exploit-db-mirror

bpmcdevitt/exploit-db-mirror

Fork 0

Commit graph

Author	SHA1	Message	Date
Offensive Security	2c01698aec	DB: 2016-03-22 14 new exploits Drupal <= 4.5.3 & <= 4.6.1 Comments PHP Injection Exploit Drupal <= 4.5.3 & <= 4.6.1 - Comments PHP Injection Exploit phpBB 2.0.15 - Remote PHP Code Execution Exploit (metasploit) phpBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit vBulletin <= 3.0.6 (Template) Command Execution Exploit (metasploit) vBulletin <= 3.0.6 (Template) Command Execution Exploit (Metasploit WordPress <= 1.5.1.3 - Remote Code Execution eXploit (metasploit) WordPress <= 1.5.1.3 - Remote Code Execution eXploit (Metasploit Solaris <= 10 LPD Arbitrary File Delete Exploit (metasploit) Solaris <= 10 LPD Arbitrary File Delete Exploit (Metasploit Horde <= 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (metasploit) Horde <= 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (Metasploit Softerra PHP Developer Library <= 1.5.3 File Include Vulnerabilities Softerra PHP Developer Library <= 1.5.3 - File Include Vulnerabilities IDEAL Administration 2009 9.7 - Buffer Overflow - Metasploit Universal IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit) PHP RapidKill Pro 5.x Shell Upload Vulnerability PHP RapidKill Pro 5.x - Shell Upload Vulnerability Shellcode - Win32 MessageBox (Metasploit module) Shellcode - Win32 MessageBox (Metasploit) Php Nuke 8.x.x - BlindSQL Injection Vulnerability PHP-Nuke 8.x.x - BlindSQL Injection Vulnerability Integard Pro 2.2.0.9026 - (Win7 ROP-Code Metasploit Module) Integard Pro 2.2.0.9026 - Windows 7 ROP-Code (Metasploit) Digital Music Pad 8.2.3.3.4 - SEH Overflow Metasploit Module Digital Music Pad 8.2.3.3.4 - SEH Overflow (Metasploit) MaticMarket 2.02 for PHP Nuke LFI Vulnerability MaticMarket 2.02 for PHP-Nuke - LFI Vulnerability Microsoft Word 2003 - Record Parsing Buffer Overflow (Metasploit) (MS09-027) Microsoft Word 2003 - Record Parsing Buffer Overflow (MS09-027) (Metasploit) Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (Metasploit) (0day) Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (0day) (Metasploit) Metasploit 4.1.0 Web UI stored XSS Vulnerability Metasploit 4.1.0 Web UI - Stored XSS Vulnerability PHP Nuke 1.0/2.5/3.0/4.x - Remote Ad Banner URL Change Vulnerability PHP-Nuke 1.0/2.5/3.0/4.x - Remote Ad Banner URL Change Vulnerability Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability (metasploit) Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability (Metasploit PHP Nuke 5.0 - 'user.php' Form Element Substitution Vulnerabilty PHP-Nuke 5.0 - 'user.php' Form Element Substitution Vulnerabilty PHP Nuke 5.x Error Message Web Root Disclosure Vulnerability PHP-Nuke 5.x - Error Message Web Root Disclosure Vulnerability PHP Nuke 8.2.4 - CSRF Vulnerability PHP-Nuke 8.2.4 - CSRF Vulnerability DCP-Portal 3.7/4.x/5.x Calendar.PHP HTTP Response Splitting Vulnerability DCP-Portal 3.7/4.x/5.x - Calendar.PHP HTTP Response Splitting Vulnerability PHP Nuke 0-7 Double Hex Encoded Input Validation Vulnerability PHP-Nuke 0-7 - Double Hex Encoded Input Validation Vulnerability PHP 4.x/5.x Html_Entity_Decode() Information Disclosure Vulnerability PHP 4.x/5.x - Html_Entity_Decode() Information Disclosure Vulnerability Western Digital Arkeia Remote Code Execution (Metasploit) Western Digital Arkeia - Remote Code Execution (Metasploit) Apache + PHP 5.x (< 5.3.12 & < 5.4.2) - cgi-bin Remote Code Execution Exploit Apache + PHP 5.x (< 5.3.12 / < 5.4.2) - Remote Code Execution (Multithreaded Scanner) Apache + PHP 5.x (< 5.3.12 & < 5.4.2) - Remote Code Execution (Multithreaded Scanner) PHP PEAR <= 1.5.3 INSTALL-AS Attribute Arbitrary File Overwrite Vulnerability PHP PEAR <= 1.5.3 - INSTALL-AS Attribute Arbitrary File Overwrite Vulnerability GNU bash Environment Variable Command Injection (Metasploit) GNU Bash - Environment Variable Command Injection (Metasploit) Bash - CGI RCE (Metasploit) Shellshock Exploit Bash - CGI RCE Shellshock Exploit (Metasploit) Endian Firewall < 3.0.0 - OS Command Injection (Metasploit Module) Endian Firewall < 3.0.0 - OS Command Injection (Metasploit) Windows - Secondary Logon Standard Handles Missing Sanitization Privilege Escalation (MS16-032) WordPress eBook Download Plugin 1.1 - Directory Traversal WordPress Import CSV Plugin 1.0 - Directory Traversal WordPress Abtest Plugin - Local File Inclusion Internet Download Manager 6.25 Build 14 - 'Find file' Unicode SEH Exploit Disc ORGanizer - DORG - Multiple Vulnerabilities D-Link DWR-932 Firmware 4.00 - Authentication Bypass Xoops 2.5.7.2 - Arbitrary User Deletions CSRF Xoops 2.5.7.2 - Directory Traversal Bypass WordPress Image Export Plugin 1.1.0 - Arbitrary File Disclosure Sysax Multi Server 6.50 - HTTP File Share SEH Overflow RCE Exploit Dating Pro Genie 2015.7 - CSRF Vulnerabilities iTop 2.2.1 - CSRF Vulnerability ProjectSend r582 - Multiple XSS Vulnerabilities	2016-03-22 05:02:50 +00:00

Author

SHA1

Message

Date

Offensive Security

2c01698aec

DB: 2016-03-22

14 new exploits

Drupal <= 4.5.3 & <= 4.6.1 Comments PHP Injection Exploit
Drupal <= 4.5.3 & <= 4.6.1 - Comments PHP Injection Exploit

phpBB 2.0.15 - Remote PHP Code Execution Exploit (metasploit)
phpBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit

vBulletin <= 3.0.6 (Template) Command Execution Exploit (metasploit)
vBulletin <= 3.0.6 (Template) Command Execution Exploit (Metasploit

WordPress <= 1.5.1.3 - Remote Code Execution eXploit (metasploit)
WordPress <= 1.5.1.3 - Remote Code Execution eXploit (Metasploit

Solaris <= 10 LPD Arbitrary File Delete Exploit (metasploit)
Solaris <= 10 LPD Arbitrary File Delete Exploit (Metasploit

Horde <= 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (metasploit)
Horde <= 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (Metasploit

Softerra PHP Developer Library <= 1.5.3 File Include Vulnerabilities
Softerra PHP Developer Library <= 1.5.3 - File Include Vulnerabilities

IDEAL Administration 2009 9.7 - Buffer Overflow - Metasploit Universal
IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)

PHP RapidKill Pro 5.x Shell Upload Vulnerability
PHP RapidKill Pro 5.x - Shell Upload Vulnerability

Shellcode - Win32 MessageBox (Metasploit module)
Shellcode - Win32 MessageBox (Metasploit)

Php Nuke 8.x.x - BlindSQL Injection Vulnerability
PHP-Nuke 8.x.x - BlindSQL Injection Vulnerability

Integard Pro 2.2.0.9026 - (Win7 ROP-Code Metasploit Module)
Integard Pro 2.2.0.9026 - Windows 7 ROP-Code  (Metasploit)

Digital Music Pad 8.2.3.3.4 - SEH Overflow Metasploit Module
Digital Music Pad 8.2.3.3.4 - SEH Overflow (Metasploit)

MaticMarket 2.02 for PHP Nuke LFI Vulnerability
MaticMarket 2.02 for PHP-Nuke - LFI Vulnerability

Microsoft Word 2003 - Record Parsing Buffer Overflow (Metasploit) (MS09-027)
Microsoft Word 2003 - Record Parsing Buffer Overflow (MS09-027) (Metasploit)

Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (Metasploit) (0day)
Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (0day) (Metasploit)

Metasploit 4.1.0 Web UI stored XSS Vulnerability
Metasploit 4.1.0 Web UI - Stored XSS Vulnerability

PHP Nuke 1.0/2.5/3.0/4.x - Remote Ad Banner URL Change Vulnerability
PHP-Nuke 1.0/2.5/3.0/4.x - Remote Ad Banner URL Change Vulnerability

Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability (metasploit)
Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability (Metasploit

PHP Nuke 5.0 - 'user.php' Form Element Substitution Vulnerabilty
PHP-Nuke 5.0 - 'user.php' Form Element Substitution Vulnerabilty

PHP Nuke 5.x Error Message Web Root Disclosure Vulnerability
PHP-Nuke 5.x - Error Message Web Root Disclosure Vulnerability

PHP Nuke 8.2.4 - CSRF Vulnerability
PHP-Nuke 8.2.4 - CSRF Vulnerability

DCP-Portal 3.7/4.x/5.x Calendar.PHP HTTP Response Splitting Vulnerability
DCP-Portal 3.7/4.x/5.x - Calendar.PHP HTTP Response Splitting Vulnerability

PHP Nuke 0-7 Double Hex Encoded Input Validation Vulnerability
PHP-Nuke 0-7 - Double Hex Encoded Input Validation Vulnerability

PHP 4.x/5.x Html_Entity_Decode() Information Disclosure Vulnerability
PHP 4.x/5.x - Html_Entity_Decode() Information Disclosure Vulnerability

Western Digital Arkeia Remote Code Execution (Metasploit)
Western Digital Arkeia - Remote Code Execution (Metasploit)

Apache + PHP 5.x (< 5.3.12 & < 5.4.2) - cgi-bin Remote Code Execution Exploit

Apache + PHP 5.x (< 5.3.12 / < 5.4.2) - Remote Code Execution (Multithreaded Scanner)
Apache + PHP 5.x (< 5.3.12 & < 5.4.2) - Remote Code Execution (Multithreaded Scanner)

PHP PEAR <= 1.5.3 INSTALL-AS Attribute Arbitrary File Overwrite Vulnerability
PHP PEAR <= 1.5.3 - INSTALL-AS Attribute Arbitrary File Overwrite Vulnerability

GNU bash Environment Variable Command Injection (Metasploit)
GNU Bash - Environment Variable Command Injection (Metasploit)

Bash - CGI RCE (Metasploit) Shellshock Exploit
Bash - CGI RCE Shellshock Exploit (Metasploit)

Endian Firewall < 3.0.0 - OS Command Injection (Metasploit Module)
Endian Firewall < 3.0.0 - OS Command Injection (Metasploit)
Windows - Secondary Logon Standard Handles Missing Sanitization Privilege Escalation (MS16-032)
WordPress eBook Download Plugin 1.1 - Directory Traversal
WordPress Import CSV Plugin 1.0 - Directory Traversal
WordPress Abtest Plugin - Local File Inclusion
Internet Download Manager 6.25 Build 14 - 'Find file' Unicode SEH Exploit
Disc ORGanizer - DORG - Multiple Vulnerabilities
D-Link DWR-932 Firmware 4.00 - Authentication Bypass
Xoops 2.5.7.2 - Arbitrary User Deletions CSRF
Xoops 2.5.7.2 - Directory Traversal Bypass
WordPress Image Export Plugin 1.1.0 - Arbitrary File Disclosure
Sysax Multi Server 6.50 - HTTP File Share SEH Overflow RCE Exploit
Dating Pro Genie 2015.7 - CSRF Vulnerabilities
iTop 2.2.1 - CSRF Vulnerability
ProjectSend r582 - Multiple XSS Vulnerabilities

2016-03-22 05:02:50 +00:00

1 commit