bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1197 commits 1 branch 0 tags 351 MiB
Commit graph

1 commit

Author SHA1 Message Date
Offensive Security
6a202bbb97 DB: 2016-12-27 
4 new exploits

Serv-U FTP Server < 5.2 - Remote Denial of Service
RhinoSoft Serv-U FTP Server < 5.2 - Remote Denial of Service

Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service
RhinoSoft Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service

Serv-U FTP Server 7.4.0.1 - (SMNT) Authenticated Denial of Service
RhinoSoft Serv-U FTP Server 7.4.0.1 - (SMNT) Authenticated Denial of Service

FTPShell Server 6.36 - '.csv' Local Denial of Service

Serv-U FTP Server 3.x < 5.x - Privilege Escalation
RhinoSoft Serv-U FTP Server 3.x < 5.x - Privilege Escalation

Wampserver 3.0.6 - Insecure File Permissions Privilege Escalation

Serv-U FTP Server 7.4.0.1 - (MKD) Create Arbitrary Directories Exploit
RhinoSoft Serv-U FTP Server 7.4.0.1 - 'MKD' Create Arbitrary Directories Exploit

Serv-U FTP Server 2.4/2.5 - FTP Directory Traversal
Cat Soft Serv-U FTP Server 2.4/2.5 - FTP Directory Traversal

IndexScript 2.8 - (show_cat.php cat_id) SQL Injection
IndexScript 2.8 - 'cat_id' Parameter SQL Injection

GForge < 4.6b2 - (skill_delete) SQL Injection
GForge < 4.6b2 - 'skill_delete' Parameter SQL Injection

torrenttrader classic 1.07 - Multiple Vulnerabilities
TorrentTrader Classic 1.07 - Multiple Vulnerabilities

Camera Life 2.6.2 - 'id' SQL Injection
Camera Life 2.6.2 - 'id' Parameter SQL Injection

Full PHP Emlak Script - 'arsaprint.php id' SQL Injection
Full PHP Emlak Script - 'arsaprint.php' SQL Injection

CCMS 3.1 - (skin) Multiple Local File Inclusion
CCMS 3.1 - 'skin' Parameter Local File Inclusion

JMweb - Multiple (src) Local File Inclusion
JMweb - 'src' Parameter Local File Inclusion

geccBBlite 2.0 - (leggi.php id) SQL Injection
geccBBlite 2.0 - 'id' Parameter SQL Injection
PHP-Fusion Mod raidtracker_panel - (INFO_RAID_ID) SQL Injection
PHP-Fusion Mod recept - (kat_id) SQL Injection
PHP-Fusion Mod raidtracker_panel - 'INFO_RAID_ID' Parameter SQL Injection
PHP-Fusion Mod recept - 'kat_id' Parameter SQL Injection

Yerba SACphp 6.3 - (mod) Local File Inclusion
Yerba SACphp 6.3 - Local File Inclusion

Joomla! Component com_hotspots - (w) SQL Injection
Joomla! Component com_hotspots - SQL Injection
PHP Realtor 1.5 - (view_cat.php v_cat) SQL Injection
PHP Auto Dealer 2.7 - (view_cat.php v_cat) SQL Injection
PHP Autos 2.9.1 - (searchresults.php catid) SQL Injection
Built2Go PHP Realestate 1.5 - (event_detail.php) SQL Injection
PHP Realtor 1.5 - 'v_cat' Parameter SQL Injection
PHP Auto Dealer 2.7 - 'v_cat' Parameter SQL Injection
PHP Autos 2.9.1 - 'catid' Parameter SQL Injection
Built2Go PHP Realestate 1.5 - 'event_detail.php' SQL Injection

AdMan 1.1.20070907 - 'campaignId' SQL Injection
AdMan 1.1.20070907 - 'campaignId' Parameter SQL Injection
Gforge 4.5.19 - Multiple SQL Injections
Gforge 4.6 rc1 - (skill_edit) SQL Injection
GForge 4.5.19 - Multiple SQL Injections
Gforge 4.6 rc1 - 'skill_edit' Parameter SQL Injection

camera Life 2.6.2b4 - SQL Injection / Cross-Site Scripting
Camera Life 2.6.2b4 - SQL Injection / Cross-Site Scripting

IranMC Arad Center - 'news.php id' SQL Injection
IranMC Arad Center - SQL Injection

Ayco Okul Portali - (linkid) SQL Injection (tr)
Ayco Okul Portali - 'linkid' Parameter SQL Injection

Easynet4u faq Host - 'faq.php faq' SQL Injection
Easynet4u faq Host - 'faq.php' SQL Injection
MunzurSoft Wep Portal W3 - (kat) SQL Injection
Easynet4u Link Host - 'cat_id' SQL Injection
SlimCMS 1.0.0 - (redirect.php) Privilege Escalation
Joomla! Component ownbiblio 1.5.3 - 'catid' SQL Injection
MunzurSoft Wep Portal W3 - 'kat' Parameter SQL Injection
Easynet4u Link Host - 'cat_id' Parameter SQL Injection
SlimCMS 1.0.0 - 'redirect.php' Privilege Escalation
Joomla! Component ownbiblio 1.5.3 - 'catid' Parameter SQL Injection

Real Estate Scripts 2008 - 'index.php cat' SQL Injection
Real Estate Scripts 2008 - 'cat' Parameter SQL Injection
ParsBlogger - 'links.asp id' SQL Injection
IndexScript 3.0 - (sug_cat.php parent_id) SQL Injection
ParsBlogger - 'links.asp' SQL Injection
IndexScript 3.0 - 'parent_id' Parameter SQL Injection

XOOPS Module xhresim - 'index.php no' SQL Injection
XOOPS Module xhresim - SQL Injection

SezHoo 0.1 - (IP) Remote File Inclusion
SezHoo 0.1 - Remote File Inclusion

torrenttrader classic 1.09 - Multiple Vulnerabilities
TorrentTrader Classic 1.09 - Multiple Vulnerabilities

AdaptCMS Lite 1.5 2009-07-07 - Exploit
AdaptCMS Lite 1.5 - Arbitrary Add Admin

Absolute Poll Manager XE 4.1 - xlaapmview.asp Cross-Site Scripting
Absolute Poll Manager XE 4.1 - 'xlaapmview.asp' Cross-Site Scripting

GForge 3.1/4.5/4.6 - Verify.php Cross-Site Scripting
GForge 3.1/4.5/4.6 - 'Verify.php' Cross-Site Scripting
OpenNMS 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting
OpenNMS 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting
OpenNMS 1.5.x - event/list filter Parameter Cross-Site Scripting
OpenNMS 1.5.x - 'j_username' Parameter Cross-Site Scripting
OpenNMS 1.5.x - 'Username' Parameter Cross-Site Scripting
OpenNMS 1.5.x - 'filter' Parameter Cross-Site Scripting
ManageEngine ADManager Plus 5.2 Build 5210 - DomainConfig.do Operation Parameter Cross-Site Scripting
ManageEngine ADManager Plus 5.2 Build 5210 - jsp/AddDC.jsp domainName Parameter Cross-Site Scripting
ManageEngine ADManager Plus 5.2 Build 5210 - 'Operation' Parameter Cross-Site Scripting
ManageEngine ADManager Plus 5.2 Build 5210 - 'domainName' Parameter Cross-Site Scripting
Joomla! Component Blog Calendar - SQL Injection
PHPMailer 5.2.17 - Remote Code Execution
 2016-12-27 05:01:16 +00:00