Offensive Security
2ac6fc17c2
DB: 2017-04-13
...
3 new exploits
Solaris 7 - 11 (x86 & SPARC) - 'EXTREMEPARR' dtappgather Privilege Escalation
Cisco Catalyst 2960 IOS 12.2(55)SE11 - 'ROCEM' Remote Code Execution
D-Link DWR-116 / DWR-116A1 - Arbitrary File Download
2017-04-13 05:01:16 +00:00
Offensive Security
814ba132f8
DB: 2017-04-12
...
18 new exploits
Apple WebKit - 'JSC::B3::Procedure::resetReachability' Use-After-Free
Apple WebKit - 'Document::adoptNode' Use-After-Free
Apple WebKit - 'JSC::SymbolTableEntry::isWatchable' Heap Buffer Overflow
Proxifier for Mac 2.18 - Multiple Vulnerabilities
Proxifier for Mac 2.17 / 2.18 - Privesc Escalation
Xen - Broken Check in 'memory_exchange()' Permits PV Guest Breakout
Quest Privilege Manager 6.0.0 - Arbitrary File Write
Adobe Multiple Products - XML Injection File Content Disclosure
MyClassifiedScript 5.1 - SQL Injection
Social Directory Script 2.0 - SQL Injection
FAQ Script 3.1.3 - 'category_id' Parameter SQL Injection
WordPress Plugin Spider Event Calendar 1.5.51 - Blind SQL Injection
MyBB < 1.8.11 - 'email' MyCode Cross-Site Scripting
MyBB smilie Module < 1.8.11 - 'pathfolder' Directory Traversal
Brother MFC-J6520DW - Authentication Bypass / Password Change
Horde Groupware Webmail 3 / 4 / 5 - Multiple Remote Code Execution
Apple WebKit / Safari 10.0.3 (12602.4.8) - Synchronous Page Load Universal Cross-Site Scripting
Apple WebKit / Safari 10.0.3 (12602.4.8) - Universal Cross-Site Scripting via a Focus Event and a Link Element
2017-04-12 05:01:16 +00:00
Offensive Security
6624e39c26
DB: 2017-04-05
...
31 new exploits
macOS/iOS Kernel 10.12.3 (16D32) - 'bpf' Heap Overflow
macOS/iOS Kernel 10.12.3 (16D32) - SIOCGIFORDER Socket ioctl Off-by-One Memory Corruption
macOS Kernel 10.12.2 (16C67) - Memory Disclosure Due to Lack of Bounds Checking in AppleIntelCapriController::getDisplayPipeCapability
macOS Kernel 10.12.3 (16D32) - Use-After-Free Due to Double-Release in posix_spawn
macOS/iOS Kernel 10.12.3 (16D32) - SIOCSIFORDER Socket ioctl Memory Corruption Due to Bad Bounds Checking
macOS Kernel 10.12.3 (16D32) - 'audit_pipe_open' Off-by-One Memory Corruption
macOS/iOS Kernel 10.12.3 (16D32) - Bad Locking in necp_open Use-After-Free
macOS Kernel 10.12.2 (16C67) - 'AppleIntelCapriController::GetLinkConfig' Code Execution Due to Lack of Bounds Checking
Broadcom Wi-Fi SoC - Heap Overflow in _wlc_tdls_cal_mic_chk_ Due to Large RSN IE in TDLS Setup Confirm Frame
Apple WebKit 10.0.2 - HTMLInputElement Use-After-Free
Apple WebKit - 'RenderLayer' Use-After-Free
Apple WebKit - Negative-Size memmove in HTMLFormElement
Apple WebKit - 'FormSubmission::create' Use-After-Free
Apple WebKit - 'ComposedTreeIterator::traverseNextInShadowTree' Use-After-Free
Apple WebKit - 'table' Use-After-Free
Apple WebKit - 'WebCore::toJS' Use-After-Free
macOS/iOS Kernel 10.12.3 (16D32) - Double-Free Due to Bad Locking in fsevents Device
Bluecoat ASG 6.6/CAS 1.3 - Privilege Escalation (Metasploit)
Bluecoat ASG 6.6/CAS 1.3 - OS Command Injection (Metasploit)
Broadcom Wi-Fi SoC - TDLS Teardown Request Remote Heap Overflow Exploit
SolarWinds LEM 6.3.1 - Remote Code Execution (Metasploit)
Logsign 4.4.2 / 4.4.137 - Remote Command Injection (Metasploit)
Broadcom Wi-Fi SoC - 'dhd_handle_swc_evt' Heap Overflow
Pixie 1.0.4 - Arbitrary File Upload
Apple Webkit - Universal Cross-Site Scripting by Accessing a Named Property from an Unloaded Window
Apple WebKit 10.0.2(12602.3.12.0.1) - 'disconnectSubframes' Universal Cross-Site Scripting
Apple WebKit 10.0.2(12602.3.12.0.1_ r210800) - 'constructJSReadableStreamDefaultReader' Type Confusion
Apple WebKit 10.0.2(12602.3.12.0.1) - 'Frame::setDocument (1)' Universal Cross-Site Scripting
Apple Webkit - 'JSCallbackData' Universal Cross-Site Scripting
Maian Uploader 4.0 - 'index.php' keywords Parameter Cross-Site Scripting
Maian Uploader 4.0 - admin/index.php keywords Parameter Cross-Site Scripting
Maian Uploader 4.0 - admin/inc/header.php Multiple Parameter Cross-Site Scripting
Maian Uploader 4.0 - 'keywords' Parameter Cross-Site Scripting
Maian Uploader 4.0 - 'index.php' Cross-Site Scripting
Maian Uploader 4.0 - 'header.php' Cross-Site Scripting
Maian Uploader 4.0 - 'user' Parameter SQL Injection
Maian Survey 1.1 - 'survey' Parameter SQL Injection
Maian Greetings 2.1 - 'cat' Parameter SQL Injection
2017-04-05 05:01:18 +00:00
Offensive Security
6d17bc529d
DB: 2017-03-31
...
4 new exploits
dBpowerAMP Audio Player Release 2 - '.m3u' Buffer Overflow (PoC)
dBpowerAMP Audio Player 2 - '.m3u' Buffer Overflow (PoC)
Spider Solitaire - Denial of Service (PoC)
Spider Solitaire - Denial of Service (PoC)
Baby FTP Server 1.24 - Denial of Service
Baby FTP Server 1.24 - Denial of Service (1)
Baby FTP server 1.24 - Denial of Service
Baby FTP server 1.24 - Denial of Service (2)
Google Android - Unprotected MSRs in EL1 RKP Privilege Escalation
Google Android - Unprotected MSRs in EL1 RKP Privilege Escalation
Evostream Media Server 1.7.1 (x64) - Denial of Service
Evostream Media Server 1.7.1 (x64) - Denial of Service
Cerberus FTP Server 8.0.10.1 - Denial of Service
Cerberus FTP Server 8.0.10.1 - Denial of Service
Apple macOS/IOS 10.12.2(16C67) - mach_msg Heap Overflow
Apache < 2.0.64 / < 2.2.21 mod_setenvif - Integer Overflow
Apache < 2.0.64 / < 2.2.21 mod_setenvif - Integer Overflow
Solaris 10 sysinfo() - Local Kernel Memory Disclosure
Solaris 10 sysinfo() - Local Kernel Memory Disclosure (1)
Solaris 10 sysinfo(2) - Local Kernel Memory Disclosure
Solaris 10 sysinfo(2) - Local Kernel Memory Disclosure (2)
Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit)
Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) (1)
Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail) Capabilities Privilege Escalation(1)
Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail 8.10.1) Capabilities Privilege Escalation (2)
Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail) Capabilities Privilege Escalation(1)
Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail 8.10.1) Capabilities Privilege Escalation (2)
Linux Kernel 3.13 - (SGID) Privilege Escalation (PoC)
Linux Kernel 3.13 - (SGID) Privilege Escalation (PoC)
Linux espfix64 - (Nested NMIs Interrupting) Privilege Escalation
Linux espfix64 - (Nested NMIs Interrupting) Privilege Escalation
Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (2) (MS16-008)
Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (1) (MS16-008)
Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (MS16-008) (2)
Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (MS16-008) (1)
Forticlient 5.2.3 Windows 10 x64 (Pre Anniversary) - Privilege Escalation
Forticlient 5.2.3 Windows 10 x64 (Post Anniversary) - Privilege Escalation
Forticlient 5.2.3 (Windows 10 x64 Pre Anniversary) - Privilege Escalation
Forticlient 5.2.3 (Windows 10 x64 Post Anniversary) - Privilege Escalation
Ubuntu < 15.10 - PT Chown Arbitrary PTs Access Via UserNamespace Privilege Escalation
Ubuntu < 15.10 - PT Chown Arbitrary PTs Access Via User Namespace Privilege Escalation
Ubuntu 15.04 (Dev) - 'Upstart' Logrotation Privilege Escalation
Ubuntu 15.04 (Development) - 'Upstart' Logrotation Privilege Escalation
Linux Kernel 2.6.32 (Ubuntu 10.04) - /proc Handling SUID Privilege Escalation
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (1)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (2)
Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote Buffer Overflow (1)
Yahoo! Music Jukebox 2.2 - 'AddImage()' ActiveX Remote Buffer Overflow (1)
dBpowerAMP Audio Player Release 2 - '.m3u' Buffer Overflow
dBpowerAMP Audio Player 2 - '.m3u' Buffer Overflow
Apache Tomcat < 6.0.18 - utf8 Directory Traversal (1)
Apache Tomcat < 6.0.18 - 'utf8' Directory Traversal (PoC)
Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (1)
Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray (1)
Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray
Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray (2)
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (1)
Apache Tomcat < 6.0.18 - utf8 Directory Traversal (2)
Apache Tomcat < 6.0.18 - 'utf8' Directory Traversal
Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit)
Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) (2)
Samba 2.2.2 < 2.2.6 - nttrans Buffer Overflow (Metasploit)
Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (2)
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (2)
Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit)
Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit) (1)
Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit)
Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit) (2)
D-Link Devices - Unauthenticated Remote Command Execution (Metasploit) (2)
D-Link Devices - 'command.php' Unauthenticated Remote Command Execution (Metasploit)
D-Link Devices - Unauthenticated Remote Command Execution (Metasploit) (1)
D-Link Devices - 'tools_vct.xgi' Unauthenticated Remote Command Execution (Metasploit)
Azure Data Expert Ultimate 2.2.16 - Buffer Overflow
Azure Data Expert Ultimate 2.2.16 - Buffer Overflow
Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit)
Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (1)
Article Script 1.6.3 - 'rss.php' SQL Injection (1)
Article Script 1.6.3 - 'rss.php' SQL Injection
DBHcms 1.1.4 - Remote File Inclusion
DBHcms 1.1.4 - 'code' Remote File Inclusion
LaserNet CMS 1.5 - SQL Injection (2)
LaserNet CMS 1.5 - SQL Injection
Clever Copy 3.0 - 'postview.php' SQL Injection (1)
Clever Copy 3.0 - 'postview.php' SQL Injection
phpAuction - 'profile.php' SQL Injection
phpAuction - 'profile.php' SQL Injection (1)
Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection
Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection (1)
Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection
Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection (2)
Matterdaddy Market 1.1 - Multiple SQL Injections (1)
Matterdaddy Market 1.1 - 'index.php' Multiple SQL Injections
PHPWebGallery 1.3.4 - Blind SQL Injection
PHPWebGallery 1.3.4 - Blind SQL Injection (1)
PHPWebGallery 1.3.4 - Blind SQL Injection
PHPWebGallery 1.3.4 - Blind SQL Injection (2)
Zeeways Shaadi Clone 2.0 - Authentication Bypass
Zeeways Shaadi Clone 2.0 - Authentication Bypass (1)
Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities
Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities (1)
DBHcms 1.1.4 - Remote File Inclusion
DBHcms 1.1.4 - 'dbhcms_core_dir' Remote File Inclusion
E-book Store - Multiple Vulnerabilities (1)
Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion
Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion (1)
E-book Store - Multiple Vulnerabilities (2)
E-book Store - Multiple Vulnerabilities
Classifieds Script - SQL Injection
Classifieds Script - 'rate' SQL Injection
Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion
Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion (2)
DBHcms 1.1.4 - SQL Injection
DBHcms 1.1.4 - 'dbhcms_pid' SQL Injection
LaserNet CMS 1.5 - SQL Injection (1)
Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection
Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection (2)
Article Script 1.6.3 - 'rss.php' SQL Injection (2)
Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection
Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection (1)
Openads (PHPAdsNew) < 2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion
Openads (PHPAdsNew) < 2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion
LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting (1)
LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting (2)
Fonality trixbox 2.4.2 - Cross-Site Scripting
Fonality trixbox 2.4.2 - Cross-Site Scripting (1)
Fonality trixbox 2.4.2 - Cross-Site Scripting (2)
Clever Copy 3.0 - 'postview.php' SQL Injection (2)
phpAuction - 'profile.php' SQL Injection
phpAuction - 'profile.php' SQL Injection (2)
Zeeways Shaadi Clone 2.0 - Authentication Bypass
Zeeways Shaadi Clone 2.0 - Authentication Bypass (2)
DBHcms 1.1.4 - 'dbhcms_core_dir' Parameter Remote File Inclusion
Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities
Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities (2)
Matterdaddy Market 1.1 - Multiple SQL Injections (2)
Matterdaddy Market 1.1 - 'cat_name' Multiple SQL Injections
WordPress Plugin WP Private Messages 1.0.1 - SQL Injection
WordPress Plugin WP Private Messages 1.0.1 - SQL Injection (1)
Huawei Flybox B660 - Cross-Site Request Forgery
Huawei Flybox B660 - Cross-Site Request Forgery (1)
Huawei Flybox B660 - Cross-Site Request Forgery
Huawei Flybox B660 - Cross-Site Request Forgery (2)
Classifieds Script - SQL Injection
Classifieds Script - 'term' SQL Injection
WordPress Plugin WP Private Messages 1.0.1 - SQL Injection
WordPress Plugin WP Private Messages 1.0.1 - SQL Injection (2)
2017-03-31 05:01:16 +00:00
Offensive Security
1f8c35c0c0
DB: 2017-03-28
...
25 new exploits
Samba < 3.6.2 (x86) - Denial of Serviec (PoC)
Samba < 3.6.2 (x86) - Denial of Service (PoC)
Microsoft Visual Studio 2015 update 3 - Denial of Service
Disk Sorter Enterprise 9.5.12 - Local Buffer Overflow
Apple Safari - 'DateTimeFormat.format' Type Confusion
Apple Safari - Builtin JavaScript Allows Function.caller to be Used in Strict Mode
Apple Safari - Out-of-Bounds Read when Calling Bound Function
QNAP QTS < 4.2.4 - Domain Privilege Escalation
Internet Information Services (IIS) 6.0 WebDAV - 'ScStoragePathFromUrl' Buffer Overflow
Samba 4.5.2 - Symlink Race Permits Opening Files Outside Share Directory
Github Enterprise - Default Session Secret And Deserialization (Metasploit)
B2B Alibaba Clone Script - SQL Injection
B2B Alibaba Clone Script - 'IndustryID' Parameter SQL Injection
Just Another Video Script 1.4.3 - SQL Injection
Adult Tube Video Script - SQL Injection
Alibaba Clone Script - SQL Injection
B2B Marketplace Script 2.0 - SQL Injection
Php Real Estate Property Script - SQL Injection
Courier Tracking Software 6.0 - SQL Injection
Parcel Delivery Booking Script 1.0 - SQL Injection
Delux Same Day Delivery Script 1.0 - SQL Injection
Hotel Booking Script 1.0 - SQL Injection
Tour Package Booking 1.0 - SQL Injection
Professional Bus Booking Script - 'hid_Busid' Parameter SQL Injection
CouponPHP CMS 3.1 - 'code' Parameter SQL Injection
EyesOfNetwork (EON) 5.0 - Remote Code Execution
EyesOfNetwork (EON) 5.0 - SQL Injection
Nuxeo 6.0 / 7.1 / 7.2 / 7.3 - Remote Code Execution (Metasploit)
inoERP 0.6.1 - Cross-Site Scripting / Cross-Site Request Forgery / SQL Injection / Session Fixation
2017-03-28 05:01:16 +00:00
Offensive Security
8b5b662af9
DB: 2017-03-23
...
8 new exploits
SpyCamLizard 1.230 - Denial of Service
APNGDis 2.8 - 'chunk size descriptor' Heap Buffer Overflow
APNGDis 2.8 - 'image width / height chunk' Heap Buffer Overflow
APNGDis 2.8 - 'filename' Stack Buffer Overflow
Disk Sorter Enterprise 9.5.12 - 'GET' Buffer Overflow (SEH)
SysGauge 1.5.18 - SMTP Validation Buffer Overflow (Metasploit)
GLink Word Link Script 1.2.3 - SQL Injection
Solare Datensysteme Solar-Log Devices 2.8.4-56 / 3.5.2-85 - Multiple Vulnerabilities
2017-03-23 05:01:16 +00:00
Offensive Security
07432556e0
DB: 2017-03-21
...
26 new exploits
FTPShell Client 6.53 - Local Buffer Overflow
FTPShell Client 6.53 - 'Session name' Local Buffer Overflow
FTPShell Server 6.56 - 'ChangePassword' Buffer Overflow
ExtraPuTTY 0.29-RC2 - Denial of Service
Google Nest Cam 5.2.1
- Buffer Overflow Conditions Over Bluetooth LE
Microsoft Windows Kernel - Registry Hive Loading Crashes in nt!nt!HvpGetBinMemAlloc and nt!ExpFindAndRemoveTagBigPages (MS17-017)
Microsoft Windows - Uniscribe Font Processing Out-of-Bounds Read in usp10!otlChainRuleSetTable::rule (MS17-011)
Microsoft Windows - 'USP10!otlList::insertAt' Uniscribe Font Processing Heap-Based Buffer Overflow (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap-Based Out-of-Bounds Read/Write in 'USP10!AssignGlyphTypes' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap-Based Memory Corruption in 'USP10!otlCacheManager::GlyphsSubstituted' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap-Based Memory Corruption in 'USP10!MergeLigRecords' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap-Based Buffer Overflow in 'USP10!ttoGetTableData' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap-Based Out-of-Bounds Write in 'USP10!UpdateGlyphFlags' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap-Based Memory Corruption Around 'USP10!BuildFSM' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Buffer Overflow in 'USP10!FillAlternatesList' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Multiple Heap-Based Out-of-Bounds and Wild Reads (MS17-011)
Microsoft GDI+ - 'gdiplus!GetRECTSForPlayback' Out-of-Bounds Read (MS17-013)
Microsoft Color Management Module 'icm32.dll' - 'icm32!Fill_ushort_ELUTs_from_lut16Tag' Out-of-Bounds Read (MS17-013)
Microsoft Windows - Uniscribe Heap-Based Out-of-Bounds Read in 'USP10!ScriptApplyLogicalWidth' Triggered via EMF (MS17-013)
Microsoft Color Management Module 'icm32.dll' - 'icm32!LHCalc3toX_Di16_Do16_Lut8_G32' Out-of-Bounds Read (MS17-013)
Mozilla Firefox - 'table' Use-After-Free
Microsoft Internet Explorer - 'textarea.defaultValue' Memory Disclosure (MS17-006)
HttpServer 1.0 - Directory Traversal
Cobbler 2.8.0 - Authenticated Remote Code Execution
Joomla! Component JooCart 2.x - 'product_id' Parameter SQL Injection
Joomla! Component jCart for OpenCart 2.0 - 'product_id' Parameter SQL Injection
phplist 3.2.6 - SQL Injection
D-Link DGS-1510 - Multiple Vulnerabilities
2017-03-21 05:01:17 +00:00
Offensive Security
66117c63f5
DB: 2017-03-16
...
16 new exploits
Adobe Flash - Metadata Parsing Out-of-Bounds Read
Adobe Flash - MovieClip Attach init Object Use-After-Free
Adobe Flash - ATF Thumbnailing Heap Overflow
Adobe Flash - ATF Planar Decompression Heap Overflow
Adobe Flash - AVC Header Slicing Heap Overflow
Microsoft Windows - 'LoadUvsTable()' Heap-based Buffer Overflow
USBPcap - Privilege Escalation
USBPcap 1.1.0.0 (WireShark 2.2.5) - Privilege Escalation
PCAUSA Rawether (ASUS PCE-AC56 WLAN Card Utilities Windows 10 x64) - Local Privilege Escalation
Microsoft Windows - COM Session Moniker Privilege Escalation (MS17-012)
Cisco Firepower Management Console 6.0 - Post Authentication UserAdd
Cisco Firepower Management Console 6.0 - Post Authentication UserAdd (Metasploit)
IBM WebSphere - RCE Java Deserialization (Metasploit)
Apache Struts Jakarta - Multipart Parser OGNL Injection (Metasploit)
Joomla! Component Vik Appointments 1.5 - SQL Injection
Joomla! Component Vik Rent Items 1.3 - SQL Injection
Joomla! Component Vik Rent Car 1.11 - SQL Injection
GitHub Enterprise 2.8.0 < 2.8.6 - Remote Code Execution
Steam Profile Integration 2.0.11 - SQL injection
Sitecore CMS 8.1 Update-3 - Cross-Site Scripting
2017-03-16 05:01:20 +00:00
Offensive Security
c7c1c7d92e
DB: 2017-02-23
...
13 new exploits
EasyCom For PHP 4.0.0 - Buffer Overflow (PoC)
EasyCom For PHP 4.0.0 - Denial of Service
Google Chrome - 'layout' Out-of-Bounds Read
Shutter 0.93.1 - Code Execution
DiskSavvy Enterprise - GET Buffer Overflow (Metasploit)
Disk Savvy Enterprise - GET Buffer Overflow (Metasploit)
Disk Savvy Enterprise 9.4.18 - Buffer Overflow (SEH)
Joomla! Component ContentMap 1.3.8 - 'contentid' Parameter SQL Injection
Joomla! Component VehicleManager 3.9 - SQL Injection
Joomla! Component RealEstateManager 3.9 - SQL Injection
Joomla! Component BookLibrary 3.6.1 - SQL Injection
Joomla! Component MediaLibrary Basic 3.5 - SQL Injection
Lock Photos Album&Videos Safe 4.3 - Directory Traversal
ProjectSend r754 - Insecure Direct Object Reference
Teradici Management Console 2.2.0 - Privilege Escalation
2017-02-23 05:01:18 +00:00
Offensive Security
ad7bd81657
DB: 2017-02-22
...
21 new exploits
Microsoft Office PowerPoint 2010 - 'MSO!Ordinal5429' Missing Length Check Heap Corruption
Microsoft Office PowerPoint 2010 - MSO/OART Heap Out-of-Bounds Access
Microsoft Office PowerPoint 2010 GDI - 'GDI32!ConvertDxArray' Insufficient Bounds Check
Adobe Flash - MP4 AMF Parsing Overflow
Adobe Flash - SWF Stack Corruption
Adobe Flash - Use-After-Free in Applying Bitmap Filter
Adobe Flash - YUVPlane Decoding Heap Overflow
DIGISOL DG-HR1400 Wireless Router - Cross-Site Request Forgery
Joomla! Component J-HotelPortal 6.0.2 - 'review_id' Parameter SQL Injection
Joomla! Component J-CruiseReservation Standard 3.0 - 'city' Parameter SQL Injection
Joomla! Component Eventix Events Calendar 1.0 - SQL Injection
Joomla! Component J-MultipleHotelReservation Standard 6.0.2 - 'review_id' Parameter SQL Injection
Joomla! Component Directorix Directory Manager 1.1.1 - SQL Injection
Joomla! Component Magic Deals Web 1.2.0 - SQL Injection
Joomla! Component J-BusinessDirectory 4.6.8 - SQL Injection
Joomla! Component AppointmentBookingPro 4.0.1 - SQL Injection
Sophos Web Appliance 4.2.1.3 - block/unblock Remote Command Injection (Metasploit)
Sophos Web Appliance 4.2.1.3 - DiagnosticTools Remote Command Injection (Metasploit)
Sonicwall 8.1.0.2-14sv - 'extensionsettings.cgi' Remote Command Injection (Metasploit)
Sonicwall 8.1.0.2-14sv - 'viewcert.cgi' Remote Command Injection (Metasploit)
AlienVault OSSIM/USM <= 5.3.1 - Remote Code Execution (Metasploit)
2017-02-22 05:01:19 +00:00
Offensive Security
893d590404
DB: 2017-02-02
...
12 new exploits
PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow
PHP 5.2.0 (Windows x86) - 'PHP_win32sti' Local Buffer Overflow
Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
Apple Safari 4.0.3 (Windows x86) - 'CSS' Remote Denial of Service (1)
PHP 5.3.0 - getopt() Denial of Service
PHP 5.3.0 - 'getopt()' Denial of Service
Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
Apple Safari 4.0.3 (Windows x86) - 'CSS' Remote Denial of Service (2)
PHP 4.3.x/5.0 - openlog() Buffer Overflow
PHP 4.3.x/5.0 - 'openlog()' Buffer Overflow
Google Android - 'cfp_ropp_new_key_reenc' and 'cfp_ropp_new_key' RKP Memory Corruption
Google Android - Unprotected MSRs in EL1 RKP Privilege Escalation
Apple WebKit - 'HTMLFormElement::reset()' Use-After Free
Google Chrome - 'HTMLKeygenElement::shadowSelect()' Type Confusion
Apple WebKit - 'HTMLKeygenElement' Type Confusion
Apple WebKit - Type Confusion in RenderBox with Accessibility Enabled
Google Android - RKP Information Disclosure via s2-remapping Physical Ranges
QNAP NVR/NAS - Buffer Overflow
Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - UDEV < 1.4.1 Privilege Escalation (1)
Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) UDEV < 1.4.1 - Privilege Escalation (1)
Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) - UDEV < 141 Privilege Escalation (2)
Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) UDEV < 1.4.1 - Privilege Escalation (2)
PHP 5.2.9 (Windows x86) - Local Safemod Bypass Exploit
PHP 5.2.9 (Windows x86) - Local Safemod Bypass
Linux udev - Netlink Privilege Escalation (Metasploit)
Linux Kernel UDEV < 1.4.1 - Netlink Privilege Escalation (Metasploit)
Google Android - RKP EL1 Code Loading Bypass
Linux/CRISv32 - Axis Communication Connect Back Shellcode (189 bytes)
Syntax Desktop 2.7 - (synTarget) Local File Inclusion
Syntax Desktop 2.7 - 'synTarget' Parameter Local File Inclusion
Joomla! Component JTAG Calendar 6.2.4 - 'search' Parameter SQL Injection
LogoStore - 'query' Parameter SQL Injection
2017-02-02 05:01:18 +00:00
Offensive Security
bf6526a40b
DB: 2017-01-31
...
39 new exploits
OpenSSL 1.1.0 - Remote Client Denial of Service
CDRTools CDRecord 2.0 - Mandrake Privilege Escalation
CDRTools CDRecord 2.0 (Mandrake / Slackware) - Privilege Escalation
RedHat 6.2 /usr/bin/rcp - SUID Privilege Escalation Exploit
RedHat 6.2 /usr/bin/rcp - SUID Privilege Escalation
BitchX 1.0c19 - Privilege Escalation (suid?)
Apache 1.3.31 (mod_include) - Local Buffer Overflow
BitchX 1.0c19 - Privilege Escalation
Apache 1.3.31 mod_include - Local Buffer Overflow
AIX 4.3/5.1 < 5.3 - lsmcode Command Execution Privilege Escalation
AIX 4.3/5.1 < 5.3 - 'lsmcode' Command Execution Privilege Escalation
Debian 2.2 - /usr/bin/pileup Privilege Escalation
Debian 2.2 /usr/bin/pileup - Privilege Escalation
Oracle 10g (Windows x86) - (PROCESS_DUP_HANDLE) Local Privilege Elevation
GIMP 2.2.14 (Windows x86) - '.ras' Download/Execute Buffer Overflow
Notepad++ 4.1 (Windows x86) - '.ruby' File Processing Buffer Overflow
IBM AIX 5.3 sp6 - ftp gets() Privilege Escalation
IBM AIX 5.3 SP6 - FTP gets() Privilege Escalation
IBM AIX 5.3.0 - setlocale() Privilege Escalation
IBM AIX 5.3.0 - 'setlocale()' Privilege Escalation
FreeBSD 6x/7 - protosw kernel Local Privilege Escalation Exploit
FreeBSD 6x/7 protosw Kernel - Privilege Escalation
PHP 5.2.9 (Windows x86) - Local Safemod Bypass Exploit
HTMLDOC 1.9.x-r1629 (Windows x86) - Local .html Buffer Overflow
(Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - xattr Privilege Escalation
(Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation
Linux Kernel 4.6.3 - 'Netfilter' Privilege Escalation (Metasploit)
Linux Kernel 4.6.3 (x86) - 'Netfilter' Privilege Escalation (Metasploit)
FreeBSD 6.4 - Netgraph Local Privilege Escalation Exploit
FreeBSD 6.4 - Netgraph Privilege Escalation
PHP 5.4.3 (Windows x86 Polish) - Code Execution
Apache (Mod_Auth_OpenID) - Session Stealing
Apache Mod_Auth_OpenID - Session Stealing
cPanel 5.0 - Openwebmail Privilege Escalation
cPanel 5.0 - 'Openwebmail' Privilege Escalation
Apache 2.0.4x (mod_php) - File Descriptor Leakage (1)
Apache 2.0.4x (mod_php) - File Descriptor Leakage (2)
Apache 2.0.4x mod_php - File Descriptor Leakage (1)
Apache 2.0.4x mod_php - File Descriptor Leakage (2)
Apache 2.0.4x (mod_perl) - File Descriptor Leakage (3)
Apache 2.0.4x mod_perl - File Descriptor Leakage (3)
cPanel 5-9 - Privilege Escalation
cPanel 5 < 9 - Privilege Escalation
Apache 1.3.x (mod_include) - Local Buffer Overflow
Apache 1.3.x mod_include - Local Buffer Overflow
IBM AIX 5.x - Diag Privilege Escalation Vulnerabilities
IBM AIX 5.x - 'Diag' Privilege Escalation
Nginx (Debian-Based + Gentoo) - 'logrotate' Local Privilege Escalation
Nginx (Debian-Based Distros + Gentoo) - 'logrotate' Privilege Escalation
Amanda 3.3.1 - amstar Command Injection Privilege Escalation
Amanda 3.3.1 - 'amstar' Command Injection Privilege Escalation
Microsoft Windows 7 SP1 (x86) - 'WebDAV' Privilege Escalation (MS16-016) (1)
Deepin Linux 15 - lastore-daemon Privilege Escalation
Microsoft Windows 7 SP1 (x86) - 'WebDAV' Privilege Escalation (MS16-016) (1)
Deepin Linux 15 - 'lastore-daemon' Privilege Escalation
Microsoft Windows - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040)
Microsoft Windows 7 (x86) - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040)
Microsoft Windows 7 (x64) - 'afd.sys' Privilege Escalation (MS14-040)
Microsoft Windows 7 (x64) - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040)
Microsoft Windows 8.1/10 (x86) - Secondary Logon Standard Handles Missing Sanitization Privilege Escalation (MS16-032)
Linux Kernel 4.6.2 (Ubuntu 16.04.1) - 'IP6T_SO_SET_REPLACE' Privilege Escalation
Microsoft Windows (x86) - 'afd.sys' Privilege Escalation (MS11-046)
Allwinner 3.4 Legacy Kernel - Local Privilege Escalation (Metasploit)
Allwinner 3.4 Legacy Kernel - Privilege Escalation (Metasploit)
Microsoft Windows (x86) - 'NDISTAPI' Privilege Escalation (MS11-062)
MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'mysql' System User Privilege Escalation / Race Condition
MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - ('mysql' System User) Privilege Escalation / Race Condition
MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'root' Privilege Escalation
MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - ('root' System User) Privilege Escalation
Linux Kernel 4.4 (Ubuntu 16.04) - BPF Local Privilege Escalation (Metasploit)
Linux Kernel 4.4 (Ubuntu 16.04) - 'BPF' Privilege Escalation (Metasploit)
Apache CouchDB 2.0.0 - Local Privilege Escalation
Apache CouchDB 2.0.0 - Privilege Escalation
Vesta Control Panel 0.9.8-16 - Local Privilege Escalation
Vesta Control Panel 0.9.8-16 - Privilege Escalation
Systemd 228 - Privilege Escalation (PoC)
Systemd 228 (SUSE 12 SP2 / Ubuntu Touch 15.04) - Privilege Escalation (PoC)
Oracle VM VirtualBox < 5.0.32 / < 5.1.14 - Privilege Escalation (PoC)
Apache 1.3.x (mod_mylo) - Remote Code Execution
Apache 1.3.x mod_mylo - Remote Code Execution
Apache 1.3.x < 2.0.48 (mod_userdir) - Remote Users Disclosure
Apache 1.3.x < 2.0.48 mod_userdir - Remote Users Disclosure
Microsoft Windows (x86) - Metafile '.emf' Heap Overflow (MS04-032)
Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuckV2.c' Remote Exploit (2)
Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuckV2.c' Remote Exploit
Veritas NetBackup 6.0 (Windows x86) - (bpjava-msvc) Remote Exploit
Apache (mod_rewrite) (Windows x86) - Off-by-One Remote Overflow
Apache mod_rewrite (Windows x86) - Off-by-One Remote Overflow
3proxy 0.5.3g (Windows x86) - proxy.c logurl() Remote Buffer Overflow
Apache (mod_rewrite) 2.0.58 (Windows 2003) - Remote Overflow
Apache 2.0.58 mod_rewrite (Windows 2003) - Remote Overflow
Apache Tomcat Connector (mod_jk) - Remote Exploit (exec-shield)
Apache Tomcat Connector mod_jk - 'exec-shield' Remote Exploit
3proxy 0.5.3g (Windows x86) - logurl() Remote Buffer Overflow (Perl)
SapLPD 6.28 (Windows x86) - Remote Buffer Overflow
Apache 2.0 mod_jk2 2.0.2 (Windows x86) - Remote Buffer Overflow
Apache Tomcat Connector jk2-2.0.2 (mod_jk2) - Remote Overflow
Apache Tomcat Connector jk2-2.0.2 mod_jk2 - Remote Overflow
Apache mod_jk 1.2.19 (Windows x86) - Remote Buffer Overflow
Apache (mod_perl) - 'Apache::Status' / 'Apache2::Status' Cross-Site Scripting
Apache mod_perl - 'Apache::Status' / 'Apache2::Status' Cross-Site Scripting
Apache 2.2.14 (mod_isapi) - Dangling Pointer Remote SYSTEM Exploit
Apache 2.2.14 mod_isapi - Dangling Pointer Remote SYSTEM Exploit
Apache (mod_proxy) - Reverse Proxy Exposure (PoC)
Apache mod_proxy - Reverse Proxy Exposure (PoC)
Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuck.c' Remote Exploit (1)
Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuck.c' Remote Exploit
Apache 2.2.6 (mod_negotiation) - HTML Injection and HTTP Response Splitting
Apache 2.2.6 mod_negotiation - HTML Injection and HTTP Response Splitting
Apache 7.0.x (mod_proxy) - Reverse Proxy Security Bypass
Apache 7.0.x mod_proxy - Reverse Proxy Security Bypass
Apache 2.2.15 (mod_proxy) - Reverse Proxy Security Bypass
Apache 2.2.15 mod_proxy - Reverse Proxy Security Bypass
Apache (mod_wsgi) - Information Disclosure
Apache mod_wsgi - Information Disclosure
Flatnuke 2.5.6 - Privilege Escalation / Remote Commands Execution Exploit
Flatnuke 2.5.6 - Privilege Escalation / Remote Commands Execution
phpGraphy 0.9.12 - Privilege Escalation / Commands Execution Exploit
phpGraphy 0.9.12 - Privilege Escalation / Commands Execution
PEAR 1.9.0 - Multiple Remote File Inclusion
PHP PEAR 1.9.0 - Multiple Remote File Inclusion
Pear HTTP_Upload 1.0.0b3 - Arbitrary File Upload
PHP PEAR HTTP_Upload 1.0.0b3 - Arbitrary File Upload
Radisys MRF - Command Injection
PHP PEAR 1.10.1 - Arbitrary File Download
Caregiver Script 2.57 - SQL Injection
Auction Script 6.49 - SQL Injection
Itech B2B Script 4.28 - SQL Injection
Itech Classifieds Script 7.27 - 'scat' Parameter SQL Injection
Itech Dating Script 3.26 - SQL Injection
Itech Freelancer Script 5.13 - SQL Injection
Itech Multi Vendor Script 6.49 - SQL Injection
Itech News Portal Script 6.28 - SQL Injection
Itech Real Estate Script 3.12 - SQL Injection
PHP Product Designer Script - Arbitrary File Upload
PHP Logo Designer Script - Arbitrary File Upload
Video Sharing Script 4.94 - SQL Injection
HelpDeskZ < 1.0.2 - Authenticated SQL Injection / Unauthorized File Download
Itech Classifieds Script 7.27 - 'pid' Parameter SQL Injection
Itech Dating Script 3.26 - 'send_gift.php' SQL Injection
Itech Real Estate Script 3.12 - 'id' Parameter SQL Injection
2017-01-31 05:01:15 +00:00
Offensive Security
d0b74905e8
DB: 2017-01-27
...
17 new exploits
Google Android - 'pm_qos' KASLR Bypass
macOS 10.12.1 / iOS 10.2 - Kernel Userspace Pointer Memory Corruption
macOS 10.12.1 / iOS Kernel - 'IOService::matchPassive' Use-After-Free
macOS 10.12.1 / iOS Kernel - 'host_self_trap' Use-After-Free
Systemd 228 - Privilege Escalation (PoC)
OpenSSH 6.8 < 6.9 - 'PTY' Privilege Escalation
Autodesk Backburner Manager 3 < 2016.0.0.2150 - Null Dereference Denial of Service
Haraka < 2.8.9 - Remote Command Execution
Linux/x86_64 - execve /bin/sh Shellcode (22 bytes)
Drupal 7.0 < 7.31 - SQL Injection (SA-CORE-2014-005) (1)
Drupal 7.0 < 7.31 - SQL Injection (1)
Drupal 7.0 < 7.31 - SQL Injection (SA-CORE-2014-005) (2)
Drupal 7.0 < 7.31 - SQL Injection (2)
Pear HTTP_Upload 1.0.0b3 - Arbitrary File Upload
KB Affiliate Referral Script 1.0 - Authentication Bypass
KB Login Authentication Script 1.1 - Authentication Bypass
KB Messages PHP Script 1.0 - Authentication Bypass
Web Based TimeSheet Script - Authentication Bypass
TM RG4332 Wireless Router - Arbitrary File Disclosure
PHPBack < 1.3.1 - SQL Injection / Cross-Site Scripting
Polycom VVX Web Interface - Change Admin Password
2017-01-27 05:01:17 +00:00
Offensive Security
5c20fdffaa
DB: 2017-01-24
...
2 new exploits
MediaMonkey 3.2.4.1304 - (mp3) Buffer Overflow (PoC)
MediaMonkey 3.2.4.1304 - 'mp3' Buffer Overflow (PoC)
Oracle OpenJDK Runtime Environment 1.8.0_112-b15 - Java Serialization Denial Of Service
DiskSavvy Enterprise - GET Buffer Overflow (Metasploit)
OwnRS Blog 1.2 - (autor.php) SQL Injection
OwnRS Blog 1.2 - 'autor.php' SQL Injection
Mambo Component 'com_sim' 0.8 - Blind SQL Injection
Mambo Component com_sim 0.8 - Blind SQL Injection
Flax Article Manager 1.1 - 'cat_id' SQL Injection
OpenGoo 1.1 - (script_class) Local File Inclusion
EPOLL SYSTEM 3.1 - (Password.dat) Disclosure
Flax Article Manager 1.1 - 'cat_id' Parameter SQL Injection
OpenGoo 1.1 - Local File Inclusion
EPOLL SYSTEM 3.1 - 'Password.dat' Disclosure
ITLPoll 2.7 Stable2 - (index.php id) Blind SQL Injection
ITLPoll 2.7 Stable2 - Blind SQL Injection
Script Toko Online 5.01 - (shop_display_products.php) SQL Injection
Script Toko Online 5.01 - SQL Injection
Wazzum Dating Software - (userid) SQL Injection
Wazzum Dating Software - 'userid' Parameter SQL Injection
SiteXS 0.1.1 - (type) Local File Inclusion
SiteXS CMS 0.1.1 - Local File Inclusion
Joomla! Component com_flashmagazinedeluxe - (mag_id) SQL Injection
OpenX 2.6.3 - (MAX_type) Local File Inclusion
Joomla! Component ElearningForce Flash Magazine Deluxe - SQL Injection
OpenX 2.6.3 - 'MAX_type' Parameter Local File Inclusion
Community CMS 0.4 - (/index.php id) Blind SQL Injection
Community CMS 0.4 - 'id' Parameter Blind SQL Injection
2017-01-24 05:01:17 +00:00
Offensive Security
3617e005f6
DB: 2017-01-12
...
16 new exploits
VMware 2.5.1 - (VMware-authd) Remote Denial of Service
VMware 2.5.1 - 'VMware-authd' Remote Denial of Service
Adobe Flash Player 24.0.0.186 - 'ActionGetURL2' Out-of-Bounds Memory Corruption
Adobe Flash Player 24.0.0.186 - 'ActionGetURL2' Out-of-Bounds Memory Corruption (2)
Boxoft Wav 1.0 - Buffer Overflow
VideoLAN VLC Media Player 2.2.1 - 'DecodeAdpcmImaQT' Buffer Overflow
EleCard MPEG PLAYER - '.m3u' Local Stack Overflow
Elecard MPEG Player - '.m3u' Local Stack Overflow
Microsoft Windows Kernel - 'win32k.sys' 'NtSetWindowLongPtr' Privilege Escalation (MS16-135)
Microsoft Windows Kernel - 'win32k.sys' 'NtSetWindowLongPtr' Privilege Escalation (MS16-135) (1)
Boxoft WAV to MP3 Converter - convert Feature Buffer Overflow
Boxoft WAV to MP3 Converter - 'convert' Buffer Overflow
Microsoft Windows Kernel - 'win32k.sys' 'NtSetWindowLongPtr' Privilege Escalation (MS16-135) (2)
Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098)
Cemu 1.6.4b - Information Leak + Buffer Overflow (Emulator Breakout)
Firejail - Privilege Escalation
McAfee Virus Scan Enterprise for Linux - Remote Code Execution
McAfee Virus Scan Enterprise for Linux 1.9.2 < 2.0.2 - Remote Code Execution
Ansible 2.1.4 / 2.2.1 - Command Execution
Eggblog < 3.07 - Remote SQL Injection / Privilege Escalation
EggBlog < 3.07 - Remote SQL Injection / Privilege Escalation
PowerClan 1.14a - (footer.inc.php) Remote File Inclusion
PowerClan 1.14a - 'footer.inc.php' Remote File Inclusion
Eggblog 3.1.0 - Cookies SQL Injection
EggBlog 3.1.0 - Cookies SQL Injection
eggBlog 4.0 - SQL Injection
EggBlog 4.0 - SQL Injection
2Capsule - 'sticker.php id' SQL Injection
2Capsule - SQL Injection
ASPThai.Net WebBoard 6.0 - (bview.asp) SQL Injection
ASPThai.Net WebBoard 6.0 - SQL Injection
Memberkit 1.0 - Remote Arbitrary .PHP File Upload
phpScribe 0.9 - (user.cfg) Remote Config Disclosure
Memberkit 1.0 - Arbitrary File Upload
phpScribe 0.9 - 'user.cfg' Remote Config Disclosure
PowerClan 1.14a - (Authentication Bypass) SQL Injection
PowerClan 1.14a - Authentication Bypass
Webspell 4 - (Authentication Bypass) SQL Injection
webSPELL 4 - Authentication Bypass
eggBlog 4.1.1 - Local Directory Traversal
EggBlog 4.1.1 - Local Directory Traversal
Travel Portal Script Admin Password Change - Cross-Site Request Forgery
Travel Portal Script - Cross-Site Request Forgery (Admin Password Change)
eggBlog 4.1.2 - Arbitrary File Upload
EggBlog 4.1.2 - Arbitrary File Upload
Eggblog 2.0 - blog.php id Parameter SQL Injection
Eggblog 2.0 - topic.php message Parameter Cross-Site Scripting
EggBlog 2.0 - 'id' Parameter SQL Injection
EggBlog 2.0 - 'message' Parameter Cross-Site Scripting
PowerClan 1.14 - member.php SQL Injection
PowerClan 1.14 - 'member.php' SQL Injection
SoftBizScripts Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - products.php cid Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - 'index.php' cid Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - news_desc.php id Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - 'featured_photos.php' SQL Injection
SoftBizScripts Dating Script 1.0 - 'products.php' SQL Injection
SoftBizScripts Dating Script 1.0 - 'index.php' SQL Injection
SoftBizScripts Dating Script 1.0 - 'news_desc.php' SQL Injection
Dating Script 3.25 - SQL Injection
Starting Page 1.3 - SQL Injection
Starting Page 1.3 - 'linkid' Parameter SQL Injection
Starting Page 1.3 - 'category' Parameter SQL Injection
My link trader 1.1 - 'id' Parameter SQL Injection
Blackboard LMS 9.1 SP14 - Cross-Site Scripting
Huawei Flybox B660 - Cross-Site Request Forgery
Travel Portal Script 9.33 - SQL Injection
Movie Portal Script 7.35 - SQL Injection
2017-01-12 05:01:16 +00:00
Offensive Security
a1c336773a
DB: 2017-01-09
...
3 new exploits
Brave Browser 1.2.16/1.9.56 - Address Bar URL Spoofing
Advanced Desktop Locker 6.0.0 - Lock Screen Bypass
DirectAdmin 1.28/1.29 - CMD_SHOW_RESELLER user Parameter Cross-Site Scripting
DirectAdmin 1.28/1.29 - CMD_SHOW_USER user Parameter Cross-Site Scripting
DirectAdmin 1.28/1.29 - CMD_TICKET_CREATE TYPE Parameter Cross-Site Scripting
DirectAdmin 1.28/1.29 - CMD_EMAIL_FORWARDER_MODIFY user Parameter Cross-Site Scripting
DirectAdmin 1.28/1.29 - CMD_TICKET type Parameter Cross-Site Scripting
DirectAdmin 1.28/1.29 - CMD_EMAIL_VACATION_MODIFY user Parameter Cross-Site Scripting
DirectAdmin 1.28/1.29 - CMD_EMAIL_LIST name Parameter Cross-Site Scripting
DirectAdmin 1.28/1.29 - CMD_FTP_SHOW DOMAIN Parameter Cross-Site Scripting
DirectAdmin 1.28/1.29 - 'CMD_SHOW_RESELLER' Cross-Site Scripting
DirectAdmin 1.28/1.29 - 'CMD_SHOW_USER' Cross-Site Scripting
DirectAdmin 1.28/1.29 - 'CMD_TICKET_CREATE' Cross-Site Scripting
DirectAdmin 1.28/1.29 - 'CMD_EMAIL_FORWARDER_MODIFY' Cross-Site Scripting
DirectAdmin 1.28/1.29 - 'CMD_TICKET' Cross-Site Scripting
DirectAdmin 1.28/1.29 - 'CMD_EMAIL_VACATION_MODIFY' Cross-Site Scripting
DirectAdmin 1.28/1.29 - 'CMD_EMAIL_LIST' Cross-Site Scripting
DirectAdmin 1.28/1.29 - 'CMD_FTP_SHOW' Cross-Site Scripting
DirectAdmin 1.292 - CMD_USER_STATS Cross-Site Scripting
DirectAdmin 1.292 - 'CMD_USER_STATS' Cross-Site Scripting
DirectAdmin 1.50.1 - Denial of Service
2017-01-09 05:01:15 +00:00
Offensive Security
897e1fa191
DB: 2016-12-24
...
3 new exploits
WinFTP Server 2.0.2 - (PASV) Remote Denial of Service
WinFTP Server 2.0.2 - 'PASV' Remote Denial of Service
WinFTP Server 2.3.0 - (NLST) Denial of Service
WinFTP Server 2.3.0 - 'NLST' Denial of Service
vxFtpSrv 2.0.3 - CWD command Remote Buffer Overflow (PoC)
vxFtpSrv 2.0.3 - 'CWD' Remote Buffer Overflow (PoC)
OpenSSH < 7.4 - 'UsePrivilegeSeparation Disabled' Forwarded Unix Domain Sockets Privilege Escalation
X7 Chat 2.0.5 - lib/message.php preg_replace() PHP Code Execution (Metasploit)
X7 Chat 2.0.5 - 'message.php' PHP Code Execution (Metasploit)
OpenSSH < 7.4 - agent Protocol Arbitrary Library Loading
X7 Chat 2.0 - (help_file) Remote Command Execution
X7 Chat 2.0 - 'help_file' Parameter Remote Command Execution
Ultimate WebBoard 3.00 - (Category) SQL Injection
PromoteWeb MySQL - 'go.php id' SQL Injection
212Cafe Board 0.07 - (view.php qID) SQL Injection
Ultimate WebBoard 3.00 - 'Category' Parameter SQL Injection
PromoteWeb MySQL - 'id' Parameter SQL Injection
212Cafe Board 0.07 - 'qID' Parameter SQL Injection
The Gemini Portal - 'lang' Remote File Inclusion
RPG.Board 0.0.8Beta2 - (showtopic) SQL Injection
ASPapp KnowledgeBase - 'catid' SQL Injection
The Gemini Portal 4.7 - 'lang' Parameter Remote File Inclusion
RPG.Board 0.0.8Beta2 - 'showtopic' Parameter SQL Injection
ASPapp KnowledgeBase - 'catid' Parameter SQL Injection
X7 Chat 2.0.1A1 - (mini.php help_file) Local File Inclusion
X7 Chat 2.0.1A1 - 'mini.php' Local File Inclusion
CoAST 0.95 - (sections_file) Remote File Inclusion
Real Estate Manager - 'cat_id' SQL Injection
LnBlog 0.9.0 - (plugin) Local File Inclusion
PlugSpace 0.1 - (index.php navi) Local File Inclusion
MyCard 1.0.2 - (gallery.php id) SQL Injection
PowerPortal 2.0.13 - 'path' Local Directory Traversal
PHP-Lance 1.52 - (show.php catid) SQL Injection
Yoxel 1.23beta - (itpm_estimate.php a) Remote Code Execution
CoAST 0.95 - 'sections_file' Parameter Remote File Inclusion
Real Estate Manager 1.01 - 'cat_id' Parameter SQL Injection
LnBlog 0.9.0 - 'plugin' Parameter Local File Inclusion
PlugSpace 0.1 - 'navi' Parameter Local File Inclusion
MyCard 1.0.2 - 'id' Parameter SQL Injection
PowerPortal 2.0.13 - 'path' Parameter Local Directory Traversal
PHP-Lance 1.52 - 'catid' Parameter SQL Injection
Yoxel 1.23beta - 'itpm_estimate.php' Remote Code Execution
ZEELYRICS 2.0 - (bannerclick.php adid) SQL Injection
ZEELYRICS 2.0 - 'bannerclick.php' SQL Injection
Pro Chat Rooms 3.0.3 - (guid) SQL Injection
Pilot Group eTraining - 'news_read.php id' SQL Injection
BbZL.php 0.92 - (lien_2) Local Directory Traversal
Pro Chat Rooms 3.0.3 - SQL Injection
Pilot Group eTraining - 'news_read.php' SQL Injection
BbZL.php 0.92 - 'lien_2' Parameter Local Directory Traversal
Arcadem Pro - 'articlecat' SQL Injection
Arcadem Pro - 'articlecat' Parameter SQL Injection
ArabCMS - 'rss.php rss' Local File Inclusion
FAQ Management Script - 'catid' SQL Injection
ArabCMS - 'rss.php' Local File Inclusion
FAQ Management Script - 'catid' Parameter SQL Injection
BookMarks Favourites Script - 'view_group.php id' SQL Injection
BookMarks Favourites Script - 'id' Parameter SQL Injection
BMForum 5.6 - (tagname) SQL Injection
BMForum 5.6 - 'tagname' Parameter SQL Injection
Crux Gallery 1.32 - (index.php theme) Local File Inclusion
phpScheduleIt 1.2.10 - (reserve.php) Remote Code Execution
RPortal 1.1 - (file_op) Remote File Inclusion
Crux Gallery 1.32 - 'theme' Parameter Local File Inclusion
phpScheduleIt 1.2.10 - 'reserve.php' Remote Code Execution
RPortal 1.1 - 'file_op' Parameter Remote File Inclusion
Link Trader - 'ratelink.php lnkid' SQL Injection
Link Trader - 'lnkid' Parameter SQL Injection
OLIB 7 WebView 2.5.1.1 - (infile) Local File Inclusion
OpenX 2.6 - (ac.php bannerid) Blind SQL Injection
OLIB 7 WebView 2.5.1.1 - 'infile' Parameter Local File Inclusion
OpenX 2.6 - 'bannerid' Parameter Blind SQL Injection
X7 Chat 2.0.5 - (Authentication Bypass) SQL Injection
X7 Chat 2.0.5 - Authentication Bypass
Arcadem Pro 2.8 - (article) Blind SQL Injection
Arcadem Pro 2.8 - 'article' Parameter Blind SQL Injection
Link Trader - (lnkid) SQL Injection
phpScheduleIt PHP - reserve.php start_date Parameter Arbitrary Code Injection (Metasploit)
phpScheduleIt 1.2.10 - 'reserve.php' Arbitrary Code Injection (Metasploit)
PowerPortal 1.1/1.3 - modules.php Traversal Arbitrary Directory Listing
PowerPortal 1.1/1.3 - 'modules.php' Traversal Arbitrary Directory Listing
Atomic Photo Album 0.x/1.0 - Apa_PHPInclude.INC.php Remote File Inclusion
Atomic Photo Album 0.x/1.0 - 'Apa_PHPInclude.INC.php' Remote File Inclusion
BMForum 3.0 - topic.php Multiple Parameter Cross-Site Scripting
BMForum 3.0 - forums.php Multiple Parameter Cross-Site Scripting
BMForum 3.0 - post.php forumid Parameter Cross-Site Scripting
BMForum 3.0 - announcesys.php forumid Parameter Cross-Site Scripting
BMForum 3.0 - 'topic.php' Cross-Site Scripting
BMForum 3.0 - 'forums.php' Cross-Site Scripting
BMForum 3.0 - 'post.php' Cross-Site Scripting
BMForum 3.0 - 'announcesys.php' Cross-Site Scripting
PowerPortal 1.1/1.3 - 'index.php' search Parameter Cross-Site Scripting
PowerPortal 1.1/1.3 - search.php search Parameter Cross-Site Scripting
PowerPortal 1.1/1.3 - 'index.php' Cross-Site Scripting
PowerPortal 1.1/1.3 - 'search.php' Cross-Site Scripting
X7 Chat 2.0.4 - sources/frame.php room Parameter Cross-Site Scripting
X7 Chat 2.0.4 - upgradev1.php INSTALL_X7CHATVERSION Parameter Cross-Site Scripting
X7 Chat 2.0.4 - 'frame.php' Cross-Site Scripting
X7 Chat 2.0.4 - 'upgradev1.php' Cross-Site Scripting
BMForum 5.6 - 'index.php' outpused Parameter Cross-Site Scripting
BMForum 5.6 - newtem/footer/bsd01footer.php Multiple Parameter Cross-Site Scripting
BMForum 5.6 - newtem/header/bsd01header.php Multiple Parameter Cross-Site Scripting
BMForum 5.6 - 'index.php' Cross-Site Scripting
BMForum 5.6 - 'bsd01footer.php' Cross-Site Scripting
BMForum 5.6 - 'bsd01header.php' Cross-Site Scripting
Pilot Group eTraining - courses_login.php cat_id Parameter Cross-Site Scripting
Pilot Group eTraining - news_read.php id Parameter Cross-Site Scripting
Pilot Group eTraining - lessons_login.php Multiple Parameter Cross-Site Scripting
Pilot Group eTraining - 'courses_login.php' Cross-Site Scripting
Pilot Group eTraining - 'news_read.php' Cross-Site Scripting
Pilot Group eTraining - 'lessons_login.php' Cross-Site Scripting
OpenX - /www/admin/plugin-index.php parent Parameter Cross-Site Scripting
OpenX 2.8.10 - 'plugin-index.php' Cross-Site Scripting
Apache mod_session_crypto - Padding Oracle
2016-12-24 05:01:17 +00:00
Offensive Security
26b1e8b6ad
DB: 2016-12-23
...
10 new exploits
Microsoft Internet Explorer 11 - MSHTML CPasteCommand::ConvertBitmaptoPng Heap-Based Buffer Overflow (MS14-056)
Microsoft Internet Explorer 11 MSHTML - CSpliceTreeEngine::RemoveSplice Use-After-Free (MS14-035)
Microsoft Internet Explorer 11 - MSHTML CSpliceTreeEngine::RemoveSplice Use-After-Free (MS14-035)
macOS 10.12.1 Kernel - Writable Privileged IOKit Registry Properties Code Execution
macOS 10.12 - Double vm_deallocate in Userspace MIG Code Use-After-Free
macOS < 10.12.2 / iOS < 10.2 Kernel - ipc_port_t Reference Count Leak Due to Incorrect externalMethod Overrides Use-After-Free
macOS 10.12.1 / iOS < 10.2 - powerd Arbitrary Port Replacement
macOS 10.12.1 / iOS < 10.2 - syslogd Arbitrary Port Replacement
IBM AIX 6.1/7.1/7.2 - 'Bellmail' Privilege Escalation
Vesta Control Panel 0.9.8-16 - Local Privilege Escalation
macOS < 10.12.2 / iOS < 10.2 Kernel - _kernelrpc_mach_port_insert_right_trap Reference Count Leak / Use-After-Free
macOS < 10.12.2 / iOS < 10.2 - Broken Kernel Mach Port Name uref Handling Privileged Port Name Replacement Privilege Escalation
PHP iCalendar 2.21 - (publish.ical.php) Remote Code Execution
PHP iCalendar 2.21 - 'publish.ical.php' Remote Code Execution
CzarNews 1.14 - (tpath) Remote File Inclusion
CzarNews 1.14 - 'tpath' Parameter Remote File Inclusion
N/X WCMS 4.1 - (nxheader.inc.php) Remote File Inclusion
N/X WCMS 4.1 - 'nxheader.inc.php' Remote File Inclusion
Powies pForum 1.29a - (editpoll.php) SQL Injection
Powies pForum 1.29a - 'editpoll.php' SQL Injection
AssetMan 2.4a - (download_pdf.php) Remote File Disclosure
AssetMan 2.4a - 'download_pdf.php' Remote File Disclosure
Orion-Blog 2.0 - (AdminBlogNewsEdit.asp) Remote Authentication Bypass
Orion-Blog 2.0 - Remote Authentication Bypass
Ol BookMarks Manager 0.7.4 - (root) Remote File Inclusion
Ol BookMarks Manager 0.7.4 - 'root' Parameter Remote File Inclusion
AdminBot 9.0.5 - (live_status.lib.php ROOT) Remote File Inclusion
AdminBot 9.0.5 - 'live_status.lib.php' Remote File Inclusion
WSN Links Basic Edition - (displaycat catid) SQL Injection
WSN Links Basic Edition - 'catid' Parameter SQL Injection
phpRealty 0.02 - (MGR) Multiple Remote File Inclusion
phpRealty 0.02 - 'MGR' Parameter Multiple Remote File Inclusion
jPORTAL 2 - mailer.php SQL Injection
jPORTAL 2.3.1 - articles.php SQL Injection
jPORTAL 2 - 'mailer.php' SQL Injection
jPORTAL 2.3.1 - 'articles.php' SQL Injection
AvailScript Jobs Portal Script - Authenticated (jid) SQL Injection
AvailScript Jobs Portal Script - 'jid' Parameter SQL Injection
PhpWebGallery 1.3.4 - Cross-Site Scripting / Local File Inclusion
PHPWebGallery 1.3.4 - Cross-Site Scripting / Local File Inclusion
D-iscussion Board 3.01 - (topic) Local File Inclusion
D-iscussion Board 3.01 - 'topic' Parameter Local File Inclusion
PhpWebGallery 1.3.4 - Blind SQL Injection
PHPWebGallery 1.3.4 - Blind SQL Injection
PhpWebGallery 1.3.4 - Blind SQL Injection
pForum 1.30 - (showprofil.php id) SQL Injection
WebPortal CMS 0.7.4 - (download.php aid) SQL Injection
iBoutique 4.0 - (cat) SQL Injection
SkaLinks 1.5 - (register.php) Arbitrary Add Editor
vbLOGIX Tutorial Script 1.0 - 'cat_id' SQL Injection
PHPWebGallery 1.3.4 - Blind SQL Injection
pForum 1.30 - 'showprofil.php' SQL Injection
WebPortal CMS 0.7.4 - 'download.php' SQL Injection
iBoutique 4.0 - 'cat' Parameter SQL Injection
SkaLinks 1.5 - 'register.php' Arbitrary Add Editor
vbLOGIX Tutorial Script 1.0 - 'cat_id' Parameter SQL Injection
pLink 2.07 - (linkto.php id) Blind SQL Injection
pLink 2.07 - 'linkto.php' Blind SQL Injection
FoT Video scripti 1.1b - (oyun) SQL Injection
FoT Video scripti 1.1b - 'oyun' Parameter SQL Injection
Pre Real Estate Listings - 'search.php c' SQL Injection
Pre Real Estate Listings - 'search.php' SQL Injection
iScripts EasyIndex - (produid) SQL Injection
iScripts EasyIndex - 'produid' Parameter SQL Injection
Hotel Reservation System - 'city.asp city' Blind SQL Injection
phpRealty 0.3 - (INC) Remote File Inclusion
PHP Crawler 0.8 - (footer) Remote File Inclusion
Technote 7 - (shop_this_skin_path) Remote File Inclusion
Hotel Reservation System - 'city.asp' Blind SQL Injection
phpRealty 0.3 - 'INC' Parameter Remote File Inclusion
PHP Crawler 0.8 - Remote File Inclusion
Technote 7 - 'shop_this_skin_path' Parameter Remote File Inclusion
E-PHP CMS - 'article.php es_id' SQL Injection
addalink 4 - 'category_id' SQL Injection
ProArcadeScript 1.3 - (random) SQL Injection
CYASK 3.x - (collect.php neturl) Local File Disclosure
Diesel Joke Site - 'picture_category.php id' SQL Injection
ProActive CMS - 'template' Local File Inclusion
E-PHP CMS - 'article.php' SQL Injection
addalink 4 - 'category_id' Parameter SQL Injection
ProArcadeScript 1.3 - 'random' Parameter SQL Injection
CYASK 3.x - 'neturl' Parameter Local File Disclosure
Diesel Joke Site - 'picture_category.php' SQL Injection
ProActive CMS - 'template' Parameter Local File Inclusion
Diesel Pay Script - (area) SQL Injection
Plaincart 1.1.2 - (p) SQL Injection
Oceandir 2.9 - (show_vote.php id) SQL Injection
jPORTAL 2 - 'humor.php id' SQL Injection
Diesel Pay Script - 'area' Parameter SQL Injection
Plaincart 1.1.2 - 'p' Parameter SQL Injection
Oceandir 2.9 - 'show_vote.php' SQL Injection
jPORTAL 2 - 'humor.php' SQL Injection
Diesel Job Site - (job_id) Blind SQL Injection
Diesel Job Site - 'job_id' Parameter Blind SQL Injection
e107 Plugin Image Gallery 0.9.6.2 - (image) SQL Injection
e107 Plugin Image Gallery 0.9.6.2 - SQL Injection
WSN Links 2.22/2.23 - (vote.php) SQL Injection
WSN Links 2.22/2.23 - 'vote.php' SQL Injection
BuzzyWall 1.3.1 - (search.php search) SQL Injection
WCMS 1.0b - (news_detail.asp id) SQL Injection
BuzzyWall 1.3.1 - 'search' Parameter SQL Injection
WCMS 1.0b - 'news_detail.asp' SQL Injection
OpenElec 3.01 - (form.php obj) Local File Inclusion
OpenElec 3.01 - 'obj' Parameter Local File Inclusion
basebuilder 2.0.1 - (main.inc.php) Remote File Inclusion
Fez 1.3/2.0 RC1 - (list.php) SQL Injection
basebuilder 2.0.1 - 'main.inc.php' Remote File Inclusion
Fez 1.3/2.0 RC1 - 'list.php' SQL Injection
OpenRat 0.8-beta4 - (tpl_dir) Remote File Inclusion
Sofi WebGui 0.6.3 PRE - (mod_dir) Remote File Inclusion
OpenRat 0.8-beta4 - 'tpl_dir' Parameter Remote File Inclusion
Sofi WebGui 0.6.3 PRE - 'mod_dir' Parameter Remote File Inclusion
JETIK-WEB Software - 'sayfa.php kat' SQL Injection
JETIK-WEB Software - 'kat' Parameter SQL Injection
WebPortal CMS 0.7.4 - (code) Remote Code Execution
HotScripts Clone - 'cid' SQL Injection
WebPortal CMS 0.7.4 - 'code' Parameter Remote Code Execution
HotScripts Clone - 'cid' Parameter SQL Injection
emergecolab 1.0 - (sitecode) Local File Inclusion
mailwatch 1.0.4 - (docs.php doc) Local File Inclusion
PHPcounter 1.3.2 - (defs.php l) Local File Inclusion
emergecolab 1.0 - 'sitecode' Parameter Local File Inclusion
mailwatch 1.0.4 - 'doc' Parameter Local File Inclusion
PHPcounter 1.3.2 - 'defs.php' Local File Inclusion
webcp 0.5.7 - (filelocation) Remote File Disclosure
webcp 0.5.7 - 'filelocation' Parameter Remote File Disclosure
LanSuite 3.3.2 - (design) Local File Inclusion
PHPOCS 0.1-beta3 - (index.php act) Local File Inclusion
Vikingboard 0.2 Beta - (task) Local File Inclusion
LanSuite 3.3.2 - 'design' Parameter Local File Inclusion
PHPOCS 0.1-beta3 - 'act' Parameter Local File Inclusion
Vikingboard 0.2 Beta - 'task' Parameter Local File Inclusion
barcodegen 2.0.0 - (class_dir) Remote File Inclusion
barcodegen 2.0.0 - 'class_dir' Parameter Remote File Inclusion
PHPcounter 1.3.2 - (index.php name) SQL Injection
PHPcounter 1.3.2 - 'index.php' SQL Injection
PhpWebGallery 1.7.2 - Session Hijacking / Code Execution
PHPWebGallery 1.7.2 - Session Hijacking / Code Execution
BuzzyWall 1.3.1 - (download id) Remote File Disclosure
BuzzyWall 1.3.1 - 'id' Parameter Remote File Disclosure
Pre Real Estate Listings - (Authentication Bypass) SQL Injection
Pre Real Estate Listings - Authentication Bypass
Netartmedia Real Estate Portal 1.2 - (ad_id) SQL Injection
Netartmedia Real Estate Portal 1.2 - 'ad_id' Parameter SQL Injection
SkaLinks 1.5 - (Authentication Bypass) SQL Injection
SkaLinks 1.5 - Authentication Bypass
diesel job site 1.4 - Multiple Vulnerabilities
Diesel Job Site 1.4 - Multiple Vulnerabilities
ProArcadeScript to Game - (game) SQL Injection
ProArcadeScript to Game - SQL Injection
Link Bid Script - 'links.php id' SQL Injection
Link Bid Script - 'links.php' SQL Injection
NetArt Media iBoutique 4.0 - (index.php key Parameter) SQL Injection
iBoutique 4.0 - 'key' Parameter SQL Injection
PHPForum 2.0 RC1 - Mainfile.php Remote File Inclusion
PHPForum 2.0 RC1 - 'Mainfile.php' Remote File Inclusion
JPortal 2.2.1 - print.php SQL Injection
jPORTAL 2.2.1 - 'print.php' SQL Injection
CzarNews 1.13/1.14 - headlines.php Remote File Inclusion
CzarNews 1.13/1.14 - 'headlines.php' Remote File Inclusion
JPortal 2.3.1 - Banner.php SQL Injection
jPORTAL 2.3.1 - 'Banner.php' SQL Injection
CJ Ultra Plus 1.0.3/1.0.4 - OUT.php SQL Injection
CJ Ultra Plus 1.0.3/1.0.4 - 'OUT.php' SQL Injection
JPortal 2.2.1/2.3.1 - download.php SQL Injection
jPORTAL 2.2.1/2.3.1 - 'download.php' SQL Injection
JPortal Web Portal 2.2.1/2.3.1 - comment.php id Parameter SQL Injection
JPortal Web Portal 2.2.1/2.3.1 - news.php id Parameter SQL Injection
JPortal Web Portal 2.2.1/2.3.1 - 'comment.php' SQL Injection
JPortal Web Portal 2.2.1/2.3.1 - 'news.php' SQL Injection
PHPWCMS 1.2.5 -DEV - random_image.php imgdir Parameter Traversal Arbitrary File Access
PHPWCMS 1.2.5 -DEV - 'imgdir' Parameter Traversal Arbitrary File Access
JPortal 2.2.1/2.3 Forum - forum.php SQL Injection
jPORTAL 2.2.1/2.3 Forum - 'forum.php' SQL Injection
Diesel Joke Site - Category.php SQL Injection
Diesel Joke Site - 'Category.php' SQL Injection
TinyPHPForum 3.6 - error.php Information Disclosure
TinyPHPForum 3.6 - UpdatePF.php Authentication Bypass
TinyPHPForum 3.6 - 'error.php' Information Disclosure
TinyPHPForum 3.6 - 'UpdatePF.php' Authentication Bypass
Vikingboard Viking board 0.1b - help.php act Parameter Cross-Site Scripting
Vikingboard Viking board 0.1b - report.php p Parameter Cross-Site Scripting
Vikingboard 0.1 - topic.php SQL Injection
Vikingboard 0.1b - 'help.php' Cross-Site Scripting
Vikingboard 0.1b - 'report.php' Cross-Site Scripting
Vikingboard 0.1 - 'topic.php' SQL Injection
PHP iCalendar 1.1/2.x - day.php Multiple Parameter Cross-Site Scripting
PHP iCalendar 1.1/2.x - month.php Multiple Parameter Cross-Site Scripting
PHP iCalendar 1.1/2.x - year.php Multiple Parameter Cross-Site Scripting
PHP iCalendar 1.1/2.x - week.php Multiple Parameter Cross-Site Scripting
PHP iCalendar 1.1/2.x - search.php Multiple Parameter Cross-Site Scripting
PHP iCalendar 1.1/2.x - rss/index.php getdate Parameter Cross-Site Scripting
PHP iCalendar 1.1/2.x - print.php getdate Parameter Cross-Site Scripting
PHP iCalendar 1.1/2.x - preferences.php Multiple Parameter Cross-Site Scripting
PHP iCalendar 1.1/2.x - 'day.php' Cross-Site Scripting
PHP iCalendar 1.1/2.x - 'month.php' Cross-Site Scripting
PHP iCalendar 1.1/2.x - 'year.php' Cross-Site Scripting
PHP iCalendar 1.1/2.x - 'week.php' Cross-Site Scripting
PHP iCalendar 1.1/2.x - 'search.php' Cross-Site Scripting
PHP iCalendar 1.1/2.x - 'getdate' Parameter Cross-Site Scripting
PHP iCalendar 1.1/2.x - 'print.php' Cross-Site Scripting
PHP iCalendar 1.1/2.x - 'preferences.php' Cross-Site Scripting
Vikingboard Viking board 0.1.2 - cp.php Multiple Parameter Cross-Site Scripting
Vikingboard Viking board 0.1.2 - user.php u Parameter Cross-Site Scripting
Vikingboard Viking board 0.1.2 - post.php Multiple Parameter Cross-Site Scripting
Vikingboard Viking board 0.1.2 - topic.php s Parameter Cross-Site Scripting
Vikingboard Viking board 0.1.2 - forum.php debug Variable Information Disclosure
Vikingboard Viking board 0.1.2 - cp.php debug Variable Information Disclosure
Vikingboard 0.1.2 - 'cp.php' Cross-Site Scripting
Vikingboard 0.1.2 - 'user.php' Cross-Site Scripting
Vikingboard 0.1.2 - 'post.php' Cross-Site Scripting
Vikingboard 0.1.2 - 'topic.php' Cross-Site Scripting
Vikingboard 0.1.2 - 'forum.php' Information Disclosure
Vikingboard 0.1.2 - 'cp.php' Information Disclosure
PaysiteReviewCMS 1.1 - search.php q Parameter Cross-Site Scripting
PaysiteReviewCMS - image.php image Parameter Cross-Site Scripting
PaysiteReviewCMS 1.1 - 'search.php' Cross-Site Scripting
PaysiteReviewCMS - 'image.php' Cross-Site Scripting
BuzzScripts BuzzyWall 1.3.2 - 'resolute.php' Information Disclosure
BuzzyWall 1.3.2 - 'resolute.php' Information Disclosure
2016-12-23 05:01:18 +00:00
Offensive Security
62dddb2f49
DB: 2016-12-20
...
9 new exploits
Apache 2.2 - (Windows) Local Denial of Service
Apache 2.2 (Windows) - Local Denial of Service
Apache 1.3.x + Tomcat 4.0.x/4.1.x Mod_JK - Chunked Encoding Denial of Service
Apache 1.3.x + Tomcat 4.0.x/4.1.x (Mod_JK) - Chunked Encoding Denial of Service
Apache 2.4.7 mod_status - Scoreboard Handling Race Condition
Apache 2.4.7 (mod_status) - Scoreboard Handling Race Condition
Google Chrome < 31.0.1650.48 - HTTP 1xx base::StringTokenizerT<...>::QuickGetNext Out-of-Bounds Read
Apache 1.3.31 mod_include - Local Buffer Overflow
Apache 1.3.31 (mod_include) - Local Buffer Overflow
Gopher 3.0.9 - (+VIEWS) Remote Client Side Buffer Overflow
Gopher 3.0.9 - (+VIEWS) Remote Client-Side Buffer Overflow
Apache 'Mod_Auth_OpenID' - Session Stealing
Apache (Mod_Auth_OpenID) - Session Stealing
Apache 2.0.4x mod_php Module - File Descriptor Leakage (1)
Apache 2.0.4x mod_php Module - File Descriptor Leakage (2)
Apache 2.0.4x (mod_php) - File Descriptor Leakage (1)
Apache 2.0.4x (mod_php) - File Descriptor Leakage (2)
Apache 2.0.4x mod_perl Module - File Descriptor Leakage (3)
Apache 2.0.4x (mod_perl) - File Descriptor Leakage (3)
Apache 1.3.x mod_include - Local Buffer Overflow
Apache 1.3.x (mod_include) - Local Buffer Overflow
Naenara Browser 3.5 (RedStar 3.0 Desktop) - 'JACKRABBIT' Client-Side Command Execution
Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution
RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock)
Google Chrome + Fedora 25 / Ubuntu 16.04 - 'tracker-extract' / 'gnome-video-thumbnailer' + 'totem' Drive-By Download
Apache 1.3.x mod_mylo - Remote Code Execution
Apache 1.3.x (mod_mylo) - Remote Code Execution
Apache 1.3.x < 2.0.48 - mod_userdir Remote Users Disclosure
Apache 1.3.x < 2.0.48 (mod_userdir) - Remote Users Disclosure
Apache mod_ssl (< 2.8.7) OpenSSL - 'OpenFuckV2.c' Remote Exploit (2)
Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuckV2.c' Remote Exploit (2)
Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (2)
Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray
Apache mod_perl 'Apache::Status' and 'Apache2::Status' - Cross-Site Scripting
Apache (mod_perl) - 'Apache::Status' / 'Apache2::Status' Cross-Site Scripting
Apache 2.2.14 mod_isapi - Dangling Pointer Remote SYSTEM Exploit
Apache 2.2.14 (mod_isapi) - Dangling Pointer Remote SYSTEM Exploit
Apache (Windows x86) - (Windows x86) Chunked Encoding (Metasploit)
Apache (Windows x86) - Chunked Encoding (Metasploit)
Apache mod_proxy - Reverse Proxy Exposure (PoC)
Apache (mod_proxy) - Reverse Proxy Exposure (PoC)
Apache 1.3.20 - Win32 PHP.exe Remote File Disclosure
Apache 1.3.20 (Win32) - 'PHP.exe' Remote File Disclosure
Apache mod_ssl (< 2.8.7) OpenSSL - 'OpenFuck.c' Remote Exploit (1)
Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuck.c' Remote Exploit (1)
Joomla! Component 'com_media' - Arbitrary File Upload (Metasploit)
Joomla! Component Media Manager - Arbitrary File Upload (Metasploit)
Apache 2.2.6 - 'mod_negotiation' HTML Injection and HTTP Response Splitting
Apache 2.2.6 (mod_negotiation) - HTML Injection and HTTP Response Splitting
Apache 7.0.x 'mod_proxy'- Reverse Proxy Security Bypass
Apache 7.0.x (mod_proxy) - Reverse Proxy Security Bypass
Apache 2.2.15 - 'mod_proxy' Reverse Proxy Security Bypass
Apache 2.2.15 (mod_proxy) - Reverse Proxy Security Bypass
Apache 'mod_wsgi' Module - Information Disclosure
Apache (mod_wsgi) - Information Disclosure
Joomla! Component 'com_jp_jobs' 1.4.1 - SQL Injection
Joomla! Component JP Jobs 1.4.1 - SQL Injection
Joomla! Component 'com_joomlapicasa' 2.0 - Local File Inclusion
Joomla! Component Picasa 2.0 - Local File Inclusion
Joomla! Component 'com_jinventory' - Local File Inclusion
Joomla! Component JInventory 1.23.02 - Local File Inclusion
Joomla! Component 'com_loginbox' - Local File Inclusion
Joomla! Component LoginBox - Local File Inclusion
Joomla! Component 'com_Joomlaupdater' - Local File Inclusion
Joomla! Component Magic Updater - Local File Inclusion
Joomla! Component 'com_news_portal' 1.5.x - Local File Inclusion
Joomla! Component 'com_fss' 1.3 - 'faqid' Parameter SQL Injection
Joomla! Component News Portal 1.5.x - Local File Inclusion
Joomla! Component Freestyle FAQ Lite 1.3 - 'faqid' Parameter SQL Injection
Joomla! Component 'com_jwhmcs' 1.5.0 - Local File Inclusion
Joomla! Component 'com_jukebox' 1.7 - Local File Inclusion
Joomla! Component 'com_Joomlaflickr' 1.0 - Local File Inclusion
Joomla! Component 'com_hsconfig' 1.5 - Local File Inclusion
Joomla! Component 'com_fabrik' 2.0 - Local File Inclusion
Joomla! Component 'com_datafeeds' 880 - Local File Inclusion
Joomla! Component J!WHMCS Integrator 1.5.0 - Local File Inclusion
Joomla! Component Juke Box 1.7 - Local File Inclusion
Joomla! Component Joomla Flickr 1.0 - Local File Inclusion
Joomla! Component Highslide 1.5 - Local File Inclusion
Joomla! Component Fabrik 2.0 - Local File Inclusion
Joomla! Component Affiliate Datafeeds 880 - Local File Inclusion
Joomla! Component 'com_foobla_suggestions' 1.5.1.2 - Local File Inclusion
Joomla! Component 'com_javoice' - Local File Inclusion
Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion
Joomla! Component JA Voice 2.0 - Local File Inclusion
Joomla! Component 'com_jfeedback' - Local File Inclusion
Joomla! Component 'com_jprojectmanager' - Local File Inclusion
Joomla! Component Jfeedback 1.2 - Local File Inclusion
Joomla! Component JProject Manager 1.0 - Local File Inclusion
Joomla! Component 'com_mv_restaurantmenumanager' 1.5.2 - SQL Injection
Joomla! Component Multi-Venue Restaurant Menu Manager 1.5.2 - SQL Injection
Joomla! Component 'com_horoscope' - Local File Inclusion
Joomla! Component Horoscope 1.5.0 - Local File Inclusion
Joomla! Component 'com_market' - Local File Inclusion
Joomla! Component Online Market 2.x - Local File Inclusion
Joomla! Component 'com_jvehicles' - 'aid' Parameter SQL Injection
Joomla! Component 'com_jp_jobs' 1.2.0 - 'id' Parameter SQL Injection
Joomla! Component Jvehicles 1.0/2.0 - 'aid' Parameter SQL Injection
Joomla! Component JP Jobs 1.2.0 - 'id' Parameter SQL Injection
Joomla! Component 'com_mtfireeagle' - Local File Inclusion
Joomla! Component 'com_mediamall' - Blind SQL Injection
Joomla! Component 'com_lovefactory' - Local File Inclusion
Joomla! Component 'com_jacomment' - Local File Inclusion
Joomla! Component MT Fire Eagle 1.2 - Local File Inclusion
Joomla! Component Media Mall Factory 1.0.4 - Blind SQL Injection
Joomla! Component Love Factory 1.3.4 - Local File Inclusion
Joomla! Component JA Comment - Local File Inclusion
Joomla! Component 'com_iproperty' 1.5.3 - 'id' Parameter SQL Injection
Joomla! Component Intellectual Property 1.5.3 - 'id' Parameter SQL Injection
Joomla! Component 'com_joltcard' - SQL Injection
Joomla! Component JoltCard 1.2.1 - SQL Injection
Joomla! Component 'com_gadgetfactory' - Local File Inclusion
Joomla! Component 'com_matamko' - Local File Inclusion
Joomla! Component 'com_multiroot' - Local File Inclusion
Joomla! Component 'com_multimap' - Local File Inclusion
Joomla! Component 'com_drawroot' - Local File Inclusion
Joomla! Component Gadget Factory 1.0.0 - Local File Inclusion
Joomla! Component Matamko 1.01 - Local File Inclusion
Joomla! Component iNetLanka Multiple root 1.0 - Local File Inclusion
Joomla! Component iNetLanka Multiple Map 1.0 - Local File Inclusion
Joomla! Component iNetLanka Contact Us Draw Root Map 1.1 - Local File Inclusion
Joomla! Component 'com_if_surfalert' - Local File Inclusion
Joomla! Component iF surfALERT 1.2 - Local File Inclusion
Joomla! Component 'com_gbufacebook' 1.0.5 - SQL Injection
Joomla! Component GBU Facebook 1.0.5 - SQL Injection
Joomla! Component 'com_jnewspaper' - 'cid' Parameter SQL Injection
Joomla! Component 'com_jtm' 1.9 Beta - SQL Injection
Joomla! Component Online News Paper Manager 1.0 - 'cid' Parameter SQL Injection
Joomla! Component JTM Reseller 1.9 Beta - SQL Injection
Joomla! Component 'com_mmsblog' - Local File Inclusion
Joomla! Component MMS Blog 2.3.0 - Local File Inclusion
Joomla! Component 'com_noticeboard' - Local File Inclusion
Joomla! Component NoticeBoard 1.3 - Local File Inclusion
Joomla! Component 'com_graphics' 1.0.6 - Local File Inclusion
Joomla! Component Graphics 1.0.6 - Local File Inclusion
Joomla! Component 'com_newsfeeds' - SQL Injection
Joomla! Component Newsfeeds - SQL Injection
Joomla! Component 'com_konsultasi' - 'sid' Parameter SQL Injection
Joomla! Component Komento 1.0.0 - 'sid' Parameter SQL Injection
Joomla! Component 'com_dioneformwizard' - Local File Inclusion
Joomla! Component FDione Form Wizard 1.0.2 - Local File Inclusion
Joomla! Component 'com_jejob' 1.0 - Local File Inclusion
Joomla! Component JE Job 1.0 - Local File Inclusion
Joomla! Component 'com_jequoteform' - Local File Inclusion
Joomla! Component JE Quotation Form 1.0b1 - Local File Inclusion
Joomla! Component 'com_mscomment' 0.8.0b - Local File Inclusion
Joomla! Component MS Comment 0.8.0b - Local File Inclusion
Apache Axis2 Administration console - Authenticated Cross-Site Scripting
Apache Axis2 Administration Console - Authenticated Cross-Site Scripting
Joomla! Component 'com_mycar' - Multiple Vulnerabilities
Joomla! Component My Car 1.0 - Multiple Vulnerabilities
Joomla! Component 'com_jejob' 1.0 - 'catid' Parameter SQL Injection
Joomla! Component JE Job 1.0 - 'catid' Parameter SQL Injection
Joomla! Component 'com_jsjobs' - SQL Injection
Joomla! Component JS Jobs 1.0.5.8 - SQL Injection
Joomla! Component 'com_djartgallery' - Multiple Vulnerabilities
Joomla! Component DJ-ArtGallery 0.9.1 - Multiple Vulnerabilities
Joomla! Component 'com_gamesbox' 1.0.2 - 'id' SQL Injection
Joomla! Component Gamesbox 1.0.2 - 'id' Parameter SQL Injection
Joomla! Component 'com_eventcal' 1.6.4 - Blind SQL Injection
Joomla! Component eventCal 1.6.4 - Blind SQL Injection
Joomla! Component 'com_ninjamonials' - Blind SQL Injection
Joomla! Component NinjaMonials - Blind SQL Injection
Joomla! Component 'com_neorecruit' - 'Itemid' Parameter Blind SQL Injection
Joomla! Component NeoRecruit 1.6.4 - 'Itemid' Parameter Blind SQL Injection
Joomla! Component 'com_golfcourseguide' 0.9.6.0 - SQL Injection
Joomla! Component 'com_huruhelpdesk' - SQL Injection
Joomla! Component Golf Course Guide 0.9.6.0 - SQL Injection
Joomla! Component Huru Helpdesk - SQL Injection
Joomla! Component 'com_joomdle' 0.24 - SQL Injection
Joomla! Component Joomdle 0.24 - SQL Injection
Joomla! Component 'com_Joomla-visites' - Remote File Inclusion
Joomla! Component Visites 1.1 RC2 - Remote File Inclusion
Joomla! Component 'com_jefaqpro' - Multiple Blind SQL Injection
Joomla! Component JE FAQ Pro 1.5.0 - Multiple Blind SQL Injection
Joomla! Component 'com_magazine' 3.0.1 - Remote File Inclusion
Joomla! Component iJoomla Magazine 3.0.1 - Remote File Inclusion
Joomla! Component 'com_gantry' 3.0.10 - Blind SQL Injection
Joomla! Component Gantry 3.0.10 - Blind SQL Injection
Joomla! Component 'com_jphone' - Local File Inclusion
Joomla! Component Jphone 1.0 Alpha 3 - Local File Inclusion
Joomla! Component 'com_jgen' - SQL Injection
Joomla! Component JGen 0.9.33 - SQL Injection
Joomla! Component 'com_ezautos' - SQL Injection
Joomla! Component Joostina - SQL Injection
Joomla! Component 'com_jeguestbook' 1.0 - Multiple Vulnerabilities
Joomla! Component JE Guestbook 1.0 - Multiple Vulnerabilities
Joomla! Component 'com_jedirectory' - SQL Injection
Joomla! Component JE Directory 1.0 - SQL Injection
Joomla! Component 'com_jscalendar' 1.5.1 - Multiple Vulnerabilities
Joomla! Component JS Calendar 1.5.1 - Multiple Vulnerabilities
Joomla! Component 'com_jeajaxeventcalendar' - SQL Injection
Joomla! Component JE Ajax Event Calendar - SQL Injection
Joomla! Component 'com_flipwall' - SQL Injection
Joomla! Component Pulse Infotech Flip Wall - SQL Injection
Joomla! Component 'com_jquarks4s' 1.0.0 - Blind SQL Injection
Joomla! Component JQuarks4s 1.0.0 - Blind SQL Injection
Joomla! Component 'com_jsupport' - Cross-Site Scripting
Joomla! Component 'com_jsupport' - SQL Injection
Joomla! Component JSupport 1.5.6 - Cross-Site Scripting
Joomla! Component JSupport 1.5.6 - SQL Injection
Joomla! Component 'com_jimtawl' - Local File Inclusion
Joomla! Component Jimtawl 1.0.2 - Local File Inclusion
phpMyAdmin - Client Side Code Injection / Redirect Link Falsification
phpMyAdmin - Client-Side Code Injection / Redirect Link Falsification
Joomla! Component 'com_jeauto' 1.0 - SQL Injection
Joomla! Component JE Auto 1.0 - SQL Injection
Joomla! Component 'com_jradio' - Local File Inclusion
Joomla! Component JRadio - Local File Inclusion
Joomla! Component 'com_jotloader' 2.2.1 - Local File Inclusion
Joomla! Component JotLoader 2.2.1 - Local File Inclusion
Joomla! Component 'com_hmcommunity' - Multiple Vulnerabilities
Joomla! Component HM Community - Multiple Vulnerabilities
Joomla! Component 'com_estateagent' - SQL Injection
Joomla! Component Estate Agent - SQL Injection
EPortfolio 1.0 - Client Side Input Validation
EPortfolio 1.0 - Client-Side Input Validation
ActiveWeb Contentserver 5.6.2929 CMS - Client Side Filtering Bypass
ActiveWeb Contentserver 5.6.2929 CMS - Client-Side Filtering Bypass
Joomla! Component 'com_komento' 1.7.2 - Persistent Cross-Site Scripting
Joomla! Component 'com_jvcomment' 3.0.2 - 'id' Parameter SQL Injection
Joomla! Component Komento 1.7.2 - Persistent Cross-Site Scripting
Joomla! Component JV Comment 3.0.2 - 'id' Parameter SQL Injection
Joomla! Component 'com_jcomments' 2.1 - 'ComntrNam' Parameter Cross-Site Scripting
Joomla! Component JComments 2.1 - 'ComntrNam' Parameter Cross-Site Scripting
Joomla! Component 'com_clubmanager' - 'cm_id' Parameter SQL Injection
Joomla! Component Club Manager - 'cm_id' Parameter SQL Injection
Joomla! Component 'com_jstore' - 'Controller' Parameter Local File Inclusion
Joomla! Component Jstore - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_ecommercewd' 1.2.5 - SQL Injection
Joomla! Component ECommerce-WD 1.2.5 - SQL Injection
Joomla! Component 'com_contactformmaker' 1.0.1 - SQL Injection
Joomla! Component Contact Form Maker 1.0.1 - SQL Injection
Joomla! Component 'com_kp' - 'Controller' Parameter Local File Inclusion
Joomla! Component com_kp - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_helpdeskpro' < 1.4.0 - Multiple Vulnerabilities
Joomla! Component Helpdesk Pro < 1.4.0 - Multiple Vulnerabilities
Wordpress Plugin WP Support Plus Responsive Ticket System 7.1.3 - SQL Injection
Wordpress Plugin WP Private Messages 1.0.1 - SQL Injection
WordPress Plugin 404 Redirection Manager 1.0 - SQL Injection
ntop-ng 2.5.160805 - Username Enumeration
2016-12-20 05:01:16 +00:00
Offensive Security
e1c4e9e1ec
DB: 2016-11-17
...
3 new exploits
Redhat 6.1 / 6.2 - TTY Flood Users Exploit
RedHat 6.1 / 6.2 - TTY Flood Users Exploit
Microsoft Windows - Kernel ANI File Parsing Crash
Microsoft Windows Kernel - '.ANI' File Parsing Crash
PunBB 2.0.10 - (Register Multiple Users) Denial Of Service
PunBB 2.0.10 - (Register Multiple Users) Denial of Service
Apple Mac OSX 10.4.x - Kernel shared_region_map_file_np() Memory Corruption
Apple Mac OSX 10.4.x Kernel - shared_region_map_file_np() Memory Corruption
MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial Of Service
MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial of Service
MailEnable Professional/Enterprise 2.37 - Denial Of Service
MailEnable Professional/Enterprise 2.37 - Denial of Service
Apple Mac OSX 10.4.x - Kernel i386_set_ldt() Integer Overflow (PoC)
Apple Mac OSX 10.4.x Kernel - i386_set_ldt() Integer Overflow (PoC)
Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial Of Service
Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service
MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Command Denial Of Service
MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Command Denial of Service
snircd 1.3.4 - (send_user_mode) Denial of Service
MPlayer - sdpplin_parse() Array Indexing Buffer Overflow (PoC)
Snircd 1.3.4 - 'send_user_mode' Denial of Service
MPlayer 1.0 rc2 - 'sdpplin_parse()' Array Indexing Buffer Overflow (PoC)
LogMeIn Remote Access Utility - ActiveX Memory Corruption (Denial Of Service)
LogMeIn Remote Access Utility - ActiveX Memory Corruption (Denial of Service)
ZoIPer 2.22 - Call-Info Remote Denial Of Service
ZoIPer 2.22 - Call-Info Remote Denial of Service
Dualis 20.4 - '.bin' Local Denial Of Service
Dualis 20.4 - '.bin' Local Denial of Service
Dolphin 2.0 - '.elf' Local Denial Of Service
Dolphin 2.0 - '.elf' Local Denial of Service
Home FTP Server r1.10.3 (build 144) - Denial of Service
Home FTP Server 1.10.3 (build 144) - Denial of Service
Red Hat Linux - stickiness of /tmp Exploit
RedHat Linux - Stickiness of /tmp Exploit
Apple Mac OSX < 10.6.7 - Kernel Panic Exploit
Apple Mac OSX < 10.6.7 - Kernel Panic
Red Hat TUX 2.1.0-2 - HTTP Server Oversized Host Denial of Service
RedHat TUX 2.1.0-2 - HTTP Server Oversized Host Denial of Service
Titan FTP Server 3.0 - 'LIST' Command Denial Of Service
Titan FTP Server 3.0 - 'LIST' Command Denial of Service
Mozilla0.x / Netscape 3/4 / Firefox 1.0 - JavaScript IFRAME Rendering Denial Of Service
Mozilla0.x / Netscape 3/4 / Firefox 1.0 - JavaScript IFRAME Rendering Denial of Service
I Hear U 0.5.6 - Multiple Remote Denial Of Service Vulnerabilities
I Hear U 0.5.6 - Multiple Remote Denial of Service Vulnerabilities
Microsoft Windows Explorer - '.png' Image Local Denial Of Service
Microsoft Windows Explorer - '.png' Image Local Denial of Service
Mozilla FireFox 2.0.8 - Sidebar Bookmark Persistent Denial Of Service
Mozilla FireFox 2.0.8 - Sidebar Bookmark Persistent Denial of Service
MySQL 5.1.23 - Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service
MySQL 5.1.23 - Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial of Service
PHP 5.2.5 - Multiple GetText functions Denial Of Service Vulnerabilities
PHP 5.2.5 - Multiple GetText functions Denial of Service Vulnerabilities
LIVE555 Media Server 2007.11.1 - ParseRTSPRequestString Remote Denial Of Service
LIVE555 Media Server 2007.11.1 - ParseRTSPRequestString Remote Denial of Service
Pragma Systems FortressSSH 5.0 - 'msvcrt.dll' Exception Handling Remote Denial Of Service
Pragma Systems FortressSSH 5.0 - 'msvcrt.dll' Exception Handling Remote Denial of Service
Sami FTP Server 2.0.x - Multiple Commands Remote Denial Of Service Vulnerabilities
Sami FTP Server 2.0.x - Multiple Commands Remote Denial of Service Vulnerabilities
SurgeFTP 2.3a2 - 'Content-Length' Parameter Null Pointer Denial Of Service
SurgeFTP 2.3a2 - 'Content-Length' Parameter Null Pointer Denial of Service
RemotelyAnywhere 8.0.668 - 'Accept-Charset' Parameter Null Pointer Denial Of Service
RemotelyAnywhere 8.0.668 - 'Accept-Charset' Parameter Null Pointer Denial of Service
MySQL 5.1.13 - INFORMATION_SCHEMA Remote Denial Of Service
snircd 1.3.4 And ircu 2.10.12.12 - 'set_user_mode' Remote Denial of Service
MySQL 5.1.13 - INFORMATION_SCHEMA Remote Denial of Service
SLMail Pro 6.3.1.0 - Multiple Remote Denial Of Service / Memory Corruption Vulnerabilities
Microsoft Windows XP/Vista/2000/2003/2008 - Kernel Usermode Callback Privilege Escalation (1)
SLMail Pro 6.3.1.0 - Multiple Remote Denial of Service / Memory Corruption Vulnerabilities
Microsoft Windows XP/Vista/2000/2003/2008 Kernel - Usermode Callback Privilege Escalation (1)
SmarterTools SmarterMail 5.0 - HTTP Request Handling Denial Of Service
SmarterTools SmarterMail 5.0 - HTTP Request Handling Denial of Service
Apple iCal 3.0.1 - 'ATTACH' Parameter Denial Of Service
Apple iCal 3.0.1 - 'ATTACH' Parameter Denial of Service
WinWebMail 3.7.3 - IMAP Login Data Handling Denial Of Service
WinWebMail 3.7.3 - IMAP Login Data Handling Denial of Service
Computer Associates ARCserve Backup Discovery Service Remote - Denial Of Service
Computer Associates ARCserve Backup Discovery Service Remote - Denial of Service
Microsoft Excel 2007 - JavaScript Code Remote Denial Of Service
Microsoft Excel 2007 - JavaScript Code Remote Denial of Service
GNOME Rhythmbox 0.11.5 - Malformed Playlist File Denial Of Service
GNOME Rhythmbox 0.11.5 - Malformed Playlist File Denial of Service
GNOME Evolution 2.22.2 - 'html_engine_get_view_width()' Denial Of Service
GNOME Evolution 2.22.2 - 'html_engine_get_view_width()' Denial of Service
SWAT 4 - Multiple Denial Of Service Vulnerabilities
SWAT 4 - Multiple Denial of Service Vulnerabilities
Unreal Tournament 3 - Denial Of Service / Memory Corruption
Unreal Tournament 3 - Denial of Service / Memory Corruption
Combat Evolved 1.0.7.0615 - Multiple Denial Of Service Vulnerabilities
Combat Evolved 1.0.7.0615 - Multiple Denial of Service Vulnerabilities
Noticeware Email Server 4.6 - NG LOGIN Messages Denial Of Service
Noticeware Email Server 4.6 - NG LOGIN Messages Denial of Service
Ruby 1.9 - REXML Remote Denial Of Service
Ruby 1.9 - REXML Remote Denial of Service
Red Hat 8/9 - Directory Server Crafted Search Pattern Denial of Service
RedHat 8/9 - Directory Server Crafted Search Pattern Denial of Service
MySQL 6.0.4 - Empty Binary String Literal Remote Denial Of Service
MySQL 6.0.4 - Empty Binary String Literal Remote Denial of Service
Mass Downloader - Malformed Executable Denial Of Service
Mass Downloader - Malformed Executable Denial of Service
Microsoft Windows 2003/Vista - 'UnhookWindowsHookEx' Local Denial Of Service
Zope 2.11.2 - PythonScript Multiple Remote Denial Of Service Vulnerabilities
Microsoft Windows 2003/Vista - 'UnhookWindowsHookEx' Local Denial of Service
Zope 2.11.2 - PythonScript Multiple Remote Denial of Service Vulnerabilities
GeSHi 1.0.x - XML Parsing Remote Denial Of Service
GeSHi 1.0.x - XML Parsing Remote Denial of Service
Symbian S60 - Malformed SMS/Mms Remote Denial Of Service
Symbian S60 - Malformed SMS/Mms Remote Denial of Service
InfraRecorder 0.53 - Memory Corruption (Denial Of Service)
IBM Websphere DataPower XML Security Gateway 3.6.1 XS40 - Remote Denial Of Service
InfraRecorder 0.53 - Memory Corruption (Denial of Service)
IBM Websphere DataPower XML Security Gateway 3.6.1 XS40 - Remote Denial of Service
QNX RTOS 6.4 - Malformed ELF Binary File Local Denial Of Service
QNX RTOS 6.4 - Malformed ELF Binary File Local Denial of Service
Apple Safari For Windows 3.2.1 - Malformed URI Remote Denial Of Service
PHP 5.2.5 - 'mbstring.func_overload' WebServer Denial Of Service
Apple Safari For Windows 3.2.1 - Malformed URI Remote Denial of Service
PHP 5.2.5 - 'mbstring.func_overload' WebServer Denial of Service
Apple Safari 4 - Malformed 'feeds:' URI Null Pointer Dereference Remote Denial Of Service
Apple Safari 4 - Malformed 'feeds:' URI Null Pointer Dereference Remote Denial of Service
MySQL 6.0.9 - XPath Expression Remote Denial Of Service
MySQL 6.0.9 - XPath Expression Remote Denial of Service
MPlayer - Malformed AAC File Handling Denial of Service
MPlayer - Malformed OGM File Handling Denial of Service
MPlayer - '.AAC' File Handling Denial of Service
MPlayer - '.OGM' File Handling Denial of Service
Mani's Admin Plugin - Remote Denial Of Service
Mani's Admin Plugin - Remote Denial of Service
cFos Personal Net 3.09 - Remote Heap Memory Corruption (Denial Of Service)
CUPS 1.3.9 - 'cups/ipp.c' Null Pointer Dereference Denial Of Service
cFos Personal Net 3.09 - Remote Heap Memory Corruption (Denial of Service)
CUPS 1.3.9 - 'cups/ipp.c' Null Pointer Dereference Denial of Service
Git 1.6.3 - Parameter Processing Remote Denial Of Service
Git 1.6.3 - Parameter Processing Remote Denial of Service
GUPnP 0.12.7 - Message Handling Denial Of Service
GUPnP 0.12.7 - Message Handling Denial of Service
ntop 3.3.10 - HTTP Basic Authentication Null Pointer Dereference Denial Of Service
ntop 3.3.10 - HTTP Basic Authentication Null Pointer Dereference Denial of Service
FileCOPA FTP Server 5.01 - 'NOOP' Command Denial Of Service
FileCOPA FTP Server 5.01 - 'NOOP' Command Denial of Service
Snort 2.8.5 - Multiple Denial Of Service Vulnerabilities
Snort 2.8.5 - Multiple Denial of Service Vulnerabilities
lighttpd 1.4/1.5 - Slow Request Handling Remote Denial Of Service
lighttpd 1.4/1.5 - Slow Request Handling Remote Denial of Service
Skybox Security 6.3.x < 6.4.x - Multiple Denial Of Service Issue
Skybox Security 6.3.x < 6.4.x - Multiple Denial of Service Issue
Hybserv2 - ':help' Command Denial Of Service
Hybserv2 - ':help' Command Denial of Service
Mozilla Firefox 3.5.x and SeaMonkey 2.0.1 - Remote Denial Of Service
Apple Safari 4.0.4 - Remote Denial Of Service
Mozilla Firefox 3.5.x and SeaMonkey 2.0.1 - Remote Denial of Service
Apple Safari 4.0.4 - Remote Denial of Service
FreeBSD 8.0 / OpenBSD 4.x - 'ftpd' Null Pointer Dereference Denial Of Service
FreeBSD 8.0 / OpenBSD 4.x - 'ftpd' Null Pointer Dereference Denial of Service
PostgreSQL 8.4.1 - JOIN Hashtable Size Integer Overflow Denial Of Service
PostgreSQL 8.4.1 - JOIN Hashtable Size Integer Overflow Denial of Service
Remote Help HTTP 0.0.7 - GET Request Format String Denial Of Service
Remote Help HTTP 0.0.7 - GET Request Format String Denial of Service
netKar PRO 1.1 - '.nkuser' File Creation Null Pointer Denial Of Service
netKar PRO 1.1 - '.nkuser' File Creation Null Pointer Denial of Service
Geo++ GNCASTER 1.4.0.7 - HTTP GET Request Denial Of Service
Geo++ GNCASTER 1.4.0.7 NMEA-data - Denial Of Service
Xitami 5.0 - '/AUX' Request Remote Denial Of Service
Geo++ GNCASTER 1.4.0.7 - HTTP GET Request Denial of Service
Geo++ GNCASTER 1.4.0.7 NMEA-data - Denial of Service
Xitami 5.0 - '/AUX' Request Remote Denial of Service
Torque Game Engine - Multiple Denial Of Service Vulnerabilities
Torque Game Engine - Multiple Denial of Service Vulnerabilities
EA Battlefield 2 1.41 / Battlefield 2142 1.50 - Multiple Denial Of Service Vulnerabilities
EA Battlefield 2 1.41 / Battlefield 2142 1.50 - Multiple Denial of Service Vulnerabilities
Unreal Engine - 'ReceivedRawBunch()' Denial Of Service
Unreal Engine - 'ReceivedRawBunch()' Denial of Service
Chrome Engine 4 - Denial Of Service
Chrome Engine 4 - Denial of Service
Sagem Fast 3304-V1 - Denial Of Service
Sagem Fast 3304-V1 - Denial of Service
Sumatra PDF 1.1 - Denial Of Service
Sumatra PDF 1.1 - Denial of Service
Freeciv 2.2.1 - Multiple Remote Denial Of Service Vulnerabilities
Multiple Tripwire Interactive Games - 'STEAMCLIENTBLOB' Multiple Denial Of Service Vulnerabilities
Freeciv 2.2.1 - Multiple Remote Denial of Service Vulnerabilities
Multiple Tripwire Interactive Games - 'STEAMCLIENTBLOB' Multiple Denial of Service Vulnerabilities
Microsoft DirectX 8/9 DirectPlay - Multiple Denial Of Service Vulnerabilities
Microsoft DirectX 8/9 DirectPlay - Multiple Denial of Service Vulnerabilities
PMSoftware Simple Web Server 2.1 - 'From:' Header Processing Remote Denial Of Service
PMSoftware Simple Web Server 2.1 - 'From:' Header Processing Remote Denial of Service
Sniper Elite 1.0 - Null Pointer Dereference Denial Of Service
Sniper Elite 1.0 - Null Pointer Dereference Denial of Service
MySQL 5.1.48 - 'Temporary InnoDB' Tables Denial Of Service
MySQL 5.1.48 - 'EXPLAIN' Denial Of Service
OraclMySQL 5.1.48 - 'LOAD DATA INFILE' Denial Of Service
MySQL 5.1.48 - 'Temporary InnoDB' Tables Denial of Service
MySQL 5.1.48 - 'EXPLAIN' Denial of Service
OraclMySQL 5.1.48 - 'LOAD DATA INFILE' Denial of Service
Oracle MySQL 5.1.48 - 'HANDLER' Interface Denial Of Service
Oracle MySQL < 5.1.49 - Malformed 'BINLOG' Arguments Denial Of Service
Oracle MySQL < 5.1.49 - 'DDL' Statements Denial Of Service
Oracle MySQL 5.1.48 - 'HANDLER' Interface Denial of Service
Oracle MySQL < 5.1.49 - Malformed 'BINLOG' Arguments Denial of Service
Oracle MySQL < 5.1.49 - 'DDL' Statements Denial of Service
GNU glibc - 'regcomp()' Stack Exhaustion Denial Of Service
GNU glibc - 'regcomp()' Stack Exhaustion Denial of Service
Mongoose 2.11 - 'Content-Length' HTTP Header Remote Denial Of Service
Mongoose 2.11 - 'Content-Length' HTTP Header Remote Denial of Service
Microsoft Internet Explorer 11 - Denial Of Service
Microsoft Internet Explorer 11 - Denial of Service
Golden FTP Server 4.70 - Malformed Message Denial Of Service
Golden FTP Server 4.70 - Malformed Message Denial of Service
TP-Link TL-WR740N - Denial Of Service
PHP 5.3.5 - 'grapheme_extract()' Null Pointer Dereference Denial Of Service
TP-Link TL-WR740N - Denial of Service
PHP 5.3.5 - 'grapheme_extract()' Null Pointer Dereference Denial of Service
Battlefield 2/2142 - Malformed Packet Null Pointer Dereference Remote Denial Of Service
Battlefield 2/2142 - Malformed Packet Null Pointer Dereference Remote Denial of Service
Wireshark 1.4.3 - NTLMSSP Null Pointer Dereference Denial Of Service
Air Contacts Lite - HTTP Packet Denial Of Service
Wireshark 1.4.3 - NTLMSSP Null Pointer Dereference Denial of Service
Air Contacts Lite - HTTP Packet Denial of Service
TOTVS ERP Microsiga Protheus 8/10 - Memory Corruption (Denial Of Service)
TOTVS ERP Microsiga Protheus 8/10 - Memory Corruption (Denial of Service)
Perl 5.10 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities
Perl 5.10 - Multiple Null Pointer Dereference Denial of Service Vulnerabilities
Novell eDirectory 8.8 and Netware LDAP-SSL Daemon - Denial Of Service
Novell eDirectory 8.8 and Netware LDAP-SSL Daemon - Denial of Service
Wireshark 1.4.5 - 'bytes_repr_len()' Null Pointer Dereference Denial Of Service
Wireshark 1.4.5 - 'bytes_repr_len()' Null Pointer Dereference Denial of Service
RealityServer Web Services RTMP Server 3.1.1 build 144525.5 - Null Pointer Dereference Denial Of Service
RealityServer Web Services RTMP Server 3.1.1 build 144525.5 - Null Pointer Dereference Denial of Service
PHP < 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities
PHP < 5.3.7 - Multiple Null Pointer Dereference Denial of Service Vulnerabilities
Polipo 1.0.4.1 - POST/PUT Requests HTTP Header Processing Denial Of Service
Microsoft Host Integration Server 2004-2010 - Remote Denial Of Service
Polipo 1.0.4.1 - POST/PUT Requests HTTP Header Processing Denial of Service
Microsoft Host Integration Server 2004-2010 - Remote Denial of Service
Multiple Vendors - libc 'regcomp()' Stack Exhaustion Denial Of Service
Multiple Vendors - libc 'regcomp()' Stack Exhaustion Denial of Service
Titan FTP Server 8.40 - 'APPE' Command Remote Denial Of Service
Titan FTP Server 8.40 - 'APPE' Command Remote Denial of Service
Apache APR - Hash Collision Denial Of Service
PHP PDORow Object - Remote Denial Of Service
Apache APR - Hash Collision Denial of Service
PHP PDORow Object - Remote Denial of Service
PHP 5.3.8 - Remote Denial Of Service
PHP 5.3.8 - Remote Denial of Service
Mercury MR804 Router - Multiple HTTP Header Fields Denial Of Service Vulnerabilities
Mercury MR804 Router - Multiple HTTP Header Fields Denial of Service Vulnerabilities
Sony Bravia KDL-32CX525 - 'hping' Command Remote Denial Of Service
Sony Bravia KDL-32CX525 - 'hping' Command Remote Denial of Service
Universal Reader 1.16.740.0 - 'uread.exe' Denial Of Service
Universal Reader 1.16.740.0 - 'uread.exe' Denial of Service
Apache Sling - Denial Of Service
Apache Sling - Denial of Service
VideoLAN VLC Media Player 2.0.2 - '.3gp' File Divide-by-Zero Denial Of Service
VideoLAN VLC Media Player 2.0.2 - '.3gp' File Divide-by-Zero Denial of Service
Microsoft Windows - Kernel Bitmap Handling Use-After-Free (MS15-061) (2)
Microsoft Windows - Kernel DeferWindowPos Use-After-Free (MS15-073)
Microsoft Windows - Kernel UserCommitDesktopMemory Use-After-Free (MS15-073)
Microsoft Windows - Kernel Pool Buffer Overflow Drawing Caption Bar (MS15-061)
Microsoft Windows - Kernel HmgAllocateObjectAttr Use-After-Free (MS15-061)
Microsoft Windows - Kernel win32k!vSolidFillRect Buffer Overflow (MS15-061)
Microsoft Windows - Kernel SURFOBJ Null Pointer Dereference (MS15-061)
Microsoft Windows - Kernel Brush Object Use-After-Free (MS15-061)
Microsoft Windows - Kernel WindowStation Use-After-Free (MS15-061)
Microsoft Windows - Kernel Null Pointer Dereference with Window Station and Clipboard (MS15-061)
Microsoft Windows - Kernel Bitmap Handling Use-After-Free (MS15-061) (1)
Microsoft Windows - Kernel FlashWindowEx Memory Corruption (MS15-097)
Microsoft Windows - Kernel bGetRealizedBrush Use-After-Free (MS15-097)
Microsoft Windows - Kernel Use-After-Free with Cursor Object (MS15-097)
Microsoft Windows - Kernel Use-After-Free with Printer Device Contexts (MS15-097)
Microsoft Windows - Kernel NtGdiStretchBlt Pool Buffer Overflows (MS15-097)
Microsoft Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (2)
Microsoft Windows Kernel - DeferWindowPos Use-After-Free (MS15-073)
Microsoft Windows Kernel - UserCommitDesktopMemory Use-After-Free (MS15-073)
Microsoft Windows Kernel - Pool Buffer Overflow Drawing Caption Bar (MS15-061)
Microsoft Windows Kernel - HmgAllocateObjectAttr Use-After-Free (MS15-061)
Microsoft Windows Kernel - win32k!vSolidFillRect Buffer Overflow (MS15-061)
Microsoft Windows Kernel - SURFOBJ Null Pointer Dereference (MS15-061)
Microsoft Windows Kernel - Brush Object Use-After-Free (MS15-061)
Microsoft Windows Kernel - WindowStation Use-After-Free (MS15-061)
Microsoft Windows Kernel - Null Pointer Dereference with Window Station and Clipboard (MS15-061)
Microsoft Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (1)
Microsoft Windows Kernel - FlashWindowEx Memory Corruption (MS15-097)
Microsoft Windows Kernel - bGetRealizedBrush Use-After-Free (MS15-097)
Microsoft Windows Kernel - Use-After-Free with Cursor Object (MS15-097)
Microsoft Windows Kernel - Use-After-Free with Printer Device Contexts (MS15-097)
Microsoft Windows Kernel - NtGdiStretchBlt Pool Buffer Overflows (MS15-097)
Microsoft Windows - Kernel NtGdiBitBlt Buffer Overflow (MS15-097)
Microsoft Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097)
MySQL / MariaDB - Geometry Query Denial Of Service
MySQL / MariaDB - Geometry Query Denial of Service
Apple Mac OSX - Kernel IOAccelMemoryInfoUserClient Use-After-Free
Apple Mac OSX Kernel - IOAccelMemoryInfoUserClient Use-After-Free
Microsoft Windows - Kernel 'win32k.sys' Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Microsoft Windows - Kernel 'win32k.sys' Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Microsoft Windows Kernel - 'win32k.sys' Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Microsoft Windows Kernel - 'win32k.sys' Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Blue Coat ProxySG 5.x - and Security Gateway OS Denial Of Service
Blue Coat ProxySG 5.x - and Security Gateway OS Denial of Service
Microsoft Windows - Kernel Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)
Microsoft Windows Kernel - Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)
Apple Mac OSX - Kernel no-more-senders Use-After-Free
Apple Mac OSX Kernel - no-more-senders Use-After-Free
Apple Mac OSX - Kernel IOAccelDisplayPipeUserClient2 Use-After-Free
Apple Mac OSX Kernel - IOAccelDisplayPipeUserClient2 Use-After-Free
TFTPD32 / Tftpd64 - Denial Of Service
TFTPD32 / Tftpd64 - Denial of Service
Apple Mac OSX / iOS - Kernel IOHDIXControllUserClient::clientClose Use-After-Free/Double-Free
Apple Mac OSX / iOS - Kernel iokit Registry Iterator Manipulation Double-Free
Apple Mac OSX / iOS Kernel - IOHDIXControllUserClient::clientClose Use-After-Free/Double-Free
Apple Mac OSX / iOS Kernel - iokit Registry Iterator Manipulation Double-Free
Apple Mac OSX - Kernel Hypervisor Driver Use-After-Free
Apple Mac OSX Kernel - Hypervisor Driver Use-After-Free
Microsoft Windows - Kernel 'ATMFD.dll' OTF Font Processing Pool-Based Buffer Overflow (MS16-026)
Microsoft Windows - Kernel 'ATMFD.dll' OTF Font Processing Stack Corruption (MS16-026)
Microsoft Windows Kernel - 'ATMFD.dll' OTF Font Processing Pool-Based Buffer Overflow (MS16-026)
Microsoft Windows Kernel - 'ATMFD.dll' OTF Font Processing Stack Corruption (MS16-026)
Apple Mac OSX - Kernel Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort
Apple Mac OSX Kernel - Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort
Apple Mac OSX - Kernel AppleKeyStore Use-After-Free
Apple Mac OSX - Kernel Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in Nvidia Geforce Driver
Apple Mac OSX - Kernel Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver
Apple Mac OSX Kernel - AppleKeyStore Use-After-Free
Apple Mac OSX Kernel - Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in Nvidia Geforce Driver
Apple Mac OSX Kernel - Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver
Microsoft Windows - Kernel Bitmap Use-After-Free
Microsoft Windows - Kernel NtGdiGetTextExtentExW Out-of-Bounds Memory Read
Microsoft Windows Kernel - Bitmap Use-After-Free
Microsoft Windows Kernel - NtGdiGetTextExtentExW Out-of-Bounds Memory Read
Microsoft Windows - Kernel DrawMenuBarTemp Wild-Write (MS16-039)
Microsoft Windows Kernel - DrawMenuBarTemp Wild-Write (MS16-039)
Microsoft Windows - Kernel 'win32k.sys' TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039)
Microsoft Windows Kernel - 'win32k.sys' TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039)
Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in AppleMuxControl.kext
Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl
Apple Mac OSX - Kernel Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource
Apple Mac OSX - Kernel Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
Apple Mac OSX - Kernel Exploitable Null Pointer Dereference in IOAudioEngine
Apple Mac OSX - Kernel OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type
Apple Mac OSX - Kernel Use-After-Free Due to Bad Locking in IOAcceleratorFamily2
Apple Mac OSX / iOS - Kernel UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient
Apple Mac OSX - Kernel Stack Buffer Overflow in GeForce GPU Driver
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleMuxControl.kext
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl
Apple Mac OSX Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource
Apple Mac OSX Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in IOAudioEngine
Apple Mac OSX Kernel - OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type
Apple Mac OSX Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2
Apple Mac OSX / iOS Kernel - UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient
Apple Mac OSX Kernel - GeForce GPU Driver Stack Buffer Overflow
Microsoft Windows - Kernel 'ATMFD.dll' NamedEscape 0x250C Pool Corruption (MS16-074)
Microsoft Windows Kernel - 'ATMFD.dll' NamedEscape 0x250C Pool Corruption (MS16-074)
Apple OS X - Kernel IOBluetoothFamily.kext Use-After-Free
Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free
Linux Kernel 2.2.x / 2.4.x (Redhat) - 'ptrace/kmod' Privilege Escalation
Linux Kernel 2.2.x / 2.4.x (RedHat) - 'ptrace/kmod' Privilege Escalation
XGalaga 2.0.34 - Local game Exploit (Red Hat 9.0)
xtokkaetama 1.0b - Local Game Exploit (Red Hat 9.0)
XGalaga 2.0.34 (RedHat 9.0) - Local Game Exploit
xtokkaetama 1.0b (RedHat 9.0) - Local Game Exploit
hztty 2.0 - Privilege Escalation (Red Hat 9.0)
hztty 2.0 (RedHat 9.0) - Privilege Escalation
Redhat 6.2 /sbin/restore - Exploit
RedHat 6.2 /sbin/restore - Exploit
Redhat 6.2 Restore and Dump - Local Exploit (Perl)
RedHat 6.2 Restore and Dump - Local Exploit (Perl)
Redhat 6.2 /usr/bin/rcp - SUID Privilege Escalation Exploit
dump 0.4b15 (Redhat 6.2) - Exploit
RedHat 6.2 /usr/bin/rcp - SUID Privilege Escalation Exploit
dump 0.4b15 (RedHat 6.2) - Exploit
Red Hat 6.2 xsoldier 0.96 - Exploit
xsoldier 0.96 (RedHat 6.2) - Exploit
Redhat 6.1 man - Local Exploit (egid 15)
RedHat 6.1 man - Local Exploit (egid 15)
Microsoft Windows 2000 - Kernel APC Data-Free Local Escalation Exploit (MS05-055)
Microsoft Windows 2000 Kernel - APC Data-Free Local Escalation Exploit (MS05-055)
Microsoft Windows - Kernel Privilege Escalation (MS06-049)
Microsoft Windows Kernel - Privilege Escalation (MS06-049)
Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Kernel Privilege Escalation
Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Privilege Escalation
Linux Kernel 2.x (Redhat) - 'sock_sendpage()' Ring0 Privilege Escalation (1)
Linux Kernel 2.x (RedHat) - 'sock_sendpage()' Ring0 Privilege Escalation (1)
(Linux Kernel 2.6.34-rc3) ReiserFS (Redhat / Ubuntu 9.10) - xattr Privilege Escalation
(Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - xattr Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (Redhat x86_64) - 'compat' Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (RedHat x86_64) - 'compat' Privilege Escalation
Linux Kernel < 2.6.36-rc6 (Redhat / Ubuntu 10.04) - 'pktcdvd' Kernel Memory Disclosure (PoC)
Linux Kernel < 2.6.36-rc6 (RedHat / Ubuntu 10.04) - 'pktcdvd' Kernel Memory Disclosure (PoC)
Linux Kernel 2.6.37 (Redhat / Ubuntu 10.04) - 'Full-Nelson.c' Privilege Escalation (1)
Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Privilege Escalation (1)
Immunix OS 6.2/7.0 / Redhat 5.2/6.2/7.0 / S.u.S.E 6.x/7.0/7.1 Man -S - Heap Overflow
Immunix OS 6.2/7.0 / RedHat 5.2/6.2/7.0 / S.u.S.E 6.x/7.0/7.1 Man -S - Heap Overflow
Microsoft Windows - Kernel Intel x64 SYSRET (PoC)
Microsoft Windows Kernel - Intel x64 SYSRET (PoC)
Linux Kernel 3.7.6 (Redhat x86/x64) - 'MSR' Driver Privilege Escalation
Linux Kernel 3.7.6 (RedHat x86/x64) - 'MSR' Driver Privilege Escalation
Nginx (Debian-Based Distributions) - 'logrotate' Local Privilege Escalation
Microsoft Windows XP/7 - Kernel 'win32k.sys' Keyboard Layout Privilege Escalation
Microsoft Windows XP/7 Kernel - 'win32k.sys' Keyboard Layout Privilege Escalation
Microsoft Windows - Kernel 'win32k.sys' Privilege Escalation (MS14-058)
Microsoft Windows Kernel - 'win32k.sys' Privilege Escalation (MS14-058)
Apple OS X/iOS - Kernel IOSurface Use-After-Free
Apple OS X/iOS Kernel - IOSurface Use-After-Free
Linux Kernel (Ubuntu / Fedora / Redhat) - 'Overlayfs' Privilege Escalation (Metasploit)
Linux Kernel (Ubuntu / Fedora / RedHat) - 'Overlayfs' Privilege Escalation (Metasploit)
Ruby 1.8.6 - (Webrick Httpd 1.3.1) Directory Traversal
Ruby 1.8.6/1.9 (WEBick Httpd 1.3.1) - Directory Traversal
mg-soft net Inspector 6.5.0.828 - Multiple Vulnerabilities
MG-SOFT Net Inspector 6.5.0.828 - Multiple Vulnerabilities
ZYXEL ZyWALL Quagga/Zebra - (Default Password) Remote Root Exploit
ZYXEL ZyWALL Quagga/Zebra - 'Default Password' Remote Root Exploit
Red Hat Linux 7.0 Apache - Remote 'Username' Enumeration
RedHat Linux 7.0 Apache - Remote 'Username' Enumeration
Red Hat Interchange 4.8.x - Arbitrary File Read
RedHat Interchange 4.8.x - Arbitrary File Read
Red Hat Apache 2.0.40 - Directory Index Default Configuration Error
RedHat Apache 2.0.40 - Directory Index Default Configuration Error
Foreman (Red Hat OpenStack/Satellite) - bookmarks/create Code Injection (Metasploit)
Foreman (RedHat OpenStack/Satellite) - bookmarks/create Code Injection (Metasploit)
Red Hat Directory Server 7.1 - Multiple Cross-Site Scripting Vulnerabilities
RedHat Directory Server 7.1 - Multiple Cross-Site Scripting Vulnerabilities
Red Hat CloudForms Management Engine 5.1 - agent/linuxpkgs Directory Traversal (Metasploit)
RedHat CloudForms Management Engine 5.1 - agent/linuxpkgs Directory Traversal (Metasploit)
Katello (Red Hat Satellite) - users/update_roles Missing Authorisation (Metasploit)
Katello (RedHat Satellite) - users/update_roles Missing Authorisation (Metasploit)
Red Hat Stronghold Web Server 2.3 - Cross-Site Scripting
RedHat Stronghold Web Server 2.3 - Cross-Site Scripting
Red Hat Piranha - Remote Security Bypass
RedHat Piranha - Remote Security Bypass
KISGB 5.1.1 - (Authenticate.php) Remote File Inclusion
KISGB 5.1.1 - 'Authenticate.php' Remote File Inclusion
Jshop Server 1.3 - (fieldValidation.php) Remote File Inclusion
Jshop Server 1.3 - 'fieldValidation.php' Remote File Inclusion
phpBP RC3 - (2.204) (SQL Injection / cmd) Remote Code Execution
phpBP RC3 (2.204) - SQL Injection / Remote Code Execution
eXV2 Module MyAnnonces - (lid) SQL Injection
eXV2 Module eblog 1.2 - (blog_id) SQL Injection
eXV2 Module Viso 2.0.4.3 - (kid) SQL Injection
eXV2 Module WebChat 1.60 - (roomid) SQL Injection
eXV2 Module MyAnnonces - 'lid' Parameter SQL Injection
eXV2 Module eblog 1.2 - 'blog_id' Parameter SQL Injection
eXV2 Module Viso 2.0.4.3 - 'kid' Parameter SQL Injection
eXV2 Module WebChat 1.60 - 'roomid' Parameter SQL Injection
Fuzzylime CMS 3.01 - (admindir) Remote File Inclusion
Fuzzylime CMS 3.01 - 'admindir' Parameter Remote File Inclusion
Exero CMS 1.0.1 - (theme) Multiple Local File Inclusion
Exero CMS 1.0.1 - 'theme' Parameter Multiple Local File Inclusion
Joomla! Component Acajoom (com_acajoom) - SQL Injection
Joomla! Component Acajoom 1.1.5 - SQL Injection
ASPapp Knowledge Base - 'links.asp CatId' SQL Injection
Joomla! Component joovideo 1.2.2 - 'id' SQL Injection
Joomla! Component Alberghi 2.1.3 - 'id' SQL Injection
Mambo Component 'com_accombo' 1.x - 'id' SQL Injection
Joomla! Component Restaurante 1.0 - 'id' SQL Injection
PEEL CMS - Admin Hash Extraction / Arbitrary File Upload
RunCMS Module section - (artid) SQL Injection
ASPapp Knowledge Base - SQL Injection
ASPapp Knowledge Base - 'CatId' Parameter SQL Injection
Joomla! Component joovideo 1.2.2 - 'id' Parameter SQL Injection
Joomla! Component Alberghi 2.1.3 - 'id' Parameter SQL Injection
Mambo Component Accombo 1.x - 'id' Parameter SQL Injection
Joomla! Component Restaurante 1.0 - 'id' Parameter SQL Injection
PEEL CMS 3.x - Admin Hash Extraction / Arbitrary File Upload
RunCMS Module section - 'artid' Parameter SQL Injection
ASPapp Knowledge Base - SQL Injection
RunCMS Module Photo 3.02 - 'cid' SQL Injection
D.E. Classifieds - 'cat_id' SQL Injection
RunCMS Module Photo 3.02 - 'cid' Parameter SQL Injection
D.E. Classifieds - 'cat_id' Parameter SQL Injection
PHP-Nuke Platinum 7.6.b.5 - (dynamic_titles.php) SQL Injection
PHP-Nuke Platinum 7.6.b.5 - 'dynamic_titles.php' SQL Injection
Joomla! Component rekry 1.0.0 - (op_id) SQL Injection
destar 0.2.2-5 - Arbitrary Add New User Exploit
Joomla! Component rekry 1.0.0 - 'op_id' Parameter SQL Injection
Destar 0.2.2-5 - Arbitrary Add New User Exploit
destar 0.2.2-5 - Arbitrary Add Admin
Destar 0.2.2-5 - Arbitrary Add Admin
BolinOS 4.6.1 - (Local File Inclusion / Cross-Site Scripting) Multiple Security Vulnerabilities
Joomla! Component Alphacontent 2.5.8 - 'id' SQL Injection
BolinOS 4.6.1 - Local File Inclusion / Cross-Site Scripting
Joomla! Component Alphacontent 2.5.8 - 'id' Parameter SQL Injection
TopperMod 1.0 - (mod.php) Local File Inclusion
TopperMod 1.0 - 'mod.php' Local File Inclusion
Joomla! Component MyAlbum 1.0 - (album) SQL Injection
Joomla! Component MyAlbum 1.0 - 'album' Parameter SQL Injection
Smoothflash - 'admin_view_image.php cid' SQL Injection
Smoothflash - 'cid' Parameter SQL Injection
JShop 1.x < 2.x - (page.php xPage) Local File Inclusion
WordPress Plugin Download - (dl_id) SQL Injection
PHPSpamManager 0.53b - (body.php) Remote File Disclosure
Woltlab Burning Board Addon JGS-Treffen - SQL Injection
Neat weblog 0.2 - 'articleId' SQL Injection
EasyNews 40tr - (SQL Injection / Cross-Site Scripting / Local File Inclusion) SQL Injection
FaScript FaPhoto 1.0 - (show.php id) SQL Injection
Mambo Component 'com_ahsshop' 1.51 - 'vara' Parameter SQL Injection
eggBlog 4.0 - Password Retrieve SQL Injection
Joomla! Component actualite 1.0 - 'id' SQL Injection
JShop 1.x < 2.x - 'xPage' Parameter Local File Inclusion
WordPress Plugin Download - 'dl_id' Parameter SQL Injection
PHPSpamManager 0.53b - 'body.php' Remote File Disclosure
Woltlab Burning Board Addon JGS-Treffen 2.0.2 - SQL Injection
Neat weblog 0.2 - 'articleId' Parameter SQL Injection
EasyNews 40tr - SQL Injection / Cross-Site Scripting / Local File Inclusion
FaScript FaPhoto 1.0 - 'show.php' SQL Injection
Mambo Component Ahsshop 1.51 - 'vara' Parameter SQL Injection
eggBlog 4.0 - SQL Injection
Joomla! Component actualite 1.0 - 'id' Parameter SQL Injection
PHPAddressBook 2.11 - (view.php id) SQL Injection
PHPAddressBook 2.11 - 'view.php' SQL Injection
Joomla! Component com_alphacontent - Blind SQL Injection
Joomla! Component Alphacontent 2.5.8 - Blind SQL Injection
Joomla! Component 'com_eventbooking' 2.10.1 - SQL Injection
Joomla! Component Event Booking 2.10.1 - SQL Injection
Nuked-klaN 1.3 - Multiple Cross-Site Scripting Vulnerabilities
JShop E-Commerce Suite - xSearch Cross-Site Scripting
JShop E-Commerce Suite 3.0 - 'page.php' Cross-Site Scripting
JShop E-Commerce Suite 1.2 - product.php Cross-Site Scripting
Nuked-klaN 1.7 Sections Module - artid Parameter SQL Injection
Nuked-klaN 1.7 Sections Module - 'artid' Parameter SQL Injection
Nuked-klaN 1.7 Download Module - dl_id Parameter SQL Injection
Nuked-klaN 1.7 Links Module - link_id Parameter SQL Injection
Nuked-klaN 1.7 Download Module - 'dl_id' Parameter SQL Injection
Nuked-klaN 1.7 Links Module - 'link_id' Parameter SQL Injection
Nuked-klaN 1.7 - 'index.php' Cross-Site Scripting
Foreman (Red Hat OpenStack/Satellite) - users/create Mass Assignment (Metasploit)
Foreman (RedHat OpenStack/Satellite) - users/create Mass Assignment (Metasploit)
Eggblog 3.1 - admin/articles.php edit Parameter Cross-Site Scripting
Eggblog 3.1 - admin/comments.php edit Parameter Cross-Site Scripting
Eggblog 3.1 - admin/users.php add Parameter Cross-Site Scripting
Eggblog 3.1 - rss.php Cross-Site Scripting
Nuked-klaN 1.7.5 - File Parameter News Module Cross-Site Scripting
Cuteflow Bin 1.5 - pages/showtemplates.php language Parameter Cross-Site Scripting
Cuteflow Bin 1.5 - pages/editmailinglist_step1.php language Parameter Cross-Site Scripting
Cuteflow Bin 1.5 - pages/showcirculation.php language Parameter Cross-Site Scripting
Cuteflow Bin 1.5 - pages/edittemplate_step2.php language Parameter Cross-Site Scripting
Cuteflow Bin 1.5 - pages/showfields.php language Parameter Cross-Site Scripting
Cuteflow Bin 1.5 - pages/showuser.php language Parameter Cross-Site Scripting
CS-Cart 4.3.10 - XML External Entity Injection
CoronaMatrix phpAddressBook 2.0 - 'Username' Cross-Site Scripting
Cisco BBSM Captive Portal 5.3 - 'AccesCodeStart.asp' Cross-Site Scripting
Cacti 0.8.7 (Red Hat High Performance Computing - HPC) - utilities.php filter Parameter Cross-Site Scripting
Cacti 0.8.7 (RedHat High Performance Computing - HPC) - utilities.php filter Parameter Cross-Site Scripting
Getsimple CMS 2.03 - 'upload-ajax.php' Arbitrary File Upload
Mambo Component 'com_ahsshop' - SQL Injection
Mambo Component Ahsshop - SQL Injection
Wordpress Plugin Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting
Joomla 3.4.4 < 3.6.4 - Account Creation / Privilege Escalation
Joomla! 3.4.4 < 3.6.4 - Account Creation / Privilege Escalation
WordPress Plugin XCloner 3.1.5 - Multiple Vulnerabilities
2016-11-17 05:01:21 +00:00
Offensive Security
3c006aac19
DB: 2016-11-13
2016-11-13 05:01:17 +00:00
Offensive Security
18f707fb94
DB: 2016-11-01
...
24 new exploits
Serendipity 0.7-beta1 - SQL Injection (PoC)
S9Y Serendipity 0.7-beta1 - SQL Injection (PoC)
Serendipity 0.8beta4 - exit.php SQL Injection
S9Y Serendipity 0.8beta4 - exit.php SQL Injection
CBSms Mambo Module 1.0 - Remote File Inclusion
Pearl For Mambo 1.6 - Multiple Remote File Inclusion
Mambo Module CBSms 1.0 - Remote File Inclusion
Mambo Component Pearl 1.6 - Multiple Remote File Inclusion
galleria Mambo Module 1.0b - Remote File Inclusion
Mambo Module galleria 1.0b - Remote File Inclusion
SimpleBoard Mambo Component 1.1.0 - Remote File Inclusion
com_forum Mambo Component 1.2.4RC3 - Remote File Inclusion
Mambo Component SimpleBoard 1.1.0 - Remote File Inclusion
Mambo Component com_forum 1.2.4RC3 - Remote File Inclusion
com_videodb Mambo Component 0.3en - Remote File Inclusion
SMF Forum Mambo Component 1.3.1.3 - Include
com_extcalendar Mambo Component 2.0 - Include
com_loudmouth Mambo Component 4.0j - Include
pc_cookbook Mambo Component 0.3 - Include
perForms Mambo Component 1.0 - Remote File Inclusion
com_hashcash Mambo Component 1.2.1 - Include
HTMLArea3 Mambo Module 1.5 - Remote File Inclusion
Sitemap Mambo Component 2.0.0 - Remote File Inclusion
pollxt Mambo Component 1.22.07 - Remote File Inclusion
MiniBB Mambo Component 1.5a - Remote File Inclusion
Mambo Component com_videodb 0.3en - Remote File Inclusion
Mambo Component SMF Forum 1.3.1.3 - Remote File Inclusion
Mambo Component 'com_extcalendar' 2.0 - Remote File Inclusion
Mambo Component com_loudmouth 4.0j - Remote File Inclusion
Mambo Component pc_cookbook 0.3 - Remote File Inclusion
Mambo Component perForms 1.0 - Remote File Inclusion
Mambo Component com_hashcash 1.2.1 - Remote File Inclusion
Mambo Module HTMLArea3 1.5 - Remote File Inclusion
Mambo Component Sitemap 2.0.0 - Remote File Inclusion
Mambo Component pollxt 1.22.07 - Remote File Inclusion
Mambo Component MiniBB 1.5a - Remote File Inclusion
MoSpray Mambo Component 18RC1 - Remote File Inclusion
Mambo Component MoSpray 18RC1 - Remote File Inclusion
Mam-Moodle Mambo Component alpha - Remote File Inclusion
Mambo Component Mam-Moodle alpha - Remote File Inclusion
multibanners Mambo Component 1.0.1 - Remote File Inclusion
Mambo Component multibanners 1.0.1 - Remote File Inclusion
PrinceClan Chess Mambo Com 0.8 - Remote File Inclusion
Mambo Component PrinceClan Chess 0.8 - Remote File Inclusion
a6mambohelpdesk Mambo Component 18RC1 - Include
Mambo Component 'com_a6mambohelpdesk' 18RC1 - Remote File Inclusion
Mambo Security Images Component 3.0.5 - Inclusion
Mambo MGM Component 0.95r2 - Remote File Inclusion
Mambo Colophon Component 1.2 - Remote File Inclusion
Mambo mambatStaff Component 3.1b - Remote File Inclusion
Mambo Component Security Images 3.0.5 - Inclusion
Mambo Component MGM 0.95r2 - Remote File Inclusion
Mambo Component 'com_colophon' 1.2 - Remote File Inclusion
Mambo Component mambatStaff 3.1b - Remote File Inclusion
Mambo User Home Pages Component 0.5 - Remote File Inclusion
Mambo Component User Home Pages 0.5 - Remote File Inclusion
Mambo Remository Component 3.25 - Remote File Inclusion
Mambo Component Remository 3.25 - Remote File Inclusion
Mambo mmp Component 1.2 - Remote File Inclusion
Mambo Component MMP 1.2 - Remote File Inclusion
Mambo Peoplebook Component 1.0 - Remote File Inclusion
Mambo Component Peoplebook 1.0 - Remote File Inclusion
Mambo CopperminePhotoGalery Component - Remote File Inclusion
Mambo Component CopperminePhotoGalery - Remote File Inclusion
Mambo mambelfish Component 1.1 - Remote File Inclusion
Mambo Component mambelfish 1.1 - Remote File Inclusion
Mambo phpShop Component 1.2 RC2b - File Inclusion
Mambo a6mambocredits Component 1.0.0 - File Inclusion
Mambo Component 'com_phpshop' 1.2 RC2b - File Inclusion
Mambo Component 'com_a6mambocredits' 1.0.0 - File Inclusion
Mambo MamboWiki Component 0.9.6 - Remote File Inclusion
Mambo Component MamboWiki 0.9.6 - Remote File Inclusion
Mambo cropimage Component 1.0 - Remote File Inclusion
Mambo Component cropimage 1.0 - Remote File Inclusion
Mambo com_lurm_constructor Component 0.6b - Include
Mambo Component com_lurm_constructor 0.6b - Remote File Inclusion
mambo com_babackup Component 1.1 - File Inclusion
Mambo Component com_babackup 1.1 - File Inclusion
Mambo com_serverstat Component 0.4.4 - File Inclusion
Mambo Component com_serverstat 0.4.4 - File Inclusion
Coppermine Photo Gallery 1.2.2b (Nuke Addon) - Include
Coppermine Photo Gallery 1.2.2b (Nuke Addon) - Remote File Inclusion
Mambo com_registration_detailed 4.1 - Remote File Inclusion
Mambo Component com_registration_detailed 4.1 - Remote File Inclusion
MambWeather Mambo Module 1.8.1 - Remote File Inclusion
Mambo Module MambWeather 1.8.1 - Remote File Inclusion
com_flyspray Mambo Com. <= 1.0.1 - Remote File Disclosure
Mambo Component com_flyspray <= 1.0.1 - Remote File Disclosure
Serendipity 1.0.3 - 'comment.php' Local File Inclusion
S9Y Serendipity 1.0.3 - 'comment.php' Local File Inclusion
Hewlett-Packard FTP Print Server 2.4.5 - Buffer Overflow (PoC)
Hewlett-Packard (HP) FTP Print Server 2.4.5 - Buffer Overflow (PoC)
mambo Component nfnaddressbook 0.4 - Remote File Inclusion
Mambo Component nfnaddressbook 0.4 - Remote File Inclusion
Joomla! / Mambo Component SWmenuFree 4.0 - Remote File Inclusion
Joomla! / Mambo Component 'com_swmenupro' 4.0 - Remote File Inclusion
Irfanview 3.99 - '.ani' Local Buffer Overflow (1)
IrfanView 3.99 - '.ani' Local Buffer Overflow (1)
Irfanview 3.99 - '.ani' Local Buffer Overflow (2)
IrfanView 3.99 - '.ani' Local Buffer Overflow (2)
Joomla! / Mambo Component Taskhopper 1.1 - Remote File Inclusion
Joomla! / Mambo Component 'com_thopper' 1.1 - Remote File Inclusion
Joomla! / Mambo Component article 1.1 - Remote File Inclusion
Joomla! / Mambo Component 'com_articles' 1.1 - Remote File Inclusion
Irfanview 4.00 - '.iff' Buffer Overflow
IrfanView 4.00 - '.iff' Buffer Overflow
Mambo com_yanc 1.4 Beta - 'id' SQL Injection
Mambo Component com_yanc 1.4 Beta - 'id' SQL Injection
Joomla! / Mambo Component rsgallery 2.0b5 - 'catid' SQL Injection
Joomla! / Mambo Component 'com_rsgallery' 2.0b5 - 'catid' SQL Injection
Irfanview 4.10 - '.fpx' Memory Corruption
IrfanView 4.10 - '.fpx' Memory Corruption
Mambo 4.5 'com_newsletter' - 'listid' Parameter SQL Injection
Mambo 'com_fq' - 'listid' Parameter SQL Injection
Mambo 'com_mamml' - 'listid' Parameter SQL Injection
Mambo Component Glossary 2.0 - 'catid' SQL Injection
Mambo Component 'com_newsletter' 4.5 - 'listid' Parameter SQL Injection
Mambo Component 'com_fq' - 'listid' Parameter SQL Injection
Mambo Component 'com_mamml' - 'listid' Parameter SQL Injection
Mambo Component 'com_glossary' 2.0 - 'catid' SQL Injection
Mambo Component AkoGallery 2.5b - SQL Injection
Mambo Component Catalogshop 1.0b1 - SQL Injection
Mambo Component 'com_akogallery' 2.5b - SQL Injection
Mambo Component 'com_catalogshop' 1.0b1 - SQL Injection
Mambo Component Awesom 0.3.2 - (listid) SQL Injection
Mambo Component 'com_awesom' 0.3.2 - (listid) SQL Injection
Mambo Component Portfolio 1.0 - 'categoryId' SQL Injection
Mambo Component 'com_portfolio' 1.0 - 'categoryId' SQL Injection
Mambo Component accombo 1.x - 'id' SQL Injection
Mambo Component 'com_accombo' 1.x - 'id' SQL Injection
Mambo Component ahsShop 1.51 - (vara) SQL Injection
Mambo Component 'com_ahsshop' 1.51 - 'vara' Parameter SQL Injection
Mambo Component Galleries 1.0 - (aid) SQL Injection
Mambo Component 'com_galleries' 1.0 - 'aid' Parameter SQL Injection
Mambo 4.6.4 - (Output.php) Remote File Inclusion
Mambo 4.6.4 - 'Output.php' Remote File Inclusion
Mambo Component Articles - (artid) Blind SQL Injection
Mambo Component 'articles' - 'artid' Parameter Blind SQL Injection
Mambo Component n-gallery - Multiple SQL Injections
Mambo Component 'com_n-gallery' - Multiple SQL Injections
Irfanview 3.99 - IFF File Local Stack Buffer Overflow
IrfanView 3.99 - '.IFF' File Local Stack Buffer Overflow
Mambo Component n-form - (form_id) Blind SQL Injection
Mambo Component 'com_n-forms' - 'form_id' Parameter Blind SQL Injection
Mambo com_sim 0.8 - Blind SQL Injection
Mambo Component 'com_sim' 0.8 - Blind SQL Injection
Mambo Component com_hestar - SQL Injection
Mambo Component 'com_hestar' - SQL Injection
Mambo com_koesubmit 1.0.0 - Remote File Inclusion
Mambo Component com_koesubmit 1.0.0 - Remote File Inclusion
Joomla! / Mambo Component Tupinambis - SQL Injection
Joomla! / Mambo Component 'com_tupinambis' - SQL Injection
Joomla! / Mambo Component com_ezine 2.1 - Remote File Inclusion
Joomla! / Mambo Component 'com_ezine' 2.1 - Remote File Inclusion
Mambo Component Material Suche 1.0 - SQL Injection
Mambo Component 'com_materialsuche' 1.0 - SQL Injection
Mambo com_akogallery - SQL Injection
Mambo Component 'com_akogallery' - SQL Injection
Mambo Component com_acnews - [id] SQL Injection
Mambo Component 'com_acnews' - 'id' Parameter SQL Injection
Mambo Component com_mambads - SQL Injection
Mambo Component 'com_mambads' - SQL Injection
Rumba ftp Client 4.2 - PASV Buffer Overflow (SEH)
Rumba FTP Client 4.2 - PASV Buffer Overflow (SEH)
Serendipity 1.5.4 - Arbitrary File Upload
S9Y Serendipity 1.5.4 - Arbitrary File Upload
Irfanview 4.27 - 'JP2000.dll' plugin Denial of Service
IrfanView 4.27 - 'JP2000.dll' plugin Denial of Service
Irfanview 4.28 - Multiple Denial of Service Vulnerabilities
IrfanView 4.28 - Multiple Denial of Service Vulnerabilities
Irfanview 4.28 - ICO With Transparent Colour Denial of Service & RDenial of Service
Irfanview 4.28 - ICO Without Transparent Colour Denial of Service & RDenial of Service
IrfanView 4.28 - .ICO With Transparent Colour Denial of Service / Remote Denial of Service
IrfanView 4.28 - .ICO Without Transparent Colour Denial of Service / Remote Denial of Service
PCMan FTP Server Buffer Overflow - PUT Command (Metasploit)
PCMan FTP Server Buffer Overflow - 'PUT' Command (Metasploit)
Mambo CMS 4.6.x - (4.6.5) SQL Injection
Mambo 4.6.x < 4.6.5 - SQL Injection
Mambo CMS 4.x - (Zorder) SQL Injection
Mambo 4.x - 'Zorder' SQL Injection
Irfanview - '.tiff' Image Processing Buffer Overflow
IrfanView - '.tiff' Image Processing Buffer Overflow
Irfanview FlashPix PlugIn - Double-Free
IrfanView FlashPix PlugIn - Double-Free
Irfanview FlashPix PlugIn - Decompression Heap Overflow
IrfanView FlashPix PlugIn - Decompression Heap Overflow
Serendipity 1.6 - Backend Cross-Site Scripting / SQL Injection
S9Y Serendipity 1.6 - (Backend) Cross-Site Scripting / SQL Injection
Irfanview 4.33 - Format PlugIn ECW Decompression Heap Overflow
IrfanView 4.33 - Format PlugIn ECW Decompression Heap Overflow
Irfanview 4.33 - Format PlugIn TTF File Parsing Stack Based Overflow
IrfanView 4.33 - Format PlugIn .TTF File Parsing Stack Based Overflow
Irfanview 4.33 - '.DJVU' Image Processing Heap Overflow
IrfanView 4.33 - '.DJVU' Image Processing Heap Overflow
Irfanview JLS Formats PlugIn - Heap Overflow
IrfanView JLS Formats PlugIn - Heap Overflow
Irfanview JPEG2000 4.3.2.0 - jp2 Stack Buffer Overflow (Metasploit)
IrfanView JPEG2000 4.3.2.0 - jp2 Stack Buffer Overflow (Metasploit)
Irfan Skiljan IrfanView32 3.0.7 - Image File Buffer Overflow
IrfanView32 3.0.7 - Image File Buffer Overflow
Joomla! Component Event Booking 2.10.1 - SQL Injection
Joomla! Component 'com_eventbooking' 2.10.1 - SQL Injection
Joomla! Component Huge-IT Video Gallery 1.0.9 - SQL Injection
Joomla! Component 'com_videogallerylite' 1.0.9 - SQL Injection
Irfanview - '.RLE' Image Decompression Buffer Overflow
Irfanview - '.TIF' Image Decompression Buffer Overflow
IrfanView - '.RLE' Image Decompression Buffer Overflow
IrfanView - '.TIF' Image Decompression Buffer Overflow
Irfanview 4.33 - 'IMXCF.dll' Plugin Code Execution
IrfanView 4.33 - 'IMXCF.dll' Plugin Code Execution
Serendipity 0.x - exit.php HTTP Response Splitting
S9Y Serendipity 0.x - 'exit.php' HTTP Response Splitting
PCMan FTP Server 2.07 - PASS Command Buffer Overflow
PCMan FTP Server 2.07 - 'PASS' Command Buffer Overflow
PCMan FTP Server 2.07 - STOR Command Buffer Overflow
PCMan FTP Server 2.07 - 'STOR' Command Buffer Overflow
freeFTPd 1.0.10 - 'PASS' Buffer Overflow (SEH)
freeFTPd 1.0.10 - 'PASS' SEH Buffer Overflow
Joomla! Component VirtueMart 2.0.22a - SQL Injection
Joomla! Component 'com_virtuemart' 2.0.22a - SQL Injection
phpBB 1.2.4 For Mambo - Multiple Remote File Inclusion
Mambo Componen phpBB 1.2.4 - Multiple Remote File Inclusion
Calendar Module 1.5.7 For Mambo - Com_Calendar.php Remote File Inclusion
Mambo Module Calendar 1.5.7 - 'Com_Calendar.php' Remote File Inclusion
PCMan FTP Server 2.07 - STOR Command Stack Overflow (Metasploit)
PCMan FTP Server 2.07 - 'STOR' Command Stack Overflow (Metasploit)
Irfanview 3.98 - '.ANI' Image File Denial of Service
IrfanView 3.98 - '.ANI' Image File Denial of Service
Reporter 1.0 Mambo Component - Reporter.sql.php Remote File Inclusion
Mambo Component Reporter 1.0 - 'Reporter.sql.php' Remote File Inclusion
Mambo LMTG Myhomepage 1.2 Component - Multiple Remote File Inclusion
Mambo Rssxt Component 1.0 - MosConfig_absolute_path Multiple Remote File Inclusion
Mambo Component 'lmtg_myhomepage' 1.2 - Multiple Remote File Inclusion
Mambo Component 'com_rssxt' 1.0 - 'MosConfig_absolute_path' Parameter Multiple Remote File Inclusion
Mambo Display MOSBot Manager Component - MosConfig_absolute_path Remote File Inclusion
Mambo Component 'com_admin-copy_module' - 'MosConfig_absolute_path' Parameter Remote File Inclusion
Mambo EstateAgent 1.0.2 Component - MosConfig_absolute_path Remote File Inclusion
Mambo Component EstateAgent 1.0.2 - MosConfig_absolute_path Remote File Inclusion
Joomla! / Mambo Component Com_comprofiler 1.0 - class.php Remote File Inclusion
Joomla! / Mambo Component 'com_comprofiler' 1.0 - 'class.php' Remote File Inclusion
Hewlett-Packard 2620 Switch Series. Edit Admin Account - Cross-Site Request Forgery
Hewlett-Packard (HP) 2620 Switch Series. Edit Admin Account - Cross-Site Request Forgery
Mambo MostlyCE 4.5.4 - HTMLTemplate.php Remote File Inclusion
Mambo Module MOStlyCE 4.5.4 - HTMLTemplate.php Remote File Inclusion
Irfanview 3.99 - Multiple BMP Denial of Service Vulnerabilities
IrfanView 3.99 - Multiple .BMP Denial of Service Vulnerabilities
Joomla! / Mambo Component Mod_Forum - PHPBB_Root.php Remote File Inclusion
Joomla! / Mambo Component Mod_Forum - 'PHPBB_Root.php' Remote File Inclusion
Mambo MOStlyCE 2.4 Module - 'connector.php' Cross-Site Scripting
Mambo Module MOStlyCE 2.4 - 'connector.php' Cross-Site Scripting
Mambo MOStlyCE Module 2.4 Image Manager Utility - Arbitrary File Upload
Mambo Module MOStlyCE 2.4 Image Manager Utility - Arbitrary File Upload
Serendipity Freetag-plugin 2.95 - 'style' Parameter Cross-Site Scripting
S9Y Serendipity Freetag-plugin 2.95 - 'style' Parameter Cross-Site Scripting
Joomla! Extension Komento 1.7.2 - Persistent Cross-Site Scripting
Joomla! Extension JV Comment 3.0.2 - (index.php id Parameter) SQL Injection
Joomla! Component 'com_komento' 1.7.2 - Persistent Cross-Site Scripting
Joomla! Component 'com_jvcomment' 3.0.2 - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_sg - 'pid' Parameter SQL Injection
Joomla! / Mambo Component 'com_sg' - 'pid' Parameter SQL Injection
Joomla! / Mambo Component com_salesrep - 'rid' Parameter SQL Injection
Joomla! / Mambo Component 'com_salesrep' - 'rid' Parameter SQL Injection
Joomla! / Mambo Component com_filebase - 'filecatid' Parameter SQL Injection
Joomla! / Mambo Component com_scheduling - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_filebase' - 'filecatid' Parameter SQL Injection
Joomla! / Mambo Component 'com_scheduling' - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_profile - 'oid' Parameter SQL Injection
Joomla! / Mambo Component 'com_profile' - 'oid' Parameter SQL Injection
Joomla! / Mambo Component com_detail - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_detail' - 'id' Parameter SQL Injection
PCMan FTP Server 2.07 - ABOR Command Buffer Overflow
PCMan FTP Server 2.07 - CWD Command Buffer Overflow
PCMan FTP Server 2.07 - 'ABOR' Command Buffer Overflow
PCMan FTP Server 2.07 - 'CWD' Command Buffer Overflow
Joomla! Component JomSocial 2.6 - Code Execution
Joomla! Component 'com_community' 2.6 - Code Execution
Joomla! / Mambo Component Datsogallery 1.3.1 - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_datsogallery' 1.3.1 - 'id' Parameter SQL Injection
Serendipity 1.7.5 (Backend) - Multiple Vulnerabilities
S9Y Serendipity 1.7.5 - (Backend) Multiple Vulnerabilities
Joomla! / Mambo Component Joomlaearn Lms - 'cat' Parameter SQL Injection
Joomla! / Mambo Component 'com_lms' - 'cat' Parameter SQL Injection
Joomla! / Mambo Component gigCalendar 1.0 - 'banddetails.php' SQL Injection
Joomla! / Mambo Component 'com_gigcal' 1.0 - 'banddetails.php' SQL Injection
Joomla! Component YouTube Gallery - SQL Injection
Joomla! Component 'com_youtubegallery' - SQL Injection
Joomla! Component Spider Form Maker 3.4 - SQL Injection
Joomla! Component 'com_formmaker' 3.4 - SQL Injection
Joomla! Component Spider Calendar 3.2.6 - SQL Injection
Joomla! Component 'com_spidercalendar' 3.2.6 - SQL Injection
Joomla! Component Spider Contacts 1.3.6 - (index.php contacts_id Parameter)SQL Injection
Joomla! Component 'com_spidercontacts' 1.3.6 - 'contacts_id' Parameter SQL Injection
Joomla! Component Face Gallery 1.0 - Multiple Vulnerabilities
Joomla! Component Mac Gallery 1.5 - Arbitrary File Download
Joomla! Component 'com_facegallery' 1.0 - Multiple Vulnerabilities
Joomla! Component 'com_macgallery' 1.5 - Arbitrary File Download
Joomla! Component HD FLV Player < 2.1.0.1 - SQL Injection
Joomla! Component 'com_hdflvplayer' < 2.1.0.1 - SQL Injection
Joomla! Component HD FLV Player < 2.1.0.1 - Arbitrary File Download
Joomla! Component 'com_hdflvplayer' < 2.1.0.1 - Arbitrary File Download
Mambo - 'com_docman' 1.3.0 Component Multiple SQL Injection
Mambo Component 'com_docman' 1.3.0 - Multiple SQL Injection
Serendipity Freetag-plugin 3.21 - 'index.php' Cross-Site Scripting
S9Y Serendipity Freetag-plugin 3.21 - 'index.php' Cross-Site Scripting
Mambo CMS 4.6.x - Multiple Cross-Site Scripting Vulnerabilities
Mambo 4.6.x - Multiple Cross-Site Scripting Vulnerabilities
Hewlett-Packard UCMDB - JMX-Console Authentication Bypass
Hewlett-Packard (HP) UCMDB - JMX-Console Authentication Bypass
PCMan FTP Server 2.0.7 - Buffer Overflow MKD Command
PCMan FTP Server 2.0.7 - 'MKD' Command Buffer Overflow
Mambo CMS 4.6.5 - 'index.php' Cross-Site Request Forgery
Mambo 4.6.5 - 'index.php' Cross-Site Request Forgery
Serendipity 1.5.1 - 'research_display.php' SQL Injection
S9Y Serendipity 1.5.1 - 'research_display.php' SQL Injection
Mambo CMS N-Skyrslur - Cross-Site Scripting
Mambo Component 'com_n-skyrslur' - Cross-Site Scripting
Mambo CMS N-Gallery Component - SQL Injection
Mambo CMS AHS Shop Component - SQL Injection
Mambo Component 'com_n-gallery' - SQL Injection
Mambo Component 'com_ahsshop' - SQL Injection
Mambo CMS N-Press Component - SQL Injection
Mambo Component 'com_n-press' - SQL Injection
Mambo CMS N-Frettir Component - SQL Injection
Mambo CMS N-Myndir Component - SQL Injection
Mambo Component 'com_n-frettir' - SQL Injection
Mambo Component 'com_n-myndir' - SQL Injection
Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting
S9Y Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting
Serendipity 1.5.5 - 'serendipity[filter][bp.ALT]' Parameter Cross-Site Scripting
S9Y Serendipity 1.5.5 - 'serendipity[filter][bp.ALT]' Parameter Cross-Site Scripting
Joomla! Component Simple Photo Gallery 1.0 - Arbitrary File Upload
Joomla! Component 'com_simplephotogallery' 1.0 - Arbitrary File Upload
Joomla! Component Simple Photo Gallery 1.0 - SQL Injection
Joomla! Component 'com_simplephotogallery' 1.0 - SQL Injection
Joomla! Plugin eCommerce-WD 1.2.5 - SQL Injection
Joomla! Component 'com_ecommercewd' 1.2.5 - SQL Injection
Joomla! Component Spider FAQ - SQL Injection
Joomla! Component 'com_spiderfaq' - SQL Injection
Joomla! Component Gallery WD - SQL Injection
Joomla! Component Contact Form Maker 1.0.1 - SQL Injection
Joomla! Component 'com_gallery_wd' - SQL Injection
Joomla! Component 'com_contactformmaker' 1.0.1 - SQL Injection
Joomla! Component Spider Random Article - SQL Injection
Joomla! Component 'com_rand' - SQL Injection
Joomla! Component SimpleImageUpload - Arbitrary File Upload
Joomla! Component 'com_simpleimageupload' - Arbitrary File Upload
Joomla! Component DOCman - Multiple Vulnerabilities
Joomla! Component 'com_docman' - Multiple Vulnerabilities
Joomla! Plugin Helpdesk Pro < 1.4.0 - Multiple Vulnerabilities
Joomla! Component 'com_helpdeskpro' < 1.4.0 - Multiple Vulnerabilities
PCMan FTP Server 2.0.7 - PUT Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'PUT' Command Buffer Overflow
Joomla! Component Event Manager 2.1.4 - Multiple Vulnerabilities
Joomla! Component 'com_jem' 2.1.4 - Multiple Vulnerabilities
Joomla! Component com_memorix - SQL Injection
Joomla! Component com_informations - SQL Injection
Joomla! Component 'com_memorix' - SQL Injection
Joomla! Component 'com_informations' - SQL Injection
PCMan FTP Server 2.0.7 - GET Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'GET' Command Buffer Overflow
PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow
PCMan FTP Server 2.0.7 - 'RENAME' Command Buffer Overflow
Joomla! Component Real Estate Manager 3.7 - SQL Injection
Joomla! Component 'com_realestatemanager' 3.7 - SQL Injection
Joomla! Extension Realtyna RPL 8.9.2 - Multiple SQL Injections
Joomla! Extension Realtyna RPL 8.9.2 - Persistent Cross-Site Scripting / Cross-Site Request Forgery
Joomla! Component 'com_rpl' 8.9.2 - Multiple SQL Injections
Joomla! Component 'com_rpl' 8.9.2 - Persistent Cross-Site Scripting / Cross-Site Request Forgery
Joomla! Component JNews (com_jnews) 8.5.1 - SQL Injection
Joomla! Component 'com_jnews' 8.5.1 - SQL Injection
Serendipity 1.6.2 - 'serendipity_admin_image_selector.php' Cross-Site Scripting
S9Y Serendipity 1.6.2 - 'serendipity_admin_image_selector.php' Cross-Site Scripting
Joomla! Component JVideoClip - 'uid' Parameter SQL Injection
Joomla! Component 'com_jvideoclip' - 'uid' Parameter SQL Injection
Joomla! Component Content History - SQL Injection / Remote Code Execution (Metasploit)
Joomla! Component 'com_contenthistory' - SQL Injection / Remote Code Execution (Metasploit)
Joomla! Component Maian15 - 'name' Parameter Arbitrary File Upload
Joomla! Component 'com_maian15' - 'name' Parameter Arbitrary File Upload
Joomla! Component Aclsfgpl - 'index.php' Arbitrary File Upload
Joomla! Component 'com_aclsfgpl' - 'index.php' Arbitrary File Upload
Joomla! Component Wire Immogest - 'index.php' SQL Injection
Joomla! Component 'com_wire_immogest' - 'index.php' SQL Injection
Joomla! Component Almond Classifieds - Arbitrary File Upload
Joomla! Component 'com_aclassfb' - Arbitrary File Upload
Joomla! Extension Sexy Polling - 'answer_id' Parameter SQL Injection
Joomla! Component 'com_sexypolling' - 'answer_id' Parameter SQL Injection
Joomla! 1.5 < 3.4.5 - Object Injection x-forwarded-for Header Remote Code Execution
Joomla! 1.5 < 3.4.5 - Object Injection 'x-forwarded-for' Header Remote Code Execution
Joomla! Plugin Projoom NovaSFH - 'upload.php' Arbitrary File Upload
Joomla! Component 'com_novasfh' - 'upload.php' Arbitrary File Upload
Joomla! Component Inneradmission - 'index.php' SQL Injection
Joomla! Component 'com_inneradmission' - 'index.php' SQL Injection
Joomla! Extension Spider Video Player - 'theme' Parameter SQL Injection
Joomla! Component 'spidervideoplayer' - 'theme' Parameter SQL Injection
Joomla! Extension JSN Poweradmin 2.3.0 - Multiple Vulnerabilities
Joomla! Component 'com_poweradmin' 2.3.0 - Multiple Vulnerabilities
Joomla! Component Easy YouTube Gallery 1.0.2 - SQL Injection
Joomla! Component 'com_easy_youtube_gallery' 1.0.2 - SQL Injection
PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow (Metasploit)
PCMan FTP Server 2.0.7 - 'RENAME' Command Buffer Overflow (Metasploit)
Joomla! Extension SecurityCheck 2.8.9 - Multiple Vulnerabilities
Joomla! Component 'SecurityCheck' 2.8.9 - Multiple Vulnerabilities
Joomla! Extension PayPlans (com_payplans) 3.3.6 - SQL Injection
Joomla! Component 'com_payplans' 3.3.6 - SQL Injection
Joomla! Component En Masse (com_enmasse) 5.1 < 6.4 - SQL Injection
Joomla! Component 'com_enmasse' 5.1 < 6.4 - SQL Injection
Joomla! Component BT Media (com_bt_media) - SQL Injection
Joomla! Component 'com_bt_media' - SQL Injection
Joomla! Component Publisher Pro (com_publisher) - SQL Injection
Joomla! Component 'com_publisher' - SQL Injection
Joomla! Component Guru Pro (com_guru) - SQL Injection
PCMAN FTP 2.0.7 - ls Command Buffer Overflow (Metasploit)
Joomla! Component 'com_guru' - SQL Injection
PCMAN FTP Server 2.0.7 - 'ls' Command Buffer Overflow (Metasploit)
Microsoft GDI+ - DecodeCompressedRLEBitmap Invalid Pointer Arithmetic Out-of-Bounds Write (MS16-097)
Microsoft GDI+ - ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097)
Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap Based Buffer Overflow (MS16-097)
Microsoft Windows - GDI+ DecodeCompressedRLEBitmap Invalid Pointer Arithmetic Out-of-Bounds Write (MS16-097)
Microsoft Windows - GDI+ ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097)
Microsoft Windows - GDI+ EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap Based Buffer Overflow (MS16-097)
Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124)
Microsoft Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124)
freeFTPd 1.0.8 - 'mkd' Command Denial Of Service
Micro Focus Rumba 9.4 - Local Denial Of Service
Micro Focus Rumba 9.3 - ActiveX Stack Buffer Overflow
S9Y Serendipity 2.0.4 - Cross-Site Scripting
Rumba FTP Client 4.x - Stack buffer overflow (SEH)
Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free
OS X/iOS Kernel - IOSurface Use-After-Free
OS X/iOS - mach_ports_register Multiple Memory Safety Issues
NVIDIA Driver - UVMLiteController ioctl Handling Unchecked Input/Output Lengths Privilege Escalation
NVIDIA Driver - Escape Code Leaks Uninitialised ExAllocatePoolWithTag Memory to Userspace
NVIDIA Driver - Unchecked Write to User-Provided Pointer in Escape 0x700010d
NVIDIA Driver - No Bounds Checking in Escape 0x7000194
NVIDIA Driver - Unchecked Write to User-Provided Pointer in Escape 0x600000D
NVIDIA Driver - NvStreamKms Stack Buffer Overflow in PsSetCreateProcessNotifyRoutineEx Callback Privilege Escalation
NVIDIA Driver - Escape 0x100010b Missing Bounds Check
NVIDIA Driver - No Bounds Checking in Escape 0x7000170
NVIDIA Driver - Unchecked User-Provided Pointer in Escape 0x5000027
NVIDIA Driver - Incorrect Bounds Check in Escape 0x70001b2
NVIDIA Driver - Missing Bounds Check in Escape 0x100009a
NVIDIA Driver - Missing Bounds Check in Escape 0x70000d5
NVIDIA Driver - Stack Buffer Overflow in Escape 0x7000014
NVIDIA Driver - Stack Buffer Overflow in Escape 0x10000e9
MacOS 10.12 - 'task_t' Privilege Escalation
PCMAN FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow
2016-11-01 05:01:18 +00:00
Offensive Security
d97b4f7c48
DB: 2016-10-28
2016-10-28 11:54:09 +00:00
Offensive Security
da85686a94
DB: 2016-10-28
...
6 new exploits
Real Server < 8.0.2 - Remote Exploit (Windows Platforms)
RealServer < 8.0.2 - Remote Exploit (Windows Platforms)
OpenSSH/PAM 3.6.1p1 - Remote Users Ident (gossh.sh)
OpenSSH/PAM 3.6.1p1 - 'gossh.sh' Remote Users Ident
CdRecord 2.0 - Mandrake Privilege Escalation
CDRTools CDRecord 2.0 - Mandrake Privilege Escalation
LeapFTP 2.7.x - Remote Buffer Overflow
LeapWare LeapFTP 2.7.x - Remote Buffer Overflow
GNU Cfengine 2.-2.0.3 - Remote Stack Overflow
GNU CFEngine 2.-2.0.3 - Remote Stack Overflow
IA WebMail 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit
IA WebMail Server 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit
Xsok 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit
XSOK 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit
Serv-U FTPD 3.x/4.x - 'SITE CHMOD' Command Remote Exploit
RhinoSoft Serv-U FTPd Server 3.x/4.x - 'SITE CHMOD' Command Remote Exploit
GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow
PSOProxy 0.91 - Remote Buffer Overflow (Windows 2000/XP)
IPSwitch IMail LDAP Daemon - Remote Buffer Overflow
Serv-U FTPD 3.x/4.x/5.x - (MDTM) Remote Overflow
Proxy-Pro Professional GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow
PSOProxy 0.91 (Windows 2000/XP) - Remote Buffer Overflow
IPSwitch IMail LDAP Daemon/Service - Buffer Overflow
RhinoSoft Serv-U FTPd Server 3.x/4.x/5.x - (MDTM) Remote Overflow
Traceroute - Privilege Escalation
LBL Traceroute - Privilege Escalation
Perl (Redhat 6.2) - Restore and Dump Local Exploit
Redhat 6.2 Restore and Dump - Local Exploit (Perl)
HP-UX 11.00/10.20 - crontab Overwrite Files Exploit
Solaris/SPARC 2.7 / 7 - locale Format String
HP-UX 11.00/10.20 crontab - Overwrite Files Exploit
Solaris/SPARC 2.7 / 7 locale - Format String
Solaris - locale Format Strings (noexec stack) Exploit
Solaris locale - Format Strings (noexec stack) Exploit
glibc - locale bug mount Exploit
GLIBC locale - bug mount Exploit
Red Hat 6.2 xsoldier-0.96 - Exploit
Red Hat 6.2 xsoldier 0.96 - Exploit
OpenBSD 2.6 / 2.7 ftpd - Remote Exploit
OpenBSD ftpd 2.6 / 2.7 - Remote Exploit
GLIBC - Locale Format Strings Exploit
GLIBC locale - Format Strings Exploit
IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) - /usr/lib/print/netprint Local Exploit
IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - /usr/lib/print/netprint Local Exploit
SquirrelMail - chpasswd Buffer Overflow
SquirrelMail - 'chpasswd' Buffer Overflow
rlpr 2.04 - msg() Remote Format String
Rlpr 2.04 - msg() Remote Format String
Solaris 2.5.0/2.5.1 ps & chkey - Data Buffer Exploit
Solaris 2.5.0/2.5.1 ps / chkey - Data Buffer Exploit
IRIX - Multiple Buffer Overflows (LsD)
SGI IRIX - Multiple Buffer Overflows (LsD)
IRIX - /bin/login Local Buffer Overflow
SGI IRIX - /bin/login Local Buffer Overflow
Solaris 2.4 - passwd & yppasswd & nispasswd Overflows
Solaris 2.4 passwd / yppasswd / nispasswd - Overflows
BlackJumboDog - Remote Buffer Overflow
BlackJumboDog FTP Server - Remote Buffer Overflow
Ollydbg 1.10 - Format String
OllyDbg 1.10 - Format String
SquirrelMail - (chpasswd) Privilege Escalation (Brute Force Exploit)
SquirrelMail - 'chpasswd' Privilege Escalation (Brute Force Exploit)
CDRecord - '$RSH' exec() SUID Shell Creation
CDRecord's ReadCD - '$RSH' exec() SUID Shell Creation
MDaemon 6.5.1 - IMAP/SMTP Remote Buffer Overflow
Alt-N MDaemon 6.5.1 - IMAP/SMTP Remote Buffer Overflow
HP-UX 11.0/11.11 swxxx - Privilege Escalation
HP-UX 11.0/11.11 - swxxx Privilege Escalation
Zinf 2.2.1 - Local Buffer Overflow
Zinf Audio Player 2.2.1 - Local Buffer Overflow
ShixxNote 6.net - Remote Buffer Overflow
ShixxNOTE 6.net - Remote Buffer Overflow
MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow
TABS MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow
MailCarrier 2.51 - Remote Buffer Overflow
SLMail 5.5 - POP3 PASS Buffer Overflow
TABS MailCarrier 2.51 - Remote Buffer Overflow
Seattle Lab Mail (SLMail) 5.5 - POP3 PASS Buffer Overflow
eZshopper - 'loadpage.cgi' Directory Traversal
Alex Heiphetz Group eZshopper - 'loadpage.cgi' Directory Traversal
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow
Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (1)
Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (1)
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (2)
Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (2)
Microsoft Internet Explorer - '.ANI' files handling Universal Exploit (MS05-002)
Microsoft Internet Explorer - '.ANI' Universal Exploit (MS05-002)
Microsoft Internet Explorer - '.ANI' files handling Downloader Exploit (MS05-002)
Microsoft Internet Explorer - '.ANI' Downloader Exploit (MS05-002)
Savant Web Server 3.1 - Remote Buffer Overflow (French Windows OS support)
Savant Web Server 3.1 (French Windows OS support) - Remote Buffer Overflow
Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow
RhinoSoft Serv-U FTPd Server 4.x - 'site chmod' Remote Buffer Overflow
Knet 1.04c - Buffer Overflow Denial of Service
KNet Web Server 1.04c - Buffer Overflow Denial of Service
Einstein 1.01 - Local Password Disclosure (asm)
Einstein 1.01 - Local Password Disclosure (ASM)
RealPlayer 10 - '.smil' Local Buffer Overflow
RealNetworks RealPlayer 10 - '.smil' Local Buffer Overflow
phpBB 2.0.12 - Session Handling Authentication Bypass (tutorial 2)
phpBB 2.0.12 - Session Handling Authentication Bypass
UBB Threads < 6.5.2 Beta - (mailthread.php) SQL Injection
UBBCentral UBB.Threads < 6.5.2 Beta - (mailthread.php) SQL Injection
XML-RPC Library 1.3.0 - (xmlrpc.php) Remote Code Injection
XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Code Injection
xmlrpc.php Library 1.3.0 - Remote Command Execution (2)
xmlrpc.php Library 1.3.0 - Remote Command Execution (3)
XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (2)
XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (3)
wMailServer 1.0 - Remote Denial of Service
SoftiaCom wMailServer 1.0 - Remote Denial of Service
ZENworks 6.5 Desktop/Server Management - Remote Stack Overflow (Metasploit)
Novell ZENworks 6.5 - Desktop/Server Management Remote Stack Overflow (Metasploit)
BusinessMail 4.60.00 - Remote Buffer Overflow
BusinessMail Server 4.60.00 - Remote Buffer Overflow
WebAdmin 2.0.4 - USER Buffer Overflow (Metasploit)
Alt-N WebAdmin 2.0.4 - USER Buffer Overflow (Metasploit)
Wireless Tools 26 - (iwconfig) Privilege Escalation (some setuid)
Wireless Tools 26 (IWConfig) - Privilege Escalation (some setuid)
Mercury Mail 4.01a (Pegasus) - IMAP Buffer Overflow
Mercury/32 Mail Server 4.01a (Pegasus) - IMAP Buffer Overflow
CA iGateway - (debug mode) Remote Buffer Overflow
CA iTechnology iGateway - (debug mode) Remote Buffer Overflow
Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC)
KarjaSoft Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC)
Sami FTP Server 2.0.1 - Remote Buffer Overflow (Metasploit)
KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (Metasploit)
Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp)
KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp)
Zorum Forum 3.5 - (rollid) SQL Injection
Zorum Forum 3.5 - 'rollid' SQL Injection
SaphpLesson 2.0 - (forumid) SQL Injection
saPHP Lesson 2.0 - (forumid) SQL Injection
zawhttpd 0.8.23 - (GET) Remote Buffer Overflow Denial of Service
zawhttpd 0.8.23 - GET Remote Buffer Overflow Denial of Service
Zix Forum 1.12 - (layid) SQL Injection
Zix Forum 1.12 - 'layid' SQL Injection
QBik Wingate 6.1.1.1077 - (POST) Remote Buffer Overflow
QBik WinGate WWW Proxy Server 6.1.1.1077 - (POST) Remote Buffer Overflow
INDEXU 5.0.1 - (admin_template_path) Remote File Inclusion
Indexu 5.0.1 - (admin_template_path) Remote File Inclusion
SmartSiteCMS 1.0 - (root) Multiple Remote File Inclusion
SmartSite CMS 1.0 - (root) Multiple Remote File Inclusion
Solaris 10 - sysinfo() Local Kernel Memory Disclosure
Solaris 10 sysinfo() - Local Kernel Memory Disclosure
SAPID CMS 1.2.3.05 - 'ROOT_PATH' Remote File Inclusion
SAPID 1.2.3.05 - 'ROOT_PATH' Remote File Inclusion
ZZ:FlashChat 3.1 - (adminlog) Remote File Inclusion
ZZ:FlashChat 3.1 - 'adminlog' Remote File Inclusion
WFTPD 3.23 - (SIZE) Remote Buffer Overflow
Texas Imperial Software WFTPD 3.23 - (SIZE) Remote Buffer Overflow
Apache < 1.3.37 / 2.0.59 / 2.2.3 - (mod_rewrite) Remote Overflow (PoC)
Apache (mod_rewrite) < 1.3.37 / 2.0.59 / 2.2.3 - Remote Overflow (PoC)
Tr Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit
TR Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit
X11R6 <= 6.4 XKEYBOARD (solaris/x86) - Local Buffer Overflow
X11R6 <= 6.4 XKEYBOARD (sco/x86) - Local Buffer Overflow
X11R6 <= 6.4 XKEYBOARD (solaris x86) - Local Buffer Overflow
X11R6 <= 6.4 XKEYBOARD (sco x86) - Local Buffer Overflow
Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion
Telekorn Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion
ZoomStats 1.0.2 - (mysql.php) Remote File Inclusion
ZoomStats 1.0.2 - 'mysql.php' Remote File Inclusion
Microsoft Internet Explorer (VML) - Remote Buffer Overflow (SP2) (Perl)
Microsoft Internet Explorer - (VML) Remote Buffer Overflow (SP2) (Perl)
PHPMyWebmin 1.0 - (window.php) Remote File Inclusion
phpMyWebmin 1.0 - (window.php) Remote File Inclusion
VideoDB 2.2.1 - (pdf.php) Remote File Inclusion
VideoDB 2.2.1 - 'pdf.php' Remote File Inclusion
Microsoft Office 2003 - PPT Local Buffer Overflow (PoC)
Microsoft Office 2003 - '.PPT' Local Buffer Overflow (PoC)
Solaris 10 libnspr - LD_PRELOAD Arbitrary File Creation Privilege Escalation
Solaris 10 (libnspr) - LD_PRELOAD Arbitrary File Creation Privilege Escalation
Solaris 10 libnspr - Constructor Privilege Escalation
Solaris 10 (libnspr) - Constructor Privilege Escalation
Microsoft Windows NAT Helper Components - 'ipnathlp.dll' Remote Denial of Service
Microsoft Windows - NAT Helper Components 'ipnathlp.dll' Remote Denial of Service
3Com TFTP Service 2.0.1 - 'Long Transporting Mode' Overflow (PoC)
3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow (PoC)
3Com TFTP Service 2.0.1 - 'Long Transporting Mode' Overflow Exploit
3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow Exploit
BlazeVideo HDTV Player 2.1 - Malformed PLF Buffer Overflow (PoC)
BlazeVideo HDTV Player 2.1 - Malformed '.PLF' Buffer Overflow (PoC)
AT-TFTP 1.9 - (Long Filename) Remote Buffer Overflow
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - (Long Filename) Remote Buffer Overflow
DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow
AstonSoft DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow
KDE 3.5 - (libkhtml) 4.2.0 / Unhandled HTML Parse Exception Exploit
KDE libkhtml 3.5 < 4.2.0 - Unhandled HTML Parse Exception Exploit
Irokez CMS 0.7.1 - Multiple Remote File Inclusion
Irokez Blog 0.7.1 - Multiple Remote File Inclusion
PHP-update 2.7 - Multiple Vulnerabilities
PHP-Update 2.7 - Multiple Vulnerabilities
Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC)
KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC)
TFTPDWIN 0.4.2 - Remote Buffer Overflow
ProSysInfo TFTP server TFTPDWIN 0.4.2 - Remote Buffer Overflow
Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow
KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow
3Com TFTP Service 2.0.1 - Remote Buffer Overflow (Metasploit)
3Com TFTP Service (3CTftpSvc) 2.0.1 - Remote Buffer Overflow (Metasploit)
FdScript 1.3.2 - 'download.php' Remote File Disclosure
FD Script 1.3.2 - 'download.php' Remote File Disclosure
Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow
Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow (Metasploit)
Ipswitch IMail Server 8.10-8.12 - (RCPT TO) Remote Buffer Overflow
Ipswitch IMail Server 8.10-8.12 - (RCPT TO) Remote Buffer Overflow (Metasploit)
SunOS 5.10/5.11 - in.TelnetD Remote Authentication Bypass
SunOS 5.10/5.11 in.TelnetD - Remote Authentication Bypass
ZebraFeeds 1.0 - (zf_path) Remote File Inclusion
ZebraFeeds 1.0 - 'zf_path' Remote File Inclusion
MailEnable Enterprise 2.32 < 2.34 - Remote Buffer Overflow
MailEnable Professional 2.35 - Remote Buffer Overflow
MailEnable IMAPD Enterprise 2.32 < 2.34 - Remote Buffer Overflow
MailEnable IMAPD Professional 2.35 - Remote Buffer Overflow
Ipswitch WS_FTP 5.05 - (XMD5) Remote Buffer Overflow (Metasploit)
Ipswitch WS_FTP Server 5.05 - (XMD5) Remote Buffer Overflow (Metasploit)
Oracle 10g KUPW$WORKER.MAIN - SQL Injection (2)
Oracle 10g - KUPW$WORKER.MAIN SQL Injection (2)
3Com TFTP Service 2.0.1 - (Long Transporting Mode) Exploit (Perl)
madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow
3Com TFTP Service (3CTftpSvc) 2.0.1 - (Long Transporting Mode) Exploit (Perl)
Madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow
TFTPDWIN Server 0.4.2 - (UDP) Denial of Service
ProSysInfo TFTP Server TFTPDWIN 0.4.2 - (UDP) Denial of Service
NetVios Portal - 'page.asp' SQL Injection
NetVIOS Portal - 'page.asp' SQL Injection
Mercury Mail 4.0.1 - 'LOGIN' Remote IMAP Stack Buffer Overflow
Mercury/32 Mail Server 4.0.1 - 'LOGIN' Remote IMAP Stack Buffer Overflow
Apache Mod_Rewrite (Windows x86) - Off-by-One Remote Overflow
Apache (mod_rewrite) (Windows x86) - Off-by-One Remote Overflow
Microsoft Windows GDI - Privilege Escalation (MS07-017) (1)
Microsoft Windows - GDI Privilege Escalation (MS07-017) (1)
qdblog 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities
Quick and Dirty Blog (qdblog) 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities
Microsoft Windows GDI - Privilege Escalation (MS07-017) (2)
Microsoft Windows - GDI Privilege Escalation (MS07-017) (2)
Zomplog 3.8 - (force_download.php) Remote File Disclosure
Zomplog 3.8 - 'force_download.php' Remote File Disclosure
Versalsoft HTTP File Upload - ActiveX 6.36 (AddFile) Remote Denial of Service
Versalsoft HTTP File Uploader - ActiveX 6.36 (AddFile) Remote Denial of Service
Gimp 2.2.14 (Win x86) - '.ras' Download/Execute Buffer Overflow
GIMP 2.2.14 (Windows x86) - '.ras' Download/Execute Buffer Overflow
UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (PoC)
UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (PoC)
Apache 2.0.58 Mod_Rewrite - Remote Overflow (Windows 2003)
Apache (mod_rewrite) 2.0.58 (Windows 2003) - Remote Overflow
UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (1)
UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (2)
UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (1)
UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (2)
Microsoft Windows GDI+ - ICO File Remote Denial of Service
Microsoft Windows - GDI+ '.ICO' File Remote Denial of Service
Safari 3 for Windows Beta - Remote Command Execution (PoC)
Apple Safari 3 for Windows Beta - Remote Command Execution (PoC)
YourFreeScreamer 1.0 - (serverPath) Remote File Inclusion
YourFreeScreamer 1.0 - 'serverPath' Remote File Inclusion
BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow
RKD Software BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow
PHPEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection
phpEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection
Oracle 9i/10g Evil Views - Change Passwords Exploit
Oracle 9i/10g - Evil Views Change Passwords Exploit
Savant 3.1 - GET Request Remote Overflow (Universal)
Savant Web Server 3.1 - GET Request Remote Overflow (Universal)
Easy Chat Server 2.2 - Remote Denial of Service
EFS Easy Chat Server 2.2 - Remote Denial of Service
Mercury SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)
Mercury/32 Mail SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)
Mercury/32 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow
Mercury/32 Mail SMTPD 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow
Mercury/32 3.32-4.51 - SMTP Unauthenticated EIP Overwrite
Mercury/32 Mail Server 3.32<4.51 - SMTP Unauthenticated EIP Overwrite
Thomson SIP phone ST 2030 - Remote Denial of Service
Thomson SpeedTouch ST 2030 (SIP Phone) - Remote Denial of Service
MSN messenger 7.x (8.0?) - Video Remote Heap Overflow
Microsoft MSN Messenger 7.x (8.0?) - Video Remote Heap Overflow
Microsoft Visual Basic Enterprise Edition 6.0 SP6 - Code Execution
Microsoft Visual Basic Enterprise 6.0 SP6 - Code Execution
AskJeeves Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow
Ask.com/AskJeeves Toolbar Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow
MDPro 1.0.76 - SQL Injection
MD-Pro 1.0.76 - SQL Injection
ZZ FlashChat 3.1 - (help.php) Local File Inclusion
ZZ FlashChat 3.1 - 'help.php' Local File Inclusion
PHP-AGTC membership system 1.1a - Remote Add Admin
PHP-AGTC Membership System 1.1a - Remote Add Admin
Quick and Dirty Blog 0.4 - (categories.php) Local File Inclusion
Quick and Dirty Blog (qdblog) 0.4 - (categories.php) Local File Inclusion
badblue 2.72b - Multiple Vulnerabilities
BadBlue 2.72b - Multiple Vulnerabilities
SquirrelMail G/PGP Plugin - deletekey() Command Injection
SquirrelMail G/PGP Encryption Plugin - deletekey() Command Injection
hp software update client 3.0.8.4 - Multiple Vulnerabilities
HP Software Update Client 3.0.8.4 - Multiple Vulnerabilities
Microsoft Visual InterDev 6.0-SP6 - '.sln' Local Buffer Overflow
Microsoft Visual InterDev 6.0 SP6 - '.sln' Local Buffer Overflow
QuickTime Player 7.3.1.70 - RTSP Remote Buffer Overflow (PoC)
QuickTime Player 7.3.1.70 - 'RTSP' Remote Buffer Overflow (PoC)
Gradman 0.1.3 - (agregar_info.php) Local File Inclusion
Gradman 0.1.3 - 'agregar_info.php' Local File Inclusion
mybulletinboard (MyBB) 1.2.10 - Multiple Vulnerabilities
MyBulletinBoard (MyBB) 1.2.10 - Multiple Vulnerabilities
Mini File Host 1.2 - (upload.php language) Local File Inclusion
Crystal Reports XI Release 2 - (Enterprise Tree Control) ActiveX Buffer Overflow/Denial of Service
Mini File Host 1.2 - 'language' Parameter Local File Inclusion
Crystal Reports XI Release 2 (Enterprise Tree Control) - ActiveX Buffer Overflow/Denial of Service
Gradman 0.1.3 - (info.php tabla) Local File Inclusion
Small Axe 0.3.1 - (linkbar.php cfile) Remote File Inclusion
Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr' File Handling Buffer Overflow
Gradman 0.1.3 - 'info.php' Local File Inclusion
Small Axe 0.3.1 - 'cfile' Parameter Remote File Inclusion
Microsoft Visual Basic Enterprise 6 SP6 - '.dsr' File Handling Buffer Overflow
Mini File Host 1.2.1 - (upload.php language) Local File Inclusion
Mini File Host 1.2.1 - 'language' Parameter Local File Inclusion
Frimousse 0.0.2 - explorerdir.php Local Directory Traversal
360 Web Manager 3.0 - (IDFM) SQL Injection
bloofox 0.3 - (SQL Injection / File Disclosure) Multiple Vulnerabilities
Frimousse 0.0.2 - 'explorerdir.php' Local Directory Traversal
360 Web Manager 3.0 - 'IDFM' Parameter SQL Injection
bloofox 0.3 - SQL Injection / File Disclosure
Mooseguy Blog System 1.0 - (blog.php month) SQL Injection
Mooseguy Blog System 1.0 - 'month' Parameter SQL Injection
IDM-OS 1.0 - (download.php Filename) File Disclosure
IDM-OS 1.0 - 'Filename' Parameter File Disclosure
MoinMoin 1.5.x - MOIND_ID cookie Bug Remote Exploit
aflog 1.01 - comments.php Cross-Site Scripting / SQL Injection
MoinMoin 1.5.x - 'MOIND_ID' Cookie Bug Remote Exploit
aflog 1.01 - Cross-Site Scripting / SQL Injection
Easysitenetwork Recipe - 'categoryId' SQL Injection
Coppermine Photo Gallery 1.4.14 - SQL Injection
Easysitenetwork Recipe - 'categoryId' Parameter SQL Injection
Coppermine Photo Gallery 1.4.10 - SQL Injection
web wiz rich text editor 4.0 - Multiple Vulnerabilities
Web Wiz Rich Text Editor 4.0 - Multiple Vulnerabilities
Seagull 0.6.3 - (optimizer.php files) Remote File Disclosure
Seagull 0.6.3 - 'optimizer.php' Remote File Disclosure
Joomla! Component Marketplace 1.1.1 - SQL Injection
Joomla! Component com_Marketplace 1.1.1 - SQL Injection
ASPapp - 'links.asp CatId' SQL Injection
ASPapp Knowledge Base - 'links.asp CatId' SQL Injection
ZYXEL ZyWALL Quagga/Zebra - (default pass) Remote Root Exploit
ZYXEL ZyWALL Quagga/Zebra - (Default Password) Remote Root Exploit
Quick TFTP Pro 2.1 - Remote SEH Overflow
Quick TFTP Server Pro 2.1 - Remote SEH Overflow
Microsoft Office XP SP3 - PPT File Buffer Overflow (MS08-016)
Microsoft Office XP SP3 - '.PPT' File Buffer Overflow (MS08-016)
HP OpenView NNM 7.5.1 - OVAS.exe SEH Unauthenticated Overflow
HP OpenView Network Node Manager (OV NNM) 7.5.1 - OVAS.exe SEH Unauthenticated Overflow
Microsoft Visual InterDev 6.0 - (SP6) SLN File Local Buffer Overflow (PoC)
Microsoft Visual InterDev 6.0 (SP6) - .SLN File Local Buffer Overflow (PoC)
Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.DSR' File Local Buffer Overflow
Microsoft Visual Basic Enterprise 6 SP6 - '.DSR' File Local Buffer Overflow
hp openview nnm 7.53 - Multiple Vulnerabilities
HP OpenView Network Node Manager (OV NNM) 7.53 - Multiple Vulnerabilities
PHPKB 1.5 Knowledge Base - 'ID' SQL Injection
PHPKB Knowledge Base Software 1.5 - 'ID' SQL Injection
Microsoft Windows GDI - Image Parsing Stack Overflow (MS08-021)
Microsoft Windows - GDI Image Parsing Stack Overflow (MS08-021)
HP OpenView NNM 7.5.1 - ovalarmsrv.exe Remote Overflow
HP OpenView Network Node Manager (OV NNM) 7.5.1 - ovalarmsrv.exe Remote Overflow
siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
ZeusCart 2.0 - (category_list.php) SQL Injection
ZeusCart 2.0 - 'category_list.php' SQL Injection
Zomplog 3.8.2 - (newuser.php) Arbitrary Add Admin
Zomplog 3.8.2 - 'newuser.php' Arbitrary Add Admin
Zomplog 3.8.2 - (force_download.php) File Disclosure
Zomplog 3.8.2 - 'force_download.php' File Disclosure
PHP AGTC-Membership System 1.1a - Arbitrary Add Admin
PHP-AGTC Membership System 1.1a - Arbitrary Add Admin
PHP Booking Calendar 10 d - SQL Injection
phpBookingCalendar 10 d - SQL Injection
SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC)
Alt-N SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC)
Yuhhu 2008 SuperStar - (board) SQL Injection
Yuhhu 2008 SuperStar - 'board' SQL Injection
gravity board x 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Gravity Board X 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
gl-sh deaf forum 6.5.5 - Multiple Vulnerabilities
GL-SH Deaf Forum 6.5.5 - Multiple Vulnerabilities
Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow
Apple Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow
trixbox - (langChoice) Local File Inclusion (connect-back) (2)
Trixbox - (langChoice) Local File Inclusion (connect-back) (2)
Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow
Download Accelerator Plus DAP 8.x - '.m3u' File Buffer Overflow
Artic Issue Tracker 2.0.0 - (index.php filter) SQL Injection
Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection
Ppim 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities
pPIM 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities
Cisco WebEx Meeting Manager - 'atucfobj.dll' ActiveX Remote Buffer Overflow
Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX Remote Buffer Overflow
Ppim 1.0 - (upload/change Password) Multiple Vulnerabilities
pPIM 1.0 - (upload/change Password) Multiple Vulnerabilities
z-breaknews 2.0 - (single.php) SQL Injection
z-breaknews 2.0 - 'single.php' SQL Injection
Ultra Office - ActiveX Control Remote Buffer Overflow
Ultra Shareware Office Control - ActiveX Control Remote Buffer Overflow
Micrsoft Windows GDI - (CreateDIBPatternBrushPt) Heap Overflow (PoC)
Microsoft Windows - GDI (CreateDIBPatternBrushPt) Heap Overflow (PoC)
phpvid 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Zanfi CMS lite / Jaw Portal free - (page) SQL Injection
phpVID 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Zanfi CMS lite / Jaw Portal free - 'page' SQL Injection
Microsoft Windows Media Encoder XP SP2 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053)
Microsoft Windows Media Encoder (Windows XP SP2) - 'wmex.dll' ActiveX Buffer Overflow (MS08-053)
QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash
Apple QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash
Microsoft Windows GDI+ - '.ico' Remote Division By Zero Exploit
Microsoft Windows - GDI+ '.ico' Remote Division By Zero Exploit
Microsoft Windows GDI - (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021)
Microsoft Windows - GDI (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021)
opennms < 1.5.96 - Multiple Vulnerabilities
OpenNMS < 1.5.96 - Multiple Vulnerabilities
yerba sacphp 6.3 - Multiple Vulnerabilities
Yerba SACphp 6.3 - Multiple Vulnerabilities
Microsoft Windows GDI+ - PoC (MS08-052) (2)
Microsoft Windows - GDI+ PoC (MS08-052) (2)
zeeproperty - (adid) SQL Injection
zeeproperty - 'adid' SQL Injection
TUGzip 3.00 archiver - '.zip' Local Buffer Overflow
TugZip 3.00 Archiver - '.zip' Local Buffer Overflow
AJ ARTICLE - 'featured_article.php mode' SQL Injection
AJ Article - 'featured_article.php mode' SQL Injection
Article Publisher PRO 1.5 - Insecure Cookie Handling
Graugon PHP Article Publisher Pro 1.5 - Insecure Cookie Handling
YourFreeWorld Classifieds - (category) SQL Injection
YourFreeWorld Classifieds - 'category' SQL Injection
PG Roomate Finder Solution - (Authentication Bypass) SQL Injection
Pilot Group PG Roommate Finder Solution - (Authentication Bypass) SQL Injection
iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC)
Apple iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC)
asp AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities
ASP AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities
Professional Download Assistant 0.1 - (Authentication Bypass) SQL Injection
dotnetindex Professional Download Assistant 0.1 - (Authentication Bypass) SQL Injection
phpmygallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities
PHPmyGallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities
Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray)
Apple Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray)
Hex Workshop 6.0 - (ColorMap files .cmap) Invalid Memory Reference (PoC)
Hex Workshop 6.0 - '.cmap' Invalid Memory Reference (PoC)
ProFTPd with mod_mysql - Authentication Bypass
ProFTPd - 'mod_mysql' Authentication Bypass
ppim 1.0 - Multiple Vulnerabilities
pPIM 1.0 - Multiple Vulnerabilities
Orbit 2.8.4 - Long Hostname Remote Buffer Overflow
Orbit Downloader 2.8.4 - Long Hostname Remote Buffer Overflow
Merak Media PLayer 3.2 - '.m3u' File Local Buffer Overflow (SEH)
Merak Media Player 3.2 - '.m3u' File Local Buffer Overflow (SEH)
Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Files Local Heap Overflow (PoC)
Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Local Heap Overflow (PoC)
bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities
Bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities
Racer 0.5.3b5 - Remote Stack Buffer Overflow
Racer 0.5.3 Beta 5 - Remote Stack Buffer Overflow
Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash
Apple Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash
Gravity Board X 2.0b - SQL Injection / Authenticated Code Execution
Gravity Board X 2.0 Beta - SQL Injection / Authenticated Code Execution
Online Guestbook Pro - (display) Blind SQL Injection
Esoftpro Online Guestbook Pro - (display) Blind SQL Injection
tematres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
TemaTres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
ZaoCMS - (user_id) SQL Injection
ZaoCMS - 'user_id' SQL Injection
Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)
Apple Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)
ZeeCareers 2.0 - (addAdminmembercode.php) Add Admin
ZeeCareers 2.0 - 'addAdminmembercode.php' Add Admin
AdPeeps 8.5d1 - Cross-Site Scripting / HTML Injection
Impact Software AdPeeps 8.5d1 - Cross-Site Scripting / HTML Injection
WebBoard 2.90 Beta - Remote File Disclosure
212Cafe WebBoard 2.90 Beta - Remote File Disclosure
ZeusCart 2.3 - (maincatid) SQL Injection
ZeusCart 2.3 - 'maincatid' SQL Injection
DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection
Worldweaver DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection
compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)
Compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)
OtsAv DJ/TV/Radio - Multiple Local Heap Overflow PoCs
otsAV DJ/TV/Radio - Multiple Local Heap Overflow PoCs
Microsoft Office Web Components (Spreadsheet) - ActiveX Buffer Overflow (PoC)
Microsoft Office Web Components (OWC) Spreadsheet - ActiveX Buffer Overflow (PoC)
DD-WRT - (httpd service) Remote Command Execution
DD-WRT HTTPd Daemon/Service - Remote Command Execution
GLinks 2.1 - (cat) Blind SQL Injection
Groone's GLink ORGanizer 2.1 - (cat) Blind SQL Injection
XOOPS celepar module qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
XOOPS Celepar Module Qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC)
Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC)
Amaya 11.2 W3C Editor/Browser - (defer) Remote Buffer Overflow (SEH)
Amaya 11.2 - W3C Editor/Browser (defer) Remote Buffer Overflow (SEH)
Payment Processor Script - 'shop.htm cid' SQL Injection
Payment Processor Script (PPScript) - 'shop.htm cid' SQL Injection
Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC)
Apple Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC)
BandCMS 0.10 - news.php Multiple SQL Injection
Rock Band CMS 0.10 - news.php Multiple SQL Injection
Microsoft IIS 5.0 (Windows 2000 SP4) - FTP Server Remote Stack Overflow
Microsoft IIS 5.0 FTP Server (Windows 2000 SP4) - Remote Stack Overflow
Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service
Apple Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service
Eureka Mail Client 2.2q - PoC Buffer Overflow
Eureka Email Client 2.2q - PoC Buffer Overflow
Solaris 8.0 - LPD Command Execution (Metasploit)
Solaris 8.0 LPD - Command Execution (Metasploit)
Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit)
Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit)
Apple Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit)
Knox Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit)
ntpd 4.0.99j-k readvar - Buffer Overflow (Metasploit)
NTPd 4.0.99j-k readvar - Buffer Overflow (Metasploit)
Poptop < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit)
PoPToP < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit)
BulletProof FTP 2.63 b56 - Client Malformed '.bps' File Stack Buffer Overflow
BulletProof FTP Client 2.63 b56 - Malformed '.bps' File Stack Buffer Overflow
Dopewars 1.5.12 Server - Denial of Service
Dopewars Server 1.5.12 - Denial of Service
Free Download Manager Torrent File Parsing - Multiple Remote Buffer Overflow Vulnerabilities (Metasploit)
Free Download Manager - Torrent File Parsing Multiple Remote Buffer Overflow Vulnerabilities (Metasploit)
HP LaserJet printers - Multiple Persistent Cross-Site Scripting Vulnerabilities
HP LaserJet Printers - Multiple Persistent Cross-Site Scripting Vulnerabilities
Salim Gasmi GLD 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit)
Salim Gasmi GLD (Greylisting Daemon) 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit)
Adobe Shockwave 11.5.1.601 Player - Multiple Code Execution
Adobe Shockwave Player 11.5.1.601 - Multiple Code Execution
HP Power Manager Administration - Universal Buffer Overflow
Hewlett-Packard (HP) Power Manager Administration Power Manager Administration - Universal Buffer Overflow
Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
HP Openview NNM 7.53 - Invalid DB Error Code
HP OpenView Network Node Manager (OV NNM) 7.53 - Invalid DB Error Code
Quick.Cart 3.4 and Quick.CMS 2.4 - Cross-Site Request Forgery
Quick.Cart 3.4 / Quick.CMS 2.4 - Cross-Site Request Forgery
Eureka Mail Client - Remote Buffer Overflow
Eureka Email Client - Remote Buffer Overflow
IDEAL Administration 2009 9.7 - Local Buffer Overflow
PointDev IDEAL Administration 2009 9.7 - Local Buffer Overflow
phpshop 0.8.1 - Multiple Vulnerabilities
phpShop 0.8.1 - Multiple Vulnerabilities
IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)
PointDev IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)
HP NNM 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow
HP OpenView Network Node Manager (OV NNM) 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow
DigitalHive - Multiple Vulnerabilities
Digital Hive - Multiple Vulnerabilities
zabbix server - Multiple Vulnerabilities
Zabbix Server - Multiple Vulnerabilities
freekot - (Authentication Bypass) SQL Injection
Digiappz Freekot - (Authentication Bypass) SQL Injection
TFTP Daemon 1.9 - Denial of Service
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - Denial of Service
B2B Trading Marketplace - SQL Injection
SoftBiz B2B trading Marketplace Script - SQL Injection
Mini-stream - Windows XP SP2 and SP3 Exploit
Mini-stream Ripper (Windows XP SP2/SP3) - Exploit
Audiotran 1.4.1 - (Win XP SP2/SP3 English) Buffer Overflow
Audiotran 1.4.1 (Windows XP SP2/SP3 English) - Buffer Overflow
Safari 4.0.4 / Firefox 3.5.7 / SeaMonkey 2.0.1 - Remote Denial of Service
Apple Safari 4.0.4 / Firefox 3.5.7 / SeaMonkey 2.0.1 - Remote Denial of Service
iTunes 9.0.1 - '.pls' Handling Buffer Overflow
Apple iTunes 9.0.1 - '.pls' Handling Buffer Overflow
Apple Safari 4.0.4 & Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service/PoC
Apple Safari 4.0.4 / Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service (PoC)
Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service
Apple Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service
bild flirt system 2.0 - 'index.php' 'id' SQL Injection
Bild Flirt System 2.0 - 'index.php' 'id' SQL Injection
SAFARI APPLE 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash)
Apple Safari 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash)
iOS Safari - Bad 'VML' Remote Denial of Service
iOS Safari - Remote Denial of Service
Apple iOS Safari - Bad 'VML' Remote Denial of Service
Apple iOS Safari - Remote Denial of Service
HP OpenView NNM - OvWebHelp.exe CGI Topic Overflow
HP OpenView Network Node Manager (OV NNM) - OvWebHelp.exe CGI Topic Overflow
Adobe Reader - Escape From PDF
Adobe Reader - Escape From '.PDF'
TugZip 3.5 - '.ZIP' File Buffer Overflow
TugZip 3.5 Archiver - '.ZIP' File Buffer Overflow
Joomla! Component jp_jobs - SQL Injection
Joomla! Component com_jp_jobs - SQL Injection
Joomla! Component QPersonel - SQL Injection
Joomla! Component com_QPersonel - SQL Injection
Bild Flirt 1.0 - SQL Injection
Bild Flirt System 1.0 - SQL Injection
Safari 4.0.5 - (531.22.7) Denial of Service
Apple Safari 4.0.5 - (531.22.7) Denial of Service
Webkit (Safari 4.0.5) - Blink Tag Stack Exhaustion Denial of Service
Webkit (Apple Safari 4.0.5) - Blink Tag Stack Exhaustion Denial of Service
Safari 4.0.3 / 4.0.4 - Stack Exhaustion
Apple Safari 4.0.3 / 4.0.4 - Stack Exhaustion
724CMS Enterprise 4.59 - SQL Injection
PHPKB Knowledge Base Software 2.0 - Multilanguage Support - Multiple SQL Injections
724CMS 4.59 Enterprise - SQL Injection
PHPKB Knowledge Base Software 2.0 - Multilanguage Support Multiple SQL Injections
Joomla! Component JE Job - Local File Inclusion
Joomla! Component com_jejob JE Job 1.0 - Local File Inclusion
Safari 4.0.5 - parent.close() Memory Corruption (ASLR + DEP Bypass)
Apple Safari 4.0.5 - parent.close() Memory Corruption (ASLR + DEP Bypass)
Joomla! Component com_jejob 1.0 - 'catid' SQL Injection
Joomla! Component com_jejob JE Job 1.0 - 'catid' SQL Injection
Savy Soda Documents - (Mobile Office Suite) XLS Denial of Service
Office^2 iPhone - XLS Denial of Service
GoodiWare GoodReader iPhone - XLS Denial of Service
Savy Soda Documents - (Mobile Office Suite) '.XLS' Denial of Service
Office^2 iPhone - '.XLS' Denial of Service
GoodiWare GoodReader iPhone - '.XLS' Denial of Service
Yamamah (news) - SQL Injection / Source Code Disclosure
Yamamah - 'news' SQL Injection / Source Code Disclosure
Unreal IRCD 3.2.8.1 - Remote Downloader/Execute Trojan
UnrealIRCd 3.2.8.1 - Remote Downloader/Execute Trojan
k-search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
K-Search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
YPNinc JokeScript - (ypncat_id) SQL Injection
YPNinc JokeScript - 'ypncat_id' SQL Injection
YPNinc PHP Realty Script - (docID) SQL Injection
YPNinc PHP Realty Script - 'docID' SQL Injection
HP OpenView NNM - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution
HP OpenView NNM - getnnmdata.exe CGI Invalid ICount Remote Code Execution
HP OpenView NNM - getnnmdata.exe CGI Invalid Hostname Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid ICount Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid Hostname Remote Code Execution
Apple Mac OSX (Snow Leopard) EvoCam Web Server - ROP Remote Exploit
Apple Mac OSX EvoCam Web Server (Snow Leopard) - ROP Remote Exploit
HP NNM 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH)
HP OpenView Network Node Manager (OV NNM) 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH)
Safari Browser 4.0.2 - Clickjacking
Apple Safari 4.0.2 - Clickjacking
Barcodewiz 3.29 - Barcode ActiveX Control Remote Heap Spray Exploit (Internet Explorer 6/7'
Barcodewiz Barcode ActiveX Control 3.29 - Remote Heap Spray Exploit (Internet Explorer 6/7)
Apple iOS - pdf Jailbreak Exploit
Apple iOS - '.pdf' Jailbreak Exploit
HP OpenView NNM 7.53 OvJavaLocale - Buffer Overflow
HP OpenView Network Node Manager (OV NNM) 7.53 - OvJavaLocale Buffer Overflow
Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking
Microsoft PowerPoint 2010 - 'pptimpconv.dll' DLL Hijacking
Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking
Apple Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking
MediaPlayer Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking
Media Player Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking
HP OpenView NNM - webappmon.exe execvp_nc Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - webappmon.exe execvp_nc Remote Code Execution
AdaptCMS 2.0.1 Beta Release - Remote File Inclusion (Metasploit)
AdaptCMS 2.0.1 Beta - Remote File Inclusion (Metasploit)
DATAC RealWin 2.0 (Build 6.1.8.10) - Buffer Overflow
DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - Buffer Overflow
FatPlayer 0.6b - '.wav' Buffer Overflow (SEH)
Fat Player 0.6b - '.wav' Buffer Overflow (SEH)
CubeCart 2.0.1 - SQL Injection
Brooky CubeCart 2.0.1 - SQL Injection
DATAC RealWin SCADA 1.06 - Buffer Overflow
DATAC RealWin SCADA Server 1.06 - Buffer Overflow
pilot cart 7.3 - Multiple Vulnerabilities
ASPilot Pilot Cart 7.3 - Multiple Vulnerabilities
Mp3-Nator 2.0 - Buffer Overflow (SEH)
MP3-Nator 2.0 - Buffer Overflow (SEH)
Safari 5.02 - Stack Overflow Denial of Service
Apple Safari 5.02 - Stack Overflow Denial of Service
Microsoft Windows Task Scheduler - Privilege Escalation
Microsoft Windows - Task Scheduler Privilege Escalation
Pandora Fms 3.1 - Authentication Bypass
Pandora FMS 3.1 - Authentication Bypass
bugtracker.net 3.4.4 - Multiple Vulnerabilities
BugTracker.NET 3.4.4 - Multiple Vulnerabilities
Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit)
Viscom Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit)
Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow
Viscom Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow
WMITools ActiveX - Remote Command Execution
Microsoft WMITools ActiveX - Remote Command Execution
VideoSpirit Pro 1.68 - Local Buffer Overflow
VeryTools VideoSpirit Pro 1.68 - Local Buffer Overflow
Apple Mac OSX iTunes 8.1.1 - ITms Overflow (Metasploit)
Apple iTunes 8.1.1 (Mac OSX) - ITms Overflow (Metasploit)
PeaZip 2.6.1 - Zip Processing Command Injection (Metasploit)
PeaZIP 2.6.1 - Zip Processing Command Injection (Metasploit)
Sun Java - System Web Server WebDAV OPTIONS Buffer Overflow (Metasploit)
Sun Java Web Server - System WebDAV OPTIONS Buffer Overflow (Metasploit)
Apache Tomcat Manager Application Deployer - Authenticated Code Execution (Metasploit)
Apache Tomcat Manager - Application Deployer Authenticated Code Execution (Metasploit)
Solaris sadmind - Command Execution (Metasploit)
Solaris Sadmind - Command Execution (Metasploit)
Sun Solaris - Telnet Remote Authentication Bypass (Metasploit)
Sun Solaris Telnet - Remote Authentication Bypass (Metasploit)
Timbuktu Pro - Directory Traversal / Arbitrary File Upload (Metasploit)
Oracle 8i TNS Listener - 'ARGUMENTS' Buffer Overflow (Metasploit)
Motorola Timbuktu Pro - Directory Traversal / Arbitrary File Upload (Metasploit)
Oracle 8i - TNS Listener 'ARGUMENTS' Buffer Overflow (Metasploit)
TFTPDWIN 0.4.2 - Long Filename Buffer Overflow (Metasploit)
3CTftpSvc TFTP - Long Mode Buffer Overflow (Metasploit)
Quick FTP Pro 2.1 - Transfer-Mode Overflow (Metasploit)
ProSysInfo TFTP server TFTPDWIN 0.4.2 - Long Filename Buffer Overflow (Metasploit)
3Com TFTP Service (3CTftpSvc) - Long Mode Buffer Overflow (Metasploit)
Quick TFTP Server Pro 2.1 - Transfer-Mode Overflow (Metasploit)
Allied Telesyn TFTP Server 1.9 - Long Filename Overflow (Metasploit)
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - Long Filename Overflow (Metasploit)
CA BrightStor - ARCserve for Laptops & Desktops LGServer (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow (Metasploit)
CA BrightStor ARCserve for Laptops & Desktops LGServer - (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow (Metasploit)
Eureka Email 2.2q - ERR Remote Buffer Overflow (Metasploit) (2)
Eureka Email Client 2.2q - ERR Remote Buffer Overflow (Metasploit) (2)
FreeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit)
freeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit)
Kerio Firewall 2.1.4 - Authentication Packet Overflow (Metasploit)
Arkeia Backup Client Type 77 (Windows x86) - Overflow Exploit (Metasploit)
Kerio Personal Firewall 2.1.4 - Authentication Packet Overflow (Metasploit)
Knox Arkeia Backup Client Type 77 (Windows x86) - Overflow Exploit (Metasploit)
Mercury/32 <= 4.01b - LOGIN Buffer Overflow (Metasploit)
Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow (Metasploit)
MailEnable IMAPD (2.35) - Login Request Buffer Overflow (Metasploit)
Mercur 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit)
Mdaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2)
Mercury/32 Mail Server <= 4.01b - LOGIN Buffer Overflow (Metasploit)
Eudora Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow (Metasploit)
MailEnable IMAPD Professional (2.35) - Login Request Buffer Overflow (Metasploit)
Mercur MailServer 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit)
MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2)
IMail IMAP4D - Delete Overflow (Metasploit)
IPSwitch IMail IMAP4D - Delete Overflow (Metasploit)
Mercury/32 4.01a - IMAP RENAME Buffer Overflow (Metasploit)
Mercury/32 Mail Server 4.01a - IMAP RENAME Buffer Overflow (Metasploit)
Ipswitch IMail - IMAP SEARCH Buffer Overflow (Metasploit)
Ipswitch IMail Server - IMAP SEARCH Buffer Overflow (Metasploit)
AOL Instant Messenger - goaway Overflow (Metasploit)
AOL Instant Messenger AIM - goaway Overflow (Metasploit)
Microsoft OWC Spreadsheet - msDataSourceObject Memory Corruption (Metasploit)
Microsoft Office Web Components (OWC) Spreadsheet - msDataSourceObject Memory Corruption (Metasploit)
Zenturi ProgramChecker - ActiveX Control Arbitrary File Download (Metasploit)
Zenturi ProgramChecker ActiveX - Control Arbitrary File Download (Metasploit)
Tumbleweed FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit)
Tumbleweed SecureTransport FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit)
RKD Software 'BarCodeAx.dll' 4.9 - ActiveX Remote Stack Buffer Overflow (Metasploit)
RKD Software BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Stack Buffer Overflow (Metasploit)
RealNetworks RealPlayer - SMIL Buffer Overflow (Metasploit)
RealNetworks RealPlayer - '.SMIL' Buffer Overflow (Metasploit)
Adobe Shockwave - rcsL Memory Corruption (Metasploit)
Adobe Shockwave Player - rcsL Memory Corruption (Metasploit)
Microsoft Internet Explorer - VML Fill Method Code Execution (Metasploit)
Microsoft Internet Explorer - (VML) Fill Method Code Execution (Metasploit)
WebEx UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit)
Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit)
ACDSee - XPM File Section Buffer Overflow (Metasploit)
ACDSee - '.XPM' File Section Buffer Overflow (Metasploit)
HT-MP3Player 1.0 HT3 - File Parsing Buffer Overflow (Metasploit)
HT-MP3Player 1.0 - '.HT3' File Parsing Buffer Overflow (Metasploit)
Orbital Viewer - ORB File Parsing Buffer Overflow (Metasploit)
Orbital Viewer - '.ORB' File Parsing Buffer Overflow (Metasploit)
Audio Workstation 6.4.2.4.3 - pls Buffer Overflow (Metasploit)
Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit)
Qbik WinGate WWW Proxy Server - URL Processing Overflow (Metasploit)
QBik WinGate WWW Proxy Server - URL Processing Overflow (Metasploit)
Medal Of Honor Allied Assault - getinfo Stack Buffer Overflow (Metasploit)
Medal of Honor Allied Assault - getinfo Stack Buffer Overflow (Metasploit)
Cesar FTP 0.99g - (MKD) Command Buffer Overflow (Metasploit)
CesarFTP 0.99g - (MKD) Command Buffer Overflow (Metasploit)
Serv-U FTPD - MDTM Overflow (Metasploit)
RhinoSoft Serv-U FTPd Server - MDTM Overflow (Metasploit)
Ipswitch WS_FTP Server 5.05 - XMD5 Overflow (Metasploit)
Ipswitch WS_FTP Server 5.05 - (XMD5) Overflow (Metasploit)
3Com 3CDaemon 2.0 FTP - 'Username' Overflow (Metasploit)
3Com 3CDaemon 2.0 FTP Server - 'Username' Overflow (Metasploit)
FileCopa FTP Server pre 18 Jul Version - Exploit (Metasploit)
FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit)
SentinelLM - UDP Buffer Overflow (Metasploit)
Sentinel LM - UDP Buffer Overflow (Metasploit)
Apache module Mod_Rewrite - LDAP protocol Buffer Overflow (Metasploit)
Xitami 2.5c2 Web Server - If-Modified-Since Overflow (Metasploit)
Apache (mod_rewrite) - LDAP protocol Buffer Overflow (Metasploit)
Xitami Web Server 2.5c2 - If-Modified-Since Overflow (Metasploit)
Sambar 6 - Search Results Buffer Overflow (Metasploit)
Sambar Server 6 - Search Results Buffer Overflow (Metasploit)
IA WebMail 3.x - Buffer Overflow (Metasploit)
IA WebMail Server 3.x - Buffer Overflow (Metasploit)
Savant 3.1 Web Server - Overflow Exploit (Metasploit)
Savant Web Server 3.1 - Overflow Exploit (Metasploit)
HP OpenView NNM 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit)
Hewlett-Packard Power Manager Administration - Buffer Overflow (Metasploit)
Hewlett-Packard (HP) Power Manager Administration - Buffer Overflow (Metasploit)
Ipswitch WhatsUp Gold 8.03 - Buffer Overflow (Metasploit)
IPSwitch WhatsUp Gold 8.03 - Buffer Overflow (Metasploit)
PSO Proxy 0.91 - Stack Buffer Overflow (Metasploit)
PSOProxy 0.91 - Stack Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - ovalarm.exe CGI Buffer Overflow (Metasploit)
Apache mod_jk 1.2.20 - Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - ovalarm.exe CGI Buffer Overflow (Metasploit)
Apache Tomcat mod_jk 1.2.20 - Buffer Overflow (Metasploit)
NaviCOPA 2.0.1 - URL Handling Buffer Overflow (Metasploit)
NaviCOPA Web Server 2.0.1 - URL Handling Buffer Overflow (Metasploit)
MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit)
Alt-N MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit)
YPOPS 0.6 - Buffer Overflow (Metasploit)
YahooPOPs (YPOPS) 0.6 - Buffer Overflow (Metasploit)
Mercury Mail SMTP AUTH CRAM-MD5 - Buffer Overflow (Metasploit)
Mercury/32 Mail SMTPD - AUTH CRAM-MD5 Buffer Overflow (Metasploit)
IMail LDAP Service - Buffer Overflow (Metasploit)
IPSwitch IMail LDAP Daemon/Service - Buffer Overflow (Metasploit)
GLD (Greylisting Daemon) - Postfix Buffer Overflow (Metasploit)
Salim Gasmi GLD (Greylisting Daemon) - Postfix Buffer Overflow (Metasploit)
Poptop - Negative Read Overflow (Metasploit)
UoW IMAP server - LSUB Buffer Overflow (Metasploit)
PoPToP - Negative Read Overflow (Metasploit)
UoW IMAPd Server - LSUB Buffer Overflow (Metasploit)
DD-WRT HTTP Daemon - Arbitrary Command Execution (Metasploit)
DD-WRT HTTPd Daemon/Service - Arbitrary Command Execution (Metasploit)
Samba (Linux/x86) - trans2open Overflow (Metasploit)
iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1)
AppleFileServer - LoginExt PathName Overflow (Metasploit)
Samba (Linux x86) - trans2open Overflow (Metasploit)
Apple iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1)
AppleFileServer (OSX) - LoginExt PathName Overflow (Metasploit)
Arkeia Backup Client Type 77 (OSX) - Overflow Exploit (Metasploit)
Safari - Archive Metadata Command Execution (Metasploit)
Knox Arkeia Backup Client Type 77 (OSX) - Overflow Exploit (Metasploit)
Apple Safari - Archive Metadata Command Execution (Metasploit)
iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)
Apple iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)
Mail.app - Image Attachment Command Execution (Metasploit)
Apple Mail.app - Image Attachment Command Execution (Metasploit)
Apple Mac OSX QuickTime - RTSP Content-Type Overflow (Metasploit)
Apple Mac OSX EvoCam - HTTP GET Buffer Overflow (Metasploit)
Apple QuickTime (Mac OSX) - RTSP Content-Type Overflow (Metasploit)
Apple Mac OSX EvoCam Web Server - HTTP GET Buffer Overflow (Metasploit)
Samba trans2open (*BSD/x86) - Overflow Exploit (Metasploit)
Samba (*BSD x86) - trans2open Overflow Exploit (Metasploit)
PHP XML-RPC - Arbitrary Code Execution (Metasploit)
XML-RPC Library 1.3.0 - 'xmlrpc.php' Arbitrary Code Execution (Metasploit)
AWStats 6.4 < 6.5 migrate - Remote Command Execution (Metasploit)
HP Openview - connectedNodes.ovpl Remote Command Execution (Metasploit)
AWStats 6.4 < 6.5 - migrate Remote Command Execution (Metasploit)
HP OpenView Network Node Manager (OV NNM) - connectedNodes.ovpl Remote Command Execution (Metasploit)
TWiki Search Function - Arbitrary Command Execution (Metasploit)
TWiki - Search Function Arbitrary Command Execution (Metasploit)
Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
Novell iPrint Client ActiveX Control 5.52 - Buffer Overflow (Metasploit)
Novell iPrint Client 5.52 - ActiveX Control Buffer Overflow (Metasploit)
Kolibri 2.0 - HTTP Server HEAD Buffer Overflow (Metasploit)
Kolibri HTTP Server 2.0 - HEAD Buffer Overflow (Metasploit)
7-Technologies igss 9.00.00.11059 - Multiple Vulnerabilities
7-Technologies IGSS 9.00.00.11059 - Multiple Vulnerabilities
HP OpenView NNM - nnmRptConfig nameParams Buffer Overflow (Metasploit)
HP NNM - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit)
HP NNM - CGI webappmon.exe execvp Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - nnmRptConfig nameParams Buffer Overflow (Metasploit)
HP Network Node Manager (NMM) - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit)
HP Network Node Manager (NMM) - CGI webappmon.exe execvp Buffer Overflow (Metasploit)
HP OpenView NNM - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit)
VeryTools Video Spirit Pro 1.70 - '.visprj' Buffer Overflow (Metasploit)
VeryTools VideoSpirit Pro 1.70 - '.visprj' Buffer Overflow (Metasploit)
eyeos 1.9.0.2 - Persistent Cross-Site Scripting using image files
eyeos 1.9.0.2 - Persistent Cross-Site Scripting Using Image Files
Golden FTP 4.70 - PASS Stack Buffer Overflow (Metasploit)
Golden FTP Server 4.70 - PASS Stack Buffer Overflow (Metasploit)
manageengine support center plus 7.8 build 7801 - Directory Traversal
ManageEngine Support Center Plus 7.8 Build 7801 - Directory Traversal
Safari 5.0.6/5.1 - SVG DOM Processing (PoC)
Apple Safari 5.0.6/5.1 - SVG DOM Processing (PoC)
Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass)
Apple Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass)
TugZip 3.5 - '.ZIP' File Parsing Buffer Overflow (Metasploit)
TugZip 3.5 Archiver - '.ZIP' File Parsing Buffer Overflow (Metasploit)
Sports PHool 1.0 - Remote File Inclusion
SportsPHool 1.0 - Remote File Inclusion
Mini-stream 3.0.1.1 - Buffer Overflow (3)
Mini-stream Ripper 3.0.1.1 - Buffer Overflow (3)
Log1CMS 2.0 - (ajax_create_folder.php) Remote Code Execution
Log1 CMS 2.0 - (ajax_create_folder.php) Remote Code Execution
Zabbix 1.8.4 - (popup.php) SQL Injection
Zabbix 1.8.4 - 'popup.php' SQL Injection
CCMPlayer 1.5 - Stack based Buffer Overflow SEH Exploit '.m3u' (Metasploit)
CCMPlayer 1.5 - '.m3u' Stack based Buffer Overflow SEH Exploit (Metasploit)
Serv-U FTP Server < 4.2 - Buffer Overflow (Metasploit)
RhinoSoft Serv-U FTPd Server < 4.2 - Buffer Overflow (Metasploit)
Family Connections - less.php Remote Command Execution (Metasploit)
Family Connections CMS - 'less.php' Remote Command Execution (Metasploit)
FCMS 2.7.2 CMS - Multiple Persistent Cross-Site Scripting
Family CMS 2.7.2 - Multiple Persistent Cross-Site Scripting
openemr 4 - Multiple Vulnerabilities
Safari - GdiDrawStream BSoD
OpenEMR 4 - Multiple Vulnerabilities
Apple Safari - GdiDrawStream BSoD
clip bucket 2.6 - Multiple Vulnerabilities
Clipbucket 2.6 - Multiple Vulnerabilities
Tube Ace(Adult PHP Tube Script) - SQL Injection
Tube Ace (Adult PHP Tube Script) - SQL Injection
Dolibarr CMS 3.2.0 < Alpha - File Inclusion
Dolibarr 3.2.0 < Alpha - File Inclusion
PBLang - Local File Inclusion
PBLang Bulletin Board System - Local File Inclusion
NetDecision 4.5.1 - HTTP Server Buffer Overflow (Metasploit)
Netmechanica NetDecision HTTP Server 4.5.1 - Buffer Overflow (Metasploit)
Ricoh DC Software DL-10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow
Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow
Sitecom WLM-2501 new - Multiple Cross-Site Request Forgery Vulnerabilities
Sitecom WLM-2501 - Multiple Cross-Site Request Forgery Vulnerabilities
Ricoh DC DL-10 SR10 - FTP USER Command Buffer Overflow (Metasploit)
Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) - FTP USER Command Buffer Overflow (Metasploit)
TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam - ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow
TRENDnet SecurView TV-IP121WN Wireless Internet Camera - UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow
Quest InTrust Annotation Objects - Uninitialized Pointer (Metasploit)
Quest InTrust - Annotation Objects Uninitialized Pointer (Metasploit)
TFTP Server for Windows 1.4 - ST WRQ Buffer Overflow (Metasploit)
TFTP Server 1.4 (Windows) - ST WRQ Buffer Overflow (Metasploit)
samsung net-i ware 1.37 - Multiple Vulnerabilities
Samsung NET-i ware 1.37 - Multiple Vulnerabilities
iOS 5.1.1 - Safari Browser - JS match() & search() Crash (PoC)
Apple iOS 5.1.1 - Safari Browser - JS match() & search() Crash (PoC)
GIMP - script-fu Server Buffer Overflow (Metasploit)
GIMP script-fu - Server Buffer Overflow (Metasploit)
SugarCRM 6.3.1 - Unserialize() PHP Code Execution (Metasploit)
SugarCRM CE 6.3.1 - Unserialize() PHP Code Execution (Metasploit)
Openfire 3.6.0a - Admin Console Authentication Bypass (Metasploit)
Openfire Server 3.6.0a - Admin Console Authentication Bypass (Metasploit)
Tiki Wiki 8.3 - Unserialize() PHP Code Execution (Metasploit)
Tiki Wiki CMS Groupware 8.3 - Unserialize() PHP Code Execution (Metasploit)
Ipswitch IMail 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption
Ipswitch IMail Server 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption
UoW imapd 10.234/12.264 - Buffer Overflow
UoW imapd 10.234/12.264 - LSUB Buffer Overflow (Metasploit)
UoW imapd 10.234/12.264 - COPY Buffer Overflow (Metasploit)
UoW IMAPd Server 10.234/12.264 - Buffer Overflow
UoW IMAPd Server 10.234/12.264 - LSUB Buffer Overflow (Metasploit)
UoW IMAPd Serve 10.234/12.264 - COPY Buffer Overflow (Metasploit)
RedHat 6.2 - Piranha Virtual Server Package Default Account and Password
RedHat 6.2 Piranha Virtual Server Package - Default Account and Password
Microsoft Windows - Escalate Task Scheduler XML Privilege Escalation (Metasploit)
Microsoft Windows - Task Scheduler XML Privilege Escalation (Metasploit)
hp jetadmin 5.5.177/jetadmin 5.6 - Directory Traversal
HP JetAdmin 5.5.177/jetadmin 5.6 - Directory Traversal
Alienvault OSSIM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection
Alienvault OSSIM Open Source SIEM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection
RedHat 6 - glibc/locale Subsystem Format String
Solaris 2.6/7.0 - /locale Subsystem Format String
RedHat 6 GLIBC/locale - Subsystem Format String
Solaris 2.6/7.0 /locale - Subsystem Format String
Solaris 2.6/7.0 - 'eject' locale Subsystem Format String
Solaris 2.6/7.0 'eject' locale - Subsystem Format String
Microsoft IIS 4.0/5.0 and PWS Extended Unicode - Directory Traversal (5)
Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (5)
RedHat restore 0.4 b15 - Insecure Environment Variables
RedHat 0.4 b15 restore - Insecure Environment Variables
Viscosity OpenVPN Client (OSX) - Privilege Escalation
Viscosity - Privilege Escalation
Solaris 2.x/7.0/8 catman - Race Condition (1)
Solaris 2.x/7.0/8 catman - Race Condition (2)
Solaris 2.x/7.0/8 Catman - Race Condition (1)
Solaris 2.x/7.0/8 Catman - Race Condition (2)
sap NetWeaver dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities
SAP NetWeaver Dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities
T-dah Webmail - Multiple Persistent Cross-Site Scripting
T-dah Webmail Client - Multiple Persistent Cross-Site Scripting
Ntpd - Remote Buffer Overflow
NTPd - Remote Buffer Overflow
Ipswitch WS_FTP 2.0 - Anonymous Multiple FTP Command Buffer Overflow
Ipswitch WS_FTP Server 2.0 - Anonymous Multiple FTP Command Buffer Overflow
Solaris 2.x/7.0/8 lpd - Remote Command Execution
HP-UX 11.0 SWVerify - Buffer Overflow
Solaris 2.x/7.0/8 LPD - Remote Command Execution
HP-UX 11.0 - SWVerify Buffer Overflow
phusion WebServer 1.0 - Directory Traversal (1)
phusion WebServer 1.0 - Directory Traversal (2)
Phusion WebServer 1.0 - Directory Traversal (1)
Phusion WebServer 1.0 - Directory Traversal (2)
Progress 9.1 - sqlcpp Local Buffer Overflow
Progress Database 9.1 - sqlcpp Local Buffer Overflow
PsyBNC 2.3 - Oversized Passwords Denial of Service
psyBNC 2.3 - Oversized Passwords Denial of Service
Wu-imapd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1)
Wu-imapd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2)
WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1)
WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2)
Midicart - PHP Arbitrary File Upload
Midicart PHP - Arbitrary File Upload
otrs 3.1 - Persistent Cross-Site Scripting
OTRS 3.1 - Persistent Cross-Site Scripting
EType EServ 2.9x POP3 - Remote Denial of Service
EType EServ 2.9x - POP3 Remote Denial of Service
Invision Power Board 3.3.4 - 'Unserialize()' PHP Code Execution
Invision Power Board (IP.Board) 3.3.4 - 'Unserialize()' PHP Code Execution
Invision Power Board 3.3.4 - Unserialize Regex Bypass
Invision Power Board (IP.Board) 3.3.4 - Unserialize Regex Bypass
ttCMS 2.2 - / ttForum 1.1 news.php template Parameter Remote File Inclusion
ttCMS 2.2 - / ttForum 1.1 install.php installdir Parameter Remote File Inclusion
ttCMS 2.2 / ttForum 1.1 - news.php template Parameter Remote File Inclusion
ttCMS 2.2 / ttForum 1.1 - install.php installdir Parameter Remote File Inclusion
Invision IP.Board 3.3.4 - Unserialize() PHP Code Execution (Metasploit)
Invision Power Board (IP.Board) 3.3.4 - Unserialize() PHP Code Execution (Metasploit)
NFR Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution (Metasploit)
Novell File Reporter (NFR) Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution (Metasploit)
Kerio MailServer 5.6.3 - add_acl Module Overflow
Kerio MailServer 5.6.3 add_acl Module - Overflow
phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 - pagemaster Module PAGE_id Parameter Cross-Site Scripting
phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 pagemaster Module - PAGE_id Parameter Cross-Site Scripting
IBM System Director - Remote System Level Exploit
IBM System Director Agent - Remote System Level Exploit
Tectia SSH - USERAUTH Change Request Password Reset (Metasploit)
(SSH.com Communications) SSH Tectia - USERAUTH Change Request Password Reset (Metasploit)
Oracle MySQL for Microsoft Windows - MOF Execution (Metasploit)
Oracle MySQL (Windows) - MOF Execution (Metasploit)
CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (1)
CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (2)
GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (1)
GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (2)
IWConfig - Local ARGV Command Line Buffer Overflow (1)
IWConfig - Local ARGV Command Line Buffer Overflow (2)
IWConfig - Local ARGV Command Line Buffer Overflow (3)
Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (1)
Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (2)
Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (3)
Novell File Reporter Agent - XML Parsing Remote Code Execution
Novell File Reporter (NFR) Agent - XML Parsing Remote Code Execution
RhinoSoft Serv-U FTP Server 3/4 - MDTM Command Stack Overflow (1)
RhinoSoft Serv-U FTP Server 3/4 - MDTM Command Stack Overflow (2)
RhinoSoft Serv-U FTPd Server 3/4 - MDTM Command Stack Overflow (1)
RhinoSoft Serv-U FTPd Server 3/4 - MDTM Command Stack Overflow (2)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (1)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (2)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (3)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (4)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (1)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (2)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (3)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (4)
Alan Ward A-Cart 2.0 - category.asp catcode Parameter SQL Injection
Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection
Nagios - history.cgi Remote Command Execution
Nagios3 - history.cgi Remote Command Execution
phpshop 2.0 - SQL Injection
phpShop 2.0 - SQL Injection
Freesshd - Authentication Bypass (Metasploit)
FreeSSHD - Authentication Bypass (Metasploit)
RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Open Proxy Relay
RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Arbitrary File Access
RiSearch 0.99 /RiSearch Pro 3.2.6 - show.pl Open Proxy Relay
RiSearch 0.99 /RiSearch Pro 3.2.6 - show.pl Arbitrary File Access
SLMail 5.5 - POP3 PASS Remote Buffer Overflow
SLMail 5.5 - Remote Buffer Overflow
Seattle Lab Mail (SLMail) 5.5 - POP3 PASS Remote Buffer Overflow
Seattle Lab Mail (SLMail) 5.5 - Remote Buffer Overflow
AT-TFTP Server 2.0 - Stack Based Buffer Overflow Denial of Service
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 2.0 - Stack Based Buffer Overflow Denial of Service
Microsoft Windows Light HTTPD 0.1 - Buffer Overflow
Light HTTPD 0.1 (Windows) - Buffer Overflow
MSN Messenger 6.2.0137 - '.png' Buffer Overflow
Microsoft MSN Messenger 6.2.0137 - '.png' Buffer Overflow
Smail-3 - Multiple Remote and Local Vulnerabilities
Smail 3 - Multiple Remote and Local Vulnerabilities
Cisco Linksys E4200 Firmware - Multiple Vulnerabilities
Cisco Linksys E4200 - Multiple Vulnerabilities
Salim Gasmi GLD 1.x - Postfix Greylisting Daemon Buffer Overflow
Salim Gasmi GLD (Greylisting Daemon) 1.x - Postfix Greylisting Daemon Buffer Overflow
Claroline 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection
Claroline 1.5/1.6 - exercises_details.php exo_id Parameter SQL Injection
Claroline E-Learning 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection
Claroline E-Learning 1.5/1.6 - exercises_details.php exo_id Parameter SQL Injection
PHPCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection
phpCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection
NPDS 4.8 - /5.0 admin.php language Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 powerpack_f.php language Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 sdv_infos.php sitename Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - admin.php language Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - powerpack_f.php language Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - sdv_infos.php sitename Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 reviews.php title Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 reply.php image_subject Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 Glossaire Module terme Parameter SQL Injection
NPDS 4.8 - /5.0 links.php Query Parameter SQL Injection
NPDS 4.8 - /5.0 faq.php categories Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - reviews.php title Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - reply.php image_subject Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - Glossaire Module terme Parameter SQL Injection
NPDS 4.8 < 5.0 - links.php Query Parameter SQL Injection
NPDS 4.8 < 5.0 - faq.php categories Parameter Cross-Site Scripting
SlimServe httpd 1.0/1.1 - Directory Traversal
WhitSoft SlimServe httpd 1.0/1.1 - Directory Traversal
Quick TFTP Server 2.2 - Denial of Service
Quick TFTP Server Pro 2.2 - Denial of Service
aeNovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection
Aenovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection
XMB 1.9.3 - u2u.php Cross-Site Scripting
XMB Forum 1.9.3 - u2u.php Cross-Site Scripting
PHPAlbum 0.2.3/4.1 - Local File Inclusion
PHP Photo Album 0.2.3/4.1 - Local File Inclusion
Zoom X4/X5 ADSL Modem - Multiple Vulnerabilities
Zoom Telephonics X4/X5 ADSL Modem - Multiple Vulnerabilities
BlazeDVD Pro player 6.1 - Stack Based Buffer Overflow (Direct Ret)
BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow (Direct Ret)
NetBSD mail.local - Privilege Escalation (Metasploit)
NetBSD mail.local(8) - Privilege Escalation (Metasploit)
PCMAN FTP 2.07 - PASS Command Buffer Overflow
PCMan FTP Server 2.07 - PASS Command Buffer Overflow
PCMAN FTP 2.07 - STOR Command Buffer Overflow
PCMan FTP Server 2.07 - STOR Command Buffer Overflow
EImagePro - - subList.asp CatID Parameter SQL Injection
EImagePro - subList.asp CatID Parameter SQL Injection
OZJournals 1.2 - Vname Parameter Cross-Site Scripting
OZJournals 1.2 - 'Vname' Parameter Cross-Site Scripting
SoftBiz Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection
SoftBiz Dating Script 1.0 - products.php cid Parameter SQL Injection
SoftBiz Dating Script 1.0 - 'index.php' cid Parameter SQL Injection
SoftBiz Dating Script 1.0 - news_desc.php id Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - products.php cid Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - 'index.php' cid Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - news_desc.php id Parameter SQL Injection
OZJournals 1.5 - Multiple Input Validation Vulnerabilities
Baby FTP server 1.24 - Denial of Service
PCMAN FTP 2.07 - STOR Command Stack Overflow (Metasploit)
PCMan FTP Server 2.07 - STOR Command Stack Overflow (Metasploit)
Sophos Web Protection Appliance sblistpack - Arbitrary Command Execution (Metasploit)
Sophos Web Protection Appliance - 'sblistpack' Arbitrary Command Execution (Metasploit)
Festalon 0.5 - '.HES' Files Remote Heap Buffer Overflow
Festalon 0.5 - '.HES' Remote Heap Buffer Overflow
EZContents 2.0. - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion
EZContents 2.0 - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion
Google Earth 4.0.2091 (Beta) - KML/KMZ Files Buffer Overflow
Google Earth 4.0.2091 (Beta) - '.KML'/'.KMZ' Buffer Overflow
A-CART 2.0 - category.asp catcode Parameter SQL Injection
Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection
Microsoft Windows Media 6.4/10.0 - MID Malformed Header Chunk Denial of Service
Microsoft Windows Media Player 6.4/10.0 - MID Malformed Header Chunk Denial of Service
Microsoft Windows NDPROXY - Local SYSTEM Privilege Escalation (MS14-002)
Microsoft Windows - 'NDPROXY' Local SYSTEM Privilege Escalation (MS14-002)
Fish - Multiple Remote Buffer Overflow Vulnerabilities
FiSH-irssi - Multiple Remote Buffer Overflow Vulnerabilities
Microsoft Windows XP/2000 - 'WinMM.dll' .WAV Files Remote Denial of Service
Microsoft Windows XP/2000 - 'WinMM.dll' / '.WAV' Remote Denial of Service
Comersus Cart 7.0.7 Cart - comersus_message.asp redirectUrl Cross-Site Scripting
Comersus Cart 7.0.7 - comersus_message.asp redirectUrl Cross-Site Scripting
LanDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow
LANDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow
SAP DB 7.x - Web Server WAHTTP.exe Multiple Buffer Overflow Vulnerabilities
SAP DB 7.x Web Server - WAHTTP.exe Multiple Buffer Overflow Vulnerabilities
Lanius CMS 1.2.14 - FAQ Module mid Parameter SQL Injection
Lanius CMS 1.2.14 - EZSHOPINGCART Module cid Parameter SQL Injection
Lanius CMS 1.2.14 FAQ Module - 'mid' Parameter SQL Injection
Lanius CMS 1.2.14 EZSHOPINGCART Module - 'cid' Parameter SQL Injection
Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal
SafeNet Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal
Thomson SpeedTouch 2030 - SIP Invite Message Remote Denial of Service
Thomson SpeedTouch ST 2030 (SIP Phone) - SIP Invite Message Remote Denial of Service
Uebimiau 2.7.x - 'index.php' Cross-Site Scripting
Uebimiau Webmail 2.7.x - 'index.php' Cross-Site Scripting
Seagate BlackArmor - Root Exploit
Seagate BlackArmor NAS - Root Exploit
Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filtering
Apple Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filtering
PCMAN FTP 2.07 - ABOR Command Buffer Overflow
PCMAN FTP 2.07 - CWD Command Buffer Overflow
PCMan FTP Server 2.07 - ABOR Command Buffer Overflow
PCMan FTP Server 2.07 - CWD Command Buffer Overflow
HP OpenView Network Node Manager 7.x - (OV NNM) OpenView5.exe Action Parameter Traversal Arbitrary File Access
HP OpenView Network Node Manager (OV NNM) 7.x -OpenView5.exe Action Parameter Traversal Arbitrary File Access
amfphp 1.2 - browser/details class Parameter Cross-Site Scripting
amfPHP 1.2 - browser/details class Parameter Cross-Site Scripting
PCMAN FTP 2.07 - Buffer Overflow
PCMan FTP Server 2.07 - Buffer Overflow
Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit
Ultra Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit
SAFARI Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities
Apple Safari Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities
Novell Groupwise Messenger 2.0 - Client Buffer Overflow
Novell Groupwise Messenger 2.0 Client - Buffer Overflow
Meeting Room Booking System - (MRBS) 1.2.6 day.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 week.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 month.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - day.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - week.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - month.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 report.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 help.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - report.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - help.php area Parameter Cross-Site Scripting
Oracle VirtualBox 3D Acceleration - Multiple Vulnerabilities
Oracle VM VirtualBox 3D Acceleration - Multiple Vulnerabilities
OpenNms 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting
OpenNms 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting
OpenNms 1.5.x - event/list filter Parameter Cross-Site Scripting
OpenNMS 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting
OpenNMS 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting
OpenNMS 1.5.x - event/list filter Parameter Cross-Site Scripting
OpenNms 1.5.x - HTTP Response Splitting
OpenNMS 1.5.x - HTTP Response Splitting
Lynx 2.8 - '.mailcap' and '.mime.type' Files Local Code Execution
Lynx 2.8 - '.mailcap'/'.mime.type' Local Code Execution
Zeeways SHAADICLONE 2.0 - 'admin/home.php' Authentication Bypass
Zeeways Shaadi Clone 2.0 - 'admin/home.php' Authentication Bypass
Pilot Group PG Roommate - SQL Injection
Pilot Group PG Roommate Finder Solution - SQL Injection
OpenSSL TLS Heartbeat Extension - Memory Disclosure
OpenSSL TLS Heartbeat Extension - ''Heartbleed' Memory Disclosure
OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions)
OpenSSL 1.0.1f TLS Heartbeat Extension - 'Heartbleed' Memory Disclosure (Multiple SSL/TLS versions)
Heartbleed OpenSSL - Information Leak Exploit (1)
OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (1)
IBM Director 5.20 - CIM Server Privilege Escalation
IBM System Director Agent 5.20 - CIM Server Privilege Escalation
Heartbleed OpenSSL - Information Leak Exploit (2) DTLS Support
OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (2) (DTLS Support)
Kolibri 2.0 - GET Request Stack Buffer Overflow
Kolibri Web Server 2.0 - GET Request Stack Buffer Overflow
Easy Chat Server 3.1 - Stack Buffer Overflow
EFS Easy Chat Server 3.1 - Stack Buffer Overflow
Sphider 1.3.6 - Multiple Vulnerabilities
Sphider Search Engine 1.3.6 - Multiple Vulnerabilities
Kolibri WebServer 2.0 - GET Request SEH Exploit
Kolibri Web Server 2.0 - GET Request SEH Exploit
MQAC.sys - Arbitrary Write Privilege Escalation (Metasploit)
Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation (Metasploit)
VirtualBox - 3D Acceleration Virtual Machine Escape (Metasploit)
VirtualBox Guest Additions - 'VBoxGuest.sys' Privilege Escalation (Metasploit)
Oracle VM VirtualBox 4.3.6 - 3D Acceleration Virtual Machine Escape (Metasploit)
Oracle VM VirtualBox Guest Additions 4.3.10r93012 - 'VBoxGuest.sys' Privilege Escalation (Metasploit)
Impact Software Ad Peeps - Cross-Site Scripting / HTML Injection
Impact Software AdPeeps - Cross-Site Scripting / HTML Injection
PPScript - 'shop.htm' SQL Injection
Payment Processor Script (PPScript) - 'shop.htm' SQL Injection
ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution
ManageEngine DesktopCentral - Arbitrary File Upload / Remote Code Execution
Microsoft Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060)
Microsoft Windows - OLE Remote Code Execution 'Sandworm' Exploit (MS14-060)
Eclipse 3.3.2 IDE Help Server - help/advanced/searchView.jsp SearchWord Parameter Cross-Site Scripting
Eclipse 3.3.2 IDE - Help Server help/advanced/searchView.jsp SearchWord Parameter Cross-Site Scripting
TaskFreak 0.6.4 - 'index.php' Multiple Parameter Cross-Site Scripting
TaskFreak 0.6.4 - print_list.php Multiple Parameter Cross-Site Scripting
TaskFreak 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting
TaskFreak! 0.6.4 - 'index.php' Multiple Parameter Cross-Site Scripting
TaskFreak! 0.6.4 - print_list.php Multiple Parameter Cross-Site Scripting
TaskFreak! 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting
WordPress Plugin Wp Symposium 14.11 - Unauthenticated Arbitrary File Upload
WordPress Plugin WP Symposium 14.11 - Unauthenticated Arbitrary File Upload
Pandora 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit)
Pandora FMS 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit)
Oracle MySQL for Microsoft Windows - FILE Privilege Abuse (Metasploit)
Oracle MySQL (Windows) - FILE Privilege Abuse (Metasploit)
Exim ESMTP 4.80 glibc gethostbyname - Denial of Service
Exim ESMTP 4.80 - glibc gethostbyname Denial of Service
Support Incident Tracker - (SiT!) 3.63 p1 search.php search_string Parameter SQL Injection
Support Incident Tracker (SiT!) 3.63 p1 - search.php search_string Parameter SQL Injection
alitbang CMS 3.3 - alumni.php hal Parameter SQL Injection
Balitbang CMS 3.3 - alumni.php hal Parameter SQL Injection
HP Network Node Manager i 9.10 - nnm/mibdiscover node Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/configurationpoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/ping.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/traceroute.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/mibdiscover node Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/configurationpoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/ping.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/traceroute.jsp nodename Parameter Cross-Site Scripting
Publish-It - PUI Buffer Overflow (SEH)
Publish-It - '.PUI' Buffer Overflow (SEH)
WordPress Plugin WP Marketplace 2.4.0 - Remote Code Execution (Add WP Admin)
WordPress Plugin Marketplace 2.4.0 - Remote Code Execution (Add Admin)
Yaws 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
Yaws-Wiki 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
abrt (Fedora 21) - Race Condition
Abrt (Fedora 21) - Race Condition
Webgate WESP SDK 1.2 - ChangePassword Stack Overflow
WebGate WESP SDK 1.2 - ChangePassword Stack Overflow
Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034)
Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034)
Oracle - Outside-In DOCX File Parsing Memory Corruption
Oracle - Outside-In '.DOCX' File Parsing Memory Corruption
iTunes 10.6.1.7 - '.pls' Title Buffer Overflow
Apple iTunes 10.6.1.7 - '.pls' Title Buffer Overflow
WordPress Plugin Leaflet Maps Marker 0.0.1 for - leaflet_marker.php id Parameter Cross-Site Scripting
WordPress Plugin Leaflet Maps Marker 0.0.1 - leaflet_marker.php id Parameter Cross-Site Scripting
Microsoft Windows 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)
Microsoft Windows Server 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)
Mozilla Firefox < 39.03 - pdf.js Same Origin Policy Exploit
Mozilla Firefox < 39.03 - 'pdf.js' Same Origin Policy Exploit
Mozilla Firefox - pdf.js Privileged JavaScript Injection (Metasploit)
Mozilla Firefox - 'pdf.js' Privileged JavaScript Injection (Metasploit)
MiniUPnP - Multiple Denial of Service Vulnerabilities
MiniUPnP 1.4 - Multiple Denial of Service Vulnerabilities
Kaseya Virtual System Administrator - Multiple Vulnerabilities (2)
Kaseya Virtual System Administrator (VSA) - Multiple Vulnerabilities (2)
Safari - User-Assisted Applescript Exec Attack (Metasploit)
Apple Safari - User-Assisted Applescript Exec Attack (Metasploit)
Acrobat Reader DC 15.008.20082.15957 - PDF Parsing Memory Corruption
Acrobat Reader DC 15.008.20082.15957 - '.PDF' Parsing Memory Corruption
Dynamic Biz Website Builder - (QuickWeb) 1.0 apps/news-events/newdetail.asp id Parameter SQL Injection
Dynamic Biz Website Builder (QuickWeb) 1.0 - apps/news-events/newdetail.asp id Parameter SQL Injection
Xangati XSR And XNR - 'gui_input_test.pl' Remote Command Execution
Xangati XSR / XNR - 'gui_input_test.pl' Remote Command Execution
pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap Based Out-of-Bounds Read
pdfium CPDF_TextObject::CalcPositionData - Heap Based Out-of-Bounds Read
pdfium - CPDF_DIBSource::DownSampleScanline32Bit Heap Based Out-of-Bounds Read
pdfium - CPDF_TextObject::CalcPositionData Heap Based Out-of-Bounds Read
pdfium CPDF_Function::Call - Stack Based Buffer Overflow
pdfium - CPDF_Function::Call Stack Based Buffer Overflow
Foxit Reader 7.2.8.1124 - PDF Parsing Memory Corruption
Foxit Reader 7.2.8.1124 - '.PDF' Parsing Memory Corruption
Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit)
Netgear ProSafe Network Management System NMS300 - Arbitrary File Upload (Metasploit)
Novell Service Desk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities
Novell ServiceDesk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities
Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload
Oracle Application Testing Suite (ATS) 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload
ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass
ZKTeco ZKBioSecurity 3.0 - 'visLogin.jsp' Local Authentication Bypass
MiCasa VeraLite - Remote Code Execution
MiCasaVerde VeraLite - Remote Code Execution
SmallFTPd 1.0.3 - 'mkd' Command Denial of Service
SmallFTPd 1.0.3 - 'mkd' Command Denial Of Service
GNU GTypist 2.9.5-2 - Local Buffer Overflow
uSQLite 1.0.0 - Denial Of Service
HP TouchSmart Calendar 4.1.4245 - Insecure File Permissions Privilege Escalation
Joomla 3.4.4 - 3.6.4 - Account Creation / Privilege Escalation
CherryTree 0.36.9 - Memory Corruption (PoC)
2016-10-28 05:01:21 +00:00
Offensive Security
01eb066d9d
DB: 2016-10-13
...
11 new exploits
IBM AIX 5.2/5.3 FTP Client - Local Buffer Overflow
Yahoo! Widgets Engine 4.0.3 - YDPCTL.dll ActiveX Control Buffer Overflow
Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin)
Simple PHP Blog 0.8.4 - (Add Admin) Cross-Site Request Forgery
miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post)
miniblog 1.0.1 - (Add New Post) Cross-Site Request Forgery
PHP Press Release - Cross-Site Request Forgery (Add Admin)
PHP Press Release - (Add Admin) Cross-Site Request Forgery
Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post)
Spacemarc News - Cross-Site Request Forgery (Add New Post)
Minecraft Launcher - Insecure File Permissions Privilege Escalation
Maian Weblog 4.0 - (Add New Post) Cross-Site Request Forgery
Spacemarc News - (Add New Post) Cross-Site Request Forgery
Minecraft Launcher 1.6.61 - Insecure File Permissions Privilege Escalation
sheed AntiVirus - Unquoted Service Path Privilege Escalation
AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities
sheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation
AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities
Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit)
Linux Kernel 3.13.1 - 'Recvmmsg' Privilege Escalation (Metasploit)
ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)
ApPHP MicroBlog 1.0.2 - (Add New Author) Cross-Site Request Forgery
Subversion 1.6.6 / 1.6.12 - Code Execution
Cisco Webex Player T29.10 - '.WRF' Use-After-Free Memory Corruption
Cisco Webex Player T29.10 - '.ARF' Out-of-Bounds Memory Corruption
Adobe Flash Player 23.0.0.162 - '.SWF' ConstantPool Critical Memory Corruption
Categorizator 0.3.1 - SQL Injection
NetBilletterie 2.8 - Multiple Vulnerabilities
ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting
OpenCimetiere v3.0.0-a5 - Blind SQL Injection
Android - Binder Generic ASLR Leak
ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery
2016-10-13 05:01:17 +00:00
Offensive Security
77681134f4
DB: 2016-10-05
...
3 new exploits
CS-Cart 1.3.3 - (classes_dir) Remote File Inclusion
CS-Cart 1.3.3 - 'classes_dir' Remote File Inclusion
E-SMARTCART 1.0 - (Product_ID) SQL Injection
E-Smart Cart 1.0 - 'Product_ID' SQL Injection
E-SMART CART - 'productsofcat.asp' SQL Injection
E-Smart Cart - 'productsofcat.asp' SQL Injection
CS-Cart 2.0.0 Beta 3 - (Product_ID) SQL Injection
CS-Cart 2.0.0 Beta 3 - 'Product_ID' SQL Injection
E-Smartcart - SQL Injection
E-Smart Cart - SQL Injection
CubeCart PHP (shipkey parameter) 4.3.x - SQL Injection
CubeCart PHP 4.3.x - 'shipkey' SQL Injection
CS Cart 1.3.3 - (install.php) Cross-Site Scripting
CS-Cart 1.3.3 - 'install.php' Cross-Site Scripting
dansie shopping cart 3.0.4 - Multiple Vulnerabilities
Dansie Shopping Cart 3.0.4 - Multiple Vulnerabilities
Sendmail 8.11.6 - Address Prescan Memory Corruption
Joomla! Component RSfiles (cid parameter) - SQL Injection
Joomla! Component RSfiles - (cid parameter) SQL Injection
Dovecot with Exim sender_address Parameter - Remote Command Execution
Dovecot with Exim - sender_address Parameter Remote Command Execution
Exim sender_address Parameter - Remote Code Execution
Exim - sender_address Parameter Remote Code Execution
PHP 4.x/5.0/5.1 with Sendmail Mail Function additional_parameters - Argument Arbitrary File Creation
PHP 4.x/5.0/5.1 with Sendmail Mail Function - additional_parameters Argument Arbitrary File Creation
Simplog 0.9.3 BlogID Parameter - Multiple SQL Injections
Simplog 0.9.3 - BlogID Parameter Multiple SQL Injections
E-SMART CART - 'Members Login' Multiple SQL Injection Vulnerabilities
E-Smart Cart - 'Members Login' Multiple SQL Injection Vulnerabilities
MW6 Technologies Aztec ActiveX (Data parameter) - Buffer Overflow
MW6 Technologies Datamatrix - ActiveX (Data Parameter) - Buffer Overflow
MW6 Technologies MaxiCode ActiveX (Data parameter) - Buffer Overflow
MW6 Technologies Aztec ActiveX - (Data parameter) Buffer Overflow
MW6 Technologies Datamatrix ActiveX - (Data Parameter) - Buffer Overflow
MW6 Technologies MaxiCode ActiveX - (Data parameter) Buffer Overflow
WordPress Plugin Recipes Blog 'id' Parameter - SQL Injection
WordPress Plugin Recipes Blog - 'id' Parameter SQL Injection
Le Forum 'Fichier_Acceuil' Parameter - Remote File Inclusion
Le Forum - 'Fichier_Acceuil' Parameter Remote File Inclusion
eFront 3.6.14.4 (surname parameter) - Persistent Cross-Site Scripting
eFront 3.6.14.4 - (surname parameter) Persistent Cross-Site Scripting
WordPress Plugin Safe Search 'v1' Parameter - Cross-Site Scripting
WordPress Plugin Safe Search - 'v1' Parameter Cross-Site Scripting
WordPress Plugin Twitter Feed 'url' Parameter - Cross-Site Scripting
WordPress Plugin Twitter Feed - 'url' Parameter Cross-Site Scripting
WordPress Plugin GD Star Rating 'votes' Parameter - SQL Injection
WordPress Plugin GD Star Rating - 'votes' Parameter SQL Injection
AJ Classifieds 'listingid' Parameter - SQL Injection
AJ Classifieds - 'listingid' Parameter SQL Injection
PHP Prior to 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities
PHP < 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities
Opera Web Browser Prior to 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities
Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities
Bind 9 DNS Server - Denial of Service
Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - 'snd-usb-audio' Crash (PoC)
Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - 'iowarrior' Driver Crash (PoC)
Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'snd-usb-audio' Crash (PoC)
Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'iowarrior' Driver Crash (PoC)
OpenCart 2.1.0.2 to 2.2.0.0 - json_decode Function Remote Code Execution
OpenCart 2.1.0.2 < 2.2.0.0 - json_decode Function Remote Code Execution
Disk Pulse Enterprise 9.0.34 - Buffer Overflow
2016-10-05 05:01:18 +00:00
Offensive Security
f421077feb
DB: 2016-09-28
...
6 new exploits
UUCP Exploit - file creation/overwriting (symlinks)
UUCP Exploit - File Creation/Overwriting (symlinks) Exploit
Serv-U 3.x < 5.x - Privilege Escalation
Serv-U FTP Server 3.x < 5.x - Privilege Escalation
TiTan FTP Server - Long Command Heap Overflow (PoC)
Titan FTP Server - Long Command Heap Overflow (PoC)
Serv-U < 5.2 - Remote Denial of Service
Serv-U FTP Server < 5.2 - Remote Denial of Service
chesapeake tftp server 1.0 - Directory Traversal / Denial of Service (PoC)
Chesapeake TFTP Server 1.0 - Directory Traversal / Denial of Service (PoC)
Serv-U 4.x - 'site chmod' Remote Buffer Overflow
Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow
WS_FTP Server 5.03 - (RNFR) Buffer Overflow
Ipswitch WS_FTP Server 5.03 - (RNFR) Buffer Overflow
TYPSoft FTP Server 1.11 - (RETR) Denial of Service
TYPSoft FTP Server 1.11 - 'RETR' Denial of Service
XM Easy Personal FTP Server 1.0 - (Port) Remote Overflow (PoC)
XM Easy Personal FTP Server 1.0 - 'Port' Remote Overflow (PoC)
XM Easy Personal FTP Server 4.3 - (USER) Remote Buffer Overflow (PoC)
XM Easy Personal FTP Server 4.3 - 'USER' Remote Buffer Overflow (PoC)
XM Easy Personal FTP Server 5.0.1 - (Port) Remote Overflow (PoC)
XM Easy Personal FTP Server 5.0.1 - 'Port' Remote Overflow (PoC)
WinFtp Server 2.0.2 - (PASV) Remote Denial of Service
WinFTP Server 2.0.2 - (PASV) Remote Denial of Service
DREAM FTP Server 1.0.2 - (PORT) Remote Denial of Service
Dream FTP Server 1.0.2 - (PORT) Remote Denial of Service
XM Easy Personal FTP Server 5.2.1 - (USER) Format String Denial of Service
XM Easy Personal FTP Server 5.2.1 - 'USER' Format String Denial of Service
Sami HTTP Server 2.0.1 - (HTTP 404 Object not found) Denial of Service
Sami HTTP Server 2.0.1 - HTTP 404 Object not found Denial of Service
TurboFTP 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service
TurboFTP Server 5.30 Build 572 - 'newline/LIST' Multiple Remote Denial of Service
XM Easy Personal FTP Server 5.30 - (ABOR) Format String Denial of Service
XM Easy Personal FTP Server 5.30 - 'ABOR' Format String Denial of Service
MiniWeb Http Server 0.8.x - Remote Denial of Service
MiniWeb HTTP Server 0.8.x - Remote Denial of Service
JAF-CMS 4.0 RC2 - Multiple Remote File Inclusion
JAF CMS 4.0 RC2 - Multiple Remote File Inclusion
XM Easy Personal FTP Server 5.4.0 - (XCWD) Denial of Service
XM Easy Personal FTP Server 5.4.0 - 'XCWD' Denial of Service
Belkin wireless G router + ADSL2 modem - Authentication Bypass
Belkin Wireless G router + ADSL2 modem - Authentication Bypass
Serv-U 7.3 - Authenticated (stou con:1) Denial of Service
Serv-U 7.3 - Authenticated Remote FTP File Replacement
Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service
Serv-U FTP Server 7.3 - Authenticated Remote FTP File Replacement
WinFTP 2.3.0 - (PASV mode) Remote Denial of Service
WinFTP Server 2.3.0 - (PASV mode) Remote Denial of Service
Titan FTP server 6.26 build 630 - Remote Denial of Service
Titan FTP Server 6.26 build 630 - Remote Denial of Service
Netgear WG102 - Leaks SNMP write Password with read access
Netgear WG102 - Leaks SNMP Write Password With Read Access
WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow
WinFTP Server 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow
Netgear embedded Linux for the SSL312 router - Denial of Service
Netgear SSL312 Router - Denial of Service
Belkin BullDog Plus UPS-Service - Buffer Overflow
Belkin BullDog Plus - UPS-Service Buffer Overflow
Serv-U 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit
Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service
Serv-U FTP Server 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit
Serv-U FTP Server 7.4.0.1 - (SMNT) Authenticated Denial of Service
XM Easy Personal FTP Server 5.7.0 - (NLST) Denial of Service
XM Easy Personal FTP Server 5.7.0 - 'NLST' Denial of Service
TYPSoft FTP Server 1.11 - (ABORT) Remote Denial of Service
TYPSoft FTP Server 1.11 - 'ABORT' Remote Denial of Service
httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit
httpdx 0.8 FTP Server - Delete/Get/Create Directories/Files Exploit
Firebird SQL - op_connect_request main listener shutdown
Firebird SQL - op_connect_request main listener shutdown Exploit
HTTP SERVER (httpsv) 1.6.2 - (GET 404) Remote Denial of Service
BugHunter HTTP Server 1.6.2 - 'httpsv.exe' (GET 404) Remote Denial of Service
XM Easy Personal FTP Server - 'APPE' and 'DELE' Command Denial of Service
XM Easy Personal FTP Server - 'APPE' / 'DELE' Commands Denial of Service
TYPSoft 1.10 - APPE DELE Denial of Service
TYPSoft FTP Server 1.10 - APPE DELE Denial of Service
WingFTP Server 3.2.4 - Cross-Site Request Forgery
Wing FTP Server 3.2.4 - Cross-Site Request Forgery
Quick Player 1.2 -Unicode BoF - bindshell
Quick Player 1.2 - Unicode Buffer Overflow (Bindshell)
UplusFtp Server 1.7.0.12 - Remote Buffer Overflow
UplusFTP Server 1.7.0.12 - Remote Buffer Overflow
Wireshark 1.2.5 LWRES getaddrbyname BoF - calc.exe
Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow (calc.exe)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC)
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC)
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (PoC)
Easy~Ftp Server 1.7.0.2 - (HTTP) Remote Buffer Overflow
EasyFTP Server 1.7.0.2 - (HTTP) Remote Buffer Overflow
Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow
EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow
iPhone - FTP Server (WiFi FTP) by SavySoda Denial of Service/PoC
iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service/PoC
TopDownloads MP3 Player 1.0 - '.m3u' crash
TopDownloads MP3 Player 1.0 - '.m3u' Crash Exploit
Easy FTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit)
EasyFTP Server 1.7.0.2 - CWD Remote Buffer Overflow (Metasploit)
eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC)
PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php
eDisplay Personal FTP Server 1.0.0 - Unauthenticated Denial of Service (PoC)
eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Crash SEH (PoC)
PHPscripte24 Preisschlacht Liveshop System SQL Injection - (seite&aid) index.php Exploit
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1)
eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1)
uhttp Server - Directory Traversal
uhttp Server 0.1.0-alpha - Directory Traversal
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2)
eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2)
Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow
Apple Safari 4.0.3 (Windows x86) - (Windows x86) CSS Remote Denial of Service
Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
SmallFTPd FTP Server 1.0.3 - DELE Command Denial of Service
TYPSoft FTP Server 1.10 - RETR Command Denial of Service
SmallFTPd 1.0.3 - DELE Command Denial of Service
TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service
SolarWinds 10.4.0.10 - TFTP Denial of Service
SolarWinds TFTP Server 10.4.0.10 - Denial of Service
e107 - Code Exec
e107 - Code Exection
HomeFTP Server r1.10.3 (build 144) - Denial of Service
Home FTP Server r1.10.3 (build 144) - Denial of Service
TYPSoft FTP Server 1.1 - Remote Denial of Service (APPE)
TYPSoft FTP Server 1.1 - 'APPE' Remote Denial of Service
SolarWinds 10.4.0.13 - Denial of Service
SolarWinds TFTP Server 10.4.0.13 - Denial of Service
ISC-DHCPD - Denial of Service
ISC DHCPD - Denial of Service
Easy FTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'MKD' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated 'CWD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit)
EasyFTP Server 1.7.0.11 - Authenticated 'LIST' Command Remote Buffer Overflow (Metasploit)
Easy FTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - Authenticated Multiple Commands Remote Buffer Overflow
deepin tftp server 1.25 - Directory Traversal
Deepin TFTP Server 1.25 - Directory Traversal
Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer
Adobe Acrobat Reader and Flash Player - 'newclass' Invalid Pointer Exploit
JCMS 2010 - file download
JCMS 2010 - File Download Exploit
SolarFTP 2.0 - Multiple Commands Denial of Service
Solar FTP Server 2.0 - Multiple Commands Denial of Service
TYPSoft FTP Server 1.10 - RETR CMD Denial of Service
TYPSoft FTP Server 1.10 - 'RETR' Command Denial of Service
Xynph 1.0 - USER Denial of Service
Xynph FTP Server 1.0 - USER Denial of Service
XM Easy Personal FTP Server 5.8.0 - (TYPE) Denial of Service
XM Easy Personal FTP Server 5.8.0 - 'TYPE' Denial of Service
Solar FTP 2.1 - Denial of Service
Solar FTP Server 2.1 - Denial of Service
Red Hat Linux - stickiness of /tmp
Red Hat Linux - stickiness of /tmp Exploit
home ftp server 1.12 - Directory Traversal
Home FTP Server 1.12 - Directory Traversal
NetGear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)
Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)
Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit)
RhinoSoft Serv-U - Session Cookie Buffer Overflow (Metasploit)
RhinoSoft Serv-U FTP Server - Session Cookie Buffer Overflow (Metasploit)
Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow
SmallFTPd 1.0.3 FTP Server - Denial of Service
SmallFTPd 1.0.3 - Denial of Service
PCMAN FTP Server Buffer Overflow - PUT Command (Metasploit)
PCMan FTP Server Buffer Overflow - PUT Command (Metasploit)
Solar FTP 2.1.1 - PASV Buffer Overflow (PoC)
Solar FTP Server 2.1.1 - PASV Buffer Overflow (PoC)
BisonFTP Server 3.5 - Remote Buffer Overflow
BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow
Solarftp 2.1.2 - PASV Buffer Overflow (Metasploit)
Solar FTP Server 2.1.2 - PASV Buffer Overflow (Metasploit)
BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit)
BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit)
NETGEAR Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery
Netgear Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery
zFTP Server - 'cwd/stat' Remote Denial of Service
zFTPServer - 'cwd/stat' Remote Denial of Service
Serv-U FTP - Jail Break
Serv-U FTP Server - Jail Break
Typsoft FTP Server 1.10 - Multiple Commands Denial of Service
TYPSoft FTP Server 1.10 - Multiple Commands Denial of Service
PeerBlock 1.1 - BSOD
PeerBlock 1.1 - BSOD Exploit
distinct tftp server 3.01 - Directory Traversal
Distinct TFTP Server 3.01 - Directory Traversal
PHP < 5.3.12 & < 5.4.2 - CGI Argument Injection
PHP < 5.3.12 / < 5.4.2 - CGI Argument Injection
Berkeley Sendmail 5.58 - DEBUG
Berkeley Sendmail 5.58 - Debug exploit
SunView (SunOS 4.1.1) - selection_svc
Digital Ultrix 4.0/4.1 - /usr/bin/chroot
SunOS 4.1.1 - /usr/release/bin/makeinstall
SunOS 4.1.1 - /usr/release/bin/winstall
SunView (SunOS 4.1.1) - selection_svc Exploit
Digital Ultrix 4.0/4.1 - /usr/bin/chroot Exploit
SunOS 4.1.1 - /usr/release/bin/makeinstall Exploit
SunOS 4.1.1 - /usr/release/bin/winstall Exploit
SunOS 4.1.3 - kmem setgid /etc/crash
SunOS 4.1.3 - kmem setgid /etc/crash Exploit
IRIX 6.4 - pfdisplay.cgi
IRIX 6.4 - 'pfdisplay.cgi' Exploit
SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE
SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT
SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE Exploit
SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT Exploit
FreePBX < 13.0.188 - Remote Command Execution (Metasploit)
HP JetAdmin 1.0.9 Rev. D - symlink
HP JetAdmin 1.0.9 Rev. D - symlink Exploit
Ipswitch IMail 5.0 / WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation
Ipswitch IMail 5.0 / Ipswitch WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation
TP-Link Archer CR-700 - Cross-Site Scripting
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin Exploit
Cat Soft Serv-U 2.5 - Buffer Overflow
BisonWare BisonWare FTP Server 3.5 - Multiple Vulnerabilities
Allaire ColdFusion Server 4.0.1 - CFCRYPT.EXE
Cat Soft Serv-U FTP Server 2.5 - Buffer Overflow
BisonWare BisohFTP Server 3.5 - Multiple Vulnerabilities
Allaire ColdFusion Server 4.0.1 - 'CFCRYPT.EXE' Exploit
Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA
Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA Exploit
Linux Kernel 2.0 / 2.1 / 2.2 - autofs
Linux Kernel 2.0 / 2.1 / 2.2 - autofs Exploit
Debian 2.1 - httpd
S.u.S.E. 5.2 - gnuplot
Debian 2.1 - httpd Exploit
S.u.S.E. Linux 5.2 - gnuplot Exploit
Stanford University bootpd 2.4.3 / Debian 2.0 - netstd
Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Exploit
SGI IRIX 6.2 - /usr/lib/netaddpr
SGI IRIX 6.2 - /usr/lib/netaddpr Exploit
SGI IRIX 6.2 - day5notifier
SGI IRIX 6.2 - day5notifier Exploit
SGI IRIX 6.4 - datman/cdman
SGI IRIX 6.4 - datman/cdman Exploit
RedHat Linux 2.1 - abuse.console
RedHat Linux 2.1 - abuse.console Exploit
SGI IRIX 6.3 - cgi-bin webdist.cgi
SGI IRIX 6.3 - cgi-bin webdist.cgi Exploit
SGI IRIX 6.4 - cgi-bin handler
SGI IRIX 6.4 - cgi-bin handler Exploit
SGI IRIX 6.4 - login
SGI IRIX 6.4 - login Exploit
IBM AIX 3.2.5 - IFS
IBM AIX 3.2.5 - IFS Exploit
IBM AIX 3.2.5 - login(1)
IBM AIX 3.2.5 - login(1) Exploit
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (1)
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (2)
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (1)
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (2)
Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP
Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Exploit
GNU glibc 2.1/2.1.1 -6 - pt_chown
GNU glibc 2.1/2.1.1 -6 - pt_chown Exploit
Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd
Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd Exploit
ProFTPd 1.2 pre6 - snprintf
ProFTPd 1.2 pre6 - snprintf Exploit
Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi
Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Exploit
Microsoft Internet Explorer 5.0/4.0.1 - IFRAME
Microsoft Internet Explorer 5.0/4.0.1 - IFRAME Exploit
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (1)
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (2)
PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (1)
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (2)
PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog Exploit
S.u.S.E. Linux 6.1/6.2 - cwdtools
S.u.S.E. Linux 6.1/6.2 - cwdtools Exploit
SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin'
SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' Exploit
SCO Unixware 7.1 - 'pkg' commands
SCO Unixware 7.1 - 'pkg' command Exploit
Cat Soft Serv-U 2.5a - Server SITE PASS Denial of Service
Cat Soft Serv-U FTP Server 2.5a - SITE PASS Denial of Service
Nortel Networks Optivity NETarchitect 2.0 - PATH
Nortel Networks Optivity NETarchitect 2.0 - PATH Exploit
SGI IRIX 6.2 - midikeys/soundplayer
SGI IRIX 6.2 - midikeys/soundplayer Exploit
Allaire ColdFusion Server 4.0/4.0.1 - CFCACHE
Allaire ColdFusion Server 4.0/4.0.1 - 'CFCACHE' Exploit
Cat Soft Serv-U 2.5/a/b / Windows 2000/95/98/NT 4.0 - Shortcut
Cat Soft Serv-U FTP Server 2.5/a/b (Windows 2000/95/98/NT 4.0) - Shortcut Exploit
Microsoft Windows 95/98/NT 4.0 - autorun.inf
Microsoft Windows 95/98/NT 4.0 - autorun.inf Exploit
Corel Linux OS 1.0 - buildxconfig
Corel Linux OS 1.0 - setxconf
Corel Linux OS 1.0 - buildxconfig Exploit
Corel Linux OS 1.0 - setxconf Exploit
TP Link Gateway 3.12.4 - Multiple Vulnerabilities
TP-Link Gateway 3.12.4 - Multiple Vulnerabilities
SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname
SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname Exploit
Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr (2)
Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr Exploit (2)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (1)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel (2)
Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2)
Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Exploit
Cisco IOS 11.x/12.x - HTTP %%
Cisco IOS 11.x/12.x - HTTP %% Exploit
RedHat Linux 6.0/6.1/6.2 - pam_console
RedHat Linux 6.0/6.1/6.2 - pam_console Exploit
HP-UX 10.20/11.0 man - /tmp symlink
HP-UX 10.20/11.0 man - /tmp Symlink Exploit
IRIX 5.3/6.x - mail
IRIX 5.3/6.x - mail Exploit
TYPSoft 0.7 x - FTP Server Remote Denial of Service
TYPSoft FTP Server 0.7.x - FTP Server Remote Denial of Service
Oracle Internet Directory 2.0.6 - oidldap
Oracle Internet Directory 2.0.6 - oidldap Exploit
CatSoft FTP Serv-U 2.5.x - Brute Force
Cat Soft Serv-U FTP Server 2.5.x - Brute Force
Small HTTP server 2.0 1 - Non-Existent File Denial of Service
Small HTTP Server 2.0 1 - Non-Existent File Denial of Service
NCSA httpd-campas 1.2 - sample script
NCSA httpd-campas 1.2 - sample script Exploit
Novell NetWare Web Server 2.x - convert.bas
Novell NetWare Web Server 2.x - convert.bas Exploit
Serv-U 2.4/2.5 - FTP Directory Traversal
Serv-U FTP Server 2.4/2.5 - FTP Directory Traversal
Novell Netware Web Server 3.x - files.pl
Novell Netware Web Server 3.x - files.pl Exploit
guido frassetto sedum http server 2.0 - Directory Traversal
Guido Frassetto SEDUM HTTP Server 2.0 - Directory Traversal
robin twombly a1 http server 1.0 - Directory Traversal
Robin Twombly A1 HTTP Server 1.0 - Directory Traversal
SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon
SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon Exploit
michael lamont savant http server 2.1 - Directory Traversal
Michael Lamont Savant HTTP Server 2.1 - Directory Traversal
zeroo http server 1.5 - Directory Traversal (1)
zeroo http server 1.5 - Directory Traversal (2)
Zeroo HTTP Server 1.5 - Directory Traversal (1)
Zeroo HTTP Server 1.5 - Directory Traversal (2)
Netgear 1.x - ProSafe VPN Firewall Web Interface Login Denial of Service
Netgear ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service
Centrinity FirstClass 5.50/5.77/7.0/7.1 - HTTP Server Long Version Field Denial of Service
Centrinity FirstClass HTTP Server 5.50/5.77/7.0/7.1 - Long Version Field Denial of Service
Centrinity FirstClass 7.1 - HTTP Server Directory Disclosure
Centrinity FirstClass HTTP Server 7.1 - Directory Disclosure
BRS Webweaver 1.0.7 - ISAPISkeleton.dll Cross-Site Scripting
BRS Webweaver 1.0.7 - 'ISAPISkeleton.dll' Cross-Site Scripting
XLight FTP Server 1.x - Long Directory Request Remote Denial of Service
Xlight FTP Server 1.x - Long Directory Request Remote Denial of Service
XLight FTP Server 1.52 - Remote Send File Request Denial of Service
Xlight FTP Server 1.52 - Remote Send File Request Denial of Service
gweb http server 0.5/0.6 - Directory Traversal
GWeb HTTP Server 0.5/0.6 - Directory Traversal
MiniWeb MiniWeb HTTP Server (build 300) - Crash (PoC)
MiniWeb HTTP Server (build 300) - Crash (PoC)
TP-Link Print Server TL PS110U - Sensitive Information Enumeration
TP-Link PS110U Print Server TL - Sensitive Information Enumeration
PCMan's FTP Server 2.0.7 - Buffer Overflow
PCMan FTP Server 2.0.7 - Buffer Overflow
PCMan's FTP Server 2.0 - Remote Buffer Overflow
PCMan FTP Server 2.0 - Remote Buffer Overflow
PHP 3-5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass
PHP 3 < 5 - Ini_Restore() Safe_mode and open_basedir Restriction Bypass
PHP 3-5 - ZendEngine ECalloc Integer Overflow
PHP 3 < 5 - ZendEngine ECalloc Integer Overflow
NetGear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow
Netgear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow
NetGear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow
Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow
TPLINK WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities
Static Http Server 1.0 - Denial of Service
TP-Link WR740N/WR740ND - Multiple Cross-Site Request Forgery Vulnerabilities
Static HTTP Server 1.0 - Denial of Service
NETGEAR ReadyNAS - Perl Code Evaluation (Metasploit)
Netgear ReadyNAS - Perl Code Evaluation (Metasploit)
NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting
Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting
NetGear DGN2200 N300 Wireless Router - Multiple Vulnerabilities
Netgear DGN2200 N300 Wireless Router - Multiple Vulnerabilities
vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (1)
vsftpd FTP Server 2.0.5 - 'deny_file' Option Remote Denial of Service (2)
vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (1)
vsftpd 2.0.5 - 'deny_file' Option Remote Denial of Service (2)
Ipswitch 8.0 - WS_FTP Client Format String
Ipswitch WS_FTP Home/Professional 8.0 - WS_FTP Client Format String
NETGEAR WGR614 - Administration Interface Remote Denial of Service
Netgear WGR614 - Administration Interface Remote Denial of Service
Cisco IOS 12.4(23) HTTP Server - Multiple Cross-Site Scripting Vulnerabilities
Cisco IOS 12.4(23) - HTTP Server Multiple Cross-Site Scripting Vulnerabilities
NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities
Netgear N600 Wireless Dual Band WNDR3400 - Multiple Vulnerabilities
NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting
NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure
TP-Link Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities
TP-Link Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities
TP-Link TL-WR340G / TL-WR340GD - Multiple Vulnerabilities
TP-Link TL-WR841N / TL-WR841ND - Multiple Vulnerabilities
SolarFTP 2.1.1 - 'PASV' Command Remote Buffer Overflow
Solar FTP Server 2.1.1 - 'PASV' Command Remote Buffer Overflow
Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit
Netgear WNR500 Wireless Router - Parameter Traversal Arbitrary File Access Exploit
NetMan 204 - Backdoor Account
NetGear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities
Netgear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities
Serv-U 11.1.0.3 - Denial of Service / Security Bypass
Serv-U FTP Server 11.1.0.3 - Denial of Service / Security Bypass
TP-Link ADSL2+ TD-W8950ND - Unauthenticated Remote DNS Change
TP-Link TD-W8950ND ADSL2+ - Unauthenticated Remote DNS Change
NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure
ISC BIND9 - TKEY (PoC)
Netgear ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure
ISC BIND 9 - TKEY (PoC)
ISC BIND9 - TKEY Remote Denial of Service (PoC)
ISC BIND 9 - TKEY Remote Denial of Service (PoC)
NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation
Netgear Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation
Android (Stagefright) - Remote Code Execution
Android - 'Stagefright' Remote Code Execution
Microsoft Windows Media Center - MCL (MS15-100)
Microsoft Windows Media Center - MCL Exploit (MS15-100)
Android libstagefright - Integer Overflow Remote Code Execution
Android - libstagefright Integer Overflow Remote Code Execution
NETGEAR D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution
Netgear D6300B - /diag.cgi IPAddr4 Parameter Remote Command Execution
pdfium IsFlagSet (v8 memory management) - SIGSEGV
pdfium IsFlagSet (v8 memory management) - SIGSEGV Exploit
NETGEAR ProSafe Network Management System NMS300 - Multiple Vulnerabilities
Netgear ProSafe Network Management System NMS300 - Multiple Vulnerabilities
XM Easy Personal FTP Server 5.8 - (HELP) Remote Denial of Service
XM Easy Personal FTP Server 5.8.0 - 'HELP' Remote Denial of Service
NETGEAR ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit)
Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit)
TallSoft SNMP TFTP Server 1.0.0 - Denial of Service
TallSoft SNMP/TFTP Server 1.0.0 - Denial of Service
Metaphor - Stagefright Exploit with ASLR Bypass
Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass)
Zabbix 2.2 < 3.0.3 - Remote Code Execution with API JSON-RPC
Zabbix 2.2 < 3.0.3 - API JSON-RPC Remote Code Execution
Open Upload 0.4.2 - Multiple Cross-Site Request Forgery Vulnerabilities
NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities
NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vulnerabilities
FreePBX 13 / 14 - Remote Command Execution With Privilege Escalation
FreePBX 13 / 14 - Remote Command Execution / Privilege Escalation
Easy FTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit
EasyFTP Server 1.7.0.11 - 'APPE' Command Buffer Overflow Remote Exploit
Android 5.0 <= 5.1.1 - Stagefright .MP4 tx3g Integer Overflow (Metasploit)
2016-09-28 11:55:43 +00:00
Offensive Security
102574cb3e
DB: 2016-09-24
...
5 new exploits
EVA-Web 1.1<= 2.2 - (index.php3) Remote File Inclusion
EVA-Web 1.1 <= 2.2 - (index.php3) Remote File Inclusion
WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection
WordPress Plugin Simple Forum 1.10 < 1.11 - SQL Injection
Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl)
Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl)
Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby)
Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby)
Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python)
Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4 < 11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5)
Linux Kernel 2.4.1<2.4.37 / 2.6.1<2.6.32-rc5 - 'pipe.c' Privilege Escalation (3)
Linux Kernel 2.4.1 < 2.4.37 / 2.6.1 < 2.6.32-rc5 - 'pipe.c' Privilege Escalation (3)
Adobe Acrobat Reader 7<9 - U3D Buffer Overflow
Adobe Acrobat Reader 7 < 9 - U3D Buffer Overflow
Samba 3.0.21-3.0.24 - LSA trans names Heap Overflow (Metasploit)
Samba 3.0.21 < 3.0.24 - LSA trans names Heap Overflow (Metasploit)
Mozilla Firefox 7 / 8<= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit)
Mozilla Firefox 7 / 8 <= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit)
Adobe Flash - Crash When Freeing Memory After AVC decoding
Adobe Flash - Video Decompression Memory Corruption
Linux - SELinux W+X Protection Bypass via AIO
Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation
Wise Care 365 4.27 / Wise Disk Cleaner 9.29 - Unquoted Service Path Privilege Escalation
Microsoft MSN Messenger 1<4 - Malformed Invite Request Denial of Service
Microsoft MSN Messenger 1 < 4 - Malformed Invite Request Denial of Service
Kerio Control Unified Threat Management 9.1.0 build 1087_ 9.1.1 build 1324 - Multiple Vulnerabilities
Kerio Control Unified Threat Management 9.1.0 build 1087 / 9.1.1 build 1324 - Multiple Vulnerabilities
Check Point VPN-1 SecureClient 4.0/4.1 - Policy Bypass
Check Point VPN-1 SecureClient 4.0 < 4.1 - Policy Bypass
Microsoft Excel 95<2004 - Malformed Graphic File Code Execution
Microsoft Excel 95 < 2004 - Malformed Graphic File Code Execution
Git-1.9.5 - ssh-agent.exe Buffer Overflow
Git 1.9.5 - ssh-agent.exe Buffer Overflow
Skybox Platform <=7.0.611 - Multiple Vulnerabilities
Skybox Platform <= 7.0.611 - Multiple Vulnerabilities
SOLIDserver <=5.0.4 - Local File Inclusion
SOLIDserver <= 5.0.4 - Local File Inclusion
WordPress Plugin DZS Videogallery <=8.60 - Multiple Vulnerabilities
WordPress Plugin DZS Videogallery <= 8.60 - Multiple Vulnerabilities
Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (PowerShell)
Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell)
Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (C#)
Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (C#)
Microsoft Windows 7<10 / 2008<2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)
Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)
2016-09-24 05:05:07 +00:00
Offensive Security
b8ebed3824
DB: 2016-09-22
...
6 new exploits
Setuid perl - PerlIO_Debug() Root owned file creation
Setuid perl - PerlIO_Debug() Root Owned File Creation Privilege Escalation
Kaltura 11.1.0-2 - Remote Code Execution (Metasploit)
Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Root Exploit
Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Privilege Escalation
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Root Exploit (5)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5)
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Root Exploit (1)
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Privilege Escalation (1)
VideoCache 1.9.2 - vccleaner Root
VideoCache 1.9.2 - 'vccleaner' Privilege Escalation
UK One Media CMS - 'id' Error Based SQL Injection
UK One Media CMS - 'id' Error-Based SQL Injection
xt:Commerce Gambio 2008 < 2010 - 'reviews.php' ERROR Based SQL Injection
xt:Commerce Gambio 2008 < 2010 - 'reviews.php' Error-Based SQL Injection
Axis2 - / SAP BusinessObjects Authenticated Code Execution (via SOAP)
Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP)
Ultimate eShop - Error Based SQL Injection
Ultimate eShop - Error-Based SQL Injection
WordPress Plugin Multiple - timthumb.php Vulnerabilities
Multiple WordPress Plugins - timthumb.php File Upload
Linux Kernel 2.0/2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service
Slackware Linux 3.5 - /etc/group missing results in Root access
Slackware Linux 3.5 - /etc/group Missing Privilege Escalation
Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service
Sudo 1.6.3 - Unclean Environment Variable Root Program Execution
Sudo 1.6.3 - Unclean Environment Variable Privilege Escalation
Linux Kernel 2.0.x/2.2.x/2.4.x / FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure
Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
Microsoft Office PowerPoint 2010 - Invalid Pointer Reference
Symantec rar Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write
sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURemote Code Execution Bypass
sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Privilege Escalation + glibc FORTIFY_SOURCE Bypass
Microweber 0.905 - Error Based SQL Injection
Microweber 0.905 - Error-Based SQL Injection
WordPress Theme TimThumb 2.8.13 WebShot Plugin/ - Remote Code Execution
Multiple WordPress Plugins (Using TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution
2016-09-22 05:06:28 +00:00
Offensive Security
0be1ea959a
DB: 2016-09-09
...
11 new exploits
Samba 3.0.4 - SWAT Authorization Buffer Overflow
Samba 3.0.4 SWAT - Authorisation Buffer Overflow
Apache OpenSSL - 'OpenFuckV2.c' Remote Exploit
Apache/mod_ssl (< 2.8.7) OpenSSL - 'OpenFuckV2.c' Remote Exploit (2)
HP-UX FTP Server - Pre-Authentication Directory Listing Exploit (Metasploit)
HP-UX FTP Server - Unauthenticated Directory Listing Exploit (Metasploit)
WinEggDropShell 1.7 - Multiple Pre-Authentication Remote Stack Overflow (PoC)
WinEggDropShell 1.7 - Multiple Unauthenticated Remote Stack Overflow (PoC)
FileCOPA FTP Server 1.01 - (USER) Remote Pre-Authentication Denial of Service
FileCOPA FTP Server 1.01 - (USER) Remote Unauthenticated Denial of Service
Multiple Applications - Local Credentials Disclosure
Asterisk 1.2.15 / 1.4.0 - Pre-Authentication Remote Denial of Service
Asterisk 1.2.15 / 1.4.0 - Unauthenticated Remote Denial of Service
IBM Lotus Domino Server 6.5 - Pre-Authentication Remote Exploit
IBM Lotus Domino Server 6.5 - Unauthenticated Remote Exploit
Frontbase 4.2.7 - Post-Authentication Remote Buffer Overflow (2.2)
Frontbase 4.2.7 - Authenticated Remote Buffer Overflow (2.2)
IBM Tivoli Provisioning Manager - Pre-Authentication Remote Exploit
IBM Tivoli Provisioning Manager - Unauthenticated Remote Exploit
Mercury SMTPD - Remote Pre-Authentication Stack Based Overrun (PoC)
Mercury SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)
Mercury/32 4.51 - SMTPD CRAM-MD5 Pre-Authentication Remote Overflow
Mercury/32 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow
SIDVault LDAP Server - Pre-Authentication Remote Buffer Overflow
Mercury/32 3.32-4.51 - SMTP Pre-Authentication EIP Overwrite
SIDVault LDAP Server - Unauthenticated Remote Buffer Overflow
Mercury/32 3.32-4.51 - SMTP Unauthenticated EIP Overwrite
Hexamail Server 3.0.0.001 - (pop3) Pre-Authentication Remote Overflow (PoC)
Hexamail Server 3.0.0.001 - (pop3) Unauthenticated Remote Overflow (PoC)
Airsensor M520 - HTTPD Remote Pre-Authentication Denial of Service / Buffer Overflow (PoC)
Airsensor M520 - HTTPD Remote Unauthenticated Denial of Service / Buffer Overflow (PoC)
Mercury/32 4.52 IMAPD - SEARCH command Post-Authentication Overflow
Mercury/32 4.52 IMAPD - SEARCH command Authenticated Overflow
SAP MaxDB 7.6.03.07 - Pre-Authentication Remote Command Execution
McAfee E-Business Server - Remote Pre-Authentication Code Execution / Denial of Service (PoC)
SAP MaxDB 7.6.03.07 - Unauthenticated Remote Command Execution
McAfee E-Business Server - Remote Unauthenticated Code Execution / Denial of Service (PoC)
MailEnable Pro/Ent 3.13 - (Fetch) Post-Authentication Remote Buffer Overflow
MailEnable Pro/Ent 3.13 - (Fetch) Authenticated Remote Buffer Overflow
NetWin Surgemail 3.8k4-4 - IMAP Post-Authentication Remote LIST Universal Exploit
NetWin Surgemail 3.8k4-4 - IMAP Authenticated Remote LIST Universal Exploit
HP OpenView NNM 7.5.1 - OVAS.exe SEH Pre-Authentication Overflow
HP OpenView NNM 7.5.1 - OVAS.exe SEH Unauthenticated Overflow
BigAnt Server 2.2 - Pre-Authentication Remote SEH Overflow
BigAnt Server 2.2 - Unauthenticated Remote SEH Overflow
Joomla Component JPad 1.0 - Post-Authentication SQL Injection
Joomla Component JPad 1.0 - Authenticated SQL Injection
CMS Made Simple 1.2.4 - (FileManager module) File Upload
CMS Made Simple 1.2.4 - (FileManager module) Arbitrary File Upload
freeSSHd 1.2.1 - Remote Stack Overflow PoC (Post-Authentication)
freeSSHd 1.2.1 - Remote Stack Overflow PoC (Authenticated)
freeSSHd 1.2.1 - (Post-Authentication) Remote SEH Overflow
freeSSHd 1.2.1 - (Authenticated) Remote SEH Overflow
vsftpd 2.0.5 - (CWD) Post-Authentication Remote Memory Consumption Exploit
vsftpd 2.0.5 - (CWD) Authenticated Remote Memory Consumption Exploit
Surgemail 39e-1 - Post-Authentication IMAP Remote Buffer Overflow Denial of Service
Surgemail 39e-1 - Authenticated IMAP Remote Buffer Overflow Denial of Service
Debian OpenSSH - (Post-Authentication) Remote SELinux Privilege Elevation Exploit
Debian OpenSSH - (Authenticated) Remote SELinux Privilege Elevation Exploit
Oracle Internet Directory 10.1.4 - Remote Pre-Authentication Denial of Service
Oracle Internet Directory 10.1.4 - Remote Unauthenticated Denial of Service
AvailScript Jobs Portal Script - (Post-Authentication) (jid) SQL Injection
AvailScript Jobs Portal Script - (Authenticated) (jid) SQL Injection
AvailScript Jobs Portal Script - (Post-Authentication) File Upload
AvailScript Jobs Portal Script - (Authenticated) Arbitrary File Upload
Serv-U 7.3 - (Post-Authentication) (stou con:1) Denial of Service
Serv-U 7.3 - (Post-Authentication) Remote FTP File Replacement
Serv-U 7.3 - (Authenticated) (stou con:1) Denial of Service
Serv-U 7.3 - (Authenticated) Remote FTP File Replacement
Microsoft PicturePusher - ActiveX Cross-Site File Upload Attack (PoC)
Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload Attack (PoC)
Noticeware E-mail Server 5.1.2.2 - (POP3) Pre-Authentication Denial of Service
Noticeware E-mail Server 5.1.2.2 - (POP3) Unauthenticated Denial of Service
freeSSHd 1.2.1 - (Post-Authentication) SFTP rename Remote Buffer Overflow PoC
freeSSHd 1.2.1 - (Authenticated) SFTP rename Remote Buffer Overflow PoC
LoudBlog 0.8.0a - (Post-Authentication) (ajax.php) SQL Injection
LoudBlog 0.8.0a - (Authenticated) (ajax.php) SQL Injection
freeSSHd 1.2.1 - (Post-Authentication) SFTP realpath Remote Buffer Overflow PoC
freeSSHd 1.2.1 - (Authenticated) SFTP realpath Remote Buffer Overflow PoC
AJ Auction Authentication - Bypass Exploit
AJ Auction - Authentication Bypass
Simple Directory Listing 2 - Cross-Site File Upload
Simple Directory Listing 2 - Cross-Site Arbitrary File Upload
Mini File Host 1.x - Arbitrary PHP File Upload
Mini File Host 1.x - Arbitrary .PHP File Upload
Memberkit 1.0 - Remote PHP File Upload
Memberkit 1.0 - Remote Arbitrary .PHP File Upload
WinFTP 2.3.0 - 'LIST' Post-Authentication Remote Buffer Overflow
WinFTP 2.3.0 - 'LIST' Authenticated Remote Buffer Overflow
Coppermine Photo Gallery 1.4.19 - Remote PHP File Upload
Coppermine Photo Gallery 1.4.19 - Remote Arbitrary .PHP File Upload
Free Download Manager 2.5/3.0 - (Authorization) Stack Buffer Overflow (PoC)
Free Download Manager 2.5/3.0 - Authorisation Stack Buffer Overflow (PoC)
WikkiTikkiTavi 1.11 - Remote PHP File Upload
WikkiTikkiTavi 1.11 - Remote Arbitrary.PHP File Upload
Baran CMS 1.0 - Arbitrary ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation
Baran CMS 1.0 - Arbitrary .ASP File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation
zFeeder 1.6 - 'admin.php' Pre-Authentication
zFeeder 1.6 - 'admin.php' Unauthenticated
Addonics NAS Adapter - Post-Authentication Denial of Service
Addonics NAS Adapter - Authenticated Denial of Service
Serv-U 7.4.0.1 - (SMNT) Post-Authentication Denial of Service
Serv-U 7.4.0.1 - (SMNT) Authenticated Denial of Service
Hannon Hill Cascade Server - (Post-Authentication) Command Execution
Hannon Hill Cascade Server - (Authenticated) Command Execution
Telnet-Ftp Service Server 1.x - (Post-Authentication) Multiple Vulnerabilities
Telnet-Ftp Service Server 1.x - (Authenticated) Multiple Vulnerabilities
Femitter FTP Server 1.x - (Post-Authentication) Multiple Vulnerabilities
Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities
Gravity Board X 2.0b - SQL Injection / Post-Authentication Code Execution
Gravity Board X 2.0b - SQL Injection / Authenticated Code Execution
XRDP 0.4.1 - Pre-Authentication Remote Buffer Overflow (PoC)
XRDP 0.4.1 - Unauthenticated Remote Buffer Overflow (PoC)
Addonics NAS Adapter - 'bts.cgi' Post-Authentication Remote Denial of Service
Addonics NAS Adapter - 'bts.cgi' Authenticated Remote Denial of Service
Cpanel - (Post-Authentication) (lastvisit.html domain) Arbitrary File Disclosure
Cpanel - (Authenticated) (lastvisit.html domain) Arbitrary File Disclosure
MySQL 5.0.45 - (Post-Authentication) COM_CREATE_DB Format String PoC
MySQL 5.0.45 - (Authenticated) COM_CREATE_DB Format String PoC
Adobe JRun 4 - (logfile) Post-Authentication Directory Traversal
Adobe JRun 4 - (logfile) Authenticated Directory Traversal
FtpXQ FTP Server 3.0 - (Post-Authentication) Remote Denial of Service
FtpXQ FTP Server 3.0 - (Authenticated) Remote Denial of Service
NetAccess IP3 - (Post-Authentication) (ping option) Command Injection
NetAccess IP3 - (Authenticated) (ping option) Command Injection
Joomla 1.5.12 - tinybrowser Arbitrary File Upload / Execute
Joomla 1.5.12 tinybrowser - Arbitrary File Upload /Execution
Cerberus FTP server 3.0.6 - Pre-Authentication Denial of Service
Cerberus FTP server 3.0.6 - Unauthenticated Denial of Service
HP NNM 7.53 - ovalarm.exe CGI Pre-Authentication Remote Buffer Overflow
HP NNM 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow
Novell eDirectory 8.8 SP5 - (Post-Authentication) Remote Buffer Overflow
Novell eDirectory 8.8 SP5 - (Authenticated) Remote Buffer Overflow
httpdx 1.5.2 - Remote Pre-Authentication Denial of Service (PoC)
httpdx 1.5.2 - Remote Unauthenticated Denial of Service (PoC)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Crash (PoC)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Crash (PoC)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Remote Exploit
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Remote Exploit
Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow
Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (SEH) (PoC)
Easy~Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow (PoC)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC)
Easy~Ftp Server 1.7.0.2 - Authenticated Buffer Overflow (PoC)
httpdx 1.5.3b - Multiple Remote Pre-Authentication Denial of Service (PoC)
httpdx 1.5.3b - Multiple Remote Unauthenticated Denial of Service (PoC)
Kerio MailServer 6.2.2 - Pre-Authentication Remote Denial of Service (PoC)
Kerio MailServer 6.2.2 - Unauthenticated Remote Denial of Service (PoC)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Buffer Overflow (Metasploit)
eDisplay Personal FTP server 1.0.0 - Pre-Authentication Denial of Service (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Crash SEH (PoC)
eDisplay Personal FTP server 1.0.0 - Unauthenticated Denial of Service (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Crash SEH (PoC)
eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (1)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (1)
eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Stack Buffer Overflow (2)
eDisplay Personal FTP server 1.0.0 - Multiple Authenticated Stack Buffer Overflow (2)
uTorrent WebUI 0.370 - Authorization header Denial of Service
uTorrent WebUI 0.370 - Authorisation Header Denial of Service
Easy Ftp Server 1.7.0.2 - MKD Remote Post-Authentication Buffer Overflow
Easy Ftp Server 1.7.0.2 - MKD Remote Authenticated Buffer Overflow
ProSSHD 1.2 - Remote Post-Authentication Exploit (ASLR + DEP Bypass)
ProSSHD 1.2 - Remote Authenticated Exploit (ASLR + DEP Bypass)
Apache Axis2 Administration console - (Post-Authentication) Cross-Site Scripting
Apache Axis2 Administration console - (Authenticated) Cross-Site Scripting
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Pre-Authentication Denial of Service
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Unauthenticated Denial of Service
BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ALSR + DEP Bypass)
BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ASLR + DEP Bypass)
dotDefender 3.8-5 - Pre-Authentication Remote Code Execution (via Cross-Site Scripting)
dotDefender 3.8-5 - Unauthenticated Remote Code Execution (via Cross-Site Scripting)
Easy FTP Server 1.7.0.11 - (Post-Authentication) 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'MKD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Post-Authentication) 'CWD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) 'CWD' Command Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Post-Authentication) 'LIST' Command Remote Buffer Overflow (Metasploit)
Easy FTP Server 1.7.0.11 - (Authenticated) 'LIST' Command Remote Buffer Overflow (Metasploit)
UPlusFTP Server 1.7.1.01 - (Post-Authentication) HTTP Remote Buffer Overflow
UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Post-Authentication) Multiple Commands Remote Buffer Overflow
Easy FTP Server 1.7.0.11 - (Authenticated) Multiple Commands Remote Buffer Overflow
Achievo 1.4.3 - Multiple Authorization Flaws
Achievo 1.4.3 - Multiple Authorisation Flaws
PHPMotion 1.62 - 'FCKeditor' File Upload
PHPMotion 1.62 - 'FCKeditor' Arbitrary File Upload
Home FTP Server 1.11.1.149 - Post-Authentication Directory Traversal
Home FTP Server 1.11.1.149 - Authenticated Directory Traversal
News Script PHP Pro - 'FCKeditor' File Upload
News Script PHP Pro - 'FCKeditor' Arbitrary File Upload
Microsoft Windows 2003 - AD Pre-Authentication BROWSER ELECTION Remote Heap Overflow
Microsoft Windows 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow
ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Post-Authentication) Remote Buffer Overflow
ActFax Server FTP 4.25 Build 0221 (2010-02-11) - (Authenticated) Remote Buffer Overflow
Vtiger CRM 5.0.4 - Pre-Authentication Local File Inclusion
Vtiger CRM 5.0.4 - Unauthenticated Local File Inclusion
HP OpenView NNM 7.53/7.51 - OVAS.exe Pre-Authentication Stack Buffer Overflow
HP OpenView NNM 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow
MailEnable - Authorization Header Buffer Overflow
MailEnable - Authorisation Header Buffer Overflow
ColdFusion 8.0.1 - Arbitrary File Upload and Execution
Adobe RoboHelp Server 8 - Arbitrary File Upload and Execution
ColdFusion 8.0.1 - Arbitrary File Upload / Execution
Adobe RoboHelp Server 8 - Arbitrary File Upload / Execution
OpenX - banner-edit.php File Upload PHP Code Execution
OpenX - banner-edit.php Arbitrary File Upload / PHP Code Execution
Joomla 1.5.12 - tinybrowser File Upload Code Execution
Joomla 1.5.12 tinybrowser - Arbitrary File Upload / Code Execution
N_CMS 1.1E - Pre-Authentication Local File Inclusion / Remote Code Exploit
N_CMS 1.1E - Unauthenticated Local File Inclusion / Remote Code Exploit
If-CMS 2.07 - Pre-Authentication Local File Inclusion (1)
If-CMS 2.07 - Unauthenticated Local File Inclusion (1)
IPComp - encapsulation Pre-Authentication kernel memory Corruption
IPComp - encapsulation Unauthenticated kernel memory Corruption
SQL-Ledger 2.8.33 - Post-Authentication Local File Inclusion / Edit
SQL-Ledger 2.8.33 - Authenticated Local File Inclusion / Edit
Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (DEP + ASLR Bypass)
Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (ASLR + DEP Bypass)
Easy Ftp Server 1.7.0.2 - Post-Authentication Buffer Overflow
Easy Ftp Server 1.7.0.2 - Authenticated Buffer Overflow
ActFax Server FTP - (Post-Authentication) Remote Buffer Overflow
ActFax Server FTP - (Authenticated) Remote Buffer Overflow
If-CMS 2.07 - Pre-Authentication Local File Inclusion (Metasploit) (2)
If-CMS 2.07 - Unauthenticated Local File Inclusion (Metasploit) (2)
DVD X Player 5.5.0 Pro / Standard - Universal Exploit (DEP + ASLR Bypass)
DVD X Player 5.5.0 Pro / Standard - Universal Exploit (ASLR + DEP Bypass)
DVD X Player 5.5 Pro - (SEH DEP + ASLR Bypass) Exploit
DVD X Player 5.5 Pro - (SEH + ASLR + DEP Bypass) Exploit
TomatoCart 1.1 - Post-Authentication Local File Inclusion
TomatoCart 1.1 - Authenticated Local File Inclusion
BlazeVideo HDTV Player 6.6 Professional - Universal DEP + ASLR Bypass
BlazeVideo HDTV Player 6.6 Professional - Universal ASLR + DEP Bypass
QuiXplorer 2.3 - Bugtraq File Upload
QuiXplorer 2.3 - Bugtraq Arbitrary File Upload
QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR Bypass (Metasploit)
QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows (ASLR + DEP Bypass) (Metasploit)
Avaya WinPDM UniteHostRouter 3.8.2 - Remote Pre-Authentication Command Execution
Avaya WinPDM UniteHostRouter 3.8.2 - Remote Unauthenticated Command Execution
Sysax Multi Server 5.53 - SFTP Post-Authentication SEH Exploit
Sysax 5.53 - SSH 'Username' Buffer Overflow Pre-Authentication Remote Code Execution (Egghunter)
Sysax Multi Server 5.53 - SFTP Authenticated SEH Exploit
Sysax 5.53 - SSH 'Username' Buffer Overflow Unauthenticated Remote Code Execution (Egghunter)
BlazeVideo HDTV Player 6.6 Professional - SEH & DEP & ASLR
BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass
Dolibarr ERP & CRM 3 - Post-Authentication OS Command Injection
Dolibarr ERP & CRM 3 - Authenticated OS Command Injection
V-CMS - PHP File Upload and Execution
V-CMS - Arbitrary .PHP File Upload / Execution
WebCalendar 1.2.4 - Pre-Authentication Remote Code Injection
WebCalendar 1.2.4 - Unauthenticated Remote Code Injection
appRain CMF - Arbitrary PHP File Upload
appRain CMF - Arbitrary .PHP File Upload
EGallery - PHP File Upload
EGallery - Arbitrary .PHP File Upload
SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Post-Authentication SQL Injection
SpiceWorks 5.3.75941 - Persistent Cross-Site Scripting / Authenticated SQL Injection
WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary PHP File Upload
WordPress Front End Upload 0.5.4.4 Plugin - Arbitrary .PHP File Upload
WebPageTest - Arbitrary PHP File Upload
WebPageTest - Arbitrary .PHP File Upload
XODA 0.4.5 - Arbitrary PHP File Upload
XODA 0.4.5 - Arbitrary .PHP File Upload
Elcom CMS 7.4.10 - Community Manager Insecure File Upload
Elcom CMS 7.4.10 - Community Manager Insecure Arbitrary File Upload
Trend Micro Control Manager 5.5/6.0 AdHocQuery - Post-Authentication Blind SQL Injection
Trend Micro Control Manager 5.5/6.0 AdHocQuery - Authenticated Blind SQL Injection
Mod_SSL 2.8.x - Off-by-One HTAccess Buffer Overflow
Apache/mod_ssl 2.8.x - Off-by-One HTAccess Buffer Overflow
Dropbox Desktop Client 9.4.49 (64bit) - Local Credentials Disclosure
OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (1)
OpenSSL SSLv2 - Malformed Client Key Remote Buffer Overflow (2)
Apache/mod_ssl (< 2.8.7) OpenSSL - 'OpenFuck.c' Remote Exploit (1)
Apache/mod_ssl OpenSSL < 0.9.6d / < 0.9.7-beta2 - 'openssl-too-open.c' SSL2 KEY_ARG Overflow Exploit
qdPM 7.0 - Arbitrary PHP File Upload
qdPM 7.0 - Arbitrary .PHP File Upload
Oracle Database - Authentication Protocol Security Bypass
Oracle Database - Protocol Authentication Bypass
Mod_NTLM 0.x - Authorization Heap Overflow
Mod_NTLM 0.x - Authorisation Heap Overflow
Mod_NTLM 0.x - Authorization Format String
Mod_NTLM 0.x - Authorisation Format String
Geeklog 1.3.x - Authentication SQL Injection
Geeklog 1.3.x - Authenticated SQL Injection
NFR Agent FSFUI Record - Arbitrary File Upload Remote Code Execution
NFR Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution
PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload and Execution
PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload / Execution
MySQL - Remote Pre-Authentication User Enumeration
MySQL - Remote Unauthenticated User Enumeration
vbPortal 2.0 alpha 8.1 - Authentication SQL Injection
vbPortal 2.0 alpha 8.1 - Authenticated SQL Injection
DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (1)
DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (2)
DameWare Mini Remote Control Server 3.7x - Pre-Authentication Buffer Overflow (3)
DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (1)
DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (2)
DameWare Mini Remote Control Server 3.7x - Unauthenticated Buffer Overflow (3)
WordPress WP-Property Plugin - PHP File Upload
WordPress Asset-Manager Plugin - PHP File Upload
WordPress WP-Property Plugin - Arbitrary .PHP File Upload
WordPress Asset-Manager Plugin - Arbitrary .PHP File Upload
Ubiquiti AirOS 5.5.2 - Remote Post-Authentication Root Command Execution
Ubiquiti AirOS 5.5.2 - Remote Authenticated Root Command Execution
RobotFTP Server 1.0/2.0 - Remote Pre-Authentication Command Denial of Service
RobotFTP Server 1.0/2.0 - Remote Unauthenticated Command Denial of Service
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (1)
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorization Request Denial of Service (2)
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (1)
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (2)
Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload and Execution
Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload / Execution
Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun
Firebird 1.0 - Remote Unauthenticated Database Name Buffer Overrun
Novell NCP - Pre-Authentication Remote Root Exploit
Novell NCP - Unauthenticated Remote Root Exploit
Polar Helpdesk 3.0 - Cookie Based Authentication System Bypass
Polar Helpdesk 3.0 - Cookie Based Authentication Bypass
IRIS Citations Management Tool - (Post-Authentication) Remote Command Execution
IRIS Citations Management Tool - (Authenticated) Remote Command Execution
Polycom HDX - Telnet Authorization Bypass (Metasploit)
Polycom HDX - Telnet Authentication Bypass (Metasploit)
OpenEMR - PHP File Upload
OpenEMR - Arbitrary .PHP File Upload
PolarPearCMS - PHP File Upload
PolarPearCMS - Arbitrary .PHP File Upload
Apache 2.0.x - mod_ssl Remote Denial of Service
Apache/mod_ssl 2.0.x - Remote Denial of Service
phpWebSite 0.x - Image File Processing Arbitrary PHP File Upload
phpWebSite 0.x - Image File Processing Arbitrary .PHP File Upload
BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated File Upload
BetaParticle blog 2.0/3.0 - upload.asp Unauthenticated Arbitrary File Upload
BlueSoleil 1.4 - Object Push Service BlueTooth File Upload Directory Traversal
BlueSoleil 1.4 - Object Push Service BlueTooth Arbitrary File Upload / Directory Traversal
MoinMoin - twikidraw Action Traversal File Upload
MoinMoin - twikidraw Action Traversal Arbitrary File Upload
Mikrotik RouterOS sshd (ROSSSH) - Remote Pre-Authentication Heap Corruption
Mikrotik RouterOS sshd (ROSSSH) - Remote Unauthenticated Heap Corruption
Alt-N MDaemon 2-8 - Remote Pre-Authentication IMAP Buffer Overflow
Alt-N MDaemon 2-8 - Remote Unauthenticated IMAP Buffer Overflow
FlexWATCH 3.0 - AIndex.asp Authorization Bypass
FlexWATCH 3.0 - AIndex.asp Authentication Bypass
HP ProCurve Manager - SNAC UpdateDomainControllerServlet File Upload
HP ProCurve Manager SNAC - UpdateCertificatesServlet File Upload
HP ProCurve Manager - SNAC UpdateDomainControllerServlet Arbitrary File Upload
HP ProCurve Manager SNAC - UpdateCertificatesServlet Arbitrary File Upload
WordPress Curvo Themes - Cross-Site Request Forgery File Upload
WordPress Curvo Themes - Cross-Site Request Forgery / Arbitrary File Upload
WordPress Highlight Premium Theme - Cross-Site Request Forgery / File Upload
WordPress Highlight Premium Theme - Cross-Site Request Forgery / Arbitrary File Upload
PHPBB2 - Admin_Ug_Auth.php Administrative Security Bypass
PHPBB2 - Admin_Ug_Auth.php Administrative Bypass
Adobe Acrobat Reader - ASLR + DEP Bypass with SANDBOX Bypass
Adobe Acrobat Reader - ASLR + DEP Bypass with Sandbox Bypass
Castripper 2.50.70 - '.pls' DEP Exploit
Castripper 2.50.70 - '.pls' DEP Bypass Exploit
Google Urchin 5.7.3 - Report.cgi Authorization Bypass
Google Urchin 5.7.3 - Report.cgi Authentication Bypass
Adobe Flash - Method Calls Use-After-Free
Adobe Flash - Transform.colorTranform Getter Info Leak
RSA Authentication Agent for Web 5.3 - URI redirection
RSA Authentication Agent for Web 5.3 - URI Redirection
Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow
Zabbix 2.0 - 3.0.3 - SQL Injection
ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload Arbitrary Code Execution
ClassSystem 2.0/2.3 - class/ApplyDB.php Unrestricted Arbitrary File Upload / Arbitrary Code Execution
Apple iCloud Desktop Client 5.2.1.0 - Local Credentials Disclosure
LogMeIn Client 1.3.2462 (64bit) - Local Credentials Disclosure
SpagoBI 4.0 - Arbitrary Cross-Site Scripting / File Upload
SpagoBI 4.0 - Arbitrary Cross-Site Scripting / Arbitrary File Upload
Katello (Red Hat Satellite) - users/update_roles Missing Authorization
Katello (Red Hat Satellite) - users/update_roles Missing Authorisation
Freepbx 13.0.x < 13.0.154 - Remote Command Execution
FreePBX 13.0.x < 13.0.154 - Unauthenticated Remote Command Execution
Jobberbase 2.0 - Multiple Vulnerabilities
Windows x86 - Bind Shell TCP Shellcode
WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated File Upload
WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated Arbitrary File Upload
Bits Video Script 2.04/2.05 - 'addvideo.php' File Upload / Arbitrary PHP Code Execution
Bits Video Script 2.04/2.05 - 'register.php' File Upload / Arbitrary PHP Code Execution
Bits Video Script 2.04/2.05 - 'addvideo.php' Arbitrary File Upload / Arbitrary PHP Code Execution
Bits Video Script 2.04/2.05 - 'register.php' Arbitrary File Upload / Arbitrary PHP Code Execution
Moab < 7.2.9 - Authorization Bypass
Moab < 7.2.9 - Authentication Bypass
Tapatalk for vBulletin 4.x - Pre-Authentication Blind SQL Injection
Tapatalk for vBulletin 4.x - Unauthenticated Blind SQL Injection
Drupal Core < 7.32 - Pre-Authentication SQL Injection
Drupal Core < 7.32 - Unauthenticated SQL Injection
Tincd - Post-Authentication Remote TCP Stack Buffer Overflow
Tincd - Authenticated Remote TCP Stack Buffer Overflow
PMB 4.1.3 - Post-Authentication SQL Injection
PMB 4.1.3 - Authenticated SQL Injection
Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Authentication Remote Code Execution
Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Unauthenticated Remote Code Execution
ManageEngine Multiple Products - Authenticated File Upload
ManageEngine Multiple Products - Authenticated Arbitrary File Upload
Chyrp 2.x - swfupload Extension upload_handler.php File Upload Arbitrary PHP Code Execution
X360 VideoPlayer ActiveX Control 2.6 - (Full ASLR + DEP Bypass)
Chyrp 2.x - swfupload Extension upload_handler.php Arbitrary File Upload / Arbitrary PHP Code Execution
X360 VideoPlayer ActiveX Control 2.6 - (ASLR + DEP Bypass)
Seagate Business NAS 2014.00319 - Pre-Authentication Remote Code Execution
Seagate Business NAS 2014.00319 - Unauthenticated Remote Code Execution
Symantec Web Gateway 5 - restore.php Post-Authentication Command Injection
Symantec Web Gateway 5 - restore.php Authenticated Command Injection
JBoss Seam 2 - Arbitrary File Upload and Execution
JBoss Seam 2 - Arbitrary File Upload / Execution
Barracuda Firmware 5.0.0.012 - Post-Authentication Remote Root Exploit (Metasploit)
Barracuda Firmware 5.0.0.012 - Authenticated Remote Root Exploit (Metasploit)
Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted File Upload / Arbitrary Code Execution
Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted Arbitrary File Upload / Arbitrary Code Execution
WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload and Execution
WordPress RevSlider 3.0.95 Plugin - Arbitrary File Upload / Execution
JibberBook 2.3 - 'Login_form.php' Authentication Security Bypass
JibberBook 2.3 - 'Login_form.php' Authentication Bypass
Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter File Upload / Code Execution
Acuity CMS 2.6.2 - (ASP ) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution
Zenoss 3.2.1 - Remote Post-Authentication Command Execution
Zenoss 3.2.1 - Remote Authenticated Command Execution
Microweber 1.0.3 - Arbitrary File Upload Filter Bypass Remote PHP Code Execution
Microweber 1.0.3 - Arbitrary File Upload / Filter Bypass / Remote PHP Code Execution
Magento CE < 1.9.0.1 - Post-Authentication Remote Code Execution
Magento CE < 1.9.0.1 - Authenticated Remote Code Execution
Netsweeper 4.0.9 - Arbitrary File Upload and Execution
Netsweeper 4.0.9 - Arbitrary File Upload / Execution
Netsweeper 4.0.8 - Arbitrary File Upload and Execution
Netsweeper 4.0.8 - Arbitrary File Upload / Execution
EasyITSP - 'customers_edit.php' Authentication Security Bypass
EasyITSP - 'customers_edit.php' Authentication Bypass
Wolf CMS - Arbitrary File Upload and Execution
Wolf CMS - Arbitrary File Upload / Execution
Konica Minolta FTP Utility 1.00 - Post-Authentication CWD Command SEH Overflow
Konica Minolta FTP Utility 1.00 - Authenticated CWD Command SEH Overflow
GLPI 0.85.5 - Remote Code Execution (via File Upload Filter Bypass)
GLPI 0.85.5 - Arbitrary File Upload / Filter Bypass / Remote Code Execution
Dream CMS 2.3.0 - Cross-Site Request Forgery Add Extension / Arbitrary File Upload PHP Code Execution
Dream CMS 2.3.0 - Cross-Site Request Forgery (Add Extension) / Arbitrary File Upload / PHP Code Execution
vBulletin 5.1.x - Pre-Authentication Remote Code Execution
vBulletin 5.1.x - Unauthenticated Remote Code Execution
WordPress Ninja Forms 2.7.7 Plugin - Authorization Bypass
WordPress WP to Twitter Plugin - Authorization Bypass
WordPress Ninja Forms 2.7.7 Plugin - Authentication Bypass
WordPress WP to Twitter Plugin - Authentication Bypass
Novell ServiceDesk - Authenticated File Upload
Novell ServiceDesk - Authenticated Arbitrary File Upload
Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated File Upload
Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated Arbitrary File Upload
Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal DEP + ASLR Bypass)
Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal ASLR + DEP Bypass)
phpATM 1.32 - Remote Command Execution (Arbitrary File Upload) on Windows Servers
phpATM 1.32 - Arbitrary File Upload / Remote Command Execution (Windows Servers)
vBulletin 5.x/4.x - Post-Authentication Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API
vBulletin 4.x - Post-Authentication SQL Injection in breadcrumbs via xmlrpc API
vBulletin 5.x/4.x - Authenticated Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API
vBulletin 4.x - Authenticated SQL Injection in breadcrumbs via xmlrpc API
Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit)
Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit)
Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Post-Authentication Remote Root Exploit (Metasploit) (3)
Barracuda Web Application Firewall 8.0.1.008 - Post-Authentication Remote Root Exploit (Metasploit)
Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) (3)
Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Root Exploit (Metasploit)
phpMyAdmin 4.6.2 - Post-Authentication Remote Code Execution
phpMyAdmin 4.6.2 - Authenticated Remote Code Execution
vBulletin 5.2.2 - Pre-Authentication Server Side Request Forgery (SSRF)
vBulletin 5.2.2 - Unauthenticated Server Side Request Forgery (SSRF)
ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authorization Bypass
ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass
2016-09-09 05:09:09 +00:00
Offensive Security
d36011b4f9
DB: 2016-09-07
...
3 new exploits
Too many to list!
2016-09-07 05:09:19 +00:00
Offensive Security
5e2fc10125
DB: 2016-09-03
2016-09-03 13:13:25 +00:00
Offensive Security
31a21bb68d
DB: 2016-09-03
...
14 new exploits
Too many to list!
2016-09-03 05:08:42 +00:00
Offensive Security
760d823bc8
DB: 2016-08-30
...
18 new exploits
Too many to list!
2016-08-30 05:08:40 +00:00
Offensive Security
4011b4f053
DB: 2016-08-27
2016-08-27 05:08:40 +00:00
Offensive Security
24a0e1921a
DB: 2016-08-16
2016-08-16 20:39:41 +00:00
Offensive Security
75085bf1d7
DB: 2016-08-03
...
7 new exploits
Real Server 7/8/9 - Remote Root Exploit (Windows & Linux)
Real Server 7/8/9 - Remote Root Exploit (Windows / Linux)
Apache mod_gzip (with debug_mode) <= 1.2.26.1a - Remote Exploit
Apache mod_gzip (with debug_mode) 1.2.26.1a - Remote Exploit
BSD & Linux - umount Local Root Exploit
BSD & Linux umount - Local Root Exploit
BSD & Linux - lpr Command Local Root Exploit
BSD & Linux lpr - Local Root Exploit
Battlefield 1942 <= 1.6.19 + Vietnam 1.2 - Broadcast Client Crash
Battlefield 1942 1.6.19 + Vietnam 1.2 - Broadcast Client Crash
PHP 4.3.9 & phpBB 2.x - unserialize() Remote Exploit (compiled)
PHP 4.3.9 + phpBB 2.x - unserialize() Remote Exploit (Compiled)
Soldier of Fortune 2 <= 1.03 - 'cl_guid' Server Crash
Soldier of Fortune 2 1.03 - 'cl_guid' Server Crash
Download Center Lite (DCL) <= 1.5 - Remote File Inclusion
Download Center Lite (DCL) 1.5 - Remote File Inclusion
Linux Mandrake 10.2 - cdrdao Local Root Exploit (unfixed)
cdrdao (Mandrake 10.2) - Local Root Exploit
MyBulletinBoard (MyBB) <= 1.00 RC4 - SQL Injection Exploit
MyBulletinBoard (MyBB) 1.00 RC4 - SQL Injection Exploit
e107 <= 0.617 - XSS Remote Cookie Disclosure Exploit
e107 0.617 - XSS Remote Cookie Disclosure Exploit
MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit
MyBulletinBoard (MyBB) 1.00 RC4 SQL Injection Exploit
F-Secure Internet Gatekeeper for Linux < 2.15.484 - Local Root Exploit
F-Secure Internet Gatekeeper for Linux < 2.15.484 (and Gateway < 2.16) - Local Root Exploit
MyBulletinBoard (MyBB) <= 1.03 - Multiple SQL Injection Exploit
MyBulletinBoard (MyBB) 1.03 - Multiple SQL Injection Exploit
MyBulletinBoard (MyBB) <= 1.03 - (misc.php COMMA) SQL Injection
MyBulletinBoard (MyBB) 1.03 - (misc.php COMMA) SQL Injection
MyBulletinBoard (MyBB) <= 1.04 - (misc.php COMMA) SQL Injection (2)
MyBulletinBoard (MyBB) 1.04 - (misc.php COMMA) SQL Injection (2)
Content-Builder (CMS) <= 0.7.2 - Multiple Include Vulnerabilities
Content-Builder (CMS) 0.7.2 - Multiple Include Vulnerabilities
MyBulletinBoard (MyBB) <= 1.1.3 - (usercp.php) Create Admin Exploit
MyBulletinBoard (MyBB) 1.1.3 - (usercp.php) Create Admin Exploit
DZCP (deV!L_z Clanportal) <= 1.34 - (id) SQL Injection Exploit
DZCP (deV!L_z Clanportal) 1.34 - (id) SQL Injection Exploit
Invision Power Board 2.1 <= 2.1.6 - SQL Injection Exploit
Invision Power Board 2.1 <= 2.1.6 - SQL Injection Exploit (1)
MyBulletinBoard (MyBB) <= 1.1.5 - (CLIENT-IP) SQL Injection Exploit
MyBulletinBoard (MyBB) 1.1.5 - (CLIENT-IP) SQL Injection Exploit
PHP Live! <= 3.2.1 - (help.php) Remote Inclusion
PHP Live! 3.2.1 - (help.php) Remote Inclusion
Les Visiteurs (Visitors) <= 2.0 - (config.inc.php) File Include
Les Visiteurs (Visitors) 2.0 - (config.inc.php) File Include
Electronic Engineering Tool (EE TOOL) <= 0.4.1 File Include
Electronic Engineering Tool (EE TOOL) 0.4.1 File Include
DZCP (deV!L_z Clanportal) <= 1.3.6 - Arbitrary File Upload
DZCP (deV!L_z Clanportal) 1.3.6 - Arbitrary File Upload
Tucows Client Code Suite (CSS) <= 1.2.1015 File Include
Tucows Client Code Suite (CSS) 1.2.1015 File Include
KDE 3.5 - (libkhtml) <= 4.2.0 / Unhandled HTML Parse Exception Exploit
KDE 3.5 - (libkhtml) 4.2.0 / Unhandled HTML Parse Exception Exploit
DZCP (deV!L_z Clanportal) <= 1.4.5 - Remote File Disclosure
DZCP (deV!L_z Clanportal) 1.4.5 - Remote File Disclosure
McAfee VirusScan for Mac (Virex) <= 7.7 - Local Root Exploit
McAfee VirusScan for Mac (Virex) 7.7 - Local Root Exploit
WEBO (Web Organizer) <= 1.0 - (baseDir) Remote File Inclusion
WEBO (Web Organizer) 1.0 - (baseDir) Remote File Inclusion
Net Portal Dynamic System (NPDS) <= 5.10 - Remote Code Execution
Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution
Katalog Plyt Audio (pl) <= 1.0 - SQL Injection Exploit
Katalog Plyt Audio (pl) 1.0 - SQL Injection Exploit
study planner (studiewijzer) <= 0.15 - Remote File Inclusion
study planner (studiewijzer) 0.15 - Remote File Inclusion
MyBulletinBoard (MyBB) <= 1.2.3 - Remote Code Execution Exploit
MyBulletinBoard (MyBB) 1.2.3 - Remote Code Execution Exploit
MyBulletinBoard (MyBB) <= 1.2.2 - (CLIENT-IP) SQL Injection Exploit
MyBulletinBoard (MyBB) 1.2.2 - (CLIENT-IP) SQL Injection Exploit
MyBulletinBoard (MyBB) <= 1.2.5 calendar.php Blind SQL Injection Exploit
MyBulletinBoard (MyBB) 1.2.5 calendar.php Blind SQL Injection Exploit
Net Portal Dynamic System (NPDS) <= 5.10 - Remote Code Execution (2)
Net Portal Dynamic System (NPDS) 5.10 - Remote Code Execution (2)
LAN Management System (LMS) <= 1.9.6 - Remote File Inclusion Exploit
LAN Management System (LMS) 1.9.6 - Remote File Inclusion Exploit
Ripe Website Manager (CMS) <= 0.8.9 - Remote File Inclusion
Ripe Website Manager (CMS) 0.8.9 - Remote File Inclusion
Simple PHP Blog (sphpblog) <= 0.5.1 - Multiple Vulnerabilities
Simple PHP Blog (sphpblog) 0.5.1 - Multiple Vulnerabilities
TaskFreak! <= 0.6.1 - SQL Injection
TaskFreak! 0.6.1 - SQL Injection
MyBulletinBoard (MyBB) <= 1.2.10 - Remote Code Execution Exploit
mybulletinboard (mybb) <= 1.2.10 - Multiple Vulnerabilities
MyBulletinBoard (MyBB) 1.2.10 - Remote Code Execution Exploit
mybulletinboard (mybb) 1.2.10 - Multiple Vulnerabilities
MyBulletinBoard (MyBB) <= 1.2.11 - private.php SQL Injection Exploit
MyBulletinBoard (MyBB) 1.2.11 - private.php SQL Injection Exploit
PHP Live! <= 3.2.2 - (questid) SQL Injection (1)
PHP Live! 3.2.2 - (questid) SQL Injection (1)
Web Group Communication Center (WGCC) <= 1.0.3 - SQL Injection
Web Group Communication Center (WGCC) 1.0.3 - SQL Injection
C6 Messenger ActiveX Remote Download & Execute Exploit
C6 Messenger ActiveX - Remote Download & Execute Exploit
eLineStudio Site Composer (ESC) <= 2.6 - Multiple Vulnerabilities
eLineStudio Site Composer (ESC) 2.6 - Multiple Vulnerabilities
Simple PHP Blog (SPHPBlog) <= 0.5.1 Code Execution Exploit
Simple PHP Blog (SPHPBlog) 0.5.1 Code Execution Exploit
MyBulletinBoard (MyBB) <= 1.2.11 - private.php SQL Injection Exploit (2)
MyBulletinBoard (MyBB) 1.2.11 - private.php SQL Injection Exploit (2)
DZCP (deV!L_z Clanportal) <= 1.4.9.6 - Blind SQL Injection Exploit
DZCP (deV!L_z Clanportal) 1.4.9.6 - Blind SQL Injection Exploit
Amaya Web Editor XML and HTML parser Vulnerabilities
Amaya Web Editor - XML and HTML parser Vulnerabilities
CMS WEBjump! Multiple SQL Injection
CMS WEBjump! - Multiple SQL Injection
RQms (Rash) <= 1.2.2 - Multiple SQL Injection
RQms (Rash) 1.2.2 - Multiple SQL Injection
Online Grades & Attendance 3.2.6 Credentials Changer SQL Exploit
Online Grades & Attendance 3.2.6 - Credentials Changer SQL Exploit
Apple Safari & Quicktime Denial of Service
Apple Safari & Quicktime - Denial of Service
AudioPLUS 2.00.215 - (.lst & .m3u) Local Buffer Overflow (SEH)
AudioPLUS 2.00.215 - (.lst / .m3u) Local Buffer Overflow (SEH)
PHP Live! <= 3.2.2 - (questid) SQL Injection (2)
PHP Live! 3.2.2 - (questid) SQL Injection (2)
TwonkyMedia Server 4.4.17 & <= 5.0.65 - XSS
TwonkyMedia Server 4.4.17 / 5.0.65 - XSS
Adobe Shockwave 11.5.1.601 Player Multiple Code Execution
Adobe Shockwave 11.5.1.601 Player - Multiple Code Execution
NAS Uploader 1.0 & 1.5 - Remote File Upload
NAS Uploader 1.0 / 1.5 - Remote File Upload
PlayMeNow 7.3 & 7.4 - Buffer Overflow (Metasploit)
PlayMeNow 7.3 / 7.4 - Buffer Overflow (Metasploit)
Nuked KLan 1.7.7 & <= SP4 DoS
Nuked KLan 1.7.7 & SP4 DoS
Aqua Real 1.0 & 2.0 - Local Crash PoC
Aqua Real 1.0 / 2.0 - Local Crash PoC
FreePBX 2.5.x < 2.6.0 - Permanent Cross-Site Scripting (XSS)
FreePBX 2.5.x < 2.6.0 - Permanent Cross-Site Scripting
Ipswitch IMAIL 11.01 reversible encryption + weak ACL
Ipswitch IMAIL 11.01 - reversible encryption + weak ACL
justVisual 2.0 - (index.php) <= LFI
justVisual 2.0 - (index.php) LFI
Simple Machines Forum (SMF) <= 1.1.8 - (avatar) Remote PHP File Execute PoC
Simple Machines Forum (SMF) 1.1.8 - (avatar) Remote PHP File Execute PoC
SafeSHOP 1.5.6 - Cross-Site Scripting & Multiple Cross-Site Request Forgery
SafeSHOP 1.5.6 - Cross-Site Scripting / Multiple Cross-Site Request Forgery
McAfee Email Gateway (formerly IronMail) - Cross-Site Scripting (XSS)
McAfee Email Gateway (formerly IronMail) - Cross-Site Scripting
Local Glibc shared library (.so) <= 2.11.1 Exploit
Local Glibc shared library (.so) 2.11.1 Exploit
Safari 4.0.3 & 4.0.4 - Stack Exhaustion
Safari 4.0.3 / 4.0.4 - Stack Exhaustion
Apache Axis2 administration console - Cross-Site Scripting (XSS) (Authenticated)
Apache Axis2 administration console - (Authenticated) Cross-Site Scripting
CubeCart PHP (shipkey parameter) <= 4.3.x - SQL Injection
CubeCart PHP (shipkey parameter) 4.3.x - SQL Injection
Joomla Health & Fitness Stats Persistent XSS
Joomla Health & Fitness Stats - Persistent XSS
PunBB 1.3.4 & Pun_PM 1.2.6 - Remote Blind SQL Injection Exploit
PunBB 1.3.4 / Pun_PM 1.2.6 - Remote Blind SQL Injection Exploit
MyIT CRM - Multiple Cross-Site Scripting (XSS)
MyIT CRM - Multiple Cross-Site Scripting
Adobe Dreamweaver CS5 <= 11.0 build 4909 - DLL Hijacking Exploit (mfc90loc.dll)
Adobe Dreamweaver CS5 11.0 build 4909 - DLL Hijacking Exploit (mfc90loc.dll)
Avast! <= 5.0.594 - license files DLL Hijacking Exploit (mfc90loc.dll)
Avast! 5.0.594 - (mfc90loc.dll) License Files DLL Hijacking Exploit
BlogBird Platform Multiple XSS Vulnerabilities
BlogBird Platform - Multiple XSS Vulnerabilities
Joomla Component (btg_oglas) HTML & XSS Injection
Joomla Component (btg_oglas) - HTML / XSS Injection
Lotus CMS Fraise 3.0 - LFI & Remote Code Execution Exploit
Lotus CMS Fraise 3.0 - LFI / Remote Code Execution Exploit
Novell ZenWorks 10 & 11 - TFTPD Remote Code Execution
Novell ZenWorks 10 / 11 - TFTPD Remote Code Execution
CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow (1)
CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (1)
CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow (2)
CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (2)
CA BrightStor ARCserve for Laptops & Desktops LGServer Buffer Overflow (3)
CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (3)
CA BrightStor ARCserve for Laptops & Desktops LGServer Multiple Commands Buffer Overflow
CA BrightStor ARCserve for Laptops & Desktops LGServer - Multiple Commands Buffer Overflow
SmarterMail 7.3 & 7.4 - Multiple Vulnerabilities
SmarterMail 7.3 / 7.4 - Multiple Vulnerabilities
OpenSLP 1.2.1 & < 1647 trunk - Denial of Service Exploit
OpenSLP 1.2.1 / < 1647 trunk - Denial of Service Exploit
ScadaTEC ModbusTagServer & ScadaPhone (.zip) Buffer Overflow Exploit (0Day)
ScadaTEC ModbusTagServer & ScadaPhone - (.zip) Buffer Overflow Exploit (0Day)
MARINET CMS (room.php) <= Blind SQL
MARINET CMS (room.php) Blind SQL
phpMyAdmin 3.3.x & 3.4.x - Local File Inclusion via XXE Injection (Metasploit)
phpMyAdmin 3.3.x / 3.4.x - Local File Inclusion via XXE Injection (Metasploit)
ContaoCMS (aka TYPOlight) <= 2.11 - CSRF (Delete Admin & Delete Article)
ContaoCMS (aka TYPOlight) 2.11 - CSRF (Delete Admin / Delete Article)
Ricoh DC Software DL-10 FTP Server (SR10.exe) <= 1.1.0.6 - Remote Buffer Overflow
Ricoh DC Software DL-10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow
Simple PHP Agenda 2.2.8 - CSRF (Add Admin & Add Event)
Simple PHP Agenda 2.2.8 - CSRF (Add Admin / Add Event)
SumatraPDF 2.0.1 - (.chm) & (.mobi) Memory Corruption
SumatraPDF 2.0.1 - (.chm / .mobi) Memory Corruption
Dolibarr ERP & CRM 3 Post-Auth OS Command Injection
Dolibarr ERP & CRM OS Command Injection
Dolibarr ERP & CRM 3 - Post-Auth OS Command Injection
Dolibarr ERP & CRM - OS Command Injection
Microsoft Data Access Components (MDAC) <= 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS (1)
Microsoft Data Access Components (MDAC) <= 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS (2)
Microsoft Data Access Components (MDAC) 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS (1)
Microsoft Data Access Components (MDAC) 2.1_Microsoft IIS 3.0/4.0_Microsoft Index Server 2.0_Microsoft Site Server Commerce Edition 3.0 i386 MDAC RDS (2)
sflog! <= 1.00 - Multiple Vulnerabilities
sflog! 1.00 - Multiple Vulnerabilities
Inter7 vpopmail (vchkpw) <= 3.4.11 - Buffer Overflow
Inter7 vpopmail (vchkpw) 3.4.11 - Buffer Overflow
White Label CMS 1.5 - CSRF & Persistent XSS
White Label CMS 1.5 - CSRF / Persistent XSS
AIX 3.x/4.x & Windows 95/98/2000/NT 4 & SunOS 5 gethostbyname() - Buffer Overflow
AIX 3.x/4.x / Windows 95/98/2000/NT 4 / SunOS 5 gethostbyname() - Buffer Overflow
gdb (GNU debugger) <= 7.5.1NULL Pointer Dereference
gdb (GNU debugger) 7.5.1NULL Pointer Dereference
Adam Webb NukeJokes 1.7/2.0 Module Multiple Parameter XSS
Adam Webb NukeJokes 1.7/2.0 - Module Multiple Parameter XSS
Polycom HDX Telnet Authorization Bypass (Metasploit)
Polycom HDX - Telnet Authorization Bypass (Metasploit)
Joomla! <= 3.0.2 - (highlight.php) PHP Object Injection
Joomla! 3.0.2 - (highlight.php) PHP Object Injection
Joomla! <= 3.0.3 (remember.php) - PHP Object Injection
Joomla! 3.0.3 (remember.php) - PHP Object Injection
Active Auction House Default.ASP Multiple SQL Injection
Active Auction House - Default.ASP Multiple SQL Injection
Aenovo Multiple Unspecified Cross-Site Scripting Vulnerabilities
Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities
Alisveristr E-commerce Login Multiple SQL Injection
Alisveristr E-commerce Login - Multiple SQL Injection
Cline Communications Multiple SQL Injection
Cline Communications - Multiple SQL Injection
Andy Mack 35mm Slide Gallery 6.0 popup.php Multiple Parameter XSS
Andy Mack 35mm Slide Gallery 6.0 - popup.php Multiple Parameter XSS
Apple Safari 6.0.1 for iOS 6.0 and OS X 10.7/8 - Heap Buffer Overflow
Apple Safari 6.0.1 for iOS 6.0 / OS X 10.7/8 - Heap Buffer Overflow
AIOCP 1.3.x cp_forum_view.php Multiple Parameter XSS
AIOCP 1.3.x - cp_forum_view.php Multiple Parameter XSS
AIOCP 1.3.x cp_news.php Multiple Parameter SQL Injection
AIOCP 1.3.x - cp_news.php Multiple Parameter SQL Injection
AIOCP 1.3.x cp_newsletter.php Multiple Parameter SQL Injection
AIOCP 1.3.x cp_links.php Multiple Parameter SQL Injection
AIOCP 1.3.x - cp_newsletter.php Multiple Parameter SQL Injection
AIOCP 1.3.x - cp_links.php Multiple Parameter SQL Injection
AIOCP 1.3.x cp_show_ec_products.php Multiple Parameter SQL Injection
AIOCP 1.3.x - cp_show_ec_products.php Multiple Parameter SQL Injection
20/20 Applications Data Shed 1.0 listings.asp Multiple Parameter SQL Injection
20/20 Applications Data Shed 1.0 - listings.asp Multiple Parameter SQL Injection
ClickContact Default.ASP Multiple SQL Injection
ClickContact - Default.ASP Multiple SQL Injection
Onpub CMS 1.4 & 1.5 - Multiple SQL Injection
Onpub CMS 1.4 / 1.5 - Multiple SQL Injection
Apache + PHP < 5.3.12 & < 5.4.2 - cgi-bin Remote Code Execution Exploit
Apache + PHP < 5.3.12 / < 5.4.2 - cgi-bin Remote Code Execution Exploit
Apache + PHP < 5.3.12 & < 5.4.2 - Remote Code Execution (Multithreaded Scanner)
Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner)
ClientExec 3.0 Index.php Multiple Cross-Site Scripting Vulnerabilities
ClientExec 3.0 - Index.php Multiple Cross-Site Scripting Vulnerabilities
AbleDesign MyCalendar 2.20.3 Index.php Multiple Cross-Site Scripting Vulnerabilities
AbleDesign MyCalendar 2.20.3 - Index.php Multiple Cross-Site Scripting Vulnerabilities
AlstraSoft Affiliate Network Pro 8.0 merchants/index.php Multiple Parameter XSS
AlstraSoft Affiliate Network Pro 8.0 - merchants/index.php Multiple Parameter XSS
File(1) <= 4.13 Command File_PrintF Integer Underflow
File(1) 4.13 Command File_PrintF Integer Underflow
ACDSee 9.0 Photo Manager Multiple BMP Denial of Service Vulnerabilities
ACDSee 9.0 Photo Manager - Multiple BMP Denial of Service Vulnerabilities
Ahhp Portal Page.php Multiple Remote File Inclusion
Ahhp Portal - Page.php Multiple Remote File Inclusion
Apple QuickTime 7.1.5 Information Disclosure and Multiple Code Execution Vulnerabilities
Apple QuickTime 7.1.5 - Information Disclosure / Multiple Code Execution Vulnerabilities
OpenBase 10.0.x - (Buffer Overflow & Remote Command Execution) Multiple Vulnerabilities
OpenBase 10.0.x - Buffer Overflow / Remote Command Execution
AIDA Web Frame.HTML Multiple Unauthorized Access Vulnerabilities
AIDA Web - Frame.HTML Multiple Unauthorized Access Vulnerabilities
Absolute News Manager .NET 5.1 xlaabsolutenm.aspx Multiple Parameter SQL Injection
Absolute News Manager .NET 5.1 - xlaabsolutenm.aspx Multiple Parameter SQL Injection
Adobe Acrobat and Reader 8.1.1 - Multiple Arbitrary Code Execution and Security Vulnerabilities
Adobe Acrobat and Reader 8.1.1 - Multiple Arbitrary Code Execution / Security Vulnerabilities
Apple iPhone and iPod Touch < 2.0 - Multiple Remote Vulnerabilities
Apple iPhone / Apple iPod Touch < 2.0 - Multiple Remote Vulnerabilities
HPSystem Management Homepage (SMH) <= 2.1.12 - 'message.php' Cross-Site Scripting
HPSystem Management Homepage (SMH) 2.1.12 - 'message.php' Cross-Site Scripting
Apple iPhone 1.1.4/2.0 and iPod 1.1.4/2.0 touch Safari WebKit 'alert()' Function Remote Denial of Service
Apple iPhone 1.1.4/2.0 and iPod 1.1.4/2.0 touch Safari WebKit - 'alert()' Function Remote Denial of Service
3Com Wireless 8760 Dual-Radio 11a/b/g PoE Multiple Security Vulnerabilities
3Com Wireless 8760 Dual-Radio 11a/b/g PoE - Multiple Security Vulnerabilities
AlmondSoft Multiple Classifieds Products index.php replid Parameter SQL Injection
AlmondSoft Multiple Classifieds Products index.php Multiple Parameter XSS
AlmondSoft Multiple Classifieds Products - index.php replid Parameter SQL Injection
AlmondSoft Multiple Classifieds Products - index.php Multiple Parameter XSS
Linux Kernel 2.6.x (2.6.0 <= 2.6.31) - 'pipe.c' Local Privilege Escalation (1)
Linux Kernel 2.6.0 <= 2.6.31 - 'pipe.c' Local Privilege Escalation (1)
CMS Source Multiple Input Validation Vulnerabilities
CMS Source - Multiple Input Validation Vulnerabilities
123 Flash Chat = Multiple Security Vulnerabilities
123 Flash Chat - Multiple Security Vulnerabilities
Pimcore 3.0 & 2.3.0 CMS - SQL Injection
Pimcore 3.0 / 2.3.0 CMS - SQL Injection
Apple Mac OS X 10.6.5 And iOS 4.3.3 Mail Denial of Service
Apple Mac OS X 10.6.5 / iOS 4.3.3 Mail - Denial of Service
CmyDocument Multiple Cross-Site Scripting Vulnerabilities
CmyDocument - Multiple Cross-Site Scripting Vulnerabilities
OTRS < 3.1.x & < 3.2.x & < 3.3.x - Stored Cross-Site Scripting (XSS)
OTRS < 3.1.x / < 3.2.x / < 3.3.x - Stored Cross-Site Scripting
OYO File Manager 1.1 (iOS & Android) - Multiple Vulnerabilities
OYO File Manager 1.1 (iOS / Android) - Multiple Vulnerabilities
Airdroid iOS_ Android & Win 3.1.3 - Persistent
Airdroid iOS / Android / Win 3.1.3 - Persistent
SMF (Simple Machine Forum) <= 2.0.10 - Remote Memory Exfiltration Exploit
SMF (Simple Machine Forum) 2.0.10 - Remote Memory Exfiltration Exploit
Air Drive Plus Multiple Input Vallidation Vulnerabilities
Air Drive Plus - Multiple Input Vallidation Vulnerabilities
Collabtive Multiple Security Vulnerabilities
Collabtive - Multiple Security Vulnerabilities
Open Upload 0.4.2 - (Add Admin) CSRF
Wireshark 1.12.0 to 1.12.12 - NDS Dissector Denial of Service
Wireshark 2.0.0 to 2.0.4 - MMSE_ WAP_ WBXML_ and WSP Dissectors Denial of Service
Wireshark 2.0.0 to 2.0.4 - CORBA IDL Dissectors Denial of Service
Wireshark 2.0.0 to 2.0.4_ 1.12.0 to 1.12.12 - PacketBB Dissector Denial of Service
Wireshark 2.0.0 to 2.0.4_ 1.12.0 to 1.12.12 - WSP Dissector Denial of Service
Wireshark 2.0.0 to 2.0.4_ 1.12.0 to 1.12.12 - RLC Dissector Denial of Service
2016-08-03 05:06:13 +00:00
Offensive Security
d1e88dd6d0
DB: 2016-07-30
2016-07-30 07:05:01 +00:00
Offensive Security
13e9ec719b
DB: 2016-07-14
...
17 new exploits
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (2)
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (3)
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (4)
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (5)
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (6)
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (7)
Adobe Flash Player 22.0.0.192 - DefineBitsJPEG2 Memory Corruption
Adobe Flash Player 22.0.0.192 - DefineSprite Memory Corruption
Adobe Flash Player 22.0.0.192 - TAG Memory Corruption
Adobe Flash Player 22.0.0.192 - SceneAndFrameData Memory Corruption
Windows x86 URLDownloadToFileA()+SetFileAttributesA()+WinExec()+ExitProcess() Shellcode
GSX Analyzer 10.12 and 11 - Main.swf Hardcoded Superadmin Credentials
MS16-032 Secondary Logon Handle Privilege Escalation
Riverbed SteelCentral NetProfiler/NetExpress Remote Code Execution
Apache Archiva 1.3.9 - Multiple CSRF Vulnerabilities
Linux x86 Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10
2016-07-14 05:05:01 +00:00
Offensive Security
fc4bc08825
DB: 2016-07-12
...
15 new exploits
Apache HTTPd - Arbitrary Long HTTP Headers DoS
Apache HTTPd - Arbitrary Long HTTP Headers DoS (Perl)
Apache HTTPd - Arbitrary Long HTTP Headers DoS
Apache HTTPd - Arbitrary Long HTTP Headers DoS (C)
Mercury Mail 4.01 (Pegasus) IMAP Buffer Overflow Exploit (c code)
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow Exploit (C) (1)
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (2) (c code)
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (C) (2)
Webhints <= 1.03 - Remote Command Execution Exploit (perl code) (1)
Webhints <= 1.03 - Remote Command Execution Exploit (c code) (2)
Webhints <= 1.03 - Remote Command Execution Exploit (perl code) (3)
Webhints <= 1.03 - Remote Command Execution Exploit (Perl) (1)
Webhints <= 1.03 - Remote Command Execution Exploit (C) (2)
Webhints <= 1.03 - Remote Command Execution Exploit (Perl) (3)
phpBB <= 2.0.15 - Register Multiple Users Denial of Service (Perl Code)
phpBB <= 2.0.15 - Register Multiple Users Denial of Service (C Code)
phpBB <= 2.0.15 - Register Multiple Users Denial of Service (Perl)
phpBB <= 2.0.15 - Register Multiple Users Denial of Service (C)
SimpleBBS <= 1.1 - Remote Commands Execution Exploit (c code)
SimpleBBS <= 1.1 - Remote Commands Execution Exploit (C)
Xmame 0.102 (-lang) Local Buffer Overflow Exploit (c code)
Xmame 0.102 - (lang) Local Buffer Overflow Exploit (C)
aFAQ 1.0 (faqDsp.asp catcode) Remote SQL Injection Vulnerability
aFAQ 1.0 - (faqDsp.asp catcode) Remote SQL Injection Vulnerability
Apple CFNetwork HTTP Response Denial of Service Exploit (rb code)
Apple CFNetwork - HTTP Response Denial of Service Exploit (RB)
PhpBlock a8.4 (PATH_TO_CODE) Remote File Inclusion Vulnerability
PhpBlock a8.4 - (PATH_TO_CODE) Remote File Inclusion Vulnerability
WebPortal CMS <= 0.7.4 (code) Remote Code Execution Vulnerability
WebPortal CMS <= 0.7.4 - (code) Remote Code Execution Vulnerability
emergecolab 1.0 (sitecode) Local File Inclusion Vulnerability
emergecolab 1.0 - (sitecode) Local File Inclusion Vulnerability
Simple Machines Forums (BBCode) Cookie Stealing Vulnerability
Simple Machines Forums - (BBCode) Cookie Stealing Vulnerability
Movie PHP Script 2.0 (init.php anticode) Code Execution Vulnerability
Movie PHP Script 2.0 - (init.php anticode) Code Execution Vulnerability
Kjtechforce mailman b1 (code) SQL Injection Delete Row Vulnerability
Kjtechforce mailman b1 - (code) SQL Injection Delete Row Vulnerability
WordPress Activity Log Plugin 2.3.1 - Persistent XSS
IPS Community Suite 4.1.12.3 - PHP Code Injection
Adobe Flash - ATF Processing Overflow
Adobe Flash - JXR Processing Double Free
Adobe Flash - LMZA Property Decoding Heap Corruption
Adobe Flash - ATF Image Packing Overflow
Tiki Wiki 15.1 - Unauthenticated File Upload Vulnerability (msf)
Ho' Detector (Promiscuous mode detector shellcode) (56 bytes)
Ho' Detector - Promiscuous mode detector shellcode (56 bytes)
MS16-016 mrxdav.sys WebDav Local Privilege Escalation
Ruby on Rails ActionPack Inline ERB Code Execution
Lan Messenger sending PM Buffer Overflow (UNICODE) - Overwrite SEH
Lan Messenger - sending PM Buffer Overflow (UNICODE) Overwrite SEH
Tiki Wiki CMS 15.0 - Arbitrary File Download
Belkin Router AC1200 Firmware 1.00.27 - Authentication Bypass
WordPress All in One SEO Pack Plugin 2.3.6.1 - Persistent XSS
Device42 WAN Emulator 2.3 Traceroute Command Injection
Device42 WAN Emulator 2.3 Ping Command Injection
Device42 WAN Emulator 2.3 - Traceroute Command Injection
Device42 WAN Emulator 2.3 - Ping Command Injection
Samsung Galaxy S6 Samsung Gallery - Bitmap Decoding Crash
Dell KACE K1000 File Upload
Dell KACE K1000 - File Upload
Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection
Dell SonicWALL Scrutinizer 11.01 - methodDetail SQL Injection
Valve Steam 3.42.16.13 - Local Privilege Escalation
Beauty Parlour & SPA Saloon Management System - Blind SQL Injection
Clinic Management System - Blind SQL Injection
Linux x86-64 Continuously-Probing Reverse Shell via Socket + Port-range + Password - 172 Bytes
2016-07-12 05:05:04 +00:00
Offensive Security
76bc268c80
DB: 2016-07-11
2016-07-11 05:06:57 +00:00
Offensive Security
f74a7dfb7e
DB: 2016-06-30
...
13 new exploits
Symantec Antivirus - Multiple Remote Memory Corruption Unpacking RAR
Symantec Antivirus - Remote Stack Buffer Overflow in dec2lha Library
Symantec Antivirus - Heap Overflow Modifying MIME Messages
Symantec Antivirus - Integer Overflow in TNEF Decoder
Symantec Antivirus - Missing Bounds Checks in dec2zip ALPkOldFormatDecompressor::UnShrink
Symantec Antivirus - PowerPoint Misaligned Stream-cache Remote Stack Buffer Overflow
Windows 7 SP1 x86 - Privilege Escalation (MS16-014)
Lenovo ThinkPad - System Management Mode Arbitrary Code Execution Exploit
Symantec Endpoint Protection Manager 12.1 - Multiple Vulnerabilities
WordPress Ultimate Membership Pro Plugin 3.3 - SQL Injection
Cuckoo Sandbox Guest 2.0.1 - XMLRPC Privileged Remote Code Execution
Ubiquiti Administration Portal - CSRF to Remote Command Execution
Concrete5 5.7.3.1 - (Application::dispatch) Local File Inclusion
2016-06-30 05:05:39 +00:00
Offensive Security
076ef173f9
DB: 2016-06-11
...
23 new exploits
Poison Ivy 2.1.x C2 Buffer Overflow (msf)
Matrix42 Remote Control Host 3.20.0031 - Unquoted Path Privilege Escalation
Dell OpenManage Server Administrator 8.3 - XML External Entity Exploit
Mobiketa 1.0 - CSRF Add Admin Exploit
miniMySQLAdmin 1.1.3 - CSRF Execute SQL Query
phpMyFAQ 2.9.0 - Stored XSS
Windows x86 system(_systeminfo_) Shellcode
Armadito Antimalware - Backdoor/Bypass
Riot Games League of Legends - Insecure File Permissions Privilege Escalation
IPFire proxy.cgi RCE
IPFire Bash Environment Variable Injection (Shellshock)
Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution
OS X Kernel - Exploitable NULL Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Android - /system/bin/sdcard Stack Buffer Overflow
OS X Kernel - Exploitable NULL Pointer Dereference in AppleMuxControl.kext
OS X Kernel - Exploitable NULL Pointer Dereference in AppleGraphicsDeviceControl
OS X Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource
OS X Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
OS X Kernel - Exploitable NULL Pointer Dereference in IOAudioEngine
OS X Kernel - OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type
OS X Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2
OS X/iOS Kernel - UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient
OS X Kernel - Stack Buffer Overflow in GeForce GPU Driver
2016-06-11 05:06:22 +00:00
Offensive Security
4bc4dc0218
DB: 2016-06-10
...
1 new exploits
Microsoft Word (Win/Mac) - Crash PoC
2016-06-10 05:06:43 +00:00
Offensive Security
2dba371921
DB: 2016-06-03
...
4 new exploits
Linux Kernel 2.4 / 2.6 x86-64 - System Call Emulation Exploit
Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Exploit
Linux Kernel 2.6.x (<= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10) (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit
Linux Kernel 2.6.x (<= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10) (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit
Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 & Fedora Core 10) (x86-64) - set_selection() UTF-8 Off By One Local Exploit
Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 & Fedora Core 10 x86_64) - set_selection() UTF-8 Off By One Local Exploit
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6) - (32-bit) ip_append_data() ring0 Root Exploit
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - ip_append_data() ring0 Root Exploit
Linux Kernel < 2.6.36-rc4-git2 - x86_64 ia32syscall Emulation Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (x86_64) (Redhat) - compat Local Root Exploit
Linux Kernel < 2.6.36-rc4-git2 (x86_64) - ia32syscall Emulation Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (Redhat x86_64) - compat Local Root Exploit
Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 11.10) - Local Privilege Escalation Exploit (2)
Linux Kernel < 2.6.34 (Ubuntu 11.10 x86 & x64) - CAP_SYS_ADMIN Local Privilege Escalation Exploit (2)
Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) (Gentoo / Ubuntu) - Mempodipper Local Root (1)
Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - Mempodipper Local Root (1)
Linux Kernel < 3.3.x - 3.7.x (Arch Linux x86-64) - sock_diag_handlers[] Local Root
Linux Kernel < 3.3.x - 3.7.x (Arch Linux x86_64) - sock_diag_handlers[] Local Root
Linux Kernel <= 3.7.10 (Ubuntu 12.10) (64-Bit) - sock_diag_handlers Local Root Exploit
Linux Kernel <= 3.7.10 (Ubuntu 12.10 x64) - sock_diag_handlers Local Root Exploit
Linux Kernel < 3.8.9 - x86_64 perf_swevent_init Local Root Exploit
Linux Kernel < 3.8.9 (x86_64) - perf_swevent_init Local Root Exploit
Linux Kernel <= 3.7.6 (Redhat) (32bit/64bit) - 'MSR' Driver Local Privilege Escalation
Linux Kernel <= 3.7.6 (Redhat x86/x64) - 'MSR' Driver Local Privilege Escalation
Systrace 1.x (64-Bit) - Aware Linux Kernel Privilege Escalation Vulnerability
Systrace 1.x (x64) - Aware Linux Kernel Privilege Escalation Vulnerability
Linux Kernel 2.6.x - (64 bit) Personality Handling Local Denial of Service Vulnerability
Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service Vulnerability
Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation
Linux Kernel < 3.2.0-23 (Ubuntu 12.04 x64) - ptrace/sysret Local Privilege Escalation
Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) - Mempodipper Local Root (2)
Linux Kernel 2.6.39 <= 3.2.2 (x86/x64) - Mempodipper Local Root (2)
Joomla SecurityCheck Extension 2.8.9 - Multiple Vulnerabilities
Liferay CE < 6.2 CE GA6 - Stored XSS
Relay Ajax Directory Manager relayb01-071706_ 1.5.1_ 1.5.3 - Unauthenticated File Upload
Websockify (C Implementation) 0.8.0 - Buffer Overflow
2016-06-03 05:02:50 +00:00
Offensive Security
3a855523ef
DB: 2016-06-02
...
2 new exploits
GeekLog 2.x ImageImageMagick.php Remote File Inclusion Vulnerability
GeekLog 2.x - ImageImageMagick.php Remote File Inclusion Vulnerability
ImageMagick 6.x PNM Image Decoding Remote Buffer Overflow Vulnerability
ImageMagick 6.x - .PNM Image Decoding Remote Buffer Overflow Vulnerability
ImageMagick 6.x SGI Image File Remote Heap Buffer Overflow Vulnerability
ImageMagick 6.x - .SGI Image File Remote Heap Buffer Overflow Vulnerability
ImageMagick < 6.9.3-9 - Multiple Vulnerabilities
ImageMagick <= 6.9.3-9 / <= 7.0.1-0 - Multiple Vulnerabilities (ImageTragick)
ImageMagick Delegate Arbitrary Command Execution
ImageMagick <= 6.9.3-9 / <= 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick)
AjaxExplorer 1.10.3.2 - Multiple Vulnerabilities
Wireshark - erf_meta_read_tag SIGSEGV
2016-06-02 05:03:04 +00:00
Offensive Security
22d168d0bc
DB: 2016-05-31
...
3 new exploits
MySQL 5.5.45 - procedure analyse Function Denial of Service
Open Source Real Estate Script 3.6.0 - SQL Injection
Linux x86_64 XOR Encode execve Shellcode
2016-05-31 05:03:26 +00:00
Offensive Security
2e7bce9702
DB: 2016-05-27
...
9 new exploits
Real Estate Portal 4.1 - Multiple Vulnerabilities
EduSec 4.2.5 - SQL Injection
Micro Focus Rumba+ 9.4 - Multiple Stack Buffer Overflow Vulnerabilities
HP Data Protector A.09.00 - Arbitrary Command Execution
Graphite2 - GlyphCache::GlyphCache Heap-Based Buffer Overflow
Graphite2 - GlyphCache::Loader Heap-Based Overreads
Graphite2 - TtfUtil::CheckCmapSubtable12 Heap-Based Overread
Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap-Based Overread
Graphite2 - NameTable::getName Multiple Heap-Based Out-of-Bounds Reads
2016-05-27 05:03:14 +00:00
Offensive Security
6dc4d46521
DB: 2016-05-18
...
16 new exploits
Meteocontrol WEB’log - Admin Password Disclosure
Cisco ASA Software 8.x / 9.x - IKEv1 and IKEv2 Buffer Overflow
Adobe Flash - JXR Processing Out-of-Bounds Read
Adobe Flash - Out-of-Bounds Read when Placing Object
Adobe Flash - Overflow in Processing Raw 565 Textures
Adobe Flash - Heap Overflow in ATF Processing (Image Reading)
Adobe Flash - MP4 File Stack Corruption
Adobe Flash - Type Confusion in FileReference Constructor
Adobe Flash - addProperty Use-After-Free
Adobe Flash - SetNative Use-After-Free
Windows - gdi32.dll Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055)
Windows - gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055)
Windows - gdi32.dll Heap-Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055)
Symantec/Norton Antivirus - ASPack Remote Heap/Pool Memory Corruption Vulnerability
Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection
SAP xMII 15.0 - Directory Traversal
2016-05-18 05:02:15 +00:00
Offensive Security
5e229672a0
DB: 2016-05-14
...
3 new exploits
Ethereal / tcpdump (rsvp_print) Infinite Loop Denial of Service Exploit
Ethereal 0.10.10 / tcpdump 3.9.1 (rsvp_print) Infinite Loop Denial of Service Exploit
Mozilla Firefox - Install Method Remote Arbitrary Code Execution Exploit
Mozilla Firefox 1.0.3 - Install Method Remote Arbitrary Code Execution Exploit
Active Price Comparison 4 - (ProductID) Blind SQL Injection Vulnerability
Absolute Form Processor XE-V 1.5 - (auth Bypass) SQL Injection Vulnerability
ipsec-tools racoon frag-isakmp Denial of Service PoC
IPsec-Tools < 0.7.2 (racoon frag-isakmp) - Multiple Remote Denial of Service PoC
PaoBacheca Guestbook 2.1 (login_ok) Auth Bypass Vulnerability
PaoLiber 1.1 (login_ok) Authentication Bypass Vulnerability
PaoBacheca Guestbook 2.1 - (login_ok) Auth Bypass Vulnerability
PaoLiber 1.1 - (login_ok) Authentication Bypass Vulnerability
IPsec-Tools < 0.7.2 - Multiple Remote Denial of Service Vulnerabilities
ISC DHCP 'dhclient' 'script_write_params()' - Stack Buffer Overflow Vulnerability
I-net Multi User Email Script SQLi Vulnerability
linux/x86 - break chroot execve /bin/sh 80 bytes
linux/x86 - break chroot execve /bin/sh (80 bytes)
Sysax Multi Server 5.64 - Create Folder Buffer Overflow
TikiWiki Project 1.8 tiki-read_article.php articleId Parameter XSS
TikiWiki Project 1.8 - tiki-read_article.php articleId Parameter XSS
TikiWiki Project 1.8 tiki-print_article.php articleId Parameter XSS
TikiWiki Project 1.8 - tiki-print_article.php articleId Parameter XSS
TikiWiki Project 1.8 tiki-list_faqs.php sort_mode Parameter SQL Injection
TikiWiki Project 1.8 tiki-list_trackers.php sort_mode Parameter SQL Injection
TikiWiki Project 1.8 - tiki-list_faqs.php sort_mode Parameter SQL Injection
TikiWiki Project 1.8 - tiki-list_trackers.php sort_mode Parameter SQL Injection
UBBCentral UBB.threads 6.2.3/6.5 login.php Cat Parameter XSS
UBBCentral UBB.threads 6.2.3/6.5 online.php Cat Parameter XSS
UBBCentral UBB.threads 6.2.3/6.5 - login.php Cat Parameter XSS
UBBCentral UBB.threads 6.2.3/6.5 - online.php Cat Parameter XSS
CityPost PHP Image Editor M1 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M2 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M3 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor Imgsrc URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M4 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M1/M2/M3/Imgsrc/M4 - URI Parameter Cross-Site Scripting Vulnerability
osCommerce 2.2 admin/countries.php page Parameter XSS
osCommerce 2.2 admin/currencies.php page Parameter XSS
osCommerce 2.2 - admin/countries.php page Parameter XSS
osCommerce 2.2 - admin/currencies.php page Parameter XSS
Microsoft Internet Explorer 6.0 Unspecified Code Execution Vulnerability (1)
Microsoft Internet Explorer 6.0 Unspecified Code Execution Vulnerability (2)
Microsoft Internet Explorer 6.0 - Unspecified Code Execution Vulnerability (1)
Microsoft Internet Explorer 6.0 - Unspecified Code Execution Vulnerability (2)
Joomla Gallery WD - SQL Injection Vulnerability
Photoshop CC2014 and Bridge CC 2014 PNG Parsing Memory Corruption Vulnerabilities
Photoshop CC2014 and Bridge CC 2014 PDF Parsing Memory Corruption Vulnerabilities
Photoshop CC2014 and Bridge CC 2014 - .PNG Parsing Memory Corruption Vulnerabilities
NRSS Reader 0.3.9 - Local Stack-Based Overflow
runAV mod_security - Arbitrary Command Execution
Wireshark - AirPDcapDecryptWPABroadcastKey Heap-Based Out-of-Bounds Read
2016-05-14 05:03:47 +00:00
Offensive Security