task.php' Local File Inclusion
Kemana Directory 1.5.6 - (run Parameter) Local File Inclusion
Kemana Directory 1.5.6 - 'task.php' Local File Inclusion
Railo - Remote File Inclusion (Metasploit)
Railo 4.2.1 - Remote File Inclusion (Metasploit)
LittleSite 0.1 - 'file' Parameter Local File Inclusion
LittleSite 0.1 - 'index.php' Local File Inclusion
OSClass 3.4.1 - (index.php file Parameter) Local File Inclusion
OSClass 3.4.1 - 'index.php' Local File Inclusion
Magento Server MAGMI Plugin - Remote File Inclusion
Magento Server MAGMI Plugin 0.7.17a - Remote File Inclusion
Cacti Superlinks Plugin 1.4-2 - Remote Code Execution (via Local File Inclusion + SQL Injection)
Cacti Superlinks Plugin 1.4-2 - SQL Injection / Local File Inclusion
Lotus Mail Encryption Server (Protector for Mail) - Local File Inclusion to Remote Code Execution (Metasploit)
Lotus Mail Encryption Server 2.1.0.1 (Protector for Mail) - Local File Inclusion to Remote Code Execution (Metasploit)
u5CMS 3.9.3 - (thumb.php) Local File Inclusion
u5CMS 3.9.3 - 'thumb.php' Local File Inclusion
openSIS - 'modname' Parameter Local File Inclusion
ATutor - 'tool_file' Parameter Local File Inclusion
openSIS 5.1 - 'ajax.php' Local File Inclusion
ATutor 2.1 - 'tool_file' Parameter Local File Inclusion
Fork CMS - 'file' Parameter Local File Inclusion
Fork CMS - 'js.php' Local File Inclusion
HP Insight Diagnostics - Local File Inclusion
HP Insight Diagnostics 9.4.0.4710 - Local File Inclusion
phpVibe - Information Disclosure / Remote File Inclusion
phpVibe 3.1 - Information Disclosure / Remote File Inclusion
CakePHP - AssetDispatcher Class Local File Inclusion
CakePHP 2.2.8 / 2.3.7 - AssetDispatcher Class Local File Inclusion
TomatoCart - 'install/rpc.php' Local File Inclusion
TomatoCart 1.1.8.2 - 'class' Parameter Local File Inclusion
NeoBill - /install/index.php language Parameter Traversal Local File Inclusion
NeoBill 0.9-alpha - 'language' Parameter Local File Inclusion
iScripts AutoHoster - /websitebuilder/showtemplateimage.php tmpid Parameter Traversal Local File Inclusion
iScripts AutoHoster - /admin/downloadfile.php fname Parameter Traversal Local File Inclusion
iScripts AutoHoster - /support/admin/csvdownload.php id Parameter Traversal Local File Inclusion
iScripts AutoHoster - 'tmpid' Parameter Local File Inclusion
iScripts AutoHoster - 'fname' Parameter Local File Inclusion
iScripts AutoHoster - 'id' Parameter Local File Inclusion
AFCommerce - /afcontrol/adblock.php rootpathtocart Parameter Remote File Inclusion
AFCommerce - /afcontrol/adminpassword.php rootpathtocart Parameter Remote File Inclusion
AFCommerce - /afcontrol/controlheader.php rootpathtocart Parameter Remote File Inclusion
AFCommerce - 'adblock.php' Remote File Inclusion
AFCommerce - 'adminpassword.php' Remote File Inclusion
AFCommerce - 'controlheader.php' Remote File Inclusion
xBoard - 'post' Parameter Local File Inclusion
xBoard 5.0 / 5.5 / 6.0 - 'view.php' Local File Inclusion
BloofoxCMS - /admin/include/inc_settings_editor.php fileurl Parameter Local File Inclusion
BloofoxCMS 0.5.0 - 'fileurl' Parameter Local File Inclusion
Rips Scanner 0.5 - (code.php) Local File Inclusion
Rips Scanner 0.5 - 'code.php' Local File Inclusion
MeiuPic - 'ctl' Parameter Local File Inclusion
MeiuPic 2.1.2 - 'ctl' Parameter Local File Inclusion
qEngine - 'run' Parameter Local File Inclusion
qEngine 4.1.6 / 6.0.0 - 'task.php' Local File Inclusion
WordPress Plugin BookX - 'includes/bookx_export.php' Local File Inclusion
WordPress Plugin BookX 1.7 - 'bookx_export.php' Local File Inclusion
Alfresco - /proxy endpoint Parameter Server Side Request Forgery
Alfresco - /cmisbrowser url Parameter Server Side Request Forgery
Alfresco - /proxy endpoint Parameter Server-Side Request Forgery
Alfresco - /cmisbrowser url Parameter Server-Side Request Forgery
CMSimple - Remote file Inclusion
CMSimple 4.4.4 - Remote file Inclusion
VoipSwitch - 'action' Parameter Local File Inclusion
VoipSwitch - 'user.php' Local File Inclusion
Concrete5 5.7.3.1 - (Application::dispatch) Local File Inclusion
Concrete5 5.7.3.1 - 'Application::dispatch' Method Local File Inclusion
Axis Communications MPQT/PACS 5.20.x - Server Side Include (SSI) Daemon Remote Format String
Axis Communications MPQT/PACS 5.20.x - Server-Side Include (SSI) Daemon Remote Format String
vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery
vBulletin 5.2.2 - Unauthenticated Server-Side Request Forgery
Orange Inventel LiveBox 5.08.3-sp - Cross-Site Request Forgery
Microsoft Windows (x86) - 'NDISTAPI' Privilege Escalation (MS11-062)
EC-CUBE 2.12.6 - Server-Side Request Forgery
Industrial Secure Routers EDR-810 / EDR-G902 / EDR-G903 - Insecure Configuration Management
2016-10-25 05:01:17 +00:00
Offensive Security
e380b207ce
DB: 2016-10-24
...
1 new exploits
dhclient 4.1 - Bash Environment Variable Command Injection PoC (Shellshock)
dhclient 4.1 - Bash Environment Variable Command Injection (PoC) (Shellshock)
Viscomsoft Calendar Active-X 2.0 - Multiple Crash PoCs
Viscomsoft Calendar Active-X 2.0 - Multiple Crashes (PoC)
Microsoft Excel 2010 - Crash PoC (2)
Microsoft Excel 2010 - Crash (PoC) (2)
Android 5.0 <= 5.1.1 - Stagefright .MP4 tx3g Integer Overflow (Metasploit)
Android 5.0 <= 5.1.1 - 'Stagefright' .MP4 tx3g Integer Overflow (Metasploit)
The Unarchiver 3.11.1 - '.tar.Z' Crash PoC
The Unarchiver 3.11.1 - '.tar.Z' Crash (PoC)
Microsoft Edge - Function.apply Infomation Leak (MS16-119)
Microsoft Edge - 'Function.apply' Information Leak (MS16-119)
Hak5 WiFi Pineapple - Preconfiguration Command Injection (Metasploit)
Hak5 WiFi Pineapple 2.4 - Preconfiguration Command Injection (Metasploit)
Zenbership 107 - Multiple Vulnerabilities
2016-10-24 05:01:19 +00:00
Offensive Security
6cd9390ff2
DB: 2016-10-23
2016-10-23 05:01:19 +00:00
Offensive Security
506182d72d
DB: 2016-10-22
...
7 new exploits
RealSecure / Blackice - iss_pam1.dll Remote Overflow
RealSecure / Blackice - 'iss_pam1.dll' Remote Overflow
Wireshark 1.2.10 - (airpcap.dll) DLL Hijacking Exploit
Wireshark 1.2.10 - 'airpcap.dll' DLL Hijacking
Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking Exploit
Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking
uTorrent 2.0.3 - (plugin_dll.dll) DLL Hijacking Exploit
Microsoft Windows Live Email - 'dwmapi.dll' DLL Hijacking Exploit
uTorrent 2.0.3 - 'plugin_dll.dll' DLL Hijacking
Microsoft Windows Live Email - 'dwmapi.dll' DLL Hijacking
Mozilla Firefox 3.6.8 - (dwmapi.dll) DLL Hijacking Exploit
Microsoft Windows Movie Maker 2.6.4038.0 - (hhctrl.ocx) DLL Hijacking Exploit
Opera 10.61 - DLL Hijacking Exploit (dwmapi.dll)
Microsoft Windows 7 - wab.exe DLL Hijacking Exploit (wab32res.dll)
TeamViewer 5.0.8703 - (dwmapi.dll) DLL Hijacking Exploit
Adobe Dreamweaver CS4 - 'ibfs32.dll' DLL Hijacking Exploit
Microsoft Visio 2003 - 'mfc71enu.dll' DLL Hijacking Exploit
Microsoft Address Book 6.00.2900.5512 - (wab32res.dll) DLL Hijacking Exploit
Microsoft Office Groove 2007 - 'mso.dll' DLL Hijacking Exploit
TeamMate Audit Management Software Suite - 'mfc71enu.dll' DLL Hijacking Exploit
Mozilla Firefox 3.6.8 - 'dwmapi.dll' DLL Hijacking
Microsoft Windows Movie Maker 2.6.4038.0 - 'hhctrl.ocx' DLL Hijacking
Opera 10.61 - 'dwmapi.dll' DLL Hijacking
Microsoft Windows 7 - 'wab32res.dll' wab.exe DLL
TeamViewer 5.0.8703 - 'dwmapi.dll' DLL Hijacking
Adobe Dreamweaver CS4 - 'ibfs32.dll' DLL Hijacking
Microsoft Visio 2003 - 'mfc71enu.dll' DLL Hijacking
Microsoft Address Book 6.00.2900.5512 - 'wab32res.dll' DLL Hijacking
Microsoft Office Groove 2007 - 'mso.dll' DLL Hijacking
TeamMate Audit Management Software Suite - 'mfc71enu.dll' DLL Hijacking
BS.Player 2.56 build 1043 - (mfc71loc.dll) DLL Hijacking Exploit
Adobe Dreamweaver CS5 11.0 build 4909 - DLL Hijacking Exploit (mfc90loc.dll)
Adobe Photoshop CS2 - 'Wintab32.dll' DLL Hijacking Exploit
BS.Player 2.56 build 1043 - 'mfc71loc.dll' DLL Hijacking
Adobe Dreamweaver CS5 11.0 build 4909 - 'mfc90loc.dll' DLL Hijacking
Adobe Photoshop CS2 - 'Wintab32.dll' DLL Hijacking
Avast! 5.0.594 - (mfc90loc.dll) License Files DLL Hijacking Exploit
Avast! 5.0.594 - 'mfc90loc.dll' License Files DLL Hijacking
VideoLAN VLC Media Player - 'wintab32.dll' DLL Hijacking Exploit
VideoLAN VLC Media Player - 'wintab32.dll' DLL Hijacking
Roxio Photosuite 9 - 'homeutils9.dll' DLL Hijacking Exploit
Safari 5.0.1 - DLL Hijacking Exploit (dwmapi.dll)
InterVideo WinDVD 5 - 'cpqdvd.dll' DLL Hijacking Exploit
Microsoft Internet Connection Signup Wizard - 'smmscrpt.dll' DLL Hijacking Exploit
Adobe Device Central CS5 - 'qtcf.dll' DLL Hijacking Exploit
Ettercap NG-0.7.3 - (wpcap.dll) DLL Hijacking Exploit
Microsoft Group Convertor - 'imm.dll' DLL Hijacking Exploit
Roxio Photosuite 9 - 'homeutils9.dll' DLL Hijacking
Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking
InterVideo WinDVD 5 - 'cpqdvd.dll' DLL Hijacking
Microsoft Internet Connection Signup Wizard - 'smmscrpt.dll' DLL Hijacking
Adobe Device Central CS5 - 'qtcf.dll' DLL Hijacking
Ettercap NG-0.7.3 - 'wpcap.dll' DLL Hijacking
Microsoft Group Convertor - 'imm.dll' DLL Hijacking
TechSmith Snagit 10 (Build 788) - 'dwmapi.dll' DLL Hijacking Exploit
MediaPlayer Classic 1.3.2189.0 - DLL Hijacking Exploit (iacenc.dll)
Skype 4.2.0.169 - (wab32.dll) DLL Hijacking Exploit
TechSmith Snagit 10 (Build 788) - 'dwmapi.dll' DLL Hijacking
MediaPlayer Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking
Skype 4.2.0.169 - 'wab32.dll' DLL Hijacking
Roxio Creator DE - 'HomeUtils9.dll' DLL Hijacking Exploit
Nvidia Driver - DLL Hijacking Exploit (nview.dll)
Adobe Premier Pro CS4 - 'ibfs32.dll' DLL Hijacking Exploit
Adobe On Location CS4 - 'ibfs32.dll' DLL Hijacking Exploit
Adobe Illustrator CS4 - 'aires.dll' DLL Hijacking Exploit
Cisco Packet Tracer 5.2 - (wintab32.dll) DLL Hijacking Exploit
Adobe InDesign CS4 - 'ibfs32.dll' DLL Hijacking Exploit
Roxio Creator DE - 'HomeUtils9.dll' DLL Hijacking
Nvidia Driver - 'nview.dll' DLL Hijacking
Adobe Premier Pro CS4 - 'ibfs32.dll' DLL Hijacking
Adobe On Location CS4 - 'ibfs32.dll' DLL Hijacking
Adobe Illustrator CS4 - 'aires.dll' DLL Hijacking
Cisco Packet Tracer 5.2 - 'wintab32.dll' DLL Hijacking
Adobe InDesign CS4 - 'ibfs32.dll' DLL Hijacking
Microsoft Windows Contacts - 'wab32res.dll' DLL Hijacking Exploit
Microsoft Windows Internet Communication Settings - 'schannel.dll' DLL Hijacking Exploit
Roxio MyDVD 9 - 'HomeUtils9.dll' DLL Hijacking Exploit
Microsoft PowerPoint 2007 - 'rpawinet.dll' DLL Hijacking Exploit
Mozilla Thunderbird - DLL Hijacking Exploit (dwmapi.dll)
Adobe Extension Manager CS5 5.0.298 - DLL Hijacking Exploit (dwmapi.dll)
Adobe ExtendedScript Toolkit CS5 3.5.0.52 - DLL Hijacking Exploit (dwmapi.dll)
CorelDRAW X3 13.0.0.576 - DLL Hijacking Exploit (crlrib.dll)
Corel PHOTO-PAINT X3 13.0.0.576 - DLL Hijacking Exploit (crlrib.dll)
Media Player Classic 6.4.9.1 - (iacenc.dll) DLL Hijacking Exploit
Nullsoft Winamp 5.581 - DLL Hijacking Exploit (wnaspi32.dll)
Google Earth 5.1.3535.3218 - DLL Hijacking Exploit (quserex.dll)
Daemon Tools Lite - 'mfc80loc.dll' DLL Hijacking Exploit
Microsoft Windows Contacts - 'wab32res.dll' DLL Hijacking
Microsoft Windows Internet Communication Settings - 'schannel.dll' DLL Hijacking
Roxio MyDVD 9 - 'HomeUtils9.dll' DLL Hijacking
Microsoft PowerPoint 2007 - 'rpawinet.dll' DLL Hijacking
Mozilla Thunderbird - 'dwmapi.dll' DLL Hijacking
Adobe Extension Manager CS5 5.0.298 - 'dwmapi.dll' DLL Hijacking
Adobe ExtendedScript Toolkit CS5 3.5.0.52 - 'dwmapi.dll' DLL Hijacking
CorelDRAW X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking
Corel PHOTO-PAINT X3 13.0.0.576 - 'crlrib.dll' DLL Hijacking
Media Player Classic 6.4.9.1 - 'iacenc.dll' DLL Hijacking
Nullsoft Winamp 5.581 - 'wnaspi32.dll' DLL Hijacking
Google Earth 5.1.3535.3218 - 'quserex.dll' DLL Hijacking
Daemon Tools Lite - 'mfc80loc.dll' DLL Hijacking
Autodesk AutoCAD 2007 - 'color.dll' DLL Hijacking Exploit
Autodesk AutoCAD 2007 - 'color.dll' DLL Hijacking
Microsoft Edge - Array.map Heap Overflow (MS16-119)
Microsoft Edge - 'Array.map' Heap Overflow (MS16-119)
Microsoft Edge - Array.join Info Leak (MS16-119)
Microsoft Edge - 'Array.join' Infomation Leak (MS16-119)
Adobe Flash - Transform.colorTranform Getter Info Leak
Adobe Flash - Transform.colorTranform Getter Infomation Leak
Windows DFS Client Driver - Arbitrary Drive Mapping Privilege Escalation (MS16-123)
Windows DeviceApi CMApi - PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124)
Windows DeviceApi CMApi - User Hive Impersonation Privilege Escalation (MS16-124)
Microsoft Windows - DFS Client Driver Arbitrary Drive Mapping Privilege Escalation (MS16-123)
Microsoft Windows - DeviceApi CMApi PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124)
Microsoft Windows - DeviceApi CMApi User Hive Impersonation Privilege Escalation (MS16-124)
Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120)
Windows win32k.sys - TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120)
Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124)
Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123)
Microsoft Edge - Function.apply Info Leak (MS16-119)
Microsoft Windows - 'win32k.sys' TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120)
Microsoft Windows - 'win32k.sys' TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120)
Microsoft Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124)
Microsoft Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123)
Microsoft Edge - Function.apply Infomation Leak (MS16-119)
Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118)
Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118)
Microsoft Windows Edge/Internet Explorer - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118)
Microsoft Windows Edge/Internet Explorer - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' Race Condition Privilege Escalation (Write Access)
Just Dial Clone Script - SQL Injection
FreePBX 10.13.66 - Remote Command Execution / Privilege Escalation
RealPlayer 18.1.5.705 - '.QCP' Crash (PoC)
Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' Race Condition Privilege Escalation (SUID)
Oracle VM VirtualBox 4.3.28 - '.ovf' Crash (PoC)
TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock)
2016-10-22 05:01:17 +00:00
Offensive Security
07fdc778ee
DB: 2016-10-21
...
24 new exploits
NetAuctionHelp 4.1 - search.asp SQL Injection
Apple Mac OSX 10.4.11 2007-008 - i386_set_ldt System Call Local Arbitrary Code Execution
Microsoft Edge - Array.map Heap Overflow (MS16-119)
Microsoft Jet Database Engine - '.MDB' File Parsing Remote Buffer Overflow
Microsoft Edge - Array.join Info Leak (MS16-119)
Windows DeviceApi CMApi PiCMOpenDeviceKey - Arbitrary Registry Key Write Privilege Escalation (MS16-124)
Windows DeviceApi CMApi - PiCMOpenDeviceKey Arbitrary Registry Key Write Privilege Escalation (MS16-124)
HikVision Security Systems - Activex Buffer Overflow
Oracle Netbeans IDE 8.1 - Directory Traversal
MiCasa VeraLite - Remote Code Execution
Oracle BI Publisher 11.1.1.6.0 / 11.1.1.7.0 / 11.1.1.9.0 / 12.2.1.0.0 - XML External Entity Injection
Classifieds Rental Script - SQL Injection
SAP NetWeaver KERNEL 7.0 < 7.5 - Denial of Service
SAP Adaptive Server Enterprise 16 - Denial of Service
Event Calendar PHP 1.5 - SQL Injection
SPIP 3.1.2 Template Compiler/Composer - PHP Code Execution
SPIP 3.1.1 / 3.1.2 - File Enumeration / Path Traversal
SPIP 3.1.2 - Cross-Site Request Forgery
Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds Read (MS16-120)
Windows win32k.sys - TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120)
Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124)
Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123)
Microsoft Edge - Function.apply Info Leak (MS16-119)
Microsoft Edge - Spread Operator Stack Overflow (MS16-119)
Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118)
Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118)
Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124)
Hak5 WiFi Pineapple - Preconfiguration Command Injection (Metasploit)
OpenNMS - Java Object Unserialization Remote Code Execution (Metasploit)
2016-10-21 05:01:17 +00:00
Offensive Security
77b46b2163
DB: 2016-10-20
...
13 new exploits
PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow (PoC)
PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow
PHP FFI Extension 5.0.5 - Local Safe_mode Bypass Exploit
PHP FFI Extension 5.0.5 - Local Safe_mode Bypass
PHP 5.2.0 (Windows x86) - (PHP_iisfunc.dll) Local Buffer Overflow (PoC)
PHP 5.2.0 (Windows x86) - (PHP_iisfunc.dll) Local Buffer Overflow
Wireshark < 0.99.5 - DNP3 Dissector Infinite Loop Exploit
Wireshark < 0.99.5 - DNP3 Dissector Infinite Loop
Apple QuickTime < 7.2 - SMIL Remote Integer Overflow (PoC)
Apple QuickTime < 7.2 - SMIL Remote Integer Overflow
Mercury/32 4.52 IMAPD - SEARCH command Authenticated Overflow
Mercury/32 4.52 IMAPD - SEARCH Command Authenticated Overflow
Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow (PoC)
Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow
Integramod nederland 1.4.2 - Remote File Inclusion
Integramod Nederland 1.4.2 - Remote File Inclusion
CNDSOFT 2.3 - Cross-Site Request Forgery / Arbitrary File Upload
NETGATE Registry Cleaner build 16.0.205 - Unquoted Service Path Privilege Escalation
NETGATE Registry Cleaner 16.0.205 - Unquoted Service Path Privilege Escalation
NETGATE AMITI Antivirus build 23.0.305 - Unquoted Service Path Privilege Escalation
NETGATE AMITI Antivirus 23.0.305 - Unquoted Service Path Privilege Escalation
The Unarchiver 3.11.1 - '.tar.Z' Crash PoC
XhP CMS 0.5.1 - Cross-Site Request Forgery / Persistent Cross-Site Scripting
IObit Advanced SystemCare 10.0.2 - Unquoted Service Path Privilege Escalation
Intel(R) Management Engine Components 8.0.1.1399 - Unquoted Service Path Privilege Escalation
Lenovo RapidBoot HDD Accelerator 1.00.0802 - Unquoted Service Path Privilege Escalation
Lenovo Slim USB Keyboard 1.09 - Unquoted Service Path Privilege Escalation
Vembu StoreGrid 4.0 - Unquoted Service Path Privilege Escalation
Lenovo ThinkVantage Communications Utility 3.0.42.0 - Unquoted Service Path Privilege Escalation
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed 15.1.0.0096 - Unquoted Service Path Privilege Escalation
Intel(R) PROSet/Wireless WiFi Software 15.01.1000.0927 - Unquoted Service Path Privilege Escalation
PDF Complete 4.1.12 Corporate Edition - Unquoted Service Path Privilege Escalation
Realtek High Definition Audio Driver 6.0.1.6730 - Unquoted Service Path Privilege Escalation
2016-10-20 05:01:17 +00:00
Offensive Security
557f116d02
DB: 2016-10-19
...
8 new exploits
TikiWiki 1.9 Sirius - (jhot.php) Remote Command Execution
TikiWiki 1.9 Sirius - 'jhot.php' Remote Command Execution
TikiWiki 1.9.5 Sirius - (sort_mode) Information Disclosure
TikiWiki 1.9.5 Sirius - 'sort_mode' Information Disclosure
TikiWiki 1.9.8 - tiki-graph_formula.php Command Execution
TikiWiki 1.9.8 - 'tiki-graph_formula.php' Command Execution
TikiWiki < 1.9.9 - tiki-listmovies.php Directory Traversal
TikiWiki < 1.9.9 - 'tiki-listmovies.php' Directory Traversal
TikiWiki Project 1.8 - tiki-switch_theme.php theme Parameter Cross-Site Scripting
TikiWiki Project 1.8 - img/wiki_up Arbitrary File Upload
TikiWiki Project 1.8 - tiki-map.phtml Traversal Arbitrary File / Directory Enumeration
TikiWiki Project 1.8 - 'tiki-switch_theme.php' theme Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'img/wiki_up' Arbitrary File Upload
TikiWiki Project 1.8 - 'tiki-map.phtml' Traversal Arbitrary File / Directory Enumeration
TikiWiki Project 1.8 - categorize.php Direct Request Full Path Disclosure
TikiWiki Project 1.8 - messu-mailbox.php Multiple Parameter Cross-Site Scripting
TikiWiki Project 1.8 - messu-read.php Multiple Parameter Cross-Site Scripting
TikiWiki Project 1.8 - tiki-read_article.php articleId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - tiki-browse_categories.php parentId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - tiki-index.php comments_threshold Parameter Cross-Site Scripting
TikiWiki Project 1.8 - tiki-print_article.php articleId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - tiki-list_file_gallery.php galleryID Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'categorize.php' Direct Request Full Path Disclosure
TikiWiki Project 1.8 - 'messu-mailbox.php' Multiple Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'messu-read.php' Multiple Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'tiki-read_article.php' articleId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'tiki-browse_categories.php' parentId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'tiki-index.php' comments_threshold Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'tiki-print_article.php' articleId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'tiki-list_file_gallery.php' galleryID Parameter Cross-Site Scripting
TikiWiki Project 1.8 - tiki-upload_file.php galleryID Parameter Cross-Site Scripting
TikiWiki Project 1.8 - tiki-view_faq.php faqId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - tiki-view_chart.php chartId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - tiki-usermenu.php sort_mode Parameter SQL Injection
TikiWiki Project 1.8 - tiki-list_file_gallery.php sort_mode Parameter SQL Injection
TikiWiki Project 1.8 - 'tiki-upload_file.php' galleryID Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'tiki-view_faq.php' faqId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'tiki-view_chart.php' chartId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'tiki-usermenu.php' sort_mode Parameter SQL Injection
TikiWiki Project 1.8 - 'tiki-list_file_gallery.php' sort_mode Parameter SQL Injection
Symantec pcAnywhere 12.5.0 Windows (x86) - Remote Code Execution
Symantec pcAnywhere 12.5.0 (Windows x86) - Remote Code Execution
Microsoft Windows (x86) - 'afd.sys' Privilege Escalation (MS11-046)
Pluck CMS 4.7.3 - Cross-Site Request Forgery (Add Page)
LanSpy 2.0.0.155 - Local Buffer Overflow
ManageEngine ServiceDesk Plus 9.2 Build 9207 - Unauthorized Information Disclosure
Cgiemail 1.6 - Source Code Disclosure
Windows DFS Client Driver - Arbitrary Drive Mapping Privilege Escalation (MS16-123)
Windows DeviceApi CMApi PiCMOpenDeviceKey - Arbitrary Registry Key Write Privilege Escalation (MS16-124)
Windows DeviceApi CMApi - User Hive Impersonation Privilege Escalation (MS16-124)
2016-10-19 05:01:18 +00:00
Offensive Security
558ab1fc67
DB: 2016-10-18
...
24 new exploits
Entrepreneur Job Portal Script - SQL Injection
Entrepreneur Job Portal Script 2.06 - SQL Injection
NETGATE Registry Cleaner build 16.0.205 - Unquoted Service Path Privilege Escalation
HP Client - Automation Command Injection / Remote Code Execution
HP Client 9.1/9.0/8.1/7.9 - Command Injection
NO-IP DUC v4.1.1 - Unquoted Service Path Privilege Escalation
NO-IP DUC 4.1.1 - Unquoted Service Path Privilege Escalation
Wondershare PDFelement 5.2.9 - Unquoted Service Path Privilege Escalation
Firefox 49.0.1 - Denial of Service
Graylog Collector 0.4.2 - Unquoted Service Path Privilege Escalation
NETGATE AMITI Antivirus build 23.0.305 - Unquoted Service Path Privilege Escalation
NETGATE Data Backup build 3.0.605 - Unquoted Service Path Privilege Escalation
Student Information System (SIS) 0.1 - Authentication Bypass
Web Based Alumni Tracking System 0.1 - SQL Injection
Simple Dynamic Web 0.1 - SQL Injection
Learning Management System 0.1 - Authentication Bypass
Fashion Shopping Cart 0.1 - SQL Injection
Health Record System 0.1 - Authentication Bypass
Windows x64 - WinExec() Shellcode (93 bytes)
Spy Emergency 23.0.205 - Unquoted Service Path Privilege Escalation
PHP Telephone Directory - Multiple Vulnerabilities
Subrion CMS 4.0.5 - Cross-Site Request Forgery Bypass / Persistent Cross-Site Scripting
PHP Image Database - Multiple Vulnerabilities
Simple Shopping Cart Application 0.1 - SQL Injection
PHP NEWS 1.3.0 - Cross-Site Request Forgery (Add Admin)
School Full CBT 0.1 - SQL Injection
PHP Business Directory - Multiple Vulnerabilities
Windows x86 - Keylogger Reverse UDP Shellcode (493 bytes)
Ruby on Rails - Dynamic Render File Upload Remote Code Execution
Microsoft Windows Diagnostics Hub - DLL Load Privilege Escalation (MS16-125)
2016-10-18 05:01:18 +00:00
Offensive Security
113ab3e40e
DB: 2016-10-15
...
4 new exploits
Open-Xchange App Suite 7.8.2 - Cross Site Scripting
Open-Xchange App Suite 7.8.2 - Cross-Site Scripting
Open-Xchange Guard 2.4.2 - Multiple Cross Site Scripting
Open-Xchange Guard 2.4.2 - Multiple Cross-Site Scripting
Vifi Radio v1 - Cross-Site Request Forgery
Vifi Radio 1.0 - Cross-Site Request Forgery
b374k Web Shell - Cross-Site Request Forgery / Command Injection
b374k Web Shell 3.2.3 / 2.8 - Cross-Site Request Forgery / Command Injection
PHP Press Release - Stored Cross Site Scripting
PHP Press Release - Persistent Cross-Site Scripting
ApPHP MicroBlog 1.0.2 - Stored Cross Site Scripting
ApPHP MicroBlog 1.0.2 - Persistent Cross-Site Scripting
ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting
OpenCimetiere v3.0.0-a5 - Blind SQL Injection
ApPHP MicroCMS 3.9.5 - Persistent Cross-Site Scripting
OpenCimetiere 3.0.0-a5 - Blind SQL Injection
Colorful Blog - Stored Cross Site Scripting
Colorful Blog - Persistent Cross-Site Scripting
Simple Forum PHP 2.4 - SQL Injection
Simple Forum PHP 2.4 - Cross-Site Request Forgery (Edit Options)
NO-IP DUC v4.1.1 - Unquoted Service Path Privilege Escalation
YouTube Automated CMS 1.0.7 - Cross-Site Request Forgery / Persistent Cross-Site Scripting
2016-10-15 05:01:17 +00:00
Offensive Security
f49abcf00f
DB: 2016-10-14
...
13 new exploits
Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit)
Linux Kernel 4.6.3 - 'Netfilter' Privilege Escalation (Metasploit)
ASLDRService ATK Hotkey 1.0.69.0 - Unquoted Service Path Privilege Escalation
Thatware 0.4.6 - SQL Injection
InsOnSrv Asus InstantOn 2.3.1.1 - Unquoted Service Path Privilege Escalation
Simple Blog PHP 2.0 - Multiple Vulnerabilities
Simple Blog PHP 2.0 - SQL Injection
Linux Kernel (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (Access /etc/shadow)
Linux Kernel (Ubuntu 14.04.3) - 'perf_event_open()' Can Race with execve() (Access /etc/shadow)
Simple PHP Blog 0.8.4 - (Add Admin) Cross-Site Request Forgery
Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin)
miniblog 1.0.1 - (Add New Post) Cross-Site Request Forgery
miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post)
PHP Press Release - (Add Admin) Cross-Site Request Forgery
PHP Press Release - Cross-Site Request Forgery (Add Admin)
Maian Weblog 4.0 - (Add New Post) Cross-Site Request Forgery
Spacemarc News - (Add New Post) Cross-Site Request Forgery
Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post)
Spacemarc News - Cross-Site Request Forgery (Add New Post)
BirdBlog 1.4.0 - (Add New Post) Cross-Site Request Forgery
phpEnter 4.2.7 - (Add New Post) Cross-Site Request Forgery
BirdBlog 1.4.0 - Cross-Site Request Forgery (Add New Post)
phpEnter 4.2.7 - Cross-Site Request Forgery (Add New Post)
ApPHP MicroBlog 1.0.2 - (Add New Author) Cross-Site Request Forgery
ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)
ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery
ApPHP MicroCMS 3.9.5 - Cross-Site Request Forgery (Add Admin)
ATKGFNEXSrv ATKGFNEX 1.0.11.1 - Unquoted Service Path Privilege Escalation
VOX Music Player 2.8.8 - '.pls' Denial of Service
IObit Malware Fighter 4.3.1 - Unquoted Service Path Privilege Escalation
Colorful Blog - Stored Cross Site Scripting
Colorful Blog - Cross-Site Request Forgery (Change Admin Password)
Hotspot Shield 6.0.3 - Unquoted Service Path Privilege Escalation
RSS News AutoPilot Script 1.0.1 / 3.1.0 - Admin Panel Authentication Bypass
JonhCMS 4.5.1 - SQL Injection
2016-10-14 05:01:16 +00:00
Offensive Security
01eb066d9d
DB: 2016-10-13
...
11 new exploits
IBM AIX 5.2/5.3 FTP Client - Local Buffer Overflow
Yahoo! Widgets Engine 4.0.3 - YDPCTL.dll ActiveX Control Buffer Overflow
Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin)
Simple PHP Blog 0.8.4 - (Add Admin) Cross-Site Request Forgery
miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post)
miniblog 1.0.1 - (Add New Post) Cross-Site Request Forgery
PHP Press Release - Cross-Site Request Forgery (Add Admin)
PHP Press Release - (Add Admin) Cross-Site Request Forgery
Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post)
Spacemarc News - Cross-Site Request Forgery (Add New Post)
Minecraft Launcher - Insecure File Permissions Privilege Escalation
Maian Weblog 4.0 - (Add New Post) Cross-Site Request Forgery
Spacemarc News - (Add New Post) Cross-Site Request Forgery
Minecraft Launcher 1.6.61 - Insecure File Permissions Privilege Escalation
sheed AntiVirus - Unquoted Service Path Privilege Escalation
AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities
sheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation
AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities
Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit)
Linux Kernel 3.13.1 - 'Recvmmsg' Privilege Escalation (Metasploit)
ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)
ApPHP MicroBlog 1.0.2 - (Add New Author) Cross-Site Request Forgery
Subversion 1.6.6 / 1.6.12 - Code Execution
Cisco Webex Player T29.10 - '.WRF' Use-After-Free Memory Corruption
Cisco Webex Player T29.10 - '.ARF' Out-of-Bounds Memory Corruption
Adobe Flash Player 23.0.0.162 - '.SWF' ConstantPool Critical Memory Corruption
Categorizator 0.3.1 - SQL Injection
NetBilletterie 2.8 - Multiple Vulnerabilities
ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting
OpenCimetiere v3.0.0-a5 - Blind SQL Injection
Android - Binder Generic ASLR Leak
ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery
2016-10-13 05:01:17 +00:00
Offensive Security
f8b17d14a1
DB: 2016-10-12
...
12 new exploits
Linux Kernel 4.6.2 (Ubuntu 16.04.1) - IP6T_SO_SET_REPLACE Privilege Escalation
Linux Kernel 4.6.2 (Ubuntu 16.04.1) - 'IP6T_SO_SET_REPLACE' Privilege Escalation
Spacemarc News - Cross-Site Request Forgery (Add New Post)
Minecraft Launcher - Insecure File Permissions Privilege Escalation
BirdBlog 1.4.0 - (Add New Post) Cross-Site Request Forgery
phpEnter 4.2.7 - (Add New Post) Cross-Site Request Forgery
sheed AntiVirus - Unquoted Service Path Privilege Escalation
AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities
RSA Enterprise Compromise Assessment Tool 4.1.0.1 - XML External Entity Injection
Android - 'gpsOneXtra' Data Files Denial of Service
Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit)
Allwinner 3.4 Legacy Kernel - Local Privilege Escalation (Metasploit)
ApPHP MicroBlog 1.0.2 - Stored Cross Site Scripting
ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)
2016-10-12 05:01:17 +00:00
Offensive Security
a3dbf3113e
DB: 2016-10-11
...
9 new exploits
ShoreTel Connect ONSITE - Blind SQL Injection
Leap Service - Unquoted Service Path Privilege Escalation
Wacom Consumer Service - Unquoted Service Path Privilege Escalation
Foxit Cloud Update Service - Unquoted Service Path Privilege Escalation
Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation
Linux Kernel 4.6.2 (Ubuntu 16.04.1) - IP6T_SO_SET_REPLACE Privilege Escalation
Zend Studio IDE 13.5.1 - Insecure File Permissions Privilege Escalation
HP Client - Automation Command Injection / Remote Code Execution
Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post)
2016-10-11 05:01:15 +00:00
Offensive Security
8ea4614148
DB: 2016-10-10
...
4 new exploits
miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post)
Fitbit Connect Service - Unquoted Service Path Privilege Escalation
PHP Press Release - Cross-Site Request Forgery (Add Admin)
PHP Press Release - Stored Cross Site Scripting
2016-10-10 05:01:16 +00:00
Offensive Security
cda049fa54
DB: 2016-10-08
...
4 new exploits
MLM Unilevel Plan Script v1.0.2 - SQL Injection
MLM Unilevel Plan Script 1.0.2 - SQL Injection
Comodo Dragon Browser - Unquoted Service Path Privilege Escalation
Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation
Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin)
Entrepreneur Job Portal Script - SQL Injection
BlueStacks 2.5.55 - Unquoted Service Path Privilege Escalation
Waves Audio Service - Unquoted Service Path Privilege Escalation
2016-10-08 05:01:18 +00:00
Offensive Security
cd9e638108
DB: 2016-10-07
...
12 new exploits
phpBB 2.0.10 - Remote Command Execution (CGI)
Advance MLM Script - SQL Injection
Picosafe Web Gui - Multiple Vulnerabilities
Witbe - Remote Code Execution
PHP Classifieds Rental Script - Blind SQL Injection
B2B Portal Script - Blind SQL Injection
MLM Unilevel Plan Script v1.0.2 - SQL Injection
Just Dial Clone Script - SQL Injection
Comodo Dragon Browser - Unquoted Service Path Privilege Escalation
Billion Router 7700NR4 - Remote Command Execution
Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation
Exagate WEBPack Management System - Multiple Vulnerabilities
2016-10-07 05:01:18 +00:00
Offensive Security
5fbed83086
DB: 2016-10-06
...
10 new exploits
Cisco Firepower Threat Management Console 6.0.1 - Hard-Coded MySQL Credentials
Bind 9 DNS Server - Denial of Service
ISC BIND 9 - Denial of Service
Cisco Firepower Threat Management Console 6.0.1 - Local File Inclusion
Cisco Firepower Threat Management Console 6.0.1 - Remote Command Execution
VX Search Enterprise 9.0.26 - Buffer Overflow
Sync Breeze Enterprise 8.9.24 - Buffer Overflow
Dup Scout Enterprise 9.0.28 - Buffer Overflow
Disk Sorter Enterprise 9.0.24 - Buffer Overflow
Disk Savvy Enterprise 9.0.32 - Buffer Overflow
Abyss Web Server X1 2.11.1 - Unquoted Service Path Privilege Escalation
Fortitude HTTP 1.0.4.0 - Unquoted Service Path Privilege Escalation
2016-10-06 05:01:22 +00:00
Offensive Security
77681134f4
DB: 2016-10-05
...
3 new exploits
CS-Cart 1.3.3 - (classes_dir) Remote File Inclusion
CS-Cart 1.3.3 - 'classes_dir' Remote File Inclusion
E-SMARTCART 1.0 - (Product_ID) SQL Injection
E-Smart Cart 1.0 - 'Product_ID' SQL Injection
E-SMART CART - 'productsofcat.asp' SQL Injection
E-Smart Cart - 'productsofcat.asp' SQL Injection
CS-Cart 2.0.0 Beta 3 - (Product_ID) SQL Injection
CS-Cart 2.0.0 Beta 3 - 'Product_ID' SQL Injection
E-Smartcart - SQL Injection
E-Smart Cart - SQL Injection
CubeCart PHP (shipkey parameter) 4.3.x - SQL Injection
CubeCart PHP 4.3.x - 'shipkey' SQL Injection
CS Cart 1.3.3 - (install.php) Cross-Site Scripting
CS-Cart 1.3.3 - 'install.php' Cross-Site Scripting
dansie shopping cart 3.0.4 - Multiple Vulnerabilities
Dansie Shopping Cart 3.0.4 - Multiple Vulnerabilities
Sendmail 8.11.6 - Address Prescan Memory Corruption
Joomla! Component RSfiles (cid parameter) - SQL Injection
Joomla! Component RSfiles - (cid parameter) SQL Injection
Dovecot with Exim sender_address Parameter - Remote Command Execution
Dovecot with Exim - sender_address Parameter Remote Command Execution
Exim sender_address Parameter - Remote Code Execution
Exim - sender_address Parameter Remote Code Execution
PHP 4.x/5.0/5.1 with Sendmail Mail Function additional_parameters - Argument Arbitrary File Creation
PHP 4.x/5.0/5.1 with Sendmail Mail Function - additional_parameters Argument Arbitrary File Creation
Simplog 0.9.3 BlogID Parameter - Multiple SQL Injections
Simplog 0.9.3 - BlogID Parameter Multiple SQL Injections
E-SMART CART - 'Members Login' Multiple SQL Injection Vulnerabilities
E-Smart Cart - 'Members Login' Multiple SQL Injection Vulnerabilities
MW6 Technologies Aztec ActiveX (Data parameter) - Buffer Overflow
MW6 Technologies Datamatrix - ActiveX (Data Parameter) - Buffer Overflow
MW6 Technologies MaxiCode ActiveX (Data parameter) - Buffer Overflow
MW6 Technologies Aztec ActiveX - (Data parameter) Buffer Overflow
MW6 Technologies Datamatrix ActiveX - (Data Parameter) - Buffer Overflow
MW6 Technologies MaxiCode ActiveX - (Data parameter) Buffer Overflow
WordPress Plugin Recipes Blog 'id' Parameter - SQL Injection
WordPress Plugin Recipes Blog - 'id' Parameter SQL Injection
Le Forum 'Fichier_Acceuil' Parameter - Remote File Inclusion
Le Forum - 'Fichier_Acceuil' Parameter Remote File Inclusion
eFront 3.6.14.4 (surname parameter) - Persistent Cross-Site Scripting
eFront 3.6.14.4 - (surname parameter) Persistent Cross-Site Scripting
WordPress Plugin Safe Search 'v1' Parameter - Cross-Site Scripting
WordPress Plugin Safe Search - 'v1' Parameter Cross-Site Scripting
WordPress Plugin Twitter Feed 'url' Parameter - Cross-Site Scripting
WordPress Plugin Twitter Feed - 'url' Parameter Cross-Site Scripting
WordPress Plugin GD Star Rating 'votes' Parameter - SQL Injection
WordPress Plugin GD Star Rating - 'votes' Parameter SQL Injection
AJ Classifieds 'listingid' Parameter - SQL Injection
AJ Classifieds - 'listingid' Parameter SQL Injection
PHP Prior to 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities
PHP < 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities
Opera Web Browser Prior to 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities
Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities
Bind 9 DNS Server - Denial of Service
Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - 'snd-usb-audio' Crash (PoC)
Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - 'iowarrior' Driver Crash (PoC)
Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'snd-usb-audio' Crash (PoC)
Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'iowarrior' Driver Crash (PoC)
OpenCart 2.1.0.2 to 2.2.0.0 - json_decode Function Remote Code Execution
OpenCart 2.1.0.2 < 2.2.0.0 - json_decode Function Remote Code Execution
Disk Pulse Enterprise 9.0.34 - Buffer Overflow
2016-10-05 05:01:18 +00:00
Offensive Security
d9bdc2e376
DB: 2016-10-04
...
7 new exploits
maplab ms4w 2.2.1 - Remote File Inclusion
MapLab MS4W 2.2.1 - Remote File Inclusion
Gimp 2.2.14 (Windows x86) - '.ras' Download/Execute Buffer Overflow
Gimp 2.2.14 (Win x86) - '.ras' Download/Execute Buffer Overflow
Grandsteam GXV3611_HD - SQL Injection
Glassfish Server - Unquoted Service Path Privilege Escalation
Windows Firewall Control - Unquoted Service Path Privilege Escalation
Android - Insufficient Binder Message Verification Pointer Leak
DWebPro 8.4.2 - Multiple Vulnerabilities
Apache Tomcat 8/7/6 (Debian-Based Distros) - Privilege Escalation
Street Fighter 5 - 'Capcom.sys' Kernel Execution (Metasploit)
2016-10-04 05:01:17 +00:00
Offensive Security
2963ce32a0
DB: 2016-10-01
...
1 new exploits
Netgear Genie 2.4.32 - Unquoted Service Path Elevation of Privilege
2016-10-01 05:01:16 +00:00
Offensive Security
fa1b17f699
DB: 2016-09-30
...
1 new exploits
Microsoft Windows - RPC DCOM Remote Exploit (18 Targets)
Microsoft Windows - 'RPC DCOM' Remote Exploit (48 Targets)
Microsoft Windows - 'RPC DCOM' Remote Exploit (1)
Microsoft Windows - 'RPC DCOM' Remote Exploit (2)
Microsoft Windows - 'RPC DCOM' Remote Exploit (Universal Targets)
Microsoft Windows - 'RPC DCOM' Remote Exploit (Universal)
Microsoft Windows 2000/XP - RPC Remote (non exec memory) Exploit
Microsoft Windows 2000/XP - RPC Remote (Non Exec Memory) Exploit
LimeWire 4.1.2 < 4.5.6 - Inappropriate Get Request Remote Exploit
LimeWire 4.1.2 < 4.5.6 - Inappropriate GET Request Remote Exploit
PMSoftware Simple Web Server - (GET Request) Remote Buffer Overflow
PMSoftware Simple Web Server - GET Request Remote Buffer Overflow
CUPS Server 1.1 - (Get Request) Denial of Service
CUPS Server 1.1 - GET Request Denial of Service
BlueCoat WinProxy 6.0 R1c - (GET Request) Denial of Service
BlueCoat WinProxy 6.0 R1c - GET Request Denial of Service
TFTPD32 2.81 - (GET Request) Format String Denial of Service (PoC)
TFTPD32 2.81 - GET Request Format String Denial of Service (PoC)
Fenice Oms 1.10 - (long get request) Remote Buffer Overflow
Fenice Oms 1.10 - Long GET Request Remote Buffer Overflow
Multi-Threaded TFTP 1.1 - (Long Get Request) Denial of Service
Multi-Threaded TFTP 1.1 - Long GET Request Denial of Service
Essentia Web Server 2.15 - (GET Request) Remote Denial of Service
Essentia Web Server 2.15 - GET Request Remote Denial of Service
webdesproxy 0.0.1 - (GET Request) Remote Buffer Overflow
webdesproxy 0.0.1 - GET Request Remote Buffer Overflow
webdesproxy 0.0.1 - (GET Request) Remote Root Exploit (exec-shield)
webdesproxy 0.0.1 - GET Request Remote Root Exploit (exec-shield)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (dnsname)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow
Netgear WGR614v9 - Wireless Router Get Request Denial of Service
Netgear WGR614v9 Wireless Router - GET Request Denial of Service
XBMC 8.10 - (GET Requests) Multiple Remote Buffer Overflow (PoC)
XBMC 8.10 (Windows) - (GET Request) Remote Buffer Overflow
XBMC 8.10 - GET Requests Multiple Remote Buffer Overflow (PoC)
XBMC 8.10 (Windows) - GET Request Remote Buffer Overflow
httpdx 0.5b FTP Server - (USER) Remote Buffer Overflow (SEH)
httpdx 0.5b - FTP Server (USER) Remote Buffer Overflow (SEH)
Zervit Web Server 0.04 - (GET Request) Remote Buffer Overflow (PoC)
Mereo 1.8.0 - (Get Request) Remote Denial of Service
Zervit Web Server 0.04 - GET Request Remote Buffer Overflow (PoC)
Mereo 1.8.0 - GET Request Remote Denial of Service
httpdx 0.5b FTP Server - (CWD) Remote Buffer Overflow (SEH)
httpdx 0.5b - FTP Server (CWD) Remote Buffer Overflow (SEH)
httpdx 0.8 FTP Server - Delete/Get/Create Directories/Files Exploit
httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit
ARD-9808 DVR Card Security Camera - (GET Request) Remote Denial of Service
ARD-9808 DVR Card Security Camera - GET Request Remote Denial of Service
Kolibri+ WebServer 2 - (Get Request) Denial of Service
Kolibri+ WebServer 2 - GET Request Denial of Service
Kolibri+ WebServer 2 - (GET Request) Remote Overwrite (SEH)
Kolibri+ WebServer 2 - GET Request Remote Overwrite (SEH)
httpdx Web Server 1.4 - (Host Header) Remote Format String Denial of Service
httpdx 1.4 - HTTP Server (Host Header) Remote Format String Denial of Service
httpdx 1.4 - Get Request Buffer Overflow
httpdx 1.4 - GET Request Buffer Overflow
Httpdx 1.5.4 - Multiple Denial of Service Vulnerabilities (http-ftp) (PoC)
httpdx 1.5.4 - Multiple Denial of Service Vulnerabilities (http-ftp) (PoC)
HTTPDX - tolog() Function Format String (1)
httpdx - tolog() Function Format String (1)
HTTPDX - tolog() Function Format String (2)
httpdx - tolog() Function Format String (2)
HTTPDX - h_handlepeer() Function Buffer Overflow (Metasploit)
httpdx - h_handlepeer() Function Buffer Overflow (Metasploit)
glibc LD_AUDIT Arbitrary DSO - Load Privilege Escalation
glibc - LD_AUDIT Arbitrary DSO Load Privilege Escalation
Xi Graphics Maximum CDE 1.2.3 & TriTeal TED CDE 4.3 & Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)
Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)
httpdx 1.5.4 - Remote HTTP Server Denial of Service
httpdx 1.5.4 - HTTP Server Remote Denial of Service
Working Resources BadBlue 1.7.3 - Get Request Denial of Service
Working Resources BadBlue 1.7.3 - GET Request Denial of Service
KeepNote 0.7.8 - Command Execution
My Web Server 1.0.1/1.0.2 - Long Get Request Denial of Service
My Web Server 1.0.1/1.0.2 - Long GET Request Denial of Service
Snowblind Web Server 1.0/1.1 - (GET Request) Buffer Overflow
Snowblind Web Server 1.0/1.1 - GET Request Buffer Overflow
Proxomitron Proxy Server - Long Get Request Remote Denial of Service
Proxomitron Proxy Server - Long GET Request Remote Denial of Service
2016-09-30 05:01:16 +00:00
Offensive Security
d86bdf5f80
DB: 2016-09-29
...
2 new exploits
Symantec Messaging Gateway 10.6.1 - Directory Traversal
VLC Media Player 2.2.1 - Buffer Overflow
2016-09-29 05:01:16 +00:00
Offensive Security
f421077feb
DB: 2016-09-28
...
6 new exploits
UUCP Exploit - file creation/overwriting (symlinks)
UUCP Exploit - File Creation/Overwriting (symlinks) Exploit
Serv-U 3.x < 5.x - Privilege Escalation
Serv-U FTP Server 3.x < 5.x - Privilege Escalation
TiTan FTP Server - Long Command Heap Overflow (PoC)
Titan FTP Server - Long Command Heap Overflow (PoC)
Serv-U < 5.2 - Remote Denial of Service
Serv-U FTP Server < 5.2 - Remote Denial of Service
chesapeake tftp server 1.0 - Directory Traversal / Denial of Service (PoC)
Chesapeake TFTP Server 1.0 - Directory Traversal / Denial of Service (PoC)
Serv-U 4.x - 'site chmod' Remote Buffer Overflow
Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow
WS_FTP Server 5.03 - (RNFR) Buffer Overflow
Ipswitch WS_FTP Server 5.03 - (RNFR) Buffer Overflow
TYPSoft FTP Server 1.11 - (RETR) Denial of Service
TYPSoft FTP Server 1.11 - 'RETR' Denial of Service
XM Easy Personal FTP Server 1.0 - (Port) Remote Overflow (PoC)
XM Easy Personal FTP Server 1.0 - 'Port' Remote Overflow (PoC)
XM Easy Personal FTP Server 4.3 - (USER) Remote Buffer Overflow (PoC)
XM Easy Personal FTP Server 4.3 - 'USER' Remote Buffer Overflow (PoC)
XM Easy Personal FTP Server 5.0.1 - (Port) Remote Overflow (PoC)
XM Easy Personal FTP Server 5.0.1 - 'Port' Remote Overflow (PoC)
WinFtp Server 2.0.2 - (PASV) Remote Denial of Service
WinFTP Server 2.0.2 - (PASV) Remote Denial of Service
DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service
Dream FTP Server 1.0.2 - (PORT) Remote Denial of Service
XM Easy Personal FTP Server 5.2.1 - (USER) Format String Denial of Service
XM Easy Personal FTP Server 5.2.1 - 'USER' Format String Denial of Service
Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) Denial of Service
Sami HTTP Server 2.0.1 - HTTP 404 Object not found Denial of Service
TurboFTP 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service
TurboFTP Server 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service
XM Easy Personal FTP Server 5.30 - (ABOR) Format String Denial of Service
XM Easy Personal FTP Server 5.30 - 'ABOR' Format String Denial of Service
MiniWeb Http Server 0.8.x - Remote Denial of Service
MiniWeb HTTP Server 0.8.x - Remote Denial of Service
JAF-CMS 4.0 RC2 - Multiple Remote File Inclusion
JAF CMS 4.0 RC2 - Multiple Remote File Inclusion
XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service
XM Easy Personal FTP Server 5.4.0 - 'XCWD' Denial of Service
Belkin wireless G router + ADSL2 modem - Authentication Bypass
Belkin Wireless G router + ADSL2 modem - Authentication Bypass
Serv-U 7.3 - Authenticated (stou con:1) Denial of Service
Serv-U 7.3 - Authenticated Remote FTP File Replacement
Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service
Serv-U FTP Server 7.3 - Authenticated Remote FTP File Replacement
WinFTP 2.3.0 - (PASV mode) Remote Denial of Service
WinFTP Server 2.3.0 - (PASV mode) Remote Denial of Service
Titan FTP server 6.26 build 630 - Remote Denial of Service
Titan FTP Server 6.26 build 630 - Remote Denial of Service
Netgear WG102 - Leaks SNMP write Password with read access
Netgear WG102 - Leaks SNMP Write Password With Read Access
WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow
WinFTP Server 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow
Netgear embedded Linux for the SSL312 router - Denial of Service
Netgear SSL312 Router - Denial of Service
Belkin BullDog Plus UPS-Service - Buffer Overflow
Belkin BullDog Plus - UPS-Service Buffer Overflow
Serv-U 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit
Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service
Serv-U FTP Server 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit
Serv-U FTP Server 7.4.0.1 - (SMNT) Authenticated Denial of Service
XM Easy Personal FTP Server 5.7.0 - (NLST) Denial of Service
XM Easy Personal FTP Server 5.7.0 - 'NLST' Denial of Service
TYPSoft FTP Server 1.11 - (ABORT) Remote Denial of Service
TYPSoft FTP Server 1.11 - 'ABORT' Remote Denial of Service
httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit
httpdx 0.8 FTP Server - Delete/Get/Create Directories/Files Exploit
Firebird SQL - op_connect_request main listener shutdown
Firebird SQL - op_connect_request main listener shutdown Exploit
HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service
BugHunter HTTP Server 1.6.2 - 'httpsv.exe' (GET 404) Remote Denial of Service
XM Easy Personal FTP Server - 'APPE' and 'DELE' Command Denial of Service
XM Easy Personal FTP Server - 'APPE' / 'DELE' Commands Denial of Service
TYPSoft 1.10 - APPE DELE Denial of Service
TYPSoft FTP Server 1.10 - APPE DELE Denial of Service
WingFTP Server 3.2.4 - Cross-Site Request Forgery
Wing FTP Server 3.2.4 - Cross-Site Request Forgery
Quick Player 1.2 -Unicode BoF - bindshell
Quick Player 1.2 - Unicode Buffer Overflow (Bindshell)
UplusFtp Server 1.7.0.12 - Remote Buffer Overflow
UplusFTP Server 1.7.0.12 - Remote Buffer Overflow
Wireshark 1.2.5 LWRES getaddrbyname BoF - calc.exe
Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow (calc.exe)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC)
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC)
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (PoC)
Easy~Ftp Server 1.7.0.2 - (HTTP) Remote Buffer Overflow
EasyFTP Server 1.7.0.2 - (HTTP) Remote Buffer Overflow
Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow
EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow
iPhone - FTP Server (WiFi FTP) by SavySoda Denial of Service/PoC
iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service/PoC
TopDownloads MP3 Player 1.0 - '.m3u' crash
TopDownloads MP3 Player 1.0 - '.m3u' Crash Exploit
Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit)
EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit)
eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC)
PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php
eDisplay Personal FTP Server 1.0.0 - Unauthenticated Denial of Service (PoC)
eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Crash SEH (PoC)
PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php Exploit
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1)
eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1)
uhttp Server - Directory Traversal
uhttp Server 0.1.0-alpha - Directory Traversal
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2)
eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2)
Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow
Apple Safari 4.0.3 (Windows x86) - (Windows x86) CSS Remote Denial of Service
Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
SmallFTPd FTP Server 1.0.3 - DELE Command Denial of Service
TYPSoft FTP Server 1.10 - RETR Command Denial of Service
SmallFTPd 1.0.3 - DELE Command Denial of Service
TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service
SolarWinds 10.4.0.10 - TFTP Denial of Service
SolarWinds TFTP Server 10.4.0.10 - Denial of Service
e107 - Code Exec
e107 - Code Exection
HomeFTP Server r1.10.3 (build 144) - Denial of Service
Home FTP Server r1.10.3 (build 144) - Denial of Service
TYPSoft FTP Server 1.1 - Remote Denial of Service (APPE)
TYPSoft FTP Server 1.1 - 'APPE' Remote Denial of Service
SolarWinds 10.4.0.13 - Denial of Service
SolarWinds TFTP Server 10.4.0.13 - Denial of Service
ISC-DHCPD - Denial of Service
ISC DHCPD - Denial of Service
Easy FTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit)
EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit)
Easy FTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow
deepin tftp server 1.25 - Directory Traversal
Deepin TFTP Server 1.25 - Directory Traversal
Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer
Adobe Acrobat Reader and Flash Player - 'newclass' Invalid Pointer Exploit
JCMS 2010 - file download
JCMS 2010 - File Download Exploit
SolarFTP 2.0 - Multiple Commands Denial of Service
Solar FTP Server 2.0 - Multiple Commands Denial of Service
TYPSoft FTP Server 1.10 - RETR CMD Denial of Service
TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service
Xynph 1.0 - USER Denial of Service
Xynph FTP Server 1.0 - USER Denial of Service
XM Easy Personal FTP Server 5.8.0 - (TYPE) Denial of Service
XM Easy Personal FTP Server 5.8.0 - 'TYPE' Denial of Service
Solar FTP 2.1 - Denial of Service
Solar FTP Server 2.1 - Denial of Service
Red Hat Linux - stickiness of /tmp
Red Hat Linux - stickiness of /tmp Exploit
home ftp server 1.12 - Directory Traversal
Home FTP Server 1.12 - Directory Traversal
NetGear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)
Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)
Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit)
RhinoSoft Serv-U - Session Cookie Buffer Overflow (Metasploit)
RhinoSoft Serv-U FTP Server - Session Cookie Buffer Overflow (Metasploit)
Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow
SmallFTPd 1.0.3 FTP Server - Denial of Service
SmallFTPd 1.0.3 - Denial of Service
PCMAN FTP Server Buffer Overflow - PUT Command (Metasploit)
PCMan FTP Server Buffer Overflow - PUT Command (Metasploit)
Solar FTP 2.1.1 - PASV Buffer Overflow (PoC)
Solar FTP Server 2.1.1 - PASV Buffer Overflow (PoC)
BisonFTP Server 3.5 - Remote Buffer Overflow
BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow
Solarftp 2.1.2 - PASV Buffer Overflow (Metasploit)
Solar FTP Server 2.1.2 - PASV Buffer Overflow (Metasploit)
BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit)
BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit)
NETGEAR Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery
Netgear Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery
zFTP Server - 'cwd/stat' Remote Denial of Service
zFTPServer - 'cwd/stat' Remote Denial of Service
Serv-U FTP - Jail Break
Serv-U FTP Server - Jail Break
Typsoft FTP Server 1.10 - Multiple Commands Denial of Service
TYPSoft FTP Server 1.10 - Multiple Commands Denial of Service
PeerBlock 1.1 - BSOD
PeerBlock 1.1 - BSOD Exploit
distinct tftp server 3.01 - Directory Traversal
Distinct TFTP Server 3.01 - Directory Traversal
PHP < 5.3.12 & < 5.4.2 - CGI Argument Injection
PHP < 5.3.12 / < 5.4.2 - CGI Argument Injection
Berkeley Sendmail 5.58 - DEBUG
Berkeley Sendmail 5.58 - Debug exploit
SunView (SunOS 4.1.1) - selection_svc
Digital Ultrix 4.0/4.1 - /usr/bin/chroot
SunOS 4.1.1 - /usr/release/bin/makeinstall
SunOS 4.1.1 - /usr/release/bin/winstall
SunView (SunOS 4.1.1) - selection_svc Exploit
Digital Ultrix 4.0/4.1 - /usr/bin/chroot Exploit
SunOS 4.1.1 - /usr/release/bin/makeinstall Exploit
SunOS 4.1.1 - /usr/release/bin/winstall Exploit
SunOS 4.1.3 - kmem setgid /etc/crash
SunOS 4.1.3 - kmem setgid /etc/crash Exploit
IRIX 6.4 - pfdisplay.cgi
IRIX 6.4 - 'pfdisplay.cgi' Exploit
SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE
SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT
SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE Exploit
SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT Exploit
FreePBX < 13.0.188 - Remote Command Execution (Metasploit)
HP JetAdmin 1.0.9 Rev. D - symlink
HP JetAdmin 1.0.9 Rev. D - symlink Exploit
Ipswitch IMail 5.0 / WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation
Ipswitch IMail 5.0 / Ipswitch WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation
TP-Link Archer CR-700 - Cross-Site Scripting
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin Exploit
Cat Soft Serv-U 2.5 - Buffer Overflow
BisonWare BisonWare FTP Server 3.5 - Multiple Vulnerabilities
Allaire ColdFusion Server 4.0.1 - CFCRYPT.EXE
Cat Soft Serv-U FTP Server 2.5 - Buffer Overflow
BisonWare BisohFTP Server 3.5 - Multiple Vulnerabilities
Allaire ColdFusion Server 4.0.1 - 'CFCRYPT.EXE' Exploit
Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA
Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA Exploit
Linux Kernel 2.0 / 2.1 / 2.2 - autofs
Linux Kernel 2.0 / 2.1 / 2.2 - autofs Exploit
Debian 2.1 - httpd
S.u.S.E. 5.2 - gnuplot
Debian 2.1 - httpd Exploit
S.u.S.E. Linux 5.2 - gnuplot Exploit
Stanford University bootpd 2.4.3 / Debian 2.0 - netstd
Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Exploit
SGI IRIX 6.2 - /usr/lib/netaddpr
SGI IRIX 6.2 - /usr/lib/netaddpr Exploit
SGI IRIX 6.2 - day5notifier
SGI IRIX 6.2 - day5notifier Exploit
SGI IRIX 6.4 - datman/cdman
SGI IRIX 6.4 - datman/cdman Exploit
RedHat Linux 2.1 - abuse.console
RedHat Linux 2.1 - abuse.console Exploit
SGI IRIX 6.3 - cgi-bin webdist.cgi
SGI IRIX 6.3 - cgi-bin webdist.cgi Exploit
SGI IRIX 6.4 - cgi-bin handler
SGI IRIX 6.4 - cgi-bin handler Exploit
SGI IRIX 6.4 - login
SGI IRIX 6.4 - login Exploit
IBM AIX 3.2.5 - IFS
IBM AIX 3.2.5 - IFS Exploit
IBM AIX 3.2.5 - login(1)
IBM AIX 3.2.5 - login(1) Exploit
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (1)
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (2)
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (1)
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (2)
Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP
Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Exploit
GNU glibc 2.1/2.1.1 -6 - pt_chown
GNU glibc 2.1/2.1.1 -6 - pt_chown Exploit
Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd
Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd Exploit
ProFTPd 1.2 pre6 - snprintf
ProFTPd 1.2 pre6 - snprintf Exploit
Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi
Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Exploit
Microsoft Internet Explorer 5.0/4.0.1 - IFRAME
Microsoft Internet Explorer 5.0/4.0.1 - IFRAME Exploit
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (1)
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (2)
PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (1)
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (2)
PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog Exploit
S.u.S.E. Linux 6.1/6.2 - cwdtools
S.u.S.E. Linux 6.1/6.2 - cwdtools Exploit
SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin'
SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' Exploit
SCO Unixware 7.1 - 'pkg' commands
SCO Unixware 7.1 - 'pkg' command Exploit
Cat Soft Serv-U 2.5a - Server SITE PASS Denial of Service
Cat Soft Serv-U FTP Server 2.5a - SITE PASS Denial of Service
Nortel Networks Optivity NETarchitect 2.0 - PATH
Nortel Networks Optivity NETarchitect 2.0 - PATH Exploit
SGI IRIX 6.2 - midikeys/soundplayer
SGI IRIX 6.2 - midikeys/soundplayer Exploit
Allaire ColdFusion Server 4.0/4.0.1 - CFCACHE
Allaire ColdFusion Server 4.0/4.0.1 - 'CFCACHE' Exploit
Cat Soft Serv-U 2.5/a/b / Windows 2000/95/98/NT 4.0 - Shortcut
Cat Soft Serv-U FTP Server 2.5/a/b (Windows 2000/95/98/NT 4.0) - Shortcut Exploit
Microsoft Windows 95/98/NT 4.0 - autorun.inf
Microsoft Windows 95/98/NT 4.0 - autorun.inf Exploit
Corel Linux OS 1.0 - buildxconfig
Corel Linux OS 1.0 - setxconf
Corel Linux OS 1.0 - buildxconfig Exploit
Corel Linux OS 1.0 - setxconf Exploit
TP Link Gateway 3.12.4 - Multiple Vulnerabilities
TP-Link Gateway 3.12.4 - Multiple Vulnerabilities
SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname
SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname Exploit
Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr (2)
Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr Exploit (2)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (1)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (2)
Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2)
Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Exploit
Cisco IOS 11.x/12.x - HTTP %%
Cisco IOS 11.x/12.x - HTTP %% Exploit
RedHat Linux 6.0/6.1/6.2 - pam_console
RedHat Linux 6.0/6.1/6.2 - pam_console Exploit
HP-UX 10.20/11.0 man - /tmp symlink
HP-UX 10.20/11.0 man - /tmp Symlink Exploit
IRIX 5.3/6.x - mail
IRIX 5.3/6.x - mail Exploit
TYPSoft 0.7 x - FTP Server Remote Denial of Service
TYPSoft FTP Server 0.7.x - FTP Server Remote Denial of Service
Oracle Internet Directory 2.0.6 - oidldap
Oracle Internet Directory 2.0.6 - oidldap Exploit
CatSoft FTP Serv-U 2.5.x - Brute Force
Cat Soft Serv-U FTP Server 2.5.x - Brute Force
Small HTTP server 2.0 1 - Non-Existent File Denial of Service
Small HTTP Server 2.0 1 - Non-Existent File Denial of Service
NCSA httpd-campas 1.2 - sample script
NCSA httpd-campas 1.2 - sample script Exploit
Novell NetWare Web Server 2.x - convert.bas
Novell NetWare Web Server 2.x - convert.bas Exploit
Serv-U 2.4/2.5 - FTP Directory Traversal
Serv-U FTP Server 2.4/2.5 - FTP Directory Traversal
Novell Netware Web Server 3.x - files.pl
Novell Netware Web Server 3.x - files.pl Exploit
guido frassetto sedum http server 2.0 - Directory Traversal
Guido Frassetto SEDUM HTTP Server 2.0 - Directory Traversal
robin twombly a1 http server 1.0 - Directory Traversal
Robin Twombly A1 HTTP Server 1.0 - Directory Traversal
SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon
SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon Exploit
michael lamont savant http server 2.1 - Directory Traversal
Michael Lamont Savant HTTP Server 2.1 - Directory Traversal
zeroo http server 1.5 - Directory Traversal (1)
zeroo http server 1.5 - Directory Traversal (2)
Zeroo HTTP Server 1.5 - Directory Traversal (1)
Zeroo HTTP Server 1.5 - Directory Traversal (2)
Netgear 1.x - ProSafe VPN Firewall Web Interface Login Denial of Service
Netgear ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service
Centrinity FirstClass 5.50/5.77/7.0/7.1 - HTTP Server Long Version Field Denial of Service
Centrinity FirstClass HTTP Server 5.50/5.77/7.0/7.1 - Long Version Field Denial of Service
Centrinity FirstClass 7.1 - HTTP Server Directory Disclosure
Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure
BRS Webweaver 1.0.7 - ISAPISkeleton.dll Cross-Site Scripting
BRS Webweaver 1.0.7 - 'ISAPISkeleton.dll' Cross-Site Scripting
XLight FTP Server 1.x - Long Directory Request Remote Denial of Service
Xlight FTP Server 1.x - Long Directory Request Remote Denial of Service
XLight FTP Server 1.52 - Remote Send File Request Denial of Service
Xlight FTP Server 1.52 - Remote Send File Request Denial of Service
gweb http server 0.5/0.6 - Directory Traversal
GWeb HTTP Server 0.5/0.6 - Directory Traversal
MiniWeb MiniWeb HTTP Server (build 300) - Crash (PoC)
MiniWeb HTTP Server (build 300) - Crash (PoC)
TP-Link Print Server TL PS110U - Sensitive Information Enumeration
TP-Link PS110U Print Server TL - Sensitive Information Enumeration
PCMan's FTP Server 2.0.7 - Buffer Overflow
PCMan FTP Server 2.0.7 - Buffer Overflow
PCMan's FTP Server 2.0 - Remote Buffer Overflow
PCMan FTP Server 2.0 - Remote Buffer Overflow
PHP 3-5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass
PHP 3 < 5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass
PHP 3-5 - ZendEngine ECalloc Integer Overflow
PHP 3 < 5 - ZendEngine ECalloc Integer Overflow
NetGear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow
Netgear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow
NetGear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow
Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow
TPLINK WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities
Static Http Server 1.0 - Denial of Service
TP-Link WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities
Static HTTP Server 1.0 - Denial of Service
NETGEAR ReadyNAS - Perl Code Evaluation (Metasploit)
Netgear ReadyNAS - Perl Code Evaluation (Metasploit)
NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting
Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting
NetGear DGN2200 N300 Wireless Router - Multiple Vulnerabilities
Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities
vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (1)
vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (2)
vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (1)
vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (2)
Ipswitch 8.0 - WS_FTP Client Format String
Ipswitch WS_FTP Home/Professional 8.0 - WS_FTP Client Format String
NETGEAR WGR614 - Administration Interface Remote Denial of Service
Netgear WGR614 - Administration Interface Remote Denial of Service
Cisco IOS 12.4(23) HTTP Server - Multiple Cross-Site Scripting Vulnerabilities
Cisco IOS 12.4(23) - HTTP Server Multiple Cross-Site Scripting Vulnerabilities
NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities
Netgear N600 Wireless Dual Band WNDR3400 - Multiple Vulnerabilities
NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting
NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure
TP-Link Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities
TP-Link Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities
TP-Link TL-WR340G / TL-WR340GD - Multiple Vulnerabilities
TP-Link TL-WR841N / TL-WR841ND - Multiple Vulnerabilities
SolarFTP 2.1.1 - 'PASV' Command Remote Buffer Overflow
Solar FTP Server 2.1.1 - 'PASV' Command Remote Buffer Overflow
Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit
Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit
NetMan 204 - Backdoor Account
NetGear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities
Netgear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities
Serv-U 11.1.0.3 - Denial of Service / Security Bypass
Serv-U FTP Server 11.1.0.3 - Denial of Service / Security Bypass
TP-Link ADSL2+ TD-W8950ND - Unauthenticated Remote DNS Change
TP-Link TD-W8950ND ADSL2+ - Unauthenticated Remote DNS Change
NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure
ISC BIND9 - TKEY (PoC)
Netgear ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure
ISC BIND 9 - TKEY (PoC)
ISC BIND9 - TKEY Remote Denial of Service (PoC)
ISC BIND 9 - TKEY Remote Denial of Service (PoC)
NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation
Netgear Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation
Android (Stagefright) - Remote Code Execution
Android - 'Stagefright' Remote Code Execution
Microsoft Windows Media Center - MCL (MS15-100)
Microsoft Windows Media Center - MCL Exploit (MS15-100)
Android libstagefright - Integer Overflow Remote Code Execution
Android - libstagefright Integer Overflow Remote Code Execution
NETGEAR D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution
Netgear D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution
pdfium IsFlagSet (v8 memory management) - SIGSEGV
pdfium IsFlagSet (v8 memory management) - SIGSEGV Exploit
NETGEAR ProSafe Network Management System NMS300 - Multiple Vulnerabilities
Netgear ProSafe Network Management System NMS300 - Multiple Vulnerabilities
XM Easy Personal FTP Server 5.8 - (HELP) Remote Denial of Service
XM Easy Personal FTP Server 5.8.0 - 'HELP' Remote Denial of Service
NETGEAR ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit)
Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit)
TallSoft SNMP TFTP Server 1.0.0 - Denial of Service
TallSoft SNMP/TFTP Server 1.0.0 - Denial of Service
Metaphor - Stagefright Exploit with ASLR Bypass
Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass)
Zabbix 2.2 < 3.0.3 - Remote Code Execution with API JSON-RPC
Zabbix 2.2 < 3.0.3 - API JSON-RPC Remote Code Execution
Open Upload 0.4.2 - Multiple Cross-Site Request Forgery Vulnerabilities
NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities
NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vulnerabilities
FreePBX 13 / 14 - Remote Command Execution With Privilege Escalation
FreePBX 13 / 14 - Remote Command Execution / Privilege Escalation
Easy FTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit
EasyFTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit
Android 5.0 <= 5.1.1 - Stagefright .MP4 tx3g Integer Overflow (Metasploit)
2016-09-28 11:55:43 +00:00
Offensive Security
35000196e1
DB: 2016-09-27
...
11 new exploits
Berlios gpsd 2.7.x - Remote Format String
Berlios GPSD 2.7.x - Remote Format String
bitweaver 1.3 - (tmpImagePath) Attachment mod_mime Exploit
Bitweaver 1.3 - (tmpImagePath) Attachment mod_mime Exploit
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (1)
D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit)
D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (1)
boastMachine 3.1 - (mail.php id) SQL Injection
BoastMachine 3.1 - 'mail.php' id SQL Injection
BIGACE 2.4 - Multiple Remote File Inclusion
BigACE 2.4 - Multiple Remote File Inclusion
attachmax dolphin 2.1.0 - Multiple Vulnerabilities
Attachmax Dolphin 2.1.0 - Multiple Vulnerabilities
AtomixMP3 <= 2.3 - (Playlist) Universal Overwrite (SEH)
AtomixMP3 <= 2.3 - 'Playlist' Universal Overwrite (SEH)
BIGACE CMS 2.5 - 'Username' SQL Injection
BigACE CMS 2.5 - 'Username' SQL Injection
BIGACE CMS 2.6 - (cmd) Local File Inclusion
BigACE CMS 2.6 - (cmd) Local File Inclusion
Avast AntiVirus 4.8.1351.0 - Denial of Service / Privilege Escalation
Avast! AntiVirus 4.8.1351.0 - Denial of Service / Privilege Escalation
DistCC Daemon - Command Execution (Metasploit)
DistCC Daemon - Command Execution (Metasploit) (1)
Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit)
Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (1)
Avast 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption
Avast! 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption
bitrix site manager 4.0.5 - Remote File Inclusion
Bitrix Site Manager 4.0.5 - Remote File Inclusion
boastMachine 3.1 - Arbitrary File Upload
BoastMachine 3.1 - Arbitrary File Upload
blog system 1.5 - Multiple Vulnerabilities
Blog System 1.5 - Multiple Vulnerabilities
b2b gold script - 'id' SQL Injection
B2B Gold Script - 'id' SQL Injection
TinyBrowser - Arbitrary File Upload
Wordpress Plugin TinyBrowser - Arbitrary File Upload
Nginx http server 0.6.36 - Directory Traversal
Nginx 0.6.36 - Directory Traversal
atomic photo album 1.0.2 - Multiple Vulnerabilities
Atomic Photo Album 1.0.2 - Multiple Vulnerabilities
Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit)
Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (1)
Bigace_2.7.3 - Cross-Site Request Forgery (Change Admin Password) (PoC)
BigACE 2.7.3 - Cross-Site Request Forgery (Change Admin Password) (PoC)
bitweaver 2.8.1 - Persistent Cross-Site Scripting
Bitweaver 2.8.1 - Persistent Cross-Site Scripting
bitweaver 2.8.0 - Multiple Vulnerabilities
Bitweaver 2.8.0 - Multiple Vulnerabilities
Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit)
Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (2)
D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit)
D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (2)
Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit)
Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (2)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (2)
DistCC Daemon - Command Execution (Metasploit)
DistCC Daemon - Command Execution (Metasploit) (2)
Bigace 2.7.5 - Arbitrary File Upload
BigACE 2.7.5 - Arbitrary File Upload
atutor 2.0.2 - Multiple Vulnerabilities
ATutor 2.0.2 - Multiple Vulnerabilities
boastMachine 3.1 - Cross-Site Request Forgery (Add Admin)
BoastMachine 3.1 - Cross-Site Request Forgery (Add Admin)
Microsoft Windows - RegLoadAppKey Hive Enumeration Privilege Escalation (MS16-111)
atmail email server Appliance 6.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Remote Code Execution
AtMail Email Server Appliance 6.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Remote Code Execution
Macro Expert 4.0 - Multiple Privilege Escalations
axigen mail server 8.0.1 - Persistent Cross-Site Scripting
Axigen Mail Server 8.0.1 - Persistent Cross-Site Scripting
Iperius Remote 1.7.0 - Unquoted Service Path Privilege Escalation
MSI - NTIOLib.sys / WinIO.sys Local Privilege Escalation
Elantech-Smart Pad 11.9.0.0 - Unquoted Service Path Privilege Escalation
Joomla! Component Event Booking 2.10.1 - SQL Injection
NetDrive 2.6.12 - Unquoted Service Path Privilege Escalation
bitweaver 2.8.1 - Multiple Vulnerabilities
Bitweaver 2.8.1 - Multiple Vulnerabilities
Contrexx CMS egov Module 1.0.0 - SQL Injection
Microsoft Windows 10 10586 (x32/x64) / 8.1 Update 2 - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111)
White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting
Wordpress Plugin White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting
atutor 1.2 - Multiple Vulnerabilities
ATutor 1.2 - Multiple Vulnerabilities
Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection
Joomla! Component Huge-IT Video Gallery 1.0.9 - SQL Injection
Clockstone and other CMSMasters Theme - Arbitrary File Upload
Wordpress Theme Clockstone (and other CMSMasters Themes) - Arbitrary File Upload
Nginx HTTP Server 1.3.9 < 1.4.0 - Chuncked Encoding Stack Buffer Overflow (Metasploit)
Nginx 1.3.9 < 1.4.0 - Chuncked Encoding Stack Buffer Overflow (Metasploit)
BuilderEngine 3.5.0 - Arbitrary File Upload
PHP Charts 1.0 - (index.php type Parameter) Remote Code Execution
PHP-Charts 1.0 - (index.php type Parameter) Remote Code Execution
Bigace CMS 2.7.8 - Cross-Site Request Forgery (Add Admin)
BigACE CMS 2.7.8 - Cross-Site Request Forgery (Add Admin)
BoastMachine 3.1 - admin.php Cross-Site Scripting
BoastMachine 3.1 - 'admin.php' Cross-Site Scripting
Western Digital Arkeia - Remote Code Execution (Metasploit)
Western Digital Arkeia - Remote Code Execution (Metasploit) (1)
Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting
Wordpress Plugin Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting
Redoable 1.2 Theme - header.php s Parameter Cross-Site Scripting
Wordpress Theme Redoable 1.2 - header.php s Parameter Cross-Site Scripting
Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery
Wordpress Plugin Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery
boastMachine 2.8 - 'index.php' Local File Inclusion
BoastMachine 2.8 - 'index.php' Local File Inclusion
TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting
Wordpress Plugin TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting
boastMachine 3.1 - 'key' Parameter Cross-Site Scripting
BoastMachine 3.1 - 'key' Parameter Cross-Site Scripting
Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities
WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities
Creative Contact Form 0.9.7 - Arbitrary File Upload
Wordpress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload
Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting
Wordpress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting
Paid Memberships Pro 1.7.14.2 - Directory Traversal
Wordpress Plugin Paid Memberships Pro 1.7.14.2 - Directory Traversal
DukaPress 2.5.2 - Directory Traversal
Wordpress Plugin DukaPress 2.5.2 - Directory Traversal
Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection
Wordpress Plugin Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection
WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting
Wordpress Plugin WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting
Duplicator 0.5.8 - Privilege Escalation
Wordpress Plugin Duplicator 0.5.8 - Privilege Escalation
VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload
Wordpress Plugin VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload
Shareaholic 7.6.0.3 - Cross-Site Scripting
Wordpress Plugin Shareaholic 7.6.0.3 - Cross-Site Scripting
Paypal Currency Converter Basic For WooCommerce - File Read
Wordpress Plugin Paypal Currency Converter Basic For WooCommerce - File Read
Wordpess Simple Photo Gallery 1.7.8 - Blind SQL Injection
Wordpress Plugin Simple Photo Gallery 1.7.8 - Blind SQL Injection
Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities
Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting
PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting
Wordpress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities
2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities
iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting
Wordpress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting
Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities
LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities
GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting
Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting
Wordpress Plugin ]Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities
Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting
Wordpress Plugin Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting
Western Digital Arkeia - Remote Code Execution (Metasploit)
Western Digital Arkeia - Remote Code Execution (Metasploit) (2)
Multiple WordPress Themes WPScientist - Arbitrary File Upload
Multiple WordPress WPScientist Themes - Arbitrary File Upload
EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities
Wordpress Plugin EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities
Avast AntiVirus - X.509 Error Rendering Command Execution
Avast! AntiVirus - X.509 Error Rendering Command Execution
Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting
Wordpress Plugin Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting
miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities
Avast - OOB Write Decrypting PEncrypt Packed executables
Avast - JetDb::IsExploited4x Performs Unbounded Search on Input
Avast - Heap Overflow Unpacking MoleBox Archives
Avast - Integer Overflow Verifying numFonts in TTC Header
Avast! - OOB Write Decrypting PEncrypt Packed executables
Avast! - JetDb::IsExploited4x Performs Unbounded Search on Input
Avast! - Heap Overflow Unpacking MoleBox Archives
Avast! - Integer Overflow Verifying numFonts in TTC Header
BIGACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal
BigACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal
Simple Ads Manager 2.9.4.116 - SQL Injection
Wordpress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection
MySQL / MariaDB / PerconaDB 5.5.52 / 5.6.33 / 5.7.15 - Code Execution / Privilege Escalation
MySQL / MariaDB / PerconaDB 5.5.51 / 5.6.32 / 5.7.14 - Code Execution / Privilege Escalation
Avast - Authenticode Parsing Memory Corruption
Avast! - Authenticode Parsing Memory Corruption
Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting
Wordpress Plugin Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting
Job Script by Scubez - Remote Code Execution
Wordpress Plugin Job Script by Scubez - Remote Code Execution
Premium SEO Pack 1.9.1.3 - wp_options Overwrite
Wordpress Plugin Premium SEO Pack 1.9.1.3 - wp_options Overwrite
Ocomon 2.0 - SQL Injection
2016-09-27 05:01:25 +00:00
Offensive Security
a387f0befc
DB: 2016-09-26
2016-09-26 05:05:50 +00:00
Offensive Security
102574cb3e
DB: 2016-09-24
...
5 new exploits
EVA-Web 1.1<= 2.2 - (index.php3) Remote File Inclusion
EVA-Web 1.1 <= 2.2 - (index.php3) Remote File Inclusion
WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection
WordPress Plugin Simple Forum 1.10 < 1.11 - SQL Injection
Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl)
Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl)
Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby)
Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby)
Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python)
Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4 < 11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5)
Linux Kernel 2.4.1<2.4.37 / 2.6.1<2.6.32-rc5 - 'pipe.c' Privilege Escalation (3)
Linux Kernel 2.4.1 < 2.4.37 / 2.6.1 < 2.6.32-rc5 - 'pipe.c' Privilege Escalation (3)
Adobe Acrobat Reader 7<9 - U3D Buffer Overflow
Adobe Acrobat Reader 7 < 9 - U3D Buffer Overflow
Samba 3.0.21-3.0.24 - LSA trans names Heap Overflow (Metasploit)
Samba 3.0.21 < 3.0.24 - LSA trans names Heap Overflow (Metasploit)
Mozilla Firefox 7 / 8<= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit)
Mozilla Firefox 7 / 8 <= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit)
Adobe Flash - Crash When Freeing Memory After AVC decoding
Adobe Flash - Video Decompression Memory Corruption
Linux - SELinux W+X Protection Bypass via AIO
Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation
Wise Care 365 4.27 / Wise Disk Cleaner 9.29 - Unquoted Service Path Privilege Escalation
Microsoft MSN Messenger 1<4 - Malformed Invite Request Denial of Service
Microsoft MSN Messenger 1 < 4 - Malformed Invite Request Denial of Service
Kerio Control Unified Threat Management 9.1.0 build 1087_ 9.1.1 build 1324 - Multiple Vulnerabilities
Kerio Control Unified Threat Management 9.1.0 build 1087 / 9.1.1 build 1324 - Multiple Vulnerabilities
Check Point VPN-1 SecureClient 4.0/4.1 - Policy Bypass
Check Point VPN-1 SecureClient 4.0 < 4.1 - Policy Bypass
Microsoft Excel 95<2004 - Malformed Graphic File Code Execution
Microsoft Excel 95 < 2004 - Malformed Graphic File Code Execution
Git-1.9.5 - ssh-agent.exe Buffer Overflow
Git 1.9.5 - ssh-agent.exe Buffer Overflow
Skybox Platform <=7.0.611 - Multiple Vulnerabilities
Skybox Platform <= 7.0.611 - Multiple Vulnerabilities
SOLIDserver <=5.0.4 - Local File Inclusion
SOLIDserver <= 5.0.4 - Local File Inclusion
WordPress Plugin DZS Videogallery <=8.60 - Multiple Vulnerabilities
WordPress Plugin DZS Videogallery <= 8.60 - Multiple Vulnerabilities
Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (PowerShell)
Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell)
Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (C#)
Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (C#)
Microsoft Windows 7<10 / 2008<2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)
Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)
2016-09-24 05:05:07 +00:00
Offensive Security
12047d93f1
DB: 2016-09-23
...
9 new exploits
Slackware Linux 3.5 - /etc/group Missing Privilege Escalation
Slackware Linux 3.5 - Missing /etc/group Privilege Escalation
Matrimonial Website Script 1.0.2 - SQL Injection
Metasploit Web UI - Diagnostic Console Command Execution
Kerio Control Unified Threat Management 9.1.0 build 1087_ 9.1.1 build 1324 - Multiple Vulnerabilities
Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection
Exponent CMS 2.3.9 - Blind SQL Injection
JCraft/JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal
AnyDesk 2.5.0 - Unquoted Service Path Privilege Escalation
Kerberos in Microsoft Windows - Security Feature Bypass (MS16-101)
phpWebSite 0.10.2 - PHPWS_SOURemote Code Execution_DIR Parameter Multiple Remote File Inclusion
phpWebSite 0.10.2 - 'PHPWS_SOURCE_DIR' Parameter Multiple Remote File Inclusion
Multiple WordPress Plugins (Using TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution
Multiple WordPress Plugins (TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution
Microix Timesheet Module - SQL Injection
Kaltura Community Edition <=11.1.0-2 - Multiple Vulnerabilities
Kaltura Community Edition <= 11.1.0-2 - Multiple Vulnerabilities
2016-09-23 05:05:20 +00:00
Offensive Security
b8ebed3824
DB: 2016-09-22
...
6 new exploits
Setuid perl - PerlIO_Debug() Root owned file creation
Setuid perl - PerlIO_Debug() Root Owned File Creation Privilege Escalation
Kaltura 11.1.0-2 - Remote Code Execution (Metasploit)
Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Root Exploit
Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Privilege Escalation
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Root Exploit (5)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5)
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Root Exploit (1)
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Privilege Escalation (1)
VideoCache 1.9.2 - vccleaner Root
VideoCache 1.9.2 - 'vccleaner' Privilege Escalation
UK One Media CMS - 'id' Error Based SQL Injection
UK One Media CMS - 'id' Error-Based SQL Injection
xt:Commerce Gambio 2008 < 2010 - 'reviews.php' ERROR Based SQL Injection
xt:Commerce Gambio 2008 < 2010 - 'reviews.php' Error-Based SQL Injection
Axis2 - / SAP BusinessObjects Authenticated Code Execution (via SOAP)
Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP)
Ultimate eShop - Error Based SQL Injection
Ultimate eShop - Error-Based SQL Injection
WordPress Plugin Multiple - timthumb.php Vulnerabilities
Multiple WordPress Plugins - timthumb.php File Upload
Linux Kernel 2.0/2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service
Slackware Linux 3.5 - /etc/group missing results in Root access
Slackware Linux 3.5 - /etc/group Missing Privilege Escalation
Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service
Sudo 1.6.3 - Unclean Environment Variable Root Program Execution
Sudo 1.6.3 - Unclean Environment Variable Privilege Escalation
Linux Kernel 2.0.x/2.2.x/2.4.x / FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure
Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
Microsoft Office PowerPoint 2010 - Invalid Pointer Reference
Symantec rar Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write
sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURemote Code Execution Bypass
sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Privilege Escalation + glibc FORTIFY_SOURCE Bypass
Microweber 0.905 - Error Based SQL Injection
Microweber 0.905 - Error-Based SQL Injection
WordPress Theme TimThumb 2.8.13 WebShot Plugin/ - Remote Code Execution
Multiple WordPress Plugins (Using TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution
2016-09-22 05:06:28 +00:00
Offensive Security
fdd9fd65e2
DB: 2016-09-21
...
2 new exploits
Dolphin 7.3.0 - Error-Based SQL Injection
VegaDNS 0.13.2 - Remote Command Injection
2016-09-21 05:07:40 +00:00
Offensive Security
91fedcad08
Merge branch 'g0tmi1k-searchsploit'
2016-09-20 22:38:15 +00:00
g0tmi1k
01cd5bae40
Fix an clipboard issue if it there wasn't $DISPLAY
2016-09-20 23:28:07 +01:00
Offensive Security
235761b103
DB: 2016-09-20
...
12 new exploits
OpenSSL ASN.1<= 0.9.6j 0.9.7b - Brute Forcer for Parsing Bugs
OpenSSL ASN.1 <= 0.9.6j / 0.9.7b - Brute Forcer for Parsing Bugs
ZineBasic 1.1 - Arbitrary File Disclosure
SolarWinds Kiwi CatTools 3.11.0 - Unquoted Service Path Privilege Escalation
VMware Workstation - vprintproxy.exe JPEG2000 Images Multiple Memory Corruptions
VMware Workstation - vprintproxy.exe TrueType NAME Tables Heap Buffer Overflow
MuM MapEdit 3.2.6.0 - Multiple Vulnerabilities
MyBB 1.8.6 - SQL Injection
Kajona 4.7 - Cross-Site Scripting / Directory Traversal
Docker Daemon - Privilege Escalation (Metasploit)
SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation
EKG Gadu 1.9~pre+r2855-3+b1 - Local Buffer Overflow
WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure
PHP 5.0.0 - 'tidy_parse_file()' Buffer Overflow
2016-09-20 05:07:15 +00:00
Offensive Security
99fb353a74
Merge branch 'g0tmi1k-searchsploit'
2016-09-19 22:39:07 +00:00
g0tmi1k
52d612d57a
Able to update via package management
2016-09-19 23:37:14 +01:00
Offensive Security
c663f43049
DB: 2016-09-18
2016-09-18 05:06:48 +00:00
Offensive Security
4aa6d571e7
DB: 2016-09-17
...
3 new exploits
Too many to list!
2016-09-17 05:08:43 +00:00
Offensive Security
54446fef7a
Merge branch 'g0tmi1k-searchsploit'
2016-09-16 15:53:11 +00:00
g0tmi1k
a53a982fb2
Fixed a few minor bugs in SearchSploit & more verbose output.
2016-09-16 16:22:52 +01:00
Offensive Security
5fefdd465d
Merge PR #46 , closes #44
2016-09-16 11:07:30 +00:00
Offensive Security