exploit-db-mirror

Author	SHA1	Message	Date
Offensive Security	341f44bf34	DB: 2017-04-11 4 new exploits Moxa MXview 2.8 - Denial of Service Moxa MXview 2.8 - Private Key Disclosure Moxa MX AOPC-Server 1.5 - XML External Entity Injection Jobscript4Web 4.5 - Authentication Bypass	2017-04-11 05:01:16 +00:00
Offensive Security	7018b7742d	DB: 2017-04-07 7 new exploits Microsoft Windows - Explorer (.WMF) CreateBrushIndirect Denial of Service Microsoft Windows Explorer - '.WMF' CreateBrushIndirect Denial of Service Microsoft Windows - Explorer (.AVI) Unspecified Denial of Service Microsoft Windows Explorer - '.AVI' Unspecified Denial of Service Microsoft Windows - Explorer Unspecified .ANI File Denial of Service Microsoft Windows Explorer - Unspecified '.ANI' File Denial of Service Microsoft Windows - explorer.exe Gif Image Denial of Service Microsoft Windows Explorer - '.GIF' Image Denial of Service Microsoft Windows Media Player - AIFF Divide By Zero Exception Denial of Service (PoC) Microsoft Windows Media Player - '.AIFF' Divide By Zero Exception Denial of Service (PoC) Microsoft Windows - Explorer Unspecified .doc File Denial of Service Microsoft Windows Explorer - Unspecified '.doc' File Denial of Service Microsoft Windows - GDI+ '.ico' Remote Division By Zero Exploit Microsoft Windows - GDI+ '.ICO' Remote Division By Zero Exploit DesignWorks Professional 4.3.1 - Local .CCT File Stack Buffer Overflow (PoC) DesignWorks Professional 4.3.1 - Local '.CCT' File Stack Buffer Overflow (PoC) IrfanView 4.33 - Format PlugIn .TTF File Parsing Stack Based Overflow IrfanView 4.33 - Format PlugIn '.TTF' File Parsing Stack Based Overflow Microsoft Windows NT 4/2000 - TCP/IP Printing Service Denial of Service Microsoft Windows NT 4.0/2000 - TCP/IP Printing Service Denial of Service Microsoft Windows NT 4.0 / 2000 - LPC Zone Memory Depletion Denial of Service Microsoft Windows NT 4.0/2000 - LPC Zone Memory Depletion Denial of Service Microsoft Windows NT / 2000 - Terminal Server Service RDP Denial of Service Microsoft Windows NT/2000 - Terminal Server Service RDP Denial of Service Microsoft Windows NT 4/2000 - TCP Stack Denial of Service (1) Microsoft Windows NT 4/2000 - TCP Stack Denial of Service (2) Microsoft Windows NT 4.0/2000 - TCP Stack Denial of Service (1) Microsoft Windows NT 4.0/2000 - TCP Stack Denial of Service (2) Microsoft Windows XP/2000/NT 4 - Network Share Provider SMB Request Buffer Overflow (1) Microsoft Windows XP/2000/NT 4 - Network Share Provider SMB Request Buffer Overflow (2) Microsoft Windows XP/2000/NT 4.0 - Network Share Provider SMB Request Buffer Overflow (1) Microsoft Windows XP/2000/NT 4.0 - Network Share Provider SMB Request Buffer Overflow (2) Microsoft Windows XP/2000/NT 4 - RPC Service Denial of Service (1) Microsoft Windows XP/2000/NT 4 - RPC Service Denial of Service (2) Microsoft Windows XP/2000/NT 4 - RPC Service Denial of Service (3) Microsoft Windows XP/2000/NT 4 - RPC Service Denial of Service (4) Microsoft Windows XP/2000/NT 4.0 - RPC Service Denial of Service (1) Microsoft Windows XP/2000/NT 4.0 - RPC Service Denial of Service (2) Microsoft Windows XP/2000/NT 4.0 - RPC Service Denial of Service (3) Microsoft Windows XP/2000/NT 4.0 - RPC Service Denial of Service (4) Microsoft Windows XP/95/98/2000/NT 4 - 'Riched20.dll' Attribute Buffer Overflow Microsoft Windows XP/95/98/2000/NT 4.0 - 'Riched20.dll' Attribute Buffer Overflow Microsoft Windows XP/2000/NT 4 - Shell Long Share Name Buffer Overrun Microsoft Windows XP/2000/NT 4.0 - Shell Long Share Name Buffer Overrun Microsoft Windows Explorer - 'explorer.exe' .WMV File Handling Denial of Service Microsoft Windows Explorer - 'explorer.exe' '.WMV' File Handling Denial of Service Apple Mac OSX 10.4.x - iMovie HD .imovieproj Filename Format String Apple Mac OSX 10.4.x - Help Viewer .help Filename Format String Apple Mac OSX 10.4.x - iMovie HD '.imovieproj' Filename Format String Apple Mac OSX 10.4.x - Help Viewer '.help' Filename Format String Microsoft Windows XP/2003 - Explorer .WMF File Handling Denial of Service Microsoft Windows XP/2003 - Explorer '.WMF' File Handling Denial of Service Microsoft Windows Cursor - Object Potential Memory Leak (MS15-115) Microsoft Windows - Cursor Object Potential Memory Leak (MS15-115) Microsoft Windows Kernel win32k!OffsetChildren - Null Pointer Dereference Microsoft Windows Kernel - win32k!OffsetChildren Null Pointer Dereference Palo Alto Networks PanOS appweb3 - Stack Buffer Overflow Palo Alto Networks PanOS - appweb3 Stack Buffer Overflow Cesanta Mongoose OS - Use-After-Free CommVault Edge 11 SP6 - Stack Buffer Overflow (PoC) GLIBC (via /bin/su) - Privilege Escalation GLIBC - '/bin/su' Privilege Escalation cPanel 10.8.x - (cpwrap via mysqladmin) Privilege Escalation cPanel 10.8.x - (cpwrap via MySQLAdmin) Privilege Escalation Microsoft Windows - NtRaiseHardError Csrss.exe Memory Disclosure Microsoft Windows - NtRaiseHardError 'Csrss.exe' Memory Disclosure Microsoft Windows Contacts - 'wab32res.dll' DLL Hijacking Microsoft Windows - Contacts 'wab32res.dll' DLL Hijacking Microsoft Visio - 'VISIODWG.dll' .DXF File Handling (MS10-028) (Metasploit) Microsoft Visio - 'VISIODWG.dll' '.DXF' File Handling (MS10-028) (Metasploit) Microsoft Windows - Task Scheduler .XML Privilege Escalation (MS10-092) (Metasploit) Microsoft Windows - Task Scheduler '.XML' Privilege Escalation (MS10-092) (Metasploit) Microsoft Windows NT 4/2000 - DLL Search Path Microsoft Windows NT 4.0/2000 - DLL Search Path Microsoft Windows NT 4.0 / 2000 Predictable LPC Message Identifier - Multiple Vulnerabilities Microsoft Windows NT 4.0/2000 Predictable LPC Message Identifier - Multiple Vulnerabilities Microsoft Windows NT 4.0 / 2000 - Spoofed LPC Request (MS00-003) Microsoft Windows NT 4.0/2000 - Spoofed LPC Request (MS00-003) Microsoft Windows NT 3/4 - CSRSS Memory Access Violation Microsoft Windows NT 3/4.0 - CSRSS Memory Access Violation Microsoft Windows NT 4/2000 - NTFS File Hiding Microsoft Windows NT 4.0/2000 - NTFS File Hiding Microsoft Windows NT 4/2000 - Process Handle Local Privilege Elevation Microsoft Windows NT 4.0/2000 - Process Handle Local Privilege Elevation Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (1) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (2) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (3) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (4) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (5) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (6) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (7) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (8) Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (1) Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (2) Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (3) Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (4) Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (5) Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (6) Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (7) Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (8) Microsoft Windows XP/2000/NT 4 - NetDDE Privilege Escalation (1) Microsoft Windows XP/2000/NT 4 - NetDDE Privilege Escalation (2) Microsoft Windows XP/2000/NT 4.0 - NetDDE Privilege Escalation (1) Microsoft Windows XP/2000/NT 4.0 - NetDDE Privilege Escalation (2) Microsoft Windows Server 2000 - Help Facility .CNT File :Link Buffer Overflow Microsoft Windows Server 2000 - Help Facility '.CNT' File :Link Buffer Overflow Microsoft Windows NT 4/2000 - Local Descriptor Table Privilege Escalation (MS04-011) Microsoft Windows NT 4.0/2000 - Local Descriptor Table Privilege Escalation (MS04-011) Microsoft Windows NT 4/2000 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020) Microsoft Windows NT 4.0/2000 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020) Microsoft Windows 10 Build 10130 - User Mode Font Driver Thread Permissions Privilege Escalation Microsoft Windows 10 (Build 10130) - User Mode Font Driver Thread Permissions Privilege Escalation Palo Alto Networks PanOS root_reboot - Privilege Escalation Palo Alto Networks PanOS - root_reboot Privilege Escalation Oracle 9i / 10g - File System Access via utl_file Exploit Oracle 9i / 10g - 'utl_file' File System Access Exploit KDE 4.4.1 - Ksysguard Remote Code Execution via Cross Application Scripting KDE 4.4.1 - Ksysguard Remote Code Execution (via Cross Application Scripting) QuickPHP Web Server Arbitrary - 'src .php' File Download QuickPHP Web Server - Arbitrary '.php' File Download Microsoft Windows Common Control Library (Comctl32) - Heap Overflow (MS10-081) Microsoft Windows - Common Control Library (Comctl32) Heap Overflow (MS10-081) Microsoft Internet Explorer 4 (Windows 95/NT 4) - Setupctl ActiveX Control Buffer Overflow Microsoft Internet Explorer 4 (Windows 95/NT 4.0) - Setupctl ActiveX Control Buffer Overflow Microsoft Internet Explorer 5 (Windows 95/98/2000/NT 4) - XML HTTP Redirect Microsoft Internet Explorer 5 (Windows 95/98/2000/NT 4.0) - XML HTTP Redirect Microsoft Windows NT 4/2000 - NetBIOS Name Conflict Microsoft Windows NT 4.0/2000 - NetBIOS Name Conflict X-Chat 1.2/1.3/1.4/1.5 - Command Execution Via URLs X-Chat 1.2/1.3/1.4/1.5 - Command Execution via URLs Microsoft Windows 95/98/2000/NT4 - WinHlp Item Buffer Overflow Microsoft Windows 95/98/2000/NT 4.0 - WinHlp Item Buffer Overflow Microsoft Windows XP/2000/NT 4 - Help Facility ActiveX Control Buffer Overflow Microsoft Windows XP/2000/NT 4.0 - Help Facility ActiveX Control Buffer Overflow Microsoft Windows XP/2000/NT 4 - Locator Service Buffer Overflow Microsoft Windows XP/2000/NT 4.0 - Locator Service Buffer Overflow AIX 3.x/4.x / Windows 95/98/2000/NT 4 / SunOS 5 gethostbyname() - Buffer Overflow AIX 3.x/4.x / Windows 95/98/2000/NT 4.0 / SunOS 5 gethostbyname() - Buffer Overflow Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (1) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (2) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (3) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (4) Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Buffer Overflow (1) Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Buffer Overflow (2) Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Buffer Overflow (3) Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Buffer Overflow (4) Microsoft Windows XP/2000/NT 4 - HTML Converter HR Align Buffer Overflow Microsoft Windows XP/2000/NT 4.0 - HTML Converter HR Align Buffer Overflow Microsoft Windows NT 4/2000 - Media Services 'nsiislog.dll' Remote Buffer Overflow Microsoft Windows NT 4.0/2000 - Media Services 'nsiislog.dll' Remote Buffer Overflow Cerulean Studios Trillian 3.0 - Remote .png Image File Parsing Buffer Overflow Cerulean Studios Trillian 3.0 - Remote '.png' Image File Parsing Buffer Overflow Zoom Player 3.30/5/6 - Crafted .ZPL File Error Message Arbitrary Code Execution Zoom Player 3.30/5/6 - Crafted '.ZPL' File Error Message Arbitrary Code Execution SpiceWorks 7.5 TFTP - Remote File Overwrite / Upload Windows 10 x64 - Egghunter Shellcode (45 bytes) eFiction 2.0 - 'Fake .gif' Arbitrary File Upload eFiction 2.0 - Fake '.GIF' Arbitrary File Upload cPanel 10.8.x - (cpwrap via mysqladmin) Privilege Escalation (PHP) cPanel 10.8.x - (cpwrap via MySQLAdmin) Privilege Escalation (PHP) Apple WebKit 10.0.2(12602.3.12.0.1) - 'disconnectSubframes' Universal Cross-Site Scripting Apple WebKit 10.0.2(12602.3.12.0.1_ r210800) - 'constructJSReadableStreamDefaultReader' Type Confusion Apple WebKit 10.0.2 (12602.3.12.0.1) - 'disconnectSubframes' Universal Cross-Site Scripting Apple WebKit 10.0.2 (12602.3.12.0.1_ r210800) - 'constructJSReadableStreamDefaultReader' Type Confusion SharePoint 2007/2010 and DotNetNuke < 6 - File Disclosure via XEE SharePoint 2007/2010 and DotNetNuke < 6 - File Disclosure (via XEE) The Uploader 2.0.4 - (English/Italian) Arbitrary File Upload / Remote Code Execution (Metasploit) The Uploader 2.0.4 (English/Italian) - Arbitrary File Upload / Remote Code Execution (Metasploit) elFinder 2 - Remote Command Execution (Via File Creation) elFinder 2 - Remote Command Execution (via File Creation) Magento < 2.0.6 - Unauthenticated Arbitrary Unserialize -> Arbitrary Write File Magento < 2.0.6 - Unauthenticated Arbitrary Unserialize / Arbitrary Write File AXIS Multiple Products - Authenticated Remote Command Execution via devtools Vector AXIS Multiple Products - 'devtools ' Authenticated Remote Command Execution GeoMoose < 2.9.2 - Directory Traversal Moodle 2.x/3.x - SQL Injection HelpDEZK 1.1.1 - Cross-Site Request Forgery / Code Execution	2017-04-07 05:01:20 +00:00
Offensive Security	0320cba051	DB: 2017-04-02 6 new exploits Microsoft Internet Explorer 11 - Crash PoC (1) Microsoft Internet Explorer 11 - Crash (PoC) (1) Microsoft Windows SQL Server - Denial of Service Remote Exploit (MS03-031) Microsoft Windows SQL Server - Remote Denial of Service (MS03-031) Microsoft Exchange Server 2000 - XEXCH50 Heap Overflow PoC (MS03-046) Microsoft Exchange Server 2000 - XEXCH50 Heap Overflow (PoC) (MS03-046) Microsoft Windows - MSDTC Service Remote Memory Modification PoC (MS05-051) Microsoft Windows - MSDTC Service Remote Memory Modification (PoC) (MS05-051) Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow PoC (MS06-005) (1) Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow (PoC) (MS06-005) (1) Microsoft Windows - '.png' File IHDR Block Denial of Service PoC (1) Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (1) Microsoft Windows - '.png' File IHDR Block Denial of Service PoC (3) Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (3) Microsoft Windows - '.png' File IHDR Block Denial of Service PoC (2) Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (2) Apple Airport - 802.11 Probe Response Kernel Memory Corruption PoC (Metasploit) Apple Airport - 802.11 Probe Response Kernel Memory Corruption (PoC) (Metasploit) Microsoft Windows - DNS Resolution Remote Denial of Service PoC (MS06-041) Microsoft Windows - DNS Resolution Remote Denial of Service (PoC) (MS06-041) Microsoft Excel - Malformed Palette Record Denial of Service PoC (MS07-002) Microsoft Excel - Malformed Palette Record Denial of Service (PoC) (MS07-002) BaoFeng2 - 'mps.dll' ActiveX Multiple Remote Buffer Overflow PoCs BaoFeng2 - 'mps.dll' ActiveX Multiple Remote Buffer Overflow (PoCs) Visual Basic - 'vbe6.dll' Local Stack Overflow PoC / Denial of Service Visual Basic - 'vbe6.dll' Local Stack Overflow (PoC) / Denial of Service freeSSHd 1.2.1 - Remote Stack Overflow PoC Authenticated freeSSHd 1.2.1 - Authenticated Remote Stack Overflow (PoC) Microsoft Internet Explorer GDI+ - PoC (MS08-052) Microsoft Internet Explorer GDI+ - (PoC) (MS08-052) Microsoft Windows - GDI+ PoC (MS08-052) (2) Microsoft Windows - GDI+ (PoC) (MS08-052) (2) Microsoft Windows - InternalOpenColorProfile Heap Overflow PoC (MS08-046) GuildFTPd 0.999.8.11/0.999.14 - Heap Corruption PoC/Denial of Service Microsoft Windows - InternalOpenColorProfile Heap Overflow (PoC) (MS08-046) GuildFTPd 0.999.8.11/0.999.14 - Heap Corruption (PoC) / Denial of Service Apple Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray) Apple Safari - 'ARGUMENTS' Array Integer Overflow (PoC) (New Heap Spray) Adobe Acrobat Reader - JBIG2 Local Buffer Overflow PoC (2) Adobe Acrobat Reader - JBIG2 Local Buffer Overflow (PoC) (2) eZip Wizard 3.0 - Local Stack Buffer Overflow PoC (SEH) eZip Wizard 3.0 - Local Stack Buffer Overflow (PoC) (SEH) Chasys Media Player 1.1 - '.pls' Local Buffer Overflow PoC (SEH) Chasys Media Player 1.1 - '.pls' Local Buffer Overflow (PoC) (SEH) Mozilla Firefox XSL - Parsing Remote Memory Corruption PoC (1) Mozilla Firefox XSL - Parsing Remote Memory Corruption (PoC) (1) Mozilla Firefox XSL - Parsing Remote Memory Corruption PoC (2) Mozilla Firefox XSL - Parsing Remote Memory Corruption (PoC) (2) Microsoft Internet Explorer - EMBED Memory Corruption PoC (MS09-014) Microsoft Internet Explorer - EMBED Memory Corruption (PoC) (MS09-014) DigiMode Maya 1.0.2 - '.m3u' / '.m3l' Buffer Overflow PoCs DigiMode Maya 1.0.2 - '.m3u' / '.m3l' Buffer Overflow (PoCs) AIMP 2.51 build 330 - ID3v1/ID3v2 Tag Remote Stack Buffer Overflow PoC (SEH) AIMP 2.51 build 330 - ID3v1/ID3v2 Tag Remote Stack Buffer Overflow (PoC) (SEH) MySQL 5.0.45 - Authenticated COM_CREATE_DB Format String PoC MySQL 5.0.45 - Authenticated COM_CREATE_DB Format String (PoC) otsAV DJ/TV/Radio - Multiple Local Heap Overflow PoCs otsAV DJ/TV/Radio - Multiple Local Heap Overflow (PoCs) JetAudio 7.5.3 COWON Media Center - '.wav' Crash Streaming Audio Player 0.9 - (skin) Local Stack Overflow PoC (SEH) Soritong MP3 Player 1.0 - (SKIN) Local Stack Overflow PoC (SEH) Streaming Audio Player 0.9 - 'skin' Local Stack Overflow (PoC) (SEH) Soritong MP3 Player 1.0 - 'SKIN' Local Stack Overflow (PoC) (SEH) Tuniac 090517c - '.m3u' Local File Crash (PoC) HTML Email Creator & Sender 2.3 - Local Buffer Overflow PoC (SEH) HTML Email Creator & Sender 2.3 - Local Buffer Overflow (PoC) (SEH) PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow PoC (1) PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow PoC (2) PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow (PoC) (1) PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow (PoC) (2) BigAnt Server 2.50 SP6 - '.zip' Local Buffer Overflow PoC (2) BigAnt Server 2.50 SP6 - '.zip' Local Buffer Overflow (PoC) (2) Eureka Email Client 2.2q - PoC Buffer Overflow Eureka Email Client 2.2q - Buffer Overflow (PoC) Microsoft Windows 7 / Server 2008 R2 - Remote Kernel Crash Microsoft Windows 7 / 2008 R2 - Remote Kernel Crash Picpuz 2.1.1 - Buffer Overflow Denial of Service/PoC Picpuz 2.1.1 - Buffer Overflow Denial of Service (PoC) Total MultiMedia Features - Denial of Service PoC for Sony Ericsson Phones Total MultiMedia Features - Sony Ericsson Phones Denial of Service (PoC) Mozilla Firefox 3.6 - (XML parser) Memory Corruption PoC/Denial of Service Mozilla Firefox 3.6 - (XML parser) Memory Corruption (PoC) / Denial of Service iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service/PoC iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service (PoC) RCA DCM425 Cable Modem - micro_httpd Denial of Service/PoC RCA DCM425 Cable Modem - 'micro_httpd' Denial of Service (PoC) Free MP3 CD Ripper 2.6 - '.wav' PoC Free MP3 CD Ripper 2.6 - '.wav' (PoC) Anyzip 1.1 - '.zip' PoC (SEH) Anyzip 1.1 - '.zip' (PoC) (SEH) Microsoft Windows - SMB Client-Side Bug PoC (MS10-006) Microsoft Windows - SMB Client-Side Bug (PoC) (MS10-006) Webby WebServer - PoC SEH control Webby WebServer - SEH Control (PoC) FreeBSD 8.0 ftpd - off-by one PoC (FreeBSD-SA-10:05) FreeBSD 8.0 ftpd (FreeBSD-SA-10:05) - Off- By One (PoC) Microsoft Windows Vista/Server 2008 - NtUserCheckAccessForIntegrityLevel Use-After-Free Microsoft Windows Vista/2008 - NtUserCheckAccessForIntegrityLevel Use-After-Free AoAAudioExtractor 2.0.0.0 - ActiveX PoC (SEH) AoAAudioExtractor 2.0.0.0 - ActiveX (PoC) (SEH) Mozilla Firefox - Memory Corruption PoC (Simplified) Mozilla Firefox - (Simplified) Memory Corruption (PoC) Microsoft Windows - Win32k Pointer Dereferencement PoC (MS10-098) Microsoft Windows - Win32k Pointer Dereferencement (PoC) (MS10-098) Elecard MPEG Player 5.7 - Local Buffer Overflow PoC (SEH) Elecard MPEG Player 5.7 - Local Buffer Overflow (PoC) (SEH) Microsoft Windows XP - WmiTraceMessageVa Integer Truncation PoC (MS11-011) Microsoft Windows XP - WmiTraceMessageVa Integer Truncation (PoC) (MS11-011) Real player 14.0.2.633 - Buffer Overflow / Denial of ServiceExploit Real player 14.0.2.633 - Buffer Overflow / Denial of Service IrfanView 4.28 - .ICO With Transparent Colour Denial of Service / Remote Denial of Service IrfanView 4.28 - .ICO Without Transparent Colour Denial of Service / Remote Denial of Service IrfanView 4.28 - '.ICO' With Transparent Colour Denial of Service / Remote Denial of Service IrfanView 4.28 - '.ICO' Without Transparent Colour Denial of Service / Remote Denial of Service Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel Denial of Service Microsoft Windows Vista/2008 - 'nsiproxy.sys' Local Kernel Denial of Service D-Link DSL-2650U - Denial of Service/PoC D-Link DSL-2650U - Denial of Service (PoC) Microsoft Windows - '.fon' Kernel-Mode Buffer Overrun PoC (MS11-077) Microsoft Windows - '.fon' Kernel-Mode Buffer Overrun (PoC) (MS11-077) Opera 11.52 - PoC Denial of Service Opera 11.52 - Denial of Service (PoC) Microsoft Win32k - Null Pointer De-reference PoC (MS11-077) Microsoft Win32k - Null Pointer De-reference (PoC) (MS11-077) Microsoft Windows - 'afd.sys' PoC (MS11-046) Microsoft Windows - 'afd.sys' (PoC) (MS11-046) Microsoft Windows XP - Keyboard Layouts Pool Corruption LPE PoC (MS12-034) Microsoft Windows XP - Keyboard Layouts Pool Corruption LPE (PoC) (MS12-034) Wyse - Machine Remote Power off (DOS) without any Privilege (Metasploit) Wyse - Unauthenticated Machine Remote Power Off )Denial of Service) (Metasploit) Microsoft Windows Server 2000/NT 4.0 - TCP/IP Printing Service Denial of Service Microsoft Windows NT 4/2000 - TCP/IP Printing Service Denial of Service Pure-FTPd 1.0.21 (CentOS 6.2 / Ubuntu 8.04) - Crash PoC (Null Pointer Dereference) Pure-FTPd 1.0.21 (CentOS 6.2 / Ubuntu 8.04) - Null Pointer Dereference Crash (PoC) FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (1) FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (2) FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (3) FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (4) FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (5) FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (1) FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (2) FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (3) FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (4) FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (5) Microsoft Windows Server 2000/NT - Terminal Server Service RDP Denial of Service Microsoft Windows NT / 2000 - Terminal Server Service RDP Denial of Service Microsoft Windows Server 2000/NT 4 - TCP Stack Denial of Service (1) Microsoft Windows Server 2000/NT 4 - TCP Stack Denial of Service (2) Microsoft Windows NT 4/2000 - TCP Stack Denial of Service (1) Microsoft Windows NT 4/2000 - TCP Stack Denial of Service (2) Microsoft Windows Server 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (1) Microsoft Windows Server 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (2) Microsoft Windows XP/2000/NT 4 - Network Share Provider SMB Request Buffer Overflow (1) Microsoft Windows XP/2000/NT 4 - Network Share Provider SMB Request Buffer Overflow (2) Microsoft PoCket Internet Explorer 3.0 - Denial of Service Microsoft Pocket Internet Explorer 3.0 - Denial of Service Microsoft Windows - HWND_BROADCAST PoC (MS13-005) Microsoft Windows - HWND_BROADCAST (PoC) (MS13-005) Boilsoft RM TO MP3 Converter 1.72 - '.wav' Crash PoC Boilsoft RM TO MP3 Converter 1.72 - '.wav' Crash (PoC) Apple Safari 3 for Windows - Document.Location Denial of Service Apple Safari 3 for Windows - 'Document.Location' Denial of Service PotPlayer 1.5.42509 Beta - Denial of Service (Integer Division by Zero Exploit) PotPlayer 1.5.42509 Beta - Integer Division by Zero Denial of Service Apple Safari 3.0.x - for Windows Document.Location.Hash Buffer Overflow Apple Safari 3.0.x for Windows - 'Document.Location.Hash' Buffer Overflow Android Web Browser - GIF File Heap Based Buffer Overflow Google Android Web Browser - '.GIF' File Heap Based Buffer Overflow Android Web Browser - BMP File Integer Overflow Google Android Web Browser - '.BMP' File Integer Overflow Gold MP4 Player 3.3 - Buffer Overflow PoC (SEH) Gold MP4 Player 3.3 - Buffer Overflow (PoC) (SEH) Microsoft Windows Server 2003/Vista - 'UnhookWindowsHookEx' Local Denial of Service Microsoft Windows Vista/2003 - 'UnhookWindowsHookEx' Local Denial of Service Microsoft Internet Explorer 8 / 9 / 10 - CInput Use-After-Free Crash PoC (MS14-035) Microsoft Internet Explorer 8 / 9 / 10 - CInput Use-After-Free Crash (PoC) (MS14-035) Microsoft Internet Explorer 9/10 - CFormElement Use-After-Free and Memory Corruption PoC (MS14-035) Microsoft Internet Explorer 9/10 - CFormElement Use-After-Free and Memory Corruption (PoC) (MS14-035) Microsoft Internet Explorer - Memory Corruption PoC (MS14-029) Microsoft Internet Explorer - Memory Corruption (PoC) (MS14-029) UniPDF 1.1 - Crash (PoC) (SEH) Brasero CD/DVD Burner 3.4.1 - '.m3u' Buffer Overflow Crash (PoC) Microsoft Windows - 'HTTP.sys' PoC (MS15-034) Microsoft Windows - 'HTTP.sys' (PoC) (MS15-034) UniPDF 1.2 - 'xml' Buffer Overflow Crash (PoC) Microsoft Internet Explorer 11 - Crash PoC (2) Microsoft Internet Explorer 11 - Crash (PoC) (2) Apple macOS/IOS 10.12.2(16C67) - mach_msg Heap Overflow Apple macOS/IOS 10.12.2 (16C67) - 'mach_msg' Heap Overflow QNX RTOS 6.3.0 - Insecure rc.local Permissions Plus System Crash QNX RTOS 6.3.0 - Insecure 'rc.local' Permissions System Crash / Privilege Escalation Microsoft Windows - NtClose DeadLock PoC (MS06-030) Microsoft Windows XP/2000 - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030) Microsoft Windows - NtClose DeadLock (PoC) (MS06-030) Microsoft Windows XP/2000 - 'Mrxsmb.sys' Privilege Escalation (PoC) (MS06-030) PHP 5.2.0 / PHP with PECL ZIP 1.8.3 - zip:// URL Wrapper Buffer Overflow PHP 5.2.0 / PHP with PECL ZIP 1.8.3 - 'zip://' URL Wrapper Buffer Overflow Apache Tomcat (Windows) - runtime.getRuntime().exec() Privilege Escalation Apache Tomcat (Windows) - 'runtime.getRuntime().exec()' Privilege Escalation Atomix Virtual Dj Pro 6.0 - Stack Buffer Overflow PoC (SEH) Atomix Virtual Dj Pro 6.0 - Stack Buffer Overflow (PoC) (SEH) Streaming Audio Player 0.9 - (skin) Local Stack Overflow (SEH) Streaming Audio Player 0.9 - 'skin' Local Stack Overflow (SEH) Tuniac 090517c - '.m3u' Local File Crash (PoC) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) (1) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) (1) Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit) (1) Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit) Media Jukebox 8.0.400 - Buffer Overflow (SEH) (Metasploit) Microsoft HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (3) Microsoft HTML Help Workshop 4.74 - '.hhp' Index Buffer Overflow (Metasploit) (3) Microsoft HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (2) Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) (2) Microsoft HTML Help Workshop 4.74 - '.hhp' Cotent Buffer Overflow (Metasploit) (2) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) (2) Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit) (2) Microsoft HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (4) Microsoft HTML Help Workshop 4.74 - '.hhp' compiled Buffer Overflow (Metasploit) (4) Magix Musik Maker 16 - '.mmm' Stack Buffer Overflow (without egg-hunter) (Metasploit) Magix Musik Maker 16 - '.mmm' Stack Buffer Overflow (Without Egg-Hunter) (Metasploit) PHP 5.3.6 - Buffer Overflow PoC (ROP) PHP 5.3.6 - Buffer Overflow (ROP) (PoC) Microsoft Windows Server 2000/NT 4 - DLL Search Path Microsoft Windows NT 4/2000 - DLL Search Path Microsoft Windows Server 2000/NT 4 - NTFS File Hiding Microsoft Windows NT 4/2000 - NTFS File Hiding Microsoft Windows Server 2000/NT 4.0 - Process Handle Local Privilege Elevation Microsoft Windows NT 4/2000 - Process Handle Local Privilege Elevation Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (1) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (2) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (3) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (4) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (5) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (6) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (7) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (8) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (1) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (2) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (3) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (4) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (5) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (6) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (7) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (8) Microsoft Windows Server 2000/NT 4/XP - NetDDE Privilege Escalation (1) Microsoft Windows Server 2000/NT 4/XP - NetDDE Privilege Escalation (2) Microsoft Windows XP/2000/NT 4 - NetDDE Privilege Escalation (1) Microsoft Windows XP/2000/NT 4 - NetDDE Privilege Escalation (2) Microsoft Windows Server 2000/NT 4 - Local Descriptor Table Privilege Escalation (MS04-011) Microsoft Windows NT 4/2000 - Local Descriptor Table Privilege Escalation (MS04-011) Microsoft Windows Server 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020) Microsoft Windows NT 4/2000 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020) PHP 4.x/5.0/5.1 with Sendmail Mail Function - additional_parameters Argument Arbitrary File Creation PHP 4.x/5.0/5.1 with Sendmail Mail Function - 'additional_parameters' Argument Arbitrary File Creation Mozilla Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution (Metasploit) Microsoft Windows Server 2003/2008/XP/Vista - WMI Service Isolation Privilege Escalation Microsoft Windows XP/Vista/2003/2008 - WMI Service Isolation Privilege Escalation Adobe Reader for Android - addJavascriptInterface Exploit (Metasploit) Adobe Reader for Android - 'addJavascriptInterface' Exploit (Metasploit) UniPDF 1.1 - Crash PoC (SEH overwritten) Brasero CD/DVD Burner 3.4.1 - 'm3u' Buffer Overflow Crash (PoC) UniPDF 1.2 - 'xml' Buffer Overflow Crash (PoC) Microsoft Windows - 'CNG.SYS' Kernel Security Feature Bypass PoC (MS15-052) Microsoft Windows - 'CNG.SYS' Kernel Security Feature Bypass (PoC) (MS15-052) Android - get_user/put_user Exploit (Metasploit) Google Android - get_user/put_user Exploit (Metasploit) Microsoft Windows 7 < 10 / Server 2008 < 2012 R2 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell) Microsoft Windows 7 < 10 / 2008 < 2012 R2 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell) Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (C#) Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (C#) Android 4.2 Browser and WebView - 'addJavascriptInterface' Code Execution (Metasploit) Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) (2) Mozilla Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution (Metasploit) Google Android 4.2 Browser and WebView - 'addJavascriptInterface' Code Execution (Metasploit) MOXA MediaDBPlayback - ActiveX Control Buffer Overflow (Metasploit) MOXA Device Manager Tool 2.1 - Buffer Overflow (Metasploit) ProFTPd 1.2.9rc2 - ASCII File Remote Code Execution ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution (1) Veritas Backup Exec - Remote File Access Exploit (Windows) (Metasploit) Novell ZENworks 6.5 - Desktop/Server Management Remote Stack Overflow (Metasploit) MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (1) Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow (Metasploit) Novell ZENworks 6.5 - Desktop/Server Management Remote Stack Overflow (Metasploit) MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow (Metasploit) Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow PoC (MS06-005) (2) Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow (PoC) (MS06-005) (2) Ultr@VNC 1.0.1 - client Log::ReallyPrint Buffer Overflow Ultr@VNC 1.0.1 - 'client Log::ReallyPrint' Buffer Overflow Sybase EAServer 5.2 - (WebConsole) Remote Stack Overflow (Metasploit) Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) (1) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (1) Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution (2) Microsoft Internet Explorer 7 - Arbitrary File Rewrite PoC (MS07-027) Microsoft Internet Explorer 7 - Arbitrary File Rewrite (PoC) (MS07-027) CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) (1) CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) ImageStation - 'SonyISUpload.cab 1.0.0.38' ActiveX Buffer Overflow ImageStation - 'SonyISUpload.cab' 1.0.0.38 ActiveX Buffer Overflow IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow IntelliTamper 2.0.7 - HTML Parser Remote Buffer Overflow Microsoft XML Core Services DTD - Cross-Domain Scripting PoC (MS08-069) Microsoft XML Core Services DTD - Cross-Domain Scripting (PoC) (MS08-069) Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption PoC (MS09-002) Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption (PoC) (MS09-002) Apple Mac OSX - Java applet Remote Deserialization Remote PoC (2) Apple Mac OSX - Java applet Remote Deserialization Remote (PoC) (2) Microsoft Windows live messenger plus! fileserver 1.0 - Directory Traversal Microsoft Windows Live Messenger Plus! Fileserver 1.0 - Directory Traversal JetAudio 7.5.3 COWON Media Center - '.wav' Crash DistCC Daemon - Command Execution (Metasploit) (1) DistCC Daemon - Command Execution (Metasploit) Apple QuickTime RTSP 10.4.0 < 10.5.0 (OSX) - Content-Type Overflow (Metasploit) mDNSResponder 10.4.0 / 10.4.8 (OSX) - UPnP Location Overflow (Metasploit) Apple QuickTime RTSP 10.4.0 < 10.5.0 (OSX) - Content-Type Overflow (Metasploit) mDNSResponder 10.4.0 / 10.4.8 (OSX) - UPnP Location Overflow (Metasploit) Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (1) Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) Veritas NetBackup - Remote Command Execution (Metasploit) (1) Veritas NetBackup - Remote Command Execution (Metasploit) Pegasus Mail Client 4.51 - PoC Buffer Overflow Pegasus Mail Client 4.51 - Buffer Overflow (PoC) Irix LPD tagprinter - Command Execution (Metasploit) (1) Irix LPD tagprinter - Command Execution (Metasploit) Xtacacsd 4.1.2 - report() Buffer Overflow (Metasploit) (1) Xtacacsd 4.1.2 - 'report()' Buffer Overflow (Metasploit) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (1) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) (2) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) Tandberg E & EX & C Series Endpoints - Default Credentials for Root Account Tandberg E & EX & C Series Endpoints - Default Root Account Credentials Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (2) Veritas NetBackup - Remote Command Execution (Metasploit) (2) Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (2) Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (1) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (2) Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) (2) CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) (1) CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (2) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) (1) CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) (2) httpdx - tolog() Function Format String (Metasploit) (1) httpdx - 'tolog()' Function Format String (Metasploit) (1) Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) (1) Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) httpdx - tolog() Function Format String (Metasploit) (2) httpdx - 'tolog()' Function Format String (Metasploit) (2) Irix LPD tagprinter - Command Execution (Metasploit) (2) Xtacacsd 4.1.2 - report() Buffer Overflow (Metasploit) (2) DistCC Daemon - Command Execution (Metasploit) (2) HP Data Protector Client 6.11 - EXEC_SETUP Remote Code Execution PoC (ZDI-11-056) HP Data Protector Client 6.11 - EXEC_CMD Remote Code Execution PoC (ZDI-11-055) HP Data Protector Client 6.11 - 'EXEC_SETUP' Remote Code Execution (PoC) HP Data Protector Client 6.11 - 'EXEC_CMD' Remote Code Execution (PoC) Mozilla Firefox 3.6.16 - mChannel Use-After-Free (Metasploit) (1) Mozilla Firefox 3.6.16 (Windows) - mChannel Use-After-Free (Metasploit) (1) Opera 10/11 - (bad nesting with frameset tag) Memory Corruption (Metasploit) Opera 10/11 - Bad Nesting with Frameset Tag Memory Corruption (Metasploit) Mozilla Firefox 3.6.16 - mChannel Use-After-Free (Metasploit) (2) Mozilla Firefox 3.6.16 (OSX) - mChannel Use-After-Free (Metasploit) (2) HP SiteScope - Remote Code Execution (Metasploit) (1) HP SiteScope (Linux/Windows) - Remote Code Execution (Metasploit) Microsoft Windows Server 2000/NT 4/XP - Help Facility ActiveX Control Buffer Overflow Microsoft Windows XP/2000/NT 4 - Help Facility ActiveX Control Buffer Overflow Microsoft Windows Server 2000/NT 4 Media Services - 'nsiislog.dll' Remote Buffer Overflow Microsoft Windows NT 4/2000 - Media Services 'nsiislog.dll' Remote Buffer Overflow thttpd 2.2x - defang Remote Buffer Overflow thttpd 2.2x - 'defang' Remote Buffer Overflow Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) (2) Novell ZENworks Configuration Management 10 SP3 / 11 SP2 - Remote Execution (Metasploit) Dovecot with Exim - sender_address Parameter Remote Command Execution Dovecot with Exim - 'sender_address' Parameter Remote Command Execution HP SiteScope - Remote Code Execution (Metasploit) (2) HP SiteScope (Windows) - Remote Code Execution (Metasploit) Western Digital Arkeia - Remote Code Execution (Metasploit) (1) Western Digital Arkeia < 10.0.10 - Remote Code Execution (Metasploit) CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) (2) Mozilla Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution (Metasploit) Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) (1) Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) Western Digital Arkeia - Remote Code Execution (Metasploit) (2) Western Digital Arkeia < 11.0.12 - Remote Code Execution (Metasploit) Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (1) E-Uploader Pro 1.0 - Image Upload with Code Execution E-Uploader Pro 1.0 - Image Upload / Code Execution ASPapp Knowledge Base - 'CatId' Parameter SQL Injection ASPapp Knowledge Base - 'CatId' Parameter SQL Injection (1) ASPapp KnowledgeBase - 'catid' Parameter SQL Injection ASPapp Knowledge Base - 'CatId' Parameter SQL Injection (2) ea-gBook 0.1 - Remote Command Execution with Remote File Inclusion (c99) ea-gBook 0.1 - Remote Command Execution / Remote File Inclusion (c99) Flatchat 3.0 - 'pmscript.php with' Local File Inclusion Flatchat 3.0 - 'pmscript.php' Local File Inclusion Joomla! Component huruhelpdesk - SQL Injection Joomla! Component Huru Helpdesk - SQL Injection (1) PGAUTOPro - SQL Injection / Cross-Site Scripting PGAUTOPro - SQL Injection / Cross-Site Scripting (1) Joomla! Component Huru Helpdesk - SQL Injection Joomla! Component Huru Helpdesk - SQL Injection (2) SoftwareDEP Classified Script 2.5 - SQL Injection SoftwareDEP Classified Script 2.5 - SQL Injection (1) WordPress Plugin pay with tweet 1.1 - Multiple Vulnerabilities WordPress Plugin Pay with Tweet 1.1 - Multiple Vulnerabilities Software DEP Classified Script 2.5 - SQL Injection SoftwareDEP Classified Script 2.5 - SQL Injection (2) Virtual Programming VP-ASP 5.00 - shopexd.asp SQL Injection (1) Virtual Programming VP-ASP 5.00 - shopexd.asp SQL Injection (2) Virtual Programming VP-ASP 5.00 - 'shopexd.asp' SQL Injection (1) Virtual Programming VP-ASP 5.00 - 'shopexd.asp' SQL Injection (2) OnlineArts DailyDose 1.1 - Denial of Servicee.pl Remote Command Execution OnlineArts DailyDose 1.1 - 'dose.pl' Remote Command Execution PHPOpenChat 2.3.4/3.0.1 - PoC_loginform.php phpbb_root_path Parameter Remote File Inclusion PHPOpenChat 2.3.4/3.0.1 - PoC.php Remote File Inclusion PHPOpenChat 2.3.4/3.0.1 - 'poc_loginform.php' phpbb_root_path Parameter Remote File Inclusion PHPOpenChat 2.3.4/3.0.1 - 'poc.php' Remote File Inclusion ActiveNews Manager - 'articleId' Parameter SQL Injection ActiveNews Manager - 'articleId' Parameter SQL Injection (1) Active News Manager - 'articleId' Parameter SQL Injection ActiveNews Manager - 'articleId' Parameter SQL Injection (2) Sagem Fast 3304-V2 - Authentication Bypass Sagem Fast 3304-V2 - Authentication Bypass (1) PG Auto Pro - SQL Injection / Cross-Site Scripting PGAUTOPro - SQL Injection / Cross-Site Scripting (2) Sagem FAST3304-V2 - Authentication Bypass Sagem FAST3304-V2 - Authentication Bypass (2) Trend Micro - Multiple HTTP Problems with CoreServiceShell.exe Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Issues phpATM 1.32 - Arbitrary File Upload / Remote Command Execution (Windows Servers) phpATM 1.32 (Windows) - Arbitrary File Upload / Remote Command Execution Seagate Business NAS - Unauthenticated Remote Command Execution (Metasploit)	2017-04-02 05:01:18 +00:00
Offensive Security	8f7e041fcc	DB: 2017-03-29 6 new exploits MikroTik RouterBoard 6.38.5 - Denial of Service VX Search Enterprise 9.5.12 - 'Verify Email' Buffer Overflow Microsoft Outlook - HTML Email Denial of Service Intermec PM43 Industrial Printer - Privilege Escalation DzSoft PHP Editor 4.2.7 - File Enumeration Linux/x86-64 - execve(_/bin/sh_) Shellcode (21 Bytes)	2017-03-29 05:01:19 +00:00
Offensive Security	1f8c35c0c0	DB: 2017-03-28 25 new exploits Samba < 3.6.2 (x86) - Denial of Serviec (PoC) Samba < 3.6.2 (x86) - Denial of Service (PoC) Microsoft Visual Studio 2015 update 3 - Denial of Service Disk Sorter Enterprise 9.5.12 - Local Buffer Overflow Apple Safari - 'DateTimeFormat.format' Type Confusion Apple Safari - Builtin JavaScript Allows Function.caller to be Used in Strict Mode Apple Safari - Out-of-Bounds Read when Calling Bound Function QNAP QTS < 4.2.4 - Domain Privilege Escalation Internet Information Services (IIS) 6.0 WebDAV - 'ScStoragePathFromUrl' Buffer Overflow Samba 4.5.2 - Symlink Race Permits Opening Files Outside Share Directory Github Enterprise - Default Session Secret And Deserialization (Metasploit) B2B Alibaba Clone Script - SQL Injection B2B Alibaba Clone Script - 'IndustryID' Parameter SQL Injection Just Another Video Script 1.4.3 - SQL Injection Adult Tube Video Script - SQL Injection Alibaba Clone Script - SQL Injection B2B Marketplace Script 2.0 - SQL Injection Php Real Estate Property Script - SQL Injection Courier Tracking Software 6.0 - SQL Injection Parcel Delivery Booking Script 1.0 - SQL Injection Delux Same Day Delivery Script 1.0 - SQL Injection Hotel Booking Script 1.0 - SQL Injection Tour Package Booking 1.0 - SQL Injection Professional Bus Booking Script - 'hid_Busid' Parameter SQL Injection CouponPHP CMS 3.1 - 'code' Parameter SQL Injection EyesOfNetwork (EON) 5.0 - Remote Code Execution EyesOfNetwork (EON) 5.0 - SQL Injection Nuxeo 6.0 / 7.1 / 7.2 / 7.3 - Remote Code Execution (Metasploit) inoERP 0.6.1 - Cross-Site Scripting / Cross-Site Request Forgery / SQL Injection / Session Fixation	2017-03-28 05:01:16 +00:00
Offensive Security	8b5b662af9	DB: 2017-03-23 8 new exploits SpyCamLizard 1.230 - Denial of Service APNGDis 2.8 - 'chunk size descriptor' Heap Buffer Overflow APNGDis 2.8 - 'image width / height chunk' Heap Buffer Overflow APNGDis 2.8 - 'filename' Stack Buffer Overflow Disk Sorter Enterprise 9.5.12 - 'GET' Buffer Overflow (SEH) SysGauge 1.5.18 - SMTP Validation Buffer Overflow (Metasploit) GLink Word Link Script 1.2.3 - SQL Injection Solare Datensysteme Solar-Log Devices 2.8.4-56 / 3.5.2-85 - Multiple Vulnerabilities	2017-03-23 05:01:16 +00:00
Offensive Security	07432556e0	DB: 2017-03-21 26 new exploits FTPShell Client 6.53 - Local Buffer Overflow FTPShell Client 6.53 - 'Session name' Local Buffer Overflow FTPShell Server 6.56 - 'ChangePassword' Buffer Overflow ExtraPuTTY 0.29-RC2 - Denial of Service Google Nest Cam 5.2.1  - Buffer Overflow Conditions Over Bluetooth LE Microsoft Windows Kernel - Registry Hive Loading Crashes in nt!nt!HvpGetBinMemAlloc and nt!ExpFindAndRemoveTagBigPages (MS17-017) Microsoft Windows - Uniscribe Font Processing Out-of-Bounds Read in usp10!otlChainRuleSetTable::rule (MS17-011) Microsoft Windows - 'USP10!otlList::insertAt' Uniscribe Font Processing Heap-Based Buffer Overflow (MS17-011) Microsoft Windows - Uniscribe Font Processing Heap-Based Out-of-Bounds Read/Write in 'USP10!AssignGlyphTypes' (MS17-011) Microsoft Windows - Uniscribe Font Processing Heap-Based Memory Corruption in 'USP10!otlCacheManager::GlyphsSubstituted' (MS17-011) Microsoft Windows - Uniscribe Font Processing Heap-Based Memory Corruption in 'USP10!MergeLigRecords' (MS17-011) Microsoft Windows - Uniscribe Font Processing Heap-Based Buffer Overflow in 'USP10!ttoGetTableData' (MS17-011) Microsoft Windows - Uniscribe Font Processing Heap-Based Out-of-Bounds Write in 'USP10!UpdateGlyphFlags' (MS17-011) Microsoft Windows - Uniscribe Font Processing Heap-Based Memory Corruption Around 'USP10!BuildFSM' (MS17-011) Microsoft Windows - Uniscribe Font Processing Buffer Overflow in 'USP10!FillAlternatesList' (MS17-011) Microsoft Windows - Uniscribe Font Processing Multiple Heap-Based Out-of-Bounds and Wild Reads (MS17-011) Microsoft GDI+ - 'gdiplus!GetRECTSForPlayback' Out-of-Bounds Read (MS17-013) Microsoft Color Management Module 'icm32.dll' - 'icm32!Fill_ushort_ELUTs_from_lut16Tag' Out-of-Bounds Read (MS17-013) Microsoft Windows - Uniscribe Heap-Based Out-of-Bounds Read in 'USP10!ScriptApplyLogicalWidth' Triggered via EMF (MS17-013) Microsoft Color Management Module 'icm32.dll' - 'icm32!LHCalc3toX_Di16_Do16_Lut8_G32' Out-of-Bounds Read (MS17-013) Mozilla Firefox - 'table' Use-After-Free Microsoft Internet Explorer - 'textarea.defaultValue' Memory Disclosure (MS17-006) HttpServer 1.0 - Directory Traversal Cobbler 2.8.0 - Authenticated Remote Code Execution Joomla! Component JooCart 2.x - 'product_id' Parameter SQL Injection Joomla! Component jCart for OpenCart 2.0 - 'product_id' Parameter SQL Injection phplist 3.2.6 - SQL Injection D-Link DGS-1510 - Multiple Vulnerabilities	2017-03-21 05:01:17 +00:00
Offensive Security	4da96605a4	DB: 2017-03-18 8 new exploits Cerberus FTP Server 8.0.10.3 - 'MLST' Buffer Overflow FTPShell Client 6.53 - Local Buffer Overflow Linux/x86 - Encoded exceve(_/bin/sh_) Shellcode (44 Bytes) Linux/x86 - Bind Shell Shellcode (51 bytes) Wordpress Plugin Membership Simplified 1.58 - Arbitrary File Download AXIS Communications - Cross-Site Scripting / Content Injection AXIS Multiple Products - Cross-Site Request Forgery Departmental Store Management System 1.2 - SQL Injection	2017-03-18 05:01:24 +00:00
Offensive Security	c51cc48e0e	DB: 2017-03-17 2 new exploits Microsoft Edge 38.14393.0.0 - JavaScript Engine Use-After-Free Windows DVD Maker 6.1.7 - XML External Entity Injection	2017-03-17 05:01:19 +00:00
Offensive Security	66117c63f5	DB: 2017-03-16 16 new exploits Adobe Flash - Metadata Parsing Out-of-Bounds Read Adobe Flash - MovieClip Attach init Object Use-After-Free Adobe Flash - ATF Thumbnailing Heap Overflow Adobe Flash - ATF Planar Decompression Heap Overflow Adobe Flash - AVC Header Slicing Heap Overflow Microsoft Windows - 'LoadUvsTable()' Heap-based Buffer Overflow USBPcap - Privilege Escalation USBPcap 1.1.0.0 (WireShark 2.2.5) - Privilege Escalation PCAUSA Rawether (ASUS PCE-AC56 WLAN Card Utilities Windows 10 x64) - Local Privilege Escalation Microsoft Windows - COM Session Moniker Privilege Escalation (MS17-012) Cisco Firepower Management Console 6.0 - Post Authentication UserAdd Cisco Firepower Management Console 6.0 - Post Authentication UserAdd (Metasploit) IBM WebSphere - RCE Java Deserialization (Metasploit) Apache Struts Jakarta - Multipart Parser OGNL Injection (Metasploit) Joomla! Component Vik Appointments 1.5 - SQL Injection Joomla! Component Vik Rent Items 1.3 - SQL Injection Joomla! Component Vik Rent Car 1.11 - SQL Injection GitHub Enterprise 2.8.0 < 2.8.6 - Remote Code Execution Steam Profile Integration 2.0.11 - SQL injection Sitecore CMS 8.1 Update-3 - Cross-Site Scripting	2017-03-16 05:01:20 +00:00
Offensive Security	8359f0a6a2	DB: 2017-03-14 5 new exploits Cerberus FTP Server 8.0.10.1 - Denial of Service VirtualBox - Cooperating VMs can Escape from Shared Folder Netgear R7000 and R6400 - cgi-bin Command Injection (Metasploit) Car Workshop System - SQL Injection Fiyo CMS 2.0.6.1 - Privilege Escalation	2017-03-14 05:01:18 +00:00
Offensive Security	6883068111	DB: 2017-03-08 5 new exploits Evostream Media Server 1.7.1 (x64) - Denial of Service Azure Data Expert Ultimate 2.2.16 - Buffer Overflow Mini CMS 1.1 - 'name' Parameter SQL Injection Daily Deals Script 1.0 - 'id' Parameter SQL Injection Bull/IBM AIX Clusterwatch/Watchware - Multiple Vulnerabilities	2017-03-08 05:01:19 +00:00
Offensive Security	7fa7a111c4	DB: 2017-03-01 5 new exploits BlueIris 4.5.1.4 - Denial of Service Synchronet BBS 3.16c - Denial of Service Cisco AnyConnect Secure Mobility Client 4.3.04027 - Privilege Escalation Linux/x86-64 - Reverse Shell Shellcode (84 bytes) NETGEAR DGN2200v1/v2/v3/v4 - Cross-Site Request Forgery	2017-03-01 05:01:18 +00:00
Offensive Security	438afbcaf8	DB: 2017-02-25 12 new exploits Microsoft Edge and Internet Explorer - 'HandleColumnBreakOnColumnSpanningElement' Type Confusion Joomla! Component JooDatabase 3.1.0 - SQL Injection Joomla! Component JO Facebook Gallery 4.5 - SQL Injection Joomla! Component AJAX Search for K2 2.2 - SQL Injection Joomla! Component Community Surveys 4.3 - SQL Injection Joomla! Component Community Polls 4.5.0 - SQL Injection Apple WebKit 10.0.2 - 'FrameLoader::clear' Universal Cross-Site Scripting Joomla! Component GPS Tools 4.0.1 - SQL Injection Apple WebKit 10.0.2 - Cross-Origin or Sandboxed IFRAME Pop-up Blocker Bypass Joomla! Component Community Quiz 4.3.5 - SQL Injection Apple WebKit 10.0.2 - 'Frame::setDocument' Universal Cross-Site Scripting memcache-viewer - Cross-Site Scripting	2017-02-25 05:01:19 +00:00
Offensive Security	c7c1c7d92e	DB: 2017-02-23 13 new exploits EasyCom For PHP 4.0.0 - Buffer Overflow (PoC) EasyCom For PHP 4.0.0 - Denial of Service Google Chrome - 'layout' Out-of-Bounds Read Shutter 0.93.1 - Code Execution DiskSavvy Enterprise - GET Buffer Overflow (Metasploit) Disk Savvy Enterprise - GET Buffer Overflow (Metasploit) Disk Savvy Enterprise 9.4.18 - Buffer Overflow (SEH) Joomla! Component ContentMap 1.3.8 - 'contentid' Parameter SQL Injection Joomla! Component VehicleManager 3.9 - SQL Injection Joomla! Component RealEstateManager 3.9 - SQL Injection Joomla! Component BookLibrary 3.6.1 - SQL Injection Joomla! Component MediaLibrary Basic 3.5 - SQL Injection Lock Photos Album&Videos Safe 4.3 - Directory Traversal ProjectSend r754 - Insecure Direct Object Reference Teradici Management Console 2.2.0 - Privilege Escalation	2017-02-23 05:01:18 +00:00
Offensive Security	ad7bd81657	DB: 2017-02-22 21 new exploits Microsoft Office PowerPoint 2010 - 'MSO!Ordinal5429' Missing Length Check Heap Corruption Microsoft Office PowerPoint 2010 - MSO/OART Heap Out-of-Bounds Access Microsoft Office PowerPoint 2010 GDI - 'GDI32!ConvertDxArray' Insufficient Bounds Check Adobe Flash - MP4 AMF Parsing Overflow Adobe Flash - SWF Stack Corruption Adobe Flash - Use-After-Free in Applying Bitmap Filter Adobe Flash - YUVPlane Decoding Heap Overflow DIGISOL DG-HR1400 Wireless Router - Cross-Site Request Forgery Joomla! Component J-HotelPortal 6.0.2 - 'review_id' Parameter SQL Injection Joomla! Component J-CruiseReservation Standard 3.0 - 'city' Parameter SQL Injection Joomla! Component Eventix Events Calendar 1.0 - SQL Injection Joomla! Component J-MultipleHotelReservation Standard 6.0.2 - 'review_id' Parameter SQL Injection Joomla! Component Directorix Directory Manager 1.1.1 - SQL Injection Joomla! Component Magic Deals Web 1.2.0 - SQL Injection Joomla! Component J-BusinessDirectory 4.6.8 - SQL Injection Joomla! Component AppointmentBookingPro 4.0.1 - SQL Injection Sophos Web Appliance 4.2.1.3 - block/unblock Remote Command Injection (Metasploit) Sophos Web Appliance 4.2.1.3 - DiagnosticTools Remote Command Injection (Metasploit) Sonicwall 8.1.0.2-14sv - 'extensionsettings.cgi' Remote Command Injection (Metasploit) Sonicwall 8.1.0.2-14sv - 'viewcert.cgi' Remote Command Injection (Metasploit) AlienVault OSSIM/USM <= 5.3.1 - Remote Code Execution (Metasploit)	2017-02-22 05:01:19 +00:00
Offensive Security	d9f5d919c6	DB: 2017-02-16 10 new exploits Microsoft Windows gdi32.dll - EMR_SETDIBITSTODEVICE Heap-Based Out-of-Bounds Reads / Memory Disclosure NVIDIA Driver 375.70 - DxgkDdiEscape 0x100008b Out-of-Bounds Read/Write NVIDIA Driver 375.70 - Buffer Overflow in Command Buffer Submission GOM Player 2.3.10.5266 - '.fpx' Denial of Service Cisco ASA - WebVPN CIFS Handling Buffer Overflow OpenText Documentum D2 - Remote Code Execution Geutebruck 5.02024 G-Cam/EFD-2250 - Remote Command Execution (Metasploit) Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 - Multiple Vulnerabilities Joomla! Component JoomBlog 1.3.1 - SQL Injection Joomla! Component JSP Store Locator 2.2 - 'id' Parameter SQL Injection	2017-02-16 05:01:17 +00:00
Offensive Security	2f4b2745b1	DB: 2017-02-15 11 new exploits Linux Kernel 3.10.0 (CentOS7) - Denial of Service LG G4 - lgdrmserver Binder Service Multiple Race Conditions LG G4 - lghashstorageserver Directory Traversal LG G4 - Touchscreen Driver write_log Kernel Read/Write Google Android - Inter-process munmap in android.util.MemoryIntArray Google Android - android.util.MemoryIntArray Ashmem Race Conditions Microsoft Edge - TypedArray.sort Use-After-Free (MS16-145) ShadeYouVPN Client 2.0.1.11 - Privilege Escalation ntfs-3g - Unsanitized modprobe Environment Privilege Escalation MLdonkey 2.9.7 - HTTP DOUBLE SLASH Arbitrary File Disclosure MLdonkey 2.9.7 - Arbitrary File Disclosure Mldonkey 2.5 -4 - Web Interface Error Message Cross-Site Scripting MLdonkey 2.5-4 - Cross-Site Scripting Piwik 2.14.0 / 2.16.0 / 2.17.1 / 3.0.1 - Superuser Plugin Upload (Metasploit) Joomla! Component NeoRecruit 1.4 - 'id' SQL Injection Joomla! Component NeoRecruit 1.4 - 'id' Parameter SQL Injection taifajobs 1.0 - (jobid) SQL Injection taifajobs 1.0 - 'jobid' Parameter SQL Injection Pyrophobia 2.1.3.1 - modules/out.php id Parameter Cross-Site Scripting Pyrophobia 2.1.3.1 - admin/index.php Multiple Parameter Traversal Arbitrary File Access Pyrophobia 2.1.3.1 - Cross-Site Scripting Pyrophobia 2.1.3.1 - Traversal Arbitrary File Access Itech B2B Script 4.29 - Multiple Vulnerabilities	2017-02-15 05:01:16 +00:00
Offensive Security	8290029acb	DB: 2017-02-03 12 new exploits Microsoft Windows 2000 - RPC DCOM Interface Denial of Service Microsoft Windows Server 2000 - RPC DCOM Interface Denial of Service Microsoft Windows 2003/XP - Samba Share Resource Exhaustion Exploit Microsoft Windows Server 2003/XP - Samba Share Resource Exhaustion Exploit Microsoft Windows 2000/XP - TCP Connection Reset Remote Attack Tool Microsoft Windows Server 2000/XP - TCP Connection Reset Remote Attack Tool Microsoft Windows 2003/XP - Remote Denial of Service Microsoft Windows Server 2003/XP - Remote Denial of Service Microsoft Windows 2003/XP - IPv6 Remote Denial of Service Microsoft Windows Server 2003/XP - IPv6 Remote Denial of Service Microsoft Windows 2000 - UPNP (getdevicelist) Memory Leak Denial of Service Microsoft Windows Server 2000 - UPNP (getdevicelist) Memory Leak Denial of Service Microsoft Windows 2003 - '.EOT' Blue Screen of Death Crash Microsoft Windows Server 2003 - '.EOT' Blue Screen of Death Crash Microsoft Windows 2000 < 2008 - Embedded OpenType Font Engine Remote Code Execution (MS09-065) (Metasploit) Microsoft Windows Server 2000 < 2008 - Embedded OpenType Font Engine Remote Code Execution (MS09-065) (Metasploit) Microsoft Windows 7/2008R2 - SMB Client Trans2 Stack Overflow (MS10-020) (PoC) Microsoft Windows 7/2008 R2 - SMB Client Trans2 Stack Overflow (MS10-020) (PoC) Microsoft Windows 2000/XP/2003 - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service Microsoft Windows 2000/XP/2003 - 'win32k.sys' SfnINSTRING Local kernel Denial of Service Microsoft Windows Server 2000/2003/XP - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service Microsoft Windows Server 2000/2003/XP - 'win32k.sys' SfnINSTRING Local kernel Denial of Service Microsoft Windows 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow Microsoft Windows Server 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow Microsoft Windows 2000/95/98/ME/NT 3.5.x/Enterprise Server 4.0/Terminal Server 4.0/Workstation 4.0 Microsoft DoS Device Name - Denial of Service Microsoft Windows Server 2000/95/98/ME/NT 3.5.x/Enterprise Server 4.0/Terminal Server 4.0/Workstation 4.0 Microsoft DoS Device Name - Denial of Service NT 4.0 / Windows 2000 - TCP/IP Printing Service Denial of Service Microsoft Windows Server 2000/NT 4.0 - TCP/IP Printing Service Denial of Service Microsoft Windows 2000 - Telnet Server Denial of Service Microsoft Windows Server 2000 - Telnet Server Denial of Service Microsoft Windows 2000 - Telnet 'Username' Denial of Service Microsoft Windows Server 2000 - Telnet 'Username' Denial of Service Microsoft Windows 2000 - RunAs Service Denial of Service Microsoft Windows Server 2000 - RunAs Service Denial of Service Microsoft Windows 2000/NT - Terminal Server Service RDP Denial of Service Microsoft Windows Server 2000/NT - Terminal Server Service RDP Denial of Service Microsoft Windows 2000/XP - GDI Denial of Service Microsoft Windows Server 2000/XP - GDI Denial of Service Microsoft Windows 2000 - Internet Key Exchange Denial of Service (1) Microsoft Windows 2000 - Internet Key Exchange Denial of Service (2) Microsoft Windows Server 2000 - Internet Key Exchange Denial of Service (1) Microsoft Windows Server 2000 - Internet Key Exchange Denial of Service (2) Microsoft Windows 2000/NT 4 - TCP Stack Denial of Service (1) Microsoft Windows 2000/NT 4 - TCP Stack Denial of Service (2) Microsoft Windows Server 2000/NT 4 - TCP Stack Denial of Service (1) Microsoft Windows Server 2000/NT 4 - TCP Stack Denial of Service (2) Microsoft Windows 2000 - Lanman Denial of Service (1) Microsoft Windows 2000 - Lanman Denial of Service (2) Microsoft Windows Server 2000 - Lanman Denial of Service (1) Microsoft Windows Server 2000 - Lanman Denial of Service (2) Microsoft Windows 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (1) Microsoft Windows 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (2) Microsoft Windows Server 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (1) Microsoft Windows Server 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (2) Microsoft Windows 2000/2003/XP - Graphical Device Interface Library Denial of Service Microsoft Windows Server 2000/2003/XP - Graphical Device Interface Library Denial of Service Microsoft Windows 2000/XP - Internet Protocol Validation Remote Code Execution (1) Microsoft Windows Server 2000/XP - Internet Protocol Validation Remote Code Execution (1) Microsoft Windows 2000/2003/XP - MSDTC TIP Denial of Service (MS05-051) Microsoft Windows Server 2000/2003/XP - MSDTC TIP Denial of Service (MS05-051) Microsoft Windows 2000/2003/XP - CreateRemoteThread Local Denial of Service Microsoft Windows Server 2000/2003/XP - CreateRemoteThread Local Denial of Service Microsoft Windows 2000/XP - Registry Access Local Denial of Service Microsoft Windows Server 2000/XP - Registry Access Local Denial of Service Microsoft Windows 2000 - Multiple COM Object Instantiation Code Execution Vulnerabilities Microsoft Windows Server 2000 - Multiple COM Object Instantiation Code Execution Vulnerabilities Microsoft Windows XP/2003 - Explorer .WMF File Handling Denial of Service Microsoft Windows Server 2003/XP - Explorer .WMF File Handling Denial of Service Microsoft Windows 2003/Vista - 'UnhookWindowsHookEx' Local Denial of Service Microsoft Windows Server 2003/Vista - 'UnhookWindowsHookEx' Local Denial of Service Microsoft Windows 10 - SMBv3 Tree Connect (PoC) Google Android - 'rkp_set_init_page_ro' RKP Memory Corruption Microsoft Windows 2003 - Token Kidnapping Local Exploit (PoC) Microsoft Windows 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066) Microsoft Windows Server 2003 - Token Kidnapping Local Exploit (PoC) Microsoft Windows Server 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066) Microsoft Windows NT/2000/XP/2003/Vista/2008/7 - User Mode to Ring Escalation (KiTrap0D) (MS10-015) Microsoft Windows NT/2000/2003/2008/XP/Vista/7 - User Mode to Ring Escalation (KiTrap0D) (MS10-015) Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (MS11-080) Microsoft Windows Server 2003/XP - 'afd.sys' Privilege Escalation (MS11-080) Microsoft Windows 2000/95/98/NT 4.0 - Long Filename Extension Microsoft Windows Server 2000/95/98/NT 4.0 - Long Filename Extension Microsoft Windows 2000 - Named Pipes Predictability Microsoft Windows Server 2000 - Named Pipes Predictability Microsoft Windows 2000 - Still Image Service Privilege Escalation Microsoft Windows Server 2000 - Still Image Service Privilege Escalation Microsoft Windows 2000/NT 4 - DLL Search Path Microsoft Windows Server 2000/NT 4 - DLL Search Path Microsoft Windows 2000 - Debug Registers Microsoft Windows Server 2000 - Debug Registers Microsoft Windows 2000 - RunAs Service Named Pipe Hijacking Microsoft Windows Server 2000 - RunAs Service Named Pipe Hijacking Microsoft Windows 2000/NT 4 - NTFS File Hiding Microsoft Windows Server 2000/NT 4 - NTFS File Hiding Microsoft Windows 2000 / NT 4.0 - Process Handle Local Privilege Elevation Microsoft Windows Server 2000/NT 4.0 - Process Handle Local Privilege Elevation Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (1) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (2) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (3) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (4) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (5) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (6) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (7) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (8) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (1) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (2) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (3) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (4) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (5) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (6) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (7) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (8) Microsoft Windows 2000/XP/NT 4 - NetDDE Privilege Escalation (1) Microsoft Windows 2000/XP/NT 4 - NetDDE Privilege Escalation (2) Microsoft Windows Server 2000/NT 4/XP - NetDDE Privilege Escalation (1) Microsoft Windows Server 2000/NT 4/XP - NetDDE Privilege Escalation (2) Microsoft Windows 2000 - Help Facility .CNT File :Link Buffer Overflow Microsoft Windows Server 2000 - Help Facility .CNT File :Link Buffer Overflow Microsoft Windows 2000 - RegEdit.exe Registry Key Value Buffer Overflow Microsoft Windows Server 2000 - RegEdit.exe Registry Key Value Buffer Overflow Microsoft Windows 2000 - CreateFile API Named Pipe Privilege Escalation (1) Microsoft Windows 2000 - CreateFile API Named Pipe Privilege Escalation (2) Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (1) Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (2) Microsoft Windows 2000/NT 4 - Local Descriptor Table Privilege Escalation (MS04-011) Microsoft Windows Server 2000/NT 4 - Local Descriptor Table Privilege Escalation (MS04-011) Microsoft Windows 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020) Microsoft Windows Server 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020) Microsoft Windows NT/2000/XP/2003/Vista/2008/7/8 - Local Ring Exploit (EPATHOBJ) Microsoft Windows NT/2000/2003/2008/XP/Vista/7/8 - Local Ring Exploit (EPATHOBJ) Microsoft Windows 2000/2003/XP - Keyboard Event Privilege Escalation Microsoft Windows Server 2000/2003/XP - Keyboard Event Privilege Escalation Microsoft Windows 2003/XP - ReadDirectoryChangesW Information Disclosure Microsoft Windows Server 2003/XP - ReadDirectoryChangesW Information Disclosure Microsoft Windows XP/2003/Vista/2008 - WMI Service Isolation Privilege Escalation Microsoft Windows XP/2003 - RPCSS Service Isolation Privilege Escalation Microsoft Windows Server 2003/2008/XP/Vista - WMI Service Isolation Privilege Escalation Microsoft Windows Server 2003/XP - RPCSS Service Isolation Privilege Escalation Microsoft Windows 2000/XP/2003 - Desktop Wall Paper System Parameter Privilege Escalation Microsoft Windows Server 2000/2003/XP - Desktop Wall Paper System Parameter Privilege Escalation Microsoft Windows 2000/XP/2003/Vista - Double-Free Memory Corruption Privilege Escalation Microsoft Windows Server 2000/2003/XP/Vista - Double-Free Memory Corruption Privilege Escalation Ghostscript 9.20 - 'Filename' Command Execution Microsoft Windows 2000 - RSVP Server Authority Hijacking (PoC) Microsoft Windows Server 2000 - RSVP Server Authority Hijacking (PoC) Microsoft Windows 2000/XP - RPC Remote (Non Exec Memory) Exploit Microsoft Windows Server 2000/XP - RPC Remote (Non Exec Memory) Exploit Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow (1) Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow (2) Microsoft Windows Server 2000 SP1/SP2 - isapi .printer Extension Overflow (1) Microsoft Windows Server 2000 SP1/SP2 - isapi .printer Extension Overflow (2) Microsoft Windows 2000 - WINS Remote Code Execution Microsoft Windows Server 2000 - WINS Remote Code Execution Microsoft Windows XP/2003 - Metafile Escape() Code Execution (Metasploit) Microsoft Windows Server 2003/XP - Metafile Escape() Code Execution (Metasploit) WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow (Python) WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow (Perl) WarFTP 1.65 (Windows 2000 SP4) - 'USER' Remote Buffer Overflow (Python) WarFTP 1.65 (Windows 2000 SP4) - 'USER' Remote Buffer Overflow (Perl) Microsoft Windows 2000 SP4 - DNS RPC Remote Buffer Overflow Microsoft Windows Server 2000 SP4 - DNS RPC Remote Buffer Overflow Microsoft IIS 5.0/6.0 FTP Server - Remote Stack Overflow (Windows 2000) Microsoft IIS 5.0/6.0 FTP Server (Windows 2000) - Remote Stack Overflow Microsoft Windows XP/2003/Vista - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit) Microsoft Windows Server 2003/XP/Vista - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit) Microsoft Internet Explorer 5 (Windows 2000/95/98/NT 4) - XML HTTP Redirect Microsoft Internet Explorer 5 (Windows 95/98/2000/NT 4) - XML HTTP Redirect Microsoft Index Server 2.0 / Indexing Services (Windows 2000) - Directory Traversal Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - Directory Traversal Cat Soft Serv-U FTP Server 2.5/a/b (Windows 2000/95/98/NT 4.0) - Shortcut Exploit Cat Soft Serv-U FTP Server 2.5/a/b (Windows 95/98/2000/NT 4.0) - Shortcut Exploit Microsoft Windows 2000 - Remote CPU-overload Microsoft Windows Server 2000 - Remote CPU-overload Microsoft Windows 2000 - telnet.exe NTLM Authentication Microsoft Windows Server 2000 - telnet.exe NTLM Authentication Microsoft Indexing Services (Windows 2000/NT 4.0) - '.htw' Cross-Site Scripting Microsoft Indexing Service (Windows 2000/NT 4.0) - '.htw' Cross-Site Scripting Microsoft Indexing Services (Windows 2000) - File Verification Microsoft Indexing Service (Windows 2000) - File Verification SurfControl SuperScout WebFilter for windows 2000 - File Disclosure SurfControl SuperScout WebFilter for windows 2000 - SQL Injection Microsoft Windows 2000/XP/NT 4 - Help Facility ActiveX Control Buffer Overflow SurfControl SuperScout WebFilter for Windows 2000 - File Disclosure SurfControl SuperScout WebFilter for Windows 2000 - SQL Injection Microsoft Windows Server 2000/NT 4/XP - Help Facility ActiveX Control Buffer Overflow Microsoft Windows 2000 - Active Directory Remote Stack Overflow Microsoft Windows Server 2000 - Active Directory Remote Stack Overflow Microsoft Windows 2000/NT 4 Media Services - 'nsiislog.dll' Remote Buffer Overflow Microsoft Windows Server 2000/NT 4 Media Services - 'nsiislog.dll' Remote Buffer Overflow Microsoft Windows 2000 - Subnet Bandwidth Manager RSVP Server Authority Hijacking Microsoft Windows Server 2000 - Subnet Bandwidth Manager RSVP Server Authority Hijacking Microsoft Windows 2000/2003/XP - winhlp32 Phrase Integer Overflow Microsoft Windows 2000/2003/XP - winhlp32 Phrase Heap Overflow Microsoft Windows Server 2000/2003/XP - winhlp32 Phrase Integer Overflow Microsoft Windows Server 2000/2003/XP - winhlp32 Phrase Heap Overflow Microsoft Windows 2000/XP - Internet Protocol Validation Remote Code Execution (2) Microsoft Windows Server 2000/XP - Internet Protocol Validation Remote Code Execution (2) Microsoft Windows 2000/2003 - Recursive DNS Spoofing (1) Microsoft Windows 2000/2003 - Recursive DNS Spoofing (2) Microsoft Windows Server 2000/2003 - Recursive DNS Spoofing (1) Microsoft Windows Server 2000/2003 - Recursive DNS Spoofing (2) Linux - Multi/Dual mode Reverse Shell Shellcode (129 bytes) Travel Portal Script 9.33 - SQL Injection Movie Portal Script 7.35 - SQL Injection Itech Travel Portal Script 9.33 - SQL Injection Itech Movie Portal Script 7.35 - SQL Injection Auction Script 6.49 - SQL Injection Itech Auction Script 6.49 - 'mcid' Parameter SQL Injection Itech News Portal Script 6.28 - SQL Injection Itech News Portal Script 6.28 - 'inf' Parameter SQL Injection Video Sharing Script 4.94 - SQL Injection Itech Video Sharing Script 4.94 - 'v' Parameter SQL Injection Itech Classifieds Script 7.27 - 'pid' Parameter SQL Injection Itech Classifieds Script 7.27 - SQL Injection Video Sharing Script 4.94 - 'uid' Parameter SQL Injection Itech Video Sharing Script 4.94 - SQL Injection WordPress 4.7.0/4.7.1 - Unauthenticated Content Injection (Python) WordPress 4.7.0/4.7.1 - Unauthenticated Content Injection (Ruby) Itech Travel Portal Script 9.35 - SQL Injection Property Listing Script - 'propid' Parameter Blind SQL Injection Itech Inventory Management Software 3.77 - SQL Injection Itech Movie Portal Script 7.37 - SQL Injection Itech News Portal Script 6.28 - 'sc' Parameter SQL Injection Itech Auction Script 6.49 - 'pid' Parameter SQL Injection	2017-02-03 05:01:17 +00:00
Offensive Security	1a4e6f50a9	DB: 2017-02-01 65 new exploits Quake 3 Engine Client (Windows x86) - CS_ITEms Remote Overflow Mercur IMAPD 5.00.14 (Windows x86) - Remote Denial of Service PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow PHP 5.2.0 (Windows x86) - 'PHP_iisfunc.dll' Local Buffer Overflow 32bit FTP (09.04.24) - 'Banner' Remote Buffer Overflow (PoC) Apple Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x32/x64) - LZH archive parsing (PoC) ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x86/x64) - LZH archive parsing (PoC) Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service VMware Workstations 10.0.0.40273 - 'vmx86.sys' Arbitrary Kernel Read Samba < 3.6.2 (x86) - Denial of Serviec (PoC) Adobe Flash - Bad Dereference at 0x23c on Linux x64 Adobe Flash (Linux x64) - Bad Dereference at 0x23c Linux (x86) - Disable ASLR by Setting the RLIMIT_STACK Resource to Unlimited Core FTP Server 32-bit Build 587 - Heap Overflow Windows 10 x86/x64 WLAN AutoConfig - Denial of Service (POC) Windows 10 (x86/x64) WLAN AutoConfig - Denial of Service (POC) RedHat 6.2 /usr/bin/rcp - SUID Privilege Escalation RedHat 6.2 /usr/bin/rcp - 'SUID' Privilege Escalation Setuid perl - PerlIO_Debug() Root Owned File Creation Privilege Escalation Setuid perl - 'PerlIO_Debug()' Root Owned File Creation Privilege Escalation Wireless Tools 26 (IWConfig) - Privilege Escalation (some setuid) Qpopper 4.0.8 (Linux) - (poppassd) Privilege Escalation Wireless Tools 26 (IWConfig) - Privilege Escalation Qpopper 4.0.8 (Linux) - 'poppassd' Privilege Escalation Navicat Premium 11.2.11 (x64) - Local Database Password Disclosure Rocks Clusters 4.1 - (umount-loop) Privilege Escalation Rocks Clusters 4.1 - (mount-loop) Privilege Escalation Rocks Clusters 4.1 - 'umount-loop' Privilege Escalation Rocks Clusters 4.1 - 'mount-loop' Privilege Escalation PrivateTunnel Client 2.7.0 (x64) - Local Credentials Disclosure Linux Kernel 2.4 / 2.6 (x86-64) - System Call Emulation Privilege Escalation Postfix 2.6-20080814 - (symlink) Privilege Escalation Postfix 2.6-20080814 - 'symlink' Privilege Escalation Oracle Database Vault - ptrace(2) Privilege Escalation Oracle Database Vault - 'ptrace(2)' Privilege Escalation Linux Kernel 2.6.24_16-23 / 2.6.27_7-10 / 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86_64) - set_selection() UTF-8 Off-by-One Local Exploit Linux Kernel 2.6.24_16-23 / 2.6.27_7-10 / 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86-64) - set_selection() UTF-8 Off-by-One Local Exploit Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Privilege Escalation (1) Linux Kernel < 2.6.36-rc4-git2 (x86-64) - 'ia32syscall' Emulation Privilege Escalation Linux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Privilege Escalation Linux Kernel < 2.6.36-rc4-git2 (x86-64) - 'ia32syscall' Emulation Privilege Escalation Linux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Privilege Escalation GNU C Library 2.x (libc6) - Dynamic Linker LD_AUDIT Arbitrary DSO Load (Privilege Escalation) GNU C Library 2.x (libc6) - (Dynamic Linker LD_AUDIT Arbitrary DSO Load) Privilege Escalation Linux Kernel < 2.6.34 (Ubuntu 10.10 x86) - 'CAP_SYS_ADMIN' Privilege Escalation (1) Free Download Manager - Torrent Parsing Buffer Overflow (Metasploit) Free Download Manager 3.0 Build 844 - Torrent Parsing Buffer Overflow (Metasploit) VideoLAN VLC Client (Windows x86) - 'smb://' URI Buffer Overflow (Metasploit) PolicyKit polkit-1 < 0.101 - Linux Privilege Escalation PolicyKit polkit-1 < 0.101 - Privilege Escalation Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Privilege Escalation (Sendmail) (1) Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Privilege Escalation (Sendmail 8.10.1) (2) Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail) Capabilities Privilege Escalation(1) Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail 8.10.1) Capabilities Privilege Escalation (2) QNX RTOS 4.25/6.1 - phgrafxPrivilege Escalation QNX RTOS 4.25/6.1 - phgrafx-startup Privilege Escalation QNX RTOS 4.25/6.1 - 'phgrafx' Privilege Escalation QNX RTOS 4.25/6.1 - 'phgrafx-startup' Privilege Escalation Dropbox Desktop Client 9.4.49 (x64) - Local Credentials Disclosure Microsoft Windows 10 10586 (x32/x64) / 8.1 Update 2 - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111) Microsoft Windows 10 10586 (x86/x64) / 8.1 Update 2 - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111) MySQL 3.23.x - mysqld Privilege Escalation MySQL 3.23.x - 'mysqld' Privilege Escalation Platform Load Sharing Facility 4/5/6 - EAuth Privilege Escalation MTools 3.9.x - MFormat Privilege Escalation Platform Load Sharing Facility 4/5/6 - 'EAuth' Privilege Escalation MTools 3.9.x - 'MFormat' Privilege Escalation Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86-64) - 'sock_diag_handlers[]' Privilege Escalation (1) sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Privilege Escalation + glibc FORTIFY_SOURCE Bypass sudo 1.8.0 < 1.8.3p1 (sudo_debug) - glibc FORTIFY_SOURCE Bypass + Privilege Escalation Linux Kernel < 3.8.9 (x86-64) - 'perf_swevent_init' Privilege Escalation (2) ZABBIX 1.1.4/1.4.2 - daemon_start Privilege Escalation ZABBIX 1.1.4/1.4.2 - 'daemon_start' Privilege Escalation Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - 'CONFIG_X86_X32=y' Privilege Escalation (3) LogMeIn Client 1.3.2462 (x64) - Local Credentials Disclosure Systrace 1.x (x64) - Aware Linux Kernel Privilege Escalation Microsoft Windows - NTUserMessageCall Win32k Kernel Pool Overflow 'schlamperei.x86.dll' (MS13-053) (Metasploit) Linux Kernel 3.14-rc1 < 3.15-rc4 (x64) - Raw Mode PTY Local Echo Race Condition Privilege Escalation Linux Kernel 3.2.0-23 / 3.5.0-23 (Ubuntu 12.04/12.04.1/12.04.2 x64) - 'perf_swevent_init' Privilege Escalation (3) TeamViewer 11.0.65452 (x64) - Local Credentials Disclosure Linux Kernel 3.13 - Privilege Escalation PoC (SGID) Linux Kernel 3.13 - (SGID) Privilege Escalation (PoC) OSSEC 2.8 - hosts.deny Privilege Escalation OSSEC 2.8 - 'hosts.deny' Privilege Escalation Ninja Privilege Escalation Detection and Prevention System 0.1.3 - Race Condition Ninja Privilege Escalation Detection and Prevention System 0.1.3 - Race Condition Privilege Escalation Linux espfix64 - Privilege Escalation (Nested NMIs Interrupting) Linux (x86) - Memory Sinkhole Privilege Escalation (PoC) Linux espfix64 - (Nested NMIs Interrupting) Privilege Escalation Linux (x86) - Memory Sinkhole Privilege Escalation (PoC) RHEL 7.0/7.1 - abrt/sosreport Privilege Escalation RHEL 7.0/7.1 - 'abrt/sosreport' Privilege Escalation MySQL 5.5.45 (x64) - Local Credentials Disclosure Linux Kernel 4.4.x (Ubuntu 16.04) - 'double-fdput()' in bpf(BPF_PROG_LOAD) Privilege Escalation Linux Kernel 4.4.x (Ubuntu 16.04) - 'double-fdput()' bpf(BPF_PROG_LOAD) Privilege Escalation ACROS Security 0patch 2016.05.19.539 - '0PatchServicex64.exe' Unquoted Service Path Privilege Escalation Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - Netfilter target_offset Out-of-Bounds Privilege Escalation Microsoft Windows 7 (x32/x64) - Group Policy Privilege Escalation (MS16-072) Microsoft Windows 7 (x86/x64) - Group Policy Privilege Escalation (MS16-072) Linux Kernel 2.6.32-rc1 (x86-64) - Register Leak Linux Kernel 4.4.0 (Ubuntu 14.04/16.04 x86-64) - 'AF_PACKET' Race Condition Privilege Escalation Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098) Viscosity 1.6.7 - Privilege Escalation BeroFTPD 1.3.4(1) (Linux/x86) - Remote Code Execution BeroFTPD 1.3.4(1) (Linux x86) - Remote Code Execution Solaris /bin/login (SPARC/x86) - Remote Code Execution gpsdrive 2.09 (x86) - (friendsd2) Remote Format String PrivateWire Gateway 3.7 (Windows x86) - Remote Buffer Overflow (Metasploit) dproxy-nexgen (Linux/x86) - Buffer Overflow dproxy-nexgen (Linux x86) - Buffer Overflow 32bit FTP (09.04.24) - 'CWD Response' Remote Buffer Overflow 32bit FTP (09.04.24) - 'Banner' Remote Buffer Overflow 32bit FTP (09.04.24) - 'CWD Response' Universal Overwrite (SEH) 32bit FTP - 'PASV' Reply Client Remote Overflow (Metasploit) 32bit FTP (09.04.24) - 'CWD Response' Remote Buffer Overflow 32bit FTP (09.04.24) - 'Banner' Remote Buffer Overflow 32bit FTP (09.04.24) - 'CWD Response' Universal Overwrite (SEH) 32bit FTP - 'PASV' Reply Client Remote Overflow (Metasploit) Oracle 9i XDB (Windows x86) - FTP UNLOCK Overflow (Metasploit) AASync 2.2.1.0 (Windows x86) - Stack Buffer Overflow 'LIST' (Metasploit) 32bit FTP Client - Stack Buffer Overflow (Metasploit) Free Download Manager - Remote Control Server Buffer Overflow (Metasploit) Free Download Manager 2.5 Build 758 - Remote Control Server Buffer Overflow (Metasploit) Apache (Windows x86) - Chunked Encoding (Metasploit) PeerCast 0.1216 (Windows x86) - URL Handling Buffer Overflow (Metasploit) CA CAM (Windows x86) - log_security() Stack Buffer Overflow (Metasploit) Samba 3.3.12 (Linux/x86) - 'chain_reply' Memory Corruption (Metasploit) Samba 2.2.8 (Linux x86) - 'trans2open' Overflow (Metasploit) Samba 3.3.12 (Linux x86) - 'chain_reply' Memory Corruption (Metasploit) Samba 2.2.8 (Linux x86) - 'trans2open' Overflow (Metasploit) Samba 2.2.8 (*BSD x86) - 'trans2open' Overflow Exploit (Metasploit) Webmin 0.x - RPC Function Privilege Escalation Webmin 0.x - 'RPC' Function Privilege Escalation Nginx 1.3.9/1.4.0 (x86) - Brute Force Remote Exploit Nginx 1.4.0 (x64) - (Generic Linux) Remote Exploit Nginx 1.4.0 (x64) (Generic Linux) - Remote Exploit technote 7.2 - Remote File Inclusion Technote 7.2 - Remote File Inclusion JAWS 0.2/0.3 - 'index.php' gadget Parameter Traversal Arbitrary File Access JAWS 0.2/0.3 - Cookie Manipulation Authentication Bypass JAWS 0.2/0.3 - 'index.php' action Parameter Cross-Site Scripting Jaws 0.2/0.3 - 'gadget' Parameter Traversal Arbitrary File Access Jaws 0.2/0.3 - Cookie Manipulation Authentication Bypass Jaws 0.2/0.3 - 'action' Parameter Cross-Site Scripting JAWS 0.2/0.3/0.4 - ControlPanel.php SQL Injection Jaws 0.2/0.3/0.4 - ControlPanel.php SQL Injection JAWS Glossary 0.4/0.5 - Cross-Site Scripting Jaws Glossary 0.4/0.5 - Cross-Site Scripting JAWS 0.x - Remote File Inclusion Jaws 0.x - Remote File Inclusion FlatNux 2009-03-27 - Multiple Cross-Site Scripting Vulnerabilities Flatnux 2009-03-27 - Multiple Cross-Site Scripting Vulnerabilities Multiple Netgear Routers - Password Disclosure Video Sharing Script 4.94 - 'uid' Parameter SQL Injection Netman 204 - Backdoor Account / Password Reset	2017-02-01 05:01:19 +00:00
Offensive Security	763b417a35	DB: 2017-01-25 6 new exploits Mozilla Firefox 1.5 - (history.dat) Looping (PoC) Mozilla Firefox 1.5 - 'history.dat' Looping (PoC) Microsoft Internet Explorer 6 - (script action handlers) 'mshtml.dll' Denial of Service Microsoft Windows Server 2003/XP - (IGMP v3) Denial of Service (MS06-007) (1) Microsoft Internet Explorer 6 - Script Action Handlers 'mshtml.dll' Denial of Service Microsoft Windows Server 2003/XP - IGMP v3 Denial of Service (MS06-007) (1) Microsoft Windows Server 2003/XP - (IGMP v3) Denial of Service (MS06-007) (2) Microsoft Windows Server 2003/XP - IGMP v3 Denial of Service (MS06-007) (2) Apple Mac OSX Safari 2.0.3 - (417.9.2) (ROWSPAN) Denial of Service (PoC) Apple Mac OSX Safari 2.0.3 (417.9.2) - 'ROWSPAN' Denial of Service (PoC) acFTP FTP Server 1.4 - (USER) Remote Buffer Overflow (PoC) acFTP FTP Server 1.4 - 'USER' Remote Buffer Overflow (PoC) 0verkill 0.16 - (ASCII-ART Game) Remote Integer Overflow Crash (PoC) 0verkill 0.16 - ASCII-ART Game Remote Integer Overflow Crash (PoC) Clam AntiVirus 0.88.4 - (rebuildpe) Remote Heap Overflow (PoC) Asterisk 1.0.12 / 1.2.12.1 - (chan_skinny) Remote Heap Overflow (PoC) Clam AntiVirus 0.88.4 - 'rebuildpe' Remote Heap Overflow (PoC) Asterisk 1.0.12 / 1.2.12.1 - 'chan_skinny' Remote Heap Overflow (PoC) AT-TFTP 1.9 - (Long Filename) Remote Buffer Overflow (PoC) AT-TFTP 1.9 - 'Long Filename' Remote Buffer Overflow (PoC) LeadTools ISIS Control - (ltisi14E.ocx v.14.5.0.44) Remote Denial of Service LeadTools ISIS Control - 'ltisi14E.ocx 14.5.0.44' Remote Denial of Service Microsoft Visual FoxPro 6.0 - (FPOLE.OCX 6.0.8450.0) - Remote (PoC) Microsoft Visual FoxPro 6.0 - FPOLE.OCX 6.0.8450.0 Remote (PoC) Castle Rock Computing SNMPc < 7.1.1 - (Community) Remote Buffer Overflow (PoC) Castle Rock Computing SNMPc < 7.1.1 - 'Community' Remote Buffer Overflow (PoC) BitDefender - (module pdf.xmd) Infinite Loop Denial of Service (PoC) BitDefender - Module pdf.xmd Infinite Loop Denial of Service (PoC) ClamAV < 0.94.2 - (JPEG Parsing) Recursive Stack Overflow (PoC) ClamAV < 0.94.2 - JPEG Parsing Recursive Stack Overflow (PoC) Amaya Web Browser 10.0.1/10.1-pre5 - (html tag) Buffer Overflow (PoC) Amaya Web Browser 10.0.1/10.1-pre5 - HTML Tag Buffer Overflow (PoC) Amaya Web Editor - XML and HTML parser Vulnerabilities Amaya Web Editor 11.0 - XML and HTML parser Vulnerabilities Elecard AVC HD PLAYER - '.m3u' / '.xpl' Local Stack Overflow (PoC) RealVNC 4.1.2 - (vncviewer.exe) RFB Protocol Remote Code Execution (PoC) Elecard AVC HD player - '.m3u' / '.xpl' Local Stack Overflow (PoC) RealVNC 4.1.2 - 'vncviewer.exe' RFB Protocol Remote Code Execution (PoC) Apple Mac OSX xnu 1228.3.13 - (zip-notify) Remote Kernel Overflow (PoC) Apple Mac OSX xnu 1228.3.13 - 'zip-notify' Remote Kernel Overflow (PoC) Apple Mac OSX xnu 1228.3.13 - (profil) Kernel Memory Leak/Denial of Service (PoC) Apple Mac OSX xnu 1228.x - (vfssysctl) Local Kernel Denial of Service (PoC) Apple Mac OSX xnu 1228.3.13 - 'Profil' Kernel Memory Leak/Denial of Service (PoC) Apple Mac OSX xnu 1228.x - 'vfssysctl' Local Kernel Denial of Service (PoC) AIMP 2.51 build 330 - (ID3v1/ID3v2 Tag) Remote Stack Buffer Overflow PoC (SEH) AIMP 2.51 build 330 - ID3v1/ID3v2 Tag Remote Stack Buffer Overflow PoC (SEH) eEye Retina WiFi Security Scanner 1.0 - (.rws Parsing) Buffer Overflow (PoC) AwingSoft Web3D Player - (WindsPly.ocx) Remote Buffer Overflow (PoC) eEye Retina WiFi Security Scanner 1.0 - '.rws Parsing' Buffer Overflow (PoC) AwingSoft Web3D Player - 'WindsPly.ocx' Remote Buffer Overflow (PoC) Apple Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC) Apple Safari 4.0.2 - WebKit Parsing of Floating Point Numbers Buffer Overflow (PoC) Cerberus FTP 3.0.1 - (ALLO) Remote Overflow Denial of Service (Metasploit) Cerberus FTP 3.0.1 - 'ALLO' Remote Overflow Denial of Service (Metasploit) Nginx 0.7.0 < 0.7.61 / 0.6.0 < 0.6.38 / 0.5.0 < 0.5.37 / 0.4.0 < 0.4.14 - (PoC) Nginx 0.7.0 < 0.7.61 / 0.6.0 < 0.6.38 / 0.5.0 < 0.5.37 / 0.4.0 < 0.4.14 - Denial of Service (PoC) Spider Solitaire - Denial of Service (PoC) Ofilter Player - (skin.ini) Local Crash (PoC) Ofilter Player - 'skin.ini' Local Crash (PoC) NPlayer - (.dat Skin) Local Heap Overflow (PoC) NPlayer - '.dat Skin' Local Heap Overflow (PoC) MediaMonkey Player - Local Denial of Service MediaMonkey 3.2.0 - Local Denial of Service Apple Safari 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash) Apple Safari 4.0.5 - Object Tag 'JavaScriptCore.dll' Denial of Service (Crash) RPM Select/Elite 5.0 - (.xml config parsing) Unicode Buffer Overflow (PoC) RPM Select/Elite 5.0 - '.xml config parsing' Unicode Buffer Overflow (PoC) EDraw Flowchart ActiveX Control 2.3 - (EDImage.ocx) Remote Denial of Service (IE) EDraw Flowchart ActiveX Control 2.3 - 'EDImage.ocx' Remote Denial of Service (IE) Apple Safari 4.0.5 - (531.22.7) Denial of Service Apple Safari 4.0.5 (531.22.7) - Denial of Service Savy Soda Documents - (Mobile Office Suite) '.XLS' Denial of Service Savy Soda Documents - Mobile Office Suite '.XLS' Denial of Service Corel WordPerfect Office X5 15.0.0.357 - (wpd) Buffer Overflow (PoC) Corel Presentations X5 15.0.0.357 - (shw) Buffer Preoccupation (PoC) Corel WordPerfect Office X5 15.0.0.357 - 'wpd' Buffer Overflow (PoC) Corel Presentations X5 15.0.0.357 - 'shw' Buffer Preoccupation (PoC) Barcodewiz BarCode ActiveX 3.29 - (PoC) Barcodewiz BarCode ActiveX 3.29 - Denial of Service (PoC) LeadTools 11.5.0.9 - (ltisi11n.ocx) DriverName() Access Violation Denial of Service LeadTools 11.5.0.9 - (ltlst11n.ocx) Insert() Access Violation Denial of Service LeadTools 11.5.0.9 - 'ltisi11n.ocx' DriverName() Access Violation Denial of Service LeadTools 11.5.0.9 - 'ltlst11n.ocx' Insert() Access Violation Denial of Service LeadTools 11.5.0.9 - (ltdlg11n.ocx) Bitmap Access Violation Denial of Service LeadTools 11.5.0.9 - 'ltdlg11n.ocx' Bitmap Access Violation Denial of Service MediaMonkey 3.2.4.1304 - 'mp3' Buffer Overflow (PoC) MediaMonkey 3.2.4.1304 - '.mp3' Buffer Overflow (PoC) Flash Player - (Flash6.ocx) AllowScriptAccess Denial of Service (PoC) Flash Player - 'Flash6.ocx' AllowScriptAccess Denial of Service (PoC) Microsoft IIS 7.5 (Windows 7) - FTPSVC UNAUTH'D Remote Denial of Service (PoC) Microsoft IIS 7.5 (Windows 7) - FTPSVC Unauthorized Remote Denial of Service (PoC) Avira AntiVir QUA file - (avcenter.exe) Local Crash (PoC) Avira AntiVir - '.QUA' File 'avcenter.exe' Local Crash (PoC) SlimPDF Reader - (PoC) SlimPDF Reader - Denial of Service (PoC) VideoLAN VLC Media Player 1.1.11 - (libav) 'libavcodec_plugin.dll' Denial of Service VideoLAN VLC Media Player 1.1.11 - libav 'libavcodec_plugin.dll' Denial of Service PHP Hash Table Collision - (PoC) PHP Hash Table Collision - Denial of Service (PoC) EdrawSoft Office Viewer Component ActiveX 5.6 - (officeviewermme.ocx) Buffer Overflow (PoC) EdrawSoft Office Viewer Component ActiveX 5.6 - 'officeviewermme.ocx' Buffer Overflow (PoC) PowerNet Twin Client 8.9 - (RFSync 1.0.0.1) Crash (PoC) PowerNet Twin Client 8.9 - 'RFSync 1.0.0.1' Crash (PoC) Spytech NetVizor 6.1 - (services.exe) Denial of Service Spytech NetVizor 6.1 - 'services.exe' Denial of Service Microsoft Windows Help program - (WinHlp32.exe) Crash (PoC) Microsoft Windows Help program - 'WinHlp32.exe' Crash (PoC) Easy DVD Player 3.5.1 - (libav) 'libavcodec_plugin.dll' Denial of Service Easy DVD Player 3.5.1 - libav 'libavcodec_plugin.dll' Denial of Service TeraCopy 2.3 - (default.mo) Language File Integer Overflow TeraCopy 2.3 - 'default.mo' Language File Integer Overflow Samba < 3.6.2 (x86) - (PoC) Samba < 3.6.2 (x86) - Denial of Serviec (PoC) Acoustica Pianissimo 1.0 Build 12 - (Registration ID) Buffer Overflow (PoC) Acoustica Pianissimo 1.0 Build 12 - 'Registration ID' Buffer Overflow (PoC) WHMCS 5.12 - 'cart.php' Denial of Service WHMCompleteSolution (WHMCS) 5.12 - 'cart.php' Denial of Service BSD chpass - (pw_error(3)) Privilege Escalation BSD chpass - 'pw_error(3)' Privilege Escalation Solaris 2.6/7/8/9 (sparc) - (ld.so.1) Privilege Escalation Solaris 2.6/7/8/9 (sparc) - 'ld.so.1' Privilege Escalation Tru64 UNIX 5.0 - (Rev. 910) rdist NLSPATH Buffer Overflow Tru64 UNIX 5.0 - (Rev. 910) edauth NLSPATH Buffer Overflow Tru64 UNIX 5.0 (Rev. 910) - rdist NLSPATH Buffer Overflow Tru64 UNIX 5.0 (Rev. 910) - edauth NLSPATH Buffer Overflow Kerio WebSTAR 5.4.2 (OSX) - (libucache.dylib) Privilege Escalation Kerio WebSTAR 5.4.2 (OSX) - 'libucache.dylib' Privilege Escalation Apache 1.3.33/1.3.34 (Ubuntu / Debian) - (CGI TTY) Privilege Escalation Apache 1.3.33/1.3.34 (Ubuntu / Debian) - CGI TTY Privilege Escalation East Wind Software - (advdaudio.ocx 1.5.1.1) Local Buffer Overflow East Wind Software - 'advdaudio.ocx 1.5.1.1' Local Buffer Overflow Total Video Player 1.31 - (DefaultSkin.ini) Local Stack Overflow Total Video Player 1.31 - 'DefaultSkin.ini' Local Stack Overflow Mp3-Nator 2.0 - (ListData.dat) Universal Buffer Overflow (SEH) Mp3-Nator 2.0 - 'ListData.dat' Universal Buffer Overflow (SEH) Adobe 9.x Related Service - (getPlus_HelperSvc.exe) Privilege Escalation Adobe 9.x Related Service - 'getPlus_HelperSvc.exe' Privilege Escalation Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (1) Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (2) Easy Music Player 1.0.0.2 - (wav) Universal Local Buffer Exploit (SEH) (3) Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer Exploit (SEH) (1) Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer Exploit (SEH) (2) Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer Exploit (SEH) (3) Hamster Audio Player 0.3a - (Associations.cfg) Local Buffer Exploit (SEH) (1) Hamster Audio Player 0.3a - 'Associations.cfg' Local Buffer Exploit (SEH) (1) Hamster Audio Player 0.3a - (Associations.cfg) Local Buffer Exploit (SEH) (2) Hamster Audio Player 0.3a - 'Associations.cfg' Local Buffer Exploit (SEH) (2) Spider Solitaire - (PoC) EDraw Flowchart ActiveX Control 2.3 - (.edd parsing) Remote Buffer Overflow (PoC) EDraw Flowchart ActiveX Control 2.3 - '.edd parsing' Remote Buffer Overflow (PoC) Gesytec ElonFmt ActiveX 1.1.14 - (ElonFmt.ocx) pid Item Buffer Overflow (SEH) Gesytec ElonFmt ActiveX 1.1.14 - 'ElonFmt.ocx' pid Item Buffer Overflow (SEH) SopCast 3.4.7 - (Diagnose.exe) Improper Permissions SopCast 3.4.7 - 'Diagnose.exe' Improper Permissions ACE Stream Media 2.1 - (acestream://) Format String (PoC) ACE Stream Media 2.1 - 'acestream://' Format String (PoC) Total Video Player 1.3.1 - (Settings.ini) Buffer Overflow (SEH) (Metasploit) Total Video Player 1.3.1 - 'Settings.ini' Buffer Overflow (SEH) (Metasploit) RedStar 2.0 Desktop - (World-writeable rc.sysinit) Privilege Escalation RedStar 3.0 Desktop - (Software Manager swmng.app) Privilege Escalation RedStar 2.0 Desktop - 'World-writeable rc.sysinit' Privilege Escalation RedStar 3.0 Desktop - 'Software Manager swmng.app' Privilege Escalation MASM321 11 Quick Editor - (.qeditor) 4.0g- .qse SEH Based Buffer Overflow (ASLR & SAFESEH Bypass) MASM321 11 Quick Editor - '.qeditor' 4.0g - .qse SEH Based Buffer Overflow (ASLR & SAFESEH Bypass) ACROS Security 0patch 2016.05.19.539 - (0PatchServicex64.exe) Unquoted Service Path Privilege Escalation ACROS Security 0patch 2016.05.19.539 - '0PatchServicex64.exe' Unquoted Service Path Privilege Escalation Microsoft Remote Desktop Client for Mac 8.0.36 - Remote Code Execution Solaris 2.6/7/8 - (TTYPROMPT in.telnet) Remote Authentication Bypass Solaris 2.6/7/8 - 'TTYPROMPT in.telnet' Remote Authentication Bypass BIND 8.2.x - (TSIG) Stack Overflow (1) BIND 8.2.x - (TSIG) Stack Overflow (2) BIND 8.2.x - (TSIG) Stack Overflow (3) BIND 8.2.x - (TSIG) Stack Overflow (4) BIND 8.2.x - 'TSIG' Stack Overflow (1) BIND 8.2.x - 'TSIG' Stack Overflow (2) BIND 8.2.x - 'TSIG' Stack Overflow (3) BIND 8.2.x - 'TSIG' Stack Overflow (4) Microsoft IIS 5.0 - (500-100.asp) Server Name Spoof Exploit Microsoft IIS 5.0 - '500-100.asp' Server Name Spoof Exploit phpBB 2.0.13 - (admin_styles.php) Remote Command Execution e107 <= 0.6172 - (resetcore.php) SQL Injection phpBB 2.0.13 - 'admin_styles.php' Remote Command Execution e107 <= 0.6172 - 'resetcore.php' SQL Injection Apple Mac OSX Safari Browser - (Safe File) Remote Code Execution (Metasploit) Apple Mac OSX Safari Browser - 'Safe File' Remote Code Execution (Metasploit) Darwin Streaming Server 4.1.2 - (parse_xml.cgi) Code Execution Darwin Streaming Server 4.1.2 - 'parse_xml.cgi' Code Execution Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow (1) Cyrus IMAPD 2.3.2 - 'pop3d' Remote Buffer Overflow (1) CesarFTP 0.99g - (MKD) Remote Buffer Overflow (Metasploit) CesarFTP 0.99g - 'MKD' Remote Buffer Overflow (Metasploit) Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow (2) Cyrus IMAPD 2.3.2 - 'pop3d' Remote Buffer Overflow (2) AIM Triton 1.0.4 - (SipXtapi) Remote Buffer Overflow (PoC) AIM Triton 1.0.4 - 'SipXtapi' Remote Buffer Overflow (PoC) Microsoft Internet Explorer - (MDAC) Remote Code Execution (MS06-014) (Metasploit) (2) Cyrus IMAPD 2.3.2 - (pop3d) Remote Buffer Overflow (3) Microsoft Internet Explorer - 'MDAC' Remote Code Execution (MS06-014) (Metasploit) (2) Cyrus IMAPD 2.3.2 - 'pop3d' Remote Buffer Overflow (3) IBM Director < 5.10 - (Redirect.bat) Directory Traversal IBM Director < 5.10 - 'Redirect.bat' Directory Traversal Microsoft Internet Explorer - (VML) Remote Buffer Overflow (SP2) (Perl) Microsoft Internet Explorer - 'VML' Remote Buffer Overflow (SP2) (Perl) Omni-NFS Server 5.2 - (nfsd.exe) Remote Stack Overflow (Metasploit) Omni-NFS Server 5.2 - 'nfsd.exe' Remote Stack Overflow (Metasploit) Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - (Long Filename) Remote Buffer Overflow Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - 'Long Filename' Remote Buffer Overflow CA BrightStor ARCserve - (msgeng.exe) Remote Heap Overflow (1) CA BrightStor ARCserve - (msgeng.exe) Remote Heap Overflow (2) CA BrightStor ARCserve - 'msgeng.exe' Remote Heap Overflow (1) CA BrightStor ARCserve - 'msgeng.exe' Remote Heap Overflow (2) Mozilla Firefox 2.0.0.1 - (location.hostname) Cross-Domain Mozilla Firefox 2.0.0.1 - 'location.hostname' Cross-Domain 3Com TFTP Service (3CTftpSvc) 2.0.1 - (Long Transporting Mode) Exploit (Perl) 3Com TFTP Service (3CTftpSvc) 2.0.1 - Long Transporting Mode Exploit (Perl) CA BrightStor Backup 11.5.2.0 - (Mediasvr.exe) Remote Code Exploit CA BrightStor Backup 11.5.2.0 - 'Mediasvr.exe' Remote Code Exploit Aircrack-NG 0.7 - (Specially Crafted 802.11 Packets) Remote Buffer Overflow Aircrack-NG 0.7 - 'Specially Crafted 802.11 Packets' Remote Buffer Overflow eCentrex VOIP Client module - (uacomx.ocx 2.0.1) Remote Buffer Overflow eCentrex VOIP Client module - 'uacomx.ocx 2.0.1' Remote Buffer Overflow Microsoft Visual Studio 6.0 - (PDWizard.ocx) Remote Command Execution Microsoft Visual Studio 6.0 - 'PDWizard.ocx' Remote Command Execution MySpace Uploader - (MySpaceUploader.ocx 1.0.0.4) Buffer Overflow MySpace Uploader - 'MySpaceUploader.ocx 1.0.0.4' Buffer Overflow Philips VOIP841 'Firmware 1.0.4.800' - Multiple Vulnerabilities Philips VOIP841 Firmware 1.0.4.800 - Multiple Vulnerabilities Linksys WRT54G (Firmware 1.00.9) - Security Bypass Vulnerabilities (1) Linksys WRT54G Firmware 1.00.9 - Security Bypass Vulnerabilities (1) Black Ice Software Annotation Plugin - (BiAnno.ocx) Buffer Overflow (2) Black Ice Software Annotation Plugin - 'BiAnno.ocx' Buffer Overflow (2) Linksys WRT54G (Firmware 1.00.9) - Security Bypass Vulnerabilities (2) Linksys WRT54G Firmware 1.00.9 - Security Bypass Vulnerabilities (2) Microsoft Access - (Snapview.ocx 10.0.5529.0) ActiveX Remote Exploit Microsoft Access - 'Snapview.ocx 10.0.5529.0' ActiveX Remote Exploit Amaya Web Browser 11 - (bdo tag) Remote Stack Overflow (Windows XP) Amaya Web Browser 11 - (bdo tag) Remote Stack Overflow (Windows Vista) Amaya Web Browser 11 (Windows XP) - bdo tag Remote Stack Overflow Amaya Web Browser 11 (Windows Vista) - bdo tag Remote Stack Overflow Steamcast - (HTTP Request) Remote Buffer Overflow (SEH) (1) Steamcast - (HTTP Request) Remote Buffer Overflow (SEH) (2) Steamcast - HTTP Request Remote Buffer Overflow (SEH) (1) Steamcast - HTTP Request Remote Buffer Overflow (SEH) (2) 32bit FTP (09.04.24) - (CWD Response) Remote Buffer Overflow 32bit FTP (09.04.24) - 'CWD Response' Remote Buffer Overflow 32bit FTP (09.04.24) - (CWD Response) Universal Overwrite (SEH) 32bit FTP - (PASV) Reply Client Remote Overflow (Metasploit) 32bit FTP (09.04.24) - 'CWD Response' Universal Overwrite (SEH) 32bit FTP - 'PASV' Reply Client Remote Overflow (Metasploit) Apple iTunes 8.1.1 - (ITMS) Multiple Protocol Handler Buffer Overflow (Metasploit) Apple iTunes 8.1.1 - 'ITMS' Multiple Protocol Handler Buffer Overflow (Metasploit) Apple iTunes 8.1.1.10 (Windows) - (itms/itcp) Remote Buffer Overflow Apple iTunes 8.1.1.10 (Windows) - 'itms/itcp' Remote Buffer Overflow THOMSON TG585n 7.4.3.2 - (user.ini) Arbitrary Download THOMSON TG585n 7.4.3.2 - 'user.ini' Arbitrary Download Adobe Flash and Reader - (PoC) Adobe Flash and Reader - Live Malware (PoC) Microsoft Internet Explorer - (VML) Fill Method Code Execution (MS06-055) (Metasploit) Microsoft Internet Explorer - 'VML' Fill Method Code Execution (MS06-055) (Metasploit) WinZip FileView - (WZFILEVIEW.FileViewCtrl.61) ActiveX Buffer Overflow (Metasploit) WinZip FileView - 'WZFILEVIEW.FileViewCtrl.61' ActiveX Buffer Overflow (Metasploit) CesarFTP 0.99g - (MKD) Command Buffer Overflow (Metasploit) CesarFTP 0.99g - 'MKD' Command Buffer Overflow (Metasploit) UltraVNC 1.0.2 Client - (vncviewer.exe) Buffer Overflow (Metasploit) UltraVNC 1.0.2 Client - 'vncviewer.exe' Buffer Overflow (Metasploit) Audio File Library 0.2.6 - (libaudiofile) 'msadpcm.c' WAV File Processing Buffer Overflow Audio File Library 0.2.6 - libaudiofile 'msadpcm.c' .WAV File Processing Buffer Overflow Linksys WRT54GC 1.5.7 - (Firmware) 'administration.cgi' Access Validation Linksys WRT54GC 1.5.7 Firmware - 'administration.cgi' Access Validation Cisco WebEx - 'nativeMessaging' Arbitrary Remote Command Execution Mozilla Firefox < 50.0.2 - nsSMILTimeContainer::NotifyTimeChange() Remote Code Execution (Metasploit) Aztek Forum 4.0 - (myadmin.php) Database Dumper Exploit Aztek Forum 4.0 - 'myadmin.php' Database Dumper Exploit E-Cart 1.1 - (index.cgi) Remote Command Execution E-Cart 1.1 - 'index.cgi' Remote Command Execution UBBCentral UBB.Threads < 6.5.2 Beta - (mailthread.php) SQL Injection ASPNuke 0.80 - (article.asp) SQL Injection ASPNuke 0.80 - (comment_post.asp) SQL Injection UBBCentral UBB.Threads < 6.5.2 Beta - 'mailthread.php' SQL Injection ASPNuke 0.80 - 'article.asp' SQL Injection ASPNuke 0.80 - 'comment_post.asp' SQL Injection w-Agora 4.2.0 - (quicklist.php) Remote Code Execution w-Agora 4.2.0 - 'quicklist.php' Remote Code Execution Cyphor 0.19 - (show.php id) SQL Injection Cyphor 0.19 - 'show.php id' SQL Injection eFiction 2.0 - (Fake .gif) Arbitrary File Upload eFiction 2.0 - 'Fake .gif' Arbitrary File Upload CuteNews 1.4.1 - (categories.mdu) Remote Command Execution CuteNews 1.4.1 - 'categories.mdu' Remote Command Execution FlatCMS 1.01 - (file_editor.php) Remote Command Execution FlatCMS 1.01 - 'file_editor.php' Remote Command Execution FCKEditor 2.0 <= 2.2 - (FileManager connector.php) Arbitrary File Upload FCKEditor 2.0 <= 2.2 - 'FileManager connector.php' Arbitrary File Upload FlySpray 0.9.7 - (install-0.9.7.php) Remote Commands Execution Exploit FlySpray 0.9.7 - 'install-0.9.7.php' Remote Commands Execution Exploit GeekLog 1.x - (error.log) Remote Commands Execution Exploit (gpc = Off) GeekLog 1.x - 'error.log' (gpc = Off) Remote Commands Execution Exploit phpWebSite 0.10.0-full - (topics.php) SQL Injection phpWebSite 0.10.0-full - 'topics.php' SQL Injection iGENUS WebMail 2.0.2 - (config_inc.php) Remote Code Execution iGENUS WebMail 2.0.2 - 'config_inc.php' Remote Code Execution TotalECommerce 1.0 - (index.asp id) SQL Injection TotalECommerce 1.0 - 'index.asp id' SQL Injection CilemNews System 1.1 - (yazdir.asp haber_id) SQL Injection CilemNews System 1.1 - 'yazdir.asp haber_id' SQL Injection ShoutLIVE 1.1.0 - (savesettings.php) Remote Code Execution ShoutLIVE 1.1.0 - 'savesettings.php' Remote Code Execution FreeWPS 2.11 - (images.php) Remote Code Execution FreeWPS 2.11 - 'images.php' Remote Code Execution phpBookingCalendar 1.0c - (details_view.php) SQL Injection phpBookingCalendar 1.0c - 'details_view.php' SQL Injection Aztek Forum 4.00 - (myadmin.php) User Privilege Escalation Aztek Forum 4.00 - 'myadmin.php' User Privilege Escalation Claroline 1.7.4 - (scormExport.inc.php) Remote Code Execution Claroline 1.7.4 - 'scormExport.inc.php' Remote Code Execution Sire 2.0 - (lire.php) Remote File Inclusion / Arbitrary File Upload Sire 2.0 - 'lire.php' Remote File Inclusion / Arbitrary File Upload Sphider 1.3 - (configset.php) Arbitrary Remote File Inclusion Sphider 1.3 - 'configset.php' Arbitrary Remote File Inclusion Censtore 7.3.x - (censtore.cgi) Remote Command Execution quizz 1.01 - (quizz.pl) Remote Command Execution Censtore 7.3.x - 'censtore.cgi' Remote Command Execution quizz 1.01 - 'quizz.pl' Remote Command Execution SysInfo 1.21 - (sysinfo.cgi) Remote Command Execution SysInfo 1.21 - 'sysinfo.cgi' Remote Command Execution FlexBB 0.5.5 - (/inc/start.php _COOKIE) SQL Bypass Exploit FlexBB 0.5.5 - '/inc/start.php _COOKIE' SQL Bypass Exploit ASPSitem 1.83 - (Haberler.asp) SQL Injection ASPSitem 1.83 - 'Haberler.asp' SQL Injection FlexBB 0.5.5 - (function/showprofile.php) SQL Injection BK Forum 4.0 - (member.asp) SQL Injection FlexBB 0.5.5 - 'function/showprofile.php' SQL Injection BK Forum 4.0 - 'member.asp' SQL Injection Fast Click 1.1.3 / 2.3.8 - (show.php) Remote File Inclusion Fast Click 1.1.3 / 2.3.8 - 'show.php' Remote File Inclusion HiveMail 1.3 - (addressbook.add.php) Remote Code Execution VP-ASP 6.00 - (shopcurrency.asp) SQL Injection HiveMail 1.3 - 'addressbook.add.php' Remote Code Execution VP-ASP 6.00 - 'shopcurrency.asp' SQL Injection Dokeos Lms 1.6.4 - (authldap.php) Remote File Inclusion Claroline E-Learning 1.75 - (ldap.inc.php) Remote File Inclusion Dokeos Lms 1.6.4 - 'authldap.php' Remote File Inclusion Claroline E-Learning 1.75 - 'ldap.inc.php' Remote File Inclusion Squirrelcart 2.2.0 - (cart_content.php) Remote File Inclusion Squirrelcart 2.2.0 - 'cart_content.php' Remote File Inclusion Woltlab Burning Board 2.3.5 - (links.php) SQL Injection Woltlab Burning Board 2.3.5 - 'links.php' SQL Injection open-medium.CMS 0.25 - (404.php) Remote File Inclusion Back-End CMS 0.7.2.2 - (BE_config.php) Remote File Inclusion open-medium.CMS 0.25 - '404.php' Remote File Inclusion Back-End CMS 0.7.2.2 - 'BE_config.php' Remote File Inclusion DoceboLms 2.0.5 - (help.php) Remote File Inclusion DoceboLms 2.0.5 - 'help.php' Remote File Inclusion PrideForum 1.0 - (forum.asp) SQL Injection PrideForum 1.0 - 'forum.asp' SQL Injection Bytehoard 2.1 - (server.php) Remote File Inclusion Bytehoard 2.1 - 'server.php' Remote File Inclusion Igloo 0.1.9 - (Wiki.php) Remote File Inclusion Igloo 0.1.9 - 'Wiki.php' Remote File Inclusion Informium 0.12.0 - (common-menu.php) Remote File Inclusion Informium 0.12.0 - 'common-menu.php' Remote File Inclusion DotClear 1.2.4 - (prepend.php) Arbitrary Remote File Inclusion DotClear 1.2.4 - 'prepend.php' Arbitrary Remote File Inclusion Wikiwig 4.1 - (wk_lang.php) Remote File Inclusion myNewsletter 1.1.2 - (adminLogin.asp) Login Bypass Wikiwig 4.1 - 'wk_lang.php' Remote File Inclusion myNewsletter 1.1.2 - 'adminLogin.asp' Login Bypass Xtreme/Ditto News 1.0 - (post.php) Remote File Inclusion Back-End CMS 0.7.2.1 - (jpcache.php) Remote File Inclusion Xtreme/Ditto News 1.0 - 'post.php' Remote File Inclusion Back-End CMS 0.7.2.1 - 'jpcache.php' Remote File Inclusion aWebNews 1.5 - (visview.php) Remote File Inclusion aWebNews 1.5 - 'visview.php' Remote File Inclusion PHP Blue Dragon CMS 2.9.1 - (template.php) File Inclusion PHP Blue Dragon CMS 2.9.1 - 'template.php' File Inclusion DreamAccount 3.1 - (auth.api.php) Remote File Inclusion DreamAccount 3.1 - 'auth.api.php' Remote File Inclusion RsGallery2 <= 1.11.2 - (rsgallery.html.php) File Inclusion RsGallery2 <= 1.11.2 - 'rsgallery.html.php' File Inclusion Plume CMS 1.1.3 - (dbinstall.php) Remote File Inclusion Randshop 1.1.1 - (header.inc.php) Remote File Inclusion Plume CMS 1.1.3 - 'dbinstall.php' Remote File Inclusion Randshop 1.1.1 - 'header.inc.php' Remote File Inclusion SQuery 4.5 - (gore.php) Remote File Inclusion SQuery 4.5 - 'gore.php' Remote File Inclusion FlushCMS 1.0.0-pre2 - (class.rich.php) Remote File Inclusion FlushCMS 1.0.0-pre2 - 'class.rich.php' Remote File Inclusion Etomite CMS 0.6.1 - (rfiles.php) Remote Command Execution Etomite CMS 0.6.1 - 'rfiles.php' Remote Command Execution TSEP 0.942 - (copyright.php) Remote File Inclusion TSEP 0.942 - 'copyright.php' Remote File Inclusion WoW Roster 1.70 - (/lib/phpBB.php) Remote File Inclusion WoW Roster 1.70 - '/lib/phpBB.php' Remote File Inclusion TSEP 0.942 - (colorswitch.php) Remote File Inclusion TSEP 0.942 - 'colorswitch.php' Remote File Inclusion SQLiteWebAdmin 0.1 - (tpl.inc.php) Remote File Inclusion SQLiteWebAdmin 0.1 - 'tpl.inc.php' Remote File Inclusion PHPCodeCabinet 0.5 - (Core.php) Remote File Inclusion PHPCodeCabinet 0.5 - 'Core.php' Remote File Inclusion See-Commerce 1.0.625 - (owimg.php3) Remote File Inclusion See-Commerce 1.0.625 - 'owimg.php3' Remote File Inclusion PHPMyRing 4.2.0 - (view_com.php) SQL Injection PHPMyRing 4.2.0 - 'view_com.php' SQL Injection VWar 1.50 R14 - (online.php) SQL Injection VWar 1.50 R14 - 'online.php' SQL Injection Wheatblog 1.1 - (session.php) Remote File Inclusion Wheatblog 1.1 - 'session.php' Remote File Inclusion PHPay 2.02 - (nu_mail.inc.php) Remote mail() Injection PHPay 2.02 - 'nu_mail.inc.php' Remote mail() Injection WEBInsta CMS 0.3.1 - (users.php) Remote File Inclusion WEBInsta CMS 0.3.1 - 'users.php' Remote File Inclusion WTcom 0.2.4-alpha - (torrents.php) SQL Injection WTcom 0.2.4-alpha - 'torrents.php' SQL Injection PHlyMail Lite 3.4.4 - (mod.listmail.php) Remote File Inclusion PHlyMail Lite 3.4.4 - 'mod.listmail.php' Remote File Inclusion LBlog 1.05 - (comments.asp) SQL Injection LBlog 1.05 - 'comments.asp' SQL Injection PHlyMail Lite 3.4.4 - (folderprops.php) Remote File Inclusion (2) Empire CMS 3.7 - (checklevel.php) Remote File Inclusion PHlyMail Lite 3.4.4 - 'folderprops.php' Remote File Inclusion (2) Empire CMS 3.7 - 'checklevel.php' Remote File Inclusion VistaBB 2.x - (functions_mod_user.php) Remote File Inclusion VistaBB 2.x - 'functions_mod_user.php' Remote File Inclusion PHPCOIN 1.2.3 - (session_set.php) Remote File Inclusion PHPCOIN 1.2.3 - 'session_set.php' Remote File Inclusion FlashChat 4.5.7 - (aedating4CMS.php) Remote File Inclusion FlashChat 4.5.7 - 'aedating4CMS.php' Remote File Inclusion Beautifier 0.1 - (Core.php) Remote File Inclusion Beautifier 0.1 - 'Core.php' Remote File Inclusion Q-Shop 3.5 - (browse.asp) SQL Injection Q-Shop 3.5 - 'browse.asp' SQL Injection Charon Cart 3.0 - (Review.asp) SQL Injection CMtextS 1.0 - (users_logins/admin.txt) Credentials Disclosure Charon Cart 3.0 - 'Review.asp' SQL Injection CMtextS 1.0 - 'users_logins/admin.txt' Credentials Disclosure PHPartenaire 1.0 - (dix.php3) Remote File Inclusion PHPartenaire 1.0 - 'dix.php3' Remote File Inclusion ProgSys 0.156 - (RR.php) Remote File Inclusion ProgSys 0.156 - 'RR.php' Remote File Inclusion xweblog 2.1 - (kategori.asp) SQL Injection xweblog 2.1 - 'kategori.asp' SQL Injection Web-News 1.6.3 - (template.php) Remote File Inclusion Web-News 1.6.3 - 'template.php' Remote File Inclusion Advaced-Clan-Script 3.4 - (mcf.php) Remote File Inclusion Advaced-Clan-Script 3.4 - 'mcf.php' Remote File Inclusion SyntaxCMS 1.3 - (0004_init_urls.php) Remote File Inclusion Polaring 0.04.03 - (general.php) Remote File Inclusion SyntaxCMS 1.3 - '0004_init_urls.php' Remote File Inclusion Polaring 0.04.03 - 'general.php' Remote File Inclusion BrudaNews 1.1 - (admin/index.php) Remote File Inclusion BrudaGB 1.1 - (admin/index.php) Remote File Inclusion faceStones personal 2.0.42 - (fs_form_links.php) File Inclusion BrudaNews 1.1 - 'admin/index.php' Remote File Inclusion BrudaGB 1.1 - 'admin/index.php' Remote File Inclusion faceStones personal 2.0.42 - 'fs_form_links.php' File Inclusion Kietu? <= 4.0.0b2 - (hit.php) Remote File Inclusion Newswriter SW 1.42 - (editfunc.inc.php) File Inclusion Kietu? <= 4.0.0b2 - 'hit.php' Remote File Inclusion Newswriter SW 1.42 - 'editfunc.inc.php' File Inclusion Newswriter SW 1.4.2 - (main.inc.php) Remote File Inclusion PPA Gallery 1.0 - (functions.inc.php) Remote File Inclusion Newswriter SW 1.4.2 - 'main.inc.php' Remote File Inclusion PPA Gallery 1.0 - 'functions.inc.php' Remote File Inclusion phpMyWebmin 1.0 - (window.php) Remote File Inclusion PHPSecurePages 0.28b - (secure.php) Remote File Inclusion phpMyWebmin 1.0 - 'window.php' Remote File Inclusion PHPSecurePages 0.28b - 'secure.php' Remote File Inclusion PHP Krazy Image Hosting 0.7a - (display.php) SQL Injection UBB.Threads 6.5.1.1 - (doeditconfig.php) Code Execution PHP Krazy Image Hosting 0.7a - 'display.php' SQL Injection UBB.Threads 6.5.1.1 - 'doeditconfig.php' Code Execution VAMP Webmail 2.0beta1 - (yesno.phtml) Remote File Inclusion VAMP Webmail 2.0beta1 - 'yesno.phtml' Remote File Inclusion BBaCE 3.5 - (includes/functions.php) Remote File Inclusion BBaCE 3.5 - 'includes/functions.php' Remote File Inclusion Klinza Professional CMS 5.0.1 - (show_hlp.php) File Inclusion Klinza Professional CMS 5.0.1 - 'show_hlp.php' File Inclusion PHPGreetz 0.99 - (footer.php) Remote File Inclusion PHPGreetz 0.99 - 'footer.php' Remote File Inclusion phpBB Security Suite Mod 1.0.0 - (logger_engine.php) Remote File Inclusion phpBB Security Suite Mod 1.0.0 - 'logger_engine.php' Remote File Inclusion Cahier de texte 2.0 - (lire.php) SQL Injection Cahier de texte 2.0 - 'lire.php' SQL Injection PHPPC 1.03 RC1 - (/lib/functions.inc.php) Remote File Inclusion docmint 2.0 - (engine/require.php) Remote File Inclusion PHPPC 1.03 RC1 - '/lib/functions.inc.php' Remote File Inclusion docmint 2.0 - 'engine/require.php' Remote File Inclusion phpMyAgenda 3.1 - (templates/header.php3) Local File Inclusion TribunaLibre 3.12 Beta - (ftag.php) Remote File Inclusion phpMyAgenda 3.1 - 'templates/header.php3' Local File Inclusion TribunaLibre 3.12 Beta - 'ftag.php' Remote File Inclusion compteur 2.0 - (param_editor.php) Remote File Inclusion compteur 2.0 - 'param_editor.php' Remote File Inclusion Foafgen 0.3 - (redir.php) Local Source Disclosure Foafgen 0.3 - 'redir.php' Local Source Disclosure Exhibit Engine 1.5 RC 4 - (photo_comment.php) File Inclusion Claroline 1.8.0 rc1 - (import.lib.php) Remote File Inclusion PHPLibrary 1.5.3 - (grid3.lib.php) Remote File Inclusion Jinzora 2.1 - (media.php) Remote File Inclusion ae2 - (standart.inc.php) Remote File Inclusion n@board 3.1.9e - (naboard_pnr.php) Remote File Inclusion CommunityPortals 1.0 - (import-archive.php) File Inclusion PHP News Reader 2.6.4 - (phpBB.inc.php) Remote File Inclusion Exhibit Engine 1.5 RC 4 - 'photo_comment.php' File Inclusion Claroline 1.8.0 rc1 - 'import.lib.php' Remote File Inclusion PHPLibrary 1.5.3 - 'grid3.lib.php' Remote File Inclusion Jinzora 2.1 - 'media.php' Remote File Inclusion ae2 - 'standart.inc.php' Remote File Inclusion n@board 3.1.9e - 'naboard_pnr.php' Remote File Inclusion CommunityPortals 1.0 - 'import-archive.php' File Inclusion PHP News Reader 2.6.4 - 'phpBB.inc.php' Remote File Inclusion Minichat 6.0 - (ftag.php) Remote File Inclusion Minichat 6.0 - 'ftag.php' Remote File Inclusion PHPMyConferences 8.0.2 - (menu.inc.php) File Inclusion PHPMyConferences 8.0.2 - 'menu.inc.php' File Inclusion maluinfo 206.2.38 - (bb_usage_stats.php) Remote File Inclusion phpBB PlusXL 2.0_272 - (constants.php) Remote File Inclusion Genepi 1.6 - (genepi.php) Remote File Inclusion Cdsagenda 4.2.9 - (SendAlertEmail.php) File Inclusion maluinfo 206.2.38 - 'bb_usage_stats.php' Remote File Inclusion phpBB PlusXL 2.0_272 - 'constants.php' Remote File Inclusion Genepi 1.6 - 'genepi.php' Remote File Inclusion Cdsagenda 4.2.9 - 'SendAlertEmail.php' File Inclusion phpBB lat2cyr Mod 1.0.1 - (lat2cyr.php) Remote File Inclusion phpBB lat2cyr Mod 1.0.1 - 'lat2cyr.php' Remote File Inclusion phpBB Security 1.0.1 - (PHP_security.php) Remote File Inclusion YaBBSM 3.0.0 - (Offline.php) Remote File Inclusion phpBB Security 1.0.1 - 'PHP_security.php' Remote File Inclusion YaBBSM 3.0.0 - 'Offline.php' Remote File Inclusion IncCMS Core 1.0.0 - (settings.php) Remote File Inclusion Jinzora 2.6 - (extras/mt.php) Remote File Inclusion CyberBrau 0.9.4 - (forum/track.php) Remote File Inclusion IncCMS Core 1.0.0 - 'settings.php' Remote File Inclusion Jinzora 2.6 - 'extras/mt.php' Remote File Inclusion CyberBrau 0.9.4 - 'forum/track.php' Remote File Inclusion NuralStorm Webmail 0.98b - (process.php) Remote File Inclusion NuralStorm Webmail 0.98b - 'process.php' Remote File Inclusion Def-Blog 1.0.3 - (comadd.php) SQL Injection Def-Blog 1.0.3 - 'comadd.php' SQL Injection PHPMyManga 0.8.1 - (template.php) Multiple File Inclusion PHPMyManga 0.8.1 - 'template.php' Multiple File Inclusion WSN Forum 1.3.4 - (prestart.php) Remote Code Execution WSN Forum 1.3.4 - 'prestart.php' Remote Code Execution PHPPowerCards 2.10 - (txt.inc.php) Remote Code Execution PHP AMX 0.90 - (plugins/main.php) Remote File Inclusion PHPPowerCards 2.10 - 'txt.inc.php' Remote Code Execution PHP AMX 0.90 - 'plugins/main.php' Remote File Inclusion YapBB 1.2 Beta2 - (yapbb_session.php) Remote File Inclusion LoCal Calendar 1.1 - (lcUser.php) Remote File Inclusion EPNadmin 0.7 - (constantes.inc.php) Remote File Inclusion PH Pexplorer 0.24 - (explorer_load_lang.php) Local File Inclusion YapBB 1.2 Beta2 - 'yapbb_session.php' Remote File Inclusion LoCal Calendar 1.1 - 'lcUser.php' Remote File Inclusion EPNadmin 0.7 - 'constantes.inc.php' Remote File Inclusion PH Pexplorer 0.24 - 'explorer_load_lang.php' Local File Inclusion Lou Portail 1.4.1 - (admin_module.php) Remote File Inclusion WGCC 0.5.6b - (quiz.php) SQL Injection Lou Portail 1.4.1 - 'admin_module.php' Remote File Inclusion WGCC 0.5.6b - 'quiz.php' SQL Injection CASTOR 1.1.1 - (lib/rs.php) Remote File Inclusion CASTOR 1.1.1 - 'lib/rs.php' Remote File Inclusion Net_DNS 0.3 - (DNS/RR.php) Remote File Inclusion Net_DNS 0.3 - 'DNS/RR.php' Remote File Inclusion SourceForge 1.0.4 - (database.php) Remote File Inclusion SourceForge 1.0.4 - 'database.php' Remote File Inclusion Jaws 0.5.2 - (include/JawsDB.php) Remote File Inclusion JumbaCMS 0.0.1 - (includes/functions.php) Remote File Inclusion InteliEditor 1.2.x - (lib.editor.inc.php) Remote File Inclusion Ascended Guestbook 1.0.0 - (embedded.php) File Inclusion Jaws 0.5.2 - 'include/JawsDB.php' Remote File Inclusion JumbaCMS 0.0.1 - 'includes/functions.php' Remote File Inclusion InteliEditor 1.2.x - 'lib.editor.inc.php' Remote File Inclusion Ascended Guestbook 1.0.0 - 'embedded.php' File Inclusion UeberProject 1.0 - (login/secure.php) Remote File Inclusion UeberProject 1.0 - 'login/secure.php' Remote File Inclusion TextPattern 1.19 - (publish.php) Remote File Inclusion TextPattern 1.19 - 'publish.php' Remote File Inclusion ask_rave 0.9 PR - (end.php footfile) Remote File Inclusion ask_rave 0.9 PR - 'end.php footfile' Remote File Inclusion PHP League 0.82 - (classement.php) SQL Injection PHP League 0.82 - 'classement.php' SQL Injection PHPMyDesk 1.0 Beta - (viewticket.php) Local File Inclusion PHPMyDesk 1.0 Beta - 'viewticket.php' Local File Inclusion mp3SDS 3.0 - (Core/core.inc.php) Remote File Inclusion mp3SDS 3.0 - 'Core/core.inc.php' Remote File Inclusion MiraksGalerie 2.62 - (pcltar.lib.php) Remote File Inclusion Free Image Hosting 1.0 - (forgot_pass.php) File Inclusion Free File Hosting 1.1 - (forgot_pass.php) File Inclusion MiraksGalerie 2.62 - 'pcltar.lib.php' Remote File Inclusion Free Image Hosting 1.0 - 'forgot_pass.php' File Inclusion Free File Hosting 1.1 - 'forgot_pass.php' File Inclusion MySource CMS 2.16.2 - (init_mysource.php) Remote File Inclusion MySource CMS 2.16.2 - 'init_mysource.php' Remote File Inclusion Faq Administrator 2.1 - (faq_reply.php) Remote File Inclusion PHPMyRing 4.2.1 - (cherche.php) SQL Injection Faq Administrator 2.1 - 'faq_reply.php' Remote File Inclusion PHPMyRing 4.2.1 - 'cherche.php' SQL Injection PwsPHP 1.1 - (themes/fin.php) Remote File Inclusion T.G.S. CMS 0.1.7 - (logout.php) SQL Injection PwsPHP 1.1 - 'themes/fin.php' Remote File Inclusion T.G.S. CMS 0.1.7 - 'logout.php' SQL Injection Innovate Portal 2.0 - (acp.php) Remote Code Execution Innovate Portal 2.0 - 'acp.php' Remote Code Execution Lithium CMS 4.04c - (classes/index.php) Local File Inclusion Article System 0.6 - (volume.php) Remote File Inclusion Lithium CMS 4.04c - 'classes/index.php' Local File Inclusion Article System 0.6 - 'volume.php' Remote File Inclusion Ultimate PHP Board 2.0 - (header_simple.php) File Inclusion Ultimate PHP Board 2.0 - 'header_simple.php' File Inclusion iWare Pro 5.0.4 - (chat_panel.php) Remote Code Execution PHPAdventure 1.1 - (ad_main.php) Remote File Inclusion iWare Pro 5.0.4 - 'chat_panel.php' Remote Code Execution PHPAdventure 1.1 - 'ad_main.php' Remote File Inclusion IrayoBlog 0.2.4 - (inc/irayofuncs.php) Remote File Inclusion IrayoBlog 0.2.4 - 'inc/irayofuncs.php' Remote File Inclusion AspPired2Poll 1.0 - (MoreInfo.asp) SQL Injection MyAlbum 3.02 - (language.inc.php) Remote File Inclusion PHPManta 1.0.2 - (view-sourcecode.php) Local File Inclusion EncapsCMS 0.3.6 - (core/core.php) Remote File Inclusion AspPired2Poll 1.0 - 'MoreInfo.asp' SQL Injection MyAlbum 3.02 - 'language.inc.php' Remote File Inclusion PHPManta 1.0.2 - 'view-sourcecode.php' Local File Inclusion EncapsCMS 0.3.6 - 'core/core.php' Remote File Inclusion NuCommunity 1.0 - (cl_CatListing.asp) SQL Injection NuRems 1.0 - (propertysdetails.asp) SQL Injection NuStore 1.0 - (Products.asp) SQL Injection NuSchool 1.0 - (CampusNewsDetails.asp) SQL Injection NuCommunity 1.0 - 'cl_CatListing.asp' SQL Injection NuRems 1.0 - 'propertysdetails.asp' SQL Injection NuStore 1.0 - 'Products.asp' SQL Injection NuSchool 1.0 - 'CampusNewsDetails.asp' SQL Injection Munch Pro 1.0 - (switch.asp) SQL Injection Munch Pro 1.0 - 'switch.asp' SQL Injection UStore 1.0 - (detail.asp) SQL Injection USupport 1.0 - (detail.asp) SQL Injection UPublisher 1.0 - (viewarticle.asp) SQL Injection UStore 1.0 - 'detail.asp' SQL Injection USupport 1.0 - 'detail.asp' SQL Injection UPublisher 1.0 - 'viewarticle.asp' SQL Injection Quick.Cart 2.0 - (actions_client/gallery.php) Local File Inclusion Online Event Registration 2.0 - (save_profile.asp) Pass Change Exploit Quick.Cart 2.0 - 'actions_client/gallery.php' Local File Inclusion Online Event Registration 2.0 - 'save_profile.asp' Pass Change Exploit Property Pro 1.0 - (vir_Login.asp) Remote Login Bypass Property Pro 1.0 - 'vir_Login.asp' Remote Login Bypass PHPPeanuts 1.3 Beta - (Inspect.php) Remote File Inclusion PHPPeanuts 1.3 Beta - 'Inspect.php' Remote File Inclusion NetVIOS 2.0 - (page.asp) SQL Injection NetVIOS 2.0 - 'page.asp' SQL Injection Etomite CMS 0.6.1.2 - (manager/index.php) Local File Inclusion Etomite CMS 0.6.1.2 - 'manager/index.php' Local File Inclusion miniCWB 1.0.0 - (contact.php) Local File Inclusion miniCWB 1.0.0 - 'contact.php' Local File Inclusion Powies MatchMaker 4.05 - (matchdetail.php) SQL Injection mxBB Module calsnails 1.06 - (mx_common.php) File Inclusion Powies MatchMaker 4.05 - 'matchdetail.php' SQL Injection mxBB Module calsnails 1.06 - 'mx_common.php' File Inclusion Dicshunary 0.1a - (check_status.php) Remote File Inclusion Dicshunary 0.1a - 'check_status.php' Remote File Inclusion PHPWebThings 1.5.2 - (editor.php) Remote File Inclusion PHPWebThings 1.5.2 - 'editor.php' Remote File Inclusion ASPNuke 0.80 - (register.asp) SQL Injection ASPNuke 0.80 - 'register.asp' SQL Injection Photo Cart 3.9 - (adminprint.php) Remote File Inclusion e-Ark 1.0 - (src/ark_inc.php) Remote File Inclusion Photo Cart 3.9 - 'adminprint.php' Remote File Inclusion e-Ark 1.0 - 'src/ark_inc.php' Remote File Inclusion fipsGallery 1.5 - (index1.asp) SQL Injection fipsForum 2.6 - (default2.asp) SQL Injection fipsGallery 1.5 - 'index1.asp' SQL Injection fipsForum 2.6 - 'default2.asp' SQL Injection JiRos FAQ Manager 1.0 - (index.asp) SQL Injection HSRS 1.0 - (addcode.php) Remote File Inclusion OWLLib 1.0 - (OWLMemoryProperty.php) Remote File Inclusion JiRos FAQ Manager 1.0 - 'index.asp' SQL Injection HSRS 1.0 - 'addcode.php' Remote File Inclusion OWLLib 1.0 - 'OWLMemoryProperty.php' Remote File Inclusion Basic Forum 1.1 - (edit.asp) SQL Injection Basic Forum 1.1 - 'edit.asp' SQL Injection Exhibit Engine 1.22 - (styles.php) Remote File Inclusion Exhibit Engine 1.22 - 'styles.php' Remote File Inclusion SimpleBlog 2.3 - (admin/edit.asp) SQL Injection SimpleBlog 2.3 - 'admin/edit.asp' SQL Injection P-News 2.0 - (user.txt) Remote Password Disclosure P-News 2.0 - 'user.txt' Remote Password Disclosure b2evolution 1.8.5 < 1.9b - (import-mt.php) Remote File Inclusion b2evolution 1.8.5 < 1.9b - 'import-mt.php' Remote File Inclusion LDU 8.x - (polls.php) SQL Injection LDU 8.x - 'polls.php' SQL Injection ContentServ 4.x - (admin/FileServer.php) File Disclosure ContentServ 4.x - 'admin/FileServer.php' File Disclosure PHP Upload Center 2.0 - (activate.php) File Inclusion PHP Upload Center 2.0 - 'activate.php' File Inclusion QuickCart 2.0 - (categories.php) Local File Inclusion QuickCart 2.0 - 'categories.php' Local File Inclusion ThinkEdit 1.9.2 - (render.php) Remote File Inclusion ThinkEdit 1.9.2 - 'render.php' Remote File Inclusion TorrentFlux 2.2 - (downloaddetails.php) Local File Disclosure TorrentFlux 2.2 - (maketorrent.php) Remote Command Execution TorrentFlux 2.2 - 'downloaddetails.php' Local File Disclosure TorrentFlux 2.2 - 'maketorrent.php' Remote Command Execution HR Assist 1.05 - (vdateUsr.asp) Remote Login Bypass PHPAlbum 0.4.1 Beta 6 - (language.php) Local File Inclusion HR Assist 1.05 - 'vdateUsr.asp' Remote Login Bypass PHPAlbum 0.4.1 Beta 6 - 'language.php' Local File Inclusion Barman 0.0.1r3 - (Interface.php) Remote File Inclusion Barman 0.0.1r3 - 'Interface.php' Remote File Inclusion Blog:CMS 4.1.3 - (NP_UserSharing.php) Remote File Inclusion Blog:CMS 4.1.3 - 'NP_UserSharing.php' Remote File Inclusion PHPMyCMS 0.3 - (basic.inc.php) Remote File Inclusion yaplap 0.6.1b - (ldap.php) Remote File Inclusion PHPMyCMS 0.3 - 'basic.inc.php' Remote File Inclusion yaplap 0.6.1b - 'ldap.php' Remote File Inclusion Azucar CMS 1.3 - (admin/index_sitios.php) File Inclusion Azucar CMS 1.3 - 'admin/index_sitios.php' File Inclusion RateMe 1.3.2 - (main.inc.php) Remote File Inclusion RateMe 1.3.2 - 'main.inc.php' Remote File Inclusion Paristemi 0.8.3b - (buycd.php) Remote File Inclusion Paristemi 0.8.3b - 'buycd.php' Remote File Inclusion cwmVote 1.0 - (archive.php) Remote File Inclusion cwmCounter 5.1.1 - (statistic.php) Remote File Inclusion cwmVote 1.0 - 'archive.php' Remote File Inclusion cwmCounter 5.1.1 - 'statistic.php' Remote File Inclusion TextSend 1.5 - (config/sender.php) Remote File Inclusion TextSend 1.5 - 'config/sender.php' Remote File Inclusion PHP/Mysql Site Builder 0.0.2 - (htm2PHP.php) File Disclosure Newxooper-PHP 0.9.1 - (mapage.php) Remote File Inclusion PHP/Mysql Site Builder 0.0.2 - 'htm2PHP.php' File Disclosure Newxooper-PHP 0.9.1 - 'mapage.php' Remote File Inclusion inertianews 0.02b - (inertianews_main.php) Remote File Inclusion inertianews 0.02b - 'inertianews_main.php' Remote File Inclusion EternalMart Guestbook 1.10 - (admin/auth.php) Remote File Inclusion EternalMart Guestbook 1.10 - 'admin/auth.php' Remote File Inclusion b2 Blog 0.5 - (b2verifauth.php) Remote File Inclusion b2 Blog 0.5 - 'b2verifauth.php' Remote File Inclusion Enthrallweb ePhotos 1.0 - (subLevel2.asp) SQL Injection Enthrallweb ePhotos 1.0 - 'subLevel2.asp' SQL Injection Enthrallweb eCars 1.0 - (types.asp) SQL Injection Enthrallweb emates 1.0 - (newsdetail.asp) SQL Injection Enthrallweb eCars 1.0 - 'types.asp' SQL Injection Enthrallweb emates 1.0 - 'newsdetail.asp' SQL Injection Enthrallweb eCoupons 1.0 - (myprofile.asp) Remote Pass Change Exploit Enthrallweb eCoupons 1.0 - 'myprofile.asp' Remote Pass Change Exploit File Upload Manager 1.0.6 - (detail.asp) SQL Injection File Upload Manager 1.0.6 - 'detail.asp' SQL Injection Ultimate PHP Board 2.0b1 - (chat/login.php) Code Execution Pagetool CMS 1.07 - (pt_upload.php) Remote File Inclusion Ultimate PHP Board 2.0b1 - 'chat/login.php' Code Execution Pagetool CMS 1.07 - 'pt_upload.php' Remote File Inclusion HLStats 1.34 - (hlstats.php) SQL Injection HLStats 1.34 - 'hlstats.php' SQL Injection eNdonesia 8.4 - (mod.php/friend.php/admin.php) Multiple Vulnerabilities MTCMS 2.0 - (admin/admin_settings.php) Remote File Inclusion eNdonesia 8.4 - 'mod.php/friend.php/admin.php' Multiple Vulnerabilities MTCMS 2.0 - 'admin/admin_settings.php' Remote File Inclusion Okul Merkezi Portal 1.0 - (ataturk.php) Remote File Inclusion Okul Merkezi Portal 1.0 - 'ataturk.php' Remote File Inclusion PHP-Update 2.7 - (admin/uploads.php) Remote Code Execution Yrch 1.0 - (plug.inc.php path Variable) Remote File Inclusion Bubla 1.0.0rc2 - (bu/process.php) Remote File Inclusion PHP-Update 2.7 - 'admin/uploads.php' Remote Code Execution Yrch 1.0 - 'plug.inc.php path Variable' Remote File Inclusion Bubla 1.0.0rc2 - 'bu/process.php' Remote File Inclusion aFAQ 1.0 - (faqDsp.asp catcode) SQL Injection aFAQ 1.0 - 'faqDsp.asp catcode' SQL Injection x-news 1.1 - (users.txt) Remote Password Disclosure Voodoo chat 1.0RC1b - (users.dat) Password Disclosure x-news 1.1 - 'users.txt' Remote Password Disclosure Voodoo chat 1.0RC1b - 'users.dat' Password Disclosure SoftArtisans SAFileUp 5.0.14 - (viewsrc.asp) Script Source Disclosure FreeStyle Wiki 3.6.2 - (user.dat) Password Disclosure SoftArtisans SAFileUp 5.0.14 - 'viewsrc.asp' Script Source Disclosure FreeStyle Wiki 3.6.2 - 'user.dat' Password Disclosure P-News 1.16 / 1.17 - (user.dat) Remote Password Disclosure P-News 1.16 / 1.17 - 'user.dat' Remote Password Disclosure RBlog 1.0 - (admin.mdb) Remote Password Disclosure RBlog 1.0 - 'admin.mdb' Remote Password Disclosure AutoDealer 2.0 - (detail.asp iPro) SQL Injection WWWBoard 2.0 - (passwd.txt) Remote Password Disclosure AutoDealer 2.0 - 'detail.asp iPro' SQL Injection WWWBoard 2.0 - 'passwd.txt' Remote Password Disclosure TaskTracker 1.5 - (Customize.asp) Remote Add Administrator Exploit TaskTracker 1.5 - 'Customize.asp' Remote Add Administrator Exploit VerliAdmin 0.3 - (language.php) Local File Inclusion VerliAdmin 0.3 - 'language.php' Local File Inclusion Aratix 0.2.2b11 - (inc/init.inc.php) Remote File Inclusion Aratix 0.2.2b11 - 'inc/init.inc.php' Remote File Inclusion iG Calendar 1.0 - (user.php id Variable) SQL Injection iG Calendar 1.0 - 'user.php id Variable' SQL Injection LunarPoll 1.0 - (show.php PollDir) Remote File Inclusion TLM CMS 1.1 - (i-accueil.php chemin) Remote File Inclusion Mint Haber Sistemi 2.7 - (duyuru.asp id) SQL Injection LunarPoll 1.0 - 'show.php PollDir' Remote File Inclusion TLM CMS 1.1 - 'i-accueil.php chemin' Remote File Inclusion Mint Haber Sistemi 2.7 - 'duyuru.asp id' SQL Injection KGB 1.9 - (sesskglogadmin.php) Local File Inclusion KGB 1.9 - 'sesskglogadmin.php' Local File Inclusion MGB 0.5.4.5 - (email.php id Variable) SQL Injection MGB 0.5.4.5 - 'email.php id Variable' SQL Injection PHPMyphorum 1.5a - (mep/frame.php) Remote File Inclusion PHPMyphorum 1.5a - 'mep/frame.php' Remote File Inclusion Oreon 1.2.3 RC4 - (lang/index.php) Remote File Inclusion ComVironment 4.0 - (grab_globals.lib.php) Remote File Inclusion Oreon 1.2.3 RC4 - 'lang/index.php' Remote File Inclusion ComVironment 4.0 - 'grab_globals.lib.php' Remote File Inclusion PHPSherpa - (include/config.inc.php) Remote File Inclusion Bradabra 2.0.5 - (include/includes.php) Remote File Inclusion Neon Labs Website 3.2 - (nl.php g_strRootDir) Remote File Inclusion PHPSherpa - 'include/config.inc.php' Remote File Inclusion Bradabra 2.0.5 - 'include/includes.php' Remote File Inclusion Neon Labs Website 3.2 - 'nl.php g_strRootDir' Remote File Inclusion MySpeach 2.1b - (up.php) Remote File Inclusion WebChat 0.77 - (defines.php WEBCHATPATH) Remote File Inclusion Mafia Scum Tools 2.0.0 - (index.php gen) Remote File Inclusion MySpeach 2.1b - 'up.php' Remote File Inclusion WebChat 0.77 - 'defines.php WEBCHATPATH' Remote File Inclusion Mafia Scum Tools 2.0.0 - 'index.php gen' Remote File Inclusion Upload Service 1.0 - (top.php maindir) Remote File Inclusion Upload Service 1.0 - 'top.php maindir' Remote File Inclusion Vote-Pro 4.0 - (poll_frame.php poll_id) Remote Code Execution BBClone 0.31 - (selectlang.php) Remote File Inclusion Vote-Pro 4.0 - 'poll_frame.php poll_id' Remote Code Execution BBClone 0.31 - 'selectlang.php' Remote File Inclusion RPW 1.0.2 - (config.php sql_language) Remote File Inclusion ASP EDGE 1.2b - (user.asp) SQL Injection ASP NEWS 3.0 - (news_detail.asp) SQL Injection RPW 1.0.2 - 'config.php sql_language' Remote File Inclusion ASP EDGE 1.2b - 'user.asp' SQL Injection ASP NEWS 3.0 - 'news_detail.asp' SQL Injection GPS CMS 1.2 - (print.asp) SQL Injection GPS CMS 1.2 - 'print.asp' SQL Injection Virtual Path 1.0 - (vp/configure.php) Remote File Inclusion MyPHPcommander 2.0 - (package.php) Remote File Inclusion AINS 0.02b - (ains_main.php ains_path) Remote File Inclusion Virtual Path 1.0 - 'vp/configure.php' Remote File Inclusion MyPHPcommander 2.0 - 'package.php' Remote File Inclusion AINS 0.02b - 'ains_main.php ains_path' Remote File Inclusion nsGalPHP - (includes/config.inc.php racineTBS) Remote File Inclusion nsGalPHP - 'includes/config.inc.php racineTBS' Remote File Inclusion PHPMyReports 3.0.11 - (lib_head.php) Remote File Inclusion PHPMyReports 3.0.11 - 'lib_head.php' Remote File Inclusion xNews 1.3 - (xNews.php) SQL Injection xNews 1.3 - 'xNews.php' SQL Injection Webfwlog 0.92 - (debug.php) Remote File Disclosure Galeria Zdjec 3.0 - (zd_numer.php) Local File Inclusion Webfwlog 0.92 - 'debug.php' Remote File Disclosure Galeria Zdjec 3.0 - 'zd_numer.php' Local File Inclusion MyNews 4.2.2 - (themefunc.php) Remote File Inclusion MyNews 4.2.2 - 'themefunc.php' Remote File Inclusion SIPS 0.3.1 - (box.inc.php) Remote File Inclusion SIPS 0.3.1 - 'box.inc.php' Remote File Inclusion Epistemon 1.0 - (common.php inc_path) Remote File Inclusion WebBuilder 2.0 - (StageLoader.php) Remote File Inclusion Epistemon 1.0 - 'common.php inc_path' Remote File Inclusion WebBuilder 2.0 - 'StageLoader.php' Remote File Inclusion Flipper Poll 1.1.0 - (poll.php root_path) Remote File Inclusion Flipper Poll 1.1.0 - 'poll.php root_path' Remote File Inclusion Photo Galerie Standard 1.1 - (view.php) SQL Injection Woltlab Burning Board Lite 1.0.2pl3e - (pms.php) SQL Injection KDPics 1.11 - (exif.php lib_path) Remote File Inclusion Flip 2.01 final - (previewtheme.php inc_path) Remote File Inclusion Photo Galerie Standard 1.1 - 'view.php' SQL Injection Woltlab Burning Board Lite 1.0.2pl3e - 'pms.php' SQL Injection KDPics 1.11 - 'exif.php lib_path' Remote File Inclusion Flip 2.01 final - 'previewtheme.php inc_path' Remote File Inclusion SMA-DB 0.3.9 - (settings.php) Remote File Inclusion SMA-DB 0.3.9 - 'settings.php' Remote File Inclusion LightRO CMS 1.0 - (inhalt.php) Remote File Inclusion LightRO CMS 1.0 - 'inhalt.php' Remote File Inclusion AgerMenu 0.01 - (top.inc.php rootdir) Remote File Inclusion WebMatic 2.6 - (index_album.php) Remote File Inclusion AgerMenu 0.01 - 'top.inc.php rootdir' Remote File Inclusion WebMatic 2.6 - 'index_album.php' Remote File Inclusion LightRO CMS 1.0 - (index.php projectid) SQL Injection LightRO CMS 1.0 - 'index.php projectid' SQL Injection LushiWarPlaner 1.0 - (register.php) SQL Injection LushiWarPlaner 1.0 - 'register.php' SQL Injection philboard 1.14 - (philboard_forum.asp) SQL Injection philboard 1.14 - 'philboard_forum.asp' SQL Injection Xaran CMS 2.0 - (xarancms_haupt.php) SQL Injection PHPCC 4.2 Beta - (nickpage.php npid) SQL Injection Xaran CMS 2.0 - 'xarancms_haupt.php' SQL Injection PHPCC 4.2 Beta - 'nickpage.php npid' SQL Injection PollMentor 2.0 - (pollmentorres.asp id) SQL Injection PollMentor 2.0 - 'pollmentorres.asp id' SQL Injection nabopoll 1.2 - (survey.inc.php path) Remote File Inclusion nabopoll 1.2 - 'survey.inc.php path' Remote File Inclusion Snitz Forums 2000 3.1 SR4 - (pop_profile.asp) SQL Injection Snitz Forums 2000 3.1 SR4 - 'pop_profile.asp' SQL Injection Xpression News 1.0.1 - (archives.php) Remote File Disclosure Xpression News 1.0.1 - 'archives.php' Remote File Disclosure Ultimate Fun Book 1.02 - (function.php) Remote File Inclusion NukeSentinel 2.5.05 - (nsbypass.php) Blind SQL Injection NukeSentinel 2.5.05 - (nukesentinel.php) File Disclosure Ultimate Fun Book 1.02 - 'function.php' Remote File Inclusion NukeSentinel 2.5.05 - 'nsbypass.php' Blind SQL Injection NukeSentinel 2.5.05 - 'nukesentinel.php' File Disclosure Nabopoll 1.2 - (result.php surv) Blind SQL Injection Nabopoll 1.2 - 'result.php surv' Blind SQL Injection FlashGameScript 1.5.4 - (index.php func) Remote File Inclusion FlashGameScript 1.5.4 - 'index.php func' Remote File Inclusion FCRing 1.31 - (fcring.php s_fuss) Remote File Inclusion Sinapis 2.2 Gastebuch - (sinagb.php fuss) Remote File Inclusion Sinapis Forum 2.2 - (sinapis.php fuss) Remote File Inclusion FCRing 1.31 - 'fcring.php s_fuss' Remote File Inclusion Sinapis 2.2 Gastebuch - 'sinagb.php fuss' Remote File Inclusion Sinapis Forum 2.2 - 'sinapis.php fuss' Remote File Inclusion CS-Gallery 2.0 - (index.php album) Remote File Inclusion CS-Gallery 2.0 - 'index.php album' Remote File Inclusion PHP-MIP 0.1 - (top.php laypath) Remote File Inclusion STWC-Counter 3.4.0 - (downloadcounter.php) Remote File Inclusion Admin Phorum 3.3.1a - (del.php include_path) Remote File Inclusion vBulletin 3.6.4 - (inlinemod.php postids) SQL Injection Angel Lms 7.1 - (default.asp id) SQL Injection PHP-MIP 0.1 - 'top.php laypath' Remote File Inclusion STWC-Counter 3.4.0 - 'downloadcounter.php' Remote File Inclusion Admin Phorum 3.3.1a - 'del.php include_path' Remote File Inclusion vBulletin 3.6.4 - 'inlinemod.php postids' SQL Injection Angel Lms 7.1 - 'default.asp id' SQL Injection News-Letterman 1.1 - (eintrag.php sqllog) Remote File Inclusion News-Letterman 1.1 - 'eintrag.php sqllog' Remote File Inclusion AJ Dating 1.0 - (view_profile.php) SQL Injection AJ Dating 1.0 - 'view_profile.php' SQL Injection AJ Forum 1.0 - (topic_title.php) SQL Injection AJ Forum 1.0 - 'topic_title.php' SQL Injection Flat Chat 2.0 - (include online.txt) Remote Code Execution netForo! 0.1 - (down.php file_to_download) Remote File Disclosure Flat Chat 2.0 - 'include online.txt' Remote Code Execution netForo! 0.1 - 'down.php file_to_download' Remote File Disclosure Magic CMS 4.2.747 - (mysave.php) Remote File Inclusion Magic CMS 4.2.747 - 'mysave.php' Remote File Inclusion HC Newssystem 1.0-1.4 - (index.php ID) SQL Injection HC Newssystem 1.0-1.4 - 'index.php ID' SQL Injection Top Auction 1.0 - (viewcat.php) SQL Injection Top Auction 1.0 - 'viewcat.php' SQL Injection X-ice News System 1.0 - (devami.asp id) SQL Injection JGBBS 3.0beta1 - (search.asp author) SQL Injection X-ice News System 1.0 - 'devami.asp id' SQL Injection JGBBS 3.0beta1 - 'search.asp author' SQL Injection Woltlab Burning Board 2.x - (usergroups.php) SQL Injection Woltlab Burning Board 2.x - 'usergroups.php' SQL Injection Absolute Image Gallery 2.0 - (gallery.asp categoryId) SQL Injection Absolute Image Gallery 2.0 - 'gallery.asp categoryId' SQL Injection Creative Files 1.2 - (kommentare.php) SQL Injection Particle Blogger 1.2.0 - (post.php postid) SQL Injection Creative Files 1.2 - 'kommentare.php' SQL Injection Particle Blogger 1.2.0 - 'post.php postid' SQL Injection PHP-Stats 0.1.9.1b - (PHP-stats-options.php) Admin 2 exec() eExploit MPM Chat 2.5 - (view.php logi) Local File Inclusion PHP-Stats 0.1.9.1b - 'PHP-stats-options.php' Admin 2 exec() eExploit MPM Chat 2.5 - 'view.php logi' Local File Inclusion ScriptMagix Jokes 2.0 - (index.php catid) SQL Injection ScriptMagix Recipes 2.0 - (index.php catid) SQL Injection ScriptMagix Jokes 2.0 - 'index.php catid' SQL Injection ScriptMagix Recipes 2.0 - 'index.php catid' SQL Injection ScriptMagix Lyrics 2.0 - (index.php recid) SQL Injection ScriptMagix Lyrics 2.0 - 'index.php recid' SQL Injection PHP-Nuke Module htmltonuke 2.0alpha - (htmltonuke.php) Remote File Inclusion PHPRaid < 3.0.7 - (rss.php PHPraid_dir) Remote File Inclusion Monster Top List 1.4.2 - (functions.php root_path) Remote File Inclusion PHP-Nuke Module htmltonuke 2.0alpha - 'htmltonuke.php' Remote File Inclusion PHPRaid < 3.0.7 - 'rss.php PHPraid_dir' Remote File Inclusion Monster Top List 1.4.2 - 'functions.php root_path' Remote File Inclusion Digital Eye CMS 0.1.1b - (module.php) Remote File Inclusion Digital Eye CMS 0.1.1b - 'module.php' Remote File Inclusion ActiveBuyandSell 6.2 - (buyersend.asp catid) SQL Injection Active Auction Pro 7.1 - (default.asp catid) SQL Injection ActiveBuyandSell 6.2 - 'buyersend.asp catid' SQL Injection Active Auction Pro 7.1 - 'default.asp catid' SQL Injection Net-Side.net CMS - (index.php cms) Remote File Inclusion Net-Side.net CMS - 'index.php cms' Remote File Inclusion XOOPS module Articles 1.02 - (print.php id) SQL Injection XOOPS module Articles 1.02 - 'print.php id' SQL Injection XOOPS module Articles 1.03 - (index.php cat_id) SQL Injection XOOPS module Articles 1.03 - 'index.php cat_id' SQL Injection XOOPS Module Friendfinder 3.3 - (view.php id) SQL Injection MangoBery CMS 0.5.5 - (quotes.php) Remote File Inclusion XOOPS Module Friendfinder 3.3 - 'view.php id' SQL Injection MangoBery CMS 0.5.5 - 'quotes.php' Remote File Inclusion sBLOG 0.7.3 Beta - (inc/lang.php) Local File Inclusion sBLOG 0.7.3 Beta - 'inc/lang.php' Local File Inclusion Picture-Engine 1.2.0 - (wall.php cat) SQL Injection Picture-Engine 1.2.0 - 'wall.php cat' SQL Injection JSBoard 2.0.10 - (login.php table) Local File Inclusion JSBoard 2.0.10 - 'login.php table' Local File Inclusion XOOPS Module eCal 2.24 - (display.php) SQL Injection BT-sondage 1.12 - (gestion_sondage.php) Remote File Inclusion XOOPS Module eCal 2.24 - 'display.php' SQL Injection BT-sondage 1.12 - 'gestion_sondage.php' Remote File Inclusion XOOPS Module debaser 0.92 - (genre.php) Blind SQL Injection XOOPS Module debaser 0.92 - 'genre.php' Blind SQL Injection XOOPS Module Zmagazine 1.0 - (print.php) SQL Injection XOOPS Module Zmagazine 1.0 - 'print.php' SQL Injection XOOPS Module Rha7 Downloads 1.0 - (visit.php) SQL Injection XOOPS Module Rha7 Downloads 1.0 - 'visit.php' SQL Injection WebSPELL 4.01.02 - (picture.php) File Disclosure Beryo 2.0 - (downloadpic.php chemin) Remote File Disclosure cattaDoc 2.21 - (download2.php fn1) Remote File Disclosure WebSPELL 4.01.02 - 'picture.php' File Disclosure Beryo 2.0 - 'downloadpic.php chemin' Remote File Disclosure cattaDoc 2.21 - 'download2.php fn1' Remote File Disclosure Scorp Book 1.0 - (smilies.php config) Remote File Inclusion Scorp Book 1.0 - 'smilies.php config' Remote File Inclusion WitShare 0.9 - (index.php menu) Local File Inclusion WitShare 0.9 - 'index.php menu' Local File Inclusion Pathos CMS 0.92-2 - (warn.php) Remote File Inclusion Pathos CMS 0.92-2 - 'warn.php' Remote File Inclusion PHPGalleryScript 1.0 - (init.gallery.php include_class) Remote File Inclusion PHPGalleryScript 1.0 - 'init.gallery.php include_class' Remote File Inclusion Expow 0.8 - (autoindex.php cfg_file) Remote File Inclusion Request It 1.0b - (index.php id) Remote File Inclusion Chatness 2.5.3 - (options.php/save.php) Remote Code Execution Expow 0.8 - 'autoindex.php cfg_file' Remote File Inclusion Request It 1.0b - 'index.php id' Remote File Inclusion Chatness 2.5.3 - 'options.php/save.php' Remote Code Execution Pixaria Gallery 1.x - (class.Smarty.php) Remote File Inclusion Pixaria Gallery 1.x - 'class.Smarty.php' Remote File Inclusion CNStats 2.9 - (who_r.php bj) Remote File Inclusion NMDeluxe 1.0.1 - (footer.php template) Local File Inclusion CNStats 2.9 - 'who_r.php bj' Remote File Inclusion NMDeluxe 1.0.1 - 'footer.php template' Local File Inclusion openMairie 1.10 - (scr/soustab.php) Local File Inclusion openMairie 1.10 - 'scr/soustab.php' Local File Inclusion Anthologia 0.5.2 - (index.php ads_file) Remote File Inclusion Anthologia 0.5.2 - 'index.php ads_file' Remote File Inclusion Joomla! Component JoomlaPack 1.0.4a2 RE - (CAltInstaller.php) Remote File Inclusion Joomla! Component JoomlaPack 1.0.4a2 RE - 'CAltInstaller.php' Remote File Inclusion ShoutPro 1.5.2 - (shout.php) Remote Code Injection ShoutPro 1.5.2 - 'shout.php' Remote Code Injection AimStats 3.2 - (process.php update) Remote Code Execution AimStats 3.2 - 'process.php update' Remote Code Execution CreaDirectory 1.2 - (error.asp id) SQL Injection CreaDirectory 1.2 - 'error.asp id' SQL Injection JChit counter 1.0.0 - (imgsrv.php ac) Remote File Disclosure JChit counter 1.0.0 - 'imgsrv.php ac' Remote File Disclosure Joomla! 1.5.0 Beta - (pcltar.php) Remote File Inclusion Pagode 0.5.8 - (navigator_ok.php asolute) Remote File Disclosure Joomla! 1.5.0 Beta - 'pcltar.php' Remote File Inclusion Pagode 0.5.8 - 'navigator_ok.php asolute' Remote File Disclosure wavewoo 0.1.1 - (loading.php path_include) Remote File Inclusion JulmaCMS 1.4 - (file.php) Remote File Disclosure Ext 1.0 - (feed-proxy.php feed) Remote File Disclosure PHPBandManager 0.8 - (index.php pg) Remote File Inclusion PHPOracleView - (include_all.inc.php page_dir) Remote File Inclusion wavewoo 0.1.1 - 'loading.php path_include' Remote File Inclusion JulmaCMS 1.4 - 'file.php' Remote File Disclosure Ext 1.0 - 'feed-proxy.php feed' Remote File Disclosure PHPBandManager 0.8 - 'index.php pg' Remote File Inclusion PHPOracleView - 'include_all.inc.php page_dir' Remote File Inclusion EsForum 3.0 - (forum.php idsalon) SQL Injection EsForum 3.0 - 'forum.php idsalon' SQL Injection Imageview 5.3 - (fileview.php album) Local File Inclusion The Merchant 2.2.0 - (index.php show) Remote File Inclusion psipuss 1.0 - (editusers.php) Remote Change Admin Password Imageview 5.3 - 'fileview.php album' Local File Inclusion The Merchant 2.2.0 - 'index.php show' Remote File Inclusion psipuss 1.0 - 'editusers.php' Remote Change Admin Password Sendcard 3.4.1 - (sendcard.php form) Local File Inclusion Sendcard 3.4.1 - 'sendcard.php form' Local File Inclusion PStruh-CZ 1.3/1.5 - (download.asp) File Disclosure PStruh-CZ 1.3/1.5 - 'download.asp' File Disclosure Open Translation Engine (OTE) 0.7.8 - (header.php ote_home) Remote File Inclusion Open Translation Engine (OTE) 0.7.8 - 'header.php ote_home' Remote File Inclusion Censura 1.15.04 - (censura.php vendorid) SQL Injection E-GADS! 2.2.6 - (common.php locale) Remote File Inclusion Versado CMS 1.07 - (ajax_listado.php urlModulo) Remote File Inclusion workbench 0.11 - (header.php path) Remote File Inclusion Censura 1.15.04 - 'censura.php vendorid' SQL Injection E-GADS! 2.2.6 - 'common.php locale' Remote File Inclusion Versado CMS 1.07 - 'ajax_listado.php urlModulo' Remote File Inclusion workbench 0.11 - 'header.php path' Remote File Inclusion PHPtree 1.3 - (cms2.php s_dir) Remote File Inclusion NoAh 0.9 pre 1.2 - (mfa_theme.php) Remote File Inclusion PHPtree 1.3 - 'cms2.php s_dir' Remote File Inclusion NoAh 0.9 pre 1.2 - 'mfa_theme.php' Remote File Inclusion ACGVAnnu 1.3 - (acgv.php rubrik) Local File Inclusion ACGVAnnu 1.3 - 'acgv.php rubrik' Local File Inclusion LaVague 0.3 - (printbar.php views_path) Remote File Inclusion LaVague 0.3 - 'printbar.php views_path' Remote File Inclusion Miplex2 - (SmartyFU.class.php) Remote File Inclusion Miplex2 - 'SmartyFU.class.php' Remote File Inclusion SimpleNews 1.0.0 FINAL - (print.php news_id) SQL Injection TutorialCMS 1.00 - (search.php search) SQL Injection SimpleNews 1.0.0 FINAL - 'print.php news_id' SQL Injection TutorialCMS 1.00 - 'search.php search' SQL Injection maGAZIn 2.0 - (PHPThumb.php src) Remote File Disclosure R2K Gallery 1.7 - (galeria.php lang2) Local File Inclusion maGAZIn 2.0 - 'PHPThumb.php src' Remote File Disclosure R2K Gallery 1.7 - 'galeria.php lang2' Local File Inclusion PHP FirstPost 0.1 - (block.php Include) Remote File Inclusion iG Shop 1.4 - (page.php) SQL Injection PHP FirstPost 0.1 - 'block.php Include' Remote File Inclusion iG Shop 1.4 - 'page.php' SQL Injection Beacon 0.2.0 - (splash.lang.php) Remote File Inclusion Beacon 0.2.0 - 'splash.lang.php' Remote File Inclusion BlogMe 3.0 - (archshow.asp var) SQL Injection BlogMe 3.0 - 'archshow.asp var' SQL Injection NagiosQL 2005 2.00 - (prepend_adm.php) Remote File Inclusion Feindt Computerservice News 2.0 - (newsadmin.php action) Remote File Inclusion NagiosQL 2005 2.00 - 'prepend_adm.php' Remote File Inclusion Feindt Computerservice News 2.0 - 'newsadmin.php action' Remote File Inclusion FAQEngine 4.16.03 - (question.php questionref) SQL Injection FAQEngine 4.16.03 - 'question.php questionref' SQL Injection Libstats 1.0.3 - (template_csv.php) Remote File Inclusion MolyX BOARD 2.5.0 - (index.php lang) Local File Inclusion Libstats 1.0.3 - 'template_csv.php' Remote File Inclusion MolyX BOARD 2.5.0 - 'index.php lang' Local File Inclusion Dokeos 1.8.0 - (my_progress.php course) SQL Injection Dokeos 1.6.5 - (courseLog.php scormcontopen) SQL Injection Dokeos 1.8.0 - 'my_progress.php course' SQL Injection Dokeos 1.6.5 - 'courseLog.php scormcontopen' SQL Injection Webavis 0.1.1 - (class.php root) Remote File Inclusion Webavis 0.1.1 - 'class.php root' Remote File Inclusion My Little Forum 1.7 - (user.php id) SQL Injection My Little Forum 1.7 - 'user.php id' SQL Injection TROforum 0.1 - (admin.php site_url) Remote File Inclusion TROforum 0.1 - 'admin.php site_url' Remote File Inclusion Fundanemt 2.2.0 - (spellcheck.php) Remote Code Execution Fundanemt 2.2.0 - 'spellcheck.php' Remote Code Execution Madirish Webmail 2.0 - (addressbook.php) Remote File Inclusion Madirish Webmail 2.0 - 'addressbook.php' Remote File Inclusion Fuzzylime Forum 1.0 - (low.php topic) SQL Injection Fuzzylime Forum 1.0 - 'low.php topic' SQL Injection Sitellite CMS 4.2.12 - (559668.php) Remote File Inclusion PHP::HTML 0.6.4 - (PHPhtml.php) Remote File Inclusion PHPMyInventory 2.8 - (global.inc.php) Remote File Inclusion Sitellite CMS 4.2.12 - '559668.php' Remote File Inclusion PHP::HTML 0.6.4 - 'PHPhtml.php' Remote File Inclusion PHPMyInventory 2.8 - 'global.inc.php' Remote File Inclusion MiniBill 1.2.5 - (run_billing.php) Remote File Inclusion MiniBill 1.2.5 - 'run_billing.php' Remote File Inclusion LiveCMS 3.4 - (categoria.php cid) SQL Injection LiveCMS 3.4 - 'categoria.php cid' SQL Injection SerWeb 0.9.4 - (load_lang.php) Remote File Inclusion Powl 0.94 - (htmledit.php) Remote File Inclusion SerWeb 0.9.4 - 'load_lang.php' Remote File Inclusion Powl 0.94 - 'htmledit.php' Remote File Inclusion Pharmacy System 2.0 - (index.php ID) SQL Injection Pharmacy System 2.0 - 'index.php ID' SQL Injection b1gbb 2.24.0 - (footer.inc.php tfooter) Remote File Inclusion b1gbb 2.24.0 - 'footer.inc.php tfooter' Remote File Inclusion SiteDepth CMS 3.44 - (ShowImage.php name) File Disclosure DreamLog 0.5 - (upload.php) Arbitrary File Upload SiteDepth CMS 3.44 - 'ShowImage.php name' File Disclosure DreamLog 0.5 - 'upload.php' Arbitrary File Upload PHPSiteBackup 0.1 - (pcltar.lib.php) Remote File Inclusion EVA-Web 1.1 <= 2.2 - (index.php3) Remote File Inclusion PHPSiteBackup 0.1 - 'pcltar.lib.php' Remote File Inclusion EVA-Web 1.1 <= 2.2 - 'index.php3' Remote File Inclusion WebChat 0.78 - (login.php rid) SQL Injection Buddy Zone 1.5 - (view_sub_cat.php cat_id) SQL Injection WebChat 0.78 - 'login.php rid' SQL Injection Buddy Zone 1.5 - 'view_sub_cat.php cat_id' SQL Injection TotalCalendar 2.402 - (view_event.php) SQL Injection XCMS 1.1 - (Galerie.php) Local File Inclusion TotalCalendar 2.402 - 'view_event.php' SQL Injection XCMS 1.1 - 'Galerie.php' Local File Inclusion phpEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection phpEventCalendar 0.2.3 - 'eventdisplay.php' SQL Injection AV Arcade 2.1b - (index.php id) SQL Injection PHPDirector 0.21 - (videos.php id) SQL Injection vbzoom 1.x - (forum.php MainID) SQL Injection AV Arcade 2.1b - 'index.php id' SQL Injection PHPDirector 0.21 - 'videos.php id' SQL Injection vbzoom 1.x - 'forum.php MainID' SQL Injection Girlserv ads 1.5 - (details_news.php) SQL Injection Girlserv ads 1.5 - 'details_news.php' SQL Injection AsteriDex 3.0 - (callboth.php) Remote Code Execution AsteriDex 3.0 - 'callboth.php' Remote Code Execution vBulletin Mod RPG Inferno 2.4 - (inferno.php) SQL Injection OpenLD 1.2.2 - (index.php id) SQL Injection FlashBB 1.1.8 - (sendmsg.php) Remote File Inclusion vBulletin Mod RPG Inferno 2.4 - 'inferno.php' SQL Injection OpenLD 1.2.2 - 'index.php id' SQL Injection FlashBB 1.1.8 - 'sendmsg.php' Remote File Inclusion PsNews 1.1 - (show.php newspath) Local File Inclusion PsNews 1.1 - 'show.php newspath' Local File Inclusion QuickEStore 8.2 - (insertorder.cfm) SQL Injection QuickEStore 8.2 - 'insertorder.cfm' SQL Injection phpBB Module SupaNav 1.0.0 - (link_main.php) Remote File Inclusion phpBB Module SupaNav 1.0.0 - 'link_main.php' Remote File Inclusion Blog System 1.x - (index.php news_id) SQL Injection Blog System 1.x - 'index.php news_id' SQL Injection Confixx Pro 3.3.1 - (saveserver.php) Remote File Inclusion Confixx Pro 3.3.1 - 'saveserver.php' Remote File Inclusion SimpleBlog 3.0 - (comments_get.asp id) SQL Injection SimpleBlog 3.0 - 'comments_get.asp id' SQL Injection paBugs 2.0 Beta 3 - (main.php cid) SQL Injection paBugs 2.0 Beta 3 - 'main.php cid' SQL Injection YNP Portal System 2.2.0 - (showpage.cgi p) Remote File Disclosure YNP Portal System 2.2.0 - 'showpage.cgi p' Remote File Disclosure FishCart 3.2 RC2 - (fc_example.php) Remote File Inclusion Ncaster 1.7.2 - (archive.php) Remote File Inclusion FishCart 3.2 RC2 - 'fc_example.php' Remote File Inclusion Ncaster 1.7.2 - 'archive.php' Remote File Inclusion Pixlie 1.7 - (pixlie.php root) Remote File Disclosure Pixlie 1.7 - 'pixlie.php root' Remote File Disclosure Squirrelcart 1.x.x - (cart.php) Remote File Inclusion Squirrelcart 1.x.x - 'cart.php' Remote File Inclusion SomeryC 0.2.4 - (include.php skindir) Remote File Inclusion SomeryC 0.2.4 - 'include.php skindir' Remote File Inclusion Micro CMS 3.5 - (revert-content.php) SQL Injection Micro CMS 3.5 - 'revert-content.php' SQL Injection DL PayCart 1.01 - (viewitem.php ItemID) Blind SQL Injection VWar 1.5.0 R15 - (mvcw.php) Remote File Inclusion DL PayCart 1.01 - 'viewitem.php ItemID' Blind SQL Injection VWar 1.5.0 R15 - 'mvcw.php' Remote File Inclusion xGB 2.0 - (xGB.php) Remote Security Bypass xGB 2.0 - 'xGB.php' Remote Security Bypass PHPNS 1.1 - (shownews.php id) SQL Injection PHPNS 1.1 - 'shownews.php id' SQL Injection Ourspace 2.0.9 - (uploadmedia.cgi) Arbitrary File Upload Ourspace 2.0.9 - 'uploadmedia.cgi' Arbitrary File Upload Yvora CMS 1.0 - (error_view.php ID) SQL Injection Yvora CMS 1.0 - 'error_view.php ID' SQL Injection PHPOF 20040226 - (DB_adodb.class.php) Remote File Inclusion AnyInventory 2.0 - (Environment.php) Remote File Inclusion PHPOF 20040226 - 'DB_adodb.class.php' Remote File Inclusion AnyInventory 2.0 - 'Environment.php' Remote File Inclusion Webace-Linkscript 1.3 SE - (start.php) SQL Injection RW::Download 2.0.3 lite - (index.php dlid) SQL Injection Webace-Linkscript 1.3 SE - 'start.php' SQL Injection RW::Download 2.0.3 lite - 'index.php dlid' SQL Injection Sisfo Kampus 2006 - (blanko.preview.php) Local File Disclosure Sisfo Kampus 2006 - 'blanko.preview.php' Local File Disclosure PHPress 0.2.0 - (adisplay.php lang) Local File Inclusion PHPress 0.2.0 - 'adisplay.php lang' Local File Inclusion Ajax File Browser 3b - (settings.inc.php approot) Remote File Inclusion Ajax File Browser 3b - 'settings.inc.php approot' Remote File Inclusion JBlog 1.0 - (index.php id) SQL Injection JBlog 1.0 - 'index.php id' SQL Injection neuron news 1.0 - (index.php q) Local File Inclusion neuron news 1.0 - 'index.php q' Local File Inclusion Wordsmith 1.1b - (config.inc.php _path) Remote File Inclusion Wordsmith 1.1b - 'config.inc.php _path' Remote File Inclusion helplink 0.1.0 - (show.php) Remote File Inclusion helplink 0.1.0 - 'show.php' Remote File Inclusion Novus 1.0 - (notas.asp nota_id) SQL Injection Novus 1.0 - 'notas.asp nota_id' SQL Injection lustig.cms Beta 2.5 - (forum.php view) Remote File Inclusion lustig.cms Beta 2.5 - 'forum.php view' Remote File Inclusion Ossigeno CMS 2.2a3 - (footer.php) Remote File Inclusion Ossigeno CMS 2.2a3 - 'footer.php' Remote File Inclusion Picturesolution 2.1 - (config.php path) Remote File Inclusion Picturesolution 2.1 - 'config.php path' Remote File Inclusion xKiosk 3.0.1i - (xkurl.php PEARPATH) Remote File Inclusion xKiosk 3.0.1i - 'xkurl.php PEARPATH' Remote File Inclusion LimeSurvey 1.52 - (language.php) Remote File Inclusion LimeSurvey 1.52 - 'language.php' Remote File Inclusion emagiC CMS.Net 4.0 - (emc.asp) SQL Injection FireConfig 0.5 - (dl.php) Remote File Disclosure emagiC CMS.Net 4.0 - 'emc.asp' SQL Injection FireConfig 0.5 - 'dl.php' Remote File Disclosure Ax Developer CMS 0.1.1 - (index.php module) Local File Inclusion GuppY 4.6.3 - (includes.inc selskin) Remote File Inclusion Quick and Dirty Blog (qdblog) 0.4 - (categories.php) Local File Inclusion scWiki 1.0 Beta 2 - (common.php pathdot) Remote File Inclusion Ax Developer CMS 0.1.1 - 'index.php module' Local File Inclusion GuppY 4.6.3 - 'includes.inc selskin' Remote File Inclusion Quick and Dirty Blog (qdblog) 0.4 - 'categories.php' Local File Inclusion scWiki 1.0 Beta 2 - 'common.php pathdot' Remote File Inclusion Content Injector 1.52 - (index.php cat) SQL Injection Content Injector 1.52 - 'index.php cat' SQL Injection Amber Script 1.0 - (show_content.php id) Local File Inclusion Amber Script 1.0 - 'show_content.php id' Local File Inclusion project alumni 1.0.9 - (index.php act) Local File Inclusion project alumni 1.0.9 - 'index.php act' Local File Inclusion Web-MeetMe 3.0.3 - (play.php) Remote File Disclosure Web-MeetMe 3.0.3 - 'play.php' Remote File Disclosure KML share 1.1 - (region.php layer) Remote File Disclosure KML share 1.1 - 'region.php layer' Remote File Disclosure EZContents 1.4.5 - (index.php link) Remote File Disclosure EZContents 1.4.5 - 'index.php link' Remote File Disclosure PolDoc CMS 0.96 - (download_file.php) File Disclosure PolDoc CMS 0.96 - 'download_file.php' File Disclosure xml2owl 0.1.1 - (filedownload.php) Remote File Disclosure xml2owl 0.1.1 - 'filedownload.php' Remote File Disclosure Wallpaper Site 1.0.09 - (category.php) SQL Injection Wallpaper Site 1.0.09 - 'category.php' SQL Injection PHP ZLink 0.3 - (go.php) SQL Injection PHP ZLink 0.3 - 'go.php' SQL Injection ThemeSiteScript 1.0 - (index.php loadadminpage) Remote File Inclusion ThemeSiteScript 1.0 - 'index.php loadadminpage' Remote File Inclusion ZenPhoto 1.1.3 - (rss.php albumnr) SQL Injection ZenPhoto 1.1.3 - 'rss.php albumnr' SQL Injection Docebo 3.5.0.3 - (lib.regset.php) Command Execution Docebo 3.5.0.3 - 'lib.regset.php' Command Execution Docebo 3.5.0.3 - (lib.regset.php/non-blind) SQL Injection Docebo 3.5.0.3 - 'lib.regset.php/non-blind' SQL Injection Quinsonnas Mail Checker 1.55 - (footer.php) Remote File Inclusion Quinsonnas Mail Checker 1.55 - 'footer.php' Remote File Inclusion PHPMesFilms 1.0 - (index.php id) SQL Injection PHPMesFilms 1.0 - 'index.php id' SQL Injection CuteNews 1.4.6 - (ip ban) Cross-Site Scripting / Command Execution (Administrator Required) CuteNews 1.4.6 - 'ip ban' Authorized Cross-Site Scripting / Command Execution GNUBoard 4.31.03 - (08.12.29) Local File Inclusion GNUBoard 4.31.03 (08.12.29) - Local File Inclusion Gazelle CMS - 'template' Local File Inclusion Gazelle CMS 1.0 - 'template' Local File Inclusion Social Engine - (category_id) SQL Injection SmartSiteCMS 1.0 - (articles.php var) Blind SQL Injection Social Engine 3.06 - 'category_id' Parameter SQL Injection SmartSiteCMS 1.0 - Blind SQL Injection Star Articles 6.0 - (admin.manage) Remote Contents Change Star Articles 6.0 - Remote Contents Change PLE CMS 1.0 Beta 4.2 - (login.php school) Blind SQL Injection PLE CMS 1.0 Beta 4.2 - Blind SQL Injection GNUBoard 4.31.04 - (09.01.30) Multiple Local+Remote Vulnerabilities GNUBoard 4.31.04 (09.01.30) - Multiple Local+Remote Vulnerabilities eVision CMS 2.0 - (field) SQL Injection eVision CMS 2.0 - SQL Injection phpBLASTER 1.0 RC1 - (blaster_user) Blind SQL Injection phpBLASTER 1.0 RC1 - Blind SQL Injection phpslash 0.8.1.1 - Remote Code Execution PHPSlash 0.8.1.1 - Remote Code Execution WEBalbum 2.4b - (photo.php id) Blind SQL Injection WEBalbum 2.4b - 'photo.php id' Blind SQL Injection PHPbbBook 1.3 - (bbcode.php l) Local File Inclusion PHPbbBook 1.3 - 'bbcode.php l' Local File Inclusion IF-CMS 2.0 - (frame.php id) Blind SQL Injection IF-CMS 2.0 - 'frame.php id' Blind SQL Injection ZeroBoardXE 1.1.5 - (09.01.22) Cross-Site Scripting ZeroBoardXE 1.1.5 (09.01.22) - Cross-Site Scripting Gaeste 1.6 - (gastbuch.php) Remote File Disclosure Gaeste 1.6 - 'gastbuch.php' Remote File Disclosure Bloggeruniverse 2.0 Beta - (editcomments.php id) SQL Injection Den Dating 9.01 - (searchmatch.php) SQL Injection Bloggeruniverse 2.0 Beta - 'editcomments.php id' SQL Injection Den Dating 9.01 - 'searchmatch.php' SQL Injection PHP Krazy Image Host Script 1.01 - (viewer.php id) SQL Injection PHP Krazy Image Host Script 1.01 - 'viewer.php id' SQL Injection phpBB 3 - (autopost bot mod 0.1.3) Remote File Inclusion i-dreams Mailer 1.2 Final - (admin.dat) File Disclosure i-dreams GB 5.4 Final - (admin.dat) File Disclosure phpBB 3 - 'autopost bot mod 0.1.3' Remote File Inclusion i-dreams Mailer 1.2 Final - 'admin.dat' File Disclosure i-dreams GB 5.4 Final - 'admin.dat' File Disclosure Osmodia Bulletin Board 1.x - (admin.txt) File Disclosure Osmodia Bulletin Board 1.x - 'admin.txt' File Disclosure Supernews 1.5 - (valor.php noticia) SQL Injection X-BLC 0.2.0 - (get_read.php section) SQL Injection Supernews 1.5 - 'valor.php noticia' SQL Injection X-BLC 0.2.0 - 'get_read.php section' SQL Injection SurfMyTV Script 1.0 - (view.php id) SQL Injection SurfMyTV Script 1.0 - 'view.php id' SQL Injection WeBid 0.7.3 RC9 - (upldgallery.php) Arbitrary File Upload WeBid 0.7.3 RC9 - 'upldgallery.php' Arbitrary File Upload vsp stats processor 0.45 - (gamestat.php gameID) SQL Injection vsp stats processor 0.45 - 'gamestat.php gameID' SQL Injection Back-End CMS 5.0 - (main.asp id) SQL Injection Back-End CMS 5.0 - 'main.asp id' SQL Injection GuestCal 2.1 - (index.php lang) Local File Inclusion GuestCal 2.1 - 'index.php lang' Local File Inclusion W2B Restaurant 1.2 - (conf.inc) Config File Disclosure W2B Restaurant 1.2 - 'conf.inc' Config File Disclosure NetHoteles 3.0 - (ficha.php) SQL Injection eLitius 1.0 - (manage-admin.php) Add Admin/Change Password Exploit NetHoteles 3.0 - 'ficha.php' SQL Injection eLitius 1.0 - 'manage-admin.php' Add Admin/Change Password Exploit Dokeos Lms 1.8.5 - (whoisonline.php) PHP Code Injection Dokeos Lms 1.8.5 - 'whoisonline.php' PHP Code Injection Flatchat 3.0 - (pmscript.php with) Local File Inclusion Flatchat 3.0 - 'pmscript.php with' Local File Inclusion VisionLms 1.0 - (changePW.php) Remote Password Change Exploit VisionLms 1.0 - 'changePW.php' Remote Password Change Exploit eLitius 1.0 - (banner-details.php id) SQL Injection ProjectCMS 1.0b - (index.php sn) SQL Injection eLitius 1.0 - 'banner-details.php id' SQL Injection ProjectCMS 1.0b - 'index.php sn' SQL Injection pecio CMS 1.1.5 - (index.php language) Local File Inclusion pecio CMS 1.1.5 - 'index.php language' Local File Inclusion Uguestbook 1.0b - (Guestbook.mdb) Arbitrary Database Disclosure Uguestbook 1.0b - 'Guestbook.mdb' Arbitrary Database Disclosure beLive 0.2.3 - (arch.php arch) Local File Inclusion beLive 0.2.3 - 'arch.php arch' Local File Inclusion PHPenpals 1.1 - (mail.php ID) SQL Injection PHPenpals 1.1 - 'mail.php ID' SQL Injection MaxCMS 2.0 - (inc/ajax.asp) SQL Injection MaxCMS 2.0 - 'inc/ajax.asp' SQL Injection Realty Web-Base 1.0 - (list_list.php id) SQL Injection Realty Web-Base 1.0 - 'list_list.php id' SQL Injection vBulletin vbBux/vbPlaza 2.x - (vbplaza.php) Blind SQL Injection vBulletin vbBux/vbPlaza 2.x - 'vbplaza.php' Blind SQL Injection ShaadiClone 2.0 - (addAdminmembercode.php) Add Admin ShaadiClone 2.0 - 'addAdminmembercode.php' Add Admin ecsportal rel 6.5 - (article_view_photo.php id) SQL Injection ecsportal rel 6.5 - 'article_view_photo.php id' SQL Injection Supernews 2.6 - (index.php noticia) SQL Injection Supernews 2.6 - 'index.php noticia' SQL Injection Movie PHP Script 2.0 - (init.php anticode) Code Execution Movie PHP Script 2.0 - 'init.php anticode' Code Execution VT-Auth 1.0 - (zHk8dEes3.txt) File Disclosure VT-Auth 1.0 - 'zHk8dEes3.txt' File Disclosure PHPWebThings 1.5.2 - (help.php module) Local File Inclusion PHPWebThings 1.5.2 - 'help.php module' Local File Inclusion DB Top Sites 1.0 - (index.php u) Local File Inclusion DB Top Sites 1.0 - 'index.php u' Local File Inclusion PHPCollegeExchange 0.1.5c - (listing_view.php itemnr) SQL Injection PHPCollegeExchange 0.1.5c - 'listing_view.php itemnr' SQL Injection XOOPS 2.3.3 - (.htaccess) Remote File Disclosure PHPFK 7.03 - (page_bottom.php) Local File Inclusion XOOPS 2.3.3 - '.htaccess' Remote File Disclosure PHPFK 7.03 - 'page_bottom.php' Local File Inclusion Glossword 1.8.11 - (index.php x) Local File Inclusion Glossword 1.8.11 - 'index.php x' Local File Inclusion LightOpenCMS 0.1 - (smarty.php cwd) Local File Inclusion LightOpenCMS 0.1 - 'smarty.php cwd' Local File Inclusion Messages Library 2.0 - (cat.php CatID) SQL Injection Messages Library 2.0 - 'cat.php CatID' SQL Injection PHP-Sugar 0.80 - (index.php t) Local File Inclusion PHP-Sugar 0.80 - 'index.php t' Local File Inclusion Universe CMS 1.0.6 - (vnews.php id) SQL Injection Universe CMS 1.0.6 - 'vnews.php id' SQL Injection Phenotype CMS 2.8 - (login.php user) Blind SQL Injection Phenotype CMS 2.8 - 'login.php user' Blind SQL Injection webLeague 2.2.0 - (install.php) Remote Change Password Exploit webLeague 2.2.0 - 'install.php' Remote Change Password Exploit VS PANEL 7.5.5 - (results.php Cat_ID) SQL Injection VS PANEL 7.5.5 - 'results.php Cat_ID' SQL Injection WebVision 2.1 - (news.php n) SQL Injection WebVision 2.1 - 'news.php n' SQL Injection Silentum Guestbook 2.0.2 - (silentum_Guestbook.php) SQL Injection Silentum Guestbook 2.0.2 - 'silentum_Guestbook.php' SQL Injection Basilic 1.5.13 - (index.php idAuthor) SQL Injection Basilic 1.5.13 - 'index.php idAuthor' SQL Injection ProjectButler 1.5.0 - (pda_projects.php offset) Remote File Inclusion ProjectButler 1.5.0 - 'pda_projects.php offset' Remote File Inclusion Netpet CMS 1.9 - (confirm.php language) Local File Inclusion Netpet CMS 1.9 - 'confirm.php language' Local File Inclusion simplePHPWeb 0.2 - (files.php) Authentication Bypass simplePHPWeb 0.2 - 'files.php' Authentication Bypass Discloser 0.0.4-rc2 - (index.php more) SQL Injection Discloser 0.0.4-rc2 - 'index.php more' SQL Injection elgg 1.5 - (/_css/js.php) Local File Inclusion elgg 1.5 - '/_css/js.php' Local File Inclusion In-portal 4.3.1 - (index.php env) Local File Inclusion In-portal 4.3.1 - 'index.php env' Local File Inclusion E CMS 1.0 - (index.php s) SQL Injection E CMS 1.0 - 'index.php s' SQL Injection New5starRating 1.0 - (rating.php) SQL Injection New5starRating 1.0 - 'rating.php' SQL Injection Moa Gallery 1.2.0 - (index.php action) SQL Injection Moa Gallery 1.2.0 - 'index.php action' SQL Injection PAD Site Scripts 3.6 - (list.php string) SQL Injection PAD Site Scripts 3.6 - 'list.php string' SQL Injection PHPSANE 0.5.0 - (save.php) Remote File Inclusion PHPSANE 0.5.0 - 'save.php' Remote File Inclusion Modern Script 5.0 - (index.php s) SQL Injection Re-Script 0.99 Beta - (listings.php op) SQL Injection Modern Script 5.0 - 'index.php s' SQL Injection Re-Script 0.99 Beta - 'listings.php op' SQL Injection KingCMS 0.6.0 - (menu.php) Remote File Inclusion KingCMS 0.6.0 - 'menu.php' Remote File Inclusion Ve-EDIT 0.1.4 - (debug_PHP.php) Local File Inclusion Ve-EDIT 0.1.4 - 'debug_PHP.php' Local File Inclusion OBOphiX 2.7.0 - (fonctions_racine.php) Remote File Inclusion OBOphiX 2.7.0 - 'fonctions_racine.php' Remote File Inclusion PHPNagios 1.2.0 - (menu.php) Local File Inclusion PHPNagios 1.2.0 - 'menu.php' Local File Inclusion An image Gallery 1.0 - (navigation.php) Local Directory Traversal An image Gallery 1.0 - 'navigation.php' Local Directory Traversal Image voting 1.0 - (index.php show) SQL Injection Image voting 1.0 - 'index.php show' SQL Injection Aurora CMS 1.0.2 - (install.plugin.php) Remote File Inclusion Aurora CMS 1.0.2 - 'install.plugin.php' Remote File Inclusion efront 3.5.4 - (database.php path) Remote File Inclusion efront 3.5.4 - 'database.php path' Remote File Inclusion OpenSiteAdmin 0.9.7b - (pageHeader.php path) Remote File Inclusion OpenSiteAdmin 0.9.7b - 'pageHeader.php path' Remote File Inclusion ActiveBuyandSell 6.2 - (buyersend.asp catid) Blind SQL Injection ActiveBuyandSell 6.2 - 'buyersend.asp catid' Blind SQL Injection V.H.S. Booking - (hotel_habitaciones.php HotelID) SQL Injection V.H.S. Booking - 'hotel_habitaciones.php HotelID' SQL Injection Datenator 0.3.0 - (event.php id) SQL Injection Datenator 0.3.0 - 'event.php id' SQL Injection XlentCMS 1.0.4 - (downloads.php?cat) SQL Injection XlentCMS 1.0.4 - 'downloads.php?cat' SQL Injection Rezervi 3.0.2 - (mail.inc.php) Remote File Inclusion Rezervi 3.0.2 - 'mail.inc.php' Remote File Inclusion LightOpenCMS 0.1 - (smarty.php) Remote File Inclusion LightOpenCMS 0.1 - 'smarty.php' Remote File Inclusion ULoki Community Forum 2.1 - (usercp.php) Cross-Site Scripting ULoki Community Forum 2.1 - 'usercp.php' Cross-Site Scripting PHPCOIN 1.2.1 - (mod.php) SQL Injection PHPCOIN 1.2.1 - 'mod.php' SQL Injection PHPCOIN 1.2.1 - (mod.php) Local File Inclusion PHPCOIN 1.2.1 - 'mod.php' Local File Inclusion Anantasoft Gazelle CMS - Cross-Site Request Forgery Gazelle CMS - Cross-Site Request Forgery SiteX CMS 0.7.4 Beta - (/photo.php) SQL Injection SiteX CMS 0.7.4 Beta - '/photo.php' SQL Injection FCKEditor Core - (FileManager test.html) Arbitrary File Upload (1) FCKEditor Core - 'FileManager test.html' Arbitrary File Upload (1) WHMCS control (WHMCompleteSolution) - SQL Injection WHMCompleteSolution (WHMCS) control (WHMCompleteSolution) - SQL Injection WHMCS Control 2 - 'announcements.php' SQL Injection WHMCompleteSolution (WHMCS) Control 2 - 'announcements.php' SQL Injection tekno.Portal 0.1b - (makale.php id) SQL Injection tekno.Portal 0.1b - 'makale.php id' SQL Injection Heaven Soft CMS 4.7 - (photogallery_open.php) SQL Injection Heaven Soft CMS 4.7 - 'photogallery_open.php' SQL Injection Multi Vendor Mall - (itemdetail.php & shop.php) SQL Injection Multi Vendor Mall - 'itemdetail.php & shop.php' SQL Injection PPhlogger 2.2.5 - (trace.php) Remote Command Execution PPhlogger 2.2.5 - 'trace.php' Remote Command Execution Eyeland Studio Inc. - (game.php) SQL Injection Eyeland Studio Inc. - 'game.php' SQL Injection PHPDirector 0.30 - (videos.php) SQL Injection PHPDirector 0.30 - 'videos.php' SQL Injection PHPaaCMS 0.3.1 - (show.php?id=) SQL Injection PHPaaCMS 0.3.1 - 'show.php?id=' SQL Injection BS Business Directory - (articlesdetails.php) SQL Injection (PoC) BS Classifieds Ads - (articlesdetails.php) SQL Injection (PoC) BS Events Directory - (articlesdetails.php) SQL Injection (PoC) BS Business Directory - 'articlesdetails.php' SQL Injection (PoC) BS Classifieds Ads - 'articlesdetails.php' SQL Injection (PoC) BS Events Directory - 'articlesdetails.php' SQL Injection (PoC) Mayasan Portal 2.0 - (makaledetay.asp) SQL Injection Mayasan Portal 2.0 - (haberdetay.asp) SQL Injection Mayasan Portal 2.0 - 'makaledetay.asp' SQL Injection Mayasan Portal 2.0 - 'haberdetay.asp' SQL Injection PhotoPost PHP 4.6.5 - (ecard.php) SQL Injection PhotoPost PHP 4.6.5 - 'ecard.php' SQL Injection sNews 1.7 - (index.php?category) SQL Injection sNews 1.7 - 'index.php?category' SQL Injection Ananta Gazelle CMS - Multiple Vulnerabilities Gazelle CMS - Multiple Vulnerabilities CF Image Hosting Script 1.3 - (settings.cdb) Information Disclosure CF Image Hosting Script 1.3 - 'settings.cdb' Information Disclosure mBlogger 1.0.04 - (viewpost.php) SQL Injection mBlogger 1.0.04 - 'viewpost.php' SQL Injection mBlogger 1.0.04 - (addcomment.php) Persistent Cross-Site Scripting mBlogger 1.0.04 - 'addcomment.php' Persistent Cross-Site Scripting Chipmunk Board 1.3 - (index.php?forumID) SQL Injection Chipmunk Board 1.3 - 'index.php?forumID' SQL Injection SmarterMail 7.x - (7.2.3925) LDAP Injection SmarterMail 7.x (7.2.3925) - LDAP Injection xWeblog 2.2 - (oku.asp?makale_id) SQL Injection xWeblog 2.2 - (arsiv.asp tarih) SQL Injection xWeblog 2.2 - 'oku.asp?makale_id' SQL Injection xWeblog 2.2 - 'arsiv.asp tarih' SQL Injection FCKEditor Core 2.x 2.4.3 - (FileManager upload.php) Arbitrary File Upload FCKEditor Core 2.x 2.4.3 - 'FileManager upload.php' Arbitrary File Upload WebRCSdiff 0.9 - (viewver.php) Remote File Inclusion WebRCSdiff 0.9 - 'viewver.php' Remote File Inclusion Ananda Real Estate 3.4 - (list.asp) Multiple SQL Injection Ananda Real Estate 3.4 - 'list.asp' Multiple SQL Injection SquareCMS 0.3.1 - (post.php) SQL Injection SquareCMS 0.3.1 - 'post.php' SQL Injection PHP-AddressBook 6.2.4 - (group.php) SQL Injection PHP-AddressBook 6.2.4 - 'group.php' SQL Injection Ignition 1.3 - (page.php) Local File Inclusion Ignition 1.3 - 'page.php' Local File Inclusion AWBS 2.9.2 - (cart.php) Blind SQL Injection AWBS 2.9.2 - 'cart.php' Blind SQL Injection Woltlab Burning Board 2.3.6 Addon - (hilfsmittel.php) SQL Injection Woltlab Burning Board 2.3.6 Addon - 'hilfsmittel.php' SQL Injection WordPress Plugin PHP Speedy 0.5.2 - (admin_container.php) Remote Code Execution WordPress Plugin PHP Speedy 0.5.2 - 'admin_container.php' Remote Code Execution ilchClan 1.0.5 - (regist.php) SQL Injection ilchClan 1.0.5 - 'regist.php' SQL Injection OrangeHRM 2.6.3 - (PluginController.php) Local File Inclusion OrangeHRM 2.6.3 - 'PluginController.php' Local File Inclusion Traidnt UP 2.0 - (view.php) SQL Injection Traidnt UP 2.0 - 'view.php' SQL Injection osCommerce 2.3.1 - (banner_manager.php) Arbitrary File Upload osCommerce 2.3.1 - 'banner_manager.php' Arbitrary File Upload Extcalendar 2.0b2 - (cal_search.php) SQL Injection Extcalendar 2.0b2 - 'cal_search.php' SQL Injection WeBid 1.0.2 - (converter.php) Remote Code Execution WeBid 1.0.2 - 'converter.php' Remote Code Execution FCKEditor Core - (FileManager test.html) Arbitrary File Upload (2) FCKEditor Core - 'FileManager test.html' Arbitrary File Upload (2) MyBB Advanced Forum Signatures - (afsignatures-2.0.4) SQL Injection MyBB Advanced Forum Signatures - 'afsignatures-2.0.4' SQL Injection Ruubikcms 1.1.0 - (/extra/image.php) Local File Inclusion Ruubikcms 1.1.0 - '/extra/image.php' Local File Inclusion Dolphin 7.0.7 - (member_menu_queries.php) Remote PHP Code Injection Dolphin 7.0.7 - 'member_menu_queries.php' Remote PHP Code Injection WHMCompleteSolution (WHMCS) 3.x.x < 4.0.x - (cart.php) Local File Disclosure WHMCompleteSolution (WHMCS) 3.x.x < 4.0.x - 'cart.php' Local File Disclosure CMSmini 0.2.2 - Local File Inclusion CMS mini 0.2.2 - Local File Inclusion WHMCS 3.x.x - (clientarea.php) Local File Disclosure ZenPhoto 1.4.1.4 - (ajax_create_folder.php) Remote Code Execution PHPMyFAQ 2.7.0 - (ajax_create_folder.php) Remote Code Execution aidiCMS 3.55 - (ajax_create_folder.php) Remote Code Execution WHMCompleteSolution (WHMCS) 3.x.x - 'clientarea.php' Local File Disclosure ZenPhoto 1.4.1.4 - 'ajax_create_folder.php' Remote Code Execution PHPMyFAQ 2.7.0 - 'ajax_create_folder.php' Remote Code Execution aidiCMS 3.55 - 'ajax_create_folder.php' Remote Code Execution WordPress Plugin Zingiri 2.2.3 - (ajax_save_name.php) Remote Code Execution Support Incident Tracker 3.65 - (translate.php) Remote Code Execution WordPress Plugin Zingiri 2.2.3 - 'ajax_save_name.php' Remote Code Execution Support Incident Tracker 3.65 - 'translate.php' Remote Code Execution FreeWebShop 2.2.9 R2 - (ajax_save_name.php) Remote Code Execution FreeWebShop 2.2.9 R2 - 'ajax_save_name.php' Remote Code Execution Log1 CMS 2.0 - (ajax_create_folder.php) Remote Code Execution Log1 CMS 2.0 - 'ajax_create_folder.php' Remote Code Execution PmWiki 2.2.34 - (pagelist) Remote PHP Code Injection (2) (Metasploit) PmWiki 2.2.34 - 'pagelist' Remote PHP Code Injection (2) (Metasploit) Tiki Wiki CMS Groupware 8.2 - (snarf_ajax.php) Remote PHP Code Injection Tiki Wiki CMS Groupware 8.2 - 'snarf_ajax.php' Remote PHP Code Injection Mnews 1.1 - (view.php) SQL Injection Mnews 1.1 - 'view.php' SQL Injection appRain CMF 0.1.5 - (Uploadify.php) Unrestricted Arbitrary File Upload appRain CMF 0.1.5 - 'Uploadify.php' Unrestricted Arbitrary File Upload BASE 1.4.5 - (base_qry_main.php t_view) SQL Injection BASE 1.4.5 - 'base_qry_main.php t_view' SQL Injection Ananta Gazelle CMS - Update Statement SQL Injection Gazelle CMS 1.0 - Update Statement SQL Injection PHPFox 3.0.1 - (ajax.php) Remote Command Execution PHPFox 3.0.1 - 'ajax.php' Remote Command Execution OpenConf 4.11 - (author/edit.php) Blind SQL Injection OpenConf 4.11 - 'author/edit.php' Blind SQL Injection NewsAdd 1.0 - (lerNoticia.php id) SQL Injection Supernews 2.6.1 - (noticias.php cat) SQL Injection NewsAdd 1.0 - 'lerNoticia.php id' SQL Injection Supernews 2.6.1 - 'noticias.php cat' SQL Injection SN News 1.2 - (visualiza.php) SQL Injection SN News 1.2 - 'visualiza.php' SQL Injection PHPNet 1.8 - (ler.php) SQL Injection PHPNet 1.8 - 'ler.php' SQL Injection X-Cart Gold 4.5 - (products_map.php symb Parameter) Cross-Site Scripting X-Cart Gold 4.5 - 'products_map.php symb Parameter' Cross-Site Scripting Dell SonicWALL Scrutinizer 9.0.1 - (statusFilter.php q Parameter) SQL Injection Dell SonicWALL Scrutinizer 9.0.1 - 'statusFilter.php q Parameter' SQL Injection Symantec Web Gateway 5.0.2 - (blocked.php id Parameter) Blind SQL Injection Symantec Web Gateway 5.0.2 - 'blocked.php id Parameter' Blind SQL Injection Symantec Web Gateway 5.0.3.18 - (deptUploads_data.php groupid Parameter) Blind SQL Injection Symantec Web Gateway 5.0.3.18 - 'deptUploads_data.php groupid Parameter' Blind SQL Injection YourArcadeScript 2.4 - (index.php id Parameter) SQL Injection YourArcadeScript 2.4 - 'index.php id Parameter' SQL Injection vlinks 2.0.3 - (site.php id Parameter) SQL Injection vlinks 2.0.3 - 'site.php id Parameter' SQL Injection Blog Mod 0.1.9 - (index.php month Parameter) SQL Injection Blog Mod 0.1.9 - 'index.php month Parameter' SQL Injection MyBB Profile Albums Plugin 0.9 - (albums.php album Parameter) SQL Injection MyBB Profile Albums Plugin 0.9 - 'albums.php album Parameter' SQL Injection YeaLink IP Phone SIP-TxxP firmware 9.70.0.100 - Multiple Vulnerabilities YeaLink IP Phone SIP-TxxP Firmware 9.70.0.100 - Multiple Vulnerabilities Linksys WRT54GL (Firmware 4.30.15 build 2) - Multiple Vulnerabilities Linksys WRT54GL Firmware 4.30.15 build 2 - Multiple Vulnerabilities NConf 1.3 - (detail.php detail_admin_items.php id Parameter) SQL Injection NConf 1.3 - 'detail.php detail_admin_items.php id Parameter' SQL Injection DataLife Engine 9.7 - (preview.php) PHP Code Injection DataLife Engine 9.7 - 'preview.php' PHP Code Injection AdaptCMS 2.0.4 - (config.php question Parameter) SQL Injection AdaptCMS 2.0.4 - 'config.php question Parameter' SQL Injection CubeCart 5.2.0 - (cubecart.class.php) PHP Object Injection CubeCart 5.2.0 - 'cubecart.class.php' PHP Object Injection Piwigo 2.4.6 - (install.php) Arbitrary File Read/Delete Piwigo 2.4.6 - 'install.php' Arbitrary File Read/Delete OpenEMR 4.1.1 - (ofc_upload_image.php) Arbitrary File Upload OpenEMR 4.1.1 - 'ofc_upload_image.php' Arbitrary File Upload PHPMyRecipes 1.2.2 - (viewrecipe.php r_id Parameter) SQL Injection PHPMyRecipes 1.2.2 - 'viewrecipe.php r_id Parameter' SQL Injection MTP Image Gallery 1.0 - (edit_photos.php title Parameter) Cross-Site Scripting MTP Image Gallery 1.0 - 'edit_photos.php title Parameter' Cross-Site Scripting WordPress Plugin Count Per Day 3.2.5 - (counter.php) Cross-Site Scripting WordPress Plugin Count Per Day 3.2.5 - 'counter.php' Cross-Site Scripting AWS Xms 2.5 - (importer.php what Parameter) Directory Traversal Pollen CMS 0.6 - (index.php p Parameter) Local File Disclosure AWS Xms 2.5 - 'importer.php what Parameter' Directory Traversal Pollen CMS 0.6 - 'index.php p Parameter' Local File Disclosure WHMCS Group Pay Plugin 1.5 - (grouppay.php hash Parameter) SQL Injection WHMCompleteSolution (WHMCS) Group Pay Plugin 1.5 - 'grouppay.php hash Parameter' SQL Injection WHMCS 4.x - (invoicefunctions.php id Parameter) SQL Injection WHMCS 4.x - 'invoicefunctions.php id Parameter' SQL Injection AVE.CMS 2.09 - (index.php module Parameter) Blind SQL Injection AVE.CMS 2.09 - 'index.php module Parameter' Blind SQL Injection RadioCMS 2.2 - (menager.php playlist_id Parameter) SQL Injection RadioCMS 2.2 - 'menager.php playlist_id Parameter' SQL Injection NEXTWEB - (i)Site 'login.asp' SQL Injection NEXTWEB (i)Site - 'login.asp' SQL Injection Ruubikcms 1.1.1 - (tinybrowser.php folder Parameter) Directory Traversal Ruubikcms 1.1.1 - 'tinybrowser.php folder Parameter' Directory Traversal Simple PHP Agenda 2.2.8 - (edit_event.php eventid Parameter) SQL Injection Simple PHP Agenda 2.2.8 - 'edit_event.php eventid Parameter' SQL Injection Top Games Script 1.2 - (play.php gid Parameter) SQL Injection Top Games Script 1.2 - 'play.php gid Parameter' SQL Injection Elemata CMS RC3.0 - (global.php id Parameter) SQL Injection Elemata CMS RC3.0 - 'global.php id Parameter' SQL Injection PHP-Charts 1.0 - (index.php type Parameter) Remote Code Execution PHP-Charts 1.0 - 'index.php type Parameter' Remote Code Execution PHPSlash 0.8.1 - article.php SQL Injection PHPSlash 0.8.1 - 'article.php' SQL Injection Telmanik CMS Press 1.01b - (pages.php page_name Parameter) SQL Injection Telmanik CMS Press 1.01b - 'pages.php page_name Parameter' SQL Injection glFusion 1.3.0 - (search.php cat_id Parameter) SQL Injection glFusion 1.3.0 - 'search.php cat_id Parameter' SQL Injection Vtiger CRM 5.4.0 - (index.php onlyforuser Parameter) SQL Injection Vtiger CRM 5.4.0 - 'index.php onlyforuser Parameter' SQL Injection XAMPP 1.8.1 - (lang.php WriteIntoLocalDisk method) Local Write Access XAMPP 1.8.1 - 'lang.php WriteIntoLocalDisk method' Local Write Access WHMCS 5.2.7 - SQL Injection WHMCompleteSolution (WHMCS) 5.2.7 - SQL Injection PHPList 2.10.2 - 'index.php' Cross-Site Scripting phpList 2.10.2 - 'index.php' Cross-Site Scripting Dolibarr ERP/CMS 3.4.0 - (exportcsv.php sondage Parameter) SQL Injection Dolibarr ERP/CMS 3.4.0 - 'exportcsv.php sondage Parameter' SQL Injection WHMCS 5.2.8 - SQL Injection WHMCompleteSolution (WHMCS) 5.2.8 - SQL Injection Vanilla Forums 2.0 < 2.0.18.5 - (class.utilitycontroller.php) PHP Object Injection Vanilla Forums 2.0 < 2.0.18.5 - 'class.utilitycontroller.php' PHP Object Injection Project'Or RIA 3.4.0 - (objectDetail.php objectId Parameter) SQL Injection Project'Or RIA 3.4.0 - 'objectDetail.php objectId Parameter' SQL Injection Chamilo Lms 1.9.6 - (profile.php password0 Parameter) SQL Injection Dokeos 2.2 RC2 - (index.php language Parameter) SQL Injection Chamilo Lms 1.9.6 - 'profile.php password0 Parameter' SQL Injection Dokeos 2.2 RC2 - 'index.php language Parameter' SQL Injection WHMCS 4.x / 5.x - Multiple Web Vulnerabilities WHMCompleteSolution (WHMCS) 4.x / 5.x - Multiple Web Vulnerabilities SiteBar 3.3.8 - (translator.php) upd cmd Action edit Variable Arbitrary PHP Code Execution SiteBar 3.3.8 - 'translator.php' upd cmd Action edit Variable Arbitrary PHP Code Execution osCommerce 2.3.3.4 - (geo_zones.php zID Parameter) SQL Injection osCommerce 2.3.3.4 - 'geo_zones.php zID Parameter' SQL Injection Concrete5 5.6.2.1 - (index.php cID Parameter) SQL Injection Concrete5 5.6.2.1 - 'index.php cID Parameter' SQL Injection D-Link DIR-615 Hardware vE4 Firmware v5.10 - Cross-Site Request Forgery D-Link DIR-615 Hardware vE4 Firmware 5.10 - Cross-Site Request Forgery WordPress Plugin AdRotate 3.9.4 - (clicktracker.php track Parameter) SQL Injection WordPress Plugin AdRotate 3.9.4 - 'clicktracker.php track Parameter' SQL Injection Chipmunk Blog - members.php membername Parameter Cross-Site Scripting Chipmunk Blog - comments.php membername Parameter Cross-Site Scripting Chipmunk Blog - photos.php membername Parameter Cross-Site Scripting Chipmunk Blog - archive.php membername Parameter Cross-Site Scripting Chipmunk Blog - cat.php membername Parameter Cross-Site Scripting Chipmunk Blog - 'members.php' Cross-Site Scripting Chipmunk Blog - 'comments.php' Cross-Site Scripting Chipmunk Blog - 'photos.php' Cross-Site Scripting Chipmunk Blog - 'archive.php' Cross-Site Scripting Chipmunk Blog - 'cat.php' Cross-Site Scripting webERP 4.11.3 - (SalesInquiry.php SortBy Parameter) SQL Injection webERP 4.11.3 - 'SalesInquiry.php SortBy Parameter' SQL Injection ownCloud 4.0.x/4.5.x - (upload.php Filename Parameter) Remote Code Execution ownCloud 4.0.x/4.5.x - 'upload.php Filename Parameter' Remote Code Execution InterWorx Control Panel 5.0.13 build 574 - (xhr.php i Parameter) SQL Injection InterWorx Control Panel 5.0.13 build 574 - 'xhr.php i Parameter' SQL Injection kitForm CRM Extension 0.43 - (sorter.php sorter_value Parameter) SQL Injection kitForm CRM Extension 0.43 - 'sorter.php sorter_value Parameter' SQL Injection dompdf 0.6.0 - (dompdf.php read Parameter) Arbitrary File Read dompdf 0.6.0 - 'dompdf.php read Parameter' Arbitrary File Read ArticleFR 11.06.2014 - (data.php) Privilege Escalation ArticleFR 11.06.2014 - 'data.php' Privilege Escalation vBulletin 4.0.x < 4.1.2 - (search.php cat Parameter) SQL Injection vBulletin 4.0.x < 4.1.2 - 'search.php cat Parameter' SQL Injection Bacula-Web 5.2.10 - (joblogs.php jobid Parameter) SQL Injection Bacula-Web 5.2.10 - 'joblogs.php jobid Parameter' SQL Injection net2ftp 0.98 - (stable) 'admin1.template.php' Local File Inclusion / Remote File Inclusion net2ftp 0.98 (stable) - 'admin1.template.php' Local File Inclusion / Remote File Inclusion Piwigo 2.6.0 - (picture.php rate Parameter) SQL Injection Piwigo 2.6.0 - 'picture.php rate Parameter' SQL Injection PHPMyRecipes 1.2.2 - (dosearch.php words_exact Parameter) SQL Injection PHPMyRecipes 1.2.2 - 'dosearch.php words_exact Parameter' SQL Injection Anantasoft Gazelle CMS 1.0 - Cross-Site Scripting / SQL Injection Gazelle CMS 1.0 - Cross-Site Scripting / SQL Injection PHPMyRecipes 1.2.2 - (browse.php category Parameter) SQL Injection PHPMyRecipes 1.2.2 - 'browse.php category Parameter' SQL Injection u5CMS 3.9.3 - (deletefile.php) Arbitrary File Deletion u5CMS 3.9.3 - 'deletefile.php' Arbitrary File Deletion WordPress Plugin Freshmail 1.5.8 - (shortcode.php) SQL Injection WordPress Plugin Freshmail 1.5.8 - 'shortcode.php' SQL Injection CreateVision CreateVision CMS - 'id' Parameter SQL Injection CreateVision CMS - 'id' Parameter SQL Injection PHPCollab 2.5 - (deletetopics.php) SQL Injection PHPCollab 2.5 - 'deletetopics.php' SQL Injection Acuity CMS 2.6.2 - (ASP) '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution Acuity CMS 2.6.2 - '/admin/file_manager/file_upload_submit.asp' Multiple Parameter Arbitrary File Upload / Code Execution WHMCS - 'boleto_bb.php' SQL Injection WHMCompleteSolution (WHMCS) - 'boleto_bb.php' SQL Injection PHPList 2.10.9 - 'Sajax.php' PHP Code Injection phpList 2.10.9 - 'Sajax.php' PHP Code Injection WHMCompleteSolution - (WHMCS) 5.0 'KnowledgeBase.php' search Parameter Cross-Site Scripting WHMCompleteSolution (WHMCS) 5.0 - 'KnowledgeBase.php' search Parameter Cross-Site Scripting FCKEditor Core - (Editor 'spellchecker.php') Cross-Site Scripting FCKEditor Core - 'Editor 'spellchecker.php'' Cross-Site Scripting PHPList 2.10.18 - 'index.php' SQL Injection phpList 2.10.18 - 'index.php' SQL Injection WHMCS 4.5.2 - 'googlecheckout.php' SQL Injection WHMCompleteSolution (WHMCS) 4.5.2 - 'googlecheckout.php' SQL Injection SolarWinds Orion IP Address Manager - (IPAM) 'search.aspx' Cross-Site Scripting SolarWinds Orion IP Address Manager (IPAM) - 'search.aspx' Cross-Site Scripting PHP gettext 1.0.12 - (gettext.php) Unauthenticated Code Execution PHP gettext 1.0.12 - 'gettext.php' Unauthenticated Code Execution WHMCS Addon VMPanel 2.7.4 - SQL Injection WHMCompleteSolution (WHMCS) Addon VMPanel 2.7.4 - SQL Injection WD My Cloud Mirror 2.11.153 - Authentication Bypass / Remote Code Execution MyBB < 1.8.3 (with PHP 5.6 < 5.6.11) - Remote Code Execution	2017-01-25 05:01:18 +00:00
Offensive Security	08be47d8e2	DB: 2017-01-14 3 new exploits Mozilla Firefox < 50.1.0 - Use After Free Cisco Firepower Management Console 6.0 - Post Authentication UserAdd QuoteBook - 'poll.inc' Remote Config File Disclosure QuoteBook - Remote Config File Disclosure PHP-Fusion Mod vArcade 1.8 - (comment_id) SQL Injection Pizzis CMS 1.5.1 - (visualizza.php idvar) Blind SQL Injection PHP-Fusion Mod vArcade 1.8 - 'comment_id' Parameter SQL Injection Pizzis CMS 1.5.1 - Blind SQL Injection Joomla! Component com_xevidmegahd - 'catid' SQL Injection Joomla! Component com_xevidmegahd - SQL Injection DZcms 3.1 - (products.php pcat) SQL Injection DZcms 3.1 - SQL Injection phpMDJ 1.0.3 - (id_animateur) Blind SQL Injection XOOPS Module tadbook2 - 'open_book.php book_sn' SQL Injection phpMDJ 1.0.3 - 'id_animateur' Parameter Blind SQL Injection XOOPS Module tadbook2 - SQL Injection PHP-Fusion Mod the_kroax - 'comment_id' Parameter SQL Injection Social Engine - 'browse_classifieds.php s' SQL Injection PHP-Fusion Mod the_kroax - SQL Injection Social Engine - SQL Injection Zeroshell 3.6.0/3.7.0 Net Services - Remote Code Execution	2017-01-14 05:01:17 +00:00
Offensive Security	a0c8330781	DB: 2017-01-13 13 new exploits SeaMonkey 1.1.14 - (marquee) Denial of Service SeaMonkey 1.1.14 - Denial of Service Adobe Flash Player 24.0.0.186 - 'ActionGetURL2' Out-of-Bounds Memory Corruption Adobe Flash Player 24.0.0.186 - 'ActionGetURL2' Out-of-Bounds Memory Corruption (1) SapLPD 7.40 - Denial of Service CoolPlayer 2.19 - (PlaylistSkin) Buffer Overflow CoolPlayer 2.19 - 'PlaylistSkin' Buffer Overflow Rosoft media player 4.4.4 - Buffer Overflow (SEH) (2) Rosoft Media Player 4.4.4 - Buffer Overflow (SEH) (2) aSc Timetables 2017 - Buffer Overflow Nginx (Debian-Based Distributions) - 'logrotate' Local Privilege Escalation Nginx (Debian-Based + Gentoo) - 'logrotate' Local Privilege Escalation Cemu 1.6.4b - Information Leak + Buffer Overflow (Emulator Breakout) Cemu 1.6.4b - Information Leak / Buffer Overflow (Emulator Breakout) PlaySMS 0.7 - SQL Injection PlaySms 0.7 - SQL Injection SAP SAPLPD 6.28 - Buffer Overflow (Metasploit) SapLPD 6.28 - Buffer Overflow (Metasploit) Microsoft Windows Media Player 7.0 - '.wms' Arbitrary Script (MS00-090) phpMyFamily 1.4.0 - Authentication Bypass (SQL Injection) phpMyFamily 1.4.0 - Authentication Bypass ACNews 1.0 - Admin Authentication Bypass (SQL Injection) ACNews 1.0 - Authentication Bypass ASPThai.Net Guestbook 5.5 - (Authentication Bypass) SQL Injection ASPThai.Net Guestbook 5.5 - Authentication Bypass PNphpBB2 <= 1.2g - 'phpbb_root_path' Remote File Inclusion PNphpBB2 <= 1.2g - 'phpbb_root_path' Parameter Remote File Inclusion cutenews aj-fork 167f - 'cutepath' Parameter Remote File Inclusion CuteNews aj-fork 167f - 'cutepath' Parameter Remote File Inclusion WSN Guest 1.21 - (comments.php id) SQL Injection WSN Guest 1.21 - 'id' Parameter SQL Injection PNPHPBB2 <= 1.2 - (index.php c) SQL Injection PNPHPBB2 <= 1.2 - 'index.php' SQL Injection PNPHPBB2 <= 1.2i - viewforum.php SQL Injection PNPHPBB2 <= 1.2i - 'viewforum.php' SQL Injection PNPHPBB2 <= 1.2i - (printview.php PHPEx) Local File Inclusion PNPHPBB2 <= 1.2i - 'PHPEx' Parameter Local File Inclusion webClassifieds 2005 - (Authentication Bypass) SQL Injection webClassifieds 2005 - Authentication Bypass webSPELL 4.01.02 - 'id' Remote Edit Topics PNphpBB2 <= 12i - (ModName) Multiple Local File Inclusion WSN Guest 1.23 - 'Search' SQL Injection webSPELL 4.01.02 - 'id' Parameter Remote Edit Topics PNphpBB2 <= 1.2i - (ModName) Multiple Local File Inclusion WSN Guest 1.23 - 'Search' Parameter SQL Injection Ayemsis Emlak Pro - (Authentication Bypass) SQL Injection Ayemsis Emlak Pro - Authentication Bypass Joomla! Component com_phocadocumentation - 'id' SQL Injection phpauctionsystem - Cross-Site Scripting / SQL Injection Joomla! Component com_phocadocumentation - 'id' Parameter SQL Injection PHPAuctionSystem - Cross-Site Scripting / SQL Injection RiotPix 0.61 - (forumid) Blind SQL Injection RiotPix 0.61 - 'forumid' Parameter Blind SQL Injection RiotPix 0.61 - (Authentication Bypass) SQL Injection RiotPix 0.61 - Authentication Bypass playSms 0.9.3 - Multiple Remote / Local File Inclusion BlogHelper - 'common_db.inc' Remote Config File Disclosure PollHelper - 'poll.inc' Remote Config File Disclosure PlaySms 0.9.3 - Multiple Remote / Local File Inclusion BlogHelper - Remote Config File Disclosure PollHelper - Remote Config File Disclosure Fast FAQs System - (Authentication Bypass) SQL Injection Fast FAQs System - Authentication Bypass Fast Guest Book - (Authentication Bypass) SQL Injection Fast Guest Book - Authentication Bypass BKWorks ProPHP 0.50b1 - (Authentication Bypass) SQL Injection Weight Loss Recipe Book 3.1 - (Authentication Bypass) SQL Injection BKWorks ProPHP 0.50b1 - Authentication Bypass Weight Loss Recipe Book 3.1 - Authentication Bypass Dark Age CMS 0.2c Beta - (Authentication Bypass) SQL Injection Syzygy CMS 0.3 - (Authentication Bypass) SQL Injection Dark Age CMS 0.2c Beta - Authentication Bypass Syzygy CMS 0.3 - Authentication Bypass eFAQ - (Authentication Bypass) SQL Injection eReservations - (Authentication Bypass) SQL Injection The Walking Club - (Authentication Bypass) SQL Injection Ping IP - (Authentication Bypass) SQL Injection eFAQ - Authentication Bypass eReservations - Authentication Bypass The Walking Club - Authentication Bypass Ping IP - Authentication Bypass ASP ActionCalendar 1.3 - (Authentication Bypass) SQL Injection ASP ActionCalendar 1.3 - Authentication Bypass Click&Email - (Authentication Bypass) SQL Injection Click&Email - Authentication Bypass Web-Calendar Lite 1.0 - (Authentication Bypass) SQL Injection Web-Calendar Lite 1.0 - Authentication Bypass ClickAuction - (Authentication Bypass) SQL Injection ClickAuction - Authentication Bypass Netartmedia Car Portal 1.0 - (Authentication Bypass) SQL Injection Netartmedia Car Portal 1.0 - Authentication Bypass SalesCart - (Authentication Bypass) SQL Injection SalesCart - Authentication Bypass WholeHogSoftware Ware Support - (Authentication Bypass) SQL Injection WholeHogSoftware Password Protect - (Authentication Bypass) SQL Injection WholeHogSoftware Ware Support - Authentication Bypass WholeHogSoftware Password Protect - Authentication Bypass ClickCart 6.0 - (Authentication Bypass) SQL Injection ClickCart 6.0 - Authentication Bypass Online Grades 3.2.4 - (Authentication Bypass) SQL Injection Online Grades 3.2.4 - Authentication Bypass MyDesing Sayac 2.0 - (Authentication Bypass) SQL Injection MyDesing Sayac 2.0 - Authentication Bypass AuthPhp 1.0 - (Authentication Bypass) SQL Injection Mynews 0_10 - (Authentication Bypass) SQL Injection BlueBird Pre-Release - (Authentication Bypass) SQL Injection AuthPhp 1.0 - Authentication Bypass Mynews 0_10 - Authentication Bypass BlueBird Pre-Release - Authentication Bypass Grestul 1.x - Authentication Bypass (via Cookie SQL Injection) Grestul 1.x - Authentication Bypass (Cookie SQL Injection) XGuestBook 2.0 - (Authentication Bypass) SQL Injection XGuestBook 2.0 - Authentication Bypass PenPal 2.0 - (Authentication Bypass) SQL Injection PenPal 2.0 - Authentication Bypass BannerManager 0.81 - (Authentication Bypass) SQL Injection BannerManager 0.81 - Authentication Bypass Free PHP Petition Signing Script - (Authentication Bypass) SQL Injection Free PHP Petition Signing Script - Authentication Bypass Simbas CMS 2.0 - (Authentication Bypass) SQL Injection WebFileExplorer 3.1 - (Authentication Bypass) SQL Injection Simbas CMS 2.0 - Authentication Bypass WebFileExplorer 3.1 - Authentication Bypass My Dealer CMS 2.0 - (Authentication Bypass) SQL Injection My Dealer CMS 2.0 - Authentication Bypass XEngineSoft PMS/MGS/NM/Ams 1.0 - (Authentication Bypass) SQL Injection XEngineSoft PMS/MGS/NM/Ams 1.0 - Authentication Bypass NetHoteles 2.0/3.0 - (Authentication Bypass) SQL Injection NetHoteles 2.0/3.0 - Authentication Bypass Tiny Blogr 1.0.0 rc4 - (Authentication Bypass) SQL Injection Tiny Blogr 1.0.0 rc4 - Authentication Bypass ClanTiger 1.1.1 - (Authentication Bypass) SQL Injection ClanTiger 1.1.1 - Authentication Bypass Hot Project 7.0 - (Authentication Bypass) SQL Injection Hot Project 7.0 - Authentication Bypass EZ Webitor - (Authentication Bypass) SQL Injection EZ Webitor - Authentication Bypass Creasito E-Commerce 1.3.16 - (Authentication Bypass) SQL Injection Creasito E-Commerce 1.3.16 - Authentication Bypass I-Rater Pro/Plantinum 4.0 - (Authentication Bypass) SQL Injection I-Rater Pro/Plantinum 4.0 - Authentication Bypass 5 star Rating 1.2 - (Authentication Bypass) SQL Injection 5 star Rating 1.2 - Authentication Bypass Tiger Dms - (Authentication Bypass) SQL Injection Tiger Dms - Authentication Bypass The Recipe Script 5 - (Authentication Bypass) SQL Injection / DB Backup Realty Web-Base 1.0 - (Authentication Bypass) SQL Injection Luxbum 0.5.5/stable - (Authentication Bypass) SQL Injection The Recipe Script 5 - (Authentication Bypass) SQL Injection / Database Backup Realty Web-Base 1.0 - Authentication Bypass Luxbum 0.5.5/stable - Authentication Bypass My Game Script 2.0 - (Authentication Bypass) SQL Injection My Game Script 2.0 - Authentication Bypass Submitter Script - (Authentication Bypass) SQL Injection Submitter Script - Authentication Bypass PHP Dir Submit - (Authentication Bypass) SQL Injection PHP Dir Submit - Authentication Bypass DM FileManager 3.9.2 - (Authentication Bypass) SQL Injection DM FileManager 3.9.2 - Authentication Bypass VICIDIAL 2.0.5-173 - (Authentication Bypass) SQL Injection VICIDIAL 2.0.5-173 - Authentication Bypass Article Directory - (Authentication Bypass) SQL Injection Article Directory - Authentication Bypass phpBugTracker 1.0.3 - (Authentication Bypass) SQL Injection phpBugTracker 1.0.3 - Authentication Bypass Zen Help Desk 2.1 - (Authentication Bypass) SQL Injection Zen Help Desk 2.1 - Authentication Bypass EgyPlus 7ml 1.0.1 - (Authentication Bypass) SQL Injection EgyPlus 7ml 1.0.1 - Authentication Bypass Pixelactivo 3.0 - (Authentication Bypass) SQL Injection Pixelactivo 3.0 - Authentication Bypass MyCars Automotive - (Authentication Bypass) SQL Injection MyCars Automotive - Authentication Bypass Zip Store Chat 4.0/5.0 - (Authentication Bypass) SQL Injection Zip Store Chat 4.0/5.0 - Authentication Bypass AlumniServer 1.0.1 - (Authentication Bypass) SQL Injection AlumniServer 1.0.1 - Authentication Bypass ForumPal FE 1.1 - (Authentication Bypass) SQL Injection ForumPal FE 1.1 - Authentication Bypass Opial 1.0 - (Authentication Bypass) SQL Injection Opial 1.0 - Authentication Bypass webLeague 2.2.0 - (Authentication Bypass) SQL Injection webLeague 2.2.0 - Authentication Bypass AnotherPHPBook (APB) 1.3.0 - (Authentication Bypass) SQL Injection AnotherPHPBook (APB) 1.3.0 - Authentication Bypass SaphpLesson 4.0 - (Authentication Bypass) SQL Injection SaphpLesson 4.0 - Authentication Bypass Limny 1.01 - (Authentication Bypass) SQL Injection Limny 1.01 - Authentication Bypass Magician Blog 1.0 - (Authentication Bypass) SQL Injection Magician Blog 1.0 - Authentication Bypass AW BannerAd - (Authentication Bypass) SQL Injection AW BannerAd - Authentication Bypass Ajax Short URL Script - (Authentication Bypass) SQL Injection Ajax Short URL Script - Authentication Bypass TT Web Site Manager 0.5 - (Authentication Bypass) SQL Injection SimpleLoginSys 0.5 - (Authentication Bypass) SQL Injection TT Web Site Manager 0.5 - Authentication Bypass SimpleLoginSys 0.5 - Authentication Bypass Questions Answered 1.3 - (Authentication Bypass) SQL Injection Questions Answered 1.3 - Authentication Bypass Blink Blog System - (Authentication Bypass) SQL Injection Blink Blog System - Authentication Bypass MOC Designs PHP News 1.1 - (Authentication Bypass) SQL Injection MOC Designs PHP News 1.1 - Authentication Bypass PHotoLa Gallery 1.0 - (Authentication Bypass) SQL Injection PHotoLa Gallery 1.0 - Authentication Bypass PHPCityPortal - (Authentication Bypass) SQL Injection PHPCityPortal - Authentication Bypass Logoshows BBS 2.0 - (Authentication Bypass) SQL Injection Logoshows BBS 2.0 - Authentication Bypass SmilieScript 1.0 - (Authentication Bypass) SQL Injection SmilieScript 1.0 - Authentication Bypass humanCMS - (Authentication Bypass) SQL Injection humanCMS - Authentication Bypass Three Pillars Help Desk 3.0 - (Authentication Bypass) SQL Injection Three Pillars Help Desk 3.0 - Authentication Bypass AdsDX 3.05 - (Authentication Bypass) SQL Injection AdsDX 3.05 - Authentication Bypass Nephp Publisher Enterprise 4.5 - (Authentication Bypass) SQL Injection Nephp Publisher Enterprise 4.5 - Authentication Bypass W3infotech - (Authentication Bypass) SQL Injection W3infotech - Authentication Bypass Real Estate Portal X.0 - (Authentication Bypass) SQL Injection Real Estate Portal X.0 - Authentication Bypass PHP Inventory 1.2 - Remote Authentication Bypass (SQL Injection) PHP Inventory 1.2 - Authentication Bypass SitePal 1.1 - (Authentication Bypass) SQL Injection SitePal 1.1 - Authentication Bypass JM CMS 1.0 <= 1.0 - (Authentication Bypass) SQL Injection JM CMS 1.0 - Authentication Bypass Pre Hospital Management System - (Authentication Bypass) SQL Injection Pre Hospital Management System - Authentication Bypass Digiappz Freekot - (Authentication Bypass) SQL Injection Digiappz Freekot - Authentication Bypass Omnistar Affiliate - (Authentication Bypass) SQL Injection Omnistar Affiliate - Authentication Bypass PRE HOTELS&RESORTS MANAGEMENT SYSTEM - (Authentication Bypass) SQL Injection PRE HOTELS&RESORTS MANAGEMENT SYSTEM - Authentication Bypass Advance Biz Limited 1.0 - (Authentication Bypass) SQL Injection Advance Biz Limited 1.0 - Authentication Bypass e-topbiz banner exchange PHP - (Authentication Bypass) SQL Injection e-topbiz Slide Popups 1 PHP - (Authentication Bypass) SQL Injection e-topbiz banner exchange PHP - Authentication Bypass e-topbiz Slide Popups 1 PHP - Authentication Bypass Freewebscript'z Games - (Authentication Bypass) SQL Injection Freewebscript'z Games - Authentication Bypass DZOIC Handshakes - Authentication Bypass (SQL Injection) DZOIC Handshakes - Authentication Bypass DZOIC ClipHouse - Authentication Bypass (SQL Injection) DZOIC ClipHouse - Authentication Bypass PHP Car Rental-Script - (Authentication Bypass) SQL Injection PHP Car Rental-Script - Authentication Bypass Zen Tracking 2.2 - (Authentication Bypass) SQL Injection Baal Systems 3.8 - (Authentication Bypass) SQL Injection Zen Tracking 2.2 - Authentication Bypass Baal Systems 3.8 - Authentication Bypass Killmonster 2.1 - (Authentication Bypass) SQL Injection Killmonster 2.1 - Authentication Bypass Rostermain 1.1 - (Authentication Bypass) SQL Injection Rostermain 1.1 - Authentication Bypass NewsLetter Tailor - (Authentication Bypass) SQL Injection NewsLetter Tailor - Authentication Bypass WSN Guest 1.02 - (orderlinks) SQL Injection WSN Guest 1.02 - 'orderlinks' Parameter SQL Injection Project Man 1.0 - (Authentication Bypass) SQL Injection Project Man 1.0 - Authentication Bypass Uiga Fan Club 1.0 - (Authentication Bypass) SQL Injection Uiga Fan Club 1.0 - Authentication Bypass HazelPress Lite 0.0.4 - (Authentication Bypass) SQL Injection HazelPress Lite 0.0.4 - Authentication Bypass Majoda CMS - (Authentication Bypass) SQL Injection Majoda CMS - Authentication Bypass 4x CMS r26 - (Authentication Bypass) SQL Injection 4x CMS r26 - Authentication Bypass Satellite-X 4.0 - (Authentication Bypass) SQL Injection Huron CMS 8 11 2007 - (Authentication Bypass) SQL Injection Satellite-X 4.0 - Authentication Bypass Huron CMS 8 11 2007 - Authentication Bypass Zyke CMS 1.1 - (Authentication Bypass) SQL Injection Zyke CMS 1.1 - Authentication Bypass Online University - (Authentication Bypass) SQL Injection Online University - Authentication Bypass Online Job Board - (Authentication Bypass) SQL Injection Online Job Board - Authentication Bypass JE CMS 1.0.0 - Authentication Bypass (via SQL Injection) JE CMS 1.0.0 - Authentication Bypass ExtCalendar2 - (Authentication Bypass/Cookie) SQL Injection ExtCalendar2 - (Authentication Bypass / Cookie) SQL Injection SN News 1.2 - '/admin/loger.php' Authentication Bypass (SQL Injection) SN News 1.2 - '/admin/loger.php' Authentication Bypass RTTucson Quotations Database Script - (Authentication Bypass) SQL Injection RTTucson Quotations Database Script - Authentication Bypass PlaySms - 'index.php' Cross-Site Scripting PlaySms 0.8 - 'index.php' Cross-Site Scripting Practico CMS 13.7 - Authentication Bypass (SQL Injection) Practico CMS 13.7 - Authentication Bypass Airbnb Clone Script - Arbitrary File Upload Milw0rm Clone Script 1.0 - (Authentication Bypass) SQL Injection Milw0rm Clone Script 1.0 - Authentication Bypass PHPCollab CMS 2.5 - (emailusers.php) SQL Injection PHPCollab CMS 2.5 - 'emailusers.php' SQL Injection My link trader 1.1 - 'id' Parameter SQL Injection My Link Trader 1.1 - 'id' Parameter SQL Injection b2evolution 6.8.2 - Arbitrary File Upload Job Portal Script 9.11 - Authentication Bypass Online Food Delivery 2.04 - Authentication Bypass iTechscripts Freelancer Script 5.11 - 'sk' Parameter SQL Injection D-Link DIR-615 - Multiple Vulnerabilities School Management Software 2.75 - SQL Injection Penny Auction Script - Arbitrary File Upload ECommerce-TIBSECART - Arbitrary File Upload ECommerce-Multi-Vendor Software - Arbitrary File Upload	2017-01-13 05:01:18 +00:00
Offensive Security	3617e005f6	DB: 2017-01-12 16 new exploits VMware 2.5.1 - (VMware-authd) Remote Denial of Service VMware 2.5.1 - 'VMware-authd' Remote Denial of Service Adobe Flash Player 24.0.0.186 - 'ActionGetURL2' Out-of-Bounds Memory Corruption Adobe Flash Player 24.0.0.186 - 'ActionGetURL2' Out-of-Bounds Memory Corruption (2) Boxoft Wav 1.0 - Buffer Overflow VideoLAN VLC Media Player 2.2.1 - 'DecodeAdpcmImaQT' Buffer Overflow EleCard MPEG PLAYER - '.m3u' Local Stack Overflow Elecard MPEG Player - '.m3u' Local Stack Overflow Microsoft Windows Kernel - 'win32k.sys' 'NtSetWindowLongPtr' Privilege Escalation (MS16-135) Microsoft Windows Kernel - 'win32k.sys' 'NtSetWindowLongPtr' Privilege Escalation (MS16-135) (1) Boxoft WAV to MP3 Converter - convert Feature Buffer Overflow Boxoft WAV to MP3 Converter - 'convert' Buffer Overflow Microsoft Windows Kernel - 'win32k.sys' 'NtSetWindowLongPtr' Privilege Escalation (MS16-135) (2) Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098) Cemu 1.6.4b - Information Leak + Buffer Overflow (Emulator Breakout) Firejail - Privilege Escalation McAfee Virus Scan Enterprise for Linux - Remote Code Execution McAfee Virus Scan Enterprise for Linux 1.9.2 < 2.0.2 - Remote Code Execution Ansible 2.1.4 / 2.2.1 - Command Execution Eggblog < 3.07 - Remote SQL Injection / Privilege Escalation EggBlog < 3.07 - Remote SQL Injection / Privilege Escalation PowerClan 1.14a - (footer.inc.php) Remote File Inclusion PowerClan 1.14a - 'footer.inc.php' Remote File Inclusion Eggblog 3.1.0 - Cookies SQL Injection EggBlog 3.1.0 - Cookies SQL Injection eggBlog 4.0 - SQL Injection EggBlog 4.0 - SQL Injection 2Capsule - 'sticker.php id' SQL Injection 2Capsule - SQL Injection ASPThai.Net WebBoard 6.0 - (bview.asp) SQL Injection ASPThai.Net WebBoard 6.0 - SQL Injection Memberkit 1.0 - Remote Arbitrary .PHP File Upload phpScribe 0.9 - (user.cfg) Remote Config Disclosure Memberkit 1.0 - Arbitrary File Upload phpScribe 0.9 - 'user.cfg' Remote Config Disclosure PowerClan 1.14a - (Authentication Bypass) SQL Injection PowerClan 1.14a - Authentication Bypass Webspell 4 - (Authentication Bypass) SQL Injection webSPELL 4 - Authentication Bypass eggBlog 4.1.1 - Local Directory Traversal EggBlog 4.1.1 - Local Directory Traversal Travel Portal Script Admin Password Change - Cross-Site Request Forgery Travel Portal Script - Cross-Site Request Forgery (Admin Password Change) eggBlog 4.1.2 - Arbitrary File Upload EggBlog 4.1.2 - Arbitrary File Upload Eggblog 2.0 - blog.php id Parameter SQL Injection Eggblog 2.0 - topic.php message Parameter Cross-Site Scripting EggBlog 2.0 - 'id' Parameter SQL Injection EggBlog 2.0 - 'message' Parameter Cross-Site Scripting PowerClan 1.14 - member.php SQL Injection PowerClan 1.14 - 'member.php' SQL Injection SoftBizScripts Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection SoftBizScripts Dating Script 1.0 - products.php cid Parameter SQL Injection SoftBizScripts Dating Script 1.0 - 'index.php' cid Parameter SQL Injection SoftBizScripts Dating Script 1.0 - news_desc.php id Parameter SQL Injection SoftBizScripts Dating Script 1.0 - 'featured_photos.php' SQL Injection SoftBizScripts Dating Script 1.0 - 'products.php' SQL Injection SoftBizScripts Dating Script 1.0 - 'index.php' SQL Injection SoftBizScripts Dating Script 1.0 - 'news_desc.php' SQL Injection Dating Script 3.25 - SQL Injection Starting Page 1.3 - SQL Injection Starting Page 1.3 - 'linkid' Parameter SQL Injection Starting Page 1.3 - 'category' Parameter SQL Injection My link trader 1.1 - 'id' Parameter SQL Injection Blackboard LMS 9.1 SP14 - Cross-Site Scripting Huawei Flybox B660 - Cross-Site Request Forgery Travel Portal Script 9.33 - SQL Injection Movie Portal Script 7.35 - SQL Injection	2017-01-12 05:01:16 +00:00
Offensive Security	6a202bbb97	DB: 2016-12-27 4 new exploits Serv-U FTP Server < 5.2 - Remote Denial of Service RhinoSoft Serv-U FTP Server < 5.2 - Remote Denial of Service Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service RhinoSoft Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service Serv-U FTP Server 7.4.0.1 - (SMNT) Authenticated Denial of Service RhinoSoft Serv-U FTP Server 7.4.0.1 - (SMNT) Authenticated Denial of Service FTPShell Server 6.36 - '.csv' Local Denial of Service Serv-U FTP Server 3.x < 5.x - Privilege Escalation RhinoSoft Serv-U FTP Server 3.x < 5.x - Privilege Escalation Wampserver 3.0.6 - Insecure File Permissions Privilege Escalation Serv-U FTP Server 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit RhinoSoft Serv-U FTP Server 7.4.0.1 - 'MKD' Create Arbitrary Directories Exploit Serv-U FTP Server 2.4/2.5 - FTP Directory Traversal Cat Soft Serv-U FTP Server 2.4/2.5 - FTP Directory Traversal IndexScript 2.8 - (show_cat.php cat_id) SQL Injection IndexScript 2.8 - 'cat_id' Parameter SQL Injection GForge < 4.6b2 - (skill_delete) SQL Injection GForge < 4.6b2 - 'skill_delete' Parameter SQL Injection torrenttrader classic 1.07 - Multiple Vulnerabilities TorrentTrader Classic 1.07 - Multiple Vulnerabilities Camera Life 2.6.2 - 'id' SQL Injection Camera Life 2.6.2 - 'id' Parameter SQL Injection Full PHP Emlak Script - 'arsaprint.php id' SQL Injection Full PHP Emlak Script - 'arsaprint.php' SQL Injection CCMS 3.1 - (skin) Multiple Local File Inclusion CCMS 3.1 - 'skin' Parameter Local File Inclusion JMweb - Multiple (src) Local File Inclusion JMweb - 'src' Parameter Local File Inclusion geccBBlite 2.0 - (leggi.php id) SQL Injection geccBBlite 2.0 - 'id' Parameter SQL Injection PHP-Fusion Mod raidtracker_panel - (INFO_RAID_ID) SQL Injection PHP-Fusion Mod recept - (kat_id) SQL Injection PHP-Fusion Mod raidtracker_panel - 'INFO_RAID_ID' Parameter SQL Injection PHP-Fusion Mod recept - 'kat_id' Parameter SQL Injection Yerba SACphp 6.3 - (mod) Local File Inclusion Yerba SACphp 6.3 - Local File Inclusion Joomla! Component com_hotspots - (w) SQL Injection Joomla! Component com_hotspots - SQL Injection PHP Realtor 1.5 - (view_cat.php v_cat) SQL Injection PHP Auto Dealer 2.7 - (view_cat.php v_cat) SQL Injection PHP Autos 2.9.1 - (searchresults.php catid) SQL Injection Built2Go PHP Realestate 1.5 - (event_detail.php) SQL Injection PHP Realtor 1.5 - 'v_cat' Parameter SQL Injection PHP Auto Dealer 2.7 - 'v_cat' Parameter SQL Injection PHP Autos 2.9.1 - 'catid' Parameter SQL Injection Built2Go PHP Realestate 1.5 - 'event_detail.php' SQL Injection AdMan 1.1.20070907 - 'campaignId' SQL Injection AdMan 1.1.20070907 - 'campaignId' Parameter SQL Injection Gforge 4.5.19 - Multiple SQL Injections Gforge 4.6 rc1 - (skill_edit) SQL Injection GForge 4.5.19 - Multiple SQL Injections Gforge 4.6 rc1 - 'skill_edit' Parameter SQL Injection camera Life 2.6.2b4 - SQL Injection / Cross-Site Scripting Camera Life 2.6.2b4 - SQL Injection / Cross-Site Scripting IranMC Arad Center - 'news.php id' SQL Injection IranMC Arad Center - SQL Injection Ayco Okul Portali - (linkid) SQL Injection (tr) Ayco Okul Portali - 'linkid' Parameter SQL Injection Easynet4u faq Host - 'faq.php faq' SQL Injection Easynet4u faq Host - 'faq.php' SQL Injection MunzurSoft Wep Portal W3 - (kat) SQL Injection Easynet4u Link Host - 'cat_id' SQL Injection SlimCMS 1.0.0 - (redirect.php) Privilege Escalation Joomla! Component ownbiblio 1.5.3 - 'catid' SQL Injection MunzurSoft Wep Portal W3 - 'kat' Parameter SQL Injection Easynet4u Link Host - 'cat_id' Parameter SQL Injection SlimCMS 1.0.0 - 'redirect.php' Privilege Escalation Joomla! Component ownbiblio 1.5.3 - 'catid' Parameter SQL Injection Real Estate Scripts 2008 - 'index.php cat' SQL Injection Real Estate Scripts 2008 - 'cat' Parameter SQL Injection ParsBlogger - 'links.asp id' SQL Injection IndexScript 3.0 - (sug_cat.php parent_id) SQL Injection ParsBlogger - 'links.asp' SQL Injection IndexScript 3.0 - 'parent_id' Parameter SQL Injection XOOPS Module xhresim - 'index.php no' SQL Injection XOOPS Module xhresim - SQL Injection SezHoo 0.1 - (IP) Remote File Inclusion SezHoo 0.1 - Remote File Inclusion torrenttrader classic 1.09 - Multiple Vulnerabilities TorrentTrader Classic 1.09 - Multiple Vulnerabilities AdaptCMS Lite 1.5 2009-07-07 - Exploit AdaptCMS Lite 1.5 - Arbitrary Add Admin Absolute Poll Manager XE 4.1 - xlaapmview.asp Cross-Site Scripting Absolute Poll Manager XE 4.1 - 'xlaapmview.asp' Cross-Site Scripting GForge 3.1/4.5/4.6 - Verify.php Cross-Site Scripting GForge 3.1/4.5/4.6 - 'Verify.php' Cross-Site Scripting OpenNMS 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting OpenNMS 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting OpenNMS 1.5.x - event/list filter Parameter Cross-Site Scripting OpenNMS 1.5.x - 'j_username' Parameter Cross-Site Scripting OpenNMS 1.5.x - 'Username' Parameter Cross-Site Scripting OpenNMS 1.5.x - 'filter' Parameter Cross-Site Scripting ManageEngine ADManager Plus 5.2 Build 5210 - DomainConfig.do Operation Parameter Cross-Site Scripting ManageEngine ADManager Plus 5.2 Build 5210 - jsp/AddDC.jsp domainName Parameter Cross-Site Scripting ManageEngine ADManager Plus 5.2 Build 5210 - 'Operation' Parameter Cross-Site Scripting ManageEngine ADManager Plus 5.2 Build 5210 - 'domainName' Parameter Cross-Site Scripting Joomla! Component Blog Calendar - SQL Injection PHPMailer 5.2.17 - Remote Code Execution	2016-12-27 05:01:16 +00:00
Offensive Security	af66bcd9e5	DB: 2016-12-26 1 new exploits XAMPP Control Panel - Denial Of Service	2016-12-26 05:01:17 +00:00
Offensive Security	26b1e8b6ad	DB: 2016-12-23 10 new exploits Microsoft Internet Explorer 11 - MSHTML CPasteCommand::ConvertBitmaptoPng Heap-Based Buffer Overflow (MS14-056) Microsoft Internet Explorer 11 MSHTML - CSpliceTreeEngine::RemoveSplice Use-After-Free (MS14-035) Microsoft Internet Explorer 11 - MSHTML CSpliceTreeEngine::RemoveSplice Use-After-Free (MS14-035) macOS 10.12.1 Kernel - Writable Privileged IOKit Registry Properties Code Execution macOS 10.12 - Double vm_deallocate in Userspace MIG Code Use-After-Free macOS < 10.12.2 / iOS < 10.2 Kernel - ipc_port_t Reference Count Leak Due to Incorrect externalMethod Overrides Use-After-Free macOS 10.12.1 / iOS < 10.2 - powerd Arbitrary Port Replacement macOS 10.12.1 / iOS < 10.2 - syslogd Arbitrary Port Replacement IBM AIX 6.1/7.1/7.2 - 'Bellmail' Privilege Escalation Vesta Control Panel 0.9.8-16 - Local Privilege Escalation macOS < 10.12.2 / iOS < 10.2 Kernel - _kernelrpc_mach_port_insert_right_trap Reference Count Leak / Use-After-Free macOS < 10.12.2 / iOS < 10.2 - Broken Kernel Mach Port Name uref Handling Privileged Port Name Replacement Privilege Escalation PHP iCalendar 2.21 - (publish.ical.php) Remote Code Execution PHP iCalendar 2.21 - 'publish.ical.php' Remote Code Execution CzarNews 1.14 - (tpath) Remote File Inclusion CzarNews 1.14 - 'tpath' Parameter Remote File Inclusion N/X WCMS 4.1 - (nxheader.inc.php) Remote File Inclusion N/X WCMS 4.1 - 'nxheader.inc.php' Remote File Inclusion Powies pForum 1.29a - (editpoll.php) SQL Injection Powies pForum 1.29a - 'editpoll.php' SQL Injection AssetMan 2.4a - (download_pdf.php) Remote File Disclosure AssetMan 2.4a - 'download_pdf.php' Remote File Disclosure Orion-Blog 2.0 - (AdminBlogNewsEdit.asp) Remote Authentication Bypass Orion-Blog 2.0 - Remote Authentication Bypass Ol BookMarks Manager 0.7.4 - (root) Remote File Inclusion Ol BookMarks Manager 0.7.4 - 'root' Parameter Remote File Inclusion AdminBot 9.0.5 - (live_status.lib.php ROOT) Remote File Inclusion AdminBot 9.0.5 - 'live_status.lib.php' Remote File Inclusion WSN Links Basic Edition - (displaycat catid) SQL Injection WSN Links Basic Edition - 'catid' Parameter SQL Injection phpRealty 0.02 - (MGR) Multiple Remote File Inclusion phpRealty 0.02 - 'MGR' Parameter Multiple Remote File Inclusion jPORTAL 2 - mailer.php SQL Injection jPORTAL 2.3.1 - articles.php SQL Injection jPORTAL 2 - 'mailer.php' SQL Injection jPORTAL 2.3.1 - 'articles.php' SQL Injection AvailScript Jobs Portal Script - Authenticated (jid) SQL Injection AvailScript Jobs Portal Script - 'jid' Parameter SQL Injection PhpWebGallery 1.3.4 - Cross-Site Scripting / Local File Inclusion PHPWebGallery 1.3.4 - Cross-Site Scripting / Local File Inclusion D-iscussion Board 3.01 - (topic) Local File Inclusion D-iscussion Board 3.01 - 'topic' Parameter Local File Inclusion PhpWebGallery 1.3.4 - Blind SQL Injection PHPWebGallery 1.3.4 - Blind SQL Injection PhpWebGallery 1.3.4 - Blind SQL Injection pForum 1.30 - (showprofil.php id) SQL Injection WebPortal CMS 0.7.4 - (download.php aid) SQL Injection iBoutique 4.0 - (cat) SQL Injection SkaLinks 1.5 - (register.php) Arbitrary Add Editor vbLOGIX Tutorial Script 1.0 - 'cat_id' SQL Injection PHPWebGallery 1.3.4 - Blind SQL Injection pForum 1.30 - 'showprofil.php' SQL Injection WebPortal CMS 0.7.4 - 'download.php' SQL Injection iBoutique 4.0 - 'cat' Parameter SQL Injection SkaLinks 1.5 - 'register.php' Arbitrary Add Editor vbLOGIX Tutorial Script 1.0 - 'cat_id' Parameter SQL Injection pLink 2.07 - (linkto.php id) Blind SQL Injection pLink 2.07 - 'linkto.php' Blind SQL Injection FoT Video scripti 1.1b - (oyun) SQL Injection FoT Video scripti 1.1b - 'oyun' Parameter SQL Injection Pre Real Estate Listings - 'search.php c' SQL Injection Pre Real Estate Listings - 'search.php' SQL Injection iScripts EasyIndex - (produid) SQL Injection iScripts EasyIndex - 'produid' Parameter SQL Injection Hotel Reservation System - 'city.asp city' Blind SQL Injection phpRealty 0.3 - (INC) Remote File Inclusion PHP Crawler 0.8 - (footer) Remote File Inclusion Technote 7 - (shop_this_skin_path) Remote File Inclusion Hotel Reservation System - 'city.asp' Blind SQL Injection phpRealty 0.3 - 'INC' Parameter Remote File Inclusion PHP Crawler 0.8 - Remote File Inclusion Technote 7 - 'shop_this_skin_path' Parameter Remote File Inclusion E-PHP CMS - 'article.php es_id' SQL Injection addalink 4 - 'category_id' SQL Injection ProArcadeScript 1.3 - (random) SQL Injection CYASK 3.x - (collect.php neturl) Local File Disclosure Diesel Joke Site - 'picture_category.php id' SQL Injection ProActive CMS - 'template' Local File Inclusion E-PHP CMS - 'article.php' SQL Injection addalink 4 - 'category_id' Parameter SQL Injection ProArcadeScript 1.3 - 'random' Parameter SQL Injection CYASK 3.x - 'neturl' Parameter Local File Disclosure Diesel Joke Site - 'picture_category.php' SQL Injection ProActive CMS - 'template' Parameter Local File Inclusion Diesel Pay Script - (area) SQL Injection Plaincart 1.1.2 - (p) SQL Injection Oceandir 2.9 - (show_vote.php id) SQL Injection jPORTAL 2 - 'humor.php id' SQL Injection Diesel Pay Script - 'area' Parameter SQL Injection Plaincart 1.1.2 - 'p' Parameter SQL Injection Oceandir 2.9 - 'show_vote.php' SQL Injection jPORTAL 2 - 'humor.php' SQL Injection Diesel Job Site - (job_id) Blind SQL Injection Diesel Job Site - 'job_id' Parameter Blind SQL Injection e107 Plugin Image Gallery 0.9.6.2 - (image) SQL Injection e107 Plugin Image Gallery 0.9.6.2 - SQL Injection WSN Links 2.22/2.23 - (vote.php) SQL Injection WSN Links 2.22/2.23 - 'vote.php' SQL Injection BuzzyWall 1.3.1 - (search.php search) SQL Injection WCMS 1.0b - (news_detail.asp id) SQL Injection BuzzyWall 1.3.1 - 'search' Parameter SQL Injection WCMS 1.0b - 'news_detail.asp' SQL Injection OpenElec 3.01 - (form.php obj) Local File Inclusion OpenElec 3.01 - 'obj' Parameter Local File Inclusion basebuilder 2.0.1 - (main.inc.php) Remote File Inclusion Fez 1.3/2.0 RC1 - (list.php) SQL Injection basebuilder 2.0.1 - 'main.inc.php' Remote File Inclusion Fez 1.3/2.0 RC1 - 'list.php' SQL Injection OpenRat 0.8-beta4 - (tpl_dir) Remote File Inclusion Sofi WebGui 0.6.3 PRE - (mod_dir) Remote File Inclusion OpenRat 0.8-beta4 - 'tpl_dir' Parameter Remote File Inclusion Sofi WebGui 0.6.3 PRE - 'mod_dir' Parameter Remote File Inclusion JETIK-WEB Software - 'sayfa.php kat' SQL Injection JETIK-WEB Software - 'kat' Parameter SQL Injection WebPortal CMS 0.7.4 - (code) Remote Code Execution HotScripts Clone - 'cid' SQL Injection WebPortal CMS 0.7.4 - 'code' Parameter Remote Code Execution HotScripts Clone - 'cid' Parameter SQL Injection emergecolab 1.0 - (sitecode) Local File Inclusion mailwatch 1.0.4 - (docs.php doc) Local File Inclusion PHPcounter 1.3.2 - (defs.php l) Local File Inclusion emergecolab 1.0 - 'sitecode' Parameter Local File Inclusion mailwatch 1.0.4 - 'doc' Parameter Local File Inclusion PHPcounter 1.3.2 - 'defs.php' Local File Inclusion webcp 0.5.7 - (filelocation) Remote File Disclosure webcp 0.5.7 - 'filelocation' Parameter Remote File Disclosure LanSuite 3.3.2 - (design) Local File Inclusion PHPOCS 0.1-beta3 - (index.php act) Local File Inclusion Vikingboard 0.2 Beta - (task) Local File Inclusion LanSuite 3.3.2 - 'design' Parameter Local File Inclusion PHPOCS 0.1-beta3 - 'act' Parameter Local File Inclusion Vikingboard 0.2 Beta - 'task' Parameter Local File Inclusion barcodegen 2.0.0 - (class_dir) Remote File Inclusion barcodegen 2.0.0 - 'class_dir' Parameter Remote File Inclusion PHPcounter 1.3.2 - (index.php name) SQL Injection PHPcounter 1.3.2 - 'index.php' SQL Injection PhpWebGallery 1.7.2 - Session Hijacking / Code Execution PHPWebGallery 1.7.2 - Session Hijacking / Code Execution BuzzyWall 1.3.1 - (download id) Remote File Disclosure BuzzyWall 1.3.1 - 'id' Parameter Remote File Disclosure Pre Real Estate Listings - (Authentication Bypass) SQL Injection Pre Real Estate Listings - Authentication Bypass Netartmedia Real Estate Portal 1.2 - (ad_id) SQL Injection Netartmedia Real Estate Portal 1.2 - 'ad_id' Parameter SQL Injection SkaLinks 1.5 - (Authentication Bypass) SQL Injection SkaLinks 1.5 - Authentication Bypass diesel job site 1.4 - Multiple Vulnerabilities Diesel Job Site 1.4 - Multiple Vulnerabilities ProArcadeScript to Game - (game) SQL Injection ProArcadeScript to Game - SQL Injection Link Bid Script - 'links.php id' SQL Injection Link Bid Script - 'links.php' SQL Injection NetArt Media iBoutique 4.0 - (index.php key Parameter) SQL Injection iBoutique 4.0 - 'key' Parameter SQL Injection PHPForum 2.0 RC1 - Mainfile.php Remote File Inclusion PHPForum 2.0 RC1 - 'Mainfile.php' Remote File Inclusion JPortal 2.2.1 - print.php SQL Injection jPORTAL 2.2.1 - 'print.php' SQL Injection CzarNews 1.13/1.14 - headlines.php Remote File Inclusion CzarNews 1.13/1.14 - 'headlines.php' Remote File Inclusion JPortal 2.3.1 - Banner.php SQL Injection jPORTAL 2.3.1 - 'Banner.php' SQL Injection CJ Ultra Plus 1.0.3/1.0.4 - OUT.php SQL Injection CJ Ultra Plus 1.0.3/1.0.4 - 'OUT.php' SQL Injection JPortal 2.2.1/2.3.1 - download.php SQL Injection jPORTAL 2.2.1/2.3.1 - 'download.php' SQL Injection JPortal Web Portal 2.2.1/2.3.1 - comment.php id Parameter SQL Injection JPortal Web Portal 2.2.1/2.3.1 - news.php id Parameter SQL Injection JPortal Web Portal 2.2.1/2.3.1 - 'comment.php' SQL Injection JPortal Web Portal 2.2.1/2.3.1 - 'news.php' SQL Injection PHPWCMS 1.2.5 -DEV - random_image.php imgdir Parameter Traversal Arbitrary File Access PHPWCMS 1.2.5 -DEV - 'imgdir' Parameter Traversal Arbitrary File Access JPortal 2.2.1/2.3 Forum - forum.php SQL Injection jPORTAL 2.2.1/2.3 Forum - 'forum.php' SQL Injection Diesel Joke Site - Category.php SQL Injection Diesel Joke Site - 'Category.php' SQL Injection TinyPHPForum 3.6 - error.php Information Disclosure TinyPHPForum 3.6 - UpdatePF.php Authentication Bypass TinyPHPForum 3.6 - 'error.php' Information Disclosure TinyPHPForum 3.6 - 'UpdatePF.php' Authentication Bypass Vikingboard Viking board 0.1b - help.php act Parameter Cross-Site Scripting Vikingboard Viking board 0.1b - report.php p Parameter Cross-Site Scripting Vikingboard 0.1 - topic.php SQL Injection Vikingboard 0.1b - 'help.php' Cross-Site Scripting Vikingboard 0.1b - 'report.php' Cross-Site Scripting Vikingboard 0.1 - 'topic.php' SQL Injection PHP iCalendar 1.1/2.x - day.php Multiple Parameter Cross-Site Scripting PHP iCalendar 1.1/2.x - month.php Multiple Parameter Cross-Site Scripting PHP iCalendar 1.1/2.x - year.php Multiple Parameter Cross-Site Scripting PHP iCalendar 1.1/2.x - week.php Multiple Parameter Cross-Site Scripting PHP iCalendar 1.1/2.x - search.php Multiple Parameter Cross-Site Scripting PHP iCalendar 1.1/2.x - rss/index.php getdate Parameter Cross-Site Scripting PHP iCalendar 1.1/2.x - print.php getdate Parameter Cross-Site Scripting PHP iCalendar 1.1/2.x - preferences.php Multiple Parameter Cross-Site Scripting PHP iCalendar 1.1/2.x - 'day.php' Cross-Site Scripting PHP iCalendar 1.1/2.x - 'month.php' Cross-Site Scripting PHP iCalendar 1.1/2.x - 'year.php' Cross-Site Scripting PHP iCalendar 1.1/2.x - 'week.php' Cross-Site Scripting PHP iCalendar 1.1/2.x - 'search.php' Cross-Site Scripting PHP iCalendar 1.1/2.x - 'getdate' Parameter Cross-Site Scripting PHP iCalendar 1.1/2.x - 'print.php' Cross-Site Scripting PHP iCalendar 1.1/2.x - 'preferences.php' Cross-Site Scripting Vikingboard Viking board 0.1.2 - cp.php Multiple Parameter Cross-Site Scripting Vikingboard Viking board 0.1.2 - user.php u Parameter Cross-Site Scripting Vikingboard Viking board 0.1.2 - post.php Multiple Parameter Cross-Site Scripting Vikingboard Viking board 0.1.2 - topic.php s Parameter Cross-Site Scripting Vikingboard Viking board 0.1.2 - forum.php debug Variable Information Disclosure Vikingboard Viking board 0.1.2 - cp.php debug Variable Information Disclosure Vikingboard 0.1.2 - 'cp.php' Cross-Site Scripting Vikingboard 0.1.2 - 'user.php' Cross-Site Scripting Vikingboard 0.1.2 - 'post.php' Cross-Site Scripting Vikingboard 0.1.2 - 'topic.php' Cross-Site Scripting Vikingboard 0.1.2 - 'forum.php' Information Disclosure Vikingboard 0.1.2 - 'cp.php' Information Disclosure PaysiteReviewCMS 1.1 - search.php q Parameter Cross-Site Scripting PaysiteReviewCMS - image.php image Parameter Cross-Site Scripting PaysiteReviewCMS 1.1 - 'search.php' Cross-Site Scripting PaysiteReviewCMS - 'image.php' Cross-Site Scripting BuzzScripts BuzzyWall 1.3.2 - 'resolute.php' Information Disclosure BuzzyWall 1.3.2 - 'resolute.php' Information Disclosure	2016-12-23 05:01:18 +00:00
Offensive Security	a099e58626	DB: 2016-12-22 3 new exploits Android - getpidcon Usage binder Service Replacement Race Condition Google Android - getpidcon Usage binder Service Replacement Race Condition ADODB < 4.70 - (tmssql.php) Denial of Service ADODB < 4.70 - 'tmssql.php' Denial of Service FlashGet 3.x - IEHelper Remote Exec (PoC) FlashGet 3.x - IEHelper Remote Execution (PoC) SopCast SopCore Control ActiveX - Remote Exec (PoC) UUSee ReliPlayer ActiveX - Remote Exec (PoC) SPlayer XvidDecoder 3.3 - ActiveX Remote Exec (PoC) SopCast SopCore Control ActiveX - Remote Execution (PoC) UUSee ReliPlayer ActiveX - Remote Execution (PoC) SPlayer XvidDecoder 3.3 - ActiveX Remote Execution (PoC) Xunlei XPPlayer 5.9.14.1246 - ActiveX Remote Exec (PoC) Xunlei XPPlayer 5.9.14.1246 - ActiveX Remote Execution (PoC) EViews 7.0.0.1 - (aka 7.2) Multiple Vulnerabilities EViews 7.0.0.1 (aka 7.2) - Multiple Vulnerabilities Android Kernel 2.6 - Local Denial of Service Crash (PoC) Google Android Kernel 2.6 - Local Denial of Service Crash (PoC) IBM solidDB 6.0.10 - (Format String and Denial of Service) Multiple Vulnerabilities IBM solidDB 6.0.10 - Format String / Denial of Service OpenLDAP 2.4.22 - ('modrdn' Request) Multiple Vulnerabilities OpenLDAP 2.4.22 - 'modrdn' Request Multiple Vulnerabilities Apple Mac OSX Regex Engine (TRE) - (Integer Signedness and Overflow) Multiple Vulnerabilities Apple Mac OSX Regex Engine (TRE) - Integer Signedness / Overflow Android - ih264d_process_intra_mb Memory Corruption Google Android - 'ih264d_process_intra_mb' Memory Corruption Android - IOMX getConfig/getParameter Information Disclosure Android - IMemory Native Interface is Insecure for IPC Use Google Android - IOMX getConfig/getParameter Information Disclosure Google Android - IMemory Native Interface is Insecure for IPC Use Android Broadcom Wi-Fi Driver - Memory Corruption Google Android Broadcom Wi-Fi Driver - Memory Corruption Android - /system/bin/sdcard Stack Buffer Overflow Google Android - '/system/bin/sdcard' Stack Buffer Overflow Android - Insufficient Binder Message Verification Pointer Leak Android - 'gpsOneXtra' Data Files Denial of Service Google Android - Insufficient Binder Message Verification Pointer Leak Google Android - 'gpsOneXtra' Data Files Denial of Service Android - Binder Generic ASLR Leak Google Android - Binder Generic ASLR Leak Android - IOMXNodeInstance::enableNativeBuffers Unchecked Index Google Android - IOMXNodeInstance::enableNativeBuffers Unchecked Index Google Android - WifiNative::setHotlist Stack Overflow Google Android - WifiNative::setHotlist Stack Overflow Microsoft Edge - SIMD.toLocaleString Uninitialized Memory (MS16-145) Microsoft Edge - Internationalization Initialization Type Confusion (MS16-144) PHP 4.4.0 - (mysql_connect function) Local Buffer Overflow PHP 4.4.0 - 'mysql_connect function' Local Buffer Overflow Android 1.x/2.x - Privilege Escalation Google Android 1.x/2.x - Privilege Escalation Android - 'sensord' Privilege Escalation Google Android - 'sensord' Privilege Escalation tcpdump - ISAKMP Identification payload Integer Overflow tcpdump - ISAKMP Identification Payload Integer Overflow Smail 3.2.0.120 - Heap Overflow Smail 3.2.0.120 - Heap Overflow HP Mercury Quality Center 9.0 build 9.1.0.4352 - SQL Execution Exploit HP Mercury Quality Center 9.0 build 9.1.0.4352 - SQL Execution Motorola Wimax modem CPEi300 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities Motorola Wimax modem CPEi300 - File Disclosure / Cross-Site Scripting navicopa WebServer 3.0.1 - (Buffer Overflow / Script Source Disclosure) Multiple Vulnerabilities navicopa WebServer 3.0.1 - Buffer Overflow / Script Source Disclosure dwebpro 6.8.26 - (Directory Traversal/File Disclosure) Multiple Vulnerabilities dwebpro 6.8.26 - Directory Traversal / File Disclosure citrix xencenterweb - (Cross-Site Scripting / SQL Injection / Remote Code Execution) Multiple Vulnerabilities citrix xencenterweb - Cross-Site Scripting / SQL Injection / Remote Code Execution Adobe GetPlus get_atlcom 1.6.2.48 - ActiveX Remote Exec (PoC) Trend Micro Web-Deployment ActiveX - Remote Exec (PoC) Adobe GetPlus get_atlcom 1.6.2.48 - ActiveX Remote Execution (PoC) Trend Micro Web-Deployment ActiveX - Remote Execution (PoC) Apache OFBiz - SQL Remote Execution PoC Payload Apache OFBiz - FULLADMIN Creator PoC Payload Apache OFBiz - Remote Execution (via SQL Execution) (PoC) Apache OFBiz - Admin Creator (PoC) Android 2.0 < 2.1 - Reverse Shell Exploit Google Android 2.0 < 2.1 - Reverse Shell Exploit Android 2.0/2.1 - Use-After-Free Remote Code Execution on Webkit Google Android 2.0/2.1 - Use-After-Free Remote Code Execution on Webkit Android 2.0 / 2.1 /2.1.1 - WebKit Use-After-Free Exploit Google Android 2.0/2.1/2.1.1 - WebKit Use-After-Free Exploit Android - Inter-Process munmap with User-Controlled Size in android.graphics.Bitmap Google Android - Inter-Process munmap with User-Controlled Size in android.graphics.Bitmap ASUS RT-AC66U - 'acsd' Parameter Remote Command Execution ASUS RT-AC66U - 'acsd' Parameter Remote Command Execution WinComLPD Total 3.0.2.623 - (Buffer Overflow and Authentication Bypass) Multiple Vulnerabilities WinComLPD Total 3.0.2.623 - Buffer Overflow / Authentication Bypass Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow Google Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow McAfee ePolicy Orchestrator 4.6.0 < 4.6.5 - (ePowner) Multiple Vulnerabilities McAfee ePolicy Orchestrator 4.6.0 < 4.6.5 - 'ePowner' Multiple Vulnerabilities ServletExec - (Directory Traversal / Authentication Bypass) Multiple Vulnerabilities ServletExec - Directory Traversal / Authentication Bypass Android - 'Stagefright' Remote Code Execution Google Android - 'Stagefright' Remote Code Execution Android - libstagefright Integer Overflow Remote Code Execution Google Android - libstagefright Integer Overflow Remote Code Execution Android 2.3.5 - PowerVR SGX Driver Information Disclosure Google Android 2.3.5 - PowerVR SGX Driver Information Disclosure Android ADB Debug Server - Remote Payload Execution (Metasploit) Google Android ADB Debug Server - Remote Payload Execution (Metasploit) Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass) Google Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass) Android - 'BadKernel' Remote Code Execution Google Android - 'BadKernel' Remote Code Execution Android 5.0 <= 5.1.1 - 'Stagefright' .MP4 tx3g Integer Overflow (Metasploit) Google Android 5.0 <= 5.1.1 - 'Stagefright' .MP4 tx3g Integer Overflow (Metasploit) NETGEAR WNR2000v5 - Remote Code Execution Linux/x86 - portbind payload Shellcode (Generator) Windows XP SP1 - portbind payload Shellcode (Generator) Linux/x86 - Portbind Payload Shellcode (Generator) Windows XP SP1 - Portbind Payload Shellcode (Generator) Android - Telnetd (Port 1035) with Parameters Shellcode (248 bytes) Google Android - Telnetd (Port 1035) with Parameters Shellcode (248 bytes) phpCOIN 1.2.2 - (phpcoinsessid) SQL Inj / Remote Code Execution phpCOIN 1.2.2 - 'phpcoinsessid' SQL Injection / Remote Code Execution Aztek Forum 4.00 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities (PoC) Aztek Forum 4.00 - Cross-Site Scripting / SQL Injection Integramod Portal 2.x - (functions_portal.php) Remote File Inclusion Integramod Portal 2.x - 'functions_portal.php' Remote File Inclusion Integramod Portal 2.0 rc2 - 'phpbb_root_path' Remote File Inclusion Integramod Portal 2.0 rc2 - 'phpbb_root_path' Parameter Remote File Inclusion paBugs 2.0 Beta 3 - (class.mysql.php) Remote File Inclusion paBugs 2.0 Beta 3 - 'class.mysql.php' Remote File Inclusion Agora 1.4 RC1 - (MysqlfinderAdmin.php) Remote File Inclusion Agora 1.4 RC1 - 'MysqlfinderAdmin.php' Remote File Inclusion blogme 3.0 - (Cross-Site Scripting / Authentication Bypass) Multiple Vulnerabilities blogme 3.0 - Cross-Site Scripting / Authentication Bypass torrentflux 2.2 - (Arbitrary File Create/ Execute / Delete) Multiple Vulnerabilities torrentflux 2.2 - Arbitrary File Create/ Execute/Delete BBS E-Market Professional - (Full Path Disclosure / File Inclusion) Multiple Vulnerabilities BBS E-Market Professional - Full Path Disclosure / File Inclusion myPHPNuke Module My_eGallery 2.5.6 - 'basepath' Remote File Inclusion myPHPNuke Module My_eGallery 2.5.6 - 'basepath' Parameter Remote File Inclusion ig shop 1.0 - (Code Execution / SQL Injection) Multiple Vulnerabilities ig shop 1.0 - Code Execution / SQL Injection QUOTE&ORDERING SYSTEM 1.0 - (ordernum) Multiple Vulnerabilities QUOTE&ORDERING SYSTEM 1.0 - 'ordernum' Multiple Vulnerabilities vp-asp shopping cart 6.09 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities vp-asp shopping cart 6.09 - SQL Injection / Cross-Site Scripting forum livre 1.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities forum livre 1.0 - SQL Injection / Cross-Site Scripting otscms 2.1.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities otscms 2.1.5 - SQL Injection / Cross-Site Scripting Connectix Boards 0.7 - (p_skin) Multiple Vulnerabilities Connectix Boards 0.7 - 'p_skin' Multiple Vulnerabilities wbblog - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities wbblog - Cross-Site Scripting / SQL Injection PHP-Nuke Module Eve-Nuke 0.1 - (mysql.php) Remote File Inclusion PHP-Nuke Module Eve-Nuke 0.1 - 'mysql.php' Remote File Inclusion Quick and Dirty Blog (qdblog) 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities Quick and Dirty Blog (qdblog) 0.4 - SQL Injection / Local File Inclusion PHP Coupon Script 3.0 - (index.php bus) SQL Injection PHP Coupon Script 3.0 - 'bus' Parameter SQL Injection runawaysoft haber portal 1.0 - (tr) Multiple Vulnerabilities runawaysoft haber portal 1.0 - 'tr' Multiple Vulnerabilities NetClassifieds - (SQL Injection / Cross-Site Scripting / Full Path) Multiple Vulnerabilities NetClassifieds - SQL Injection / Cross-Site Scripting / Full Path bugmall shopping cart 2.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities bugmall shopping cart 2.5 - SQL Injection / Cross-Site Scripting PHPVID 0.9.9 - (categories_type.php cat) SQL Injection PHPVID 0.9.9 - 'categories_type.php' SQL Injection bcoos 1.0.10 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities bcoos 1.0.10 - Local File Inclusion / SQL Injection ftp Admin 0.1.0 - (Local File Inclusion / Cross-Site Scripting / Authentication Bypass) Multiple Vulnerabilities ftp Admin 0.1.0 - Local File Inclusion / Cross-Site Scripting / Authentication Bypass falcon CMS 1.4.3 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities falcon CMS 1.4.3 - Remote File Inclusion / Cross-Site Scripting gf-3xplorer 2.4 - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities gf-3xplorer 2.4 - Cross-Site Scripting / Local File Inclusion PortalApp 4.0 - (SQL Injection / Cross-Site Scripting / Authentication Bypass) Multiple Vulnerabilities PortalApp 4.0 - SQL Injection / Cross-Site Scripting / Authentication Bypass netrisk 1.9.7 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities netrisk 1.9.7 - Cross-Site Scripting / SQL Injection EasyClassifields 3.0 - (go) SQL Injection CMSbright - (id_rub_page) SQL Injection EasyClassifields 3.0 - 'go' Parameter SQL Injection CMSbright - 'id_rub_page' Parameter SQL Injection myPHPNuke < 1.8.8_8rc2 - 'artid' SQL Injection Coupon Script 4.0 - 'id' SQL Injection Reciprocal Links Manager 1.1 - (site) SQL Injection myPHPNuke < 1.8.8_8rc2 - 'artid' Parameter SQL Injection Coupon Script 4.0 - 'id' Parameter SQL Injection Reciprocal Links Manager 1.1 - 'site' Parameter SQL Injection CS-Cart 1.3.5 - (Authentication Bypass) SQL Injection Spice Classifieds - (cat_path) SQL Injection CS-Cart 1.3.5 - Authentication Bypass Spice Classifieds - 'cat_path' Parameter SQL Injection aspwebalbum 3.2 - (Arbitrary File Upload / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities aspwebalbum 3.2 - Arbitrary File Upload / SQL Injection / Cross-Site Scripting Living Local Website - 'listtest.php r' SQL Injection ACG-PTP 1.0.6 - 'adid' SQL Injection qwicsite pro - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities ACG-ScriptShop - 'cid' SQL Injection AWStats Totals - 'AWStatstotals.php sort' Remote Code Execution Living Local Website - 'listtest.php' SQL Injection ACG-PTP 1.0.6 - 'adid' Parameter SQL Injection qwicsite pro - SQL Injection / Cross-Site Scripting ACG-ScriptShop - 'cid' Parameter SQL Injection AWStats Totals 1.14 - 'AWStatstotals.php' Remote Code Execution Vastal I-Tech Agent Zone - (ann_id) SQL Injection Vastal I-Tech Visa Zone - (news_id) SQL Injection Vastal I-Tech Toner Cart - 'id' SQL Injection Vastal I-Tech Share Zone - 'id' SQL Injection Vastal I-Tech DVD Zone - 'cat_id' SQL Injection Vastal I-Tech Jobs Zone - (news_id) SQL Injection Vastal I-Tech MMORPG Zone - (game_id) SQL Injection Vastal I-Tech Mag Zone - 'cat_id' SQL Injection Vastal I-Tech Freelance Zone - (coder_id) SQL Injection Vastal I-Tech Cosmetics Zone - 'cat_id' SQL Injection EsFaq 2.0 - (idcat) SQL Injection Vastal I-Tech Shaadi Zone 1.0.9 - (tage) SQL Injection Vastal I-Tech Dating Zone - (fage) SQL Injection Vastal I-Tech Agent Zone - 'ann_id' Parameter SQL Injection Vastal I-Tech Visa Zone - 'news_id' Parameter SQL Injection Vastal I-Tech Toner Cart - 'id' Parameter SQL Injection Vastal I-Tech Share Zone - 'id' Parameter SQL Injection Vastal I-Tech DVD Zone - 'cat_id' Parameter SQL Injection Vastal I-Tech Jobs Zone - 'news_id' Parameter SQL Injection Vastal I-Tech MMORPG Zone - 'game_id' Parameter SQL Injection Vastal I-Tech Mag Zone - 'cat_id' Parameter SQL Injection Vastal I-Tech Freelance Zone - 'coder_id' Parameter SQL Injection Vastal I-Tech Cosmetics Zone - 'cat_id' Parameter SQL Injection EsFaq 2.0 - 'idcat' Parameter SQL Injection Vastal I-Tech Shaadi Zone 1.0.9 - 'tage' Parameter SQL Injection Vastal I-Tech Dating Zone - 'fage' Parameter SQL Injection Masir Camp E-Shop Module 3.0 - (ordercode) SQL Injection Alstrasoft Forum - (cat) SQL Injection Masir Camp E-Shop Module 3.0 - 'ordercode' Parameter SQL Injection Alstrasoft Forum - 'cat' Parameter SQL Injection Alstrasoft Forum - 'catid' SQL Injection Alstrasoft Forum - 'catid' Parameter SQL Injection Creator CMS 5.0 - (sideid) SQL Injection Creator CMS 5.0 - 'sideid' Parameter SQL Injection CMS Buzz - 'id' SQL Injection CMS Buzz - 'id' Parameter SQL Injection phpVID 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities Zanfi CMS lite / Jaw Portal free - 'page' SQL Injection PhpWebGallery 1.3.4 - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities Autodealers CMS AutOnline - (pageid) SQL Injection Sports Clubs Web Panel 0.0.1 - (p) Local File Inclusion PHPVID 1.1 - Cross-Site Scripting / SQL Injection Zanfi CMS lite / Jaw Portal free - 'page' Parameter SQL Injection PhpWebGallery 1.3.4 - Cross-Site Scripting / Local File Inclusion Autodealers CMS AutOnline - 'pageid' Parameter SQL Injection Sports Clubs Web Panel 0.0.1 - 'p' Parameter Local File Inclusion Autodealers CMS AutOnline - 'id' SQL Injection Sports Clubs Web Panel 0.0.1 - 'id' SQL Injection PhpWebGallery 1.3.4 - (cat) Blind SQL Injection Autodealers CMS AutOnline - 'id' Parameter SQL Injection Sports Clubs Web Panel 0.0.1 - 'id' Parameter SQL Injection PhpWebGallery 1.3.4 - Blind SQL Injection phpsmartcom 0.2 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities phpsmartcom 0.2 - Local File Inclusion / SQL Injection AvailScript Article Script - 'view.php v' SQL Injection AvailScript Article Script - 'view.php' SQL Injection Fastpublish CMS 1.9999 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities Fastpublish CMS 1.9999 - Local File Inclusion / SQL Injection mini-pub 0.3 - (File Disclosure/Code Execution) Multiple Vulnerabilities mini-pub 0.3 - File Disclosure / Code Execution websvn 2.0 - (Cross-Site Scripting / File Handling/Code Execution) Multiple Vulnerabilities websvn 2.0 - Cross-Site Scripting / File Handling / Code Execution phpdaily - (SQL Injection / Cross-Site Scripting / lfd) Multiple Vulnerabilities phpdaily - SQL Injection / Cross-Site Scripting / Local File Download questcms - (Cross-Site Scripting / Directory Traversal / SQL Injection) Multiple Vulnerabilities questcms - Cross-Site Scripting / Directory Traversal / SQL Injection MatPo Link 1.2b - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities MatPo Link 1.2b - Blind SQL Injection / Cross-Site Scripting WEBBDOMAIN WebShop 1.02 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities WEBBDOMAIN WebShop 1.02 - SQL Injection / Cross-Site Scripting Prozilla Software Directory - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities Prozilla Software Directory - Cross-Site Scripting / SQL Injection TurnkeyForms Local Classifieds - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities TurnkeyForms Local Classifieds - Cross-Site Scripting / SQL Injection zeeproperty 1.0 - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities zeeproperty 1.0 - Arbitrary File Upload / Cross-Site Scripting Openfire Server 3.6.0a - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Collabtive 0.4.8 - (Cross-Site Scripting / Authentication Bypass / Arbitrary File Upload) Multiple Vulnerabilities Openfire Server 3.6.0a - Authentication Bypass / SQL Injection / Cross-Site Scripting Collabtive 0.4.8 - Cross-Site Scripting / Authentication Bypass / Arbitrary File Upload MODx CMS 0.9.6.2 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities MODx CMS 0.9.6.2 - Remote File Inclusion / Cross-Site Scripting ftpzik - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities bandwebsite 1.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities ftpzik - Cross-Site Scripting / Local File Inclusion bandwebsite 1.5 - SQL Injection / Cross-Site Scripting nitrotech 0.0.3a - (Remote File Inclusion / SQL Injection) Multiple Vulnerabilities nitrotech 0.0.3a - Remote File Inclusion / SQL Injection chipmunk topsites - (Authentication Bypass / Cross-Site Scripting) Multiple Vulnerabilities Clean CMS 1.5 - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities chipmunk topsites - Authentication Bypass / Cross-Site Scripting Clean CMS 1.5 - Blind SQL Injection / Cross-Site Scripting Ocean12 Contact Manager Pro - (SQL Injection / Cross-Site Scripting / File Disclosure) Multiple Vulnerabilities Ocean12 Contact Manager Pro - SQL Injection / Cross-Site Scripting / File Disclosure comersus asp shopping cart - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities Comersus ASP Shopping Cart - File Disclosure / Cross-Site Scripting minimal ablog 0.4 - (SQL Injection / Arbitrary File Upload / Authentication Bypass) Multiple Vulnerabilities minimal ablog 0.4 - SQL Injection / Arbitrary File Upload / Authentication Bypass wbstreet 1.0 - (SQL Injection / File Disclosure) Multiple Vulnerabilities wbstreet 1.0 - SQL Injection / File Disclosure template creature - (SQL Injection / File Disclosure) Multiple Vulnerabilities template creature - SQL Injection / File Disclosure merlix educate servert - (Authentication Bypass/File Disclosure) Multiple Vulnerabilities merlix educate servert - Authentication Bypass / File Disclosure nightfall personal diary 1.0 - (Cross-Site Scripting / File Disclosure) Multiple Vulnerabilities nightfall personal diary 1.0 - Cross-Site Scripting / File Disclosure ASP AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities ASP AutoDealer - SQL Injection / File Disclosure aspmanage banners - (Arbitrary File Upload / File Disclosure) Multiple Vulnerabilities aspmanage banners - Arbitrary File Upload / File Disclosure asp talk - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities asp talk - SQL Injection / Cross-Site Scripting webcaf 1.4 - (Local File Inclusion / Remote Code Execution) Multiple Vulnerabilities webcaf 1.4 - Local File Inclusion / Remote Code Execution PHPmyGallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities PHPmyGallery 1.0beta2 - Remote File Inclusion / Local File Inclusion postecards - (SQL Injection / File Disclosure) Multiple Vulnerabilities postecards - SQL Injection / File Disclosure PHP Multiple Newsletters 2.7 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities PHP Multiple Newsletters 2.7 - Local File Inclusion / Cross-Site Scripting living Local 1.1 - (Cross-Site Scripting / Arbitrary File Upload) Multiple Vulnerabilities Pro Chat Rooms 3.0.2 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities living Local 1.1 - Cross-Site Scripting / Arbitrary File Upload Pro Chat Rooms 3.0.2 - Cross-Site Scripting / Cross-Site Request Forgery cf shopkart 5.2.2 - (SQL Injection / File Disclosure) Multiple Vulnerabilities cf shopkart 5.2.2 - SQL Injection / File Disclosure the net guys aspired2blog - (SQL Injection / File Disclosure) Multiple Vulnerabilities the net guys aspired2blog - SQL Injection / File Disclosure Joomla! Component live chat - (SQL Injection / Open Proxy) Multiple Vulnerabilities Joomla! Component live chat - SQL Injection / Open Proxy Simple Text-File Login script (SiTeFiLo) 1.0.6 - (File Disclosure / Remote File Inclusion) Multiple Vulnerabilities Simple Text-File Login script (SiTeFiLo) 1.0.6 - File Disclosure / Remote File Inclusion autositephp 2.0.3 - (Local File Inclusion / Cross-Site Request Forgery / Edit File) Multiple Vulnerabilities autositephp 2.0.3 - Local File Inclusion / Cross-Site Request Forgery / Edit File PHP weather 2.2.2 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities PHP weather 2.2.2 - Local File Inclusion / Cross-Site Scripting isweb CMS 3.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities isweb CMS 3.0 - SQL Injection / Cross-Site Scripting clickandemail - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities clickandemail - SQL Injection / Cross-Site Scripting Zelta E Store - (Arbitrary File Upload / Bypass / SQL Injection / Blind SQL Injection) Multiple Vulnerabilities Zelta E Store - Arbitrary File Upload / Bypass / SQL Injection / Blind SQL Injection chicomas 2.0.4 - (Database Backup/File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities chicomas 2.0.4 - Database Backup / File Disclosure / Cross-Site Scripting phpg 1.6 - (Cross-Site Scripting / Full Path Disclosure/Denial of Service) Multiple Vulnerabilities phpg 1.6 - Cross-Site Scripting / Full Path Disclosure / Denial of Service doop CMS 1.4.0b - (Cross-Site Request Forgery / Arbitrary File Upload) Multiple Vulnerabilities doop CMS 1.4.0b - Cross-Site Request Forgery / Arbitrary File Upload phpskelsite 1.4 - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities phpskelsite 1.4 - Remote File Inclusion / Local File Inclusion / Cross-Site Scripting ezpack 4.2b2 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities ezpack 4.2b2 - Cross-Site Scripting / SQL Injection Netvolution CMS 1.0 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities Netvolution CMS 1.0 - Cross-Site Scripting / SQL Injection rankem - (File Disclosure / Cross-Site Scripting / cm) Multiple Vulnerabilities blogit! - (SQL Injection / File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities rankem - File Disclosure / Cross-Site Scripting / Cookie blogit! - SQL Injection / File Disclosure / Cross-Site Scripting gamescript 4.6 - (Cross-Site Scripting / SQL Injection / Local File Inclusion) Multiple Vulnerabilities gamescript 4.6 - Cross-Site Scripting / SQL Injection / Local File Inclusion revou twitter clone - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities revou twitter clone - Cross-Site Scripting / SQL Injection bpautosales 1.0.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities bpautosales 1.0.1 - Cross-Site Scripting / SQL Injection sma-db 0.3.12 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities sma-db 0.3.12 - Remote File Inclusion / Cross-Site Scripting Android 'content://' URI - Multiple Information Disclosure Vulnerabilities Google Android - 'content://' URI Multiple Information Disclosure Vulnerabilities Power System Of Article Management 3.0 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities team 1.x - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities Power System Of Article Management 3.0 - File Disclosure / Cross-Site Scripting team 1.x - File Disclosure / Cross-Site Scripting gr blog 1.1.4 - (Arbitrary File Upload / Authentication Bypass) Multiple Vulnerabilities gr blog 1.1.4 - Arbitrary File Upload / Authentication Bypass Kipper 2.01 - (Cross-Site Scripting / Local File Inclusion / File Disclosure) Multiple Vulnerabilities Kipper 2.01 - Cross-Site Scripting / Local File Inclusion / File Disclosure SilverNews 2.04 - (Authentication Bypass / Local File Inclusion / Remote Code Execution) Multiple Vulnerabilities SilverNews 2.04 - Authentication Bypass / Local File Inclusion / Remote Code Execution AdaptCMS Lite 1.4 - (Cross-Site Scripting / Remote File Inclusion) Multiple Vulnerabilities SnippetMaster Webpage Editor 2.2.2 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities AdaptCMS Lite 1.4 - Cross-Site Scripting / Remote File Inclusion SnippetMaster Webpage Editor 2.2.2 - Remote File Inclusion / Cross-Site Scripting dacio's CMS 1.08 - (Cross-Site Scripting / SQL Injection / File Disclosure) Multiple Vulnerabilities dacio's CMS 1.08 - Cross-Site Scripting / SQL Injection / File Disclosure ideacart 0.02 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities ideacart 0.02 - Local File Inclusion / SQL Injection CmsFaethon 2.2.0 - (info.php item) SQL Command Injection CmsFaethon 2.2.0 - info.php item SQL Command Injection powermovielist 0.14b - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities powermovielist 0.14b - SQL Injection / Cross-Site Scripting Graugon Forum 1 - 'id' SQL Command Injection Graugon Forum 1 - 'id' Command Injection (via SQL Injection) irokez blog 0.7.3.2 - (Cross-Site Scripting / Remote File Inclusion / Blind SQL Injection) Multiple Vulnerabilities irokez blog 0.7.3.2 - Cross-Site Scripting / Remote File Inclusion / Blind SQL Injection ritsblog 0.4.2 - (Authentication Bypass / Cross-Site Scripting) Multiple Vulnerabilities ritsblog 0.4.2 - Authentication Bypass / Cross-Site Scripting blindblog 1.3.1 - (SQL Injection / Authentication Bypass / Local File Inclusion) Multiple Vulnerabilities tghostscripter Amazon Shop - (Cross-Site Scripting / Directory Traversal / Remote File Inclusion) Multiple Vulnerabilities blindblog 1.3.1 - SQL Injection / Authentication Bypass / Local File Inclusion tghostscripter Amazon Shop - Cross-Site Scripting / Directory Traversal / Remote File Inclusion Wili-CMS 0.4.0 - (Remote File Inclusion / Local File Inclusion / Authentication Bypass) Multiple Vulnerabilities Wili-CMS 0.4.0 - Remote File Inclusion / Local File Inclusion / Authentication Bypass PHP Director 0.21 - (sql into outfile) eval() Injection PHP Director 0.21 - (SQL into outfile) eval() Injection phpCommunity 2.1.8 - (SQL Injection / Directory Traversal / Cross-Site Scripting) Multiple Vulnerabilities phpCommunity 2.1.8 - SQL Injection / Directory Traversal / Cross-Site Scripting phpmysport 1.4 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities phpmysport 1.4 - Cross-Site Scripting / SQL Injection Kim Websites 1.0 - (Authentication Bypass) SQL Injection Kim Websites 1.0 - Authentication Bypass Bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities Bloginator 1a - Cookie Bypass / SQL Injection Pixie CMS - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities Pixie CMS - Cross-Site Scripting / SQL Injection Codice CMS 2 - SQL Command Execution Syzygy CMS 0.3 - Local File Inclusion / SQL Command Injection Codice CMS 2 - Command Execution (via SQL Injection) Syzygy CMS 0.3 - Local File Inclusion / SQL Injection acute control panel 1.0.0 - (SQL Injection / Remote File Inclusion) Multiple Vulnerabilities acute control panel 1.0.0 - SQL Injection / Remote File Inclusion Diskos CMS Manager - (SQL Injection / File Disclosure/Authentication Bypass) Multiple Vulnerabilities Diskos CMS Manager - SQL Injection / File Disclosure / Authentication Bypass ablespace 1.0 - (Cross-Site Scripting / Blind SQL Injection) Multiple Vulnerabilities PHP-revista 1.1.2 - (Remote File Inclusion / SQL Injection / Authentication Bypass / Cross-Site Scripting) Multiple Vulnerabilities ablespace 1.0 - Cross-Site Scripting / Blind SQL Injection PHP-revista 1.1.2 - Remote File Inclusion / SQL Injection / Authentication Bypass / Cross-Site Scripting flatnux 2009-03-27 - (Arbitrary File Upload / Information Disclosure) Multiple Vulnerabilities flatnux 2009-03-27 - Arbitrary File Upload / Information Disclosure fungamez rc1 - (Authentication Bypass / Local File Inclusion) Multiple Vulnerabilities fungamez rc1 - Authentication Bypass / Local File Inclusion pastelcms 0.8.0 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities pastelcms 0.8.0 - Local File Inclusion / SQL Injection mixedcms 1.0b - (Local File Inclusion / Arbitrary File Upload / Authentication Bypass/File Disclosure) Multiple Vulnerabilities mixedcms 1.0b - Local File Inclusion / Arbitrary File Upload / Authentication Bypass / File Disclosure fowlcms 1.1 - (Authentication Bypass / Local File Inclusion / Arbitrary File Upload) Multiple Vulnerabilities fowlcms 1.1 - Authentication Bypass / Local File Inclusion / Arbitrary File Upload photo-rigma.biz 30 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities photo-rigma.biz 30 - SQL Injection / Cross-Site Scripting Dew-NewPHPLinks 2.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Dew-NewPHPLinks 2.0 - Local File Inclusion / Cross-Site Scripting Leap CMS 0.1.4 - (SQL Injection / Cross-Site Scripting / Arbitrary File Upload) Multiple Vulnerabilities Leap CMS 0.1.4 - SQL Injection / Cross-Site Scripting / Arbitrary File Upload TemaTres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities TemaTres 1.0.3 - Authentication Bypass / SQL Injection / Cross-Site Scripting PHP recommend 1.3 - (Authentication Bypass / Remote File Inclusion / Code Inject) Multiple Vulnerabilities PHP recommend 1.3 - Authentication Bypass / Remote File Inclusion / Code Inject my-colex 1.4.2 - (Authentication Bypass / Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities my-gesuad 0.9.14 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities my-colex 1.4.2 - Authentication Bypass / Cross-Site Scripting / SQL Injection my-gesuad 0.9.14 - Authentication Bypass / SQL Injection / Cross-Site Scripting vidshare pro - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities vidshare pro - SQL Injection / Cross-Site Scripting asp inline Corporate Calendar - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities asp inline Corporate Calendar - SQL Injection / Cross-Site Scripting minitwitter 0.3-beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities minitwitter 0.3-beta - SQL Injection / Cross-Site Scripting small pirate 2.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities amember 3.1.7 - (Cross-Site Scripting / SQL Injection / HTML Injection) Multiple Vulnerabilities small pirate 2.1 - Cross-Site Scripting / SQL Injection amember 3.1.7 - Cross-Site Scripting / SQL Injection / HTML Injection elitecms 1.01 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities elitecms 1.01 - SQL Injection / Cross-Site Scripting flashlight free edition - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities flashlight free edition - Local File Inclusion / SQL Injection propertymax pro free - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities propertymax pro free - SQL Injection / Cross-Site Scripting virtue news - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities virtue news - SQL Injection / Cross-Site Scripting mrcgiguy freeticket - (Cookie Handling / SQL Injection) Multiple Vulnerabilities mrcgiguy freeticket - Cookie Handling / SQL Injection yogurt 0.3 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities yogurt 0.3 - Cross-Site Scripting / SQL Injection campus virtual-lms - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities campus virtual-lms - Cross-Site Scripting / SQL Injection translucid 1.75 - Multiple Vulnerabilities TransLucid 1.75 - Multiple Vulnerabilities impleo music Collection 2.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities impleo music Collection 2.0 - SQL Injection / Cross-Site Scripting adaptweb 0.9.2 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities adaptweb 0.9.2 - Local File Inclusion / SQL Injection CMS buzz - (Cross-Site Scripting / Password Change/HTML Injection) Multiple Vulnerabilities CMS buzz - Cross-Site Scripting / Password Change / HTML Injection elgg - (Cross-Site Scripting / Cross-Site Request Forgery/Change Password) Multiple Vulnerabilities elgg - Cross-Site Scripting / Cross-Site Request Forgery / Change Password phpCollegeExchange 0.1.5c - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities phpCollegeExchange 0.1.5c - Remote File Inclusion / Local File Inclusion / Cross-Site Scripting Tribiq CMS 5.0.12c - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities Tribiq CMS 5.0.12c - Cross-Site Scripting / Local File Inclusion Virtue Online Test Generator - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Virtue Online Test Generator - Authentication Bypass / SQL Injection / Cross-Site Scripting webasyst shop-script - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities webasyst shop-script - Blind SQL Injection / Cross-Site Scripting ebay clone 2009 - (Cross-Site Scripting / Blind SQL Injection) Multiple Vulnerabilities ebay clone 2009 - Cross-Site Scripting / Blind SQL Injection censura 1.16.04 - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities censura 1.16.04 - Blind SQL Injection / Cross-Site Scripting good/bad vote - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities good/bad vote - Cross-Site Scripting / Local File Inclusion mcshoutbox 1.1 - (SQL Injection / Cross-Site Scripting / shell) Multiple Vulnerabilities mcshoutbox 1.1 - SQL Injection / Cross-Site Scripting / shell Million-Dollar Pixel Ads Platinum - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Million-Dollar Pixel Ads Platinum - SQL Injection / Cross-Site Scripting almond Classifieds ads - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities skadate dating - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities XOOPS Celepar Module Qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities garagesalesjunkie - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities almond Classifieds ads - Blind SQL Injection / Cross-Site Scripting skadate dating - Remote File Inclusion / Local File Inclusion / Cross-Site Scripting XOOPS Celepar Module Qas - Blind SQL Injection / Cross-Site Scripting garagesalesjunkie - SQL Injection / Cross-Site Scripting iwiccle 1.01 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities iwiccle 1.01 - Local File Inclusion / SQL Injection Orbis CMS 1.0 - (File Delete/Download File / Arbitrary File Upload / SQL Injection) Multiple Vulnerabilities Orbis CMS 1.0 - File Delete / Download File / Arbitrary File Upload / SQL Injection cmsphp 0.21 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities d.net CMS - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities cmsphp 0.21 - Local File Inclusion / Cross-Site Scripting d.net CMS - Local File Inclusion / SQL Injection mobilelib gold 3.0 - (Authentication Bypass / SQL Injection) Multiple Vulnerabilities mobilelib gold 3.0 - Authentication Bypass / SQL Injection elvin bts 1.2.2 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities elvin bts 1.2.2 - SQL Injection / Cross-Site Scripting shopmaker CMS 2.0 - (Blind SQL Injection / Local File Inclusion) Multiple Vulnerabilities shopmaker CMS 2.0 - Blind SQL Injection / Local File Inclusion mybackup 1.4.0 - (File Download / Remote File Inclusion) Multiple Vulnerabilities tenrok 1.1.0 - (File Disclosure / Remote Code Execution) Multiple Vulnerabilities mybackup 1.4.0 - File Download / Remote File Inclusion tenrok 1.1.0 - File Disclosure / Remote Code Execution AccessoriesMe PHP Affiliate Script 1.4 - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities opennews 1.0 - (SQL Injection / Remote Code Execution) Multiple Vulnerabilities AccessoriesMe PHP Affiliate Script 1.4 - Blind SQL Injection / Cross-Site Scripting opennews 1.0 - SQL Injection / Remote Code Execution PHP Script Forum Hoster - (Topic Delete / Cross-Site Scripting) Multiple Vulnerabilities PHP Script Forum Hoster - Topic Delete / Cross-Site Scripting LM Starmail 2.0 - (SQL Injection / File Inclusion) Multiple Vulnerabilities LM Starmail 2.0 - SQL Injection / File Inclusion logoshows bbs 2.0 - (File Disclosure / Insecure Cookie Handling) Multiple Vulnerabilities logoshows bbs 2.0 - File Disclosure / Insecure Cookie Handling tgs CMS 0.x - (Cross-Site Scripting / SQL Injection / File Disclosure) Multiple Vulnerabilities tgs CMS 0.x - Cross-Site Scripting / SQL Injection / File Disclosure Vtiger CRM 5.0.4 - (Remote Code Execution / Cross-Site Request Forgery / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Vtiger CRM 5.0.4 - Remote Code Execution / Cross-Site Request Forgery / Local File Inclusion / Cross-Site Scripting totalcalendar 2.4 - (Blind SQL Injection / Local File Inclusion) Multiple Vulnerabilities totalcalendar 2.4 - Blind SQL Injection / Local File Inclusion nullam blog 0.1.2 - (Local File Inclusion / File Disclosure / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities nullam blog 0.1.2 - Local File Inclusion / File Disclosure / SQL Injection / Cross-Site Scripting gyro 5.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities gyro 5.0 - SQL Injection / Cross-Site Scripting Joomla! Component Hotel Booking System - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities Joomla! Component Hotel Booking System - Cross-Site Scripting / SQL Injection Micro CMS 3.5 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities Micro CMS 3.5 - SQL Injection / Local File Inclusion Ez Blog 1.0 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities Ez Blog 1.0 - Cross-Site Scripting / Cross-Site Request Forgery Recipe Script 5.0 - (Arbitrary File Upload / Cross-Site Request Forgery / Cross-Site Scripting) Multiple Vulnerabilities Recipe Script 5.0 - Arbitrary File Upload / Cross-Site Request Forgery / Cross-Site Scripting eUploader PRO 3.1.1 - (Cross-Site Request Forgery / Cross-Site Scripting) Multiple Vulnerabilities eUploader PRO 3.1.1 - Cross-Site Request Forgery / Cross-Site Scripting Pre Job Board 1.0 - SQL Bypass Pre Job Board 1.0 - SQL Authentication Bypass Pre Jobo .NET - SQL Bypass Pre Jobo .NET - SQL Authentication Bypass PHPDirector Game Edition 0.1 - (Local File Inclusion / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities PHPDirector Game Edition 0.1 - Local File Inclusion / SQL Injection / Cross-Site Scripting gridcc script 1.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities gridcc script 1.0 - SQL Injection / Cross-Site Scripting Layout CMS 1.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Layout CMS 1.0 - SQL Injection / Cross-Site Scripting KosmosBlog 0.9.3 - (SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities KosmosBlog 0.9.3 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery ZeusCMS 0.2 - (Database Backup Dump / Local File Inclusion) Multiple Vulnerabilities ZeusCMS 0.2 - Database Backup Dump / Local File Inclusion Katalog Stron Hurricane 1.3.5 - (Remote File Inclusion / SQL Injection) Multiple Vulnerabilities Katalog Stron Hurricane 1.3.5 - Remote File Inclusion / SQL Injection Open Source Classifieds 1.1.0 - Alpha (OSClassi) Multiple Vulnerabilities Open Source Classifieds 1.1.0 Alpha (OSClassi) - SQL Injection / Cross-Site Scripting / Arbitrary Admin Change phpMySite - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities phpMySite - Cross-Site Scripting / SQL Injection quality point 1.0 newsfeed - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities quality point 1.0 newsfeed - SQL Injection / Cross-Site Scripting DynPG CMS 4.1.0 - (popup.php and counter.php) Multiple Vulnerabilities DynPG CMS 4.1.0 - popup.php / counter.php Multiple Vulnerabilities jevoncms - (Local File Inclusion / Remote File Inclusion) Multiple Vulnerabilities jevoncms - Local File Inclusion / Remote File Inclusion SIESTTA 2.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities SIESTTA 2.0 - Local File Inclusion / Cross-Site Scripting JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerabilities JV2 Folder Gallery 3.1.1 - 'popup_slideshow.php' Multiple Vulnerabilities parlic Design - (SQL Injection / Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities parlic Design - SQL Injection / Cross-Site Scripting / HTML Injection MileHigh Creative - (SQL Injection / Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities MileHigh Creative - SQL Injection / Cross-Site Scripting / HTML Injection QuickTalk 1.2 - (Source Code Disclosure) Multiple Vulnerabilities QuickTalk 1.2 - Source Code Disclosure K-Search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities K-Search - SQL Injection / Cross-Site Scripting Macs CMS 1.1.4 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities Macs CMS 1.1.4 - Cross-Site Scripting / Cross-Site Request Forgery Guestbook Script PHP - (Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities Guestbook Script PHP - Cross-Site Scripting / HTML Injection Max's Guestbook - (HTML Injection / Cross-Site Scripting) Multiple Vulnerabilities Max's Guestbook - HTML Injection / Cross-Site Scripting Allpc 2.5 osCommerce - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Allpc 2.5 osCommerce - SQL Injection / Cross-Site Scripting TradeMC E-Ticaret - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities TradeMC E-Ticaret - SQL Injection / Cross-Site Scripting Cag CMS 0.2 - (Cross-Site Scripting / Blind SQL Injection) Multiple Vulnerabilities Cag CMS 0.2 - Cross-Site Scripting / Blind SQL Injection Tastydir 1.2 - (1216) Multiple Vulnerabilities Tastydir 1.2 (1216) - Multiple Vulnerabilities WordPress - 'do_trackbacks()' function SQL Injection WordPress 3.0.1 - 'do_trackbacks()' function SQL Injection F3Site 2011 alfa 1 - (Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities F3Site 2011 alfa 1 - Cross-Site Scripting / Cross-Site Request Forgery PHP Coupon Script 6.0 - (bus) Blind SQL Injection PHP Coupon Script 6.0 - 'bus' Parameter Blind SQL Injection GAzie 5.10 - (Login Parameter) Multiple Vulnerabilities GAzie 5.10 - Login Parameter Multiple Vulnerabilities BST - BestShopPro (nowosci.php) Multiple Vulnerabilities BST (BestShopPro) - 'nowosci.php' Multiple Vulnerabilities Fork CMS 3.2.4 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Fork CMS 3.2.4 - Local File Inclusion / Cross-Site Scripting DFLabs PTK 1.0.5 - (Steal Authentication Credentials) Multiple Vulnerabilities DFLabs PTK 1.0.5 - Steal Authentication Credentials Wolfcms 0.75 - (Cross-Site Request Forgery / Cross-Site Scripting) Multiple Vulnerabilities Wolfcms 0.75 - Cross-Site Request Forgery / Cross-Site Scripting Axous 1.1.1 - (Cross-Site Request Forgery / Persistent Cross-Site Scripting) Multiple Vulnerabilities Axous 1.1.1 - Cross-Site Request Forgery / Persistent Cross-Site Scripting myPHPNuke 1.8.8 - links.php Cross-Site Scripting myPHPNuke 1.8.8 - 'links.php' Cross-Site Scripting Flying Dog Software Powerslave 4.3 Portalmanager - sql_id Information Disclosure Flying Dog Software Powerslave 4.3 Portalmanager - 'sql_id' Information Disclosure PHPWebGallery 1.3.4/1.5.1 - comments.php Multiple Parameter SQL Injection PHPWebGallery 1.3.4/1.5.1 - category.php search Parameter SQL Injection PHPWebGallery 1.3.4/1.5.1 - picture.php image_id Parameter SQL Injection PHPWebGallery 1.3.4/1.5.1 - 'comments.php' SQL Injection PHPWebGallery 1.3.4/1.5.1 - 'category.php' SQL Injection PHPWebGallery 1.3.4/1.5.1 - 'picture.php' SQL Injection myPHPNuke 1.8.8 - reviews.php letter Parameter Cross-Site Scripting myPHPNuke 1.8.8 - download.php dcategory Parameter Cross-Site Scripting myPHPNuke 1.8.8 - 'reviews.php' Cross-Site Scripting myPHPNuke 1.8.8 - 'download.php' Cross-Site Scripting phpVID 1.2.3 - Multiple Vulnerabilities PHPVID 1.2.3 - Multiple Vulnerabilities PHPWebGallery 1.4.1 - category.php Multiple Parameter Cross-Site Scripting PHPWebGallery 1.4.1 - picture.php Multiple Parameter Cross-Site Scripting PHPWebGallery 1.4.1 - 'category.php' Cross-Site Scripting PHPWebGallery 1.4.1 - 'picture.php' Cross-Site Scripting phpMyAdmin 2.7 - sql.php Cross-Site Scripting phpMyAdmin 2.7 - 'sql.php' Cross-Site Scripting ADOdb 4.6/4.7 - Tmssql.php Cross-Site Scripting ADODB 4.6/4.7 - 'Tmssql.php' Cross-Site Scripting PHPWebGallery 1.x - comments.php Cross-Site Scripting PHPWebGallery 1.x - 'comments.php' Cross-Site Scripting MySQLDumper 1.21 - sql.php Cross-Site Scripting MySQLDumper 1.21 - 'sql.php' Cross-Site Scripting KikChat - (Local File Inclusion / Remote Code Execution) Multiple Vulnerabilities KikChat - Local File Inclusion / Remote Code Execution EasyE-Cards 3.10 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities EasyE-Cards 3.10 - SQL Injection / Cross-Site Scripting LuxCal 3.2.2 - (Cross-Site Request Forgery/Blind SQL Injection) Multiple Vulnerabilities LuxCal 3.2.2 - Cross-Site Request Forgery / Blind SQL Injection Vastal I-Tech DVD Zone - view_mag.php mag_id Parameter SQL Injection Vastal I-Tech DVD Zone - view_mag.php mag_id Parameter Cross-Site Scripting Vastal I-Tech DVD Zone - 'view_mag.php' SQL Injection Vastal I-Tech DVD Zone - 'view_mag.php' Cross-Site Scripting Interspire Email Marketer - (Cross-Site Scripting / HTML Injection / SQL Injection) Multiple Vulnerabilities Interspire Email Marketer - Cross-Site Scripting / HTML Injection / SQL Injection ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Query Execution ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Execution miniMySQLAdmin 1.1.3 - Cross-Site Request Forgery (Execute SQL Query) miniMySQLAdmin 1.1.3 - Cross-Site Request Forgery (SQL Execution) ntop-ng 2.5.160805 - Username Enumeration ntop-ng 2.5.160805 - Username Enumeration	2016-12-22 05:01:16 +00:00
Offensive Security	be57520c6f	DB: 2016-12-21 2 new exploits FlashGet 1.9 - (FTP PWD Response) Remote Buffer Overflow (PoC) FlashGet 1.9 - 'FTP PWD Response' Remote Buffer Overflow (PoC) VMware Workstation - 'hcmon.sys 6.0.0.45731' Local Denial of Service VMware Workstation 6.5.1 - 'hcmon.sys 6.0.0.45731' Local Denial of Service Flashget 3.x - IEHelper Remote Exec (PoC) FlashGet 3.x - IEHelper Remote Exec (PoC) Rosoft media player 4.4.4 - Buffer Overflow (SEH) (PoC) Rosoft Media Player 4.4.4 - Buffer Overflow (SEH) (PoC) Google Android - WifiNative::setHotlist Stack Overflow Microsoft Internet Explorer 11 MSHTML - CSpliceTreeEngine::RemoveSplice Use-After-Free (MS14-035) FlashGet 1.9.0.1012 - (FTP PWD Response) SEH STACK Overflow FlashGet 1.9.0.1012 - (FTP PWD Response) Buffer Overflow (SafeSEH) FlashGet 1.9.0.1012 - 'FTP PWD Response' SEH STACK Overflow FlashGet 1.9.0.1012 - 'FTP PWD Response' Buffer Overflow (SafeSEH) freeFTPd - Remote Authentication Bypass freeFTPd 1.2.6 - Remote Authentication Bypass freeFTPd 1.0.10 - 'PASS' SEH Overflow (Metasploit) freeFTPd 1.0.10 - 'PASS' SEH Buffer Overflow (Metasploit) freeFTPd - 'PASS' Buffer Overflow (Metasploit) freeFTPd 1.0.10 - 'PASS' Buffer Overflow (Metasploit) AlberT-EasySite 1.0a5 - (PSA_PATH) Remote File Inclusion iziContents RC6 - GLOBALS[] Remote Code Execution AlberT-EasySite 1.0a5 - 'PSA_PATH' Parameter Remote File Inclusion iziContents RC6 - Remote Code Execution SunShop Shopping Cart 3.5 - 'abs_path' Remote File Inclusion SunShop Shopping Cart 3.5 - 'abs_path' Parameter Remote File Inclusion SunShop 4.0 RC 6 - 'Search' Blind SQL Injection SunShop Shopping Cart 4.0 RC 6 - 'Search' Blind SQL Injection izicontents rc6 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities iziContents rc6 - Remote File Inclusion / Local File Inclusion gelato CMS 0.95 - (img) Remote File Disclosure dotCMS 1.6 - 'id' Multiple Local File Inclusion ZeeJobsite 2.0 - (adid) SQL Injection gelato CMS 0.95 - 'img' Parameter Remote File Disclosure dotCMS 1.6 - 'id' Parameter Local File Inclusion Zeeways ZeeJobsite 2.0 - 'adid' Parameter SQL Injection XNova 0.8 sp1 - (xnova_root_path) Remote File Inclusion XNova 0.8 sp1 - 'xnova_root_path' Parameter Remote File Inclusion PHPBasket - 'product.php pro_id' SQL Injection PHPBasket - 'pro_id' Parameter SQL Injection Ad Board - 'id' SQL Injection SunShop 4.1.4 - 'id' SQL Injection Banner Management Script - 'tr.php id' SQL Injection Ad Board - 'id' Parameter SQL Injection SunShop Shopping Cart 4.1.4 - 'id' Parameter SQL Injection Banner Management Script - 'id' Parameter SQL Injection phpBazar 2.0.2 - (adid) SQL Injection webEdition CMS - (we_objectID) Blind SQL Injection CustomCMS 4.0 - (CCMS) print.php SQL Injection phpBazar 2.0.2 - 'adid' Parameter SQL Injection webEdition CMS - 'we_objectID' Parameter Blind SQL Injection CustomCMS 4.0 - 'print.php' SQL Injection TinyCMS 1.1.2 - (templater.php) Local File Inclusion TinyCMS 1.1.2 - 'templater.php' Local File Inclusion onenews Beta 2 - (Cross-Site Scripting / HTML Injection / SQL Injection) Multiple Vulnerabilities 5 star review - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities onenews Beta 2 - Cross-Site Scripting / HTML Injection / SQL Injection 5 star review - Cross-Site Scripting / SQL Injection Web Directory Script 2.0 - (name) SQL Injection Web Directory Script 2.0 - 'name' Parameter SQL Injection Crafty Syntax Live Help 2.14.6 - (department) SQL Injection Crafty Syntax Live Help 2.14.6 - 'department' Parameter SQL Injection k-rate - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities CMME 1.12 - (Local File Inclusion / Cross-Site Scripting / Cross-Site Request Forgery/Download Backup/Make Directory) Multiple Vulnerabilities Thickbox Gallery 2.0 - (Admins.php) Admin Data Disclosure k-rate - SQL Injection / Cross-Site Scripting CMME 1.12 - Local File Inclusion / Cross-Site Scripting / Cross-Site Request Forgery/Download Backup/Make Directory Thickbox Gallery 2.0 - 'Admins.php' Admin Data Disclosure phpMyRealty 1.0.9 - Multiple SQL Injections PHPMyRealty 1.0.9 - Multiple SQL Injections brim 2.0.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Web Directory Script 1.5.3 - (site) SQL Injection Words tag script 1.2 - (word) SQL Injection Brim 2.0.0 - SQL Injection / Cross-Site Scripting Web Directory Script 1.5.3 - 'site' Parameter SQL Injection Words tag script 1.2 - 'word' Parameter SQL Injection WeBid 0.5.4 - (item.php id) SQL Injection WeBid 0.5.4 - 'item.php' SQL Injection ZeeJobsite 2.0 - Arbitrary File Upload Zeeways ZeeJobsite 2.0 - Arbitrary File Upload BandSite CMS 1.1.4 - (members.php memid) SQL Injection BandSite CMS 1.1.4 - 'members.php' SQL Injection Thickbox Gallery 2 - 'index.php ln' Local File Inclusion Thickbox Gallery 2 - 'index.php' Local File Inclusion Joomla! Component 'com_wmtpic' 1.0 - SQL Injection Joomla! Component com_wmtpic 1.0 - SQL Injection Joomla! Component 'com_redshop' 1.0 - Local File Inclusion Joomla! Component 'com_redtwitter' 1.0 - Local File Inclusion Joomla! Component redSHOP 1.0 - Local File Inclusion Joomla! Component redTWITTER 1.0 - Local File Inclusion Joomla! Component 'com_svmap' 1.1.1 - Local File Inclusion Joomla! Component 'com_shoutbox' - Local File Inclusion Joomla! Component SVMap 1.1.1 - Local File Inclusion Joomla! Component Shoutbox Pro - Local File Inclusion Joomla! Component 'com_sebercart' 1.0.0.12 - Local File Inclusion Joomla! Component Saber Cart 1.0.0.12 - Local File Inclusion Joomla! Component 'com_xobbix' 1.0 - 'prodid' Parameter SQL Injection Joomla! Component XOBBIX 1.0 - 'prodid' Parameter SQL Injection Joomla! Component 'com_vjdeo' 1.0 - Local File Inclusion Joomla! Component VJDEO 1.0 - Local File Inclusion Joomla! Component 'com_realtyna' 1.0.15 - Local File Inclusion Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion Joomla! Component 'com_powermail' 1.5.3 - Local File Inclusion Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion Joomla! Component 'com_properties' - 'aid' Parameter SQL Injection Joomla! Component Real Estate Property 3.1.22-03 - 'aid' Parameter SQL Injection Joomla! Component 'com_tweetla' - Local File Inclusion Joomla! Component TweetLA 1.0.1 - Local File Inclusion Joomla! Component 'com_preventive' - Local File Inclusion Joomla! Component 'com_rokmodule' - 'moduleid' Parameter Blind SQL Injection Joomla! Component Preventive And Reservation 1.0.5 - Local File Inclusion Joomla! Component RokModule 1.1 - 'moduleid' Parameter Blind SQL Injection Joomla! Component 'com_travelbook' 1.0.1 - Local File Inclusion Joomla! Component TRAVELbook 1.0.1 - Local File Inclusion Joomla! Component 'com_webtv' - Local File Inclusion Joomla! Component Web TV 1.0 - Local File Inclusion Joomla! Component 'com_onlineexam' - Local File Inclusion Joomla! Component Online Exam 1.5.0 - Local File Inclusion Joomla! Component 'com_sweetykeeper' - Local File Inclusion Joomla! Component Sweetykeeper 1.5 - Local File Inclusion Joomla! Component 'com_sermonspeaker' - SQL Injection Joomla! Component SermonSpeaker - SQL Injection Joomla! Component 'com_QPersonel' - SQL Injection Joomla! Component QPersonel 1.0.2 - SQL Injection Joomla! Component 'com_photobattle' - Local File Inclusion Joomla! Component Photo Battle 1.0.1 - Local File Inclusion Joomla! Component 'com_zimbcomment' - Local File Inclusion Joomla! Component 'com_zimbcore' - Local File Inclusion Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion Joomla! Component ZiMBCore 0.1 - Local File Inclusion Joomla! Component 'com_wmi' - Local File Inclusion Joomla! Component 'com_orgchart' - Local File Inclusion Joomla! Component WMI 1.5.0 - Local File Inclusion Joomla! Component OrgChart 1.0.0 - Local File Inclusion Joomla! Component 'com_ultimateportfolio' - Local File Inclusion Joomla! Component Ultimate Portfolio 1.0 - Local File Inclusion Joomla! Component 'com_smartsite' - Local File Inclusion Joomla! Component SmartSite 1.0.0 - Local File Inclusion Joomla! Component 'com_simpledownload' 0.9.5 - Local File Inclusion Joomla! Component simpledownload 0.9.5 - Local File Inclusion Joomla! Component 'com_simpledownload' 0.9.5 - Local File Disclosure Joomla! Component simpledownload 0.9.5 - Local File Disclosure Wordpress Plugin TinyBrowser - Arbitrary File Upload WordPress Plugin TinyBrowser - Arbitrary File Upload Joomla! Component 'com_qpersonel' 1.0 - SQL Injection Joomla! Component Q-Personel 1.0 - SQL Injection Joomla! Component 'com_searchlog' - SQL Injection Joomla! Component Search Log 3.1.0 - SQL Injection Joomla! Component 'com_oziogallery' 2 - Multiple Vulnerabilities Joomla! Component Ozio Gallery 2 - Multiple Vulnerabilities Joomla! Component 'com_picasa2gallery' - Local File Inclusion Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion Joomla! Component 'jeeventcalendar' - SQL Injection Joomla! Component JE Ajax Event Calendar 1.0.5 - SQL Injection Joomla! Component 'com_realtyna' - Local File Inclusion Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion Joomla! Component 'jesubmit' - SQL Injection Joomla! Component 'com_sef' - Remote File Inclusion Joomla! Component jesubmit 1.4 - SQL Injection Joomla! Component com_sef - Remote File Inclusion Joomla! Component 'jesectionfinder' - Local File Inclusion Joomla! Component jesectionfinder - Local File Inclusion Joomla! Component 'Joomanager' - SQL Injection Joomla! Component Joomanager - SQL Injection Joomla! Component 'com_socialads' - Persistent Cross-Site Scripting Joomla! Component Techjoomla SocialAds - Persistent Cross-Site Scripting Joomla! Component 'com_redshop' 1.0 - 'pid' Parameter SQL Injection Joomla! Component 'com_quickfaq' - Blind SQL Injection Joomla! Component redSHOP 1.0 - 'pid' Parameter SQL Injection Joomla! Component QuickFAQ 1.0.3 - Blind SQL Injection Joomla! Component 'com_redshop' 1.0.23.1 - Blind SQL Injection Joomla! Component redSHOP 1.0.23.1 - Blind SQL Injection Joomla! Component 'com_staticxt' - SQL Injection Joomla! Component StaticXT - SQL Injection Joomla! Component 'com_oziogallery' - SQL Injection Joomla! Component Ozio Gallery - SQL Injection Joomla! Component 'com_youtube' - SQL Injection Joomla! Component YouTube 1.5 - SQL Injection Joomla! Component 'com_ttvideo' 1.0 - SQL Injection Joomla! Component TTVideo 1.0 - SQL Injection Joomla! Component 'com_teams' - Multiple Blind SQL Injection Joomla! Component Teams - Multiple Blind SQL Injection Joomla! Component 'com_picsell' - Local File Disclosure Joomla! Component PicSell 1.0 - Local File Disclosure Joomla! Component 'com_restaurantguide' - Multiple Vulnerabilities Joomla! Component Restaurant Guide 1.0.0 - Multiple Vulnerabilities Joomla! Component 'com_timetrack' 1.2.4 - Multiple SQL Injection Joomla! Component TimeTrack 1.2.4 - Multiple SQL Injection Joomla! Component 'com_sponsorwall' - SQL Injection Joomla! Component Sponsor Wall 1.1 - SQL Injection Joomla! Component 'com_pro_desk' 1.5 - Local File Inclusion Joomla! Component ProDesk 1.5 - Local File Inclusion Joomla! Component 'mdigg' - SQL Injection Joomla! Component mDigg 2.2.8 - SQL Injection phpMyRealty 1.0.7 - SQL Injection PHPMyRealty 1.0.7 - SQL Injection Joomla! Component 'com_timereturns' 2.0 - SQL Injection Joomla! Component Time Returns 2.0 - SQL Injection Joomla! Component 'com_techfolio' 1.0 - SQL Injection Joomla! Component Techfolio 1.0 - SQL Injection Joomla! Component 'com_vikrealestate' 1.0 - Multiple Vulnerabilities Joomla! Component Vik Real Estate 1.0 - Multiple Vulnerabilities BRIM < 2.0.0 - SQL Injection Brim < 2.0.0 - SQL Injection Joomla! Component 'com_rokmodule' - 'module' Parameter Blind SQL Injection Joomla! Component RokModule 1.1 - 'module' Parameter Blind SQL Injection Wordpress Plugin White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting WordPress Plugin White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting webid 1.0.5 - Directory Traversal weBid 1.0.5 - Directory Traversal Wordpress Theme Clockstone (and other CMSMasters Themes) - Arbitrary File Upload WordPress Theme Clockstone (and other CMSMasters Themes) - Arbitrary File Upload Webid 1.0.6 - Multiple Vulnerabilities WeBid 1.0.6 - Multiple Vulnerabilities MyBulletinBoard RC4 - 'Username' Parameter SQL Injection MyBulletinBoard RC4 - 'member.php' Multiple Parameter SQL Injection MyBulletinBoard RC4 - 'polloptions' Parameter SQL Injection MyBulletinBoard RC4 - 'action' Parameter SQL Injection MyBulletinBoard (MyBB) RC4 - 'Username' Parameter SQL Injection MyBulletinBoard (MyBB) RC4 - 'member.php' Multiple Parameter SQL Injection MyBulletinBoard (MyBB) RC4 - 'polloptions' Parameter SQL Injection MyBulletinBoard (MyBB) RC4 - 'action' Parameter SQL Injection MyBulletinBoard 1.0 - Multiple SQL Injections MyBulletinBoard (MyBB) 1.0 - Multiple SQL Injections MyBulletinBoard 1.0 - 'RateThread.php' SQL Injection MyBulletinBoard (MyBB) 1.0 - 'RateThread.php' SQL Injection MyBulletinBoard 1.0 - 'usercp.php' SQL Injection MyBulletinBoard (MyBB) 1.0 - 'usercp.php' SQL Injection Joomla! Component 'com_redshop' 1.2 - SQL Injection Joomla! Component redSHOP 1.2 - SQL Injection MyBulletinBoard 1.0.x/1.1.x - 'usercp.php' SQL Injection MyBulletinBoard (MyBB) 1.0.x/1.1.x - 'usercp.php' SQL Injection MyBulletinBoard 1.x - 'usercp.php' Directory Traversal MyBulletinBoard (MyBB) 1.x - 'usercp.php' Directory Traversal Grayscale BandSite CMS 1.1 - help_news.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - help_merch.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - help_mp3.php max_file_size_purdy Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - sendemail.php message_text Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - header.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - login_header.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - bio_content.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - gbook_content.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - interview_content.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - links_content.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - lyrics_content.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - member_content.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - merch_content.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - mp3_content.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - news_content.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - pastshows_content.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - photo_content.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - releases_content.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - reviews_content.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - shows_content.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - signgbook_content.php the_band Parameter Cross-Site Scripting Grayscale BandSite CMS 1.1 - footer.php this_year Parameter Cross-Site Scripting BandSite CMS 1.1 - 'help_news.php' Cross-Site Scripting BandSite CMS 1.1 - 'help_merch.php' Cross-Site Scripting BandSite CMS 1.1 - 'help_mp3.php' Cross-Site Scripting BandSite CMS 1.1 - 'sendemail.php' Cross-Site Scripting BandSite CMS 1.1 - 'header.php' Cross-Site Scripting BandSite CMS 1.1 - 'login_header.php' Cross-Site Scripting BandSite CMS 1.1 - 'bio_content.php' Cross-Site Scripting BandSite CMS 1.1 - 'gbook_content.php' Cross-Site Scripting BandSite CMS 1.1 - 'interview_content.php' Cross-Site Scripting BandSite CMS 1.1 - 'links_content.php' Cross-Site Scripting BandSite CMS 1.1 - 'lyrics_content.php' Cross-Site Scripting BandSite CMS 1.1 - 'member_content.php' Cross-Site Scripting BandSite CMS 1.1 - 'merch_content.php' Cross-Site Scripting BandSite CMS 1.1 - 'mp3_content.php' Cross-Site Scripting BandSite CMS 1.1 - 'news_content.php' Cross-Site Scripting BandSite CMS 1.1 - 'pastshows_content.php' Cross-Site Scripting BandSite CMS 1.1 - 'photo_content.php' Cross-Site Scripting BandSite CMS 1.1 - 'releases_content.php' Cross-Site Scripting BandSite CMS 1.1 - 'reviews_content.php' Cross-Site Scripting BandSite CMS 1.1 - 'shows_content.php' Cross-Site Scripting BandSite CMS 1.1 - 'signgbook_content.php' Cross-Site Scripting BandSite CMS 1.1 - 'footer.php' Cross-Site Scripting Wordpress Plugin Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting WordPress Plugin Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting Active PHP BookMarks 1.1.2 - APB_SETTINGS['apb_path' ] Multiple Remote File Inclusion Active PHP BookMarks 1.1.2 - Multiple Remote File Inclusion Wordpress Theme Redoable 1.2 - header.php s Parameter Cross-Site Scripting WordPress Theme Redoable 1.2 - header.php s Parameter Cross-Site Scripting TurnkeyWebTools Sunshop 3.5/4.0 - Multiple Remote File Inclusion SunShop Shopping Cart 3.5/4.0 - Multiple Remote File Inclusion Active PHP BookMarks 1.0 - APB.php Remote File Inclusion Active PHP BookMarks 1.0 - 'APB.php' Remote File Inclusion TurnkeyWebTools SunShop Shopping Cart 4.0 - 'index.php' Multiple Parameter SQL Injection TurnkeyWebTools SunShop Shopping Cart 4.0 - 'index.php' l Parameter Cross-Site Scripting SunShop Shopping Cart 4.0 - 'index.php' Multiple Parameter SQL Injection SunShop Shopping Cart 4.0 - 'index.php' l Parameter Cross-Site Scripting Wordpress Plugin Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery WordPress Plugin Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery DMCMS 0.7 - 'index.php' SQL Injection deeemm CMS (dmcms) 0.7 - 'index.php' SQL Injection EasySite 2.0 - browser.php EASYSITE_BASE Parameter Remote File Inclusion EasySite 2.0 - image_editor.php EASYSITE_BASE Parameter Remote File Inclusion EasySite 2.0 - skin_chooser.php EASYSITE_BASE Parameter Remote File Inclusion EasySite 2.0 - 'browser.php' Remote File Inclusion EasySite 2.0 - 'image_editor.php' Remote File Inclusion EasySite 2.0 - 'skin_chooser.php' Remote File Inclusion MatterDaddy Market 1.1 - 'admin/login.php' Cross-Site Scripting MatterDaddy Market 1.1 - 'login.php' Cross-Site Scripting Wordpress Plugin TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting WordPress Plugin TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting Joomla! Component 'com_perchaimageattach' 1.1 - 'Controller' Parameter Traversal Arbitrary File Access Joomla! Component 'com_perchafieldsattach' 1.0 - 'index.php' Controller Parameter Traversal Arbitrary File Access Joomla! Component 'com_perchadownloadsattach' 1.1 - 'Controller' Parameter Traversal Arbitrary File Access Joomla! Component 'com_perchagallery' 1.6 Beta - 'Controller' Parameter Traversal Arbitrary File Access Joomla! Component Percha Image Attach 1.1 - 'Controller' Parameter Traversal Arbitrary File Access Joomla! Component Percha Fields Attach 1.0 - 'Controller' Parameter Traversal Arbitrary File Access Joomla! Component Percha Downloads Attach 1.1 - 'Controller' Parameter Traversal Arbitrary File Access Joomla! Component Percha Gallery 1.6 Beta - 'Controller' Parameter Traversal Arbitrary File Access Joomla! Component 'com_perchacategoriestree' 0.6 - 'Controller' Parameter Arbitrary File Access Joomla! Component Percha Multicategory Article 0.6 - 'Controller' Parameter Arbitrary File Access Joomla! Component 'com_youtubegallery' - SQL Injection Joomla! Component Youtube Gallery 4.1.7 - SQL Injection Wordpress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities Joomla! Component 'FreiChat' 1.0/2.x - Unspecified HTML Injection Joomla! Component FreiChat 1.0/2.x - Unspecified HTML Injection Wordpress Plugin WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities Joomla! Component 'com_weblinks' - 'Itemid' Parameter SQL Injection Joomla! Component Weblinks - 'Itemid' Parameter SQL Injection Wordpress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload WordPress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload Wordpress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting WordPress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting Wordpress Plugin Paid Memberships Pro 1.7.14.2 - Directory Traversal WordPress Plugin Paid Memberships Pro 1.7.14.2 - Directory Traversal Wordpress Plugin DukaPress 2.5.2 - Directory Traversal WordPress Plugin DukaPress 2.5.2 - Directory Traversal Wordpress Plugin Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection WordPress Plugin Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection Wordpress Plugin WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting WordPress Plugin WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting Wordpress Plugin Duplicator 0.5.8 - Privilege Escalation WordPress Plugin Duplicator 0.5.8 - Privilege Escalation Wordpress Plugin Single Personal Message 1.0.3 - SQL Injection WordPress Plugin Single Personal Message 1.0.3 - SQL Injection Joomla! Component 'com_sanpham' - Multiple SQL Injections Joomla! Component Vik Real Estate 1.0 - Multiple SQL Injections Wordpress Plugin VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload WordPress Plugin VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload Joomla! Component 'mod_currencyconverter' - 'from' Parameter Cross-Site Scripting Joomla! Component Currency Converter 1.0.0 - 'from' Parameter Cross-Site Scripting Wordpress Plugin Shareaholic 7.6.0.3 - Cross-Site Scripting WordPress Plugin Shareaholic 7.6.0.3 - Cross-Site Scripting Wordpress Plugin Paypal Currency Converter Basic For WooCommerce - File Read WordPress Plugin Paypal Currency Converter Basic For WooCommerce - File Read Joomla! Component 'mod_ccnewsletter' 1.0.7 - 'id' Parameter SQL Injection Joomla! Component CCNewsLetter 1.0.7 - 'id' Parameter SQL Injection Wordpress Plugin Simple Photo Gallery 1.7.8 - Blind SQL Injection WordPress Plugin Simple Photo Gallery 1.7.8 - Blind SQL Injection Wordpress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting WordPress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting Wordpress Plugin Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting Wordpress Plugin ]Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting WordPress Plugin ]Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities Wordpress Plugin Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting WordPress Plugin Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting Wordpress Plugin EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities WordPress Plugin EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities Joomla! Component 'com_rpl' 8.9.2 - Multiple SQL Injections Joomla! Component 'com_rpl' 8.9.2 - Persistent Cross-Site Scripting / Cross-Site Request Forgery Joomla! Component Realtyna RPL 8.9.2 - Multiple SQL Injections Joomla! Component Realtyna RPL 8.9.2 - Persistent Cross-Site Scripting / Cross-Site Request Forgery Wordpress Plugin Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting WordPress Plugin Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting Wordpress Plugin miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities Joomla! Component 'com_sexypolling' - 'answer_id' Parameter SQL Injection Joomla! Component Sexy polling 1.0.8 - 'answer_id' Parameter SQL Injection Joomla! Component 'com_novasfh' - 'upload.php' Arbitrary File Upload Joomla! Component Projoom NovaSFH 3.0.2 - 'upload.php' Arbitrary File Upload Wordpress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection WordPress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection Wordpress Plugin Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting WordPress Plugin Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting Wordpress Plugin Job Script by Scubez - Remote Code Execution WordPress Plugin Job Script by Scubez - Remote Code Execution Wordpress Plugin Premium SEO Pack 1.9.1.3 - wp_options Overwrite WordPress Plugin Premium SEO Pack 1.9.1.3 - wp_options Overwrite Wordpress Plugin Answer My Question 1.3 - SQL Injection Wordpress Plugin Sirv 1.3.1 - SQL Injection Wordpress Plugin BBS e-Franchise 1.1.1 - SQL Injection Wordpress Plugin Product Catalog 8 1.2.0 - SQL Injection WordPress Plugin Answer My Question 1.3 - SQL Injection WordPress Plugin Sirv 1.3.1 - SQL Injection WordPress Plugin BBS e-Franchise 1.1.1 - SQL Injection WordPress Plugin Product Catalog 8 1.2.0 - SQL Injection Wordpress Plugin Olimometer 2.56 - SQL Injection WordPress Plugin Olimometer 2.56 - SQL Injection Wordpress Plugin WP Vault 0.8.6.6 - Local File Inclusion WordPress Plugin WP Vault 0.8.6.6 - Local File Inclusion Wordpress Plugin WP Support Plus Responsive Ticket System 7.1.3 - SQL Injection Wordpress Plugin WP Private Messages 1.0.1 - SQL Injection WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 - SQL Injection WordPress Plugin WP Private Messages 1.0.1 - SQL Injection	2016-12-21 05:01:18 +00:00
Offensive Security	18d8085c6d	DB: 2016-12-18 13 new exploits Microsoft Internet Explorer 9 MSHTML - CMarkup::ReloadInCompatView Use-After-Free Microsoft Internet Explorer 9 IEFRAME - CMarkup::RemovePointerPos Use-After-Free (MS13-055) Orthanc DICOM Server 1.1.0 - Memory Corruption Microsoft Internet Explorer 9 - MSHTML CMarkup::ReloadInCompatView Use-After-Free Microsoft Internet Explorer 9 - IEFRAME CMarkup::RemovePointerPos Use-After-Free (MS13-055) OsiriX DICOM Viewer 8.0.1 - Memory Corruption ConQuest DICOM Server 1.4.17d - Stack Buffer Overflow DCMTK 3.6.0 storescp - Stack Buffer Overflow Horos 2.1.0 DICOM Medical Image Viewer - Denial of Service Microsoft Internet Explorer 9 IEFRAME - CMarkupPointer::MoveToGap Use-After-Free Microsoft Internet Explorer 9 IEFRAME - CView::EnsureSize Use-After-Free (MS13-021) Nagios < 4.2.4 - Privilege Escalation iOS 10.1.1 / macOS 10.12 16A323 XNU Kernel - set_dp_control_port Lack of Locking Use-After-Free Alienvault OSSIM - SQL Injection / Remote Code Execution (Metasploit) Alienvault Open Source SIEM (OSSIM) - SQL Injection / Remote Code Execution (Metasploit) Alienvault OSSIM < 4.7.0 - av-centerd 'get_log_line()' Remote Code Execution Alienvault Open Source SIEM (OSSIM) < 4.7.0 - av-centerd 'get_log_line()' Remote Code Execution Alienvault OSSIM - av-centerd Command Injection (Metasploit) Alienvault Open Source SIEM (OSSIM) - av-centerd Command Injection (Metasploit) Horos 2.1.0 Web Portal - Directory Traversal Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode (72 bytes) Alienvault OSSIM Open Source SIEM 3.1 - Multiple Security Vulnerabilities Alienvault Open Source SIEM (OSSIM) 3.1 - Multiple Security Vulnerabilities Alienvault OSSIM Open Source SIEM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection Alienvault Open Source SIEM (OSSIM) 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection Alienvault OSSIM 4.1.2 - Multiple SQL Injections Alienvault Open Source SIEM (OSSIM) 4.1.2 - Multiple SQL Injections Alienvault OSSIM Open Source SIEM 4.1 - Multiple SQL Vulnerabilities Alienvault Open Source SIEM (OSSIM) 4.1 - Multiple SQL Vulnerabilities Alienvault 4.3.1 - Unauthenticated SQL Injection Alienvault 4.3.1 - Unauthenticated SQL Injection / Cross-Site Scripting Alienvault OSSIM 4.6.1 - Authenticated SQL Injection (Metasploit) Alienvault Open Source SIEM (OSSIM) 4.6.1 - Authenticated SQL Injection (Metasploit) Alienvault OSSIM 4.3 - Cross-Site Request Forgery Alienvault Open Source SIEM (OSSIM) 4.3 - Cross-Site Request Forgery WHMCS Addon VMPanel 2.7.4 - SQL Injection WordPress Plugin Quiz And Survey Master 4.5.4 / 4.7.8 - Cross-Site Request Forgery	2016-12-18 05:01:16 +00:00
Offensive Security	24bf161ca6	DB: 2016-12-16 5 new exploits HydraIrc 0.3.164 - (last) Remote Denial of Service Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow (PoC) HydraIrc 0.3.164 - Remote Denial of Service Download Accelerator Plus DAP 8.6 - 'AniGIF.ocx' Buffer Overflow (PoC) Microsoft Internet Explorer 9 MSHTML - CMarkup::ReloadInCompatView Use-After-Free Microsoft Internet Explorer 9 IEFRAME - CMarkup::RemovePointerPos Use-After-Free (MS13-055) Nidesoft MP3 Converter 2.6.18 - SEH Local Buffer Overflow Nagios Core < 4.2.4 - Privilege Escalation Nagios Core < 4.2.2 - Curl Command Injection / Remote Code Execution Quicksilver Forums 1.2.1 - (set) Remote File Inclusion Quicksilver Forums 1.2.1 - Remote File Inclusion e-Vision CMS 2.0 - (all_users.php) SQL Injection e-Vision CMS 2.0 - 'all_users.php' SQL Injection LetterIt 2.0 - (inc/session.php) Remote File Inclusion LetterIt 2.0 - 'session.php' Remote File Inclusion e107 0.7.8 - (mailout.php) Access Escalation Exploit (Admin needed) e107 0.7.8 - 'mailout.php' Access Escalation Exploit (Admin needed) PHPMyRealty 1.0.x - (search.php type) SQL Injection PHPMyRealty 1.0.x - 'search.php' SQL Injection pligg 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection Pligg 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection LetterIt 2 - 'Language' Local File Inclusion phpMyRealty - (location) SQL Injection LetterIt 2 - 'Language' Parameter Local File Inclusion phpMyRealty 2.0.0 - 'location' Parameter SQL Injection ABG Blocking Script 1.0a - 'abg_path' Remote File Inclusion E-topbiz Dating 3 PHP Script - (mail_id) SQL Injection Scripts24 iTGP 1.0.4 - 'id' SQL Injection Scripts24 iPost 1.0.1 - 'id' SQL Injection eStoreAff 0.1 - 'cid' SQL Injection GreenCart PHP Shopping Cart - 'id' SQL Injection ABG Blocking Script 1.0a - 'abg_path' Parameter Remote File Inclusion E-topbiz Dating 3 PHP Script - 'mail_id' Parameter SQL Injection Scripts24 iTGP 1.0.4 - 'id' Parameter SQL Injection Scripts24 iPost 1.0.1 - 'id' Parameter SQL Injection eStoreAff 0.1 - 'cid' Parameter SQL Injection GreenCart PHP Shopping Cart - 'id' Parameter SQL Injection e-vision CMS 2.02 - (SQL Injection / Arbitrary File Upload / Information Gathering) Multiple Vulnerabilities e-vision CMS 2.02 - SQL Injection / Arbitrary File Upload / Information Gathering E-Store Kit-1 <= 2 PayPal Edition - 'pid' SQL Injection E-Store Kit-1 <= 2 PayPal Edition - 'pid' Parameter SQL Injection iges CMS 2.0 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities iges CMS 2.0 - Cross-Site Scripting / SQL Injection Multiple Wsn Products - (Local File Inclusion) Code Execution Multiple Wsn Products - Local File Inclusion / Code Execution Discuz! 6.0.1 - (searchid) SQL Injection pPIM 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities Discuz! 6.0.1 - 'searchid' Parameter SQL Injection pPIM 1.0 - Arbitrary File Delete / Cross-Site Scripting Vacation Rental Script 3.0 - 'id' SQL Injection Quicksilver Forums 1.4.1 - forums[] SQL Injection txtSQL 2.2 Final - (startup.php) Remote File Inclusion Vacation Rental Script 3.0 - 'id' Parameter SQL Injection Quicksilver Forums 1.4.1 - SQL Injection txtSQL 2.2 Final - 'startup.php' Remote File Inclusion OpenImpro 1.1 - (image.php id) SQL Injection ZeeBuddy 2.1 - (bannerclick.php adid) SQL Injection pPIM 1.0 - (upload/change Password) Multiple Vulnerabilities Ovidentia 6.6.5 - (item) SQL Injection BBlog 0.7.6 - (mod) SQL Injection OpenImpro 1.1 - 'image.php' SQL Injection ZeeBuddy 2.1 - 'adid' Parameter SQL Injection pPIM 1.0 - upload/change Password Ovidentia 6.6.5 - 'item' Parameter SQL Injection BBlog 0.7.6 - 'mod' Parameter SQL Injection pPIM 1.01 - (notes.php id) Local File Inclusion pPIM 1.01 - 'notes.php' Local File Inclusion e107 plugin fm pro 1 - (File Disclosure / Arbitrary File Upload / Directory Traversal) Multiple Vulnerabilities e107 plugin fm pro 1 - File Disclosure / Arbitrary File Upload / Directory Traversal Coppermine Photo Gallery 1.4.19 - Remote Arbitrary .PHP File Upload Coppermine Photo Gallery 1.4.19 - Remote File Upload pPIM 1.01 - (notes.php id) Remote Command Execution pPIM 1.01 - 'notes.php' Remote Command Execution moziloCMS 1.11 - (Local File Inclusion / Full Path Disclosure / Cross-Site Scripting) Multiple Vulnerabilities moziloCMS 1.11 - Local File Inclusion / Full Path Disclosure / Cross-Site Scripting Joomla! Component 'com_agenda' 1.0.1 - 'id' Parameter SQL Injection Joomla! Component Agenda Address Book 1.0.1 - 'id' Parameter SQL Injection Joomla! Component 'com_alphauserpoints' 1.5.5 - Local File Inclusion Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion Joomla! Component 'com_arcadegames' - Local File Inclusion Joomla! Component Arcade Games 1.0 - Local File Inclusion Joomla! Component 'com_AddressBook' - Local File Inclusion Joomla! Component 'com_advertising' - Local File Inclusion Joomla! Component Address Book 1.5.0 - Local File Inclusion Joomla! Component Advertising 0.25 - Local File Inclusion Joomla! Component 'com_blogfactory' - Local File Inclusion Joomla! Component 'com_beeheard' - Local File Inclusion Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion Joomla! Component BeeHeard 1.0 - Local File Inclusion Joomla! Component 'com_archeryscores' 1.0.6 - Local File Inclusion Joomla! Component Archery Scores 1.0.6 - Local File Inclusion Joomla! Component 'com_abc' - SQL Injection Joomla! Component ABC 1.1.7 - SQL Injection Joomla! Component 'com_bfquiztrial' - SQL Injection (1) Joomla! Component BF Quiz 1.3.0 - SQL Injection (1) Joomla! Component 'com_bfquiztrial' - SQL Injection (2) Joomla! Component BF Quiz 1.0 - SQL Injection (2) e107 0.7.21 full - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities e107 0.7.21 full - Remote File Inclusion / Cross-Site Scripting Joomla! Component 'com_awd_song' - Persistent Cross-Site Scripting Joomla! Component JE Awd Song - Persistent Cross-Site Scripting Joomla! Component 'com_addressbook' - Blind SQL Injection Joomla! Component Address Book - Blind SQL Injection Joomla! Component 'com_autartimonial' - SQL Injection Joomla! Component AutarTimonial 1.0.8 - SQL Injection Joomla! Component 'com_artforms' 2.1b7.2 rc2 - Multiple Vulnerabilities Joomla! Component ArtForms 2.1b7.2 rc2 - Multiple Vulnerabilities Joomla! Component 'com_camelcitydb2' 2.2 - SQL Injection Joomla! Component CamelcityDB 2.2 - SQL Injection Joomla! Component 'com_amblog' 1.0 - Multiple SQL Injections Joomla! Component Amblog 1.0 - Multiple SQL Injections Joomla! Component 'com_aardvertiser' 2.1 - Blind SQL Injection Joomla! Component Aardvertiser 2.1 - Blind SQL Injection Joomla! Component 'com_cbe' - Local File Inclusion / Remote Code Execution Joomla! Component Community Builder Enhanced (CBE) 1.4.8/1.4.9/1.4.10 - Local File Inclusion / Remote Code Execution Joomla! Component 'com_allcinevid' 1.0.0 - Blind SQL Injection Joomla! Component allCineVid 1.0.0 - Blind SQL Injection Joomla! Component 'com_alameda' 1.0 - SQL Injection Joomla! Component Alameda 1.0 - SQL Injection Free Hosting Manager 2.0 - (packages.php id Parameter) SQL Injection Free Hosting Manager 2.0 - 'id' Parameter SQL Injection Coppermine Photo Gallery 1.x - menu.inc.php CPG_URL Parameter Cross-Site Scripting Coppermine Photo Gallery 1.x - modules.php startdir Parameter Traversal Arbitrary File Access Coppermine Photo Gallery 1.x - init.inc.php Remote File Inclusion Coppermine Photo Gallery 1.x - theme.php Multiple Parameter Remote File Inclusion Coppermine Photo Gallery 1.2.2b - 'menu.inc.php' Cross-Site Scripting Coppermine Photo Gallery 1.2.0 RC4 - 'startdir' Parameter Traversal Arbitrary File Access Coppermine Photo Gallery 1.2.0 RC4 - 'init.inc.php' Remote File Inclusion Coppermine Photo Gallery 1.2.2b - 'theme.php' Remote File Inclusion BBlog 0.7.4 - PostID Parameter SQL Injection BBlog 0.7.4 - 'PostID' Parameter SQL Injection Coppermine Photo Gallery 1.x - Albmgr.php SQL Injection Coppermine Photo Gallery 1.4.11 - SQL Injection LoveCMS 1.4 - install/index.php step Parameter Remote File Inclusion LoveCMS 1.4 - install/index.php step Parameter Traversal Arbitrary File Access LoveCMS 1.4 - 'index.php' load Parameter Traversal Arbitrary File Access LoveCMS 1.4 - 'index.php' id Parameter Cross-Site Scripting LoveCMS 1.4 - 'step' Parameter Remote File Inclusion LoveCMS 1.4 - 'step' Parameter Traversal Arbitrary File Access LoveCMS 1.4 - 'load' Parameter Traversal Arbitrary File Access LoveCMS 1.4 - 'id' Parameter Cross-Site Scripting Coppermine Photo Gallery 1.4.x - mode.php referer Parameter Cross-Site Scripting Coppermine Photo Gallery 1.4.x - viewlog.php log Parameter Local File Inclusion Coppermine Photo Gallery 1.4.12 - 'referer' Parameter Cross-Site Scripting Coppermine Photo Gallery 1.4.12 - 'log' Parameter Local File Inclusion Joomla! / Mambo Component 'com_detail' - 'id' Parameter SQL Injection Joomla! / Mambo Component com_detail - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_lms' - 'cat' Parameter SQL Injection Joomla! / Mambo Component Showroom Joomlearn LMS - 'cat' Parameter SQL Injection Blog Manager - inc_webblogmanager.asp ItemID Parameter SQL Injection Blog Manager - inc_webblogmanager.asp categoryId Parameter Cross-Site Scripting Blog Manager - 'ItemID' Parameter SQL Injection Blog Manager - 'categoryId' Parameter Cross-Site Scripting e107 0.7.x - (CAPTCHA Security Bypass / Cross-Site Scripting) Multiple Vulnerabilities e107 0.7.x - CAPTCHA Security Bypass / Cross-Site Scripting Joomla! Component 'com_canteen' 1.0 - Local File Inclusion Joomla! Component Canteen 1.0 - Local File Inclusion Coppermine Photo Gallery 1.5.10 - help.php Multiple Parameter Cross-Site Scripting Coppermine Photo Gallery 1.5.10 - searchnew.php picfile_* Parameter Cross-Site Scripting Coppermine Photo Gallery 1.5.10 - 'help.php' Cross-Site Scripting Coppermine Photo Gallery 1.5.10 - 'searchnew.php' Cross-Site Scripting	2016-12-16 05:01:19 +00:00
Offensive Security	32e86030d5	DB: 2016-12-15 3 new exploits minix 3.1.2a - tty panic Local Denial of Service minix 3.1.2a - tty panic Remote Denial of Service Minix 3.1.2a - tty panic Local Denial of Service Minix 3.1.2a - tty panic Remote Denial of Service Microsoft IIS 5.0 - WebDav Lock Method Memory Leak Denial of Service Microsoft IIS 5.0 - WebDAV Lock Method Memory Leak Denial of Service MINIX 3.3.0 - Local Denial of Service (PoC) Minix 3.3.0 - Local Denial of Service (PoC) MINIX 3.3.0 - Remote TCP/IP Stack Denial of Service Minix 3.3.0 - Remote TCP/IP Stack Denial of Service Apache 2.4.23 (mod_http2) - Denial of Service Adobe Animate 15.2.1.95 - Memory Corruption CoolPlayer - m3u File Local Buffer Overflow CoolPlayer 2.18 - '.m3u' File Local Buffer Overflow Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDav Privilege Escalation (MS16-016) (Metasploit) Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDAV Privilege Escalation (MS16-016) (Metasploit) Apache Tomcat (WebDAV) - Remote File Disclosure Apache Tomcat - (WebDAV) Remote File Disclosure Apache Tomcat (WebDAV) - Remote File Disclosure (SSL) Apache Tomcat - (WebDAV) Remote File Disclosure (SSL) APT - Repository Signing Bypass via Memory Allocation Failure PHPFootball 1.6 - (show.php) Remote Database Disclosure PHPFootball 1.6 - Remote Database Disclosure Aprox CMS Engine 5 (1.0.4) - Local File Inclusion Aprox CMS Engine 5.1.0.4 - Local File Inclusion PHP Help Agent 1.1 - (content) Local File Inclusion PHP Help Agent 1.1 - 'content' Parameter Local File Inclusion Alstrasoft Affiliate Network Pro - (pgm) SQL Injection Alstrasoft Affiliate Network Pro - 'pgm' Parameter SQL Injection PHPHoo3 <= 5.2.6 - (PHPHoo3.php viewCat) SQL Injection Alstrasoft Video Share Enterprise 4.5.1 - (UID) SQL Injection PHPHoo3 <= 5.2.6 - 'viewCat' Parameter SQL Injection Alstrasoft Video Share Enterprise 4.5.1 - 'UID' Parameter SQL Injection Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection Aprox CMS Engine 5.(1.0.4) - 'index.php' SQL Injection Siteframe - 'folder.php id' SQL Injection PHPFootball 1.6 - (show.php) SQL Injection DigiLeave 1.2 - (info_book.asp book_id) Blind SQL Injection HRS Multi - 'picture_pic_bv.asp key' Blind SQL Injection Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection Aprox CMS Engine 5.1.0.4 - 'index.php' SQL Injection Siteframe CMS 3.2.3 - 'folder.php' SQL Injection PHPFootball 1.6 - SQL Injection DigiLeave 1.2 - 'book_id' Parameter Blind SQL Injection HRS Multi - 'key' Parameter Blind SQL Injection MojoPersonals - 'mojoClassified.cgi mojo' Blind SQL Injection MojoJobs - 'mojoJobs.cgi mojo' Blind SQL Injection MojoAuto - 'mojoAuto.cgi mojo' Blind SQL Injection EZWebAlbum (dlfilename) - Remote File Disclosure Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection ShopCartDx 4.30 - 'pid' SQL Injection MojoPersonals - Blind SQL Injection MojoJobs - Blind SQL Injection MojoAuto - Blind SQL Injection EZWebAlbum - Remote File Disclosure Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection ShopCartDx 4.30 - 'pid' Parameter SQL Injection YouTube blog 0.1 - (Remote File Inclusion / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Pre Survey Poll - 'default.asp catid' SQL Injection Atom Photoblog 1.1.5b1 - (photoId) SQL Injection ibase 2.03 - 'download.php' Remote File Disclosure YouTube blog 0.1 - Remote File Inclusion / SQL Injection / Cross-Site Scripting Pre Survey Poll - 'catid' Parameter SQL Injection Atom Photoblog 1.1.5b1 - 'photoId' Parameter SQL Injection ibase 2.03 - Remote File Disclosure Live Music Plus 1.1.0 - 'id' SQL Injection xrms 1.99.2 - (Remote File Inclusion / Cross-Site Scripting / Information Gathering) Multiple Vulnerabilities Live Music Plus 1.1.0 - 'id' Parameter SQL Injection XRms 1.99.2 - Remote File Inclusion / Cross-Site Scripting / Information Gathering FizzMedia 1.51.2 - (comment.php mid) SQL Injection PHPTest 0.6.3 - (picture.php image_id) SQL Injection FizzMedia 1.51.2 - SQL Injection PHPTest 0.6.3 - SQL Injection Mobius 1.4.4.1 - (browse.php id) SQL Injection EPShop < 3.0 - 'pid' SQL Injection Mobius 1.4.4.1 - SQL Injection EPShop < 3.0 - 'pid' Parameter SQL Injection TriO 2.1 - (browse.php id) SQL Injection CMScout 2.05 - (common.php bit) Local File Inclusion Getacoder clone - (sb_protype) SQL Injection GC Auction Platinum - (cate_id) SQL Injection SiteAdmin CMS - (art) SQL Injection TriO 2.1 - 'browse.php' SQL Injection CMScout 2.05 - 'bit' Parameter Local File Inclusion Getacoder clone - 'sb_protype' Parameter SQL Injection GC Auction Platinum - 'cate_id' Parameter SQL Injection SiteAdmin CMS - 'art' Parameter SQL Injection Youtuber Clone - 'ugroups.php UID' SQL Injection Youtuber Clone - SQL Injection PixelPost 1.7.1 - (language_full) Local File Inclusion PixelPost 1.7.1 - 'language_full' Parameter Local File Inclusion ViArt Shop 3.5 - (category_id) SQL Injection Minishowcase 09b136 - 'lang' Local File Inclusion ViArt Shop 3.5 - 'category_id' Parameter SQL Injection Minishowcase 09b136 - 'lang' Parameter Local File Inclusion Gregarius 0.5.4 - rsargs[] SQL Injection PHP Hosting Directory 2.0 - (admin.php rd) Remote File Inclusion HIOX Random Ad 1.3 - (hioxRandomAd.php hm) Remote File Inclusion hiox browser Statistics 2.0 - Remote File Inclusion Gregarius 0.5.4 - SQL Injection PHP Hosting Directory 2.0 - Remote File Inclusion HIOX Random Ad 1.3 - Remote File Inclusion HIOX Browser Statistics 2.0 - Remote File Inclusion nzFotolog 0.4.1 - (action_file) Local File Inclusion ZeeReviews - 'comments.php ItemID' SQL Injection nzFotolog 0.4.1 - 'action_file' Parameter Local File Inclusion ZeeReviews - SQL Injection Article Friendly Pro/Standard - (Cat) SQL Injection Article Friendly Pro/Standard - SQL Injection PozScripts Classified Ads Script - 'cid' SQL Injection TubeGuru Video Sharing Script - (UID) SQL Injection PozScripts Classified Ads Script - 'cid' Parameter SQL Injection TubeGuru Video Sharing Script - 'UID' Parameter SQL Injection pligg 9.9.0 - (Cross-Site Scripting / Local File Inclusion / SQL Injection) Multiple Vulnerabilities pligg 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection camera life 2.6.2b4 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities camera Life 2.6.2b4 - SQL Injection / Cross-Site Scripting Alstrasoft Article Manager Pro - (Authentication Bypass) SQL Injection Alstrasoft Article Manager Pro 1.6 - Authentication Bypass viart shopping cart 3.5 - Multiple Vulnerabilities Viart shopping cart 3.5 - Multiple Vulnerabilities PHPFootball 1.6 - (filter.php) Remote Hash Disclosure PHPFootball 1.6 - Remote Hash Disclosure talkback 2.3.14 - Multiple Vulnerabilities Siteframe CMS 3.2.x - (SQL Injection / phpinfo()) Multiple Vulnerabilities TalkBack 2.3.14 - Multiple Vulnerabilities Siteframe CMS 3.2.x - SQL Injection / phpinfo() CMScout - (Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities CMScout - Cross-Site Scripting / HTML Injection ShopCartDx 4.30 - (products.php) Blind SQL Injection ShopCartDx 4.30 - 'products.php' Blind SQL Injection viart shop 4.0.5 - Multiple Vulnerabilities ViArt Shop 4.0.5 - Multiple Vulnerabilities Siteframe 3.2.3 - (user.php) SQL Injection Siteframe CMS 3.2.3 - 'user.php' SQL Injection viart shop 4.0.5 - Cross-Site Request Forgery ViArt Shop 4.0.5 - Cross-Site Request Forgery Siteframe 2.2.4 - search.php Cross-Site Scripting Siteframe 2.2.4 - download.php Information Disclosure Siteframe CMS 2.2.4 - 'download.php' Information Disclosure phpx 3.2.3 - Multiple Vulnerabilities PHPX 3.2.3 - Multiple Vulnerabilities PHPX 3.x - admin/page.php Cross-Site Request Forgery / Arbitrary Command Execution PHPX 3.x - admin/news.php Cross-Site Request Forgery / Arbitrary Command Execution PHPX 3.x - admin/user.php Cross-Site Request Forgery / Arbitrary Command Execution PHPX 3.x - admin/images.php Cross-Site Request Forgery / Arbitrary Command Execution PHPX 3.x - admin/forums.php Cross-Site Request Forgery / Arbitrary Command Execution PHPX 3.x - 'page.php' Cross-Site Request Forgery / Arbitrary Command Execution PHPX 3.x - 'news.php' Cross-Site Request Forgery / Arbitrary Command Execution PHPX 3.x - 'user.php' Cross-Site Request Forgery / Arbitrary Command Execution PHPX 3.x - 'images.php' Cross-Site Request Forgery / Arbitrary Command Execution PHPX 3.x - 'forums.php' Cross-Site Request Forgery / Arbitrary Command Execution Alstrasoft Video Share Enterprise 4.x - MyajaxPHP.php Remote File Inclusion Alstrasoft Video Share Enterprise 4.x - 'MyajaxPHP.php' Remote File Inclusion Alstrasoft Affiliate Network Pro 8.0 - merchants/index.php Multiple Parameter Cross-Site Scripting Alstrasoft Affiliate Network Pro 8.0 - merchants/temp.php rowid Parameter Cross-Site Scripting Alstrasoft Affiliate Network Pro 8.0 - merchants/index.php uploadProducts Action pgmid Parameter SQL Injection Alstrasoft Affiliate Network Pro 8.0 - 'index.php' Cross-Site Scripting Alstrasoft Affiliate Network Pro 8.0 - 'temp.php' Cross-Site Scripting Alstrasoft Affiliate Network Pro 8.0 - 'pgmid' Parameter SQL Injection PHPX 3.5.15/3.5.16 - print.php news_id Parameter SQL Injection PHPX 3.5.15/3.5.16 - forums.php Multiple Parameter SQL Injection PHPX 3.5.15/3.5.16 - users.php user_id Parameter SQL Injection PHPX 3.5.15/3.5.16 - news.php Multiple Parameter SQL Injection PHPX 3.5.15/3.5.16 - gallery.php Multiple Parameter SQL Injection PHPX 3.5.15/3.5.16 - 'print.php' SQL Injection PHPX 3.5.15/3.5.16 - 'forums.php' SQL Injection PHPX 3.5.15/3.5.16 - 'users.php' SQL Injection PHPX 3.5.15/3.5.16 - 'news.php' SQL Injection PHPX 3.5.15/3.5.16 - 'gallery.php' SQL Injection XRms 1.99.2 - activities/some.php title Parameter Cross-Site Scripting XRms 1.99.2 - companies/some.php company_name Parameter Cross-Site Scripting XRms 1.99.2 - contacts/some.php last_name Parameter Cross-Site Scripting XRms 1.99.2 - campaigns/some.php campaign_title Parameter Cross-Site Scripting XRms 1.99.2 - opportunities/some.php opportunity_title Parameter Cross-Site Scripting XRms 1.99.2 - cases/some.php case_title Parameter Cross-Site Scripting XRms 1.99.2 - files/some.php file_id Parameter Cross-Site Scripting XRms 1.99.2 - reports/custom/mileage.php starting Parameter Cross-Site Scripting XRms 1.99.2 - 'title' Parameter Cross-Site Scripting XRms 1.99.2 - 'company_name' Parameter Cross-Site Scripting XRms 1.99.2 - 'last_name' Parameter Cross-Site Scripting XRms 1.99.2 - 'campaign_title' Parameter Cross-Site Scripting XRms 1.99.2 - 'opportunity_title' Parameter Cross-Site Scripting XRms 1.99.2 - 'case_title' Parameter Cross-Site Scripting XRms 1.99.2 - 'file_id' Parameter Cross-Site Scripting XRms 1.99.2 - 'starting' Parameter Cross-Site Scripting Pligg 1.0.4 - 'install1.php' Cross-Site Scripting Joomla! Component DT Register - 'cat' SQL Injection Joomla! Component DT Register - 'cat' Parameter SQL Injection	2016-12-15 13:07:17 +00:00
Offensive Security	b080c70f8b	DB: 2016-12-14 7 new exploits Microsoft Internet Explorer 9 IEFRAME - CSelectionInteractButtonBehavior::_UpdateButtonLocation Use-After-Free (MS13-047) Xitami Web Server 5.0a0 - Denial of Service OpenSSL 1.1.0a/1.1.0b - Denial of Service Serva 3.0.0 HTTP Server - Denial of Service iOS 10.1.x - Certificate File Memory Corruption OpenBSD 4.0 - (vga) Privilege Escalation OpenBSD 4.0 - 'vga' Privilege Escalation 10-Strike Network File Search Pro 2.3 - SEH Local Buffer Overflow MyBloggie 2.1.4 - (trackback.php) Multiple SQL Injections MyBloggie 2.1.4 - 'trackback.php' Multiple SQL Injections AShop Deluxe 4.x - (catalogue.php cat) SQL Injection AShop Deluxe 4.x - 'catalogue.php' SQL Injection HIOX Banner Rotator 1.3 - (hm) Remote File Inclusion HIOX Banner Rotator 1.3 - 'hm' Parameter Remote File Inclusion CAT2 - (spaw_root) Local File Inclusion CAT2 - 'spaw_root' Parameter Local File Inclusion MyBloggie 2.1.3 - search.php SQL Injection MyBloggie 2.1.2/2.1.3 - upload.php Multiple Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - delcomment.php Multiple Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - deluser.php 'id' Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - addcat.php errormsg Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - edituser.php errormsg Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - adduser.php errormsg Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - editcat.php errormsg Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - add.php trackback_url Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - delcat.php cat_id Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - del.php post_id Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'upload.php' Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'delcomment.php' Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'deluser.php' Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'addcat.php' Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'edituser.php' Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'adduser.php' Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'editcat.php' Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'trackback_url' Parameter Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'delcat.php' Cross-Site Scripting MyBloggie 2.1.2/2.1.3 - 'del.php' Cross-Site Scripting MyBloggie 2.1.x - Multiple Remote File Inclusion MyBloggie 2.1.x - MyBloggie_Root_Path Parameter Multiple Remote File Inclusion MyBloggie 2.1.x - 'MyBloggie_Root_Path' Parameter Remote File Inclusion AShop Deluxe 4.5 - ashop/catalogue.php Multiple Parameter Cross-Site Scripting AShop Deluxe 4.5 - ashop/basket.php cat Parameter Cross-Site Scripting AShop Deluxe 4.5 - ashop/search.php SearchString Parameter Cross-Site Scripting AShop Deluxe 4.5 - shipping.php Multiple Parameter Cross-Site Scripting AShop Deluxe 4.5 - admin/editcatalogue.php cat Parameter Cross-Site Scripting AShop Deluxe 4.5 - admin/salesadmin.php resultpage Parameter Cross-Site Scripting AShop Deluxe 4.5 - 'catalogue.php' Cross-Site Scripting AShop Deluxe 4.5 - 'basket.php' Cross-Site Scripting AShop Deluxe 4.5 - 'search.php' Cross-Site Scripting AShop Deluxe 4.5 - 'shipping.php' Cross-Site Scripting AShop Deluxe 4.5 - 'editcatalogue.php' Cross-Site Scripting AShop Deluxe 4.5 - 'salesadmin.php' Cross-Site Scripting MyBloggie 2.1.5 - 'index.php' PATH_INFO Parameter Cross-Site Scripting MyBloggie 2.1.5 - 'index.php' Cross-Site Scripting MyBloggie 2.1.5 - 'login.php' PATH_INFO Parameter Cross-Site Scripting MyBloggie 2.1.5 - 'login.php' Cross-Site Scripting Smart Guard Network Manager 6.3.2 - SQL Injection WordPress Plugin Multisite Post Duplicator 0.9.5.1 - Cross-Site Request Forgery	2016-12-14 05:01:23 +00:00
Offensive Security	9cad083b49	DB: 2016-12-11 5 new exploits uTorrent 1.8.3 (Build 15772) - Create New Torrent Buffer Overflow (PoC) uTorrent 1.8.3 Build 15772 - Create New Torrent Buffer Overflow (PoC) F5 BIG-IP - Authentication Bypass (1) F5 BIG-IP - Authentication Bypass (PoC) Linux Kernel 3.4 < 3.13.2 - recvmmsg x32 compat PoC (1) Linux Kernel 3.4 < 3.13.2 - recvmmsg x32 compat PoC Adobe Photoshop CC & Bridge CC - '.png' File Parsing Memory Corruption (2) Adobe Photoshop CC / Bridge CC - '.png' File Parsing Memory Corruption (2) Microsoft Internet Explorer 9 MSHTML - CDispNode::InsertSiblingNode Use-After-Free (MS13-037) (1) Microsoft Internet Explorer 9 MSHTML - CDispNode::InsertSiblingNode Use-After-Free (MS13-037) (2) Microsoft Internet Explorer 9 MSHTML - CElement::HasFlag Memory Corruption uTorrent - DLL Hijacking uTorrent 2.0.3 - DLL Hijacking F5 BIG-IP - Authentication Bypass (2) F5 BIG-IP - Authentication Bypass SePortal - SQL Injection / Remote Code Execution (Metasploit) SePortal 2.5 - SQL Injection / Remote Code Execution (Metasploit) MyPHP CMS 0.3 - (domain) Remote File Inclusion MyPHP CMS 0.3 - 'domain' Parameter Remote File Inclusion RSS-aggregator - 'display.php path' Remote File Inclusion RSS-aggregator - 'path' Parameter Remote File Inclusion HoMaP-CMS 0.1 - (plugin_admin.php) Remote File Inclusion HomePH Design 2.10 RC2 - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities HoMaP-CMS 0.1 - 'plugin_admin.php' Remote File Inclusion HomePH Design 2.10 RC2 - Remote File Inclusion / Local File Inclusion / Cross-Site Scripting cmreams CMS 1.3.1.1 beta2 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities cmreams CMS 1.3.1.1 beta2 - Local File Inclusion / Cross-Site Scripting HoMaP-CMS 0.1 - (index.php go) SQL Injection HoMaP-CMS 0.1 - 'go' Parameter SQL Injection Ready2Edit - 'pages.php menuid' SQL Injection ResearchGuide 0.5 - (guide.php id) SQL Injection MVC-Web CMS 1.0/1.2 - (index.asp newsid) SQL Injection Ready2Edit - 'menuid' Parameter SQL Injection ResearchGuide 0.5 - 'id' Parameter SQL Injection MVC-Web CMS 1.0/1.2 - 'newsid' Parameter SQL Injection Demo4 CMS - 'index.php id' SQL Injection Joomla! Component com_facileforms 1.4.4 - Remote File Inclusion Dagger CMS 2008 - (dir_inc) Remote File Inclusion TinxCMS 1.1 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities mm chat 1.5 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities ourvideo CMS 9.5 - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities cmsWorks 2.2 RC4 - (mod_root) Remote File Inclusion Demo4 CMS - 'id' Parameter SQL Injection Joomla! Component FacileForms 1.4.4 - Remote File Inclusion Dagger CMS 2008 - 'dir_inc' Parameter Remote File Inclusion TinXCMS 1.1 - Local File Inclusion / Cross-Site Scripting mm chat 1.5 - Local File Inclusion / Cross-Site Scripting ourvideo CMS 9.5 - Remote File Inclusion / Local File Inclusion / Cross-Site Scripting cmsWorks 2.2 RC4 - 'mod_root' Parameter Remote File Inclusion Relative Real Estate Systems 3.0 - 'listing_id' SQL Injection Relative Real Estate Systems 3.0 - 'listing_id' Parameter SQL Injection DUcalendar 1.0 - (detail.asp iEve) SQL Injection HiveMaker Directory - 'cid' Parameter SQL Injection E-topbiz ViralDX 2.07 - (adclick.php bannerid) SQL Injection Link ADS 1 - 'out.php linkid' SQL Injection TOKOKITA - 'barang.php produk_id' SQL Injection Webdevindo-CMS 0.1 - (index.php hal) SQL Injection mUnky 0.0.1 - (index.php zone) Local File Inclusion Jokes & Funny Pics Script - (sb_jokeid) SQL Injection DUcalendar 1.0 - 'iEve' Parameter SQL Injection HiveMaker Directory 1.0.2 - 'cid' Parameter SQL Injection E-topbiz ViralDX 2.07 - 'bannerid' Parameter SQL Injection Link ADS 1 - 'linkid' Parameter SQL Injection TOKOKITA - 'produk_id' Parameter SQL Injection Webdevindo-CMS 0.1 - 'hal' Parameter SQL Injection mUnky 0.0.1 - 'zone' Parameter Local File Inclusion Jokes & Funny Pics Script - 'sb_jokeid' Parameter SQL Injection MyPHP CMS 0.3.1 - (page.php pid) SQL Injection PHPmotion 2.0 - (update_profile.php) Arbitrary File Upload MyPHP CMS 0.3.1 - 'pid' Parameter SQL Injection PHPmotion 2.0 - 'update_profile.php' Arbitrary File Upload polypager 1.0rc2 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities PHP-Fusion Mod Kroax 4.42 - (category) SQL Injection polypager 1.0rc2 - SQL Injection / Cross-Site Scripting PHP-Fusion Mod Kroax 4.42 - 'category' Parameter SQL Injection Riddles Complete Website 1.2.1 - (riddleid) SQL Injection Tips Complete Website 1.2.0 - (tipid) SQL Injection Jokes Complete Website 2.1.3 - (jokeid) SQL Injection Drinks Complete Website 2.1.0 - (drinkid) SQL Injection Cheats Complete Website 1.1.1 - 'itemID' SQL Injection Riddles Complete Website 1.2.1 - 'riddleid' Parameter SQL Injection Tips Complete Website 1.2.0 - 'tipid' Parameter SQL Injection Easysitenetwork Jokes Complete Website 2.1.3 - 'jokeid' Parameter SQL Injection Drinks Complete Website 2.1.0 - 'drinkid' Parameter SQL Injection Cheats Complete Website 1.1.1 - 'itemID' Parameter SQL Injection Orca 2.0/2.0.2 - (Parameters.php) Remote File Inclusion Orca 2.0/2.0.2 - 'Parameters.php' Remote File Inclusion OTManager CMS 24a - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities OTManager CMS 24a - Local File Inclusion / Cross-Site Scripting SePortal 2.4 - (poll.php poll_id) SQL Injection SePortal 2.4 - 'poll_id' Parameter SQL Injection poweraward 1.1.0 rc1 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Joomla! Component jabode - 'id' SQL Injection Online Booking Manager 2.2 - 'id' SQL Injection poweraward 1.1.0 rc1 - Local File Inclusion / Cross-Site Scripting Joomla! Component jabode - 'id' Parameter SQL Injection Online Booking Manager 2.2 - 'id' Parameter SQL Injection Joomla! Component Xe webtv - 'id' Blind SQL Injection Joomla! Component Xe webtv - 'id' Parameter Blind SQL Injection AcmlmBoard 1.A2 - 'pow' SQL Injection eSHOP100 - (SUB) SQL Injection AcmlmBoard 1.A2 - 'pow' Parameter SQL Injection eSHOP100 - 'SUB' Parameter SQL Injection OTManager CMS 2.4 - (Tipo) Remote File Inclusion OTManager CMS 2.4 - 'Tipo' Parameter Remote File Inclusion Orca 2.0.2 - (Topic) Cross-Site Scripting Orca 2.0.2 - Cross-Site Scripting Hedgehog-CMS 1.21 - (Local File Inclusion) Remote Command Execution Hedgehog-CMS 1.21 - Local File Inclusion / Remote Command Execution catviz 0.4.0b1 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Catviz 0.4.0 beta1 - Local File Inclusion / Cross-Site Scripting Joomla! Component com_facileforms - Cross-Site Scripting Joomla! Component FacileForms - Cross-Site Scripting PHPMotion 1.62 - 'FCKeditor' Arbitrary File Upload PHPmotion 1.62 - 'FCKeditor' Arbitrary File Upload Roundcube 1.2.2 - Remote Code Execution Pivot 1.0 - Remote module_db.php File Inclusion Pivot 1.0 - 'module_db.php' Remote File Inclusion MyBloggie 2.1 - 'index.php' year Parameter Cross-Site Scripting MyBloggie 2.1 - 'index.php' Cross-Site Scripting E-topbiz Link ADS 1 - 'out.php' SQL Injection PolyPager 0.9.51/1.0 - 'nr' Parameter Cross-Site Scripting RSS-aggregator 1.0 - admin/fonctions/supprimer_flux.php IdFlux Parameter SQL Injection RSS-aggregator 1.0 - admin/fonctions/supprimer_tag.php IdTag Parameter SQL Injection RSS-aggregator 1.0 - 'admin/fonctions/' Direct Request Administrator Authentication Bypass RSS-aggregator 1.0 - 'IdFlux' Parameter SQL Injection RSS-aggregator 1.0 - 'IdTag' Parameter SQL Injection RSS-aggregator 1.0 - Authentication Bypass Jokes Complete Website - joke.php id Parameter Cross-Site Scripting Jokes Complete Website - results.php searchingred Parameter Cross-Site Scripting Easysitenetwork Jokes Complete Website - 'id' Parameter Cross-Site Scripting Easysitenetwork Jokes Complete Website - 'searchingred' Parameter Cross-Site Scripting Splunk Enterprise 6.4.3 - Server-Side Request Forgery	2016-12-11 05:01:17 +00:00
Offensive Security	0231ae9ba7	DB: 2016-12-09 5 new exploits Dual DHCP DNS Server 7.29 - Denial of Service TP-LINK TD-W8951ND - Denial of Service OpenSSH 7.2 - Denial of Service Linux Kernel 4.4.0 (Ubuntu 14.04/16.04 x86-64) - 'AF_PACKET' Race Condition Privilege Escalation Advanced Webhost Billing System (AWBS) - cart2.php Remote File Inclusion Advanced Webhost Billing System (AWBS) 2.4.0 - 'cart2.php' Remote File Inclusion AWBS 2.7.1 - (news.php viewnews) SQL Injection Anata CMS 1.0b5 - (change.php) Arbitrary Add Admin Advanced Webhost Billing System (AWBS) 2.7.1 - 'news.php' SQL Injection Anata CMS 1.0b5 - 'change.php' Arbitrary Add Admin Simple Machines Forum 1.0.13 / 1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass Simple Machines Forum (SMF) 1.0.13 / 1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass Simple Machines Forum (SMF) - Multiple Security Vulnerabilities Simple Machines Forum (SMF) 1.1.10/2.0 RC2 - Multiple Security Vulnerabilities Advanced Webhost Billing System 2.2.2 - contact.php Multiple Cross-Site Scripting Vulnerabilities Advanced Webhost Billing System 2.9.2 - 'oid' Parameter SQL Injection Advanced Webhost Billing System (AWBS) 2.9.2 - 'oid' Parameter SQL Injection Simple Machines Forum (SMF) 2.0.2 - 'index.php' scheduled Parameter Cross-Site Scripting Simple Machines Forum (SMF) 2.0.2 - 'scheduled' Parameter Cross-Site Scripting Cisco Unified Communications Manager 7/8/9 - Directory Traversal	2016-12-09 05:01:19 +00:00
Offensive Security	fb1dd3709f	DB: 2016-12-08 12 new exploits vsftpd 2.0.5 - (CWD) Authenticated Remote Memory Consumption Exploit vsftpd 2.0.5 - 'CWD' Authenticated Remote Memory Consumption XChat - Heap Overflow Denial of Service XChat 2.8.9 - Heap Overflow Denial of Service Adobe Photoshop CC & Bridge CC - '.png' File Parsing Memory Corruption (1) Adobe Photoshop CC / Bridge CC - '.png' File Parsing Memory Corruption (1) glibc - getaddrinfo Stack Based Buffer Overflow (1) glibc - 'getaddrinfo' Stack Based Buffer Overflow (PoC) Microsoft Edge - JSON.parse Info Leak Android - IOMXNodeInstance::enableNativeBuffers Unchecked Index Microsoft Edge - CMarkup::EnsureDeleteCFState Use-After-Free (MS15-125) Microsoft Internet Explorer 9 - CDoc::ExecuteScriptUri Use-After-Free (MS13-009) Microsoft Edge - CBaseScriptable::PrivateQueryInterface Memory Corruption (MS16-068) Windows 10 x86/x64 WLAN AutoConfig - Denial of Service (POC) Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Privilege Escalation (1) Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Privilege Escalation Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation (2) Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation Microsoft PowerShell - XML External Entity Injection XChat 2.8.7b - (URI Handler) Remote Code Execution (Internet Explorer 6/7' XChat 2.8.7b - 'URI Handler' Remote Code Execution (Internet Explorer 6/7) Android - Inter-Process munmap with User-Controlled Size in android.graphics.Bitmap glibc - getaddrinfo Stack Based Buffer Overflow (2) glibc - 'getaddrinfo' Stack Based Buffer Overflow Microsoft Internet Explorer jscript9 - JavaScriptStackWalker Memory Corruption (MS15-056) Linux/x86 - Netcat (-e option disabled) Reverse Shell Shellcode (180 bytes) Gravity Board X 1.1 - (csscontent) Remote Code Execution Gravity Board X 1.1 - 'csscontent' Parameter Remote Code Execution Mambo Component 'com_extcalendar' 2.0 - Remote File Inclusion Mambo Component ExtCalendar 2.0 - Remote File Inclusion Mambo Component com_babackup 1.1 - File Inclusion Mambo Component bigAPE-Backup 1.1 - File Inclusion E-Smart Cart 1.0 - 'Product_ID' SQL Injection E-Smart Cart 1.0 - 'Product_ID' Parameter SQL Injection Joomla! / Mambo Component 'com_swmenupro' 4.0 - Remote File Inclusion Joomla! / Mambo Component SWmenu 4.0 - Remote File Inclusion Joomla! / Mambo Component 'com_thopper' 1.1 - Remote File Inclusion Joomla! / Mambo Component Taskhopper 1.1 - Remote File Inclusion Joomla! / Mambo Component 'com_articles' 1.1 - Remote File Inclusion Joomla! / Mambo Component New Article 1.1 - Remote File Inclusion Cartweaver - 'Details.cfm ProdID' SQL Injection Cartweaver 2.16.11 - 'ProdID' Parameter SQL Injection Joomla! / Mambo Component 'com_rsgallery' 2.0b5 - 'catid' SQL Injection Joomla! / Mambo Component rsgallery 2.0b5 - 'catid' Parameter SQL Injection xeCMS 1.x - (view.php list) Remote File Disclosure xeCMS 1.x - 'view.php' Remote File Disclosure Mambo Component 'com_portfolio' 1.0 - 'categoryId' SQL Injection Mambo Component Portfolio Manager 1.0 - 'categoryId' Parameter SQL Injection Easy-Clanpage 2.2 - 'id' SQL Injection Easy-Clanpage 2.2 - 'id' Parameter SQL Injection JAMM CMS - 'id' Blind SQL Injection Gravity Board X 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities JAMM CMS - 'id' Parameter Blind SQL Injection Gravity Board X 2.0 Beta - SQL Injection / Cross-Site Scripting GLLCTS2 <= 4.2.4 - (login.php detail) SQL Injection Butterfly ORGanizer 2.0.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities GLLCTS2 <= 4.2.4 - 'detail' Parameter SQL Injection Butterfly ORGanizer 2.0.0 - SQL Injection / Cross-Site Scripting Mambo Component 'com_galleries' 1.0 - 'aid' Parameter SQL Injection Mambo Component Galleries 1.0 - 'aid' Parameter SQL Injection Easy-Clanpage 3.0b1 - (section) Local File Inclusion WebChamado 1.1 - (tsk_id) SQL Injection Pre News Manager 1.0 - (index.php id) SQL Injection Pre Ads Portal 2.0 - SQL Injection Easy-Clanpage 3.0b1 - 'section' Parameter Local File Inclusion WebChamado 1.1 - 'tsk_id' Parameter SQL Injection Pre News Manager 1.0 - 'id' Parameter SQL Injection Pre ADS Portal 2.0 - SQL Injection GLLCTS2 - 'listing.php sort' Blind SQL Injection GLLCTS2 - 'sort' Parameter Blind SQL Injection Contenido 4.8.4 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Contenido 4.8.4 - Remote File Inclusion / Cross-Site Scripting PHPMyCart - 'shop.php cat' SQL Injection SHOUTcast Admin Panel 2.0 - (page) Local File Inclusion Cartweaver 3 - (prodId) Blind SQL Injection DIY - (index_topic did) Blind SQL Injection PHPMyCart 1.3 - 'cat' Parameter SQL Injection SHOUTcast Admin Panel 2.0 - 'page' Parameter Local File Inclusion Cartweaver 3 - 'prodId' Parameter Blind SQL Injection DIY - 'did' Parameter Blind SQL Injection ezcms 1.2 - (Blind SQL Injection / Authentication Bypass) Multiple Vulnerabilities PHPEasyNews 1.13 RC2 - (POST) SQL Injection ezcms 1.2 - Blind SQL Injection / Authentication Bypass PHPEasyNews 1.13 RC2 - 'POST' Parameter SQL Injection Devalcms 1.4a - (currentfile) Local File Inclusion Devalcms 1.4a - 'currentfile' Parameter Local File Inclusion IPTBB 0.5.6 - (index.php act) Local File Inclusion IPTBB 0.5.6 - 'act' Parameter Local File Inclusion Mambo Component 'articles' - 'artid' Parameter Blind SQL Injection Mambo Component Articles - 'artid' Parameter Blind SQL Injection Mambo Component 'com_n-gallery' - Multiple SQL Injections Mambo Component N-Gallery - Multiple SQL Injections devalcms 1.4a - Cross-Site Scripting / Remote Code Execution Devalcms 1.4a - Cross-Site Scripting / Remote Code Execution PHP JOBWEBSITE PRO - (Authentication Bypass) SQL Injection PHP JOBWEBSITE PRO - Authentication Bypass Pre ADS Portal 2.0 - (Authentication Bypass / Cross-Site Scripting) Multiple Vulnerabilities Pre ADS Portal 2.0 - Authentication Bypass / Cross-Site Scripting Mambo Component 'com_n-forms' - 'form_id' Parameter Blind SQL Injection Mambo Component n-form - 'form_id' Parameter Blind SQL Injection Pre Job Board - (Authentication Bypass) SQL Injection Pre Job Board - Authentication Bypass Butterfly ORGanizer 2.0.1 - (view.php id) SQL Injection Butterfly ORGanizer 2.0.1 - 'id' Parameter SQL Injection facil-cms 0.1rc2 - Multiple Vulnerabilities Facil-CMS 0.1RC2 - Multiple Vulnerabilities Family Connections CMS 1.9 - (member) SQL Injection Family Connections CMS 1.9 - SQL Injection Mambo Component 'com_hestar' - SQL Injection Mambo Component Hestar - SQL Injection Joomla! / Mambo Component 'com_tupinambis' - SQL Injection Joomla! / Mambo Component Tupinambis - SQL Injection Joomla! / Mambo Component 'com_ezine' 2.1 - Remote File Inclusion Joomla! / Mambo Component D4J eZine 2.1 - Remote File Inclusion Mambo Component 'com_materialsuche' 1.0 - SQL Injection Mambo Component Material Suche 1.0 - SQL Injection Pre ADS Portal - 'cid' SQL Injection Pre ADS Portal - 'cid' Parameter SQL Injection Pre News Manager - (nid) SQL Injection Pre News Manager - 'nid' Parameter SQL Injection Mambo Component 'com_akogallery' - SQL Injection Mambo Component AkoGallery - SQL Injection Mambo Component 'com_mambads' - SQL Injection Mambo Component MambAds - SQL Injection Facil-CMS - (Local File Inclusion / Remote File Inclusion) Facil-CMS 0.1RC2 - Local / Remote File Inclusion AskMe Pro 2.1 - (que_id) SQL Injection Alstrasoft AskMe Pro 2.1 - 'que_id' Parameter SQL Injection Pre Job Board Pro - SQL Injection Authentication Bypass Pre Job Board Pro - Authentication Bypass DiY-CMS 1.0 - Multiple Remote File Inclusion DIY-CMS 1.0 - Multiple Remote File Inclusion Alstrasoft AskMe Pro 2.1 - (forum_answer.php?que_id) SQL Injection Alstrasoft AskMe Pro 2.1 - (profile.php?id) SQL Injection Alstrasoft AskMe Pro 2.1 - 'profile.php' SQL Injection Pre Ads Portal - SQL Bypass Pre ADS Portal - Authentication Bypass Family Connections CMS 2.3.2 - (POST) Persistent Cross-Site Scripting / XML Injection Family Connections CMS 2.3.2 - Persistent Cross-Site Scripting / XML Injection Family Connections CMS 2.5.0 / 2.7.1 - (less.php) Remote Command Execution Family Connections CMS 2.5.0 / 2.7.1 - 'less.php' Remote Command Execution Family Connections CMS - 'less.php' Remote Command Execution (Metasploit) Family Connections CMS 2.7.1 - 'less.php' Remote Command Execution (Metasploit) Gravity Board X 1.1 - DeleteThread.php Cross-Site Scripting Clever Copy 3.0 - Connect.INC Information Disclosure Clever Copy 3.0 - 'Connect.INC' Information Disclosure Cartweaver 2.16.11 - Results.cfm category Parameter SQL Injection Cartweaver 2.16.11 - Details.cfm ProdID Parameter SQL Injection Cartweaver 2.16.11 - 'Results.cfm' SQL Injection Mambo Component 'lmtg_myhomepage' 1.2 - Multiple Remote File Inclusion Mambo Component 'com_rssxt' 1.0 - 'MosConfig_absolute_path' Parameter Multiple Remote File Inclusion Mambo Component LMTG Myhomepage 1.2 - Multiple Remote File Inclusion Mambo Component Rssxt 1.0 - 'MosConfig_absolute_path' Parameter Multiple Remote File Inclusion Mambo Component 'com_admin-copy_module' - 'MosConfig_absolute_path' Parameter Remote File Inclusion Mambo Component Display MOSBot Manager - 'MosConfig_absolute_path' Parameter Remote File Inclusion Joomla! / Mambo Component 'com_comprofiler' 1.0 - 'class.php' Remote File Inclusion Joomla! / Mambo Component Comprofiler 1.0 - 'class.php' Remote File Inclusion Joomla! / Mambo Component 'com_sg' - 'pid' Parameter SQL Injection Joomla! / Mambo Component com_sg - 'pid' Parameter SQL Injection Joomla! / Mambo Component 'com_salesrep' - 'rid' Parameter SQL Injection Joomla! / Mambo Component com_salesrep - 'rid' Parameter SQL Injection Joomla! / Mambo Component 'com_filebase' - 'filecatid' Parameter SQL Injection Joomla! / Mambo Component 'com_scheduling' - 'id' Parameter SQL Injection Joomla! / Mambo Component Filebase - 'filecatid' Parameter SQL Injection Joomla! / Mambo Component com_scheduling - 'id' Parameter SQL Injection Joomla! / Mambo Component 'com_profile' - 'oid' Parameter SQL Injection Joomla! / Mambo Component com_profile - 'oid' Parameter SQL Injection Joomla! / Mambo Component 'com_datsogallery' 1.3.1 - 'id' Parameter SQL Injection Joomla! / Mambo Component Datsogallery 1.3.1 - 'id' Parameter SQL Injection PHP JOBWEBSITE PRO - siteadmin/forgot.php adname Parameter SQL Injection PHP JOBWEBSITE PRO - siteadmin/forgot.php Multiple Parameter Cross-Site Scripting PHP JOBWEBSITE PRO - 'adname' Parameter SQL Injection PHP JOBWEBSITE PRO - 'forgot.php' Cross-Site Scripting Joomla! / Mambo Component 'com_gigcal' 1.0 - 'banddetails.php' SQL Injection Joomla! / Mambo Component gigCalendar 1.0 - 'banddetails.php' SQL Injection Conkurent PHPMyCart 1.3 - Cross-Site Scripting / Authentication Bypass PHPMyCart 1.3 - Cross-Site Scripting / Authentication Bypass Mambo Component 'com_docman' 1.3.0 - Multiple SQL Injection Mambo Component Docman 1.3.0 - Multiple SQL Injection Mambo Component 'com_n-skyrslur' - Cross-Site Scripting Mambo Component N-Skyrslur - Cross-Site Scripting Mambo Component 'com_n-gallery' - SQL Injection Mambo Component N-Gallery - SQL Injection Mambo Component 'com_n-press' - SQL Injection Mambo Component N-Press - SQL Injection Mambo Component 'com_n-frettir' - SQL Injection Mambo Component 'com_n-myndir' - SQL Injection Mambo Component N-Frettir - SQL Injection Mambo Component N-Myndir - SQL Injection AbanteCart - 'index.php' Multiple Cross-Site Scripting Vulnerabilities Edge SkateShop - Authentication bypass AbanteCart 1.2.7 - Cross-Site Scripting	2016-12-08 05:01:21 +00:00
Offensive Security	a5cd225af0	DB: 2016-12-01 7 new exploits Xitami Web Server 5.0a0 - Denial of Service Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation (Write Access) Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition PoC (Write Access) Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' /proc/self/mem Race Condition Privilege Escalation (SUID) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation (Write Access) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' PTRACE_POKEDATA Race Condition PoC (Write Access) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' PTRACE_POKEDATA Race Condition Privilege Escalation (/etc/passwd) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition Privilege Escalation (/etc/passwd) WinPower 4.9.0.4 - Privilege Escalation Internet PhotoShow (page) - Remote File Inclusion Internet PhotoShow 1.3 - 'page' Parameter Remote File Inclusion EQdkp 1.3.0 - (dbal.php) Remote File Inclusion EQdkp 1.3.0 - 'dbal.php' Remote File Inclusion CaLogic Calendars 1.2.2 - (CLPath) Remote File Inclusion CaLogic Calendars 1.2.2 - 'CLPath' Remote File Inclusion MercuryBoard 1.1.4 - (User-Agent) SQL Injection MercuryBoard 1.1.4 - 'User-Agent' SQL Injection EQdkp 1.3.1 - (Referer Spoof) Remote Database Backup EQdkp 1.3.1 - 'Referer Spoof' Remote Database Backup Web Slider 0.6 - (path) Remote File Inclusion Web Slider 0.6 - 'path' Parameter Remote File Inclusion Zomplog 3.8 - (mp3playlist.php speler) SQL Injection Zomplog 3.8 - 'mp3playlist.php' SQL Injection EQdkp 1.3.2 - (listmembers.php rank) SQL Injection EQdkp 1.3.2 - 'listmembers.php' SQL Injection CKGold Shopping Cart 2.0 - (category.php) Blind SQL Injection CKGold Shopping Cart 2.0 - 'category.php' Blind SQL Injection ActiveKB KnowledgeBase 2.x - 'catId' SQL Injection ActiveKB KnowledgeBase 2.x - 'catId' Parameter SQL Injection Zomplog 3.8.1 - upload_files.php Arbitrary File Upload Zomplog 3.8.1 - Arbitrary File Upload CMS Made Simple 1.2.2 - (TinyMCE module) SQL Injection CMS Made Simple 1.2.2 Module TinyMCE - SQL Injection Mega File Hosting Script 1.2 - (fid) SQL Injection Mega File Hosting Script 1.2 - 'fid' Parameter SQL Injection CMS Made Simple 1.2.4 - (FileManager module) Arbitrary File Upload CMS Made Simple 1.2.4 Module FileManager - Arbitrary File Upload AJ HYIP ACME - 'topic_detail.php id' SQL Injection EQDKP 1.3.2f - (user_id) Authentication Bypass (PoC) e107 Plugin BLOG Engine 2.2 - (rid) Blind SQL Injection AJ HYIP ACME - 'topic_detail.php' SQL Injection EQdkp 1.3.2f - 'user_id' Authentication Bypass (PoC) e107 Plugin BLOG Engine 2.2 - 'rid' Parameter Blind SQL Injection CaLogic Calendars 1.2.2 - (langsel) SQL Injection CaLogic Calendars 1.2.2 - 'langsel' Parameter SQL Injection EMO Realty Manager - 'news.php ida' SQL Injection The Real Estate Script - 'dpage.php docID' SQL Injection Linkspile - 'link.php cat_id' SQL Injection Freelance Auction Script 1.0 - (browseproject.php) SQL Injection EMO Realty Manager - 'ida' Parameter SQL Injection The Real Estate Script - 'docID' Parameter SQL Injection Linkspile - 'cat_id' Parameter SQL Injection Freelance Auction Script 1.0 - 'browseproject.php' SQL Injection rgboard 3.0.12 - (Remote File Inclusioni / Cross-Site Scripting) Multiple Vulnerabilities Kostenloses Linkmanagementscript - (page_to_include) Remote File Inclusion rgboard 3.0.12 - Remote File Inclusioni / Cross-Site Scripting Kostenloses Linkmanagementscript - Remote File Inclusion newsmanager 2.0 - (Remote File Inclusion / File Disclosure / SQL Injection / pb) Multiple Vulnerabilities 68 Classifieds 4.0 - (category.php cat) SQL Injection newsmanager 2.0 - Remote File Inclusion / File Disclosure / SQL Injection 68 Classifieds 4.0 - 'category.php' SQL Injection StanWeb.CMS - (default.asp id) SQL Injection StanWeb.CMS - SQL Injection Archangel Weblog 0.90.02 - (post_id) SQL Injection Archangel Weblog 0.90.02 - 'post_id' Parameter SQL Injection WR-Meeting 1.0 - (msnum) Local File Disclosure WR-Meeting 1.0 - 'msnum' Parameter Local File Disclosure FicHive 1.0 - (category) Blind SQL Injection Smeego 1.0 - (Cookie lang) Local File Inclusion FicHive 1.0 - 'category' Parameter Blind SQL Injection Smeego 1.0 - 'Cookie lang' Local File Inclusion TAGWORX.CMS - Multiple SQL Injections TAGWORX.CMS 3.00.02 - Multiple SQL Injections lulieblog 1.2 - Multiple Vulnerabilities AlkalinePHP 0.77.35 - (adduser.php) Arbitrary Add Admin easycms 0.4.2 - Multiple Vulnerabilities Lulieblog 1.2 - Multiple Vulnerabilities AlkalinePHP 0.77.35 - 'adduser.php' Arbitrary Add Admin Easycms 0.4.2 - Multiple Vulnerabilities AlkalinePHP 0.80.00 Beta - (thread.php id) SQL Injection AlkalinePHP 0.80.00 Beta - 'thread.php' SQL Injection EntertainmentScript - 'play.php id' SQL Injection EntertainmentScript 1.4.0 - 'play.php' SQL Injection ecms 0.4.2 - (SQL Injection / Security Bypass) Multiple Vulnerabilities Mantis Bug Tracker 1.1.1 - (Code Execution / Cross-Site Scripting / Cross-Site Request Forgery) Multiple Vulnerabilities ComicShout 2.5 - (index.php comic_id) SQL Injection eCMS 0.4.2 - SQL Injection / Security Bypass Mantis Bug Tracker 1.1.1 - Code Execution / Cross-Site Scripting / Cross-Site Request Forgery ComicShout 2.5 - 'comic_id' Parameter SQL Injection PHP Jokesite 2.0 - 'cat_id' SQL Injection Netious CMS 0.4 - (index.php pageid) SQL Injection PHP Jokesite 2.0 - 'cat_id' Parameter SQL Injection Netious CMS 0.4 - 'pageid' Parameter SQL Injection 6rbScript - 'news.php newsid' SQL Injection webl?sninger 4 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities 6rbScript - 'news.php' SQL Injection Weblosninger 4 - Cross-Site Scripting / SQL Injection e107 Plugin BLOG Engine 2.2 - 'uid' Blind SQL Injection Quate CMS 0.3.4 - (Remote File Inclusion / Local File Inclusion / Cross-Site Scripting / dt) Multiple Vulnerabilities e107 Plugin BLOG Engine 2.2 - 'uid' Parameter Blind SQL Injection Quate CMS 0.3.4 - Multiple Vulnerabilities RoomPHPlanning 1.5 - (idresa) SQL Injection PHPRaider 1.0.7 - (PHPbb3.functions.php) Remote File Inclusion RoomPHPlanning 1.5 - 'idresa' Parameter SQL Injection PHPRaider 1.0.7 - 'PHPbb3.functions.php' Remote File Inclusion CMS MAXSITE 1.10 - (category) SQL Injection CMS MAXSITE 1.10 - 'category' Parameter SQL Injection CKGold Shopping Cart 2.5 - (category_id) SQL Injection CKGold Shopping Cart 2.5 - 'category_id' Parameter SQL Injection ComicShout 2.8 - (news.php news_id) SQL Injection ComicShout 2.8 - 'news_id' Parameter SQL Injection AJ HYIP ACME - 'news.php id' SQL Injection AJ HYIP ACME - 'news.php' SQL Injection Quate CMS 0.3.4 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Quate CMS 0.3.4 - Local File Inclusion / Cross-Site Scripting e107 Plugin BLOG Engine 2.2 - 'uid' SQL Injection e107 Plugin BLOG Engine 2.2 - 'uid' Parameter SQL Injection AJ HYIP ACME - 'comment.php artid' SQL Injection AJ HYIP ACME - 'readarticle.php artid' SQL Injection AJ HYIP ACME - 'comment.php' SQL Injection AJ HYIP ACME - 'readarticle.php' SQL Injection 6rbScript 3.3 - 'singerid' SQL Injection 6rbScript 3.3 - 'singerid' Parameter SQL Injection 6rbScript 3.3 - (section.php name) Local File Inclusion 6rbScript 3.3 - 'section.php' Local File Inclusion RoomPHPlanning 1.6 - (userform.php) Create Admin User Exploit RoomPHPlanning 1.6 - 'userform.php' Create Admin User Mega File Hosting Script 1.2 - (cross.php url) Remote File Inclusion Mega File Hosting Script 1.2 - 'url' Parameter Remote File Inclusion Advanced Image Hosting (AIH) 2.3 - (gal) Blind SQL Injection Advanced Image Hosting (AIH) 2.3 - 'gal' Parameter Blind SQL Injection ActiveKB KnowledgeBase - 'loadpanel.php Panel' Local File Inclusion ActiveKB KnowledgeBase - 'Panel' Parameter Local File Inclusion Quate CMS 0.3.5 - (Remote File Inclusioni / Local File Inclusion) Multiple Vulnerabilities Quate CMS 0.3.5 - Remote File Inclusion / Local File Inclusion Zomplog CMS 3.9 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities Zomplog 3.9 - Cross-Site Scripting / Cross-Site Request Forgery YABSoft Advanced Image Hosting Script - SQL Injection Advanced Image Hosting Script - SQL Injection MercuryBoard 1.1 - index.php SQL Injection MercuryBoard 1.1 - 'index.php' SQL Injection CMS Made Simple 0.10 - Lang.php Remote File Inclusion CMS Made Simple 0.10 - 'Lang.php' Remote File Inclusion Zomplog 3.3/3.4 - detail.php HTML Injection Zomplog 3.3/3.4 - 'detail.php' HTML Injection CMS Made Simple 1.0.2 - SearchInput Cross-Site Scripting CMS Made Simple 1.0.2 - 'SearchInput' Parameter Cross-Site Scripting EQDKP 1.3.1 - Show Variable Cross-Site Scripting EQdkp 1.3.1 - Cross-Site Scripting CMS Made Simple 105 - Stylesheet.php SQL Injection CMS Made Simple 1.0.5 - 'Stylesheet.php' SQL Injection Internet PhotoShow - 'login_admin' Parameter Unauthorized Access 68 Classifieds 4.1 - 'login.php' goto Parameter Cross-Site Scripting 68 Classifieds 4.1 - 'login.php' Cross-Site Scripting 68 Classifieds 4.1 - category.php cat Parameter Cross-Site Scripting 68 Classifieds 4.1 - 'category.php' Cross-Site Scripting 68 Classifieds 4.1 - searchresults.php page Parameter Cross-Site Scripting 68 Classifieds 4.1 - toplistings.php page Parameter Cross-Site Scripting 68 Classifieds 4.1 - viewlisting.php view Parameter Cross-Site Scripting 68 Classifieds 4.1 - viewmember.php member Parameter Cross-Site Scripting 68 Classifieds 4.1 - 'searchresults.php' Cross-Site Scripting 68 Classifieds 4.1 - 'toplistings.php' Cross-Site Scripting 68 Classifieds 4.1 - 'viewlisting.php' Cross-Site Scripting 68 Classifieds 4.1 - 'viewmember.php' Cross-Site Scripting YABSoft Advanced Image Hosting Script 2.x - 'search.php' Cross-Site Scripting Advanced Image Hosting Script 2.x - 'search.php' Cross-Site Scripting CMS Made Simple Download Manager 1.4.1 Module - Arbitrary File Upload CMS Made Simple Module Download Manager 1.4.1 - Arbitrary File Upload CMS Made Simple Antz Toolkit 1.02 Module - Arbitrary File Upload CMS Made Simple Module Antz Toolkit 1.02 - Arbitrary File Upload Zomplog 3.9 - 'message' Parameter Multiple Cross-Site Scripting Vulnerabilities Zomplog 3.9 - 'message' Parameter Cross-Site Scripting YABSoft Advanced Image Hosting Script 2.3 - 'report.php' Cross-Site Scripting Advanced Image Hosting Script 2.3 - 'report.php' Cross-Site Scripting Wordpress Plugin WP Vault 0.8.6.6 - Local File Inclusion Joomla! Component Catalog 1.0.7 - SQL Injection Joomla! Component Portfolio Gallery 1.0.6 - SQL Injection Xfinity Gateway - Cross-Site Request Forgery	2016-12-01 07:48:18 +00:00
Offensive Security	91b12c469e	DB: 2016-11-29 16 new exploits rdesktop 1.5.0 - iso_recv_msg() Integer Underflow (PoC) rdesktop 1.5.0 - process_redirect_pdu() BSS Overflow (PoC) rdesktop 1.5.0 - 'iso_recv_msg()' Integer Underflow (PoC) rdesktop 1.5.0 - 'process_redirect_pdu()' BSS Overflow (PoC) NTP 4.2.8p3 - Denial of Service Microsoft Internet Explorer 8 MSHTML - 'SRunPointer::SpanQualifier/RunType' Out-Of-Bounds Read (MS15-009) Microsoft Internet Explorer 11 MSHTML - 'CGeneratedContent::HasGeneratedSVGMarker' Type Confusion Microsoft Internet Explorer 10 MSHTML - 'CEditAdorner::Detach' Use-After-Free (MS13-047) Microsoft Internet Explorer 8 / 9 / 10 / 11 MSHTML - 'DOMImplementation' Type Confusion (MS16-009) Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Privilege Escalation Linux Kernel 2.6.x < 2.6.7-rc3 (Slackware 9.1 / Debian 3.0) - 'sys_chown()' Group Ownership Alteration Privilege Escalation Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Privilege Escalation Linux Kernel 2.4 / 2.6 (x86-64) - System Call Emulation Privilege Escalation Linux Kernel < 2.6.36-rc4-git2 (x86_64) - 'ia32syscall' Emulation Privilege Escalation Linux Kernel 2.6.27 < 2.6.36 (RedHat x86_64) - 'compat' Privilege Escalation Linux Kernel < 2.6.36-rc4-git2 (x86-64) - 'ia32syscall' Emulation Privilege Escalation Linux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Privilege Escalation Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86_64) - 'sock_diag_handlers[]' Privilege Escalation (1) Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86-64) - 'sock_diag_handlers[]' Privilege Escalation (1) Linux Kernel < 3.8.9 (x86_64) - 'perf_swevent_init' Privilege Escalation (2) Linux Kernel < 3.8.9 (x86-64) - 'perf_swevent_init' Privilege Escalation (2) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' Race Condition Privilege Escalation (Write Access) Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' Race Condition Privilege Escalation (SUID) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation (Write Access) Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation (Write Access) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation TFTP Server 1.4 - Buffer Overflow Remote Exploit (2) TFTP Server 1.4 - Remote Buffer Overflow (2) TFTP Server 1.4 (Windows) - ST WRQ Buffer Overflow (Metasploit) TFTP Server 1.4 - ST WRQ Buffer Overflow (Metasploit) Android - 'BadKernel' Remote Code Execution VX Search Enterprise 9.1.12 - Buffer Overflow Sync Breeze Enterprise 9.1.16 - Buffer Overflow Disk Sorter Enterprise 9.1.12 - Buffer Overflow Dup Scout Enterprise 9.1.14 - Buffer Overflow Disk Savvy Enterprise 9.1.14 - Buffer Overflow Disk Pulse Enterprise 9.1.16 - Buffer Overflow Linux/x86 - Egg-hunter Shellcode (25 bytes) Linux/x86 - Egg-hunter Shellcode (31 bytes) RunCMS 1.2 - (class.forumposts.php) Arbitrary Remote File Inclusion RunCMS 1.2 - 'class.forumposts.php' Arbitrary Remote File Inclusion CMS Faethon 1.3.2 - (mainpath) Remote File Inclusion CMS Faethon 1.3.2 - 'mainpath' Parameter Remote File Inclusion CMS Faethon 2.0 - (mainpath) Remote File Inclusion CMS Faethon 2.0 - 'mainpath' Parameter Remote File Inclusion SazCart 1.5 - (cart.php) Remote File Inclusion SazCart 1.5 - 'cart.php' Remote File Inclusion Cyberfolio 2.0 RC1 - (av) Remote File Inclusion Cyberfolio 2.0 RC1 - 'av' Parameter Remote File Inclusion FipsCMS 4.5 - (index.asp) SQL Injection FipsCMS 4.5 - 'index.asp' SQL Injection AJ Classifieds 1.0 - (postingdetails.php) SQL Injection AJ Classifieds 1.0 - 'postingdetails.php' SQL Injection RunCMS 1.5.2 - (debug_show.php) SQL Injection RunCMS 1.5.2 - 'debug_show.php' SQL Injection OneCMS 2.4 - (userreviews.php abc) SQL Injection OneCMS 2.4 - 'abc' Parameter SQL Injection RunCMS 1.6 - disclaimer.php Remote File Overwrite RunCMS 1.6 - 'disclaimer.php' Remote File Overwrite PHPEasyData 1.5.4 - 'cat_id' SQL Injection FipsCMS - 'print.asp lg' SQL Injection Galleristic 1.0 - (index.php cat) SQL Injection gameCMS Lite 1.0 - (index.php systemId) SQL Injection PHPEasyData 1.5.4 - 'cat_id' Parameter SQL Injection FipsCMS 2.1 - 'print.asp' SQL Injection Galleristic 1.0 - 'cat' Parameter SQL Injection GameCMS Lite 1.0 - 'systemId' Parameter SQL Injection CMS Faethon 2.2 Ultimate - (Remote File Inclusion / Cross-Site Scripting) Multiple Remote Vulnerabilities CMS Faethon 2.2 Ultimate - Remote File Inclusion / Cross-Site Scripting MusicBox 2.3.7 - (artistId) SQL Injection RunCMS 1.6.1 - (msg_image) SQL Injection MusicBox 2.3.7 - 'artistId' Parameter SQL Injection RunCMS 1.6.1 - 'msg_image' Parameter SQL Injection vShare YouTube Clone 2.6 - (tid) SQL Injection vShare YouTube Clone 2.6 - 'tid' Parameter SQL Injection Cyberfolio 7.12 - (rep) Remote File Inclusion miniBloggie 1.0 - (del.php) Arbitrary Delete Post Cyberfolio 7.12 - 'rep' Parameter Remote File Inclusion miniBloggie 1.0 - 'del.php' Arbitrary Delete Post SazCart 1.5.1 - (prodid) SQL Injection SazCart 1.5.1 - 'prodid' Parameter SQL Injection Phoenix View CMS Pre Alpha2 - (SQL Injection / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Phoenix View CMS Pre Alpha2 - SQL Injection / Local File Inclusion / Cross-Site Scripting Ktools Photostore 3.5.1 - (gallery.php gid) SQL Injection Ktools Photostore 3.5.1 - 'gid' Parameter SQL Injection Joomla! Component com_datsogallery 1.6 - Blind SQL Injection Joomla! Component Datsogallery 1.6 - Blind SQL Injection Vortex CMS - 'index.php pageid' Blind SQL Injection AJ Article 1.0 - (featured_article.php) SQL Injection AJ Auction 6.2.1 - (classifide_ad.php) SQL Injection Vortex CMS - 'pageid' Parameter Blind SQL Injection AJ Article 1.0 - 'featured_article.php' SQL Injection AJ Auction 6.2.1 - 'classifide_ad.php' SQL Injection clanlite 2.x - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities ClanLite 2.x - SQL Injection / Cross-Site Scripting OneCMS 2.5 - (install_mod.php) Local File Inclusion OneCMS 2.5 - 'install_mod.php' Local File Inclusion AJ Auction Web 2.0 - (cate_id) SQL Injection AJ Auction 1.0 - 'id' SQL Injection AJ Auction Web 2.0 - 'cate_id' Parameter SQL Injection AJ Auction 1.0 - 'id' Parameter SQL Injection FipsCMS Light 2.1 - (r) SQL Injection FipsCMS Light 2.1 - 'r' Parameter SQL Injection AJ Auction Pro Platinum Skin - 'detail.php item_id' SQL Injection AJ Auction Pro Platinum Skin - 'item_id' Parameter SQL Injection AJ Auction Pro Platinum - (seller_id) SQL Injection AJ Auction Pro Platinum - 'seller_id' Parameter SQL Injection miniBloggie 1.0 - (del.php) Blind SQL Injection miniBloggie 1.0 - 'del.php' Blind SQL Injection AJ Article - 'featured_article.php mode' SQL Injection AJ ARTICLE - (Authentication Bypass) SQL Injection AJ Article 1.0 - Authentication Bypass Cyberfolio 7.12.2 - (css.php theme) Local File Inclusion Cyberfolio 7.12.2 - 'theme' Parameter Local File Inclusion AJ ARTICLE - Remote Authentication Bypass AJ Article 1.0 - Remote Authentication Bypass MusicBox 2.3.8 - (viewalbums.php artistId) SQL Injection MusicBox 2.3.8 - 'viewalbums.php' SQL Injection AJ Auction Pro OOPD 2.3 - 'id' SQL Injection AJ Auction Pro OOPD 2.3 - 'id' Parameter SQL Injection BigACE CMS 2.5 - 'Username' SQL Injection BigACE 2.5 - SQL Injection ZeusCart 2.3 - 'maincatid' SQL Injection ZeusCart 2.3 - 'maincatid' Parameter SQL Injection BigACE CMS 2.6 - (cmd) Local File Inclusion BigACE 2.6 - 'cmd' Parameter Local File Inclusion RunCMS 1.6.3 - (double ext) Remote Shell Injection RunCMS 1.6.3 - Remote Shell Injection AJ Auction Pro OOPD 2.x - (store.php id) SQL Injection AJ Auction Pro OOPD 2.x - 'id' Parameter SQL Injection RunCMS 2m1 - store() SQL Injection RunCMS 2ma - post.php SQL Injection RunCMS 2m1 - 'store()' SQL Injection RunCMS 2ma - 'post.php' SQL Injection AJ Article - Persistent Cross-Site Scripting AJ Article 3.0 - Cross-Site Scripting admidio 2.3.5 - Multiple Vulnerabilities Admidio 2.3.5 - Multiple Vulnerabilities RunCMS 1.1/1.2 Newbb_plus and Messages Modules - Multiple SQL Injections RunCMS 1.1/1.2 Module Newbb_plus/Messages - SQL Injection MusicBox 2.3 - Type Parameter SQL Injection MusicBox 2.3 - 'type' Parameter SQL Injection RunCMS 1.x - Bigshow.php Cross-Site Scripting RunCMS 1.x - 'Bigshow.php' Cross-Site Scripting RunCMS 1.2/1.3 - PMLite.php SQL Injection RunCMS 1.2/1.3 - 'PMLite.php' SQL Injection RunCMS 1.x - Ratefile.php Cross-Site Scripting RunCMS 1.x - 'Ratefile.php' Cross-Site Scripting BigACE CMS 2.7.8 - Cross-Site Request Forgery (Add Admin) BigACE 2.7.8 - Cross-Site Request Forgery (Add Admin) MusicBox 2.3 - 'index.php' Multiple Parameter SQL Injection MusicBox 2.3 - 'index.php' Multiple Parameter Cross-Site Scripting MusicBox 2.3 - cart.php Multiple Parameter Cross-Site Scripting MusicBox 2.3 - 'index.php' SQL Injection MusicBox 2.3 - 'index.php' Cross-Site Scripting MusicBox 2.3 - 'cart.php' Cross-Site Scripting MusicBox 2.3.4 - Page Parameter SQL Injection MusicBox 2.3.4 - 'page' Parameter SQL Injection MyWebland miniBloggie 1.0 - Fname Remote File Inclusion miniBloggie 1.0 - 'Fname' Remote File Inclusion BigACE 1.8.2 - item_main.php GLOBALS Parameter Remote File Inclusion BigACE 1.8.2 - upload_form.php GLOBALS Parameter Remote File Inclusion BigACE 1.8.2 - download.cmd.php GLOBALS Parameter Remote File Inclusion BigACE 1.8.2 - admin.cmd.php GLOBALS Parameter Remote File Inclusion BigACE 1.8.2 - 'item_main.php' Remote File Inclusion BigACE 1.8.2 - 'upload_form.php' Remote File Inclusion BigACE 1.8.2 - 'download.cmd.php' Remote File Inclusion BigACE 1.8.2 - 'admin.cmd.php' Remote File Inclusion ClanLite - Config-PHP.php Remote File Inclusion ClanLite - 'conf-php.php' Remote File Inclusion FipsCMS 2.1 - PID Parameter SQL Injection FipsCMS 2.1 - 'pid' Parameter SQL Injection RunCMS 1.6.1 - votepolls.php bbPath[path] Parameter Remote File Inclusion RunCMS 1.6.1 - config.php bbPath[root_theme] Parameter Remote File Inclusion RunCMS 1.6.1 - 'bbPath[path]' Parameter Remote File Inclusion RunCMS 1.6.1 - 'bbPath[root_theme]' Parameter Remote File Inclusion FipsCMS 2.1 - 'forum/neu.asp' SQL Injection FipsCMS 2.1 - 'neu.asp' SQL Injection OneCMS 2.6.1 - admin/admin.php cat Parameter Cross-Site Scripting OneCMS 2.6.1 - search.php search Parameter SQL Injection OneCMS 2.6.1 - admin/admin.php Short1 Parameter Cross-Site Scripting OneCMS 2.6.1 - 'cat' Parameter Cross-Site Scripting OneCMS 2.6.1 - 'search' Parameter SQL Injection OneCMS 2.6.1 - 'short1' Parameter Cross-Site Scripting RunCMS 'partners' Module - 'id' Parameter SQL Injection RunCMS Module Partners - 'id' Parameter SQL Injection Zeuscart v.4 - Multiple Vulnerabilities Zeuscart 4.0 - Multiple Vulnerabilities BigACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal BigACE 2.7.5 - 'LANGUAGE' Parameter Directory Traversal Tenda/Dlink/Tplink TD-W8961ND - 'DHCP' Cross-Site Scripting Red Hat JBoss EAP - Deserialization of Untrusted Data	2016-11-29 05:01:20 +00:00
Offensive Security	b1cbed79e4	DB: 2016-11-28 1 new exploits Core FTP LE 2.2 - 'SSH/SFTP' Remote Buffer Overflow (PoC)	2016-11-28 05:01:17 +00:00
Offensive Security	b3a7c78388	DB: 2016-11-25 4 new exploits Groupwise 7.0 - (mailto: scheme) Buffer Overflow (PoC) Groupwise 7.0 - 'mailto: scheme' Buffer Overflow (PoC) Remote Utilities Host 6.3 - Denial of Service Microsoft Windows Kernel win32k.sys - 'NtSetWindowLongPtr' Privilege Escalation (MS16-135) GNU Wget < 1.18 - Access List Bypass / Race Condition miniBB - 'user' Input Validation Hole MiniBB 1.7f - 'user' Parameter SQL Injection TR Newsportal 0.36tr1 - (poll.php) Remote File Inclusion TR Newsportal 0.36tr1 - 'poll.php' Remote File Inclusion PHP Forge 3 Beta 2 - (cfg_racine) Remote File Inclusion PHP Forge 3 Beta 2 - 'cfg_racine' Parameter Remote File Inclusion miniBB keyword_replacer 1.0 - (pathToFiles) File Inclusion MiniBB keyword_replacer 1.0 - 'pathToFiles' Parameter File Inclusion miniBB 2.0.2 - (bb_func_txt.php) Remote File Inclusion MiniBB 2.0.2 - 'bb_func_txt.php' Remote File Inclusion W1L3D4 philboard 0.2 - (W1L3D4_bolum.asp forumid) SQL Injection W1L3D4 philboard 0.2 - 'W1L3D4_bolum.asp' SQL Injection miniBB 2.1 - (table) SQL Injection MiniBB 2.1 - 'table' Parameter SQL Injection Joovili 3.0.6 - (joovili.images.php) Remote File Disclosure Joovili 3.0.6 - 'joovili.images.php' Remote File Disclosure Apartment Search Script - 'listtest.php r' SQL Injection XOOPS Module Recipe - 'detail.php id' SQL Injection Aterr 0.9.1 - (class) Local File Inclusion (PHP5) W1L3D4 philboard 1.0 - (philboard_reply.asp) SQL Injection Apartment Search Script - 'listtest.php' SQL Injection XOOPS Module Recipe 2.2 - 'detail.php' SQL Injection Aterr 0.9.1 - Local File Inclusion (PHP5) W1L3D4 philboard 1.0 - 'philboard_reply.asp' SQL Injection KubeLance 1.6.4 - (ipn.php i) Local File Inclusion acidcat CMS 3.4.1 - Multiple Vulnerabilities BlogWorx 1.0 - (view.asp id) SQL Injection Crazy Goomba 1.2.1 - 'id' SQL Injection RedDot CMS 7.5 - (LngId) SQL Injection TR News 2.1 - (nb) SQL Injection KubeLance 1.6.4 - 'ipn.php' Local File Inclusion Acidcat CMS 3.4.1 - Multiple Vulnerabilities BlogWorx 1.0 - 'id' Parameter SQL Injection Crazy Goomba 1.2.1 - 'id' Parameter SQL Injection RedDot CMS 7.5 - 'LngId' Parameter SQL Injection TR News 2.1 - 'nb' Parameter SQL Injection E RESERV 2.1 - (index.php ID_loc) SQL Injection Joomla! Component Filiale 1.0.4 - (idFiliale) SQL Injection E RESERV 2.1 - 'index.php' SQL Injection Joomla! Component Filiale 1.0.4 - 'idFiliale' Parameter SQL Injection minibb 2.2 - (Cross-Site Scripting / SQL Injection / Full Path Disclosure) Multiple Vulnerabilities PostNuke Module PostSchedule - (eid) SQL Injection MiniBB 2.2 - Cross-Site Scripting / SQL Injection / Full Path Disclosure PostNuke Module PostSchedule 1.0 - 'eid' Parameter SQL Injection Siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities Siteman 2.x - Code Execution / Local File Inclusion / Cross-Site Scripting PHP Forge 3 Beta 2 - 'id' SQL Injection PHP Forge 3 Beta 2 - 'id' Parameter SQL Injection megabbs forum 2.2 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities Jokes Site Script - 'jokes.php?catagorie' SQL Injection FluentCMS - 'view.php sid' SQL Injection megabbs forum 2.2 - SQL Injection / Cross-Site Scripting Jokes Site Script - 'jokes.php' SQL Injection FluentCMS - 'view.php' SQL Injection Prozilla Hosting Index - 'Directory.php cat_id' SQL Injection Softbiz Web Host Directory Script (host_id) - SQL Injection Joovili 3.1 - (browse.videos.php category) SQL Injection Prozilla Hosting Index - 'cat_id' Parameter SQL Injection Softbiz Web Host Directory Script - 'host_id' Parameter SQL Injection Joovili 3.1 - 'browse.videos.php' SQL Injection w1l3d4 philboard 1.2 - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities W1L3D4 philboard 1.2 - Blind SQL Injection / Cross-Site Scripting apartment search script - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities Apartment Search Script - Arbitrary File Upload / Cross-Site Scripting Mini Web Calendar 1.2 - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities Mini Web Calendar 1.2 - File Disclosure / Cross-Site Scripting Prozilla Hosting Index - 'id' SQL Injection Prozilla Hosting Index - 'id' Parameter SQL Injection web Calendar system 3.12/3.30 - Multiple Vulnerabilities Web Calendar System 3.12/3.30 - Multiple Vulnerabilities Web Calendar 4.1 - (Authentication Bypass) SQL Injection Web Calendar 4.1 - Authentication Bypass web Calendar system 3.40 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities Web Calendar System 3.40 - Cross-Site Scripting / SQL Injection KubeLance - 'profile.php?id' SQL Injection KubeLance 1.7.6 - 'profile.php' SQL Injection Clever Copy 2.0 - calendar.php Cross-Site Scripting Clever Copy 2.0 - 'calendar.php' Cross-Site Scripting Clever Copy 2.0 - results.php Multiple Parameter Cross-Site Scripting Clever Copy 2.0 - categorysearch.php Multiple Parameter Cross-Site Scripting Clever Copy 2.0 - 'results.php' Cross-Site Scripting Clever Copy 2.0 - 'categorysearch.php' Cross-Site Scripting Acidcat CMS 2.1.13 - default.asp ID Parameter SQL Injection Acidcat CMS 2.1.13 - acidcat.mdb Remote Information Disclosure Acidcat CMS 2.1.13 - 'ID' Parameter SQL Injection Acidcat CMS 2.1.13 - 'acidcat.mdb' Remote Information Disclosure ODFaq 2.1 - faq.php SQL Injection ODFaq 2.1 - 'faq.php' SQL Injection MiniBB 1.5 - news.php Remote File Inclusion MiniBB 1.5 - 'news.php' Remote File Inclusion W1L3D4 philboard 0.3 - W1L3D4_Aramasonuc.asp Cross-Site Scripting W1L3D4 philboard 0.3 - Cross-Site Scripting Proverbs Web Calendar 1.1 - Password Parameter SQL Injection Proverbs Web Calendar 1.1 - 'Password' Parameter SQL Injection Chimaera Project Aterr 0.9.1 - Multiple Local File Inclusion miniBB 2.2 - 'bb_admin.php' Cross-Site Scripting miniBB RSS 2.0 Plugin - Multiple Remote File Inclusion MiniBB RSS 2.0 Plugin - Multiple Remote File Inclusion DevWorx BlogWorx 1.0 - 'forum.asp' Cross-Site Scripting eZoneScripts Apartment Search Script - 'listtest.php' SQL Injection miniBB 3.1 - Blind SQL Injection MiniBB 3.1 - Blind SQL Injection Osticket 1.9.14 - 'X-Forwarded-For' Cross-Site Scripting	2016-11-25 05:01:20 +00:00
Offensive Security	38038a7128	DB: 2016-11-24 6 new exploits Linux Kernel 2.6.32-642 / 3.16.0-4 - 'inode' Integer Overflow UCanCode - Multiple Vulnerabilities Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (1) Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (2) Linux Kernel 2.6.9 < 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (1) Linux Kernel 2.6.9 < 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (2) Microsoft Windows Server 2008/2012 - LDAP RootDSE Netlogon Denial of Service (PoC) Microsoft Windows Server 2008/2012 - LDAP RootDSE Netlogon Denial of Service Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Validator (PoC) (1) Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Validator (PoC) (2) Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Bound Checking Validator (PoC) (1) Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Bound Checking Validator (PoC) (2) Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Bound Checking Privilege Escalation (3) Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Bound Checking Privilege Escalation Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Validator (PoC) (1) Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Privilege Escalation (2) Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Validator (PoC) Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Privilege Escalation Linux Kernel 2.6.9 / 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Privilege Escalation Linux Kernel 2.6.9 < 2.6.11 (RHEL 4) - 'SYS_EPoll_Wait' Local Integer Overflow Privilege Escalation Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Privilege Escalation Linux Kernel 2.6.30 < 2.6.30.1 / SELinux (RHEL 5) - Privilege Escalation Linux Kernel 2.6.9 / 2.6.11 (RHEL4) - SYS_EPoll_Wait Local Integer Overflow Privilege Escalation (2) Linux Kernel 2.6.18 - 'move_pages()' Information Leak Linux Kernel 2.6.32-rc1 (x86-64) - Register Leak Linux Kenrel 2.6.10 < 2.6.31.5 - 'pipe.c' Privilege Escalation Windows x64 - Download & Execute Shellcode (358 bytes)	2016-11-24 05:01:19 +00:00
Offensive Security	32fc589910	DB: 2016-11-23 8 new exploits xine-lib 1.1.12 - NSF demuxer Stack Overflow (PoC) Xine-Lib 1.1.12 - NSF demuxer Stack Overflow (PoC) 3Com OfficeConnect Routers - Denial of Service (Content-Type) 3Com OfficeConnect Routers - (Content-Type) Denial of Service xine-lib 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow Xine-Lib 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow World Of Warcraft 3.3.5a (macros-cache.txt) - Stack Overflow World Of Warcraft 3.3.5a - 'macros-cache.txt' Stack Overflow Divx Player - Denial of Service Divx Player 6.8.2 - Denial of Service Microsoft Word (Win/Mac) - Crash (PoC) Microsoft Word (Windows/OSX) - Crash (PoC) TP-LINK TDDP - Multiple Vulnerabilities Microsoft Internet Explorer 8 MSHTML - 'Ptls5::LsFindSpanVisualBoundaries' Memory Corruption Office 2008 sp0 - RTF pFragments MAC Exploit Microsoft Office 2008 SP0 (Mac) - RTF pFragments Exploit Huawei UTPS - Unquoted Service Path Privilege Escalation xine-lib 1.1 - (media player library) Remote Format String Xine-Lib 1.1 - (media player library) Remote Format String Office Viewer ActiveX Control 3.0.1 - (Save) Remote File Overwrite Office Viewer ActiveX Control 3.0.1 - 'Save' Remote File Overwrite 3Com OfficeConnect Secure Router 1.04-168 - Tk Parameter Cross-Site Scripting 3Com OfficeConnect Secure Router 1.04-168 - 'Tk' Parameter Cross-Site Scripting xine-lib - Multiple Heap Based Remote Buffer Overflow Vulnerabilities Xine-Lib 1.1.11 - Multiple Heap Based Remote Buffer Overflow Vulnerabilities Crestron AM-100 - Multiple Vulnerabilities Linux/x86-64 - /bin/sh -c reboot Shellcode (89 bytes) Simple Machines Forum 1.0.4 - (modify) SQL Injection Simple Machines Forum (SMF) 1.0.4 - 'modify' SQL Injection PHP-Fusion 6.00.109 - (msg_send) SQL Injection PHP-Fusion 6.00.109 - 'msg_send' Parameter SQL Injection PHP-Fusion 6.00.3 - (rating) Parameter SQL Injection PHP-Fusion 6.00.3 - 'rating' Parameter SQL Injection PHP-Fusion 6.00.306 - (srch_where) SQL Injection PHP-Fusion 6.00.306 - 'srch_where' Parameter SQL Injection Simple Machines Forum 1.1 rc2 (Windows) - (lngfile) Remote Exploit Simple Machines Forum (SMF) 1.1 rc2 (Windows) - 'lngfile' Remote Exploit Simple Machines Forum 1.1 rc2 - Lock Topics Remote Exploit Simple Machines Forum (SMF) 1.1 rc2 - Lock Topics Remote Exploit AllMyGuests 0.4.1 - (cfg_serverpath) Remote File Inclusion AllMyGuests 0.4.1 - 'cfg_serverpath' Parameter Remote File Inclusion Virtual Law Office - (phpc_root_path) Remote File Inclusion Virtual Law Office - 'phpc_root_path' Remote File Inclusion AllMyGuests 0.3.0 - (AMG_serverpath) Remote File Inclusion AllMyGuests 0.3.0 - 'AMG_serverpath' Parameter Remote File Inclusion Simple Machines Forum 1.1.3 - Blind SQL Injection Simple Machines Forum (SMF) 1.1.3 - Blind SQL Injection BosClassifieds 3.0 - (index.php cat) SQL Injection BosNews 4.0 - (article) SQL Injection BosClassifieds 3.0 - 'index.php' SQL Injection BosNews 4.0 - 'article' Parameter SQL Injection Classifieds Caffe - 'index.php cat_id' SQL Injection Classifieds Caffe - 'cat_id' Parameter SQL Injection carbon communities 2.4 - Multiple Vulnerabilities XplodPHP AutoTutorials 2.1 - 'id' SQL Injection Carbon Communities 2.4 - Multiple Vulnerabilities XplodPHP AutoTutorials 2.1 - 'id' Parameter SQL Injection Grape Statistics 0.2a - (location) Remote File Inclusion 5th Avenue Shopping Cart - 'category_id' SQL Injection Grape Statistics 0.2a - 'location' Parameter Remote File Inclusion 5th Avenue Shopping Cart - 'category_id' Parameter SQL Injection PhShoutBox 1.5 - (final) Insecure Cookie Handling Simple Customer 1.2 - (contact.php id) SQL Injection AllMyGuests 0.4.1 - (AMG_id) SQL Injection PhShoutBox 1.5 - Insecure Cookie Handling Simple Customer 1.2 - 'contact.php' SQL Injection AllMyGuests 0.4.1 - 'AMG_id' Parameter SQL Injection Simple Machines Forum 1.1.4 - SQL Injection Simple Machines Forum (SMF) 1.1.4 - SQL Injection virtual support office-xp 3.0.29 - Multiple Vulnerabilities Virtual Support Office XP 3.0.29 - Multiple Vulnerabilities PHP-Fusion Mod Classifieds - (lid) SQL Injection PHP-Fusion Mod Classifieds - 'lid' Parameter SQL Injection Simple Machines Forum 1.1.5 (Windows x86) - Admin Reset Password Exploit Simple Machines Forum (SMF) 1.1.5 (Windows x86) - Admin Reset Password Exploit PHP-Fusion Mod freshlinks - (linkid) SQL Injection PHP-Fusion Mod freshlinks - 'linkid' Parameter SQL Injection PHP-Fusion Mod manuals - (manual) SQL Injection PHP-Fusion Mod manuals - 'manual' Parameter SQL Injection PHP-Fusion Mod triscoop_race_system - (raceid) SQL Injection PHP-Fusion Mod triscoop_race_system - 'raceid' Parameter SQL Injection BosDev BosClassifieds - 'cat_id' SQL Injection BosClassifieds - 'cat_id' SQL Injection Simple Machines Forum 1.1.6 - (Local File Inclusion) Code Execution Simple Machines Forum (SMF) 1.1.6 - (Local File Inclusion) Code Execution PHP-Fusion 7.00.1 - (messages.php) SQL Injection PHP-Fusion 7.00.1 - 'messages.php' SQL Injection Check New 4.52 - (findoffice.php search) SQL Injection Check New 4.52 - 'findoffice.php search' SQL Injection PHP-Fusion Mod E-Cart 1.3 - (items.php CA) SQL Injection PHP-Fusion Mod E-Cart 1.3 - 'items.php' SQL Injection PHP-Fusion Mod the_kroax (comment_id) - SQL Injection PHP-Fusion Mod the_kroax - 'comment_id' Parameter SQL Injection Simple Machines Forum 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package Upload Simple Machines Forum (SMF) 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package Upload Simple Machines Forums - (BBCode) Cookie Stealing Simple Machines Forum (SMF) - 'BBCode' Cookie Stealing PHP-Fusion Mod Book Panel - (bookid) SQL Injection PHP-Fusion Mod Book Panel - 'bookid' Parameter SQL Injection PHP-Fusion Mod Book Panel - (course_id) SQL Injection PHP-Fusion Mod Book Panel - 'course_id' Parameter SQL Injection Opencart 1.1.8 - (route) Local File Inclusion Opencart 1.1.8 - 'route' Local File Inclusion exjune officer message system 1 - Multiple Vulnerabilities Exjune Officer Message System 1 - Multiple Vulnerabilities Simple Machines Forum - Multiple Security Vulnerabilities Simple Machines Forum (SMF) - Multiple Security Vulnerabilities PHP-Fusion 6.01.15.4 - (downloads.php) SQL Injection PHP-Fusion 6.01.15.4 - 'downloads.php' SQL Injection Simple Machines Forum (SMF) 1.1.8 - (avatar) Remote PHP File Execute (PoC) Simple Machines Forum (SMF) 1.1.8 - 'avatar' Remote PHP File Execute (PoC) PHP-fusion dsmsf - (module downloads) SQL Injection PHP-fusion dsmsf Mod Downloads - SQL Injection Group Office - (comment_id) SQL Injection Group Office - 'comment_id' SQL Injection PHP-Fusion MG - User-Fotoalbum SQL Injection PHP-Fusion Mod Mg User Fotoalbum 1.0.1 - SQL Injection Simple Machines forum (SMF) 2.0 - session Hijacking Simple Machines Forum (SMF) 2.0 - Session Hijacking AllMyGuests 0.x - info.inc.php Arbitrary Code Execution AllMyGuests 0.x - 'info.inc.php' Arbitrary Code Execution Simple Machines Forum 1.0 - Size Tag HTML Injection Simple Machines Forum (SMF) 1.0 - Size Tag HTML Injection OpenCart 1.5.5.1 - (FileManager.php) Directory Traversal Arbitrary File Access OpenCart 1.5.5.1 - 'FileManager.php' Directory Traversal Arbitrary File Access PHP-Fusion 4.0 - Viewthread.php Information Disclosure PHP-Fusion 4.0 - 'Viewthread.php' Information Disclosure PHP-Fusion 4/5 - Setuser.php HTML Injection PHP-Fusion 4/5 - 'Setuser.php' HTML Injection PHP-Fusion 4.0/5.0/6.0 - messages.php SQL Injection PHP-Fusion 4.0/5.0/6.0 - 'messages.php' SQL Injection PHP-Fusion 6.0.109 - messages.php SQL Injection PHP-Fusion 6.0.109 - 'messages.php' SQL Injection PHP-Fusion 6.0 - members.php Cross-Site Scripting PHP-Fusion 6.0 - 'members.php' Cross-Site Scripting PHP-Fusion 6.0.x - news.php SQL Injection PHP-Fusion 6.0.x - 'news.php' SQL Injection Simple Machines Forum 1.0/1.1 - 'index.php' Cross-Site Scripting Simple Machines Forum (SMF) 1.0/1.1 - 'index.php' Cross-Site Scripting PHP-Fusion 6.1.5 - Calendar_Panel Module Show_Event.php SQL Injection PHP-Fusion 6.1.5 Mod Calendar_Panel - 'Show_Event.php' SQL Injection Simple Machines Forum 1.1.4 - Multiple Remote File Inclusion Simple Machines Forum (SMF) 1.1.4 - Multiple Remote File Inclusion Simple Machines Forum 1.1.6 - HTTP POST Request Filter Security Bypass Simple Machines Forum (SMF) 1.1.6 - HTTP POST Request Filter Security Bypass OpenCart 1.5.6.1 - (openbay) Multiple SQL Injection OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injection Simple Machines Forum 1.1.7 - '[url]' Tag HTML Injection Simple Machines Forum (SMF) 1.1.7 - '[url]' Tag HTML Injection PHP-Fusion - 'articles.php' Cross-Site Scripting AppFusions Doxygen for Atlassian Confluence 1.3.2 - Cross-Site Scripting Simple Machines Forum 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request Forgery Simple Machines Forum (SMF) 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request Forgery Simple Machines Forum 1.1.15 - 'fckeditor' Arbitrary File Upload Simple Machines Forum (SMF) 1.1.15 - 'fckeditor' Arbitrary File Upload WordPress Plugin Dharma booking 2.38.3 - File Inclusion WordPress Plugin Dharma Booking 2.38.3 - File Inclusion EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery / Remote Command Execution SAP NetWeaver AS JAVA - 'BC-BMT-BPM-DSK' XML External Entity Injection	2016-11-23 05:01:19 +00:00
Offensive Security	dab1517032	DB: 2016-11-22 13 new exploits Borland Interbase 2007 - ibserver.exe Buffer Overflow (PoC) Borland Interbase 2007 - 'ibserver.exe' Buffer Overflow (PoC) Linux Kernel (Ubuntu / RedHat) - 'keyctl' Null Pointer Dereference Linux Kernel 4.8.0-22 / 3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference Microsoft Edge Scripting Engine - Memory Corruption (MS16-129) Microsoft Edge - 'CTextExtractor::GetBlockText' Out-of-Bounds Read (MS16-104) Microsoft Internet Explorer 8 jscript - 'RegExpBase::FBadHeader' Use-After-Free (MS15-018) NTP 4.2.8p8 - Denial of Service Tumbleweed SecureTransport FileTransfer - ActiveX Buffer Overflow Tumbleweed SecureTransport 4.6.1 FileTransfer - ActiveX Buffer Overflow Borland Interbase 2007 - PWD_db_aliased Buffer Overflow (Metasploit) Borland Interbase 2007 - 'PWD_db_aliased' Buffer Overflow (Metasploit) Borland Interbase 2007 / 2007 SP2 - open_marker_file Buffer Overflow (Metasploit) Borland Interbase 2007 / 2007 sp2 - jrd8_create_database Buffer Overflow (Metasploit) Borland Interbase 2007 / 2007 SP2 - INET_connect Buffer Overflow (Metasploit) Borland Interbase 2007 / 2007 SP2 - 'open_marker_file' Buffer Overflow (Metasploit) Borland Interbase 2007 / 2007 sp2 - 'jrd8_create_database' Buffer Overflow (Metasploit) Borland Interbase 2007 / 2007 SP2 - 'INET_connect' Buffer Overflow (Metasploit) Borland Interbase - isc_create_database() Buffer Overflow (Metasploit) Borland Interbase - 'isc_create_database()' Buffer Overflow (Metasploit) Borland Interbase - isc_attach_database() Buffer Overflow (Metasploit) Borland Interbase - 'isc_attach_database()' Buffer Overflow (Metasploit) Borland Interbase - SVC_attach() Buffer Overflow (Metasploit) Borland Interbase - 'SVC_attach()' Buffer Overflow (Metasploit) Borland Interbase - Create-Request Buffer Overflow (Metasploit) Borland Interbase - 'Create-Request' Buffer Overflow (Metasploit) Borland Interbase - PWD_db_aliased() Buffer Overflow (Metasploit) Borland Interbase - open_marker_file() Buffer Overflow (Metasploit) Borland Interbase - 'PWD_db_aliased()' Buffer Overflow (Metasploit) Borland Interbase - 'open_marker_file()' Buffer Overflow (Metasploit) Borland Interbase - jrd8_create_database() Buffer Overflow (Metasploit) Borland Interbase - INET_connect() Buffer Overflow (Metasploit) Borland Interbase - 'jrd8_create_database()' Buffer Overflow (Metasploit) Borland Interbase - 'INET_connect()' Buffer Overflow (Metasploit) Dlink DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit) phpunity.postcard - (gallery_path) Remote File Inclusion phpunity.postcard - 'gallery_path' Parameter Remote File Inclusion CcMail 1.0.1 - (update.php functions_dir) Remote File Inclusion CcMail 1.0.1 - 'functions_dir' Parameter Remote File Inclusion 1024 CMS 0.7 - (download.php item) Remote File Disclosure 1024 CMS 0.7 - 'download.php' Remote File Disclosure cpCommerce 1.1.0 - (category.php id_category) SQL Injection CPCommerce 1.1.0 - 'id_category' Parameter SQL Injection 1024 CMS 1.3.1 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities 1024 CMS 1.3.1 - Local File Inclusion / SQL Injection Mole 2.1.0 - (viewsource.php) Remote File Disclosure ChartDirector 4.1 - (viewsource.php) File Disclosure 724CMS 4.01 Enterprise - (index.php ID) SQL Injection My Gaming Ladder 7.5 - (ladderid) SQL Injection Mole 2.1.0 - 'viewsource.php' Remote File Disclosure ChartDirector 4.1 - 'viewsource.php' File Disclosure 724CMS 4.01 Enterprise - 'index.php' SQL Injection My Gaming Ladder 7.5 - 'ladderid' Parameter SQL Injection exbb 0.22 - (Local File Inclusion / Remote File Inclusion) Multiple Vulnerabilities Pligg CMS 9.9.0 - (editlink.php id) SQL Injection ExBB 0.22 - Local / Remote File Inclusion Pligg CMS 9.9.0 - 'editlink.php' SQL Injection Prediction Football 1.x - (matchid) SQL Injection Prediction Football 1.x - 'matchid' Parameter SQL Injection Free Photo Gallery Site Script - (path) File Disclosure Free Photo Gallery Site Script - 'path' Parameter File Disclosure LiveCart 1.1.1 - (category id) Blind SQL Injection Ksemail - 'index.php language' Local File Inclusion LiveCart 1.1.1 - 'id' Parameter Blind SQL Injection Ksemail - Local File Inclusion RX Maxsoft - 'popup_img.php fotoID' SQL Injection PHPKB Knowledge Base Software 1.5 - 'ID' SQL Injection RX Maxsoft - 'fotoID' Parameter SQL Injection PHPKB Knowledge Base Software 1.5 - 'ID' Parameter SQL Injection Pollbooth 2.0 - (pollID) SQL Injection cpcommerce 1.1.0 - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities Pollbooth 2.0 - 'pollID' Parameter SQL Injection CPCommerce 1.1.0 - Cross-Site Scripting / Local File Inclusion SmallBiz eShop - (content_id) SQL Injection SmallBiz eShop - 'content_id' Parameter SQL Injection lightneasy sqlite / no database 1.2.2 - Multiple Vulnerabilities LightNEasy sqlite / no database 1.2.2 - Multiple Vulnerabilities PostcardMentor - 'step1.asp cat_fldAuto' SQL Injection PostcardMentor - 'cat_fldAuto' Parameter SQL Injection Pligg CMS 9.9.0 - (story.php id) SQL Injection Pligg CMS 9.9.0 - 'story.php' SQL Injection LokiCMS 0.3.4 - writeconfig() Remote Command Execution LokiCMS 0.3.4 - 'writeconfig()' Remote Command Execution cpCommerce 1.2.6 - (URL Rewrite) Input Variable Overwrite / Authentication Bypass CPCommerce 1.2.6 - (URL Rewrite) Input Variable Overwrite / Authentication Bypass cpCommerce 1.2.8 - (id_document) Blind SQL Injection CPCommerce 1.2.8 - 'id_document' Parameter Blind SQL Injection cpCommerce 1.2.x - GLOBALS[prefix] Arbitrary File Inclusion CPCommerce 1.2.x - 'GLOBALS[prefix]' Arbitrary File Inclusion ChartDirector 5.0.1 - (cacheId) Arbitrary File Disclosure ChartDirector 5.0.1 - 'cacheId' Parameter Arbitrary File Disclosure Pligg CMS 1.0.4 - (story.php?id) SQL Injection Pligg CMS 1.0.4 - 'story.php' SQL Injection 724CMS 4.59 Enterprise - SQL Injection 724CMS Enterprise 4.59 - SQL Injection lightneasy 3.2.2 - Multiple Vulnerabilities LightNEasy 3.2.2 - Multiple Vulnerabilities My Postcards 6.0 - MagicCard.cgi Arbitrary File Disclosure My Postcards 6.0 - 'MagicCard.cgi' Arbitrary File Disclosure Mambo Open Source 4.0.14 - PollBooth.php Multiple SQL Injection Mambo Open Source 4.0.14 - 'PollBooth.php' Multiple SQL Injection PhotoKorn 1.53/1.54 - postcard.php id Parameter SQL Injection PhotoKorn 1.53/1.54 - 'id' Parameter SQL Injection CPCommerce 1.1 - Manufacturer.php SQL Injection CPCommerce 1.1 - 'manufacturer.php' SQL Injection LiveCart 1.0.1 - user/remindPassword return Parameter Cross-Site Scripting LiveCart 1.0.1 - category q Parameter Cross-Site Scripting LiveCart 1.0.1 - order return Parameter Cross-Site Scripting LiveCart 1.0.1 - user/remindComplete email Parameter Cross-Site Scripting LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting LiveCart 1.0.1 - 'q' Parameter Cross-Site Scripting LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting LiveCart 1.0.1 - 'email' Parameter Cross-Site Scripting Pligg CMS 1.x - module.php Multiple Parameter Cross-Site Scripting Pligg CMS 1.x - 'module.php' Multiple Parameter Cross-Site Scripting Pligg CMS 2.0.2 - (load_data_for_search.php) SQL Injection Pligg CMS 2.0.2 - 'load_data_for_search.php' SQL Injection CMS Made Simple 2.1.5 - Cross-Site Scripting Atlassian Confluence AppFusions Doxygen 1.3.0 - Directory Traversal WordPress Plugin Instagram Feed 1.4.6.2 - Cross-Site Request Forgery Mezzanine 4.2.0 - Cross-Site Scripting LEPTON 2.2.2 - SQL Injection LEPTON 2.2.2 - Remote Code Execution FUDforum 3.0.6 - Cross-Site Scripting / Cross-Site Request Forgery FUDforum 3.0.6 - Local File Inclusion Wordpress Plugin Olimometer 2.56 - SQL Injection	2016-11-22 05:01:18 +00:00
Offensive Security	8948e76c12	DB: 2016-11-19 14 new exploits Microsoft Exchange 2000 - XEXCH50 Heap Overflow PoC (MS03-046) Microsoft Exchange Server 2000 - XEXCH50 Heap Overflow PoC (MS03-046) Microsoft Windows - 'Jolt2.c' Denial of Service Microsoft Windows - 'Jolt2.c' Denial of Service (MS00-029) Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service (MS05-019) Ventrilo 2.3.0 - Remote Denial of Service (All Platforms) Ventrilo 2.3.0 (All Platforms) - Remote Denial of Service Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) (1) Microsoft Windows Server 2003/XP - (IGMP v3) Denial of Service (MS06-007) (1) Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) (2) Microsoft Windows Server 2003/XP - (IGMP v3) Denial of Service (MS06-007) (2) Microsoft Windows Vista - Access Violation from Limited Account Exploit (BSoD) Microsoft Windows Vista - Access Violation from Limited Account Exploit (Blue Screen of Death) Microsoft Windows 2003 - '.EOT' BSOD Crash Microsoft Windows 2003 - '.EOT' Blue Screen of Death Crash Microsoft Windows Vista/7 - SMB2.0 Negotiate Protocol Request Remote BSOD Microsoft Windows Vista/7 - SMB2.0 Negotiate Protocol Request Remote Blue Screen of Death (MS07-063) Microsoft Windows 2000-2008 - Embedded OpenType Font Engine Remote Code Execution (Metasploit) Microsoft Windows 2000<2008 - Embedded OpenType Font Engine Remote Code Execution (MS09-065) (Metasploit) Google Chrome 4.1 - OOB Array Indexing Google Chrome 4.1 - Out-of-Bounds Array Indexing Microsoft Windows 7/2008R2 - SMB Client Trans2 Stack Overflow 10-020 (PoC) Microsoft Windows 7/2008R2 - SMB Client Trans2 Stack Overflow (MS10-020) (PoC) CommView 6.1 (Build 636) - Local Denial of Service (BSOD) CommView 6.1 (Build 636) - Local Denial of Service (Blue Screen of Death) Msxml2.XMLHTTP.3.0 - Response Handling Memory Corruption (MS10-051) Microsoft Msxml2.XMLHTTP.3.0 - Response Handling Memory Corruption (MS10-051) Microsoft Cinepak Codec CVDecompress - Heap Overflow Microsoft Cinepak Codec CVDecompress - Heap Overflow (MS10-055) Microsoft Unicode Scripts Processor - Remote Code Execution Microsoft Unicode Scripts Processor - Remote Code Execution (MS10-063) Microsoft Office - HtmlDlgHelper Class Memory Corruption Microsoft Office - HtmlDlgHelper Class Memory Corruption (MS10-071) Microsoft Plug and Play Service - Overflow Exploit (Metasploit) Microsoft Plug and Play Service - Overflow Exploit (MS05-039) (Metasploit) Microsoft Excel - Axis Properties Record Parsing Buffer Overflow (PoC) Microsoft Excel - Axis Properties Record Parsing Buffer Overflow (PoC) (MS11-02) Microsoft HyperV - Persistent Denial of Service Microsoft HyperV - Persistent Denial of Service (MS11-047) Crush FTP 5 - 'APPE' command Remote JVM BSOD (PoC) Crush FTP 5 - 'APPE' command Remote JVM Blue Screen of Death (PoC) Microsoft WINS Service 5.2.3790.4520 - Memory Corruption Microsoft WINS - ECommEndDlg Input Validation Error Microsoft WINS Service 5.2.3790.4520 - Memory Corruption (MS11-035) Microsoft WINS - ECommEndDlg Input Validation Error (MS11-035/MS11-070) Win32k - Null Pointer De-reference PoC (MS11-077) Microsoft Win32k - Null Pointer De-reference PoC (MS11-077) Winows 7 keylayout - Blue Screen Microsoft Winows 7 - Keyoard Layout Blue Screen of Death (MS10-073) Apple Safari - GdiDrawStream BSoD Apple Safari - GdiDrawStream Blue Screen of Death PeerBlock 1.1 - BSOD Exploit PeerBlock 1.1 - Blue Screen of Death Exploit .NET Framework EncoderParameter - Integer Overflow Microsoft .NET Framework EncoderParameter - Integer Overflow (MS12-025) Microsoft Windows XP - Keyboard Layouts Pool Corruption LPE PoC (Post MS12-034) Microsoft Windows XP - Keyboard Layouts Pool Corruption LPE PoC (MS12-034) Microsoft Internet Explorer 9 / SharePoint / Lync - toStaticHTML HTML Sanitizing Bypass Microsoft Internet Explorer 9 / SharePoint / Lync - toStaticHTML HTML Sanitizing Bypass (MS12-037/MS12-039/MS12-050) Microsoft Windows Media Services 4.0/4.1 - Denial of Service Microsoft Windows Media Services 4.0/4.1 - Denial of Service (MS00-038) Microsoft Windows NT 4.0 - Remote Registry Request Denial of Service (2) Microsoft Windows NT 4.0 - Remote Registry Request Denial of Service (MS00-040) (2) Microsoft Windows NT 4.0 - Invalid LPC Request Denial of Service Microsoft Windows NT 4.0 - Invalid LPC Request Denial of Service (MS00-070) Microsoft IIS 4.0/5.0 - FTP Denial of Service Microsoft IIS 4.0/5.0 - FTP Denial of Service (MS01-026) Microsoft SQL Server 7.0/2000 / MSDE - Named Pipe Denial of Service Microsoft SQL Server 7.0/2000 / MSDE - Named Pipe Denial of Service (MS03-031) Microsoft Windows XP/2000 - showHelp CHM File Execution Microsoft Windows XP/2000 - showHelp '.CHM' File Execution (MS03-004) Microsoft Windows 2000/2003/XP - MSDTC TIP Denial of Service Microsoft Windows 2000/2003/XP - MSDTC TIP Denial of Service (MS05-051) Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption Vulnerabilities Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption Vulnerabilities (MS06-012) DirectShow - Arbitrary Memory Overwrite (MS13-056) Microsoft DirectShow - Arbitrary Memory Overwrite (MS13-056) Microsoft Windows XP/Vista/2000/2003/2008 Kernel - Usermode Callback Privilege Escalation (1) Microsoft Windows XP/Vista/2000/2003/2008 Kernel - Usermode Callback Privilege Escalation (MS08-025) (1) Microsoft Windows - TCP/IP Stack Reference Counter Integer Overflow Microsoft Windows - TCP/IP Stack Reference Counter Integer Overflow (MS11-083) Microsoft Windows - 'ATMFD.dll' CharString Stream Out-of-Bounds Reads Microsoft Windows - 'ATMFD.dll' CharString Stream Out-of-Bounds Reads (MS15-021) Google Chrome - open-vcdiff OOB Read in Browser Process Integer Overflow Google Chrome - open-vcdiff Out-of-Bounds Read in Browser Process Integer Overflow Avast! - OOB Write Decrypting PEncrypt Packed executables Avast! - Out-of-Bounds Write Decrypting PEncrypt Packed executables Microsoft Office - COM Object DLL Planting with 'WMALFXGFXDSP.dll' (MS16-007) Microsoft Office / COM Object - 'WMALFXGFXDSP.dll' DLL Planting (MS16-007) Apple Mac OSX Kernel - OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type Apple Mac OSX Kernel - Out-of-Bounds Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type Microsoft Edge - 'Array.splice' Heap Overflow Moxa SoftCMS 1.5 - Denial of Service (PoC) Microsoft Edge - 'FillFromPrototypes' Type Confusion Microsoft Edge - 'Array.filter' Info Leak Microsoft Edge - 'Array.reverse' Overflow Palo Alto Networks PanOS appweb3 - Stack Buffer Overflow Microsoft Windows 2000 - Utility Manager Privilege Elevation Exploit (MS04-019) Microsoft Windows 2000 - POSIX Subsystem Privilege Escalation (MS04-020) Microsoft Windows 2000 - Universal Language Utility Manager Exploit (MS04-019) Microsoft Windows 2000/XP - Task Scheduler .job Exploit (MS04-022) Microsoft Windows 2000 - Utility Manager All-in-One Exploit (MS04-019) Microsoft Windows Server 2000 - Utility Manager Privilege Elevation Exploit (MS04-019) Microsoft Windows Server 2000 - POSIX Subsystem Privilege Escalation (MS04-020) Microsoft Windows Server 2000 - Universal Language Utility Manager Exploit (MS04-019) Microsoft Windows Server 2000/XP - Task Scheduler .job Exploit (MS04-022) Microsoft Windows Server 2000 - Utility Manager All-in-One Exploit (MS04-019) Microsoft Windows 2000 Kernel - APC Data-Free Local Escalation Exploit (MS05-055) Microsoft Windows Server 2000 Kernel - APC Data-Free Local Escalation Exploit (MS05-055) Microsoft Windows 2000/XP - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030) Microsoft Windows Server 2000/XP - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030) Microsoft Windows 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) Microsoft Windows 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066) Microsoft Excel - 0x5D record Stack Overflow Microsoft Excel - 0x5D record Stack Overflow (MS10-038) Win32k - Keyboard Layout (MS10-073) Microsoft Win32k - Keyboard Layout (MS10-073) Adobe - Doc.media.newPlayer Use-After-Free (1) Adobe - 'util.printf()' Buffer Overflow (1) Adobe - Doc.media.newPlayer Use-After-Free (Metasploit) (1) Adobe - 'util.printf()' Buffer Overflow (Metasploit) (1) Adobe - FlateDecode Stream Predictor 02 Integer Overflow (1) Adobe - FlateDecode Stream Predictor 02 Integer Overflow (Metasploit) (1) Adobe - JBIG2Decode Memory Corruption (1) Adobe - Collab.getIcon() Buffer Overflow (1) Adobe Flash Player - 'newfunction' Invalid Pointer Use (1) Microsoft DirectShow - 'msvidctl.dll' MPEG-2 Memory Corruption (Metasploit) Adobe - JBIG2Decode Memory Corruption (Metasploit) (1) Adobe - Collab.getIcon() Buffer Overflow (Metasploit) (1) Adobe Flash Player - 'newfunction' Invalid Pointer Use (Metasploit) (1) Microsoft DirectShow - 'msvidctl.dll' MPEG-2 Memory Corruption (MS09-032/MS09-037) (Metasploit) Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (2) Media Jukebox 8.0.400 - Buffer Overflow (SEH) Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (Metasploit) (2) Media Jukebox 8.0.400 - Buffer Overflow (SEH) (Metasploit) Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (2) Adobe - Doc.media.newPlayer Use-After-Free (2) Adobe - 'util.printf()' Buffer Overflow (2) Microsoft Excel - Malformed FEATHEADER Record (Metasploit) Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (Metasploit) (2) Adobe - Doc.media.newPlayer Use-After-Free (Metasploit) (2) Adobe - 'util.printf()' Buffer Overflow (Metasploit) (2) Microsoft Excel - Malformed FEATHEADER Record (MS09-067) (Metasploit) HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (3) HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (3) WM Downloader 3.1.2.2 - Buffer Overflow (2) WM Downloader 3.1.2.2 - Buffer Overflow (Metasploit) (2) HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (2) Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (2) HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (2) Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) (2) Adobe - FlateDecode Stream Predictor 02 Integer Overflow (2) Adobe - FlateDecode Stream Predictor 02 Integer Overflow (Metasploit) (2) Microsoft Windows - CreateSizedDIBSECTION Stack Buffer Overflow (Metasploit) Microsoft Windows - CreateSizedDIBSECTION Stack Buffer Overflow (MS11-006) (Metasploit) gAlan 0.2.1 - Buffer Overflow (2) Microsoft PowerPoint Viewer - TextBytesAtom Stack Buffer Overflow (Metasploit) gAlan 0.2.1 - Buffer Overflow (Metasploit) (2) Microsoft PowerPoint Viewer - TextBytesAtom Stack Buffer Overflow (MS10-004) (Metasploit) BACnet OPC Client - Buffer Overflow (2) BACnet OPC Client - Buffer Overflow (Metasploit) (2) Adobe - JBIG2Decode Memory Corruption (2) Adobe - JBIG2Decode Memory Corruption (Metasploit) (2) Mini-stream 3.0.1.1 - Buffer Overflow (2) Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit) (2) Adobe - Collab.getIcon() Buffer Overflow (2) Adobe PDF - Escape EXE Social Engineering (No JavaScript) HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (4) Adobe - Collab.getIcon() Buffer Overflow (Metasploit) (2) Adobe PDF - Escape EXE Social Engineering (No JavaScript)(Metasploit) HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (4) Microsoft Word - RTF pFragments Stack Buffer Overflow (File Format) Adobe Flash Player - 'newfunction' Invalid Pointer Use (2) Microsoft Word - '.RTF' pFragments Stack Buffer Overflow (File Format) (MS10-087) (Metasploit) Adobe Flash Player - 'newfunction' Invalid Pointer Use (Metasploit) (2) Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (1) Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (Metasploit) (1) Microsoft Visio - 'VISIODWG.dll' .DXF File Handling (Metasploit) Microsoft Visio - 'VISIODWG.dll' .DXF File Handling (MS10-028) (Metasploit) Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDav Privilege Escalation (MS16-016) Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDav Privilege Escalation (MS16-016) (Metasploit) Microsoft Excel 2007 SP2 - Buffer Overwrite Microsoft Excel 2007 SP2 - Buffer Overwrite (MS11-021) Mini-stream Ripper 3.0.1.1 - Buffer Overflow (3) Mini-stream Ripper 3.0.1.1 - Buffer Overflow (Metasploit) (3) Microsoft Excel 2007 - '.xlb' Buffer Overflow (MS11-021) Microsoft Excel 2007 - '.xlb' Buffer Overflow (MS11-021) (Metasploit) Microsoft Excel - Malformed OBJ Record Handling Overflow (MS11-038) Microsoft Excel - Malformed OBJ Record Handling Overflow (MS11-038) (Metasploit) Microsoft Office 2003 Home/Pro - Code Execution Microsoft Office 2003 Home/Pro - Code Execution (MS10-087) Microsoft Office - ClickOnce Unsafe Object Package Handling (MS12-005) Microsoft Office - ClickOnce Unsafe Object Package Handling (MS12-005) (Metasploit) Microsoft Windows - Task Scheduler XML Privilege Escalation (Metasploit) Microsoft Windows - Task Scheduler .XML Privilege Escalation (MS10-092) (Metasploit) Microsoft Windows NT 4.0 / 2000 - Spoofed LPC Request Microsoft Windows NT 4.0 / 2000 - Spoofed LPC Request (MS00-003) Microsoft Windows Kernel - Intel x64 SYSRET (PoC) Microsoft Windows Kernel - Intel x64 SYSRET (MS12-042) (PoC) Microsoft Windows - 'AfdJoinLeaf' Privilege Escalation (MS11-080) Microsoft Windows - 'AfdJoinLeaf' Privilege Escalation (MS11-080) (Metasploit) Kerberos in Microsoft Windows - Security Feature Bypass (MS16-101) Microsoft Windows Kerberos - Security Feature Bypass (MS16-101) Microsoft Windows 2000/NT 4 - Local Descriptor Table Privilege Escalation Microsoft Windows 2000/NT 4 - Local Descriptor Table Privilege Escalation (MS04-011) Microsoft Windows 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation Microsoft Windows 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020) Microsoft Windows - HWND_BROADCAST Low to Medium Integrity Privilege Escalation (MS13-005) Microsoft Windows - HWND_BROADCAST Low to Medium Integrity Privilege Escalation (MS13-005) (Metasploit) VMware - Setuid VMware-mount Unsafe popen(3) VMware - Setuid VMware-mount Unsafe popen(3) (Metasploit) Microsoft Windows - TrackPopupMenuEx Win32k NULL Page (Metasploit) Microsoft Windows - TrackPopupMenuEx Win32k NULL Page (MS13-081) (Metasploit) Microsoft Word - RTF Object Confusion (MS14-017) Microsoft Word - RTF Object Confusion (MS14-017) (Metasploit) Microsoft Windows - NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei) Microsoft Windows - NTUserMessageCall Win32k Kernel Pool Overflow 'schlamperei.x86.dll' (MS13-053) (Metasploit) .NET Deployment Service - IE Sandbox Escape (MS14-009) Registry Symlink - IE Sandbox Escape (MS13-097) Microsoft .NET Deployment Service - IE Sandbox Escape (MS14-009) (Metasploit) Microsoft Registry Symlink - IE Sandbox Escape (MS13-097) (Metasploit) Microsoft Windows - OLE Package Manager Code Execution (MS14-060) Microsoft Windows - OLE Package Manager Code Execution (MS14-060) (Metasploit) Microsoft Windows - TrackPopupMenu Win32k Null Pointer Dereference (Metasploit) Microsoft Windows - TrackPopupMenu Win32k Null Pointer Dereference (MS14-058) (Metasploit) Microsoft Windows - OLE Package Manager Code Execution Through Python (MS14-064) Microsoft Windows - OLE Package Manager Code Execution (MS14-064) Microsoft Windows - OLE Package Manager Code Execution (via Python) (MS14-064) (Metasploit) Microsoft Windows - OLE Package Manager Code Execution (MS14-064) (Metasploit) Microsoft Remote Desktop Services - Web Proxy IE Sandbox Escape (MS15-004) Microsoft Remote Desktop Services - Web Proxy IE Sandbox Escape (MS15-004) (Metasploit) Microsoft Windows Server 2003 SP2 - Privilege Escalation Microsoft Windows Server 2003 SP2 - Privilege Escalation (MS14-070) Microsoft Windows XP/7 Kernel - 'win32k.sys' Keyboard Layout Privilege Escalation Microsoft Windows XP/7 Kernel - 'win32k.sys' Keyboard Layout Privilege Escalation (MS10-073) Publish-It - '.PUI' Buffer Overflow (SEH) Publish-It - '.PUI' Buffer Overflow (SEH) (Metasploit) Microsoft Windows - ClientCopyImage Win32k Exploit (Metasploit) Microsoft Windows - ClientCopyImage Win32k Exploit (MS15-051) (Metasploit) Microsoft Word - Local Machine Zone Remote Code Execution Microsoft Word - Local Machine Zone Remote Code Execution (MS15-022) VideoCharge Studio - Buffer Overflow (SEH) VideoCharge Studio - Buffer Overflow (SEH) (Metasploit) Microsoft Windows - NtUserGetClipboardAccessToken Token Leak Microsoft Windows - NtUserGetClipboardAccessToken Token Leak (MS15-023) Microsoft Windows - Font Driver Buffer Overflow (MS15-078) Microsoft Windows - Font Driver Buffer Overflow (MS15-078) (Metasploit) Nagios 4.2.2 - Privilege Escalation ImageMagick 6.9.3-9 / 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick) ImageMagick 6.9.3-9 / 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick) (Metasploit) Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - Netfilter target_offset OOB Privilege Escalation Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - Netfilter target_offset Out-of-Bounds Privilege Escalation Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032) Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032) (Metasploit) VMware - Setuid VMware-mount Popen lsb_release Privilege Escalation (VMSA-2013-0010) VMware - Setuid VMware-mount Popen lsb_release Privilege Escalation Palo Alto Networks PanOS root_trace - Privilege Escalation Palo Alto Networks PanOS root_reboot - Privilege Escalation RealServer < 8.0.2 - Remote Exploit (Windows Platforms) RealServer < 8.0.2 (Windows Platforms) - Remote Exploit Microsoft Windows 2000/XP - 'RPC DCOM' Remote Exploit (MS03-026) Microsoft Windows Server 2000/XP - 'RPC DCOM' Remote Exploit (MS03-026) Microsoft Windows 2000/XP - Workstation Service Overflow (MS03-049) Microsoft Windows Server 2000/XP - Workstation Service Overflow (MS03-049) Microsoft Windows 2000/XP - 'Lsasrv.dll' Remote Universal Exploit (MS04-011) Microsoft Windows Server 2000/XP - 'Lsasrv.dll' Remote Universal Exploit (MS04-011) Microsoft Windows - 'WINS' Remote Buffer Overflow (3) Microsoft Windows - 'WINS' Remote Buffer Overflow (MS04-045) (3) Microsoft Windows Message - Queuing Buffer Overflow Universal Exploit (MS05-017) (v.0.3) Microsoft Windows Message Queuing - Buffer Overflow Universal Exploit (MS05-017) (v.0.3) Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (Spanish) Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (French) Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (Spanish) (MS05-039) Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (French) (MS05-039) eIQnetworks License Manager - Remote Buffer Overflow (1) (Metasploit) eIQnetworks License Manager - Remote Buffer Overflow (2) (Metasploit) eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (1) eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (2) Microsoft Windows 2003 - NetpIsRemote() Remote Overflow (MS06-040) (Metasploit) Microsoft Windows Server 2003 - NetpIsRemote() Remote Overflow (MS06-040) (Metasploit) Broadcom Wireless Driver - Probe Response SSID Overflow (1) (Metasploit) Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) (1) Microsoft Windows - NetpManageIPCConnect - Stack Overflow (Python) Microsoft Windows - NetpManageIPCConnect - Stack Overflow (MS06-070) (Python) Microsoft Speech API ActiveX Control (Windows 2000 SP4) - Remote Buffer Overflow Microsoft Speech API ActiveX Control (Windows XP SP2) - Remote Buffer Overflow Microsoft Speech API ActiveX Control (Windows 2000 SP4) - Remote Buffer Overflow (MS07-033) Microsoft Speech API ActiveX Control (Windows XP SP2) - Remote Buffer Overflow (MS07-033) CCProxy 6.2 - Telnet Proxy Ping Overflow (1) (Metasploit) CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) (1) Microsoft Windows 2000 - AS SP4 Message Queue Exploit (MS07-065) Microsoft Windows Server 2000 SP4 (Advanced Server) - Message Queue Exploit (MS07-065) Microsoft Windows Message Queuing Service - RPC Buffer Overflow Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) Microsoft Internet Explorer 5/6/7 - Memory Corruption (PoC) Microsoft Internet Explorer 5/6/7 - Memory Corruption (PoC) (MS09-054) Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly (MS03-044) Movie Maker - Remote Code Execution (MS10-016) Microsoft Movie Maker - Remote Code Execution (MS10-016) ASP.NET - Padding Oracle (MS10-070) Microsoft ASP.NET - Padding Oracle (MS10-070) ASP.NET - Padding Oracle File Download (MS10-070) Microsoft Windows - NTLM Weak Nonce Microsoft ASP.NET - Padding Oracle File Download (MS10-070) Microsoft Windows - NTLM Weak Nonce (MS10-012) ASP.NET - Auto-Decryptor File Download Exploit (MS10-070) Microsoft ASP.NET - Auto-Decryptor File Download Exploit (MS10-070) Wireshark - LWRES Dissector getaddrsbyname_request Buffer Overflow (loop) Wireshark - LWRES Dissector getaddrsbyname_request Buffer Overflow (Loop) (Metasploit) Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (1) PHP 4 - Unserialize() ZVAL Reference Counter Overflow (Cookie) Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (Metasploit) (1) PHP 4 - Unserialize() ZVAL Reference Counter Overflow (Cookie) (Metasploit) Axis2 - Authenticated Code Execution (via REST) Axis2 - Authenticated Code Execution (via REST) (Metasploit) Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP) Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP) (Metasploit) Microsoft Windows Media Services - ConnectFunnel Stack Buffer Overflow (Metasploit) Microsoft Private Communications Transport - Overflow Exploit (Metasploit) Microsoft Windows Media Services - ConnectFunnel Stack Buffer Overflow (MS10-025) (Metasploit) Microsoft Private Communications Transport - Overflow Exploit (MS04-011) (Metasploit) Microsoft IIS - ISAPI 'nsiislog.dll' ISAPI POST Overflow (Metasploit) Microsoft IIS - ISAPI FrontPage 'fp30reg.dll' Chunked Overflow (Metasploit) Microsoft IIS - Phone Book Service Overflow (Metasploit) Microsoft IIS - ISAPI 'nsiislog.dll' ISAPI POST Overflow (MS03-022) (Metasploit) Microsoft IIS - ISAPI FrontPage 'fp30reg.dll' Chunked Overflow (MS03-051) (Metasploit) Microsoft IIS - Phone Book Service Overflow (MS00-094) (Metasploit) Microsoft WINS - Service Memory Overwrite (Metasploit) Microsoft Windows - SMB Relay Code Execution (Metasploit) Microsoft Windows - Print Spooler Service Impersonation (MS10-061) Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067) Microsoft Windows - 'srv2.sys' SMB Negotiate ProcessID Function Table Dereference (Metasploit) Microsoft RRAS Service - Overflow Exploit (Metasploit) Microsoft DNS RPC Service - extractQuotedChar() Overflow 'SMB' (Metasploit) Microsoft Server Service - NetpwPathCanonicalize Overflow (Metasploit) Microsoft LSASS Service - DsRolerUpgradeDownlevelServer Overflow (Metasploit) Microsoft Services - 'nwwks.dll' (MS06-066) Microsoft WINS - Service Memory Overwrite (MS04-045) (Metasploit) Microsoft Windows - SMB Relay Code Execution (MS08-068) (Metasploit) Microsoft Windows - Print Spooler Service Impersonation (MS10-061) (Metasploit) Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067) (Metasploit) Microsoft Windows - 'srv2.sys' SMB Negotiate ProcessID Function Table Dereference (MS09-050) (Metasploit) Microsoft RRAS Service - Overflow Exploit (MS06-025) (Metasploit) Microsoft DNS RPC Service - extractQuotedChar() Overflow 'SMB' (MS07-029) (Metasploit) Microsoft Server Service - NetpwPathCanonicalize Overflow (MS06-040) (Metasploit) Microsoft LSASS Service - DsRolerUpgradeDownlevelServer Overflow (MS04-011) (Metasploit) Microsoft Services - 'nwwks.dll' (MS06-066) (Metasploit) Microsoft NetDDE Service - Overflow Exploit (Metasploit) Microsoft Workstation Service - NetpManageIPCConnect Overflow (Metasploit) Microsoft Services - 'nwapi32.dll' (MS06-066) Microsoft NetDDE Service - Overflow Exploit (MS04-031) (Metasploit) Microsoft Workstation Service - NetpManageIPCConnect Overflow (MS06-070) (Metasploit) Microsoft Services - 'nwapi32.dll' (MS06-066) (Metasploit) Microsoft RRAS Service - RASMAN Registry Overflow (Metasploit) Microsoft RRAS Service - RASMAN Registry Overflow (MS06-025) (Metasploit) Microsoft Windows - ASN.1 Library Bitstring Heap Overflow (MS04-007) Microsoft Workstation Service - NetAddAlternateComputerName Overflow (Metasploit) Microsoft Outlook Express - NNTP Response Parsing Buffer Overflow (Metasploit) Microsoft Windows - ASN.1 Library Bitstring Heap Overflow (MS04-007) (Metasploit) Microsoft Workstation Service - NetAddAlternateComputerName Overflow (MS03-049) (Metasploit) Microsoft Outlook Express - NNTP Response Parsing Buffer Overflow (MS05-030) (Metasploit) Broadcom Wireless Driver - Probe Response SSID Overflow (2) (Metasploit) Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) (2) Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (Metasploit) Microsoft SQL Server - Resolution Overflow (Metasploit) Microsoft SQL Server - Payload Execution (via SQL Injection) Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (MS09-004) (Metasploit) Microsoft SQL Server - Resolution Overflow (MS02-039) (Metasploit) Microsoft SQL Server - Payload Execution (via SQL Injection) (Metasploit) Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (via SQL Injection) Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (MS09-004) (via SQL Injection) (Metasploit) Microsoft SQL Server - Hello Overflow (Metasploit) Microsoft SQL Server - Hello Overflow (MS02-056) (Metasploit) CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (1) CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (Metasploit) (1) CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (2) CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (Metasploit) (2) CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (3) CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (Metasploit) (3) CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (1) CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) (1) IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (1) IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (Metasploit) (1) HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (1) HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (Metasploit) (1) Microsoft DirectX DirectShow - SAMI Buffer Overflow (Metasploit) Microsoft DirectX DirectShow - SAMI Buffer Overflow (MS07-064) (Metasploit) HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (2) HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (Metasploit) (2) Microsoft IIS/PWS - CGI Filename Double Decode Command Execution (Metasploit) Microsoft IIS 4.0 - '.htr' Path Overflow (Metasploit) Microsoft IIS 5.0 - Printer Host Header Overflow (Metasploit) Microsoft IIS 5.0 - WebDAV 'ntdll.dll' Path Overflow (Metasploit) Microsoft IIS/PWS - CGI Filename Double Decode Command Execution (MS01-026) (Metasploit) Microsoft IIS 4.0 - '.htr' Path Overflow (MS02-018) (Metasploit) Microsoft IIS 5.0 - Printer Host Header Overflow (MS01-023) (Metasploit) Microsoft IIS 5.0 - WebDAV 'ntdll.dll' Path Overflow (MS03-007) (Metasploit) Microsoft IIS 5.0 - IDQ Path Overflow (Metasploit) Microsoft IIS 5.0 - IDQ Path Overflow (MS01-033) (Metasploit) Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (1) Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (Metasploit) (1) Microsoft Internet Explorer - Daxctle.OCX KeyFrame Method Heap Buffer Overflow (Metasploit) Microsoft Visual Studio - Msmask32.ocx ActiveX Buffer Overflow (Metasploit) Microsoft Internet Explorer - Daxctle.OCX KeyFrame Method Heap Buffer Overflow (MS06-067) (Metasploit) Microsoft Visual Studio - Msmask32.ocx ActiveX Buffer Overflow (MS08-070) (Metasploit) Microsoft Windows Media Encoder 9 - 'wmex.dll' ActiveX Buffer Overflow (Metasploit) Microsoft Windows Media Encoder 9 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053) (Metasploit) Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) (MS07-017) (Metasploit) Microsoft Internet Explorer - XML Core Services HTTP Request Handling (Metasploit) Microsoft Internet Explorer - CSS Recursive Import Use-After-Free (Metasploit) Microsoft Internet Explorer - XML Core Services HTTP Request Handling (MS06-071) (Metasploit) Microsoft Internet Explorer - CSS Recursive Import Use-After-Free (MS11-003) (Metasploit) Microsoft Office Web Components (OWC) Spreadsheet - msDataSourceObject Memory Corruption (Metasploit) Microsoft Office Web Components (OWC) Spreadsheet - msDataSourceObject Memory Corruption (MS09-043) (Metasploit) Microsoft Internet Explorer - Winhlp32.exe MsgBox Code Execution (Metasploit) Microsoft OWC Spreadsheet - HTMLURL Buffer Overflow (Metasploit) Microsoft Internet Explorer - Winhlp32.exe MsgBox Code Execution (MS10-023) (Metasploit) Microsoft OWC Spreadsheet - HTMLURL Buffer Overflow (MS09-043) (Metasploit) Microsoft Help Center - Cross-Site Scripting / Command Execution (Metasploit) Microsoft Internet Explorer - Style getElementsByTagName Memory Corruption (Metasploit) Microsoft Help Center - Cross-Site Scripting / Command Execution (MS10-042) (Metasploit) Microsoft Internet Explorer - Style getElementsByTagName Memory Corruption (MS09-072) (Metasploit) Microsoft Internet Explorer - CSS SetUserClip Memory Corruption (Metasploit) Microsoft Internet Explorer - CSS SetUserClip Memory Corruption (MS10-090) (Metasploit) Microsoft Internet Explorer 7 - CFunctionPointer Uninitialized Memory Corruption (Metasploit) Microsoft Internet Explorer 7 - CFunctionPointer Uninitialized Memory Corruption (MS09-002) (Metasploit) Microsoft Internet Explorer - COM CreateObject Code Execution (Metasploit) Microsoft Internet Explorer - COM CreateObject Code Execution (MS06-014/MS06-073) (Metasploit) Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (2) Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (MS06-057) (Metasploit) (2) Microsoft Internet Explorer - Tabular Data Control ActiveX Memory Corruption (Metasploit) Microsoft Internet Explorer - Tabular Data Control ActiveX Memory Corruption (MS10-018) (Metasploit) Microsoft Windows - Shell LNK Code Execution (Metasploit) Microsoft Windows - Shell LNK Code Execution (MS10-046) (Metasploit) Microsoft Internet Explorer - createTextRange() Code Execution (Metasploit) Microsoft Internet Explorer - createTextRange() Code Execution (MS06-013) (Metasploit) Microsoft Internet Explorer - Object Type (MS03-020) Microsoft Internet Explorer - Object Type (MS03-020) (Metasploit) Microsoft Internet Explorer - Data Binding Memory Corruption (Metasploit) Microsoft Internet Explorer - Data Binding Memory Corruption (MS08-078) (Metasploit) Microsoft Internet Explorer - DHTML Behaviour Use-After-Free (Metasploit) Microsoft Internet Explorer - DHTML Behaviour Use-After-Free (MS10-018) (Metasploit) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (1) Microsoft Internet Explorer - (VML) Fill Method Code Execution (Metasploit) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) (1) Microsoft Internet Explorer - (VML) Fill Method Code Execution (MS06-055) (Metasploit) Microsoft Internet Explorer - 'Aurora' Memory Corruption (Metasploit) Microsoft Internet Explorer - 'Aurora' Memory Corruption (MS10-002) (Metasploit) Microsoft Windows XP/2003/Vista - Metafile Escape() SetAbortProc Code Execution (Metasploit) Microsoft Windows XP/2003/Vista - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit) CCProxy 6.2 - Telnet Proxy Ping Overflow (2) (Metasploit) CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) (2) Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP) Outlook - ATTACH_BY_REF_RESOLVE File Execution (Metasploit) Outlook - ATTACH_BY_REF_ONLY File Execution (Metasploit) Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP) (MS07-017) (Metasploit) Microsoft Outlook - ATTACH_BY_REF_RESOLVE File Execution (MS10-045) (Metasploit) Microsoft Outlook - ATTACH_BY_REF_ONLY File Execution (MS10-045) (Metasploit) Odin Secure FTP 4.1 - Stack Buffer Overflow (LIST) Odin Secure FTP 4.1 - Stack Buffer Overflow (LIST) (Metasploit) FTPGetter Standard 3.55.0.05 - Stack Buffer Overflow (PWD) FTPGetter Standard 3.55.0.05 - Stack Buffer Overflow (PWD) (Metasploit) httpdx - tolog() Function Format String (1) httpdx - tolog() Function Format String (Metasploit) (1) Microsoft IIS FTP Server - NLST Response Overflow (Metasploit) Microsoft IIS FTP Server - NLST Response Overflow (MS09-053) (Metasploit) Microsoft Message Queueing Service - Path Overflow (Metasploit) Microsoft DNS RPC Service - extractQuotedChar() Overflow (TCP) Microsoft RPC DCOM Interface - Overflow Exploit (Metasploit) Microsoft Message Queueing Service - DNS Name Path Overflow (Metasploit) Microsoft Message Queueing Service - Path Overflow (MS05-017) (Metasploit) Microsoft DNS RPC Service - extractQuotedChar() TCP Overflow (MS07-029) (Metasploit) Microsoft RPC DCOM Interface - Overflow Exploit (MS03-026) (Metasploit) Microsoft Message Queueing Service - DNS Name Path Overflow (MS07-065) (Metasploit) IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (2) IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (Metasploit) (2) Novell ZENworks Configuration Management 10.2.0 - Remote Execution (1) Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) (1) httpdx - tolog() Function Format String (2) httpdx - tolog() Function Format String (Metasploit) (2) Exchange 2000 - XEXCH50 Heap Overflow (MS03-046) Microsoft Exchange Server 2000 - XEXCH50 Heap Overflow (MS03-046) (Metasploit) NetSupport Manager Agent - Remote Buffer Overflow (2) NetSupport Manager Agent - Remote Buffer Overflow (Metasploit) (2) Apple iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1) Apple iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (Metasploit) (1) Apple iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2) Apple iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (Metasploit) (2) SquirrelMail PGP Plugin - Command Execution (SMTP) SquirrelMail PGP Plugin - Command Execution (SMTP) (Metasploit) ToolTalk - rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX) ToolTalk - rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX) (Metasploit) Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (2) Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (Metasploit) (2) Microsoft Internet Explorer - MSHTML!CObjectElement Use-After-Free (MS11-050) Microsoft Internet Explorer - MSHTML!CObjectElement Use-After-Free (MS11-050) (Metasploit) Lotus Notes 8.0.x < 8.5.2 FP2 - Autonomy Keyview (.lzh attachment) Lotus Notes 8.0.x < 8.5.2 FP2 - Autonomy Keyview ('.lzh' Attachment) (Metasploit) Mozilla Firefox - 'nsTreeRange' Dangling Pointer (1) Mozilla Firefox - 'nsTreeRange' Dangling Pointer (Metasploit) (1) Mozilla Firefox 3.6.16 - mChannel Use-After-Free (1) Mozilla Firefox 3.6.16 - mChannel Use-After-Free (Metasploit) (1) Microsoft MPEG Layer-3 Audio - Stack Based Overflow (MS10-026) Microsoft MPEG Layer-3 Audio - Stack Based Overflow (MS10-026) (Metasploit) ScriptFTP 3.3 - Remote Buffer Overflow (LIST) (2) ScriptFTP 3.3 - Remote Buffer Overflow (LIST) (Metasploit) (2) Mozilla Firefox - Array.reduceRight() Integer Overflow (2) Mozilla Firefox - Array.reduceRight() Integer Overflow (Metasploit) (2) Microsoft Internet Explorer - JavaScript OnLoad Handler Remote Code Execution (Metasploit) Microsoft Internet Explorer - JavaScript OnLoad Handler Remote Code Execution (MS05-054) (Metasploit) Mozilla Firefox 3.6.16 - mChannel Use-After-Free (2) Mozilla Firefox 3.6.16 - mChannel Use-After-Free (Metasploit) (2) Microsoft Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004) Microsoft Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004) (Metasploit) Sun Java Web Start Plugin - Command Line Argument Injection (2012) Sun Java Web Start Plugin - Command Line Argument Injection (2012) (Metasploit) Microsoft Internet Explorer - Object Memory Use-After-Free (MS10-002) Microsoft Internet Explorer - Object Memory Use-After-Free (MS10-002) (Metasploit) Microsoft Windows - MSCOMCTL ActiveX Buffer Overflow (MS12-027) Microsoft Windows - MSCOMCTL ActiveX Buffer Overflow (MS12-027) (Metasploit) quickshare file share 1.2.1 - Directory Traversal (2) quickshare file share 1.2.1 - Directory Traversal (Metasploit) (2) Microsoft IIS - MDAC 'msadcs.dll' RDS DataStub Content-Type Overflow (Metasploit) Microsoft IIS - MDAC 'msadcs.dll' RDS DataStub Content-Type Overflow (MS02-065) (Metasploit) Microsoft Internet Explorer - Same ID Property Deleted Object Handling Memory Corruption (MS12-037) Microsoft Internet Explorer - Same ID Property Deleted Object Handling Memory Corruption (MS12-037) (Metasploit) ComSndFTP 1.3.7 Beta - USER Format String (Write4) Microsoft XML Core Services - MSXML Uninitialized Memory Corruption (Metasploit) ComSndFTP 1.3.7 Beta - USER Format String (Write4) (Metasploit) Microsoft XML Core Services - MSXML Uninitialized Memory Corruption (MS12-043) (Metasploit) Microsoft Internet Explorer 5.0/4.0.1 - JavaScript URL redirection Microsoft Internet Explorer 5.0/4.0.1 - JavaScript URL Redirection (MS99-043) Microsoft Office SharePoint Server 2007 - Remote Code Execution (Metasploit) Microsoft Office SharePoint Server 2007 - Remote Code Execution (MS10-104) (Metasploit) Microsoft IIS 3.0/4.0 / Microsoft index server 2.0 - Directory Traversal Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 - Directory Traversal (MS00-006) Microsoft Internet Explorer - Fixed Table Col Span Heap Overflow (Metasploit) Microsoft Internet Explorer - Fixed Table Col Span Heap Overflow (MS12-037) (Metasploit) Microsoft Internet Explorer 5.5 - Index.dat Microsoft Internet Explorer 5.5 - 'Index.dat' Exploit (MS00-055) Microsoft Visual Studio RAD Support - Buffer Overflow (Metasploit) Microsoft Visual Studio RAD Support - Buffer Overflow (MS03-051) (Metasploit) JBoss - DeploymentFileRepository WAR Deployment (via JMXInvokerServlet) JBoss - DeploymentFileRepository WAR Deployment (via JMXInvokerServlet) (Metasploit) Microsoft Internet Explorer 5 - Zone Spoofing Microsoft Internet Explorer 5 - Zone Spoofing (MS01-055) HP SiteScope - Remote Code Execution (1) HP SiteScope - Remote Code Execution (Metasploit) (1) Microsoft Internet Explorer 5 - Cascading Style Sheet File Disclosure Microsoft Internet Explorer 5 - Cascading Style Sheet File Disclosure (MS02-023) Metasploit Web UI - Diagnostic Console Command Execution Metasploit Web UI - Diagnostic Console Command Execution (Metasploit) Microsoft IIS 4.0/5.0 - SMTP Service Encapsulated SMTP Address Microsoft IIS 4.0/5.0 - SMTP Service Encapsulated SMTP Address (MS99-027) Microsoft Internet Explorer 5 - Dialog Same Origin Policy Bypass Variant Microsoft Internet Explorer 5 - Dialog Same Origin Policy Bypass Variant (MS02-047) Microsoft Internet Explorer - execCommand Use-After-Free (MS12-063) Microsoft Internet Explorer - execCommand Use-After-Free (MS12-063) (Metasploit) Microsoft Internet Explorer 5 - XML Page Object Type Validation Microsoft Internet Explorer 5 - XML Page Object Type Validation (MS03-040) Microsoft Windows XP/2000 - Messenger Service Buffer Overrun Microsoft Windows XP/2000 - Messenger Service Buffer Overrun (MS03-043) Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass (MS04-013) Microsoft Internet Explorer 5 - NavigateAndFind() Cross-Zone Policy Microsoft Internet Explorer 5 - NavigateAndFind() Cross-Zone Policy (MS04-004) Microsoft Internet Explorer - Option Element Use-After-Free (Metasploit) Microsoft Internet Explorer - Option Element Use-After-Free (MS11-081) (Metasploit) Java Applet JMX - Remote Code Execution (1) Java Applet JMX - Remote Code Execution (Metasploit) (1) myServer 0.6.2 - math_sum.mscgi Multiple Parameter Cross-Site Scripting MyServer 0.6.2 - math_sum.mscgi Multiple Parameter Cross-Site Scripting VMware OVF Tools - Format String (1) VMware OVF Tools - Format String (Metasploit) (1) VMware OVF Tools - Format String (2) VMware OVF Tools - Format String (Metasploit) (2) Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) Java Applet JMX - Remote Code Execution (2) Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit) Java Applet JMX - Remote Code Execution (Metasploit) (2) Microsoft Internet Explorer 5.x - Valid File Drag and Drop Embedded Code Microsoft Internet Explorer 5.x - Valid File Drag and Drop Embedded Code (MS04-038) Novell ZENworks Configuration Management 10.2.0 - Remote Execution (2) Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) (2) phpMyAdmin - Authenticated Remote Code Execution via preg_replace() phpMyAdmin - 'preg_replace' Authenticated Remote Code Execution (Metasploit) Microsoft Internet Explorer 5.0.1 - Content Advisor File Handling Buffer Overflow Microsoft Internet Explorer 5.0.1 - Content Advisor File Handling Buffer Overflow (MS05-020) Microsoft Internet Explorer - textNode Use-After-Free (Metasploit) Microsoft Internet Explorer - textNode Use-After-Free (MS13-037) (Metasploit) Microsoft Internet Explorer - COALineDashStyleArray Integer Overflow (MS13-009) Microsoft Internet Explorer - COALineDashStyleArray Integer Overflow (MS13-009) (Metasploit) D-Link Devices - Unauthenticated Remote Command Execution (2) D-Link Devices - Unauthenticated Remote Command Execution (Metasploit) (2) D-Link Devices - Unauthenticated Remote Command Execution (1) D-Link Devices - Unauthenticated Remote Command Execution (Metasploit) (1) Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059) Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059) (Metasploit) Microsoft Internet Explorer - CAnchorElement Use-After-Free (MS13-055) HP SiteScope - Remote Code Execution (2) Microsoft Internet Explorer - CAnchorElement Use-After-Free (MS13-055) (Metasploit) HP SiteScope - Remote Code Execution (Metasploit) (2) CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (2) Microsoft Internet Explorer - CCaret Use-After-Free (MS13-069) Microsoft Windows Theme File Handling - Arbitrary Code Execution (MS13-071) CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) (2) Microsoft Internet Explorer - CCaret Use-After-Free (MS13-069) (Metasploit) Microsoft Windows Theme File Handling - Arbitrary Code Execution (MS13-071) (Metasploit) Microsoft Internet Explorer - CDisplayPointer Use-After-Free (MS13-080) Microsoft Internet Explorer - CDisplayPointer Use-After-Free (MS13-080) (Metasploit) Microsoft Internet Explorer - CardSpaceClaimCollection ActiveX Integer Underflow (MS13-090) Microsoft Internet Explorer - COALineDashStyleArray Unsafe Memory Access (MS12-022) Microsoft Internet Explorer - CardSpaceClaimCollection ActiveX Integer Underflow (MS13-090) (Metasploit) Microsoft Internet Explorer - COALineDashStyleArray Unsafe Memory Access (MS12-022) (Metasploit) Microsoft Internet Explorer - TextRange Use-After-Free (MS14-012) Microsoft Internet Explorer - TextRange Use-After-Free (MS14-012) (Metasploit) Microsoft Internet Explorer - CMarkup Use-After-Free (MS14-012) Microsoft Internet Explorer - CMarkup Use-After-Free (MS14-012) (Metasploit) Microsoft Windows Media Center - MCL Exploit (MS15-100) Microsoft Windows Media Center - MCL Exploit (MS15-100) (Metasploit) Advantech Switch - Bash Environment Variable Code Injection (Shellshock) Advantech Switch - Bash Environment Variable Code Injection (Shellshock) (Metasploit) Oracle BeeHive 2 - voice-servlet processEvaluation() Oracle BeeHive 2 - voice-servlet processEvaluation() (Metasploit) Microsoft Windows Media Center - '.Link' File Incorrectly Resolved Reference Microsoft Windows Media Center - '.Link' File Incorrectly Resolved Reference (MS15-134) IPFire - Bash Environment Variable Injection (Shellshock) IPFire - Bash Environment Variable Injection (Shellshock) (Metasploit) Ruby on Rails - Dynamic Render File Upload / Remote Code Execution Ruby on Rails - Dynamic Render File Upload / Remote Code Execution (Metasploit) FTPShell Client 5.24 - 'PWD' Remote Buffer Overflow Windows x64 - Reverse Shell TCP Shellcode (694 bytes) phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection (2) phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection (Metasploit) (2) PmWiki 2.2.34 - (pagelist) Remote PHP Code Injection (2) PmWiki 2.2.34 - (pagelist) Remote PHP Code Injection (2) (Metasploit) Wordpress Plugin BBS e-Franchise 1.1.1 - SQL Injection Wordpress Plugin Product Catalog 8 1.2.0 - SQL Injection EditMe CMS - Cross-Site Request Forgery (Add New Admin)	2016-11-19 05:01:21 +00:00
Offensive Security	b22e31535e	DB: 2016-11-18 3 new exploits Winamp 5.21 - (Midi File Header Handling) Buffer Overflow (PoC) Winamp 5.21 - .Midi File Header Handling Buffer Overflow (PoC) Nullsoft Winamp 5.3 - (Ultravox-Max-Msg) Heap Overflow Denial of Service (PoC) NullSoft Winamp 5.3 - (Ultravox-Max-Msg) Heap Overflow Denial of Service (PoC) Apple Mac OSX 10.4.x Kernel - i386_set_ldt() Integer Overflow (PoC) Apple Mac OSX 10.4.x Kernel - i386_set_ldt() Integer Overflow (PoC) Microsoft Visual InterDev 6.0 (SP6) - .SLN File Local Buffer Overflow (PoC) Microsoft Visual InterDev 6.0 SP6 - '.sln' Local Buffer Overflow (PoC) WinAmp GEN_MSN Plugin - Heap Buffer Overflow (PoC) Winamp GEN_MSN Plugin - Heap Buffer Overflow (PoC) Winamp 5.572 - whatsnew.txt Stack Overflow (PoC) Winamp 5.572 - 'whatsnew.txt' Stack Overflow (PoC) Nullsoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow NullSoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow WinAmp 5.63 - Invalid Pointer Dereference WinAmp 5.63 - Stack Based Buffer Overflow Winamp 5.63 - Invalid Pointer Dereference Winamp 5.63 - Stack Based Buffer Overflow Winamp 5.666 build 3516 - (Corrupted flv) Crash (PoC) Winamp 5.666 build 3516 - Corrupted .flv Crash (PoC) Microsoft Edge - 'eval' Type Confusion Nullsoft Winamp 5.32 - .MP4 Tags Stack Overflow NullSoft Winamp 5.32 - .MP4 Tags Stack Overflow SCO UnixWare < 7.1.4 p534589 - (pkgadd) Privilege Escalation SCO UnixWare Reliant HA - Privilege Escalation SCO UnixWare Merge - mcd Privilege Escalation Microsoft Visual Basic Enterprise 6 SP6 - '.DSR' File Local Buffer Overflow SCO UnixWare < 7.1.4 p534589 - 'pkgadd' Privilege Escalation SCO UnixWare Reliant HA 1.1.4 - Privilege Escalation SCO UnixWare Merge - 'mcd' Privilege Escalation Winamp 5.05-5.13 - '.ini' Local Stack Buffer Overflow (PoC) Winamp 5.05<5.13 - '.ini' Local Stack Buffer Overflow (PoC) Winamp 5.572 - whatsnew.txt Stack Overflow Winamp 5.572 - whatsnew.txt Local Buffer Overflow (Windows XP SP3 DE) Winamp 5.572 - 'whatsnew.txt' Stack Overflow Winamp 5.572 (Windows XP SP3 DE) - 'whatsnew.txt' Local Buffer Overflow Winamp 5.572 - whatsnew.txt SEH (Metasploit) Winamp 5.572 - 'whatsnew.txt' SEH (Metasploit) Winamp 5.572 - Local Buffer Overflow (Windows 7 ASLR + DEP Bypass) Winamp 5.572 (Windows 7) - Local Buffer Overflow (ASLR + DEP Bypass) Nullsoft Winamp 5.581 - 'wnaspi32.dll' DLL Hijacking NullSoft Winamp 5.581 - 'wnaspi32.dll' DLL Hijacking WinAmp 5.63 - (winamp.ini) Local Exploit Winamp 5.63 - 'winamp.ini' Local Exploit Nginx (Debian-Based Distributions) - 'logrotate' Local Privilege Escalation Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1) Xi Graphics Maximum CDE 1.2.3 / TriTeal TED CDE 4.3 / Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2) Xi Graphics Maximum CDE 1.2.3/TriTeal TED CDE 4.3/Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1) Xi Graphics Maximum CDE 1.2.3/TriTeal TED CDE 4.3/Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2) Nullsoft Winamp 2.x - AIP Buffer Overflow NullSoft Winamp 2.x - AIP Buffer Overflow Nullsoft Winamp 2.x/3.x/5.0.x - ActiveX Control Remote Buffer Overflow NullSoft Winamp 2.x/3.x/5.0.x - ActiveX Control Remote Buffer Overflow winamp Web interface 7.5.13 - Multiple Vulnerabilities Winamp Web interface 7.5.13 - Multiple Vulnerabilities Nullsoft Winamp 5.0 - Malformed ID3v2 Tag Buffer Overflow NullSoft Winamp 5.0 - Malformed ID3v2 Tag Buffer Overflow LinPHA 1.3.1 - (new_images.php) Blind SQL Injection LinPHA 1.3.1 - 'new_images.php' Blind SQL Injection KwsPHP Module jeuxflash 1.0 - 'id' SQL Injection KwsPHP Module jeuxflash 1.0 - 'id' Parameter SQL Injection KwsPHP 1.0 - Newsletter Module SQL Injection KwsPHP 1.0 Module Newsletter - SQL Injection DaZPHP 0.1 - (prefixdir) Local File Inclusion PhpBlock a8.4 - (PATH_TO_CODE) Remote File Inclusion KwsPHP Module Galerie - (id_gal) SQL Injection KwsPHP Module Archives - 'id' SQL Injection KwsPHP Module jeuxflash (cat) 1.0 - SQL Injection KwsPHP Module ConcoursPhoto - (C_ID) SQL Injection XPOZE Pro 3.05 - (reed) SQL Injection Vastal I-Tech Software Zone - 'cat_id' SQL Injection sabros.us 1.75 - (thumbnails.php) Remote File Disclosure Comdev News Publisher - SQL Injection Affiliate Directory - 'cat_id' SQL Injection PHP Photo Gallery 1.0 - (photo_id) SQL Injection Blogator-script 0.95 - (incl_page) Remote File Inclusion PIGMy-SQL 1.4.1 - (getdata.php id) Blind SQL Injection Blogator-script 0.95 - (id_art) SQL Injection Dragoon 0.1 - (lng) Local File Inclusion DaZPHP 0.1 - 'prefixdir' Parameter Local File Inclusion PhpBlock a8.4 - 'PATH_TO_CODE' Parameter Remote File Inclusion KwsPHP 1.3.456 Module Galerie - 'id_gal' Parameter SQL Injection KwsPHP 1.3.456 Module Archives - 'id' Parameter SQL Injection KwsPHP Module jeuxflash 1.0 - 'cat' Parameter SQL Injection KwsPHP Module ConcoursPhoto 2.0 - 'C_ID' Parameter SQL Injection XPOZE Pro 3.05 - 'reed' Parameter SQL Injection Vastal I-Tech Software Zone - 'cat_id' Parameter SQL Injection Sabros.us 1.75 - 'thumbnails.php' Remote File Disclosure Comdev News Publisher 4.1.2 - SQL Injection Affiliate Directory - 'cat_id' Parameter SQL Injection PHP Photo Gallery 1.0 - 'photo_id' Parameter SQL Injection Blogator-script 0.95 - 'incl_page' Parameter Remote File Inclusion PIGMy-SQL 1.4.1 - 'getdata.php' Blind SQL Injection Blogator-script 0.95 - 'id_art' Parameter SQL Injection Dragoon 0.1 - 'lng' Parameter Local File Inclusion Easynet Forum Host - 'forum.php forum' SQL Injection CoBaLT 0.1 - Multiple SQL Injections Gaming Directory 1.0 - 'cat_id' SQL Injection Easynet Forum Host - 'forum.php' SQL Injection Cobalt 0.1 - Multiple SQL Injections Gaming Directory 1.0 - 'cat_id' Parameter SQL Injection Links Directory 1.1 - 'cat_id' SQL Injection Software Index 1.1 - 'cid' SQL Injection Links Directory 1.1 - 'cat_id' Parameter SQL Injection Software Index 1.1 - 'cid' Parameter SQL Injection Blog PixelMotion - 'index.php categorie' SQL Injection Site Sift Listings - 'id' SQL Injection Blog PixelMotion - 'categorie' Parameter SQL Injection Site Sift Listings - 'id' Parameter SQL Injection Prozilla Forum Service - 'forum.php forum' SQL Injection Prozilla Forum Service - 'forum' Parameter SQL Injection Prozilla Freelancers - (project) SQL Injection Prozilla Freelancers - 'project' Parameter SQL Injection LinPHA 1.3.3 - (maps plugin) Remote Command Execution Dragoon 0.1 - (root) Remote File Inclusion LinPHA 1.3.3 Plugin Maps - Remote Command Execution Dragoon 0.1 - 'root' Parameter Remote File Inclusion k-links directory - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities k-links directory - SQL Injection / Cross-Site Scripting SFS Affiliate Directory - 'id' SQL Injection Affiliate Directory - 'id' Parameter SQL Injection SFS EZ Gaming Directory - 'Directory.php id' SQL Injection SFS EZ Gaming Directory - 'directory.php' SQL Injection SFS EZ Gaming Directory - 'cat_id' SQL Injection SFS EZ Gaming Directory - 'cat_id' Parameter SQL Injection LinPHA 1.3.2 - (rotate.php) Remote Command Execution LinPHA 1.3.2 - 'rotate.php' Remote Command Execution cobalt qube webmail 1.0 - Directory Traversal Cobalt Qube Webmail 1.0 - Directory Traversal LinPHA 0.9.x/1.0 - 'index.php' lang Parameter Local File Inclusion LinPHA 0.9.x/1.0 - install.php language Parameter Local File Inclusion LinPHA 0.9.x/1.0 - sec_stage_install.php language Parameter Local File Inclusion LinPHA 0.9.x/1.0 - forth_stage_install.php language Variable POST Method Local File Inclusion LinPHA 0.9.x/1.0 - 'lang' Parameter Local File Inclusion LinPHA 0.9.x/1.0 - 'install.php' Parameter Local File Inclusion LinPHA 0.9.x/1.0 - 'sec_stage_install.php' Parameter Local File Inclusion LinPHA 0.9.x/1.0 - 'forth_stage_install.php' Local File Inclusion LinPHA 1.1 - Multiple Cross-Site Scripting Vulnerabilities Drake CMS 0.2 - 'index.php' Cross-Site Scripting Sabros.US 1.7 - 'index.php' Cross-Site Scripting Drake CMS 0.3.7 - 404.php Local File Inclusion Drake CMS 0.3.7 - '404.php' Local File Inclusion Drake CMS 0.4.9 - 'index.php' Cross-Site Scripting Blogator-script 0.95 - 'bs_auth.php' Cross-Site Scripting CoBaLT 2.0 - 'adminler.asp' SQL Injection Cobalt 2.0 - 'adminler.asp' SQL Injection VisualPic 0.3.1 - Cross-Site Scripting LinPHA 1.3.2/1.3.3 - 'login.php' Cross-Site Scripting LinPHA 1.3.2/1.3.3 - new_images.php Cross-Site Scripting Software Index - 'signinform.php' Cross-Site Scripting CMSimple 4.4.4 - Remote file Inclusion CMSimple 4.4.4 - Remote File Inclusion Wordpress Plugin Answer My Question 1.3 - SQL Injection Wordpress Plugin Sirv 1.3.1 - SQL Injection	2016-11-18 05:01:22 +00:00
Offensive Security	2e7215ec08	DB: 2016-11-16 8 new exploits MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial of Service MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial Of Service MailEnable Professional/Enterprise 2.37 - Denial of Service MailEnable Professional/Enterprise 2.37 - Denial Of Service Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial Of Service MailEnable SMTP Service - VRFY/EXPN Command Buffer Overflow Denial of Service MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Command Denial Of Service VideoLAN VLC Media Player - Subtitle StripTags() Function Memory Corruption VideoLAN VLC Media Player 1.1 - Subtitle StripTags() Function Memory Corruption VideoLAN VLC Media Player - XSPF Local File Integer Overflow in XSPF Playlist parser VideoLAN VLC Media Player 1.1.9 - XSPF Local File Integer Overflow in XSPF Playlist parser VideoLAN VLC Media Player - '.3gp' File Divide-by-Zero Denial of Service VideoLAN VLC Media Player 2.0.2 - '.3gp' File Divide-by-Zero Denial Of Service VideoLAN VLC Media Player - '.wav' File Memory Corruption VideoLAN VLC Media Player 2.1.3 - '.wav' File Memory Corruption Microsoft Edge 11.0.10240.16384 - 'edgehtml' CAttrArray::Destroy Use-After-Free Linux Kernel (Ubuntu / RedHat) - 'keyctl' Null Pointer Dereference Microsoft Windows Kernel - Registry Hive Loading 'nt!RtlEqualSid' Out-of-Bounds Read (MS16-138) VideoLAN VLC Media Player - '.TY' File Stack Based Buffer Overflow VideoLAN VLC Media Player 0.9.4 - '.TY' File Stack Based Buffer Overflow VideoLAN VLC Media Player - 'wintab32.dll' DLL Hijacking VideoLAN VLC Media Player 1.1.3 - 'wintab32.dll' DLL Hijacking VideoLAN VLC Media Player - TiVo Buffer Overflow (Metasploit) VideoLAN VLC Media Player 0.9.4 - TiVo Buffer Overflow (Metasploit) VideoLAN VLC Media Player - MKV Memory Corruption (Metasploit) VideoLAN VLC Media Player 1.1.6 - 'MKV' Memory Corruption (Metasploit) VideoLAN VLC Media Player - RealText Subtitle Overflow (Metasploit) VideoLAN VLC Media Player 0.9.5 - RealText Subtitle Overflow (Metasploit) Microsoft Windows - VHDMP ZwDeleteFile Arbitrary File Deletion Privilege Escalation (MS16-138) Microsoft Windows - VHDMP Arbitrary File Creation Privilege Escalation (MS16-138) Microsoft Windows - VHDMP Arbitrary Physical Disk Cloning Privilege Escalation (MS16-138) MailEnable Pro/Ent 2.37 - (APPEND) Remote Buffer Overflow MailEnable Professional/Enterprise 2.37 - 'APPEND' Remote Buffer Overflow Versant Object Database 7.0.1.3 - Commands Execution Exploit Versant Object Database 7.0.1.3 - Commands Execution VHCS 2.4.7.1 - (vhcs2_daemon) Remote Root Exploit VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Root Exploit MDaemon IMAP server 9.6.4 - (FETCH) Remote Buffer Overflow MailEnable Pro/Ent 3.13 - (Fetch) Authenticated Remote Buffer Overflow MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow MailEnable Professional/Enterprise 3.13 - 'Fetch' Authenticated Remote Buffer Overflow VideoLAN VLC Media Player - AMV Dangling Pointer (Metasploit) VideoLAN VLC Media Player 1.1.4 - 'AMV' Dangling Pointer (Metasploit) VideoLAN VLC Media Player - ModPlug ReadS3M Stack Buffer Overflow (Metasploit) VideoLAN VLC Media Player 1.1.8 - ModPlug ReadS3M Stack Buffer Overflow (Metasploit) VideoLAN VLC Media Player - Mms Stream Handling Buffer Overflow (Metasploit) VideoLAN VLC Media Player 2.0.0 - Mms Stream Handling Buffer Overflow (Metasploit) Easy Internet Sharing Proxy Server 2.2 - SEH Overflow (Metasploit) Disk Pulse Enterprise 9.0.34 - Buffer Overflow Disk Pulse Enterprise 9.0.34 - 'Login' Buffer Overflow Disk Pulse Enterprise - Login Buffer Overflow' (Metasploit) Disk Pulse Enterprise 9.0.34 - 'Login' Buffer Overflow' (Metasploit) WinaXe 7.7 FTP Client - Remote Buffer Overflow (Metasploit) phpMyNewsletter 0.6.10 - (customize.php l) Remote File Inclusion phpMyNewsletter 0.6.10 - 'customize.php' Remote File Inclusion QuickTalk forum 1.3 - 'lang' Local File Inclusion QuickTicket 1.2 - (qti_checkname.php) Local File Inclusion QuickTalk forum 1.3 - 'lang' Parameter Local File Inclusion QuickTicket 1.2 - 'qti_checkname.php' Local File Inclusion Mambo Component com_Musica - 'id' SQL Injection phpArcadeScript 3.0RC2 - (userid) SQL Injection phpComasy 0.8 - (mod_project_id) SQL Injection Dynamic photo Gallery 1.02 - 'albumID' SQL Injection Mambo Component com_Musica - 'id' Parameter SQL Injection phpArcadeScript 3.0RC2 - 'userid' Parameter SQL Injection phpComasy 0.8 - 'mod_project_id' Parameter SQL Injection Dynamic photo Gallery 1.02 - 'albumID' Parameter SQL Injection XOOPS Module Glossario 2.2 - 'sid' SQL Injection XOOPS Module wfdownloads - 'cid' SQL Injection XOOPS Module Glossario 2.2 - 'sid' Parameter SQL Injection XOOPS Module wfdownloads - 'cid' Parameter SQL Injection Joomla! Component Candle 1.0 - (cID) SQL Injection QuickTicket 1.5 - (qti_usr.php id) SQL Injection Joomla! Component Candle 1.0 - 'cid' Parameter SQL Injection QuickTicket 1.5 - 'qti_usr.php' SQL Injection Mambo Component eWriting 1.2.1 - (cat) SQL Injection phpMyNewsletter 0.8b5 - (archives.php msg_id) SQL Injection Mapbender 2.4.4 - (mapFiler.php) Remote Code Execution Mapbender 2.4.4 - (gaz) SQL Injection Mambo Component eWriting 1.2.1 - 'cat' Parameter SQL Injection phpMyNewsletter 0.8b5 - 'msg_id' Parameter SQL Injection Mapbender 2.4.4 - 'mapFiler.php' Remote Code Execution Mapbender 2.4.4 - 'gaz' Parameter SQL Injection phpBB Mod FileBase - 'id' SQL Injection phpBB Mod FileBase 2.0 - 'id' Parameter SQL Injection XOOPS Module Gallery 0.2.2 - (gid) SQL Injection XOOPS Module My_eGallery 3.04 - (gid) SQL Injection XOOPS Module Gallery 0.2.2 - 'gid' Parameter SQL Injection XOOPS Module My_eGallery 3.04 - 'gid' Parameter SQL Injection XOOPS Module tutorials - 'printpage.php' SQL Injection XOOPS Module tutorials 2.1b - 'printpage.php' SQL Injection easygallery 5.0tr - Multiple Vulnerabilities EasyGallery 5.0tr - Multiple Vulnerabilities phpArcadeScript 4 - (cat) SQL Injection phpArcadeScript 4 - 'cat' Parameter SQL Injection phpComasy 0.9.1 - (entry_id) SQL Injection phpComasy 0.9.1 - 'entry_id' Parameter SQL Injection phpArcadeScript 4.0 - (linkout.php id) SQL Injection phpArcadeScript 4.0 - 'id' Parameter SQL Injection Myiosoft EasyGallery - 'catid' Blind SQL Injection EasyGallery - 'catid' Parameter Blind SQL Injection phpArcadeScript 2.0 - tellafriend.php gamename Parameter Cross-Site Scripting phpArcadeScript 2.0 - loginbox.php login_status Parameter Cross-Site Scripting phpArcadeScript 2.0 - 'index.php' submissionstatus Parameter Cross-Site Scripting phpArcadeScript 2.0 - browse.php Multiple Parameter Cross-Site Scripting phpArcadeScript 2.0 - displaygame.php gamefile Parameter Cross-Site Scripting EasyGallery 1.17 - EasyGallery.php Cross-Site Scripting Bloo 1.00 - Googlespell_Proxy.php Cross-Site Scripting Mitra Informatika Solusindo Cart - 'p' Parameter SQL Injection	2016-11-16 05:01:23 +00:00
Offensive Security	c27aa131c8	DB: 2016-11-15 5 new exploits MyServer 0.8.11 - (204 No Content) error Remote Denial of Service MyServer 0.8.11 - '204 No Content' error Remote Denial of Service Microsoft Internet Explorer 11 MSHTML - CMapElement::Notify Use-After-Free (MS15-009) Microsoft Internet Explorer 9-11 MSHTML - PROPERTYDESC::HandleStyleComponentProperty Out-of-Bounds Read (MS16-104) Microsoft Internet Explorer 9<11 MSHTML - PROPERTYDESC::HandleStyleComponentProperty Out-of-Bounds Read (MS16-104) MySQL 4.0.17 - UDF Dynamic Library Exploit MySQL 4.0.17 (Linux) - User-Defined Function (UDF) Dynamic Library Exploit (1) MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Privilege Escalation MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Dynamic Library Exploit (2) Solaris 8 / 9 - (/usr/ucb/ps) Local Information Leak Exploit Solaris 8 / 9 - '/usr/ucb/ps' Local Information Leak Exploit Solaris 10 (libnspr) - Arbitrary File Creation Privilege Escalation Solaris 10 libnspr - 'LD_PRELOAD' Arbitrary File Creation Privilege Escalation (1) Solaris 10 (libnspr) - LD_PRELOAD Arbitrary File Creation Privilege Escalation Solaris 10 libnspr - 'LD_PRELOAD' Arbitrary File Creation Privilege Escalation (2) Solaris 10 (libnspr) - Constructor Privilege Escalation Solaris 10 libnspr - 'Constructor' Arbitrary File Creation Privilege Escalation (3) IBM AIX 5.6/6.1 - _LIB_INIT_DBG Arbitrary File Overwrite via Libc Debug IBM AIX 5.6/6.1 - '_LIB_INIT_DBG' Arbitrary File Overwrite via Libc Debug Apple MacOS 10.12 - 'task_t' Privilege Escalation Apple macOS 10.12 - 'task_t' Privilege Escalation Linux Kernel 2.6.x < 2.6.7-rc3 - 'sys_chown()' Privilege Escalation Solaris 8/9 ps - Environment Variable Information Leak Solaris 7/8/9 CDE libDtHelp - Buffer Overflow dtprintinfo Privilege Escalation Solaris 7/8/9 CDE libDtHelp - Buffer Overflow Non-Exec Stack Privilege Escalation Solaris 8/9 passwd(1) - 'circ()' Stack-Based Buffer Overflow Privilege Escalation Linux Kernel 4.4 (Ubuntu 16.04) - BPF Local Privilege Escalation (Metasploit) Solaris 2.5.1/2.6/7/8 rlogin (SPARC) - /bin/login Buffer Overflow Solaris 2.5.1/2.6/7/8 rlogin (SPARC) - '/bin/login' Buffer Overflow Oracle 9i / 10g (extproc) - Local+Remote Command Execution Oracle 9i / 10g (extproc) - Local / Remote Command Execution Solaris/SPARC 2.5.1/2.6/7/8 - Derived 'login' Buffer Overflow Microsoft Internet Explorer 8-11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084) Microsoft Internet Explorer 8<11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084) Disk Pulse Enterprise - Login Buffer Overflow' (Metasploit) MiniNuke 1.8.2 - (news.asp hid) SQL Injection MiniNuke 1.8.2 - 'hid' Parameter SQL Injection MiniNuke 1.8.2b - (pages.asp) SQL Injection MiniNuke 1.8.2b - 'pages.asp' SQL Injection MiniNuke 2.x - (create an admin) SQL Injection MiniNuke 2.x - SQL Injection (Add Admin) Nukedit CMS 4.9.6 - Unauthorized Admin Add Exploit Nukedit CMS 4.9.6 - Unauthorized Admin Add Portail Web PHP 2.5.1 - (includes.php) Remote File Inclusion Portail Web PHP 2.5.1 - 'includes.php' Remote File Inclusion CodeBreak 1.1.2 - (codebreak.php) Remote File Inclusion Mambo Module Weather - 'absolute_path' Remote File Inclusion CodeBreak 1.1.2 - 'codebreak.php' Remote File Inclusion Mambo Module Weather - 'absolute_path' Parameter Remote File Inclusion mxBB Module MX Shotcast 1.0 RC2 - (getinfo1.php) Remote File Inclusion mxBB Module MX Shotcast 1.0 RC2 - 'getinfo1.php' Remote File Inclusion RicarGBooK 1.2.1 - (header.php lang) Local File Inclusion RicarGBooK 1.2.1 - 'lang' Parameter Local File Inclusion BlogPHP 2 - 'id' Cross-Site Scripting / SQL Injection BlogPHP 2 - 'id' Parameter Cross-Site Scripting / SQL Injection MultiCart 2.0 - (productdetails.php) SQL Injection PHP-Nuke Modules Manuales 0.1 - 'cid' SQL Injection PHP-Nuke Module Siir - 'id' SQL Injection MultiCart 2.0 - 'productdetails.php' SQL Injection PHP-Nuke Modules Manuales 0.1 - 'cid' Parameter SQL Injection PHP-Nuke Module Siir - 'id' Parameter SQL Injection OSSIM 0.9.9rc5 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities PHP-Nuke Module NukeC 2.1 - (id_catg) SQL Injection OSSIM 0.9.9rc5 - Cross-Site Scripting / SQL Injection PHP-Nuke Module NukeC 2.1 - 'id_catg' Parameter SQL Injection PHPProfiles 4.5.2 Beta - (body_comm.inc.php) Remote File Inclusion PHPProfiles 4.5.2 Beta - 'body_comm.inc.php' Remote File Inclusion PHPUserBase 1.3b - (unverified.inc.php) Local File Inclusion PHPUserBase 1.3b - (unverified.inc.php) Remote File Inclusion PHPUserBase 1.3b - 'unverified.inc.php' Local File Inclusion PHPUserBase 1.3b - 'unverified.inc.php' Remote File Inclusion PHP-Nuke Module Kose_Yazilari - (artid) SQL Injection MiniNuke 2.1 - (members.asp uid) SQL Injection PHP-Nuke Module Kose_Yazilari - 'artid' Parameter SQL Injection MiniNuke 2.1 - 'uid' Parameter SQL Injection Nukedit 4.9.x - Remote Create Admin Exploit WordPress Plugin Sniplets 1.1.2 - (Remote File Inclusion / Cross-Site Scripting / Remote Code Execution) Multiple Vulnerabilities Mambo Component SimpleBoard 1.0.3 - 'catid' SQL Injection Nukedit 4.9.x - Remote Create Admin WordPress Plugin Sniplets 1.1.2 - Remote File Inclusion / Cross-Site Scripting / Remote Code Execution Mambo Component SimpleBoard 1.0.3 - 'catid' Parameter SQL Injection GROUP-E 1.6.41 - (head_auth.php) Remote File Inclusion Koobi Pro 5.7 - (categ) SQL Injection GROUP-E 1.6.41 - 'head_auth.php' Remote File Inclusion Dream4 Koobi Pro 5.7 - 'categ' Parameter SQL Injection barryvan compo manager 0.5pre-1 - Remote File Inclusion PHP-Nuke My_eGallery 2.7.9 - SQL Injection Centreon 1.4.2.3 - (get_image.php) Remote File Disclosure Koobi CMS 4.3.0 < 4.2.3 - (categ) SQL Injection Barryvan Compo Manager 0.3 - Remote File Inclusion PHP-Nuke Module My_eGallery 2.7.9 - SQL Injection Centreon 1.4.2.3 - 'get_image.php' Remote File Disclosure Dream4 Koobi CMS 4.3.0 < 4.2.3 - 'categ' Parameter SQL Injection Koobi Pro 6.25 - links SQL Injection Koobi Pro 6.25 - shop SQL Injection Koobi Pro 6.25 - gallery SQL Injection Koobi Pro 6.25 - showimages SQL Injection Koobi 4.4/5.4 - gallery SQL Injection Dream4 Koobi Pro 6.25 Links - 'categ' Parameter SQL Injection Dream4 Koobi Pro 6.25 Shop - 'categ' Parameter SQL Injection Dream4 Koobi Pro 6.25 Gallery - 'galid' Parameter SQL Injection Dream4 Koobi Pro 6.25 Showimages - 'galid' Parameter SQL Injection Dream4 Koobi 4.4/5.4 - gallery SQL Injection Koobi CMS 4.2.4/4.2.5/4.3.0 - Multiple SQL Injections Koobi Pro 6.25 - poll SQL Injection Dream4 Koobi CMS 4.2.4/4.2.5/4.3.0 - Multiple SQL Injections Dream4 Koobi Pro 6.25 Poll - 'poll_id' Parameter SQL Injection Podcast Generator 1.2 - GLOBALS[] Multiple Vulnerabilities Podcast Generator 1.2 - 'GLOBALS[]' Multiple Vulnerabilities DBHCMS Web Content Management System 1.1.4 - Remote File Inclusion DBHcms 1.1.4 - Remote File Inclusion Koobi Pro 6.1 - Gallery (img_id) Dream4 Koobi Pro 6.1 Gallery - 'img_id' Parameter SQL Injection dbhcms 1.1.4 - Persistent Cross-Site Scripting DBHcms 1.1.4 - Persistent Cross-Site Scripting DBHcms 1.1.4 (dbhcms_user and SearchString) - SQL Injection DBHcms 1.1.4 - 'dbhcms_user/SearchString' Parameter SQL Injection podcast generator 1.3 - Multiple Vulnerabilities Podcast Generator 1.3 - Multiple Vulnerabilities PHP Download Manager 1.1.x - files.php SQL Injection PHP Download Manager 1.1.x - 'files.php' SQL Injection Koobi 5.0 - BBCode URL Tag Script Injection Dream4 Koobi 5.0 - BBCode URL Tag Script Injection Koobi Pro 5.6 - showtopic Module toid Parameter Cross-Site Scripting Koobi Pro 5.6 - showtopic Module toid Parameter SQL Injection Dream4 Koobi Pro 5.6 - 'showtopic' Parameter SQL Injection Portail Web PHP 2.5.1 - config/conf-activation.php site_path Parameter Remote File Inclusion Portail Web PHP 2.5.1 - menu/item.php site_path Parameter Remote File Inclusion Portail Web PHP 2.5.1 - modules/conf_modules.php site_path Parameter Remote File Inclusion Portail Web PHP 2.5.1 - system/login.php site_path Parameter Remote File Inclusion Portail Web PHP 2.5.1 - 'conf-activation.php' Remote File Inclusion Portail Web PHP 2.5.1 - 'item.php' Remote File Inclusion Portail Web PHP 2.5.1 - 'conf_modules.php' Remote File Inclusion Portail Web PHP 2.5.1 - 'login.php' Remote File Inclusion Podcast Generator 0.96.2 - 'set_permissions.php' Cross-Site Scripting Barryvan Compo Manager 0.3 - 'main.php' Remote File Inclusion Centreon 1.4.2 - color_picker.php Multiple Cross-Site Scripting Vulnerabilities DrBenHur.com DBHcms 1.1.4 - 'dbhcms_core_dir' Parameter Remote File Inclusion DBHcms 1.1.4 - 'dbhcms_core_dir' Parameter Remote File Inclusion Boonex Dolphin 7.3.2 - Authentication Bypass / Remote Code Execution	2016-11-15 05:01:20 +00:00
Offensive Security	3c006aac19	DB: 2016-11-13	2016-11-13 05:01:17 +00:00
Offensive Security	5d83ac5392	DB: 2016-11-10 10 new exploits Too many to list!	2016-11-10 23:34:44 +00:00
Offensive Security	490539b3f3	DB: 2016-11-09 17 new exploits DigitalHive 2.0 RC2 - (base_include.php) Remote File Inclusion DigitalHive 2.0 RC2 - 'base_include.php' Remote File Inclusion DodosMail 2.0.1 - (dodosmail.php) Remote File Inclusion DodosMail 2.0.1 - 'dodosmail.php' Remote File Inclusion DoSePa 1.0.4 - (textview.php) Information Disclosure DoSePa 1.0.4 - 'textview.php' Information Disclosure TrueCrypt 4.3 - Privilege Escalation TrueCrypt 4.3 - 'setuid' Privilege Escalation w-Agora 4.2.1 - (cat) SQL Injection w-Agora 4.2.1 - 'cat' Parameter SQL Injection IPTBB 0.5.4 - (viewdir id) SQL Injection IPTBB 0.5.4 - 'id' Parameter SQL Injection LoudBlog 0.6.1 - (parsedpage) Remote Code Execution LoudBlog 0.6.1 - 'parsedpage' Parameter Remote Code Execution evilboard 0.1a - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities evilboard 0.1a - SQL Injection / Cross-Site Scripting QuickTime Player 7.3.1.70 - (rtsp) Buffer Overflow QuickTime Player 7.3.1.70 - 'RTSP' Buffer Overflow DigitalHive 2.0 RC2 - (user_id) SQL Injection DigitalHive 2.0 RC2 - 'user_id' Parameter SQL Injection X7 Chat 2.0.5 - 'day' SQL Injection X7 Chat 2.0.5 - 'day' Parameter SQL Injection HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos Exploit HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/DoS Cisco VPN Client - Integer Overflow (DOS) Cisco VPN Client - Integer Overflow (DoS) Multiple WordPress Plugins - timthumb.php File Upload Multiple WordPress Plugins - 'timthumb.php' File Upload glibc - LD_AUDIT Arbitrary DSO Load Privilege Escalation glibc - 'LD_AUDIT' Arbitrary DSO Load Privilege Escalation NetServe FTP Client 1.0 - Local DOS (Overflow) NetServe FTP Client 1.0 - Local DoS (Overflow) Microsoft Windows Server 2008/2012 - LDAP RootDSE Netlogon Denial Of Service (PoC) Internet Explorer 8-11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080 / MS14-084) Internet Explorer 9 MSHTML - CPtsTextParaclient::CountApes Out-of-Bounds Read Microsoft Internet Explorer 8-11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084) Microsoft Internet Explorer 9 MSHTML - CPtsTextParaclient::CountApes Out-of-Bounds Read Linux Kernel 2.6.x < 2.6.7-rc3 - 'sys_chown()' Privilege Escalation Solaris 8/9 ps - Environment Variable Information leak Solaris 7/8/9 CDE libDtHelp - Buffer Overflow dtprintinfo Privilege Escalation Solaris 7/8/9 CDE libDtHelp - Buffer Overflow Non-Exec Stack Privilege Escalation Solaris 8/9 passwd(1) - 'circ()' Stack-Based Buffer Overflow Privilege Escalation Linux Kernel - TCP Related Read Use-After-Free WordPress Plugin 'XCloner' 3.1.5 - Multiple Vulnerabilities WordPress Plugin 404 to 301 2.2.8 - Persistent Cross-Site Scripting WordPress Plugin WassUp Real Time Analytics 1.9 - Persistent Cross-Site Scripting MOVISTAR ADSL Router BHS_RTA - Remote File Disclosure D-Link ADSL Router DSL-2730U/2750U/2750E - Remote File Disclosure NETGEAR ADSL Router JNR1010 - Authenticated Remote File Disclosure NETGEAR ADSL Router WNR500/WNR612v3/JNR1010/JNR2010 - Authenticated Remote File Disclosure PLANET ADSL Router AND-4101 - Remote File Disclosure Eir D1000 Wireless Router - WAN Side Remote Command Injection (Metasploit) Avira Antivirus 15.0.21.86 - '.zip' Directory Traversal / Command Execution	2016-11-09 05:01:25 +00:00

1 2 3 4 5 ...

413 commits