exploit-db-mirror

bpmcdevitt/exploit-db-mirror

Fork 0

Commit graph

Author	SHA1	Message	Date
Offensive Security	77681134f4	DB: 2016-10-05 3 new exploits CS-Cart 1.3.3 - (classes_dir) Remote File Inclusion CS-Cart 1.3.3 - 'classes_dir' Remote File Inclusion E-SMARTCART 1.0 - (Product_ID) SQL Injection E-Smart Cart 1.0 - 'Product_ID' SQL Injection E-SMART CART - 'productsofcat.asp' SQL Injection E-Smart Cart - 'productsofcat.asp' SQL Injection CS-Cart 2.0.0 Beta 3 - (Product_ID) SQL Injection CS-Cart 2.0.0 Beta 3 - 'Product_ID' SQL Injection E-Smartcart - SQL Injection E-Smart Cart - SQL Injection CubeCart PHP (shipkey parameter) 4.3.x - SQL Injection CubeCart PHP 4.3.x - 'shipkey' SQL Injection CS Cart 1.3.3 - (install.php) Cross-Site Scripting CS-Cart 1.3.3 - 'install.php' Cross-Site Scripting dansie shopping cart 3.0.4 - Multiple Vulnerabilities Dansie Shopping Cart 3.0.4 - Multiple Vulnerabilities Sendmail 8.11.6 - Address Prescan Memory Corruption Joomla! Component RSfiles (cid parameter) - SQL Injection Joomla! Component RSfiles - (cid parameter) SQL Injection Dovecot with Exim sender_address Parameter - Remote Command Execution Dovecot with Exim - sender_address Parameter Remote Command Execution Exim sender_address Parameter - Remote Code Execution Exim - sender_address Parameter Remote Code Execution PHP 4.x/5.0/5.1 with Sendmail Mail Function additional_parameters - Argument Arbitrary File Creation PHP 4.x/5.0/5.1 with Sendmail Mail Function - additional_parameters Argument Arbitrary File Creation Simplog 0.9.3 BlogID Parameter - Multiple SQL Injections Simplog 0.9.3 - BlogID Parameter Multiple SQL Injections E-SMART CART - 'Members Login' Multiple SQL Injection Vulnerabilities E-Smart Cart - 'Members Login' Multiple SQL Injection Vulnerabilities MW6 Technologies Aztec ActiveX (Data parameter) - Buffer Overflow MW6 Technologies Datamatrix - ActiveX (Data Parameter) - Buffer Overflow MW6 Technologies MaxiCode ActiveX (Data parameter) - Buffer Overflow MW6 Technologies Aztec ActiveX - (Data parameter) Buffer Overflow MW6 Technologies Datamatrix ActiveX - (Data Parameter) - Buffer Overflow MW6 Technologies MaxiCode ActiveX - (Data parameter) Buffer Overflow WordPress Plugin Recipes Blog 'id' Parameter - SQL Injection WordPress Plugin Recipes Blog - 'id' Parameter SQL Injection Le Forum 'Fichier_Acceuil' Parameter - Remote File Inclusion Le Forum - 'Fichier_Acceuil' Parameter Remote File Inclusion eFront 3.6.14.4 (surname parameter) - Persistent Cross-Site Scripting eFront 3.6.14.4 - (surname parameter) Persistent Cross-Site Scripting WordPress Plugin Safe Search 'v1' Parameter - Cross-Site Scripting WordPress Plugin Safe Search - 'v1' Parameter Cross-Site Scripting WordPress Plugin Twitter Feed 'url' Parameter - Cross-Site Scripting WordPress Plugin Twitter Feed - 'url' Parameter Cross-Site Scripting WordPress Plugin GD Star Rating 'votes' Parameter - SQL Injection WordPress Plugin GD Star Rating - 'votes' Parameter SQL Injection AJ Classifieds 'listingid' Parameter - SQL Injection AJ Classifieds - 'listingid' Parameter SQL Injection PHP Prior to 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities PHP < 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities Opera Web Browser Prior to 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities Bind 9 DNS Server - Denial of Service Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - 'snd-usb-audio' Crash (PoC) Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - 'iowarrior' Driver Crash (PoC) Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'snd-usb-audio' Crash (PoC) Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'iowarrior' Driver Crash (PoC) OpenCart 2.1.0.2 to 2.2.0.0 - json_decode Function Remote Code Execution OpenCart 2.1.0.2 < 2.2.0.0 - json_decode Function Remote Code Execution Disk Pulse Enterprise 9.0.34 - Buffer Overflow	2016-10-05 05:01:18 +00:00

Author

SHA1

Message

Date

Offensive Security

77681134f4

DB: 2016-10-05

3 new exploits

CS-Cart 1.3.3 - (classes_dir) Remote File Inclusion
CS-Cart 1.3.3 - 'classes_dir' Remote File Inclusion

E-SMARTCART 1.0 - (Product_ID) SQL Injection
E-Smart Cart 1.0 - 'Product_ID' SQL Injection

E-SMART CART - 'productsofcat.asp' SQL Injection
E-Smart Cart - 'productsofcat.asp' SQL Injection

CS-Cart 2.0.0 Beta 3 - (Product_ID) SQL Injection
CS-Cart 2.0.0 Beta 3 - 'Product_ID' SQL Injection

E-Smartcart - SQL Injection
E-Smart Cart - SQL Injection

CubeCart PHP (shipkey parameter) 4.3.x - SQL Injection
CubeCart PHP 4.3.x - 'shipkey' SQL Injection

CS Cart 1.3.3 - (install.php) Cross-Site Scripting
CS-Cart 1.3.3 - 'install.php' Cross-Site Scripting

dansie shopping cart 3.0.4 - Multiple Vulnerabilities
Dansie Shopping Cart 3.0.4 - Multiple Vulnerabilities

Sendmail 8.11.6 - Address Prescan Memory Corruption

Joomla! Component RSfiles (cid parameter) - SQL Injection
Joomla! Component RSfiles - (cid parameter) SQL Injection

Dovecot with Exim sender_address Parameter - Remote Command Execution
Dovecot with Exim - sender_address Parameter Remote Command Execution

Exim sender_address Parameter - Remote Code Execution
Exim - sender_address Parameter Remote Code Execution

PHP 4.x/5.0/5.1 with Sendmail Mail Function additional_parameters - Argument Arbitrary File Creation
PHP 4.x/5.0/5.1 with Sendmail Mail Function - additional_parameters Argument Arbitrary File Creation

Simplog 0.9.3 BlogID Parameter - Multiple SQL Injections
Simplog 0.9.3 - BlogID Parameter Multiple SQL Injections

E-SMART CART - 'Members Login' Multiple SQL Injection Vulnerabilities
E-Smart Cart - 'Members Login' Multiple SQL Injection Vulnerabilities
MW6 Technologies Aztec ActiveX (Data parameter) - Buffer Overflow
MW6 Technologies Datamatrix - ActiveX (Data Parameter) - Buffer Overflow
MW6 Technologies MaxiCode ActiveX (Data parameter) - Buffer Overflow
MW6 Technologies Aztec ActiveX - (Data parameter) Buffer Overflow
MW6 Technologies Datamatrix ActiveX - (Data Parameter) - Buffer Overflow
MW6 Technologies MaxiCode ActiveX - (Data parameter) Buffer Overflow

WordPress Plugin Recipes Blog 'id' Parameter - SQL Injection
WordPress Plugin Recipes Blog - 'id' Parameter SQL Injection

Le Forum 'Fichier_Acceuil' Parameter - Remote File Inclusion
Le Forum - 'Fichier_Acceuil' Parameter Remote File Inclusion

eFront 3.6.14.4 (surname parameter) - Persistent Cross-Site Scripting
eFront 3.6.14.4 - (surname parameter) Persistent Cross-Site Scripting

WordPress Plugin Safe Search 'v1' Parameter - Cross-Site Scripting
WordPress Plugin Safe Search - 'v1' Parameter Cross-Site Scripting

WordPress Plugin Twitter Feed 'url' Parameter - Cross-Site Scripting
WordPress Plugin Twitter Feed - 'url' Parameter Cross-Site Scripting

WordPress Plugin GD Star Rating 'votes' Parameter - SQL Injection
WordPress Plugin GD Star Rating - 'votes' Parameter SQL Injection

AJ Classifieds 'listingid' Parameter - SQL Injection
AJ Classifieds - 'listingid' Parameter SQL Injection

PHP Prior to 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities
PHP < 5.3.7 - Multiple Null Pointer Dereference Denial Of Service Vulnerabilities

Opera Web Browser Prior to 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities
Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities

Bind 9 DNS Server - Denial of Service
Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - 'snd-usb-audio' Crash (PoC)
Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - 'iowarrior' Driver Crash (PoC)
Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'snd-usb-audio' Crash (PoC)
Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'iowarrior' Driver Crash (PoC)

OpenCart 2.1.0.2 to 2.2.0.0 - json_decode Function Remote Code Execution
OpenCart 2.1.0.2 < 2.2.0.0 - json_decode Function Remote Code Execution

Disk Pulse Enterprise 9.0.34 - Buffer Overflow

2016-10-05 05:01:18 +00:00

1 commit